summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--dbm/.cvsignore1
-rw-r--r--dbm/Makefile.in36
-rw-r--r--dbm/include/.cvsignore1
-rw-r--r--dbm/include/MANIFEST17
-rw-r--r--dbm/include/Makefile.in55
-rw-r--r--dbm/include/Makefile.win60
-rw-r--r--dbm/include/cdefs.h165
-rw-r--r--dbm/include/extern.h65
-rw-r--r--dbm/include/hash.h337
-rw-r--r--dbm/include/hsearch.h51
-rw-r--r--dbm/include/mcom_db.h458
-rw-r--r--dbm/include/mpool.h99
-rw-r--r--dbm/include/ncompat.h232
-rw-r--r--dbm/include/ndbm.h77
-rw-r--r--dbm/include/nsres.h41
-rw-r--r--dbm/include/page.h96
-rw-r--r--dbm/include/queue.h245
-rw-r--r--dbm/include/search.h51
-rw-r--r--dbm/include/watcomfx.h26
-rw-r--r--dbm/include/winfile.h106
-rw-r--r--dbm/macbuild/DBM.Prefix33
-rw-r--r--dbm/macbuild/DBM.xml4326
-rw-r--r--dbm/macbuild/DBMConfig.h23
-rw-r--r--dbm/macbuild/DBMDebug.Prefix32
-rw-r--r--dbm/macbuild/macstubs.c8
-rw-r--r--dbm/src/.cvsignore1
-rw-r--r--dbm/src/Makefile.in75
-rw-r--r--dbm/src/Makefile.win96
-rw-r--r--dbm/src/db.c144
-rw-r--r--dbm/src/h_bigkey.c713
-rw-r--r--dbm/src/h_func.c211
-rw-r--r--dbm/src/h_log2.c56
-rw-r--r--dbm/src/h_page.c1290
-rw-r--r--dbm/src/hash.c1255
-rw-r--r--dbm/src/hash_buf.c414
-rw-r--r--dbm/src/hsearch.c108
-rw-r--r--dbm/src/memmove.c150
-rw-r--r--dbm/src/mktemp.c166
-rw-r--r--dbm/src/ndbm.c195
-rw-r--r--dbm/src/nsres.c305
-rw-r--r--dbm/src/snprintf.c75
-rw-r--r--dbm/src/strerror.c78
-rw-r--r--dbm/tests/.cvsignore3
-rw-r--r--dbm/tests/Makefile.in43
-rw-r--r--dbm/tests/lots.c639
-rw-r--r--security/coreconf/AIX.mk84
-rw-r--r--security/coreconf/AIX3.2.mk35
-rw-r--r--security/coreconf/AIX4.1.mk55
-rw-r--r--security/coreconf/AIX4.2.mk50
-rw-r--r--security/coreconf/AIX4.3.mk55
-rw-r--r--security/coreconf/AIX5.1.mk54
-rw-r--r--security/coreconf/BSD_OS.mk88
-rw-r--r--security/coreconf/BeOS.mk79
-rw-r--r--security/coreconf/Darwin.mk78
-rw-r--r--security/coreconf/FreeBSD.mk83
-rw-r--r--security/coreconf/HP-UX.mk76
-rw-r--r--security/coreconf/HP-UXA.09.03.mk44
-rw-r--r--security/coreconf/HP-UXA.09.07.mk43
-rw-r--r--security/coreconf/HP-UXA.09.mk38
-rw-r--r--security/coreconf/HP-UXB.10.01.mk40
-rw-r--r--security/coreconf/HP-UXB.10.10.mk50
-rw-r--r--security/coreconf/HP-UXB.10.20.mk50
-rw-r--r--security/coreconf/HP-UXB.10.30.mk56
-rw-r--r--security/coreconf/HP-UXB.10.mk38
-rw-r--r--security/coreconf/HP-UXB.11.00.mk55
-rw-r--r--security/coreconf/HP-UXB.11.11.mk55
-rw-r--r--security/coreconf/HP-UXB.11.20.mk55
-rw-r--r--security/coreconf/HP-UXB.11.mk73
-rw-r--r--security/coreconf/IRIX.mk124
-rw-r--r--security/coreconf/IRIX5.2.mk35
-rw-r--r--security/coreconf/IRIX5.3.mk37
-rw-r--r--security/coreconf/IRIX5.mk40
-rw-r--r--security/coreconf/IRIX6.2.mk43
-rw-r--r--security/coreconf/IRIX6.3.mk42
-rw-r--r--security/coreconf/IRIX6.5.mk45
-rw-r--r--security/coreconf/IRIX6.mk47
-rw-r--r--security/coreconf/Linux.mk150
-rw-r--r--security/coreconf/Linux2.1.mk49
-rw-r--r--security/coreconf/Linux2.2.mk49
-rw-r--r--security/coreconf/Linux2.4.mk49
-rw-r--r--security/coreconf/Linux2.5.mk49
-rw-r--r--security/coreconf/LinuxELF1.2.mk36
-rw-r--r--security/coreconf/LinuxELF2.0.mk36
-rw-r--r--security/coreconf/Makefile43
-rw-r--r--security/coreconf/NCR3.0.mk95
-rw-r--r--security/coreconf/NEC4.2.mk66
-rw-r--r--security/coreconf/NetBSD.mk86
-rw-r--r--security/coreconf/OS2.mk276
-rw-r--r--security/coreconf/OSF1.mk72
-rw-r--r--security/coreconf/OSF1V2.0.mk35
-rw-r--r--security/coreconf/OSF1V3.0.mk35
-rw-r--r--security/coreconf/OSF1V3.2.mk44
-rw-r--r--security/coreconf/OSF1V4.0.mk51
-rw-r--r--security/coreconf/OSF1V4.0B.mk35
-rw-r--r--security/coreconf/OSF1V4.0D.mk39
-rw-r--r--security/coreconf/OSF1V5.0.mk47
-rw-r--r--security/coreconf/OSF1V5.1.mk47
-rw-r--r--security/coreconf/OpenBSD.mk62
-rw-r--r--security/coreconf/OpenUNIX.mk91
-rwxr-xr-xsecurity/coreconf/OpenVMS.mk60
-rwxr-xr-xsecurity/coreconf/OpenVMSV7.1-2.mk22
-rw-r--r--security/coreconf/QNX.mk70
-rw-r--r--security/coreconf/README560
-rw-r--r--security/coreconf/ReliantUNIX.mk88
-rw-r--r--security/coreconf/ReliantUNIX5.4.mk35
-rw-r--r--security/coreconf/SCOOS5.0.mk36
-rw-r--r--security/coreconf/SCO_SV3.2.mk91
-rw-r--r--security/coreconf/SunOS4.1.3_U1.mk58
-rw-r--r--security/coreconf/SunOS5.10.mk44
-rwxr-xr-xsecurity/coreconf/SunOS5.10_i86pc.mk48
-rw-r--r--security/coreconf/SunOS5.3.mk38
-rw-r--r--security/coreconf/SunOS5.4.mk38
-rw-r--r--security/coreconf/SunOS5.4_i86pc.mk67
-rw-r--r--security/coreconf/SunOS5.5.1.mk44
-rw-r--r--security/coreconf/SunOS5.5.1_i86pc.mk46
-rw-r--r--security/coreconf/SunOS5.5.mk42
-rw-r--r--security/coreconf/SunOS5.6.mk44
-rw-r--r--security/coreconf/SunOS5.6_i86pc.mk46
-rw-r--r--security/coreconf/SunOS5.7.mk44
-rw-r--r--security/coreconf/SunOS5.7_i86pc.mk48
-rw-r--r--security/coreconf/SunOS5.8.mk44
-rw-r--r--security/coreconf/SunOS5.8_i86pc.mk48
-rwxr-xr-xsecurity/coreconf/SunOS5.9.mk44
-rwxr-xr-xsecurity/coreconf/SunOS5.9_i86pc.mk48
-rw-r--r--security/coreconf/SunOS5.mk177
-rw-r--r--security/coreconf/UNIX.mk92
-rw-r--r--security/coreconf/UNIXWARE2.1.mk57
-rw-r--r--security/coreconf/WIN16.mk209
-rw-r--r--security/coreconf/WIN32.mk276
-rw-r--r--security/coreconf/WIN954.0.mk63
-rw-r--r--security/coreconf/WINCE.mk207
-rw-r--r--security/coreconf/WINCE3.0.mk99
-rw-r--r--security/coreconf/WINNT3.51.mk64
-rw-r--r--security/coreconf/WINNT4.0.mk65
-rw-r--r--security/coreconf/WINNT5.0.mk65
-rw-r--r--security/coreconf/WINNT5.1.mk65
-rw-r--r--security/coreconf/arch.mk333
-rw-r--r--security/coreconf/command.mk55
-rw-r--r--security/coreconf/config.mk168
-rw-r--r--security/coreconf/coreconf.pl156
-rwxr-xr-xsecurity/coreconf/cpdist.pl195
-rw-r--r--security/coreconf/headers.mk60
-rwxr-xr-xsecurity/coreconf/import.pl218
-rw-r--r--security/coreconf/jdk.mk626
-rwxr-xr-xsecurity/coreconf/jniregen.pl107
-rw-r--r--security/coreconf/location.mk66
-rw-r--r--security/coreconf/makefile.win100
-rw-r--r--security/coreconf/module.mk65
-rw-r--r--security/coreconf/nsinstall/Makefile68
-rwxr-xr-xsecurity/coreconf/nsinstall/nfspwd46
-rw-r--r--security/coreconf/nsinstall/nfspwd.pl46
-rw-r--r--security/coreconf/nsinstall/nsinstall.c450
-rw-r--r--security/coreconf/nsinstall/pathsub.c303
-rw-r--r--security/coreconf/nsinstall/pathsub.h77
-rw-r--r--security/coreconf/nsinstall/sunos4.h163
-rwxr-xr-xsecurity/coreconf/outofdate.pl67
-rw-r--r--security/coreconf/prefix.mk72
-rwxr-xr-xsecurity/coreconf/release.pl129
-rw-r--r--security/coreconf/rules.mk973
-rw-r--r--security/coreconf/ruleset.mk237
-rw-r--r--security/coreconf/source.mk190
-rw-r--r--security/coreconf/suffix.mk95
-rw-r--r--security/coreconf/tree.mk80
-rw-r--r--security/coreconf/version.mk105
-rw-r--r--security/coreconf/version.pl76
-rw-r--r--security/nss/Makefile168
-rw-r--r--security/nss/cmd/.cvsignore1
-rw-r--r--security/nss/cmd/Makefile182
-rw-r--r--security/nss/cmd/SSLsample/Makefile44
-rw-r--r--security/nss/cmd/SSLsample/Makefile.NSS58
-rw-r--r--security/nss/cmd/SSLsample/NSPRerrs.h133
-rw-r--r--security/nss/cmd/SSLsample/README43
-rw-r--r--security/nss/cmd/SSLsample/SECerrs.h441
-rw-r--r--security/nss/cmd/SSLsample/SSLerrs.h366
-rw-r--r--security/nss/cmd/SSLsample/client.c453
-rw-r--r--security/nss/cmd/SSLsample/client.mn50
-rwxr-xr-xsecurity/nss/cmd/SSLsample/gencerts79
-rw-r--r--security/nss/cmd/SSLsample/make.client78
-rw-r--r--security/nss/cmd/SSLsample/make.server77
-rwxr-xr-xsecurity/nss/cmd/SSLsample/nmakefile95.nss60
-rwxr-xr-xsecurity/nss/cmd/SSLsample/nmakefilent.nss59
-rw-r--r--security/nss/cmd/SSLsample/server.c822
-rw-r--r--security/nss/cmd/SSLsample/server.mn48
-rw-r--r--security/nss/cmd/SSLsample/sslerror.h110
-rw-r--r--security/nss/cmd/SSLsample/sslsample.c591
-rw-r--r--security/nss/cmd/SSLsample/sslsample.h178
-rw-r--r--security/nss/cmd/addbuiltin/Makefile76
-rw-r--r--security/nss/cmd/addbuiltin/addbuiltin.c357
-rw-r--r--security/nss/cmd/addbuiltin/manifest.mn49
-rw-r--r--security/nss/cmd/atob/Makefile76
-rw-r--r--security/nss/cmd/atob/atob.c177
-rw-r--r--security/nss/cmd/atob/makefile.win155
-rw-r--r--security/nss/cmd/atob/manifest.mn50
-rw-r--r--security/nss/cmd/bltest/Makefile82
-rw-r--r--security/nss/cmd/bltest/blapitest.c2572
-rw-r--r--security/nss/cmd/bltest/manifest.mn54
-rw-r--r--security/nss/cmd/bltest/tests/README49
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/key06
-rw-r--r--security/nss/cmd/bltest/tests/dsa/keyseed01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/dsa/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/pqg04
-rw-r--r--security/nss/cmd/bltest/tests/dsa/sigseed01
-rw-r--r--security/nss/cmd/bltest/tests/md2/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/md2/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/md2/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/md5/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/md5/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/md5/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/ciphertext11
-rw-r--r--security/nss/cmd/bltest/tests/rc4/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/key11
-rw-r--r--security/nss/cmd/bltest/tests/rc4/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc4/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/plaintext11
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/params02
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/params02
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rsa/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rsa/key04
-rw-r--r--security/nss/cmd/bltest/tests/rsa/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rsa/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/sha1/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/sha1/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/sha1/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/sha256/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/sha256/ciphertext11
-rw-r--r--security/nss/cmd/bltest/tests/sha256/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/sha256/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/sha256/plaintext11
-rw-r--r--security/nss/cmd/bltest/tests/sha384/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/sha384/ciphertext11
-rw-r--r--security/nss/cmd/bltest/tests/sha384/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/sha384/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/sha384/plaintext11
-rw-r--r--security/nss/cmd/bltest/tests/sha512/ciphertext02
-rw-r--r--security/nss/cmd/bltest/tests/sha512/ciphertext12
-rw-r--r--security/nss/cmd/bltest/tests/sha512/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/sha512/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/sha512/plaintext11
-rw-r--r--security/nss/cmd/btoa/Makefile75
-rw-r--r--security/nss/cmd/btoa/btoa.c196
-rw-r--r--security/nss/cmd/btoa/makefile.win130
-rw-r--r--security/nss/cmd/btoa/manifest.mn49
-rw-r--r--security/nss/cmd/certcgi/HOWTO.txt168
-rw-r--r--security/nss/cmd/certcgi/Makefile76
-rw-r--r--security/nss/cmd/certcgi/ca.html48
-rw-r--r--security/nss/cmd/certcgi/ca_form.html385
-rw-r--r--security/nss/cmd/certcgi/certcgi.c2434
-rw-r--r--security/nss/cmd/certcgi/index.html956
-rw-r--r--security/nss/cmd/certcgi/main.html105
-rw-r--r--security/nss/cmd/certcgi/manifest.mn50
-rw-r--r--security/nss/cmd/certcgi/nscp_ext_form.html113
-rw-r--r--security/nss/cmd/certcgi/stnd_ext_form.html247
-rw-r--r--security/nss/cmd/certutil/Makefile76
-rw-r--r--security/nss/cmd/certutil/certutil.c2885
-rw-r--r--security/nss/cmd/certutil/keystuff.c411
-rw-r--r--security/nss/cmd/certutil/makefile.win155
-rw-r--r--security/nss/cmd/certutil/manifest.mn52
-rw-r--r--security/nss/cmd/checkcert/Makefile76
-rw-r--r--security/nss/cmd/checkcert/checkcert.c640
-rw-r--r--security/nss/cmd/checkcert/makefile.win130
-rw-r--r--security/nss/cmd/checkcert/manifest.mn47
-rw-r--r--security/nss/cmd/cmdlib/Makefile75
-rw-r--r--security/nss/cmd/cmdlib/cmdline.c474
-rw-r--r--security/nss/cmd/cmdlib/cmdutil.h115
-rw-r--r--security/nss/cmd/cmdlib/config.mk43
-rw-r--r--security/nss/cmd/cmdlib/manifest.mn49
-rw-r--r--security/nss/cmd/crlutil/Makefile76
-rw-r--r--security/nss/cmd/crlutil/crlutil.c478
-rw-r--r--security/nss/cmd/crlutil/makefile.win130
-rw-r--r--security/nss/cmd/crlutil/manifest.mn53
-rw-r--r--security/nss/cmd/crmf-cgi/Makefile81
-rw-r--r--security/nss/cmd/crmf-cgi/config.mk44
-rw-r--r--security/nss/cmd/crmf-cgi/crmfcgi.c1124
-rw-r--r--security/nss/cmd/crmf-cgi/crmfcgi.html165
-rw-r--r--security/nss/cmd/crmf-cgi/manifest.mn61
-rw-r--r--security/nss/cmd/crmftest/Makefile99
-rw-r--r--security/nss/cmd/crmftest/config.mk43
-rw-r--r--security/nss/cmd/crmftest/manifest.mn53
-rw-r--r--security/nss/cmd/crmftest/testcrmf.c1533
-rw-r--r--security/nss/cmd/dbck/Makefile75
-rw-r--r--security/nss/cmd/dbck/dbck.c1869
-rw-r--r--security/nss/cmd/dbck/manifest.mn49
-rw-r--r--security/nss/cmd/dbtest/Makefile88
-rw-r--r--security/nss/cmd/dbtest/dbtest.c181
-rw-r--r--security/nss/cmd/dbtest/makefile.win130
-rw-r--r--security/nss/cmd/dbtest/manifest.mn50
-rw-r--r--security/nss/cmd/derdump/Makefile76
-rw-r--r--security/nss/cmd/derdump/derdump.c135
-rw-r--r--security/nss/cmd/derdump/makefile.win130
-rw-r--r--security/nss/cmd/derdump/manifest.mn49
-rw-r--r--security/nss/cmd/digest/Makefile76
-rw-r--r--security/nss/cmd/digest/digest.c254
-rw-r--r--security/nss/cmd/digest/makefile.win130
-rw-r--r--security/nss/cmd/digest/manifest.mn50
-rw-r--r--security/nss/cmd/ilock/Makefile75
-rw-r--r--security/nss/cmd/ilock/ilock.c199
-rw-r--r--security/nss/cmd/ilock/manifest.mn44
-rw-r--r--security/nss/cmd/include/secnew.h163
-rw-r--r--security/nss/cmd/keyutil/Makefile73
-rw-r--r--security/nss/cmd/keyutil/keyutil.c340
-rw-r--r--security/nss/cmd/keyutil/manifest.mn50
-rw-r--r--security/nss/cmd/lib/Makefile76
-rw-r--r--security/nss/cmd/lib/NSPRerrs.h150
-rw-r--r--security/nss/cmd/lib/SECerrs.h476
-rw-r--r--security/nss/cmd/lib/SSLerrs.h366
-rw-r--r--security/nss/cmd/lib/berparse.c404
-rw-r--r--security/nss/cmd/lib/config.mk43
-rw-r--r--security/nss/cmd/lib/derprint.c619
-rw-r--r--security/nss/cmd/lib/ffs.c48
-rw-r--r--security/nss/cmd/lib/makefile.win66
-rw-r--r--security/nss/cmd/lib/manifest.mn53
-rw-r--r--security/nss/cmd/lib/seccnames.c204
-rw-r--r--security/nss/cmd/lib/secerror.c107
-rw-r--r--security/nss/cmd/lib/secpwd.c199
-rw-r--r--security/nss/cmd/lib/secutil.c2622
-rw-r--r--security/nss/cmd/lib/secutil.h327
-rw-r--r--security/nss/cmd/makefile.inc84
-rw-r--r--security/nss/cmd/makefile.win48
-rw-r--r--security/nss/cmd/makepqg/Makefile77
-rw-r--r--security/nss/cmd/makepqg/makefile.win156
-rw-r--r--security/nss/cmd/makepqg/makepqg.c290
-rw-r--r--security/nss/cmd/makepqg/manifest.mn47
-rw-r--r--security/nss/cmd/makepqg/testit.ksh41
-rw-r--r--security/nss/cmd/manifest.mn90
-rw-r--r--security/nss/cmd/modutil/Makefile80
-rw-r--r--security/nss/cmd/modutil/README7
-rw-r--r--security/nss/cmd/modutil/config.mk77
-rw-r--r--security/nss/cmd/modutil/error.h182
-rw-r--r--security/nss/cmd/modutil/install-ds.c1541
-rw-r--r--security/nss/cmd/modutil/install-ds.h290
-rw-r--r--security/nss/cmd/modutil/install.c985
-rw-r--r--security/nss/cmd/modutil/install.h130
-rw-r--r--security/nss/cmd/modutil/installparse.c429
-rw-r--r--security/nss/cmd/modutil/installparse.h3
-rw-r--r--security/nss/cmd/modutil/installparse.l166
-rw-r--r--security/nss/cmd/modutil/installparse.y133
-rw-r--r--security/nss/cmd/modutil/instsec.c178
-rw-r--r--security/nss/cmd/modutil/lex.Pk11Install_yy.c1691
-rw-r--r--security/nss/cmd/modutil/manifest.mn62
-rw-r--r--security/nss/cmd/modutil/modutil.c999
-rw-r--r--security/nss/cmd/modutil/modutil.h67
-rw-r--r--security/nss/cmd/modutil/pk11.c919
-rw-r--r--security/nss/cmd/modutil/pk11jar.html309
-rw-r--r--security/nss/cmd/modutil/rules.mk54
-rw-r--r--security/nss/cmd/modutil/specification.html351
-rw-r--r--security/nss/cmd/ocspclnt/Makefile73
-rw-r--r--security/nss/cmd/ocspclnt/manifest.mn54
-rw-r--r--security/nss/cmd/ocspclnt/ocspclnt.c1221
-rw-r--r--security/nss/cmd/oidcalc/Makefile76
-rw-r--r--security/nss/cmd/oidcalc/manifest.mn47
-rw-r--r--security/nss/cmd/oidcalc/oidcalc.c117
-rw-r--r--security/nss/cmd/p7content/Makefile75
-rw-r--r--security/nss/cmd/p7content/manifest.mn43
-rw-r--r--security/nss/cmd/p7content/p7content.c271
-rw-r--r--security/nss/cmd/p7env/Makefile75
-rw-r--r--security/nss/cmd/p7env/manifest.mn43
-rw-r--r--security/nss/cmd/p7env/p7env.c273
-rw-r--r--security/nss/cmd/p7sign/Makefile75
-rw-r--r--security/nss/cmd/p7sign/manifest.mn43
-rw-r--r--security/nss/cmd/p7sign/p7sign.c292
-rw-r--r--security/nss/cmd/p7verify/Makefile75
-rw-r--r--security/nss/cmd/p7verify/manifest.mn43
-rw-r--r--security/nss/cmd/p7verify/p7verify.c305
-rw-r--r--security/nss/cmd/pk12util/Makefile76
-rw-r--r--security/nss/cmd/pk12util/manifest.mn51
-rw-r--r--security/nss/cmd/pk12util/pk12util.c867
-rw-r--r--security/nss/cmd/pk12util/pk12util.h69
-rw-r--r--security/nss/cmd/pkiutil/Makefile76
-rw-r--r--security/nss/cmd/pkiutil/manifest.mn47
-rw-r--r--security/nss/cmd/pkiutil/pkiutil.c373
-rw-r--r--security/nss/cmd/pkiutil/platlibs.mk53
-rw-r--r--security/nss/cmd/platlibs.mk219
-rw-r--r--security/nss/cmd/platrules.mk47
-rw-r--r--security/nss/cmd/pp/Makefile75
-rw-r--r--security/nss/cmd/pp/manifest.mn47
-rw-r--r--security/nss/cmd/pp/pp.c176
-rw-r--r--security/nss/cmd/rsaperf/Makefile84
-rw-r--r--security/nss/cmd/rsaperf/defkey.c202
-rw-r--r--security/nss/cmd/rsaperf/manifest.mn52
-rw-r--r--security/nss/cmd/rsaperf/rsaperf.c402
-rw-r--r--security/nss/cmd/samples/cert15
-rw-r--r--security/nss/cmd/samples/cert0bin505 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/cert1bin515 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/cert2bin528 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7.berbin1771 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7bday.berbin1881 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7cnet.berbin3330 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7news.berbin255328 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/x509v3.derbin463 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/x509v3.txt10
-rw-r--r--security/nss/cmd/sdrtest/Makefile73
-rw-r--r--security/nss/cmd/sdrtest/manifest.mn54
-rw-r--r--security/nss/cmd/sdrtest/sdrtest.c305
-rw-r--r--security/nss/cmd/selfserv/Makefile74
-rw-r--r--security/nss/cmd/selfserv/makefile.win136
-rw-r--r--security/nss/cmd/selfserv/manifest.mn48
-rw-r--r--security/nss/cmd/selfserv/selfserv.c1752
-rw-r--r--security/nss/cmd/shlibsign/Makefile110
-rw-r--r--security/nss/cmd/shlibsign/mangle/Makefile75
-rw-r--r--security/nss/cmd/shlibsign/mangle/mangle.c166
-rw-r--r--security/nss/cmd/shlibsign/mangle/manifest.mn52
-rw-r--r--security/nss/cmd/shlibsign/manifest.mn60
-rw-r--r--security/nss/cmd/shlibsign/shlibsign.c427
-rw-r--r--security/nss/cmd/shlibsign/sign.cmd19
-rw-r--r--security/nss/cmd/shlibsign/sign.sh51
-rw-r--r--security/nss/cmd/signtool/Makefile71
-rw-r--r--security/nss/cmd/signtool/README119
-rw-r--r--security/nss/cmd/signtool/certgen.c713
-rw-r--r--security/nss/cmd/signtool/javascript.c1790
-rw-r--r--security/nss/cmd/signtool/list.c278
-rw-r--r--security/nss/cmd/signtool/manifest.mn57
-rw-r--r--security/nss/cmd/signtool/sign.c861
-rw-r--r--security/nss/cmd/signtool/signtool.c1054
-rw-r--r--security/nss/cmd/signtool/signtool.h140
-rw-r--r--security/nss/cmd/signtool/util.c990
-rw-r--r--security/nss/cmd/signtool/verify.c382
-rw-r--r--security/nss/cmd/signtool/zip.c678
-rw-r--r--security/nss/cmd/signtool/zip.h100
-rw-r--r--security/nss/cmd/signver/Makefile71
-rwxr-xr-xsecurity/nss/cmd/signver/examples/1/form.pl50
-rw-r--r--security/nss/cmd/signver/examples/1/signedForm.html84
-rw-r--r--security/nss/cmd/signver/examples/1/signedForm.nt.html84
-rwxr-xr-xsecurity/nss/cmd/signver/examples/1/signedForm.pl88
-rw-r--r--security/nss/cmd/signver/manifest.mn54
-rw-r--r--security/nss/cmd/signver/pk7print.c922
-rw-r--r--security/nss/cmd/signver/signver.c455
-rw-r--r--security/nss/cmd/smimetools/Makefile73
-rw-r--r--security/nss/cmd/smimetools/cmsutil.c1450
-rw-r--r--security/nss/cmd/smimetools/manifest.mn45
-rw-r--r--security/nss/cmd/smimetools/rules.mk37
-rwxr-xr-xsecurity/nss/cmd/smimetools/smime576
-rw-r--r--security/nss/cmd/sslstrength/Makefile82
-rw-r--r--security/nss/cmd/sslstrength/manifest.mn50
-rw-r--r--security/nss/cmd/sslstrength/sslstr.cgi296
-rw-r--r--security/nss/cmd/sslstrength/sslstrength.c622
-rwxr-xr-xsecurity/nss/cmd/sslstrength/sslwrap181
-rw-r--r--security/nss/cmd/ssltap/Makefile79
-rw-r--r--security/nss/cmd/ssltap/config.mk52
-rw-r--r--security/nss/cmd/ssltap/manifest.mn51
-rw-r--r--security/nss/cmd/ssltap/ssltap-manual.html199
-rw-r--r--security/nss/cmd/ssltap/ssltap.c1334
-rw-r--r--security/nss/cmd/strsclnt/Makefile75
-rw-r--r--security/nss/cmd/strsclnt/manifest.mn47
-rw-r--r--security/nss/cmd/strsclnt/strsclnt.c1175
-rw-r--r--security/nss/cmd/swfort/Makefile108
-rw-r--r--security/nss/cmd/swfort/instinit/Makefile75
-rw-r--r--security/nss/cmd/swfort/instinit/instinit.c421
-rw-r--r--security/nss/cmd/swfort/instinit/manifest.mn46
-rw-r--r--security/nss/cmd/swfort/manifest.mn38
-rw-r--r--security/nss/cmd/swfort/newuser/Makefile83
-rw-r--r--security/nss/cmd/swfort/newuser/manifest.mn45
-rw-r--r--security/nss/cmd/swfort/newuser/mktst.c254
-rw-r--r--security/nss/cmd/swfort/newuser/newuser.c1133
-rw-r--r--security/nss/cmd/tests/Makefile73
-rw-r--r--security/nss/cmd/tests/manifest.mn49
-rw-r--r--security/nss/cmd/tests/remtest.c162
-rw-r--r--security/nss/cmd/tstclnt/Makefile84
-rw-r--r--security/nss/cmd/tstclnt/makefile.win130
-rw-r--r--security/nss/cmd/tstclnt/manifest.mn50
-rw-r--r--security/nss/cmd/tstclnt/tstclnt.c779
-rw-r--r--security/nss/cmd/ttformat/Makefile74
-rw-r--r--security/nss/cmd/ttformat/manifest.mn48
-rwxr-xr-xsecurity/nss/cmd/ttformat/nClient49
-rwxr-xr-xsecurity/nss/cmd/ttformat/nServ49
-rwxr-xr-xsecurity/nss/cmd/ttformat/redux.pl77
-rw-r--r--security/nss/cmd/ttformat/reduxhwm.pl33
-rw-r--r--security/nss/cmd/ttformat/ttformat.c135
-rw-r--r--security/nss/cmd/vfychain/Makefile82
-rw-r--r--security/nss/cmd/vfychain/manifest.mn51
-rw-r--r--security/nss/cmd/vfychain/vfychain.c438
-rw-r--r--security/nss/cmd/vfyserv/Makefile84
-rw-r--r--security/nss/cmd/vfyserv/makefile.win130
-rw-r--r--security/nss/cmd/vfyserv/manifest.mn51
-rw-r--r--security/nss/cmd/vfyserv/vfyserv.c458
-rw-r--r--security/nss/cmd/vfyserv/vfyserv.h182
-rw-r--r--security/nss/cmd/vfyserv/vfyutil.c714
-rw-r--r--security/nss/cmd/zlib/Makefile75
-rw-r--r--security/nss/cmd/zlib/README99
-rw-r--r--security/nss/cmd/zlib/adler32.c48
-rw-r--r--security/nss/cmd/zlib/compress.c57
-rw-r--r--security/nss/cmd/zlib/config.mk70
-rw-r--r--security/nss/cmd/zlib/crc32.c162
-rw-r--r--security/nss/cmd/zlib/deflate.c1209
-rw-r--r--security/nss/cmd/zlib/deflate.h275
-rw-r--r--security/nss/cmd/zlib/example.c503
-rw-r--r--security/nss/cmd/zlib/gzio.c537
-rw-r--r--security/nss/cmd/zlib/infblock.c406
-rw-r--r--security/nss/cmd/zlib/infblock.h37
-rw-r--r--security/nss/cmd/zlib/infcodes.c247
-rw-r--r--security/nss/cmd/zlib/infcodes.h27
-rw-r--r--security/nss/cmd/zlib/inffast.c168
-rw-r--r--security/nss/cmd/zlib/inffast.h17
-rw-r--r--security/nss/cmd/zlib/inffixed.h151
-rw-r--r--security/nss/cmd/zlib/inflate.c346
-rw-r--r--security/nss/cmd/zlib/inftrees.c479
-rw-r--r--security/nss/cmd/zlib/inftrees.h59
-rw-r--r--security/nss/cmd/zlib/infutil.c87
-rw-r--r--security/nss/cmd/zlib/infutil.h99
-rw-r--r--security/nss/cmd/zlib/makefile.win91
-rw-r--r--security/nss/cmd/zlib/maketree.c85
-rw-r--r--security/nss/cmd/zlib/manifest.mn60
-rw-r--r--security/nss/cmd/zlib/minigzip.c246
-rw-r--r--security/nss/cmd/zlib/netscape_mods.doc43
-rw-r--r--security/nss/cmd/zlib/trees.c1143
-rw-r--r--security/nss/cmd/zlib/trees.h128
-rw-r--r--security/nss/cmd/zlib/uncompr.c58
-rw-r--r--security/nss/cmd/zlib/zconf.h190
-rw-r--r--security/nss/cmd/zlib/zip16.def24
-rw-r--r--security/nss/cmd/zlib/zlib.h892
-rw-r--r--security/nss/cmd/zlib/zutil.c215
-rw-r--r--security/nss/cmd/zlib/zutil.h211
-rw-r--r--security/nss/lib/Makefile91
-rw-r--r--security/nss/lib/asn1/Makefile40
-rw-r--r--security/nss/lib/asn1/asn1.c1727
-rw-r--r--security/nss/lib/asn1/asn1.h879
-rw-r--r--security/nss/lib/asn1/asn1m.h80
-rw-r--r--security/nss/lib/asn1/asn1t.h166
-rw-r--r--security/nss/lib/asn1/config.mk48
-rw-r--r--security/nss/lib/asn1/manifest.mn55
-rw-r--r--security/nss/lib/asn1/nssasn1t.h67
-rw-r--r--security/nss/lib/base/Makefile40
-rw-r--r--security/nss/lib/base/arena.c1142
-rw-r--r--security/nss/lib/base/base.h1445
-rw-r--r--security/nss/lib/base/baset.h158
-rw-r--r--security/nss/lib/base/config.mk48
-rw-r--r--security/nss/lib/base/error.c297
-rw-r--r--security/nss/lib/base/errorval.c93
-rw-r--r--security/nss/lib/base/hash.c404
-rw-r--r--security/nss/lib/base/hashops.c117
-rw-r--r--security/nss/lib/base/item.c241
-rw-r--r--security/nss/lib/base/libc.c197
-rw-r--r--security/nss/lib/base/list.c433
-rw-r--r--security/nss/lib/base/manifest.mn65
-rw-r--r--security/nss/lib/base/nssbase.h167
-rw-r--r--security/nss/lib/base/nssbaset.h153
-rw-r--r--security/nss/lib/base/tracker.c543
-rw-r--r--security/nss/lib/base/utf8.c759
-rw-r--r--security/nss/lib/base/whatnspr.c171
-rw-r--r--security/nss/lib/certdb/.cvsignore1
-rw-r--r--security/nss/lib/certdb/Makefile76
-rw-r--r--security/nss/lib/certdb/alg1485.c1248
-rw-r--r--security/nss/lib/certdb/cert.h1493
-rw-r--r--security/nss/lib/certdb/certdb.c2918
-rw-r--r--security/nss/lib/certdb/certdb.h159
-rw-r--r--security/nss/lib/certdb/certi.h213
-rw-r--r--security/nss/lib/certdb/certt.h853
-rw-r--r--security/nss/lib/certdb/certv3.c406
-rw-r--r--security/nss/lib/certdb/certxutl.c482
-rw-r--r--security/nss/lib/certdb/certxutl.h79
-rw-r--r--security/nss/lib/certdb/config.mk43
-rw-r--r--security/nss/lib/certdb/crl.c1950
-rw-r--r--security/nss/lib/certdb/genname.c1610
-rw-r--r--security/nss/lib/certdb/genname.h125
-rw-r--r--security/nss/lib/certdb/manifest.mn68
-rw-r--r--security/nss/lib/certdb/polcyxtn.c565
-rw-r--r--security/nss/lib/certdb/secname.c653
-rw-r--r--security/nss/lib/certdb/stanpcertdb.c978
-rw-r--r--security/nss/lib/certdb/xauthkid.c155
-rw-r--r--security/nss/lib/certdb/xbsconst.c168
-rw-r--r--security/nss/lib/certdb/xconst.c257
-rw-r--r--security/nss/lib/certdb/xconst.h82
-rw-r--r--security/nss/lib/certhigh/Makefile76
-rw-r--r--security/nss/lib/certhigh/certhigh.c1206
-rw-r--r--security/nss/lib/certhigh/certhtml.c605
-rw-r--r--security/nss/lib/certhigh/certreq.c230
-rw-r--r--security/nss/lib/certhigh/certvfy.c2113
-rw-r--r--security/nss/lib/certhigh/config.mk43
-rw-r--r--security/nss/lib/certhigh/crlv2.c126
-rw-r--r--security/nss/lib/certhigh/manifest.mn59
-rw-r--r--security/nss/lib/certhigh/ocsp.c4000
-rw-r--r--security/nss/lib/certhigh/ocsp.h534
-rw-r--r--security/nss/lib/certhigh/ocspt.h59
-rw-r--r--security/nss/lib/certhigh/ocspti.h405
-rw-r--r--security/nss/lib/certhigh/xcrldist.c230
-rw-r--r--security/nss/lib/ckfw/.cvsignore4
-rw-r--r--security/nss/lib/ckfw/Makefile54
-rw-r--r--security/nss/lib/ckfw/builtins/.cvsignore1
-rw-r--r--security/nss/lib/ckfw/builtins/Makefile101
-rw-r--r--security/nss/lib/ckfw/builtins/README31
-rw-r--r--security/nss/lib/ckfw/builtins/anchor.c50
-rw-r--r--security/nss/lib/ckfw/builtins/bfind.c283
-rw-r--r--security/nss/lib/ckfw/builtins/binst.c130
-rw-r--r--security/nss/lib/ckfw/builtins/bobject.c255
-rw-r--r--security/nss/lib/ckfw/builtins/bsession.c108
-rw-r--r--security/nss/lib/ckfw/builtins/bslot.c124
-rw-r--r--security/nss/lib/ckfw/builtins/btoken.c184
-rw-r--r--security/nss/lib/ckfw/builtins/builtins.h104
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.c8570
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.perl292
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.txt8712
-rw-r--r--security/nss/lib/ckfw/builtins/config.mk58
-rw-r--r--security/nss/lib/ckfw/builtins/constants.c94
-rw-r--r--security/nss/lib/ckfw/builtins/manifest.mn59
-rw-r--r--security/nss/lib/ckfw/builtins/nssckbi.h64
-rw-r--r--security/nss/lib/ckfw/ck.api571
-rw-r--r--security/nss/lib/ckfw/ck.h121
-rw-r--r--security/nss/lib/ckfw/ckapi.perl512
-rw-r--r--security/nss/lib/ckfw/ckfw.h1858
-rw-r--r--security/nss/lib/ckfw/ckfwm.h167
-rw-r--r--security/nss/lib/ckfw/ckfwtm.h56
-rw-r--r--security/nss/lib/ckfw/ckmd.h65
-rw-r--r--security/nss/lib/ckfw/ckt.h37
-rw-r--r--security/nss/lib/ckfw/config.mk54
-rw-r--r--security/nss/lib/ckfw/dbm/Makefile38
-rw-r--r--security/nss/lib/ckfw/dbm/anchor.c50
-rw-r--r--security/nss/lib/ckfw/dbm/ckdbm.h281
-rw-r--r--security/nss/lib/ckfw/dbm/config.mk37
-rw-r--r--security/nss/lib/ckfw/dbm/db.c1065
-rw-r--r--security/nss/lib/ckfw/dbm/find.c166
-rw-r--r--security/nss/lib/ckfw/dbm/instance.c196
-rw-r--r--security/nss/lib/ckfw/dbm/manifest.mn54
-rw-r--r--security/nss/lib/ckfw/dbm/object.c204
-rw-r--r--security/nss/lib/ckfw/dbm/session.c298
-rw-r--r--security/nss/lib/ckfw/dbm/slot.c214
-rw-r--r--security/nss/lib/ckfw/dbm/token.c315
-rw-r--r--security/nss/lib/ckfw/find.c402
-rw-r--r--security/nss/lib/ckfw/hash.c334
-rw-r--r--security/nss/lib/ckfw/instance.c1355
-rw-r--r--security/nss/lib/ckfw/manifest.mn79
-rw-r--r--security/nss/lib/ckfw/mechanism.c165
-rw-r--r--security/nss/lib/ckfw/mutex.c345
-rw-r--r--security/nss/lib/ckfw/nsprstub.c456
-rw-r--r--security/nss/lib/ckfw/nssck.api1891
-rw-r--r--security/nss/lib/ckfw/nssckepv.h39
-rw-r--r--security/nss/lib/ckfw/nssckft.h40
-rw-r--r--security/nss/lib/ckfw/nssckfw.h510
-rw-r--r--security/nss/lib/ckfw/nssckfwc.h1046
-rw-r--r--security/nss/lib/ckfw/nssckfwt.h111
-rw-r--r--security/nss/lib/ckfw/nssckg.h39
-rw-r--r--security/nss/lib/ckfw/nssckmdt.h2036
-rw-r--r--security/nss/lib/ckfw/nssckt.h42
-rw-r--r--security/nss/lib/ckfw/object.c1046
-rw-r--r--security/nss/lib/ckfw/session.c1962
-rw-r--r--security/nss/lib/ckfw/sessobj.c1099
-rw-r--r--security/nss/lib/ckfw/slot.c756
-rw-r--r--security/nss/lib/ckfw/token.c1869
-rw-r--r--security/nss/lib/ckfw/wrap.c3412
-rw-r--r--security/nss/lib/crmf/Makefile77
-rw-r--r--security/nss/lib/crmf/asn1cmn.c244
-rw-r--r--security/nss/lib/crmf/challcli.c275
-rw-r--r--security/nss/lib/crmf/cmmf.h1119
-rw-r--r--security/nss/lib/crmf/cmmfasn1.c161
-rw-r--r--security/nss/lib/crmf/cmmfchal.c319
-rw-r--r--security/nss/lib/crmf/cmmfi.h127
-rw-r--r--security/nss/lib/crmf/cmmfit.h145
-rw-r--r--security/nss/lib/crmf/cmmfrec.c338
-rw-r--r--security/nss/lib/crmf/cmmfresp.c312
-rw-r--r--security/nss/lib/crmf/cmmft.h102
-rw-r--r--security/nss/lib/crmf/config.mk44
-rw-r--r--security/nss/lib/crmf/crmf.h1779
-rw-r--r--security/nss/lib/crmf/crmfcont.c1166
-rw-r--r--security/nss/lib/crmf/crmfdec.c380
-rw-r--r--security/nss/lib/crmf/crmfenc.c84
-rw-r--r--security/nss/lib/crmf/crmffut.h390
-rw-r--r--security/nss/lib/crmf/crmfget.c478
-rw-r--r--security/nss/lib/crmf/crmfi.h186
-rw-r--r--security/nss/lib/crmf/crmfit.h216
-rw-r--r--security/nss/lib/crmf/crmfpop.c605
-rw-r--r--security/nss/lib/crmf/crmfreq.c697
-rw-r--r--security/nss/lib/crmf/crmft.h217
-rw-r--r--security/nss/lib/crmf/crmftmpl.c299
-rw-r--r--security/nss/lib/crmf/encutil.c63
-rw-r--r--security/nss/lib/crmf/manifest.mn71
-rw-r--r--security/nss/lib/crmf/respcli.c167
-rw-r--r--security/nss/lib/crmf/respcmn.c409
-rw-r--r--security/nss/lib/crmf/servget.c1008
-rw-r--r--security/nss/lib/cryptohi/Makefile77
-rw-r--r--security/nss/lib/cryptohi/config.mk43
-rw-r--r--security/nss/lib/cryptohi/cryptohi.h249
-rw-r--r--security/nss/lib/cryptohi/cryptoht.h45
-rw-r--r--security/nss/lib/cryptohi/dsautil.c231
-rw-r--r--security/nss/lib/cryptohi/hasht.h100
-rw-r--r--security/nss/lib/cryptohi/key.h43
-rw-r--r--security/nss/lib/cryptohi/keyhi.h288
-rw-r--r--security/nss/lib/cryptohi/keyt.h43
-rw-r--r--security/nss/lib/cryptohi/keythi.h248
-rw-r--r--security/nss/lib/cryptohi/manifest.mn64
-rw-r--r--security/nss/lib/cryptohi/sechash.c364
-rw-r--r--security/nss/lib/cryptohi/sechash.h86
-rw-r--r--security/nss/lib/cryptohi/seckey.c2304
-rw-r--r--security/nss/lib/cryptohi/secsign.c507
-rw-r--r--security/nss/lib/cryptohi/secvfy.c590
-rw-r--r--security/nss/lib/dev/Makefile53
-rw-r--r--security/nss/lib/dev/ckhelper.c731
-rw-r--r--security/nss/lib/dev/ckhelper.h194
-rw-r--r--security/nss/lib/dev/config.mk48
-rw-r--r--security/nss/lib/dev/dev.h981
-rw-r--r--security/nss/lib/dev/devm.h242
-rw-r--r--security/nss/lib/dev/devmod.c900
-rw-r--r--security/nss/lib/dev/devslot.c841
-rw-r--r--security/nss/lib/dev/devt.h202
-rw-r--r--security/nss/lib/dev/devtm.h58
-rw-r--r--security/nss/lib/dev/devtoken.c1755
-rw-r--r--security/nss/lib/dev/devutil.c1471
-rw-r--r--security/nss/lib/dev/manifest.mn66
-rw-r--r--security/nss/lib/dev/nssdev.h72
-rw-r--r--security/nss/lib/dev/nssdevt.h69
-rw-r--r--security/nss/lib/fortcrypt/Makefile176
-rw-r--r--security/nss/lib/fortcrypt/config.mk43
-rw-r--r--security/nss/lib/fortcrypt/cryptint.h703
-rw-r--r--security/nss/lib/fortcrypt/fmutex.c113
-rw-r--r--security/nss/lib/fortcrypt/fmutex.h57
-rw-r--r--security/nss/lib/fortcrypt/forsock.c816
-rw-r--r--security/nss/lib/fortcrypt/fortinst.htm161
-rw-r--r--security/nss/lib/fortcrypt/fortpk11.c4553
-rw-r--r--security/nss/lib/fortcrypt/fortsock.h105
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11.h170
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11f.h953
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11i.h269
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11t.h1098
-rw-r--r--security/nss/lib/fortcrypt/fpkmem.h48
-rw-r--r--security/nss/lib/fortcrypt/fpkstrs.h122
-rw-r--r--security/nss/lib/fortcrypt/genci.h145
-rw-r--r--security/nss/lib/fortcrypt/globinst.htm139
-rw-r--r--security/nss/lib/fortcrypt/handinst.htm180
-rw-r--r--security/nss/lib/fortcrypt/homeinst.htm211
-rw-r--r--security/nss/lib/fortcrypt/inst.js268
-rw-r--r--security/nss/lib/fortcrypt/inst_PPC.js134
-rw-r--r--security/nss/lib/fortcrypt/install.js134
-rw-r--r--security/nss/lib/fortcrypt/maci.c901
-rw-r--r--security/nss/lib/fortcrypt/maci.h776
-rw-r--r--security/nss/lib/fortcrypt/macinst.htm148
-rw-r--r--security/nss/lib/fortcrypt/manifest.mn50
-rw-r--r--security/nss/lib/fortcrypt/replace.c101
-rw-r--r--security/nss/lib/fortcrypt/secmodjar.html441
-rw-r--r--security/nss/lib/fortcrypt/swfort/Makefile83
-rw-r--r--security/nss/lib/fortcrypt/swfort/config.mk43
-rw-r--r--security/nss/lib/fortcrypt/swfort/manifest.mn52
-rw-r--r--security/nss/lib/fortcrypt/swfort/nsmap.h86
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore15
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/Makefile175
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/config.mk43
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/inst.js189
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn63
-rwxr-xr-xsecurity/nss/lib/fortcrypt/swfort/pkcs11/pk11inst49
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/stub.c377
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfalg.c506
-rw-r--r--security/nss/lib/fortcrypt/swfort/swflib.c1028
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfort.h70
-rw-r--r--security/nss/lib/fortcrypt/swfort/swforti.h177
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfortt.h56
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfortti.h176
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfparse.c539
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfutl.c750
-rw-r--r--security/nss/lib/freebl/md2.c288
-rw-r--r--security/nss/lib/freebl/md5.c532
-rw-r--r--security/nss/lib/freebl/mknewpc2.c236
-rw-r--r--security/nss/lib/freebl/mksp.c153
-rw-r--r--security/nss/lib/freebl/mpi/Makefile451
-rw-r--r--security/nss/lib/freebl/mpi/Makefile.os2277
-rw-r--r--security/nss/lib/freebl/mpi/Makefile.win277
-rw-r--r--security/nss/lib/freebl/mpi/README795
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/all-tests112
-rw-r--r--security/nss/lib/freebl/mpi/doc/LICENSE11
-rw-r--r--security/nss/lib/freebl/mpi/doc/LICENSE-MPL32
-rw-r--r--security/nss/lib/freebl/mpi/doc/basecvt.pod63
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/doc/build63
-rw-r--r--security/nss/lib/freebl/mpi/doc/div.txt96
-rw-r--r--security/nss/lib/freebl/mpi/doc/expt.txt127
-rw-r--r--security/nss/lib/freebl/mpi/doc/gcd.pod27
-rw-r--r--security/nss/lib/freebl/mpi/doc/invmod.pod33
-rw-r--r--security/nss/lib/freebl/mpi/doc/isprime.pod62
-rw-r--r--security/nss/lib/freebl/mpi/doc/lap.pod35
-rw-r--r--security/nss/lib/freebl/mpi/doc/mpi-test.pod49
-rw-r--r--security/nss/lib/freebl/mpi/doc/mul.txt109
-rw-r--r--security/nss/lib/freebl/mpi/doc/pi.txt85
-rw-r--r--security/nss/lib/freebl/mpi/doc/prime.txt6542
-rw-r--r--security/nss/lib/freebl/mpi/doc/prng.pod41
-rw-r--r--security/nss/lib/freebl/mpi/doc/redux.txt118
-rw-r--r--security/nss/lib/freebl/mpi/doc/sqrt.txt82
-rw-r--r--security/nss/lib/freebl/mpi/doc/square.txt104
-rw-r--r--security/nss/lib/freebl/mpi/doc/timing.txt245
-rw-r--r--security/nss/lib/freebl/mpi/hpma512.s640
-rw-r--r--security/nss/lib/freebl/mpi/hppa20.s929
-rw-r--r--security/nss/lib/freebl/mpi/hppatch.adb49
-rw-r--r--security/nss/lib/freebl/mpi/logtab.h59
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/make-logtab60
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/make-test-arrays129
-rw-r--r--security/nss/lib/freebl/mpi/mdxptest.c339
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.c326
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.h100
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.il137
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.s1967
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv8.il137
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv8.s1847
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv9.il122
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv9.s2377
-rw-r--r--security/nss/lib/freebl/mpi/mp_gf2m.c570
-rw-r--r--security/nss/lib/freebl/mpi/mp_gf2m.h62
-rw-r--r--security/nss/lib/freebl/mpi/mpi-config.h109
-rw-r--r--security/nss/lib/freebl/mpi/mpi-priv.h258
-rw-r--r--security/nss/lib/freebl/mpi/mpi-test.c1973
-rw-r--r--security/nss/lib/freebl/mpi/mpi.c4795
-rw-r--r--security/nss/lib/freebl/mpi/mpi.h334
-rw-r--r--security/nss/lib/freebl/mpi/mpi_hp.c112
-rw-r--r--security/nss/lib/freebl/mpi/mpi_i86pc.s342
-rw-r--r--security/nss/lib/freebl/mpi/mpi_mips.s502
-rw-r--r--security/nss/lib/freebl/mpi/mpi_sparc.c358
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86.asm351
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86.s342
-rw-r--r--security/nss/lib/freebl/mpi/mplogic.c462
-rw-r--r--security/nss/lib/freebl/mpi/mplogic.h82
-rw-r--r--security/nss/lib/freebl/mpi/mpmontg.c567
-rw-r--r--security/nss/lib/freebl/mpi/mpprime.c622
-rw-r--r--security/nss/lib/freebl/mpi/mpprime.h67
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparc.c249
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparcv8.s1641
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparcv9.s1673
-rw-r--r--security/nss/lib/freebl/mpi/mpvalpha.c214
-rw-r--r--security/nss/lib/freebl/mpi/mulsqr.c111
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/multest107
-rw-r--r--security/nss/lib/freebl/mpi/primes.c871
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/stats70
-rw-r--r--security/nss/lib/freebl/mpi/test-arrays.txt86
-rw-r--r--security/nss/lib/freebl/mpi/test-info.c191
-rw-r--r--security/nss/lib/freebl/mpi/tests/LICENSE6
-rw-r--r--security/nss/lib/freebl/mpi/tests/LICENSE-MPL32
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-1.c72
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-2.c83
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-3.c128
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-3a.c141
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4.c123
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4a.c135
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4b.c132
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-5.c100
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-5a.c162
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-6.c108
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-7.c104
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-8.c95
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-9.c113
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-b.c211
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi1k.txt1
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi2k.txt1
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi5k.txt1
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/timetest131
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/types.pl158
-rw-r--r--security/nss/lib/freebl/mpi/utils/LICENSE4
-rw-r--r--security/nss/lib/freebl/mpi/utils/LICENSE-MPL32
-rw-r--r--security/nss/lib/freebl/mpi/utils/PRIMES41
-rw-r--r--security/nss/lib/freebl/mpi/utils/README239
-rw-r--r--security/nss/lib/freebl/mpi/utils/basecvt.c97
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbs_rand.c93
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbs_rand.h55
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbsrand.c64
-rw-r--r--security/nss/lib/freebl/mpi/utils/dec2hex.c68
-rw-r--r--security/nss/lib/freebl/mpi/utils/exptmod.c80
-rw-r--r--security/nss/lib/freebl/mpi/utils/fact.c112
-rw-r--r--security/nss/lib/freebl/mpi/utils/gcd.c116
-rw-r--r--security/nss/lib/freebl/mpi/utils/hex2dec.c68
-rw-r--r--security/nss/lib/freebl/mpi/utils/identest.c79
-rw-r--r--security/nss/lib/freebl/mpi/utils/invmod.c89
-rw-r--r--security/nss/lib/freebl/mpi/utils/isprime.c118
-rw-r--r--security/nss/lib/freebl/mpi/utils/lap.c118
-rw-r--r--security/nss/lib/freebl/mpi/utils/makeprime.c144
-rw-r--r--security/nss/lib/freebl/mpi/utils/metime.c132
-rw-r--r--security/nss/lib/freebl/mpi/utils/pi.c194
-rw-r--r--security/nss/lib/freebl/mpi/utils/primegen.c198
-rw-r--r--security/nss/lib/freebl/mpi/utils/prng.c87
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/utils/ptab.pl58
-rw-r--r--security/nss/lib/freebl/mpi/utils/sieve.c265
-rw-r--r--security/nss/lib/freebl/mpi/vis_32.il1320
-rw-r--r--security/nss/lib/freebl/mpi/vis_64.il1026
-rw-r--r--security/nss/lib/freebl/mpi/vis_proto.h263
-rw-r--r--security/nss/lib/freebl/os2_rand.c330
-rw-r--r--security/nss/lib/freebl/pqg.c667
-rw-r--r--security/nss/lib/freebl/prng_fips1861.c511
-rw-r--r--security/nss/lib/freebl/rijndael.c1137
-rw-r--r--security/nss/lib/freebl/rijndael.h86
-rw-r--r--security/nss/lib/freebl/rijndael32.tab1215
-rw-r--r--security/nss/lib/freebl/rijndael_tables.c244
-rw-r--r--security/nss/lib/freebl/rsa.c930
-rw-r--r--security/nss/lib/freebl/secmpi.h57
-rw-r--r--security/nss/lib/freebl/secrng.h82
-rw-r--r--security/nss/lib/freebl/sha.c160
-rw-r--r--security/nss/lib/freebl/sha.h48
-rw-r--r--security/nss/lib/freebl/sha512.c1371
-rw-r--r--security/nss/lib/freebl/sha_fast.c449
-rw-r--r--security/nss/lib/freebl/sha_fast.h59
-rw-r--r--security/nss/lib/freebl/shsign.h47
-rw-r--r--security/nss/lib/freebl/shvfy.c294
-rw-r--r--security/nss/lib/freebl/sparcfix.c95
-rw-r--r--security/nss/lib/freebl/sysrand.c46
-rw-r--r--security/nss/lib/freebl/unix_rand.c991
-rw-r--r--security/nss/lib/freebl/win_rand.c545
-rw-r--r--security/nss/lib/jar/Makefile39
-rw-r--r--security/nss/lib/jar/config.mk43
-rw-r--r--security/nss/lib/jar/jar-ds.c70
-rw-r--r--security/nss/lib/jar/jar-ds.h106
-rw-r--r--security/nss/lib/jar/jar.c831
-rw-r--r--security/nss/lib/jar/jar.h478
-rw-r--r--security/nss/lib/jar/jarevil.c573
-rw-r--r--security/nss/lib/jar/jarevil.h76
-rw-r--r--security/nss/lib/jar/jarfile.c1151
-rw-r--r--security/nss/lib/jar/jarfile.h114
-rw-r--r--security/nss/lib/jar/jarint.c81
-rw-r--r--security/nss/lib/jar/jarint.h116
-rw-r--r--security/nss/lib/jar/jarjart.c357
-rw-r--r--security/nss/lib/jar/jarjart.h72
-rw-r--r--security/nss/lib/jar/jarnav.c107
-rw-r--r--security/nss/lib/jar/jarsign.c371
-rw-r--r--security/nss/lib/jar/jarver.c2018
-rw-r--r--security/nss/lib/jar/jzconf.h190
-rw-r--r--security/nss/lib/jar/jzlib.h896
-rw-r--r--security/nss/lib/jar/manifest.mn53
-rw-r--r--security/nss/lib/macbuild/NSS/NSS/NSS.mcpbin939 -> 0 bytes
-rw-r--r--security/nss/lib/macbuild/SecurityLib.mcpbin56096 -> 0 bytes
-rw-r--r--security/nss/lib/manifest.mn65
-rw-r--r--security/nss/lib/nss/Makefile76
-rw-r--r--security/nss/lib/nss/config.mk118
-rw-r--r--security/nss/lib/nss/manifest.mn55
-rw-r--r--security/nss/lib/nss/nss.def758
-rw-r--r--security/nss/lib/nss/nss.h155
-rw-r--r--security/nss/lib/nss/nss.rc98
-rw-r--r--security/nss/lib/nss/nssinit.c632
-rw-r--r--security/nss/lib/nss/nssrenam.h49
-rw-r--r--security/nss/lib/nss/nssver.c53
-rw-r--r--security/nss/lib/pk11wrap/Makefile88
-rw-r--r--security/nss/lib/pk11wrap/config.mk43
-rw-r--r--security/nss/lib/pk11wrap/debug_module.c2209
-rw-r--r--security/nss/lib/pk11wrap/dev3hack.c294
-rw-r--r--security/nss/lib/pk11wrap/dev3hack.h63
-rw-r--r--security/nss/lib/pk11wrap/manifest.mn78
-rw-r--r--security/nss/lib/pk11wrap/pk11cert.c4158
-rw-r--r--security/nss/lib/pk11wrap/pk11err.c147
-rw-r--r--security/nss/lib/pk11wrap/pk11func.h624
-rw-r--r--security/nss/lib/pk11wrap/pk11init.h52
-rw-r--r--security/nss/lib/pk11wrap/pk11kea.c228
-rw-r--r--security/nss/lib/pk11wrap/pk11list.c169
-rw-r--r--security/nss/lib/pk11wrap/pk11load.c333
-rw-r--r--security/nss/lib/pk11wrap/pk11pars.c395
-rw-r--r--security/nss/lib/pk11wrap/pk11pbe.c687
-rw-r--r--security/nss/lib/pk11wrap/pk11pk12.c553
-rw-r--r--security/nss/lib/pk11wrap/pk11pqg.c373
-rw-r--r--security/nss/lib/pk11wrap/pk11pqg.h153
-rw-r--r--security/nss/lib/pk11wrap/pk11sdr.c322
-rw-r--r--security/nss/lib/pk11wrap/pk11sdr.h59
-rw-r--r--security/nss/lib/pk11wrap/pk11skey.c5350
-rw-r--r--security/nss/lib/pk11wrap/pk11slot.c4776
-rw-r--r--security/nss/lib/pk11wrap/pk11util.c726
-rw-r--r--security/nss/lib/pk11wrap/secmod.h153
-rw-r--r--security/nss/lib/pk11wrap/secmodi.h117
-rw-r--r--security/nss/lib/pk11wrap/secmodt.h264
-rw-r--r--security/nss/lib/pk11wrap/secmodti.h192
-rw-r--r--security/nss/lib/pk11wrap/secpkcs5.h88
-rw-r--r--security/nss/lib/pkcs12/Makefile77
-rw-r--r--security/nss/lib/pkcs12/config.mk44
-rw-r--r--security/nss/lib/pkcs12/manifest.mn58
-rw-r--r--security/nss/lib/pkcs12/p12.h189
-rw-r--r--security/nss/lib/pkcs12/p12creat.c251
-rw-r--r--security/nss/lib/pkcs12/p12d.c3297
-rw-r--r--security/nss/lib/pkcs12/p12dec.c693
-rw-r--r--security/nss/lib/pkcs12/p12e.c2294
-rw-r--r--security/nss/lib/pkcs12/p12exp.c1407
-rw-r--r--security/nss/lib/pkcs12/p12local.c1369
-rw-r--r--security/nss/lib/pkcs12/p12local.h88
-rw-r--r--security/nss/lib/pkcs12/p12plcy.c198
-rw-r--r--security/nss/lib/pkcs12/p12plcy.h60
-rw-r--r--security/nss/lib/pkcs12/p12t.h184
-rw-r--r--security/nss/lib/pkcs12/p12tmpl.c320
-rw-r--r--security/nss/lib/pkcs12/pkcs12.h71
-rw-r--r--security/nss/lib/pkcs12/pkcs12t.h395
-rw-r--r--security/nss/lib/pkcs7/Makefile76
-rw-r--r--security/nss/lib/pkcs7/certread.c540
-rw-r--r--security/nss/lib/pkcs7/config.mk42
-rw-r--r--security/nss/lib/pkcs7/manifest.mn60
-rw-r--r--security/nss/lib/pkcs7/p7common.c747
-rw-r--r--security/nss/lib/pkcs7/p7create.c1320
-rw-r--r--security/nss/lib/pkcs7/p7decode.c2052
-rw-r--r--security/nss/lib/pkcs7/p7encode.c1322
-rw-r--r--security/nss/lib/pkcs7/p7local.c1443
-rw-r--r--security/nss/lib/pkcs7/p7local.h176
-rw-r--r--security/nss/lib/pkcs7/pkcs7t.h296
-rw-r--r--security/nss/lib/pkcs7/secmime.c901
-rw-r--r--security/nss/lib/pkcs7/secmime.h192
-rw-r--r--security/nss/lib/pkcs7/secpkcs7.h616
-rw-r--r--security/nss/lib/pki/Makefile40
-rw-r--r--security/nss/lib/pki/asymmkey.c431
-rw-r--r--security/nss/lib/pki/certdecode.c118
-rw-r--r--security/nss/lib/pki/certificate.c1183
-rw-r--r--security/nss/lib/pki/config.mk48
-rw-r--r--security/nss/lib/pki/cryptocontext.c1003
-rw-r--r--security/nss/lib/pki/doc/standiag.pngbin20475 -> 0 bytes
-rw-r--r--security/nss/lib/pki/doc/standoc.html471
-rw-r--r--security/nss/lib/pki/manifest.mn71
-rw-r--r--security/nss/lib/pki/nsspki.h3190
-rw-r--r--security/nss/lib/pki/nsspkit.h271
-rw-r--r--security/nss/lib/pki/pki.h245
-rw-r--r--security/nss/lib/pki/pki3hack.c1109
-rw-r--r--security/nss/lib/pki/pki3hack.h185
-rw-r--r--security/nss/lib/pki/pkibase.c1452
-rw-r--r--security/nss/lib/pki/pkim.h716
-rw-r--r--security/nss/lib/pki/pkistore.c720
-rw-r--r--security/nss/lib/pki/pkistore.h188
-rw-r--r--security/nss/lib/pki/pkit.h210
-rw-r--r--security/nss/lib/pki/pkitm.h130
-rw-r--r--security/nss/lib/pki/symmkey.c297
-rw-r--r--security/nss/lib/pki/tdcache.c1133
-rw-r--r--security/nss/lib/pki/trustdomain.c1383
-rw-r--r--security/nss/lib/pki1/.cvsignore3
-rw-r--r--security/nss/lib/pki1/Makefile46
-rw-r--r--security/nss/lib/pki1/atav.c1821
-rw-r--r--security/nss/lib/pki1/config.mk47
-rw-r--r--security/nss/lib/pki1/genname.c94
-rw-r--r--security/nss/lib/pki1/gnseq.c71
-rw-r--r--security/nss/lib/pki1/manifest.mn65
-rw-r--r--security/nss/lib/pki1/name.c77
-rw-r--r--security/nss/lib/pki1/nsspki1.h2869
-rw-r--r--security/nss/lib/pki1/nsspki1t.h202
-rw-r--r--security/nss/lib/pki1/oid.c1615
-rw-r--r--security/nss/lib/pki1/oiddata.c2933
-rw-r--r--security/nss/lib/pki1/oiddata.h217
-rwxr-xr-xsecurity/nss/lib/pki1/oidgen.perl313
-rw-r--r--security/nss/lib/pki1/oids.txt2115
-rw-r--r--security/nss/lib/pki1/pki1.h3032
-rw-r--r--security/nss/lib/pki1/pki1t.h104
-rw-r--r--security/nss/lib/pki1/rdn.c73
-rw-r--r--security/nss/lib/pki1/rdnseq.c71
-rw-r--r--security/nss/lib/pkix/doc/name_rules.html178
-rw-r--r--security/nss/lib/pkix/include/nsspkix.h24377
-rw-r--r--security/nss/lib/pkix/include/nsspkixt.h2281
-rw-r--r--security/nss/lib/pkix/include/pkix.h26086
-rw-r--r--security/nss/lib/pkix/include/pkixm.h969
-rw-r--r--security/nss/lib/pkix/include/pkixt.h57
-rw-r--r--security/nss/lib/pkix/include/pkixtm.h1581
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c85
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c71
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c83
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c71
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c80
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c71
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c138
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c137
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c144
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c117
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c88
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c69
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c78
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c75
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c86
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c76
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c77
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c182
-rw-r--r--security/nss/lib/pkix/src/Attribute/AddValue.c79
-rw-r--r--security/nss/lib/pkix/src/Attribute/Create.c141
-rw-r--r--security/nss/lib/pkix/src/Attribute/CreateFromArray.c97
-rw-r--r--security/nss/lib/pkix/src/Attribute/Decode.c84
-rw-r--r--security/nss/lib/pkix/src/Attribute/Destroy.c74
-rw-r--r--security/nss/lib/pkix/src/Attribute/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/Attribute/Encode.c85
-rw-r--r--security/nss/lib/pkix/src/Attribute/Equal.c88
-rw-r--r--security/nss/lib/pkix/src/Attribute/FindValue.c84
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetType.c72
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetValue.c86
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetValueCount.c75
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetValues.c88
-rw-r--r--security/nss/lib/pkix/src/Attribute/MClear.c71
-rw-r--r--security/nss/lib/pkix/src/Attribute/MCount.c87
-rw-r--r--security/nss/lib/pkix/src/Attribute/MVCreate.c165
-rw-r--r--security/nss/lib/pkix/src/Attribute/PAddValue.c140
-rw-r--r--security/nss/lib/pkix/src/Attribute/PCreate.c139
-rw-r--r--security/nss/lib/pkix/src/Attribute/PCreateFromArray.c191
-rw-r--r--security/nss/lib/pkix/src/Attribute/PDecode.c153
-rw-r--r--security/nss/lib/pkix/src/Attribute/PDestroy.c82
-rw-r--r--security/nss/lib/pkix/src/Attribute/PDuplicate.c189
-rw-r--r--security/nss/lib/pkix/src/Attribute/PEncode.c126
-rw-r--r--security/nss/lib/pkix/src/Attribute/PEqual.c164
-rw-r--r--security/nss/lib/pkix/src/Attribute/PFindValue.c107
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetType.c79
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetValue.c98
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetValueCount.c88
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetValues.c145
-rw-r--r--security/nss/lib/pkix/src/Attribute/PRemoveValue.c121
-rw-r--r--security/nss/lib/pkix/src/Attribute/PSetType.c90
-rw-r--r--security/nss/lib/pkix/src/Attribute/PSetValue.c102
-rw-r--r--security/nss/lib/pkix/src/Attribute/PSetValues.c135
-rw-r--r--security/nss/lib/pkix/src/Attribute/RemoveValue.c76
-rw-r--r--security/nss/lib/pkix/src/Attribute/SetType.c80
-rw-r--r--security/nss/lib/pkix/src/Attribute/SetValue.c80
-rw-r--r--security/nss/lib/pkix/src/Attribute/SetValues.c85
-rw-r--r--security/nss/lib/pkix/src/Attribute/template.c58
-rw-r--r--security/nss/lib/pkix/src/Attribute/verifyPointer.c170
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c85
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c71
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c80
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c154
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c137
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c144
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c78
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c165
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c101
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c95
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c78
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c83
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c86
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c85
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c76
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c77
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/template.c56
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c184
-rw-r--r--security/nss/lib/pkix/src/Name/Create.c93
-rw-r--r--security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c79
-rw-r--r--security/nss/lib/pkix/src/Name/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/Name/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/Name/Destroy.c71
-rw-r--r--security/nss/lib/pkix/src/Name/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/Name/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/Name/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/Name/GetChoice.c70
-rw-r--r--security/nss/lib/pkix/src/Name/GetRDNSequence.c80
-rw-r--r--security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c90
-rw-r--r--security/nss/lib/pkix/src/Name/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/Name/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/Name/Mregister.c72
-rw-r--r--security/nss/lib/pkix/src/Name/PCreate.c173
-rw-r--r--security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c145
-rw-r--r--security/nss/lib/pkix/src/Name/PCreateFromUTF8.c145
-rw-r--r--security/nss/lib/pkix/src/Name/PDecode.c138
-rw-r--r--security/nss/lib/pkix/src/Name/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/Name/PDuplicate.c172
-rw-r--r--security/nss/lib/pkix/src/Name/PEncode.c118
-rw-r--r--security/nss/lib/pkix/src/Name/PEqual.c104
-rw-r--r--security/nss/lib/pkix/src/Name/PGetChoice.c68
-rw-r--r--security/nss/lib/pkix/src/Name/PGetRDNSequence.c87
-rw-r--r--security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c93
-rw-r--r--security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/Name/template.c56
-rw-r--r--security/nss/lib/pkix/src/Name/verifyPointer.c210
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c77
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Create.c125
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c86
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c78
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c71
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c85
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/MCount.c82
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/MVCreate.c141
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c105
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PCreate.c123
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c151
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c139
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PDecode.c138
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PDuplicate.c177
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PEncode.c118
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PEqual.c107
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c90
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c96
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c85
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c135
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c117
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c104
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c103
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c153
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c72
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c115
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/template.c55
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/verifyPointer.c205
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c77
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c125
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c86
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c80
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c78
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c72
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c83
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c82
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c158
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c107
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c123
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c151
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c139
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c142
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c177
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c123
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c101
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c96
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c89
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c85
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c133
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c121
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c102
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c166
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c73
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c79
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c113
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/template.c55
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c205
-rw-r--r--security/nss/lib/pkix/src/Time/Compare.c75
-rw-r--r--security/nss/lib/pkix/src/Time/CreateFromPRTime.c65
-rw-r--r--security/nss/lib/pkix/src/Time/CreateFromUTF8.c70
-rw-r--r--security/nss/lib/pkix/src/Time/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/Time/Destroy.c62
-rw-r--r--security/nss/lib/pkix/src/Time/Duplicate.c69
-rw-r--r--security/nss/lib/pkix/src/Time/Encode.c71
-rw-r--r--security/nss/lib/pkix/src/Time/Equal.c74
-rw-r--r--security/nss/lib/pkix/src/Time/GetPRTime.c64
-rw-r--r--security/nss/lib/pkix/src/Time/GetUTF8Encoding.c69
-rw-r--r--security/nss/lib/pkix/src/Time/PCreateFromPRTime.c117
-rw-r--r--security/nss/lib/pkix/src/Time/PCreateFromUTF8.c121
-rw-r--r--security/nss/lib/pkix/src/Time/PDecode.c137
-rw-r--r--security/nss/lib/pkix/src/Time/PDestroy.c68
-rw-r--r--security/nss/lib/pkix/src/Time/PEncode.c66
-rw-r--r--security/nss/lib/pkix/src/Time/template.c54
-rw-r--r--security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c105
-rw-r--r--security/nss/lib/pkix/src/X520Name/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/X520Name/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/X520Name/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/X520Name/Encode.c80
-rw-r--r--security/nss/lib/pkix/src/X520Name/Equal.c83
-rw-r--r--security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c78
-rw-r--r--security/nss/lib/pkix/src/X520Name/MDoUTF8.c97
-rw-r--r--security/nss/lib/pkix/src/X520Name/PCreate.c169
-rw-r--r--security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c164
-rw-r--r--security/nss/lib/pkix/src/X520Name/PDecode.c135
-rw-r--r--security/nss/lib/pkix/src/X520Name/PDestroy.c87
-rw-r--r--security/nss/lib/pkix/src/X520Name/PDuplicate.c158
-rw-r--r--security/nss/lib/pkix/src/X520Name/PEncode.c93
-rw-r--r--security/nss/lib/pkix/src/X520Name/PEqual.c100
-rw-r--r--security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c82
-rw-r--r--security/nss/lib/pkix/src/X520Name/template.c56
-rw-r--r--security/nss/lib/pkix/src/X520Name/verifyPointer.c169
-rw-r--r--security/nss/lib/smime/Makefile76
-rw-r--r--security/nss/lib/smime/cms.h1141
-rw-r--r--security/nss/lib/smime/cmsarray.c212
-rw-r--r--security/nss/lib/smime/cmsasn1.c575
-rw-r--r--security/nss/lib/smime/cmsattr.c453
-rw-r--r--security/nss/lib/smime/cmscinfo.c332
-rw-r--r--security/nss/lib/smime/cmscipher.c792
-rw-r--r--security/nss/lib/smime/cmsdecode.c692
-rw-r--r--security/nss/lib/smime/cmsdigdata.c224
-rw-r--r--security/nss/lib/smime/cmsdigest.c259
-rw-r--r--security/nss/lib/smime/cmsencdata.c287
-rw-r--r--security/nss/lib/smime/cmsencode.c743
-rw-r--r--security/nss/lib/smime/cmsenvdata.c424
-rw-r--r--security/nss/lib/smime/cmslocal.h336
-rw-r--r--security/nss/lib/smime/cmsmessage.c315
-rw-r--r--security/nss/lib/smime/cmspubkey.c555
-rw-r--r--security/nss/lib/smime/cmsrecinfo.c733
-rw-r--r--security/nss/lib/smime/cmsreclist.c187
-rw-r--r--security/nss/lib/smime/cmsreclist.h59
-rw-r--r--security/nss/lib/smime/cmssigdata.c985
-rw-r--r--security/nss/lib/smime/cmssiginfo.c999
-rw-r--r--security/nss/lib/smime/cmst.h528
-rw-r--r--security/nss/lib/smime/cmsutil.c390
-rw-r--r--security/nss/lib/smime/config.mk89
-rw-r--r--security/nss/lib/smime/manifest.mn77
-rw-r--r--security/nss/lib/smime/smime.def242
-rw-r--r--security/nss/lib/smime/smime.h153
-rw-r--r--security/nss/lib/smime/smime.rc98
-rw-r--r--security/nss/lib/smime/smimemessage.c215
-rw-r--r--security/nss/lib/smime/smimesym.c8
-rw-r--r--security/nss/lib/smime/smimeutil.c779
-rw-r--r--security/nss/lib/smime/smimever.c53
-rw-r--r--security/nss/lib/softoken/Makefile91
-rw-r--r--security/nss/lib/softoken/alghmac.c163
-rw-r--r--security/nss/lib/softoken/alghmac.h88
-rw-r--r--security/nss/lib/softoken/cdbhdl.h82
-rw-r--r--security/nss/lib/softoken/config.mk105
-rw-r--r--security/nss/lib/softoken/dbinit.c419
-rw-r--r--security/nss/lib/softoken/dbmshim.c661
-rw-r--r--security/nss/lib/softoken/ecdecode.c1607
-rw-r--r--security/nss/lib/softoken/fipstest.c1093
-rw-r--r--security/nss/lib/softoken/fipstokn.c993
-rw-r--r--security/nss/lib/softoken/keydb.c2539
-rw-r--r--security/nss/lib/softoken/keydbi.h81
-rw-r--r--security/nss/lib/softoken/lowcert.c568
-rw-r--r--security/nss/lib/softoken/lowkey.c378
-rw-r--r--security/nss/lib/softoken/lowkeyi.h269
-rw-r--r--security/nss/lib/softoken/lowkeyti.h158
-rw-r--r--security/nss/lib/softoken/lowpbe.c1182
-rw-r--r--security/nss/lib/softoken/lowpbe.h132
-rw-r--r--security/nss/lib/softoken/manifest.mn82
-rw-r--r--security/nss/lib/softoken/padbuf.c77
-rw-r--r--security/nss/lib/softoken/pcert.h240
-rw-r--r--security/nss/lib/softoken/pcertdb.c5269
-rw-r--r--security/nss/lib/softoken/pcertt.h443
-rw-r--r--security/nss/lib/softoken/pk11db.c893
-rw-r--r--security/nss/lib/softoken/pk11pars.h852
-rw-r--r--security/nss/lib/softoken/pkcs11.c4723
-rw-r--r--security/nss/lib/softoken/pkcs11.h319
-rw-r--r--security/nss/lib/softoken/pkcs11c.c5265
-rw-r--r--security/nss/lib/softoken/pkcs11f.h934
-rw-r--r--security/nss/lib/softoken/pkcs11i.h689
-rw-r--r--security/nss/lib/softoken/pkcs11n.h228
-rw-r--r--security/nss/lib/softoken/pkcs11p.h51
-rw-r--r--security/nss/lib/softoken/pkcs11t.h1409
-rw-r--r--security/nss/lib/softoken/pkcs11u.c2841
-rw-r--r--security/nss/lib/softoken/pkcs11u.h49
-rw-r--r--security/nss/lib/softoken/rawhash.c135
-rw-r--r--security/nss/lib/softoken/rsawrapr.c865
-rw-r--r--security/nss/lib/softoken/softkver.c53
-rw-r--r--security/nss/lib/softoken/softoken.h157
-rw-r--r--security/nss/lib/softoken/softokn.def57
-rw-r--r--security/nss/lib/softoken/softokn.rc98
-rw-r--r--security/nss/lib/softoken/softoknt.h61
-rw-r--r--security/nss/lib/softoken/tlsprf.c334
-rw-r--r--security/nss/lib/ssl/Makefile87
-rw-r--r--security/nss/lib/ssl/authcert.c115
-rw-r--r--security/nss/lib/ssl/cmpcert.c120
-rw-r--r--security/nss/lib/ssl/config.mk81
-rw-r--r--security/nss/lib/ssl/emulate.c633
-rw-r--r--security/nss/lib/ssl/manifest.mn83
-rw-r--r--security/nss/lib/ssl/notes.txt161
-rw-r--r--security/nss/lib/ssl/nsskea.c75
-rw-r--r--security/nss/lib/ssl/os2_err.c310
-rw-r--r--security/nss/lib/ssl/os2_err.h83
-rw-r--r--security/nss/lib/ssl/preenc.h161
-rw-r--r--security/nss/lib/ssl/prelib.c251
-rw-r--r--security/nss/lib/ssl/ssl.def123
-rw-r--r--security/nss/lib/ssl/ssl.h456
-rw-r--r--security/nss/lib/ssl/ssl.rc98
-rw-r--r--security/nss/lib/ssl/ssl3con.c8856
-rw-r--r--security/nss/lib/ssl/ssl3gthr.c236
-rw-r--r--security/nss/lib/ssl/ssl3prot.h313
-rw-r--r--security/nss/lib/ssl/sslauth.c269
-rw-r--r--security/nss/lib/ssl/sslcon.c3782
-rw-r--r--security/nss/lib/ssl/ssldef.c249
-rw-r--r--security/nss/lib/ssl/sslenum.c131
-rw-r--r--security/nss/lib/ssl/sslerr.c71
-rw-r--r--security/nss/lib/ssl/sslerr.h188
-rw-r--r--security/nss/lib/ssl/sslgathr.c476
-rw-r--r--security/nss/lib/ssl/sslimpl.h1319
-rw-r--r--security/nss/lib/ssl/sslinfo.c226
-rw-r--r--security/nss/lib/ssl/sslmutex.c664
-rw-r--r--security/nss/lib/ssl/sslmutex.h149
-rw-r--r--security/nss/lib/ssl/sslnonce.c365
-rw-r--r--security/nss/lib/ssl/sslproto.h199
-rw-r--r--security/nss/lib/ssl/sslreveal.c97
-rw-r--r--security/nss/lib/ssl/sslsecur.c1283
-rw-r--r--security/nss/lib/ssl/sslsnce.c1645
-rw-r--r--security/nss/lib/ssl/sslsock.c1934
-rw-r--r--security/nss/lib/ssl/sslt.h173
-rw-r--r--security/nss/lib/ssl/ssltrace.c269
-rw-r--r--security/nss/lib/ssl/sslver.c53
-rw-r--r--security/nss/lib/ssl/unix_err.c547
-rw-r--r--security/nss/lib/ssl/unix_err.h87
-rw-r--r--security/nss/lib/ssl/win32err.c376
-rw-r--r--security/nss/lib/ssl/win32err.h81
-rw-r--r--security/nss/lib/util/Makefile88
-rw-r--r--security/nss/lib/util/base64.h71
-rw-r--r--security/nss/lib/util/ciferfam.h87
-rw-r--r--security/nss/lib/util/config.mk43
-rw-r--r--security/nss/lib/util/derdec.c552
-rw-r--r--security/nss/lib/util/derenc.c504
-rw-r--r--security/nss/lib/util/dersubr.c263
-rw-r--r--security/nss/lib/util/dertime.c336
-rw-r--r--security/nss/lib/util/manifest.mn93
-rw-r--r--security/nss/lib/util/nssb64.h124
-rw-r--r--security/nss/lib/util/nssb64d.c861
-rw-r--r--security/nss/lib/util/nssb64e.c762
-rw-r--r--security/nss/lib/util/nssb64t.h45
-rw-r--r--security/nss/lib/util/nssilckt.h220
-rw-r--r--security/nss/lib/util/nssilock.c519
-rw-r--r--security/nss/lib/util/nssilock.h316
-rw-r--r--security/nss/lib/util/nsslocks.c105
-rw-r--r--security/nss/lib/util/nsslocks.h67
-rw-r--r--security/nss/lib/util/nssrwlk.c509
-rw-r--r--security/nss/lib/util/nssrwlk.h160
-rw-r--r--security/nss/lib/util/nssrwlkt.h47
-rw-r--r--security/nss/lib/util/portreg.c317
-rw-r--r--security/nss/lib/util/portreg.h93
-rw-r--r--security/nss/lib/util/pqgutil.c267
-rw-r--r--security/nss/lib/util/pqgutil.h127
-rw-r--r--security/nss/lib/util/quickder.c904
-rw-r--r--security/nss/lib/util/ret_cr16.s54
-rw-r--r--security/nss/lib/util/secalgid.c179
-rw-r--r--security/nss/lib/util/secasn1.h289
-rw-r--r--security/nss/lib/util/secasn1d.c3031
-rw-r--r--security/nss/lib/util/secasn1e.c1568
-rw-r--r--security/nss/lib/util/secasn1t.h292
-rw-r--r--security/nss/lib/util/secasn1u.c106
-rw-r--r--security/nss/lib/util/seccomon.h110
-rw-r--r--security/nss/lib/util/secder.h197
-rw-r--r--security/nss/lib/util/secdert.h170
-rw-r--r--security/nss/lib/util/secdig.c235
-rw-r--r--security/nss/lib/util/secdig.h135
-rw-r--r--security/nss/lib/util/secdigt.h57
-rw-r--r--security/nss/lib/util/secerr.h197
-rw-r--r--security/nss/lib/util/secinit.c50
-rw-r--r--security/nss/lib/util/secitem.c284
-rw-r--r--security/nss/lib/util/secitem.h112
-rw-r--r--security/nss/lib/util/secoid.c1700
-rw-r--r--security/nss/lib/util/secoid.h120
-rw-r--r--security/nss/lib/util/secoidt.h415
-rw-r--r--security/nss/lib/util/secplcy.c114
-rw-r--r--security/nss/lib/util/secplcy.h133
-rw-r--r--security/nss/lib/util/secport.c581
-rw-r--r--security/nss/lib/util/secport.h283
-rw-r--r--security/nss/lib/util/sectime.c177
-rw-r--r--security/nss/lib/util/utf8.c2061
-rw-r--r--security/nss/lib/util/watcomfx.h59
-rw-r--r--security/nss/macbuild/LoadableRoots.mcp.exp1
-rw-r--r--security/nss/macbuild/LoadableRoots.xml2664
-rwxr-xr-xsecurity/nss/macbuild/NSS.Prefix3
-rw-r--r--security/nss/macbuild/NSS.xml4408
-rwxr-xr-xsecurity/nss/macbuild/NSSCommon.h6
-rwxr-xr-xsecurity/nss/macbuild/NSSDebug.Prefix3
-rw-r--r--security/nss/macbuild/NSSckfw.xml2232
-rw-r--r--security/nss/macbuild/Softoken.Prefix4
-rw-r--r--security/nss/macbuild/SoftokenCommon.h2
-rw-r--r--security/nss/macbuild/SoftokenDebug.Prefix4
-rw-r--r--security/nss/macbuild/crmf.xml2394
-rw-r--r--security/nss/macbuild/macstubs.c45
-rw-r--r--security/nss/macbuild/smime.xml3250
-rw-r--r--security/nss/macbuild/softoken.xml3464
-rw-r--r--security/nss/macbuild/ssl.xml2816
-rw-r--r--security/nss/macbuild/util.xml2614
-rw-r--r--security/nss/makefile.win100
-rw-r--r--security/nss/manifest.mn44
-rw-r--r--security/nss/pkg/Makefile55
-rw-r--r--security/nss/pkg/linux/Makefile59
-rw-r--r--security/nss/pkg/linux/sun-nss.spec41
-rw-r--r--security/nss/pkg/solaris/Makefile56
-rw-r--r--security/nss/pkg/solaris/Makefile.com33
-rw-r--r--security/nss/pkg/solaris/Makefile.targ26
-rw-r--r--security/nss/pkg/solaris/SUNWtls/Makefile16
-rw-r--r--security/nss/pkg/solaris/SUNWtls/pkgdepend28
-rw-r--r--security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl34
-rw-r--r--security/nss/pkg/solaris/SUNWtls/prototype_com34
-rw-r--r--security/nss/pkg/solaris/SUNWtls/prototype_i38630
-rw-r--r--security/nss/pkg/solaris/SUNWtls/prototype_sparc34
-rw-r--r--security/nss/pkg/solaris/SUNWtlsx/Makefile16
-rw-r--r--security/nss/pkg/solaris/SUNWtlsx/pkgdepend31
-rw-r--r--security/nss/pkg/solaris/SUNWtlsx/pkginfo.tmpl35
-rw-r--r--security/nss/pkg/solaris/SUNWtlsx/prototype_com28
-rw-r--r--security/nss/pkg/solaris/SUNWtlsx/prototype_sparc38
-rw-r--r--security/nss/pkg/solaris/bld_awk_pkginfo.ksh105
-rw-r--r--security/nss/pkg/solaris/common_files/copyright28
-rw-r--r--security/nss/relnotes.txt284
-rwxr-xr-xsecurity/nss/tests/all.sh101
-rwxr-xr-xsecurity/nss/tests/cert/cert.sh654
-rwxr-xr-xsecurity/nss/tests/cipher/cipher.sh115
-rw-r--r--security/nss/tests/cipher/cipher.txt35
-rw-r--r--security/nss/tests/cipher/dsa.txt8
-rw-r--r--security/nss/tests/cipher/hash.txt8
-rwxr-xr-xsecurity/nss/tests/cipher/performance.sh144
-rw-r--r--security/nss/tests/cipher/rsa.txt8
-rw-r--r--security/nss/tests/cipher/symmkey.txt19
-rwxr-xr-xsecurity/nss/tests/clean_tbx172
-rw-r--r--security/nss/tests/cmdtests/cmdtests.sh132
-rw-r--r--security/nss/tests/common/Makefile49
-rwxr-xr-xsecurity/nss/tests/common/cleanup.sh48
-rw-r--r--security/nss/tests/common/init.sh459
-rw-r--r--security/nss/tests/common/results_header.html6
-rwxr-xr-xsecurity/nss/tests/core_watch45
-rwxr-xr-xsecurity/nss/tests/dbtests/dbtests.sh232
-rwxr-xr-xsecurity/nss/tests/dll_version.sh50
-rw-r--r--security/nss/tests/doc/clean.gifbin5503 -> 0 bytes
-rwxr-xr-xsecurity/nss/tests/doc/nssqa.txt108
-rw-r--r--security/nss/tests/doc/platform_specific_problems110
-rwxr-xr-xsecurity/nss/tests/doc/qa_wrapper.html269
-rwxr-xr-xsecurity/nss/tests/fips/fips.sh216
-rw-r--r--security/nss/tests/header1624
-rwxr-xr-xsecurity/nss/tests/jss_dll_version.sh22
-rwxr-xr-xsecurity/nss/tests/jssdir28
-rwxr-xr-xsecurity/nss/tests/jssqa220
-rwxr-xr-xsecurity/nss/tests/mksymlinks115
-rwxr-xr-xsecurity/nss/tests/nssdir28
-rwxr-xr-xsecurity/nss/tests/nsspath12
-rwxr-xr-xsecurity/nss/tests/nssqa283
-rwxr-xr-xsecurity/nss/tests/path_uniq107
-rwxr-xr-xsecurity/nss/tests/perf/perf.sh87
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/Makefile76
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/config.mk42
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/manifest.mn37
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/Makefile75
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/config.mk54
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/manifest.mn40
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile76
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk57
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn46
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c1360
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h111
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp50
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h190
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg960
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep157
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk34
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile77
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/README11
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.dbbin90112 -> 0 bytes
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk61
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.dbbin16384 -> 0 bytes
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn53
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg49194
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c293
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h96
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c105
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h127
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c1183
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h238
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp136
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep417
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/.cvsignore6
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/Makefile.in175
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/README.txt56
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/acconfig.h36
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/config.h.in28
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/trivial/configure1906
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/configure.in180
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/trivial/install-sh251
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/trivial.c1313
-rw-r--r--security/nss/tests/platformlist13
-rw-r--r--security/nss/tests/platformlist.tbx14
-rwxr-xr-xsecurity/nss/tests/qa_stage336
-rwxr-xr-xsecurity/nss/tests/qa_stat936
-rwxr-xr-xsecurity/nss/tests/qaclean144
-rwxr-xr-xsecurity/nss/tests/sdr/sdr.sh127
-rw-r--r--security/nss/tests/set_environment234
-rw-r--r--security/nss/tests/smime/alice.txt6
-rw-r--r--security/nss/tests/smime/bob.txt6
-rwxr-xr-xsecurity/nss/tests/smime/smime.sh251
-rwxr-xr-xsecurity/nss/tests/ssl/ssl.sh342
-rwxr-xr-xsecurity/nss/tests/ssl/ssl_dist_stress.sh344
-rw-r--r--security/nss/tests/ssl/sslauth.txt31
-rw-r--r--security/nss/tests/ssl/sslcov.txt48
-rw-r--r--security/nss/tests/ssl/sslreq.txt3
-rw-r--r--security/nss/tests/ssl/sslstress.txt14
-rw-r--r--security/nss/tests/tools/sign.html5
-rw-r--r--security/nss/tests/tools/signjs.html8
-rw-r--r--security/nss/tests/tools/tools.sh189
-rwxr-xr-xsecurity/nss/trademarks.txt130
1603 files changed, 0 insertions, 632086 deletions
diff --git a/dbm/.cvsignore b/dbm/.cvsignore
deleted file mode 100644
index f3c7a7c5d..000000000
--- a/dbm/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/Makefile.in b/dbm/Makefile.in
deleted file mode 100644
index 13779b989..000000000
--- a/dbm/Makefile.in
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-
-DEPTH = ..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-DIRS = include src
-
-ifdef ENABLE_TESTS
-DIRS += tests
-endif
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/include/.cvsignore b/dbm/include/.cvsignore
deleted file mode 100644
index f3c7a7c5d..000000000
--- a/dbm/include/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/include/MANIFEST b/dbm/include/MANIFEST
deleted file mode 100644
index 5626a3e87..000000000
--- a/dbm/include/MANIFEST
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# This is a list of local files which get copied to the mozilla:dist directory
-#
-
-cdefs.h
-extern.h
-hash.h
-hsearch.h
-mcom_db.h
-mpool.h
-ncompat.h
-ndbm.h
-nsres.h
-page.h
-queue.h
-search.h
-watcomfx.h
diff --git a/dbm/include/Makefile.in b/dbm/include/Makefile.in
deleted file mode 100644
index 86fb8f157..000000000
--- a/dbm/include/Makefile.in
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-
-DEPTH = ../..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE = dbm
-
-EXPORTS = \
- nsres.h \
- cdefs.h \
- mcom_db.h \
- ncompat.h \
- winfile.h \
- $(NULL)
-
-EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))
-
-PRIVATE_EXPORTS = \
- hsearch.h \
- page.h \
- extern.h \
- ndbm.h \
- queue.h \
- hash.h \
- mpool.h \
- search.h \
- $(NULL)
-
-PRIVATE_EXPORTS := $(addprefix $(srcdir)/, $(PRIVATE_EXPORTS))
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/include/Makefile.win b/dbm/include/Makefile.win
deleted file mode 100644
index 07fba1859..000000000
--- a/dbm/include/Makefile.win
+++ /dev/null
@@ -1,60 +0,0 @@
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-
-
-#//------------------------------------------------------------------------
-#//
-#// Makefile to build the cert library
-#//
-#//------------------------------------------------------------------------
-
-!if "$(MOZ_BITS)" == "16"
-!ifndef MOZ_DEBUG
-OPTIMIZER=-Os -UDEBUG -DNDEBUG
-!endif
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..
-
-!ifndef MAKE_OBJ_TYPE
-MAKE_OBJ_TYPE=EXE
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// install headers
-#//
-#//------------------------------------------------------------------------
-EXPORTS=nsres.h cdefs.h mcom_db.h ncompat.h winfile.h
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/config/rules.mak>
-
-CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT
-
diff --git a/dbm/include/cdefs.h b/dbm/include/cdefs.h
deleted file mode 100644
index 63c2f624a..000000000
--- a/dbm/include/cdefs.h
+++ /dev/null
@@ -1,165 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: NPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Netscape Public License
- * Version 1.1 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the NPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the NPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Berkeley Software Design, Inc.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)cdefs.h 8.7 (Berkeley) 1/21/94
- */
-
-#ifndef _CDEFS_H_
-#define _CDEFS_H_
-
-#if defined(__cplusplus)
-#define __BEGIN_DECLS extern "C" {
-#define __END_DECLS }
-#else
-#define __BEGIN_DECLS
-#define __END_DECLS
-#endif
-
-/*
- * The __CONCAT macro is used to concatenate parts of symbol names, e.g.
- * with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo.
- * The __CONCAT macro is a bit tricky -- make sure you don't put spaces
- * in between its arguments. __CONCAT can also concatenate double-quoted
- * strings produced by the __STRING macro, but this only works with ANSI C.
- */
-#if defined(__STDC__) || defined(__cplusplus) || defined(_WINDOWS) || defined(XP_OS2)
-#define __P(protos) protos /* full-blown ANSI C */
-#define __CONCAT(x,y) x ## y
-#define __STRING(x) #x
-
-/* On HP-UX 11.00, <sys/stdsyms.h> defines __const. */
-#ifndef __const
-#define __const const /* define reserved names to standard */
-#endif /* __const */
-#define __signed signed
-#define __volatile volatile
-#ifndef _WINDOWS
-#if defined(__cplusplus)
-#define __inline inline /* convert to C++ keyword */
-#else
-#if !defined(__GNUC__) && !defined(__MWERKS__)
-#define __inline /* delete GCC keyword */
-#endif /* !__GNUC__ */
-#endif /* !__cplusplus */
-#endif /* !_WINDOWS */
-
-#else /* !(__STDC__ || __cplusplus) */
-#define __P(protos) () /* traditional C preprocessor */
-#define __CONCAT(x,y) x/**/y
-#define __STRING(x) "x"
-
-#ifndef __GNUC__
-#define __const /* delete pseudo-ANSI C keywords */
-#define __inline
-#define __signed
-#define __volatile
-/*
- * In non-ANSI C environments, new programs will want ANSI-only C keywords
- * deleted from the program and old programs will want them left alone.
- * When using a compiler other than gcc, programs using the ANSI C keywords
- * const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS.
- * When using "gcc -traditional", we assume that this is the intent; if
- * __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone.
- */
-#ifndef NO_ANSI_KEYWORDS
-#define const /* delete ANSI C keywords */
-#define inline
-#define signed
-#define volatile
-#endif
-#endif /* !__GNUC__ */
-#endif /* !(__STDC__ || __cplusplus) */
-
-/*
- * GCC1 and some versions of GCC2 declare dead (non-returning) and
- * pure (no side effects) functions using "volatile" and "const";
- * unfortunately, these then cause warnings under "-ansi -pedantic".
- * GCC2 uses a new, peculiar __attribute__((attrs)) style. All of
- * these work for GNU C++ (modulo a slight glitch in the C++ grammar
- * in the distribution version of 2.5.5).
- */
-#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5
-#define __attribute__(x) /* delete __attribute__ if non-gcc or gcc1 */
-#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
-#define __dead __volatile
-#define __pure __const
-#endif
-#endif
-
-/* Delete pseudo-keywords wherever they are not available or needed. */
-#ifndef __dead
-#define __dead
-#define __pure
-#endif
-
-#endif /* !_CDEFS_H_ */
diff --git a/dbm/include/extern.h b/dbm/include/extern.h
deleted file mode 100644
index 8eabc81fe..000000000
--- a/dbm/include/extern.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)extern.h 8.4 (Berkeley) 6/16/94
- */
-
-BUFHEAD *__add_ovflpage (HTAB *, BUFHEAD *);
-int __addel (HTAB *, BUFHEAD *, const DBT *, const DBT *);
-int __big_delete (HTAB *, BUFHEAD *);
-int __big_insert (HTAB *, BUFHEAD *, const DBT *, const DBT *);
-int __big_keydata (HTAB *, BUFHEAD *, DBT *, DBT *, int);
-int __big_return (HTAB *, BUFHEAD *, int, DBT *, int);
-int __big_split (HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *,
- uint32, uint32, SPLIT_RETURN *);
-int __buf_free (HTAB *, int, int);
-void __buf_init (HTAB *, int);
-uint32 __call_hash (HTAB *, char *, size_t);
-int __delpair (HTAB *, BUFHEAD *, int);
-int __expand_table (HTAB *);
-int __find_bigpair (HTAB *, BUFHEAD *, int, char *, int);
-uint16 __find_last_page (HTAB *, BUFHEAD **);
-void __free_ovflpage (HTAB *, BUFHEAD *);
-BUFHEAD *__get_buf (HTAB *, uint32, BUFHEAD *, int);
-int __get_page (HTAB *, char *, uint32, int, int, int);
-int __ibitmap (HTAB *, int, int, int);
-uint32 __log2 (uint32);
-int __put_page (HTAB *, char *, uint32, int, int);
-void __reclaim_buf (HTAB *, BUFHEAD *);
-int __split_page (HTAB *, uint32, uint32);
-
-/* Default hash routine. */
-extern uint32 (*__default_hash) (const void *, size_t);
-
-#ifdef HASH_STATISTICS
-extern int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
-#endif
diff --git a/dbm/include/hash.h b/dbm/include/hash.h
deleted file mode 100644
index 454a8ec42..000000000
--- a/dbm/include/hash.h
+++ /dev/null
@@ -1,337 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)hash.h 8.3 (Berkeley) 5/31/94
- */
-
-/* Operations */
-
-#include <stdio.h>
-#include "mcom_db.h"
-typedef enum {
- HASH_GET, HASH_PUT, HASH_PUTNEW, HASH_DELETE, HASH_FIRST, HASH_NEXT
-} ACTION;
-
-/* Buffer Management structures */
-typedef struct _bufhead BUFHEAD;
-
-struct _bufhead {
- BUFHEAD *prev; /* LRU links */
- BUFHEAD *next; /* LRU links */
- BUFHEAD *ovfl; /* Overflow page buffer header */
- uint32 addr; /* Address of this page */
- char *page; /* Actual page data */
- char is_disk;
- char flags;
-#define BUF_MOD 0x0001
-#define BUF_DISK 0x0002
-#define BUF_BUCKET 0x0004
-#define BUF_PIN 0x0008
-};
-
-#define IS_BUCKET(X) ((X) & BUF_BUCKET)
-
-typedef BUFHEAD **SEGMENT;
-
-typedef int DBFILE_PTR;
-#define NO_FILE -1
-#ifdef macintosh
-#define DBFILE_OPEN(path, flag,mode) open((path), flag)
-#define EXISTS(path)
-#else
-#define DBFILE_OPEN(path, flag,mode) open((path), (flag), (mode))
-#endif
-/* Hash Table Information */
-typedef struct hashhdr { /* Disk resident portion */
- int32 magic; /* Magic NO for hash tables */
- int32 version; /* Version ID */
- uint32 lorder; /* Byte Order */
- int32 bsize; /* Bucket/Page Size */
- int32 bshift; /* Bucket shift */
- int32 dsize; /* Directory Size */
- int32 ssize; /* Segment Size */
- int32 sshift; /* Segment shift */
- int32 ovfl_point; /* Where overflow pages are being
- * allocated */
- int32 last_freed; /* Last overflow page freed */
- int32 max_bucket; /* ID of Maximum bucket in use */
- int32 high_mask; /* Mask to modulo into entire table */
- int32 low_mask; /* Mask to modulo into lower half of
- * table */
- int32 ffactor; /* Fill factor */
- int32 nkeys; /* Number of keys in hash table */
- int32 hdrpages; /* Size of table header */
- uint32 h_charkey; /* value of hash(CHARKEY) */
-#define NCACHED 32 /* number of bit maps and spare
- * points */
- int32 spares[NCACHED];/* spare pages for overflow */
- uint16 bitmaps[NCACHED]; /* address of overflow page
- * bitmaps */
-} HASHHDR;
-
-typedef struct htab { /* Memory resident data structure */
- HASHHDR hdr; /* Header */
- int nsegs; /* Number of allocated segments */
- int exsegs; /* Number of extra allocated
- * segments */
- uint32 /* Hash function */
- (*hash)(const void *, size_t);
- int flags; /* Flag values */
- DBFILE_PTR fp; /* File pointer */
- char *filename;
- char *tmp_buf; /* Temporary Buffer for BIG data */
- char *tmp_key; /* Temporary Buffer for BIG keys */
- BUFHEAD *cpage; /* Current page */
- int cbucket; /* Current bucket */
- int cndx; /* Index of next item on cpage */
- int dbmerrno; /* Error Number -- for DBM
- * compatability */
- int new_file; /* Indicates if fd is backing store
- * or no */
- int save_file; /* Indicates whether we need to flush
- * file at
- * exit */
- uint32 *mapp[NCACHED]; /* Pointers to page maps */
- int nmaps; /* Initial number of bitmaps */
- int nbufs; /* Number of buffers left to
- * allocate */
- BUFHEAD bufhead; /* Header of buffer lru list */
- SEGMENT *dir; /* Hash Bucket directory */
- off_t file_size; /* in bytes */
- char is_temp; /* unlink file on close */
- char updateEOF; /* force EOF update on flush */
-} HTAB;
-
-/*
- * Constants
- */
-#define DATABASE_CORRUPTED_ERROR -999 /* big ugly abort, delete database */
-#define OLD_MAX_BSIZE 65536 /* 2^16 */
-#define MAX_BSIZE 32l*1024l /* 2^15 */
-#define MIN_BUFFERS 6
-#define MINHDRSIZE 512
-#define DEF_BUFSIZE 65536l /* 64 K */
-#define DEF_BUCKET_SIZE 4096
-#define DEF_BUCKET_SHIFT 12 /* log2(BUCKET) */
-#define DEF_SEGSIZE 256
-#define DEF_SEGSIZE_SHIFT 8 /* log2(SEGSIZE) */
-#define DEF_DIRSIZE 256
-#define DEF_FFACTOR 65536l
-#define MIN_FFACTOR 4
-#define SPLTMAX 8
-#define CHARKEY "%$sniglet^&"
-#define NUMKEY 1038583l
-#define BYTE_SHIFT 3
-#define INT_TO_BYTE 2
-#define INT_BYTE_SHIFT 5
-#define ALL_SET ((uint32)0xFFFFFFFF)
-#define ALL_CLEAR 0
-
-#define PTROF(X) ((ptrdiff_t)(X) == BUF_DISK ? 0 : (X))
-#define ISDISK(X) ((X) ? ((ptrdiff_t)(X) == BUF_DISK ? BUF_DISK \
- : (X)->is_disk) : 0)
-
-#define BITS_PER_MAP 32
-
-/* Given the address of the beginning of a big map, clear/set the nth bit */
-#define CLRBIT(A, N) ((A)[(N)/BITS_PER_MAP] &= ~(1<<((N)%BITS_PER_MAP)))
-#define SETBIT(A, N) ((A)[(N)/BITS_PER_MAP] |= (1<<((N)%BITS_PER_MAP)))
-#define ISSET(A, N) ((A)[(N)/BITS_PER_MAP] & (1<<((N)%BITS_PER_MAP)))
-
-/* Overflow management */
-/*
- * Overflow page numbers are allocated per split point. At each doubling of
- * the table, we can allocate extra pages. So, an overflow page number has
- * the top 5 bits indicate which split point and the lower 11 bits indicate
- * which page at that split point is indicated (pages within split points are
- * numberered starting with 1).
- */
-
-#define SPLITSHIFT 11
-#define SPLITMASK 0x7FF
-#define SPLITNUM(N) (((uint32)(N)) >> SPLITSHIFT)
-#define OPAGENUM(N) ((N) & SPLITMASK)
-#define OADDR_OF(S,O) ((uint32)((uint32)(S) << SPLITSHIFT) + (O))
-
-#define BUCKET_TO_PAGE(B) \
- (B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[__log2((uint32)((B)+1))-1] : 0)
-#define OADDR_TO_PAGE(B) \
- BUCKET_TO_PAGE ( (1 << SPLITNUM((B))) -1 ) + OPAGENUM((B));
-
-/*
- * page.h contains a detailed description of the page format.
- *
- * Normally, keys and data are accessed from offset tables in the top of
- * each page which point to the beginning of the key and data. There are
- * four flag values which may be stored in these offset tables which indicate
- * the following:
- *
- *
- * OVFLPAGE Rather than a key data pair, this pair contains
- * the address of an overflow page. The format of
- * the pair is:
- * OVERFLOW_PAGE_NUMBER OVFLPAGE
- *
- * PARTIAL_KEY This must be the first key/data pair on a page
- * and implies that page contains only a partial key.
- * That is, the key is too big to fit on a single page
- * so it starts on this page and continues on the next.
- * The format of the page is:
- * KEY_OFF PARTIAL_KEY OVFL_PAGENO OVFLPAGE
- *
- * KEY_OFF -- offset of the beginning of the key
- * PARTIAL_KEY -- 1
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * FULL_KEY This must be the first key/data pair on the page. It
- * is used in two cases.
- *
- * Case 1:
- * There is a complete key on the page but no data
- * (because it wouldn't fit). The next page contains
- * the data.
- *
- * Page format it:
- * KEY_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
- *
- * KEY_OFF -- offset of the beginning of the key
- * FULL_KEY -- 2
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * Case 2:
- * This page contains no key, but part of a large
- * data field, which is continued on the next page.
- *
- * Page format it:
- * DATA_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
- *
- * KEY_OFF -- offset of the beginning of the data on
- * this page
- * FULL_KEY -- 2
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * FULL_KEY_DATA
- * This must be the first key/data pair on the page.
- * There are two cases:
- *
- * Case 1:
- * This page contains a key and the beginning of the
- * data field, but the data field is continued on the
- * next page.
- *
- * Page format is:
- * KEY_OFF FULL_KEY_DATA OVFL_PAGENO DATA_OFF
- *
- * KEY_OFF -- offset of the beginning of the key
- * FULL_KEY_DATA -- 3
- * OVFL_PAGENO - page number of the next overflow page
- * DATA_OFF -- offset of the beginning of the data
- *
- * Case 2:
- * This page contains the last page of a big data pair.
- * There is no key, only the tail end of the data
- * on this page.
- *
- * Page format is:
- * DATA_OFF FULL_KEY_DATA <OVFL_PAGENO> <OVFLPAGE>
- *
- * DATA_OFF -- offset of the beginning of the data on
- * this page
- * FULL_KEY_DATA -- 3
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * OVFL_PAGENO and OVFLPAGE are optional (they are
- * not present if there is no next page).
- */
-
-#define OVFLPAGE 0
-#define PARTIAL_KEY 1
-#define FULL_KEY 2
-#define FULL_KEY_DATA 3
-#define REAL_KEY 4
-
-/* Short hands for accessing structure */
-#undef BSIZE
-#define BSIZE hdr.bsize
-#undef BSHIFT
-#define BSHIFT hdr.bshift
-#define DSIZE hdr.dsize
-#define SGSIZE hdr.ssize
-#define SSHIFT hdr.sshift
-#define LORDER hdr.lorder
-#define OVFL_POINT hdr.ovfl_point
-#define LAST_FREED hdr.last_freed
-#define MAX_BUCKET hdr.max_bucket
-#define FFACTOR hdr.ffactor
-#define HIGH_MASK hdr.high_mask
-#define LOW_MASK hdr.low_mask
-#define NKEYS hdr.nkeys
-#define HDRPAGES hdr.hdrpages
-#define SPARES hdr.spares
-#define BITMAPS hdr.bitmaps
-#define VERSION hdr.version
-#define MAGIC hdr.magic
-#define NEXT_FREE hdr.next_free
-#define H_CHARKEY hdr.h_charkey
-
-extern uint32 (*__default_hash) (const void *, size_t);
-void __buf_init(HTAB *hashp, int32 nbytes);
-int __big_delete(HTAB *hashp, BUFHEAD *bufp);
-BUFHEAD * __get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage);
-uint32 __call_hash(HTAB *hashp, char *k, size_t len);
-#include "page.h"
-extern int __big_split(HTAB *hashp, BUFHEAD *op,BUFHEAD *np,
-BUFHEAD *big_keyp,uint32 addr,uint32 obucket, SPLIT_RETURN *ret);
-void __free_ovflpage(HTAB *hashp, BUFHEAD *obufp);
-BUFHEAD * __add_ovflpage(HTAB *hashp, BUFHEAD *bufp);
-int __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val);
-int __expand_table(HTAB *hashp);
-uint32 __log2(uint32 num);
-void __reclaim_buf(HTAB *hashp, BUFHEAD *bp);
-int __get_page(HTAB *hashp, char * p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap);
-int __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap);
-int __ibitmap(HTAB *hashp, int pnum, int nbits, int ndx);
-int __buf_free(HTAB *hashp, int do_free, int to_disk);
-int __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size);
-uint16 __find_last_page(HTAB *hashp, BUFHEAD **bpp);
-int __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val);
-int __big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current);
-int __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx);
-int __big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set);
-int __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket);
diff --git a/dbm/include/hsearch.h b/dbm/include/hsearch.h
deleted file mode 100644
index ff58b1c15..000000000
--- a/dbm/include/hsearch.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)search.h 8.1 (Berkeley) 6/4/93
- */
-
-/* Backward compatibility to hsearch interface. */
-typedef struct entry {
- char *key;
- char *data;
-} ENTRY;
-
-typedef enum {
- FIND, ENTER
-} ACTION;
-
-int hcreate (unsigned int);
-void hdestroy (void);
-ENTRY *hsearch (ENTRY, ACTION);
diff --git a/dbm/include/mcom_db.h b/dbm/include/mcom_db.h
deleted file mode 100644
index 43d21ad9c..000000000
--- a/dbm/include/mcom_db.h
+++ /dev/null
@@ -1,458 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: NPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Netscape Public License
- * Version 1.1 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the NPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the NPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)db.h 8.7 (Berkeley) 6/16/94
- */
-
-#ifndef _DB_H_
-#define _DB_H_
-
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-#include "prtypes.h"
-
-#include <limits.h>
-
-#ifdef __DBINTERFACE_PRIVATE
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#else
-#include "cdefs.h"
-#endif
-
-#ifdef HAVE_SYS_BYTEORDER_H
-#include <sys/byteorder.h>
-#endif
-
-#if defined(__linux) || defined(__BEOS__)
-#include <endian.h>
-#ifndef BYTE_ORDER
-#define BYTE_ORDER __BYTE_ORDER
-#define BIG_ENDIAN __BIG_ENDIAN
-#define LITTLE_ENDIAN __LITTLE_ENDIAN
-#endif
-#endif /* __linux */
-
-#ifdef __sgi
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-#endif
-
-#ifdef __sun
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-
-#ifndef __SVR4
-/* compat.h is only in 4.1.3 machines. - dp */
-#include <compat.h>
-#endif
-
-/* XXX - dp
- * Need to find a general way of defining endian-ness in SunOS 5.3
- * SunOS 5.4 defines _BIG_ENDIAN and _LITTLE_ENDIAN
- * SunOS 5.3 does nothing like this.
- */
-
-#ifndef BYTE_ORDER
-
-#if defined(_BIG_ENDIAN)
-#define BYTE_ORDER BIG_ENDIAN
-#elif defined(_LITTLE_ENDIAN)
-#define BYTE_ORDER LITTLE_ENDIAN
-#elif !defined(__SVR4)
-/* 4.1.3 is always BIG_ENDIAN as it was released only on sparc platforms. */
-#define BYTE_ORDER BIG_ENDIAN
-#elif !defined(vax) && !defined(ntohl) && !defined(lint) && !defined(i386)
-/* 5.3 big endian. Copied this above line from sys/byteorder.h */
-/* Now we are in a 5.3 SunOS rather non 5.4 or above SunOS */
-#define BYTE_ORDER BIG_ENDIAN
-#else
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif
-
-#endif /* !BYTE_ORDER */
-#endif /* __sun */
-
-#if defined(__hpux) || defined(__hppa)
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-#endif
-
-#if defined(AIXV3) || defined(AIX)
-/* BYTE_ORDER, LITTLE_ENDIAN, BIG_ENDIAN are all defined here */
-#include <sys/machine.h>
-#endif
-
-/* Digital Unix */
-#ifdef __osf__
-#include <machine/endian.h>
-#endif
-
-#ifdef __alpha
-#ifndef WIN32
-#else
-/* Alpha NT */
-#define BYTE_ORDER LITTLE_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#endif
-#endif
-
-#ifdef NCR
-#include <sys/endian.h>
-#endif
-
-#ifdef __QNX__
-#ifdef __QNXNTO__
-#include <sys/param.h>
-#else
-#define LITTLE_ENDIAN 1234
-#define BIG_ENDIAN 4321
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif
-#endif
-
-#ifdef SNI
-/* #include <sys/hetero.h> */
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#endif
-
-#if defined(_WINDOWS) || defined(XP_OS2)
-#ifdef BYTE_ORDER
-#undef BYTE_ORDER
-#endif
-
-#define BYTE_ORDER LITTLE_ENDIAN
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-#define BIG_ENDIAN 4321
-#endif
-
-#ifdef macintosh
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#define BYTE_ORDER BIG_ENDIAN
-#endif
-
-#endif /* __DBINTERFACE_PRIVATE */
-
-#ifdef SCO
-#define MAXPATHLEN 1024
-#endif
-
-#include <fcntl.h>
-
-#if defined(_WINDOWS) || defined(XP_OS2)
-#include <stdio.h>
-#include <io.h>
-
-#ifndef XP_OS2
-#define MAXPATHLEN 1024
-#endif
-
-#ifdef XP_OS2_VACPP
-#include <os2.h>
-#define MAXPATHLEN CCHMAXPATH
-#define EPERM EINVAL
-#define ENOTDIR EBADPOS
-#define S_ISDIR(s) ((s) & S_IFDIR)
-#endif
-
-#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
-
-#ifndef STDERR_FILENO
-#define STDIN_FILENO 0 /* ANSI C #defines */
-#define STDOUT_FILENO 1
-#define STDERR_FILENO 2
-#endif
-
-#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */
-#define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR)
-#endif
-#endif
-
-#ifdef macintosh
-#include <stdio.h>
-#include "xp_mcom.h"
-#define O_ACCMODE 3 /* Mask for file access modes */
-#define EFTYPE 2000
-PR_BEGIN_EXTERN_C
-int mkstemp(const char *path);
-PR_END_EXTERN_C
-#endif /* MACINTOSH */
-
-#if !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2)
-#include <sys/stat.h>
-#include <errno.h>
-#endif
-
-/* define EFTYPE since most don't */
-#ifndef EFTYPE
-#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
-#endif
-
-#define RET_ERROR -1 /* Return values. */
-#define RET_SUCCESS 0
-#define RET_SPECIAL 1
-
-#define MAX_PAGE_NUMBER 0xffffffff /* >= # of pages in a file */
-
-#ifndef __sgi
-typedef uint32 pgno_t;
-#endif
-
-#define MAX_PAGE_OFFSET 65535 /* >= # of bytes in a page */
-typedef uint16 indx_t;
-#define MAX_REC_NUMBER 0xffffffff /* >= # of records in a tree */
-typedef uint32 recno_t;
-
-/* Key/data structure -- a Data-Base Thang. */
-typedef struct {
- void *data; /* data */
- size_t size; /* data length */
-} DBT;
-
-/* Routine flags. */
-#define R_CURSOR 1 /* del, put, seq */
-#define __R_UNUSED 2 /* UNUSED */
-#define R_FIRST 3 /* seq */
-#define R_IAFTER 4 /* put (RECNO) */
-#define R_IBEFORE 5 /* put (RECNO) */
-#define R_LAST 6 /* seq (BTREE, RECNO) */
-#define R_NEXT 7 /* seq */
-#define R_NOOVERWRITE 8 /* put */
-#define R_PREV 9 /* seq (BTREE, RECNO) */
-#define R_SETCURSOR 10 /* put (RECNO) */
-#define R_RECNOSYNC 11 /* sync (RECNO) */
-
-typedef enum { DB_BTREE, DB_HASH, DB_RECNO } DBTYPE;
-
-typedef enum { LockOutDatabase, UnlockDatabase } DBLockFlagEnum;
-
-/*
- * !!!
- * The following flags are included in the dbopen(3) call as part of the
- * open(2) flags. In order to avoid conflicts with the open flags, start
- * at the top of the 16 or 32-bit number space and work our way down. If
- * the open flags were significantly expanded in the future, it could be
- * a problem. Wish I'd left another flags word in the dbopen call.
- *
- * !!!
- * None of this stuff is implemented yet. The only reason that it's here
- * is so that the access methods can skip copying the key/data pair when
- * the DB_LOCK flag isn't set.
- */
-#if UINT_MAX > 65535
-#define DB_LOCK 0x20000000 /* Do locking. */
-#define DB_SHMEM 0x40000000 /* Use shared memory. */
-#define DB_TXN 0x80000000 /* Do transactions. */
-#else
-#define DB_LOCK 0x2000 /* Do locking. */
-#define DB_SHMEM 0x4000 /* Use shared memory. */
-#define DB_TXN 0x8000 /* Do transactions. */
-#endif
-
-/* Access method description structure. */
-typedef struct __db {
- DBTYPE type; /* Underlying db type. */
- int (*close) (struct __db *);
- int (*del) (const struct __db *, const DBT *, uint);
- int (*get) (const struct __db *, const DBT *, DBT *, uint);
- int (*put) (const struct __db *, DBT *, const DBT *, uint);
- int (*seq) (const struct __db *, DBT *, DBT *, uint);
- int (*sync) (const struct __db *, uint);
- void *internal; /* Access method private. */
- int (*fd) (const struct __db *);
-} DB;
-
-#define BTREEMAGIC 0x053162
-#define BTREEVERSION 3
-
-/* Structure used to pass parameters to the btree routines. */
-typedef struct {
-#define R_DUP 0x01 /* duplicate keys */
- uint32 flags;
- uint cachesize; /* bytes to cache */
- int maxkeypage; /* maximum keys per page */
- int minkeypage; /* minimum keys per page */
- uint psize; /* page size */
- int (*compare) /* comparison function */
- (const DBT *, const DBT *);
- size_t (*prefix) /* prefix function */
- (const DBT *, const DBT *);
- int lorder; /* byte order */
-} BTREEINFO;
-
-#define HASHMAGIC 0x061561
-#define HASHVERSION 2
-
-/* Structure used to pass parameters to the hashing routines. */
-typedef struct {
- uint bsize; /* bucket size */
- uint ffactor; /* fill factor */
- uint nelem; /* number of elements */
- uint cachesize; /* bytes to cache */
- uint32 /* hash function */
- (*hash) (const void *, size_t);
- int lorder; /* byte order */
-} HASHINFO;
-
-/* Structure used to pass parameters to the record routines. */
-typedef struct {
-#define R_FIXEDLEN 0x01 /* fixed-length records */
-#define R_NOKEY 0x02 /* key not required */
-#define R_SNAPSHOT 0x04 /* snapshot the input */
- uint32 flags;
- uint cachesize; /* bytes to cache */
- uint psize; /* page size */
- int lorder; /* byte order */
- size_t reclen; /* record length (fixed-length records) */
- uint8 bval; /* delimiting byte (variable-length records */
- char *bfname; /* btree file name */
-} RECNOINFO;
-
-#ifdef __DBINTERFACE_PRIVATE
-/*
- * Little endian <==> big endian 32-bit swap macros.
- * M_32_SWAP swap a memory location
- * P_32_SWAP swap a referenced memory location
- * P_32_COPY swap from one location to another
- */
-#define M_32_SWAP(a) { \
- uint32 _tmp = a; \
- ((char *)&a)[0] = ((char *)&_tmp)[3]; \
- ((char *)&a)[1] = ((char *)&_tmp)[2]; \
- ((char *)&a)[2] = ((char *)&_tmp)[1]; \
- ((char *)&a)[3] = ((char *)&_tmp)[0]; \
-}
-#define P_32_SWAP(a) { \
- uint32 _tmp = *(uint32 *)a; \
- ((char *)a)[0] = ((char *)&_tmp)[3]; \
- ((char *)a)[1] = ((char *)&_tmp)[2]; \
- ((char *)a)[2] = ((char *)&_tmp)[1]; \
- ((char *)a)[3] = ((char *)&_tmp)[0]; \
-}
-#define P_32_COPY(a, b) { \
- ((char *)&(b))[0] = ((char *)&(a))[3]; \
- ((char *)&(b))[1] = ((char *)&(a))[2]; \
- ((char *)&(b))[2] = ((char *)&(a))[1]; \
- ((char *)&(b))[3] = ((char *)&(a))[0]; \
-}
-
-/*
- * Little endian <==> big endian 16-bit swap macros.
- * M_16_SWAP swap a memory location
- * P_16_SWAP swap a referenced memory location
- * P_16_COPY swap from one location to another
- */
-#define M_16_SWAP(a) { \
- uint16 _tmp = a; \
- ((char *)&a)[0] = ((char *)&_tmp)[1]; \
- ((char *)&a)[1] = ((char *)&_tmp)[0]; \
-}
-#define P_16_SWAP(a) { \
- uint16 _tmp = *(uint16 *)a; \
- ((char *)a)[0] = ((char *)&_tmp)[1]; \
- ((char *)a)[1] = ((char *)&_tmp)[0]; \
-}
-#define P_16_COPY(a, b) { \
- ((char *)&(b))[0] = ((char *)&(a))[1]; \
- ((char *)&(b))[1] = ((char *)&(a))[0]; \
-}
-#endif
-
-PR_BEGIN_EXTERN_C
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-extern DB *
-#else
-PR_EXTERN(DB *)
-#endif
-dbopen (const char *, int, int, DBTYPE, const void *);
-
-/* set or unset a global lock flag to disable the
- * opening of any DBM file
- */
-void dbSetOrClearDBLock(DBLockFlagEnum type);
-
-#ifdef __DBINTERFACE_PRIVATE
-DB *__bt_open (const char *, int, int, const BTREEINFO *, int);
-DB *__hash_open (const char *, int, int, const HASHINFO *, int);
-DB *__rec_open (const char *, int, int, const RECNOINFO *, int);
-void __dbpanic (DB *dbp);
-#endif
-
-PR_END_EXTERN_C
-
-#endif /* !_DB_H_ */
diff --git a/dbm/include/mpool.h b/dbm/include/mpool.h
deleted file mode 100644
index a2fb62b9f..000000000
--- a/dbm/include/mpool.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)mpool.h 8.2 (Berkeley) 7/14/94
- */
-
-#include <sys/queue.h>
-
-/*
- * The memory pool scheme is a simple one. Each in-memory page is referenced
- * by a bucket which is threaded in up to two of three ways. All active pages
- * are threaded on a hash chain (hashed by page number) and an lru chain.
- * Inactive pages are threaded on a free chain. Each reference to a memory
- * pool is handed an opaque MPOOL cookie which stores all of this information.
- */
-#define HASHSIZE 128
-#define HASHKEY(pgno) ((pgno - 1) % HASHSIZE)
-
-/* The BKT structures are the elements of the queues. */
-typedef struct _bkt {
- CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */
- CIRCLEQ_ENTRY(_bkt) q; /* lru queue */
- void *page; /* page */
- pgno_t pgno; /* page number */
-
-#define MPOOL_DIRTY 0x01 /* page needs to be written */
-#define MPOOL_PINNED 0x02 /* page is pinned into memory */
- uint8 flags; /* flags */
-} BKT;
-
-typedef struct MPOOL {
- CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */
- /* hash queue array */
- CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE];
- pgno_t curcache; /* current number of cached pages */
- pgno_t maxcache; /* max number of cached pages */
- pgno_t npages; /* number of pages in the file */
- uint32 pagesize; /* file page size */
- int fd; /* file descriptor */
- /* page in conversion routine */
- void (*pgin) (void *, pgno_t, void *);
- /* page out conversion routine */
- void (*pgout) (void *, pgno_t, void *);
- void *pgcookie; /* cookie for page in/out routines */
-#ifdef STATISTICS
- uint32 cachehit;
- uint32 cachemiss;
- uint32 pagealloc;
- uint32 pageflush;
- uint32 pageget;
- uint32 pagenew;
- uint32 pageput;
- uint32 pageread;
- uint32 pagewrite;
-#endif
-} MPOOL;
-
-__BEGIN_DECLS
-MPOOL *mpool_open (void *, int, pgno_t, pgno_t);
-void mpool_filter (MPOOL *, void (*)(void *, pgno_t, void *),
- void (*)(void *, pgno_t, void *), void *);
-void *mpool_new (MPOOL *, pgno_t *);
-void *mpool_get (MPOOL *, pgno_t, uint);
-int mpool_put (MPOOL *, void *, uint);
-int mpool_sync (MPOOL *);
-int mpool_close (MPOOL *);
-#ifdef STATISTICS
-void mpool_stat (MPOOL *);
-#endif
-__END_DECLS
diff --git a/dbm/include/ncompat.h b/dbm/include/ncompat.h
deleted file mode 100644
index c95b327fe..000000000
--- a/dbm/include/ncompat.h
+++ /dev/null
@@ -1,232 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)compat.h 8.13 (Berkeley) 2/21/94
- */
-
-#ifndef _COMPAT_H_
-#define _COMPAT_H_
-
-#include <sys/types.h>
-
-/*
- * If your system doesn't typedef u_long, u_short, or u_char, change
- * the 0 to a 1.
- */
-#if 0
-typedef unsigned char u_char; /* 4.[34]BSD names. */
-typedef unsigned int u_int;
-typedef unsigned long u_long;
-typedef unsigned short u_short;
-#endif
-
-/* If your system doesn't typedef size_t, change the 0 to a 1. */
-#if 0
-typedef unsigned int size_t; /* POSIX, 4.[34]BSD names. */
-#endif
-
-/* If your system doesn't typedef ssize_t, change the 0 to a 1. */
-#if 0
-typedef int ssize_t; /* POSIX names. */
-#endif
-
-/*
- * If your system doesn't have the POSIX type for a signal mask,
- * change the 0 to a 1.
- */
-#if 0 /* POSIX 1003.1 signal mask type. */
-typedef unsigned int sigset_t;
-#endif
-
-/*
- * If your system's vsprintf returns a char *, not an int,
- * change the 0 to a 1.
- */
-#if defined (__sun) && !defined(__SVR4) /* SUNOS */
-#define VSPRINTF_CHARSTAR
-#endif
-/*
- * If you don't have POSIX 1003.1 signals, the signal code surrounding the
- * temporary file creation is intended to block all of the possible signals
- * long enough to create the file and unlink it. All of this stuff is
- * intended to use old-style BSD calls to fake POSIX 1003.1 calls.
- */
-#ifdef NO_POSIX_SIGNALS
-#define sigemptyset(set) (*(set) = 0)
-#define sigfillset(set) (*(set) = ~(sigset_t)0, 0)
-#define sigaddset(set,signo) (*(set) |= sigmask(signo), 0)
-#define sigdelset(set,signo) (*(set) &= ~sigmask(signo), 0)
-#define sigismember(set,signo) ((*(set) & sigmask(signo)) != 0)
-
-#define SIG_BLOCK 1
-#define SIG_UNBLOCK 2
-#define SIG_SETMASK 3
-
-static int __sigtemp; /* For the use of sigprocmask */
-
-/* Repeated test of oset != NULL is to avoid "*0". */
-#define sigprocmask(how, set, oset) \
- ((__sigtemp = \
- (((how) == SIG_BLOCK) ? \
- sigblock(0) | *(set) : \
- (((how) == SIG_UNBLOCK) ? \
- sigblock(0) & ~(*(set)) : \
- ((how) == SIG_SETMASK ? \
- *(set) : sigblock(0))))), \
- ((oset) ? (*(oset ? oset : set) = sigsetmask(__sigtemp)) : \
- sigsetmask(__sigtemp)), 0)
-#endif
-
-/*
- * If your system doesn't have an include file with the appropriate
- * byte order set, make sure you specify the correct one.
- */
-#ifndef BYTE_ORDER
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax */
-#define BIG_ENDIAN 4321 /* MSB first: 68000, ibm, net */
-#define BYTE_ORDER BIG_ENDIAN /* Set for your system. */
-#endif
-
-#if defined(SYSV) || defined(SYSTEM5) || defined(__sun)
-#define index(a, b) strchr(a, b)
-#define rindex(a, b) strrchr(a, b)
-#define bzero(a, b) memset(a, 0, b)
-#define bcmp(a, b, n) memcmp(a, b, n)
-#define bcopy(a, b, n) memmove(b, a, n)
-#endif
-
-#if defined(BSD) || defined(BSD4_3)
-#define strchr(a, b) index(a, b)
-#define strrchr(a, b) rindex(a, b)
-#define memcmp(a, b, n) bcmp(a, b, n)
-#define memmove(a, b, n) bcopy(b, a, n)
-#endif
-
-/*
- * 32-bit machine. The db routines are theoretically independent of
- * the size of u_shorts and u_longs, but I don't know that anyone has
- * ever actually tried it. At a minimum, change the following #define's
- * if you are trying to compile on a different type of system.
- */
-#ifndef USHRT_MAX
-#define USHRT_MAX 0xFFFF
-#define ULONG_MAX 0xFFFFFFFF
-#endif
-
-#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */
-#define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR)
-#endif
-
-#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 RE limit. */
-#define _POSIX2_RE_DUP_MAX 255
-#endif
-
-/*
- * If you can't provide lock values in the open(2) call. Note, this
- * allows races to happen.
- */
-#ifndef O_EXLOCK /* 4.4BSD extension. */
-#define O_EXLOCK 0
-#endif
-
-#ifndef O_SHLOCK /* 4.4BSD extension. */
-#define O_SHLOCK 0
-#endif
-
-#ifndef EFTYPE
-#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
-#endif
-
-#ifndef WCOREDUMP /* 4.4BSD extension */
-#define WCOREDUMP(a) 0
-#endif
-
-#ifndef STDERR_FILENO
-#define STDIN_FILENO 0 /* ANSI C #defines */
-#define STDOUT_FILENO 1
-#define STDERR_FILENO 2
-#endif
-
-#ifndef SEEK_END
-#define SEEK_SET 0 /* POSIX 1003.1 seek values */
-#define SEEK_CUR 1
-#define SEEK_END 2
-#endif
-
-#ifndef _POSIX_VDISABLE /* POSIX 1003.1 disabling char. */
-#define _POSIX_VDISABLE 0 /* Some systems used 0. */
-#endif
-
-#ifndef TCSASOFT /* 4.4BSD extension. */
-#define TCSASOFT 0
-#endif
-
-#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 values. */
-#define _POSIX2_RE_DUP_MAX 255
-#endif
-
-#ifndef NULL /* ANSI C #defines NULL everywhere. */
-#define NULL 0
-#endif
-
-#ifndef MAX /* Usually found in <sys/param.h>. */
-#define MAX(_a,_b) ((_a)<(_b)?(_b):(_a))
-#endif
-#ifndef MIN /* Usually found in <sys/param.h>. */
-#define MIN(_a,_b) ((_a)<(_b)?(_a):(_b))
-#endif
-
-/* Default file permissions. */
-#ifndef DEFFILEMODE /* 4.4BSD extension. */
-#define DEFFILEMODE (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)
-#endif
-
-#ifndef __sun
-#ifndef S_ISDIR /* POSIX 1003.1 file type tests. */
-#define S_ISDIR(m) ((m & 0170000) == 0040000) /* directory */
-#define S_ISCHR(m) ((m & 0170000) == 0020000) /* char special */
-#define S_ISBLK(m) ((m & 0170000) == 0060000) /* block special */
-#define S_ISREG(m) ((m & 0170000) == 0100000) /* regular file */
-#define S_ISFIFO(m) ((m & 0170000) == 0010000) /* fifo */
-#endif
-#ifndef S_ISLNK /* BSD POSIX 1003.1 extensions */
-#define S_ISLNK(m) ((m & 0170000) == 0120000) /* symbolic link */
-#define S_ISSOCK(m) ((m & 0170000) == 0140000) /* socket */
-#endif
-#endif /* __sun */
-
-/* The type of a va_list. */
-#ifndef _BSD_VA_LIST_ /* 4.4BSD #define. */
-#define _BSD_VA_LIST_ char *
-#endif
-
-#endif /* !_COMPAT_H_ */
diff --git a/dbm/include/ndbm.h b/dbm/include/ndbm.h
deleted file mode 100644
index 7ad5f1a23..000000000
--- a/dbm/include/ndbm.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)ndbm.h 8.1 (Berkeley) 6/2/93
- */
-
-#ifndef _NDBM_H_
-#define _NDBM_H_
-
-#include "mcom_db.h"
-
-/* Map dbm interface onto db(3). */
-#define DBM_RDONLY O_RDONLY
-
-/* Flags to dbm_store(). */
-#define DBM_INSERT 0
-#define DBM_REPLACE 1
-
-/*
- * The db(3) support for ndbm(3) always appends this suffix to the
- * file name to avoid overwriting the user's original database.
- */
-#define DBM_SUFFIX ".db"
-
-typedef struct {
- char *dptr;
- int dsize;
-} datum;
-
-typedef DB DBM;
-#define dbm_pagfno(a) DBM_PAGFNO_NOT_AVAILABLE
-
-__BEGIN_DECLS
-void dbm_close (DBM *);
-int dbm_delete (DBM *, datum);
-datum dbm_fetch (DBM *, datum);
-datum dbm_firstkey (DBM *);
-long dbm_forder (DBM *, datum);
-datum dbm_nextkey (DBM *);
-DBM *dbm_open (const char *, int, int);
-int dbm_store (DBM *, datum, datum, int);
-int dbm_dirfno (DBM *);
-__END_DECLS
-
-#endif /* !_NDBM_H_ */
diff --git a/dbm/include/nsres.h b/dbm/include/nsres.h
deleted file mode 100644
index f3f4e2d1a..000000000
--- a/dbm/include/nsres.h
+++ /dev/null
@@ -1,41 +0,0 @@
-#ifndef NSRES_H
-#define NSRES_H
-#include "mcom_db.h"
-
-__BEGIN_DECLS
-
-/* C version */
-#define NSRESHANDLE void *
-
-typedef void (*NSRESTHREADFUNC)(void *);
-
-typedef struct NSRESTHREADINFO
-{
- void *lock;
- NSRESTHREADFUNC fn_lock;
- NSRESTHREADFUNC fn_unlock;
-} NSRESTHREADINFO;
-
-#define MAXBUFNUM 10
-#define MAXSTRINGLEN 300
-
-#define NSRES_CREATE 1
-#define NSRES_OPEN 2
-
-
-
-NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo);
-NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo);
-void NSResCloseTable(NSRESHANDLE handle);
-
-char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id,
- unsigned int charsetid, char *retbuf);
-int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id);
-int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf);
-int NSResAddString(NSRESHANDLE handle, const char *library, int32 id, const char *string, unsigned int charset);
-
-__END_DECLS
-
-
-#endif
-
diff --git a/dbm/include/page.h b/dbm/include/page.h
deleted file mode 100644
index faf2b815b..000000000
--- a/dbm/include/page.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)page.h 8.2 (Berkeley) 5/31/94
- */
-
-/*
- * Definitions for hashing page file format.
- */
-
-/*
- * routines dealing with a data page
- *
- * page format:
- * +------------------------------+
- * p | n | keyoff | datoff | keyoff |
- * +------------+--------+--------+
- * | datoff | free | ptr | --> |
- * +--------+---------------------+
- * | F R E E A R E A |
- * +--------------+---------------+
- * | <---- - - - | data |
- * +--------+-----+----+----------+
- * | key | data | key |
- * +--------+----------+----------+
- *
- * Pointer to the free space is always: p[p[0] + 2]
- * Amount of free space on the page is: p[p[0] + 1]
- */
-
-/*
- * How many bytes required for this pair?
- * 2 shorts in the table at the top of the page + room for the
- * key and room for the data
- *
- * We prohibit entering a pair on a page unless there is also room to append
- * an overflow page. The reason for this it that you can get in a situation
- * where a single key/data pair fits on a page, but you can't append an
- * overflow page and later you'd have to split the key/data and handle like
- * a big pair.
- * You might as well do this up front.
- */
-#ifndef PAGE_H
-#define PAGE_H
-
-#define PAIRSIZE(K,D) (2*sizeof(uint16) + (K)->size + (D)->size)
-#define BIGOVERHEAD (4*sizeof(uint16))
-#define KEYSIZE(K) (4*sizeof(uint16) + (K)->size);
-#define OVFLSIZE (2*sizeof(uint16))
-#define FREESPACE(P) ((P)[(P)[0]+1])
-#define OFFSET(P) ((P)[(P)[0]+2])
-#define PAIRFITS(P,K,D) \
- (((P)[2] >= REAL_KEY) && \
- (PAIRSIZE((K),(D)) + OVFLSIZE) <= FREESPACE((P)))
-#define PAGE_META(N) (((N)+3) * sizeof(uint16))
-
-typedef struct {
- BUFHEAD *newp;
- BUFHEAD *oldp;
- BUFHEAD *nextp;
- uint16 next_addr;
-} SPLIT_RETURN;
-#endif
-
diff --git a/dbm/include/queue.h b/dbm/include/queue.h
deleted file mode 100644
index 40d32ccb6..000000000
--- a/dbm/include/queue.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/*
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)queue.h 8.3 (Berkeley) 12/13/93
- */
-
-#ifndef _QUEUE_H_
-#define _QUEUE_H_
-
-/*
- * This file defines three types of data structures: lists, tail queues,
- * and circular queues.
- *
- * A list is headed by a single forward pointer (or an array of forward
- * pointers for a hash table header). The elements are doubly linked
- * so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list after
- * an existing element or at the head of the list. A list may only be
- * traversed in the forward direction.
- *
- * A tail queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list after
- * an existing element, at the head of the list, or at the end of the
- * list. A tail queue may only be traversed in the forward direction.
- *
- * A circle queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list before or after
- * an existing element, at the head of the list, or at the end of the list.
- * A circle queue may be traversed in either direction, but has a more
- * complex end of list detection.
- *
- * For details on the use of these macros, see the queue(3) manual page.
- */
-
-/*
- * List definitions.
- */
-#define LIST_HEAD(name, type) \
-struct name { \
- struct type *lh_first; /* first element */ \
-}
-
-#define LIST_ENTRY(type) \
-struct { \
- struct type *le_next; /* next element */ \
- struct type **le_prev; /* address of previous next element */ \
-}
-
-/*
- * List functions.
- */
-#define LIST_INIT(head) { \
- (head)->lh_first = NULL; \
-}
-
-#define LIST_INSERT_AFTER(listelm, elm, field) { \
- if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \
- (listelm)->field.le_next->field.le_prev = \
- &(elm)->field.le_next; \
- (listelm)->field.le_next = (elm); \
- (elm)->field.le_prev = &(listelm)->field.le_next; \
-}
-
-#define LIST_INSERT_HEAD(head, elm, field) { \
- if (((elm)->field.le_next = (head)->lh_first) != NULL) \
- (head)->lh_first->field.le_prev = &(elm)->field.le_next;\
- (head)->lh_first = (elm); \
- (elm)->field.le_prev = &(head)->lh_first; \
-}
-
-#define LIST_REMOVE(elm, field) { \
- if ((elm)->field.le_next != NULL) \
- (elm)->field.le_next->field.le_prev = \
- (elm)->field.le_prev; \
- *(elm)->field.le_prev = (elm)->field.le_next; \
-}
-
-/*
- * Tail queue definitions.
- */
-#define TAILQ_HEAD(name, type) \
-struct name { \
- struct type *tqh_first; /* first element */ \
- struct type **tqh_last; /* addr of last next element */ \
-}
-
-#define TAILQ_ENTRY(type) \
-struct { \
- struct type *tqe_next; /* next element */ \
- struct type **tqe_prev; /* address of previous next element */ \
-}
-
-/*
- * Tail queue functions.
- */
-#define TAILQ_INIT(head) { \
- (head)->tqh_first = NULL; \
- (head)->tqh_last = &(head)->tqh_first; \
-}
-
-#define TAILQ_INSERT_HEAD(head, elm, field) { \
- if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \
- (elm)->field.tqe_next->field.tqe_prev = \
- &(elm)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm)->field.tqe_next; \
- (head)->tqh_first = (elm); \
- (elm)->field.tqe_prev = &(head)->tqh_first; \
-}
-
-#define TAILQ_INSERT_TAIL(head, elm, field) { \
- (elm)->field.tqe_next = NULL; \
- (elm)->field.tqe_prev = (head)->tqh_last; \
- *(head)->tqh_last = (elm); \
- (head)->tqh_last = &(elm)->field.tqe_next; \
-}
-
-#define TAILQ_INSERT_AFTER(head, listelm, elm, field) { \
- if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\
- (elm)->field.tqe_next->field.tqe_prev = \
- &(elm)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm)->field.tqe_next; \
- (listelm)->field.tqe_next = (elm); \
- (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \
-}
-
-#define TAILQ_REMOVE(head, elm, field) { \
- if (((elm)->field.tqe_next) != NULL) \
- (elm)->field.tqe_next->field.tqe_prev = \
- (elm)->field.tqe_prev; \
- else \
- (head)->tqh_last = (elm)->field.tqe_prev; \
- *(elm)->field.tqe_prev = (elm)->field.tqe_next; \
-}
-
-/*
- * Circular queue definitions.
- */
-#define CIRCLEQ_HEAD(name, type) \
-struct name { \
- struct type *cqh_first; /* first element */ \
- struct type *cqh_last; /* last element */ \
-}
-
-#define CIRCLEQ_ENTRY(type) \
-struct { \
- struct type *cqe_next; /* next element */ \
- struct type *cqe_prev; /* previous element */ \
-}
-
-/*
- * Circular queue functions.
- */
-#define CIRCLEQ_INIT(head) { \
- (head)->cqh_first = (void *)(head); \
- (head)->cqh_last = (void *)(head); \
-}
-
-#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) { \
- (elm)->field.cqe_next = (listelm)->field.cqe_next; \
- (elm)->field.cqe_prev = (listelm); \
- if ((listelm)->field.cqe_next == (void *)(head)) \
- (head)->cqh_last = (elm); \
- else \
- (listelm)->field.cqe_next->field.cqe_prev = (elm); \
- (listelm)->field.cqe_next = (elm); \
-}
-
-#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) { \
- (elm)->field.cqe_next = (listelm); \
- (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \
- if ((listelm)->field.cqe_prev == (void *)(head)) \
- (head)->cqh_first = (elm); \
- else \
- (listelm)->field.cqe_prev->field.cqe_next = (elm); \
- (listelm)->field.cqe_prev = (elm); \
-}
-
-#define CIRCLEQ_INSERT_HEAD(head, elm, field) { \
- (elm)->field.cqe_next = (head)->cqh_first; \
- (elm)->field.cqe_prev = (void *)(head); \
- if ((head)->cqh_last == (void *)(head)) \
- (head)->cqh_last = (elm); \
- else \
- (head)->cqh_first->field.cqe_prev = (elm); \
- (head)->cqh_first = (elm); \
-}
-
-#define CIRCLEQ_INSERT_TAIL(head, elm, field) { \
- (elm)->field.cqe_next = (void *)(head); \
- (elm)->field.cqe_prev = (head)->cqh_last; \
- if ((head)->cqh_first == (void *)(head)) \
- (head)->cqh_first = (elm); \
- else \
- (head)->cqh_last->field.cqe_next = (elm); \
- (head)->cqh_last = (elm); \
-}
-
-#define CIRCLEQ_REMOVE(head, elm, field) { \
- if ((elm)->field.cqe_next == (void *)(head)) \
- (head)->cqh_last = (elm)->field.cqe_prev; \
- else \
- (elm)->field.cqe_next->field.cqe_prev = \
- (elm)->field.cqe_prev; \
- if ((elm)->field.cqe_prev == (void *)(head)) \
- (head)->cqh_first = (elm)->field.cqe_next; \
- else \
- (elm)->field.cqe_prev->field.cqe_next = \
- (elm)->field.cqe_next; \
-}
-#endif /* !_QUEUE_H_ */
diff --git a/dbm/include/search.h b/dbm/include/search.h
deleted file mode 100644
index ff58b1c15..000000000
--- a/dbm/include/search.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)search.h 8.1 (Berkeley) 6/4/93
- */
-
-/* Backward compatibility to hsearch interface. */
-typedef struct entry {
- char *key;
- char *data;
-} ENTRY;
-
-typedef enum {
- FIND, ENTER
-} ACTION;
-
-int hcreate (unsigned int);
-void hdestroy (void);
-ENTRY *hsearch (ENTRY, ACTION);
diff --git a/dbm/include/watcomfx.h b/dbm/include/watcomfx.h
deleted file mode 100644
index 3020e9de9..000000000
--- a/dbm/include/watcomfx.h
+++ /dev/null
@@ -1,26 +0,0 @@
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#ifndef __WATCOM_FIX_H__
-#define __WATCOM_FIX_H__ 1
-/*
- * WATCOM's C compiler doesn't default to "__cdecl" conventions for external
- * symbols and functions. Rather than adding an explicit __cdecl modifier to
- * every external symbol and function declaration and definition, we use the
- * following pragma to (attempt to) change WATCOM c's default to __cdecl.
- * These pragmas were taken from pages 180-181, 266 & 269 of the
- * Watcom C/C++ version 11 User's Guide, 3rd edition.
- */
-#if defined(XP_WIN16) || defined(WIN16)
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [ax] \
- modify [ax bx cx dx es]
-#else
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [eax] \
- modify [eax ecx edx]
-#endif
-#pragma aux default far
-
-#endif /* once */
-#endif /* WATCOM compiler */
diff --git a/dbm/include/winfile.h b/dbm/include/winfile.h
deleted file mode 100644
index 1fd54d578..000000000
--- a/dbm/include/winfile.h
+++ /dev/null
@@ -1,106 +0,0 @@
-
-/* ---------------------------------------------------------------------------
- Stuff to fake unix file I/O on windows boxes
- ------------------------------------------------------------------------*/
-
-#ifndef WINFILE_H
-#define WINFILE_H
-
-#ifdef _WINDOWS
-/* hacked out of <dirent.h> on an SGI */
-#if defined(XP_WIN32) || defined(_WIN32)
-/* 32-bit stuff here */
-#include <windows.h>
-#include <stdlib.h>
-#ifdef __MINGW32__
-#include <sys/types.h>
-#include <sys/stat.h>
-#else
-#include <sys\types.h>
-#include <sys\stat.h>
-#endif
-
-typedef struct DIR_Struct {
- void * directoryPtr;
- WIN32_FIND_DATA data;
-} DIR;
-
-#define _ST_FSTYPSZ 16
-
-#if !defined(__BORLANDC__) && !defined(__GNUC__)
- typedef unsigned long mode_t;
- typedef long uid_t;
- typedef long gid_t;
- typedef long off_t;
- typedef unsigned long nlink_t;
-#endif
-
-typedef struct timestruc {
- time_t tv_sec; /* seconds */
- long tv_nsec; /* and nanoseconds */
-} timestruc_t;
-
-
-struct dirent { /* data from readdir() */
- ino_t d_ino; /* inode number of entry */
- off_t d_off; /* offset of disk direntory entry */
- unsigned short d_reclen; /* length of this record */
- char d_name[_MAX_FNAME]; /* name of file */
-};
-
-#if !defined(__BORLANDC__) && !defined (__GNUC__)
-#define S_ISDIR(s) ((s) & _S_IFDIR)
-#endif
-
-#else /* _WIN32 */
-/* 16-bit windows stuff */
-
-#include <sys\types.h>
-#include <sys\stat.h>
-#include <dos.h>
-
-
-
-/* Getting cocky to support multiple file systems */
-typedef struct dirStruct_tag {
- struct _find_t file_data;
- char c_checkdrive;
-} dirStruct;
-
-typedef struct DIR_Struct {
- void * directoryPtr;
- dirStruct data;
-} DIR;
-
-#define _ST_FSTYPSZ 16
-typedef unsigned long mode_t;
-typedef long uid_t;
-typedef long gid_t;
-typedef long off_t;
-typedef unsigned long nlink_t;
-
-typedef struct timestruc {
- time_t tv_sec; /* seconds */
- long tv_nsec; /* and nanoseconds */
-} timestruc_t;
-
-struct dirent { /* data from readdir() */
- ino_t d_ino; /* inode number of entry */
- off_t d_off; /* offset of disk direntory entry */
- unsigned short d_reclen; /* length of this record */
-#ifdef XP_WIN32
- char d_name[_MAX_FNAME]; /* name of file */
-#else
- char d_name[20]; /* name of file */
-#endif
-};
-
-#define S_ISDIR(s) ((s) & _S_IFDIR)
-
-#endif /* 16-bit windows */
-
-#define CONST const
-
-#endif /* _WINDOWS */
-
-#endif /* WINFILE_H */
diff --git a/dbm/macbuild/DBM.Prefix b/dbm/macbuild/DBM.Prefix
deleted file mode 100644
index bace25e50..000000000
--- a/dbm/macbuild/DBM.Prefix
+++ /dev/null
@@ -1,33 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- */
-
-//
-// DBM.Prefix
-//
-// Global prefix file for the non-debug DBM project.
-//
-//
-
-
-#include "MacPrefix.h"
-#include "DBMConfig.h"
-
diff --git a/dbm/macbuild/DBM.xml b/dbm/macbuild/DBM.xml
deleted file mode 100644
index 375068925..000000000
--- a/dbm/macbuild/DBM.xml
+++ /dev/null
@@ -1,4326 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>DBM.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>DBM.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBM.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>100</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>DBM</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBM.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MoreFiles.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MoreFiles.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>DBMDebug.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client_debug:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>DBMDebug.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBMDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>Inline</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__initialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__terminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>100</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>DBM</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBMDebug.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MoreFilesDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MoreFilesDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>DBM.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>DBM.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBM.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBM.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>DBMDebug.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>DBMDebug.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBMDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBMDebug.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>DBM.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>DBMDebug.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>DBM.o</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>DBMDebug.o</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <GROUP><NAME>dbm</NAME>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_bigkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_func.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_log2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>h_page.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash_buf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hsearch.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Netscape Libraries</NAME>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <GROUP><NAME>Optimized</NAME>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MoreFiles.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Debug</NAME>
- <FILEREF>
- <TARGETNAME>DBMDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBMDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBMDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MoreFilesDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- </GROUP>
- <GROUP><NAME>Apple/Other Libs</NAME>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>DBM.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/dbm/macbuild/DBMConfig.h b/dbm/macbuild/DBMConfig.h
deleted file mode 100644
index e7ec911c6..000000000
--- a/dbm/macbuild/DBMConfig.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- */
-
-#define __DBINTERFACE_PRIVATE 1
diff --git a/dbm/macbuild/DBMDebug.Prefix b/dbm/macbuild/DBMDebug.Prefix
deleted file mode 100644
index 7d40bdad3..000000000
--- a/dbm/macbuild/DBMDebug.Prefix
+++ /dev/null
@@ -1,32 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- */
-
-//
-// DBMDebug.Prefix
-//
-// Global prefix file for the debug DBM project.
-//
-//
-
-#include "MacPrefix_debug.h"
-#include "DBMConfig.h"
-
diff --git a/dbm/macbuild/macstubs.c b/dbm/macbuild/macstubs.c
deleted file mode 100644
index bbfe69a54..000000000
--- a/dbm/macbuild/macstubs.c
+++ /dev/null
@@ -1,8 +0,0 @@
-
-// Hack to define a never-called routine from libdbm
-#include "mcom_db.h"
-
-int mkstemp(const char* /*path*/)
-{
- return -1;
-}
diff --git a/dbm/src/.cvsignore b/dbm/src/.cvsignore
deleted file mode 100644
index f3c7a7c5d..000000000
--- a/dbm/src/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/src/Makefile.in b/dbm/src/Makefile.in
deleted file mode 100644
index 280c944d1..000000000
--- a/dbm/src/Makefile.in
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-
-DEPTH = ../..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-LIBRARY_NAME = mozdbm_s
-LIB_IS_C_ONLY = 1
-
-ifeq ($(OS_ARCH),WINNT)
-LIBRARY_NAME = dbm$(MOZ_BITS)
-endif
-
-CSRCS = \
- db.c \
- h_bigkey.c \
- h_func.c \
- h_log2.c \
- h_page.c \
- hash.c \
- hash_buf.c \
- hsearch.c \
- mktemp.c \
- ndbm.c \
- strerror.c \
- nsres.c \
- $(NULL)
-
-ifeq ($(OS_ARCH),WINNT)
-CSRCS += memmove.c snprintf.c
-else
-ifeq (,$(filter -DHAVE_MEMMOVE=1,$(ACDEFINES)))
-CSRCS += memmove.c
-endif
-
-ifeq (,$(filter -DHAVE_SNPRINTF=1,$(ACDEFINES)))
-CSRCS += snprintf.c
-endif
-endif # WINNT
-
-LOCAL_INCLUDES = -I$(srcdir)/../include
-
-FORCE_STATIC_LIB = 1
-FORCE_USE_PIC = 1
-
-include $(topsrcdir)/config/rules.mk
-
-DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG)
-
-ifeq ($(OS_ARCH),AIX)
-OS_LIBS += -lc_r
-endif
-
diff --git a/dbm/src/Makefile.win b/dbm/src/Makefile.win
deleted file mode 100644
index 060a8c48b..000000000
--- a/dbm/src/Makefile.win
+++ /dev/null
@@ -1,96 +0,0 @@
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-
-
-#//------------------------------------------------------------------------
-#//
-#// Makefile to build the cert library
-#//
-#//------------------------------------------------------------------------
-
-!if "$(MOZ_BITS)" == "16"
-!ifndef MOZ_DEBUG
-OPTIMIZER=-Os -UDEBUG -DNDEBUG
-!endif
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..
-
-!ifndef MAKE_OBJ_TYPE
-MAKE_OBJ_TYPE=EXE
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
-#//
-#//------------------------------------------------------------------------
-LIBNAME=dbm$(MOZ_BITS)
-PDBFILE=$(LIBNAME).pdb
-
-#//------------------------------------------------------------------------
-#//
-#// Define the files necessary to build the target (ie. OBJS)
-#//
-#//------------------------------------------------------------------------
-OBJS= \
- .\$(OBJDIR)\db.obj \
- .\$(OBJDIR)\h_bigkey.obj \
- .\$(OBJDIR)\h_func.obj \
- .\$(OBJDIR)\h_log2.obj \
- .\$(OBJDIR)\h_page.obj \
- .\$(OBJDIR)\hash.obj \
- .\$(OBJDIR)\hash_buf.obj \
- .\$(OBJDIR)\hsearch.obj \
- .\$(OBJDIR)\memmove.obj \
- .\$(OBJDIR)\mktemp.obj \
- .\$(OBJDIR)\ndbm.obj \
- .\$(OBJDIR)\snprintf.obj \
- .\$(OBJDIR)\strerror.obj \
- .\$(OBJDIR)\nsres.obj \
- $(NULL)
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
-#// (these must be defined before the common makefiles are included)
-#//
-#//------------------------------------------------------------------------
-LIBRARY = .\$(OBJDIR)\$(LIBNAME).lib
-LINCS = -I..\include
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/config/rules.mak>
-
-CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT -D__DBINTERFACE_PRIVATE
-
-install:: $(LIBRARY)
- $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
-
-
diff --git a/dbm/src/db.c b/dbm/src/db.c
deleted file mode 100644
index e4b1fff8f..000000000
--- a/dbm/src/db.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)db.c 8.4 (Berkeley) 2/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef __DBINTERFACE_PRIVATE
-#define __DBINTERFACE_PRIVATE
-#endif
-#ifdef macintosh
-#include <unix.h>
-#else
-#include <sys/types.h>
-#endif
-
-#include <errno.h>
-#include <fcntl.h>
-#include <stddef.h>
-#include <stdio.h>
-
-#include "mcom_db.h"
-
-/* a global flag that locks closed all databases */
-int all_databases_locked_closed = 0;
-
-/* set or unset a global lock flag to disable the
- * opening of any DBM file
- */
-void
-dbSetOrClearDBLock(DBLockFlagEnum type)
-{
- if(type == LockOutDatabase)
- all_databases_locked_closed = 1;
- else
- all_databases_locked_closed = 0;
-}
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-DB *
-#else
-PR_IMPLEMENT(DB *)
-#endif
-dbopen(const char *fname, int flags,int mode, DBTYPE type, const void *openinfo)
-{
-
- /* lock out all file databases. Let in-memory databases through
- */
- if(all_databases_locked_closed && fname)
- {
- errno = EINVAL;
- return(NULL);
- }
-
-#define DB_FLAGS (DB_LOCK | DB_SHMEM | DB_TXN)
-
-
-#if 0 /* most systems dont have EXLOCK and SHLOCK */
-#define USE_OPEN_FLAGS \
- (O_CREAT | O_EXCL | O_EXLOCK | O_NONBLOCK | O_RDONLY | \
- O_RDWR | O_SHLOCK | O_TRUNC)
-#else
-#define USE_OPEN_FLAGS \
- (O_CREAT | O_EXCL | O_RDONLY | \
- O_RDWR | O_TRUNC)
-#endif
-
- if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0)
- switch (type) {
-/* we don't need btree and recno right now */
-#if 0
- case DB_BTREE:
- return (__bt_open(fname, flags & USE_OPEN_FLAGS,
- mode, openinfo, flags & DB_FLAGS));
- case DB_RECNO:
- return (__rec_open(fname, flags & USE_OPEN_FLAGS,
- mode, openinfo, flags & DB_FLAGS));
-#endif
-
- case DB_HASH:
- return (__hash_open(fname, flags & USE_OPEN_FLAGS,
- mode, (const HASHINFO *)openinfo, flags & DB_FLAGS));
- default:
- break;
- }
- errno = EINVAL;
- return (NULL);
-}
-
-static int
-__dberr()
-{
- return (RET_ERROR);
-}
-
-/*
- * __DBPANIC -- Stop.
- *
- * Parameters:
- * dbp: pointer to the DB structure.
- */
-void
-__dbpanic(DB *dbp)
-{
- /* The only thing that can succeed is a close. */
- dbp->del = (int (*)(const struct __db *, const DBT *, uint))__dberr;
- dbp->fd = (int (*)(const struct __db *))__dberr;
- dbp->get = (int (*)(const struct __db *, const DBT *, DBT *, uint))__dberr;
- dbp->put = (int (*)(const struct __db *, DBT *, const DBT *, uint))__dberr;
- dbp->seq = (int (*)(const struct __db *, DBT *, DBT *, uint))__dberr;
- dbp->sync = (int (*)(const struct __db *, uint))__dberr;
-}
diff --git a/dbm/src/h_bigkey.c b/dbm/src/h_bigkey.c
deleted file mode 100644
index 855f10725..000000000
--- a/dbm/src/h_bigkey.c
+++ /dev/null
@@ -1,713 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_bigkey.c 8.3 (Berkeley) 5/31/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hash
- * DESCRIPTION:
- * Big key/data handling for the hashing package.
- *
- * ROUTINES:
- * External
- * __big_keydata
- * __big_split
- * __big_insert
- * __big_return
- * __big_delete
- * __find_last_page
- * Internal
- * collect_key
- * collect_data
- */
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef DEBUG
-#include <assert.h>
-#endif
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-static int collect_key __P((HTAB *, BUFHEAD *, int, DBT *, int));
-static int collect_data __P((HTAB *, BUFHEAD *, int, int));
-
-/*
- * Big_insert
- *
- * You need to do an insert and the key/data pair is too big
- *
- * Returns:
- * 0 ==> OK
- *-1 ==> ERROR
- */
-extern int
-__big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val)
-{
- register uint16 *p;
- uint key_size, n, val_size;
- uint16 space, move_bytes, off;
- char *cp, *key_data, *val_data;
-
- cp = bufp->page; /* Character pointer of p. */
- p = (uint16 *)cp;
-
- key_data = (char *)key->data;
- key_size = key->size;
- val_data = (char *)val->data;
- val_size = val->size;
-
- /* First move the Key */
- for (space = FREESPACE(p) - BIGOVERHEAD; key_size;
- space = FREESPACE(p) - BIGOVERHEAD) {
- move_bytes = PR_MIN(space, key_size);
- off = OFFSET(p) - move_bytes;
- memmove(cp + off, key_data, move_bytes);
- key_size -= move_bytes;
- key_data += move_bytes;
- n = p[0];
- p[++n] = off;
- p[0] = ++n;
- FREESPACE(p) = off - PAGE_META(n);
- OFFSET(p) = off;
- p[n] = PARTIAL_KEY;
- bufp = __add_ovflpage(hashp, bufp);
- if (!bufp)
- return (-1);
- n = p[0];
- if (!key_size) {
- if (FREESPACE(p)) {
- move_bytes = PR_MIN(FREESPACE(p), val_size);
- off = OFFSET(p) - move_bytes;
- p[n] = off;
- memmove(cp + off, val_data, move_bytes);
- val_data += move_bytes;
- val_size -= move_bytes;
- p[n - 2] = FULL_KEY_DATA;
- FREESPACE(p) = FREESPACE(p) - move_bytes;
- OFFSET(p) = off;
- } else
- p[n - 2] = FULL_KEY;
- }
- p = (uint16 *)bufp->page;
- cp = bufp->page;
- bufp->flags |= BUF_MOD;
- }
-
- /* Now move the data */
- for (space = FREESPACE(p) - BIGOVERHEAD; val_size;
- space = FREESPACE(p) - BIGOVERHEAD) {
- move_bytes = PR_MIN(space, val_size);
- /*
- * Here's the hack to make sure that if the data ends on the
- * same page as the key ends, FREESPACE is at least one.
- */
- if (space == val_size && val_size == val->size)
- move_bytes--;
- off = OFFSET(p) - move_bytes;
- memmove(cp + off, val_data, move_bytes);
- val_size -= move_bytes;
- val_data += move_bytes;
- n = p[0];
- p[++n] = off;
- p[0] = ++n;
- FREESPACE(p) = off - PAGE_META(n);
- OFFSET(p) = off;
- if (val_size) {
- p[n] = FULL_KEY;
- bufp = __add_ovflpage(hashp, bufp);
- if (!bufp)
- return (-1);
- cp = bufp->page;
- p = (uint16 *)cp;
- } else
- p[n] = FULL_KEY_DATA;
- bufp->flags |= BUF_MOD;
- }
- return (0);
-}
-
-/*
- * Called when bufp's page contains a partial key (index should be 1)
- *
- * All pages in the big key/data pair except bufp are freed. We cannot
- * free bufp because the page pointing to it is lost and we can't get rid
- * of its pointer.
- *
- * Returns:
- * 0 => OK
- *-1 => ERROR
- */
-extern int
-__big_delete(HTAB *hashp, BUFHEAD *bufp)
-{
- register BUFHEAD *last_bfp, *rbufp;
- uint16 *bp, pageno;
- int key_done, n;
-
- rbufp = bufp;
- last_bfp = NULL;
- bp = (uint16 *)bufp->page;
- pageno = 0;
- key_done = 0;
-
- while (!key_done || (bp[2] != FULL_KEY_DATA)) {
- if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA)
- key_done = 1;
-
- /*
- * If there is freespace left on a FULL_KEY_DATA page, then
- * the data is short and fits entirely on this page, and this
- * is the last page.
- */
- if (bp[2] == FULL_KEY_DATA && FREESPACE(bp))
- break;
- pageno = bp[bp[0] - 1];
- rbufp->flags |= BUF_MOD;
- rbufp = __get_buf(hashp, pageno, rbufp, 0);
- if (last_bfp)
- __free_ovflpage(hashp, last_bfp);
- last_bfp = rbufp;
- if (!rbufp)
- return (-1); /* Error. */
- bp = (uint16 *)rbufp->page;
- }
-
- /*
- * If we get here then rbufp points to the last page of the big
- * key/data pair. Bufp points to the first one -- it should now be
- * empty pointing to the next page after this pair. Can't free it
- * because we don't have the page pointing to it.
- */
-
- /* This is information from the last page of the pair. */
- n = bp[0];
- pageno = bp[n - 1];
-
- /* Now, bp is the first page of the pair. */
- bp = (uint16 *)bufp->page;
- if (n > 2) {
- /* There is an overflow page. */
- bp[1] = pageno;
- bp[2] = OVFLPAGE;
- bufp->ovfl = rbufp->ovfl;
- } else
- /* This is the last page. */
- bufp->ovfl = NULL;
- n -= 2;
- bp[0] = n;
- FREESPACE(bp) = hashp->BSIZE - PAGE_META(n);
- OFFSET(bp) = hashp->BSIZE - 1;
-
- bufp->flags |= BUF_MOD;
- if (rbufp)
- __free_ovflpage(hashp, rbufp);
- if (last_bfp != rbufp)
- __free_ovflpage(hashp, last_bfp);
-
- hashp->NKEYS--;
- return (0);
-}
-/*
- * Returns:
- * 0 = key not found
- * -1 = get next overflow page
- * -2 means key not found and this is big key/data
- * -3 error
- */
-extern int
-__find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size)
-{
- register uint16 *bp;
- register char *p;
- int ksize;
- uint16 bytes;
- char *kkey;
-
- bp = (uint16 *)bufp->page;
- p = bufp->page;
- ksize = size;
- kkey = key;
-
- for (bytes = hashp->BSIZE - bp[ndx];
- bytes <= size && bp[ndx + 1] == PARTIAL_KEY;
- bytes = hashp->BSIZE - bp[ndx]) {
- if (memcmp(p + bp[ndx], kkey, bytes))
- return (-2);
- kkey += bytes;
- ksize -= bytes;
- bufp = __get_buf(hashp, bp[ndx + 2], bufp, 0);
- if (!bufp)
- return (-3);
- p = bufp->page;
- bp = (uint16 *)p;
- ndx = 1;
- }
-
- if (bytes != ksize || memcmp(p + bp[ndx], kkey, bytes)) {
-#ifdef HASH_STATISTICS
- ++hash_collisions;
-#endif
- return (-2);
- } else
- return (ndx);
-}
-
-/*
- * Given the buffer pointer of the first overflow page of a big pair,
- * find the end of the big pair
- *
- * This will set bpp to the buffer header of the last page of the big pair.
- * It will return the pageno of the overflow page following the last page
- * of the pair; 0 if there isn't any (i.e. big pair is the last key in the
- * bucket)
- */
-extern uint16
-__find_last_page(HTAB *hashp, BUFHEAD **bpp)
-{
- BUFHEAD *bufp;
- uint16 *bp, pageno;
- uint n;
-
- bufp = *bpp;
- bp = (uint16 *)bufp->page;
- for (;;) {
- n = bp[0];
-
- /*
- * This is the last page if: the tag is FULL_KEY_DATA and
- * either only 2 entries OVFLPAGE marker is explicit there
- * is freespace on the page.
- */
- if (bp[2] == FULL_KEY_DATA &&
- ((n == 2) || (bp[n] == OVFLPAGE) || (FREESPACE(bp))))
- break;
-
- /* LJM bound the size of n to reasonable limits
- */
- if(n > hashp->BSIZE/sizeof(uint16))
- return(0);
-
- pageno = bp[n - 1];
- bufp = __get_buf(hashp, pageno, bufp, 0);
- if (!bufp)
- return (0); /* Need to indicate an error! */
- bp = (uint16 *)bufp->page;
- }
-
- *bpp = bufp;
- if (bp[0] > 2)
- return (bp[3]);
- else
- return (0);
-}
-
-/*
- * Return the data for the key/data pair that begins on this page at this
- * index (index should always be 1).
- */
-extern int
-__big_return(
- HTAB *hashp,
- BUFHEAD *bufp,
- int ndx,
- DBT *val,
- int set_current)
-{
- BUFHEAD *save_p;
- uint16 *bp, len, off, save_addr;
- char *tp;
- int save_flags;
-
- bp = (uint16 *)bufp->page;
- while (bp[ndx + 1] == PARTIAL_KEY) {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- return (-1);
- bp = (uint16 *)bufp->page;
- ndx = 1;
- }
-
- if (bp[ndx + 1] == FULL_KEY) {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- return (-1);
- bp = (uint16 *)bufp->page;
- save_p = bufp;
- save_addr = save_p->addr;
- off = bp[1];
- len = 0;
- } else
- if (!FREESPACE(bp)) {
- /*
- * This is a hack. We can't distinguish between
- * FULL_KEY_DATA that contains complete data or
- * incomplete data, so we require that if the data
- * is complete, there is at least 1 byte of free
- * space left.
- */
- off = bp[bp[0]];
- len = bp[1] - off;
- save_p = bufp;
- save_addr = bufp->addr;
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- return (-1);
- bp = (uint16 *)bufp->page;
- } else {
- /* The data is all on one page. */
- tp = (char *)bp;
- off = bp[bp[0]];
- val->data = (uint8 *)tp + off;
- val->size = bp[1] - off;
- if (set_current) {
- if (bp[0] == 2) { /* No more buckets in
- * chain */
- hashp->cpage = NULL;
- hashp->cbucket++;
- hashp->cndx = 1;
- } else {
- hashp->cpage = __get_buf(hashp,
- bp[bp[0] - 1], bufp, 0);
- if (!hashp->cpage)
- return (-1);
- hashp->cndx = 1;
- if (!((uint16 *)
- hashp->cpage->page)[0]) {
- hashp->cbucket++;
- hashp->cpage = NULL;
- }
- }
- }
- return (0);
- }
-
- /* pin our saved buf so that we don't lose if
- * we run out of buffers */
- save_flags = save_p->flags;
- save_p->flags |= BUF_PIN;
- val->size = collect_data(hashp, bufp, (int)len, set_current);
- save_p->flags = save_flags;
- if (val->size == (size_t)-1)
- return (-1);
- if (save_p->addr != save_addr) {
- /* We are pretty short on buffers. */
- errno = EINVAL; /* OUT OF BUFFERS */
- return (-1);
- }
- memmove(hashp->tmp_buf, (save_p->page) + off, len);
- val->data = (uint8 *)hashp->tmp_buf;
- return (0);
-}
-
-
-/*
- * Count how big the total datasize is by looping through the pages. Then
- * allocate a buffer and copy the data in the second loop. NOTE: Our caller
- * may already have a bp which it is holding onto. The caller is
- * responsible for copying that bp into our temp buffer. 'len' is how much
- * space to reserve for that buffer.
- */
-static int
-collect_data(
- HTAB *hashp,
- BUFHEAD *bufp,
- int len, int set)
-{
- register uint16 *bp;
- BUFHEAD *save_bufp;
- int save_flags;
- int mylen, totlen;
-
- /*
- * save the input buf head because we need to walk the list twice.
- * pin it to make sure it doesn't leave the buffer pool.
- * This has the effect of growing the buffer pool if necessary.
- */
- save_bufp = bufp;
- save_flags = save_bufp->flags;
- save_bufp->flags |= BUF_PIN;
-
- /* read the length of the buffer */
- for (totlen = len; bufp ; bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) {
- bp = (uint16 *)bufp->page;
- mylen = hashp->BSIZE - bp[1];
-
- /* if mylen ever goes negative it means that the
- * page is screwed up.
- */
- if (mylen < 0) {
- save_bufp->flags = save_flags;
- return (-1);
- }
- totlen += mylen;
- if (bp[2] == FULL_KEY_DATA) { /* End of Data */
- break;
- }
- }
-
- if (!bufp) {
- save_bufp->flags = save_flags;
- return (-1);
- }
-
- /* allocate a temp buf */
- if (hashp->tmp_buf)
- free(hashp->tmp_buf);
- if ((hashp->tmp_buf = (char *)malloc((size_t)totlen)) == NULL) {
- save_bufp->flags = save_flags;
- return (-1);
- }
-
- /* copy the buffers back into temp buf */
- for (bufp = save_bufp; bufp ;
- bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) {
- bp = (uint16 *)bufp->page;
- mylen = hashp->BSIZE - bp[1];
- memmove(&hashp->tmp_buf[len], (bufp->page) + bp[1], (size_t)mylen);
- len += mylen;
- if (bp[2] == FULL_KEY_DATA) {
- break;
- }
- }
-
- /* 'clear' the pin flags */
- save_bufp->flags = save_flags;
-
- /* update the database cursor */
- if (set) {
- hashp->cndx = 1;
- if (bp[0] == 2) { /* No more buckets in chain */
- hashp->cpage = NULL;
- hashp->cbucket++;
- } else {
- hashp->cpage = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!hashp->cpage)
- return (-1);
- else if (!((uint16 *)hashp->cpage->page)[0]) {
- hashp->cbucket++;
- hashp->cpage = NULL;
- }
- }
- }
- return (totlen);
-}
-
-/*
- * Fill in the key and data for this big pair.
- */
-extern int
-__big_keydata(
- HTAB *hashp,
- BUFHEAD *bufp,
- DBT *key, DBT *val,
- int set)
-{
- key->size = collect_key(hashp, bufp, 0, val, set);
- if (key->size == (size_t)-1)
- return (-1);
- key->data = (uint8 *)hashp->tmp_key;
- return (0);
-}
-
-/*
- * Count how big the total key size is by recursing through the pages. Then
- * collect the data, allocate a buffer and copy the key as you recurse up.
- */
-static int
-collect_key(
- HTAB *hashp,
- BUFHEAD *bufp,
- int len,
- DBT *val,
- int set)
-{
- BUFHEAD *xbp;
- char *p;
- int mylen, totlen;
- uint16 *bp, save_addr;
-
- p = bufp->page;
- bp = (uint16 *)p;
- mylen = hashp->BSIZE - bp[1];
-
- save_addr = bufp->addr;
- totlen = len + mylen;
- if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA) { /* End of Key. */
- if (hashp->tmp_key != NULL)
- free(hashp->tmp_key);
- if ((hashp->tmp_key = (char *)malloc((size_t)totlen)) == NULL)
- return (-1);
- if (__big_return(hashp, bufp, 1, val, set))
- return (-1);
- } else {
- xbp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!xbp || ((totlen =
- collect_key(hashp, xbp, totlen, val, set)) < 1))
- return (-1);
- }
- if (bufp->addr != save_addr) {
- errno = EINVAL; /* MIS -- OUT OF BUFFERS */
- return (-1);
- }
- memmove(&hashp->tmp_key[len], (bufp->page) + bp[1], (size_t)mylen);
- return (totlen);
-}
-
-/*
- * Returns:
- * 0 => OK
- * -1 => error
- */
-extern int
-__big_split(
- HTAB *hashp,
- BUFHEAD *op, /* Pointer to where to put keys that go in old bucket */
- BUFHEAD *np, /* Pointer to new bucket page */
- /* Pointer to first page containing the big key/data */
- BUFHEAD *big_keyp,
- uint32 addr, /* Address of big_keyp */
- uint32 obucket,/* Old Bucket */
- SPLIT_RETURN *ret)
-{
- register BUFHEAD *tmpp;
- register uint16 *tp;
- BUFHEAD *bp;
- DBT key, val;
- uint32 change;
- uint16 free_space, n, off;
-
- bp = big_keyp;
-
- /* Now figure out where the big key/data goes */
- if (__big_keydata(hashp, big_keyp, &key, &val, 0))
- return (-1);
- change = (__call_hash(hashp,(char*) key.data, key.size) != obucket);
-
- if ((ret->next_addr = __find_last_page(hashp, &big_keyp))) {
- if (!(ret->nextp =
- __get_buf(hashp, ret->next_addr, big_keyp, 0)))
- return (-1);;
- } else
- ret->nextp = NULL;
-
- /* Now make one of np/op point to the big key/data pair */
-#ifdef DEBUG
- assert(np->ovfl == NULL);
-#endif
- if (change)
- tmpp = np;
- else
- tmpp = op;
-
- tmpp->flags |= BUF_MOD;
-#ifdef DEBUG1
- (void)fprintf(stderr,
- "BIG_SPLIT: %d->ovfl was %d is now %d\n", tmpp->addr,
- (tmpp->ovfl ? tmpp->ovfl->addr : 0), (bp ? bp->addr : 0));
-#endif
- tmpp->ovfl = bp; /* one of op/np point to big_keyp */
- tp = (uint16 *)tmpp->page;
-
-
-#if 0 /* this get's tripped on database corrupted error */
- assert(FREESPACE(tp) >= OVFLSIZE);
-#endif
- if(FREESPACE(tp) < OVFLSIZE)
- return(DATABASE_CORRUPTED_ERROR);
-
- n = tp[0];
- off = OFFSET(tp);
- free_space = FREESPACE(tp);
- tp[++n] = (uint16)addr;
- tp[++n] = OVFLPAGE;
- tp[0] = n;
- OFFSET(tp) = off;
- FREESPACE(tp) = free_space - OVFLSIZE;
-
- /*
- * Finally, set the new and old return values. BIG_KEYP contains a
- * pointer to the last page of the big key_data pair. Make sure that
- * big_keyp has no following page (2 elements) or create an empty
- * following page.
- */
-
- ret->newp = np;
- ret->oldp = op;
-
- tp = (uint16 *)big_keyp->page;
- big_keyp->flags |= BUF_MOD;
- if (tp[0] > 2) {
- /*
- * There may be either one or two offsets on this page. If
- * there is one, then the overflow page is linked on normally
- * and tp[4] is OVFLPAGE. If there are two, tp[4] contains
- * the second offset and needs to get stuffed in after the
- * next overflow page is added.
- */
- n = tp[4];
- free_space = FREESPACE(tp);
- off = OFFSET(tp);
- tp[0] -= 2;
- FREESPACE(tp) = free_space + OVFLSIZE;
- OFFSET(tp) = off;
- tmpp = __add_ovflpage(hashp, big_keyp);
- if (!tmpp)
- return (-1);
- tp[4] = n;
- } else
- tmpp = big_keyp;
-
- if (change)
- ret->newp = tmpp;
- else
- ret->oldp = tmpp;
- return (0);
-}
diff --git a/dbm/src/h_func.c b/dbm/src/h_func.c
deleted file mode 100644
index 5819efe23..000000000
--- a/dbm/src/h_func.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_func.c 8.2 (Berkeley) 2/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-#if 0
-static uint32 hash1 __P((const void *, size_t));
-static uint32 hash2 __P((const void *, size_t));
-static uint32 hash3 __P((const void *, size_t));
-#endif
-static uint32 hash4 __P((const void *, size_t));
-
-/* Global default hash function */
-uint32 (*__default_hash) __P((const void *, size_t)) = hash4;
-
-/*
- * HASH FUNCTIONS
- *
- * Assume that we've already split the bucket to which this key hashes,
- * calculate that bucket, and check that in fact we did already split it.
- *
- * This came from ejb's hsearch.
- */
-
-#define PRIME1 37
-#define PRIME2 1048583
-
-#if 0
-static uint32
-hash1(const void *keyarg, register size_t len)
-{
- register const uint8 *key;
- register uint32 h;
-
- /* Convert string to integer */
- for (key = (const uint8 *)keyarg, h = 0; len--;)
- h = h * PRIME1 ^ (*key++ - ' ');
- h %= PRIME2;
- return (h);
-}
-
-/*
- * Phong's linear congruential hash
- */
-#define dcharhash(h, c) ((h) = 0x63c63cd9*(h) + 0x9c39c33d + (c))
-
-static uint32
-hash2(const void *keyarg, size_t len)
-{
- register const uint8 *e, *key;
- register uint32 h;
- register uint8 c;
-
- key = (const uint8 *)keyarg;
- e = key + len;
- for (h = 0; key != e;) {
- c = *key++;
- if (!c && key > e)
- break;
- dcharhash(h, c);
- }
- return (h);
-}
-
-/*
- * This is INCREDIBLY ugly, but fast. We break the string up into 8 byte
- * units. On the first time through the loop we get the "leftover bytes"
- * (strlen % 8). On every other iteration, we perform 8 HASHC's so we handle
- * all 8 bytes. Essentially, this saves us 7 cmp & branch instructions. If
- * this routine is heavily used enough, it's worth the ugly coding.
- *
- * OZ's original sdbm hash
- */
-static uint32
-hash3(const void *keyarg, register size_t len)
-{
- register const uint8 *key;
- register size_t loop;
- register uint32 h;
-
-#define HASHC h = *key++ + 65599 * h
-
- h = 0;
- key = (const uint8 *)keyarg;
- if (len > 0) {
- loop = (len + 8 - 1) >> 3;
-
- switch (len & (8 - 1)) {
- case 0:
- do {
- HASHC;
- /* FALLTHROUGH */
- case 7:
- HASHC;
- /* FALLTHROUGH */
- case 6:
- HASHC;
- /* FALLTHROUGH */
- case 5:
- HASHC;
- /* FALLTHROUGH */
- case 4:
- HASHC;
- /* FALLTHROUGH */
- case 3:
- HASHC;
- /* FALLTHROUGH */
- case 2:
- HASHC;
- /* FALLTHROUGH */
- case 1:
- HASHC;
- } while (--loop);
- }
- }
- return (h);
-}
-#endif /* 0 */
-
-/* Hash function from Chris Torek. */
-static uint32
-hash4(const void *keyarg, register size_t len)
-{
- register const uint8 *key;
- register size_t loop;
- register uint32 h;
-
-#define HASH4a h = (h << 5) - h + *key++;
-#define HASH4b h = (h << 5) + h + *key++;
-#define HASH4 HASH4b
-
- h = 0;
- key = (const uint8 *)keyarg;
- if (len > 0) {
- loop = (len + 8 - 1) >> 3;
-
- switch (len & (8 - 1)) {
- case 0:
- do {
- HASH4;
- /* FALLTHROUGH */
- case 7:
- HASH4;
- /* FALLTHROUGH */
- case 6:
- HASH4;
- /* FALLTHROUGH */
- case 5:
- HASH4;
- /* FALLTHROUGH */
- case 4:
- HASH4;
- /* FALLTHROUGH */
- case 3:
- HASH4;
- /* FALLTHROUGH */
- case 2:
- HASH4;
- /* FALLTHROUGH */
- case 1:
- HASH4;
- } while (--loop);
- }
- }
- return (h);
-}
diff --git a/dbm/src/h_log2.c b/dbm/src/h_log2.c
deleted file mode 100644
index 4d8b0a715..000000000
--- a/dbm/src/h_log2.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_log2.c 8.2 (Berkeley) 5/31/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#include <stdio.h>
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-#include "mcom_db.h"
-
-uint32 __log2(uint32 num)
-{
- register uint32 i, limit;
-
- limit = 1;
- for (i = 0; limit < num; limit = limit << 1, i++) {}
- return (i);
-}
diff --git a/dbm/src/h_page.c b/dbm/src/h_page.c
deleted file mode 100644
index e11ad9451..000000000
--- a/dbm/src/h_page.c
+++ /dev/null
@@ -1,1290 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(unix)
-#define MY_LSEEK lseek
-#else
-#define MY_LSEEK new_lseek
-extern long new_lseek(int fd, long pos, int start);
-#endif
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_page.c 8.7 (Berkeley) 8/16/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hashing
- *
- * DESCRIPTION:
- * Page manipulation for hashing package.
- *
- * ROUTINES:
- *
- * External
- * __get_page
- * __add_ovflpage
- * Internal
- * overflow_page
- * open_temp
- */
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-
-#if defined(macintosh)
-#include <unistd.h>
-#endif
-
-#include <errno.h>
-#include <fcntl.h>
-#if defined(_WIN32) || defined(_WINDOWS)
-#include <io.h>
-#endif
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <unistd.h>
-#endif
-
-#include <assert.h>
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-extern int mkstempflags(char *path, int extraFlags);
-
-static uint32 *fetch_bitmap __P((HTAB *, uint32));
-static uint32 first_free __P((uint32));
-static int open_temp __P((HTAB *));
-static uint16 overflow_page __P((HTAB *));
-static void squeeze_key __P((uint16 *, const DBT *, const DBT *));
-static int ugly_split
- __P((HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int));
-
-#define PAGE_INIT(P) { \
- ((uint16 *)(P))[0] = 0; \
- ((uint16 *)(P))[1] = hashp->BSIZE - 3 * sizeof(uint16); \
- ((uint16 *)(P))[2] = hashp->BSIZE; \
-}
-
-/* implement a new lseek using lseek that
- * writes zero's when extending a file
- * beyond the end.
- */
-long new_lseek(int fd, long offset, int origin)
-{
- long cur_pos=0;
- long end_pos=0;
- long seek_pos=0;
-
- if(origin == SEEK_CUR)
- {
- if(offset < 1)
- return(lseek(fd, offset, SEEK_CUR));
-
- cur_pos = lseek(fd, 0, SEEK_CUR);
-
- if(cur_pos < 0)
- return(cur_pos);
- }
-
- end_pos = lseek(fd, 0, SEEK_END);
- if(end_pos < 0)
- return(end_pos);
-
- if(origin == SEEK_SET)
- seek_pos = offset;
- else if(origin == SEEK_CUR)
- seek_pos = cur_pos + offset;
- else if(origin == SEEK_END)
- seek_pos = end_pos + offset;
- else
- {
- assert(0);
- return(-1);
- }
-
- /* the seek position desired is before the
- * end of the file. We don't need
- * to do anything special except the seek.
- */
- if(seek_pos <= end_pos)
- return(lseek(fd, seek_pos, SEEK_SET));
-
- /* the seek position is beyond the end of the
- * file. Write zero's to the end.
- *
- * we are already at the end of the file so
- * we just need to "write()" zeros for the
- * difference between seek_pos-end_pos and
- * then seek to the position to finish
- * the call
- */
- {
- char buffer[1024];
- long len = seek_pos-end_pos;
- memset(&buffer, 0, 1024);
- while(len > 0)
- {
- write(fd, (char*)&buffer, (size_t)(1024 > len ? len : 1024));
- len -= 1024;
- }
- return(lseek(fd, seek_pos, SEEK_SET));
- }
-
-}
-
-/*
- * This is called AFTER we have verified that there is room on the page for
- * the pair (PAIRFITS has returned true) so we go right ahead and start moving
- * stuff on.
- */
-static void
-putpair(char *p, const DBT *key, DBT * val)
-{
- register uint16 *bp, n, off;
-
- bp = (uint16 *)p;
-
- /* Enter the key first. */
- n = bp[0];
-
- off = OFFSET(bp) - key->size;
- memmove(p + off, key->data, key->size);
- bp[++n] = off;
-
- /* Now the data. */
- off -= val->size;
- memmove(p + off, val->data, val->size);
- bp[++n] = off;
-
- /* Adjust page info. */
- bp[0] = n;
- bp[n + 1] = off - ((n + 3) * sizeof(uint16));
- bp[n + 2] = off;
-}
-
-/*
- * Returns:
- * 0 OK
- * -1 error
- */
-extern int
-__delpair(HTAB *hashp, BUFHEAD *bufp, int ndx)
-{
- register uint16 *bp, newoff;
- register int n;
- uint16 pairlen;
-
- bp = (uint16 *)bufp->page;
- n = bp[0];
-
- if (bp[ndx + 1] < REAL_KEY)
- return (__big_delete(hashp, bufp));
- if (ndx != 1)
- newoff = bp[ndx - 1];
- else
- newoff = hashp->BSIZE;
- pairlen = newoff - bp[ndx + 1];
-
- if (ndx != (n - 1)) {
- /* Hard Case -- need to shuffle keys */
- register int i;
- register char *src = bufp->page + (int)OFFSET(bp);
- uint32 dst_offset = (uint32)OFFSET(bp) + (uint32)pairlen;
- register char *dst = bufp->page + dst_offset;
- uint32 length = bp[ndx + 1] - OFFSET(bp);
-
- /*
- * +-----------+XXX+---------+XXX+---------+---------> +infinity
- * | | | |
- * 0 src_offset dst_offset BSIZE
- *
- * Dst_offset is > src_offset, so if src_offset were bad, dst_offset
- * would be too, therefore we check only dst_offset.
- *
- * If dst_offset is >= BSIZE, either OFFSET(bp), or pairlen, or both
- * is corrupted.
- *
- * Once we know dst_offset is < BSIZE, we can subtract it from BSIZE
- * to get an upper bound on length.
- */
- if(dst_offset > (uint32)hashp->BSIZE)
- return(DATABASE_CORRUPTED_ERROR);
-
- if(length > (uint32)(hashp->BSIZE - dst_offset))
- return(DATABASE_CORRUPTED_ERROR);
-
- memmove(dst, src, length);
-
- /* Now adjust the pointers */
- for (i = ndx + 2; i <= n; i += 2) {
- if (bp[i + 1] == OVFLPAGE) {
- bp[i - 2] = bp[i];
- bp[i - 1] = bp[i + 1];
- } else {
- bp[i - 2] = bp[i] + pairlen;
- bp[i - 1] = bp[i + 1] + pairlen;
- }
- }
- }
- /* Finally adjust the page data */
- bp[n] = OFFSET(bp) + pairlen;
- bp[n - 1] = bp[n + 1] + pairlen + 2 * sizeof(uint16);
- bp[0] = n - 2;
- hashp->NKEYS--;
-
- bufp->flags |= BUF_MOD;
- return (0);
-}
-/*
- * Returns:
- * 0 ==> OK
- * -1 ==> Error
- */
-extern int
-__split_page(HTAB *hashp, uint32 obucket, uint32 nbucket)
-{
- register BUFHEAD *new_bufp, *old_bufp;
- register uint16 *ino;
- register uint16 *tmp_uint16_array;
- register char *np;
- DBT key, val;
- uint16 n, ndx;
- int retval;
- uint16 copyto, diff, moved;
- size_t off;
- char *op;
-
- copyto = (uint16)hashp->BSIZE;
- off = (uint16)hashp->BSIZE;
- old_bufp = __get_buf(hashp, obucket, NULL, 0);
- if (old_bufp == NULL)
- return (-1);
- new_bufp = __get_buf(hashp, nbucket, NULL, 0);
- if (new_bufp == NULL)
- return (-1);
-
- old_bufp->flags |= (BUF_MOD | BUF_PIN);
- new_bufp->flags |= (BUF_MOD | BUF_PIN);
-
- ino = (uint16 *)(op = old_bufp->page);
- np = new_bufp->page;
-
- moved = 0;
-
- for (n = 1, ndx = 1; n < ino[0]; n += 2) {
- if (ino[n + 1] < REAL_KEY) {
- retval = ugly_split(hashp, obucket, old_bufp, new_bufp,
- (int)copyto, (int)moved);
- old_bufp->flags &= ~BUF_PIN;
- new_bufp->flags &= ~BUF_PIN;
- return (retval);
-
- }
- key.data = (uint8 *)op + ino[n];
-
- /* check here for ino[n] being greater than
- * off. If it is then the database has
- * been corrupted.
- */
- if(ino[n] > off)
- return(DATABASE_CORRUPTED_ERROR);
-
- key.size = off - ino[n];
-
-#ifdef DEBUG
- /* make sure the size is positive */
- assert(((int)key.size) > -1);
-#endif
-
- if (__call_hash(hashp, (char *)key.data, key.size) == obucket) {
- /* Don't switch page */
- diff = copyto - off;
- if (diff) {
- copyto = ino[n + 1] + diff;
- memmove(op + copyto, op + ino[n + 1],
- off - ino[n + 1]);
- ino[ndx] = copyto + ino[n] - ino[n + 1];
- ino[ndx + 1] = copyto;
- } else
- copyto = ino[n + 1];
- ndx += 2;
- } else {
- /* Switch page */
- val.data = (uint8 *)op + ino[n + 1];
- val.size = ino[n] - ino[n + 1];
-
- /* if the pair doesn't fit something is horribly
- * wrong. LJM
- */
- tmp_uint16_array = (uint16*)np;
- if(!PAIRFITS(tmp_uint16_array, &key, &val))
- return(DATABASE_CORRUPTED_ERROR);
-
- putpair(np, &key, &val);
- moved += 2;
- }
-
- off = ino[n + 1];
- }
-
- /* Now clean up the page */
- ino[0] -= moved;
- FREESPACE(ino) = copyto - sizeof(uint16) * (ino[0] + 3);
- OFFSET(ino) = copyto;
-
-#ifdef DEBUG3
- (void)fprintf(stderr, "split %d/%d\n",
- ((uint16 *)np)[0] / 2,
- ((uint16 *)op)[0] / 2);
-#endif
- /* unpin both pages */
- old_bufp->flags &= ~BUF_PIN;
- new_bufp->flags &= ~BUF_PIN;
- return (0);
-}
-
-/*
- * Called when we encounter an overflow or big key/data page during split
- * handling. This is special cased since we have to begin checking whether
- * the key/data pairs fit on their respective pages and because we may need
- * overflow pages for both the old and new pages.
- *
- * The first page might be a page with regular key/data pairs in which case
- * we have a regular overflow condition and just need to go on to the next
- * page or it might be a big key/data pair in which case we need to fix the
- * big key/data pair.
- *
- * Returns:
- * 0 ==> success
- * -1 ==> failure
- */
-
-/* the maximum number of loops we will allow UGLY split to chew
- * on before we assume the database is corrupted and throw it
- * away.
- */
-#define MAX_UGLY_SPLIT_LOOPS 10000
-
-static int
-ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp,
- BUFHEAD *new_bufp,/* Same as __split_page. */ int copyto, int moved)
- /* int copyto; First byte on page which contains key/data values. */
- /* int moved; Number of pairs moved to new page. */
-{
- register BUFHEAD *bufp; /* Buffer header for ino */
- register uint16 *ino; /* Page keys come off of */
- register uint16 *np; /* New page */
- register uint16 *op; /* Page keys go on to if they aren't moving */
- uint32 loop_detection=0;
-
- BUFHEAD *last_bfp; /* Last buf header OVFL needing to be freed */
- DBT key, val;
- SPLIT_RETURN ret;
- uint16 n, off, ov_addr, scopyto;
- char *cino; /* Character value of ino */
- int status;
-
- bufp = old_bufp;
- ino = (uint16 *)old_bufp->page;
- np = (uint16 *)new_bufp->page;
- op = (uint16 *)old_bufp->page;
- last_bfp = NULL;
- scopyto = (uint16)copyto; /* ANSI */
-
- n = ino[0] - 1;
- while (n < ino[0]) {
-
-
- /* this function goes nuts sometimes and never returns.
- * I havent found the problem yet but I need a solution
- * so if we loop too often we assume a database curruption error
- * :LJM
- */
- loop_detection++;
-
- if(loop_detection > MAX_UGLY_SPLIT_LOOPS)
- return DATABASE_CORRUPTED_ERROR;
-
- if (ino[2] < REAL_KEY && ino[2] != OVFLPAGE) {
- if ((status = __big_split(hashp, old_bufp,
- new_bufp, bufp, bufp->addr, obucket, &ret)))
- return (status);
- old_bufp = ret.oldp;
- if (!old_bufp)
- return (-1);
- op = (uint16 *)old_bufp->page;
- new_bufp = ret.newp;
- if (!new_bufp)
- return (-1);
- np = (uint16 *)new_bufp->page;
- bufp = ret.nextp;
- if (!bufp)
- return (0);
- cino = (char *)bufp->page;
- ino = (uint16 *)cino;
- last_bfp = ret.nextp;
- } else if (ino[n + 1] == OVFLPAGE) {
- ov_addr = ino[n];
- /*
- * Fix up the old page -- the extra 2 are the fields
- * which contained the overflow information.
- */
- ino[0] -= (moved + 2);
- FREESPACE(ino) =
- scopyto - sizeof(uint16) * (ino[0] + 3);
- OFFSET(ino) = scopyto;
-
- bufp = __get_buf(hashp, ov_addr, bufp, 0);
- if (!bufp)
- return (-1);
-
- ino = (uint16 *)bufp->page;
- n = 1;
- scopyto = hashp->BSIZE;
- moved = 0;
-
- if (last_bfp)
- __free_ovflpage(hashp, last_bfp);
- last_bfp = bufp;
- }
- /* Move regular sized pairs of there are any */
- off = hashp->BSIZE;
- for (n = 1; (n < ino[0]) && (ino[n + 1] >= REAL_KEY); n += 2) {
- cino = (char *)ino;
- key.data = (uint8 *)cino + ino[n];
- key.size = off - ino[n];
- val.data = (uint8 *)cino + ino[n + 1];
- val.size = ino[n] - ino[n + 1];
- off = ino[n + 1];
-
- if (__call_hash(hashp, (char*)key.data, key.size) == obucket) {
- /* Keep on old page */
- if (PAIRFITS(op, (&key), (&val)))
- putpair((char *)op, &key, &val);
- else {
- old_bufp =
- __add_ovflpage(hashp, old_bufp);
- if (!old_bufp)
- return (-1);
- op = (uint16 *)old_bufp->page;
- putpair((char *)op, &key, &val);
- }
- old_bufp->flags |= BUF_MOD;
- } else {
- /* Move to new page */
- if (PAIRFITS(np, (&key), (&val)))
- putpair((char *)np, &key, &val);
- else {
- new_bufp =
- __add_ovflpage(hashp, new_bufp);
- if (!new_bufp)
- return (-1);
- np = (uint16 *)new_bufp->page;
- putpair((char *)np, &key, &val);
- }
- new_bufp->flags |= BUF_MOD;
- }
- }
- }
- if (last_bfp)
- __free_ovflpage(hashp, last_bfp);
- return (0);
-}
-
-/*
- * Add the given pair to the page
- *
- * Returns:
- * 0 ==> OK
- * 1 ==> failure
- */
-extern int
-__addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val)
-{
- register uint16 *bp, *sop;
- int do_expand;
-
- bp = (uint16 *)bufp->page;
- do_expand = 0;
- while (bp[0] && (bp[2] < REAL_KEY || bp[bp[0]] < REAL_KEY))
- /* Exception case */
- if (bp[2] == FULL_KEY_DATA && bp[0] == 2)
- /* This is the last page of a big key/data pair
- and we need to add another page */
- break;
- else if (bp[2] < REAL_KEY && bp[bp[0]] != OVFLPAGE) {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- bp = (uint16 *)bufp->page;
- } else
- /* Try to squeeze key on this page */
- if (FREESPACE(bp) > PAIRSIZE(key, val)) {
- {
- squeeze_key(bp, key, val);
-
- /* LJM: I added this because I think it was
- * left out on accident.
- * if this isn't incremented nkeys will not
- * be the actual number of keys in the db.
- */
- hashp->NKEYS++;
- return (0);
- }
- } else {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- bp = (uint16 *)bufp->page;
- }
-
- if (PAIRFITS(bp, key, val))
- putpair(bufp->page, key, (DBT *)val);
- else {
- do_expand = 1;
- bufp = __add_ovflpage(hashp, bufp);
- if (!bufp)
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- sop = (uint16 *)bufp->page;
-
- if (PAIRFITS(sop, key, val))
- putpair((char *)sop, key, (DBT *)val);
- else
- if (__big_insert(hashp, bufp, key, val))
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- }
- bufp->flags |= BUF_MOD;
- /*
- * If the average number of keys per bucket exceeds the fill factor,
- * expand the table.
- */
- hashp->NKEYS++;
- if (do_expand ||
- (hashp->NKEYS / (hashp->MAX_BUCKET + 1) > hashp->FFACTOR))
- return (__expand_table(hashp));
- return (0);
-}
-
-/*
- *
- * Returns:
- * pointer on success
- * NULL on error
- */
-extern BUFHEAD *
-__add_ovflpage(HTAB *hashp, BUFHEAD *bufp)
-{
- register uint16 *sp;
- uint16 ndx, ovfl_num;
-#ifdef DEBUG1
- int tmp1, tmp2;
-#endif
- sp = (uint16 *)bufp->page;
-
- /* Check if we are dynamically determining the fill factor */
- if (hashp->FFACTOR == DEF_FFACTOR) {
- hashp->FFACTOR = sp[0] >> 1;
- if (hashp->FFACTOR < MIN_FFACTOR)
- hashp->FFACTOR = MIN_FFACTOR;
- }
- bufp->flags |= BUF_MOD;
- ovfl_num = overflow_page(hashp);
-#ifdef DEBUG1
- tmp1 = bufp->addr;
- tmp2 = bufp->ovfl ? bufp->ovfl->addr : 0;
-#endif
- if (!ovfl_num || !(bufp->ovfl = __get_buf(hashp, ovfl_num, bufp, 1)))
- return (NULL);
- bufp->ovfl->flags |= BUF_MOD;
-#ifdef DEBUG1
- (void)fprintf(stderr, "ADDOVFLPAGE: %d->ovfl was %d is now %d\n",
- tmp1, tmp2, bufp->ovfl->addr);
-#endif
- ndx = sp[0];
- /*
- * Since a pair is allocated on a page only if there's room to add
- * an overflow page, we know that the OVFL information will fit on
- * the page.
- */
- sp[ndx + 4] = OFFSET(sp);
- sp[ndx + 3] = FREESPACE(sp) - OVFLSIZE;
- sp[ndx + 1] = ovfl_num;
- sp[ndx + 2] = OVFLPAGE;
- sp[0] = ndx + 2;
-#ifdef HASH_STATISTICS
- hash_overflows++;
-#endif
- return (bufp->ovfl);
-}
-
-/*
- * Returns:
- * 0 indicates SUCCESS
- * -1 indicates FAILURE
- */
-extern int
-__get_page(HTAB *hashp,
- char * p,
- uint32 bucket,
- int is_bucket,
- int is_disk,
- int is_bitmap)
-{
- register int fd, page;
- size_t size;
- int rsize;
- uint16 *bp;
-
- fd = hashp->fp;
- size = hashp->BSIZE;
-
- if ((fd == -1) || !is_disk) {
- PAGE_INIT(p);
- return (0);
- }
- if (is_bucket)
- page = BUCKET_TO_PAGE(bucket);
- else
- page = OADDR_TO_PAGE(bucket);
- if ((MY_LSEEK(fd, (off_t)page << hashp->BSHIFT, SEEK_SET) == -1) ||
- ((rsize = read(fd, p, size)) == -1))
- return (-1);
-
- bp = (uint16 *)p;
- if (!rsize)
- bp[0] = 0; /* We hit the EOF, so initialize a new page */
- else
- if ((unsigned)rsize != size) {
- errno = EFTYPE;
- return (-1);
- }
-
- if (!is_bitmap && !bp[0]) {
- PAGE_INIT(p);
- } else {
-
-#ifdef DEBUG
- if(BYTE_ORDER == LITTLE_ENDIAN)
- {
- int is_little_endian;
- is_little_endian = BYTE_ORDER;
- }
- else if(BYTE_ORDER == BIG_ENDIAN)
- {
- int is_big_endian;
- is_big_endian = BYTE_ORDER;
- }
- else
- {
- assert(0);
- }
-#endif
-
- if (hashp->LORDER != BYTE_ORDER) {
- register int i, max;
-
- if (is_bitmap) {
- max = hashp->BSIZE >> 2; /* divide by 4 */
- for (i = 0; i < max; i++)
- M_32_SWAP(((int *)p)[i]);
- } else {
- M_16_SWAP(bp[0]);
- max = bp[0] + 2;
-
- /* bound the size of max by
- * the maximum number of entries
- * in the array
- */
- if((unsigned)max > (size / sizeof(uint16)))
- return(DATABASE_CORRUPTED_ERROR);
-
- /* do the byte order swap
- */
- for (i = 1; i <= max; i++)
- M_16_SWAP(bp[i]);
- }
- }
-
- /* check the validity of the page here
- * (after doing byte order swaping if necessary)
- */
- if(!is_bitmap && bp[0] != 0)
- {
- uint16 num_keys = bp[0];
- uint16 offset;
- uint16 i;
-
- /* bp[0] is supposed to be the number of
- * entries currently in the page. If
- * bp[0] is too large (larger than the whole
- * page) then the page is corrupted
- */
- if(bp[0] > (size / sizeof(uint16)))
- return(DATABASE_CORRUPTED_ERROR);
-
- /* bound free space */
- if(FREESPACE(bp) > size)
- return(DATABASE_CORRUPTED_ERROR);
-
- /* check each key and data offset to make
- * sure they are all within bounds they
- * should all be less than the previous
- * offset as well.
- */
- offset = size;
- for(i=1 ; i <= num_keys; i+=2)
- {
- /* ignore overflow pages etc. */
- if(bp[i+1] >= REAL_KEY)
- {
-
- if(bp[i] > offset || bp[i+1] > bp[i])
- return(DATABASE_CORRUPTED_ERROR);
-
- offset = bp[i+1];
- }
- else
- {
- /* there are no other valid keys after
- * seeing a non REAL_KEY
- */
- break;
- }
- }
- }
- }
- return (0);
-}
-
-/*
- * Write page p to disk
- *
- * Returns:
- * 0 ==> OK
- * -1 ==>failure
- */
-extern int
-__put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap)
-{
- register int fd, page;
- size_t size;
- int wsize;
- off_t offset;
-
- size = hashp->BSIZE;
- if ((hashp->fp == -1) && open_temp(hashp))
- return (-1);
- fd = hashp->fp;
-
- if (hashp->LORDER != BYTE_ORDER) {
- register int i;
- register int max;
-
- if (is_bitmap) {
- max = hashp->BSIZE >> 2; /* divide by 4 */
- for (i = 0; i < max; i++)
- M_32_SWAP(((int *)p)[i]);
- } else {
- max = ((uint16 *)p)[0] + 2;
-
- /* bound the size of max by
- * the maximum number of entries
- * in the array
- */
- if((unsigned)max > (size / sizeof(uint16)))
- return(DATABASE_CORRUPTED_ERROR);
-
- for (i = 0; i <= max; i++)
- M_16_SWAP(((uint16 *)p)[i]);
-
- }
- }
-
- if (is_bucket)
- page = BUCKET_TO_PAGE(bucket);
- else
- page = OADDR_TO_PAGE(bucket);
- offset = (off_t)page << hashp->BSHIFT;
- if ((MY_LSEEK(fd, offset, SEEK_SET) == -1) ||
- ((wsize = write(fd, p, size)) == -1))
- /* Errno is set */
- return (-1);
- if ((unsigned)wsize != size) {
- errno = EFTYPE;
- return (-1);
- }
-#if defined(_WIN32) || defined(_WINDOWS)
- if (offset + size > hashp->file_size) {
- hashp->updateEOF = 1;
- }
-#endif
- /* put the page back the way it was so that it isn't byteswapped
- * if it remains in memory - LJM
- */
- if (hashp->LORDER != BYTE_ORDER) {
- register int i;
- register int max;
-
- if (is_bitmap) {
- max = hashp->BSIZE >> 2; /* divide by 4 */
- for (i = 0; i < max; i++)
- M_32_SWAP(((int *)p)[i]);
- } else {
- uint16 *bp = (uint16 *)p;
-
- M_16_SWAP(bp[0]);
- max = bp[0] + 2;
-
- /* no need to bound the size if max again
- * since it was done already above
- */
-
- /* do the byte order re-swap
- */
- for (i = 1; i <= max; i++)
- M_16_SWAP(bp[i]);
- }
- }
-
- return (0);
-}
-
-#define BYTE_MASK ((1 << INT_BYTE_SHIFT) -1)
-/*
- * Initialize a new bitmap page. Bitmap pages are left in memory
- * once they are read in.
- */
-extern int
-__ibitmap(HTAB *hashp, int pnum, int nbits, int ndx)
-{
- uint32 *ip;
- size_t clearbytes, clearints;
-
- if ((ip = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
- return (1);
- hashp->nmaps++;
- clearints = ((nbits - 1) >> INT_BYTE_SHIFT) + 1;
- clearbytes = clearints << INT_TO_BYTE;
- (void)memset((char *)ip, 0, clearbytes);
- (void)memset(((char *)ip) + clearbytes, 0xFF,
- hashp->BSIZE - clearbytes);
- ip[clearints - 1] = ALL_SET << (nbits & BYTE_MASK);
- SETBIT(ip, 0);
- hashp->BITMAPS[ndx] = (uint16)pnum;
- hashp->mapp[ndx] = ip;
- return (0);
-}
-
-static uint32
-first_free(uint32 map)
-{
- register uint32 i, mask;
-
- mask = 0x1;
- for (i = 0; i < BITS_PER_MAP; i++) {
- if (!(mask & map))
- return (i);
- mask = mask << 1;
- }
- return (i);
-}
-
-static uint16
-overflow_page(HTAB *hashp)
-{
- register uint32 *freep=NULL;
- register int max_free, offset, splitnum;
- uint16 addr;
- uint32 i;
- int bit, first_page, free_bit, free_page, in_use_bits, j;
-#ifdef DEBUG2
- int tmp1, tmp2;
-#endif
- splitnum = hashp->OVFL_POINT;
- max_free = hashp->SPARES[splitnum];
-
- free_page = (max_free - 1) >> (hashp->BSHIFT + BYTE_SHIFT);
- free_bit = (max_free - 1) & ((hashp->BSIZE << BYTE_SHIFT) - 1);
-
- /* Look through all the free maps to find the first free block */
- first_page = hashp->LAST_FREED >>(hashp->BSHIFT + BYTE_SHIFT);
- for ( i = first_page; i <= (unsigned)free_page; i++ ) {
- if (!(freep = (uint32 *)hashp->mapp[i]) &&
- !(freep = fetch_bitmap(hashp, i)))
- return (0);
- if (i == (unsigned)free_page)
- in_use_bits = free_bit;
- else
- in_use_bits = (hashp->BSIZE << BYTE_SHIFT) - 1;
-
- if (i == (unsigned)first_page) {
- bit = hashp->LAST_FREED &
- ((hashp->BSIZE << BYTE_SHIFT) - 1);
- j = bit / BITS_PER_MAP;
- bit = bit & ~(BITS_PER_MAP - 1);
- } else {
- bit = 0;
- j = 0;
- }
- for (; bit <= in_use_bits; j++, bit += BITS_PER_MAP)
- if (freep[j] != ALL_SET)
- goto found;
- }
-
- /* No Free Page Found */
- hashp->LAST_FREED = hashp->SPARES[splitnum];
- hashp->SPARES[splitnum]++;
- offset = hashp->SPARES[splitnum] -
- (splitnum ? hashp->SPARES[splitnum - 1] : 0);
-
-#define OVMSG "HASH: Out of overflow pages. Increase page size\n"
- if (offset > SPLITMASK) {
- if (++splitnum >= NCACHED) {
-#ifndef macintosh
- (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
-#endif
- return (0);
- }
- hashp->OVFL_POINT = splitnum;
- hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1];
- hashp->SPARES[splitnum-1]--;
- offset = 1;
- }
-
- /* Check if we need to allocate a new bitmap page */
- if (free_bit == (hashp->BSIZE << BYTE_SHIFT) - 1) {
- free_page++;
- if (free_page >= NCACHED) {
-#ifndef macintosh
- (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
-#endif
- return (0);
- }
- /*
- * This is tricky. The 1 indicates that you want the new page
- * allocated with 1 clear bit. Actually, you are going to
- * allocate 2 pages from this map. The first is going to be
- * the map page, the second is the overflow page we were
- * looking for. The init_bitmap routine automatically, sets
- * the first bit of itself to indicate that the bitmap itself
- * is in use. We would explicitly set the second bit, but
- * don't have to if we tell init_bitmap not to leave it clear
- * in the first place.
- */
- if (__ibitmap(hashp,
- (int)OADDR_OF(splitnum, offset), 1, free_page))
- return (0);
- hashp->SPARES[splitnum]++;
-#ifdef DEBUG2
- free_bit = 2;
-#endif
- offset++;
- if (offset > SPLITMASK) {
- if (++splitnum >= NCACHED) {
-#ifndef macintosh
- (void)write(STDERR_FILENO, OVMSG,
- sizeof(OVMSG) - 1);
-#endif
- return (0);
- }
- hashp->OVFL_POINT = splitnum;
- hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1];
- hashp->SPARES[splitnum-1]--;
- offset = 0;
- }
- } else {
- /*
- * Free_bit addresses the last used bit. Bump it to address
- * the first available bit.
- */
- free_bit++;
- SETBIT(freep, free_bit);
- }
-
- /* Calculate address of the new overflow page */
- addr = OADDR_OF(splitnum, offset);
-#ifdef DEBUG2
- (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
- addr, free_bit, free_page);
-#endif
- return (addr);
-
-found:
- bit = bit + first_free(freep[j]);
- SETBIT(freep, bit);
-#ifdef DEBUG2
- tmp1 = bit;
- tmp2 = i;
-#endif
- /*
- * Bits are addressed starting with 0, but overflow pages are addressed
- * beginning at 1. Bit is a bit addressnumber, so we need to increment
- * it to convert it to a page number.
- */
- bit = 1 + bit + (i * (hashp->BSIZE << BYTE_SHIFT));
- if (bit >= hashp->LAST_FREED)
- hashp->LAST_FREED = bit - 1;
-
- /* Calculate the split number for this page */
- for (i = 0; (i < (unsigned)splitnum) && (bit > hashp->SPARES[i]); i++) {}
- offset = (i ? bit - hashp->SPARES[i - 1] : bit);
- if (offset >= SPLITMASK)
- return (0); /* Out of overflow pages */
- addr = OADDR_OF(i, offset);
-#ifdef DEBUG2
- (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
- addr, tmp1, tmp2);
-#endif
-
- /* Allocate and return the overflow page */
- return (addr);
-}
-
-/*
- * Mark this overflow page as free.
- */
-extern void
-__free_ovflpage(HTAB *hashp, BUFHEAD *obufp)
-{
- uint16 addr;
- uint32 *freep;
- uint32 bit_address, free_page, free_bit;
- uint16 ndx;
-
- if(!obufp || !obufp->addr)
- return;
-
- addr = obufp->addr;
-#ifdef DEBUG1
- (void)fprintf(stderr, "Freeing %d\n", addr);
-#endif
- ndx = (((uint16)addr) >> SPLITSHIFT);
- bit_address =
- (ndx ? hashp->SPARES[ndx - 1] : 0) + (addr & SPLITMASK) - 1;
- if (bit_address < (uint32)hashp->LAST_FREED)
- hashp->LAST_FREED = bit_address;
- free_page = (bit_address >> (hashp->BSHIFT + BYTE_SHIFT));
- free_bit = bit_address & ((hashp->BSIZE << BYTE_SHIFT) - 1);
-
- if (!(freep = hashp->mapp[free_page]))
- freep = fetch_bitmap(hashp, free_page);
-
-#ifdef DEBUG
- /*
- * This had better never happen. It means we tried to read a bitmap
- * that has already had overflow pages allocated off it, and we
- * failed to read it from the file.
- */
- if (!freep)
- {
- assert(0);
- return;
- }
-#endif
- CLRBIT(freep, free_bit);
-#ifdef DEBUG2
- (void)fprintf(stderr, "FREE_OVFLPAGE: ADDR: %d BIT: %d PAGE %d\n",
- obufp->addr, free_bit, free_page);
-#endif
- __reclaim_buf(hashp, obufp);
-}
-
-/*
- * Returns:
- * 0 success
- * -1 failure
- */
-static int
-open_temp(HTAB *hashp)
-{
-#ifdef XP_OS2
- hashp->fp = mkstemp(NULL);
-#else
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
- sigset_t set, oset;
-#endif
-#if !defined(macintosh)
- char * tmpdir;
- size_t len;
- char last;
-#endif
- static const char namestr[] = "/_hashXXXXXX";
- char filename[1024];
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
- /* Block signals; make sure file goes away at process exit. */
- (void)sigfillset(&set);
- (void)sigprocmask(SIG_BLOCK, &set, &oset);
-#endif
-
- filename[0] = 0;
-#if defined(macintosh)
- strcat(filename, namestr + 1);
-#else
- tmpdir = getenv("TMP");
- if (!tmpdir)
- tmpdir = getenv("TMPDIR");
- if (!tmpdir)
- tmpdir = getenv("TEMP");
- if (!tmpdir)
- tmpdir = ".";
- len = strlen(tmpdir);
- if (len && len < (sizeof filename - sizeof namestr)) {
- strcpy(filename, tmpdir);
- }
- len = strlen(filename);
- last = tmpdir[len - 1];
- strcat(filename, (last == '/' || last == '\\') ? namestr + 1 : namestr);
-#endif
-
-#if defined(_WIN32) || defined(_WINDOWS)
- if ((hashp->fp = mkstempflags(filename, _O_BINARY|_O_TEMPORARY)) != -1) {
- if (hashp->filename) {
- free(hashp->filename);
- }
- hashp->filename = strdup(filename);
- hashp->is_temp = 1;
- }
-#else
- if ((hashp->fp = mkstemp(filename)) != -1) {
- (void)unlink(filename);
-#if !defined(macintosh)
- (void)fcntl(hashp->fp, F_SETFD, 1);
-#endif
- }
-#endif
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
- (void)sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL);
-#endif
-#endif /* !OS2 */
- return (hashp->fp != -1 ? 0 : -1);
-}
-
-/*
- * We have to know that the key will fit, but the last entry on the page is
- * an overflow pair, so we need to shift things.
- */
-static void
-squeeze_key(uint16 *sp, const DBT * key, const DBT * val)
-{
- register char *p;
- uint16 free_space, n, off, pageno;
-
- p = (char *)sp;
- n = sp[0];
- free_space = FREESPACE(sp);
- off = OFFSET(sp);
-
- pageno = sp[n - 1];
- off -= key->size;
- sp[n - 1] = off;
- memmove(p + off, key->data, key->size);
- off -= val->size;
- sp[n] = off;
- memmove(p + off, val->data, val->size);
- sp[0] = n + 2;
- sp[n + 1] = pageno;
- sp[n + 2] = OVFLPAGE;
- FREESPACE(sp) = free_space - PAIRSIZE(key, val);
- OFFSET(sp) = off;
-}
-
-static uint32 *
-fetch_bitmap(HTAB *hashp, uint32 ndx)
-{
- if (ndx >= (unsigned)hashp->nmaps)
- return (NULL);
- if ((hashp->mapp[ndx] = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
- return (NULL);
- if (__get_page(hashp,
- (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) {
- free(hashp->mapp[ndx]);
- hashp->mapp[ndx] = NULL; /* NEW: 9-11-95 */
- return (NULL);
- }
- return (hashp->mapp[ndx]);
-}
-
-#ifdef DEBUG4
-int
-print_chain(int addr)
-{
- BUFHEAD *bufp;
- short *bp, oaddr;
-
- (void)fprintf(stderr, "%d ", addr);
- bufp = __get_buf(hashp, addr, NULL, 0);
- bp = (short *)bufp->page;
- while (bp[0] && ((bp[bp[0]] == OVFLPAGE) ||
- ((bp[0] > 2) && bp[2] < REAL_KEY))) {
- oaddr = bp[bp[0] - 1];
- (void)fprintf(stderr, "%d ", (int)oaddr);
- bufp = __get_buf(hashp, (int)oaddr, bufp, 0);
- bp = (short *)bufp->page;
- }
- (void)fprintf(stderr, "\n");
-}
-#endif
diff --git a/dbm/src/hash.c b/dbm/src/hash.c
deleted file mode 100644
index 98f7440fc..000000000
--- a/dbm/src/hash.c
+++ /dev/null
@@ -1,1255 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash.c 8.9 (Berkeley) 6/16/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#if !defined(macintosh)
-#ifdef XP_OS2_EMX
-#include <sys/types.h>
-#endif
-#include <sys/stat.h>
-#endif
-
-#if defined(macintosh)
-#include <unix.h>
-#include <unistd.h>
-#endif
-
-#include <errno.h>
-#include <fcntl.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <unistd.h>
-#endif
-#if defined(_WIN32) || defined(_WINDOWS)
-#include <windows.h>
-#endif
-
-#include <assert.h>
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-
-/*
-#include "extern.h"
-*/
-static int alloc_segs __P((HTAB *, int));
-static int flush_meta __P((HTAB *));
-static int hash_access __P((HTAB *, ACTION, DBT *, DBT *));
-static int hash_close __P((DB *));
-static int hash_delete __P((const DB *, const DBT *, uint));
-static int hash_fd __P((const DB *));
-static int hash_get __P((const DB *, const DBT *, DBT *, uint));
-static int hash_put __P((const DB *, DBT *, const DBT *, uint));
-static void *hash_realloc __P((SEGMENT **, size_t, size_t));
-static int hash_seq __P((const DB *, DBT *, DBT *, uint));
-static int hash_sync __P((const DB *, uint));
-static int hdestroy __P((HTAB *));
-static HTAB *init_hash __P((HTAB *, const char *, HASHINFO *));
-static int init_htab __P((HTAB *, int));
-#if BYTE_ORDER == LITTLE_ENDIAN
-static void swap_header __P((HTAB *));
-static void swap_header_copy __P((HASHHDR *, HASHHDR *));
-#endif
-
-/* Fast arithmetic, relying on powers of 2, */
-#define MOD(x, y) ((x) & ((y) - 1))
-
-#define RETURN_ERROR(ERR, LOC) { save_errno = ERR; goto LOC; }
-
-/* Return values */
-#define SUCCESS (0)
-#define DBM_ERROR (-1)
-#define ABNORMAL (1)
-
-#ifdef HASH_STATISTICS
-int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
-#endif
-
-/* A new Lou (montulli@mozilla.com) routine.
- *
- * The database is screwed.
- *
- * This closes the file, flushing buffers as appropriate.
- */
-static void
-__remove_database(DB *dbp)
-{
- HTAB *hashp = (HTAB *)dbp->internal;
-
- assert(0);
-
- if (!hashp)
- return;
- hdestroy(hashp);
- dbp->internal = NULL;
-}
-
-/************************** INTERFACE ROUTINES ***************************/
-/* OPEN/CLOSE */
-
-
-extern DB *
-__hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags)
-{
- HTAB *hashp=NULL;
- struct stat statbuf;
- DB *dbp;
- int bpages, hdrsize, new_table, nsegs, save_errno;
-
- if ((flags & O_ACCMODE) == O_WRONLY) {
- errno = EINVAL;
- RETURN_ERROR(ENOMEM, error0);
- }
-
- /* zero the statbuffer so that
- * we can check it for a non-zero
- * date to see if stat succeeded
- */
- memset(&statbuf, 0, sizeof(struct stat));
-
- if (!(hashp = (HTAB *)calloc(1, sizeof(HTAB))))
- RETURN_ERROR(ENOMEM, error0);
- hashp->fp = NO_FILE;
- if(file)
- hashp->filename = strdup(file);
-
- /*
- * Even if user wants write only, we need to be able to read
- * the actual file, so we need to open it read/write. But, the
- * field in the hashp structure needs to be accurate so that
- * we can check accesses.
- */
- hashp->flags = flags;
-
- new_table = 0;
- if (!file || (flags & O_TRUNC) || (stat(file, &statbuf) && (errno == ENOENT)))
- {
- if (errno == ENOENT)
- errno = 0; /* Just in case someone looks at errno */
- new_table = 1;
- }
- else if(statbuf.st_mtime && statbuf.st_size == 0)
- {
- /* check for a zero length file and delete it
- * if it exists
- */
- new_table = 1;
- }
- hashp->file_size = statbuf.st_size;
-
- if (file) {
-
-#if defined(_WIN32) || defined(_WINDOWS) || defined (macintosh) || defined(XP_OS2)
- if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
- RETURN_ERROR(errno, error0);
-#else
- if ((hashp->fp = open(file, flags, mode)) == -1)
- RETURN_ERROR(errno, error0);
- (void)fcntl(hashp->fp, F_SETFD, 1);
-/* We can't use fcntl because of NFS bugs. SIGH */
-#if 0
- {
- struct flock fl;
- memset(&fl, 0, sizeof(fl));
- fl.l_type = F_WRLCK;
- if (fcntl(hashp->fp, F_SETLK, &fl) < 0) {
-#ifdef DEBUG
- fprintf(stderr, "unable to open %s because it's locked (flags=0x%x)\n", file, flags);
-#endif
- RETURN_ERROR(EACCES, error1);
- }
- }
-#endif
-
-#endif
- }
- if (new_table) {
- if (!init_hash(hashp, file, (HASHINFO *)info))
- RETURN_ERROR(errno, error1);
- } else {
- /* Table already exists */
- if (info && info->hash)
- hashp->hash = info->hash;
- else
- hashp->hash = __default_hash;
-
- hdrsize = read(hashp->fp, (char *)&hashp->hdr, sizeof(HASHHDR));
-#if BYTE_ORDER == LITTLE_ENDIAN
- swap_header(hashp);
-#endif
- if (hdrsize == -1)
- RETURN_ERROR(errno, error1);
- if (hdrsize != sizeof(HASHHDR))
- RETURN_ERROR(EFTYPE, error1);
- /* Verify file type, versions and hash function */
- if (hashp->MAGIC != HASHMAGIC)
- RETURN_ERROR(EFTYPE, error1);
-#define OLDHASHVERSION 1
- if (hashp->VERSION != HASHVERSION &&
- hashp->VERSION != OLDHASHVERSION)
- RETURN_ERROR(EFTYPE, error1);
- if (hashp->hash(CHARKEY, sizeof(CHARKEY)) != hashp->H_CHARKEY)
- RETURN_ERROR(EFTYPE, error1);
- if (hashp->NKEYS < 0) {
- /*
- ** OOPS. Old bad database from previously busted
- ** code. Blow it away.
- */
- close(hashp->fp);
- if (remove(file) < 0) {
-#if defined(DEBUG) && defined(XP_UNIX)
- fprintf(stderr,
- "WARNING: You have an old bad cache.db file"
- " '%s', and I couldn't remove it!\n", file);
-#endif
- } else {
-#if defined(DEBUG) && defined(XP_UNIX)
- fprintf(stderr,
- "WARNING: I blew away your %s file because"
- " it was bad due to a recently fixed bug\n",
- file);
-#endif
- }
- RETURN_ERROR(ENOENT, error0);
- }
-
- /*
- * Figure out how many segments we need. Max_Bucket is the
- * maximum bucket number, so the number of buckets is
- * max_bucket + 1.
- */
- nsegs = (hashp->MAX_BUCKET + 1 + hashp->SGSIZE - 1) /
- hashp->SGSIZE;
- hashp->nsegs = 0;
- if (alloc_segs(hashp, nsegs))
- /*
- * If alloc_segs fails, table will have been destroyed
- * and errno will have been set.
- */
- RETURN_ERROR(ENOMEM, error0);
- /* Read in bitmaps */
- bpages = (hashp->SPARES[hashp->OVFL_POINT] +
- (hashp->BSIZE << BYTE_SHIFT) - 1) >>
- (hashp->BSHIFT + BYTE_SHIFT);
-
- hashp->nmaps = bpages;
- (void)memset(&hashp->mapp[0], 0, bpages * sizeof(uint32 *));
- }
-
- /* Initialize Buffer Manager */
- if (info && info->cachesize)
- __buf_init(hashp, (int32) info->cachesize);
- else
- __buf_init(hashp, DEF_BUFSIZE);
-
- hashp->new_file = new_table;
-#ifdef macintosh
- hashp->save_file = file && !(hashp->flags & O_RDONLY);
-#else
- hashp->save_file = file && (hashp->flags & O_RDWR);
-#endif
- hashp->cbucket = -1;
- if (!(dbp = (DB *)malloc(sizeof(DB)))) {
- save_errno = errno;
- hdestroy(hashp);
- errno = save_errno;
- RETURN_ERROR(ENOMEM, error0);
- }
- dbp->internal = hashp;
- dbp->close = hash_close;
- dbp->del = hash_delete;
- dbp->fd = hash_fd;
- dbp->get = hash_get;
- dbp->put = hash_put;
- dbp->seq = hash_seq;
- dbp->sync = hash_sync;
- dbp->type = DB_HASH;
-
-#if 0
-#if defined(DEBUG) && !defined(_WINDOWS)
-{
-extern int MKLib_trace_flag;
-
- if(MKLib_trace_flag)
- (void)fprintf(stderr,
-"%s\n%s%lx\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%x\n%s%x\n%s%d\n%s%d\n",
- "init_htab:",
- "TABLE POINTER ", (unsigned long) hashp,
- "BUCKET SIZE ", hashp->BSIZE,
- "BUCKET SHIFT ", hashp->BSHIFT,
- "DIRECTORY SIZE ", hashp->DSIZE,
- "SEGMENT SIZE ", hashp->SGSIZE,
- "SEGMENT SHIFT ", hashp->SSHIFT,
- "FILL FACTOR ", hashp->FFACTOR,
- "MAX BUCKET ", hashp->MAX_BUCKET,
- "OVFL POINT ", hashp->OVFL_POINT,
- "LAST FREED ", hashp->LAST_FREED,
- "HIGH MASK ", hashp->HIGH_MASK,
- "LOW MASK ", hashp->LOW_MASK,
- "NSEGS ", hashp->nsegs,
- "NKEYS ", hashp->NKEYS);
-}
-#endif
-#endif /* 0 */
-#ifdef HASH_STATISTICS
- hash_overflows = hash_accesses = hash_collisions = hash_expansions = 0;
-#endif
- return (dbp);
-
-error1:
- if (hashp != NULL)
- (void)close(hashp->fp);
-
-error0:
- free(hashp);
- errno = save_errno;
- return (NULL);
-}
-
-static int
-hash_close(DB *dbp)
-{
- HTAB *hashp;
- int retval;
-
- if (!dbp)
- return (DBM_ERROR);
-
- hashp = (HTAB *)dbp->internal;
- if(!hashp)
- return (DBM_ERROR);
-
- retval = hdestroy(hashp);
- free(dbp);
- return (retval);
-}
-
-static int hash_fd(const DB *dbp)
-{
- HTAB *hashp;
-
- if (!dbp)
- return (DBM_ERROR);
-
- hashp = (HTAB *)dbp->internal;
- if(!hashp)
- return (DBM_ERROR);
-
- if (hashp->fp == -1) {
- errno = ENOENT;
- return (-1);
- }
- return (hashp->fp);
-}
-
-/************************** LOCAL CREATION ROUTINES **********************/
-static HTAB *
-init_hash(HTAB *hashp, const char *file, HASHINFO *info)
-{
- struct stat statbuf;
- int nelem;
-
- nelem = 1;
- hashp->NKEYS = 0;
- hashp->LORDER = BYTE_ORDER;
- hashp->BSIZE = DEF_BUCKET_SIZE;
- hashp->BSHIFT = DEF_BUCKET_SHIFT;
- hashp->SGSIZE = DEF_SEGSIZE;
- hashp->SSHIFT = DEF_SEGSIZE_SHIFT;
- hashp->DSIZE = DEF_DIRSIZE;
- hashp->FFACTOR = DEF_FFACTOR;
- hashp->hash = __default_hash;
- memset(hashp->SPARES, 0, sizeof(hashp->SPARES));
- memset(hashp->BITMAPS, 0, sizeof (hashp->BITMAPS));
-
- /* Fix bucket size to be optimal for file system */
- if (file != NULL) {
- if (stat(file, &statbuf))
- return (NULL);
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(VMS) && !defined(XP_OS2)
-#if defined(__QNX__) && !defined(__QNXNTO__)
- hashp->BSIZE = 512; /* preferred blk size on qnx4 */
-#else
- hashp->BSIZE = statbuf.st_blksize;
-#endif
-
- /* new code added by Lou to reduce block
- * size down below MAX_BSIZE
- */
- if (hashp->BSIZE > MAX_BSIZE)
- hashp->BSIZE = MAX_BSIZE;
-#endif
- hashp->BSHIFT = __log2((uint32)hashp->BSIZE);
- }
-
- if (info) {
- if (info->bsize) {
- /* Round pagesize up to power of 2 */
- hashp->BSHIFT = __log2(info->bsize);
- hashp->BSIZE = 1 << hashp->BSHIFT;
- if (hashp->BSIZE > MAX_BSIZE) {
- errno = EINVAL;
- return (NULL);
- }
- }
- if (info->ffactor)
- hashp->FFACTOR = info->ffactor;
- if (info->hash)
- hashp->hash = info->hash;
- if (info->nelem)
- nelem = info->nelem;
- if (info->lorder) {
- if (info->lorder != BIG_ENDIAN &&
- info->lorder != LITTLE_ENDIAN) {
- errno = EINVAL;
- return (NULL);
- }
- hashp->LORDER = info->lorder;
- }
- }
- /* init_htab should destroy the table and set errno if it fails */
- if (init_htab(hashp, nelem))
- return (NULL);
- else
- return (hashp);
-}
-/*
- * This calls alloc_segs which may run out of memory. Alloc_segs will destroy
- * the table and set errno, so we just pass the error information along.
- *
- * Returns 0 on No Error
- */
-static int
-init_htab(HTAB *hashp, int nelem)
-{
- register int nbuckets, nsegs;
- int l2;
-
- /*
- * Divide number of elements by the fill factor and determine a
- * desired number of buckets. Allocate space for the next greater
- * power of two number of buckets.
- */
- nelem = (nelem - 1) / hashp->FFACTOR + 1;
-
- l2 = __log2((uint32)PR_MAX(nelem, 2));
- nbuckets = 1 << l2;
-
- hashp->SPARES[l2] = l2 + 1;
- hashp->SPARES[l2 + 1] = l2 + 1;
- hashp->OVFL_POINT = l2;
- hashp->LAST_FREED = 2;
-
- /* First bitmap page is at: splitpoint l2 page offset 1 */
- if (__ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0))
- return (-1);
-
- hashp->MAX_BUCKET = hashp->LOW_MASK = nbuckets - 1;
- hashp->HIGH_MASK = (nbuckets << 1) - 1;
- hashp->HDRPAGES = ((PR_MAX(sizeof(HASHHDR), MINHDRSIZE) - 1) >>
- hashp->BSHIFT) + 1;
-
- nsegs = (nbuckets - 1) / hashp->SGSIZE + 1;
- nsegs = 1 << __log2((uint32)nsegs);
-
- if (nsegs > hashp->DSIZE)
- hashp->DSIZE = nsegs;
- return (alloc_segs(hashp, nsegs));
-}
-
-/********************** DESTROY/CLOSE ROUTINES ************************/
-
-/*
- * Flushes any changes to the file if necessary and destroys the hashp
- * structure, freeing all allocated space.
- */
-static int
-hdestroy(HTAB *hashp)
-{
- int i, save_errno;
-
- save_errno = 0;
-
-#ifdef HASH_STATISTICS
- (void)fprintf(stderr, "hdestroy: accesses %ld collisions %ld\n",
- hash_accesses, hash_collisions);
- (void)fprintf(stderr, "hdestroy: expansions %ld\n",
- hash_expansions);
- (void)fprintf(stderr, "hdestroy: overflows %ld\n",
- hash_overflows);
- (void)fprintf(stderr, "keys %ld maxp %d segmentcount %d\n",
- hashp->NKEYS, hashp->MAX_BUCKET, hashp->nsegs);
-
- for (i = 0; i < NCACHED; i++)
- (void)fprintf(stderr,
- "spares[%d] = %d\n", i, hashp->SPARES[i]);
-#endif
- /*
- * Call on buffer manager to free buffers, and if required,
- * write them to disk.
- */
- if (__buf_free(hashp, 1, hashp->save_file))
- save_errno = errno;
- if (hashp->dir) {
- free(*hashp->dir); /* Free initial segments */
- /* Free extra segments */
- while (hashp->exsegs--)
- free(hashp->dir[--hashp->nsegs]);
- free(hashp->dir);
- }
- if (flush_meta(hashp) && !save_errno)
- save_errno = errno;
- /* Free Bigmaps */
- for (i = 0; i < hashp->nmaps; i++)
- if (hashp->mapp[i])
- free(hashp->mapp[i]);
-
- if (hashp->fp != -1)
- (void)close(hashp->fp);
-
- if(hashp->filename) {
-#if defined(_WIN32) || defined(_WINDOWS) || defined(XP_OS2)
- if (hashp->is_temp)
- (void)unlink(hashp->filename);
-#endif
- free(hashp->filename);
- }
- if (hashp->tmp_buf)
- free(hashp->tmp_buf);
- if (hashp->tmp_key)
- free(hashp->tmp_key);
- free(hashp);
- if (save_errno) {
- errno = save_errno;
- return (DBM_ERROR);
- }
- return (SUCCESS);
-}
-
-#if defined(_WIN32) || defined(_WINDOWS)
-/*
- * Close and reopen file to force file length update on windows.
- *
- * Returns:
- * 0 == OK
- * -1 DBM_ERROR
- */
-static int
-update_EOF(HTAB *hashp)
-{
-#if defined(DBM_REOPEN_ON_FLUSH)
- char * file = hashp->filename;
- off_t file_size;
- int flags;
- int mode = -1;
- struct stat statbuf;
-
- memset(&statbuf, 0, sizeof statbuf);
-
- /* make sure we won't lose the file by closing it. */
- if (!file || (stat(file, &statbuf) && (errno == ENOENT))) {
- /* pretend we did it. */
- return 0;
- }
-
- (void)close(hashp->fp);
-
- flags = hashp->flags & ~(O_TRUNC | O_CREAT | O_EXCL);
-
- if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
- return -1;
- file_size = lseek(hashp->fp, (off_t)0, SEEK_END);
- if (file_size == -1)
- return -1;
- hashp->file_size = file_size;
- return 0;
-#else
- int fd = hashp->fp;
- off_t file_size = lseek(fd, (off_t)0, SEEK_END);
- HANDLE handle = (HANDLE)_get_osfhandle(fd);
- BOOL cool = FlushFileBuffers(handle);
-#ifdef DEBUG3
- if (!cool) {
- DWORD err = GetLastError();
- (void)fprintf(stderr,
- "FlushFileBuffers failed, last error = %d, 0x%08x\n",
- err, err);
- }
-#endif
- if (file_size == -1)
- return -1;
- hashp->file_size = file_size;
- return cool ? 0 : -1;
-#endif
-}
-#endif
-
-/*
- * Write modified pages to disk
- *
- * Returns:
- * 0 == OK
- * -1 DBM_ERROR
- */
-static int
-hash_sync(const DB *dbp, uint flags)
-{
- HTAB *hashp;
-
- if (flags != 0) {
- errno = EINVAL;
- return (DBM_ERROR);
- }
-
- if (!dbp)
- return (DBM_ERROR);
-
- hashp = (HTAB *)dbp->internal;
- if(!hashp)
- return (DBM_ERROR);
-
- if (!hashp->save_file)
- return (0);
- if (__buf_free(hashp, 0, 1) || flush_meta(hashp))
- return (DBM_ERROR);
-#if defined(_WIN32) || defined(_WINDOWS)
- if (hashp->updateEOF && hashp->filename && !hashp->is_temp) {
- int status = update_EOF(hashp);
- hashp->updateEOF = 0;
- if (status)
- return status;
- }
-#endif
- hashp->new_file = 0;
- return (0);
-}
-
-/*
- * Returns:
- * 0 == OK
- * -1 indicates that errno should be set
- */
-static int
-flush_meta(HTAB *hashp)
-{
- HASHHDR *whdrp;
-#if BYTE_ORDER == LITTLE_ENDIAN
- HASHHDR whdr;
-#endif
- int fp, i, wsize;
-
- if (!hashp->save_file)
- return (0);
- hashp->MAGIC = HASHMAGIC;
- hashp->VERSION = HASHVERSION;
- hashp->H_CHARKEY = hashp->hash(CHARKEY, sizeof(CHARKEY));
-
- fp = hashp->fp;
- whdrp = &hashp->hdr;
-#if BYTE_ORDER == LITTLE_ENDIAN
- whdrp = &whdr;
- swap_header_copy(&hashp->hdr, whdrp);
-#endif
- if ((lseek(fp, (off_t)0, SEEK_SET) == -1) ||
- ((wsize = write(fp, (char*)whdrp, sizeof(HASHHDR))) == -1))
- return (-1);
- else
- if (wsize != sizeof(HASHHDR)) {
- errno = EFTYPE;
- hashp->dbmerrno = errno;
- return (-1);
- }
- for (i = 0; i < NCACHED; i++)
- if (hashp->mapp[i])
- if (__put_page(hashp, (char *)hashp->mapp[i],
- hashp->BITMAPS[i], 0, 1))
- return (-1);
- return (0);
-}
-
-/*******************************SEARCH ROUTINES *****************************/
-/*
- * All the access routines return
- *
- * Returns:
- * 0 on SUCCESS
- * 1 to indicate an external DBM_ERROR (i.e. key not found, etc)
- * -1 to indicate an internal DBM_ERROR (i.e. out of memory, etc)
- */
-static int
-hash_get(
- const DB *dbp,
- const DBT *key,
- DBT *data,
- uint flag)
-{
- HTAB *hashp;
- int rv;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
-
- rv = hash_access(hashp, HASH_GET, (DBT *)key, data);
-
- if(rv == DATABASE_CORRUPTED_ERROR)
- {
-#if defined(unix) && defined(DEBUG)
- printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
- __remove_database((DB *)dbp);
- }
-
- return(rv);
-}
-
-static int
-hash_put(
- const DB *dbp,
- DBT *key,
- const DBT *data,
- uint flag)
-{
- HTAB *hashp;
- int rv;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag && flag != R_NOOVERWRITE) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
- if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
- hashp->dbmerrno = errno = EPERM;
- return (DBM_ERROR);
- }
-
- rv = hash_access(hashp, flag == R_NOOVERWRITE ?
- HASH_PUTNEW : HASH_PUT, (DBT *)key, (DBT *)data);
-
- if(rv == DATABASE_CORRUPTED_ERROR)
- {
-#if defined(unix) && defined(DEBUG)
- printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
- __remove_database((DB *)dbp);
- }
-
- return(rv);
-}
-
-static int
-hash_delete(
- const DB *dbp,
- const DBT *key,
- uint flag) /* Ignored */
-{
- HTAB *hashp;
- int rv;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag && flag != R_CURSOR) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
- if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
- hashp->dbmerrno = errno = EPERM;
- return (DBM_ERROR);
- }
- rv = hash_access(hashp, HASH_DELETE, (DBT *)key, NULL);
-
- if(rv == DATABASE_CORRUPTED_ERROR)
- {
-#if defined(unix) && defined(DEBUG)
- printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
- __remove_database((DB *)dbp);
- }
-
- return(rv);
-}
-
-#define MAX_OVERFLOW_HASH_ACCESS_LOOPS 2000
-/*
- * Assume that hashp has been set in wrapper routine.
- */
-static int
-hash_access(
- HTAB *hashp,
- ACTION action,
- DBT *key, DBT *val)
-{
- register BUFHEAD *rbufp;
- BUFHEAD *bufp, *save_bufp;
- register uint16 *bp;
- register long n, ndx, off;
- register size_t size;
- register char *kp;
- uint16 pageno;
- uint32 ovfl_loop_count=0;
- int32 last_overflow_page_no = -1;
-
-#ifdef HASH_STATISTICS
- hash_accesses++;
-#endif
-
- off = hashp->BSIZE;
- size = key->size;
- kp = (char *)key->data;
- rbufp = __get_buf(hashp, __call_hash(hashp, kp, size), NULL, 0);
- if (!rbufp)
- return (DATABASE_CORRUPTED_ERROR);
- save_bufp = rbufp;
-
- /* Pin the bucket chain */
- rbufp->flags |= BUF_PIN;
- for (bp = (uint16 *)rbufp->page, n = *bp++, ndx = 1; ndx < n;)
- {
-
- if (bp[1] >= REAL_KEY) {
- /* Real key/data pair */
- if (size == (unsigned long)(off - *bp) &&
- memcmp(kp, rbufp->page + *bp, size) == 0)
- goto found;
- off = bp[1];
-#ifdef HASH_STATISTICS
- hash_collisions++;
-#endif
- bp += 2;
- ndx += 2;
- } else if (bp[1] == OVFLPAGE) {
-
- /* database corruption: overflow loop detection */
- if(last_overflow_page_no == (int32)*bp)
- return (DATABASE_CORRUPTED_ERROR);
-
- last_overflow_page_no = *bp;
-
- rbufp = __get_buf(hashp, *bp, rbufp, 0);
- if (!rbufp) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- }
-
- ovfl_loop_count++;
- if(ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS)
- return (DATABASE_CORRUPTED_ERROR);
-
- /* FOR LOOP INIT */
- bp = (uint16 *)rbufp->page;
- n = *bp++;
- ndx = 1;
- off = hashp->BSIZE;
- } else if (bp[1] < REAL_KEY) {
- if ((ndx =
- __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0)
- goto found;
- if (ndx == -2) {
- bufp = rbufp;
- if (!(pageno =
- __find_last_page(hashp, &bufp))) {
- ndx = 0;
- rbufp = bufp;
- break; /* FOR */
- }
- rbufp = __get_buf(hashp, pageno, bufp, 0);
- if (!rbufp) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- }
- /* FOR LOOP INIT */
- bp = (uint16 *)rbufp->page;
- n = *bp++;
- ndx = 1;
- off = hashp->BSIZE;
- } else {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
-
- }
- }
- }
-
- /* Not found */
- switch (action) {
- case HASH_PUT:
- case HASH_PUTNEW:
- if (__addel(hashp, rbufp, key, val)) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- } else {
- save_bufp->flags &= ~BUF_PIN;
- return (SUCCESS);
- }
- case HASH_GET:
- case HASH_DELETE:
- default:
- save_bufp->flags &= ~BUF_PIN;
- return (ABNORMAL);
- }
-
-found:
- switch (action) {
- case HASH_PUTNEW:
- save_bufp->flags &= ~BUF_PIN;
- return (ABNORMAL);
- case HASH_GET:
- bp = (uint16 *)rbufp->page;
- if (bp[ndx + 1] < REAL_KEY) {
- if (__big_return(hashp, rbufp, ndx, val, 0))
- return (DBM_ERROR);
- } else {
- val->data = (uint8 *)rbufp->page + (int)bp[ndx + 1];
- val->size = bp[ndx] - bp[ndx + 1];
- }
- break;
- case HASH_PUT:
- if ((__delpair(hashp, rbufp, ndx)) ||
- (__addel(hashp, rbufp, key, val))) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- }
- break;
- case HASH_DELETE:
- if (__delpair(hashp, rbufp, ndx))
- return (DBM_ERROR);
- break;
- default:
- abort();
- }
- save_bufp->flags &= ~BUF_PIN;
- return (SUCCESS);
-}
-
-static int
-hash_seq(
- const DB *dbp,
- DBT *key, DBT *data,
- uint flag)
-{
- register uint32 bucket;
- register BUFHEAD *bufp;
- HTAB *hashp;
- uint16 *bp, ndx;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag && flag != R_FIRST && flag != R_NEXT) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
-#ifdef HASH_STATISTICS
- hash_accesses++;
-#endif
- if ((hashp->cbucket < 0) || (flag == R_FIRST)) {
- hashp->cbucket = 0;
- hashp->cndx = 1;
- hashp->cpage = NULL;
- }
-
- for (bp = NULL; !bp || !bp[0]; ) {
- if (!(bufp = hashp->cpage)) {
- for (bucket = hashp->cbucket;
- bucket <= (uint32)hashp->MAX_BUCKET;
- bucket++, hashp->cndx = 1) {
- bufp = __get_buf(hashp, bucket, NULL, 0);
- if (!bufp)
- return (DBM_ERROR);
- hashp->cpage = bufp;
- bp = (uint16 *)bufp->page;
- if (bp[0])
- break;
- }
- hashp->cbucket = bucket;
- if (hashp->cbucket > hashp->MAX_BUCKET) {
- hashp->cbucket = -1;
- return (ABNORMAL);
- }
- } else
- bp = (uint16 *)hashp->cpage->page;
-
-#ifdef DEBUG
- assert(bp);
- assert(bufp);
-#endif
- while (bp[hashp->cndx + 1] == OVFLPAGE) {
- bufp = hashp->cpage =
- __get_buf(hashp, bp[hashp->cndx], bufp, 0);
- if (!bufp)
- return (DBM_ERROR);
- bp = (uint16 *)(bufp->page);
- hashp->cndx = 1;
- }
- if (!bp[0]) {
- hashp->cpage = NULL;
- ++hashp->cbucket;
- }
- }
- ndx = hashp->cndx;
- if (bp[ndx + 1] < REAL_KEY) {
- if (__big_keydata(hashp, bufp, key, data, 1))
- return (DBM_ERROR);
- } else {
- key->data = (uint8 *)hashp->cpage->page + bp[ndx];
- key->size = (ndx > 1 ? bp[ndx - 1] : hashp->BSIZE) - bp[ndx];
- data->data = (uint8 *)hashp->cpage->page + bp[ndx + 1];
- data->size = bp[ndx] - bp[ndx + 1];
- ndx += 2;
- if (ndx > bp[0]) {
- hashp->cpage = NULL;
- hashp->cbucket++;
- hashp->cndx = 1;
- } else
- hashp->cndx = ndx;
- }
- return (SUCCESS);
-}
-
-/********************************* UTILITIES ************************/
-
-/*
- * Returns:
- * 0 ==> OK
- * -1 ==> Error
- */
-extern int
-__expand_table(HTAB *hashp)
-{
- uint32 old_bucket, new_bucket;
- int new_segnum, spare_ndx;
- size_t dirsize;
-
-#ifdef HASH_STATISTICS
- hash_expansions++;
-#endif
- new_bucket = ++hashp->MAX_BUCKET;
- old_bucket = (hashp->MAX_BUCKET & hashp->LOW_MASK);
-
- new_segnum = new_bucket >> hashp->SSHIFT;
-
- /* Check if we need a new segment */
- if (new_segnum >= hashp->nsegs) {
- /* Check if we need to expand directory */
- if (new_segnum >= hashp->DSIZE) {
- /* Reallocate directory */
- dirsize = hashp->DSIZE * sizeof(SEGMENT *);
- if (!hash_realloc(&hashp->dir, dirsize, dirsize << 1))
- return (-1);
- hashp->DSIZE = dirsize << 1;
- }
- if ((hashp->dir[new_segnum] =
- (SEGMENT)calloc((size_t)hashp->SGSIZE, sizeof(SEGMENT))) == NULL)
- return (-1);
- hashp->exsegs++;
- hashp->nsegs++;
- }
- /*
- * If the split point is increasing (MAX_BUCKET's log base 2
- * * increases), we need to copy the current contents of the spare
- * split bucket to the next bucket.
- */
- spare_ndx = __log2((uint32)(hashp->MAX_BUCKET + 1));
- if (spare_ndx > hashp->OVFL_POINT) {
- hashp->SPARES[spare_ndx] = hashp->SPARES[hashp->OVFL_POINT];
- hashp->OVFL_POINT = spare_ndx;
- }
-
- if (new_bucket > (uint32)hashp->HIGH_MASK) {
- /* Starting a new doubling */
- hashp->LOW_MASK = hashp->HIGH_MASK;
- hashp->HIGH_MASK = new_bucket | hashp->LOW_MASK;
- }
- /* Relocate records to the new bucket */
- return (__split_page(hashp, old_bucket, new_bucket));
-}
-
-/*
- * If realloc guarantees that the pointer is not destroyed if the realloc
- * fails, then this routine can go away.
- */
-static void *
-hash_realloc(
- SEGMENT **p_ptr,
- size_t oldsize, size_t newsize)
-{
- register void *p;
-
- if ((p = malloc(newsize))) {
- memmove(p, *p_ptr, oldsize);
- memset((char *)p + oldsize, 0, newsize - oldsize);
- free(*p_ptr);
- *p_ptr = (SEGMENT *)p;
- }
- return (p);
-}
-
-extern uint32
-__call_hash(HTAB *hashp, char *k, size_t len)
-{
- uint32 n, bucket;
-
- n = hashp->hash(k, len);
- bucket = n & hashp->HIGH_MASK;
- if (bucket > (uint32)hashp->MAX_BUCKET)
- bucket = bucket & hashp->LOW_MASK;
- return (bucket);
-}
-
-/*
- * Allocate segment table. On error, destroy the table and set errno.
- *
- * Returns 0 on success
- */
-static int
-alloc_segs(
- HTAB *hashp,
- int nsegs)
-{
- register int i;
- register SEGMENT store;
-
- int save_errno;
-
- if ((hashp->dir =
- (SEGMENT *)calloc((size_t)hashp->DSIZE, sizeof(SEGMENT *))) == NULL) {
- save_errno = errno;
- (void)hdestroy(hashp);
- errno = save_errno;
- return (-1);
- }
- /* Allocate segments */
- if ((store =
- (SEGMENT)calloc((size_t)nsegs << hashp->SSHIFT, sizeof(SEGMENT))) == NULL) {
- save_errno = errno;
- (void)hdestroy(hashp);
- errno = save_errno;
- return (-1);
- }
- for (i = 0; i < nsegs; i++, hashp->nsegs++)
- hashp->dir[i] = &store[i << hashp->SSHIFT];
- return (0);
-}
-
-#if BYTE_ORDER == LITTLE_ENDIAN
-/*
- * Hashp->hdr needs to be byteswapped.
- */
-static void
-swap_header_copy(
- HASHHDR *srcp, HASHHDR *destp)
-{
- int i;
-
- P_32_COPY(srcp->magic, destp->magic);
- P_32_COPY(srcp->version, destp->version);
- P_32_COPY(srcp->lorder, destp->lorder);
- P_32_COPY(srcp->bsize, destp->bsize);
- P_32_COPY(srcp->bshift, destp->bshift);
- P_32_COPY(srcp->dsize, destp->dsize);
- P_32_COPY(srcp->ssize, destp->ssize);
- P_32_COPY(srcp->sshift, destp->sshift);
- P_32_COPY(srcp->ovfl_point, destp->ovfl_point);
- P_32_COPY(srcp->last_freed, destp->last_freed);
- P_32_COPY(srcp->max_bucket, destp->max_bucket);
- P_32_COPY(srcp->high_mask, destp->high_mask);
- P_32_COPY(srcp->low_mask, destp->low_mask);
- P_32_COPY(srcp->ffactor, destp->ffactor);
- P_32_COPY(srcp->nkeys, destp->nkeys);
- P_32_COPY(srcp->hdrpages, destp->hdrpages);
- P_32_COPY(srcp->h_charkey, destp->h_charkey);
- for (i = 0; i < NCACHED; i++) {
- P_32_COPY(srcp->spares[i], destp->spares[i]);
- P_16_COPY(srcp->bitmaps[i], destp->bitmaps[i]);
- }
-}
-
-static void
-swap_header(HTAB *hashp)
-{
- HASHHDR *hdrp;
- int i;
-
- hdrp = &hashp->hdr;
-
- M_32_SWAP(hdrp->magic);
- M_32_SWAP(hdrp->version);
- M_32_SWAP(hdrp->lorder);
- M_32_SWAP(hdrp->bsize);
- M_32_SWAP(hdrp->bshift);
- M_32_SWAP(hdrp->dsize);
- M_32_SWAP(hdrp->ssize);
- M_32_SWAP(hdrp->sshift);
- M_32_SWAP(hdrp->ovfl_point);
- M_32_SWAP(hdrp->last_freed);
- M_32_SWAP(hdrp->max_bucket);
- M_32_SWAP(hdrp->high_mask);
- M_32_SWAP(hdrp->low_mask);
- M_32_SWAP(hdrp->ffactor);
- M_32_SWAP(hdrp->nkeys);
- M_32_SWAP(hdrp->hdrpages);
- M_32_SWAP(hdrp->h_charkey);
- for (i = 0; i < NCACHED; i++) {
- M_32_SWAP(hdrp->spares[i]);
- M_16_SWAP(hdrp->bitmaps[i]);
- }
-}
-#endif
diff --git a/dbm/src/hash_buf.c b/dbm/src/hash_buf.c
deleted file mode 100644
index d1193de6f..000000000
--- a/dbm/src/hash_buf.c
+++ /dev/null
@@ -1,414 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_buf.c 8.5 (Berkeley) 7/15/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hash
- *
- * DESCRIPTION:
- * Contains buffer management
- *
- * ROUTINES:
- * External
- * __buf_init
- * __get_buf
- * __buf_free
- * __reclaim_buf
- * Internal
- * newbuf
- */
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#include <errno.h>
-#include <stddef.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef DEBUG
-#include <assert.h>
-#endif
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-static BUFHEAD *newbuf __P((HTAB *, uint32, BUFHEAD *));
-
-/* Unlink B from its place in the lru */
-#define BUF_REMOVE(B) { \
- (B)->prev->next = (B)->next; \
- (B)->next->prev = (B)->prev; \
-}
-
-/* Insert B after P */
-#define BUF_INSERT(B, P) { \
- (B)->next = (P)->next; \
- (B)->prev = (P); \
- (P)->next = (B); \
- (B)->next->prev = (B); \
-}
-
-#define MRU hashp->bufhead.next
-#define LRU hashp->bufhead.prev
-
-#define MRU_INSERT(B) BUF_INSERT((B), &hashp->bufhead)
-#define LRU_INSERT(B) BUF_INSERT((B), LRU)
-
-/*
- * We are looking for a buffer with address "addr". If prev_bp is NULL, then
- * address is a bucket index. If prev_bp is not NULL, then it points to the
- * page previous to an overflow page that we are trying to find.
- *
- * CAVEAT: The buffer header accessed via prev_bp's ovfl field may no longer
- * be valid. Therefore, you must always verify that its address matches the
- * address you are seeking.
- */
-extern BUFHEAD *
-__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage)
-/* If prev_bp set, indicates a new overflow page. */
-{
- register BUFHEAD *bp;
- register uint32 is_disk_mask;
- register int is_disk, segment_ndx = 0;
- SEGMENT segp = 0;
-
- is_disk = 0;
- is_disk_mask = 0;
- if (prev_bp) {
- bp = prev_bp->ovfl;
- if (!bp || (bp->addr != addr))
- bp = NULL;
- if (!newpage)
- is_disk = BUF_DISK;
- } else {
- /* Grab buffer out of directory */
- segment_ndx = addr & (hashp->SGSIZE - 1);
-
- /* valid segment ensured by __call_hash() */
- segp = hashp->dir[addr >> hashp->SSHIFT];
-#ifdef DEBUG
- assert(segp != NULL);
-#endif
-
- bp = PTROF(segp[segment_ndx]);
-
- is_disk_mask = ISDISK(segp[segment_ndx]);
- is_disk = is_disk_mask || !hashp->new_file;
- }
-
- if (!bp) {
- bp = newbuf(hashp, addr, prev_bp);
- if (!bp)
- return(NULL);
- if(__get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0))
- {
- /* free bp and its page */
- if(prev_bp)
- {
- /* if prev_bp is set then the new page that
- * failed is hooked onto prev_bp as an overflow page.
- * if we don't remove the pointer to the bad page
- * we may try and access it later and we will die
- * horribly because it will have already been
- * free'd and overwritten with bogus data.
- */
- prev_bp->ovfl = NULL;
- }
- BUF_REMOVE(bp);
- free(bp->page);
- free(bp);
- return (NULL);
- }
-
- if (!prev_bp)
- {
-#if 0
- /* 16 bit windows and mac can't handle the
- * oring of the is disk flag.
- */
- segp[segment_ndx] =
- (BUFHEAD *)((ptrdiff_t)bp | is_disk_mask);
-#else
- /* set the is_disk thing inside the structure
- */
- bp->is_disk = is_disk_mask;
- segp[segment_ndx] = bp;
-#endif
- }
- } else {
- BUF_REMOVE(bp);
- MRU_INSERT(bp);
- }
- return (bp);
-}
-
-/*
- * We need a buffer for this page. Either allocate one, or evict a resident
- * one (if we have as many buffers as we're allowed) and put this one in.
- *
- * If newbuf finds an error (returning NULL), it also sets errno.
- */
-static BUFHEAD *
-newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp)
-{
- register BUFHEAD *bp; /* The buffer we're going to use */
- register BUFHEAD *xbp; /* Temp pointer */
- register BUFHEAD *next_xbp;
- SEGMENT segp;
- int segment_ndx;
- uint16 oaddr, *shortp;
-
- oaddr = 0;
- bp = LRU;
- /*
- * If LRU buffer is pinned, the buffer pool is too small. We need to
- * allocate more buffers.
- */
- if (hashp->nbufs || (bp->flags & BUF_PIN)) {
- /* Allocate a new one */
- if ((bp = (BUFHEAD *)malloc(sizeof(BUFHEAD))) == NULL)
- return (NULL);
-
- /* this memset is supposedly unnecessary but lets add
- * it anyways.
- */
- memset(bp, 0xff, sizeof(BUFHEAD));
-
- if ((bp->page = (char *)malloc((size_t)hashp->BSIZE)) == NULL) {
- free(bp);
- return (NULL);
- }
-
- /* this memset is supposedly unnecessary but lets add
- * it anyways.
- */
- memset(bp->page, 0xff, (size_t)hashp->BSIZE);
-
- if (hashp->nbufs)
- hashp->nbufs--;
- } else {
- /* Kick someone out */
- BUF_REMOVE(bp);
- /*
- * If this is an overflow page with addr 0, it's already been
- * flushed back in an overflow chain and initialized.
- */
- if ((bp->addr != 0) || (bp->flags & BUF_BUCKET)) {
- /*
- * Set oaddr before __put_page so that you get it
- * before bytes are swapped.
- */
- shortp = (uint16 *)bp->page;
- if (shortp[0])
- {
- if(shortp[0] > (hashp->BSIZE / sizeof(uint16)))
- {
- return(NULL);
- }
- oaddr = shortp[shortp[0] - 1];
- }
- if ((bp->flags & BUF_MOD) && __put_page(hashp, bp->page,
- bp->addr, (int)IS_BUCKET(bp->flags), 0))
- return (NULL);
- /*
- * Update the pointer to this page (i.e. invalidate it).
- *
- * If this is a new file (i.e. we created it at open
- * time), make sure that we mark pages which have been
- * written to disk so we retrieve them from disk later,
- * rather than allocating new pages.
- */
- if (IS_BUCKET(bp->flags)) {
- segment_ndx = bp->addr & (hashp->SGSIZE - 1);
- segp = hashp->dir[bp->addr >> hashp->SSHIFT];
-#ifdef DEBUG
- assert(segp != NULL);
-#endif
-
- if (hashp->new_file &&
- ((bp->flags & BUF_MOD) ||
- ISDISK(segp[segment_ndx])))
- segp[segment_ndx] = (BUFHEAD *)BUF_DISK;
- else
- segp[segment_ndx] = NULL;
- }
- /*
- * Since overflow pages can only be access by means of
- * their bucket, free overflow pages associated with
- * this bucket.
- */
- for (xbp = bp; xbp->ovfl;) {
- next_xbp = xbp->ovfl;
- xbp->ovfl = 0;
- xbp = next_xbp;
-
- /* leave pinned pages alone, we are still using
- * them. */
- if (xbp->flags & BUF_PIN) {
- continue;
- }
-
- /* Check that ovfl pointer is up date. */
- if (IS_BUCKET(xbp->flags) ||
- (oaddr != xbp->addr))
- break;
-
- shortp = (uint16 *)xbp->page;
- if (shortp[0])
- {
- /* LJM is the number of reported
- * pages way too much?
- */
- if(shortp[0] > hashp->BSIZE/sizeof(uint16))
- return NULL;
- /* set before __put_page */
- oaddr = shortp[shortp[0] - 1];
- }
- if ((xbp->flags & BUF_MOD) && __put_page(hashp,
- xbp->page, xbp->addr, 0, 0))
- return (NULL);
- xbp->addr = 0;
- xbp->flags = 0;
- BUF_REMOVE(xbp);
- LRU_INSERT(xbp);
- }
- }
- }
-
- /* Now assign this buffer */
- bp->addr = addr;
-#ifdef DEBUG1
- (void)fprintf(stderr, "NEWBUF1: %d->ovfl was %d is now %d\n",
- bp->addr, (bp->ovfl ? bp->ovfl->addr : 0), 0);
-#endif
- bp->ovfl = NULL;
- if (prev_bp) {
- /*
- * If prev_bp is set, this is an overflow page, hook it in to
- * the buffer overflow links.
- */
-#ifdef DEBUG1
- (void)fprintf(stderr, "NEWBUF2: %d->ovfl was %d is now %d\n",
- prev_bp->addr, (prev_bp->ovfl ? bp->ovfl->addr : 0),
- (bp ? bp->addr : 0));
-#endif
- prev_bp->ovfl = bp;
- bp->flags = 0;
- } else
- bp->flags = BUF_BUCKET;
- MRU_INSERT(bp);
- return (bp);
-}
-
-extern void __buf_init(HTAB *hashp, int32 nbytes)
-{
- BUFHEAD *bfp;
- int npages;
-
- bfp = &(hashp->bufhead);
- npages = (nbytes + hashp->BSIZE - 1) >> hashp->BSHIFT;
- npages = PR_MAX(npages, MIN_BUFFERS);
-
- hashp->nbufs = npages;
- bfp->next = bfp;
- bfp->prev = bfp;
- /*
- * This space is calloc'd so these are already null.
- *
- * bfp->ovfl = NULL;
- * bfp->flags = 0;
- * bfp->page = NULL;
- * bfp->addr = 0;
- */
-}
-
-extern int
-__buf_free(HTAB *hashp, int do_free, int to_disk)
-{
- BUFHEAD *bp;
- int status = -1;
-
- /* Need to make sure that buffer manager has been initialized */
- if (!LRU)
- return (0);
- for (bp = LRU; bp != &hashp->bufhead;) {
- /* Check that the buffer is valid */
- if (bp->addr || IS_BUCKET(bp->flags)) {
- if (to_disk && (bp->flags & BUF_MOD) &&
- (status = __put_page(hashp, bp->page,
- bp->addr, IS_BUCKET(bp->flags), 0))) {
-
- if (do_free) {
- if (bp->page)
- free(bp->page);
- BUF_REMOVE(bp);
- free(bp);
- }
-
- return (status);
- }
- }
- /* Check if we are freeing stuff */
- if (do_free) {
- if (bp->page)
- free(bp->page);
- BUF_REMOVE(bp);
- free(bp);
- bp = LRU;
- } else
- bp = bp->prev;
- }
- return (0);
-}
-
-extern void
-__reclaim_buf(HTAB *hashp, BUFHEAD *bp)
-{
- bp->ovfl = 0;
- bp->addr = 0;
- bp->flags = 0;
- BUF_REMOVE(bp);
- LRU_INSERT(bp);
-}
diff --git a/dbm/src/hsearch.c b/dbm/src/hsearch.c
deleted file mode 100644
index fb8a58bad..000000000
--- a/dbm/src/hsearch.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hsearch.c 8.4 (Berkeley) 7/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-
-#include <fcntl.h>
-#include <string.h>
-
-#include "mcom_db.h"
-#include "hsearch.h"
-
-static DB *dbp = NULL;
-static ENTRY retval;
-
-extern int
-hcreate(uint nel)
-{
- HASHINFO info;
-
- info.nelem = nel;
- info.bsize = 256;
- info.ffactor = 8;
- info.cachesize = 0;
- info.hash = NULL;
- info.lorder = 0;
- dbp = (DB *)__hash_open(NULL, O_CREAT | O_RDWR, 0600, &info, 0);
- return ((int)dbp);
-}
-
-extern ENTRY *
-hsearch(ENTRY item, ACTION action)
-{
- DBT key, val;
- int status;
-
- if (!dbp)
- return (NULL);
- key.data = (uint8 *)item.key;
- key.size = strlen(item.key) + 1;
-
- if (action == ENTER) {
- val.data = (uint8 *)item.data;
- val.size = strlen(item.data) + 1;
- status = (dbp->put)(dbp, &key, &val, R_NOOVERWRITE);
- if (status)
- return (NULL);
- } else {
- /* FIND */
- status = (dbp->get)(dbp, &key, &val, 0);
- if (status)
- return (NULL);
- else
- item.data = (char *)val.data;
- }
- retval.key = item.key;
- retval.data = item.data;
- return (&retval);
-}
-
-extern void
-hdestroy()
-{
- if (dbp) {
- (void)(dbp->close)(dbp);
- dbp = NULL;
- }
-}
diff --git a/dbm/src/memmove.c b/dbm/src/memmove.c
deleted file mode 100644
index 70eb1e5d2..000000000
--- a/dbm/src/memmove.c
+++ /dev/null
@@ -1,150 +0,0 @@
-#if defined(__sun) && !defined(__SVR4)
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Chris Torek.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)bcopy.c 8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#else
-#include "cdefs.h"
-#endif
-#include <string.h>
-
-/*
- * sizeof(word) MUST BE A POWER OF TWO
- * SO THAT wmask BELOW IS ALL ONES
- */
-typedef int word; /* "word" used for optimal copy speed */
-
-#define wsize sizeof(word)
-#define wmask (wsize - 1)
-
-/*
- * Copy a block of memory, handling overlap.
- * This is the routine that actually implements
- * (the portable versions of) bcopy, memcpy, and memmove.
- */
-#ifdef MEMCOPY
-void *
-memcpy(dst0, src0, length)
-#else
-#ifdef MEMMOVE
-void *
-memmove(dst0, src0, length)
-#else
-void
-bcopy(src0, dst0, length)
-#endif
-#endif
- void *dst0;
- const void *src0;
- register size_t length;
-{
- register char *dst = dst0;
- register const char *src = src0;
- register size_t t;
-
- if (length == 0 || dst == src) /* nothing to do */
- goto done;
-
- /*
- * Macros: loop-t-times; and loop-t-times, t>0
- */
-#define TLOOP(s) if (t) TLOOP1(s)
-#define TLOOP1(s) do { s; } while (--t)
-
- if ((unsigned long)dst < (unsigned long)src) {
- /*
- * Copy forward.
- */
- t = (int)src; /* only need low bits */
- if ((t | (int)dst) & wmask) {
- /*
- * Try to align operands. This cannot be done
- * unless the low bits match.
- */
- if ((t ^ (int)dst) & wmask || length < wsize)
- t = length;
- else
- t = wsize - (t & wmask);
- length -= t;
- TLOOP1(*dst++ = *src++);
- }
- /*
- * Copy whole words, then mop up any trailing bytes.
- */
- t = length / wsize;
- TLOOP(*(word *)dst = *(word *)src; src += wsize; dst += wsize);
- t = length & wmask;
- TLOOP(*dst++ = *src++);
- } else {
- /*
- * Copy backwards. Otherwise essentially the same.
- * Alignment works as before, except that it takes
- * (t&wmask) bytes to align, not wsize-(t&wmask).
- */
- src += length;
- dst += length;
- t = (int)src;
- if ((t | (int)dst) & wmask) {
- if ((t ^ (int)dst) & wmask || length <= wsize)
- t = length;
- else
- t &= wmask;
- length -= t;
- TLOOP1(*--dst = *--src);
- }
- t = length / wsize;
- TLOOP(src -= wsize; dst -= wsize; *(word *)dst = *(word *)src);
- t = length & wmask;
- TLOOP(*--dst = *--src);
- }
-done:
-#if defined(MEMCOPY) || defined(MEMMOVE)
- return (dst0);
-#else
- return;
-#endif
-}
-#endif /* no __sgi */
-
-/* Some compilers don't like an empty source file. */
-static int dummy = 0;
diff --git a/dbm/src/mktemp.c b/dbm/src/mktemp.c
deleted file mode 100644
index 78cbc9edb..000000000
--- a/dbm/src/mktemp.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * Copyright (c) 1987, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifdef macintosh
-#include <unix.h>
-#else
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-#include <fcntl.h>
-#include <errno.h>
-#include <stdio.h>
-#include <ctype.h>
-#include "mcom_db.h"
-
-#if !defined(_WINDOWS) && !defined(XP_OS2_VACPP)
-#include <unistd.h>
-#endif
-
-#ifdef XP_OS2_VACPP
-#include <process.h>
-#endif
-
-#ifdef _WINDOWS
-#include <process.h>
-#include "winfile.h"
-#endif
-
-static int _gettemp(char *path, register int *doopen, int extraFlags);
-
-int
-mkstemp(char *path)
-{
-#ifdef XP_OS2
- FILE *temp = tmpfile();
-
- return (temp ? fileno(temp) : -1);
-#else
- int fd;
-
- return (_gettemp(path, &fd, 0) ? fd : -1);
-#endif
-}
-
-int
-mkstempflags(char *path, int extraFlags)
-{
- int fd;
-
- return (_gettemp(path, &fd, extraFlags) ? fd : -1);
-}
-
-char *
-mktemp(char *path)
-{
- return(_gettemp(path, (int *)NULL, 0) ? path : (char *)NULL);
-}
-
-/* NB: This routine modifies its input string, and does not always restore it.
-** returns 1 on success, 0 on failure.
-*/
-static int
-_gettemp(char *path, register int *doopen, int extraFlags)
-{
-#if !defined(_WINDOWS) || defined(_WIN32)
- extern int errno;
-#endif
- register char *start, *trv;
- struct stat sbuf;
- unsigned int pid;
-
- pid = getpid();
- for (trv = path; *trv; ++trv); /* extra X's get set to 0's */
- while (*--trv == 'X') {
- *trv = (pid % 10) + '0';
- pid /= 10;
- }
-
- /*
- * check the target directory; if you have six X's and it
- * doesn't exist this runs for a *very* long time.
- */
- for (start = trv + 1;; --trv) {
- char saved;
- if (trv <= path)
- break;
- saved = *trv;
- if (saved == '/' || saved == '\\') {
- int rv;
- *trv = '\0';
- rv = stat(path, &sbuf);
- *trv = saved;
- if (rv)
- return(0);
- if (!S_ISDIR(sbuf.st_mode)) {
- errno = ENOTDIR;
- return(0);
- }
- break;
- }
- }
-
- for (;;) {
- if (doopen) {
- if ((*doopen =
- open(path, O_CREAT|O_EXCL|O_RDWR|extraFlags, 0600)) >= 0)
- return(1);
- if (errno != EEXIST)
- return(0);
- }
- else if (stat(path, &sbuf))
- return(errno == ENOENT ? 1 : 0);
-
- /* tricky little algorithm for backward compatibility */
- for (trv = start;;) {
- if (!*trv)
- return(0);
- if (*trv == 'z')
- *trv++ = 'a';
- else {
- if (isdigit(*trv))
- *trv = 'a';
- else
- ++*trv;
- break;
- }
- }
- }
- /*NOTREACHED*/
-}
diff --git a/dbm/src/ndbm.c b/dbm/src/ndbm.c
deleted file mode 100644
index ca008de0c..000000000
--- a/dbm/src/ndbm.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)ndbm.c 8.4 (Berkeley) 7/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * This package provides a dbm compatible interface to the new hashing
- * package described in db(3).
- */
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#if defined(__linux)
-#include <linux/limits.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#include "ndbm.h"
-#include "hash.h"
-
-/*
- * Returns:
- * *DBM on success
- * NULL on failure
- */
-extern DBM *
-dbm_open(const char *file, int flags, int mode)
-{
- HASHINFO info;
- char path[MAXPATHLEN];
-
- info.bsize = 4096;
- info.ffactor = 40;
- info.nelem = 1;
- info.cachesize = 0;
- info.hash = NULL;
- info.lorder = 0;
- (void)strcpy(path, file);
- (void)strcat(path, DBM_SUFFIX);
- return ((DBM *)__hash_open(path, flags, mode, &info, 0));
-}
-
-extern void
-dbm_close(DBM *db)
-{
- (void)(db->close)(db);
-}
-
-/*
- * Returns:
- * DATUM on success
- * NULL on failure
- */
-extern datum
-dbm_fetch(DBM *db, datum key)
-{
- datum retval;
- int status;
-
- status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0);
- if (status) {
- retval.dptr = NULL;
- retval.dsize = 0;
- }
- return (retval);
-}
-
-/*
- * Returns:
- * DATUM on success
- * NULL on failure
- */
-extern datum
-dbm_firstkey(DBM *db)
-{
- int status;
- datum retdata, retkey;
-
- status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST);
- if (status)
- retkey.dptr = NULL;
- return (retkey);
-}
-
-/*
- * Returns:
- * DATUM on success
- * NULL on failure
- */
-extern datum
-dbm_nextkey(DBM *db)
-{
- int status;
- datum retdata, retkey;
-
- status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT);
- if (status)
- retkey.dptr = NULL;
- return (retkey);
-}
-/*
- * Returns:
- * 0 on success
- * <0 failure
- */
-extern int
-dbm_delete(DBM *db, datum key)
-{
- int status;
-
- status = (db->del)(db, (DBT *)&key, 0);
- if (status)
- return (-1);
- else
- return (0);
-}
-
-/*
- * Returns:
- * 0 on success
- * <0 failure
- * 1 if DBM_INSERT and entry exists
- */
-extern int
-dbm_store(DBM *db, datum key, datum content, int flags)
-{
- return ((db->put)(db, (DBT *)&key, (DBT *)&content,
- (flags == DBM_INSERT) ? R_NOOVERWRITE : 0));
-}
-
-
-extern int
-dbm_error(DBM *db)
-{
- HTAB *hp;
-
- hp = (HTAB *)db->internal;
- return (hp->dbmerrno);
-}
-
-extern int
-dbm_clearerr(DBM *db)
-{
- HTAB *hp;
-
- hp = (HTAB *)db->internal;
- hp->dbmerrno = 0;
- return (0);
-}
-
-extern int
-dbm_dirfno(DBM *db)
-{
- return(((HTAB *)db->internal)->fp);
-}
diff --git a/dbm/src/nsres.c b/dbm/src/nsres.c
deleted file mode 100644
index 4b4dae4a2..000000000
--- a/dbm/src/nsres.c
+++ /dev/null
@@ -1,305 +0,0 @@
-#include "watcomfx.h"
-
-#include "nsres.h"
-
-#include <stdio.h>
-
-#include <stdlib.h>
-
-#include <string.h>
-
-struct RESDATABASE
-{
- DB *hdb;
- NSRESTHREADINFO *threadinfo;
- char * pbuf[MAXBUFNUM];
-} ;
-typedef struct RESDATABASE * RESHANDLE;
-
-typedef struct STRINGDATA
-{
- char *str;
- unsigned int charsetid;
-} STRINGDATA;
-
-
-typedef unsigned int CHARSETTYPE;
-#define RES_LOCK if (hres->threadinfo) hres->threadinfo->fn_lock(hres->threadinfo->lock);
-#define RES_UNLOCK if (hres->threadinfo) hres->threadinfo->fn_unlock(hres->threadinfo->lock);
-
-int GenKeyData(const char *library, int32 id, DBT *key);
-
-/*
- Right now, the page size used for resource is same as for Navigator cache
- database
- */
-HASHINFO res_hash_info = {
- 32*1024,
- 0,
- 0,
- 0,
- 0, /* 64 * 1024U */
- 0};
-
-int GenKeyData(const char *library, int32 id, DBT *key)
-{
- char idstr[10];
- static char * strdata = NULL;
- size_t len;
-
- if (strdata)
- free (strdata);
-
- if (id == 0)
- idstr[0] = '\0';
- else
- {
- sprintf(idstr, "%d", id);
- /* itoa(id, idstr, 10); */
- }
-
- if (library == NULL)
- len = strlen(idstr) + 1;
- else
- len = strlen(library) + strlen(idstr) + 1;
- strdata = (char *) malloc (len);
- strcpy(strdata, library);
- strcat(strdata, idstr);
-
- key->size = len;
- key->data = strdata;
-
- return 1;
-}
-
-NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo)
-{
- RESHANDLE hres;
- int flag;
-
- flag = O_RDWR | O_CREAT;
-
- hres = (RESHANDLE) calloc ( 1, sizeof(struct RESDATABASE) );
-
- if (threadinfo && threadinfo->lock && threadinfo->fn_lock
- && threadinfo->fn_unlock)
- {
- hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) );
- hres->threadinfo->lock = threadinfo->lock;
- hres->threadinfo->fn_lock = threadinfo->fn_lock;
- hres->threadinfo->fn_unlock = threadinfo->fn_unlock;
- }
-
-
- RES_LOCK
-
- hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info);
-
- RES_UNLOCK
-
- if(!hres->hdb)
- return NULL;
-
- return (NSRESHANDLE) hres;
-}
-
-NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo)
-{
- RESHANDLE hres;
- int flag;
-
- flag = O_RDONLY; /* only open database for reading */
-
- hres = (RESHANDLE) calloc ( 1, sizeof(struct RESDATABASE) );
-
- if (threadinfo && threadinfo->lock && threadinfo->fn_lock
- && threadinfo->fn_unlock)
- {
- hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) );
- hres->threadinfo->lock = threadinfo->lock;
- hres->threadinfo->fn_lock = threadinfo->fn_lock;
- hres->threadinfo->fn_unlock = threadinfo->fn_unlock;
- }
-
-
- RES_LOCK
-
- hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info);
-
- RES_UNLOCK
-
- if(!hres->hdb)
- return NULL;
-
- return (NSRESHANDLE) hres;
-}
-
-
-
-void NSResCloseTable(NSRESHANDLE handle)
-{
- RESHANDLE hres;
- int i;
-
- if (handle == NULL)
- return;
- hres = (RESHANDLE) handle;
-
- RES_LOCK
-
- (*hres->hdb->sync)(hres->hdb, 0);
- (*hres->hdb->close)(hres->hdb);
-
- RES_UNLOCK
-
- for (i = 0; i < MAXBUFNUM; i++)
- {
- if (hres->pbuf[i])
- free (hres->pbuf[i]);
- }
-
- if (hres->threadinfo)
- free (hres->threadinfo);
- free (hres);
-}
-
-
-char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id,
- unsigned int charsetid, char *retbuf)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- if (handle == NULL)
- return NULL;
-
- hres = (RESHANDLE) handle;
- GenKeyData(library, id, &key);
-
- RES_LOCK
-
- status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
- RES_UNLOCK
-
- if (retbuf)
- {
- memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE));
- return retbuf;
- }
- else
- {
- static int WhichString = 0;
- static int bFirstTime = 1;
- char *szLoadedString;
- int i;
-
- RES_LOCK
-
- if (bFirstTime) {
- for (i = 0; i < MAXBUFNUM; i++)
- hres->pbuf[i] = (char *) malloc(MAXSTRINGLEN * sizeof(char));
- bFirstTime = 0;
- }
-
- szLoadedString = hres->pbuf[WhichString];
- WhichString++;
-
- /* reset to 0, if WhichString reaches to the end */
- if (WhichString == MAXBUFNUM)
- WhichString = 0;
-
- if (status == 0)
- memcpy(szLoadedString, (char *) data.data + sizeof(CHARSETTYPE),
- data.size - sizeof(CHARSETTYPE));
- else
- szLoadedString[0] = 0;
-
- RES_UNLOCK
-
- return szLoadedString;
- }
-}
-
-int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- if (handle == NULL)
- return 0;
- hres = (RESHANDLE) handle;
- GenKeyData(library, id, &key);
-
- RES_LOCK
-
- status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
- RES_UNLOCK
-
- return data.size - sizeof(CHARSETTYPE);
-}
-
-int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- if (handle == NULL)
- return 0;
- hres = (RESHANDLE) handle;
- GenKeyData(library, id, &key);
-
- RES_LOCK
-
- status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
- RES_UNLOCK
-
- if (retbuf)
- {
- memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE));
- return data.size;
- }
- else
- return 0;
-}
-
-int NSResAddString(NSRESHANDLE handle, const char *library, int32 id,
- const char *string, unsigned int charset)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- char * recdata;
-
- if (handle == NULL)
- return 0;
- hres = (RESHANDLE) handle;
-
- GenKeyData(library, id, &key);
-
- data.size = sizeof(CHARSETTYPE) + (strlen(string) + 1) ;
-
- recdata = (char *) malloc(data.size) ;
-
- /* set charset to the first field of record data */
- *((CHARSETTYPE *)recdata) = (CHARSETTYPE)charset;
-
- /* set data field */
- memcpy(recdata+sizeof(CHARSETTYPE), string, strlen(string) + 1);
-
- data.data = recdata;
-
- RES_LOCK
-
- status = (*hres->hdb->put)(hres->hdb, &key, &data, 0);
-
-
- if (recdata)
- free(recdata);
-
- RES_UNLOCK
-
- return status;
-}
diff --git a/dbm/src/snprintf.c b/dbm/src/snprintf.c
deleted file mode 100644
index 498778572..000000000
--- a/dbm/src/snprintf.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#ifndef HAVE_SNPRINTF
-
-#include "watcomfx.h"
-#include <sys/types.h>
-#include <stddef.h>
-#include <stdio.h>
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#else
-#include "cdefs.h"
-#endif
-
-#include "prtypes.h"
-
-#include <ncompat.h>
-
-/* The OS/2 VAC compiler doesn't appear to define __STDC__ and won't let us define it either */
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-#include <stdarg.h>
-#else
-#include <varargs.h>
-#endif
-
-int
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-snprintf(char *str, size_t n, const char *fmt, ...)
-#else
-snprintf(str, n, fmt, va_alist)
- char *str;
- size_t n;
- const char *fmt;
- va_dcl
-#endif
-{
- va_list ap;
-#ifdef VSPRINTF_CHARSTAR
- char *rp;
-#else
- int rval;
-#endif
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
- va_start(ap, fmt);
-#else
- va_start(ap);
-#endif
-#ifdef VSPRINTF_CHARSTAR
- rp = vsprintf(str, fmt, ap);
- va_end(ap);
- return (strlen(rp));
-#else
- rval = vsprintf(str, fmt, ap);
- va_end(ap);
- return (rval);
-#endif
-}
-
-int
-vsnprintf(str, n, fmt, ap)
- char *str;
- size_t n;
- const char *fmt;
- va_list ap;
-{
-#ifdef VSPRINTF_CHARSTAR
- return (strlen(vsprintf(str, fmt, ap)));
-#else
- return (vsprintf(str, fmt, ap));
-#endif
-}
-
-#endif /* HAVE_SNPRINTF */
-
-/* Some compilers don't like an empty source file. */
-static int dummy = 0;
diff --git a/dbm/src/strerror.c b/dbm/src/strerror.c
deleted file mode 100644
index d1ae2666a..000000000
--- a/dbm/src/strerror.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)strerror.c 8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#include <string.h>
-
-#ifdef _DLL
-#define sys_nerr (*_sys_nerr_dll)
-#endif
-
-#ifndef HAVE_STRERROR
-#ifndef _AFXDLL
-char *
-strerror(num)
- int num;
-{
- extern int sys_nerr;
- extern char *sys_errlist[];
-#define UPREFIX "Unknown error: "
- static char ebuf[40] = UPREFIX; /* 64-bit number + slop */
- register unsigned int errnum;
- register char *p, *t;
- char tmp[40];
-
- errnum = num; /* convert to unsigned */
- if (errnum < sys_nerr)
- return(sys_errlist[errnum]);
-
- /* Do this by hand, so we don't include stdio(3). */
- t = tmp;
- do {
- *t++ = "0123456789"[errnum % 10];
- } while (errnum /= 10);
- for (p = ebuf + sizeof(UPREFIX) - 1;;) {
- *p++ = *--t;
- if (t <= tmp)
- break;
- }
- return(ebuf);
-}
-
-#endif
-#endif /* !HAVE_STRERROR */
diff --git a/dbm/tests/.cvsignore b/dbm/tests/.cvsignore
deleted file mode 100644
index a21fbfc35..000000000
--- a/dbm/tests/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-Makefile
-lots
-test.db
diff --git a/dbm/tests/Makefile.in b/dbm/tests/Makefile.in
deleted file mode 100644
index 25ecd2a33..000000000
--- a/dbm/tests/Makefile.in
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-
-DEPTH = ../..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE = dbm
-PROGRAM = lots$(BIN_SUFFIX)
-
-CSRCS = lots.c
-
-ifeq ($(OS_ARCH),WINNT)
-EXTRA_DSO_LIBS = dbm$(MOZ_BITS)
-else
-EXTRA_DSO_LIBS = mozdbm_s
-endif
-
-LIBS = $(EXTRA_DSO_LIBS)
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/tests/lots.c b/dbm/tests/lots.c
deleted file mode 100644
index 0b3191e74..000000000
--- a/dbm/tests/lots.c
+++ /dev/null
@@ -1,639 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: NPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Netscape Public License
- * Version 1.1 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the NPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the NPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* use sequental numbers printed to strings
- * to store lots and lots of entries in the
- * database.
- *
- * Start with 100 entries, put them and then
- * read them out. Then delete the first
- * half and verify that all of the first half
- * is gone and then verify that the second
- * half is still there.
- * Then add the first half back and verify
- * again. Then delete the middle third
- * and verify again.
- * Then increase the size by 1000 and do
- * the whole add delete thing again.
- *
- * The data for each object is the number string translated
- * to hex and replicated a random number of times. The
- * number of times that the data is replicated is the first
- * int32 in the data.
- */
-
-#include <stdio.h>
-
-#include <stdlib.h>
-#ifdef STDC_HEADERS
-#include <stdarg.h>
-#else
-#include <varargs.h>
-#endif
-
-#ifdef HAVE_MEMORY_H
-#include <memory.h>
-#endif
-#include <string.h>
-#include <assert.h>
-#include "mcom_db.h"
-
-DB *database=0;
-int MsgPriority=5;
-
-#if defined(_WINDOWS) && !defined(WIN32)
-#define int32 long
-#define uint32 unsigned long
-#else
-#define int32 int
-#define uint32 unsigned int
-#endif
-
-typedef enum {
-USE_LARGE_KEY,
-USE_SMALL_KEY
-} key_type_enum;
-
-#define TraceMe(priority, msg) \
- do { \
- if(priority <= MsgPriority) \
- { \
- ReportStatus msg; \
- } \
- } while(0)
-
-int
-ReportStatus(char *string, ...)
-{
- va_list args;
-
-#ifdef STDC_HEADERS
- va_start(args, string);
-#else
- va_start(args);
-#endif
- vfprintf(stderr, string, args);
- va_end(args);
-
- fprintf (stderr, "\n");
-
- return(0);
-}
-
-int
-ReportError(char *string, ...)
-{
- va_list args;
-
-#ifdef STDC_HEADERS
- va_start(args, string);
-#else
- va_start(args);
-#endif
- fprintf (stderr, "\n ");
- vfprintf(stderr, string, args);
- fprintf (stderr, "\n");
- va_end(args);
-
- return(0);
-}
-
-DBT * MakeLargeKey(int32 num)
-{
- int32 low_bits;
- static DBT rv;
- static char *string_rv=0;
- int rep_char;
- size_t size;
-
- if(string_rv)
- free(string_rv);
-
- /* generate a really large text key derived from
- * an int32
- */
- low_bits = (num % 10000) + 1;
-
- /* get the repeat char from the low 26 */
- rep_char = (char) ((low_bits % 26) + 'a');
-
- /* malloc a string low_bits wide */
- size = low_bits*sizeof(char);
- string_rv = (char *)malloc(size);
-
- memset(string_rv, rep_char, size);
-
- rv.data = string_rv;
- rv.size = size;
-
- return(&rv);
-}
-
-DBT * MakeSmallKey(int32 num)
-{
- static DBT rv;
- static char data_string[64];
-
- rv.data = data_string;
-
- sprintf(data_string, "%ld", (long)num);
- rv.size = strlen(data_string);
-
- return(&rv);
-
-}
-
-DBT * GenKey(int32 num, key_type_enum key_type)
-{
- DBT *key;
-
- switch(key_type)
- {
- case USE_LARGE_KEY:
- key = MakeLargeKey(num);
- break;
- case USE_SMALL_KEY:
- key = MakeSmallKey(num);
- break;
- default:
- abort();
- break;
- }
-
- return(key);
-}
-
-int
-SeqDatabase()
-{
- int status;
- DBT key, data;
-
- ReportStatus("SEQuencing through database...");
-
- /* seq throught the whole database */
- if(!(status = (*database->seq)(database, &key, &data, R_FIRST)))
- {
- while(!(status = (database->seq) (database, &key, &data, R_NEXT)));
- ; /* null body */
- }
-
- if(status < 0)
- ReportError("Error seq'ing database");
-
- return(status);
-}
-
-int
-VerifyData(DBT *data, int32 num, key_type_enum key_type)
-{
- int32 count, compare_num;
- size_t size;
- int32 *int32_array;
-
- /* The first int32 is count
- * The other n entries should
- * all equal num
- */
- if(data->size < sizeof(int32))
- {
- ReportError("Data size corrupted");
- return -1;
- }
-
- memcpy(&count, data->data, sizeof(int32));
-
- size = sizeof(int32)*(count+1);
-
- if(size != data->size)
- {
- ReportError("Data size corrupted");
- return -1;
- }
-
- int32_array = (int32*)data->data;
-
- for(;count > 0; count--)
- {
- memcpy(&compare_num, &int32_array[count], sizeof(int32));
-
- if(compare_num != num)
- {
- ReportError("Data corrupted");
- return -1;
- }
- }
-
- return(0);
-}
-
-
-/* verify that a range of number strings exist
- * or don't exist. And that the data is valid
- */
-#define SHOULD_EXIST 1
-#define SHOULD_NOT_EXIST 0
-int
-VerifyRange(int32 low, int32 high, int32 should_exist, key_type_enum key_type)
-{
- DBT *key, data;
- int32 num;
- int status;
-
- TraceMe(1, ("Verifying: %ld to %ld, using %s keys",
- low, high, key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
-
- for(num = low; num <= high; num++)
- {
-
- key = GenKey(num, key_type);
-
- status = (*database->get)(database, key, &data, 0);
-
- if(status == 0)
- {
- /* got the item */
- if(!should_exist)
- {
- ReportError("Item exists but shouldn't: %ld", num);
- }
- else
- {
- /* else verify the data */
- VerifyData(&data, num, key_type);
- }
- }
- else if(status > 0)
- {
- /* item not found */
- if(should_exist)
- {
- ReportError("Item not found but should be: %ld", num);
- }
- }
- else
- {
- /* database error */
- ReportError("Database error");
- return(-1);
- }
-
- }
-
- TraceMe(1, ("Correctly verified: %ld to %ld", low, high));
-
- return(0);
-
-}
-
-DBT *
-GenData(int32 num)
-{
- int32 n;
- static DBT *data=0;
- int32 *int32_array;
- size_t size;
-
- if(!data)
- {
- data = (DBT*)malloc(sizeof(DBT));
- data->size = 0;
- data->data = 0;
- }
- else if(data->data)
- {
- free(data->data);
- }
-
- n = rand();
-
- n = n % 512; /* bound to a 2K size */
-
-
- size = sizeof(int32)*(n+1);
- int32_array = (int32 *) malloc(size);
-
- memcpy(&int32_array[0], &n, sizeof(int32));
-
- for(; n > 0; n--)
- {
- memcpy(&int32_array[n], &num, sizeof(int32));
- }
-
- data->data = (void*)int32_array;
- data->size = size;
-
- return(data);
-}
-
-#define ADD_RANGE 1
-#define DELETE_RANGE 2
-
-int
-AddOrDelRange(int32 low, int32 high, int action, key_type_enum key_type)
-{
- DBT *key, *data;
-#if 0 /* only do this if your really analy checking the puts */
- DBT tmp_data;
-#endif
- int32 num;
- int status;
-
- if(action != ADD_RANGE && action != DELETE_RANGE)
- assert(0);
-
- if(action == ADD_RANGE)
- {
- TraceMe(1, ("Adding: %ld to %ld: %s keys", low, high,
- key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
- }
- else
- {
- TraceMe(1, ("Deleting: %ld to %ld: %s keys", low, high,
- key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
- }
-
- for(num = low; num <= high; num++)
- {
-
- key = GenKey(num, key_type);
-
- if(action == ADD_RANGE)
- {
- data = GenData(num);
- status = (*database->put)(database, key, data, 0);
- }
- else
- {
- status = (*database->del)(database, key, 0);
- }
-
- if(status < 0)
- {
- ReportError("Database error %s item: %ld",
- action == ADD_RANGE ? "ADDING" : "DELETING",
- num);
- }
- else if(status > 0)
- {
- ReportError("Could not %s item: %ld",
- action == ADD_RANGE ? "ADD" : "DELETE",
- num);
- }
- else if(action == ADD_RANGE)
- {
-#define SYNC_EVERY_TIME
-#ifdef SYNC_EVERY_TIME
- status = (*database->sync)(database, 0);
- if(status != 0)
- ReportError("Database error syncing after add");
-#endif
-
-#if 0 /* only do this if your really analy checking the puts */
-
- /* make sure we can still get it
- */
- status = (*database->get)(database, key, &tmp_data, 0);
-
- if(status != 0)
- {
- ReportError("Database error checking item just added: %d",
- num);
- }
- else
- {
- /* now verify that none of the ones we already
- * put in have disappeared
- */
- VerifyRange(low, num, SHOULD_EXIST, key_type);
- }
-#endif
-
- }
- }
-
-
- if(action == ADD_RANGE)
- {
- TraceMe(1, ("Successfully added: %ld to %ld", low, high));
- }
- else
- {
- TraceMe(1, ("Successfully deleted: %ld to %ld", low, high));
- }
-
- return(0);
-}
-
-int
-TestRange(int32 low, int32 range, key_type_enum key_type)
-{
- int status; int32 low_of_range1, high_of_range1; int32 low_of_range2, high_of_range2;
- int32 low_of_range3, high_of_range3;
-
- status = AddOrDelRange(low, low+range, ADD_RANGE, key_type);
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 1"));
-
- SeqDatabase();
-
- low_of_range1 = low;
- high_of_range1 = low+(range/2);
- low_of_range2 = high_of_range1+1;
- high_of_range2 = low+range;
- status = AddOrDelRange(low_of_range1, high_of_range1, DELETE_RANGE, key_type);
- status = VerifyRange(low_of_range1, high_of_range1, SHOULD_NOT_EXIST, key_type);
- status = VerifyRange(low_of_range2, low_of_range2, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 2"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range1, high_of_range1, ADD_RANGE, key_type);
- /* the whole thing should exist now */
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 3"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
- status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
- status = VerifyRange(low_of_range2, high_of_range2, SHOULD_NOT_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 4"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
- /* the whole thing should exist now */
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 5"));
-
- SeqDatabase();
-
- low_of_range1 = low;
- high_of_range1 = low+(range/3);
- low_of_range2 = high_of_range1+1;
- high_of_range2 = high_of_range1+(range/3);
- low_of_range3 = high_of_range2+1;
- high_of_range3 = low+range;
- /* delete range 2 */
- status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
- status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
- status = VerifyRange(low_of_range2, low_of_range2, SHOULD_NOT_EXIST, key_type);
- status = VerifyRange(low_of_range3, low_of_range2, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 6"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
- /* the whole thing should exist now */
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 7"));
-
- return(0);
-}
-
-#define START_RANGE 109876
-int
-main(int argc, char **argv)
-{
- int32 i, j=0;
- int quick_exit = 0;
- int large_keys = 0;
- HASHINFO hash_info = {
- 16*1024,
- 0,
- 0,
- 0,
- 0,
- 0};
-
-
- if(argc > 1)
- {
- while(argc > 1)
- {
- if(!strcmp(argv[argc-1], "-quick"))
- quick_exit = 1;
- else if(!strcmp(argv[argc-1], "-large"))
- {
- large_keys = 1;
- }
- argc--;
- }
- }
-
- database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, &hash_info);
-
- if(!database)
- {
- ReportError("Could not open database");
-#ifdef unix
- perror("");
-#endif
- exit(1);
- }
-
- if(quick_exit)
- {
- if(large_keys)
- TestRange(START_RANGE, 200, USE_LARGE_KEY);
- else
- TestRange(START_RANGE, 200, USE_SMALL_KEY);
-
- (*database->sync)(database, 0);
- (*database->close)(database);
- exit(0);
- }
-
- for(i=100; i < 10000000; i+=200)
- {
- if(1 || j)
- {
- TestRange(START_RANGE, i, USE_LARGE_KEY);
- j = 0;
- }
- else
- {
- TestRange(START_RANGE, i, USE_SMALL_KEY);
- j = 1;
- }
-
- if(1 == rand() % 3)
- {
- (*database->sync)(database, 0);
- }
-
- if(1 == rand() % 3)
- {
- /* close and reopen */
- (*database->close)(database);
- database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
- if(!database)
- {
- ReportError("Could not reopen database");
-#ifdef unix
- perror("");
-#endif
- exit(1);
- }
- }
- else
- {
- /* reopen database without closeing the other */
- database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
- if(!database)
- {
- ReportError("Could not reopen database "
- "after not closing the other");
-#ifdef unix
- perror("");
-#endif
- exit(1);
- }
- }
- }
-
- return(0);
-}
diff --git a/security/coreconf/AIX.mk b/security/coreconf/AIX.mk
deleted file mode 100644
index 4e9429c1a..000000000
--- a/security/coreconf/AIX.mk
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX.
-#
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# There are two implementation strategies available on AIX:
-# pthreads, and pthreads-user. The default is pthreads.
-# In both strategies, we need to use pthread_user.c, instead of
-# aix.c. The fact that aix.c is never used is somewhat strange.
-#
-# So we need to do the following:
-# - Default (PTHREADS_USER not defined in the environment or on
-# the command line):
-# Set PTHREADS_USER=1, USE_PTHREADS=1
-# - PTHREADS_USER=1 set in the environment or on the command line:
-# Do nothing.
-#
-ifeq ($(PTHREADS_USER),1)
- USE_PTHREADS = # just to be safe
- IMPL_STRATEGY = _PTH_USER
-else
- USE_PTHREADS = 1
- PTHREADS_USER = 1
-endif
-
-DEFAULT_COMPILER = xlC_r
-
-CC = xlC_r
-CCC = xlC_r
-
-CPU_ARCH = rs6000
-
-RANLIB = ranlib
-
-OS_CFLAGS = -DAIX -DSYSV
-ifndef NS_USE_GCC
- OS_CFLAGS += -qarch=com
-endif
-
-AIX_WRAP = $(DIST)/lib/aixwrap.o
-AIX_TMP = $(OBJDIR)/_aix_tmp.o
-OS_LIBS += -lsvld
-ifdef MAPFILE
-EXPORT_RULES = -bexport:$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' > $@
-
-ifdef BUILD_OPT
- OPTIMIZER += -qmaxmem=-1
-endif
-
diff --git a/security/coreconf/AIX3.2.mk b/security/coreconf/AIX3.2.mk
deleted file mode 100644
index c93a00eef..000000000
--- a/security/coreconf/AIX3.2.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX3.2.5
-#
-include $(CORE_DEPTH)/coreconf/AIX.mk
diff --git a/security/coreconf/AIX4.1.mk b/security/coreconf/AIX4.1.mk
deleted file mode 100644
index 115ee8dc8..000000000
--- a/security/coreconf/AIX4.1.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX4.1
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-
-AIX_LINK_OPTS += -bnso -berok
-#AIX_LINK_OPTS += -bnso -berok -brename:.select,.wrap_select -brename:.poll,.wrap_poll -bI:/usr/lib/syscalls.exp
-
-# The AIX4.1 linker had a bug which always looked for a dynamic library
-# with an extension of .a. AIX4.2 fixed this problem
-DLL_SUFFIX = a
-
-OS_LIBS += -lsvld
-
-# override default value set in suffix.mk, for AIX 4.1 only
-DYNAMIC_LIB_EXTENSION = _shr
-
-# override default value in ruleset.mk
-ifdef LIBRARY_NAME
- SHARED_LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION)_shr$(JDK_DEBUG_SUFFIX).a
-endif
-
diff --git a/security/coreconf/AIX4.2.mk b/security/coreconf/AIX4.2.mk
deleted file mode 100644
index 71280fdf7..000000000
--- a/security/coreconf/AIX4.2.mk
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# Config stuff for AIX4.2
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-OS_CFLAGS += -DAIX4_2
-DSO_LDOPTS = -brtl -bM:SRE -bnoentry
-MKSHLIB = $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm
-
-OS_LIBS += -L/usr/lpp/xlC/lib -lc -lm
-ifdef MAPFILE
-DSO_LDOPTS += -bexport:$(MAPFILE)
-else
-DSO_LDOPTS += -bexpall
-endif
-
-
diff --git a/security/coreconf/AIX4.3.mk b/security/coreconf/AIX4.3.mk
deleted file mode 100644
index 43ce77bc0..000000000
--- a/security/coreconf/AIX4.3.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX4.3
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-
-ifeq ($(USE_64), 1)
-# Next line replaced by generic name handling in arch.mk
-# COMPILER_TAG = _64
- OS_CFLAGS += -DAIX_64BIT
- OBJECT_MODE=64
- export OBJECT_MODE
-endif
-OS_CFLAGS += -DAIX4_3
-DSO_LDOPTS = -brtl -bM:SRE -bnoentry
-MKSHLIB = $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm
-
-OS_LIBS += -L/usr/lpp/xlC/lib -lc -lm
-ifdef MAPFILE
-DSO_LDOPTS += -bexport:$(MAPFILE)
-else
-DSO_LDOPTS += -bexpall
-endif
diff --git a/security/coreconf/AIX5.1.mk b/security/coreconf/AIX5.1.mk
deleted file mode 100644
index daa999ba7..000000000
--- a/security/coreconf/AIX5.1.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX5.1
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-
-ifeq ($(USE_64), 1)
-# Next line replaced by generic name handling in arch.mk
-# COMPILER_TAG = _64
- OS_CFLAGS += -DAIX_64BIT
- OBJECT_MODE=64
- export OBJECT_MODE
-endif
-DSO_LDOPTS = -brtl -bM:SRE -bnoentry
-MKSHLIB = $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm
-
-OS_LIBS += -L/usr/lpp/xlC/lib -lc -lm
-ifdef MAPFILE
-DSO_LDOPTS += -bexport:$(MAPFILE)
-else
-DSO_LDOPTS += -bexpall
-endif
diff --git a/security/coreconf/BSD_OS.mk b/security/coreconf/BSD_OS.mk
deleted file mode 100644
index e91c4a5d6..000000000
--- a/security/coreconf/BSD_OS.mk
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): Kurt J. Lidl
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for BSD/OS
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = gcc
-CC = gcc
-CCC = g++
-RANLIB = ranlib
-
-ifeq ($(OS_TEST),i386)
- OS_REL_CFLAGS = -D__i386__
- CPU_ARCH = x86
-else
-ifeq ($(OS_TEST),ppc)
- OS_REL_CFLAGS = -D__ppc__
- CPU_ARCH = ppc
-else
-ifeq ($(OS_TEST),sparc)
- OS_REL_CFLAGS = -D__sparc__
- CPU_ARCH = sparc
-else
-# treat the ultrasparc like a regular sparc, at least for now!
-ifeq ($(OS_TEST),sparc_v9)
- OS_REL_CFLAGS = -D__sparc__
- CPU_ARCH = sparc
-endif
-endif
-endif
-endif
-
-DLL_SUFFIX = so
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wall -DBSD_OS -DBSDI -Dunix -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-ARCH = bsdos
-
-DSO_CFLAGS = -fPIC -DPIC
-DSO_LDOPTS = -shared
-DSO_LDFLAGS =
-DSO_LDOPTS += -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-
-ifdef LIBRUNPATH
-DSO_LDOPTS += -Wl,-R$(LIBRUNPATH)
-endif
-
-MKSHLIB = $(CC) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-G++INCLUDES = -I/usr/include/g++
-
-INCLUDES += -I/usr/X11R6/include
diff --git a/security/coreconf/BeOS.mk b/security/coreconf/BeOS.mk
deleted file mode 100644
index 4e8f3b239..000000000
--- a/security/coreconf/BeOS.mk
+++ /dev/null
@@ -1,79 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2002 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for BeOS
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-XP_DEFINE := $(XP_DEFINE:-DXP_UNIX=-DXP_BEOS)
-
-USE_PTHREADS =
-
-ifeq ($(USE_PTHREADS),1)
- IMPL_STRATEGY = _PTH
-endif
-
-CC = gcc
-CCC = g++
-RANLIB = ranlib
-
-DEFAULT_COMPILER = gcc
-
-ifeq ($(OS_TEST),ppc)
- OS_REL_CFLAGS = -Dppc
- CPU_ARCH = ppc
-else
- OS_REL_CFLAGS = -Di386
- CPU_ARCH = x86
-endif
-
-MKSHLIB = $(CC) -nostart -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
- OPTIMIZER = -O2
-endif
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wall -pipe
-OS_LIBS = -lbe
-
-DEFINES += -DBEOS
-
-ifdef USE_PTHREADS
- DEFINES += -D_REENTRANT
-endif
-
-ARCH = beos
-
-DSO_CFLAGS = -fPIC
-DSO_LDOPTS =
-DSO_LDFLAGS =
-
diff --git a/security/coreconf/Darwin.mk b/security/coreconf/Darwin.mk
deleted file mode 100644
index d58e5c760..000000000
--- a/security/coreconf/Darwin.mk
+++ /dev/null
@@ -1,78 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Darwin.
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CC = cc
-CCC = c++
-RANLIB = ranlib
-
-ifeq (86,$(findstring 86,$(OS_TEST)))
-OS_REL_CFLAGS = -Di386
-CPU_ARCH = i386
-else
-OS_REL_CFLAGS = -Dppc
-CPU_ARCH = ppc
-endif
-
-# "Commons" are tentative definitions in a global scope, like this:
-# int x;
-# The meaning of a common is ambiguous. It may be a true definition:
-# int x = 0;
-# or it may be a declaration of a symbol defined in another file:
-# extern int x;
-# Use the -fno-common option to force all commons to become true
-# definitions so that the linker can catch multiply-defined symbols.
-# Also, common symbols are not allowed with Darwin dynamic libraries.
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wmost -fpascal-strings -traditional-cpp -fno-common -pipe -DDARWIN -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-ifdef BUILD_OPT
-OPTIMIZER = -O2
-endif
-
-ARCH = darwin
-
-# May override this with -bundle to create a loadable module.
-DSO_LDOPTS = -dynamiclib -compatibility_version 1 -current_version 1 -install_name @executable_path/$(notdir $@)
-
-MKSHLIB = $(CC) -arch $(CPU_ARCH) $(DSO_LDOPTS)
-DLL_SUFFIX = dylib
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,_,' > $@
-
-G++INCLUDES = -I/usr/include/g++
diff --git a/security/coreconf/FreeBSD.mk b/security/coreconf/FreeBSD.mk
deleted file mode 100644
index 7fc55c6e3..000000000
--- a/security/coreconf/FreeBSD.mk
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for FreeBSD
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = gcc
-CC = gcc
-CCC = g++
-RANLIB = ranlib
-
-ifeq ($(OS_TEST),alpha)
-CPU_ARCH = alpha
-else
-CPU_ARCH = x86
-endif
-
-OS_CFLAGS = $(DSO_CFLAGS) -ansi -Wall -DFREEBSD -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-DSO_CFLAGS = -fPIC
-DSO_LDOPTS = -shared -Wl,-soname -Wl,$(notdir $@)
-
-#
-# The default implementation strategy for FreeBSD is pthreads.
-#
-ifndef CLASSIC_NSPR
-USE_PTHREADS = 1
-DEFINES += -D_THREAD_SAFE -D_REENTRANT
-OS_LIBS += -pthread
-DSO_LDOPTS += -pthread
-endif
-
-ARCH = freebsd
-
-MOZ_OBJFORMAT := $(shell test -x /usr/bin/objformat && /usr/bin/objformat || echo aout)
-
-ifeq ($(MOZ_OBJFORMAT),elf)
-DLL_SUFFIX = so
-else
-DLL_SUFFIX = so.1.0
-endif
-
-MKSHLIB = $(CC) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-G++INCLUDES = -I/usr/include/g++
-
-INCLUDES += -I/usr/X11R6/include
diff --git a/security/coreconf/HP-UX.mk b/security/coreconf/HP-UX.mk
deleted file mode 100644
index 80034ef36..000000000
--- a/security/coreconf/HP-UX.mk
+++ /dev/null
@@ -1,76 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# Config stuff for HP-UX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CPU_ARCH = hppa
-DLL_SUFFIX = sl
-CC = cc
-CCC = CC
-OS_CFLAGS += -Ae $(DSO_CFLAGS) -DHPUX -D$(CPU_ARCH) -D_HPUX_SOURCE -D_USE_BIG_FDS
-
-ifeq ($(DEFAULT_IMPL_STRATEGY),_PTH)
- USE_PTHREADS = 1
- ifeq ($(CLASSIC_NSPR),1)
- USE_PTHREADS =
- IMPL_STRATEGY = _CLASSIC
- endif
- ifeq ($(PTHREADS_USER),1)
- USE_PTHREADS =
- IMPL_STRATEGY = _PTH_USER
- endif
-endif
-
-ifdef PTHREADS_USER
- OS_CFLAGS += -D_POSIX_C_SOURCE=199506L
-endif
-
-LDFLAGS = -z -Wl,+s
-
-MKSHLIB = $(LD) $(DSO_LDOPTS)
-ifdef MAPFILE
-MKSHLIB += -c $(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,+e ,' > $@
-
-DSO_LDOPTS = -b +h $(notdir $@)
-DSO_LDFLAGS =
-
-# +Z generates position independent code for use in shared libraries.
-DSO_CFLAGS = +Z
diff --git a/security/coreconf/HP-UXA.09.03.mk b/security/coreconf/HP-UXA.09.03.mk
deleted file mode 100644
index 7ac02ae2a..000000000
--- a/security/coreconf/HP-UXA.09.03.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# On HP-UX 9, the default (and only) implementation strategy is
-# classic nspr.
-#
-ifeq ($(OS_RELEASE),A.09.03)
- DEFAULT_IMPL_STRATEGY = _CLASSIC
-endif
-
-#
-# Config stuff for HP-UXA.09.03
-#
-include $(CORE_DEPTH)/coreconf/HP-UXA.09.mk
diff --git a/security/coreconf/HP-UXA.09.07.mk b/security/coreconf/HP-UXA.09.07.mk
deleted file mode 100644
index 9fcf4c826..000000000
--- a/security/coreconf/HP-UXA.09.07.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 9, the default (and only) implementation strategy is
-# classic nspr.
-#
-ifeq ($(OS_RELEASE),A.09.07)
- DEFAULT_IMPL_STRATEGY = _CLASSIC
-endif
-
-#
-# Config stuff for HP-UXA.09.07
-#
-include $(CORE_DEPTH)/coreconf/HP-UXA.09.mk
diff --git a/security/coreconf/HP-UXA.09.mk b/security/coreconf/HP-UXA.09.mk
deleted file mode 100644
index 813a16f40..000000000
--- a/security/coreconf/HP-UXA.09.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# Config stuff for HP-UXA.09
-#
-include $(CORE_DEPTH)/coreconf/HP-UX.mk
-
-OS_CFLAGS += -DHPUX9
diff --git a/security/coreconf/HP-UXB.10.01.mk b/security/coreconf/HP-UXB.10.01.mk
deleted file mode 100644
index 718ee1184..000000000
--- a/security/coreconf/HP-UXB.10.01.mk
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-ifeq ($(OS_RELEASE),B.10.01)
- DEFAULT_IMPL_STRATEGY = _CLASSIC
-endif
-
-#
-# Config stuff for HP-UXB.10.01
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
diff --git a/security/coreconf/HP-UXB.10.10.mk b/security/coreconf/HP-UXB.10.10.mk
deleted file mode 100644
index 54a78e6e2..000000000
--- a/security/coreconf/HP-UXB.10.10.mk
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.10 and 10.20, the default implementation strategy is
-# pthreads (actually DCE threads). Classic nspr is also available.
-#
-
-ifeq ($(OS_RELEASE),B.10.10)
- DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# Config stuff for HP-UXB.10.10
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
-
-OS_CFLAGS += -DHPUX10_10
-
-ifeq ($(USE_PTHREADS),1)
- OS_CFLAGS += -D_REENTRANT
-endif
diff --git a/security/coreconf/HP-UXB.10.20.mk b/security/coreconf/HP-UXB.10.20.mk
deleted file mode 100644
index 5c14b9844..000000000
--- a/security/coreconf/HP-UXB.10.20.mk
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.10 and 10.20, the default implementation strategy is
-# pthreads (actually DCE threads). Classic nspr is also available.
-#
-
-ifeq ($(OS_RELEASE),B.10.20)
- DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# Config stuff for HP-UXB.10.20
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
-
-OS_CFLAGS += -DHPUX10_20
-
-ifeq ($(USE_PTHREADS),1)
- OS_CFLAGS += -D_REENTRANT
-endif
diff --git a/security/coreconf/HP-UXB.10.30.mk b/security/coreconf/HP-UXB.10.30.mk
deleted file mode 100644
index ef52d1122..000000000
--- a/security/coreconf/HP-UXB.10.30.mk
+++ /dev/null
@@ -1,56 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.00, the default implementation strategy is
-# pthreads. Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.10.30)
- DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# Config stuff for HP-UXB.10.30.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
-
-OS_CFLAGS += -DHPUX10_30
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.00, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
- OS_CFLAGS += -D_POSIX_C_SOURCE=199506L
-endif
diff --git a/security/coreconf/HP-UXB.10.mk b/security/coreconf/HP-UXB.10.mk
deleted file mode 100644
index 77ca9bce7..000000000
--- a/security/coreconf/HP-UXB.10.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for HP-UXB.10
-#
-include $(CORE_DEPTH)/coreconf/HP-UX.mk
-
-OS_CFLAGS += -DHPUX10
-OS_LIBS += -lpthread -lm
diff --git a/security/coreconf/HP-UXB.11.00.mk b/security/coreconf/HP-UXB.11.00.mk
deleted file mode 100644
index 0732202ae..000000000
--- a/security/coreconf/HP-UXB.11.00.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.00, the default implementation strategy is
-# pthreads. Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.11.00)
-OS_CFLAGS += -DHPUX10
-DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.00, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
- OS_CFLAGS += -D_POSIX_C_SOURCE=199506L
-endif
-
-#
-# Config stuff for HP-UXB.11.00.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk
diff --git a/security/coreconf/HP-UXB.11.11.mk b/security/coreconf/HP-UXB.11.11.mk
deleted file mode 100644
index 1789b7d7d..000000000
--- a/security/coreconf/HP-UXB.11.11.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2001 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.x, the default implementation strategy is
-# pthreads. Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.11.11)
-OS_CFLAGS += -DHPUX10
-DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.x, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
- OS_CFLAGS += -D_POSIX_C_SOURCE=199506L
-endif
-
-#
-# Config stuff for HP-UXB.11.11.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk
diff --git a/security/coreconf/HP-UXB.11.20.mk b/security/coreconf/HP-UXB.11.20.mk
deleted file mode 100644
index a638736c5..000000000
--- a/security/coreconf/HP-UXB.11.20.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2002 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.x, the default implementation strategy is
-# pthreads. Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.11.20)
-OS_CFLAGS += -DHPUX10
-DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.x, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
- OS_CFLAGS += -D_POSIX_C_SOURCE=199506L
-endif
-
-#
-# Config stuff for HP-UXB.11.x.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk
diff --git a/security/coreconf/HP-UXB.11.mk b/security/coreconf/HP-UXB.11.mk
deleted file mode 100644
index 5b489014f..000000000
--- a/security/coreconf/HP-UXB.11.mk
+++ /dev/null
@@ -1,73 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for HP-UXB.11
-#
-include $(CORE_DEPTH)/coreconf/HP-UX.mk
-
-ifdef USE_LONG_LONGS
-USE_HYBRID = 1
-endif
-
-ifndef NS_USE_GCC
- CCC = /opt/aCC/bin/aCC -ext
- ifeq ($(USE_64), 1)
- ifeq ($(OS_TEST), ia64)
- OS_CFLAGS += -Aa +e +p +DD64
- else
- OS_CFLAGS += -Aa +e +DA2.0W +DS2.0 +DChpux
- endif
-# Next line replaced by generic name handling in arch.mk
-# COMPILER_TAG = _64
- else
- ifeq ($(OS_TEST), ia64)
- OS_CFLAGS += -Aa +e +p +DD32
- else
- ifdef USE_HYBRID
- OS_CFLAGS += -Aa +e +DA2.0 +DS2.0
- else
- OS_CFLAGS += +DAportable +DS2.0
- endif
- endif
- endif
-else
- CCC = aCC
-endif
-
-OS_CFLAGS += -DHPUX11
-OS_LIBS += -lpthread -lm -lrt
-#ifeq ($(USE_64), 1)
-#OS_LIBS += -ldl
-#else
-#OS_LIBS += -ldld
-#endif
-HPUX11 = 1
diff --git a/security/coreconf/IRIX.mk b/security/coreconf/IRIX.mk
deleted file mode 100644
index 32e2a4a9a..000000000
--- a/security/coreconf/IRIX.mk
+++ /dev/null
@@ -1,124 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# The default implementation strategy for Irix is classic nspr.
-#
-ifeq ($(USE_PTHREADS),1)
- ifeq ($(USE_N32),1)
- IMPL_STRATEGY = _n32_PTH
- else
- IMPL_STRATEGY = _PTH
- endif
-endif
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
- CC = gcc
- AS = $(CC) -x assembler-with-cpp
- ODD_CFLAGS = -Wall -Wno-format
- ifdef BUILD_OPT
- OPTIMIZER = -O6
- endif
-else
- CC = cc
- CCC = CC
- ODD_CFLAGS = -fullwarn -xansi -woff 1209
- ifdef BUILD_OPT
- ifeq ($(USE_N32),1)
- OPTIMIZER = -O -OPT:Olimit=4000
- else
- OPTIMIZER = -O -Olimit 4000
- endif
- endif
-
- # For 6.x machines, include this flag
- ifeq (6., $(findstring 6., $(OS_RELEASE)))
- ifeq ($(USE_N32),1)
- ODD_CFLAGS += -n32 -mips3 -exceptions
- else
- ODD_CFLAGS += -32 -multigot
- endif
- else
- ODD_CFLAGS += -xgot
- endif
- ifeq ($(USE_N32),1)
- OS_CFLAGS += -dollar
- endif
-endif
-
-ODD_CFLAGS += -DSVR4 -DIRIX
-
-CPU_ARCH = mips
-
-RANLIB = /bin/true
-# For purify
-# NOTE: should always define _SGI_MP_SOURCE
-NOMD_OS_CFLAGS += $(ODD_CFLAGS) -D_SGI_MP_SOURCE
-
-OS_CFLAGS += $(NOMD_OS_CFLAGS)
-ifdef USE_MDUPDATE
- OS_CFLAGS += -MDupdate $(DEPENDENCIES)
-endif
-
-ifeq ($(USE_N32),1)
- SHLIB_LD_OPTS += -n32 -mips3
-endif
-
-MKSHLIB += $(LD) $(SHLIB_LD_OPTS) -shared -soname $(@:$(OBJDIR)/%.so=%.so)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-DSO_LDOPTS = -elf -shared -all
-
-ifdef DSO_BACKEND
- DSO_LDOPTS += -soname $(DSO_NAME)
-endif
-
-#
-# Revision notes:
-#
-# In the IRIX compilers prior to version 7.2, -n32 implied -mips3.
-# Beginning in the 7.2 compilers, -n32 implies -mips4 when the compiler
-# is running on a system with a mips4 CPU (e.g. R8K, R10K).
-# We want our code to explicitly be mips3 code, so we now explicitly
-# set -mips3 whenever we set -n32.
-#
diff --git a/security/coreconf/IRIX5.2.mk b/security/coreconf/IRIX5.2.mk
deleted file mode 100644
index fbb4a137b..000000000
--- a/security/coreconf/IRIX5.2.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 5.2
-#
-include $(CORE_DEPTH)/coreconf/IRIX5.mk
diff --git a/security/coreconf/IRIX5.3.mk b/security/coreconf/IRIX5.3.mk
deleted file mode 100644
index b7134592b..000000000
--- a/security/coreconf/IRIX5.3.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 5.3
-#
-include $(CORE_DEPTH)/coreconf/IRIX5.mk
-
-OS_CFLAGS += -DIRIX5_3
diff --git a/security/coreconf/IRIX5.mk b/security/coreconf/IRIX5.mk
deleted file mode 100644
index 56bfb0ea5..000000000
--- a/security/coreconf/IRIX5.mk
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 5
-#
-
-include $(CORE_DEPTH)/coreconf/IRIX.mk
-
-ifndef NS_USE_GCC
- ODD_CFLAGS += -xgot
-endif
diff --git a/security/coreconf/IRIX6.2.mk b/security/coreconf/IRIX6.2.mk
deleted file mode 100644
index e17a0c3b6..000000000
--- a/security/coreconf/IRIX6.2.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6.2
-#
-
-
-# catch unresolved symbols
-
-SHLIB_LD_OPTS += -no_unresolved
-
-include $(CORE_DEPTH)/coreconf/IRIX6.mk
-
-OS_CFLAGS += -DIRIX6_2
diff --git a/security/coreconf/IRIX6.3.mk b/security/coreconf/IRIX6.3.mk
deleted file mode 100644
index a684a1e11..000000000
--- a/security/coreconf/IRIX6.3.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6.3
-#
-
-# catch unresolved symbols
-
-SHLIB_LD_OPTS += -no_unresolved
-
-include $(CORE_DEPTH)/coreconf/IRIX6.mk
-
-OS_CFLAGS += -DIRIX6_3
diff --git a/security/coreconf/IRIX6.5.mk b/security/coreconf/IRIX6.5.mk
deleted file mode 100644
index 2341580b4..000000000
--- a/security/coreconf/IRIX6.5.mk
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6.5
-#
-
-# catch unresolved symbols
-
-SHLIB_LD_OPTS += -no_unresolved
-
-include $(CORE_DEPTH)/coreconf/IRIX6.mk
-
-OS_CFLAGS += -DIRIX6_5
-ifndef NS_USE_GCC
-OS_CFLAGS += -mips3
-endif
diff --git a/security/coreconf/IRIX6.mk b/security/coreconf/IRIX6.mk
deleted file mode 100644
index a401dc6f3..000000000
--- a/security/coreconf/IRIX6.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6
-#
-
-include $(CORE_DEPTH)/coreconf/IRIX.mk
-
-ifndef NS_USE_GCC
- ifneq ($(USE_N32),1)
- OS_CFLAGS += -32
- endif
- ODD_CFLAGS += -multigot
-endif
-
-ifeq ($(USE_PTHREADS),1)
-OS_LIBS += -lpthread
-endif
diff --git a/security/coreconf/Linux.mk b/security/coreconf/Linux.mk
deleted file mode 100644
index fcd4c1fc4..000000000
--- a/security/coreconf/Linux.mk
+++ /dev/null
@@ -1,150 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# The default implementation strategy for Linux is now pthreads
-#
-USE_PTHREADS = 1
-
-ifeq ($(USE_PTHREADS),1)
- IMPL_STRATEGY = _PTH
-endif
-
-CC = gcc
-CCC = g++
-RANLIB = ranlib
-
-DEFAULT_COMPILER = gcc
-
-ifeq ($(OS_TEST),m68k)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = m68k
-else
-ifeq ($(OS_TEST),ppc)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = ppc
-else
-ifeq ($(OS_TEST),alpha)
- OS_REL_CFLAGS = -D_ALPHA_ -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = alpha
-else
-ifeq ($(OS_TEST),ia64)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = ia64
-else
-ifeq ($(OS_TEST),sparc)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = sparc
-else
-ifeq ($(OS_TEST),sparc64)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = sparc
-else
-ifeq (,$(filter-out arm% sa110,$(OS_TEST)))
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = arm
-else
-ifeq ($(OS_TEST),parisc64)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = hppa
-else
-ifeq ($(OS_TEST),s390)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = s390
-else
-ifeq ($(OS_TEST),s390x)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = s390x
-else
-ifeq ($(OS_TEST),mips)
- OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE
- CPU_ARCH = mips
-else
- OS_REL_CFLAGS = -DLINUX1_2 -Di386 -D_XOPEN_SOURCE
- CPU_ARCH = x86
-endif
-endif
-endif
-endif
-endif
-endif
-endif
-endif
-endif
-endif
-endif
-
-
-LIBC_TAG = _glibc
-
-ifeq ($(OS_RELEASE),2.0)
- OS_REL_CFLAGS += -DLINUX2_0
- MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
- ifdef BUILD_OPT
- OPTIMIZER = -O2
- endif
- ifdef MAPFILE
- MKSHLIB += -Wl,--version-script,$(MAPFILE)
- endif
- PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
- sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-endif
-
-ifeq ($(USE_PTHREADS),1)
-OS_PTHREAD = -lpthread
-endif
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR
-OS_LIBS = -L/lib $(OS_PTHREAD) -ldl -lc
-
-ifdef USE_PTHREADS
- DEFINES += -D_REENTRANT
-endif
-
-ARCH = linux
-
-DSO_CFLAGS = -fPIC
-DSO_LDOPTS = -shared
-DSO_LDFLAGS =
-
-# INCLUDES += -I/usr/include -Y/usr/include/linux
-G++INCLUDES = -I/usr/include/g++
-
-#
-# Always set CPU_TAG on Linux, OpenVMS, WINCE.
-#
-CPU_TAG = _$(CPU_ARCH)
diff --git a/security/coreconf/Linux2.1.mk b/security/coreconf/Linux2.1.mk
deleted file mode 100644
index f7f7565ac..000000000
--- a/security/coreconf/Linux2.1.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.1 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-ifeq ($(OS_RELEASE),2.1)
- OS_REL_CFLAGS += -DLINUX2_1
- MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
- ifdef BUILD_OPT
- OPTIMIZER = -O2
- endif
- ifdef MAPFILE
- MKSHLIB += -Wl,--version-script,$(MAPFILE)
- endif
- PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
- sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-endif
-
diff --git a/security/coreconf/Linux2.2.mk b/security/coreconf/Linux2.2.mk
deleted file mode 100644
index 4bdddebfa..000000000
--- a/security/coreconf/Linux2.2.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.2 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-
-OS_REL_CFLAGS += -DLINUX2_1
-MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
- OPTIMIZER = -O2
-endif
-
-ifdef MAPFILE
- MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
- sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
diff --git a/security/coreconf/Linux2.4.mk b/security/coreconf/Linux2.4.mk
deleted file mode 100644
index b05d803a3..000000000
--- a/security/coreconf/Linux2.4.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.4 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-
-OS_REL_CFLAGS += -DLINUX2_1
-MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
- OPTIMIZER = -O2
-endif
-
-ifdef MAPFILE
- MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
- sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
diff --git a/security/coreconf/Linux2.5.mk b/security/coreconf/Linux2.5.mk
deleted file mode 100644
index c116b1da8..000000000
--- a/security/coreconf/Linux2.5.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.5 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-
-OS_REL_CFLAGS += -DLINUX2_1
-MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
- OPTIMIZER = -O2
-endif
-
-ifdef MAPFILE
- MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
- sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
diff --git a/security/coreconf/LinuxELF1.2.mk b/security/coreconf/LinuxELF1.2.mk
deleted file mode 100644
index 860787958..000000000
--- a/security/coreconf/LinuxELF1.2.mk
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 1.2 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
diff --git a/security/coreconf/LinuxELF2.0.mk b/security/coreconf/LinuxELF2.0.mk
deleted file mode 100644
index a85dfafa9..000000000
--- a/security/coreconf/LinuxELF2.0.mk
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.0 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
diff --git a/security/coreconf/Makefile b/security/coreconf/Makefile
deleted file mode 100644
index fc9f73af2..000000000
--- a/security/coreconf/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-DEPTH = ..
-CORE_DEPTH = ..
-
-MODULE = coreconf
-
-DIRS = nsinstall
-
-include $(DEPTH)/coreconf/config.mk
-include $(DEPTH)/coreconf/rules.mk
-
-export:: libs
diff --git a/security/coreconf/NCR3.0.mk b/security/coreconf/NCR3.0.mk
deleted file mode 100644
index f29890d73..000000000
--- a/security/coreconf/NCR3.0.mk
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for NCR SysVr4 v 3.0
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-###
-NS_USE_NATIVE = 1
-
-# NS_USE_GCC = 1
-
-export PATH:=$(PATH):/opt/ncc/bin
-###
-
-RANLIB = true
-GCC_FLAGS_EXTRA += -pipe
-
-DEFINES += -DSVR4 -DSYSV -DHAVE_STRERROR -DNCR
-
-OS_CFLAGS += -Hnocopyr -DSVR4 -DSYSV -DHAVE_STRERROR -DNCR -DPRFSTREAMS_BROKEN
-
-ifdef NS_USE_NATIVE
- CC = cc
- CCC = ncc
- CXX = ncc
-# OS_LIBS += -L/opt/ncc/lib
-else
-# OS_LIBS +=
-endif
-
-#OS_LIBS += -lsocket -lnsl -ldl -lc
-
-MKSHLIB += $(LD) $(DSO_LDOPTS)
-#DSO_LDOPTS += -G -z defs
-DSO_LDOPTS += -G
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-CPU_ARCH = x86
-ARCH = ncr
-
-NOSUCHFILE = /solaris-rm-f-sucks
-
-# now take care of default GCC (rus@5/5/97)
-
-ifdef NS_USE_GCC
- # if gcc-settings are redefined already - don't touch it
- #
- ifeq (,$(findstring gcc, $(CC)))
- CC = gcc
- CCC = g++
- CXX = g++
- # always use -fPIC - some makefiles are still broken and don't distinguish
- # situation when they build shared and static libraries
- CFLAGS += -fPIC -Wall $(GCC_FLAGS_EXTRA)
-# OS_LIBS += -L/usr/local/lib -lstdc++ -lg++ -lgcc
- endif
-endif
-###
diff --git a/security/coreconf/NEC4.2.mk b/security/coreconf/NEC4.2.mk
deleted file mode 100644
index 03d257415..000000000
--- a/security/coreconf/NEC4.2.mk
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for NEC Mips SYSV
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = $(CORE_DEPTH)/build/hcc
-
-CPU_ARCH = mips
-
-ifdef NS_USE_GCC
-CC = gcc
-CCC = g++
-else
-CC = $(CORE_DEPTH)/build/hcc
-OS_CFLAGS = -Xa -KGnum=0 -KOlimit=4000
-CCC = g++
-endif
-
-MKSHLIB = $(LD) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-RANLIB = /bin/true
-
-OS_CFLAGS += $(ODD_CFLAGS) -DSVR4 -D__SVR4 -DNEC -Dnec_ews -DHAVE_STRERROR
-OS_LIBS = -lsocket -lnsl -ldl $(LDOPTIONS)
-LDOPTIONS = -lc -L/usr/ucblib -lucb
-
-NOSUCHFILE = /nec-rm-f-sucks
-
-DSO_LDOPTS = -G
diff --git a/security/coreconf/NetBSD.mk b/security/coreconf/NetBSD.mk
deleted file mode 100644
index fd7bd2ddf..000000000
--- a/security/coreconf/NetBSD.mk
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for NetBSD
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = gcc
-CC = gcc
-CCC = g++
-RANLIB = ranlib
-
-CPU_ARCH := $(shell uname -p)
-ifeq ($(CPU_ARCH),i386)
-OS_REL_CFLAGS = -Di386
-CPU_ARCH = x86
-endif
-
-ifndef OBJECT_FMT
-OBJECT_FMT := $(shell if echo __ELF__ | $${CC:-cc} -E - | grep -q __ELF__ ; then echo a.out ; else echo ELF ; fi)
-endif
-
-ifeq ($(OBJECT_FMT),ELF)
-DLL_SUFFIX = so
-else
-DLL_SUFFIX = so.1.0
-endif
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DNETBSD -Dunix -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-OS_LIBS = -lcompat
-
-ARCH = netbsd
-
-DSO_CFLAGS = -fPIC -DPIC
-DSO_LDOPTS = -shared
-DSO_LDFLAGS =
-ifeq ($(OBJECT_FMT),ELF)
-DSO_LDOPTS += -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-endif
-
-ifdef LIBRUNPATH
-DSO_LDOPTS += -Wl,-R$(LIBRUNPATH)
-endif
-
-MKSHLIB = $(CC) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-
-G++INCLUDES = -I/usr/include/g++
-
-INCLUDES += -I/usr/X11R6/include
diff --git a/security/coreconf/OS2.mk b/security/coreconf/OS2.mk
deleted file mode 100644
index 562a81de5..000000000
--- a/security/coreconf/OS2.mk
+++ /dev/null
@@ -1,276 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-MOZ_WIDGET_TOOLKIT = os2
-
-# Specify toolset. Default to EMX.
-ifeq ($(MOZ_OS2_TOOLS),VACPP)
-XP_OS2_VACPP = 1
-else
-ifeq ($(MOZ_OS2_TOOLS),PGCC)
-XP_OS2_EMX = 1
-else
-MOZ_OS2_TOOLS = EMX
-XP_OS2_EMX = 1
-endif
-endif
-
-# XP_PC is for Window and OS2 on Intel X86
-# XP_OS2 is strictly for OS2 only
-XP_DEFINE += -DXP_PC=1 -DXP_OS2=1
-
-# Override prefix
-LIB_PREFIX = $(NULL)
-
-# Override suffix in suffix.mk
-LIB_SUFFIX = lib
-DLL_SUFFIX = dll
-PROG_SUFFIX = .exe
-
-
-ifdef XP_OS2_EMX
-
-CCC = gcc
-LINK = gcc
-AR = emxomfar -p256 r $@
-# Keep AR_FLAGS blank so that we do not have to change rules.mk
-AR_FLAGS =
-RANLIB = @echo OS2 RANLIB
-BSDECHO = @echo OS2 BSDECHO
-IMPLIB = emximp -o
-FILTER = emxexp -o
-
-# GCC for OS/2 currently predefines these, but we don't want them
-DEFINES += -Uunix -U__unix -U__unix__
-
-ifndef NO_SHARED_LIB
-WRAP_MALLOC_LIB =
-WRAP_MALLOC_CFLAGS =
-DSO_CFLAGS =
-DSO_PIC_CFLAGS =
-MKSHLIB = $(CXX) $(CXXFLAGS) $(DSO_LDOPTS) -o $@
-MKCSHLIB = $(CC) $(CFLAGS) $(DSO_LDOPTS) -o $@
-MKSHLIB_FORCE_ALL =
-MKSHLIB_UNFORCE_ALL =
-DSO_LDOPTS = -Zomf -Zdll -Zmt -Zcrtdll
-ifeq (,$(EMXOMFLD_LINKER)) # using LINK386.EXE
- DSO_LDOPTS += -Zlinker /NOO
-endif
-SHLIB_LDSTARTFILE =
-SHLIB_LDENDFILE =
-ifdef MAPFILE
-MKSHLIB += $(MAPFILE)
-endif
-PROCESS_MAP_FILE = \
- echo LIBRARY $(LIBRARY_NAME)$(LIBRARY_VERSION) INITINSTANCE TERMINSTANCE > $@; \
- echo PROTMODE >> $@; \
- echo CODE LOADONCALL MOVEABLE DISCARDABLE >> $@; \
- echo DATA PRELOAD MOVEABLE MULTIPLE NONSHARED >> $@; \
- echo EXPORTS >> $@; \
- grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' >> $@
-
-endif #NO_SHARED_LIB
-
-OS_CFLAGS = -Wall -W -Wno-unused -Wpointer-arith -Wcast-align -Zmtd -Zomf -Zmt -DDEBUG -DDEBUG_wintrinh -DTRACING -g
-
-# Where the libraries are
-MOZ_COMPONENT_NSPR_LIBS=-L$(DIST)/lib $(NSPR_LIBS)
-NSPR_LIBS = -lplds4 -lplc4 -lnspr4
-NSPR_INCLUDE_DIR =
-
-
-ifdef BUILD_OPT
-OPTIMIZER = -O2 -s
-DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
-DLLFLAGS = -DLL -OUT:$@ -MAP:$(@:.dll=.map)
-EXEFLAGS = -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-OBJDIR_TAG = _OPT
-else
-#OPTIMIZER = -O+ -Oi
-DEFINES += -DDEBUG -D_DEBUG -DDEBUGPRINTS #HCT Need += to avoid overidding manifest.mn
-DLLFLAGS = -DEBUG -DLL -OUT:$@ -MAP:$(@:.dll=.map)
-EXEFLAGS = -DEBUG -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-OBJDIR_TAG = _DBG
-LDFLAGS = -DEBUG
-endif # BUILD_OPT
-
-else # XP_OS2_VACPP
-
-# Override suffix in suffix.mk
-OBJ_SUFFIX = .obj
-ASM_SUFFIX = .asm
-
-AS = alp.exe
-ifdef BUILD_OPT
-ASFLAGS = -Od
-else
-ASFLAGS = +Od
-endif
-CCC = icc -q -DXP_OS2 -DOS2=4 -N10
-LINK = -ilink
-AR = -ilib /NOL /NOI /O:$(subst /,\\,$@)
-# Keep AR_FLAGS blank so that we do not have to change rules.mk
-AR_FLAGS =
-RANLIB = @echo OS2 RANLIB
-BSDECHO = @echo OS2 BSDECHO
-IMPLIB = implib /NOL /NOI
-FILTER = cppfilt -b -p -q
-
-ifndef NO_SHARED_LIB
-WRAP_MALLOC_LIB =
-WRAP_MALLOC_CFLAGS =
-DSO_CFLAGS =
-DSO_PIC_CFLAGS =
-MKSHLIB = $(LD) $(DSO_LDOPTS)
-MKCSHLIB = $(LD) $(DSO_LDOPTS)
-MKSHLIB_FORCE_ALL =
-MKSHLIB_UNFORCE_ALL =
-DSO_LDOPTS =
-# DLL_SUFFIX = .dll
-SHLIB_LDSTARTFILE =
-SHLIB_LDENDFILE =
-ifdef MAPFILE
-MKSHLIB += $(MAPFILE)
-endif
-PROCESS_MAP_FILE = \
- echo LIBRARY $(LIBRARY_NAME)$(LIBRARY_VERSION) INITINSTANCE TERMINSTANCE > $@; \
- echo PROTMODE >> $@; \
- echo CODE LOADONCALL MOVEABLE DISCARDABLE >> $@; \
- echo DATA PRELOAD MOVEABLE MULTIPLE NONSHARED >> $@; \
- echo EXPORTS >> $@; \
- grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' >> $@
-endif #NO_SHARED_LIB
-
-OS_CFLAGS = /Q /qlibansi /Gd /Gm /Su4 /Mp /Tl-
-INCLUDES += -I$(CORE_DEPTH)/../dist/include
-DEFINES += -DXP_OS2_VACPP -DTCPV40HDRS
-
-# Where the libraries are
-NSPR_LIBS = $(DIST)/lib/nspr4.lib $(DIST)/lib/plc4.lib $(DIST)/lib/plds4.lib
-MOZ_COMPONENT_NSPR_LIBS=-L$(DIST)/lib $(NSPR_LIBS)
-NSPR_INCLUDE_DIR =
-
-
-DLLFLAGS = /DLL /O:$@ /INC:_dllentry /MAP:$(@:.dll=.map)
-EXEFLAGS = -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-LDFLAGS = /FREE /NOE /LINENUMBERS /nologo
-
-ifdef BUILD_OPT
-OPTIMIZER = /O+ /Gl+ /G5 /qarch=pentium
-DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
-OBJDIR_TAG = _OPT
-LDFLAGS += /NODEBUG /OPTFUNC /EXEPACK:2 /PACKCODE /PACKDATA
-else
-OS_CFLAGS += /Ti+
-DEFINES += -DDEBUG -D_DEBUG -DDEBUGPRINTS #HCT Need += to avoid overidding manifest.mn
-DLLFLAGS += /DE
-EXEFLAGS += /DE
-OBJDIR_TAG = _DBG
-LDFLAGS += /DE
-endif # BUILD_OPT
-
-endif # XP_OS2_VACPP
-
-# OS/2 use nsinstall that is included in the toolkit.
-# since we do not wish to support and maintain 3 version of nsinstall in mozilla, nspr and nss
-
-ifdef BUILD_TREE
-NSINSTALL_DIR = $(BUILD_TREE)/nss
-else
-NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall
-endif
-# NSINSTALL = $(NSINSTALL_DIR)/$(OBJDIR_NAME)/nsinstall
-NSINSTALL = nsinstall # HCT4OS2
-INSTALL = $(NSINSTALL)
-
-MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend
-MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk
-
-####################################################################
-#
-# One can define the makefile variable NSDISTMODE to control
-# how files are published to the 'dist' directory. If not
-# defined, the default is "install using relative symbolic
-# links". The two possible values are "copy", which copies files
-# but preserves source mtime, and "absolute_symlink", which
-# installs using absolute symbolic links. The "absolute_symlink"
-# option requires NFSPWD.
-# - THIS IS NOT PART OF THE NEW BINARY RELEASE PLAN for 9/30/97
-# - WE'RE KEEPING IT ONLY FOR BACKWARDS COMPATIBILITY
-####################################################################
-
-ifeq ($(NSDISTMODE),copy)
- # copy files, but preserve source mtime
- INSTALL = $(NSINSTALL)
- INSTALL += -t
-else
- ifeq ($(NSDISTMODE),absolute_symlink)
- # install using absolute symbolic links
- INSTALL = $(NSINSTALL)
- INSTALL += -L `$(NFSPWD)`
- else
- # install using relative symbolic links
- INSTALL = $(NSINSTALL)
- INSTALL += -R
- endif
-endif
-
-DEFINES += -DXP_OS2
-
-define MAKE_OBJDIR
-if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi
-endef
-
-#
-# override the definition of DLL_PREFIX in prefix.mk
-#
-
-ifndef DLL_PREFIX
- DLL_PREFIX = $(NULL)
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
- TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
-
-
-ifdef LIBRARY_NAME
- IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).lib
-endif
-
diff --git a/security/coreconf/OSF1.mk b/security/coreconf/OSF1.mk
deleted file mode 100644
index 16ff9eccb..000000000
--- a/security/coreconf/OSF1.mk
+++ /dev/null
@@ -1,72 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1
-#
-
-#
-# The Bourne shell (sh) on OSF1 doesn't handle "set -e" correctly,
-# which we use to stop LOOP_OVER_DIRS submakes as soon as any
-# submake fails. So we use the Korn shell instead.
-#
-SHELL = /usr/bin/ksh
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CC = cc
-OS_CFLAGS += $(NON_LD_FLAGS) -std1
-CCC = cxx
-RANLIB = /bin/true
-CPU_ARCH = alpha
-
-ifdef BUILD_OPT
- OPTIMIZER += -Olimit 4000
-endif
-
-NON_LD_FLAGS += -ieee_with_inexact
-OS_CFLAGS += -DOSF1 -D_REENTRANT
-
-ifeq ($(USE_PTHREADS),1)
- OS_CFLAGS += -pthread
-endif
-
-# The command to build a shared library on OSF1.
-MKSHLIB += ld -shared -expect_unresolved "*" -soname $(notdir $@)
-ifdef MAPFILE
-MKSHLIB += -hidden -input $(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,-exported_symbol ,' > $@
-
-DSO_LDOPTS += -shared
diff --git a/security/coreconf/OSF1V2.0.mk b/security/coreconf/OSF1V2.0.mk
deleted file mode 100644
index de7dab643..000000000
--- a/security/coreconf/OSF1V2.0.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V2.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OSF1V3.0.mk b/security/coreconf/OSF1V3.0.mk
deleted file mode 100644
index 623b2f971..000000000
--- a/security/coreconf/OSF1V3.0.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V3.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OSF1V3.2.mk b/security/coreconf/OSF1V3.2.mk
deleted file mode 100644
index 9d584b37b..000000000
--- a/security/coreconf/OSF1V3.2.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V3.2, classic nspr is the default (and only) implementation
-# strategy.
-#
-
-#
-# Config stuff for DEC OSF/1 V3.2
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
-
-ifeq ($(OS_RELEASE),V3.2)
- OS_CFLAGS += -DOSF1V3
-endif
diff --git a/security/coreconf/OSF1V4.0.mk b/security/coreconf/OSF1V4.0.mk
deleted file mode 100644
index 164a6613a..000000000
--- a/security/coreconf/OSF1V4.0.mk
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V4.0, pthreads is the default implementation strategy.
-# Classic nspr is also available.
-#
-ifneq ($(OS_RELEASE),V3.2)
- USE_PTHREADS = 1
- ifeq ($(CLASSIC_NSPR), 1)
- USE_PTHREADS =
- IMPL_STRATEGY := _CLASSIC
- endif
-endif
-
-#
-# Config stuff for DEC OSF/1 V4.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
-
-ifeq ($(OS_RELEASE),V4.0)
- OS_CFLAGS += -DOSF1V4
-endif
diff --git a/security/coreconf/OSF1V4.0B.mk b/security/coreconf/OSF1V4.0B.mk
deleted file mode 100644
index 73f357d17..000000000
--- a/security/coreconf/OSF1V4.0B.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V4.0B
-#
-include $(CORE_DEPTH)/coreconf/OSF1V4.0.mk
diff --git a/security/coreconf/OSF1V4.0D.mk b/security/coreconf/OSF1V4.0D.mk
deleted file mode 100644
index 515c76d5f..000000000
--- a/security/coreconf/OSF1V4.0D.mk
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V4.0D
-#
-include $(CORE_DEPTH)/coreconf/OSF1V4.0.mk
-DEFINES += -DOSF1V4D
-
-OS_LIBS += -lpthread -lrt
-
diff --git a/security/coreconf/OSF1V5.0.mk b/security/coreconf/OSF1V5.0.mk
deleted file mode 100644
index 176ca0845..000000000
--- a/security/coreconf/OSF1V5.0.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V5.0, pthreads is the default implementation strategy.
-# Classic nspr is also available.
-#
-ifneq ($(OS_RELEASE),V3.2)
- USE_PTHREADS = 1
- ifeq ($(CLASSIC_NSPR), 1)
- USE_PTHREADS =
- IMPL_STRATEGY := _CLASSIC
- endif
-endif
-
-#
-# Config stuff for DEC OSF/1 V5.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OSF1V5.1.mk b/security/coreconf/OSF1V5.1.mk
deleted file mode 100644
index b08ed99fd..000000000
--- a/security/coreconf/OSF1V5.1.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2001 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V5.1, pthreads is the default implementation strategy.
-# Classic nspr is also available.
-#
-ifneq ($(OS_RELEASE),V3.2)
- USE_PTHREADS = 1
- ifeq ($(CLASSIC_NSPR), 1)
- USE_PTHREADS =
- IMPL_STRATEGY := _CLASSIC
- endif
-endif
-
-#
-# Config stuff for DEC OSF/1 V5.1
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OpenBSD.mk b/security/coreconf/OpenBSD.mk
deleted file mode 100644
index 14fa73489..000000000
--- a/security/coreconf/OpenBSD.mk
+++ /dev/null
@@ -1,62 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for OpenBSD
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = gcc
-CC = gcc
-CCC = g++
-RANLIB = ranlib
-
-CPU_ARCH := $(shell uname -p)
-ifeq ($(CPU_ARCH),i386)
-OS_REL_CFLAGS = -Di386
-CPU_ARCH = x86
-endif
-
-DLL_SUFFIX = so.1.0
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DOPENBSD
-
-OS_LIBS =
-
-ARCH = openbsd
-
-DSO_CFLAGS = -fPIC -DPIC
-DSO_LDOPTS = -shared -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-DSO_LDFLAGS =
-
-MKSHLIB = $(CC) $(DSO_LDOPTS)
-
diff --git a/security/coreconf/OpenUNIX.mk b/security/coreconf/OpenUNIX.mk
deleted file mode 100644
index 22d953df3..000000000
--- a/security/coreconf/OpenUNIX.mk
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Open UNIX 8.
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = gcc
-
-CC = gcc
-OS_CFLAGS += -fPIC
-CCC = g++
-CCC += -DPRFSTREAMS_BROKEN -I/usr/gnu/lib/g++-include
-# CCC = $(CORE_DEPTH)/build/hcpp
-# CCC += +.cpp +w
-RANLIB = /bin/true
-
-#
-# -DSCO_PM - Policy Manager AKA: SCO Licensing
-# -DSCO - Changes to Netscape source (consistent with AIX, LINUX, etc..)
-# -Dsco - Needed for /usr/include/X11/*
-#
-OS_CFLAGS += -DSCO_SV -DSYSV -D_SVID3 -DHAVE_STRERROR -DSW_THREADS -DSCO_PM -DSCO -Dsco
-#OS_LIBS += -lpmapi -lsocket -lc
-MKSHLIB = $(LD)
-MKSHLIB += $(DSO_LDOPTS)
-XINC = /usr/include/X11
-MOTIFLIB += -lXm
-INCLUDES += -I$(XINC)
-CPU_ARCH = x86
-GFX_ARCH = x
-ARCH = sco
-LOCALE_MAP = $(CORE_DEPTH)/cmd/xfe/intl/sco.lm
-EN_LOCALE = C
-DE_LOCALE = de_DE.ISO8859-1
-FR_LOCALE = fr_FR.ISO8859-1
-JP_LOCALE = ja
-SJIS_LOCALE = ja_JP.SJIS
-KR_LOCALE = ko_KR.EUC
-CN_LOCALE = zh
-TW_LOCALE = zh
-I2_LOCALE = i2
-LOC_LIB_DIR = /usr/lib/X11
-NOSUCHFILE = /solaris-rm-f-sucks
-BSDECHO = /bin/echo
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-#
-# These defines are for building unix plugins
-#
-BUILD_UNIX_PLUGINS = 1
-#DSO_LDOPTS += -b elf -G -z defs
-DSO_LDOPTS += -G
-DSO_LDFLAGS += -nostdlib -L/lib -L/usr/lib -lXm -lXt -lX11 -lgen
-
-# Used for Java compiler
-EXPORT_FLAGS += -W l,-Bexport
diff --git a/security/coreconf/OpenVMS.mk b/security/coreconf/OpenVMS.mk
deleted file mode 100755
index 192a164c3..000000000
--- a/security/coreconf/OpenVMS.mk
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public License
-# Version 1.1 (the "NPL"); you may not use this file except in
-# compliance with the NPL. You may obtain a copy of the NPL at
-# http://www.mozilla.org/NPL/
-#
-# Software distributed under the NPL is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
-# for the specific language governing rights and limitations under the
-# NPL.
-#
-# The Initial Developer of this code under the NPL is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All Rights
-# Reserved.
-#
-
-#
-# Config stuff for Compaq OpenVMS
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-CC = cc
-CCC = cxx
-
-RANLIB = /gnu/bin/true
-
-CPU_ARCH := $(shell uname -Wh)
-
-OS_CFLAGS = -DVMS
-OS_CXXFLAGS = -DVMS
-
-# Maybe this should go into rules.mk or something?
-ifdef NSPR_INCLUDE_DIR
-INCLUDES += -I$(NSPR_INCLUDE_DIR)
-endif
-
-#
-# XCFLAGS are the only CFLAGS that are used during a link operation. Defining
-# OPTIMIZER in XCFLAGS means that each compilation line gets OPTIMIZER
-# included twice, but at least we get OPTIMIZER included in the link
-# operations; and OpenVMS needs it!
-#
-XCFLAGS += $(OPTIMIZER)
-
-DSO_LDOPTS = -shared -auto_symvec
-MKSHLIB = $(CC) $(OPTIMIZER) $(LDFLAGS) $(DSO_LDOPTS)
-
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-
-#
-# Always set CPU_TAG on Linux, OpenVMS, WINCE.
-#
-CPU_TAG = _$(CPU_ARCH)
diff --git a/security/coreconf/OpenVMSV7.1-2.mk b/security/coreconf/OpenVMSV7.1-2.mk
deleted file mode 100755
index eb7d67a3f..000000000
--- a/security/coreconf/OpenVMSV7.1-2.mk
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public License
-# Version 1.1 (the "NPL"); you may not use this file except in
-# compliance with the NPL. You may obtain a copy of the NPL at
-# http://www.mozilla.org/NPL/
-#
-# Software distributed under the NPL is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
-# for the specific language governing rights and limitations under the
-# NPL.
-#
-# The Initial Developer of this code under the NPL is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All Rights
-# Reserved.
-#
-
-#
-# Config stuff for Compaq OpenVMS
-#
-
-include $(CORE_DEPTH)/coreconf/OpenVMS.mk
diff --git a/security/coreconf/QNX.mk b/security/coreconf/QNX.mk
deleted file mode 100644
index 5475a422b..000000000
--- a/security/coreconf/QNX.mk
+++ /dev/null
@@ -1,70 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2001 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for QNX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-USE_PTHREADS = 1
-
-ifeq ($(USE_PTHREADS),1)
- IMPL_STRATEGY = _PTH
-endif
-
-CC = qcc
-CCC = qcc
-RANLIB = ranlib
-
-DEFAULT_COMPILER = qcc
-ifeq ($(OS_TEST),mips)
- CPU_ARCH = mips
-else
- CPU_ARCH = x86
-endif
-
-MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
- OPTIMIZER = -O2
-endif
-
-OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Vgcc_ntox86 -Wall -pipe -DNTO -DHAVE_STRERROR -D_QNX_SOURCE -D_POSIX_C_SOURCE=199506 -D_XOPEN_SOURCE=500
-
-ifdef USE_PTHREADS
- DEFINES += -D_REENTRANT
-endif
-
-ARCH = QNX
-
-DSO_CFLAGS = -Wc,-fPIC
-DSO_LDOPTS = -shared
-DSO_LDFLAGS =
diff --git a/security/coreconf/README b/security/coreconf/README
deleted file mode 100644
index 100a38501..000000000
--- a/security/coreconf/README
+++ /dev/null
@@ -1,560 +0,0 @@
-OVERVIEW of "ns/coreconf":
-
- This README file is an attempt to provide the reader with a simple
- synopsis of the "ns/coreconf" build system which was originally
- fundamentally designed and built to accomodate Netscape's binary
- release model. Wherever possible, an attempt has been made to
- comply with the NSPR 2.0 build system, including mimicing the
- compiler/linker flags, and directory naming structure. The reader
- should keep in mind that the system builds binary releases of
- header files, class files, libraries, and executables on numerous
- flavors of UNIX and Windows operating systems. Unfortunately,
- no serious attempt has ever been made to incorporate an ability to
- generate cross-platform binaries on an Apple MacIntosh platform.
-
- Note that this file will not attempt to redefine or document the
- architecture of this system. However, documents on this subject
- are available at the following URL:
-
- http://warp/hardcore/prj-ttools/specs/release/index.html
-
-
-
-DEPENDENCIES of "ns/coreconf":
-
- The "ns/coreconf" build system requires the specified versions of
- the following platform-dependent tools:
-
- UNIX Platforms:
- --------------
- gmake (version 3.74 or later)
- perl 4.0 (NOTE: perl 5.003 or later recommended)
- uname
-
- Windows Platforms:
- -----------------
- gmake 3.74 (must use hacked Netscape version)
- shmsdos.exe (contained in Netscape gmake.exe)
- nsinstall.exe (contained in Netscape gmake.exe)
- perl.exe (version 4.0 for everything except testing;
- NOTE: MKS toolkit perl 5.002 is broken)
- perl5.exe (for testing;
- NOTE: perl 5.003 or later recommended;
- MKS toolkit perl 5.002 is broken)
- uname.exe (use nstools version)
-
-ENHANCEMENTS to "ns/coreconf":
-
- With the advent of Certificate Server 4.0 using the ns/coreconf
- build system, several changes had to be made to enhance
- ns/coreconf support for building Java/JNI classes/programs, as
- well as libraries slated to be released as binaries. While the
- following may not represent an exhaustive list of these changes,
- it does attempt to be at least somewhat comprehensive:
-
- (1) During the course of these enhancements, a total of
- four files have been modified, and four new files have
- been added.
-
- The following files have been modified:
-
- - command.mk: removed old definition of JAR
-
- - config.mk: added include statement of new
- "jdk.mk" file
-
- - ruleset.mk: allowed the $(MKPROG) variable to be
- overridden by supplying it with a
- default value of $(CC); augmented
- numerous definitions to enhance
- ability of ns/coreconf to produce
- a more robust set of libraries;
- added some JNI definitions; PACKAGE
- definition may be overridden by new
- "jdk.mk" file
-
- - rules.mk: separated the compile phase of a
- program from the link phase of a
- program such that a developer can
- now strictly override program linkage
- by simply supplying a $(MKPROG)
- variable; augmented NETLIBDEPTH
- to use CORE_DEPTH but retain backward
- compatibility; added JNI section;
- modified .PRECIOUS rule;
-
- The following files have been added:
-
- - README: this file; an ASCII-based text
- document used to summarize the
- ns/coreconf build system and
- suitable (paginated) for printing
-
- - jdk.mk: a file comprising most (if not all)
- of the default Java related build
- information; the definitions in this
- file are only included if NS_USE_JDK
- has been defined
-
- - jniregen.pl: a perl script used to create a
- dependency for when JNI files should
- be regenerated (based upon any change
- to the ".class" file from which the
- ".h" file was originally generated)
-
- - outofdate.pl: a perl script used to create a
- dependency for when ".class" files
- should be regenerated (based upon
- any change to the ".java" file
- from which the ".class" file was
- originally generated)
-
- (2) As stated above, the ns/coreconf build system now separates
- the link phase of a program from its compilation phase.
- While ns/coreconf still works exactly as it used to because
- the $(MKPROG) variable is assigned $(CC) by default, a developer
- may now override this behavior by simply supplying their
- own unique value for $(MKPROG) on every platform. This allows
- a program compiled with $(CC) to link with external libraries
- that may contain "C++" linkage. Before this change, a
- programmer would need to reference their own local copy of
- rules.mk (see the ns/sectools/cmd/pk12util program for
- an example of how this used to be accomplished).
-
- (3) Currently, the ns/coreconf build system differs from the
- NSPR 2.0 build system which utilizes an "_s" to denote
- static libraries from import libraries. In fact, the
- ns/coreconf build system adds no prefixes or suffixes to
- distinguish one version of static libraries from another.
- Note that both the ns/coreconf build system as well as the
- NSPR 2.0 build system do nothing to provide a method of
- distinguishing 16-bit from 32-bit static libraries on the
- same machine, either, since:
-
- a) this might only provide difficulty during
- development, since static libraries always
- need to be embedded within a program
- (note this is highly unlikely, since libraries
- for different platforms are subdivided via
- a well-known subdirectory structure, and
- a developer may use multiple trees for
- development),
-
- b) this maintains backwards compatibility,
- something very important since no legacy
- programs will need to change their link phase, and
-
- c) Netscape as a company has dropped any plans
- of future development of 16-bit products.
-
- (4) Since several members of the Hardcore Security group did
- not favor NSPR 2.0's solution of adding an "_s" to static
- libraries on Windows platforms as a method to distinguish
- them from their import library cousins, a different solution
- was proposed and has been recently implemented for ns/coreconf:
-
- - a 16 has been added as a suffix to both dynamic and
- import libraries built on 16-bit Windows platforms
-
- - a 32 has been added as a suffix to both dynamic and
- import libraries built on 32-bit Windows platforms
-
- Since, the HCL release process currently only contains a
- single instance of building a dynamic library,
- ns/security/lib/fortcrypt/fort12.dll, the impact of this
- change should be relatively small.
-
- It should be noted that although this would additionally
- limit the 8.3 namespace on 16-bit platforms, it is highly
- unlikely that any future development will be performed on
- this platform.
-
- (5) The $(LIBRARY_VERSION) tag has been added to all non-static
- libraries created on UNIX operating systems to alleviate
- any future confusion for binary releases which utilize this
- tag. Again, it should be noted that this tag is only
- utilized on non-static libraries, since more than one
- version of the library may need to exist simultaneously
- if multiple products are utilized.
-
- Currently, only one HCL released library utilizes this tag:
-
- ns/security/lib/fortcrypt/fort12.a
- (e. g. - in this library, the tag has been set to '12')
-
- Again, it should be noted that although this would
- additionally limit the 8.3 namespace on 16-bit platforms,
- it is highly unlikely that any future development will be
- performed on this platform.
-
- (6) The $(JDK_DEBUG_SUFFIX) extension has been added to all
- library and program names to support debug versions of
- Java programs (e. g. - java_g, javac_g, etc).
-
- Once again, it should be noted that although this would
- additionally limit the 8.3 namespace on 16-bit platforms,
- it is highly unlikely that any future Java development
- will be performed on this platform.
-
- (7) Most (if not all) default definitions for java have been
- encapsulated within their own file, jdk.mk, which is
- always included by default in ns/coreconf/config.mk.
- However, the definitions within this file are only ever
- activated if NS_USE_JDK has been set to be 1.
-
-
- (8) Two perl scripts (jniregen.pl and outofdate.pl) have been
- added to the system to foster a more robust development
- environment for composing Java and JNI programs
- utilizing the ns/coreconf build system. Both of these
- perl scripts are related to resolving dependencies which
- can not be accomplished through normal makefile dependencies.
-
- (9) This file, README, was created in an attempt to allow
- developers who have familiarity with ns/coreconf a simple
- roadmap for what has changed, as well as a top-level view of
- what comprises ns/coreconf. This file was written in
- ASCII (rather than HTML) primarily to promote simple
- paginated printing.
-
-OVERVIEW of "config.mk":
-
- This file contains the configuration information necessary to
- build each "Core Components" source module:
-
- include file name Purpose
- =================== =======================================
- arch.mk source and release <architecture> tags
-
- command.mk default command macros
- (NOTE: may be overridden in $(OS_CONFIG).mk)
-
- $(OS_CONFIG).mk <architecture>-specific macros
- (dependent upon <architecture> tags)
-
- tree.mk release <tree> tags
- (dependent upon <architecture> tags)
-
- module.mk source and release <component> tags
- (NOTE: A component is also called a module
- or a subsystem. This file is dependent upon
- $(MODULE) being defined on the command
- line, as an environment variable, or in
- individual makefiles, or more
- appropriately, manifest.mn)
-
- version.mk release <version> tags
- (dependent upon $(MODULE) being defined on
- the command line, as an environment variable,
- or in individual makefiles, or more
- appropriately, manifest.mn)
-
- location.mk macros to figure out binary code location
- (dependent upon <platform> tags)
-
- source.mk <component>-specific source path
- (dependent upon <user_source_tree>,
- <source_component>, <version>, and
- <platform> tags)
-
- headers.mk include switch for support header files
- (dependent upon <tree>, <component>, <version>,
- and <platform> tags)
-
- prefix.mk compute program prefixes
-
- suffix.mk compute program suffixes
- (dependent upon <architecture> tags)
-
- jdk.mk define JDK
- (dependent upon <architecture>,
- <source>, and <suffix> tags)
-
- ruleset.mk Master "Core Components" rule set
- (should always be the last file
- included by config.mk)
-
-
-
-OVERVIEW of "rules.mk":
-
- The "rules.mk" file consists of four sections. The first section
- contains the "master" build rules for all binary releases. While
- this section can (and should) largely be thought of as "language"
- independent, it does utilize the "perl" scripting language to
- perform both the "import" and "release" of binary modules.
-
- The rules which dwell in this section and their purpose:
-
-
- CATEGORY/rule:: Purpose
- =================== =======================================
-
- GENERAL
- -------
- all:: "default" all-encompassing rule which
- performs "export libs program install"
-
- export:: recursively copy specified
- cross-platform header files to the
- $(SOURCE_XPHEADERS_DIR) directory;
- recursively copy specified
- machine-dependent header files to the
- $(SOURCE_MDHEADERS_DIR) directory;
- although all rules can be written to
- repetively "chain" into other sections,
- this rule is the most commonly used
- rule to "chain" into other sections
- such as Java providing a simple
- mechanism which allows no need for
- developers to memorize specialized
- rules
-
- libs:: recursively build
- static (archival) $(LIBRARY), shared
- (dynamic link) $(SHARED_LIBRARY),
- and/or import $(IMPORT_LIBRARY)
- libraries
-
- program:: recursively build $(PROGRAM)
- executable
-
- install:: recursively copy all libraries to
- $(SOURCE_LIB_DIR) directory;
- recursively copy all executables to
- $(SOURCE_BIN_DIR) directory
-
- clean:: remove all files specified in the
- $(ALL_TRASH) variable
-
- clobber:: synonym for "clean::" rule
-
- realclean:: remove all files specified by
- $(wildcard *.OBJ), dist, and in
- the $(ALL_TRASH) variable
-
- clobber_all:: synonym for "realclean::" rule
-
- private_export:: recursively copy specified
- cross-platform header files to the
- $(SOURCE_XPPRIVATE_DIR) directory
-
-
- IMPORT
- ------
- import:: uses perl script to retrieve specified
- VERSION of the binary release from
- $(RELEASE_TREE)
-
- RELEASE
- -------
- release_clean:: remove all files from the
- $(SOURCE_RELEASE_PREFIX) directory
-
- release:: place specified VERSION of the
- binary release in the appropriate
- $(RELEASE_TREE) directory
-
- release_export:: recursively copy specified
- cross-platform header files to the
- $(SOURCE_XPHEADERS_DIR)/include
- directory
-
- release_md:: recursively copy all libraries to
- $(SOURCE_RELEASE_PREFIX)/
- $(SOURCE_RELEASE_LIB_DIR) directory;
- recursively copy all executables to
- $(SOURCE_RELEASE_PREFIX)/
- $(SOURCE_RELEASE_BIN_DIR) directory
-
- release_jars:: use perl script to package appropriate
- files in the $(XPCLASS_JAR),
- $(XPHEADER_JAR), $(MDHEADER_JAR), and
- $(MDBINARY_JAR) jar files
-
- release_cpdistdir:: use perl script to copy the
- $(XPCLASS_JAR), $(XPHEADER_JAR),
- $(MDHEADER_JAR), and $(MDBINARY_JAR)
- jar files to the specified VERSION
- of the $(RELEASE_TREE) directory
-
-
-
- TOOLS and AUTOMATION
- --------------------
- platform:: tool used to display the platform name
- as composed within the "arch.mk" file
-
- autobuild:: automation rule used by "Bonsai" and
- "Tinderbox" to automatically generate
- binary releases on various platforms
-
- tests:: automation tool used to run the
- "regress" and "reporter" tools
- on various regression test suites
-
- The second section of "rules.mk" primarily contains several
- "language" dependent build rules for binary releases. These are
- generally "computed" rules (created on the "fly"), and include
- rules used by "C", "C++", assembly, the preprocessor, perl, and
- the shell.
-
- The rules which dwell in this section and their purpose:
-
-
- CATEGORY/rule:: Purpose
- =================== =============================
-
- LIBRARIES
- ---------
- $(LIBRARY): build the static library
- specified by the $(LIBRARY)
- variable
-
- $(IMPORT_LIBRARY): build the import library
- specified by the
- $(IMPORT_LIBRARY) variable
-
- $(SHARED_LIBRARY): build the shared
- (dynamic link) library
- specified by the
- $(SHARED_LIBRARY) variable
-
-
- PROGRAMS
- --------
- $(PROGRAM): build the binary executable
- specified by the $(PROGRAM)
- rule
-
- $(OBJDIR)/
- $(PROG_PREFIX)%.pure: build the "purified" binary
- executable specified by this
- rule
-
-
- OBJECTS
- -------
- $(OBJDIR)/
- $(PROG_PREFIX)%$(OBJ_SUFFIX): build the object file
- associated with the
- makefile rule dependency:
-
- %.c = C file
- %.cpp = C++ file
- %.cc = C++ file
- %.s = assembly file
- %.S = assembly file
-
- $(OBJDIR)/
- $(PROG_PREFIX)%: (NOTE: deprecated rule)
- build the object file
- associated with the
- makefile rule dependency:
-
- %.cpp = C++ file
-
- MISCELLANEOUS
- -------------
- $(DIRS):: specifies a helper method
- used by $(LOOP_THROUGH_DIRS)
- to recursively change
- directories and invoke
- $(MAKE)
-
- %.i: build the preprocessor file
- associated with the
- makefile rule dependency:
-
- %.c = C file
- %.cpp = C++ file
-
- %: process the specified file
- using the method associated
- with the makefile rule
- dependency:
-
- %.pl = perl script
- %.sh = shell script
-
- alltags: tool used to recursively
- create a "ctags"-style
- file for reference
-
- The third section of "rules.mk' primarily contains several JAVA
- "language" build rules for binary releases. These are also
- generally "computed" rules (created on the "fly").
-
- The rules which dwell in this section and their purpose:
-
-
- CATEGORY/rule:: Purpose
- =================== =============================
- $(JAVA_DESTPATH):: create directory specified
- as the Java destination path
- for where classes are
- deposited
-
- $(JAVA_DESTPATH)/$(PACKAGE):: create directories specified
- within the $(PACKAGE)
- variable
-
- $(JMCSRCDIR):: create directory specified
- as the JMC destination path
-
- $(JRI_HEADER_CFILES): used to generate/regenerate
- JRI header files for "C"
-
- $(JRI_STUB_CFILES): used to generate/regenerate
- JRI stub files for "C"
-
- $(JNI_HEADERS): used to generate/regenerate
- JNI header files for "C"
-
- The fourth section of "rules.mk" primarily contains miscellaneous
- build rules for binary releases. Many of these rules are here to
- create new subdirectories, manage dependencies, and/or override
- standard gmake "Makefile" rules.
-
- The rules which dwell in this section and their purpose:
-
-
- CATEGORY/rule:: Purpose
- =================== =============================
-
- $(PUBLIC_EXPORT_DIR):: create directory used to
- house public "C" header files
-
- $(PRIVATE_EXPORT_DIR):: create directory used to
- house private "C" header
- files
-
- $(SOURCE_XP_DIR)/
- release/include:: create directory used to
- house "C" header files
- contained in a release
-
- $(MKDEPENDENCIES):: for UNIX systems, create
- a directory used to house
- dependencies and utilize
- the $(MKDEPEND) rule to
- create them
-
- $(MKDEPEND):: cd to the dependency
- directory and create them
-
- depend:: if $(OBJS) exist, perform the
- $(MKDEPEND) rule followed by
- the $(MKDEPENDENCIES) rule
-
- dependclean:: remove all files contained
- in the dependency repository
-
- .DEFAULT: standard gmake rule
-
- .SUFFIXES: standard gmake rule
-
- .PRECIOUS: standard gmake rule
-
- .PHONY: standard gmake rule
-
diff --git a/security/coreconf/ReliantUNIX.mk b/security/coreconf/ReliantUNIX.mk
deleted file mode 100644
index a3c79ce82..000000000
--- a/security/coreconf/ReliantUNIX.mk
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for ReliantUNIX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
- ## gcc-2.7.2 homebrewn
- CC = gcc
- CCC = g++
- AS = $(CC)
- ASFLAGS += -x assembler-with-cpp
- LD = gld
- ODD_CFLAGS = -pipe -Wall -Wno-format
- ifdef BUILD_OPT
- OPTIMIZER += -O6
- endif
- MKSHLIB = $(LD)
- MKSHLIB += -G -h $(@:$(OBJDIR)/%.so=%.so)
- DSO_LDOPTS += -G -Xlinker -Blargedynsym
-else
- ## native compiler (CDS++ 1.0)
-# CC = /usr/bin/cc
- CC = cc
- CCC = /usr/bin/CC
- AS = /usr/bin/cc
- ODD_CFLAGS =
- ifdef BUILD_OPT
- OPTIMIZER += -O -F Olimit,4000
- endif
- MKSHLIB = $(CC)
- MKSHLIB += -G -h $(@:$(OBJDIR)/%.so=%.so)
- DSO_LDOPTS += -G -W l,-Blargedynsym
-endif
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-NOSUCHFILE = /sni-rm-f-sucks
-ODD_CFLAGS += -DSVR4 -DSNI -DRELIANTUNIX
-CPU_ARCH = mips
-RANLIB = /bin/true
-
-# For purify
-NOMD_OS_CFLAGS += $(ODD_CFLAGS)
-
-# we do not have -MDupdate ...
-OS_CFLAGS += $(NOMD_OS_CFLAGS)
-OS_LIBS += -lsocket -lnsl -lresolv -lgen -ldl -lc /usr/ucblib/libucb.a
-
-ifdef DSO_BACKEND
- DSO_LDOPTS += -h $(DSO_NAME)
-endif
diff --git a/security/coreconf/ReliantUNIX5.4.mk b/security/coreconf/ReliantUNIX5.4.mk
deleted file mode 100644
index a5bca60a3..000000000
--- a/security/coreconf/ReliantUNIX5.4.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for ReliantUNIX5.4
-#
-include $(CORE_DEPTH)/coreconf/ReliantUNIX.mk
diff --git a/security/coreconf/SCOOS5.0.mk b/security/coreconf/SCOOS5.0.mk
deleted file mode 100644
index b3370a1fd..000000000
--- a/security/coreconf/SCOOS5.0.mk
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SCO OpenServer 5.0 for x86.
-#
-
-include $(CORE_DEPTH)/coreconf/SCO_SV3.2.mk
diff --git a/security/coreconf/SCO_SV3.2.mk b/security/coreconf/SCO_SV3.2.mk
deleted file mode 100644
index 4683783ee..000000000
--- a/security/coreconf/SCO_SV3.2.mk
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SCO Unix for x86.
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CC = cc
-OS_CFLAGS += -b elf -KPIC
-CCC = g++
-CCC += -b elf -DPRFSTREAMS_BROKEN -I/usr/local/lib/g++-include
-# CCC = $(CORE_DEPTH)/build/hcpp
-# CCC += +.cpp +w
-RANLIB = /bin/true
-
-#
-# -DSCO_PM - Policy Manager AKA: SCO Licensing
-# -DSCO - Changes to Netscape source (consistent with AIX, LINUX, etc..)
-# -Dsco - Needed for /usr/include/X11/*
-#
-OS_CFLAGS += -DSCO_SV -DSYSV -D_SVID3 -DHAVE_STRERROR -DSW_THREADS -DSCO_PM -DSCO -Dsco
-#OS_LIBS += -lpmapi -lsocket -lc
-MKSHLIB = $(LD)
-MKSHLIB += $(DSO_LDOPTS)
-XINC = /usr/include/X11
-MOTIFLIB += -lXm
-INCLUDES += -I$(XINC)
-CPU_ARCH = x86
-GFX_ARCH = x
-ARCH = sco
-LOCALE_MAP = $(CORE_DEPTH)/cmd/xfe/intl/sco.lm
-EN_LOCALE = C
-DE_LOCALE = de_DE.ISO8859-1
-FR_LOCALE = fr_FR.ISO8859-1
-JP_LOCALE = ja
-SJIS_LOCALE = ja_JP.SJIS
-KR_LOCALE = ko_KR.EUC
-CN_LOCALE = zh
-TW_LOCALE = zh
-I2_LOCALE = i2
-LOC_LIB_DIR = /usr/lib/X11
-NOSUCHFILE = /solaris-rm-f-sucks
-BSDECHO = /bin/echo
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-#
-# These defines are for building unix plugins
-#
-BUILD_UNIX_PLUGINS = 1
-#DSO_LDOPTS += -b elf -G -z defs
-DSO_LDOPTS += -b elf -G
-DSO_LDFLAGS += -nostdlib -L/lib -L/usr/lib -lXm -lXt -lX11 -lgen
-
-# Used for Java compiler
-EXPORT_FLAGS += -W l,-Bexport
diff --git a/security/coreconf/SunOS4.1.3_U1.mk b/security/coreconf/SunOS4.1.3_U1.mk
deleted file mode 100644
index 1bea16fc3..000000000
--- a/security/coreconf/SunOS4.1.3_U1.mk
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS4.1
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include -I/home/motif/usr/include
-
-# SunOS 4 _requires_ that shared libs have a version number.
-# XXX FIXME: Version number should use NSPR_VERSION_NUMBER?
-DLL_SUFFIX = so.1.0
-CC = gcc
-RANLIB = ranlib
-CPU_ARCH = sparc
-
-# Purify doesn't like -MDupdate
-NOMD_OS_CFLAGS += -Wall -Wno-format -DSUNOS4
-OS_CFLAGS += $(DSO_CFLAGS) $(NOMD_OS_CFLAGS) -MDupdate $(DEPENDENCIES)
-MKSHLIB = $(LD)
-MKSHLIB += $(DSO_LDOPTS)
-NOSUCHFILE = /solaris-rm-f-sucks
-DSO_LDOPTS =
-
-# -fPIC generates position-independent code for use in a shared library.
-DSO_CFLAGS += -fPIC
diff --git a/security/coreconf/SunOS5.10.mk b/security/coreconf/SunOS5.10.mk
deleted file mode 100644
index afa7ed030..000000000
--- a/security/coreconf/SunOS5.10.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.10
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.10)
- OS_DEFINES += -DSOLARIS2_10
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.10_i86pc.mk b/security/coreconf/SunOS5.10_i86pc.mk
deleted file mode 100755
index 9205e6448..000000000
--- a/security/coreconf/SunOS5.10_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 10 on x86
-#
-
-SOL_CFLAGS = -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH = x86
-ARCHFLAG =
-OS_DEFINES += -Di386
-
-ifeq ($(OS_RELEASE),5.10_i86pc)
- OS_DEFINES += -DSOLARIS2_10
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.3.mk b/security/coreconf/SunOS5.3.mk
deleted file mode 100644
index e103d9f57..000000000
--- a/security/coreconf/SunOS5.3.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.3
-#
-
-SOL_CFLAGS =
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
diff --git a/security/coreconf/SunOS5.4.mk b/security/coreconf/SunOS5.4.mk
deleted file mode 100644
index fe24c33e0..000000000
--- a/security/coreconf/SunOS5.4.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.4
-#
-
-SOL_CFLAGS =
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
diff --git a/security/coreconf/SunOS5.4_i86pc.mk b/security/coreconf/SunOS5.4_i86pc.mk
deleted file mode 100644
index 35dfdb86a..000000000
--- a/security/coreconf/SunOS5.4_i86pc.mk
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 2.4 on x86
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
- CC = gcc
- OS_CFLAGS += -Wall -Wno-format
- CCC = g++
- CCC += -Wall -Wno-format
- ASFLAGS += -x assembler-with-cpp
- OS_CFLAGS += $(NOMD_OS_CFLAGS)
- ifdef USE_MDUPDATE
- OS_CFLAGS += -MDupdate $(DEPENDENCIES)
- endif
-else
- CC = cc
- CCC = CC
- ASFLAGS += -Wa,-P
- OS_CFLAGS += $(NOMD_OS_CFLAGS)
-endif
-
-CPU_ARCH = x86
-
-MKSHLIB = $(LD)
-MKSHLIB += $(DSO_LDOPTS)
-NOSUCHFILE = /solx86-rm-f-sucks
-RANLIB = echo
-
-# for purify
-NOMD_OS_CFLAGS += -DSVR4 -DSYSV -D_REENTRANT -DSOLARIS -D__svr4__ -Di386
-
-DSO_LDOPTS += -G
diff --git a/security/coreconf/SunOS5.5.1.mk b/security/coreconf/SunOS5.5.1.mk
deleted file mode 100644
index f85932b59..000000000
--- a/security/coreconf/SunOS5.5.1.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.5.1
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.5.1)
- OS_DEFINES += -DSOLARIS2_5
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.5.1_i86pc.mk b/security/coreconf/SunOS5.5.1_i86pc.mk
deleted file mode 100644
index a8a111dde..000000000
--- a/security/coreconf/SunOS5.5.1_i86pc.mk
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 2.5.1 on x86
-#
-
-SOL_CFLAGS = -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH = x86
-ARCHFLAG =
-OS_DEFINES += -Di386
-
-ifeq ($(OS_RELEASE),5.5.1_i86pc)
- OS_DEFINES += -DSOLARIS2_5
-endif
diff --git a/security/coreconf/SunOS5.5.mk b/security/coreconf/SunOS5.5.mk
deleted file mode 100644
index e83356f15..000000000
--- a/security/coreconf/SunOS5.5.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.5
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.5)
- OS_DEFINES += -DSOLARIS2_5
-endif
diff --git a/security/coreconf/SunOS5.6.mk b/security/coreconf/SunOS5.6.mk
deleted file mode 100644
index 774d2b7a6..000000000
--- a/security/coreconf/SunOS5.6.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.6
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.6)
- OS_DEFINES += -DSOLARIS2_6
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.6_i86pc.mk b/security/coreconf/SunOS5.6_i86pc.mk
deleted file mode 100644
index 763c6810f..000000000
--- a/security/coreconf/SunOS5.6_i86pc.mk
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 2.6 on x86
-#
-
-SOL_CFLAGS = -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH = x86
-ARCHFLAG =
-OS_DEFINES += -Di386
-
-ifeq ($(OS_RELEASE),5.6_i86pc)
- OS_DEFINES += -DSOLARIS2_6
-endif
diff --git a/security/coreconf/SunOS5.7.mk b/security/coreconf/SunOS5.7.mk
deleted file mode 100644
index dd676e2a9..000000000
--- a/security/coreconf/SunOS5.7.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.7
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.7)
- OS_DEFINES += -DSOLARIS2_7
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.7_i86pc.mk b/security/coreconf/SunOS5.7_i86pc.mk
deleted file mode 100644
index 6ece4defb..000000000
--- a/security/coreconf/SunOS5.7_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 7 on x86
-#
-
-SOL_CFLAGS = -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH = x86
-ARCHFLAG =
-OS_DEFINES += -Di386
-
-ifeq ($(OS_RELEASE),5.7_i86pc)
- OS_DEFINES += -DSOLARIS2_7
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.8.mk b/security/coreconf/SunOS5.8.mk
deleted file mode 100644
index 95fc01090..000000000
--- a/security/coreconf/SunOS5.8.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.8
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.8)
- OS_DEFINES += -DSOLARIS2_8
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.8_i86pc.mk b/security/coreconf/SunOS5.8_i86pc.mk
deleted file mode 100644
index 58b66b503..000000000
--- a/security/coreconf/SunOS5.8_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 8 on x86
-#
-
-SOL_CFLAGS = -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH = x86
-ARCHFLAG =
-OS_DEFINES += -Di386
-
-ifeq ($(OS_RELEASE),5.8_i86pc)
- OS_DEFINES += -DSOLARIS2_8
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.9.mk b/security/coreconf/SunOS5.9.mk
deleted file mode 100755
index 63a1a003b..000000000
--- a/security/coreconf/SunOS5.9.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.9
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.9)
- OS_DEFINES += -DSOLARIS2_9
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.9_i86pc.mk b/security/coreconf/SunOS5.9_i86pc.mk
deleted file mode 100755
index 8ad8d0ba5..000000000
--- a/security/coreconf/SunOS5.9_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 9 on x86
-#
-
-SOL_CFLAGS = -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH = x86
-ARCHFLAG =
-OS_DEFINES += -Di386
-
-ifeq ($(OS_RELEASE),5.9_i86pc)
- OS_DEFINES += -DSOLARIS2_9
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.mk b/security/coreconf/SunOS5.mk
deleted file mode 100644
index 5adcbf6ca..000000000
--- a/security/coreconf/SunOS5.mk
+++ /dev/null
@@ -1,177 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.x
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# Temporary define for the Client; to be removed when binary release is used
-#
-ifdef MOZILLA_CLIENT
- LOCAL_THREADS_ONLY = 1
- ifndef NS_USE_NATIVE
- NS_USE_GCC = 1
- endif
-endif
-
-# Sun's WorkShop defines v8, v8plus and v9 architectures.
-# gcc on Solaris defines v8 and v9 "cpus".
-# gcc's v9 is equivalent to Workshop's v8plus.
-# gcc apparently has no equivalent to Workshop's v9
-# We always use Sun's assembler and linker, which use Sun's naming convention.
-
-ifeq ($(USE_64), 1)
- ifdef NS_USE_GCC
- ARCHFLAG= UNKNOWN
- else
- ARCHFLAG=-xarch=v9
- endif
-else
- ifdef NS_USE_GCC
- ifdef USE_HYBRID
- ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plus
- else
- ARCHFLAG=-mcpu=v8
- endif
- else
- ifdef USE_HYBRID
- ARCHFLAG=-xarch=v8plus
- else
- ARCHFLAG=-xarch=v8
- endif
- endif
-endif
-
-#
-# The default implementation strategy for Solaris is classic nspr.
-#
-ifeq ($(USE_PTHREADS),1)
- IMPL_STRATEGY = _PTH
-else
- ifeq ($(LOCAL_THREADS_ONLY),1)
- IMPL_STRATEGY = _LOCAL
- endif
-endif
-
-#
-# Temporary define for the Client; to be removed when binary release is used
-#
-ifdef MOZILLA_CLIENT
- IMPL_STRATEGY =
-endif
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
- CC = gcc
- OS_CFLAGS += -Wall -Wno-format
- CCC = g++
- CCC += -Wall -Wno-format
- ASFLAGS += -x assembler-with-cpp
- OS_CFLAGS += $(NOMD_OS_CFLAGS)
- ifdef USE_MDUPDATE
- OS_CFLAGS += -MDupdate $(DEPENDENCIES)
- endif
- OS_CFLAGS += $(ARCHFLAG)
-else
- CC = cc
- CCC = CC
- ASFLAGS += -Wa,-P
- OS_CFLAGS += $(NOMD_OS_CFLAGS) $(ARCHFLAG)
- ifndef BUILD_OPT
- OS_CFLAGS += -xs
- else
- OPTIMIZER = -xO3
- endif
-
-endif
-
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include
-
-RANLIB = echo
-CPU_ARCH = sparc
-OS_DEFINES += -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS
-
-ifneq ($(LOCAL_THREADS_ONLY),1)
- OS_DEFINES += -D_REENTRANT
-endif
-
-# Purify doesn't like -MDupdate
-NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS)
-
-MKSHLIB = $(CC) $(DSO_LDOPTS)
-ifdef NS_USE_GCC
-ifeq (GNU,$(findstring GNU,$(shell `$(CC) -print-prog-name=ld` -v 2>&1)))
- GCC_USE_GNU_LD = 1
-endif
-endif
-ifdef MAPFILE
-ifdef NS_USE_GCC
-ifdef GCC_USE_GNU_LD
- MKSHLIB += -Wl,--version-script,$(MAPFILE)
-else
- MKSHLIB += -Wl,-M,$(MAPFILE)
-endif
-else
- MKSHLIB += -M $(MAPFILE)
-endif
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
- sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
-
-
-
-# ld options:
-# -G: produce a shared object
-# -z defs: no unresolved symbols allowed
-ifdef NS_USE_GCC
- DSO_LDOPTS += -shared -h $(notdir $@)
-else
-ifeq ($(USE_64), 1)
- DSO_LDOPTS += -xarch=v9
-endif
- DSO_LDOPTS += -G -h $(notdir $@)
-endif
-
-# -KPIC generates position independent code for use in shared libraries.
-# (Similarly for -fPIC in case of gcc.)
-ifdef NS_USE_GCC
- DSO_CFLAGS += -fPIC
-else
- DSO_CFLAGS += -KPIC
-endif
-
-NOSUCHFILE = /solaris-rm-f-sucks
-
diff --git a/security/coreconf/UNIX.mk b/security/coreconf/UNIX.mk
deleted file mode 100644
index b47bb8ac4..000000000
--- a/security/coreconf/UNIX.mk
+++ /dev/null
@@ -1,92 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-XP_DEFINE += -DXP_UNIX
-LIB_SUFFIX = a
-DLL_SUFFIX = so
-AR = ar
-AR += cr $@
-LDOPTS += -L$(SOURCE_LIB_DIR)
-
-ifdef BUILD_OPT
- OPTIMIZER += -O
- DEFINES += -UDEBUG -DNDEBUG
-else
- OPTIMIZER += -g
- DEFINES += -DDEBUG -UNDEBUG -DDEBUG_$(shell whoami)
-endif
-
-ifdef BUILD_TREE
-NSINSTALL_DIR = $(BUILD_TREE)/nss
-NSINSTALL = $(BUILD_TREE)/nss/nsinstall
-else
-NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall
-NSINSTALL = $(NSINSTALL_DIR)/$(OBJDIR_NAME)/nsinstall
-endif
-
-MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend
-MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk
-
-####################################################################
-#
-# One can define the makefile variable NSDISTMODE to control
-# how files are published to the 'dist' directory. If not
-# defined, the default is "install using relative symbolic
-# links". The two possible values are "copy", which copies files
-# but preserves source mtime, and "absolute_symlink", which
-# installs using absolute symbolic links. The "absolute_symlink"
-# option requires NFSPWD.
-# - THIS IS NOT PART OF THE NEW BINARY RELEASE PLAN for 9/30/97
-# - WE'RE KEEPING IT ONLY FOR BACKWARDS COMPATIBILITY
-####################################################################
-
-ifeq ($(NSDISTMODE),copy)
- # copy files, but preserve source mtime
- INSTALL = $(NSINSTALL)
- INSTALL += -t
-else
- ifeq ($(NSDISTMODE),absolute_symlink)
- # install using absolute symbolic links
- INSTALL = $(NSINSTALL)
- INSTALL += -L `$(NFSPWD)`
- else
- # install using relative symbolic links
- INSTALL = $(NSINSTALL)
- INSTALL += -R
- endif
-endif
-
-define MAKE_OBJDIR
-if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi
-endef
diff --git a/security/coreconf/UNIXWARE2.1.mk b/security/coreconf/UNIXWARE2.1.mk
deleted file mode 100644
index da6e2e895..000000000
--- a/security/coreconf/UNIXWARE2.1.mk
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for SCO Unixware 2.1
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = $(CORE_DEPTH)/build/hcc
-
-CC = $(CORE_DEPTH)/build/hcc
-CCC = $(CORE_DEPTH)/build/hcpp
-RANLIB = true
-OS_CFLAGS = -KPIC -DSVR4 -DSYSV -DUNIXWARE
-MKSHLIB = $(LD)
-MKSHLIB += $(DSO_LDOPTS)
-DSO_LDOPTS += -G
-CPU_ARCH = x86
-ARCH = sco
-NOSUCHFILE = /solaris-rm-f-sucks
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
diff --git a/security/coreconf/WIN16.mk b/security/coreconf/WIN16.mk
deleted file mode 100644
index 00121150c..000000000
--- a/security/coreconf/WIN16.mk
+++ /dev/null
@@ -1,209 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# win16_3.11.mk -- Make configuration for Win16
-#
-# This file configures gmake to build the Win16 variant of
-# NSPR 2.0. This file has the function of two files commonly
-# used on other platforms, for example: winnt.mk and
-# winnt4.0.mk. ... The packaging is easier and there is only
-# one variant of the Win16 target.
-#
-# Win16 is built using the Watcom C/C++ version 11.0
-# compiler. You gotta set up the compiler first.
-# The Watcom compiler depends on a few environment
-# variables; these environment variables define where the
-# compiler components are installed; they must be set before
-# running the make.
-#
-# Notes:
-# OS_CFLAGS is the command line options for the compiler when
-# building the .DLL object files.
-# OS_EXE_CFLAGS is the command line options for the compiler
-# when building the .EXE object files; this is for the test
-# programs.
-# the macro OS_CFLAGS is set to OS_EXE_CFLAGS inside of the
-# makefile for the pr/tests directory. ... Hack.
-#
-#
-#
-#
-
-# -- configuration -----------------------------------------
-
-DEFAULT_COMPILER = wcc
-
-CC = wcc
-CCC = wcl
-LINK = wlink
-AR = wlib
-AR += -q $@
-RC = wrc.exe
-RC += /r /dWIN16=1 /bt=windows
-RANLIB = echo
-BSDECHO = echo
-NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall
-NSINSTALL = nsinstall
-INSTALL = $(NSINSTALL)
-MAKE_OBJDIR = mkdir
-MAKE_OBJDIR += $(OBJDIR)
-XP_DEFINE += -DXP_PC
-LIB_SUFFIX = lib
-DLL_SUFFIX = dll
-
-ifdef BUILD_OPT
- OPTIMIZER = -oneatx -oh -oi -ei -3 -fpi87 -fp3
-else
- OPTIMIZER += -d2 -hc -DDEBUG
-# OPTIMIZER += -d2 -hw -DDEBUG
-# LDFLAGS += -DEBUG -DEBUGTYPE:CV
-endif
-
-#
-# $(CPU_ARCH) has been commented out so that its contents
-# are not added to the WIN16_?.OBJ names thus expanding
-# them beyond the 8.3 character limit for this platform.
-#
-#CPU_ARCH = x386
-#
-# added "-s" to avoid dependency on watcom's libs (e.g. on _STK)
-# added "-zt3" for compatibility with MSVC's "/Gt3" option
-#
-OS_CFLAGS += -ml -3 -bd -zc -zu -bt=windows -s -zt3 -d_X86_ -dWIN16 -d_WINDLL
-#OS_EXE_CFLAGS += -ml -3 -bt=windows -d_X86_ -dWIN16
-OS_LIB_FLAGS = -c -iro
-
-# Name of the binary code directories
-OS_DLL_OPTION = CASEEXACT
-OS_DLLFLAGS =
-OS_LIBS =
-W16_EXPORTS = #
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = copy $(LIBRARY_NAME).def $@
-
-
-#
-# The following is NOT needed for the NSPR 2.0 library.
-#
-
-OS_CFLAGS += -d_WINDOWS -d_MSC_VER=700
-
-#
-# override the definitions of RELEASE_TREE found in tree.mk
-#
-ifndef RELEASE_TREE
- ifdef BUILD_SHIP
- ifdef USE_SHIPS
- RELEASE_TREE = $(NTBUILD_SHIP)
- else
- RELEASE_TREE = //redbuild/components
- endif
- else
- RELEASE_TREE = //redbuild/components
- endif
-endif
-
-#
-# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk
-#
-ifndef LIB_PREFIX
- LIB_PREFIX = $(NULL)
-endif
-
-ifndef DLL_PREFIX
- DLL_PREFIX = $(NULL)
-endif
-
-#
-# override the definitions of various _SUFFIX symbols in suffix.mk
-#
-
-#
-# Object suffixes
-#
-ifndef OBJ_SUFFIX
- OBJ_SUFFIX = .obj
-endif
-
-#
-# Assembler source suffixes
-#
-ifndef ASM_SUFFIX
- ASM_SUFFIX = .asm
-endif
-
-#
-# Library suffixes
-#
-ifndef IMPORT_LIB_SUFFIX
- IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
- DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes
-#
-ifndef PROG_SUFFIX
- PROG_SUFFIX = .exe
-endif
-
-#
-# When the processor is NOT 386-based on Windows NT, override the
-# value of $(CPU_TAG). For WinNT, 95, 16, not CE.
-#
-ifneq ($(CPU_ARCH),x386)
- CPU_TAG = _$(CPU_ARCH)
-endif
-
-#
-# override ruleset.mk, removing the "lib" prefix for library names, and
-# adding the "32" after the LIBRARY_VERSION.
-#
-ifdef LIBRARY_NAME
- SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
- IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
- TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
diff --git a/security/coreconf/WIN32.mk b/security/coreconf/WIN32.mk
deleted file mode 100644
index 9487e12f5..000000000
--- a/security/coreconf/WIN32.mk
+++ /dev/null
@@ -1,276 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Configuration common to all versions of Windows NT
-# and Windows 95
-#
-
-DEFAULT_COMPILER = cl
-
-ifdef NS_USE_GCC
- CC = gcc
- CCC = g++
- LINK = ld
- AR = ar
- AR += cr $@
- RANLIB = ranlib
- BSDECHO = echo
- RC = windres.exe -O coff
- LINK_DLL = $(CC) $(OS_DLLFLAGS) $(DLLFLAGS)
-else
- CC = cl
- CCC = cl
- LINK = link
- AR = lib
- AR += -NOLOGO -OUT:"$@"
- RANLIB = echo
- BSDECHO = echo
- RC = rc.exe
-endif
-
-ifdef BUILD_TREE
-NSINSTALL_DIR = $(BUILD_TREE)/nss
-else
-NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall
-endif
-NSINSTALL = nsinstall
-
-MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend.exe
-# Note: MKDEPENDENCIES __MUST__ be a relative pathname, not absolute.
-# If it is absolute, gmake will crash unless the named file exists.
-MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk
-
-INSTALL = $(NSINSTALL)
-MAKE_OBJDIR = mkdir
-MAKE_OBJDIR += $(OBJDIR)
-GARBAGE += $(OBJDIR)/vc20.pdb $(OBJDIR)/vc40.pdb
-XP_DEFINE += -DXP_PC
-ifdef NS_USE_GCC
-LIB_SUFFIX = a
-else
-LIB_SUFFIX = lib
-endif
-DLL_SUFFIX = dll
-
-ifdef NS_USE_GCC
- OS_CFLAGS += -mno-cygwin -mms-bitfields
- _GEN_IMPORT_LIB=-Wl,--out-implib,$(IMPORT_LIBRARY)
- DLLFLAGS += -mno-cygwin -o $@ -shared -Wl,--export-all-symbols $(if $(IMPORT_LIBRARY),$(_GEN_IMPORT_LIB))
- ifdef BUILD_OPT
- OPTIMIZER += -O2
- DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
- #
- # Add symbolic information for a profiler
- #
- ifdef MOZ_PROFILE
- OPTIMIZER += -g
- endif
- else
- OPTIMIZER += -g
- NULLSTRING :=
- SPACE := $(NULLSTRING) # end of the line
- USERNAME := $(subst $(SPACE),_,$(USERNAME))
- USERNAME := $(subst -,_,$(USERNAME))
- DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
- endif
-else # !NS_USE_GCC
- ifdef BUILD_OPT
- OS_CFLAGS += -MD
- OPTIMIZER += -O2
- DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
- DLLFLAGS += -OUT:"$@"
- #
- # Add symbolic information for a profiler
- #
- ifdef MOZ_PROFILE
- OPTIMIZER += -Z7
- DLLFLAGS += -DEBUG -DEBUGTYPE:CV
- endif
- else
- #
- # Define USE_DEBUG_RTL if you want to use the debug runtime library
- # (RTL) in the debug build
- #
- ifdef USE_DEBUG_RTL
- OS_CFLAGS += -MDd
- else
- OS_CFLAGS += -MD
- endif
- OPTIMIZER += -Od -Z7
- #OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
- NULLSTRING :=
- SPACE := $(NULLSTRING) # end of the line
- USERNAME := $(subst $(SPACE),_,$(USERNAME))
- USERNAME := $(subst -,_,$(USERNAME))
- DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
- DLLFLAGS += -DEBUG -DEBUGTYPE:CV -OUT:"$@"
- LDFLAGS += -DEBUG -DEBUGTYPE:CV -PDB:NONE
- endif
-endif # NS_USE_GCC
-
-DEFINES += -DWIN32
-ifdef MAPFILE
-ifndef NS_USE_GCC
-DLLFLAGS += -DEF:$(MAPFILE)
-endif
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-
-#
-# The following is NOT needed for the NSPR 2.0 library.
-#
-
-DEFINES += -D_WINDOWS
-
-# override default, which is ASFLAGS = CFLAGS
-ifdef NS_USE_GCC
- AS = $(CC)
- ASFLAGS = $(INCLUDES)
-else
- AS = ml.exe
- ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES)
-endif
-
-#
-# override the definitions of RELEASE_TREE found in tree.mk
-#
-ifndef RELEASE_TREE
- ifdef BUILD_SHIP
- ifdef USE_SHIPS
- RELEASE_TREE = $(NTBUILD_SHIP)
- else
- RELEASE_TREE = //redbuild/components
- endif
- else
- RELEASE_TREE = //redbuild/components
- endif
-endif
-
-#
-# override the definitions of IMPORT_LIB_PREFIX, LIB_PREFIX, and
-# DLL_PREFIX in prefix.mk
-#
-
-ifndef IMPORT_LIB_PREFIX
- ifdef NS_USE_GCC
- IMPORT_LIB_PREFIX = lib
- else
- IMPORT_LIB_PREFIX = $(NULL)
- endif
-endif
-
-ifndef LIB_PREFIX
- ifdef NS_USE_GCC
- LIB_PREFIX = lib
- else
- LIB_PREFIX = $(NULL)
- endif
-endif
-
-ifndef DLL_PREFIX
- DLL_PREFIX = $(NULL)
-endif
-
-#
-# override the definitions of various _SUFFIX symbols in suffix.mk
-#
-
-#
-# Object suffixes
-#
-ifndef OBJ_SUFFIX
- ifdef NS_USE_GCC
- OBJ_SUFFIX = .o
- else
- OBJ_SUFFIX = .obj
- endif
-endif
-
-#
-# Assembler source suffixes
-#
-ifndef ASM_SUFFIX
- ifdef NS_USE_GCC
- ASM_SUFFIX = .s
- else
- ASM_SUFFIX = .asm
- endif
-endif
-
-#
-# Library suffixes
-#
-
-ifndef IMPORT_LIB_SUFFIX
- IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
- DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes
-#
-ifndef PROG_SUFFIX
- PROG_SUFFIX = .exe
-endif
-
-#
-# When the processor is NOT 386-based on Windows NT, override the
-# value of $(CPU_TAG). For WinNT, 95, 16, not CE.
-#
-ifneq ($(CPU_ARCH),x386)
- CPU_TAG = _$(CPU_ARCH)
-endif
-
-#
-# override ruleset.mk, removing the "lib" prefix for library names, and
-# adding the "32" after the LIBRARY_VERSION.
-#
-ifdef LIBRARY_NAME
- SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
- IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
- TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
-
diff --git a/security/coreconf/WIN954.0.mk b/security/coreconf/WIN954.0.mk
deleted file mode 100644
index e710f6e2e..000000000
--- a/security/coreconf/WIN954.0.mk
+++ /dev/null
@@ -1,63 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WIN95
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
-ifndef NS_USE_GCC
- OS_CFLAGS += -W3 -nologo
-endif
- DEFINES += -D_X86_
-else
- ifeq ($(CPU_ARCH), MIPS)
- #OS_CFLAGS += -W3 -nologo
- #DEFINES += -D_MIPS_
- OS_CFLAGS += -W3 -nologo
- else
- ifeq ($(CPU_ARCH), ALPHA)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_ALPHA_=1
- endif
- endif
-endif
-
-ifndef NS_USE_GCC
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-endif
-DEFINES += -DWIN95
diff --git a/security/coreconf/WINCE.mk b/security/coreconf/WINCE.mk
deleted file mode 100644
index 035e3c884..000000000
--- a/security/coreconf/WINCE.mk
+++ /dev/null
@@ -1,207 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Configuration common to all versions of Windows CE and Pocket PC x.
-#
-
-ifeq ($(CPU_ARCH),x86)
- DEFAULT_COMPILER = cl
- CC = cl
- CCC = cl
-else
-ifeq ($(CPU_ARCH),ARM)
- DEFAULT_COMPILER = clarm
- CC = clarm
- CCC = clarm
-else
-include CPU_ARCH_is_not_recognized
-include _$(CPU_ARCH)
-endif
-endif
-
-LINK = link
-AR = lib
-AR += -NOLOGO -OUT:"$@"
-RANLIB = echo
-BSDECHO = echo
-
-ifdef BUILD_TREE
-NSINSTALL_DIR = $(BUILD_TREE)/nss
-else
-NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall
-endif
-NSINSTALL = nsinstall
-
-MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend.exe
-# Note: MKDEPENDENCIES __MUST__ be a relative pathname, not absolute.
-# If it is absolute, gmake will crash unless the named file exists.
-MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk
-
-INSTALL = $(NSINSTALL)
-MAKE_OBJDIR = mkdir
-MAKE_OBJDIR += $(OBJDIR)
-RC = rc.exe
-GARBAGE += $(OBJDIR)/vc20.pdb $(OBJDIR)/vc40.pdb
-XP_DEFINE += -DXP_PC
-LIB_SUFFIX = lib
-DLL_SUFFIX = dll
-
-ifdef BUILD_OPT
-# OS_CFLAGS += -MD
- OPTIMIZER += -O2
- DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
- DLLFLAGS += -OUT:"$@"
-else
- #
- # Define USE_DEBUG_RTL if you want to use the debug runtime library
- # (RTL) in the debug build
- #
- ifdef USE_DEBUG_RTL
-# OS_CFLAGS += -MDd
- else
-# OS_CFLAGS += -MD
- endif
- OPTIMIZER += -Od -Z7
- #OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
- DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
- DLLFLAGS += -DEBUG -DEBUGTYPE:CV -OUT:"$@"
- LDFLAGS += -DEBUG -DEBUGTYPE:CV
-endif
-
-# DEFINES += -DWIN32
-
-ifdef MAPFILE
- DLLFLAGS += -DEF:$(MAPFILE)
-endif
-
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-#
-# The following is NOT needed for the NSPR 2.0 library.
-#
-
-DEFINES += -D_WINDOWS
-
-# override default, which is ASFLAGS = CFLAGS
-AS = ml.exe
-ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES)
-
-#
-# override the definitions of RELEASE_TREE found in tree.mk
-#
-ifndef RELEASE_TREE
- ifdef BUILD_SHIP
- ifdef USE_SHIPS
- RELEASE_TREE = $(NTBUILD_SHIP)
- else
- RELEASE_TREE = //redbuild/components
- endif
- else
- RELEASE_TREE = //redbuild/components
- endif
-endif
-
-#
-# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk
-#
-
-ifndef LIB_PREFIX
- LIB_PREFIX = $(NULL)
-endif
-
-ifndef DLL_PREFIX
- DLL_PREFIX = $(NULL)
-endif
-
-#
-# override the definitions of various _SUFFIX symbols in suffix.mk
-#
-
-#
-# Object suffixes
-#
-ifndef OBJ_SUFFIX
- OBJ_SUFFIX = .obj
-endif
-
-#
-# Assembler source suffixes
-#
-ifndef ASM_SUFFIX
- ASM_SUFFIX = .asm
-endif
-
-#
-# Library suffixes
-#
-
-ifndef IMPORT_LIB_SUFFIX
- IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
- DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes
-#
-ifndef PROG_SUFFIX
- PROG_SUFFIX = .exe
-endif
-
-#
-# override ruleset.mk, removing the "lib" prefix for library names, and
-# adding the "32" after the LIBRARY_VERSION.
-#
-ifdef LIBRARY_NAME
- SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
- IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
- TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
-
-
-#
-# Always set CPU_TAG on Linux, OpenVMS, WINCE.
-#
-CPU_TAG = _$(CPU_ARCH)
-
diff --git a/security/coreconf/WINCE3.0.mk b/security/coreconf/WINCE3.0.mk
deleted file mode 100644
index ddf7a4c7b..000000000
--- a/security/coreconf/WINCE3.0.mk
+++ /dev/null
@@ -1,99 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINCE 3.0 (MS Pocket PC 2002)
-#
-# CPU_ARCH must already be defined to one of:
-# x86, ARM
-#
-# This makefile defines the following variables:
-# OS_CFLAGS, and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WINCE.mk
-
-CEVersion = 300
-CePlatform = WIN32_PLATFORM_PSPC=310
-
-ifeq ($(CPU_ARCH), x86)
- DEFINES += -D_X86_ -D_i386_ -Di_386_ -Dx86
- OS_CFLAGS += -Gs8192 -GF
- OS_DLLFLAGS += -machine:IX86
-else
-ifeq ($(CPU_ARCH), ARM)
- DEFINES += -DARM -D_ARM_
- OS_DLLFLAGS += -machine:ARM
-else
- include CPU_ARCH_is_undefined
-endif
-endif
-
-DEFINES += -D_WIN32_WCE=300 -DUNDER_CE=300
-DEFINES += -DWIN32_PLATFORM_PSPC=310
-DEFINES += -DUNICODE -D_UNICODE
-OS_CFLAGS += -W3 -nologo
-
-OS_DLLFLAGS += -DLL
-
-LINKFLAGS = -nologo -PDB:NONE -subsystem:windowsce,3.00 \
- -nodefaultlib:libc.lib \
- -nodefaultlib:libcd.lib \
- -nodefaultlib:libcmt.lib \
- -nodefaultlib:libcmtd.lib \
- -nodefaultlib:msvcrt.lib \
- -nodefaultlib:msvcrtd.lib \
- -nodefaultlib:oldnames.lib \
- $(NULL)
-
-LINK += $(LINKFLAGS)
-LDFLAGS += $(LINKFLAGS)
-
-OS_LIBS= coredll.lib corelibc.lib
-
-#DLLBASE = -base:"0x00100000" -stack:0x10000,0x1000 -entry:"_DllMainCRTStartup"
-DLLBASE += -align:"4096"
-
-#SUB_SHLOBJS =
-#EXTRA_LIBS =
-#EXTRA_SHARED_LIBS =
-#OS_LIBS=
-#LD_LIBS=
-
-#
-# Win NT needs -GT so that fibers can work
-#
-#OS_CFLAGS += -GT
-#DEFINES += -DWINNT
-
-# WINNT uses the lib prefix, Win95 and WinCE don't
-#NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/WINNT3.51.mk b/security/coreconf/WINNT3.51.mk
deleted file mode 100644
index b422b2b56..000000000
--- a/security/coreconf/WINNT3.51.mk
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 3.51
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-# It has the following internal variables:
-# OS_PROC_CFLAGS and OS_WIN_CFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
- OS_PROC_CFLAGS += -D_X86_
-else
- ifeq ($(CPU_ARCH), MIPS)
- OS_PROC_CFLAGS += -D_MIPS_
- else
- ifeq ($(CPU_ARCH), ALPHA)
- OS_PROC_CFLAGS += -D_ALPHA_
- endif
- endif
-endif
-
-OS_WIN_CFLAGS += -W3
-OS_CFLAGS += -nologo $(OS_WIN_CFLAGS) $(OS_PROC_CFLAGS)
-#OS_DLLFLAGS += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS
-OS_DLLFLAGS += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-OS_CFLAGS += -DWINNT
diff --git a/security/coreconf/WINNT4.0.mk b/security/coreconf/WINNT4.0.mk
deleted file mode 100644
index 7fc5a54d6..000000000
--- a/security/coreconf/WINNT4.0.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 4.0
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_X86_
-else
- ifeq ($(CPU_ARCH), MIPS)
- #OS_CFLAGS += -W3 -nologo
- #DEFINES += -D_MIPS_
- OS_CFLAGS += -W3 -nologo
- else
- ifeq ($(CPU_ARCH), ALPHA)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_ALPHA_=1
- endif
- endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-DEFINES += -DWINNT
-
-NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/WINNT5.0.mk b/security/coreconf/WINNT5.0.mk
deleted file mode 100644
index 303b98007..000000000
--- a/security/coreconf/WINNT5.0.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 5.0 (Windows 2000)
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_X86_
-else
- ifeq ($(CPU_ARCH), MIPS)
- #OS_CFLAGS += -W3 -nologo
- #DEFINES += -D_MIPS_
- OS_CFLAGS += -W3 -nologo
- else
- ifeq ($(CPU_ARCH), ALPHA)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_ALPHA_=1
- endif
- endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-DEFINES += -DWINNT
-
-NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/WINNT5.1.mk b/security/coreconf/WINNT5.1.mk
deleted file mode 100644
index f9c7ed1c8..000000000
--- a/security/coreconf/WINNT5.1.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 5.1 (Windows XP)
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_X86_
-else
- ifeq ($(CPU_ARCH), MIPS)
- #OS_CFLAGS += -W3 -nologo
- #DEFINES += -D_MIPS_
- OS_CFLAGS += -W3 -nologo
- else
- ifeq ($(CPU_ARCH), ALPHA)
- OS_CFLAGS += -W3 -nologo
- DEFINES += -D_ALPHA_=1
- endif
- endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-DEFINES += -DWINNT
-
-NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/arch.mk b/security/coreconf/arch.mk
deleted file mode 100644
index 277232c0c..000000000
--- a/security/coreconf/arch.mk
+++ /dev/null
@@ -1,333 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" macros for getting the OS architecture #
-# defines these symbols:
-# 64BIT_TAG
-# OS_ARCH (from uname -r)
-# OS_TEST (from uname -m)
-# OS_RELEASE (from uname -v and/or -r)
-# OS_TARGET User defined, or set to OS_ARCH
-# CPU_ARCH (from unmame -m or -p, ONLY on WINNT)
-# OS_CONFIG OS_TARGET + OS_RELEASE
-# OBJDIR_TAG
-# OBJDIR_NAME
-#######################################################################
-
-#
-# Macros for getting the OS architecture
-#
-
-ifeq ($(USE_64), 1)
- 64BIT_TAG=_64
-else
- 64BIT_TAG=
-endif
-
-OS_ARCH := $(subst /,_,$(shell uname -s))
-
-#
-# Attempt to differentiate between sparc and x86 Solaris
-#
-
-OS_TEST := $(shell uname -m)
-ifeq ($(OS_TEST),i86pc)
- OS_RELEASE := $(shell uname -r)_$(OS_TEST)
-else
- OS_RELEASE := $(shell uname -r)
-endif
-
-#
-# Force the IRIX64 machines to use IRIX.
-#
-
-ifeq ($(OS_ARCH),IRIX64)
- OS_ARCH = IRIX
-endif
-
-#
-# Force the older BSD/OS versions to use the new arch name.
-#
-
-ifeq ($(OS_ARCH),BSD_386)
- OS_ARCH = BSD_OS
-endif
-
-#
-# Catch Deterim if SVR4 is NCR or UNIXWARE
-#
-
-ifeq ($(OS_ARCH),UNIX_SV)
- ifneq ($(findstring NCR, $(shell grep NCR /etc/bcheckrc | head -1 )),)
- OS_ARCH = NCR
- else
- # Make UnixWare something human readable
- OS_ARCH = UNIXWARE
- endif
-
- # Get the OS release number, not 4.2
- OS_RELEASE := $(shell uname -v)
-endif
-
-ifeq ($(OS_ARCH),UNIX_System_V)
- OS_ARCH = NEC
-endif
-
-ifeq ($(OS_ARCH),AIX)
- OS_RELEASE := $(shell uname -v).$(shell uname -r)
-endif
-
-#
-# Distinguish between OSF1 V4.0B and V4.0D
-#
-
-ifeq ($(OS_ARCH)$(OS_RELEASE),OSF1V4.0)
- OS_VERSION := $(shell uname -v)
- ifeq ($(OS_VERSION),564)
- OS_RELEASE := V4.0B
- endif
- ifeq ($(OS_VERSION),878)
- OS_RELEASE := V4.0D
- endif
-endif
-
-#
-# SINIX changes name to ReliantUNIX with 5.43
-#
-
-ifeq ($(OS_ARCH),ReliantUNIX-N)
- OS_ARCH = ReliantUNIX
- OS_RELEASE = 5.4
-endif
-
-ifeq ($(OS_ARCH),SINIX-N)
- OS_ARCH = ReliantUNIX
- OS_RELEASE = 5.4
-endif
-
-#
-# Handle FreeBSD 2.2-STABLE and Linux 2.0.30-osfmach3
-#
-
-ifeq (,$(filter-out Linux FreeBSD,$(OS_ARCH)))
- OS_RELEASE := $(shell echo $(OS_RELEASE) | sed 's/-.*//')
-endif
-
-ifeq ($(OS_ARCH),Linux)
- OS_RELEASE := $(basename $(OS_RELEASE))
-endif
-
-#
-# For OS/2
-#
-ifeq ($(OS_ARCH),OS_2)
- OS_ARCH = OS2
- OS_RELEASE := $(shell uname -v)
-endif
-
-ifneq (,$(findstring OpenVMS,$(OS_ARCH)))
- OS_ARCH = OpenVMS
- OS_RELEASE := $(shell uname -v)
-endif
-
-#######################################################################
-# Master "Core Components" macros for getting the OS target #
-#######################################################################
-
-#
-# Note: OS_TARGET should be specified on the command line for gmake.
-# When OS_TARGET=WIN95 is specified, then a Windows 95 target is built.
-# The difference between the Win95 target and the WinNT target is that
-# the WinNT target uses Windows NT specific features not available
-# in Windows 95. The Win95 target will run on Windows NT, but (supposedly)
-# at lesser performance (the Win95 target uses threads; the WinNT target
-# uses fibers).
-#
-# When OS_TARGET=WIN16 is specified, then a Windows 3.11 (16bit) target
-# is built. See: win16_3.11.mk for lots more about the Win16 target.
-#
-# If OS_TARGET is not specified, it defaults to $(OS_ARCH), i.e., no
-# cross-compilation.
-#
-
-#
-# The following hack allows one to build on a WIN95 machine (as if
-# s/he were cross-compiling on a WINNT host for a WIN95 target).
-# It also accomodates for MKS's and Cygwin's uname.exe.
-#
-ifeq ($(OS_ARCH),WIN95)
- OS_ARCH = WINNT
- OS_TARGET = WIN95
-endif
-ifeq ($(OS_ARCH),Windows_95)
- OS_ARCH = Windows_NT
- OS_TARGET = WIN95
-endif
-ifeq ($(OS_ARCH),CYGWIN_95-4.0)
- OS_ARCH = CYGWIN_NT-4.0
- OS_TARGET = WIN95
-endif
-ifeq ($(OS_ARCH),CYGWIN_98-4.10)
- OS_ARCH = CYGWIN_NT-4.0
- OS_TARGET = WIN95
-endif
-
-#
-# On WIN32, we also define the variable CPU_ARCH, if it isn't already.
-#
-ifndef CPU_ARCH
- ifeq ($(OS_ARCH), WINNT)
- CPU_ARCH := $(shell uname -p)
- ifeq ($(CPU_ARCH),I386)
- CPU_ARCH = x386
- endif
- endif
-endif
-
-# If uname -s returns "Windows_NT", we assume that we are using
-# the uname.exe in MKS toolkit.
-#
-# The -r option of MKS uname only returns the major version number.
-# So we need to use its -v option to get the minor version number.
-# Moreover, it doesn't have the -p option, so we need to use uname -m.
-#
-ifeq ($(OS_ARCH), Windows_NT)
- OS_ARCH = WINNT
- OS_MINOR_RELEASE := $(shell uname -v)
- ifeq ($(OS_MINOR_RELEASE),00)
- OS_MINOR_RELEASE = 0
- endif
- OS_RELEASE := $(OS_RELEASE).$(OS_MINOR_RELEASE)
- ifndef CPU_ARCH
- CPU_ARCH := $(shell uname -m)
- #
- # MKS's uname -m returns "586" on a Pentium machine.
- #
- ifneq (,$(findstring 86,$(CPU_ARCH)))
- CPU_ARCH = x386
- endif
- endif
-endif
-#
-# If uname -s returns "CYGWIN_NT-4.0", we assume that we are using
-# the uname.exe in the Cygwin tools.
-#
-ifeq (CYGWIN_NT,$(findstring CYGWIN_NT,$(OS_ARCH)))
- OS_RELEASE := $(patsubst CYGWIN_NT-%,%,$(OS_ARCH))
- OS_ARCH = WINNT
- ifndef CPU_ARCH
- CPU_ARCH := $(shell uname -m)
- #
- # Cygwin's uname -m returns "i686" on a Pentium Pro machine.
- #
- ifneq (,$(findstring 86,$(CPU_ARCH)))
- CPU_ARCH = x386
- endif
- endif
-endif
-
-ifndef OS_TARGET
- OS_TARGET = $(OS_ARCH)
-endif
-
-ifeq ($(OS_TARGET), WIN95)
- OS_RELEASE = 4.0
-endif
-
-ifeq ($(OS_TARGET), WIN16)
- OS_RELEASE =
-# OS_RELEASE = _3.11
-endif
-
-ifdef OS_TARGET_RELEASE
- OS_RELEASE = $(OS_TARGET_RELEASE)
-endif
-
-#
-# This variable is used to get OS_CONFIG.mk.
-#
-
-OS_CONFIG = $(OS_TARGET)$(OS_RELEASE)
-
-#
-# OBJDIR_TAG depends on the predefined variable BUILD_OPT,
-# to distinguish between debug and release builds.
-#
-
-ifdef BUILD_OPT
- ifeq ($(OS_TARGET),WIN16)
- OBJDIR_TAG = _O
- else
- OBJDIR_TAG = $(64BIT_TAG)_OPT
- endif
-else
- ifdef BUILD_IDG
- ifeq ($(OS_TARGET),WIN16)
- OBJDIR_TAG = _I
- else
- OBJDIR_TAG = $(64BIT_TAG)_IDG
- endif
- else
- ifeq ($(OS_TARGET),WIN16)
- OBJDIR_TAG = _D
- else
- OBJDIR_TAG = $(64BIT_TAG)_DBG
- endif
- endif
-endif
-
-#
-# The following flags are defined in the individual $(OS_CONFIG).mk
-# files.
-#
-# CPU_TAG is defined if the CPU is not the most common CPU.
-# COMPILER_TAG is defined if the compiler is not the native compiler.
-# IMPL_STRATEGY may be defined too.
-#
-
-OBJDIR_NAME = $(OS_TARGET)$(OS_RELEASE)$(CPU_TAG)$(COMPILER_TAG)$(LIBC_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJ
-
-ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16
-ifndef BUILD_OPT
-#
-# Define USE_DEBUG_RTL if you want to use the debug runtime library
-# (RTL) in the debug build
-#
-ifdef USE_DEBUG_RTL
- OBJDIR_NAME = $(OS_TARGET)$(OS_RELEASE)$(CPU_TAG)$(COMPILER_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJD
-endif
-endif
-endif
-
-MK_ARCH = included
diff --git a/security/coreconf/command.mk b/security/coreconf/command.mk
deleted file mode 100644
index 96cddff68..000000000
--- a/security/coreconf/command.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" default command macros; #
-# can be overridden in <arch>.mk #
-#######################################################################
-
-AS = $(CC)
-ASFLAGS += $(CFLAGS)
-CCF = $(CC) $(CFLAGS)
-LINK_DLL = $(LINK) $(OS_DLLFLAGS) $(DLLFLAGS)
-LINK_EXE = $(LINK) $(OS_LFLAGS) $(LFLAGS)
-NFSPWD = $(NSINSTALL_DIR)/nfspwd
-CFLAGS = $(OPTIMIZER) $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
- $(XCFLAGS)
-RANLIB = echo
-TAR = /bin/tar
-#
-# For purify
-#
-NOMD_CFLAGS += $(OPTIMIZER) $(NOMD_OS_CFLAGS) $(XP_DEFINE) $(DEFINES) \
- $(INCLUDES) $(XCFLAGS)
-
-MK_COMMAND = included
diff --git a/security/coreconf/config.mk b/security/coreconf/config.mk
deleted file mode 100644
index 1bb3962f4..000000000
--- a/security/coreconf/config.mk
+++ /dev/null
@@ -1,168 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Configuration information for building in the "Core Components" source module
-#
-
-#######################################################################
-# [1.0] Master "Core Components" source and release <architecture> #
-# tags #
-#######################################################################
-ifndef MK_ARCH
-include $(CORE_DEPTH)/coreconf/arch.mk
-endif
-
-#######################################################################
-# [2.0] Master "Core Components" default command macros #
-# (NOTE: may be overridden in $(OS_TARGET)$(OS_RELEASE).mk) #
-#######################################################################
-ifndef MK_COMMAND
-include $(CORE_DEPTH)/coreconf/command.mk
-endif
-
-#######################################################################
-# [3.0] Master "Core Components" <architecture>-specific macros #
-# (dependent upon <architecture> tags) #
-# #
-# We are moving towards just having a $(OS_TARGET).mk file #
-# as opposed to multiple $(OS_TARGET)$(OS_RELEASE).mk files, #
-# one for each OS release. #
-#######################################################################
-
-TARGET_OSES = FreeBSD BSD_OS NetBSD OpenUNIX OS2 QNX Darwin BeOS OpenBSD \
- OpenVMS
-
-ifeq (,$(filter-out $(TARGET_OSES),$(OS_TARGET)))
-include $(CORE_DEPTH)/coreconf/$(OS_TARGET).mk
-else
-include $(CORE_DEPTH)/coreconf/$(OS_TARGET)$(OS_RELEASE).mk
-endif
-
-#######################################################################
-# [4.0] Master "Core Components" source and release <platform> tags #
-# (dependent upon <architecture> tags) #
-#######################################################################
-PLATFORM = $(OBJDIR_NAME)
-
-#######################################################################
-# [5.0] Master "Core Components" release <tree> tags #
-# (dependent upon <architecture> tags) #
-#######################################################################
-ifndef MK_TREE
-include $(CORE_DEPTH)/coreconf/tree.mk
-endif
-
-#######################################################################
-# [6.0] Master "Core Components" source and release <component> tags #
-# NOTE: A component is also called a module or a subsystem. #
-# (dependent upon $(MODULE) being defined on the #
-# command line, as an environment variable, or in individual #
-# makefiles, or more appropriately, manifest.mn) #
-#######################################################################
-ifndef MK_MODULE
-include $(CORE_DEPTH)/coreconf/module.mk
-endif
-
-#######################################################################
-# [7.0] Master "Core Components" release <version> tags #
-# (dependent upon $(MODULE) being defined on the #
-# command line, as an environment variable, or in individual #
-# makefiles, or more appropriately, manifest.mn) #
-#######################################################################
-ifndef MK_VERSION
-include $(CORE_DEPTH)/coreconf/version.mk
-endif
-
-#######################################################################
-# [8.0] Master "Core Components" macros to figure out #
-# binary code location #
-# (dependent upon <platform> tags) #
-#######################################################################
-ifndef MK_LOCATION
-include $(CORE_DEPTH)/coreconf/location.mk
-endif
-
-#######################################################################
-# [9.0] Master "Core Components" <component>-specific source path #
-# (dependent upon <user_source_tree>, <source_component>, #
-# <version>, and <platform> tags) #
-#######################################################################
-ifndef MK_SOURCE
-include $(CORE_DEPTH)/coreconf/source.mk
-endif
-
-#######################################################################
-# [10.0] Master "Core Components" include switch for support header #
-# files #
-# (dependent upon <tree>, <component>, <version>, #
-# and <platform> tags) #
-#######################################################################
-ifndef MK_HEADERS
-include $(CORE_DEPTH)/coreconf/headers.mk
-endif
-
-#######################################################################
-# [11.0] Master "Core Components" for computing program prefixes #
-#######################################################################
-ifndef MK_PREFIX
-include $(CORE_DEPTH)/coreconf/prefix.mk
-endif
-
-#######################################################################
-# [12.0] Master "Core Components" for computing program suffixes #
-# (dependent upon <architecture> tags) #
-#######################################################################
-ifndef MK_SUFFIX
-include $(CORE_DEPTH)/coreconf/suffix.mk
-endif
-
-#######################################################################
-# [13.0] Master "Core Components" for defining JDK #
-# (dependent upon <architecture>, <source>, and <suffix> tags)#
-#######################################################################
-ifdef NS_USE_JDK
-include $(CORE_DEPTH)/coreconf/jdk.mk
-endif
-
-#######################################################################
-# [14.0] Master "Core Components" rule set #
-#######################################################################
-ifndef MK_RULESET
-include $(CORE_DEPTH)/coreconf/ruleset.mk
-endif
-
-#######################################################################
-# [15.0] Dependencies.
-#######################################################################
-
--include $(MKDEPENDENCIES)
-
diff --git a/security/coreconf/coreconf.pl b/security/coreconf/coreconf.pl
deleted file mode 100644
index 8471b0ead..000000000
--- a/security/coreconf/coreconf.pl
+++ /dev/null
@@ -1,156 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-sub recursive_copy {
- local($fromdir);
- local($todir);
- local(@dirlist);
- $fromdir = shift;
- $todir = shift;
-
- print STDERR "recursive copy called with $fromdir, $todir\n";
-
-#remove any trailing slashes.
- $fromdir =~ s/\/$//;
- $todir =~ s/\/$//;
-
- opendir(DIR, $fromdir);
- @dirlist = readdir DIR;
- close DIR;
-
-
- foreach $file (@dirlist) {
- if (! (($file eq "." ) || ($file eq "..") )) {
-
- if (-d "$fromdir/$file") {
- print STDERR "handling directory $todir/$file\n";
- &rec_mkdir("$todir/$file");
- &recursive_copy("$fromdir/$file","$todir/$file");
- }
- else {
- print STDERR "handling file $fromdir/$file\n";
- &my_copy("$fromdir/$file","$todir/$file");
- }
- }
- }
-}
-
-sub parse_argv {
-
-# print STDERR "Parsing Variables\n";
-
- foreach $q ( @ARGV ) {
- if (! ($q =~ /=/)) {
- $var{$lastassigned} .= " $q";
- }
- else {
- $q =~ /^([^=]*)=(.*)/;
- $left = $1;
- $right = $2;
-
- $right =~ s/ *$//;
- $var{$left} = $right;
-
- $lastassigned = $left;
-
- }
- print STDERR "Assigned $lastassigned = $var{$lastassigned}\n";
- }
-}
-
-
-# usage: &my_copy("dir/fromfile","dir2/tofile");
-# do a 'copy' - files only, 'to' MUST be a filename, not a directory.
-
-# fix this to be able to use copy on win nt.
-
-sub my_copy {
- local($from);
- local($to);
- local($cpcmd);
-
- $from = shift;
- $to = shift;
-
- if ( ! defined $var{OS_ARCH}) {
- die "OS_ARCH not defined!";
- }
- else {
- if ($var{OS_ARCH} eq 'WINNT') {
- $cpcmd = 'cp';
- }
- else {
- $cpcmd = 'cp';
- }
- print STDERR "COPYING: $cpcmd $from $to\n";
- system("$cpcmd $from $to");
- }
-}
-
-
-sub old_my_copy {
- local($from);
- local($to);
-
- $from = shift;
- $to = shift;
- open(FIN, "<$from") || die("Can't read from file $from\n");
- if ( ! open(FOUT,">$to")) {
- close FIN;
- die "Can't write to file $to\n";
- }
- while (read(FIN, $buf, 100000)) {
- print FOUT $buf;
- }
- close (FIN);
- close (FOUT);
-}
-
-sub rec_mkdir {
- local($arg);
- local($t);
- local($q);
-
- $arg = shift;
- $t = "";
- foreach $q (split(/\//,$arg)) {
- $t .= $q;
- if (! ($t =~ /\.\.$/)) {
- if ($t =~ /./) {
- mkdir($t,0775);
- }
- }
- $t.= '/';
- }
-}
-
-1;
diff --git a/security/coreconf/cpdist.pl b/security/coreconf/cpdist.pl
deleted file mode 100755
index cea077990..000000000
--- a/security/coreconf/cpdist.pl
+++ /dev/null
@@ -1,195 +0,0 @@
-#! /usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-require('coreconf.pl');
-
-#######-- read in variables on command line into %var
-
-&parse_argv;
-
-### do the copy
-
-print STDERR "RELEASE TREE / MODULE = $var{RELEASE_TREE} $var{MODULE}\n";
-
-
-
-# 1
-if ($var{RELEASE} eq "") { exit; } # Can't do release here, so exit.
-
-# 2
-#if (! ($var{RELEASE} =~ /\//)) { # if no specific version is specified in RELEASE variable
-# $component = $var{RELEASE};
-#}
-#else { # if a subcomponent/version is given in the RELEASE variable
-# $var{RELEASE} =~ m|^([^/]*)/|;
-# $component = $1; # everything before the first slash;
-# }
-
-# 3
-$path = $var{RELEASE};
-
-
-# 4
-# find out what directory we would create for 'today'
-
-$year = (localtime)[5] + 1900;
-$month = (localtime)[4] + 1;
-$day = (localtime)[3];
-$today = sprintf( "%d%02d%02d", $year, $month, $day );
-
-# 5
-# if version is null, then set the version to today.
-if ($var{"RELEASE_VERSION"} eq "") {
- $var{"RELEASE_VERSION"} = $today;
-}
-
-#6
-$version = $var{"RELEASE_VERSION"}; # set RELEASE_VERSION to passed in variable
-
-#7
-# if version is today, then we will want to make a 'current' link.
-
-if ($version eq $today) {
- $create_current = 1;
-}
-
-#8
-# version can be a) passed in value from command line, b) value in manifest.mn
-# or c) computed value such as '19970909'
-
-
-$dir = "$var{'RELEASE_TREE'}/$path";
-
-#9
-if (! (-e "$dir/$version" && -d "$dir/$version")) {
- print "making dir $dir \n";
- &rec_mkdir("$dir/$version");
-}
-
-
-
-print "version = $version\n";
-print "path = $path\n";
-print "var{release_tree} = $var{'RELEASE_TREE'}\n";
-print "dir = $dir = RELEASE_TREE/path\n";
-
-
-#10
-if ($create_current == 1) {
-
-# unlinking and linking always occurs, even if the link is correct
- print "unlinking $dir/current\n";
- unlink("$dir/current");
-
- print "putting version number $today into 'current' file..";
-
- open(FILE,">$dir/current") || die " couldn't open current\n";
- print FILE "$today\n";
- close(FILE);
- print " ..done\n"
-
-}
-
-&rec_mkdir("$dir/$version/$var{'RELEASE_MD_DIR'}");
-&rec_mkdir("$dir/$version/$var{'RELEASE_XP_DIR'}");
-
-
-
-
-foreach $jarfile (split(/ /,$var{FILES}) ) {
- print STDERR "---------------------------------------------\n";
-
- $jarinfo = $var{$jarfile};
-
- ($jardir,$jaropts) = split(/\|/,$jarinfo);
-
- if ($jaropts =~ /f/) {
- print STDERR "Copying files $jardir....\n";
- }
- else {
- print STDERR "Copying jar file $jarfile....\n";
- }
-
- print "jaropts = $jaropts\n";
-
- if ($jaropts =~ /m/) {
- $destdir = $var{"RELEASE_MD_DIR"};
- print "found m, using MD dir $destdir\n";
- }
- elsif ($jaropts =~ /x/) {
- $destdir = $var{"RELEASE_XP_DIR"};
- print "found x, using XP dir $destdir\n";
- }
- else {
- die "Error: must specify m or x in jar options in $jarinfo line\n";
- }
-
-
- $distdir = "$dir/$version/$destdir";
-
-
-
- if ($jaropts =~ /f/) {
-
- print "splitting: \"$jardir\"\n";
- for $srcfile (split(/ /,$jardir)) {
-
-#if srcfile has a slash
- if ($srcfile =~ m|/|) {
-#pull out everything before the last slash into $1
- $srcfile =~ m|(.*)/|;
- $distsubdir = "/$1";
- print "making dir $distdir$distsubdir\n";
- &rec_mkdir("$distdir$distsubdir");
- }
- print "copy: from $srcfile\n";
- print " to $distdir$distsubdir\n";
- $srcprefix = "";
- if ($jaropts =~/m/) {
- $srcprefix = "$var{'PLATFORM'}/";
- }
- system("cp $srcprefix$srcfile $distdir$distsubdir");
- }
- }
- else {
- $srcfile = "$var{SOURCE_RELEASE_PREFIX}/$jardir/$jarfile";
-
- print "copy: from $srcfile\n";
- print " to $distdir\n";
-
- system("cp $srcfile $distdir");
-
- }
-
- }
-
diff --git a/security/coreconf/headers.mk b/security/coreconf/headers.mk
deleted file mode 100644
index ff2da9a7f..000000000
--- a/security/coreconf/headers.mk
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" include switch for support header files #
-#######################################################################
-
-#
-# Always append source-side machine-dependent (md) and cross-platform
-# (xp) include paths
-#
-
-INCLUDES += -I$(SOURCE_MDHEADERS_DIR)
-
-ifneq ($(OS_TARGET),WIN16)
- INCLUDES += -I$(SOURCE_XPHEADERS_DIR)
-endif
-
-#
-# Only append source-side private cross-platform include paths for
-# sectools
-#
-
-INCLUDES += -I$(SOURCE_XPPRIVATE_DIR)
-
-ifdef MOZILLA_CLIENT
- INCLUDES += -I$(SOURCE_XP_DIR)/include $(MOZILLA_INCLUDES)
-endif
-
-MK_HEADERS = included
diff --git a/security/coreconf/import.pl b/security/coreconf/import.pl
deleted file mode 100755
index 0bba3c820..000000000
--- a/security/coreconf/import.pl
+++ /dev/null
@@ -1,218 +0,0 @@
-#! /usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-print STDERR "import.pl\n";
-
-require('coreconf.pl');
-
-
-$returncode =0;
-
-
-#######-- read in variables on command line into %var
-
-$var{ZIP} = "zip";
-$var{UNZIP} = "unzip -o";
-
-&parse_argv;
-
-if (! ($var{IMPORTS} =~ /\w/)) {
- print STDERR "nothing to import\n";
-}
-
-######-- Do the import!
-
-foreach $import (split(/ /,$var{IMPORTS}) ) {
-
- print STDERR "\n\nIMPORTING .... $import\n-----------------------------\n";
-
-
-# if a specific version specified in IMPORT variable
-# (if $import has a slash in it)
-
- if ($import =~ /\//) {
- # $component=everything before the first slash of $import
-
- $import =~ m|^([^/]*)/|;
- $component = $1;
-
- $import =~ m|^(.*)/([^/]*)$|;
-
- # $path=everything before the last slash of $import
- $path = $1;
-
- # $version=everything after the last slash of $import
- $version = $2;
-
- if ($var{VERSION} ne "current") {
- $version = $var{VERSION};
- }
- }
- else {
- $component = $import;
- $path = $import;
- $version = $var{VERSION};
- }
-
- $releasejardir = "$var{RELEASE_TREE}/$path";
- if ($version eq "current") {
- print STDERR "Current version specified. Reading 'current' file ... \n";
-
- open(CURRENT,"$releasejardir/current") || die "NO CURRENT FILE\n";
- $version = <CURRENT>;
- $version =~ s/(\r?\n)*$//; # remove any trailing [CR/]LF's
- close(CURRENT);
- print STDERR "Using version $version\n";
- if ( $version eq "") {
- die "Current version file empty. Stopping\n";
- }
- }
-
- $releasejardir = "$releasejardir/$version";
- if ( ! -d $releasejardir) {
- die "$releasejardir doesn't exist (Invalid Version?)\n";
- }
- foreach $jarfile (split(/ /,$var{FILES})) {
-
- ($relpath,$distpath,$options) = split(/\|/, $var{$jarfile});
-
- if ($var{'OVERRIDE_IMPORT_CHECK'} eq 'YES') {
- $options =~ s/v//g;
- }
-
- if ( $relpath ne "") { $releasejarpathname = "$releasejardir/$relpath";}
- else { $releasejarpathname = $releasejardir; }
-
-# If a component doesn't have IDG versions, import the DBG ones
- if( ! -e "$releasejarpathname/$jarfile" ) {
- if( $relpath =~ /IDG\.OBJ$/ ) {
- $relpath =~ s/IDG.OBJ/DBG.OBJ/;
- $releasejarpathname = "$releasejardir/$relpath";
- } elsif( $relpath =~ /IDG\.OBJD$/ ) {
- $relpath =~ s/IDG.OBJD/DBG.OBJD/;
- $releasejarpathname = "$releasejardir/$relpath";
- }
- }
-
- if (-e "$releasejarpathname/$jarfile") {
- print STDERR "\nWorking on jarfile: $jarfile\n";
-
- if ($distpath =~ m|/$|) {
- $distpathname = "$distpath$component";
- }
- else {
- $distpathname = "$distpath";
- }
-
-
-#the block below is used to determine whether or not the xp headers have
-#already been imported for this component
-
- $doimport = 1;
- if ($options =~ /v/) { # if we should check the imported version
- print STDERR "Checking if version file exists $distpathname/version\n";
- if (-e "$distpathname/version") {
- open( VFILE, "<$distpathname/version") ||
- die "Cannot open $distpathname/version for reading. Permissions?\n";
- $importversion = <VFILE>;
- close (VFILE);
- $importversion =~ s/\r?\n$//; # Strip off any trailing CR/LF
- if ($version eq $importversion) {
- print STDERR "$distpathname version '$importversion' already imported. Skipping...\n";
- $doimport =0;
- }
- }
- }
-
- if ($doimport == 1) {
- if (! -d "$distpathname") {
- &rec_mkdir("$distpathname");
- }
- # delete the stuff in there already.
- # (this should really be recursive delete.)
-
- if ($options =~ /v/) {
- $remheader = "\nREMOVING files in '$distpathname/' :";
- opendir(DIR,"$distpathname") ||
- die ("Cannot read directory $distpathname\n");
- @filelist = readdir(DIR);
- closedir(DIR);
- foreach $file ( @filelist ) {
- if (! ($file =~ m!/.?.$!) ) {
- if (! (-d $file)) {
- $file =~ m!([^/]*)$!;
- print STDERR "$remheader $1";
- $remheader = " ";
- unlink "$distpathname/$file";
- }
- }
- }
- }
-
-
- print STDERR "\n\n";
-
- print STDERR "\nExtracting jarfile '$jarfile' to local directory $distpathname/\n";
-
- print STDERR "$var{UNZIP} $releasejarpathname/$jarfile -d $distpathname\n";
- system("$var{UNZIP} $releasejarpathname/$jarfile -d $distpathname");
-
- $r = $?;
-
- if ($options =~ /v/) {
- if ($r == 0) {
- unlink ("$distpathname/version");
- if (open(VFILE,">$distpathname/version")) {
- print VFILE "$version\n";
- close(VFILE);
- }
- }
- else {
- print STDERR "Could not create '$distpathname/version'. Permissions?\n";
- $returncode ++;
- }
- }
- } # if (doimport)
- } # if (-e releasejarpathname/jarfile)
- } # foreach jarfile)
-} # foreach IMPORT
-
-
-
-exit($returncode);
-
-
-
-
-
diff --git a/security/coreconf/jdk.mk b/security/coreconf/jdk.mk
deleted file mode 100644
index 7e069914e..000000000
--- a/security/coreconf/jdk.mk
+++ /dev/null
@@ -1,626 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ifdef NS_USE_JDK
-#######################################################################
-# [1] Define preliminary JDK "Core Components" toolset options #
-#######################################################################
-
-# set default JDK java threading model
-ifeq ($(JDK_THREADING_MODEL),)
- JDK_THREADING_MODEL = native_threads
-# no such thing as -native flag
- JDK_THREADING_MODEL_OPT =
-endif
-
-#######################################################################
-# [2] Define platform-independent JDK "Core Components" options #
-#######################################################################
-
-# set default location of the java classes repository
-ifeq ($(JAVA_DESTPATH),)
-ifdef BUILD_OPT
- JAVA_DESTPATH = $(SOURCE_CLASSES_DIR)
-else
- JAVA_DESTPATH = $(SOURCE_CLASSES_DBG_DIR)
-endif
-endif
-
-# set default location of the package under the java classes repository
-# note that this overrides the default package value in ruleset.mk
-ifeq ($(PACKAGE),)
- PACKAGE = .
-endif
-
-# set default location of the java source code repository
-ifeq ($(JAVA_SOURCEPATH),)
- JAVA_SOURCEPATH = .
-endif
-
-# add JNI directory to default include search path
-ifneq ($(JNI_GEN),)
- ifdef NSBUILDROOT
- INCLUDES += -I$(JNI_GEN_DIR) -I$(SOURCE_XP_DIR)
- else
- INCLUDES += -I$(JNI_GEN_DIR)
- endif
-endif
-
-#######################################################################
-# [3] Define platform-dependent JDK "Core Components" options #
-#######################################################################
-
-# set [Microsoft Windows] platforms
-ifeq ($(OS_ARCH), WINNT)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
- endif
- endif
-
- PATH_SEPARATOR = ;
-
- # (2) specify "header" information
- JAVA_ARCH = win32
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "linker" information
- JAVA_CPU =
-
- JAVA_LIBDIR = lib
-
- JAVA_CLIBS =
-
- JAVA_LIBS = -LIBPATH:$(JAVA_HOME)/$(JAVA_LIBDIR) jvm.lib
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # currently, disable JIT option on this platform
- JDK_JIT_OPT = -nojit
-endif
-
-# set [Sun Solaris] platforms
-ifeq ($(OS_ARCH), SunOS)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
- endif
- endif
-
- PATH_SEPARATOR = :
-
- # (2) specify "header" information
- JAVA_ARCH = solaris
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "linker" information
-ifeq ($(USE_64), 1)
- JAVA_CPU = $(shell uname -p)v9
-else
- JAVA_CPU = $(shell uname -p)
-endif
-
-ifeq ($(JDK_VERSION), 1.1)
- JAVA_LIBDIR = lib/$(JAVA_CPU)
-else
- JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-endif
-
- # ** IMPORTANT ** having -lthread before -lnspr is critical on solaris
- # when linking with -ljava as nspr redefines symbols in libthread that
- # cause JNI executables to fail with assert of bad thread stack values.
- JAVA_CLIBS = -lthread
-
-ifneq ($(JDK_VERSION), 1.1)
-ifeq ($(USE_64), 1)
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server
-else
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic
-endif
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)
- JAVA_LIBS += -ljvm -ljava
-else
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -ljava
-endif
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # currently, disable JIT option on this platform
- JDK_JIT_OPT =
-endif
-
-# set [Hewlett Packard HP-UX] platforms
-ifeq ($(OS_ARCH), HP-UX)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
- endif
- endif
-
- PATH_SEPARATOR = :
-
- # (2) specify "header" information
- JAVA_ARCH = hp-ux
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "linker" information
- JAVA_CPU = PA_RISC
-
- JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-
- JAVA_CLIBS =
-
- JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # no JIT option available on this platform
- JDK_JIT_OPT =
-endif
-
-# set [Redhat Linux] platforms
-ifeq ($(OS_ARCH), Linux)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
- endif
- endif
-
- PATH_SEPARATOR = :
-
- # (2) specify "header" information
- JAVA_ARCH = linux
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "linker" information
- JAVA_CPU = i386
-
- JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-
- JAVA_CLIBS =
-
- ifeq ($(JDK_VERSION), 1.4)
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server -ljvm
- else
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
- endif
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # no JIT option available on this platform
- JDK_JIT_OPT =
-endif
-
-# set [IBM AIX] platforms
-ifeq ($(OS_ARCH), AIX)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
- endif
- endif
-
- PATH_SEPARATOR = :
-
- # (2) specify "header" information
- JAVA_ARCH = aix
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "linker" information
- JAVA_CPU = aix
-
- JAVA_LIBDIR = jre/bin
-
- JAVA_CLIBS =
-
- JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR) -lhpi
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # no JIT option available on this platform
- JDK_JIT_OPT =
-endif
-
-# set [Digital UNIX] platforms
-ifeq ($(OS_ARCH), OSF1)
- JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
- endif
- endif
-
- PATH_SEPARATOR = :
-
- # (2) specify "header" information
- JAVA_ARCH = alpha
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "linker" information
- JAVA_CPU = alpha
-
- JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-
- JAVA_CLIBS =
-
- JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # no JIT option available on this platform
- JDK_JIT_OPT =
-endif
-
-# set [Silicon Graphics IRIX] platforms
-ifeq ($(OS_ARCH), IRIX)
- JAVA_CLASSES = $(JAVA_HOME)/lib/dev.jar:$(JAVA_HOME)/lib/rt.jar
-
- ifeq ($(JRE_HOME),)
- JRE_HOME = $(JAVA_HOME)
- JRE_CLASSES = $(JAVA_CLASSES)
- else
- ifeq ($(JRE_CLASSES),)
- JRE_CLASSES = $(JRE_HOME)/lib/dev.jar:$(JRE_HOME)/lib/rt.jar
- endif
- endif
-
- PATH_SEPARATOR = :
-
- # (2) specify "header" information
- JAVA_ARCH = irix
-
- INCLUDES += -I$(JAVA_HOME)/include
- INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
- # (3) specify "-n32 linker" information
- JAVA_CPU = sgi
-
- JAVA_LIBDIR = lib32/$(JAVA_CPU)
-
- JAVA_CLIBS =
-
- JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
- JAVA_LIBS += -lirixextra
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
- JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
- JAVA_LIBS += $(JAVA_CLIBS)
-
- LDFLAGS += $(JAVA_LIBS)
-
- # no JIT option available on this platform
- JDK_JIT_OPT =
-endif
-
-#######################################################################
-# [4] Define remaining JDK "Core Components" default toolset options #
-#######################################################################
-
-# set JDK optimization model
-ifeq ($(BUILD_OPT),1)
- JDK_OPTIMIZER_OPT = -O
-else
- JDK_OPTIMIZER_OPT = -g
-endif
-
-# set minimal JDK debugging model
-ifeq ($(JDK_DEBUG),1)
- JDK_DEBUG_OPT = -debug
-else
- JDK_DEBUG_OPT =
-endif
-
-# set default path to repository for JDK classes
-ifeq ($(JDK_CLASS_REPOSITORY_OPT),)
- JDK_CLASS_REPOSITORY_OPT = -d $(JAVA_DESTPATH)
-endif
-
-# define a default JDK classpath
-ifeq ($(JDK_CLASSPATH),)
- JDK_CLASSPATH = '$(JAVA_DESTPATH)$(PATH_SEPARATOR)$(JAVA_SOURCEPATH)$(PATH_SEPARATOR)$(JAVA_CLASSES)'
-endif
-
-# by default, override CLASSPATH environment variable using the JDK classpath option with $(JDK_CLASSPATH)
-ifeq ($(JDK_CLASSPATH_OPT),)
- JDK_CLASSPATH_OPT = -classpath $(JDK_CLASSPATH)
-endif
-
-ifeq ($(USE_64), 1)
- JDK_USE_64 = -d64
-endif
-
-endif
-
-
-#######################################################################
-# [5] Define JDK "Core Components" toolset; #
-# (always allow a user to override these values) #
-#######################################################################
-
-#
-# (1) appletviewer
-#
-
-ifeq ($(APPLETVIEWER),)
- APPLETVIEWER_PROG = $(JAVA_HOME)/bin/appletviewer$(PROG_SUFFIX)
- APPLETVIEWER_FLAGS = $(JDK_THREADING_MODEL_OPT)
- APPLETVIEWER_FLAGS += $(JDK_DEBUG_OPT)
- APPLETVIEWER_FLAGS += $(JDK_JIT_OPT)
- APPLETVIEWER = $(APPLETVIEWER_PROG) $(APPLETVIEWER_FLAGS)
-endif
-
-#
-# (2) jar
-#
-
-ifeq ($(JAR),)
- JAR_PROG = $(JAVA_HOME)/bin/jar$(PROG_SUFFIX)
- JAR_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAR = $(JAR_PROG) $(JAR_FLAGS)
-endif
-
-#
-# (3) java
-#
-
-ifeq ($(JAVA),)
- JAVA_PROG = $(JAVA_HOME)/bin/java$(PROG_SUFFIX)
- JAVA_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVA_FLAGS += $(JDK_DEBUG_OPT)
- JAVA_FLAGS += $(JDK_CLASSPATH_OPT)
- JAVA_FLAGS += $(JDK_JIT_OPT)
- JAVA_FLAGS += $(JDK_USE_64)
- JAVA = $(JAVA_PROG) $(JAVA_FLAGS)
-endif
-
-#
-# (4) javac
-#
-
-ifeq ($(JAVAC),)
- JAVAC_PROG = $(JAVA_HOME)/bin/javac$(PROG_SUFFIX)
- JAVAC_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVAC_FLAGS += $(JDK_OPTIMIZER_OPT)
- JAVAC_FLAGS += $(JDK_DEBUG_OPT)
- JAVAC_FLAGS += $(JDK_CLASSPATH_OPT)
- JAVAC_FLAGS += $(JDK_CLASS_REPOSITORY_OPT)
- JAVAC_FLAGS += $(JDK_USE_64)
- JAVAC = $(JAVAC_PROG) $(JAVAC_FLAGS)
-endif
-
-#
-# (5) javadoc
-#
-
-ifeq ($(JAVADOC),)
- JAVADOC_PROG = $(JAVA_HOME)/bin/javadoc$(PROG_SUFFIX)
- JAVADOC_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVADOC_FLAGS += $(JDK_CLASSPATH_OPT)
- JAVADOC = $(JAVADOC_PROG) $(JAVADOC_FLAGS)
-endif
-
-#
-# (6) javah
-#
-
-ifeq ($(JAVAH),)
- JAVAH_PROG = $(JAVA_HOME)/bin/javah$(PROG_SUFFIX)
- JAVAH_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVAH_FLAGS += $(JDK_CLASSPATH_OPT)
- JAVAH = $(JAVAH_PROG) $(JAVAH_FLAGS)
-endif
-
-#
-# (7) javakey
-#
-
-ifeq ($(JAVAKEY),)
- JAVAKEY_PROG = $(JAVA_HOME)/bin/javakey$(PROG_SUFFIX)
- JAVAKEY_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVAKEY = $(JAVAKEY_PROG) $(JAVAKEY_FLAGS)
-endif
-
-#
-# (8) javap
-#
-
-ifeq ($(JAVAP),)
- JAVAP_PROG = $(JAVA_HOME)/bin/javap$(PROG_SUFFIX)
- JAVAP_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVAP_FLAGS += $(JDK_CLASSPATH_OPT)
- JAVAP = $(JAVAP_PROG) $(JAVAP_FLAGS)
-endif
-
-#
-# (9) javat
-#
-
-ifeq ($(JAVAT),)
- JAVAT_PROG = $(JAVA_HOME)/bin/javat$(PROG_SUFFIX)
- JAVAT_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVAT = $(JAVAT_PROG) $(JAVAT_FLAGS)
-endif
-
-#
-# (10) javaverify
-#
-
-ifeq ($(JAVAVERIFY),)
- JAVAVERIFY_PROG = $(JAVA_HOME)/bin/javaverify$(PROG_SUFFIX)
- JAVAVERIFY_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JAVAVERIFY = $(JAVAVERIFY_PROG) $(JAVAVERIFY_FLAGS)
-endif
-
-#
-# (11) javaw
-#
-
-ifeq ($(JAVAW),)
- jJAVAW_PROG = $(JAVA_HOME)/bin/javaw$(PROG_SUFFIX)
- jJAVAW_FLAGS = $(JDK_THREADING_MODEL_OPT)
- jJAVAW_FLAGS += $(JDK_DEBUG_OPT)
- jJAVAW_FLAGS += $(JDK_CLASSPATH_OPT)
- jJAVAW_FLAGS += $(JDK_JIT_OPT)
- jJAVAW = $(JAVAW_PROG) $(JAVAW_FLAGS)
-endif
-
-#
-# (12) jdb
-#
-
-ifeq ($(JDB),)
- JDB_PROG = $(JAVA_HOME)/bin/jdb$(PROG_SUFFIX)
- JDB_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JDB_FLAGS += $(JDK_DEBUG_OPT)
- JDB_FLAGS += $(JDK_CLASSPATH_OPT)
- JDB_FLAGS += $(JDK_JIT_OPT)
- JDB = $(JDB_PROG) $(JDB_FLAGS)
-endif
-
-#
-# (13) jre
-#
-
-ifeq ($(JRE),)
- JRE_PROG = $(JAVA_HOME)/bin/jre$(PROG_SUFFIX)
- JRE_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JRE_FLAGS += $(JDK_CLASSPATH_OPT)
- JRE_FLAGS += $(JDK_JIT_OPT)
- JRE = $(JRE_PROG) $(JRE_FLAGS)
-endif
-
-#
-# (14) jrew
-#
-
-ifeq ($(JREW),)
- JREW_PROG = $(JAVA_HOME)/bin/jrew$(PROG_SUFFIX)
- JREW_FLAGS = $(JDK_THREADING_MODEL_OPT)
- JREW_FLAGS += $(JDK_CLASSPATH_OPT)
- JREW_FLAGS += $(JDK_JIT_OPT)
- JREW = $(JREW_PROG) $(JREW_FLAGS)
-endif
-
-#
-# (15) native2ascii
-#
-
-ifeq ($(NATIVE2ASCII),)
- NATIVE2ASCII_PROG = $(JAVA_HOME)/bin/native2ascii$(PROG_SUFFIX)
- NATIVE2ASCII_FLAGS = $(JDK_THREADING_MODEL_OPT)
- NATIVE2ASCII = $(NATIVE2ASCII_PROG) $(NATIVE2ASCII_FLAGS)
-endif
-
-#
-# (16) rmic
-#
-
-ifeq ($(RMIC),)
- RMIC_PROG = $(JAVA_HOME)/bin/rmic$(PROG_SUFFIX)
- RMIC_FLAGS = $(JDK_THREADING_MODEL_OPT)
- RMIC_FLAGS += $(JDK_OPTIMIZER_OPT)
- RMIC_FLAGS += $(JDK_CLASSPATH_OPT)
- RMIC = $(RMIC_PROG) $(RMIC_FLAGS)
-endif
-
-#
-# (17) rmiregistry
-#
-
-ifeq ($(RMIREGISTRY),)
- RMIREGISTRY_PROG = $(JAVA_HOME)/bin/rmiregistry$(PROG_SUFFIX)
- RMIREGISTRY_FLAGS = $(JDK_THREADING_MODEL_OPT)
- RMIREGISTRY = $(RMIREGISTRY_PROG) $(RMIREGISTRY_FLAGS)
-endif
-
-#
-# (18) serialver
-#
-
-ifeq ($(SERIALVER),)
- SERIALVER_PROG = $(JAVA_HOME)/bin/serialver$(PROG_SUFFIX)
- SERIALVER_FLAGS = $(JDK_THREADING_MODEL_OPT)
- SERIALVER = $(SERIALVER_PROG) $(SERIALVER_FLAGS)
-endif
diff --git a/security/coreconf/jniregen.pl b/security/coreconf/jniregen.pl
deleted file mode 100755
index 8bdd24448..000000000
--- a/security/coreconf/jniregen.pl
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# Input: -d dir -j javahcmd foo1 foo2 . . .
-# Compares generated "_jni/foo1.h" file with "foo1.class", and
-# generated "_jni/foo2.h" file with "foo2.class", etc.
-# (NOTE: unlike its closely related cousin, outofdate.pl,
-# the "-d dir" must always be specified)
-# Runs the javahcmd on all files that are different.
-#
-# Returns: list of headers which are OLDER than corresponding class
-# files (non-existant class files are considered to be real old :-)
-
-my $javah = "";
-my $classdir = "";
-
-while(1) {
- if ($ARGV[0] eq '-d') {
- $classdir = $ARGV[1];
- $classdir .= "/";
- shift;
- shift;
- } elsif($ARGV[0] eq '-j') {
- $javah = $ARGV[1];
- shift;
- shift;
- } else {
- last;
- }
-}
-
-if( $javah eq "") {
- die "Must specify -j <javah command>";
-}
-if( $classdir eq "") {
- die "Must specify -d <classdir>";
-}
-
-foreach $filename (@ARGV)
-{
- $headerfilename = "_jni/";
- $headerfilename .= $filename;
- $headerfilename =~ s/\./_/g;
- $headerfilename .= ".h";
-
- $classfilename = $filename;
- $classfilename =~ s|\.|/|g;
- $classfilename .= ".class";
-
- $classfilename = $classdir . $classfilename;
-
-
- ( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $headermtime,
- $ctime, $blksize, $blocks ) = stat( $headerfilename );
-
- ( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $classmtime,
- $ctime, $blksize, $blocks ) = stat( $classfilename );
-
- if( $headermtime < $classmtime )
- {
- # NOTE: Since this is used by "javah", and "javah" refuses to overwrite
- # an existing file, we force an unlink from this script, since
- # we actually want to regenerate the header file at this time.
- unlink $headerfilename;
- push @filelist, $filename;
- }
-}
-
-if( @filelist ) {
- $cmd = "$javah " . join(" ",@filelist);
- $cmd =~ s/\'/\"/g; # because windows doesn't understand single quote
- print "$cmd\n";
- exit (system($cmd) >> 8);
-} else {
- print "All JNI header files up to date.\n"
-}
diff --git a/security/coreconf/location.mk b/security/coreconf/location.mk
deleted file mode 100644
index 060bb47ee..000000000
--- a/security/coreconf/location.mk
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" macros to figure out binary code location #
-#######################################################################
-
-#
-# Figure out where the binary code lives.
-#
-
-ifdef BUILD_TREE
-ifdef LIBRARY_NAME
-BUILD = $(BUILD_TREE)/nss/$(LIBRARY_NAME)
-OBJDIR = $(BUILD_TREE)/nss/$(LIBRARY_NAME)
-DEPENDENCIES = $(BUILD_TREE)/nss/$(LIBRARY_NAME)/.md
-else
-BUILD = $(BUILD_TREE)/nss
-OBJDIR = $(BUILD_TREE)/nss
-DEPENDENCIES = $(BUILD_TREE)/nss/.md
-endif
-else
-BUILD = $(PLATFORM)
-OBJDIR = $(PLATFORM)
-DEPENDENCIES = $(PLATFORM)/.md
-endif
-
-DIST = $(SOURCE_PREFIX)/$(PLATFORM)
-
-ifdef BUILD_DEBUG_GC
- DEFINES += -DDEBUG_GC
-endif
-
-GARBAGE += $(DEPENDENCIES) core $(wildcard core.[0-9]*)
-
-MK_LOCATION = included
diff --git a/security/coreconf/makefile.win b/security/coreconf/makefile.win
deleted file mode 100644
index c3abce76b..000000000
--- a/security/coreconf/makefile.win
+++ /dev/null
@@ -1,100 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# An NMAKE file to set up and adjust coreconf's build system for
-# Client build. Client build should invoke NMAKE on this file
-# instead of invoking gmake directly.
-#
-
-NS_DEPTH = ..
-include <$(NS_DEPTH)\config\config.mak>
-#include <$(NS_DEPTH)\config\rules.mak>
-
-#
-# Backslashes are escape characters to gmake, so flip all backslashes
-# in $(MOZ_TOOLS) to forward slashes and pass that to gmake.
-#
-
-GMAKE = $(MOZ_TOOLS)\bin\gmake.exe MOZ_TOOLS_FLIPPED=$(MOZ_TOOLS:\=/)
-
-GMAKE = $(GMAKE) PR_CLIENT_BUILD=1 PR_CLIENT_BUILD_WINDOWS=1
-
-#
-# The Client's debug build uses MSVC's debug runtime library (/MDd).
-#
-
-!ifdef MOZ_DEBUG
-GMAKE = $(GMAKE) USE_DEBUG_RTL=1
-!else
-GMAKE = $(GMAKE) BUILD_OPT=1
-!endif
-
-!if "$(MOZ_BITS)" == "16"
-GMAKE = $(GMAKE) OS_TARGET=WIN16
-!else
-
-GMAKE = $(GMAKE) OS_TARGET=WIN95
-!ifdef MOZ_DEBUG
-PR_OBJDIR = WIN954.0_DBG.OBJD
-!else
-PR_OBJDIR = WIN954.0_OPT.OBJ
-!endif
-
-!endif
-
-#
-# The rules. Simply invoke gmake with the same target
-# for Win16, use the watcom compiler with the MSVC headers and libs
-#
-
-# this rule is needed so that nmake with no explicit target will only build
-# all, and not build all the targets named below in succession!
-default:: all
-
-# a rule like this one must only be used for explicitly named targets!
-all depend export libs install clobber clobber_all clean::
-!if "$(MOZ_BITS)" == "16"
- set PATH=%WATCPATH%
- set INCLUDE=%MSVC_INC%
- set LIB=%MSVC_LIB%
-!endif
- $(GMAKE) $@
-!if "$(MOZ_BITS)" == "16"
- set PATH=%MSVCPATH%
- set INCLUDE=%MSVC_INC%
- set LIB=%MSVC_LIB%
-!endif
-
-show:
- @echo "MAKEFLAGS = $(MAKEFLAGS)"
diff --git a/security/coreconf/module.mk b/security/coreconf/module.mk
deleted file mode 100644
index 6a9d49f59..000000000
--- a/security/coreconf/module.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# The master "Core Components" source and release component directory #
-# names are ALWAYS identical and are the value of $(MODULE). #
-# NOTE: A component is also called a module or a subsystem. #
-#######################################################################
-
-#
-# All "Core Components" <component>-specific source-side tags must
-# always be identified for compiling/linking purposes
-#
-
-ifndef JAVA_SOURCE_COMPONENT
- JAVA_SOURCE_COMPONENT = java
-endif
-
-ifndef NETLIB_SOURCE_COMPONENT
- NETLIB_SOURCE_COMPONENT = netlib
-endif
-
-ifndef NSPR_SOURCE_COMPONENT
- NSPR_SOURCE_COMPONENT = nspr20
-endif
-
-ifndef SECTOOLS_SOURCE_COMPONENT
- SECTOOLS_SOURCE_COMPONENT = sectools
-endif
-
-ifndef SECURITY_SOURCE_COMPONENT
- SECURITY_SOURCE_COMPONENT = security
-endif
-
-MK_MODULE = included
diff --git a/security/coreconf/nsinstall/Makefile b/security/coreconf/nsinstall/Makefile
deleted file mode 100644
index 625d4bc77..000000000
--- a/security/coreconf/nsinstall/Makefile
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH = ../..
-CORE_DEPTH = ../..
-
-MODULE = coreconf
-
-CSRCS = nsinstall.c pathsub.c
-
-PLSRCS = nfspwd.pl
-
-PROGRAM = nsinstall
-
-
-include $(DEPTH)/coreconf/config.mk
-
-ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET)))
-PROGRAM =
-else
-TARGETS = $(PROGRAM) $(PLSRCS:.pl=)
-endif
-
-ifdef NATIVE_CC
-CC=$(NATIVE_CC)
-endif
-
-ifdef NATIVE_FLAGS
-OS_CFLAGS=$(NATIVE_FLAGS)
-endif
-
-include $(DEPTH)/coreconf/rules.mk
-
-# Redefine MAKE_OBJDIR for just this directory
-define MAKE_OBJDIR
-if test ! -d $(@D); then rm -rf $(@D); mkdir $(@D); fi
-endef
-
diff --git a/security/coreconf/nsinstall/nfspwd b/security/coreconf/nsinstall/nfspwd
deleted file mode 100755
index 339abead3..000000000
--- a/security/coreconf/nsinstall/nfspwd
+++ /dev/null
@@ -1,46 +0,0 @@
-#! perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-require "fastcwd.pl";
-
-$_ = &fastcwd;
-if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) {
- print("$_\n");
-} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o)
- && readlink("/u/$user") eq "/usr/people/$user") {
- print("/u/$user/$rest\n");
-} else {
- chop($host = `hostname`);
- print("/h/$host$_\n");
-}
diff --git a/security/coreconf/nsinstall/nfspwd.pl b/security/coreconf/nsinstall/nfspwd.pl
deleted file mode 100644
index 339abead3..000000000
--- a/security/coreconf/nsinstall/nfspwd.pl
+++ /dev/null
@@ -1,46 +0,0 @@
-#! perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-require "fastcwd.pl";
-
-$_ = &fastcwd;
-if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) {
- print("$_\n");
-} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o)
- && readlink("/u/$user") eq "/usr/people/$user") {
- print("/u/$user/$rest\n");
-} else {
- chop($host = `hostname`);
- print("/h/$host$_\n");
-}
diff --git a/security/coreconf/nsinstall/nsinstall.c b/security/coreconf/nsinstall/nsinstall.c
deleted file mode 100644
index b7b846903..000000000
--- a/security/coreconf/nsinstall/nsinstall.c
+++ /dev/null
@@ -1,450 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** Netscape portable install command.
-*/
-#include <stdio.h> /* OSF/1 requires this before grp.h, so put it first */
-#include <assert.h>
-#include <fcntl.h>
-#include <string.h>
-#if defined(_WINDOWS)
-#include <windows.h>
-typedef unsigned int mode_t;
-#else
-#include <grp.h>
-#include <pwd.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <utime.h>
-#endif
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "pathsub.h"
-
-#define HAVE_LCHOWN
-
-#if defined(AIX) || defined(BSDI) || defined(HPUX) || defined(LINUX) || defined(SUNOS4) || defined(SCO) || defined(UNIXWARE) || defined(VMS) || defined(NTO) || defined(DARWIN) || defined(BEOS)
-#undef HAVE_LCHOWN
-#endif
-
-#define HAVE_FCHMOD
-
-#if defined(BEOS)
-#undef HAVE_FCHMOD
-#endif
-
-#ifdef LINUX
-#include <getopt.h>
-#endif
-
-#if defined(SCO) || defined(UNIXWARE) || defined(SNI) || defined(NCR) || defined(NEC)
-#if !defined(S_ISLNK) && defined(S_IFLNK)
-#define S_ISLNK(a) (((a) & S_IFMT) == S_IFLNK)
-#endif
-#endif
-
-#if defined(SNI)
-extern int fchmod(int fildes, mode_t mode);
-#endif
-
-
-#ifdef GETCWD_CANT_MALLOC
-/*
- * this should probably go into a utility library in case other applications
- * need it.
- */
-static char *
-getcwd_do_malloc(char *path, int len) {
-
- if (!path) {
- path = malloc(PATH_MAX +1);
- if (!path) return NULL;
- }
- return getcwd(path, PATH_MAX);
-}
-#define GETCWD getcwd_do_malloc
-#else
-#define GETCWD getcwd
-#endif
-
-
-static void
-usage(void)
-{
- fprintf(stderr,
- "usage: %s [-C cwd] [-L linkprefix] [-m mode] [-o owner] [-g group]\n"
- " %*s [-DdltR] file [file ...] directory\n",
- program, (int)strlen(program), "");
- exit(2);
-}
-
-/* this is more-or-less equivalent to mkdir -p */
-static int
-mkdirs(char *path, mode_t mode)
-{
- char * cp;
- int rv;
- struct stat sb;
-
- if (!path || !path[0])
- fail("Null pointer or empty string passed to mkdirs()");
- while (*path == '/' && path[1] == '/')
- path++;
- while ((cp = strrchr(path, '/')) && cp[1] == '\0')
- *cp = '\0';
- if (cp && cp != path) {
- *cp = '\0';
- if ((stat(path, &sb) < 0 || !S_ISDIR(sb.st_mode)) &&
- mkdirs(path, mode) < 0) {
- return -1;
- }
- *cp = '/';
- }
- rv = mkdir(path, mode);
- if (rv) {
- if (errno != EEXIST)
- fail("mkdirs cannot make %s", path);
- fprintf(stderr, "directory creation race: %s\n", path);
- if (!stat(path, &sb) && S_ISDIR(sb.st_mode))
- rv = 0;
- }
- return rv;
-}
-
-static uid_t
-touid(char *owner)
-{
- struct passwd *pw;
- uid_t uid;
- char *cp;
-
- if (!owner || !owner[0])
- fail("Null pointer or empty string passed to touid()");
- pw = getpwnam(owner);
- if (pw)
- return pw->pw_uid;
- uid = strtol(owner, &cp, 0);
- if (uid == 0 && cp == owner)
- fail("cannot find uid for %s", owner);
- return uid;
-}
-
-static gid_t
-togid(char *group)
-{
- struct group *gr;
- gid_t gid;
- char *cp;
-
- if (!group || !group[0])
- fail("Null pointer or empty string passed to togid()");
- gr = getgrnam(group);
- if (gr)
- return gr->gr_gid;
- gid = strtol(group, &cp, 0);
- if (gid == 0 && cp == group)
- fail("cannot find gid for %s", group);
- return gid;
-}
-
-void * const uninit = (void *)0xdeadbeef;
-
-int
-main(int argc, char **argv)
-{
- char * base = uninit;
- char * bp = uninit;
- char * cp = uninit;
- char * cwd = 0;
- char * group = 0;
- char * linkname = 0;
- char * linkprefix = 0;
- char * name = uninit;
- char * owner = 0;
- char * todir = uninit;
- char * toname = uninit;
-
- int bnlen = -1;
- int cc = 0;
- int dodir = 0;
- int dolink = 0;
- int dorelsymlink = 0;
- int dotimes = 0;
- int exists = 0;
- int fromfd = -1;
- int len = -1;
- int lplen = 0;
- int onlydir = 0;
- int opt = -1;
- int tdlen = -1;
- int tofd = -1;
- int wc = -1;
-
- mode_t mode = 0755;
-
- uid_t uid = -1;
- gid_t gid = -1;
-
- struct stat sb;
- struct stat tosb;
- struct utimbuf utb;
- char buf[BUFSIZ];
-
- program = strrchr(argv[0], '/');
- if (!program)
- program = strrchr(argv[0], '\\');
- program = program ? program+1 : argv[0];
-
-
- while ((opt = getopt(argc, argv, "C:DdlL:Rm:o:g:t")) != EOF) {
- switch (opt) {
- case 'C': cwd = optarg; break;
- case 'D': onlydir = 1; break;
- case 'd': dodir = 1; break;
- case 'l': dolink = 1; break;
- case 'L':
- linkprefix = optarg;
- lplen = strlen(linkprefix);
- dolink = 1;
- break;
- case 'R': dolink = dorelsymlink = 1; break;
- case 'm':
- mode = strtoul(optarg, &cp, 8);
- if (mode == 0 && cp == optarg)
- usage();
- break;
- case 'o': owner = optarg; break;
- case 'g': group = optarg; break;
- case 't': dotimes = 1; break;
- default: usage();
- }
- }
-
- argc -= optind;
- argv += optind;
- if (argc < 2 - onlydir)
- usage();
-
- todir = argv[argc-1];
- if ((stat(todir, &sb) < 0 || !S_ISDIR(sb.st_mode)) &&
- mkdirs(todir, 0777) < 0) {
- fail("cannot mkdir -p %s", todir);
- }
- if (onlydir)
- return 0;
-
- if (!cwd) {
- cwd = GETCWD(0, PATH_MAX);
- if (!cwd)
- fail("could not get CWD");
- }
-
- /* make sure we can get into todir. */
- xchdir(todir);
- todir = GETCWD(0, PATH_MAX);
- if (!todir)
- fail("could not get CWD in todir");
- tdlen = strlen(todir);
-
- /* back to original directory. */
- xchdir(cwd);
-
- uid = owner ? touid(owner) : -1;
- gid = group ? togid(group) : -1;
-
- while (--argc > 0) {
- name = *argv++;
- len = strlen(name);
- base = xbasename(name);
- bnlen = strlen(base);
- toname = (char*)xmalloc(tdlen + 1 + bnlen + 1);
- sprintf(toname, "%s/%s", todir, base);
-retry:
- exists = (lstat(toname, &tosb) == 0);
-
- if (dodir) {
- /* -d means create a directory, always */
- if (exists && !S_ISDIR(tosb.st_mode)) {
- int rv = unlink(toname);
- if (rv)
- fail("cannot unlink %s", toname);
- exists = 0;
- }
- if (!exists && mkdir(toname, mode) < 0) {
- /* we probably have two nsinstall programs in a race here. */
- if (errno == EEXIST && !stat(toname, &sb) &&
- S_ISDIR(sb.st_mode)) {
- fprintf(stderr, "directory creation race: %s\n", toname);
- goto retry;
- }
- fail("cannot make directory %s", toname);
- }
- if ((owner || group) && chown(toname, uid, gid) < 0)
- fail("cannot change owner of %s", toname);
- } else if (dolink) {
- if (*name == '/') {
- /* source is absolute pathname, link to it directly */
- linkname = 0;
- } else {
- if (linkprefix) {
- /* -L implies -l and prefixes names with a $cwd arg. */
- len += lplen + 1;
- linkname = (char*)xmalloc(len + 1);
- sprintf(linkname, "%s/%s", linkprefix, name);
- } else if (dorelsymlink) {
- /* Symlink the relative path from todir to source name. */
- linkname = (char*)xmalloc(PATH_MAX);
-
- if (*todir == '/') {
- /* todir is absolute: skip over common prefix. */
- lplen = relatepaths(todir, cwd, linkname);
- strcpy(linkname + lplen, name);
- } else {
- /* todir is named by a relative path: reverse it. */
- reversepath(todir, name, len, linkname);
- xchdir(cwd);
- }
-
- len = strlen(linkname);
- }
- name = linkname;
- }
-
- /* Check for a pre-existing symlink with identical content. */
- if (exists &&
- (!S_ISLNK(tosb.st_mode) ||
- readlink(toname, buf, sizeof buf) != len ||
- strncmp(buf, name, len) != 0)) {
- int rmrv;
- rmrv = (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname);
- if (rmrv < 0) {
- fail("destination exists, cannot remove %s", toname);
- }
- exists = 0;
- }
- if (!exists && symlink(name, toname) < 0) {
- if (errno == EEXIST) {
- fprintf(stderr, "symlink creation race: %s\n", toname);
- goto retry;
- }
- diagnosePath(toname);
- fail("cannot make symbolic link %s", toname);
- }
-#ifdef HAVE_LCHOWN
- if ((owner || group) && lchown(toname, uid, gid) < 0)
- fail("cannot change owner of %s", toname);
-#endif
-
- if (linkname) {
- free(linkname);
- linkname = 0;
- }
- } else {
- /* Copy from name to toname, which might be the same file. */
- fromfd = open(name, O_RDONLY);
- if (fromfd < 0 || fstat(fromfd, &sb) < 0)
- fail("cannot access %s", name);
- if (exists &&
- (!S_ISREG(tosb.st_mode) || access(toname, W_OK) < 0)) {
- int rmrv;
- rmrv = (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname);
- if (rmrv < 0) {
- fail("destination exists, cannot remove %s", toname);
- }
- }
- tofd = open(toname, O_CREAT | O_WRONLY, 0666);
- if (tofd < 0)
- fail("cannot create %s", toname);
-
- bp = buf;
- while ((cc = read(fromfd, bp, sizeof buf)) > 0) {
- while ((wc = write(tofd, bp, cc)) > 0) {
- if ((cc -= wc) == 0)
- break;
- bp += wc;
- }
- if (wc < 0)
- fail("cannot write to %s", toname);
- }
- if (cc < 0)
- fail("cannot read from %s", name);
-
- if (ftruncate(tofd, sb.st_size) < 0)
- fail("cannot truncate %s", toname);
- /*
- ** On OpenVMS we can't chmod() until the file is closed, and we
- ** have to utime() last since fchown/chmod alter the timestamps.
- */
-#ifndef VMS
- if (dotimes) {
- utb.actime = sb.st_atime;
- utb.modtime = sb.st_mtime;
- if (utime(toname, &utb) < 0)
- fail("cannot set times of %s", toname);
- }
-#ifdef HAVE_FCHMOD
- if (fchmod(tofd, mode) < 0)
-#else
- if (chmod(toname, mode) < 0)
-#endif
- fail("cannot change mode of %s", toname);
-#endif
- if ((owner || group) && fchown(tofd, uid, gid) < 0)
- fail("cannot change owner of %s", toname);
-
- /* Must check for delayed (NFS) write errors on close. */
- if (close(tofd) < 0)
- fail("close reports write error on %s", toname);
- close(fromfd);
-#ifdef VMS
- if (chmod(toname, mode) < 0)
- fail("cannot change mode of %s", toname);
- if (dotimes) {
- utb.actime = sb.st_atime;
- utb.modtime = sb.st_mtime;
- if (utime(toname, &utb) < 0)
- fail("cannot set times of %s", toname);
- }
-#endif
- }
-
- free(toname);
- }
-
- free(cwd);
- free(todir);
- return 0;
-}
-
diff --git a/security/coreconf/nsinstall/pathsub.c b/security/coreconf/nsinstall/pathsub.c
deleted file mode 100644
index 9266b48c7..000000000
--- a/security/coreconf/nsinstall/pathsub.c
+++ /dev/null
@@ -1,303 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** Pathname subroutines.
-*/
-#include <assert.h>
-#if defined(FREEBSD) || defined(BSDI) || defined(DARWIN)
-#include <sys/types.h>
-#endif /* FREEBSD */
-#include <dirent.h>
-#include <errno.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "pathsub.h"
-#ifdef USE_REENTRANT_LIBC
-#include "libc_r.h"
-#endif /* USE_REENTRANT_LIBC */
-
-char *program;
-
-void
-fail(char *format, ...)
-{
- int error;
- va_list ap;
-
-#ifdef USE_REENTRANT_LIBC
- R_STRERROR_INIT_R();
-#endif
-
- error = errno;
- fprintf(stderr, "%s: ", program);
- va_start(ap, format);
- vfprintf(stderr, format, ap);
- va_end(ap);
- if (error) {
-
-#ifdef USE_REENTRANT_LIBC
- R_STRERROR_R(errno);
- fprintf(stderr, ": %s", r_strerror_r);
-#else
- fprintf(stderr, ": %s", strerror(errno));
-#endif
- }
-
- putc('\n', stderr);
- abort();
- exit(1);
-}
-
-char *
-getcomponent(char *path, char *name)
-{
- if (*path == '\0')
- return 0;
- if (*path == '/') {
- *name++ = '/';
- } else {
- do {
- *name++ = *path++;
- } while (*path != '/' && *path != '\0');
- }
- *name = '\0';
- while (*path == '/')
- path++;
- return path;
-}
-
-#ifdef UNIXWARE
-/* The static buffer in Unixware's readdir is too small. */
-struct dirent * readdir(DIR *d)
-{
- static struct dirent *buf = NULL;
-#define MAX_PATH_LEN 1024
-
- if (buf == NULL)
- buf = (struct dirent *)xmalloc(sizeof(struct dirent) + MAX_PATH_LEN) ;
- return readdir_r(d, buf);
-}
-#endif
-
-/* APPARENT BUG - ignores argument "dir", uses ".." instead. */
-char *
-ino2name(ino_t ino, char *dir)
-{
- DIR *dp;
- struct dirent *ep;
- char *name;
-
- dp = opendir(".."); /* XXX */
- if (!dp)
- fail("cannot read parent directory");
- for (;;) {
- if (!(ep = readdir(dp)))
- fail("cannot find current directory");
- if (ep->d_ino == ino)
- break;
- }
- name = xstrdup(ep->d_name);
- closedir(dp);
- return name;
-}
-
-void *
-xmalloc(size_t size)
-{
- void *p;
-
- if (size <= 0)
- fail("attempted to allocate %u bytes", size);
- p = malloc(size);
- if (!p)
- fail("cannot allocate %u bytes", size);
- return p;
-}
-
-char *
-xstrdup(char *s)
-{
- if (!s || !s[0])
- fail("Null pointer or empty string passed to xstrdup()");
- return strcpy((char*)xmalloc(strlen(s) + 1), s);
-}
-
-char *
-xbasename(char *path)
-{
- char *cp;
-
- if (!path || !path[0])
- fail("Null pointer or empty string passed to xbasename()");
- while ((cp = strrchr(path, '/')) && cp[1] == '\0')
- *cp = '\0';
- if (!cp) return path;
- return cp + 1;
-}
-
-void
-xchdir(char *dir)
-{
- if (!dir || !dir[0])
- fail("Null pointer or empty string passed to xchdir()");
- if (chdir(dir) < 0)
- fail("cannot change directory to %s", dir);
-}
-
-int
-relatepaths(char *from, char *to, char *outpath)
-{
- char *cp, *cp2;
- int len;
- char buf[NAME_MAX];
-
- assert(*from == '/' && *to == '/');
- if (!from || *from != '/')
- fail("relatepaths: from path does not start with /");
- if (!to || *to != '/')
- fail("relatepaths: to path does not start with /");
-
- for (cp = to, cp2 = from; *cp == *cp2; cp++, cp2++)
- if (*cp == '\0')
- break;
- while (cp[-1] != '/')
- cp--, cp2--;
- if (cp - 1 == to) {
- /* closest common ancestor is /, so use full pathname */
- len = strlen(strcpy(outpath, to));
- if (outpath[len] != '/') {
- outpath[len++] = '/';
- outpath[len] = '\0';
- }
- } else {
- len = 0;
- while ((cp2 = getcomponent(cp2, buf)) != 0) {
- strcpy(outpath + len, "../");
- len += 3;
- }
- while ((cp = getcomponent(cp, buf)) != 0) {
- sprintf(outpath + len, "%s/", buf);
- len += strlen(outpath + len);
- }
- }
- return len;
-}
-
-void
-reversepath(char *inpath, char *name, int len, char *outpath)
-{
- char *cp, *cp2;
- char buf[NAME_MAX];
- struct stat sb;
-
- cp = strcpy(outpath + PATH_MAX - (len + 1), name);
- cp2 = inpath;
- while ((cp2 = getcomponent(cp2, buf)) != 0) {
- if (strcmp(buf, ".") == 0)
- continue;
- if (strcmp(buf, "..") == 0) {
- if (stat(".", &sb) < 0)
- fail("cannot stat current directory");
- name = ino2name(sb.st_ino, "..");
- len = strlen(name);
- cp -= len + 1;
- strcpy(cp, name);
- cp[len] = '/';
- free(name);
- xchdir("..");
- } else {
- cp -= 3;
- strncpy(cp, "../", 3);
- xchdir(buf);
- }
- }
- strcpy(outpath, cp);
-}
-
-void
-diagnosePath(const char * path)
-{
- char * myPath;
- char * slash;
- int rv;
- struct stat sb;
- char buf[BUFSIZ];
-
- if (!path || !path[0])
- fail("Null pointer or empty string passed to mkdirs()");
- myPath = strdup(path);
- if (!myPath)
- fail("strdup() failed!");
- do {
- rv = lstat(myPath, &sb);
- if (rv < 0) {
- perror(myPath);
- } else if (S_ISLNK(sb.st_mode)) {
- rv = readlink(myPath, buf, sizeof buf);
- if (rv < 0) {
- perror("readlink");
- buf[0] = 0;
- } else {
- buf[rv] = 0;
- }
- fprintf(stderr, "%s is a link to %s\n", myPath, buf);
- } else if (S_ISDIR(sb.st_mode)) {
- fprintf(stderr, "%s is a directory\n", myPath);
- rv = access(myPath, X_OK);
- if (rv < 0) {
- fprintf(stderr, "%s: no search permission\n", myPath);
- }
- } else {
- fprintf(stderr, "%s is a file !?!\n", myPath);
- rv = access(myPath, F_OK);
- if (rv < 0) {
- fprintf(stderr, "%s does not exist\n", myPath);
- }
- }
-
- /* chop path off one level. */
- slash = strrchr(myPath, '/');
- if (!slash)
- slash = strrchr(myPath, '\\');
- if (!slash)
- slash = myPath;
- *slash = 0;
- } while (myPath[0]);
- free(myPath);
-}
diff --git a/security/coreconf/nsinstall/pathsub.h b/security/coreconf/nsinstall/pathsub.h
deleted file mode 100644
index 718c2206f..000000000
--- a/security/coreconf/nsinstall/pathsub.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef pathsub_h___
-#define pathsub_h___
-/*
-** Pathname subroutines.
-**
-** Brendan Eich, 8/29/95
-*/
-#include <limits.h>
-#include <sys/types.h>
-
-#if SUNOS4
-#include "sunos4.h"
-#endif
-
-#ifndef PATH_MAX
-#define PATH_MAX 1024
-#endif
-
-/*
- * Just keep sane lengths
- */
-#undef NAME_MAX
-#define NAME_MAX 256
-
-extern char *program;
-
-extern void fail(char *format, ...);
-extern char *getcomponent(char *path, char *name);
-extern char *ino2name(ino_t ino, char *dir);
-extern void *xmalloc(size_t size);
-extern char *xstrdup(char *s);
-extern char *xbasename(char *path);
-extern void xchdir(char *dir);
-
-/* Relate absolute pathnames from and to returning the result in outpath. */
-extern int relatepaths(char *from, char *to, char *outpath);
-
-/* NOTE: changes current working directory -- caveat emptor */
-extern void reversepath(char *inpath, char *name, int len, char *outpath);
-
-/* stats every directory in path, reports results. */
-extern void diagnosePath(const char * path);
-
-#endif /* pathsub_h___ */
diff --git a/security/coreconf/nsinstall/sunos4.h b/security/coreconf/nsinstall/sunos4.h
deleted file mode 100644
index 9bdae872c..000000000
--- a/security/coreconf/nsinstall/sunos4.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
- */
-
-#ifndef pr_sunos4_h___
-#define pr_sunos4_h___
-
-#ifndef SVR4
-
-/*
-** Hodge podge of random missing prototypes for the Sunos4 system
-*/
-#include <stdio.h>
-#include <stdarg.h>
-#include <time.h>
-#include <limits.h>
-#include <sys/types.h>
-
-#define PATH_MAX _POSIX_PATH_MAX
-
-struct timeval;
-struct timezone;
-struct itimerval;
-struct sockaddr;
-struct stat;
-struct tm;
-
-/* ctype.h */
-extern int tolower(int);
-extern int toupper(int);
-
-/* errno.h */
-extern char *sys_errlist[];
-extern int sys_nerr;
-
-#define strerror(e) sys_errlist[((unsigned)(e) < sys_nerr) ? e : 0]
-
-extern void perror(const char *);
-
-/* getopt */
-extern char *optarg;
-extern int optind;
-extern int getopt(int argc, char **argv, char *spec);
-
-/* math.h */
-extern int srandom(long val);
-extern long random(void);
-
-/* memory.h */
-#define memmove(to,from,len) bcopy((char*)(from),(char*)(to),len)
-
-extern void bcopy(const char *, char *, int);
-
-/* signal.h */
-/*
-** SunOS4 sigaction hides interrupts by default, so we can safely define
-** SA_RESTART to 0 (HP-UX is a counter-example -- its sigaction does not
-** hide interrupts but lacks an SA_RESTART option; you must use sigvector
-** and tweak the sigcontext from within each signal handler!).
-*/
-#define SA_RESTART 0
-#define SA_SIGINFO 0
-
-/* stdio.h */
-extern int printf(const char *, ...);
-extern int fprintf(FILE *, const char *, ...);
-extern int vprintf(const char *, va_list);
-extern int vfprintf(FILE *, const char *, va_list);
-extern char *vsprintf(char *, const char *, va_list);
-extern int scanf(const char *, ...);
-extern int sscanf(const char *, const char *, ...);
-extern int fscanf(FILE *, const char *, ...);
-extern int fgetc(FILE *);
-extern int fputc(int, FILE *);
-extern int fputs(const char *, FILE *);
-extern int puts(const char *);
-extern int fread(void *, size_t, size_t, FILE *);
-extern int fwrite(const char *, int, int, FILE *);
-extern int fseek(FILE *, long, int);
-extern long ftell(FILE *);
-extern int rewind(FILE *);
-extern int fflush(FILE *);
-extern int _flsbuf(unsigned char, FILE *);
-extern int fclose(FILE *);
-extern int remove(const char *);
-extern int setvbuf(FILE *, char *, int, size_t);
-extern int system(const char *);
-extern FILE *popen(const char *, const char *);
-extern int pclose(FILE *);
-
-/* stdlib.h */
-#define strtoul strtol
-
-extern int isatty(int fildes);
-extern long strtol(const char *, char **, int);
-extern int putenv(const char *);
-extern void srand48(long);
-extern long lrand48(void);
-extern double drand48(void);
-
-/* string.h */
-extern int strcasecmp(const char *, const char *);
-extern int strncasecmp(const char *, const char *, size_t);
-extern int strcoll(const char *, const char *);
-
-/* time.h */
-extern time_t mktime(struct tm *);
-extern size_t strftime(char *, size_t, const char *, const struct tm *);
-extern int gettimeofday(struct timeval *, struct timezone *);
-extern int setitimer(int, struct itimerval *, struct itimerval *);
-extern time_t time(time_t *);
-extern time_t timegm(struct tm *);
-extern struct tm *localtime(const time_t *);
-extern struct tm *gmtime(const time_t *);
-
-/* unistd.h */
-extern int rename(const char *, const char *);
-extern int ioctl(int, int, int *arg);
-extern int connect(int, struct sockaddr *, int);
-extern int readlink(const char *, char *, int);
-extern int symlink(const char *, const char *);
-extern int ftruncate(int, off_t);
-extern int fchmod(int, mode_t);
-extern int fchown(int, uid_t, gid_t);
-extern int lstat(const char *, struct stat *);
-extern int fstat(int, struct stat *);
-extern int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
-extern int gethostname(char *, int);
-extern char *getwd(char *);
-extern int getpagesize(void);
-
-#endif /* SVR4 */
-
-#endif /* pr_sunos4_h___ */
diff --git a/security/coreconf/outofdate.pl b/security/coreconf/outofdate.pl
deleted file mode 100755
index 1044639e8..000000000
--- a/security/coreconf/outofdate.pl
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#Input: [-d dir] foo1.java foo2.java
-#Compares with: foo1.class foo2.class (if -d specified, checks in 'dir',
-# otherwise assumes .class files in same directory as .java files)
-#Returns: list of input arguments which are newer than corresponding class
-#files (non-existant class files are considered to be real old :-)
-
-$found = 1;
-
-if ($ARGV[0] eq '-d') {
- $classdir = $ARGV[1];
- $classdir .= "/";
- shift;
- shift;
-} else {
- $classdir = "./";
-}
-
-foreach $filename (@ARGV) {
- $classfilename = $classdir;
- $classfilename .= $filename;
- $classfilename =~ s/.java$/.class/;
- ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,
- $ctime,$blksize,$blocks) = stat($filename);
- ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$classmtime,
- $ctime,$blksize,$blocks) = stat($classfilename);
-# print $filename, " ", $mtime, ", ", $classfilename, " ", $classmtime, "\n";
- if ($mtime > $classmtime) {
- print $filename, " ";
- $found = 0;
- }
-}
-
-print "\n";
diff --git a/security/coreconf/prefix.mk b/security/coreconf/prefix.mk
deleted file mode 100644
index efcdd3c44..000000000
--- a/security/coreconf/prefix.mk
+++ /dev/null
@@ -1,72 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" for computing program prefixes #
-#######################################################################
-
-#
-# Object prefixes
-#
-
-ifndef OBJ_PREFIX
- OBJ_PREFIX =
-endif
-
-#
-# Library suffixes
-#
-
-ifndef LIB_PREFIX
- LIB_PREFIX = lib
-endif
-
-
-ifndef DLL_PREFIX
- DLL_PREFIX = lib
-endif
-
-
-ifndef IMPORT_LIB_PREFIX
- IMPORT_LIB_PREFIX =
-endif
-
-#
-# Program prefixes
-#
-
-ifndef PROG_PREFIX
- PROG_PREFIX =
-endif
-
-MK_PREFIX = included
diff --git a/security/coreconf/release.pl b/security/coreconf/release.pl
deleted file mode 100755
index 34df755e2..000000000
--- a/security/coreconf/release.pl
+++ /dev/null
@@ -1,129 +0,0 @@
-#! /usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-require('coreconf.pl');
-
-#######-- read in variables on command line into %var
-
-$var{ZIP} = "zip";
-
-&parse_argv;
-
-
-######-- Do the packaging of jars.
-
-foreach $jarfile (split(/ /,$var{FILES}) ) {
- print STDERR "---------------------------------------------\n";
- print STDERR "Packaging jar file $jarfile....\n";
-
- $jarinfo = $var{$jarfile};
-
- ($jardir,$jaropts) = split(/\|/,$jarinfo);
-
- $zipoptions = "-T";
- if ($jaropts =~ /a/) {
- if ($var{OS_ARCH} eq 'WINNT') {
- $zipoptions .= ' -ll';
- }
- }
-
-# just in case the directory ends in a /, remove it
- if ($jardir =~ /\/$/) {
- chop $jardir;
- }
-
- $dirdepth --;
-
- print STDERR "jardir = $jardir\n";
- system("ls $jardir");
-
- if (-d $jardir) {
-
-
-# count the number of slashes
-
- $slashes =0;
-
- foreach $i (split(//,$jardir)) {
- if ($i =~ /\//) {
- $slashes++;
- }
- }
-
- $dotdots =0;
-
- foreach $i (split(m|/|,$jardir)) {
- if ($i eq '..') {
- $dotdots ++;
- }
- }
-
- $dirdepth = ($slashes +1) - (2*$dotdots);
-
- print STDERR "changing dir $jardir\n";
- chdir($jardir);
- print STDERR "making dir META-INF\n";
- mkdir("META-INF",0755);
-
- $filelist = "";
- opendir(DIR,".");
- while ($_ = readdir(DIR)) {
- if (! ( ($_ eq '.') || ($_ eq '..'))) {
- if ( $jaropts =~ /i/) {
- if (! /^include$/) {
- $filelist .= "$_ ";
- }
- }
- else {
- $filelist .= "$_ ";
- }
- }
- }
- closedir(DIR);
-
- print STDERR "zip $zipoptions -r $jarfile $filelist\n";
- system("zip $zipoptions -r $jarfile $filelist");
- rmdir("META-INF");
- for $i (1 .. $dirdepth) {
- chdir("..");
- print STDERR "chdir ..\n";
- }
- }
- else {
- print STDERR "Directory $jardir doesn't exist\n";
- }
-
-}
-
diff --git a/security/coreconf/rules.mk b/security/coreconf/rules.mk
deleted file mode 100644
index ff380d472..000000000
--- a/security/coreconf/rules.mk
+++ /dev/null
@@ -1,973 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-### ###
-### R U L E S O F E N G A G E M E N T ###
-### ###
-#######################################################################
-
-#######################################################################
-# Double-Colon rules for utilizing the binary release model. #
-#######################################################################
-
-all:: export libs
-
-ifeq ($(AUTOCLEAN),1)
-autobuild:: clean export private_export libs program install
-else
-autobuild:: export private_export libs program install
-endif
-
-platform::
- @echo $(OBJDIR_NAME)
-
-ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
-USE_NT_C_SYNTAX=1
-endif
-
-ifdef XP_OS2_VACPP
-USE_NT_C_SYNTAX=1
-endif
-
-#
-# IMPORTS will always be associated with a component. Therefore,
-# the "import" rule will always change directory to the top-level
-# of a component, and traverse the IMPORTS keyword from the
-# "manifest.mn" file located at this level only.
-#
-# note: if there is a trailing slash, the component will be appended
-# (see import.pl - only used for xpheader.jar)
-
-import::
- @echo "== import.pl =="
- @perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/coreconf/import.pl \
- "RELEASE_TREE=$(RELEASE_TREE)" \
- "IMPORTS=$(IMPORTS)" \
- "VERSION=$(VERSION)" \
- "OS_ARCH=$(OS_ARCH)" \
- "PLATFORM=$(PLATFORM)" \
- "OVERRIDE_IMPORT_CHECK=$(OVERRIDE_IMPORT_CHECK)" \
- "ALLOW_VERSION_OVERRIDE=$(ALLOW_VERSION_OVERRIDE)" \
- "SOURCE_RELEASE_PREFIX=$(SOURCE_RELEASE_XP_DIR)" \
- "SOURCE_MD_DIR=$(SOURCE_MD_DIR)" \
- "SOURCE_XP_DIR=$(SOURCE_XP_DIR)" \
- "FILES=$(IMPORT_XPCLASS_JAR) $(XPHEADER_JAR) $(MDHEADER_JAR) $(MDBINARY_JAR)" \
- "$(IMPORT_XPCLASS_JAR)=$(IMPORT_XP_DIR)|$(IMPORT_XPCLASS_DIR)|" \
- "$(XPHEADER_JAR)=$(IMPORT_XP_DIR)|$(SOURCE_XP_DIR)/public/|v" \
- "$(MDHEADER_JAR)=$(IMPORT_MD_DIR)|$(SOURCE_MD_DIR)/include|" \
- "$(MDBINARY_JAR)=$(IMPORT_MD_DIR)|$(SOURCE_MD_DIR)|"
-# On Mac OS X ranlib needs to be rerun after static libs are moved.
-ifeq ($(OS_TARGET),Darwin)
- find $(SOURCE_MD_DIR)/lib -name "*.a" -exec $(RANLIB) {} \;
-endif
-
-export::
- +$(LOOP_OVER_DIRS)
-
-private_export::
- +$(LOOP_OVER_DIRS)
-
-release_export::
- +$(LOOP_OVER_DIRS)
-
-release_classes::
- +$(LOOP_OVER_DIRS)
-
-libs program install:: $(TARGETS)
-ifdef LIBRARY
- $(INSTALL) -m 664 $(LIBRARY) $(SOURCE_LIB_DIR)
-endif
-ifdef SHARED_LIBRARY
- $(INSTALL) -m 775 $(SHARED_LIBRARY) $(SOURCE_LIB_DIR)
-endif
-ifdef IMPORT_LIBRARY
- $(INSTALL) -m 775 $(IMPORT_LIBRARY) $(SOURCE_LIB_DIR)
-endif
-ifdef PROGRAM
- $(INSTALL) -m 775 $(PROGRAM) $(SOURCE_BIN_DIR)
-endif
-ifdef PROGRAMS
- $(INSTALL) -m 775 $(PROGRAMS) $(SOURCE_BIN_DIR)
-endif
- +$(LOOP_OVER_DIRS)
-
-tests::
- +$(LOOP_OVER_DIRS)
-
-clean clobber::
- rm -rf $(ALL_TRASH)
- +$(LOOP_OVER_DIRS)
-
-realclean clobber_all::
- rm -rf $(wildcard *.OBJ) dist $(ALL_TRASH)
- +$(LOOP_OVER_DIRS)
-
-#ifdef ALL_PLATFORMS
-#all_platforms:: $(NFSPWD)
-# @d=`$(NFSPWD)`; \
-# if test ! -d LOGS; then rm -rf LOGS; mkdir LOGS; fi; \
-# for h in $(PLATFORM_HOSTS); do \
-# echo "On $$h: $(MAKE) $(ALL_PLATFORMS) >& LOGS/$$h.log";\
-# rsh $$h -n "(chdir $$d; \
-# $(MAKE) $(ALL_PLATFORMS) >& LOGS/$$h.log; \
-# echo DONE) &" 2>&1 > LOGS/$$h.pid & \
-# sleep 1; \
-# done
-#
-#$(NFSPWD):
-# cd $(@D); $(MAKE) $(@F)
-#endif
-
-#######################################################################
-# Double-Colon rules for populating the binary release model. #
-#######################################################################
-
-
-release_clean::
- rm -rf $(SOURCE_XP_DIR)/release/$(RELEASE_MD_DIR)
-
-release:: release_clean release_export release_classes release_policy release_md release_jars release_cpdistdir
-
-release_cpdistdir::
- @echo "== cpdist.pl =="
- @perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/coreconf/cpdist.pl \
- "RELEASE_TREE=$(RELEASE_TREE)" \
- "CORE_DEPTH=$(CORE_DEPTH)" \
- "MODULE=${MODULE}" \
- "OS_ARCH=$(OS_ARCH)" \
- "RELEASE=$(RELEASE)" \
- "PLATFORM=$(PLATFORM)" \
- "RELEASE_VERSION=$(RELEASE_VERSION)" \
- "SOURCE_RELEASE_PREFIX=$(SOURCE_RELEASE_XP_DIR)" \
- "RELEASE_XP_DIR=$(RELEASE_XP_DIR)" \
- "RELEASE_MD_DIR=$(RELEASE_MD_DIR)" \
- "FILES=$(XPCLASS_JAR) $(XPCLASS_DBG_JAR) $(XPHEADER_JAR) $(MDHEADER_JAR) $(MDBINARY_JAR) XP_FILES MD_FILES" \
- "$(XPCLASS_JAR)=$(SOURCE_RELEASE_CLASSES_DIR)|x"\
- "$(XPCLASS_DBG_JAR)=$(SOURCE_RELEASE_CLASSES_DBG_DIR)|x"\
- "$(XPHEADER_JAR)=$(SOURCE_RELEASE_XPHEADERS_DIR)|x" \
- "$(MDHEADER_JAR)=$(SOURCE_RELEASE_MDHEADERS_DIR)|m" \
- "$(MDBINARY_JAR)=$(SOURCE_RELEASE_MD_DIR)|m" \
- "XP_FILES=$(XP_FILES)|xf" \
- "MD_FILES=$(MD_FILES)|mf"
-
-
-# $(SOURCE_RELEASE_xxx_JAR) is a name like yyy.jar
-# $(SOURCE_RELEASE_xx_DIR) is a name like
-
-release_jars::
- @echo "== release.pl =="
- @perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/coreconf/release.pl \
- "RELEASE_TREE=$(RELEASE_TREE)" \
- "PLATFORM=$(PLATFORM)" \
- "OS_ARCH=$(OS_ARCH)" \
- "RELEASE_VERSION=$(RELEASE_VERSION)" \
- "SOURCE_RELEASE_DIR=$(SOURCE_RELEASE_DIR)" \
- "FILES=$(XPCLASS_JAR) $(XPCLASS_DBG_JAR) $(XPHEADER_JAR) $(MDHEADER_JAR) $(MDBINARY_JAR)" \
- "$(XPCLASS_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DIR)|b"\
- "$(XPCLASS_DBG_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DBG_DIR)|b"\
- "$(XPHEADER_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_XPHEADERS_DIR)|a" \
- "$(MDHEADER_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_MDHEADERS_DIR)|a" \
- "$(MDBINARY_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_MD_DIR)|bi"
-
-# Rules for releasing classes.
-# We have to do some REALLY gross stuff to deal with multiple classes in one
-# file, as well as nested classes, which have a filename of the form
-# ContainingClass$NestedClass.class.
-# RELEASE_CLASSES simply performs a required patsubst on CLASSES
-# RELEASE_CLASS_PATH is RELEASE_CLASSES with the path (in ns/dist) prepended
-# RELEASE_NESTED is all the nested classes in RELEASE_CLASS_PATH. We use a
-# foreach and wildcard to get all the files that start out like one of the
-# class files, then have a $. So, for each class file, we look for file$*
-# RELEASE_FILES is the combination of RELEASE_NESTED and the class files
-# specified by RELEASE_CLASSES which have .class appended to them. Note that
-# the RELEASE_NESTED don't need to have .class appended because they were
-# read in from the wildcard as complete filenames.
-#
-# The _DBG versions are the debuggable ones.
-ifneq ($(CLASSES),)
-
-RELEASE_CLASSES := $(patsubst %,%,$(CLASSES))
-
-ifdef BUILD_OPT
- RELEASE_CLASS_PATH := $(patsubst %,$(SOURCE_CLASSES_DIR)/$(PACKAGE)/%, $(RELEASE_CLASSES))
- RELEASE_NESTED := $(foreach file,$(RELEASE_CLASS_PATH),$(wildcard $(file)$$*))
- RELEASE_FILES := $(patsubst %,%.class,$(RELEASE_CLASS_PATH)) $(RELEASE_NESTED)
-else
- RELEASE_DBG_CLASS_PATH:= $(patsubst %,$(SOURCE_CLASSES_DBG_DIR)/$(PACKAGE)/%, $(RELEASE_CLASSES))
- RELEASE_DBG_NESTED := $(foreach file,$(RELEASE_DBG_CLASS_PATH),$(wildcard $(file)$$*))
- RELEASE_DBG_FILES := $(patsubst %,%.class,$(RELEASE_DBG_CLASS_PATH)) $(RELEASE_DBG_NESTED)
-endif
-
-# Substitute \$ for $ so the shell doesn't choke
-ifdef BUILD_OPT
-release_classes::
- $(INSTALL) -m 444 $(subst $$,\$$,$(RELEASE_FILES)) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DIR)/$(PACKAGE)
-else
-release_classes::
- $(INSTALL) -m 444 $(subst $$,\$$,$(RELEASE_DBG_FILES)) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DBG_DIR)/$(PACKAGE)
-endif
-
-endif
-
-release_policy::
- +$(LOOP_OVER_DIRS)
-
-ifndef NO_MD_RELEASE
- ifdef LIBRARY
- MD_LIB_RELEASE_FILES += $(LIBRARY)
- endif
- ifdef SHARED_LIBRARY
- MD_LIB_RELEASE_FILES += $(SHARED_LIBRARY)
- endif
- ifdef IMPORT_LIBRARY
- MD_LIB_RELEASE_FILES += $(IMPORT_LIBRARY)
- endif
- ifdef PROGRAM
- MD_BIN_RELEASE_FILES += $(PROGRAM)
- endif
- ifdef PROGRAMS
- MD_BIN_RELEASE_FILES += $(PROGRAMS)
- endif
-endif
-
-release_md::
-ifneq ($(MD_LIB_RELEASE_FILES),)
- $(INSTALL) -m 444 $(MD_LIB_RELEASE_FILES) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)
-endif
-ifneq ($(MD_BIN_RELEASE_FILES),)
- $(INSTALL) -m 555 $(MD_BIN_RELEASE_FILES) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_BIN_DIR)
-endif
- +$(LOOP_OVER_DIRS)
-
-
-alltags:
- rm -f TAGS
- find . -name dist -prune -o \( -name '*.[hc]' -o -name '*.cp' -o -name '*.cpp' \) -print | xargs etags -a
- find . -name dist -prune -o \( -name '*.[hc]' -o -name '*.cp' -o -name '*.cpp' \) -print | xargs ctags -a
-
-ifdef XP_OS2_VACPP
-# list of libs (such as -lnspr4) do not work for our compiler
-# change it to be $(DIST)/lib/nspr4.lib
-EXTRA_SHARED_LIBS := $(filter-out -L%,$(EXTRA_SHARED_LIBS))
-EXTRA_SHARED_LIBS := $(patsubst -l%,$(DIST)/lib/%.$(LIB_SUFFIX),$(EXTRA_SHARED_LIBS))
-endif
-
-$(PROGRAM): $(OBJS) $(EXTRA_LIBS)
- @$(MAKE_OBJDIR)
-ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
- $(MKPROG) $(subst /,\\,$(OBJS)) -Fe$@ -link $(LDFLAGS) $(subst /,\\,$(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS))
-else
-ifdef XP_OS2_VACPP
- $(MKPROG) -Fe$@ $(CFLAGS) $(OBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)
-else
- $(MKPROG) -o $@ $(CFLAGS) $(OBJS) $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)
-endif
-endif
-
-get_objs:
- @echo $(OBJS)
-
-$(LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- $(AR) $(subst /,\\,$(OBJS))
-else
- $(AR) $(OBJS)
-endif
- $(RANLIB) $@
-
-
-ifeq ($(OS_TARGET),OS2)
-$(IMPORT_LIBRARY): $(MAPFILE)
- rm -f $@
- $(IMPLIB) $@ $(MAPFILE)
- $(RANLIB) $@
-endif
-
-ifdef SHARED_LIBRARY_LIBS
-ifdef BUILD_TREE
-SUB_SHLOBJS = $(foreach dir,$(SHARED_LIBRARY_DIRS),$(shell $(MAKE) -C $(dir) --no-print-directory get_objs))
-else
-SUB_SHLOBJS = $(foreach dir,$(SHARED_LIBRARY_DIRS),$(addprefix $(dir)/,$(shell $(MAKE) -C $(dir) --no-print-directory get_objs)))
-endif
-endif
-
-$(SHARED_LIBRARY): $(OBJS) $(RES) $(MAPFILE) $(SUB_SHLOBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
- echo "#!" > $(OBJDIR)/lib$(LIBRARY_NAME)_syms
- nm -B -C -g $(OBJS) \
- | awk '/ [T,D] / {print $$3}' \
- | sed -e 's/^\.//' \
- | sort -u >> $(OBJDIR)/lib$(LIBRARY_NAME)_syms
- $(LD) $(XCFLAGS) -o $@ $(OBJS) -bE:$(OBJDIR)/lib$(LIBRARY_NAME)_syms \
- -bM:SRE -bnoentry $(OS_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS)
-else
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-ifdef NS_USE_GCC
- $(LINK_DLL) $(OBJS) $(SUB_SHLOBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) $(LD_LIBS) $(RES)
-else
- $(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJS) $(SUB_SHLOBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) $(LD_LIBS) $(RES))
-endif
-else
-ifdef XP_OS2_VACPP
- $(MKSHLIB) $(DLLFLAGS) $(LDFLAGS) $(OBJS) $(SUB_SHLOBJS) $(LD_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS)
-else
- $(MKSHLIB) -o $@ $(OBJS) $(SUB_SHLOBJS) $(LD_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS)
-endif
- chmod +x $@
-ifeq ($(OS_TARGET),Darwin)
-ifdef MAPFILE
- nmedit -s $(MAPFILE) $@
-endif
-endif
-endif
-endif
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-$(RES): $(RESNAME)
- @$(MAKE_OBJDIR)
-# The resource compiler does not understand the -U option.
-ifdef NS_USE_GCC
- $(RC) $(filter-out -U%,$(DEFINES)) $(INCLUDES:-I%=--include-dir %) -o $@ $<
-else
- $(RC) $(filter-out -U%,$(DEFINES)) $(INCLUDES) -Fo$@ $<
-endif
- @echo $(RES) finished
-endif
-
-$(MAPFILE): $(LIBRARY_NAME).def
- @$(MAKE_OBJDIR)
- $(PROCESS_MAP_FILE)
-
-
-$(OBJDIR)/$(PROG_PREFIX)%$(PROG_SUFFIX): $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX)
- @$(MAKE_OBJDIR)
-ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
- $(MKPROG) $(OBJDIR)/$(PROG_PREFIX)$*$(OBJ_SUFFIX) -Fe$@ -link \
- $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)
-else
- $(MKPROG) -o $@ $(OBJDIR)/$(PROG_PREFIX)$*$(OBJ_SUFFIX) \
- $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)
-endif
-
-WCCFLAGS1 := $(subst /,\\,$(CFLAGS))
-WCCFLAGS2 := $(subst -I,-i=,$(WCCFLAGS1))
-WCCFLAGS3 := $(subst -D,-d,$(WCCFLAGS2))
-
-# Translate source filenames to absolute paths. This is required for
-# debuggers under Windows & OS/2 to find source files automatically
-
-ifeq (,$(filter-out OS2%,$(OS_TARGET)))
-NEED_ABSOLUTE_PATH := 1
-PWD := $(shell pwd)
-endif
-
-ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
-NEED_ABSOLUTE_PATH := 1
-ifeq (,$(findstring ;,$(PATH)))
-PWD := $(subst \,/,$(shell cygpath -w `pwd`))
-else
-PWD := $(shell pwd)
-endif
-endif
-
-ifdef NEED_ABSOLUTE_PATH
-abspath = $(if $(findstring :,$(1)),$(1),$(if $(filter /%,$(1)),$(1),$(PWD)/$(1)))
-else
-abspath = $(1)
-endif
-
-$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.c
- @$(MAKE_OBJDIR)
-ifdef USE_NT_C_SYNTAX
- $(CC) -Fo$@ -c $(CFLAGS) $(call abspath,$<)
-else
-ifdef NEED_ABSOLUTE_PATH
- $(CC) -o $@ -c $(CFLAGS) $(call abspath,$<)
-else
- $(CC) -o $@ -c $(CFLAGS) $<
-endif
-endif
-
-$(PROG_PREFIX)%$(OBJ_SUFFIX): %.c
-ifdef USE_NT_C_SYNTAX
- $(CC) -Fo$@ -c $(CFLAGS) $(call abspath,$<)
-else
-ifdef NEED_ABSOLUTE_PATH
- $(CC) -o $@ -c $(CFLAGS) $(call abspath,$<)
-else
- $(CC) -o $@ -c $(CFLAGS) $<
-endif
-endif
-
-ifndef XP_OS2_VACPP
-ifneq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
-$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.s
- @$(MAKE_OBJDIR)
- $(AS) -o $@ $(ASFLAGS) -c $<
-endif
-endif
-
-$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.asm
- @$(MAKE_OBJDIR)
-ifdef XP_OS2_VACPP
- $(AS) -Fdo:$(OBJDIR) $(ASFLAGS) $(subst /,\\,$<)
-else
- $(AS) -Fo$@ $(ASFLAGS) -c $<
-endif
-
-$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.S
- @$(MAKE_OBJDIR)
- $(AS) -o $@ $(ASFLAGS) -c $<
-
-$(OBJDIR)/$(PROG_PREFIX)%: %.cpp
- @$(MAKE_OBJDIR)
-ifdef USE_NT_C_SYNTAX
- $(CCC) -Fo$@ -c $(CFLAGS) $(call abspath,$<)
-else
-ifdef NEED_ABSOLUTE_PATH
- $(CCC) -o $@ -c $(CFLAGS) $(call abspath,$<)
-else
- $(CCC) -o $@ -c $(CFLAGS) $<
-endif
-endif
-
-#
-# Please keep the next two rules in sync.
-#
-$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.cc
- @$(MAKE_OBJDIR)
- $(CCC) -o $@ -c $(CFLAGS) $<
-
-$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.cpp
- @$(MAKE_OBJDIR)
-ifdef STRICT_CPLUSPLUS_SUFFIX
- echo "#line 1 \"$<\"" | cat - $< > $(OBJDIR)/t_$*.cc
- $(CCC) -o $@ -c $(CFLAGS) $(OBJDIR)/t_$*.cc
- rm -f $(OBJDIR)/t_$*.cc
-else
-ifdef USE_NT_C_SYNTAX
- $(CCC) -Fo$@ -c $(CFLAGS) $(call abspath,$<)
-else
-ifdef NEED_ABSOLUTE_PATH
- $(CCC) -o $@ -c $(CFLAGS) $(call abspath,$<)
-else
- $(CCC) -o $@ -c $(CFLAGS) $<
-endif
-endif
-endif #STRICT_CPLUSPLUS_SUFFIX
-
-%.i: %.cpp
- $(CCC) -C -E $(CFLAGS) $< > $*.i
-
-%.i: %.c
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- $(CC) -C /P $(CFLAGS) $<
-else
- $(CC) -C -E $(CFLAGS) $< > $*.i
-endif
-
-ifneq (,$(filter-out WIN%,$(OS_TARGET)))
-%.i: %.s
- $(CC) -C -E $(CFLAGS) $< > $*.i
-endif
-
-%: %.pl
- rm -f $@; cp $*.pl $@; chmod +x $@
-
-%: %.sh
- rm -f $@; cp $*.sh $@; chmod +x $@
-
-ifdef DIRS
-$(DIRS)::
- @if test -d $@; then \
- set $(EXIT_ON_ERROR); \
- echo "cd $@; $(MAKE)"; \
- cd $@; $(MAKE); \
- set +e; \
- else \
- echo "Skipping non-directory $@..."; \
- fi; \
- $(CLICK_STOPWATCH)
-endif
-
-################################################################################
-# Bunch of things that extend the 'export' rule (in order):
-################################################################################
-
-$(JAVA_DESTPATH) $(JAVA_DESTPATH)/$(PACKAGE) $(JMCSRCDIR)::
- @if test ! -d $@; then \
- echo Creating $@; \
- rm -rf $@; \
- $(NSINSTALL) -D $@; \
- fi
-
-################################################################################
-## IDL_GEN
-
-ifneq ($(IDL_GEN),)
-
-#export::
-# $(IDL2JAVA) $(IDL_GEN)
-
-#all:: export
-
-#clobber::
-# rm -f $(IDL_GEN:.idl=.class) # XXX wrong!
-
-endif
-
-################################################################################
-### JSRCS -- for compiling java files
-###
-### NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined,
-### replace $(CORE_DEPTH) with $(NETLIBDEPTH).
-###
-
-ifneq ($(JSRCS),)
-ifneq ($(JAVAC),)
-ifdef NETLIBDEPTH
- CORE_DEPTH := $(NETLIBDEPTH)
-endif
-
-JAVA_EXPORT_SRCS=$(shell perl $(CORE_DEPTH)/coreconf/outofdate.pl $(PERLARG) -d $(JAVA_DESTPATH)/$(PACKAGE) $(JSRCS) $(PRIVATE_JSRCS))
-
-export:: $(JAVA_DESTPATH) $(JAVA_DESTPATH)/$(PACKAGE)
-ifneq ($(JAVA_EXPORT_SRCS),)
- $(JAVAC) $(JAVA_EXPORT_SRCS)
-endif
-
-all:: export
-
-clobber::
- rm -f $(SOURCE_XP_DIR)/classes/$(PACKAGE)/*.class
-
-endif
-endif
-
-#
-# JDIRS -- like JSRCS, except you can give a list of directories and it will
-# compile all the out-of-date java files in those directories.
-#
-# NOTE: recursing through these can speed things up, but they also cause
-# some builds to run out of memory
-#
-# NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined,
-# replace $(CORE_DEPTH) with $(NETLIBDEPTH).
-#
-ifdef JDIRS
-ifneq ($(JAVAC),)
-ifdef NETLIBDEPTH
- CORE_DEPTH := $(NETLIBDEPTH)
-endif
-
-# !!!!! THIS WILL CRASH SHMSDOS.EXE !!!!!
-# shmsdos does not support shell variables. It will crash when it tries
-# to parse the '=' character. A solution is to rewrite outofdate.pl so it
-# takes the Javac command as an argument and executes the command itself,
-# instead of returning a list of files.
-export:: $(JAVA_DESTPATH) $(JAVA_DESTPATH)/$(PACKAGE)
- @echo "!!! THIS COMMAND IS BROKEN ON WINDOWS--SEE rules.mk FOR DETAILS !!!"
- return -1
- @for d in $(JDIRS); do \
- if test -d $$d; then \
- set $(EXIT_ON_ERROR); \
- files=`echo $$d/*.java`; \
- list=`perl $(CORE_DEPTH)/coreconf/outofdate.pl $(PERLARG) \
- -d $(JAVA_DESTPATH)/$(PACKAGE) $$files`; \
- if test "$${list}x" != "x"; then \
- echo Building all java files in $$d; \
- echo $(JAVAC) $$list; \
- $(JAVAC) $$list; \
- fi; \
- set +e; \
- else \
- echo "Skipping non-directory $$d..."; \
- fi; \
- $(CLICK_STOPWATCH); \
- done
-endif
-endif
-
-#
-# JDK_GEN -- for generating "old style" native methods
-#
-# Generate JDK Headers and Stubs into the '_gen' and '_stubs' directory
-#
-# NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined,
-# replace $(CORE_DEPTH) with $(NETLIBDEPTH).
-#
-ifneq ($(JDK_GEN),)
-ifneq ($(JAVAH),)
-ifdef NSBUILDROOT
- INCLUDES += -I$(JDK_GEN_DIR) -I$(SOURCE_XP_DIR)
-else
- INCLUDES += -I$(JDK_GEN_DIR)
-endif
-
-ifdef NETLIBDEPTH
- CORE_DEPTH := $(NETLIBDEPTH)
-endif
-
-JDK_PACKAGE_CLASSES := $(JDK_GEN)
-JDK_PATH_CLASSES := $(subst .,/,$(JDK_PACKAGE_CLASSES))
-JDK_HEADER_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JDK_PATH_CLASSES))
-JDK_STUB_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JDK_PATH_CLASSES))
-JDK_HEADER_CFILES := $(patsubst %,$(JDK_GEN_DIR)/%.h,$(JDK_GEN))
-JDK_STUB_CFILES := $(patsubst %,$(JDK_STUB_DIR)/%.c,$(JDK_GEN))
-
-$(JDK_HEADER_CFILES): $(JDK_HEADER_CLASSFILES)
-$(JDK_STUB_CFILES): $(JDK_STUB_CLASSFILES)
-
-export::
- @echo Generating/Updating JDK headers
- $(JAVAH) -d $(JDK_GEN_DIR) $(JDK_PACKAGE_CLASSES)
- @echo Generating/Updating JDK stubs
- $(JAVAH) -stubs -d $(JDK_STUB_DIR) $(JDK_PACKAGE_CLASSES)
-ifndef NO_MAC_JAVA_SHIT
- @if test ! -d $(CORE_DEPTH)/lib/mac/Java/; then \
- echo "!!! You need to have a ns/lib/mac/Java directory checked out."; \
- echo "!!! This allows us to automatically update generated files for the mac."; \
- echo "!!! If you see any modified files there, please check them in."; \
- fi
- @echo Generating/Updating JDK headers for the Mac
- $(JAVAH) -mac -d $(CORE_DEPTH)/lib/mac/Java/_gen $(JDK_PACKAGE_CLASSES)
- @echo Generating/Updating JDK stubs for the Mac
- $(JAVAH) -mac -stubs -d $(CORE_DEPTH)/lib/mac/Java/_stubs $(JDK_PACKAGE_CLASSES)
-endif
-endif
-endif
-
-#
-# JRI_GEN -- for generating "old style" JRI native methods
-#
-# Generate JRI Headers and Stubs into the 'jri' directory
-#
-# NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined,
-# replace $(CORE_DEPTH) with $(NETLIBDEPTH).
-#
-ifneq ($(JRI_GEN),)
-ifneq ($(JAVAH),)
-ifdef NSBUILDROOT
- INCLUDES += -I$(JRI_GEN_DIR) -I$(SOURCE_XP_DIR)
-else
- INCLUDES += -I$(JRI_GEN_DIR)
-endif
-
-ifdef NETLIBDEPTH
- CORE_DEPTH := $(NETLIBDEPTH)
-endif
-
-JRI_PACKAGE_CLASSES := $(JRI_GEN)
-JRI_PATH_CLASSES := $(subst .,/,$(JRI_PACKAGE_CLASSES))
-JRI_HEADER_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JRI_PATH_CLASSES))
-JRI_STUB_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JRI_PATH_CLASSES))
-JRI_HEADER_CFILES := $(patsubst %,$(JRI_GEN_DIR)/%.h,$(JRI_GEN))
-JRI_STUB_CFILES := $(patsubst %,$(JRI_GEN_DIR)/%.c,$(JRI_GEN))
-
-$(JRI_HEADER_CFILES): $(JRI_HEADER_CLASSFILES)
-$(JRI_STUB_CFILES): $(JRI_STUB_CLASSFILES)
-
-export::
- @echo Generating/Updating JRI headers
- $(JAVAH) -jri -d $(JRI_GEN_DIR) $(JRI_PACKAGE_CLASSES)
- @echo Generating/Updating JRI stubs
- $(JAVAH) -jri -stubs -d $(JRI_GEN_DIR) $(JRI_PACKAGE_CLASSES)
-ifndef NO_MAC_JAVA_SHIT
- @if test ! -d $(CORE_DEPTH)/lib/mac/Java/; then \
- echo "!!! You need to have a ns/lib/mac/Java directory checked out."; \
- echo "!!! This allows us to automatically update generated files for the mac."; \
- echo "!!! If you see any modified files there, please check them in."; \
- fi
- @echo Generating/Updating JRI headers for the Mac
- $(JAVAH) -jri -mac -d $(CORE_DEPTH)/lib/mac/Java/_jri $(JRI_PACKAGE_CLASSES)
- @echo Generating/Updating JRI stubs for the Mac
- $(JAVAH) -jri -mac -stubs -d $(CORE_DEPTH)/lib/mac/Java/_jri $(JRI_PACKAGE_CLASSES)
-endif
-endif
-endif
-
-#
-# JNI_GEN -- for generating JNI native methods
-#
-# Generate JNI Headers into the 'jni' directory
-#
-ifneq ($(JNI_GEN),)
-ifneq ($(JAVAH),)
-JNI_HEADERS := $(patsubst %,$(JNI_GEN_DIR)/%.h,$(JNI_GEN))
-
-export::
- @if test ! -d $(JNI_GEN_DIR); then \
- echo $(JAVAH) -jni -d $(JNI_GEN_DIR) $(JNI_GEN); \
- $(JAVAH) -jni -d $(JNI_GEN_DIR) $(JNI_GEN); \
- else \
- echo "Checking for out of date header files" ; \
- perl $(CORE_DEPTH)/coreconf/jniregen.pl $(PERLARG) \
- -d $(JAVA_DESTPATH) -j "$(JAVAH) -jni -d $(JNI_GEN_DIR)" $(JNI_GEN);\
- fi
-endif
-endif
-
-#
-# JMC_EXPORT -- for declaring which java classes are to be exported for jmc
-#
-ifneq ($(JMC_EXPORT),)
-JMC_EXPORT_PATHS := $(subst .,/,$(JMC_EXPORT))
-JMC_EXPORT_FILES := $(patsubst %,$(JAVA_DESTPATH)/$(PACKAGE)/%.class,$(JMC_EXPORT_PATHS))
-
-#
-# We're doing NSINSTALL -t here (copy mode) because calling INSTALL will pick up
-# your NSDISTMODE and make links relative to the current directory. This is a
-# problem because the source isn't in the current directory:
-#
-export:: $(JMC_EXPORT_FILES) $(JMCSRCDIR)
- $(NSINSTALL) -t -m 444 $(JMC_EXPORT_FILES) $(JMCSRCDIR)
-endif
-
-#
-# JMC_GEN -- for generating java modules
-#
-# Provide default export & install rules when using JMC_GEN
-#
-ifneq ($(JMC_GEN),)
-ifneq ($(JMC),)
- INCLUDES += -I$(JMC_GEN_DIR) -I.
- JMC_HEADERS := $(patsubst %,$(JMC_GEN_DIR)/%.h,$(JMC_GEN))
- JMC_STUBS := $(patsubst %,$(JMC_GEN_DIR)/%.c,$(JMC_GEN))
- JMC_OBJS := $(patsubst %,$(OBJDIR)/%$(OBJ_SUFFIX),$(JMC_GEN))
-
-$(JMC_GEN_DIR)/M%.h: $(JMCSRCDIR)/%.class
- $(JMC) -d $(JMC_GEN_DIR) -interface $(JMC_GEN_FLAGS) $(?F:.class=)
-
-$(JMC_GEN_DIR)/M%.c: $(JMCSRCDIR)/%.class
- $(JMC) -d $(JMC_GEN_DIR) -module $(JMC_GEN_FLAGS) $(?F:.class=)
-
-$(OBJDIR)/M%$(OBJ_SUFFIX): $(JMC_GEN_DIR)/M%.h $(JMC_GEN_DIR)/M%.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c $(CFLAGS) $(JMC_GEN_DIR)/M$*.c
-
-export:: $(JMC_HEADERS) $(JMC_STUBS)
-endif
-endif
-
-#
-# Copy each element of EXPORTS to $(SOURCE_XP_DIR)/public/$(MODULE)/
-#
-PUBLIC_EXPORT_DIR = $(SOURCE_XP_DIR)/public/$(MODULE)
-
-ifneq ($(EXPORTS),)
-$(PUBLIC_EXPORT_DIR)::
- @if test ! -d $@; then \
- echo Creating $@; \
- $(NSINSTALL) -D $@; \
- fi
-
-export:: $(PUBLIC_EXPORT_DIR)
-
-export:: $(EXPORTS)
- $(INSTALL) -m 444 $^ $(PUBLIC_EXPORT_DIR)
-
-export:: $(BUILT_SRCS)
-endif
-
-# Duplicate export rule for private exports, with different directories
-
-PRIVATE_EXPORT_DIR = $(SOURCE_XP_DIR)/private/$(MODULE)
-
-ifneq ($(PRIVATE_EXPORTS),)
-$(PRIVATE_EXPORT_DIR)::
- @if test ! -d $@; then \
- echo Creating $@; \
- $(NSINSTALL) -D $@; \
- fi
-
-private_export:: $(PRIVATE_EXPORT_DIR)
-
-private_export:: $(PRIVATE_EXPORTS)
- $(INSTALL) -m 444 $^ $(PRIVATE_EXPORT_DIR)
-else
-private_export::
- @echo There are no private exports.;
-endif
-
-##########################################################################
-### RULES FOR RUNNING REGRESSION SUITE TESTS
-### REQUIRES 'REGRESSION_SPEC' TO BE SET TO THE NAME OF A REGRESSION SPECFILE
-### AND RESULTS_SUBDIR TO BE SET TO SOMETHING LIKE SECURITY/PKCS5
-##########################################################################
-
-TESTS_DIR = $(RESULTS_DIR)/$(RESULTS_SUBDIR)/$(OS_TARGET)$(OS_RELEASE)$(CPU_TAG)$(COMPILER_TAG)$(IMPL_STRATEGY)
-
-ifneq ($(REGRESSION_SPEC),)
-
-ifneq ($(BUILD_OPT),)
-REGDATE = $(subst \ ,, $(shell perl $(CORE_DEPTH)/$(MODULE)/scripts/now))
-endif
-
-tests:: $(REGRESSION_SPEC)
- cd $(PLATFORM); \
- ../$(SOURCE_MD_DIR)/bin/regress$(PROG_SUFFIX) specfile=../$(REGRESSION_SPEC) progress $(EXTRA_REGRESS_OPTIONS); \
- if test ! -d $(TESTS_DIR); then \
- echo Creating $(TESTS_DIR); \
- $(NSINSTALL) -D $(TESTS_DIR); \
- fi
-ifneq ($(BUILD_OPT),)
- $(NSINSTALL) -m 664 $(PLATFORM)/$(REGDATE).sum $(TESTS_DIR); \
- $(NSINSTALL) -m 664 $(PLATFORM)/$(REGDATE).htm $(TESTS_DIR); \
- echo "Please now make sure your results files are copied to $(TESTS_DIR), "; \
- echo "then run 'reporter specfile=$(RESULTS_DIR)/rptspec'"
-endif
-else
-tests::
- @echo Error: you didn't specify REGRESSION_SPEC in your manifest.mn file!;
-endif
-
-
-# Duplicate export rule for releases, with different directories
-
-ifneq ($(EXPORTS),)
-$(SOURCE_RELEASE_XP_DIR)/include::
- @if test ! -d $@; then \
- echo Creating $@; \
- $(NSINSTALL) -D $@; \
- fi
-
-release_export:: $(SOURCE_RELEASE_XP_DIR)/include
-
-release_export:: $(EXPORTS)
- $(INSTALL) -m 444 $^ $(SOURCE_RELEASE_XP_DIR)/include
-endif
-
-
-
-
-################################################################################
-
--include $(DEPENDENCIES)
-
-ifneq (,$(filter-out OpenVMS OS2 WIN%,$(OS_TARGET)))
-# Can't use sed because of its 4000-char line length limit, so resort to perl
-.DEFAULT:
- @perl -e ' \
- open(MD, "< $(DEPENDENCIES)"); \
- while (<MD>) { \
- if (m@ \.*/*$< @) { \
- $$found = 1; \
- last; \
- } \
- } \
- if ($$found) { \
- print "Removing stale dependency $< from $(DEPENDENCIES)\n"; \
- seek(MD, 0, 0); \
- $$tmpname = "$(OBJDIR)/fix.md" . $$$$; \
- open(TMD, "> " . $$tmpname); \
- while (<MD>) { \
- s@ \.*/*$< @ @; \
- if (!print TMD "$$_") { \
- unlink(($$tmpname)); \
- exit(1); \
- } \
- } \
- close(TMD); \
- if (!rename($$tmpname, "$(DEPENDENCIES)")) { \
- unlink(($$tmpname)); \
- } \
- } elsif ("$<" ne "$(DEPENDENCIES)") { \
- print "$(MAKE): *** No rule to make target $<. Stop.\n"; \
- exit(1); \
- }'
-endif
-
-#############################################################################
-# X dependency system
-#############################################################################
-
-ifdef MKDEPENDENCIES
-
-# For Windows, $(MKDEPENDENCIES) must be -included before including rules.mk
-
-$(MKDEPENDENCIES)::
- @$(MAKE_OBJDIR)
- touch $(MKDEPENDENCIES)
- chmod u+w $(MKDEPENDENCIES)
-#on NT, the preceeding touch command creates a read-only file !?!?!
-#which is why we have to explicitly chmod it.
- $(MKDEPEND) -p$(OBJDIR_NAME)/ -o'$(OBJ_SUFFIX)' -f$(MKDEPENDENCIES) \
-$(NOMD_CFLAGS) $(YOPT) $(CSRCS) $(CPPSRCS) $(ASFILES)
-
-$(MKDEPEND):: $(MKDEPEND_DIR)/*.c $(MKDEPEND_DIR)/*.h
- cd $(MKDEPEND_DIR); $(MAKE)
-
-ifdef OBJS
-depend:: $(MKDEPEND) $(MKDEPENDENCIES)
-else
-depend::
-endif
- +$(LOOP_OVER_DIRS)
-
-dependclean::
- rm -f $(MKDEPENDENCIES)
- +$(LOOP_OVER_DIRS)
-
-#-include $(NSINSTALL_DIR)/$(OBJDIR)/depend.mk
-
-else
-depend::
-endif
-
-################################################################################
-# Special gmake rules.
-################################################################################
-
-#
-# Re-define the list of default suffixes, so gmake won't have to churn through
-# hundreds of built-in suffix rules for stuff we don't need.
-#
-.SUFFIXES:
-.SUFFIXES: .out .a .ln .o .obj .c .cc .C .cpp .y .l .s .S .h .sh .i .pl .class .java .html .asm
-
-#
-# Don't delete these files if we get killed.
-#
-.PRECIOUS: .java $(JDK_HEADERS) $(JDK_STUBS) $(JRI_HEADERS) $(JRI_STUBS) $(JMC_HEADERS) $(JMC_STUBS) $(JNI_HEADERS)
-
-#
-# Fake targets. Always run these rules, even if a file/directory with that
-# name already exists.
-#
-.PHONY: all all_platforms alltags boot clean clobber clobber_all export install libs program realclean release $(OBJDIR) $(DIRS)
-
diff --git a/security/coreconf/ruleset.mk b/security/coreconf/ruleset.mk
deleted file mode 100644
index ab5413ab4..000000000
--- a/security/coreconf/ruleset.mk
+++ /dev/null
@@ -1,237 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# #
-# Parameters to this makefile (set these in this file): #
-# #
-# a) #
-# TARGETS -- the target to create #
-# (defaults to $LIBRARY $PROGRAM) #
-# b) #
-# DIRS -- subdirectories for make to recurse on #
-# (the 'all' rule builds $TARGETS $DIRS) #
-# c) #
-# CSRCS, CPPSRCS -- .c and .cpp files to compile #
-# (used to define $OBJS) #
-# d) #
-# PROGRAM -- the target program name to create from $OBJS #
-# ($OBJDIR automatically prepended to it) #
-# e) #
-# LIBRARY -- the target library name to create from $OBJS #
-# ($OBJDIR automatically prepended to it) #
-# f) #
-# JSRCS -- java source files to compile into class files #
-# (if you don't specify this it will default #
-# to *.java) #
-# g) #
-# PACKAGE -- the package to put the .class files into #
-# (e.g. netscape/applet) #
-# (NOTE: the default definition for this may be #
-# overridden if "jdk.mk" is included) #
-# h) #
-# JMC_EXPORT -- java files to be exported for use by JMC_GEN #
-# (this is a list of Class names) #
-# i) #
-# JRI_GEN -- files to run through javah to generate headers #
-# and stubs #
-# (output goes into the _jri sub-dir) #
-# j) #
-# JMC_GEN -- files to run through jmc to generate headers #
-# and stubs #
-# (output goes into the _jmc sub-dir) #
-# k) #
-# JNI_GEN -- files to run through javah to generate headers #
-# (output goes into the _jni sub-dir) #
-# #
-#######################################################################
-
-#
-# CPU_TAG is now defined in the $(TARGET).mk files
-#
-
-ifndef COMPILER_TAG
- ifneq ($(DEFAULT_COMPILER), $(notdir $(CC)))
-#
-# Temporary define for the Client; to be removed when binary release is used
-#
- ifdef MOZILLA_CLIENT
- COMPILER_TAG =
- else
- COMPILER_TAG = _$(notdir $(CC))
- endif
- else
- COMPILER_TAG =
- endif
-endif
-
-ifeq ($(MKPROG),)
- MKPROG = $(CC)
-endif
-
-#
-# This makefile contains rules for building the following kinds of
-# objects:
-# - (1) LIBRARY: a static (archival) library
-# - (2) SHARED_LIBRARY: a shared (dynamic link) library
-# - (3) IMPORT_LIBRARY: an import library, defined in $(OS_TARGET).mk
-# - (4) PROGRAM: an executable binary
-#
-# NOTE: The names of libraries can be generated by simply specifying
-# LIBRARY_NAME (and LIBRARY_VERSION in the case of non-static libraries).
-# LIBRARY and SHARED_LIBRARY may be defined differently in $(OS_TARGET).mk
-#
-
-ifdef LIBRARY_NAME
- ifndef LIBRARY
- LIBRARY = $(OBJDIR)/$(LIB_PREFIX)$(LIBRARY_NAME).$(LIB_SUFFIX)
- endif
- ifndef SHARED_LIBRARY
- SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).$(DLL_SUFFIX)
- endif
-endif
-
-#
-# Common rules used by lots of makefiles...
-#
-
-ifdef PROGRAM
- PROGRAM := $(addprefix $(OBJDIR)/, $(PROGRAM)$(JDK_DEBUG_SUFFIX)$(PROG_SUFFIX))
-endif
-
-ifdef PROGRAMS
- PROGRAMS := $(addprefix $(OBJDIR)/, $(PROGRAMS:%=%$(JDK_DEBUG_SUFFIX)$(PROG_SUFFIX)))
-endif
-
-ifndef TARGETS
- TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(PROGRAM)
-endif
-
-ifndef OBJS
- SIMPLE_OBJS = $(JRI_STUB_CFILES) \
- $(addsuffix $(OBJ_SUFFIX), $(JMC_GEN)) \
- $(CSRCS:.c=$(OBJ_SUFFIX)) \
- $(CPPSRCS:.cpp=$(OBJ_SUFFIX)) \
- $(ASFILES:$(ASM_SUFFIX)=$(OBJ_SUFFIX)) \
- $(BUILT_CSRCS:.c=$(OBJ_SUFFIX)) \
- $(BUILT_CPPSRCS:.cpp=$(OBJ_SUFFIX)) \
- $(BUILT_ASFILES:$(ASM_SUFFIX)=$(OBJ_SUFFIX))
- OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS))
-endif
-
-ifndef BUILT_SRCS
- BUILT_SRCS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), \
- $(BUILT_CSRCS) $(BUILT_CPPSRCS) $(BUILT_ASFILES))
-endif
-
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- MAKE_OBJDIR = $(INSTALL) -D $(OBJDIR)
-else
- define MAKE_OBJDIR
- if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi
- endef
-endif
-
-ifndef PACKAGE
- PACKAGE = .
-endif
-
-ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \
- $(NOSUCHFILE) $(JDK_HEADER_CFILES) $(JDK_STUB_CFILES) \
- $(JRI_HEADER_CFILES) $(JRI_STUB_CFILES) $(JNI_HEADERS) \
- $(JMC_STUBS) $(JMC_HEADERS) $(JMC_EXPORT_FILES) \
- so_locations _gen _jmc _jri _jni _stubs \
- $(wildcard $(JAVA_DESTPATH)/$(PACKAGE)/*.class) \
- $(BUILT_SRCS)
-
-ifdef JDIRS
- ALL_TRASH += $(addprefix $(JAVA_DESTPATH)/,$(JDIRS))
-endif
-
-ifdef NSBUILDROOT
- JDK_GEN_DIR = $(SOURCE_XP_DIR)/_gen
- JMC_GEN_DIR = $(SOURCE_XP_DIR)/_jmc
- JNI_GEN_DIR = $(SOURCE_XP_DIR)/_jni
- JRI_GEN_DIR = $(SOURCE_XP_DIR)/_jri
- JDK_STUB_DIR = $(SOURCE_XP_DIR)/_stubs
-else
- JDK_GEN_DIR = _gen
- JMC_GEN_DIR = _jmc
- JNI_GEN_DIR = _jni
- JRI_GEN_DIR = _jri
- JDK_STUB_DIR = _stubs
-endif
-
-#
-# If this is an "official" build, try to build everything.
-# I.e., don't exit on errors.
-#
-
-ifdef BUILD_OFFICIAL
- EXIT_ON_ERROR = +e
- CLICK_STOPWATCH = date
-else
- EXIT_ON_ERROR = -e
- CLICK_STOPWATCH = true
-endif
-
-ifdef REQUIRES
- MODULE_INCLUDES := $(addprefix -I$(SOURCE_XP_DIR)/public/, $(REQUIRES))
- INCLUDES += $(MODULE_INCLUDES)
- ifeq ($(MODULE), sectools)
- PRIVATE_INCLUDES := $(addprefix -I$(SOURCE_XP_DIR)/private/, $(REQUIRES))
- INCLUDES += $(PRIVATE_INCLUDES)
- endif
-endif
-
-ifdef SYSTEM_INCL_DIR
- YOPT = -Y$(SYSTEM_INCL_DIR)
-endif
-
-ifdef DIRS
- LOOP_OVER_DIRS = \
- @for directory in $(DIRS); do \
- if test -d $$directory; then \
- set $(EXIT_ON_ERROR); \
- echo "cd $$directory; $(MAKE) $@"; \
- $(MAKE) -C $$directory $@; \
- set +e; \
- else \
- echo "Skipping non-directory $$directory..."; \
- fi; \
- $(CLICK_STOPWATCH); \
- done
-endif
-
-MK_RULESET = included
diff --git a/security/coreconf/source.mk b/security/coreconf/source.mk
deleted file mode 100644
index 165697786..000000000
--- a/security/coreconf/source.mk
+++ /dev/null
@@ -1,190 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master <component>-specific source import/export directories #
-#######################################################################
-
-#
-# <user_source_tree> master import/export directory prefix
-#
-
-ifndef SOURCE_PREFIX
- ifndef BUILD_TREE
- SOURCE_PREFIX = $(CORE_DEPTH)/../dist
- else
- SOURCE_PREFIX = $(BUILD_TREE)/dist
- endif
-endif
-
-#
-# <user_source_tree> cross-platform (xp) master import/export directory
-#
-
-ifndef SOURCE_XP_DIR
- SOURCE_XP_DIR = $(SOURCE_PREFIX)
-endif
-
-#
-# <user_source_tree> cross-platform (xp) import/export directories
-#
-
-SOURCE_CLASSES_DIR = $(SOURCE_XP_DIR)/classes
-SOURCE_CLASSES_DBG_DIR = $(SOURCE_XP_DIR)/classes_DBG
-SOURCE_XPHEADERS_DIR = $(SOURCE_XP_DIR)/public/$(MODULE)
-SOURCE_XPPRIVATE_DIR = $(SOURCE_XP_DIR)/private/$(MODULE)
-
-ifdef BUILD_OPT
- IMPORT_XPCLASS_DIR = $(SOURCE_CLASSES_DIR)
-else
- IMPORT_XPCLASS_DIR = $(SOURCE_CLASSES_DBG_DIR)
-endif
-
-#
-# <user_source_tree> machine-dependent (md) master import/export directory
-#
-
-ifndef SOURCE_MD_DIR
- SOURCE_MD_DIR = $(SOURCE_PREFIX)/$(PLATFORM)
-endif
-
-#
-# <user_source_tree> machine-dependent (md) import/export directories
-#
-
-#This is where we install built executables and (for Windows only) DLLs.
-ifndef SOURCE_BIN_DIR
- SOURCE_BIN_DIR = $(SOURCE_MD_DIR)/bin
-endif
-
-#This is where we install built libraries (.a, .so, .lib).
-ifndef SOURCE_LIB_DIR
- SOURCE_LIB_DIR = $(SOURCE_MD_DIR)/lib
-endif
-
-# This is where NSPR header files are found.
-ifndef SOURCE_MDHEADERS_DIR
- SOURCE_MDHEADERS_DIR = $(SOURCE_MD_DIR)/include
-endif
-
-#######################################################################
-# Master <component>-specific source release directories and files #
-#######################################################################
-
-#
-# <user_source_tree> source-side master release directory prefix
-# NOTE: export control policy enforced for XP and MD files released to
-# the staging area
-#
-
-ifeq ($(POLICY), domestic)
- SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/domestic
-else
- ifeq ($(POLICY), export)
- SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/export
- else
- ifeq ($(POLICY), france)
- SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/france
- else
-#We shouldn't have to put another directory under here, but without it the perl
-#script for releasing doesn't find the directory. It thinks it doesn't exist.
-#So we're adding this no-policy directory so that the script for releasing works
-#in all casese when policy is not set. This doesn't affect where the final jar
-#files land, only where they are placed in the local tree when building the jar
-#files. When there is no policy, the jar files will still land in
-#<dist>/<module>/<date>/<platform> like they used to.
- SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/no-policy
- endif
- endif
-endif
-
-#
-# <user_source_tree> cross-platform (xp) source-side master release directory
-#
-
-SOURCE_RELEASE_XP_DIR = $(SOURCE_RELEASE_PREFIX)
-
-#
-# <user_source_tree> cross-platform (xp) source-side release directories
-#
-
-SOURCE_RELEASE_CLASSES_DIR = classes
-SOURCE_RELEASE_CLASSES_DBG_DIR = classes_DBG
-SOURCE_RELEASE_XPHEADERS_DIR = include
-
-#
-# <user_source_tree> cross-platform (xp) JAR source-side release files
-#
-
-XPCLASS_JAR = xpclass.jar
-XPCLASS_DBG_JAR = xpclass_dbg.jar
-XPHEADER_JAR = xpheader.jar
-
-ifdef BUILD_OPT
- SOURCE_RELEASE_XP_CLASSES_DIR = $(SOURCE_RELEASE_CLASSES_DIR)
- IMPORT_XPCLASS_JAR = $(XPCLASS_JAR)
-else
- SOURCE_RELEASE_XP_CLASSES_DIR = $(SOURCE_RELEASE_CLASSES_DBG_DIR)
- IMPORT_XPCLASS_JAR = $(XPCLASS_DBG_JAR)
-endif
-
-#
-# <user_source_tree> machine-dependent (md) source-side master release directory
-#
-
-SOURCE_RELEASE_MD_DIR = $(PLATFORM)
-
-#
-# <user_source_tree> machine-dependent (md) source-side release directories
-#
-
-SOURCE_RELEASE_BIN_DIR = $(PLATFORM)/bin
-SOURCE_RELEASE_LIB_DIR = $(PLATFORM)/lib
-SOURCE_RELEASE_MDHEADERS_DIR = $(PLATFORM)/include
-SOURCE_RELEASE_SPEC_DIR = $(SOURCE_RELEASE_MD_DIR)
-
-#
-# <user_source_tree> machine-dependent (md) JAR/tar source-side release files
-#
-
-MDBINARY_JAR = mdbinary.jar
-MDHEADER_JAR = mdheader.jar
-
-
-# Where to put the results
-
-ifneq ($(RESULTS_DIR),)
- RESULTS_DIR = $(RELEASE_TREE)/sectools/results
-endif
-
-MK_SOURCE = included
diff --git a/security/coreconf/suffix.mk b/security/coreconf/suffix.mk
deleted file mode 100644
index 4366befc4..000000000
--- a/security/coreconf/suffix.mk
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" suffixes #
-#######################################################################
-
-#
-# Object suffixes (OS2 and WIN% override this)
-#
-ifndef OBJ_SUFFIX
- OBJ_SUFFIX = .o
-endif
-
-#
-# Assembler source suffixes (OS2 and WIN% override this)
-#
-ifndef ASM_SUFFIX
- ASM_SUFFIX = .s
-endif
-
-#
-# Library suffixes
-#
-STATIC_LIB_EXTENSION =
-
-ifndef DYNAMIC_LIB_EXTENSION
- DYNAMIC_LIB_EXTENSION =
-endif
-
-
-ifndef STATIC_LIB_SUFFIX
- STATIC_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-
-ifndef DYNAMIC_LIB_SUFFIX
- DYNAMIC_LIB_SUFFIX = .$(DLL_SUFFIX)
-endif
-
-# WIN% overridese this
-ifndef IMPORT_LIB_SUFFIX
- IMPORT_LIB_SUFFIX =
-endif
-
-
-ifndef STATIC_LIB_SUFFIX_FOR_LINKING
- STATIC_LIB_SUFFIX_FOR_LINKING = $(STATIC_LIB_SUFFIX)
-endif
-
-
-# WIN% overridese this
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
- DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(DYNAMIC_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes (OS2 and WIN% override this)
-#
-
-ifndef PROG_SUFFIX
- PROG_SUFFIX =
-endif
-
-MK_SUFFIX = included
diff --git a/security/coreconf/tree.mk b/security/coreconf/tree.mk
deleted file mode 100644
index 273a47c1e..000000000
--- a/security/coreconf/tree.mk
+++ /dev/null
@@ -1,80 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" file system "release" prefixes #
-#######################################################################
-
-# Windows platforms override this. See WIN32.mk or WIN16.mk.
-ifndef RELEASE_TREE
- ifdef BUILD_SHIP
- ifdef USE_SHIPS
- RELEASE_TREE = $(BUILD_SHIP)
- else
- RELEASE_TREE = /share/builds/components
- endif
- else
- RELEASE_TREE = /share/builds/components
- endif
-endif
-
-#
-# NOTE: export control policy enforced for XP and MD files
-# released to the binary release tree
-#
-
-ifeq ($(POLICY), domestic)
- RELEASE_XP_DIR = domestic
- RELEASE_MD_DIR = domestic/$(PLATFORM)
-else
- ifeq ($(POLICY), export)
- RELEASE_XP_DIR = export
- RELEASE_MD_DIR = export/$(PLATFORM)
- else
- ifeq ($(POLICY), france)
- RELEASE_XP_DIR = france
- RELEASE_MD_DIR = france/$(PLATFORM)
- else
- RELEASE_XP_DIR =
- RELEASE_MD_DIR = $(PLATFORM)
- endif
- endif
-endif
-
-
-REPORTER_TREE = $(subst \,\\,$(RELEASE_TREE))
-
-IMPORT_XP_DIR =
-IMPORT_MD_DIR = $(PLATFORM)
-
-MK_TREE = included
diff --git a/security/coreconf/version.mk b/security/coreconf/version.mk
deleted file mode 100644
index 7d459a95f..000000000
--- a/security/coreconf/version.mk
+++ /dev/null
@@ -1,105 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Build master "Core Components" release version directory name #
-#######################################################################
-
-#
-# Always set CURRENT_VERSION_SYMLINK to the <current> symbolic link.
-#
-
-CURRENT_VERSION_SYMLINK = current
-
-
-#
-# For the sake of backwards compatibility (*sigh*) ...
-#
-
-ifndef VERSION
- ifdef BUILD_NUM
- VERSION = $(BUILD_NUM)
- endif
-endif
-
-ifndef RELEASE_VERSION
- ifdef BUILD_NUM
- RELEASE_VERSION = $(BUILD_NUM)
- endif
-endif
-
-#
-# If VERSION has still NOT been set on the command line,
-# as an environment variable, by the individual Makefile, or
-# by the <component>-specific "version.mk" file, set VERSION equal
-# to $(CURRENT_VERSION_SYMLINK).
-
-ifndef VERSION
- VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-# If RELEASE_VERSION has still NOT been set on the command line,
-# as an environment variable, by the individual Makefile, or
-# by the <component>-specific "version.mk" file, automatically
-# generate the next available version number via a perl script.
-#
-
-ifndef RELEASE_VERSION
- RELEASE_VERSION =
-endif
-
-#
-# Set <component>-specific versions for compiliation and linkage.
-#
-
-ifndef JAVA_VERSION
- JAVA_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef NETLIB_VERSION
- NETLIB_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef NSPR_VERSION
- NSPR_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef SECTOOLS_VERSION
- SECTOOLS_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef SECURITY_VERSION
- SECURITY_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-MK_VERSION = included
diff --git a/security/coreconf/version.pl b/security/coreconf/version.pl
deleted file mode 100644
index 47a71395b..000000000
--- a/security/coreconf/version.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/sbin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# Compose lowercase alphabet
-@alphabet = ( "a", "b", "c", "d", "e", "f", "g", "h",
- "i", "j", "k", "l", "m", "n", "o", "p",
- "q", "r", "s", "t", "u", "v", "w", "x",
- "y", "z" );
-
-# Compute year
-$year = (localtime)[5] + 1900;
-
-# Compute month
-$month = (localtime)[4] + 1;
-
-# Compute day
-$day = (localtime)[3];
-
-# Compute base build number
-$version = sprintf( "%d%02d%02d", $year, $month, $day );
-$directory = sprintf( "%s\/%s\/%d%02d%02d", $ARGV[0], $ARGV[1], $year, $month, $day );
-
-# Print out the name of the first version directory which does not exist
-#if( ! -e $directory )
-#{
- print $version;
-#}
-#else
-#{
-# # Loop through combinations
-# foreach $ch1 (@alphabet)
-# {
-# foreach $ch2 (@alphabet)
-# {
-# $version = sprintf( "%d%02d%02d%s%s", $year, $month, $day, $ch1, $ch2 );
-# $directory = sprintf( "%s\/%s\/%d%02d%02d%s%s", $ARGV[0], $ARGV[1], $year, $month, $day, $ch1, $ch2 );
-# if( ! -e $directory )
-# {
-# print STDOUT $version;
-# exit;
-# }
-# }
-# }
-#}
-
diff --git a/security/nss/Makefile b/security/nss/Makefile
deleted file mode 100644
index 58605a1bf..000000000
--- a/security/nss/Makefile
+++ /dev/null
@@ -1,168 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-ifeq ($(OS_TARGET),WINCE)
-DIRS = lib # omit cmd since wince has no command line shell
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-nss_build_all: build_coreconf build_nspr build_dbm all
-
-build_coreconf:
- cd $(CORE_DEPTH)/coreconf ; $(MAKE)
-
-NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)/config.status
-NSPR_CONFIGURE = $(CORE_DEPTH)/../nsprpub/configure
-
-#
-# Translate coreconf build options to NSPR configure options.
-#
-
-ifdef BUILD_OPT
-NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize
-endif
-ifdef USE_64
-NSPR_CONFIGURE_OPTS += --enable-64bit
-endif
-ifeq ($(OS_TARGET),WIN95)
-NSPR_CONFIGURE_OPTS += --enable-win32-target=WIN95
-endif
-ifdef USE_DEBUG_RTL
-NSPR_CONFIGURE_OPTS += --enable-debug-rtl
-endif
-ifdef NS_USE_GCC
-NSPR_COMPILERS = CC=gcc CXX=g++
-endif
-
-#
-# Some pwd commands on Windows (for example, the pwd
-# command in Cygwin) return a pathname that begins
-# with a (forward) slash. When such a pathname is
-# passed to Windows build tools (for example, cl), it
-# is mistaken as a command-line option. If that is the case,
-# we use a relative pathname as NSPR's prefix on Windows.
-#
-
-USEABSPATH="YES"
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-ifeq (,$(findstring :,$(shell pwd)))
-USEABSPATH="NO"
-endif
-endif
-ifeq ($(USEABSPATH),"YES")
-NSPR_PREFIX = $(shell pwd)/../../dist/$(OBJDIR_NAME)
-else
-NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME)
-endif
-
-$(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE)
- $(NSINSTALL) -D $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; \
- $(NSPR_COMPILERS) sh ../configure \
- $(NSPR_CONFIGURE_OPTS) \
- --with-dist-prefix='$(NSPR_PREFIX)' \
- --with-dist-includedir='$(NSPR_PREFIX)/include'
-
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-build_dbm:
- cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
-
-
-
-moz_import::
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- $(NSINSTALL) -D $(DIST)/include/nspr
- cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr
- cp $(DIST)/../include/* $(DIST)/include
-ifdef BUILD_OPT
- cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib
-else
- cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib
-endif
- mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib
-else
-ifeq ($(OS_TARGET),OS2)
- cp -rf $(DIST)/../include $(DIST)
- cp -rf $(DIST)/../lib $(DIST)
- cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-else
- $(NSINSTALL) -L ../../dist include $(DIST)
- $(NSINSTALL) -L ../../dist lib $(DIST)
- cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-endif
-endif
-
-nss_RelEng_bld: build_coreconf import all
-
-package:
- $(MAKE) -C pkg publish
diff --git a/security/nss/cmd/.cvsignore b/security/nss/cmd/.cvsignore
deleted file mode 100644
index 6329db22e..000000000
--- a/security/nss/cmd/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-.gdbinit
diff --git a/security/nss/cmd/Makefile b/security/nss/cmd/Makefile
deleted file mode 100644
index 5e716b9b3..000000000
--- a/security/nss/cmd/Makefile
+++ /dev/null
@@ -1,182 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-# These sources were once in this directory, but now are gone.
-MISSING_SOURCES = \
- addcert.c \
- berparse.c \
- cert.c \
- key.c \
- key_rand.c \
- keygen.c \
- sec_fe.c \
- sec_read.c \
- secarb.c \
- secutil.c \
- $(NULL)
-
-# we don't build these any more, but the sources are still here
-OBSOLETE = \
- berdec.c \
- berdump.c \
- cypher.c \
- dumpcert.c \
- listcerts.c \
- mkdongle.c \
- p12exprt.c \
- p12imprt.c \
- rc4.c \
- sign.c \
- unwrap.c \
- vector.c \
- verify.c \
- wrap.c \
- $(NULL)
-
-# the base files for the executables
-# hey -- keep these alphabetical, please
-EXEC_SRCS = \
- $(NULL)
-
-# files that generate two separate objects and executables
-# BI_SRCS = \
-# keyutil.c \
-# p7env.c \
-# tstclnt.c \
-# $(NULL)
-
-# -I$(CORE_DEPTH)/security/lib/cert \
-# -I$(CORE_DEPTH)/security/lib/key \
-# -I$(CORE_DEPTH)/security/lib/util \
-
-INCLUDES += \
- -I$(DIST)/../public/security \
- -I./include \
- $(NULL)
-
-TBD_DIRS = rsh rshd rdist ssld
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(DIST)/lib/libxp.$(LIB_SUFFIX) \
- $(DIST)/lib/libnspr.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libhash.$(LIB_SUFFIX) \
- $(NULL)
-
-MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-REQUIRES = libxp nspr security
-
-CSRCS = $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-
-ifneq ($(OS_TARGET),OS2)
-$(OBJDIR)/%-us.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(US_FLAGS) -c $*.c
-
-$(OBJDIR)/%-ex.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(OBJDIR)/%.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(US_PROGS):$(OBJDIR)/%-us: $(OBJDIR)/%-us.o $(US_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(OBJDIR)/$*-us.o $(LDFLAGS) $(US_LIBS) $(OS_LIBS)
-
-$(EX_PROGS):$(OBJDIR)/%-ex: $(OBJDIR)/%-ex.o $(EX_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(OBJDIR)/$*-ex.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-$(PROGS):$(OBJDIR)/%: $(OBJDIR)/%.o $(EX_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $@.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-#install:: $(TARGETS)
-# $(INSTALL) $(TARGETS) $(DIST)/bin
-endif
-
-symbols::
- @echo "TARGETS = $(TARGETS)"
diff --git a/security/nss/cmd/SSLsample/Makefile b/security/nss/cmd/SSLsample/Makefile
deleted file mode 100644
index cf741f387..000000000
--- a/security/nss/cmd/SSLsample/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# do these once for each target program
-all default export libs program install release_export::
- $(MAKE) -f make.client $@
- $(MAKE) -f make.server $@
-
-# only do these things once for the whole directory
-depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show::
- $(MAKE) -f make.client $@
-
-
diff --git a/security/nss/cmd/SSLsample/Makefile.NSS b/security/nss/cmd/SSLsample/Makefile.NSS
deleted file mode 100644
index 0a3545f4f..000000000
--- a/security/nss/cmd/SSLsample/Makefile.NSS
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ARCH := $(shell uname)
-
-ifeq ($(ARCH), SunOS)
- DEFINES = -KPIC -DSVR4 -DSOLARIS -DSYSV -D__svr4 -D__svr4__ \
- -D_REENTRANT -DSOLARIS2_5 -D_SVID_GETTOD -DXP_UNIX -UDEBUG -DNDEBUG \
- -DXP_UNIX
- INCPATH = -I. -I../include/dbm -I../include/nspr -I../include/security
- LIBPATH = -L../lib
- LIBS = -lnss -lssl -lpkcs7 -lpkcs12 -lsecmod -lcert -lkey \
- -lcrypto -lsecutil -lhash -ldbm -lplc4 -lplds4 -lnspr4 -lsocket -lnsl
- CFLAGS = -g
- CC = cc
-endif # SunOS
-
-# The rules to build the sample apps appear below.
-
-server:
- $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS)
-
-client:
- $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS)
-
-clean:
- rm -fr server client server.o client.o
-
diff --git a/security/nss/cmd/SSLsample/NSPRerrs.h b/security/nss/cmd/SSLsample/NSPRerrs.h
deleted file mode 100644
index bacdef6b2..000000000
--- a/security/nss/cmd/SSLsample/NSPRerrs.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." )
-ER2( PR_IO_ERROR, "I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, "Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR,
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR,
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR,
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR,
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR,
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR,
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR,
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR,
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, "Unused." )
-ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR,
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, "Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." )
-ER2( PR_IS_DIRECTORY_ERROR,
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, "Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR,
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR,
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR,
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR,
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR,
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR,
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR,
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR,
-"Directory is full. No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR,
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, "Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." )
-#endif
-
-ER2( PR_MAX_ERROR, "Placeholder for the end of the list" )
diff --git a/security/nss/cmd/SSLsample/README b/security/nss/cmd/SSLsample/README
deleted file mode 100644
index 2c4c09110..000000000
--- a/security/nss/cmd/SSLsample/README
+++ /dev/null
@@ -1,43 +0,0 @@
-These sample programs can be built in either of two ways:
-1) is the NSS source tree, using the coreconf build system, and
-2) stand alone (as part of the NSS distribution).
-
-The following makefiles are used only when building in the NSS source tree
-using coreconf. These are NOT part of the distribution.
-
-Makefile
-client.mn
-server.mn
-config.mk
-make.client
-make.server
-
-The following makefiles are used only when building in the NSS distribution.
-These files are part of the distribution.
-
-Makefile.NSS
-nmakefile95.nss
-nmakefilent.nss
-
-
-The following source files are common to both build environments and are
-part of the distribution.
-
-NSPRerrs.h
-SECerrs.h
-SSLerrs.h
-client.c
-getopt.c
-server.c
-sslerror.h
-
-In the NSS 2.0 distribution, the sample code and makefiles are in a
-directory named "samples". The directories relevant to building
-in the distributed tree are:
-
-./samples
-./include/dbm
-./include/nspr
-./include/security
-./lib
-
diff --git a/security/nss/cmd/SSLsample/SECerrs.h b/security/nss/cmd/SSLsample/SECerrs.h
deleted file mode 100644
index 2059df6a2..000000000
--- a/security/nss/cmd/SSLsample/SECerrs.h
+++ /dev/null
@@ -1,441 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* General security error codes */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
-"New password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired. Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired. Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized. \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
-"Unable to import. Decoding error. File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
-"Unable to import. Invalid MAC. Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
-"Unable to import. MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import. Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
-"Unable to import. File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import. Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
-"Unable to import. File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import. Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
-"Unable to import. Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
-"Unable to import. Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
-"Unable to import. Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export. Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
-"Unable to export. Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
-"Unable to export. Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
-"Unable to import. Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export. Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
-"Password entered is invalid. Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
-"Old password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-/* ER3(SEC_ERROR_UNKNOWN, (SEC_ERROR_BASE + 105), */
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
-
-ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL. Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
diff --git a/security/nss/cmd/SSLsample/SSLerrs.h b/security/nss/cmd/SSLsample/SSLerrs.h
deleted file mode 100644
index 06803b849..000000000
--- a/security/nss/cmd/SSLsample/SSLerrs.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* SSL-specific security error codes */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
-"Unable to communicate securely. Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
-"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused (SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused (SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
- defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c
deleted file mode 100644
index e5cd1013c..000000000
--- a/security/nss/cmd/SSLsample/client.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- * SSL client program that sets up a connection to SSL server, transmits *
- * some data and then reads the reply *
- ****************************************************************************/
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-
-#include "sslsample.h"
-
-#define RD_BUF_SIZE (60 * 1024)
-
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-GlobalThreadMgr threadMGR;
-char *certNickname = NULL;
-char *hostName = NULL;
-char *password = NULL;
-unsigned short port = 0;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
- " [-w dbpasswd] [-C cipher(s)] hostname\n",
- progName);
- exit(1);
-}
-
-PRFileDesc *
-setupSSLSocket(PRNetAddr *addr)
-{
- PRFileDesc *tcpSocket;
- PRFileDesc *sslSocket;
- PRSocketOptionData socketOption;
- PRStatus prStatus;
- SECStatus secStatus;
-
-#if 0
-retry:
-#endif
-
- tcpSocket = PR_NewTCPSocket();
- if (tcpSocket == NULL) {
- errWarn("PR_NewTCPSocket");
- }
-
- /* Make the socket blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(tcpSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption");
- goto loser;
- }
-
-#if 0
- /* Verify that a connection can be made to the socket. */
- prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- PRErrorCode err = PR_GetError();
- if (err == PR_CONNECT_REFUSED_ERROR) {
- PR_Close(tcpSocket);
- PR_Sleep(PR_MillisecondsToInterval(10));
- fprintf(stderr, "Connection to port refused, retrying.\n");
- goto retry;
- }
- errWarn("PR_Connect");
- goto loser;
- }
-#endif
-
- /* Import the socket into the SSL layer. */
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (!sslSocket) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- /* Set configuration options. */
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT");
- goto loser;
- }
-
- /* Set SSL callback routines. */
- secStatus = SSL_GetClientAuthDataHook(sslSocket,
- (SSLGetClientAuthData)myGetClientAuthData,
- (void *)certNickname);
- if (secStatus != SECSuccess) {
- errWarn("SSL_GetClientAuthDataHook");
- goto loser;
- }
-
- secStatus = SSL_AuthCertificateHook(sslSocket,
- (SSLAuthCertificate)myAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-
-const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection(PRFileDesc *sslSocket, int connection)
-{
- int countRead = 0;
- PRInt32 numBytes;
- char *readBuffer;
-
- readBuffer = PORT_Alloc(RD_BUF_SIZE);
- if (!readBuffer) {
- exitErr("PORT_Alloc");
- }
-
- /* compose the http request here. */
-
- numBytes = PR_Write(sslSocket, requestString, strlen(requestString));
- if (numBytes <= 0) {
- errWarn("PR_Write");
- PR_Free(readBuffer);
- readBuffer = NULL;
- return SECFailure;
- }
-
- /* read until EOF */
- while (PR_TRUE) {
- numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE);
- if (numBytes == 0) {
- break; /* EOF */
- }
- if (numBytes < 0) {
- errWarn("PR_Read");
- break;
- }
- countRead += numBytes;
- fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n",
- connection, numBytes, countRead );
- readBuffer[numBytes] = '\0';
- fprintf(stderr, "************\n%s\n************\n", readBuffer);
- }
-
- printSecurityInfo(sslSocket);
-
- PR_Free(readBuffer);
- readBuffer = NULL;
-
- /* Caller closes the socket. */
-
- fprintf(stderr,
- "***** Connection %d read %d bytes total.\n",
- connection, countRead);
-
- return SECSuccess; /* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-SECStatus
-do_connects(void *a, int connection)
-{
- PRNetAddr *addr = (PRNetAddr *)a;
- PRFileDesc *sslSocket;
- PRHostEnt hostEntry;
- char buffer[PR_NETDB_BUF_SIZE];
- PRStatus prStatus;
- PRIntn hostenum;
- SECStatus secStatus;
-
- /* Set up SSL secure socket. */
- sslSocket = setupSSLSocket(addr);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- return SECFailure;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetPKCS11PinArg");
- return secStatus;
- }
-
- secStatus = SSL_SetURL(sslSocket, hostName);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetURL");
- return secStatus;
- }
-
- /* Prepare and setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_GetHostByName");
- return SECFailure;
- }
-
- hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr);
- if (hostenum == -1) {
- errWarn("PR_EnumerateHostEnt");
- return SECFailure;
- }
-
- prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Connect");
- return SECFailure;
- }
-
- /* Established SSL connection, ready to send data. */
-#if 0
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return secStatus;
- }
-#endif
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- prStatus = PR_Close(sslSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
- return secStatus;
- }
-
- secStatus = handle_connection(sslSocket, connection);
- if (secStatus != SECSuccess) {
- errWarn("handle_connection");
- return secStatus;
- }
-
- PR_Close(sslSocket);
- return SECSuccess;
-}
-
-void
-client_main(unsigned short port,
- int connections,
- const char * hostName)
-{
- int i;
- SECStatus secStatus;
- PRStatus prStatus;
- PRInt32 rv;
- PRNetAddr addr;
- PRHostEnt hostEntry;
- char buffer[256];
-
- /* Setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_GetHostByName");
- }
-
- rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr);
- if (rv < 0) {
- exitErr("PR_EnumerateHostEnt");
- }
-
- secStatus = launch_thread(&threadMGR, do_connects, &addr, 1);
- if (secStatus != SECSuccess) {
- exitErr("launch_thread");
- }
-
- if (connections > 1) {
- /* wait for the first connection to terminate, then launch the rest. */
- reap_threads(&threadMGR);
- /* Start up the connections */
- for (i = 2; i <= connections; ++i) {
- secStatus = launch_thread(&threadMGR, do_connects, &addr, i);
- if (secStatus != SECSuccess) {
- errWarn("launch_thread");
- }
- }
- }
-
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
-}
-
-int
-main(int argc, char **argv)
-{
- char * certDir = ".";
- char * progName = NULL;
- int connections = 1;
- char * cipherString = NULL;
- SECStatus secStatus;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Call the NSPR initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- progName = PL_strdup(argv[0]);
-
- hostName = NULL;
- optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case 'C' : cipherString = PL_strdup(optstate->value); break;
- case 'c' : connections = PORT_Atoi(optstate->value); break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
- case 'n' : certNickname = PL_strdup(optstate->value); break;
- case 'p' : port = PORT_Atoi(optstate->value); break;
- case 'w' : password = PL_strdup(optstate->value); break;
- case '\0': hostName = PL_strdup(optstate->value); break;
- default : Usage(progName);
- }
- }
-
- if (port == 0 || hostName == NULL)
- Usage(progName);
-
- if (certDir == NULL) {
- certDir = PR_smprintf("%s/.netscape", getenv("HOME"));
- }
-
- /* Set our password function callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize the NSS libraries. */
- secStatus = NSS_Init(certDir);
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */
- NSS_SetDomesticPolicy();
- SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- }
- }
- }
-
- client_main(port, connections, hostName);
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
-}
-
diff --git a/security/nss/cmd/SSLsample/client.mn b/security/nss/cmd/SSLsample/client.mn
deleted file mode 100644
index 5c7fa3d7c..000000000
--- a/security/nss/cmd/SSLsample/client.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = client.c \
- sslsample.c \
- $(NULL)
-
-PROGRAM = client
-
-REQUIRES = dbm
-
-IMPORTS = nss/lib/nss
-
-DEFINES = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/gencerts b/security/nss/cmd/SSLsample/gencerts
deleted file mode 100755
index 80be66a43..000000000
--- a/security/nss/cmd/SSLsample/gencerts
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-# Script to generate sample db files neccessary for SSL.
-
-# Directory for db's, use in all subsequent -d flags.
-rm -rf SampleCertDBs
-mkdir SampleCertDBs
-
-# Password to use.
-echo sample > passfile
-
-# Generate the db files, using the above password.
-certutil -N -d SampleCertDBs -f passfile
-
-# Generate the CA cert. This cert is self-signed and only useful for
-# test purposes. Set the trust bits to allow it to sign SSL client/server
-# certs.
-certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \
- -s "CN=My Sample Root CA, O=My Organization" \
- -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \
- -d SampleCertDBs -f passfile
-
-# Generate the server cert. This cert is signed by the CA cert generated
-# above. The CN must be hostname.domain.[com|org|net|...].
-certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \
- -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \
- -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \
- -d SampleCertDBs -f passfile
-
-# Generate the client cert. This cert is signed by the CA cert generated
-# above.
-certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \
- -s "CN=My Client Cert, O=Client Organization" \
- -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \
- -d SampleCertDBs -f passfile
-
-# Verify the certificates.
-certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs
-certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs
-
-# Remove unneccessary files.
-rm -f passfile
-rm -f tempcert*
-
-# You are now ready to run your client/server! Example command lines:
-# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R
-# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com
diff --git a/security/nss/cmd/SSLsample/make.client b/security/nss/cmd/SSLsample/make.client
deleted file mode 100644
index 3dd7705e3..000000000
--- a/security/nss/cmd/SSLsample/make.client
+++ /dev/null
@@ -1,78 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include client.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-#CC = cc
-
-
diff --git a/security/nss/cmd/SSLsample/make.server b/security/nss/cmd/SSLsample/make.server
deleted file mode 100644
index 7969df798..000000000
--- a/security/nss/cmd/SSLsample/make.server
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include server.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/SSLsample/nmakefile95.nss b/security/nss/cmd/SSLsample/nmakefile95.nss
deleted file mode 100755
index 5684478cd..000000000
--- a/security/nss/cmd/SSLsample/nmakefile95.nss
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# NSS 2.6.2 Sample Win95 Makefile
-#
-#
-# This nmake file will build server.c and client.c on Windows 95.
-#
-
-DEFINES=-D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS
-
-INCPATH=/I. /I..\include\dbm /I..\include\nspr /I..\include\security
-
-LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib
-
-CFLAGS=-O2 -MD -W3 -nologo
-
-CC=cl
-
-LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console
-
-server:
- $(CC) $(CFLAGS) $(INCPATH) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS)
-
-client:
- $(CC) $(CFLAGS) $(INCPATH) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS)
-
-clean:
- del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj
-
diff --git a/security/nss/cmd/SSLsample/nmakefilent.nss b/security/nss/cmd/SSLsample/nmakefilent.nss
deleted file mode 100755
index 9d2d1ccc4..000000000
--- a/security/nss/cmd/SSLsample/nmakefilent.nss
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# NSS 2.6.2 Sample NT Makefile
-#
-#
-# This nmake file will build server.c and client.c on Windows NT 4 SP3.
-#
-
-DEFINES=-D_X86_ -GT -DWINNT -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS
-INCPATH=-I. -I..\include\dbm -I..\include\nspr -I..\include\security
-
-LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib
-
-CFLAGS=-O2 -MD -W3 -nologo
-
-CC=cl
-
-LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console
-
-server:
- $(CC) $(CFLAGS) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS)
-
-client:
- $(CC) $(CFLAGS) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS)
-
-clean:
- del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj
-
diff --git a/security/nss/cmd/SSLsample/server.c b/security/nss/cmd/SSLsample/server.c
deleted file mode 100644
index 08c20a5a4..000000000
--- a/security/nss/cmd/SSLsample/server.c
+++ /dev/null
@@ -1,822 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- * SSL server program listens on a port, accepts client connection, reads *
- * request and responds to it *
- ****************************************************************************/
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-#include "sslsample.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#define REQUEST_CERT_ONCE 1
-#define REQUIRE_CERT_ONCE 2
-#define REQUEST_CERT_ALL 3
-#define REQUIRE_CERT_ALL 4
-
-/* Global variables */
-GlobalThreadMgr threadMGR;
-char *password = NULL;
-CERTCertificate *cert = NULL;
-SECKEYPrivateKey *privKey = NULL;
-int stopping;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
-
-"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n"
-" [-c ciphers] [-d dbdir] \n"
-"-3 means disable SSL v3\n"
-"-r means request certificate on first handshake.\n"
-"-f means require certificate on first handshake.\n"
-"-R means request certificate on all handshakes.\n"
-"-F means require certificate on all handshakes.\n"
-"-c ciphers Letter(s) chosen from the following list\n"
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n",
- progName);
- exit(1);
-}
-
-/* Function: readDataFromSocket()
- *
- * Purpose: Parse an HTTP request by reading data from a GET or POST.
- *
- */
-SECStatus
-readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName)
-{
- char *post;
- int numBytes = 0;
- int newln = 0; /* # of consecutive newlns */
-
- /* Read data while it comes in from the socket. */
- while (PR_TRUE) {
- buffer->index = 0;
- newln = 0;
-
- /* Read the buffer. */
- numBytes = PR_Read(sslSocket, &buffer->data[buffer->index],
- buffer->remaining);
- if (numBytes <= 0) {
- errWarn("PR_Read");
- return SECFailure;
- }
- buffer->dataEnd = buffer->dataStart + numBytes;
-
- /* Parse the input, starting at the beginning of the buffer.
- * Stop when we detect two consecutive \n's (or \r\n's)
- * as this signifies the end of the GET or POST portion.
- * The posted data follows.
- */
- while (buffer->index < buffer->dataEnd && newln < 2) {
- int octet = buffer->data[buffer->index++];
- if (octet == '\n') {
- newln++;
- } else if (octet != '\r') {
- newln = 0;
- }
- }
-
- /* Came to the end of the buffer, or second newline.
- * If we didn't get an empty line ("\r\n\r\n"), then keep on reading.
- */
- if (newln < 2)
- continue;
-
- /* we're at the end of the HTTP request.
- * If the request is a POST, then there will be one more
- * line of data.
- * This parsing is a hack, but ok for SSL test purposes.
- */
- post = PORT_Strstr(buffer->data, "POST ");
- if (!post || *post != 'P')
- break;
-
- /* It's a post, so look for the next and final CR/LF. */
- /* We should parse content length here, but ... */
- while (buffer->index < buffer->dataEnd && newln < 3) {
- int octet = buffer->data[buffer->index++];
- if (octet == '\n') {
- newln++;
- }
- }
-
- if (newln == 3)
- break;
- }
-
- /* Have either (a) a complete get, (b) a complete post, (c) EOF */
-
- /* Execute a "GET " operation. */
- if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) {
- int fnLength;
-
- /* File name is the part after "GET ". */
- fnLength = strcspn(buffer->data + 5, " \r\n");
- *fileName = (char *)PORT_Alloc(fnLength + 1);
- PORT_Strncpy(*fileName, buffer->data + 5, fnLength);
- (*fileName)[fnLength] = '\0';
- }
-
- return SECSuccess;
-}
-
-/* Function: authenticateSocket()
- *
- * Purpose: Configure a socket for SSL.
- *
- *
- */
-PRFileDesc *
-setupSSLSocket(PRFileDesc *tcpSocket, int requestCert)
-{
- PRFileDesc *sslSocket;
- SSLKEAType certKEA;
- int certErr = 0;
- SECStatus secStatus;
-
- /* Set the appropriate flags. */
-
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (sslSocket == NULL) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE,
- (requestCert >= REQUEST_CERT_ONCE));
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE,
- (requestCert == REQUIRE_CERT_ONCE));
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
- goto loser;
- }
-
- /* Set the appropriate callback routines. */
-
- secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate,
- CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, &certErr);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- certKEA = NSS_FindCertKEAType(cert);
-
- secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ConfigSecureServer");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-/* Function: authenticateSocket()
- *
- * Purpose: Perform client authentication on the socket.
- *
- */
-SECStatus
-authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert)
-{
- CERTCertificate *cert;
- SECStatus secStatus;
-
- /* Returns NULL if client authentication is not enabled or if the
- * client had no certificate. */
- cert = SSL_PeerCertificate(sslSocket);
- if (cert) {
- /* Client had a certificate, so authentication is through. */
- CERT_DestroyCertificate(cert);
- return SECSuccess;
- }
-
- /* Request client to authenticate itself. */
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
- return SECFailure;
- }
-
- /* If desired, require client to authenticate itself. Note
- * SSL_REQUEST_CERTIFICATE must also be on, as above. */
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
- return SECFailure;
- }
-
- /* Having changed socket configuration parameters, redo handshake. */
- secStatus = SSL_ReHandshake(sslSocket, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ReHandshake");
- return SECFailure;
- }
-
- /* Force the handshake to complete before moving on. */
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* Function: writeDataToSocket
- *
- * Purpose: Write the client's request back to the socket. If the client
- * requested a file, dump it to the socket.
- *
- */
-SECStatus
-writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName)
-{
- int headerLength;
- int numBytes;
- char messageBuffer[120];
- PRFileDesc *local_file_fd = NULL;
- char header[] = "<html><body><h1>Sample SSL server</h1><br><br>";
- char filehd[] = "<h2>The file you requested:</h2><br>";
- char reqhd[] = "<h2>This is your request:</h2><br>";
- char link[] = "Try getting a <a HREF=\"../testfile\">file</a><br>";
- char footer[] = "<br><h2>End of request.</h2><br></body></html>";
-
- headerLength = PORT_Strlen(defaultHeader);
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, header, PORT_Strlen(header));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- if (fileName) {
- PRFileInfo info;
- PRStatus prStatus;
-
- /* Try to open the local file named.
- * If successful, then write it to the client.
- */
- prStatus = PR_GetFileInfo(fileName, &info);
- if (prStatus != PR_SUCCESS ||
- info.type != PR_FILE_FILE ||
- info.size < 0) {
- PORT_Free(fileName);
- /* Maybe a GET not sent from client.c? */
- goto writerequest;
- }
-
- local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
- if (local_file_fd == NULL) {
- PORT_Free(fileName);
- goto writerequest;
- }
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Transmit the local file prepended by the default header
- * across the socket.
- */
- numBytes = PR_TransmitFile(sslSocket, local_file_fd,
- defaultHeader, headerLength,
- PR_TRANSMITFILE_KEEP_OPEN,
- PR_INTERVAL_NO_TIMEOUT);
-
- /* Error in transmission. */
- if (numBytes < 0) {
- errWarn("PR_TransmitFile");
- /*
- i = PORT_Strlen(errString);
- PORT_Memcpy(buf, errString, i);
- */
- /* Transmitted bytes successfully. */
- } else {
- numBytes -= headerLength;
- fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n",
- numBytes, fileName);
- }
-
- PORT_Free(fileName);
- PR_Close(local_file_fd);
- }
-
-writerequest:
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Write the buffer data to the socket. */
- if (buffer->index <= 0) {
- /* Reached the EOF. Report incomplete transaction to socket. */
- PORT_Sprintf(messageBuffer,
- "GET or POST incomplete after %d bytes.\r\n",
- buffer->dataEnd);
- numBytes = PR_Write(sslSocket, messageBuffer,
- PORT_Strlen(messageBuffer));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- } else {
- /* Display the buffer data. */
- fwrite(buffer->data, 1, buffer->index, stdout);
- /* Write the buffer data to the socket. */
- numBytes = PR_Write(sslSocket, buffer->data, buffer->index);
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- /* Display security information for the socket. */
- printSecurityInfo(sslSocket);
- /* Write any discarded data out to the socket. */
- if (buffer->index < buffer->dataEnd) {
- PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n",
- buffer->dataEnd - buffer->index);
- numBytes = PR_Write(sslSocket, buffer->data,
- PORT_Strlen(buffer->data));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- }
- }
-
- /* Write a footer to the socket. */
- numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Write a link to the socket. */
- numBytes = PR_Write(sslSocket, link, PORT_Strlen(link));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Complete the HTTP transaction. */
- numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9);
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Do a nice shutdown if asked. */
- if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
- stopping = 1;
- }
- return SECSuccess;
-
-loser:
-
- /* Do a nice shutdown if asked. */
- if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
- stopping = 1;
- }
- return SECFailure;
-}
-
-/* Function: int handle_connection()
- *
- * Purpose: Thread to handle a connection to a socket.
- *
- */
-SECStatus
-handle_connection(void *tcp_sock, int requestCert)
-{
- PRFileDesc * tcpSocket = (PRFileDesc *)tcp_sock;
- PRFileDesc * sslSocket = NULL;
- SECStatus secStatus = SECFailure;
- PRStatus prStatus;
- PRSocketOptionData socketOption;
- DataBuffer buffer;
- char * fileName = NULL;
-
- /* Initialize the data buffer. */
- memset(buffer.data, 0, BUFFER_SIZE);
- buffer.remaining = BUFFER_SIZE;
- buffer.index = 0;
- buffer.dataStart = 0;
- buffer.dataEnd = 0;
-
- /* Make sure the socket is blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcpSocket, &socketOption);
-
- sslSocket = setupSSLSocket(tcpSocket, requestCert);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- goto cleanup;
- }
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
-
- /* Read data from the socket, parse it for HTTP content.
- * If the user is requesting/requiring authentication, authenticate
- * the socket. Then write the result back to the socket. */
- fprintf(stdout, "\nReading data from socket...\n\n");
- secStatus = readDataFromSocket(sslSocket, &buffer, &fileName);
- if (secStatus != SECSuccess) {
- goto cleanup;
- }
- if (requestCert >= REQUEST_CERT_ALL) {
- fprintf(stdout, "\nAuthentication requested.\n\n");
- secStatus = authenticateSocket(sslSocket,
- (requestCert == REQUIRE_CERT_ALL));
- if (secStatus != SECSuccess) {
- goto cleanup;
- }
- }
-
- fprintf(stdout, "\nWriting data to socket...\n\n");
- secStatus = writeDataToSocket(sslSocket, &buffer, fileName);
-
-cleanup:
-
- /* Close down the socket. */
- prStatus = PR_Close(tcpSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
-
- return secStatus;
-}
-
-/* Function: int accept_connection()
- *
- * Purpose: Thread to accept a connection to the socket.
- *
- */
-SECStatus
-accept_connection(void *listener, int requestCert)
-{
- PRFileDesc *listenSocket = (PRFileDesc*)listener;
- PRNetAddr addr;
- PRStatus prStatus;
-
- /* XXX need an SSL socket here? */
- while (!stopping) {
- PRFileDesc *tcpSocket;
- SECStatus result;
-
- fprintf(stderr, "\n\n\nAbout to call accept.\n");
-
- /* Accept a connection to the socket. */
- tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (tcpSocket == NULL) {
- errWarn("PR_Accept");
- break;
- }
-
- /* Accepted the connection, now handle it. */
- result = launch_thread(&threadMGR, handle_connection,
- tcpSocket, requestCert);
-
- if (result != SECSuccess) {
- prStatus = PR_Close(tcpSocket);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Close");
- }
- break;
- }
- }
-
- fprintf(stderr, "Closing listen socket.\n");
-
- prStatus = PR_Close(listenSocket);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Close");
- }
- return SECSuccess;
-}
-
-/* Function: void server_main()
- *
- * Purpose: This is the server's main function. It configures a socket
- * and listens to it.
- *
- */
-void
-server_main(
- unsigned short port,
- int requestCert,
- SECKEYPrivateKey * privKey,
- CERTCertificate * cert,
- PRBool disableSSL3)
-{
- SECStatus secStatus;
- PRStatus prStatus;
- PRFileDesc * listenSocket;
- PRNetAddr addr;
- PRSocketOptionData socketOption;
-
- /* Create a new socket. */
- listenSocket = PR_NewTCPSocket();
- if (listenSocket == NULL) {
- exitErr("PR_NewTCPSocket");
- }
-
- /* Set socket to be blocking -
- * on some platforms the default is nonblocking.
- */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(listenSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_SetSocketOption");
- }
-
- /* This cipher is not on by default. The Acceptance test
- * would like it to be. Turn this cipher on.
- */
- secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
- if (secStatus != SECSuccess) {
- exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
- }
-
- /* Configure the network connection. */
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
-
- /* Bind the address to the listener socket. */
- prStatus = PR_Bind(listenSocket, &addr);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Bind");
- }
-
- /* Listen for connection on the socket. The second argument is
- * the maximum size of the queue for pending connections.
- */
- prStatus = PR_Listen(listenSocket, 5);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Listen");
- }
-
- /* Launch thread to handle connections to the socket. */
- secStatus = launch_thread(&threadMGR, accept_connection,
- listenSocket, requestCert);
- if (secStatus != SECSuccess) {
- PR_Close(listenSocket);
- } else {
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
- }
-}
-
-/* Function: int main()
- *
- * Purpose: Parses command arguments and configures SSL server.
- *
- */
-int
-main(int argc, char **argv)
-{
- char * progName = NULL;
- char * nickName = NULL;
- char * cipherString = NULL;
- char * dir = ".";
- int requestCert = 0;
- unsigned short port = 0;
- SECStatus secStatus;
- PRBool disableSSL3 = PR_FALSE;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Zero out the thread manager. */
- PORT_Memset(&threadMGR, 0, sizeof(threadMGR));
-
- progName = PL_strdup(argv[0]);
-
- optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case '3': disableSSL3 = PR_TRUE; break;
- case 'F': requestCert = REQUIRE_CERT_ALL; break;
- case 'R': requestCert = REQUEST_CERT_ALL; break;
- case 'c': cipherString = PL_strdup(optstate->value); break;
- case 'd': dir = PL_strdup(optstate->value); break;
- case 'f': requestCert = REQUIRE_CERT_ONCE; break;
- case 'n': nickName = PL_strdup(optstate->value); break;
- case 'p': port = PORT_Atoi(optstate->value); break;
- case 'r': requestCert = REQUEST_CERT_ONCE; break;
- case 'w': password = PL_strdup(optstate->value); break;
- default:
- case '?': Usage(progName);
- }
- }
-
- if (nickName == NULL || port == 0)
- Usage(progName);
-
- /* Call the NSPR initialization routines. */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* Set the cert database password callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize NSS. */
- secStatus = NSS_Init(dir);
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* Set the policy for this server (REQUIRED - no default). */
- secStatus = NSS_SetDomesticPolicy();
- if (secStatus != SECSuccess) {
- exitErr("NSS_SetDomesticPolicy");
- }
-
- /* XXX keep this? */
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- if (status != SECSuccess)
- errWarn("SSL_CipherPrefSetDefault()");
- }
- }
- }
-
- /* Get own certificate and private key. */
- cert = PK11_FindCertFromNickname(nickName, password);
- if (cert == NULL) {
- exitErr("PK11_FindCertFromNickname");
- }
-
- privKey = PK11_FindKeyByAnyCert(cert, password);
- if (privKey == NULL) {
- exitErr("PK11_FindKeyByAnyCert");
- }
-
- /* Configure the server's cache for a multi-process application
- * using default timeout values (24 hrs) and directory location (/tmp).
- */
- SSL_ConfigMPServerSIDCache(256, 0, 0, NULL);
-
- /* Launch server. */
- server_main(port, requestCert, privKey, cert, disableSSL3);
-
- /* Shutdown NSS and exit NSPR gracefully. */
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
-}
diff --git a/security/nss/cmd/SSLsample/server.mn b/security/nss/cmd/SSLsample/server.mn
deleted file mode 100644
index 3ce1181d9..000000000
--- a/security/nss/cmd/SSLsample/server.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = server.c \
- sslsample.c \
- $(NULL)
-
-PROGRAM = server
-
-REQUIRES = dbm
-
-DEFINES = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/sslerror.h b/security/nss/cmd/SSLsample/sslerror.h
deleted file mode 100644
index 8ad908569..000000000
--- a/security/nss/cmd/SSLsample/sslerror.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "nspr.h"
-
-struct tuple_str {
- PRErrorCode errNum;
- const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b) {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SSL_Strerror(PRErrorCode errNum) {
- PRInt32 low = 0;
- PRInt32 high = numStrings - 1;
- PRInt32 i;
- PRErrorCode num;
- static int initDone;
-
- /* make sure table is in ascending order.
- * binary search depends on it.
- */
- if (!initDone) {
- PRErrorCode lastNum = (PRInt32)0x80000000;
- for (i = low; i <= high; ++i) {
- num = errStrings[i].errNum;
- if (num <= lastNum) {
- fprintf(stderr,
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
- i, lastNum, errStrings[i-1].errString,
- num, errStrings[i].errString);
- }
- lastNum = num;
- }
- initDone = 1;
- }
-
- /* Do binary search of table. */
- while (low + 1 < high) {
- i = (low + high) / 2;
- num = errStrings[i].errNum;
- if (errNum == num)
- return errStrings[i].errString;
- if (errNum < num)
- high = i;
- else
- low = i;
- }
- if (errNum == errStrings[low].errNum)
- return errStrings[low].errString;
- if (errNum == errStrings[high].errNum)
- return errStrings[high].errString;
- return NULL;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c
deleted file mode 100644
index 5a25b940d..000000000
--- a/security/nss/cmd/SSLsample/sslsample.c
+++ /dev/null
@@ -1,591 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sslsample.h"
-#include "sslerror.h"
-
-/* Declare SSL cipher suites. */
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- 0
-};
-
-/**************************************************************************
-**
-** SSL callback routines.
-**
-**************************************************************************/
-
-/* Function: char * myPasswd()
- *
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PORT_Strdup((char *)arg);
- }
-
- return passwd;
-}
-
-/* Function: SECStatus myAuthCertificate()
- *
- * Purpose: This function is our custom certificate authentication handler.
- *
- * Note: This implementation is essentially the same as the default
- * SSL_AuthCertificate().
- */
-SECStatus
-myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer)
-{
-
- SECCertUsage certUsage;
- CERTCertificate * cert;
- void * pinArg;
- char * hostName;
- SECStatus secStatus;
-
- if (!arg || !socket) {
- errWarn("myAuthCertificate");
- return SECFailure;
- }
-
- /* Define how the cert is being used based upon the isServer flag. */
-
- certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
- cert = SSL_PeerCertificate(socket);
-
- pinArg = SSL_RevealPinArg(socket);
-
- secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg,
- cert,
- checksig,
- certUsage,
- pinArg);
-
- /* If this is a server, we're finished. */
- if (isServer || secStatus != SECSuccess) {
- CERT_DestroyCertificate(cert);
- return secStatus;
- }
-
- /* Certificate is OK. Since this is the client side of an SSL
- * connection, we need to verify that the name field in the cert
- * matches the desired hostname. This is our defense against
- * man-in-the-middle attacks.
- */
-
- /* SSL_RevealURL returns a hostName, not an URL. */
- hostName = SSL_RevealURL(socket);
-
- if (hostName && hostName[0]) {
- secStatus = CERT_VerifyCertName(cert, hostName);
- } else {
- PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0);
- secStatus = SECFailure;
- }
-
- if (hostName)
- PR_Free(hostName);
-
- CERT_DestroyCertificate(cert);
- return secStatus;
-}
-
-/* Function: SECStatus myBadCertHandler()
- *
- * Purpose: This callback is called when the incoming certificate is not
- * valid. We define a certain set of parameters that still cause the
- * certificate to be "valid" for this session, and return SECSuccess to cause
- * the server to continue processing the request when any of these conditions
- * are met. Otherwise, SECFailure is return and the server rejects the
- * request.
- */
-SECStatus
-myBadCertHandler(void *arg, PRFileDesc *socket)
-{
-
- SECStatus secStatus = SECFailure;
- PRErrorCode err;
-
- /* log invalid cert here */
-
- if (!arg) {
- return secStatus;
- }
-
- *(PRErrorCode *)arg = err = PORT_GetError();
-
- /* If any of the cases in the switch are met, then we will proceed */
- /* with the processing of the request anyway. Otherwise, the default */
- /* case will be reached and we will reject the request. */
-
- switch (err) {
- case SEC_ERROR_INVALID_AVA:
- case SEC_ERROR_INVALID_TIME:
- case SEC_ERROR_BAD_SIGNATURE:
- case SEC_ERROR_EXPIRED_CERTIFICATE:
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_CERT:
- case SEC_ERROR_CERT_VALID:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- case SEC_ERROR_CRL_EXPIRED:
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- case SEC_ERROR_EXTENSION_VALUE_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_CERT_USAGES_INVALID:
- case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
- secStatus = SECSuccess;
- break;
- default:
- secStatus = SECFailure;
- break;
- }
-
- printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err));
-
- return secStatus;
-}
-
-/* Function: SECStatus ownGetClientAuthData()
- *
- * Purpose: This callback is used by SSL to pull client certificate
- * information upon server request.
- */
-SECStatus
-myGetClientAuthData(void *arg,
- PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
-
- CERTCertificate * cert;
- SECKEYPrivateKey * privKey;
- char * chosenNickName = (char *)arg;
- void * proto_win = NULL;
- SECStatus secStatus = SECFailure;
-
- proto_win = SSL_RevealPinArg(socket);
-
- if (chosenNickName) {
- cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
- if (cert) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- secStatus = SECSuccess;
- } else {
- CERT_DestroyCertificate(cert);
- }
- }
- } else { /* no nickname given, automatically find the right cert */
- CERTCertNicknames *names;
- int i;
-
- names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
-
- if (names != NULL) {
- for(i = 0; i < names->numnicknames; i++ ) {
-
- cert = PK11_FindCertFromNickname(names->nicknames[i],
- proto_win);
- if (!cert) {
- continue;
- }
-
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE)
- != secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
-
- secStatus = NSS_CmpCertChainWCANames(cert, caNames);
- if (secStatus == SECSuccess) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- break;
- }
- secStatus = SECFailure;
- break;
- }
- CERT_FreeNicknames(names);
- } /* for loop */
- }
- }
-
- if (secStatus == SECSuccess) {
- *pRetCert = cert;
- *pRetKey = privKey;
- }
-
- return secStatus;
-}
-
-/* Function: SECStatus myHandshakeCallback()
- *
- * Purpose: Called by SSL to inform application that the handshake is
- * complete. This function is mostly used on the server side of an SSL
- * connection, although it is provided for a client as well.
- * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake
- * is used to initiate a handshake.
- *
- * A typical scenario would be:
- *
- * 1. Server accepts an SSL connection from the client without client auth.
- * 2. Client sends a request.
- * 3. Server determines that to service request it needs to authenticate the
- * client and initiates another handshake requesting client auth.
- * 4. While handshake is in progress, server can do other work or spin waiting
- * for the handshake to complete.
- * 5. Server is notified that handshake has been successfully completed by
- * the custom handshake callback function and it can service the client's
- * request.
- *
- * Note: This function is not implemented in this sample, as we are using
- * blocking sockets.
- */
-SECStatus
-myHandshakeCallback(PRFileDesc *socket, void *arg)
-{
- printf("Handshake has completed, ready to send data securely.\n");
- return SECSuccess;
-}
-
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-/**************************************************************************
-**
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
- PRErrorCode errorNumber = PR_GetError();
- const char * errorString = SSL_Strerror(errorNumber);
-
- printf("Error in function %s: %d\n - %s\n",
- function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
- errWarn(function);
- /* Exit gracefully. */
- /* ignoring return value of NSS_Shutdown as code exits with 1*/
- (void) NSS_Shutdown();
- PR_Cleanup();
- exit(1);
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- char * cp; /* bulk cipher name */
- char * ip; /* cert issuer DN */
- char * sp; /* cert subject DN */
- int op; /* High, Low, Off */
- int kp0; /* total key bits */
- int kp1; /* secret key bits */
- int result;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
-
- result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp);
- if (result != SECSuccess)
- return;
- printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n"
- "subject DN: %s\n"
- "issuer DN: %s\n", cp, kp1, kp0, op, sp, ip);
- PR_Free(cp);
- PR_Free(ip);
- PR_Free(sp);
-
- printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
- ssl3stats->hch_sid_cache_not_ok);
-
-}
-
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-void
-thread_wrapper(void * arg)
-{
- GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg;
- perThread *slot = &threadMGR->threads[threadMGR->index];
-
- /* wait for parent to finish launching us before proceeding. */
- PR_Lock(threadMGR->threadLock);
- PR_Unlock(threadMGR->threadLock);
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b);
-
- PR_Lock(threadMGR->threadLock);
- slot->running = rs_zombie;
-
- /* notify the thread exit handler. */
- PR_NotifyCondVar(threadMGR->threadEndQ);
-
- PR_Unlock(threadMGR->threadLock);
-}
-
-SECStatus
-launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc,
- void *a,
- int b)
-{
- perThread *slot;
- int i;
-
- if (!threadMGR->threadStartQ) {
- threadMGR->threadLock = PR_NewLock();
- threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock);
- threadMGR->threadEndQ = PR_NewCondVar(threadMGR->threadLock);
- }
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning >= MAX_THREADS) {
- PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_idle)
- break;
- }
- if (i >= threadMGR->numUsed) {
- if (i >= MAX_THREADS) {
- /* something's really wrong here. */
- PORT_Assert(i < MAX_THREADS);
- PR_Unlock(threadMGR->threadLock);
- return SECFailure;
- }
- ++(threadMGR->numUsed);
- PORT_Assert(threadMGR->numUsed == i + 1);
- slot = &threadMGR->threads[i];
- }
-
- slot->a = a;
- slot->b = b;
- slot->startFunc = startFunc;
-
- threadMGR->index = i;
-
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, threadMGR,
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
- PR_JOINABLE_THREAD, 0);
-
- if (slot->prThread == NULL) {
- PR_Unlock(threadMGR->threadLock);
- printf("Failed to launch thread!\n");
- return SECFailure;
- }
-
- slot->inUse = 1;
- slot->running = 1;
- ++(threadMGR->numRunning);
- PR_Unlock(threadMGR->threadLock);
- printf("Launched thread in slot %d \n", threadMGR->index);
-
- return SECSuccess;
-}
-
-SECStatus
-reap_threads(GlobalThreadMgr *threadMGR)
-{
- perThread * slot;
- int i;
-
- if (!threadMGR->threadLock)
- return 0;
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning > 0) {
- PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT);
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_zombie) {
- /* Handle cleanup of thread here. */
- printf("Thread in slot %d returned %d\n", i, slot->rv);
-
- /* Now make sure the thread has ended OK. */
- PR_JoinThread(slot->prThread);
- slot->running = rs_idle;
- --threadMGR->numRunning;
-
- /* notify the thread launcher. */
- PR_NotifyCondVar(threadMGR->threadStartQ);
- }
- }
- }
-
- /* Safety Sam sez: make sure count is right. */
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running != rs_idle) {
- fprintf(stderr, "Thread in slot %d is in state %d!\n",
- i, slot->running);
- }
- }
- PR_Unlock(threadMGR->threadLock);
- return 0;
-}
-
-void
-destroy_thread_data(GlobalThreadMgr *threadMGR)
-{
- PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads));
-
- if (threadMGR->threadEndQ) {
- PR_DestroyCondVar(threadMGR->threadEndQ);
- threadMGR->threadEndQ = NULL;
- }
- if (threadMGR->threadStartQ) {
- PR_DestroyCondVar(threadMGR->threadStartQ);
- threadMGR->threadStartQ = NULL;
- }
- if (threadMGR->threadLock) {
- PR_DestroyLock(threadMGR->threadLock);
- threadMGR->threadLock = NULL;
- }
-}
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PR_NewLock();
- lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PR_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PR_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PR_Lock(lv->lock);
- while (lv->count > 0) {
- PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PR_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PR_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PR_NotifyCondVar(lv->condVar);
- }
- PR_Unlock(lv->lock);
- return rv;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.h b/security/nss/cmd/SSLsample/sslsample.h
deleted file mode 100644
index ca6b6a489..000000000
--- a/security/nss/cmd/SSLsample/sslsample.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SSLSAMPLE_H
-#define SSLSAMPLE_H
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-/*
-#include "sslerror.h"
-*/
-
-#define BUFFER_SIZE 10240
-
-/* Declare SSL cipher suites. */
-
-extern int cipherSuites[];
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-/* Data buffer read from a socket. */
-typedef struct DataBufferStr {
- char data[BUFFER_SIZE];
- int index;
- int remaining;
- int dataStart;
- int dataEnd;
-} DataBuffer;
-
-/* SSL callback routines. */
-
-char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg);
-
-SECStatus myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer);
-
-SECStatus myBadCertHandler(void *arg, PRFileDesc *socket);
-
-SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg);
-
-SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* Disable all v2/v3 SSL ciphers. */
-
-void disableAllSSLCiphers(void);
-
-
-/* Error and information utilities. */
-
-void errWarn(char *function);
-
-void exitErr(char *function);
-
-void printSecurityInfo(PRFileDesc *fd);
-
-/* Some simple thread management routines. */
-
-#define MAX_THREADS 32
-
-typedef SECStatus startFn(void *a, int b);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- PRFileDesc *a;
- int b;
- int rv;
- startFn *startFunc;
- PRThread *prThread;
- PRBool inUse;
- runState running;
-} perThread;
-
-typedef struct GlobalThreadMgrStr {
- PRLock *threadLock;
- PRCondVar *threadStartQ;
- PRCondVar *threadEndQ;
- perThread threads[MAX_THREADS];
- int index;
- int numUsed;
- int numRunning;
-} GlobalThreadMgr;
-
-void thread_wrapper(void * arg);
-
-SECStatus launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc, void *a, int b);
-
-SECStatus reap_threads(GlobalThreadMgr *threadMGR);
-
-void destroy_thread_data(GlobalThreadMgr *threadMGR);
-
-/* Management of locked variables. */
-
-struct lockedVarsStr {
- PRLock * lock;
- int count;
- int waiters;
- PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void lockedVars_Init(lockedVars *lv);
-
-void lockedVars_Destroy(lockedVars *lv);
-
-void lockedVars_WaitForDone(lockedVars *lv);
-
-int lockedVars_AddToCount(lockedVars *lv, int addend);
-
-/* Buffer stuff. */
-
-static const char stopCmd[] = { "GET /stop " };
-static const char defaultHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: SSL sample server\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-#endif
diff --git a/security/nss/cmd/addbuiltin/Makefile b/security/nss/cmd/addbuiltin/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/addbuiltin/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/addbuiltin/addbuiltin.c b/security/nss/cmd/addbuiltin/addbuiltin.c
deleted file mode 100644
index 86161c94a..000000000
--- a/security/nss/cmd/addbuiltin/addbuiltin.c
+++ /dev/null
@@ -1,357 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Tool for converting builtin CA certs.
- *
- * $Id$
- */
-
-#include "nss.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-void dumpbytes(unsigned char *buf, int len)
-{
- int i;
- for (i=0; i < len; i++) {
- if ((i !=0) && ((i & 0xf) == 0)) {
- printf("\n");
- }
- printf("\\%03o",buf[i]);
- }
- printf("\n");
-}
-
-char *getTrustString(unsigned int trust)
-{
- if (trust & CERTDB_TRUSTED) {
- if (trust & CERTDB_TRUSTED_CA) {
- return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED";
- } else {
- return "CKT_NETSCAPE_TRUSTED";
- }
- } else {
- if (trust & CERTDB_TRUSTED_CA) {
- return "CKT_NETSCAPE_TRUSTED_DELEGATOR";
- } else {
- return "CKT_NETSCAPE_VALID";
- }
- }
- return "CKT_NETSCAPE_VALID"; /* not reached */
-}
-
-static const SEC_ASN1Template serialTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(CERTCertificate,serialNumber) },
- { 0 }
-};
-
-static SECStatus
-ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
-{
- SECStatus rv = SECSuccess;
- CERTCertificate *cert;
- unsigned char sha1_hash[SHA1_LENGTH];
- unsigned char md5_hash[MD5_LENGTH];
- SECItem *serial = NULL;
-
- cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname);
- if (!cert) {
- return SECFailure;
- }
- serial = SEC_ASN1EncodeItem(NULL,NULL,cert,serialTemplate);
- if (!serial) {
- return SECFailure;
- }
-
- printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
- printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
- printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
- printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
- printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
- printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
- printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
- printf("CKA_SUBJECT MULTILINE_OCTAL\n");
- dumpbytes(cert->derSubject.data,cert->derSubject.len);
- printf("END\n");
- printf("CKA_ID UTF8 \"0\"\n");
- printf("CKA_ISSUER MULTILINE_OCTAL\n");
- dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
- printf("END\n");
- printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
- dumpbytes(serial->data,serial->len);
- printf("END\n");
- printf("CKA_VALUE MULTILINE_OCTAL\n");
- dumpbytes(sdder->data,sdder->len);
- printf("END\n");
-
- PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
- PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
- printf("\n# Trust for Certificate \"%s\"\n",nickname);
- printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n");
- printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
- printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
- printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
- printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
- printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
- dumpbytes(sha1_hash,SHA1_LENGTH);
- printf("END\n");
- printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
- dumpbytes(md5_hash,MD5_LENGTH);
- printf("END\n");
-
- printf("CKA_ISSUER MULTILINE_OCTAL\n");
- dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
- printf("END\n");
- printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
- dumpbytes(serial->data,serial->len);
- printf("END\n");
-
- printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n",
- getTrustString(trust->sslFlags));
- printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n",
- getTrustString(trust->emailFlags));
- printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n",
- getTrustString(trust->objectSigningFlags));
-#ifdef notdef
- printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/
- printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-#endif
-
-
- PORT_Free(sdder->data);
- return(rv);
-
-}
-
-printheader() {
- printf("# \n"
- "# The contents of this file are subject to the Mozilla Public\n"
- "# License Version 1.1 (the \"License\"); you may not use this file\n"
- "# except in compliance with the License. You may obtain a copy of\n"
- "# the License at http://www.mozilla.org/MPL/\n"
- "# \n"
- "# Software distributed under the License is distributed on an \"AS\n"
- "# IS\" basis, WITHOUT WARRANTY OF ANY KIND, either express or\n"
- "# implied. See the License for the specific language governing\n"
- "# rights and limitations under the License.\n"
- "# \n"
- "# The Original Code is the Netscape security libraries.\n"
- "# \n"
- "# The Initial Developer of the Original Code is Netscape\n"
- "# Communications Corporation. Portions created by Netscape are \n"
- "# Copyright (C) 1994-2000 Netscape Communications Corporation. All\n"
- "# Rights Reserved.\n"
- "# \n"
- "# Contributor(s):\n"
- "# \n"
- "# Alternatively, the contents of this file may be used under the\n"
- "# terms of the GNU General Public License Version 2 or later (the\n"
- "# \"GPL\"), in which case the provisions of the GPL are applicable \n"
- "# instead of those above. If you wish to allow use of your \n"
- "# version of this file only under the terms of the GPL and not to\n"
- "# allow others to use your version of this file under the MPL,\n"
- "# indicate your decision by deleting the provisions above and\n"
- "# replace them with the notice and other provisions required by\n"
- "# the GPL. If you do not delete the provisions above, a recipient\n"
- "# may use your version of this file under either the MPL or the\n"
- "# GPL.\n"
- "#\n"
- "CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$ $Name$\"\n"
- "\n"
- "#\n"
- "# certdata.txt\n"
- "#\n"
- "# This file contains the object definitions for the certs and other\n"
- "# information \"built into\" NSS.\n"
- "#\n"
- "# Object definitions:\n"
- "#\n"
- "# Certificates\n"
- "#\n"
- "# -- Attribute -- -- type -- -- value --\n"
- "# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n"
- "# CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "# CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "# CKA_LABEL UTF8 (varies)\n"
- "# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n"
- "# CKA_SUBJECT DER+base64 (varies)\n"
- "# CKA_ID byte array (varies)\n"
- "# CKA_ISSUER DER+base64 (varies)\n"
- "# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
- "# CKA_VALUE DER+base64 (varies)\n"
- "# CKA_NETSCAPE_EMAIL ASCII7 (unused here)\n"
- "#\n"
- "# Trust\n"
- "#\n"
- "# -- Attribute -- -- type -- -- value --\n"
- "# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST\n"
- "# CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "# CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "# CKA_LABEL UTF8 (varies)\n"
- "# CKA_ISSUER DER+base64 (varies)\n"
- "# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
- "# CKA_CERT_HASH binary+base64 (varies)\n"
- "# CKA_EXPIRES CK_DATE (not used here)\n"
- "# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)\n"
- "# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)\n"
- "# CKA_TRUST_CRL_SIGN CK_TRUST (varies)\n"
- "# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)\n"
- "# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)\n"
- "# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)\n"
- "# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_USER CK_TRUST (varies)\n"
- "# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)\n"
- "# (other trust attributes can be defined)\n"
- "#\n"
- "\n"
- "#\n"
- "# The object to tell NSS that this is a root list and we don't\n"
- "# have to go looking for others.\n"
- "#\n"
- "BEGINDATA\n"
- "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n"
- "CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n");
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr, "%s -n nickname -t trust\n", progName);
- fprintf(stderr,
- "read a der-encoded cert from stdin in, and output\n"
- "it to stdout in a format suitable for the builtin root module.\n"
- "example: %s -n MyCA -t \"C,C,C\" < myca.der >> certdata.txt\n"
- "(pipe through atob if the cert is b64-encoded)\n");
- fprintf(stderr, "%15s nickname to assign to builtin cert.\n",
- "-n nickname");
- fprintf(stderr, "%15s default trust flags (cCTpPuw).\n",
- "-t trust");
- exit(-1);
-}
-
-enum {
- opt_Input = 0,
- opt_Nickname,
- opt_Trust
-};
-
-static secuCommandFlag addbuiltin_options[] =
-{
- { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }
-};
-
-main(int argc, char **argv)
-{
- SECStatus rv;
- char *nickname;
- char *trusts;
- char *progName;
- PRFileDesc *infile;
- CERTCertTrust trust = { 0 };
- SECItem derCert = { 0 };
-
- secuCommand addbuiltin = { 0 };
- addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
- addbuiltin.options = addbuiltin_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (!addbuiltin.options[opt_Nickname].activated &&
- !addbuiltin.options[opt_Trust].activated) {
- fprintf(stderr, "%s: you must specify both a nickname and trust.\n");
- Usage(progName);
- }
-
- if (addbuiltin.options[opt_Input].activated) {
- infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
- if (!infile) {
- fprintf(stderr, "%s: failed to open input file.\n");
- exit(1);
- }
- } else {
- infile = PR_STDIN;
- }
-
- nickname = strdup(addbuiltin.options[opt_Nickname].arg);
- trusts = strdup(addbuiltin.options[opt_Trust].arg);
-
- NSS_NoDB_Init(NULL);
-
- rv = CERT_DecodeTrustString(&trust, trusts);
- if (rv) {
- fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
- Usage(progName);
- }
-
- SECU_FileToItem(&derCert, infile);
-
- /*printheader();*/
-
- rv = ConvertCertificate(&derCert, nickname, &trust);
- if (rv) {
- fprintf(stderr, "%s: failed to convert certificate.\n", progName);
- exit(1);
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return(SECSuccess);
-}
diff --git a/security/nss/cmd/addbuiltin/manifest.mn b/security/nss/cmd/addbuiltin/manifest.mn
deleted file mode 100644
index b800ed92a..000000000
--- a/security/nss/cmd/addbuiltin/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- addbuiltin.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = addbuiltin
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/atob/Makefile b/security/nss/cmd/atob/Makefile
deleted file mode 100644
index ff6f06e7e..000000000
--- a/security/nss/cmd/atob/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/atob/atob.c b/security/nss/cmd/atob/atob.c
deleted file mode 100644
index 8d632b6bf..000000000
--- a/security/nss/cmd/atob/atob.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32
-output_binary (void *arg, const unsigned char *obuf, PRInt32 size)
-{
- FILE *outFile = arg;
- int nb;
-
- nb = fwrite(obuf, 1, size, outFile);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return nb;
-}
-
-static SECStatus
-decode_file(FILE *outFile, FILE *inFile)
-{
- NSSBase64Decoder *cx;
- int nb;
- SECStatus status = SECFailure;
- char ibuf[4096];
-
- cx = NSSBase64Decoder_Create(output_binary, outFile);
- if (!cx) {
- return -1;
- }
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
- /* eof */
- break;
- }
- }
-
- status = NSSBase64Decoder_Update(cx, ibuf, nb);
- if (status != SECSuccess) goto loser;
- }
-
- return NSSBase64Decoder_Destroy(cx, PR_FALSE);
-
- loser:
- (void) NSSBase64Decoder_Destroy(cx, PR_TRUE);
- return status;
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- SECStatus rv;
- FILE *inFile, *outFile;
- PLOptState *optstate;
- PLOptStatus status;
-
- inFile = 0;
- outFile = 0;
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
- if (!inFile) inFile = stdin;
- if (!outFile) {
-#if defined(WIN32)
- int smrv = _setmode(_fileno(stdout), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
- progName);
- return smrv;
- }
-#endif
- outFile = stdout;
- }
- rv = decode_file(outFile, inFile);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
- progName, PORT_GetError(), errno);
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/atob/makefile.win b/security/nss/cmd/atob/makefile.win
deleted file mode 100644
index ecccc7bf3..000000000
--- a/security/nss/cmd/atob/makefile.win
+++ /dev/null
@@ -1,155 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = atob
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib # brpref32.lib # cert32.lib
-# crypto32.lib # dllcom.lib # editor32.lib
-# edpref32.lib # edtplug.lib # font.lib
-# hash32.lib # htmldg32.lib # img32.lib
-# javart32.lib # jbn3240.lib # jdb3240.lib
-# jmc.lib # jpeg3240.lib # jpw3240.lib
-# jrt3240.lib # js3240.lib # jsd3240.lib
-# key32.lib # libapplet32.lib # libnjs32.lib
-# libnsc32.lib # libreg32.lib # mm3240.lib
-# mnpref32.lib # netcst32.lib # nsdlg32.lib
-# nsldap32.lib # nsldaps32.lib # nsn32.lib
-# pkcs1232.lib # pkcs732.lib # pr3240.lib
-# prefui32.lib # prefuuid.lib # secmod32.lib
-# secnav32.lib # secutl32.lib # softup32.lib
-# sp3240.lib # ssl32.lib # uni3200.lib
-# unicvt32.lib # win32md.lib # winfont.lib
-# xppref32.lib # zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj
-# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp
-# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch
-# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll
-# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj
-# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/atob/manifest.mn b/security/nss/cmd/atob/manifest.mn
deleted file mode 100644
index f6c20bf19..000000000
--- a/security/nss/cmd/atob/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = atob.c
-
-PROGRAM = atob
-
diff --git a/security/nss/cmd/bltest/Makefile b/security/nss/cmd/bltest/Makefile
deleted file mode 100644
index c99a3c017..000000000
--- a/security/nss/cmd/bltest/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
-# -always-use-cache-dir $(CC)
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#EXTRA_SHARED_LIBS += \
-# -L/usr/lib \
-# -lposix4 \
-# $(NULL)
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c
deleted file mode 100644
index b3000b257..000000000
--- a/security/nss/cmd/bltest/blapitest.c
+++ /dev/null
@@ -1,2572 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "blapi.h"
-#include "secrng.h"
-#include "prmem.h"
-#include "prprf.h"
-#include "prtime.h"
-#include "prsystem.h"
-#include "plstr.h"
-#include "nssb64.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "softoken.h"
-#include "nss.h"
-
-/* Temporary - add debugging ouput on windows for RSA to track QA failure */
-#ifdef _WIN32
-#define TRACK_BLTEST_BUG
- char __bltDBG[] = "BLTEST DEBUG";
-#endif
-
-char *progName;
-char *testdir = NULL;
-
-#define BLTEST_DEFAULT_CHUNKSIZE 4096
-
-#define WORDSIZE sizeof(unsigned long)
-
-#define CHECKERROR(rv, ln) \
- if (rv) { \
- PRErrorCode prerror = PR_GetError(); \
- PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \
- prerror, SECU_Strerror(prerror), ln); \
- exit(-1); \
- }
-
-/* Macros for performance timing. */
-#define TIMESTART() \
- time1 = PR_IntervalNow();
-
-#define TIMEFINISH(time, reps) \
- time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \
- time1 = PR_IntervalToMilliseconds(time2); \
- time = ((double)(time1))/reps;
-
-static void Usage()
-{
-#define PRINTUSAGE(subject, option, predicate) \
- fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
- PRINTUSAGE("", "", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]");
- PRINTUSAGE("", "", "[-w wordsize] [-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for output buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-v", "file which contains initialization vector");
- PRINTUSAGE("", "-b", "size of input buffer");
- PRINTUSAGE("", "-g", "key size (in bytes)");
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("(rsa)", "-e", "rsa public exponent");
- PRINTUSAGE("(rc5)", "-r", "number of rounds");
- PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for output buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-v", "file which contains initialization vector");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-H -m mode", "Hash a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o hash]");
- PRINTUSAGE("", "", "[-b bufsize]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for hash");
- PRINTUSAGE("", "-b", "size of input buffer");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-S -m mode", "Sign a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o signature] [-k key]");
- PRINTUSAGE("", "", "[-b bufsize]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for signature");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-s signature] [-k key]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-s", "file which contains signature of input buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-N -m mode -b bufsize",
- "Create a nonce plaintext and key");
- PRINTUSAGE("", "", "[-g keysize] [-u cxreps]");
- PRINTUSAGE("", "-g", "key size (in bytes)");
- PRINTUSAGE("", "-u", "number of repetitions of context creation");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-F", "Run the FIPS self-test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test");
- fprintf(stderr, "\n");
- exit(1);
-}
-
-/* Helper functions for ascii<-->binary conversion/reading/writing */
-
-/* XXX argh */
-struct item_with_arena {
- SECItem *item;
- PRArenaPool *arena;
-};
-
-static PRInt32
-get_binary(void *arg, const unsigned char *ibuf, PRInt32 size)
-{
- struct item_with_arena *it = arg;
- SECItem *binary = it->item;
- SECItem *tmp;
- int index;
- if (binary->data == NULL) {
- tmp = SECITEM_AllocItem(it->arena, NULL, size);
- binary->data = tmp->data;
- binary->len = tmp->len;
- index = 0;
- } else {
- SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size);
- index = binary->len;
- }
- PORT_Memcpy(&binary->data[index], ibuf, size);
- return binary->len;
-}
-
-static SECStatus
-atob(SECItem *ascii, SECItem *binary, PRArenaPool *arena)
-{
- SECStatus status;
- NSSBase64Decoder *cx;
- struct item_with_arena it;
- int len;
- binary->data = NULL;
- binary->len = 0;
- it.item = binary;
- it.arena = arena;
- len = (strcmp(&ascii->data[ascii->len-2],"\r\n")) ?
- ascii->len : ascii->len-2;
- cx = NSSBase64Decoder_Create(get_binary, &it);
- status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len);
- status = NSSBase64Decoder_Destroy(cx, PR_FALSE);
- return status;
-}
-
-static PRInt32
-output_ascii(void *arg, const char *obuf, PRInt32 size)
-{
- PRFileDesc *outfile = arg;
- PRInt32 nb = PR_Write(outfile, obuf, size);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
- return nb;
-}
-
-static SECStatus
-btoa_file(SECItem *binary, PRFileDesc *outfile)
-{
- SECStatus status;
- NSSBase64Encoder *cx;
- SECItem ascii;
- ascii.data = NULL;
- ascii.len = 0;
- if (binary->len == 0)
- return SECSuccess;
- cx = NSSBase64Encoder_Create(output_ascii, outfile);
- status = NSSBase64Encoder_Update(cx, binary->data, binary->len);
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- status = PR_Write(outfile, "\r\n", 2);
- return status;
-}
-
-SECStatus
-hex_from_2char(unsigned char *c2, unsigned char *byteval)
-{
- int i;
- unsigned char offset;
- *byteval = 0;
- for (i=0; i<2; i++) {
- if (c2[i] >= '0' && c2[i] <= '9') {
- offset = c2[i] - '0';
- *byteval |= offset << 4*(1-i);
- } else if (c2[i] >= 'a' && c2[i] <= 'f') {
- offset = c2[i] - 'a';
- *byteval |= (offset + 10) << 4*(1-i);
- } else if (c2[i] >= 'A' && c2[i] <= 'F') {
- offset = c2[i] - 'A';
- *byteval |= (offset + 10) << 4*(1-i);
- } else {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-char2_from_hex(unsigned char byteval, unsigned char *c2)
-{
- int i;
- unsigned char offset;
- for (i=0; i<2; i++) {
- offset = (byteval >> 4*(1-i)) & 0x0f;
- if (offset < 10) {
- c2[i] = '0' + offset;
- } else {
- c2[i] = 'A' + offset - 10;
- }
- }
- return SECSuccess;
-}
-
-void
-serialize_key(SECItem *it, int ni, PRFileDesc *file)
-{
- unsigned char len[4];
- int i;
- SECStatus status;
- NSSBase64Encoder *cx;
- SECItem ascii;
- ascii.data = NULL;
- ascii.len = 0;
- cx = NSSBase64Encoder_Create(output_ascii, file);
- for (i=0; i<ni; i++, it++) {
- len[0] = (it->len >> 24) & 0xff;
- len[1] = (it->len >> 16) & 0xff;
- len[2] = (it->len >> 8) & 0xff;
- len[3] = (it->len & 0xff);
- status = NSSBase64Encoder_Update(cx, len, 4);
- status = NSSBase64Encoder_Update(cx, it->data, it->len);
- }
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- status = PR_Write(file, "\r\n", 2);
-}
-
-void
-key_from_filedata(PRArenaPool *arena, SECItem *it, int ni, SECItem *filedata)
-{
- int fpos = 0;
- int i;
- unsigned char *buf = filedata->data;
- for (i=0; i<ni; i++, it++) {
- it->len = (buf[fpos++] & 0xff) << 24;
- it->len |= (buf[fpos++] & 0xff) << 16;
- it->len |= (buf[fpos++] & 0xff) << 8;
- it->len |= (buf[fpos++] & 0xff);
- if (it->len > 0) {
- it->data = PORT_ArenaAlloc(arena, it->len);
- PORT_Memcpy(it->data, &buf[fpos], it->len);
- } else {
- it->data = NULL;
- }
- fpos += it->len;
- }
-}
-
-static RSAPrivateKey *
-rsakey_from_filedata(SECItem *filedata)
-{
- RSAPrivateKey *key;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
- key->arena = arena;
- key_from_filedata(arena, &key->version, 9, filedata);
- return key;
-}
-
-static PQGParams *
-pqg_from_filedata(SECItem *filedata)
-{
- PQGParams *pqg;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- pqg->arena = arena;
- key_from_filedata(arena, &pqg->prime, 3, filedata);
- return pqg;
-}
-
-static DSAPrivateKey *
-dsakey_from_filedata(SECItem *filedata)
-{
- DSAPrivateKey *key;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
- key->params.arena = arena;
- key_from_filedata(arena, &key->params.prime, 5, filedata);
- return key;
-}
-
-static void
-dump_pqg(PQGParams *pqg)
-{
- SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0);
- SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0);
- SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0);
-}
-
-static void
-dump_dsakey(DSAPrivateKey *key)
-{
- dump_pqg(&key->params);
- SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0);
- SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0);
-}
-
-static void
-dump_rsakey(RSAPrivateKey *key)
-{
- SECU_PrintInteger(stdout, &key->version, "VERSION:", 0);
- SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0);
- SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0);
- SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0);
- SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0);
- SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0);
- SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0);
- SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0);
- SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0);
-}
-
-typedef enum {
- bltestBase64Encoded, /* Base64 encoded ASCII */
- bltestBinary, /* straight binary */
- bltestHexSpaceDelim, /* 0x12 0x34 0xab 0xCD ... */
- bltestHexStream /* 1234abCD ... */
-} bltestIOMode;
-
-typedef struct
-{
- SECItem buf;
- SECItem pBuf;
- bltestIOMode mode;
- PRFileDesc* file;
-} bltestIO;
-
-typedef SECStatus (* bltestSymmCipherFn)(void *cx,
- unsigned char *output,
- unsigned int *outputLen,
- unsigned int maxOutputLen,
- const unsigned char *input,
- unsigned int inputLen);
-
-typedef SECStatus (* bltestPubKeyCipherFn)(void *key,
- SECItem *output,
- const SECItem *input);
-
-typedef SECStatus (* bltestHashCipherFn)(unsigned char *dest,
- const unsigned char *src,
- uint32 src_length);
-
-typedef enum {
- bltestINVALID = -1,
- bltestDES_ECB, /* Symmetric Key Ciphers */
- bltestDES_CBC, /* . */
- bltestDES_EDE_ECB, /* . */
- bltestDES_EDE_CBC, /* . */
- bltestRC2_ECB, /* . */
- bltestRC2_CBC, /* . */
- bltestRC4, /* . */
- bltestRC5_ECB, /* . */
- bltestRC5_CBC, /* . */
- bltestAES_ECB, /* . */
- bltestAES_CBC, /* . */
- bltestRSA, /* Public Key Ciphers */
- bltestDSA, /* . (Public Key Sig.) */
- bltestMD2, /* Hash algorithms */
- bltestMD5, /* . */
- bltestSHA1, /* . */
- bltestSHA256, /* . */
- bltestSHA384, /* . */
- bltestSHA512, /* . */
- NUMMODES
-} bltestCipherMode;
-
-static char *mode_strings[] =
-{
- "des_ecb",
- "des_cbc",
- "des3_ecb",
- "des3_cbc",
- "rc2_ecb",
- "rc2_cbc",
- "rc4",
- "rc5_ecb",
- "rc5_cbc",
- "aes_ecb",
- "aes_cbc",
- "rsa",
- /*"pqg",*/
- "dsa",
- "md2",
- "md5",
- "sha1",
- "sha256",
- "sha384",
- "sha512",
-};
-
-typedef struct
-{
- bltestIO key;
- bltestIO iv;
-} bltestSymmKeyParams;
-
-typedef struct
-{
- bltestIO key;
- bltestIO iv;
- int rounds;
- int wordsize;
-} bltestRC5Params;
-
-typedef struct
-{
- bltestIO key;
- int keysizeInBits;
- RSAPrivateKey *rsakey;
-} bltestRSAParams;
-
-typedef struct
-{
- bltestIO key;
- bltestIO pqgdata;
- unsigned int j;
- bltestIO keyseed;
- bltestIO sigseed;
- bltestIO sig; /* if doing verify, have additional input */
- PQGParams *pqg;
- DSAPrivateKey *dsakey;
-} bltestDSAParams;
-
-typedef struct
-{
- bltestIO key; /* unused */
- PRBool restart;
-} bltestHashParams;
-
-typedef union
-{
- bltestIO key;
- bltestSymmKeyParams sk;
- bltestRC5Params rc5;
- bltestRSAParams rsa;
- bltestDSAParams dsa;
- bltestHashParams hash;
-} bltestParams;
-
-typedef struct
-{
- PRArenaPool *arena;
- /* cipher context */
- void *cx;
- /* I/O streams */
- bltestIO input;
- bltestIO output;
- /* Cipher-specific parameters */
- bltestParams params;
- /* Cipher mode */
- bltestCipherMode mode;
- /* Cipher function (encrypt/decrypt/sign/verify/hash) */
- union {
- bltestSymmCipherFn symmkeyCipher;
- bltestPubKeyCipherFn pubkeyCipher;
- bltestHashCipherFn hashCipher;
- } cipher;
- /* performance testing */
- int repetitions;
- int cxreps;
- double cxtime;
- double optime;
-} bltestCipherInfo;
-
-PRBool
-is_symmkeyCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestDES_ECB && mode <= bltestAES_CBC)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_pubkeyCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestRSA && mode <= bltestDSA)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_hashCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestMD2 && mode <= bltestSHA512)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_sigCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestDSA && mode <= bltestDSA)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-cipher_requires_IV(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC ||
- mode == bltestRC2_CBC || mode == bltestRC5_CBC ||
- mode == bltestAES_CBC)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-SECStatus finishIO(bltestIO *output, PRFileDesc *file);
-
-SECStatus
-setupIO(PRArenaPool *arena, bltestIO *input, PRFileDesc *file,
- char *str, int numBytes)
-{
- SECStatus rv = SECSuccess;
- SECItem fileData;
- SECItem *in;
- unsigned char *tok;
- unsigned int i, j;
-
- if (file && (numBytes == 0 || file == PR_STDIN)) {
- /* grabbing data from a file */
- rv = SECU_FileToItem(&fileData, file);
- if (rv != SECSuccess) {
- PR_Close(file);
- return SECFailure;
- }
- in = &fileData;
- } else if (str) {
- /* grabbing data from command line */
- fileData.data = str;
- fileData.len = PL_strlen(str);
- in = &fileData;
- } else if (file) {
- /* create nonce */
- SECITEM_AllocItem(arena, &input->buf, numBytes);
- RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes);
- return finishIO(input, file);
- } else {
- return SECFailure;
- }
-
- switch (input->mode) {
- case bltestBase64Encoded:
- rv = atob(in, &input->buf, arena);
- break;
- case bltestBinary:
- if (in->data[in->len-1] == '\n') --in->len;
- if (in->data[in->len-1] == '\r') --in->len;
- SECITEM_CopyItem(arena, &input->buf, in);
- break;
- case bltestHexSpaceDelim:
- SECITEM_AllocItem(arena, &input->buf, in->len/5);
- for (i=0, j=0; i<in->len; i+=5, j++) {
- tok = &in->data[i];
- if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ')
- /* bad hex token */
- break;
-
- rv = hex_from_2char(&tok[2], input->buf.data + j);
- if (rv)
- break;
- }
- break;
- case bltestHexStream:
- SECITEM_AllocItem(arena, &input->buf, in->len/2);
- for (i=0, j=0; i<in->len; i+=2, j++) {
- tok = &in->data[i];
- rv = hex_from_2char(tok, input->buf.data + j);
- if (rv)
- break;
- }
- break;
- }
-
- if (file)
- SECITEM_FreeItem(&fileData, PR_FALSE);
- return rv;
-}
-
-SECStatus
-finishIO(bltestIO *output, PRFileDesc *file)
-{
- SECStatus rv = SECSuccess;
- PRInt32 nb;
- unsigned char byteval;
- SECItem *it;
- char hexstr[5];
- unsigned int i;
- if (output->pBuf.len > 0) {
- it = &output->pBuf;
- } else {
- it = &output->buf;
- }
- switch (output->mode) {
- case bltestBase64Encoded:
- rv = btoa_file(it, file);
- break;
- case bltestBinary:
- nb = PR_Write(file, it->data, it->len);
- rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure;
- break;
- case bltestHexSpaceDelim:
- hexstr[0] = '0';
- hexstr[1] = 'x';
- hexstr[4] = ' ';
- for (i=0; i<it->len; i++) {
- byteval = it->data[i];
- rv = char2_from_hex(byteval, hexstr + 2);
- nb = PR_Write(file, hexstr, 5);
- if (rv)
- break;
- }
- PR_Write(file, "\n", 1);
- break;
- case bltestHexStream:
- for (i=0; i<it->len; i++) {
- byteval = it->data[i];
- rv = char2_from_hex(byteval, hexstr);
- if (rv)
- break;
- nb = PR_Write(file, hexstr, 2);
- }
- PR_Write(file, "\n", 1);
- break;
- }
- return rv;
-}
-
-void
-bltestCopyIO(PRArenaPool *arena, bltestIO *dest, bltestIO *src)
-{
- SECITEM_CopyItem(arena, &dest->buf, &src->buf);
- if (src->pBuf.len > 0) {
- dest->pBuf.len = src->pBuf.len;
- dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data);
- }
- dest->mode = src->mode;
- dest->file = src->file;
-}
-
-void
-misalignBuffer(PRArenaPool *arena, bltestIO *io, int off)
-{
- ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE;
- int length = io->buf.len;
- if (offset != off) {
- SECITEM_ReallocItem(arena, &io->buf, length, length + 2*WORDSIZE);
- io->buf.len = length + 2*WORDSIZE; /* why doesn't realloc do this? */
- /* offset may have changed? */
- offset = (ptrdiff_t)io->buf.data % WORDSIZE;
- if (offset != off) {
- memmove(io->buf.data + off, io->buf.data, length);
- io->pBuf.data = io->buf.data + off;
- io->pBuf.len = length;
- } else {
- io->pBuf.data = io->buf.data;
- io->pBuf.len = length;
- }
- } else {
- io->pBuf.data = io->buf.data;
- io->pBuf.len = length;
- }
-}
-
-SECStatus
-des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rsa_PublicKeyOp(void *key, SECItem *output, const SECItem *input)
-{
- return RSA_PublicKeyOp((RSAPublicKey *)key, output->data, input->data);
-}
-
-SECStatus
-rsa_PrivateKeyOp(void *key, SECItem *output, const SECItem *input)
-{
- return RSA_PrivateKeyOp((RSAPrivateKey *)key, output->data, input->data);
-}
-
-SECStatus
-dsa_signDigest(void *key, SECItem *output, const SECItem *input)
-{
- return DSA_SignDigest((DSAPrivateKey *)key, output, input);
-}
-
-SECStatus
-dsa_verifyDigest(void *key, SECItem *output, const SECItem *input)
-{
- return DSA_VerifyDigest((DSAPublicKey *)key, output, input);
-}
-
-SECStatus
-bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *desp = &cipherInfo->params.sk;
- int minorMode;
- int i;
- switch (cipherInfo->mode) {
- case bltestDES_ECB: minorMode = NSS_DES; break;
- case bltestDES_CBC: minorMode = NSS_DES_CBC; break;
- case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3; break;
- case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)DES_CreateContext(desp->key.buf.data,
- desp->iv.buf.data,
- minorMode, encrypt);
- if (cipherInfo->cxreps > 0) {
- DESContext **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)DES_CreateContext(desp->key.buf.data,
- desp->iv.buf.data,
- minorMode, encrypt);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- DES_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = des_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = des_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *rc2p = &cipherInfo->params.sk;
- int minorMode;
- int i;
- switch (cipherInfo->mode) {
- case bltestRC2_ECB: minorMode = NSS_RC2; break;
- case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)RC2_CreateContext(rc2p->key.buf.data,
- rc2p->key.buf.len,
- rc2p->iv.buf.data,
- minorMode,
- rc2p->key.buf.len);
- if (cipherInfo->cxreps > 0) {
- RC2Context **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)RC2_CreateContext(rc2p->key.buf.data,
- rc2p->key.buf.len,
- rc2p->iv.buf.data,
- minorMode,
- rc2p->key.buf.len);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- RC2_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = rc2_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = rc2_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- int i;
- bltestSymmKeyParams *rc4p = &cipherInfo->params.sk;
- cipherInfo->cx = (void*)RC4_CreateContext(rc4p->key.buf.data,
- rc4p->key.buf.len);
- if (cipherInfo->cxreps > 0) {
- RC4Context **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)RC4_CreateContext(rc4p->key.buf.data,
- rc4p->key.buf.len);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- RC4_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = rc4_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = rc4_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-#if NSS_SOFTOKEN_DOES_RC5
- PRIntervalTime time1, time2;
- bltestRC5Params *rc5p = &cipherInfo->params.rc5;
- int minorMode;
- switch (cipherInfo->mode) {
- case bltestRC5_ECB: minorMode = NSS_RC5; break;
- case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break;
- default:
- return SECFailure;
- }
- TIMESTART();
- cipherInfo->cx = (void*)RC5_CreateContext(&rc5p->key.buf,
- rc5p->rounds, rc5p->wordsize,
- rc5p->iv.buf.data, minorMode);
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = RC5_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = RC5_Decrypt;
- return SECSuccess;
-#else
- return SECFailure;
-#endif
-}
-
-SECStatus
-bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *aesp = &cipherInfo->params.sk;
- int minorMode;
- int i;
- /* XXX */ int keylen, blocklen;
- keylen = aesp->key.buf.len;
- blocklen = cipherInfo->input.pBuf.len;
- switch (cipherInfo->mode) {
- case bltestAES_ECB: minorMode = NSS_AES; break;
- case bltestAES_CBC: minorMode = NSS_AES_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)AES_CreateContext(aesp->key.buf.data,
- aesp->iv.buf.data,
- minorMode, encrypt,
- keylen, blocklen);
- if (cipherInfo->cxreps > 0) {
- AESContext **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)AES_CreateContext(aesp->key.buf.data,
- aesp->iv.buf.data,
- minorMode, encrypt,
- keylen, blocklen);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- AES_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = aes_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = aes_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- RSAPrivateKey **dummyKey;
- PRIntervalTime time1, time2;
- bltestRSAParams *rsap = &cipherInfo->params.rsa;
- /* RSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.rsa.rsakey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps *
- sizeof(RSAPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++)
- dummyKey[i] = RSA_NewKey(rsap->keysizeInBits,
- &rsap->rsakey->publicExponent);
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; i<cipherInfo->cxreps; i++)
- PORT_FreeArena(dummyKey[i]->arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (encrypt) {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- RSAPublicKey *pubkey;
- RSAPrivateKey *key = (RSAPrivateKey *)cipherInfo->cx;
- pubkey = (RSAPublicKey *)PORT_ArenaAlloc(key->arena,
- sizeof(RSAPublicKey));
- pubkey->modulus.len = key->modulus.len;
- pubkey->modulus.data = key->modulus.data;
- pubkey->publicExponent.len = key->publicExponent.len;
- pubkey->publicExponent.data = key->publicExponent.data;
- cipherInfo->cx = (void *)pubkey;
- cipherInfo->cipher.pubkeyCipher = rsa_PublicKeyOp;
- } else {
- cipherInfo->cipher.pubkeyCipher = rsa_PrivateKeyOp;
- }
- return SECSuccess;
-}
-
-SECStatus
-bltest_pqg_init(bltestDSAParams *dsap)
-{
- SECStatus rv, res;
- PQGVerify *vfy = NULL;
- rv = PQG_ParamGen(dsap->j, &dsap->pqg, &vfy);
- CHECKERROR(rv, __LINE__);
- rv = PQG_VerifyParams(dsap->pqg, vfy, &res);
- CHECKERROR(res, __LINE__);
- CHECKERROR(rv, __LINE__);
- return rv;
-}
-
-SECStatus
-bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- DSAPrivateKey **dummyKey;
- PQGParams *dummypqg;
- PRIntervalTime time1, time2;
- bltestDSAParams *dsap = &cipherInfo->params.dsa;
- PQGVerify *ignore = NULL;
- /* DSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.dsa.dsakey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps *
- sizeof(DSAPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummypqg = NULL;
- PQG_ParamGen(dsap->j, &dummypqg, &ignore);
- DSA_NewKey(dummypqg, &dummyKey[i]);
- }
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; i<cipherInfo->cxreps; i++)
- PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (!dsap->pqg && dsap->pqgdata.buf.len > 0) {
- dsap->pqg = pqg_from_filedata(&dsap->pqgdata.buf);
- }
- if (!cipherInfo->cx && dsap->key.buf.len > 0) {
- cipherInfo->cx = dsakey_from_filedata(&dsap->key.buf);
- }
- if (encrypt) {
- cipherInfo->cipher.pubkeyCipher = dsa_signDigest;
- } else {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- DSAPublicKey *pubkey;
- DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx;
- pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena,
- sizeof(DSAPublicKey));
- pubkey->params.prime.len = key->params.prime.len;
- pubkey->params.prime.data = key->params.prime.data;
- pubkey->params.subPrime.len = key->params.subPrime.len;
- pubkey->params.subPrime.data = key->params.subPrime.data;
- pubkey->params.base.len = key->params.base.len;
- pubkey->params.base.data = key->params.base.data;
- pubkey->publicValue.len = key->publicValue.len;
- pubkey->publicValue.data = key->publicValue.data;
- cipherInfo->cipher.pubkeyCipher = dsa_verifyDigest;
- }
- return SECSuccess;
-}
-
-/* XXX unfortunately, this is not defined in blapi.h */
-SECStatus
-md2_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- unsigned int len;
- MD2Context *cx = MD2_NewContext();
- if (cx == NULL) return SECFailure;
- MD2_Begin(cx);
- MD2_Update(cx, src, src_length);
- MD2_End(cx, dest, &len, MD2_LENGTH);
- MD2_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-SECStatus
-md2_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- MD2Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- SECStatus rv = SECSuccess;
- cx = MD2_NewContext();
- MD2_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- MD2_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = MD2_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- MD2_Flatten(cx, cxbytes);
- cx_cpy = MD2_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName);
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- MD2_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: MD2_restart failed!\n", progName);
- goto finish;
- }
- MD2_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- MD2_End(cx, dest, &len, MD2_LENGTH);
-finish:
- MD2_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-md5_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- MD5Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = MD5_NewContext();
- MD5_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- MD5_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = MD5_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- MD5_Flatten(cx, cxbytes);
- cx_cpy = MD5_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- MD5_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: MD5_restart failed!\n", progName);
- goto finish;
- }
- MD5_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- MD5_End(cx, dest, &len, MD5_LENGTH);
-finish:
- MD5_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-sha1_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA1Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA1_NewContext();
- SHA1_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA1_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA1_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA1_Flatten(cx, cxbytes);
- cx_cpy = SHA1_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA1_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA1_restart failed!\n", progName);
- goto finish;
- }
- SHA1_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA1_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA1_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SHA256_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA256Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA256_NewContext();
- SHA256_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA256_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA256_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA256_Flatten(cx, cxbytes);
- cx_cpy = SHA256_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA256_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA256_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA256_restart failed!\n", progName);
- goto finish;
- }
- SHA256_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA256_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA256_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SHA384_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA384Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA384_NewContext();
- SHA384_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA384_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA384_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA384_Flatten(cx, cxbytes);
- cx_cpy = SHA384_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA384_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA384_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA384_restart failed!\n", progName);
- goto finish;
- }
- SHA384_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA384_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA384_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SHA512_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA512Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA512_NewContext();
- SHA512_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA512_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA512_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA512_Flatten(cx, cxbytes);
- cx_cpy = SHA512_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA512_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA512_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA512_restart failed!\n", progName);
- goto finish;
- }
- SHA512_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA512_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA512_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file,
- int keysize, int exponent)
-{
- int i;
- SECStatus rv = SECSuccess;
- bltestRSAParams *rsap;
- bltestDSAParams *dsap;
- switch (cipherInfo->mode) {
- case bltestRSA:
- rsap = &cipherInfo->params.rsa;
- if (keysize > 0) {
- SECItem expitem = { 0, 0, 0 };
- SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int));
- for (i = 1; i <= sizeof(int); i++)
- expitem.data[i-1] = exponent >> (8*(sizeof(int) - i));
- rsap->rsakey = RSA_NewKey(keysize * 8, &expitem);
- serialize_key(&rsap->rsakey->version, 9, file);
- rsap->keysizeInBits = keysize * 8;
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- rsap->rsakey = rsakey_from_filedata(&cipherInfo->params.key.buf);
- rsap->keysizeInBits = rsap->rsakey->modulus.len * 8;
- }
- break;
- case bltestDSA:
- dsap = &cipherInfo->params.dsa;
- if (keysize > 0) {
- dsap->j = PQG_PBITS_TO_INDEX(8*keysize);
- if (!dsap->pqg)
- bltest_pqg_init(dsap);
- rv = DSA_NewKey(dsap->pqg, &dsap->dsakey);
- CHECKERROR(rv, __LINE__);
- serialize_key(&dsap->dsakey->params.prime, 5, file);
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- dsap->dsakey = dsakey_from_filedata(&cipherInfo->params.key.buf);
- dsap->j = PQG_PBITS_TO_INDEX(8*dsap->dsakey->params.prime.len);
- }
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRBool restart;
- switch (cipherInfo->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_des_init(cipherInfo, encrypt);
- break;
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rc2_init(cipherInfo, encrypt);
- break;
- case bltestRC4:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rc4_init(cipherInfo, encrypt);
- break;
- case bltestRC5_ECB:
- case bltestRC5_CBC:
-#if NSS_SOFTOKEN_DOES_RC5
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
-#endif
- return bltest_rc5_init(cipherInfo, encrypt);
- break;
- case bltestAES_ECB:
- case bltestAES_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_aes_init(cipherInfo, encrypt);
- break;
- case bltestRSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rsa_init(cipherInfo, encrypt);
- break;
- case bltestDSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- DSA_SIGNATURE_LEN);
- return bltest_dsa_init(cipherInfo, encrypt);
- break;
- case bltestMD2:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- MD2_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf;
- return SECSuccess;
- break;
- case bltestMD5:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- MD5_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA1:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA1_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA256:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA256_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? SHA256_restart
- : SHA256_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA384:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA384_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? SHA384_restart
- : SHA384_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA512:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA512_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? SHA512_restart
- : SHA512_HashBuf;
- return SECSuccess;
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-dsaOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv = SECSuccess;
- int i;
- int maxLen = cipherInfo->output.pBuf.len;
- SECItem dummyOut = { 0, 0, 0 };
- SECITEM_AllocItem(NULL, &dummyOut, maxLen);
- if (cipherInfo->cipher.pubkeyCipher == dsa_signDigest) {
- if (cipherInfo->params.dsa.sigseed.buf.len > 0) {
- rv = DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf,
- cipherInfo->params.dsa.sigseed.buf.data);
- CHECKERROR(rv, __LINE__);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- rv |= DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx,
- &dummyOut,
- &cipherInfo->input.pBuf,
- cipherInfo->params.dsa.sigseed.buf.data);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- } else {
- rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, &dummyOut,
- &cipherInfo->input.pBuf);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- bltestCopyIO(cipherInfo->arena, &cipherInfo->params.dsa.sig,
- &cipherInfo->output);
- } else {
- rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- SECITEM_FreeItem(&dummyOut, PR_FALSE);
- return rv;
-}
-
-SECStatus
-cipherDoOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv = SECSuccess;
- int i, len;
- int maxLen = cipherInfo->output.pBuf.len;
- unsigned char *dummyOut;
- if (cipherInfo->mode == bltestDSA)
- return dsaOp(cipherInfo);
- dummyOut = PORT_Alloc(maxLen);
- if (is_symmkeyCipher(cipherInfo->mode)) {
- rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx,
- cipherInfo->output.pBuf.data,
- &len, maxLen,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut,
- &len, maxLen,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
-
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else if (is_pubkeyCipher(cipherInfo->mode)) {
- rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- SECItem dummy;
- dummy.data = dummyOut;
- dummy.len = maxLen;
- (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &dummy,
- &cipherInfo->input.pBuf);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else if (is_hashCipher(cipherInfo->mode)) {
- rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- (*cipherInfo->cipher.hashCipher)(dummyOut,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- PORT_Free(dummyOut);
- return rv;
-}
-
-SECStatus
-cipherFinish(bltestCipherInfo *cipherInfo)
-{
- switch (cipherInfo->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestAES_ECB:
- case bltestAES_CBC:
- AES_DestroyContext((AESContext *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestRC4:
- RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE);
- break;
-#endif
- case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */
- case bltestDSA: /* will be freed with it. */
- case bltestMD2: /* hash contexts are ephemeral */
- case bltestMD5:
- case bltestSHA1:
- case bltestSHA256:
- case bltestSHA384:
- case bltestSHA512:
- return SECSuccess;
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-void
-print_exponent(SECItem *exp)
-{
- int i;
- int e = 0;
- if (exp->len <= 4) {
- for (i=exp->len; i >=0; --i) e |= exp->data[exp->len-i] << 8*(i-1);
- fprintf(stdout, "%12d", e);
- } else {
- e = 8*exp->len;
- fprintf(stdout, "~2**%-8d", e);
- }
-}
-
-void
-dump_performance_info(bltestCipherInfo *info, PRBool encrypt, PRBool cxonly)
-{
- PRBool td = PR_TRUE;
- fprintf(stdout, "#%9s", "mode");
- fprintf(stdout, "%12s", "in");
-print_td:
- switch (info->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- case bltestAES_ECB:
- case bltestAES_CBC:
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- case bltestRC4:
- if (td)
- fprintf(stdout, "%8s", "symmkey");
- else
- fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- if (info->params.sk.key.buf.len > 0)
- printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len);
- if (info->rounds > 0)
- printf("rounds=%d,", info->params.rc5.rounds);
- if (info->wordsize > 0)
- printf("wordsize(bytes)=%d,", info->params.rc5.wordsize);
- break;
-#endif
- case bltestRSA:
- if (td) {
- fprintf(stdout, "%8s", "rsa_mod");
- fprintf(stdout, "%12s", "rsa_pe");
- } else {
- fprintf(stdout, "%8d", info->params.rsa.keysizeInBits);
- print_exponent(&info->params.rsa.rsakey->publicExponent);
- }
- break;
- case bltestDSA:
- if (td)
- fprintf(stdout, "%8s", "pqg_mod");
- else
- fprintf(stdout, "%8d", PQG_INDEX_TO_PBITS(info->params.dsa.j));
- break;
- case bltestMD2:
- case bltestMD5:
- case bltestSHA1:
- case bltestSHA256:
- case bltestSHA384:
- case bltestSHA512:
- default:
- break;
- }
- if (!td) {
- fprintf(stdout, "%8d", info->repetitions);
- fprintf(stdout, "%8d", info->cxreps);
- fprintf(stdout, "%12.3f", info->cxtime);
- fprintf(stdout, "%12.3f", info->optime);
- fprintf(stdout, "\n");
- return;
- }
-
- fprintf(stdout, "%8s", "opreps");
- fprintf(stdout, "%8s", "cxreps");
- fprintf(stdout, "%12s", "context");
- fprintf(stdout, "%12s", "op");
- fprintf(stdout, "\n");
- fprintf(stdout, "%8s", mode_strings[info->mode]);
- fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd');
- fprintf(stdout, "%12d", info->input.buf.len * info->repetitions);
-
- td = !td;
- goto print_td;
-}
-
-void
-printmodes()
-{
- bltestCipherMode mode;
- int nummodes = sizeof(mode_strings) / sizeof(char *);
- fprintf(stderr, "%s: Available modes (specify with -m):\n", progName);
- for (mode=0; mode<nummodes; mode++)
- fprintf(stderr, "%s\n", mode_strings[mode]);
-}
-
-bltestCipherMode
-get_mode(const char *modestring)
-{
- bltestCipherMode mode;
- int nummodes = sizeof(mode_strings) / sizeof(char *);
- for (mode=0; mode<nummodes; mode++)
- if (PL_strcmp(modestring, mode_strings[mode]) == 0)
- return mode;
- fprintf(stderr, "%s: invalid mode: %s\n", progName, modestring);
- return bltestINVALID;
-}
-
-void
-load_file_data(PRArenaPool *arena, bltestIO *data,
- char *fn, bltestIOMode ioMode)
-{
- PRFileDesc *file;
- data->mode = ioMode;
- data->file = NULL; /* don't use -- not saving anything */
- data->pBuf.data = NULL;
- data->pBuf.len = 0;
- file = PR_Open(fn, PR_RDONLY, 00660);
- if (file)
- setupIO(arena, data, file, NULL, 0);
-}
-
-void
-get_params(PRArenaPool *arena, bltestParams *params,
- bltestCipherMode mode, int j)
-{
- char filename[256];
- char *modestr = mode_strings[mode];
-#if NSS_SOFTOKEN_DOES_RC5
- FILE *file;
- char *mark, *param, *val;
- int index = 0;
-#endif
- switch (mode) {
- case bltestDES_CBC:
- case bltestDES_EDE_CBC:
- case bltestRC2_CBC:
- case bltestAES_CBC:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
- load_file_data(arena, &params->sk.iv, filename, bltestBinary);
- case bltestDES_ECB:
- case bltestDES_EDE_ECB:
- case bltestRC2_ECB:
- case bltestRC4:
- case bltestAES_ECB:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->sk.key, filename, bltestBinary);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
- load_file_data(arena, &params->sk.iv, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->sk.key, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "params", j);
- file = fopen(filename, "r");
- if (!file) return;
- param = malloc(100);
- len = fread(param, 1, 100, file);
- while (index < len) {
- mark = PL_strchr(param, '=');
- *mark = '\0';
- val = mark + 1;
- mark = PL_strchr(val, '\n');
- *mark = '\0';
- if (PL_strcmp(param, "rounds") == 0) {
- params->rc5.rounds = atoi(val);
- } else if (PL_strcmp(param, "wordsize") == 0) {
- params->rc5.wordsize = atoi(val);
- }
- index += PL_strlen(param) + PL_strlen(val) + 2;
- param = mark + 1;
- }
- break;
-#endif
- case bltestRSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->rsa.key, filename, bltestBase64Encoded);
- params->rsa.rsakey = rsakey_from_filedata(&params->key.buf);
- break;
- case bltestDSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->dsa.key, filename, bltestBase64Encoded);
- params->dsa.dsakey = dsakey_from_filedata(&params->key.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j);
- load_file_data(arena, &params->dsa.pqgdata, filename,
- bltestBase64Encoded);
- params->dsa.pqg = pqg_from_filedata(&params->dsa.pqgdata.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j);
- load_file_data(arena, &params->dsa.keyseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j);
- load_file_data(arena, &params->dsa.sigseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j);
- load_file_data(arena, &params->dsa.sig, filename, bltestBase64Encoded);
- break;
- case bltestMD2:
- case bltestMD5:
- case bltestSHA1:
- case bltestSHA256:
- case bltestSHA384:
- case bltestSHA512:
- /*params->hash.restart = PR_TRUE;*/
- params->hash.restart = PR_FALSE;
- break;
- default:
- break;
- }
-}
-
-SECStatus
-verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode,
- PRBool forward, SECStatus sigstatus)
-{
- int res;
- char *modestr = mode_strings[mode];
- res = SECITEM_CompareItem(&result->pBuf, &cmp->buf);
- if (is_sigCipher(mode)) {
- if (forward) {
- if (res == 0) {
- printf("Signature self-test for %s passed.\n", modestr);
- } else {
- printf("Signature self-test for %s failed!\n", modestr);
- }
- } else {
- if (sigstatus == SECSuccess) {
- printf("Verification self-test for %s passed.\n", modestr);
- } else {
- printf("Verification self-test for %s failed!\n", modestr);
- }
- }
- return sigstatus;
- } else if (is_hashCipher(mode)) {
- if (res == 0) {
- printf("Hash self-test for %s passed.\n", modestr);
- } else {
- printf("Hash self-test for %s failed!\n", modestr);
- }
- } else {
- if (forward) {
- if (res == 0) {
- printf("Encryption self-test for %s passed.\n", modestr);
- } else {
- printf("Encryption self-test for %s failed!\n", modestr);
- }
- } else {
- if (res == 0) {
- printf("Decryption self-test for %s passed.\n", modestr);
- } else {
- printf("Decryption self-test for %s failed!\n", modestr);
- }
- }
- }
- return (res != 0);
-}
-
-static SECStatus
-blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
- PRBool encrypt, PRBool decrypt)
-{
- bltestCipherInfo cipherInfo;
- bltestIO pt, ct;
- bltestCipherMode mode;
- bltestParams *params;
- int i, j, nummodes;
- char *modestr;
- char filename[256];
- PRFileDesc *file;
- PRArenaPool *arena;
- SECItem item;
- PRBool finished;
- SECStatus rv = SECSuccess, srv;
-
- PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- cipherInfo.arena = arena;
-
- finished = PR_FALSE;
- nummodes = (numModes == 0) ? NUMMODES : numModes;
- for (i=0; i < nummodes && !finished; i++) {
- if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue;
- if (numModes > 0)
- mode = modes[i];
- else
- mode = i;
- if (mode == bltestINVALID) {
- fprintf(stderr, "%s: Skipping invalid mode.\n",progName);
- continue;
- }
- modestr = mode_strings[mode];
- cipherInfo.mode = mode;
- params = &cipherInfo.params;
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Self-Testing RSA\n", __bltDBG);
- }
-#endif
- /* get the number of tests in the directory */
- sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests");
- file = PR_Open(filename, PR_RDONLY, 00660);
- if (!file) {
- fprintf(stderr, "%s: File %s does not exist.\n", progName,filename);
- return SECFailure;
- }
- rv = SECU_FileToItem(&item, file);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Loaded data from %s\n", __bltDBG, filename);
- }
-#endif
- PR_Close(file);
- /* loop over the tests in the directory */
- for (j=0; j<(int)(item.data[0] - '0'); j++) { /* XXX bug when > 10 */
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Executing self-test #%d\n", __bltDBG, j);
- }
-#endif
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "plaintext", j);
- load_file_data(arena, &pt, filename, (mode == bltestDSA) ?
- bltestBase64Encoded : bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "ciphertext", j);
- load_file_data(arena, &ct, filename, bltestBase64Encoded);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Loaded data for self-test #%d\n", __bltDBG, j);
- }
-#endif
- get_params(arena, params, mode, j);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Got parameters for #%d\n", __bltDBG, j);
- }
-#endif
- /* Forward Operation (Encrypt/Sign/Hash)
- ** Align the input buffer (plaintext) according to request
- ** then perform operation and compare to ciphertext
- */
- /* XXX for now */
- rv = SECSuccess;
- if (encrypt) {
- bltestCopyIO(arena, &cipherInfo.input, &pt);
- misalignBuffer(arena, &cipherInfo.input, inoff);
- memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
- rv |= cipherInit(&cipherInfo, PR_TRUE);
- misalignBuffer(arena, &cipherInfo.output, outoff);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= cipherDoOp(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Performed encrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= cipherFinish(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Finished encrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= verify_self_test(&cipherInfo.output,
- &ct, mode, PR_TRUE, 0);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j);
- }
-#endif
- /* If testing hash, only one op to test */
- if (is_hashCipher(mode))
- continue;
- /*if (rv) return rv;*/
- }
- if (!decrypt)
- continue;
- /* XXX for now */
- rv = SECSuccess;
- /* Reverse Operation (Decrypt/Verify)
- ** Align the input buffer (ciphertext) according to request
- ** then perform operation and compare to plaintext
- */
- if (mode != bltestDSA)
- bltestCopyIO(arena, &cipherInfo.input, &ct);
- else
- bltestCopyIO(arena, &cipherInfo.input, &pt);
- misalignBuffer(arena, &cipherInfo.input, inoff);
- memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
- rv |= cipherInit(&cipherInfo, PR_FALSE);
- misalignBuffer(arena, &cipherInfo.output, outoff);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j);
- }
-#endif
- srv = SECSuccess;
- srv |= cipherDoOp(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Performed decrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= cipherFinish(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Finished decrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= verify_self_test(&cipherInfo.output,
- &pt, mode, PR_FALSE, srv);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j);
- }
-#endif
- /*if (rv) return rv;*/
- }
- }
- return rv;
-}
-
-SECStatus
-dump_file(bltestCipherMode mode, char *filename)
-{
- bltestIO keydata;
- PRArenaPool *arena = NULL;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- if (mode == bltestRSA) {
- RSAPrivateKey *key;
- load_file_data(arena, &keydata, filename, bltestBase64Encoded);
- key = rsakey_from_filedata(&keydata.buf);
- dump_rsakey(key);
- } else if (mode == bltestDSA) {
-#if 0
- PQGParams *pqg;
- get_file_data(filename, &item, PR_TRUE);
- pqg = pqg_from_filedata(&item);
- dump_pqg(pqg);
-#endif
- DSAPrivateKey *key;
- load_file_data(arena, &keydata, filename, bltestBase64Encoded);
- key = dsakey_from_filedata(&keydata.buf);
- dump_dsakey(key);
- }
- PORT_FreeArena(arena, PR_FALSE);
- return SECFailure;
-}
-
-/* bltest commands */
-enum {
- cmd_Decrypt = 0,
- cmd_Encrypt,
- cmd_FIPS,
- cmd_Hash,
- cmd_Nonce,
- cmd_Dump,
- cmd_Sign,
- cmd_SelfTest,
- cmd_Verify
-};
-
-/* bltest options */
-enum {
- opt_B64 = 0,
- opt_BufSize,
- opt_Restart,
- opt_SelfTestDir,
- opt_Exponent,
- opt_SigFile,
- opt_KeySize,
- opt_Hex,
- opt_Input,
- opt_PQGFile,
- opt_Key,
- opt_HexWSpc,
- opt_Mode,
- opt_Output,
- opt_Repetitions,
- opt_ZeroBuf,
- opt_Rounds,
- opt_Seed,
- opt_SigSeedFile,
- opt_CXReps,
- opt_IV,
- opt_WordSize,
- opt_UseSeed,
- opt_UseSigSeed,
- opt_SeedFile,
- opt_InputOffset,
- opt_OutputOffset,
- opt_MonteCarlo,
- opt_CmdLine
-};
-
-static secuCommandFlag bltest_commands[] =
-{
- { /* cmd_Decrypt */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Encrypt */ 'E', PR_FALSE, 0, PR_FALSE },
- { /* cmd_FIPS */ 'F', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Hash */ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Nonce */ 'N', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Dump */ 'P', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Sign */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_SelfTest */ 'T', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Verify */ 'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag bltest_options[] =
-{
- { /* opt_B64 */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_BufSize */ 'b', PR_TRUE, 0, PR_FALSE },
- { /* opt_Restart */ 'c', PR_FALSE, 0, PR_FALSE },
- { /* opt_SelfTestDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE },
- { /* opt_SigFile */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE },
- { /* opt_Hex */ 'h', PR_FALSE, 0, PR_FALSE },
- { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_PQGFile */ 'j', PR_TRUE, 0, PR_FALSE },
- { /* opt_Key */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_HexWSpc */ 'l', PR_FALSE, 0, PR_FALSE },
- { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE },
- { /* opt_Output */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_Repetitions */ 'p', PR_TRUE, 0, PR_FALSE },
- { /* opt_ZeroBuf */ 'q', PR_FALSE, 0, PR_FALSE },
- { /* opt_Rounds */ 'r', PR_TRUE, 0, PR_FALSE },
- { /* opt_Seed */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_SigSeedFile */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_CXReps */ 'u', PR_TRUE, 0, PR_FALSE },
- { /* opt_IV */ 'v', PR_TRUE, 0, PR_FALSE },
- { /* opt_WordSize */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_UseSeed */ 'x', PR_FALSE, 0, PR_FALSE },
- { /* opt_UseSigSeed */ 'y', PR_FALSE, 0, PR_FALSE },
- { /* opt_SeedFile */ 'z', PR_FALSE, 0, PR_FALSE },
- { /* opt_InputOffset */ '1', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputOffset */ '2', PR_TRUE, 0, PR_FALSE },
- { /* opt_MonteCarlo */ '3', PR_FALSE, 0, PR_FALSE },
- { /* opt_CmdLine */ '-', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
- char *infileName, *outfileName, *keyfileName, *ivfileName;
- SECStatus rv;
-
- bltestCipherInfo cipherInfo;
- bltestParams *params;
- PRFileDesc *file, *infile, *outfile;
- char *instr = NULL;
- PRArenaPool *arena;
- bltestIOMode ioMode;
- int keysize, bufsize, exponent;
- int i, commandsEntered;
- int inoff, outoff;
-
- secuCommand bltest;
- bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag);
- bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag);
- bltest.commands = bltest_commands;
- bltest.options = bltest_options;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- rv = RNG_RNGInit();
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
- RNG_SystemInfoForRNG();
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &bltest);
-
- PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- cipherInfo.arena = arena;
- params = &cipherInfo.params;
- /* set some defaults */
- infileName = outfileName = keyfileName = ivfileName = NULL;
-
- /* Check the number of commands entered on the command line. */
- commandsEntered = 0;
- for (i=0; i<bltest.numCommands; i++)
- if (bltest.commands[i].activated)
- commandsEntered++;
-
- if (commandsEntered > 1 &&
- !(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) {
- fprintf(stderr, "%s: one command at a time!\n", progName);
- Usage();
- }
- if (commandsEntered == 0) {
- fprintf(stderr, "%s: you must enter a command!\n", progName);
- Usage();
- }
-
- if (bltest.commands[cmd_Sign].activated)
- bltest.commands[cmd_Encrypt].activated = PR_TRUE;
- if (bltest.commands[cmd_Verify].activated)
- bltest.commands[cmd_Decrypt].activated = PR_TRUE;
- if (bltest.commands[cmd_Hash].activated)
- bltest.commands[cmd_Encrypt].activated = PR_TRUE;
-
- inoff = outoff = 0;
- if (bltest.options[opt_InputOffset].activated)
- inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg);
- if (bltest.options[opt_OutputOffset].activated)
- outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg);
-
- testdir = (bltest.options[opt_SelfTestDir].activated) ?
- strdup(bltest.options[opt_SelfTestDir].arg) : ".";
-
- /*
- * Handle three simple cases first
- */
-
- /* Do BLAPI self-test */
- if (bltest.commands[cmd_SelfTest].activated) {
- PRBool encrypt = PR_TRUE, decrypt = PR_TRUE;
- /* user may specified a set of ciphers to test. parse them. */
- bltestCipherMode modesToTest[NUMMODES];
- int numModesToTest = 0;
- char *tok, *str;
- str = bltest.options[opt_Mode].arg;
- while (str) {
- tok = strchr(str, ',');
- if (tok) *tok = '\0';
- modesToTest[numModesToTest++] = get_mode(str);
- if (tok) {
- *tok = ',';
- str = tok + 1;
- } else {
- break;
- }
- }
- if (bltest.commands[cmd_Decrypt].activated &&
- !bltest.commands[cmd_Encrypt].activated)
- encrypt = PR_FALSE;
- if (bltest.commands[cmd_Encrypt].activated &&
- !bltest.commands[cmd_Decrypt].activated)
- decrypt = PR_FALSE;
- return blapi_selftest(modesToTest, numModesToTest, inoff, outoff,
- encrypt, decrypt);
- }
-
- /* Do FIPS self-test */
- if (bltest.commands[cmd_FIPS].activated) {
- CK_RV ckrv = pk11_fipsPowerUpSelfTest();
- fprintf(stdout, "CK_RV: %ld.\n", ckrv);
- return 0;
- }
-
- /*
- * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify
- */
-
- if ((bltest.commands[cmd_Decrypt].activated ||
- bltest.commands[cmd_Verify].activated) &&
- bltest.options[opt_BufSize].activated) {
- fprintf(stderr, "%s: cannot use a nonce as input to decrypt/verify.\n",
- progName);
- Usage();
- }
-
- if (bltest.options[opt_Mode].activated) {
- cipherInfo.mode = get_mode(bltest.options[opt_Mode].arg);
- if (cipherInfo.mode == bltestINVALID) {
- fprintf(stderr, "%s: Invalid mode \"%s\"\n", progName,
- bltest.options[opt_Mode].arg);
- Usage();
- }
- } else {
- fprintf(stderr, "%s: You must specify a cipher mode with -m.\n",
- progName);
- Usage();
- }
-
- if (bltest.options[opt_Repetitions].activated) {
- cipherInfo.repetitions = PORT_Atoi(bltest.options[opt_Repetitions].arg);
- } else {
- cipherInfo.repetitions = 0;
- }
-
-
- if (bltest.options[opt_CXReps].activated) {
- cipherInfo.cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg);
- } else {
- cipherInfo.cxreps = 0;
- }
-
- /* Dump a file (rsakey, dsakey, etc.) */
- if (bltest.commands[cmd_Dump].activated) {
- return dump_file(cipherInfo.mode, bltest.options[opt_Input].arg);
- }
-
- /* default input mode is binary */
- ioMode = (bltest.options[opt_B64].activated) ? bltestBase64Encoded :
- (bltest.options[opt_Hex].activated) ? bltestHexStream :
- (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim :
- bltestBinary;
-
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 0;
-
- if (bltest.options[opt_Exponent].activated)
- exponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
- else
- exponent = 65537;
-
- /* Set up an encryption key. */
- keysize = 0;
- file = NULL;
- if (is_symmkeyCipher(cipherInfo.mode)) {
- char *keystr = NULL; /* if key is on command line */
- if (bltest.options[opt_Key].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- keystr = bltest.options[opt_Key].arg;
- } else {
- file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
- }
- } else {
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 8; /* use 64-bit default (DES) */
- /* save the random key for reference */
- file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- params->key.mode = ioMode;
- setupIO(cipherInfo.arena, &params->key, file, keystr, keysize);
- if (file)
- PR_Close(file);
- } else if (is_pubkeyCipher(cipherInfo.mode)) {
- if (bltest.options[opt_Key].activated) {
- file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
- } else {
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 64; /* use 512-bit default */
- file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- params->key.mode = bltestBase64Encoded;
- pubkeyInitKey(&cipherInfo, file, keysize, exponent);
- PR_Close(file);
- }
-
- /* set up an initialization vector. */
- if (cipher_requires_IV(cipherInfo.mode)) {
- char *ivstr = NULL;
- bltestSymmKeyParams *skp;
- file = NULL;
- if (cipherInfo.mode == bltestRC5_CBC)
- skp = (bltestSymmKeyParams *)&params->rc5;
- else
- skp = &params->sk;
- if (bltest.options[opt_IV].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- ivstr = bltest.options[opt_IV].arg;
- } else {
- file = PR_Open(bltest.options[opt_IV].arg, PR_RDONLY, 00660);
- }
- } else {
- /* save the random iv for reference */
- file = PR_Open("tmp.iv", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- memset(&skp->iv, 0, sizeof skp->iv);
- skp->iv.mode = ioMode;
- setupIO(cipherInfo.arena, &skp->iv, file, ivstr, keysize);
- if (file)
- PR_Close(file);
- }
-
- if (bltest.commands[cmd_Verify].activated) {
- if (!bltest.options[opt_SigFile].activated) {
- fprintf(stderr, "%s: You must specify a signature file with -f.\n",
- progName);
- exit(-1);
- }
- file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660);
- memset(&cipherInfo.params.dsa.sig, 0, sizeof(bltestIO));
- cipherInfo.params.dsa.sig.mode = ioMode;
- setupIO(cipherInfo.arena, &cipherInfo.params.dsa.sig, file, NULL, 0);
- }
-
- if (bltest.options[opt_PQGFile].activated) {
- file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660);
- params->dsa.pqgdata.mode = bltestBase64Encoded;
- setupIO(cipherInfo.arena, &params->dsa.pqgdata, file, NULL, 0);
- }
-
- /* Set up the input buffer */
- if (bltest.options[opt_Input].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- instr = bltest.options[opt_Input].arg;
- infile = NULL;
- } else {
- /* form file name from testdir and input arg. */
- char * filename = bltest.options[opt_Input].arg;
- if (bltest.options[opt_SelfTestDir].activated &&
- testdir && filename && filename[0] != '/')
- filename = PR_smprintf("%s/tests/%s/%s", testdir,
- mode_strings[cipherInfo.mode], filename);
- infile = PR_Open(filename, PR_RDONLY, 00660);
- }
- } else if (bltest.options[opt_BufSize].activated) {
- /* save the random plaintext for reference */
- infile = PR_Open("tmp.in", PR_WRONLY|PR_CREATE_FILE, 00660);
- } else {
- infile = PR_STDIN;
- }
- if (!infile) {
- fprintf(stderr, "%s: Failed to open input file.\n", progName);
- exit(-1);
- }
- cipherInfo.input.mode = ioMode;
-
- /* Set up the output stream */
- if (bltest.options[opt_Output].activated) {
- /* form file name from testdir and input arg. */
- char * filename = bltest.options[opt_Output].arg;
- if (bltest.options[opt_SelfTestDir].activated &&
- testdir && filename && filename[0] != '/')
- filename = PR_smprintf("%s/tests/%s/%s", testdir,
- mode_strings[cipherInfo.mode], filename);
- outfile = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
- } else {
- outfile = PR_STDOUT;
- }
- if (!outfile) {
- fprintf(stderr, "%s: Failed to open output file.\n", progName);
- exit(-1);
- }
- cipherInfo.output.mode = ioMode;
- if (bltest.options[opt_SelfTestDir].activated && ioMode == bltestBinary)
- cipherInfo.output.mode = bltestBase64Encoded;
-
- if (is_hashCipher(cipherInfo.mode))
- cipherInfo.params.hash.restart = bltest.options[opt_Restart].activated;
-
- bufsize = 0;
- if (bltest.options[opt_BufSize].activated)
- bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg);
-
- /*infile = NULL;*/
- setupIO(cipherInfo.arena, &cipherInfo.input, infile, instr, bufsize);
- misalignBuffer(cipherInfo.arena, &cipherInfo.input, inoff);
-
- cipherInit(&cipherInfo, bltest.commands[cmd_Encrypt].activated);
- misalignBuffer(cipherInfo.arena, &cipherInfo.output, outoff);
-
- if (!bltest.commands[cmd_Nonce].activated) {
- if (bltest.options[opt_MonteCarlo].activated) {
- int mciter;
- for (mciter=0; mciter<10000; mciter++) {
- cipherDoOp(&cipherInfo);
- memcpy(cipherInfo.input.buf.data,
- cipherInfo.output.buf.data,
- cipherInfo.input.buf.len);
- }
- } else {
- cipherDoOp(&cipherInfo);
- }
- cipherFinish(&cipherInfo);
- finishIO(&cipherInfo.output, outfile);
- }
-
- if (cipherInfo.repetitions > 0 || cipherInfo.cxreps > 0)
- dump_performance_info(&cipherInfo,
- bltest.commands[cmd_Encrypt].activated,
- (cipherInfo.repetitions == 0));
-
- if (infile && infile != PR_STDIN)
- PR_Close(infile);
- if (outfile && outfile != PR_STDOUT)
- PR_Close(outfile);
- PORT_FreeArena(cipherInfo.arena, PR_TRUE);
-
- /*NSS_Shutdown();*/
-
- return SECSuccess;
-}
diff --git a/security/nss/cmd/bltest/manifest.mn b/security/nss/cmd/bltest/manifest.mn
deleted file mode 100644
index 2bbe10999..000000000
--- a/security/nss/cmd/bltest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-REQUIRES = seccmd dbm
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-PROGRAM = bltest
-
- USE_STATIC_LIBS = 1
-
-EXPORTS = \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- $(NULL)
-
-CSRCS = \
- blapitest.c \
- $(NULL)
-
diff --git a/security/nss/cmd/bltest/tests/README b/security/nss/cmd/bltest/tests/README
deleted file mode 100644
index 9982a2f15..000000000
--- a/security/nss/cmd/bltest/tests/README
+++ /dev/null
@@ -1,49 +0,0 @@
-This directory contains a set of tests for each cipher supported by
-BLAPI. Each subdirectory contains known plaintext and ciphertext pairs
-(and keys and/or iv's if needed). The tests can be run as a full set
-with:
- bltest -T
-or as subsets, for example:
- bltest -T -m des_ecb,md2,rsa
-
-In each subdirectory, the plaintext, key, and iv are ascii, and treated
-as such. The ciphertext is base64-encoded to avoid the hassle of binary
-files.
-
-To add a test, incremement the value in the numtests file. Create a
-plaintext, key, and iv file, such that the name of the file is
-incrememted one from the last set of tests. For example, if you are
-adding the second test, put your data in files named plaintext1, key1,
-and iv1 (ignoring key and iv if they are not needed, of course). Make
-sure your key and iv are the correct number of bytes for your cipher (a
-trailing \n is okay, but any other trailing bytes will be used!). Once
-you have your input data, create output data by running bltest on a
-trusted implementation. For example, for a new DES ECB test, run
- bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the
-tests/des_ecb directory. Then run
- bltest -T des_ecb from the cmd/bltest directory in the tree of the
-implementation you want to test.
-
-Note that the -a option above is important, it tells bltest to expect
-the input to be straight ASCII, and not base64 encoded binary!
-
-Special cases:
-
-RC5:
-RC5 can take additional parameters, the number of rounds to perform and
-the wordsize to use. The number of rounds is between is between 0 and
-255, and the wordsize is either is either 16, 32, or 64 bits (at this
-time only 32-bit is supported). These parameters are specified in a
-paramsN file, where N is an index as above. The format of the file is
-"rounds=R\nwordsize=W\n".
-
-public key modes (RSA and DSA):
-Asymmetric key ciphers use keys with special properties, so creating a
-key file with "Mozilla!" in it will not get you very far! To create a
-public key, run bltest with the plaintext you want to encrypt, using a
-trusted implementation. bltest will generate a key and store it in
-"tmp.key", rename that file to keyN. For example:
- bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
- mv tmp.key key0
-
-[note: specifying a keysize (-g) when using RSA is important!]
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
deleted file mode 100644
index 040a397d7..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-oJLgOzZ1GiWt3DGo2sPKaA==
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/iv0 b/security/nss/cmd/bltest/tests/aes_cbc/iv0
deleted file mode 100644
index 4e65bc034..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-qwertyuiopasdfgh
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/key0 b/security/nss/cmd/bltest/tests/aes_cbc/key0
deleted file mode 100644
index 13911cc29..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/numtests b/security/nss/cmd/bltest/tests/aes_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 b/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
deleted file mode 100644
index 8d6a8d555..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
deleted file mode 100644
index d6818c1d0..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-PVuaCIiaKQhblgFCbVMTTg==
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/key0 b/security/nss/cmd/bltest/tests/aes_ecb/key0
deleted file mode 100644
index 13911cc29..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/numtests b/security/nss/cmd/bltest/tests/aes_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 b/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
deleted file mode 100644
index 8d6a8d555..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
deleted file mode 100644
index 61dae3192..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-KV3MDNGKWOc=
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/iv0 b/security/nss/cmd/bltest/tests/des3_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/key0 b/security/nss/cmd/bltest/tests/des3_cbc/key0
deleted file mode 100644
index 588efd111..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/numtests b/security/nss/cmd/bltest/tests/des3_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
deleted file mode 100644
index 76dc820d3..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-RgckVNh4QcM=
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/key0 b/security/nss/cmd/bltest/tests/des3_ecb/key0
deleted file mode 100644
index 588efd111..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/numtests b/security/nss/cmd/bltest/tests/des3_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
deleted file mode 100644
index 67d2ad1aa..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-Perdg9FMYQ4=
diff --git a/security/nss/cmd/bltest/tests/des_cbc/iv0 b/security/nss/cmd/bltest/tests/des_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des_cbc/key0 b/security/nss/cmd/bltest/tests/des_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_cbc/numtests b/security/nss/cmd/bltest/tests/des_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
deleted file mode 100644
index 8be22fa5c..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3bNoWzzNiFc=
diff --git a/security/nss/cmd/bltest/tests/des_ecb/key0 b/security/nss/cmd/bltest/tests/des_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_ecb/numtests b/security/nss/cmd/bltest/tests/des_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/dsa/ciphertext0 b/security/nss/cmd/bltest/tests/dsa/ciphertext0
deleted file mode 100644
index 8e7150562..000000000
--- a/security/nss/cmd/bltest/tests/dsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg==
diff --git a/security/nss/cmd/bltest/tests/dsa/key0 b/security/nss/cmd/bltest/tests/dsa/key0
deleted file mode 100644
index e582eeb04..000000000
--- a/security/nss/cmd/bltest/tests/dsa/key0
+++ /dev/null
@@ -1,6 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW
-ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv
-3hwP/HsuO0mLJgYU
diff --git a/security/nss/cmd/bltest/tests/dsa/keyseed0 b/security/nss/cmd/bltest/tests/dsa/keyseed0
deleted file mode 100644
index 6eea359db..000000000
--- a/security/nss/cmd/bltest/tests/dsa/keyseed0
+++ /dev/null
@@ -1 +0,0 @@
-AAAAAAAAAAAAAAAAAAAAAAAAAAA=
diff --git a/security/nss/cmd/bltest/tests/dsa/numtests b/security/nss/cmd/bltest/tests/dsa/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/dsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/dsa/plaintext0 b/security/nss/cmd/bltest/tests/dsa/plaintext0
deleted file mode 100644
index 48fbdb6fd..000000000
--- a/security/nss/cmd/bltest/tests/dsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/dsa/pqg0 b/security/nss/cmd/bltest/tests/dsa/pqg0
deleted file mode 100644
index f16326ccc..000000000
--- a/security/nss/cmd/bltest/tests/dsa/pqg0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAg==
diff --git a/security/nss/cmd/bltest/tests/dsa/sigseed0 b/security/nss/cmd/bltest/tests/dsa/sigseed0
deleted file mode 100644
index 05d7fd2d6..000000000
--- a/security/nss/cmd/bltest/tests/dsa/sigseed0
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/md2/ciphertext0 b/security/nss/cmd/bltest/tests/md2/ciphertext0
deleted file mode 100644
index 22e1fc496..000000000
--- a/security/nss/cmd/bltest/tests/md2/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-CS/UNcrWhB5Knt7Gf8Tz3Q==
diff --git a/security/nss/cmd/bltest/tests/md2/numtests b/security/nss/cmd/bltest/tests/md2/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/md2/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md2/plaintext0 b/security/nss/cmd/bltest/tests/md2/plaintext0
deleted file mode 100644
index dce2994ba..000000000
--- a/security/nss/cmd/bltest/tests/md2/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-16-bytes to MD2.
diff --git a/security/nss/cmd/bltest/tests/md5/ciphertext0 b/security/nss/cmd/bltest/tests/md5/ciphertext0
deleted file mode 100644
index ea11ee523..000000000
--- a/security/nss/cmd/bltest/tests/md5/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-XN8lnQuWAiMqmSGfvd8Hdw==
diff --git a/security/nss/cmd/bltest/tests/md5/numtests b/security/nss/cmd/bltest/tests/md5/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/md5/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md5/plaintext0 b/security/nss/cmd/bltest/tests/md5/plaintext0
deleted file mode 100644
index 5ae3875e2..000000000
--- a/security/nss/cmd/bltest/tests/md5/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-63-byte input to MD5 can be a bit tricky, but no problems here.
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
deleted file mode 100644
index d964ef864..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3ki6eVsWpY8=
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 b/security/nss/cmd/bltest/tests/rc2_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/key0 b/security/nss/cmd/bltest/tests/rc2_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/numtests b/security/nss/cmd/bltest/tests/rc2_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
deleted file mode 100644
index 337d30765..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-WT+tc4fANhQ=
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/key0 b/security/nss/cmd/bltest/tests/rc2_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/numtests b/security/nss/cmd/bltest/tests/rc2_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext0 b/security/nss/cmd/bltest/tests/rc4/ciphertext0
deleted file mode 100644
index 004f13472..000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20k=
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext1 b/security/nss/cmd/bltest/tests/rc4/ciphertext1
deleted file mode 100644
index 6050da4c6..000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M=
diff --git a/security/nss/cmd/bltest/tests/rc4/key0 b/security/nss/cmd/bltest/tests/rc4/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc4/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/key1 b/security/nss/cmd/bltest/tests/rc4/key1
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc4/key1
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/numtests b/security/nss/cmd/bltest/tests/rc4/numtests
deleted file mode 100644
index 0cfbf0888..000000000
--- a/security/nss/cmd/bltest/tests/rc4/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext0 b/security/nss/cmd/bltest/tests/rc4/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext1 b/security/nss/cmd/bltest/tests/rc4/plaintext1
deleted file mode 100644
index d41abc7b8..000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!Mozilla!Mozilla!Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
deleted file mode 100644
index 544713b33..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qsv4Fn2J6d0=
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 b/security/nss/cmd/bltest/tests/rc5_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/key0 b/security/nss/cmd/bltest/tests/rc5_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/numtests b/security/nss/cmd/bltest/tests/rc5_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/params0 b/security/nss/cmd/bltest/tests/rc5_cbc/params0
deleted file mode 100644
index d68e0362d..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
deleted file mode 100644
index 133777dd0..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-4ZKK/1v5Ohc=
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/key0 b/security/nss/cmd/bltest/tests/rc5_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/numtests b/security/nss/cmd/bltest/tests/rc5_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/params0 b/security/nss/cmd/bltest/tests/rc5_ecb/params0
deleted file mode 100644
index d68e0362d..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rsa/ciphertext0 b/security/nss/cmd/bltest/tests/rsa/ciphertext0
deleted file mode 100644
index 943ea599a..000000000
--- a/security/nss/cmd/bltest/tests/rsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as=
diff --git a/security/nss/cmd/bltest/tests/rsa/key0 b/security/nss/cmd/bltest/tests/rsa/key0
deleted file mode 100644
index 1352fe986..000000000
--- a/security/nss/cmd/bltest/tests/rsa/key0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA
-IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39
-oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA
-EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ==
diff --git a/security/nss/cmd/bltest/tests/rsa/numtests b/security/nss/cmd/bltest/tests/rsa/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rsa/plaintext0 b/security/nss/cmd/bltest/tests/rsa/plaintext0
deleted file mode 100644
index d915bc88c..000000000
--- a/security/nss/cmd/bltest/tests/rsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-512bitsforRSAPublicKeyEncryption
diff --git a/security/nss/cmd/bltest/tests/sha1/ciphertext0 b/security/nss/cmd/bltest/tests/sha1/ciphertext0
deleted file mode 100644
index 1fe4bd2bd..000000000
--- a/security/nss/cmd/bltest/tests/sha1/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-cDSMAygXMPIJZC5bntZ4ZhecQ9g=
diff --git a/security/nss/cmd/bltest/tests/sha1/numtests b/security/nss/cmd/bltest/tests/sha1/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/sha1/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/sha1/plaintext0 b/security/nss/cmd/bltest/tests/sha1/plaintext0
deleted file mode 100644
index 863e79c65..000000000
--- a/security/nss/cmd/bltest/tests/sha1/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-A cage went in search of a bird.
diff --git a/security/nss/cmd/bltest/tests/sha256/ciphertext0 b/security/nss/cmd/bltest/tests/sha256/ciphertext0
deleted file mode 100644
index 07e2ff14f..000000000
--- a/security/nss/cmd/bltest/tests/sha256/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=
diff --git a/security/nss/cmd/bltest/tests/sha256/ciphertext1 b/security/nss/cmd/bltest/tests/sha256/ciphertext1
deleted file mode 100644
index 2ab6e1da5..000000000
--- a/security/nss/cmd/bltest/tests/sha256/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-JI1qYdIGOLjlwCaTDD5gOaM85Flk/yFn9uzt1BnbBsE=
diff --git a/security/nss/cmd/bltest/tests/sha256/numtests b/security/nss/cmd/bltest/tests/sha256/numtests
deleted file mode 100644
index 0cfbf0888..000000000
--- a/security/nss/cmd/bltest/tests/sha256/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/sha256/plaintext0 b/security/nss/cmd/bltest/tests/sha256/plaintext0
deleted file mode 100644
index 8baef1b4a..000000000
--- a/security/nss/cmd/bltest/tests/sha256/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-abc
diff --git a/security/nss/cmd/bltest/tests/sha256/plaintext1 b/security/nss/cmd/bltest/tests/sha256/plaintext1
deleted file mode 100644
index afb5dce5d..000000000
--- a/security/nss/cmd/bltest/tests/sha256/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq
diff --git a/security/nss/cmd/bltest/tests/sha384/ciphertext0 b/security/nss/cmd/bltest/tests/sha384/ciphertext0
deleted file mode 100644
index c94f91e22..000000000
--- a/security/nss/cmd/bltest/tests/sha384/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-ywB1P0WjXou1oD1pmsZQBycsMqsO3tFjGotgWkP/W+2AhgcroefMI1i67KE0yCWn
diff --git a/security/nss/cmd/bltest/tests/sha384/ciphertext1 b/security/nss/cmd/bltest/tests/sha384/ciphertext1
deleted file mode 100644
index 833f06d84..000000000
--- a/security/nss/cmd/bltest/tests/sha384/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-CTMMM/cRR+g9GS/Hgs0bR1MRGxc7OwXSL6CAhuOw9xL8x8caVX4tuWbD6fqRdGA5
diff --git a/security/nss/cmd/bltest/tests/sha384/numtests b/security/nss/cmd/bltest/tests/sha384/numtests
deleted file mode 100644
index 0cfbf0888..000000000
--- a/security/nss/cmd/bltest/tests/sha384/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/sha384/plaintext0 b/security/nss/cmd/bltest/tests/sha384/plaintext0
deleted file mode 100644
index 8baef1b4a..000000000
--- a/security/nss/cmd/bltest/tests/sha384/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-abc
diff --git a/security/nss/cmd/bltest/tests/sha384/plaintext1 b/security/nss/cmd/bltest/tests/sha384/plaintext1
deleted file mode 100644
index 94fcc2b29..000000000
--- a/security/nss/cmd/bltest/tests/sha384/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu
diff --git a/security/nss/cmd/bltest/tests/sha512/ciphertext0 b/security/nss/cmd/bltest/tests/sha512/ciphertext0
deleted file mode 100644
index 8b626e237..000000000
--- a/security/nss/cmd/bltest/tests/sha512/ciphertext0
+++ /dev/null
@@ -1,2 +0,0 @@
-3a81oZNherrMQXNJriBBMRLm+k6JqX6iCp7u5ktV05ohkpkqJ0/BqDa6PCOj/uu9
-RU1EI2Q86A4qmslPpUyknw==
diff --git a/security/nss/cmd/bltest/tests/sha512/ciphertext1 b/security/nss/cmd/bltest/tests/sha512/ciphertext1
deleted file mode 100644
index c02d1752d..000000000
--- a/security/nss/cmd/bltest/tests/sha512/ciphertext1
+++ /dev/null
@@ -1,2 +0,0 @@
-jpWbddrjE9qM9PcoFPwUP493ecbrn3+hcpmurbaIkBhQHSieSQD35DMbmd7EtUM6
-x9Mp7rbdJlReluVbh0vpCQ==
diff --git a/security/nss/cmd/bltest/tests/sha512/numtests b/security/nss/cmd/bltest/tests/sha512/numtests
deleted file mode 100644
index 0cfbf0888..000000000
--- a/security/nss/cmd/bltest/tests/sha512/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/sha512/plaintext0 b/security/nss/cmd/bltest/tests/sha512/plaintext0
deleted file mode 100644
index 8baef1b4a..000000000
--- a/security/nss/cmd/bltest/tests/sha512/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-abc
diff --git a/security/nss/cmd/bltest/tests/sha512/plaintext1 b/security/nss/cmd/bltest/tests/sha512/plaintext1
deleted file mode 100644
index 94fcc2b29..000000000
--- a/security/nss/cmd/bltest/tests/sha512/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu
diff --git a/security/nss/cmd/btoa/Makefile b/security/nss/cmd/btoa/Makefile
deleted file mode 100644
index 763faa253..000000000
--- a/security/nss/cmd/btoa/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/btoa/btoa.c b/security/nss/cmd/btoa/btoa.c
deleted file mode 100644
index d58805c65..000000000
--- a/security/nss/cmd/btoa/btoa.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32
-output_ascii (void *arg, const char *obuf, PRInt32 size)
-{
- FILE *outFile = arg;
- int nb;
-
- nb = fwrite(obuf, 1, size, outFile);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return nb;
-}
-
-static SECStatus
-encode_file(FILE *outFile, FILE *inFile)
-{
- NSSBase64Encoder *cx;
- int nb;
- SECStatus status = SECFailure;
- unsigned char ibuf[4096];
-
- cx = NSSBase64Encoder_Create(output_ascii, outFile);
- if (!cx) {
- return -1;
- }
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
- /* eof */
- break;
- }
- }
-
- status = NSSBase64Encoder_Update(cx, ibuf, nb);
- if (status != SECSuccess) goto loser;
- }
-
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- if (status != SECSuccess)
- return status;
-
- /*
- * Add a trailing CRLF. Note this must be done *after* the call
- * to Destroy above (because only then are we sure all data has
- * been written out).
- */
- fwrite("\r\n", 1, 2, outFile);
- return SECSuccess;
-
- loser:
- (void) NSSBase64Encoder_Destroy(cx, PR_TRUE);
- return status;
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- SECStatus rv;
- FILE *inFile, *outFile;
- PLOptState *optstate;
- PLOptStatus status;
-
- inFile = 0;
- outFile = 0;
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- default:
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "rb");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
- if (!inFile) {
-#if defined(WIN32)
- /* If we're going to read binary data from stdin, we must put stdin
- ** into O_BINARY mode or else incoming \r\n's will become \n's.
- */
-
- int smrv = _setmode(_fileno(stdin), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdin to binary mode. Use -i option instead.\n",
- progName);
- return smrv;
- }
-#endif
- inFile = stdin;
- }
- if (!outFile)
- outFile = stdout;
- rv = encode_file(outFile, inFile);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
- progName, PORT_GetError(), errno);
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/btoa/makefile.win b/security/nss/cmd/btoa/makefile.win
deleted file mode 100644
index 28d3ee873..000000000
--- a/security/nss/cmd/btoa/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = btoa
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/btoa/manifest.mn b/security/nss/cmd/btoa/manifest.mn
deleted file mode 100644
index b82b26a5c..000000000
--- a/security/nss/cmd/btoa/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# MODULE is implicitly REQUIRED, doesn't need to be listed below.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = btoa.c
-
-PROGRAM = btoa
-
diff --git a/security/nss/cmd/certcgi/HOWTO.txt b/security/nss/cmd/certcgi/HOWTO.txt
deleted file mode 100644
index f02ad32fd..000000000
--- a/security/nss/cmd/certcgi/HOWTO.txt
+++ /dev/null
@@ -1,168 +0,0 @@
- How to setup your very own Cert-O-Matic Root CA server
-
-***** BEGIN LICENSE BLOCK *****
-Version: MPL 1.1/GPL 2.0/LGPL 2.1
-
-The contents of this file are subject to the Mozilla Public License Version
-1.1 (the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS IS" basis,
-WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-for the specific language governing rights and limitations under the
-License.
-
-The Original Code is Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape Communications
-Corporation. Portions created by the Initial Developer are
-Copyright (C) 2001 the Initial Developer. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the terms of
-either the GNU General Public License Version 2 or later (the "GPL"), or
-the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-in which case the provisions of the GPL or the LGPL are applicable instead
-of those above. If you wish to allow use of your version of this file only
-under the terms of either the GPL or the LGPL, and not to allow others to
-use your version of this file under the terms of the MPL, indicate your
-decision by deleting the provisions above and replace them with the notice
-and other provisions required by the GPL or the LGPL. If you do not delete
-the provisions above, a recipient may use your version of this file under
-the terms of any one of the MPL, the GPL or the LGPL.
-
-***** END LICENSE BLOCK *****
-
- How to setup your very own Cert-O-Matic Root CA server
-
-The program certcgi is part of a small test CA that is used inside
-Netscape by the NSS development team. That CA is affectionately known
-as "Cert-O-Matic" or "Cert-O-Matic II". It presently runs on a server
-named interzone.mcom.com inside Netscape's firewall.
-
-If you wish to setup your own Cert-O-Matic, here are directions.
-
-Disclaimer: This program does not follow good practices for root CAs.
-It should be used only for playing/testing and never for production use.
-Remember, you've been warned!
-
-Cert-O-Matic consists of some html files, shell scripts, one executable
-program that uses NSS and NSPR, the usual set of NSS .db files, and a file
-in which to remember the serial number of the last cert issued. The
-html files and the source to the executable program are in this directory.
-Sample shell scripts are shown below.
-
-The shell scripts and executable program run as CGI "scripts". The
-entire thing runs on an ordinary http web server. It would also run on
-an https web server. The shell scripts and html files must be
-customized for the server on which they run.
-
-The package assumes you have a "document root" directory $DOCROOT, and a
-"cgi-bin" directory $CGIBIN. In this example, the document root is
-assumed to be located in /var/www/htdocs, and the cgi-bin directory in
-/var/www/cgi-bin.
-
-The server is assumed to run all cgi scripts as the user "nobody".
-The names of the cgi scripts run directly by the server all end in .cgi
-because some servers like it that way.
-
-Instructions:
-
-- Create directory $DOCROOT/certomatic
-- Copy the following files from nss/cmd/certcgi to $DOCROOT/certomatic
- ca.html index.html main.html nscp_ext_form.html stnd_ext_form.html
-- Edit the html files, substituting the name of your own server for the
- server named in those files.
-- In some web page (e.g. your server's home page), provide an html link to
- $DOCROOT/certomatic/index.html. This is where users start to get their
- own certs from certomatic.
-- give these files and directories appropriate permissions.
-
-- Create directories $CGIBIN/certomatic and $CGIBIN/certomatic/bin
- make sure that $CGIBIN/certomatic is writable by "nobody"
-
-- Create a new set of NSS db files there with the following command:
-
- certutil -N -d $CGIBIN/certomatic
-
-- when certutil prompts you for the password, enter the word foo
- because that is compiled into the certcgi program.
-
-- Create the new Root CA cert with this command
-
- certutil -S -x -d $CGIBIN/certomatic -n "Cert-O-Matic II" \
- -s "CN=Cert-O-Matic II, O=Cert-O-Matic II" -t TCu,cu,cu -k rsa \
- -g 1024 -m 10001 -v 60
-
- (adjust the -g, -m and -v parameters to taste. -s and -x must be as
-shown.)
-
-- dump out the new root CA cert in base64 encoding:
-
- certutil -d $CGIBIN/certomatic -L -n "Cert-O-Matic II" -a > \
- $CGIBIN/certomatic/root.cacert
-
-- In $CGIBIN/certomatic/bin add two shell scripts - one to download the
- root CA cert on demand, and one to run the certcgi program.
-
-download.cgi, the script to install the root CA cert into a browser on
-demand, is this:
-
-#!/bin/sh
-echo "Content-type: application/x-x509-ca-cert"
-echo
-cat $CGIBIN/certomatic/root.cacert
-
-You'll have to put the real path into that cat command because CGIBIN
-won't be defined when this script is run by the server.
-
-certcgi.cgi, the script to run the certcgi program is similar to this:
-
-#!/bin/sh
-cd $CGIBIN/certomatic/bin
-LD_LIBRARY_PATH=$PLATFORM/lib
-export LD_LIBRARY_PATH
-$PLATFORM/bin/certcgi $* 2>&1
-
-Where $PLATFORM/lib is where the NSPR nad NSS DSOs are located, and
-$PLATFORM/bin is where certcgi is located. PLATFORM is not defined when
-the server runs this script, so you'll have to substitute the right value
-in your script. certcgi requires that the working directory be one level
-below the NSS DBs, that is, the DBs are accessed in the directory "..".
-
-You'll want to provide an html link somewhere to the script that downloads
-the root.cacert file. You'll probably want to put that next to the link
-that loads the index.html page. On interzone, this is done with the
-following html:
-
-<a href="/certomatic/index.html">Cert-O-Matic II Root CA server</a>
-<p>
-<a href="/cgi-bin/certomatic/bin/download.cgi">Download and trust Root CA
-certificate</a>
-
-The index.html file in this directory invokes the certcgi.cgi script with
-the form post method, so if you change the name of the certcgi.cgi script,
-you'll also have to change the index.html file in $DOCROOT/certomatic
-
-The 4 files used by the certcgi program (the 3 NSS DBs, and the serial
-number file) are not required to live in $CGIBIN/certomatic, but they are
-required to live in $CWD/.. when certcgi starts.
-
-Known bugs:
-
-1. Because multiple of these CAs exist simultaneously, it would be best if
-they didn't all have to be called "Cert-O-Matic II", but that string is
-presently hard coded into certcgi.c.
-
-2. the html files in this directory contain numerous extraneous <FORM> tags
-which appear to use the post method and have action URLS that are never
-actually used. burp.cgi and echoform.cgi are never actually used. This
-should be cleaned up.
-
-3. The html files use <layer> tags which are supported only in Netscape
-Navigator and Netscape Communication 4.x browsers. The html files do
-not work as intended with Netscape 6.x, Mozilla or Microsoft IE browsers.
-The html files should be fixed to work with all those named browsers.
-
diff --git a/security/nss/cmd/certcgi/Makefile b/security/nss/cmd/certcgi/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/certcgi/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/certcgi/ca.html b/security/nss/cmd/certcgi/ca.html
deleted file mode 100644
index b9ffd8238..000000000
--- a/security/nss/cmd/certcgi/ca.html
+++ /dev/null
@@ -1,48 +0,0 @@
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
-<form method="post" name="ca_form" action="mailto:jerdonek@netscape.com">
-<input type="radio" name="caChoiceradio" value="SignWithDefaultkey"
- onClick="{parent.choice_change(this.form)}">
- Use the Cert-O-matic certificate to issue the cert</p>
-<input type="radio" name="caChoiceradio" value="SignWithRandomChain"
- onClick="{parent.choice_change(this.form)}"> Use a
- <input type="text" size="2" maxsize="2" name="autoCAs"> CA long
- automatically generated chain ending with the Cert-O-Matic Cert
- (18 maximum)</p>
-<input type="radio" name="caChoiceradio" value="SignWithSpecifiedChain"
- onClick="{parent.choice_change(this.form)}"> Use a
- <input type="text" size="1" maxlength="1" name="manCAs"
- onChange="{parent.ca_num_change(this.value,this.form)}"> CA long
- user input chain ending in the Cert-O-Matic Cert.</p>
-</form>
diff --git a/security/nss/cmd/certcgi/ca_form.html b/security/nss/cmd/certcgi/ca_form.html
deleted file mode 100644
index 43042cb64..000000000
--- a/security/nss/cmd/certcgi/ca_form.html
+++ /dev/null
@@ -1,385 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <table border=0 cellspacing=10 cellpadding=0>
- <tr>
- <td>
- Common Name:</td><td> <input type="text" name="name" onChange="{window.top.reset_subject('CN=', value, form)}"></p>
- </td>
- <td></td><td></td><td>
- Mail: </td><td><input type="text" name="email" onChange="var temp;{if (email_type[0].checked) {temp = 'MAIL='} else {temp = 'E='}} ;{window.top.reset_subject(temp, value, form)}"></p>
- RFC 1274<input type="radio" name="email_type" value="1" onClick="window.top.switch_mail(form)">
- e-mail<input type="radio" name="email_type" value="2" checked onClick="window.top.switch_mail(form)"></td>
- <tr>
- <td>
- Organization: </td><td> <input type="text" name="org" onChange="{window.top.reset_subject('O=', value, form)}"></p></td>
- <td></td><td></td><td>
- Organizational Unit: </td><td><input type="text" name="org_unit" onChange="{window.top.reset_subject('OU=', value, form)}"></p></td>
- <tr>
- <td>
- RFC 1274 UID: </td><td><input type="text" name="uid" onChange="{window.top.reset_subject('UID=', value, form)}"></p></td>
- <td></td><td></td><td>
- Locality: </td><td><input type="text" name="loc" onChange="{window.top.reset_subject('L=', value, form)}"></p></td>
- <tr>
- <td>
- State or Province: </td><td><input type="text" name="state" onChange="{window.top.reset_subject('ST=', value, form)}"></p></td>
- <td></td><td></td><td>
- Country: </td><td><input type="text" size="2" maxsize="2" name="country" onChange="{window.top.reset_subject('C=', value, form)}"></p></td>
- </table>
- <table border=0 cellspacing=10 cellpadding=0>
- <tr>
- <td>
- Serial Number:</p>
- <DD>
- <input type="radio" name="serial" value="auto" checked> Auto Generate</P>
- <DD>
- <input type="radio" name="serial" value="input">
- Use this value: <input type="text" name="serial_value" size="8" maxlength="8"></p>
- </td>
- <td></td><td></td><td></td><td></td>
- <td>
- X.509 version:</p>
- <DD>
- <input type="radio" name="ver" value="1" checked> Version 1</p>
- <DD>
- <input type="radio" name="ver" value="3"> Version 3</P></td>
- <td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td>
- <td>
- Key Type:</p>
- <DD>
- <input type="radio" name="keyType" value="rsa" checked> RSA</p>
- <DD>
- <input type="radio" name="keyType" value="dsa"> DSA</P></td>
- </table>
- DN: <input type="text" name="subject" size="70" onChange="{window.top.reset_subjectFields(form)}"></P>
- <Select name="keysize">
- <option>1024 (High Grade)
- <option>768 (Medium Grade)
- <option>512 (Low Grade)
- </select>
- </p>
- <hr>
- </p>
- <table border=1 cellspacing=5 cellpadding=5>
- <tr>
- <td>
- <b>Netscape Certificate Type: </b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-type"></P>
- Critical: <input type="checkbox" name="netscape-cert-type-crit">
- <td>
- <input type="checkbox" name="netscape-cert-type-ssl-client"> SSL Client</P>
- <input type="checkbox" name="netscape-cert-type-ssl-server"> SSL Server</P>
- <input type="checkbox" name="netscape-cert-type-smime"> S/MIME</P>
- <input type="checkbox" name="netscape-cert-type-object-signing"> Object Signing</P>
- <input type="checkbox" name="netscape-cert-type-reserved"> Reserved for future use (bit 4)</P>
- <input type="checkbox" name="netscape-cert-type-ssl-ca"> SSL CA</P>
- <input type="checkbox" name="netscape-cert-type-smime-ca"> S/MIME CA</P>
- <input type="checkbox" name="netscape-cert-type-object-signing-ca"> Object Signing CA</P>
- </tr>
- <tr>
- <td>
- <b>Netscape Base URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-base-url"></P>
- Critical: <input type="checkbox" name="netscape-base-url-crit">
- <td>
- <input type="text" name="netscape-base-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-revocation-url-crit">
- <td>
- <input type="text" name="netscape-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-revocation-url-crit">
- <td>
- <input type="text" name="netscape-ca-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Certificate Renewal URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-renewal-url"></P>
- Critical: <input type="checkbox" name="netscape-cert-renewal-url-crit">
- <td>
- <input type="text" name="netscape-cert-renewal-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Policy URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-policy-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-policy-url-crit">
- <td>
- <input type="text" name="netscape-ca-policy-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape SSL Server Name:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ssl-server-name"></P>
- Critical: <input type="checkbox" name="netscape-ssl-server-name-crit">
- <td>
- <input type="text" name="netscape-ssl-server-name-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Comment:</b></p>
- Activate extension: <input type="checkbox" name="netscape-comment"></P>
- Critical: <input type="checkbox" name="netscape-comment-crit">
- <td>
- <textarea name="netscape-comment-text" rows="5" cols="50"></textarea>
- </tr>
- </table>
- </p>
- <hr>
- </p>
- <table border=1 cellspacing=5 cellpadding=5>
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <tr>
- <td>
- <b>Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="keyUsage"></P>
- Critical: <input type="checkbox" name="keyUsage-crit">
- <td>
- <input type="checkbox" name="keyUsage-digitalSignature"> Digital Signature</P>
- <input type="checkbox" name="keyUsage-nonRepudiation"> Non Repudiation</P>
- <input type="checkbox" name="keyUsage-keyEncipherment"> Key Encipherment</P>
- <input type="checkbox" name="keyUsage-dataEncipherment"> Data Encipherment</P>
- <input type="checkbox" name="keyUsage-keyAgreement"> Key Agreement</P>
- <input type="checkbox" name="keyUsage-keyCertSign"> Key Certificate Signing</P>
- <input type="checkbox" name="keyUsage-cRLSign"> CRL Signing</P>
- </tr>
- <tr>
- <td>
- <b>Extended Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="extKeyUsage"></P>
- Critical: <input type="checkbox" name="extKeyUsage-crit">
- <td>
- <input type="checkbox" name="extKeyUsage-serverAuth"> Server Auth</P>
- <input type="checkbox" name="extKeyUsage-clientAuth"> Client Auth</P>
- <input type="checkbox" name="extKeyUsage-codeSign"> Code Signing</P>
- <input type="checkbox" name="extKeyUsage-emailProtect"> Email Protection</P>
- <input type="checkbox" name="extKeyUsage-timeStamp"> Timestamp</P>
- <input type="checkbox" name="extKeyUsage-ocspResponder"> OCSP Responder</P>
- <input type="checkbox" name="extKeyUsage-NS-govtApproved"> Step-up</P>
- </tr>
- <tr>
- <td>
- <b>Basic Constraints:</b></p>
- Activate extension: <input type="checkbox" name="basicConstraints"></P>
- Critical: <input type="checkbox" name="basicConstraints-crit">
- <td>
- CA:</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="CA"> True</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="NotCA"> False</p>
- <input type="checkbox" name="basicConstraints-pathLengthConstraint">
- Include Path length: <input type="text" name="basicConstraints-pathLengthConstraint-text" size="2"></p>
- </tr>
- <tr>
- <td>
- <b>Authority Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="authorityKeyIdentifier">
- <td>
- <input type="radio" name="authorityKeyIdentifier-radio" value="keyIdentifier"> Key Identider</p>
- <input type="radio" name="authorityKeyIdentifier-radio" value="authorityCertIssuer"> Issuer Name and Serial number</p>
- </tr>
- <tr>
- <td>
- <b>Subject Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="subjectKeyIdentifier">
- <td>
- Key Identifier:
- <input type="text" name="subjectKeyIdentifier-text"></p>
- This is an:<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="ascii"> ascii text value<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="hex"> hex value<p>
- </tr>
- <tr>
- <td>
- <b>Private Key Usage Period:</b></p>
- Activate extension: <input type="checkbox" name="privKeyUsagePeriod"></p>
- Critical: <input type="checkbox" name="privKeyUsagePeriod-crit">
- <td>
- Use:</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notBefore"> Not Before</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notAfter"> Not After</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="both" > Both</p>
- <b>Not to be used to sign before:</b></p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="auto"> Set to time of certificate issue</p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="manual"> Use This value</p>
- <dd><dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notBefore-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notBefore-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notBefore-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notBefore-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-second" size="2" maxlength="2"></p>
- <b>Not to be used to sign after:</b></p>
- <dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notAfter-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notAfter-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notAfter-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notAfter-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-second" size="2" maxlength="2"></p>
- </tr>
- <tr>
- <td>
- <b>Subject Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="SubAltName"></P>
- Critical: <input type="checkbox" name="SubAltName-crit">
- <td>
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="SubAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="SubAltName-add" value="Add" onClick="{parent.addSubAltName(this.form)}">
- <input type="button" name="SubAltName-delete" value="Delete" onClick="parent.deleteSubAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="SubAltNameRadio" value="otherName" onClick="parent.setSubAltNameType(form)"> Other Name,
- OID: <input type="text" name="SubAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="SubAltNameRadio" value="rfc822Name" onClick="parent.setSubAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="dnsName" onClick="parent.setSubAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="SubAltNameRadio" value="x400" onClick="parent.setSubAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="directoryName" onClick="parent.setSubAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="SubAltNameRadio" value="ediPartyName" onClick="parent.setSubAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="URL" onClick="parent.setSubAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="SubAltNameRadio" value="ipAddress" onClick="parent.setSubAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="regID"onClick="parent.setSubAltNameType(form)"> Registered ID</td><td>
- <input type="radio" name="SubAltNameRadio" value="nscpNickname" onClick="parent.setSubAltNameType(form)"> Netscape Certificate Nickname</td><td></tr>
- </table>
- Name: <input type="text" name="SubAltNameText">
- Binary Encoded: <input type="checkbox" name="SubAltNameDataType" value="binary" onClick="parent.setSubAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
-
- <tr>
- <td>
- <b>Issuer Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="IssuerAltName"></P>
- Critical: <input type="checkbox" name="IssuerAltName-crit">
- <td>
- <input type="radio" name="IssuerAltNameSourceRadio" value="auto"> Use the Subject Alternative Name from the Issuers Certificate</p>
- <input type="radio" name="IssuerAltNameSourceRadio" value="man"> Use this Name:
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="IssuerAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="IssuerAltName-add" value="Add" onClick="{parent.addIssuerAltName(this.form)}">
- <input type="button" name="IssuerAltName-delete" value="Delete" onClick="parent.deleteIssuerAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="otherName" onClick="parent.setIssuerAltNameType(form)"> Other Name,
- OID: <input type="text" name="IssuerAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="rfc822Name" onClick="parent.setIssuerAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="dnsName" onClick="parent.setIssuerAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="x400" onClick="parent.setIssuerAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="directoryName" onClick="parent.setIssuerAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ediPartyName" onClick="parent.setIssuerAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="URL" onClick="parent.setIssuerAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ipAddress" onClick="parent.setIssuerAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="regID" onClick="parent.setIssuerAltNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="IssuerAltNameText">
- Binary Encoded: <input type="checkbox" name="IssuerAltNameDataType" value="binary" onClick="parent.setIssuerAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
- <tr>
- <td>
- <b>Name Constraints:</b></p>
- Activate extension: <input type="checkbox" name="NameConstraints"></P>
- <td>
- <table>
- <tr>
- <td>
- Name Constraints:</p>
-
-
- <select name="NameConstraintSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="NameConstraint-add" value="Add" onClick="{parent.addNameConstraint(this.form)}">
- <input type="button" name="NameConstraint-delete" value="Delete" onClick="parent.deleteNameConstraint(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="NameConstraintRadio" value="otherName" onClick="parent.setNameConstraintNameType(form)"> Other Name,
- OID: <input type="text" name="NameConstraintOtherNameOID" size="6"> </td><td>
- <input type="radio" name="NameConstraintRadio" value="rfc822Name" onClick="parent.setNameConstraintNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="dnsName" onClick="parent.setNameConstraintNameType(form)"> DNS Name </td><td>
- <input type="radio" name="NameConstraintRadio" value="x400" onClick="parent.setNameConstraintNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="directoryName" onClick="parent.setNameConstraintNameType(form)"> Directory Name</td><td>
- <input type="radio" name="NameConstraintRadio" value="ediPartyName" onClick="parent.setNameConstraintNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="URL" onClick="parent.setNameConstraintNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="NameConstraintRadio" value="ipAddress" onClick="parent.setNameConstraintNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="regID" onClick="parent.setNameConstraintNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="NameConstraintText">
- Binary Encoded: <input type="checkbox" name="NameConstraintNameDataType" value="binary" onClick="parent.setNameConstraintNameType(form)"></p>
- Constraint type:<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="permited"> permited<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="excluded"> excluded<p>
- Minimum: <input type="text" name="NameConstraintMin" size="8" maxlength="8"></p>
- Maximum: <input type="text" name="NameConstraintMax" size="8" maxlength="8"></p>
-
-
-
- </tr>
- </table>
- </tr>
- </table>
- </form>
-
-
-
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/certcgi/certcgi.c b/security/nss/cmd/certcgi/certcgi.c
deleted file mode 100644
index 5377a76a7..000000000
--- a/security/nss/cmd/certcgi/certcgi.c
+++ /dev/null
@@ -1,2434 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Cert-O-Matic CGI */
-
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "cert.h"
-#include "cryptohi.h"
-#include "secoid.h"
-#include "secder.h"
-#include "genname.h"
-#include "xconst.h"
-#include "secutil.h"
-#include "pqgutil.h"
-#include "certxutl.h"
-#include "secrng.h" /* for RNG_ */
-#include "nss.h"
-
-
-/* #define TEST 1 */
-/* #define FILEOUT 1 */
-/* #define OFFLINE 1 */
-#define START_FIELDS 100
-#define PREFIX_LEN 6
-#define SERIAL_FILE "../serial"
-#define DB_DIRECTORY ".."
-
-static char *progName;
-
-typedef struct PairStr Pair;
-
-struct PairStr {
- char *name;
- char *data;
-};
-
-
-char prefix[PREFIX_LEN];
-
-
-const SEC_ASN1Template CERTIA5TypeTemplate[] = {
- { SEC_ASN1_IA5_STRING }
-};
-
-
-
-SECKEYPrivateKey *privkeys[9] = {NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL};
-
-
-#ifdef notdef
-const SEC_ASN1Template CERT_GeneralNameTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-#endif
-
-
-static void
-error_out(char *error_string)
-{
- printf("Content-type: text/plain\n\n");
- printf(error_string);
- fflush(stderr);
- fflush(stdout);
- exit(1);
-}
-
-static void
-error_allocate(void)
-{
- error_out("ERROR: Unable to allocate memory");
-}
-
-
-static char *
-make_copy_string(char *read_pos,
- int length,
- char sentinal_value)
- /* copys string from to a new string it creates and
- returns a pointer to the new string */
-{
- int remaining = length;
- char *write_pos;
- char *new;
-
- new = write_pos = (char *) PORT_Alloc (length);
- if (new == NULL) {
- error_allocate();
- }
- while (*read_pos != sentinal_value) {
- if (remaining == 1) {
- remaining += length;
- length = length * 2;
- new = PORT_Realloc(new,length);
- if (new == NULL) {
- error_allocate();
- }
- write_pos = new + length - remaining;
- }
- *write_pos = *read_pos;
- ++write_pos;
- ++read_pos;
- remaining = remaining - 1;
- }
- *write_pos = '\0';
- return new;
-}
-
-
-static char *
-PasswordStub(PK11SlotInfo *slot,
- void *cx)
-{
- return NULL;
-}
-
-
-static SECStatus
-clean_input(Pair *data)
- /* converts the non-alphanumeric characters in a form post
- from hex codes back to characters */
-{
- int length;
- int hi_digit;
- int low_digit;
- char character;
- char *begin_pos;
- char *read_pos;
- char *write_pos;
- PRBool name = PR_TRUE;
-
- begin_pos = data->name;
- while (begin_pos != NULL) {
- length = strlen(begin_pos);
- read_pos = write_pos = begin_pos;
- while ((read_pos - begin_pos) < length) {
- if (*read_pos == '+') {
- *read_pos = ' ';
- }
- if (*read_pos == '%') {
- hi_digit = *(read_pos + 1);
- low_digit = *(read_pos +2);
- read_pos += 3;
- if (isdigit(hi_digit)){
- hi_digit = hi_digit - '0';
- } else {
- hi_digit = toupper(hi_digit);
- if (isxdigit(hi_digit)) {
- hi_digit = (hi_digit - 'A') + 10;
- } else {
- error_out("ERROR: Form data incorrectly formated");
- }
- }
- if (isdigit(low_digit)){
- low_digit = low_digit - '0';
- } else {
- low_digit = toupper(low_digit);
- if ((low_digit >='A') && (low_digit <= 'F')) {
- low_digit = (low_digit - 'A') + 10;
- } else {
- error_out("ERROR: Form data incorrectly formated");
- }
- }
- character = (hi_digit << 4) | low_digit;
- if (character != 10) {
- *write_pos = character;
- ++write_pos;
- }
- } else {
- *write_pos = *read_pos;
- ++write_pos;
- ++read_pos;
- }
- }
- *write_pos = '\0';
- if (name == PR_TRUE) {
- begin_pos = data->data;
- name = PR_FALSE;
- } else {
- data++;
- begin_pos = data->name;
- name = PR_TRUE;
- }
- }
- return SECSuccess;
-}
-
-static char *
-make_name(char *new_data)
- /* gets the next field name in the input string and returns
- a pointer to a string containing a copy of it */
-{
- int length = 20;
- char *name;
-
- name = make_copy_string(new_data, length, '=');
- return name;
-}
-
-static char *
-make_data(char *new_data)
- /* gets the data for the next field in the input string
- and returns a pointer to a string containing it */
-{
- int length = 100;
- char *data;
- char *read_pos;
-
- read_pos = new_data;
- while (*(read_pos - 1) != '=') {
- ++read_pos;
- }
- data = make_copy_string(read_pos, length, '&');
- return data;
-}
-
-
-static Pair
-make_pair(char *new_data)
- /* makes a pair name/data pair from the input string */
-{
- Pair temp;
-
- temp.name = make_name(new_data);
- temp.data = make_data(new_data);
- return temp;
-}
-
-
-
-static Pair *
-make_datastruct(char *data, int len)
- /* parses the input from the form post into a data
- structure of field name/data pairs */
-{
- Pair *datastruct;
- Pair *current;
- char *curr_pos;
- int fields = START_FIELDS;
- int remaining = START_FIELDS;
-
- curr_pos = data;
- datastruct = current = (Pair *) PORT_Alloc(fields * sizeof(Pair));
- if (datastruct == NULL) {
- error_allocate();
- }
- while (curr_pos - data < len) {
- if (remaining == 1) {
- remaining += fields;
- fields = fields * 2;
- datastruct = (Pair *) PORT_Realloc
- (datastruct, fields * sizeof(Pair));
- if (datastruct == NULL) {
- error_allocate();
- }
- current = datastruct + (fields - remaining);
- }
- *current = make_pair(curr_pos);
- while (*curr_pos != '&') {
- ++curr_pos;
- }
- ++curr_pos;
- ++current;
- remaining = remaining - 1;
- }
- current->name = NULL;
- return datastruct;
-}
-
-static char *
-return_name(Pair *data_struct,
- int n)
- /* returns a pointer to the name of the nth
- (starting from 0) item in the data structure */
-{
- char *name;
-
- if ((data_struct + n)->name != NULL) {
- name = (data_struct + n)->name;
- return name;
- } else {
- return NULL;
- }
-}
-
-static char *
-return_data(Pair *data_struct,int n)
- /* returns a pointer to the data of the nth (starting from 0)
- itme in the data structure */
-{
- char *data;
-
- data = (data_struct + n)->data;
- return data;
-}
-
-
-static char *
-add_prefix(char *field_name)
-{
- extern char prefix[PREFIX_LEN];
- int i = 0;
- char *rv;
- char *write;
-
- rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1);
- for(i = 0; i < PORT_Strlen(prefix); i++) {
- *write = prefix[i];
- write++;
- }
- *write = '\0';
- rv = PORT_Strcat(rv,field_name);
- return rv;
-}
-
-
-static char *
-find_field(Pair *data,
- char *field_name,
- PRBool add_pre)
- /* returns a pointer to the data of the first pair
- thats name matches the string it is passed */
-{
- int i = 0;
- char *retrieved;
- int found = 0;
-
- if (add_pre) {
- field_name = add_prefix(field_name);
- }
- while(return_name(data, i) != NULL) {
- if (PORT_Strcmp(return_name(data, i), field_name) == 0) {
- retrieved = return_data(data, i);
- found = 1;
- break;
- }
- i++;
- }
- if (!found) {
- retrieved = NULL;
- }
- return retrieved;
-}
-
-static PRBool
-find_field_bool(Pair *data,
- char *fieldname,
- PRBool add_pre)
-{
- char *rv;
-
- rv = find_field(data, fieldname, add_pre);
-
- if ((rv != NULL) && (PORT_Strcmp(rv, "true")) == 0) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-static char *
-update_data_by_name(Pair *data,
- char *field_name,
- char *new_data)
- /* replaces the data in the data structure associated with
- a name with new data, returns null if not found */
-{
- int i = 0;
- int found = 0;
- int length = 100;
- char *new;
-
- while (return_name(data, i) != NULL) {
- if (PORT_Strcmp(return_name(data, i), field_name) == 0) {
- new = make_copy_string( new_data, length, '\0');
- PORT_Free(return_data(data, i));
- found = 1;
- (*(data + i)).data = new;
- break;
- }
- i++;
- }
- if (!found) {
- new = NULL;
- }
- return new;
-}
-
-static char *
-update_data_by_index(Pair *data,
- int n,
- char *new_data)
- /* replaces the data of a particular index in the data structure */
-{
- int length = 100;
- char *new;
-
- new = make_copy_string(new_data, length, '\0');
- PORT_Free(return_data(data, n));
- (*(data + n)).data = new;
- return new;
-}
-
-
-static Pair *
-add_field(Pair *data,
- char* field_name,
- char* field_data)
- /* adds a new name/data pair to the data structure */
-{
- int i = 0;
- int j;
- int name_length = 100;
- int data_length = 100;
-
- while(return_name(data, i) != NULL) {
- i++;
- }
- j = START_FIELDS;
- while ( j < (i + 1) ) {
- j = j * 2;
- }
- if (j == (i + 1)) {
- data = (Pair *) PORT_Realloc(data, (j * 2) * sizeof(Pair));
- if (data == NULL) {
- error_allocate();
- }
- }
- (*(data + i)).name = make_copy_string(field_name, name_length, '\0');
- (*(data + i)).data = make_copy_string(field_data, data_length, '\0');
- (data + i + 1)->name = NULL;
- return data;
-}
-
-
-static CERTCertificateRequest *
-makeCertReq(Pair *form_data,
- int which_priv_key)
- /* makes and encodes a certrequest */
-{
-
- PK11SlotInfo *slot;
- CERTCertificateRequest *certReq = NULL;
- CERTSubjectPublicKeyInfo *spki;
- SECKEYPrivateKey *privkey = NULL;
- SECKEYPublicKey *pubkey = NULL;
- CERTName *name;
- char *key;
- extern SECKEYPrivateKey *privkeys[9];
- int keySizeInBits;
- char *challenge = "foo";
- SECStatus rv = SECSuccess;
- PQGParams *pqgParams = NULL;
- PQGVerify *pqgVfy = NULL;
-
- name = CERT_AsciiToName(find_field(form_data, "subject", PR_TRUE));
- if (name == NULL) {
- error_out("ERROR: Unable to create Subject Name");
- }
- key = find_field(form_data, "key", PR_TRUE);
- if (key == NULL) {
- switch (*find_field(form_data, "keysize", PR_TRUE)) {
- case '0':
- keySizeInBits = 2048;
- break;
- case '1':
- keySizeInBits = 1024;
- break;
- case '2':
- keySizeInBits = 512;
- break;
- default:
- error_out("ERROR: Unsupported Key length selected");
- }
- if (find_field_bool(form_data, "keyType-dsa", PR_TRUE)) {
- rv = PQG_ParamGen(keySizeInBits, &pqgParams, &pqgVfy);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to generate PQG parameters");
- }
- slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL);
- privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN,
- pqgParams,&pubkey, PR_FALSE,
- PR_TRUE, NULL);
- } else {
- privkey = SECKEY_CreateRSAPrivateKey(keySizeInBits, &pubkey, NULL);
- }
- privkeys[which_priv_key] = privkey;
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey);
- } else {
- spki = SECKEY_ConvertAndDecodePublicKeyAndChallenge(key, challenge,
- NULL);
- if (spki == NULL) {
- error_out("ERROR: Unable to decode Public Key and Challenge String");
- }
- }
- certReq = CERT_CreateCertificateRequest(name, spki, NULL);
- if (certReq == NULL) {
- error_out("ERROR: Unable to create Certificate Request");
- }
- if (pubkey != NULL) {
- SECKEY_DestroyPublicKey(pubkey);
- }
- if (spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- if (pqgParams != NULL) {
- PQG_DestroyParams(pqgParams);
- }
- if (pqgVfy != NULL) {
- PQG_DestroyVerify(pqgVfy);
- }
- return certReq;
-}
-
-
-
-static CERTCertificate *
-MakeV1Cert(CERTCertDBHandle *handle,
- CERTCertificateRequest *req,
- char *issuerNameStr,
- PRBool selfsign,
- int serialNumber,
- int warpmonths,
- Pair *data)
-{
- CERTCertificate *issuerCert = NULL;
- CERTValidity *validity;
- CERTCertificate *cert = NULL;
- PRExplodedTime printableTime;
- PRTime now,
- after;
- SECStatus rv;
-
-
-
- if ( !selfsign ) {
- issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
- if (!issuerCert) {
- error_out("ERROR: Could not find issuer's certificate");
- return NULL;
- }
- }
- if (find_field_bool(data, "manValidity", PR_TRUE)) {
- rv = DER_AsciiToTime(&now, find_field(data, "notBefore", PR_TRUE));
- } else {
- now = PR_Now();
- }
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
- if ( warpmonths ) {
- printableTime.tm_month += warpmonths;
- now = PR_ImplodeTime (&printableTime);
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
- }
- if (find_field_bool(data, "manValidity", PR_TRUE)) {
- rv = DER_AsciiToTime(&after, find_field(data, "notAfter", PR_TRUE));
- PR_ExplodeTime (after, PR_GMTParameters, &printableTime);
- } else {
- printableTime.tm_month += 3;
- after = PR_ImplodeTime (&printableTime);
- }
- /* note that the time is now in micro-second unit */
- validity = CERT_CreateValidity (now, after);
-
- if ( selfsign ) {
- cert = CERT_CreateCertificate
- (serialNumber,&(req->subject), validity, req);
- } else {
- cert = CERT_CreateCertificate
- (serialNumber,&(issuerCert->subject), validity, req);
- }
-
- CERT_DestroyValidity(validity);
- if ( issuerCert ) {
- CERT_DestroyCertificate (issuerCert);
- }
- return(cert);
-}
-
-static int
-get_serial_number(Pair *data)
-{
- int serial = 0;
- int error;
- char *filename = SERIAL_FILE;
- char *SN;
- FILE *serialFile;
-
-
- if (find_field_bool(data, "serial-auto", PR_TRUE)) {
- serialFile = fopen(filename, "r");
- if (serialFile != NULL) {
- fread(&serial, sizeof(int), 1, serialFile);
- if (ferror(serialFile) != 0) {
- error_out("Error: Unable to read serial number file");
- }
- if (serial == 4294967295) {
- serial = 21;
- }
- fclose(serialFile);
- ++serial;
- serialFile = fopen(filename,"w");
- if (serialFile == NULL) {
- error_out("ERROR: Unable to open serial number file for writing");
- }
- fwrite(&serial, sizeof(int), 1, serialFile);
- if (ferror(serialFile) != 0) {
- error_out("Error: Unable to write to serial number file");
- }
- } else {
- fclose(serialFile);
- serialFile = fopen(filename,"w");
- if (serialFile == NULL) {
- error_out("ERROR: Unable to open serial number file");
- }
- serial = 21;
- fwrite(&serial, sizeof(int), 1, serialFile);
- if (ferror(serialFile) != 0) {
- error_out("Error: Unable to write to serial number file");
- }
- error = ferror(serialFile);
- if (error != 0) {
- error_out("ERROR: Unable to write to serial file");
- }
- }
- fclose(serialFile);
- } else {
- SN = find_field(data, "serial_value", PR_TRUE);
- while (*SN != '\0') {
- serial = serial * 16;
- if ((*SN >= 'A') && (*SN <='F')) {
- serial += *SN - 'A' + 10;
- } else {
- if ((*SN >= 'a') && (*SN <='f')) {
- serial += *SN - 'a' + 10;
- } else {
- serial += *SN - '0';
- }
- }
- ++SN;
- }
- }
- return serial;
-}
-
-
-
-typedef SECStatus (* EXTEN_VALUE_ENCODER)
- (PRArenaPool *extHandle, void *value, SECItem *encodedValue);
-
-static SECStatus
-EncodeAndAddExtensionValue(
- PRArenaPool *arena,
- void *extHandle,
- void *value,
- PRBool criticality,
- int extenType,
- EXTEN_VALUE_ENCODER EncodeValueFn)
-{
- SECItem encodedValue;
- SECStatus rv;
-
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- rv = (*EncodeValueFn)(arena, value, &encodedValue);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to encode extension value");
- }
- rv = CERT_AddExtension
- (extHandle, extenType, &encodedValue, criticality, PR_TRUE);
- return (rv);
-}
-
-
-
-static SECStatus
-AddKeyUsage (void *extHandle,
- Pair *data)
-{
- SECItem bitStringValue;
- unsigned char keyUsage = 0x0;
-
- if (find_field_bool(data,"keyUsage-digitalSignature", PR_TRUE)){
- keyUsage |= (0x80 >> 0);
- }
- if (find_field_bool(data,"keyUsage-nonRepudiation", PR_TRUE)){
- keyUsage |= (0x80 >> 1);
- }
- if (find_field_bool(data,"keyUsage-keyEncipherment", PR_TRUE)){
- keyUsage |= (0x80 >> 2);
- }
- if (find_field_bool(data,"keyUsage-dataEncipherment", PR_TRUE)){
- keyUsage |= (0x80 >> 3);
- }
- if (find_field_bool(data,"keyUsage-keyAgreement", PR_TRUE)){
- keyUsage |= (0x80 >> 4);
- }
- if (find_field_bool(data,"keyUsage-keyCertSign", PR_TRUE)) {
- keyUsage |= (0x80 >> 5);
- }
- if (find_field_bool(data,"keyUsage-cRLSign", PR_TRUE)) {
- keyUsage |= (0x80 >> 6);
- }
-
- bitStringValue.data = &keyUsage;
- bitStringValue.len = 1;
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
- (find_field_bool(data, "keyUsage-crit", PR_TRUE))));
-
-}
-
-static CERTOidSequence *
-CreateOidSequence(void)
-{
- CERTOidSequence *rv = (CERTOidSequence *)NULL;
- PRArenaPool *arena = (PRArenaPool *)NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( (PRArenaPool *)NULL == arena ) {
- goto loser;
- }
-
- rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
- if( (CERTOidSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
- if( (SECItem **)NULL == rv->oids ) {
- goto loser;
- }
-
- rv->arena = arena;
- return rv;
-
- loser:
- if( (PRArenaPool *)NULL != arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return (CERTOidSequence *)NULL;
-}
-
-static SECStatus
-AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
-{
- SECItem **oids;
- PRUint32 count = 0;
- SECOidData *od;
-
- od = SECOID_FindOIDByTag(oidTag);
- if( (SECOidData *)NULL == od ) {
- return SECFailure;
- }
-
- for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
- count++;
- }
-
- /* ArenaZRealloc */
-
- {
- PRUint32 i;
-
- oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2));
- if( (SECItem **)NULL == oids ) {
- return SECFailure;
- }
-
- for( i = 0; i < count; i++ ) {
- oids[i] = os->oids[i];
- }
-
- /* ArenaZFree(os->oids); */
- }
-
- os->oids = oids;
- os->oids[count] = &od->oid;
-
- return SECSuccess;
-}
-
-static SECItem *
-EncodeOidSequence(CERTOidSequence *os)
-{
- SECItem *rv;
- extern const SEC_ASN1Template CERT_OidSeqTemplate[];
-
- rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem));
- if( (SECItem *)NULL == rv ) {
- goto loser;
- }
-
- if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- return (SECItem *)NULL;
-}
-
-static SECStatus
-AddExtKeyUsage(void *extHandle, Pair *data)
-{
- SECStatus rv;
- CERTOidSequence *os;
- SECItem *value;
- PRBool crit;
-
- os = CreateOidSequence();
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- if( find_field_bool(data, "extKeyUsage-serverAuth", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-clientAuth", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-codeSign", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-emailProtect", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-timeStamp", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-ocspResponder", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-NS-govtApproved", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED);
- if( SECSuccess != rv ) goto loser;
- }
-
- value = EncodeOidSequence(os);
-
- crit = find_field_bool(data, "extKeyUsage-crit", PR_TRUE);
-
- rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, value,
- crit, PR_TRUE);
- /*FALLTHROUGH*/
- loser:
- CERT_DestroyOidSequence(os);
- return rv;
-}
-
-static SECStatus
-AddSubKeyID(void *extHandle,
- Pair *data,
- CERTCertificate *subjectCert)
-{
- SECItem encodedValue;
- SECStatus rv;
- char *read;
- char *write;
- char *first;
- char character;
- int high_digit = 0,
- low_digit = 0;
- int len;
- PRBool odd = PR_FALSE;
-
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- first = read = write = find_field(data,"subjectKeyIdentifier-text",
- PR_TRUE);
- len = PORT_Strlen(first);
- odd = ((len % 2) != 0 ) ? PR_TRUE : PR_FALSE;
- if (find_field_bool(data, "subjectKeyIdentifier-radio-hex", PR_TRUE)) {
- if (odd) {
- error_out("ERROR: Improperly formated subject key identifier, hex values must be expressed as an octet string");
- }
- while (*read != '\0') {
- if (!isxdigit(*read)) {
- error_out("ERROR: Improperly formated subject key identifier");
- }
- *read = toupper(*read);
- if ((*read >= 'A') && (*read <= 'F')) {
- high_digit = *read - 'A' + 10;
- } else {
- high_digit = *read - '0';
- }
- ++read;
- if (!isxdigit(*read)) {
- error_out("ERROR: Improperly formated subject key identifier");
- }
- *read = toupper(*read);
- if ((*read >= 'A') && (*read <= 'F')) {
- low_digit = *(read) - 'A' + 10;
- } else {
- low_digit = *(read) - '0';
- }
- character = (high_digit << 4) | low_digit;
- *write = character;
- ++write;
- ++read;
- }
- *write = '\0';
- len = write - first;
- }
- subjectCert->subjectKeyID.data = (unsigned char *) find_field
- (data,"subjectKeyIdentifier-text", PR_TRUE);
- subjectCert->subjectKeyID.len = len;
- rv = CERT_EncodeSubjectKeyID
- (NULL, find_field(data,"subjectKeyIdentifier-text", PR_TRUE),
- len, &encodedValue);
- if (rv) {
- return (rv);
- }
- return (CERT_AddExtension(extHandle, SEC_OID_X509_SUBJECT_KEY_ID,
- &encodedValue, PR_FALSE, PR_TRUE));
-}
-
-
-static SECStatus
-AddAuthKeyID (void *extHandle,
- Pair *data,
- char *issuerNameStr,
- CERTCertDBHandle *handle)
-{
- CERTAuthKeyID *authKeyID = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv = SECSuccess;
- CERTCertificate *issuerCert = NULL;
- CERTGeneralName *genNames;
- CERTName *directoryName = NULL;
-
-
- issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- error_allocate();
- }
-
- authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID));
- if (authKeyID == NULL) {
- error_allocate();
- }
- if (find_field_bool(data, "authorityKeyIdentifier-radio-keyIdentifier",
- PR_TRUE)) {
- authKeyID->keyID.data = PORT_ArenaAlloc (arena, PORT_Strlen
- ((char *)issuerCert->subjectKeyID.data));
- if (authKeyID->keyID.data == NULL) {
- error_allocate();
- }
- PORT_Memcpy (authKeyID->keyID.data, issuerCert->subjectKeyID.data,
- authKeyID->keyID.len =
- PORT_Strlen((char *)issuerCert->subjectKeyID.data));
- } else {
-
- PORT_Assert (arena);
- genNames = (CERTGeneralName *) PORT_ArenaZAlloc (arena, (sizeof(CERTGeneralName)));
- if (genNames == NULL){
- error_allocate();
- }
- genNames->l.next = genNames->l.prev = &(genNames->l);
- genNames->type = certDirectoryName;
-
- directoryName = CERT_AsciiToName(issuerCert->subjectName);
- if (!directoryName) {
- error_out("ERROR: Unable to create Directory Name");
- }
- rv = CERT_CopyName (arena, &genNames->name.directoryName,
- directoryName);
- CERT_DestroyName (directoryName);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to copy Directory Name");
- }
- authKeyID->authCertIssuer = genNames;
- if (authKeyID->authCertIssuer == NULL && SECFailure ==
- PORT_GetError ()) {
- error_out("ERROR: Unable to get Issuer General Name for Authority Key ID Extension");
- }
- authKeyID->authCertSerialNumber = issuerCert->serialNumber;
- }
- rv = EncodeAndAddExtensionValue(arena, extHandle, authKeyID, PR_FALSE,
- SEC_OID_X509_AUTH_KEY_ID,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeAuthKeyID);
- if (arena) {
- PORT_FreeArena (arena, PR_FALSE);
- }
- return (rv);
-}
-
-
-static SECStatus
-AddPrivKeyUsagePeriod(void *extHandle,
- Pair *data,
- CERTCertificate *cert)
-{
- char *notBeforeStr;
- char *notAfterStr;
- PRArenaPool *arena = NULL;
- SECStatus rv = SECSuccess;
- PKUPEncodedContext *pkup;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- error_allocate();
- }
- pkup = PORT_ArenaZAlloc (arena, sizeof (PKUPEncodedContext));
- if (pkup == NULL) {
- error_allocate();
- }
- notBeforeStr = (char *) PORT_Alloc(16 );
- notAfterStr = (char *) PORT_Alloc(16 );
- *notBeforeStr = '\0';
- *notAfterStr = '\0';
- pkup->arena = arena;
- pkup->notBefore.len = 0;
- pkup->notBefore.data = NULL;
- pkup->notAfter.len = 0;
- pkup->notAfter.data = NULL;
- if (find_field_bool(data, "privKeyUsagePeriod-radio-notBefore", PR_TRUE) ||
- find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) {
- pkup->notBefore.len = 15;
- pkup->notBefore.data = (unsigned char *)notBeforeStr;
- if (find_field_bool(data, "privKeyUsagePeriod-notBefore-radio-manual",
- PR_TRUE)) {
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-year",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-month",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-day",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-hour",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-minute",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-second",
- PR_TRUE));
- if ((*(notBeforeStr + 14) != '\0') ||
- (!isdigit(*(notBeforeStr + 13))) ||
- (*(notBeforeStr + 12) >= '5' && *(notBeforeStr + 12) <= '0') ||
- (!isdigit(*(notBeforeStr + 11))) ||
- (*(notBeforeStr + 10) >= '5' && *(notBeforeStr + 10) <= '0') ||
- (!isdigit(*(notBeforeStr + 9))) ||
- (*(notBeforeStr + 8) >= '2' && *(notBeforeStr + 8) <= '0') ||
- (!isdigit(*(notBeforeStr + 7))) ||
- (*(notBeforeStr + 6) >= '3' && *(notBeforeStr + 6) <= '0') ||
- (!isdigit(*(notBeforeStr + 5))) ||
- (*(notBeforeStr + 4) >= '1' && *(notBeforeStr + 4) <= '0') ||
- (!isdigit(*(notBeforeStr + 3))) ||
- (!isdigit(*(notBeforeStr + 2))) ||
- (!isdigit(*(notBeforeStr + 1))) ||
- (!isdigit(*(notBeforeStr + 0))) ||
- (*(notBeforeStr + 8) == '2' && *(notBeforeStr + 9) >= '4') ||
- (*(notBeforeStr + 6) == '3' && *(notBeforeStr + 7) >= '1') ||
- (*(notBeforeStr + 4) == '1' && *(notBeforeStr + 5) >= '2')) {
- error_out("ERROR: Improperly formated private key usage period");
- }
- *(notBeforeStr + 14) = 'Z';
- *(notBeforeStr + 15) = '\0';
- } else {
- if ((*(cert->validity.notBefore.data) > '5') ||
- ((*(cert->validity.notBefore.data) == '5') &&
- (*(cert->validity.notBefore.data + 1) != '0'))) {
- PORT_Strcat(notBeforeStr, "19");
- } else {
- PORT_Strcat(notBeforeStr, "20");
- }
- PORT_Strcat(notBeforeStr, (char *)cert->validity.notBefore.data);
- }
- }
- if (find_field_bool(data, "privKeyUsagePeriod-radio-notAfter", PR_TRUE) ||
- find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) {
- pkup->notAfter.len = 15;
- pkup->notAfter.data = (unsigned char *)notAfterStr;
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-year",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-month",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-day",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-hour",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-minute",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-second",
- PR_TRUE));
- if ((*(notAfterStr + 14) != '\0') ||
- (!isdigit(*(notAfterStr + 13))) ||
- (*(notAfterStr + 12) >= '5' && *(notAfterStr + 12) <= '0') ||
- (!isdigit(*(notAfterStr + 11))) ||
- (*(notAfterStr + 10) >= '5' && *(notAfterStr + 10) <= '0') ||
- (!isdigit(*(notAfterStr + 9))) ||
- (*(notAfterStr + 8) >= '2' && *(notAfterStr + 8) <= '0') ||
- (!isdigit(*(notAfterStr + 7))) ||
- (*(notAfterStr + 6) >= '3' && *(notAfterStr + 6) <= '0') ||
- (!isdigit(*(notAfterStr + 5))) ||
- (*(notAfterStr + 4) >= '1' && *(notAfterStr + 4) <= '0') ||
- (!isdigit(*(notAfterStr + 3))) ||
- (!isdigit(*(notAfterStr + 2))) ||
- (!isdigit(*(notAfterStr + 1))) ||
- (!isdigit(*(notAfterStr + 0))) ||
- (*(notAfterStr + 8) == '2' && *(notAfterStr + 9) >= '4') ||
- (*(notAfterStr + 6) == '3' && *(notAfterStr + 7) >= '1') ||
- (*(notAfterStr + 4) == '1' && *(notAfterStr + 5) >= '2')) {
- error_out("ERROR: Improperly formated private key usage period");
- }
- *(notAfterStr + 14) = 'Z';
- *(notAfterStr + 15) = '\0';
- }
-
- PORT_Assert (arena);
-
- rv = EncodeAndAddExtensionValue(arena, extHandle, pkup,
- find_field_bool(data,
- "privKeyUsagePeriod-crit",
- PR_TRUE),
- SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodePublicKeyUsagePeriod);
- if (arena) {
- PORT_FreeArena (arena, PR_FALSE);
- }
- if (notBeforeStr != NULL) {
- PORT_Free(notBeforeStr);
- }
- if (notAfterStr != NULL) {
- PORT_Free(notAfterStr);
- }
- return (rv);
-}
-
-static SECStatus
-AddBasicConstraint(void *extHandle,
- Pair *data)
-{
- CERTBasicConstraints basicConstraint;
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- basicConstraint.isCA = (find_field_bool(data,"basicConstraints-cA-radio-CA",
- PR_TRUE));
- if (find_field_bool(data,"basicConstraints-pathLengthConstraint", PR_TRUE)){
- basicConstraint.pathLenConstraint = atoi
- (find_field(data,"basicConstraints-pathLengthConstraint-text",
- PR_TRUE));
- }
-
- rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint,
- &encodedValue);
- if (rv)
- return (rv);
- rv = CERT_AddExtension(extHandle, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedValue,
- (find_field_bool(data,"basicConstraints-crit",
- PR_TRUE)), PR_TRUE);
-
- PORT_Free (encodedValue.data);
- return (rv);
-}
-
-
-
-static SECStatus
-AddNscpCertType (void *extHandle,
- Pair *data)
-{
- SECItem bitStringValue;
- unsigned char CertType = 0x0;
-
- if (find_field_bool(data,"netscape-cert-type-ssl-client", PR_TRUE)){
- CertType |= (0x80 >> 0);
- }
- if (find_field_bool(data,"netscape-cert-type-ssl-server", PR_TRUE)){
- CertType |= (0x80 >> 1);
- }
- if (find_field_bool(data,"netscape-cert-type-smime", PR_TRUE)){
- CertType |= (0x80 >> 2);
- }
- if (find_field_bool(data,"netscape-cert-type-object-signing", PR_TRUE)){
- CertType |= (0x80 >> 3);
- }
- if (find_field_bool(data,"netscape-cert-type-reserved", PR_TRUE)){
- CertType |= (0x80 >> 4);
- }
- if (find_field_bool(data,"netscape-cert-type-ssl-ca", PR_TRUE)) {
- CertType |= (0x80 >> 5);
- }
- if (find_field_bool(data,"netscape-cert-type-smime-ca", PR_TRUE)) {
- CertType |= (0x80 >> 6);
- }
- if (find_field_bool(data,"netscape-cert-type-object-signing-ca", PR_TRUE)) {
- CertType |= (0x80 >> 7);
- }
-
- bitStringValue.data = &CertType;
- bitStringValue.len = 1;
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
- (find_field_bool(data, "netscape-cert-type-crit", PR_TRUE))));
-}
-
-
-static SECStatus
-add_IA5StringExtension(void *extHandle,
- char *string,
- PRBool crit,
- int idtag)
-{
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
-
- rv = CERT_EncodeIA5TypeExtension(NULL, string, &encodedValue);
- if (rv) {
- return (rv);
- }
- return (CERT_AddExtension(extHandle, idtag, &encodedValue, crit, PR_TRUE));
-}
-
-static SECItem *
-string_to_oid(char *string)
-{
- int i;
- int length = 20;
- int remaining;
- int first_value;
- int second_value;
- int value;
- int oidLength;
- unsigned char *oidString;
- unsigned char *write;
- unsigned char *read;
- unsigned char *temp;
- SECItem *oid;
-
-
- remaining = length;
- i = 0;
- while (*string == ' ') {
- string++;
- }
- while (isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- } else {
- error_out("ERROR: Improperly formated OID");
- }
- first_value = atoi(string);
- if (first_value < 0 || first_value > 2) {
- error_out("ERROR: Improperly formated OID");
- }
- string += i + 1;
- i = 0;
- while (isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- } else {
- error_out("ERROR: Improperly formated OID");
- }
- second_value = atoi(string);
- if (second_value < 0 || second_value > 39) {
- error_out("ERROR: Improperly formated OID");
- }
- oidString = PORT_ZAlloc(2);
- *oidString = (first_value * 40) + second_value;
- *(oidString + 1) = '\0';
- oidLength = 1;
- string += i + 1;
- i = 0;
- temp = write = PORT_ZAlloc(length);
- while (*string != '\0') {
- value = 0;
- while(isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '\0') {
- value = atoi(string);
- string += i;
- } else {
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- value = atoi(string);
- string += i + 1;
- } else {
- *(string + i) = '\0';
- i++;
- value = atoi(string);
- while (*(string + i) == ' ')
- i++;
- if (*(string + i) != '\0') {
- error_out("ERROR: Improperly formated OID");
- }
- }
- }
- i = 0;
- while (value != 0) {
- if (remaining < 1) {
- remaining += length;
- length = length * 2;
- temp = PORT_Realloc(temp, length);
- write = temp + length - remaining;
- }
- *write = (value & 0x7f) | (0x80);
- write++;
- remaining--;
- value = value >> 7;
- }
- *temp = *temp & (0x7f);
- oidLength += write - temp;
- oidString = PORT_Realloc(oidString, (oidLength + 1));
- read = write - 1;
- write = oidLength + oidString - 1;
- for (i = 0; i < (length - remaining); i++) {
- *write = *read;
- write--;
- read++;
- }
- write = temp;
- remaining = length;
- }
- *(oidString + oidLength) = '\0';
- oid = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- oid->data = oidString;
- oid->len = oidLength;
- PORT_Free(temp);
- return oid;
-}
-
-static SECItem *
-string_to_ipaddress(char *string)
-{
- int i = 0;
- int value;
- int j = 0;
- SECItem *ipaddress;
-
-
- while (*string == ' ') {
- string++;
- }
- ipaddress = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- ipaddress->data = PORT_ZAlloc(9);
- while (*string != '\0' && j < 8) {
- while (isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- value = atoi(string);
- string = string + i + 1;
- i = 0;
- } else {
- if (*(string + i) == '\0') {
- value = atoi(string);
- string = string + i;
- i = 0;
- } else {
- *(string + i) = '\0';
- while (*(string + i) == ' ') {
- i++;
- }
- if (*(string + i) == '\0') {
- value = atoi(string);
- string = string + i;
- i = 0;
- } else {
- error_out("ERROR: Improperly formated IP Address");
- }
- }
- }
- if (value >= 0 || value < 256) {
- *(ipaddress->data + j) = value;
- } else {
- error_out("ERROR: Improperly formated IP Address");
- }
- j++;
- }
- *(ipaddress->data + j) = '\0';
- if (j != 4 && j != 8) {
- error_out("ERROR: Improperly formated IP Address");
- }
- ipaddress->len = j;
- return ipaddress;
-}
-
-static SECItem *
-string_to_binary(char *string)
-{
- SECItem *rv;
- int high_digit;
- int low_digit;
-
- rv = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- if (rv == NULL) {
- error_allocate();
- }
- rv->data = (unsigned char *) PORT_ZAlloc((PORT_Strlen(string))/3 + 2);
- while (!isxdigit(*string)) {
- string++;
- }
- rv->len = 0;
- while (*string != '\0') {
- if (isxdigit(*string)) {
- if (*string >= '0' && *string <= '9') {
- high_digit = *string - '0';
- } else {
- *string = toupper(*string);
- high_digit = *string - 'A';
- }
- string++;
- if (*string >= '0' && *string <= '9') {
- low_digit = *string - '0';
- } else {
- *string = toupper(*string);
- low_digit = *string = 'A';
- }
- (rv->len)++;
- } else {
- if (*string == ':') {
- string++;
- } else {
- if (*string == ' ') {
- while (*string == ' ') {
- string++;
- }
- }
- if (*string != '\0') {
- error_out("ERROR: Improperly formated binary encoding");
- }
- }
- }
- }
-
- return rv;
-}
-
-static SECStatus
-MakeGeneralName(char *name,
- CERTGeneralName *genName,
- PRArenaPool *arena)
-{
- SECItem *oid;
- SECOidData *oidData;
- SECItem *ipaddress;
- SECItem *temp = NULL;
- int i;
- int nameType;
- PRBool binary = PR_FALSE;
- SECStatus rv = SECSuccess;
- PRBool nickname;
-
- PORT_Assert(genName);
- PORT_Assert(arena);
- nameType = *(name + PORT_Strlen(name) - 1) - '0';
- if (nameType == 0 && *(name +PORT_Strlen(name) - 2) == '1') {
- nickname = PR_TRUE;
- nameType = certOtherName;
- }
- if (nameType < 1 || nameType > 9) {
- error_out("ERROR: Unknown General Name Type");
- }
- *(name + PORT_Strlen(name) - 4) = '\0';
- genName->type = nameType;
-
- switch (genName->type) {
- case certURI:
- case certRFC822Name:
- case certDNSName: {
- genName->name.other.data = (unsigned char *)name;
- genName->name.other.len = PORT_Strlen(name);
- break;
- }
-
- case certIPAddress: {
- ipaddress = string_to_ipaddress(name);
- genName->name.other.data = ipaddress->data;
- genName->name.other.len = ipaddress->len;
- break;
- }
-
- case certRegisterID: {
- oid = string_to_oid(name);
- genName->name.other.data = oid->data;
- genName->name.other.len = oid->len;
- break;
- }
-
- case certEDIPartyName:
- case certX400Address: {
-
- genName->name.other.data = PORT_ArenaAlloc (arena,
- PORT_Strlen (name) + 2);
- if (genName->name.other.data == NULL) {
- error_allocate();
- }
-
- PORT_Memcpy (genName->name.other.data + 2, name, PORT_Strlen (name));
- /* This may not be accurate for all cases.
- For now, use this tag type */
- genName->name.other.data[0] = (char)(((genName->type - 1) &
- 0x1f)| 0x80);
- genName->name.other.data[1] = (char)PORT_Strlen (name);
- genName->name.other.len = PORT_Strlen (name) + 2;
- break;
- }
-
- case certOtherName: {
- i = 0;
- if (!nickname) {
- while (!isdigit(*(name + PORT_Strlen(name) - i))) {
- i++;
- }
- if (*(name + PORT_Strlen(name) - i) == '1') {
- binary = PR_TRUE;
- } else {
- binary = PR_FALSE;
- }
- while (*(name + PORT_Strlen(name) - i) != '-') {
- i++;
- }
- *(name + PORT_Strlen(name) - i - 1) = '\0';
- i = 0;
- while (*(name + i) != '-') {
- i++;
- }
- *(name + i - 1) = '\0';
- oid = string_to_oid(name + i + 2);
- } else {
- oidData = SECOID_FindOIDByTag(SEC_OID_NETSCAPE_NICKNAME);
- oid = &oidData->oid;
- while (*(name + PORT_Strlen(name) - i) != '-') {
- i++;
- }
- *(name + PORT_Strlen(name) - i) = '\0';
- }
- genName->name.OthName.oid.data = oid->data;
- genName->name.OthName.oid.len = oid->len;
- if (binary) {
- temp = string_to_binary(name);
- genName->name.OthName.name.data = temp->data;
- genName->name.OthName.name.len = temp->len;
- } else {
- temp = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- if (temp == NULL) {
- error_allocate();
- }
- temp->data = (unsigned char *)name;
- temp->len = PORT_Strlen(name);
- SEC_ASN1EncodeItem (arena, &(genName->name.OthName.name), temp,
- CERTIA5TypeTemplate);
- }
- PORT_Free(temp);
- break;
- }
-
- case certDirectoryName: {
- CERTName *directoryName = NULL;
-
- directoryName = CERT_AsciiToName (name);
- if (!directoryName) {
- error_out("ERROR: Improperly formated alternative name");
- break;
- }
- rv = CERT_CopyName (arena, &genName->name.directoryName,
- directoryName);
- CERT_DestroyName (directoryName);
-
- break;
- }
- }
- genName->l.next = &(genName->l);
- genName->l.prev = &(genName->l);
- return rv;
-}
-
-
-static CERTGeneralName *
-MakeAltName(Pair *data,
- char *which,
- PRArenaPool *arena)
-{
- CERTGeneralName *SubAltName;
- CERTGeneralName *current;
- CERTGeneralName *newname;
- char *name = NULL;
- SECStatus rv = SECSuccess;
- int len;
-
-
- len = PORT_Strlen(which);
- name = find_field(data, which, PR_TRUE);
- SubAltName = current = (CERTGeneralName *) PORT_ZAlloc
- (sizeof(CERTGeneralName));
- if (current == NULL) {
- error_allocate();
- }
- while (name != NULL) {
-
- rv = MakeGeneralName(name, current, arena);
-
- if (rv != SECSuccess) {
- break;
- }
- if (*(which + len -1) < '9') {
- *(which + len - 1) = *(which + len - 1) + 1;
- } else {
- if (isdigit(*(which + len - 2) )) {
- *(which + len - 2) = *(which + len - 2) + 1;
- *(which + len - 1) = '0';
- } else {
- *(which + len - 1) = '1';
- *(which + len) = '0';
- *(which + len + 1) = '\0';
- len++;
- }
- }
- len = PORT_Strlen(which);
- name = find_field(data, which, PR_TRUE);
- if (name != NULL) {
- newname = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName));
- if (newname == NULL) {
- error_allocate();
- }
- current->l.next = &(newname->l);
- newname->l.prev = &(current->l);
- current = newname;
- newname = NULL;
- } else {
- current->l.next = &(SubAltName->l);
- SubAltName->l.prev = &(current->l);
- }
- }
- if (rv == SECFailure) {
- return NULL;
- }
- return SubAltName;
-}
-
-static CERTNameConstraints *
-MakeNameConstraints(Pair *data,
- PRArenaPool *arena)
-{
- CERTNameConstraints *NameConstraints;
- CERTNameConstraint *current = NULL;
- CERTNameConstraint *last_permited = NULL;
- CERTNameConstraint *last_excluded = NULL;
- char *constraint = NULL;
- char *which;
- SECStatus rv = SECSuccess;
- int len;
- int i;
- long max;
- long min;
- PRBool permited;
-
-
- NameConstraints = (CERTNameConstraints *) PORT_ZAlloc
- (sizeof(CERTNameConstraints));
- which = make_copy_string("NameConstraintSelect0", 25,'\0');
- len = PORT_Strlen(which);
- constraint = find_field(data, which, PR_TRUE);
- NameConstraints->permited = NameConstraints->excluded = NULL;
- while (constraint != NULL) {
- current = (CERTNameConstraint *) PORT_ZAlloc
- (sizeof(CERTNameConstraint));
- if (current == NULL) {
- error_allocate();
- }
- i = 0;
- while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
- i++;
- }
- *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
- max = (long) atoi(constraint + PORT_Strlen(constraint) + 3);
- if (max > 0) {
- (void) SEC_ASN1EncodeInteger(arena, &current->max, max);
- }
- i = 0;
- while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
- i++;
- }
- *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
- min = (long) atoi(constraint + PORT_Strlen(constraint) + 3);
- (void) SEC_ASN1EncodeInteger(arena, &current->min, min);
- while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
- i++;
- }
- *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
- if (*(constraint + PORT_Strlen(constraint) + 3) == 'p') {
- permited = PR_TRUE;
- } else {
- permited = PR_FALSE;
- }
- rv = MakeGeneralName(constraint, &(current->name), arena);
-
- if (rv != SECSuccess) {
- break;
- }
- if (*(which + len - 1) < '9') {
- *(which + len - 1) = *(which + len - 1) + 1;
- } else {
- if (isdigit(*(which + len - 2) )) {
- *(which + len - 2) = *(which + len - 2) + 1;
- *(which + len - 1) = '0';
- } else {
- *(which + len - 1) = '1';
- *(which + len) = '0';
- *(which + len + 1) = '\0';
- len++;
- }
- }
- len = PORT_Strlen(which);
- if (permited) {
- if (NameConstraints->permited == NULL) {
- NameConstraints->permited = last_permited = current;
- }
- last_permited->l.next = &(current->l);
- current->l.prev = &(last_permited->l);
- last_permited = current;
- } else {
- if (NameConstraints->excluded == NULL) {
- NameConstraints->excluded = last_excluded = current;
- }
- last_excluded->l.next = &(current->l);
- current->l.prev = &(last_excluded->l);
- last_excluded = current;
- }
- constraint = find_field(data, which, PR_TRUE);
- if (constraint != NULL) {
- current = (CERTNameConstraint *) PORT_ZAlloc(sizeof(CERTNameConstraint));
- if (current == NULL) {
- error_allocate();
- }
- }
- }
- if (NameConstraints->permited != NULL) {
- last_permited->l.next = &(NameConstraints->permited->l);
- NameConstraints->permited->l.prev = &(last_permited->l);
- }
- if (NameConstraints->excluded != NULL) {
- last_excluded->l.next = &(NameConstraints->excluded->l);
- NameConstraints->excluded->l.prev = &(last_excluded->l);
- }
- if (which != NULL) {
- PORT_Free(which);
- }
- if (rv == SECFailure) {
- return NULL;
- }
- return NameConstraints;
-}
-
-
-
-static SECStatus
-AddAltName(void *extHandle,
- Pair *data,
- char *issuerNameStr,
- CERTCertDBHandle *handle,
- int type)
-{
- PRBool autoIssuer = PR_FALSE;
- PRArenaPool *arena = NULL;
- CERTGeneralName *genName = NULL;
- CERTName *directoryName = NULL;
- char *which = NULL;
- char *name = NULL;
- SECStatus rv = SECSuccess;
- SECItem *issuersAltName = NULL;
- CERTCertificate *issuerCert = NULL;
- void *mark = NULL;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- error_allocate();
- }
- if (type == 0) {
- which = make_copy_string("SubAltNameSelect0", 20,'\0');
- genName = MakeAltName(data, which, arena);
- } else {
- if (autoIssuer) {
- autoIssuer = find_field_bool(data,"IssuerAltNameSourceRadio-auto",
- PR_TRUE);
- issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
- rv = cert_FindExtension((*issuerCert).extensions,
- SEC_OID_X509_SUBJECT_ALT_NAME,
- issuersAltName);
- if (issuersAltName == NULL) {
- name = PORT_Alloc(PORT_Strlen((*issuerCert).subjectName) + 4);
- PORT_Strcpy(name, (*issuerCert).subjectName);
- PORT_Strcat(name, " - 5");
- }
- } else {
- which = make_copy_string("IssuerAltNameSelect0", 20,'\0');
- genName = MakeAltName(data, which, arena);
- }
- }
- if (type == 0) {
- EncodeAndAddExtensionValue(arena, extHandle, genName,
- find_field_bool(data, "SubAltName-crit",
- PR_TRUE),
- SEC_OID_X509_SUBJECT_ALT_NAME,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeAltNameExtension);
-
- } else {
- if (autoIssuer && (name == NULL)) {
- rv = CERT_AddExtension
- (extHandle, SEC_OID_X509_ISSUER_ALT_NAME, issuersAltName,
- find_field_bool(data, "IssuerAltName-crit", PR_TRUE), PR_TRUE);
- } else {
- EncodeAndAddExtensionValue(arena, extHandle, genName,
- find_field_bool(data,
- "IssuerAltName-crit",
- PR_TRUE),
- SEC_OID_X509_ISSUER_ALT_NAME,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeAltNameExtension);
- }
- }
- if (which != NULL) {
- PORT_Free(which);
- }
- if (issuerCert != NULL) {
- CERT_DestroyCertificate(issuerCert);
- }
-#if 0
- if (arena != NULL) {
- PORT_ArenaRelease (arena, mark);
- }
-#endif
- return rv;
-}
-
-
-static SECStatus
-AddNameConstraints(void *extHandle,
- Pair *data)
-{
- PRBool autoIssuer = PR_FALSE;
- PRArenaPool *arena = NULL;
- CERTNameConstraints *constraints = NULL;
- char *constraint = NULL;
- SECStatus rv = SECSuccess;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- error_allocate();
- }
- constraints = MakeNameConstraints(data, arena);
- if (constraints != NULL) {
- EncodeAndAddExtensionValue(arena, extHandle, constraints, PR_TRUE,
- SEC_OID_X509_NAME_CONSTRAINTS,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeNameConstraintsExtension);
- }
- if (arena != NULL) {
- PORT_ArenaRelease (arena, NULL);
- }
- return rv;
-}
-
-
-static SECStatus
-add_extensions(CERTCertificate *subjectCert,
- Pair *data,
- char *issuerNameStr,
- CERTCertDBHandle *handle)
-{
- void *extHandle;
- SECStatus rv = SECSuccess;
-
-
- extHandle = CERT_StartCertExtensions (subjectCert);
- if (extHandle == NULL) {
- error_out("ERROR: Unable to get certificates extension handle");
- }
- if (find_field_bool(data, "keyUsage", PR_TRUE)) {
- rv = AddKeyUsage(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Key Usage extension");
- }
- }
-
- if( find_field_bool(data, "extKeyUsage", PR_TRUE) ) {
- rv = AddExtKeyUsage(extHandle, data);
- if( SECSuccess != rv ) {
- error_out("ERROR: Unable to add Extended Key Usage extension");
- }
- }
-
- if (find_field_bool(data, "basicConstraints", PR_TRUE)) {
- rv = AddBasicConstraint(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Basic Constraint extension");
- }
- }
- if (find_field_bool(data, "subjectKeyIdentifier", PR_TRUE)) {
- rv = AddSubKeyID(extHandle, data, subjectCert);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Subject Key Identifier Extension");
- }
- }
- if (find_field_bool(data, "authorityKeyIdentifier", PR_TRUE)) {
- rv = AddAuthKeyID (extHandle, data, issuerNameStr, handle);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Authority Key Identifier extension");
- }
- }
- if (find_field_bool(data, "privKeyUsagePeriod", PR_TRUE)) {
- rv = AddPrivKeyUsagePeriod (extHandle, data, subjectCert);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Private Key Usage Period extension");
- }
- }
- if (find_field_bool(data, "SubAltName", PR_TRUE)) {
- rv = AddAltName (extHandle, data, NULL, NULL, 0);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Subject Alternative Name extension");
- }
- }
- if (find_field_bool(data, "IssuerAltName", PR_TRUE)) {
- rv = AddAltName (extHandle, data, issuerNameStr, handle, 1);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Issuer Alternative Name Extension");
- }
- }
- if (find_field_bool(data, "NameConstraints", PR_TRUE)) {
- rv = AddNameConstraints(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Name Constraints Extension");
- }
- }
- if (find_field_bool(data, "netscape-cert-type", PR_TRUE)) {
- rv = AddNscpCertType(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Certificate Type Extension");
- }
- }
- if (find_field_bool(data, "netscape-base-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data, "netscape-base-url-text",
- PR_TRUE),
- find_field_bool(data,
- "netscape-base-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_BASE_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Base URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-revocation-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-revocation-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-revocation-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_REVOCATION_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Revocation URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-ca-revocation-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-ca-revocation-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-ca-revocation-url-crit"
- , PR_TRUE),
- SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape CA Revocation URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-cert-renewal-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-cert-renewal-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-cert-renewal-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Certificate Renewal URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-ca-policy-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-ca-policy-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-ca-policy-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_CA_POLICY_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape CA Policy URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-ssl-server-name", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-ssl-server-name-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-ssl-server-name-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape SSL Server Name Extension");
- }
- }
- if (find_field_bool(data, "netscape-comment", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data, "netscape-comment-text",
- PR_TRUE),
- find_field_bool(data,
- "netscape-comment-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_COMMENT);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Comment Extension");
- }
- }
- CERT_FinishExtensions(extHandle);
- return (rv);
-}
-
-
-
-char *
-return_dbpasswd(PK11SlotInfo *slot, PRBool retry, void *data)
-{
- char *rv;
-
- /* don't clobber our poor smart card */
- if (retry == PR_TRUE) {
- return NULL;
- }
- rv = PORT_Alloc(4);
- PORT_Strcpy(rv, "foo");
- return rv;
-}
-
-
-SECKEYPrivateKey *
-FindPrivateKeyFromNameStr(char *name,
- CERTCertDBHandle *certHandle)
-{
- SECKEYPrivateKey *key;
- CERTCertificate *cert;
- CERTCertificate *p11Cert;
- SECStatus status = SECSuccess;
-
-
- /* We don't presently have a PK11 function to find a cert by
- ** subject name.
- ** We do have a function to find a cert in the internal slot's
- ** cert db by subject name, but it doesn't setup the slot info.
- ** So, this HACK works, but should be replaced as soon as we
- ** have a function to search for certs accross slots by subject name.
- */
- cert = CERT_FindCertByNameString(certHandle, name);
- if (cert == NULL || cert->nickname == NULL) {
- error_out("ERROR: Unable to retrieve issuers certificate");
- }
- p11Cert = PK11_FindCertFromNickname(cert->nickname, NULL);
- if (p11Cert == NULL) {
- error_out("ERROR: Unable to retrieve issuers certificate");
- }
- key = PK11_FindKeyByAnyCert(p11Cert, NULL);
- return key;
-}
-
-static SECItem *
-SignCert(CERTCertificate *cert,
- char *issuerNameStr,
- Pair *data,
- CERTCertDBHandle *handle,
- int which_key)
-{
- SECItem der;
- SECItem *result = NULL;
- SECKEYPrivateKey *caPrivateKey = NULL;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag algID;
-
- if (which_key == 0) {
- caPrivateKey = FindPrivateKeyFromNameStr(issuerNameStr, handle);
- } else {
- caPrivateKey = privkeys[which_key - 1];
- }
- if (caPrivateKey == NULL) {
- error_out("ERROR: unable to retrieve issuers key");
- }
-
- arena = cert->arena;
-
- switch(caPrivateKey->keyType) {
- case rsaKey:
- algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- error_out("ERROR: Unknown key type for issuer.");
- goto done;
- break;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0);
- if (rv != SECSuccess) {
- error_out("ERROR: Could not set signature algorithm id.");
- }
-
- if (find_field_bool(data,"ver-1", PR_TRUE)) {
- *(cert->version.data) = 0;
- cert->version.len = 1;
- } else {
- *(cert->version.data) = 2;
- cert->version.len = 1;
- }
- der.data = NULL;
- der.len = 0;
- (void) SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate);
- if (der.data == NULL) {
- error_out("ERROR: Could not encode certificate.\n");
- }
- rv = SEC_DerSignData (arena, &(cert->derCert), der.data, der.len, caPrivateKey,
- algID);
- if (rv != SECSuccess) {
- error_out("ERROR: Could not sign encoded certificate data.\n");
- }
-done:
- SECKEY_DestroyPrivateKey(caPrivateKey);
- return &(cert->derCert);
-}
-
-
-int
-main(int argc, char **argv)
-{
- int length = 500;
- int remaining = 500;
- int n;
- int fields = 3;
- int i;
- int serial;
- int chainLen;
- int which_key;
- char *pos;
-#ifdef OFFLINE
- char *form_output = "key=MIIBPTCBpzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7SLqjWBL9Wl11Vlg%0AaMqZCvcQOL%2FnvSqYPPRP0XZy9SoAeyWzQnBOiCm2t8H5mK7r2jnKdAQOmfhjaJil%0A3hNVu3SekHOXF6Ze7bkWa6%2FSGVcY%2FojkydxFSgY43nd1iydzPQDp8WWLL%2BpVpt%2B%2B%0ATRhFtVXbF0fQI03j9h3BoTgP2lkCAwEAARYDZm9vMA0GCSqGSIb3DQEBBAUAA4GB%0AAJ8UfRKJ0GtG%2B%2BufCC6tAfTzKrq3CTBHnom55EyXcsAsv6WbDqI%2F0rLAPkn2Xo1r%0AnNhtMxIuj441blMt%2Fa3AGLOy5zmC7Qawt8IytvQikQ1XTpTBCXevytrmLjCmlURr%0ANJryTM48WaMQHiMiJpbXCqVJC1d%2FpEWBtqvALzZaOOIy&subject=CN%3D%22test%22%26serial-auto%3Dtrue%26serial_value%3D%26ver-1%3Dtrue%26ver-3%3Dfalse%26caChoiceradio-SignWithDefaultkey%3Dtrue%26caChoiceradio-SignWithRandomChain%3Dfalse%26autoCAs%3D%26caChoiceradio-SignWithSpecifiedChain%3Dfalse%26manCAs%3D%26%24";
-#else
- char *form_output;
-#endif
- char *issuerNameStr;
- char *certName;
- char *DBdir = DB_DIRECTORY;
- char *prefixs[10] = {"CA#1-", "CA#2-", "CA#3-",
- "CA#4-", "CA#5-", "CA#6-",
- "CA#7-", "CA#8-", "CA#9-", ""};
- Pair *form_data;
- CERTCertificate *cert;
- CERTCertDBHandle *handle;
- CERTCertificateRequest *certReq = NULL;
- int warpmonths = 0;
- SECItem *certDER;
-#ifdef FILEOUT
- FILE *outfile;
-#endif
- SECStatus status = SECSuccess;
- extern char prefix[PREFIX_LEN];
- SEC_PKCS7ContentInfo *certChain;
- SECItem *encodedCertChain;
- PRBool UChain = PR_FALSE;
-
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
-
-#ifdef TEST
- sleep(20);
-#endif
- SECU_ConfigDirectory(DBdir);
-
- PK11_SetPasswordFunc(return_dbpasswd);
- status = NSS_InitReadWrite(DBdir);
- if (status != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
- handle = CERT_GetDefaultCertDB();
-
- prefix[0]= '\0';
-#if !defined(OFFLINE)
- form_output = (char*) PORT_Alloc(length);
- if (form_output == NULL) {
- error_allocate();
- }
- pos = form_output;
- while (feof(stdin) == 0 ) {
- if (remaining <= 1) {
- remaining += length;
- length = length * 2;
- form_output = PORT_Realloc(form_output, (length));
- if (form_output == NULL) {
- error_allocate();
- }
- pos = form_output + length - remaining;
- }
- n = fread(pos, 1, (size_t) (remaining - 1), stdin);
- pos += n;
- remaining -= n;
- }
- *pos = '&';
- pos++;
- length = pos - form_output;
-#else
- length = PORT_Strlen(form_output);
-#endif
-#ifdef FILEOUT
- printf("Content-type: text/plain\n\n");
- fwrite(form_output, 1, (size_t)length, stdout);
- printf("\n");
-#endif
-#ifdef FILEOUT
- fwrite(form_output, 1, (size_t)length, stdout);
- printf("\n");
- fflush(stdout);
-#endif
- form_data = make_datastruct(form_output, length);
- status = clean_input(form_data);
-#if !defined(OFFLINE)
- PORT_Free(form_output);
-#endif
-#ifdef FILEOUT
- i = 0;
- while(return_name(form_data, i) != NULL) {
- printf("%s",return_name(form_data,i));
- printf("=\n");
- printf("%s",return_data(form_data,i));
- printf("\n");
- i++;
- }
- printf("I got that done, woo hoo\n");
- fflush(stdout);
-#endif
- issuerNameStr = PORT_Alloc(200);
- if (find_field_bool(form_data, "caChoiceradio-SignWithSpecifiedChain",
- PR_FALSE)) {
- UChain = PR_TRUE;
- chainLen = atoi(find_field(form_data, "manCAs", PR_FALSE));
- PORT_Strcpy(prefix, prefixs[0]);
- issuerNameStr = PORT_Strcpy(issuerNameStr,
- "CN=Cert-O-Matic II, O=Cert-O-Matic II");
- if (chainLen == 0) {
- UChain = PR_FALSE;
- }
- } else {
- if (find_field_bool(form_data, "caChoiceradio-SignWithRandomChain",
- PR_FALSE)) {
- PORT_Strcpy(prefix,prefixs[9]);
- chainLen = atoi(find_field(form_data, "autoCAs", PR_FALSE));
- if (chainLen < 1 || chainLen > 18) {
- issuerNameStr = PORT_Strcpy(issuerNameStr,
- "CN=CA18, O=Cert-O-Matic II");
- }
- issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA");
- issuerNameStr = PORT_Strcat(issuerNameStr,
- find_field(form_data,"autoCAs", PR_FALSE));
- issuerNameStr = PORT_Strcat(issuerNameStr,", O=Cert-O-Matic II");
- } else {
- issuerNameStr = PORT_Strcpy(issuerNameStr,
- "CN=Cert-O-Matic II, O=Cert-O-Matic II");
- }
- chainLen = 0;
- }
-
- i = -1;
- which_key = 0;
- do {
- extern SECStatus cert_GetKeyID(CERTCertificate *cert);
- i++;
- if (i != 0 && UChain) {
- PORT_Strcpy(prefix, prefixs[i]);
- }
- /* find_field(form_data,"subject", PR_TRUE); */
- certReq = makeCertReq(form_data, which_key);
-#ifdef OFFLINE
- serial = 900;
-#else
- serial = get_serial_number(form_data);
-#endif
- cert = MakeV1Cert(handle, certReq, issuerNameStr, PR_FALSE,
- serial, warpmonths, form_data);
- if (certReq != NULL) {
- CERT_DestroyCertificateRequest(certReq);
- }
- if (find_field_bool(form_data,"ver-3", PR_TRUE)) {
- status = add_extensions(cert, form_data, issuerNameStr, handle);
- if (status != SECSuccess) {
- error_out("ERROR: Unable to add extensions");
- }
- }
- status = cert_GetKeyID(cert);
- if (status == SECFailure) {
- error_out("ERROR: Unable to get Key ID.");
- }
- certDER = SignCert(cert, issuerNameStr, form_data, handle, which_key);
- CERT_NewTempCertificate(handle, certDER, NULL, PR_FALSE, PR_TRUE);
- issuerNameStr = find_field(form_data, "subject", PR_TRUE);
- /* SECITEM_FreeItem(certDER, PR_TRUE); */
- CERT_DestroyCertificate(cert);
- if (i == (chainLen - 1)) {
- i = 8;
- }
- ++which_key;
- } while (i < 9 && UChain);
-
-
-
-#ifdef FILEOUT
- outfile = fopen("../certout", "wb");
-#endif
- certName = find_field(form_data, "subject", PR_FALSE);
- cert = CERT_FindCertByNameString(handle, certName);
- certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, handle);
- if (certChain == NULL) {
- error_out("ERROR: No certificates in cert chain");
- }
- encodedCertChain = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL,
- NULL);
- if (encodedCertChain) {
-#if !defined(FILEOUT)
- printf("Content-type: application/x-x509-user-cert\r\n");
- printf("Content-length: %d\r\n\r\n", encodedCertChain->len);
- fwrite (encodedCertChain->data, 1, encodedCertChain->len, stdout);
-#else
- fwrite (encodedCertChain->data, 1, encodedCertChain->len, outfile);
-#endif
-
- } else {
- error_out("Error: Unable to DER encode certificate");
- }
-#ifdef FILEOUT
- printf("\nI got here!\n");
- fflush(outfile);
- fclose(outfile);
-#endif
- fflush(stdout);
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- return 0;
-}
-
diff --git a/security/nss/cmd/certcgi/index.html b/security/nss/cmd/certcgi/index.html
deleted file mode 100644
index 0bd79f3ce..000000000
--- a/security/nss/cmd/certcgi/index.html
+++ /dev/null
@@ -1,956 +0,0 @@
-<HTML> <!-- -*- Mode: Java; tab-width: 8 -*- -->
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<HEAD>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<SCRIPT LANGUAGE="JavaScript1.2">
-
-script_url = 'http://interzone.mcom.com/cgi-bin/certomatic/bin/certcgi.cgi'
-
-ext_page_ver1 =
- make_page_intro('Version 1 extensions', "#FFFFFF") +
- '<layer ID="ext1">' +
- 'Version 1 X.509 certs do not support extensions' +
- '</layer>' +
- '</body></html>';
-
-cur_page = 1;
-
-num_ca = 0;
-
-index_list =
- '0, your_certificate_index_label,' +
- '0, netscape_extensions_index_label,' +
- '0, standard_extensions_index_label,' +
- '0, certifying_authorities_index_label';
-
-var main_page =
- make_page_intro('Your Key', "#FFFFFF") +
- '<layer ID="main" SRC="main.html">' +
- '</layer>' +
- '</body></html>' ;
-
-add_index_list = '';
-
-max_pages = 13;
-
-ver = 3
-
-ext_page_array = new Array(max_pages);
-
-index_label = 'Options';
-
-your_certificate_index_label = 'Your Certificate';
-
-netscape_extensions_index_label = 'Netscape X.509 Extensions';
-
-standard_extensions_index_label = 'Standard X.509 Extensions';
-
-certifying_authorities_index_label = 'Certifying Authorities';
-
-add_sub_alt_name_index_label = 'Add Subject Alternative Name';
-
-function setSubAltNameType(form)
-{
- with(form)
- {
- if (SubAltNameRadio[0].checked)
- {
- return true;
- }
- if (SubAltNameRadio[3].checked || SubAltNameRadio[5].checked)
- {
- SubAltNameDataType.checked = true;
- return true;
- }
- if (SubAltNameRadio[1].checked || SubAltNameRadio[2].checked ||
- SubAltNameRadio[4].checked || SubAltNameRadio[6].checked ||
- SubAltNameRadio[7].checked || SubAltNameRadio[8].checked)
- {
- SubAltNameDataType.checked = false;
- return true;
- }
- }
- return true;
-}
-
-function setIssuerAltNameType(form)
-{
- with(form)
- {
- if (IssuerAltNameRadio[0].checked)
- {
- return true;
- }
- if (IssuerAltNameRadio[3].checked || IssuerAltNameRadio[5].checked)
- {
- IssuerAltNameDataType.checked = true;
- return true;
- }
- if (IssuerAltNameRadio[1].checked || IssuerAltNameRadio[2].checked ||
- IssuerAltNameRadio[4].checked || IssuerAltNameRadio[6].checked ||
- IssuerAltNameRadio[7].checked || IssuerAltNameRadio[8].checked)
- {
- IssuerAltNameDataType.checked = false;
- return true;
- }
- }
- return true;
-}
-
-
-function setNameConstraintNameType(form)
-{
- with(form)
- {
- if (NameConstraintRadio[0].checked)
- {
- return true;
- }
- if (NameConstraintRadio[3].checked || NameConstraintRadio[5].checked)
- {
- NameConstraintNameDataType.checked = true;
- return true;
- }
- if (NameConstraintRadio[1].checked || NameConstraintRadio[2].checked ||
- NameConstraintRadio[4].checked || NameConstraintRadio[6].checked ||
- NameConstraintRadio[7].checked || NameConstraintRadio[8].checked)
- {
- NameConstraintNameDataType.checked = false;
- return true;
- }
- }
- return true;
-}
-
-
-function addSubAltName(form)
-{
-
- with(form)
- {
- var len = SubAltNameSelect.length;
- var value;
- var i = 0;
- while(!(i == (SubAltNameRadio.length - 1)) & !(SubAltNameRadio[i].checked == true))
- {
- i++;
- }
- if (i != 0)
- {
- value = SubAltNameText.value + " - " + (i + 1);
- }
- else
- {
- value = SubAltNameText.value + " - " + SubAltNameOtherNameOID.value + " - ";
- if (SubAltNameDataType.checked)
- {
- value += "1 - ";
- }
- else
- {
- value += "0 - ";
- }
- value += (i + 1);
- if (SubAltNameOtherNameOID.value == "")
- {
- alert("Other names must include an OID");
- return false;
- }
- }
-
- if ((SubAltNameText.value == "") | (SubAltNameRadio[i].checked != true))
- {
- alert("Alternative Names must include values for name and name type.");
- }
- else
- {
- SubAltNameSelect.options[len] = new Option(value, value);
- }
- }
- return true;
-}
-
-function deleteSubAltName(form)
-{
- with(form)
- {
- while (SubAltNameSelect.selectedIndex >= 0)
- {
- SubAltNameSelect[SubAltNameSelect.selectedIndex] = null;
- }
- }
-}
-
-function addIssuerAltName(form)
-{
- with(form)
- {
- var len = IssuerAltNameSelect.length;
- var value;
- var i = 0;
-
- while(!(i == (IssuerAltNameRadio.length -1)) & !(IssuerAltNameRadio[i].checked == true))
- {
- i++;
- }
- if (i != 0)
- {
- value = IssuerAltNameText.value + " - " + (i + 1);
- }
- else
- {
- value = IssuerAltNameText.value + " - " + IssuerAltNameOtherNameOID.value + " - ";
- if (IssuerAltNameDataType.checked)
- {
- value += "1 - ";
- }
- else
- {
- value += "0 - ";
- }
- value += (i + 1);
- if (IssuerAltNameOtherNameOID.value == "")
- {
- alert("Other names must include an OID");
- return false;
- }
- }
- if ((IssuerAltNameText.value == "") | (IssuerAltNameRadio[i].checked != true))
- {
- alert("Alternative Names must include values for name and name type.")
- }
- else
- {
- IssuerAltNameSelect.options[len] = new Option(value, value);
- }
- }
- return true;
-}
-
-function deleteIssuerAltName(form)
-{
- with(form)
- {
- while (IssuerAltNameSelect.selectedIndex >= 0)
- {
- IssuerAltNameSelect[IssuerAltNameSelect.selectedIndex] = null;
- }
- }
-}
-
-
-
-function addNameConstraint(form)
-{
- with(form)
- {
- var len = NameConstraintSelect.length;
- var value;
- var i = 0;
- var min = NameConstraintMin.value;
- var max = NameConstraintMax.value;
-
- while(!(i == (NameConstraintRadio.length - 1) ) & !(NameConstraintRadio[i].checked == true))
- {
- i++;
- }
- value = NameConstraintText.value + " - ";
- if (i == 0)
- {
- value += NameConstraintOtherNameOID.value + " - ";
- if (NameConstraintNameDataType.checked)
- {
- value += "1 - ";
- }
- else
- {
- value += "0 - ";
- }
- if (NameConstraintOtherNameOID.value == "")
- {
- alert("Other names must include an OID");
- return false;
- }
- }
- value += (i + 1) + " - ";
- if (NameConstraintTypeRadio[0].checked == true)
- {
- value += "p - ";
- }
- else
- {
- value += "e - ";
- }
- value += min + " - " + max;
- if ((min == "") | (NameConstraintText.value == "") | (NameConstraintRadio[i].checked != true))
- {
- alert("Name Constraints must include values for minimum, name, and name type.")
- }
- else
- {
- NameConstraintSelect.options[len] = new Option(value, value);
- }
- }
- return true;
-}
-
-function deleteNameConstraint(form)
-{
- with(form)
- {
- while (NameConstraintSelect.selectedIndex >= 0)
- {
- NameConstraintSelect[NameConstraintSelect.selectedIndex] = null;
- }
- }
-}
-
-
-function submit_it()
-{
- save_cur_page(cur_page);
-
- var array_string;
- var subject = ext_page_array[0][22][0];
- var serial = ext_page_array[0][10][0];
- var ver1 = (ver == 1);
- var ver3 = (ver == 3);
- var serial_number = ext_page_array[0][12][0];
- var notBefore = ext_page_array[0][20][0];
- var notAfter = ext_page_array[0][21][0];
- var manValidity = ext_page_array[0][19][0];
-
- if (subject == "")
- {
- alert("The DN field must contain some data");
- return false;
- }
- if (!serial & serial_number == "")
- {
- alert("No serial number specified");
- return false;
- }
- if (ext_page_array[0][15][0])
- {
- var keygen = "<keygen name=\"key\" challenge=\"foo\">";
- }
- else
- {
- switch (ext_page_array[0][17][0]) {
- case 2:
- var keygen = "<keygen keytype=\"dsa\" pqg=\"MIGdAkEAjfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qsSWk9+/g3JMLsBzbuMcgCkQIVAMdzIYxzfsjumTtPLe0w9I7azpFfAkEAYm0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5UhklycxC6fb0ZLCIzFcq9T5teIAg==\" name=\"key\" challenge=\"foo\">";
- break;
- case 1:
- var keygen = "<keygen keytype=\"dsa\" pqg=\"MIHaAmDCboVgX0+6pEeMlbwsasWDVBcJNHPKMzkq9kbCRK2U3k+tE15n+Dc2g3ZjDYr1um51e2iLC34/BwAAAAAAAAAAAAAAAAAAAAAAAAABbBhnlFN5Djmt0Mk8cdEBY5H8iPMCFMhUnFtbpjn3EyfH2DjVg3ALh7FtAmA2zWzhpeCwvOTjYnQorlXiv0WcnSiWmaC79CRYkFt5i+UEfRxwP1eNGJBVB1T+CPW6JGd4WhgsqtSf53pn5DEtv++O7lNfXyOhWhb3KaWHYIx8fuAXtioIWkWmpfEIVZA=\" name=\"key\" challenge=\"foo\">";
- break;
- case 0:
- var keygen = "<keygen keytype=\"dsa\" pqg=\"MIIBHAKBgId8SiiWrcdua5zbsBhPkKfFcnHBG7T/bQla7c6OixGjjmSSuq2fJLvMKa579CaxHxLZzZZXIHmAk9poRgWl2GUUkCJ68XSum8OQzDPXPsofcEdeANjw3mIAAAAAAAAAAAAAAAAAAAAAAAAIE+MkW5hguLIQqWvEVi9dMpbNu6OZAhTIA+y3TgyiwA0D8pt686ofaL1IOQKBgAiZQC6UCXztr2iXxJrAC+51gN5oX/R9Thilln9RGegsWnHrdxUOpcm5vAWp1LU8TOXtujE8kqkm3UxIRhUWQORe9IxLANAXmZJqkw9FEVHkxj6Cy9detwT2MyBzSwS6avsf7aLisgHmI/IHSeapJsQ3NQa3rikb6zRiqIV+TVa6\" name=\"key\" challenge=\"foo\">";
- break;
- }
- }
- array_string = build_array_string();
- hiddens = "<input type=\"hidden\" name=\"subject\" value=\'" + subject + "\'> \n" +
- "<input type=\"hidden\" name=\"serial-auto\" value=\"" + serial + "\"> \n" +
- "<input type=\"hidden\" name=\"serial_value\" value=\"" + serial_number + "\"> \n" +
- "<input type=\"hidden\" name=\"ver-1\" value=\"" + ver1 + "\"> \n" +
- "<input type=\"hidden\" name=\"ver-3\" value=\"" + ver3 + "\"> \n" +
- "<input type=\"hidden\" name=\"notBefore\" value=\"" + notBefore + "\"> \n" +
- "<input type=\"hidden\" name=\"notAfter\" value=\"" + notAfter + "\"> \n" +
- "<input type=\"hidden\" name=\"manValidity\" value=\"" + manValidity + "\"> \n" +
- array_string;
-
- var good_submit_page =
- '<html>' +
- '<BODY TEXT="#000000" LINK="#000000" VLINK="#000000" ALINK="#FF0000" BGCOLOR="#FFFFFF">' +
- '<form method="post" action="' + script_url + '">' +
- 'Select size for your key:' + keygen + '</p>' +
- '<input type="submit"></p>' +
- hiddens +
- '</form>\n' +
- '</body>\n' +
- '</html>\n';
-
- window.frames.extensions.document.write(good_submit_page);
- window.frames.extensions.document.close();
- cur_page = max_pages + 1;
- make_index(window);
- return false;
-}
-
-
-
-function build_array_string()
-{
- var j;
- var array_string = '';
- var pages;
-
- if ((ext_page_array[3][4][0] > 0) && ext_page_array[3][3][0])
- {
- pages = 4 + parseInt(ext_page_array[3][4][0]);
- }
- else
- {
- pages = 4;
- }
- for (j = 1; j < pages; j++)
- {
- if ((j > 1 || (ver == 3)) &&
- (ext_page_array[j].length > 1))
- {
- if (j < 4)
- {
- for (i = 0; i < ext_page_array[j].length; i++)
- {
- if (ext_page_array[j][i][3].indexOf("radio") == -1)
- {
- if (ext_page_array[j][i][3].indexOf("multiple") == -1)
- {
- array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
- }
- else
- {
- for (k = 0; k < ext_page_array[j][i][0].length; k++)
- {
- array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + k + '\" value=\'' + ext_page_array[j][i][0][k] + '\'> \n';
- }
- }
- }
- else
- {
- array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + '-' + ext_page_array[j][i][2] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
- }
- }
- }
- else
- {
- for (i = 0; i < ext_page_array[j].length; i++)
- {
- if (ext_page_array[j][i][3].indexOf("radio") == -1)
- {
- if (ext_page_array[j][i][3].indexOf("multiple") == -1)
- {
- array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + '\" value=\'' + ext_page_array[j][i][0] +'\'> \n';
- }
- else
- {
- for (k = 0; k < ext_page_array[j][i][0].length; k++)
- {
- array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + k + '\" value=\'' + ext_page_array[j][i][0][k] + '\'> \n';
- }
- }
- }
- else
- {
- array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + '-' + ext_page_array[j][i][2] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
- }
- }
- }
- }
- }
- return array_string;
-}
-
-
-
-function init_ext_page_array()
-{
- for (i = 0; i < max_pages; i++)
- {
- ext_page_array[i] = '';
- }
-}
-
-function ca_num_change(n,ca_form)
-{
- with(ca_form)
- {
- n = parseInt(n,10);
- if (caChoiceradio[2].checked)
- {
- if (n)
- {
- update_index(n);
- }
- else
- {
- update_index(0);
- }
- }
- }
-}
-
-function choice_change(ca_form)
-{
- with(ca_form)
- {
- if (caChoiceradio[2].checked)
- {
- ca_num_change(manCAs.value,ca_form);
- }
- else
- {
- update_index(0);
- }
- }
-}
-
-function update_index(n)
-{
- var add_string = '';
- for (var i = 0; i < n; i++)
- {
- var j = i + 1;
- add_string = add_string + ',1, \'CA #' + j + '\'';
- }
- top.add_index_list = add_string;
- num_ca = n;
- make_index(window);
-}
-
-function set_ver1()
-// redraws the extensions page for version 1 certificates
-{
- ver = 1
- if (cur_page == 2 || cur_page == 3)
- {
- sa_switch_pane(window, cur_page, cur_page);
- }
-}
-
-
-function set_ver3()
-// redraws the extensions page for version 3 certificates
-{
- ver = 3
- if (cur_page == 2)
- {
- sa_switch_pane(window, 0, 2);
- }
- else if (cur_page == 3)
- {
- sa_switch_pane(window, 0, 3);
- }
-}
-
-function reset_subject(marker, value, form)
-// Updates the subject field from a subordinate field
-{
- with(form)
- {
- var field_sep = '", ';
- var begin_index = subject.value.indexOf(marker);
- if (begin_index != 0 && subject.value[begin_index - 1] != ' ')
- {
- begin_index = subject.value.indexOf(marker, begin_index +1);
- }
- var end_index = subject.value.indexOf(field_sep, begin_index);
- if (begin_index > -1) // is it a delete/change?
- {
- if (end_index == -1) // is it the last one (includes only one)?
- {
- if (value.length > 0) // do I have to change it?
- {
- if (begin_index == 0) // is is the only one?
- {
- subject.value = marker + '"' + value + '"';
- }
- else // it is the last of many
- {
- subject.value = subject.value.substring(0,begin_index) + marker + '"' + value + '"';
- }
- }
- else // must be a delete
- {
- if (begin_index == 0) // is it the only one?
- {
- begin_index += 2;
- }
- subject.value = subject.value.substring(0,(begin_index - 2));
- }
- }
- else // it is the first of many or a middle one
- {
- if (value.length >0) // do I have to change it?
- {
- subject.value = subject.value.substring(0,(begin_index + marker.length + 1)) + value + subject.value.substring(end_index,subject.length);
- }
- else // it is a delete
- {
- subject.value = subject.value.substring(0,begin_index) + subject.value.substring((end_index + 3),subject.length);
- }
- }
- }
- else // It is either an insert or a do nothing
- {
- if (value.length > 0) // is it an insert?
- {
- if (subject.value.length == 0) // is subject currently empty?
- {
- subject.value = marker + '"' + value + '"';
- }
- else
- {
- subject.value = subject.value + ', ' + marker + '"' + value + '"';
- }
- }
- }
- }
-}
-
-
-
-function reset_subjectFields(form)
-// updates all the subordinate fields from the subject field of a form
-// ************ move the strings to global variables, to make maintentance easier ****************
-{
-
- update_subject_Field(form, 'CN=\"', form.name);
- update_subject_Field(form, 'MAIL=\"', form.email);
- update_subject_Field(form, 'O=\"', form.org);
- update_subject_Field(form, 'C=\"', form.country);
- update_subject_Field(form, ' L=\"', form.loc);
- update_subject_Field(form, 'ST=\"', form.state);
- update_subject_Field(form, 'E=\"', form.email);
- update_subject_Field(form, 'OU=\"', form.org_unit);
- update_subject_Field(form, 'UID=\"', form.uid);
-}
-
-function update_subject_Field(form, marker, update_field)
-//updates a single subordinate field from the subject field of a form
-// *************** need to deal with the two types of e-mail addresses **************
-{
- with(form)
- {
- var field_sep = '", ';
- var begin_index = subject.value.indexOf(marker) + marker.length;
- var end_index = subject.value.indexOf(field_sep, begin_index);
- if (end_index == -1)
- {
- end_index = subject.value.indexOf('"',begin_index);
- }
- if (begin_index != (-1 + marker.length) )
- {
- update_field.value = subject.value.substring(begin_index, end_index);
- }
- else
- {
- update_field.value = '';
- }
- }
-}
-
-
-function switch_mail(form)
- // *************** I need to figure out if I want to delete the other type of e-mail address ************
-{
- if (form.email_type[0].checked)
- {
- var del = 'E=';
- var ins = 'MAIL=';
- }
- else
- {
- var del = 'MAIL=';
- var ins = 'E=';
- }
- reset_subject(del, '', form);
- reset_subject(ins, form.email.value, form);
-}
-
-function make_page_intro(title, bgcolor)
-{
- var style = '<STYLE TYPE="text/css">BODY{' +
- 'font-family: Geneva,MS Sans Serif,Arial,Lucida,Helvetica,sans-serif;' +
- 'font-size: 10pt;' +
- '}' +
- 'TD{' +
- 'font-family: Geneva,MS Sans Serif,Arial,Lucida,Helvetica,sans-serif;' +
- 'font-size: 10pt;}' +
- '</STYLE>';
-
- if (bgcolor == null) { bgcolor = "#C0C0C0"; }
- return '<HTML><HEAD>' +
- '<TITLE>' + title + '</TITLE>' +
- '</HEAD>' +
- '<BODY TEXT="#000000" LINK="#000000" VLINK="#000000" ALINK="#FF0000" ' +
- 'BGCOLOR="' + bgcolor + '">';
-}
-
-
-function make_index(window)
-{
- with (window.frames.index)
- {
- eval ('index_string = make_index_page(cur_page, ' + index_list + add_index_list + ' )');
- fool1 = make_page_intro(index_label, "#FFFFFF") +
- index_string + '</BODY></HTML>';
- document.write(fool1);
- document.close();
- }
-}
-
-
-function save_cur_page(page_number)
-{
- var len;
- var j = page_number - 1;
- if (frames.extensions.document.layers.length != 0)
- {
- with (frames.extensions.document.layers[0].document)
- {
- if ((page_number != 2 && page_number != 3 && page_number <= max_pages) ||
- ver == 3)
- {
- ext_page_array[j] = new Array(forms[0].elements.length);
- for (i = 0; i < forms[0].elements.length; i++)
- {
- ext_page_array[j][i] = new Array(4);
- switch (forms[0].elements[i].type)
- {
- case 'radio': case 'checkbox':
- ext_page_array[j][i][0] = forms[0].elements[i].checked;
- break;
- case 'select-one':
- ext_page_array[j][i][0] = forms[0].elements[i].selectedIndex;
- break;
- case 'select-multiple':
- len = forms[0].elements[i].options.length;
- ext_page_array[j][i][0] = new Array(len);
- for(k = 0; k < len; k++)
- {
- ext_page_array[j][i][0][k] = forms[0].elements[i].options[k].value;
- }
- break;
- default:
- ext_page_array[j][i][0] = forms[0].elements[i].value;
- }
- ext_page_array[j][i][1] = forms[0].elements[i].name;
- ext_page_array[j][i][2] = forms[0].elements[i].value;
- ext_page_array[j][i][3] = forms[0].elements[i].type;
- }
- }
- }
- }
-}
-
-function reload_form(page_number)
-{
- var j = page_number - 1;
- with (frames.extensions.document.layers[0].document)
- {
- if (((page_number < 2 || page_number > 3) || ver == 3)
- && page_number != 0 && (ext_page_array[j].length > 1))
- {
- for (i = 0; i < ext_page_array[j].length; i++)
- {
- switch (forms[0].elements[i].type)
- {
- case 'radio': case 'checkbox':
- forms[0].elements[i].checked = ext_page_array[j][i][0];
- break;
- case 'select-one':
- forms[0].elements[i].selectedIndex = ext_page_array[j][i][0];
- break;
- case 'select-multiple':
- for (k = 0; k < ext_page_array[j][i][0].length; k++)
- {
- forms[0].elements[i].options[k] = new Option(ext_page_array[j][i][0][k],
- ext_page_array[j][i][0][k]);
- }
- break;
- default:
- forms[0].elements[i].value = ext_page_array[j][i][0];
- }
- }
- }
- }
-}
-
-function sa_switch_pane(top_window, old_pane, new_pane)
-{
- var ext_page_stnd =
- make_page_intro(standard_extensions_index_label, "#FFFFFF") +
- '<layer ID="ext" SRC="stnd_ext_form.html">' +
- '</layer>' +
- '</body></html>';
-
- var ext_page_nscp =
- make_page_intro(netscape_extensions_index_label, "#FFFFFF") +
- '<layer ID="ext" SRC="nscp_ext_form.html">' +
- '</layer>' +
- '</body></html>';
-
- var ext_page_ca =
- make_page_intro(certifying_authorities_index_label, "#FFFFFF") +
- '<layer ID="ext" SRC="ca.html">' +
- '</layer>' +
- '</body</html>';
-
- var ext_page_ca_exp =
- make_page_intro('Certifying Authority Details', "#FFFFFF") +
- '<layer ID="ext" SRC="ca_form.html">' +
- '</layer>' +
- '</body></html>';
-
-
- if (old_pane > 0 && cur_page <= max_pages)
- {
- save_cur_page(old_pane);
- }
- cur_page = new_pane;
- make_index(top_window);
- if (new_pane == 2 || new_pane == 3)
- {
- if (ver == 1)
- {
- frames.extensions.document.write(ext_page_ver1);
- frames.extensions.document.close();
- }
- else
- {
- if (new_pane == 2)
- {
- frames.extensions.document.write(ext_page_nscp);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- else
- {
- frames.extensions.document.write(ext_page_stnd);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- }
- }
- else
- {
- if (new_pane == 4)
- {
- frames.extensions.document.write(ext_page_ca);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- else
- {
- if (new_pane == 1)
- {
- frames.extensions.document.write(main_page);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- else
- {
- frames.extensions.document.write(ext_page_ca_exp);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- }
- }
-}
-
-function make_index_page(selected)
-{
- var n_strings = ( make_index_page.arguments.length - 1 ) / 2;
- var table_background;
- var command;
- var indent;
- var label;
- var ret_string = "";
-
- ret_string += '<TABLE CELLSPACING=4>';
- for ( var i = 1; i <= n_strings; i++ ) {
- if ( i == selected ) {
- table_background = 'BGCOLOR=#BBCCBB';
- } else {
- table_background = '';
- }
-
- indent = make_index_page.arguments[(i*2) - 1];
- label = make_index_page.arguments[(i*2)];
-
- if ( indent == 0 ) {
- ret_string += ('<TR><TD COLSPAN=2 ' + table_background + '>');
- } else {
- ret_string += ('<TR><TD>&nbsp;&nbsp;</TD><TD ' + table_background + '>');
- }
-
- command = "'parent.sa_switch_pane(parent," + selected + "," + i + ")'";
- ret_string += ('<A HREF="javascript:void setTimeout(' + command + ',0)">');
- if ( indent == 0 ) { ret_string += "<B>"; }
- ret_string += label;
- if ( indent == 0 ) { ret_string += "</B>"; }
- ret_string += '</A></TD></TR>';
- }
- if (selected == (max_pages + 1))
- {
- table_background = 'BGCOLOR=#BBCCBB';
- } else {
- table_background = '';
- }
- ret_string +=
- '<TR><TD COLSPAN=2 ' + table_background +
- '><b><A HREF="javascript:void setTimeout(\'top.submit_it()\', 0)">Finish</A></b>' +
- '</TD></TR>' +
- '<input type="submit"></form>' +
- '</TABLE>';
- return(ret_string);
-}
-
-
-function make_page(window)
-// Draws the initial page setup
-{
- selected = cur_page
- init_ext_page_array()
-
- with (window.frames.extensions) {
- document.write(main_page);
- document.close();
- }
-
- make_index(window);
-
-}
-</script>
-
-</HEAD>
-<title>Cert-O-Matic</title>
- <FRAMESET cols="150,*" BORDER=3 ONLOAD="make_page(window)">
- <FRAME SRC="about:blank" NAME="index"
- MARGINWIDTH=15 MARGINHEIGHT=10 BORDER=3>
- <FRAME SRC="about:blank" NAME="extensions"
- MARGINWIDTH=15 MARGINHEIGHT=10 BORDER=3>
- </FRAMESET>
-</HTML>
diff --git a/security/nss/cmd/certcgi/main.html b/security/nss/cmd/certcgi/main.html
deleted file mode 100644
index 50e138aee..000000000
--- a/security/nss/cmd/certcgi/main.html
+++ /dev/null
@@ -1,105 +0,0 @@
-<HTML>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<HEAD>
- <TITLE>Main Layer for CertOMatic</TITLE>
-</HEAD>
-
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <table border=0 cellspacing=10 cellpadding=0>
- <tr>
- <td>
- Common Name:</td><td> <input type="text" name="name" onChange="{window.top.reset_subject('CN=', value, form)}"></p>
- </td>
- <td></td><td></td>
- <td>
- Organization: </td><td> <input type="text" name="org" onChange="{window.top.reset_subject('O=', value, form)}"></p></td>
- <tr>
- <td>
- <input type="radio" name="email_type" value="1" onClick="window.top.switch_mail(form)">MAIL=
-
- <input type="radio" name="email_type" value="2" checked onClick="window.top.switch_mail(form)">E=
- </td>
- <td>
- <input type="text" name="email" onChange="var temp;{if (email_type[0].checked) {temp = 'MAIL='} else {temp = 'E='}} ;{window.top.reset_subject(temp, value, form)}">
- </td>
- <td></td><td></td><td>
- Organizational Unit: </td><td><input type="text" name="org_unit" onChange="{window.top.reset_subject('OU=', value, form)}"></p></td>
- <tr>
- <td>
- UID= </td><td><input type="text" name="uid" onChange="{window.top.reset_subject('UID=', value, form)}"></p></td>
- <td></td><td></td><td>
- Locality: </td><td><input type="text" name="loc" onChange="{window.top.reset_subject('L=', value, form)}"></p></td>
- <tr>
- <td>
- State or Province: </td><td><input type="text" name="state" onChange="{window.top.reset_subject('ST=', value, form)}"></p></td>
- <td></td><td></td><td>
- Country: </td><td><input type="text" size="2" name="country" onChange="{window.top.reset_subject('C=', value, form)}" maxlength="2"></p></td>
- <tr>
- <td COLSPAN=2>
- Serial Number:
- <DD><input type="radio" name="serial" value="auto" checked> Auto Generate
- <DD><input type="radio" name="serial" value="input">
- Use this hex value:&nbsp; <input type="text" name="serial_value" size="8" maxlength="8"></p>
- </td>
- <td></td> <td></td>
- <td COLSPAN=2>
- X.509 version:
- <DD><input type="radio" name="ver" value="1" onClick="if (this.checked) {window.top.set_ver1();}"> Version 1
- <DD><input type="radio" name="ver" value="3" checked onClick="if (this.checked) {window.top.set_ver3();}"> Version 3</P></td>
- <tr>
- <td COLSPAN=2>
- Key Type:
- <DD><input type="radio" name="keyType" value="rsa" checked> RSA
- <DD><input type="radio" name="keyType" value="dsa"> DSA</p>
- Intermediate CA Key Sizes:
- <DD><select name="keysize">
- <option>2048 (Very High Grade)
- <option>1024 (High Grade)
- <option>512 (Low Grade)
- </select>
- </td>
- <td></td> <td></td>
- <td COLSPAN=2>
- Validity:
- <DD><input type="radio" name="validity" value="auto" checked>
- Generate Automatically
- <DD><input type="radio" name="validity" value="man"> Use these values:
- <DD>Not Before:&nbsp; <input type="text" size="15" maxlength="17" name="notBefore">
- <DD>Not After:&nbsp;&nbsp;&nbsp; <input type="text" size="15" maxlength="17" name="notAfter">
- <DD>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
- <FONT SIZE=-1><TT>YYMMDDhhmm[ss]{Z|+hhmm|-hhmm} </TT></FONT>
- </table>
- DN: <input type="text" name="subject" size="70" onChange="{window.top.reset_subjectFields(form)}"></P>
- </form>
-</HTML>
diff --git a/security/nss/cmd/certcgi/manifest.mn b/security/nss/cmd/certcgi/manifest.mn
deleted file mode 100644
index 9d659f821..000000000
--- a/security/nss/cmd/certcgi/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIREd.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = certcgi.c
-
-PROGRAM = certcgi
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/certcgi/nscp_ext_form.html b/security/nss/cmd/certcgi/nscp_ext_form.html
deleted file mode 100644
index de939eecb..000000000
--- a/security/nss/cmd/certcgi/nscp_ext_form.html
+++ /dev/null
@@ -1,113 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
- <body>
- <table border=1 cellspacing=5 cellpadding=5>
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <tr>
- <td>
- <b>Netscape Certificate Type: </b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-type"></P>
- Critical: <input type="checkbox" name="netscape-cert-type-crit">
- <td>
- <input type="checkbox" name="netscape-cert-type-ssl-client"> SSL Client</P>
- <input type="checkbox" name="netscape-cert-type-ssl-server"> SSL Server</P>
- <input type="checkbox" name="netscape-cert-type-smime"> S/MIME</P>
- <input type="checkbox" name="netscape-cert-type-object-signing"> Object Signing</P>
- <input type="checkbox" name="netscape-cert-type-reserved"> Reserved for future use (bit 4)</P>
- <input type="checkbox" name="netscape-cert-type-ssl-ca"> SSL CA</P>
- <input type="checkbox" name="netscape-cert-type-smime-ca"> S/MIME CA</P>
- <input type="checkbox" name="netscape-cert-type-object-signing-ca"> Object Signing CA</P>
- </tr>
- <tr>
- <td>
- <b>Netscape Base URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-base-url"></P>
- Critical: <input type="checkbox" name="netscape-base-url-crit">
- <td>
- <input type="text" name="netscape-base-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-revocation-url-crit">
- <td>
- <input type="text" name="netscape-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-revocation-url-crit">
- <td>
- <input type="text" name="netscape-ca-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Certificate Renewal URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-renewal-url"></P>
- Critical: <input type="checkbox" name="netscape-cert-renewal-url-crit">
- <td>
- <input type="text" name="netscape-cert-renewal-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Policy URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-policy-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-policy-url-crit">
- <td>
- <input type="text" name="netscape-ca-policy-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape SSL Server Name:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ssl-server-name"></P>
- Critical: <input type="checkbox" name="netscape-ssl-server-name-crit">
- <td>
- <input type="text" name="netscape-ssl-server-name-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Comment:</b></p>
- Activate extension: <input type="checkbox" name="netscape-comment"></P>
- Critical: <input type="checkbox" name="netscape-comment-crit">
- <td>
- <textarea name="netscape-comment-text" rows="5" cols="50"></textarea>
- </tr>
-
- </table>
- </body>
-</html>
diff --git a/security/nss/cmd/certcgi/stnd_ext_form.html b/security/nss/cmd/certcgi/stnd_ext_form.html
deleted file mode 100644
index ece9b2ff7..000000000
--- a/security/nss/cmd/certcgi/stnd_ext_form.html
+++ /dev/null
@@ -1,247 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
- <body>
- <table border=1 cellspacing=5 cellpadding=5>
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <tr>
- <td>
- <b>Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="keyUsage"></P>
- Critical: <input type="checkbox" name="keyUsage-crit">
- <td>
- <input type="checkbox" name="keyUsage-digitalSignature"> Digital Signature</P>
- <input type="checkbox" name="keyUsage-nonRepudiation"> Non Repudiation</P>
- <input type="checkbox" name="keyUsage-keyEncipherment"> Key Encipherment</P>
- <input type="checkbox" name="keyUsage-dataEncipherment"> Data Encipherment</P>
- <input type="checkbox" name="keyUsage-keyAgreement"> Key Agreement</P>
- <input type="checkbox" name="keyUsage-keyCertSign"> Key Certificate Signing</P>
- <input type="checkbox" name="keyUsage-cRLSign"> CRL Signing</P>
- </tr>
- <tr>
- <td>
- <b>Extended Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="extKeyUsage"></P>
- Critical: <input type="checkbox" name="extKeyUsage-crit">
- <td>
- <input type="checkbox" name="extKeyUsage-serverAuth"> Server Auth</P>
- <input type="checkbox" name="extKeyUsage-clientAuth"> Client Auth</P>
- <input type="checkbox" name="extKeyUsage-codeSign"> Code Signing</P>
- <input type="checkbox" name="extKeyUsage-emailProtect"> Email Protection</P>
- <input type="checkbox" name="extKeyUsage-timeStamp"> Timestamp</P>
- <input type="checkbox" name="extKeyUsage-ocspResponder"> OCSP Responder</P>
- <input type="checkbox" name="extKeyUsage-NS-govtApproved"> Step-up</P>
- </tr>
- <tr>
- <td>
- <b>Basic Constraints:</b></p>
- Activate extension: <input type="checkbox" name="basicConstraints"></P>
- Critical: <input type="checkbox" name="basicConstraints-crit">
- <td>
- CA:</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="CA"> True</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="NotCA"> False</p>
- <input type="checkbox" name="basicConstraints-pathLengthConstraint">
- Include Path length: <input type="text" name="basicConstraints-pathLengthConstraint-text" size="2"></p>
- </tr>
- <tr>
- <td>
- <b>Authority Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="authorityKeyIdentifier">
- <td>
- <input type="radio" name="authorityKeyIdentifier-radio" value="keyIdentifier"> Key Identider</p>
- <input type="radio" name="authorityKeyIdentifier-radio" value="authorityCertIssuer"> Issuer Name and Serial number</p>
- </tr>
- <tr>
- <td>
- <b>Subject Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="subjectKeyIdentifier">
- <td>
- Key Identifier:
- <input type="text" name="subjectKeyIdentifier-text"></p>
- This is an:<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="ascii"> ascii text value<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="hex"> hex value<p>
- </tr>
- <tr>
- <td>
- <b>Private Key Usage Period:</b></p>
- Activate extension: <input type="checkbox" name="privKeyUsagePeriod"></p>
- Critical: <input type="checkbox" name="privKeyUsagePeriod-crit">
- <td>
- Use:</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notBefore"> Not Before</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notAfter"> Not After</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="both" > Both</p>
- <b>Not to be used to sign before:</b></p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="auto"> Set to time of certificate issue</p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="manual"> Use This value</p>
- <dd><dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notBefore-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notBefore-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notBefore-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notBefore-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-second" size="2" maxlength="2"></p>
- <b>Not to be used to sign after:</b></p>
- <dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notAfter-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notAfter-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notAfter-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notAfter-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-second" size="2" maxlength="2"></p>
- </tr>
- <tr>
- <td>
- <b>Subject Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="SubAltName"></P>
- Critical: <input type="checkbox" name="SubAltName-crit">
- <td>
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="SubAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="SubAltName-add" value="Add" onClick="{parent.addSubAltName(this.form)}">
- <input type="button" name="SubAltName-delete" value="Delete" onClick="parent.deleteSubAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="SubAltNameRadio" value="otherName" onClick="parent.setSubAltNameType(form)"> Other Name,
- OID: <input type="text" name="SubAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="SubAltNameRadio" value="rfc822Name" onClick="parent.setSubAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="dnsName" onClick="parent.setSubAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="SubAltNameRadio" value="x400" onClick="parent.setSubAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="directoryName" onClick="parent.setSubAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="SubAltNameRadio" value="ediPartyName" onClick="parent.setSubAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="URL" onClick="parent.setSubAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="SubAltNameRadio" value="ipAddress" onClick="parent.setSubAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="regID"onClick="parent.setSubAltNameType(form)"> Registered ID</td><td>
- <input type="radio" name="SubAltNameRadio" value="nscpNickname" onClick="parent.setSubAltNameType(form)"> Netscape Certificate Nickname</td><td></tr>
- </table>
- Name: <input type="text" name="SubAltNameText">
- Binary Encoded: <input type="checkbox" name="SubAltNameDataType" value="binary" onClick="parent.setSubAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
-
- <tr>
- <td>
- <b>Issuer Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="IssuerAltName"></P>
- Critical: <input type="checkbox" name="IssuerAltName-crit">
- <td>
- <input type="radio" name="IssuerAltNameSourceRadio" value="auto"> Use the Subject Alternative Name from the Issuers Certificate</p>
- <input type="radio" name="IssuerAltNameSourceRadio" value="man"> Use this Name:
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="IssuerAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="IssuerAltName-add" value="Add" onClick="{parent.addIssuerAltName(this.form)}">
- <input type="button" name="IssuerAltName-delete" value="Delete" onClick="parent.deleteIssuerAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="otherName" onClick="parent.setIssuerAltNameType(form)"> Other Name,
- OID: <input type="text" name="IssuerAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="rfc822Name" onClick="parent.setIssuerAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="dnsName" onClick="parent.setIssuerAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="x400" onClick="parent.setIssuerAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="directoryName" onClick="parent.setIssuerAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ediPartyName" onClick="parent.setIssuerAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="URL" onClick="parent.setIssuerAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ipAddress" onClick="parent.setIssuerAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="regID" onClick="parent.setIssuerAltNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="IssuerAltNameText">
- Binary Encoded: <input type="checkbox" name="IssuerAltNameDataType" value="binary" onClick="parent.setIssuerAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
- <tr>
- <td>
- <b>Name Constraints:</b></p>
- Activate extension: <input type="checkbox" name="NameConstraints"></P>
- <td>
- <table>
- <tr>
- <td>
- Name Constraints:</p>
- <select name="NameConstraintSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="NameConstraint-add" value="Add" onClick="{parent.addNameConstraint(this.form)}">
- <input type="button" name="NameConstraint-delete" value="Delete" onClick="parent.deleteNameConstraint(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="NameConstraintRadio" value="otherName" onClick="parent.setNameConstraintNameType(form)"> Other Name,
- OID: <input type="text" name="NameConstraintOtherNameOID" size="6"> </td><td>
- <input type="radio" name="NameConstraintRadio" value="rfc822Name" onClick="parent.setNameConstraintNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="dnsName" onClick="parent.setNameConstraintNameType(form)"> DNS Name </td><td>
- <input type="radio" name="NameConstraintRadio" value="x400" onClick="parent.setNameConstraintNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="directoryName" onClick="parent.setNameConstraintNameType(form)"> Directory Name</td><td>
- <input type="radio" name="NameConstraintRadio" value="ediPartyName" onClick="parent.setNameConstraintNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="URL" onClick="parent.setNameConstraintNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="NameConstraintRadio" value="ipAddress" onClick="parent.setNameConstraintNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="regID" onClick="parent.setNameConstraintNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="NameConstraintText">
- Binary Encoded: <input type="checkbox" name="NameConstraintNameDataType" value="binary" onClick="parent.setNameConstraintNameType(form)"></p>
- Constraint type:<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="permited"> permited<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="excluded"> excluded<p>
- Minimum: <input type="text" name="NameConstraintMin" size="8" maxlength="8"></p>
- Maximum: <input type="text" name="NameConstraintMax" size="8" maxlength="8"></p>
- </tr>
- </table>
- </tr>
-
- </table>
- </body>
-</html>
-
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/certutil/Makefile b/security/nss/cmd/certutil/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/certutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c
deleted file mode 100644
index 0ef9710e2..000000000
--- a/security/nss/cmd/certutil/certutil.c
+++ /dev/null
@@ -1,2885 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** certutil.c
-**
-** utility for managing certificates and the cert database
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "secasn1.h"
-#include "cert.h"
-#include "cryptohi.h"
-#include "secoid.h"
-#include "certdb.h"
-#include "nss.h"
-
-#define MIN_KEY_BITS 512
-#define MAX_KEY_BITS 2048
-#define DEFAULT_KEY_BITS 1024
-
-#define GEN_BREAK(e) rv=e; break;
-
-
-extern SECKEYPrivateKey *CERTUTIL_GeneratePrivateKey(KeyType keytype,
- PK11SlotInfo *slot,
- int rsasize,
- int publicExponent,
- char *noise,
- SECKEYPublicKey **pubkeyp,
- char *pqgFile,
- secuPWData *pwdata);
-
-static char *progName;
-
-static CERTGeneralName *
-GetGeneralName (PRArenaPool *arena)
-{
- CERTGeneralName *namesList = NULL;
- CERTGeneralName *current;
- CERTGeneralName *tail = NULL;
- SECStatus rv = SECSuccess;
- int intValue;
- char buffer[512];
- void *mark;
-
- PORT_Assert (arena);
- mark = PORT_ArenaMark (arena);
- do {
- puts ("\nSelect one of the following general name type: \n");
- puts ("\t1 - instance of other name\n\t2 - rfc822Name\n\t3 - dnsName\n");
- puts ("\t4 - x400Address\n\t5 - directoryName\n\t6 - ediPartyName\n");
- puts ("\t7 - uniformResourceidentifier\n\t8 - ipAddress\n\t9 - registerID\n");
- puts ("\tOther - omit\n\t\tChoice:");
- scanf ("%d", &intValue);
- if (intValue >= certOtherName || intValue <= certRegisterID) {
- if (namesList == NULL) {
- namesList = current = tail = (CERTGeneralName *) PORT_ArenaAlloc
- (arena, sizeof (CERTGeneralName));
- } else {
- current = (CERTGeneralName *) PORT_ArenaAlloc(arena,
- sizeof (CERTGeneralName));
- }
- if (current == NULL) {
- GEN_BREAK (SECFailure);
- }
- } else {
- break;
- }
- current->type = intValue;
- puts ("\nEnter data:");
- fflush (stdout);
- gets (buffer);
- switch (current->type) {
- case certURI:
- case certDNSName:
- case certRFC822Name:
- current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer));
- if (current->name.other.data == NULL) {
- GEN_BREAK (SECFailure);
- }
- PORT_Memcpy
- (current->name.other.data, buffer, current->name.other.len = strlen(buffer));
- break;
-
- case certEDIPartyName:
- case certIPAddress:
- case certOtherName:
- case certRegisterID:
- case certX400Address: {
-
- current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer) + 2);
- if (current->name.other.data == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- PORT_Memcpy (current->name.other.data + 2, buffer, strlen (buffer));
- /* This may not be accurate for all cases. For now, use this tag type */
- current->name.other.data[0] = (char)(((current->type - 1) & 0x1f)| 0x80);
- current->name.other.data[1] = (char)strlen (buffer);
- current->name.other.len = strlen (buffer) + 2;
- break;
- }
-
- case certDirectoryName: {
- CERTName *directoryName = NULL;
-
- directoryName = CERT_AsciiToName (buffer);
- if (!directoryName) {
- fprintf(stderr, "certutil: improperly formatted name: \"%s\"\n", buffer);
- break;
- }
-
- rv = CERT_CopyName (arena, &current->name.directoryName, directoryName);
- CERT_DestroyName (directoryName);
-
- break;
- }
- }
- if (rv != SECSuccess)
- break;
- current->l.next = &(namesList->l);
- current->l.prev = &(tail->l);
- tail->l.next = &(current->l);
- tail = current;
-
- }while (1);
-
- if (rv != SECSuccess) {
- PORT_SetError (rv);
- PORT_ArenaRelease (arena, mark);
- namesList = NULL;
- }
- return (namesList);
-}
-
-static SECStatus
-GetString(PRArenaPool *arena, char *prompt, SECItem *value)
-{
- char buffer[251];
-
- value->data = NULL;
- value->len = 0;
-
- puts (prompt);
- gets (buffer);
- if (strlen (buffer) > 0) {
- value->data = PORT_ArenaAlloc (arena, strlen (buffer));
- if (value->data == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return (SECFailure);
- }
- PORT_Memcpy (value->data, buffer, value->len = strlen(buffer));
- }
- return (SECSuccess);
-}
-
-static CERTCertificateRequest *
-GetCertRequest(PRFileDesc *inFile, PRBool ascii)
-{
- CERTCertificateRequest *certReq = NULL;
- CERTSignedData signedData;
- PRArenaPool *arena = NULL;
- SECItem reqDER;
- SECStatus rv;
-
- reqDER.data = NULL;
- do {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- rv = SECU_ReadDERFromFile(&reqDER, inFile, ascii);
- if (rv)
- break;
- certReq = (CERTCertificateRequest*) PORT_ArenaZAlloc
- (arena, sizeof(CERTCertificateRequest));
- if (!certReq)
- break;
- certReq->arena = arena;
-
- /* Since cert request is a signed data, must decode to get the inner
- data
- */
- PORT_Memset(&signedData, 0, sizeof(signedData));
- rv = SEC_ASN1DecodeItem(arena, &signedData,
- SEC_ASN1_GET(CERT_SignedDataTemplate), &reqDER);
- if (rv)
- break;
-
- rv = SEC_ASN1DecodeItem(arena, certReq,
- SEC_ASN1_GET(CERT_CertificateRequestTemplate), &signedData.data);
- } while (0);
-
- if (!rv) {
- rv = CERT_VerifySignedDataWithPublicKeyInfo(&signedData,
- &certReq->subjectPublicKeyInfo, NULL /* wincx */);
- }
-
- if (rv) {
- PRErrorCode perr = PR_GetError();
- fprintf(stderr, "%s: unable to decode DER cert request (%s)\n", progName,
- SECU_Strerror(perr));
- }
- return (certReq);
-}
-
-static PRBool
-GetYesNo(char *prompt)
-{
- char buf[3];
-
- PR_Sync(PR_STDIN);
- PR_Write(PR_STDOUT, prompt, strlen(prompt)+1);
- PR_Read(PR_STDIN, buf, sizeof(buf));
- return (buf[0] == 'y' || buf[0] == 'Y') ? PR_TRUE : PR_FALSE;
-#if 0
- char charValue;
-
- puts (prompt);
- scanf ("%c", &charValue);
- if (charValue != 'y' && charValue != 'Y')
- return (0);
- return (1);
-#endif
-}
-
-static SECStatus
-AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts,
- PRFileDesc *inFile, PRBool ascii, PRBool emailcert, void *pwdata)
-{
- CERTCertTrust *trust = NULL;
- CERTCertificate *cert = NULL, *tempCert = NULL;
- SECItem certDER;
- SECStatus rv;
-
- certDER.data = NULL;
- do {
- /* Read in the entire file specified with the -i argument */
- rv = SECU_ReadDERFromFile(&certDER, inFile, ascii);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to read input file");
- break;
- }
-
- /* Read in an ASCII cert and return a CERTCertificate */
- cert = CERT_DecodeCertFromPackage((char *)certDER.data, certDER.len);
- if (!cert) {
- SECU_PrintError(progName, "could not obtain certificate from file");
- GEN_BREAK(SECFailure);
- }
-
- /* Create a cert trust to pass to SEC_AddPermCertificate */
- trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust));
- if (!trust) {
- SECU_PrintError(progName, "unable to allocate cert trust");
- GEN_BREAK(SECFailure);
- }
-
- rv = CERT_DecodeTrustString(trust, trusts);
- if (rv) {
- SECU_PrintError(progName, "unable to decode trust string");
- GEN_BREAK(SECFailure);
- }
-
- if (!PK11_IsFriendly(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could not authenticate to token or database");
- GEN_BREAK(SECFailure);
- }
- }
-
- rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could not add certificate to token or database");
- GEN_BREAK(SECFailure);
- }
-
- rv = CERT_ChangeCertTrust(handle, cert, trust);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could not change trust on certificate");
- GEN_BREAK(SECFailure);
- }
-
- if ( emailcert ) {
- CERT_SaveSMimeProfile(cert, NULL, pwdata);
- }
-
- } while (0);
-
- CERT_DestroyCertificate (cert);
- PORT_Free(trust);
- PORT_Free(certDER.data);
-
- return rv;
-}
-
-/* This function belongs in libNSS somewhere. */
-static SECOidTag
-getSignatureOidTag(KeyType keyType, SECOidTag hashAlgTag)
-{
- SECOidTag sigTag = SEC_OID_UNKNOWN;
-
- switch (keyType) {
- case rsaKey:
- switch (hashAlgTag) {
- case SEC_OID_MD2:
- sigTag = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION; break;
- case SEC_OID_UNKNOWN: /* default for RSA if not specified */
- case SEC_OID_MD5:
- sigTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; break;
- case SEC_OID_SHA1:
- sigTag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; break;
- case SEC_OID_SHA256:
- sigTag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; break;
- case SEC_OID_SHA384:
- sigTag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION; break;
- case SEC_OID_SHA512:
- sigTag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; break;
- default:
- break;
- }
- break;
- case dsaKey:
- switch (hashAlgTag) {
- case SEC_OID_UNKNOWN: /* default for DSA if not specified */
- case SEC_OID_SHA1:
- sigTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; break;
- default:
- break;
- }
- break;
- default:
- break;
- }
- return sigTag;
-}
-
-static SECStatus
-CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType,
- SECOidTag hashAlgTag, CERTName *subject, char *phone, int ascii,
- const char *emailAddrs, const char *dnsNames, PRFileDesc *outFile)
-{
- CERTSubjectPublicKeyInfo *spki;
- CERTCertificateRequest *cr;
- SECItem *encoding;
- SECOidTag signAlgTag;
- SECItem result;
- SECStatus rv;
- PRArenaPool *arena;
- PRInt32 numBytes;
-
- /* Create info about public key */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if (!spki) {
- SECU_PrintError(progName, "unable to create subject public key");
- return SECFailure;
- }
-
- /* Generate certificate request */
- cr = CERT_CreateCertificateRequest(subject, spki, 0);
- if (!cr) {
- SECU_PrintError(progName, "unable to make certificate request");
- return SECFailure;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- SECU_PrintError(progName, "out of memory");
- return SECFailure;
- }
-
- /* Der encode the request */
- encoding = SEC_ASN1EncodeItem(arena, NULL, cr,
- SEC_ASN1_GET(CERT_CertificateRequestTemplate));
- if (encoding == NULL) {
- SECU_PrintError(progName, "der encoding of request failed");
- return SECFailure;
- }
-
- /* Sign the request */
- signAlgTag = getSignatureOidTag(keyType, hashAlgTag);
- if (signAlgTag == SEC_OID_UNKNOWN) {
- SECU_PrintError(progName, "unknown Key or Hash type");
- return SECFailure;
- }
- rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len,
- privk, signAlgTag);
- if (rv) {
- SECU_PrintError(progName, "signing of data failed");
- return SECFailure;
- }
-
- /* Encode request in specified format */
- if (ascii) {
- char *obuf;
- char *name, *email, *org, *state, *country;
- SECItem *it;
- int total;
-
- it = &result;
-
- obuf = BTOA_ConvertItemToAscii(it);
- total = PL_strlen(obuf);
-
- name = CERT_GetCommonName(subject);
- if (!name) {
- fprintf(stderr, "You must specify a common name\n");
- return SECFailure;
- }
-
- if (!phone)
- phone = strdup("(not specified)");
-
- email = CERT_GetCertEmailAddress(subject);
- if (!email)
- email = strdup("(not specified)");
-
- org = CERT_GetOrgName(subject);
- if (!org)
- org = strdup("(not specified)");
-
- state = CERT_GetStateName(subject);
- if (!state)
- state = strdup("(not specified)");
-
- country = CERT_GetCountryName(subject);
- if (!country)
- country = strdup("(not specified)");
-
- PR_fprintf(outFile,
- "\nCertificate request generated by Netscape certutil\n");
- PR_fprintf(outFile, "Phone: %s\n\n", phone);
- PR_fprintf(outFile, "Common Name: %s\n", name);
- PR_fprintf(outFile, "Email: %s\n", email);
- PR_fprintf(outFile, "Organization: %s\n", org);
- PR_fprintf(outFile, "State: %s\n", state);
- PR_fprintf(outFile, "Country: %s\n\n", country);
-
- PR_fprintf(outFile, "%s\n", NS_CERTREQ_HEADER);
- numBytes = PR_Write(outFile, obuf, total);
- if (numBytes != total) {
- SECU_PrintSystemError(progName, "write error");
- return SECFailure;
- }
- PR_fprintf(outFile, "\n%s\n", NS_CERTREQ_TRAILER);
- } else {
- numBytes = PR_Write(outFile, result.data, result.len);
- if (numBytes != (int)result.len) {
- SECU_PrintSystemError(progName, "write error");
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-ChangeTrustAttributes(CERTCertDBHandle *handle, char *name, char *trusts)
-{
- SECStatus rv;
- CERTCertificate *cert;
- CERTCertTrust *trust;
-
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- name);
- return SECFailure;
- }
-
- trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust));
- if (!trust) {
- SECU_PrintError(progName, "unable to allocate cert trust");
- return SECFailure;
- }
-
- /* This function only decodes these characters: pPwcTCu, */
- rv = CERT_DecodeTrustString(trust, trusts);
- if (rv) {
- SECU_PrintError(progName, "unable to decode trust string");
- return SECFailure;
- }
-
- rv = CERT_ChangeCertTrust(handle, cert, trust);
- if (rv) {
- SECU_PrintError(progName, "unable to modify trust attributes");
- return SECFailure;
- }
- CERT_DestroyCertificate(cert);
-
- return SECSuccess;
-}
-
-static SECStatus
-printCertCB(CERTCertificate *cert, void *arg)
-{
- SECStatus rv;
- SECItem data;
- CERTCertTrust *trust = (CERTCertTrust *)arg;
-
- data.data = cert->derCert.data;
- data.len = cert->derCert.len;
-
- rv = SECU_PrintSignedData(stdout, &data, "Certificate", 0,
- SECU_PrintCertificate);
- if (rv) {
- SECU_PrintError(progName, "problem printing certificate");
- return(SECFailure);
- }
- if (trust) {
- SECU_PrintTrustFlags(stdout, trust,
- "Certificate Trust Flags", 1);
- } else if (cert->trust) {
- SECU_PrintTrustFlags(stdout, cert->trust,
- "Certificate Trust Flags", 1);
- }
-
- printf("\n");
-
- return(SECSuccess);
-}
-
-static SECStatus
-DumpChain(CERTCertDBHandle *handle, char *name)
-{
- CERTCertificate *the_cert;
- CERTCertificateList *chain;
- int i, j;
- the_cert = PK11_FindCertFromNickname(name, NULL);
- if (!the_cert) {
- SECU_PrintError(progName, "Could not find: %s\n", name);
- return SECFailure;
- }
- chain = CERT_CertChainFromCert(the_cert, 0, PR_TRUE);
- CERT_DestroyCertificate(the_cert);
- if (!chain) {
- SECU_PrintError(progName, "Could not obtain chain for: %s\n", name);
- return SECFailure;
- }
- for (i=chain->len-1; i>=0; i--) {
- CERTCertificate *c;
- c = CERT_FindCertByDERCert(handle, &chain->certs[i]);
- for (j=i; j<chain->len-1; j++) printf(" ");
- printf("\"%s\" [%s]\n\n", c->nickname, c->subjectName);
- CERT_DestroyCertificate(c);
- }
- CERT_DestroyCertificateList(chain);
- return SECSuccess;
-}
-
-static SECStatus
-listCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
- PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg)
-{
- SECItem data;
- PRInt32 numBytes;
- SECStatus rv = SECFailure;
- CERTCertList *certs;
- CERTCertListNode *node;
-
- /* List certs on a non-internal slot. */
- if (!PK11_IsFriendly(slot) && PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, pwarg);
- if (name) {
- CERTCertificate *the_cert;
- the_cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!the_cert) {
- the_cert = PK11_FindCertFromNickname(name, NULL);
- if (!the_cert) {
- SECU_PrintError(progName, "Could not find: %s\n", name);
- return SECFailure;
- }
- }
- certs = CERT_CreateSubjectCertList(NULL, handle, &the_cert->derSubject,
- PR_Now(), PR_FALSE);
- CERT_DestroyCertificate(the_cert);
-
- for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs);
- node = CERT_LIST_NEXT(node)) {
- the_cert = node->cert;
- /* now get the subjectList that matches this cert */
- data.data = the_cert->derCert.data;
- data.len = the_cert->derCert.len;
- if (ascii) {
- PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER,
- BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER);
- rv = SECSuccess;
- } else if (raw) {
- numBytes = PR_Write(outfile, data.data, data.len);
- if (numBytes != data.len) {
- SECU_PrintSystemError(progName, "error writing raw cert");
- rv = SECFailure;
- }
- rv = SECSuccess;
- } else {
- rv = printCertCB(the_cert, the_cert->trust);
- }
- if (rv != SECSuccess) {
- break;
- }
- }
- } else {
-
- certs = PK11_ListCertsInSlot(slot);
- if (certs) {
- for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs);
- node = CERT_LIST_NEXT(node)) {
- SECU_PrintCertNickname(node->cert,stdout);
- }
- rv = SECSuccess;
- }
- }
- CERT_DestroyCertList(certs);
- if (rv) {
- SECU_PrintError(progName, "problem printing certificate nicknames");
- return SECFailure;
- }
-
- return SECSuccess; /* not rv ?? */
-}
-
-static SECStatus
-ListCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
- PRBool raw, PRBool ascii, PRFileDesc *outfile, secuPWData *pwdata)
-{
- SECStatus rv;
-
- if (slot == NULL) {
- CERTCertList *list;
- CERTCertListNode *node;
-
- list = PK11_ListCerts(PK11CertListUnique, pwdata);
- for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list);
- node = CERT_LIST_NEXT(node))
- {
- SECU_PrintCertNickname(node->cert, stdout);
- }
- CERT_DestroyCertList(list);
- return SECSuccess;
- } else {
- rv = listCerts(handle,name,slot,raw,ascii,outfile,pwdata);
- }
- return rv;
-}
-
-static SECStatus
-DeleteCert(CERTCertDBHandle *handle, char *name)
-{
- SECStatus rv;
- CERTCertificate *cert;
-
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- name);
- return SECFailure;
- }
-
- rv = SEC_DeletePermCertificate(cert);
- CERT_DestroyCertificate(cert);
- if (rv) {
- SECU_PrintError(progName, "unable to delete certificate");
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-ValidateCert(CERTCertDBHandle *handle, char *name, char *date,
- char *certUsage, PRBool checkSig, PRBool logit, secuPWData *pwdata)
-{
- SECStatus rv;
- CERTCertificate *cert = NULL;
- int64 timeBoundary;
- SECCertificateUsage usage;
- CERTVerifyLog reallog;
- CERTVerifyLog *log = NULL;
-
- switch (*certUsage) {
- case 'C':
- usage = certificateUsageSSLClient;
- break;
- case 'V':
- usage = certificateUsageSSLServer;
- break;
- case 'S':
- usage = certificateUsageEmailSigner;
- break;
- case 'R':
- usage = certificateUsageEmailRecipient;
- break;
- default:
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return (SECFailure);
- }
- do {
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- name);
- GEN_BREAK (SECFailure)
- }
-
- if (date != NULL) {
- rv = DER_AsciiToTime(&timeBoundary, date);
- if (rv) {
- SECU_PrintError(progName, "invalid input date");
- GEN_BREAK (SECFailure)
- }
- } else {
- timeBoundary = PR_Now();
- }
-
- if ( logit ) {
- log = &reallog;
-
- log->count = 0;
- log->head = NULL;
- log->tail = NULL;
- log->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( log->arena == NULL ) {
- SECU_PrintError(progName, "out of memory");
- GEN_BREAK (SECFailure)
- }
- }
-
- rv = CERT_VerifyCertificate(handle, cert, checkSig, usage,
- timeBoundary, pwdata, log, &usage);
- if ( log ) {
- if ( log->head == NULL ) {
- fprintf(stdout, "%s: certificate is valid\n", progName);
- GEN_BREAK (SECSuccess)
- } else {
- char *name;
- CERTVerifyLogNode *node;
-
- node = log->head;
- while ( node ) {
- if ( node->cert->nickname != NULL ) {
- name = node->cert->nickname;
- } else {
- name = node->cert->subjectName;
- }
- fprintf(stderr, "%s : %s\n", name,
- SECU_Strerror(node->error));
- CERT_DestroyCertificate(node->cert);
- node = node->next;
- }
- }
- } else {
- if (rv != SECSuccess) {
- PRErrorCode perr = PORT_GetError();
- fprintf(stdout, "%s: certificate is invalid: %s\n",
- progName, SECU_Strerror(perr));
- GEN_BREAK (SECFailure)
- }
- fprintf(stdout, "%s: certificate is valid\n", progName);
- GEN_BREAK (SECSuccess)
- }
- } while (0);
-
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
-
- return (rv);
-}
-
-
-static SECStatus
-printKeyCB(SECKEYPublicKey *key, SECItem *data, void *arg)
-{
- if (key->keyType == rsaKey) {
- fprintf(stdout, "RSA Public-Key:\n");
- SECU_PrintInteger(stdout, &key->u.rsa.modulus, "modulus", 1);
- } else {
- fprintf(stdout, "DSA Public-Key:\n");
- SECU_PrintInteger(stdout, &key->u.dsa.publicValue, "publicValue", 1);
- }
- return SECSuccess;
-}
-
-/* callback for listing certs through pkcs11 */
-static SECStatus
-secu_PrintKey(FILE *out, int count, SECKEYPrivateKey *key)
-{
- char *name;
-
- name = PK11_GetPrivateKeyNickname(key);
- if (name == NULL) {
- /* should look up associated cert */
- name = PORT_Strdup("< orphaned >");
- }
- fprintf(out, "<%d> %s\n", count, name);
- PORT_Free(name);
-
- return SECSuccess;
-}
-
-static SECStatus
-listKeys(PK11SlotInfo *slot, KeyType keyType, void *pwarg)
-{
- SECKEYPrivateKeyList *list;
- SECKEYPrivateKeyListNode *node;
- int count;
-
- if (PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, pwarg);
-
- list = PK11_ListPrivateKeysInSlot(slot);
- if (list == NULL) {
- SECU_PrintError(progName, "problem listing keys");
- return SECFailure;
- }
- for (count=0, node=PRIVKEY_LIST_HEAD(list) ; !PRIVKEY_LIST_END(node,list);
- node= PRIVKEY_LIST_NEXT(node),count++) {
- secu_PrintKey(stdout, count, node->key);
- }
- SECKEY_DestroyPrivateKeyList(list);
-
- if (count == 0) {
- fprintf(stderr, "%s: no keys found\n", progName);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-ListKeys(PK11SlotInfo *slot, char *keyname, int index,
- KeyType keyType, PRBool dopriv, secuPWData *pwdata)
-{
- SECStatus rv = SECSuccess;
-
- if (slot == NULL) {
- PK11SlotList *list;
- PK11SlotListElement *le;
-
- list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,pwdata);
- if (list) for (le = list->head; le; le = le->next) {
- rv = listKeys(le->slot,keyType,pwdata);
- }
- } else {
- rv = listKeys(slot,keyType,pwdata);
- }
- return rv;
-}
-
-static SECStatus
-DeleteKey(char *nickname, secuPWData *pwdata)
-{
- SECStatus rv;
- CERTCertificate *cert;
- PK11SlotInfo *slot;
-
- slot = PK11_GetInternalKeySlot();
- if (PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, pwdata);
- cert = PK11_FindCertFromNickname(nickname, pwdata);
- if (!cert) {
- PK11_FreeSlot(slot);
- return SECFailure;
- }
- rv = PK11_DeleteTokenCertAndKey(cert, pwdata);
- if (rv != SECSuccess) {
- SECU_PrintError("problem deleting private key \"%s\"\n", nickname);
- }
- CERT_DestroyCertificate(cert);
- PK11_FreeSlot(slot);
- return rv;
-}
-
-
-/*
- * L i s t M o d u l e s
- *
- * Print a list of the PKCS11 modules that are
- * available. This is useful for smartcard people to
- * make sure they have the drivers loaded.
- *
- */
-static SECStatus
-ListModules(void)
-{
- PK11SlotList *list;
- PK11SlotListElement *le;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,NULL);
- if (list == NULL) return SECFailure;
-
- /* look at each slot*/
- for (le = list->head ; le; le = le->next) {
- printf ("\n");
- printf (" slot: %s\n", PK11_GetSlotName(le->slot));
- printf (" token: %s\n", PK11_GetTokenName(le->slot));
- }
- PK11_FreeSlotList(list);
-
- return SECSuccess;
-}
-
-static void
-Usage(char *progName)
-{
-#define FPS fprintf(stderr,
- FPS "Type %s -H for more detailed descriptions\n", progName);
- FPS "Usage: %s -N [-d certdir] [-P dbprefix] [-f pwfile]\n", progName);
- FPS "Usage: %s -T [-d certdir] [-P dbprefix] [-h token-name] [-f pwfile]\n", progName);
- FPS "\t%s -A -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n",
- progName);
- FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n"
- "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
- "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-1] [-2] [-3] [-4] [-5]\n"
- "\t\t [-6] [-7 emailAddrs] [-8 dns-names]\n",
- progName);
- FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n",
- progName);
- FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n"
- "\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -G [-h token-name] -k dsa [-q pqgfile -g key-size] [-f pwfile]\n"
- "\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -K [-n key-name] [-h token-name] [-k dsa|rsa|all]\n",
- progName);
- FPS "\t\t [-f pwfile] [-X] [-d certdir] [-P dbprefix]\n");
- FPS "\t%s -L [-n cert-name] [-X] [-d certdir] [-P dbprefix] [-r] [-a]\n", progName);
- FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n",
- progName);
- FPS "\t%s -O -n cert-name [-X] [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n"
- "\t\t [-y emailAddrs] [-k key-type] [-h token-name] [-f pwfile] [-g key-size]\n",
- progName);
- FPS "\t%s -V -n cert-name -u usage [-b time] [-e] \n"
- "\t\t[-X] [-d certdir] [-P dbprefix]\n",
- progName);
- FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x] -t trustargs\n"
- "\t\t [-k key-type] [-h token-name] [-g key-size]\n"
- "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
- "\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"
- "\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6] [-7 emailAddrs]\n"
- "\t\t [-8 dns-names]\n",
- progName);
- FPS "\t%s -U [-X] [-d certdir] [-P dbprefix]\n", progName);
- exit(1);
-}
-
-static void LongUsage(char *progName)
-{
-
- FPS "%-15s Add a certificate to the database (create if needed)\n",
- "-A");
- FPS "%-15s Add an Email certificate to the database (create if needed)\n",
- "-E");
- FPS "%-20s Specify the nickname of the certificate to add\n",
- " -n cert-name");
- FPS "%-20s Set the certificate trust attributes:\n",
- " -t trustargs");
- FPS "%-25s p \t valid peer\n", "");
- FPS "%-25s P \t trusted peer (implies p)\n", "");
- FPS "%-25s c \t valid CA\n", "");
- FPS "%-25s T \t trusted CA to issue client certs (implies c)\n", "");
- FPS "%-25s C \t trusted CA to issue server certs (implies c)\n", "");
- FPS "%-25s u \t user cert\n", "");
- FPS "%-25s w \t send warning\n", "");
-#ifdef DEBUG_NSSTEAM_ONLY
- FPS "%-25s g \t make step-up cert\n", "");
-#endif /* DEBUG_NSSTEAM_ONLY */
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s The input certificate is encoded in ASCII (RFC1113)\n",
- " -a");
- FPS "%-20s Specify the certificate file (default is stdin)\n",
- " -i input");
- FPS "\n");
-
- FPS "%-15s Create a new binary certificate from a BINARY cert request\n",
- "-C");
- FPS "%-20s The nickname of the issuer cert\n",
- " -c issuer-name");
- FPS "%-20s The BINARY certificate request file\n",
- " -i cert-request ");
- FPS "%-20s Output binary cert to this file (default is stdout)\n",
- " -o output-cert");
- FPS "%-20s Self sign\n",
- " -x");
- FPS "%-20s Cert serial number\n",
- " -m serial-number");
- FPS "%-20s Time Warp\n",
- " -w warp-months");
- FPS "%-20s Months valid (default is 3)\n",
- " -v months-valid");
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Create key usage extension\n",
- " -1 ");
- FPS "%-20s Create basic constraint extension\n",
- " -2 ");
- FPS "%-20s Create authority key ID extension\n",
- " -3 ");
- FPS "%-20s Create crl distribution point extension\n",
- " -4 ");
- FPS "%-20s Create netscape cert type extension\n",
- " -5 ");
- FPS "%-20s Create extended key usage extension\n",
- " -6 ");
- FPS "%-20s Create an email subject alt name extension\n",
- " -7 ");
- FPS "%-20s Create an dns subject alt name extension\n",
- " -8 ");
- FPS "\n");
-
- FPS "%-15s Generate a new key pair\n",
- "-G");
- FPS "%-20s Name of token in which to generate key (default is internal)\n",
- " -h token-name");
- FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Key size in bits, (min %d, max %d, default %d)\n",
- " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
- FPS "%-20s Set the public exponent value (3, 17, 65537) (rsa only)\n",
- " -y exp");
- FPS "%-20s Specify the password file\n",
- " -f password-file");
- FPS "%-20s Specify the noise file to be used\n",
- " -z noisefile");
- FPS "%-20s read PQG value from pqgfile (dsa only)\n",
- " -q pqgfile");
- FPS "%-20s Key database directory (default is ~/.netscape)\n",
- " -d keydir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s Delete a certificate from the database\n",
- "-D");
- FPS "%-20s The nickname of the cert to delete\n",
- " -n cert-name");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s List all modules\n", /*, or print out a single named module\n",*/
- "-U");
- FPS "%-20s Module database directory (default is '~/.netscape')\n",
- " -d moddir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s force the database to open R/W\n",
- " -X");
- FPS "\n");
-
- FPS "%-15s List all keys\n", /*, or print out a single named key\n",*/
- "-K");
- FPS "%-20s Name of token in which to look for keys (default is internal,"
- " use \"all\" to list keys on all tokens)\n",
- " -h token-name ");
- FPS "%-20s Type of key pair to list (\"all\", \"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Specify the password file\n",
- " -f password-file");
- FPS "%-20s Key database directory (default is ~/.netscape)\n",
- " -d keydir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s force the database to open R/W\n",
- " -X");
- FPS "\n");
-
- FPS "%-15s List all certs, or print out a single named cert\n",
- "-L");
- FPS "%-20s Pretty print named cert (list all if unspecified)\n",
- " -n cert-name");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s force the database to open R/W\n",
- " -X");
- FPS "%-20s For single cert, print binary DER encoding\n",
- " -r");
- FPS "%-20s For single cert, print ASCII encoding (RFC1113)\n",
- " -a");
- FPS "\n");
-
- FPS "%-15s Modify trust attributes of certificate\n",
- "-M");
- FPS "%-20s The nickname of the cert to modify\n",
- " -n cert-name");
- FPS "%-20s Set the certificate trust attributes (see -A above)\n",
- " -t trustargs");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s Create a new certificate database\n",
- "-N");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
- FPS "%-15s Reset the Key database or token\n",
- "-T");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Token to reset (default is internal)\n",
- " -h token-name");
- FPS "\n");
-
- FPS "\n");
- FPS "%-15s Print the chain of a certificate\n",
- "-O");
- FPS "%-20s The nickname of the cert to modify\n",
- " -n cert-name");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s force the database to open R/W\n",
- " -X");
- FPS "\n");
-
- FPS "%-15s Generate a certificate request (stdout)\n",
- "-R");
- FPS "%-20s Specify the subject name (using RFC1485)\n",
- " -s subject");
- FPS "%-20s Output the cert request to this file\n",
- " -o output-req");
- FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Name of token in which to generate key (default is internal)\n",
- " -h token-name");
- FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n",
- " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Key database directory (default is ~/.netscape)\n",
- " -d keydir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
- " -p phone");
- FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n",
- " -a");
- FPS "\n");
-
- FPS "%-15s Validate a certificate\n",
- "-V");
- FPS "%-20s The nickname of the cert to Validate\n",
- " -n cert-name");
- FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n",
- " -b time");
- FPS "%-20s Check certificate signature \n",
- " -e ");
- FPS "%-20s Specify certificate usage:\n", " -u certusage");
- FPS "%-25s C \t SSL Client\n", "");
- FPS "%-25s V \t SSL Server\n", "");
- FPS "%-25s S \t Email signer\n", "");
- FPS "%-25s R \t Email Recipient\n", "");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s force the database to open R/W\n",
- " -X");
- FPS "\n");
-
- FPS "%-15s Make a certificate and add to database\n",
- "-S");
- FPS "%-20s Specify the nickname of the cert\n",
- " -n key-name");
- FPS "%-20s Specify the subject name (using RFC1485)\n",
- " -s subject");
- FPS "%-20s The nickname of the issuer cert\n",
- " -c issuer-name");
- FPS "%-20s Set the certificate trust attributes (see -A above)\n",
- " -t trustargs");
- FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Name of token in which to generate key (default is internal)\n",
- " -h token-name");
- FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n",
- " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
- FPS "%-20s Self sign\n",
- " -x");
- FPS "%-20s Cert serial number\n",
- " -m serial-number");
- FPS "%-20s Time Warp\n",
- " -w warp-months");
- FPS "%-20s Months valid (default is 3)\n",
- " -v months-valid");
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
- " -p phone");
- FPS "%-20s Create key usage extension\n",
- " -1 ");
- FPS "%-20s Create basic constraint extension\n",
- " -2 ");
- FPS "%-20s Create authority key ID extension\n",
- " -3 ");
- FPS "%-20s Create crl distribution point extension\n",
- " -4 ");
- FPS "%-20s Create netscape cert type extension\n",
- " -5 ");
- FPS "%-20s Create extended key usage extension\n",
- " -6 ");
- FPS "%-20s Create an email subject alt name extension\n",
- " -7 ");
- FPS "%-20s Create an dns subject alt name extension\n",
- " -8 ");
- FPS "\n");
-
- exit(1);
-#undef FPS
-}
-
-
-static CERTCertificate *
-MakeV1Cert( CERTCertDBHandle * handle,
- CERTCertificateRequest *req,
- char * issuerNickName,
- PRBool selfsign,
- unsigned int serialNumber,
- int warpmonths,
- int validitylength)
-{
- CERTCertificate *issuerCert = NULL;
- CERTValidity *validity;
- CERTCertificate *cert = NULL;
- PRExplodedTime printableTime;
- PRTime now, after;
-
- if ( !selfsign ) {
- issuerCert = CERT_FindCertByNicknameOrEmailAddr(handle, issuerNickName);
- if (!issuerCert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- issuerNickName);
- return NULL;
- }
- }
-
- now = PR_Now();
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
- if ( warpmonths ) {
- printableTime.tm_month += warpmonths;
- now = PR_ImplodeTime (&printableTime);
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
- }
- printableTime.tm_month += validitylength;
- printableTime.tm_month += 3;
- after = PR_ImplodeTime (&printableTime);
-
- /* note that the time is now in micro-second unit */
- validity = CERT_CreateValidity (now, after);
-
- cert = CERT_CreateCertificate(serialNumber,
- (selfsign ? &req->subject
- : &issuerCert->subject),
- validity, req);
-
- CERT_DestroyValidity(validity);
- if ( issuerCert ) {
- CERT_DestroyCertificate (issuerCert);
- }
-
- return(cert);
-}
-
-static SECStatus
-AddKeyUsage (void *extHandle)
-{
- SECItem bitStringValue;
- unsigned char keyUsage = 0x0;
- char buffer[5];
- int value;
-
- while (1) {
- fprintf(stdout, "%-25s 0 - Digital Signature\n", "");
- fprintf(stdout, "%-25s 1 - Non-repudiation\n", "");
- fprintf(stdout, "%-25s 2 - Key encipherment\n", "");
- fprintf(stdout, "%-25s 3 - Data encipherment\n", "");
- fprintf(stdout, "%-25s 4 - Key agreement\n", "");
- fprintf(stdout, "%-25s 5 - Cert signing key\n", "");
- fprintf(stdout, "%-25s 6 - CRL signing key\n", "");
- fprintf(stdout, "%-25s Other to finish\n", "");
- if (gets (buffer)) {
- value = atoi (buffer);
- if (value < 0 || value > 6)
- break;
- keyUsage |= (0x80 >> value);
- }
- else { /* gets() returns NULL on EOF or error */
- break;
- }
- }
-
- bitStringValue.data = &keyUsage;
- bitStringValue.len = 1;
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
- (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE));
-
-}
-
-
-static CERTOidSequence *
-CreateOidSequence(void)
-{
- CERTOidSequence *rv = (CERTOidSequence *)NULL;
- PRArenaPool *arena = (PRArenaPool *)NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( (PRArenaPool *)NULL == arena ) {
- goto loser;
- }
-
- rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
- if( (CERTOidSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
- if( (SECItem **)NULL == rv->oids ) {
- goto loser;
- }
-
- rv->arena = arena;
- return rv;
-
- loser:
- if( (PRArenaPool *)NULL != arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return (CERTOidSequence *)NULL;
-}
-
-static void
-DestroyOidSequence(CERTOidSequence *os)
-{
- if (os->arena) {
- PORT_FreeArena(os->arena, PR_FALSE);
- }
-}
-
-static SECStatus
-AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
-{
- SECItem **oids;
- PRUint32 count = 0;
- SECOidData *od;
-
- od = SECOID_FindOIDByTag(oidTag);
- if( (SECOidData *)NULL == od ) {
- return SECFailure;
- }
-
- for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
- count++;
- }
-
- /* ArenaZRealloc */
-
- {
- PRUint32 i;
-
- oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2));
- if( (SECItem **)NULL == oids ) {
- return SECFailure;
- }
-
- for( i = 0; i < count; i++ ) {
- oids[i] = os->oids[i];
- }
-
- /* ArenaZFree(os->oids); */
- }
-
- os->oids = oids;
- os->oids[count] = &od->oid;
-
- return SECSuccess;
-}
-
-SEC_ASN1_MKSUB(SEC_ObjectIDTemplate);
-
-const SEC_ASN1Template CERT_OidSeqTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN,
- offsetof(CERTOidSequence, oids),
- SEC_ASN1_SUB(SEC_ObjectIDTemplate) }
-};
-
-
-static SECItem *
-EncodeOidSequence(CERTOidSequence *os)
-{
- SECItem *rv;
-
- rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem));
- if( (SECItem *)NULL == rv ) {
- goto loser;
- }
-
- if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- return (SECItem *)NULL;
-}
-
-static SECStatus
-AddExtKeyUsage (void *extHandle)
-{
- char buffer[5];
- int value;
- CERTOidSequence *os;
- SECStatus rv;
- SECItem *item;
-
- os = CreateOidSequence();
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- while (1) {
- fprintf(stdout, "%-25s 0 - Server Auth\n", "");
- fprintf(stdout, "%-25s 1 - Client Auth\n", "");
- fprintf(stdout, "%-25s 2 - Code Signing\n", "");
- fprintf(stdout, "%-25s 3 - Email Protection\n", "");
- fprintf(stdout, "%-25s 4 - Timestamp\n", "");
- fprintf(stdout, "%-25s 5 - OCSP Responder\n", "");
-#ifdef DEBUG_NSSTEAM_ONLY
- fprintf(stdout, "%-25s 6 - Step-up\n", "");
-#endif /* DEBUG_NSSTEAM_ONLY */
- fprintf(stdout, "%-25s Other to finish\n", "");
-
- gets(buffer);
- value = atoi(buffer);
-
- switch( value ) {
- case 0:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH);
- break;
- case 1:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH);
- break;
- case 2:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN);
- break;
- case 3:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT);
- break;
- case 4:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP);
- break;
- case 5:
- rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER);
- break;
-#ifdef DEBUG_NSSTEAM_ONLY
- case 6:
- rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED);
- break;
-#endif /* DEBUG_NSSTEAM_ONLY */
- default:
- goto endloop;
- }
-
- if( SECSuccess != rv ) goto loser;
- }
-
- endloop:;
- item = EncodeOidSequence(os);
-
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item,
- ((buffer[0] == 'y' || buffer[0] == 'Y')
- ? PR_TRUE : PR_FALSE), PR_TRUE);
- /*FALLTHROUGH*/
- loser:
- DestroyOidSequence(os);
- return rv;
-}
-
-static SECStatus
-AddNscpCertType (void *extHandle)
-{
- SECItem bitStringValue;
- unsigned char keyUsage = 0x0;
- char buffer[5];
- int value;
-
- while (1) {
- fprintf(stdout, "%-25s 0 - SSL Client\n", "");
- fprintf(stdout, "%-25s 1 - SSL Server\n", "");
- fprintf(stdout, "%-25s 2 - S/MIME\n", "");
- fprintf(stdout, "%-25s 3 - Object Signing\n", "");
- fprintf(stdout, "%-25s 4 - Reserved for futuer use\n", "");
- fprintf(stdout, "%-25s 5 - SSL CA\n", "");
- fprintf(stdout, "%-25s 6 - S/MIME CA\n", "");
- fprintf(stdout, "%-25s 7 - Object Signing CA\n", "");
- fprintf(stdout, "%-25s Other to finish\n", "");
- gets (buffer);
- value = atoi (buffer);
- if (value < 0 || value > 7)
- break;
- keyUsage |= (0x80 >> value);
- }
-
- bitStringValue.data = &keyUsage;
- bitStringValue.len = 1;
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
- (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE));
-
-}
-
-static SECStatus
-AddSubjectAltNames(void *extHandle, const char *names, CERTGeneralNameType type)
-{
- SECItem item = { 0, NULL, 0 };
- CERTGeneralName *nameList = NULL;
- CERTGeneralName *current = NULL;
- PRCList *prev = NULL;
- PRArenaPool *arena;
- const char *cp;
- char *tbuf;
- SECStatus rv = SECSuccess;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return SECFailure;
- }
-
- /*
- * walk down the comma separated list of names. NOTE: there is
- * no sanity checks to see if the email address look like email addresses.
- */
- for (cp=names; cp; cp = PORT_Strchr(cp,',')) {
- int len;
- char *end;
-
- if (*cp == ',') {
- cp++;
- }
- end = PORT_Strchr(cp,',');
- len = end ? end-cp : PORT_Strlen(cp);
- if (len <= 0) {
- continue;
- }
- tbuf = PORT_ArenaAlloc(arena,len+1);
- PORT_Memcpy(tbuf,cp,len);
- tbuf[len] = 0;
- current = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName));
- if (!current) {
- rv = SECFailure;
- break;
- }
- if (prev) {
- current->l.prev = prev;
- prev->next = &(current->l);
- } else {
- nameList = current;
- }
- current->type = type;
- current->type = certRFC822Name;
- current->name.other.data = (unsigned char *)tbuf;
- current->name.other.len = PORT_Strlen(tbuf);
- prev = &(current->l);
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- /* no email address */
- if (!nameList) {
- /*rv=SECSuccess; We know rv is SECSuccess because of the previous if*/
- goto done;
- }
- nameList->l.prev = prev;
- current->l.next = &(nameList->l);
-
- CERT_EncodeAltNameExtension(arena, nameList, &item);
- rv = CERT_AddExtension (extHandle, SEC_OID_X509_SUBJECT_ALT_NAME, &item,
- PR_FALSE, PR_TRUE);
-done:
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-
-}
-
-static SECStatus
-AddEmailSubjectAlt(void *extHandle, const char *emailAddrs)
-{
- return AddSubjectAltNames(extHandle, emailAddrs, certRFC822Name);
-}
-
-static SECStatus
-AddDNSSubjectAlt(void *extHandle, const char *dnsNames)
-{
- return AddSubjectAltNames(extHandle, dnsNames, certDNSName);
-}
-
-
-typedef SECStatus (* EXTEN_VALUE_ENCODER)
- (PRArenaPool *extHandle, void *value, SECItem *encodedValue);
-
-static SECStatus
-EncodeAndAddExtensionValue(
- PRArenaPool * arena,
- void * extHandle,
- void * value,
- PRBool criticality,
- int extenType,
- EXTEN_VALUE_ENCODER EncodeValueFn)
-{
- SECItem encodedValue;
- SECStatus rv;
-
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- do {
- rv = (*EncodeValueFn)(arena, value, &encodedValue);
- if (rv != SECSuccess)
- break;
-
- rv = CERT_AddExtension
- (extHandle, extenType, &encodedValue, criticality,PR_TRUE);
- } while (0);
-
- return (rv);
-}
-
-static SECStatus
-AddBasicConstraint(void *extHandle)
-{
- CERTBasicConstraints basicConstraint;
- SECItem encodedValue;
- SECStatus rv;
- char buffer[10];
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- do {
- basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- puts ("Is this a CA certificate [y/n]?");
- gets (buffer);
- basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ?
- PR_TRUE : PR_FALSE;
-
- puts ("Enter the path length constraint, enter to skip [<0 for unlimited path]:");
- gets (buffer);
- if (PORT_Strlen (buffer) > 0)
- basicConstraint.pathLenConstraint = atoi (buffer);
-
- rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, &encodedValue);
- if (rv)
- return (rv);
-
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
- rv = CERT_AddExtension
- (extHandle, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedValue, (buffer[0] == 'y' || buffer[0] == 'Y') ?
- PR_TRUE : PR_FALSE ,PR_TRUE);
- } while (0);
- PORT_Free (encodedValue.data);
- return (rv);
-}
-
-static SECItem *
-SignCert(CERTCertDBHandle *handle, CERTCertificate *cert, PRBool selfsign,
- SECOidTag hashAlgTag,
- SECKEYPrivateKey *privKey, char *issuerNickName, void *pwarg)
-{
- SECItem der;
- SECItem *result = NULL;
- SECKEYPrivateKey *caPrivateKey = NULL;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag algID;
- void *dummy;
-
- if( !selfsign ) {
- CERTCertificate *issuer = PK11_FindCertFromNickname(issuerNickName, pwarg);
- if( (CERTCertificate *)NULL == issuer ) {
- SECU_PrintError(progName, "unable to find issuer with nickname %s",
- issuerNickName);
- return (SECItem *)NULL;
- }
-
- privKey = caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg);
- CERT_DestroyCertificate(issuer);
- if (caPrivateKey == NULL) {
- SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName);
- return NULL;
- }
- }
-
- arena = cert->arena;
-
- algID = getSignatureOidTag(privKey->keyType, hashAlgTag);
- if (algID == SEC_OID_UNKNOWN) {
- fprintf(stderr, "Unknown key or hash type for issuer.");
- goto done;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0);
- if (rv != SECSuccess) {
- fprintf(stderr, "Could not set signature algorithm id.");
- goto done;
- }
-
- /* we only deal with cert v3 here */
- *(cert->version.data) = 2;
- cert->version.len = 1;
-
- der.len = 0;
- der.data = NULL;
- dummy = SEC_ASN1EncodeItem (arena, &der, cert,
- SEC_ASN1_GET(CERT_CertificateTemplate));
- if (!dummy) {
- fprintf (stderr, "Could not encode certificate.\n");
- goto done;
- }
-
- result = (SECItem *) PORT_ArenaZAlloc (arena, sizeof (SECItem));
- if (result == NULL) {
- fprintf (stderr, "Could not allocate item for certificate data.\n");
- goto done;
- }
-
- rv = SEC_DerSignData(arena, result, der.data, der.len, privKey, algID);
- if (rv != SECSuccess) {
- fprintf (stderr, "Could not sign encoded certificate data.\n");
- PORT_Free(result);
- result = NULL;
- goto done;
- }
- cert->derCert = *result;
-done:
- if (caPrivateKey) {
- SECKEY_DestroyPrivateKey(caPrivateKey);
- }
- return result;
-}
-
-static SECStatus
-AddAuthKeyID (void *extHandle)
-{
- CERTAuthKeyID *authKeyID = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv = SECSuccess;
- char buffer[512];
-
- do {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- SECU_PrintError(progName, "out of memory");
- GEN_BREAK (SECFailure);
- }
-
- if (GetYesNo ("Enter value for the authKeyID extension [y/n]?\n") == 0)
- break;
-
- authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID));
- if (authKeyID == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- rv = GetString (arena, "Enter value for the key identifier fields, enter to omit:",
- &authKeyID->keyID);
- if (rv != SECSuccess)
- break;
- authKeyID->authCertIssuer = GetGeneralName (arena);
- if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError ())
- break;
-
-
- rv = GetString (arena, "Enter value for the authCertSerial field, enter to omit:",
- &authKeyID->authCertSerialNumber);
-
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- rv = EncodeAndAddExtensionValue
- (arena, extHandle, authKeyID,
- (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE,
- SEC_OID_X509_AUTH_KEY_ID,
- (EXTEN_VALUE_ENCODER) CERT_EncodeAuthKeyID);
- if (rv)
- break;
-
- } while (0);
- if (arena)
- PORT_FreeArena (arena, PR_FALSE);
- return (rv);
-}
-
-static SECStatus
-AddCrlDistPoint(void *extHandle)
-{
- PRArenaPool *arena = NULL;
- CERTCrlDistributionPoints *crlDistPoints = NULL;
- CRLDistributionPoint *current;
- SECStatus rv = SECSuccess;
- int count = 0, intValue;
- char buffer[5];
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena )
- return (SECFailure);
-
- do {
- current = NULL;
- current = PORT_ArenaZAlloc (arena, sizeof (*current));
- if (current == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- /* Get the distributionPointName fields - this field is optional */
- puts ("Enter the type of the distribution point name:\n");
- puts ("\t1 - Full Name\n\t2 - Relative Name\n\tOther - omit\n\t\tChoice: ");
- scanf ("%d", &intValue);
- switch (intValue) {
- case generalName:
- current->distPointType = intValue;
- current->distPoint.fullName = GetGeneralName (arena);
- rv = PORT_GetError();
- break;
-
- case relativeDistinguishedName: {
- CERTName *name;
- char buffer[512];
-
- current->distPointType = intValue;
- puts ("Enter the relative name: ");
- fflush (stdout);
- gets (buffer);
- /* For simplicity, use CERT_AsciiToName to converse from a string
- to NAME, but we only interest in the first RDN */
- name = CERT_AsciiToName (buffer);
- if (!name) {
- GEN_BREAK (SECFailure);
- }
- rv = CERT_CopyRDN (arena, &current->distPoint.relativeName, name->rdns[0]);
- CERT_DestroyName (name);
- break;
- }
- }
- if (rv != SECSuccess)
- break;
-
- /* Get the reason flags */
- puts ("\nSelect one of the following for the reason flags\n");
- puts ("\t0 - unused\n\t1 - keyCompromise\n\t2 - caCompromise\n\t3 - affiliationChanged\n");
- puts ("\t4 - superseded\n\t5 - cessationOfOperation\n\t6 - certificateHold\n");
- puts ("\tother - omit\t\tChoice: ");
-
- scanf ("%d", &intValue);
- if (intValue >= 0 && intValue <8) {
- current->reasons.data = PORT_ArenaAlloc (arena, sizeof(char));
- if (current->reasons.data == NULL) {
- GEN_BREAK (SECFailure);
- }
- *current->reasons.data = (char)(0x80 >> intValue);
- current->reasons.len = 1;
- }
- puts ("Enter value for the CRL Issuer name:\n");
- current->crlIssuer = GetGeneralName (arena);
- if (current->crlIssuer == NULL && (rv = PORT_GetError()) == SECFailure)
- break;
-
- if (crlDistPoints == NULL) {
- crlDistPoints = PORT_ArenaZAlloc (arena, sizeof (*crlDistPoints));
- if (crlDistPoints == NULL) {
- GEN_BREAK (SECFailure);
- }
- }
-
- crlDistPoints->distPoints = PORT_ArenaGrow (arena,
- crlDistPoints->distPoints,
- sizeof (*crlDistPoints->distPoints) * count,
- sizeof (*crlDistPoints->distPoints) *(count + 1));
- if (crlDistPoints->distPoints == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- crlDistPoints->distPoints[count] = current;
- ++count;
- if (GetYesNo ("Enter more value for the CRL distribution point extension [y/n]\n") == 0) {
- /* Add null to the end of the crlDistPoints to mark end of data */
- crlDistPoints->distPoints = PORT_ArenaGrow(arena,
- crlDistPoints->distPoints,
- sizeof (*crlDistPoints->distPoints) * count,
- sizeof (*crlDistPoints->distPoints) *(count + 1));
- crlDistPoints->distPoints[count] = NULL;
- break;
- }
-
-
- } while (1);
-
- if (rv == SECSuccess) {
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- rv = EncodeAndAddExtensionValue(arena, extHandle, crlDistPoints,
- (buffer[0] == 'Y' || buffer[0] == 'y') ? PR_TRUE : PR_FALSE,
- SEC_OID_X509_CRL_DIST_POINTS,
- (EXTEN_VALUE_ENCODER) CERT_EncodeCRLDistributionPoints);
- }
- if (arena)
- PORT_FreeArena (arena, PR_FALSE);
- return (rv);
-}
-
-static SECStatus
-CreateCert(
- CERTCertDBHandle *handle,
- char * issuerNickName,
- PRFileDesc *inFile,
- PRFileDesc *outFile,
- SECKEYPrivateKey *selfsignprivkey,
- void *pwarg,
- SECOidTag hashAlgTag,
- unsigned int serialNumber,
- int warpmonths,
- int validitylength,
- const char *emailAddrs,
- const char *dnsNames,
- PRBool ascii,
- PRBool selfsign,
- PRBool keyUsage,
- PRBool extKeyUsage,
- PRBool basicConstraint,
- PRBool authKeyID,
- PRBool crlDistPoints,
- PRBool nscpCertType)
-{
- void * extHandle;
- SECItem * certDER;
- PRArenaPool *arena = NULL;
- CERTCertificate *subjectCert = NULL;
- CERTCertificateRequest *certReq = NULL;
- SECStatus rv = SECSuccess;
- SECItem reqDER;
-
- reqDER.data = NULL;
- do {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- GEN_BREAK (SECFailure);
- }
-
- /* Create a certrequest object from the input cert request der */
- certReq = GetCertRequest(inFile, ascii);
- if (certReq == NULL) {
- GEN_BREAK (SECFailure)
- }
-
- subjectCert = MakeV1Cert (handle, certReq, issuerNickName, selfsign,
- serialNumber, warpmonths, validitylength);
- if (subjectCert == NULL) {
- GEN_BREAK (SECFailure)
- }
-
- extHandle = CERT_StartCertExtensions (subjectCert);
- if (extHandle == NULL) {
- GEN_BREAK (SECFailure)
- }
-
- /* Add key usage extension */
- if (keyUsage) {
- rv = AddKeyUsage(extHandle);
- if (rv)
- break;
- }
-
- /* Add extended key usage extension */
- if (extKeyUsage) {
- rv = AddExtKeyUsage(extHandle);
- if (rv)
- break;
- }
-
- /* Add basic constraint extension */
- if (basicConstraint) {
- rv = AddBasicConstraint(extHandle);
- if (rv)
- break;
- }
-
- if (authKeyID) {
- rv = AddAuthKeyID (extHandle);
- if (rv)
- break;
- }
-
-
- if (crlDistPoints) {
- rv = AddCrlDistPoint (extHandle);
- if (rv)
- break;
- }
-
- if (nscpCertType) {
- rv = AddNscpCertType(extHandle);
- if (rv)
- break;
- }
-
- if (emailAddrs != NULL) {
- rv = AddEmailSubjectAlt(extHandle,emailAddrs);
- if (rv)
- break;
- }
-
- if (dnsNames != NULL) {
- rv = AddDNSSubjectAlt(extHandle,dnsNames);
- if (rv)
- break;
- }
-
- CERT_FinishExtensions(extHandle);
-
- certDER = SignCert(handle, subjectCert, selfsign, hashAlgTag,
- selfsignprivkey, issuerNickName,pwarg);
-
- if (certDER) {
- if (ascii) {
- PR_fprintf(outFile, "%s\n%s\n%s\n", NS_CERT_HEADER,
- BTOA_DataToAscii(certDER->data, certDER->len),
- NS_CERT_TRAILER);
- } else {
- PR_Write(outFile, certDER->data, certDER->len);
- }
- }
-
- } while (0);
- CERT_DestroyCertificateRequest (certReq);
- CERT_DestroyCertificate (subjectCert);
- PORT_FreeArena (arena, PR_FALSE);
- if (rv != SECSuccess) {
- PRErrorCode perr = PR_GetError();
- fprintf(stderr, "%s: unable to create cert (%s)\n", progName,
- SECU_Strerror(perr));
- }
- return (rv);
-}
-
-/* Certutil commands */
-enum {
- cmd_AddCert = 0,
- cmd_CreateNewCert,
- cmd_DeleteCert,
- cmd_AddEmailCert,
- cmd_DeleteKey,
- cmd_GenKeyPair,
- cmd_PrintHelp,
- cmd_ListKeys,
- cmd_ListCerts,
- cmd_ModifyCertTrust,
- cmd_NewDBs,
- cmd_DumpChain,
- cmd_CertReq,
- cmd_CreateAndAddCert,
- cmd_TokenReset,
- cmd_ListModules,
- cmd_CheckCertValidity,
- cmd_ChangePassword,
- cmd_Version
-};
-
-/* Certutil options */
-enum {
- opt_SSOPass = 0,
- opt_AddKeyUsageExt,
- opt_AddBasicConstraintExt,
- opt_AddAuthorityKeyIDExt,
- opt_AddCRLDistPtsExt,
- opt_AddNSCertTypeExt,
- opt_AddExtKeyUsageExt,
- opt_ExtendedEmailAddrs,
- opt_ExtendedDNSNames,
- opt_ASCIIForIO,
- opt_ValidityTime,
- opt_IssuerName,
- opt_CertDir,
- opt_VerifySig,
- opt_PasswordFile,
- opt_KeySize,
- opt_TokenName,
- opt_InputFile,
- opt_KeyIndex,
- opt_KeyType,
- opt_DetailedInfo,
- opt_SerialNumber,
- opt_Nickname,
- opt_OutputFile,
- opt_PhoneNumber,
- opt_DBPrefix,
- opt_PQGFile,
- opt_BinaryDER,
- opt_Subject,
- opt_Trust,
- opt_Usage,
- opt_Validity,
- opt_OffsetMonths,
- opt_SelfSign,
- opt_RW,
- opt_Exponent,
- opt_NoiseFile,
- opt_Hash
-};
-
-static secuCommandFlag certutil_commands[] =
-{
- { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE },
- { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE },
- { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE },
- { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DumpChain */ 'O', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_TokenReset */ 'T', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag certutil_options[] =
-{
- { /* opt_SSOPass */ '0', PR_TRUE, 0, PR_FALSE },
- { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE },
- { /* opt_ExtendedEmailAddrs */ '7', PR_TRUE, 0, PR_FALSE },
- { /* opt_ExtendedDNSNames */ '8', PR_TRUE, 0, PR_FALSE },
- { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE },
- { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE },
- { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE },
- { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE },
- { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE },
- { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE },
- { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE },
- { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE },
- { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE },
- { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE },
- { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE },
- { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE },
- { /* opt_RW */ 'X', PR_FALSE, 0, PR_FALSE },
- { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE },
- { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE },
- { /* opt_Hash */ 'Z', PR_TRUE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- CERTCertDBHandle *certHandle;
- PK11SlotInfo *slot = NULL;
- CERTName * subject = 0;
- PRFileDesc *inFile = PR_STDIN;
- PRFileDesc *outFile = 0;
- char * certfile = "tempcert";
- char * certreqfile = "tempcertreq";
- char * slotname = "internal";
- char * certPrefix = "";
- KeyType keytype = rsaKey;
- char * name = NULL;
- SECOidTag hashAlgTag = SEC_OID_UNKNOWN;
- int keysize = DEFAULT_KEY_BITS;
- int publicExponent = 0x010001;
- unsigned int serialNumber = 0;
- int warpmonths = 0;
- int validitylength = 0;
- int commandsEntered = 0;
- char commandToRun = '\0';
- secuPWData pwdata = { PW_NONE, 0 };
- PRBool readOnly = PR_FALSE;
-
- SECKEYPrivateKey *privkey = NULL;
- SECKEYPublicKey *pubkey = NULL;
-
- int i;
- SECStatus rv;
-
- secuCommand certutil;
- certutil.numCommands = sizeof(certutil_commands) / sizeof(secuCommandFlag);
- certutil.numOptions = sizeof(certutil_options) / sizeof(secuCommandFlag);
- certutil.commands = certutil_commands;
- certutil.options = certutil_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &certutil);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (certutil.commands[cmd_PrintHelp].activated)
- LongUsage(progName);
-
- if (certutil.options[opt_PasswordFile].arg) {
- pwdata.source = PW_FROMFILE;
- pwdata.data = certutil.options[opt_PasswordFile].arg;
- }
-
- if (certutil.options[opt_CertDir].activated)
- SECU_ConfigDirectory(certutil.options[opt_CertDir].arg);
-
- if (certutil.options[opt_KeySize].activated) {
- keysize = PORT_Atoi(certutil.options[opt_KeySize].arg);
- if ((keysize < MIN_KEY_BITS) || (keysize > MAX_KEY_BITS)) {
- PR_fprintf(PR_STDERR,
- "%s -g: Keysize must be between %d and %d.\n",
- MIN_KEY_BITS, MAX_KEY_BITS);
- return 255;
- }
- }
-
- /* -h specify token name */
- if (certutil.options[opt_TokenName].activated) {
- if (PL_strcmp(certutil.options[opt_TokenName].arg, "all") == 0)
- slotname = NULL;
- else
- slotname = PL_strdup(certutil.options[opt_TokenName].arg);
- }
-
- /* -Z hash type */
- if (certutil.options[opt_Hash].activated) {
- char * arg = certutil.options[opt_Hash].arg;
- if (!PL_strcmp(arg, "MD2")) {
- hashAlgTag = SEC_OID_MD2;
- } else if (!PL_strcmp(arg, "MD4")) {
- hashAlgTag = SEC_OID_MD4;
- } else if (!PL_strcmp(arg, "MD5")) {
- hashAlgTag = SEC_OID_MD5;
- } else if (!PL_strcmp(arg, "SHA1")) {
- hashAlgTag = SEC_OID_SHA1;
- } else if (!PL_strcmp(arg, "SHA256")) {
- hashAlgTag = SEC_OID_SHA256;
- } else if (!PL_strcmp(arg, "SHA384")) {
- hashAlgTag = SEC_OID_SHA384;
- } else if (!PL_strcmp(arg, "SHA512")) {
- hashAlgTag = SEC_OID_SHA512;
- } else {
- PR_fprintf(PR_STDERR, "%s -Z: %s is not a recognized type.\n",
- progName, arg);
- return 255;
- }
- }
-
- /* -k key type */
- if (certutil.options[opt_KeyType].activated) {
- char * arg = certutil.options[opt_KeyType].arg;
- if (PL_strcmp(arg, "rsa") == 0) {
- keytype = rsaKey;
- } else if (PL_strcmp(arg, "dsa") == 0) {
- keytype = dsaKey;
- } else if (PL_strcmp(arg, "all") == 0) {
- keytype = nullKey;
- } else {
- PR_fprintf(PR_STDERR, "%s -k: %s is not a recognized type.\n",
- progName, arg);
- return 255;
- }
- }
-
- /* -m serial number */
- if (certutil.options[opt_SerialNumber].activated) {
- int sn = PORT_Atoi(certutil.options[opt_SerialNumber].arg);
- if (sn < 0) {
- PR_fprintf(PR_STDERR, "%s -m: %s is not a valid serial number.\n",
- progName, certutil.options[opt_SerialNumber].arg);
- return 255;
- }
- serialNumber = sn;
- }
-
- /* -P certdb name prefix */
- if (certutil.options[opt_DBPrefix].activated)
- certPrefix = strdup(certutil.options[opt_DBPrefix].arg);
-
- /* -q PQG file */
- if (certutil.options[opt_PQGFile].activated) {
- if (keytype != dsaKey) {
- PR_fprintf(PR_STDERR, "%s -q: PQG file is for DSA key (-k dsa).\n)",
- progName);
- return 255;
- }
- }
-
- /* -s subject name */
- if (certutil.options[opt_Subject].activated) {
- subject = CERT_AsciiToName(certutil.options[opt_Subject].arg);
- if (!subject) {
- PR_fprintf(PR_STDERR, "%s -s: improperly formatted name: \"%s\"\n",
- progName, certutil.options[opt_Subject].arg);
- return 255;
- }
- }
-
- /* -v validity period */
- if (certutil.options[opt_Validity].activated) {
- validitylength = PORT_Atoi(certutil.options[opt_Validity].arg);
- if (validitylength < 0) {
- PR_fprintf(PR_STDERR, "%s -v: incorrect validity period: \"%s\"\n",
- progName, certutil.options[opt_Validity].arg);
- return 255;
- }
- }
-
- /* -w warp months */
- if (certutil.options[opt_OffsetMonths].activated)
- warpmonths = PORT_Atoi(certutil.options[opt_OffsetMonths].arg);
-
- /* -y public exponent (for RSA) */
- if (certutil.options[opt_Exponent].activated) {
- publicExponent = PORT_Atoi(certutil.options[opt_Exponent].arg);
- if ((publicExponent != 3) &&
- (publicExponent != 17) &&
- (publicExponent != 65537)) {
- PR_fprintf(PR_STDERR, "%s -y: incorrect public exponent %d.",
- progName, publicExponent);
- PR_fprintf(PR_STDERR, "Must be 3, 17, or 65537.\n");
- return 255;
- }
- }
-
- /* Check number of commands entered. */
- commandsEntered = 0;
- for (i=0; i< certutil.numCommands; i++) {
- if (certutil.commands[i].activated) {
- commandToRun = certutil.commands[i].flag;
- commandsEntered++;
- }
- if (commandsEntered > 1)
- break;
- }
- if (commandsEntered > 1) {
- PR_fprintf(PR_STDERR, "%s: only one command at a time!\n", progName);
- PR_fprintf(PR_STDERR, "You entered: ");
- for (i=0; i< certutil.numCommands; i++) {
- if (certutil.commands[i].activated)
- PR_fprintf(PR_STDERR, " -%c", certutil.commands[i].flag);
- }
- PR_fprintf(PR_STDERR, "\n");
- return 255;
- }
- if (commandsEntered == 0) {
- PR_fprintf(PR_STDERR, "%s: you must enter a command!\n", progName);
- Usage(progName);
- }
-
- if (certutil.commands[cmd_ListCerts].activated ||
- certutil.commands[cmd_PrintHelp].activated ||
- certutil.commands[cmd_ListKeys].activated ||
- certutil.commands[cmd_ListModules].activated ||
- certutil.commands[cmd_CheckCertValidity].activated ||
- certutil.commands[cmd_Version].activated ) {
- readOnly = !certutil.options[opt_RW].activated;
- }
-
- /* -A, -D, -F, -M, -S, -V, and all require -n */
- if ((certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_DeleteCert].activated ||
- certutil.commands[cmd_DeleteKey].activated ||
- certutil.commands[cmd_ModifyCertTrust].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_CheckCertValidity].activated) &&
- !certutil.options[opt_Nickname].activated) {
- PR_fprintf(PR_STDERR,
- "%s -%c: nickname is required for this command (-n).\n",
- progName, commandToRun);
- return 255;
- }
-
- /* -A, -E, -M, -S require trust */
- if ((certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_AddEmailCert].activated ||
- certutil.commands[cmd_ModifyCertTrust].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated) &&
- !certutil.options[opt_Trust].activated) {
- PR_fprintf(PR_STDERR,
- "%s -%c: trust is required for this command (-t).\n",
- progName, commandToRun);
- return 255;
- }
-
- /* if -L is given raw or ascii mode, it must be for only one cert. */
- if (certutil.commands[cmd_ListCerts].activated &&
- (certutil.options[opt_ASCIIForIO].activated ||
- certutil.options[opt_BinaryDER].activated) &&
- !certutil.options[opt_Nickname].activated) {
- PR_fprintf(PR_STDERR,
- "%s: nickname is required to dump cert in raw or ascii mode.\n",
- progName);
- return 255;
- }
-
- /* -L can only be in (raw || ascii). */
- if (certutil.commands[cmd_ListCerts].activated &&
- certutil.options[opt_ASCIIForIO].activated &&
- certutil.options[opt_BinaryDER].activated) {
- PR_fprintf(PR_STDERR,
- "%s: cannot specify both -r and -a when dumping cert.\n",
- progName);
- return 255;
- }
-
- /* For now, deny -C -x combination */
- if (certutil.commands[cmd_CreateNewCert].activated &&
- certutil.options[opt_SelfSign].activated) {
- PR_fprintf(PR_STDERR,
- "%s: self-signing a cert request is not supported.\n",
- progName);
- return 255;
- }
-
- /* If making a cert request, need a subject. */
- if ((certutil.commands[cmd_CertReq].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated) &&
- !certutil.options[opt_Subject].activated) {
- PR_fprintf(PR_STDERR,
- "%s -%c: subject is required to create a cert request.\n",
- progName, commandToRun);
- return 255;
- }
-
- /* If making a cert, need a serial number. */
- if ((certutil.commands[cmd_CreateNewCert].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated) &&
- !certutil.options[opt_SerialNumber].activated) {
- /* Make a default serial number from the current time. */
- PRTime now = PR_Now();
- LL_USHR(now, now, 19);
- LL_L2UI(serialNumber, now);
- }
-
- /* Validation needs the usage to validate for. */
- if (certutil.commands[cmd_CheckCertValidity].activated &&
- !certutil.options[opt_Usage].activated) {
- PR_fprintf(PR_STDERR,
- "%s -V: specify a usage to validate the cert for (-u).\n",
- progName);
- return 255;
- }
-
- /* To make a cert, need either a issuer or to self-sign it. */
- if (certutil.commands[cmd_CreateAndAddCert].activated &&
- !(certutil.options[opt_IssuerName].activated ||
- certutil.options[opt_SelfSign].activated)) {
- PR_fprintf(PR_STDERR,
- "%s -S: must specify issuer (-c) or self-sign (-x).\n",
- progName);
- return 255;
- }
-
- /* Using slotname == NULL for listing keys and certs on all slots,
- * but only that. */
- if (!(certutil.commands[cmd_ListKeys].activated ||
- certutil.commands[cmd_DumpChain].activated ||
- certutil.commands[cmd_ListCerts].activated) && slotname == NULL) {
- PR_fprintf(PR_STDERR,
- "%s -%c: cannot use \"-h all\" for this command.\n",
- progName, commandToRun);
- return 255;
- }
-
- /* Using keytype == nullKey for list all key types, but only that. */
- if (!certutil.commands[cmd_ListKeys].activated && keytype == nullKey) {
- PR_fprintf(PR_STDERR,
- "%s -%c: cannot use \"-k all\" for this command.\n",
- progName, commandToRun);
- return 255;
- }
-
- /* -S open outFile, temporary file for cert request. */
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- outFile = PR_Open(certreqfile, PR_RDWR | PR_CREATE_FILE, 00660);
- if (!outFile) {
- PR_fprintf(PR_STDERR,
- "%s -o: unable to open \"%s\" for writing (%ld, %ld)\n",
- progName, certreqfile,
- PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- /* Open the input file. */
- if (certutil.options[opt_InputFile].activated) {
- inFile = PR_Open(certutil.options[opt_InputFile].arg, PR_RDONLY, 0);
- if (!inFile) {
- PR_fprintf(PR_STDERR,
- "%s: unable to open \"%s\" for reading (%ld, %ld).\n",
- progName, certutil.options[opt_InputFile].arg,
- PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- /* Open the output file. */
- if (certutil.options[opt_OutputFile].activated && !outFile) {
- outFile = PR_Open(certutil.options[opt_OutputFile].arg,
- PR_CREATE_FILE | PR_RDWR, 00660);
- if (!outFile) {
- PR_fprintf(PR_STDERR,
- "%s: unable to open \"%s\" for writing (%ld, %ld).\n",
- progName, certutil.options[opt_OutputFile].arg,
- PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- name = SECU_GetOptionArg(&certutil, opt_Nickname);
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- /* Initialize NSPR and NSS. */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix,
- "secmod.db", readOnly ? NSS_INIT_READONLY: 0);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- rv = SECFailure;
- goto shutdown;
- }
- certHandle = CERT_GetDefaultCertDB();
-
- if (certutil.commands[cmd_Version].activated) {
- int version = CERT_GetDBContentVersion(certHandle);
- printf("Certificate database content version: %d\n", version);
- }
-
- if (PL_strcmp(slotname, "internal") == 0)
- slot = PK11_GetInternalKeySlot();
- else if (slotname != NULL)
- slot = PK11_FindSlotByName(slotname);
-
- /* If creating new database, initialize the password. */
- if (certutil.commands[cmd_NewDBs].activated) {
- SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg);
- }
-
- /* The following 8 options are mutually exclusive with all others. */
-
- /* List certs (-L) */
- if (certutil.commands[cmd_ListCerts].activated) {
- rv = ListCerts(certHandle, name, slot,
- certutil.options[opt_BinaryDER].activated,
- certutil.options[opt_ASCIIForIO].activated,
- (outFile) ? outFile : PR_STDOUT, &pwdata);
- goto shutdown;
- }
- if (certutil.commands[cmd_DumpChain].activated) {
- rv = DumpChain(certHandle, name);
- goto shutdown;
- }
- /* XXX needs work */
- /* List keys (-K) */
- if (certutil.commands[cmd_ListKeys].activated) {
- rv = ListKeys(slot, name, 0 /*keyindex*/, keytype, PR_FALSE /*dopriv*/,
- &pwdata);
- goto shutdown;
- }
- /* List modules (-U) */
- if (certutil.commands[cmd_ListModules].activated) {
- rv = ListModules();
- goto shutdown;
- }
- /* Delete cert (-D) */
- if (certutil.commands[cmd_DeleteCert].activated) {
- rv = DeleteCert(certHandle, name);
- goto shutdown;
- }
- /* Delete key (-F) */
- if (certutil.commands[cmd_DeleteKey].activated) {
- rv = DeleteKey(name, &pwdata);
- goto shutdown;
- }
- /* Modify trust attribute for cert (-M) */
- if (certutil.commands[cmd_ModifyCertTrust].activated) {
- rv = ChangeTrustAttributes(certHandle, name,
- certutil.options[opt_Trust].arg);
- goto shutdown;
- }
- /* Change key db password (-W) (future - change pw to slot?) */
- if (certutil.commands[cmd_ChangePassword].activated) {
- rv = SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg);
- goto shutdown;
- }
- /* Reset the a token */
- if (certutil.commands[cmd_TokenReset].activated) {
- char *sso_pass = "";
-
- if (certutil.options[opt_SSOPass].activated) {
- sso_pass = certutil.options[opt_SSOPass].arg;
- }
- rv = PK11_ResetToken(slot,sso_pass);
-
- goto shutdown;
- }
- /* Check cert validity against current time (-V) */
- if (certutil.commands[cmd_CheckCertValidity].activated) {
- /* XXX temporary hack for fips - must log in to get priv key */
- if (certutil.options[opt_VerifySig].activated) {
- if (slot && PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, &pwdata);
- }
- rv = ValidateCert(certHandle, name,
- certutil.options[opt_ValidityTime].arg,
- certutil.options[opt_Usage].arg,
- certutil.options[opt_VerifySig].activated,
- certutil.options[opt_DetailedInfo].activated,
- &pwdata);
- goto shutdown;
- }
-
- /*
- * Key generation
- */
-
- /* These commands require keygen. */
- if (certutil.commands[cmd_CertReq].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_GenKeyPair].activated) {
- /* XXX Give it a nickname. */
- privkey =
- CERTUTIL_GeneratePrivateKey(keytype, slot, keysize,
- publicExponent,
- certutil.options[opt_NoiseFile].arg,
- &pubkey,
- certutil.options[opt_PQGFile].arg,
- &pwdata);
- if (privkey == NULL) {
- SECU_PrintError(progName, "unable to generate key(s)\n");
- rv = SECFailure;
- goto shutdown;
- }
- privkey->wincx = &pwdata;
- PORT_Assert(pubkey != NULL);
-
- /* If all that was needed was keygen, exit. */
- if (certutil.commands[cmd_GenKeyPair].activated) {
- rv = SECSuccess;
- goto shutdown;
- }
- }
-
- /*
- * Certificate request
- */
-
- /* Make a cert request (-R or -S). */
- if (certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_CertReq].activated) {
- rv = CertReq(privkey, pubkey, keytype, hashAlgTag, subject,
- certutil.options[opt_PhoneNumber].arg,
- certutil.options[opt_ASCIIForIO].activated,
- certutil.options[opt_ExtendedEmailAddrs].arg,
- certutil.options[opt_ExtendedDNSNames].arg,
- outFile ? outFile : PR_STDOUT);
- if (rv)
- goto shutdown;
- privkey->wincx = &pwdata;
- }
-
- /*
- * Certificate creation
- */
-
- /* If making and adding a cert, load the cert request file
- * and output the cert to another file.
- */
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- PR_Close(outFile);
- inFile = PR_Open(certreqfile, PR_RDONLY, 0);
- if (!inFile) {
- PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
- certreqfile, PR_GetError(), PR_GetOSError());
- rv = SECFailure;
- goto shutdown;
- }
- outFile = PR_Open(certfile, PR_RDWR | PR_CREATE_FILE, 00660);
- if (!outFile) {
- PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
- certfile, PR_GetError(), PR_GetOSError());
- rv = SECFailure;
- goto shutdown;
- }
- }
-
- /* Create a certificate (-C or -S). */
- if (certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_CreateNewCert].activated) {
- rv = CreateCert(certHandle,
- certutil.options[opt_IssuerName].arg,
- inFile, outFile, privkey, &pwdata, hashAlgTag,
- serialNumber, warpmonths, validitylength,
- certutil.options[opt_ExtendedEmailAddrs].arg,
- certutil.options[opt_ExtendedDNSNames].arg,
- certutil.options[opt_ASCIIForIO].activated,
- certutil.options[opt_SelfSign].activated,
- certutil.options[opt_AddKeyUsageExt].activated,
- certutil.options[opt_AddExtKeyUsageExt].activated,
- certutil.options[opt_AddBasicConstraintExt].activated,
- certutil.options[opt_AddAuthorityKeyIDExt].activated,
- certutil.options[opt_AddCRLDistPtsExt].activated,
- certutil.options[opt_AddNSCertTypeExt].activated);
- if (rv)
- goto shutdown;
- }
-
- /*
- * Adding a cert to the database (or slot)
- */
-
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- PORT_Assert(inFile != PR_STDIN);
- PR_Close(inFile);
- PR_Close(outFile);
- inFile = PR_Open(certfile, PR_RDONLY, 0);
- if (!inFile) {
- PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
- certfile, PR_GetError(), PR_GetOSError());
- rv = SECFailure;
- goto shutdown;
- }
- }
-
- if (certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_AddEmailCert].activated) {
- rv = AddCert(slot, certHandle, name,
- certutil.options[opt_Trust].arg,
- inFile,
- certutil.options[opt_ASCIIForIO].activated,
- certutil.commands[cmd_AddEmailCert].activated,&pwdata);
- if (rv)
- goto shutdown;
- }
-
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- PORT_Assert(inFile != PR_STDIN);
- PR_Close(inFile);
- PR_Delete(certfile);
- PR_Delete(certreqfile);
- }
-
-shutdown:
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if (privkey) {
- SECKEY_DestroyPrivateKey(privkey);
- }
- if (pubkey) {
- SECKEY_DestroyPublicKey(pubkey);
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- if (rv == SECSuccess) {
- return 0;
- } else {
- return 255;
- }
-}
diff --git a/security/nss/cmd/certutil/keystuff.c b/security/nss/cmd/certutil/keystuff.c
deleted file mode 100644
index 317443a27..000000000
--- a/security/nss/cmd/certutil/keystuff.c
+++ /dev/null
@@ -1,411 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#include <sys/time.h>
-#include <termios.h>
-#endif
-
-#if defined(XP_WIN) || defined (XP_PC)
-#include <time.h>
-#include <conio.h>
-#endif
-
-#if defined(__sun) && !defined(SVR4)
-extern int fclose(FILE*);
-extern int fprintf(FILE *, char *, ...);
-extern int isatty(int);
-extern char *sys_errlist[];
-#define strerror(errno) sys_errlist[errno]
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "secrng.h"
-#include "pqgutil.h"
-
-#define NUM_KEYSTROKES 120
-#define RAND_BUF_SIZE 60
-
-#define ERROR_BREAK rv = SECFailure;break;
-
-const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
- { 0, }
-};
-
-/* returns 0 for success, -1 for failure (EOF encountered) */
-static int
-UpdateRNG(void)
-{
- char * randbuf;
- int fd, i, count;
- int c;
- int rv = 0;
-#ifdef XP_UNIX
- cc_t orig_cc_min;
- cc_t orig_cc_time;
- tcflag_t orig_lflag;
- struct termios tio;
-#endif
-
-#define FPS fprintf(stderr,
- FPS "\n");
- FPS "A random seed must be generated that will be used in the\n");
- FPS "creation of your key. One of the easiest ways to create a\n");
- FPS "random seed is to use the timing of keystrokes on a keyboard.\n");
- FPS "\n");
- FPS "To begin, type keys on the keyboard until this progress meter\n");
- FPS "is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!\n");
- FPS "\n");
- FPS "\n");
- FPS "Continue typing until the progress meter is full:\n\n");
- FPS "| |\r");
-
- /* turn off echo on stdin & return on 1 char instead of NL */
- fd = fileno(stdin);
-
-#if defined(XP_UNIX) && !defined(VMS)
- tcgetattr(fd, &tio);
- orig_lflag = tio.c_lflag;
- orig_cc_min = tio.c_cc[VMIN];
- orig_cc_time = tio.c_cc[VTIME];
- tio.c_lflag &= ~ECHO;
- tio.c_lflag &= ~ICANON;
- tio.c_cc[VMIN] = 1;
- tio.c_cc[VTIME] = 0;
- tcsetattr(fd, TCSAFLUSH, &tio);
-#endif
-
- /* Get random noise from keyboard strokes */
- randbuf = (char *) PORT_Alloc(RAND_BUF_SIZE);
- count = 0;
- while (count < NUM_KEYSTROKES+1) {
-#ifdef VMS
- c = GENERIC_GETCHAR_NOECHO();
-#elif XP_UNIX
- c = getc(stdin);
-#else
- c = getch();
-#endif
- if (c == EOF) {
- rv = -1;
- break;
- }
- PK11_RandomUpdate(randbuf, sizeof(randbuf));
- if (c != randbuf[0]) {
- randbuf[0] = c;
- FPS "\r|");
- for (i=0; i<count/(NUM_KEYSTROKES/RAND_BUF_SIZE); i++) {
- FPS "*");
- }
- if (count%(NUM_KEYSTROKES/RAND_BUF_SIZE) == 1)
- FPS "/");
- count++;
- }
- }
- free(randbuf);
-
- FPS "\n\n");
- FPS "Finished. Press enter to continue: ");
-#if defined(VMS)
- while((c = GENERIC_GETCHAR_NO_ECHO()) != '\r' && c != EOF)
- ;
-#else
- while ((c = getc(stdin)) != '\n' && c != EOF)
- ;
-#endif
- if (c == EOF)
- rv = -1;
- FPS "\n");
-
-#undef FPS
-
-#if defined(XP_UNIX) && !defined(VMS)
- /* set back termio the way it was */
- tio.c_lflag = orig_lflag;
- tio.c_cc[VMIN] = orig_cc_min;
- tio.c_cc[VTIME] = orig_cc_time;
- tcsetattr(fd, TCSAFLUSH, &tio);
-#endif
- return rv;
-}
-
-
-static unsigned char P[] = { 0x00, 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76,
- 0xaa, 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69,
- 0xcb, 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c,
- 0xf7, 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82,
- 0xe5, 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e,
- 0xaf, 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a,
- 0xac, 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24,
- 0xc2, 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02,
- 0x91 };
-static unsigned char Q[] = { 0x00, 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8,
- 0xee, 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4,
- 0x8e, 0xda, 0xce, 0x91, 0x5f };
-static unsigned char G[] = { 0x00, 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a,
- 0x13, 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5,
- 0x00, 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef,
- 0xcb, 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c,
- 0x2e, 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba,
- 0xbf, 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c,
- 0x9c, 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08,
- 0x8c, 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88,
- 0x02 };
-
-static SECKEYPQGParams default_pqg_params = {
- NULL,
- { 0, P, sizeof(P) },
- { 0, Q, sizeof(Q) },
- { 0, G, sizeof(G) }
-};
-
-static SECKEYPQGParams *
-decode_pqg_params(char *str)
-{
- char *buf;
- unsigned int len;
- PRArenaPool *arena;
- SECKEYPQGParams *params;
- SECStatus status;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- params = PORT_ArenaZAlloc(arena, sizeof(SECKEYPQGParams));
- if (params == NULL)
- goto loser;
- params->arena = arena;
-
- buf = (char *)ATOB_AsciiToData(str, &len);
- if ((buf == NULL) || (len == 0))
- goto loser;
-
- status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, buf, len);
- if (status != SECSuccess)
- goto loser;
-
- return params;
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-void
-CERTUTIL_DestroyParamsPQG(SECKEYPQGParams *params)
-{
- if (params->arena) {
- PORT_FreeArena(params->arena, PR_FALSE);
- }
-}
-
-static int
-pqg_prime_bits(char *str)
-{
- SECKEYPQGParams *params = NULL;
- int primeBits = 0, i;
-
- params = decode_pqg_params(str);
- if (params == NULL)
- goto done; /* lose */
-
- for (i = 0; params->prime.data[i] == 0; i++)
- /* empty */;
- primeBits = (params->prime.len - i) * 8;
-
-done:
- if (params != NULL)
- CERTUTIL_DestroyParamsPQG(params);
- return primeBits;
-}
-
-static char *
-SECU_GetpqgString(char *filename)
-{
- char phrase[400];
- FILE *fh;
- char *rv;
-
- fh = fopen(filename,"r");
- rv = fgets (phrase, sizeof(phrase), fh);
-
- fclose(fh);
- if (phrase[strlen(phrase)-1] == '\n')
- phrase[strlen(phrase)-1] = '\0';
- if (rv) {
- return (char*) PORT_Strdup(phrase);
- }
- fprintf(stderr,"pqg file contain no data\n");
- return NULL;
-}
-
-SECKEYPQGParams*
-getpqgfromfile(int keyBits, char *pqgFile)
-{
- char *end, *str, *pqgString;
- int primeBits;
-
- pqgString = SECU_GetpqgString(pqgFile);
- if (pqgString)
- str = PORT_Strdup(pqgString);
- else
- return NULL;
-
- do {
- end = PORT_Strchr(str, ',');
- if (end)
- *end = '\0';
- primeBits = pqg_prime_bits(str);
- if (keyBits == primeBits)
- goto found_match;
- str = end + 1;
- } while (end);
-
- PORT_Free(pqgString);
- PORT_Free(str);
- return NULL;
-
-found_match:
- PORT_Free(pqgString);
- PORT_Free(str);
- return decode_pqg_params(str);
-}
-
-void CERTUTIL_FileForRNG(char *noise)
-{
- char buf[2048];
- PRFileDesc *fd;
- PRInt32 count;
-
- fd = PR_OpenFile(noise,PR_RDONLY,0666);
- if (!fd) return;
-
- do {
- count = PR_Read(fd,buf,sizeof(buf));
- if (count > 0) {
- PK11_RandomUpdate(buf,count);
- }
- } while (count > 0);
-
- PR_Close(fd);
-
-}
-
-SECKEYPrivateKey *
-CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size,
- int publicExponent, char *noise,
- SECKEYPublicKey **pubkeyp, char *pqgFile,
- secuPWData *pwdata)
-{
- CK_MECHANISM_TYPE mechanism;
- SECOidTag algtag;
- PK11RSAGenParams rsaparams;
- SECKEYPQGParams *dsaparams = NULL;
- void *params;
- PRArenaPool *dsaparena;
-
- /*
- * Do some random-number initialization.
- */
-
- if (noise) {
- CERTUTIL_FileForRNG(noise);
- } else {
- int rv = UpdateRNG();
- if (rv) {
- PORT_SetError(PR_END_OF_FILE_ERROR);
- return NULL;
- }
- }
-
- switch (keytype) {
- case rsaKey:
- rsaparams.keySizeInBits = size;
- rsaparams.pe = publicExponent;
- mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
- algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- params = &rsaparams;
- break;
- case dsaKey:
- mechanism = CKM_DSA_KEY_PAIR_GEN;
- algtag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- if (pqgFile) {
- dsaparams = getpqgfromfile(size, pqgFile);
- } else {
- dsaparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (dsaparena == NULL) return NULL;
- dsaparams = PORT_ArenaZAlloc(dsaparena, sizeof(SECKEYPQGParams));
- if (dsaparams == NULL) return NULL;
- dsaparams->arena = dsaparena;
- SECITEM_AllocItem(dsaparena, &dsaparams->prime, sizeof P);
- SECITEM_AllocItem(dsaparena, &dsaparams->subPrime, sizeof Q);
- SECITEM_AllocItem(dsaparena, &dsaparams->base, sizeof G);
- PORT_Memcpy(dsaparams->prime.data, P, dsaparams->prime.len);
- PORT_Memcpy(dsaparams->subPrime.data, Q, dsaparams->subPrime.len);
- PORT_Memcpy(dsaparams->base.data, G, dsaparams->base.len);
- }
- params = dsaparams;
- break;
- default:
- return NULL;
- }
-
- if (slot == NULL)
- return NULL;
-
- if (PK11_Authenticate(slot, PR_TRUE, pwdata) != SECSuccess)
- return NULL;
-
- fprintf(stderr, "\n\n");
- fprintf(stderr, "Generating key. This may take a few moments...\n\n");
-
- return PK11_GenerateKeyPair(slot, mechanism, params, pubkeyp,
- PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/,
- pwdata /*wincx*/);
-}
diff --git a/security/nss/cmd/certutil/makefile.win b/security/nss/cmd/certutil/makefile.win
deleted file mode 100644
index 26cdc0651..000000000
--- a/security/nss/cmd/certutil/makefile.win
+++ /dev/null
@@ -1,155 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-PROGRAM = certutil
-PROGRAM = $(OBJDIR)\$(PROGRAM).exe
-
-include <$(DEPTH)\config\config.mak>
-
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib # brpref32.lib # cert32.lib
-# crypto32.lib # dllcom.lib # editor32.lib
-# edpref32.lib # edtplug.lib # font.lib
-# hash32.lib # htmldg32.lib # img32.lib
-# javart32.lib # jbn3240.lib # jdb3240.lib
-# jmc.lib # jpeg3240.lib # jpw3240.lib
-# jrt3240.lib # js3240.lib # jsd3240.lib
-# key32.lib # libapplet32.lib # libnjs32.lib
-# libnsc32.lib # libreg32.lib # mm3240.lib
-# mnpref32.lib # netcst32.lib # nsdlg32.lib
-# nsldap32.lib # nsldaps32.lib # nsn32.lib
-# pkcs1232.lib # pkcs732.lib # pr3240.lib
-# prefui32.lib # prefuuid.lib # secmod32.lib
-# secnav32.lib # secutl32.lib # softup32.lib
-# sp3240.lib # ssl32.lib # uni3200.lib
-# unicvt32.lib # win32md.lib # winfont.lib
-# xppref32.lib # zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj
-# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp
-# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch
-# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll
-# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj
-# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/certutil/manifest.mn b/security/nss/cmd/certutil/manifest.mn
deleted file mode 100644
index 9bf7af5b8..000000000
--- a/security/nss/cmd/certutil/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- certutil.c \
- keystuff.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = certutil
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/checkcert/Makefile b/security/nss/cmd/checkcert/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/checkcert/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/checkcert/checkcert.c b/security/nss/cmd/checkcert/checkcert.c
deleted file mode 100644
index 0cd5e61aa..000000000
--- a/security/nss/cmd/checkcert/checkcert.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "plgetopt.h"
-#include "cert.h"
-#include "secoid.h"
-#include "cryptohi.h"
-
-/* maximum supported modulus length in bits (indicate problem if over this) */
-#define MAX_MODULUS (1024)
-
-
-static void Usage(char *progName)
-{
- fprintf(stderr, "Usage: %s [aAvf] [certtocheck] [issuingcert]\n",
- progName);
- fprintf(stderr, "%-20s Cert to check is base64 encoded\n",
- "-a");
- fprintf(stderr, "%-20s Issuer's cert is base64 encoded\n",
- "-A");
- fprintf(stderr, "%-20s Verbose (indicate decoding progress etc.)\n",
- "-v");
- fprintf(stderr, "%-20s Force sanity checks even if pretty print fails.\n",
- "-f");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- fprintf(stderr, "%-20s Specify the input type (no default)\n",
- "-t type");
- exit(-1);
-}
-
-
-/*
- * Check integer field named fieldName, printing out results and
- * returning the length of the integer in bits
- */
-
-static
-int checkInteger(SECItem *intItem, char *fieldName, int verbose)
-{
- int len, bitlen;
- if (verbose) {
- printf("Checking %s\n", fieldName);
- }
-
- len = intItem->len;
-
- if (len && (intItem->data[0] & 0x80)) {
- printf("PROBLEM: %s is NEGATIVE 2's-complement integer.\n",
- fieldName);
- }
-
-
- /* calculate bit length and check for unnecessary leading zeros */
- bitlen = len << 3;
- if (len > 1 && intItem->data[0] == 0) {
- /* leading zero byte(s) */
- if (!(intItem->data[1] & 0x80)) {
- printf("PROBLEM: %s has unneeded leading zeros. Violates DER.\n",
- fieldName);
- }
- /* strip leading zeros in length calculation */
- {
- int i=0;
- while (bitlen > 8 && intItem->data[i] == 0) {
- bitlen -= 8;
- i++;
- }
- }
- }
- return bitlen;
-}
-
-
-
-
-static
-void checkName(CERTName *n, char *fieldName, int verbose)
-{
- char *v=0;
- if (verbose) {
- printf("Checking %s\n", fieldName);
- }
-
- v = CERT_GetCountryName(n);
- if (!v) {
- printf("PROBLEM: %s lacks Country Name (C)\n",
- fieldName);
- }
- PORT_Free(v);
-
- v = CERT_GetOrgName(n);
- if (!v) {
- printf("PROBLEM: %s lacks Organization Name (O)\n",
- fieldName);
- }
- PORT_Free(v);
-
- v = CERT_GetOrgUnitName(n);
- if (!v) {
- printf("WARNING: %s lacks Organization Unit Name (OU)\n",
- fieldName);
- }
- PORT_Free(v);
-
- v = CERT_GetCommonName(n);
- if (!v) {
- printf("PROBLEM: %s lacks Common Name (CN)\n",
- fieldName);
- }
- PORT_Free(v);
-}
-
-
-
-
-/*
- * Private version of verification that checks for agreement between
- * signature algorithm oid (at the SignedData level) and oid in DigestInfo.
- *
- */
-
-
-/* Returns the tag for the hash algorithm in the given signature algorithm */
- static
- int hashAlg(int sigAlgTag) {
- int rv;
- switch(sigAlgTag) {
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- rv = SEC_OID_MD2;
- break;
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- rv = SEC_OID_MD5;
- break;
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- rv = SEC_OID_SHA1;
- break;
- default:
- rv = -1;
- }
- return rv;
- }
-
-
-
-struct VFYContextStr {
- int alg;
- unsigned char digest[32];
- void *hasher;
- void (*begin)(void *);
- void (*update)(void *, unsigned char*, unsigned);
- SECStatus (*end)(void *, unsigned char*, unsigned int*, unsigned);
- void (*destroy)(void *, PRBool);
-};
-
-
-static
-SECStatus
-OurVerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
- SECItem *sig, SECAlgorithmID *sigAlgorithm)
-{
- SECStatus rv;
- VFYContext *cx;
- SECOidData *sigAlgOid, *oiddata;
- int sigAlgTag;
- int hashAlgTag;
- int showDigestOid=0;
-
- cx = VFY_CreateContext(key, sig, SECOID_GetAlgorithmTag(sigAlgorithm),
- NULL);
- if (cx == NULL)
- return SECFailure;
-
- sigAlgOid = SECOID_FindOID(&sigAlgorithm->algorithm);
- if (sigAlgOid == 0)
- return SECFailure;
- sigAlgTag = sigAlgOid->offset;
-
- hashAlgTag = hashAlg(sigAlgTag);
- if (hashAlgTag == -1) {
- printf("PROBLEM: Unsupported Digest Algorithm in DigestInfo");
- showDigestOid = 1;
- } else if (hashAlgTag != cx->alg) {
- printf("PROBLEM: Digest OID in DigestInfo is incompatible "
- "with Signature Algorithm\n");
- showDigestOid = 1;
- }
-
- if (showDigestOid) {
- oiddata = SECOID_FindOIDByTag(cx->alg);
- if ( oiddata ) {
- printf("PROBLEM: (cont) Digest OID is %s\n", oiddata->desc);
- } else {
- SECU_PrintAsHex(stdout,
- &oiddata->oid, "PROBLEM: UNKNOWN OID", 0);
- }
- }
-
- rv = VFY_Begin(cx);
- if (rv == SECSuccess) {
- rv = VFY_Update(cx, buf, len);
- if (rv == SECSuccess)
- rv = VFY_End(cx);
- }
-
- VFY_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-
-
-static
-SECStatus
-OurVerifySignedData(CERTSignedData *sd, CERTCertificate *cert)
-{
- SECItem sig;
- SECKEYPublicKey *pubKey = 0;
- SECStatus rv;
-
- /* check the certificate's validity */
- rv = CERT_CertTimesValid(cert);
- if ( rv ) {
- return(SECFailure);
- }
-
- /* get cert's public key */
- pubKey = CERT_ExtractPublicKey(cert);
- if ( !pubKey ) {
- return(SECFailure);
- }
-
- /* check the signature */
- sig = sd->signature;
- DER_ConvertBitString(&sig);
- rv = OurVerifyData(sd->data.data, sd->data.len, pubKey, &sig,
- &sd->signatureAlgorithm);
-
- SECKEY_DestroyPublicKey(pubKey);
-
- if ( rv ) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-
-
-
-static
-CERTCertificate *createEmptyCertificate(void)
-{
- PRArenaPool *arena = 0;
- CERTCertificate *c = 0;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return 0;
- }
-
-
- c = (CERTCertificate *) PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-
- if (c) {
- c->referenceCount = 1;
- c->arena = arena;
- } else {
- PORT_FreeArena(arena,PR_TRUE);
- }
-
- return c;
-}
-
-
-
-
-int main(int argc, char **argv)
-{
- int rv, verbose=0, force=0;
- int ascii=0, issuerAscii=0;
- char *progName=0;
- PRFileDesc *inFile=0, *issuerCertFile=0;
- SECItem derCert, derIssuerCert;
- PRArenaPool *arena=0;
- CERTSignedData *signedData=0;
- CERTCertificate *cert=0, *issuerCert=0;
- SECKEYPublicKey *rsapubkey=0;
- SECAlgorithmID md5WithRSAEncryption, md2WithRSAEncryption;
- SECAlgorithmID sha1WithRSAEncryption, rsaEncryption;
- SECItem spk;
- int selfSigned=0;
- int invalid=0;
- char *inFileName = NULL, *issuerCertFileName = NULL;
- PLOptState *optstate;
- PLOptStatus status;
-
- PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption));
- PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption));
- PORT_Memset(&sha1WithRSAEncryption, 0, sizeof(sha1WithRSAEncryption));
- PORT_Memset(&rsaEncryption, 0, sizeof(rsaEncryption));
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "aAvf");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'v':
- verbose = 1;
- break;
-
- case 'f':
- force = 1;
- break;
-
- case 'a':
- ascii = 1;
- break;
-
- case 'A':
- issuerAscii = 1;
- break;
-
- case '\0':
- if (!inFileName)
- inFileName = PL_strdup(optstate->value);
- else if (!issuerCertFileName)
- issuerCertFileName = PL_strdup(optstate->value);
- else
- Usage(progName);
- break;
- }
- }
-
- if (!inFileName || !issuerCertFileName || status == PL_OPT_BAD) {
- /* insufficient or excess args */
- Usage(progName);
- }
-
- inFile = PR_Open(inFileName, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, inFileName);
- exit(1);
- }
-
- issuerCertFile = PR_Open(issuerCertFileName, PR_RDONLY, 0);
- if (!issuerCertFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, issuerCertFileName);
- exit(1);
- }
-
- if (SECU_ReadDERFromFile(&derCert, inFile, ascii) != SECSuccess) {
- printf("Couldn't read input certificate as DER binary or base64\n");
- exit(1);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == 0) {
- fprintf(stderr,"%s: can't allocate scratch arena!", progName);
- exit(1);
- }
-
- if (issuerCertFile) {
- CERTSignedData *issuerCertSD=0;
- if (SECU_ReadDERFromFile(&derIssuerCert, issuerCertFile, issuerAscii)
- != SECSuccess) {
- printf("Couldn't read issuer certificate as DER binary or base64.\n");
- exit(1);
- }
- issuerCertSD = (CERTSignedData *) PORT_ArenaZAlloc(arena,
- sizeof(CERTSignedData));
- if (!issuerCertSD) {
- fprintf(stderr,"%s: can't allocate issuer signed data!", progName);
- exit(1);
- }
- rv = SEC_ASN1DecodeItem(arena, issuerCertSD,
- SEC_ASN1_GET(CERT_SignedDataTemplate),
- &derIssuerCert);
- if (rv) {
- fprintf(stderr, "%s: Issuer cert isn't X509 SIGNED Data?\n",
- progName);
- exit(1);
- }
- issuerCert = createEmptyCertificate();
- if (!issuerCert) {
- printf("%s: can't allocate space for issuer cert.", progName);
- exit(1);
- }
- rv = SEC_ASN1DecodeItem(arena, issuerCert,
- SEC_ASN1_GET(CERT_CertificateTemplate),
- &issuerCertSD->data);
- if (rv) {
- printf("%s: Does not appear to be an X509 Certificate.\n",
- progName);
- exit(1);
- }
- }
-
- signedData = (CERTSignedData *) PORT_ArenaZAlloc(arena,sizeof(CERTSignedData));
- if (!signedData) {
- fprintf(stderr,"%s: can't allocate signedData!", progName);
- exit(1);
- }
-
- rv = SEC_ASN1DecodeItem(arena, signedData,
- SEC_ASN1_GET(CERT_SignedDataTemplate),
- &derCert);
- if (rv) {
- fprintf(stderr, "%s: Does not appear to be X509 SIGNED Data.\n",
- progName);
- exit(1);
- }
-
- if (verbose) {
- printf("Decoded ok as X509 SIGNED data.\n");
- }
-
- cert = createEmptyCertificate();
- if (!cert) {
- fprintf(stderr, "%s: can't allocate cert", progName);
- exit(1);
- }
-
- rv = SEC_ASN1DecodeItem(arena, cert,
- SEC_ASN1_GET(CERT_CertificateTemplate),
- &signedData->data);
- if (rv) {
- fprintf(stderr, "%s: Does not appear to be an X509 Certificate.\n",
- progName);
- exit(1);
- }
-
-
- if (verbose) {
- printf("Decoded ok as an X509 certificate.\n");
- }
-
-
- rv = SECU_PrintSignedData(stdout, &derCert, "Certificate", 0,
- SECU_PrintCertificate);
-
- if (rv) {
- fprintf(stderr, "%s: Unable to pretty print cert. Error: %d\n",
- progName, PORT_GetError());
- if (!force) {
- exit(1);
- }
- }
-
-
- /* Do various checks on the cert */
-
- printf("\n");
-
- /* Check algorithms */
- SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption,
- SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL);
-
- SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption,
- SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL);
-
- SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption,
- SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL);
-
- SECOID_SetAlgorithmID(arena, &rsaEncryption,
- SEC_OID_PKCS1_RSA_ENCRYPTION, NULL);
-
- {
- int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature,
- &md5WithRSAEncryption) == 0);
- int isMD2RSA = (SECOID_CompareAlgorithmID(&cert->signature,
- &md2WithRSAEncryption) == 0);
- int isSHA1RSA = (SECOID_CompareAlgorithmID(&cert->signature,
- &sha1WithRSAEncryption) == 0);
-
- if (verbose) {
- printf("\nDoing algorithm checks.\n");
- }
-
- if (!(isMD5RSA || isMD2RSA || isSHA1RSA)) {
- printf("PROBLEM: Signature not PKCS1 MD5, MD2, or SHA1 + RSA.\n");
- } else if (!isMD5RSA) {
- printf("WARNING: Signature not PKCS1 MD5 with RSA Encryption\n");
- }
-
- if (SECOID_CompareAlgorithmID(&cert->signature,
- &signedData->signatureAlgorithm)) {
- printf("PROBLEM: Algorithm in sig and certInfo don't match.\n");
- }
- }
-
- if (SECOID_CompareAlgorithmID(&cert->subjectPublicKeyInfo.algorithm,
- &rsaEncryption)) {
- printf("PROBLEM: Public key algorithm is not PKCS1 RSA Encryption.\n");
- }
-
- /* Check further public key properties */
- spk = cert->subjectPublicKeyInfo.subjectPublicKey;
- DER_ConvertBitString(&spk);
-
- if (verbose) {
- printf("\nsubjectPublicKey DER\n");
- rv = DER_PrettyPrint(stdout, &spk, PR_FALSE);
- printf("\n");
- }
-
- rsapubkey = (SECKEYPublicKey *)
- PORT_ArenaZAlloc(arena,sizeof(SECKEYPublicKey));
- if (!rsapubkey) {
- fprintf(stderr, "%s: rsapubkey allocation failed.\n", progName);
- exit(1);
- }
-
- rv = SEC_ASN1DecodeItem(arena, rsapubkey,
- SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), &spk);
- if (rv) {
- printf("PROBLEM: subjectPublicKey is not a DER PKCS1 RSAPublicKey.\n");
- } else {
- int mlen;
- int pubexp;
- if (verbose) {
- printf("Decoded RSA Public Key ok. Doing key checks.\n");
- }
- PORT_Assert(rsapubkey->keyType == rsaKey); /* XXX RSA */
- mlen = checkInteger(&rsapubkey->u.rsa.modulus, "Modulus", verbose);
- printf("INFO: Public Key modulus length in bits: %d\n", mlen);
- if (mlen > MAX_MODULUS) {
- printf("PROBLEM: Modulus length exceeds %d bits.\n",
- MAX_MODULUS);
- }
- if (mlen < 512) {
- printf("WARNING: Short modulus.\n");
- }
- if (mlen != (1 << (ffs(mlen)-1))) {
- printf("WARNING: Unusual modulus length (not a power of two).\n");
- }
- checkInteger(&rsapubkey->u.rsa.publicExponent, "Public Exponent",
- verbose);
- pubexp = DER_GetInteger(&rsapubkey->u.rsa.publicExponent);
- if (pubexp != 17 && pubexp != 3 && pubexp != 65537) {
- printf("WARNING: Public exponent not any of: 3, 17, 65537\n");
- }
- }
-
-
- /* Name checks */
- checkName(&cert->issuer, "Issuer Name", verbose);
- checkName(&cert->subject, "Subject Name", verbose);
-
- if (issuerCert) {
- SECComparison c =
- CERT_CompareName(&cert->issuer, &issuerCert->subject);
- if (c) {
- printf("PROBLEM: Issuer Name and Subject in Issuing Cert differ\n");
- }
- }
-
- /* Check if self-signed */
- selfSigned = (CERT_CompareName(&cert->issuer, &cert->subject) == 0);
- if (selfSigned) {
- printf("INFO: Certificate is self signed.\n");
- } else {
- printf("INFO: Certificate is NOT self-signed.\n");
- }
-
-
- /* Validity time check */
- if (CERT_CertTimesValid(cert) == SECSuccess) {
- printf("INFO: Inside validity period of certificate.\n");
- } else {
- printf("PROBLEM: Not in validity period of certificate.\n");
- invalid = 1;
- }
-
- /* Signature check if self-signed */
- if (selfSigned && !invalid) {
- if (rsapubkey->u.rsa.modulus.len) {
- SECStatus ver;
- if (verbose) {
- printf("Checking self signature.\n");
- }
- ver = OurVerifySignedData(signedData, cert);
- if (ver != SECSuccess) {
- printf("PROBLEM: Verification of self-signature failed!\n");
- } else {
- printf("INFO: Self-signature verifies ok.\n");
- }
- } else {
- printf("INFO: Not checking signature due to key problems.\n");
- }
- } else if (!selfSigned && !invalid && issuerCert) {
- SECStatus ver;
- ver = OurVerifySignedData(signedData, issuerCert);
- if (ver != SECSuccess) {
- printf("PROBLEM: Verification of issuer's signature failed!\n");
- } else {
- printf("INFO: Issuer's signature verifies ok.\n");
- }
- } else {
- printf("INFO: Not checking signature.\n");
- }
-
- return 0;
-}
-
-
-
diff --git a/security/nss/cmd/checkcert/makefile.win b/security/nss/cmd/checkcert/makefile.win
deleted file mode 100644
index ff1fe62a7..000000000
--- a/security/nss/cmd/checkcert/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = checkcert
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/checkcert/manifest.mn b/security/nss/cmd/checkcert/manifest.mn
deleted file mode 100644
index 470c203ec..000000000
--- a/security/nss/cmd/checkcert/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = checkcert.c
-
-PROGRAM = checkcert
diff --git a/security/nss/cmd/cmdlib/Makefile b/security/nss/cmd/cmdlib/Makefile
deleted file mode 100644
index 0769c80a3..000000000
--- a/security/nss/cmd/cmdlib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
diff --git a/security/nss/cmd/cmdlib/cmdline.c b/security/nss/cmd/cmdlib/cmdline.c
deleted file mode 100644
index 84ad35be3..000000000
--- a/security/nss/cmd/cmdlib/cmdline.c
+++ /dev/null
@@ -1,474 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <string.h>
-#include <ctype.h>
-
-#include "cmdutil.h"
-
-static int s_indent_size = 4;
-
-void
-CMD_SetIndentSize(int size)
-{
- s_indent_size = size;
-}
-
-#if 0
-static void
-indent(PRFileDesc *out, int level)
-{
- int i, j;
- for (i=0; i<level; i++)
- for (j=0; j<s_indent_size; j++)
- PR_fprintf(out, " ");
-}
-#endif
-
-struct cmdPrintStateStr {
- PRFileDesc *file;
- int width;
- int indent;
- int linepos;
-};
-
-static void
-init_print_ps(cmdPrintState *ps, PRFileDesc *outfile, int width, int indent)
-{
- ps->file = (outfile) ? outfile : PR_STDOUT;
- ps->width = (width > 0) ? width : 80;
- ps->indent = (indent > 0) ? indent : 0;
- ps->linepos = 0;
-}
-
-static void
-print_ps_indent(cmdPrintState *ps)
-{
- int j;
- if (ps->linepos != 0) {
- PR_fprintf(ps->file, "\n");
- ps->linepos = 0;
- }
- for (j=0; j<=ps->indent; j++) PR_fprintf(ps->file, " ");
- ps->linepos = ps->indent;
-}
-
-static void
-print_ps_to_indent(cmdPrintState *ps)
-{
- if (ps->linepos > ps->indent)
- PR_fprintf(ps->file, "\n");
- while (ps->linepos <= ps->indent) {
- PR_fprintf(ps->file, " ");
- ps->linepos++;
- }
-}
-
-static void
-nprintbuf(cmdPrintState *ps, char *buf, int start, int len)
-{
- int j;
- for (j=start; j<start + len; j++) {
- if (buf[j] == '\n') {
- PR_fprintf(ps->file, "\n");
- ps->linepos = 0;
- print_ps_indent(ps);
- } else {
- PR_fprintf(ps->file, "%c", buf[j]);
- ps->linepos++;
- }
- }
-}
-
-static void
-nprintf(cmdPrintState *ps, char *msg, ...)
-{
- char buf[256];
- int i, len, grouplen;
- PRBool openquote, openbracket, openparen, openangle, itsaword;
- va_list args;
- va_start(args, msg);
- vsprintf(buf, msg, args);
- len = strlen(buf);
- /* print_ps_indent(ps); */
- if (len < ps->width - ps->linepos) {
- nprintbuf(ps, buf, 0, len + 1);
- return;
- }
- /* group in this order: " [ ( < word > ) ] " */
- i=0;
- openquote=openbracket=openparen=openangle=itsaword=PR_FALSE;
- while (i<len) {
- grouplen = 0;
- if (buf[i] == '\"') { openquote = PR_TRUE; grouplen = 1; }
- else if (buf[i] == '[') { openbracket = PR_TRUE; grouplen = 1; }
- else if (buf[i] == '(') { openparen = PR_TRUE; grouplen = 1; }
- else if (buf[i] == '<') { openangle = PR_TRUE; grouplen = 1; }
- else itsaword = PR_TRUE;
- while (grouplen < len && buf[i+grouplen] != '\0' &&
- ((openquote && buf[i+grouplen] != '\"') ||
- (openbracket && buf[i+grouplen] != ']') ||
- (openparen && buf[i+grouplen] != ')') ||
- (openangle && buf[i+grouplen] != '>') ||
- (itsaword && !isspace(buf[i+grouplen]))))
- grouplen++;
- grouplen++; /* grab the terminator (whitespace for word) */
- if (!itsaword && isspace(buf[i+grouplen])) grouplen++;
- if (grouplen < ps->width - ps->linepos) {
- nprintbuf(ps, buf, i, grouplen);
- } else if (grouplen < ps->width - ps->indent) {
- print_ps_indent(ps);
- nprintbuf(ps, buf, i, grouplen);
- } else {
- /* it's just too darn long. what to do? */
- }
- i += grouplen;
- openquote=openbracket=openparen=openangle=itsaword=PR_FALSE;
- }
- va_end(args);
-}
-
-void
-CMD_PrintUsageString(cmdPrintState *ps, char *str)
-{
- nprintf(ps, "%s", str);
-}
-
-/* void because it exits with Usage() if failure */
-static void
-command_line_okay(cmdCommand *cmd, char *progName)
-{
- int i, c = -1;
- /* user asked for help. hope somebody gives it to them. */
- if (cmd->opt[0].on) return;
- /* check that the command got all of its needed options */
- for (i=0; i<cmd->ncmd; i++) {
- if (cmd->cmd[i].on) {
- if (c > 0) {
- fprintf(stderr,
- "%s: only one command can be given at a time.\n",
- progName);
- CMD_Usage(progName, cmd);
- } else {
- c = i;
- }
- }
- }
- if (cmd->cmd[c].argUse == CMDArgReq && cmd->cmd[c].arg == NULL) {
- /* where's the arg when you need it... */
- fprintf(stderr, "%s: command --%s requires an argument.\n",
- progName, cmd->cmd[c].s);
- fprintf(stderr, "type \"%s --%s --help\" for help.\n",
- progName, cmd->cmd[c].s);
- CMD_Usage(progName, cmd);
- }
- for (i=0; i<cmd->nopt; i++) {
- if (cmd->cmd[c].req & CMDBIT(i)) {
- /* command requires this option */
- if (!cmd->opt[i].on) {
- /* but it ain't there */
- fprintf(stderr, "%s: command --%s requires option --%s.\n",
- progName, cmd->cmd[c].s, cmd->opt[i].s);
- } else {
- /* okay, its there, but does it have an arg? */
- if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) {
- fprintf(stderr, "%s: option --%s requires an argument.\n",
- progName, cmd->opt[i].s);
- }
- }
- } else if (cmd->cmd[c].opt & CMDBIT(i)) {
- /* this option is optional */
- if (cmd->opt[i].on) {
- /* okay, its there, but does it have an arg? */
- if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) {
- fprintf(stderr, "%s: option --%s requires an argument.\n",
- progName, cmd->opt[i].s);
- }
- }
- } else {
- /* command knows nothing about it */
- if (cmd->opt[i].on) {
- /* so why the h--- is it on? */
- fprintf(stderr, "%s: option --%s not used with command --%s.\n",
- progName, cmd->opt[i].s, cmd->cmd[c].s);
- }
- }
- }
-}
-
-static char *
-get_arg(char *curopt, char **nextopt, int argc, int *index)
-{
- char *str;
- if (curopt) {
- str = curopt;
- } else {
- if (*index + 1 >= argc) return NULL;
- /* not really an argument but another flag */
- if (nextopt[*index+1][0] == '-') return NULL;
- str = nextopt[++(*index)];
- }
- /* parse the option */
- return strdup(str);
-}
-
-int
-CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd)
-{
- int i, j, k;
- int cmdToRun = -1;
- char *flag;
- i=1;
- if (argc <= 1) return -2; /* gross hack for cmdless things like atob */
- do {
- flag = argv[i];
- if (strlen(flag) < 2) /* huh? */
- return -1;
- if (flag[0] != '-')
- return -1;
- /* ignore everything after lone "--" (app-specific weirdness there) */
- if (strcmp(flag, "--") == 0)
- return cmdToRun;
- /* single hyphen means short alias (single-char) */
- if (flag[1] != '-') {
- j=1;
- /* collect a set of opts, ex. -abc */
- while (flag[j] != '\0') {
- PRBool found = PR_FALSE;
- /* walk the command set looking for match */
- for (k=0; k<cmd->ncmd; k++) {
- if (flag[j] == cmd->cmd[k].c) {
- /* done - only take one command at a time */
- if (j > 1) return -1;
- cmd->cmd[k].on = found = PR_TRUE;
- cmdToRun = k;
- if (cmd->cmd[k].argUse != CMDNoArg)
- cmd->cmd[k].arg = get_arg(NULL, argv, argc, &i);
- goto next_flag;
- }
- }
- /* wasn't found in commands, try options */
- for (k=0; k<cmd->nopt; k++) {
- if (flag[j] == cmd->opt[k].c) {
- /* collect this option and keep going */
- cmd->opt[k].on = found = PR_TRUE;
- if (flag[j+1] == '\0') {
- if (cmd->opt[k].argUse != CMDNoArg)
- cmd->opt[k].arg = get_arg(NULL, argv, argc, &i);
- goto next_flag;
- }
- }
- }
- j++;
- if (!found) return -1;
- }
- } else { /* long alias, ex. --list */
- char *fl = NULL, *arg = NULL;
- PRBool hyphened = PR_FALSE;
- fl = &flag[2];
- arg = strchr(fl, '=');
- if (arg) {
- *arg++ = '\0';
- } else {
- arg = strchr(fl, '-');
- if (arg) {
- hyphened = PR_TRUE; /* watch this, see below */
- *arg++ = '\0';
- }
- }
- for (k=0; k<cmd->ncmd; k++) {
- if (strcmp(fl, cmd->cmd[k].s) == 0) {
- cmd->cmd[k].on = PR_TRUE;
- cmdToRun = k;
- if (cmd->cmd[k].argUse != CMDNoArg || hyphened) {
- cmd->cmd[k].arg = get_arg(arg, argv, argc, &i);
- }
- if (arg) arg[-1] = '=';
- goto next_flag;
- }
- }
- for (k=0; k<cmd->nopt; k++) {
- if (strcmp(fl, cmd->opt[k].s) == 0) {
- cmd->opt[k].on = PR_TRUE;
- if (cmd->opt[k].argUse != CMDNoArg || hyphened) {
- cmd->opt[k].arg = get_arg(arg, argv, argc, &i);
- }
- if (arg) arg[-1] = '=';
- goto next_flag;
- }
- }
- return -1;
- }
-next_flag:
- i++;
- } while (i < argc);
- command_line_okay(cmd, progName);
- return cmdToRun;
-}
-
-void
-CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback usage)
-{
- int i, j;
- PRBool oneCommand = PR_FALSE;
- cmdPrintState ps;
- init_print_ps(&ps, PR_STDERR, 80, 0);
- nprintf(&ps, "\n%s: ", progName);
- /* prints app-specific header */
- ps.indent = strlen(progName) + 4;
- usage(&ps, 0, PR_FALSE, PR_TRUE, PR_FALSE);
- for (i=0; i<cmd->ncmd; i++) if (cmd->cmd[i].on) oneCommand = PR_TRUE;
- for (i=0; i<cmd->ncmd; i++) {
- if ((oneCommand && cmd->cmd[i].on) || !oneCommand) {
- ps.indent = 0;
- print_ps_indent(&ps);
- if (cmd->cmd[i].c != 0) {
- nprintf(&ps, "-%c, ", cmd->cmd[i].c);
- nprintf(&ps, "--%-16s ", cmd->cmd[i].s);
- } else {
- nprintf(&ps, "--%-20s ", cmd->cmd[i].s);
- }
- ps.indent += 20;
- usage(&ps, i, PR_TRUE, PR_FALSE, PR_FALSE);
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].req & CMDBIT(j)) {
- ps.indent = 0;
- print_ps_indent(&ps);
- nprintf(&ps, "%3s* ", "");
- if (cmd->opt[j].c != 0) {
- nprintf(&ps, "-%c, ", cmd->opt[j].c);
- nprintf(&ps, "--%-16s ", cmd->opt[j].s);
- } else {
- nprintf(&ps, "--%-20s ", cmd->opt[j].s);
- }
- ps.indent += 29;
- usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE);
- }
- }
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].opt & CMDBIT(j)) {
- ps.indent = 0;
- print_ps_indent(&ps);
- nprintf(&ps, "%5s", "");
- if (cmd->opt[j].c != 0) {
- nprintf(&ps, "-%c, ", cmd->opt[j].c);
- nprintf(&ps, "--%-16s ", cmd->opt[j].s);
- } else {
- nprintf(&ps, "--%-20s ", cmd->opt[j].s);
- }
- ps.indent += 29;
- usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE);
- }
- }
- }
- nprintf(&ps, "\n");
- }
- ps.indent = 0;
- nprintf(&ps, "\n* - required flag for command\n\n");
- /* prints app-specific footer */
- usage(&ps, 0, PR_FALSE, PR_FALSE, PR_TRUE);
- /*nprintf(&ps, "\n\n");*/
- exit(1);
-}
-
-void
-CMD_Usage(char *progName, cmdCommand *cmd)
-{
- int i, j, inc;
- PRBool first;
- cmdPrintState ps;
- init_print_ps(&ps, PR_STDERR, 80, 0);
- nprintf(&ps, "%s", progName);
- ps.indent = strlen(progName) + 1;
- print_ps_to_indent(&ps);
- for (i=0; i<cmd->ncmd; i++) {
- if (cmd->cmd[i].c != 0) {
- nprintf(&ps, "-%c", cmd->cmd[i].c);
- inc = 4;
- } else {
- nprintf(&ps, "--%s", cmd->cmd[i].s);
- inc = 4 + strlen(cmd->cmd[i].s);
- }
- first = PR_TRUE;
- ps.indent += inc;
- print_ps_to_indent(&ps);
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].req & CMDBIT(j)) {
- if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) {
- if (first) {
- nprintf(&ps, "-");
- first = !first;
- }
- nprintf(&ps, "%c", cmd->opt[j].c);
- }
- }
- }
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].req & CMDBIT(j)) {
- if (cmd->opt[j].c != 0)
- nprintf(&ps, "-%c ", cmd->opt[j].c);
- else
- nprintf(&ps, "--%s ", cmd->opt[j].s);
- if (cmd->opt[j].argUse != CMDNoArg)
- nprintf(&ps, "%s ", cmd->opt[j].s);
- }
- }
- first = PR_TRUE;
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].opt & CMDBIT(j)) {
- if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) {
- if (first) {
- nprintf(&ps, "[-");
- first = !first;
- }
- nprintf(&ps, "%c", cmd->opt[j].c);
- }
- }
- }
- if (!first) nprintf(&ps, "] ");
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].opt & CMDBIT(j) &&
- cmd->opt[j].argUse != CMDNoArg) {
- if (cmd->opt[j].c != 0)
- nprintf(&ps, "[-%c %s] ", cmd->opt[j].c, cmd->opt[j].s);
- else
- nprintf(&ps, "[--%s %s] ", cmd->opt[j].s, cmd->opt[j].s);
- }
- }
- ps.indent -= inc;
- print_ps_indent(&ps);
- }
- ps.indent = 0;
- nprintf(&ps, "\n");
- exit(1);
-}
diff --git a/security/nss/cmd/cmdlib/cmdutil.h b/security/nss/cmd/cmdlib/cmdutil.h
deleted file mode 100644
index 69d3f2657..000000000
--- a/security/nss/cmd/cmdlib/cmdutil.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMDUTIL_H_
-#define _CMDUTIL_H_
-
-#include <stdio.h>
-#include "nspr.h"
-#include "nssbase.h"
-
-typedef int
-(* CMD_PPFunc)(PRFileDesc *out, NSSItem *item, char *msg, int level);
-
-
-/*
- * Command Line Parsing routines
- *
- * The attempt here is to provide common functionality for command line
- * parsing across an array of tools. The tools should obey the historical
- * rules of:
- *
- * (1) one command per line,
- * (2) the command should be uppercase,
- * (3) options should be lowercase,
- * (4) a short usage statement is presented in case of error,
- * (5) a long usage statement is given by -? or --help
- */
-
-/* To aid in formatting usage output. XXX Uh, why exposed? */
-typedef struct cmdPrintStateStr cmdPrintState;
-
-typedef enum {
- CMDArgReq = 0,
- CMDArgOpt,
- CMDNoArg
-} CMDArg;
-
-struct cmdCommandLineArgStr {
- char c; /* one-character alias for flag */
- char *s; /* string alias for flag */
- CMDArg argUse; /* flag takes an argument */
- char *arg; /* argument given for flag */
- PRBool on; /* flag was issued at command-line */
- int req; /* required arguments for commands */
- int opt; /* optional arguments for commands */
-};
-
-struct cmdCommandLineOptStr {
- char c; /* one-character alias for flag */
- char *s; /* string alias for flag */
- CMDArg argUse; /* flag takes an argument */
- char *arg; /* argument given for flag */
- PRBool on; /* flag was issued at command-line */
-};
-
-typedef struct cmdCommandLineArgStr cmdCommandLineArg;
-typedef struct cmdCommandLineOptStr cmdCommandLineOpt;
-
-struct cmdCommandStr {
- int ncmd;
- int nopt;
- cmdCommandLineArg *cmd;
- cmdCommandLineOpt *opt;
-};
-
-typedef struct cmdCommandStr cmdCommand;
-
-int
-CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd);
-
-typedef void
-(* cmdUsageCallback)(cmdPrintState *, int, PRBool, PRBool, PRBool);
-
-#define CMDBIT(n) (1<<n)
-
-void
-CMD_Usage(char *progName, cmdCommand *cmd);
-
-void
-CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback use);
-
-void
-CMD_PrintUsageString(cmdPrintState *ps, char *str);
-
-#endif /* _CMDUTIL_H_ */
diff --git a/security/nss/cmd/cmdlib/config.mk b/security/nss/cmd/cmdlib/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/cmd/cmdlib/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/cmd/cmdlib/manifest.mn b/security/nss/cmd/cmdlib/manifest.mn
deleted file mode 100644
index d276bdb23..000000000
--- a/security/nss/cmd/cmdlib/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-LIBRARY_NAME = cmdutil
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = seccmd
-
-DEFINES = -DNSPR20
-
-EXPORTS = cmdutil.h \
- $(NULL)
-
-CSRCS = cmdline.c \
- $(NULL)
-
-REQUIRES = nss nspr dbm
-
diff --git a/security/nss/cmd/crlutil/Makefile b/security/nss/cmd/crlutil/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/crlutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c
deleted file mode 100644
index d41dadde7..000000000
--- a/security/nss/cmd/crlutil/crlutil.c
+++ /dev/null
@@ -1,478 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** certutil.c
-**
-** utility for managing certificates and the cert database
-**
-*/
-/* test only */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-#include "pk11func.h"
-
-#define SEC_CERT_DB_EXISTS 0
-#define SEC_CREATE_CERT_DB 1
-
-static char *progName;
-
-static CERTSignedCrl *FindCRL
- (CERTCertDBHandle *certHandle, char *name, int type)
-{
- CERTSignedCrl *crl = NULL;
- CERTCertificate *cert = NULL;
-
-
- cert = CERT_FindCertByNickname(certHandle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named %s", name);
- return ((CERTSignedCrl *)NULL);
- }
-
- crl = SEC_FindCrlByName(certHandle, &cert->derSubject, type);
- if (crl ==NULL)
- SECU_PrintError
- (progName, "could not find %s's CRL", name);
- CERT_DestroyCertificate (cert);
- return (crl);
-}
-
-static void DisplayCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType)
-{
- CERTCertificate *cert = NULL;
- CERTSignedCrl *crl = NULL;
-
- crl = FindCRL (certHandle, nickName, crlType);
-
- if (crl) {
- SECU_PrintCRLInfo (stdout, &crl->crl, "CRL Info:\n", 0);
- SEC_DestroyCrl (crl);
- }
-}
-
-static void ListCRLNames (CERTCertDBHandle *certHandle, int crlType, PRBool deletecrls)
-{
- CERTCrlHeadNode *crlList = NULL;
- CERTCrlNode *crlNode = NULL;
- CERTName *name = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- do {
- arena = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) {
- fprintf(stderr, "%s: fail to allocate memory\n", progName);
- break;
- }
-
- name = PORT_ArenaZAlloc (arena, sizeof(*name));
- if (name == NULL) {
- fprintf(stderr, "%s: fail to allocate memory\n", progName);
- break;
- }
- name->arena = arena;
-
- rv = SEC_LookupCrls (certHandle, &crlList, crlType);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName,
- SECU_Strerror(PORT_GetError()));
- break;
- }
-
- /* just in case */
- if (!crlList)
- break;
-
- crlNode = crlList->first;
-
- fprintf (stdout, "\n");
- fprintf (stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type");
- while (crlNode) {
- char* asciiname = NULL;
- name = &crlNode->crl->crl.name;
- if (!name){
- fprintf(stderr, "%s: fail to get the CRL issuer name (%s)\n", progName,
- SECU_Strerror(PORT_GetError()));
- break;
- }
-
- asciiname = CERT_NameToAscii(name);
- fprintf (stdout, "\n%-40s %-5s\n", asciiname, "CRL");
- if (asciiname) {
- PORT_Free(asciiname);
- }
- if ( PR_TRUE == deletecrls) {
- CERTSignedCrl* acrl = NULL;
- SECItem* issuer = &crlNode->crl->crl.derName;
- acrl = SEC_FindCrlByName(certHandle, issuer, crlType);
- if (acrl)
- {
- SEC_DeletePermCRL(acrl);
- }
- }
- crlNode = crlNode->next;
- }
-
- } while (0);
- if (crlList)
- PORT_FreeArena (crlList->arena, PR_FALSE);
- PORT_FreeArena (arena, PR_FALSE);
-}
-
-static void ListCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType)
-{
- if (nickName == NULL)
- ListCRLNames (certHandle, crlType, PR_FALSE);
- else
- DisplayCRL (certHandle, nickName, crlType);
-}
-
-
-
-static SECStatus DeleteCRL (CERTCertDBHandle *certHandle, char *name, int type)
-{
- CERTSignedCrl *crl = NULL;
- SECStatus rv = SECFailure;
-
- crl = FindCRL (certHandle, name, type);
- if (!crl) {
- SECU_PrintError
- (progName, "could not find the issuer %s's CRL", name);
- return SECFailure;
- }
- rv = SEC_DeletePermCRL (crl);
- if (rv != SECSuccess) {
- SECU_PrintError
- (progName, "fail to delete the issuer %s's CRL from the perm database (reason: %s)",
- name, SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- return (rv);
-}
-
-SECStatus ImportCRL (CERTCertDBHandle *certHandle, char *url, int type,
- PRFileDesc *inFile, PRInt32 importOptions, PRInt32 decodeOptions)
-{
- CERTCertificate *cert = NULL;
- CERTSignedCrl *crl = NULL;
- SECItem crlDER;
- PK11SlotInfo* slot = NULL;
- int rv;
- PRIntervalTime starttime, endtime, elapsed;
- PRUint32 mins, secs, msecs;
-
- crlDER.data = NULL;
-
-
- /* Read in the entire file specified with the -f argument */
- rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to read input file");
- return (SECFailure);
- }
-
- decodeOptions |= CRL_DECODE_DONT_COPY_DER;
-
- slot = PK11_GetInternalKeySlot();
-
- starttime = PR_IntervalNow();
- crl = PK11_ImportCRL(slot, &crlDER, url, type,
- NULL, importOptions, NULL, decodeOptions);
- endtime = PR_IntervalNow();
- elapsed = endtime - starttime;
- mins = PR_IntervalToSeconds(elapsed) / 60;
- secs = PR_IntervalToSeconds(elapsed) % 60;
- msecs = PR_IntervalToMilliseconds(elapsed) % 1000;
- printf("Elapsed : %2d:%2d.%3d\n", mins, secs, msecs);
- if (!crl) {
- const char *errString;
-
- errString = SECU_Strerror(PORT_GetError());
- if ( errString && PORT_Strlen (errString) == 0)
- SECU_PrintError
- (progName, "CRL is not imported (error: input CRL is not up to date.)");
- else
- SECU_PrintError
- (progName, "unable to import CRL");
- }
- SEC_DestroyCrl (crl);
- if (slot) {
- PK11_FreeSlot(slot);
- }
- return (rv);
-}
-
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -L [-n nickname] [-d keydir] [-P dbprefix] [-t crlType]\n"
- " %s -D -n nickname [-d keydir] [-P dbprefix]\n"
- " %s -I -i crl -t crlType [-u url] [-d keydir] [-P dbprefix] [-B]\n"
- " %s -E -t crlType [-d keydir] [-P dbprefix]\n"
- " %s -T\n", progName, progName, progName, progName, progName);
-
- fprintf (stderr, "%-15s List CRL\n", "-L");
- fprintf(stderr, "%-20s Specify the nickname of the CA certificate\n",
- "-n nickname");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
- fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n",
- "-P dbprefix");
-
- fprintf (stderr, "%-15s Delete a CRL from the cert database\n", "-D");
- fprintf(stderr, "%-20s Specify the nickname for the CA certificate\n",
- "-n nickname");
- fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
- fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n",
- "-P dbprefix");
-
- fprintf (stderr, "%-15s Erase all CRLs of specified type from hte cert database\n", "-E");
- fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
- fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n",
- "-P dbprefix");
-
- fprintf (stderr, "%-15s Import a CRL to the cert database\n", "-I");
- fprintf(stderr, "%-20s Specify the file which contains the CRL to import\n",
- "-i crl");
- fprintf(stderr, "%-20s Specify the url.\n", "-u url");
- fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
- fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n",
- "-P dbprefix");
-#ifdef DEBUG
- fprintf (stderr, "%-15s Test . Only for debugging purposes. See source code\n", "-T");
-#endif
- fprintf(stderr, "%-20s CRL Types (default is SEC_CRL_TYPE):\n", " ");
- fprintf(stderr, "%-20s \t 0 - SEC_KRL_TYPE\n", " ");
- fprintf(stderr, "%-20s \t 1 - SEC_CRL_TYPE\n", " ");
- fprintf(stderr, "\n%-20s Bypass CA certificate checks.\n", "-B");
- fprintf(stderr, "\n%-20s Partial decode for faster operation.\n", "-p");
- fprintf(stderr, "%-20s Repeat the operation.\n", "-r <iterations>");
-
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- SECItem privKeyDER;
- CERTCertDBHandle *certHandle;
- FILE *certFile;
- PRFileDesc *inFile;
- int listCRL;
- int importCRL;
- int deleteCRL;
- int rv;
- char *nickName;
- char *url;
- char *dbPrefix = "";
- int crlType;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus secstatus;
- PRBool bypassChecks = PR_FALSE;
- PRInt32 decodeOptions = CRL_DECODE_DEFAULT_OPTIONS;
- PRInt32 importOptions = CRL_IMPORT_DEFAULT_OPTIONS;
- PRBool test = PR_FALSE;
- PRBool erase = PR_FALSE;
- PRInt32 i = 0;
- PRInt32 iterations = 1;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = 0;
- deleteCRL = importCRL = listCRL = 0;
- certFile = NULL;
- inFile = NULL;
- nickName = url = NULL;
- privKeyDER.data = NULL;
- certHandle = NULL;
- crlType = SEC_CRL_TYPE;
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "BCDILP:d:i:n:pt:u:TEr:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'T':
- test = PR_TRUE;
- break;
-
- case 'E':
- erase = PR_TRUE;
- break;
-
- case 'B':
- importOptions |= CRL_IMPORT_BYPASS_CHECKS;
- break;
-
- case 'C':
- listCRL = 1;
- break;
-
- case 'D':
- deleteCRL = 1;
- break;
-
- case 'I':
- importCRL = 1;
- break;
-
- case 'L':
- listCRL = 1;
- break;
-
- case 'P':
- dbPrefix = strdup(optstate->value);
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- PL_DestroyOptState(optstate);
- return -1;
- }
- break;
-
- case 'n':
- nickName = strdup(optstate->value);
- break;
-
- case 'p':
- decodeOptions |= CRL_DECODE_SKIP_ENTRIES;
- break;
-
- case 'r': {
- const char* str = optstate->value;
- if (str && atoi(str)>0)
- iterations = atoi(str);
- }
- break;
-
- case 't': {
- char *type;
-
- type = strdup(optstate->value);
- crlType = atoi (type);
- if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) {
- fprintf(stderr, "%s: invalid crl type\n", progName);
- PL_DestroyOptState(optstate);
- return -1;
- }
- break;
-
- case 'u':
- url = strdup(optstate->value);
- break;
- }
- }
- }
- PL_DestroyOptState(optstate);
-
- if (deleteCRL && !nickName) Usage (progName);
- if (!(listCRL || deleteCRL || importCRL || test || erase)) Usage (progName);
- if (importCRL && !inFile) Usage (progName);
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- secstatus = NSS_Initialize(SECU_ConfigDirectory(NULL), dbPrefix, dbPrefix,
- "secmod.db", 0);
- if (secstatus != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle == NULL) {
- SECU_PrintError(progName, "unable to open the cert db");
- /*ignoring return value of NSS_Shutdown() as code returns -1*/
- (void) NSS_Shutdown();
- return (-1);
- }
-
- for (i=0; i<iterations; i++) {
- /* Read in the private key info */
- if (deleteCRL)
- DeleteCRL (certHandle, nickName, crlType);
- else if (listCRL) {
- ListCRL (certHandle, nickName, crlType);
- }
- else if (importCRL) {
- rv = ImportCRL (certHandle, url, crlType, inFile, importOptions,
- decodeOptions);
- }
- else if (erase) {
- /* list and delete all CRLs */
- ListCRLNames (certHandle, crlType, PR_TRUE);
- }
-#ifdef DEBUG
- else if (test) {
- /* list and delete all CRLs */
- ListCRLNames (certHandle, crlType, PR_TRUE);
- /* list CRLs */
- ListCRLNames (certHandle, crlType, PR_FALSE);
- /* import CRL as a blob */
- rv = ImportCRL (certHandle, url, crlType, inFile, importOptions,
- decodeOptions);
- /* list CRLs */
- ListCRLNames (certHandle, crlType, PR_FALSE);
- }
-#endif
- }
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return (rv);
-}
diff --git a/security/nss/cmd/crlutil/makefile.win b/security/nss/cmd/crlutil/makefile.win
deleted file mode 100644
index 1f1b627ff..000000000
--- a/security/nss/cmd/crlutil/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = crlutil
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/crlutil/manifest.mn b/security/nss/cmd/crlutil/manifest.mn
deleted file mode 100644
index 169deb28a..000000000
--- a/security/nss/cmd/crlutil/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = crlutil.c
-
-# this has to be different for NT and UNIX.
-# PROGRAM = ./$(OBJDIR)/crlutil.exe
-PROGRAM = crlutil
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/crmf-cgi/Makefile b/security/nss/cmd/crmf-cgi/Makefile
deleted file mode 100644
index 23cb6f6b5..000000000
--- a/security/nss/cmd/crmf-cgi/Makefile
+++ /dev/null
@@ -1,81 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(DIST)/lib/crmf.lib
-else
-EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX)
-endif
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/crmf-cgi/config.mk b/security/nss/cmd/crmf-cgi/config.mk
deleted file mode 100644
index bcbaa2804..000000000
--- a/security/nss/cmd/crmf-cgi/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY =
-
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.c b/security/nss/cmd/crmf-cgi/crmfcgi.c
deleted file mode 100644
index 72199cfd5..000000000
--- a/security/nss/cmd/crmf-cgi/crmfcgi.c
+++ /dev/null
@@ -1,1124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#include "nss.h"
-#include "key.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "secmod.h"
-#include "cmmf.h"
-#include "crmf.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "cryptohi.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#define DEFAULT_ALLOC_SIZE 200
-#define DEFAULT_CGI_VARS 20
-
-typedef struct CGIVariableStr {
- char *name;
- char *value;
-} CGIVariable;
-
-typedef struct CGIVarTableStr {
- CGIVariable **variables;
- int numVars;
- int numAlloc;
-} CGIVarTable;
-
-typedef struct CertResponseInfoStr {
- CERTCertificate *cert;
- long certReqID;
-} CertResponseInfo;
-
-typedef struct ChallengeCreationInfoStr {
- long random;
- SECKEYPublicKey *pubKey;
-} ChallengeCreationInfo;
-
-char *missingVar = NULL;
-
-/*
- * Error values.
- */
-typedef enum {
- NO_ERROR = 0,
- NSS_INIT_FAILED,
- AUTH_FAILED,
- REQ_CGI_VAR_NOT_PRESENT,
- CRMF_REQ_NOT_PRESENT,
- BAD_ASCII_FOR_REQ,
- CGI_VAR_MISSING,
- COULD_NOT_FIND_CA,
- COULD_NOT_DECODE_REQS,
- OUT_OF_MEMORY,
- ERROR_RETRIEVING_REQUEST_MSG,
- ERROR_RETRIEVING_CERT_REQUEST,
- ERROR_RETRIEVING_SUBJECT_FROM_REQ,
- ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ,
- ERROR_CREATING_NEW_CERTIFICATE,
- COULD_NOT_START_EXTENSIONS,
- ERROR_RETRIEVING_EXT_FROM_REQ,
- ERROR_ADDING_EXT_TO_CERT,
- ERROR_ENDING_EXTENSIONS,
- COULD_NOT_FIND_ISSUER_PRIVATE_KEY,
- UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER,
- ERROR_SETTING_SIGN_ALG,
- ERROR_ENCODING_NEW_CERT,
- ERROR_SIGNING_NEW_CERT,
- ERROR_CREATING_CERT_REP_CONTENT,
- ERROR_CREATING_SINGLE_CERT_RESPONSE,
- ERROR_SETTING_CERT_RESPONSES,
- ERROR_CREATING_CA_LIST,
- ERROR_ADDING_ISSUER_TO_CA_LIST,
- ERROR_ENCODING_CERT_REP_CONTENT,
- NO_POP_FOR_REQUEST,
- UNSUPPORTED_POP,
- ERROR_RETRIEVING_POP_SIGN_KEY,
- ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY,
- ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY,
- DO_CHALLENGE_RESPONSE,
- ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT,
- ERROR_ENCODING_CERT_REQ_FOR_POP,
- ERROR_VERIFYING_SIGNATURE_POP,
- ERROR_RETRIEVING_PUB_KEY_FOR_CHALL,
- ERROR_CREATING_EMPTY_CHAL_CONTENT,
- ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER,
- ERROR_SETTING_CHALLENGE,
- ERROR_ENCODING_CHALL,
- ERROR_CONVERTING_CHALL_TO_BASE64,
- ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN,
- ERROR_CREATING_KEY_RESP_FROM_DER,
- ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE,
- ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED,
- ERROR_GETTING_KEY_ENCIPHERMENT,
- ERROR_NO_POP_FOR_PRIVKEY,
- ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE
-} ErrorCode;
-
-const char *
-CGITableFindValue(CGIVarTable *varTable, const char *key);
-
-void
-spitOutHeaders(void)
-{
- printf("Content-type: text/html\n\n");
-}
-
-void
-dumpRequest(CGIVarTable *varTable)
-{
- int i;
- CGIVariable *var;
-
- printf ("<table border=1 cellpadding=1 cellspacing=1 width=\"100%%\">\n");
- printf ("<tr><td><b><center>Variable Name<center></b></td>"
- "<td><b><center>Value</center></b></td></tr>\n");
- for (i=0; i<varTable->numVars; i++) {
- var = varTable->variables[i];
- printf ("<tr><td><pre>%s</pre></td><td><pre>%s</pre></td></tr>\n",
- var->name, var->value);
- }
- printf("</table>\n");
-}
-
-void
-echo_request(CGIVarTable *varTable)
-{
- spitOutHeaders();
- printf("<html><head><title>CGI Echo Page</title></head>\n"
- "<body><h1>Got the following request</h1>\n");
- dumpRequest(varTable);
- printf("</body></html>");
-}
-
-void
-processVariable(CGIVariable *var)
-{
- char *plusSign, *percentSign;
-
- /*First look for all of the '+' and convert them to spaces */
- plusSign = var->value;
- while ((plusSign=strchr(plusSign, '+')) != NULL) {
- *plusSign = ' ';
- }
- percentSign = var->value;
- while ((percentSign=strchr(percentSign, '%')) != NULL) {
- char string[3];
- int value;
-
- string[0] = percentSign[1];
- string[1] = percentSign[2];
- string[2] = '\0';
-
- sscanf(string,"%x", &value);
- *percentSign = (char)value;
- memmove(&percentSign[1], &percentSign[3], 1+strlen(&percentSign[3]));
- }
-}
-
-char *
-parseNextVariable(CGIVarTable *varTable, char *form_output)
-{
- char *ampersand, *equal;
- CGIVariable *var;
-
- if (varTable->numVars == varTable->numAlloc) {
- CGIVariable **newArr = realloc(varTable->variables,
- (varTable->numAlloc + DEFAULT_CGI_VARS)*sizeof(CGIVariable*));
- if (newArr == NULL) {
- return NULL;
- }
- varTable->variables = newArr;
- varTable->numAlloc += DEFAULT_CGI_VARS;
- }
- equal = strchr(form_output, '=');
- if (equal == NULL) {
- return NULL;
- }
- ampersand = strchr(equal, '&');
- if (ampersand == NULL) {
- return NULL;
- }
- equal[0] = '\0';
- if (ampersand != NULL) {
- ampersand[0] = '\0';
- }
- var = malloc(sizeof(CGIVariable));
- var->name = form_output;
- var->value = &equal[1];
- varTable->variables[varTable->numVars] = var;
- varTable->numVars++;
- processVariable(var);
- return (ampersand != NULL) ? &ampersand[1] : NULL;
-}
-
-void
-ParseInputVariables(CGIVarTable *varTable, char *form_output)
-{
- varTable->variables = malloc(sizeof(CGIVariable*)*DEFAULT_CGI_VARS);
- varTable->numVars = 0;
- varTable->numAlloc = DEFAULT_CGI_VARS;
- while (form_output && form_output[0] != '\0') {
- form_output = parseNextVariable(varTable, form_output);
- }
-}
-
-const char *
-CGITableFindValue(CGIVarTable *varTable, const char *key)
-{
- const char *retVal = NULL;
- int i;
-
- for (i=0; i<varTable->numVars; i++) {
- if (strcmp(varTable->variables[i]->name, key) == 0) {
- retVal = varTable->variables[i]->value;
- break;
- }
- }
- return retVal;
-}
-
-char*
-passwordCallback(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- const char *passwd;
- if (retry) {
- return NULL;
- }
- passwd = CGITableFindValue((CGIVarTable*)arg, "dbPassword");
- if (passwd == NULL) {
- return NULL;
- }
- return PORT_Strdup(passwd);
-}
-
-ErrorCode
-initNSS(CGIVarTable *varTable)
-{
- const char *nssDir;
- PK11SlotInfo *keySlot;
- SECStatus rv;
-
- nssDir = CGITableFindValue(varTable,"NSSDirectory");
- if (nssDir == NULL) {
- missingVar = "NSSDirectory";
- return REQ_CGI_VAR_NOT_PRESENT;
- }
- rv = NSS_Init(nssDir);
- if (rv != SECSuccess) {
- return NSS_INIT_FAILED;
- }
- PK11_SetPasswordFunc(passwordCallback);
- keySlot = PK11_GetInternalKeySlot();
- rv = PK11_Authenticate(keySlot, PR_FALSE, varTable);
- PK11_FreeSlot(keySlot);
- if (rv != SECSuccess) {
- return AUTH_FAILED;
- }
- return NO_ERROR;
-}
-
-void
-dumpErrorMessage(ErrorCode errNum)
-{
- spitOutHeaders();
- printf("<html><head><title>Error</title></head><body><h1>Error processing "
- "data</h1> Received the error %d<p>", errNum);
- if (errNum == REQ_CGI_VAR_NOT_PRESENT) {
- printf ("The missing variable is %s.", missingVar);
- }
- printf ("<i>More useful information here in the future.</i></body></html>");
-}
-
-ErrorCode
-initOldCertReq(CERTCertificateRequest *oldCertReq,
- CERTName *subject, CERTSubjectPublicKeyInfo *spki)
-{
- PRArenaPool *poolp;
-
- poolp = oldCertReq->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SEC_ASN1EncodeInteger(poolp, &oldCertReq->version,
- SEC_CERTIFICATE_VERSION_3);
- CERT_CopyName(poolp, &oldCertReq->subject, subject);
- SECKEY_CopySubjectPublicKeyInfo(poolp, &oldCertReq->subjectPublicKeyInfo,
- spki);
- oldCertReq->attributes = NULL;
- return NO_ERROR;
-}
-
-ErrorCode
-addExtensions(CERTCertificate *newCert, CRMFCertRequest *certReq)
-{
- int numExtensions, i;
- void *extHandle;
- ErrorCode rv = NO_ERROR;
- CRMFCertExtension *ext;
- SECStatus srv;
-
- numExtensions = CRMF_CertRequestGetNumberOfExtensions(certReq);
- if (numExtensions == 0) {
- /* No extensions to add */
- return NO_ERROR;
- }
- extHandle = CERT_StartCertExtensions(newCert);
- if (extHandle == NULL) {
- rv = COULD_NOT_START_EXTENSIONS;
- goto loser;
- }
- for (i=0; i<numExtensions; i++) {
- ext = CRMF_CertRequestGetExtensionAtIndex(certReq, i);
- if (ext == NULL) {
- rv = ERROR_RETRIEVING_EXT_FROM_REQ;
- }
- srv = CERT_AddExtension(extHandle, CRMF_CertExtensionGetOidTag(ext),
- CRMF_CertExtensionGetValue(ext),
- CRMF_CertExtensionGetIsCritical(ext), PR_FALSE);
- if (srv != SECSuccess) {
- rv = ERROR_ADDING_EXT_TO_CERT;
- }
- }
- srv = CERT_FinishExtensions(extHandle);
- if (srv != SECSuccess) {
- rv = ERROR_ENDING_EXTENSIONS;
- goto loser;
- }
- return NO_ERROR;
- loser:
- return rv;
-}
-
-void
-writeOutItem(const char *filePath, SECItem *der)
-{
- PRFileDesc *outfile;
-
- outfile = PR_Open (filePath,
- PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- PR_Write(outfile, der->data, der->len);
- PR_Close(outfile);
-
-}
-
-ErrorCode
-createNewCert(CERTCertificate**issuedCert,CERTCertificateRequest *oldCertReq,
- CRMFCertReqMsg *currReq, CRMFCertRequest *certReq,
- CERTCertificate *issuerCert, CGIVarTable *varTable)
-{
- CERTCertificate *newCert = NULL;
- CERTValidity *validity;
- PRExplodedTime printableTime;
- PRTime now, after;
- ErrorCode rv=NO_ERROR;
- SECKEYPrivateKey *issuerPrivKey;
- SECItem derCert = { 0 };
- SECOidTag signTag;
- SECStatus srv;
- long version;
-
- now = PR_Now();
- PR_ExplodeTime(now, PR_GMTParameters, &printableTime);
- printableTime.tm_month += 9;
- after = PR_ImplodeTime(&printableTime);
- validity = CERT_CreateValidity(now, after);
- newCert = *issuedCert =
- CERT_CreateCertificate(rand(), &(issuerCert->subject), validity,
- oldCertReq);
- if (newCert == NULL) {
- rv = ERROR_CREATING_NEW_CERTIFICATE;
- goto loser;
- }
- rv = addExtensions(newCert, certReq);
- if (rv != NO_ERROR) {
- goto loser;
- }
- issuerPrivKey = PK11_FindKeyByAnyCert(issuerCert, varTable);
- if (issuerPrivKey == NULL) {
- rv = COULD_NOT_FIND_ISSUER_PRIVATE_KEY;
- }
- switch(issuerPrivKey->keyType) {
- case rsaKey:
- signTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- signTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- rv = UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER;
- goto loser;
- }
- srv = SECOID_SetAlgorithmID(newCert->arena, &newCert->signature,
- signTag, 0);
- if (srv != SECSuccess) {
- rv = ERROR_SETTING_SIGN_ALG;
- goto loser;
- }
- srv = CRMF_CertRequestGetCertTemplateVersion(certReq, &version);
- if (srv != SECSuccess) {
- /* No version included in the request */
- *(newCert->version.data) = SEC_CERTIFICATE_VERSION_3;
- } else {
- SECITEM_FreeItem(&newCert->version, PR_FALSE);
- SEC_ASN1EncodeInteger(newCert->arena, &newCert->version, version);
- }
- SEC_ASN1EncodeItem(newCert->arena, &derCert, newCert,
- CERT_CertificateTemplate);
- if (derCert.data == NULL) {
- rv = ERROR_ENCODING_NEW_CERT;
- goto loser;
- }
- srv = SEC_DerSignData(newCert->arena, &(newCert->derCert), derCert.data,
- derCert.len, issuerPrivKey, signTag);
- if (srv != SECSuccess) {
- rv = ERROR_SIGNING_NEW_CERT;
- goto loser;
- }
-#ifdef WRITE_OUT_RESPONSE
- writeOutItem("newcert.der", &newCert->derCert);
-#endif
- return NO_ERROR;
- loser:
- *issuedCert = NULL;
- if (newCert) {
- CERT_DestroyCertificate(newCert);
- }
- return rv;
-
-}
-
-void
-formatCMMFResponse(char *nickname, char *base64Response)
-{
- char *currLine, *nextLine;
-
- printf("var retVal = crypto.importUserCertificates(\"%s\",\n", nickname);
- currLine = base64Response;
- while (1) {
- nextLine = strchr(currLine, '\n');
- if (nextLine == NULL) {
- /* print out the last line here. */
- printf ("\"%s\",\n", currLine);
- break;
- }
- nextLine[0] = '\0';
- printf("\"%s\\n\"+\n", currLine);
- currLine = nextLine+1;
- }
- printf("true);\n"
- "if(retVal == '') {\n"
- "\tdocument.write(\"<h1>New Certificate Succesfully Imported.</h1>\");\n"
- "} else {\n"
- "\tdocument.write(\"<h2>Unable to import New Certificate</h2>\");\n"
- "\tdocument.write(\"crypto.importUserCertificates returned <b>\");\n"
- "\tdocument.write(retVal);\n"
- "\tdocument.write(\"</b>\");\n"
- "}\n");
-}
-
-void
-spitOutCMMFResponse(char *nickname, char *base64Response)
-{
- spitOutHeaders();
- printf("<html>\n<head>\n<title>CMMF Resonse Page</title>\n</head>\n\n"
- "<body><h1>CMMF Response Page</h1>\n"
- "<script language=\"JavaScript\">\n"
- "<!--\n");
- formatCMMFResponse(nickname, base64Response);
- printf("// -->\n"
- "</script>\n</body>\n</html>");
-}
-
-char*
-getNickname(CERTCertificate *cert)
-{
- char *nickname;
-
- if (cert->nickname != NULL) {
- return cert->nickname;
- }
- nickname = CERT_GetCommonName(&cert->subject);
- if (nickname != NULL) {
- return nickname;
- }
- return CERT_NameToAscii(&cert->subject);
-}
-
-ErrorCode
-createCMMFResponse(CertResponseInfo *issuedCerts, int numCerts,
- CERTCertificate *issuerCert, char **base64der)
-{
- CMMFCertRepContent *certRepContent=NULL;
- ErrorCode rv = NO_ERROR;
- CMMFCertResponse **responses, *currResponse;
- CERTCertList *caList;
- int i;
- SECStatus srv;
- PRArenaPool *poolp;
- SECItem *der;
-
- certRepContent = CMMF_CreateCertRepContent();
- if (certRepContent == NULL) {
- rv = ERROR_CREATING_CERT_REP_CONTENT;
- goto loser;
- }
- responses = PORT_NewArray(CMMFCertResponse*, numCerts);
- if (responses == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- for (i=0; i<numCerts;i++) {
- responses[i] = currResponse =
- CMMF_CreateCertResponse(issuedCerts[i].certReqID);
- if (currResponse == NULL) {
- rv = ERROR_CREATING_SINGLE_CERT_RESPONSE;
- goto loser;
- }
- CMMF_CertResponseSetPKIStatusInfoStatus(currResponse, cmmfGranted);
- CMMF_CertResponseSetCertificate(currResponse, issuedCerts[i].cert);
- }
- srv = CMMF_CertRepContentSetCertResponses(certRepContent, responses,
- numCerts);
- if (srv != SECSuccess) {
- rv = ERROR_SETTING_CERT_RESPONSES;
- goto loser;
- }
- caList = CERT_NewCertList();
- if (caList == NULL) {
- rv = ERROR_CREATING_CA_LIST;
- goto loser;
- }
- srv = CERT_AddCertToListTail(caList, issuerCert);
- if (srv != SECSuccess) {
- rv = ERROR_ADDING_ISSUER_TO_CA_LIST;
- goto loser;
- }
- srv = CMMF_CertRepContentSetCAPubs(certRepContent, caList);
- CERT_DestroyCertList(caList);
- poolp = PORT_NewArena(1024);
- der = SEC_ASN1EncodeItem(poolp, NULL, certRepContent,
- CMMFCertRepContentTemplate);
- if (der == NULL) {
- rv = ERROR_ENCODING_CERT_REP_CONTENT;
- goto loser;
- }
-#ifdef WRITE_OUT_RESPONSE
- writeOutItem("CertRepContent.der", der);
-#endif
- *base64der = BTOA_DataToAscii(der->data, der->len);
- return NO_ERROR;
- loser:
- return rv;
-}
-
-ErrorCode
-issueCerts(CertResponseInfo *issuedCerts, int numCerts,
- CERTCertificate *issuerCert)
-{
- ErrorCode rv;
- char *base64Response;
-
- rv = createCMMFResponse(issuedCerts, numCerts, issuerCert, &base64Response);
- if (rv != NO_ERROR) {
- goto loser;
- }
- spitOutCMMFResponse(getNickname(issuedCerts[0].cert),base64Response);
- return NO_ERROR;
- loser:
- return rv;
-}
-
-ErrorCode
-verifySignature(CGIVarTable *varTable, CRMFCertReqMsg *currReq,
- CRMFCertRequest *certReq, CERTCertificate *newCert)
-{
- SECStatus srv;
- ErrorCode rv = NO_ERROR;
- CRMFPOPOSigningKey *signKey = NULL;
- SECAlgorithmID *algID = NULL;
- SECItem *signature = NULL;
- SECKEYPublicKey *pubKey = NULL;
- SECItem *reqDER = NULL;
-
- srv = CRMF_CertReqMsgGetPOPOSigningKey(currReq, &signKey);
- if (srv != SECSuccess || signKey == NULL) {
- rv = ERROR_RETRIEVING_POP_SIGN_KEY;
- goto loser;
- }
- algID = CRMF_POPOSigningKeyGetAlgID(signKey);
- if (algID == NULL) {
- rv = ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY;
- goto loser;
- }
- signature = CRMF_POPOSigningKeyGetSignature(signKey);
- if (signature == NULL) {
- rv = ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY;
- goto loser;
- }
- /* Make the length the number of bytes instead of bits */
- signature->len = (signature->len+7)/8;
- pubKey = CERT_ExtractPublicKey(newCert);
- if (pubKey == NULL) {
- rv = ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT;
- goto loser;
- }
- reqDER = SEC_ASN1EncodeItem(NULL, NULL, certReq, CRMFCertRequestTemplate);
- if (reqDER == NULL) {
- rv = ERROR_ENCODING_CERT_REQ_FOR_POP;
- goto loser;
- }
- srv = VFY_VerifyData(reqDER->data, reqDER->len, pubKey, signature,
- SECOID_FindOIDTag(&algID->algorithm), varTable);
- if (srv != SECSuccess) {
- rv = ERROR_VERIFYING_SIGNATURE_POP;
- goto loser;
- }
- /* Fall thru in successfull case. */
- loser:
- if (pubKey != NULL) {
- SECKEY_DestroyPublicKey(pubKey);
- }
- if (reqDER != NULL) {
- SECITEM_FreeItem(reqDER, PR_TRUE);
- }
- if (signature != NULL) {
- SECITEM_FreeItem(signature, PR_TRUE);
- }
- if (algID != NULL) {
- SECOID_DestroyAlgorithmID(algID, PR_TRUE);
- }
- if (signKey != NULL) {
- CRMF_DestroyPOPOSigningKey(signKey);
- }
- return rv;
-}
-
-ErrorCode
-doChallengeResponse(CGIVarTable *varTable, CRMFCertReqMsg *currReq,
- CRMFCertRequest *certReq, CERTCertificate *newCert,
- ChallengeCreationInfo *challs, int *numChall)
-{
- CRMFPOPOPrivKey *privKey = NULL;
- CRMFPOPOPrivKeyChoice privKeyChoice;
- SECStatus srv;
- ErrorCode rv = NO_ERROR;
-
- srv = CRMF_CertReqMsgGetPOPKeyEncipherment(currReq, &privKey);
- if (srv != SECSuccess || privKey == NULL) {
- rv = ERROR_GETTING_KEY_ENCIPHERMENT;
- goto loser;
- }
- privKeyChoice = CRMF_POPOPrivKeyGetChoice(privKey);
- CRMF_DestroyPOPOPrivKey(privKey);
- switch (privKeyChoice) {
- case crmfSubsequentMessage:
- challs = &challs[*numChall];
- challs->random = rand();
- challs->pubKey = CERT_ExtractPublicKey(newCert);
- if (challs->pubKey == NULL) {
- rv = ERROR_RETRIEVING_PUB_KEY_FOR_CHALL;
- goto loser;
- }
- (*numChall)++;
- rv = DO_CHALLENGE_RESPONSE;
- break;
- case crmfThisMessage:
- /* There'd better be a PKIArchiveControl in this message */
- if (!CRMF_CertRequestIsControlPresent(certReq,
- crmfPKIArchiveOptionsControl)) {
- rv = ERROR_NO_POP_FOR_PRIVKEY;
- goto loser;
- }
- break;
- default:
- rv = ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE;
- goto loser;
- }
-loser:
- return rv;
-}
-
-ErrorCode
-doProofOfPossession(CGIVarTable *varTable, CRMFCertReqMsg *currReq,
- CRMFCertRequest *certReq, CERTCertificate *newCert,
- ChallengeCreationInfo *challs, int *numChall)
-{
- CRMFPOPChoice popChoice;
- ErrorCode rv = NO_ERROR;
-
- popChoice = CRMF_CertReqMsgGetPOPType(currReq);
- if (popChoice == crmfNoPOPChoice) {
- rv = NO_POP_FOR_REQUEST;
- goto loser;
- }
- switch (popChoice) {
- case crmfSignature:
- rv = verifySignature(varTable, currReq, certReq, newCert);
- break;
- case crmfKeyEncipherment:
- rv = doChallengeResponse(varTable, currReq, certReq, newCert,
- challs, numChall);
- break;
- case crmfRAVerified:
- case crmfKeyAgreement:
- default:
- rv = UNSUPPORTED_POP;
- goto loser;
- }
- loser:
- return rv;
-}
-
-void
-convertB64ToJS(char *base64)
-{
- int i;
-
- for (i=0; base64[i] != '\0'; i++) {
- if (base64[i] == '\n') {
- printf ("\\n");
- }else {
- printf ("%c", base64[i]);
- }
- }
-}
-
-void
-formatChallenge(char *chall64, char *certRepContentDER,
- ChallengeCreationInfo *challInfo, int numChalls)
-{
- printf ("function respondToChallenge() {\n"
- " var chalForm = document.chalForm;\n\n"
- " chalForm.CertRepContent.value = '");
- convertB64ToJS(certRepContentDER);
- printf ("';\n"
- " chalForm.ChallResponse.value = crypto.popChallengeResponse('");
- convertB64ToJS(chall64);
- printf("');\n"
- " chalForm.submit();\n"
- "}\n");
-
-}
-
-void
-spitOutChallenge(char *chall64, char *certRepContentDER,
- ChallengeCreationInfo *challInfo, int numChalls,
- char *nickname)
-{
- int i;
-
- spitOutHeaders();
- printf("<html>\n"
- "<head>\n"
- "<title>Challenge Page</title>\n"
- "<script language=\"JavaScript\">\n"
- "<!--\n");
- /* The JavaScript function actually gets defined within
- * this function call
- */
- formatChallenge(chall64, certRepContentDER, challInfo, numChalls);
- printf("// -->\n"
- "</script>\n"
- "</head>\n"
- "<body onLoad='respondToChallenge()'>\n"
- "<h1>Cartman is now responding to the Challenge "
- "presented by the CGI</h1>\n"
- "<form action='crmfcgi' method='post' name='chalForm'>\n"
- "<input type='hidden' name=CertRepContent value=''>\n"
- "<input type='hidden' name=ChallResponse value=''>\n");
- for (i=0;i<numChalls; i++) {
- printf("<input type='hidden' name='chal%d' value='%d'>\n",
- i+1, challInfo[i].random);
- }
- printf("<input type='hidden' name='nickname' value='%s'>\n", nickname);
- printf("</form>\n</body>\n</html>");
-}
-
-ErrorCode
-issueChallenge(CertResponseInfo *issuedCerts, int numCerts,
- ChallengeCreationInfo *challInfo, int numChalls,
- CERTCertificate *issuer, CGIVarTable *varTable)
-{
- ErrorCode rv = NO_ERROR;
- CMMFPOPODecKeyChallContent *chalContent = NULL;
- int i;
- SECStatus srv;
- PRArenaPool *poolp;
- CERTGeneralName *genName;
- SECItem *challDER = NULL;
- char *chall64, *certRepContentDER;
-
- rv = createCMMFResponse(issuedCerts, numCerts, issuer,
- &certRepContentDER);
- if (rv != NO_ERROR) {
- goto loser;
- }
- chalContent = CMMF_CreatePOPODecKeyChallContent();
- if (chalContent == NULL) {
- rv = ERROR_CREATING_EMPTY_CHAL_CONTENT;
- goto loser;
- }
- poolp = PORT_NewArena(1024);
- if (poolp == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- genName = CERT_GetCertificateNames(issuer, poolp);
- if (genName == NULL) {
- rv = ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER;
- goto loser;
- }
- for (i=0;i<numChalls;i++) {
- srv = CMMF_POPODecKeyChallContentSetNextChallenge(chalContent,
- challInfo[i].random,
- genName,
- challInfo[i].pubKey,
- varTable);
- SECKEY_DestroyPublicKey(challInfo[i].pubKey);
- if (srv != SECSuccess) {
- rv = ERROR_SETTING_CHALLENGE;
- goto loser;
- }
- }
- challDER = SEC_ASN1EncodeItem(NULL, NULL, chalContent,
- CMMFPOPODecKeyChallContentTemplate);
- if (challDER == NULL) {
- rv = ERROR_ENCODING_CHALL;
- goto loser;
- }
- chall64 = BTOA_DataToAscii(challDER->data, challDER->len);
- SECITEM_FreeItem(challDER, PR_TRUE);
- if (chall64 == NULL) {
- rv = ERROR_CONVERTING_CHALL_TO_BASE64;
- goto loser;
- }
- spitOutChallenge(chall64, certRepContentDER, challInfo, numChalls,
- getNickname(issuedCerts[0].cert));
- loser:
- return rv;
-}
-
-
-ErrorCode
-processRequest(CGIVarTable *varTable)
-{
- CERTCertDBHandle *certdb;
- SECKEYKeyDBHandle *keydb;
- CRMFCertReqMessages *certReqs = NULL;
- const char *crmfReq;
- const char *caNickname;
- CERTCertificate *caCert = NULL;
- CertResponseInfo *issuedCerts = NULL;
- CERTSubjectPublicKeyInfo spki = { 0 };
- ErrorCode rv=NO_ERROR;
- PRBool doChallengeResponse = PR_FALSE;
- SECItem der = { 0 };
- SECStatus srv;
- CERTCertificateRequest oldCertReq = { 0 };
- CRMFCertReqMsg **reqMsgs = NULL,*currReq = NULL;
- CRMFCertRequest **reqs = NULL, *certReq = NULL;
- CERTName subject = { 0 };
- int numReqs,i;
- ChallengeCreationInfo *challInfo=NULL;
- int numChalls = 0;
-
- certdb = CERT_GetDefaultCertDB();
- keydb = SECKEY_GetDefaultKeyDB();
- crmfReq = CGITableFindValue(varTable, "CRMFRequest");
- if (crmfReq == NULL) {
- rv = CGI_VAR_MISSING;
- missingVar = "CRMFRequest";
- goto loser;
- }
- caNickname = CGITableFindValue(varTable, "CANickname");
- if (caNickname == NULL) {
- rv = CGI_VAR_MISSING;
- missingVar = "CANickname";
- goto loser;
- }
- caCert = CERT_FindCertByNickname(certdb, caNickname);
- if (caCert == NULL) {
- rv = COULD_NOT_FIND_CA;
- goto loser;
- }
- srv = ATOB_ConvertAsciiToItem(&der, crmfReq);
- if (srv != SECSuccess) {
- rv = BAD_ASCII_FOR_REQ;
- goto loser;
- }
- certReqs = CRMF_CreateCertReqMessagesFromDER(der.data, der.len);
- SECITEM_FreeItem(&der, PR_FALSE);
- if (certReqs == NULL) {
- rv = COULD_NOT_DECODE_REQS;
- goto loser;
- }
- numReqs = CRMF_CertReqMessagesGetNumMessages(certReqs);
- issuedCerts = PORT_ZNewArray(CertResponseInfo, numReqs);
- challInfo = PORT_ZNewArray(ChallengeCreationInfo, numReqs);
- if (issuedCerts == NULL || challInfo == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- reqMsgs = PORT_ZNewArray(CRMFCertReqMsg*, numReqs);
- reqs = PORT_ZNewArray(CRMFCertRequest*, numReqs);
- if (reqMsgs == NULL || reqs == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- for (i=0; i<numReqs; i++) {
- currReq = reqMsgs[i] =
- CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqs, i);
- if (currReq == NULL) {
- rv = ERROR_RETRIEVING_REQUEST_MSG;
- goto loser;
- }
- certReq = reqs[i] = CRMF_CertReqMsgGetCertRequest(currReq);
- if (certReq == NULL) {
- rv = ERROR_RETRIEVING_CERT_REQUEST;
- goto loser;
- }
- srv = CRMF_CertRequestGetCertTemplateSubject(certReq, &subject);
- if (srv != SECSuccess) {
- rv = ERROR_RETRIEVING_SUBJECT_FROM_REQ;
- goto loser;
- }
- srv = CRMF_CertRequestGetCertTemplatePublicKey(certReq, &spki);
- if (srv != SECSuccess) {
- rv = ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ;
- goto loser;
- }
- rv = initOldCertReq(&oldCertReq, &subject, &spki);
- if (rv != NO_ERROR) {
- goto loser;
- }
- rv = createNewCert(&issuedCerts[i].cert, &oldCertReq, currReq, certReq,
- caCert, varTable);
- if (rv != NO_ERROR) {
- goto loser;
- }
- rv = doProofOfPossession(varTable, currReq, certReq, issuedCerts[i].cert,
- challInfo, &numChalls);
- if (rv != NO_ERROR) {
- if (rv == DO_CHALLENGE_RESPONSE) {
- doChallengeResponse = PR_TRUE;
- } else {
- goto loser;
- }
- }
- CRMF_CertReqMsgGetID(currReq, &issuedCerts[i].certReqID);
- CRMF_DestroyCertReqMsg(currReq);
- CRMF_DestroyCertRequest(certReq);
- }
- if (doChallengeResponse) {
- rv = issueChallenge(issuedCerts, numReqs, challInfo, numChalls, caCert,
- varTable);
- } else {
- rv = issueCerts(issuedCerts, numReqs, caCert);
- }
- loser:
- if (certReqs != NULL) {
- CRMF_DestroyCertReqMessages(certReqs);
- }
- return rv;
-}
-
-ErrorCode
-processChallengeResponse(CGIVarTable *varTable, const char *certRepContent)
-{
- SECItem binDER = { 0 };
- SECStatus srv;
- ErrorCode rv = NO_ERROR;
- const char *clientResponse;
- const char *formChalValue;
- const char *nickname;
- CMMFPOPODecKeyRespContent *respContent = NULL;
- int numResponses,i;
- long curResponse, expectedResponse;
- char cgiChalVar[10];
-#ifdef WRITE_OUT_RESPONSE
- SECItem certRepBinDER = { 0 };
-
- ATOB_ConvertAsciiToItem(&certRepBinDER, certRepContent);
- writeOutItem("challCertRepContent.der", &certRepBinDER);
- PORT_Free(certRepBinDER.data);
-#endif
- clientResponse = CGITableFindValue(varTable, "ChallResponse");
- if (clientResponse == NULL) {
- rv = REQ_CGI_VAR_NOT_PRESENT;
- missingVar = "ChallResponse";
- goto loser;
- }
- srv = ATOB_ConvertAsciiToItem(&binDER, clientResponse);
- if (srv != SECSuccess) {
- rv = ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN;
- goto loser;
- }
- respContent = CMMF_CreatePOPODecKeyRespContentFromDER(binDER.data,
- binDER.len);
- SECITEM_FreeItem(&binDER, PR_FALSE);
- binDER.data = NULL;
- if (respContent == NULL) {
- rv = ERROR_CREATING_KEY_RESP_FROM_DER;
- goto loser;
- }
- numResponses = CMMF_POPODecKeyRespContentGetNumResponses(respContent);
- for (i=0;i<numResponses;i++){
- srv = CMMF_POPODecKeyRespContentGetResponse(respContent,i,&curResponse);
- if (srv != SECSuccess) {
- rv = ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE;
- goto loser;
- }
- sprintf(cgiChalVar, "chal%d", i+1);
- formChalValue = CGITableFindValue(varTable, cgiChalVar);
- if (formChalValue == NULL) {
- rv = REQ_CGI_VAR_NOT_PRESENT;
- missingVar = strdup(cgiChalVar);
- goto loser;
- }
- sscanf(formChalValue, "%ld", &expectedResponse);
- if (expectedResponse != curResponse) {
- rv = ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED;
- goto loser;
- }
- }
- nickname = CGITableFindValue(varTable, "nickname");
- if (nickname == NULL) {
- rv = REQ_CGI_VAR_NOT_PRESENT;
- missingVar = "nickname";
- goto loser;
- }
- spitOutCMMFResponse(nickname, certRepContent);
- loser:
- if (respContent != NULL) {
- CMMF_DestroyPOPODecKeyRespContent(respContent);
- }
- return rv;
-}
-
-int
-main()
-{
- char *form_output = NULL;
- int form_output_len, form_output_used;
- CGIVarTable varTable = { 0 };
- ErrorCode errNum = 0;
- char *certRepContent;
-
-#ifdef ATTACH_CGI
- /* Put an ifinite loop in here so I can attach to
- * the process after the process is spun off
- */
- { int stupid = 1;
- while (stupid);
- }
-#endif
-
- form_output_used = 0;
- srand(time(NULL));
- while (feof(stdin) == 0) {
- if (form_output == NULL) {
- form_output = PORT_NewArray(char, DEFAULT_ALLOC_SIZE+1);
- form_output_len = DEFAULT_ALLOC_SIZE;
- } else if ((form_output_used + DEFAULT_ALLOC_SIZE) >= form_output_len) {
- form_output_len += DEFAULT_ALLOC_SIZE;
- form_output = PORT_Realloc(form_output, form_output_len+1);
- }
- form_output_used += fread(&form_output[form_output_used], sizeof(char),
- DEFAULT_ALLOC_SIZE, stdin);
- }
- ParseInputVariables(&varTable, form_output);
- certRepContent = CGITableFindValue(&varTable, "CertRepContent");
- if (certRepContent == NULL) {
- errNum = initNSS(&varTable);
- if (errNum != 0) {
- goto loser;
- }
- errNum = processRequest(&varTable);
- } else {
- errNum = processChallengeResponse(&varTable, certRepContent);
- }
- if (errNum != NO_ERROR) {
- goto loser;
- }
- goto done;
-loser:
- dumpErrorMessage(errNum);
-done:
- free (form_output);
- return 0;
-}
-
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.html b/security/nss/cmd/crmf-cgi/crmfcgi.html
deleted file mode 100644
index e91923ece..000000000
--- a/security/nss/cmd/crmf-cgi/crmfcgi.html
+++ /dev/null
@@ -1,165 +0,0 @@
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
-<html>
-<head>
-<title>CRMF Test Page for PSM</title>
-<script language=javascript>
-var request;
-//This variable must be set to the first value
-//in the select field "testType" in the form.
-var keyGenType="SigningOnlyRSA";
-
-var requestedDN = "CN=Javi CA Shack ID, O=NSS";
-
-function setTestType() {
- var testType = document.crmfForm.testType;
-
- keyGenType = testType.options[testType.selectedIndex].value;
-}
-
-function setRequest() {
- with (document.crmfForm) {
- CRMFRequest.value = request.request;
- submit();
- }
-}
-
-function generateSignAndEncryptRSARequest() {
- request = crypto.generateCRMFRequest(requestedDN,
- null, null, null, "setRequest()",
- crypto.algorithms.rsa.keyEx.keySizes[0],
- null, "rsa-dual-use");
-}
-
-function generateSigningOnlyRSARequest() {
- request = crypto.generateCRMFRequest(requestedDN,null,null,null,"setRequest()",
- crypto.algorithms.rsa.signing.keySizes[0],
- null, "rsa-sign");
-}
-
-function generateEncryptionOnlyRSARequest() {
- request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
- crypto.algorithms.rsa.keyEx.keySizes[0],
- null, "rsa-ex");
-}
-
-function generateDualRSAKeys() {
- request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
- crypto.algorithms.rsa.keyEx.keySizes[0],
- null, "rsa-ex",
- crypto.algorithms.rsa.signing.keySizes[0],
- null, "rsa-sign");
-}
-
-function generateDSAKey() {
- request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
- crypto.algorithms.dsa.keySizes[0],
- null, "dsa-sign-nonrepudiation");
-}
-
-function processForm(form) {
- with (form) {
- if (typeof(crypto.version) == "undefined") {
- alert('You must be running PSM in order to use this page.');
- return false;
- }
- if (NSSDirectory.value == "") {
- alert('You must provide a path for NSS to use.');
- return false;
- }
- if (dbPassword.value == "") {
- alert('You must provide a password for the certificate database.');
- return false;
- }
- if (CANickname.value == "") {
- alert('You must provide a CA Nickname to use.');
- return false;
- }
- //Now do the correct key generation.
- if (keyGenType == "SignAndEncryptRSA") {
- generateSignAndEncryptRSARequest();
- } else if (keyGenType == "SigningOnlyRSA") {
- generateSigningOnlyRSARequest();
- } else if (keyGenType == "EncryptionOnlyRSA") {
- generateEncryptionOnlyRSARequest();
- } else if (keyGenType == "DualRSAKeys") {
- generateDualRSAKeys();
- } else if (keyGenType == "DSAKeyGen") {
- generateDSAKey();
- }
- }
- return true;
-}
-</script>
-</head>
-<body>
-<h1><center>CRMF Test page for PSM</center></h1>
-This page is designed to be used in combination with the executable
-produced by ns/security/cmd/crmf-cgi in a CGI environment. In order
-to successfully use this page, modify its action to post to a a server
-where you have installed the crmfcgi executable and you'll be able to
-test the functionality.
-<hr>
-<form name="crmfForm" method=post action="http://www.cgi-site.com/cgi-bin/crmfcgi">
-<h2>Certificate Database information</h2>
-First, enter all the information for the CGI to use for initializing
-NSS. The CGI will use the directory entered below as the directory
-where to look for the certificate and key databases.
-<pre>
-Path for NSS Config: <input size=40 type="text" name="NSSDirectory">
-</pre>
-Enter the password for the certificate database found in the direcotry
-above.
-<pre>
-Database Password: <input type="password" name="dbPassword" size=40>
-</pre>
-Now enter the nickname of the certificate to use for signing the
-certificate issued during this test.
-<pre>
-CA Nickname: <input size=40 type="text" name="CANickname">
-</pre>
-<h2>Now, figure out which type of key generation you want to test:</h2>
-<select name="testType" onChange="setTestType()">`
-<option value="SigningOnlyRSA">Signing Only-RSA
-<option value="EncryptionOnlyRSA">Encryption Only-RSA
-<option value="SignAndEncryptRSA">Sign and Encrypt Single Key -RSA
-<option value="DualRSAKeys">Dual Keys-RSA
-<option value="DSAKeyGen">DSA Key Gen
-</select>
-<input type="hidden" name=CRMFRequest value="">
-<hr>
-<input type="button" value="OK" onclick="processForm(document.crmfForm)">
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/crmf-cgi/manifest.mn b/security/nss/cmd/crmf-cgi/manifest.mn
deleted file mode 100644
index 3a3496327..000000000
--- a/security/nss/cmd/crmf-cgi/manifest.mn
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-MODULE = sectools
-
-EXPORTS = \
- $(NULL)
-
-CSRCS = \
- crmfcgi.c \
- $(NULL)
-
-
-REQUIRES = nss dbm seccmd
-
-ifdef ATTACH_CGI
-DEFINES += -DATTACH_CGI
-endif
-
-ifdef WRITE_OUT_RESPONSE
-DEFINES += -DWRITE_OUT_RESPONSE
-endif
-
-PROGRAM = crmfcgi
-
-USE_STATIC_LIBS = 1
-
-INCLUDES =
-
-DEFINES = -DNSPR20
diff --git a/security/nss/cmd/crmftest/Makefile b/security/nss/cmd/crmftest/Makefile
deleted file mode 100644
index 5df669763..000000000
--- a/security/nss/cmd/crmftest/Makefile
+++ /dev/null
@@ -1,99 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include config.mk
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-OS_LIBS += -lsvld
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), SunOS5.6)
-OS_LIBS += -ldl -lxnet -lposix4 -lsocket -lnsl
-endif
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(DIST)/lib/crmf.lib
-else
-EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX)
-endif
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-LDDIST = $(DIST)/lib
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(LDDIST)/sectool.lib
-endif
-
-lame:
- echo $(CPU_ARCH)
-
-include ../platrules.mk
diff --git a/security/nss/cmd/crmftest/config.mk b/security/nss/cmd/crmftest/config.mk
deleted file mode 100644
index 7343609f8..000000000
--- a/security/nss/cmd/crmftest/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY =
-
diff --git a/security/nss/cmd/crmftest/manifest.mn b/security/nss/cmd/crmftest/manifest.mn
deleted file mode 100644
index cd5275094..000000000
--- a/security/nss/cmd/crmftest/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-DEPTH = .
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-EXPORTS = \
- $(NULL)
-
-CSRCS = \
- testcrmf.c \
- $(NULL)
-
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm
-
-PROGRAM = crmftest
-
diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c
deleted file mode 100644
index e9bb08bdb..000000000
--- a/security/nss/cmd/crmftest/testcrmf.c
+++ /dev/null
@@ -1,1533 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "secrng.h"
-#include "secpkcs5.h"
-#include "pk11func.h"
-#include "pkcs11.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "key.h"
-#include "prio.h"
-#include "pqggen.h"
-#include "cmmf.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "prlock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "rsa.h"
-#include "secpkcs5.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-#include <stdio.h>
-#include "prprf.h"
-#if !defined(XP_UNIX) && !defined(LINUX)
-extern int getopt(int, char **, char*);
-extern char *optarg;
-#endif
-#define MAX_KEY_LEN 512
-
-int64 notBefore;
-char *personalCert = NULL;
-char *recoveryEncrypter = NULL;
-char *caCertName = NULL;
-
-CERTCertDBHandle *db;
-SECKEYKeyDBHandle *keydb;
-
-void
-debug_test(SECItem *src, char *filePath)
-{
- PRFileDesc *fileDesc;
-
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not cretae file %s.\n", filePath);
- return;
- }
- PR_Write(fileDesc, src->data, src->len);
-
-}
-
-SECStatus
-get_serial_number(long *dest)
-{
- RNGContext *rng;
- SECStatus rv;
-
- if (dest == NULL) {
- return SECFailure;
- }
- rng = RNG_CreateContext();
- if (rng == NULL) {
- *dest = 0;
- return SECFailure;
- }
- rv = RNG_GenerateRandomBytes(rng, (void*)dest, sizeof(long));
- RNG_DestroyContext(rng, PR_TRUE);
- return SECSuccess;
-}
-
-char *
-promptForPassword (PK11SlotInfo *slot, PRBool retry, void *cx)
-{
- char passWord[80];
- char *retPass = NULL;
-
- if (retry) {
- printf ("Incorrect password. Please re-enter the password.\n");
- }
- printf ("WARNING: Password will be echoed to the screen.\n");
- printf ("Please enter the password for slot \"%s\":",
- PK11_GetTokenName(slot));
- scanf ("%s", passWord);
- retPass = PORT_Strdup(passWord);
- return retPass;
-}
-
-PK11RSAGenParams *
-GetRSAParams(void)
-{
- PK11RSAGenParams *rsaParams;
-
- rsaParams = PORT_ZNew(PK11RSAGenParams);
-
- if (rsaParams == NULL)
- return NULL;
-
- rsaParams->keySizeInBits = MAX_KEY_LEN;
- rsaParams->pe = 0x1001;
-
- return rsaParams;
-
-}
-
-SECStatus
-SetSlotPassword(PK11SlotInfo *slot)
-{
- char userPin[80];
-
- printf ("Initialization of PIN's for your Database.\n");
- printf ("------------------------------------------\n");
- printf ("Please enter the PIN's for your Database.\n");
- printf ("Warning: ALL PIN'S WILL BE ECHOED TO SCREEN!!!\n");
- printf ("Now enter the PIN for the user: ");
- scanf ("%s", userPin);
- return PK11_InitPin (slot, NULL, userPin);
-}
-
-PQGParams*
-GetDSAParams(void)
-{
- PQGParams *params = NULL;
- PQGVerify *vfy = NULL;
-
- SECStatus rv;
-
- rv = PQG_ParamGen(0, &params, &vfy);
- if (rv != SECSuccess) {
- return NULL;
- }
- PQG_DestroyVerify(vfy);
- return params;
-}
-
-CERTSubjectPublicKeyInfo *
-GetSubjectPubKeyInfo(SECKEYPrivateKey **destPrivKey,
- SECKEYPublicKey **destPubKey) {
- CERTSubjectPublicKeyInfo *spki = NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECKEYPublicKey *pubKey = NULL;
- PK11SlotInfo *keySlot = NULL;
- PK11SlotInfo *cryptoSlot = NULL;
- PK11RSAGenParams *rsaParams = NULL;
- PQGParams *dsaParams = NULL;
-
- keySlot = PK11_GetInternalKeySlot();
- PK11_Authenticate(keySlot, PR_FALSE, NULL);
- cryptoSlot = PK11_GetInternalSlot();
- PK11_Authenticate(cryptoSlot, PR_FALSE, NULL);
- PK11_FreeSlot(cryptoSlot);
- rsaParams = GetRSAParams();
- privKey = PK11_GenerateKeyPair(keySlot, CKM_RSA_PKCS_KEY_PAIR_GEN,
- (void*)rsaParams, &pubKey, PR_FALSE,
- PR_FALSE, NULL);
-/* dsaParams = GetDSAParams();
- if (dsaParams == NULL) {
- PK11_FreeSlot(keySlot);
- return NULL;
- }
- privKey = PK11_GenerateKeyPair(keySlot, CKM_DSA_KEY_PAIR_GEN,
- (void*)dsaParams, &pubKey, PR_FALSE,
- PR_FALSE, NULL);*/
- PK11_FreeSlot(keySlot);
- if (privKey == NULL || pubKey == NULL) {
- if (pubKey) {
- SECKEY_DestroyPublicKey(pubKey);
- }
- if (privKey) {
- SECKEY_DestroyPrivateKey(privKey);
- }
- return NULL;
- }
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubKey);
- *destPrivKey = privKey;
- *destPubKey = pubKey;
- return spki;
-}
-
-
-SECStatus
-InitPKCS11(void)
-{
- PK11SlotInfo *cryptoSlot, *keySlot;
-
- PK11_SetPasswordFunc(promptForPassword);
-
- cryptoSlot = PK11_GetInternalSlot();
- keySlot = PK11_GetInternalKeySlot();
-
- if (PK11_NeedUserInit(cryptoSlot) && PK11_NeedLogin(cryptoSlot)) {
- if (SetSlotPassword (cryptoSlot) != SECSuccess) {
- printf ("Initializing the PIN's failed.\n");
- return SECFailure;
- }
- }
-
- if (PK11_NeedUserInit(keySlot) && PK11_NeedLogin(keySlot)) {
- if (SetSlotPassword (keySlot) != SECSuccess) {
- printf ("Initializing the PIN's failed.\n");
- return SECFailure;
- }
- }
-
- PK11_FreeSlot(cryptoSlot);
- PK11_FreeSlot(keySlot);
- return SECSuccess;
-}
-
-
-void
-WriteItOut (void *arg, const char *buf, unsigned long len)
-{
- PRFileDesc *fileDesc = (PRFileDesc*)arg;
-
- PR_Write(fileDesc, (void*)buf, len);
-}
-
-SECItem
-GetRandomBitString(void)
-{
-#define NUM_BITS 800
-#define BITS_IN_BYTE 8
- SECItem bitString;
- int numBytes = NUM_BITS/BITS_IN_BYTE;
- unsigned char *bits = PORT_ZNewArray(unsigned char, numBytes);
- RNGContext *rng;
-
- rng = RNG_CreateContext();
- RNG_GenerateRandomBytes(rng, (void*)bits, numBytes);
- RNG_DestroyContext(rng, PR_TRUE);
- bitString.data = bits;
- bitString.len = NUM_BITS;
- bitString.type = siBuffer;
- return bitString;
-}
-
-CRMFCertExtCreationInfo*
-GetExtensions(void)
-{
- CRMFCertExtCreationInfo *extInfo;
- CRMFCertExtension *currExt;
- CRMFCertExtension *extension;
- SECItem data;
- PRBool prFalse = PR_FALSE;
- unsigned char keyUsage[4];
-
- data.len = 4;
- data.data = keyUsage;
- keyUsage[0] = 0x03;
- keyUsage[1] = 0x02;
- keyUsage[2] = 0x07;
- keyUsage[3] = KU_DIGITAL_SIGNATURE;
- extension = CRMF_CreateCertExtension(SEC_OID_X509_KEY_USAGE,prFalse,
- &data);
- extInfo = PORT_ZNew(CRMFCertExtCreationInfo);
- extInfo->numExtensions = 1;
- extInfo->extensions = PORT_ZNewArray(CRMFCertExtension*, 1);
- extInfo->extensions[0] = extension;
- return extInfo;
-}
-
-void
-FreeExtInfo(CRMFCertExtCreationInfo *extInfo)
-{
- int i;
-
- for (i=0; i<extInfo->numExtensions; i++) {
- CRMF_DestroyCertExtension(extInfo->extensions[i]);
- }
- PORT_Free(extInfo->extensions);
- PORT_Free(extInfo);
-}
-
-int
-CreateCertRequest (CRMFCertRequest **inCertReq, SECKEYPrivateKey **privKey,
- SECKEYPublicKey **pubKey)
-{
- long serialNumber;
- long version = 3;
- char *issuerStr = PORT_Strdup ("CN=Javi's CA Shack, O=Information Systems");
- char *subjectStr = PORT_Strdup ("CN=Javi's CA Shack ID, O=Engineering, "
- "C=US");
- CRMFCertRequest *certReq;
- SECAlgorithmID * algID;
- CERTName *issuer, *subject;
- CRMFValidityCreationInfo validity;
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
- SECOidTag tag, tag2;
- SECItem issuerUID, subjectUID;
- CRMFCertExtCreationInfo *extInfo;
- CRMFEncryptedKey *encKey;
- CERTCertificate *caCert;
- CRMFPKIArchiveOptions *pkiArchOpt;
-
- *inCertReq = NULL;
- certReq = CRMF_CreateCertRequest(0x0ff02345);
- if (certReq == NULL) {
- printf ("Could not initialize a certificate request.\n");
- return 1;
- }
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfVersion, (void*)(&version));
- if (rv != SECSuccess) {
- printf("Could not add the version number to the "
- "Certificate Request.\n");
- CRMF_DestroyCertRequest(certReq);
- return 2;
- }
-
- if (get_serial_number(&serialNumber) != SECSuccess) {
- printf ("Could not generate a serial number for cert request.\n");
- CRMF_DestroyCertRequest(certReq);
- return 3;
- }
-
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfSerialNumber,
- (void*)(&serialNumber));
- if (rv != SECSuccess) {
- printf ("Could not add serial number to certificate template\n.");
- CRMF_DestroyCertRequest(certReq);
- return 4;
- }
-
- issuer = CERT_AsciiToName(issuerStr);
- if (issuer == NULL) {
- printf ("Could not create CERTName structure from %s.\n", issuerStr);
- CRMF_DestroyCertRequest(certReq);
- return 5;
- }
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfIssuer, (void*) issuer);
- PORT_Free(issuerStr);
- CERT_DestroyName(issuer);
- if (rv != SECSuccess) {
- printf ("Could not add issuer to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 6;
- }
-
- subject = CERT_AsciiToName(subjectStr);
- if (subject == NULL) {
- printf ("Could not create CERTName structure from %s.\n", subjectStr);
- CRMF_DestroyCertRequest(certReq);
- return 7;
- }
- PORT_Free(subjectStr);
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfSubject, (void*)subject);
- if (rv != SECSuccess) {
- printf ("Could not add subject to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 8;
- }
- CERT_DestroyName(subject);
-
- algID =
- SEC_PKCS5CreateAlgorithmID (SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
- NULL, 1);
- if (algID == NULL) {
- printf ("Couldn't create algorithm ID\n");
- CRMF_DestroyCertRequest(certReq);
- return 9;
- }
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfSigningAlg, (void*)algID);
- SECOID_DestroyAlgorithmID(algID, PR_TRUE);
- if (rv != SECSuccess) {
- printf ("Could not add the signing algorithm to the cert template.\n");
- CRMF_DestroyCertRequest(certReq);
- return 10;
- }
-
- validity.notBefore = &notBefore;
- validity.notAfter = NULL;
- notBefore = PR_Now();
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfValidity,(void*)(&validity));
- if (rv != SECSuccess) {
- printf ("Could not add validity to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 11;
- }
-
- spki = GetSubjectPubKeyInfo(privKey, pubKey);
- if (spki == NULL) {
- printf ("Could not create a Subject Public Key Info to add\n");
- CRMF_DestroyCertRequest(certReq);
- return 12;
- }
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfPublicKey, (void*)spki);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- if (rv != SECSuccess) {
- printf ("Could not add the public key to the template\n");
- CRMF_DestroyCertRequest(certReq);
- return 13;
- }
-
- caCert =
- CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- caCertName);
- if (caCert == NULL) {
- printf ("Could not find the certificate for %s\n", caCertName);
- CRMF_DestroyCertRequest(certReq);
- return 50;
- }
-
- issuerUID = GetRandomBitString();
- subjectUID = GetRandomBitString();
- CRMF_CertRequestSetTemplateField(certReq,crmfIssuerUID, (void*)&issuerUID);
- CRMF_CertRequestSetTemplateField(certReq,crmfSubjectUID, (void*)&subjectUID);
- PORT_Free(issuerUID.data);
- PORT_Free(subjectUID.data);
- extInfo = GetExtensions();
- CRMF_CertRequestSetTemplateField(certReq, crmfExtension, (void*)extInfo);
- FreeExtInfo(extInfo);
- encKey = CRMF_CreateEncryptedKeyWithEncryptedValue(*privKey, caCert);
- CERT_DestroyCertificate(caCert);
- if (encKey == NULL) {
- printf ("Could not create Encrypted Key with Encrypted Value.\n");
- return 14;
- }
- pkiArchOpt = CRMF_CreatePKIArchiveOptions(crmfEncryptedPrivateKey, encKey);
- CRMF_DestroyEncryptedKey(encKey);
- if (pkiArchOpt == NULL) {
- printf ("Could not create PKIArchiveOptions.\n");
- return 15;
- }
- rv = CRMF_CertRequestSetPKIArchiveOptions(certReq, pkiArchOpt);
- CRMF_DestroyPKIArchiveOptions(pkiArchOpt);
- if (rv != SECSuccess) {
- printf ("Could not add the PKIArchiveControl to Cert Request.\n");
- return 16;
- }
- *inCertReq = certReq;
- return 0;
-}
-
-int
-Encode (CRMFCertReqMsg *inCertReq,
- CRMFCertReqMsg *secondReq, char *configdir)
-{
-#define PATH_LEN 150
-#define CRMF_FILE "CertReqMessages.der"
- char filePath[PATH_LEN];
- PRFileDesc *fileDesc;
- SECStatus rv;
- int irv = 0;
- CRMFCertReqMsg *msgArr[3];
- CRMFCertReqMsg *newMsg;
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- irv = 14;
- goto finish;
- }
-/* rv = CRMF_EncodeCertReqMsg (inCertReq, WriteItOut, (void*)fileDesc);*/
- msgArr[0] = inCertReq;
- msgArr[1] = secondReq;
- msgArr[2] = NULL;
- rv = CRMF_EncodeCertReqMessages(msgArr, WriteItOut, (void*)fileDesc);
- if (rv != SECSuccess) {
- printf ("An error occurred while encoding.\n");
- irv = 15;
- goto finish;
- }
- finish:
- PR_Close(fileDesc);
- return irv;
-}
-
-int
-AddProofOfPossession(CRMFCertReqMsg *certReqMsg, SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, CRMFPOPChoice inPOPChoice)
-{
-
- switch(inPOPChoice){
- case crmfSignature:
- CRMF_CertReqMsgSetSignaturePOP(certReqMsg, privKey, pubKey, NULL, NULL,
- NULL);
- break;
- case crmfRAVerified:
- CRMF_CertReqMsgSetRAVerifiedPOP(certReqMsg);
- break;
- case crmfKeyEncipherment:
- CRMF_CertReqMsgSetKeyEnciphermentPOP(certReqMsg,
- crmfSubsequentMessage,
- crmfChallengeResp, NULL);
- break;
- case crmfKeyAgreement:
- {
- SECItem pendejo;
- unsigned char lame[] = { 0xf0, 0x0f, 0xf0, 0x0f, 0xf0 };
-
- pendejo.data = lame;
- pendejo.len = 5;
-
- CRMF_CertReqMsgSetKeyAgreementPOP(certReqMsg, crmfThisMessage,
- crmfNoSubseqMess, &pendejo);
- }
- break;
- default:
- return 1;
- }
- return 0;
-}
-
-#define BUFF_SIZE 150
-
-int
-Decode(char *configdir)
-{
- char filePath[PATH_LEN];
- unsigned char buffer[BUFF_SIZE];
- char *asn1Buff;
- PRFileDesc *fileDesc;
- PRInt32 fileLen = 0;
- PRInt32 bytesRead;
- CRMFCertReqMsg *certReqMsg;
- CRMFCertRequest *certReq;
- CRMFGetValidity validity= {NULL, NULL};
- CRMFCertReqMessages *certReqMsgs;
- int numMsgs, i;
- long lame;
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- while (1) {
- bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE);
- if (bytesRead <= 0) break;
- fileLen += bytesRead;
- }
- if (bytesRead < 0) {
- printf ("Error while getting the length of the file %s\n", filePath);
- return 200;
- }
-
- PR_Close(fileDesc);
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- asn1Buff = PORT_ZNewArray(char, fileLen);
- bytesRead = PR_Read(fileDesc, asn1Buff, fileLen);
- if (bytesRead != fileLen) {
- printf ("Error while reading in the contents of %s\n", filePath);
- return 201;
- }
- /*certReqMsg = CRMF_CreateCertReqMsgFromDER(asn1Buff, fileLen);
- if (certReqMsg == NULL) {
- printf ("Error while decoding the CertReqMsg\n");
- return 202;
- }
- certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
-*/
- certReqMsgs = CRMF_CreateCertReqMessagesFromDER(asn1Buff, fileLen);
- if (certReqMsgs == NULL) {
- printf ("Error decoding CertReqMessages.\n");
- return 202;
- }
- numMsgs = CRMF_CertReqMessagesGetNumMessages(certReqMsgs);
- if (numMsgs <= 0) {
- printf ("WARNING: The DER contained %d messages.\n", numMsgs);
- }
- for (i=0; i < numMsgs; i++) {
- certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i);
- if (certReqMsg == NULL) {
- printf ("ERROR: Could not access the message at index %d of %s\n",
- i, filePath);
- }
- CRMF_CertReqMsgGetID(certReqMsg, &lame);
- certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
- CRMF_CertRequestGetCertTemplateValidity(certReq, &validity);
- CRMF_DestroyGetValidity(&validity);
- CRMF_DestroyCertRequest(certReq);
- CRMF_DestroyCertReqMsg(certReqMsg);
- }
- CRMF_DestroyCertReqMessages(certReqMsgs);
- PORT_Free(asn1Buff);
- return 0;
-}
-
-void
-GetBitsFromFile(char *filePath, SECItem *fileBits)
-{
- PRFileDesc *fileDesc;
- int bytesRead, fileLen=0;
- char buffer[BUFF_SIZE], *asn1Buf;
-
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- while (1) {
- bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE);
- if (bytesRead <= 0) break;
- fileLen += bytesRead;
- }
- if (bytesRead < 0) {
- printf ("Error while getting the length of file %s.\n", filePath);
- goto loser;
- }
- PR_Close(fileDesc);
-
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- asn1Buf = PORT_ZNewArray(char, fileLen);
- if (asn1Buf == NULL) {
- printf ("Out of memory in function GetBitsFromFile\n");
- goto loser;
- }
- bytesRead = PR_Read(fileDesc, asn1Buf, fileLen);
- if (bytesRead != fileLen) {
- printf ("Error while reading the contents of %s\n", filePath);
- goto loser;
- }
- fileBits->data = (unsigned char*)asn1Buf;
- fileBits->len = fileLen;
- return;
- loser:
- if (asn1Buf) {
- PORT_Free(asn1Buf);
- }
- fileBits->data = NULL;
- fileBits->len = 0;
-}
-
-int
-DecodeCMMFCertRepContent(char *derFile)
-{
- int fileLen=0;
- char *asn1Buf;
- SECItem fileBits;
- CMMFCertRepContent *certRepContent;
-
-
- GetBitsFromFile(derFile, &fileBits);
- if (fileBits.data == NULL) {
- printf("Could not get bits from file %s\n", derFile);
- return 304;
- }
- asn1Buf = (char*)fileBits.data;
- fileLen = fileBits.len;
- certRepContent = CMMF_CreateCertRepContentFromDER(db, asn1Buf, fileLen);
- if (certRepContent == NULL) {
- printf ("Error while decoding %s\n", derFile);
- return 303;
- }
- CMMF_DestroyCertRepContent(certRepContent);
- PORT_Free(asn1Buf);
- return 0;
-}
-
-int
-DoCMMFStuff(char *configdir)
-{
- CMMFCertResponse *certResp=NULL, *certResp2=NULL, *certResponses[3];
- CMMFCertRepContent *certRepContent=NULL;
- CERTCertificate *cert=NULL, *caCert=NULL;
- CERTCertList *list=NULL;
- PRFileDesc *fileDesc=NULL;
- char filePath[PATH_LEN];
- int rv = 0;
- long random;
- CMMFKeyRecRepContent *repContent=NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECKEYPublicKey *caPubKey;
- SECStatus srv;
- SECItem fileBits;
-
- certResp = CMMF_CreateCertResponse(0xff123);
- CMMF_CertResponseSetPKIStatusInfoStatus(certResp, cmmfGranted);
- cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert);
- if (cert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- rv = 416;
- goto finish;
- }
- CMMF_CertResponseSetCertificate(certResp, cert);
- certResp2 = CMMF_CreateCertResponse(0xff122);
- CMMF_CertResponseSetPKIStatusInfoStatus(certResp2, cmmfGranted);
- CMMF_CertResponseSetCertificate(certResp2, cert);
-
- certResponses[0] = certResp;
- certResponses[1] = NULL;
- certResponses[2] = NULL;
-
- certRepContent = CMMF_CreateCertRepContent();
- CMMF_CertRepContentSetCertResponses(certRepContent, certResponses, 1);
-
- list = CERT_GetCertChainFromCert(cert, PR_Now(), certUsageEmailSigner);
- CMMF_CertRepContentSetCAPubs(certRepContent, list);
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, "CertRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- rv = 400;
- goto finish;
- }
-
- srv = CMMF_EncodeCertRepContent(certRepContent, WriteItOut,
- (void*)fileDesc);
- PORT_Assert (srv == SECSuccess);
- PR_Close(fileDesc);
- rv = DecodeCMMFCertRepContent(filePath);
- if (rv != 0) {
- goto finish;
- }
- random = 0xa4e7;
- caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- caCertName);
- if (caCert == NULL) {
- printf ("Could not get the certifcate for %s\n", caCertName);
- rv = 411;
- goto finish;
- }
- repContent = CMMF_CreateKeyRecRepContent();
- if (repContent == NULL) {
- printf ("Could not allocate a CMMFKeyRecRepContent structure\n");
- rv = 407;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(repContent,
- cmmfGrantedWithMods);
- if (srv != SECSuccess) {
- printf ("Error trying to set PKIStatusInfo for "
- "CMMFKeyRecRepContent.\n");
- rv = 406;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetNewSignCert(repContent, cert);
- if (srv != SECSuccess) {
- printf ("Error trying to set the new signing certificate for "
- "key recovery\n");
- rv = 408;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetCACerts(repContent, list);
- if (srv != SECSuccess) {
- printf ("Errory trying to add the list of CA certs to the "
- "CMMFKeyRecRepContent structure.\n");
- rv = 409;
- goto finish;
- }
- privKey = PK11_FindKeyByAnyCert(cert, NULL);
- if (privKey == NULL) {
- printf ("Could not get the private key associated with the\n"
- "certificate %s\n", personalCert);
- rv = 410;
- goto finish;
- }
- caPubKey = CERT_ExtractPublicKey(caCert);
- if (caPubKey == NULL) {
- printf ("Could not extract the public from the "
- "certificate for \n%s\n", caCertName);
- rv = 412;
- goto finish;
- }
- CERT_DestroyCertificate(caCert);
- caCert = NULL;
- srv = CMMF_KeyRecRepContentSetCertifiedKeyPair(repContent, cert, privKey,
- caPubKey);
- SECKEY_DestroyPrivateKey(privKey);
- SECKEY_DestroyPublicKey(caPubKey);
- if (srv != SECSuccess) {
- printf ("Could not set the Certified Key Pair\n");
- rv = 413;
- goto finish;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir,
- "KeyRecRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- rv = 414;
- goto finish;
- }
-
- srv = CMMF_EncodeKeyRecRepContent(repContent, WriteItOut,
- (void*)fileDesc);
- PORT_Assert (srv == SECSuccess);
- PR_Close(fileDesc);
- CMMF_DestroyKeyRecRepContent(repContent);
- GetBitsFromFile(filePath, &fileBits);
- repContent =
- CMMF_CreateKeyRecRepContentFromDER(db, (const char *) fileBits.data,
- fileBits.len);
- if (repContent == NULL) {
- printf ("ERROR: CMMF_CreateKeyRecRepContentFromDER failed on file:\n"
- "\t%s\n", filePath);
- rv = 415;
- goto finish;
- }
- finish:
- if (repContent) {
- CMMF_DestroyKeyRecRepContent(repContent);
- }
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
- if (list) {
- CERT_DestroyCertList(list);
- }
- if (certResp) {
- CMMF_DestroyCertResponse(certResp);
- }
- if (certResp2) {
- CMMF_DestroyCertResponse(certResp2);
- }
- if (certRepContent) {
- CMMF_DestroyCertRepContent(certRepContent);
- }
- return rv;
-}
-
-static CK_MECHANISM_TYPE
-mapWrapKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-#define KNOWN_MESSAGE_LENGTH 20 /*160 bits*/
-
-int
-DoKeyRecovery(char *configdir, SECKEYPrivateKey *privKey)
-{
- SECKEYPublicKey *pubKey;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE id;
- CK_MECHANISM mech = { CKM_INVALID_MECHANISM, NULL, 0};
- unsigned char *known_message = (unsigned char*)"Known Crypto Message";
- unsigned char plaintext[KNOWN_MESSAGE_LENGTH];
- char filePath[PATH_LEN];
- CK_RV crv;
- unsigned char *ciphertext;
- CK_ULONG max_bytes_encrypted, bytes_encrypted;
- unsigned char *text_compared;
- CK_ULONG bytes_compared, bytes_decrypted;
- SECKEYPrivateKey *unwrappedPrivKey, *caPrivKey;
- CMMFKeyRecRepContent *keyRecRep;
- SECStatus rv;
- CERTCertificate *caCert, *myCert;
- SECKEYPublicKey *caPubKey;
- PRFileDesc *fileDesc;
- SECItem fileBits, nickname;
- CMMFCertifiedKeyPair *certKeyPair;
-
- /*caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- caCertName);*/
- myCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert);
- if (myCert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- return 700;
- }
- caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- recoveryEncrypter);
- if (caCert == NULL) {
- printf ("Could not find the certificate for %s\n", recoveryEncrypter);
- return 701;
- }
- caPubKey = CERT_ExtractPublicKey(caCert);
- pubKey = SECKEY_ConvertToPublicKey(privKey);
- max_bytes_encrypted = PK11_GetPrivateModulusLen(privKey);
- slot = PK11_GetBestSlot(mapWrapKeyType(privKey->keyType), NULL);
- id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE);
- switch(privKey->keyType) {
- case rsaKey:
- mech.mechanism = CKM_RSA_PKCS;
- break;
- case dsaKey:
- mech.mechanism = CKM_DSA;
- break;
- case dhKey:
- mech.mechanism = CKM_DH_PKCS_DERIVE;
- break;
- default:
- printf ("Bad Key type in key recovery.\n");
- return 512;
-
- }
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(slot->session, &mech, id);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- printf ("C_EncryptInit failed in KeyRecovery\n");
- return 500;
- }
- ciphertext = PORT_NewArray(unsigned char, max_bytes_encrypted);
- if (ciphertext == NULL) {
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- printf ("Could not allocate memory for ciphertext.\n");
- return 501;
- }
- bytes_encrypted = max_bytes_encrypted;
- crv = PK11_GETTAB(slot)->C_Encrypt(slot->session,
- known_message,
- KNOWN_MESSAGE_LENGTH,
- ciphertext,
- &bytes_encrypted);
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- if (crv != CKR_OK) {
- PORT_Free(ciphertext);
- return 502;
- }
- /* Always use the smaller of these two values . . . */
- bytes_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
- ? KNOWN_MESSAGE_LENGTH
- : bytes_encrypted;
-
- /* If there was a failure, the plaintext */
- /* goes at the end, therefore . . . */
- text_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
- ? (ciphertext + bytes_encrypted -
- KNOWN_MESSAGE_LENGTH )
- : ciphertext;
-
- keyRecRep = CMMF_CreateKeyRecRepContent();
- if (keyRecRep == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not allocate a CMMFKeyRecRepContent structre.\n");
- return 503;
- }
- rv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(keyRecRep,
- cmmfGranted);
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not set the status for the KeyRecRepContent\n");
- return 504;
- }
- /* The myCert here should correspond to the certificate corresponding
- * to the private key, but for this test any certificate will do.
- */
- rv = CMMF_KeyRecRepContentSetCertifiedKeyPair(keyRecRep, myCert,
- privKey, caPubKey);
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not set the Certified Key Pair\n");
- return 505;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir,
- "KeyRecRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not open file %s\n", filePath);
- return 506;
- }
- rv = CMMF_EncodeKeyRecRepContent(keyRecRep, WriteItOut, fileDesc);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- PR_Close(fileDesc);
-
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Error while encoding CMMFKeyRecRepContent\n");
- return 507;
- }
- GetBitsFromFile(filePath, &fileBits);
- if (fileBits.data == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Could not get the bits from file %s\n", filePath);
- return 508;
- }
- keyRecRep =
- CMMF_CreateKeyRecRepContentFromDER(db,(const char*)fileBits.data,
- fileBits.len);
- if (keyRecRep == NULL) {
- printf ("Could not decode the KeyRecRepContent in file %s\n",
- filePath);
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- return 509;
- }
- caPrivKey = PK11_FindKeyByAnyCert(caCert, NULL);
- if (CMMF_KeyRecRepContentGetPKIStatusInfoStatus(keyRecRep) !=
- cmmfGranted) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("A bad status came back with the "
- "KeyRecRepContent structure\n");
- return 510;
- }
-#define NICKNAME "Key Recovery Test Key"
- nickname.data = (unsigned char*)NICKNAME;
- nickname.len = PORT_Strlen(NICKNAME);
- certKeyPair = CMMF_KeyRecRepContentGetCertKeyAtIndex(keyRecRep, 0);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- rv = CMMF_CertifiedKeyPairUnwrapPrivKey(certKeyPair,
- caPrivKey,
- &nickname,
- PK11_GetInternalKeySlot(),
- db,
- &unwrappedPrivKey, NULL);
- CMMF_DestroyCertifiedKeyPair(certKeyPair);
- if (rv != SECSuccess) {
- printf ("Unwrapping the private key failed.\n");
- return 511;
- }
- /*Now let's try to decrypt the ciphertext with the "recovered" key*/
- PK11_EnterSlotMonitor(slot);
- crv =
- PK11_GETTAB(slot)->C_DecryptInit(unwrappedPrivKey->pkcs11Slot->session,
- &mech,
- unwrappedPrivKey->pkcs11ID);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Decrypting with the recovered key failed.\n");
- return 513;
- }
- bytes_decrypted = KNOWN_MESSAGE_LENGTH;
- crv = PK11_GETTAB(slot)->C_Decrypt(unwrappedPrivKey->pkcs11Slot->session,
- ciphertext,
- bytes_encrypted, plaintext,
- &bytes_decrypted);
- SECKEY_DestroyPrivateKey(unwrappedPrivKey);
- PK11_ExitSlotMonitor(slot);
- PORT_Free(ciphertext);
- if (crv != CKR_OK) {
- PK11_FreeSlot(slot);
- printf ("Decrypting the ciphertext with recovered key failed.\n");
- return 514;
- }
- if ((bytes_decrypted != KNOWN_MESSAGE_LENGTH) ||
- (PORT_Memcmp(plaintext, known_message, KNOWN_MESSAGE_LENGTH) != 0)) {
- PK11_FreeSlot(slot);
- printf ("The recovered plaintext does not equal the known message:\n"
- "\tKnown message: %s\n"
- "\tRecovered plaintext: %s\n", known_message, plaintext);
- return 515;
- }
- return 0;
-}
-
-int
-DoChallengeResponse(char *configdir, SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey)
-{
- CMMFPOPODecKeyChallContent *chalContent = NULL;
- CMMFPOPODecKeyRespContent *respContent = NULL;
- CERTCertificate *myCert = NULL;
- CERTGeneralName *myGenName = NULL;
- PRArenaPool *poolp = NULL;
- SECItem DecKeyChallBits;
- long *randomNums;
- int numChallengesFound=0;
- int numChallengesSet = 1,i;
- long retrieved;
- char filePath[PATH_LEN];
- RNGContext *rng;
- SECStatus rv;
- PRFileDesc *fileDesc;
- SECItem *publicValue, *keyID;
- SECKEYPrivateKey *foundPrivKey;
-
- chalContent = CMMF_CreatePOPODecKeyChallContent();
- myCert = CERT_FindCertByNickname(db, personalCert);
- if (myCert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- return 900;
- }
- poolp = PORT_NewArena(1024);
- if (poolp == NULL) {
- printf("Could no allocate a new arena in DoChallengeResponse\n");
- return 901;
- }
- myGenName = CERT_GetCertificateNames(myCert, poolp);
- if (myGenName == NULL) {
- printf ("Could not get the general names for %s certificate\n",
- personalCert);
- return 902;
- }
- randomNums = PORT_ArenaNewArray(poolp,long, numChallengesSet);
- rng = RNG_CreateContext();
- RNG_GenerateRandomBytes(rng, randomNums, numChallengesSet*sizeof(long));
- for (i=0; i<numChallengesSet; i++) {
- rv = CMMF_POPODecKeyChallContentSetNextChallenge(chalContent,
- randomNums[i],
- myGenName,
- pubKey,
- NULL);
- }
- RNG_DestroyContext(rng, PR_TRUE);
- if (rv != SECSuccess) {
- printf ("Could not set the challenge in DoChallengeResponse\n");
- return 903;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyChallContent.der",
- configdir);
- fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 904;
- }
- rv = CMMF_EncodePOPODecKeyChallContent(chalContent,WriteItOut,
- (void*)fileDesc);
- PR_Close(fileDesc);
- CMMF_DestroyPOPODecKeyChallContent(chalContent);
- if (rv != SECSuccess) {
- printf ("Could not encode the POPODecKeyChallContent.\n");
- return 905;
- }
- GetBitsFromFile(filePath, &DecKeyChallBits);
- chalContent =
- CMMF_CreatePOPODecKeyChallContentFromDER
- ((const char*)DecKeyChallBits.data, DecKeyChallBits.len);
- PORT_Free(DecKeyChallBits.data);
- if (chalContent == NULL) {
- printf ("Could not create the POPODecKeyChallContent from DER\n");
- return 906;
- }
- numChallengesFound =
- CMMF_POPODecKeyChallContentGetNumChallenges(chalContent);
- if (numChallengesFound != numChallengesSet) {
- printf ("Number of Challenges Found (%d) does not equal the number "
- "set (%d)\n", numChallengesFound, numChallengesSet);
- return 907;
- }
- for (i=0; i<numChallengesSet; i++) {
- publicValue = CMMF_POPODecKeyChallContentGetPublicValue(chalContent, i);
- if (publicValue == NULL) {
- printf("Could not get the public value for challenge at index %d\n",
- i);
- return 908;
- }
- keyID = PK11_MakeIDFromPubKey(publicValue);
- if (keyID == NULL) {
- printf ("Could not make the keyID from the public value\n");
- return 909;
- }
- foundPrivKey = PK11_FindKeyByKeyID(privKey->pkcs11Slot,keyID, NULL);
- if (foundPrivKey == NULL) {
- printf ("Could not find the private key corresponding to the public"
- " value.\n");
- return 910;
- }
- rv = CMMF_POPODecKeyChallContDecryptChallenge(chalContent, i,
- foundPrivKey);
- if (rv != SECSuccess) {
- printf ("Could not decrypt the challenge at index %d\n", i);
- return 911;
- }
- rv = CMMF_POPODecKeyChallContentGetRandomNumber(chalContent, i,
- &retrieved);
- if (rv != SECSuccess) {
- printf ("Could not get the random number from the challenge at "
- "index %d\n", i);
- return 912;
- }
- if (retrieved != randomNums[i]) {
- printf ("Retrieved the number (%d), expected (%d)\n", retrieved,
- randomNums[i]);
- return 913;
- }
- }
- CMMF_DestroyPOPODecKeyChallContent(chalContent);
- PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyRespContent.der",
- configdir);
- fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 914;
- }
- rv = CMMF_EncodePOPODecKeyRespContent(randomNums, numChallengesSet,
- WriteItOut, fileDesc);
- PR_Close(fileDesc);
- if (rv != 0) {
- printf ("Could not encode the POPODecKeyRespContent\n");
- return 915;
- }
- GetBitsFromFile(filePath, &DecKeyChallBits);
- respContent =
- CMMF_CreatePOPODecKeyRespContentFromDER((const char*)DecKeyChallBits.data,
- DecKeyChallBits.len);
- if (respContent == NULL) {
- printf ("Could not decode the contents of the file %s\n", filePath);
- return 916;
- }
- numChallengesFound =
- CMMF_POPODecKeyRespContentGetNumResponses(respContent);
- if (numChallengesFound != numChallengesSet) {
- printf ("Number of responses found (%d) does not match the number "
- "of challenges set (%d)\n",
- numChallengesFound, numChallengesSet);
- return 917;
- }
- for (i=0; i<numChallengesSet; i++) {
- rv = CMMF_POPODecKeyRespContentGetResponse(respContent, i, &retrieved);
- if (rv != SECSuccess) {
- printf ("Could not retrieve the response at index %d\n", i);
- return 918;
- }
- if (retrieved != randomNums[i]) {
- printf ("Retrieved the number (%ld), expected (%ld)\n", retrieved,
- randomNums[i]);
- return 919;
- }
-
- }
- CMMF_DestroyPOPODecKeyRespContent(respContent);
- return 0;
-}
-
-char *
-certdb_name_cb(void *arg, int dbVersion)
-{
- char *configdir = (char *)arg;
- char *dbver;
-
- switch (dbVersion) {
- case 7:
- dbver = "7";
- break;
- case 6:
- dbver = "6";
- break;
- case 5:
- dbver = "5";
- break;
- case 4:
- default:
- dbver = "";
- break;
- }
- return PR_smprintf("%s/cert%s.db", configdir, dbver);
-}
-
-SECStatus
-OpenCertDB(char *configdir)
-{
- CERTCertDBHandle *certdb;
- SECStatus status = SECFailure;
-
- certdb = PORT_ZNew(CERTCertDBHandle);
- if (certdb == NULL) {
- goto loser;
- }
- status = CERT_OpenCertDB(certdb, PR_TRUE, certdb_name_cb, configdir);
- if (status == SECSuccess) {
- CERT_SetDefaultCertDB(certdb);
- db = certdb;
- } else {
- PORT_Free(certdb);
- }
- loser:
- return status;
-}
-
-char *
-keydb_name_cb(void *arg, int dbVersion)
-{
- char *configdir = (char*) arg;
- char *dbver;
-
- switch(dbVersion){
- case 3:
- dbver = "3";
- break;
- case 2:
- default:
- dbver = "";
- break;
- }
- return PR_smprintf("%s/key%s.db", configdir, dbver);
-}
-
-SECStatus
-OpenKeyDB(char *configdir)
-{
- SECKEYKeyDBHandle *keydb;
-
- keydb = SECKEY_OpenKeyDB(PR_FALSE, keydb_name_cb, configdir);
- if (keydb == NULL) {
- return SECFailure;
- }
- SECKEY_SetDefaultKeyDB(keydb);
- return SECSuccess;
-}
-
-SECStatus
-OpenSecModDB(char *configdir)
-{
- char *secmodname = PR_smprintf("%d/secmod.db", configdir);
- if (secmodname == NULL) {
- return SECFailure;
- }
- SECMOD_init(secmodname);
- return SECSuccess;
-}
-
-void
-CloseHCL(void)
-{
- CERTCertDBHandle *certHandle;
- SECKEYKeyDBHandle *keyHandle;
-
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle) {
- CERT_ClosePermCertDB(certHandle);
- }
- keyHandle = SECKEY_GetDefaultKeyDB();
- if (keyHandle) {
- SECKEY_CloseKeyDB(keyHandle);
- }
-}
-
-SECStatus
-InitHCL(char *configdir)
-{
- SECStatus status;
- SECStatus rv = SECFailure;
-
- RNG_RNGInit();
- RNG_SystemInfoForRNG();
-
- status = OpenCertDB(configdir);
- if (status != SECSuccess) {
- goto loser;
- }
-
- status = OpenKeyDB(configdir);
- if (status != SECSuccess) {
- goto loser;
- }
-
- status = OpenSecModDB(configdir);
- if (status != SECSuccess) {
- goto loser;
- }
-
- rv = SECSuccess;
-
- loser:
- if (rv != SECSuccess) {
- CloseHCL();
- }
- return rv;
-}
-void
-Usage (void)
-{
- printf ("Usage:\n"
- "\tcrmftest -d [Database Directory] -p [Personal Cert]\n"
- "\t -e [Encrypter] -s [CA Certificate]\n\n"
- "Database Directory\n"
- "\tThis is the directory where the key3.db, cert7.db, and\n"
- "\tsecmod.db files are located. This is also the directory\n"
- "\twhere the program will place CRMF/CMMF der files\n"
- "Personal Cert\n"
- "\tThis is the certificate that already exists in the cert\n"
- "\tdatabase to use while encoding the response. The private\n"
- "\tkey associated with the certificate must also exist in the\n"
- "\tkey database.\n"
- "Encrypter\n"
- "\tThis is the certificate to use when encrypting the the \n"
- "\tkey recovery response. The private key for this cert\n"
- "\tmust also be present in the key database.\n"
- "CA Certificate\n"
- "\tThis is the nickname of the certificate to use as the\n"
- "\tCA when doing all of the encoding.\n");
-}
-
-int
-main(int argc, char **argv)
-{
- CRMFCertRequest *certReq, *certReq2;
- CRMFCertReqMsg *certReqMsg;
- CRMFCertReqMsg *secondMsg;
- char *configdir;
- int irv;
- SECStatus rv;
- SECKEYPrivateKey *privKey;
- SECKEYPublicKey *pubKey;
- int o;
- PRBool hclInit = PR_FALSE, pArg = PR_FALSE, eArg = PR_FALSE,
- sArg = PR_FALSE;
-
- printf ("\ncrmftest v1.0\n");
- while (-1 != (o = getopt(argc, argv, "d:p:e:s:"))) {
- switch(o) {
- case 'd':
- configdir = PORT_Strdup(optarg);
- rv = InitHCL(configdir);
- if (rv != SECSuccess) {
- printf ("InitHCL failed\n");
- return 101;
- }
- hclInit = PR_TRUE;
- break;
- case 'p':
- personalCert = PORT_Strdup(optarg);
- if (personalCert == NULL) {
- return 603;
- }
- pArg = PR_TRUE;
- break;
- case 'e':
- recoveryEncrypter = PORT_Strdup(optarg);
- if (recoveryEncrypter == NULL) {
- return 602;
- }
- eArg = PR_TRUE;
- break;
- case 's':
- caCertName = PORT_Strdup(optarg);
- if (caCertName == NULL) {
- return 604;
- }
- sArg = PR_TRUE;
- break;
- default:
- Usage();
- return 601;
- }
- }
- if (!hclInit || !pArg || !eArg || !sArg) {
- Usage();
- return 600;
- }
-
- InitPKCS11();
-
- irv = CreateCertRequest(&certReq, &privKey, &pubKey);
- if (irv != 0 || certReq == NULL) {
- goto loser;
- }
-
- certReqMsg = CRMF_CreateCertReqMsg();
- secondMsg = CRMF_CreateCertReqMsg();
- CRMF_CertReqMsgSetCertRequest(certReqMsg, certReq);
- CRMF_CertReqMsgSetCertRequest(secondMsg, certReq);
-
- irv = AddProofOfPossession(certReqMsg, privKey, pubKey, crmfSignature);
- irv = AddProofOfPossession(secondMsg, privKey, pubKey, crmfKeyAgreement);
- irv = Encode (certReqMsg, secondMsg, configdir);
- if (irv != 0) {
- goto loser;
- }
-
- rv = CRMF_DestroyCertRequest (certReq);
- if (rv != SECSuccess) {
- printf ("Error when destroy certificate request.\n");
- irv = 100;
- goto loser;
- }
-
- rv = CRMF_DestroyCertReqMsg(certReqMsg);
- CRMF_DestroyCertReqMsg(secondMsg);
-
- irv = Decode (configdir);
- if (irv != 0) {
- printf("Error while decoding\n");
- goto loser;
- }
-
- if ((irv = DoCMMFStuff(configdir)) != 0) {
- printf ("CMMF tests failed.\n");
- goto loser;
- }
-
- if ((irv = DoKeyRecovery(configdir, privKey)) != 0) {
- printf ("Error doing key recovery\n");
- goto loser;
- }
-
- if ((irv = DoChallengeResponse(configdir, privKey, pubKey)) != 0) {
- printf ("Error doing challenge-response\n");
- goto loser;
- }
- printf ("Exiting successfully!!!\n\n");
- irv = 0;
-
- loser:
- CloseHCL();
- PORT_Free(configdir);
- return irv;
-}
diff --git a/security/nss/cmd/dbck/Makefile b/security/nss/cmd/dbck/Makefile
deleted file mode 100644
index 7ca8f0630..000000000
--- a/security/nss/cmd/dbck/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/dbck/dbck.c b/security/nss/cmd/dbck/dbck.c
deleted file mode 100644
index a3f1b9d54..000000000
--- a/security/nss/cmd/dbck/dbck.c
+++ /dev/null
@@ -1,1869 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** dbck.c
-**
-** utility for fixing corrupt cert databases
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-#include "cdbhdl.h"
-#include "certdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-/* placeholders for pointer error types */
-static void *WrongEntry;
-static void *NoNickname;
-static void *NoSMime;
-
-enum {
- GOBOTH = 0,
- GORIGHT,
- GOLEFT
-};
-
-typedef struct
-{
- PRBool verbose;
- PRBool dograph;
- PRFileDesc *out;
- PRFileDesc *graphfile;
- int dbErrors[10];
-} dbDebugInfo;
-
-/*
- * A list node for a cert db entry. The index is a unique identifier
- * to use for creating generic maps of a db. This struct handles
- * the cert, nickname, and smime db entry types, as all three have a
- * single handle to a subject entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
- PRArenaPool *arena;
- int index;
- certDBEntryListNode *pSubject;
-} certDBEntryMap;
-
-/*
- * Subject entry is special case, it has bidirectional handles. One
- * subject entry can point to several certs (using the same DN), and
- * a nickname and/or smime entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
- PRArenaPool *arena;
- int index;
- int numCerts;
- certDBEntryListNode **pCerts;
- certDBEntryListNode *pNickname;
- certDBEntryListNode *pSMime;
-} certDBSubjectEntryMap;
-
-/*
- * A map of a certdb.
- */
-typedef struct
-{
- int numCerts;
- int numSubjects;
- int numNicknames;
- int numSMime;
- certDBEntryListNode certs; /* pointer to head of cert list */
- certDBEntryListNode subjects; /* pointer to head of subject list */
- certDBEntryListNode nicknames; /* pointer to head of nickname list */
- certDBEntryListNode smime; /* pointer to head of smime list */
-} certDBArray;
-
-/* Cast list to the base element, a certDBEntryListNode. */
-#define LISTNODE_CAST(node) \
- ((certDBEntryListNode *)(node))
-
-static void
-Usage(char *progName)
-{
-#define FPS fprintf(stderr,
- FPS "Type %s -H for more detailed descriptions\n", progName);
- FPS "Usage: %s -D [-d certdir] [-i dbname] [-m] [-v [-f dumpfile]]\n",
- progName);
- FPS " %s -R -o newdbname [-d certdir] [-i dbname] [-aprsx] [-v [-f dumpfile]]\n",
- progName);
- exit(-1);
-}
-
-static void
-LongUsage(char *progName)
-{
- FPS "%-15s Display this help message.\n",
- "-H");
- FPS "%-15s Dump analysis. No changes will be made to the database.\n",
- "-D");
- FPS "%-15s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-15s Input cert database name (default is cert7.db)\n",
- " -i dbname");
- FPS "%-15s Mail a graph of the database to certdb@netscape.com.\n",
- " -m");
- FPS "%-15s This will produce an index graph of your cert db and send\n",
- "");
- FPS "%-15s it to Netscape for analysis. Personal info will be removed.\n",
- "");
- FPS "%-15s Verbose mode. Dumps the entire contents of your cert7.db.\n",
- " -v");
- FPS "%-15s File to dump verbose output into.\n",
- " -f dumpfile");
- FPS "%-15s Repair the database. The program will look for broken\n",
- "-R");
- FPS "%-15s dependencies between subject entries and certificates,\n",
- "");
- FPS "%-15s between nickname entries and subjects, and between SMIME\n",
- "");
- FPS "%-15s profiles and subjects. Any duplicate entries will be\n",
- "");
- FPS "%-15s removed, any missing entries will be created.\n",
- "");
- FPS "%-15s File to store new database in (default is new_cert7.db)\n",
- " -o newdbname");
- FPS "%-15s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-15s Input cert database name (default is cert7.db)\n",
- " -i dbname");
- FPS "%-15s Prompt before removing any certificates.\n",
- " -p");
- FPS "%-15s Keep all possible certificates. Only remove certificates\n",
- " -a");
- FPS "%-15s which prevent creation of a consistent database. Thus any\n",
- "");
- FPS "%-15s expired or redundant entries will be kept.\n",
- "");
- FPS "%-15s Keep redundant nickname/email entries. It is possible\n",
- " -r");
- FPS "%-15s only one such entry will be usable.\n",
- "");
- FPS "%-15s Don't require an S/MIME profile in order to keep an S/MIME\n",
- " -s");
- FPS "%-15s cert. An empty profile will be created.\n",
- "");
- FPS "%-15s Keep expired certificates.\n",
- " -x");
- FPS "%-15s Verbose mode - report all activity while recovering db.\n",
- " -v");
- FPS "%-15s File to dump verbose output into.\n",
- " -f dumpfile");
- FPS "\n");
- exit(-1);
-#undef FPS
-}
-
-/*******************************************************************
- *
- * Functions for dbck.
- *
- ******************************************************************/
-
-void
-printHexString(PRFileDesc *out, SECItem *hexval)
-{
- int i;
- for (i = 0; i < hexval->len; i++) {
- if (i != hexval->len - 1) {
- PR_fprintf(out, "%02x:", hexval->data[i]);
- } else {
- PR_fprintf(out, "%02x", hexval->data[i]);
- }
- }
- PR_fprintf(out, "\n");
-}
-
-typedef enum {
-/* 0*/ NoSubjectForCert = 0,
-/* 1*/ SubjectHasNoKeyForCert,
-/* 2*/ NoNicknameOrSMimeForSubject,
-/* 3*/ WrongNicknameForSubject,
-/* 4*/ NoNicknameEntry,
-/* 5*/ WrongSMimeForSubject,
-/* 6*/ NoSMimeEntry,
-/* 7*/ NoSubjectForNickname,
-/* 8*/ NoSubjectForSMime,
-/* 9*/ NicknameAndSMimeEntry
-} dbErrorType;
-
-static char *dbErrorString[] = {
-/* 0*/ "<CERT ENTRY>\nDid not find a subject entry for this certificate.",
-/* 1*/ "<SUBJECT ENTRY>\nSubject has certKey which is not in db.",
-/* 2*/ "<SUBJECT ENTRY>\nSubject does not have a nickname or email address.",
-/* 3*/ "<SUBJECT ENTRY>\nUsing this subject's nickname, found a nickname entry for a different subject.",
-/* 4*/ "<SUBJECT ENTRY>\nDid not find a nickname entry for this subject.",
-/* 5*/ "<SUBJECT ENTRY>\nUsing this subject's email, found an S/MIME entry for a different subject.",
-/* 6*/ "<SUBJECT ENTRY>\nDid not find an S/MIME entry for this subject.",
-/* 7*/ "<NICKNAME ENTRY>\nDid not find a subject entry for this nickname.",
-/* 8*/ "<S/MIME ENTRY>\nDid not find a subject entry for this S/MIME profile.",
-};
-
-SECStatus
-dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile)
-{
- int userCert = 0;
- CERTCertTrust *trust = cert->trust;
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- if (num >= 0) {
- PR_fprintf(outfile, "Certificate: %3d\n", num);
- } else {
- PR_fprintf(outfile, "Certificate:\n");
- }
- PR_fprintf(outfile, "----------------\n");
- if (userCert)
- PR_fprintf(outfile, "(User Cert)\n");
- PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName);
- PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName);
- PR_fprintf(outfile, "## SERIAL NUMBER: ");
- printHexString(outfile, &cert->serialNumber);
- { /* XXX should be separate function. */
- int64 timeBefore, timeAfter;
- PRExplodedTime beforePrintable, afterPrintable;
- char *beforestr, *afterstr;
- DER_UTCTimeToTime(&timeBefore, &cert->validity.notBefore);
- DER_UTCTimeToTime(&timeAfter, &cert->validity.notAfter);
- PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
- PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
- beforestr = PORT_Alloc(100);
- afterstr = PORT_Alloc(100);
- PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable);
- PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable);
- PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr);
- }
- PR_fprintf(outfile, "\n");
- return SECSuccess;
-}
-
-SECStatus
-dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile)
-{
- CERTCertificate *cert;
- cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL);
- if (!cert) {
- fprintf(stderr, "Failed to decode certificate.\n");
- return SECFailure;
- }
- cert->trust = &entry->trust;
- dumpCertificate(cert, num, outfile);
- CERT_DestroyCertificate(cert);
- return SECSuccess;
-}
-
-SECStatus
-dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile)
-{
- char *subjectName;
- subjectName = CERT_DerNameToAscii(&entry->derSubject);
- PR_fprintf(outfile, "Subject: %3d\n", num);
- PR_fprintf(outfile, "------------\n");
- PR_fprintf(outfile, "## %s\n", subjectName);
- if (entry->nickname)
- PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname);
- if (entry->emailAddr)
- PR_fprintf(outfile, "## Subject email address: %s\n",
- entry->emailAddr);
- PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts);
- PR_fprintf(outfile, "\n");
- PORT_Free(subjectName);
- return SECSuccess;
-}
-
-SECStatus
-dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile)
-{
- PR_fprintf(outfile, "Nickname: %3d\n", num);
- PR_fprintf(outfile, "-------------\n");
- PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname);
- return SECSuccess;
-}
-
-SECStatus
-dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile)
-{
- PR_fprintf(outfile, "S/MIME Profile: %3d\n", num);
- PR_fprintf(outfile, "-------------------\n");
- PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr);
- PR_fprintf(outfile, "## OPTIONS: ");
- printHexString(outfile, &entry->smimeOptions);
- PR_fprintf(outfile, "## TIMESTAMP: ");
- printHexString(outfile, &entry->optionsDate);
- PR_fprintf(outfile, "\n");
- return SECSuccess;
-}
-
-SECStatus
-mapCertEntries(certDBArray *dbArray)
-{
- certDBEntryCert *certEntry;
- certDBEntrySubject *subjectEntry;
- certDBEntryListNode *certNode, *subjNode;
- certDBSubjectEntryMap *smap;
- certDBEntryMap *map;
- PRArenaPool *tmparena;
- SECItem derSubject;
- SECItem certKey;
- PRCList *cElem, *sElem;
- int i;
-
- /* Arena for decoded entries */
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (tmparena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* Iterate over cert entries and map them to subject entries.
- * NOTE: mapSubjectEntries must be called first to alloc memory
- * for array of subject->cert map.
- */
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
- certNode = LISTNODE_CAST(cElem);
- certEntry = (certDBEntryCert *)&certNode->entry;
- map = (certDBEntryMap *)certNode->appData;
- CERT_NameFromDERCert(&certEntry->derCert, &derSubject);
- CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey);
- /* Loop over found subjects for cert's DN. */
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- subjNode = LISTNODE_CAST(sElem);
- subjectEntry = (certDBEntrySubject *)&subjNode->entry;
- if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) {
- /* Found matching subject name, create link. */
- map->pSubject = subjNode;
- /* Make sure subject entry has cert's key. */
- for (i=0; i<subjectEntry->ncerts; i++) {
- if (SECITEM_ItemsAreEqual(&certKey,
- &subjectEntry->certKeys[i])) {
- /* Found matching cert key. */
- smap = (certDBSubjectEntryMap *)subjNode->appData;
- smap->pCerts[i] = certNode;
- break;
- }
- }
- }
- }
- }
- PORT_FreeArena(tmparena, PR_FALSE);
- return SECSuccess;
-}
-
-SECStatus
-mapSubjectEntries(certDBArray *dbArray)
-{
- certDBEntrySubject *subjectEntry;
- certDBEntryNickname *nicknameEntry;
- certDBEntrySMime *smimeEntry;
- certDBEntryListNode *subjNode, *nickNode, *smimeNode;
- certDBSubjectEntryMap *subjMap;
- certDBEntryMap *nickMap, *smimeMap;
- PRCList *sElem, *nElem, *mElem;
-
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- /* Iterate over subject entries and map subjects to nickname
- * and smime entries. The cert<->subject map will be handled
- * by a subsequent call to mapCertEntries.
- */
- subjNode = LISTNODE_CAST(sElem);
- subjectEntry = (certDBEntrySubject *)&subjNode->entry;
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- /* need to alloc memory here for array of matching certs. */
- subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena,
- subjectEntry->ncerts*sizeof(int));
- subjMap->numCerts = subjectEntry->ncerts;
- if (subjectEntry->nickname) {
- /* Subject should have a nickname entry, so create a link. */
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
- nElem != &dbArray->nicknames.link;
- nElem = PR_NEXT_LINK(nElem)) {
- /* Look for subject's nickname in nickname entries. */
- nickNode = LISTNODE_CAST(nElem);
- nicknameEntry = (certDBEntryNickname *)&nickNode->entry;
- nickMap = (certDBEntryMap *)nickNode->appData;
- if (PL_strcmp(subjectEntry->nickname,
- nicknameEntry->nickname) == 0) {
- /* Found a nickname entry for subject's nickname. */
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &nicknameEntry->subjectName)) {
- /* Nickname and subject match. */
- subjMap->pNickname = nickNode;
- nickMap->pSubject = subjNode;
- } else {
- /* Nickname entry found is for diff. subject. */
- subjMap->pNickname = WrongEntry;
- }
- }
- }
- } else {
- subjMap->pNickname = NoNickname;
- }
- if (subjectEntry->emailAddr) {
- /* Subject should have an smime entry, so create a link. */
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
- /* Look for subject's email in S/MIME entries. */
- smimeNode = LISTNODE_CAST(mElem);
- smimeEntry = (certDBEntrySMime *)&smimeNode->entry;
- smimeMap = (certDBEntryMap *)smimeNode->appData;
- if (PL_strcmp(subjectEntry->emailAddr,
- smimeEntry->emailAddr) == 0) {
- /* Found a S/MIME entry for subject's email. */
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &smimeEntry->subjectName)) {
- /* S/MIME entry and subject match. */
- subjMap->pSMime = smimeNode;
- smimeMap->pSubject = subjNode;
- } else {
- /* S/MIME entry found is for diff. subject. */
- subjMap->pSMime = WrongEntry;
- }
- }
- }
- } else {
- subjMap->pSMime = NoSMime;
- }
- }
- return SECSuccess;
-}
-
-void
-printnode(dbDebugInfo *info, const char *str, int num)
-{
- if (!info->dograph)
- return;
- if (num < 0) {
- PR_fprintf(info->graphfile, str);
- } else {
- PR_fprintf(info->graphfile, str, num);
- }
-}
-
-PRBool
-map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent)
-{
- if (mapPtr == NULL) {
- if (indent > 0)
- printnode(info, " ", -1);
- if (indent >= 0)
- printnode(info, "******************* ", -1);
- return PR_FALSE;
- } else if (mapPtr == WrongEntry) {
- if (indent > 0)
- printnode(info, " ", -1);
- if (indent >= 0)
- printnode(info, "??????????????????? ", -1);
- return PR_FALSE;
- } else {
- return PR_TRUE;
- }
-}
-
-/* these call each other */
-void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap,
- int direction);
-void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap,
- int direction);
-void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap,
- int direction, int optindex, int opttype);
-void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap,
- int direction);
-
-/* Given an smime entry, print its unique identifier. If GOLEFT is
- * specified, print the cert<-subject<-smime map, else just print
- * the smime entry.
- */
-void
-print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- /* Need to output subject and cert first, see print_subject_graph */
- subjNode = smimeMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 1)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GOLEFT,
- smimeMap->index, certDBEntryTypeSMimeProfile);
- } else {
- printnode(info, "<---- S/MIME %5d ", smimeMap->index);
- }
- } else {
- printnode(info, "S/MIME %5d ", smimeMap->index);
- }
-}
-
-/* Given a nickname entry, print its unique identifier. If GOLEFT is
- * specified, print the cert<-subject<-nickname map, else just print
- * the nickname entry.
- */
-void
-print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- /* Need to output subject and cert first, see print_subject_graph */
- subjNode = nickMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 1)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GOLEFT,
- nickMap->index, certDBEntryTypeNickname);
- } else {
- printnode(info, "<---- Nickname %5d ", nickMap->index);
- }
- } else {
- printnode(info, "Nickname %5d ", nickMap->index);
- }
-}
-
-/* Given a subject entry, if going right print the graph of the nickname|smime
- * that it maps to (by its unique identifier); and if going left
- * print the list of certs that it points to.
- */
-void
-print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap,
- int direction, int optindex, int opttype)
-{
- certDBEntryMap *map;
- certDBEntryListNode *node;
- int i;
- /* The first line of output always contains the cert id, subject id,
- * and nickname|smime id. Subsequent lines may contain additional
- * cert id's for the subject if going left or both directions.
- * Ex. of printing the graph for a subject entry:
- * Cert 3 <- Subject 5 -> Nickname 32
- * Cert 8 /
- * Cert 9 /
- * means subject 5 has 3 certs, 3, 8, and 9, and corresponds
- * to nickname entry 32.
- * To accomplish the above, it is required to dump the entire first
- * line left-to-right, regardless of the input direction, and then
- * finish up any remaining cert entries. Hence the code is uglier
- * than one may expect.
- */
- if (direction == GOLEFT || direction == GOBOTH) {
- /* In this case, nothing should be output until the first cert is
- * located and output (cert 3 in the above example).
- */
- if (subjMap->numCerts == 0 || subjMap->pCerts == NULL)
- /* XXX uh-oh */
- return;
- /* get the first cert and dump it. */
- node = subjMap->pCerts[0];
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going left here stops. */
- print_cert_graph(info, map, GOLEFT);
- }
- /* Now it is safe to output the subject id. */
- if (direction == GOLEFT)
- printnode(info, "Subject %5d <---- ", subjMap->index);
- else /* direction == GOBOTH */
- printnode(info, "Subject %5d ----> ", subjMap->index);
- }
- if (direction == GORIGHT || direction == GOBOTH) {
- /* Okay, now output the nickname|smime for this subject. */
- if (direction != GOBOTH) /* handled above */
- printnode(info, "Subject %5d ----> ", subjMap->index);
- if (subjMap->pNickname) {
- node = subjMap->pNickname;
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going right here stops. */
- print_nickname_graph(info, map, GORIGHT);
- }
- }
- if (subjMap->pSMime) {
- node = subjMap->pSMime;
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going right here stops. */
- print_smime_graph(info, map, GORIGHT);
- }
- }
- if (!subjMap->pNickname && !subjMap->pSMime) {
- printnode(info, "******************* ", -1);
- }
- }
- if (direction != GORIGHT) { /* going right has only one cert */
- if (opttype == certDBEntryTypeNickname)
- printnode(info, "Nickname %5d ", optindex);
- else if (opttype == certDBEntryTypeSMimeProfile)
- printnode(info, "S/MIME %5d ", optindex);
- for (i=1 /* 1st one already done */; i<subjMap->numCerts; i++) {
- printnode(info, "\n", -1); /* start a new line */
- node = subjMap->pCerts[i];
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going left here stops. */
- print_cert_graph(info, map, GOLEFT);
- printnode(info, "/", -1);
- }
- }
- }
-}
-
-/* Given a cert entry, print its unique identifer. If GORIGHT is specified,
- * print the cert->subject->nickname|smime map, else just print
- * the cert entry.
- */
-void
-print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- printnode(info, "Cert %5d <---- ", certMap->index);
- /* only want cert entry, terminate here. */
- return;
- }
- /* Keep going right then. */
- printnode(info, "Cert %5d ----> ", certMap->index);
- subjNode = certMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 0)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GORIGHT, -1, -1);
- }
-}
-
-SECStatus
-computeDBGraph(certDBArray *dbArray, dbDebugInfo *info)
-{
- PRCList *cElem, *sElem, *nElem, *mElem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
- certDBSubjectEntryMap *subjMap;
-
- /* Graph is of this form:
- *
- * certs:
- * cert ---> subject ---> (nickname|smime)
- *
- * subjects:
- * cert <--- subject ---> (nickname|smime)
- *
- * nicknames and smime:
- * cert <--- subject <--- (nickname|smime)
- */
-
- /* Print cert graph. */
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
- /* Print graph of everything to right of cert entry. */
- node = LISTNODE_CAST(cElem);
- map = (certDBEntryMap *)node->appData;
- print_cert_graph(info, map, GORIGHT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print subject graph. */
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- /* Print graph of everything to both sides of subject entry. */
- node = LISTNODE_CAST(sElem);
- subjMap = (certDBSubjectEntryMap *)node->appData;
- print_subject_graph(info, subjMap, GOBOTH, -1, -1);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print nickname graph. */
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
- nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) {
- /* Print graph of everything to left of nickname entry. */
- node = LISTNODE_CAST(nElem);
- map = (certDBEntryMap *)node->appData;
- print_nickname_graph(info, map, GOLEFT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print smime graph. */
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
- /* Print graph of everything to left of smime entry. */
- node = LISTNODE_CAST(mElem);
- if (node == NULL) break;
- map = (certDBEntryMap *)node->appData;
- print_smime_graph(info, map, GOLEFT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- return SECSuccess;
-}
-
-/*
- * List the entries in the db, showing handles between entry types.
- */
-void
-verboseOutput(certDBArray *dbArray, dbDebugInfo *info)
-{
- int i, ref;
- PRCList *elem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
- certDBSubjectEntryMap *smap;
- certDBEntrySubject *subjectEntry;
-
- /* List certs */
- for (elem = PR_LIST_HEAD(&dbArray->certs.link);
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out);
- /* walk the cert handle to it's subject entry */
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- smap = (certDBSubjectEntryMap *)map->pSubject->appData;
- ref = smap->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- /* List subjects */
- for (elem = PR_LIST_HEAD(&dbArray->subjects.link);
- elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- subjectEntry = (certDBEntrySubject *)&node->entry;
- smap = (certDBSubjectEntryMap *)node->appData;
- dumpSubjectEntry(subjectEntry, smap->index, info->out);
- /* iterate over subject's certs */
- for (i=0; i<smap->numCerts; i++) {
- /* walk each subject handle to it's cert entries */
- if (map_handle_is_ok(info, smap->pCerts[i], -1)) {
- ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index;
- PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref);
- } else {
- PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i);
- }
- }
- if (subjectEntry->nickname) {
- /* walk each subject handle to it's nickname entry */
- if (map_handle_is_ok(info, smap->pNickname, -1)) {
- ref = ((certDBEntryMap *)smap->pNickname->appData)->index;
- PR_fprintf(info->out, "-->(nickname %d)\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n");
- }
- }
- if (subjectEntry->emailAddr) {
- /* walk each subject handle to it's smime entry */
- if (map_handle_is_ok(info, smap->pSMime, -1)) {
- ref = ((certDBEntryMap *)smap->pSMime->appData)->index;
- PR_fprintf(info->out, "-->(s/mime %d)\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n");
- }
- }
- PR_fprintf(info->out, "\n\n");
- }
- for (elem = PR_LIST_HEAD(&dbArray->nicknames.link);
- elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index,
- info->out);
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- ref = ((certDBEntryMap *)map->pSubject->appData)->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- for (elem = PR_LIST_HEAD(&dbArray->smime.link);
- elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out);
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- ref = ((certDBEntryMap *)map->pSubject->appData)->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- PR_fprintf(info->out, "\n\n");
-}
-
-char *errResult[] = {
- "Certificate entries that had no subject entry.",
- "Certificate entries that had no key in their subject entry.",
- "Subject entries that had no nickname or email address.",
- "Redundant nicknames (subjects with the same nickname).",
- "Subject entries that had no nickname entry.",
- "Redundant email addresses (subjects with the same email address).",
- "Subject entries that had no S/MIME entry.",
- "Nickname entries that had no subject entry.",
- "S/MIME entries that had no subject entry.",
-};
-
-int
-fillDBEntryArray(CERTCertDBHandle *handle, certDBEntryType type,
- certDBEntryListNode *list)
-{
- PRCList *elem;
- certDBEntryListNode *node;
- certDBEntryMap *mnode;
- certDBSubjectEntryMap *smnode;
- PRArenaPool *arena;
- int count = 0;
- /* Initialize a dummy entry in the list. The list head will be the
- * next element, so this element is skipped by for loops.
- */
- PR_INIT_CLIST((PRCList *)list);
- /* Collect all of the cert db entries for this type into a list. */
- SEC_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList,
- (PRCList *)list);
- for (elem = PR_LIST_HEAD(&list->link);
- elem != &list->link; elem = PR_NEXT_LINK(elem)) {
- /* Iterate over the entries and ... */
- node = (certDBEntryListNode *)elem;
- if (type != certDBEntryTypeSubject) {
- arena = PORT_NewArena(sizeof(*mnode));
- mnode = (certDBEntryMap *)PORT_ArenaZAlloc(arena, sizeof(*mnode));
- mnode->arena = arena;
- /* ... assign a unique index number to each node, and ... */
- mnode->index = count;
- /* ... set the map pointer for the node. */
- node->appData = (void *)mnode;
- } else {
- /* allocate some room for the cert pointers also */
- arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *));
- smnode = (certDBSubjectEntryMap *)
- PORT_ArenaZAlloc(arena, sizeof(*smnode));
- smnode->arena = arena;
- smnode->index = count;
- node->appData = (void *)smnode;
- }
- count++;
- }
- return count;
-}
-
-void
-freeDBEntryList(PRCList *list)
-{
- PRCList *next, *elem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
-
- for (elem = PR_LIST_HEAD(list); elem != list;) {
- next = PR_NEXT_LINK(elem);
- node = (certDBEntryListNode *)elem;
- map = (certDBEntryMap *)node->appData;
- PR_REMOVE_LINK(&node->link);
- PORT_FreeArena(map->arena, PR_TRUE);
- PORT_FreeArena(node->entry.common.arena, PR_TRUE);
- elem = next;
- }
-}
-
-void
-DBCK_DebugDB(CERTCertDBHandle *handle, PRFileDesc *out, PRFileDesc *mailfile)
-{
- int i, nCertsFound, nSubjFound, nErr;
- int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime;
- PRCList *elem;
- char c;
- dbDebugInfo info;
- certDBArray dbArray;
-
- PORT_Memset(&dbArray, 0, sizeof(dbArray));
- PORT_Memset(&info, 0, sizeof(info));
- info.verbose = (out == NULL) ? PR_FALSE : PR_TRUE ;
- info.dograph = (mailfile == NULL) ? PR_FALSE : PR_TRUE ;
- info.out = (out) ? out : PR_STDOUT;
- info.graphfile = mailfile;
-
- /* Fill the array structure with cert/subject/nickname/smime entries. */
- dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert,
- &dbArray.certs);
- dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject,
- &dbArray.subjects);
- dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname,
- &dbArray.nicknames);
- dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile,
- &dbArray.smime);
-
- /* Compute the map between the database entries. */
- mapSubjectEntries(&dbArray);
- mapCertEntries(&dbArray);
- computeDBGraph(&dbArray, &info);
-
- /* Store the totals for later reference. */
- nCerts = dbArray.numCerts;
- nSubjects = dbArray.numSubjects;
- nNicknames = dbArray.numNicknames;
- nSMime = dbArray.numSMime;
- nSubjCerts = 0;
- for (elem = PR_LIST_HEAD(&dbArray.subjects.link);
- elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) {
- certDBSubjectEntryMap *smap;
- smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData;
- nSubjCerts += smap->numCerts;
- }
-
- if (info.verbose) {
- /* Dump the database contents. */
- verboseOutput(&dbArray, &info);
- }
-
- freeDBEntryList(&dbArray.certs.link);
- freeDBEntryList(&dbArray.subjects.link);
- freeDBEntryList(&dbArray.nicknames.link);
- freeDBEntryList(&dbArray.smime.link);
-
- PR_fprintf(info.out, "\n");
- PR_fprintf(info.out, "Database statistics:\n");
- PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n",
- nCerts);
- PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n",
- nSubjects);
- PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n",
- nSubjCerts);
- PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n",
- nNicknames);
- PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n",
- nSMime);
- PR_fprintf(info.out, "\n");
-
- nErr = 0;
- for (i=0; i<sizeof(errResult)/sizeof(char*); i++) {
- PR_fprintf(info.out, "E%d: Found %4d %s\n",
- i, info.dbErrors[i], errResult[i]);
- nErr += info.dbErrors[i];
- }
- PR_fprintf(info.out, "--------------\n Found %4d errors in database.\n",
- nErr);
-
- PR_fprintf(info.out, "\nCertificates:\n");
- PR_fprintf(info.out, "N0 == N2 + E%d + E%d\n", NoSubjectForCert,
- SubjectHasNoKeyForCert);
- nCertsFound = nSubjCerts +
- info.dbErrors[NoSubjectForCert] +
- info.dbErrors[SubjectHasNoKeyForCert];
- c = (nCertsFound == nCerts) ? '=' : '!';
- PR_fprintf(info.out, "%d %c= %d + %d + %d\n", nCerts, c, nSubjCerts,
- info.dbErrors[NoSubjectForCert],
- info.dbErrors[SubjectHasNoKeyForCert]);
- PR_fprintf(info.out, "\nSubjects:\n");
- PR_fprintf(info.out, "N1 == N3 + N4 + E%d + E%d + E%d + E%d + E%d - E%d - E%d\n",
- NoNicknameOrSMimeForSubject, WrongNicknameForSubject,
- NoNicknameEntry, WrongSMimeForSubject, NoSMimeEntry,
- NoSubjectForNickname, NoSubjectForSMime);
- PR_fprintf(info.out, " - #(subjects with both nickname and S/MIME entries)\n");
- nSubjFound = nNicknames + nSMime +
- info.dbErrors[NoNicknameOrSMimeForSubject] +
- info.dbErrors[WrongNicknameForSubject] +
- info.dbErrors[NoNicknameEntry] +
- info.dbErrors[WrongSMimeForSubject] +
- info.dbErrors[NoSMimeEntry] -
- info.dbErrors[NoSubjectForNickname] -
- info.dbErrors[NoSubjectForSMime] -
- info.dbErrors[NicknameAndSMimeEntry];
- c = (nSubjFound == nSubjects) ? '=' : '!';
- PR_fprintf(info.out, "%d %c= %d + %d + %d + %d + %d + %d + %d - %d - %d - %d\n",
- nSubjects, c, nNicknames, nSMime,
- info.dbErrors[NoNicknameOrSMimeForSubject],
- info.dbErrors[WrongNicknameForSubject],
- info.dbErrors[NoNicknameEntry],
- info.dbErrors[WrongSMimeForSubject],
- info.dbErrors[NoSMimeEntry],
- info.dbErrors[NoSubjectForNickname],
- info.dbErrors[NoSubjectForSMime],
- info.dbErrors[NicknameAndSMimeEntry]);
- PR_fprintf(info.out, "\n");
-}
-
-#ifdef DORECOVER
-enum {
- dbInvalidCert = 0,
- dbNoSMimeProfile,
- dbOlderCert,
- dbBadCertificate,
- dbCertNotWrittenToDB
-};
-
-typedef struct dbRestoreInfoStr
-{
- CERTCertDBHandle *handle;
- PRBool verbose;
- PRFileDesc *out;
- int nCerts;
- int nOldCerts;
- int dbErrors[5];
- PRBool removeType[3];
- PRBool promptUser[3];
-} dbRestoreInfo;
-
-char *
-IsEmailCert(CERTCertificate *cert)
-{
- char *email, *tmp1, *tmp2;
- PRBool isCA;
- int len;
-
- if (!cert->subjectName) {
- return NULL;
- }
-
- tmp1 = PORT_Strstr(cert->subjectName, "E=");
- tmp2 = PORT_Strstr(cert->subjectName, "MAIL=");
- /* XXX Nelson has cert for KTrilli which does not have either
- * of above but is email cert (has cert->emailAddr).
- */
- if (!tmp1 && !tmp2 && !cert->emailAddr) {
- return NULL;
- }
-
- /* Server or CA cert, not personal email. */
- isCA = CERT_IsCACert(cert, NULL);
- if (isCA)
- return NULL;
-
- /* XXX CERT_IsCACert advertises checking the key usage ext.,
- but doesn't appear to. */
- /* Check the key usage extension. */
- if (cert->keyUsagePresent) {
- /* Must at least be able to sign or encrypt (not neccesarily
- * both if it is one of a dual cert).
- */
- if (!((cert->rawKeyUsage & KU_DIGITAL_SIGNATURE) ||
- (cert->rawKeyUsage & KU_KEY_ENCIPHERMENT)))
- return NULL;
-
- /* CA cert, not personal email. */
- if (cert->rawKeyUsage & (KU_KEY_CERT_SIGN | KU_CRL_SIGN))
- return NULL;
- }
-
- if (cert->emailAddr) {
- email = PORT_Strdup(cert->emailAddr);
- } else {
- if (tmp1)
- tmp1 += 2; /* "E=" */
- else
- tmp1 = tmp2 + 5; /* "MAIL=" */
- len = strcspn(tmp1, ", ");
- email = (char*)PORT_Alloc(len+1);
- PORT_Strncpy(email, tmp1, len);
- email[len] = '\0';
- }
-
- return email;
-}
-
-SECStatus
-deleteit(CERTCertificate *cert, void *arg)
-{
- return SEC_DeletePermCertificate(cert);
-}
-
-/* Different than DeleteCertificate - has the added bonus of removing
- * all certs with the same DN.
- */
-SECStatus
-deleteAllEntriesForCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRFileDesc *outfile)
-{
-#if 0
- certDBEntrySubject *subjectEntry;
- certDBEntryNickname *nicknameEntry;
- certDBEntrySMime *smimeEntry;
- int i;
-#endif
-
- if (outfile) {
- PR_fprintf(outfile, "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$\n\n");
- PR_fprintf(outfile, "Deleting redundant certificate:\n");
- dumpCertificate(cert, -1, outfile);
- }
-
- CERT_TraverseCertsForSubject(handle, cert->subjectList, deleteit, NULL);
-#if 0
- CERT_LockDB(handle);
- subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
- /* It had better be there, or created a bad db. */
- PORT_Assert(subjectEntry);
- for (i=0; i<subjectEntry->ncerts; i++) {
- DeleteDBCertEntry(handle, &subjectEntry->certKeys[i]);
- }
- DeleteDBSubjectEntry(handle, &cert->derSubject);
- if (subjectEntry->emailAddr) {
- smimeEntry = ReadDBSMimeEntry(handle, subjectEntry->emailAddr);
- if (smimeEntry) {
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &smimeEntry->subjectName))
- /* Only delete it if it's for this subject! */
- DeleteDBSMimeEntry(handle, subjectEntry->emailAddr);
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- }
- }
- if (subjectEntry->nickname) {
- nicknameEntry = ReadDBNicknameEntry(handle, subjectEntry->nickname);
- if (nicknameEntry) {
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &nicknameEntry->subjectName))
- /* Only delete it if it's for this subject! */
- DeleteDBNicknameEntry(handle, subjectEntry->nickname);
- SEC_DestroyDBEntry((certDBEntry*)nicknameEntry);
- }
- }
- SEC_DestroyDBEntry((certDBEntry*)subjectEntry);
- CERT_UnlockDB(handle);
-#endif
- return SECSuccess;
-}
-
-void
-getCertsToDelete(char *numlist, int len, int *certNums, int nCerts)
-{
- int j, num;
- char *numstr, *numend, *end;
-
- numstr = numlist;
- end = numstr + len - 1;
- while (numstr != end) {
- numend = strpbrk(numstr, ", \n");
- *numend = '\0';
- if (PORT_Strlen(numstr) == 0)
- return;
- num = PORT_Atoi(numstr);
- if (numstr == numlist)
- certNums[0] = num;
- for (j=1; j<nCerts+1; j++) {
- if (num == certNums[j]) {
- certNums[j] = -1;
- break;
- }
- }
- if (numend == end)
- break;
- numstr = strpbrk(numend+1, "0123456789");
- }
-}
-
-PRBool
-userSaysDeleteCert(CERTCertificate **certs, int nCerts,
- int errtype, dbRestoreInfo *info, int *certNums)
-{
- char response[32];
- int32 nb;
- int i;
- /* User wants to remove cert without prompting. */
- if (info->promptUser[errtype] == PR_FALSE)
- return (info->removeType[errtype]);
- switch (errtype) {
- case dbInvalidCert:
- PR_fprintf(PR_STDOUT, "******** Expired ********\n");
- PR_fprintf(PR_STDOUT, "Cert has expired.\n\n");
- dumpCertificate(certs[0], -1, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Keep it? (y/n - this one, Y/N - all expired certs) [n] ");
- break;
- case dbNoSMimeProfile:
- PR_fprintf(PR_STDOUT, "******** No Profile ********\n");
- PR_fprintf(PR_STDOUT, "S/MIME cert has no profile.\n\n");
- dumpCertificate(certs[0], -1, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Keep it? (y/n - this one, Y/N - all S/MIME w/o profile) [n] ");
- break;
- case dbOlderCert:
- PR_fprintf(PR_STDOUT, "******* Redundant nickname/email *******\n\n");
- PR_fprintf(PR_STDOUT, "These certs have the same nickname/email:\n");
- for (i=0; i<nCerts; i++)
- dumpCertificate(certs[i], i, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Enter the certs you would like to keep from those listed above.\n");
- PR_fprintf(PR_STDOUT,
- "Use a comma-separated list of the cert numbers (ex. 0, 8, 12).\n");
- PR_fprintf(PR_STDOUT,
- "The first cert in the list will be the primary cert\n");
- PR_fprintf(PR_STDOUT,
- " accessed by the nickname/email handle.\n");
- PR_fprintf(PR_STDOUT,
- "List cert numbers to keep here, or hit enter\n");
- PR_fprintf(PR_STDOUT,
- " to always keep only the newest cert: ");
- break;
- default:
- }
- nb = PR_Read(PR_STDIN, response, sizeof(response));
- PR_fprintf(PR_STDOUT, "\n\n");
- if (errtype == dbOlderCert) {
- if (!isdigit(response[0])) {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_TRUE;
- return PR_TRUE;
- }
- getCertsToDelete(response, nb, certNums, nCerts);
- return PR_TRUE;
- }
- /* User doesn't want to be prompted for this type anymore. */
- if (response[0] == 'Y') {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_FALSE;
- return PR_FALSE;
- } else if (response[0] == 'N') {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_TRUE;
- return PR_TRUE;
- }
- return (response[0] != 'y') ? PR_TRUE : PR_FALSE;
-}
-
-SECStatus
-addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info,
- CERTCertDBHandle *oldhandle)
-{
- SECStatus rv = SECSuccess;
- PRBool allowOverride;
- PRBool userCert;
- SECCertTimeValidity validity;
- CERTCertificate *oldCert = NULL;
- CERTCertificate *dbCert = NULL;
- CERTCertificate *newCert = NULL;
- CERTCertTrust *trust;
- certDBEntrySMime *smimeEntry = NULL;
- char *email = NULL;
- char *nickname = NULL;
- int nCertsForSubject = 1;
-
- oldCert = CERT_DecodeDERCertificate(&certEntry->derCert, PR_FALSE,
- certEntry->nickname);
- if (!oldCert) {
- info->dbErrors[dbBadCertificate]++;
- SEC_DestroyDBEntry((certDBEntry*)certEntry);
- return SECSuccess;
- }
-
- oldCert->dbEntry = certEntry;
- oldCert->trust = &certEntry->trust;
- oldCert->dbhandle = oldhandle;
-
- trust = oldCert->trust;
-
- info->nOldCerts++;
-
- if (info->verbose)
- PR_fprintf(info->out, "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n\n");
-
- if (oldCert->nickname)
- nickname = PORT_Strdup(oldCert->nickname);
-
- /* Always keep user certs. Skip ahead. */
- /* XXX if someone sends themselves a signed message, it is possible
- for their cert to be imported as an "other" cert, not a user cert.
- this mucks with smime entries... */
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- if (userCert)
- goto createcert;
-
- /* If user chooses so, ignore expired certificates. */
- allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) ||
- (oldCert->keyUsage == certUsageSSLServerWithStepUp));
- validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride);
- /* If cert expired and user wants to delete it, ignore it. */
- if ((validity != secCertTimeValid) &&
- userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) {
- info->dbErrors[dbInvalidCert]++;
- if (info->verbose) {
- PR_fprintf(info->out, "Deleting expired certificate:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- }
-
- /* New database will already have default certs, don't attempt
- to overwrite them. */
- dbCert = CERT_FindCertByDERCert(info->handle, &oldCert->derCert);
- if (dbCert) {
- info->nCerts++;
- if (info->verbose) {
- PR_fprintf(info->out, "Added certificate to database:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- }
-
- /* Determine if cert is S/MIME and get its email if so. */
- email = IsEmailCert(oldCert);
-
- /*
- XXX Just create empty profiles?
- if (email) {
- SECItem *profile = CERT_FindSMimeProfile(oldCert);
- if (!profile &&
- userSaysDeleteCert(&oldCert, 1, dbNoSMimeProfile, info, 0)) {
- info->dbErrors[dbNoSMimeProfile]++;
- if (info->verbose) {
- PR_fprintf(info->out,
- "Deleted cert missing S/MIME profile.\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- } else {
- SECITEM_FreeItem(profile);
- }
- }
- */
-
-createcert:
-
- /* Sometimes happens... */
- if (!nickname && userCert)
- nickname = PORT_Strdup(oldCert->subjectName);
-
- /* Create a new certificate, copy of the old one. */
- newCert = CERT_NewTempCertificate(info->handle, &oldCert->derCert,
- nickname, PR_FALSE, PR_TRUE);
- if (!newCert) {
- PR_fprintf(PR_STDERR, "Unable to create new certificate.\n");
- dumpCertificate(oldCert, -1, PR_STDERR);
- info->dbErrors[dbBadCertificate]++;
- goto cleanup;
- }
-
- /* Add the cert to the new database. */
- rv = CERT_AddTempCertToPerm(newCert, nickname, oldCert->trust);
- if (rv) {
- PR_fprintf(PR_STDERR, "Failed to write temp cert to perm database.\n");
- dumpCertificate(oldCert, -1, PR_STDERR);
- info->dbErrors[dbCertNotWrittenToDB]++;
- goto cleanup;
- }
-
- if (info->verbose) {
- PR_fprintf(info->out, "Added certificate to database:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
-
- /* If the cert is an S/MIME cert, and the first with it's subject,
- * modify the subject entry to include the email address,
- * CERT_AddTempCertToPerm does not do email addresses and S/MIME entries.
- */
- if (smimeEntry) { /*&& !userCert && nCertsForSubject == 1) { */
-#if 0
- UpdateSubjectWithEmailAddr(newCert, email);
-#endif
- SECItem emailProfile, profileTime;
- rv = CERT_FindFullSMimeProfile(oldCert, &emailProfile, &profileTime);
- /* calls UpdateSubjectWithEmailAddr */
- if (rv == SECSuccess)
- rv = CERT_SaveSMimeProfile(newCert, &emailProfile, &profileTime);
- }
-
- info->nCerts++;
-
-cleanup:
-
- if (nickname)
- PORT_Free(nickname);
- if (email)
- PORT_Free(email);
- if (oldCert)
- CERT_DestroyCertificate(oldCert);
- if (dbCert)
- CERT_DestroyCertificate(dbCert);
- if (newCert)
- CERT_DestroyCertificate(newCert);
- if (smimeEntry)
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- return SECSuccess;
-}
-
-#if 0
-SECStatus
-copyDBEntry(SECItem *data, SECItem *key, certDBEntryType type, void *pdata)
-{
- SECStatus rv;
- CERTCertDBHandle *newdb = (CERTCertDBHandle *)pdata;
- certDBEntryCommon common;
- SECItem dbkey;
-
- common.type = type;
- common.version = CERT_DB_FILE_VERSION;
- common.flags = data->data[2];
- common.arena = NULL;
-
- dbkey.len = key->len + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_Alloc(dbkey.len*sizeof(unsigned char));
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], key->data, key->len);
- dbkey.data[0] = type;
-
- rv = WriteDBEntry(newdb, &common, &dbkey, data);
-
- PORT_Free(dbkey.data);
- return rv;
-}
-#endif
-
-int
-certIsOlder(CERTCertificate **cert1, CERTCertificate** cert2)
-{
- return !CERT_IsNewer(*cert1, *cert2);
-}
-
-int
-findNewestSubjectForEmail(CERTCertDBHandle *handle, int subjectNum,
- certDBArray *dbArray, dbRestoreInfo *info,
- int *subjectWithSMime, int *smimeForSubject)
-{
- int newestSubject;
- int subjectsForEmail[50];
- int i, j, ns, sNum;
- certDBEntryListNode *subjects = &dbArray->subjects;
- certDBEntryListNode *smime = &dbArray->smime;
- certDBEntrySubject *subjectEntry1, *subjectEntry2;
- certDBEntrySMime *smimeEntry;
- CERTCertificate **certs;
- CERTCertificate *cert;
- CERTCertTrust *trust;
- PRBool userCert;
- int *certNums;
-
- ns = 0;
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[subjectNum];
- subjectsForEmail[ns++] = subjectNum;
-
- *subjectWithSMime = -1;
- *smimeForSubject = -1;
- newestSubject = subjectNum;
-
- cert = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
- if (cert) {
- trust = cert->trust;
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- CERT_DestroyCertificate(cert);
- }
-
- /* Loop over the remaining subjects. */
- for (i=subjectNum+1; i<subjects.numEntries; i++) {
- subjectEntry2 = (certDBEntrySubject*)&subjects.entries[i];
- if (!subjectEntry2)
- continue;
- if (subjectEntry2->emailAddr &&
- PORT_Strcmp(subjectEntry1->emailAddr,
- subjectEntry2->emailAddr) == 0) {
- /* Found a subject using the same email address. */
- subjectsForEmail[ns++] = i;
- }
- }
-
- /* Find the S/MIME entry for this email address. */
- for (i=0; i<smime.numEntries; i++) {
- smimeEntry = (certDBEntrySMime*)&smime.entries[i];
- if (smimeEntry->common.arena == NULL)
- continue;
- if (PORT_Strcmp(subjectEntry1->emailAddr, smimeEntry->emailAddr) == 0) {
- /* Find which of the subjects uses this S/MIME entry. */
- for (j=0; j<ns && *subjectWithSMime < 0; j++) {
- sNum = subjectsForEmail[j];
- subjectEntry2 = (certDBEntrySubject*)&subjects.entries[sNum];
- if (SECITEM_ItemsAreEqual(&smimeEntry->subjectName,
- &subjectEntry2->derSubject)) {
- /* Found the subject corresponding to the S/MIME entry. */
- *subjectWithSMime = sNum;
- *smimeForSubject = i;
- }
- }
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- PORT_Memset(smimeEntry, 0, sizeof(certDBEntry));
- break;
- }
- }
-
- if (ns <= 1)
- return subjectNum;
-
- if (userCert)
- return *subjectWithSMime;
-
- /* Now find which of the subjects has the newest cert. */
- certs = (CERTCertificate**)PORT_Alloc(ns*sizeof(CERTCertificate*));
- certNums = (int*)PORT_Alloc((ns+1)*sizeof(int));
- certNums[0] = 0;
- for (i=0; i<ns; i++) {
- sNum = subjectsForEmail[i];
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[sNum];
- certs[i] = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
- certNums[i+1] = i;
- }
- /* Sort the array by validity. */
- qsort(certs, ns, sizeof(CERTCertificate*),
- (int (*)(const void *, const void *))certIsOlder);
- newestSubject = -1;
- for (i=0; i<ns; i++) {
- sNum = subjectsForEmail[i];
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[sNum];
- if (SECITEM_ItemsAreEqual(&subjectEntry1->derSubject,
- &certs[0]->derSubject))
- newestSubject = sNum;
- else
- SEC_DestroyDBEntry((certDBEntry*)subjectEntry1);
- }
- if (info && userSaysDeleteCert(certs, ns, dbOlderCert, info, certNums)) {
- for (i=1; i<ns+1; i++) {
- if (certNums[i] >= 0 && certNums[i] != certNums[0]) {
- deleteAllEntriesForCert(handle, certs[certNums[i]], info->out);
- info->dbErrors[dbOlderCert]++;
- }
- }
- }
- CERT_DestroyCertArray(certs, ns);
- return newestSubject;
-}
-
-CERTCertDBHandle *
-DBCK_ReconstructDBFromCerts(CERTCertDBHandle *oldhandle, char *newdbname,
- PRFileDesc *outfile, PRBool removeExpired,
- PRBool requireProfile, PRBool singleEntry,
- PRBool promptUser)
-{
- SECStatus rv;
- dbRestoreInfo info;
- certDBEntryContentVersion *oldContentVersion;
- certDBArray dbArray;
- int i;
-
- PORT_Memset(&dbArray, 0, sizeof(dbArray));
- PORT_Memset(&info, 0, sizeof(info));
- info.verbose = (outfile) ? PR_TRUE : PR_FALSE;
- info.out = (outfile) ? outfile : PR_STDOUT;
- info.removeType[dbInvalidCert] = removeExpired;
- info.removeType[dbNoSMimeProfile] = requireProfile;
- info.removeType[dbOlderCert] = singleEntry;
- info.promptUser[dbInvalidCert] = promptUser;
- info.promptUser[dbNoSMimeProfile] = promptUser;
- info.promptUser[dbOlderCert] = promptUser;
-
- /* Allocate a handle to fill with CERT_OpenCertDB below. */
- info.handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!info.handle) {
- fprintf(stderr, "unable to get database handle");
- return NULL;
- }
-
- /* Create a certdb with the most recent set of roots. */
- rv = CERT_OpenCertDBFilename(info.handle, newdbname, PR_FALSE);
-
- if (rv) {
- fprintf(stderr, "could not open certificate database");
- goto loser;
- }
-
- /* Create certificate, subject, nickname, and email records.
- * mcom_db seems to have a sequential access bug. Though reads and writes
- * should be allowed during traversal, they seem to screw up the sequence.
- * So, stuff all the cert entries into an array, and loop over the array
- * doing read/writes in the db.
- */
- fillDBEntryArray(oldhandle, certDBEntryTypeCert, &dbArray.certs);
- for (elem = PR_LIST_HEAD(&dbArray->certs.link);
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- addCertToDB((certDBEntryCert*)&node->entry, &info, oldhandle);
- /* entries get destroyed in addCertToDB */
- }
-#if 0
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeSMimeProfile,
- copyDBEntry, info.handle);
-#endif
-
- /* Fix up the pointers between (nickname|S/MIME) --> (subject).
- * Create S/MIME entries for S/MIME certs.
- * Have the S/MIME entry point to the last-expiring cert using
- * an email address.
- */
-#if 0
- CERT_RedoHandlesForSubjects(info.handle, singleEntry, &info);
-#endif
-
- freeDBEntryList(&dbArray.certs.link);
-
- /* Copy over the version record. */
- /* XXX Already exists - and _must_ be correct... */
- /*
- versionEntry = ReadDBVersionEntry(oldhandle);
- rv = WriteDBVersionEntry(info.handle, versionEntry);
- */
-
- /* Copy over the content version record. */
- /* XXX Can probably get useful info from old content version?
- * Was this db created before/after this tool? etc.
- */
-#if 0
- oldContentVersion = ReadDBContentVersionEntry(oldhandle);
- CERT_SetDBContentVersion(oldContentVersion->contentVersion, info.handle);
-#endif
-
-#if 0
- /* Copy over the CRL & KRL records. */
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeRevocation,
- copyDBEntry, info.handle);
- /* XXX Only one KRL, just do db->get? */
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeKeyRevocation,
- copyDBEntry, info.handle);
-#endif
-
- PR_fprintf(info.out, "Database had %d certificates.\n", info.nOldCerts);
-
- PR_fprintf(info.out, "Reconstructed %d certificates.\n", info.nCerts);
- PR_fprintf(info.out, "(ax) Rejected %d expired certificates.\n",
- info.dbErrors[dbInvalidCert]);
- PR_fprintf(info.out, "(as) Rejected %d S/MIME certificates missing a profile.\n",
- info.dbErrors[dbNoSMimeProfile]);
- PR_fprintf(info.out, "(ar) Rejected %d certificates for which a newer certificate was found.\n",
- info.dbErrors[dbOlderCert]);
- PR_fprintf(info.out, " Rejected %d corrupt certificates.\n",
- info.dbErrors[dbBadCertificate]);
- PR_fprintf(info.out, " Rejected %d certificates which did not write to the DB.\n",
- info.dbErrors[dbCertNotWrittenToDB]);
-
- if (rv)
- goto loser;
-
- return info.handle;
-
-loser:
- if (info.handle)
- PORT_Free(info.handle);
- return NULL;
-}
-#endif /* DORECOVER */
-
-enum {
- cmd_Debug = 0,
- cmd_LongUsage,
- cmd_Recover
-};
-
-enum {
- opt_KeepAll = 0,
- opt_CertDir,
- opt_Dumpfile,
- opt_InputDB,
- opt_OutputDB,
- opt_Mailfile,
- opt_Prompt,
- opt_KeepRedundant,
- opt_KeepNoSMimeProfile,
- opt_Verbose,
- opt_KeepExpired
-};
-
-static secuCommandFlag dbck_commands[] =
-{
- { /* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag dbck_options[] =
-{
- { /* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE },
- { /* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE },
- { /* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- CERTCertDBHandle *certHandle;
-
- PRFileInfo fileInfo;
- PRFileDesc *mailfile = NULL;
- PRFileDesc *dumpfile = NULL;
-
- char * pathname = 0;
- char * fullname = 0;
- char * newdbname = 0;
-
- PRBool removeExpired, requireProfile, singleEntry;
-
- SECStatus rv;
-
- secuCommand dbck;
- dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag);
- dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag);
- dbck.commands = dbck_commands;
- dbck.options = dbck_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &dbck);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (dbck.commands[cmd_LongUsage].activated)
- LongUsage(progName);
-
- if (!dbck.commands[cmd_Debug].activated &&
- !dbck.commands[cmd_Recover].activated) {
- PR_fprintf(PR_STDERR, "Please specify -D or -R.\n");
- Usage(progName);
- }
-
- removeExpired = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepExpired].activated);
-
- requireProfile = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepNoSMimeProfile].activated);
-
- singleEntry = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepRedundant].activated);
-
- if (dbck.options[opt_OutputDB].activated) {
- newdbname = PL_strdup(dbck.options[opt_OutputDB].arg);
- } else {
- newdbname = PL_strdup("new_cert7.db");
- }
-
- /* Create a generic graph of the database. */
- if (dbck.options[opt_Mailfile].activated) {
- mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660);
- if (!mailfile) {
- fprintf(stderr, "Unable to create mailfile.\n");
- return -1;
- }
- }
-
- /* Dump all debugging info while running. */
- if (dbck.options[opt_Verbose].activated) {
- if (dbck.options[opt_Dumpfile].activated) {
- dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg,
- PR_RDWR | PR_CREATE_FILE, 00660);
- }
- if (!dumpfile) {
- fprintf(stderr, "Unable to create dumpfile.\n");
- return -1;
- }
- }
-
- /* Set the cert database directory. */
- if (dbck.options[opt_CertDir].activated) {
- SECU_ConfigDirectory(dbck.options[opt_CertDir].arg);
- }
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- SEC_Init();
-
- certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!certHandle) {
- SECU_PrintError(progName, "unable to get database handle");
- return -1;
- }
-
- /* Open the possibly corrupt database. */
- if (dbck.options[opt_InputDB].activated) {
- pathname = SECU_ConfigDirectory(NULL);
- fullname = PR_smprintf("%s/%s", pathname,
- dbck.options[opt_InputDB].arg);
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
- return -1;
- }
- rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE);
- } else {
- /* Use the default. */
- fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION);
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
- return -1;
- }
- rv = CERT_OpenCertDB(certHandle, PR_TRUE,
- SECU_CertDBNameCallback, NULL);
- }
-
- if (rv) {
- SECU_PrintError(progName, "unable to open cert database");
- return -1;
- }
-
- if (dbck.commands[cmd_Debug].activated) {
- DBCK_DebugDB(certHandle, dumpfile, mailfile);
- return 0;
- }
-
-#ifdef DORECOVER
- if (dbck.commands[cmd_Recover].activated) {
- DBCK_ReconstructDBFromCerts(certHandle, newdbname,
- dumpfile, removeExpired,
- requireProfile, singleEntry,
- dbck.options[opt_Prompt].activated);
- return 0;
- }
-#endif
-
- if (mailfile)
- PR_Close(mailfile);
- if (dumpfile)
- PR_Close(dumpfile);
- if (certHandle) {
- CERT_ClosePermCertDB(certHandle);
- PORT_Free(certHandle);
- }
- return -1;
-}
diff --git a/security/nss/cmd/dbck/manifest.mn b/security/nss/cmd/dbck/manifest.mn
deleted file mode 100644
index 74e66c49e..000000000
--- a/security/nss/cmd/dbck/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- dbck.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = dbck
diff --git a/security/nss/cmd/dbtest/Makefile b/security/nss/cmd/dbtest/Makefile
deleted file mode 100644
index 0ff13ae43..000000000
--- a/security/nss/cmd/dbtest/Makefile
+++ /dev/null
@@ -1,88 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifdef XP_OS2_VACPP
-CFLAGS += -I../modutil
-endif
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE
-ifndef BUILD_OPT
-ifndef NS_USE_GCC
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-endif
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/dbtest/dbtest.c b/security/nss/cmd/dbtest/dbtest.c
deleted file mode 100644
index 39f659522..000000000
--- a/security/nss/cmd/dbtest/dbtest.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Sonja Mirtitsch Sun Microsystems
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** dbtest.c
-**
-** QA test for cert and key databases, especially to open
-** database readonly (NSS_INIT_READONLY) and force initializations
-** even if the databases cannot be opened (NSS_INIT_FORCEOPEN)
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "certdb.h"
-#include "nss.h"
-#include "../modutil/modutil.h"
-
-#include "plgetopt.h"
-
-static char *progName;
-
-char *dbDir = NULL;
-
-static char *dbName[]={"secmod.db", "cert8.db", "key3.db"};
-static char* dbprefix = "";
-static char* secmodName = "secmod.db";
-PRBool verbose;
-
-
-static void Usage(const char *progName)
-{
- printf("Usage: %s [-r] [-f] [-d dbdir ] \n",
- progName);
- printf("%-20s open database readonly (NSS_INIT_READONLY)\n", "-r");
- printf("%-20s Continue to force initializations even if the\n", "-f");
- printf("%-20s databases cannot be opened (NSS_INIT_FORCEOPEN)\n", " ");
- printf("%-20s Directory with cert database (default is .\n",
- "-d certdir");
- exit(1);
-}
-
-int main(int argc, char **argv)
-{
- PLOptState *optstate;
- PLOptStatus optstatus;
-
- PRUint32 flags = 0;
- PRBool useCommandLinePassword = PR_FALSE;
- Error ret;
- SECStatus rv;
- char * dbString = NULL;
- int i;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "rfd:h");
-
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'h':
- default : Usage(progName); break;
-
- case 'r': flags |= NSS_INIT_READONLY; break;
-
- case 'f': flags |= NSS_INIT_FORCEOPEN; break;
-
- case 'd':
- dbDir = PORT_Strdup(optstate->value);
- break;
-
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if (!dbDir) {
- dbDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */
- }
- dbDir = SECU_ConfigDirectory(dbDir);
- PR_fprintf(PR_STDERR, "dbdir selected is %s\n\n", dbDir);
-
- if( dbDir[0] == '\0') {
- PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir);
- ret= DIR_DOESNT_EXIST_ERR;
- goto loser;
- }
-
-
- PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- /* get the status of the directory and databases and output message */
- if(PR_Access(dbDir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir);
- } else if(PR_Access(dbDir, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dbDir);
- } else {
- if( !( flags & NSS_INIT_READONLY ) &&
- PR_Access(dbDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dbDir);
- }
- for (i=0;i<3;i++) {
- dbString=PR_smprintf("%s/%s",dbDir,dbName[i]);
- PR_fprintf(PR_STDOUT, "database checked is %s\n",dbString);
- if(PR_Access(dbString, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_DOESNT_EXIST_ERR],
- dbString);
- } else if(PR_Access(dbString, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
- dbString);
- } else if( !( flags & NSS_INIT_READONLY ) &&
- PR_Access(dbString, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- dbString);
- }
- }
- }
-
- rv = NSS_Initialize(SECU_ConfigDirectory(dbDir), dbprefix, dbprefix,
- secmodName, flags);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- ret=NSS_INITIALIZE_FAILED_ERR;
- } else {
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- ret=SUCCESS;
- }
-
-loser:
- return ret;
-}
-
diff --git a/security/nss/cmd/dbtest/makefile.win b/security/nss/cmd/dbtest/makefile.win
deleted file mode 100644
index 5a60fd0af..000000000
--- a/security/nss/cmd/dbtest/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = dbtest
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/dbtest/manifest.mn b/security/nss/cmd/dbtest/manifest.mn
deleted file mode 100644
index 0f6888088..000000000
--- a/security/nss/cmd/dbtest/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-# DIRS =
-
-CSRCS = dbtest.c
-
-PROGRAM = dbtest
-
diff --git a/security/nss/cmd/derdump/Makefile b/security/nss/cmd/derdump/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/derdump/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/derdump/derdump.c b/security/nss/cmd/derdump/derdump.c
deleted file mode 100644
index 603d5f772..000000000
--- a/security/nss/cmd/derdump/derdump.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "nss.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-#include "plgetopt.h"
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-r] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s For formatted items, dump raw bytes as well\n",
- "-r");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- int option;
- FILE *outFile;
- PRFileDesc *inFile;
- SECItem der;
- SECStatus rv;
- int16 xp_error;
- PRBool raw = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- inFile = 0;
- outFile = 0;
- optstate = PL_CreateOptState(argc, argv, "i:o:r");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'r':
- raw = PR_TRUE;
- break;
-
- default:
- Usage(progName);
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- rv = NSS_NoDB_Init(NULL); /* XXX */
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- rv = SECU_ReadDERFromFile(&der, inFile, PR_FALSE);
- if (rv == SECSuccess) {
- rv = DER_PrettyPrint(outFile, &der, raw);
- if (rv == SECSuccess)
- return 0;
- }
-
- xp_error = PORT_GetError();
- if (xp_error) {
- SECU_PrintError(progName, "error %d", xp_error);
- }
- if (errno) {
- SECU_PrintSystemError(progName, "errno=%d", errno);
- }
- return 1;
-}
diff --git a/security/nss/cmd/derdump/makefile.win b/security/nss/cmd/derdump/makefile.win
deleted file mode 100644
index 9a9d4edef..000000000
--- a/security/nss/cmd/derdump/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = derdump
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/derdump/manifest.mn b/security/nss/cmd/derdump/manifest.mn
deleted file mode 100644
index d9252cd0d..000000000
--- a/security/nss/cmd/derdump/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = derdump.c
-
-PROGRAM = derdump
diff --git a/security/nss/cmd/digest/Makefile b/security/nss/cmd/digest/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/digest/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/digest/digest.c b/security/nss/cmd/digest/digest.c
deleted file mode 100644
index 5405b1a3e..000000000
--- a/security/nss/cmd/digest/digest.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "pk11func.h"
-#include "secoid.h"
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#include "plgetopt.h"
-
-static SECOidData *
-HashTypeToOID(HASH_HashType hashtype)
-{
- SECOidTag hashtag;
-
- if (hashtype <= HASH_AlgNULL || hashtype >= HASH_AlgTOTAL)
- return NULL;
-
- switch (hashtype) {
- case HASH_AlgMD2:
- hashtag = SEC_OID_MD2;
- break;
- case HASH_AlgMD5:
- hashtag = SEC_OID_MD5;
- break;
- case HASH_AlgSHA1:
- hashtag = SEC_OID_SHA1;
- break;
- default:
- fprintf(stderr, "A new hash type has been added to HASH_HashType.\n");
- fprintf(stderr, "This program needs to be updated!\n");
- return NULL;
- }
-
- return SECOID_FindOIDByTag(hashtag);
-}
-
-static SECOidData *
-HashNameToOID(const char *hashName)
-{
- HASH_HashType htype;
- SECOidData *hashOID;
-
- for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
- hashOID = HashTypeToOID(htype);
- if (PORT_Strcasecmp(hashName, hashOID->desc) == 0)
- break;
- }
-
- if (htype == HASH_AlgTOTAL)
- return NULL;
-
- return hashOID;
-}
-
-static void
-Usage(char *progName)
-{
- HASH_HashType htype;
-
- fprintf(stderr,
- "Usage: %s -t type [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Specify the digest method (must be one of\n",
- "-t type");
- fprintf(stderr, "%-20s ", "");
- for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
- fprintf(stderr, HashTypeToOID(htype)->desc);
- if (htype == (HASH_AlgTOTAL - 2))
- fprintf(stderr, " or ");
- else if (htype != (HASH_AlgTOTAL - 1))
- fprintf(stderr, ", ");
- }
- fprintf(stderr, " (case ignored))\n");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-static int
-DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID)
-{
- int nb;
- unsigned char ibuf[4096], digest[32];
- PK11Context *hashcx;
- unsigned int len;
- SECStatus rv;
-
- hashcx = PK11_CreateDigestContext(hashOID->offset);
- if (hashcx == NULL) {
- return -1;
- }
- PK11_DigestBegin(hashcx);
-
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- PK11_DestroyContext(hashcx,PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- }
- rv = PK11_DigestOp(hashcx, ibuf, nb);
- if (rv != SECSuccess) {
- PK11_DestroyContext(hashcx, PR_TRUE);
- return -1;
- }
- }
-
- rv = PK11_DigestFinal(hashcx, digest, &len, 32);
- PK11_DestroyContext(hashcx, PR_TRUE);
-
- if (rv != SECSuccess) return -1;
-
- nb = fwrite(digest, 1, len, outFile);
- if (nb != len) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return 0;
-}
-
-#include "nss.h"
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- int opt;
- FILE *inFile, *outFile;
- char *hashName;
- SECOidData *hashOID;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- hashName = NULL;
-
- rv = NSS_Init("/tmp");
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: NSS_Init failed in directory %s\n",
- progName, "/tmp");
- return -1;
- }
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "t:i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 't':
- hashName = strdup(optstate->value);
- break;
- }
- }
-
- if (!hashName) Usage(progName);
-
- if (!inFile) inFile = stdin;
- if (!outFile) outFile = stdout;
-
- hashOID = HashNameToOID(hashName);
- if (hashOID == NULL) {
- fprintf(stderr, "%s: invalid digest type\n", progName);
- Usage(progName);
- }
-
- if (DigestFile(outFile, inFile, hashOID)) {
- fprintf(stderr, "%s: problem digesting data (%s)\n",
- progName, SECU_Strerror(PORT_GetError()));
- return -1;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/digest/makefile.win b/security/nss/cmd/digest/makefile.win
deleted file mode 100644
index e8ec27ca2..000000000
--- a/security/nss/cmd/digest/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = digest
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/digest/manifest.mn b/security/nss/cmd/digest/manifest.mn
deleted file mode 100644
index c84152d01..000000000
--- a/security/nss/cmd/digest/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = digest.c
-
-PROGRAM = digest
-
diff --git a/security/nss/cmd/ilock/Makefile b/security/nss/cmd/ilock/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/ilock/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/ilock/ilock.c b/security/nss/cmd/ilock/ilock.c
deleted file mode 100644
index 3e2390b8d..000000000
--- a/security/nss/cmd/ilock/ilock.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape Portable Runtime (NSPR).
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: ilock.c
-** Description: ilock.c is a unit test for nssilock. ilock.c
-** tests the basic operation of nssilock. It should not be
-** considered a complete test suite.
-**
-** To check that logging works, before running this test,
-** define the following environment variables:
-**
-**
-**
-**
-**
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <plgetopt.h>
-#include <nspr.h>
-#include <nssilock.h>
-
-
-/*
-** Test harness infrastructure
-*/
-PRLogModuleInfo *lm;
-PRLogModuleLevel msgLevel = PR_LOG_NONE;
-PRIntn debug = 0;
-PRUint32 failed_already = 0;
-/* end Test harness infrastructure */
-
-PRIntn optIterations = 1; /* default iterations */
-
-PRIntn main(PRIntn argc, char *argv[])
-{
- PRIntn i;
- {
- /*
- ** Get command line options
- */
- PLOptStatus os;
- PLOptState *opt = PL_CreateOptState(argc, argv, "hdvi:");
-
- while (PL_OPT_EOL != (os = PL_GetNextOpt(opt)))
- {
- if (PL_OPT_BAD == os) continue;
- switch (opt->option)
- {
- case 'd': /* debug */
- debug = 1;
- msgLevel = PR_LOG_ERROR;
- break;
- case 'v': /* verbose mode */
- msgLevel = PR_LOG_DEBUG;
- break;
- case 'i': /* number of iterations */
- optIterations = atol( opt->value );
- if ( 0 == optIterations ) optIterations = 1; /* coerce default on zero */
- break;
- default:
- break;
- }
- }
- PL_DestroyOptState(opt);
- }
-
- for ( i = 0 ; i < optIterations ; i++ ) {
- /* First, test Lock */
- {
- PZLock *pl;
- PZMonitor *pm;
- PZCondVar *cv;
- PRStatus rc;
-
- pl = PZ_NewLock( nssILockOther );
- if ( NULL == pl ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- PZ_Lock( pl );
-
- rc = PZ_Unlock( pl );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- PZ_DestroyLock( pl );
-
- /* now, test CVar */
- /* re-create the lock we just destroyed */
- pl = PZ_NewLock( nssILockOther );
- if ( NULL == pl ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- cv = PZ_NewCondVar( pl );
- if ( NULL == cv ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- PZ_Lock( pl );
- rc = PZ_NotifyCondVar( cv );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- rc = PZ_NotifyAllCondVar( cv );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- rc = PZ_WaitCondVar( cv, PR_SecondsToInterval(1));
- if ( PR_FAILURE == rc ) {
- if ( PR_UNKNOWN_ERROR != PR_GetError()) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- }
- PZ_Unlock( pl );
- PZ_DestroyCondVar( cv );
-
- /* Now, test Monitor */
- pm = PZ_NewMonitor( nssILockOther );
- if ( NULL == pm ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- PZ_EnterMonitor( pm );
-
- rc = PZ_Notify( pm );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- rc = PZ_NotifyAll( pm );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- rc = PZ_Wait( pm, PR_INTERVAL_NO_WAIT );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- rc = PZ_ExitMonitor( pm );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- PZ_DestroyMonitor( pm );
- }
- } /* --- end for() --- */
-
-
-Finished:
- if (debug) printf("%s\n", (failed_already)? "FAIL" : "PASS");
- return( (failed_already == PR_TRUE )? 1 : 0 );
-} /* main() */
-/* end ilock.c */
-
diff --git a/security/nss/cmd/ilock/manifest.mn b/security/nss/cmd/ilock/manifest.mn
deleted file mode 100644
index 4a8f7988c..000000000
--- a/security/nss/cmd/ilock/manifest.mn
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = ilock.c
-
-PROGRAM = ilock
-# PROGRAM = ./$(OBJDIR)/ilock.exe
-
diff --git a/security/nss/cmd/include/secnew.h b/security/nss/cmd/include/secnew.h
deleted file mode 100644
index eb4c30acd..000000000
--- a/security/nss/cmd/include/secnew.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef __secnew_h_
-#define __secnew_h_
-
-#include <stdio.h>
-
-typedef struct BERTemplateStr BERTemplate;
-typedef struct BERParseStr BERParse;
-typedef struct SECArbStr SECArb;
-
-/*
- * An array of these structures define an encoding for an object using
- * DER. The array is terminated with an entry where kind == 0.
- */
-struct BERTemplateStr {
- /* Kind of item to decode/encode */
- unsigned long kind;
-
- /*
- * Offset from base of structure to SECItem that will hold
- * decoded/encoded value.
- */
- unsigned short offset;
-
- /*
- * Used with DER_SET or DER_SEQUENCE. If not zero then points to a
- * sub-template. The sub-template is filled in and completed before
- * continuing on.
- */
- BERTemplate *sub;
-
- /*
- * Argument value, dependent on kind. Size of structure to allocate
- * when kind==DER_POINTER For Context-Specific Implicit types its the
- * underlying type to use.
- */
- unsigned long arg;
-};
-
-/*
- * an arbitrary object
- */
-struct SECArbStr {
- unsigned long tag; /* NOTE: does not support high tag form */
- unsigned long length; /* as reported in stream */
- union {
- SECItem item;
- struct {
- int numSubs;
- SECArb **subs;
- } cons;
- } body;
-};
-
-/*
- * Decode a piece of der encoded data.
- * "dest" points to a structure that will be filled in with the
- * decoding results.
- * "t" is a template structure which defines the shape of the
- * expected data.
- * "src" is the ber encoded data.
- */
-
-extern SECStatus BER_Decode(PRArenaPool * arena, void *dest, BERTemplate *t,
- SECArb *arb);
-
-
-/*
- * Encode a data structure into DER.
- * "dest" will be filled in (and memory allocated) to hold the der
- * encoded structure in "src"
- * "t" is a template structure which defines the shape of the
- * stored data
- * "src" is a pointer to the structure that will be encoded
- */
-
-extern SECStatus BER_Encode(PRArenaPool *arena, SECItem *dest, BERTemplate *t,
- void *src);
-
-/*
- * Client provided function that will get called with all the bytes
- * passing through the parser
- */
-typedef void (*BERFilterProc)(void *instance, unsigned char *buf, int length);
-
-/*
- * Client provided function that can will be called after the tag and
- * length information has been collected. It can be set up to be called
- * either before or after the data has been colleced.
- */
-typedef void (*BERNotifyProc)(
- void *instance, SECArb *arb, int depth, PRBool before);
-
-extern BERParse *BER_ParseInit(PRArenaPool *arena, PRBool forceDER);
-extern SECArb *BER_ParseFini(BERParse *h);
-extern SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len);
-
-extern void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance);
-extern void BER_SetLeafStorage(BERParse *h, PRBool keep);
-extern void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
- PRBool beforeData);
-
-/*
- * A BERUnparseProc is used as a callback to put the encoded SECArb tree
- * tree to some stream. It returns PR_TRUE if the unparsing is to be
- * aborted.
- */
-typedef SECStatus (*BERUnparseProc)(
- void *instance, unsigned char *data, int length, SECArb* arb);
-
-/*
- * BER_Unparse walks the SECArb tree calling the BERUnparseProc with
- * various pieces. It returns SECFailure if there was an error during that
- * tree walk.
- */
-extern SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance);
-
-/*
- * BER_ResolveLengths does a recursive walk through the tree generating
- * non-zero entries for the length field of each node. It will fail if it
- * discoveres a non-constructed node with a unknown length data field.
- * Leaves are supposed to be of known length.
- */
-extern SECStatus BER_ResolveLengths(SECArb *arb);
-
-/*
- * BER_PRettyPrintArb will write an ASCII version of the tree to the FILE
- * out.
- */
-extern SECStatus BER_PrettyPrintArb(FILE *out, SECArb* a);
-
-#endif /* __secnew_h_ */
diff --git a/security/nss/cmd/keyutil/Makefile b/security/nss/cmd/keyutil/Makefile
deleted file mode 100644
index a2ed814be..000000000
--- a/security/nss/cmd/keyutil/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/keyutil/keyutil.c b/security/nss/cmd/keyutil/keyutil.c
deleted file mode 100644
index 65e6ad8b0..000000000
--- a/security/nss/cmd/keyutil/keyutil.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#include <sys/time.h>
-#include <termios.h>
-#endif
-
-#include "secopt.h"
-
-#if defined(XP_WIN)
-#include <time.h>
-#include <conio.h>
-#endif
-
-#if defined(__sun) && !defined(SVR4)
-extern int fclose(FILE*);
-extern int fprintf(FILE *, char *, ...);
-extern int getopt(int, char**, char*);
-extern int isatty(int);
-extern char *optarg;
-extern char *sys_errlist[];
-#define strerror(errno) sys_errlist[errno]
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-static SECStatus
-ListKeys(SECKEYKeyDBHandle *handle, FILE *out)
-{
- int rt;
-
- rt = SECU_PrintKeyNames(handle, out);
- if (rt) {
- SECU_PrintError(progName, "unable to list nicknames");
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-DumpPublicKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out)
-{
- SECKEYLowPrivateKey *privKey;
- SECKEYLowPublicKey *publicKey;
-
- /* check if key actually exists */
- if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) {
- SECU_PrintError(progName, "the key \"%s\" does not exist", nickname);
- return SECFailure;
- }
-
- /* Read in key */
- privKey = SECU_GetPrivateKey(handle, nickname);
- if (!privKey) {
- return SECFailure;
- }
-
- publicKey = SECKEY_LowConvertToPublicKey(privKey);
-
- /* Output public key (in the clear) */
- switch(publicKey->keyType) {
- case rsaKey:
- fprintf(out, "RSA Public-Key:\n");
- SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1);
- SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent,
- "publicExponent", 1);
- break;
- case dsaKey:
- fprintf(out, "DSA Public-Key:\n");
- SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime,
- "subPrime", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1);
- break;
- default:
- fprintf(out, "unknown key type\n");
- break;
- }
- return SECSuccess;
-}
-
-static SECStatus
-DumpPrivateKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out)
-{
- SECKEYLowPrivateKey *key;
-
- /* check if key actually exists */
- if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) {
- SECU_PrintError(progName, "the key \"%s\" does not exist", nickname);
- return SECFailure;
- }
-
- /* Read in key */
- key = SECU_GetPrivateKey(handle, nickname);
- if (!key) {
- SECU_PrintError(progName, "error retrieving key");
- return SECFailure;
- }
-
- switch(key->keyType) {
- case rsaKey:
- fprintf(out, "RSA Private-Key:\n");
- SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1);
- SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1);
- SECU_PrintInteger(out, &key->u.rsa.privateExponent,
- "privateExponent", 1);
- SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1);
- SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1);
- SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent1", 1);
- SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1);
- SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1);
- break;
- case dsaKey:
- fprintf(out, "DSA Private-Key:\n");
- SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1);
- SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1);
- SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1);
- SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1);
- SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1);
- break;
- default:
- fprintf(out, "unknown key type\n");
- break;
- }
- return SECSuccess;
-}
-
-static SECStatus
-ChangePassword(SECKEYKeyDBHandle *handle)
-{
- SECStatus rv;
-
- /* Write out database with a new password */
- rv = SECU_ChangeKeyDBPassword(handle, NULL);
- if (rv) {
- SECU_PrintError(progName, "unable to change key password");
- }
- return rv;
-}
-
-static SECStatus
-DeletePrivateKey (SECKEYKeyDBHandle *keyHandle, char *nickName)
-{
- SECStatus rv;
-
- rv = SECU_DeleteKeyByName (keyHandle, nickName);
- if (rv != SECSuccess)
- fprintf(stderr, "%s: problem deleting private key (%s)\n",
- progName, SECU_Strerror(PR_GetError()));
- return (rv);
-
-}
-
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s -p name [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -P name [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -D name [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -l [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -c [-d keydir]\n", progName);
-
- fprintf(stderr, "%-20s Pretty print public key info for named key\n",
- "-p nickname");
- fprintf(stderr, "%-20s Pretty print private key info for named key\n",
- "-P nickname");
- fprintf(stderr, "%-20s Delete named private key from the key database\n",
- "-D nickname");
- fprintf(stderr, "%-20s List the nicknames for the keys in a database\n",
- "-l");
- fprintf(stderr, "%-20s Change the key database password\n",
- "-c");
- fprintf(stderr, "\n");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
-
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- int o, changePassword, deleteKey, dumpPublicKey, dumpPrivateKey, list;
- char *nickname;
- SECStatus rv;
- SECKEYKeyDBHandle *keyHandle;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- changePassword = deleteKey = dumpPublicKey = dumpPrivateKey = list = 0;
- nickname = NULL;
-
- while ((o = getopt(argc, argv, "ADP:cd:glp:")) != -1) {
- switch (o) {
- case '?':
- Usage(progName);
- break;
-
- case 'A':
- fprintf(stderr, "%s: Can no longer add a key.", progName);
- fprintf(stderr, " Use pkcs12 to import a key.\n\n");
- Usage(progName);
- break;
-
- case 'D':
- deleteKey = 1;
- nickname = optarg;
- break;
-
- case 'P':
- dumpPrivateKey = 1;
- nickname = optarg;
- break;
-
- case 'c':
- changePassword = 1;
- break;
-
- case 'd':
- SECU_ConfigDirectory(optarg);
- break;
-
- case 'g':
- fprintf(stderr, "%s: Can no longer generate a key.", progName);
- fprintf(stderr, " Use certutil to generate a cert request.\n\n");
- Usage(progName);
- break;
-
- case 'l':
- list = 1;
- break;
-
- case 'p':
- dumpPublicKey = 1;
- nickname = optarg;
- break;
- }
- }
-
- if (dumpPublicKey+changePassword+dumpPrivateKey+list+deleteKey != 1)
- Usage(progName);
-
- if ((list || changePassword) && nickname)
- Usage(progName);
-
- if ((dumpPublicKey || dumpPrivateKey || deleteKey) && !nickname)
- Usage(progName);
-
-
- /* Call the libsec initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- SEC_Init();
-
- /*
- * XXX Note that the following opens the key database writable.
- * If dumpPublicKey or dumpPrivateKey or list, though, we only want
- * to open it read-only. There needs to be a better interface
- * to the initialization routines so that we can specify which way
- * to open it.
- */
- rv = SECU_PKCS11Init();
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "SECU_PKCS11Init failed");
- return -1;
- }
-
- keyHandle = SECKEY_GetDefaultKeyDB();
- if (keyHandle == NULL) {
- SECU_PrintError(progName, "could not open key database");
- return -1;
- }
-
- if (dumpPublicKey) {
- rv = DumpPublicKey(keyHandle, nickname, stdout);
- } else
- if (changePassword) {
- rv = ChangePassword(keyHandle);
- } else
- if (dumpPrivateKey) {
- rv = DumpPrivateKey(keyHandle, nickname, stdout);
- } else
- if (list) {
- rv = ListKeys(keyHandle, stdout);
- } else
- if (deleteKey) {
- rv = DeletePrivateKey(keyHandle, nickname);
- }
-
-
- return rv ? -1 : 0;
-}
diff --git a/security/nss/cmd/keyutil/manifest.mn b/security/nss/cmd/keyutil/manifest.mn
deleted file mode 100644
index e20a3d330..000000000
--- a/security/nss/cmd/keyutil/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- keyutil.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-
-PROGRAM = keyutil
diff --git a/security/nss/cmd/lib/Makefile b/security/nss/cmd/lib/Makefile
deleted file mode 100644
index 217e25668..000000000
--- a/security/nss/cmd/lib/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-$(OBJDIR)/secerror$(OBJ_SUFFIX): NSPRerrs.h SECerrs.h SSLerrs.h
-
diff --git a/security/nss/cmd/lib/NSPRerrs.h b/security/nss/cmd/lib/NSPRerrs.h
deleted file mode 100644
index 5e2cd793e..000000000
--- a/security/nss/cmd/lib/NSPRerrs.h
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." )
-ER2( PR_IO_ERROR, "I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, "Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR,
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR,
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR,
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR,
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR,
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR,
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR,
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR,
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, "Unused." )
-ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR,
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, "Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." )
-ER2( PR_IS_DIRECTORY_ERROR,
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, "Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR,
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR,
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR,
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR,
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR,
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR,
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR,
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR,
-"Directory is full. No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR,
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, "Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." )
-#endif
-
-#ifdef PR_NETWORK_DOWN_ERROR
-ER2( PR_NETWORK_DOWN_ERROR, "Network is down." )
-#endif
-
-#ifdef PR_SOCKET_SHUTDOWN_ERROR
-ER2( PR_SOCKET_SHUTDOWN_ERROR, "The socket was previously shut down." )
-#endif
-
-#ifdef PR_CONNECT_ABORTED_ERROR
-ER2( PR_CONNECT_ABORTED_ERROR, "TCP Connection aborted." )
-#endif
-
-#ifdef PR_HOST_UNREACHABLE_ERROR
-ER2( PR_HOST_UNREACHABLE_ERROR, "Host is unreachable." )
-#endif
-
-/* always last */
-ER2( PR_MAX_ERROR, "Placeholder for the end of the list" )
diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h
deleted file mode 100644
index e566e3983..000000000
--- a/security/nss/cmd/lib/SECerrs.h
+++ /dev/null
@@ -1,476 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* General security error codes */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
-"New password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired. Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired. Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized. \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
-"Unable to import. Decoding error. File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
-"Unable to import. Invalid MAC. Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
-"Unable to import. MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import. Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
-"Unable to import. File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import. Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
-"Unable to import. File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import. Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
-"Unable to import. Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
-"Unable to import. Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
-"Unable to import. Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export. Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
-"Unable to export. Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
-"Unable to export. Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
-"Unable to import. Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export. Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
-"Password entered is invalid. Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
-"Old password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, (SEC_ERROR_BASE + 105),
-"A sensitive key cannot be moved to the slot where it is needed.")
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
-
-ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL. Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
-
-ER3(SEC_ERROR_DIGEST_NOT_FOUND, (SEC_ERROR_BASE + 133),
-"The CMS or PKCS #7 Digest was not found in signed message.")
-
-ER3(SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE, (SEC_ERROR_BASE + 134),
-"The CMS or PKCS #7 Message type is unsupported.")
-
-ER3(SEC_ERROR_MODULE_STUCK, (SEC_ERROR_BASE + 135),
-"PKCS #11 module could not be removed because it is still in use.")
-
-ER3(SEC_ERROR_BAD_TEMPLATE, (SEC_ERROR_BASE + 136),
-"Could not decode ASN.1 data. Specified template was invalid.")
-
-ER3(SEC_ERROR_CRL_NOT_FOUND, (SEC_ERROR_BASE + 137),
-"No matching CRL was found.")
-
-ER3(SEC_ERROR_REUSED_ISSUER_AND_SERIAL, (SEC_ERROR_BASE + 138),
-"You are attempting to import a cert with the same issuer/serial as \
-an existing cert, but that is not the same cert.")
-
-ER3(SEC_ERROR_BUSY, (SEC_ERROR_BASE + 139),
-"NSS could not shutdown. Objects are still in use.")
-
-ER3(SEC_ERROR_EXTRA_INPUT, (SEC_ERROR_BASE + 140),
-"DER-encoded message contained extra usused data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE, (SEC_ERROR_BASE + 141),
-"Unsupported elliptic curve.")
-
-ER3(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM, (SEC_ERROR_BASE + 142),
-"Unsupported elliptic curve point form.")
-
-ER3(SEC_ERROR_UNRECOGNIZED_OID, (SEC_ERROR_BASE + 143),
-"Unrecognized Object IDentifier.")
diff --git a/security/nss/cmd/lib/SSLerrs.h b/security/nss/cmd/lib/SSLerrs.h
deleted file mode 100644
index 06803b849..000000000
--- a/security/nss/cmd/lib/SSLerrs.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* SSL-specific security error codes */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
-"Unable to communicate securely. Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
-"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused (SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused (SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
- defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/lib/berparse.c b/security/nss/cmd/lib/berparse.c
deleted file mode 100644
index c040ab2b1..000000000
--- a/security/nss/cmd/lib/berparse.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-typedef enum {
- tagDone, lengthDone, leafDone, compositeDone,
- notDone,
- parseError, parseComplete
-} ParseState;
-
-typedef unsigned char Byte;
-typedef void (*ParseProc)(BERParse *h, unsigned char **buf, int *len);
-typedef struct {
- SECArb arb;
- int pos; /* length from global start to item start */
- SECArb *parent;
-} ParseStackElem;
-
-struct BERParseStr {
- PRArenaPool *his;
- PRArenaPool *mine;
- ParseProc proc;
- int stackDepth;
- ParseStackElem *stackPtr;
- ParseStackElem *stack;
- int pending; /* bytes remaining to complete this part */
- int pos; /* running length of consumed characters */
- ParseState state;
- PRBool keepLeaves;
- PRBool derOnly;
- BERFilterProc filter;
- void *filterArg;
- BERNotifyProc before;
- void *beforeArg;
- BERNotifyProc after;
- void *afterArg;
-};
-
-#define UNKNOWN -1
-
-static unsigned char NextChar(BERParse *h, unsigned char **buf, int *len)
-{
- unsigned char c = *(*buf)++;
- (*len)--;
- h->pos++;
- if (h->filter)
- (*h->filter)(h->filterArg, &c, 1);
- return c;
-}
-
-static void ParseTag(BERParse *h, unsigned char **buf, int *len)
-{
- SECArb* arb = &(h->stackPtr->arb);
- arb->tag = NextChar(h, buf, len);
-
- PORT_Assert(h->state == notDone);
-
- /*
- * NOTE: This does not handle the high-tag-number form
- */
- if ((arb->tag & DER_HIGH_TAG_NUMBER) == DER_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return;
- }
-
- h->pending = UNKNOWN;
- arb->length = UNKNOWN;
- if (arb->tag & DER_CONSTRUCTED) {
- arb->body.cons.numSubs = 0;
- arb->body.cons.subs = NULL;
- } else {
- arb->body.item.len = UNKNOWN;
- arb->body.item.data = NULL;
- }
-
- h->state = tagDone;
-}
-
-static void ParseLength(BERParse *h, unsigned char **buf, int *len)
-{
- Byte b;
- SECArb *arb = &(h->stackPtr->arb);
-
- PORT_Assert(h->state == notDone);
-
- if (h->pending == UNKNOWN) {
- b = NextChar(h, buf, len);
- if ((b & 0x80) == 0) { /* short form */
- arb->length = b;
- /*
- * if the tag and the length are both zero bytes, then this
- * should be the marker showing end of list for the
- * indefinite length composite
- */
- if (arb->length == 0 && arb->tag == 0)
- h->state = compositeDone;
- else
- h->state = lengthDone;
- return;
- }
-
- h->pending = b & 0x7f;
- /* 0 implies this is an indefinite length */
- if (h->pending > 4) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return;
- }
- arb->length = 0;
- }
-
- while ((*len > 0) && (h->pending > 0)) {
- b = NextChar(h, buf, len);
- arb->length = (arb->length << 8) + b;
- h->pending--;
- }
- if (h->pending == 0) {
- if (h->derOnly && (arb->length == 0))
- h->state = parseError;
- else
- h->state = lengthDone;
- }
- return;
-}
-
-static void ParseLeaf(BERParse *h, unsigned char **buf, int *len)
-{
- int count;
- SECArb *arb = &(h->stackPtr->arb);
-
- PORT_Assert(h->state == notDone);
- PORT_Assert(h->pending >= 0);
-
- if (*len < h->pending)
- count = *len;
- else
- count = h->pending;
-
- if (h->keepLeaves)
- memcpy(arb->body.item.data + arb->body.item.len, *buf, count);
- if (h->filter)
- (*h->filter)(h->filterArg, *buf, count);
- *buf += count;
- *len -= count;
- arb->body.item.len += count;
- h->pending -= count;
- h->pos += count;
- if (h->pending == 0) {
- h->state = leafDone;
- }
- return;
-}
-
-static void CreateArbNode(BERParse *h)
-{
- SECArb *arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
-
- *arb = h->stackPtr->arb;
-
- /*
- * Special case closing the root
- */
- if (h->stackPtr == h->stack) {
- PORT_Assert(arb->tag & DER_CONSTRUCTED);
- h->state = parseComplete;
- } else {
- SECArb *parent = h->stackPtr->parent;
- parent->body.cons.subs = DS_ArenaGrow(
- h->his, parent->body.cons.subs,
- (parent->body.cons.numSubs) * sizeof(SECArb*),
- (parent->body.cons.numSubs + 1) * sizeof(SECArb*));
- parent->body.cons.subs[parent->body.cons.numSubs] = arb;
- parent->body.cons.numSubs++;
- h->proc = ParseTag;
- h->state = notDone;
- h->pending = UNKNOWN;
- }
- if (h->after)
- (*h->after)(h->afterArg, arb, h->stackPtr - h->stack, PR_FALSE);
-}
-
-SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len)
-{
- if (h->state == parseError) return PR_TRUE;
-
- while (len) {
- (*h->proc)(h, &buf, &len);
- if (h->state == parseComplete) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- if (h->state == parseError) return PR_TRUE;
- PORT_Assert(h->state != parseComplete);
-
- if (h->state <= compositeDone) {
- if (h->proc == ParseTag) {
- PORT_Assert(h->state == tagDone);
- h->proc = ParseLength;
- h->state = notDone;
- } else if (h->proc == ParseLength) {
- SECArb *arb = &(h->stackPtr->arb);
- PORT_Assert(h->state == lengthDone || h->state == compositeDone);
-
- if (h->before)
- (*h->before)(h->beforeArg, arb,
- h->stackPtr - h->stack, PR_TRUE);
-
- /*
- * Check to see if this is the end of an indefinite
- * length composite
- */
- if (h->state == compositeDone) {
- SECArb *parent = h->stackPtr->parent;
- PORT_Assert(parent);
- PORT_Assert(parent->tag & DER_CONSTRUCTED);
- if (parent->length != 0) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- /*
- * NOTE: This does not check for an indefinite length
- * composite being contained inside a definite length
- * composite. It is not clear that is legal.
- */
- h->stackPtr--;
- CreateArbNode(h);
- } else {
- h->stackPtr->pos = h->pos;
-
-
- if (arb->tag & DER_CONSTRUCTED) {
- SECArb *parent;
- /*
- * Make sure there is room on the stack before we
- * stick anything else there.
- */
- PORT_Assert(h->stackPtr - h->stack < h->stackDepth);
- if (h->stackPtr - h->stack == h->stackDepth - 1) {
- int newDepth = h->stackDepth * 2;
- h->stack = DS_ArenaGrow(h->mine, h->stack,
- sizeof(ParseStackElem) * h->stackDepth,
- sizeof(ParseStackElem) * newDepth);
- h->stackPtr = h->stack + h->stackDepth + 1;
- h->stackDepth = newDepth;
- }
- parent = &(h->stackPtr->arb);
- h->stackPtr++;
- h->stackPtr->parent = parent;
- h->proc = ParseTag;
- h->state = notDone;
- h->pending = UNKNOWN;
- } else {
- if (arb->length < 0) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- arb->body.item.len = 0;
- if (arb->length > 0 && h->keepLeaves) {
- arb->body.item.data =
- PORT_ArenaAlloc(h->his, arb->length);
- } else {
- arb->body.item.data = NULL;
- }
- h->proc = ParseLeaf;
- h->state = notDone;
- h->pending = arb->length;
- }
- }
- } else {
- ParseStackElem *parent;
- PORT_Assert(h->state = leafDone);
- PORT_Assert(h->proc == ParseLeaf);
-
- for (;;) {
- CreateArbNode(h);
- if (h->stackPtr == h->stack)
- break;
- parent = (h->stackPtr - 1);
- PORT_Assert(parent->arb.tag & DER_CONSTRUCTED);
- if (parent->arb.length == 0) /* need explicit end */
- break;
- if (parent->pos + parent->arb.length > h->pos)
- break;
- if (parent->pos + parent->arb.length < h->pos) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- h->stackPtr = parent;
- }
- }
-
- }
- }
- return PR_FALSE;
-}
-BERParse *BER_ParseInit(PRArenaPool *arena, PRBool derOnly)
-{
- BERParse *h;
- PRArenaPool *temp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (temp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- h = PORT_ArenaAlloc(temp, sizeof(BERParse));
- if (h == NULL) {
- PORT_FreeArena(temp, PR_FALSE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- h->his = arena;
- h->mine = temp;
- h->proc = ParseTag;
- h->stackDepth = 20;
- h->stack = PORT_ArenaZAlloc(h->mine,
- sizeof(ParseStackElem) * h->stackDepth);
- h->stackPtr = h->stack;
- h->state = notDone;
- h->pos = 0;
- h->keepLeaves = PR_TRUE;
- h->before = NULL;
- h->after = NULL;
- h->filter = NULL;
- h->derOnly = derOnly;
- return h;
-}
-
-SECArb *BER_ParseFini(BERParse *h)
-{
- PRArenaPool *myArena = h->mine;
- SECArb *arb;
-
- if (h->state != parseComplete) {
- arb = NULL;
- } else {
- arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
- *arb = h->stackPtr->arb;
- }
-
- PORT_FreeArena(myArena, PR_FALSE);
-
- return arb;
-}
-
-
-void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance)
-{
- h->filter = proc;
- h->filterArg = instance;
-}
-
-void BER_SetLeafStorage(BERParse *h, PRBool keep)
-{
- h->keepLeaves = keep;
-}
-
-void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
- PRBool beforeData)
-{
- if (beforeData) {
- h->before = proc;
- h->beforeArg = instance;
- } else {
- h->after = proc;
- h->afterArg = instance;
- }
-}
-
-
-
diff --git a/security/nss/cmd/lib/config.mk b/security/nss/cmd/lib/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/cmd/lib/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/cmd/lib/derprint.c b/security/nss/cmd/lib/derprint.c
deleted file mode 100644
index 7f699dec4..000000000
--- a/security/nss/cmd/lib/derprint.c
+++ /dev/null
@@ -1,619 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-#include "secoid.h"
-
-#ifdef __sun
-extern int fprintf(FILE *strm, const char *format, .../* args */);
-extern int fflush(FILE *stream);
-#endif
-
-#define RIGHT_MARGIN 24
-/*#define RAW_BYTES 1 */
-
-static int prettyColumn = 0;
-
-static int
-getInteger256(unsigned char *data, unsigned int nb)
-{
- int val;
-
- switch (nb) {
- case 1:
- val = data[0];
- break;
- case 2:
- val = (data[0] << 8) | data[1];
- break;
- case 3:
- val = (data[0] << 16) | (data[1] << 8) | data[2];
- break;
- case 4:
- val = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3];
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- return val;
-}
-
-static int
-prettyNewline(FILE *out)
-{
- int rv;
-
- if (prettyColumn != -1) {
- rv = fprintf(out, "\n");
- prettyColumn = -1;
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
- return 0;
-}
-
-static int
-prettyIndent(FILE *out, unsigned level)
-{
- unsigned int i;
- int rv;
-
- if (prettyColumn == -1) {
- prettyColumn = level;
- for (i = 0; i < level; i++) {
- rv = fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
- }
-
- return 0;
-}
-
-static int
-prettyPrintByte(FILE *out, unsigned char item, unsigned int level)
-{
- int rv;
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- rv = fprintf(out, "%02x ", item);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- prettyColumn++;
- if (prettyColumn >= RIGHT_MARGIN) {
- return prettyNewline(out);
- }
-
- return 0;
-}
-
-static int
-prettyPrintLeaf(FILE *out, unsigned char *data,
- unsigned int len, unsigned int lv)
-{
- unsigned int i;
- int rv;
-
- for (i = 0; i < len; i++) {
- rv = prettyPrintByte(out, *data++, lv);
- if (rv < 0)
- return rv;
- }
- return prettyNewline(out);
-}
-
-static int
-prettyPrintStringStart(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level)
-{
-#define BUF_SIZE 100
- unsigned char buf[BUF_SIZE];
- int rv;
-
- if (len >= BUF_SIZE)
- len = BUF_SIZE - 1;
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- memcpy(buf, str, len);
- buf[len] = '\000';
-
- rv = fprintf(out, "\"%s\"", buf);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- return 0;
-#undef BUF_SIZE
-}
-
-static int
-prettyPrintString(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level, PRBool raw)
-{
- int rv;
-
- rv = prettyPrintStringStart(out, str, len, level);
- if (rv < 0)
- return rv;
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- if (raw) {
- rv = prettyPrintLeaf(out, str, len, level);
- if (rv < 0)
- return rv;
- }
-
- return 0;
-}
-
-static int
-prettyPrintTime(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level, PRBool raw, PRBool utc)
-{
- SECItem time_item;
- int rv;
-
- rv = prettyPrintStringStart(out, str, len, level);
- if (rv < 0)
- return rv;
-
- time_item.data = str;
- time_item.len = len;
-
- rv = fprintf(out, " (");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- if (utc)
- SECU_PrintUTCTime(out, &time_item, NULL, 0);
- else
- SECU_PrintGeneralizedTime(out, &time_item, NULL, 0);
-
- rv = fprintf(out, ")");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- if (raw) {
- rv = prettyPrintLeaf(out, str, len, level);
- if (rv < 0)
- return rv;
- }
-
- return 0;
-}
-
-static int
-prettyPrintObjectID(FILE *out, unsigned char *data,
- unsigned int len, unsigned int level, PRBool raw)
-{
- SECOidData *oiddata;
- SECItem oiditem;
- unsigned int i;
- unsigned long val;
- int rv;
-
-
- /*
- * First print the Object Id in numeric format
- */
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- val = data[0];
- i = val % 40;
- val = val / 40;
- rv = fprintf(out, "%lu %u ", val, i);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- val = 0;
- for (i = 1; i < len; ++i) {
- unsigned long j;
-
- j = data[i];
- val = (val << 7) | (j & 0x7f);
- if (j & 0x80)
- continue;
- rv = fprintf(out, "%lu ", val);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- val = 0;
- }
-
- /*
- * Now try to look it up and print a symbolic version.
- */
- oiditem.data = data;
- oiditem.len = len;
- oiddata = SECOID_FindOID(&oiditem);
- if (oiddata != NULL) {
- i = PORT_Strlen(oiddata->desc);
- if ((prettyColumn + 1 + (i / 3)) > RIGHT_MARGIN) {
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
- }
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- rv = fprintf(out, "(%s)", oiddata->desc);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
-
- /*
- * Finally, on a new line, print the raw bytes (if requested).
- */
- if (raw) {
- rv = prettyNewline(out);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- for (i = 0; i < len; i++) {
- rv = prettyPrintByte(out, *data++, level);
- if (rv < 0)
- return rv;
- }
- }
-
- return prettyNewline(out);
-}
-
-static char *prettyTagType [32] = {
- "End of Contents",
- "Boolean",
- "Integer",
- "Bit String",
- "Octet String",
- "NULL",
- "Object Identifier",
- "0x07",
- "0x08",
- "0x09",
- "Enumerated",
- "0x0B",
- "UTF8 String",
- "0x0D",
- "0x0E",
- "0x0F",
- "Sequence",
- "Set",
- "0x12",
- "Printable String",
- "T61 String",
- "0x15",
- "IA5 String",
- "UTC Time",
- "Generalized Time",
- "0x19",
- "Visible String",
- "0x1B",
- "Universal String",
- "0x1D",
- "BMP String",
- "High-Tag-Number"
-};
-
-static int
-prettyPrintTag(FILE *out, unsigned char *src, unsigned char *end,
- unsigned char *codep, unsigned int level, PRBool raw)
-{
- int rv;
- unsigned char code, tagnum;
-
- if (src >= end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- code = *src;
- tagnum = code & SEC_ASN1_TAGNUM_MASK;
-
- /*
- * NOTE: This code does not (yet) handle the high-tag-number form!
- */
- if (tagnum == SEC_ASN1_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- if (raw)
- rv = prettyPrintByte(out, code, level);
- else
- rv = prettyIndent(out, level);
-
- if (rv < 0)
- return rv;
-
- if (code & SEC_ASN1_CONSTRUCTED) {
- rv = fprintf(out, "C-");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
-
- switch (code & SEC_ASN1_CLASS_MASK) {
- case SEC_ASN1_UNIVERSAL:
- rv = fprintf(out, "%s ", prettyTagType[tagnum]);
- break;
- case SEC_ASN1_APPLICATION:
- rv = fprintf(out, "Application: %d ", tagnum);
- break;
- case SEC_ASN1_CONTEXT_SPECIFIC:
- rv = fprintf(out, "[%d] ", tagnum);
- break;
- case SEC_ASN1_PRIVATE:
- rv = fprintf(out, "Private: %d ", tagnum);
- break;
- }
-
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- *codep = code;
-
- return 1;
-}
-
-static int
-prettyPrintLength(FILE *out, unsigned char *data, unsigned char *end,
- int *lenp, PRBool *indefinitep, unsigned int lv, PRBool raw)
-{
- unsigned char lbyte;
- int lenLen;
- int rv;
-
- if (data >= end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- rv = fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- *indefinitep = PR_FALSE;
-
- lbyte = *data++;
- if (lbyte >= 0x80) {
- /* Multibyte length */
- unsigned nb = (unsigned) (lbyte & 0x7f);
- if (nb > 4) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- if (nb > 0) {
- int il;
-
- if ((data + nb) > end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- il = getInteger256(data, nb);
- if (il < 0) return -1;
- *lenp = (unsigned) il;
- } else {
- *lenp = 0;
- *indefinitep = PR_TRUE;
- }
- lenLen = nb + 1;
- if (raw) {
- int i;
-
- rv = prettyPrintByte(out, lbyte, lv);
- if (rv < 0)
- return rv;
- for (i = 0; i < nb; i++) {
- rv = prettyPrintByte(out, data[i], lv);
- if (rv < 0)
- return rv;
- }
- }
- } else {
- *lenp = lbyte;
- lenLen = 1;
- if (raw) {
- rv = prettyPrintByte(out, lbyte, lv);
- if (rv < 0)
- return rv;
- }
- }
- if (*indefinitep)
- rv = fprintf(out, "(indefinite)\n");
- else
- rv = fprintf(out, "(%d)\n", *lenp);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- prettyColumn = -1;
- return lenLen;
-}
-
-static int
-prettyPrintItem(FILE *out, unsigned char *data, unsigned char *end,
- unsigned int lv, PRBool raw)
-{
- int slen;
- int lenLen;
- unsigned char *orig = data;
- int rv;
-
- while (data < end) {
- unsigned char code;
- PRBool indefinite;
-
- slen = prettyPrintTag(out, data, end, &code, lv, raw);
- if (slen < 0)
- return slen;
- data += slen;
-
- lenLen = prettyPrintLength(out, data, end, &slen, &indefinite, lv, raw);
- if (lenLen < 0)
- return lenLen;
- data += lenLen;
-
- /*
- * Just quit now if slen more bytes puts us off the end.
- */
- if ((data + slen) > end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- if (code & SEC_ASN1_CONSTRUCTED) {
- if (slen > 0 || indefinite) {
- slen = prettyPrintItem(out, data,
- slen == 0 ? end : data + slen,
- lv+1, raw);
- if (slen < 0)
- return slen;
- data += slen;
- }
- } else if (code == 0) {
- if (slen != 0 || lenLen != 1) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- break;
- } else {
- switch (code) {
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- rv = prettyPrintString(out, data, slen, lv+1, raw);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_UTC_TIME:
- rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_TRUE);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_FALSE);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_OBJECT_ID:
- rv = prettyPrintObjectID(out, data, slen, lv+1, raw);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_BOOLEAN: /* could do nicer job */
- case SEC_ASN1_INTEGER: /* could do nicer job */
- case SEC_ASN1_BIT_STRING: /* could do nicer job */
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_NULL:
- case SEC_ASN1_ENUMERATED: /* could do nicer job, as INTEGER */
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_T61_STRING: /* print as printable string? */
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_BMP_STRING:
- default:
- rv = prettyPrintLeaf(out, data, slen, lv+1);
- if (rv < 0)
- return rv;
- break;
- }
- data += slen;
- }
- }
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- return data - orig;
-}
-
-SECStatus
-DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw)
-{
- int rv;
-
- prettyColumn = -1;
-
- rv = prettyPrintItem(out, it->data, it->data + it->len, 0, raw);
- if (rv < 0)
- return SECFailure;
- return SECSuccess;
-}
diff --git a/security/nss/cmd/lib/ffs.c b/security/nss/cmd/lib/ffs.c
deleted file mode 100644
index 3fce2c7c2..000000000
--- a/security/nss/cmd/lib/ffs.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef XP_PC
-
-int ffs( unsigned int i)
-{
- int rv = 1;
-
- if (!i) return 0;
-
- while (!(i & 1)) {
- i >>= 1;
- ++rv;
- }
-
- return rv;
-}
-#endif
diff --git a/security/nss/cmd/lib/makefile.win b/security/nss/cmd/lib/makefile.win
deleted file mode 100644
index 92081a2f8..000000000
--- a/security/nss/cmd/lib/makefile.win
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include <manifest.mn>
-
-include <$(DEPTH)\config\config.mak>
-
-# include files are aought in LINCS and INCS.
-# LINCS are generated from REQUIRES in manigest.mn
-INCS = $(INCS) \
- -I..\include \
- -I..\..\lib\cert \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)\dist\public\security \
- -I$(DEPTH)\dist\public\nspr \
- -I$(DEPTH)\cmd\winfe \
- $(NULL)
-
-LCFLAGS = -DUSE_SSL -DEXPORT_VERSION
-
-PDBFILE = $(LIBNAME).pdb
-
-# work around a bug in rules.mak
-LIBRARY_SUFFIX = $(MOZ_BITS)
-
-include <$(DEPTH)\config\rules.mak>
-
-install:: $(LIBRARY)
-# $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
-
-
-symbols::
- @echo "LIBRARY_NAME is $(LIBRARY_NAME)"
- @echo "LIBRARY is $(LIBRARY)"
diff --git a/security/nss/cmd/lib/manifest.mn b/security/nss/cmd/lib/manifest.mn
deleted file mode 100644
index c68285252..000000000
--- a/security/nss/cmd/lib/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-LIBRARY_NAME = sectool
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = seccmd
-
-DEFINES = -DNSPR20
-
-EXPORTS = secutil.h \
- $(NULL)
-
-CSRCS = secutil.c \
- secpwd.c \
- derprint.c \
- secerror.c \
- ffs.c \
- $(NULL)
-
-REQUIRES = nss nspr dbm
-
diff --git a/security/nss/cmd/lib/seccnames.c b/security/nss/cmd/lib/seccnames.c
deleted file mode 100644
index a1857dc0e..000000000
--- a/security/nss/cmd/lib/seccnames.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secrng.h"
-#if !defined(_WIN32_WCE)
-#include <sys/stat.h>
-#endif
-#include <stdarg.h>
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-typedef struct {
- char * name;
- CERTCertTrust trust;
-} certNameAndTrustEntry;
-
-typedef struct {
- int numCerts;
- certNameAndTrustEntry *nameAndTrustEntries;
-} certNameAndTrustList;
-
-SECStatus
-sec_CountCerts(CERTCertificate *cert, SECItem *unknown, void *arg)
-{
- (*(int*)arg)++;
- return SECSuccess;
-}
-
-SECStatus
-sec_CollectCertNamesAndTrust(CERTCertificate *cert, SECItem *unknown, void *arg)
-{
- certNameAndTrustList *pCertNames = (certNameAndTrustList*)arg;
- char *name;
- int i;
-
- i = pCertNames->numCerts;
- name = cert->nickname ? cert->nickname : cert->emailAddr;
-
- if (name)
- pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(name);
- else
- pCertNames->nameAndTrustEntries[i].name = PORT_Strdup("<unknown>");
-
- PORT_Memcpy(&pCertNames->nameAndTrustEntries[i].trust, cert->trust, sizeof(*cert->trust));
-
- pCertNames->numCerts++;
-
- return SECSuccess;
-}
-
-
-static int
-sec_name_and_trust_compare_by_name(const void *p1, const void *p2)
-{
- certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1;
- certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2;
- return PORT_Strcmp(e1->name, e2->name);
-}
-
-static int
-sec_combine_trust_flags(CERTCertTrust *trust)
-{
- if (trust == NULL)
- return 0;
- return trust->sslFlags | trust->emailFlags | trust->objectSigningFlags;
-}
-
-static int
-sec_name_and_trust_compare_by_trust(const void *p1, const void *p2)
-{
- certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1;
- certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2;
- int e1_is_ca, e2_is_ca;
- int e1_is_user, e2_is_user;
- int rv;
-
- e1_is_ca = (sec_combine_trust_flags(&e1->trust) & CERTDB_VALID_CA) != 0;
- e2_is_ca = (sec_combine_trust_flags(&e2->trust) & CERTDB_VALID_CA) != 0;
- e1_is_user = (sec_combine_trust_flags(&e1->trust) & CERTDB_USER) != 0;
- e2_is_user = (sec_combine_trust_flags(&e2->trust) & CERTDB_USER) != 0;
-
- /* first, sort by user status, then CA status, */
- /* then by actual comparison of CA flags, then by name */
- if ((rv = (e2_is_user - e1_is_user)) == 0 && (rv = (e1_is_ca - e2_is_ca)) == 0)
- if (e1_is_ca || (rv = memcmp(&e1->trust, &e2->trust, sizeof(CERTCertTrust))) == 0)
- return PORT_Strcmp(e1->name, e2->name);
- else
- return rv;
- else
- return rv;
-}
-
-SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc *out,
- PRBool sortByName, PRBool sortByTrust)
-{
- certNameAndTrustList certNames = { 0, NULL };
- int numCerts, i;
- SECStatus rv;
- int (*comparefn)(const void *, const void *);
- char trusts[30];
-
- numCerts = 0;
-
- rv = SEC_TraversePermCerts(handle, sec_CountCerts, &numCerts);
- if (rv != SECSuccess)
- return SECFailure;
-
- certNames.nameAndTrustEntries =
- (certNameAndTrustEntry *)PORT_Alloc(numCerts * sizeof(certNameAndTrustEntry));
- if (certNames.nameAndTrustEntries == NULL)
- return SECFailure;
-
- rv = SEC_TraversePermCerts(handle, sec_CollectCertNamesAndTrust, &certNames);
- if (rv != SECSuccess)
- return SECFailure;
-
- if (sortByName)
- comparefn = sec_name_and_trust_compare_by_name;
- else if (sortByTrust)
- comparefn = sec_name_and_trust_compare_by_trust;
- else
- comparefn = NULL;
-
- if (comparefn)
- qsort(certNames.nameAndTrustEntries, certNames.numCerts,
- sizeof(certNameAndTrustEntry), comparefn);
-
- PR_fprintf(out, "\n%-60s %-5s\n\n", "Certificate Name", "Trust Attributes");
- for (i = 0; i < certNames.numCerts; i++) {
- PORT_Memset (trusts, 0, sizeof(trusts));
- printflags(trusts, certNames.nameAndTrustEntries[i].trust.sslFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, certNames.nameAndTrustEntries[i].trust.emailFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, certNames.nameAndTrustEntries[i].trust.objectSigningFlags);
- PR_fprintf(out, "%-60s %-5s\n",
- certNames.nameAndTrustEntries[i].name, trusts);
- }
- PR_fprintf(out, "\n");
- PR_fprintf(out, "p Valid peer\n");
- PR_fprintf(out, "P Trusted peer (implies p)\n");
- PR_fprintf(out, "c Valid CA\n");
- PR_fprintf(out, "T Trusted CA to issue client certs (implies c)\n");
- PR_fprintf(out, "C Trusted CA to certs(only server certs for ssl) (implies c)\n");
- PR_fprintf(out, "u User cert\n");
- PR_fprintf(out, "w Send warning\n");
-
- for (i = 0; i < certNames.numCerts; i++)
- PORT_Free(certNames.nameAndTrustEntries[i].name);
- PORT_Free(certNames.nameAndTrustEntries);
-
- return rv;
-}
diff --git a/security/nss/cmd/lib/secerror.c b/security/nss/cmd/lib/secerror.c
deleted file mode 100644
index 857704b79..000000000
--- a/security/nss/cmd/lib/secerror.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-
-struct tuple_str {
- PRErrorCode errNum;
- const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b) {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SECU_Strerror(PRErrorCode errNum) {
- PRInt32 low = 0;
- PRInt32 high = numStrings - 1;
- PRInt32 i;
- PRErrorCode num;
- static int initDone;
-
- /* make sure table is in ascending order.
- * binary search depends on it.
- */
- if (!initDone) {
- PRErrorCode lastNum = ((PRInt32)0x80000000);
- for (i = low; i <= high; ++i) {
- num = errStrings[i].errNum;
- if (num <= lastNum) {
- fprintf(stderr,
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
- i, lastNum, errStrings[i-1].errString,
- num, errStrings[i].errString);
- }
- lastNum = num;
- }
- initDone = 1;
- }
-
- /* Do binary search of table. */
- while (low + 1 < high) {
- i = (low + high) / 2;
- num = errStrings[i].errNum;
- if (errNum == num)
- return errStrings[i].errString;
- if (errNum < num)
- high = i;
- else
- low = i;
- }
- if (errNum == errStrings[low].errNum)
- return errStrings[low].errString;
- if (errNum == errStrings[high].errNum)
- return errStrings[high].errString;
- return NULL;
-}
diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c
deleted file mode 100644
index 9a505a720..000000000
--- a/security/nss/cmd/lib/secpwd.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-/*
- * NOTE: The contents of this file are NOT used by the client.
- * (They are part of the security library as a whole, but they are
- * NOT USED BY THE CLIENT.) Do not change things on behalf of the
- * client (like localizing strings), or add things that are only
- * for the client (put them elsewhere).
- */
-
-
-#ifdef XP_UNIX
-#include <termios.h>
-#include <unistd.h>
-#endif
-
-#if( defined(_WINDOWS) && !defined(_WIN32_WCE)) || defined(XP_OS2_VACPP)
-#include <conio.h>
-#include <io.h>
-#define QUIET_FGETS quiet_fgets
-static char * quiet_fgets (char *buf, int length, FILE *input);
-#else
-#define QUIET_FGETS fgets
-#endif
-
-static void echoOff(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
- if (isatty(fd)) {
- struct termios tio;
- tcgetattr(fd, &tio);
- tio.c_lflag &= ~ECHO;
- tcsetattr(fd, TCSAFLUSH, &tio);
- }
-#endif
-}
-
-static void echoOn(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
- if (isatty(fd)) {
- struct termios tio;
- tcgetattr(fd, &tio);
- tio.c_lflag |= ECHO;
- tcsetattr(fd, TCSAFLUSH, &tio);
- }
-#endif
-}
-
-char *SEC_GetPassword(FILE *input, FILE *output, char *prompt,
- PRBool (*ok)(char *))
-{
-#if defined(_WINDOWS)
- int isTTY = (input == stdin);
-#define echoOn(x)
-#define echoOff(x)
-#else
- int infd = fileno(input);
- int isTTY = isatty(infd);
-#endif
- char phrase[200];
-
- for (;;) {
- /* Prompt for password */
- if (isTTY) {
- fprintf(output, "%s", prompt);
- fflush (output);
- echoOff(infd);
- }
-
- QUIET_FGETS ( phrase, sizeof(phrase), input);
-
- if (isTTY) {
- fprintf(output, "\n");
- echoOn(infd);
- }
-
- /* stomp on newline */
- phrase[PORT_Strlen(phrase)-1] = 0;
-
- /* Validate password */
- if (!(*ok)(phrase)) {
- /* Not weird enough */
- if (!isTTY) return 0;
- fprintf(output, "Password must be at least 8 characters long with one or more\n");
- fprintf(output, "non-alphabetic characters\n");
- continue;
- }
- return (char*) PORT_Strdup(phrase);
- }
-}
-
-
-
-PRBool SEC_CheckPassword(char *cp)
-{
- int len;
- char *end;
-
- len = PORT_Strlen(cp);
- if (len < 8) {
- return PR_FALSE;
- }
- end = cp + len;
- while (cp < end) {
- unsigned char ch = *cp++;
- if (!((ch >= 'A') && (ch <= 'Z')) &&
- !((ch >= 'a') && (ch <= 'z'))) {
- /* pass phrase has at least one non alphabetic in it */
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
-PRBool SEC_BlindCheckPassword(char *cp)
-{
- if (cp != NULL) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/* Get a password from the input terminal, without echoing */
-
-#if defined(_WINDOWS) || defined(XP_OS2_VACPP)
-static char * quiet_fgets (char *buf, int length, FILE *input)
- {
- int c;
- char *end = buf;
-
- /* fflush (input); */
- memset (buf, 0, length);
-
-#ifndef XP_OS2_VACPP
- if (input != stdin) {
- return fgets(buf,length,input);
- }
-#else
- if (!isatty(fileno(input))) {
- return fgets(buf,length,input);
- }
-#endif
-
- while (1)
- {
-#if defined (_WIN32_WCE)
- c = getchar(); /* gets a character from stdin */
-#else
- c = getch(); /* getch gets a character from the console */
-#endif
- if (c == '\b')
- {
- if (end > buf)
- end--;
- }
-
- else if (--length > 0)
- *end++ = c;
-
- if (!c || c == '\n' || c == '\r')
- break;
- }
-
- return buf;
- }
-#endif
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
deleted file mode 100644
index 7e4570703..000000000
--- a/security/nss/cmd/lib/secutil.c
+++ /dev/null
@@ -1,2622 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-#include "prenv.h"
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secrng.h"
-#include <stdarg.h>
-#if !defined(_WIN32_WCE)
-#include <sys/stat.h>
-#include <errno.h>
-#endif
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-/* #include "secmod.h" */
-#include "pk11func.h"
-#include "secoid.h"
-
-static char consoleName[] = {
-#ifdef XP_UNIX
-#ifdef VMS
- "TT"
-#else
- "/dev/tty"
-#endif
-#else
-#ifdef XP_OS2
- "\\DEV\\CON"
-#else
- "CON:"
-#endif
-#endif
-};
-
-char *
-SECU_GetString(int16 error_number)
-{
-
- static char errString[80];
- sprintf(errString, "Unknown error string (%d)", error_number);
- return errString;
-}
-
-void
-SECU_PrintError(char *progName, char *msg, ...)
-{
- va_list args;
- PRErrorCode err = PORT_GetError();
- const char * errString = SECU_Strerror(err);
-
- va_start(args, msg);
-
- fprintf(stderr, "%s: ", progName);
- vfprintf(stderr, msg, args);
- if (errString != NULL && PORT_Strlen(errString) > 0)
- fprintf(stderr, ": %s\n", errString);
- else
- fprintf(stderr, ": error %d\n", (int)err);
-
- va_end(args);
-}
-
-void
-SECU_PrintSystemError(char *progName, char *msg, ...)
-{
- va_list args;
-
- va_start(args, msg);
- fprintf(stderr, "%s: ", progName);
- vfprintf(stderr, msg, args);
-#if defined(_WIN32_WCE)
- fprintf(stderr, ": %d\n", PR_GetOSError());
-#else
- fprintf(stderr, ": %s\n", strerror(errno));
-#endif
- va_end(args);
-}
-
-static void
-secu_ClearPassword(char *p)
-{
- if (p) {
- PORT_Memset(p, 0, PORT_Strlen(p));
- PORT_Free(p);
- }
-}
-
-char *
-SECU_GetPasswordString(void *arg, char *prompt)
-{
-#ifndef _WINDOWS
- char *p = NULL;
- FILE *input, *output;
-
- /* open terminal */
- input = fopen(consoleName, "r");
- if (input == NULL) {
- fprintf(stderr, "Error opening input terminal for read\n");
- return NULL;
- }
-
- output = fopen(consoleName, "w");
- if (output == NULL) {
- fprintf(stderr, "Error opening output terminal for write\n");
- return NULL;
- }
-
- p = SEC_GetPassword (input, output, prompt, SEC_BlindCheckPassword);
-
-
- fclose(input);
- fclose(output);
-
- return p;
-
-#else
- /* Win32 version of above. opening the console may fail
- on windows95, and certainly isn't necessary.. */
-
- char *p = NULL;
-
- p = SEC_GetPassword (stdin, stdout, prompt, SEC_BlindCheckPassword);
- return p;
-
-#endif
-}
-
-
-/*
- * p a s s w o r d _ h a r d c o d e
- *
- * A function to use the password passed in the -f(pwfile) argument
- * of the command line.
- * After use once, null it out otherwise PKCS11 calls us forever.?
- *
- */
-char *
-SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- unsigned char phrase[200];
- PRFileDesc *fd;
- PRInt32 nb;
- char *pwFile = arg;
- int i;
-
- if (!pwFile)
- return 0;
-
- if (retry) {
- return 0; /* no good retrying - the files contents will be the same */
- }
-
- fd = PR_Open(pwFile, PR_RDONLY, 0);
- if (!fd) {
- fprintf(stderr, "No password file \"%s\" exists.\n", pwFile);
- return NULL;
- }
-
- nb = PR_Read(fd, phrase, sizeof(phrase));
-
- PR_Close(fd);
- /* handle the Windows EOL case */
- i = 0;
- while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++;
- phrase[i] = '\0';
- if (nb == 0) {
- fprintf(stderr,"password file contains no data\n");
- return NULL;
- }
- return (char*) PORT_Strdup((char*)phrase);
-}
-
-char *
-SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char prompt[255];
- secuPWData *pwdata = (secuPWData *)arg;
- secuPWData pwnull = { PW_NONE, 0 };
- char *pw;
-
- if (pwdata == NULL)
- pwdata = &pwnull;
-
- if (retry && pwdata->source != PW_NONE) {
- PR_fprintf(PR_STDERR, "incorrect password entered at command line.\n");
- return NULL;
- }
-
- switch (pwdata->source) {
- case PW_NONE:
- sprintf(prompt, "Enter Password or Pin for \"%s\":",
- PK11_GetTokenName(slot));
- return SECU_GetPasswordString(NULL, prompt);
- case PW_FROMFILE:
- /* Instead of opening and closing the file every time, get the pw
- * once, then keep it in memory (duh).
- */
- pw = SECU_FilePasswd(slot, retry, pwdata->data);
- pwdata->source = PW_PLAINTEXT;
- pwdata->data = PL_strdup(pw);
- /* it's already been dup'ed */
- return pw;
- case PW_PLAINTEXT:
- return PL_strdup(pwdata->data);
- default:
- break;
- }
-
- PR_fprintf(PR_STDERR, "Password check failed: No password found.\n");
- return NULL;
-}
-
-char *
-secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *p0 = NULL;
- char *p1 = NULL;
- FILE *input, *output;
- secuPWData *pwdata = arg;
-
- if (pwdata->source == PW_FROMFILE) {
- return SECU_FilePasswd(slot, retry, pwdata->data);
- }
- if (pwdata->source == PW_PLAINTEXT) {
- return PL_strdup(pwdata->data);
- }
-
- /* PW_NONE - get it from tty */
- /* open terminal */
-#ifdef _WINDOWS
- input = stdin;
-#else
- input = fopen(consoleName, "r");
-#endif
- if (input == NULL) {
- PR_fprintf(PR_STDERR, "Error opening input terminal for read\n");
- return NULL;
- }
-
- /* we have no password, so initialize database with one */
- PR_fprintf(PR_STDERR,
- "Enter a password which will be used to encrypt your keys.\n"
- "The password should be at least 8 characters long,\n"
- "and should contain at least one non-alphabetic character.\n\n");
-
- output = fopen(consoleName, "w");
- if (output == NULL) {
- PR_fprintf(PR_STDERR, "Error opening output terminal for write\n");
- return NULL;
- }
-
-
- for (;;) {
- if (p0)
- PORT_Free(p0);
- p0 = SEC_GetPassword(input, output, "Enter new password: ",
- SEC_BlindCheckPassword);
-
- if (p1)
- PORT_Free(p1);
- p1 = SEC_GetPassword(input, output, "Re-enter password: ",
- SEC_BlindCheckPassword);
- if (p0 && p1 && !PORT_Strcmp(p0, p1)) {
- break;
- }
- PR_fprintf(PR_STDERR, "Passwords do not match. Try again.\n");
- }
-
- /* clear out the duplicate password string */
- secu_ClearPassword(p1);
-
- fclose(input);
- fclose(output);
-
- return p0;
-}
-
-SECStatus
-SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile)
-{
- SECStatus rv;
- secuPWData pwdata, newpwdata;
- char *oldpw = NULL, *newpw = NULL;
-
- if (passwd) {
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = passwd;
- } else if (pwFile) {
- pwdata.source = PW_FROMFILE;
- pwdata.data = pwFile;
- } else {
- pwdata.source = PW_NONE;
- pwdata.data = NULL;
- }
-
- if (PK11_NeedUserInit(slot)) {
- newpw = secu_InitSlotPassword(slot, PR_FALSE, &pwdata);
- rv = PK11_InitPin(slot, (char*)NULL, newpw);
- goto done;
- }
-
- for (;;) {
- oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata);
-
- if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- if (pwdata.source == PW_NONE) {
- PR_fprintf(PR_STDERR, "Invalid password. Try again.\n");
- } else {
- PR_fprintf(PR_STDERR, "Invalid password.\n");
- PORT_Memset(oldpw, 0, PL_strlen(oldpw));
- PORT_Free(oldpw);
- return SECFailure;
- }
- } else
- break;
-
- PORT_Free(oldpw);
- }
-
- newpwdata.source = PW_NONE;
- newpwdata.data = NULL;
-
- newpw = secu_InitSlotPassword(slot, PR_FALSE, &newpwdata);
-
- if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, "Failed to change password.\n");
- return SECFailure;
- }
-
- PORT_Memset(oldpw, 0, PL_strlen(oldpw));
- PORT_Free(oldpw);
-
- PR_fprintf(PR_STDOUT, "Password changed successfully.\n");
-
-done:
- PORT_Memset(newpw, 0, PL_strlen(newpw));
- PORT_Free(newpw);
- return SECSuccess;
-}
-
-struct matchobj {
- SECItem index;
- char *nname;
- PRBool found;
-};
-
-char *
-SECU_DefaultSSLDir(void)
-{
- char *dir;
- static char sslDir[1000];
-
- dir = PR_GetEnv("SSL_DIR");
- if (!dir)
- return NULL;
-
- sprintf(sslDir, "%s", dir);
-
- if (sslDir[strlen(sslDir)-1] == '/')
- sslDir[strlen(sslDir)-1] = 0;
-
- return sslDir;
-}
-
-char *
-SECU_AppendFilenameToDir(char *dir, char *filename)
-{
- static char path[1000];
-
- if (dir[strlen(dir)-1] == '/')
- sprintf(path, "%s%s", dir, filename);
- else
- sprintf(path, "%s/%s", dir, filename);
- return path;
-}
-
-char *
-SECU_ConfigDirectory(const char* base)
-{
- static PRBool initted = PR_FALSE;
- const char *dir = ".netscape";
- char *home;
- static char buf[1000];
-
- if (initted) return buf;
-
-
- if (base == NULL || *base == 0) {
- home = PR_GetEnv("HOME");
- if (!home) home = "";
-
- if (*home && home[strlen(home) - 1] == '/')
- sprintf (buf, "%.900s%s", home, dir);
- else
- sprintf (buf, "%.900s/%s", home, dir);
- } else {
- sprintf(buf, "%.900s", base);
- if (buf[strlen(buf) - 1] == '/')
- buf[strlen(buf) - 1] = 0;
- }
-
-
- initted = PR_TRUE;
- return buf;
-}
-
-/*Turn off SSL for now */
-/* This gets called by SSL when server wants our cert & key */
-int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
- SECKEYPrivateKey *key;
- CERTCertificate *cert;
- int errsave;
-
- if (arg == NULL) {
- fprintf(stderr, "no key/cert name specified for client auth\n");
- return -1;
- }
- cert = PK11_FindCertFromNickname(arg, NULL);
- errsave = PORT_GetError();
- if (!cert) {
- if (errsave == SEC_ERROR_BAD_PASSWORD)
- fprintf(stderr, "Bad password\n");
- else if (errsave > 0)
- fprintf(stderr, "Unable to read cert (error %d)\n", errsave);
- else if (errsave == SEC_ERROR_BAD_DATABASE)
- fprintf(stderr, "Unable to get cert from database (%d)\n", errsave);
- else
- fprintf(stderr, "SECKEY_FindKeyByName: internal error %d\n", errsave);
- return -1;
- }
-
- key = PK11_FindKeyByAnyCert(arg,NULL);
- if (!key) {
- fprintf(stderr, "Unable to get key (%d)\n", PORT_GetError());
- return -1;
- }
-
-
- *pRetCert = cert;
- *pRetKey = key;
-
- return 0;
-}
-
-SECStatus
-secu_StdinToItem(SECItem *dst)
-{
- unsigned char buf[1000];
- PRInt32 numBytes;
- PRBool notDone = PR_TRUE;
-
- dst->len = 0;
- dst->data = NULL;
-
- while (notDone) {
- numBytes = PR_Read(PR_STDIN, buf, sizeof(buf));
-
- if (numBytes < 0) {
- PORT_SetError(PR_IO_ERROR);
- return SECFailure;
- }
-
- if (numBytes == 0)
- break;
-
- if (buf[numBytes-1] == '\n') {
- buf[numBytes-1] = '\0';
- notDone = PR_FALSE;
- }
-
- if (dst->data) {
- dst->data = (unsigned char*)PORT_Realloc(dst->data,
- dst->len+numBytes);
- PORT_Memcpy(dst->data+dst->len, buf, numBytes);
- } else {
- dst->data = (unsigned char*)PORT_Alloc(numBytes);
- PORT_Memcpy(dst->data, buf, numBytes);
- }
- dst->len += numBytes;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SECU_FileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
-
- if (src == PR_STDIN)
- return secu_StdinToItem(dst);
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, info.size))
- goto loser;
-
- numBytes = PR_Read(src, dst->data, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- return SECSuccess;
-loser:
- SECITEM_FreeItem(dst, PR_FALSE);
- return SECFailure;
-}
-
-SECStatus
-SECU_TextFileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
- unsigned char *buf;
-
- if (src == PR_STDIN)
- return secu_StdinToItem(dst);
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- buf = (unsigned char*)PORT_Alloc(info.size);
- if (!buf)
- return SECFailure;
-
- numBytes = PR_Read(src, buf, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- if (buf[numBytes-1] == '\n') numBytes--;
-#ifdef _WINDOWS
- if (buf[numBytes-1] == '\r') numBytes--;
-#endif
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, numBytes))
- goto loser;
-
- memcpy(dst->data, buf, numBytes);
-
- PORT_Free(buf);
- return SECSuccess;
-loser:
- PORT_Free(buf);
- return SECFailure;
-}
-
-SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
-{
- SECStatus rv;
- char *asc, *body, *trailer;
- if (ascii) {
- /* First convert ascii to binary */
- SECItem filedata;
-
- /* Read in ascii data */
- rv = SECU_FileToItem(&filedata, inFile);
- asc = (char *)filedata.data;
- if (!asc) {
- fprintf(stderr, "unable to read data from input file\n");
- return SECFailure;
- }
-
- /* check for headers and trailers and remove them */
- if ((body = strstr(asc, "-----BEGIN")) != NULL) {
- body = PORT_Strchr(body, '\n') + 1;
- trailer = strstr(body, "-----END");
- if (trailer != NULL) {
- *trailer = '\0';
- } else {
- fprintf(stderr, "input has header but no trailer\n");
- return SECFailure;
- }
- } else {
- body = asc;
- }
-
- /* Convert to binary */
- rv = ATOB_ConvertAsciiToItem(der, body);
- if (rv) {
- fprintf(stderr, "error converting ascii to binary (%s)\n",
- SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- PORT_Free(asc);
- } else {
- /* Read in binary der */
- rv = SECU_FileToItem(der, inFile);
- if (rv) {
- fprintf(stderr, "error converting der (%s)\n",
- SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-#define INDENT_MULT 4
-void
-SECU_Indent(FILE *out, int level)
-{
- int i;
- for (i = 0; i < level; i++) {
- fprintf(out, " ");
- }
-}
-
-static void secu_Newline(FILE *out)
-{
- fprintf(out, "\n");
-}
-
-void
-SECU_PrintAsHex(FILE *out, SECItem *data, const char *m, int level)
-{
- unsigned i;
- int column;
- PRBool isString = PR_TRUE;
-
- if ( m ) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- level++;
- }
-
- SECU_Indent(out, level); column = level*INDENT_MULT;
- for (i = 0; i < data->len; i++) {
- unsigned char val = data->data[i];
-
- if (isString && val && !isprint(val)) {
- isString = PR_FALSE;
- }
- if (i != data->len - 1) {
- fprintf(out, "%02x:", data->data[i]);
- column += 3;
- } else {
- fprintf(out, "%02x", data->data[i]);
- column += 2;
- break;
- }
- if (column > 76 || (i % 16 == 15)) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
- }
- if (isString) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- for (i = 0; i < data->len; i++) {
- unsigned char val = data->data[i];
-
- if (val) {
- fprintf(out,"%c",val);
- column++;
- } else {
- column = 77;
- }
- if (column > 76) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
- }
- }
-
- level--;
- if (column != level*INDENT_MULT) {
- secu_Newline(out);
- }
-}
-
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
- "................" /* 0x */
- "................" /* 1x */
- " !\"#$%&'()*+,-./" /* 2x */
- "0123456789:;<=>?" /* 3x */
- "@ABCDEFGHIJKLMNO" /* 4x */
- "PQRSTUVWXYZ[\\]^_" /* 5x */
- "`abcdefghijklmno" /* 6x */
- "pqrstuvwxyz{|}~." /* 7x */
- "................" /* 8x */
- "................" /* 9x */
- "................" /* ax */
- "................" /* bx */
- "................" /* cx */
- "................" /* dx */
- "................" /* ex */
- "................" /* fx */
-};
-
-void
-SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len)
-{
- const unsigned char *cp = (const unsigned char *)vp;
- char buf[80];
- char *bp;
- char *ap;
-
- fprintf(out, "%s [Len: %d]\n", msg, len);
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- *ap++ = printable[ch];
- if (ap - buf >= 66) {
- *ap = 0;
- fprintf(out, " %s\n", buf);
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- }
- }
- if (bp > buf) {
- *ap = 0;
- fprintf(out, " %s\n", buf);
- }
-}
-
-void
-SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level)
-{
- int iv;
-
- if (!i || !i->len || !i->data) {
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: (null)\n", m);
- } else {
- fprintf(out, "(null)\n");
- }
- } else if (i->len > 4) {
- SECU_PrintAsHex(out, i, m, level);
- } else {
- iv = DER_GetInteger(i);
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: %d (0x%x)\n", m, iv, iv);
- } else {
- fprintf(out, "%d (0x%x)\n", iv, iv);
- }
- }
-}
-
-void
-SECU_PrintString(FILE *out, SECItem *i, char *m, int level)
-{
- char *string;
- unsigned char *data = i->data;
- int len = i->len;
- int lenlen;
- int tag;
-
- string = PORT_ZAlloc(i->len+1);
-
- tag = *data++; len--;
- if (data[1] & 0x80) {
- lenlen = data[1] & 0x1f;
- } else {
- lenlen = 1;
- }
- data += lenlen; len -= lenlen;
- if (len <= 0) return;
- PORT_Memcpy(string,data,len);
-
- /* should check the validity of tag, and convert the string as necessary */
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: \"%s\"\n", m, string);
- } else {
- fprintf(out, "\"%s\"\n", string);
- }
-}
-
-static void
-secu_PrintBoolean(FILE *out, SECItem *i, char *m, int level)
-{
- int val = 0;
-
- if ( i->data ) {
- val = i->data[0];
- }
-
- if (m) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m); level++;
- }
- if ( val ) {
- SECU_Indent(out, level); fprintf(out, "%s\n", "True");
- } else {
- SECU_Indent(out, level); fprintf(out, "%s\n", "False");
- }
-}
-
-/*
- * Format and print "time". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-static void
-secu_PrintTime(FILE *out, int64 time, char *m, int level)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Convert to local time */
- PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
- timeString = PORT_Alloc(100);
- if (timeString == NULL)
- return;
-
- if (m != NULL) {
- SECU_Indent(out, level);
- fprintf(out, "%s: ", m);
- }
-
- PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime);
- fprintf(out, timeString);
-
- if (m != NULL)
- fprintf(out, "\n");
-
- PORT_Free(timeString);
-}
-
-/*
- * Format and print the UTC Time "t". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-void
-SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level)
-{
- int64 time;
- SECStatus rv;
-
- rv = DER_UTCTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-
- secu_PrintTime(out, time, m, level);
-}
-
-/*
- * Format and print the Generalized Time "t". If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-void
-SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level)
-{
- int64 time;
- SECStatus rv;
-
-
- rv = DER_GeneralizedTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-
- secu_PrintTime(out, time, m, level);
-}
-
-static void secu_PrintAny(FILE *out, SECItem *i, char *m, int level);
-
-void
-SECU_PrintSet(FILE *out, SECItem *t, char *m, int level)
-{
- int type= t->data[0] & SEC_ASN1_TAGNUM_MASK;
- int start;
- unsigned char *bp;
-
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: ", m);
- }
-
- fprintf(out,"%s {\n", type == SEC_ASN1_SET ? "Set" : "Sequence"); /* } */
-
- start = 2;
- if (t->data[1] & 0x80) {
- start += (t->data[1] & 0x7f);
- }
- for (bp=&t->data[start]; bp < &t->data[t->len]; ) {
- SECItem tmp;
- unsigned int i,len,lenlen;
-
- if (bp[1] & 0x80) {
- lenlen = bp[1] & 0x1f;
- len = 0;
- for (i=0; i < lenlen; i++) {
- len = len * 255 + bp[2+i];
- }
- } else {
- lenlen = 1;
- len = bp[1];
- }
- tmp.len = len+lenlen+1;
- if (tmp.len > &t->data[t->len] - bp) {
- tmp.len = &t->data[t->len] - bp;
- }
- tmp.data = bp;
- bp += tmp.len;
- secu_PrintAny(out,&tmp,NULL,level+1);
- }
- /* { */SECU_Indent(out, level); fprintf(out, "}\n");
-}
-
-static void
-secu_PrintContextSpecific(FILE *out, SECItem *i, char *m, int level)
-{
- int type= i->data[0] & SEC_ASN1_TAGNUM_MASK;
- SECItem tmp;
- int start;
-
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: ", m);
- }
-
- fprintf(out,"[%d]\n", type);
- start = 2;
- if (i->data[1] & 0x80) {
- start = (i->data[1] & 0x7f) +1;
- }
- tmp.data = &i->data[start];
- tmp.len = i->len -start;
- SECU_PrintAsHex(out, &tmp, m, level+1);
-}
-
-static void
-secu_PrintOctetString(FILE *out, SECItem *i, char *m, int level)
-{
- SECItem tmp;
- int start;
-
- start = 2;
- if (i->data[1] & 0x80) {
- start = (i->data[1] & 0x7f) +1;
- }
- tmp.data = &i->data[start];
- tmp.len = i->len - start;
- SECU_PrintAsHex(out, &tmp, m, level);
-}
-
-static void
-secu_PrintBitString(FILE *out, SECItem *i, char *m, int level)
-{
- SECItem tmp;
- int start;
- int unused_bits;
-
- start = 2;
- if (i->data[1] & 0x80) {
- start = (i->data[1] & 0x7f) + 1;
- }
- unused_bits = i->data[start++];
- tmp.data = &i->data[start];
- tmp.len = i->len - start;
- SECU_PrintAsHex(out, &tmp, m, level);
- if (unused_bits) {
- SECU_Indent(out, level + 1);
- fprintf(out, "(%d least significant bits unused)\n", unused_bits);
- }
-}
-
-static void
-secu_PrintUniversal(FILE *out, SECItem *i, char *m, int level)
-{
- switch (i->data[0] & SEC_ASN1_TAGNUM_MASK) {
- case SEC_ASN1_INTEGER:
- SECU_PrintInteger(out, i, m, level);
- break;
- case SEC_ASN1_OBJECT_ID:
- SECU_PrintObjectID(out, i, m, level);
- break;
- case SEC_ASN1_BOOLEAN:
- secu_PrintBoolean(out, i, m, level);
- break;
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- case SEC_ASN1_BMP_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UNIVERSAL_STRING:
- SECU_PrintString(out, i, m, level);
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- SECU_PrintGeneralizedTime(out, i, m, level);
- break;
- case SEC_ASN1_UTC_TIME:
- SECU_PrintUTCTime(out, i, m, level);
- break;
- case SEC_ASN1_NULL:
- SECU_Indent(out, level); fprintf(out, "%s: NULL\n", m);
- break;
- case SEC_ASN1_SET:
- case SEC_ASN1_SEQUENCE:
- SECU_PrintSet(out, i, m, level);
- break;
- case SEC_ASN1_OCTET_STRING:
- secu_PrintOctetString(out, i, m, level);
- break;
- case SEC_ASN1_BIT_STRING:
- secu_PrintBitString(out, i, m, level);
- break;
- default:
- SECU_PrintAsHex(out, i, m, level);
- break;
- }
-}
-
-static void
-secu_PrintAny(FILE *out, SECItem *i, char *m, int level)
-{
- if ( i && i->len && i->data ) {
- switch (i->data[0] & SEC_ASN1_CLASS_MASK) {
- case SEC_ASN1_CONTEXT_SPECIFIC:
- secu_PrintContextSpecific(out, i, m, level);
- break;
- case SEC_ASN1_UNIVERSAL:
- secu_PrintUniversal(out, i, m, level);
- break;
- default:
- SECU_PrintAsHex(out, i, m, level);
- break;
- }
- }
-}
-
-static int
-secu_PrintValidity(FILE *out, CERTValidity *v, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintUTCTime(out, &v->notBefore, "Not Before", level+1);
- SECU_PrintUTCTime(out, &v->notAfter, "Not After", level+1);
- return 0;
-}
-
-void
-SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level)
-{
- const char *name;
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID(oid);
- if (oiddata == NULL) {
- SECU_PrintAsHex(out, oid, m, level);
- return;
- }
- name = oiddata->desc;
-
- SECU_Indent(out, level);
- if (m != NULL)
- fprintf(out, "%s: ", m);
- fprintf(out, "%s\n", name);
-}
-
-void
-SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, int level)
-{
- SECU_PrintObjectID(out, &a->algorithm, m, level);
-
- if (a->parameters.len == 0
- || (a->parameters.len == 2
- && PORT_Memcmp(a->parameters.data, "\005\000", 2) == 0)) {
- /* No arguments or NULL argument */
- } else {
- /* Print args to algorithm */
- SECU_PrintAsHex(out, &a->parameters, "Args", level+1);
- }
-}
-
-static void
-secu_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m, int level)
-{
- SECItem *value;
- int i;
- char om[100];
-
- if (m) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- }
-
- /*
- * Should make this smarter; look at the type field and then decode
- * and print the value(s) appropriately!
- */
- SECU_PrintObjectID(out, &(attr->type), "Type", level+1);
- if (attr->values != NULL) {
- i = 0;
- while ((value = attr->values[i++]) != NULL) {
- sprintf(om, "Value (%d)%s", i, attr->encoded ? " (encoded)" : "");
- if (attr->encoded || attr->typeTag == NULL) {
- SECU_PrintAsHex(out, value, om, level+1);
- } else {
- switch (attr->typeTag->offset) {
- default:
- SECU_PrintAsHex(out, value, om, level+1);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- SECU_PrintObjectID(out, value, om, level+1);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- SECU_PrintUTCTime(out, value, om, level+1);
- break;
- }
- }
- }
- }
-}
-
-static void
-secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
-#if 0 /*
- * um, yeah, that might be nice, but if you look at the callers
- * you will see that they do not *set* this, so this will not work!
- * Instead, somebody needs to fix the callers to be smarter about
- * public key stuff, if that is important.
- */
- PORT_Assert(pk->keyType == rsaKey);
-#endif
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1);
- SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1);
-}
-
-static void
-secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.dsa.params.prime, "Prime", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.params.subPrime, "Subprime", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.params.base, "Base", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.publicValue, "PublicValue", level+1);
-}
-
-static int
-secu_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *i, char *msg, int level)
-{
- SECKEYPublicKey *pk;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
- SECU_PrintAlgorithmID(out, &i->algorithm, "Public Key Algorithm", level+1);
-
- pk = SECKEY_ExtractPublicKey(i);
- if (pk) {
- switch (pk->keyType) {
- case rsaKey:
- secu_PrintRSAPublicKey(out, pk, "RSA Public Key", level +1);
- break;
-
- case dsaKey:
- secu_PrintDSAPublicKey(out, pk, "DSA Public Key", level +1);
- break;
-
- case dhKey:
- case fortezzaKey:
- case keaKey:
- case ecKey:
- fprintf(out, "unable to format this SPKI algorithm type\n");
- break;
- default:
- fprintf(out, "unknown SPKI algorithm type\n");
- break;
- }
- PORT_FreeArena(pk->arena, PR_FALSE);
- } else {
- SECU_PrintError("Error", "Parsing public key");
- }
-
- return 0;
-}
-
-static SECStatus
-secu_PrintX509InvalidDate(FILE *out, SECItem *value, char *msg, int level)
-{
- SECItem decodedValue;
- SECStatus rv;
- int64 invalidTime;
- char *formattedTime = NULL;
-
- decodedValue.data = NULL;
- rv = SEC_ASN1DecodeItem (NULL, &decodedValue,
- SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
- value);
- if (rv == SECSuccess) {
- rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
- if (rv == SECSuccess) {
- formattedTime = CERT_GenTime2FormattedAscii
- (invalidTime, "%a %b %d %H:%M:%S %Y");
- SECU_Indent(out, level +1);
- fprintf (out, "%s: %s\n", msg, formattedTime);
- PORT_Free (formattedTime);
- }
- }
- PORT_Free (decodedValue.data);
- return (rv);
-}
-
-static SECStatus
-PrintExtKeyUsageExten (FILE *out, SECItem *value, char *msg, int level)
-{
- CERTOidSequence *os;
- SECItem **op;
-
- SECU_Indent(out, level); fprintf(out, "Extended Key Usage Extension:\n");
-
- os = CERT_DecodeOidSequence(value);
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- for( op = os->oids; *op; op++ ) {
- SECOidData *od = SECOID_FindOID(*op);
-
- if( (SECOidData *)NULL == od ) {
- SECU_Indent(out, level+1);
- SECU_PrintAsHex(out, *op, "Unknown:", level+2);
- secu_Newline(out);
- continue;
- }
-
- SECU_Indent(out, level+1);
- if( od->desc ) fprintf(out, "%s", od->desc);
- else SECU_PrintAsHex(out, &od->oid, "", level+2);
-
- secu_Newline(out);
- }
-
- return SECSuccess;
-}
-
-char *
-itemToString(SECItem *item)
-{
- char *string;
-
- string = PORT_ZAlloc(item->len+1);
- if (string == NULL) return NULL;
- PORT_Memcpy(string,item->data,item->len);
- string[item->len] = 0;
- return string;
-}
-
-static SECStatus
-secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier,char *msg,int level)
-{
- CERTUserNotice *userNotice;
- SECItem **itemList = NULL;
- char *string;
-
- SECU_PrintObjectID(out, &policyQualifier->qualifierID ,
- "Policy Qualifier Name", level);
-
- switch (policyQualifier->oid) {
- case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
- userNotice = CERT_DecodeUserNotice(&policyQualifier->qualifierValue);
- if (userNotice) {
- if (userNotice->noticeReference.organization.len != 0) {
- string=itemToString(&userNotice->noticeReference.organization);
- itemList = userNotice->noticeReference.noticeNumbers;
- while (*itemList) {
- SECU_PrintInteger(out,*itemList,string,level+1);
- itemList++;
- }
- PORT_Free(string);
- }
- if (userNotice->displayText.len != 0) {
- SECU_PrintString(out,&userNotice->displayText,
- "Display Text", level+1);
- }
- break;
- }
- /* fall through on error */
- case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
- default:
- secu_PrintAny(out, &policyQualifier->qualifierValue, "Policy Qualifier Data", level+1);
- break;
- }
-
- return SECSuccess;
-
-}
-
-static SECStatus
-secu_PrintPolicyInfo(FILE *out,CERTPolicyInfo *policyInfo,char *msg,int level)
-{
- CERTPolicyQualifier **policyQualifiers;
-
- policyQualifiers = policyInfo->policyQualifiers;
- SECU_PrintObjectID(out, &policyInfo->policyID , "Policy Name", level);
-
- while (*policyQualifiers != NULL) {
- secu_PrintPolicyQualifier(out,*policyQualifiers,"",level+1);
- policyQualifiers++;
- }
- return SECSuccess;
-
-}
-
-static SECStatus
-secu_PrintPolicy(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTCertificatePolicies *policies = NULL;
- CERTPolicyInfo **policyInfos;
-
- if (msg) {
- SECU_Indent(out, level);
- fprintf(out,"%s: \n",msg);
- level++;
- }
- policies = CERT_DecodeCertificatePoliciesExtension(value);
- if (policies == NULL) {
- SECU_PrintAsHex(out, value, "Invalid Policy Data", level);
- return SECFailure;
- }
-
- policyInfos = policies->policyInfos;
- while (*policyInfos != NULL) {
- secu_PrintPolicyInfo(out,*policyInfos,"",level);
- policyInfos++;
- }
-
- CERT_DestroyCertificatePoliciesExtension(policies);
- return SECSuccess;
-}
-
-char *nsTypeBits[] = {
-"SSL Client","SSL Server","S/MIME","Object Signing","Reserved","SSL CA","S/MIME CA","ObjectSigning CA" };
-
-static SECStatus
-secu_PrintBasicConstraints(FILE *out, SECItem *value, char *msg, int level) {
- CERTBasicConstraints constraints;
- SECStatus rv;
-
- SECU_Indent(out, level);
- if (msg) {
- fprintf(out,"%s: ",msg);
- }
- rv = CERT_DecodeBasicConstraintValue(&constraints,value);
- if (rv == SECSuccess && constraints.isCA) {
- fprintf(out,"Is a CA with a maximum path length of %d.\n",
- constraints.pathLenConstraint);
- } else {
- fprintf(out,"Is not a CA.\n");
- }
- return SECSuccess;
-}
-
-static SECStatus
-secu_PrintNSCertType(FILE *out, SECItem *value, char *msg, int level) {
- char NS_Type=0;
- int len, i, found=0;
-
- if (value->data[1] & 0x80) {
- len = 3;
- } else {
- len = value->data[1];
- }
- if ((value->data[0] != SEC_ASN1_BIT_STRING) || (len < 2)) {
- secu_PrintAny(out, value, "Data", level);
- return SECSuccess;
- }
- NS_Type=value->data[3];
-
-
- if (msg) {
- SECU_Indent(out, level);
- fprintf(out,"%s: ",msg);
- } else {
- SECU_Indent(out, level);
- fprintf(out,"Netscape Certificate Type: ");
- }
- for (i=0; i < 8; i++) {
- if ( (0x80 >> i) & NS_Type) {
- fprintf(out,"%c%s",found?',':'<',nsTypeBits[i]);
- found = 1;
- }
- }
- if (found) { fprintf(out,">\n"); } else { fprintf(out,"none\n"); }
- return SECSuccess;
-}
-
-void
-SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
- char *msg, int level)
-{
- SECOidTag oidTag;
-
- if ( extensions ) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
-
- while ( *extensions ) {
- SECItem *tmpitem;
- SECU_Indent(out, level+1); fprintf(out, "Name:\n");
-
- tmpitem = &(*extensions)->id;
- SECU_PrintObjectID(out, tmpitem, NULL, level+2);
-
- tmpitem = &(*extensions)->critical;
- if ( tmpitem->len ) {
- secu_PrintBoolean(out, tmpitem, "Critical", level+1);
- }
-
- oidTag = SECOID_FindOIDTag (&((*extensions)->id));
- tmpitem = &((*extensions)->value);
-
- switch (oidTag) {
- case SEC_OID_X509_INVALID_DATE:
- case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME:
- secu_PrintX509InvalidDate(out, tmpitem, "Date", level + 1);
- break;
- case SEC_OID_X509_CERTIFICATE_POLICIES:
- secu_PrintPolicy(out, tmpitem, "Data", level +1);
- break;
- case SEC_OID_NS_CERT_EXT_BASE_URL:
- case SEC_OID_NS_CERT_EXT_REVOCATION_URL:
- case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL:
- case SEC_OID_NS_CERT_EXT_CA_CRL_URL:
- case SEC_OID_NS_CERT_EXT_CA_CERT_URL:
- case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL:
- case SEC_OID_NS_CERT_EXT_CA_POLICY_URL:
- case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL:
- case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL:
- case SEC_OID_OCSP_RESPONDER:
- SECU_PrintString(out,tmpitem, "URL", level+1);
- break;
- case SEC_OID_NS_CERT_EXT_COMMENT:
- SECU_PrintString(out,tmpitem, "Comment", level+1);
- break;
- case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME:
- SECU_PrintString(out,tmpitem, "ServerName", level+1);
- break;
- case SEC_OID_NS_CERT_EXT_CERT_TYPE:
- secu_PrintNSCertType(out,tmpitem,"Data",level+1);
- break;
- case SEC_OID_X509_BASIC_CONSTRAINTS:
- secu_PrintBasicConstraints(out,tmpitem,"Data",level+1);
- break;
-
- case SEC_OID_X509_SUBJECT_ALT_NAME:
- case SEC_OID_X509_ISSUER_ALT_NAME:
- /*
- * We should add at least some of the more interesting cases
- * here, but need to have subroutines to back them up.
- */
- case SEC_OID_NS_CERT_EXT_NETSCAPE_OK:
- case SEC_OID_NS_CERT_EXT_ISSUER_LOGO:
- case SEC_OID_NS_CERT_EXT_SUBJECT_LOGO:
- case SEC_OID_NS_CERT_EXT_ENTITY_LOGO:
- case SEC_OID_NS_CERT_EXT_USER_PICTURE:
- case SEC_OID_NS_KEY_USAGE_GOVT_APPROVED:
-
- /* x.509 v3 Extensions */
- case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
- case SEC_OID_X509_SUBJECT_KEY_ID:
- case SEC_OID_X509_KEY_USAGE:
- case SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD:
- case SEC_OID_X509_NAME_CONSTRAINTS:
- case SEC_OID_X509_CRL_DIST_POINTS:
- case SEC_OID_X509_POLICY_MAPPINGS:
- case SEC_OID_X509_POLICY_CONSTRAINTS:
- case SEC_OID_X509_AUTH_KEY_ID:
- goto defualt;
-
- case SEC_OID_X509_EXT_KEY_USAGE:
- PrintExtKeyUsageExten(out, tmpitem, "", level+1);
- break;
-
- case SEC_OID_X509_AUTH_INFO_ACCESS:
- case SEC_OID_X509_CRL_NUMBER:
- case SEC_OID_X509_REASON_CODE:
-
- /* PKIX OIDs */
- case SEC_OID_PKIX_OCSP:
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- case SEC_OID_PKIX_OCSP_NONCE:
- case SEC_OID_PKIX_OCSP_CRL:
- case SEC_OID_PKIX_OCSP_RESPONSE:
- case SEC_OID_PKIX_OCSP_NO_CHECK:
- case SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF:
- case SEC_OID_PKIX_OCSP_SERVICE_LOCATOR:
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- case SEC_OID_PKIX_REGINFO_UTF8_PAIRS:
- case SEC_OID_PKIX_REGINFO_CERT_REQUEST:
- case SEC_OID_EXT_KEY_USAGE_SERVER_AUTH:
- case SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH:
- case SEC_OID_EXT_KEY_USAGE_CODE_SIGN:
- case SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT:
- case SEC_OID_EXT_KEY_USAGE_TIME_STAMP:
-
- default:
- defualt:
- secu_PrintAny(out, tmpitem, "Data", level+1);
- break;
- }
-
- secu_Newline(out);
- extensions++;
- }
- }
-}
-
-
-void
-SECU_PrintName(FILE *out, CERTName *name, char *msg, int level)
-{
- char *str;
-
- SECU_Indent(out, level); fprintf(out, "%s: ", msg);
-
- str = CERT_NameToAscii(name);
- if (!str)
- str = "!Invalid AVA!";
- fprintf(out, str);
-
- secu_Newline(out);
-}
-
-void
-printflags(char *trusts, unsigned int flags)
-{
- if (flags & CERTDB_VALID_CA)
- if (!(flags & CERTDB_TRUSTED_CA) &&
- !(flags & CERTDB_TRUSTED_CLIENT_CA))
- PORT_Strcat(trusts, "c");
- if (flags & CERTDB_VALID_PEER)
- if (!(flags & CERTDB_TRUSTED))
- PORT_Strcat(trusts, "p");
- if (flags & CERTDB_TRUSTED_CA)
- PORT_Strcat(trusts, "C");
- if (flags & CERTDB_TRUSTED_CLIENT_CA)
- PORT_Strcat(trusts, "T");
- if (flags & CERTDB_TRUSTED)
- PORT_Strcat(trusts, "P");
- if (flags & CERTDB_USER)
- PORT_Strcat(trusts, "u");
- if (flags & CERTDB_SEND_WARN)
- PORT_Strcat(trusts, "w");
- if (flags & CERTDB_INVISIBLE_CA)
- PORT_Strcat(trusts, "I");
- if (flags & CERTDB_GOVT_APPROVED_CA)
- PORT_Strcat(trusts, "G");
- return;
-}
-
-/* callback for listing certs through pkcs11 */
-SECStatus
-SECU_PrintCertNickname(CERTCertificate *cert, void *data)
-{
- CERTCertTrust *trust;
- FILE *out;
- char trusts[30];
- char *name;
-
- PORT_Memset (trusts, 0, sizeof (trusts));
- out = (FILE *)data;
-
- name = cert->nickname;
- if ( name == NULL ) {
- name = cert->emailAddr;
- }
- if ( name == NULL ) {
- name = "(NULL)";
- }
-
- trust = cert->trust;
- if (trust) {
- printflags(trusts, trust->sslFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, trust->emailFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, trust->objectSigningFlags);
- } else {
- PORT_Memcpy(trusts,",,",3);
- }
- fprintf(out, "%-60s %-5s\n", name, trusts);
-
- return (SECSuccess);
-}
-
-int /* sometimes a PRErrorCode, other times a SECStatus. Sigh. */
-SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTCertificateRequest *cr;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- /* Decode certificate request */
- cr = PORT_ArenaZNew(arena, CERTCertificateRequest);
- if (!cr)
- goto loser;
- cr->arena = arena;
- rv = SEC_QuickDERDecodeItem(arena, cr,
- SEC_ASN1_GET(CERT_CertificateRequestTemplate), der);
- if (rv)
- goto loser;
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &cr->version, "Version", level+1);
- SECU_PrintName(out, &cr->subject, "Subject", level+1);
- rv = secu_PrintSubjectPublicKeyInfo(out, arena, &cr->subjectPublicKeyInfo,
- "Subject Public Key Info", level+1);
- if (rv)
- goto loser;
- if (cr->attributes)
- secu_PrintAny(out, cr->attributes[0], "Attributes", level+1);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-int
-SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTCertificate *c;
- int rv = SEC_ERROR_NO_MEMORY;
- int iv;
-
- if (!arena)
- return rv;
-
- /* Decode certificate */
- c = PORT_ArenaZNew(arena, CERTCertificate);
- if (!c)
- goto loser;
- c->arena = arena;
- rv = SEC_ASN1DecodeItem(arena, c,
- SEC_ASN1_GET(CERT_CertificateTemplate), der);
- if (rv)
- goto loser;
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- iv = c->version.len ? DER_GetInteger(&c->version) : 0; /* version is optional */
- SECU_Indent(out, level+1); fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv);
-
- SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1);
- SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1);
- SECU_PrintName(out, &c->issuer, "Issuer", level+1);
- secu_PrintValidity(out, &c->validity, "Validity", level+1);
- SECU_PrintName(out, &c->subject, "Subject", level+1);
- rv = secu_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo,
- "Subject Public Key Info", level+1);
- if (rv)
- goto loser;
- SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1);
- SECU_PrintFingerprints(out, &c->derCert, "Fingerprint", level);
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-int
-SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SECKEYPublicKey key;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- PORT_Memset(&key, 0, sizeof(key));
- rv = SEC_ASN1DecodeItem(arena, &key,
- SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), der);
- if (!rv) {
- /* Pretty print it out */
- secu_PrintRSAPublicKey(out, &key, m, level);
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-#ifdef HAVE_EPV_TEMPLATE
-int
-SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SECKEYEncryptedPrivateKeyInfo key;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- PORT_Memset(&key, 0, sizeof(key));
- rv = SEC_ASN1DecodeItem(arena, &key,
- SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate), der);
- if (rv)
- goto loser;
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintAlgorithmID(out, &key.algorithm, "Encryption Algorithm",
- level+1);
- SECU_PrintAsHex(out, &key.encryptedData, "Encrypted Data", level+1);
-loser:
- PORT_FreeArena(arena, PR_TRUE);
- return rv;
-}
-#endif
-
-int
-SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level)
-{
- unsigned char fingerprint[20];
- char *fpStr = NULL;
- SECItem fpItem;
- /* print MD5 fingerprint */
- memset(fingerprint, 0, sizeof fingerprint);
- PK11_HashBuf(SEC_OID_MD5,fingerprint, derCert->data, derCert->len);
- fpItem.data = fingerprint;
- fpItem.len = MD5_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
- SECU_Indent(out, level); fprintf(out, "%s (MD5):\n", m);
- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fpStr = NULL;
- /* print SHA1 fingerprint */
- memset(fingerprint, 0, sizeof fingerprint);
- PK11_HashBuf(SEC_OID_SHA1,fingerprint, derCert->data, derCert->len);
- fpItem.data = fingerprint;
- fpItem.len = SHA1_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
- SECU_Indent(out, level); fprintf(out, "%s (SHA1):\n", m);
- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fprintf(out, "\n");
- return 0;
-}
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-static int
-secu_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *, int);
-
-/*
-** secu_PrintPKCS7EncContent
-** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-static void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src,
- char *m, int level)
-{
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- SECU_Indent(out, level);
- fprintf(out, "%s:\n", m);
- SECU_Indent(out, level + 1);
- fprintf(out, "Content Type: %s\n",
- (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
- : "Unknown");
- SECU_PrintAlgorithmID(out, &(src->contentEncAlg),
- "Content Encryption Algorithm", level+1);
- SECU_PrintAsHex(out, &(src->encContent),
- "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-** Prints a PKCS7RecipientInfo type
-*/
-static void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m,
- int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(info->version), "Version", level + 1);
-
- SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer",
- level + 1);
- SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number", level + 1);
-
- /* Parse and display encrypted key */
- SECU_PrintAlgorithmID(out, &(info->keyEncAlg),
- "Key Encryption Algorithm", level + 1);
- SECU_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-
-/*
-** secu_PrintSignerInfo
-** Prints a PKCS7SingerInfo type
-*/
-static void
-secu_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m, int level)
-{
- SEC_PKCS7Attribute *attr;
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(info->version), "Version", level + 1);
-
- SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer",
- level + 1);
- SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number", level + 1);
-
- SECU_PrintAlgorithmID(out, &(info->digestAlg), "Digest Algorithm",
- level + 1);
-
- if (info->authAttr != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Authenticated Attributes:\n");
- iv = 0;
- while ((attr = info->authAttr[iv++]) != NULL) {
- sprintf(om, "Attribute (%d)", iv);
- secu_PrintAttribute(out, attr, om, level + 2);
- }
- }
-
- /* Parse and display signature */
- SECU_PrintAlgorithmID(out, &(info->digestEncAlg),
- "Digest Encryption Algorithm", level + 1);
- SECU_PrintAsHex(out, &(info->encDigest), "Encrypted Digest", level + 1);
-
- if (info->unAuthAttr != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Unauthenticated Attributes:\n");
- iv = 0;
- while ((attr = info->unAuthAttr[iv++]) != NULL) {
- sprintf(om, "Attribute (%x)", iv);
- secu_PrintAttribute(out, attr, om, level + 2);
- }
- }
-}
-
-/* callers of this function must make sure that the CERTSignedCrl
- from which they are extracting the CERTCrl has been fully-decoded.
- Otherwise it will not have the entries even though the CRL may have
- some */
-
-void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level)
-{
- CERTCrlEntry *entry;
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm",
- level + 1);
- SECU_PrintName(out, &(crl->name), "Name", level + 1);
- SECU_PrintUTCTime(out, &(crl->lastUpdate), "Last Update", level + 1);
- SECU_PrintUTCTime(out, &(crl->nextUpdate), "Next Update", level + 1);
-
- if (crl->entries != NULL) {
- iv = 0;
- while ((entry = crl->entries[iv++]) != NULL) {
- sprintf(om, "Entry (%x):\n", iv);
- SECU_Indent(out, level + 1); fprintf(out, om);
- SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number",
- level + 2);
- SECU_PrintUTCTime(out, &(entry->revocationDate), "Revocation Date",
- level + 2);
- SECU_PrintExtensions
- (out, entry->extensions, "Signed CRL Entries Extensions", level + 1);
- }
- }
- SECU_PrintExtensions
- (out, crl->extensions, "Signed CRL Extension", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Signed
-** Pretty print a PKCS7 signed data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src,
- const char *m, int level)
-{
- SECAlgorithmID *digAlg; /* digest algorithms */
- SECItem *aCert; /* certificate */
- CERTSignedCrl *aCrl; /* certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* signer information */
- int rv, iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
- }
- }
-
- /* Now for the content */
- rv = secu_PrintPKCS7ContentInfo(out, &(src->contentInfo),
- "Content Information", level + 1);
- if (rv != 0)
- return rv;
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm", level+3);
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-/*
-** secu_PrintPKCS7Enveloped
-** Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
- const char *m, int level)
-{
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-** Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
- SEC_PKCS7SignedAndEnvelopedData *src,
- const char *m, int level)
-{
- SECAlgorithmID *digAlg; /* pointer for digest algorithms */
- SECItem *aCert; /* pointer for certificate */
- CERTSignedCrl *aCrl; /* pointer for certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
- int rv, iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm", level+3);
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-int
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTCrl *c = NULL;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
- do {
- /* Decode CRL */
- c = PORT_ArenaZNew(arena, CERTCrl);
- if (!c)
- break;
-
- rv = SEC_ASN1DecodeItem(arena, c, SEC_ASN1_GET(CERT_CrlTemplate), der);
- if (rv != SECSuccess)
- break;
- SECU_PrintCRLInfo (out, c, m, level);
- } while (0);
- PORT_FreeArena (arena, PR_FALSE);
- return rv;
-}
-
-
-/*
-** secu_PrintPKCS7Encrypted
-** Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
- const char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-** Pretty print a PKCS7 digested data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src,
- const char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- SECU_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm",
- level + 1);
- secu_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
- level + 1);
- SECU_PrintAsHex(out, &src->digest, "Digest", level + 1);
-}
-
-/*
-** secu_PrintPKCS7ContentInfo
-** Takes a SEC_PKCS7ContentInfo type and sends the contents to the
-** appropriate function
-*/
-static int
-secu_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src,
- char *m, int level)
-{
- const char *desc;
- SECOidTag kind;
- int rv;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- level++;
-
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- if (src->contentTypeTag == NULL) {
- desc = "Unknown";
- kind = SEC_OID_PKCS7_DATA;
- } else {
- desc = src->contentTypeTag->desc;
- kind = src->contentTypeTag->offset;
- }
-
- if (src->content.data == NULL) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", desc);
- level++;
- SECU_Indent(out, level); fprintf(out, "<no content>\n");
- return 0;
- }
-
- rv = 0;
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */
- rv = secu_PrintPKCS7Signed(out, src->content.signedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */
- secu_PrintPKCS7Enveloped(out, src->content.envelopedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */
- rv = secu_PrintPKCS7SignedAndEnveloped(out,
- src->content.signedAndEnvelopedData,
- desc, level);
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */
- secu_PrintPKCS7Digested(out, src->content.digestedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */
- secu_PrintPKCS7Encrypted(out, src->content.encryptedData, desc, level);
- break;
-
- default:
- SECU_PrintAsHex(out, src->content.data, desc, level);
- break;
- }
-
- return rv;
-}
-
-/*
-** SECU_PrintPKCS7ContentInfo
-** Decode and print any major PKCS7 data type (up to version 1).
-*/
-int
-SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, int level)
-{
- SEC_PKCS7ContentInfo *cinfo;
- int rv;
-
- cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
- if (cinfo != NULL) {
- /* Send it to recursive parsing and printing module */
- rv = secu_PrintPKCS7ContentInfo(out, cinfo, m, level);
- SEC_PKCS7DestroyContentInfo(cinfo);
- } else {
- rv = -1;
- }
-
- return rv;
-}
-
-/*
-** End of PKCS7 functions
-*/
-
-void
-printFlags(FILE *out, unsigned int flags, int level)
-{
- if ( flags & CERTDB_VALID_PEER ) {
- SECU_Indent(out, level); fprintf(out, "Valid Peer\n");
- }
- if ( flags & CERTDB_TRUSTED ) {
- SECU_Indent(out, level); fprintf(out, "Trusted\n");
- }
- if ( flags & CERTDB_SEND_WARN ) {
- SECU_Indent(out, level); fprintf(out, "Warn When Sending\n");
- }
- if ( flags & CERTDB_VALID_CA ) {
- SECU_Indent(out, level); fprintf(out, "Valid CA\n");
- }
- if ( flags & CERTDB_TRUSTED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Trusted CA\n");
- }
- if ( flags & CERTDB_NS_TRUSTED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Netscape Trusted CA\n");
- }
- if ( flags & CERTDB_USER ) {
- SECU_Indent(out, level); fprintf(out, "User\n");
- }
- if ( flags & CERTDB_TRUSTED_CLIENT_CA ) {
- SECU_Indent(out, level); fprintf(out, "Trusted Client CA\n");
- }
-#ifdef DEBUG
- if ( flags & CERTDB_GOVT_APPROVED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Step-up\n");
- }
-#endif /* DEBUG */
-}
-
-void
-SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_Indent(out, level+1); fprintf(out, "SSL Flags:\n");
- printFlags(out, trust->sslFlags, level+2);
- SECU_Indent(out, level+1); fprintf(out, "Email Flags:\n");
- printFlags(out, trust->emailFlags, level+2);
- SECU_Indent(out, level+1); fprintf(out, "Object Signing Flags:\n");
- printFlags(out, trust->objectSigningFlags, level+2);
-}
-
-int SECU_PrintSignedData(FILE *out, SECItem *der, char *m,
- int level, SECU_PPFunc inner)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTSignedData *sd;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- /* Strip off the signature */
- sd = PORT_ArenaZNew(arena, CERTSignedData);
- if (!sd)
- goto loser;
-
- rv = SEC_ASN1DecodeItem(arena, sd, SEC_ASN1_GET(CERT_SignedDataTemplate),
- der);
- if (rv)
- goto loser;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- rv = (*inner)(out, &sd->data, "Data", level+1);
- if (rv)
- goto loser;
-
- SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm",
- level+1);
- DER_ConvertBitString(&sd->signature);
- SECU_PrintAsHex(out, &sd->signature, "Signature", level+1);
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-
-}
-
-
-#ifdef AIX
-int _OS_SELECT (int nfds, void *readfds, void *writefds,
- void *exceptfds, struct timeval *timeout) {
- return select (nfds,readfds,writefds,exceptfds,timeout);
-}
-#endif
-
-SECItem *
-SECU_GetPBEPassword(void *arg)
-{
- char *p = NULL;
- SECItem *pwitem = NULL;
-
- p = SECU_GetPasswordString(arg,"Password: ");
-
- /* NOTE: This function is obviously unfinished. */
-
- if ( pwitem == NULL ) {
- fprintf(stderr, "Error hashing password\n");
- return NULL;
- }
-
- return pwitem;
-}
-
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd)
-{
- PRBool found;
- PLOptState *optstate;
- PLOptStatus status;
- char *optstring;
- int i, j;
-
- optstring = (char *)malloc(cmd->numCommands + 2*cmd->numOptions);
- j = 0;
-
- for (i=0; i<cmd->numCommands; i++) {
- optstring[j++] = cmd->commands[i].flag;
- }
- for (i=0; i<cmd->numOptions; i++) {
- optstring[j++] = cmd->options[i].flag;
- if (cmd->options[i].needsArg)
- optstring[j++] = ':';
- }
- optstring[j] = '\0';
- optstate = PL_CreateOptState(argc, argv, optstring);
-
- /* Parse command line arguments */
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-
- /* Wasn't really an option, just standalone arg. */
- if (optstate->option == '\0')
- continue;
-
- found = PR_FALSE;
-
- for (i=0; i<cmd->numCommands; i++) {
- if (cmd->commands[i].flag == optstate->option) {
- cmd->commands[i].activated = PR_TRUE;
- if (optstate->value) {
- cmd->commands[i].arg = (char *)optstate->value;
- }
- found = PR_TRUE;
- break;
- }
- }
-
- if (found)
- continue;
-
- for (i=0; i<cmd->numOptions; i++) {
- if (cmd->options[i].flag == optstate->option) {
- cmd->options[i].activated = PR_TRUE;
- if (optstate->value) {
- cmd->options[i].arg = (char *)optstate->value;
- }
- found = PR_TRUE;
- break;
- }
- }
-
- if (!found)
- return SECFailure;
- }
- if (status == PL_OPT_BAD)
- return SECFailure;
- return SECSuccess;
-}
-
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum)
-{
- if (optionNum < 0 || optionNum >= cmd->numOptions)
- return NULL;
- if (cmd->options[optionNum].activated)
- return PL_strdup(cmd->options[optionNum].arg);
- else
- return NULL;
-}
-
-static char SECUErrorBuf[64];
-
-char *
-SECU_ErrorStringRaw(int16 err)
-{
- if (err == 0)
- sprintf(SECUErrorBuf, "");
- else if (err == SEC_ERROR_BAD_DATA)
- sprintf(SECUErrorBuf, "Bad data");
- else if (err == SEC_ERROR_BAD_DATABASE)
- sprintf(SECUErrorBuf, "Problem with database");
- else if (err == SEC_ERROR_BAD_DER)
- sprintf(SECUErrorBuf, "Problem with DER");
- else if (err == SEC_ERROR_BAD_KEY)
- sprintf(SECUErrorBuf, "Problem with key");
- else if (err == SEC_ERROR_BAD_PASSWORD)
- sprintf(SECUErrorBuf, "Incorrect password");
- else if (err == SEC_ERROR_BAD_SIGNATURE)
- sprintf(SECUErrorBuf, "Bad signature");
- else if (err == SEC_ERROR_EXPIRED_CERTIFICATE)
- sprintf(SECUErrorBuf, "Expired certificate");
- else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
- sprintf(SECUErrorBuf, "Invalid extension value");
- else if (err == SEC_ERROR_INPUT_LEN)
- sprintf(SECUErrorBuf, "Problem with input length");
- else if (err == SEC_ERROR_INVALID_ALGORITHM)
- sprintf(SECUErrorBuf, "Invalid algorithm");
- else if (err == SEC_ERROR_INVALID_ARGS)
- sprintf(SECUErrorBuf, "Invalid arguments");
- else if (err == SEC_ERROR_INVALID_AVA)
- sprintf(SECUErrorBuf, "Invalid AVA");
- else if (err == SEC_ERROR_INVALID_TIME)
- sprintf(SECUErrorBuf, "Invalid time");
- else if (err == SEC_ERROR_IO)
- sprintf(SECUErrorBuf, "Security I/O error");
- else if (err == SEC_ERROR_LIBRARY_FAILURE)
- sprintf(SECUErrorBuf, "Library failure");
- else if (err == SEC_ERROR_NO_MEMORY)
- sprintf(SECUErrorBuf, "Out of memory");
- else if (err == SEC_ERROR_OLD_CRL)
- sprintf(SECUErrorBuf, "CRL is older than the current one");
- else if (err == SEC_ERROR_OUTPUT_LEN)
- sprintf(SECUErrorBuf, "Problem with output length");
- else if (err == SEC_ERROR_UNKNOWN_ISSUER)
- sprintf(SECUErrorBuf, "Unknown issuer");
- else if (err == SEC_ERROR_UNTRUSTED_CERT)
- sprintf(SECUErrorBuf, "Untrusted certificate");
- else if (err == SEC_ERROR_UNTRUSTED_ISSUER)
- sprintf(SECUErrorBuf, "Untrusted issuer");
- else if (err == SSL_ERROR_BAD_CERTIFICATE)
- sprintf(SECUErrorBuf, "Bad certificate");
- else if (err == SSL_ERROR_BAD_CLIENT)
- sprintf(SECUErrorBuf, "Bad client");
- else if (err == SSL_ERROR_BAD_SERVER)
- sprintf(SECUErrorBuf, "Bad server");
- else if (err == SSL_ERROR_EXPORT_ONLY_SERVER)
- sprintf(SECUErrorBuf, "Export only server");
- else if (err == SSL_ERROR_NO_CERTIFICATE)
- sprintf(SECUErrorBuf, "No certificate");
- else if (err == SSL_ERROR_NO_CYPHER_OVERLAP)
- sprintf(SECUErrorBuf, "No cypher overlap");
- else if (err == SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE)
- sprintf(SECUErrorBuf, "Unsupported certificate type");
- else if (err == SSL_ERROR_UNSUPPORTED_VERSION)
- sprintf(SECUErrorBuf, "Unsupported version");
- else if (err == SSL_ERROR_US_ONLY_SERVER)
- sprintf(SECUErrorBuf, "U.S. only server");
- else if (err == PR_IO_ERROR)
- sprintf(SECUErrorBuf, "I/O error");
-
- else if (err == SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE)
- sprintf (SECUErrorBuf, "Expired Issuer Certificate");
- else if (err == SEC_ERROR_REVOKED_CERTIFICATE)
- sprintf (SECUErrorBuf, "Revoked certificate");
- else if (err == SEC_ERROR_NO_KEY)
- sprintf (SECUErrorBuf, "No private key in database for this cert");
- else if (err == SEC_ERROR_CERT_NOT_VALID)
- sprintf (SECUErrorBuf, "Certificate is not valid");
- else if (err == SEC_ERROR_EXTENSION_NOT_FOUND)
- sprintf (SECUErrorBuf, "Certificate extension was not found");
- else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
- sprintf (SECUErrorBuf, "Certificate extension value invalid");
- else if (err == SEC_ERROR_CA_CERT_INVALID)
- sprintf (SECUErrorBuf, "Issuer certificate is invalid");
- else if (err == SEC_ERROR_CERT_USAGES_INVALID)
- sprintf (SECUErrorBuf, "Certificate usages is invalid");
- else if (err == SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION)
- sprintf (SECUErrorBuf, "Certificate has unknown critical extension");
- else if (err == SEC_ERROR_PKCS7_BAD_SIGNATURE)
- sprintf (SECUErrorBuf, "Bad PKCS7 signature");
- else if (err == SEC_ERROR_INADEQUATE_KEY_USAGE)
- sprintf (SECUErrorBuf, "Certificate not approved for this operation");
- else if (err == SEC_ERROR_INADEQUATE_CERT_TYPE)
- sprintf (SECUErrorBuf, "Certificate not approved for this operation");
-
- return SECUErrorBuf;
-}
-
-char *
-SECU_ErrorString(int16 err)
-{
- char *error_string;
-
- *SECUErrorBuf = 0;
- SECU_ErrorStringRaw (err);
-
- if (*SECUErrorBuf == 0) {
- error_string = SECU_GetString(err);
- if (error_string == NULL || *error_string == '\0')
- sprintf(SECUErrorBuf, "No error string found for %d.", err);
- else
- return error_string;
- }
-
- return SECUErrorBuf;
-}
-
-
-void
-SECU_PrintPRandOSError(char *progName)
-{
- char buffer[513];
- PRInt32 errLen = PR_GetErrorTextLength();
- if (errLen > 0 && errLen < sizeof buffer) {
- PR_GetErrorText(buffer);
- }
- SECU_PrintError(progName, "NSS_Initialize failed");
- if (errLen > 0 && errLen < sizeof buffer) {
- PR_fprintf(PR_STDERR, "\t%s\n", buffer);
- }
-}
diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h
deleted file mode 100644
index 69d9865d3..000000000
--- a/security/nss/cmd/lib/secutil.h
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _SEC_UTIL_H_
-#define _SEC_UTIL_H_
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "prerror.h"
-#include "base64.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secder.h"
-#include <stdio.h>
-
-#define SEC_CT_PRIVATE_KEY "private-key"
-#define SEC_CT_PUBLIC_KEY "public-key"
-#define SEC_CT_CERTIFICATE "certificate"
-#define SEC_CT_CERTIFICATE_REQUEST "certificate-request"
-#define SEC_CT_PKCS7 "pkcs7"
-#define SEC_CT_CRL "crl"
-
-#define NS_CERTREQ_HEADER "-----BEGIN NEW CERTIFICATE REQUEST-----"
-#define NS_CERTREQ_TRAILER "-----END NEW CERTIFICATE REQUEST-----"
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-/* From libsec/pcertdb.c --- it's not declared in sec.h */
-extern SECStatus SEC_AddPermCertificate(CERTCertDBHandle *handle,
- SECItem *derCert, char *nickname, CERTCertTrust *trust);
-
-
-#ifdef SECUTIL_NEW
-typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item,
- char *msg, int level);
-#else
-typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level);
-#endif
-
-typedef struct {
- enum {
- PW_NONE = 0,
- PW_FROMFILE = 1,
- PW_PLAINTEXT = 2
- } source;
- char *data;
-} secuPWData;
-
-/*
-** Change a password on a token, or initialize a token with a password
-** if it does not already have one.
-** Use passwd to send the password in plaintext, pwFile to specify a
-** file containing the password, or NULL for both to prompt the user.
-*/
-SECStatus SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile);
-
-/* These were stolen from the old sec.h... */
-/*
-** Check a password for legitimacy. Passwords must be at least 8
-** characters long and contain one non-alphabetic. Return DSTrue if the
-** password is ok, DSFalse otherwise.
-*/
-extern PRBool SEC_CheckPassword(char *password);
-
-/*
-** Blind check of a password. Complement to SEC_CheckPassword which
-** ignores length and content type, just retuning DSTrue is the password
-** exists, DSFalse if NULL
-*/
-extern PRBool SEC_BlindCheckPassword(char *password);
-
-/*
-** Get a password.
-** First prompt with "msg" on "out", then read the password from "in".
-** The password is then checked using "chkpw".
-*/
-extern char *SEC_GetPassword(FILE *in, FILE *out, char *msg,
- PRBool (*chkpw)(char *));
-
-char *SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-char *SECU_GetPasswordString(void *arg, char *prompt);
-
-/*
-** Write a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to encrypt a password "pw" into a file "fd".
-*/
-extern SECStatus SEC_WriteDongleFile(int fd, char *pw);
-
-/*
-** Get a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to decrypt and return a password from file "fd".
-*/
-extern char *SEC_ReadDongleFile(int fd);
-
-
-/* End stolen headers */
-
-/* Just sticks the two strings together with a / if needed */
-char *SECU_AppendFilenameToDir(char *dir, char *filename);
-
-/* Returns result of getenv("SSL_DIR") or NULL */
-extern char *SECU_DefaultSSLDir(void);
-
-/*
-** Should be called once during initialization to set the default
-** directory for looking for cert.db, key.db, and cert-nameidx.db files
-** Removes trailing '/' in 'base'
-** If 'base' is NULL, defaults to set to .netscape in home directory.
-*/
-extern char *SECU_ConfigDirectory(const char* base);
-
-/*
-** Basic callback function for SSL_GetClientAuthDataHook
-*/
-extern int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* print out an error message */
-extern void SECU_PrintError(char *progName, char *msg, ...);
-
-/* print out a system error message */
-extern void SECU_PrintSystemError(char *progName, char *msg, ...);
-
-/* Return informative error string */
-extern const char * SECU_Strerror(PRErrorCode errNum);
-
-/* Read the contents of a file into a SECItem */
-extern SECStatus SECU_FileToItem(SECItem *dst, PRFileDesc *src);
-extern SECStatus SECU_TextFileToItem(SECItem *dst, PRFileDesc *src);
-
-/* Read in a DER from a file, may be ascii */
-extern SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii);
-
-/* Indent based on "level" */
-extern void SECU_Indent(FILE *out, int level);
-
-/* Print integer value and hex */
-extern void SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level);
-
-/* Print ObjectIdentifier symbolically */
-extern void SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level);
-
-/* Print AlgorithmIdentifier symbolically */
-extern void SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m,
- int level);
-
-/* Print SECItem as hex */
-extern void SECU_PrintAsHex(FILE *out, SECItem *i, const char *m, int level);
-
-/* dump a buffer in hex and ASCII */
-extern void SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len);
-
-/*
- * Format and print the UTC Time "t". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level);
-
-/*
- * Format and print the Generalized Time "t". If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m,
- int level);
-
-/* callback for listing certs through pkcs11 */
-extern SECStatus SECU_PrintCertNickname(CERTCertificate *cert, void *data);
-
-/* Dump all certificate nicknames in a database */
-extern SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc* out,
- PRBool sortByName, PRBool sortByTrust);
-
-/* See if nickname already in database. Return 1 true, 0 false, -1 error */
-int SECU_CheckCertNameExists(CERTCertDBHandle *handle, char *nickname);
-
-/* Dump contents of cert req */
-extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m,
- int level);
-
-/* Dump contents of certificate */
-extern int SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level);
-
-/* print trust flags on a cert */
-extern void SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level);
-
-/* Dump contents of public key */
-extern int SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level);
-
-#ifdef HAVE_EPV_TEMPLATE
-/* Dump contents of private key */
-extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level);
-#endif
-
-/* Print the MD5 and SHA1 fingerprints of a cert */
-extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m,
- int level);
-
-/* Pretty-print any PKCS7 thing */
-extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m,
- int level);
-
-/* Init PKCS11 stuff */
-extern SECStatus SECU_PKCS11Init(PRBool readOnly);
-
-/* Dump contents of signed data */
-extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level,
- SECU_PPFunc inner);
-
-extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level);
-
-extern void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level);
-
-extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
- char *msg, int level);
-
-extern void SECU_PrintName(FILE *out, CERTName *name, char *msg, int level);
-
-#ifdef SECU_GetPassword
-/* Convert a High public Key to a Low public Key */
-extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey);
-#endif
-
-extern SECItem *SECU_GetPBEPassword(void *arg);
-
-extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw);
-extern void SEC_Init(void);
-
-extern char *SECU_SECModDBName(void);
-
-extern void SECU_PrintPRandOSError(char *progName);
-
-/*
- *
- * Utilities for parsing security tools command lines
- *
- */
-
-/* A single command flag */
-typedef struct {
- char flag;
- PRBool needsArg;
- char *arg;
- PRBool activated;
-} secuCommandFlag;
-
-/* A full array of command/option flags */
-typedef struct
-{
- int numCommands;
- int numOptions;
-
- secuCommandFlag *commands;
- secuCommandFlag *options;
-} secuCommand;
-
-/* fill the "arg" and "activated" fields for each flag */
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd);
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum);
-
-/*
- *
- * Error messaging
- *
- */
-
-/* Return informative error string */
-char *SECU_ErrorString(int16 err);
-
-/* Return informative error string. Does not call XP_GetString */
-char *SECU_ErrorStringRaw(int16 err);
-
-void printflags(char *trusts, unsigned int flags);
-
-#ifndef XP_UNIX
-extern int ffs(unsigned int i);
-#endif
-
-#include "secerr.h"
-#include "sslerr.h"
-
-#endif /* _SEC_UTIL_H_ */
diff --git a/security/nss/cmd/makefile.inc b/security/nss/cmd/makefile.inc
deleted file mode 100644
index 029576e7c..000000000
--- a/security/nss/cmd/makefile.inc
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-INCLUDES += \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- -I../include \
- $(NULL)
-
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.a \
- $(DIST)/lib/libxp.a \
- $(DIST)/lib/libnspr21.a \
- $(NULL)
-
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.a \
- $(DIST)/lib/libssl.a \
- $(DIST)/lib/libpkcs7.a \
- $(DIST)/lib/libcert.a \
- $(DIST)/lib/libkey.a \
- $(DIST)/lib/libsecmod.a \
- $(DIST)/lib/libcrypto.a \
- $(DIST)/lib/libsecutil.a \
- $(DIST)/lib/libssl.a \
- $(DIST)/lib/libpkcs7.a \
- $(DIST)/lib/libcert.a \
- $(DIST)/lib/libkey.a \
- $(DIST)/lib/libsecmod.a \
- $(DIST)/lib/libcrypto.a \
- $(DIST)/lib/libsecutil.a \
- $(DIST)/lib/libhash.a \
- $(NULL)
-
-MYLIBDIR= ../lib/$(OBJDIR)
-MYLIB = $(MYLIBDIR)/libsectool.a
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-# this hack is necessary because rules.mk doesn't put anything like $(LIBS)
-# on the link command line (!?!?!?!)
-LDFLAGS += $(EX_LIBS)
-
diff --git a/security/nss/cmd/makefile.win b/security/nss/cmd/makefile.win
deleted file mode 100644
index 5e506590b..000000000
--- a/security/nss/cmd/makefile.win
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-include <$(DEPTH)\config\config.mak>
-
-include <$(DEPTH)\config\rules.mak>
-
-objs: $(OBJS)
-
-programs: $(PROGRAM)
-
-syms:
- @echo "OBJS is $(OBJS)"
- @echo "INCS is $(INCS)"
-
diff --git a/security/nss/cmd/makepqg/Makefile b/security/nss/cmd/makepqg/Makefile
deleted file mode 100644
index 36bf774fb..000000000
--- a/security/nss/cmd/makepqg/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-
diff --git a/security/nss/cmd/makepqg/makefile.win b/security/nss/cmd/makepqg/makefile.win
deleted file mode 100644
index 462448d73..000000000
--- a/security/nss/cmd/makepqg/makefile.win
+++ /dev/null
@@ -1,156 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-PROGRAM = makepqg
-PROGRAM = $(OBJDIR)\$(PROGRAM).exe
-
-include <$(DEPTH)\config\config.mak>
-
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/crypto \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib # brpref32.lib # cert32.lib
-# crypto32.lib # dllcom.lib # editor32.lib
-# edpref32.lib # edtplug.lib # font.lib
-# hash32.lib # htmldg32.lib # img32.lib
-# javart32.lib # jbn3240.lib # jdb3240.lib
-# jmc.lib # jpeg3240.lib # jpw3240.lib
-# jrt3240.lib # js3240.lib # jsd3240.lib
-# key32.lib # libapplet32.lib # libnjs32.lib
-# libnsc32.lib # libreg32.lib # mm3240.lib
-# mnpref32.lib # netcst32.lib # nsdlg32.lib
-# nsldap32.lib # nsldaps32.lib # nsn32.lib
-# pkcs1232.lib # pkcs732.lib # pr3240.lib
-# prefui32.lib # prefuuid.lib # secmod32.lib
-# secnav32.lib # secutl32.lib # softup32.lib
-# sp3240.lib # ssl32.lib # uni3200.lib
-# unicvt32.lib # win32md.lib # winfont.lib
-# xppref32.lib # zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj
-# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp
-# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch
-# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll
-# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj
-# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/makepqg/makepqg.c b/security/nss/cmd/makepqg/makepqg.c
deleted file mode 100644
index 028ef7259..000000000
--- a/security/nss/cmd/makepqg/makepqg.c
+++ /dev/null
@@ -1,290 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "nss.h"
-#include "secutil.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "pk11pqg.h"
-#include "pqgutil.h"
-#include "secrng.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "plgetopt.h"
-
-#define BPB 8 /* bits per byte. */
-
-char *progName;
-
-
-const SEC_ASN1Template seckey_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
- { 0, }
-};
-
-
-
-void
-Usage(void)
-{
- fprintf(stderr, "Usage: %s\n", progName);
- fprintf(stderr,
-"-a Output DER-encoded PQG params, BTOA encoded.\n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-b Output DER-encoded PQG params in binary\n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-r Output P, Q and G in ASCII hexadecimal. \n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-g bits Generate SEED this many bits long.\n"
-);
- exit(-1);
-
-}
-
-int
-outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
- FILE * outFile)
-{
- PRArenaPool * arena = NULL;
- char * PQG;
- SECItem encodedParams;
-
- if (output_raw) {
- SECItem item;
-
- PK11_PQG_GetPrimeFromParams(pqgParams, &item);
- SECU_PrintInteger(outFile, &item, "Prime", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
- SECU_PrintInteger(outFile, &item, "Subprime", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- PK11_PQG_GetBaseFromParams(pqgParams, &item);
- SECU_PrintInteger(outFile, &item, "Base", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- fprintf(outFile, "\n");
- return 0;
- }
-
- encodedParams.data = NULL;
- encodedParams.len = 0;
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
- seckey_PQGParamsTemplate);
- if (output_binary) {
- fwrite(encodedParams.data, encodedParams.len, sizeof(char), outFile);
- printf("\n");
- return 0;
- }
-
- /* must be output ASCII */
- PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);
-
- fprintf(outFile,"%s",PQG);
- printf("\n");
- return 0;
-}
-
-int
-outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
- FILE * outFile)
-{
- if (output_raw) {
- SECItem item;
- unsigned int counter;
-
- PK11_PQG_GetHFromVerify(pqgVerify, &item);
- SECU_PrintInteger(outFile, &item, "h", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
- SECU_PrintInteger(outFile, &item, "SEED", 1);
- fprintf(outFile, " g: %d\n", item.len * BPB);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- counter = PK11_PQG_GetCounterFromVerify(pqgVerify);
- fprintf(outFile, " counter: %d\n", counter);
- fprintf(outFile, "\n");
- return 0;
- }
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- FILE * outFile = NULL;
- PQGParams * pqgParams = NULL;
- PQGVerify * pqgVerify = NULL;
- int keySizeInBits = 1024;
- int j;
- int o;
- int g = 0;
- SECStatus rv = 0;
- SECStatus passed = 0;
- PRBool output_ascii = PR_FALSE;
- PRBool output_binary = PR_FALSE;
- PRBool output_raw = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
-
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "l:abro:g:" );
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
-
- case 'l':
- keySizeInBits = atoi(optstate->value);
- break;
-
- case 'a':
- output_ascii = PR_TRUE;
- break;
-
- case 'b':
- output_binary = PR_TRUE;
- break;
-
- case 'r':
- output_raw = PR_TRUE;
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- rv = -1;
- }
- break;
-
- case 'g':
- g = atoi(optstate->value);
- break;
-
- default:
- case '?':
- Usage();
- break;
-
- }
- }
-
- if (rv != 0) {
- return rv;
- }
-
- /* exactly 1 of these options must be set. */
- if (1 != ((output_ascii != PR_FALSE) +
- (output_binary != PR_FALSE) +
- (output_raw != PR_FALSE))) {
- Usage();
- }
-
- j = PQG_PBITS_TO_INDEX(keySizeInBits);
- if (j < 0) {
- fprintf(stderr, "%s: Illegal prime length, \n"
- "\tacceptable values are between 512 and 1024,\n"
- "\tand divisible by 64\n", progName);
- return -1;
- }
- if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
- fprintf(stderr, "%s: Illegal g bits, \n"
- "\tacceptable values are between 160 and 2040,\n"
- "\tand divisible by 8\n", progName);
- return -1;
- }
-
- if (outFile == NULL) {
- outFile = stdout;
- }
-
-
- NSS_NoDB_Init(NULL);
-
- if (g)
- rv = PK11_PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8),
- &pqgParams, &pqgVerify);
- else
- rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
-
- if (rv != SECSuccess || pqgParams == NULL) {
- fprintf(stderr, "%s: PQG parameter generation failed.\n", progName);
- goto loser;
- }
- fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
-
- o = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
- o = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
-
- rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName);
- goto loser;
- }
- if (passed != SECSuccess) {
- fprintf(stderr, "%s: PQG parameters failed verification.\n", progName);
- goto loser;
- }
- fprintf(stderr, "%s: PQG parameters passed verification.\n", progName);
-
- PK11_PQG_DestroyParams(pqgParams);
- PK11_PQG_DestroyVerify(pqgVerify);
- return 0;
-
-loser:
- PK11_PQG_DestroyParams(pqgParams);
- PK11_PQG_DestroyVerify(pqgVerify);
- return 1;
-}
diff --git a/security/nss/cmd/makepqg/manifest.mn b/security/nss/cmd/makepqg/manifest.mn
deleted file mode 100644
index 328797094..000000000
--- a/security/nss/cmd/makepqg/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = nss seccmd dbm
-
-# DIRS =
-
-CSRCS = makepqg.c
-
-PROGRAM = makepqg
-
-#USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/makepqg/testit.ksh b/security/nss/cmd/makepqg/testit.ksh
deleted file mode 100644
index 98cb7fa9d..000000000
--- a/security/nss/cmd/makepqg/testit.ksh
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-COUNTER=75
-while [ $COUNTER -ge "1" ]
-do
- COUNTER=$(eval expr $COUNTER - 1)
- echo $COUNTER
- */makepqg.exe -r -l 640 -g 160 || exit 1
-done
-
diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn
deleted file mode 100644
index 13289a7d3..000000000
--- a/security/nss/cmd/manifest.mn
+++ /dev/null
@@ -1,90 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH = ../..
-# MODULE = seccmd
-
-REQUIRES = nss nspr libdbm
-
-DIRS = lib \
- zlib \
- atob \
- bltest \
- btoa \
- certcgi \
- certutil \
- checkcert \
- crlutil \
- dbtest \
- derdump \
- digest \
- makepqg \
- ocspclnt \
- oidcalc \
- p7content \
- p7env \
- p7sign \
- p7verify \
- pk12util \
- pp \
- rngtest \
- rsaperf \
- sdrtest \
- selfserv \
- signtool \
- signver \
- shlibsign \
- smimetools \
- SSLsample \
- ssltap \
- strsclnt \
- swfort \
- tstclnt \
- vfyserv \
- modutil \
- $(NULL)
-
-TEMPORARILY_DONT_BUILD = \
- $(NULL)
-
-# rsaperf \
-#
-# needs to look at what needs to happen to make jar build in
-# the binary release environment.
-#
-# perror requires lib/strerror.c which requires the client code installed
-# to build (requires allxpstr.h)
-#
-DONT_BULD = jar \
- perror \
-$(NULL)
diff --git a/security/nss/cmd/modutil/Makefile b/security/nss/cmd/modutil/Makefile
deleted file mode 100644
index 3d2bbb412..000000000
--- a/security/nss/cmd/modutil/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-#
-# Cancel the built-in implicit yacc and lex rules.
-#
-
-%.c: %.y
-%.c: %.l
diff --git a/security/nss/cmd/modutil/README b/security/nss/cmd/modutil/README
deleted file mode 100644
index 12d192c9f..000000000
--- a/security/nss/cmd/modutil/README
+++ /dev/null
@@ -1,7 +0,0 @@
- CRYPTOGRAPHIC MODULE UTILITY (modutil)
- VERSION 1.0
- ===============================================
-
-The file specification.html documentats the software.
-
-The file pk11jar.html documents the PKCS #11 JAR format.
diff --git a/security/nss/cmd/modutil/config.mk b/security/nss/cmd/modutil/config.mk
deleted file mode 100644
index 9f0cdf1e4..000000000
--- a/security/nss/cmd/modutil/config.mk
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = \
- $(DYNAMIC_LIB_PATH) \
- $(LDOPTS) \
- $(LIBSECTOOLS) \
- $(LIBSECMOD) \
- $(LIBHASH) \
- $(LIBCERT) \
- $(LIBKEY) \
- $(LIBCRYPTO) \
- $(LIBSECUTIL) \
- $(LIBDBM) \
- $(LIBPLC3) \
- $(LIBPLDS3) \
- $(LIBPR3) \
- $(DLLSYSTEM) \
- $(LIBJAR) \
- $(LIBZLIB) \
- $(LIBPKCS7) \
- $(LIBPLC3)
-
-# Strip out the symbols
-ifdef BUILD_OPT
- ifneq (,$(filter-out WIN%,$(OS_TARGET)))
- LDFLAGS += -s
- endif
-endif
-
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- PACKAGE_FILES = license.txt README.TXT specification.html pk11jar.html modutil.exe
-else
- PACKAGE_FILES = license.doc README specification.html pk11jar.html modutil
-endif
-
-ARCHIVE_NAME = modutil_$(OS_TARGET)$(OS_RELEASE)
diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h
deleted file mode 100644
index 560e317db..000000000
--- a/security/nss/cmd/modutil/error.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef MODUTIL_ERROR_H
-#define MODUTIL_ERROR_H
-
-typedef enum {
- NO_ERR=0,
- INVALID_USAGE_ERR,
- UNEXPECTED_ARG_ERR,
- UNKNOWN_OPTION_ERR,
- MULTIPLE_COMMAND_ERR,
- OPTION_NEEDS_ARG_ERR,
- DUPLICATE_OPTION_ERR,
- MISSING_PARAM_ERR,
- INVALID_FIPS_ARG,
- NO_COMMAND_ERR,
- NO_DBDIR_ERR,
- FIPS_SWITCH_FAILED_ERR,
- FIPS_ALREADY_ON_ERR,
- FIPS_ALREADY_OFF_ERR,
- FILE_ALREADY_EXISTS_ERR,
- FILE_DOESNT_EXIST_ERR,
- FILE_NOT_READABLE_ERR,
- FILE_NOT_WRITEABLE_ERR,
- DIR_DOESNT_EXIST_ERR,
- DIR_NOT_READABLE_ERR,
- DIR_NOT_WRITEABLE_ERR,
- INVALID_CONSTANT_ERR,
- ADD_MODULE_FAILED_ERR,
- ADD_MODULE_FAILED_STATUS_ERR,
- OUT_OF_MEM_ERR,
- DELETE_INTERNAL_ERR,
- DELETE_FAILED_ERR,
- NO_LIST_LOCK_ERR,
- NO_MODULE_LIST_ERR,
- NO_SUCH_MODULE_ERR,
- MOD_INFO_ERR,
- SLOT_INFO_ERR,
- TOKEN_INFO_ERR,
- NO_SUCH_TOKEN_ERR,
- CHANGEPW_FAILED_ERR,
- BAD_PW_ERR,
- DB_ACCESS_ERR,
- AUTHENTICATION_FAILED_ERR,
- NO_SUCH_SLOT_ERR,
- ENABLE_FAILED_ERR,
- UPDATE_MOD_FAILED_ERR,
- DEFAULT_FAILED_ERR,
- UNDEFAULT_FAILED_ERR,
- STDIN_READ_ERR,
- UNSPECIFIED_ERR,
- NOCERTDB_MISUSE_ERR,
- NSS_INITIALIZE_FAILED_ERR,
-
- LAST_ERR /* must be last */
-} Error;
-#define SUCCESS NO_ERR
-
-/* !!! Should move this into its own .c and un-static it. */
-static char *errStrings[] = {
- "Operation completed successfully.\n",
- "ERROR: Invalid command line.\n",
- "ERROR: Not expecting argument \"%s\".\n",
- "ERROR: Unknown option: %s.\n",
- "ERROR: %s: multiple commands are not allowed on the command line.\n",
- "ERROR: %s: option needs an argument.\n",
- "ERROR: %s: option cannot be given more than once.\n",
- "ERROR: Command \"%s\" requires parameter \"%s\".\n",
- "ERROR: Argument to -fips must be \"true\" or \"false\".\n",
- "ERROR: No command was specified.\n",
- "ERROR: Cannot determine database directory: use the -dbdir option.\n",
- "ERROR: Unable to switch FIPS modes.\n",
- "FIPS mode already enabled.\n",
- "FIPS mode already disabled.\n",
- "ERROR: File \"%s\" already exists.\n",
- "ERROR: File \"%s\" does not exist.\n",
- "ERROR: File \"%s\" is not readable.\n",
- "ERROR: File \"%s\" is not writeable.\n",
- "ERROR: Directory \"%s\" does not exist.\n",
- "ERROR: Directory \"%s\" is not readable.\n",
- "ERROR: Directory \"%s\" is not writeable.\n",
- "\"%s\" is not a recognized value.\n",
- "ERROR: Failed to add module \"%s\".\n",
- "ERROR: Failed to add module \"%s\". Probable cause : \"%s\".\n",
- "ERROR: Out of memory.\n",
- "ERROR: Cannot delete internal module.\n",
- "ERROR: Failed to delete module \"%s\".\n",
- "ERROR: Unable to obtain lock on module list.\n",
- "ERROR: Unable to obtain module list.\n",
- "ERROR: Module \"%s\" not found in database.\n",
- "ERROR: Unable to get information about module \"%s\".\n",
- "ERROR: Unable to get information about slot \"%s\".\n",
- "ERROR: Unable to get information about token \"%s\".\n",
- "ERROR: Token \"%s\" not found.\n",
- "ERROR: Unable to change password on token \"%s\".\n",
- "ERROR: Incorrect password.\n",
- "ERROR: Unable to access database \"%s\".\n",
- "ERROR: Unable to authenticate to token \"%s\".\n",
- "ERROR: Slot \"%s\" not found.\n",
- "ERROR: Failed to %s slot \"%s\".\n",
- "ERROR: Failed to update module \"%s\".\n",
- "ERROR: Failed to change defaults.\n",
- "ERROR: Failed to change default.\n",
- "ERROR: Unable to read from standard input.\n",
- "ERROR: Unknown error occurred.\n",
- "ERROR: -nocertdb option can only be used with the -jar command.\n"
- "ERROR: NSS_Initialize() failed.\n"
-};
-
-typedef enum {
- FIPS_ENABLED_MSG=0,
- FIPS_DISABLED_MSG,
- USING_DBDIR_MSG,
- CREATING_DB_MSG,
- ADD_MODULE_SUCCESS_MSG,
- DELETE_SUCCESS_MSG,
- CHANGEPW_SUCCESS_MSG,
- BAD_PW_MSG,
- PW_MATCH_MSG,
- DONE_MSG,
- ENABLE_SUCCESS_MSG,
- DEFAULT_SUCCESS_MSG,
- UNDEFAULT_SUCCESS_MSG,
- BROWSER_RUNNING_MSG,
- ABORTING_MSG,
-
- LAST_MSG /* must be last */
-} Message;
-
-static char *msgStrings[] = {
- "FIPS mode enabled.\n",
- "FIPS mode disabled.\n",
- "Using database directory %s...\n",
- "Creating \"%s\"...",
- "Module \"%s\" added to database.\n",
- "Module \"%s\" deleted from database.\n",
- "Token \"%s\" password changed successfully.\n",
- "Incorrect password, try again...\n",
- "Passwords do not match, try again...\n",
- "done.\n",
- "Slot \"%s\" %s.\n",
- "Successfully changed defaults.\n",
- "Successfully changed defaults.\n",
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit browser before continuing this operation. Type "
-"\n'q <enter>' to abort, or <enter> to continue: ",
- "\nAborting...\n"
-};
-
-#endif /* MODUTIL_ERROR_H */
diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c
deleted file mode 100644
index e6b90ded3..000000000
--- a/security/nss/cmd/modutil/install-ds.c
+++ /dev/null
@@ -1,1541 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "install-ds.h"
-#include <prmem.h>
-#include <plstr.h>
-#include <prprf.h>
-#include <string.h>
-
-#define PORT_Strcasecmp PL_strcasecmp
-
-#define MODULE_FILE_STRING "ModuleFile"
-#define MODULE_NAME_STRING "ModuleName"
-#define MECH_FLAGS_STRING "DefaultMechanismFlags"
-#define CIPHER_FLAGS_STRING "DefaultCipherFlags"
-#define FILES_STRING "Files"
-#define FORWARD_COMPATIBLE_STRING "ForwardCompatible"
-#define PLATFORMS_STRING "Platforms"
-#define RELATIVE_DIR_STRING "RelativePath"
-#define ABSOLUTE_DIR_STRING "AbsolutePath"
-#define FILE_PERMISSIONS_STRING "FilePermissions"
-#define EQUIVALENT_PLATFORM_STRING "EquivalentPlatform"
-#define EXECUTABLE_STRING "Executable"
-
-#define DEFAULT_PERMISSIONS 0777
-
-#define PLATFORM_SEPARATOR_CHAR ':'
-
-/* Error codes */
-enum {
- BOGUS_RELATIVE_DIR=0,
- BOGUS_ABSOLUTE_DIR,
- BOGUS_FILE_PERMISSIONS,
- NO_RELATIVE_DIR,
- NO_ABSOLUTE_DIR,
- EMPTY_PLATFORM_STRING,
- BOGUS_PLATFORM_STRING,
- REPEAT_MODULE_FILE,
- REPEAT_MODULE_NAME,
- BOGUS_MODULE_FILE,
- BOGUS_MODULE_NAME,
- REPEAT_MECH,
- BOGUS_MECH_FLAGS,
- REPEAT_CIPHER,
- BOGUS_CIPHER_FLAGS,
- REPEAT_FILES,
- REPEAT_EQUIV,
- BOGUS_EQUIV,
- EQUIV_TOO_MUCH_INFO,
- NO_FILES,
- NO_MODULE_FILE,
- NO_MODULE_NAME,
- NO_PLATFORMS,
- EQUIV_LOOP,
- UNKNOWN_MODULE_FILE
-};
-
-/* Indexed by the above error codes */
-static const char *errString[] = {
- "%s: Invalid relative directory",
- "%s: Invalid absolute directory",
- "%s: Invalid file permissions",
- "%s: No relative directory specified",
- "%s: No absolute directory specified",
- "Empty string given for platform name",
- "%s: invalid platform string",
- "More than one ModuleFile entry given for platform %s",
- "More than one ModuleName entry given for platform %s",
- "Invalid ModuleFile specification for platform %s",
- "Invalid ModuleName specification for platform %s",
- "More than one DefaultMechanismFlags entry given for platform %s",
- "Invalid DefaultMechanismFlags specification for platform %s",
- "More than one DefaultCipherFlags entry given for platform %s",
- "Invalid DefaultCipherFlags entry given for platform %s",
- "More than one Files entry given for platform %s",
- "More than one EquivalentPlatform entry given for platform %s",
- "Invalid EquivalentPlatform specification for platform %s",
- "Module %s uses an EquivalentPlatform but also specifies its own"
- " information",
- "No Files specification in module %s",
- "No ModuleFile specification in module %s",
- "No ModuleName specification in module %s",
- "No Platforms specification in installer script",
- "Platform %s has an equivalency loop",
- "Module file \"%s\" in platform \"%s\" does not exist"
-};
-
-static char* PR_Strdup(const char* str);
-
-#define PAD(x) {int i; for(i=0;i<x;i++) printf(" ");}
-#define PADINC 4
-
-Pk11Install_File*
-Pk11Install_File_new()
-{
- Pk11Install_File* new_this;
- new_this = (Pk11Install_File*)PR_Malloc(sizeof(Pk11Install_File));
- Pk11Install_File_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_File_init(Pk11Install_File* _this)
-{
- _this->jarPath=NULL;
- _this->relativePath=NULL;
- _this->absolutePath=NULL;
- _this->executable=PR_FALSE;
- _this->permissions=0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_File
-// Class: Pk11Install_File
-// Notes: Destructor.
-*/
-void
-Pk11Install_File_delete(Pk11Install_File* _this)
-{
- Pk11Install_File_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_File
-*/
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this)
-{
- if(_this->jarPath) {
- PR_Free(_this->jarPath);
- _this->jarPath = NULL;
- }
- if(_this->relativePath) {
- PR_Free(_this->relativePath);
- _this->relativePath = NULL;
- }
- if(_this->absolutePath) {
- PR_Free(_this->absolutePath);
- _this->absolutePath = NULL;
- }
-
- _this->permissions = 0;
- _this->executable = PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_File
-// Notes: Creates a file data structure from a syntax tree.
-// Returns: NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
- const Pk11Install_Pair *pair)
-{
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Pair *subpair;
- Pk11Install_ListIter *subiter;
- Pk11Install_Value *subval;
- char* errStr;
- char *endp;
- PRBool gotPerms;
-
- iter=NULL;
- subiter=NULL;
- errStr=NULL;
- gotPerms=PR_FALSE;
-
- /* Clear out old values */
- Pk11Install_File_Cleanup(_this);
-
- _this->jarPath = PR_Strdup(pair->key);
-
- /* Go through all the pairs under this file heading */
- iter = Pk11Install_ListIter_new(pair->list);
- for( ; (val = iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type == PAIR_VALUE) {
- subpair = val->pair;
-
- /* Relative directory */
- if(!PORT_Strcasecmp(subpair->key, RELATIVE_DIR_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_RELATIVE_DIR],
- _this->jarPath);
- goto loser;
- }
- _this->relativePath = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
-
- /* Absolute directory */
- } else if( !PORT_Strcasecmp(subpair->key, ABSOLUTE_DIR_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_ABSOLUTE_DIR],
- _this->jarPath);
- goto loser;
- }
- _this->absolutePath = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
-
- /* file permissions */
- } else if( !PORT_Strcasecmp(subpair->key,
- FILE_PERMISSIONS_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
- _this->jarPath);
- goto loser;
- }
- _this->permissions = (int) strtol(subval->string, &endp, 8);
- if(*endp != '\0' || subval->string == "\0") {
- errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
- _this->jarPath);
- goto loser;
- }
- gotPerms = PR_TRUE;
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
- }
- } else {
- if(!PORT_Strcasecmp(val->string, EXECUTABLE_STRING)) {
- _this->executable = PR_TRUE;
- }
- }
- }
-
- /* Default permission value */
- if(!gotPerms) {
- _this->permissions = DEFAULT_PERMISSIONS;
- }
-
- /* Make sure we got all the information */
- if(!_this->relativePath && !_this->absolutePath) {
- errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
- goto loser;
- }
-#if 0
- if(!_this->relativePath ) {
- errStr = PR_smprintf(errString[NO_RELATIVE_DIR], _this->jarPath);
- goto loser;
- }
- if(!_this->absolutePath) {
- errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
- goto loser;
- }
-#endif
-
-loser:
- if(iter) {
- Pk11Install_ListIter_delete(iter);
- PR_Free(iter);
- }
- if(subiter) {
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_File
-*/
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad)
-{
- PAD(pad); printf("jarPath: %s\n",
- _this->jarPath ? _this->jarPath : "<NULL>");
- PAD(pad); printf("relativePath: %s\n",
- _this->relativePath ? _this->relativePath: "<NULL>");
- PAD(pad); printf("absolutePath: %s\n",
- _this->absolutePath ? _this->absolutePath: "<NULL>");
- PAD(pad); printf("permissions: %o\n", _this->permissions);
-}
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new()
-{
- Pk11Install_PlatformName* new_this;
- new_this = (Pk11Install_PlatformName*)
- PR_Malloc(sizeof(Pk11Install_PlatformName));
- Pk11Install_PlatformName_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this)
-{
- _this->OS = NULL;
- _this->verString = NULL;
- _this->numDigits = 0;
- _this->arch = NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_PlatformName
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this)
-{
- Pk11Install_PlatformName_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this)
-{
- if(_this->OS) {
- PR_Free(_this->OS);
- _this->OS = NULL;
- }
- if(_this->verString) {
- int i;
- for (i=0; i<_this->numDigits; i++) {
- PR_Free(_this->verString[i]);
- }
- PR_Free(_this->verString);
- _this->verString = NULL;
- }
- if(_this->arch) {
- PR_Free(_this->arch);
- _this->arch = NULL;
- }
- _this->numDigits = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_PlatformName
-// Notes: Extracts the information from a platform string.
-*/
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
- const char *str)
-{
- char *errStr;
- char *copy;
- char *end, *start; /* start and end of a section (OS, version, arch)*/
- char *pend, *pstart; /* start and end of one portion of version*/
- char *endp; /* used by strtol*/
- int periods, i;
-
- errStr=NULL;
- copy=NULL;
-
- if(!str) {
- errStr = PR_smprintf(errString[EMPTY_PLATFORM_STRING]);
- goto loser;
- }
- copy = PR_Strdup(str);
-
- /*
- // Get the OS
- */
- end = strchr(copy, PLATFORM_SEPARATOR_CHAR);
- if(!end || end==copy) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *end = '\0';
-
- _this->OS = PR_Strdup(copy);
-
- /*
- // Get the digits of the version of form: x.x.x (arbitrary number of digits)
- */
-
- start = end+1;
- end = strchr(start, PLATFORM_SEPARATOR_CHAR);
- if(!end) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *end = '\0';
-
- if(end!=start) {
- /* Find out how many periods*/
- periods = 0;
- pstart = start;
- while( (pend=strchr(pstart, '.')) ) {
- periods++;
- pstart = pend+1;
- }
- _this->numDigits= 1+ periods;
- _this->verString = (char**)PR_Malloc(sizeof(char*)*_this->numDigits);
-
- pstart = start;
- i = 0;
- /* Get the digits before each period*/
- while( (pend=strchr(pstart, '.')) ) {
- if(pend == pstart) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *pend = '\0';
- _this->verString[i] = PR_Strdup(pstart);
- endp = pend;
- if(endp==pstart || (*endp != '\0')) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- pstart = pend+1;
- i++;
- }
- /* Last digit comes after the last period*/
- if(*pstart == '\0') {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- _this->verString[i] = PR_Strdup(pstart);
- /*
- if(endp==pstart || (*endp != '\0')) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- */
- } else {
- _this->verString = NULL;
- _this->numDigits = 0;
- }
-
- /*
- // Get the architecture
- */
- start = end+1;
- if( strchr(start, PLATFORM_SEPARATOR_CHAR) ) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- _this->arch = PR_Strdup(start);
-
- if(copy) {
- PR_Free(copy);
- }
- return NULL;
-loser:
- if(_this->OS) {
- PR_Free(_this->OS);
- _this->OS = NULL;
- }
- if(_this->verString) {
- for (i=0; i<_this->numDigits; i++) {
- PR_Free(_this->verString[i]);
- }
- PR_Free(_this->verString);
- _this->verString = NULL;
- }
- _this->numDigits = 0;
- if(_this->arch) {
- PR_Free(_this->arch);
- _this->arch = NULL;
- }
-
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator ==
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS, arch, and version
-*/
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- int i;
-
- if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
- return PR_FALSE;
- }
-
- if( PORT_Strcasecmp(_this->OS, cmp->OS) ||
- PORT_Strcasecmp(_this->arch, cmp->arch) ||
- _this->numDigits != cmp->numDigits ) {
- return PR_FALSE;
- }
-
- for(i=0; i < _this->numDigits; i++) {
- if(PORT_Strcasecmp(_this->verString[i], cmp->verString[i])) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator <=
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS and arch and a lower
-// or equal release.
-*/
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- return (Pk11Install_PlatformName_equal(_this,cmp) ||
- Pk11Install_PlatformName_lt(_this,cmp)) ? PR_TRUE : PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator <
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS and arch and a greater
-// release.
-*/
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- int i, scmp;
-
- if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
- return PR_FALSE;
- }
-
- if( PORT_Strcasecmp(_this->OS, cmp->OS) ) {
- return PR_FALSE;
- }
- if( PORT_Strcasecmp(_this->arch, cmp->arch) ) {
- return PR_FALSE;
- }
-
- for(i=0; (i < _this->numDigits) && (i < cmp->numDigits); i++) {
- scmp = PORT_Strcasecmp(_this->verString[i], cmp->verString[i]);
- if (scmp > 0) {
- return PR_FALSE;
- } else if (scmp < 0) {
- return PR_TRUE;
- }
- }
- /* All the digits they have in common are the same. */
- if(_this->numDigits < cmp->numDigits) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetString
-// Class: Pk11Install_PlatformName
-// Returns: String composed of OS, release, and architecture separated
-// by the separator char. Memory is allocated by this function
-// but is the responsibility of the caller to de-allocate.
-*/
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this)
-{
- char *ret;
- char *ver;
- char *OS_;
- char *arch_;
-
- OS_=NULL;
- arch_=NULL;
-
- OS_ = _this->OS ? _this->OS : "";
- arch_ = _this->arch ? _this->arch : "";
-
- ver = Pk11Install_PlatformName_GetVerString(_this);
- ret = PR_smprintf("%s%c%s%c%s", OS_, PLATFORM_SEPARATOR_CHAR, ver,
- PLATFORM_SEPARATOR_CHAR, arch_);
-
- PR_Free(ver);
-
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetVerString
-// Class: Pk11Install_PlatformName
-// Returns: The version string for this platform, in the form x.x.x with an
-// arbitrary number of digits. Memory allocated by function,
-// must be de-allocated by caller.
-*/
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this)
-{
- char *tmp;
- char *ret;
- int i;
- char buf[80];
-
- tmp = (char*)PR_Malloc(80*_this->numDigits+1);
- tmp[0] = '\0';
-
- for(i=0; i < _this->numDigits-1; i++) {
- sprintf(buf, "%s.", _this->verString[i]);
- strcat(tmp, buf);
- }
- if(i < _this->numDigits) {
- sprintf(buf, "%s", _this->verString[i]);
- strcat(tmp, buf);
- }
-
- ret = PR_Strdup(tmp);
- free(tmp);
-
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad)
-{
- PAD(pad); printf("OS: %s\n", _this->OS ? _this->OS : "<NULL>");
- PAD(pad); printf("Digits: ");
- if(_this->numDigits == 0) {
- printf("None\n");
- } else {
- printf("%s\n", Pk11Install_PlatformName_GetVerString(_this));
- }
- PAD(pad); printf("arch: %s\n", _this->arch ? _this->arch : "<NULL>");
-}
-
-Pk11Install_Platform*
-Pk11Install_Platform_new()
-{
- Pk11Install_Platform* new_this;
- new_this = (Pk11Install_Platform*)PR_Malloc(sizeof(Pk11Install_Platform));
- Pk11Install_Platform_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this)
-{
- Pk11Install_PlatformName_init(&_this->name);
- Pk11Install_PlatformName_init(&_this->equivName);
- _this->equiv = NULL;
- _this->usesEquiv = PR_FALSE;
- _this->moduleFile = NULL;
- _this->moduleName = NULL;
- _this->modFile = -1;
- _this->mechFlags = 0;
- _this->cipherFlags = 0;
- _this->files = NULL;
- _this->numFiles = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_Platform
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this)
-{
- Pk11Install_Platform_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this)
-{
- int i;
- if(_this->moduleFile) {
- PR_Free(_this->moduleFile);
- _this->moduleFile = NULL;
- }
- if(_this->moduleName) {
- PR_Free(_this->moduleName);
- _this->moduleName = NULL;
- }
- if(_this->files) {
- for (i=0;i<_this->numFiles;i++) {
- Pk11Install_File_delete(&_this->files[i]);
- }
- PR_Free(_this->files);
- _this->files = NULL;
- }
- _this->equiv = NULL;
- _this->usesEquiv = PR_FALSE;
- _this->modFile = -1;
- _this->numFiles = 0;
- _this->mechFlags = _this->cipherFlags = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_Platform
-// Notes: Creates a platform data structure from a syntax tree.
-// Returns: NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
- const Pk11Install_Pair *pair)
-{
- char* errStr;
- char* endptr;
- char* tmp;
- int i;
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Value *subval;
- Pk11Install_Pair *subpair;
- Pk11Install_ListIter *subiter;
- PRBool gotModuleFile, gotModuleName, gotMech,
- gotCipher, gotFiles, gotEquiv;
-
- errStr=NULL;
- iter=subiter=NULL;
- val=subval=NULL;
- subpair=NULL;
- gotModuleFile=gotModuleName=gotMech=gotCipher=gotFiles=gotEquiv=PR_FALSE;
- Pk11Install_Platform_Cleanup(_this);
-
- errStr = Pk11Install_PlatformName_Generate(&_this->name,pair->key);
- if(errStr) {
- tmp = PR_smprintf("%s: %s", pair->key, errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
-
- iter = Pk11Install_ListIter_new(pair->list);
- for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type==PAIR_VALUE) {
- subpair = val->pair;
-
- if( !PORT_Strcasecmp(subpair->key, MODULE_FILE_STRING)) {
- if(gotModuleFile) {
- errStr = PR_smprintf(errString[REPEAT_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->moduleFile = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- gotModuleFile = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, MODULE_NAME_STRING)){
- if(gotModuleName) {
- errStr = PR_smprintf(errString[REPEAT_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->moduleName = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- gotModuleName = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, MECH_FLAGS_STRING)) {
- endptr=NULL;
-
- if(gotMech) {
- errStr = PR_smprintf(errString[REPEAT_MECH],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->mechFlags = strtol(subval->string, &endptr, 0);
- if(*endptr!='\0' || (endptr==subval->string) ) {
- errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter=NULL;
- gotMech = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key,CIPHER_FLAGS_STRING)) {
- endptr=NULL;
-
- if(gotCipher) {
- errStr = PR_smprintf(errString[REPEAT_CIPHER],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->cipherFlags = strtol(subval->string, &endptr, 0);
- if(*endptr!='\0' || (endptr==subval->string) ) {
- errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter=NULL;
- gotCipher = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, FILES_STRING)) {
- if(gotFiles) {
- errStr = PR_smprintf(errString[REPEAT_FILES],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- _this->numFiles = subpair->list->numPairs;
- _this->files = (Pk11Install_File*)
- PR_Malloc(sizeof(Pk11Install_File)*_this->numFiles);
- for(i=0; i < _this->numFiles; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- Pk11Install_File_init(&_this->files[i]);
- val = subiter->current;
- if(val && (val->type==PAIR_VALUE)) {
- errStr = Pk11Install_File_Generate(&_this->files[i],val->pair);
- if(errStr) {
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name),errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
- }
- }
- gotFiles = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key,
- EQUIVALENT_PLATFORM_STRING)) {
- if(gotEquiv) {
- errStr = PR_smprintf(errString[REPEAT_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE) ) {
- errStr = PR_smprintf(errString[BOGUS_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- errStr = Pk11Install_PlatformName_Generate(&_this->equivName,
- subval->string);
- if(errStr) {
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name), errStr);
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name), errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
- _this->usesEquiv = PR_TRUE;
- }
- }
- }
-
- /* Make sure we either have an EquivalentPlatform or all the other info */
- if(_this->usesEquiv &&
- (gotFiles || gotModuleFile || gotModuleName || gotMech || gotCipher)) {
- errStr = PR_smprintf(errString[EQUIV_TOO_MUCH_INFO],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotFiles && !_this->usesEquiv) {
- errStr = PR_smprintf(errString[NO_FILES],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotModuleFile && !_this->usesEquiv) {
- errStr= PR_smprintf(errString[NO_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotModuleName && !_this->usesEquiv) {
- errStr = PR_smprintf(errString[NO_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
-
- /* Point the modFile pointer to the correct file */
- if(gotModuleFile) {
- for(i=0; i < _this->numFiles; i++) {
- if(!PORT_Strcasecmp(_this->moduleFile, _this->files[i].jarPath) ) {
- _this->modFile = i;
- break;
- }
- }
- if(_this->modFile==-1) {
- errStr = PR_smprintf(errString[UNKNOWN_MODULE_FILE],
- _this->moduleFile,
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- }
-
-loser:
- if(iter) {
- PR_Free(iter);
- }
- if(subiter) {
- PR_Free(subiter);
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad)
-{
- int i;
-
- PAD(pad); printf("Name:\n");
- Pk11Install_PlatformName_Print(&_this->name,pad+PADINC);
- PAD(pad); printf("equivName:\n");
- Pk11Install_PlatformName_Print(&_this->equivName,pad+PADINC);
- PAD(pad);
- if(_this->usesEquiv) {
- printf("Uses equiv, which points to:\n");
- Pk11Install_Platform_Print(_this->equiv,pad+PADINC);
- } else {
- printf("Doesn't use equiv\n");
- }
- PAD(pad);
- printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile
- : "<NULL>");
- PAD(pad); printf("mechFlags: %lx\n", _this->mechFlags);
- PAD(pad); printf("cipherFlags: %lx\n", _this->cipherFlags);
- PAD(pad); printf("Files:\n");
- for(i=0; i < _this->numFiles; i++) {
- Pk11Install_File_Print(&_this->files[i],pad+PADINC);
- PAD(pad); printf("--------------------\n");
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Pk11Install_Info
-// Class: Pk11Install_Info
-*/
-Pk11Install_Info*
-Pk11Install_Info_new()
-{
- Pk11Install_Info* new_this;
- new_this = (Pk11Install_Info*)PR_Malloc(sizeof(Pk11Install_Info));
- Pk11Install_Info_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_Info_init(Pk11Install_Info* _this)
-{
- _this->platforms = NULL;
- _this->numPlatforms = 0;
- _this->forwardCompatible = NULL;
- _this->numForwardCompatible = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_Info
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this)
-{
- Pk11Install_Info_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this)
-{
- int i;
- if(_this->platforms) {
- for (i=0;i<_this->numPlatforms;i++) {
- Pk11Install_Platform_delete(&_this->platforms[i]);
- }
- PR_Free(&_this->platforms);
- _this->platforms = NULL;
- _this->numPlatforms = 0;
- }
-
- if(_this->forwardCompatible) {
- for (i=0;i<_this->numForwardCompatible;i++) {
- Pk11Install_PlatformName_delete(&_this->forwardCompatible[i]);
- }
- PR_Free(&_this->forwardCompatible);
- _this->numForwardCompatible = 0;
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_Info
-// Takes: Pk11Install_ValueList *list, the top-level list
-// resulting from parsing an installer file.
-// Returns: char*, NULL if successful, otherwise an error string.
-// Caller is responsible for freeing memory.
-*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
- const Pk11Install_ValueList *list)
-{
- char *errStr;
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Pair *pair;
- Pk11Install_ListIter *subiter;
- Pk11Install_Value *subval;
- Pk11Install_Platform *first, *second;
- int i, j;
-
- errStr=NULL;
- iter=subiter=NULL;
- Pk11Install_Info_Cleanup(_this);
-
- iter = Pk11Install_ListIter_new(list);
- for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type == PAIR_VALUE) {
- pair = val->pair;
-
- if(!PORT_Strcasecmp(pair->key, FORWARD_COMPATIBLE_STRING)) {
- subiter = Pk11Install_ListIter_new(pair->list);
- _this->numForwardCompatible = pair->list->numStrings;
- _this->forwardCompatible = (Pk11Install_PlatformName*)
- PR_Malloc(sizeof(Pk11Install_PlatformName)*
- _this->numForwardCompatible);
- for(i=0; i < _this->numForwardCompatible; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- subval = subiter->current;
- if(subval->type == STRING_VALUE) {
- errStr = Pk11Install_PlatformName_Generate(
- &_this->forwardCompatible[i], subval->string);
- if(errStr) {
- goto loser;
- }
- }
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- } else if(!PORT_Strcasecmp(pair->key, PLATFORMS_STRING)) {
- subiter = Pk11Install_ListIter_new(pair->list);
- _this->numPlatforms = pair->list->numPairs;
- _this->platforms = (Pk11Install_Platform*)
- PR_Malloc(sizeof(Pk11Install_Platform)*
- _this->numPlatforms);
- for(i=0; i < _this->numPlatforms; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- Pk11Install_Platform_init(&_this->platforms[i]);
- subval = subiter->current;
- if(subval->type == PAIR_VALUE) {
- errStr = Pk11Install_Platform_Generate(&_this->platforms[i],subval->pair);
- if(errStr) {
- goto loser;
- }
- }
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- }
- }
- }
-
- if(_this->numPlatforms == 0) {
- errStr = PR_smprintf(errString[NO_PLATFORMS]);
- goto loser;
- }
-
-/*
- //
- // Now process equivalent platforms
- //
-
- // First the naive pass
-*/
- for(i=0; i < _this->numPlatforms; i++) {
- if(_this->platforms[i].usesEquiv) {
- _this->platforms[i].equiv = NULL;
- for(j=0; j < _this->numPlatforms; j++) {
- if (Pk11Install_PlatformName_equal(&_this->platforms[i].equivName,
- &_this->platforms[j].name)) {
- if(i==j) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- _this->platforms[i].equiv = &_this->platforms[j];
- break;
- }
- }
- if(_this->platforms[i].equiv == NULL) {
- errStr = PR_smprintf(errString[BOGUS_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- }
- }
-
-/*
- // Now the intelligent pass, which will also detect loops.
- // We will send two pointers through the linked list of equivalent
- // platforms. Both start with the current node. "first" traverses
- // two nodes for each iteration. "second" lags behind, only traversing
- // one node per iteration. Eventually one of two things will happen:
- // first will hit the end of the list (a platform that doesn't use
- // an equivalency), or first will equal second if there is a loop.
-*/
- for(i=0; i < _this->numPlatforms; i++) {
- if(_this->platforms[i].usesEquiv) {
- second = _this->platforms[i].equiv;
- if(!second->usesEquiv) {
- /* The first link is the terminal node */
- continue;
- }
- first = second->equiv;
- while(first->usesEquiv) {
- if(first == second) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- first = first->equiv;
- if(!first->usesEquiv) {
- break;
- }
- if(first == second) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- second = second->equiv;
- first = first->equiv;
- }
- _this->platforms[i].equiv = first;
- }
- }
-
-loser:
- if(iter) {
- Pk11Install_ListIter_delete(iter);
- PR_Free(iter);
- iter = NULL;
- }
- if(subiter) {
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetBestPlatform
-// Class: Pk11Install_Info
-// Takes: char *myPlatform, the platform we are currently running
-// on.
-*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char *myPlatform)
-{
- Pk11Install_PlatformName plat;
- char *errStr;
- int i, j;
-
- errStr=NULL;
-
- Pk11Install_PlatformName_init(&plat);
- if( (errStr=Pk11Install_PlatformName_Generate(&plat, myPlatform)) ) {
- PR_smprintf_free(errStr);
- return NULL;
- }
-
- /* First try real platforms */
- for(i=0; i < _this->numPlatforms; i++) {
- if(Pk11Install_PlatformName_equal(&_this->platforms[i].name,&plat)) {
- if(_this->platforms[i].equiv) {
- return _this->platforms[i].equiv;
- }
- else {
- return &_this->platforms[i];
- }
- }
- }
-
- /* Now try forward compatible platforms */
- for(i=0; i < _this->numForwardCompatible; i++) {
- if(Pk11Install_PlatformName_lteq(&_this->forwardCompatible[i],&plat)) {
- break;
- }
- }
- if(i == _this->numForwardCompatible) {
- return NULL;
- }
-
- /* Got a forward compatible name, find the actual platform. */
- for(j=0; j < _this->numPlatforms; j++) {
- if(Pk11Install_PlatformName_equal(&_this->platforms[j].name,
- &_this->forwardCompatible[i])) {
- if(_this->platforms[j].equiv) {
- return _this->platforms[j].equiv;
- } else {
- return &_this->platforms[j];
- }
- }
- }
-
- return NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad)
-{
- int i;
-
- PAD(pad); printf("Forward Compatible:\n");
- for(i = 0; i < _this->numForwardCompatible; i++) {
- Pk11Install_PlatformName_Print(&_this->forwardCompatible[i],pad+PADINC);
- PAD(pad); printf("-------------------\n");
- }
- PAD(pad); printf("Platforms:\n");
- for( i = 0; i < _this->numPlatforms; i++) {
- Pk11Install_Platform_Print(&_this->platforms[i],pad+PADINC);
- PAD(pad); printf("-------------------\n");
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
- char *tmp;
- tmp = (char*) PR_Malloc((unsigned int)(strlen(str)+1));
- strcpy(tmp, str);
- return tmp;
-}
-
-/* The global value list, the top of the tree */
-Pk11Install_ValueList* Pk11Install_valueList=NULL;
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
- Pk11Install_Value *item)
-{
- _this->numItems++;
- if (item->type == STRING_VALUE) {
- _this->numStrings++;
- } else {
- _this->numPairs++;
- }
- item->next = _this->head;
- _this->head = item;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default()
-{
- Pk11Install_ListIter* new_this;
- new_this = (Pk11Install_ListIter*)
- PR_Malloc(sizeof(Pk11Install_ListIter));
- Pk11Install_ListIter_init(new_this);
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this)
-{
- _this->list = NULL;
- _this->current = NULL;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList *_list)
-{
- Pk11Install_ListIter* new_this;
- new_this = (Pk11Install_ListIter*)
- PR_Malloc(sizeof(Pk11Install_ListIter));
- new_this->list = _list;
- new_this->current = _list->head;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this)
-{
- _this->list=NULL;
- _this->current=NULL;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this)
-{
- if(_this->list) {
- _this->current = _this->list->head;
- }
-}
-
-/*************************************************************************/
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this)
-{
- if(_this->current) {
- _this->current = _this->current->next;
- }
-
- return _this->current;
-}
-
-/****************************************************************************/
-Pk11Install_ValueList*
-Pk11Install_ValueList_new()
-{
- Pk11Install_ValueList* new_this;
- new_this = (Pk11Install_ValueList*)
- PR_Malloc(sizeof(Pk11Install_ValueList));
- new_this->numItems = 0;
- new_this->numPairs = 0;
- new_this->numStrings = 0;
- new_this->head = NULL;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this)
-{
-
- Pk11Install_Value *tmp;
- Pk11Install_Value *list;
- list = _this->head;
-
- while(list != NULL) {
- tmp = list;
- list = list->next;
- PR_Free(tmp);
- }
- PR_Free(_this);
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new_default()
-{
- Pk11Install_Value* new_this;
- new_this = (Pk11Install_Value*)PR_Malloc(sizeof(Pk11Install_Value));
- new_this->type = STRING_VALUE;
- new_this->string = NULL;
- new_this->pair = NULL;
- new_this->next = NULL;
- return new_this;
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr)
-{
- Pk11Install_Value* new_this;
- new_this = Pk11Install_Value_new_default();
- new_this->type = _type;
- if(_type == STRING_VALUE) {
- new_this->pair = NULL;
- new_this->string = ptr.string;
- } else {
- new_this->string = NULL;
- new_this->pair = ptr.pair;
- }
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this)
-{
- if(_this->type == STRING_VALUE) {
- PR_Free(_this->string);
- } else {
- PR_Free(_this->pair);
- }
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new_default()
-{
- return Pk11Install_Pair_new(NULL,NULL);
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new(char *_key, Pk11Install_ValueList *_list)
-{
- Pk11Install_Pair* new_this;
- new_this = (Pk11Install_Pair*)PR_Malloc(sizeof(Pk11Install_Pair));
- new_this->key = _key;
- new_this->list = _list;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this)
-{
- PR_Free(_this->key);
- Pk11Install_ValueList_delete(_this->list);
- PR_Free(_this->list);
-}
-
-/*************************************************************************/
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad)
-{
- while (_this) {
- /*PAD(pad); printf("**Pair\n");
- PAD(pad); printf("***Key====\n");*/
- PAD(pad); printf("%s {\n", _this->key);
- /*PAD(pad); printf("====\n");*/
- /*PAD(pad); printf("***ValueList\n");*/
- Pk11Install_ValueList_Print(_this->list,pad+PADINC);
- PAD(pad); printf("}\n");
- }
-}
-
-/*************************************************************************/
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad)
-{
- Pk11Install_Value *v;
-
- /*PAD(pad);printf("**Value List**\n");*/
- for(v = _this->head; v != NULL; v=v->next) {
- Pk11Install_Value_Print(v,pad);
- }
-}
-
-/*************************************************************************/
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad)
-{
- /*PAD(pad); printf("**Value, type=%s\n",
- type==STRING_VALUE ? "string" : "pair");*/
- if(_this->type==STRING_VALUE) {
- /*PAD(pad+PADINC); printf("====\n");*/
- PAD(pad); printf("%s\n", _this->string);
- /*PAD(pad+PADINC); printf("====\n");*/
- } else {
- Pk11Install_Pair_Print(_this->pair,pad+PADINC);
- }
-}
diff --git a/security/nss/cmd/modutil/install-ds.h b/security/nss/cmd/modutil/install-ds.h
deleted file mode 100644
index 2311f0928..000000000
--- a/security/nss/cmd/modutil/install-ds.h
+++ /dev/null
@@ -1,290 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef INSTALL_DS_H
-#define INSTALL_DS_H
-
-#include <stdio.h>
-#include <prio.h>
-#include <prmem.h>
-
-extern PRFileDesc *Pk11Install_FD;
-extern int Pk11Install_yylex();
-extern int Pk11Install_yylinenum;
-extern char *Pk11Install_yyerrstr;
-
-typedef enum { STRING_VALUE, PAIR_VALUE } ValueType;
-
-typedef struct Pk11Install_Pair_str Pk11Install_Pair;
-typedef union Pk11Install_Pointer_str Pk11Install_Pointer;
-typedef struct Pk11Install_Value_str Pk11Install_Value;
-typedef struct Pk11Install_ValueList_str Pk11Install_ValueList;
-typedef struct Pk11Install_ListIter_str Pk11Install_ListIter;
-typedef struct Pk11Install_File_str Pk11Install_File;
-typedef struct Pk11Install_PlatformName_str Pk11Install_PlatformName;
-typedef struct Pk11Install_Platform_str Pk11Install_Platform;
-typedef struct Pk11Install_Info_str Pk11Install_Info;
-
-extern Pk11Install_Pointer Pk11Install_yylval;
-extern Pk11Install_ValueList* Pk11Install_valueList;
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pair
-//////////////////////////////////////////////////////////////////////////
-*/
-
-struct Pk11Install_Pair_str {
- char * key;
- Pk11Install_ValueList *list;
-
-};
-
-Pk11Install_Pair*
-Pk11Install_Pair_new_default();
-Pk11Install_Pair*
-Pk11Install_Pair_new( char* _key, Pk11Install_ValueList* _list);
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this);
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pointer
-//////////////////////////////////////////////////////////////////////////
-*/
-union Pk11Install_Pointer_str {
- Pk11Install_ValueList *list;
- Pk11Install_Value *value;
- Pk11Install_Pair *pair;
- char *string;
-};
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Value
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_Value_str {
-
- ValueType type;
- char *string;
- Pk11Install_Pair *pair;
- struct Pk11Install_Value_str *next;
-};
-
-Pk11Install_Value*
-Pk11Install_Value_new_default();
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr);
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this);
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ValueList
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ValueList_str {
- int numItems;
- int numPairs;
- int numStrings;
- Pk11Install_Value *head;
-};
-
-Pk11Install_ValueList*
-Pk11Install_ValueList_new();
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this);
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
- Pk11Install_Value* item);
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad);
-
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ListIter
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ListIter_str {
- const Pk11Install_ValueList *list;
- Pk11Install_Value *current;
-};
-
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default();
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this);
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList* _list);
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this);
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this);
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this);
-
-/************************************************************************
- *
- * Pk11Install_File
- */
-struct Pk11Install_File_str {
- char *jarPath;
- char *relativePath;
- char *absolutePath;
- PRBool executable;
- int permissions;
-};
-
-Pk11Install_File*
-Pk11Install_File_new();
-void
-Pk11Install_File_init(Pk11Install_File* _this);
-void
-Pk11Install_file_delete(Pk11Install_File* _this);
-/*// Parses a syntax tree to obtain all attributes.
-// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
- const Pk11Install_Pair* pair);
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad);
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this);
-
-/************************************************************************
- *
- * Pk11Install_PlatformName
- */
-struct Pk11Install_PlatformName_str {
- char *OS;
- char **verString;
- int numDigits;
- char *arch;
-};
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new();
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
- const char* str);
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad);
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this);
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-
-/************************************************************************
- *
- * Pk11Install_Platform
- */
-struct Pk11Install_Platform_str {
- Pk11Install_PlatformName name;
- Pk11Install_PlatformName equivName;
- struct Pk11Install_Platform_str *equiv;
- PRBool usesEquiv;
- char *moduleFile;
- char *moduleName;
- int modFile;
- unsigned long mechFlags;
- unsigned long cipherFlags;
- Pk11Install_File *files;
- int numFiles;
-};
-
-Pk11Install_Platform*
-Pk11Install_Platform_new();
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this);
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
- const Pk11Install_Pair *pair);
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad);
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this);
-
-/************************************************************************
- *
- * Pk11Install_Info
- */
-struct Pk11Install_Info_str {
- Pk11Install_Platform *platforms;
- int numPlatforms;
- Pk11Install_PlatformName *forwardCompatible;
- int numForwardCompatible;
-};
-
-Pk11Install_Info*
-Pk11Install_Info_new();
-void
-Pk11Install_Info_init();
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
- const Pk11Install_ValueList *list);
- /*// Returns NULL if there is no matching platform*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char* myPlatform);
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad);
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this);
-
-#endif /* INSTALL_DS_H */
diff --git a/security/nss/cmd/modutil/install.c b/security/nss/cmd/modutil/install.c
deleted file mode 100644
index c6f55be01..000000000
--- a/security/nss/cmd/modutil/install.c
+++ /dev/null
@@ -1,985 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "install.h"
-#include "install-ds.h"
-#include <prlock.h>
-#include <prio.h>
-#include <prmem.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prproces.h>
-
-#ifdef XP_UNIX
-/* for chmod */
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-
-/*extern "C" {*/
-#include <jar.h>
-/*}*/
-
-extern /*"C"*/
-int Pk11Install_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags);
-extern /*"C"*/
-short Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out,
- PRBool query);
-extern /*"C"*/
-const char* mySECU_ErrorString(int16);
-extern
-int Pk11Install_yyparse();
-
-#define INSTALL_METAINFO_TAG "Pkcs11_install_script"
-#define SCRIPT_TEMP_FILE "pkcs11inst.tmp"
-#define ROOT_MARKER "%root%"
-#define TEMP_MARKER "%temp%"
-#define PRINTF_ROOT_MARKER "%%root%%"
-#define TEMPORARY_DIRECTORY_NAME "pk11inst.dir"
-#define JAR_BASE_END (JAR_BASE+100)
-
-static PRLock* errorHandlerLock=NULL;
-static Pk11Install_ErrorHandler errorHandler=NULL;
-static char* PR_Strdup(const char* str);
-static int rm_dash_r (char *path);
-static int make_dirs(char *path, int file_perms);
-static int dir_perms(int perms);
-
-static Pk11Install_Error DoInstall(JAR *jar, const char *installDir,
- const char* tempDir, Pk11Install_Platform *platform,
- PRFileDesc *feedback, PRBool noverify);
-
-static char *errorString[]= {
- "Operation was successful", /* PK11_INSTALL_NO_ERROR */
- "Directory \"%s\" does not exist", /* PK11_INSTALL_DIR_DOESNT_EXIST */
- "File \"%s\" does not exist", /* PK11_INSTALL_FILE_DOESNT_EXIST */
- "File \"%s\" is not readable", /* PK11_INSTALL_FILE_NOT_READABLE */
- "%s", /* PK11_INSTALL_ERROR_STRING */
- "Error in JAR file %s: %s", /* PK11_INSTALL_JAR_ERROR */
- "No Pkcs11_install_script specified in JAR metainfo file",
- /* PK11_INSTALL_NO_INSTALLER_SCRIPT */
- "Could not delete temporary file \"%s\"",
- /*PK11_INSTALL_DELETE_TEMP_FILE */
- "Could not open temporary file \"%s\"", /*PK11_INSTALL_OPEN_SCRIPT_FILE*/
- "%s: %s", /* PK11_INSTALL_SCRIPT_PARSE */
- "Error in script: %s",
- "Unable to obtain system platform information",
- "Installer script has no information about the current platform (%s)",
- "Relative directory \"%s\" does not contain "PRINTF_ROOT_MARKER,
- "Module File \"%s\" not found",
- "Error occurred installing module \"%s\" into database",
- "Error extracting \"%s\" from JAR file: %s",
- "Directory \"%s\" is not writeable",
- "Could not create directory \"%s\"",
- "Could not remove directory \"%s\"",
- "Unable to execute \"%s\"",
- "Unable to wait for process \"%s\"",
- "\"%s\" returned error code %d",
- "User aborted operation",
- "Unspecified error"
-};
-
-enum {
- INSTALLED_FILE_MSG=0,
- INSTALLED_MODULE_MSG,
- INSTALLER_SCRIPT_NAME,
- MY_PLATFORM_IS,
- USING_PLATFORM,
- PARSED_INSTALL_SCRIPT,
- EXEC_FILE_MSG,
- EXEC_SUCCESS,
- INSTALLATION_COMPLETE_MSG,
- USER_ABORT
-};
-
-static char *msgStrings[] = {
- "Installed file %s to %s\n",
- "Installed module \"%s\" into module database\n",
- "Using installer script \"%s\"\n",
- "Current platform is %s\n",
- "Using installation parameters for platform %s\n",
- "Successfully parsed installation script\n",
- "Executing \"%s\"...\n",
- "\"%s\" executed successfully\n",
- "\nInstallation completed successfully\n",
- "\nAborting...\n"
-};
-
-/**************************************************************************
- * S t r i n g N o d e
- */
-typedef struct StringNode_str {
- char *str;
- struct StringNode_str* next;
-} StringNode;
-
-StringNode* StringNode_new()
-{
- StringNode* new_this;
- new_this = (StringNode*)malloc(sizeof(StringNode));
- new_this->str=NULL;
- new_this->next=NULL;
- return new_this;
-}
-
-void StringNode_delete(StringNode* s)
-{
- if(s->str) {
- PR_Free(s->str);
- s->str=NULL;
- }
-}
-
-/*************************************************************************
- * S t r i n g L i s t
- */
-typedef struct StringList_str {
- StringNode* head;
- StringNode* tail;
-} StringList;
-
-void StringList_new(StringList* list)
-{
- list->head=NULL;
- list->tail=NULL;
-}
-
-void StringList_delete(StringList* list)
-{
- StringNode *tmp;
- while(list->head) {
- tmp = list->head;
- list->head = list->head->next;
- StringNode_delete(tmp);
- }
-}
-
-void
-StringList_Append(StringList* list, char* str)
-{
- if(!str) {
- return;
- }
-
- if(!list->tail) {
- /* This is the first element */
- list->head = list->tail = StringNode_new();
- } else {
- list->tail->next = StringNode_new();
- list->tail = list->tail->next;
- }
-
- list->tail->str = PR_Strdup(str);
- list->tail->next = NULL; /* just to be sure */
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library. Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler)
-{
- Pk11Install_ErrorHandler old;
-
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-
- PR_Lock(errorHandlerLock);
-
- old = errorHandler;
- errorHandler = handler;
-
- PR_Unlock(errorHandlerLock);
-
- return old;
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly. Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init()
-{
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library. Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first. This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release()
-{
- if(errorHandlerLock) {
- PR_Free(errorHandlerLock);
- errorHandlerLock = NULL;
- }
-}
-
-/*************************************************************************
- *
- * e r r o r
- *
- * Takes an error code and its arguments, creates the error string,
- * and sends the string to the handler function if it exists.
- */
-
-#ifdef OSF1
-/* stdarg has already been pulled in from NSPR */
-#undef va_start
-#undef va_end
-#undef va_arg
-#include <varargs.h>
-#else
-#include <stdarg.h>
-#endif
-
-#ifdef OSF1
-static void
-error(long va_alist, ...)
-#else
-static void
-error(Pk11Install_Error errcode, ...)
-#endif
-{
-
- va_list ap;
- char *errstr;
- Pk11Install_ErrorHandler handler;
-
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-
- PR_Lock(errorHandlerLock);
-
- handler = errorHandler;
-
- PR_Unlock(errorHandlerLock);
-
- if(handler) {
-#ifdef OSF1
- va_start(ap);
- errstr = PR_vsmprintf(errorString[va_arg(ap, Pk11Install_Error)], ap);
-#else
- va_start(ap, errcode);
- errstr = PR_vsmprintf(errorString[errcode], ap);
-#endif
- handler(errstr);
- PR_smprintf_free(errstr);
- va_end(ap);
- }
-}
-
-/*************************************************************************
- *
- * j a r _ c a l l b a c k
- */
-static int
-jar_callback(int status, JAR *foo, const char *bar, char *pathname,
- char *errortext) {
- char *string;
-
- string = PR_smprintf("JAR error %d: %s in file %s\n", status, errortext,
- pathname);
- error(PK11_INSTALL_ERROR_STRING, string);
- PR_smprintf_free(string);
- return 0;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- * installed.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
- const char *tempDir, PRFileDesc *feedback, short force, PRBool noverify)
-{
- JAR *jar;
- char *installer;
- unsigned long installer_len;
- int status;
- Pk11Install_Error ret;
- PRBool made_temp_file;
- Pk11Install_Info installInfo;
- Pk11Install_Platform *platform;
- char* errMsg;
- char sysname[SYS_INFO_BUFFER_LENGTH], release[SYS_INFO_BUFFER_LENGTH],
- arch[SYS_INFO_BUFFER_LENGTH];
- char *myPlatform;
-
- jar=NULL;
- ret = PK11_INSTALL_UNSPECIFIED;
- made_temp_file=PR_FALSE;
- errMsg=NULL;
- Pk11Install_Info_init(&installInfo);
-
- /*
- printf("Inside DoInstall, jarFile=%s, installDir=%s, tempDir=%s\n",
- jarFile, installDir, tempDir);
- */
-
- /*
- * Check out jarFile and installDir for validity
- */
- if( PR_Access(installDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_DOESNT_EXIST, installDir);
- return PK11_INSTALL_DIR_DOESNT_EXIST;
- }
- if(!tempDir) {
- tempDir = ".";
- }
- if( PR_Access(tempDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_DOESNT_EXIST, tempDir);
- return PK11_INSTALL_DIR_DOESNT_EXIST;
- }
- if( PR_Access(tempDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_NOT_WRITEABLE, tempDir);
- return PK11_INSTALL_DIR_NOT_WRITEABLE;
- }
- if( (PR_Access(jarFile, PR_ACCESS_EXISTS) != PR_SUCCESS) ) {
- error(PK11_INSTALL_FILE_DOESNT_EXIST, jarFile);
- return PK11_INSTALL_FILE_DOESNT_EXIST;
- }
- if( PR_Access(jarFile, PR_ACCESS_READ_OK) != PR_SUCCESS ) {
- error(PK11_INSTALL_FILE_NOT_READABLE, jarFile);
- return PK11_INSTALL_FILE_NOT_READABLE;
- }
-
- /*
- * Extract the JAR file
- */
- jar = JAR_new();
- JAR_set_callback(JAR_CB_SIGNAL, jar, jar_callback);
-
- if(noverify) {
- status = JAR_pass_archive_unverified(jar, jarArchGuess, jarFile, "url");
- } else {
- status = JAR_pass_archive(jar, jarArchGuess, jarFile, "url");
- }
- if( (status < 0) || (jar->valid < 0) ) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_ERROR, jarFile, JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_ERROR, jarFile,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret=PK11_INSTALL_JAR_ERROR;
- goto loser;
- }
- /*printf("passed the archive\n");*/
-
- /*
- * Show the user security information, allow them to abort or continue
- */
- if( Pk11Install_UserVerifyJar(jar, PR_STDOUT,
- force?PR_FALSE:PR_TRUE) && !force) {
- if(feedback) {
- PR_fprintf(feedback, msgStrings[USER_ABORT]);
- }
- ret=PK11_INSTALL_USER_ABORT;
- goto loser;
- }
-
- /*
- * Get the name of the installation file
- */
- if( JAR_get_metainfo(jar, NULL, INSTALL_METAINFO_TAG, (void**)&installer,
- (unsigned long*)&installer_len) ) {
- error(PK11_INSTALL_NO_INSTALLER_SCRIPT);
- ret=PK11_INSTALL_NO_INSTALLER_SCRIPT;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLER_SCRIPT_NAME], installer);
- }
-
- /*
- * Extract the installation file
- */
- if( PR_Access(SCRIPT_TEMP_FILE, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- if( PR_Delete(SCRIPT_TEMP_FILE) != PR_SUCCESS) {
- error(PK11_INSTALL_DELETE_TEMP_FILE, SCRIPT_TEMP_FILE);
- ret=PK11_INSTALL_DELETE_TEMP_FILE;
- goto loser;
- }
- }
- if(noverify) {
- status = JAR_extract(jar, installer, SCRIPT_TEMP_FILE);
- } else {
- status = JAR_verified_extract(jar, installer, SCRIPT_TEMP_FILE);
- }
- if(status) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_EXTRACT, installer, JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_EXTRACT, installer,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret = PK11_INSTALL_JAR_EXTRACT;
- goto loser;
- } else {
- made_temp_file = PR_TRUE;
- }
-
- /*
- * Parse the installation file into a syntax tree
- */
- Pk11Install_FD = PR_Open(SCRIPT_TEMP_FILE, PR_RDONLY, 0);
- if(!Pk11Install_FD) {
- error(PK11_INSTALL_OPEN_SCRIPT_FILE, SCRIPT_TEMP_FILE);
- ret=PK11_INSTALL_OPEN_SCRIPT_FILE;
- goto loser;
- }
- if(Pk11Install_yyparse()) {
- error(PK11_INSTALL_SCRIPT_PARSE, installer,
- Pk11Install_yyerrstr ? Pk11Install_yyerrstr : "");
- ret=PK11_INSTALL_SCRIPT_PARSE;
- goto loser;
- }
-
-#if 0
- /* for debugging */
- Pk11Install_valueList->Print(0);
-#endif
-
- /*
- * From the syntax tree, build a semantic structure
- */
- errMsg = Pk11Install_Info_Generate(&installInfo,Pk11Install_valueList);
- if(errMsg) {
- error(PK11_INSTALL_SEMANTIC, errMsg);
- ret=PK11_INSTALL_SEMANTIC;
- goto loser;
- }
-#if 0
- installInfo.Print(0);
-#endif
-
- if(feedback) {
- PR_fprintf(feedback, msgStrings[PARSED_INSTALL_SCRIPT]);
- }
-
- /*
- * Figure out which platform to use
- */
- {
- sysname[0] = release[0] = arch[0] = '\0';
-
- if( (PR_GetSystemInfo(PR_SI_SYSNAME, sysname, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ||
- (PR_GetSystemInfo(PR_SI_RELEASE, release, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ||
- (PR_GetSystemInfo(PR_SI_ARCHITECTURE, arch, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ) {
- error(PK11_INSTALL_SYSINFO);
- ret=PK11_INSTALL_SYSINFO;
- goto loser;
- }
- myPlatform = PR_smprintf("%s:%s:%s", sysname, release, arch);
- platform = Pk11Install_Info_GetBestPlatform(&installInfo,myPlatform);
- if(!platform) {
- error(PK11_INSTALL_NO_PLATFORM, myPlatform);
- PR_smprintf_free(myPlatform);
- ret=PK11_INSTALL_NO_PLATFORM;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[MY_PLATFORM_IS], myPlatform);
- PR_fprintf(feedback, msgStrings[USING_PLATFORM],
- Pk11Install_PlatformName_GetString(&platform->name));
- }
- PR_smprintf_free(myPlatform);
- }
-
- /* Run the install for that platform */
- ret = DoInstall(jar, installDir, tempDir, platform, feedback, noverify);
- if(ret) {
- goto loser;
- }
-
- ret = PK11_INSTALL_SUCCESS;
-loser:
- if(Pk11Install_valueList) {
- Pk11Install_ValueList_delete(Pk11Install_valueList);
- PR_Free(Pk11Install_valueList);
- Pk11Install_valueList = NULL;
- }
- if(jar) {
- JAR_destroy(jar);
- }
- if(made_temp_file) {
- PR_Delete(SCRIPT_TEMP_FILE);
- }
- if(errMsg) {
- PR_smprintf_free(errMsg);
- }
- return ret;
-}
-
-/*
-/////////////////////////////////////////////////////////////////////////
-// actually run the installation, copying files to and fro
-*/
-static Pk11Install_Error
-DoInstall(JAR *jar, const char *installDir, const char *tempDir,
- Pk11Install_Platform *platform, PRFileDesc *feedback, PRBool noverify)
-{
- Pk11Install_File *file;
- Pk11Install_Error ret;
- char *reldir;
- char *dest;
- char *modDest;
- char *cp;
- int i;
- int status;
- char *tempname, *temp;
- StringList executables;
- StringNode *execNode;
- PRProcessAttr *attr;
- PRProcess *proc;
- char *argv[2];
- char *envp[1];
- int errcode;
-
- ret=PK11_INSTALL_UNSPECIFIED;
- reldir=NULL;
- dest=NULL;
- modDest=NULL;
- tempname=NULL;
-
- StringList_new(&executables);
- /*
- // Create Temporary directory
- */
- tempname = PR_smprintf("%s/%s", tempDir, TEMPORARY_DIRECTORY_NAME);
- if( PR_Access(tempname, PR_ACCESS_EXISTS)==PR_SUCCESS ) {
- /* Left over from previous run? Delete it. */
- rm_dash_r(tempname);
- }
- if(PR_MkDir(tempname, 0700) != PR_SUCCESS) {
- error(PK11_INSTALL_CREATE_DIR, tempname);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
-
- /*
- // Install all the files
- */
- for(i=0; i < platform->numFiles; i++) {
- file = &platform->files[i];
-
- if(file->relativePath) {
- PRBool foundMarker = PR_FALSE;
- reldir = PR_Strdup(file->relativePath);
-
- /* Replace all the markers with the directories for which they stand */
- while(1) {
- if( (cp=PL_strcasestr(reldir, ROOT_MARKER)) ) {
- /* Has a %root% marker */
- *cp = '\0';
- temp = PR_smprintf("%s%s%s", reldir, installDir,
- cp+strlen(ROOT_MARKER));
- PR_Free(reldir);
- reldir = temp;
- foundMarker = PR_TRUE;
- } else if( (cp = PL_strcasestr(reldir, TEMP_MARKER)) ) {
- /* Has a %temp% marker */
- *cp = '\0';
- temp = PR_smprintf("%s%s%s", reldir, tempname,
- cp+strlen(TEMP_MARKER));
- PR_Free(reldir);
- reldir = temp;
- foundMarker = PR_TRUE;
- } else {
- break;
- }
- }
- if(!foundMarker) {
- /* Has no markers...this isn't really a relative directory */
- error(PK11_INSTALL_BOGUS_REL_DIR, file->relativePath);
- ret = PK11_INSTALL_BOGUS_REL_DIR;
- goto loser;
- }
- dest = reldir;
- reldir = NULL;
- } else if(file->absolutePath) {
- dest = PR_Strdup(file->absolutePath);
- }
-
- /* Remember if this is the module file, we'll need to add it later */
- if(i == platform->modFile) {
- modDest = PR_Strdup(dest);
- }
-
- /* Remember is this is an executable, we'll need to run it later */
- if(file->executable) {
- StringList_Append(&executables,dest);
- /*executables.Append(dest);*/
- }
-
- /* Make sure the directory we are targetting exists */
- if( make_dirs(dest, file->permissions) ) {
- ret=PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
-
- /* Actually extract the file onto the filesystem */
- if(noverify) {
- status = JAR_extract(jar, (char*)file->jarPath, dest);
- } else {
- status = JAR_verified_extract(jar, (char*)file->jarPath, dest);
- }
- if(status) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
- JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret=PK11_INSTALL_JAR_EXTRACT;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLED_FILE_MSG],
- file->jarPath, dest);
- }
-
- /* no NSPR command to change permissions? */
-#ifdef XP_UNIX
- chmod(dest, file->permissions);
-#endif
-
- /* Memory clean-up tasks */
- if(reldir) {
- PR_Free(reldir);
- reldir = NULL;
- }
- if(dest) {
- PR_Free(dest);
- dest = NULL;
- }
- }
- /* Make sure we found the module file */
- if(!modDest) {
- /* Internal problem here, since every platform is supposed to have
- a module file */
- error(PK11_INSTALL_NO_MOD_FILE, platform->moduleName);
- ret=PK11_INSTALL_NO_MOD_FILE;
- goto loser;
- }
-
- /*
- // Execute any executable files
- */
- {
- argv[1] = NULL;
- envp[0] = NULL;
- for(execNode = executables.head; execNode; execNode = execNode->next) {
- attr = PR_NewProcessAttr();
- argv[0] = PR_Strdup(execNode->str);
-
- /* Announce our intentions */
- if(feedback) {
- PR_fprintf(feedback, msgStrings[EXEC_FILE_MSG], execNode->str);
- }
-
- /* start the process */
- if( !(proc=PR_CreateProcess(execNode->str, argv, envp, attr)) ) {
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- error(PK11_INSTALL_EXEC_FILE, execNode->str);
- ret=PK11_INSTALL_EXEC_FILE;
- goto loser;
- }
-
- /* wait for it to finish */
- if( PR_WaitProcess(proc, &errcode) != PR_SUCCESS) {
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- error(PK11_INSTALL_WAIT_PROCESS, execNode->str);
- ret=PK11_INSTALL_WAIT_PROCESS;
- goto loser;
- }
-
- /* What happened? */
- if(errcode) {
- /* process returned an error */
- error(PK11_INSTALL_PROC_ERROR, execNode->str, errcode);
- } else if(feedback) {
- /* process ran successfully */
- PR_fprintf(feedback, msgStrings[EXEC_SUCCESS], execNode->str);
- }
-
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- }
- }
-
- /*
- // Add the module
- */
- status = Pk11Install_AddNewModule((char*)platform->moduleName,
- (char*)modDest, platform->mechFlags, platform->cipherFlags );
-
- if(status != SECSuccess) {
- error(PK11_INSTALL_ADD_MODULE, platform->moduleName);
- ret=PK11_INSTALL_ADD_MODULE;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLED_MODULE_MSG],
- platform->moduleName);
- }
-
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLATION_COMPLETE_MSG]);
- }
-
- ret = PK11_INSTALL_SUCCESS;
-
-loser:
- if(reldir) {
- PR_Free(reldir);
- }
- if(dest) {
- PR_Free(dest);
- }
- if(modDest) {
- PR_Free(modDest);
- }
- if(tempname) {
- PRFileInfo info;
- if(PR_GetFileInfo(tempname, &info) == PR_SUCCESS) {
- if((info.type == PR_FILE_DIRECTORY)) {
- /* Recursively remove temporary directory */
- if(rm_dash_r(tempname)) {
- error(PK11_INSTALL_REMOVE_DIR,
- tempname);
- ret=PK11_INSTALL_REMOVE_DIR;
- }
-
- }
- }
- PR_Free(tempname);
- }
- StringList_delete(&executables);
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*
- * r m _ d a s h _ r
- *
- * Remove a file, or a directory recursively.
- *
- */
-static int
-rm_dash_r (char *path)
-{
- PRDir *dir;
- PRDirEntry *entry;
- PRFileInfo fileinfo;
- char filename[240];
-
- if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
- /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
- return -1;
- }
- if(fileinfo.type == PR_FILE_DIRECTORY) {
-
- dir = PR_OpenDir(path);
- if(!dir) {
- return -1;
- }
-
- /* Recursively delete all entries in the directory */
- while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
- sprintf(filename, "%s/%s", path, entry->name);
- if(rm_dash_r(filename)) return -1;
- }
-
- if(PR_CloseDir(dir) != PR_SUCCESS) {
- return -1;
- }
-
- /* Delete the directory itself */
- if(PR_RmDir(path) != PR_SUCCESS) {
- return -1;
- }
- } else {
- if(PR_Delete(path) != PR_SUCCESS) {
- return -1;
- }
- }
- return 0;
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists. This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
- char *Path;
- char *start;
- char *sep;
- int ret = 0;
- PRFileInfo info;
-
- if(!path) {
- return 0;
- }
-
- Path = PR_Strdup(path);
- start = strpbrk(Path, "/\\");
- if(!start) {
- return 0;
- }
- start++; /* start right after first slash */
-
- /* Each time through the loop add one more directory. */
- while( (sep=strpbrk(start, "/\\")) ) {
- *sep = '\0';
-
- if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
- /* No such dir, we have to create it */
- if( PR_MkDir(Path, dir_perms(file_perms)) != PR_SUCCESS) {
- error(PK11_INSTALL_CREATE_DIR, Path);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
- } else {
- /* something exists by this name, make sure it's a directory */
- if( info.type != PR_FILE_DIRECTORY ) {
- error(PK11_INSTALL_CREATE_DIR, Path);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
- }
-
- /* If this is the lowest directory level, make sure it is writeable */
- if(!strpbrk(sep+1, "/\\")) {
- if( PR_Access(Path, PR_ACCESS_WRITE_OK)!=PR_SUCCESS) {
- error(PK11_INSTALL_DIR_NOT_WRITEABLE, Path);
- ret = PK11_INSTALL_DIR_NOT_WRITEABLE;
- goto loser;
- }
- }
-
- start = sep+1; /* start after the next slash */
- *sep = '/';
- }
-
-loser:
- PR_Free(Path);
- return ret;
-}
-
-/*************************************************************************
- * d i r _ p e r m s
- *
- * Guesses the desired permissions on a directory based on the permissions
- * of a file that will be stored in it. Give read, write, and
- * execute to the owner (so we can create the file), read and
- * execute to anyone who has read permissions on the file, and write
- * to anyone who has write permissions on the file.
- */
-static int
-dir_perms(int perms)
-{
- int ret = 0;
-
- /* owner */
- ret |= 0700;
-
- /* group */
- if(perms & 0040) {
- /* read on the file -> read and execute on the directory */
- ret |= 0050;
- }
- if(perms & 0020) {
- /* write on the file -> write on the directory */
- ret |= 0020;
- }
-
- /* others */
- if(perms & 0004) {
- /* read on the file -> read and execute on the directory */
- ret |= 0005;
- }
- if(perms & 0002) {
- /* write on the file -> write on the directory */
- ret |= 0002;
- }
-
- return ret;
-}
diff --git a/security/nss/cmd/modutil/install.h b/security/nss/cmd/modutil/install.h
deleted file mode 100644
index 3874ed77e..000000000
--- a/security/nss/cmd/modutil/install.h
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PK11INSTALL_H
-#define PK11INSTALL_H
-
-#include <prio.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef void (*Pk11Install_ErrorHandler)(char *);
-
-typedef enum {
- PK11_INSTALL_NO_ERROR=0,
- PK11_INSTALL_DIR_DOESNT_EXIST,
- PK11_INSTALL_FILE_DOESNT_EXIST,
- PK11_INSTALL_FILE_NOT_READABLE,
- PK11_INSTALL_ERROR_STRING,
- PK11_INSTALL_JAR_ERROR,
- PK11_INSTALL_NO_INSTALLER_SCRIPT,
- PK11_INSTALL_DELETE_TEMP_FILE,
- PK11_INSTALL_OPEN_SCRIPT_FILE,
- PK11_INSTALL_SCRIPT_PARSE,
- PK11_INSTALL_SEMANTIC,
- PK11_INSTALL_SYSINFO,
- PK11_INSTALL_NO_PLATFORM,
- PK11_INSTALL_BOGUS_REL_DIR,
- PK11_INSTALL_NO_MOD_FILE,
- PK11_INSTALL_ADD_MODULE,
- PK11_INSTALL_JAR_EXTRACT,
- PK11_INSTALL_DIR_NOT_WRITEABLE,
- PK11_INSTALL_CREATE_DIR,
- PK11_INSTALL_REMOVE_DIR,
- PK11_INSTALL_EXEC_FILE,
- PK11_INSTALL_WAIT_PROCESS,
- PK11_INSTALL_PROC_ERROR,
- PK11_INSTALL_USER_ABORT,
- PK11_INSTALL_UNSPECIFIED
-} Pk11Install_Error;
-#define PK11_INSTALL_SUCCESS PK11_INSTALL_NO_ERROR
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly. Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init();
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library. Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler);
-
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library. Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first. This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release();
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- * installed.
- * feedback is a file descriptor to which to write informative (not error)
- * status messages: what files are being installed, what modules are being
- * installed. If feedback==NULL, no messages will be displayed.
- * If force != 0, interactive prompts will be suppressed.
- * If noverify == PR_TRUE, signatures won't be checked on the JAR file.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
- const char *tempDir, PRFileDesc *feedback, short force,
- PRBool noverify);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /*PK11INSTALL_H*/
diff --git a/security/nss/cmd/modutil/installparse.c b/security/nss/cmd/modutil/installparse.c
deleted file mode 100644
index 16f81b6eb..000000000
--- a/security/nss/cmd/modutil/installparse.c
+++ /dev/null
@@ -1,429 +0,0 @@
-#ifndef lint
-char yysccsid[] = "@(#)yaccpar 1.4 (Berkeley) 02/25/90";
-#endif
-#line 37 "installparse.y"
-
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include <prprf.h>
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-#line 40 "ytab.c"
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
-#define YYERRCODE 256
-short yylhs[] = { -1,
- 0, 1, 1, 2, 2, 3, 4,
-};
-short yylen[] = { 2,
- 1, 2, 0, 1, 1, 4, 1,
-};
-short yydefred[] = { 0,
- 0, 0, 1, 0, 4, 0, 2, 0, 0, 6,
-};
-short yydgoto[] = { 2,
- 3, 4, 5, 6,
-};
-short yysindex[] = { -257,
- 0, 0, 0, -257, 0, -252, 0, -257, -251, 0,
-};
-short yyrindex[] = { 6,
- 1, 0, 0, 3, 0, 0, 0, -250, 0, 0,
-};
-short yygindex[] = { 0,
- -4, 0, 0, 0,
-};
-#define YYTABLESIZE 261
-short yytable[] = { 7,
- 5, 1, 3, 9, 8, 3, 10, 3, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 7, 5, 5,
- 3,
-};
-short yycheck[] = { 4,
- 0, 259, 0, 8, 257, 0, 258, 258, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, 257, 258, 259,
- 258,
-};
-#define YYFINAL 2
-#ifndef YYDEBUG
-#define YYDEBUG 0
-#endif
-#define YYMAXTOKEN 259
-#if YYDEBUG
-char *yyname[] = {
-"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"OPENBRACE","CLOSEBRACE","STRING",
-};
-char *yyrule[] = {
-"$accept : toplist",
-"toplist : valuelist",
-"valuelist : value valuelist",
-"valuelist :",
-"value : key_value_pair",
-"value : STRING",
-"key_value_pair : key OPENBRACE valuelist CLOSEBRACE",
-"key : STRING",
-};
-#endif
-#ifndef YYSTYPE
-typedef int YYSTYPE;
-#endif
-#define yyclearin (yychar=(-1))
-#define yyerrok (yyerrflag=0)
-#ifndef YYSTACKSIZE
-#ifdef YYMAXDEPTH
-#define YYSTACKSIZE YYMAXDEPTH
-#else
-#define YYSTACKSIZE 300
-#endif
-#endif
-int yydebug;
-int yynerrs;
-int yyerrflag;
-int yychar;
-short *yyssp;
-YYSTYPE *yyvsp;
-YYSTYPE yyval;
-YYSTYPE yylval;
-#define yystacksize YYSTACKSIZE
-short yyss[YYSTACKSIZE];
-YYSTYPE yyvs[YYSTACKSIZE];
-#line 118 "installparse.y"
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
- char *tmp;
- if(Pk11Install_yyerrstr) {
- tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
- Pk11Install_yylinenum, message);
- PR_smprintf_free(Pk11Install_yyerrstr);
- } else {
- tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
- }
- Pk11Install_yyerrstr=tmp;
-}
-#line 191 "ytab.c"
-#define YYABORT goto yyabort
-#define YYACCEPT goto yyaccept
-#define YYERROR goto yyerrlab
-int
-yyparse()
-{
- register int yym, yyn, yystate;
-#if YYDEBUG
- register char *yys;
- extern char *getenv();
-
- if (yys = getenv("YYDEBUG"))
- {
- yyn = *yys;
- if (yyn >= '0' && yyn <= '9')
- yydebug = yyn - '0';
- }
-#endif
-
- yynerrs = 0;
- yyerrflag = 0;
- yychar = (-1);
-
- yyssp = yyss;
- yyvsp = yyvs;
- *yyssp = yystate = 0;
-
-yyloop:
- if (yyn = yydefred[yystate]) goto yyreduce;
- if (yychar < 0)
- {
- if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, reading %d (%s)\n", yystate,
- yychar, yys);
- }
-#endif
- }
- if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, shifting to state %d\n",
- yystate, yytable[yyn]);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate = yytable[yyn];
- *++yyvsp = yylval;
- yychar = (-1);
- if (yyerrflag > 0) --yyerrflag;
- goto yyloop;
- }
- if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
- {
- yyn = yytable[yyn];
- goto yyreduce;
- }
- if (yyerrflag) goto yyinrecovery;
-#ifdef lint
- goto yynewerror;
-#endif
-yynewerror:
- yyerror("syntax error");
-#ifdef lint
- goto yyerrlab;
-#endif
-yyerrlab:
- ++yynerrs;
-yyinrecovery:
- if (yyerrflag < 3)
- {
- yyerrflag = 3;
- for (;;)
- {
- if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, error recovery shifting\
- to state %d\n", *yyssp, yytable[yyn]);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate = yytable[yyn];
- *++yyvsp = yylval;
- goto yyloop;
- }
- else
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: error recovery discarding state %d\n",
- *yyssp);
-#endif
- if (yyssp <= yyss) goto yyabort;
- --yyssp;
- --yyvsp;
- }
- }
- }
- else
- {
- if (yychar == 0) goto yyabort;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, error recovery discards token %d (%s)\n",
- yystate, yychar, yys);
- }
-#endif
- yychar = (-1);
- goto yyloop;
- }
-yyreduce:
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, reducing by rule %d (%s)\n",
- yystate, yyn, yyrule[yyn]);
-#endif
- yym = yylen[yyn];
- yyval = yyvsp[1-yym];
- switch (yyn)
- {
-case 1:
-#line 84 "installparse.y"
-{
- Pk11Install_valueList = yyvsp[0].list;
-}
-break;
-case 2:
-#line 89 "installparse.y"
-{
- Pk11Install_ValueList_AddItem(yyvsp[0].list,yyvsp[-1].value);
- yyval .list = yyvsp[0].list;
-}
-break;
-case 3:
-#line 94 "installparse.y"
-{
- yyval .list = Pk11Install_ValueList_new();
-}
-break;
-case 4:
-#line 99 "installparse.y"
-{
- yyval .value= Pk11Install_Value_new(PAIR_VALUE,yyvsp[0]);
-}
-break;
-case 5:
-#line 103 "installparse.y"
-{
- yyval .value= Pk11Install_Value_new(STRING_VALUE, yyvsp[0]);
-}
-break;
-case 6:
-#line 108 "installparse.y"
-{
- yyval .pair = Pk11Install_Pair_new(yyvsp[-3].string,yyvsp[-1].list);
-}
-break;
-case 7:
-#line 113 "installparse.y"
-{
- yyval .string = yyvsp[0].string;
-}
-break;
-#line 374 "ytab.c"
- }
- yyssp -= yym;
- yystate = *yyssp;
- yyvsp -= yym;
- yym = yylhs[yyn];
- if (yystate == 0 && yym == 0)
- {
-#ifdef YYDEBUG
- if (yydebug)
- printf("yydebug: after reduction, shifting from state 0 to\
- state %d\n", YYFINAL);
-#endif
- yystate = YYFINAL;
- *++yyssp = YYFINAL;
- *++yyvsp = yyval;
- if (yychar < 0)
- {
- if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, reading %d (%s)\n",
- YYFINAL, yychar, yys);
- }
-#endif
- }
- if (yychar == 0) goto yyaccept;
- goto yyloop;
- }
- if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
- yystate = yytable[yyn];
- else
- yystate = yydgoto[yym];
-#ifdef YYDEBUG
- if (yydebug)
- printf("yydebug: after reduction, shifting from state %d \
-to state %d\n", *yyssp, yystate);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate;
- *++yyvsp = yyval;
- goto yyloop;
-yyoverflow:
- yyerror("yacc stack overflow");
-yyabort:
- return (1);
-yyaccept:
- return (0);
-}
diff --git a/security/nss/cmd/modutil/installparse.h b/security/nss/cmd/modutil/installparse.h
deleted file mode 100644
index 75686d4fd..000000000
--- a/security/nss/cmd/modutil/installparse.h
+++ /dev/null
@@ -1,3 +0,0 @@
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
diff --git a/security/nss/cmd/modutil/installparse.l b/security/nss/cmd/modutil/installparse.l
deleted file mode 100644
index 6befe16cb..000000000
--- a/security/nss/cmd/modutil/installparse.l
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/* lex file for analyzing PKCS #11 Module installation instructions */
-
-/*----------------------------- Definitions ---------------------------*/
-%{
-#include <string.h>
-
-#include "install-ds.h" /* defines tokens and data structures */
-#include "installparse.h" /* produced by yacc -d */
-#include <prprf.h>
-static char *putSimpleString(char*); /* return copy of string */
-static char *putComplexString(char*); /* strip out quotes, deal with */
- /* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) { \
- char c; \
- int n; \
- for ( n = 0; n < max_size && \
- PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
- buf[n] = c; \
- } \
- if ( c == '\n' ) { \
- buf[n++] = c; \
- } \
- result = n; \
- } else { \
- result = PR_Read(Pk11Install_FD, buf, max_size); \
- }
-
-%}
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-simple_string [^ \t\r\n\""{""}"]+
-
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
- backslashes must be backslash-escaped. No newlines or carriage returns
- are allowed inside the quotes. Otherwise, anything goes. */
-complex_string \"([^\"\\\r\n]|(\\\")|(\\\\))+\"
-
-/* Standard whitespace */
-whitespace [ \t\r]+
-
-other .
-
-/*---------------------------- Actions --------------------------------*/
-%%
-
-"{" return OPENBRACE;
-"}" return CLOSEBRACE;
-{simple_string} {Pk11Install_yylval.string =
- putSimpleString(Pk11Install_yytext);
- return STRING;}
-{complex_string} {Pk11Install_yylval.string =
- putComplexString(Pk11Install_yytext);
- return STRING;}
-
-"\n" Pk11Install_yylinenum++;
-
-{whitespace} ;
-
-{other} {err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
- Pk11Install_yyerror(err);
- PR_smprintf_free(err);
- return 1;
- }
-
-%%
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
- This function assumes that what is passed in is actually a complex
- string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
- int size, i,j;
- char *tmp;
-
- if(!str) {
- return NULL;
- }
- size = strlen(str);
-
- /* Allocate the new space. This string will actually be too big,
- since quotes and backslashes will be stripped out. But that's ok. */
- tmp = (char*) PR_Malloc(size+1);
-
- /* Copy it over */
- for(i=0, j=0; i < size; i++) {
- if(str[i]=='\"') {
- continue; /* skip un-escaped quotes */
- } else if(str[i]=='\\') {
- ++i; /* escaped character. skip the backslash */
- }
- tmp[j++] = str[i];
- }
- tmp[j] = '\0';
-
- return tmp;
-}
diff --git a/security/nss/cmd/modutil/installparse.y b/security/nss/cmd/modutil/installparse.y
deleted file mode 100644
index 6a32e25ab..000000000
--- a/security/nss/cmd/modutil/installparse.y
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* yacc file for parsing PKCS #11 module installation instructions */
-/*------------------------ Definition Section ---------------------------*/
-
-%{
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include <prprf.h>
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-%}
-
-/* Tokens */
-%token OPENBRACE
-%token CLOSEBRACE
-%token STRING
-%start toplist
-
-%%
-
-/*--------------------------- Productions -------------------------------*/
-
-toplist : valuelist
-{
- Pk11Install_valueList = $1.list;
-}
-
-valuelist : value valuelist
-{
- Pk11Install_ValueList_AddItem($2.list,$1.value);
- $$.list = $2.list;
-}
-|
-{
- $$.list = Pk11Install_ValueList_new();
-};
-
-value : key_value_pair
-{
- $$.value= Pk11Install_Value_new(PAIR_VALUE,$1);
-}
-| STRING
-{
- $$.value= Pk11Install_Value_new(STRING_VALUE, $1);
-};
-
-key_value_pair : key OPENBRACE valuelist CLOSEBRACE
-{
- $$.pair = Pk11Install_Pair_new($1.string,$3.list);
-};
-
-key : STRING
-{
- $$.string = $1.string;
-};
-
-%%
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
- char *tmp;
- if(Pk11Install_yyerrstr) {
- tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
- Pk11Install_yylinenum, message);
- PR_smprintf_free(Pk11Install_yyerrstr);
- } else {
- tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
- }
- Pk11Install_yyerrstr=tmp;
-}
diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c
deleted file mode 100644
index e6eaa384b..000000000
--- a/security/nss/cmd/modutil/instsec.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <plarena.h>
-#include <prio.h>
-#include <prprf.h>
-#include <seccomon.h>
-#include <secmod.h>
-#include <jar.h>
-#include <secutil.h>
-
-/* These are installation functions that make calls to the security library.
- * We don't want to include security include files in the C++ code too much.
- */
-
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-
-/***************************************************************************
- *
- * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
- */
-int
-Pk11Install_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags)
-{
- return (SECMOD_AddNewModule(moduleName, dllPath,
- SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
- SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
- == SECSuccess) ? 0 : -1;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
- *
- * Gives the user feedback on the signatures of a JAR files, asks them
- * whether they actually want to continue.
- * Assumes the jar structure has already been created and is valid.
- * Returns 0 if the user wants to continue the installation, nonzero
- * if the user wishes to abort.
- */
-short
-Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
-{
- JAR_Context *ctx;
- JAR_Cert *fing;
- JAR_Item *item;
- char stdinbuf[80];
- int count=0;
-
- CERTCertificate *cert, *prev=NULL;
-
- PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
-
- ctx = JAR_find(jar, NULL, jarTypeSign);
-
- while(JAR_find_next(ctx, &item) >= 0 ) {
- fing = (JAR_Cert*) item->data;
- cert = fing->cert;
- if(cert==prev) {
- continue;
- }
-
- count++;
- PR_fprintf(out, "----------------------------------------------\n");
- if(cert) {
- if(cert->nickname) {
- PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
- }
- if(cert->subjectName) {
- PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); }
- if(cert->issuerName) {
- PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
- }
- } else {
- PR_fprintf(out, "No matching certificate could be found.\n");
- }
- PR_fprintf(out, "----------------------------------------------\n\n");
-
- prev=cert;
- }
-
- JAR_find_end(ctx);
-
- if(count==0) {
- PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
- }
-
- if(query) {
- PR_fprintf(out,
-"Do you wish to continue this installation? (y/n) ");
-
- if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
- char *response;
-
- if( (response=strtok(stdinbuf, " \t\n\r")) ) {
- if( !PL_strcasecmp(response, "y") ||
- !PL_strcasecmp(response, "yes") ) {
- return 0;
- }
- }
- }
- }
-
- return 1;
-}
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
-
-/**************************************************************************
- *
- * m y S E C U _ E r r o r S t r i n g
- *
- */
-const char* mySECU_ErrorString(int16 errnum)
-{
- return SECU_Strerror(errnum);
-}
diff --git a/security/nss/cmd/modutil/lex.Pk11Install_yy.c b/security/nss/cmd/modutil/lex.Pk11Install_yy.c
deleted file mode 100644
index 3943503db..000000000
--- a/security/nss/cmd/modutil/lex.Pk11Install_yy.c
+++ /dev/null
@@ -1,1691 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define yy_create_buffer Pk11Install_yy_create_buffer
-#define yy_delete_buffer Pk11Install_yy_delete_buffer
-#define yy_scan_buffer Pk11Install_yy_scan_buffer
-#define yy_scan_string Pk11Install_yy_scan_string
-#define yy_scan_bytes Pk11Install_yy_scan_bytes
-#define yy_flex_debug Pk11Install_yy_flex_debug
-#define yy_init_buffer Pk11Install_yy_init_buffer
-#define yy_flush_buffer Pk11Install_yy_flush_buffer
-#define yy_load_buffer_state Pk11Install_yy_load_buffer_state
-#define yy_switch_to_buffer Pk11Install_yy_switch_to_buffer
-#define yyin Pk11Install_yyin
-#define yyleng Pk11Install_yyleng
-#define yylex Pk11Install_yylex
-#define yyout Pk11Install_yyout
-#define yyrestart Pk11Install_yyrestart
-#define yytext Pk11Install_yytext
-#define yywrap Pk11Install_yywrap
-
-#line 20 "lex.Pk11Install_yy.c"
-/* A lexical scanner generated by flex */
-
-/* Scanner skeleton version:
- * $Header$
- */
-
-#define FLEX_SCANNER
-#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-
-#include <stdio.h>
-
-
-/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */
-#ifdef c_plusplus
-#ifndef __cplusplus
-#define __cplusplus
-#endif
-#endif
-
-
-#ifdef __cplusplus
-
-#include <stdlib.h>
-//#include <unistd.h>
-
-/* Use prototypes in function declarations. */
-#define YY_USE_PROTOS
-
-/* The "const" storage-class-modifier is valid. */
-#define YY_USE_CONST
-
-#else /* ! __cplusplus */
-
-#if __STDC__
-
-#define YY_USE_PROTOS
-#define YY_USE_CONST
-
-#endif /* __STDC__ */
-#endif /* ! __cplusplus */
-
-#ifdef __TURBOC__
- #pragma warn -rch
- #pragma warn -use
-#include <io.h>
-#include <stdlib.h>
-#define YY_USE_CONST
-#define YY_USE_PROTOS
-#endif
-
-#ifdef YY_USE_CONST
-#define yyconst const
-#else
-#define yyconst
-#endif
-
-
-#ifdef YY_USE_PROTOS
-#define YY_PROTO(proto) proto
-#else
-#define YY_PROTO(proto) ()
-#endif
-
-/* Returned upon end-of-file. */
-#define YY_NULL 0
-
-/* Promotes a possibly negative, possibly signed char to an unsigned
- * integer for use as an array index. If the signed char is negative,
- * we want to instead treat it as an 8-bit unsigned char, hence the
- * double cast.
- */
-#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
-
-/* Enter a start condition. This macro really ought to take a parameter,
- * but we do it the disgusting crufty way forced on us by the ()-less
- * definition of BEGIN.
- */
-#define BEGIN yy_start = 1 + 2 *
-
-/* Translate the current start state into a value that can be later handed
- * to BEGIN to return to the state. The YYSTATE alias is for lex
- * compatibility.
- */
-#define YY_START ((yy_start - 1) / 2)
-#define YYSTATE YY_START
-
-/* Action number for EOF rule of a given start state. */
-#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
-
-/* Special action meaning "start processing a new file". */
-#define YY_NEW_FILE yyrestart( yyin )
-
-#define YY_END_OF_BUFFER_CHAR 0
-
-/* Size of default input buffer. */
-#define YY_BUF_SIZE 16384
-
-typedef struct yy_buffer_state *YY_BUFFER_STATE;
-
-extern int yyleng;
-extern FILE *yyin, *yyout;
-
-#define EOB_ACT_CONTINUE_SCAN 0
-#define EOB_ACT_END_OF_FILE 1
-#define EOB_ACT_LAST_MATCH 2
-
-/* The funky do-while in the following #define is used to turn the definition
- * int a single C statement (which needs a semi-colon terminator). This
- * avoids problems with code like:
- *
- * if ( condition_holds )
- * yyless( 5 );
- * else
- * do_something_else();
- *
- * Prior to using the do-while the compiler would get upset at the
- * "else" because it interpreted the "if" statement as being all
- * done when it reached the ';' after the yyless() call.
- */
-
-/* Return all but the first 'n' matched characters back to the input stream. */
-
-#define yyless(n) \
- do \
- { \
- /* Undo effects of setting up yytext. */ \
- *yy_cp = yy_hold_char; \
- YY_RESTORE_YY_MORE_OFFSET \
- yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
- YY_DO_BEFORE_ACTION; /* set up yytext again */ \
- } \
- while ( 0 )
-
-#define unput(c) yyunput( c, yytext_ptr )
-
-/* The following is because we cannot portably get our hands on size_t
- * (without autoconf's help, which isn't available because we want
- * flex-generated scanners to compile on their own).
- */
-typedef unsigned int yy_size_t;
-
-
-struct yy_buffer_state
- {
- FILE *yy_input_file;
-
- char *yy_ch_buf; /* input buffer */
- char *yy_buf_pos; /* current position in input buffer */
-
- /* Size of input buffer in bytes, not including room for EOB
- * characters.
- */
- yy_size_t yy_buf_size;
-
- /* Number of characters read into yy_ch_buf, not including EOB
- * characters.
- */
- int yy_n_chars;
-
- /* Whether we "own" the buffer - i.e., we know we created it,
- * and can realloc() it to grow it, and should free() it to
- * delete it.
- */
- int yy_is_our_buffer;
-
- /* Whether this is an "interactive" input source; if so, and
- * if we're using stdio for input, then we want to use getc()
- * instead of fread(), to make sure we stop fetching input after
- * each newline.
- */
- int yy_is_interactive;
-
- /* Whether we're considered to be at the beginning of a line.
- * If so, '^' rules will be active on the next match, otherwise
- * not.
- */
- int yy_at_bol;
-
- /* Whether to try to fill the input buffer when we reach the
- * end of it.
- */
- int yy_fill_buffer;
-
- int yy_buffer_status;
-#define YY_BUFFER_NEW 0
-#define YY_BUFFER_NORMAL 1
- /* When an EOF's been seen but there's still some text to process
- * then we mark the buffer as YY_EOF_PENDING, to indicate that we
- * shouldn't try reading from the input source any more. We might
- * still have a bunch of tokens to match, though, because of
- * possible backing-up.
- *
- * When we actually see the EOF, we change the status to "new"
- * (via yyrestart()), so that the user can continue scanning by
- * just pointing yyin at a new input file.
- */
-#define YY_BUFFER_EOF_PENDING 2
- };
-
-static YY_BUFFER_STATE yy_current_buffer = 0;
-
-/* We provide macros for accessing buffer states in case in the
- * future we want to put the buffer states in a more general
- * "scanner state".
- */
-#define YY_CURRENT_BUFFER yy_current_buffer
-
-
-/* yy_hold_char holds the character lost when yytext is formed. */
-static char yy_hold_char;
-
-static int yy_n_chars; /* number of characters read into yy_ch_buf */
-
-
-int yyleng;
-
-/* Points to current character in buffer. */
-static char *yy_c_buf_p = (char *) 0;
-static int yy_init = 1; /* whether we need to initialize */
-static int yy_start = 0; /* start state number */
-
-/* Flag which is used to allow yywrap()'s to do buffer switches
- * instead of setting up a fresh yyin. A bit of a hack ...
- */
-static int yy_did_buffer_switch_on_eof;
-
-void yyrestart YY_PROTO(( FILE *input_file ));
-
-void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer ));
-void yy_load_buffer_state YY_PROTO(( void ));
-YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size ));
-void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file ));
-void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
-
-YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size ));
-YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str ));
-YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len ));
-
-static void *yy_flex_alloc YY_PROTO(( yy_size_t ));
-static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t ));
-static void yy_flex_free YY_PROTO(( void * ));
-
-#define yy_new_buffer yy_create_buffer
-
-#define yy_set_interactive(is_interactive) \
- { \
- if ( ! yy_current_buffer ) \
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
- yy_current_buffer->yy_is_interactive = is_interactive; \
- }
-
-#define yy_set_bol(at_bol) \
- { \
- if ( ! yy_current_buffer ) \
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
- yy_current_buffer->yy_at_bol = at_bol; \
- }
-
-#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
-
-typedef unsigned char YY_CHAR;
-FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
-typedef int yy_state_type;
-extern char *yytext;
-#define yytext_ptr yytext
-
-static yy_state_type yy_get_previous_state YY_PROTO(( void ));
-static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state ));
-static int yy_get_next_buffer YY_PROTO(( void ));
-static void yy_fatal_error YY_PROTO(( yyconst char msg[] ));
-
-/* Done after the current pattern has been matched and before the
- * corresponding action - sets up yytext.
- */
-#define YY_DO_BEFORE_ACTION \
- yytext_ptr = yy_bp; \
- yyleng = (int) (yy_cp - yy_bp); \
- yy_hold_char = *yy_cp; \
- *yy_cp = '\0'; \
- yy_c_buf_p = yy_cp;
-
-#define YY_NUM_RULES 8
-#define YY_END_OF_BUFFER 9
-static yyconst short int yy_accept[16] =
- { 0,
- 0, 0, 9, 3, 6, 5, 7, 1, 2, 3,
- 6, 0, 0, 4, 0
- } ;
-
-static yyconst int yy_ec[256] =
- { 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
- 1, 1, 4, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 2, 1, 5, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 6, 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 7, 1, 8, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1
- } ;
-
-static yyconst int yy_meta[9] =
- { 0,
- 1, 2, 3, 4, 3, 1, 5, 5
- } ;
-
-static yyconst short int yy_base[19] =
- { 0,
- 0, 0, 19, 0, 0, 21, 12, 21, 21, 0,
- 0, 4, 6, 21, 21, 13, 11, 15
- } ;
-
-static yyconst short int yy_def[19] =
- { 0,
- 15, 1, 15, 16, 17, 15, 18, 15, 15, 16,
- 17, 18, 15, 15, 0, 15, 15, 15
- } ;
-
-static yyconst short int yy_nxt[30] =
- { 0,
- 4, 5, 6, 5, 7, 4, 8, 9, 14, 13,
- 12, 12, 11, 10, 11, 12, 12, 13, 15, 12,
- 3, 15, 15, 15, 15, 15, 15, 15, 15
- } ;
-
-static yyconst short int yy_chk[30] =
- { 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 12, 12,
- 13, 13, 17, 16, 17, 18, 18, 7, 3, 18,
- 15, 15, 15, 15, 15, 15, 15, 15, 15
- } ;
-
-static yy_state_type yy_last_accepting_state;
-static char *yy_last_accepting_cpos;
-
-/* The intent behind this definition is that it'll catch
- * any uses of REJECT which flex missed.
- */
-#define REJECT reject_used_but_not_detected
-#define yymore() yymore_used_but_not_detected
-#define YY_MORE_ADJ 0
-#define YY_RESTORE_YY_MORE_OFFSET
-char *yytext;
-#line 1 "installparse.l"
-#define INITIAL 0
-/* lex file for analyzing PKCS #11 Module installation instructions */
-/*----------------------------- Definitions ---------------------------*/
-#line 5 "installparse.l"
-#include <string.h>
-
-#include "install-ds.h" /* defines tokens and data structures */
-#include "installparse.h" /* produced by yacc -d */
-#include <prprf.h>
-static char *putSimpleString(char*); /* return copy of string */
-static char *putComplexString(char*); /* strip out quotes, deal with */
- /* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) { \
- char c; \
- int n; \
- for ( n = 0; n < max_size && \
- PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
- buf[n] = c; \
- } \
- if ( c == '\n' ) { \
- buf[n++] = c; \
- } \
- result = n; \
- } else { \
- result = PR_Read(Pk11Install_FD, buf, max_size); \
- }
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
- backslashes must be backslash-escaped. Otherwise, anything goes. */
-/* Standard whitespace */
-/*---------------------------- Actions --------------------------------*/
-#line 437 "lex.Pk11Install_yy.cpp"
-
-/* Macros after this point can all be overridden by user definitions in
- * section 1.
- */
-
-#ifndef YY_SKIP_YYWRAP
-#ifdef __cplusplus
-extern "C" int yywrap YY_PROTO(( void ));
-#else
-extern int yywrap YY_PROTO(( void ));
-#endif
-#endif
-
-#ifndef YY_NO_UNPUT
-static void yyunput YY_PROTO(( int c, char *buf_ptr ));
-#endif
-
-#ifndef yytext_ptr
-static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int ));
-#endif
-
-#ifdef YY_NEED_STRLEN
-static int yy_flex_strlen YY_PROTO(( yyconst char * ));
-#endif
-
-#ifndef YY_NO_INPUT
-#ifdef __cplusplus
-static int yyinput YY_PROTO(( void ));
-#else
-static int input YY_PROTO(( void ));
-#endif
-#endif
-
-#if YY_STACK_USED
-static int yy_start_stack_ptr = 0;
-static int yy_start_stack_depth = 0;
-static int *yy_start_stack = 0;
-#ifndef YY_NO_PUSH_STATE
-static void yy_push_state YY_PROTO(( int new_state ));
-#endif
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state YY_PROTO(( void ));
-#endif
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state YY_PROTO(( void ));
-#endif
-
-#else
-#define YY_NO_PUSH_STATE 1
-#define YY_NO_POP_STATE 1
-#define YY_NO_TOP_STATE 1
-#endif
-
-#ifdef YY_MALLOC_DECL
-YY_MALLOC_DECL
-#else
-#if __STDC__
-#ifndef __cplusplus
-#include <stdlib.h>
-#endif
-#else
-/* Just try to get by without declaring the routines. This will fail
- * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
- * or sizeof(void*) != sizeof(int).
- */
-#endif
-#endif
-
-/* Amount of stuff to slurp up with each read. */
-#ifndef YY_READ_BUF_SIZE
-#define YY_READ_BUF_SIZE 8192
-#endif
-
-/* Copy whatever the last rule matched to the standard output. */
-
-#ifndef ECHO
-/* This used to be an fputs(), but since the string might contain NUL's,
- * we now use fwrite().
- */
-#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
-#endif
-
-/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
- * is returned in "result".
- */
-#ifndef YY_INPUT
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) \
- { \
- int c = '*', n; \
- for ( n = 0; n < max_size && \
- (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
- buf[n] = (char) c; \
- if ( c == '\n' ) \
- buf[n++] = (char) c; \
- if ( c == EOF && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" ); \
- result = n; \
- } \
- else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
- && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" );
-#endif
-
-/* No semi-colon after return; correct usage is to write "yyterminate();" -
- * we don't want an extra ';' after the "return" because that will cause
- * some compilers to complain about unreachable statements.
- */
-#ifndef yyterminate
-#define yyterminate() return YY_NULL
-#endif
-
-/* Number of entries by which start-condition stack grows. */
-#ifndef YY_START_STACK_INCR
-#define YY_START_STACK_INCR 25
-#endif
-
-/* Report a fatal error. */
-#ifndef YY_FATAL_ERROR
-#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
-#endif
-
-/* Default declaration of generated scanner - a define so the user can
- * easily add parameters.
- */
-#ifndef YY_DECL
-#define YY_DECL int yylex YY_PROTO(( void ))
-#endif
-
-/* Code executed at the beginning of each rule, after yytext and yyleng
- * have been set up.
- */
-#ifndef YY_USER_ACTION
-#define YY_USER_ACTION
-#endif
-
-/* Code executed at the end of each rule. */
-#ifndef YY_BREAK
-#define YY_BREAK break;
-#endif
-
-#define YY_RULE_SETUP \
- YY_USER_ACTION
-
-YY_DECL
- {
- register yy_state_type yy_current_state;
- register char *yy_cp, *yy_bp;
- register int yy_act;
-
-#line 60 "installparse.l"
-
-
-#line 591 "lex.Pk11Install_yy.cpp"
-
- if ( yy_init )
- {
- yy_init = 0;
-
-#ifdef YY_USER_INIT
- YY_USER_INIT;
-#endif
-
- if ( ! yy_start )
- yy_start = 1; /* first start state */
-
- if ( ! yyin )
- yyin = stdin;
-
- if ( ! yyout )
- yyout = stdout;
-
- if ( ! yy_current_buffer )
- yy_current_buffer =
- yy_create_buffer( yyin, YY_BUF_SIZE );
-
- yy_load_buffer_state();
- }
-
- while ( 1 ) /* loops until end-of-file is reached */
- {
- yy_cp = yy_c_buf_p;
-
- /* Support of yytext. */
- *yy_cp = yy_hold_char;
-
- /* yy_bp points to the position in yy_ch_buf of the start of
- * the current run.
- */
- yy_bp = yy_cp;
-
- yy_current_state = yy_start;
-yy_match:
- do
- {
- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- ++yy_cp;
- }
- while ( yy_base[yy_current_state] != 21 );
-
-yy_find_action:
- yy_act = yy_accept[yy_current_state];
- if ( yy_act == 0 )
- { /* have to back up */
- yy_cp = yy_last_accepting_cpos;
- yy_current_state = yy_last_accepting_state;
- yy_act = yy_accept[yy_current_state];
- }
-
- YY_DO_BEFORE_ACTION;
-
-
-do_action: /* This label is used only to access EOF actions. */
-
-
- switch ( yy_act )
- { /* beginning of action switch */
- case 0: /* must back up */
- /* undo the effects of YY_DO_BEFORE_ACTION */
- *yy_cp = yy_hold_char;
- yy_cp = yy_last_accepting_cpos;
- yy_current_state = yy_last_accepting_state;
- goto yy_find_action;
-
-case 1:
-YY_RULE_SETUP
-#line 62 "installparse.l"
-return OPENBRACE;
- YY_BREAK
-case 2:
-YY_RULE_SETUP
-#line 63 "installparse.l"
-return CLOSEBRACE;
- YY_BREAK
-case 3:
-YY_RULE_SETUP
-#line 64 "installparse.l"
-{Pk11Install_yylval.string =
- putSimpleString(Pk11Install_yytext);
- return STRING;}
- YY_BREAK
-case 4:
-YY_RULE_SETUP
-#line 67 "installparse.l"
-{Pk11Install_yylval.string =
- putComplexString(Pk11Install_yytext);
- return STRING;}
- YY_BREAK
-case 5:
-YY_RULE_SETUP
-#line 71 "installparse.l"
-Pk11Install_yylinenum++;
- YY_BREAK
-case 6:
-YY_RULE_SETUP
-#line 73 "installparse.l"
-;
- YY_BREAK
-case 7:
-YY_RULE_SETUP
-#line 75 "installparse.l"
-{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
- Pk11Install_yyerror(err);
- PR_smprintf_free(err);
- return 1;
- }
- YY_BREAK
-case 8:
-YY_RULE_SETUP
-#line 81 "installparse.l"
-ECHO;
- YY_BREAK
-#line 722 "lex.Pk11Install_yy.cpp"
-case YY_STATE_EOF(INITIAL):
- yyterminate();
-
- case YY_END_OF_BUFFER:
- {
- /* Amount of text matched not including the EOB char. */
- int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1;
-
- /* Undo the effects of YY_DO_BEFORE_ACTION. */
- *yy_cp = yy_hold_char;
- YY_RESTORE_YY_MORE_OFFSET
-
- if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW )
- {
- /* We're scanning a new file or input source. It's
- * possible that this happened because the user
- * just pointed yyin at a new source and called
- * yylex(). If so, then we have to assure
- * consistency between yy_current_buffer and our
- * globals. Here is the right place to do so, because
- * this is the first action (other than possibly a
- * back-up) that will match for the new input source.
- */
- yy_n_chars = yy_current_buffer->yy_n_chars;
- yy_current_buffer->yy_input_file = yyin;
- yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
- }
-
- /* Note that here we test for yy_c_buf_p "<=" to the position
- * of the first EOB in the buffer, since yy_c_buf_p will
- * already have been incremented past the NUL character
- * (since all states make transitions on EOB to the
- * end-of-buffer state). Contrast this with the test
- * in input().
- */
- if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] )
- { /* This was really a NUL. */
- yy_state_type yy_next_state;
-
- yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
-
- yy_current_state = yy_get_previous_state();
-
- /* Okay, we're now positioned to make the NUL
- * transition. We couldn't have
- * yy_get_previous_state() go ahead and do it
- * for us because it doesn't know how to deal
- * with the possibility of jamming (and we don't
- * want to build jamming into it because then it
- * will run more slowly).
- */
-
- yy_next_state = yy_try_NUL_trans( yy_current_state );
-
- yy_bp = yytext_ptr + YY_MORE_ADJ;
-
- if ( yy_next_state )
- {
- /* Consume the NUL. */
- yy_cp = ++yy_c_buf_p;
- yy_current_state = yy_next_state;
- goto yy_match;
- }
-
- else
- {
- yy_cp = yy_c_buf_p;
- goto yy_find_action;
- }
- }
-
- else switch ( yy_get_next_buffer() )
- {
- case EOB_ACT_END_OF_FILE:
- {
- yy_did_buffer_switch_on_eof = 0;
-
- if ( yywrap() )
- {
- /* Note: because we've taken care in
- * yy_get_next_buffer() to have set up
- * yytext, we can now set up
- * yy_c_buf_p so that if some total
- * hoser (like flex itself) wants to
- * call the scanner after we return the
- * YY_NULL, it'll still work - another
- * YY_NULL will get returned.
- */
- yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
-
- yy_act = YY_STATE_EOF(YY_START);
- goto do_action;
- }
-
- else
- {
- if ( ! yy_did_buffer_switch_on_eof )
- YY_NEW_FILE;
- }
- break;
- }
-
- case EOB_ACT_CONTINUE_SCAN:
- yy_c_buf_p =
- yytext_ptr + yy_amount_of_matched_text;
-
- yy_current_state = yy_get_previous_state();
-
- yy_cp = yy_c_buf_p;
- yy_bp = yytext_ptr + YY_MORE_ADJ;
- goto yy_match;
-
- case EOB_ACT_LAST_MATCH:
- yy_c_buf_p =
- &yy_current_buffer->yy_ch_buf[yy_n_chars];
-
- yy_current_state = yy_get_previous_state();
-
- yy_cp = yy_c_buf_p;
- yy_bp = yytext_ptr + YY_MORE_ADJ;
- goto yy_find_action;
- }
- break;
- }
-
- default:
- YY_FATAL_ERROR(
- "fatal flex scanner internal error--no action found" );
- } /* end of action switch */
- } /* end of scanning one token */
- } /* end of yylex */
-
-
-/* yy_get_next_buffer - try to read in a new buffer
- *
- * Returns a code representing an action:
- * EOB_ACT_LAST_MATCH -
- * EOB_ACT_CONTINUE_SCAN - continue scanning from current position
- * EOB_ACT_END_OF_FILE - end of file
- */
-
-static int yy_get_next_buffer()
- {
- register char *dest = yy_current_buffer->yy_ch_buf;
- register char *source = yytext_ptr;
- register int number_to_move, i;
- int ret_val;
-
- if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] )
- YY_FATAL_ERROR(
- "fatal flex scanner internal error--end of buffer missed" );
-
- if ( yy_current_buffer->yy_fill_buffer == 0 )
- { /* Don't try to fill the buffer, so this is an EOF. */
- if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 )
- {
- /* We matched a single character, the EOB, so
- * treat this as a final EOF.
- */
- return EOB_ACT_END_OF_FILE;
- }
-
- else
- {
- /* We matched some text prior to the EOB, first
- * process it.
- */
- return EOB_ACT_LAST_MATCH;
- }
- }
-
- /* Try to read more data. */
-
- /* First move last chars to start of buffer. */
- number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
-
- for ( i = 0; i < number_to_move; ++i )
- *(dest++) = *(source++);
-
- if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING )
- /* don't do the read, it's not guaranteed to return an EOF,
- * just force an EOF
- */
- yy_current_buffer->yy_n_chars = yy_n_chars = 0;
-
- else
- {
- int num_to_read =
- yy_current_buffer->yy_buf_size - number_to_move - 1;
-
- while ( num_to_read <= 0 )
- { /* Not enough room in the buffer - grow it. */
-#ifdef YY_USES_REJECT
- YY_FATAL_ERROR(
-"input buffer overflow, can't enlarge buffer because scanner uses REJECT" );
-#else
-
- /* just a shorter name for the current buffer */
- YY_BUFFER_STATE b = yy_current_buffer;
-
- int yy_c_buf_p_offset =
- (int) (yy_c_buf_p - b->yy_ch_buf);
-
- if ( b->yy_is_our_buffer )
- {
- int new_size = b->yy_buf_size * 2;
-
- if ( new_size <= 0 )
- b->yy_buf_size += b->yy_buf_size / 8;
- else
- b->yy_buf_size *= 2;
-
- b->yy_ch_buf = (char *)
- /* Include room in for 2 EOB chars. */
- yy_flex_realloc( (void *) b->yy_ch_buf,
- b->yy_buf_size + 2 );
- }
- else
- /* Can't grow it, we don't own it. */
- b->yy_ch_buf = 0;
-
- if ( ! b->yy_ch_buf )
- YY_FATAL_ERROR(
- "fatal error - scanner input buffer overflow" );
-
- yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
-
- num_to_read = yy_current_buffer->yy_buf_size -
- number_to_move - 1;
-#endif
- }
-
- if ( num_to_read > YY_READ_BUF_SIZE )
- num_to_read = YY_READ_BUF_SIZE;
-
- /* Read in more data. */
- YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]),
- yy_n_chars, num_to_read );
-
- yy_current_buffer->yy_n_chars = yy_n_chars;
- }
-
- if ( yy_n_chars == 0 )
- {
- if ( number_to_move == YY_MORE_ADJ )
- {
- ret_val = EOB_ACT_END_OF_FILE;
- yyrestart( yyin );
- }
-
- else
- {
- ret_val = EOB_ACT_LAST_MATCH;
- yy_current_buffer->yy_buffer_status =
- YY_BUFFER_EOF_PENDING;
- }
- }
-
- else
- ret_val = EOB_ACT_CONTINUE_SCAN;
-
- yy_n_chars += number_to_move;
- yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
- yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
-
- yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
-
- return ret_val;
- }
-
-
-/* yy_get_previous_state - get the state just before the EOB char was reached */
-
-static yy_state_type yy_get_previous_state()
- {
- register yy_state_type yy_current_state;
- register char *yy_cp;
-
- yy_current_state = yy_start;
-
- for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp )
- {
- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- }
-
- return yy_current_state;
- }
-
-
-/* yy_try_NUL_trans - try to make a transition on the NUL character
- *
- * synopsis
- * next_state = yy_try_NUL_trans( current_state );
- */
-
-#ifdef YY_USE_PROTOS
-static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state )
-#else
-static yy_state_type yy_try_NUL_trans( yy_current_state )
-yy_state_type yy_current_state;
-#endif
- {
- register int yy_is_jam;
- register char *yy_cp = yy_c_buf_p;
-
- register YY_CHAR yy_c = 1;
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- yy_is_jam = (yy_current_state == 15);
-
- return yy_is_jam ? 0 : yy_current_state;
- }
-
-
-#ifndef YY_NO_UNPUT
-#ifdef YY_USE_PROTOS
-static void yyunput( int c, register char *yy_bp )
-#else
-static void yyunput( c, yy_bp )
-int c;
-register char *yy_bp;
-#endif
- {
- register char *yy_cp = yy_c_buf_p;
-
- /* undo effects of setting up yytext */
- *yy_cp = yy_hold_char;
-
- if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
- { /* need to shift things up to make room */
- /* +2 for EOB chars. */
- register int number_to_move = yy_n_chars + 2;
- register char *dest = &yy_current_buffer->yy_ch_buf[
- yy_current_buffer->yy_buf_size + 2];
- register char *source =
- &yy_current_buffer->yy_ch_buf[number_to_move];
-
- while ( source > yy_current_buffer->yy_ch_buf )
- *--dest = *--source;
-
- yy_cp += (int) (dest - source);
- yy_bp += (int) (dest - source);
- yy_current_buffer->yy_n_chars =
- yy_n_chars = yy_current_buffer->yy_buf_size;
-
- if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
- YY_FATAL_ERROR( "flex scanner push-back overflow" );
- }
-
- *--yy_cp = (char) c;
-
-
- yytext_ptr = yy_bp;
- yy_hold_char = *yy_cp;
- yy_c_buf_p = yy_cp;
- }
-#endif /* ifndef YY_NO_UNPUT */
-
-
-#ifdef __cplusplus
-static int yyinput()
-#else
-static int input()
-#endif
- {
- int c;
-
- *yy_c_buf_p = yy_hold_char;
-
- if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR )
- {
- /* yy_c_buf_p now points to the character we want to return.
- * If this occurs *before* the EOB characters, then it's a
- * valid NUL; if not, then we've hit the end of the buffer.
- */
- if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] )
- /* This was really a NUL. */
- *yy_c_buf_p = '\0';
-
- else
- { /* need more input */
- int offset = yy_c_buf_p - yytext_ptr;
- ++yy_c_buf_p;
-
- switch ( yy_get_next_buffer() )
- {
- case EOB_ACT_LAST_MATCH:
- /* This happens because yy_g_n_b()
- * sees that we've accumulated a
- * token and flags that we need to
- * try matching the token before
- * proceeding. But for input(),
- * there's no matching to consider.
- * So convert the EOB_ACT_LAST_MATCH
- * to EOB_ACT_END_OF_FILE.
- */
-
- /* Reset buffer status. */
- yyrestart( yyin );
-
- /* fall through */
-
- case EOB_ACT_END_OF_FILE:
- {
- if ( yywrap() )
- return EOF;
-
- if ( ! yy_did_buffer_switch_on_eof )
- YY_NEW_FILE;
-#ifdef __cplusplus
- return yyinput();
-#else
- return input();
-#endif
- }
-
- case EOB_ACT_CONTINUE_SCAN:
- yy_c_buf_p = yytext_ptr + offset;
- break;
- }
- }
- }
-
- c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */
- *yy_c_buf_p = '\0'; /* preserve yytext */
- yy_hold_char = *++yy_c_buf_p;
-
-
- return c;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yyrestart( FILE *input_file )
-#else
-void yyrestart( input_file )
-FILE *input_file;
-#endif
- {
- if ( ! yy_current_buffer )
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE );
-
- yy_init_buffer( yy_current_buffer, input_file );
- yy_load_buffer_state();
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer )
-#else
-void yy_switch_to_buffer( new_buffer )
-YY_BUFFER_STATE new_buffer;
-#endif
- {
- if ( yy_current_buffer == new_buffer )
- return;
-
- if ( yy_current_buffer )
- {
- /* Flush out information for old buffer. */
- *yy_c_buf_p = yy_hold_char;
- yy_current_buffer->yy_buf_pos = yy_c_buf_p;
- yy_current_buffer->yy_n_chars = yy_n_chars;
- }
-
- yy_current_buffer = new_buffer;
- yy_load_buffer_state();
-
- /* We don't actually know whether we did this switch during
- * EOF (yywrap()) processing, but the only time this flag
- * is looked at is after yywrap() is called, so it's safe
- * to go ahead and always set it.
- */
- yy_did_buffer_switch_on_eof = 1;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_load_buffer_state( void )
-#else
-void yy_load_buffer_state()
-#endif
- {
- yy_n_chars = yy_current_buffer->yy_n_chars;
- yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
- yyin = yy_current_buffer->yy_input_file;
- yy_hold_char = *yy_c_buf_p;
- }
-
-
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_create_buffer( FILE *file, int size )
-#else
-YY_BUFFER_STATE yy_create_buffer( file, size )
-FILE *file;
-int size;
-#endif
- {
- YY_BUFFER_STATE b;
-
- b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
- if ( ! b )
- YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
- b->yy_buf_size = size;
-
- /* yy_ch_buf has to be 2 characters longer than the size given because
- * we need to put in 2 end-of-buffer characters.
- */
- b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 );
- if ( ! b->yy_ch_buf )
- YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
- b->yy_is_our_buffer = 1;
-
- yy_init_buffer( b, file );
-
- return b;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_delete_buffer( YY_BUFFER_STATE b )
-#else
-void yy_delete_buffer( b )
-YY_BUFFER_STATE b;
-#endif
- {
- if ( ! b )
- return;
-
- if ( b == yy_current_buffer )
- yy_current_buffer = (YY_BUFFER_STATE) 0;
-
- if ( b->yy_is_our_buffer )
- yy_flex_free( (void *) b->yy_ch_buf );
-
- yy_flex_free( (void *) b );
- }
-
-
-#ifndef YY_ALWAYS_INTERACTIVE
-#ifndef YY_NEVER_INTERACTIVE
-extern int isatty YY_PROTO(( int ));
-#endif
-#endif
-
-#ifdef YY_USE_PROTOS
-void yy_init_buffer( YY_BUFFER_STATE b, FILE *file )
-#else
-void yy_init_buffer( b, file )
-YY_BUFFER_STATE b;
-FILE *file;
-#endif
-
-
- {
- yy_flush_buffer( b );
-
- b->yy_input_file = file;
- b->yy_fill_buffer = 1;
-
-#if YY_ALWAYS_INTERACTIVE
- b->yy_is_interactive = 1;
-#else
-#if YY_NEVER_INTERACTIVE
- b->yy_is_interactive = 0;
-#else
- b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
-#endif
-#endif
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_flush_buffer( YY_BUFFER_STATE b )
-#else
-void yy_flush_buffer( b )
-YY_BUFFER_STATE b;
-#endif
-
- {
- if ( ! b )
- return;
-
- b->yy_n_chars = 0;
-
- /* We always need two end-of-buffer characters. The first causes
- * a transition to the end-of-buffer state. The second causes
- * a jam in that state.
- */
- b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
- b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
-
- b->yy_buf_pos = &b->yy_ch_buf[0];
-
- b->yy_at_bol = 1;
- b->yy_buffer_status = YY_BUFFER_NEW;
-
- if ( b == yy_current_buffer )
- yy_load_buffer_state();
- }
-
-
-#ifndef YY_NO_SCAN_BUFFER
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size )
-#else
-YY_BUFFER_STATE yy_scan_buffer( base, size )
-char *base;
-yy_size_t size;
-#endif
- {
- YY_BUFFER_STATE b;
-
- if ( size < 2 ||
- base[size-2] != YY_END_OF_BUFFER_CHAR ||
- base[size-1] != YY_END_OF_BUFFER_CHAR )
- /* They forgot to leave room for the EOB's. */
- return 0;
-
- b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
- if ( ! b )
- YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
-
- b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
- b->yy_buf_pos = b->yy_ch_buf = base;
- b->yy_is_our_buffer = 0;
- b->yy_input_file = 0;
- b->yy_n_chars = b->yy_buf_size;
- b->yy_is_interactive = 0;
- b->yy_at_bol = 1;
- b->yy_fill_buffer = 0;
- b->yy_buffer_status = YY_BUFFER_NEW;
-
- yy_switch_to_buffer( b );
-
- return b;
- }
-#endif
-
-
-#ifndef YY_NO_SCAN_STRING
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str )
-#else
-YY_BUFFER_STATE yy_scan_string( yy_str )
-yyconst char *yy_str;
-#endif
- {
- int len;
- for ( len = 0; yy_str[len]; ++len )
- ;
-
- return yy_scan_bytes( yy_str, len );
- }
-#endif
-
-
-#ifndef YY_NO_SCAN_BYTES
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len )
-#else
-YY_BUFFER_STATE yy_scan_bytes( bytes, len )
-yyconst char *bytes;
-int len;
-#endif
- {
- YY_BUFFER_STATE b;
- char *buf;
- yy_size_t n;
- int i;
-
- /* Get memory for full buffer, including space for trailing EOB's. */
- n = len + 2;
- buf = (char *) yy_flex_alloc( n );
- if ( ! buf )
- YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
-
- for ( i = 0; i < len; ++i )
- buf[i] = bytes[i];
-
- buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR;
-
- b = yy_scan_buffer( buf, n );
- if ( ! b )
- YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
-
- /* It's okay to grow etc. this buffer, and we should throw it
- * away when we're done.
- */
- b->yy_is_our_buffer = 1;
-
- return b;
- }
-#endif
-
-
-#ifndef YY_NO_PUSH_STATE
-#ifdef YY_USE_PROTOS
-static void yy_push_state( int new_state )
-#else
-static void yy_push_state( new_state )
-int new_state;
-#endif
- {
- if ( yy_start_stack_ptr >= yy_start_stack_depth )
- {
- yy_size_t new_size;
-
- yy_start_stack_depth += YY_START_STACK_INCR;
- new_size = yy_start_stack_depth * sizeof( int );
-
- if ( ! yy_start_stack )
- yy_start_stack = (int *) yy_flex_alloc( new_size );
-
- else
- yy_start_stack = (int *) yy_flex_realloc(
- (void *) yy_start_stack, new_size );
-
- if ( ! yy_start_stack )
- YY_FATAL_ERROR(
- "out of memory expanding start-condition stack" );
- }
-
- yy_start_stack[yy_start_stack_ptr++] = YY_START;
-
- BEGIN(new_state);
- }
-#endif
-
-
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state()
- {
- if ( --yy_start_stack_ptr < 0 )
- YY_FATAL_ERROR( "start-condition stack underflow" );
-
- BEGIN(yy_start_stack[yy_start_stack_ptr]);
- }
-#endif
-
-
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state()
- {
- return yy_start_stack[yy_start_stack_ptr - 1];
- }
-#endif
-
-#ifndef YY_EXIT_FAILURE
-#define YY_EXIT_FAILURE 2
-#endif
-
-#ifdef YY_USE_PROTOS
-static void yy_fatal_error( yyconst char msg[] )
-#else
-static void yy_fatal_error( msg )
-char msg[];
-#endif
- {
- (void) fprintf( stderr, "%s\n", msg );
- exit( YY_EXIT_FAILURE );
- }
-
-
-
-/* Redefine yyless() so it works in section 3 code. */
-
-#undef yyless
-#define yyless(n) \
- do \
- { \
- /* Undo effects of setting up yytext. */ \
- yytext[yyleng] = yy_hold_char; \
- yy_c_buf_p = yytext + n; \
- yy_hold_char = *yy_c_buf_p; \
- *yy_c_buf_p = '\0'; \
- yyleng = n; \
- } \
- while ( 0 )
-
-
-/* Internal utility routines. */
-
-#ifndef yytext_ptr
-#ifdef YY_USE_PROTOS
-static void yy_flex_strncpy( char *s1, yyconst char *s2, int n )
-#else
-static void yy_flex_strncpy( s1, s2, n )
-char *s1;
-yyconst char *s2;
-int n;
-#endif
- {
- register int i;
- for ( i = 0; i < n; ++i )
- s1[i] = s2[i];
- }
-#endif
-
-#ifdef YY_NEED_STRLEN
-#ifdef YY_USE_PROTOS
-static int yy_flex_strlen( yyconst char *s )
-#else
-static int yy_flex_strlen( s )
-yyconst char *s;
-#endif
- {
- register int n;
- for ( n = 0; s[n]; ++n )
- ;
-
- return n;
- }
-#endif
-
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_alloc( yy_size_t size )
-#else
-static void *yy_flex_alloc( size )
-yy_size_t size;
-#endif
- {
- return (void *) malloc( size );
- }
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_realloc( void *ptr, yy_size_t size )
-#else
-static void *yy_flex_realloc( ptr, size )
-void *ptr;
-yy_size_t size;
-#endif
- {
- /* The cast to (char *) in the following accommodates both
- * implementations that use char* generic pointers, and those
- * that use void* generic pointers. It works with the latter
- * because both ANSI C and C++ allow castless assignment from
- * any pointer type to void*, and deal with argument conversions
- * as though doing an assignment.
- */
- return (void *) realloc( (char *) ptr, size );
- }
-
-#ifdef YY_USE_PROTOS
-static void yy_flex_free( void *ptr )
-#else
-static void yy_flex_free( ptr )
-void *ptr;
-#endif
- {
- free( ptr );
- }
-
-#if YY_MAIN
-int main()
- {
- yylex();
- return 0;
- }
-#endif
-#line 81 "installparse.l"
-
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
- This function assumes that what is passed in is actually a complex
- string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
- int size, i,j;
- char *tmp;
-
- if(!str) {
- return NULL;
- }
- size = strlen(str);
-
- /* Allocate the new space. This string will actually be too big,
- since quotes and backslashes will be stripped out. But that's ok. */
- tmp = (char*) PR_Malloc(size+1);
-
- /* Copy it over */
- for(i=0, j=0; i < size; i++) {
- if(str[i]=='\"') {
- continue; /* skip un-escaped quotes */
- } else if(str[i]=='\\') {
- ++i; /* escaped character. skip the backslash */
- }
- tmp[j++] = str[i];
- }
- tmp[j] = '\0';
-
- return tmp;
-}
diff --git a/security/nss/cmd/modutil/manifest.mn b/security/nss/cmd/modutil/manifest.mn
deleted file mode 100644
index b9ff7dc18..000000000
--- a/security/nss/cmd/modutil/manifest.mn
+++ /dev/null
@@ -1,62 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = sectools
-
-EXPORTS =
-
-CSRCS = modutil.c \
- pk11.c \
- instsec.c \
- install.c \
- installparse.c \
- install-ds.c \
- lex.Pk11Install_yy.c \
- $(NULL)
-
-CPPSRCS =
-
-PROGRAM = modutil
-
-REQUIRES = seccmd nss dbm
-
-DEFINES = -DNSPR20
-
-# sigh
-#INCLUDES += -I$(CORE_DEPTH)/nss/lib/pk11wrap
-
-# USE_STATIC_LIBS = 1
-
-EXTRA_LIBS = $(JAR_LIBS)
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
deleted file mode 100644
index ba67ffa3c..000000000
--- a/security/nss/cmd/modutil/modutil.c
+++ /dev/null
@@ -1,999 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "modutil.h"
-#include "install.h"
-#include <plstr.h>
-#include "secrng.h"
-#include "certdb.h" /* for CERT_DB_FILE_VERSION */
-#include "nss.h"
-
-static void install_error(char *message);
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-static char *progName;
-
-
-/* This enum must be kept in sync with the commandNames list */
-typedef enum {
- NO_COMMAND,
- ADD_COMMAND,
- CHANGEPW_COMMAND,
- CREATE_COMMAND,
- DEFAULT_COMMAND,
- DELETE_COMMAND,
- DISABLE_COMMAND,
- ENABLE_COMMAND,
- FIPS_COMMAND,
- JAR_COMMAND,
- LIST_COMMAND,
- RAW_LIST_COMMAND,
- RAW_ADD_COMMAND,
- CHKFIPS_COMMAND,
- UNDEFAULT_COMMAND
-} Command;
-
-/* This list must be kept in sync with the Command enum */
-static char *commandNames[] = {
- "(no command)",
- "-add",
- "-changepw",
- "-create",
- "-default",
- "-delete",
- "-disable",
- "-enable",
- "-fips",
- "-jar",
- "-list",
- "-rawlist",
- "-rawadd",
- "-chkfips",
- "-undefault"
-};
-
-
-/* this enum must be kept in sync with the optionStrings list */
-typedef enum {
- ADD_ARG=0,
- RAW_ADD_ARG,
- CHANGEPW_ARG,
- CIPHERS_ARG,
- CREATE_ARG,
- DBDIR_ARG,
- DBPREFIX_ARG,
- DEFAULT_ARG,
- DELETE_ARG,
- DISABLE_ARG,
- ENABLE_ARG,
- FIPS_ARG,
- FORCE_ARG,
- JAR_ARG,
- LIBFILE_ARG,
- LIST_ARG,
- RAW_LIST_ARG,
- MECHANISMS_ARG,
- NEWPWFILE_ARG,
- PWFILE_ARG,
- SLOT_ARG,
- UNDEFAULT_ARG,
- INSTALLDIR_ARG,
- TEMPDIR_ARG,
- SECMOD_ARG,
- NOCERTDB_ARG,
- STRING_ARG,
- CHKFIPS_ARG,
-
- NUM_ARGS /* must be last */
-} Arg;
-
-/* This list must be kept in sync with the Arg enum */
-static char *optionStrings[] = {
- "-add",
- "-rawadd",
- "-changepw",
- "-ciphers",
- "-create",
- "-dbdir",
- "-dbprefix",
- "-default",
- "-delete",
- "-disable",
- "-enable",
- "-fips",
- "-force",
- "-jar",
- "-libfile",
- "-list",
- "-rawlist",
- "-mechanisms",
- "-newpwfile",
- "-pwfile",
- "-slot",
- "-undefault",
- "-installdir",
- "-tempdir",
- "-secmod",
- "-nocertdb",
- "-string",
- "-chkfips",
-};
-
-/* Increment i if doing so would have i still be less than j. If you
- are able to do this, return 0. Otherwise return 1. */
-#define TRY_INC(i,j) ( ((i+1)<j) ? (++i, 0) : 1 )
-
-/********************************************************************
- *
- * file-wide variables obtained from the command line
- */
-static Command command = NO_COMMAND;
-static char* pwFile = NULL;
-static char* newpwFile = NULL;
-static char* moduleName = NULL;
-static char* moduleSpec = NULL;
-static char* slotName = NULL;
-static char* secmodName = NULL;
-static char* tokenName = NULL;
-static char* libFile = NULL;
-static char* dbdir = NULL;
-static char* dbprefix = "";
-static char* secmodString = NULL;
-static char* mechanisms = NULL;
-static char* ciphers = NULL;
-static char* fipsArg = NULL;
-static char* jarFile = NULL;
-static char* installDir = NULL;
-static char* tempDir = NULL;
-static short force = 0;
-static PRBool nocertdb = PR_FALSE;
-
-/*******************************************************************
- *
- * p a r s e _ a r g s
- */
-static Error
-parse_args(int argc, char *argv[])
-{
- int i;
- char *arg;
- int optionType;
-
- /* Loop over all arguments */
- for(i=1; i < argc; i++) {
- arg = argv[i];
-
- /* Make sure this is an option and not some floating argument */
- if(arg[0] != '-') {
- PR_fprintf(PR_STDERR, errStrings[UNEXPECTED_ARG_ERR], argv[i]);
- return UNEXPECTED_ARG_ERR;
- }
-
- /* Find which option this is */
- for(optionType=0; optionType < NUM_ARGS; optionType++) {
- if(! strcmp(arg, optionStrings[optionType])) {
- break;
- }
- }
-
- /* Deal with this specific option */
- switch(optionType) {
- case NUM_ARGS:
- default:
- PR_fprintf(PR_STDERR, errStrings[UNKNOWN_OPTION_ERR], arg);
- return UNKNOWN_OPTION_ERR;
- break;
- case ADD_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = ADD_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case CHANGEPW_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = CHANGEPW_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- tokenName = argv[i];
- break;
- case CIPHERS_ARG:
- if(ciphers != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- ciphers = argv[i];
- break;
- case CREATE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = CREATE_COMMAND;
- break;
- case DBDIR_ARG:
- if(dbdir != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- dbdir = argv[i];
- break;
- case DBPREFIX_ARG:
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- dbprefix = argv[i];
- break;
- case UNDEFAULT_ARG:
- case DEFAULT_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- if(optionType == DEFAULT_ARG) {
- command = DEFAULT_COMMAND;
- } else {
- command = UNDEFAULT_COMMAND;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case DELETE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = DELETE_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case DISABLE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = DISABLE_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case ENABLE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = ENABLE_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case FIPS_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = FIPS_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- fipsArg = argv[i];
- break;
- case CHKFIPS_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = CHKFIPS_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- fipsArg = argv[i];
- break;
- case FORCE_ARG:
- force = 1;
- break;
- case NOCERTDB_ARG:
- nocertdb = PR_TRUE;
- break;
- case INSTALLDIR_ARG:
- if(installDir != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- installDir = argv[i];
- break;
- case TEMPDIR_ARG:
- if(tempDir != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- tempDir = argv[i];
- break;
- case JAR_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = JAR_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- jarFile = argv[i];
- break;
- case LIBFILE_ARG:
- if(libFile != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- libFile = argv[i];
- break;
- case LIST_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = LIST_COMMAND;
- /* This option may or may not have an argument */
- if( (i+1 < argc) && (argv[i+1][0] != '-') ) {
- moduleName = argv[++i];
- }
- break;
- case RAW_LIST_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = RAW_LIST_COMMAND;
- /* This option may or may not have an argument */
- if( (i+1 < argc) && (argv[i+1][0] != '-') ) {
- moduleName = argv[++i];
- }
- break;
- case RAW_ADD_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = RAW_ADD_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleSpec = argv[i];
- break;
- case MECHANISMS_ARG:
- if(mechanisms != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- mechanisms = argv[i];
- break;
- case NEWPWFILE_ARG:
- if(newpwFile != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- newpwFile = argv[i];
- break;
- case PWFILE_ARG:
- if(pwFile != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- pwFile = argv[i];
- break;
- case SLOT_ARG:
- if(slotName != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- slotName = argv[i];
- break;
- case SECMOD_ARG:
- if(secmodName != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- secmodName = argv[i];
- break;
- case STRING_ARG:
- if(secmodString != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- secmodString = argv[i];
- break;
- }
- }
- return SUCCESS;
-}
-
-/************************************************************************
- *
- * v e r i f y _ p a r a m s
- */
-static Error
-verify_params()
-{
- switch(command) {
- case ADD_COMMAND:
- if(libFile == NULL) {
- PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
- commandNames[ADD_COMMAND], optionStrings[LIBFILE_ARG]);
- return MISSING_PARAM_ERR;
- }
- break;
- case CHANGEPW_COMMAND:
- break;
- case CREATE_COMMAND:
- break;
- case DELETE_COMMAND:
- break;
- case DISABLE_COMMAND:
- break;
- case ENABLE_COMMAND:
- break;
- case FIPS_COMMAND:
- case CHKFIPS_COMMAND:
- if(PL_strcasecmp(fipsArg, "true") &&
- PL_strcasecmp(fipsArg, "false")) {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
- break;
- case JAR_COMMAND:
- if(installDir == NULL) {
- PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
- commandNames[JAR_COMMAND], optionStrings[INSTALLDIR_ARG]);
- return MISSING_PARAM_ERR;
- }
- break;
- case LIST_COMMAND:
- case RAW_LIST_COMMAND:
- break;
- case RAW_ADD_COMMAND:
- break;
- case UNDEFAULT_COMMAND:
- case DEFAULT_COMMAND:
- if(mechanisms == NULL) {
- PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
- commandNames[command], optionStrings[MECHANISMS_ARG]);
- return MISSING_PARAM_ERR;
- }
- break;
- default:
- /* Ignore this here */
- break;
- }
-
- return SUCCESS;
-}
-
-/********************************************************************
- *
- * i n i t _ c r y p t o
- *
- * Does crypto initialization that all commands will require.
- * If -nocertdb option is specified, don't open key or cert db (we don't
- * need them if we aren't going to be verifying signatures). This is
- * because serverland doesn't always have cert and key database files
- * available.
- */
-static Error
-init_crypto(PRBool create, PRBool readOnly)
-{
- char *dir;
-#ifdef notdef
- char *moddbname=NULL, *keydbname, *certdbname;
- PRBool free_moddbname = PR_FALSE;
-#endif
- Error retval;
- SECStatus rv;
- PRUint32 flags = 0;
-
- if (secmodName == NULL) {
- secmodName = "secmod.db";
- }
-
- if(SECU_ConfigDirectory(dbdir)[0] == '\0') {
- PR_fprintf(PR_STDERR, errStrings[NO_DBDIR_ERR]);
- retval=NO_DBDIR_ERR;
- goto loser;
- }
- dir = SECU_ConfigDirectory(NULL);
-
- /* Make sure db directory exists and is readable */
- if(PR_Access(dir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dir);
- retval = DIR_DOESNT_EXIST_ERR;
- goto loser;
- } else if(PR_Access(dir, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dir);
- retval = DIR_NOT_READABLE_ERR;
- goto loser;
- }
-
- /* Check for the proper permissions on databases */
- if(create) {
- /* Make sure dbs don't already exist, and the directory is
- writeable */
-#ifdef notdef
- if(PR_Access(moddbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],
- moddbname);
- retval=FILE_ALREADY_EXISTS_ERR;
- goto loser;
- } else if(PR_Access(keydbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR], keydbname);
- retval=FILE_ALREADY_EXISTS_ERR;
- goto loser;
- } else if(PR_Access(certdbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],certdbname);
- retval=FILE_ALREADY_EXISTS_ERR;
- goto loser;
- } else
-#endif
- if(PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dir);
- retval=DIR_NOT_WRITEABLE_ERR;
- goto loser;
- }
- } else {
-#ifdef notdef
- /* Make sure dbs are readable and writeable */
- if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-#ifndef XP_PC
- /* in serverland, they always use secmod.db, even on UNIX. Try
- this */
- moddbname = PR_smprintf("%s/secmod.db", dir);
- free_moddbname = PR_TRUE;
- if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-#endif
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], moddbname);
- retval=FILE_NOT_READABLE_ERR;
- goto loser;
-#ifndef XP_PC
- }
-#endif
- }
- if(!nocertdb) { /* don't open cert and key db if -nocertdb */
- if(PR_Access(keydbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
- keydbname);
- retval=FILE_NOT_READABLE_ERR;
- goto loser;
- }
- if(PR_Access(certdbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
- certdbname);
- retval=FILE_NOT_READABLE_ERR;
- goto loser;
- }
- }
-#endif
-
- /* Check for write access if we'll be making changes */
- if( !readOnly ) {
-#ifdef notdef
- if(PR_Access(moddbname, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- moddbname);
- retval=FILE_NOT_WRITEABLE_ERR;
- goto loser;
- }
- if(!nocertdb) { /* don't open key and cert db if -nocertdb */
- if(PR_Access(keydbname, PR_ACCESS_WRITE_OK)
- != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- keydbname);
- retval=FILE_NOT_WRITEABLE_ERR;
- goto loser;
- }
- if(PR_Access(certdbname, PR_ACCESS_WRITE_OK)
- != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- certdbname);
- retval=FILE_NOT_WRITEABLE_ERR;
- goto loser;
- }
- }
-#endif
- }
- PR_fprintf(PR_STDOUT, msgStrings[USING_DBDIR_MSG],
- SECU_ConfigDirectory(NULL));
- }
-
- /* Open/create key database */
- flags = 0;
- if (readOnly) flags |= NSS_INIT_READONLY;
- if (nocertdb) flags |= NSS_INIT_NOCERTDB;
- rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix,
- secmodName, flags);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- retval=NSS_INITIALIZE_FAILED_ERR;
- goto loser;
- }
-
- retval=SUCCESS;
-loser:
-#ifdef notdef
- if(free_moddbname) {
- PR_Free(moddbname);
- }
-#endif
- return retval;
-}
-
-/*************************************************************************
- *
- * u s a g e
- */
-static void
-usage()
-{
- PR_fprintf(PR_STDOUT,
-"\nNetscape Cryptographic Module Utility\n"
-"Usage: modutil [command] [options]\n\n"
-" COMMANDS\n"
-"---------------------------------------------------------------------------\n"
-"-add MODULE_NAME Add the named module to the module database\n"
-" -libfile LIBRARY_FILE The name of the file (.so or .dll)\n"
-" containing the implementation of PKCS #11\n"
-" [-ciphers CIPHER_LIST] Enable the given ciphers on this module\n"
-" [-mechanisms MECHANISM_LIST] Make the module a default provider of the\n"
-" given mechanisms\n"
-" [-string CONFIG_STRING] Pass a configuration string to this module\n"
-"-changepw TOKEN Change the password on the named token\n"
-" [-pwfile FILE] The old password is in this file\n"
-" [-newpwfile FILE] The new password is in this file\n"
-"-create Create a new set of security databases\n"
-"-default MODULE Make the given module a default provider\n"
-" -mechanisms MECHANISM_LIST of the given mechanisms\n"
-" [-slot SLOT] limit change to only the given slot\n"
-"-delete MODULE Remove the named module from the module\n"
-" database\n"
-"-disable MODULE Disable the named module\n"
-" [-slot SLOT] Disable only the named slot on the module\n"
-"-enable MODULE Enable the named module\n"
-" [-slot SLOT] Enable only the named slot on the module\n"
-"-fips [ true | false ] If true, enable FIPS mode. If false,\n"
-" disable FIPS mode\n"
-"-force Do not run interactively\n"
-"-jar JARFILE Install a PKCS #11 module from the given\n"
-" JAR file in the PKCS #11 JAR format\n"
-" -installdir DIR Use DIR as the root directory of the\n"
-" installation\n"
-" [-tempdir DIR] Use DIR as the temporary installation\n"
-" directory. If not specified, the current\n"
-" directory is used\n"
-"-list [MODULE] Lists information about the specified module\n"
-" or about all modules if none is specified\n"
-"-chkfips [ true | false ] If true, verify FIPS mode. If false,\n"
-" verify not FIPS mode\n"
-"-undefault MODULE The given module is NOT a default provider\n"
-" -mechanisms MECHANISM_LIST of the listed mechanisms\n"
-" [-slot SLOT] limit change to only the given slot\n"
-"---------------------------------------------------------------------------\n"
-"\n"
-" OPTIONS\n"
-"---------------------------------------------------------------------------\n"
-"-dbdir DIR Directory DIR contains the security databases\n"
-"-dbprefix prefix Prefix for the security databases\n"
-"-nocertdb Do not load certificate or key databases. No\n"
-" verification will be performed on JAR files.\n"
-"-secmod secmodName Name of the security modules file\n"
-"---------------------------------------------------------------------------\n"
-"\n"
-"Mechanism lists are colon-separated. The following mechanisms are recognized:\n"
-"RSA, DSA, RC2, RC4, RC5, DES, DH, FORTEZZA, SHA1, MD5, MD2, SSL, TLS, RANDOM,\n"
-" FRIENDLY\n"
-"\n"
-"Cipher lists are colon-separated. The following ciphers are recognized:\n"
-"FORTEZZA\n"
-"\nQuestions or bug reports should be sent to modutil-support@netscape.com.\n"
-);
-
-}
-
-/*************************************************************************
- *
- * m a i n
- */
-int
-main(int argc, char *argv[])
-{
- int errcode = SUCCESS;
- PRBool createdb, readOnly;
-#define STDINBUF_SIZE 80
- char stdinbuf[STDINBUF_SIZE];
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
-
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- if(parse_args(argc, argv) != SUCCESS) {
- usage();
- errcode = INVALID_USAGE_ERR;
- goto loser;
- }
-
- if(verify_params() != SUCCESS) {
- usage();
- errcode = INVALID_USAGE_ERR;
- goto loser;
- }
-
- if(command==NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[NO_COMMAND_ERR]);
- usage();
- errcode = INVALID_USAGE_ERR;
- goto loser;
- }
-
- if ((command == RAW_LIST_COMMAND) || (command == RAW_ADD_COMMAND)) {
- if(!moduleName) {
- char *readOnlyStr, *noCertDBStr, *sep;
- if (!secmodName) secmodName="secmod.db";
- if (!dbprefix) dbprefix = "";
- sep = ((command == RAW_LIST_COMMAND) && nocertdb) ? "," : " ";
- readOnlyStr = (command == RAW_LIST_COMMAND) ? "readOnly" : "" ;
- noCertDBStr = nocertdb ? "noCertDB" : "";
- SECU_ConfigDirectory(dbdir);
-
- moduleName=PR_smprintf("name=\"NSS default Module DB\" parameters=\"configdir=%s certPrefix=%s keyPrefix=%s secmod=%s flags=%s%s%s\" NSS=\"flags=internal,moduleDB,moduleDBOnly,critical\"",
- SECU_ConfigDirectory(NULL),dbprefix, dbprefix,
- secmodName, readOnlyStr,sep, noCertDBStr);
- }
- if (command == RAW_LIST_COMMAND) {
- errcode = RawListModule(moduleName);
- } else {
- PORT_Assert(moduleSpec);
- errcode = RawAddModule(moduleName,moduleSpec);
- }
- goto loser;
- }
-
- /* Set up crypto stuff */
- createdb = command==CREATE_COMMAND;
- readOnly = ((command==LIST_COMMAND) || (command==CHKFIPS_COMMAND));
-
- /* Make sure browser is not running if we're writing to a database */
- /* Do this before initializing crypto */
- if(!readOnly && !force) {
- char *response;
-
- PR_fprintf(PR_STDOUT, msgStrings[BROWSER_RUNNING_MSG]);
- if( ! PR_fgets(stdinbuf, STDINBUF_SIZE, PR_STDIN)) {
- PR_fprintf(PR_STDERR, errStrings[STDIN_READ_ERR]);
- errcode = STDIN_READ_ERR;
- goto loser;
- }
- if( (response=strtok(stdinbuf, " \r\n\t")) ) {
- if(!PL_strcasecmp(response, "q")) {
- PR_fprintf(PR_STDOUT, msgStrings[ABORTING_MSG]);
- errcode = SUCCESS;
- goto loser;
- }
- }
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- errcode = init_crypto(createdb, readOnly);
- if( errcode != SUCCESS) {
- goto loser;
- }
-
-
- /* Execute the command */
- switch(command) {
- case ADD_COMMAND:
- errcode = AddModule(moduleName, libFile, ciphers, mechanisms, secmodString);
- break;
- case CHANGEPW_COMMAND:
- errcode = ChangePW(tokenName, pwFile, newpwFile);
- break;
- case CREATE_COMMAND:
- /* The work was already done in init_crypto() */
- break;
- case DEFAULT_COMMAND:
- errcode = SetDefaultModule(moduleName, slotName, mechanisms);
- break;
- case DELETE_COMMAND:
- errcode = DeleteModule(moduleName);
- break;
- case DISABLE_COMMAND:
- errcode = EnableModule(moduleName, slotName, PR_FALSE);
- break;
- case ENABLE_COMMAND:
- errcode = EnableModule(moduleName, slotName, PR_TRUE);
- break;
- case FIPS_COMMAND:
- errcode = FipsMode(fipsArg);
- break;
- case CHKFIPS_COMMAND:
- errcode = ChkFipsMode(fipsArg);
- break;
- case JAR_COMMAND:
- Pk11Install_SetErrorHandler(install_error);
- errcode = Pk11Install_DoInstall(jarFile, installDir, tempDir,
- PR_STDOUT, force, nocertdb);
- break;
- case LIST_COMMAND:
- if(moduleName) {
- errcode = ListModule(moduleName);
- } else {
- errcode = ListModules();
- }
- break;
- case UNDEFAULT_COMMAND:
- errcode = UnsetDefaultModule(moduleName, slotName, mechanisms);
- break;
- default:
- PR_fprintf(PR_STDERR, "This command is not supported yet.\n");
- errcode = INVALID_USAGE_ERR;
- break;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
-loser:
- PR_Cleanup();
- return errcode;
-}
-
-/************************************************************************
- *
- * i n s t a l l _ e r r o r
- *
- * Callback function to handle errors in PK11 JAR file installation.
- */
-static void
-install_error(char *message)
-{
- PR_fprintf(PR_STDERR, "Install error: %s\n", message);
-}
-
-/*************************************************************************
- *
- * o u t _ o f _ m e m o r y
- */
-void
-out_of_memory(void)
-{
- PR_fprintf(PR_STDERR, errStrings[OUT_OF_MEM_ERR]);
- exit(OUT_OF_MEM_ERR);
-}
-
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
diff --git a/security/nss/cmd/modutil/modutil.h b/security/nss/cmd/modutil/modutil.h
deleted file mode 100644
index e6a0eeb13..000000000
--- a/security/nss/cmd/modutil/modutil.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef MODUTIL_H
-#define MODUTIL_H
-
-#include <stdio.h>
-#include <prio.h>
-#include <prprf.h>
-#include <prinit.h>
-#include <prmem.h>
-#include <plarena.h>
-#include <string.h>
-#include <seccomon.h>
-#include <secmod.h>
-#include <secutil.h>
-
-#include <prlock.h>
-
-#include "error.h"
-
-Error FipsMode(char *arg);
-Error ChkFipsMode(char *arg);
-Error AddModule(char *moduleName, char *libFile, char *ciphers,
- char *mechanisms, char* modparms);
-Error DeleteModule(char *moduleName);
-Error ListModule(char *moduleName);
-Error ListModules();
-Error ChangePW(char *tokenName, char *pwFile, char *newpwFile);
-Error EnableModule(char *moduleName, char *slotName, PRBool enable);
-Error RawAddModule(char *dbmodulespec, char *modulespec);
-Error RawListModule(char *modulespec);
-Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-void out_of_memory(void);
-
-#endif /*MODUTIL_H*/
diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c
deleted file mode 100644
index 5a4041169..000000000
--- a/security/nss/cmd/modutil/pk11.c
+++ /dev/null
@@ -1,919 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "modutil.h"
-/* #include "secmodti.h" */
-#include "pk11func.h"
-
-static PK11DefaultArrayEntry *pk11_DefaultArray = NULL;
-static int pk11_DefaultArraySize = 0;
-
-/*************************************************************************
- *
- * F i p s M o d e
- * If arg=="true", enable FIPS mode on the internal module. If arg=="false",
- * disable FIPS mode on the internal module.
- */
-Error
-FipsMode(char *arg)
-{
- char *internal_name;
-
- if(!PORT_Strcasecmp(arg, "true")) {
- if(!PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- if (!PK11_IsFIPS()) {
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]);
- return FIPS_ALREADY_ON_ERR;
- }
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- if (PK11_IsFIPS()) {
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]);
- return FIPS_ALREADY_OFF_ERR;
- }
- } else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
-
- return SUCCESS;
-}
-
-/*************************************************************************
- *
- * C h k F i p s M o d e
- * If arg=="true", verify FIPS mode is enabled on the internal module.
- * If arg=="false", verify FIPS mode is disabled on the internal module.
- */
-Error
-ChkFipsMode(char *arg)
-{
- if(!PORT_Strcasecmp(arg, "true")) {
- if (PK11_IsFIPS()) {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- return FIPS_SWITCH_FAILED_ERR;
- }
-
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(!PK11_IsFIPS()) {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- } else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
-
- return SUCCESS;
-}
-
-/************************************************************************
- * Cipher and Mechanism name-bitmask translation tables
- */
-
-typedef struct {
- char *name;
- unsigned long mask;
-} MaskString;
-
-static MaskString mechanismStrings[] = {
- {"RSA", PUBLIC_MECH_RSA_FLAG},
- {"DSA", PUBLIC_MECH_DSA_FLAG},
- {"RC2", PUBLIC_MECH_RC2_FLAG},
- {"RC4", PUBLIC_MECH_RC4_FLAG},
- {"RC5", PUBLIC_MECH_RC5_FLAG},
- {"DES", PUBLIC_MECH_DES_FLAG},
- {"DH", PUBLIC_MECH_DH_FLAG},
- {"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG},
- {"SHA1", PUBLIC_MECH_SHA1_FLAG},
- {"MD5", PUBLIC_MECH_MD5_FLAG},
- {"MD2", PUBLIC_MECH_MD2_FLAG},
- {"SSL", PUBLIC_MECH_SSL_FLAG},
- {"TLS", PUBLIC_MECH_TLS_FLAG},
- {"RANDOM", PUBLIC_MECH_RANDOM_FLAG},
- {"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG}
-};
-static int numMechanismStrings =
- sizeof(mechanismStrings) / sizeof(mechanismStrings[0]);
-
-static MaskString cipherStrings[] = {
- {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}
-};
-static int numCipherStrings =
- sizeof(cipherStrings) / sizeof(cipherStrings[0]);
-
-/* Maximum length of a colon-separated list of all the strings in an
- * array. */
-#define MAX_STRING_LIST_LEN 240 /* or less */
-
-/************************************************************************
- *
- * g e t F l a g s F r o m S t r i n g
- *
- * Parses a mechanism list passed on the command line and converts it
- * to an unsigned long bitmask.
- * string is a colon-separated string of constants
- * array is an array of MaskStrings.
- * elements is the number of elements in array.
- */
-static unsigned long
-getFlagsFromString(char *string, MaskString array[], int elements)
-{
- unsigned long ret = 0;
- short i = 0;
- char *cp;
- char *buf;
- char *end;
-
- if(!string || !string[0]) {
- return ret;
- }
-
- /* Make a temporary copy of the string */
- buf = PR_Malloc(strlen(string)+1);
- if(!buf) {
- out_of_memory();
- }
- strcpy(buf, string);
-
- /* Look at each element of the list passed in */
- for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) {
- /* Look at the string up to the next colon */
- end = strchr(cp, ':');
- if(end) {
- *end = '\0';
- }
-
- /* Find which element this is */
- for(i=0; i < elements; i++) {
- if( !PORT_Strcasecmp(cp, array[i].name) ) {
- break;
- }
- }
- if(i == elements) {
- /* Skip a bogus string, but print a warning message */
- PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp);
- continue;
- }
- ret |= array[i].mask;
- }
-
- PR_Free(buf);
- return ret;
-}
-
-/**********************************************************************
- *
- * g e t S t r i n g F r o m F l a g s
- *
- * The return string's memory is owned by this function. Copy it
- * if you need it permanently or you want to change it.
- */
-static char *
-getStringFromFlags(unsigned long flags, MaskString array[], int elements)
-{
- static char buf[MAX_STRING_LIST_LEN];
- int i;
- int count=0;
-
- buf[0] = '\0';
- for(i=0; i<elements; i++) {
- if( flags & array[i].mask ) {
- ++count;
- if(count!=1) {
- strcat(buf, ":");
- }
- strcat(buf, array[i].name);
- }
- }
- return buf;
-}
-
-/**********************************************************************
- *
- * A d d M o d u l e
- *
- * Add the named module, with the given library file, ciphers, and
- * default mechanism flags
- */
-Error
-AddModule(char *moduleName, char *libFile, char *cipherString,
- char *mechanismString, char* modparms)
-{
- unsigned long ciphers;
- unsigned long mechanisms;
- SECStatus status;
-
- mechanisms =
- getFlagsFromString(mechanismString, mechanismStrings,
- numMechanismStrings);
- ciphers =
- getFlagsFromString(cipherString, cipherStrings, numCipherStrings);
-
- status =
- SECMOD_AddNewModuleEx(moduleName, libFile,
- SECMOD_PubMechFlagstoInternal(mechanisms),
- SECMOD_PubCipherFlagstoInternal(ciphers),
- modparms, NULL );
-
- if(status != SECSuccess) {
- char* errtxt=NULL;
- PRInt32 copied = 0;
- if (PR_GetErrorTextLength()) {
- errtxt = PR_Malloc(PR_GetErrorTextLength());
- copied = PR_GetErrorText(errtxt);
- }
- if (copied && errtxt) {
- PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_STATUS_ERR], moduleName, errtxt);
- PR_Free(errtxt);
- }
- else {
- PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR], moduleName);
- }
- return ADD_MODULE_FAILED_ERR;
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[ADD_MODULE_SUCCESS_MSG], moduleName);
- return SUCCESS;
- }
-}
-
-/***********************************************************************
- *
- * D e l e t e M o d u l e
- *
- * Deletes the named module from the database.
- */
-Error
-DeleteModule(char *moduleName)
-{
- SECStatus status;
- int type;
-
- status = SECMOD_DeleteModule(moduleName, &type);
-
- if(status != SECSuccess) {
- if(type == SECMOD_FIPS || type == SECMOD_INTERNAL) {
- PR_fprintf(PR_STDERR, errStrings[DELETE_INTERNAL_ERR]);
- return DELETE_INTERNAL_ERR;
- } else {
- PR_fprintf(PR_STDERR, errStrings[DELETE_FAILED_ERR], moduleName);
- return DELETE_FAILED_ERR;
- }
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[DELETE_SUCCESS_MSG], moduleName);
- return SUCCESS;
-}
-
-/************************************************************************
- *
- * R a w L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-RawListModule(char *modulespec)
-{
- SECMODModule *module;
- char **moduleSpecList;
-
- module = SECMOD_LoadModule(modulespec,NULL,PR_FALSE);
- if (module == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- moduleSpecList = SECMOD_GetModuleSpecList(module);
-
- for ( ;*moduleSpecList; moduleSpecList++) {
- printf("%s\n",*moduleSpecList);
- }
-
- return SUCCESS;
-}
-
-Error
-RawAddModule(char *dbmodulespec, char *modulespec)
-{
- SECMODModule *module;
- SECMODModule *dbmodule;
-
-
- dbmodule = SECMOD_LoadModule(dbmodulespec,NULL,PR_TRUE);
- if (dbmodule == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- module = SECMOD_LoadModule(modulespec,dbmodule,PR_FALSE);
- if (module == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], modulespec);
- return UPDATE_MOD_FAILED_ERR;
- }
- return SUCCESS;
-}
-
-/************************************************************************
- *
- * L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-ListModules()
-{
- SECMODListLock *lock;
- SECMODModuleList *list;
- SECMODModuleList *mlp;
- Error ret=UNSPECIFIED_ERR;
- int count = 0, i;
-
- lock = SECMOD_GetDefaultModuleListLock();
- if(!lock) {
- PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
- return NO_LIST_LOCK_ERR;
- }
-
- SECMOD_GetReadLock(lock);
-
- list = SECMOD_GetDefaultModuleList();
- if(!list) {
- PR_fprintf(PR_STDERR, errStrings[NO_MODULE_LIST_ERR]);
- ret = NO_MODULE_LIST_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT,
- "\nListing of PKCS #11 Modules\n"
- "-----------------------------------------------------------\n");
-
- for(mlp=list; mlp != NULL; mlp = mlp->next) {
- ++count;
- if(count!=1) {
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- PR_fprintf(PR_STDOUT, "%3d. %s\n", count, mlp->module->commonName);
-
- if(mlp->module->dllName) {
- PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", mlp->module->dllName);
- }
-
- if(mlp->module->slotCount == 0) {
- PR_fprintf(PR_STDOUT,
- "\t slots: There are no slots attached to this module\n");
- } else {
- PR_fprintf(PR_STDOUT,
- "\t slots: %d slot%s attached\n", mlp->module->slotCount,
- (mlp->module->slotCount==1 ? "" : "s") );
- }
-
- if(mlp->module->loaded == 0) {
- PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n");
- } else {
- PR_fprintf(PR_STDOUT, "\tstatus: loaded\n");
- }
-
- /* Print slot and token names */
- for (i = 0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *slot = mlp->module->slots[i];
-
- PR_fprintf(PR_STDOUT, "\n");
- PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot));
- PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot));
- }
- }
-
- PR_fprintf(PR_STDOUT,
- "-----------------------------------------------------------\n");
-
- ret = SUCCESS;
-
-loser:
- SECMOD_ReleaseReadLock(lock);
- return ret;
-}
-
-/* Strings describing PK11DisableReasons */
-static char *disableReasonStr[] = {
- "no reason",
- "user disabled",
- "could not initialize token",
- "could not verify token",
- "token not present"
-};
-static int numDisableReasonStr =
- sizeof(disableReasonStr) / sizeof(disableReasonStr[0]);
-
-/***********************************************************************
- *
- * L i s t M o d u l e
- *
- * Lists detailed information about the named module.
- */
-Error
-ListModule(char *moduleName)
-{
- SECMODModule *module;
- PK11SlotInfo *slot;
- int slotnum;
- CK_INFO modinfo;
- CK_SLOT_INFO slotinfo;
- CK_TOKEN_INFO tokeninfo;
- char *ciphers, *mechanisms;
- PK11DisableReasons reason;
- Error rv = SUCCESS;
-
- if(!moduleName) {
- return SUCCESS;
- }
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- if(PK11_GetModInfo(module, &modinfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
- return MOD_INFO_ERR;
- }
-
- /* Module info */
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
- if(module->internal || !module->dllName) {
- PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
- } else {
- PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
- }
-
- PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
- PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
- modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
- PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
- modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
-
- /* Get cipher and mechanism flags */
- ciphers = getStringFromFlags(module->ssl[0], cipherStrings,
- numCipherStrings);
- if(ciphers[0] == '\0') {
- ciphers = "None";
- }
- PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
- mechanisms = NULL;
- if(module->slotCount > 0) {
- mechanisms = getStringFromFlags(
- PK11_GetDefaultFlags(module->slots[0]),
- mechanismStrings, numMechanismStrings);
- }
- if(mechanisms[0] =='\0') {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);
-
-#define PAD " "
-
- /* Loop over each slot */
- for(slotnum=0; slotnum < module->slotCount; slotnum++) {
- slot = module->slots[slotnum];
- if(PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR],
- PK11_GetSlotName(slot));
- rv = SLOT_INFO_ERR;
- continue;
- }
-
- /* Slot Info */
- PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot));
- mechanisms = getStringFromFlags(PK11_GetDefaultFlags(slot),
- mechanismStrings, numMechanismStrings);
- if(mechanisms[0] =='\0') {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms);
- PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n",
- slotinfo.manufacturerID);
- if (PK11_IsHW(slot)) {
- PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Type: Software\n");
- }
- PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n",
- slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n",
- slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
- if (PK11_IsDisabled(slot)) {
- reason = PK11_GetDisabledReason(slot);
- if(reason < numDisableReasonStr) {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n",
- disableReasonStr[reason]);
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n");
- }
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n");
- }
-
- if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
- PK11_GetTokenName(slot));
- rv = TOKEN_INFO_ERR;
- continue;
- }
-
- /* Token Info */
- PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n",
- tokeninfo.label);
- PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n",
- tokeninfo.manufacturerID);
- PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model);
- PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n",
- tokeninfo.serialNumber);
- PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n",
- tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n",
- tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor);
- if(tokeninfo.flags & CKF_WRITE_PROTECTED) {
- PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n");
- }
- if(tokeninfo.flags & CKF_LOGIN_REQUIRED) {
- PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD
- "Login Type: Public (no login required)\n");
- }
- if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
- PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n");
- }
- }
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- return rv;
-}
-
-/************************************************************************
- *
- * C h a n g e P W
- */
-Error
-ChangePW(char *tokenName, char *pwFile, char *newpwFile)
-{
- char *oldpw=NULL, *newpw=NULL, *newpw2=NULL;
- PK11SlotInfo *slot;
- Error ret=UNSPECIFIED_ERR;
- PRBool matching;
-
- slot = PK11_FindSlotByName(tokenName);
- if(!slot) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName);
- return NO_SUCH_TOKEN_ERR;
- }
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- /* Get old password */
- if(! PK11_NeedUserInit(slot)) {
- if(pwFile) {
- oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile);
- if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]);
- ret=BAD_PW_ERR;
- goto loser;
- }
- } else {
- for(matching=PR_FALSE; !matching; ) {
- oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
- if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
- matching = PR_TRUE;
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]);
- }
- }
- }
- }
-
- /* Get new password */
- if(newpwFile) {
- newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile);
- } else {
- for(matching=PR_FALSE; !matching; ) {
- newpw = SECU_GetPasswordString(NULL, "Enter new password: ");
- newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: ");
- if(strcmp(newpw, newpw2)) {
- PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]);
- } else {
- matching = PR_TRUE;
- }
- }
- }
-
- /* Change the password */
- if(PK11_NeedUserInit(slot)) {
- if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- } else {
- if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName);
- ret = SUCCESS;
-
-loser:
- if(oldpw) {
- memset(oldpw, 0, strlen(oldpw));
- PORT_Free(oldpw);
- }
- if(newpw) {
- memset(newpw, 0, strlen(newpw));
- PORT_Free(newpw);
- }
- if(newpw2) {
- memset(newpw2, 0, strlen(newpw));
- PORT_Free(newpw2);
- }
- return ret;
-}
-
-/***********************************************************************
- *
- * E n a b l e M o d u l e
- *
- * If enable==PR_TRUE, enables the module or slot.
- * If enable==PR_FALSE, disables the module or slot.
- * moduleName is the name of the module.
- * slotName is the name of the slot. It is optional.
- */
-Error
-EnableModule(char *moduleName, char *slotName, PRBool enable)
-{
- int i;
- SECMODModule *module;
- PK11SlotInfo *slot = NULL;
- PRBool found = PR_FALSE;
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- for(i=0; i < module->slotCount; i++) {
- slot = module->slots[i];
- if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) {
- /* Not the right slot */
- continue;
- }
- if(enable) {
- if(! PK11_UserEnableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "enable", PK11_GetSlotName(slot));
- return ENABLE_FAILED_ERR;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "enabled");
- }
- } else {
- if(! PK11_UserDisableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "disable", PK11_GetSlotName(slot));
- return ENABLE_FAILED_ERR;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "disabled");
- }
- }
- }
-
- if(slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- return NO_SUCH_SLOT_ERR;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName);
- return UPDATE_MOD_FAILED_ERR;
- }
-
- return SUCCESS;
-}
-
-/*************************************************************************
- *
- * S e t D e f a u l t M o d u l e
- *
- */
-Error
-SetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule *module;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
- numMechanismStrings);
- PRBool found = PR_FALSE;
- Error errcode = UNSPECIFIED_ERR;
-
- if (pk11_DefaultArray == NULL) {
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
- if (pk11_DefaultArray == NULL) {
- /* should assert. This shouldn't happen */
- goto loser;
- }
- }
-
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- errcode = NO_SUCH_MODULE_ERR;
- goto loser;
- }
-
- /* Go through each slot */
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
-
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
-
- found = PR_TRUE;
-
- /* Go through each mechanism */
- for(i=0; i < pk11_DefaultArraySize; i++) {
- if(pk11_DefaultArray[i].flag & mechFlags) {
- /* Enable this default mechanism */
- PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
- PR_TRUE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- errcode = NO_SUCH_SLOT_ERR;
- goto loser;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR],
- moduleName);
- errcode = DEFAULT_FAILED_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
-
- errcode = SUCCESS;
-loser:
- return errcode;
-}
-
-/************************************************************************
- *
- * U n s e t D e f a u l t M o d u l e
- */
-Error
-UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule * module;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms,
- mechanismStrings, numMechanismStrings);
- PRBool found = PR_FALSE;
-
- if (pk11_DefaultArray == NULL) {
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
- if (pk11_DefaultArray == NULL) {
- /* should assert. This shouldn't happen */
- return UNSPECIFIED_ERR;
- }
- }
-
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
- for(i=0; i < pk11_DefaultArraySize ; i++) {
- if(pk11_DefaultArray[i].flag & mechFlags) {
- PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
- PR_FALSE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- return NO_SUCH_SLOT_ERR;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR],
- moduleName);
- return UNDEFAULT_FAILED_ERR;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
- return SUCCESS;
-}
diff --git a/security/nss/cmd/modutil/pk11jar.html b/security/nss/cmd/modutil/pk11jar.html
deleted file mode 100644
index 9440db014..000000000
--- a/security/nss/cmd/modutil/pk11jar.html
+++ /dev/null
@@ -1,309 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>PKCS #11 JAR Format</title>
-</head>
-<body bgcolor=white text=black link=blue vlink=purple alink=red>
-<center><h1>PKCS #11 JAR Format</h1></center>
-
-<p>PKCS #11 modules can be packaged into JAR files that support automatic
-installation onto the filesystem and into the security module database.
-The JAR file should contain:
-<ul>
-<li>All files that will be installed onto the target machine. This will
-include at least the PKCS #11 module library file (.DLL or .so), and
-may also include any other file that should be installed (such as
-documentation).
-<li>A script to perform the installation.
-</ul>
-The script can be in one of two forms. If the JAR file is to be
-run by Communicator (or any program that interprets Javascript), the
-instructions will be in the form of a SmartUpdate script.
-<a href="http://devedge/library/documentation/security/jmpkcs/">Documentation
-</a> on creating this script can be found on DevEdge.
-
-<p>If the
-JAR file is to be run by a server, modutil, or any other program that
-doesn't interpret Javascript, a special information file must be included
-in the format described in this document.
-
-<h2>Declaring the Script in the Manifest File</h2>
-The script can have any name, but it must be declared in the manifest file
-of the JAR archive. The metainfo tag for this is
-<code>Pkcs11_install_script</code>. Meta-information is put in the manifest
-file by putting it in a file which is passed to
-<a href="http://developer.netscape.com/software/index_frame.html?content=signedobj/jarpack.html#signtool1.3">Signtool</a>. For example,
-suppose the PKCS #11 installer script is in the file <code>pk11install</code>.
-In Signtool's metainfo file, you would have a line like this:
-<blockquote><pre>
-+ Pkcs11_install_script: pk11install
-</pre></blockquote>
-
-<h2>Sample Script File</h2>
-<blockquote><pre>
-ForwardCompatible { IRIX:6.2:mips Solaris:5.5.1:sparc }
-Platforms {
- WINNT::x86 {
- ModuleName { "Fortezza Module" }
- ModuleFile { win32/fort32.dll }
- DefaultMechanismFlags{0x0001}
- DefaultCipherFlags{0x0001}
- Files {
- win32/setup.exe {
- Executable
- RelativePath { %temp%/setup.exe }
- }
- win32/setup.hlp {
- RelativePath { %temp%/setup.hlp }
- }
- win32/setup.cab {
- RelativePath { %temp%/setup.cab }
- }
- }
- }
- WIN95::x86 {
- EquivalentPlatform {WINNT::x86}
- }
- Solaris:5.5.1:sparc {
- ModuleName { "Fortezza UNIX Module" }
- ModuleFile { unix/fort.so }
- DefaultMechanismFlags{0x0001}
- CipherEnableFlags{0x0001}
- Files {
- unix/fort.so {
- RelativePath{%root%/lib/fort.so}
- AbsolutePath{/usr/local/netscape/lib/fort.so}
- FilePermissions{555}
- }
- xplat/instr.html {
- RelativePath{%root%/docs/inst.html}
- AbsolutePath{/usr/local/netscape/docs/inst.html}
- FilePermissions{555}
- }
- }
- }
- IRIX:6.2:mips {
- EquivalentPlatform { Solaris:5.5.1:sparc }
- }
-}
-</pre></blockquote>
-
-<hr>
-
-<h2>Script File Grammar</h2>
-<blockquote><pre>
---> <i>valuelist</i>
-
-<i>valuelist</i> --> <i>value</i> <i>valuelist</i>
-<i> </i> <i>&lt;null&gt;</i>
-
-<i>value</i> --> <i>key_value_pair</i>
-<i> </i> <i>string</i>
-
-<i>key_value_pair</i> --> <i>key</i> { <i>valuelist</i> }
-
-<i>key</i> --> <i>string</i>
-
-<i>string</i> --> <i>simple_string</i>
-<i> </i> "<i>complex_string</i>"
-
-<i>simple_string</i> --> [^ \t\n\""{""}"]+ <font size=-1><i>(no whitespace, quotes, or braces)</i></font>
-
-<i>complex_string</i> --> ([^\"\\\r\n]|(\\\")|(\\\\))+ <font size=-1><i>(quotes and backslashes must be escaped with a backslash, no newlines or carriage returns are allowed in the string)</i></font>
-</pre></blockquote>
-Outside of complex strings, all whitespace (space, tab, newline) is considered
-equal and is used only to delimit tokens.
-
-<hr>
-
-<h2>Keys</h2>
-Keys are case-insensitive.
-<h3>Global Keys</h3>
-<dl>
-<dt><code>ForwardCompatible</code>
-<dd>Gives a list of platforms that are forward compatible. If the current
-platform cannot be found in the list of supported platforms, then the
-ForwardCompatible list will be checked for any platforms that have the same
-OS and architecture and an earlier version. If one is found, its
-attributes will be used for the current platform.
-<dt><code>Platforms</code> (<i>required</i>)
-<dd>Gives a list of platforms. Each entry in the list is itself a key-value
-pair:
-the key is the name of the platform, and the valuelist contains various
-attributes of the platform. The ModuleName, ModuleFile, and Files attributes
-must be specified, unless an EquivalentPlatform attribute is specified.
-The platform string is in the following
-format: <u><i>system name</i></u>:<u><i>os release</i></u>:<u><i>architecture</i></u>. The installer
-will obtain these values from NSPR. <u><i>os release</i></u> is an empty
-string on non-UNIX operating systems. The following system names and platforms
-are currently defined by NSPR:<code>
-<ul>
-<li>AIX (rs6000)
-<li>BSDI (x86)
-<li>FREEBSD (x86)
-<li>HPUX (hppa1.1)
-<li>IRIX (mips)
-<li>LINUX (ppc, alpha, x86)
-<li>MacOS (PowerPC) </code>(<i>Note: NSPR actually defines the OS as
-"</i><code>Mac OS</code><i>". The
-space makes the name unsuitable for being embedded in identifiers. Until
-NSPR changes, you will have to add some special code to deal with this case.
-</i>)<code>
-<li>NCR (x86)
-<li>NEC (mips)
-<li>OS2 (x86)
-<li>OSF (alpha)
-<li>ReliantUNIX (mips)
-<li>SCO (x86)
-<li>SOLARIS (sparc)
-<li>SONY (mips)
-<li>SUNOS (sparc)
-<li>UnixWare (x86)
-<li>WIN16 (x86)
-<li>WIN95 (x86)
-<li>WINNT (x86)
-</ul>
-</code>
-Examples of valid platform strings: <code>IRIX:6.2:mips, Solaris:5.5.1:sparc,
-Linux:2.0.32:x86, WIN95::x86</code>.
-</dl>
-
-<h3>Per-Platform Keys</h3>
-These keys only have meaning within the value list of an entry in
-the <code>Platforms</code> list.
-<dl>
-<dt><code>ModuleName</code> (<i>required</i>)
-<dd>Gives the common name for the module. This name will be used to
-reference the module from Communicator, modutil, servers, or any other
-program that uses the Netscape security module database.
-<dt><code>ModuleFile</code> (<i>required</i>)
-<dd>Names the PKCS #11 module file (DLL or .so) for this platform. The name
-is given as the relative path of the file within the JAR archive.
-<dt><code>Files</code> (<i>required</i>)
-<dd>Lists the files that should be installed for this module. Each entry
-in the file list is a key-value pair: the key is the path of the file in
-the JAR archive, and
-the valuelist contains attributes of the file. At least RelativePath and
-AbsoluteDir must be specified in this valuelist.
-<dt><code>DefaultMechanismFlags</code>
-<dd>This key-value pair specifies
-of which mechanisms this module will be a default provider. It is a bitstring
-specified in hexadecimal (0x) format. It is constructed as a bitwise OR
-of the following constants. If the <code>DefaultMechanismFlags</code>
-entry is omitted, the value will default to 0x0.
-<blockquote><pre>
-RSA: 0x0000 0001
-DSA: 0x0000 0002
-RC2: 0x0000 0004
-RC4: 0x0000 0008
-DES: 0x0000 0010
-DH: 0x0000 0020
-FORTEZZA: 0x0000 0040
-RC5: 0x0000 0080
-SHA1: 0x0000 0100
-MD5: 0x0000 0200
-MD2: 0x0000 0400
-RANDOM: 0x0800 0000
-FRIENDLY: 0x1000 0000
-OWN_PW_DEFAULTS: 0x2000 0000
-DISABLE: 0x4000 0000
-</pre></blockquote>
-<dt><code>CipherEnableFlags</code>
-<dd>This key-value pair specifies
-which SSL ciphers will be enabled. It is a bitstring specified in
-hexadecimal (0x) format. It is constructed as a bitwise OR of the following
-constants. If the <code>CipherEnableFlags</code> entry is omitted, the
-value will default to 0x0.
-<blockquote><pre>
-FORTEZZA: 0x0000 0001
-</pre></blockquote>
-<dt><code>EquivalentPlatform</code>
-<dd>Specifies that the attributes of the named platform should also be used
-for the current platform. Saves typing when there is more than one platform
-that uses the same settings.
-</dl>
-
-<h3>Per-File Keys</h3>
-These keys only have meaning within the valuelist of an entry in a
-<code>Files</code> list. At least one of <code>RelativePath</code> and
-<code>AbsolutePath</code> must be specified. If both are specified, the
-relative path will be tried first and the absolute path used only if no
-relative root directory is provided by the installer program.
-<dl>
-<dt><code>RelativePath</code>
-<dd>Specifies the destination directory of the file, relative to some directory
-decided at install-time. Two variables can be used in the relative
-path, "%root%" and "%temp%". "%root%" will be replaced at run-time with
-the directory relative to which files should be installed; for
-example, it may be the server's root directory or Communicator's root
-directory. "%temp%" is a directory that will be created at the beginning
-of the installation and destroyed at the end of the installation. Its purpose
-is to hold executable files (such as setup programs), or files that are
-used by these programs. For example, a Windows installation might consist
-of a <code>setup.exe</code> installation program, a help file, and a .cab file
-containing compressed information. All these files could be installed into the
-temporary directory. Files destined for the temporary directory are guaranteed
-to be in place before any executable file is run, and will not be deleted
-until all executable files have finished.
-<dt><code>AbsoluteDir</code>
-<dd>Specifies the destination directory of the file as an absolute path.
-This will only be used if the installer is unable to determine a
-relative directory.
-<dt><code>Executable</code>
-<dd>This string specifies that the file is to be executed during the
-course of the
-installation. Typically this would be used for a setup program provided
-by a module vendor, such as a self-extracting <code>setup.exe</code>.
-More than one file can be specified as executable, in which case they will
-be run in the order they are specified in the script file.
-<dt><code>FilePermissions</code>
-<dd>This string is interpreted as a string of octal digits, according to the
-standard UNIX format. It is a bitwise OR of the following constants:
-<blockquote><pre>
-user read: 400
-user write: 200
-user execute: 100
-group read: 040
-group write: 020
-group execute: 010
-other read: 004
-other write: 002
-other execute: 001
-</pre></blockquote>
-Some platforms may not understand these permissions. They will only be
-applied insofar as makes sense for the current platform. If this attribute
-is omitted, a default of 777 is assumed.
-
-</body>
-</html>
diff --git a/security/nss/cmd/modutil/rules.mk b/security/nss/cmd/modutil/rules.mk
deleted file mode 100644
index b34662513..000000000
--- a/security/nss/cmd/modutil/rules.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Some versions of yacc generate files that include platform-specific
-# system headers. For example, the yacc in Solaris 2.6 inserts
-# #include <values.h>
-# which does not exist on NT. For portability, always use Berkeley
-# yacc (such as the yacc in Linux) to generate files.
-#
-
-generate: installparse.c installparse.l
-
-installparse.c:
- yacc -p Pk11Install_yy -d installparse.y
- mv y.tab.c installparse.c
- mv y.tab.h installparse.h
-
-installparse.l:
- lex -olex.Pk11Install_yy.c -PPk11Install_yy installparse.l
- @echo
- @echo "**YOU MUST COMMENT OUT UNISTD.H FROM lex.Pk11Install_yy.cpp**"
-
-install.c: install-ds.h install.h
diff --git a/security/nss/cmd/modutil/specification.html b/security/nss/cmd/modutil/specification.html
deleted file mode 100644
index 48a1ab7cd..000000000
--- a/security/nss/cmd/modutil/specification.html
+++ /dev/null
@@ -1,351 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>Modutil Specification</title>
-</head>
-<body bgcolor=white fgcolor=black>
-<center><h1>PKCS #11 Module Management Utility
-<br><i>Specification</i></h1></center>
-
-<!---------------------------------------------------------------------->
-<!-------------------------- capabilities ------------------------------>
-<!---------------------------------------------------------------------->
-<h2>Capabilities</h2>
-<ul>
-<li>Add a PKCS #11 module, specifying a name and library file.
-(<a href="#add">-add</a>)
-<li>Add a PKCS #11 module from a server-formatted JAR file.
-(<a href="#jar">-jar</a>)
-<li>Change the password on or initialize a token.
-(<a href="#changepw">-changepw</a>)
-<li>Create databases (secmod[ule].db, key3.db, cert7.db) from scratch.
-(<a href="#create">-create</a>)
-<li>Switch to and from FIPS-140-1 compliant mode.
-(<a href="#fips">-fips</a>)
-<li>Delete a PKCS #11 module. (<a href="#delete">-delete</a>)
-<li>List installed PKCS #11 modules. (<a href="#list">-list</a>)
-<li>List detailed info on a particular module and its tokens, including
-whether needs login, is hardware, needs user init
-(<a href="#list">-list</a>)
-<li>Specify which modules should be the default provider of various
-cryptographic operations.(<a href="#default">-default</a>,
-<a href="#undefault">-undefault</a>)
-<li>Disable and enable slots, find out whether and why they are disabled.
-(<a href="#disable">-disable</a>, <a href="#enable">-enable</a>,
-<a href="#list">-list</a>)
-</ul>
-
-<hr>
-
-<!---------------------------------------------------------------------->
-<!-------------------------- Usage ------------------------------------->
-<!---------------------------------------------------------------------->
-<h2>Usage</h2>
-<code>modutil [<i>command</i>] [<i>options</i>]</code>
-<p>At most one command can be specified. With no arguments,
-<code>modutil</code> prints a usage message.
-<h3>Commands:</h3>
-<table border>
-<tr bgcolor="#cccccc">
-<th>Command</th><th>Description</th>
-</tr>
-
-<!---------------------------- -add ------------------------------>
-<tr>
-<td> <a name="add"></a>
-<code>-add <u><i>module name</i></u> -libfile <u><i>library file</i></u>
- [-ciphers <u><i>cipher enable list</i></u>]
- [-mechanisms <u><i>default mechanism list</i></u>]
-</code></td>
-<td>Adds a new module to the database with the given name.
-
-<p><u><i>library file</i></u> is the path of the DLL or other library file
-containing the module's implementation of the PKCS #11 interface.
-
-<p><u><i>cipher enable flags</i></u> is a colon-separated list of ciphers
-that will be enabled on this module. The list should be enclosed within quotes
-if necessary to prevent shell interpretation. The following ciphers are
-currently available:
-<ul>
-<li>FORTEZZA
-</ul>
-
-<p><u><i>default mechanism flags</i></u> is a colon-separated list of
-mechanisms for which this module should be the default provider. The
-list should be enclosed within quotes if necessary to prevent shell
-interpretation. <b>This
-list does not enable the mechanisms; it only specifies that this module
-will be a default provider for the listed mechanisms.</b> If more than
-one module claims to be a default provider for a given mechanism, it is
-undefined which will actually be chosen to provide that mechanism. The
-following mechanisms are currently available:
-<ul>
-<li>RSA
-<li>DSA
-<li>RC2
-<li>RC4
-<li>RC5
-<li>DES
-<li>DH
-<li>FORTEZZA
-<li>SHA1
-<li>MD5
-<li>MD2
-<li>RANDOM <i>(random number generation)</i>
-<li>FRIENDLY <i>(certificates are publicly-readable)</i>
-</ul>
-</td>
-</tr>
-
-<!-------------------------- -changepw ------------------------------------->
-<tr>
-<td><a name="changepw"></a><code>-changepw <u><i>token name</i></u>
-[-pwfile <u><i>old password file</i></u>]
-[-newpwfile <u><i>new password file</i></u>]</code></td>
-<td>Changes the password on the named token. If the token has not been
-initialized, this command will initialize the PIN.
-If a password file is given, the password will be read from that file;
-otherwise, the password will be obtained interactively.
-<b>Storing passwords in a file is much less secure than supplying them
-interactively.</b>
-<p>The password on the Netscape internal module cannot be changed if
-the <code>-nocertdb</code> option is specified.
-</td>
-</tr>
-
-<!-------------------------- -create ------------------------------------->
-<tr>
-<td><a name="create"></a><code>-create</code></td>
-<td>Creates a new secmod[ule].db, key3.db, and cert7.db in the directory
-specified with the
-<code>-dbdir</code> option, if one is specified. If no directory is
-specified, UNIX systems will use the user's .netscape directory, while other
-systems will return with an error message. If any of these databases already
-exist in the chosen directory, an error message is returned.
-<p>If used with <code>-nocertdb</code>, only secmod[ule].db will be created;
-cert7.db and key3.db will not be created.
-</td>
-</tr>
-
-<!------------------------------ -default -------------------------------->
-<tr>
-<td> <a name="default"></a> <code>-default <u><i>module name</i></u>
--mechanisms <u><i>mechanism list</i></u></code>
-</td>
-<td>Specifies that the given module will be a default provider of the
-listed mechanisms. The mechanism list is the same as in the <code>-add</code>
-command.
-</td>
-</tr>
-
-<!-------------------------- -delete ------------------------------------->
-<tr>
-<td><a name="delete"></a><code>-delete <u><i>module name</i></u></code></td>
-<td>Deletes the named module from the database</td>
-</tr>
-
-<!-------------------------- -disable ------------------------------------->
-<tr>
-<td> <a name="disable"></a> <code>-disable <u><i>module name</i></u>
-[-slot <u><i>slot name</i></u>]</code></td>
-<td>Disables the named slot. If no slot is specified, all slots on
-the module are disabled.</td>
-</tr>
-
-<!-------------------------- -enable ------------------------------------->
-<tr>
-<td> <a name="enable"></a> <code>-enable <u><i>module name</i></u>
-[-slot <u><i>slot name</i></u>]</code></td>
-<td>Enables the named slot. If no slot is specified, all slots on
-the module are enabled.</td>
-</tr>
-
-<!-------------------------- -fips ------------------------------------->
-<tr>
-<td><a name="fips"></a><code>-fips [true | false]</code></td>
-<td>Enables or disables FIPS mode on the internal module. Passing
-<code>true</code> enables FIPS mode, passing <code>false</code> disables
-FIPS mode.</td>
-</tr>
-
-<!-------------------------- -force ------------------------------------->
-<tr>
-<td><a name="force"></a><code>-force</code></td>
-<td>Disables interactive prompts, so modutil can be run in a script.
-Should only be used by experts, since the prompts may relate to security
-or database integrity. Before using this option, test the command
-interactively once to see the warnings that are produced.</td>
-</tr>
-
-<!-------------------------- -jar ------------------------------------->
-<tr>
-<td><a name="jar"></a><code>-jar <u><i>JAR file</i></u>
--installdir <u><i>root installation directory</i></u>
-[-tempdir <u><i>temporary directory</i></u>]</code></td>
-<td>Adds a new module from the given JAR file. The JAR file uses the
-server <a href="pk11jar.html">PKCS #11 JAR format</a> to describe the names of
-any files that need to be installed, the name of the module, mechanism flags,
-and cipher flags. The <u><i>root installation directory</i></u>
-is the directory relative to which files will be installed. This should be a
- directory
-under which it would be natural to store dynamic library files, such as
-a server's root directory, or Communicator's root directory.
-The <u><i>temporary directory</i></u> is where temporary modutil files
-will be created in the course of the installation. If no temporary directory
-is specified, the current directory will be used.
-<p>If used with the <code>-nocertdb</code> option, the signatures on the JAR
-file will not be checked.</td>
-</tr>
-
-<!----------------------------- -list ------------------------------>
-<tr>
-<td><a name="list"></a><code>-list [<u><i>module name</i></u>]</code></td>
-<td>Without an argument, lists the PKCS #11 modules present in the module
-database.
-<blockquote>
-<pre>
-% <b>modutil -list</b>
-Using database directory /u/nicolson/.netscape...
-
-Listing of PKCS #11 Modules
------------------------------------------------------------
- 1. Netscape Internal PKCS #11 Module
- slots: 2 slots attached
- status: loaded
-
- slot: Communicator Internal Cryptographic Services Version 4.0
- token: Communicator Generic Crypto Svcs
-
- slot: Communicator User Private Key and Certificate Services
- token: Communicator Certificate DB
------------------------------------------------------------
-</pre>
-</blockquote>
-<p>With an argument, provides a detailed description of the named module
-and its slots and tokens.
-<blockquote>
-<pre>
-% <b>modutil -list "Netscape Internal PKCS #11 Module"</b>
-Using database directory /u/nicolson/.netscape...
-
------------------------------------------------------------
-Name: Netscape Internal PKCS #11 Module
-Library file: **Internal ONLY module**
-Manufacturer: Netscape Communications Corp
-Description: Communicator Internal Crypto Svc
-PKCS #11 Version 2.0
-Library Version: 4.0
-Cipher Enable Flags: None
-Default Mechanism Flags: RSA:DSA:RC2:RC4:DES:SHA1:MD5:MD2
-
- Slot: Communicator Internal Cryptographic Services Version 4.0
- Manufacturer: Netscape Communications Corp
- Type: Software
- Version Number: 4.1
- Firmware Version: 0.0
- Status: Enabled
- Token Name: Communicator Generic Crypto Svcs
- Token Manufacturer: Netscape Communications Corp
- Token Model: Libsec 4.0
- Token Serial Number: 0000000000000000
- Token Version: 4.0
- Token Firmware Version: 0.0
- Access: Write Protected
- Login Type: Public (no login required)
- User Pin: NOT Initialized
-
- Slot: Communicator User Private Key and Certificate Services
- Manufacturer: Netscape Communications Corp
- Type: Software
- Version Number: 3.0
- Firmware Version: 0.0
- Status: Enabled
- Token Name: Communicator Certificate DB
- Token Manufacturer: Netscape Communications Corp
- Token Model: Libsec 4.0
- Token Serial Number: 0000000000000000
- Token Version: 7.0
- Token Firmware Version: 0.0
- Access: NOT Write Protected
- Login Type: Login required
- User Pin: Initialized
-
------------------------------------------------------------
-</pre>
-</blockquote>
-</td>
-</tr>
-
-<!------------------------------ Undefault ------------------------------->
-<tr>
-<td><a name="undefault"></a><code>-undefault <u><i>module name</i></u>
--mechanisms <u><i>mechanism list</i></u></code></td>
-<td>Specifies that the given module will NOT be a default provider of
-the listed mechanisms. This command clears the default mechanism flags
-for the given module.</td>
-</tr>
-
-</table>
-
-<!------------------------------------------------------------------------>
-<!------------------------------ Options --------------------------------->
-<!------------------------------------------------------------------------>
-<h3>Options:</h3>
-<table border>
-<tr bgcolor="#cccccc"><th>Option</th><th>Description</th> </tr>
-
-<!------------------------------ -dbdir ---------------------------------->
-<tr>
-<td><code>-dbdir <u><i>directory</i></u></code></td>
-<td>Specifies which directory holds the module database. On UNIX systems,
-the user's netscape directory is the default. On other systems, there is
-no default, and this option must be used.</td>
-</tr>
-
-<!------------------------------ -dbdir ---------------------------------->
-<tr>
-<td><code>-nocertdb</code></td>
-<td>Do not open the certificate or key databases. This has several effects.
-With the <code>-create</code> command, this means that only a secmod.db file
-will be created; cert7.db and key3.db will not be created. With the
-<code>-jar</code> command, signatures on the JAR file will not be checked.
-With the <code>-changepw</code> command, the password on the Netscape internal
-module cannot be set or changed, since this password is stored in key3.db.
-</td>
-</tr>
-
-</table>
-
-</body>
-</html>
diff --git a/security/nss/cmd/ocspclnt/Makefile b/security/nss/cmd/ocspclnt/Makefile
deleted file mode 100644
index 490f738e5..000000000
--- a/security/nss/cmd/ocspclnt/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/ocspclnt/manifest.mn b/security/nss/cmd/ocspclnt/manifest.mn
deleted file mode 100644
index 68a84b8c7..000000000
--- a/security/nss/cmd/ocspclnt/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- ocspclnt.c \
- $(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = ocspclnt
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c
deleted file mode 100644
index 309d08538..000000000
--- a/security/nss/cmd/ocspclnt/ocspclnt.c
+++ /dev/null
@@ -1,1221 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for client-side OCSP.
- *
- * $Id$
- */
-
-#include "secutil.h"
-#include "nspr.h"
-#include "plgetopt.h"
-#include "nss.h"
-#include "cert.h"
-#include "ocsp.h"
-#include "xconst.h" /*
- * XXX internal header file; needed to get at
- * cert_DecodeAuthInfoAccessExtension -- would be
- * nice to not need this, but that would require
- * better/different APIs.
- */
-
-#ifndef NO_PP /*
- * Compile with this every once in a while to be
- * sure that no dependencies on it get added
- * outside of the pretty-printing routines.
- */
-#include "ocspti.h" /* internals for pretty-printing routines *only* */
-#endif /* NO_PP */
-
-#define DEFAULT_DB_DIR "~/.netscape"
-
-
-static void
-synopsis (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr,
- "\t%s -p [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -P [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -r <name> [-L] [-s <name>] [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -R <name> [-l <location>] [-s <name>] [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -S <name> [-l <location> -t <name>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
- PR_fprintf (pr_stderr,
- "\t%s -V <name> -u <usage> [-l <location> -t <name>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
-}
-
-
-static void
-short_usage (char *program_name)
-{
- PR_fprintf (PR_STDERR,
- "Type %s -H for more detailed descriptions\n",
- program_name);
- synopsis (program_name);
-}
-
-
-static void
-long_usage (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- synopsis (program_name);
- PR_fprintf (pr_stderr, "\nCommands (must specify exactly one):\n");
- PR_fprintf (pr_stderr,
- " %-13s Pretty-print a binary request read from stdin\n",
- "-p");
- PR_fprintf (pr_stderr,
- " %-13s Pretty-print a binary response read from stdin\n",
- "-P");
- PR_fprintf (pr_stderr,
- " %-13s Create a request for cert \"nickname\" on stdout\n",
- "-r nickname");
- PR_fprintf (pr_stderr,
- " %-13s Get response for cert \"nickname\", dump to stdout\n",
- "-R nickname");
- PR_fprintf (pr_stderr,
- " %-13s Get status for cert \"nickname\"\n",
- "-S nickname");
- PR_fprintf (pr_stderr,
- " %-13s Fully verify cert \"nickname\", w/ status check\n",
- "-V nickname");
- PR_fprintf (pr_stderr, "Options:\n");
- PR_fprintf (pr_stderr,
- " %-13s Add the service locator extension to the request\n",
- "-L");
- PR_fprintf (pr_stderr,
- " %-13s Find security databases in \"dbdir\" (default %s)\n",
- "-d dbdir", DEFAULT_DB_DIR);
- PR_fprintf (pr_stderr,
- " %-13s Use \"location\" as URL of responder\n",
- "-l location");
- PR_fprintf (pr_stderr,
- " %-13s Trust cert \"nickname\" as response signer\n",
- "-t nickname");
- PR_fprintf (pr_stderr,
- " %-13s Sign requests with cert \"nickname\"\n",
- "-s nickname");
- PR_fprintf (pr_stderr,
- " %-13s Type of certificate usage for verification:\n",
- "-u usage");
- PR_fprintf (pr_stderr,
- "%-17s c SSL Client\n", "");
- PR_fprintf (pr_stderr,
- "%-17s s SSL Server\n", "");
- PR_fprintf (pr_stderr,
- "%-17s e Email Recipient\n", "");
- PR_fprintf (pr_stderr,
- "%-17s E Email Signer\n", "");
- PR_fprintf (pr_stderr,
- "%-17s S Object Signer\n", "");
- PR_fprintf (pr_stderr,
- "%-17s C CA\n", "");
- PR_fprintf (pr_stderr,
- " %-13s Validity time (default current time), one of:\n",
- "-w time");
- PR_fprintf (pr_stderr,
- "%-17s %-25s (GMT)\n", "", "YYMMDDhhmm[ss]Z");
- PR_fprintf (pr_stderr,
- "%-17s %-25s (later than GMT)\n", "", "YYMMDDhhmm[ss]+hhmm");
- PR_fprintf (pr_stderr,
- "%-17s %-25s (earlier than GMT)\n", "", "YYMMDDhhmm[ss]-hhmm");
-}
-
-
-/*
- * XXX This is a generic function that would probably make a good
- * replacement for SECU_DER_Read (which is not at all specific to DER,
- * despite its name), but that requires fixing all of the tools...
- * Still, it should be done, whenenver I/somebody has the time.
- * (Also, consider whether this actually belongs in the security
- * library itself, not just in the command library.)
- *
- * This function takes an open file (a PRFileDesc *) and reads the
- * entire file into a SECItem. (Obviously, the file is intended to
- * be small enough that such a thing is advisable.) Both the SECItem
- * and the buffer it points to are allocated from the heap; the caller
- * is expected to free them. ("SECITEM_FreeItem(item, PR_TRUE)")
- */
-static SECItem *
-read_file_into_item (PRFileDesc *in_file, SECItemType si_type)
-{
- PRStatus prv;
- SECItem *item;
- PRFileInfo file_info;
- PRInt32 bytes_read;
-
- prv = PR_GetOpenFileInfo (in_file, &file_info);
- if (prv != PR_SUCCESS)
- return NULL;
-
- if (file_info.size == 0) {
- /* XXX Need a better error; just grabbed this one for expediency. */
- PORT_SetError (SEC_ERROR_INPUT_LEN);
- return NULL;
- }
-
- if (file_info.size > 0xffff) { /* I think this is too big. */
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- item = PORT_Alloc (sizeof (SECItem));
- if (item == NULL)
- return NULL;
-
- item->type = si_type;
- item->len = (unsigned int) file_info.size;
- item->data = PORT_Alloc ((size_t)item->len);
- if (item->data == NULL)
- goto loser;
-
- bytes_read = PR_Read (in_file, item->data, (PRInt32) item->len);
- if (bytes_read < 0) {
- /* Something went wrong; error is already set for us. */
- goto loser;
- } else if (bytes_read == 0) {
- /* Something went wrong; we read nothing. But no system/nspr error. */
- /* XXX Need to set an error here. */
- goto loser;
- } else if (item->len != (unsigned int)bytes_read) {
- /* Something went wrong; we read less (or more!?) than we expected. */
- /* XXX Need to set an error here. */
- goto loser;
- }
-
- return item;
-
-loser:
- SECITEM_FreeItem (item, PR_TRUE);
- return NULL;
-}
-
-
-/*
- * Create a DER-encoded OCSP request (for the certificate whose nickname
- * is "name") and dump it out.
- */
-static SECStatus
-create_request (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
- PRBool add_service_locator, PRBool add_acceptable_responses)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *certs = NULL;
- CERTOCSPRequest *request = NULL;
- int64 now = PR_Now();
- SECItem *encoding = NULL;
- SECStatus rv = SECFailure;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- /*
- * We need to create a list of one.
- */
- certs = CERT_NewCertList();
- if (certs == NULL)
- goto loser;
-
- if (CERT_AddCertToListTail (certs, cert) != SECSuccess)
- goto loser;
-
- /*
- * Now that cert is included in the list, we need to be careful
- * that we do not try to destroy it twice. This will prevent that.
- */
- cert = NULL;
-
- request = CERT_CreateOCSPRequest (certs, now, add_service_locator, NULL);
- if (request == NULL)
- goto loser;
-
- if (add_acceptable_responses) {
- rv = CERT_AddOCSPAcceptableResponses(request,
- SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
- if (rv != SECSuccess)
- goto loser;
- }
-
- encoding = CERT_EncodeOCSPRequest (NULL, request, NULL);
- if (encoding == NULL)
- goto loser;
-
- if (fwrite (encoding->data, encoding->len, 1, out_file) != 1)
- goto loser;
-
- rv = SECSuccess;
-
-loser:
- if (encoding != NULL)
- SECITEM_FreeItem(encoding, PR_TRUE);
- if (request != NULL)
- CERT_DestroyOCSPRequest(request);
- if (certs != NULL)
- CERT_DestroyCertList (certs);
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-/*
- * Create a DER-encoded OCSP request (for the certificate whose nickname is
- * "cert_name"), then get and dump a corresponding response. The responder
- * location is either specified explicitly (as "responder_url") or found
- * via the AuthorityInfoAccess URL in the cert.
- */
-static SECStatus
-dump_response (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
- const char *responder_url)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *certs = NULL;
- char *loc = NULL;
- int64 now = PR_Now();
- SECItem *response = NULL;
- SECStatus rv = SECFailure;
- PRBool includeServiceLocator;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- if (responder_url != NULL) {
- loc = (char *) responder_url;
- includeServiceLocator = PR_TRUE;
- } else {
- loc = CERT_GetOCSPAuthorityInfoAccessLocation (cert);
- if (loc == NULL)
- goto loser;
- includeServiceLocator = PR_FALSE;
- }
-
- /*
- * We need to create a list of one.
- */
- certs = CERT_NewCertList();
- if (certs == NULL)
- goto loser;
-
- if (CERT_AddCertToListTail (certs, cert) != SECSuccess)
- goto loser;
-
- /*
- * Now that cert is included in the list, we need to be careful
- * that we do not try to destroy it twice. This will prevent that.
- */
- cert = NULL;
-
- response = CERT_GetEncodedOCSPResponse (NULL, certs, loc, now,
- includeServiceLocator,
- NULL, NULL, NULL);
- if (response == NULL)
- goto loser;
-
- if (fwrite (response->data, response->len, 1, out_file) != 1)
- goto loser;
-
- rv = SECSuccess;
-
-loser:
- if (response != NULL)
- SECITEM_FreeItem (response, PR_TRUE);
- if (certs != NULL)
- CERT_DestroyCertList (certs);
- if (loc != NULL && loc != responder_url)
- PORT_Free (loc);
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-/*
- * Get the status for the specified certificate (whose nickname is "cert_name").
- * Directly use the OCSP function rather than doing a full verification.
- */
-static SECStatus
-get_cert_status (FILE *out_file, CERTCertDBHandle *handle,
- const char *cert_name, int64 verify_time)
-{
- CERTCertificate *cert = NULL;
- SECStatus rv = SECFailure;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- rv = CERT_CheckOCSPStatus (handle, cert, verify_time, NULL);
-
- fprintf (out_file, "Check of certificate \"%s\" ", cert_name);
- if (rv == SECSuccess) {
- fprintf (out_file, "succeeded.\n");
- } else {
- const char *error_string = SECU_Strerror(PORT_GetError());
- fprintf (out_file, "failed. Reason:\n");
- if (error_string != NULL && PORT_Strlen(error_string) > 0)
- fprintf (out_file, "%s\n", error_string);
- else
- fprintf (out_file, "Unknown\n");
- }
-
- rv = SECSuccess;
-
-loser:
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-/*
- * Verify the specified certificate (whose nickname is "cert_name").
- * OCSP is already turned on, so we just need to call the standard
- * certificate verification API and let it do all the work.
- */
-static SECStatus
-verify_cert (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
- SECCertUsage cert_usage, int64 verify_time)
-{
- CERTCertificate *cert = NULL;
- SECStatus rv = SECFailure;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- rv = CERT_VerifyCert (handle, cert, PR_TRUE, cert_usage, verify_time,
- NULL, NULL);
-
- fprintf (out_file, "Verification of certificate \"%s\" ", cert_name);
- if (rv == SECSuccess) {
- fprintf (out_file, "succeeded.\n");
- } else {
- const char *error_string = SECU_Strerror(PORT_GetError());
- fprintf (out_file, "failed. Reason:\n");
- if (error_string != NULL && PORT_Strlen(error_string) > 0)
- fprintf (out_file, "%s\n", error_string);
- else
- fprintf (out_file, "Unknown\n");
- }
-
- rv = SECSuccess;
-
-loser:
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-#ifdef NO_PP
-
-static SECStatus
-print_request (FILE *out_file, SECItem *data)
-{
- fprintf (out_file, "Cannot pretty-print request compiled with NO_PP.\n");
- return SECSuccess;
-}
-
-static SECStatus
-print_response (FILE *out_file, SECItem *data, CERTCertDBHandle *handle)
-{
- fprintf (out_file, "Cannot pretty-print response compiled with NO_PP.\n");
- return SECSuccess;
-}
-
-#else /* NO_PP */
-
-static void
-print_ocsp_version (FILE *out_file, SECItem *version, int level)
-{
- if (version->len > 0) {
- SECU_PrintInteger (out_file, version, "Version", level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Version: DEFAULT\n");
- }
-}
-
-
-static void
-print_ocsp_cert_id (FILE *out_file, CERTOCSPCertID *cert_id, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Cert ID:\n");
- level++;
-
- SECU_PrintAlgorithmID (out_file, &(cert_id->hashAlgorithm),
- "Hash Algorithm", level);
- SECU_PrintAsHex (out_file, &(cert_id->issuerNameHash),
- "Issuer Name Hash", level);
- SECU_PrintAsHex (out_file, &(cert_id->issuerKeyHash),
- "Issuer Key Hash", level);
- SECU_PrintInteger (out_file, &(cert_id->serialNumber),
- "Serial Number", level);
- /* XXX lookup the cert; if found, print something nice (nickname?) */
-}
-
-
-static void
-print_raw_certificates (FILE *out_file, SECItem **raw_certs, int level)
-{
- SECItem *raw_cert;
- int i = 0;
- char cert_label[50];
-
- SECU_Indent (out_file, level);
-
- if (raw_certs == NULL) {
- fprintf (out_file, "No Certificates.\n");
- return;
- }
-
- fprintf (out_file, "Certificate List:\n");
- while ((raw_cert = raw_certs[i++]) != NULL) {
- sprintf (cert_label, "Certificate (%d)", i);
- (void) SECU_PrintSignedData (out_file, raw_cert, cert_label, level + 1,
- SECU_PrintCertificate);
- }
-}
-
-
-static void
-print_ocsp_extensions (FILE *out_file, CERTCertExtension **extensions,
- char *msg, int level)
-{
- if (extensions) {
- SECU_PrintExtensions (out_file, extensions, msg, level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No %s\n", msg);
- }
-}
-
-
-static void
-print_single_request (FILE *out_file, ocspSingleRequest *single, int level)
-{
- print_ocsp_cert_id (out_file, single->reqCert, level);
- print_ocsp_extensions (out_file, single->singleRequestExtensions,
- "Single Request Extensions", level);
-}
-
-
-/*
- * Decode the DER/BER-encoded item "data" as an OCSP request
- * and pretty-print the subfields.
- */
-static SECStatus
-print_request (FILE *out_file, SECItem *data)
-{
- CERTOCSPRequest *request;
- ocspTBSRequest *tbsRequest;
- int level = 0;
-
- PORT_Assert (out_file != NULL);
- PORT_Assert (data != NULL);
- if (out_file == NULL || data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- request = CERT_DecodeOCSPRequest (data);
- if (request == NULL || request->tbsRequest == NULL)
- return SECFailure;
-
- tbsRequest = request->tbsRequest;
-
- fprintf (out_file, "TBS Request:\n");
- level++;
-
- print_ocsp_version (out_file, &(tbsRequest->version), level);
-
- /*
- * XXX Probably should be an interface to get the signer name
- * without looking inside the tbsRequest at all.
- */
- if (tbsRequest->requestorName != NULL) {
- SECU_Indent (out_file, level);
- fprintf (out_file, "XXX print the requestorName\n");
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No Requestor Name.\n");
- }
-
- if (tbsRequest->requestList != NULL) {
- int i;
-
- for (i = 0; tbsRequest->requestList[i] != NULL; i++) {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Request %d:\n", i);
- print_single_request (out_file, tbsRequest->requestList[i],
- level + 1);
- }
- } else {
- fprintf (out_file, "Request list is empty.\n");
- }
-
- print_ocsp_extensions (out_file, tbsRequest->requestExtensions,
- "Request Extensions", level);
-
- if (request->optionalSignature != NULL) {
- ocspSignature *whole_sig;
- SECItem rawsig;
-
- fprintf (out_file, "Signature:\n");
-
- whole_sig = request->optionalSignature;
- SECU_PrintAlgorithmID (out_file, &(whole_sig->signatureAlgorithm),
- "Signature Algorithm", level);
-
- rawsig = whole_sig->signature;
- DER_ConvertBitString (&rawsig);
- SECU_PrintAsHex (out_file, &rawsig, "Signature", level);
-
- print_raw_certificates (out_file, whole_sig->derCerts, level);
-
- fprintf (out_file, "XXX verify the sig and print result\n");
- } else {
- fprintf (out_file, "No Signature\n");
- }
-
- CERT_DestroyOCSPRequest (request);
- return SECSuccess;
-}
-
-
-static void
-print_revoked_info (FILE *out_file, ocspRevokedInfo *revoked_info, int level)
-{
- SECU_PrintGeneralizedTime (out_file, &(revoked_info->revocationTime),
- "Revocation Time", level);
-
- if (revoked_info->revocationReason != NULL) {
- SECU_PrintAsHex (out_file, revoked_info->revocationReason,
- "Revocation Reason", level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No Revocation Reason.\n");
- }
-}
-
-
-static void
-print_cert_status (FILE *out_file, ocspCertStatus *status, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Status: ");
-
- switch (status->certStatusType) {
- case ocspCertStatus_good:
- fprintf (out_file, "Cert is good.\n");
- break;
- case ocspCertStatus_revoked:
- fprintf (out_file, "Cert has been revoked.\n");
- print_revoked_info (out_file, status->certStatusInfo.revokedInfo,
- level + 1);
- break;
- case ocspCertStatus_unknown:
- fprintf (out_file, "Cert is unknown to responder.\n");
- break;
- default:
- fprintf (out_file, "Unrecognized status.\n");
- break;
- }
-}
-
-
-static void
-print_single_response (FILE *out_file, CERTOCSPSingleResponse *single,
- int level)
-{
- print_ocsp_cert_id (out_file, single->certID, level);
-
- print_cert_status (out_file, single->certStatus, level);
-
- SECU_PrintGeneralizedTime (out_file, &(single->thisUpdate),
- "This Update", level);
-
- if (single->nextUpdate != NULL) {
- SECU_PrintGeneralizedTime (out_file, single->nextUpdate,
- "Next Update", level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No Next Update\n");
- }
-
- print_ocsp_extensions (out_file, single->singleExtensions,
- "Single Response Extensions", level);
-}
-
-
-static void
-print_responder_id (FILE *out_file, ocspResponderID *responderID, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Responder ID ");
-
- switch (responderID->responderIDType) {
- case ocspResponderID_byName:
- fprintf (out_file, "(byName):\n");
- SECU_PrintName (out_file, &(responderID->responderIDValue.name),
- "Name", level + 1);
- break;
- case ocspResponderID_byKey:
- fprintf (out_file, "(byKey):\n");
- SECU_PrintAsHex (out_file, &(responderID->responderIDValue.keyHash),
- "Key Hash", level + 1);
- break;
- default:
- fprintf (out_file, "Unrecognized Responder ID Type\n");
- break;
- }
-}
-
-
-static void
-print_response_data (FILE *out_file, ocspResponseData *responseData, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Response Data:\n");
- level++;
-
- print_ocsp_version (out_file, &(responseData->version), level);
-
- print_responder_id (out_file, responseData->responderID, level);
-
- SECU_PrintGeneralizedTime (out_file, &(responseData->producedAt),
- "Produced At", level);
-
- if (responseData->responses != NULL) {
- int i;
-
- for (i = 0; responseData->responses[i] != NULL; i++) {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Response %d:\n", i);
- print_single_response (out_file, responseData->responses[i],
- level + 1);
- }
- } else {
- fprintf (out_file, "Response list is empty.\n");
- }
-
- print_ocsp_extensions (out_file, responseData->responseExtensions,
- "Response Extensions", level);
-}
-
-
-static void
-print_basic_response (FILE *out_file, ocspBasicOCSPResponse *basic, int level)
-{
- SECItem rawsig;
-
- SECU_Indent (out_file, level);
- fprintf (out_file, "Basic OCSP Response:\n");
- level++;
-
- print_response_data (out_file, basic->tbsResponseData, level);
-
- SECU_PrintAlgorithmID (out_file,
- &(basic->responseSignature.signatureAlgorithm),
- "Signature Algorithm", level);
-
- rawsig = basic->responseSignature.signature;
- DER_ConvertBitString (&rawsig);
- SECU_PrintAsHex (out_file, &rawsig, "Signature", level);
-
- print_raw_certificates (out_file, basic->responseSignature.derCerts, level);
-}
-
-
-/*
- * Note this must match (exactly) the enumeration ocspResponseStatus.
- */
-static char *responseStatusNames[] = {
- "successful (Response has valid confirmations)",
- "malformedRequest (Illegal confirmation request)",
- "internalError (Internal error in issuer)",
- "tryLater (Try again later)",
- "unused ((4) is not used)",
- "sigRequired (Must sign the request)",
- "unauthorized (Request unauthorized)",
- "other (Status value out of defined range)"
-};
-
-/*
- * Decode the DER/BER-encoded item "data" as an OCSP response
- * and pretty-print the subfields.
- */
-static SECStatus
-print_response (FILE *out_file, SECItem *data, CERTCertDBHandle *handle)
-{
- CERTOCSPResponse *response;
- int level = 0;
-
- PORT_Assert (out_file != NULL);
- PORT_Assert (data != NULL);
- if (out_file == NULL || data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- response = CERT_DecodeOCSPResponse (data);
- if (response == NULL)
- return SECFailure;
-
- PORT_Assert (response->statusValue <= ocspResponse_other);
- fprintf (out_file, "Response Status: %s\n",
- responseStatusNames[response->statusValue]);
-
- if (response->statusValue == ocspResponse_successful) {
- ocspResponseBytes *responseBytes = response->responseBytes;
- SECStatus sigStatus;
- CERTCertificate *signerCert = NULL;
-
- PORT_Assert (responseBytes != NULL);
-
- level++;
- fprintf (out_file, "Response Bytes:\n");
- SECU_PrintObjectID (out_file, &(responseBytes->responseType),
- "Response Type", level);
- switch (response->responseBytes->responseTypeTag) {
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- print_basic_response (out_file,
- responseBytes->decodedResponse.basic,
- level);
- break;
- default:
- SECU_Indent (out_file, level);
- fprintf (out_file, "Unknown response syntax\n");
- break;
- }
-
- sigStatus = CERT_VerifyOCSPResponseSignature (response, handle,
- NULL, &signerCert, NULL);
- SECU_Indent (out_file, level);
- fprintf (out_file, "Signature verification ");
- if (sigStatus != SECSuccess) {
- fprintf (out_file, "failed: %s\n", SECU_Strerror (PORT_GetError()));
- } else {
- fprintf (out_file, "succeeded.\n");
- if (signerCert != NULL) {
- SECU_PrintName (out_file, &signerCert->subject, "Signer",
- level);
- CERT_DestroyCertificate (signerCert);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No signer cert returned?\n");
- }
- }
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Unsuccessful response, no more information.\n");
- }
-
- CERT_DestroyOCSPResponse (response);
- return SECSuccess;
-}
-
-#endif /* NO_PP */
-
-
-static SECStatus
-cert_usage_from_char (const char *cert_usage_str, SECCertUsage *cert_usage)
-{
- PORT_Assert (cert_usage_str != NULL);
- PORT_Assert (cert_usage != NULL);
-
- if (PORT_Strlen (cert_usage_str) != 1)
- return SECFailure;
-
- switch (*cert_usage_str) {
- case 'c':
- *cert_usage = certUsageSSLClient;
- break;
- case 's':
- *cert_usage = certUsageSSLServer;
- break;
- case 'e':
- *cert_usage = certUsageEmailRecipient;
- break;
- case 'E':
- *cert_usage = certUsageEmailSigner;
- break;
- case 'S':
- *cert_usage = certUsageObjectSigner;
- break;
- case 'C':
- *cert_usage = certUsageVerifyCA;
- break;
- default:
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-int
-main (int argc, char **argv)
-{
- int retval;
- char *program_name;
- PRFileDesc *in_file;
- FILE *out_file; /* not PRFileDesc until SECU accepts it */
- int crequest, dresponse;
- int prequest, presponse;
- int ccert, vcert;
- const char *db_dir, *date_str, *cert_usage_str, *name;
- const char *responder_name, *responder_url, *signer_name;
- PRBool add_acceptable_responses, add_service_locator;
- SECItem *data = NULL;
- PLOptState *optstate;
- SECStatus rv;
- CERTCertDBHandle *handle = NULL;
- SECCertUsage cert_usage;
- int64 verify_time;
-
- retval = -1; /* what we return/exit with on error */
-
- program_name = PL_strrchr(argv[0], '/');
- program_name = program_name ? (program_name + 1) : argv[0];
-
- in_file = PR_STDIN;
- out_file = stdout;
-
- crequest = 0;
- dresponse = 0;
- prequest = 0;
- presponse = 0;
- ccert = 0;
- vcert = 0;
-
- db_dir = NULL;
- date_str = NULL;
- cert_usage_str = NULL;
- name = NULL;
- responder_name = NULL;
- responder_url = NULL;
- signer_name = NULL;
-
- add_acceptable_responses = PR_FALSE;
- add_service_locator = PR_FALSE;
-
- optstate = PL_CreateOptState (argc, argv, "AHLPR:S:V:d:l:pr:s:t:u:w:");
- if (optstate == NULL) {
- SECU_PrintError (program_name, "PL_CreateOptState failed");
- return retval;
- }
-
- while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- short_usage (program_name);
- return retval;
-
- case 'A':
- add_acceptable_responses = PR_TRUE;
- break;
-
- case 'H':
- long_usage (program_name);
- return retval;
-
- case 'L':
- add_service_locator = PR_TRUE;
- break;
-
- case 'P':
- presponse = 1;
- break;
-
- case 'R':
- dresponse = 1;
- name = optstate->value;
- break;
-
- case 'S':
- ccert = 1;
- name = optstate->value;
- break;
-
- case 'V':
- vcert = 1;
- name = optstate->value;
- break;
-
- case 'd':
- db_dir = optstate->value;
- break;
-
- case 'l':
- responder_url = optstate->value;
- break;
-
- case 'p':
- prequest = 1;
- break;
-
- case 'r':
- crequest = 1;
- name = optstate->value;
- break;
-
- case 's':
- signer_name = optstate->value;
- break;
-
- case 't':
- responder_name = optstate->value;
- break;
-
- case 'u':
- cert_usage_str = optstate->value;
- break;
-
- case 'w':
- date_str = optstate->value;
- break;
- }
- }
-
- if ((crequest + dresponse + prequest + presponse + ccert + vcert) != 1) {
- PR_fprintf (PR_STDERR, "%s: must specify exactly one command\n\n",
- program_name);
- short_usage (program_name);
- return retval;
- }
-
- if (vcert) {
- if (cert_usage_str == NULL) {
- PR_fprintf (PR_STDERR, "%s: verification requires cert usage\n\n",
- program_name);
- short_usage (program_name);
- return retval;
- }
-
- rv = cert_usage_from_char (cert_usage_str, &cert_usage);
- if (rv != SECSuccess) {
- PR_fprintf (PR_STDERR, "%s: invalid cert usage (\"%s\")\n\n",
- program_name, cert_usage_str);
- long_usage (program_name);
- return retval;
- }
- }
-
- if (ccert + vcert) {
- if (responder_url != NULL || responder_name != NULL) {
- /*
- * To do a full status check, both the URL and the cert name
- * of the responder must be specified if either one is.
- */
- if (responder_url == NULL || responder_name == NULL) {
- if (responder_url == NULL)
- PR_fprintf (PR_STDERR,
- "%s: must also specify responder location\n\n",
- program_name);
- else
- PR_fprintf (PR_STDERR,
- "%s: must also specify responder name\n\n",
- program_name);
- short_usage (program_name);
- return retval;
- }
- }
-
- if (date_str != NULL) {
- rv = DER_AsciiToTime (&verify_time, (char *) date_str);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name, "error converting time string");
- PR_fprintf (PR_STDERR, "\n");
- long_usage (program_name);
- return retval;
- }
- } else {
- verify_time = PR_Now();
- }
- }
-
- retval = -2; /* errors change from usage to runtime */
-
- /*
- * Initialize the NSPR and Security libraries.
- */
- PR_Init (PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- db_dir = SECU_ConfigDirectory (db_dir);
- rv = NSS_Init (db_dir);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name, "NSS_Init failed");
- goto prdone;
- }
-
- if (prequest + presponse) {
- data = read_file_into_item (in_file, siBuffer);
- if (data == NULL) {
- SECU_PrintError (program_name, "problem reading input");
- goto nssdone;
- }
- }
-
- if (crequest + dresponse + presponse + ccert + vcert) {
- handle = CERT_GetDefaultCertDB();
- if (handle == NULL) {
- SECU_PrintError (program_name, "problem getting certdb handle");
- goto nssdone;
- }
-
- /*
- * It would be fine to do the enable for all of these commands,
- * but this way we check that everything but an overall verify
- * can be done without it. That is, that the individual pieces
- * work on their own.
- */
- if (vcert) {
- rv = CERT_EnableOCSPChecking (handle);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name, "error enabling OCSP checking");
- goto nssdone;
- }
- }
-
- if ((ccert + vcert) && (responder_name != NULL)) {
- rv = CERT_SetOCSPDefaultResponder (handle, responder_url,
- responder_name);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name,
- "error setting default responder");
- goto nssdone;
- }
-
- rv = CERT_EnableOCSPDefaultResponder (handle);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name,
- "error enabling default responder");
- goto nssdone;
- }
- }
- }
-
-#define NOTYET(opt) \
- { \
- PR_fprintf (PR_STDERR, "%s not yet working\n", opt); \
- exit (-1); \
- }
-
- if (crequest) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = create_request (out_file, handle, name, add_service_locator,
- add_acceptable_responses);
- } else if (dresponse) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = dump_response (out_file, handle, name, responder_url);
- } else if (prequest) {
- rv = print_request (out_file, data);
- } else if (presponse) {
- rv = print_response (out_file, data, handle);
- } else if (ccert) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = get_cert_status (out_file, handle, name, verify_time);
- } else if (vcert) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = verify_cert (out_file, handle, name, cert_usage, verify_time);
- }
-
- if (rv != SECSuccess)
- SECU_PrintError (program_name, "error performing requested operation");
- else
- retval = 0;
-
-nssdone:
- if (data != NULL) {
- SECITEM_FreeItem (data, PR_TRUE);
- }
-
- if (handle != NULL) {
- (void) CERT_DisableOCSPChecking (handle);
- }
-
- if (NSS_Shutdown () != SECSuccess) {
- exit(1);
- }
-
-prdone:
- PR_Cleanup ();
- return retval;
-}
diff --git a/security/nss/cmd/oidcalc/Makefile b/security/nss/cmd/oidcalc/Makefile
deleted file mode 100644
index 689240abd..000000000
--- a/security/nss/cmd/oidcalc/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/oidcalc/manifest.mn b/security/nss/cmd/oidcalc/manifest.mn
deleted file mode 100644
index 7e1c3fad6..000000000
--- a/security/nss/cmd/oidcalc/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = oidcalc.c
-
-PROGRAM = oidcalc
diff --git a/security/nss/cmd/oidcalc/oidcalc.c b/security/nss/cmd/oidcalc/oidcalc.c
deleted file mode 100644
index cadc425a4..000000000
--- a/security/nss/cmd/oidcalc/oidcalc.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-int
-main(int argc, char **argv)
-{
- char *curstr;
- char *nextstr;
- unsigned int firstval;
- unsigned int secondval;
- unsigned int val;
- unsigned char buf[5];
- int count;
-
- if ( argc != 2 ) {
- fprintf(stderr, "wrong number of args\n");
- exit(-1);
- }
-
- curstr = argv[1];
-
- nextstr = strchr(curstr, '.');
-
- if ( nextstr == NULL ) {
- fprintf(stderr, "only one component\n");
- exit(-1);
- }
-
- *nextstr = '\0';
- firstval = atoi(curstr);
-
- curstr = nextstr + 1;
-
- nextstr = strchr(curstr, '.');
-
- if ( nextstr ) {
- *nextstr = '\0';
- }
-
- secondval = atoi(curstr);
-
- if ( ( firstval < 0 ) || ( firstval > 2 ) ) {
- fprintf(stderr, "first component out of range\n");
- exit(-1);
-
- }
-
- if ( ( secondval < 0 ) || ( secondval > 39 ) ) {
- fprintf(stderr, "second component out of range\n");
- exit(-1);
- }
-
- printf("0x%x, ", ( firstval * 40 ) + secondval );
- while ( nextstr ) {
- curstr = nextstr + 1;
-
- nextstr = strchr(curstr, '.');
-
- if ( nextstr ) {
- *nextstr = '\0';
- }
-
- memset(buf, 0, sizeof(buf));
- val = atoi(curstr);
- count = 0;
- while ( val ) {
- buf[count] = ( val & 0x7f );
- val = val >> 7;
- count++;
- }
-
- while ( count-- ) {
- if ( count ) {
- printf("0x%x, ", buf[count] | 0x80 );
- } else {
- printf("0x%x, ", buf[count] );
- }
- }
- }
- printf("\n");
- return 0;
-}
-
diff --git a/security/nss/cmd/p7content/Makefile b/security/nss/cmd/p7content/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7content/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7content/manifest.mn b/security/nss/cmd/p7content/manifest.mn
deleted file mode 100644
index 3ebd21743..000000000
--- a/security/nss/cmd/p7content/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-CSRCS = p7content.c
-
-REQUIRES = seccmd
-
-PROGRAM = p7content
-
diff --git a/security/nss/cmd/p7content/p7content.c b/security/nss/cmd/p7content/p7content.c
deleted file mode 100644
index 8b5ad65ce..000000000
--- a/security/nss/cmd/p7content/p7content.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7content -- A command to display pkcs7 content.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-d dbdir] [-i input] [-o output]\n",
- progName);
- fprintf(stderr,
- "%-20s Key/Cert database directory (default is ~/.netscape)\n",
- "-d dbdir");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-static PRBool saw_content;
-
-static void
-PrintBytes(void *arg, const char *buf, unsigned long len)
-{
- FILE *out;
-
- out = arg;
- fwrite (buf, len, 1, out);
-
- saw_content = PR_TRUE;
-}
-
-/*
- * XXX Someday we may want to do real policy stuff here. This allows
- * anything to be decrypted, which is okay for a test program but does
- * not set an example of how a real client with a real policy would
- * need to do it.
- */
-static PRBool
-decryption_allowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
- return PR_TRUE;
-}
-
-int
-DecodeAndPrintFile(FILE *out, PRFileDesc *in, char *progName)
-{
- SECItem derdata;
- SEC_PKCS7ContentInfo *cinfo = NULL;
- SEC_PKCS7DecoderContext *dcx;
-
- if (SECU_ReadDERFromFile(&derdata, in, PR_FALSE)) {
- SECU_PrintError(progName, "error converting der");
- return -1;
- }
-
- fprintf(out,
- "Content printed between bars (newline added before second bar):");
- fprintf(out, "\n---------------------------------------------\n");
-
- saw_content = PR_FALSE;
- dcx = SEC_PKCS7DecoderStart(PrintBytes, out, NULL, NULL,
- NULL, NULL, decryption_allowed);
- if (dcx != NULL) {
-#if 0 /* Test that decoder works when data is really streaming in. */
- {
- unsigned long i;
- for (i = 0; i < derdata.len; i++)
- SEC_PKCS7DecoderUpdate(dcx, derdata.data + i, 1);
- }
-#else
- SEC_PKCS7DecoderUpdate(dcx, (char *)derdata.data, derdata.len);
-#endif
- cinfo = SEC_PKCS7DecoderFinish(dcx);
- }
-
- fprintf(out, "\n---------------------------------------------\n");
-
- if (cinfo == NULL)
- return -1;
-
- fprintf(out, "Content was%s encrypted.\n",
- SEC_PKCS7ContentIsEncrypted(cinfo) ? "" : " not");
-
- if (SEC_PKCS7ContentIsSigned(cinfo)) {
- char *signer_cname, *signer_ename;
- SECItem *signing_time;
-
- if (saw_content) {
- fprintf(out, "Signature is ");
- PORT_SetError(0);
- if (SEC_PKCS7VerifySignature(cinfo, certUsageEmailSigner, PR_FALSE))
- fprintf(out, "valid.\n");
- else
- fprintf(out, "invalid (Reason: %s).\n",
- SECU_Strerror(PORT_GetError()));
- } else {
- fprintf(out,
- "Content is detached; signature cannot be verified.\n");
- }
-
- signer_cname = SEC_PKCS7GetSignerCommonName(cinfo);
- if (signer_cname != NULL) {
- fprintf(out, "The signer's common name is %s\n", signer_cname);
- PORT_Free(signer_cname);
- } else {
- fprintf(out, "No signer common name.\n");
- }
-
- signer_ename = SEC_PKCS7GetSignerEmailAddress(cinfo);
- if (signer_ename != NULL) {
- fprintf(out, "The signer's email address is %s\n", signer_ename);
- PORT_Free(signer_ename);
- } else {
- fprintf(out, "No signer email address.\n");
- }
-
- signing_time = SEC_PKCS7GetSigningTime(cinfo);
- if (signing_time != NULL) {
- SECU_PrintUTCTime(out, signing_time, "Signing time", 0);
- } else {
- fprintf(out, "No signing time included.\n");
- }
- } else {
- fprintf(out, "Content was not signed.\n");
- }
-
- fprintf(out, "There were%s certs or crls included.\n",
- SEC_PKCS7ContainsCertsOrCrls(cinfo) ? "" : " no");
-
- SEC_PKCS7DestroyContentInfo(cinfo);
- return 0;
-}
-
-
-/*
- * Print the contents of a PKCS7 message, indicating signatures, etc.
- */
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "d:i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- default:
- Usage(progName);
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- /* Call the initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- if (DecodeAndPrintFile(outFile, inFile, progName)) {
- SECU_PrintError(progName, "problem decoding data");
- return -1;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/p7env/Makefile b/security/nss/cmd/p7env/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7env/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7env/manifest.mn b/security/nss/cmd/p7env/manifest.mn
deleted file mode 100644
index 7d51282f9..000000000
--- a/security/nss/cmd/p7env/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-CSRCS = p7env.c
-
-REQUIRES = seccmd
-
-PROGRAM = p7env
-
diff --git a/security/nss/cmd/p7env/p7env.c b/security/nss/cmd/p7env/p7env.c
deleted file mode 100644
index 54d79fbfc..000000000
--- a/security/nss/cmd/p7env/p7env.c
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7env -- A command to create a pkcs7 enveloped data.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-extern void SEC_Init(void); /* XXX */
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -r recipient [-d dbdir] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Nickname of cert to use for encryption\n",
- "-r recipient");
- fprintf(stderr, "%-20s Cert database directory (default is ~/.netscape)\n",
- "-d dbdir");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-struct recipient {
- struct recipient *next;
- char *nickname;
- CERTCertificate *cert;
-};
-
-static void
-EncryptOut(void *arg, const char *buf, unsigned long len)
-{
- FILE *out;
-
- out = arg;
- fwrite (buf, len, 1, out);
-}
-
-static int
-EncryptFile(FILE *outFile, FILE *inFile, struct recipient *recipients,
- char *progName)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7EncoderContext *ecx;
- struct recipient *rcpt;
- SECStatus rv;
-
- if (outFile == NULL || inFile == NULL || recipients == NULL)
- return -1;
-
- /* XXX Need a better way to handle that certUsage stuff! */
- /* XXX keysize? */
- cinfo = SEC_PKCS7CreateEnvelopedData (recipients->cert,
- certUsageEmailRecipient,
- NULL, SEC_OID_DES_EDE3_CBC, 0,
- NULL, NULL);
- if (cinfo == NULL)
- return -1;
-
- for (rcpt = recipients->next; rcpt != NULL; rcpt = rcpt->next) {
- rv = SEC_PKCS7AddRecipient (cinfo, rcpt->cert, certUsageEmailRecipient,
- NULL);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error adding recipient \"%s\"",
- rcpt->nickname);
- return -1;
- }
- }
-
- ecx = SEC_PKCS7EncoderStart (cinfo, EncryptOut, outFile, NULL);
- if (ecx == NULL)
- return -1;
-
- for (;;) {
- char ibuf[1024];
- int nb;
-
- if (feof(inFile))
- break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- rv = SECFailure;
- }
- break;
- }
- rv = SEC_PKCS7EncoderUpdate(ecx, ibuf, nb);
- if (rv != SECSuccess)
- break;
- }
-
- if (SEC_PKCS7EncoderFinish(ecx, NULL, NULL) != SECSuccess)
- rv = SECFailure;
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- return -1;
-
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *inFile, *outFile;
- char *certName;
- CERTCertDBHandle *certHandle;
- CERTCertificate *cert;
- struct recipient *recipients, *rcpt;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- certName = NULL;
- recipients = NULL;
- rcpt = NULL;
-
- /*
- * Parse command line arguments
- * XXX This needs to be enhanced to allow selection of algorithms
- * and key sizes (or to look up algorithms and key sizes for each
- * recipient in the magic database).
- */
- optstate = PL_CreateOptState(argc, argv, "d:i:o:r:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'r':
- if (rcpt == NULL) {
- recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
- } else {
- rcpt->next = PORT_Alloc (sizeof(struct recipient));
- rcpt = rcpt->next;
- }
- if (rcpt == NULL) {
- fprintf(stderr, "%s: unable to allocate recipient struct\n",
- progName);
- return -1;
- }
- rcpt->nickname = strdup(optstate->value);
- rcpt->cert = NULL;
- rcpt->next = NULL;
- break;
- }
- }
-
- if (!recipients) Usage(progName);
-
- if (!inFile) inFile = stdin;
- if (!outFile) outFile = stdout;
-
- /* Call the libsec initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- /* open cert database */
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle == NULL) {
- return -1;
- }
-
- /* find certs */
- for (rcpt = recipients; rcpt != NULL; rcpt = rcpt->next) {
- rcpt->cert = CERT_FindCertByNickname(certHandle, rcpt->nickname);
- if (rcpt->cert == NULL) {
- SECU_PrintError(progName,
- "the cert for name \"%s\" not found in database",
- rcpt->nickname);
- return -1;
- }
- }
-
- if (EncryptFile(outFile, inFile, recipients, progName)) {
- SECU_PrintError(progName, "problem encrypting data");
- return -1;
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/p7sign/Makefile b/security/nss/cmd/p7sign/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7sign/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7sign/manifest.mn b/security/nss/cmd/p7sign/manifest.mn
deleted file mode 100644
index d5134df48..000000000
--- a/security/nss/cmd/p7sign/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-CSRCS = p7sign.c
-
-REQUIRES = seccmd
-
-PROGRAM = p7sign
-
diff --git a/security/nss/cmd/p7sign/p7sign.c b/security/nss/cmd/p7sign/p7sign.c
deleted file mode 100644
index 09cbd8dcd..000000000
--- a/security/nss/cmd/p7sign/p7sign.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7sign -- A command to create a *detached* pkcs7 signature (over a given
- * input file).
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-#include "nss.h"
-#include "pk11func.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-char* KeyDbPassword = 0;
-
-
-char* MyPK11PasswordFunc (PK11SlotInfo *slot, PRBool retry, void* arg)
-{
- char *ret=0;
-
- if (retry == PR_TRUE)
- return NULL;
- ret = PL_strdup (KeyDbPassword);
- return ret;
-}
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -k keyname [-d keydir] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Nickname of key to use for signature\n",
- "-k keyname");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- fprintf(stderr, "%-20s Encapsulate content in signature message\n",
- "-e");
- fprintf(stderr, "%-20s Password to the key databse\n", "-p");
- exit(-1);
-}
-
-static void
-SignOut(void *arg, const char *buf, unsigned long len)
-{
- FILE *out;
-
- out = (FILE*) arg;
- fwrite (buf, len, 1, out);
-}
-
-static int
-CreateDigest(SECItem *data, char *digestdata, unsigned int *len, unsigned int maxlen)
-{
- const SECHashObject *hashObj;
- void *hashcx;
-
- /* XXX probably want to extend interface to allow other hash algorithms */
- hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
- (* hashObj->update)(hashcx, data->data, data->len);
- (* hashObj->end)(hashcx, (unsigned char *)digestdata, len, maxlen);
- (* hashObj->destroy)(hashcx, PR_TRUE);
- return 0;
-}
-
-static int
-SignFile(FILE *outFile, PRFileDesc *inFile, CERTCertificate *cert,
- PRBool encapsulated)
-{
- int nb;
- char digestdata[32];
- unsigned int len;
- SECItem digest, data2sign;
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- if (outFile == NULL || inFile == NULL || cert == NULL)
- return -1;
-
- /* suck the file in */
- if (SECU_ReadDERFromFile(&data2sign, inFile, PR_FALSE) != SECSuccess)
- return -1;
-
- if (!encapsulated) {
- /* unfortunately, we must create the digest ourselves */
- /* SEC_PKCS7CreateSignedData should have a flag to not include */
- /* the content for non-encapsulated content at encode time, but */
- /* should always compute the hash itself */
- if (CreateDigest(&data2sign, digestdata, &len, 32) < 0)
- return -1;
- digest.data = (unsigned char *)digestdata;
- digest.len = len;
- }
-
- /* XXX Need a better way to handle that usage stuff! */
- cinfo = SEC_PKCS7CreateSignedData (cert, certUsageEmailSigner, NULL,
- SEC_OID_SHA1,
- encapsulated ? NULL : &digest,
- NULL, NULL);
- if (cinfo == NULL)
- return -1;
-
- if (encapsulated) {
- SEC_PKCS7SetContent(cinfo, (char *)data2sign.data, data2sign.len);
- }
-
- rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return -1;
- }
-
- rv = SEC_PKCS7Encode (cinfo, SignOut, outFile, NULL,
- NULL, NULL);
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- return -1;
-
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- char *keyName;
- CERTCertDBHandle *certHandle;
- CERTCertificate *cert;
- PRBool encapsulated = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- keyName = NULL;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "ed:k:i:o:p:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'e':
- /* create a message with the signed content encapsulated */
- encapsulated = PR_TRUE;
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'k':
- keyName = strdup(optstate->value);
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- case 'p':
- KeyDbPassword = strdup (optstate->value);
- break;
- }
- }
-
- if (!keyName) Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- /* Call the initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- PK11_SetPasswordFunc (MyPK11PasswordFunc);
-
- /* open cert database */
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle == NULL) {
- return -1;
- }
-
- /* find cert */
- cert = CERT_FindCertByNickname(certHandle, keyName);
- if (cert == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- keyName);
- return -1;
- }
-
- if (SignFile(outFile, inFile, cert, encapsulated)) {
- SECU_PrintError(progName, "problem signing data");
- return -1;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/p7verify/Makefile b/security/nss/cmd/p7verify/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7verify/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7verify/manifest.mn b/security/nss/cmd/p7verify/manifest.mn
deleted file mode 100644
index 7e841c700..000000000
--- a/security/nss/cmd/p7verify/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-CSRCS = p7verify.c
-
-REQUIRES = seccmd
-
-PROGRAM = p7verify
-
diff --git a/security/nss/cmd/p7verify/p7verify.c b/security/nss/cmd/p7verify/p7verify.c
deleted file mode 100644
index 81815081b..000000000
--- a/security/nss/cmd/p7verify/p7verify.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7verify -- A command to do a verification of a *detached* pkcs7 signature.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secoid.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-
-static HASH_HashType
-AlgorithmToHashType(SECAlgorithmID *digestAlgorithms)
-{
-
- SECOidTag tag;
-
- tag = SECOID_GetAlgorithmTag(digestAlgorithms);
-
- switch (tag) {
- case SEC_OID_MD2:
- return HASH_AlgMD2;
- case SEC_OID_MD5:
- return HASH_AlgMD5;
- case SEC_OID_SHA1:
- return HASH_AlgSHA1;
- default:
- fprintf(stderr, "should never get here\n");
- return HASH_AlgNULL;
- }
-}
-
-static int
-DigestFile(unsigned char *digest, unsigned int *len, unsigned int maxLen,
- FILE *inFile, HASH_HashType hashType)
-{
- int nb;
- unsigned char ibuf[4096];
- const SECHashObject *hashObj;
- void *hashcx;
-
- hashObj = HASH_GetHashObject(hashType);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- (* hashObj->destroy)(hashcx, PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- }
- (* hashObj->update)(hashcx, ibuf, nb);
- }
-
- (* hashObj->end)(hashcx, digest, len, maxLen);
- (* hashObj->destroy)(hashcx, PR_TRUE);
-
- return 0;
-}
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -c content -s signature [-d dbdir] [-u certusage]\n",
- progName);
- fprintf(stderr, "%-20s content file that was signed\n",
- "-c content");
- fprintf(stderr, "%-20s file containing signature for that content\n",
- "-s signature");
- fprintf(stderr,
- "%-20s Key/Cert database directory (default is ~/.netscape)\n",
- "-d dbdir");
- fprintf(stderr, "%-20s Define the type of certificate usage (default is certUsageEmailSigner)\n",
- "-u certusage");
- fprintf(stderr, "%-25s 0 - certUsageSSLClient\n", " ");
- fprintf(stderr, "%-25s 1 - certUsageSSLServer\n", " ");
- fprintf(stderr, "%-25s 2 - certUsageSSLServerWithStepUp\n", " ");
- fprintf(stderr, "%-25s 3 - certUsageSSLCA\n", " ");
- fprintf(stderr, "%-25s 4 - certUsageEmailSigner\n", " ");
- fprintf(stderr, "%-25s 5 - certUsageEmailRecipient\n", " ");
- fprintf(stderr, "%-25s 6 - certUsageObjectSigner\n", " ");
- fprintf(stderr, "%-25s 7 - certUsageUserCertImport\n", " ");
- fprintf(stderr, "%-25s 8 - certUsageVerifyCA\n", " ");
- fprintf(stderr, "%-25s 9 - certUsageProtectedObjectSigner\n", " ");
- fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
- fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
-
- exit(-1);
-}
-
-static int
-HashDecodeAndVerify(FILE *out, FILE *content, PRFileDesc *signature,
- SECCertUsage usage, char *progName)
-{
- SECItem derdata;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7SignedData *signedData;
- HASH_HashType digestType;
- SECItem digest;
- unsigned char buffer[32];
-
- if (SECU_ReadDERFromFile(&derdata, signature, PR_FALSE) != SECSuccess) {
- SECU_PrintError(progName, "error reading signature file");
- return -1;
- }
-
- cinfo = SEC_PKCS7DecodeItem(&derdata, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL);
- if (cinfo == NULL)
- return -1;
-
- if (! SEC_PKCS7ContentIsSigned(cinfo)) {
- fprintf (out, "Signature file is pkcs7 data, but not signed.\n");
- return -1;
- }
-
- signedData = cinfo->content.signedData;
-
- /* assume that there is only one digest algorithm for now */
- digestType = AlgorithmToHashType(signedData->digestAlgorithms[0]);
- if (digestType == HASH_AlgNULL) {
- fprintf (out, "Invalid hash algorithmID\n");
- return -1;
- }
-
- digest.data = buffer;
- if (DigestFile (digest.data, &digest.len, 32, content, digestType)) {
- SECU_PrintError (progName, "problem computing message digest");
- return -1;
- }
-
- fprintf(out, "Signature is ");
- if (SEC_PKCS7VerifyDetachedSignature (cinfo, usage, &digest, digestType,
- PR_FALSE))
- fprintf(out, "valid.\n");
- else
- fprintf(out, "invalid (Reason: %s).\n",
- SECU_Strerror(PORT_GetError()));
-
- SEC_PKCS7DestroyContentInfo(cinfo);
- return 0;
-}
-
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *contentFile, *outFile;
- PRFileDesc *signatureFile;
- SECCertUsage certUsage = certUsageEmailSigner;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- contentFile = NULL;
- signatureFile = NULL;
- outFile = NULL;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "c:d:o:s:u:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'c':
- contentFile = fopen(optstate->value, "r");
- if (!contentFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 's':
- signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!signatureFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'u': {
- int usageType;
-
- usageType = atoi (strdup(optstate->value));
- if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
- return -1;
- certUsage = (SECCertUsage)usageType;
- break;
- }
-
- }
- }
-
- if (!contentFile) Usage (progName);
- if (!signatureFile) Usage (progName);
- if (!outFile) outFile = stdout;
-
- /* Call the libsec initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- if (HashDecodeAndVerify(outFile, contentFile, signatureFile,
- certUsage, progName)) {
- SECU_PrintError(progName, "problem decoding/verifying signature");
- return -1;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/pk12util/Makefile b/security/nss/cmd/pk12util/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/pk12util/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pk12util/manifest.mn b/security/nss/cmd/pk12util/manifest.mn
deleted file mode 100644
index 40fd6d6ac..000000000
--- a/security/nss/cmd/pk12util/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- pk12util.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = pk12util
-
-# USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c
deleted file mode 100644
index 255c189d9..000000000
--- a/security/nss/cmd/pk12util/pk12util.c
+++ /dev/null
@@ -1,867 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "pk11func.h"
-#include "pkcs12.h"
-#include "p12plcy.h"
-#include "pk12util.h"
-#include "nss.h"
-#include "secport.h"
-#include "certdb.h"
-
-#define PKCS12_IN_BUFFER_SIZE 200
-
-static char *progName;
-PRBool pk12_debugging = PR_FALSE;
-
-PRIntn pk12uErrno = 0;
-
-static void
-Usage(char *progName)
-{
-#define FPS PR_fprintf(PR_STDERR,
- FPS "Usage: %s -i importfile [-d certdir] [-P dbprefix] [-h tokenname]\n",
- progName);
- FPS "\t\t [-k slotpwfile | -K slotpw] [-w p12filepwfile | -W p12filepw]\n");
- FPS "\t\t [-v]\n");
- FPS "Usage: %s -o exportfile -n certname [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t\t [-k slotpwfile | -K slotpw] [-w p12filepwfile | -W p12filepw]\n");
- FPS "\t\t [-v]\n");
- exit(PK12UERR_USAGE);
-}
-
-static PRBool
-p12u_OpenExportFile(p12uContext *p12cxt, PRBool fileRead)
-{
- if(!p12cxt || !p12cxt->filename) {
- return PR_FALSE;
- }
-
- if(fileRead) {
- p12cxt->file = PR_Open(p12cxt->filename,
- PR_RDONLY, 0400);
- } else {
- p12cxt->file = PR_Open(p12cxt->filename,
- PR_CREATE_FILE | PR_RDWR | PR_TRUNCATE,
- 0600);
- }
-
- if(!p12cxt->file) {
- p12cxt->error = PR_TRUE;
- PR_SetError(SEC_ERROR_NO_MEMORY, 0);
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-static void
-p12u_DestroyExportFileInfo(p12uContext **exp_ptr, PRBool removeFile)
-{
- if(!exp_ptr || !(*exp_ptr)) {
- return;
- }
-
- if((*exp_ptr)->file != NULL) {
- PR_Close((*exp_ptr)->file);
- }
-
- if((*exp_ptr)->filename != NULL) {
- if(removeFile) {
- PR_Delete((*exp_ptr)->filename);
- }
- PR_Free((*exp_ptr)->filename);
- }
-
- PR_Free(*exp_ptr);
- *exp_ptr = NULL;
-}
-
-static p12uContext *
-p12u_InitFile(PRBool fileImport, char *filename)
-{
- p12uContext *p12cxt;
- PRBool fileExist;
-
- if(fileImport)
- fileExist = PR_TRUE;
- else
- fileExist = PR_FALSE;
-
- p12cxt = (p12uContext *)PORT_ZAlloc(sizeof(p12uContext));
- if(!p12cxt) {
- PR_SetError(SEC_ERROR_NO_MEMORY, 0);
- return NULL;
- }
-
- p12cxt->error = PR_FALSE;
- p12cxt->errorValue = 0;
- p12cxt->filename = strdup(filename);
-
- if(!p12u_OpenExportFile(p12cxt, fileImport)) {
- PR_SetError(p12cxt->errorValue, 0);
- p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
- return NULL;
- }
-
- return p12cxt;
-}
-
-SECItem *
-P12U_NicknameCollisionCallback(SECItem *old_nick, PRBool *cancel, void *wincx)
-{
- char *nick = NULL;
- SECItem *ret_nick = NULL;
-
- if(cancel == NULL) {
- pk12uErrno = PK12UERR_USER_CANCELLED;
- return NULL;
- }
-
- if (!old_nick)
- fprintf(stdout, "pk12util: no nickname for cert...not handled\n");
-
- /* XXX not handled yet */
- *cancel = PR_TRUE;
- return NULL;
-
-#if 0
- nick = strdup( DEFAULT_CERT_NICKNAME );
-
- if(old_nick && !PORT_Strcmp((char *)old_nick->data, nick)) {
- PORT_Free(nick);
- return NULL;
- }
-
- ret_nick = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(ret_nick == NULL) {
- PORT_Free(nick);
- return NULL;
- }
-
- ret_nick->data = (unsigned char *)nick;
- ret_nick->len = PORT_Strlen(nick);
-
- return ret_nick;
-#endif
-}
-
-static SECStatus
-p12u_SwapUnicodeBytes(SECItem *uniItem)
-{
- unsigned int i;
- unsigned char a;
- if((uniItem == NULL) || (uniItem->len % 2)) {
- return SECFailure;
- }
- for(i = 0; i < uniItem->len; i += 2) {
- a = uniItem->data[i];
- uniItem->data[i] = uniItem->data[i+1];
- uniItem->data[i+1] = a;
- }
- return SECSuccess;
-}
-
-static PRBool
-p12u_ucs2_ascii_conversion_function(PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen,
- PRBool swapBytes)
-{
- SECItem it = { 0 };
- SECItem *dup = NULL;
- PRBool ret;
- /* If converting Unicode to ASCII, swap bytes before conversion
- * as neccessary.
- */
- if (pk12_debugging) {
- int i;
- printf("Converted from:\n");
- for (i=0; i<inBufLen; i++) {
- printf("%2x ", inBuf[i]);
- /*if (i%60 == 0) printf("\n");*/
- }
- printf("\n");
- }
- it.data = inBuf;
- it.len = inBufLen;
- dup = SECITEM_DupItem(&it);
- if (!toUnicode && swapBytes) {
- if (p12u_SwapUnicodeBytes(dup) != SECSuccess) {
- SECITEM_ZfreeItem(dup, PR_TRUE);
- return PR_FALSE;
- }
- }
- /* Perform the conversion. */
- ret = PORT_UCS2_UTF8Conversion(toUnicode, dup->data, dup->len,
- outBuf, maxOutBufLen, outBufLen);
- if (dup)
- SECITEM_ZfreeItem(dup, PR_TRUE);
- /* If converting ASCII to Unicode, swap bytes before returning
- * as neccessary.
- */
-#if 0
- if (toUnicode && swapBytes) {
- it.data = outBuf;
- it.len = *outBufLen;
- dup = SECITEM_DupItem(&it);
- if (p12u_SwapUnicodeBytes(dup) != SECSuccess) {
- SECITEM_ZfreeItem(dup, PR_TRUE);
- return PR_FALSE;
- }
- memcpy(outBuf, dup->data, *outBufLen);
- SECITEM_ZfreeItem(dup, PR_TRUE);
- }
-#endif
- if (pk12_debugging) {
- int i;
- printf("Converted to:\n");
- for (i=0; i<*outBufLen; i++) {
- printf("%2x ", outBuf[i]);
- /*if (i%60 == 0) printf("\n");*/
- }
- printf("\n");
- }
- return ret;
-}
-
-SECStatus
-P12U_UnicodeConversion(PRArenaPool *arena, SECItem *dest, SECItem *src,
- PRBool toUnicode, PRBool swapBytes)
-{
- unsigned int allocLen;
- if(!dest || !src) {
- return SECFailure;
- }
- allocLen = ((toUnicode) ? (src->len << 2) : src->len);
- if(arena) {
- dest->data = PORT_ArenaZAlloc(arena, allocLen);
- } else {
- dest->data = PORT_ZAlloc(allocLen);
- }
- if(PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len,
- dest->data, allocLen, &dest->len,
- swapBytes) == PR_FALSE) {
- if(!arena) {
- PORT_Free(dest->data);
- }
- dest->data = NULL;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- *
- */
-SECItem *
-P12U_GetP12FilePassword(PRBool confirmPw, secuPWData *p12FilePw)
-{
- char *p0 = NULL, *p1 = NULL;
- SECItem *pwItem = NULL;
-
- if (p12FilePw == NULL || p12FilePw->source == PW_NONE) {
- for (;;) {
- p0 = SECU_GetPasswordString(NULL,
- "Enter password for PKCS12 file: ");
- if (!confirmPw)
- break;
- p1 = SECU_GetPasswordString(NULL, "Re-enter password: ");
- if (PL_strcmp(p0, p1) == 0)
- break;
- }
- } else if (p12FilePw->source == PW_FROMFILE) {
- p0 = SECU_FilePasswd(NULL, PR_FALSE, p12FilePw->data);
- } else { /* Plaintext */
- p0 = p12FilePw->data;
- }
-
- pwItem = SECITEM_AllocItem(NULL, NULL, PL_strlen(p0) + 1);
- memcpy(pwItem->data, p0, pwItem->len);
-
- PORT_Memset(p0, 0, PL_strlen(p0));
- PORT_Free(p0);
-
- PORT_Memset(p1, 0, PL_strlen(p1));
- PORT_Free(p1);
-
- return pwItem;
-}
-
-SECStatus
-P12U_InitSlot(PK11SlotInfo *slot, secuPWData *slotPw)
-{
- SECStatus rv;
-
- /* New databases, initialize keydb password. */
- if (PK11_NeedUserInit(slot)) {
- rv = SECU_ChangePW(slot,
- (slotPw->source == PW_PLAINTEXT) ? slotPw->data : 0,
- (slotPw->source == PW_FROMFILE) ? slotPw->data : 0);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "Failed to initialize slot \"%s\"",
- PK11_GetSlotName(slot));
- return SECFailure;
- }
- }
-
- if (PK11_Authenticate(slot, PR_TRUE, slotPw) != SECSuccess) {
- SECU_PrintError(progName,
- "Failed to authenticate to PKCS11 slot");
- PORT_SetError(SEC_ERROR_USER_CANCELLED);
- pk12uErrno = PK12UERR_USER_CANCELLED;
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/*
- * given a filename for pkcs12 file, imports certs and keys
- *
- * Change: altitude
- * I've changed this function so that it takes the keydb and pkcs12 file
- * passwords from files. The "pwdKeyDB" and "pwdP12File"
- * variables have been added for this purpose.
- */
-PRIntn
-P12U_ImportPKCS12Object(char *in_file, PK11SlotInfo *slot,
- secuPWData *slotPw, secuPWData *p12FilePw)
-{
- p12uContext *p12cxt = NULL;
- unsigned char inBuf[PKCS12_IN_BUFFER_SIZE];
- SEC_PKCS12DecoderContext *p12dcx = NULL;
- SECItem *pwitem = NULL, uniPwitem = { 0 };
- SECItem p12file = { 0 };
- SECStatus rv = SECFailure;
- PRBool swapUnicode = PR_FALSE;
- int error;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicode = PR_TRUE;
-#endif
-
- rv = P12U_InitSlot(slot, slotPw);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "Failed to authenticate to \"%s\"",
- PK11_GetSlotName(slot));
- pk12uErrno = PK12UERR_PK11GETSLOT;
- goto loser;
- }
-
- p12cxt = p12u_InitFile(PR_TRUE, in_file);
- if(!p12cxt) {
- SECU_PrintError(progName,"Initialization failed: %s", in_file);
- pk12uErrno = PK12UERR_INIT_FILE;
- goto loser;
- }
-
- /* get the password */
- pwitem = P12U_GetP12FilePassword(PR_FALSE, p12FilePw);
- if (!pwitem) {
- pk12uErrno = PK12UERR_USER_CANCELLED;
- goto loser;
- }
-
- if(P12U_UnicodeConversion(NULL, &uniPwitem, pwitem, PR_TRUE,
- swapUnicode) != SECSuccess) {
- SECU_PrintError(progName,"Unicode conversion failed");
- pk12uErrno = PK12UERR_UNICODECONV;
- goto loser;
- }
-
- /* init the decoder context */
- p12dcx = SEC_PKCS12DecoderStart(&uniPwitem, slot, slotPw,
- NULL, NULL, NULL, NULL, NULL);
- if(!p12dcx) {
- SECU_PrintError(progName,"PKCS12 decoder start failed");
- pk12uErrno = PK12UERR_PK12DECODESTART;
- goto loser;
- }
-
- /* decode the item */
- rv = SECU_FileToItem(&p12file, p12cxt->file);
- if (rv != SECSuccess) {
- SECU_PrintError(progName,"Failed to read from import file");
- goto loser;
- }
- rv = SEC_PKCS12DecoderUpdate(p12dcx, p12file.data, p12file.len);
-
- if(rv != SECSuccess) {
- error = PR_GetError();
- if(error == SEC_ERROR_DECRYPTION_DISALLOWED) {
- PR_SetError(error, 0);
- goto loser;
- }
-#ifdef EXTRA
- /* unable to import as a new blob, it might be an old one */
- if(p12u_TryToImportOldPDU(p12cxt, pwitem, slot, import_arg->nickCb,
- import_arg->proto_win) != SECSuccess) {
- goto loser;
- }
- goto tried_pdu_import;
-#endif /* EXTRA */
- SECU_PrintError(progName,"PKCS12 decoding failed");
- pk12uErrno = PK12UERR_DECODE;
- }
-
- rv = SECFailure;
-
- /* does the blob authenticate properly? */
- if(SEC_PKCS12DecoderVerify(p12dcx) != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 decode not verified");
- pk12uErrno = PK12UERR_DECODEVERIFY;
- goto loser;
- }
-
- /* make sure the bags are okey dokey -- nicknames correct, etc. */
- if (SEC_PKCS12DecoderValidateBags(p12dcx, P12U_NicknameCollisionCallback)
- != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_PKCS12_DUPLICATE_DATA) {
- pk12uErrno = PK12UERR_CERTALREADYEXISTS;
- } else {
- pk12uErrno = PK12UERR_DECODEVALIBAGS;
- }
- SECU_PrintError(progName,"PKCS12 decode validate bags failed");
- goto loser;
- }
-
- /* stuff 'em in */
- if(SEC_PKCS12DecoderImportBags(p12dcx) != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 decode import bags failed");
- pk12uErrno = PK12UERR_DECODEIMPTBAGS;
- goto loser;
- }
-
-#if 0
- /* important - to add the password hash into the key database */
- rv = PK11_CheckUserPassword(slot, pw_string);
- if( rv != SECSuccess ) {
- SECU_PrintError(progName,"Failed to CheckUserPassword");
- exit(-1);
- }
-#endif
-
- PR_Close(p12cxt->file);
- p12cxt->file = NULL;
- /* PK11_FreeSlot(slot); */
-
- rv = SECSuccess;
-
-loser:
- if (rv != SECSuccess) {
- /* pk12u_report_failure */
- } else {
- /* pk12u_report_success ? */
- }
-
- if (p12dcx) {
- SEC_PKCS12DecoderFinish(p12dcx);
- }
- p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
-
- if (uniPwitem.data) {
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- }
-
- if (pwitem) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- }
-
-
- return rv;
-}
-
-static void
-p12u_DoPKCS12ExportErrors()
-{
- int error_value;
-
- error_value = PORT_GetError();
- if ((error_value == SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY) ||
- (error_value == SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME) ||
- (error_value == SEC_ERROR_PKCS12_UNABLE_TO_WRITE)) {
- fprintf(stderr, SECU_ErrorStringRaw((int16)error_value));
- } else if(error_value == SEC_ERROR_USER_CANCELLED) {
- ;
- } else {
- fprintf(stderr, SECU_ErrorStringRaw(SEC_ERROR_EXPORTING_CERTIFICATES));
- }
-}
-
-static void
-p12u_WriteToExportFile(void *arg, const char *buf, unsigned long len)
-{
- p12uContext *p12cxt = arg;
- int writeLen;
-
- if(!p12cxt || (p12cxt->error == PR_TRUE)) {
- return;
- }
-
- if(p12cxt->file == NULL) {
- p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
- p12cxt->error = PR_TRUE;
- return;
- }
-
- writeLen = PR_Write(p12cxt->file, (unsigned char *)buf, (int32)len);
-
- if(writeLen != (int)len) {
- PR_Close(p12cxt->file);
- PR_Free(p12cxt->filename);
- p12cxt->filename = NULL;
- p12cxt->file = NULL;
- p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
- p12cxt->error = PR_TRUE;
- }
-}
-
-void
-P12U_ExportPKCS12Object(char *nn, char *outfile, PK11SlotInfo *inSlot,
- secuPWData *slotPw, secuPWData *p12FilePw)
-{
- SEC_PKCS12ExportContext *p12ecx = NULL;
- SEC_PKCS12SafeInfo *keySafe = NULL, *certSafe = NULL;
- SECItem *pwitem = NULL;
- p12uContext *p12cxt = NULL;
- CERTCertList* certlist = NULL;
- CERTCertListNode* node = NULL;
- PK11SlotInfo* slot = NULL;
-
- if (P12U_InitSlot(inSlot, slotPw) != SECSuccess) {
- SECU_PrintError(progName,"Failed to authenticate to \"%s\"",
- PK11_GetSlotName(inSlot));
- pk12uErrno = PK12UERR_PK11GETSLOT;
- goto loser;
- }
- certlist = PK11_FindCertsFromNickname(nn, slotPw);
- if(!certlist) {
- SECU_PrintError(progName,"find user certs from nickname failed");
- pk12uErrno = PK12UERR_FINDCERTBYNN;
- return;
- }
-
- if ((SECSuccess != CERT_FilterCertListForUserCerts(certlist)) ||
- CERT_LIST_EMPTY(certlist)) {
- SECU_PrintError(progName,"no user certs from given nickname");
- pk12uErrno = PK12UERR_FINDCERTBYNN;
- goto loser;
- }
-
- /* Password to use for PKCS12 file. */
- pwitem = P12U_GetP12FilePassword(PR_TRUE, p12FilePw);
- if(!pwitem) {
- goto loser;
- }
-
- p12cxt = p12u_InitFile(PR_FALSE, outfile);
- if(!p12cxt) {
- SECU_PrintError(progName,"Initialization failed: %s", outfile);
- pk12uErrno = PK12UERR_INIT_FILE;
- goto loser;
- }
-
- if (certlist) {
- CERTCertificate* cert = NULL;
- node = CERT_LIST_HEAD(certlist);
- if (node) {
- cert = node->cert;
- }
- if (cert) {
- slot = cert->slot; /* use the slot from the first matching
- certificate to create the context . This is for keygen */
- }
- }
- if (!slot) {
- SECU_PrintError(progName,"cert does not have a slot");
- pk12uErrno = PK12UERR_FINDCERTBYNN;
- goto loser;
- }
- p12ecx = SEC_PKCS12CreateExportContext(NULL, NULL, slot, slotPw);
- if(!p12ecx) {
- SECU_PrintError(progName,"export context creation failed");
- pk12uErrno = PK12UERR_EXPORTCXCREATE;
- goto loser;
- }
-
- if(SEC_PKCS12AddPasswordIntegrity(p12ecx, pwitem, SEC_OID_SHA1)
- != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 add password integrity failed");
- pk12uErrno = PK12UERR_PK12ADDPWDINTEG;
- goto loser;
- }
-
- for (node = CERT_LIST_HEAD(certlist);!CERT_LIST_END(node,certlist);node=CERT_LIST_NEXT(node))
- {
- CERTCertificate* cert = node->cert;
- if (!cert->slot) {
- SECU_PrintError(progName,"cert does not have a slot");
- pk12uErrno = PK12UERR_FINDCERTBYNN;
- goto loser;
- }
-
- keySafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
- if(/*!SEC_PKCS12IsEncryptionAllowed() || */ PK11_IsFIPS()) {
- certSafe = keySafe;
- } else {
- certSafe = SEC_PKCS12CreatePasswordPrivSafe(p12ecx, pwitem,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC);
- }
-
- if(!certSafe || !keySafe) {
- SECU_PrintError(progName,"key or cert safe creation failed");
- pk12uErrno = PK12UERR_CERTKEYSAFE;
- goto loser;
- }
-
- if(SEC_PKCS12AddCertAndKey(p12ecx, certSafe, NULL, cert,
- CERT_GetDefaultCertDB(), keySafe, NULL, PR_TRUE, pwitem,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC)
- != SECSuccess) {
- SECU_PrintError(progName,"add cert and key failed");
- pk12uErrno = PK12UERR_ADDCERTKEY;
- goto loser;
- }
- }
-
- CERT_DestroyCertList(certlist);
- certlist = NULL;
-
- if(SEC_PKCS12Encode(p12ecx, p12u_WriteToExportFile, p12cxt)
- != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 encode failed");
- pk12uErrno = PK12UERR_ENCODE;
- goto loser;
- }
-
- p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- fprintf(stdout, "%s: PKCS12 EXPORT SUCCESSFUL\n", progName);
- SEC_PKCS12DestroyExportContext(p12ecx);
-
- return;
-
-loser:
- SEC_PKCS12DestroyExportContext(p12ecx);
-
- if (certlist) {
- CERT_DestroyCertList(certlist);
- certlist = NULL;
- }
-
- if (slotPw)
- PR_Free(slotPw->data);
-
- if (p12FilePw)
- PR_Free(p12FilePw->data);
-
- p12u_DestroyExportFileInfo(&p12cxt, PR_TRUE);
- if(pwitem) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- }
- p12u_DoPKCS12ExportErrors();
- return;
-}
-
-static void
-p12u_EnableAllCiphers()
-{
- SEC_PKCS12EnableCipher(PKCS12_RC4_40, 1);
- SEC_PKCS12EnableCipher(PKCS12_RC4_128, 1);
- SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_40, 1);
- SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_128, 1);
- SEC_PKCS12EnableCipher(PKCS12_DES_56, 1);
- SEC_PKCS12EnableCipher(PKCS12_DES_EDE3_168, 1);
- SEC_PKCS12SetPreferredCipher(PKCS12_DES_EDE3_168, 1);
-}
-
-static PRUintn
-P12U_Init(char *dir, char *dbprefix)
-{
- SECStatus rv;
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Initialize(dir,dbprefix,dbprefix,"secmod.db",0);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- exit(-1);
- }
-
- /* setup unicode callback functions */
- PORT_SetUCS2_ASCIIConversionFunction(p12u_ucs2_ascii_conversion_function);
- /* use the defaults for UCS4-UTF8 and UCS2-UTF8 */
-
- p12u_EnableAllCiphers();
-
- return 0;
-}
-
-enum {
- opt_CertDir = 0,
- opt_TokenName,
- opt_Import,
- opt_SlotPWFile,
- opt_SlotPW,
- opt_Nickname,
- opt_Export,
- opt_P12FilePWFile,
- opt_P12FilePW,
- opt_DBPrefix,
- opt_Debug
-};
-
-static secuCommandFlag pk12util_options[] =
-{
- { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE },
- { /* opt_Import */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_SlotPWFile */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_SlotPW */ 'K', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_Export */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_P12FilePWFile */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_P12FilePW */ 'W', PR_TRUE, 0, PR_FALSE },
- { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE },
- { /* opt_Debug */ 'v', PR_FALSE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- PRIntn ret = 0;
- secuPWData slotPw = { PW_NONE, NULL };
- secuPWData p12FilePw = { PW_NONE, NULL };
- PK11SlotInfo *slot;
- char *slotname = NULL;
- char *import_file = NULL;
- char *export_file = NULL;
- char *dbprefix = "";
- SECStatus rv;
-
- secuCommand pk12util;
- pk12util.numCommands = 0;
- pk12util.commands = 0;
- pk12util.numOptions = sizeof(pk12util_options) / sizeof(secuCommandFlag);
- pk12util.options = pk12util_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &pk12util);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- pk12_debugging = pk12util.options[opt_Debug].activated;
-
- if (pk12util.options[opt_Import].activated &&
- pk12util.options[opt_Export].activated) {
- Usage(progName);
- }
-
- if (pk12util.options[opt_Export].activated &&
- !pk12util.options[opt_Nickname].activated) {
- Usage(progName);
- }
-
- slotname = SECU_GetOptionArg(&pk12util, opt_TokenName);
- import_file = SECU_GetOptionArg(&pk12util, opt_Import);
- export_file = SECU_GetOptionArg(&pk12util, opt_Export);
-
- if (pk12util.options[opt_P12FilePWFile].activated) {
- p12FilePw.source = PW_FROMFILE;
- p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePWFile].arg);
- }
-
- if (pk12util.options[opt_P12FilePW].activated) {
- p12FilePw.source = PW_PLAINTEXT;
- p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePW].arg);
- }
-
- if (pk12util.options[opt_SlotPWFile].activated) {
- slotPw.source = PW_FROMFILE;
- slotPw.data = PL_strdup(pk12util.options[opt_SlotPWFile].arg);
- }
-
- if (pk12util.options[opt_SlotPW].activated) {
- slotPw.source = PW_PLAINTEXT;
- slotPw.data = PL_strdup(pk12util.options[opt_SlotPW].arg);
- }
-
- if (pk12util.options[opt_CertDir].activated) {
- SECU_ConfigDirectory(pk12util.options[opt_CertDir].arg);
- }
- if (pk12util.options[opt_DBPrefix].activated) {
- dbprefix = pk12util.options[opt_DBPrefix].arg;
- }
- P12U_Init(SECU_ConfigDirectory(NULL),dbprefix);
-
- if (!slotname || PL_strcmp(slotname, "internal") == 0)
- slot = PK11_GetInternalKeySlot();
- else
- slot = PK11_FindSlotByName(slotname);
-
- if (!slot) {
- SECU_PrintError(progName,"Invalid slot \"%s\"", slotname);
- pk12uErrno = PK12UERR_PK11GETSLOT;
- goto done;
- }
-
- if (pk12util.options[opt_Import].activated) {
-
- if ((ret = P12U_ImportPKCS12Object(import_file, slot, &slotPw,
- &p12FilePw)) != 0)
- goto done;
-
- } else if (pk12util.options[opt_Export].activated) {
- P12U_ExportPKCS12Object(pk12util.options[opt_Nickname].arg,
- export_file, slot, &slotPw, &p12FilePw);
- } else {
- Usage(progName);
- pk12uErrno = PK12UERR_USAGE;
- }
-
-done:
- if (slot) PK11_FreeSlot(slot);
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- exit(pk12uErrno);
-}
diff --git a/security/nss/cmd/pk12util/pk12util.h b/security/nss/cmd/pk12util/pk12util.h
deleted file mode 100644
index 8e456d98c..000000000
--- a/security/nss/cmd/pk12util/pk12util.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ERROR codes in pk12util
- * - should be organized better later
- */
-#define PK12UERR_USER_CANCELLED 1
-#define PK12UERR_USAGE 2
-#define PK12UERR_CERTDB_OPEN 8
-#define PK12UERR_KEYDB_OPEN 9
-#define PK12UERR_INIT_FILE 10
-#define PK12UERR_UNICODECONV 11
-#define PK12UERR_TMPDIGCREATE 12
-#define PK12UERR_PK11GETSLOT 13
-#define PK12UERR_PK12DECODESTART 14
-#define PK12UERR_IMPORTFILEREAD 15
-#define PK12UERR_DECODE 16
-#define PK12UERR_DECODEVERIFY 17
-#define PK12UERR_DECODEVALIBAGS 18
-#define PK12UERR_DECODEIMPTBAGS 19
-#define PK12UERR_CERTALREADYEXISTS 20
-#define PK12UERR_PATCHDB 22
-#define PK12UERR_GETDEFCERTDB 23
-#define PK12UERR_FINDCERTBYNN 24
-#define PK12UERR_EXPORTCXCREATE 25
-#define PK12UERR_PK12ADDPWDINTEG 26
-#define PK12UERR_CERTKEYSAFE 27
-#define PK12UERR_ADDCERTKEY 28
-#define PK12UERR_ENCODE 29
-
-
-/* additions for importing and exporting PKCS 12 files */
-typedef struct p12uContextStr {
- char *filename; /* name of file */
- PRFileDesc *file; /* pointer to file */
- PRBool error; /* error occurred? */
- int errorValue; /* which error occurred? */
-} p12uContext;
diff --git a/security/nss/cmd/pkiutil/Makefile b/security/nss/cmd/pkiutil/Makefile
deleted file mode 100644
index 23afa3799..000000000
--- a/security/nss/cmd/pkiutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pkiutil/manifest.mn b/security/nss/cmd/pkiutil/manifest.mn
deleted file mode 100644
index 3f65c29ab..000000000
--- a/security/nss/cmd/pkiutil/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- pkiutil.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = pkiutil
diff --git a/security/nss/cmd/pkiutil/pkiutil.c b/security/nss/cmd/pkiutil/pkiutil.c
deleted file mode 100644
index f922debab..000000000
--- a/security/nss/cmd/pkiutil/pkiutil.c
+++ /dev/null
@@ -1,373 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "nss.h"
-#include "cmdutil.h"
-#include "nsspki.h"
-/* hmmm...*/
-#include "pki.h"
-
-#define PKIUTIL_VERSION_STRING "pkiutil version 0.1"
-
-char *progName = NULL;
-
-typedef struct {
- PRBool raw;
- PRBool ascii;
- char *name;
- PRFileDesc *file;
-} objOutputMode;
-
-typedef enum {
- PKIUnknown = -1,
- PKICertificate,
- PKIPublicKey,
- PKIPrivateKey,
- PKIAny
-} PKIObjectType;
-
-static PKIObjectType
-get_object_class(char *type)
-{
- if (strcmp(type, "certificate") == 0 || strcmp(type, "cert") == 0 ||
- strcmp(type, "Certificate") == 0 || strcmp(type, "Cert") == 0) {
- return PKICertificate;
- } else if (strcmp(type, "public_key") == 0 ||
- strcmp(type, "PublicKey") == 0) {
- return PKIPublicKey;
- } else if (strcmp(type, "private_key") == 0 ||
- strcmp(type, "PrivateKey") == 0) {
- return PKIPrivateKey;
- } else if (strcmp(type, "all") == 0 || strcmp(type, "any") == 0) {
- return PKIAny;
- }
- fprintf(stderr, "%s: \"%s\" is not a valid PKCS#11 object type.\n",
- progName, type);
- return PKIUnknown;
-}
-
-static PRStatus
-print_cert_callback(NSSCertificate *c, void *arg)
-{
- int i;
- NSSUTF8 *label;
- NSSItem *id;
- label = NSSCertificate_GetLabel(c);
- printf("%s\n", label);
- nss_ZFreeIf((void*)label);
-#if 0
- id = NSSCertificate_GetID(c);
- for (i=0; i<id->size; i++) {
- printf("%c", ((char *)id->data)[i]);
- }
- printf("\n");
-#endif
- return PR_SUCCESS;
-}
-
-/* pkiutil commands */
-enum {
- cmd_Add = 0,
- cmd_Dump,
- cmd_List,
- cmd_Version,
- pkiutil_num_commands
-};
-
-/* pkiutil options */
-enum {
- opt_Help = 0,
- opt_Ascii,
- opt_ProfileDir,
- opt_TokenName,
- opt_InputFile,
- opt_Nickname,
- opt_OutputFile,
- opt_Binary,
- opt_Trust,
- opt_Type,
- pkiutil_num_options
-};
-
-static cmdCommandLineArg pkiutil_commands[] =
-{
- { /* cmd_Add */ 'A', "add", CMDNoArg, 0, PR_FALSE,
- CMDBIT(opt_Nickname) | CMDBIT(opt_Trust),
- CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir)
- | CMDBIT(opt_TokenName) | CMDBIT(opt_InputFile)
- | CMDBIT(opt_Binary) | CMDBIT(opt_Type) },
- { /* cmd_Dump */ 0 , "dump", CMDNoArg, 0, PR_FALSE,
- CMDBIT(opt_Nickname),
- CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir)
- | CMDBIT(opt_TokenName) | CMDBIT(opt_Binary)
- | CMDBIT(opt_Type) },
- { /* cmd_List */ 'L', "list", CMDNoArg, 0, PR_FALSE, 0,
- CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir)
- | CMDBIT(opt_TokenName) | CMDBIT(opt_Binary)
- | CMDBIT(opt_Nickname) | CMDBIT(opt_Type) },
- { /* cmd_Version */ 'Y', "version", CMDNoArg, 0, PR_FALSE, 0, 0 }
-};
-
-static cmdCommandLineOpt pkiutil_options[] =
-{
- { /* opt_Help */ '?', "help", CMDNoArg, 0, PR_FALSE },
- { /* opt_Ascii */ 'a', "ascii", CMDNoArg, 0, PR_FALSE },
- { /* opt_ProfileDir */ 'd', "dbdir", CMDArgReq, 0, PR_FALSE },
- { /* opt_TokenName */ 'h', "token", CMDArgReq, 0, PR_FALSE },
- { /* opt_InputFile */ 'i', "infile", CMDArgReq, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', "nickname", CMDArgReq, 0, PR_FALSE },
- { /* opt_OutputFile */ 'o', "outfile", CMDArgReq, 0, PR_FALSE },
- { /* opt_Binary */ 'r', "raw", CMDNoArg, 0, PR_FALSE },
- { /* opt_Trust */ 't', "trust", CMDArgReq, 0, PR_FALSE },
- { /* opt_Type */ 0 , "type", CMDArgReq, 0, PR_FALSE }
-};
-
-void pkiutil_usage(cmdPrintState *ps,
- int num, PRBool cmd, PRBool header, PRBool footer)
-{
-#define pusg CMD_PrintUsageString
- if (header) {
- pusg(ps, "utility for managing PKCS#11 objects (certs and keys)\n");
- } else if (footer) {
- /*
- printf("certificate trust can be:\n");
- printf(" p - valid peer, P - trusted peer (implies p)\n");
- printf(" c - valid CA\n");
- printf(" T - trusted CA to issue client certs (implies c)\n");
- printf(" C - trusted CA to issue server certs (implies c)\n");
- printf(" u - user cert\n");
- printf(" w - send warning\n");
- */
- } else if (cmd) {
- switch(num) {
- case cmd_Add:
- pusg(ps, "Add an object to the token"); break;
- case cmd_Dump:
- pusg(ps, "Dump a single object"); break;
- case cmd_List:
- pusg(ps, "List objects on the token (-n for single object)"); break;
- case cmd_Version:
- pusg(ps, "Report version"); break;
- default:
- pusg(ps, "Unrecognized command"); break;
- }
- } else {
- switch(num) {
- case opt_Ascii:
- pusg(ps, "Use ascii (base-64 encoded) mode for I/O"); break;
- case opt_ProfileDir:
- pusg(ps, "Directory containing security databases (def: \".\")");
- break;
- case opt_TokenName:
- pusg(ps, "Name of PKCS#11 token to use (def: internal)"); break;
- case opt_InputFile:
- pusg(ps, "File for input (def: stdin)"); break;
- case opt_Nickname:
- pusg(ps, "Nickname of object"); break;
- case opt_OutputFile:
- pusg(ps, "File for output (def: stdout)"); break;
- case opt_Binary:
- pusg(ps, "Use raw (binary der-encoded) mode for I/O"); break;
- case opt_Trust:
- pusg(ps, "Trust level for certificate"); break;
- case opt_Help: break;
- default:
- pusg(ps, "Unrecognized option");
- }
- }
-}
-
-int
-main(int argc, char **argv)
-{
- PRFileDesc *infile = NULL;
- PRFileDesc *outfile = NULL;
- char *profiledir = "./";
-#if 0
- secuPWData pwdata = { PW_NONE, 0 };
-#endif
- int objclass = 3; /* ANY */
- NSSTrustDomain *root_cert_td = NULL;
- char *rootpath = NULL;
- char builtin_name[]= "libnssckbi.so"; /* temporary hardcode */
- PRStatus rv = PR_SUCCESS;
-
- int cmdToRun;
- cmdCommand pkiutil;
- pkiutil.ncmd = pkiutil_num_commands;
- pkiutil.nopt = pkiutil_num_options;
- pkiutil.cmd = pkiutil_commands;
- pkiutil.opt = pkiutil_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- cmdToRun = CMD_ParseCommandLine(argc, argv, progName, &pkiutil);
-
-#if 0
- { int i, nc;
- for (i=0; i<pkiutil.ncmd; i++)
- printf("%s: %s <%s>\n", pkiutil.cmd[i].s,
- (pkiutil.cmd[i].on) ? "on" : "off",
- pkiutil.cmd[i].arg);
- for (i=0; i<pkiutil.nopt; i++)
- printf("%s: %s <%s>\n", pkiutil.opt[i].s,
- (pkiutil.opt[i].on) ? "on" : "off",
- pkiutil.opt[i].arg);
- }
-#endif
-
- if (pkiutil.opt[opt_Help].on)
- CMD_LongUsage(progName, &pkiutil, pkiutil_usage);
-
- if (cmdToRun < 0)
- CMD_Usage(progName, &pkiutil);
-
- /* -d */
- if (pkiutil.opt[opt_ProfileDir].on) {
- profiledir = strdup(pkiutil.opt[opt_ProfileDir].arg);
- }
-
- /* -i */
- if (pkiutil.opt[opt_InputFile].on) {
- char *fn = pkiutil.opt[opt_InputFile].arg;
- infile = PR_Open(fn, PR_RDONLY, 0660);
- } else {
- infile = PR_STDIN;
- }
-
- /* -o */
- if (pkiutil.opt[opt_OutputFile].on) {
- char *fn = pkiutil.opt[opt_OutputFile].arg;
- outfile = PR_Open(fn, PR_WRONLY | PR_CREATE_FILE, 0660);
- } else {
- outfile = PR_STDOUT;
- }
-
- /* --type can be found on many options */
- if (pkiutil.opt[opt_Type].on)
- objclass = get_object_class(pkiutil.opt[opt_Type].arg);
- else if (cmdToRun == cmd_Dump && pkiutil.cmd[cmd_Dump].arg)
- objclass = get_object_class(pkiutil.cmd[cmd_Dump].arg);
- else if (cmdToRun == cmd_List && pkiutil.cmd[cmd_List].arg)
- objclass = get_object_class(pkiutil.cmd[cmd_List].arg);
- else if (cmdToRun == cmd_Add && pkiutil.cmd[cmd_Add].arg)
- objclass = get_object_class(pkiutil.cmd[cmd_Add].arg);
- if (objclass < 0)
- goto done;
-
- /* --print is an alias for --list --nickname */
- if (cmdToRun == cmd_Dump) cmdToRun = cmd_List;
-
- /* if list has raw | ascii must have -n. can't have both raw and ascii */
- if (pkiutil.opt[opt_Binary].on || pkiutil.opt[opt_Ascii].on) {
- if (cmdToRun == cmd_List && !pkiutil.opt[opt_Nickname].on) {
- fprintf(stderr, "%s: specify a object to output with -n\n",
- progName);
- CMD_LongUsage(progName, &pkiutil, pkiutil_usage);
- }
- }
-
- /* initialize */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- /* NSS_InitReadWrite(profiledir); */
- NSS_NoDB_Init(NULL);
-
- /* Display version info and exit */
- if (cmdToRun == cmd_Version) {
- printf("%s\nNSS Version %s\n", PKIUTIL_VERSION_STRING, NSS_VERSION);
- goto done;
- }
-
- /* XXX okay - bootstrap stan by loading the root cert module for testing */
- root_cert_td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
- {
- int rootpathlen = strlen(profiledir) + strlen(builtin_name) + 1;
- rootpath = (char *)malloc(rootpathlen);
- memcpy(rootpath, profiledir, strlen(profiledir));
- memcpy(rootpath + strlen(profiledir),
- builtin_name, strlen(builtin_name));
- rootpath[rootpathlen - 1] = '\0';
- }
- NSSTrustDomain_LoadModule(root_cert_td, "Builtin Root Module", rootpath,
- NULL, NULL);
-
- printf("\n");
- if (pkiutil.opt[opt_Nickname].on) {
- int i;
- NSSCertificate **certs;
- NSSCertificate *cert;
- certs = NSSTrustDomain_FindCertificatesByNickname(root_cert_td,
- pkiutil.opt[opt_Nickname].arg, NULL, 0, NULL);
- i = 0;
- while ((cert = certs[i++]) != NULL) {
- printf("Found cert:\n");
- print_cert_callback(cert, NULL);
- }
- } else {
- NSSTrustDomain_TraverseCertificates(root_cert_td, print_cert_callback, 0);
- }
-
- NSSTrustDomain_Destroy(root_cert_td);
-
- /* List token objects */
- if (cmdToRun == cmd_List) {
-#if 0
- rv = list_token_objects(slot, objclass,
- pkiutil.opt[opt_Nickname].arg,
- pkiutil.opt[opt_Binary].on,
- pkiutil.opt[opt_Ascii].on,
- outfile, &pwdata);
-#endif
- goto done;
- }
-
-#if 0
- /* Import an object into the token. */
- if (cmdToRun == cmd_Add) {
- rv = add_object_to_token(slot, object);
- goto done;
- }
-#endif
-
-done:
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return rv;
-}
diff --git a/security/nss/cmd/pkiutil/platlibs.mk b/security/nss/cmd/pkiutil/platlibs.mk
deleted file mode 100644
index 9a714f300..000000000
--- a/security/nss/cmd/pkiutil/platlibs.mk
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
- $(DIST)/lib/libcmdutil.$(LIB_SUFFIX) \
- $(NULL)
-
-ifeq ($(OS_ARCH), AIX)
-EXTRA_SHARED_LIBS += -brtl
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lnsspki3 \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-
diff --git a/security/nss/cmd/platlibs.mk b/security/nss/cmd/platlibs.mk
deleted file mode 100644
index a160c3176..000000000
--- a/security/nss/cmd/platlibs.mk
+++ /dev/null
@@ -1,219 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-ifdef USE_STATIC_LIBS
-
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-DEFINES += -DNSS_USE_STATIC_LIBS
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/crypto.lib
-endif
-ifdef MOZILLA_BSAFE_BUILD
- CRYPTOLIB+=$(DIST)/lib/bsafe$(BSAFEVER).lib
- CRYPTOLIB+=$(DIST)/lib/freebl.lib
-endif
-
-EXTRA_LIBS += \
- $(DIST)/lib/$(LIB_PREFIX)smime.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nss.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
- $(CRYPTOLIB) \
- $(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-#OS_LIBS += \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-
-JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \
- $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-endif
-ifdef MOZILLA_BSAFE_BUILD
- CRYPTOLIB+=$(DIST)/lib/$(LIB_PREFIX)bsafe.$(LIB_SUFFIX)
- CRYPTOLIB+=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-endif
-EXTRA_LIBS += \
- $(DIST)/lib/$(LIB_PREFIX)smime.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nss.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \
- $(CRYPTOLIB) \
- $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
- $(NULL)
-
-ifeq ($(OS_ARCH), AIX)
-EXTRA_SHARED_LIBS += -brtl
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-ifdef XP_OS2_VACPP
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/plc4.lib \
- $(DIST)/lib/plds4.lib \
- $(DIST)/lib/nspr4.lib \
- $(NULL)
-else
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-endif
-
-JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \
- $(NULL)
-
-else # USE_STATIC_LIBS
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
- $(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
- $(DIST)/lib/$(IMPORT_LIB_PREFIX)smime3$(IMPORT_LIB_SUFFIX) \
- $(DIST)/lib/$(IMPORT_LIB_PREFIX)ssl3$(IMPORT_LIB_SUFFIX) \
- $(DIST)/lib/$(IMPORT_LIB_PREFIX)nss3$(IMPORT_LIB_SUFFIX) \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-#OS_LIBS += \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-
-JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \
- $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
- $(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
- $(NULL)
-
-ifeq ($(OS_ARCH), AIX)
-EXTRA_SHARED_LIBS += -brtl
-endif
-
-# If GNU ld is used, we must use the -rpath-link option to tell
-# the linker where to find libsoftokn3.so, an implicit dependency
-# of libnss3.so.
-ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD, $(OS_ARCH)))
-EXTRA_SHARED_LIBS += -Wl,-rpath-link,$(DIST)/lib
-endif
-
-ifeq ($(OS_ARCH), SunOS)
-ifdef NS_USE_GCC
-ifdef GCC_USE_GNU_LD
-EXTRA_SHARED_LIBS += -Wl,-rpath-link,$(DIST)/lib
-endif
-endif
-endif
-
-ifeq ($(OS_ARCH), Darwin)
-EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib
-endif
-
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib \
- -lssl3 \
- -lsmime3 \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-
-JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \
- $(NULL)
-endif
-
-endif # USE_STATIC_LIBS
diff --git a/security/nss/cmd/platrules.mk b/security/nss/cmd/platrules.mk
deleted file mode 100644
index 3e5c19933..000000000
--- a/security/nss/cmd/platrules.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-show:
- @echo "DEFINES = ${DEFINES}"
- @echo "EXTRA_LIBS = >$(EXTRA_LIBS)<"
- @echo "IMPORT_LIBRARY = $(IMPORT_LIBRARY)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "OBJS = $(OBJS)"
- @echo "OS_ARCH = $(OS_ARCH)"
- @echo "PROGRAM = >$(PROGRAM)<"
- @echo "PROGRAMS = $(PROGRAMS)"
- @echo "SHARED_LIBRARY = $(SHARED_LIBRARY)"
- @echo "TARGETS = >$(TARGETS)<"
-
-showplatform:
- @echo $(PLATFORM)
diff --git a/security/nss/cmd/pp/Makefile b/security/nss/cmd/pp/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/pp/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pp/manifest.mn b/security/nss/cmd/pp/manifest.mn
deleted file mode 100644
index f43c9c625..000000000
--- a/security/nss/cmd/pp/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = pp.c
-
-PROGRAM = pp
diff --git a/security/nss/cmd/pp/pp.c b/security/nss/cmd/pp/pp.c
deleted file mode 100644
index 157dec0af..000000000
--- a/security/nss/cmd/pp/pp.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Pretty-print some well-known BER or DER encoded data (e.g. certificates,
- * keys, pkcs7)
- *
- * $Id$
- */
-
-#include "secutil.h"
-
-#if defined(__sun) && !defined(SVR4)
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-#include "plgetopt.h"
-
-#include "pk11func.h"
-#include "nspr.h"
-#include "nss.h"
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -t type [-a] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Specify the input type (must be one of %s,\n",
- "-t type", SEC_CT_PRIVATE_KEY);
- fprintf(stderr, "%-20s %s, %s, %s,\n", "", SEC_CT_PUBLIC_KEY,
- SEC_CT_CERTIFICATE, SEC_CT_CERTIFICATE_REQUEST);
- fprintf(stderr, "%-20s %s or %s)\n", "", SEC_CT_PKCS7, SEC_CT_CRL);
- fprintf(stderr, "%-20s Input is in ascii encoded form (RFC1113)\n",
- "-a");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- int rv, ascii;
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- SECItem der, data;
- char *typeTag;
- PLOptState *optstate;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- ascii = 0;
- inFile = 0;
- outFile = 0;
- typeTag = 0;
- optstate = PL_CreateOptState(argc, argv, "at:i:o:");
- while ( PL_GetNextOpt(optstate) == PL_OPT_OK ) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'a':
- ascii = 1;
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 't':
- typeTag = strdup(optstate->value);
- break;
- }
- }
-
- if (!typeTag) Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_NoDB_Init(NULL);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: NSS_NoDB_Init failed\n", progName);
- exit(1);
- }
-
- rv = SECU_ReadDERFromFile(&der, inFile, ascii);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: SECU_ReadDERFromFile failed\n", progName);
- exit(1);
- }
-
- /* Data is untyped, using the specified type */
- data.data = der.data;
- data.len = der.len;
-
- /* Pretty print it */
- if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
- SECU_PrintCertificate);
- } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
- SECU_PrintCertificateRequest);
- } else if (PORT_Strcmp (typeTag, SEC_CT_CRL) == 0) {
- rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl);
-#ifdef HAVE_EPV_TEMPLATE
- } else if (PORT_Strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) {
- rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
-#endif
- } else if (PORT_Strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) {
- rv = SECU_PrintPublicKey(outFile, &data, "Public Key", 0);
- } else if (PORT_Strcmp(typeTag, SEC_CT_PKCS7) == 0) {
- rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
- "PKCS #7 Content Info", 0);
- } else {
- fprintf(stderr, "%s: don't know how to print out '%s' files\n",
- progName, typeTag);
- return -1;
- }
-
- if (rv) {
- fprintf(stderr, "%s: problem converting data (%s)\n",
- progName, SECU_Strerror(PORT_GetError()));
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/rsaperf/Makefile b/security/nss/cmd/rsaperf/Makefile
deleted file mode 100644
index 35dc5f5da..000000000
--- a/security/nss/cmd/rsaperf/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) #omits WINCE
-ifndef BUILD_OPT
-ifndef NS_USE_GCC
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-endif
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/rsaperf/defkey.c b/security/nss/cmd/rsaperf/defkey.c
deleted file mode 100644
index 3dd4fe36c..000000000
--- a/security/nss/cmd/rsaperf/defkey.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* This key is the 1024-bit test key used for speed testing of RSA private
-** key ops.
-*/
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-
-#undef CONST
-#define CONST
-
-static CONST unsigned char default_n[128] = {
-0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1,
-0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39,
-0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae,
-0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8,
-0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62,
-0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8,
-0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b,
-0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17
-};
-
-static CONST unsigned char default_e[3] = { 0x01,0x00,0x01 };
-
-static CONST unsigned char default_d[128] = {
-0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80,
-0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e,
-0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94,
-0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d,
-0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0,
-0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20,
-0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee,
-0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01
-};
-
-static CONST unsigned char default_p[64] = {
-0xf6,0x3c,0x3f,0x56,0x58,0x4f,0xb3,0x82,0x0c,0xf0,0x5b,0x42,0x36,0x1c,0x93,0xde,
-0x9b,0x32,0x01,0xb1,0x48,0xf8,0x00,0x57,0x9b,0xc1,0xbe,0x66,0xc2,0xbb,0xea,0x7c,
-0x75,0x29,0x2c,0x22,0xaa,0x7c,0xaf,0xbd,0x0d,0x3f,0xb0,0x64,0x97,0xf0,0x88,0x25,
-0xcb,0x8d,0xc7,0x19,0x0a,0x75,0x44,0xa4,0x5a,0xc3,0xb5,0xb9,0x85,0xea,0x27,0xa7
-};
-
-static CONST unsigned char default_q[64] = {
-0xca,0x66,0xfa,0x18,0x6a,0x46,0x36,0x1c,0x46,0xfe,0x47,0xe9,0x7e,0x52,0x83,0x8a,
-0xbb,0x72,0x13,0xcc,0x83,0x56,0x3d,0x64,0x22,0xdd,0xfa,0x7c,0x61,0x99,0xea,0xa4,
-0xb3,0x0e,0x8f,0x79,0x10,0xab,0xba,0x4a,0x73,0xd1,0x48,0x40,0x34,0x34,0xd3,0xd2,
-0x54,0x92,0xbe,0xf5,0xc8,0xc4,0x60,0x5f,0xd3,0xf7,0xce,0xbe,0x60,0x3e,0xb1,0x11
-};
-
-static CONST unsigned char default_dModP[64] = {
-0x8e,0x80,0xbf,0x87,0x11,0x04,0xcf,0x36,0x6c,0x96,0x8d,0xb9,0xfb,0xe6,0xfe,0x0c,
-0xce,0x74,0x5a,0x56,0x67,0x8c,0x5f,0x66,0x54,0x56,0x04,0x03,0x24,0x9f,0xec,0x4c,
-0xaa,0xe1,0x71,0x11,0x7e,0xe9,0x3a,0x2b,0x87,0x07,0x5c,0xe6,0x5a,0xa8,0x71,0xa2,
-0xad,0xf3,0x17,0x4e,0x7e,0xa6,0xef,0x5a,0xce,0xcc,0x84,0xd7,0x21,0x91,0x29,0xf1
-};
-
-static CONST unsigned char default_dModQ[64] = {
-0x87,0x60,0x1d,0x02,0xdb,0x82,0x1e,0x8b,0x07,0x48,0xe8,0x5c,0x59,0xeb,0x62,0xa4,
-0x15,0xff,0x95,0x12,0x82,0xfd,0xd9,0x8d,0xf2,0x6c,0x3a,0x2f,0x9b,0x30,0x51,0x6a,
-0xdb,0x80,0x6f,0xa1,0xef,0xee,0x8c,0x69,0x63,0xd1,0xa4,0xdb,0x9c,0x8f,0x80,0xe5,
-0xfb,0x3f,0x33,0x8e,0x3d,0x3c,0x6b,0xa1,0x6c,0xab,0x20,0x92,0xe0,0xd8,0xcd,0xa1
-};
-
-static CONST unsigned char default_qInvModP[64] = {
-0xce,0xcf,0x5a,0xad,0xc4,0x8c,0x44,0x91,0x3a,0xbc,0x7b,0xf8,0x80,0xf8,0x53,0xf5,
-0x12,0x84,0x8c,0x9c,0x6b,0x33,0x93,0x0d,0xa1,0x11,0xea,0xfa,0x4a,0xc1,0xeb,0x48,
-0xdc,0x44,0x86,0x93,0x1b,0x98,0xc7,0x82,0x22,0x68,0x30,0x44,0xd7,0x62,0x1b,0x90,
-0x54,0x07,0x4b,0x66,0xa7,0xc5,0x75,0x5a,0x72,0x77,0x92,0xdd,0x6c,0xf3,0x37,0xab
-};
-
-
-static struct NSSLOWKEYPrivateKeyStr rsaPriv;
-
-NSSLOWKEYPrivateKey *
-getDefaultRSAPrivateKey(void)
-{
- if (rsaPriv.keyType != NSSLOWKEYRSAKey) {
-
- /* leaving arena uninitialized. It isn't used in this test. */
-
- rsaPriv.keyType = NSSLOWKEYRSAKey;
-
- /* leaving arena uninitialized. It isn't used. */
- /* leaving version uninitialized. It isn't used. */
-
- rsaPriv.u.rsa.modulus.data = default_n;
- rsaPriv.u.rsa.modulus.len = sizeof default_n;
- rsaPriv.u.rsa.publicExponent.data = default_e;
- rsaPriv.u.rsa.publicExponent.len = sizeof default_e;
- rsaPriv.u.rsa.privateExponent.data = default_d;
- rsaPriv.u.rsa.privateExponent.len = sizeof default_d;
- rsaPriv.u.rsa.prime1.data = default_p;
- rsaPriv.u.rsa.prime1.len = sizeof default_p;
- rsaPriv.u.rsa.prime2.data = default_q;
- rsaPriv.u.rsa.prime2.len = sizeof default_q;
- rsaPriv.u.rsa.exponent1.data = default_dModP;
- rsaPriv.u.rsa.exponent1.len = sizeof default_dModP;
- rsaPriv.u.rsa.exponent2.data = default_dModQ;
- rsaPriv.u.rsa.exponent2.len = sizeof default_dModQ;
- rsaPriv.u.rsa.coefficient.data = default_qInvModP;
- rsaPriv.u.rsa.coefficient.len = sizeof default_qInvModP;
- }
- return &rsaPriv;
-}
-
-static struct NSSLOWKEYPublicKeyStr rsaPub;
-
-NSSLOWKEYPublicKey *
-getDefaultRSAPublicKey(void)
-{
- if (rsaPub.keyType != NSSLOWKEYRSAKey) {
-
- rsaPub.keyType = NSSLOWKEYRSAKey;
-
- rsaPub.u.rsa.modulus.data = default_n;
- rsaPub.u.rsa.modulus.len = sizeof default_n;
-
- rsaPub.u.rsa.publicExponent.data = default_e;
- rsaPub.u.rsa.publicExponent.len = sizeof default_e;
- }
- return &rsaPub;
-}
-
-/* modPop = 536, privPop = 531, ex1Pop = 261, ex2Pop = 257
- * After 46 tries, found this key:
- * Version: 0 (0x0)
- * Modulus:
- * c2:ae:96:89:af:ce:d0:7b:3b:35:fd:0f:b1:f4:7a:d1:3c:7d:b5:
- * 86:f2:68:36:c9:97:e6:82:94:86:aa:05:39:ec:11:51:cc:5c:a1:
- * 59:ba:29:18:f3:28:f1:9d:e3:ae:96:5d:6d:87:73:f6:f6:1f:d0:
- * 2d:fb:2f:7a:13:7f:c8:0c:7a:e9:85:fb:ce:74:86:f8:ef:2f:85:
- * 37:73:0f:62:4e:93:17:b7:7e:84:9a:94:11:05:ca:0d:31:4b:2a:
- * c8:df:fe:e9:0c:13:c7:f2:ad:19:64:28:3c:b5:6a:c8:4b:79:ea:
- * 7c:ce:75:92:45:3e:a3:9d:64:6f:04:69:19:17
- * Public Exponent: 65537 (0x10001)
- * Private Exponent:
- * 13:cb:bc:f2:f3:35:8c:6d:7b:6f:d9:f3:a6:9c:bd:80:59:2e:4f:
- * 2f:11:a7:17:2b:18:8f:0f:e8:1a:69:5f:6e:ac:5a:76:7e:d9:4c:
- * 6e:db:47:22:8a:57:37:7a:5e:94:7a:25:b5:e5:78:1d:3c:99:af:
- * 89:7d:69:2e:78:9d:1d:84:c8:c1:d7:1a:b2:6d:2d:8a:d9:ab:6b:
- * ce:ae:b0:a0:58:55:ad:5c:40:8a:d6:96:08:8a:e8:63:e6:3d:6c:
- * 20:49:c7:af:0f:25:73:d3:69:43:3b:f2:32:f8:3d:5e:ee:7a:ca:
- * d6:94:55:e5:bd:25:34:8d:63:40:b5:8a:c3:01
- * Prime 1:
- * f6:3c:3f:56:58:4f:b3:82:0c:f0:5b:42:36:1c:93:de:9b:32:01:
- * b1:48:f8:00:57:9b:c1:be:66:c2:bb:ea:7c:75:29:2c:22:aa:7c:
- * af:bd:0d:3f:b0:64:97:f0:88:25:cb:8d:c7:19:0a:75:44:a4:5a:
- * c3:b5:b9:85:ea:27:a7
- * Prime 2:
- * ca:66:fa:18:6a:46:36:1c:46:fe:47:e9:7e:52:83:8a:bb:72:13:
- * cc:83:56:3d:64:22:dd:fa:7c:61:99:ea:a4:b3:0e:8f:79:10:ab:
- * ba:4a:73:d1:48:40:34:34:d3:d2:54:92:be:f5:c8:c4:60:5f:d3:
- * f7:ce:be:60:3e:b1:11
- * Exponent 1:
- * 8e:80:bf:87:11:04:cf:36:6c:96:8d:b9:fb:e6:fe:0c:ce:74:5a:
- * 56:67:8c:5f:66:54:56:04:03:24:9f:ec:4c:aa:e1:71:11:7e:e9:
- * 3a:2b:87:07:5c:e6:5a:a8:71:a2:ad:f3:17:4e:7e:a6:ef:5a:ce:
- * cc:84:d7:21:91:29:f1
- * Exponent 2:
- * 87:60:1d:02:db:82:1e:8b:07:48:e8:5c:59:eb:62:a4:15:ff:95:
- * 12:82:fd:d9:8d:f2:6c:3a:2f:9b:30:51:6a:db:80:6f:a1:ef:ee:
- * 8c:69:63:d1:a4:db:9c:8f:80:e5:fb:3f:33:8e:3d:3c:6b:a1:6c:
- * ab:20:92:e0:d8:cd:a1
- * Coefficient:
- * ce:cf:5a:ad:c4:8c:44:91:3a:bc:7b:f8:80:f8:53:f5:12:84:8c:
- * 9c:6b:33:93:0d:a1:11:ea:fa:4a:c1:eb:48:dc:44:86:93:1b:98:
- * c7:82:22:68:30:44:d7:62:1b:90:54:07:4b:66:a7:c5:75:5a:72:
- * 77:92:dd:6c:f3:37:ab
- */
-
diff --git a/security/nss/cmd/rsaperf/manifest.mn b/security/nss/cmd/rsaperf/manifest.mn
deleted file mode 100644
index 802a63815..000000000
--- a/security/nss/cmd/rsaperf/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH = ../../..
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = dbm seccmd
-
-# DIRS =
-
-CSRCS = rsaperf.c defkey.c
-
-PROGRAM = rsaperf
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/rsaperf/rsaperf.c b/security/nss/cmd/rsaperf/rsaperf.c
deleted file mode 100644
index 36927e718..000000000
--- a/security/nss/cmd/rsaperf/rsaperf.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#include "cert.h"
-#include "secutil.h"
-#include "nspr.h"
-#include "nss.h"
-#include "blapi.h"
-#include "plgetopt.h"
-#include "lowkeyi.h"
-
-
-#define MAX_RSA_MODULUS_BYTES (1024/8)
-#define DEFAULT_ITERS 10
-
-extern NSSLOWKEYPrivateKey * getDefaultRSAPrivateKey(void);
-extern NSSLOWKEYPublicKey * getDefaultRSAPublicKey(void);
-
-typedef struct TimingContextStr TimingContext;
-
-struct TimingContextStr {
- int64 start;
- int64 end;
- int64 interval;
-
- long days;
- int hours;
- int minutes;
- int seconds;
- int millisecs;
-};
-
-TimingContext *CreateTimingContext(void) {
- return PR_Malloc(sizeof(TimingContext));
-}
-
-void DestroyTimingContext(TimingContext *ctx) {
- PR_Free(ctx);
-}
-
-void TimingBegin(TimingContext *ctx) {
- ctx->start = PR_Now();
-}
-
-static void timingUpdate(TimingContext *ctx) {
- int64 tmp, remaining;
- int64 L1000,L60,L24;
-
- LL_I2L(L1000,1000);
- LL_I2L(L60,60);
- LL_I2L(L24,24);
-
- LL_DIV(remaining, ctx->interval, L1000);
- LL_MOD(tmp, remaining, L1000);
- LL_L2I(ctx->millisecs, tmp);
- LL_DIV(remaining, remaining, L1000);
- LL_MOD(tmp, remaining, L60);
- LL_L2I(ctx->seconds, tmp);
- LL_DIV(remaining, remaining, L60);
- LL_MOD(tmp, remaining, L60);
- LL_L2I(ctx->minutes, tmp);
- LL_DIV(remaining, remaining, L60);
- LL_MOD(tmp, remaining, L24);
- LL_L2I(ctx->hours, tmp);
- LL_DIV(remaining, remaining, L24);
- LL_L2I(ctx->days, remaining);
-}
-
-void TimingEnd(TimingContext *ctx) {
- ctx->end = PR_Now();
- LL_SUB(ctx->interval, ctx->end, ctx->start);
- PORT_Assert(LL_GE_ZERO(ctx->interval));
- timingUpdate(ctx);
-}
-
-void TimingDivide(TimingContext *ctx, int divisor) {
- int64 tmp;
-
- LL_I2L(tmp, divisor);
- LL_DIV(ctx->interval, ctx->interval, tmp);
-
- timingUpdate(ctx);
-}
-
-char *TimingGenerateString(TimingContext *ctx) {
- char *buf = NULL;
-
- if (ctx->days != 0) {
- buf = PR_sprintf_append(buf, "%d days", ctx->days);
- }
- if (ctx->hours != 0) {
- if (buf != NULL) buf = PR_sprintf_append(buf, ", ");
- buf = PR_sprintf_append(buf, "%d hours", ctx->hours);
- }
- if (ctx->minutes != 0) {
- if (buf != NULL) buf = PR_sprintf_append(buf, ", ");
- buf = PR_sprintf_append(buf, "%d minutes", ctx->minutes);
- }
- if (buf != NULL) buf = PR_sprintf_append(buf, ", and ");
- if (!buf && ctx->seconds == 0) {
- int interval;
- LL_L2I(interval, ctx->interval);
- if (ctx->millisecs < 100)
- buf = PR_sprintf_append(buf, "%d microseconds", interval);
- else
- buf = PR_sprintf_append(buf, "%d milliseconds", ctx->millisecs);
- } else if (ctx->millisecs == 0) {
- buf = PR_sprintf_append(buf, "%d seconds", ctx->seconds);
- } else {
- buf = PR_sprintf_append(buf, "%d.%03d seconds",
- ctx->seconds, ctx->millisecs);
- }
- return buf;
-}
-
-void
-Usage(char *progName)
-{
- fprintf(stderr, "Usage: %s [-d certdir] [-i iterations] [-s | -e]"
- " -n nickname\n",
- progName);
- fprintf(stderr, "%-20s Cert database directory (default is ~/.netscape)\n",
- "-d certdir");
- fprintf(stderr, "%-20s How many operations to perform\n", "-i iterations");
- fprintf(stderr, "%-20s Perform signing (private key) operations\n", "-s");
- fprintf(stderr, "%-20s Perform encryption (public key) operations\n", "-e");
- fprintf(stderr, "%-20s Nickname of certificate or key\n", "-n nickname");
- exit(-1);
-}
-
-void
-printCount(int iterations)
-{
-
-}
-
-
-static void
-dumpBytes( unsigned char * b, int l)
-{
- int i;
- if (l <= 0)
- return;
- for (i = 0; i < l; ++i) {
- if (i % 16 == 0)
- printf("\t");
- printf(" %02x", b[i]);
- if (i % 16 == 15)
- printf("\n");
- }
- if ((i % 16) != 0)
- printf("\n");
-}
-
-static void
-dumpItem( SECItem * item, const char * description)
-{
- if (item->len & 1 && item->data[0] == 0) {
- printf("%s: (%d bytes)\n", description, item->len - 1);
- dumpBytes(item->data + 1, item->len - 1);
- } else {
- printf("%s: (%d bytes)\n", description, item->len);
- dumpBytes(item->data, item->len);
- }
-}
-
-void
-printPrivKey(NSSLOWKEYPrivateKey * privKey)
-{
- RSAPrivateKey *rsa = &privKey->u.rsa;
-
- dumpItem( &rsa->modulus, "n");
- dumpItem( &rsa->publicExponent, "e");
- dumpItem( &rsa->privateExponent, "d");
- dumpItem( &rsa->prime1, "P");
- dumpItem( &rsa->prime2, "Q");
- dumpItem( &rsa->exponent1, "d % (P-1)");
- dumpItem( &rsa->exponent2, "d % (Q-1)");
- dumpItem( &rsa->coefficient, "(Q ** -1) % P");
- puts("");
-}
-
-void
-printFnCounts(long doPrint)
-{
-
-}
-
-typedef SECStatus (* RSAOp)(void * key,
- unsigned char * output,
- unsigned char * input);
-
-
-int
-main(int argc, char **argv)
-{
- TimingContext * timeCtx;
- SECKEYPublicKey * pubHighKey;
- NSSLOWKEYPrivateKey * privKey;
- NSSLOWKEYPublicKey * pubKey;
- CERTCertificate * cert;
- char * progName;
- char * secDir = NULL;
- char * nickname = NULL;
- RSAOp fn;
- void * rsaKey;
- PLOptState * optstate;
- PLOptStatus optstatus;
- long iters = DEFAULT_ITERS;
- int i;
- PRBool doPriv = PR_FALSE;
- PRBool doPub = PR_FALSE;
- int rv;
- CERTCertDBHandle * certdb;
- unsigned char buf[1024];
- unsigned char buf2[1024];
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "d:i:sen:");
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
- case 'd':
- secDir = PORT_Strdup(optstate->value);
- break;
- case 'i':
- iters = atol(optstate->value);
- break;
- case 's':
- doPriv = PR_TRUE;
- break;
- case 'e':
- doPub = PR_TRUE;
- break;
- case 'n':
- nickname = PORT_Strdup(optstate->value);
- break;
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if ((doPriv && doPub) || (nickname == NULL)) Usage(progName);
-
- if (!doPriv && !doPub) doPriv = PR_TRUE;
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- secDir = SECU_ConfigDirectory(secDir);
- if (strcmp(nickname, "none")) {
- rv = NSS_Init(secDir);
- if (rv != SECSuccess) {
- fprintf(stderr, "NSS_Init failed.\n");
- exit(1);
- }
- certdb = CERT_GetDefaultCertDB();
- } else {
- rv = NSS_NoDB_Init(secDir);
- if (rv != SECSuccess) {
- fprintf(stderr, "NSS_NoDB_Init failed.\n");
- exit(1);
- }
- }
-#if defined(SECU_GetPassword)
- if (doPub) {
- if (!strcmp(nickname, "none")) {
- pubKey = getDefaultRSAPublicKey();
- } else {
- cert = CERT_FindCertByNickname(certdb, nickname);
- if (cert == NULL) {
- fprintf(stderr,
- "Can't find certificate by name \"%s\"\n", nickname);
- exit(1);
- }
- pubHighKey = CERT_ExtractPublicKey(cert);
- pubKey = SECU_ConvHighToLow(pubHighKey);
- }
- if (pubKey == NULL) {
- fprintf(stderr, "Can't extract public key from certificate");
- exit(1);
- }
- fn = (RSAOp)RSA_PublicKeyOp;
- rsaKey = (void *)(&pubKey->u.rsa);
- }
-
- if (doPriv) {
-
- if (!strcmp(nickname, "none")) {
- privKey = getDefaultRSAPrivateKey();
- } else {
- cert = CERT_FindCertByNickname(certdb, nickname);
- if (cert == NULL) {
- fprintf(stderr,
- "Can't find certificate by name \"%s\"\n", nickname);
- exit(1);
- }
-
- privKey = SECKEY_FindKeyByCert(keydb, cert, SECU_GetPassword, NULL);
- }
- if (privKey == NULL) {
- fprintf(stderr,
- "Can't find private key by name \"%s\"\n", nickname);
- exit(1);
- }
-
- fn = (RSAOp)RSA_PrivateKeyOp;
- rsaKey = (void *)(&privKey->u.rsa);
- }
-#else
- if (doPub) {
- pubKey = getDefaultRSAPublicKey();
- fn = (RSAOp)RSA_PublicKeyOp;
- rsaKey = (void *)(&pubKey->u.rsa);
- }
- if (doPriv) {
- privKey = getDefaultRSAPrivateKey();
- fn = (RSAOp)RSA_PrivateKeyOp;
- rsaKey = (void *)(&privKey->u.rsa);
- }
-#endif
-
- memset(buf, 1, sizeof buf);
- rv = fn(rsaKey, buf2, buf);
- if (rv != SECSuccess) {
- PRErrorCode errNum;
- const char * errStr = NULL;
-
- errNum = PR_GetError();
- if (errNum)
- errStr = SECU_Strerror(errNum);
- else
- errNum = rv;
- if (!errStr)
- errStr = "(null)";
- fprintf(stderr, "Error in RSA operation: %d : %s\n", errNum, errStr);
- exit(1);
- }
-
-/* printf("START\n"); */
-
- timeCtx = CreateTimingContext();
- TimingBegin(timeCtx);
- i = iters;
- while (i--) {
- rv = fn(rsaKey, buf2, buf);
- if (rv != SECSuccess) {
- PRErrorCode errNum = PR_GetError();
- const char * errStr = SECU_Strerror(errNum);
- fprintf(stderr, "Error in RSA operation: %d : %s\n",
- errNum, errStr);
- exit(1);
- }
- }
- TimingEnd(timeCtx);
- printf("%ld iterations in %s\n",
- iters, TimingGenerateString(timeCtx));
- TimingDivide(timeCtx, iters);
- printf("one operation every %s\n", TimingGenerateString(timeCtx));
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/samples/cert b/security/nss/cmd/samples/cert
deleted file mode 100644
index 3f8ec48df..000000000
--- a/security/nss/cmd/samples/cert
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB7TCCAVYCAgMaMA0GCSqGSIb3DQEBBAUAMEcxCzAJBgNVBAYTAlVTMRAwDgYD
-VQQLEwdUZXN0IENBMSYwJAYDVQQKEx1OZXRzY2FwZSBDb21tdW5pY2F0aW9ucyBD
-b3JwLjAeFw05NTEyMDgwMjQwMjdaFw05NjAzMDcwMjQwMjdaMDgxFjAUBgNVBAMT
-DURhdmlkIGthcmx0b24xETAPBgNVBAoTCE5ldHNjYXBlMQswCQYDVQQGEwJVUzCB
-nTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAltV2TH+QxqlgfUFk+UyiYAjByxrC
-dCSIa/FwRaPceLvE7ycD9L6AC4JA6k58E6ICsr/Y8TsXT4UmZhhLNc50VgSo8cGQ
-lajqIDvntq8M1uCXiVOnXmIAqoB6E8GiqW+9evOkgkumMksSwXiXAhMM7vJt3IU6
-b+FwdF5cRs0u1FUCAQMwDQYJKoZIhvcNAQEEBQADgYEAkFdr3ypcvI2+Xgwfp7+d
-YtN7w4UnQ7LR9FKmlnBauTVLmUtichn/O3WMT9cYTtZm5QQVRaE3qrGh0Nr6Ko1E
-nIHowd36TN45zkFraWoATfCV/f+P37WaADp20l2ryEY0Jpe4gnoeZ0+/ffoxyajC
-LZEJL6Dv2Ed83cebLjYxKsI=
-
------END CERTIFICATE-----
-
diff --git a/security/nss/cmd/samples/cert0 b/security/nss/cmd/samples/cert0
deleted file mode 100644
index 05cdc8553..000000000
--- a/security/nss/cmd/samples/cert0
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/cert1 b/security/nss/cmd/samples/cert1
deleted file mode 100644
index 38a7d299a..000000000
--- a/security/nss/cmd/samples/cert1
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/cert2 b/security/nss/cmd/samples/cert2
deleted file mode 100644
index 147c3eb9e..000000000
--- a/security/nss/cmd/samples/cert2
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7.ber b/security/nss/cmd/samples/pkcs7.ber
deleted file mode 100644
index 6e3814c37..000000000
--- a/security/nss/cmd/samples/pkcs7.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7bday.ber b/security/nss/cmd/samples/pkcs7bday.ber
deleted file mode 100644
index 0ee6cfc13..000000000
--- a/security/nss/cmd/samples/pkcs7bday.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7cnet.ber b/security/nss/cmd/samples/pkcs7cnet.ber
deleted file mode 100644
index df2bb2dd1..000000000
--- a/security/nss/cmd/samples/pkcs7cnet.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7news.ber b/security/nss/cmd/samples/pkcs7news.ber
deleted file mode 100644
index c46a1786d..000000000
--- a/security/nss/cmd/samples/pkcs7news.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/x509v3.der b/security/nss/cmd/samples/x509v3.der
deleted file mode 100644
index 1ada57c56..000000000
--- a/security/nss/cmd/samples/x509v3.der
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/x509v3.txt b/security/nss/cmd/samples/x509v3.txt
deleted file mode 100644
index dde307697..000000000
--- a/security/nss/cmd/samples/x509v3.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-MIIByzCCAXWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBLMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNVmVyaVNpZ24gSW5jLjEUMBIGA1UECxMLRW5naW5lZXJpbmcxDjAM
-BgNVBAMTBUphc29uMB4XDTk1MDgwODA3MDAwMFoXDTk2MDgwNzA3MDAwMFowSzEL
-MAkGA1UEBhMCVVMxFjAUBgNVBAoTDVZlcmlTaWduIEluYy4xFDASBgNVBAsTC0Vu
-Z2luZWVyaW5nMQ4wDAYDVQQDEwVKYXNvbjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCvpXRU9t3NPFXvxJz2vuxX4zI55AA+xY1PsAEadhwWEMF2EnpG8woF4EGTwLdx
-xrw3Eirzu5RAAhqegCN1aPVBAgMBAAGjRDBCMBQGA2FiYwEB/wQKZXh0ZW5zaW9u
-MTAUBgNkZWYBAf8ECmV4dGVuc2lvbjIwFAYDZ2hpAQH/BApleHRlbnNpb24zMA0G
-CSqGSIb3DQEBBAUAA0EAawLNWFSYMtywAqkSYJb1gejljqi9QAtLZIM2ui+RCTP2
-jEjW5bp4oU1RX2iBSfU+MdEZx9DpMNjqBLrgOy1Djw==
diff --git a/security/nss/cmd/sdrtest/Makefile b/security/nss/cmd/sdrtest/Makefile
deleted file mode 100644
index 490f738e5..000000000
--- a/security/nss/cmd/sdrtest/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/sdrtest/manifest.mn b/security/nss/cmd/sdrtest/manifest.mn
deleted file mode 100644
index a8a08fed0..000000000
--- a/security/nss/cmd/sdrtest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- sdrtest.c \
- $(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = sdrtest
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/sdrtest/sdrtest.c b/security/nss/cmd/sdrtest/sdrtest.c
deleted file mode 100644
index 5bcdd4cde..000000000
--- a/security/nss/cmd/sdrtest/sdrtest.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for SDR (Secret Decoder Ring) functions.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "string.h"
-#include "nss.h"
-#include "secutil.h"
-#include "cert.h"
-#include "pk11func.h"
-
-#include "plgetopt.h"
-#include "pk11sdr.h"
-#include "secrng.h"
-
-#define DEFAULT_VALUE "Test"
-
-static void
-synopsis (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr,
- "\t%s [-i <input-file>] [-o <output-file>] [-r <text>] [-d <dir>]\n",
- program_name);
-}
-
-
-static void
-short_usage (char *program_name)
-{
- PR_fprintf (PR_STDERR,
- "Type %s -H for more detailed descriptions\n",
- program_name);
- synopsis (program_name);
-}
-
-
-static void
-long_usage (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- synopsis (program_name);
- PR_fprintf (pr_stderr, "\nSecret Decoder Test:\n");
- PR_fprintf (pr_stderr,
- " %-13s Read encrypted data from \"file\"\n",
- "-i file");
- PR_fprintf (pr_stderr,
- " %-13s Write newly generated encrypted data to \"file\"\n",
- "-o file");
- PR_fprintf (pr_stderr,
- " %-13s Use \"text\" as the plaintext for encryption and verification\n",
- "-t text");
- PR_fprintf (pr_stderr,
- " %-13s Find security databases in \"dbdir\"\n",
- "-d dbdir");
-}
-
-int
-main (int argc, char **argv)
-{
- int retval = 0; /* 0 - test succeeded. -1 - test failed */
- SECStatus rv;
- PLOptState *optstate;
- char *program_name;
- const char *input_file = NULL; /* read encrypted data from here (or create) */
- const char *output_file = NULL; /* write new encrypted data here */
- const char *value = DEFAULT_VALUE; /* Use this for plaintext */
- SECItem data;
- SECItem result;
- SECItem text;
- PRBool verbose = PR_FALSE;
-
- result.data = 0;
- text.data = 0; text.len = 0;
-
- program_name = PL_strrchr(argv[0], '/');
- program_name = program_name ? (program_name + 1) : argv[0];
-
- optstate = PL_CreateOptState (argc, argv, "Hd:i:o:t:v");
- if (optstate == NULL) {
- SECU_PrintError (program_name, "PL_CreateOptState failed");
- return -1;
- }
-
- while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- short_usage (program_name);
- return retval;
-
- case 'H':
- long_usage (program_name);
- return retval;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- input_file = optstate->value;
- break;
-
- case 'o':
- output_file = optstate->value;
- break;
-
- case 't':
- value = optstate->value;
- break;
-
- case 'v':
- verbose = PR_TRUE;
- break;
- }
- }
-
- /*
- * Initialize the Security libraries.
- */
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- if (output_file) {
- rv = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
- } else {
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- }
- if (rv != SECSuccess) {
- retval = -1;
- goto prdone;
- }
-
- /* Convert value into an item */
- data.data = (unsigned char *)value;
- data.len = strlen(value);
-
- /* Get the encrypted result, either from the input file
- * or from encrypting the plaintext value
- */
- if (input_file)
- {
- PRFileDesc *file /* = PR_OpenFile(input_file, 0) */;
- PRFileInfo info;
- PRStatus s;
- PRInt32 count;
-
- if (verbose) printf("Reading data from %s\n", input_file);
-
- file = PR_Open(input_file, PR_RDONLY, 0);
- if (!file) {
- if (verbose) printf("Open of file failed\n");
- retval = -1;
- goto loser;
- }
-
- s = PR_GetOpenFileInfo(file, &info);
- if (s != PR_SUCCESS) {
- if (verbose) printf("File info operation failed\n");
- retval = -1;
- goto file_loser;
- }
-
- result.len = info.size;
- result.data = (unsigned char *)malloc(result.len);
- if (!result.data) {
- if (verbose) printf("Allocation of buffer failed\n");
- retval = -1;
- goto file_loser;
- }
-
- count = PR_Read(file, result.data, result.len);
- if (count != result.len) {
- if (verbose) printf("Read failed\n");
- retval = -1;
- goto file_loser;
- }
-
-file_loser:
- PR_Close(file);
- if (retval != 0) goto loser;
- }
- else
- {
- SECItem keyid = { 0, 0, 0 };
- PK11SlotInfo *slot = NULL;
-
- /* sigh, initialize the key database */
- slot = PK11_GetInternalKeySlot();
- if (slot && PK11_NeedUserInit(slot)) {
- rv = SECU_ChangePW(slot, "", 0);
- if (rv != SECSuccess) {
- SECU_PrintError(program_name, "Failed to initialize slot \"%s\"",
- PK11_GetSlotName(slot));
- return SECFailure;
- }
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
-
- rv = PK11SDR_Encrypt(&keyid, &data, &result, 0);
- if (rv != SECSuccess) {
- if (verbose) printf("Encrypt operation failed\n");
- retval = -1;
- goto loser;
- }
-
- if (verbose) printf("Encrypted result is %d bytes long\n", result.len);
-
- /* -v printf("Result is %.*s\n", text.len, text.data); */
- if (output_file)
- {
- PRFileDesc *file;
- PRInt32 count;
-
- if (verbose) printf("Writing result to %s\n", output_file);
-
- /* Write to file */
- file = PR_Open(output_file, PR_CREATE_FILE|PR_WRONLY, 0666);
- if (!file) {
- if (verbose) printf("Open of output file failed\n");
- retval = -1;
- goto loser;
- }
-
- count = PR_Write(file, result.data, result.len);
-
- PR_Close(file);
-
- if (count != result.len) {
- if (verbose) printf("Write failed\n");
- retval = -1;
- goto loser;
- }
- }
- }
-
- /* Decrypt the value */
- rv = PK11SDR_Decrypt(&result, &text, 0);
- if (rv != SECSuccess) {
- if (verbose) printf("Decrypt operation failed\n");
- retval = -1;
- goto loser;
- }
-
- if (verbose) printf("Decrypted result is %.*s\n", text.len, text.data);
-
- /* Compare to required value */
- if (text.len != data.len || memcmp(data.data, text.data, text.len) != 0)
- {
- if (verbose) printf("Comparison failed\n");
- retval = -1;
- goto loser;
- }
-
-loser:
- if (text.data) free(text.data);
- if (result.data) free(result.data);
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
-prdone:
- PR_Cleanup ();
- return retval;
-}
diff --git a/security/nss/cmd/selfserv/Makefile b/security/nss/cmd/selfserv/Makefile
deleted file mode 100644
index f2a407990..000000000
--- a/security/nss/cmd/selfserv/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/selfserv/makefile.win b/security/nss/cmd/selfserv/makefile.win
deleted file mode 100644
index 8fda0b906..000000000
--- a/security/nss/cmd/selfserv/makefile.win
+++ /dev/null
@@ -1,136 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = selfserv
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-IGNORE_ME2 = \
- $(WINFE)/feutil.obj \
- $(WINFE)/fenet.obj \
- $(WINFE)/fegui.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- $(SEC_LIBS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/selfserv/manifest.mn b/security/nss/cmd/selfserv/manifest.mn
deleted file mode 100644
index e97085201..000000000
--- a/security/nss/cmd/selfserv/manifest.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = selfserv.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-PROGRAM = selfserv
-
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
deleted file mode 100644
index 41f1efe8b..000000000
--- a/security/nss/cmd/selfserv/selfserv.c
+++ /dev/null
@@ -1,1752 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* -r flag is interepreted as follows:
- * 1 -r means request, not require, on initial handshake.
- * 2 -r's mean request and require, on initial handshake.
- * 3 -r's mean request, not require, on second handshake.
- * 4 -r's mean request and require, on second handshake.
- */
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(_WINDOWS)
-#include <process.h> /* for getpid() */
-#endif
-
-#ifdef XP_OS2_VACPP
-#include <Process.h> /* for getpid() */
-#endif
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prerror.h"
-#include "prnetdb.h"
-#include "prclist.h"
-#include "plgetopt.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "nss.h"
-#include "ssl.h"
-#include "sslproto.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#ifndef PORT_Strstr
-#define PORT_Strstr strstr
-#endif
-
-#ifndef PORT_Malloc
-#define PORT_Malloc PR_Malloc
-#endif
-
-#define NUM_SID_CACHE_ENTRIES 1024
-
-static int handle_connection( PRFileDesc *, PRFileDesc *, int );
-
-static const char envVarName[] = { SSL_ENV_VAR_NAME };
-static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" };
-
-static PRBool logStats = PR_FALSE;
-static int logPeriod = 30;
-static PRUint32 loggerOps = 0;
-
-const int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
-#ifdef NSS_ENABLE_ECC
- /* NOTE: Since no new SSL2 ciphersuites are being
- * invented, and we've run out of lowercase letters
- * for SSL3 ciphers, we use letters G and beyond
- * for new SSL3 ciphers. A -1 indicates the cipher
- * is not currently implemented.
- */
- -1, /* TLS_ECDH_ECDSA_WITH_NULL_SHA, * G */
- -1, /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA, * H */
- -1, /* TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, * I */
- -1, /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, * J */
- -1, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, * K */
- -1, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, * L */
- -1, /* TLS_ECDH_RSA_WITH_NULL_SHA, * M */
- -1, /* TLS_ECDH_RSA_WITH_RC4_128_SHA, * N */
- -1, /* TLS_ECDH_RSA_WITH_DES_CBC_SHA, * O */
- -1, /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, * P */
- -1, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, * Q */
- -1, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, * R */
- -1, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, * S */
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, /* T */
-#endif /* NSS_ENABLE_ECC */
- 0
-};
-
-const int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- -1, /* TLS_DHE_DSS_WITH_RC4_128_SHA, * o */
- -1, /* SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, * p */
- -1, /* SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, * q */
- -1, /* SSL_DHE_RSA_WITH_DES_CBC_SHA, * r */
- -1, /* SSL_DHE_DSS_WITH_DES_CBC_SHA, * s */
- -1, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA, * t */
- -1, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA, * u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- -1, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA, * w */
- -1, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA, * x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- SSL_RSA_WITH_NULL_SHA, /* z */
- 0
-};
-
-/* data and structures for shutdown */
-static int stopping;
-
-static PRBool noDelay;
-static int requestCert;
-static int verbose;
-static SECItem bigBuf;
-
-static PRThread * acceptorThread;
-
-static PRLogModuleInfo *lm;
-
-/* Add custom password handler because SECU_GetModulePassword
- * makes automation of this program next to impossible.
- */
-
-char *
-ownPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
-
- return passwd;
-}
-
-#define PRINTF if (verbose) printf
-#define FPRINTF if (verbose) fprintf
-#define FLUSH if (verbose) { fflush(stdout); fflush(stderr); }
-#define VLOG(arg) PR_LOG(lm,PR_LOG_DEBUG,arg)
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
-
-"Usage: %s -n rsa_nickname -p port [-3DRTbmrvx] [-w password] [-t threads]\n"
-" [-i pid_file] [-c ciphers] [-d dbdir] [-f fortezza_nickname] \n"
-" [-L [seconds]] [-M maxProcs] [-l]\n"
-"-3 means disable SSL v3\n"
-"-D means disable Nagle delays in TCP\n"
-"-T means disable TLS\n"
-"-R means disable detection of rollback from TLS to SSL3\n"
-"-b means try binding to the port and exit\n"
-"-m means test the model-socket feature of SSL_ImportFD.\n"
-"-r flag is interepreted as follows:\n"
-" 1 -r means request, not require, cert on initial handshake.\n"
-" 2 -r's mean request and require, cert on initial handshake.\n"
-" 3 -r's mean request, not require, cert on second handshake.\n"
-" 4 -r's mean request and require, cert on second handshake.\n"
-"-v means verbose output\n"
-"-x means use export policy.\n"
-"-L seconds means log statistics every 'seconds' seconds (default=30).\n"
-"-M maxProcs tells how many processes to run in a multi-process server\n"
-"-t threads -- specify the number of threads to use for connections.\n"
-"-i pid_file file to write the process id of selfserve\n"
-"-c ciphers Letter(s) chosen from the following list\n"
-"-l means use local threads instead of global threads\n"
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-#ifdef NSS_ENABLE_ECC
-"T TLS ECDHE RSA WITH AES 128 CBC SHA\n"
-#endif /* NSS_ENABLE_ECC */
-"\n"
-"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
-"n SSL3 RSA WITH RC4 128 SHA\n"
-"v SSL3 RSA WITH AES 128 CBC SHA\n"
-"y SSL3 RSA WITH AES 256 CBC SHA\n"
-"z SSL3 RSA WITH NULL SHA\n"
- ,progName);
-}
-
-static const char *
-errWarn(char * funcString)
-{
- PRErrorCode perr = PR_GetError();
- const char * errString = SECU_Strerror(perr);
-
- fprintf(stderr, "selfserv: %s returned error %d:\n%s\n",
- funcString, perr, errString);
- return errString;
-}
-
-static void
-errExit(char * funcString)
-{
- errWarn(funcString);
- exit(3);
-}
-
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-static SECStatus
-mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
- PRBool isServer)
-{
- SECStatus rv;
- CERTCertificate * peerCert;
-
- peerCert = SSL_PeerCertificate(fd);
-
- PRINTF("selfserv: Subject: %s\nselfserv: Issuer : %s\n",
- peerCert->subjectName, peerCert->issuerName);
-
- rv = SSL_AuthCertificate(arg, fd, checkSig, isServer);
-
- if (rv == SECSuccess) {
- PRINTF("selfserv: -- SSL3: Certificate Validated.\n");
- } else {
- int err = PR_GetError();
- FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n",
- err, SECU_Strerror(err));
- }
- CERT_DestroyCertificate(peerCert);
- FLUSH;
- return rv;
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- CERTCertificate * cert = NULL;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
- SECStatus result;
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
-
- PRINTF(
- "selfserv: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
- ssl3stats->hch_sid_cache_not_ok);
-
- result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
- if (result == SECSuccess &&
- channel.length == sizeof channel &&
- channel.cipherSuite) {
- result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
- &suite, sizeof suite);
- if (result == SECSuccess) {
- FPRINTF(stderr,
- "selfserv: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
- channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
- suite.effectiveKeyBits, suite.symCipherName,
- suite.macBits, suite.macAlgorithmName);
- FPRINTF(stderr,
- "selfserv: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
- channel.authKeyBits, suite.authAlgorithmName,
- channel.keaKeyBits, suite.keaTypeName);
- }
- }
- if (requestCert)
- cert = SSL_PeerCertificate(fd);
- else
- cert = SSL_LocalCertificate(fd);
- if (cert) {
- char * ip = CERT_NameToAscii(&cert->issuer);
- char * sp = CERT_NameToAscii(&cert->subject);
- if (sp) {
- FPRINTF(stderr, "selfserv: subject DN: %s\n", sp);
- PR_Free(sp);
- }
- if (ip) {
- FPRINTF(stderr, "selfserv: issuer DN: %s\n", ip);
- PR_Free(ip);
- }
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- FLUSH;
-}
-
-static int MakeCertOK;
-
-static SECStatus
-myBadCertHandler( void *arg, PRFileDesc *fd)
-{
- int err = PR_GetError();
- if (!MakeCertOK)
- fprintf(stderr,
- "selfserv: -- SSL: Client Certificate Invalid, err %d.\n%s\n",
- err, SECU_Strerror(err));
- return (MakeCertOK ? SECSuccess : SECFailure);
-}
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-#define MIN_THREADS 3
-#define DEFAULT_THREADS 8
-#define MAX_THREADS 128
-#define MAX_PROCS 25
-static int maxThreads = DEFAULT_THREADS;
-
-
-typedef struct jobStr {
- PRCList link;
- PRFileDesc *tcp_sock;
- PRFileDesc *model_sock;
- int requestCert;
-} JOB;
-
-static PZLock * qLock; /* this lock protects all data immediately below */
-static PZCondVar * jobQNotEmptyCv;
-static PZCondVar * freeListNotEmptyCv;
-static PZCondVar * threadCountChangeCv;
-static int threadCount;
-static PRCList jobQ;
-static PRCList freeJobs;
-static JOB *jobTable;
-
-SECStatus
-setupJobs(int maxJobs)
-{
- int i;
-
- jobTable = (JOB *)PR_Calloc(maxJobs, sizeof(JOB));
- if (!jobTable)
- return SECFailure;
-
- PR_INIT_CLIST(&jobQ);
- PR_INIT_CLIST(&freeJobs);
-
- for (i = 0; i < maxJobs; ++i) {
- JOB * pJob = jobTable + i;
- PR_APPEND_LINK(&pJob->link, &freeJobs);
- }
- return SECSuccess;
-}
-
-typedef int startFn(PRFileDesc *a, PRFileDesc *b, int c);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- PRFileDesc *a;
- PRFileDesc *b;
- int c;
- int rv;
- startFn * startFunc;
- PRThread * prThread;
- runState state;
-} perThread;
-
-static perThread *threads;
-
-void
-thread_wrapper(void * arg)
-{
- perThread * slot = (perThread *)arg;
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b, slot->c);
-
- /* notify the thread exit handler. */
- PZ_Lock(qLock);
- slot->state = rs_zombie;
- --threadCount;
- PZ_NotifyAllCondVar(threadCountChangeCv);
- PZ_Unlock(qLock);
-}
-
-int
-jobLoop(PRFileDesc *a, PRFileDesc *b, int c)
-{
- PRCList * myLink = 0;
- JOB * myJob;
-
- PZ_Lock(qLock);
- do {
- myLink = 0;
- while (PR_CLIST_IS_EMPTY(&jobQ) && !stopping) {
- PZ_WaitCondVar(jobQNotEmptyCv, PR_INTERVAL_NO_TIMEOUT);
- }
- if (!PR_CLIST_IS_EMPTY(&jobQ)) {
- myLink = PR_LIST_HEAD(&jobQ);
- PR_REMOVE_AND_INIT_LINK(myLink);
- }
- PZ_Unlock(qLock);
- myJob = (JOB *)myLink;
- /* myJob will be null when stopping is true and jobQ is empty */
- if (!myJob)
- break;
- handle_connection( myJob->tcp_sock, myJob->model_sock,
- myJob->requestCert);
- PZ_Lock(qLock);
- PR_APPEND_LINK(myLink, &freeJobs);
- PZ_NotifyCondVar(freeListNotEmptyCv);
- } while (PR_TRUE);
- return 0;
-}
-
-
-SECStatus
-launch_threads(
- startFn *startFunc,
- PRFileDesc *a,
- PRFileDesc *b,
- int c,
- PRBool local)
-{
- int i;
- SECStatus rv = SECSuccess;
-
- /* create the thread management serialization structs */
- qLock = PZ_NewLock(nssILockSelfServ);
- jobQNotEmptyCv = PZ_NewCondVar(qLock);
- freeListNotEmptyCv = PZ_NewCondVar(qLock);
- threadCountChangeCv = PZ_NewCondVar(qLock);
-
- /* allocate the array of thread slots */
- threads = PR_Calloc(maxThreads, sizeof(perThread));
- if ( NULL == threads ) {
- fprintf(stderr, "Oh Drat! Can't allocate the perThread array\n");
- return SECFailure;
- }
- /* 5 is a little extra, intended to keep the jobQ from underflowing.
- ** That is, from going empty while not stopping and clients are still
- ** trying to contact us.
- */
- rv = setupJobs(maxThreads + 5);
- if (rv != SECSuccess)
- return rv;
-
- PZ_Lock(qLock);
- for (i = 0; i < maxThreads; ++i) {
- perThread * slot = threads + i;
-
- slot->state = rs_running;
- slot->a = a;
- slot->b = b;
- slot->c = c;
- slot->startFunc = startFunc;
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, slot, PR_PRIORITY_NORMAL,
- (PR_TRUE==local)?PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
- PR_UNJOINABLE_THREAD, 0);
- if (slot->prThread == NULL) {
- printf("selfserv: Failed to launch thread!\n");
- slot->state = rs_idle;
- rv = SECFailure;
- break;
- }
-
- ++threadCount;
- }
- PZ_Unlock(qLock);
-
- return rv;
-}
-
-#define DESTROY_CONDVAR(name) if (name) { \
- PZ_DestroyCondVar(name); name = NULL; }
-#define DESTROY_LOCK(name) if (name) { \
- PZ_DestroyLock(name); name = NULL; }
-
-
-void
-terminateWorkerThreads(void)
-{
- VLOG(("selfserv: server_thead: waiting on stopping"));
- PZ_Lock(qLock);
- PZ_NotifyAllCondVar(jobQNotEmptyCv);
- while (threadCount > 0) {
- PZ_WaitCondVar(threadCountChangeCv, PR_INTERVAL_NO_TIMEOUT);
- }
- PZ_Unlock(qLock);
-
- DESTROY_CONDVAR(jobQNotEmptyCv);
- DESTROY_CONDVAR(freeListNotEmptyCv);
- DESTROY_CONDVAR(threadCountChangeCv);
-
- DESTROY_LOCK(qLock);
- PR_Free(jobTable);
- PR_Free(threads);
-}
-
-static void
-logger(void *arg)
-{
- PRFloat64 seconds;
- PRFloat64 opsPerSec;
- PRIntervalTime period;
- PRIntervalTime previousTime;
- PRIntervalTime latestTime;
- PRUint32 previousOps;
- PRUint32 ops;
- PRIntervalTime logPeriodTicks = PR_SecondsToInterval(logPeriod);
- PRFloat64 secondsPerTick = 1.0 / (PRFloat64)PR_TicksPerSecond();
-
- previousOps = loggerOps;
- previousTime = PR_IntervalNow();
-
- for (;;) {
- PR_Sleep(logPeriodTicks);
- latestTime = PR_IntervalNow();
- ops = loggerOps;
- period = latestTime - previousTime;
- seconds = (PRFloat64) period*secondsPerTick;
- opsPerSec = (ops - previousOps) / seconds;
- printf("%.2f ops/second, %d threads\n", opsPerSec, threadCount);
- fflush(stdout);
- previousOps = ops;
- previousTime = latestTime;
- }
-}
-
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-PRBool useModelSocket = PR_FALSE;
-PRBool disableSSL3 = PR_FALSE;
-PRBool disableTLS = PR_FALSE;
-PRBool disableRollBack = PR_FALSE;
-
-static const char stopCmd[] = { "GET /stop " };
-static const char getCmd[] = { "GET " };
-static const char EOFmsg[] = { "EOF\r\n\r\n\r\n" };
-static const char outHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: Generic Web Server\r\n"
- "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-#ifdef FULL_DUPLEX_CAPABLE
-
-struct lockedVarsStr {
- PZLock * lock;
- int count;
- int waiters;
- PZCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PZ_NewLock(nssILockSelfServ);
- lv->condVar = PZ_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PZ_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PZ_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PZ_Lock(lv->lock);
- while (lv->count > 0) {
- PZ_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PZ_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PZ_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PZ_NotifyCondVar(lv->condVar);
- }
- PZ_Unlock(lv->lock);
- return rv;
-}
-
-int
-do_writes(
- PRFileDesc * ssl_sock,
- PRFileDesc * model_sock,
- int requestCert
- )
-{
- int sent = 0;
- int count = 0;
- lockedVars * lv = (lockedVars *)model_sock;
-
- VLOG(("selfserv: do_writes: starting"));
- while (sent < bigBuf.len) {
-
- count = PR_Write(ssl_sock, bigBuf.data + sent, bigBuf.len - sent);
- if (count < 0) {
- errWarn("PR_Write bigBuf");
- break;
- }
- FPRINTF(stderr, "selfserv: PR_Write wrote %d bytes from bigBuf\n", count );
- sent += count;
- }
- if (count >= 0) { /* last write didn't fail. */
- PR_Shutdown(ssl_sock, PR_SHUTDOWN_SEND);
- }
-
- /* notify the reader that we're done. */
- lockedVars_AddToCount(lv, -1);
- FLUSH;
- VLOG(("selfserv: do_writes: exiting"));
- return (sent < bigBuf.len) ? SECFailure : SECSuccess;
-}
-
-static int
-handle_fdx_connection(
- PRFileDesc * tcp_sock,
- PRFileDesc * model_sock,
- int requestCert
- )
-{
- PRFileDesc * ssl_sock = NULL;
- SECStatus result;
- int firstTime = 1;
- lockedVars lv;
- PRSocketOptionData opt;
- char buf[10240];
-
-
- VLOG(("selfserv: handle_fdx_connection: starting"));
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcp_sock, &opt);
-
- if (useModelSocket && model_sock) {
- SECStatus rv;
- ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
- if (!ssl_sock) {
- errWarn("SSL_ImportFD with model");
- goto cleanup;
- }
- rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 1);
- if (rv != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
- } else {
- ssl_sock = tcp_sock;
- }
-
- lockedVars_Init(&lv);
- lockedVars_AddToCount(&lv, 1);
-
- /* Attempt to launch the writer thread. */
- result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv,
- requestCert);
-
- if (result == SECSuccess)
- do {
- /* do reads here. */
- int count;
- count = PR_Read(ssl_sock, buf, sizeof buf);
- if (count < 0) {
- errWarn("FDX PR_Read");
- break;
- }
- FPRINTF(stderr, "selfserv: FDX PR_Read read %d bytes.\n", count );
- if (firstTime) {
- firstTime = 0;
- printSecurityInfo(ssl_sock);
- }
- } while (lockedVars_AddToCount(&lv, 0) > 0);
-
- /* Wait for writer to finish */
- lockedVars_WaitForDone(&lv);
- lockedVars_Destroy(&lv);
- FLUSH;
-
-cleanup:
- if (ssl_sock)
- PR_Close(ssl_sock);
- else
- PR_Close(tcp_sock);
-
- VLOG(("selfserv: handle_fdx_connection: exiting"));
- return SECSuccess;
-}
-
-#endif
-
-int
-handle_connection(
- PRFileDesc *tcp_sock,
- PRFileDesc *model_sock,
- int requestCert
- )
-{
- PRFileDesc * ssl_sock = NULL;
- PRFileDesc * local_file_fd = NULL;
- char * post;
- char * pBuf; /* unused space at end of buf */
- const char * errString;
- PRStatus status;
- int bufRem; /* unused bytes at end of buf */
- int bufDat; /* characters received in buf */
- int newln = 0; /* # of consecutive newlns */
- int firstTime = 1;
- int reqLen;
- int rv;
- int numIOVs;
- PRSocketOptionData opt;
- PRIOVec iovs[16];
- char msgBuf[160];
- char buf[10240];
- char fileName[513];
-
- pBuf = buf;
- bufRem = sizeof buf;
- memset(buf, 0, sizeof buf);
-
- VLOG(("selfserv: handle_connection: starting"));
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcp_sock, &opt);
-
- VLOG(("selfserv: handle_connection: starting\n"));
- if (useModelSocket && model_sock) {
- SECStatus rv;
- ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
- if (!ssl_sock) {
- errWarn("SSL_ImportFD with model");
- goto cleanup;
- }
- rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 1);
- if (rv != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
- } else {
- ssl_sock = tcp_sock;
- }
-
- if (noDelay) {
- opt.option = PR_SockOpt_NoDelay;
- opt.value.no_delay = PR_TRUE;
- status = PR_SetSocketOption(ssl_sock, &opt);
- if (status != PR_SUCCESS) {
- errWarn("PR_SetSocketOption(PR_SockOpt_NoDelay, PR_TRUE)");
- PR_Close(ssl_sock);
- return SECFailure;
- }
- }
-
- while (1) {
- newln = 0;
- reqLen = 0;
- rv = PR_Read(ssl_sock, pBuf, bufRem);
- if (rv == 0 ||
- (rv < 0 && PR_END_OF_FILE_ERROR == PR_GetError())) {
- if (verbose)
- errWarn("HDX PR_Read hit EOF");
- break;
- }
- if (rv < 0) {
- errWarn("HDX PR_Read");
- goto cleanup;
- }
- if (firstTime) {
- firstTime = 0;
- printSecurityInfo(ssl_sock);
- }
-
- pBuf += rv;
- bufRem -= rv;
- bufDat = pBuf - buf;
- /* Parse the input, starting at the beginning of the buffer.
- * Stop when we detect two consecutive \n's (or \r\n's)
- * as this signifies the end of the GET or POST portion.
- * The posted data follows.
- */
- while (reqLen < bufDat && newln < 2) {
- int octet = buf[reqLen++];
- if (octet == '\n') {
- newln++;
- } else if (octet != '\r') {
- newln = 0;
- }
- }
-
- /* came to the end of the buffer, or second newln
- * If we didn't get an empty line (CRLFCRLF) then keep on reading.
- */
- if (newln < 2)
- continue;
-
- /* we're at the end of the HTTP request.
- * If the request is a POST, then there will be one more
- * line of data.
- * This parsing is a hack, but ok for SSL test purposes.
- */
- post = PORT_Strstr(buf, "POST ");
- if (!post || *post != 'P')
- break;
-
- /* It's a post, so look for the next and final CR/LF. */
- /* We should parse content length here, but ... */
- while (reqLen < bufDat && newln < 3) {
- int octet = buf[reqLen++];
- if (octet == '\n') {
- newln++;
- }
- }
- if (newln == 3)
- break;
- } /* read loop */
-
- bufDat = pBuf - buf;
- if (bufDat) do { /* just close if no data */
- /* Have either (a) a complete get, (b) a complete post, (c) EOF */
- if (reqLen > 0 && !strncmp(buf, getCmd, sizeof getCmd - 1)) {
- char * fnBegin = buf + 4;
- char * fnEnd;
- PRFileInfo info;
- /* try to open the file named.
- * If succesful, then write it to the client.
- */
- fnEnd = strpbrk(fnBegin, " \r\n");
- if (fnEnd) {
- int fnLen = fnEnd - fnBegin;
- if (fnLen < sizeof fileName) {
- strncpy(fileName, fnBegin, fnLen);
- fileName[fnLen] = 0; /* null terminate */
- status = PR_GetFileInfo(fileName, &info);
- if (status == PR_SUCCESS &&
- info.type == PR_FILE_FILE &&
- info.size >= 0 ) {
- local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
- }
- }
- }
- }
- /* if user has requested client auth in a subsequent handshake,
- * do it here.
- */
- if (requestCert > 2) { /* request cert was 3 or 4 */
- CERTCertificate * cert = SSL_PeerCertificate(ssl_sock);
- if (cert) {
- CERT_DestroyCertificate(cert);
- } else {
- rv = SSL_OptionSet(ssl_sock, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) {
- errWarn("second SSL_OptionSet SSL_REQUEST_CERTIFICATE");
- break;
- }
- rv = SSL_OptionSet(ssl_sock, SSL_REQUIRE_CERTIFICATE,
- (requestCert == 4));
- if (rv < 0) {
- errWarn("second SSL_OptionSet SSL_REQUIRE_CERTIFICATE");
- break;
- }
- rv = SSL_ReHandshake(ssl_sock, PR_TRUE);
- if (rv != 0) {
- errWarn("SSL_ReHandshake");
- break;
- }
- rv = SSL_ForceHandshake(ssl_sock);
- if (rv < 0) {
- errWarn("SSL_ForceHandshake");
- break;
- }
- }
- }
-
- numIOVs = 0;
-
- iovs[numIOVs].iov_base = (char *)outHeader;
- iovs[numIOVs].iov_len = (sizeof(outHeader)) - 1;
- numIOVs++;
-
- if (local_file_fd) {
- PRInt32 bytes;
- int errLen;
- bytes = PR_TransmitFile(ssl_sock, local_file_fd, outHeader,
- sizeof outHeader - 1,
- PR_TRANSMITFILE_KEEP_OPEN,
- PR_INTERVAL_NO_TIMEOUT);
- if (bytes >= 0) {
- bytes -= sizeof outHeader - 1;
- FPRINTF(stderr,
- "selfserv: PR_TransmitFile wrote %d bytes from %s\n",
- bytes, fileName);
- break;
- }
- errString = errWarn("PR_TransmitFile");
- errLen = PORT_Strlen(errString);
- if (errLen > sizeof msgBuf - 1)
- errLen = sizeof msgBuf - 1;
- PORT_Memcpy(msgBuf, errString, errLen);
- msgBuf[errLen] = 0;
-
- iovs[numIOVs].iov_base = msgBuf;
- iovs[numIOVs].iov_len = PORT_Strlen(msgBuf);
- numIOVs++;
- } else if (reqLen <= 0) { /* hit eof */
- PORT_Sprintf(msgBuf, "Get or Post incomplete after %d bytes.\r\n",
- bufDat);
-
- iovs[numIOVs].iov_base = msgBuf;
- iovs[numIOVs].iov_len = PORT_Strlen(msgBuf);
- numIOVs++;
- } else if (reqLen < bufDat) {
- PORT_Sprintf(msgBuf, "Discarded %d characters.\r\n",
- bufDat - reqLen);
-
- iovs[numIOVs].iov_base = msgBuf;
- iovs[numIOVs].iov_len = PORT_Strlen(msgBuf);
- numIOVs++;
- }
-
- if (reqLen > 0) {
- if (verbose > 1)
- fwrite(buf, 1, reqLen, stdout); /* display it */
-
- iovs[numIOVs].iov_base = buf;
- iovs[numIOVs].iov_len = reqLen;
- numIOVs++;
-
-/* printSecurityInfo(ssl_sock); */
- }
-
- iovs[numIOVs].iov_base = (char *)EOFmsg;
- iovs[numIOVs].iov_len = sizeof EOFmsg - 1;
- numIOVs++;
-
- rv = PR_Writev(ssl_sock, iovs, numIOVs, PR_INTERVAL_NO_TIMEOUT);
- if (rv < 0) {
- errWarn("PR_Writev");
- break;
- }
- } while (0);
-
-cleanup:
- PR_Close(ssl_sock);
- if (local_file_fd)
- PR_Close(local_file_fd);
- VLOG(("selfserv: handle_connection: exiting\n"));
-
- /* do a nice shutdown if asked. */
- if (!strncmp(buf, stopCmd, sizeof stopCmd - 1)) {
- stopping = 1;
- VLOG(("selfserv: handle_connection: stop command"));
- PR_Interrupt(acceptorThread);
- PZ_TraceFlush();
- }
- VLOG(("selfserv: handle_connection: exiting"));
- return SECSuccess; /* success */
-}
-
-SECStatus
-do_accepts(
- PRFileDesc *listen_sock,
- PRFileDesc *model_sock,
- int requestCert
- )
-{
- PRNetAddr addr;
- PRErrorCode perr;
-
- VLOG(("selfserv: do_accepts: starting"));
- PR_SetThreadPriority( PR_GetCurrentThread(), PR_PRIORITY_HIGH);
-
- acceptorThread = PR_GetCurrentThread();
- while (!stopping) {
- PRFileDesc *tcp_sock;
- PRCList *myLink;
-
- FPRINTF(stderr, "\n\n\nselfserv: About to call accept.\n");
- tcp_sock = PR_Accept(listen_sock, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (tcp_sock == NULL) {
- perr = PR_GetError();
- if ((perr != PR_CONNECT_RESET_ERROR &&
- perr != PR_PENDING_INTERRUPT_ERROR) || verbose) {
- errWarn("PR_Accept");
- }
- if (perr == PR_CONNECT_RESET_ERROR) {
- FPRINTF(stderr,
- "Ignoring PR_CONNECT_RESET_ERROR error - continue\n");
- continue;
- }
- stopping = 1;
- break;
- }
-
- VLOG(("selfserv: do_accept: Got connection\n"));
-
- if (logStats) {
- loggerOps++;
- }
-
- PZ_Lock(qLock);
- while (PR_CLIST_IS_EMPTY(&freeJobs) && !stopping) {
- PZ_WaitCondVar(freeListNotEmptyCv, PR_INTERVAL_NO_TIMEOUT);
- }
- if (stopping) {
- PZ_Unlock(qLock);
- PR_Close(tcp_sock);
- break;
- }
- myLink = PR_LIST_HEAD(&freeJobs);
- PR_REMOVE_AND_INIT_LINK(myLink);
- /* could release qLock here and reaquire it 7 lines below, but
- ** why bother for 4 assignment statements?
- */
- {
- JOB * myJob = (JOB *)myLink;
- myJob->tcp_sock = tcp_sock;
- myJob->model_sock = model_sock;
- myJob->requestCert = requestCert;
- }
-
- PR_APPEND_LINK(myLink, &jobQ);
- PZ_NotifyCondVar(jobQNotEmptyCv);
- PZ_Unlock(qLock);
- }
-
- FPRINTF(stderr, "selfserv: Closing listen socket.\n");
- VLOG(("selfserv: do_accepts: exiting"));
- PR_Close(listen_sock);
- return SECSuccess;
-}
-
-PRFileDesc *
-getBoundListenSocket(unsigned short port)
-{
- PRFileDesc * listen_sock;
- int listenQueueDepth = 5 + (2 * maxThreads);
- PRStatus prStatus;
- PRNetAddr addr;
- PRSocketOptionData opt;
-
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
-
- listen_sock = PR_NewTCPSocket();
- if (listen_sock == NULL) {
- errExit("PR_NewTCPSocket");
- }
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- prStatus = PR_SetSocketOption(listen_sock, &opt);
- if (prStatus < 0) {
- errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
- }
-
- opt.option=PR_SockOpt_Reuseaddr;
- opt.value.reuse_addr = PR_TRUE;
- prStatus = PR_SetSocketOption(listen_sock, &opt);
- if (prStatus < 0) {
- errExit("PR_SetSocketOption(PR_SockOpt_Reuseaddr)");
- }
-
- prStatus = PR_Bind(listen_sock, &addr);
- if (prStatus < 0) {
- errExit("PR_Bind");
- }
-
- prStatus = PR_Listen(listen_sock, listenQueueDepth);
- if (prStatus < 0) {
- errExit("PR_Listen");
- }
- return listen_sock;
-}
-
-void
-server_main(
- PRFileDesc * listen_sock,
- int requestCert,
- SECKEYPrivateKey ** privKey,
- CERTCertificate ** cert)
-{
- PRFileDesc *model_sock = NULL;
- int rv;
- SSLKEAType kea;
- SECStatus secStatus;
-
- if (useModelSocket) {
- model_sock = PR_NewTCPSocket();
- if (model_sock == NULL) {
- errExit("PR_NewTCPSocket on model socket");
- }
- model_sock = SSL_ImportFD(NULL, model_sock);
- if (model_sock == NULL) {
- errExit("SSL_ImportFD");
- }
- } else {
- model_sock = listen_sock = SSL_ImportFD(NULL, listen_sock);
- if (listen_sock == NULL) {
- errExit("SSL_ImportFD");
- }
- }
-
- /* do SSL configuration. */
- /* all suites except RSA_NULL_MD5 are enabled by default */
-
-#if 0
- /* This is supposed to be true by default.
- ** Setting it explicitly should not be necessary.
- ** Let's test and make sure that's true.
- */
- rv = SSL_OptionSet(model_sock, SSL_SECURITY, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_SECURITY");
- }
-#endif
-
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_SSL3, !disableSSL3);
- if (rv != SECSuccess) {
- errExit("error enabling SSLv3 ");
- }
-
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_TLS, !disableTLS);
- if (rv != SECSuccess) {
- errExit("error enabling TLS ");
- }
-
- rv = SSL_OptionSet(model_sock, SSL_ROLLBACK_DETECTION, !disableRollBack);
- if (rv != SECSuccess) {
- errExit("error enabling RollBack detection ");
- }
-
- for (kea = kt_rsa; kea < kt_kea_size; kea++) {
- if (cert[kea] != NULL) {
- secStatus = SSL_ConfigSecureServer(model_sock,
- cert[kea], privKey[kea], kea);
- if (secStatus != SECSuccess)
- errExit("SSL_ConfigSecureServer");
- }
- }
-
- if (bigBuf.data) { /* doing FDX */
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_FDX, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_ENABLE_FDX");
- }
- }
-
- /* This cipher is not on by default. The Acceptance test
- * would like it to be. Turn this cipher on.
- */
-
- secStatus = SSL_CipherPrefSetDefault( SSL_RSA_WITH_NULL_MD5, PR_TRUE);
- if ( secStatus != SECSuccess ) {
- errExit("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
- }
-
-
- if (requestCert) {
- SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
- if (requestCert <= 2) {
- rv = SSL_OptionSet(model_sock, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) {
- errExit("first SSL_OptionSet SSL_REQUEST_CERTIFICATE");
- }
- rv = SSL_OptionSet(model_sock, SSL_REQUIRE_CERTIFICATE,
- (requestCert == 2));
- if (rv < 0) {
- errExit("first SSL_OptionSet SSL_REQUIRE_CERTIFICATE");
- }
- }
- }
-
- if (MakeCertOK)
- SSL_BadCertHook(model_sock, myBadCertHandler, NULL);
-
- /* end of ssl configuration. */
-
-
- /* Now, do the accepting, here in the main thread. */
- rv = do_accepts(listen_sock, model_sock, requestCert);
-
- terminateWorkerThreads();
-
- if (useModelSocket && model_sock) {
- PR_Close(model_sock);
- }
-
-}
-
-SECStatus
-readBigFile(const char * fileName)
-{
- PRFileInfo info;
- PRStatus status;
- SECStatus rv = SECFailure;
- int count;
- int hdrLen;
- PRFileDesc *local_file_fd = NULL;
-
- status = PR_GetFileInfo(fileName, &info);
-
- if (status == PR_SUCCESS &&
- info.type == PR_FILE_FILE &&
- info.size > 0 &&
- NULL != (local_file_fd = PR_Open(fileName, PR_RDONLY, 0))) {
-
- hdrLen = PORT_Strlen(outHeader);
- bigBuf.len = hdrLen + info.size;
- bigBuf.data = PORT_Malloc(bigBuf.len + 4095);
- if (!bigBuf.data) {
- errWarn("PORT_Malloc");
- goto done;
- }
-
- PORT_Memcpy(bigBuf.data, outHeader, hdrLen);
-
- count = PR_Read(local_file_fd, bigBuf.data + hdrLen, info.size);
- if (count != info.size) {
- errWarn("PR_Read local file");
- goto done;
- }
- rv = SECSuccess;
-done:
- PR_Close(local_file_fd);
- }
- return rv;
-}
-
-int numChildren;
-PRProcess * child[MAX_PROCS];
-
-PRProcess *
-haveAChild(int argc, char **argv, PRProcessAttr * attr)
-{
- PRProcess * newProcess;
-
- newProcess = PR_CreateProcess(argv[0], argv, NULL, attr);
- if (!newProcess) {
- errWarn("Can't create new process.");
- } else {
- child[numChildren++] = newProcess;
- }
- return newProcess;
-}
-
-void
-beAGoodParent(int argc, char **argv, int maxProcs, PRFileDesc * listen_sock)
-{
- PRProcess * newProcess;
- PRProcessAttr * attr;
- int i;
- PRInt32 exitCode;
- PRStatus rv;
-
- rv = PR_SetFDInheritable(listen_sock, PR_TRUE);
- if (rv != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
-
- attr = PR_NewProcessAttr();
- if (!attr)
- errExit("PR_NewProcessAttr");
-
- rv = PR_ProcessAttrSetInheritableFD(attr, listen_sock, inheritableSockName);
- if (rv != PR_SUCCESS)
- errExit("PR_ProcessAttrSetInheritableFD");
-
- for (i = 0; i < maxProcs; ++i) {
- newProcess = haveAChild(argc, argv, attr);
- if (!newProcess)
- break;
- }
-
- rv = PR_SetFDInheritable(listen_sock, PR_FALSE);
- if (rv != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
-
- while (numChildren > 0) {
- newProcess = child[numChildren - 1];
- PR_WaitProcess(newProcess, &exitCode);
- fprintf(stderr, "Child %d exited with exit code %x\n",
- numChildren, exitCode);
- numChildren--;
- }
- exit(0);
-}
-
-#ifdef DEBUG_nelsonb
-
-#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
-#define SSL_GETPID getpid
-#elif defined(_WIN32_WCE)
-#define SSL_GETPID GetCurrentProcessId
-#elif defined(WIN32)
-extern int __cdecl _getpid(void);
-#define SSL_GETPID _getpid
-#else
-#define SSL_GETPID() 0
-#endif
-
-void
-WaitForDebugger(void)
-{
-
- int waiting = 12;
- int myPid = SSL_GETPID();
- PRIntervalTime nrval = PR_SecondsToInterval(5);
-
- while (waiting) {
- printf("child %d is waiting to be debugged!\n", myPid);
- PR_Sleep(nrval);
- --waiting;
- }
-}
-#endif
-
-int
-main(int argc, char **argv)
-{
- char * progName = NULL;
- char * nickName = NULL;
- char * fNickName = NULL;
- const char * fileName = NULL;
- char * cipherString= NULL;
- const char * dir = ".";
- char * passwd = NULL;
- const char * pidFile = NULL;
- char * tmp;
- char * envString;
- PRFileDesc * listen_sock;
- CERTCertificate * cert [kt_kea_size] = { NULL };
- SECKEYPrivateKey * privKey[kt_kea_size] = { NULL };
- int optionsFound = 0;
- int maxProcs = 1;
- unsigned short port = 0;
- SECStatus rv;
- PRStatus prStatus;
- PRBool bindOnly = PR_FALSE;
- PRBool useExportPolicy = PR_FALSE;
- PRBool useLocalThreads = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
- PRThread *loggerThread;
- PRBool debugCache = PR_FALSE; /* bug 90518 */
-
-
- tmp = strrchr(argv[0], '/');
- tmp = tmp ? tmp + 1 : argv[0];
- progName = strrchr(tmp, '\\');
- progName = progName ? progName + 1 : tmp;
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* please keep this list of options in ASCII collating sequence.
- ** numbers, then capital letters, then lower case, alphabetical.
- */
- optstate = PL_CreateOptState(argc, argv,
- "2:3DL:M:RTbc:d:f:hi:lmn:op:rt:vw:xy");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- ++optionsFound;
- switch(optstate->option) {
- case '2': fileName = optstate->value; break;
-
- case '3': disableSSL3 = PR_TRUE; break;
-
- case 'D': noDelay = PR_TRUE; break;
-
- case 'L':
- logStats = PR_TRUE;
- if (optstate->value == NULL) {
- logPeriod = 30;
- } else {
- logPeriod = PORT_Atoi(optstate->value);
- if (logPeriod <= 0) logPeriod = 30;
- }
- break;
-
- case 'M':
- maxProcs = PORT_Atoi(optstate->value);
- if (maxProcs < 1) maxProcs = 1;
- if (maxProcs > MAX_PROCS) maxProcs = MAX_PROCS;
- break;
-
- case 'R': disableRollBack = PR_TRUE; break;
-
- case 'T': disableTLS = PR_TRUE; break;
-
- case 'b': bindOnly = PR_TRUE; break;
-
- case 'c': cipherString = strdup(optstate->value); break;
-
- case 'd': dir = optstate->value; break;
-
- case 'f': fNickName = strdup(optstate->value); break;
-
- case 'h': Usage(progName); exit(0); break;
-
- case 'i': pidFile = optstate->value; break;
-
- case 'l': useLocalThreads = PR_TRUE; break;
-
- case 'm': useModelSocket = PR_TRUE; break;
-
- case 'n': nickName = strdup(optstate->value); break;
-
- case 'o': MakeCertOK = 1; break;
-
- case 'p': port = PORT_Atoi(optstate->value); break;
-
- case 'r': ++requestCert; break;
-
- case 't':
- maxThreads = PORT_Atoi(optstate->value);
- if ( maxThreads > MAX_THREADS ) maxThreads = MAX_THREADS;
- if ( maxThreads < MIN_THREADS ) maxThreads = MIN_THREADS;
- break;
-
- case 'v': verbose++; break;
-
- case 'w': passwd = strdup(optstate->value); break;
-
- case 'x': useExportPolicy = PR_TRUE; break;
-
- case 'y': debugCache = PR_TRUE; break;
-
- default:
- case '?':
- fprintf(stderr, "Unrecognized or bad option specified.\n");
- fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
- exit(4);
- break;
- }
- }
- PL_DestroyOptState(optstate);
- if (status == PL_OPT_BAD) {
- fprintf(stderr, "Unrecognized or bad option specified.\n");
- fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
- exit(5);
- }
- if (!optionsFound) {
- Usage(progName);
- exit(51);
- }
-
- /* The -b (bindOnly) option is only used by the ssl.sh test
- * script on Linux to determine whether a previous selfserv
- * process has fully died and freed the port. (Bug 129701)
- */
- if (bindOnly) {
- listen_sock = getBoundListenSocket(port);
- if (!listen_sock) {
- exit(1);
- }
- PR_Close(listen_sock);
- exit(0);
- }
-
- if ((nickName == NULL) && (fNickName == NULL)) {
- fprintf(stderr, "Required arg '-n' (rsa nickname) not supplied.\n");
- fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
- exit(6);
- }
-
- if (port == 0) {
- fprintf(stderr, "Required argument 'port' must be non-zero value\n");
- exit(7);
- }
-
- if (pidFile) {
- FILE *tmpfile=fopen(pidFile,"w+");
-
- if (tmpfile) {
- fprintf(tmpfile,"%d",getpid());
- fclose(tmpfile);
- }
- }
-
- envString = getenv(envVarName);
- tmp = getenv("TMP");
- if (!tmp)
- tmp = getenv("TMPDIR");
- if (!tmp)
- tmp = getenv("TEMP");
- if (envString) {
- /* we're one of the children in a multi-process server. */
- listen_sock = PR_GetInheritedFD(inheritableSockName);
- if (!listen_sock)
- errExit("PR_GetInheritedFD");
-#ifndef WINNT
- /* we can't do this on NT because it breaks NSPR and
- PR_Accept will fail on the socket in the child process if
- the socket state is change to non inheritable
- It is however a security issue to leave it accessible,
- but it is OK for a test server such as selfserv.
- NSPR should fix it eventually . see bugzilla 101617
- and 102077
- */
- prStatus = PR_SetFDInheritable(listen_sock, PR_FALSE);
- if (prStatus != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
-#endif
-#ifdef DEBUG_nelsonb
- WaitForDebugger();
-#endif
- rv = SSL_InheritMPServerSIDCache(envString);
- if (rv != SECSuccess)
- errExit("SSL_InheritMPServerSIDCache");
- } else if (maxProcs > 1) {
- /* we're going to be the parent in a multi-process server. */
- listen_sock = getBoundListenSocket(port);
- rv = SSL_ConfigMPServerSIDCache(NUM_SID_CACHE_ENTRIES, 0, 0, tmp);
- if (rv != SECSuccess)
- errExit("SSL_ConfigMPServerSIDCache");
- beAGoodParent(argc, argv, maxProcs, listen_sock);
- exit(99); /* should never get here */
- } else {
- /* we're an ordinary single process server. */
- listen_sock = getBoundListenSocket(port);
- prStatus = PR_SetFDInheritable(listen_sock, PR_FALSE);
- if (prStatus != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
- rv = SSL_ConfigServerSessionIDCache(NUM_SID_CACHE_ENTRIES, 0, 0, tmp);
- if (rv != SECSuccess)
- errExit("SSL_ConfigServerSessionIDCache");
- }
-
- lm = PR_NewLogModule("TestCase");
-
- if (fileName)
- readBigFile(fileName);
-
- /* set our password function */
- PK11_SetPasswordFunc( passwd ? ownPasswd : SECU_GetModulePassword);
-
- /* Call the libsec initialization routines */
- rv = NSS_Init(dir);
- if (rv != SECSuccess) {
- fputs("NSS_Init failed.\n", stderr);
- exit(8);
- }
-
- /* set the policy bits true for all the cipher suites. */
- if (useExportPolicy)
- NSS_SetExportPolicy();
- else
- NSS_SetDomesticPolicy();
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- const int *cptr;
- int cipher;
-
- if (! isalpha(ndx)) {
- fprintf(stderr,
- "Non-alphabetic char in cipher string (-c arg).\n");
- exit(9);
- }
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED);
- if (status != SECSuccess)
- SECU_PrintError(progName, "SSL_CipherPrefSet()");
- }
- }
- }
-
- if (nickName) {
- cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd);
- if (cert[kt_rsa] == NULL) {
- fprintf(stderr, "selfserv: Can't find certificate %s\n", nickName);
- exit(10);
- }
- privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd);
- if (privKey[kt_rsa] == NULL) {
- fprintf(stderr, "selfserv: Can't find Private Key for cert %s\n",
- nickName);
- exit(11);
- }
- }
- if (fNickName) {
- cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, NULL);
- if (cert[kt_fortezza] == NULL) {
- fprintf(stderr, "selfserv: Can't find certificate %s\n", fNickName);
- exit(12);
- }
- privKey[kt_fortezza] = PK11_FindKeyByAnyCert(cert[kt_fortezza], NULL);
- }
-
- /* allocate the array of thread slots, and launch the worker threads. */
- rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads);
-
- if (rv == SECSuccess && logStats) {
- loggerThread = PR_CreateThread(PR_SYSTEM_THREAD,
- logger, NULL, PR_PRIORITY_NORMAL,
- useLocalThreads ? PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
- PR_UNJOINABLE_THREAD, 0);
- if (loggerThread == NULL) {
- fprintf(stderr, "selfserv: Failed to launch logger thread!\n");
- rv = SECFailure;
- }
- }
-
- if (rv == SECSuccess) {
- server_main(listen_sock, requestCert, privKey, cert);
- }
-
- VLOG(("selfserv: server_thread: exiting"));
-
- {
- int i;
- for (i=0; i<kt_kea_size; i++) {
- if (cert[i]) {
- CERT_DestroyCertificate(cert[i]);
- }
- if (privKey[i]) {
- SECKEY_DestroyPrivateKey(privKey[i]);
- }
- }
- }
-
- if (debugCache) {
- nss_DumpCertificateCacheInfo();
- }
-
- free(nickName);
- free(passwd);
-
- SSL_ShutdownServerSessionIDCache();
-
- if (NSS_Shutdown() != SECSuccess) {
- SECU_PrintError(progName, "NSS_Shutdown");
- PR_Cleanup();
- exit(1);
- }
- PR_Cleanup();
- printf("selfserv: normal termination\n");
- return 0;
-}
diff --git a/security/nss/cmd/shlibsign/Makefile b/security/nss/cmd/shlibsign/Makefile
deleted file mode 100644
index 11b458de9..000000000
--- a/security/nss/cmd/shlibsign/Makefile
+++ /dev/null
@@ -1,110 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#
-# we really should have this driven from a list file made during the normal
-# NSS build prodecure.
-#
-ifndef USE_64
-ifeq ($(OS_TARGET), HP-UX)
- ifneq ($(OS_TEST), ia64)
- LOADABLE_FREEBL= 1
- endif
-endif
-ifeq ($(OS_TARGET), SunOS)
- ifeq ($(CPU_ARCH), sparc)
- LOADABLE_FREEBL = 1
- endif
-endif
-endif
-
-ifdef LOADABLE_FREEBL
- CHECKFILES += freebl_pure32_3.chk freebl_hybrid_3.chk
-endif
-
-CHECKLOC=$(addprefix $(DIST)/lib/$(DLL_PREFIX), $(CHECKFILES))
-
-MD_LIB_RELEASE_FILES = $(CHECKLOC)
-ALL_TRASH += $(CHECKLOC)
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-%.chk: %.$(DLL_SUFFIX)
-ifeq ($(OS_TARGET), OS2)
- @cmd.exe /c sign.cmd $(DIST) $(OBJDIR) $(OS_TARGET) $<
-else
- @sh ./sign.sh $(DIST) $(OBJDIR) $(OS_TARGET) $<
-endif
-
-libs install :: $(CHECKLOC)
-
diff --git a/security/nss/cmd/shlibsign/mangle/Makefile b/security/nss/cmd/shlibsign/mangle/Makefile
deleted file mode 100644
index 7948a4328..000000000
--- a/security/nss/cmd/shlibsign/mangle/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../../platrules.mk
-
diff --git a/security/nss/cmd/shlibsign/mangle/mangle.c b/security/nss/cmd/shlibsign/mangle/mangle.c
deleted file mode 100644
index 7ff34b5e6..000000000
--- a/security/nss/cmd/shlibsign/mangle/mangle.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2003 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program to mangle 1 bit in a binary
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "plstr.h"
-#include "plgetopt.h"
-#include "prio.h"
-
-static PRFileDesc *pr_stderr;
-static void
-usage (char *program_name)
-{
-
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr, "%s -i shared_library_name -o byte_offset -b bit\n", program_name);
-}
-
-
-int
-main (int argc, char **argv)
-{
- /* buffers and locals */
- PLOptState *optstate;
- char *programName;
- char cbuf;
-
- /* parameter set variables */
- const char *libFile = NULL;
- int offset = -1;
- int bitOffset = -1;
-
- /* return values */
- int retval = 2; /* 0 - test succeeded.
- * 1 - illegal args
- * 2 - function failed */
- PRFileDesc *fd;
- int bytesRead;
- int bytesWritten;
- int pos;
-
- programName = PL_strrchr(argv[0], '/');
- programName = programName ? (programName + 1) : argv[0];
-
- pr_stderr = PR_STDERR;
-
- optstate = PL_CreateOptState (argc, argv, "i:o:b:");
- if (optstate == NULL) {
- return 1;
- }
-
- while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'i':
- libFile = optstate->value;
- break;
-
- case 'o':
- offset = atoi(optstate->value);
- break;
-
- case 'b':
- bitOffset = atoi(optstate->value);
- break;
- }
- }
-
- if (libFile == NULL) {
- usage(programName);
- return 1;
- }
- if ((bitOffset >= 8) || (bitOffset < 0)) {
- usage(programName);
- return 1;
- }
-
- if (offset < 0) {
- usage(programName);
- return 1;
- }
-
- /* open the target signature file */
- fd = PR_OpenFile(libFile,PR_RDWR,0666);
- if (fd == NULL ) {
- /* lperror(libFile); */
- PR_fprintf(pr_stderr,"Couldn't Open %s\n",libFile);
- goto loser;
- }
-
- /* read the byte */
- pos = PR_Seek(fd, offset, PR_SEEK_SET);
- if (pos != offset) {
- PR_fprintf(pr_stderr,"Seek for read on %s (to %d) failed\n", libFile, offset);
- goto loser;
- }
- bytesRead = PR_Read(fd, &cbuf, 1);
- if (bytesRead != 1) {
- PR_fprintf(pr_stderr,"Read on %s (to %d) failed\n", libFile, offset);
- goto loser;
- }
-
- PR_fprintf(pr_stderr,"Changing byte 0x%08x (%d): from %02x (%d) to ",
- offset, offset, (unsigned char)cbuf, (unsigned char)cbuf);
- /* change it */
- cbuf ^= 1 << bitOffset;
- PR_fprintf(pr_stderr,"%02x (%d)\n", (
- unsigned char)cbuf, (unsigned char)cbuf);
-
- /* write it back out */
- pos = PR_Seek(fd, offset, PR_SEEK_SET);
- if (pos != offset) {
- PR_fprintf(pr_stderr,"Seek for write on %s (to %d) failed\n", libFile, offset);
- goto loser;
- }
- bytesWritten = PR_Write(fd, &cbuf, 1);
- if (bytesWritten != 1) {
- PR_fprintf(pr_stderr,"Write on %s (to %d) failed\n", libFile, offset);
- goto loser;
- }
-
- PR_Close(fd);
- retval = 0;
-
-
-loser:
-
- PR_Cleanup ();
- return retval;
-}
-
-/*#DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" */
diff --git a/security/nss/cmd/shlibsign/mangle/manifest.mn b/security/nss/cmd/shlibsign/mangle/manifest.mn
deleted file mode 100644
index d850921f0..000000000
--- a/security/nss/cmd/shlibsign/mangle/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\"
-
-CSRCS = \
- mangle.c \
- $(NULL)
-
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES =
-
-PROGRAM = mangle
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/shlibsign/manifest.mn b/security/nss/cmd/shlibsign/manifest.mn
deleted file mode 100644
index 40cdeeff1..000000000
--- a/security/nss/cmd/shlibsign/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\"
-
-CSRCS = \
- shlibsign.c \
- $(NULL)
-
-CHECKFILES = softokn3.chk
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = shlibsign
-
-DIRS = mangle
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/shlibsign/shlibsign.c b/security/nss/cmd/shlibsign/shlibsign.c
deleted file mode 100644
index 6d4af89b4..000000000
--- a/security/nss/cmd/shlibsign/shlibsign.c
+++ /dev/null
@@ -1,427 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for SDR (Secret Decoder Ring) functions.
- *
- * $Id$
- */
-
-#ifdef XP_UNIX
-#define USES_LINKS 1
-#endif
-
-#include "nspr.h"
-#include <stdio.h>
-#include "nss.h"
-#include "secutil.h"
-#include "cert.h"
-#include "pk11func.h"
-
-#include "plgetopt.h"
-#include "pk11sdr.h"
-#include "secrng.h"
-#include "shsign.h"
-#include "pk11pqg.h"
-
-#ifdef USES_LINKS
-#include <unistd.h>
-#include <sys/param.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-
-static void
-usage (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr, "%s [-v] -i shared_library_name\n", program_name);
-}
-
-static char *
-mkoutput(const char *input)
-{
- int in_len = PORT_Strlen(input);
- char *output = PORT_Alloc(in_len+sizeof(SGN_SUFFIX));
- int index = in_len + 1 - sizeof("."SHLIB_SUFFIX);
-
- if ((index > 0) &&
- (PORT_Strncmp(&input[index],
- "."SHLIB_SUFFIX,sizeof("."SHLIB_SUFFIX)) == 0)) {
- in_len = index;
- }
- PORT_Memcpy(output,input,in_len);
- PORT_Memcpy(&output[in_len],SGN_SUFFIX,sizeof(SGN_SUFFIX));
- return output;
-}
-
-
-static void
-lperror(const char *string)
-{
- int errNum = PORT_GetError();
- const char *error = SECU_Strerror(errNum);
- fprintf(stderr,"%s: %s\n",string, error);
-}
-
-static void
-encodeInt(unsigned char *buf, int val)
-{
- buf[3] = (val >> 0) & 0xff;
- buf[2] = (val >> 8) & 0xff;
- buf[1] = (val >> 16) & 0xff;
- buf[0] = (val >> 24) & 0xff;
- return;
-}
-
-static SECStatus
-writeItem(PRFileDesc *fd, SECItem *item, char *file)
-{
- unsigned char buf[4];
- int bytesWritten;
-
- encodeInt(buf,item->len);
- bytesWritten = PR_Write(fd,buf, 4);
- if (bytesWritten != 4) {
- lperror(file);
- return SECFailure;
- }
- bytesWritten = PR_Write(fd, item->data, item->len);
- if (bytesWritten != item->len) {
- lperror(file);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-int
-main (int argc, char **argv)
-{
- int retval = 1; /* 0 - test succeeded. 1 - test failed */
- SECStatus rv;
- PLOptState *optstate;
- char *program_name;
- const char *input_file = NULL; /* read encrypted data from here (or create) */
- char *output_file = NULL; /* write new encrypted data here */
- PRBool verbose = PR_FALSE;
- SECKEYPrivateKey *privk = NULL;
- SECKEYPublicKey *pubk = NULL;
- PK11SlotInfo *slot = NULL;
- PRFileDesc *fd;
- int bytesRead;
- int bytesWritten;
- unsigned char file_buf[512];
- unsigned char hash_buf[SHA1_LENGTH];
- unsigned char sign_buf[40]; /* DSA_LENGTH */
- SECItem hash,sign;
- PK11Context *hashcx = NULL;
- int ks, count=0;
- int keySize = 1024;
- PQGParams *pqgParams = NULL;
- PQGVerify *pqgVerify = NULL;
-#ifdef USES_LINKS
- int ret;
- struct stat stat_buf;
- char link_buf[MAXPATHLEN+1];
- char *link_file = NULL;
-#endif
-
- hash.len = sizeof(hash_buf); hash.data = hash_buf;
- sign.len = sizeof(sign_buf); sign.data = sign_buf;
-
- program_name = PL_strrchr(argv[0], '/');
- program_name = program_name ? (program_name + 1) : argv[0];
-
- optstate = PL_CreateOptState (argc, argv, "d:i:o:v");
- if (optstate == NULL) {
- SECU_PrintError (program_name, "PL_CreateOptState failed");
- return 1;
- }
-
- while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
- switch (optstate->option) {
-#ifdef notdef
- case '?':
- short_usage (program_name);
- return 0;
-
- case 'H':
- long_usage (program_name);
- return 0;
-#endif
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- input_file = optstate->value;
- break;
-
- case 'o':
- output_file = PORT_Strdup(optstate->value);
- break;
-
- case 'v':
- verbose = PR_TRUE;
- break;
- }
- }
-
- if (input_file == NULL) {
- usage(program_name);
- return 1;
- }
-
- /*
- * Initialize the Security libraries.
- */
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- rv = NSS_NoDB_Init("");
- }
- if (rv != SECSuccess) {
- lperror("NSS_Init failed");
- goto prdone;
- }
-
- /* Generate a DSA Key pair */
- slot = PK11_GetBestSlot(CKM_DSA,NULL);
- if (slot == NULL) {
- lperror("CKM_DSA");
- goto loser;
-
- }
- printf("Generating DSA Key Pair...."); fflush(stdout);
- ks = PQG_PBITS_TO_INDEX(keySize);
- rv = PK11_PQG_ParamGen(ks,&pqgParams, &pqgVerify);
- if (rv != SECSuccess) {
- lperror("Generating PQG Params");
- goto loser;
- }
- privk = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN, pqgParams, &pubk,
- PR_FALSE, PR_TRUE, NULL);
- if (privk == NULL) {
- lperror("Generating DSA Key");
- goto loser;
- }
-
- printf("done\n");
-
- /* open the shared library */
- fd = PR_OpenFile(input_file,PR_RDONLY,0);
- if (fd == NULL ) {
- lperror(input_file);
- goto loser;
- }
-#ifdef USES_LINKS
- ret = lstat(input_file, &stat_buf);
- if (ret < 0) {
- perror(input_file);
- goto loser;
- }
- if (S_ISLNK(stat_buf.st_mode)) {
- char *dirpath,*dirend;
- ret = readlink(input_file, link_buf, sizeof(link_buf) - 1);
- if (ret < 0) {
- perror(input_file);
- goto loser;
- }
- link_buf[ret] = 0;
- link_file = mkoutput(input_file);
- /* get the dirname of input_file */
- dirpath = PORT_Strdup(input_file);
- dirend = PORT_Strrchr(dirpath, '/');
- if (dirend) {
- *dirend = '\0';
- ret = chdir(dirpath);
- if (ret < 0) {
- perror(dirpath);
- goto loser;
- }
- }
- PORT_Free(dirpath);
- input_file = link_buf;
- /* get the basename of link_file */
- dirend = PORT_Strrchr(link_file, '/');
- if (dirend) {
- link_file = dirend + 1;
- }
- }
-#endif
- if (output_file == NULL) {
- output_file = mkoutput(input_file);
- }
-
- hashcx = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (hashcx == NULL) {
- lperror("SHA1 Digest Create");
- goto loser;
- }
-
- /* hash the file */
- while ((bytesRead = PR_Read(fd,file_buf,sizeof(file_buf))) > 0) {
- PK11_DigestOp(hashcx,file_buf,bytesRead);
- count += bytesRead;
- }
-
- PR_Close(fd);
- fd = NULL;
- if (bytesRead < 0) {
- lperror(input_file);
- goto loser;
- }
-
-
- PK11_DigestFinal(hashcx, hash.data, &hash.len, hash.len);
-
- if (hash.len != SHA1_LENGTH) {
- fprintf(stderr, "Digest length was not correct\n");
- goto loser;
- }
-
- /* signe the hash */
- rv = PK11_Sign(privk,&sign,&hash);
- if (rv != SECSuccess) {
- lperror("Signing");
- goto loser;
- }
-
- if (verbose) {
- int i,j;
- fprintf(stderr,"Library File: %s %d bytes\n",input_file, count);
- fprintf(stderr,"Check File: %s\n",output_file);
-#ifdef USES_LINKS
- if (link_file) {
- fprintf(stderr,"Link: %s\n",link_file);
- }
-#endif
- fprintf(stderr," hash: %d bytes\n", hash.len);
-#define STEP 10
- for (i=0; i < hash.len; i += STEP) {
- fprintf(stderr," ");
- for (j=0; j < STEP && (i+j) < hash.len; j++) {
- fprintf(stderr," %02x", hash.data[i+j]);
- }
- fprintf(stderr,"\n");
- }
- fprintf(stderr," signature: %d bytes\n", sign.len);
- for (i=0; i < sign.len; i += STEP) {
- fprintf(stderr," ");
- for (j=0; j < STEP && (i+j) < sign.len; j++) {
- fprintf(stderr," %02x", sign.data[i+j]);
- }
- fprintf(stderr,"\n");
- }
- }
-
- /* open the target signature file */
- fd = PR_OpenFile(output_file,PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE,0666);
- if (fd == NULL ) {
- lperror(output_file);
- goto loser;
- }
-
- /*
- * we write the key out in a straight binary format because very
- * low level libraries need to read an parse this file. Ideally we should
- * just derEncode the public key (which would be pretty simple, and be
- * more general), but then we'd need to link the ASN.1 decoder with the
- * freebl libraries.
- */
-
- file_buf[0] = NSS_SIGN_CHK_MAGIC1;
- file_buf[1] = NSS_SIGN_CHK_MAGIC2;
- file_buf[2] = NSS_SIGN_CHK_MAJOR_VERSION;
- file_buf[3] = NSS_SIGN_CHK_MINOR_VERSION;
- encodeInt(&file_buf[4],12); /* offset to data start */
- encodeInt(&file_buf[8],CKK_DSA);
- bytesWritten = PR_Write(fd,file_buf, 12);
- if (bytesWritten != 12) {
- lperror(output_file);
- goto loser;
- }
-
- rv = writeItem(fd,&pubk->u.dsa.params.prime,output_file);
- if (rv != SECSuccess) goto loser;
- rv = writeItem(fd,&pubk->u.dsa.params.subPrime,output_file);
- if (rv != SECSuccess) goto loser;
- rv = writeItem(fd,&pubk->u.dsa.params.base,output_file);
- if (rv != SECSuccess) goto loser;
- rv = writeItem(fd,&pubk->u.dsa.publicValue,output_file);
- if (rv != SECSuccess) goto loser;
- rv = writeItem(fd,&sign,output_file);
- if (rv != SECSuccess) goto loser;
-
- PR_Close(fd);
-
-#ifdef USES_LINKS
- if (link_file) {
- (void)unlink(link_file);
- ret = symlink(output_file, link_file);
- if (ret < 0) {
- perror(link_file);
- goto loser;
- }
- }
-#endif
-
- retval = 0;
-
-loser:
- if (hashcx) {
- PK11_DestroyContext(hashcx, PR_TRUE);
- }
- if (privk) {
- SECKEY_DestroyPrivateKey(privk);
- }
- if (pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
-prdone:
- PR_Cleanup ();
- return retval;
-}
diff --git a/security/nss/cmd/shlibsign/sign.cmd b/security/nss/cmd/shlibsign/sign.cmd
deleted file mode 100644
index 612609de9..000000000
--- a/security/nss/cmd/shlibsign/sign.cmd
+++ /dev/null
@@ -1,19 +0,0 @@
-/* Equivalent to sign.sh for OS/2 */
-PARSE ARG dist objdir os_target therest
-dist=forwardtoback(dist);
-objdir=forwardtoback(objdir);
-'echo 'dist
-'echo 'objdir
-'set BEGINLIBPATH='dist'\lib;%BEGINLIBPATH%'
-'set LIBPATHSTRICT=T'
-objdir'\shlibsign -v -i 'therest
-exit
-
-forwardtoback: procedure
- arg pathname
- parse var pathname pathname'/'rest
- do while (rest <> "")
- pathname = pathname'\'rest
- parse var pathname pathname'/'rest
- end
- return pathname
diff --git a/security/nss/cmd/shlibsign/sign.sh b/security/nss/cmd/shlibsign/sign.sh
deleted file mode 100644
index 9a5d79fc9..000000000
--- a/security/nss/cmd/shlibsign/sign.sh
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/sh
-case "${3}" in
-WIN*)
- if echo "${PATH}" | grep -c \; >/dev/null; then
- PATH=${PATH}\;${1}/bin\;${1}/lib
- else
- # ARG1 is ${1} with the drive letter escaped.
- if echo "${1}" | grep -c : >/dev/null; then
- ARG1=`(cd ${1}; pwd)`
- else
- ARG1=${1}
- fi
- PATH=${PATH}:${ARG1}/bin:${ARG1}/lib
- fi
- export PATH
- echo ${2}/shlibsign -v -i ${4}
- ${2}/shlibsign -v -i ${4}
- ;;
-OpenVMS)
- temp="tmp$$.tmp"
- temp2="tmp$$.tmp2"
- cd ${1}/lib
- vmsdir=`dcl show default`
- ls *.so > $temp
- sed -e "s/\([^\.]*\)\.so/\$ define\/job \1 ${vmsdir}\1.so/" $temp > $temp2
- echo '$ define/job getipnodebyname xxx' >> $temp2
- echo '$ define/job vms_null_dl_name sys$share:decc$shr' >> $temp2
- dcl @$temp2
- echo ${2}/shlibsign -v -i ${4}
- ${2}/shlibsign -v -i ${4}
- sed -e "s/\([^\.]*\)\.so/\$ deass\/job \1/" $temp > $temp2
- echo '$ deass/job getipnodebyname' >> $temp2
- echo '$ deass/job vms_null_dl_name' >> $temp2
- dcl @$temp2
- rm $temp $temp2
- ;;
-*)
- LIBPATH=`(cd ${1}/lib; pwd)`:$LIBPATH
- export LIBPATH
- SHLIB_PATH=${1}/lib:$SHLIB_PATH
- export SHLIB_PATH
- LD_LIBRARY_PATH=${1}/lib:$LD_LIBRARY_PATH
- export LD_LIBRARY_PATH
- DYLD_LIBRARY_PATH=${1}/lib:$DYLD_LIBRARY_PATH
- export DYLD_LIBRARY_PATH
- LIBRARY_PATH=${1}/lib:$LIBRARY_PATH
- export LIBRARY_PATH
- echo ${2}/shlibsign -v -i ${4}
- ${2}/shlibsign -v -i ${4}
- ;;
-esac
diff --git a/security/nss/cmd/signtool/Makefile b/security/nss/cmd/signtool/Makefile
deleted file mode 100644
index e4a3a6069..000000000
--- a/security/nss/cmd/signtool/Makefile
+++ /dev/null
@@ -1,71 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/signtool/README b/security/nss/cmd/signtool/README
deleted file mode 100644
index 2bdb705c7..000000000
--- a/security/nss/cmd/signtool/README
+++ /dev/null
@@ -1,119 +0,0 @@
- Signing Tool (signtool)
- 1.3 Release Notes
- ========================================
-
-Documentation is provided online at mozilla.org
-
-Problems or questions not covered by the online documentation can be
-discussed in the DevEdge Security Newsgroup.
-
-=== New Features in 1.3
-=======================
-
-The security library components have been upgraded to utilize NSS_2_7_1_RTM.
-This means that the maximum RSA keysize now supported should be 4096 bits.
-
-=== Zigbert 0.6 Support
-=======================
-This program was previously named Zigbert. The last version of zigbert
-was Zigbert 0.6. Because all the functionality of Zigbert is maintained in
-signtool 1.2, Zigbert is no longer supported. If you have problems
-using Zigbert, please upgrade to signtool 1.2.
-
-=== New Features in 1.2
-=======================
-
-Certificate Generation Improvements
------------------------------------
-Two new options have been added to control generation of self-signed object
-signing certificates with the -G option. The -s option takes the size (in bits)
-of the generated RSA private key. The -t option takes the name of the PKCS #11
-token on which to generate the keypair and install the certificate. Both
-options are optional. By default, the private key is 1024 bits and is generated
-on the internal software token.
-
-
-=== New Features in 1.1
-=======================
-
-File I/O
---------
-Signtool can now read its options from a command file specified with the -f
-option on the command line. The format for the file is described in the
-documentation.
-Error messages and informational output can be redirected to an output file
-by supplying the "--outfile" option on the command line or the "outfile="
-option in the command file.
-
-New Options
------------
-"--norecurse" tells Signtool not to recurse into subdirectories when signing
-directories or parsing HTML with the -J option.
-"--leavearc" tells Signtool not to delete the temporary .arc directories
-produced by the -J option. This can aid debugging.
-"--verbosity" tells Signtool how much information to display. 0 is the
-default. -1 suppresses most messages, except for errors.
-
-=== Bug Fixes in 1.1
-====================
-
--J option revamped
-------------------
-The -J option, which parses HTML files, extracts Java and Javascript code,
-and stores them in signed JAR files, has been re-implemented. Several bugs
-have been fixed:
-- CODEBASE attribute is no longer ignored
-- CLASS and SRC attributes can be be paths ("xxx/xxx/x.class") rather than
- just filenames ("x.class").
-- LINK tags are handled correctly
-- various HTML parsing bugs fixed
-- error messages are more informative
-
-No Password on Key Database
----------------------------
-If you had not yet set a Communicator password (which locks key3.db, the
-key database), signtool would fail with a cryptic error message whenever it
-attempted to verify the password. Now this condition is detected at the
-beginning of the program, and a more informative message is displayed.
-
--x and -e Options
------------------
-Previously, only one of each of these options could be specified on the command
-line. Now arbitrarily many can be specified. For example, to sign only files
-with .class or .js extensions, the arguments "-eclass -ejs" could both be
-specified. To exclude the directories "subdir1" and "subdir2" from signing,
-the arguments "-x subdir1 -x subdir2" could both be specified.
-
-New Features in 1.0
-===================
-
-Creation of JAR files
-----------------------
-The -Z option causes signtool to output a JAR file formed by storing the
-signed archive in ZIP format. This eliminates the need to use a separate ZIP
-utility. The -c option specifies the compression level of the resulting
-JAR file.
-
-Generation of Object-Signing Certificates and Keys
---------------------------------------------------
-The -G option will create a new, self-signed object-signing certificate
-which can be used for testing purposes. The generated certificate and
-associated public and private keys will be installed in the cert7.db and
-key3.db files in the directory specified with the -d option (unless the key
-is generated on an external token using the -t option). On Unix systems,
-if no directory is specified, the user's Netscape directory (~/.netscape)
-will be used. In addition, the certificate is output in X509 format to the
-files x509.raw and x509.cacert in the current directory. x509.cacert can
-be published on a web page and imported into browsers that visit that page.
-
-Extraction and Signing of JavaScript from HTML
-----------------------------------------------
-The -J option activates the same functionality provided by the signpages
-Perl script. It will parse a directory of html files, creating archives
-of the JavaScript called from the HTML. These archives are then signed and
-made into JAR files.
-
-Enhanced Smart Card Support
----------------------------
-Certificates that reside on smart cards are displayed when using the -L and
--l options.
diff --git a/security/nss/cmd/signtool/certgen.c b/security/nss/cmd/signtool/certgen.c
deleted file mode 100644
index 4687a7841..000000000
--- a/security/nss/cmd/signtool/certgen.c
+++ /dev/null
@@ -1,713 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-
-#include "secoid.h"
-#include "cryptohi.h"
-#include "certdb.h"
-
-static char* GetSubjectFromUser(unsigned long serial);
-static CERTCertificate* GenerateSelfSignedObjectSigningCert(char *nickname,
- CERTCertDBHandle *db, char *subject, unsigned long serial, int keysize,
- char *token);
-static SECStatus ChangeTrustAttributes(CERTCertDBHandle *db,
- CERTCertificate *cert, char *trusts);
-static SECStatus set_cert_type(CERTCertificate *cert, unsigned int type);
-static SECItem *sign_cert(CERTCertificate *cert, SECKEYPrivateKey *privk);
-static CERTCertificate* install_cert(CERTCertDBHandle *db, SECItem *derCert,
- char *nickname);
-static SECStatus GenerateKeyPair(PK11SlotInfo *slot, SECKEYPublicKey **pubk,
- SECKEYPrivateKey **privk, int keysize);
-static CERTCertificateRequest* make_cert_request(char *subject,
- SECKEYPublicKey *pubk);
-static CERTCertificate * make_cert(CERTCertificateRequest *req,
- unsigned long serial, CERTName *ca_subject);
-static void output_ca_cert (CERTCertificate *cert, CERTCertDBHandle *db);
-
-
-/***********************************************************************
- *
- * G e n e r a t e C e r t
- *
- * Runs the whole process of creating a new cert, getting info from the
- * user, etc.
- */
-int
-GenerateCert(char *nickname, int keysize, char *token)
-{
- CERTCertDBHandle *db;
- CERTCertificate *cert;
- char *subject;
- unsigned long serial;
- char stdinbuf[160];
-
- /* Print warning about having the browser open */
- PR_fprintf(PR_STDOUT /*always go to console*/,
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit the browser before continuing this operation. Enter "
-"\n\"y\" to continue, or anything else to abort: ");
- pr_fgets(stdinbuf, 160, PR_STDIN);
- PR_fprintf(PR_STDOUT, "\n");
- if(tolower(stdinbuf[0]) != 'y') {
- PR_fprintf(errorFD, "Operation aborted at user's request.\n");
- errorCount++;
- return -1;
- }
-
- db = CERT_GetDefaultCertDB();
- if(!db) {
- FatalError("Unable to open certificate database");
- }
-
- if(PK11_FindCertFromNickname(nickname, NULL)) {
- PR_fprintf(errorFD,
-"ERROR: Certificate with nickname \"%s\" already exists in database. You\n"
-"must choose a different nickname.\n", nickname);
- errorCount++;
- exit(ERRX);
- }
-
- LL_L2UI(serial, PR_Now());
-
- subject = GetSubjectFromUser(serial);
-
- cert = GenerateSelfSignedObjectSigningCert(nickname, db, subject,
- serial, keysize, token);
-
- if(cert) {
- output_ca_cert(cert, db);
- CERT_DestroyCertificate(cert);
- }
-
- PORT_Free(subject);
- return 0;
-}
-
-#undef VERBOSE_PROMPTS
-
-/*********************************************************************8
- * G e t S u b j e c t F r o m U s e r
- *
- * Construct the subject information line for a certificate by querying
- * the user on stdin.
- */
-static char*
-GetSubjectFromUser(unsigned long serial)
-{
- char buf[STDIN_BUF_SIZE];
- char common_name_buf[STDIN_BUF_SIZE];
- char *common_name, *state, *orgunit, *country, *org, *locality;
- char *email, *uid;
- char *subject;
- char *cp;
- int subjectlen=0;
-
- common_name = state = orgunit = country = org = locality = email =
- uid = subject = NULL;
-
- /* Get subject information */
- PR_fprintf(PR_STDOUT,
-"\nEnter certificate information. All fields are optional. Acceptable\n"
-"characters are numbers, letters, spaces, and apostrophes.\n");
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nCOMMON NAME\n"
-"Enter the full name you want to give your certificate. (Example: Test-Only\n"
-"Object Signing Certificate)\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "certificate common name: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp == '\0') {
- sprintf(common_name_buf, "%s (%lu)", DEFAULT_COMMON_NAME, serial);
- cp = common_name_buf;
- }
- common_name = PORT_ZAlloc(strlen(cp) + 6);
- if(!common_name) {out_of_memory();}
- sprintf(common_name, "CN=%s, ", cp);
- subjectlen += strlen(common_name);
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nORGANIZATION NAME\n"
-"Enter the name of your organization. For example, this could be the name\n"
-"of your company.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "organization: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- org = PORT_ZAlloc(strlen(cp) + 5);
- if(!org) {out_of_memory();}
- sprintf(org, "O=%s, ", cp);
- subjectlen += strlen(org);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nORGANIZATION UNIT\n"
-"Enter the name of your organization unit. For example, this could be the\n"
-"name of your department.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "organization unit: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- orgunit = PORT_ZAlloc(strlen(cp)+6);
- if(!orgunit) {out_of_memory();}
- sprintf(orgunit, "OU=%s, ", cp);
- subjectlen += strlen(orgunit);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nSTATE\n"
-"Enter the name of your state or province.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "state or province: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- state = PORT_ZAlloc(strlen(cp)+6);
- if(!state) {out_of_memory();}
- sprintf(state, "ST=%s, ", cp);
- subjectlen += strlen(state);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nCOUNTRY\n"
-"Enter the 2-character abbreviation for the name of your country.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "country (must be exactly 2 characters): ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(cp);
- if(strlen(cp) != 2) {
- *cp = '\0'; /* country code must be 2 chars */
- }
- if(*cp != '\0') {
- country = PORT_ZAlloc(strlen(cp)+5);
- if(!country) {out_of_memory();}
- sprintf(country, "C=%s, ", cp);
- subjectlen += strlen(country);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nUSERNAME\n"
-"Enter your system username or UID\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "username: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- uid = PORT_ZAlloc(strlen(cp)+7);
- if(!uid) {out_of_memory();}
- sprintf(uid, "UID=%s, ", cp);
- subjectlen += strlen(uid);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nEMAIL ADDRESS\n"
-"Enter your email address.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "email address: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- email = PORT_ZAlloc(strlen(cp)+5);
- if(!email) {out_of_memory();}
- sprintf(email, "E=%s,", cp);
- subjectlen += strlen(email);
- }
-
- subjectlen++;
-
- subject = PORT_ZAlloc(subjectlen);
- if(!subject) {out_of_memory();}
-
- sprintf(subject, "%s%s%s%s%s%s%s",
- common_name ? common_name : "",
- org ? org : "",
- orgunit ? orgunit : "",
- state ? state : "",
- country ? country : "",
- uid ? uid : "",
- email ? email : ""
- );
- if( (strlen(subject) > 1) && (subject[strlen(subject)-1] == ' ') ) {
- subject[strlen(subject)-2] = '\0';
- }
-
- PORT_Free(common_name);
- PORT_Free(org);
- PORT_Free(orgunit);
- PORT_Free(state);
- PORT_Free(country);
- PORT_Free(uid);
- PORT_Free(email);
-
- return subject;
-}
-
-/**************************************************************************
- *
- * G e n e r a t e S e l f S i g n e d O b j e c t S i g n i n g C e r t
- * *phew*^
- *
- */
-static CERTCertificate*
-GenerateSelfSignedObjectSigningCert(char *nickname, CERTCertDBHandle *db,
- char *subject, unsigned long serial, int keysize, char *token)
-{
- CERTCertificate *cert, *temp_cert;
- SECItem *derCert;
- CERTCertificateRequest *req;
-
- PK11SlotInfo *slot = NULL;
- SECKEYPrivateKey *privk = NULL;
- SECKEYPublicKey *pubk = NULL;
-
- if( token ) {
- slot = PK11_FindSlotByName(token);
- } else {
- slot = PK11_GetInternalKeySlot();
- }
-
- if (slot == NULL) {
- PR_fprintf(errorFD, "Can't find PKCS11 slot %s\n",
- token ? token : "");
- errorCount++;
- exit (ERRX);
- }
-
- if( GenerateKeyPair(slot, &pubk, &privk, keysize) != SECSuccess) {
- FatalError("Error generating keypair.");
- }
- req = make_cert_request (subject, pubk);
- temp_cert = make_cert (req, serial, &req->subject);
- if(set_cert_type(temp_cert,
- NS_CERT_TYPE_OBJECT_SIGNING | NS_CERT_TYPE_OBJECT_SIGNING_CA)
- != SECSuccess) {
- FatalError("Unable to set cert type");
- }
-
- derCert = sign_cert (temp_cert, privk);
- cert = install_cert(db, derCert, nickname);
- if(ChangeTrustAttributes(db, cert, ",,uC") != SECSuccess) {
- FatalError("Unable to change trust on generated certificate");
- }
-
- /* !!! Free memory ? !!! */
- PK11_FreeSlot(slot);
- SECKEY_DestroyPrivateKey(privk);
- SECKEY_DestroyPublicKey(pubk);
-
- return cert;
-}
-
-/**************************************************************************
- *
- * C h a n g e T r u s t A t t r i b u t e s
- */
-static SECStatus
-ChangeTrustAttributes(CERTCertDBHandle *db, CERTCertificate *cert, char *trusts)
-{
-
- CERTCertTrust *trust;
-
- if(!db || !cert || !trusts) {
- PR_fprintf(errorFD,"ChangeTrustAttributes got incomplete arguments.\n");
- errorCount++;
- return SECFailure;
- }
-
- trust = (CERTCertTrust*) PORT_ZAlloc(sizeof(CERTCertTrust));
- if(!trust) {
- PR_fprintf(errorFD, "ChangeTrustAttributes unable to allocate "
- "CERTCertTrust\n");
- errorCount++;
- return SECFailure;
- }
-
- if( CERT_DecodeTrustString(trust, trusts) ) {
- return SECFailure;
- }
-
- if( CERT_ChangeCertTrust(db, cert, trust) ) {
- PR_fprintf(errorFD, "unable to modify trust attributes for cert %s\n",
- cert->nickname ? cert->nickname : "");
- errorCount++;
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/*************************************************************************
- *
- * s e t _ c e r t _ t y p e
- */
-static SECStatus
-set_cert_type(CERTCertificate *cert, unsigned int type)
-{
- void *context;
- SECStatus status = SECSuccess;
- SECItem certType;
- char ctype;
-
- context = CERT_StartCertExtensions(cert);
-
- certType.type = siBuffer;
- certType.data = (unsigned char*) &ctype;
- certType.len = 1;
- ctype = (unsigned char)type;
- if(CERT_EncodeAndAddBitStrExtension(context, SEC_OID_NS_CERT_EXT_CERT_TYPE,
- &certType, PR_TRUE /*critical*/) != SECSuccess) {
- status = SECFailure;
- }
-
- if(CERT_FinishExtensions(context) != SECSuccess) {
- status = SECFailure;
- }
-
- return status;
-}
-
-/********************************************************************
- *
- * s i g n _ c e r t
- */
-static SECItem *
-sign_cert(CERTCertificate *cert, SECKEYPrivateKey *privk)
-{
- SECStatus rv;
-
- SECItem der2;
- SECItem *result2;
-
- void *dummy;
- SECOidTag alg = SEC_OID_UNKNOWN;
-
- switch (privk->keyType)
- {
- case rsaKey:
- alg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
-
- case dsaKey:
- alg = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- FatalError("Unknown key type");
- }
- PORT_Assert(alg != SEC_OID_UNKNOWN);
-
- rv = SECOID_SetAlgorithmID (cert->arena, &cert->signature, alg, 0);
-
- if (rv != SECSuccess)
- {
- PR_fprintf(errorFD, "%s: unable to set signature alg id\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- der2.len = 0;
- der2.data = NULL;
-
- dummy = SEC_ASN1EncodeItem
- (cert->arena, &der2, cert, CERT_CertificateTemplate);
-
- if (rv != SECSuccess)
- {
- PR_fprintf(errorFD, "%s: error encoding cert\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- result2 = (SECItem *) PORT_ArenaZAlloc (cert->arena, sizeof (SECItem));
- if (result2 == NULL)
- out_of_memory();
-
- rv = SEC_DerSignData
- (cert->arena, result2, der2.data, der2.len, privk, alg);
-
- if (rv != SECSuccess)
- {
- PR_fprintf(errorFD, "can't sign encoded certificate data\n");
- errorCount++;
- exit (ERRX);
- }
- else if(verbosity >= 0) {
- PR_fprintf(outputFD, "certificate has been signed\n");
- }
-
- cert->derCert = *result2;
-
- return result2;
-}
-
-/*********************************************************************
- *
- * i n s t a l l _ c e r t
- *
- * Installs the cert in the permanent database.
- */
-static CERTCertificate*
-install_cert(CERTCertDBHandle *db, SECItem *derCert, char *nickname)
-{
- CERTCertificate *newcert;
- PK11SlotInfo *newSlot;
-
- newcert = CERT_DecodeDERCertificate(derCert, PR_TRUE, NULL);
-
- if (newcert == NULL) {
- PR_fprintf(errorFD, "%s: can't create new certificate\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- newSlot = PK11_ImportCertForKey(newcert, nickname, NULL /*wincx*/);
- if( newSlot == NULL ) {
- PR_fprintf(errorFD, "Unable to install certificate\n");
- errorCount++;
- exit(ERRX);
- }
- PK11_FreeSlot(newSlot);
-
- if(verbosity >= 0){
- PR_fprintf(outputFD, "certificate \"%s\" added to database\n", nickname);
- }
-
- return newcert;
-}
-
-/******************************************************************
- *
- * G e n e r a t e K e y P a i r
- */
-static SECStatus
-GenerateKeyPair(PK11SlotInfo *slot, SECKEYPublicKey **pubk,
- SECKEYPrivateKey **privk, int keysize)
-{
-
- PK11RSAGenParams rsaParams;
-
- if( keysize == -1 ) {
- rsaParams.keySizeInBits = DEFAULT_RSA_KEY_SIZE;
- } else {
- rsaParams.keySizeInBits = keysize;
- }
- rsaParams.pe = 0x10001;
-
- if(PK11_Authenticate( slot, PR_FALSE /*loadCerts*/, NULL /*wincx*/)
- != SECSuccess) {
- SECU_PrintError(progName, "failure authenticating to key database.\n");
- exit(ERRX);
- }
-
- *privk = PK11_GenerateKeyPair (slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &rsaParams,
- pubk, PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/, NULL /*wincx*/ );
-
- if (*privk != NULL && *pubk != NULL) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "generated public/private key pair\n");
- }
- } else {
- SECU_PrintError(progName, "failure generating key pair\n");
- exit (ERRX);
- }
-
- return SECSuccess;
-}
-
-/******************************************************************
- *
- * m a k e _ c e r t _ r e q u e s t
- */
-static CERTCertificateRequest*
-make_cert_request(char *subject, SECKEYPublicKey *pubk)
-{
- CERTName *subj;
- CERTSubjectPublicKeyInfo *spki;
-
- CERTCertificateRequest *req;
-
- /* Create info about public key */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if (!spki) {
- SECU_PrintError(progName, "unable to create subject public key");
- exit (ERRX);
- }
-
- subj = CERT_AsciiToName (subject);
- if(subj == NULL) {
- FatalError("Invalid data in certificate description");
- }
-
- /* Generate certificate request */
- req = CERT_CreateCertificateRequest(subj, spki, 0);
- if (!req) {
- SECU_PrintError(progName, "unable to make certificate request");
- exit (ERRX);
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "certificate request generated\n");
- }
-
- return req;
-}
-
-/******************************************************************
- *
- * m a k e _ c e r t
- */
-static CERTCertificate *
-make_cert(CERTCertificateRequest *req, unsigned long serial,
- CERTName *ca_subject)
-{
- CERTCertificate *cert;
-
- CERTValidity *validity = NULL;
-
- PRTime now, after;
- PRExplodedTime printableTime;
-
- now = PR_Now();
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-
- printableTime.tm_month += 3;
- after = PR_ImplodeTime (&printableTime);
-
- validity = CERT_CreateValidity (now, after);
-
- if (validity == NULL)
- {
- PR_fprintf(errorFD, "%s: error creating certificate validity\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- cert = CERT_CreateCertificate
- (serial, ca_subject, validity, req);
-
- if (cert == NULL)
- {
- /* should probably be more precise here */
- PR_fprintf(errorFD, "%s: error while generating certificate\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- return cert;
- }
-
-/*************************************************************************
- *
- * o u t p u t _ c a _ c e r t
- */
-static void
-output_ca_cert (CERTCertificate *cert, CERTCertDBHandle *db)
- {
- FILE *out;
-
- SECItem *encodedCertChain;
- SEC_PKCS7ContentInfo *certChain;
- char *filename;
-
- /* the raw */
-
- filename = PORT_ZAlloc(strlen(DEFAULT_X509_BASENAME)+8);
- if(!filename) out_of_memory();
-
- sprintf(filename, "%s.raw", DEFAULT_X509_BASENAME);
- if ((out = fopen (filename, "wb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename);
- errorCount++;
- exit(ERRX);
- }
-
- certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, db);
- encodedCertChain
- = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL, NULL);
- SEC_PKCS7DestroyContentInfo (certChain);
-
- if (encodedCertChain)
- {
- fprintf(out, "Content-type: application/x-x509-ca-cert\n\n");
- fwrite (encodedCertChain->data, 1, encodedCertChain->len, out);
- SECITEM_FreeItem(encodedCertChain, PR_TRUE);
- }
- else {
- PR_fprintf(errorFD, "%s: Can't DER encode this certificate\n", PROGRAM_NAME);
- errorCount++;
- exit(ERRX);
- }
-
- fclose (out);
-
- /* and the cooked */
-
- sprintf(filename, "%s.cacert", DEFAULT_X509_BASENAME);
- if ((out = fopen (filename, "wb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename);
- errorCount++;
- return;
- }
-
- fprintf (out, "%s\n%s\n%s\n",
- NS_CERT_HEADER,
- BTOA_DataToAscii (cert->derCert.data, cert->derCert.len),
- NS_CERT_TRAILER);
-
- fclose (out);
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Exported certificate to %s.raw and %s.cacert.\n",
- DEFAULT_X509_BASENAME, DEFAULT_X509_BASENAME);
- }
-}
diff --git a/security/nss/cmd/signtool/javascript.c b/security/nss/cmd/signtool/javascript.c
deleted file mode 100644
index 142a9751a..000000000
--- a/security/nss/cmd/signtool/javascript.c
+++ /dev/null
@@ -1,1790 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include <prmem.h>
-#include <prio.h>
-#include <prenv.h>
-
-static int javascript_fn(char *relpath, char *basedir, char *reldir,
- char *filename, void *arg);
-static int extract_js (char *filename);
-static int copyinto (char *from, char *to);
-static PRStatus ensureExists (char *base, char *path);
-static int make_dirs(char *path, PRInt32 file_perms);
-
-static char *jartree = NULL;
-static int idOrdinal;
-static PRBool dumpParse=PR_FALSE;
-
-static char *event_handlers[] = {
-"onAbort",
-"onBlur",
-"onChange",
-"onClick",
-"onDblClick",
-"onDragDrop",
-"onError",
-"onFocus",
-"onKeyDown",
-"onKeyPress",
-"onKeyUp",
-"onLoad",
-"onMouseDown",
-"onMouseMove",
-"onMouseOut",
-"onMouseOver",
-"onMouseUp",
-"onMove",
-"onReset",
-"onResize",
-"onSelect",
-"onSubmit",
-"onUnload"
-};
-static int num_handlers = 23;
-
-/*
- * I n l i n e J a v a S c r i p t
- *
- * Javascript signing. Instead of passing an archive to signtool,
- * a directory containing html files is given. Archives are created
- * from the archive= and src= tag attributes inside the html,
- * as appropriate. Then the archives are signed.
- *
- */
-int
-InlineJavaScript(char *dir, PRBool recurse)
-{
- jartree = dir;
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "\nGenerating inline signatures from HTML files in: %s\n", dir);
- }
- if(PR_GetEnv("SIGNTOOL_DUMP_PARSE")) {
- dumpParse = PR_TRUE;
- }
-
- return foreach(dir, "", javascript_fn, recurse, PR_FALSE /*include dirs*/,
- (void*)NULL);
-
-}
-
-/************************************************************************
- *
- * j a v a s c r i p t _ f n
- */
-static int javascript_fn
- (char *relpath, char *basedir, char *reldir, char *filename, void *arg)
-{
- char fullname [FNSIZE];
-
- /* only process inline scripts from .htm, .html, and .shtml*/
-
- if(! (PL_strcaserstr(filename, ".htm") == filename + strlen(filename) -4) &&
- ! (PL_strcaserstr(filename, ".html") == filename + strlen(filename) -5)&&
- ! (PL_strcaserstr(filename, ".shtml") == filename + strlen(filename)-6)){
- return 0;
- }
-
- /* don't process scripts that signtool has already
- extracted (those that are inside .arc directories) */
-
- if(PL_strcaserstr(filename, ".arc") == filename + strlen(filename) - 4)
- return 0;
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Processing HTML file: %s\n", relpath);
- }
-
- /* reset firstArchive at top of each HTML file */
-
- /* skip directories that contain extracted scripts */
-
- if(PL_strcaserstr(reldir, ".arc") == reldir + strlen(reldir) - 4)
- return 0;
-
- sprintf (fullname, "%s/%s", basedir, relpath);
- return extract_js (fullname);
-}
-
-/*===========================================================================
- =
- = D A T A S T R U C T U R E S
- =
-*/
-typedef enum {
- TEXT_HTML_STATE=0,
- SCRIPT_HTML_STATE
-} HTML_STATE ;
-
-typedef enum {
- /* we start in the start state */
- START_STATE,
-
- /* We are looking for or reading in an attribute */
- GET_ATT_STATE,
-
- /* We're burning ws before finding an attribute */
- PRE_ATT_WS_STATE,
-
- /* We're burning ws after an attribute. Looking for an '='. */
- POST_ATT_WS_STATE,
-
- /* We're burning ws after an '=', waiting for a value */
- PRE_VAL_WS_STATE,
-
- /* We're reading in a value */
- GET_VALUE_STATE,
-
- /* We're reading in a value that's inside quotes */
- GET_QUOTED_VAL_STATE,
-
- /* We've encountered the closing '>' */
- DONE_STATE,
-
- /* Error state */
- ERR_STATE
-} TAG_STATE ;
-
-typedef struct AVPair_Str {
- char *attribute;
- char *value;
- unsigned int valueLine; /* the line that the value ends on */
- struct AVPair_Str *next;
-} AVPair;
-
-typedef enum {
- APPLET_TAG,
- SCRIPT_TAG,
- LINK_TAG,
- STYLE_TAG,
- COMMENT_TAG,
- OTHER_TAG
-} TAG_TYPE ;
-
-typedef struct {
- TAG_TYPE type;
- AVPair *attList;
- AVPair *attListTail;
- char *text;
-} TagItem;
-
-typedef enum {
- TAG_ITEM,
- TEXT_ITEM
-} ITEM_TYPE ;
-
-typedef struct HTMLItem_Str{
- unsigned int startLine;
- unsigned int endLine;
- ITEM_TYPE type;
- union {
- TagItem *tag;
- char *text;
- } item;
- struct HTMLItem_Str *next;
-} HTMLItem;
-
-typedef struct {
- PRFileDesc *fd;
- PRInt32 curIndex;
- PRBool IsEOF;
-#define FILE_BUFFER_BUFSIZE 512
- char buf[FILE_BUFFER_BUFSIZE];
- PRInt32 startOffset;
- PRInt32 maxIndex;
- unsigned int lineNum;
-} FileBuffer;
-
-/*===========================================================================
- =
- = F U N C T I O N S
- =
-*/
-static HTMLItem* CreateTextItem(char *text, unsigned int startline,
- unsigned int endline);
-static HTMLItem* CreateTagItem(TagItem* ti, unsigned int startline,
- unsigned int endline);
-static TagItem* ProcessTag(FileBuffer* fb, char **errStr);
-static void DestroyHTMLItem(HTMLItem *item);
-static void DestroyTagItem(TagItem* ti);
-static TAG_TYPE GetTagType(char *att);
-static FileBuffer* FB_Create(PRFileDesc* fd);
-static int FB_GetChar(FileBuffer *fb);
-static PRInt32 FB_GetPointer(FileBuffer *fb);
-static PRInt32 FB_GetRange(FileBuffer *fb, PRInt32 start, PRInt32 end,
- char **buf);
-static unsigned int FB_GetLineNum(FileBuffer *fb);
-static void FB_Destroy(FileBuffer *fb);
-static void PrintTagItem(PRFileDesc *fd, TagItem *ti);
-static void PrintHTMLStream(PRFileDesc *fd, HTMLItem *head);
-
-/************************************************************************
- *
- * C r e a t e T e x t I t e m
- */
-static HTMLItem*
-CreateTextItem(char *text, unsigned int startline, unsigned int endline)
-{
- HTMLItem *item;
-
- item = PR_Malloc(sizeof(HTMLItem));
- if(!item) {
- return NULL;
- }
-
- item->type = TEXT_ITEM;
- item->item.text = text;
- item->next = NULL;
- item->startLine = startline;
- item->endLine = endline;
-
- return item;
-}
-
-/************************************************************************
- *
- * C r e a t e T a g I t e m
- */
-static HTMLItem*
-CreateTagItem(TagItem* ti, unsigned int startline, unsigned int endline)
-{
- HTMLItem *item;
-
- item = PR_Malloc(sizeof(HTMLItem));
- if(!item) {
- return NULL;
- }
-
- item->type = TAG_ITEM;
- item->item.tag = ti;
- item->next = NULL;
- item->startLine = startline;
- item->endLine = endline;
-
- return item;
-}
-
-static PRBool
-isAttChar(char c)
-{
- return (isalnum(c) || c=='/' || c=='-');
-}
-
-/************************************************************************
- *
- * P r o c e s s T a g
- */
-static TagItem*
-ProcessTag(FileBuffer* fb, char **errStr)
-{
- TAG_STATE state;
- PRInt32 startText, startID, curPos;
- PRBool firstAtt;
- int curchar;
- TagItem *ti=NULL;
- AVPair *curPair=NULL;
- char quotechar='\0';
- unsigned int linenum;
- unsigned int startline;
-
- state = START_STATE;
-
- startID = FB_GetPointer(fb);
- startText = startID;
- firstAtt = PR_TRUE;
-
- ti = (TagItem*) PR_Malloc(sizeof(TagItem));
- if(!ti) out_of_memory();
- ti->type = OTHER_TAG;
- ti->attList = NULL;
- ti->attListTail = NULL;
- ti->text = NULL;
-
- startline = FB_GetLineNum(fb);
-
- while(state != DONE_STATE && state != ERR_STATE) {
- linenum = FB_GetLineNum(fb);
- curchar = FB_GetChar(fb);
- if(curchar == EOF) {
- *errStr = PR_smprintf(
- "line %d: Unexpected end-of-file while parsing tag starting at line %d.\n", linenum, startline);
- state = ERR_STATE;
- continue;
- }
-
- switch(state) {
- case START_STATE:
- if(curchar=='!') {
- /*
- * SGML tag or comment
- * Here's the general rule for SGML tags. Everything from
- * <! to > is the tag. Inside the tag, comments are
- * delimited with --. So we are looking for the first '>'
- * that is not commented out, that is, not inside a pair
- * of --: <!DOCTYPE --this is a comment >(psyche!) -->
- */
-
- PRBool inComment = PR_FALSE;
- short hyphenCount = 0; /* number of consecutive hyphens */
-
- while(1) {
- linenum = FB_GetLineNum(fb);
- curchar = FB_GetChar(fb);
- if(curchar == EOF) {
- /* Uh oh, EOF inside comment */
- *errStr = PR_smprintf(
- "line %d: Unexpected end-of-file inside comment starting at line %d.\n",
- linenum, startline);
- state = ERR_STATE;
- break;
- }
- if(curchar=='-') {
- if(hyphenCount==1) {
- /* This is a comment delimiter */
- inComment = !inComment;
- hyphenCount=0;
- } else {
- /* beginning of a comment delimiter? */
- hyphenCount=1;
- }
- } else if(curchar=='>') {
- if(!inComment) {
- /* This is the end of the tag */
- state = DONE_STATE;
- break;
- } else {
- /* The > is inside a comment, so it's not
- * really the end of the tag */
- hyphenCount=0;
- }
- } else {
- hyphenCount = 0;
- }
- }
- ti->type = COMMENT_TAG;
- break;
- }
- /* fall through */
- case GET_ATT_STATE:
- if(isspace(curchar) || curchar=='=' || curchar=='>') {
- /* end of the current attribute */
- curPos = FB_GetPointer(fb)-2;
- if(curPos >= startID) {
- /* We have an attribute */
- curPair = (AVPair*)PR_Malloc(sizeof(AVPair));
- if(!curPair) out_of_memory();
- curPair->value = NULL;
- curPair->next = NULL;
- FB_GetRange(fb, startID, curPos, &curPair->attribute);
-
- /* Stick this attribute on the list */
- if(ti->attListTail) {
- ti->attListTail->next = curPair;
- ti->attListTail = curPair;
- } else {
- ti->attList = ti->attListTail = curPair;
- }
-
- /* If this is the first attribute, find the type of tag
- * based on it. Also, start saving the text of the tag. */
- if(firstAtt) {
- ti->type = GetTagType(curPair->attribute);
- startText = FB_GetPointer(fb)-1;
- firstAtt = PR_FALSE;
- }
- } else {
- if(curchar=='=') {
- /* If we don't have any attribute but we do have an
- * equal sign, that's an error */
- *errStr = PR_smprintf("line %d: Malformed tag starting at line %d.\n", linenum, startline);
- state = ERR_STATE;
- break;
- }
- }
-
- /* Compute next state */
- if(curchar=='=') {
- startID = FB_GetPointer(fb);
- state = PRE_VAL_WS_STATE;
- } else if(curchar=='>') {
- state = DONE_STATE;
- } else if(curPair) {
- state = POST_ATT_WS_STATE;
- } else {
- state = PRE_ATT_WS_STATE;
- }
- } else if(isAttChar(curchar)) {
- /* Just another char in the attribute. Do nothing */
- state = GET_ATT_STATE;
- } else {
- /* bogus char */
- *errStr= PR_smprintf("line %d: Bogus chararacter '%c' in tag.\n",
- linenum, curchar);
- state = ERR_STATE;
- break;
- }
- break;
- case PRE_ATT_WS_STATE:
- if(curchar=='>') {
- state = DONE_STATE;
- } else if(isspace(curchar)) {
- /* more whitespace, do nothing */
- } else if(isAttChar(curchar)) {
- /* starting another attribute */
- startID = FB_GetPointer(fb)-1;
- state = GET_ATT_STATE;
- } else {
- /* bogus char */
- *errStr = PR_smprintf("line %d: Bogus character '%c' in tag.\n",
- linenum, curchar);
- state = ERR_STATE;
- break;
- }
- break;
- case POST_ATT_WS_STATE:
- if(curchar=='>') {
- state = DONE_STATE;
- } else if(isspace(curchar)) {
- /* more whitespace, do nothing */
- } else if(isAttChar(curchar)) {
- /* starting another attribute */
- startID = FB_GetPointer(fb)-1;
- state = GET_ATT_STATE;
- } else if(curchar=='=') {
- /* there was whitespace between the attribute and its equal
- * sign, which means there's a value coming up */
- state = PRE_VAL_WS_STATE;
- } else {
- /* bogus char */
- *errStr = PR_smprintf("line %d: Bogus character '%c' in tag.\n",
- linenum, curchar);
- state = ERR_STATE;
- break;
- }
- break;
- case PRE_VAL_WS_STATE:
- if(curchar=='>') {
- /* premature end-of-tag (sounds like a personal problem). */
- *errStr = PR_smprintf(
- "line %d: End of tag while waiting for value.\n", linenum);
- state = ERR_STATE;
- break;
- } else if(isspace(curchar)) {
- /* more whitespace, do nothing */
- break;
- } else {
- /* this must be some sort of value. Fall through
- * to GET_VALUE_STATE */
- startID=FB_GetPointer(fb)-1;
- state = GET_VALUE_STATE;
- }
- /* Fall through if we didn't break on '>' or whitespace */
- case GET_VALUE_STATE:
- if(isspace(curchar) || curchar=='>') {
- /* end of value */
- curPos = FB_GetPointer(fb)-2;
- if(curPos >= startID) {
- /* Grab the value */
- FB_GetRange(fb, startID, curPos, &curPair->value);
- curPair->valueLine = linenum;
- } else {
- /* empty value, leave as NULL */
- }
- if(isspace(curchar)) {
- state = PRE_ATT_WS_STATE;
- } else {
- state = DONE_STATE;
- }
- } else if(curchar=='\"' || curchar=='\'') {
- /* quoted value. Start recording the value inside the quote*/
- startID = FB_GetPointer(fb);
- state = GET_QUOTED_VAL_STATE;
- PORT_Assert(quotechar == '\0');
- quotechar = curchar; /* look for matching quote type */
- } else {
- /* just more value */
- }
- break;
- case GET_QUOTED_VAL_STATE:
- PORT_Assert(quotechar != '\0');
- if(curchar == quotechar) {
- /* end of quoted value */
- curPos = FB_GetPointer(fb)-2;
- if(curPos >= startID) {
- /* Grab the value */
- FB_GetRange(fb, startID, curPos, &curPair->value);
- curPair->valueLine = linenum;
- } else {
- /* empty value, leave it as NULL */
- }
- state = GET_ATT_STATE;
- quotechar = '\0';
- startID = FB_GetPointer(fb);
- } else {
- /* more quoted value, continue */
- }
- break;
- case DONE_STATE:
- case ERR_STATE:
- default:
- ; /* should never get here */
- }
- }
-
- if(state == DONE_STATE) {
- /* Get the text of the tag */
- curPos = FB_GetPointer(fb)-1;
- FB_GetRange(fb, startText, curPos, &ti->text);
-
- /* Return the tag */
- return ti;
- }
-
- /* Uh oh, an error. Kill the tag item*/
- DestroyTagItem(ti);
- return NULL;
-}
-
-/************************************************************************
- *
- * D e s t r o y H T M L I t e m
- */
-static void
-DestroyHTMLItem(HTMLItem *item)
-{
- if(item->type == TAG_ITEM) {
- DestroyTagItem(item->item.tag);
- } else {
- if(item->item.text) {
- PR_Free(item->item.text);
- }
- }
-}
-
-/************************************************************************
- *
- * D e s t r o y T a g I t e m
- */
-static void
-DestroyTagItem(TagItem* ti)
-{
- AVPair *temp;
-
- if(ti->text) {
- PR_Free(ti->text); ti->text = NULL;
- }
-
- while(ti->attList) {
- temp = ti->attList;
- ti->attList = ti->attList->next;
-
- if(temp->attribute) {
- PR_Free(temp->attribute); temp->attribute = NULL;
- }
- if(temp->value) {
- PR_Free(temp->value); temp->value = NULL;
- }
- PR_Free(temp);
- }
-
- PR_Free(ti);
-}
-
-/************************************************************************
- *
- * G e t T a g T y p e
- */
-static TAG_TYPE
-GetTagType(char *att)
-{
- if(!PORT_Strcasecmp(att, "APPLET")) {
- return APPLET_TAG;
- }
- if(!PORT_Strcasecmp(att, "SCRIPT")) {
- return SCRIPT_TAG;
- }
- if(!PORT_Strcasecmp(att, "LINK")) {
- return LINK_TAG;
- }
- if(!PORT_Strcasecmp(att, "STYLE")) {
- return STYLE_TAG;
- }
- return OTHER_TAG;
-}
-
-/************************************************************************
- *
- * F B _ C r e a t e
- */
-static FileBuffer*
-FB_Create(PRFileDesc* fd)
-{
- FileBuffer *fb;
- PRInt32 amountRead;
- PRInt32 storedOffset;
-
- fb = (FileBuffer*) PR_Malloc(sizeof(FileBuffer));
- fb->fd = fd;
- storedOffset = PR_Seek(fd, 0, PR_SEEK_CUR);
- PR_Seek(fd, 0, PR_SEEK_SET);
- fb->startOffset = 0;
- amountRead = PR_Read(fd, fb->buf, FILE_BUFFER_BUFSIZE);
- if(amountRead == -1) goto loser;
- fb->maxIndex = amountRead-1;
- fb->curIndex = 0;
- fb->IsEOF = (fb->curIndex>fb->maxIndex) ? PR_TRUE : PR_FALSE;
- fb->lineNum = 1;
-
- PR_Seek(fd, storedOffset, PR_SEEK_SET);
- return fb;
-loser:
- PR_Seek(fd, storedOffset, PR_SEEK_SET);
- PR_Free(fb);
- return NULL;
-}
-
-/************************************************************************
- *
- * F B _ G e t C h a r
- */
-static int
-FB_GetChar(FileBuffer *fb)
-{
- PRInt32 storedOffset;
- PRInt32 amountRead;
- int retval=-1;
-
- if(fb->IsEOF) {
- return EOF;
- }
-
- storedOffset = PR_Seek(fb->fd, 0, PR_SEEK_CUR);
-
- retval = fb->buf[fb->curIndex++];
- if(retval=='\n') fb->lineNum++;
-
- if(fb->curIndex > fb->maxIndex) {
- /* We're at the end of the buffer. Try to get some new data from the
- * file */
- fb->startOffset += fb->maxIndex+1;
- PR_Seek(fb->fd, fb->startOffset, PR_SEEK_SET);
- amountRead = PR_Read(fb->fd, fb->buf, FILE_BUFFER_BUFSIZE);
- if(amountRead==-1) goto loser;
- fb->maxIndex = amountRead-1;
- fb->curIndex = 0;
- }
-
- fb->IsEOF = (fb->curIndex > fb->maxIndex) ? PR_TRUE : PR_FALSE;
-
-loser:
- PR_Seek(fb->fd, storedOffset, PR_SEEK_SET);
- return retval;
-}
-
-/************************************************************************
- *
- * F B _ G e t L i n e N u m
- *
- */
-static unsigned int
-FB_GetLineNum(FileBuffer *fb)
-{
- return fb->lineNum;
-}
-
-/************************************************************************
- *
- * F B _ G e t P o i n t e r
- *
- */
-static PRInt32
-FB_GetPointer(FileBuffer *fb)
-{
- return fb->startOffset + fb->curIndex;
-}
-
-/************************************************************************
- *
- * F B _ G e t R a n g e
- *
- */
-static PRInt32
-FB_GetRange(FileBuffer *fb, PRInt32 start, PRInt32 end, char **buf)
-{
- PRInt32 amountRead;
- PRInt32 storedOffset;
-
- *buf = PR_Malloc(end-start+2);
- if(*buf == NULL) {
- return 0;
- }
-
- storedOffset = PR_Seek(fb->fd, 0, PR_SEEK_CUR);
- PR_Seek(fb->fd, start, PR_SEEK_SET);
- amountRead = PR_Read(fb->fd, *buf, end-start+1);
- PR_Seek(fb->fd, storedOffset, PR_SEEK_SET);
- if(amountRead == -1) {
- PR_Free(*buf);
- *buf = NULL;
- return 0;
- }
-
- (*buf)[end-start+1] = '\0';
- return amountRead;
-}
-
-
-/************************************************************************
- *
- * F B _ D e s t r o y
- *
- */
-static void
-FB_Destroy(FileBuffer *fb)
-{
- if(fb) {
- PR_Free(fb);
- }
-}
-
-/************************************************************************
- *
- * P r i n t T a g I t e m
- *
- */
-static void
-PrintTagItem(PRFileDesc *fd, TagItem *ti)
-{
- AVPair *pair;
-
- PR_fprintf(fd, "TAG:\n----\nType: ");
- switch(ti->type) {
- case APPLET_TAG:
- PR_fprintf(fd, "applet\n");
- break;
- case SCRIPT_TAG:
- PR_fprintf(fd, "script\n");
- break;
- case LINK_TAG:
- PR_fprintf(fd, "link\n");
- break;
- case STYLE_TAG:
- PR_fprintf(fd, "style\n");
- break;
- case COMMENT_TAG:
- PR_fprintf(fd, "comment\n");
- break;
- case OTHER_TAG:
- default:
- PR_fprintf(fd, "other\n");
- break;
- }
-
- PR_fprintf(fd, "Attributes:\n");
- for(pair = ti->attList; pair; pair=pair->next) {
- PR_fprintf(fd, "\t%s=%s\n", pair->attribute,
- pair->value ? pair->value : "");
- }
- PR_fprintf(fd, "Text:%s\n", ti->text ? ti->text : "");
-
- PR_fprintf(fd, "---End of tag---\n");
-}
-
-
-/************************************************************************
- *
- * P r i n t H T M L S t r e a m
- *
- */
-static void
-PrintHTMLStream(PRFileDesc *fd, HTMLItem *head)
-{
- while(head) {
- if(head->type==TAG_ITEM) {
- PrintTagItem(fd, head->item.tag);
- } else {
- PR_fprintf(fd, "\nTEXT:\n-----\n%s\n-----\n\n", head->item.text);
- }
- head = head->next;
- }
-}
-
-/************************************************************************
- *
- * S a v e I n l i n e S c r i p t
- *
- */
-static int
-SaveInlineScript(char *text, char *id, char *basedir, char *archiveDir)
-{
- char *filename=NULL;
- PRFileDesc *fd=NULL;
- int retval = -1;
- PRInt32 writeLen;
- char *ilDir=NULL;
-
- if(!text || !id || !archiveDir) {
- return -1;
- }
-
- if(dumpParse) {
- PR_fprintf(outputFD, "SaveInlineScript: text=%s, id=%s, \n"
- "basedir=%s, archiveDir=%s\n",
- text, id, basedir, archiveDir);
- }
-
- /* Make sure the archive directory is around */
- if(ensureExists(basedir, archiveDir) != PR_SUCCESS) {
- PR_fprintf(errorFD,
- "ERROR: Unable to create archive directory %s.\n", archiveDir);
- errorCount++;
- return -1;
- }
-
- /* Make sure the inline script directory is around */
- ilDir = PR_smprintf("%s/inlineScripts", archiveDir);
- scriptdir = "inlineScripts";
- if(ensureExists(basedir, ilDir) != PR_SUCCESS) {
- PR_fprintf(errorFD,
- "ERROR: Unable to create directory %s.\n", ilDir);
- errorCount++;
- return -1;
- }
-
- filename = PR_smprintf("%s/%s/%s", basedir, ilDir, id);
-
- /* If the file already exists, give a warning, then blow it away */
- if(PR_Access(filename, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- PR_fprintf(errorFD,
- "warning: file \"%s\" already exists--will overwrite.\n",
- filename);
- warningCount++;
- if(rm_dash_r(filename)) {
- PR_fprintf(errorFD,
- "ERROR: Unable to delete %s.\n", filename);
- errorCount++;
- goto finish;
- }
- }
-
- /* Write text into file with name id */
- fd = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
- if(!fd) {
- PR_fprintf(errorFD, "ERROR: Unable to create file \"%s\".\n",
- filename);
- errorCount++;
- goto finish;
- }
- writeLen = strlen(text);
- if( PR_Write(fd, text, writeLen) != writeLen) {
- PR_fprintf(errorFD, "ERROR: Unable to write to file \"%s\".\n",
- filename);
- errorCount++;
- goto finish;
- }
-
- retval = 0;
-finish:
- if(filename) {
- PR_smprintf_free(filename);
- }
- if(ilDir) {
- PR_smprintf_free(ilDir);
- }
- if(fd) {
- PR_Close(fd);
- }
- return retval;
-}
-
-/************************************************************************
- *
- * S a v e U n n a m a b l e S c r i p t
- *
- */
-static int
-SaveUnnamableScript(char *text, char *basedir, char *archiveDir,
- char *HTMLfilename)
-{
- char *id=NULL;
- char *ext=NULL;
- char *start=NULL;
- int retval = -1;
-
- if(!text || !archiveDir || !HTMLfilename) {
- return -1;
- }
-
- if(dumpParse) {
- PR_fprintf(outputFD, "SaveUnnamableScript: text=%s, basedir=%s,\n"
- "archiveDir=%s, filename=%s\n", text, basedir, archiveDir,
- HTMLfilename);
- }
-
- /* Construct the filename */
- ext = PL_strrchr(HTMLfilename, '.');
- if(ext) {
- *ext = '\0';
- }
- for(start=HTMLfilename; strpbrk(start, "/\\");
- start=strpbrk(start, "/\\")+1);
- if(*start=='\0') start = HTMLfilename;
- id = PR_smprintf("_%s%d", start, idOrdinal++);
- if(ext) {
- *ext = '.';
- }
-
- /* Now call SaveInlineScript to do the work */
- retval = SaveInlineScript(text, id, basedir, archiveDir);
-
- PR_Free(id);
-
- return retval;
-}
-
-/************************************************************************
- *
- * S a v e S o u r c e
- *
- */
-static int
-SaveSource(char *src, char *codebase, char *basedir, char *archiveDir)
-{
- char *from=NULL, *to=NULL;
- int retval = -1;
- char *arcDir=NULL;
-
- if(!src || !archiveDir) {
- return -1;
- }
-
- if(dumpParse) {
- PR_fprintf(outputFD, "SaveSource: src=%s, codebase=%s, basedir=%s,\n"
- "archiveDir=%s\n", src, codebase, basedir, archiveDir);
- }
-
- if(codebase) {
- arcDir = PR_smprintf("%s/%s/%s/", basedir, codebase, archiveDir);
- } else {
- arcDir = PR_smprintf("%s/%s/", basedir, archiveDir);
- }
-
- if(codebase) {
- from = PR_smprintf("%s/%s/%s", basedir, codebase, src);
- to = PR_smprintf("%s%s", arcDir, src);
- } else {
- from = PR_smprintf("%s/%s", basedir, src);
- to = PR_smprintf("%s%s", arcDir, src);
- }
-
- if(make_dirs(to, 0777)) {
- PR_fprintf(errorFD,
- "ERROR: Unable to create archive directory %s.\n", archiveDir);
- errorCount++;
- goto finish;
- }
-
- retval = copyinto(from, to);
-finish:
- if(from) PR_Free(from);
- if(to) PR_Free(to);
- if(arcDir) PR_Free(arcDir);
- return retval;
-}
-
-/************************************************************************
- *
- * T a g T y p e T o S t r i n g
- *
- */
-char *
-TagTypeToString(TAG_TYPE type)
-{
- switch(type) {
- case APPLET_TAG:
- return "APPLET";
- case SCRIPT_TAG:
- return "SCRIPT";
- case LINK_TAG:
- return "LINK";
- case STYLE_TAG:
- return "STYLE";
- default:
- break;
- }
- return "unknown";
-}
-
-/************************************************************************
- *
- * e x t r a c t _ j s
- *
- */
-static int
-extract_js(char *filename)
-{
- PRFileDesc *fd=NULL;
- FileBuffer *fb=NULL;
- HTML_STATE state;
- int curchar;
- HTMLItem *head = NULL;
- HTMLItem *tail = NULL;
- PRInt32 textStart;
- PRInt32 curOffset;
- TagItem *tagp=NULL;
- char *text=NULL;
- HTMLItem *curitem=NULL;
- int retval = -1;
- char *tagerr=NULL;
- unsigned int linenum, startLine;
- char *archiveDir=NULL, *firstArchiveDir=NULL;
- HTMLItem *styleList, *styleListTail;
- HTMLItem *entityList, *entityListTail;
- char *basedir=NULL;
-
- styleList = entityList = styleListTail = entityListTail = NULL;
-
- /* Initialize the implicit ID counter for each file */
- idOrdinal = 0;
-
- /*
- * First, parse the HTML into a stream of tags and text.
- */
-
- fd = PR_Open(filename, PR_RDONLY, 0);
- if(!fd) {
- PR_fprintf(errorFD, "Unable to open %s for reading.\n", filename);
- errorCount++;
- return -1;
- }
-
- /* Construct base directory of filename. */
- {
- char *cp;
-
- basedir = PL_strdup(filename);
-
- /* Remove trailing slashes */
- while( (cp = PL_strprbrk(basedir, "/\\")) ==
- (basedir + strlen(basedir) - 1)) {
- *cp = '\0';
- }
-
- /* Now remove everything from the last slash (which will be followed
- * by a filename) to the end */
- cp = PL_strprbrk(basedir, "/\\");
- if(cp) {
- *cp = '\0';
- }
- }
-
- state = TEXT_HTML_STATE;
-
- fb = FB_Create(fd);
-
- textStart=0;
- startLine = 0;
- while(linenum=FB_GetLineNum(fb), (curchar = FB_GetChar(fb)) != EOF) {
- switch(state) {
- case TEXT_HTML_STATE:
- if(curchar == '<') {
- /*
- * Found a tag
- */
- /* Save the text so far to a new text item */
- curOffset = FB_GetPointer(fb)-2;
- if(curOffset >= textStart) {
- if(FB_GetRange(fb, textStart, curOffset, &text) !=
- curOffset-textStart+1) {
- PR_fprintf(errorFD,
- "Unable to read from %s.\n", filename);
- errorCount++;
- goto loser;
- }
- /* little fudge here. If the first character on a line
- * is '<', meaning a new tag, the preceding text item
- * actually ends on the previous line. In this case
- * we will be saying that the text segment ends on the
- * next line. I don't think this matters for text items. */
- curitem = CreateTextItem(text, startLine, linenum);
- text = NULL;
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
- }
-
- /* Process the tag */
- tagp = ProcessTag(fb, &tagerr);
- if(!tagp) {
- if(tagerr) {
- PR_fprintf(errorFD, "Error in file %s: %s\n",
- filename, tagerr);
- errorCount++;
- } else {
- PR_fprintf(errorFD,
- "Error in file %s, in tag starting at line %d\n",
- filename, linenum);
- errorCount++;
- }
- goto loser;
- }
- /* Add the tag to the list */
- curitem = CreateTagItem(tagp, linenum, FB_GetLineNum(fb));
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
-
- /* What's the next state */
- if(tagp->type == SCRIPT_TAG) {
- state = SCRIPT_HTML_STATE;
- }
-
- /* Start recording text from the new offset */
- textStart = FB_GetPointer(fb);
- startLine = FB_GetLineNum(fb);
- } else {
- /* regular character. Next! */
- }
- break;
- case SCRIPT_HTML_STATE:
- if(curchar == '<') {
- char *cp;
- /*
- * If this is a </script> tag, then we're at the end of the
- * script. Otherwise, ignore
- */
- curOffset = FB_GetPointer(fb)-1;
- cp = NULL;
- if(FB_GetRange(fb, curOffset, curOffset+8, &cp) != 9) {
- if(cp) { PR_Free(cp); cp = NULL; }
- } else {
- /* compare the strings */
- if( !PORT_Strncasecmp(cp, "</script>", 9) ) {
- /* This is the end of the script. Record the text. */
- curOffset--;
- if(curOffset >= textStart) {
- if(FB_GetRange(fb, textStart, curOffset, &text) !=
- curOffset-textStart+1) {
- PR_fprintf(errorFD,
- "Unable to read from %s.\n", filename);
- errorCount++;
- goto loser;
- }
- curitem = CreateTextItem(text, startLine, linenum);
- text = NULL;
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
- }
-
- /* Now parse the /script tag and put it on the list */
- tagp = ProcessTag(fb, &tagerr);
- if(!tagp) {
- if(tagerr) {
- PR_fprintf(errorFD,
- "Error in file %s: %s\n", filename, tagerr);
- } else {
- PR_fprintf(errorFD,
- "Error in file %s, in tag starting at"
- " line %d\n", filename, linenum);
- }
- errorCount++;
- goto loser;
- }
- curitem = CreateTagItem(tagp, linenum,
- FB_GetLineNum(fb));
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
-
- /* go back to text state */
- state = TEXT_HTML_STATE;
-
- textStart = FB_GetPointer(fb);
- startLine = FB_GetLineNum(fb);
- }
- }
- }
- break;
- }
- }
-
- /* End of the file. Wrap up any remaining text */
- if(state == SCRIPT_HTML_STATE) {
- if(tail && tail->type==TAG_ITEM) {
- PR_fprintf(errorFD, "ERROR: <SCRIPT> tag at %s:%d is not followed "
- "by a </SCRIPT> tag.\n", filename, tail->startLine);
- } else {
- PR_fprintf(errorFD, "ERROR: <SCRIPT> tag in file %s is not followed"
- " by a </SCRIPT tag.\n", filename);
- }
- errorCount++;
- goto loser;
- }
- curOffset = FB_GetPointer(fb)-1;
- if(curOffset >= textStart) {
- text = NULL;
- if( FB_GetRange(fb, textStart, curOffset, &text) !=
- curOffset-textStart+1) {
- PR_fprintf(errorFD, "Unable to read from %s.\n", filename);
- errorCount++;
- goto loser;
- }
- curitem = CreateTextItem(text, startLine, linenum);
- text = NULL;
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
- }
-
- if(dumpParse) {
- PrintHTMLStream(outputFD, head);
- }
-
-
-
-
- /*
- * Now we have a stream of tags and text. Go through and deal with each.
- */
- for(curitem = head; curitem; curitem = curitem->next) {
- TagItem *tagp=NULL;
- AVPair *pairp=NULL;
- char *src=NULL, *id=NULL, *codebase=NULL;
- PRBool hasEventHandler=PR_FALSE;
- int i;
-
- /* Reset archive directory for each tag */
- if(archiveDir) {
- PR_Free(archiveDir); archiveDir = NULL;
- }
-
- /* We only analyze tags */
- if(curitem->type != TAG_ITEM) {
- continue;
- }
-
- tagp = curitem->item.tag;
-
- /* go through the attributes to get information */
- for(pairp=tagp->attList; pairp; pairp=pairp->next) {
-
- /* ARCHIVE= */
- if( !PL_strcasecmp(pairp->attribute, "archive")) {
- if(archiveDir) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag starting at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- PR_Free(archiveDir);
- }
- archiveDir = PL_strdup(pairp->value);
-
- /* Substiture ".arc" for ".jar" */
- if( (PL_strlen(archiveDir)<4) ||
- PL_strcasecmp((archiveDir+strlen(archiveDir)-4), ".jar")){
- PR_fprintf(errorFD,
- "warning: ARCHIVE attribute should end in \".jar\" in tag"
- " starting on %s:%d.\n", filename, curitem->startLine);
- warningCount++;
- PR_Free(archiveDir);
- archiveDir = PR_smprintf("%s.arc", archiveDir);
- } else {
- PL_strcpy(archiveDir+strlen(archiveDir)-4, ".arc");
- }
-
- /* Record the first archive. This will be used later if
- * the archive is not specified */
- if(firstArchiveDir == NULL) {
- firstArchiveDir = PL_strdup(archiveDir);
- }
- }
-
- /* CODEBASE= */
- else if( !PL_strcasecmp(pairp->attribute, "codebase")) {
- if(codebase) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- codebase = pairp->value;
- }
-
- /* SRC= and HREF= */
- else if( !PORT_Strcasecmp(pairp->attribute, "src") ||
- !PORT_Strcasecmp(pairp->attribute, "href") ) {
- if(src) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- src = pairp->value;
- }
-
- /* CODE= */
- else if(!PORT_Strcasecmp(pairp->attribute, "code") ) {
- /*!!!XXX Change PORT to PL all over this code !!! */
- if(src) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " ,in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- src = pairp->value;
-
- /* Append a .class if one is not already present */
- if( (PL_strlen(src)<6) ||
- PL_strcasecmp( (src + PL_strlen(src) - 6), ".class") ) {
- src = PR_smprintf("%s.class", src);
- /* Put this string back into the data structure so it
- * will be deallocated properly */
- PR_Free(pairp->value);
- pairp->value = src;
- }
- }
-
- /* ID= */
- else if (!PL_strcasecmp(pairp->attribute, "id") ) {
- if(id) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- id = pairp->value;
- }
-
- /* STYLE= */
- /* style= attributes, along with JS entities, are stored into
- * files with dynamically generated names. The filenames are
- * based on the order in which the text is found in the file.
- * All JS entities on all lines up to and including the line
- * containing the end of the tag that has this style= attribute
- * will be processed before this style=attribute. So we need
- * to record the line that this _tag_ (not the attribute) ends on.
- */
- else if(!PL_strcasecmp(pairp->attribute, "style") && pairp->value) {
- HTMLItem *styleItem;
- /* Put this item on the style list */
- styleItem = CreateTextItem(PL_strdup(pairp->value),
- curitem->startLine, curitem->endLine);
- if(styleListTail == NULL) {
- styleList = styleListTail = styleItem;
- } else {
- styleListTail->next = styleItem;
- styleListTail = styleItem;
- }
- }
-
- /* Event handlers */
- else {
- for(i=0; i < num_handlers; i++) {
- if(!PL_strcasecmp(event_handlers[i], pairp->attribute)) {
- hasEventHandler = PR_TRUE;
- break;
- }
- }
- }
-
- /* JS Entity */
- {
- char *entityStart, *entityEnd;
- HTMLItem *entityItem;
-
- /* go through each JavaScript entity ( &{...}; ) and store it
- * in the entityList. The important thing is to record what
- * line number it's on, so we can get it in the right order
- * in relation to style= attributes.
- * Apparently, these can't flow across lines, so the start and
- * end line will be the same. That helps matters.
- */
- entityEnd = pairp->value;
- while( entityEnd &&
- (entityStart = PL_strstr(entityEnd, "&{")) != NULL) {
- entityStart +=2; /* point at beginning of actual entity */
- entityEnd = PL_strstr(entityStart, "}");
- if(entityEnd) {
- /* Put this item on the entity list */
- *entityEnd = '\0';
- entityItem = CreateTextItem(PL_strdup(entityStart),
- pairp->valueLine, pairp->valueLine);
- *entityEnd = '}';
- if(entityListTail) {
- entityListTail->next = entityItem;
- entityListTail = entityItem;
- } else {
- entityList = entityListTail = entityItem;
- }
- }
- }
- }
-
- }
-
- /* If no archive was supplied, we use the first one of the file */
- if(!archiveDir && firstArchiveDir) {
- archiveDir = PL_strdup(firstArchiveDir);
- }
-
- /* If we have an event handler, we need to archive this tag */
- if(hasEventHandler) {
- if(!id) {
- PR_fprintf(errorFD,
- "warning: tag starting at %s:%d has event handler but"
- " no ID attribute. The tag will not be signed.\n",
- filename, curitem->startLine);
- warningCount++;
- } else if(!archiveDir) {
- PR_fprintf(errorFD,
- "warning: tag starting at %s:%d has event handler but"
- " no ARCHIVE attribute. The tag will not be signed.\n",
- filename, curitem->startLine);
- warningCount++;
- } else {
- if(SaveInlineScript(tagp->text, id, basedir, archiveDir)) {
- goto loser;
- }
- }
- }
-
- switch(tagp->type) {
- case APPLET_TAG:
- if(!src) {
- PR_fprintf(errorFD,
- "error: APPLET tag starting on %s:%d has no CODE "
- "attribute.\n", filename, curitem->startLine);
- errorCount++;
- goto loser;
- } else if(!archiveDir) {
- PR_fprintf(errorFD,
- "error: APPLET tag starting on %s:%d has no ARCHIVE "
- "attribute.\n", filename, curitem->startLine);
- errorCount++;
- goto loser;
- } else {
- if(SaveSource(src, codebase, basedir, archiveDir)) {
- goto loser;
- }
- }
- break;
- case SCRIPT_TAG:
- case LINK_TAG:
- case STYLE_TAG:
- if(!archiveDir) {
- PR_fprintf(errorFD,
- "error: %s tag starting on %s:%d has no ARCHIVE "
- "attribute.\n", TagTypeToString(tagp->type),
- filename, curitem->startLine);
- errorCount++;
- goto loser;
- } else if(src) {
- if(SaveSource(src, codebase, basedir, archiveDir)) {
- goto loser;
- }
- } else if(id) {
- /* Save the next text item */
- if(!curitem->next || (curitem->next->type != TEXT_ITEM)) {
- PR_fprintf(errorFD,
- "warning: %s tag starting on %s:%d is not followed"
- " by script text.\n", TagTypeToString(tagp->type),
- filename, curitem->startLine);
- warningCount++;
- /* just create empty file */
- if(SaveInlineScript("", id, basedir, archiveDir)) {
- goto loser;
- }
- } else {
- curitem = curitem->next;
- if(SaveInlineScript(curitem->item.text, id, basedir,
- archiveDir)){
- goto loser;
- }
- }
- } else {
- /* No src or id tag--warning */
- PR_fprintf(errorFD,
- "warning: %s tag starting on %s:%d has no SRC or"
- " ID attributes. Will not sign.\n",
- TagTypeToString(tagp->type), filename, curitem->startLine);
- warningCount++;
- }
- break;
- default:
- /* do nothing for other tags */
- break;
- }
-
- }
-
- /* Now deal with all the unnamable scripts */
- if(firstArchiveDir) {
- HTMLItem *style, *entity;
-
- /* Go through the lists of JS entities and style attributes. Do them
- * in chronological order within a list. Pick the list with the lower
- * endLine. In case of a tie, entities come first.
- */
- style = styleList; entity = entityList;
- while(style || entity) {
- if(!entity || (style && (style->endLine < entity->endLine))) {
- /* Process style */
- SaveUnnamableScript(style->item.text, basedir, firstArchiveDir,
- filename);
- style=style->next;
- } else {
- /* Process entity */
- SaveUnnamableScript(entity->item.text, basedir, firstArchiveDir,
- filename);
- entity=entity->next;
- }
- }
- }
-
-
- retval = 0;
-loser:
- /* Blow away the stream */
- while(head) {
- curitem = head;
- head = head->next;
- DestroyHTMLItem(curitem);
- }
- while(styleList) {
- curitem = styleList;
- styleList = styleList->next;
- DestroyHTMLItem(curitem);
- }
- while(entityList) {
- curitem = entityList;
- entityList = entityList->next;
- DestroyHTMLItem(curitem);
- }
- if(text) {
- PR_Free(text); text=NULL;
- }
- if(fb) {
- FB_Destroy(fb); fb=NULL;
- }
- if(fd) {
- PR_Close(fd);
- }
- if(tagerr) {
- PR_smprintf_free(tagerr); tagerr=NULL;
- }
- if(archiveDir) {
- PR_Free(archiveDir); archiveDir=NULL;
- }
- if(firstArchiveDir) {
- PR_Free(firstArchiveDir); firstArchiveDir=NULL;
- }
- return retval;
-}
-
-/**********************************************************************
- *
- * e n s u r e E x i s t s
- *
- * Check for existence of indicated directory. If it doesn't exist,
- * it will be created.
- * Returns PR_SUCCESS if the directory is present, PR_FAILURE otherwise.
- */
-static PRStatus
-ensureExists (char *base, char *path)
-{
- char fn [FNSIZE];
- PRDir *dir;
- sprintf (fn, "%s/%s", base, path);
-
- /*PR_fprintf(outputFD, "Trying to open directory %s.\n", fn);*/
-
- if( (dir=PR_OpenDir(fn)) ) {
- PR_CloseDir(dir);
- return PR_SUCCESS;
- }
- return PR_MkDir(fn, 0777);
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists. This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
- char *Path;
- char *start;
- char *sep;
- int ret = 0;
- PRFileInfo info;
-
- if(!path) {
- return 0;
- }
-
- Path = PL_strdup(path);
- start = strpbrk(Path, "/\\");
- if(!start) {
- return 0;
- }
- start++; /* start right after first slash */
-
- /* Each time through the loop add one more directory. */
- while( (sep=strpbrk(start, "/\\")) ) {
- *sep = '\0';
-
- if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
- /* No such dir, we have to create it */
- if( PR_MkDir(Path, file_perms) != PR_SUCCESS) {
- PR_fprintf(errorFD, "ERROR: Unable to create directory %s.\n",
- Path);
- errorCount++;
- ret = -1;
- goto loser;
- }
- } else {
- /* something exists by this name, make sure it's a directory */
- if( info.type != PR_FILE_DIRECTORY ) {
- PR_fprintf(errorFD, "ERROR: Unable to create directory %s.\n",
- Path);
- errorCount++;
- ret = -1;
- goto loser;
- }
- }
-
- start = sep+1; /* start after the next slash */
- *sep = '/';
- }
-
-loser:
- PR_Free(Path);
- return ret;
-}
-
-/*
- * c o p y i n t o
- *
- * Function to copy file "from" to path "to".
- *
- */
-static int
-copyinto (char *from, char *to)
-{
- PRInt32 num;
- char buf [BUFSIZ];
- PRFileDesc *infp=NULL, *outfp=NULL;
- int retval = -1;
-
- if ((infp = PR_Open(from, PR_RDONLY, 0777)) == NULL) {
- PR_fprintf(errorFD, "ERROR: Unable to open \"%s\" for reading.\n",
- from);
- errorCount++;
- goto finish;
- }
-
- /* If to already exists, print a warning before deleting it */
- if(PR_Access(to, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- PR_fprintf(errorFD, "warning: %s already exists--will overwrite\n",
- to);
- warningCount++;
- if(rm_dash_r(to)) {
- PR_fprintf(errorFD,
- "ERROR: Unable to remove %s.\n", to);
- errorCount++;
- goto finish;
- }
- }
-
- if ((outfp = PR_Open(to, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777))
- == NULL) {
- char *errBuf=NULL;
-
- errBuf = PR_Malloc(PR_GetErrorTextLength());
- PR_fprintf(errorFD, "ERROR: Unable to open \"%s\" for writing.\n",
- to);
- if(PR_GetErrorText(errBuf)) {
- PR_fprintf(errorFD, "Cause: %s\n", errBuf);
- }
- if(errBuf) {
- PR_Free(errBuf);
- }
- errorCount++;
- goto finish;
- }
-
- while( (num = PR_Read(infp, buf, BUFSIZ)) >0) {
- if(PR_Write(outfp, buf, num) != num) {
- PR_fprintf(errorFD, "ERROR: Error writing to %s.\n", to);
- errorCount++;
- goto finish;
- }
- }
-
- retval = 0;
-finish:
- if(infp) PR_Close(infp);
- if(outfp) PR_Close(outfp);
-
- return retval;
-}
diff --git a/security/nss/cmd/signtool/list.c b/security/nss/cmd/signtool/list.c
deleted file mode 100644
index 33ec93d93..000000000
--- a/security/nss/cmd/signtool/list.c
+++ /dev/null
@@ -1,278 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "pk11func.h"
-#include "certdb.h"
-
-static int num_trav_certs = 0;
-static SECStatus cert_trav_callback(CERTCertificate *cert, SECItem *k,
- void *data);
-
-/*********************************************************************
- *
- * L i s t C e r t s
- */
-int
-ListCerts(char *key, int list_certs)
-{
- int failed = 0;
- SECStatus rv;
- char *ugly_list;
- CERTCertDBHandle *db;
-
- CERTCertificate *cert;
- CERTVerifyLog errlog;
-
- errlog.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( errlog.arena == NULL) {
- out_of_memory();
- }
- errlog.head = NULL;
- errlog.tail = NULL;
- errlog.count = 0;
-
- ugly_list = PORT_ZAlloc (16);
-
- if (ugly_list == NULL) {
- out_of_memory();
- }
-
- *ugly_list = 0;
-
- db= CERT_GetDefaultCertDB();
-
- if (list_certs == 2) {
- PR_fprintf(outputFD, "\nS Certificates\n");
- PR_fprintf(outputFD, "- ------------\n");
- } else {
- PR_fprintf(outputFD, "\nObject signing certificates\n");
- PR_fprintf(outputFD, "---------------------------------------\n");
- }
-
- num_trav_certs = 0;
-
- /* Traverse non-internal DBs */
- rv = PK11_TraverseSlotCerts(cert_trav_callback, (void*)&list_certs,
- NULL /*wincx*/);
-
- if (rv) {
- PR_fprintf(outputFD, "**Traverse of non-internal DBs failed**\n");
- return -1;
- }
-
- if (num_trav_certs == 0) {
- PR_fprintf(outputFD,
- "You don't appear to have any object signing certificates.\n");
- }
-
- if (list_certs == 2) {
- PR_fprintf(outputFD, "- ------------\n");
- } else {
- PR_fprintf(outputFD, "---------------------------------------\n");
- }
-
- if (list_certs == 1) {
- PR_fprintf(outputFD,
- "For a list including CA's, use \"%s -L\"\n", PROGRAM_NAME);
- }
-
- if(list_certs == 2) {
- PR_fprintf(outputFD,
- "Certificates that can be used to sign objects have *'s to "
- "their left.\n");
- }
-
- if (key) {
- /* Do an analysis of the given cert */
-
- cert = PK11_FindCertFromNickname(key, NULL /*wincx*/);
-
- if (cert) {
- PR_fprintf(outputFD,
- "\nThe certificate with nickname \"%s\" was found:\n",
- cert->nickname);
- PR_fprintf(outputFD,
- "\tsubject name: %s\n", cert->subjectName);
- PR_fprintf(outputFD,
- "\tissuer name: %s\n", cert->issuerName);
-
- PR_fprintf(outputFD, "\n");
-
- rv = CERT_CertTimesValid (cert);
- if(rv != SECSuccess) {
- PR_fprintf(outputFD, "**This certificate is expired**\n");
- } else {
- PR_fprintf(outputFD, "This certificate is not expired.\n");
- }
-
- rv = CERT_VerifyCert (db, cert, PR_TRUE,
- certUsageObjectSigner, PR_Now(), NULL, &errlog);
-
- if (rv != SECSuccess) {
- failed = 1;
- if(errlog.count > 0) {
- PR_fprintf(outputFD,
- "**Certificate validation failed for the "
- "following reason(s):**\n");
- } else {
- PR_fprintf(outputFD, "**Certificate validation failed**");
- }
- } else {
- PR_fprintf(outputFD, "This certificate is valid.\n");
- }
- displayVerifyLog(&errlog);
-
-
- } else {
- failed = 1;
- PR_fprintf(outputFD,
- "The certificate with nickname \"%s\" was NOT FOUND\n",
- key);
- }
- }
-
- if(errlog.arena != NULL) {
- PORT_FreeArena(errlog.arena, PR_FALSE);
- }
-
- if (failed) {
- return -1;
- }
- return 0;
-}
-
-/********************************************************************
- *
- * c e r t _ t r a v _ c a l l b a c k
- */
-static SECStatus
-cert_trav_callback(CERTCertificate *cert, SECItem *k, void *data)
-{
- int isSigningCert;
- int list_certs = 1;
-
- char *name, *issuerCN, *expires;
- CERTCertificate *issuerCert = NULL;
-
- if(data) {
- list_certs = *((int*)data);
- }
-
- if (cert->nickname)
- {
- name = cert->nickname;
-
- isSigningCert = cert->nsCertType & NS_CERT_TYPE_OBJECT_SIGNING;
- issuerCert = CERT_FindCertIssuer (cert, PR_Now(), certUsageObjectSigner);
- issuerCN = CERT_GetCommonName (&cert->issuer);
-
- if (!isSigningCert && list_certs == 1)
- return (SECSuccess);
-
- /* Add this name or email to list */
-
- if (name)
- {
- int rv;
-
- num_trav_certs++;
- if(list_certs == 2) {
- PR_fprintf(outputFD, "%s ", isSigningCert ? "*" : " ");
- }
- PR_fprintf(outputFD, "%s\n", name);
-
- if (list_certs == 1)
- {
- if(issuerCert == NULL) {
- PR_fprintf(outputFD,
- "\t++ Error ++ Unable to find issuer certificate\n");
- return SECSuccess; /*function was a success even if cert is bogus*/
- }
- if (issuerCN == NULL)
- PR_fprintf(outputFD, " Issued by: %s\n", issuerCert->nickname);
- else
- PR_fprintf(outputFD,
- " Issued by: %s (%s)\n", issuerCert->nickname, issuerCN);
-
- expires = DER_UTCDayToAscii (&cert->validity.notAfter);
-
- if (expires)
- PR_fprintf(outputFD, " Expires: %s\n", expires);
-
- rv = CERT_CertTimesValid (cert);
-
- if (rv != SECSuccess)
- PR_fprintf(outputFD, " ++ Error ++ THIS CERTIFICATE IS EXPIRED\n");
-
- if (rv == SECSuccess)
- {
- rv = CERT_VerifyCertNow (cert->dbhandle, cert,
- PR_TRUE, certUsageObjectSigner, NULL);
-
- if (rv != SECSuccess)
- {
- rv = PORT_GetError();
- PR_fprintf(outputFD,
- " ++ Error ++ THIS CERTIFICATE IS NOT VALID (%s)\n",
- secErrorString(rv)); }
- }
-
- expires = DER_UTCDayToAscii (&issuerCert->validity.notAfter);
- if (expires == NULL) expires = "(unknown)";
-
- rv = CERT_CertTimesValid (issuerCert);
-
- if (rv != SECSuccess)
- PR_fprintf(outputFD,
- " ++ Error ++ ISSUER CERT \"%s\" EXPIRED ON %s\n",
- issuerCert->nickname, expires);
-
- if (rv == SECSuccess)
- {
- rv = CERT_VerifyCertNow (issuerCert->dbhandle, issuerCert,
- PR_TRUE, certUsageVerifyCA, NULL);
- if (rv != SECSuccess)
- {
- rv = PORT_GetError();
- PR_fprintf(outputFD,
- " ++ Error ++ ISSUER CERT \"%s\" IS NOT VALID (%s)\n", issuerCert->nickname, secErrorString(rv));
- }
- }
- }
- }
- }
-
- return (SECSuccess);
-}
-
diff --git a/security/nss/cmd/signtool/manifest.mn b/security/nss/cmd/signtool/manifest.mn
deleted file mode 100644
index 448734056..000000000
--- a/security/nss/cmd/signtool/manifest.mn
+++ /dev/null
@@ -1,57 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = signtool.c \
- certgen.c \
- javascript.c \
- list.c \
- sign.c \
- util.c \
- verify.c \
- zip.c \
- $(NULL)
-
-PROGRAM = signtool
-
-REQUIRES = dbm seccmd
-
-DEFINES += -DNSPR20
-
-USE_STATIC_LIBS = 1
-
-EXTRA_LIBS = $(JAR_LIBS)
diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c
deleted file mode 100644
index 59323c92d..000000000
--- a/security/nss/cmd/signtool/sign.c
+++ /dev/null
@@ -1,861 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "zip.h"
-#include "prmem.h"
-#include "blapi.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-static int create_pk7 (char *dir, char *keyName, int *keyType);
-static int jar_find_key_type (CERTCertificate *cert);
-static int manifesto (char *dirname, char *install_script, PRBool recurse);
-static int manifesto_fn(char *relpath, char *basedir, char *reldir,
- char *filename, void *arg);
-static int sign_all_arc_fn(char *relpath, char *basedir, char *reldir,
- char *filename, void *arg);
-static int add_meta (FILE *fp, char *name);
-static int SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert);
-static int generate_SF_file (char *manifile, char *who);
-static int calculate_MD5_range (FILE *fp, long r1, long r2, JAR_Digest *dig);
-static void SignOut (void *arg, const char *buf, unsigned long len);
-
-static char *metafile = NULL;
-static int optimize = 0;
-static FILE *mf;
-static ZIPfile *zipfile=NULL;
-
-/*
- * S i g n A r c h i v e
- *
- * Sign an individual archive tree. A directory
- * called META-INF is created underneath this.
- *
- */
-int
-SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
- char *meta_file, char *install_script, int _optimize, PRBool recurse)
-{
- int status;
- char tempfn [FNSIZE], fullfn [FNSIZE];
- int keyType = rsaKey;
-
- metafile = meta_file;
- optimize = _optimize;
-
- if(zip_file) {
- zipfile = JzipOpen(zip_file, NULL /*no comment*/);
- }
-
- manifesto (tree, install_script, recurse);
-
- if (keyName)
- {
- status = create_pk7 (tree, keyName, &keyType);
- if (status < 0)
- {
- PR_fprintf(errorFD, "the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n", tree);
- errorCount++;
- exit (ERRX);
- }
- }
-
- /* mf to zip */
-
- strcpy (tempfn, "META-INF/manifest.mf");
- sprintf (fullfn, "%s/%s", tree, tempfn);
- JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
- /* sf to zip */
-
- sprintf (tempfn, "META-INF/%s.sf", base);
- sprintf (fullfn, "%s/%s", tree, tempfn);
- JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
- /* rsa/dsa to zip */
-
- sprintf (tempfn, "META-INF/%s.%s", base, (keyType==dsaKey ? "dsa" : "rsa"));
- sprintf (fullfn, "%s/%s", tree, tempfn);
- JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
- JzipClose(zipfile);
-
- if(verbosity >= 0) {
- if (javascript) {
- PR_fprintf(outputFD,"jarfile \"%s\" signed successfully\n",
- zip_file);
- } else {
- PR_fprintf(outputFD, "tree \"%s\" signed successfully\n", tree);
- }
- }
-
- return 0;
-}
-
-typedef struct {
- char *keyName;
- int javascript;
- char *metafile;
- char *install_script;
- int optimize;
-} SignArcInfo;
-
-/*
- * S i g n A l l A r c
- *
- * Javascript may generate multiple .arc directories, one
- * for each jar archive needed. Sign them all.
- *
- */
-int
-SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
- char *install_script, int optimize, PRBool recurse)
-{
- SignArcInfo info;
-
- info.keyName = keyName;
- info.javascript = javascript;
- info.metafile = metafile;
- info.install_script = install_script;
- info.optimize = optimize;
-
- return foreach(jartree, "", sign_all_arc_fn, recurse,
- PR_TRUE /*include dirs*/, (void*)&info);
-}
-
-static int
-sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename,
- void *arg)
-{
- char *zipfile=NULL;
- char *arc=NULL, *archive=NULL;
- int retval=0;
- SignArcInfo *infop = (SignArcInfo*)arg;
-
- /* Make sure there is one and only one ".arc" in the relative path,
- * and that it is at the end of the path (don't sign .arcs within .arcs) */
- if ( (PL_strcaserstr(relpath, ".arc") == relpath + strlen(relpath) - 4) &&
- (PL_strcasestr(relpath, ".arc") == relpath + strlen(relpath) - 4) ) {
-
- if(!infop) {
- PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto finish;
- }
- archive = PR_smprintf("%s/%s", basedir, relpath);
-
- zipfile = PL_strdup(archive);
- arc = PORT_Strrchr (zipfile, '.');
-
- if (arc == NULL) {
- PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto finish;
- }
-
- PL_strcpy (arc, ".jar");
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "\nsigning: %s\n", zipfile);
- }
- retval = SignArchive(archive, infop->keyName, zipfile,
- infop->javascript, infop->metafile, infop->install_script,
- infop->optimize, PR_TRUE /* recurse */);
- }
-finish:
- if(archive) PR_Free(archive);
- if(zipfile) PR_Free(zipfile);
-
- return retval;
-}
-
-/*********************************************************************
- *
- * c r e a t e _ p k 7
- */
-static int
-create_pk7 (char *dir, char *keyName, int *keyType)
-{
- int status = 0;
- char *file_ext;
-
- CERTCertificate *cert;
- CERTCertDBHandle *db;
-
- FILE *in, *out;
-
- char sf_file [FNSIZE];
- char pk7_file [FNSIZE];
-
-
- /* open cert database */
- db = CERT_GetDefaultCertDB();
-
- if (db == NULL)
- return -1;
-
-
- /* find cert */
- /*cert = CERT_FindCertByNicknameOrEmailAddr(db, keyName);*/
- cert = PK11_FindCertFromNickname(keyName, NULL /*wincx*/);
-
- if (cert == NULL)
- {
- SECU_PrintError
- (
- PROGRAM_NAME,
- "the cert \"%s\" does not exist in the database",
- keyName
- );
- return -1;
- }
-
-
- /* determine the key type, which sets the extension for pkcs7 object */
-
- *keyType = jar_find_key_type (cert);
- file_ext = (*keyType == dsaKey) ? "dsa" : "rsa";
-
- sprintf (sf_file, "%s/META-INF/%s.sf", dir, base);
- sprintf (pk7_file, "%s/META-INF/%s.%s", dir, base, file_ext);
-
- if ((in = fopen (sf_file, "rb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s for reading\n", PROGRAM_NAME, sf_file);
- errorCount++;
- exit (ERRX);
- }
-
- if ((out = fopen (pk7_file, "wb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s for writing\n", PROGRAM_NAME, sf_file);
- errorCount++;
- exit (ERRX);
- }
-
- status = SignFile (out, in, cert);
-
- CERT_DestroyCertificate (cert);
- fclose (in);
- fclose (out);
-
- if (status)
- {
- PR_fprintf(errorFD, "%s: PROBLEM signing data (%s)\n",
- PROGRAM_NAME, SECU_ErrorString ((int16) PORT_GetError()));
- errorCount++;
- return -1;
- }
-
- return 0;
-}
-
-/*
- * j a r _ f i n d _ k e y _ t y p e
- *
- * Determine the key type for a given cert, which
- * should be rsaKey or dsaKey. Any error return 0.
- *
- */
-static int
-jar_find_key_type (CERTCertificate *cert)
-{
- PK11SlotInfo *slot = NULL;
- SECKEYPrivateKey *privk = NULL;
- KeyType keyType;
-
- /* determine its type */
- PK11_FindObjectForCert (cert, /*wincx*/ NULL, &slot);
-
- if (slot == NULL)
- {
- PR_fprintf(errorFD, "warning - can't find slot for this cert\n");
- warningCount++;
- return 0;
- }
-
- privk = PK11_FindPrivateKeyFromCert (slot, cert, /*wincx*/ NULL);
- PK11_FreeSlot (slot);
-
- if (privk == NULL)
- {
- PR_fprintf(errorFD, "warning - can't find private key for this cert\n");
- warningCount++;
- return 0;
- }
-
- keyType = privk->keyType;
- SECKEY_DestroyPrivateKey (privk);
- return keyType;
- }
-
-
-/*
- * m a n i f e s t o
- *
- * Run once for every subdirectory in which a
- * manifest is to be created -- usually exactly once.
- *
- */
-static int
-manifesto (char *dirname, char *install_script, PRBool recurse)
-{
- char metadir [FNSIZE], sfname [FNSIZE];
-
- /* Create the META-INF directory to hold signing info */
-
- if (PR_Access (dirname, PR_ACCESS_READ_OK))
- {
- PR_fprintf(errorFD, "%s: unable to read your directory: %s\n", PROGRAM_NAME,
- dirname);
- errorCount++;
- perror (dirname);
- exit (ERRX);
- }
-
- if (PR_Access (dirname, PR_ACCESS_WRITE_OK)) {
- PR_fprintf(errorFD, "%s: unable to write to your directory: %s\n",
- PROGRAM_NAME, dirname);
- errorCount++;
- perror(dirname);
- exit(ERRX);
- }
-
- sprintf (metadir, "%s/META-INF", dirname);
-
- strcpy (sfname, metadir);
-
- PR_MkDir (metadir, 0777);
-
- strcat (metadir, "/");
- strcat (metadir, MANIFEST);
-
- if ((mf = fopen (metadir, "wb")) == NULL)
- {
- perror (MANIFEST);
- PR_fprintf(errorFD, "%s: Probably, the directory you are trying to"
-
- " sign has\n", PROGRAM_NAME);
- PR_fprintf(errorFD, "%s: permissions problems or may not exist.\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Generating %s file..\n", metadir);
- }
-
- fprintf(mf, "Manifest-Version: 1.0\n");
- fprintf (mf, "Created-By: %s\n", CREATOR);
- fprintf (mf, "Comments: %s\n", BREAKAGE);
-
- if (scriptdir)
- {
- fprintf (mf, "Comments: --\n");
- fprintf (mf, "Comments: --\n");
- fprintf (mf, "Comments: -- This archive signs Javascripts which may not necessarily\n");
- fprintf (mf, "Comments: -- be included in the physical jar file.\n");
- fprintf (mf, "Comments: --\n");
- fprintf (mf, "Comments: --\n");
- }
-
- if (install_script)
- fprintf (mf, "Install-Script: %s\n", install_script);
-
- if (metafile)
- add_meta (mf, "+");
-
- /* Loop through all files & subdirectories */
- foreach (dirname, "", manifesto_fn, recurse, PR_FALSE /*include dirs */,
- (void*)NULL);
-
- fclose (mf);
-
- strcat (sfname, "/");
- strcat (sfname, base);
- strcat (sfname, ".sf");
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Generating %s.sf file..\n", base);
- }
- generate_SF_file (metadir, sfname);
-
- return 0;
-}
-
-/*
- * m a n i f e s t o _ f n
- *
- * Called by pointer from manifesto(), once for
- * each file within the directory.
- *
- */
-static int manifesto_fn
- (char *relpath, char *basedir, char *reldir, char *filename, void *arg)
-{
- int use_js;
-
- JAR_Digest dig;
- char fullname [FNSIZE];
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "--> %s\n", relpath);
- }
-
- /* extension matching */
- if(extensionsGiven) {
- char *ext;
-
- ext = PL_strrchr(relpath, '.');
- if(!ext) {
- return 0;
- } else {
- if(!PL_HashTableLookup(extensions, ext)) {
- return 0;
- }
- }
- }
-
- sprintf (fullname, "%s/%s", basedir, relpath);
-
- fprintf (mf, "\n");
-
- use_js = 0;
-
- if (scriptdir && !PORT_Strcmp (scriptdir, reldir))
- use_js++;
-
- /* sign non-.js files inside .arc directories
- using the javascript magic */
-
- if ( (PL_strcaserstr(filename, ".js") != filename + strlen(filename) - 3)
- && (PL_strcaserstr(reldir, ".arc") == reldir + strlen(filename)-4))
- use_js++;
-
- if (use_js)
- {
- fprintf (mf, "Name: %s\n", filename);
- fprintf (mf, "Magic: javascript\n");
-
- if (optimize == 0)
- fprintf (mf, "javascript.id: %s\n", filename);
-
- if (metafile)
- add_meta (mf, filename);
- }
- else
- {
- fprintf (mf, "Name: %s\n", relpath);
- if (metafile)
- add_meta (mf, relpath);
- }
-
- JAR_digest_file (fullname, &dig);
-
-
- if (optimize == 0)
- {
- fprintf (mf, "Digest-Algorithms: MD5 SHA1\n");
- fprintf (mf, "MD5-Digest: %s\n", BTOA_DataToAscii (dig.md5, MD5_LENGTH));
- }
-
- fprintf (mf, "SHA1-Digest: %s\n", BTOA_DataToAscii (dig.sha1, SHA1_LENGTH));
-
- if(!use_js) {
- JzipAdd(fullname, relpath, zipfile, compression_level);
- }
-
- return 0;
-}
-
-/*
- * a d d _ m e t a
- *
- * Parse the metainfo file, and add any details
- * necessary to the manifest file. In most cases you
- * should be using the -i option (ie, for SmartUpdate).
- *
- */
-static int add_meta (FILE *fp, char *name)
-{
- FILE *met;
- char buf [BUFSIZ];
-
- int place;
- char *pattern, *meta;
-
- int num = 0;
-
- if ((met = fopen (metafile, "r")) != NULL)
- {
- while (fgets (buf, BUFSIZ, met))
- {
- char *s;
-
- for (s = buf; *s && *s != '\n' && *s != '\r'; s++);
- *s = 0;
-
- if (*buf == 0)
- continue;
-
- pattern = buf;
-
- /* skip to whitespace */
- for (s = buf; *s && *s != ' ' && *s != '\t'; s++);
-
- /* terminate pattern */
- if (*s == ' ' || *s == '\t') *s++ = 0;
-
- /* eat through whitespace */
- while (*s == ' ' || *s == '\t') s++;
-
- meta = s;
-
- /* this will eventually be regexp matching */
-
- place = 0;
- if (!PORT_Strcmp (pattern, name))
- place = 1;
-
- if (place)
- {
- num++;
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "[%s] %s\n", name, meta);
- }
- fprintf (fp, "%s\n", meta);
- }
- }
- fclose (met);
- }
- else
- {
- PR_fprintf(errorFD, "%s: can't open metafile: %s\n", PROGRAM_NAME, metafile);
- errorCount++;
- exit (ERRX);
- }
-
- return num;
-}
-
-/**********************************************************************
- *
- * S i g n F i l e
- */
-static int
-SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert)
-{
- int nb;
- char ibuf[4096], digestdata[32];
- const SECHashObject *hashObj;
- void *hashcx;
- unsigned int len;
-
- SECItem digest;
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- if (outFile == NULL || inFile == NULL || cert == NULL)
- return -1;
-
- /* XXX probably want to extend interface to allow other hash algorithms */
- hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
-
- for (;;)
- {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb == 0)
- {
- if (ferror(inFile))
- {
- PORT_SetError(SEC_ERROR_IO);
- (* hashObj->destroy)(hashcx, PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- (* hashObj->update)(hashcx, (unsigned char *) ibuf, nb);
- }
-
- (* hashObj->end)(hashcx, (unsigned char *) digestdata, &len, 32);
- (* hashObj->destroy)(hashcx, PR_TRUE);
-
- digest.data = (unsigned char *) digestdata;
- digest.len = len;
-
- cinfo = SEC_PKCS7CreateSignedData
- (cert, certUsageObjectSigner, NULL,
- SEC_OID_SHA1, &digest, NULL, NULL);
-
- if (cinfo == NULL)
- return -1;
-
- rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
- if (rv != SECSuccess)
- {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return -1;
- }
-
- if (no_time == 0)
- {
- rv = SEC_PKCS7AddSigningTime (cinfo);
- if (rv != SECSuccess)
- {
- /* don't check error */
- }
- }
-
- if(password) {
- rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL,
- (SECKEYGetPasswordKey) password_hardcode, NULL);
- } else {
- rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, NULL,
- NULL);
- }
-
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- return -1;
-
- return 0;
-}
-
-/*
- * g e n e r a t e _ S F _ f i l e
- *
- * From the supplied manifest file, calculates
- * digests on the various sections, creating a .SF
- * file in the process.
- *
- */
-static int generate_SF_file (char *manifile, char *who)
-{
- FILE *sf;
- FILE *mf;
-
- long r1, r2, r3;
-
- char whofile [FNSIZE];
- char *buf, *name = NULL;
-
- JAR_Digest dig;
-
- int line = 0;
-
- strcpy (whofile, who);
-
- if ((mf = fopen (manifile, "rb")) == NULL)
- {
- perror (manifile);
- exit (ERRX);
- }
-
- if ((sf = fopen (whofile, "wb")) == NULL)
- {
- perror (who);
- exit (ERRX);
- }
-
- buf = (char *) PORT_ZAlloc (BUFSIZ);
-
- if (buf)
- name = (char *) PORT_ZAlloc (BUFSIZ);
-
- if (buf == NULL || name == NULL)
- out_of_memory();
-
- fprintf (sf, "Signature-Version: 1.0\n");
- fprintf (sf, "Created-By: %s\n", CREATOR);
- fprintf (sf, "Comments: %s\n", BREAKAGE);
-
- if (fgets (buf, BUFSIZ, mf) == NULL)
- {
- PR_fprintf(errorFD, "%s: empty manifest file!\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if (strncmp (buf, "Manifest-Version:", 17))
- {
- PR_fprintf(errorFD, "%s: not a manifest file!\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- fseek (mf, 0L, SEEK_SET);
-
- /* Process blocks of headers, and calculate their hashen */
-
- while (1)
- {
- /* Beginning range */
- r1 = ftell (mf);
-
- if (fgets (name, BUFSIZ, mf) == NULL)
- break;
-
- line++;
-
- if (r1 != 0 && strncmp (name, "Name:", 5))
- {
- PR_fprintf(errorFD, "warning: unexpected input in manifest file \"%s\" at line %d:\n", manifile, line);
- PR_fprintf(errorFD, "%s\n", name);
- warningCount++;
- }
-
- r2 = r1;
- while (fgets (buf, BUFSIZ, mf))
- {
- if (*buf == 0 || *buf == '\n' || *buf == '\r')
- break;
-
- line++;
-
- /* Ending range for hashing */
- r2 = ftell (mf);
- }
-
- r3 = ftell (mf);
-
- if (r1)
- {
- fprintf (sf, "\n");
- fprintf (sf, "%s", name);
- }
-
- calculate_MD5_range (mf, r1, r2, &dig);
-
- if (optimize == 0)
- {
- fprintf (sf, "Digest-Algorithms: MD5 SHA1\n");
- fprintf (sf, "MD5-Digest: %s\n",
- BTOA_DataToAscii (dig.md5, MD5_LENGTH));
- }
-
- fprintf (sf, "SHA1-Digest: %s\n",
- BTOA_DataToAscii (dig.sha1, SHA1_LENGTH));
-
- /* restore normalcy after changing offset position */
- fseek (mf, r3, SEEK_SET);
- }
-
- PORT_Free (buf);
- PORT_Free (name);
-
- fclose (sf);
- fclose (mf);
-
- return 0;
-}
-
-/*
- * c a l c u l a t e _ M D 5 _ r a n g e
- *
- * Calculate the MD5 digest on a range of bytes in
- * the specified fopen'd file. Returns base64.
- *
- */
-static int
-calculate_MD5_range (FILE *fp, long r1, long r2, JAR_Digest *dig)
-{
- int num;
- int range;
- unsigned char *buf;
-
- MD5Context *md5 = 0;
- SHA1Context *sha1 = 0;
-
- unsigned int sha1_length, md5_length;
-
- range = r2 - r1;
-
- /* position to the beginning of range */
- fseek (fp, r1, SEEK_SET);
-
- buf = (unsigned char *) PORT_ZAlloc (range);
- if (buf == NULL)
- out_of_memory();
-
- if ((num = fread (buf, 1, range, fp)) != range)
- {
- PR_fprintf(errorFD, "%s: expected %d bytes, got %d\n", PROGRAM_NAME,
- range, num);
- errorCount++;
- exit (ERRX);
- }
-
- md5 = MD5_NewContext();
- sha1 = SHA1_NewContext();
-
- if (md5 == NULL || sha1 == NULL)
- {
- PR_fprintf(errorFD, "%s: can't generate digest context\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- MD5_Begin (md5);
- SHA1_Begin (sha1);
-
- MD5_Update (md5, buf, range);
- SHA1_Update (sha1, buf, range);
-
- MD5_End (md5, dig->md5, &md5_length, MD5_LENGTH);
- SHA1_End (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
- MD5_DestroyContext (md5, PR_TRUE);
- SHA1_DestroyContext (sha1, PR_TRUE);
-
- PORT_Free (buf);
-
- return 0;
-}
-
-static void SignOut (void *arg, const char *buf, unsigned long len)
-{
- fwrite (buf, len, 1, (FILE *) arg);
-}
diff --git a/security/nss/cmd/signtool/signtool.c b/security/nss/cmd/signtool/signtool.c
deleted file mode 100644
index 4e0236825..000000000
--- a/security/nss/cmd/signtool/signtool.c
+++ /dev/null
@@ -1,1054 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * SIGNTOOL
- *
- * A command line tool to create manifest files
- * from a directory hierarchy. It is assumed that
- * the tree will be equivalent to what resides
- * or will reside in an archive.
- *
- *
- */
-
-#include "signtool.h"
-#include <prmem.h>
-#include <prio.h>
-
-/***********************************************************************
- * Global Variable Definitions
- */
-char *progName; /* argv[0] */
-
-/* password on command line. Use for build testing only */
-char *password = NULL;
-
-/* directories or files to exclude in descent */
-PLHashTable *excludeDirs = NULL;
-static PRBool exclusionsGiven = PR_FALSE;
-
-/* zatharus is the man who knows no time, dies tragic death */
-int no_time = 0;
-
-/* -b basename of .rsa, .sf files */
-char *base = DEFAULT_BASE_NAME;
-
-/* Only sign files with this extension */
-PLHashTable *extensions=NULL;
-PRBool extensionsGiven = PR_FALSE;
-
-char *scriptdir = NULL;
-
-int verbosity = 0;
-
-PRFileDesc *outputFD=NULL, *errorFD=NULL;
-
-int errorCount=0, warningCount=0;
-
-int compression_level=DEFAULT_COMPRESSION_LEVEL;
-PRBool compression_level_specified = PR_FALSE;
-
-/* Command-line arguments */
-static char *genkey = NULL;
-static char *verify = NULL;
-static char *zipfile = NULL;
-static char *cert_dir = NULL;
-static int javascript = 0;
-static char *jartree = NULL;
-static char *keyName = NULL;
-static char *metafile = NULL;
-static char *install_script = NULL;
-static int list_certs = 0;
-static int list_modules = 0;
-static int optimize = 0;
-static int enableOCSP = 0;
-static char *tell_who = NULL;
-static char *outfile = NULL;
-static char *cmdFile = NULL;
-static PRBool noRecurse = PR_FALSE;
-static PRBool leaveArc = PR_FALSE;
-static int keySize = -1;
-static char *token = NULL;
-
-typedef enum {
- UNKNOWN_OPT,
- QUESTION_OPT,
- BASE_OPT,
- COMPRESSION_OPT,
- CERT_DIR_OPT,
- EXTENSION_OPT,
- INSTALL_SCRIPT_OPT,
- SCRIPTDIR_OPT,
- CERTNAME_OPT,
- LIST_OBJSIGN_CERTS_OPT,
- LIST_ALL_CERTS_OPT,
- METAFILE_OPT,
- OPTIMIZE_OPT,
- ENABLE_OCSP_OPT,
- PASSWORD_OPT,
- VERIFY_OPT,
- WHO_OPT,
- EXCLUDE_OPT,
- NO_TIME_OPT,
- JAVASCRIPT_OPT,
- ZIPFILE_OPT,
- GENKEY_OPT,
- MODULES_OPT,
- NORECURSE_OPT,
- SIGNDIR_OPT,
- OUTFILE_OPT,
- COMMAND_FILE_OPT,
- LEAVE_ARC_OPT,
- VERBOSITY_OPT,
- KEYSIZE_OPT,
- TOKEN_OPT
-} OPT_TYPE;
-
-typedef enum {
- DUPLICATE_OPTION_ERR=0,
- OPTION_NEEDS_ARG_ERR
-} Error;
-
-static char *errStrings[] = {
-"warning: %s option specified more than once. Only last specification will be used.\n",
-"ERROR: option \"%s\" requires an argument.\n"
-};
-
-
-static int ProcessOneOpt(OPT_TYPE type, char *arg);
-
-/*********************************************************************
- *
- * P r o c e s s C o m m a n d F i l e
- */
-int
-ProcessCommandFile()
-{
- PRFileDesc *fd;
-#define CMD_FILE_BUFSIZE 1024
- char buf[CMD_FILE_BUFSIZE];
- char *equals;
- int linenum=0;
- int retval=-1;
- OPT_TYPE type;
-
- fd = PR_Open(cmdFile, PR_RDONLY, 0777);
- if(!fd) {
- PR_fprintf(errorFD, "ERROR: Unable to open command file %s.\n");
- errorCount++;
- return -1;
- }
-
- while(pr_fgets(buf, CMD_FILE_BUFSIZE, fd), buf && *buf!='\0') {
- char *eol;
- linenum++;
-
- /* Chop off final newline */
- eol = PL_strchr(buf, '\r');
- if(!eol) {
- eol = PL_strchr(buf, '\n');
- }
- if(eol) *eol = '\0';
-
- equals = PL_strchr(buf, '=');
- if(!equals) {
- continue;
- }
-
- *equals = '\0';
- equals++;
-
- /* Now buf points to the attribute, and equals points to the value. */
-
- /* This is pretty straightforward, just deal with whatever attribute
- * this is */
- if(!PL_strcasecmp(buf, "basename")) {
- type = BASE_OPT;
- } else if(!PL_strcasecmp(buf, "compression")) {
- type = COMPRESSION_OPT;
- } else if(!PL_strcasecmp(buf, "certdir")) {
- type = CERT_DIR_OPT;
- } else if(!PL_strcasecmp(buf, "extension")) {
- type = EXTENSION_OPT;
- } else if(!PL_strcasecmp(buf, "generate")) {
- type = GENKEY_OPT;
- } else if(!PL_strcasecmp(buf, "installScript")) {
- type = INSTALL_SCRIPT_OPT;
- } else if(!PL_strcasecmp(buf, "javascriptdir")) {
- type = SCRIPTDIR_OPT;
- } else if(!PL_strcasecmp(buf, "htmldir")) {
- type = JAVASCRIPT_OPT;
- if(jartree) {
- PR_fprintf(errorFD,
- "warning: directory to be signed specified more than once."
- " Only last specification will be used.\n");
- warningCount++;
- PR_Free(jartree); jartree=NULL;
- }
- jartree = PL_strdup(equals);
- } else if(!PL_strcasecmp(buf, "certname")) {
- type = CERTNAME_OPT;
- } else if(!PL_strcasecmp(buf, "signdir")) {
- type = SIGNDIR_OPT;
- } else if(!PL_strcasecmp(buf, "list")) {
- type = LIST_OBJSIGN_CERTS_OPT;
- } else if(!PL_strcasecmp(buf, "listall")) {
- type = LIST_ALL_CERTS_OPT;
- } else if(!PL_strcasecmp(buf, "metafile")) {
- type = METAFILE_OPT;
- } else if(!PL_strcasecmp(buf, "modules")) {
- type = MODULES_OPT;
- } else if(!PL_strcasecmp(buf, "optimize")) {
- type = OPTIMIZE_OPT;
- } else if(!PL_strcasecmp(buf, "ocsp")) {
- type = ENABLE_OCSP_OPT;
- } else if(!PL_strcasecmp(buf, "password")) {
- type = PASSWORD_OPT;
- } else if(!PL_strcasecmp(buf, "verify")) {
- type = VERIFY_OPT;
- } else if(!PL_strcasecmp(buf, "who")) {
- type = WHO_OPT;
- } else if(!PL_strcasecmp(buf, "exclude")) {
- type = EXCLUDE_OPT;
- } else if(!PL_strcasecmp(buf, "notime")) {
- type = NO_TIME_OPT;
- } else if(!PL_strcasecmp(buf, "jarfile")) {
- type = ZIPFILE_OPT;
- } else if(!PL_strcasecmp(buf, "outfile")) {
- type = OUTFILE_OPT;
- } else if(!PL_strcasecmp(buf, "leavearc")) {
- type = LEAVE_ARC_OPT;
- } else if(!PL_strcasecmp(buf, "verbosity")) {
- type = VERBOSITY_OPT;
- } else if(!PL_strcasecmp(buf, "keysize")) {
- type = KEYSIZE_OPT;
- } else if(!PL_strcasecmp(buf, "token")) {
- type = TOKEN_OPT;
- } else {
- PR_fprintf(errorFD,
- "warning: unknown attribute \"%s\" in command file, line %d.\n",
- buf, linenum);
- warningCount++;
- type = UNKNOWN_OPT;
- }
-
- /* Process the option, whatever it is */
- if(type != UNKNOWN_OPT) {
- if(ProcessOneOpt(type, equals)==-1) {
- goto finish;
- }
- }
- }
-
- retval = 0;
-
-finish:
- PR_Close(fd);
- return retval;
-}
-
-/*********************************************************************
- *
- * p a r s e _ a r g s
- */
-static int
-parse_args(int argc, char *argv[])
-{
- char *opt;
- char *arg;
- int needsInc = 0;
- int i;
- OPT_TYPE type;
-
- /* Loop over all arguments */
- for(i=1; i < argc; i++) {
- opt = argv[i];
- arg = NULL;
-
- if(opt[0] == '-') {
- if(opt[1] == '-') {
- /* word option */
- if(i < argc-1) {
- needsInc = 1;
- arg = argv[i+1];
- } else {
- arg = NULL;
- }
-
- if( !PL_strcasecmp(opt+2, "norecurse")) {
- type = NORECURSE_OPT;
- } else if( !PL_strcasecmp(opt+2, "leavearc")) {
- type = LEAVE_ARC_OPT;
- } else if( !PL_strcasecmp(opt+2, "verbosity")) {
- type = VERBOSITY_OPT;
- } else if( !PL_strcasecmp(opt+2, "outfile")) {
- type = OUTFILE_OPT;
- } else if( !PL_strcasecmp(opt+2, "keysize")) {
- type = KEYSIZE_OPT;
- } else if( !PL_strcasecmp(opt+2, "token")) {
- type = TOKEN_OPT;
- } else {
- PR_fprintf(errorFD, "warning: unknown option: %s\n", opt);
- warningCount++;
- type = UNKNOWN_OPT;
- }
- } else {
- /* char option */
- if(opt[2]!='\0') {
- arg = opt+2;
- } else if(i < argc-1) {
- needsInc = 1;
- arg = argv[i+1];
- } else {
- arg = NULL;
- }
-
- switch(opt[1]) {
- case '?':
- type = QUESTION_OPT;
- break;
- case 'b':
- type = BASE_OPT;
- break;
- case 'c':
- type = COMPRESSION_OPT;
- break;
- case 'd':
- type = CERT_DIR_OPT;
- break;
- case 'e':
- type = EXTENSION_OPT;
- break;
- case 'f':
- type = COMMAND_FILE_OPT;
- break;
- case 'i':
- type = INSTALL_SCRIPT_OPT;
- break;
- case 'j':
- type = SCRIPTDIR_OPT;
- break;
- case 'k':
- type = CERTNAME_OPT;
- break;
- case 'l':
- type = LIST_OBJSIGN_CERTS_OPT;
- break;
- case 'L':
- type = LIST_ALL_CERTS_OPT;
- break;
- case 'm':
- type = METAFILE_OPT;
- break;
- case 'o':
- type = OPTIMIZE_OPT;
- break;
- case 'O':
- type = ENABLE_OCSP_OPT;
- break;
- case 'p':
- type = PASSWORD_OPT;
- break;
- case 'v':
- type = VERIFY_OPT;
- break;
- case 'w':
- type = WHO_OPT;
- break;
- case 'x':
- type = EXCLUDE_OPT;
- break;
- case 'z':
- type = NO_TIME_OPT;
- break;
- case 'J':
- type = JAVASCRIPT_OPT;
- break;
- case 'Z':
- type = ZIPFILE_OPT;
- break;
- case 'G':
- type = GENKEY_OPT;
- break;
- case 'M':
- type = MODULES_OPT;
- break;
- case 's':
- type = KEYSIZE_OPT;
- break;
- case 't':
- type = TOKEN_OPT;
- break;
- default:
- type = UNKNOWN_OPT;
- PR_fprintf(errorFD, "warning: unrecognized option: -%c.\n",
- opt[1]);
- warningCount++;
- break;
- }
- }
- } else {
- type = UNKNOWN_OPT;
- if(i == argc-1) {
- if(jartree) {
- PR_fprintf(errorFD,
- "warning: directory to be signed specified more than once."
- " Only last specification will be used.\n");
- warningCount++;
- PR_Free(jartree); jartree = NULL;
- }
- jartree = PL_strdup(opt);
- } else {
- PR_fprintf(errorFD, "warning: unrecognized option: %s\n", opt);
- warningCount++;
- }
- }
-
- if(type != UNKNOWN_OPT) {
- short ateArg;
-
- ateArg = ProcessOneOpt(type, arg);
- if(ateArg==-1) {
- /* error */
- return -1;
- } else if(ateArg && needsInc) {
- i++;
- }
- }
- }
-
- return 0;
-}
-
-/*********************************************************************
- *
- * P r o c e s s O n e O p t
- *
- * Since options can come from different places (command file, word options,
- * char options), this is a central function that is called to deal with
- * them no matter where they come from.
- *
- * type is the type of option.
- * arg is the argument to the option, possibly NULL.
- * Returns 1 if the argument was eaten, 0 if it wasn't, and -1 for error.
- */
-static int
-ProcessOneOpt(OPT_TYPE type, char *arg)
-{
- int ate=0;
-
- switch(type) {
- case QUESTION_OPT:
- usage();
- break;
- case BASE_OPT:
- if(base) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-b");
- warningCount++;
- PR_Free(base); base=NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-b");
- errorCount++;
- goto loser;
- }
- base = PL_strdup(arg);
- ate = 1;
- break;
- case COMPRESSION_OPT:
- if(compression_level_specified) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-c");
- warningCount++;
- }
- if( !arg ) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-c");
- errorCount++;
- goto loser;
- }
- compression_level = atoi(arg);
- compression_level_specified = PR_TRUE;
- ate = 1;
- break;
- case CERT_DIR_OPT:
- if(cert_dir) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-d");
- warningCount++;
- PR_Free(cert_dir); cert_dir = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-d");
- errorCount++;
- goto loser;
- }
- cert_dir = PL_strdup(arg);
- ate = 1;
- break;
- case EXTENSION_OPT:
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "extension (-e)");
- errorCount++;
- goto loser;
- }
- PL_HashTableAdd(extensions, arg, arg);
- extensionsGiven = PR_TRUE;
- ate = 1;
- break;
- case INSTALL_SCRIPT_OPT:
- if(install_script) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "installScript (-i)");
- warningCount++;
- PR_Free(install_script); install_script = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "installScript (-i)");
- errorCount++;
- goto loser;
- }
- install_script = PL_strdup(arg);
- ate = 1;
- break;
- case SCRIPTDIR_OPT:
- if(scriptdir) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "javascriptdir (-j)");
- warningCount++;
- PR_Free(scriptdir); scriptdir = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "javascriptdir (-j)");
- errorCount++;
- goto loser;
- }
- scriptdir = PL_strdup(arg);
- ate = 1;
- break;
- case CERTNAME_OPT:
- if(keyName) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "keyName (-k)");
- warningCount++;
- PR_Free(keyName); keyName = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "keyName (-k)");
- errorCount++;
- goto loser;
- }
- keyName = PL_strdup(arg);
- ate = 1;
- break;
- case LIST_OBJSIGN_CERTS_OPT:
- case LIST_ALL_CERTS_OPT:
- if(list_certs != 0) {
- PR_fprintf(errorFD,
- "warning: only one of -l and -L may be specified.\n");
- warningCount++;
- }
- list_certs = (type==LIST_OBJSIGN_CERTS_OPT ? 1 : 2);
- break;
- case METAFILE_OPT:
- if(metafile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "metafile (-m)");
- warningCount++;
- PR_Free(metafile); metafile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "metafile (-m)");
- errorCount++;
- goto loser;
- }
- metafile = PL_strdup(arg);
- ate = 1;
- break;
- case OPTIMIZE_OPT:
- optimize = 1;
- break;
- case ENABLE_OCSP_OPT:
- enableOCSP = 1;
- break;
- case PASSWORD_OPT:
- if(password) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "password (-p)");
- warningCount++;
- PR_Free(password); password= NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "password (-p)");
- errorCount++;
- goto loser;
- }
- password = PL_strdup(arg);
- ate = 1;
- break;
- case VERIFY_OPT:
- if(verify) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "verify (-v)");
- warningCount++;
- PR_Free(verify); verify = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "verify (-v)");
- errorCount++;
- goto loser;
- }
- verify = PL_strdup(arg);
- ate = 1;
- break;
- case WHO_OPT:
- if(tell_who) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "who (-v)");
- warningCount++;
- PR_Free(tell_who); tell_who = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "who (-w)");
- errorCount++;
- goto loser;
- }
- tell_who = PL_strdup(arg);
- ate = 1;
- break;
- case EXCLUDE_OPT:
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "exclude (-x)");
- errorCount++;
- goto loser;
- }
- PL_HashTableAdd(excludeDirs, arg, arg);
- exclusionsGiven = PR_TRUE;
- ate = 1;
- break;
- case NO_TIME_OPT:
- no_time = 1;
- break;
- case JAVASCRIPT_OPT:
- javascript++;
- break;
- case ZIPFILE_OPT:
- if(zipfile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "jarfile (-Z)");
- warningCount++;
- PR_Free(zipfile); zipfile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "jarfile (-Z)");
- errorCount++;
- goto loser;
- }
- zipfile = PL_strdup(arg);
- ate = 1;
- break;
- case GENKEY_OPT:
- if(genkey) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "generate (-G)");
- warningCount++;
- PR_Free(zipfile); zipfile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "generate (-G)");
- errorCount++;
- goto loser;
- }
- genkey = PL_strdup(arg);
- ate = 1;
- break;
- case MODULES_OPT:
- list_modules++;
- break;
- case SIGNDIR_OPT:
- if(jartree) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "signdir");
- warningCount++;
- PR_Free(jartree); jartree = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "signdir");
- errorCount++;
- goto loser;
- }
- jartree = PL_strdup(arg);
- ate = 1;
- break;
- case OUTFILE_OPT:
- if(outfile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "outfile");
- warningCount++;
- PR_Free(outfile); outfile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "outfile");
- errorCount++;
- goto loser;
- }
- outfile = PL_strdup(arg);
- ate = 1;
- break;
- case COMMAND_FILE_OPT:
- if(cmdFile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-f");
- warningCount++;
- PR_Free(cmdFile); cmdFile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-f");
- errorCount++;
- goto loser;
- }
- cmdFile = PL_strdup(arg);
- ate = 1;
- break;
- case NORECURSE_OPT:
- noRecurse = PR_TRUE;
- break;
- case LEAVE_ARC_OPT:
- leaveArc = PR_TRUE;
- break;
- case VERBOSITY_OPT:
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "--verbosity");
- errorCount++;
- goto loser;
- }
- verbosity = atoi(arg);
- ate = 1;
- break;
- case KEYSIZE_OPT:
- if( keySize != -1 ) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-s");
- warningCount++;
- }
- keySize = atoi(arg);
- ate = 1;
- if( keySize < 1 || keySize > MAX_RSA_KEY_SIZE ) {
- PR_fprintf(errorFD, "Invalid key size: %d.\n", keySize);
- errorCount++;
- goto loser;
- }
- break;
- case TOKEN_OPT:
- if( token ) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-t");
- PR_Free(token); token = NULL;
- }
- if( ! arg ) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-t");
- errorCount++;
- goto loser;
- }
- token = PL_strdup(arg);
- ate = 1;
- break;
- default:
- PR_fprintf(errorFD, "warning: unknown option\n");
- warningCount++;
- break;
- }
-
- return ate;
-loser:
- return -1;
-}
-
-
-/*********************************************************************
- *
- * m a i n
- */
-int
-main(int argc, char *argv[])
-{
- PRBool readOnly;
- int retval=0;
-
- outputFD = PR_STDOUT;
- errorFD = PR_STDERR;
-
- progName = argv[0];
-
- if (argc < 2)
- {
- usage();
- }
-
- excludeDirs = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
- PL_CompareStrings, NULL, NULL);
- extensions = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
- PL_CompareStrings, NULL, NULL);
-
- if(parse_args(argc, argv)) {
- retval = -1;
- goto cleanup;
- }
-
- /* Parse the command file if one was given */
- if(cmdFile) {
- if(ProcessCommandFile()) {
- retval = -1;
- goto cleanup;
- }
- }
-
- /* Set up output redirection */
- if(outfile) {
- if(PR_Access(outfile, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- /* delete the file if it is already present */
- PR_fprintf(errorFD,
- "warning: %s already exists and will be overwritten.\n",
- outfile);
- warningCount++;
- if(PR_Delete(outfile) != PR_SUCCESS) {
- PR_fprintf(errorFD, "ERROR: unable to delete %s.\n", outfile);
- errorCount++;
- exit(ERRX);
- }
- }
- outputFD = PR_Open(outfile,
- PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
- if(!outputFD) {
- PR_fprintf(errorFD, "ERROR: Unable to create %s.\n", outfile);
- errorCount++;
- exit(ERRX);
- }
- errorFD = outputFD;
- }
-
- /* This seems to be a fairly common user error */
-
- if (verify && list_certs > 0)
- {
- PR_fprintf (errorFD, "%s: Can't use -l and -v at the same time\n",
- PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- /* -J assumes -Z now */
-
- if (javascript && zipfile)
- {
- PR_fprintf (errorFD, "%s: Can't use -J and -Z at the same time\n",
- PROGRAM_NAME);
- PR_fprintf (errorFD, "%s: -J option will create the jar files for you\n",
- PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- /* Less common mixing of -L with various options */
-
- if (list_certs > 0 &&
- (tell_who || zipfile || javascript ||
- scriptdir || extensionsGiven || exclusionsGiven || install_script)) {
- PR_fprintf(errorFD, "%s: Can't use -l or -L with that option\n",
- PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
-
- if (!cert_dir)
- cert_dir = get_default_cert_dir();
-
- VerifyCertDir(cert_dir, keyName);
-
-
- if( compression_level < MIN_COMPRESSION_LEVEL ||
- compression_level > MAX_COMPRESSION_LEVEL) {
- PR_fprintf(errorFD, "Compression level must be between %d and %d.\n",
- MIN_COMPRESSION_LEVEL, MAX_COMPRESSION_LEVEL);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- if(jartree && !keyName) {
- PR_fprintf(errorFD, "You must specify a key with which to sign.\n");
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- readOnly = (genkey == NULL); /* only key generation requires write */
- if(InitCrypto(cert_dir, readOnly)) {
- PR_fprintf(errorFD, "ERROR: Cryptographic initialization failed.\n");
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- if (enableOCSP) {
- SECStatus rv = CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
- if (rv != SECSuccess) {
- PR_fprintf(errorFD, "ERROR: Attempt to enable OCSP Checking failed.\n");
- errorCount++;
- retval = -1;
- }
- }
-
- if (verify)
- {
- if (VerifyJar(verify))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (list_certs)
- {
- if (ListCerts(keyName, list_certs))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (list_modules)
- {
- JarListModules();
- }
- else if (genkey)
- {
- if (GenerateCert(genkey, keySize, token))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (tell_who)
- {
- if (JarWho(tell_who))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (javascript && jartree)
- {
- /* make sure directory exists */
- PRDir *dir;
- dir = PR_OpenDir(jartree);
- if(!dir) {
- PR_fprintf(errorFD, "ERROR: unable to open directory %s.\n", jartree);
- errorCount++;
- retval = -1;
- goto cleanup;
- } else {
- PR_CloseDir(dir);
- }
-
- /* undo junk from prior runs of signtool*/
- if(RemoveAllArc(jartree)) {
- PR_fprintf(errorFD, "Error removing archive directories under %s\n", jartree);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- /* traverse all the htm|html files in the directory */
- if(InlineJavaScript(jartree, !noRecurse)) {
- retval = -1;
- goto cleanup;
- }
-
- /* sign any resultant .arc directories created in above step */
- if(SignAllArc(jartree, keyName, javascript, metafile, install_script,
- optimize, !noRecurse)) {
- retval = -1;
- goto cleanup;
- }
-
- if(!leaveArc) {
- RemoveAllArc(jartree);
- }
-
- if(errorCount>0 || warningCount>0) {
- PR_fprintf(outputFD, "%d error%s, %d warning%s.\n", errorCount,
- errorCount==1?"":"s", warningCount, warningCount==1?"":"s");
- } else {
- PR_fprintf(outputFD, "Directory %s signed successfully.\n", jartree);
- }
- } else if (jartree)
- {
- SignArchive(jartree, keyName, zipfile, javascript, metafile,
- install_script, optimize, !noRecurse);
- }
- else
- usage();
-
-cleanup:
- if(extensions) {
- PL_HashTableDestroy(extensions); extensions = NULL;
- }
- if(excludeDirs) {
- PL_HashTableDestroy(excludeDirs); excludeDirs = NULL;
- }
- if(outputFD != PR_STDOUT) {
- PR_Close(outputFD);
- }
- rm_dash_r(TMP_OUTPUT);
- if (retval == 0) {
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- }
- return retval;
-}
-
diff --git a/security/nss/cmd/signtool/signtool.h b/security/nss/cmd/signtool/signtool.h
deleted file mode 100644
index 5c6ad0284..000000000
--- a/security/nss/cmd/signtool/signtool.h
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SIGNTOOL_H
-#define SIGNTOOL_H
-
-#define DJN_TEST
-
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-
-#include "prprf.h"
-#include "prio.h"
-#include "secutil.h"
-#include "ocsp.h"
-#include "jar.h"
-#include "jarfile.h"
-#include "secpkcs7.h"
-#include "pk11func.h"
-#include "secmod.h"
-#include "plhash.h"
-
-#ifdef _UNIX
-#include <unistd.h>
-#endif
-
-/**********************************************************************
- * General Defines
- */
-#define JAR_BASE_END JAR_BASE + 100
-#define ERRX (-1) /* the exit code used on failure */
-#define FNSIZE 256 /* the maximum length for filenames */
-#define MAX_RSA_KEY_SIZE 4096
-#define DEFAULT_RSA_KEY_SIZE 1024
-#define MANIFEST "manifest.mf"
-#define DEFAULT_X509_BASENAME "x509"
-#define DEFAULT_COMMON_NAME "Signtool 1.3 Testing Certificate"
-#define CREATOR "Signtool (signtool 1.3)"
-#define BREAKAGE "PLEASE DO NOT EDIT THIS FILE. YOU WILL BREAK IT."
-#define MIN_COMPRESSION_LEVEL (-1)
-#define MAX_COMPRESSION_LEVEL 9
-#define DEFAULT_COMPRESSION_LEVEL (-1) /* zlib understands this to be default*/
-#define STDIN_BUF_SIZE 160
-#define PROGRAM_NAME "signtool"
-#define LONG_PROGRAM_NAME "Signing Tool"
-#define DEFAULT_BASE_NAME "zigbert"
-#define VERSION "1.3"
-#define TMP_OUTPUT "signtool.tmp"
-
-
-/***************************************************************
- * Main Task Functions
- */
-int GenerateCert(char *nickname, int keysize, char *token);
-int ListCerts(char *key, int list_certs);
-int VerifyJar(char *filename);
-int SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
- char *meta_file, char *install_script, int _optimize, PRBool recurse);
-int SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
- char *install_script, int optimize, PRBool recurse);
-int InlineJavaScript(char *dir, PRBool recurse);
-int JarWho(char *filename);
-void JarListModules(void);
-
-/**************************************************************
- * Utility Functions
- */
-CERTCertDBHandle *OpenCertDB (PRBool readOnly);
-
-int RemoveAllArc(char *tree);
-void VerifyCertDir(char *dir, char *keyName);
-int InitCrypto(char *cert_dir, PRBool readOnly);
-int foreach (char *dirname, char *prefix,
- int (*fn)(char *filename, char *dirname, char *basedir,char *base,void*arg),
- PRBool recurse, PRBool includeDirs, void *arg);
-void print_error (int i);
-void give_help (int status);
-const char* secErrorString(long code);
-void displayVerifyLog(CERTVerifyLog *log);
-void usage (void);
-char* chop(char*);
-void out_of_memory(void);
-void FatalError(char *msg);
-char* get_default_cert_dir(void);
-SECItem *password_hardcode(void *arg, void *handle);
-char* pk11_password_hardcode(PK11SlotInfo *slot, PRBool retry, void *arg);
-int rm_dash_r(char *path);
-char* pr_fgets(char *buf, int size, PRFileDesc *file);
-
-
-/*****************************************************************
- * Global Variables (*gag*)
- */
-extern char *password; /* the password passed in on the command line */
-extern PLHashTable *excludeDirs; /* directory entry to skip while recursing */
-extern int no_time;
-extern char *base; /* basename of ".rsa" and ".sf" files */
-extern long *mozilla_event_queue;
-extern char *progName; /* argv[0] */
-extern PLHashTable *extensions;/* only sign files with this extension */
-extern PRBool extensionsGiven;
-extern char *scriptdir;
-extern int compression_level;
-extern PRFileDesc *outputFD, *errorFD;
-extern int verbosity;
-extern int errorCount;
-extern int warningCount;
-
-#endif /* SIGNTOOL_H */
diff --git a/security/nss/cmd/signtool/util.c b/security/nss/cmd/signtool/util.c
deleted file mode 100644
index c1b401e33..000000000
--- a/security/nss/cmd/signtool/util.c
+++ /dev/null
@@ -1,990 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "prio.h"
-#include "prmem.h"
-#include "nss.h"
-
-static int is_dir (char *filename);
-
-/***********************************************************
- * Nasty hackish function definitions
- */
-
-long *mozilla_event_queue = 0;
-
-#ifndef XP_WIN
-char *XP_GetString (int i)
-{
- return SECU_ErrorStringRaw ((int16) i);
-}
-#endif
-
-void FE_SetPasswordEnabled()
-{
-}
-
-void /*MWContext*/ *FE_GetInitContext (void)
-{
- return 0;
-}
-
-void /*MWContext*/ *XP_FindSomeContext()
-{
- /* No windows context in command tools */
- return NULL;
-}
-
-void ET_moz_CallFunction()
-{
-}
-
-
-/*
- * R e m o v e A l l A r c
- *
- * Remove .arc directories that are lingering
- * from a previous run of signtool.
- *
- */
-int
-RemoveAllArc(char *tree)
-{
- PRDir *dir;
- PRDirEntry *entry;
- char *archive=NULL;
- int retval = 0;
-
- dir = PR_OpenDir (tree);
- if (!dir) return -1;
-
- for (entry = PR_ReadDir (dir,0); entry; entry = PR_ReadDir (dir,0)) {
-
- if(entry->name[0] == '.') {
- continue;
- }
-
- if(archive) PR_Free(archive);
- archive = PR_smprintf("%s/%s", tree, entry->name);
-
- if (PL_strcaserstr (entry->name, ".arc")
- == (entry->name + strlen(entry->name) - 4) ) {
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "removing: %s\n", archive);
- }
-
- if(rm_dash_r(archive)) {
- PR_fprintf(errorFD, "Error removing %s\n", archive);
- errorCount++;
- retval = -1;
- goto finish;
- }
- } else if(is_dir(archive)) {
- if(RemoveAllArc(archive)) {
- retval = -1;
- goto finish;
- }
- }
- }
-
-finish:
- PR_CloseDir (dir);
- if(archive) PR_Free(archive);
-
- return retval;
-}
-
-/*
- * r m _ d a s h _ r
- *
- * Remove a file, or a directory recursively.
- *
- */
-int rm_dash_r (char *path)
-{
- PRDir *dir;
- PRDirEntry *entry;
- PRFileInfo fileinfo;
- char filename[FNSIZE];
-
- if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
- /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
- return -1;
- }
- if(fileinfo.type == PR_FILE_DIRECTORY) {
-
- dir = PR_OpenDir(path);
- if(!dir) {
- PR_fprintf(errorFD, "Error: Unable to open directory %s.\n", path);
- errorCount++;
- return -1;
- }
-
- /* Recursively delete all entries in the directory */
- while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
- sprintf(filename, "%s/%s", path, entry->name);
- if(rm_dash_r(filename)) return -1;
- }
-
- if(PR_CloseDir(dir) != PR_SUCCESS) {
- PR_fprintf(errorFD, "Error: Could not close %s.\n", path);
- errorCount++;
- return -1;
- }
-
- /* Delete the directory itself */
- if(PR_RmDir(path) != PR_SUCCESS) {
- PR_fprintf(errorFD, "Error: Unable to delete %s\n", path);
- errorCount++;
- return -1;
- }
- } else {
- if(PR_Delete(path) != PR_SUCCESS) {
- PR_fprintf(errorFD, "Error: Unable to delete %s\n", path);
- errorCount++;
- return -1;
- }
- }
- return 0;
-}
-
-/*
- * u s a g e
- *
- * Print some useful help information
- *
- */
-void
-usage (void)
-{
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s %s - a signing tool for jar files\n", LONG_PROGRAM_NAME, VERSION);
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "Usage: %s [options] directory-tree \n\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " -b\"basename\"\t\tbasename of .sf, .rsa files for signing\n");
- PR_fprintf(outputFD, " -c#\t\t\t\tCompression level, 0-9, 0=none\n");
- PR_fprintf(outputFD, " -d\"certificate directory\"\tcontains cert*.db and key*.db\n");
- PR_fprintf(outputFD, " -e\".ext\"\t\t\tsign only files with this extension\n");
- PR_fprintf(outputFD, " -f\"filename\"\t\t\tread commands from file\n");
- PR_fprintf(outputFD, " -G\"nickname\"\t\tcreate object-signing cert with this nickname\n");
- PR_fprintf(outputFD, " -i\"installer script\"\tassign installer javascript\n");
- PR_fprintf(outputFD, " -j\"javascript directory\"\tsign javascript files in this subtree\n");
- PR_fprintf(outputFD, " -J\t\t\t\tdirectory contains HTML files. Javascript will\n"
- "\t\t\t\tbe extracted and signed.\n");
- PR_fprintf(outputFD, " -k\"cert nickname\"\t\tsign with this certificate\n");
- PR_fprintf(outputFD, " --leavearc\t\t\tdo not delete .arc directories created\n"
- "\t\t\t\tby -J option\n");
- PR_fprintf(outputFD, " -m\"metafile\"\t\tinclude custom meta-information\n");
- PR_fprintf(outputFD, " --norecurse\t\t\tdo not operate on subdirectories\n");
- PR_fprintf(outputFD, " -o\t\t\t\toptimize - omit optional headers\n");
- PR_fprintf(outputFD, " -O\t\t\t\tenableOCSP - enable OCSP checking\n");
- PR_fprintf(outputFD, " --outfile \"filename\"\tredirect output to file\n");
- PR_fprintf(outputFD, " -p\"password\"\t\tfor password on command line (insecure)\n");
- PR_fprintf(outputFD, " -s keysize\t\t\tkeysize in bits of generated cert\n");
- PR_fprintf(outputFD, " -t token\t\t\tname of token on which to generate cert\n");
- PR_fprintf(outputFD, " --verbosity #\t\tSet amount of debugging information to generate.\n"
- "\t\t\t\tLower number means less output, 0 is default.\n");
- PR_fprintf(outputFD, " -x\"name\"\t\t\tdirectory or filename to exclude\n");
- PR_fprintf(outputFD, " -z\t\t\t\tomit signing time from signature\n");
- PR_fprintf(outputFD, " -Z\"jarfile\"\t\t\tcreate JAR file with the given name.\n"
- "\t\t\t\t(Default compression level is 6.)\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -l\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " lists the signing certificates in your database\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -L\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " lists all certificates in your database, marks object-signing certificates\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -M\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " lists the PKCS #11 modules available to %s\n", PROGRAM_NAME);
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -v file.jar\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " show the contents of the specified jar file\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -w file.jar\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " if valid, tries to tell you who signed the jar file\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "For more details, visit\n");
- PR_fprintf(outputFD,
-" http://developer.netscape.com/library/documentation/signedobj/signtool/\n");
-
- exit (ERRX);
-}
-
-/*
- * p r i n t _ e r r o r
- *
- * For the undocumented -E function. If an older version
- * of communicator gives you a numeric error, we can see what
- * really happened without doing hex math.
- *
- */
-
-void
-print_error (int err)
-{
- PR_fprintf(errorFD, "Error %d: %s\n", err, JAR_get_error (err));
- errorCount++;
- give_help (err);
-}
-
-/*
- * o u t _ o f _ m e m o r y
- *
- * Out of memory, exit Signtool.
- *
- */
-void
-out_of_memory (void)
-{
- PR_fprintf(errorFD, "%s: out of memory\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
-}
-
-/*
- * V e r i f y C e r t D i r
- *
- * Validate that the specified directory
- * contains a certificate database
- *
- */
-void
-VerifyCertDir(char *dir, char *keyName)
-{
- char fn [FNSIZE];
-
- /* don't try verifying if we don't have a local directory */
- if (strncmp(dir,"multiaccess:",sizeof("multiaccess:")-1) == 0) {
- return;
- }
-
- /* This code is really broken because it makes underlying assumptions about
- * how the NSS profile directory is laid out, but these names can change
- * from release to release. */
- sprintf (fn, "%s/cert8.db", dir);
-
- if (PR_Access (fn, PR_ACCESS_EXISTS))
- {
- PR_fprintf(errorFD, "%s: No certificate database in \"%s\"\n", PROGRAM_NAME,
- dir);
- PR_fprintf(errorFD, "%s: Check the -d arguments that you gave\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "using certificate directory: %s\n", dir);
- }
-
- if (keyName == NULL)
- return;
-
- /* if the user gave the -k key argument, verify that
- a key database already exists */
-
- sprintf (fn, "%s/key3.db", dir);
-
- if (PR_Access (fn, PR_ACCESS_EXISTS))
- {
- PR_fprintf(errorFD, "%s: No private key database in \"%s\"\n", PROGRAM_NAME,
- dir);
- PR_fprintf(errorFD, "%s: Check the -d arguments that you gave\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-}
-
-/*
- * f o r e a c h
- *
- * A recursive function to loop through all names in
- * the specified directory, as well as all subdirectories.
- *
- * FIX: Need to see if all platforms allow multiple
- * opendir's to be called.
- *
- */
-
-int
-foreach(char *dirname, char *prefix,
- int (*fn)(char *relpath, char *basedir, char *reldir, char *filename,
- void* arg),
- PRBool recurse, PRBool includeDirs, void *arg) {
- char newdir [FNSIZE];
- int retval = 0;
-
- PRDir *dir;
- PRDirEntry *entry;
-
- strcpy (newdir, dirname);
- if (*prefix) {
- strcat (newdir, "/");
- strcat (newdir, prefix);
- }
-
- dir = PR_OpenDir (newdir);
- if (!dir) return -1;
-
- for (entry = PR_ReadDir (dir,0); entry; entry = PR_ReadDir (dir,0)) {
- if ( strcmp(entry->name, ".")==0 ||
- strcmp(entry->name, "..")==0 )
- {
- /* no infinite recursion, please */
- continue;
- }
-
- /* can't sign self */
- if (!strcmp (entry->name, "META-INF"))
- continue;
-
- /* -x option */
- if (PL_HashTableLookup(excludeDirs, entry->name))
- continue;
-
- strcpy (newdir, dirname);
- if (*dirname)
- strcat (newdir, "/");
-
- if (*prefix) {
- strcat (newdir, prefix);
- strcat (newdir, "/");
- }
- strcat (newdir, entry->name);
-
- if(!is_dir(newdir) || includeDirs) {
- char newpath [FNSIZE];
-
- strcpy (newpath, prefix);
- if (*newpath)
- strcat (newpath, "/");
- strcat (newpath, entry->name);
-
- if( (*fn) (newpath, dirname, prefix, (char *) entry->name, arg)) {
- retval = -1;
- break;
- }
- }
-
- if (is_dir (newdir)) {
- if(recurse) {
- char newprefix [FNSIZE];
-
- strcpy (newprefix, prefix);
- if (*newprefix) {
- strcat (newprefix, "/");
- }
- strcat (newprefix, entry->name);
-
- if(foreach (dirname, newprefix, fn, recurse, includeDirs,arg)) {
- retval = -1;
- break;
- }
- }
- }
-
- }
-
- PR_CloseDir (dir);
-
- return retval;
-}
-
-/*
- * i s _ d i r
- *
- * Return 1 if file is a directory.
- * Wonder if this runs on a mac, trust not.
- *
- */
-static int is_dir (char *filename)
-{
- PRFileInfo finfo;
-
- if( PR_GetFileInfo(filename, &finfo) != PR_SUCCESS ) {
- printf("Unable to get information about %s\n", filename);
- return 0;
- }
-
- return ( finfo.type == PR_FILE_DIRECTORY );
-}
-
-/*
- * p a s s w o r d _ h a r d c o d e
- *
- * A function to use the password passed in the -p(password) argument
- * of the command line. This is only to be used for build & testing purposes,
- * as it's extraordinarily insecure.
- *
- * After use once, null it out otherwise PKCS11 calls us forever.
- *
- */
-SECItem *
-password_hardcode(void *arg, void *handle)
-{
- SECItem *pw = NULL;
- if (password) {
- pw = SECITEM_AllocItem(NULL, NULL, PL_strlen(password));
- pw->data = (unsigned char *)PL_strdup(password);
- password = NULL;
- }
- return pw;
-}
-
-char *
-pk11_password_hardcode(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *pw;
- if (retry) {
- return NULL; /* the password is incorrect, fail */
- }
- pw = password ? PORT_Strdup (password) : NULL;
- /* XXX don't do this, or FIPS won't work */
- /*password = NULL;*/
- return pw;
-}
-
-/************************************************************************
- *
- * c e r t D B N a m e C a l l b a c k
- */
-static char *
-certDBNameCallback(void *arg, int dbVersion)
-{
- char *fnarg;
- char *dir;
- char *filename;
-
- dir = SECU_ConfigDirectory (NULL);
-
- switch ( dbVersion ) {
- case 7:
- fnarg = "7";
- break;
- case 6:
- fnarg = "6";
- break;
- case 5:
- fnarg = "5";
- break;
- case 4:
- default:
- fnarg = "";
- break;
- }
- filename = PR_smprintf("%s/cert%s.db", dir, fnarg);
- return(filename);
-}
-
-/***************************************************************
- *
- * s e c E r r o r S t r i n g
- *
- * Returns an error string corresponding to the given error code.
- * Doesn't cover all errors; returns a default for many.
- * Returned string is only valid until the next call of this function.
- */
-const char*
-secErrorString(long code)
-{
- static char errstring[80]; /* dynamically constructed error string */
- char *c; /* the returned string */
-
- switch(code) {
- case SEC_ERROR_IO: c = "io error";
- break;
- case SEC_ERROR_LIBRARY_FAILURE: c = "security library failure";
- break;
- case SEC_ERROR_BAD_DATA: c = "bad data";
- break;
- case SEC_ERROR_OUTPUT_LEN: c = "output length";
- break;
- case SEC_ERROR_INPUT_LEN: c = "input length";
- break;
- case SEC_ERROR_INVALID_ARGS: c = "invalid args";
- break;
- case SEC_ERROR_EXPIRED_CERTIFICATE: c = "expired certificate";
- break;
- case SEC_ERROR_REVOKED_CERTIFICATE: c = "revoked certificate";
- break;
- case SEC_ERROR_INADEQUATE_KEY_USAGE: c = "inadequate key usage";
- break;
- case SEC_ERROR_INADEQUATE_CERT_TYPE: c = "inadequate certificate type";
- break;
- case SEC_ERROR_UNTRUSTED_CERT: c = "untrusted cert";
- break;
- case SEC_ERROR_NO_KRL: c = "no key revocation list";
- break;
- case SEC_ERROR_KRL_BAD_SIGNATURE: c = "key revocation list: bad signature";
- break;
- case SEC_ERROR_KRL_EXPIRED: c = "key revocation list expired";
- break;
- case SEC_ERROR_REVOKED_KEY: c = "revoked key";
- break;
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- c = "certificate revocation list: bad signature";
- break;
- case SEC_ERROR_CRL_EXPIRED: c = "certificate revocation list expired";
- break;
- case SEC_ERROR_CRL_NOT_YET_VALID:
- c = "certificate revocation list not yet valid";
- break;
- case SEC_ERROR_UNKNOWN_ISSUER: c = "unknown issuer";
- break;
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: c = "expired issuer certificate";
- break;
- case SEC_ERROR_BAD_SIGNATURE: c = "bad signature";
- break;
- case SEC_ERROR_BAD_KEY: c = "bad key";
- break;
- case SEC_ERROR_NOT_FORTEZZA_ISSUER: c = "not fortezza issuer";
- break;
- case SEC_ERROR_CA_CERT_INVALID:
- c = "Certificate Authority certificate invalid";
- break;
- case SEC_ERROR_EXTENSION_NOT_FOUND: c = "extension not found";
- break;
- case SEC_ERROR_CERT_NOT_IN_NAME_SPACE: c = "certificate not in name space";
- break;
- case SEC_ERROR_UNTRUSTED_ISSUER: c = "untrusted issuer";
- break;
- default:
- sprintf(errstring, "security error %ld", code);
- c = errstring;
- break;
- }
-
- return c;
-}
-
-/***************************************************************
- *
- * d i s p l a y V e r i f y L o g
- *
- * Prints the log of a cert verification.
- */
-void
-displayVerifyLog(CERTVerifyLog *log)
-{
- CERTVerifyLogNode *node;
- CERTCertificate *cert;
- char *name;
-
- if( !log || (log->count <= 0) ) {
- return;
- }
-
- for(node = log->head; node != NULL; node = node->next) {
-
- if( !(cert = node->cert) ) {
- continue;
- }
-
- /* Get a name for this cert */
- if(cert->nickname != NULL) {
- name = cert->nickname;
- } else if(cert->emailAddr != NULL) {
- name = cert->emailAddr;
- } else {
- name = cert->subjectName;
- }
-
- printf( "%s%s:\n",
- name,
- (node->depth > 0) ? " [Certificate Authority]" : ""
- );
-
- printf("\t%s\n", secErrorString(node->error));
-
- }
-}
-/*
- * J a r L i s t M o d u l e s
- *
- * Print a list of the PKCS11 modules that are
- * available. This is useful for smartcard people to
- * make sure they have the drivers loaded.
- *
- */
-void
-JarListModules(void)
-{
- int i;
- int count = 0;
-
- SECMODModuleList *modules = NULL;
- static SECMODListLock *moduleLock = NULL;
-
- SECMODModuleList *mlp;
-
- modules = SECMOD_GetDefaultModuleList();
-
- if (modules == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't get module list\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if ((moduleLock = SECMOD_NewListLock()) == NULL)
- {
- /* this is the wrong text */
- PR_fprintf(errorFD, "%s: unable to acquire lock on module list\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- SECMOD_GetReadLock (moduleLock);
-
- PR_fprintf(outputFD, "\nListing of PKCS11 modules\n");
- PR_fprintf(outputFD, "-----------------------------------------------\n");
-
- for (mlp = modules; mlp != NULL; mlp = mlp->next)
- {
- count++;
- PR_fprintf(outputFD, "%3d. %s\n", count, mlp->module->commonName);
-
- if (mlp->module->internal)
- PR_fprintf(outputFD, " (this module is internally loaded)\n");
- else
- PR_fprintf(outputFD, " (this is an external module)\n");
-
- if (mlp->module->dllName)
- PR_fprintf(outputFD, " DLL name: %s\n", mlp->module->dllName);
-
- if (mlp->module->slotCount == 0)
- PR_fprintf(outputFD, " slots: There are no slots attached to this module\n");
- else
- PR_fprintf(outputFD, " slots: %d slots attached\n", mlp->module->slotCount);
-
- if (mlp->module->loaded == 0)
- PR_fprintf(outputFD, " status: Not loaded\n");
- else
- PR_fprintf(outputFD, " status: loaded\n");
-
- for (i = 0; i < mlp->module->slotCount; i++)
- {
- PK11SlotInfo *slot = mlp->module->slots[i];
-
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, " slot: %s\n", PK11_GetSlotName(slot));
- PR_fprintf(outputFD, " token: %s\n", PK11_GetTokenName(slot));
- }
- }
-
- PR_fprintf(outputFD, "-----------------------------------------------\n");
-
- if (count == 0)
- PR_fprintf(outputFD,
- "Warning: no modules were found (should have at least one)\n");
-
- SECMOD_ReleaseReadLock (moduleLock);
-}
-
-/**********************************************************************
- * c h o p
- *
- * Eliminates leading and trailing whitespace. Returns a pointer to the
- * beginning of non-whitespace, or an empty string if it's all whitespace.
- */
-char*
-chop(char *str)
-{
- char *start, *end;
-
- if(str) {
- start = str;
-
- /* Nip leading whitespace */
- while(isspace(*start)) {
- start++;
- }
-
- /* Nip trailing whitespace */
- if(*start) {
- end = start + strlen(start) - 1;
- while(isspace(*end) && end > start) {
- end--;
- }
- *(end+1) = '\0';
- }
-
- return start;
- } else {
- return NULL;
- }
-}
-
-/***********************************************************************
- *
- * F a t a l E r r o r
- *
- * Outputs an error message and bails out of the program.
- */
-void
-FatalError(char *msg)
-{
- if(!msg) msg = "";
-
- PR_fprintf(errorFD, "FATAL ERROR: %s\n", msg);
- errorCount++;
- exit(ERRX);
-}
-
-/*************************************************************************
- *
- * I n i t C r y p t o
- */
-int
-InitCrypto(char *cert_dir, PRBool readOnly)
-{
- SECStatus rv;
- static int prior = 0;
- PK11SlotInfo *slotinfo;
-
- CERTCertDBHandle *db;
-
- if (prior == 0) {
- /* some functions such as OpenKeyDB expect this path to be
- * implicitly set prior to calling */
- if (readOnly) {
- rv = NSS_Init(cert_dir);
- } else {
- rv = NSS_InitReadWrite(cert_dir);
- }
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(PROGRAM_NAME);
- exit(-1);
- }
-
- SECU_ConfigDirectory (cert_dir);
-
- /* Been there done that */
- prior++;
-
- if(password) {
- PK11_SetPasswordFunc(pk11_password_hardcode);
- }
-
- /* Must login to FIPS before you do anything else */
- if(PK11_IsFIPS()) {
- slotinfo = PK11_GetInternalSlot();
- if(!slotinfo) {
- fprintf(stderr, "%s: Unable to get PKCS #11 Internal Slot."
- "\n", PROGRAM_NAME);
- return -1;
- }
- if(PK11_Authenticate(slotinfo, PR_FALSE /*loadCerts*/,
- NULL /*wincx*/) != SECSuccess) {
- fprintf(stderr, "%s: Unable to authenticate to %s.\n",
- PROGRAM_NAME, PK11_GetSlotName(slotinfo));
- PK11_FreeSlot(slotinfo);
- return -1;
- }
- PK11_FreeSlot(slotinfo);
- }
-
- /* Make sure there is a password set on the internal key slot */
- slotinfo = PK11_GetInternalKeySlot();
- if(!slotinfo) {
- fprintf(stderr, "%s: Unable to get PKCS #11 Internal Key Slot."
- "\n", PROGRAM_NAME);
- return -1;
- }
- if(PK11_NeedUserInit(slotinfo)) {
- PR_fprintf(errorFD,
-"\nWARNING: No password set on internal key database. Most operations will fail."
-"\nYou must use Communicator to create a password.\n");
- warningCount++;
- }
-
- /* Make sure we can authenticate to the key slot in FIPS mode */
- if(PK11_IsFIPS()) {
- if(PK11_Authenticate(slotinfo, PR_FALSE /*loadCerts*/,
- NULL /*wincx*/) != SECSuccess) {
- fprintf(stderr, "%s: Unable to authenticate to %s.\n",
- PROGRAM_NAME, PK11_GetSlotName(slotinfo));
- PK11_FreeSlot(slotinfo);
- return -1;
- }
- }
- PK11_FreeSlot(slotinfo);
- }
-
- return 0;
-}
-
-/* Windows foolishness is now in the secutil lib */
-
-/*****************************************************************
- * g e t _ d e f a u l t _ c e r t _ d i r
- *
- * Attempt to locate a certificate directory.
- * Failing that, complain that the user needs to
- * use the -d(irectory) parameter.
- *
- */
-char *get_default_cert_dir (void)
-{
- char *home;
-
- char *cd = NULL;
- static char db [FNSIZE];
-
-#ifdef XP_UNIX
- home = getenv ("HOME");
-
- if (home && *home)
- {
- sprintf (db, "%s/.netscape", home);
- cd = db;
- }
-#endif
-
-#ifdef XP_PC
- FILE *fp;
-
- /* first check the environment override */
-
- home = getenv ("JAR_HOME");
-
- if (home && *home)
- {
- sprintf (db, "%s/cert7.db", home);
-
- if ((fp = fopen (db, "r")) != NULL)
- {
- fclose (fp);
- cd = home;
- }
- }
-
- /* try the old navigator directory */
-
- if (cd == NULL)
- {
- home = "c:/Program Files/Netscape/Navigator";
-
- sprintf (db, "%s/cert7.db", home);
-
- if ((fp = fopen (db, "r")) != NULL)
- {
- fclose (fp);
- cd = home;
- }
- }
-
- /* Try the current directory, I wonder if this
- is really a good idea. Remember, Windows only.. */
-
- if (cd == NULL)
- {
- home = ".";
-
- sprintf (db, "%s/cert7.db", home);
-
- if ((fp = fopen (db, "r")) != NULL)
- {
- fclose (fp);
- cd = home;
- }
- }
-
-#endif
-
- if (!cd)
- {
- PR_fprintf(errorFD,
- "You must specify the location of your certificate directory\n");
- PR_fprintf(errorFD,
- "with the -d option. Example: -d ~/.netscape in many cases with Unix.\n");
- errorCount++;
- exit (ERRX);
- }
-
- return cd;
-}
-
-/************************************************************************
- * g i v e _ h e l p
- */
-void give_help (int status)
-{
- if (status == SEC_ERROR_UNKNOWN_ISSUER)
- {
- PR_fprintf(errorFD,
- "The Certificate Authority (CA) for this certificate\n");
- PR_fprintf(errorFD,
- "does not appear to be in your database. You should contact\n");
- PR_fprintf(errorFD,
- "the organization which issued this certificate to obtain\n");
- PR_fprintf(errorFD, "a copy of its CA Certificate.\n");
- }
-}
-
-/**************************************************************************
- *
- * p r _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-char*
-pr_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
-
diff --git a/security/nss/cmd/signtool/verify.c b/security/nss/cmd/signtool/verify.c
deleted file mode 100644
index fd80ef737..000000000
--- a/security/nss/cmd/signtool/verify.c
+++ /dev/null
@@ -1,382 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-
-
-static int jar_cb(int status, JAR *jar, const char *metafile,
- char *pathname, char *errortext);
-static int verify_global (JAR *jar);
-
-/*************************************************************************
- *
- * V e r i f y J a r
- */
-int
-VerifyJar(char *filename)
-{
- FILE *fp;
-
- int ret;
- int status;
- int failed = 0;
- char *err;
-
- JAR *jar;
- JAR_Context *ctx;
-
- JAR_Item *it;
-
- jar = JAR_new();
-
- if ((fp = fopen (filename, "r")) == NULL)
- {
- perror (filename);
- exit (ERRX);
- }
- else
- fclose (fp);
-
- JAR_set_callback (JAR_CB_SIGNAL, jar, jar_cb);
-
-
- status = JAR_pass_archive (jar, jarArchGuess, filename, "some-url");
-
- if (status < 0 || jar->valid < 0)
- {
- failed = 1;
- PR_fprintf(outputFD, "\nNOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
- if (status < 0)
- {
- char *errtext;
-
- if (status >= JAR_BASE && status <= JAR_BASE_END)
- {
- errtext = JAR_get_error (status);
- }
- else
- {
- errtext = SECU_ErrorString ((int16) PORT_GetError());
- }
-
- PR_fprintf(outputFD, " (reported reason: %s)\n\n", errtext);
-
- /* corrupt files should not have their contents listed */
-
- if (status == JAR_ERR_CORRUPT)
- return -1;
- }
- PR_fprintf(outputFD,
- "entries shown below will have their digests checked only.\n");
- jar->valid = 0;
- }
- else
- PR_fprintf(outputFD,
- "archive \"%s\" has passed crypto verification.\n", filename);
-
- if (verify_global (jar))
- failed = 1;
-
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%16s %s\n", "status", "path");
- PR_fprintf(outputFD, "%16s %s\n", "------------", "-------------------");
-
- ctx = JAR_find (jar, NULL, jarTypeMF);
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- if (it && it->pathname)
- {
- rm_dash_r(TMP_OUTPUT);
- ret = JAR_verified_extract (jar, it->pathname, TMP_OUTPUT);
- /* if (ret < 0) printf ("error %d on %s\n", ret, it->pathname); */
- if (ret < 0) failed = 1;
-
- if (ret == JAR_ERR_PNF)
- err = "NOT PRESENT";
- else if (ret == JAR_ERR_HASH)
- err = "HASH FAILED";
- else
- err = "NOT VERIFIED";
-
- PR_fprintf(outputFD, "%16s %s\n",
- ret >= 0 ? "verified" : err, it->pathname);
-
- if (ret != 0 && ret != JAR_ERR_PNF && ret != JAR_ERR_HASH)
- PR_fprintf(outputFD, " (reason: %s)\n", JAR_get_error (ret));
- }
- }
-
- JAR_find_end (ctx);
-
- if (status < 0 || jar->valid < 0)
- {
- failed = 1;
- PR_fprintf(outputFD,
- "\nNOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
- give_help (status);
- }
-
- JAR_destroy (jar);
-
- if (failed)
- return -1;
- return 0;
-}
-
-/***************************************************************************
- *
- * v e r i f y _ g l o b a l
- */
-static int
-verify_global (JAR *jar)
-{
- FILE *fp;
- JAR_Context *ctx;
-
- char *ext;
-
- JAR_Item *it;
- JAR_Digest *globaldig;
-
- unsigned int sha1_length, md5_length;
-
- char buf [BUFSIZ];
-
- unsigned char *md5_digest, *sha1_digest;
-
- int retval = 0;
-
- ctx = JAR_find (jar, "*", jarTypePhy);
-
- while (JAR_find_next (ctx, &it) >= 0) {
- if (!PORT_Strncmp (it->pathname, "META-INF", 8)) {
- for (ext = it->pathname; *ext; ext++);
- while (ext > it->pathname && *ext != '.') ext--;
-
- if(verbosity >= 0) {
- if (!PORT_Strcasecmp (ext, ".rsa")) {
- PR_fprintf(outputFD, "found a RSA signature file: %s\n",
- it->pathname);
- }
-
- if(!PORT_Strcasecmp (ext, ".dsa")) {
- PR_fprintf(outputFD, "found a DSA signature file: %s\n",
- it->pathname);
- }
-
- if (!PORT_Strcasecmp (ext, ".mf")) {
- PR_fprintf(outputFD,
- "found a MF master manifest file: %s\n", it->pathname);
- }
- }
-
- if (!PORT_Strcasecmp (ext, ".sf")) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- "found a SF signature manifest file: %s\n", it->pathname);
- }
-
- rm_dash_r(TMP_OUTPUT);
- if (JAR_extract (jar, it->pathname, TMP_OUTPUT) < 0) {
- PR_fprintf(errorFD, "%s: error extracting %s\n", PROGRAM_NAME,
- it->pathname);
- errorCount++;
- retval = -1;
- continue;
- }
-
- md5_digest = NULL;
- sha1_digest = NULL;
-
- if ((fp = fopen (TMP_OUTPUT, "rb")) != NULL) {
- while (fgets (buf, BUFSIZ, fp)) {
- char *s;
-
- if (*buf == 0 || *buf == '\n' || *buf == '\r') break;
-
- for (s = buf; *s && *s != '\n' && *s != '\r'; s++);
- *s = 0;
-
- if (!PORT_Strncmp (buf, "MD5-Digest: ", 12)) {
- md5_digest = ATOB_AsciiToData (buf + 12, &md5_length);
- }
-
- if (!PORT_Strncmp (buf, "SHA1-Digest: ", 13)) {
- sha1_digest = ATOB_AsciiToData (buf + 13, &sha1_length);
- }
-
- if (!PORT_Strncmp (buf, "SHA-Digest: ", 12)) {
- sha1_digest = ATOB_AsciiToData (buf + 12, &sha1_length);
- }
- }
-
- globaldig = jar->globalmeta;
-
- if (globaldig && md5_digest) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- " md5 digest on global metainfo: %s\n",
- PORT_Memcmp (md5_digest, globaldig->md5, MD5_LENGTH) ?
- "no match" : "match");
- }
- }
-
- if (globaldig && sha1_digest) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- " sha digest on global metainfo: %s\n",
- PORT_Memcmp(sha1_digest, globaldig->sha1,
- SHA1_LENGTH) ? "no match" : "match");
- }
- }
-
- if (globaldig == NULL) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- "global metadigest is not available, strange.\n");
- }
- }
-
- fclose (fp);
- }
- }
- }
- }
-
- JAR_find_end (ctx);
-
- return retval;
-}
-
-/************************************************************************
- *
- * J a r W h o
- */
-int
-JarWho(char *filename)
- {
- FILE *fp;
-
- JAR *jar;
- JAR_Context *ctx;
-
- int status;
- int retval = 0;
-
- JAR_Item *it;
- JAR_Cert *fing;
-
- CERTCertificate *cert, *prev = NULL;
-
- jar = JAR_new();
-
- if ((fp = fopen (filename, "r")) == NULL)
- {
- perror (filename);
- exit (ERRX);
- }
- else
- fclose (fp);
-
- status = JAR_pass_archive (jar, jarArchGuess, filename, "some-url");
-
- if (status < 0 || jar->valid < 0)
- {
- PR_fprintf(outputFD,
- "NOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
- retval = -1;
- if (jar->valid < 0 || status != -1)
- {
- char *errtext;
-
- if (status >= JAR_BASE && status <= JAR_BASE_END)
- {
- errtext = JAR_get_error (status);
- }
- else
- {
- errtext = SECU_ErrorString ((int16) PORT_GetError());
- }
-
- PR_fprintf(outputFD, " (reported reason: %s)\n\n", errtext);
- }
- }
-
- PR_fprintf(outputFD, "\nSigner information:\n\n");
-
- ctx = JAR_find (jar, NULL, jarTypeSign);
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- fing = (JAR_Cert *) it->data;
- cert = fing->cert;
-
- if (cert)
- {
- if (prev == cert)
- break;
-
- if (cert->nickname)
- PR_fprintf(outputFD, "nickname: %s\n", cert->nickname);
- if (cert->subjectName)
- PR_fprintf(outputFD, "subject name: %s\n", cert->subjectName);
- if (cert->issuerName)
- PR_fprintf(outputFD, "issuer name: %s\n", cert->issuerName);
- }
- else
- {
- PR_fprintf(outputFD, "no certificate could be found\n");
- retval = -1;
- }
-
- prev = cert;
- }
-
- JAR_find_end (ctx);
-
- JAR_destroy (jar);
- return retval;
-}
-
-/************************************************************************
- * j a r _ c b
- */
-static int jar_cb(int status, JAR *jar, const char *metafile,
- char *pathname, char *errortext)
-{
- PR_fprintf(errorFD, "error %d: %s IN FILE %s\n", status, errortext, pathname);
- errorCount++;
- return 0;
-}
-
diff --git a/security/nss/cmd/signtool/zip.c b/security/nss/cmd/signtool/zip.c
deleted file mode 100644
index 62e885137..000000000
--- a/security/nss/cmd/signtool/zip.c
+++ /dev/null
@@ -1,678 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "zip.h"
-#include "zlib.h"
-#include "prmem.h"
-
-static void inttox (int in, char *out);
-static void longtox (long in, char *out);
-
-/****************************************************************
- *
- * J z i p O p e n
- *
- * Opens a new ZIP file and creates a new ZIPfile structure to
- * control the process of installing files into a zip.
- */
-ZIPfile*
-JzipOpen(char *filename, char *comment)
-{
- ZIPfile *zipfile;
- PRExplodedTime prtime;
-
- zipfile = PORT_ZAlloc(sizeof(ZIPfile));
- if(!zipfile) out_of_memory();
-
- /* Construct time and date */
- PR_ExplodeTime(PR_Now(), PR_LocalTimeParameters, &prtime);
- zipfile->date = ((prtime.tm_year-1980) << 9) |
- ((prtime.tm_month+1) << 5) |
- prtime.tm_mday;
- zipfile->time = (prtime.tm_hour<<11) |
- (prtime.tm_min<<5) |
- (prtime.tm_sec&0x3f);
-
- if (filename &&
- (zipfile->fp = PR_Open(filename,
- PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777)) == NULL) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "%s: can't open output jar, %s.%s\n", PROGRAM_NAME,
- filename, nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit (ERRX);
- }
-
- zipfile->list = NULL;
- if(filename) {
- zipfile->filename = PORT_ZAlloc(strlen(filename)+1);
- if(!zipfile->filename) out_of_memory();
- PORT_Strcpy(zipfile->filename, filename);
- }
- if(comment) {
- zipfile->comment = PORT_ZAlloc(strlen(comment)+1);
- if(!zipfile->comment) out_of_memory();
- PORT_Strcpy(zipfile->comment, comment);
- }
-
- return zipfile;
-}
-
-static
-void*
-my_alloc_func(void* opaque, uInt items, uInt size)
-{
- return PORT_Alloc(items*size);
-}
-
-static
-void
-my_free_func(void* opaque, void* address)
-{
- PORT_Free(address);
-}
-
-static
-void
-handle_zerror(int err, char *msg)
-{
- if(!msg) {
- msg = "";
- }
-
- errorCount++; /* unless Z_OK...see below */
-
- switch(err) {
- case Z_OK:
- PR_fprintf(errorFD, "No error: %s\n", msg);
- errorCount--; /* this was incremented above */
- break;
- case Z_MEM_ERROR:
- PR_fprintf(errorFD, "Deflation ran out of memory: %s\n", msg);
- break;
- case Z_STREAM_ERROR:
- PR_fprintf(errorFD, "Invalid compression level: %s\n", msg);
- break;
- case Z_VERSION_ERROR:
- PR_fprintf(errorFD, "Incompatible compression library version: %s\n", msg);
- break;
- case Z_DATA_ERROR:
- PR_fprintf(errorFD, "Compression data error: %s\n", msg);
- break;
- default:
- PR_fprintf(errorFD, "Unknown error in compression library: %s\n", msg);
- break;
- }
-}
-
-
-/****************************************************************
- *
- * J z i p A d d
- *
- * Adds a new file into a ZIP file. The ZIP file must have already
- * been opened with JzipOpen.
- */
-int
-JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level)
-{
- ZIPentry *entry;
- PRFileDesc *readfp;
- PRFileDesc *zipfp;
- int num;
- Bytef inbuf[BUFSIZ], outbuf[BUFSIZ];
- unsigned long crc;
- z_stream zstream;
- int err;
- unsigned long local_size_pos;
- int deflate_percent;
-
-
- if( !fullname || !filename || !zipfile) {
- return -1;
- }
-
- zipfp = zipfile->fp;
-
-
- if( (readfp = PR_Open(fullname, PR_RDONLY, 0777)) == NULL) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "%s: %s\n", fullname, nsprErr ? nsprErr : "");
- errorCount++;
- if(nsprErr) PR_Free(nsprErr);
- exit(ERRX);
- }
-
- /*
- * Make sure the input file is not the output file.
- * Add a few bytes to the end of the JAR file and see if the input file
- * twitches
- */
- {
- PRInt32 endOfJar;
- PRInt32 inputSize;
- PRBool isSame;
-
- inputSize = PR_Available(readfp);
-
- endOfJar = PR_Seek(zipfp, 0L, PR_SEEK_CUR);
-
- if(PR_Write(zipfp, "abcde", 5) < 5) {
- char *nsprErr;
-
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing to zip file: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- isSame = (PR_Available(readfp) != inputSize);
-
- PR_Seek(zipfp, endOfJar, PR_SEEK_SET);
-
- if(isSame) {
- /* It's the same file! Forget it! */
- PR_Close(readfp);
- return 0;
- }
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "adding %s to %s...", fullname, zipfile->filename);
- }
-
- entry = PORT_ZAlloc(sizeof(ZIPentry));
- if(!entry) out_of_memory();
-
- entry->filename = PORT_Strdup(filename);
- entry->comment = NULL;
-
- /* Set up local file header */
- longtox(LSIG, entry->local.signature);
- inttox(strlen(filename), entry->local.filename_len);
- inttox(zipfile->time, entry->local.time);
- inttox(zipfile->date, entry->local.date);
- inttox(Z_DEFLATED, entry->local.method);
-
- /* Set up central directory entry */
- longtox(CSIG, entry->central.signature);
- inttox(strlen(filename), entry->central.filename_len);
- if(entry->comment) {
- inttox(strlen(entry->comment), entry->central.commentfield_len);
- }
- longtox(PR_Seek(zipfile->fp, 0, PR_SEEK_CUR),
- entry->central.localhdr_offset);
- inttox(zipfile->time, entry->central.time);
- inttox(zipfile->date, entry->central.date);
- inttox(Z_DEFLATED, entry->central.method);
-
- /* Compute crc. Too bad we have to process the whole file to do this*/
- crc = crc32(0L, NULL, 0);
- while( (num = PR_Read(readfp, inbuf, BUFSIZ)) > 0) {
- crc = crc32(crc, inbuf, num);
- }
- PR_Seek(readfp, 0L, PR_SEEK_SET);
-
- /* Store CRC */
- longtox(crc, entry->local.crc32);
- longtox(crc, entry->central.crc32);
-
- /* Stick this entry onto the end of the list */
- entry->next = NULL;
- if( zipfile->list == NULL ) {
- /* First entry */
- zipfile->list = entry;
- } else {
- ZIPentry *pe;
-
- pe = zipfile->list;
- while(pe->next != NULL) {
- pe = pe->next;
- }
- pe->next = entry;
- }
-
- /*
- * Start writing stuff out
- */
-
- local_size_pos = PR_Seek(zipfp, 0, PR_SEEK_CUR) + 18;
- /* File header */
- if(PR_Write(zipfp, &entry->local, sizeof(struct ZipLocal))
- < sizeof(struct ZipLocal)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* File Name */
- if( PR_Write(zipfp, filename, strlen(filename)) < strlen(filename)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /*
- * File data
- */
- /* Initialize zstream */
- zstream.zalloc = my_alloc_func;
- zstream.zfree = my_free_func;
- zstream.opaque = NULL;
- zstream.next_in = inbuf;
- zstream.avail_in = BUFSIZ;
- zstream.next_out = outbuf;
- zstream.avail_out = BUFSIZ;
- /* Setting the windowBits to -MAX_WBITS is an undocumented feature of
- * zlib (see deflate.c in zlib). It is the same thing that Java does
- * when you specify the nowrap option for deflation in java.util.zip.
- * It causes zlib to leave out its headers and footers, which don't
- * work in PKZIP files.
- */
- err = deflateInit2(&zstream, compression_level, Z_DEFLATED,
- -MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY);
- if(err != Z_OK) {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
-
- while( (zstream.avail_in = PR_Read(readfp, inbuf, BUFSIZ)) > 0) {
- zstream.next_in = inbuf;
- /* Process this chunk of data */
- while(zstream.avail_in > 0) {
- err = deflate(&zstream, Z_NO_FLUSH);
- if(err != Z_OK) {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
- if(zstream.avail_out <= 0) {
- if( PR_Write(zipfp, outbuf, BUFSIZ) < BUFSIZ) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- zstream.next_out = outbuf;
- zstream.avail_out = BUFSIZ;
- }
- }
- }
-
- /* Now flush everything */
- while(1) {
- err = deflate(&zstream, Z_FINISH);
- if(err == Z_STREAM_END) {
- break;
- } else if(err == Z_OK) {
- /* output buffer full, repeat */
- } else {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
- if( PR_Write(zipfp, outbuf, BUFSIZ) < BUFSIZ) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- zstream.avail_out = BUFSIZ;
- zstream.next_out = outbuf;
- }
-
- /* If there's any output left, write it out. */
- if(zstream.next_out != outbuf) {
- if( PR_Write(zipfp, outbuf, zstream.next_out-outbuf) <
- zstream.next_out-outbuf) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- zstream.avail_out = BUFSIZ;
- zstream.next_out = outbuf;
- }
-
- /* Now that we know the compressed size, write this to the headers */
- longtox(zstream.total_in, entry->local.orglen);
- longtox(zstream.total_out, entry->local.size);
- if(PR_Seek(zipfp, local_size_pos, PR_SEEK_SET) == -1) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Accessing zip file: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- if( PR_Write(zipfp, entry->local.size, 8) != 8) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- if(PR_Seek(zipfp, 0L, PR_SEEK_END) == -1) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Accessing zip file: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- longtox(zstream.total_in, entry->central.orglen);
- longtox(zstream.total_out, entry->central.size);
-
- /* Close out the deflation operation */
- err = deflateEnd(&zstream);
- if(err != Z_OK) {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
-
- PR_Close(readfp);
-
- if((zstream.total_in > zstream.total_out) && (zstream.total_in > 0)) {
- deflate_percent = (int) ( (zstream.total_in-zstream.total_out)*100 /
- zstream.total_in );
- } else {
- deflate_percent = 0;
- }
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "(deflated %d%%)\n", deflate_percent);
- }
-
- return 0;
-}
-
-/********************************************************************
- * J z i p C l o s e
- *
- * Finishes the ZipFile. ALSO DELETES THE ZIPFILE STRUCTURE PASSED IN!!
- */
-int
-JzipClose(ZIPfile *zipfile)
-{
- ZIPentry *pe, *dead;
- PRFileDesc *zipfp;
- struct ZipEnd zipend;
- unsigned int entrycount = 0;
-
- if(!zipfile) {
- return -1;
- }
-
- if(!zipfile->filename) {
- /* bogus */
- return 0;
- }
-
- zipfp = zipfile->fp;
- zipfile->central_start = PR_Seek(zipfp, 0L, PR_SEEK_CUR);
-
- /* Write out all the central directories */
- pe = zipfile->list;
- while(pe) {
- entrycount++;
-
- /* Write central directory info */
- if( PR_Write(zipfp, &pe->central, sizeof(struct ZipCentral))
- < sizeof(struct ZipCentral)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* Write filename */
- if( PR_Write(zipfp, pe->filename, strlen(pe->filename))
- < strlen(pe->filename)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* Write file comment */
- if(pe->comment) {
- if( PR_Write(zipfp, pe->comment, strlen(pe->comment))
- < strlen(pe->comment)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- }
-
- /* Delete the structure */
- dead = pe;
- pe = pe->next;
- if(dead->filename) {
- PORT_Free(dead->filename);
- }
- if(dead->comment) {
- PORT_Free(dead->comment);
- }
- PORT_Free(dead);
- }
- zipfile->central_end = PR_Seek(zipfile->fp, 0L, PR_SEEK_CUR);
-
- /* Create the ZipEnd structure */
- PORT_Memset(&zipend, 0, sizeof(zipend));
- longtox(ESIG, zipend.signature);
- inttox(entrycount, zipend.total_entries_disk);
- inttox(entrycount, zipend.total_entries_archive);
- longtox(zipfile->central_end-zipfile->central_start,
- zipend.central_dir_size);
- longtox(zipfile->central_start, zipend.offset_central_dir);
- if(zipfile->comment) {
- inttox(strlen(zipfile->comment), zipend.commentfield_len);
- }
-
- /* Write out ZipEnd xtructure */
- if( PR_Write(zipfp, &zipend, sizeof(zipend)) < sizeof(zipend)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* Write out Zipfile comment */
- if(zipfile->comment) {
- if( PR_Write(zipfp, zipfile->comment, strlen(zipfile->comment))
- < strlen(zipfile->comment)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- }
-
- PR_Close(zipfp);
-
- /* Free the memory of the zipfile structure */
- if(zipfile->filename) {
- PORT_Free(zipfile->filename);
- }
- if(zipfile->comment) {
- PORT_Free(zipfile->comment);
- }
- PORT_Free(zipfile);
-
- return 0;
-}
-
-/**********************************************
- * i n t t o x
- *
- * Converts a two byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static void inttox (int in, char *out)
-{
- out [0] = (in & 0xFF);
- out [1] = (in & 0xFF00) >> 8;
-}
-
-/*********************************************
- * l o n g t o x
- *
- * Converts a four byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static void longtox (long in, char *out)
-{
- out [0] = (in & 0xFF);
- out [1] = (in & 0xFF00) >> 8;
- out [2] = (in & 0xFF0000) >> 16;
- out [3] = (in & 0xFF000000) >> 24;
-}
-
diff --git a/security/nss/cmd/signtool/zip.h b/security/nss/cmd/signtool/zip.h
deleted file mode 100644
index 08512f3c4..000000000
--- a/security/nss/cmd/signtool/zip.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* zip.h
- * Structures and functions for creating ZIP archives.
- */
-#ifndef ZIP_H
-#define ZIP_H
-
-/* For general information on ZIP formats, you can look at jarfile.h
- * in ns/security/lib/jar. Or look it up on the web...
- */
-
-/* One entry in a ZIPfile. This corresponds to one file in the archive.
- * We have to save this information because first all the files go into
- * the archive with local headers; then at the end of the file we have to
- * put the central directory entries for each file.
- */
-typedef struct ZIPentry_s {
- struct ZipLocal local; /* local header info */
- struct ZipCentral central; /* central directory info */
- char *filename; /* name of file */
- char *comment; /* comment for this file -- optional */
-
- struct ZIPentry_s *next;
-} ZIPentry;
-
-/* This structure contains the necessary data for putting a ZIP file
- * together. Has some overall information and a list of ZIPentrys.
- */
-typedef struct ZIPfile_s {
- char *filename; /* ZIP file name */
- char *comment; /* ZIP file comment -- may be NULL */
- PRFileDesc *fp; /* ZIP file pointer */
- ZIPentry *list; /* one entry for each file in the archive */
- unsigned int time; /* the GMT time of creation, in DOS format */
- unsigned int date; /* the GMT date of creation, in DOS format */
- unsigned long central_start; /* starting offset of central directory */
- unsigned long central_end; /*index right after the last byte of central*/
-} ZIPfile;
-
-
-/* Open a new ZIP file. Takes the name of the zip file and an optional
- * comment to be included in the file. Returns a new ZIPfile structure
- * which is used by JzipAdd and JzipClose
- */
-ZIPfile* JzipOpen(char *filename, char *comment);
-
-/* Add a file to a ZIP archive. Fullname is the path relative to the
- * current directory. Filename is what the name will be stored as in the
- * archive, and thus what it will be restored as. zipfile is a structure
- * returned from a previous call to JzipOpen.
- *
- * Non-zero return code means error (although usually the function will
- * call exit() rather than return an error--gotta fix this).
- */
-int JzipAdd(char *fullname, char *filename, ZIPfile *zipfile,
- int compression_level);
-
-/* Finalize a ZIP archive. Adds all the footer information to the end of
- * the file and closes it. Also DELETES THE ZIPFILE STRUCTURE that was
- * passed in. So you never have to allocate or free a ZIPfile yourself.
- *
- * Non-zero return code means error (although usually the function will
- * call exit() rather than return an error--gotta fix this).
- */
-int JzipClose (ZIPfile *zipfile);
-
-
-#endif /* ZIP_H */
diff --git a/security/nss/cmd/signver/Makefile b/security/nss/cmd/signver/Makefile
deleted file mode 100644
index e4a3a6069..000000000
--- a/security/nss/cmd/signver/Makefile
+++ /dev/null
@@ -1,71 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/signver/examples/1/form.pl b/security/nss/cmd/signver/examples/1/form.pl
deleted file mode 100755
index 2034bf728..000000000
--- a/security/nss/cmd/signver/examples/1/form.pl
+++ /dev/null
@@ -1,50 +0,0 @@
-#! /usr/bin/perl
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-print "Content-type: text/html\n\n";
-print "<B>Server Name:</B> ", $ENV{'SERVER_NAME'}, "<BR>", "\n";
-print "<B>Server Port:</B> ", $ENV{'SERVER_PORT'}, "<BR>", "\n";
-print "<B>Server Software:</B> ", $ENV{'SERVER_SOFTWARE'}, "<BR>", "\n";
-print "<B>Server Protocol:</B> ", $ENV{'SERVER_PROTOCOL'}, "<BR>", "\n";
-print "<B>CGI Revision:</B> ", $ENV{'GATEWAY_INTERFACE'}, "<BR>", "\n";
-print "<B>Browser:</B> ", $ENV{'HTTP_USER_AGENT'}, "<BR>", "\n";
-print "<B>Remote Address:</B> ", $ENV{'REMOTE_ADDR'}, "<BR>", "\n";
-print "<B>Remote Host:</B> ", $ENV{'REMOTE_HOST'}, "<BR>", "\n";
-print "<B>Remote User:</B> ", $ENV{'REMOTE_USER'}, "<BR>", "\n";
-print "You typed:\n";
-
-while( $_ = <STDIN>) {
- print "$_";
-}
-
diff --git a/security/nss/cmd/signver/examples/1/signedForm.html b/security/nss/cmd/signver/examples/1/signedForm.html
deleted file mode 100644
index 1444a1775..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>Form to sign</title>
-<script language="javascript">
-<!--
-function submitSigned(form){
- var signature = "";
- var dataToSign = "";
- var i;
-
- form.action='signedForm.pl';
- for (i = 0; i < form.length; i++)
- if (form.elements[i].type == "text")
- dataToSign += form.elements[i].value;
-
- // alert("Data to sign:\n" + dataToSign);
- signature = crypto.signText(dataToSign, "ask");
- /* alert("You cannot see this alert");
- alert("Data signature:\n" + signature); */
-
- if (signature != "error:userCancel") {
- for (i = 0; i < form.length; i++) {
- if (form.elements[i].type == "hidden") {
- if (form.elements[i].name == "dataToSign")
- form.elements[i].value = dataToSign;
- if (form.elements[i].name == "dataSignature")
- form.elements[i].value = signature;
- }
- }
- form.submit();
- }
-}
-//-->
-</script>
-</head>
-
-<body>
-<form method=post Action="form.pl">
-<input type=hidden size=30 name=dataSignature>
-<input type=hidden size=30 name=dataToSign>
-<input type=text size=30 name=p>
-<BR>
-<input type=text size=30 name=q>
-<BR>
-<input type=text size=30 name=r>
-<BR>
-<input type=submit value="Submit Data">
-<input type=button value="Sign and Submit Data" onclick=submitSigned(this.form)>
-<input type=reset value=Reset>
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/signver/examples/1/signedForm.nt.html b/security/nss/cmd/signver/examples/1/signedForm.nt.html
deleted file mode 100644
index 5487739ce..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.nt.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>Form to sign</title>
-<script language="javascript">
-<!--
-function submitSigned(form){
- var signature = "";
- var dataToSign = "";
- var i;
-
- form.action='cgi-bin/signedForm.pl';
- for (i = 0; i < form.length; i++)
- if (form.elements[i].type == "text")
- dataToSign += form.elements[i].value;
-
- // alert("Data to sign:\n" + dataToSign);
- signature = crypto.signText(dataToSign, "ask");
- /* alert("You cannot see this alert");
- alert("Data signature:\n" + signature); */
-
- if (signature != "error:userCancel") {
- for (i = 0; i < form.length; i++) {
- if (form.elements[i].type == "hidden") {
- if (form.elements[i].name == "dataToSign")
- form.elements[i].value = dataToSign;
- if (form.elements[i].name == "dataSignature")
- form.elements[i].value = signature;
- }
- }
- form.submit();
- }
-}
-//-->
-</script>
-</head>
-
-<body>
-<form method=post Action="cgi-bin/form.pl">
-<input type=hidden size=30 name=dataSignature>
-<input type=hidden size=30 name=dataToSign>
-<input type=text size=30 name=p>
-<BR>
-<input type=text size=30 name=q>
-<BR>
-<input type=text size=30 name=r>
-<BR>
-<input type=submit value="Submit Data">
-<input type=button value="Sign and Submit Data" onclick=submitSigned(this.form)>
-<input type=reset value=Reset>
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/signver/examples/1/signedForm.pl b/security/nss/cmd/signver/examples/1/signedForm.pl
deleted file mode 100755
index 3c2cd0ed3..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.pl
+++ /dev/null
@@ -1,88 +0,0 @@
-#! /usr/bin/perl
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-
-sub decode {
- read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
- @pairs = split(/&/, $buffer);
- foreach $pair (@pairs)
- {
- ($name, $value) = split(/=/, $pair);
- $value =~tr/+/ /;
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- $FORM{$name} = $value;
-# print "name=$name value=$value<BR>\n";
- }
-}
-
-print "Content-type: text/html\n\n";
-
-&decode();
-
-$dataSignature = $FORM{'dataSignature'};
-$dataToSign = $FORM{'dataToSign'};
-
-unlink("signature");
-open(FILE1,">signature") || die("Cannot open file for writing\n");
-
-print FILE1 "$dataSignature";
-
-close(FILE1);
-
-
-unlink("data");
-open(FILE2,">data") || die("Cannot open file for writing\n");
-
-print FILE2 "$dataToSign";
-
-close(FILE2);
-
-
-print "<BR><B>Signed Data:</B><BR>", "$dataToSign", "<BR>";
-
-print "<BR><b>Verification Info:</b><BR>";
-
-$verInfo = `./signver -D . -s signature -d data -v`;
-print "<font color=red><b>$verInfo</b></font><BR>";
-
-print "<BR><B>Signature Data:</B><BR>", "$dataSignature", "<BR>";
-
-print "<BR><b>Signature Info:</b><BR>";
-
-foreach $line (`./signver -s signature -A`) {
- print "$line<BR>\n";
-}
-
-print "<b>End of Info</b><BR>";
-
diff --git a/security/nss/cmd/signver/manifest.mn b/security/nss/cmd/signver/manifest.mn
deleted file mode 100644
index 9efdaad29..000000000
--- a/security/nss/cmd/signver/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-CSRCS = signver.c \
- pk7print.c \
- $(NULL)
-
-REQUIRES = dbm seccmd
-
-PROGRAM = signver
-
-PACKAGE_FILES = README.txt signedForm.html signedForm.pl form.pl
-ifeq ($(subst /,_,$(shell uname -s)),WINNT)
-PACKAGE_FILES += signedForm.nt.pl signver.exe
-else
-PACKAGE_FILES += signver
-endif
-
-ARCHIVE_NAME = signver
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/signver/pk7print.c b/security/nss/cmd/signver/pk7print.c
deleted file mode 100644
index 94d8e8f36..000000000
--- a/security/nss/cmd/signver/pk7print.c
+++ /dev/null
@@ -1,922 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-/* pkcs #7 -related functions */
-
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secoid.h"
-#include <sys/stat.h>
-#include <stdarg.h>
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "prtypes.h"
-#include "prtime.h"
-
-#include "prlong.h"
-#include "secmod.h"
-#include "pk11func.h"
-#include "prerror.h"
-
-
-
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-int
-sv_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *);
-
-
-void
-sv_PrintAsHex(FILE *out, SECItem *data, char *m)
-{
- unsigned i;
-
- if (m) fprintf(out, m);
-
- for (i = 0; i < data->len; i++) {
- if (i < data->len - 1) {
- fprintf(out, "%02x:", data->data[i]);
- } else {
- fprintf(out, "%02x\n", data->data[i]);
- break;
- }
- }
-}
-
-void
-sv_PrintInteger(FILE *out, SECItem *i, char *m)
-{
- int iv;
-
- if (i->len > 4) {
- sv_PrintAsHex(out, i, m);
- } else {
- iv = DER_GetInteger(i);
- fprintf(out, "%s%d (0x%x)\n", m, iv, iv);
- }
-}
-
-
-int
-sv_PrintUTCTime(FILE *out, SECItem *t, char *m)
-{
- PRExplodedTime printableTime;
- int64 time;
- char *timeString;
- int rv;
-
- rv = DER_UTCTimeToTime(&time, t);
- if (rv) return rv;
-
- /* Converse to local time */
- PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
- timeString = (char *)PORT_Alloc(100);
-
- if ( timeString ) {
- PR_FormatTime( timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime );
- fprintf(out, "%s%s\n", m, timeString);
- PORT_Free(timeString);
- return 0;
- }
- return SECFailure;
-}
-
-
-int
-sv_PrintValidity(FILE *out, CERTValidity *v, char *m)
-{
- int rv;
-
- fprintf(out, m);
- rv = sv_PrintUTCTime(out, &v->notBefore, "notBefore=");
- if (rv) return rv;
- fprintf(out, m);
- sv_PrintUTCTime(out, &v->notAfter, "notAfter=");
- return rv;
-}
-
-void
-sv_PrintObjectID(FILE *out, SECItem *oid, char *m)
-{
- const char *name;
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID(oid);
- if (oiddata == NULL) {
- sv_PrintAsHex(out, oid, m);
- return;
- }
- name = oiddata->desc;
-
- if (m != NULL)
- fprintf(out, "%s", m);
- fprintf(out, "%s\n", name);
-}
-
-void
-sv_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m)
-{
- sv_PrintObjectID(out, &a->algorithm, m);
-
- if ((a->parameters.len != 2) ||
- (PORT_Memcmp(a->parameters.data, "\005\000", 2) != 0)) {
- /* Print args to algorithm */
- sv_PrintAsHex(out, &a->parameters, "Args=");
- }
-}
-
-void
-sv_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m)
-{
- SECItem *value;
- int i;
- char om[100];
-
- fprintf(out, m);
-
- /*
- * XXX Make this smarter; look at the type field and then decode
- * and print the value(s) appropriately!
- */
- sv_PrintObjectID(out, &(attr->type), "type=");
- if (attr->values != NULL) {
- i = 0;
- while ((value = attr->values[i]) != NULL) {
- sprintf(om, "%svalue[%d]=%s", m, i++, attr->encoded ? "(encoded)" : "");
- if (attr->encoded || attr->typeTag == NULL) {
- sv_PrintAsHex(out, value, om);
- } else {
- switch (attr->typeTag->offset) {
- default:
- sv_PrintAsHex(out, value, om);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- sv_PrintObjectID(out, value, om);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- sv_PrintUTCTime(out, value, om);
- break;
- }
- }
- }
- }
-}
-
-void
-sv_PrintName(FILE *out, CERTName *name, char *msg)
-{
- char *str;
-
- str = CERT_NameToAscii(name);
- fprintf(out, "%s%s\n", msg, str);
-}
-
-
-#if 0
-/*
-** secu_PrintPKCS7EncContent
-** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src,
- char *m, int level)
-{
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- secu_Indent(out, level);
- fprintf(out, "%s:\n", m);
- secu_Indent(out, level + 1);
- fprintf(out, "Content Type: %s\n",
- (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
- : "Unknown");
- sv_PrintAlgorithmID(out, &(src->contentEncAlg),
- "Content Encryption Algorithm");
- sv_PrintAsHex(out, &(src->encContent),
- "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-** Prints a PKCS7RecipientInfo type
-*/
-void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m,
- int level)
-{
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(info->version), "Version");
-
- sv_PrintName(out, &(info->issuerAndSN->issuer), "Issuer");
- sv_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number");
-
- /* Parse and display encrypted key */
- sv_PrintAlgorithmID(out, &(info->keyEncAlg),
- "Key Encryption Algorithm");
- sv_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-#endif
-
-/*
-** secu_PrintSignerInfo
-** Prints a PKCS7SingerInfo type
-*/
-void
-sv_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m)
-{
- SEC_PKCS7Attribute *attr;
- int iv;
-
- fprintf(out, m);
- sv_PrintInteger(out, &(info->version), "version=");
-
- fprintf(out, m);
- sv_PrintName(out, &(info->issuerAndSN->issuer), "issuerName=");
- fprintf(out, m);
- sv_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "serialNumber=");
-
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &(info->digestAlg), "digestAlgorithm=");
-
- if (info->authAttr != NULL) {
- char mm[120];
-
- iv = 0;
- while (info->authAttr[iv] != NULL) iv++;
- fprintf(out, "%sauthenticatedAttributes=%d\n", m, iv);
- iv = 0;
- while ((attr = info->authAttr[iv]) != NULL) {
- sprintf(mm, "%sattribute[%d].", m, iv++);
- sv_PrintAttribute(out, attr, mm);
- }
- }
-
- /* Parse and display signature */
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &(info->digestEncAlg), "digestEncryptionAlgorithm=");
- fprintf(out, m);
- sv_PrintAsHex(out, &(info->encDigest), "encryptedDigest=");
-
- if (info->unAuthAttr != NULL) {
- char mm[120];
-
- iv = 0;
- while (info->unAuthAttr[iv] != NULL) iv++;
- fprintf(out, "%sunauthenticatedAttributes=%d\n", m, iv);
- iv = 0;
- while ((attr = info->unAuthAttr[iv]) != NULL) {
- sprintf(mm, "%sattribute[%d].", m, iv++);
- sv_PrintAttribute(out, attr, mm);
- }
- }
-}
-
-void
-sv_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m)
-{
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.rsa.modulus, "modulus=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.rsa.publicExponent, "exponent=");
-}
-
-void
-sv_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m)
-{
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.params.prime, "prime=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.params.subPrime, "subprime=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.params.base, "base=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.publicValue, "publicValue=");
-}
-
-int
-sv_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *i, char *msg)
-{
- SECKEYPublicKey *pk;
- int rv;
- char mm[200];
-
- sprintf(mm, "%s.publicKeyAlgorithm=", msg);
- sv_PrintAlgorithmID(out, &i->algorithm, mm);
-
- pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey));
- if (!pk) return PORT_GetError();
-
- DER_ConvertBitString(&i->subjectPublicKey);
- switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- rv = SEC_ASN1DecodeItem(arena, pk, SECKEY_RSAPublicKeyTemplate,
- &i->subjectPublicKey);
- if (rv) return rv;
- sprintf(mm, "%s.rsaPublicKey.", msg);
- sv_PrintRSAPublicKey(out, pk, mm);
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- rv = SEC_ASN1DecodeItem(arena, pk, SECKEY_DSAPublicKeyTemplate,
- &i->subjectPublicKey);
- if (rv) return rv;
- sprintf(mm, "%s.dsaPublicKey.", msg);
- sv_PrintDSAPublicKey(out, pk, mm);
- break;
- default:
- fprintf(out, "%s=bad SPKI algorithm type\n", msg);
- return 0;
- }
-
- return 0;
-}
-
-SECStatus
-sv_PrintInvalidDateExten (FILE *out, SECItem *value, char *msg)
-{
- SECItem decodedValue;
- SECStatus rv;
- int64 invalidTime;
- char *formattedTime = NULL;
-
- decodedValue.data = NULL;
- rv = SEC_ASN1DecodeItem (NULL, &decodedValue, SEC_GeneralizedTimeTemplate,
- value);
- if (rv == SECSuccess) {
- rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
- if (rv == SECSuccess) {
- formattedTime = CERT_GenTime2FormattedAscii(invalidTime, "%a %b %d %H:%M:%S %Y");
- fprintf (out, "%s: %s\n", msg, formattedTime);
- PORT_Free (formattedTime);
- }
- }
- PORT_Free (decodedValue.data);
-
- return (rv);
-}
-
-int
-sv_PrintExtensions(FILE *out, CERTCertExtension **extensions, char *msg)
-{
- SECOidTag oidTag;
-
- if (extensions) {
-
- while ( *extensions ) {
- SECItem *tmpitem;
-
- fprintf(out, "%sname=", msg);
-
- tmpitem = &(*extensions)->id;
- sv_PrintObjectID(out, tmpitem, NULL);
-
- tmpitem = &(*extensions)->critical;
- if ( tmpitem->len )
- fprintf(out, "%scritical=%s\n", msg,
- (tmpitem->data && tmpitem->data[0])? "True": "False");
-
- oidTag = SECOID_FindOIDTag (&((*extensions)->id));
-
- fprintf(out, msg);
- tmpitem = &((*extensions)->value);
- if (oidTag == SEC_OID_X509_INVALID_DATE)
- sv_PrintInvalidDateExten (out, tmpitem,"invalidExt");
- else
- sv_PrintAsHex(out,tmpitem, "data=");
-
- /*fprintf(out, "\n");*/
- extensions++;
- }
- }
-
- return 0;
-}
-
-/* callers of this function must make sure that the CERTSignedCrl
- from which they are extracting the CERTCrl has been fully-decoded.
- Otherwise it will not have the entries even though the CRL may have
- some */
-void
-sv_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m)
-{
- CERTCrlEntry *entry;
- int iv;
- char om[100];
-
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &(crl->signatureAlg), "signatureAlgorithm=");
- fprintf(out, m);
- sv_PrintName(out, &(crl->name), "name=");
- fprintf(out, m);
- sv_PrintUTCTime(out, &(crl->lastUpdate), "lastUpdate=");
- fprintf(out, m);
- sv_PrintUTCTime(out, &(crl->nextUpdate), "nextUpdate=");
-
- if (crl->entries != NULL) {
- iv = 0;
- while ((entry = crl->entries[iv]) != NULL) {
- fprintf(out, "%sentry[%d].", m, iv);
- sv_PrintInteger(out, &(entry->serialNumber), "serialNumber=");
- fprintf(out, "%sentry[%d].", m, iv);
- sv_PrintUTCTime(out, &(entry->revocationDate), "revocationDate=");
- sprintf(om, "%sentry[%d].signedCRLEntriesExtensions.", m, iv++);
- sv_PrintExtensions(out, entry->extensions, om);
- }
- }
- sprintf(om, "%ssignedCRLEntriesExtensions.", m);
- sv_PrintExtensions(out, crl->extensions, om);
-}
-
-
-int
-sv_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCertificate *c;
- int rv;
- int iv;
- char mm[200];
-
- /* Decode certificate */
- c = (CERTCertificate*) PORT_ZAlloc(sizeof(CERTCertificate));
- if (!c) return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, c, CERT_CertificateTemplate, der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- /* Pretty print it out */
- iv = DER_GetInteger(&c->version);
- fprintf(out, "%sversion=%d (0x%x)\n", m, iv + 1, iv);
- sprintf(mm, "%sserialNumber=", m);
- sv_PrintInteger(out, &c->serialNumber, mm);
- sprintf(mm, "%ssignatureAlgorithm=", m);
- sv_PrintAlgorithmID(out, &c->signature, mm);
- sprintf(mm, "%sissuerName=", m);
- sv_PrintName(out, &c->issuer, mm);
- sprintf(mm, "%svalidity.", m);
- sv_PrintValidity(out, &c->validity, mm);
- sprintf(mm, "%ssubject=", m);
- sv_PrintName(out, &c->subject, mm);
- sprintf(mm, "%ssubjectPublicKeyInfo", m);
- rv = sv_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo, mm);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
- sprintf(mm, "%ssignedExtensions.", m);
- sv_PrintExtensions(out, c->extensions, mm);
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-}
-
-int
-sv_PrintSignedData(FILE *out, SECItem *der, char *m, SECU_PPFunc inner)
-{
- PRArenaPool *arena = NULL;
- CERTSignedData *sd;
- int rv;
-
- /* Strip off the signature */
- sd = (CERTSignedData*) PORT_ZAlloc(sizeof(CERTSignedData));
- if (!sd) return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, sd, CERT_SignedDataTemplate, der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
-/* fprintf(out, "%s:\n", m); */
- PORT_Strcat(m, "data.");
-
- rv = (*inner)(out, &sd->data, m, 0);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- m[PORT_Strlen(m) - 5] = 0;
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &sd->signatureAlgorithm, "signatureAlgorithm=");
- DER_ConvertBitString(&sd->signature);
- fprintf(out, m);
- sv_PrintAsHex(out, &sd->signature, "signature=");
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-
-}
-
-
-/*
-** secu_PrintPKCS7Signed
-** Pretty print a PKCS7 signed data type (up to version 1).
-*/
-int
-sv_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src)
-{
- SECAlgorithmID *digAlg; /* digest algorithms */
- SECItem *aCert; /* certificate */
- CERTSignedCrl *aCrl; /* certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* signer information */
- int rv, iv;
- char om[120];
-
- sv_PrintInteger(out, &(src->version), "pkcs7.version=");
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- iv = 0;
- while (src->digestAlgorithms[iv] != NULL)
- iv++;
- fprintf(out, "pkcs7.digestAlgorithmListLength=%d\n", iv);
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv]) != NULL) {
- sprintf(om, "pkcs7.digestAlgorithm[%d]=", iv++);
- sv_PrintAlgorithmID(out, digAlg, om);
- }
- }
-
- /* Now for the content */
- rv = sv_PrintPKCS7ContentInfo(out, &(src->contentInfo),
- "pkcs7.contentInformation=");
- if (rv != 0) return rv;
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- iv = 0;
- while (src->rawCerts[iv] != NULL)
- iv++;
- fprintf(out, "pkcs7.certificateListLength=%d\n", iv);
-
- iv = 0;
- while ((aCert = src->rawCerts[iv]) != NULL) {
- sprintf(om, "certificate[%d].", iv++);
- rv = sv_PrintSignedData(out, aCert, om, sv_PrintCertificate);
- if (rv) return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- iv = 0;
- while (src->crls[iv] != NULL) iv++;
- fprintf(out, "pkcs7.signedRevocationLists=%d\n", iv);
- iv = 0;
- while ((aCrl = src->crls[iv]) != NULL) {
- sprintf(om, "signedRevocationList[%d].", iv);
- fprintf(out, om);
- sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "signatureAlgorithm=");
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- fprintf(out, om);
- sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "signature=");
- sprintf(om, "certificateRevocationList[%d].", iv);
- sv_PrintCRLInfo(out, &aCrl->crl, om);
- iv++;
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- iv = 0;
- while (src->signerInfos[iv] != NULL)
- iv++;
- fprintf(out, "pkcs7.signerInformationListLength=%d\n", iv);
- iv = 0;
- while ((sigInfo = src->signerInfos[iv]) != NULL) {
- sprintf(om, "signerInformation[%d].", iv++);
- sv_PrintSignerInfo(out, sigInfo, om);
- }
- }
-
- return 0;
-}
-
-#if 0
-/*
-** secu_PrintPKCS7Enveloped
-** Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
- char *m, int level)
-{
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */
- int iv;
- char om[100];
-
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-** Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
- SEC_PKCS7SignedAndEnvelopedData *src,
- char *m, int level)
-{
- SECAlgorithmID *digAlg; /* pointer for digest algorithms */
- SECItem *aCert; /* pointer for certificate */
- CERTSignedCrl *aCrl; /* pointer for certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
- int rv, iv;
- char om[100];
-
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- secu_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- sv_PrintAlgorithmID(out, digAlg, om);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- secu_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- secu_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm");
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-PR_IMPLEMENT(int)
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCrl *c = NULL;
- int rv;
-
- do {
- /* Decode CRL */
- c = (CERTCrl*) PORT_ZAlloc(sizeof(CERTCrl));
- if (!c) {
- rv = PORT_GetError();
- break;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- rv = SEC_ERROR_NO_MEMORY;
- break;
- }
-
- rv = SEC_ASN1DecodeItem(arena, c, CERT_CrlTemplate, der);
- if (rv != SECSuccess)
- break;
- SECU_PrintCRLInfo (out, c, m, level);
- } while (0);
- PORT_FreeArena (arena, PR_FALSE);
- PORT_Free (c);
- return (rv);
-}
-
-/*
-** secu_PrintPKCS7Encrypted
-** Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
- char *m, int level)
-{
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-** Pretty print a PKCS7 digested data type (up to version 1).
-*/
-void
-sv_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src)
-{
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- sv_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm");
- sv_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
- level + 1);
- sv_PrintAsHex(out, &src->digest, "Digest", level + 1);
-}
-
-#endif
-
-/*
-** secu_PrintPKCS7ContentInfo
-** Takes a SEC_PKCS7ContentInfo type and sends the contents to the
-** appropriate function
-*/
-int
-sv_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src, char *m)
-{
- const char *desc;
- SECOidTag kind;
- int rv;
-
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- if (src->contentTypeTag == NULL) {
- desc = "Unknown";
- kind = SEC_OID_PKCS7_DATA;
- } else {
- desc = src->contentTypeTag->desc;
- kind = src->contentTypeTag->offset;
- }
-
- fprintf(out, "%s%s\n", m, desc);
-
- if (src->content.data == NULL) {
- fprintf(out, "pkcs7.data=<no content>\n");
- return 0;
- }
-
- rv = 0;
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */
- rv = sv_PrintPKCS7Signed(out, src->content.signedData);
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */
- fprintf(out, "pkcs7EnvelopedData=<unsupported>\n");
- /*sv_PrintPKCS7Enveloped(out, src->content.envelopedData);*/
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */
- fprintf(out, "pkcs7SignedEnvelopedData=<unsupported>\n");
- /*rv = sv_PrintPKCS7SignedAndEnveloped(out,
- src->content.signedAndEnvelopedData);*/
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */
- fprintf(out, "pkcs7DigestedData=<unsupported>\n");
- /*sv_PrintPKCS7Digested(out, src->content.digestedData);*/
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */
- fprintf(out, "pkcs7EncryptedData=<unsupported>\n");
- /*sv_PrintPKCS7Encrypted(out, src->content.encryptedData);*/
- break;
-
- default:
- fprintf(out, "pkcs7UnknownData=<unsupported>\n");
- /*sv_PrintAsHex(out, src->content.data);*/
- break;
- }
-
- return rv;
-}
-
-
-int
-SV_PrintPKCS7ContentInfo(FILE *out, SECItem *der)
-{
- SEC_PKCS7ContentInfo *cinfo;
- int rv = -1;
-
- cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
-
- if (cinfo != NULL) {
- rv = sv_PrintPKCS7ContentInfo(out, cinfo, "pkcs7.contentInfo=");
- SEC_PKCS7DestroyContentInfo(cinfo);
- }
-
- return rv;
-}
-/*
-** End of PKCS7 functions
-*/
diff --git a/security/nss/cmd/signver/signver.c b/security/nss/cmd/signver/signver.c
deleted file mode 100644
index ca56bc862..000000000
--- a/security/nss/cmd/signver/signver.c
+++ /dev/null
@@ -1,455 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "secmod.h"
-#include "cert.h"
-#include "secoid.h"
-#include "nss.h"
-
-/* NSPR 2.0 header files */
-#include "prinit.h"
-#include "prprf.h"
-#include "prsystem.h"
-#include "prmem.h"
-/* Portable layer header files */
-#include "plstr.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-static int debugInfo = 0;
-
-static char *usageInfo[] = {
- "Options:",
- " -a signature file is ASCII",
- " -d certdir directory containing cert database",
- " -i dataFileName input file name containing data,",
- " leave filename blank to use stdin",
- " -s signatureFileName input file name containing signature,",
- " leave filename blank to use stdin",
- " -o outputFileName output file name, default stdout",
- " -A display all information from pkcs #7",
- " -C display all information from all certs",
- " -C -n display number of certificates",
- " -C -n certNum display all information from the certNum",
- " certificate in pkcs #7 signed object",
- " -C -n certNum f1 ... fN display information about specified",
- " fields from the certNum certificate in",
- " the pkcs #7 signed object",
- " -S display signer information list",
- " -S -n display number of signer information blocks",
- " -S -n signerNum display all information from the signerNum",
- " signer information block in pkcs #7",
- " -S -n signerNum f1 ... fN display information about specified",
- " fields from the signerNum signer",
- " information block in pkcs #7 object",
- " -V verify the signed object and display result",
- " -V -v verify the signed object and display",
- " result and reason for failure",
- "Version 2.0"
-};
-static int nUsageInfo = sizeof(usageInfo)/sizeof(char *);
-
-extern int SV_PrintPKCS7ContentInfo(FILE *, SECItem *);
-
-static void Usage(char *progName, FILE *outFile)
-{
- int i;
- fprintf(outFile, "Usage: %s options\n", progName);
- for (i = 0; i < nUsageInfo; i++)
- fprintf(outFile, "%s\n", usageInfo[i]);
- exit(-1);
-}
-
-static HASH_HashType
-AlgorithmToHashType(SECAlgorithmID *digestAlgorithms)
-{
- SECOidTag tag;
-
- tag = SECOID_GetAlgorithmTag(digestAlgorithms);
-
- switch (tag) {
- case SEC_OID_MD2:
- if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgMD2 SEC_OID_MD2\n");
- return HASH_AlgMD2;
- case SEC_OID_MD5:
- if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgMD5 SEC_OID_MD5\n");
- return HASH_AlgMD5;
- case SEC_OID_SHA1:
- if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgSHA1 SEC_OID_SHA1\n");
- return HASH_AlgSHA1;
- default:
- if (debugInfo) PR_fprintf(PR_STDERR, "should never get here\n");
- return HASH_AlgNULL;
- }
-}
-
-
-static int
-DigestData (unsigned char *digest, unsigned char *data,
- unsigned int *len, unsigned int maxLen,
- HASH_HashType hashType)
-{
- const SECHashObject *hashObj;
- void *hashcx;
-
- hashObj = HASH_GetHashObject(hashType);
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
- (* hashObj->update)(hashcx, data, PORT_Strlen((char *)data));
- (* hashObj->end)(hashcx, digest, len, maxLen);
- (* hashObj->destroy)(hashcx, PR_TRUE);
-
- return 0;
-}
-
-enum {
- cmd_DisplayAllPCKS7Info = 0,
- cmd_DisplayCertInfo,
- cmd_DisplaySignerInfo,
- cmd_VerifySignedObj
-};
-
-enum {
- opt_ASCII,
- opt_CertDir,
- opt_InputDataFile,
- opt_ItemNumber,
- opt_OutputFile,
- opt_InputSigFile,
- opt_TypeTag,
- opt_PrintWhyFailure
-};
-
-static secuCommandFlag signver_commands[] =
-{
- { /* cmd_DisplayAllPCKS7Info*/ 'A', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DisplayCertInfo */ 'C', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DisplaySignerInfo */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_VerifySignedObj */ 'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag signver_options[] =
-{
- { /* opt_ASCII */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputDataFile */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_ItemNumber */ 'n', PR_FALSE, 0, PR_FALSE },
- { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputSigFile */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_TypeTag */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_PrintWhyFailure */ 'v', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
- PRExplodedTime explodedCurrent;
- SECItem der, data;
- char *progName;
- int rv;
- PRFileDesc *dataFile = 0;
- PRFileDesc *signFile = 0;
- FILE *outFile = stdout;
- char *typeTag = 0;
- PRBool displayAllCerts = PR_FALSE;
- PRBool displayAllSigners = PR_FALSE;
- PRFileInfo info;
- PRInt32 nb;
- SECStatus secstatus;
-
- secuCommand signver;
- signver.numCommands = sizeof(signver_commands) /sizeof(secuCommandFlag);
- signver.numOptions = sizeof(signver_options) / sizeof(secuCommandFlag);
- signver.commands = signver_commands;
- signver.options = signver_options;
-
-#ifdef XP_PC
- progName = strrchr(argv[0], '\\');
-#else
- progName = strrchr(argv[0], '/');
-#endif
- progName = progName ? progName+1 : argv[0];
-
- /*_asm int 3*/
-
- PR_ExplodeTime(PR_Now(), PR_LocalTimeParameters, &explodedCurrent);
-#if 0
- if (explodedCurrent.tm_year >= 1998
- && explodedCurrent.tm_month >= 5 /* months past tm_year (0-11, Jan = 0) */
- && explodedCurrent.tm_mday >= 1) {
- PR_fprintf(PR_STDERR, "%s: expired\n", progName);
- return -1;
- }
-#endif
-
- SECU_ParseCommandLine(argc, argv, progName, &signver);
-
- /* Set the certdb directory (default is ~/.{browser}) */
- SECU_ConfigDirectory(signver.options[opt_CertDir].arg);
-
- /* Set the certificate type. */
- typeTag = SECU_GetOptionArg(&signver, opt_TypeTag);
-
- /* -i and -s without filenames */
- if (signver.options[opt_InputDataFile].activated &&
- signver.options[opt_InputSigFile].activated &&
- !signver.options[opt_InputDataFile].arg &&
- !signver.options[opt_InputSigFile].arg)
- PR_fprintf(PR_STDERR,
- "%s: Only data or signature file can use stdin (not both).\n",
- progName);
-
- /* Open the input data file (no arg == use stdin). */
- if (signver.options[opt_InputDataFile].activated) {
- if (signver.options[opt_InputDataFile].arg)
- dataFile = PR_Open(signver.options[opt_InputDataFile].arg,
- PR_RDONLY, 0);
- else
- dataFile = PR_STDIN;
- if (!dataFile) {
- PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading.\n",
- progName, signver.options[opt_InputDataFile].arg);
- return -1;
- }
- }
-
- /* Open the input signature file (no arg == use stdin). */
- if (signver.options[opt_InputSigFile].activated) {
- if (signver.options[opt_InputSigFile].arg)
- signFile = PR_Open(signver.options[opt_InputSigFile].arg,
- PR_RDONLY, 0);
- else
- signFile = PR_STDIN;
- if (!signFile) {
- PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading.\n",
- progName, signver.options[opt_InputSigFile].arg);
- return -1;
- }
- }
-
-#if 0
- if (!typeTag) ascii = 1;
-#endif
-
- /* Open|Create the output file. */
- if (signver.options[opt_OutputFile].activated) {
- outFile = fopen(signver.options[opt_OutputFile].arg, "w");
- /*
- outFile = PR_Open(signver.options[opt_OutputFile].arg,
- PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 00660);
- */
- if (!outFile) {
- PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for writing.\n",
- progName, signver.options[opt_OutputFile].arg);
- return -1;
- }
- }
-
- if (signver.commands[cmd_DisplayCertInfo].activated &&
- !signver.options[opt_ItemNumber].arg)
- displayAllCerts = PR_TRUE;
-
- if (signver.commands[cmd_DisplaySignerInfo].activated &&
- !signver.options[opt_ItemNumber].arg)
- displayAllSigners = PR_TRUE;
-
-#if 0
- case 'W':
- debugInfo = 1;
- break;
-#endif
-
- if (!signFile && !dataFile && !typeTag)
- Usage(progName, outFile);
-
- if (!signFile && !dataFile &&
- signver.commands[cmd_VerifySignedObj].activated) {
- PR_fprintf(PR_STDERR,
- "%s: unable to read all data from standard input\n",
- progName);
- return -1;
- }
-
- PR_SetError(0, 0); /* PR_Init("pp", 1, 1, 0);*/
- secstatus = NSS_Init(SECU_ConfigDirectory(NULL));
- if (secstatus != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- rv = SECU_ReadDERFromFile(&der, signFile,
- signver.options[opt_ASCII].activated);
-
- /* Data is untyped, using the specified type */
- data.data = der.data;
- data.len = der.len;
-
-
- /* Signature Verification */
- if (!signver.options[opt_TypeTag].activated) {
- if (signver.commands[cmd_VerifySignedObj].activated) {
- SEC_PKCS7ContentInfo *cinfo;
-
- cinfo = SEC_PKCS7DecodeItem(&data, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL);
- if (cinfo != NULL) {
-#if 0
- if (debugInfo) {
- PR_fprintf(PR_STDERR, "Content %s encrypted.\n",
- SEC_PKCS7ContentIsEncrypted(cinfo) ? "was" : "was not");
-
- PR_fprintf(PR_STDERR, "Content %s signed.\n",
- SEC_PKCS7ContentIsSigned(cinfo) ? "was" : "was not");
- }
-#endif
-
- if (SEC_PKCS7ContentIsSigned(cinfo)) {
- SEC_PKCS7SignedData *signedData;
- HASH_HashType digestType;
- SECItem digest, data;
- unsigned char *dataToVerify, digestBuffer[32];
-
- signedData = cinfo->content.signedData;
-
- /* assume that there is only one digest algorithm for now */
- digestType =
- AlgorithmToHashType(signedData->digestAlgorithms[0]);
- if (digestType == HASH_AlgNULL) {
- PR_fprintf(PR_STDERR, "Invalid hash algorithmID\n");
- return (-1);
- }
- rv = SECU_FileToItem(&data, dataFile);
- dataToVerify = data.data;
- if (dataToVerify) {
- /*certUsageObjectSigner;*/
- SECCertUsage usage = certUsageEmailSigner;
-
-
-#if 0
- if (debugInfo)
- PR_fprintf(PR_STDERR, "dataToVerify=%s\n",
- dataToVerify);
-#endif
- digest.data = digestBuffer;
- if (DigestData (digest.data, dataToVerify,
- &digest.len, 32, digestType)) {
- PR_fprintf(PR_STDERR, "Fail to compute message digest for verification. Reason: %s\n",
- SECU_ErrorString((int16)PORT_GetError()));
- return (-1);
- }
-#if 0
- if (debugInfo) {
- PR_fprintf(PR_STDERR, "Data Digest=:");
- for (i = 0; i < digest.len; i++)
- PR_fprintf(PR_STDERR, "%02x:", digest.data[i]);
- PR_fprintf(PR_STDERR, "\n");
- }
-#endif
-
-
- if (signver.commands[cmd_VerifySignedObj].activated)
- fprintf(outFile, "signatureValid=");
- PORT_SetError(0);
- if (SEC_PKCS7VerifyDetachedSignature (cinfo, usage,
- &digest, digestType, PR_FALSE)) {
- if (signver.commands[cmd_VerifySignedObj].activated)
- fprintf(outFile, "yes");
- } else {
- if (signver.commands[cmd_VerifySignedObj].activated){
- fprintf(outFile, "no");
- if (signver.options[opt_PrintWhyFailure].activated)
- fprintf(outFile, ":%s", SECU_ErrorString((int16)PORT_GetError()));
- }
- }
- if (signver.commands[cmd_VerifySignedObj].activated)
- fprintf(outFile, "\n");
-
- SECITEM_FreeItem(&data, PR_FALSE);
- } else {
- PR_fprintf(PR_STDERR, "Cannot read data\n");
- return (-1);
- }
- }
-
- SEC_PKCS7DestroyContentInfo(cinfo);
- } else
- PR_fprintf(PR_STDERR, "Unable to decode PKCS7 data\n");
- }
-
- if (signver.commands[cmd_DisplayAllPCKS7Info].activated)
- SV_PrintPKCS7ContentInfo(outFile, &data);
-
- if (displayAllCerts)
- PR_fprintf(PR_STDERR, "-C option is not implemented in this version\n");
-
- if (displayAllSigners)
- PR_fprintf(PR_STDERR, "-S option is not implemented in this version\n");
-
- /* Pretty print it */
- } else if (PL_strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
- SECU_PrintCertificate);
- } else if (PL_strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
- SECU_PrintCertificateRequest);
- } else if (PL_strcmp (typeTag, SEC_CT_CRL) == 0) {
- rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl);
-#ifdef HAVE_EPK_TEMPLATE
- } else if (PL_strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) {
- rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
-#endif
- } else if (PL_strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) {
- rv = SECU_PrintPublicKey(outFile, &data, "Public Key", 0);
- } else if (PL_strcmp(typeTag, SEC_CT_PKCS7) == 0) {
- rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
- "PKCS #7 Content Info", 0);
- } else {
- PR_fprintf(PR_STDERR, "%s: don't know how to print out '%s' files\n",
- progName, typeTag);
- return -1;
- }
-
- if (rv) {
- PR_fprintf(PR_STDERR, "%s: problem converting data (%s)\n",
- progName, SECU_ErrorString((int16)PORT_GetError()));
- return -1;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/smimetools/Makefile b/security/nss/cmd/smimetools/Makefile
deleted file mode 100644
index 9e3263d43..000000000
--- a/security/nss/cmd/smimetools/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include rules.mk
-
-include ../platrules.mk
diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c
deleted file mode 100644
index 3af802431..000000000
--- a/security/nss/cmd/smimetools/cmsutil.c
+++ /dev/null
@@ -1,1450 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * cmsutil -- A command to work with CMS data
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secoid.h"
-#include "cms.h"
-#include "nss.h"
-#include "smime.h"
-#include "pk11func.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(_WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-extern void SEC_Init(void); /* XXX */
-char *progName = NULL;
-static int cms_verbose = 0;
-
-/* XXX stolen from cmsarray.c
- * nss_CMSArray_Count - count number of elements in array
- */
-int
-nss_CMSArray_Count(void **array)
-{
- int n = 0;
- if (array == NULL)
- return 0;
- while (*array++ != NULL)
- n++;
- return n;
-}
-
-static SECStatus
-DigestFile(PLArenaPool *poolp, SECItem ***digests, SECItem *input,
- SECAlgorithmID **algids)
-{
- NSSCMSDigestContext *digcx;
-
- digcx = NSS_CMSDigestContext_StartMultiple(algids);
- if (digcx == NULL)
- return SECFailure;
-
- NSS_CMSDigestContext_Update(digcx, input->data, input->len);
-
- return NSS_CMSDigestContext_FinishMultiple(digcx, poolp, digests);
-}
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
-"Usage: %s [-D|-S|-E] [<options>] [-d dbdir] [-u certusage]\n",
- progName);
- fprintf(stderr,
-" -D decode a CMS message\n"
-" -c content use this detached content\n"
-" -n suppress output of content\n"
-" -h num generate email headers with info about CMS message\n"
-" -S create a CMS signed message\n"
-" -G include a signing time attribute\n"
-" -H hash use hash (default:SHA1)\n"
-" -N nick use certificate named \"nick\" for signing\n"
-" -P include a SMIMECapabilities attribute\n"
-" -T do not include content in CMS message\n"
-" -Y nick include a EncryptionKeyPreference attribute with cert\n"
-" (use \"NONE\" to omit)\n"
-" -E create a CMS enveloped message (NYI)\n"
-" -r id,... create envelope for these recipients,\n"
-" where id can be a certificate nickname or email address\n"
-" -d dbdir key/cert database directory (default: ~/.netscape)\n"
-" -i infile use infile as source of data (default: stdin)\n"
-" -o outfile use outfile as destination of data (default: stdout)\n"
-" -p password use password as key db password (default: prompt)\n"
-" -u certusage set type of certificate usage (default: certUsageEmailSigner)\n"
-" -v print debugging information\n"
-"\nCert usage codes:\n");
- fprintf(stderr, "%-25s 0 - certUsageSSLClient\n", " ");
- fprintf(stderr, "%-25s 1 - certUsageSSLServer\n", " ");
- fprintf(stderr, "%-25s 2 - certUsageSSLServerWithStepUp\n", " ");
- fprintf(stderr, "%-25s 3 - certUsageSSLCA\n", " ");
- fprintf(stderr, "%-25s 4 - certUsageEmailSigner\n", " ");
- fprintf(stderr, "%-25s 5 - certUsageEmailRecipient\n", " ");
- fprintf(stderr, "%-25s 6 - certUsageObjectSigner\n", " ");
- fprintf(stderr, "%-25s 7 - certUsageUserCertImport\n", " ");
- fprintf(stderr, "%-25s 8 - certUsageVerifyCA\n", " ");
- fprintf(stderr, "%-25s 9 - certUsageProtectedObjectSigner\n", " ");
- fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
- fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
-
- exit(-1);
-}
-
-struct optionsStr {
- char *password;
- SECCertUsage certUsage;
- CERTCertDBHandle *certHandle;
-};
-
-struct decodeOptionsStr {
- struct optionsStr *options;
- PRFileDesc *contentFile;
- int headerLevel;
- PRBool suppressContent;
- NSSCMSGetDecryptKeyCallback dkcb;
- PK11SymKey *bulkkey;
-};
-
-struct signOptionsStr {
- struct optionsStr *options;
- char *nickname;
- char *encryptionKeyPreferenceNick;
- PRBool signingTime;
- PRBool smimeProfile;
- PRBool detached;
- SECOidTag hashAlgTag;
-};
-
-struct envelopeOptionsStr {
- struct optionsStr *options;
- char **recipients;
-};
-
-struct certsonlyOptionsStr {
- struct optionsStr *options;
- char **recipients;
-};
-
-struct encryptOptionsStr {
- struct optionsStr *options;
- char **recipients;
- NSSCMSMessage *envmsg;
- SECItem *input;
- FILE *outfile;
- PRFileDesc *envFile;
- PK11SymKey *bulkkey;
- SECOidTag bulkalgtag;
- int keysize;
-};
-
-static NSSCMSMessage *
-decode(FILE *out, SECItem *output, SECItem *input,
- const struct decodeOptionsStr *decodeOptions)
-{
- NSSCMSDecoderContext *dcx;
- NSSCMSMessage *cmsg;
- NSSCMSContentInfo *cinfo;
- NSSCMSSignedData *sigd = NULL;
- NSSCMSEnvelopedData *envd;
- NSSCMSEncryptedData *encd;
- SECAlgorithmID **digestalgs;
- int nlevels, i, nsigners, j;
- char *signercn;
- NSSCMSSignerInfo *si;
- SECOidTag typetag;
- SECItem **digests;
- PLArenaPool *poolp;
- PK11PasswordFunc pwcb;
- void *pwcb_arg;
- SECItem *item, sitem = { 0, 0, 0 };
- secuPWData pwdata = { PW_NONE, 0 };
-
- if (decodeOptions->options->password)
- {
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = decodeOptions->options->password;
- }
- pwcb = SECU_GetModulePassword;
- pwcb_arg = (void *)&pwdata;
-
- if (decodeOptions->contentFile) {
- /* detached content: grab content file */
- SECU_FileToItem(&sitem, decodeOptions->contentFile);
- }
-
- dcx = NSS_CMSDecoder_Start(NULL,
- NULL, NULL, /* content callback */
- pwcb, pwcb_arg, /* password callback */
- decodeOptions->dkcb, /* decrypt key callback */
- decodeOptions->bulkkey);
- (void)NSS_CMSDecoder_Update(dcx, (char *)input->data, input->len);
- cmsg = NSS_CMSDecoder_Finish(dcx);
- if (cmsg == NULL) {
- fprintf(stderr, "%s: failed to decode message.\n", progName);
- return NULL;
- }
-
- if (decodeOptions->headerLevel >= 0) {
- /*fprintf(out, "SMIME: ", decodeOptions->headerLevel, i);*/
- fprintf(out, "SMIME: ");
- }
-
- nlevels = NSS_CMSMessage_ContentLevelCount(cmsg);
- for (i = 0; i < nlevels; i++) {
- cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
- typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "\tlevel=%d.%d; ", decodeOptions->headerLevel, nlevels - i);
-
- switch (typetag) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=signedData; ");
- sigd = (NSSCMSSignedData *)NSS_CMSContentInfo_GetContent(cinfo);
- if (sigd == NULL) {
- SECU_PrintError(progName,
- "problem finding signedData component");
- goto loser;
- }
-
- /* if we have a content file, but no digests for this signedData */
- if (decodeOptions->contentFile != NULL && !NSS_CMSSignedData_HasDigests(sigd)) {
- if ((poolp = PORT_NewArena(1024)) == NULL) {
- fprintf(stderr, "cmsutil: Out of memory.\n");
- goto loser;
- }
- digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
- if (DigestFile (poolp, &digests, &sitem, digestalgs)
- != SECSuccess) {
- SECU_PrintError(progName,
- "problem computing message digest");
- goto loser;
- }
- if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
-
- SECU_PrintError(progName,
- "problem setting message digests");
- goto loser;
- }
- PORT_FreeArena(poolp, PR_FALSE);
- }
-
- /* import the certificates */
- if (NSS_CMSSignedData_ImportCerts(sigd,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage,
- PR_FALSE)
- != SECSuccess) {
- SECU_PrintError(progName, "cert import failed");
- goto loser;
- }
-
- /* find out about signers */
- nsigners = NSS_CMSSignedData_SignerInfoCount(sigd);
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "nsigners=%d; ", nsigners);
- if (nsigners == 0) {
- /* must be a cert transport message */
- SECStatus rv;
- /* XXX workaround for bug #54014 */
- NSS_CMSSignedData_ImportCerts(sigd,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage,
- PR_TRUE);
- rv = NSS_CMSSignedData_VerifyCertsOnly(sigd,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage);
- if (rv != SECSuccess) {
- fprintf(stderr, "cmsutil: Verify certs-only failed!\n");
- goto loser;
- }
- return cmsg;
- }
-
- /* still no digests? */
- if (!NSS_CMSSignedData_HasDigests(sigd)) {
- SECU_PrintError(progName, "no message digests");
- goto loser;
- }
-
- for (j = 0; j < nsigners; j++) {
- si = NSS_CMSSignedData_GetSignerInfo(sigd, j);
- signercn = NSS_CMSSignerInfo_GetSignerCommonName(si);
- if (signercn == NULL)
- signercn = "";
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "\n\t\tsigner%d.id=\"%s\"; ", j, signercn);
- (void)NSS_CMSSignedData_VerifySignerInfo(sigd, j,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage);
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "signer%d.status=%s; ", j,
- NSS_CMSUtil_VerificationStatusToString(
- NSS_CMSSignerInfo_GetVerificationStatus(si)));
- /* XXX what do we do if we don't print headers? */
- }
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=envelopedData; ");
- envd = (NSSCMSEnvelopedData *)NSS_CMSContentInfo_GetContent(cinfo);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=encryptedData; ");
- encd = (NSSCMSEncryptedData *)NSS_CMSContentInfo_GetContent(cinfo);
- break;
- case SEC_OID_PKCS7_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=data; ");
- break;
- default:
- break;
- }
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "\n");
- }
-
- if (!decodeOptions->suppressContent) {
- item = decodeOptions->contentFile ? &sitem :
- NSS_CMSMessage_GetContent(cmsg);
- SECITEM_CopyItem(NULL, output, item);
- }
-
- return cmsg;
-loser:
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-
-/* example of a callback function to use with encoder */
-/*
-static void
-writeout(void *arg, const char *buf, unsigned long len)
-{
- FILE *f = (FILE *)arg;
-
- if (f != NULL && buf != NULL)
- (void)fwrite(buf, len, 1, f);
-}
-*/
-
-static NSSCMSMessage *
-signed_data(struct signOptionsStr *signOptions)
-{
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSSignedData *sigd;
- NSSCMSSignerInfo *signerinfo;
- CERTCertificate *cert= NULL, *ekpcert = NULL;
-
- if (cms_verbose) {
- fprintf(stderr, "Input to signed_data:\n");
- if (signOptions->options->password)
- fprintf(stderr, "password [%s]\n", signOptions->options->password);
- else
- fprintf(stderr, "password [NULL]\n");
- fprintf(stderr, "certUsage [%d]\n", signOptions->options->certUsage);
- if (signOptions->options->certHandle)
- fprintf(stderr, "certdb [%p]\n", signOptions->options->certHandle);
- else
- fprintf(stderr, "certdb [NULL]\n");
- if (signOptions->nickname)
- fprintf(stderr, "nickname [%s]\n", signOptions->nickname);
- else
- fprintf(stderr, "nickname [NULL]\n");
- }
- if (signOptions->nickname == NULL) {
- fprintf(stderr,
- "ERROR: please indicate the nickname of a certificate to sign with.\n");
- return NULL;
- }
- if ((cert = CERT_FindUserCertByUsage(signOptions->options->certHandle,
- signOptions->nickname,
- signOptions->options->certUsage,
- PR_FALSE,
- NULL)) == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- signOptions->nickname);
- return NULL;
- }
- if (cms_verbose) {
- fprintf(stderr, "Found certificate for %s\n", signOptions->nickname);
- }
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL); /* create a message on its own pool */
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- return NULL;
- }
- /*
- * build chain of objects: message->signedData->data
- */
- if ((sigd = NSS_CMSSignedData_Create(cmsg)) == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS signedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_SignedData(cmsg, cinfo, sigd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS signedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSSignedData_GetContentInfo(sigd);
- /* we're always passing data in and detaching optionally */
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL,
- signOptions->detached)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- /*
- * create & attach signer information
- */
- signerinfo = NSS_CMSSignerInfo_Create(cmsg, cert, signOptions->hashAlgTag);
- if (signerinfo == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS signerInfo object.\n");
- goto loser;
- }
- if (cms_verbose) {
- fprintf(stderr,
- "Created CMS message, added signed data w/ signerinfo\n");
- }
- /* we want the cert chain included for this one */
- if (NSS_CMSSignerInfo_IncludeCerts(signerinfo, NSSCMSCM_CertChain,
- signOptions->options->certUsage)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot find cert chain.\n");
- goto loser;
- }
- if (cms_verbose) {
- fprintf(stderr, "imported certificate\n");
- }
- if (signOptions->signingTime) {
- if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now())
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add signingTime attribute.\n");
- goto loser;
- }
- }
- if (signOptions->smimeProfile) {
- if (NSS_CMSSignerInfo_AddSMIMECaps(signerinfo) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add SMIMECaps attribute.\n");
- goto loser;
- }
- }
-
- if (!signOptions->encryptionKeyPreferenceNick) {
- /* check signing cert for fitness as encryption cert */
- SECStatus FitForEncrypt = CERT_CheckCertUsage(cert,
- certUsageEmailRecipient);
-
- if (SECSuccess == FitForEncrypt) {
- /* if yes, add signing cert as EncryptionKeyPreference */
- if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, cert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr,
- "ERROR: cannot add default SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- if (NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(signerinfo, cert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr,
- "ERROR: cannot add default MS SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- } else {
- /* this is a dual-key cert case, we need to look for the encryption
- certificate under the same nickname as the signing cert */
- /* get the cert, add it to the message */
- if ((ekpcert = CERT_FindUserCertByUsage(
- signOptions->options->certHandle,
- signOptions->nickname,
- certUsageEmailRecipient,
- PR_FALSE,
- NULL)) == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- signOptions->encryptionKeyPreferenceNick);
- goto loser;
- }
- if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, ekpcert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr,
- "ERROR: cannot add SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- if (NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(signerinfo, ekpcert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr,
- "ERROR: cannot add MS SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- if (NSS_CMSSignedData_AddCertificate(sigd, ekpcert) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add encryption certificate.\n");
- goto loser;
- }
- }
- } else if (PL_strcmp(signOptions->encryptionKeyPreferenceNick, "NONE") == 0) {
- /* No action */
- } else {
- /* get the cert, add it to the message */
- if ((ekpcert = CERT_FindUserCertByUsage(
- signOptions->options->certHandle,
- signOptions->encryptionKeyPreferenceNick,
- certUsageEmailRecipient, PR_FALSE, NULL))
- == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- signOptions->encryptionKeyPreferenceNick);
- goto loser;
- }
- if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, ekpcert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- if (NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(signerinfo, ekpcert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add MS SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- if (NSS_CMSSignedData_AddCertificate(sigd, ekpcert) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add encryption certificate.\n");
- goto loser;
- }
- }
-
- if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add CMS signerInfo object.\n");
- goto loser;
- }
- if (cms_verbose) {
- fprintf(stderr, "created signed-data message\n");
- }
- if (ekpcert) {
- CERT_DestroyCertificate(ekpcert);
- }
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
- return cmsg;
-loser:
- if (ekpcert) {
- CERT_DestroyCertificate(ekpcert);
- }
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-
-static NSSCMSMessage *
-enveloped_data(struct envelopeOptionsStr *envelopeOptions)
-{
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSEnvelopedData *envd;
- NSSCMSRecipientInfo *recipientinfo;
- CERTCertificate **recipientcerts = NULL;
- CERTCertDBHandle *dbhandle;
- PLArenaPool *tmppoolp = NULL;
- SECOidTag bulkalgtag;
- int keysize, i = 0;
- int cnt;
- dbhandle = envelopeOptions->options->certHandle;
- /* count the recipients */
- if ((cnt = nss_CMSArray_Count((void **)envelopeOptions->recipients)) == 0) {
- fprintf(stderr, "ERROR: please name at least one recipient.\n");
- goto loser;
- }
- if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- /* XXX find the recipient's certs by email address or nickname */
- if ((recipientcerts =
- (CERTCertificate **)PORT_ArenaZAlloc(tmppoolp,
- (cnt+1)*sizeof(CERTCertificate*)))
- == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- for (i=0; envelopeOptions->recipients[i] != NULL; i++) {
- if ((recipientcerts[i] =
- CERT_FindCertByNicknameOrEmailAddr(dbhandle,
- envelopeOptions->recipients[i]))
- == NULL) {
- SECU_PrintError(progName, "cannot find certificate for \"%s\"",
- envelopeOptions->recipients[i]);
- i=0;
- goto loser;
- }
- }
- recipientcerts[i] = NULL;
- i=0;
- /* find a nice bulk algorithm */
- if (NSS_SMIMEUtil_FindBulkAlgForRecipients(recipientcerts, &bulkalgtag,
- &keysize) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot find common bulk algorithm.\n");
- goto loser;
- }
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL); /* create a message on its own pool */
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- goto loser;
- }
- /*
- * build chain of objects: message->envelopedData->data
- */
- if ((envd = NSS_CMSEnvelopedData_Create(cmsg, bulkalgtag, keysize))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS envelopedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_EnvelopedData(cmsg, cinfo, envd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS envelopedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSEnvelopedData_GetContentInfo(envd);
- /* we're always passing data in, so the content is NULL */
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- /*
- * create & attach recipient information
- */
- for (i = 0; recipientcerts[i] != NULL; i++) {
- if ((recipientinfo = NSS_CMSRecipientInfo_Create(cmsg,
- recipientcerts[i]))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS recipientInfo object.\n");
- goto loser;
- }
- if (NSS_CMSEnvelopedData_AddRecipient(envd, recipientinfo)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add CMS recipientInfo object.\n");
- goto loser;
- }
- CERT_DestroyCertificate(recipientcerts[i]);
- }
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return cmsg;
-loser:
- if (recipientcerts) {
- for (; recipientcerts[i] != NULL; i++) {
- CERT_DestroyCertificate(recipientcerts[i]);
- }
- }
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return NULL;
-}
-
-PK11SymKey *dkcb(void *arg, SECAlgorithmID *algid)
-{
- return (PK11SymKey*)arg;
-}
-
-static SECStatus
-get_enc_params(struct encryptOptionsStr *encryptOptions)
-{
- struct envelopeOptionsStr envelopeOptions;
- SECStatus rv = SECFailure;
- NSSCMSMessage *env_cmsg;
- NSSCMSContentInfo *cinfo;
- int i, nlevels;
- /*
- * construct an enveloped data message to obtain bulk keys
- */
- if (encryptOptions->envmsg) {
- env_cmsg = encryptOptions->envmsg; /* get it from an old message */
- } else {
- SECItem dummyOut = { 0, 0, 0 };
- SECItem dummyIn = { 0, 0, 0 };
- char str[] = "Hello!";
- PLArenaPool *tmparena = PORT_NewArena(1024);
- dummyIn.data = (unsigned char *)str;
- dummyIn.len = strlen(str);
- envelopeOptions.options = encryptOptions->options;
- envelopeOptions.recipients = encryptOptions->recipients;
- env_cmsg = enveloped_data(&envelopeOptions);
- NSS_CMSDEREncode(env_cmsg, &dummyIn, &dummyOut, tmparena);
- PR_Write(encryptOptions->envFile, dummyOut.data, dummyOut.len);
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- /*
- * get the content info for the enveloped data
- */
- nlevels = NSS_CMSMessage_ContentLevelCount(env_cmsg);
- for (i = 0; i < nlevels; i++) {
- SECOidTag typetag;
- cinfo = NSS_CMSMessage_ContentLevel(env_cmsg, i);
- typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- if (typetag == SEC_OID_PKCS7_DATA) {
- /*
- * get the symmetric key
- */
- encryptOptions->bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
- encryptOptions->keysize = NSS_CMSContentInfo_GetBulkKeySize(cinfo);
- encryptOptions->bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
- rv = SECSuccess;
- break;
- }
- }
- if (i == nlevels) {
- fprintf(stderr, "%s: could not retrieve enveloped data.", progName);
- }
- if (env_cmsg)
- NSS_CMSMessage_Destroy(env_cmsg);
- return rv;
-}
-
-static NSSCMSMessage *
-encrypted_data(struct encryptOptionsStr *encryptOptions)
-{
- SECStatus rv = SECFailure;
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSEncryptedData *encd;
- NSSCMSEncoderContext *ecx = NULL;
- PLArenaPool *tmppoolp = NULL;
- SECItem derOut = { 0, 0, 0 };
- /* arena for output */
- tmppoolp = PORT_NewArena(1024);
- if (!tmppoolp) {
- fprintf(stderr, "%s: out of memory.\n", progName);
- return NULL;
- }
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL);
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- goto loser;
- }
- /*
- * build chain of objects: message->encryptedData->data
- */
- if ((encd = NSS_CMSEncryptedData_Create(cmsg, encryptOptions->bulkalgtag,
- encryptOptions->keysize))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS encryptedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_EncryptedData(cmsg, cinfo, encd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS encryptedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSEncryptedData_GetContentInfo(encd);
- /* we're always passing data in, so the content is NULL */
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- ecx = NSS_CMSEncoder_Start(cmsg, NULL, NULL, &derOut, tmppoolp, NULL, NULL,
- dkcb, encryptOptions->bulkkey, NULL, NULL);
- if (!ecx) {
- fprintf(stderr, "%s: cannot create encoder context.\n", progName);
- goto loser;
- }
- rv = NSS_CMSEncoder_Update(ecx, (char *)encryptOptions->input->data,
- encryptOptions->input->len);
- if (rv) {
- fprintf(stderr, "%s: failed to add data to encoder.\n", progName);
- goto loser;
- }
- rv = NSS_CMSEncoder_Finish(ecx);
- if (rv) {
- fprintf(stderr, "%s: failed to encrypt data.\n", progName);
- goto loser;
- }
- fwrite(derOut.data, derOut.len, 1, encryptOptions->outfile);
- /*
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
- */
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return cmsg;
-loser:
- /*
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
- */
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-
-static NSSCMSMessage *
-signed_data_certsonly(struct certsonlyOptionsStr *certsonlyOptions)
-{
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSSignedData *sigd;
- CERTCertificate **certs = NULL;
- CERTCertDBHandle *dbhandle;
- PLArenaPool *tmppoolp = NULL;
- int i = 0, cnt;
- dbhandle = certsonlyOptions->options->certHandle;
- if ((cnt = nss_CMSArray_Count((void**)certsonlyOptions->recipients)) == 0) {
- fprintf(stderr,
- "ERROR: please indicate the nickname of a certificate to sign with.\n");
- goto loser;
- }
- if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- if ((certs =
- (CERTCertificate **)PORT_ArenaZAlloc(tmppoolp,
- (cnt+1)*sizeof(CERTCertificate*)))
- == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- for (i=0; certsonlyOptions->recipients[i] != NULL; i++) {
- if ((certs[i] =
- CERT_FindCertByNicknameOrEmailAddr(dbhandle,
- certsonlyOptions->recipients[i]))
- == NULL) {
- SECU_PrintError(progName, "cannot find certificate for \"%s\"",
- certsonlyOptions->recipients[i]);
- i=0;
- goto loser;
- }
- }
- certs[i] = NULL;
- i=0;
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL);
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- goto loser;
- }
- /*
- * build chain of objects: message->signedData->data
- */
- if ((sigd = NSS_CMSSignedData_CreateCertsOnly(cmsg, certs[0], PR_TRUE))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS signedData object.\n");
- goto loser;
- }
- CERT_DestroyCertificate(certs[0]);
- for (i=1; i<cnt; i++) {
- if (NSS_CMSSignedData_AddCertChain(sigd, certs[i])) {
- fprintf(stderr, "ERROR: cannot add cert chain for \"%s\".\n",
- certsonlyOptions->recipients[i]);
- goto loser;
- }
- CERT_DestroyCertificate(certs[i]);
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_SignedData(cmsg, cinfo, sigd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS signedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSSignedData_GetContentInfo(sigd);
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return cmsg;
-loser:
- if (certs) {
- for (; i<cnt; i++) {
- CERT_DestroyCertificate(certs[i]);
- }
- }
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return NULL;
-}
-
-typedef enum { UNKNOWN, DECODE, SIGN, ENCRYPT, ENVELOPE, CERTSONLY } Mode;
-
-int
-main(int argc, char **argv)
-{
- FILE *outFile;
- NSSCMSMessage *cmsg = NULL;
- PRFileDesc *inFile;
- PLOptState *optstate;
- PLOptStatus status;
- Mode mode = UNKNOWN;
- PK11PasswordFunc pwcb;
- void *pwcb_arg;
- struct decodeOptionsStr decodeOptions = { 0 };
- struct signOptionsStr signOptions = { 0 };
- struct envelopeOptionsStr envelopeOptions = { 0 };
- struct certsonlyOptionsStr certsonlyOptions = { 0 };
- struct encryptOptionsStr encryptOptions = { 0 };
- struct optionsStr options = { 0 };
- int exitstatus;
- static char *ptrarray[128] = { 0 };
- int nrecipients = 0;
- char *str, *tok;
- char *envFileName;
- SECItem input = { 0, 0, 0};
- SECItem output = { 0, 0, 0};
- SECItem dummy = { 0, 0, 0 };
- SECItem envmsg = { 0, 0, 0 };
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- inFile = PR_STDIN;
- outFile = stdout;
- envFileName = NULL;
- mode = UNKNOWN;
- decodeOptions.contentFile = NULL;
- decodeOptions.suppressContent = PR_FALSE;
- decodeOptions.headerLevel = -1;
- options.certUsage = certUsageEmailSigner;
- options.password = NULL;
- signOptions.nickname = NULL;
- signOptions.detached = PR_FALSE;
- signOptions.signingTime = PR_FALSE;
- signOptions.smimeProfile = PR_FALSE;
- signOptions.encryptionKeyPreferenceNick = NULL;
- signOptions.hashAlgTag = SEC_OID_SHA1;
- envelopeOptions.recipients = NULL;
- encryptOptions.recipients = NULL;
- encryptOptions.envmsg = NULL;
- encryptOptions.envFile = NULL;
- encryptOptions.bulkalgtag = SEC_OID_UNKNOWN;
- encryptOptions.bulkkey = NULL;
- encryptOptions.keysize = -1;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv,
- "CDEGH:N:OPSTY:c:d:e:h:i:no:p:r:s:u:v");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'C':
- mode = ENCRYPT;
- break;
- case 'D':
- mode = DECODE;
- break;
- case 'E':
- mode = ENVELOPE;
- break;
- case 'G':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -G only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.signingTime = PR_TRUE;
- break;
- case 'H':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -n only supported with option -D.\n",
- "%s: option -H only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- decodeOptions.suppressContent = PR_TRUE;
- if (!strcmp(optstate->value, "MD2"))
- signOptions.hashAlgTag = SEC_OID_MD2;
- else if (!strcmp(optstate->value, "MD4"))
- signOptions.hashAlgTag = SEC_OID_MD4;
- else if (!strcmp(optstate->value, "MD5"))
- signOptions.hashAlgTag = SEC_OID_MD5;
- else if (!strcmp(optstate->value, "SHA1"))
- signOptions.hashAlgTag = SEC_OID_SHA1;
- else if (!strcmp(optstate->value, "SHA256"))
- signOptions.hashAlgTag = SEC_OID_SHA256;
- else if (!strcmp(optstate->value, "SHA384"))
- signOptions.hashAlgTag = SEC_OID_SHA384;
- else if (!strcmp(optstate->value, "SHA512"))
- signOptions.hashAlgTag = SEC_OID_SHA512;
- else {
- fprintf(stderr,
- "%s: -H requires one of MD2,MD4,MD5,SHA1,SHA256,SHA384,SHA512\n",
- progName);
- exit(1);
- }
- break;
- case 'N':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -N only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.nickname = strdup(optstate->value);
- break;
- case 'O':
- mode = CERTSONLY;
- break;
- case 'P':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -P only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.smimeProfile = PR_TRUE;
- break;
- case 'S':
- mode = SIGN;
- break;
- case 'T':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -T only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.detached = PR_TRUE;
- break;
- case 'Y':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -Y only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.encryptionKeyPreferenceNick = strdup(optstate->value);
- break;
-
- case 'c':
- if (mode != DECODE) {
- fprintf(stderr,
- "%s: option -c only supported with option -D.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- if ((decodeOptions.contentFile =
- PR_Open(optstate->value, PR_RDONLY, 006600)) == NULL) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading.\n",
- progName, optstate->value);
- exit(1);
- }
- break;
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
- case 'e':
- envFileName = strdup(optstate->value);
- encryptOptions.envFile = PR_Open(envFileName, PR_RDONLY, 00660);
- break;
-
- case 'h':
- if (mode != DECODE) {
- fprintf(stderr,
- "%s: option -h only supported with option -D.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- decodeOptions.headerLevel = atoi(optstate->value);
- if (decodeOptions.headerLevel < 0) {
- fprintf(stderr, "option -h cannot have a negative value.\n");
- exit(1);
- }
- break;
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 00660);
- if (inFile == NULL) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- exit(1);
- }
- break;
-
- case 'n':
- if (mode != DECODE) {
- fprintf(stderr,
- "%s: option -n only supported with option -D.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- decodeOptions.suppressContent = PR_TRUE;
- break;
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (outFile == NULL) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- exit(1);
- }
- break;
- case 'p':
- if (!optstate->value) {
- fprintf(stderr, "%s: option -p must have a value.\n", progName);
- Usage(progName);
- exit(1);
- }
-
- options.password = strdup(optstate->value);
- break;
-
- case 'r':
- if (!optstate->value) {
- fprintf(stderr, "%s: option -r must have a value.\n", progName);
- Usage(progName);
- exit(1);
- }
- envelopeOptions.recipients = ptrarray;
- str = (char *)optstate->value;
- do {
- tok = strchr(str, ',');
- if (tok) *tok = '\0';
- envelopeOptions.recipients[nrecipients++] = strdup(str);
- if (tok) str = tok + 1;
- } while (tok);
- envelopeOptions.recipients[nrecipients] = NULL;
- encryptOptions.recipients = envelopeOptions.recipients;
- certsonlyOptions.recipients = envelopeOptions.recipients;
- break;
-
- case 'u': {
- int usageType;
-
- usageType = atoi (strdup(optstate->value));
- if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
- return -1;
- options.certUsage = (SECCertUsage)usageType;
- break;
- }
- case 'v':
- cms_verbose = 1;
- break;
-
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
- PL_DestroyOptState(optstate);
-
- if (mode == UNKNOWN)
- Usage(progName);
-
- if (mode != CERTSONLY)
- SECU_FileToItem(&input, inFile);
- if (inFile != PR_STDIN)
- PR_Close(inFile);
- if (cms_verbose) {
- fprintf(stderr, "received commands\n");
- }
-
- /* Call the libsec initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
- if (SECSuccess != rv) {
- SECU_PrintError(progName, "NSS_Init failed");
- exit(1);
- }
- if (cms_verbose) {
- fprintf(stderr, "NSS has been initialized.\n");
- }
- options.certHandle = CERT_GetDefaultCertDB();
- if (!options.certHandle) {
- SECU_PrintError(progName, "No default cert DB");
- exit(1);
- }
- if (cms_verbose) {
- fprintf(stderr, "Got default certdb\n");
- }
-
-#if defined(_WIN32)
- if (outFile == stdout) {
- /* If we're going to write binary data to stdout, we must put stdout
- ** into O_BINARY mode or else outgoing \n's will become \r\n's.
- */
- int smrv = _setmode(_fileno(stdout), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
- progName);
- return smrv;
- }
- }
-#endif
-
- exitstatus = 0;
- switch (mode) {
- case DECODE:
- decodeOptions.options = &options;
- if (encryptOptions.envFile) {
- /* Decoding encrypted-data, so get the bulkkey from an
- * enveloped-data message.
- */
- SECU_FileToItem(&envmsg, encryptOptions.envFile);
- decodeOptions.options = &options;
- encryptOptions.envmsg = decode(NULL, &dummy, &envmsg,
- &decodeOptions);
- if (!encryptOptions.envmsg) {
- SECU_PrintError(progName, "problem decoding env msg");
- exitstatus = 1;
- break;
- }
- rv = get_enc_params(&encryptOptions);
- decodeOptions.dkcb = dkcb;
- decodeOptions.bulkkey = encryptOptions.bulkkey;
- }
- cmsg = decode(outFile, &output, &input, &decodeOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem decoding");
- exitstatus = 1;
- }
- fwrite(output.data, output.len, 1, outFile);
- break;
- case SIGN:
- signOptions.options = &options;
- cmsg = signed_data(&signOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem signing");
- exitstatus = 1;
- }
- break;
- case ENCRYPT:
- if (!envFileName) {
- fprintf(stderr, "%s: you must specify an envelope file with -e.\n",
- progName);
- exit(1);
- }
- encryptOptions.options = &options;
- encryptOptions.input = &input;
- encryptOptions.outfile = outFile;
- if (!encryptOptions.envFile) {
- encryptOptions.envFile = PR_Open(envFileName,
- PR_WRONLY|PR_CREATE_FILE, 00660);
- if (!encryptOptions.envFile) {
- fprintf(stderr, "%s: failed to create file %s.\n", progName,
- envFileName);
- exit(1);
- }
- } else {
- SECU_FileToItem(&envmsg, encryptOptions.envFile);
- decodeOptions.options = &options;
- encryptOptions.envmsg = decode(NULL, &dummy, &envmsg,
- &decodeOptions);
- if (encryptOptions.envmsg == NULL) {
- SECU_PrintError(progName, "problem decrypting env msg");
- exitstatus = 1;
- break;
- }
- }
- /* decode an enveloped-data message to get the bulkkey (create
- * a new one if neccessary)
- */
- rv = get_enc_params(&encryptOptions);
- /* create the encrypted-data message */
- cmsg = encrypted_data(&encryptOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem encrypting");
- exitstatus = 1;
- }
- if (encryptOptions.bulkkey) {
- PK11_FreeSymKey(encryptOptions.bulkkey);
- encryptOptions.bulkkey = NULL;
- }
- break;
- case ENVELOPE:
- envelopeOptions.options = &options;
- cmsg = enveloped_data(&envelopeOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem enveloping");
- exitstatus = 1;
- }
- break;
- case CERTSONLY:
- certsonlyOptions.options = &options;
- cmsg = signed_data_certsonly(&certsonlyOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem with certs-only");
- exitstatus = 1;
- }
- break;
- default:
- fprintf(stderr, "One of options -D, -S or -E must be set.\n");
- Usage(progName);
- exitstatus = 1;
- }
- if ( (mode == SIGN || mode == ENVELOPE || mode == CERTSONLY)
- && (!exitstatus) ) {
- PLArenaPool *arena = PORT_NewArena(1024);
- NSSCMSEncoderContext *ecx;
- SECItem output = { 0, 0, 0 };
- secuPWData pwdata = { PW_NONE, 0 };
-
- if (!arena) {
- fprintf(stderr, "%s: out of memory.\n", progName);
- exit(1);
- }
-
- if (options.password)
- {
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = options.password;
- }
- pwcb = SECU_GetModulePassword;
- pwcb_arg = (void *)&pwdata;
-
- if (cms_verbose) {
- fprintf(stderr, "cmsg [%p]\n", cmsg);
- fprintf(stderr, "arena [%p]\n", arena);
- if (pwcb_arg)
- fprintf(stderr, "password [%s]\n", (char *)pwcb_arg);
- else
- fprintf(stderr, "password [NULL]\n");
- }
- ecx = NSS_CMSEncoder_Start(cmsg,
- NULL, NULL, /* DER output callback */
- &output, arena, /* destination storage */
- pwcb, pwcb_arg, /* password callback */
- NULL, NULL, /* decrypt key callback */
- NULL, NULL ); /* detached digests */
- if (!ecx) {
- fprintf(stderr, "%s: cannot create encoder context.\n", progName);
- exit(1);
- }
- if (cms_verbose) {
- fprintf(stderr, "input len [%d]\n", input.len);
- { unsigned int j;
- for(j=0;j<input.len;j++)
- fprintf(stderr, "%2x%c", input.data[j], (j>0&&j%35==0)?'\n':' ');
- }
- }
- if (input.len > 0) { /* skip if certs-only (or other zero content) */
- rv = NSS_CMSEncoder_Update(ecx, (char *)input.data, input.len);
- if (rv) {
- fprintf(stderr,
- "%s: failed to add data to encoder.\n", progName);
- exit(1);
- }
- }
- rv = NSS_CMSEncoder_Finish(ecx);
- if (rv) {
- SECU_PrintError(progName, "failed to encode data");
- exit(1);
- }
-
- if (cms_verbose) {
- fprintf(stderr, "encoding passed\n");
- }
- /*PR_Write(output.data, output.len);*/
- fwrite(output.data, output.len, 1, outFile);
- if (cms_verbose) {
- fprintf(stderr, "wrote to file\n");
- }
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- if (outFile != stdout)
- fclose(outFile);
-
- if (decodeOptions.contentFile)
- PR_Close(decodeOptions.contentFile);
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- exit(exitstatus);
-}
diff --git a/security/nss/cmd/smimetools/manifest.mn b/security/nss/cmd/smimetools/manifest.mn
deleted file mode 100644
index 552cfec7d..000000000
--- a/security/nss/cmd/smimetools/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-CSRCS = cmsutil.c
-
-MYLIB = $(DIST)/lib/libsmime.a
-
-REQUIRES = seccmd dbm
-
-PROGRAM = cmsutil
-SCRIPTS = smime
diff --git a/security/nss/cmd/smimetools/rules.mk b/security/nss/cmd/smimetools/rules.mk
deleted file mode 100644
index 51e0baaed..000000000
--- a/security/nss/cmd/smimetools/rules.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# $Id$
-#
-
-install::
- $(INSTALL) -m 755 $(SCRIPTS) $(SOURCE_BIN_DIR)
diff --git a/security/nss/cmd/smimetools/smime b/security/nss/cmd/smimetools/smime
deleted file mode 100755
index d23a912ed..000000000
--- a/security/nss/cmd/smimetools/smime
+++ /dev/null
@@ -1,576 +0,0 @@
-#!/usr/local/bin/perl
-
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# smime.pl - frontend for S/MIME message generation and parsing
-#
-# $Id$
-#
-
-use Getopt::Std;
-
-@boundarychars = ( "0" .. "9", "A" .. "F" );
-
-# path to cmsutil
-$cmsutilpath = "cmsutil";
-
-#
-# Thanks to Gisle Aas <gisle@aas.no> for the base64 functions
-# originally taken from MIME-Base64-2.11 at www.cpan.org
-#
-sub encode_base64($)
-{
- my $res = "";
- pos($_[0]) = 0; # ensure start at the beginning
- while ($_[0] =~ /(.{1,45})/gs) {
- $res .= substr(pack('u', $1), 1); # get rid of length byte after packing
- chop($res);
- }
- $res =~ tr|` -_|AA-Za-z0-9+/|;
- # fix padding at the end
- my $padding = (3 - length($_[0]) % 3) % 3;
- $res =~ s/.{$padding}$/'=' x $padding/e if $padding;
- # break encoded string into lines of no more than 76 characters each
- $res =~ s/(.{1,76})/$1\n/g;
- $res;
-}
-
-sub decode_base64($)
-{
- local($^W) = 0; # unpack("u",...) gives bogus warning in 5.00[123]
-
- my $str = shift;
- my $res = "";
-
- $str =~ tr|A-Za-z0-9+=/||cd; # remove non-base64 chars
- if (length($str) % 4) {
- require Carp;
- Carp::carp("Length of base64 data not a multiple of 4")
- }
- $str =~ s/=+$//; # remove padding
- $str =~ tr|A-Za-z0-9+/| -_|; # convert to uuencoded format
- while ($str =~ /(.{1,60})/gs) {
- my $len = chr(32 + length($1)*3/4); # compute length byte
- $res .= unpack("u", $len . $1 ); # uudecode
- }
- $res;
-}
-
-#
-# parse headers into a hash
-#
-# %headers = parseheaders($headertext);
-#
-sub parseheaders($)
-{
- my ($headerdata) = @_;
- my $hdr;
- my %hdrhash;
- my $hdrname;
- my $hdrvalue;
- my @hdrvalues;
- my $subhdrname;
- my $subhdrvalue;
-
- # the expression in split() correctly handles continuation lines
- foreach $hdr (split(/\n(?=\S)/, $headerdata)) {
- $hdr =~ s/\r*\n\s+/ /g; # collapse continuation lines
- ($hdrname, $hdrvalue) = $hdr =~ m/^(\S+):\s+(.*)$/;
-
- # ignore non-headers (or should we die horribly?)
- next unless (defined($hdrname));
- $hdrname =~ tr/A-Z/a-z/; # lowercase the header name
- @hdrvalues = split(/\s*;\s*/, $hdrvalue); # split header values (XXXX quoting)
-
- # there is guaranteed to be at least one value
- $hdrvalue = shift @hdrvalues;
- if ($hdrvalue =~ /^\s*\"(.*)\"\s*$/) { # strip quotes if there
- $hdrvalue = $1;
- }
-
- $hdrhash{$hdrname}{MAIN} = $hdrvalue;
- # print "XXX $hdrname = $hdrvalue\n";
-
- # deal with additional name-value pairs
- foreach $hdrvalue (@hdrvalues) {
- ($subhdrname, $subhdrvalue) = $hdrvalue =~ m/^(\S+)\s*=\s*(.*)$/;
- # ignore non-name-value pairs (or should we die?)
- next unless (defined($subhdrname));
- $subhdrname =~ tr/A-Z/a-z/;
- if ($subhdrvalue =~ /^\s*\"(.*)\"\s*$/) { # strip quotes if there
- $subhdrvalue = $1;
- }
- $hdrhash{$hdrname}{$subhdrname} = $subhdrvalue;
- }
-
- }
- return %hdrhash;
-}
-
-#
-# encryptentity($entity, $options) - encrypt an S/MIME entity,
-# creating a new application/pkcs7-smime entity
-#
-# entity - string containing entire S/MIME entity to encrypt
-# options - options for cmsutil
-#
-# this will generate and return a new application/pkcs7-smime entity containing
-# the enveloped input entity.
-#
-sub encryptentity($$)
-{
- my ($entity, $cmsutiloptions) = @_;
- my $out = "";
- my $boundary;
-
- $tmpencfile = "/tmp/encryptentity.$$";
-
- #
- # generate a random boundary string
- #
- $boundary = "------------ms" . join("", @boundarychars[map{rand @boundarychars }( 1 .. 24 )]);
-
- #
- # tell cmsutil to generate a enveloped CMS message using our data
- #
- open(CMS, "|$cmsutilpath -E $cmsutiloptions -o $tmpencfile") or die "ERROR: cannot pipe to cmsutil";
- print CMS $entity;
- unless (close(CMS)) {
- print STDERR "ERROR: encryption failed.\n";
- unlink($tmpsigfile);
- exit 1;
- }
-
- $out = "Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name=smime.p7m\n";
- $out .= "Content-Transfer-Encoding: base64\n";
- $out .= "Content-Disposition: attachment; filename=smime.p7m\n";
- $out .= "\n"; # end of entity header
-
- open (ENC, $tmpencfile) or die "ERROR: cannot find newly generated encrypted content";
- local($/) = undef; # slurp whole file
- $out .= encode_base64(<ENC>), "\n"; # entity body is base64-encoded CMS message
- close(ENC);
-
- unlink($tmpencfile);
-
- $out;
-}
-
-#
-# signentity($entity, $options) - sign an S/MIME entity
-#
-# entity - string containing entire S/MIME entity to sign
-# options - options for cmsutil
-#
-# this will generate and return a new multipart/signed entity consisting
-# of the canonicalized original content, plus a signature block.
-#
-sub signentity($$)
-{
- my ($entity, $cmsutiloptions) = @_;
- my $out = "";
- my $boundary;
-
- $tmpsigfile = "/tmp/signentity.$$";
-
- #
- # generate a random boundary string
- #
- $boundary = "------------ms" . join("", @boundarychars[map{rand @boundarychars }( 1 .. 24 )]);
-
- #
- # tell cmsutil to generate a signed CMS message using the canonicalized data
- # The signedData has detached content (-T) and includes a signing time attribute (-G)
- #
- # if we do not provide a password on the command line, here's where we would be asked for it
- #
- open(CMS, "|$cmsutilpath -S -T -G $cmsutiloptions -o $tmpsigfile") or die "ERROR: cannot pipe to cmsutil";
- print CMS $entity;
- unless (close(CMS)) {
- print STDERR "ERROR: signature generation failed.\n";
- unlink($tmpsigfile);
- exit 1;
- }
-
- open (SIG, $tmpsigfile) or die "ERROR: cannot find newly generated signature";
-
- #
- # construct a new multipart/signed MIME entity consisting of the original content and
- # the signature
- #
- # (we assume that cmsutil generates a SHA1 digest)
- $out .= "Content-Type: multipart/signed; protocol=\"application/pkcs7-signature\"; micalg=sha1; boundary=\"${boundary}\"\n";
- $out .= "\n"; # end of entity header
- $out .= "This is a cryptographically signed message in MIME format.\n"; # explanatory comment
- $out .= "\n--${boundary}\n";
- $out .= $entity;
- $out .= "\n--${boundary}\n";
- $out .= "Content-Type: application/pkcs7-signature; name=smime.p7s\n";
- $out .= "Content-Transfer-Encoding: base64\n";
- $out .= "Content-Disposition: attachment; filename=smime.p7s\n";
- $out .= "Content-Description: S/MIME Cryptographic Signature\n";
- $out .= "\n"; # end of signature subentity header
-
- local($/) = undef; # slurp whole file
- $out .= encode_base64(<SIG>); # append base64-encoded signature
- $out .= "\n--${boundary}--\n";
-
- close(SIG);
- unlink($tmpsigfile);
-
- $out;
-}
-
-sub usage {
- print STDERR "usage: smime [options]\n";
- print STDERR " options:\n";
- print STDERR " -S nick generate signed message, use certificate named \"nick\"\n";
- print STDERR " -p passwd use \"passwd\" as security module password\n";
- print STDERR " -E rec1[,rec2...] generate encrypted message for recipients\n";
- print STDERR " -D decode a S/MIME message\n";
- print STDERR " -p passwd use \"passwd\" as security module password\n";
- print STDERR " (required for decrypting only)\n";
- print STDERR " -C pathname set pathname of \"cmsutil\"\n";
- print STDERR " -d directory set directory containing certificate db\n";
- print STDERR " (default: ~/.netscape)\n";
- print STDERR "\nWith -S or -E, smime will take a regular RFC822 message or MIME entity\n";
- print STDERR "on stdin and generate a signed or encrypted S/MIME message with the same\n";
- print STDERR "headers and content from it. The output can be used as input to a MTA.\n";
- print STDERR "-D causes smime to strip off all S/MIME layers if possible and output\n";
- print STDERR "the \"inner\" message.\n";
-}
-
-#
-# start of main procedures
-#
-
-#
-# process command line options
-#
-unless (getopts('S:E:p:d:C:D')) {
- usage();
- exit 1;
-}
-
-unless (defined($opt_S) or defined($opt_E) or defined($opt_D)) {
- print STDERR "ERROR: -S and/or -E, or -D must be specified.\n";
- usage();
- exit 1;
-}
-
-$signopts = "";
-$encryptopts = "";
-$decodeopts = "";
-
-# pass -d option along
-if (defined($opt_d)) {
- $signopts .= "-d \"$opt_d\" ";
- $encryptopts .= "-d \"$opt_d\" ";
- $decodeopts .= "-d \"$opt_d\" ";
-}
-
-if (defined($opt_S)) {
- $signopts .= "-N \"$opt_S\" ";
-}
-
-if (defined($opt_p)) {
- $signopts .= "-p \"$opt_p\" ";
- $decodeopts .= "-p \"$opt_p\" ";
-}
-
-if (defined($opt_E)) {
- @recipients = split(",", $opt_E);
- $encryptopts .= "-r ";
- $encryptopts .= join (" -r ", @recipients);
-}
-
-if (defined($opt_C)) {
- $cmsutilpath = $opt_C;
-}
-
-#
-# split headers into mime entity headers and RFC822 headers
-# The RFC822 headers are preserved and stay on the outer layer of the message
-#
-$rfc822headers = "";
-$mimeheaders = "";
-$mimebody = "";
-$skippedheaders = "";
-while (<STDIN>) {
- last if (/^$/);
- if (/^content-\S+: /i) {
- $lastref = \$mimeheaders;
- } elsif (/^mime-version: /i) {
- $lastref = \$skippedheaders; # skip it
- } elsif (/^\s/) {
- ;
- } else {
- $lastref = \$rfc822headers;
- }
- $$lastref .= $_;
-}
-
-#
-# if there are no MIME entity headers, generate some default ones
-#
-if ($mimeheaders eq "") {
- $mimeheaders .= "Content-Type: text/plain; charset=us-ascii\n";
- $mimeheaders .= "Content-Transfer-Encoding: 7bit\n";
-}
-
-#
-# slurp in the entity body
-#
-$saveRS = $/;
-$/ = undef;
-$mimebody = <STDIN>;
-$/ = $saveRS;
-chomp($mimebody);
-
-if (defined $opt_D) {
- #
- # decode
- #
- # possible options would be:
- # - strip off only one layer
- # - strip off outer signature (if present)
- # - just print information about the structure of the message
- # - strip n layers, then dump DER of CMS message
-
- $layercounter = 1;
-
- while (1) {
- %hdrhash = parseheaders($mimeheaders);
- unless (exists($hdrhash{"content-type"}{MAIN})) {
- print STDERR "ERROR: no content type header found in MIME entity\n";
- last; # no content-type - we're done
- }
-
- $contenttype = $hdrhash{"content-type"}{MAIN};
- if ($contenttype eq "application/pkcs7-mime") {
- #
- # opaque-signed or enveloped message
- #
- unless (exists($hdrhash{"content-type"}{"smime-type"})) {
- print STDERR "ERROR: no smime-type attribute in application/pkcs7-smime entity.\n";
- last;
- }
- $smimetype = $hdrhash{"content-type"}{"smime-type"};
- if ($smimetype eq "signed-data" or $smimetype eq "enveloped-data") {
- # it's verification or decryption time!
-
- # can handle only base64 encoding for now
- # all other encodings are treated as binary (8bit)
- if ($hdrhash{"content-transfer-encoding"}{MAIN} eq "base64") {
- $mimebody = decode_base64($mimebody);
- }
-
- # if we need to dump the DER, we would do it right here
-
- # now write the DER
- $tmpderfile = "/tmp/der.$$";
- open(TMP, ">$tmpderfile") or die "ERROR: cannot write signature data to temporary file";
- print TMP $mimebody;
- unless (close(TMP)) {
- print STDERR "ERROR: writing signature data to temporary file.\n";
- unlink($tmpderfile);
- exit 1;
- }
-
- $mimeheaders = "";
- open(TMP, "$cmsutilpath -D $decodeopts -h $layercounter -i $tmpderfile |") or die "ERROR: cannot open pipe to cmsutil";
- $layercounter++;
- while (<TMP>) {
- last if (/^\r?$/); # empty lines mark end of header
- if (/^SMIME: /) { # add all SMIME info to the rfc822 hdrs
- $lastref = \$rfc822headers;
- } elsif (/^\s/) {
- ; # continuation lines go to the last dest
- } else {
- $lastref = \$mimeheaders; # all other headers are mime headers
- }
- $$lastref .= $_;
- }
- # slurp in rest of the data to $mimebody
- $saveRS = $/; $/ = undef; $mimebody = <TMP>; $/ = $saveRS;
- close(TMP);
-
- unlink($tmpderfile);
-
- } else {
- print STDERR "ERROR: unknown smime-type \"$smimetype\" in application/pkcs7-smime entity.\n";
- last;
- }
- } elsif ($contenttype eq "multipart/signed") {
- #
- # clear signed message
- #
- unless (exists($hdrhash{"content-type"}{"protocol"})) {
- print STDERR "ERROR: content type has no protocol attribute in multipart/signed entity.\n";
- last;
- }
- if ($hdrhash{"content-type"}{"protocol"} ne "application/pkcs7-signature") {
- # we cannot handle this guy
- print STDERR "ERROR: unknown protocol \"", $hdrhash{"content-type"}{"protocol"},
- "\" in multipart/signed entity.\n";
- last;
- }
- unless (exists($hdrhash{"content-type"}{"boundary"})) {
- print STDERR "ERROR: no boundary attribute in multipart/signed entity.\n";
- last;
- }
- $boundary = $hdrhash{"content-type"}{"boundary"};
-
- # split $mimebody along \n--$boundary\n - gets you four parts
- # first (0), any comments the sending agent might have put in
- # second (1), the message itself
- # third (2), the signature as a mime entity
- # fourth (3), trailing data (there shouldn't be any)
-
- @multiparts = split(/\r?\n--$boundary(?:--)?\r?\n/, $mimebody);
-
- #
- # parse the signature headers
- ($submimeheaders, $submimebody) = split(/^$/m, $multiparts[2]);
- %sighdrhash = parseheaders($submimeheaders);
- unless (exists($sighdrhash{"content-type"}{MAIN})) {
- print STDERR "ERROR: signature entity has no content type.\n";
- last;
- }
- if ($sighdrhash{"content-type"}{MAIN} ne "application/pkcs7-signature") {
- # we cannot handle this guy
- print STDERR "ERROR: unknown content type \"", $sighdrhash{"content-type"}{MAIN},
- "\" in signature entity.\n";
- last;
- }
- if ($sighdrhash{"content-transfer-encoding"}{MAIN} eq "base64") {
- $submimebody = decode_base64($submimebody);
- }
-
- # we would dump the DER at this point
-
- $tmpsigfile = "/tmp/sig.$$";
- open(TMP, ">$tmpsigfile") or die "ERROR: cannot write signature data to temporary file";
- print TMP $submimebody;
- unless (close(TMP)) {
- print STDERR "ERROR: writing signature data to temporary file.\n";
- unlink($tmpsigfile);
- exit 1;
- }
-
- $tmpmsgfile = "/tmp/msg.$$";
- open(TMP, ">$tmpmsgfile") or die "ERROR: cannot write message data to temporary file";
- print TMP $multiparts[1];
- unless (close(TMP)) {
- print STDERR "ERROR: writing message data to temporary file.\n";
- unlink($tmpsigfile);
- unlink($tmpmsgfile);
- exit 1;
- }
-
- $mimeheaders = "";
- open(TMP, "$cmsutilpath -D $decodeopts -h $layercounter -c $tmpmsgfile -i $tmpsigfile |") or die "ERROR: cannot open pipe to cmsutil";
- $layercounter++;
- while (<TMP>) {
- last if (/^\r?$/);
- if (/^SMIME: /) {
- $lastref = \$rfc822headers;
- } elsif (/^\s/) {
- ;
- } else {
- $lastref = \$mimeheaders;
- }
- $$lastref .= $_;
- }
- $saveRS = $/; $/ = undef; $mimebody = <TMP>; $/ = $saveRS;
- close(TMP);
- unlink($tmpsigfile);
- unlink($tmpmsgfile);
-
- } else {
-
- # not a content type we know - we're done
- last;
-
- }
- }
-
- # so now we have the S/MIME parsing information in rfc822headers
- # and the first mime entity we could not handle in mimeheaders and mimebody.
- # dump 'em out and we're done.
- print $rfc822headers;
- print $mimeheaders . "\n" . $mimebody;
-
-} else {
-
- #
- # encode (which is much easier than decode)
- #
-
- $mimeentity = $mimeheaders . "\n" . $mimebody;
-
- #
- # canonicalize inner entity (rudimentary yet)
- # convert single LFs to CRLF
- # if no Content-Transfer-Encoding header present:
- # if 8 bit chars present, use Content-Transfer-Encoding: quoted-printable
- # otherwise, use Content-Transfer-Encoding: 7bit
- #
- $mimeentity =~ s/\r*\n/\r\n/mg;
-
- #
- # now do the wrapping
- # we sign first, then encrypt because that's what Communicator needs
- #
- if (defined($opt_S)) {
- $mimeentity = signentity($mimeentity, $signopts);
- }
-
- if (defined($opt_E)) {
- $mimeentity = encryptentity($mimeentity, $encryptopts);
- }
-
- #
- # XXX sign again to do triple wrapping (RFC2634)
- #
-
- #
- # now write out the RFC822 headers
- # followed by the final $mimeentity
- #
- print $rfc822headers;
- print "MIME-Version: 1.0 (NSS SMIME - http://www.mozilla.org/projects/security)\n"; # set up the flag
- print $mimeentity;
-}
-
-exit 0;
diff --git a/security/nss/cmd/sslstrength/Makefile b/security/nss/cmd/sslstrength/Makefile
deleted file mode 100644
index 8a0332d89..000000000
--- a/security/nss/cmd/sslstrength/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE
-ifndef BUILD_OPT
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/sslstrength/manifest.mn b/security/nss/cmd/sslstrength/manifest.mn
deleted file mode 100644
index 8b7cb7b0d..000000000
--- a/security/nss/cmd/sslstrength/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = sslstrength.c \
- $(NULL)
-
-PROGRAM = sslstrength
-
-REQUIRES = dbm seccmd
-
-DEFINES += -DDLL_PREFIX=\"$(DLL_PREFIX)\" -DDLL_SUFFIX=\"$(DLL_SUFFIX)\"
-
-PACKAGE_FILES = sslstrength
-
-ARCHIVE_NAME = sslstrength
diff --git a/security/nss/cmd/sslstrength/sslstr.cgi b/security/nss/cmd/sslstrength/sslstr.cgi
deleted file mode 100644
index ab6a1bff9..000000000
--- a/security/nss/cmd/sslstrength/sslstr.cgi
+++ /dev/null
@@ -1,296 +0,0 @@
-#!/usr/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-use CGI qw(:standard);
-
-
-
-# Replace this will the full path to the sslstrength executable.
-$sslstrength = "./sslstrength";
-
-
-# Replace this with the name of this CGI.
-
-$sslcgi = "sslstr.cgi";
-
-
-$query = new CGI;
-
-print header;
-
-print "<HTML><HEAD>
-<SCRIPT language='javascript'>
-
-function doexport(form) {
- form.ssl2ciphers.options[0].selected=0;
- form.ssl2ciphers.options[1].selected=0;
- form.ssl2ciphers.options[2].selected=0;
- form.ssl2ciphers.options[3].selected=0;
- form.ssl2ciphers.options[4].selected=1;
- form.ssl2ciphers.options[5].selected=1;
-
- form.ssl3ciphers.options[0].selected=1;
- form.ssl3ciphers.options[1].selected=1;
- form.ssl3ciphers.options[2].selected=0;
- form.ssl3ciphers.options[3].selected=1;
- form.ssl3ciphers.options[4].selected=1;
- form.ssl3ciphers.options[5].selected=1;
- form.ssl3ciphers.options[6].selected=0;
- form.ssl3ciphers.options[7].selected=0;
-
-
-}
-
-function dodomestic(form) {
- form.ssl2ciphers.options[0].selected=1;
- form.ssl2ciphers.options[1].selected=1;
- form.ssl2ciphers.options[2].selected=1;
- form.ssl2ciphers.options[3].selected=1;
- form.ssl2ciphers.options[4].selected=1;
- form.ssl2ciphers.options[5].selected=1;
-
- form.ssl3ciphers.options[0].selected=1;
- form.ssl3ciphers.options[1].selected=1;
- form.ssl3ciphers.options[2].selected=1;
- form.ssl3ciphers.options[3].selected=1;
- form.ssl3ciphers.options[4].selected=1;
- form.ssl3ciphers.options[5].selected=1;
- form.ssl3ciphers.options[6].selected=1;
- form.ssl3ciphers.options[7].selected=1;
-
-}
-
-function doclearssl2(form) {
- form.ssl2ciphers.options[0].selected=0;
- form.ssl2ciphers.options[1].selected=0;
- form.ssl2ciphers.options[2].selected=0;
- form.ssl2ciphers.options[3].selected=0;
- form.ssl2ciphers.options[4].selected=0;
- form.ssl2ciphers.options[5].selected=0;
-}
-
-
-function doclearssl3(form) {
- form.ssl3ciphers.options[0].selected=0;
- form.ssl3ciphers.options[1].selected=0;
- form.ssl3ciphers.options[2].selected=0;
- form.ssl3ciphers.options[3].selected=0;
- form.ssl3ciphers.options[4].selected=0;
- form.ssl3ciphers.options[5].selected=0;
- form.ssl3ciphers.options[6].selected=0;
- form.ssl3ciphers.options[7].selected=0;
-
-}
-
-function dohost(form,hostname) {
- form.host.value=hostname;
- }
-
-
-
-</SCRIPT>
-<TITLE>\n";
-print "SSLStrength\n";
-print "</TITLE></HEAD>\n";
-
-print "<h1>SSLStrength</h1>\n";
-
-if ($query->param('dotest')) {
- print "Output from sslstrength: \n";
- print "<pre>\n";
-
- $cs = "";
-
- @ssl2ciphers = $query->param('ssl2ciphers');
- for $cipher (@ssl2ciphers) {
- if ($cipher eq "SSL_EN_RC2_128_WITH_MD5") { $cs .= "a"; }
- if ($cipher eq "SSL_EN_RC2_128_CBC_WITH_MD5") { $cs .= "b"; }
- if ($cipher eq "SSL_EN_DES_192_EDE3_CBC_WITH_MD5") { $cs .= "c"; }
- if ($cipher eq "SSL_EN_DES_64_CBC_WITH_MD5") { $cs .= "d"; }
- if ($cipher eq "SSL_EN_RC4_128_EXPORT40_WITH_MD5") { $cs .= "e"; }
- if ($cipher eq "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5") { $cs .= "f"; }
- }
-
- @ssl3ciphers = $query->param('ssl3ciphers');
- for $cipher (@ssl3ciphers) {
- if ($cipher eq "SSL_RSA_WITH_RC4_128_MD5") { $cs .= "i"; }
- if ($cipher eq "SSL_RSA_WITH_3DES_EDE_CBC_SHA") { $cs .= "j"; }
- if ($cipher eq "SSL_RSA_WITH_DES_CBC_SHA") { $cs .= "k"; }
- if ($cipher eq "SSL_RSA_EXPORT_WITH_RC4_40_MD5") { $cs .= "l"; }
- if ($cipher eq "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5") { $cs .= "m"; }
- if ($cipher eq "SSL_RSA_WITH_NULL_MD5") { $cs .= "o"; }
- if ($cipher eq "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA") { $cs .= "p"; }
- if ($cipher eq "SSL_RSA_FIPS_WITH_DES_CBC_SHA") { $cs .= "q"; }
- }
-
- $hs = $query->param('host');
- if ($hs eq "") {
- print "</pre>You must specify a host to connect to.<br><br>\n";
- exit(0);
- }
-
- $ps = $query->param('policy');
-
- $cmdstring = "$sslstrength $hs policy=$ps ciphers=$cs";
-
- print "running sslstrength:\n";
- print "$cmdstring\n";
-
- $r = open(SSLS, "$cmdstring |");
- if ($r == 0) {
- print "<pre>There was a problem starting $cmdstring<br><br>\n";
- exit(0);
- }
- while (<SSLS>) {
- print "$_";
- }
- close(SSLS);
-
-
- print "</pre>\n";
-
-}
-
-else {
-print "<FORM method=post action=$sslcgi>\n";
-print "<hr>
-<h2>Host Name</h2>
-<TABLE BORDER=0 CELLPADDING=20>
-<TR>
-<TD>
-Type hostname here:<br>
-<input type=text name=host size=30>&nbsp;<br><br>
-<TD>
- <b>Or click these buttons to test some well-known servers</b><br>
- <TABLE BORDER=0>
- <TR>
- <TD>
- Export servers:
- <TD>
- <input type=button value='F-Tech' onclick=dohost(this.form,'strongbox.ftech.net')>
- </TR>
- <TR>
- <TD>
- Domestic servers:
- <TD>
- <input type=button value='Wells Fargo' onclick=dohost(this.form,'banking.wellsfargo.com')>
- </TR>
- <TR>
- <TD>
- Step-Up Servers
- <TD>
- <input type=button value='Barclaycard' onclick=dohost(this.form,'enigma.barclaycard.co.uk')>
- <input type=button value='BBVnet' onclick=dohost(this.form,'www.bbvnet.com')>&nbsp;
- <input type=button value='BHIF' onclick=dohost(this.form,'empresas.bhif.cl')>&nbsp;
- </TR>
- </TABLE>
-</TR>
-</TABLE>
-<br>
-<hr>
-<br>
-<h2>Encryption policy</h2>
-<input type=radio name=policy VALUE=export onclick=doexport(this.form)>&nbsp;
-Export<br>
-<input type=radio name=policy VALUE=domestic CHECKED onclick=dodomestic(this.form)>&nbsp;
-Domestic<br>
-<br>
-<hr>
-<br>
-<h2>Cipher Selection</h2>
-(use ctrl to multi-select)<br>
-<table>
-<tr>
-<td>SSL 2 Ciphers
-<td>
-<SELECT NAME=ssl2ciphers SIZE=6 MULTIPLE align=bottom>
-<OPTION SELECTED>SSL_EN_RC4_128_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC2_128_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_DES_192_EDE3_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_DES_64_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC4_128_EXPORT40_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5
-</SELECT>
-<input type=button Value='Clear all' onclick = 'doclearssl2(this.form)'>
-</tr>
-<tr>
-<td>SSL3 Ciphers
-<td>
-<SELECT NAME=ssl3ciphers SIZE=8 MULTIPLE>
-<OPTION SELECTED>SSL_RSA_WITH_RC4_128_MD5
-<OPTION SELECTED>SSL_RSA_WITH_3DES_EDE_CBC_SHA
-<OPTION SELECTED>SSL_RSA_WITH_DES_CBC_SHA
-<OPTION SELECTED>SSL_RSA_EXPORT_WITH_RC4_40_MD5
-<OPTION SELECTED>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
-<OPTION SELECTED>SSL_RSA_WITH_NULL_MD5
-<OPTION SELECTED>SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
-<OPTION SELECTED>SSL_RSA_FIPS_WITH_DES_CBC_SHA
-</SELECT>
-<input type=button value='Clear all' onclick = 'doclearssl3(this.form)'>
-
-<TD>
-<input type=submit name=dotest value='Run SSLStrength'>
-</tr>
-</table>
-<input type=hidden name=dotest>
-<br>
-<br>
-</form>
-\n";
-
-}
-
-
-exit(0);
-
-
-__END__
-
- id CipherName Domestic Export
- a SSL_EN_RC4_128_WITH_MD5 (ssl2) Yes No
- b SSL_EN_RC2_128_CBC_WITH_MD5 (ssl2) Yes No
- c SSL_EN_DES_192_EDE3_CBC_WITH_MD5 (ssl2) Yes No
- d SSL_EN_DES_64_CBC_WITH_MD5 (ssl2) Yes No
- e SSL_EN_RC4_128_EXPORT40_WITH_MD5 (ssl2) Yes Yes
- f SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2) Yes Yes
- i SSL_RSA_WITH_RC4_128_MD5 (ssl3) Yes Step-up only
- j SSL_RSA_WITH_3DES_EDE_CBC_SHA (ssl3) Yes Step-up only
- k SSL_RSA_WITH_DES_CBC_SHA (ssl3) Yes No
- l SSL_RSA_EXPORT_WITH_RC4_40_MD5 (ssl3) Yes Yes
- m SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (ssl3) Yes Yes
- o SSL_RSA_WITH_NULL_MD5 (ssl3) Yes Yes
-
-
-
diff --git a/security/nss/cmd/sslstrength/sslstrength.c b/security/nss/cmd/sslstrength/sslstrength.c
deleted file mode 100644
index 7e8604ed0..000000000
--- a/security/nss/cmd/sslstrength/sslstrength.c
+++ /dev/null
@@ -1,622 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef SSLTELNET
-#include <termios.h>
-#endif
-
-/* Portable layer header files */
-#include "prinit.h"
-#include "prprf.h"
-#include "prsystem.h"
-#include "prmem.h"
-#include "plstr.h"
-#include "prnetdb.h"
-#include "prinrval.h"
-
-#include "secutil.h"
-
-/* Security library files */
-#include "cert.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "secmod.h"
-#include "nss.h"
-
-/* define this if you want telnet capability! */
-
-/* #define SSLTELNET 1 */
-
-PRInt32 debug;
-
-#ifdef DEBUG_stevep
-#define dbmsg(x) if (verbose) PR_fprintf(PR_STDOUT,x);
-#else
-#define dbmsg(x) ;
-#endif
-
-
-/* Set SSL Policy to Domestic (strong=1) or Export (strong=0) */
-
-#define ALLOW(x) SSL_CipherPolicySet(x,SSL_ALLOWED); SSL_CipherPrefSetDefault(x,1);
-#define DISALLOW(x) SSL_CipherPolicySet(x,SSL_NOT_ALLOWED); SSL_CipherPrefSetDefault(x,0);
-#define MAYBEALLOW(x) SSL_CipherPolicySet(x,SSL_RESTRICTED); SSL_CipherPrefSetDefault(x,1);
-
-struct CipherPolicy {
- char number;
- long id;
- char *name;
- PRInt32 pref;
- PRInt32 domestic;
- PRInt32 export;
-};
-
-struct CipherPolicy ciphers[] = {
- { 'a',SSL_EN_RC4_128_WITH_MD5, "SSL_EN_RC4_128_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'b',SSL_EN_RC2_128_CBC_WITH_MD5, "SSL_EN_RC2_128_CBC_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'c',SSL_EN_DES_192_EDE3_CBC_WITH_MD5, "SSL_EN_DES_192_EDE3_CBC_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'd',SSL_EN_DES_64_CBC_WITH_MD5, "SSL_EN_DES_64_CBC_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'e',SSL_EN_RC4_128_EXPORT40_WITH_MD5, "SSL_EN_RC4_128_EXPORT40_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_ALLOWED },
- { 'f',SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_ALLOWED },
-#ifdef FORTEZZA
- { 'g',SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA",1,SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'h',SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, "SSL_FORTEZZA_DMS_WITH_RC4_128_SHA",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-#endif
- { 'i',SSL_RSA_WITH_RC4_128_MD5, "SSL_RSA_WITH_RC4_128_MD5 (ssl3)",1, SSL_ALLOWED,SSL_RESTRICTED },
- { 'j',SSL_RSA_WITH_3DES_EDE_CBC_SHA, "SSL_RSA_WITH_3DES_EDE_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_RESTRICTED },
- { 'k',SSL_RSA_WITH_DES_CBC_SHA, "SSL_RSA_WITH_DES_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'l',SSL_RSA_EXPORT_WITH_RC4_40_MD5, "SSL_RSA_EXPORT_WITH_RC4_40_MD5 (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
- { 'm',SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
-#ifdef FORTEZZA
- { 'n',SSL_FORTEZZA_DMS_WITH_NULL_SHA, "SSL_FORTEZZA_DMS_WITH_NULL_SHA",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-#endif
- { 'o',SSL_RSA_WITH_NULL_MD5, "SSL_RSA_WITH_NULL_MD5 (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
- { 'p',SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'q',SSL_RSA_FIPS_WITH_DES_CBC_SHA, "SSL_RSA_FIPS_WITH_DES_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED }
-
-};
-
-void PrintErrString(char *progName,char *msg) {
-
- PRErrorCode e = PORT_GetError();
- char *s=NULL;
-
-
- if ((e >= PR_NSPR_ERROR_BASE) && (e < PR_MAX_ERROR)) {
-
- if (e == PR_DIRECTORY_LOOKUP_ERROR)
- s = PL_strdup("Hostname Lookup Failed");
- else if (e == PR_NETWORK_UNREACHABLE_ERROR)
- s = PL_strdup("Network Unreachable");
- else if (e == PR_CONNECT_TIMEOUT_ERROR)
- s = PL_strdup("Connection Timed Out");
- else s = PR_smprintf("%d",e);
-
- if (!s) return;
- }
- else {
- s = PL_strdup(SECU_ErrorString(e));
- }
-
- PR_fprintf(PR_STDOUT,"%s: ",progName);
- if (s) {
- if (*s)
- PR_fprintf(PR_STDOUT, "%s\n", s);
- else
- PR_fprintf(PR_STDOUT, "\n");
-
- PR_Free(s);
- }
-
-}
-
-void PrintCiphers(int onlyenabled) {
- int ciphercount,i;
-
- if (onlyenabled) {
- PR_fprintf(PR_STDOUT,"Your Cipher preference:\n");
- }
-
- ciphercount = sizeof(ciphers)/sizeof(struct CipherPolicy);
- PR_fprintf(PR_STDOUT,
- " %s %-45s %-12s %-12s\n","id","CipherName","Domestic","Export");
-
- for (i=0;i<ciphercount;i++) {
- if ( (onlyenabled ==0) || ((onlyenabled==1)&&(ciphers[i].pref))) {
- PR_fprintf(PR_STDOUT,
- " %c %-45s %-12s %-12s\n",ciphers[i].number,ciphers[i].name,
- (ciphers[i].domestic==SSL_ALLOWED)?"Yes":
- ( (ciphers[i].domestic==SSL_NOT_ALLOWED)?"No":"Step-up only"),
- (ciphers[i].export==SSL_ALLOWED)?"Yes":
- ( (ciphers[i].export==SSL_NOT_ALLOWED)?"No":"Step-up only"));
- }
- }
-}
-
-
-void SetPolicy(char *c,int policy) { /* policy==1 : domestic, policy==0, export */
- int i,j,cpolicy;
- /* first, enable all relevant ciphers according to policy */
- for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
- SSL_CipherPolicySet(ciphers[j].id,policy?ciphers[j].domestic:ciphers[j].export);
- SSL_CipherPrefSetDefault(ciphers[j].id, PR_FALSE);
- ciphers[j].pref =0;
- }
-
-
- for (i=0;i<(int)PL_strlen(c);i++) {
- for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
- if (ciphers[j].number == c[i]) {
- cpolicy = policy?ciphers[j].domestic:ciphers[j].export;
- if (cpolicy == SSL_NOT_ALLOWED) {
- PR_fprintf(PR_STDOUT, "You're trying to enable a cipher (%c:%s) outside of your policy. ignored\n",
- c[i],ciphers[j].name);
- }
- else {
- ciphers[j].pref=1;
- SSL_CipherPrefSetDefault(ciphers[j].id, PR_TRUE);
- }
- }
- }
- }
-}
-
-
-int MyAuthCertificateHook(void *arg, PRFileDesc *fd, PRBool checksig, PRBool isserver) {
- return SECSuccess;
-}
-
-
-void Usage() {
-#ifdef SSLTELNET
- PR_fprintf(PR_STDOUT,"SSLTelnet ");
-#else
- PR_fprintf(PR_STDOUT,"SSLStrength (No telnet functionality) ");
-#endif
- PR_fprintf(PR_STDOUT,"Version 1.5\n");
-
- PR_fprintf(PR_STDOUT,"Usage:\n sslstrength hostname[:port] [ciphers=xyz] [certdir=x] [debug] [verbose] "
-#ifdef SSLTELNET
-"[telnet]|[servertype]|[querystring=<string>] "
-#endif
-"[policy=export|domestic]\n sslstrength ciphers\n");
-}
-
-
-PRInt32 debug = 0;
-PRInt32 verbose = 0;
-
-PRInt32 main(PRInt32 argc,char **argv, char **envp)
-{
-
-
- /* defaults for command line arguments */
- char *hostnamearg=NULL;
- char *portnumarg=NULL;
- char *sslversionarg=NULL;
- char *keylenarg=NULL;
- char *certdir=NULL;
- char *hostname;
- char *nickname=NULL;
- char *progname=NULL;
- /* struct sockaddr_in addr; */
- PRNetAddr addr;
-
- int ss_on;
- char *ss_cipher;
- int ss_keysize;
- int ss_secretsize;
- char *ss_issuer;
- char *ss_subject;
- int policy=1;
- char *set_ssl_policy=NULL;
- int print_ciphers=0;
-
- char buf[10];
- char netdbbuf[PR_NETDB_BUF_SIZE];
- PRHostEnt hp;
- PRStatus r;
- PRNetAddr na;
- SECStatus rv;
- int portnum=443; /* default https: port */
- PRFileDesc *s,*fd;
-
- CERTCertDBHandle *handle;
- CERTCertificate *c;
- PRInt32 i;
-#ifdef SSLTELNET
- struct termios tmp_tc;
- char cb;
- int prev_lflag,prev_oflag,prev_iflag;
- int t_fin,t_fout;
- int servertype=0, telnet=0;
- char *querystring=NULL;
-#endif
-
- debug = 0;
-
- progname = (char *)PL_strrchr(argv[0], '/');
- progname = progname ? progname+1 : argv[0];
-
- /* Read in command line args */
- if (argc == 1) {
- Usage();
- return(0);
- }
-
- if (! PL_strcmp("ciphers",argv[1])) {
- PrintCiphers(0);
- exit(0);
- }
-
- hostname = argv[1];
-
- if (!PL_strcmp(hostname , "usage") || !PL_strcmp(hostname, "-help") ) {
- Usage();
- exit(0);
- }
-
- if ((portnumarg = PL_strchr(hostname,':'))) {
- *portnumarg = 0;
- portnumarg = &portnumarg[1];
- }
-
- if (portnumarg) {
- if (*portnumarg == 0) {
- PR_fprintf(PR_STDOUT,"malformed port number supplied\n");
- return(1);
- }
- portnum = atoi(portnumarg);
- }
-
- for (i = 2 ; i < argc; i++)
- {
- if (!PL_strncmp(argv[i] , "sslversion=",11) )
- sslversionarg=&(argv[i][11]);
- else if (!PL_strncmp(argv[i], "certdir=",8) )
- certdir = &(argv[i][8]);
- else if (!PL_strncmp(argv[i], "ciphers=",8) )
- {
- set_ssl_policy=&(argv[i][8]);
- }
- else if (!PL_strncmp(argv[i], "policy=",7) ) {
- if (!PL_strcmp(&(argv[i][7]),"domestic")) policy=1;
- else if (!PL_strcmp(&(argv[i][7]),"export")) policy=0;
- else {
- PR_fprintf(PR_STDOUT,"sslstrength: invalid argument. policy must be one of (domestic,export)\n");
- }
- }
- else if (!PL_strcmp(argv[i] , "debug") )
- debug = 1;
-#ifdef SSLTELNET
- else if (!PL_strcmp(argv[i] , "telnet") )
- telnet = 1;
- else if (!PL_strcmp(argv[i] , "servertype") )
- servertype = 1;
- else if (!PL_strncmp(argv[i] , "querystring=",11) )
- querystring = &argv[i][12];
-#endif
- else if (!PL_strcmp(argv[i] , "verbose") )
- verbose = 1;
- }
-
-#ifdef SSLTELNET
- if (telnet && (servertype || querystring)) {
- PR_fprintf(PR_STDOUT,"You can't use telnet and (server or querystring) options at the same time\n");
- exit(1);
- }
-#endif
-
- PR_fprintf(PR_STDOUT,"Using %s policy\n",policy?"domestic":"export");
-
- /* allow you to set env var SSLDIR to set the cert directory */
- if (! certdir) certdir = SECU_DefaultSSLDir();
-
- /* if we don't have one still, initialize with no databases */
- if (!certdir) {
- rv = NSS_NoDB_Init(NULL);
-
- (void) SECMOD_AddNewModule("Builtins", DLL_PREFIX"nssckbi."DLL_SUFFIX,0,0);
- } else {
- rv = NSS_Init(certdir);
- SECU_ConfigDirectory(certdir);
- }
-
- /* Lookup host */
- r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
-
- if (r) {
- PrintErrString(progname,"Host Name lookup failed");
- return(1);
- }
-
- /* should the third field really be 0? */
-
- PR_EnumerateHostEnt(0,&hp,0,&na);
- PR_InitializeNetAddr(PR_IpAddrNull,portnum,&na);
-
- PR_fprintf(PR_STDOUT,"Connecting to %s:%d\n",hostname, portnum);
-
- /* Create socket */
-
- fd = PR_NewTCPSocket();
- if (fd == NULL) {
- PrintErrString(progname, "error creating socket");
- return -1;
- }
-
- s = SSL_ImportFD(NULL,fd);
- if (s == NULL) {
- PrintErrString(progname, "error creating socket");
- return -1;
- }
-
- dbmsg("10: About to enable security\n");
-
- rv = SSL_OptionSet(s, SSL_SECURITY, PR_TRUE);
- if (rv < 0) {
- PrintErrString(progname, "error enabling socket");
- return -1;
- }
-
- if (set_ssl_policy) {
- SetPolicy(set_ssl_policy,policy);
- }
- else {
- PR_fprintf(PR_STDOUT,"Using all ciphersuites usually found in client\n");
- if (policy) {
- SetPolicy("abcdefghijklmnopqrst",policy);
- }
- else {
- SetPolicy("efghijlmo",policy);
- }
- }
-
- PrintCiphers(1);
-
- rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- if (rv < 0) {
- PrintErrString(progname, "error enabling client handshake");
- return -1;
- }
-
- dbmsg("30: About to set AuthCertificateHook\n");
-
-
- SSL_AuthCertificateHook(s, MyAuthCertificateHook, (void *)handle);
- /* SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); */
- /* SSL_GetClientAuthDataHook(s, GetClientAuthDataHook, (void *)nickname);*/
-
-
- dbmsg("40: About to SSLConnect\n");
-
- /* Try to connect to the server */
- /* now SSL_Connect takes new arguments. */
-
-
- r = PR_Connect(s, &na, PR_TicksPerSecond()*5);
- if (r < 0) {
- PrintErrString(progname, "unable to connect");
- return -1;
- }
-
- rv = SSL_ForceHandshake(s);
-
- if (rv) {
- PrintErrString(progname,"SSL Handshake failed. ");
- exit(1);
- }
-
- rv = SSL_SecurityStatus(s, &ss_on, &ss_cipher,
- &ss_keysize, &ss_secretsize,
- &ss_issuer, &ss_subject);
-
-
- dbmsg("60: done with security status, about to print\n");
-
- c = SSL_PeerCertificate(s);
- if (!c) PR_fprintf(PR_STDOUT,"Couldn't retrieve peers Certificate\n");
- PR_fprintf(PR_STDOUT,"SSL Connection Status\n",rv);
-
- PR_fprintf(PR_STDOUT," Cipher: %s\n",ss_cipher);
- PR_fprintf(PR_STDOUT," Key Size: %d\n",ss_keysize);
- PR_fprintf(PR_STDOUT," Secret Key Size: %d\n",ss_secretsize);
- PR_fprintf(PR_STDOUT," Issuer: %s\n",ss_issuer);
- PR_fprintf(PR_STDOUT," Subject: %s\n",ss_subject);
-
- PR_fprintf(PR_STDOUT," Valid: from %s to %s\n",
- c==NULL?"???":DER_UTCDayToAscii(&c->validity.notBefore),
- c==NULL?"???":DER_UTCDayToAscii(&c->validity.notAfter));
-
-#ifdef SSLTELNET
-
-
-
-
- if (servertype || querystring) {
- char buffer[1024];
- char ch;
- char qs[] = "HEAD / HTTP/1.0";
-
-
-
-
- if (!querystring) querystring = qs;
- PR_fprintf(PR_STDOUT,"\nServer query mode\n>>Sending:\n%s\n",querystring);
-
- PR_fprintf(PR_STDOUT,"\n*** Server said:\n");
- ch = querystring[PL_strlen(querystring)-1];
- if (ch == '"' || ch == '\'') {
- PR_fprintf(PR_STDOUT,"Warning: I'm not smart enough to cope with quotes mid-string like that\n");
- }
-
- rv = PR_Write(s,querystring,PL_strlen(querystring));
- if ((rv < 1) ) {
- PR_fprintf(PR_STDOUT,"Oh dear - couldn't send servertype query\n");
- goto closedown;
- }
-
- rv = PR_Write(s,"\r\n\r\n",4);
- rv = PR_Read(s,buffer,1024);
- if ((rv < 1) ) {
- PR_fprintf(PR_STDOUT,"Oh dear - couldn't read server repsonse\n");
- goto closedown;
- }
- PR_Write(PR_STDOUT,buffer,rv);
- }
-
-
- if (telnet) {
-
- PR_fprintf(PR_STDOUT,"---------------------------\n"
- "telnet mode. CTRL-C to exit\n"
- "---------------------------\n");
-
-
-
- /* fudge terminal attributes */
- t_fin = PR_FileDesc2NativeHandle(PR_STDIN);
- t_fout = PR_FileDesc2NativeHandle(PR_STDOUT);
-
- tcgetattr(t_fin,&tmp_tc);
- prev_lflag = tmp_tc.c_lflag;
- prev_oflag = tmp_tc.c_oflag;
- prev_iflag = tmp_tc.c_iflag;
- tmp_tc.c_lflag &= ~ECHO;
- /* tmp_tc.c_oflag &= ~ONLCR; */
- tmp_tc.c_lflag &= ~ICANON;
- tmp_tc.c_iflag &= ~ICRNL;
- tmp_tc.c_cflag |= CS8;
- tmp_tc.c_cc[VMIN] = 1;
- tmp_tc.c_cc[VTIME] = 0;
-
- tcsetattr(t_fin, TCSANOW, &tmp_tc);
- /* ioctl(tin, FIONBIO, (char *)&onoff);
- ioctl(tout, FIONBIO, (char *)&onoff);*/
-
-
- {
- PRPollDesc pds[2];
- char buffer[1024];
- int amt,amtwritten;
- char *x;
-
- /* STDIN */
- pds[0].fd = PR_STDIN;
- pds[0].in_flags = PR_POLL_READ;
- pds[1].fd = s;
- pds[1].in_flags = PR_POLL_READ | PR_POLL_EXCEPT;
-
- while (1) {
- int nfds;
-
- nfds = PR_Poll(pds,2,PR_SecondsToInterval(2));
- if (nfds == 0) continue;
-
- /** read input from keyboard*/
- /* note: this is very inefficient if reading from a file */
-
- if (pds[0].out_flags & PR_POLL_READ) {
- amt = PR_Read(PR_STDIN,&buffer,1);
- /* PR_fprintf(PR_STDOUT,"fd[0]:%d=%d\r\n",amt,buffer[0]); */
- if (amt == 0) {
- PR_fprintf(PR_STDOUT,"\n");
- goto loser;
- }
-
- if (buffer[0] == '\r') {
- buffer[0] = '\r';
- buffer[1] = '\n';
- amt = 2;
- }
- rv = PR_Write(PR_STDOUT,buffer,amt);
-
-
- rv = PR_Write(s,buffer,amt);
- if (rv == -1) {
- PR_fprintf(PR_STDOUT,"Error writing to socket: %d\n",PR_GetError());
- }
- }
-
- /***/
-
-
- /***/
- if (pds[1].out_flags & PR_POLL_EXCEPT) {
- PR_fprintf(PR_STDOUT,"\r\nServer closed connection\r\n");
- goto loser;
- }
- if (pds[1].out_flags & PR_POLL_READ) {
- amt = PR_Read(s,&buffer,1024);
-
- if (amt == 0) {
- PR_fprintf(PR_STDOUT,"\r\nServer closed connection\r\n");
- goto loser;
- }
- rv = PR_Write(PR_STDOUT,buffer,amt);
- }
- /***/
-
- }
- }
- loser:
-
- /* set terminal back to normal */
- tcgetattr(t_fin,&tmp_tc);
-
- tmp_tc.c_lflag = prev_lflag;
- tmp_tc.c_oflag = prev_oflag;
- tmp_tc.c_iflag = prev_iflag;
- tcsetattr(t_fin, TCSANOW, &tmp_tc);
-
- /* ioctl(tin, FIONBIO, (char *)&onoff);
- ioctl(tout, FIONBIO, (char *)&onoff); */
- }
-
-#endif
- /* SSLTELNET */
-
- closedown:
-
- PR_Close(s);
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return(0);
-
-} /* main */
-
-/*EOF*/
-
diff --git a/security/nss/cmd/sslstrength/sslwrap b/security/nss/cmd/sslstrength/sslwrap
deleted file mode 100755
index e6955dc92..000000000
--- a/security/nss/cmd/sslstrength/sslwrap
+++ /dev/null
@@ -1,181 +0,0 @@
-#!/usr/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-@profiles = (
-# "host:port" "policy" "ciphers" "exp-cipher" "expkeysize"
-
- [ "cfu:443", "export", "efijlmo", "RC4-40", "40" ],
- [ "hbombsgi:448", "export", "efijlmo", "RC4-40", "40" ],
- [ "hbombsgi:448", "domestic", "abcdefijklmo", "RC4", "128" ],
- [ "gandalf:5666", "domestic", "abcdefijklmo", "RC4", "128" ],
- [ "gandalf:5666", "export", "efijlmo", "RC4", "128" ],
- [ "gandalf:5666", "domestic", "j", "3DES-EDE-CBC", "168" ],
- [ "gandalf:5666", "domestic", "k", "DES-CBC", "56" ],
- [ "gandalf:5666", "export", "l", "RC4-40", "40" ],
- [ "gandalf:5666", "export", "efijlmo", "RC4", "128" ],
- [ "hbombcfu:443", "export", "efijlmo", "RC4", "128" ],
-
- );
-
-$file = &filename;
-
-open(HTML, ">$file.htm") || die"Cannot open html output file\n";
-
-$mutversion = "";
-$platform = $ARGV[0];
-
-
-print HTML
-"<HTML><HEAD>
-<TITLE>ssl/sslstrength: Version: $mutversion Platform: $platform Run date mm/dd/yy</TITLE></HEAD><BODY>\n";
-
-print HTML
-"<TABLE BORDER=1><TR>
-<TD><B>Test Case Number</B></TD>
-<TD><B>Program</B></TD>
-<TD><B>Description of Test Case</B></TD>
-<TD><B>Start date/time<B></TD>
-<TD><B>End date/time<B></TD>
-<TD><B>PASS/FAIL</B></TD>
-</TR>\n";
-
-$countpass =0;
-$countfail =0;
-
-
-$testnum =0;
-for $profile (@profiles) {
- $testnum ++;
- ($host, $policy, $ciphers, $expcipher, $expkeysize) = @$profile;
-
- $cmd = "./sslstrength $host policy=$policy ciphers=$ciphers";
-
- $starttime = &datestring." ".&timestring;
- print STDERR "$cmd\n";
- open(PIPE, "$cmd|") || die "Cannot start sslstrength\n";
-
- $cipher = "";
- $keysize = "";
- while (<PIPE>) {
- chop;
- if (/^ Cipher: *(.*)/) {
- $cipher = $1;
- }
- if (/^ Secret Key Size: (.*)/) {
- $keysize = $1;
- }
- }
- close(PIPE);
- $endtime = &datestring." ".&timestring;
-
- if (( $? != 0) || ($cipher ne $expcipher) || ($keysize ne $expkeysize)) {
- $countfail ++;
- $passed =0;
- }
- else {
- $countpass ++;
- $passed =1;
- }
-
-print HTML
-"<TR>
-<TD><B>$testnum</B></TD>
-<TD></TD>
-<TD>$cmd</TD>
-<TD>$starttime</TD>
-<TD>$endtime</TD>
-<TD><B>".($passed ? "PASS" : "<FONT COLOR=red>FAIL: return code =
-c=$cipher, ec=$expcipher, s=$keysize, es=$expkeysize.</FONT>")."
-</B></TD>
-</TR>\n";
-
-}
-
-print HTML "</table>\n";
-
-close(HTML);
-
-open (SUM, ">$file.sum") ||die "couldn't open summary file for writing\n";
-
-print SUM <<EOM;
-[Status]
-mut=SSL
-mutversion=1.0
-platform=$platform
-pass=$countpass
-fail=$countfail
-knownFail=0
-malformed=0
-EOM
-
- close(SUM);
-
-
-
-sub timestring
-{
-
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
- my $string;
-
- $string = sprintf "%2d:%02d:%02d",$hour, $min, $sec;
- return $string;
-}
-
-sub datestring
-{
-
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
- my $string;
-
- $string = sprintf "%d/%d/%2d",$mon+1, $mday+1, $year;
- return $string;
-}
-
-sub filename
-{
-
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
- my $string;
-
- $string = sprintf "%04d%02d%02d",$year+1900, $mon+1, $mday;
- return $string;
-}
-
-
-
-
-
-
diff --git a/security/nss/cmd/ssltap/Makefile b/security/nss/cmd/ssltap/Makefile
deleted file mode 100644
index f6d8cc93e..000000000
--- a/security/nss/cmd/ssltap/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-# Since ssltap doesn't use any of NSS, we'll skip NSS's link libs,
-# and just link with NSPR.
-#
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
--include ../platrules.mk
-
diff --git a/security/nss/cmd/ssltap/config.mk b/security/nss/cmd/ssltap/config.mk
deleted file mode 100644
index 23b15fbd5..000000000
--- a/security/nss/cmd/ssltap/config.mk
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = \
- $(DYNAMIC_LIB_PATH) \
- $(LDOPTS) \
- $(LIBPLC) \
- $(LIBPR) \
- $(DLLSYSTEM)
-
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-OS_CFLAGS += -DNSPR20=1
-
-
diff --git a/security/nss/cmd/ssltap/manifest.mn b/security/nss/cmd/ssltap/manifest.mn
deleted file mode 100644
index adfd2bd03..000000000
--- a/security/nss/cmd/ssltap/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = ssltap.c \
- $(NULL)
-
-PROGRAM = ssltap
-
-REQUIRES = seccmd dbm
-
-PACKAGE_FILES = ssltap-manual.html licence.doc ssltap.exe
-
-ARCHIVE_NAME = ssltap
-
diff --git a/security/nss/cmd/ssltap/ssltap-manual.html b/security/nss/cmd/ssltap/ssltap-manual.html
deleted file mode 100644
index 28c9e17ee..000000000
--- a/security/nss/cmd/ssltap/ssltap-manual.html
+++ /dev/null
@@ -1,199 +0,0 @@
-<HTML>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<HEAD>
- <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
- <META NAME="GENERATOR" CONTENT="Mozilla/4.05 [en] (WinNT; U) [Netscape]">
- <META NAME="Author" CONTENT="Steve Parkinson">
- <TITLE>SSLTap - manual</TITLE>
-</HEAD>
-<BODY>
-
-<H1>
-SSLTap Manual page</H1>
-
-<H3>
-Summary</H3>
-A command-line proxy which is SSL-aware. It snoops on TCP connections,
-and displays the data going by, including SSL records and handshaking&nbsp;
-if the connection is SSL.
-<H3>
-Synopsis</H3>
-<TT>ssltap [-vhfsxl] [-p port] hostname:port</TT>
-
-<P><TT>&nbsp;&nbsp; -v&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [prints version string]</TT>
-<BR><TT>&nbsp;&nbsp; -h&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [outputs hex instead
-of ASCII]</TT>
-<BR><TT>&nbsp;&nbsp; -f&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on Fancy HTML
-coloring]</TT>
-<BR><TT>&nbsp;&nbsp; -s&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on SSL decoding]</TT>
-<BR><TT>&nbsp;&nbsp; -x&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on extra SSL
-hex dumps]</TT>
-<BR><TT>&nbsp;&nbsp; -p port [specify rendezvous port (default 1924)]</TT>
-<BR><TT>&nbsp;&nbsp; -l&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [loop - continue
-to wait for more connections]</TT>
-<H3>
-Description</H3>
-SSLTap opens a socket on a rendezvous port, and waits for an incoming connection
-(client side). Once this connection arrives, SSLTap makes another connection
-to hostname:port (server side). It passes any data sent by the client to
-the server, and vice versa. However, SSLTap will also display the data
-to the console. It can do this for plain HTTP connections, or any TCP protocol.
-However, SSLTap can also work with SSL streams, as detailed below.
-
-<P>Let's assume your development machine is called 'intercept'. The simplest
-usage of SSLTap is to run the command <TT>'ssltap www.netscape.com:80'</TT>
-on intercept. The program will wait for an incoming connection on port
-1924. Next you would want to go to your browser, and enter the URL http://intercept:1924.
-The page retrieved by the browser will actually be gotten from the server
-at www.netscape.com, but will go via SSLTap.
-
-<P>Data sent from the client to the server is surrounded by a '--> [ ]'
-symbol, and data sent from the server to the client, a '&lt;---[&nbsp;
-]' symbol.
-
-<P>You'll notice that the page retrieved with this example looks incomplete.
-This is because SSLTap by default closes down after the first connection
-is complete, so the browser is not able to load images. To make the SSLTap
-continue to accept connections, switch on looping mode with the -l option.
-
-<P>You can change the default rendezvous port to something else with the
--p option.
-
-<P>The remaining options change the way the output is produced.
-
-<P>The -f option prints 'fancy' output - in colored HTML. Data sent from
-the client to the server is in blue. The server's reply is in red. This
-is designed so you can load the output up into a browser. When used with
-looping mode, the different connections are separated with horizontal lines.
-
-<P>-x will turn on HEX printing. Instead of being output as ascii, the
-data is shown as Hex, like this:
-<UL><TT>&lt;-- [</TT>
-<BR><TT>&nbsp;&nbsp; 0: 56 d5 16 3e&nbsp; a1 6b b1 4a&nbsp; 8f 67 c4 d7&nbsp;
-21 2f 6f dd&nbsp; | V..>.k.J.g..!/o.</TT>
-<BR><TT>&nbsp; 10: bb 22 c4 75&nbsp; 8c f4 ce 28&nbsp; 16 a6 20 aa&nbsp;
-fb 9a 59 a1&nbsp; | .".u...(.. ...Y.</TT>
-<BR><TT>&nbsp; 20: 51 91 14 d2&nbsp; fc 9f a7 ea&nbsp; 4d 9c f7 3a&nbsp;
-9d 83 62 4a&nbsp; | Q.......M..:..bJ</TT>
-<BR><TT>]</TT>
-<BR>&nbsp;</UL>
-
-<H4>
-SSL Parse mode</H4>
-The following options deal with SSL connections.
-<UL>-s will turn on SSL parsing. (SSLTap doesn't automatically detect SSL
-sessions.)
-<BR>-x will turn on extra SSL hexdumps. Mostly, if SSL can decode the data,
-it doesn't display the hex.</UL>
-The following SSL3 Data structures are parsed: Handshake, ClientHello,
-ServerHello, CertificateChain, Certificate. In addition, SSL2 ClientHello,
-ServerHello, ClientMasterKey are also partly parsed. NO DECRYPTION IS PERFORMED
-ON THE DATA. SSLTAP CANNOT DECRYPT the data.
-
-<P>If a certificate chain is detected, DER-encoded certificates will be
-saved into files in the current directory called 'cert.0x' where x is the
-sequence number of the certificate.
-<BR>&nbsp;
-<H3>
-Operation Hints</H3>
-Often, you'll find that the server certificate does not get transferred,
-or other parts of the handshake do not happen. This is because the browser
-is taking advantage of session-id-reuse (using the handshake results from
-a previous session). If you restart the browser, it'll clear the session
-id cache.
-
-<P>If you run the ssltap on a different machine that the ssl server you're
-trying to connect to, the browser will complain that the host name you're
-trying to connect to is different to the certificate, but it will still
-let you connect, after showing you a dialog.
-<H3>
-Bugs</H3>
-Please contact <A HREF="mailto:ssltap-support@netscape.com">ssltap-support@netscape.com</A>
-for bug reports.
-<H3>
-History</H3>
-2.1 - First public release (March 1998)
-<BR>&nbsp;
-<H3>
-Other</H3>
-For reference, here is a table of some well-known port numbers:
-<BR>&nbsp;
-<TABLE BORDER=2 >
-<TR>
-<TD>HTTP</TD>
-
-<TD>80</TD>
-</TR>
-
-<TR>
-<TD>SMTP</TD>
-
-<TD>25</TD>
-</TR>
-
-<TR>
-<TD>HTTPS</TD>
-
-<TD>443</TD>
-</TR>
-
-<TR>
-<TD>FTP</TD>
-
-<TD>21</TD>
-</TR>
-
-<TR>
-<TD>IMAPS</TD>
-
-<TD>993</TD>
-</TR>
-
-<TR>
-<TD>NNTP</TD>
-
-<TD>119</TD>
-</TR>
-
-<TR>
-<TD>NNTPS</TD>
-
-<TD>563</TD>
-</TR>
-</TABLE>
-&nbsp;
-
-<P>&nbsp;
-</BODY>
-</HTML>
diff --git a/security/nss/cmd/ssltap/ssltap.c b/security/nss/cmd/ssltap/ssltap.c
deleted file mode 100644
index daca2949f..000000000
--- a/security/nss/cmd/ssltap/ssltap.c
+++ /dev/null
@@ -1,1334 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ssltap.c
- *
- * Version 1.0 : Frederick Roeber : 11 June 1997
- * Version 2.0 : Steve Parkinson : 13 November 1997
- * Version 3.0 : Nelson Bolyard : 22 July 1998
- * Version 3.1 : Nelson Bolyard : 24 May 1999
- *
- * changes in version 2.0:
- * Uses NSPR20
- * Shows structure of SSL negotiation, if enabled.
- *
- * This "proxies" a socket connection (like a socks tunnel), but displays the
- * data is it flies by.
- *
- * In the code, the 'client' socket is the one on the client side of the
- * proxy, and the server socket is on the server side.
- *
- */
-
-#include "nspr.h"
-#include "plstr.h"
-#include "secutil.h"
-#include <memory.h> /* for memcpy, etc. */
-#include <string.h>
-#include <time.h>
-
-#include "plgetopt.h"
-
-#define VERSIONSTRING "$Revision$ ($Date$) $Author$"
-
-
-struct _DataBufferList;
-struct _DataBuffer;
-
-typedef struct _DataBufferList {
- struct _DataBuffer *first,*last;
- int size;
- int isEncrypted;
-} DataBufferList;
-
-typedef struct _DataBuffer {
- unsigned char *buffer;
- int length;
- int offset; /* offset of first good byte */
- struct _DataBuffer *next;
-} DataBuffer;
-
-
-DataBufferList
- clientstream = {NULL, NULL, 0, 0},
- serverstream = {NULL, NULL, 0, 0};
-
-struct sslhandshake {
- PRUint8 type;
- PRUint32 length;
-};
-
-typedef struct _SSLRecord {
- PRUint8 type;
- PRUint8 ver_maj,ver_min;
-
- PRUint8 length[2];
-} SSLRecord;
-
-typedef struct _ClientHelloV2 {
- PRUint8 length[2];
- PRUint8 type;
- PRUint8 version[2];
- PRUint8 cslength[2];
- PRUint8 sidlength[2];
- PRUint8 rndlength[2];
- PRUint8 csuites[1];
-} ClientHelloV2;
-
-typedef struct _ServerHelloV2 {
- PRUint8 length[2];
- PRUint8 type;
- PRUint8 sidhit;
- PRUint8 certtype;
- PRUint8 version[2];
- PRUint8 certlength[2];
- PRUint8 cslength[2];
- PRUint8 cidlength[2];
-} ServerHelloV2;
-
-typedef struct _ClientMasterKeyV2 {
- PRUint8 length[2];
- PRUint8 type;
-
- PRUint8 cipherkind[3];
- PRUint8 clearkey[2];
- PRUint8 secretkey[2];
-
-} ClientMasterKeyV2;
-
-
-
-#define TAPBUFSIZ 16384
-
-#define DEFPORT 1924
-#include <ctype.h>
-
-int hexparse=0;
-int sslparse=0;
-int sslhexparse=0;
-int looparound=0;
-int fancy=0;
-int isV2Session=0;
-
-#define GET_SHORT(x) ((PRUint16)(((PRUint16)((PRUint8*)x)[0]) << 8) + ((PRUint16)((PRUint8*)x)[1]))
-#define GET_24(x) ((PRUint32) ( \
- (((PRUint32)((PRUint8*)x)[0]) << 16) \
- + \
- (((PRUint32)((PRUint8*)x)[1]) << 8) \
- + \
- (((PRUint32)((PRUint8*)x)[2]) << 0) \
- ) )
-
-void print_hex(int amt, unsigned char *buf);
-void read_stream_bytes(unsigned char *d, DataBufferList *db, int length);
-
-void myhalt(int dblsize,int collectedsize) {
-
- while(1) ;
-
-}
-
-const char *get_error_text(int error) {
- switch (error) {
- case PR_IO_TIMEOUT_ERROR:
- return "Timeout";
- break;
- case PR_CONNECT_REFUSED_ERROR:
- return "Connection refused";
- break;
- case PR_NETWORK_UNREACHABLE_ERROR:
- return "Network unreachable";
- break;
- case PR_BAD_ADDRESS_ERROR:
- return "Bad address";
- break;
- case PR_CONNECT_RESET_ERROR:
- return "Connection reset";
- break;
- case PR_PIPE_ERROR:
- return "Pipe error";
- break;
- }
-
- return "";
-}
-
-
-
-
-
-void check_integrity(DataBufferList *dbl) {
- DataBuffer *db;
- int i;
-
- db = dbl->first;
- i =0;
- while (db) {
- i+= db->length - db->offset;
- db = db->next;
- }
- if (i != dbl->size) {
- myhalt(dbl->size,i);
- }
-}
-
-/* Free's the DataBuffer at the head of the list and returns the pointer
- * to the new head of the list.
- */
-DataBuffer *
-free_head(DataBufferList *dbl)
-{
- DataBuffer *db = dbl->first;
- PR_ASSERT(db->offset >= db->length);
- if (db->offset >= db->length) {
- dbl->first = db->next;
- if (dbl->first == NULL) {
- dbl->last = NULL;
- }
- PR_Free(db->buffer);
- PR_Free(db);
- db = dbl->first;
- }
- return db;
-}
-
-void
-read_stream_bytes(unsigned char *d, DataBufferList *dbl, int length) {
- int copied = 0;
- DataBuffer *db = dbl->first;
-
- if (!db) {
- PR_fprintf(PR_STDERR,"assert failed - dbl->first is null\n");
- exit(8);
- }
- while (length) {
- int toCopy;
- /* find the number of bytes to copy from the head buffer */
- /* if there's too many in this buffer, then only copy 'length' */
- toCopy = PR_MIN(db->length - db->offset, length);
-
- memcpy(d + copied, db->buffer + db->offset, toCopy);
- copied += toCopy;
- db->offset += toCopy;
- length -= toCopy;
- dbl->size -= toCopy;
-
- /* if we emptied the head buffer */
- if (db->offset >= db->length) {
- db = free_head(dbl);
- }
- }
-
- check_integrity(dbl);
-
-}
-
-void
-flush_stream(DataBufferList *dbl)
-{
- DataBuffer *db = dbl->first;
- check_integrity(dbl);
- while (db) {
- db->offset = db->length;
- db = free_head(dbl);
- }
- dbl->size = 0;
- check_integrity(dbl);
-}
-
-
-const char * V2CipherString(int cs_int) {
- char *cs_str;
- cs_str = NULL;
- switch (cs_int) {
-
- case 0x010080: cs_str = "SSL2/RSA/RC4-128/MD5"; break;
- case 0x020080: cs_str = "SSL2/RSA/RC4-40/MD5"; break;
- case 0x030080: cs_str = "SSL2/RSA/RC2CBC128/MD5"; break;
- case 0x040080: cs_str = "SSL2/RSA/RC2CBC40/MD5"; break;
- case 0x050080: cs_str = "SSL2/RSA/IDEA128CBC/MD5"; break;
- case 0x060040: cs_str = "SSL2/RSA/DES56-CBC/MD5"; break;
- case 0x0700C0: cs_str = "SSL2/RSA/3DES192EDE-CBC/MD5"; break;
-
- case 0x000001: cs_str = "SSL3/RSA/NULL/MD5"; break;
- case 0x000002: cs_str = "SSL3/RSA/NULL/SHA"; break;
- case 0x000003: cs_str = "SSL3/RSA/RC4-40/MD5"; break;
- case 0x000004: cs_str = "SSL3/RSA/RC4-128/MD5"; break;
- case 0x000005: cs_str = "SSL3/RSA/RC4-128/SHA"; break;
- case 0x000006: cs_str = "SSL3/RSA/RC2CBC40/MD5"; break;
- case 0x000007: cs_str = "SSL3/RSA/IDEA128CBC/SHA"; break;
- case 0x000008: cs_str = "SSL3/RSA/DES40-CBC/SHA"; break;
- case 0x000009: cs_str = "SSL3/RSA/DES56-CBC/SHA"; break;
- case 0x00000A: cs_str = "SSL3/RSA/3DES192EDE-CBC/SHA"; break;
-
- case 0x00000B: cs_str = "SSL3/DH-DSS/DES40-CBC/SHA"; break;
- case 0x00000C: cs_str = "SSL3/DH_DSS/DES56-CBC/SHA"; break;
- case 0x00000D: cs_str = "SSL3/DH-DSS/DES192EDE3CBC/SHA"; break;
- case 0x00000E: cs_str = "SSL3/DH-RSA/DES40-CBC/SHA"; break;
- case 0x00000F: cs_str = "SSL3/DH_RSA/DES56-CBC/SHA"; break;
- case 0x000010: cs_str = "SSL3/DH-RSA/3DES192EDE-CBC/SHA"; break;
-
- case 0x000011: cs_str = "SSL3/DHE-DSS/DES40-CBC/SHA"; break;
- case 0x000012: cs_str = "SSL3/DHE_DSS/DES56-CBC/SHA"; break;
- case 0x000013: cs_str = "SSL3/DHE-DSS/DES192EDE3CBC/SHA"; break;
- case 0x000014: cs_str = "SSL3/DHE-RSA/DES40-CBC/SHA"; break;
- case 0x000015: cs_str = "SSL3/DHE_RSA/DES56-CBC/SHA"; break;
- case 0x000016: cs_str = "SSL3/DHE-RSA/3DES192EDE-CBC/SHA"; break;
-
- case 0x000017: cs_str = "SSL3/DH-anon/RC4-40/MD5"; break;
- case 0x000018: cs_str = "SSL3/DH-anon/RC4-128/MD5"; break;
- case 0x000019: cs_str = "SSL3/DH-anon/DES40-CBC/SHA"; break;
- case 0x00001A: cs_str = "SSL3/DH-anon/DES56-CBC/SHA"; break;
- case 0x00001B: cs_str = "SSL3/DH-anon/3DES192EDE-CBC/SHA"; break;
-
- case 0x00001C: cs_str = "SSL3/FORTEZZA-DMS/NULL/SHA"; break;
- case 0x00001D: cs_str = "SSL3/FORTEZZA-DMS/FORTEZZA-CBC/SHA"; break;
- case 0x00001E: cs_str = "SSL3/FORTEZZA-DMS/RC4-128/SHA"; break;
-
- case 0x000062: cs_str = "TLS/RSA_EXPORT1024/DES56_CBC/SHA"; break;
- case 0x000064: cs_str = "TLS/RSA_EXPORT1024/RC4-56/SHA"; break;
- case 0x000063: cs_str = "TLS/DHE-DSS_EXPORT1024/DES56-CBC/SHA"; break;
- case 0x000065: cs_str = "TLS/DHE-DSS_EXPORT1024/RC4-56/SHA"; break;
- case 0x000066: cs_str = "TLS/DHE-DSS/RC4-128/SHA"; break;
-
- case 0x00ffe1: cs_str = "SSL3/RSA-FIPS/DES56-CBC/SHA"; break;
- case 0x00ffe0: cs_str = "SSL3/RSA-FIPS/3DES192EDE-CBC/SHA"; break;
-
- /* the string literal is broken up to avoid trigraphs */
- default: cs_str = "????" "/????????" "/?????????" "/???"; break;
- }
-
- return cs_str;
-}
-
-void partial_packet(int thispacket, int size, int needed)
-{
- PR_fprintf(PR_STDOUT,"(%u bytes", thispacket);
- if (thispacket < needed) {
- PR_fprintf(PR_STDOUT,", making %u", size);
- }
- PR_fprintf(PR_STDOUT," of %u", needed);
- if (size > needed) {
- PR_fprintf(PR_STDOUT,", with %u left over", size - needed);
- }
- PR_fprintf(PR_STDOUT,")\n");
-}
-
-char * get_time_string(void)
-{
- char *cp;
- char *eol;
- time_t tt;
-
- time(&tt);
- cp = ctime(&tt);
- eol = strchr(cp, '\n');
- if (eol)
- *eol = 0;
- return cp;
-}
-
-void print_sslv2(DataBufferList *s, unsigned char *tbuf, unsigned int alloclen)
-{
- ClientHelloV2 *chv2;
- ServerHelloV2 *shv2;
- unsigned char *pos;
- unsigned int p;
- unsigned int q;
- PRUint32 len;
-
- chv2 = (ClientHelloV2 *)tbuf;
- shv2 = (ServerHelloV2 *)tbuf;
- if (s->isEncrypted) {
- PR_fprintf(PR_STDOUT," [ssl2] Encrypted {...}\n");
- return;
- }
- PR_fprintf(PR_STDOUT," [%s]", get_time_string() );
- switch(chv2->type) {
- case 1:
- PR_fprintf(PR_STDOUT," [ssl2] ClientHelloV2 {\n");
- PR_fprintf(PR_STDOUT," version = {0x%02x, 0x%02x}\n",
- (PRUint32)chv2->version[0],(PRUint32)chv2->version[1]);
- PR_fprintf(PR_STDOUT," cipher-specs-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((chv2->cslength))),
- (PRUint32)(GET_SHORT((chv2->cslength))));
- PR_fprintf(PR_STDOUT," sid-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((chv2->sidlength))),
- (PRUint32)(GET_SHORT((chv2->sidlength))));
- PR_fprintf(PR_STDOUT," challenge-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((chv2->rndlength))),
- (PRUint32)(GET_SHORT((chv2->rndlength))));
- PR_fprintf(PR_STDOUT," cipher-suites = { \n");
- for (p=0;p<GET_SHORT((chv2->cslength));p+=3) {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- cs_int = GET_24((&chv2->csuites[p]));
- cs_str = V2CipherString(cs_int);
-
- PR_fprintf(PR_STDOUT," (0x%06x) %s\n",
- cs_int, cs_str);
- }
- q = p;
- PR_fprintf(PR_STDOUT," }\n");
- if (chv2->sidlength) {
- PR_fprintf(PR_STDOUT," session-id = { ");
- for (p=0;p<GET_SHORT((chv2->sidlength));p+=2) {
- PR_fprintf(PR_STDOUT,"0x%04x ",(PRUint32)(GET_SHORT((&chv2->csuites[p+q]))));
- }
- }
- q += p;
- PR_fprintf(PR_STDOUT,"}\n");
- if (chv2->rndlength) {
- PR_fprintf(PR_STDOUT," challenge = { ");
- for (p=0;p<GET_SHORT((chv2->rndlength));p+=2) {
- PR_fprintf(PR_STDOUT,"0x%04x ",(PRUint32)(GET_SHORT((&chv2->csuites[p+q]))));
- }
- PR_fprintf(PR_STDOUT,"}\n");
- }
- PR_fprintf(PR_STDOUT,"}\n");
- break;
- /* end of V2 CLientHello Parsing */
-
- case 2: /* Client Master Key */
- {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- ClientMasterKeyV2 *cmkv2;
- cmkv2 = (ClientMasterKeyV2 *)chv2;
- isV2Session = 1;
-
- PR_fprintf(PR_STDOUT," [ssl2] ClientMasterKeyV2 { \n");
-
- cs_int = GET_24(&cmkv2->cipherkind[0]);
- cs_str = V2CipherString(cs_int);
- PR_fprintf(PR_STDOUT," cipher-spec-chosen = (0x%06x) %s\n",
- cs_int, cs_str);
-
- PR_fprintf(PR_STDOUT," clear-portion = %d bits\n",
- 8*(PRUint32)(GET_SHORT((cmkv2->clearkey))));
-
- PR_fprintf(PR_STDOUT," }\n");
- clientstream.isEncrypted = 1;
- serverstream.isEncrypted = 1;
- }
- break;
-
-
- case 3:
- PR_fprintf(PR_STDOUT," [ssl2] Client Finished V2 {...}\n");
- isV2Session = 1;
- break;
-
-
- case 4: /* V2 Server Hello */
- isV2Session = 1;
-
- PR_fprintf(PR_STDOUT," [ssl2] ServerHelloV2 {\n");
- PR_fprintf(PR_STDOUT," sid hit = {0x%02x}\n",
- (PRUintn)shv2->sidhit);
- PR_fprintf(PR_STDOUT," version = {0x%02x, 0x%02x}\n",
- (PRUint32)shv2->version[0],(PRUint32)shv2->version[1]);
- PR_fprintf(PR_STDOUT," cipher-specs-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((shv2->cslength))),
- (PRUint32)(GET_SHORT((shv2->cslength))));
- PR_fprintf(PR_STDOUT," sid-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((shv2->cidlength))),
- (PRUint32)(GET_SHORT((shv2->cidlength))));
-
- pos = (unsigned char *)shv2;
- pos += 2; /* skip length header */
- pos += 11; /* position pointer to Certificate data area */
- q = GET_SHORT(&shv2->certlength);
- if (q >alloclen) {
- goto eosh;
- }
- pos += q; /* skip certificate */
-
- PR_fprintf(PR_STDOUT," cipher-suites = { ");
- len = GET_SHORT((shv2->cslength));
- for (p = 0; p < len; p += 3) {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- cs_int = GET_24((pos+p));
- cs_str = V2CipherString(cs_int);
- PR_fprintf(PR_STDOUT,"\n ");
- PR_fprintf(PR_STDOUT,"(0x%06x) %s", cs_int, cs_str);
- }
- pos += len;
- PR_fprintf(PR_STDOUT," }\n"); /* End of cipher suites */
- len = (PRUint32)GET_SHORT((shv2->cidlength));
- if (len) {
- PR_fprintf(PR_STDOUT," connection-id = { ");
- for (p = 0; p < len; p += 2) {
- PR_fprintf(PR_STDOUT,"0x%04x ", (PRUint32)(GET_SHORT((pos + p))));
- }
- PR_fprintf(PR_STDOUT," }\n"); /* End of connection id */
- }
-eosh:
- PR_fprintf(PR_STDOUT,"\n }\n"); /* end of ServerHelloV2 */
- if (shv2->sidhit) {
- clientstream.isEncrypted = 1;
- serverstream.isEncrypted = 1;
- }
- break;
-
- case 5:
- PR_fprintf(PR_STDOUT," [ssl2] Server Verify V2 {...}\n");
- isV2Session = 1;
- break;
-
- case 6:
- PR_fprintf(PR_STDOUT," [ssl2] Server Finished V2 {...}\n");
- isV2Session = 1;
- break;
-
- case 7:
- PR_fprintf(PR_STDOUT," [ssl2] Request Certificate V2 {...}\n");
- isV2Session = 1;
- break;
-
- case 8:
- PR_fprintf(PR_STDOUT," [ssl2] Client Certificate V2 {...}\n");
- isV2Session = 1;
- break;
-
- default:
- PR_fprintf(PR_STDOUT," [ssl2] UnknownType 0x%02x {...}\n",
- (PRUint32)chv2->type);
- break;
- }
-}
-
-
-
-
-
-
-void print_ssl3_handshake(unsigned char *tbuf,
- unsigned int alloclen,
- SSLRecord * sr)
-{
- struct sslhandshake sslh;
- unsigned char * hsdata;
- int offset=0;
-
- PR_fprintf(PR_STDOUT," handshake {\n");
-
- while (offset < alloclen) {
- sslh.type = tbuf[offset];
- sslh.length = GET_24(tbuf+offset+1);
- hsdata= &tbuf[offset+4];
-
- if (sslhexparse) print_hex(4,tbuf+offset);
-
- PR_fprintf(PR_STDOUT," type = %d (",sslh.type);
- switch(sslh.type) {
- case 0: PR_fprintf(PR_STDOUT,"hello_request)\n"); break;
- case 1: PR_fprintf(PR_STDOUT,"client_hello)\n"); break;
- case 2: PR_fprintf(PR_STDOUT,"server_hello)\n"); break;
- case 11: PR_fprintf(PR_STDOUT,"certificate)\n"); break;
- case 12: PR_fprintf(PR_STDOUT,"server_key_exchange)\n"); break;
- case 13: PR_fprintf(PR_STDOUT,"certificate_request)\n"); break;
- case 14: PR_fprintf(PR_STDOUT,"server_hello_done)\n"); break;
- case 15: PR_fprintf(PR_STDOUT,"certificate_verify)\n"); break;
- case 16: PR_fprintf(PR_STDOUT,"client_key_exchange)\n"); break;
- case 20: PR_fprintf(PR_STDOUT,"finished)\n"); break;
- default: PR_fprintf(PR_STDOUT,"unknown)\n");
- }
-
- PR_fprintf(PR_STDOUT," length = %d (0x%06x)\n",sslh.length,sslh.length);
- switch (sslh.type) {
-
- case 1: /* client hello */
- switch (sr->ver_maj) {
- case 2: /* ssl version 2 */
- PR_fprintf(PR_STDOUT," ClientHelloV2 {...}\n");
- break;
- case 3: /* ssl version 3 */
- {
- int sidlength,pos,csuitelength,w;
- PR_fprintf(PR_STDOUT," ClientHelloV3 {\n");
- PR_fprintf(PR_STDOUT," client_version = {%d, %d}\n",
- (PRUint8)hsdata[0],(PRUint8)hsdata[1]);
- PR_fprintf(PR_STDOUT," random = {...}\n");
- if (sslhexparse) print_hex(32,&hsdata[2]);
- PR_fprintf(PR_STDOUT," session ID = {\n");
- sidlength = (int)hsdata[2+32];
- PR_fprintf(PR_STDOUT," length = %d\n",sidlength);
- PR_fprintf(PR_STDOUT," contents = {..}\n");
- if (sslhexparse) print_hex(sidlength,&hsdata[2+32+1]);
- PR_fprintf(PR_STDOUT," }\n");
- pos = 2+32+1+sidlength;
- csuitelength = GET_SHORT((hsdata+pos));
- PR_fprintf(PR_STDOUT," cipher_suites[%d] = { \n",
- csuitelength/2);
- if (csuitelength%1) {
- PR_fprintf(PR_STDOUT,
- "*error in protocol - csuitelength shouldn't be odd*\n");
- }
-
- for (w=0; w<csuitelength; w+=2) {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- cs_int = GET_SHORT((hsdata+pos+2+w));
- cs_str = V2CipherString(cs_int);
-
- PR_fprintf(PR_STDOUT,
- " (0x%04x) %s\n", cs_int, cs_str);
- }
-
- /* for (w=0;w<csuitelength;w+=2) {
- PR_fprintf(PR_STDOUT,"0x%04x ",GET_SHORT((hsdata+pos+2+w)));
- } */
-
- PR_fprintf(PR_STDOUT,"\n }\n");
- PR_fprintf(PR_STDOUT," }\n");
-
-
-
- } /* end of ssl version 3 */
- break;
- default:
- PR_fprintf(PR_STDOUT," ClientHelloUndefinedVersion{}\n");
- } /* end of switch sr->ver_maj */
- break;
-
- case 2: /* server hello */
- {
- int sidlength, pos;
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- PR_fprintf(PR_STDOUT," ServerHello {\n");
- PR_fprintf(PR_STDOUT," server_version = {%d, %d}\n",
- (PRUint8)hsdata[0],(PRUint8)hsdata[1]);
- PR_fprintf(PR_STDOUT," random = {...}\n");
- if (sslhexparse) print_hex(32,&hsdata[2]);
- PR_fprintf(PR_STDOUT," session ID = {\n");
- sidlength = (int)hsdata[2+32];
- PR_fprintf(PR_STDOUT," length = %d\n",sidlength);
- PR_fprintf(PR_STDOUT," contents = {..}\n");
- if (sslhexparse) print_hex(sidlength,&hsdata[2+32+1]);
- PR_fprintf(PR_STDOUT," }\n");
- pos = 2+32+1+sidlength;
- cs_int = GET_SHORT((hsdata+pos));
- cs_str = V2CipherString(cs_int);
- PR_fprintf(PR_STDOUT," cipher_suite = (0x%04x) %s\n",
- cs_int, cs_str);
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
-
-
- case 11: /* certificate */
- {
- PRFileDesc *cfd;
- int pos;
- int certslength;
- int certlength;
- int certbytesread = 0;
- static int certFileNumber;
- char certFileName[20];
-
- PR_fprintf(PR_STDOUT," CertificateChain {\n");
- certslength = GET_24(hsdata);
- PR_fprintf(PR_STDOUT," chainlength = %d (0x%04x)\n",
- certslength,certslength);
- pos = 3;
- while (certbytesread < certslength) {
- certlength = GET_24((hsdata+pos));
- pos += 3;
- PR_fprintf(PR_STDOUT," Certificate {\n");
- PR_fprintf(PR_STDOUT," size = %d (0x%04x)\n",
- certlength,certlength);
-
- PR_snprintf(certFileName, sizeof certFileName, "cert.%03d",
- ++certFileNumber);
- cfd = PR_Open(certFileName, PR_WRONLY|PR_CREATE_FILE, 0664);
- if (!cfd) {
- PR_fprintf(PR_STDOUT,
- " data = { couldn't save file '%s' }\n",
- certFileName);
- } else {
- PR_Write(cfd, (hsdata+pos), certlength);
- PR_fprintf(PR_STDOUT,
- " data = { saved in file '%s' }\n",
- certFileName);
- PR_Close(cfd);
- }
-
- PR_fprintf(PR_STDOUT," }\n");
- pos += certlength;
- certbytesread += certlength+3;
- }
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
- case 13: /* certificate request */
- if (sslhexparse) {
- PR_fprintf(PR_STDOUT," CertificateRequest {\n");
- print_hex(sslh.length, hsdata);
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
- case 16: /* client key exchange */
- {
- PR_fprintf(PR_STDOUT," ClientKeyExchange {\n");
- PR_fprintf(PR_STDOUT," message = {...}\n");
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
- } /* end of switch sslh.type */
- offset += sslh.length + 4; /* +4 because of length (3 bytes) and type (1 byte) */
- } /* while */
- PR_fprintf(PR_STDOUT," }\n");
-}
-
-
-void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
-{
- /* -------------------------------------------------------- */
- /* first, create a new buffer object for this piece of data. */
-
- DataBuffer *db;
- int i,l;
-
- if (s->size == 0 && length > 0 && buffer[0] >= 32 && buffer[0] < 128) {
- /* Not an SSL record, treat entire buffer as plaintext */
- PR_Write(PR_STDOUT,buffer,length);
- return;
- }
-
-
- check_integrity(s);
-
- i = 0;
- l = length;
-
- db = PR_NEW(struct _DataBuffer);
-
- db->buffer = (unsigned char*)PR_Malloc(length);
- db->length = length;
- db->offset = 0;
- memcpy(db->buffer, buffer, length);
- db->next = NULL;
-
- /* now, add it to the stream */
-
- if (s->last != NULL) s->last->next = db;
- s->last = db;
- s->size += length;
- if (s->first == NULL) s->first = db;
-
- check_integrity(s);
-
- /*------------------------------------------------------- */
- /* now we look at the stream to see if we have enough data to
- decode */
-
- while (s->size > 0 ) {
- unsigned char *tbuf = NULL;
-
- SSLRecord sr;
- unsigned alloclen;
- unsigned recordsize;
-
- check_integrity(s);
-
- if ( s->first == NULL) {
- PR_fprintf(PR_STDOUT,"ERROR: s->first is null\n");
- exit(9);
- }
-
- /* in the case of an SSL 2 client-hello (which is all ssltap supports) */
- /* will have the high-bit set, whereas an SSL 3 client-hello will not */
- /* SSL2 can also send records that begin with the high bit clear.
- * This code will incorrectly handle them. XXX
- */
- if (isV2Session || s->first->buffer[s->first->offset] & 0x80) {
- /* it's an SSL 2 packet */
- unsigned char lenbuf[3];
-
- /* first, we check if there's enough data for it to be an SSL2-type
- * record. What a pain.*/
- if (s->size < sizeof lenbuf) {
- partial_packet(length, s->size, sizeof lenbuf);
- return;
- }
-
- /* read the first two bytes off the stream. */
- read_stream_bytes(lenbuf, s, sizeof(lenbuf));
- alloclen = ((unsigned int)(lenbuf[0] & 0x7f) << 8) + lenbuf[1] +
- ((lenbuf[0] & 0x80) ? 2 : 3);
- PR_fprintf(PR_STDOUT, "alloclen = %u bytes\n", alloclen);
-
- /* put 'em back on the head of the stream. */
- db = PR_NEW(struct _DataBuffer);
-
- db->length = sizeof lenbuf;
- db->buffer = (unsigned char*) PR_Malloc(db->length);
- db->offset = 0;
- memcpy(db->buffer, lenbuf, sizeof lenbuf);
-
- db->next = s->first;
- s->first = db;
- if (s->last == NULL)
- s->last = db;
- s->size += db->length;
-
- /* if there wasn't enough, go back for more. */
- if (s->size < alloclen) {
- check_integrity(s);
- partial_packet(length, s->size, alloclen);
- return;
- }
- partial_packet(length, s->size, alloclen);
-
- /* read in the whole record. */
- tbuf = PR_Malloc(alloclen);
- read_stream_bytes(tbuf, s, alloclen);
-
- print_sslv2(s, tbuf, alloclen);
- PR_FREEIF(tbuf);
- check_integrity(s);
-
- continue;
- }
-
- /***********************************************************/
- /* It's SSL v3 */
- /***********************************************************/
- check_integrity(s);
-
- if (s->size < sizeof(SSLRecord)) {
- partial_packet(length, s->size, sizeof(SSLRecord));
- return;
- }
-
- read_stream_bytes((unsigned char *)&sr, s, sizeof sr);
-
- /* we have read the stream bytes. Look at the length of
- the ssl record. If we don't have enough data to satisfy this
- request, then put the bytes we just took back at the head
- of the queue */
- recordsize = GET_SHORT(sr.length);
-
- if (recordsize > s->size) {
- db = PR_NEW(struct _DataBuffer);
-
- db->length = sizeof sr;
- db->buffer = (unsigned char*) PR_Malloc(db->length);
- db->offset = 0;
- memcpy(db->buffer, &sr, sizeof sr);
- db->next = s->first;
-
- /* now, add it back on to the head of the stream */
-
- s->first = db;
- if (s->last == NULL)
- s->last = db;
- s->size += db->length;
-
- check_integrity(s);
- partial_packet(length, s->size, recordsize);
- return;
- }
- partial_packet(length, s->size, recordsize);
-
-
- PR_fprintf(PR_STDOUT,"SSLRecord { [%s]\n", get_time_string() );
- if (sslhexparse) {
- print_hex(5,(unsigned char*)&sr);
- }
-
- check_integrity(s);
-
- PR_fprintf(PR_STDOUT," type = %d (",sr.type);
- switch(sr.type) {
- case 20 :
- PR_fprintf(PR_STDOUT,"change_cipher_spec)\n");
- break;
- case 21 :
- PR_fprintf(PR_STDOUT,"alert)\n");
- break;
- case 22 :
- PR_fprintf(PR_STDOUT,"handshake)\n");
- break;
- case 23 :
- PR_fprintf(PR_STDOUT,"application_data)\n");
- break;
- default:
- PR_fprintf(PR_STDOUT,"unknown)\n");
- break;
- }
- PR_fprintf(PR_STDOUT," version = { %d,%d }\n",
- (PRUint32)sr.ver_maj,(PRUint32)sr.ver_min);
- PR_fprintf(PR_STDOUT," length = %d (0x%x)\n",
- (PRUint32)GET_SHORT(sr.length), (PRUint32)GET_SHORT(sr.length));
-
-
- alloclen = recordsize;
- PR_ASSERT(s->size >= alloclen);
- if (s->size >= alloclen) {
- tbuf = (unsigned char*) PR_Malloc(alloclen);
- read_stream_bytes(tbuf, s, alloclen);
-
- if (s->isEncrypted) {
- PR_fprintf(PR_STDOUT," < encrypted >\n");
- } else
-
- switch(sr.type) {
- case 20 : /* change_cipher_spec */
- if (sslhexparse) print_hex(alloclen,tbuf);
- s->isEncrypted = 1; /* mark to say we can only dump hex form now on */
- break;
-
- case 21 : /* alert */
- switch(tbuf[0]) {
- case 1: PR_fprintf(PR_STDOUT, " warning: "); break;
- case 2: PR_fprintf(PR_STDOUT, " fatal: "); break;
- default: PR_fprintf(PR_STDOUT, " unknown level %d: ", tbuf[0]); break;
- }
-
- switch(tbuf[1]) {
- case 0: PR_fprintf(PR_STDOUT, "close notify\n"); break;
- case 10: PR_fprintf(PR_STDOUT, "unexpected message\n"); break;
- case 20: PR_fprintf(PR_STDOUT, "bad record mac\n"); break;
- case 21: PR_fprintf(PR_STDOUT, "decryption failed\n"); break;
- case 22: PR_fprintf(PR_STDOUT, "record overflow\n"); break;
- case 30: PR_fprintf(PR_STDOUT, "decompression failure\n"); break;
- case 40: PR_fprintf(PR_STDOUT, "handshake failure\n"); break;
- case 41: PR_fprintf(PR_STDOUT, "no certificate\n"); break;
- case 42: PR_fprintf(PR_STDOUT, "bad certificate\n"); break;
- case 43: PR_fprintf(PR_STDOUT, "unsupported certificate\n"); break;
- case 44: PR_fprintf(PR_STDOUT, "certificate revoked\n"); break;
- case 45: PR_fprintf(PR_STDOUT, "certificate expired\n"); break;
- case 46: PR_fprintf(PR_STDOUT, "certificate unknown\n"); break;
- case 47: PR_fprintf(PR_STDOUT, "illegal parameter\n"); break;
- case 48: PR_fprintf(PR_STDOUT, "unknown CA\n"); break;
- case 49: PR_fprintf(PR_STDOUT, "access denied\n"); break;
- case 50: PR_fprintf(PR_STDOUT, "decode error\n"); break;
- case 51: PR_fprintf(PR_STDOUT, "decrypt error\n"); break;
- case 60: PR_fprintf(PR_STDOUT, "export restriction\n"); break;
- case 70: PR_fprintf(PR_STDOUT, "protocol version\n"); break;
- case 71: PR_fprintf(PR_STDOUT, "insufficient security\n"); break;
- case 80: PR_fprintf(PR_STDOUT, "internal error\n"); break;
- case 90: PR_fprintf(PR_STDOUT, "user canceled\n"); break;
- case 100: PR_fprintf(PR_STDOUT, "no renegotiation\n"); break;
- default: PR_fprintf(PR_STDOUT, "unknown error %d\n", tbuf[1]); break;
- }
-
- if (sslhexparse) print_hex(alloclen,tbuf);
- break;
-
- case 22 : /* handshake */
- print_ssl3_handshake( tbuf, alloclen, &sr );
- break;
-
- case 23 : /* application data */
- default:
- print_hex(alloclen,tbuf);
- break;
- }
- }
- PR_fprintf(PR_STDOUT,"}\n");
- PR_FREEIF(tbuf);
- check_integrity(s);
- }
-}
-
-void print_hex(int amt, unsigned char *buf) {
- int i,j,k;
- char *string = (char*)PR_Malloc(5000);
- char t[20];
-
-
- for(i=0;i<amt;i++) {
- t[1] =0;
-
- if (i%16 ==0) { /* if we are at the beginning of a line */
- PR_fprintf(PR_STDOUT,"%4x:",i); /* print the line number */
- strcpy(string,"");
- }
-
- if (i%4 == 0) {
- PR_fprintf(PR_STDOUT," ");
- }
-
- t[0] = buf[i];
-
- if (!isprint(t[0])) {
- t[0] = '.';
- }
- if (fancy) {
- switch (t[0]) {
- case '<':
- strcpy(t,"&lt;");
- break;
- case '>':
- strcpy(t,"&gt;");
- break;
- case '&':
- strcpy(t,"&amp;");
- break;
- }
- }
- strcat(string,t);
-
- PR_fprintf(PR_STDOUT,"%02x ",(PRUint8) buf[i]);
-
- /* if we've reached the end of the line - add the string */
- if (i%16 == 15) PR_fprintf(PR_STDOUT," | %s\n",string);
- }
- /* we reached the end of the buffer,*/
- /* do we have buffer left over? */
- j = i%16;
- if (j > 0) {
- for (k=0;k<(16-j);k++) PR_fprintf(PR_STDOUT," ");
- PR_fprintf(PR_STDOUT," |%s\n",string);
- }
- PR_Free(string);
-}
-
-void Usage(void) {
- PR_fprintf(PR_STDERR, "SSLTAP (C) 1997, 1998 Netscape Communications Corporation.\n");
- PR_fprintf(PR_STDERR, "Usage: ssltap [-vhfsxl] [-p port] hostname:port\n");
- PR_fprintf(PR_STDERR, " -v [prints version string]\n");
- PR_fprintf(PR_STDERR, " -h [outputs hex instead of ASCII]\n");
- PR_fprintf(PR_STDERR, " -f [turn on Fancy HTML coloring]\n");
- PR_fprintf(PR_STDERR, " -s [turn on SSL decoding]\n");
- PR_fprintf(PR_STDERR, " -x [turn on extra SSL hex dumps]\n");
- PR_fprintf(PR_STDERR, " -p port [specify rendezvous port (default 1924)]\n");
- PR_fprintf(PR_STDERR, " -l [loop - continue to wait for more connections]\n");
-
-
-}
-
-void
-showErr(const char * msg) {
- PRErrorCode err = PR_GetError();
- const char * errString;
-
- if (err == PR_UNKNOWN_ERROR)
- err = PR_CONNECT_RESET_ERROR; /* bug in NSPR. */
- errString = SECU_Strerror(err);
-
- if (!errString)
- errString = "(no text available)";
- PR_fprintf(PR_STDERR, "Error %d: %s: %s", err, errString, msg);
-}
-
-int main(int argc, char *argv[])
-{
- char *hostname=NULL;
- PRUint16 rendport=DEFPORT,port;
- PRHostEnt hp;
- PRStatus r;
- PRNetAddr na_client,na_server,na_rend;
- PRFileDesc *s_server,*s_client,*s_rend; /*rendezvous */
- char netdbbuf[PR_NETDB_BUF_SIZE];
- int c_count=0;
- PLOptState *optstate;
- PLOptStatus status;
-
- optstate = PL_CreateOptState(argc,argv,"fvxhslp:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'f':
- fancy++;
- break;
- case 'h':
- hexparse++;
- break;
- case 'v':
- PR_fprintf(PR_STDOUT,"Version: %s\n",VERSIONSTRING);
- break;
- case 's':
- sslparse++;
- break;
- case 'x':
- sslhexparse++;
- break;
- case 'l':
- looparound++;
- break;
- case 'p':
- rendport = atoi(optstate->value);
- break;
- case '\0':
- hostname = PL_strdup(optstate->value);
- }
- }
- if (status == PL_OPT_BAD)
- Usage();
-
- if (fancy) {
- if (!hexparse && !sslparse) {
- PR_fprintf(PR_STDERR,
-"Note: use of -f without -s or -h not recommended, \n"
-"as the output looks a little strange. It may be useful, however\n");
- }
- }
-
- if(! hostname ) Usage(), exit(2);
-
- {
- char *colon = (char *)strchr(hostname, ':');
- if (!colon) {
- PR_fprintf(PR_STDERR,
- "You must specify the host AND port you wish to connect to\n");
- Usage(), exit(3);
- }
- port = atoi(&colon[1]);
- *colon = '\0';
-
- if (port == 0) {
- PR_fprintf(PR_STDERR, "Port must be a nonzero number.\n");
- exit(4);
- }
- }
-
- /* find the 'server' IP address so we don't have to look it up later */
-
- if (fancy) {
- PR_fprintf(PR_STDOUT,"<HTML><HEAD><TITLE>SSLTAP output</TITLE></HEAD>\n");
- PR_fprintf(PR_STDOUT,"<BODY><PRE>\n");
- }
- PR_fprintf(PR_STDERR,"Looking up \"%s\"...\n", hostname);
- r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
- if (r) {
- showErr("Host Name lookup failed\n");
- exit(5);
- }
-
- PR_EnumerateHostEnt(0,&hp,0,&na_server);
- PR_InitializeNetAddr(PR_IpAddrNull,port,&na_server);
- /* set up the port which the client will connect to */
-
- r = PR_InitializeNetAddr(PR_IpAddrAny,rendport,&na_rend);
- if (r == PR_FAILURE) {
- PR_fprintf(PR_STDERR,
- "PR_InitializeNetAddr(,%d,) failed with error %d\n",PR_GetError());
- exit(0);
- }
-
-
- s_rend = PR_NewTCPSocket();
- if (!s_rend) {
- showErr("Couldn't create socket\n");
- exit(6);
- }
-
- if (PR_Bind(s_rend, &na_rend )) {
- PR_fprintf(PR_STDERR,"Couldn't bind to port %d (error %d)\n",rendport, PR_GetError());
- exit(-1);
- }
-
- if ( PR_Listen(s_rend, 5)) {
- showErr("Couldn't listen\n");
- exit(-1);
- }
-
- PR_fprintf(PR_STDERR,"Proxy socket ready and listening\n");
- do { /* accept one connection and process it. */
- PRPollDesc pds[2];
-
- s_client = PR_Accept(s_rend,&na_client,PR_SecondsToInterval(3600));
- if (s_client == NULL) {
- showErr("accept timed out\n");
- exit(7);
- }
-
- s_server = PR_NewTCPSocket();
- if (s_server == NULL) {
- showErr("couldn't open new socket to connect to server \n");
- exit(8);
- }
-
- r = PR_Connect(s_server,&na_server,PR_SecondsToInterval(5));
-
- if ( r == PR_FAILURE )
- {
- showErr("Couldn't connect\n");
- return -1;
- }
-
- if (looparound) {
- if (fancy) PR_fprintf(PR_STDOUT,"<p><HR><H2>");
- PR_fprintf(PR_STDOUT,"Connection #%d [%s]\n", c_count+1,
- get_time_string());
- if (fancy) PR_fprintf(PR_STDOUT,"</H2>");
- }
-
-
- PR_fprintf(PR_STDOUT,"Connected to %s:%d\n", hostname, port);
-
-#define PD_C 0
-#define PD_S 1
-
- pds[PD_C].fd = s_client;
- pds[PD_S].fd = s_server;
- pds[PD_C].in_flags = PR_POLL_READ;
- pds[PD_S].in_flags = PR_POLL_READ;
-
- /* make sure the new connections don't start out encrypted. */
- clientstream.isEncrypted = 0;
- serverstream.isEncrypted = 0;
- isV2Session = 0;
-
- while( (pds[PD_C].in_flags & PR_POLL_READ) != 0 ||
- (pds[PD_S].in_flags & PR_POLL_READ) != 0 )
- { /* Handle all messages on the connection */
- PRInt32 amt;
- PRInt32 wrote;
- unsigned char buffer[ TAPBUFSIZ ];
-
- amt = PR_Poll(pds,2,PR_INTERVAL_NO_TIMEOUT);
- if (amt <= 0) {
- if (amt)
- showErr( "PR_Poll failed.\n");
- else
- showErr( "PR_Poll timed out.\n");
- break;
- }
-
- if (pds[PD_C].out_flags & PR_POLL_EXCEPT) {
- showErr( "Exception on client-side socket.\n");
- break;
- }
-
- if (pds[PD_S].out_flags & PR_POLL_EXCEPT) {
- showErr( "Exception on server-side socket.\n");
- break;
- }
-
-
-/* read data, copy it to stdout, and write to other socket */
-
- if ((pds[PD_C].in_flags & PR_POLL_READ) != 0 &&
- (pds[PD_C].out_flags & PR_POLL_READ) != 0 ) {
-
- amt = PR_Read(s_client, buffer, sizeof(buffer));
-
- if ( amt < 0) {
- showErr( "Client socket read failed.\n");
- break;
- }
-
- if( amt == 0 ) {
- PR_fprintf(PR_STDOUT, "Read EOF on Client socket. [%s]\n",
- get_time_string() );
- pds[PD_C].in_flags &= ~PR_POLL_READ;
- PR_Shutdown(s_server, PR_SHUTDOWN_SEND);
- continue;
- }
-
- PR_fprintf(PR_STDOUT,"--> [\n");
- if (fancy) PR_fprintf(PR_STDOUT,"<font color=blue>");
-
- if (hexparse) print_hex(amt, buffer);
- if (sslparse) print_ssl(&clientstream,amt,buffer);
- if (!hexparse && !sslparse) PR_Write(PR_STDOUT,buffer,amt);
- if (fancy) PR_fprintf(PR_STDOUT,"</font>");
- PR_fprintf(PR_STDOUT,"]\n");
-
- wrote = PR_Write(s_server, buffer, amt);
- if (wrote != amt ) {
- if (wrote < 0) {
- showErr("Write to server socket failed.\n");
- break;
- } else {
- PR_fprintf(PR_STDERR, "Short write to server socket!\n");
- }
- }
- } /* end of read from client socket. */
-
-/* read data, copy it to stdout, and write to other socket */
- if ((pds[PD_S].in_flags & PR_POLL_READ) != 0 &&
- (pds[PD_S].out_flags & PR_POLL_READ) != 0 ) {
-
- amt = PR_Read(s_server, buffer, sizeof(buffer));
-
- if ( amt < 0) {
- showErr( "error on server-side socket.\n");
- break;
- }
-
- if( amt == 0 ) {
- PR_fprintf(PR_STDOUT, "Read EOF on Server socket. [%s]\n",
- get_time_string() );
- pds[PD_S].in_flags &= ~PR_POLL_READ;
- PR_Shutdown(s_client, PR_SHUTDOWN_SEND);
- continue;
- }
-
- PR_fprintf(PR_STDOUT,"<-- [\n");
- if (fancy) PR_fprintf(PR_STDOUT,"<font color=red>");
- if (hexparse) print_hex(amt, (unsigned char *)buffer);
- if (sslparse) print_ssl(&serverstream,amt,(unsigned char *)buffer);
- if (!hexparse && !sslparse) PR_Write(PR_STDOUT,buffer,amt);
- if (fancy) PR_fprintf(PR_STDOUT,"</font>");
- PR_fprintf(PR_STDOUT,"]\n");
-
-
- wrote = PR_Write(s_client, buffer, amt);
- if (wrote != amt ) {
- if (wrote < 0) {
- showErr("Write to client socket failed.\n");
- break;
- } else {
- PR_fprintf(PR_STDERR, "Short write to client socket!\n");
- }
- }
-
- } /* end of read from server socket. */
-
-/* Loop, handle next message. */
-
- } /* handle messages during a connection loop */
- PR_Close(s_client);
- PR_Close(s_server);
- flush_stream(&clientstream);
- flush_stream(&serverstream);
-
- c_count++;
- PR_fprintf(PR_STDERR,"Connection %d Complete [%s]\n", c_count,
- get_time_string() );
- } while (looparound); /* accept connection and process it. */
- PR_Close(s_rend);
- return 0;
-}
diff --git a/security/nss/cmd/strsclnt/Makefile b/security/nss/cmd/strsclnt/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/strsclnt/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/strsclnt/manifest.mn b/security/nss/cmd/strsclnt/manifest.mn
deleted file mode 100644
index e54345f6d..000000000
--- a/security/nss/cmd/strsclnt/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = strsclnt.c
-
-# the MODULE above is always implicitly REQUIREd
-REQUIRES = seccmd dbm
-
-PROGRAM = strsclnt
-# PROGRAM = ./$(OBJDIR)/strsclnt.exe
-
diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c
deleted file mode 100644
index ae20c02bb..000000000
--- a/security/nss/cmd/strsclnt/strsclnt.c
+++ /dev/null
@@ -1,1175 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-#include <stdlib.h>
-#if !defined(_WIN32_WCE)
-#include <errno.h>
-#include <fcntl.h>
-#endif
-#include <stdarg.h>
-
-#include "plgetopt.h"
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "sslproto.h"
-#include "nss.h"
-#include "ssl.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#ifndef PORT_Strstr
-#define PORT_Strstr strstr
-#endif
-
-#ifndef PORT_Malloc
-#define PORT_Malloc PR_Malloc
-#endif
-
-#define RD_BUF_SIZE (60 * 1024)
-
-/* Include these cipher suite arrays to re-use tstclnt's
- * cipher selection code.
- */
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
-#ifdef NSS_ENABLE_ECC
- /* NOTE: Since no new SSL2 ciphersuites are being
- * invented, and we've run out of lowercase letters
- * for SSL3 ciphers, we use letters G and beyond
- * for new SSL3 ciphers.
- */
- TLS_ECDH_ECDSA_WITH_NULL_SHA, /* G */
- TLS_ECDH_ECDSA_WITH_RC4_128_SHA, /* H */
- TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, /* I */
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, /* J */
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, /* K */
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, /* L */
- TLS_ECDH_RSA_WITH_NULL_SHA, /* M */
- TLS_ECDH_RSA_WITH_RC4_128_SHA, /* N */
- TLS_ECDH_RSA_WITH_DES_CBC_SHA, /* O */
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, /* P */
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, /* Q */
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, /* R */
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, /* S */
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, /* T */
-#endif /* NSS_ENABLE_ECC */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
- SSL_DHE_RSA_WITH_DES_CBC_SHA, /* r */
- SSL_DHE_DSS_WITH_DES_CBC_SHA, /* s */
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- 0
-};
-
-/* This global string is so that client main can see
- * which ciphers to use.
- */
-
-static const char *cipherString;
-
-static int certsTested;
-static int MakeCertOK;
-static int NoReuse;
-static PRBool NoDelay;
-static PRBool QuitOnTimeout = PR_FALSE;
-
-static SSL3Statistics * ssl3stats;
-
-static int failed_already = 0;
-
-
-char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
-
- return passwd;
-}
-
-int stopping;
-int verbose;
-SECItem bigBuf;
-
-#define PRINTF if (verbose) printf
-#define FPRINTF if (verbose) fprintf
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
- " [-DNvq] [-f fortezza_nickname] [-2 filename]\n"
- " [-w dbpasswd] [-C cipher(s)] [-t threads] hostname\n"
- " where -v means verbose\n"
- " -D means no TCP delays\n"
- " -q means quit when server gone (timeout rather than retry forever)\n"
- " -N means no session reuse\n",
- progName);
- exit(1);
-}
-
-
-static void
-errWarn(char * funcString)
-{
- PRErrorCode perr = PR_GetError();
- const char * errString = SECU_Strerror(perr);
-
- fprintf(stderr, "strsclnt: %s returned error %d:\n%s\n",
- funcString, perr, errString);
-}
-
-static void
-errExit(char * funcString)
-{
- errWarn(funcString);
- exit(1);
-}
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-/* This invokes the "default" AuthCert handler in libssl.
-** The only reason to use this one is that it prints out info as it goes.
-*/
-static SECStatus
-mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
- PRBool isServer)
-{
- SECStatus rv;
- CERTCertificate * peerCert;
-
- peerCert = SSL_PeerCertificate(fd);
-
- PRINTF("strsclnt: Subject: %s\nstrsclnt: Issuer : %s\n",
- peerCert->subjectName, peerCert->issuerName);
- /* invoke the "default" AuthCert handler. */
- rv = SSL_AuthCertificate(arg, fd, checkSig, isServer);
-
- ++certsTested;
- if (rv == SECSuccess) {
- fputs("strsclnt: -- SSL: Server Certificate Validated.\n", stderr);
- }
- CERT_DestroyCertificate(peerCert);
- /* error, if any, will be displayed by the Bad Cert Handler. */
- return rv;
-}
-
-static SECStatus
-myBadCertHandler( void *arg, PRFileDesc *fd)
-{
- int err = PR_GetError();
- if (!MakeCertOK)
- fprintf(stderr,
- "strsclnt: -- SSL: Server Certificate Invalid, err %d.\n%s\n",
- err, SECU_Strerror(err));
- return (MakeCertOK ? SECSuccess : SECFailure);
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- CERTCertificate * cert = NULL;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
- SECStatus result;
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
-
- static int only_once;
-
- if (only_once && verbose < 2)
- return;
- only_once = 1;
-
- result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
- if (result == SECSuccess &&
- channel.length == sizeof channel &&
- channel.cipherSuite) {
- result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
- &suite, sizeof suite);
- if (result == SECSuccess) {
- FPRINTF(stderr,
- "strsclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
- channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
- suite.effectiveKeyBits, suite.symCipherName,
- suite.macBits, suite.macAlgorithmName);
- FPRINTF(stderr,
- "strsclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
- channel.authKeyBits, suite.authAlgorithmName,
- channel.keaKeyBits, suite.keaTypeName);
- }
- }
-
- cert = SSL_LocalCertificate(fd);
- if (!cert)
- cert = SSL_PeerCertificate(fd);
-
- if (verbose && cert) {
- char * ip = CERT_NameToAscii(&cert->issuer);
- char * sp = CERT_NameToAscii(&cert->subject);
- if (sp) {
- fprintf(stderr, "strsclnt: subject DN: %s\n", sp);
- PR_Free(sp);
- }
- if (ip) {
- fprintf(stderr, "strsclnt: issuer DN: %s\n", ip);
- PR_Free(ip);
- }
- }
- if (cert) {
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- fprintf(stderr,
- "strsclnt: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hsh_sid_cache_hits,
- ssl3stats->hsh_sid_cache_misses,
- ssl3stats->hsh_sid_cache_not_ok);
-
-}
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-#define MAX_THREADS 128
-
-typedef int startFn(void *a, void *b, int c);
-
-PRLock * threadLock;
-PRCondVar * threadStartQ;
-PRCondVar * threadEndQ;
-
-int numUsed;
-int numRunning;
-PRInt32 numConnected;
-int max_threads = 8; /* default much less than max. */
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- void * a;
- void * b;
- int c;
- int rv;
- startFn * startFunc;
- PRThread * prThread;
- PRBool inUse;
- runState running;
-} perThread;
-
-perThread threads[MAX_THREADS];
-
-void
-thread_wrapper(void * arg)
-{
- perThread * slot = (perThread *)arg;
-
- /* wait for parent to finish launching us before proceeding. */
- PR_Lock(threadLock);
- PR_Unlock(threadLock);
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b, slot->c);
-
- /* Handle cleanup of thread here. */
- PRINTF("strsclnt: Thread in slot %d returned %d\n",
- slot - threads, slot->rv);
-
- PR_Lock(threadLock);
- slot->running = rs_idle;
- --numRunning;
-
- /* notify the thread launcher. */
- PR_NotifyCondVar(threadStartQ);
-
- PR_Unlock(threadLock);
-}
-
-SECStatus
-launch_thread(
- startFn * startFunc,
- void * a,
- void * b,
- int c)
-{
- perThread * slot;
- int i;
-
- if (!threadStartQ) {
- threadLock = PR_NewLock();
- threadStartQ = PR_NewCondVar(threadLock);
- threadEndQ = PR_NewCondVar(threadLock);
- }
- PR_Lock(threadLock);
- while (numRunning >= max_threads) {
- PR_WaitCondVar(threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
- for (i = 0; i < numUsed; ++i) {
- if (threads[i].running == rs_idle)
- break;
- }
- if (i >= numUsed) {
- if (i >= MAX_THREADS) {
- /* something's really wrong here. */
- PORT_Assert(i < MAX_THREADS);
- PR_Unlock(threadLock);
- return SECFailure;
- }
- ++numUsed;
- PORT_Assert(numUsed == i + 1);
- }
-
- slot = threads + i;
- slot->a = a;
- slot->b = b;
- slot->c = c;
-
- slot->startFunc = startFunc;
-
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, slot,
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
- PR_UNJOINABLE_THREAD, 0);
- if (slot->prThread == NULL) {
- PR_Unlock(threadLock);
- printf("strsclnt: Failed to launch thread!\n");
- return SECFailure;
- }
-
- slot->inUse = 1;
- slot->running = 1;
- ++numRunning;
- PR_Unlock(threadLock);
- PRINTF("strsclnt: Launched thread in slot %d \n", i);
-
- return SECSuccess;
-}
-
-/* Wait until numRunning == 0 */
-int
-reap_threads(void)
-{
- perThread * slot;
- int i;
-
- if (!threadLock)
- return 0;
- PR_Lock(threadLock);
- while (numRunning > 0) {
- PR_WaitCondVar(threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
-
- /* Safety Sam sez: make sure count is right. */
- for (i = 0; i < numUsed; ++i) {
- slot = threads + i;
- if (slot->running != rs_idle) {
- FPRINTF(stderr, "strsclnt: Thread in slot %d is in state %d!\n",
- i, slot->running);
- }
- }
- PR_Unlock(threadLock);
- return 0;
-}
-
-void
-destroy_thread_data(void)
-{
- PORT_Memset(threads, 0, sizeof threads);
-
- if (threadEndQ) {
- PR_DestroyCondVar(threadEndQ);
- threadEndQ = NULL;
- }
- if (threadStartQ) {
- PR_DestroyCondVar(threadStartQ);
- threadStartQ = NULL;
- }
- if (threadLock) {
- PR_DestroyLock(threadLock);
- threadLock = NULL;
- }
-}
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-PRBool useModelSocket = PR_TRUE;
-
-static const char stopCmd[] = { "GET /stop " };
-static const char outHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: Netscape-Enterprise/2.0a\r\n"
- "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-struct lockedVarsStr {
- PRLock * lock;
- int count;
- int waiters;
- PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PR_NewLock();
- lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PR_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PR_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PR_Lock(lv->lock);
- while (lv->count > 0) {
- PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PR_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PR_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PR_NotifyCondVar(lv->condVar);
- }
- PR_Unlock(lv->lock);
- return rv;
-}
-
-int
-do_writes(
- void * a,
- void * b,
- int c)
-{
- PRFileDesc * ssl_sock = (PRFileDesc *)a;
- lockedVars * lv = (lockedVars *)b;
- int sent = 0;
- int count = 0;
-
- while (sent < bigBuf.len) {
-
- count = PR_Write(ssl_sock, bigBuf.data + sent, bigBuf.len - sent);
- if (count < 0) {
- errWarn("PR_Write bigBuf");
- break;
- }
- FPRINTF(stderr, "strsclnt: PR_Write wrote %d bytes from bigBuf\n",
- count );
- sent += count;
- }
- if (count >= 0) { /* last write didn't fail. */
- PR_Shutdown(ssl_sock, PR_SHUTDOWN_SEND);
- }
-
- /* notify the reader that we're done. */
- lockedVars_AddToCount(lv, -1);
- return (sent < bigBuf.len) ? SECFailure : SECSuccess;
-}
-
-int
-handle_fdx_connection( PRFileDesc * ssl_sock, int connection)
-{
- SECStatus result;
- int firstTime = 1;
- int countRead = 0;
- lockedVars lv;
- char *buf;
-
-
- lockedVars_Init(&lv);
- lockedVars_AddToCount(&lv, 1);
-
- /* Attempt to launch the writer thread. */
- result = launch_thread(do_writes, ssl_sock, &lv, connection);
-
- if (result != SECSuccess)
- goto cleanup;
-
- buf = PR_Malloc(RD_BUF_SIZE);
-
- if (buf) {
- do {
- /* do reads here. */
- PRInt32 count;
-
- count = PR_Read(ssl_sock, buf, RD_BUF_SIZE);
- if (count < 0) {
- errWarn("PR_Read");
- break;
- }
- countRead += count;
- FPRINTF(stderr,
- "strsclnt: connection %d read %d bytes (%d total).\n",
- connection, count, countRead );
- if (firstTime) {
- firstTime = 0;
- printSecurityInfo(ssl_sock);
- }
- } while (lockedVars_AddToCount(&lv, 0) > 0);
- PR_Free(buf);
- buf = 0;
- }
-
- /* Wait for writer to finish */
- lockedVars_WaitForDone(&lv);
- lockedVars_Destroy(&lv);
-
- FPRINTF(stderr,
- "strsclnt: connection %d read %d bytes total. -----------------------\n",
- connection, countRead);
-
-cleanup:
- /* Caller closes the socket. */
-
- return SECSuccess;
-}
-
-const char request[] = {"GET /abc HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection( PRFileDesc *ssl_sock, int connection)
-{
- int countRead = 0;
- PRInt32 rv;
- char *buf;
-
- buf = PR_Malloc(RD_BUF_SIZE);
- if (!buf)
- return SECFailure;
-
- /* compose the http request here. */
-
- rv = PR_Write(ssl_sock, request, strlen(request));
- if (rv <= 0) {
- errWarn("PR_Write");
- PR_Free(buf);
- buf = 0;
- failed_already = 1;
- return SECFailure;
- }
- printSecurityInfo(ssl_sock);
-
- /* read until EOF */
- while (1) {
- rv = PR_Read(ssl_sock, buf, RD_BUF_SIZE);
- if (rv == 0) {
- break; /* EOF */
- }
- if (rv < 0) {
- errWarn("PR_Read");
- break;
- }
-
- countRead += rv;
- FPRINTF(stderr, "strsclnt: connection %d read %d bytes (%d total).\n",
- connection, rv, countRead );
- }
- PR_Free(buf);
- buf = 0;
-
- /* Caller closes the socket. */
-
- FPRINTF(stderr,
- "strsclnt: connection %d read %d bytes total. -----------------------\n",
- connection, countRead);
-
- return SECSuccess; /* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-int
-do_connects(
- void * a,
- void * b,
- int connection)
-{
- PRNetAddr * addr = (PRNetAddr *) a;
- PRFileDesc * model_sock = (PRFileDesc *) b;
- PRFileDesc * ssl_sock = 0;
- PRFileDesc * tcp_sock = 0;
- PRStatus prStatus;
- PRUint32 sleepInterval = 50; /* milliseconds */
- SECStatus result;
- int rv = SECSuccess;
- PRSocketOptionData opt;
-
-retry:
-
- tcp_sock = PR_NewTCPSocket();
- if (tcp_sock == NULL) {
- errExit("PR_NewTCPSocket");
- }
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- prStatus = PR_SetSocketOption(tcp_sock, &opt);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption(PR_SockOpt_Nonblocking, PR_FALSE)");
- PR_Close(tcp_sock);
- return SECSuccess;
- }
-
- if (NoDelay) {
- opt.option = PR_SockOpt_NoDelay;
- opt.value.no_delay = PR_TRUE;
- prStatus = PR_SetSocketOption(tcp_sock, &opt);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption(PR_SockOpt_NoDelay, PR_TRUE)");
- PR_Close(tcp_sock);
- return SECSuccess;
- }
- }
-
- prStatus = PR_Connect(tcp_sock, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- PRErrorCode err = PR_GetError();
- if ((err == PR_CONNECT_REFUSED_ERROR) ||
- (err == PR_CONNECT_RESET_ERROR) ) {
- int connections = numConnected;
-
- PR_Close(tcp_sock);
- if (connections > 2 && max_threads >= connections) {
- max_threads = connections - 1;
- fprintf(stderr,"max_threads set down to %d\n", max_threads);
- }
- if (QuitOnTimeout && sleepInterval > 40000) {
- fprintf(stderr,
- "strsclnt: Client timed out waiting for connection to server.\n");
- exit(1);
- }
- PR_Sleep(PR_MillisecondsToInterval(sleepInterval));
- sleepInterval <<= 1;
- goto retry;
- }
- errWarn("PR_Connect");
- rv = SECFailure;
- goto done;
- }
-
- ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
- /* XXX if this import fails, close tcp_sock and return. */
- if (!ssl_sock) {
- PR_Close(tcp_sock);
- return SECSuccess;
- }
-
- rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 0);
- if (rv != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto done;
- }
-
- PR_AtomicIncrement(&numConnected);
-
- if (bigBuf.data != NULL) {
- result = handle_fdx_connection( ssl_sock, connection);
- } else {
- result = handle_connection( ssl_sock, connection);
- }
-
- PR_AtomicDecrement(&numConnected);
-
-done:
- if (ssl_sock) {
- PR_Close(ssl_sock);
- } else if (tcp_sock) {
- PR_Close(tcp_sock);
- }
- return SECSuccess;
-}
-
-/* Returns IP address for hostname as PRUint32 in Host Byte Order.
-** Since the value returned is an integer (not a string of bytes),
-** it is inherently in Host Byte Order.
-*/
-PRUint32
-getIPAddress(const char * hostName)
-{
- const unsigned char *p;
- PRStatus prStatus;
- PRUint32 rv;
- PRHostEnt prHostEnt;
- char scratch[PR_NETDB_BUF_SIZE];
-
- prStatus = PR_GetHostByName(hostName, scratch, sizeof scratch, &prHostEnt);
- if (prStatus != PR_SUCCESS)
- errExit("PR_GetHostByName");
-
-#undef h_addr
-#define h_addr h_addr_list[0] /* address, for backward compatibility */
-
- p = (const unsigned char *)(prHostEnt.h_addr); /* in Network Byte order */
- FPRINTF(stderr, "strsclnt: %s -> %d.%d.%d.%d\n", hostName,
- p[0], p[1], p[2], p[3]);
- rv = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
- return rv;
-}
-
-void
-client_main(
- unsigned short port,
- int connections,
- SECKEYPrivateKey ** privKey,
- CERTCertificate ** cert,
- const char * hostName,
- char * nickName)
-{
- PRFileDesc *model_sock = NULL;
- int i;
- int rv;
- PRUint32 ipAddress; /* in host byte order */
- PRNetAddr addr;
-
- /* Assemble NetAddr struct for connections. */
- ipAddress = getIPAddress(hostName);
-
- addr.inet.family = PR_AF_INET;
- addr.inet.port = PR_htons(port);
- addr.inet.ip = PR_htonl(ipAddress);
-
- /* all suites except RSA_NULL_MD5 are enabled by Domestic Policy */
- NSS_SetDomesticPolicy();
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage("strsclnt");
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus rv;
- rv = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "strsclnt: SSL_CipherPrefSetDefault failed with value 0x%04x\n",
- cipher);
- exit(1);
- }
- }
- }
- }
-
- /* configure model SSL socket. */
-
- model_sock = PR_NewTCPSocket();
- if (model_sock == NULL) {
- errExit("PR_NewTCPSocket on model socket");
- }
-
- model_sock = SSL_ImportFD(NULL, model_sock);
- if (model_sock == NULL) {
- errExit("SSL_ImportFD");
- }
-
- /* do SSL configuration. */
-
- rv = SSL_OptionSet(model_sock, SSL_SECURITY, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_SECURITY");
- }
-
- if (bigBuf.data) { /* doing FDX */
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_FDX, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_ENABLE_FDX");
- }
- }
-
- if (NoReuse) {
- rv = SSL_OptionSet(model_sock, SSL_NO_CACHE, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_NO_CACHE");
- }
- }
-
- SSL_SetURL(model_sock, hostName);
-
- SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
-
- SSL_BadCertHook(model_sock, myBadCertHandler, NULL);
-
- SSL_GetClientAuthDataHook(model_sock, NSS_GetClientAuthData, nickName);
-
- /* I'm not going to set the HandshakeCallback function. */
-
- /* end of ssl configuration. */
-
- i = 1;
- if (!NoReuse) {
- rv = launch_thread(do_connects, &addr, model_sock, i);
- --connections;
- ++i;
- /* wait for the first connection to terminate, then launch the rest. */
- reap_threads();
- }
- if (connections > 0) {
- /* Start up the connections */
- do {
- rv = launch_thread(do_connects, &addr, model_sock, i);
- ++i;
- } while (--connections > 0);
- reap_threads();
- }
- destroy_thread_data();
-
- PR_Close(model_sock);
-
-}
-
-SECStatus
-readBigFile(const char * fileName)
-{
- PRFileInfo info;
- PRStatus status;
- SECStatus rv = SECFailure;
- int count;
- int hdrLen;
- PRFileDesc *local_file_fd = NULL;
-
- status = PR_GetFileInfo(fileName, &info);
-
- if (status == PR_SUCCESS &&
- info.type == PR_FILE_FILE &&
- info.size > 0 &&
- NULL != (local_file_fd = PR_Open(fileName, PR_RDONLY, 0))) {
-
- hdrLen = PORT_Strlen(outHeader);
- bigBuf.len = hdrLen + info.size;
- bigBuf.data = PORT_Malloc(bigBuf.len + 4095);
- if (!bigBuf.data) {
- errWarn("PORT_Malloc");
- goto done;
- }
-
- PORT_Memcpy(bigBuf.data, outHeader, hdrLen);
-
- count = PR_Read(local_file_fd, bigBuf.data + hdrLen, info.size);
- if (count != info.size) {
- errWarn("PR_Read local file");
- goto done;
- }
- rv = SECSuccess;
-done:
- PR_Close(local_file_fd);
- }
- return rv;
-}
-
-int
-main(int argc, char **argv)
-{
- const char * dir = ".";
- char * fNickName = NULL;
- const char * fileName = NULL;
- char * hostName = NULL;
- char * nickName = NULL;
- char * progName = NULL;
- char * tmp = NULL;
- char * passwd = NULL;
- CERTCertificate * cert [kt_kea_size] = { NULL };
- SECKEYPrivateKey * privKey[kt_kea_size] = { NULL };
- int connections = 1;
- int exitVal;
- int tmpInt;
- unsigned short port = 443;
- SECStatus rv;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Call the NSPR initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- tmp = strrchr(argv[0], '/');
- tmp = tmp ? tmp + 1 : argv[0];
- progName = strrchr(tmp, '\\');
- progName = progName ? progName + 1 : tmp;
-
-
- optstate = PL_CreateOptState(argc, argv, "2:C:DNc:d:f:n:op:t:vqw:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
-
- case '2': fileName = optstate->value; break;
-
- case 'C': cipherString = optstate->value; break;
-
- case 'D': NoDelay = PR_TRUE; break;
-
- case 'N': NoReuse = 1; break;
-
- case 'c': connections = PORT_Atoi(optstate->value); break;
-
- case 'd': dir = optstate->value; break;
-
- case 'f': fNickName = PL_strdup(optstate->value); break;
-
- case 'n': nickName = PL_strdup(optstate->value); break;
-
- case 'o': MakeCertOK = 1; break;
-
- case 'p': port = PORT_Atoi(optstate->value); break;
-
- case 'q': QuitOnTimeout = PR_TRUE; break;
-
- case 't':
- tmpInt = PORT_Atoi(optstate->value);
- if (tmpInt > 0 && tmpInt < MAX_THREADS)
- max_threads = tmpInt;
- break;
-
- case 'v': verbose++; break;
-
- case 'w': passwd = PL_strdup(optstate->value); break;
-
- case 0: /* positional parameter */
- if (hostName) {
- Usage(progName);
- }
- hostName = PL_strdup(optstate->value);
- break;
-
- default:
- case '?':
- Usage(progName);
- break;
-
- }
- }
- if (!hostName || status == PL_OPT_BAD)
- Usage(progName);
-
- if (port == 0)
- Usage(progName);
-
- if (fileName)
- readBigFile(fileName);
-
- /* set our password function */
- if ( passwd ) {
- PK11_SetPasswordFunc(ownPasswd);
- } else {
- PK11_SetPasswordFunc(SECU_GetModulePassword);
- }
-
- /* Call the libsec initialization routines */
- rv = NSS_Init(dir);
- if (rv != SECSuccess) {
- fputs("NSS_Init failed.\n", stderr);
- exit(1);
- }
- ssl3stats = SSL_GetStatistics();
-
- if (nickName && strcmp(nickName, "none")) {
-
- cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd);
- if (cert[kt_rsa] == NULL) {
- fprintf(stderr, "strsclnt: Can't find certificate %s\n", nickName);
- exit(1);
- }
-
- privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd);
- if (privKey[kt_rsa] == NULL) {
- fprintf(stderr, "strsclnt: Can't find Private Key for cert %s\n",
- nickName);
- exit(1);
- }
-
- }
- if (fNickName) {
- cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, passwd);
- if (cert[kt_fortezza] == NULL) {
- fprintf(stderr, "strsclnt: Can't find certificate %s\n", fNickName);
- exit(1);
- }
-
- privKey[kt_fortezza] = PK11_FindKeyByAnyCert(cert[kt_fortezza], passwd);
- if (privKey[kt_fortezza] == NULL) {
- fprintf(stderr, "strsclnt: Can't find Private Key for cert %s\n",
- fNickName);
- exit(1);
- }
- }
-
- client_main(port, connections, privKey, cert, hostName, nickName);
-
- /* clean up */
- if (cert[kt_rsa]) {
- CERT_DestroyCertificate(cert[kt_rsa]);
- }
- if (cert[kt_fortezza]) {
- CERT_DestroyCertificate(cert[kt_fortezza]);
- }
- if (privKey[kt_rsa]) {
- SECKEY_DestroyPrivateKey(privKey[kt_rsa]);
- }
- if (privKey[kt_fortezza]) {
- SECKEY_DestroyPrivateKey(privKey[kt_fortezza]);
- }
-
- /* some final stats. */
- if (ssl3stats->hsh_sid_cache_hits + ssl3stats->hsh_sid_cache_misses +
- ssl3stats->hsh_sid_cache_not_ok == 0) {
- /* presumably we were testing SSL2. */
- printf("strsclnt: %d server certificates tested.\n", certsTested);
- } else {
- printf(
- "strsclnt: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hsh_sid_cache_hits,
- ssl3stats->hsh_sid_cache_misses,
- ssl3stats->hsh_sid_cache_not_ok);
- }
-
- if (!NoReuse)
- exitVal = (ssl3stats->hsh_sid_cache_misses > 1) ||
- (ssl3stats->hsh_sid_cache_not_ok != 0) ||
- (certsTested > 1);
- else
- exitVal = (ssl3stats->hsh_sid_cache_misses != connections) ||
- (certsTested != connections);
-
- exitVal = ( exitVal || failed_already );
- SSL_ClearSessionCache();
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- PR_Cleanup();
- return exitVal;
-}
-
diff --git a/security/nss/cmd/swfort/Makefile b/security/nss/cmd/swfort/Makefile
deleted file mode 100644
index a5b4350a6..000000000
--- a/security/nss/cmd/swfort/Makefile
+++ /dev/null
@@ -1,108 +0,0 @@
-#! gmake
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-CORE_DEPTH = ../../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-# $(NULL)
-
-
-INCLUDES += \
- -I$(DIST)/../public/security \
- -I$(DIST)/../private/security \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- -I./include \
- $(NULL)
-
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(DIST)/lib/libxp.$(LIB_SUFFIX) \
- $(DIST)/lib/libnspr.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There are a circular dependancies in security/lib, and we deal with it by
-# double linking some libraries
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libhash.$(LIB_SUFFIX) \
- $(NULL)
-
-MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-REQUIRES = libxp nspr security
-
-CSRCS = $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-symbols::
- @echo "TARGETS = $(TARGETS)"
diff --git a/security/nss/cmd/swfort/instinit/Makefile b/security/nss/cmd/swfort/instinit/Makefile
deleted file mode 100644
index f912d54cd..000000000
--- a/security/nss/cmd/swfort/instinit/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../../platrules.mk
diff --git a/security/nss/cmd/swfort/instinit/instinit.c b/security/nss/cmd/swfort/instinit/instinit.c
deleted file mode 100644
index 8b8b86c81..000000000
--- a/security/nss/cmd/swfort/instinit/instinit.c
+++ /dev/null
@@ -1,421 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-
-#include "prio.h"
-#include "seccomon.h"
-#include "swforti.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "nss.h"
-#include "secutil.h"
-
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4) /* trusted for issuing server certs */
-
-void secmod_GetInternalModule(SECMODModule *module);
-void sec_SetCheckKRLState(int i);
-
-#define STEP 16
-void
-printItem(SECItem *key) {
- int i;
- unsigned char *block;
- int len;
- for (block=key->data,len=key->len; len > 0; len -= STEP,block += STEP) {
- for(i=0; i < STEP && i < len; i++) printf(" %02x ",block[i]);
- printf("\n");
- }
- printf("\n");
-}
-
-void
-dump(unsigned char *block, int len) {
- int i;
- for (; len > 0; len -= STEP,block += STEP) {
- for(i=0; i < STEP && i < len; i++) printf(" %02x ",block[i]);
- printf("\n");
- }
- printf("\n");
-}
-
-
-/*
- * We need to move this to security/cmd .. so we can use the password
- * prompting infrastructure.
- */
-char *GetUserInput(char * prompt)
-{
- char phrase[200];
-
- fprintf(stderr, "%s", prompt);
- fflush (stderr);
-
- fgets ((char*) phrase, sizeof(phrase), stdin);
-
- /* stomp on newline */
- phrase[PORT_Strlen((char*)phrase)-1] = 0;
-
- /* Validate password */
- return (char*) PORT_Strdup((char*)phrase);
-}
-
-void ClearPass(char *pass) {
- PORT_Memset(pass,0,strlen(pass));
- PORT_Free(pass);
-}
-
-char *
-formatDERIssuer(FORTSWFile *file,SECItem *derIssuer)
-{
- CERTName name;
- SECStatus rv;
-
- PORT_Memset(&name,0,sizeof(name));;
- rv = SEC_ASN1DecodeItem(file->arena,&name,CERT_NameTemplate,derIssuer);
- if (rv != SECSuccess) {
- return NULL;
- }
- return CERT_NameToAscii(&name);
-}
-
-#define NETSCAPE_INIT_FILE "nsswft.swf"
-
-char *getDefaultTarget(void)
-{
- char *fname = NULL;
- char *home = NULL;
- static char unix_home[512];
-
- /* first try to get it from the environment */
- fname = getenv("SW_FORTEZZA_FILE");
- if (fname != NULL) {
- return PORT_Strdup(fname);
- }
-
-#ifdef XP_UNIX
- home = getenv("HOME");
- if (home) {
- strncpy(unix_home,home, sizeof(unix_home)-sizeof("/.netscape/"NETSCAPE_INIT_FILE));
- strcat(unix_home,"/.netscape/"NETSCAPE_INIT_FILE);
- return unix_home;
- }
-#endif
-#ifdef XP_WIN
- home = getenv("windir");
- if (home) {
- strncpy(unix_home,home, sizeof(unix_home)-sizeof("\\"NETSCAPE_INIT_FILE));
- strcat(unix_home,"\\"NETSCAPE_INIT_FILE);
- return unix_home;
- }
-#endif
- return (NETSCAPE_INIT_FILE);
-}
-
-void
-usage(char *prog) {
- fprintf(stderr,"usage: %s [-v][-f][-t transport_pass][-u user_pass][-o output_file] source_file\n",prog);
- exit(1);
-}
-
-int main(int argc, char ** argv)
-{
-
- FORTSignedSWFile * swfile;
- int size;
- SECItem file;
- char *progname = *argv++;
- char *filename = NULL;
- char *outname = NULL;
- char *cp;
- int verbose = 0;
- int force = 0;
- CERTCertDBHandle *certhandle = NULL;
- CERTCertificate *cert;
- CERTCertTrust *trust;
- char * pass;
- SECStatus rv;
- int i;
- int64 now; /* XXXX */
- char *issuer;
- char *transport_pass = NULL;
- char *user_pass = NULL;
- SECItem *outItem = NULL;
- PRFileDesc *fd;
- PRFileInfo info;
- PRStatus prv;
-
-
-
-
- /* put better argument parsing here */
- while ((cp = *argv++) != NULL) {
- if (*cp == '-') {
- while (*++cp) {
- switch (*cp) {
- /* verbose mode */
- case 'v':
- verbose++;
- break;
- /* explicitly set the target */
- case 'o':
- outname = *argv++;
- break;
- case 'f':
- /* skip errors in signatures without prompts */
- force++;
- break;
- case 't':
- /* provide password on command line */
- transport_pass = *argv++;
- break;
- case 'u':
- /* provide user password on command line */
- user_pass = *argv++;
- break;
- default:
- usage(progname);
- break;
- }
- }
- } else if (filename) {
- usage(progname);
- } else {
- filename = cp;
- }
- }
-
- if (filename == NULL) usage(progname);
- if (outname == NULL) outname = getDefaultTarget();
-
-
- now = PR_Now();
- /* read the file in */
- fd = PR_Open(filename,PR_RDONLY,0);
- if (fd == NULL) {
- fprintf(stderr,"%s: couldn't open file \"%s\".\n",progname,filename);
- exit(1);
- }
-
- prv = PR_GetOpenFileInfo(fd,&info);
- if (prv != PR_SUCCESS) {
- fprintf(stderr,"%s: couldn't get info on file \"%s\".\n",
- progname,filename);
- exit(1);
- }
-
- size = info.size;
-
- file.data = malloc(size);
- file.len = size;
-
- file.len = PR_Read(fd,file.data,file.len);
- if (file.len < 0) {
- fprintf(stderr,"%s: couldn't read file \"%s\".\n",progname, filename);
- exit(1);
- }
-
- PR_Close(fd);
-
- /* Parse the file */
- swfile = FORT_GetSWFile(&file);
- if (swfile == NULL) {
- fprintf(stderr,
- "%s: File \"%s\" not a valid FORTEZZA initialization file.\n",
- progname,filename);
- exit(1);
- }
-
- issuer = formatDERIssuer(&swfile->file,&swfile->file.derIssuer);
- if (issuer == NULL) {
- issuer = "<Invalid Issuer DER>";
- }
-
- if (verbose) {
- printf("Processing file %s ....\n",filename);
- printf(" Version %ld\n",DER_GetInteger(&swfile->file.version));
- printf(" Issuer: %s\n",issuer);
- printf(" Serial Number: ");
- for (i=0; i < (int)swfile->file.serialID.len; i++) {
- printf(" %02x",swfile->file.serialID.data[i]);
- }
- printf("\n");
- }
-
-
- /* Check the Initalization phrase and save Kinit */
- if (!transport_pass) {
- pass = SECU_GetPasswordString(NULL,"Enter the Initialization Memphrase:");
- transport_pass = pass;
- }
- rv = FORT_CheckInitPhrase(swfile,transport_pass);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "%s: Invalid Initialization Memphrase for file \"%s\".\n",
- progname,filename);
- exit(1);
- }
-
- /* Check the user or init phrase and save Ks, use Kinit to unwrap the
- * remaining data. */
- if (!user_pass) {
- pass = SECU_GetPasswordString(NULL,"Enter the User Memphrase or the User PIN:");
- user_pass = pass;
- }
- rv = FORT_CheckUserPhrase(swfile,user_pass);
- if (rv != SECSuccess) {
- fprintf(stderr,"%s: Invalid User Memphrase or PIN for file \"%s\".\n",
- progname,filename);
- exit(1);
- }
-
- NSS_NoDB_Init(NULL);
- sec_SetCheckKRLState(1);
- certhandle = CERT_GetDefaultCertDB();
-
- /* now dump the certs into the temparary data base */
- for (i=0; swfile->file.slotEntries[i]; i++) {
- int trusted = 0;
- SECItem *derCert = FORT_GetDERCert(swfile,
- swfile->file.slotEntries[i]->certIndex);
-
- if (derCert == NULL) {
- if (verbose) {
- printf(" Cert %02d: %s \"%s\" \n",
- swfile->file.slotEntries[i]->certIndex,
- "untrusted", "Couldn't decrypt Cert");
- }
- continue;
- }
- cert = CERT_NewTempCertificate(certhandle, derCert, NULL,
- PR_FALSE, PR_TRUE);
- if (cert == NULL) {
- if (verbose) {
- printf(" Cert %02d: %s \"%s\" \n",
- swfile->file.slotEntries[i]->certIndex,
- "untrusted", "Couldn't decode Cert");
- }
- continue;
- }
- if (swfile->file.slotEntries[i]->trusted.data[0]) {
- /* Add TRUST */
- trust = PORT_ArenaAlloc(cert->arena,sizeof(CERTCertTrust));
- if (trust != NULL) {
- trust->sslFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
- trust->emailFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
- trust->objectSigningFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
- cert->trust = trust;
- trusted++;
- }
- }
- if (verbose) {
- printf(" Cert %02d: %s \"%s\" \n",
- swfile->file.slotEntries[i]->certIndex,
- trusted?" trusted ":"untrusted",
- CERT_NameToAscii(&cert->subject));
- }
- }
-
- fflush(stdout);
-
-
- cert = CERT_FindCertByName(certhandle,&swfile->file.derIssuer);
- if (cert == NULL) {
- fprintf(stderr,"%s: Couldn't find signer certificate \"%s\".\n",
- progname,issuer);
- rv = SECFailure;
- goto noverify;
- }
- rv = CERT_VerifySignedData(&swfile->signatureWrap,cert, now, NULL);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "%s: Couldn't verify the signature on file \"%s\" with certificate \"%s\".\n",
- progname,filename,issuer);
- goto noverify;
- }
- rv = CERT_VerifyCert(certhandle, cert, PR_TRUE, certUsageSSLServer,
- now ,NULL,NULL);
- /* not an normal cert, see if it's a CA? */
- if (rv != SECSuccess) {
- rv = CERT_VerifyCert(certhandle, cert, PR_TRUE, certUsageAnyCA,
- now ,NULL,NULL);
- }
- if (rv != SECSuccess) {
- fprintf(stderr,"%s: Couldn't verify the signer certificate \"%s\".\n",
- progname,issuer);
- goto noverify;
- }
-
-noverify:
- if (rv != SECSuccess) {
- if (!force) {
- pass = GetUserInput(
- "Signature verify failed, continue without verification? ");
- if (!(pass && ((*pass == 'Y') || (*pass == 'y')))) {
- exit(1);
- }
- }
- }
-
-
- /* now write out the modified init file for future use */
- outItem = FORT_PutSWFile(swfile);
- if (outItem == NULL) {
- fprintf(stderr,"%s: Couldn't format target init file.\n",
- progname);
- goto noverify;
- }
-
- if (verbose) {
- printf("writing modified file out to \"%s\".\n",outname);
- }
-
- /* now write it out */
- fd = PR_Open(outname,PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE,0700);
- if (fd == NULL) {
- fprintf(stderr,"%s: couldn't open file \"%s\".\n",progname,outname);
- exit(1);
- }
-
- file.len = PR_Write(fd,outItem->data,outItem->len);
- if (file.len < 0) {
- fprintf(stderr,"%s: couldn't read file \"%s\".\n",progname, filename);
- exit(1);
- }
-
- PR_Close(fd);
-
- exit(0);
- return (0);
-}
-
diff --git a/security/nss/cmd/swfort/instinit/manifest.mn b/security/nss/cmd/swfort/instinit/manifest.mn
deleted file mode 100644
index 8380f4246..000000000
--- a/security/nss/cmd/swfort/instinit/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-DEFINES += -DNSPR20
-
-MODULE = nss
-
-CSRCS = instinit.c
-
-REQUIRES = nspr dbm seccmd
-
-PROGRAM = instinit
-# PROGRAM = ./$(OBJDIR)/selfserv.exe
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/swfort/manifest.mn b/security/nss/cmd/swfort/manifest.mn
deleted file mode 100644
index aaacd83e8..000000000
--- a/security/nss/cmd/swfort/manifest.mn
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-REQUIRES = nss seccmd dbm
-
-
-DIRS = instinit newuser
diff --git a/security/nss/cmd/swfort/newuser/Makefile b/security/nss/cmd/swfort/newuser/Makefile
deleted file mode 100644
index f0a47a0a3..000000000
--- a/security/nss/cmd/swfort/newuser/Makefile
+++ /dev/null
@@ -1,83 +0,0 @@
-#! gmake
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-ctmp := $(shell $(MAKE) -C ../../../lib/fortcrypt --no-print-directory cilib_name)
-ifeq ($(ctmp), $(patsubst /%,/,$(ctmp)))
- CILIB := ../../../lib/fortcrypt/$(ctmp)
-else
- CILIB := $(ctmp)
-endif
-
-EXTRA_LIBS += $(CILIB)
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../../platrules.mk
-
diff --git a/security/nss/cmd/swfort/newuser/manifest.mn b/security/nss/cmd/swfort/newuser/manifest.mn
deleted file mode 100644
index 4554c69ef..000000000
--- a/security/nss/cmd/swfort/newuser/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-DEFINES += -DNSPR20
-
-MODULE = nss
-
-CSRCS = newuser.c mktst.c
-
-REQUIRES = nspr dbm seccmd
-
-PROGRAM = newuser
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/swfort/newuser/mktst.c b/security/nss/cmd/swfort/newuser/mktst.c
deleted file mode 100644
index 6e111d3dd..000000000
--- a/security/nss/cmd/swfort/newuser/mktst.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-
-#include "prio.h"
-#include "swforti.h"
-#include "maci.h"
-#include "secder.h"
-#include "blapi.h"
-
-void
-printkey(char *s, unsigned char *block) {
- int i;
- printf("%s \n 0x",s);
- for(i=0; i < 10; i++) printf("%02x",block[i]);
- printf("\n");
-}
-
-void
-printblock(char *s, unsigned char *block) {
- int i;
- printf("%s \n 0x",s);
- for(i=0; i < 8; i++) printf("%02x",block[i]);
- printf("\n 0x");
- for(i=8; i < 16; i++) printf("%02x",block[i]);
- printf("\n");
-}
-
-
-static char *leafbits="THIS IS NOT LEAF";
-
-static void
-encryptCertEntry(fortProtectedData *pdata,FORTSkipjackKeyPtr Ks,
- unsigned char *data,int len)
-{
- unsigned char *dataout;
- int enc_len;
- /* XXX Make length */
- pdata->dataIV.data = PORT_ZAlloc(24);
- pdata->dataIV.len = 24;
- PORT_Memcpy(pdata->dataIV.data,leafbits,SKIPJACK_LEAF_SIZE);
- fort_GenerateRandom(&pdata->dataIV.data[SKIPJACK_LEAF_SIZE],
- SKIPJACK_BLOCK_SIZE);
- enc_len = (len + (SKIPJACK_BLOCK_SIZE-1)) & ~(SKIPJACK_BLOCK_SIZE-1);
- dataout = pdata->dataEncryptedWithKs.data = PORT_ZAlloc(enc_len);
- pdata->dataEncryptedWithKs.len = enc_len;
- fort_skipjackEncrypt(Ks,&pdata->dataIV.data[SKIPJACK_LEAF_SIZE],
- enc_len, data,dataout);
- if (len > 255) {
- pdata->length.data = PORT_ZAlloc(2);
- pdata->length.data[0] = (len >> 8) & 0xff;
- pdata->length.data[1] = len & 0xff;
- pdata->length.len = 2;
- } else {
- pdata->length.data = PORT_ZAlloc(1);
- pdata->length.data[0] = len & 0xff;
- pdata->length.len = 1;
- }
-
-}
-
-unsigned char issuer[30] = { 0 };
-
-void
-makeCertSlot(fortSlotEntry *entry,int index,char *label,SECItem *cert,
- FORTSkipjackKeyPtr Ks, unsigned char *xKEA, unsigned char *xDSA,
- unsigned char *pubKey, int pubKeyLen, unsigned char *p, unsigned char *q,
- unsigned char *g)
-{
- unsigned char *key; /* private key */
-
- entry->trusted.data = PORT_Alloc(1);
- *entry->trusted.data = index == 0 ? 1 : 0;
- entry->trusted.len = 1;
- entry->certificateIndex.data = PORT_Alloc(1);
- *entry->certificateIndex.data = index;
- entry->certificateIndex.len = 1;
- entry->certIndex = index;
- encryptCertEntry(&entry->certificateLabel,Ks,
- (unsigned char *)label, strlen(label));
- encryptCertEntry(&entry->certificateData,Ks, cert->data, cert->len);
- if (xKEA) {
- entry->exchangeKeyInformation = PORT_ZNew(fortKeyInformation);
- entry->exchangeKeyInformation->keyFlags.data = PORT_ZAlloc(1);
- entry->exchangeKeyInformation->keyFlags.data[0] = 1;
- entry->exchangeKeyInformation->keyFlags.len = 1;
- key = PORT_Alloc(24);
- fort_skipjackWrap(Ks,24,xKEA,key);
- entry->exchangeKeyInformation->privateKeyWrappedWithKs.data = key;
- entry->exchangeKeyInformation->privateKeyWrappedWithKs.len = 24;
- entry->exchangeKeyInformation->derPublicKey.data = pubKey;
- entry->exchangeKeyInformation->derPublicKey.len = pubKeyLen;
- entry->exchangeKeyInformation->p.data = p;
- entry->exchangeKeyInformation->p.len = 128;
- entry->exchangeKeyInformation->q.data = q;
- entry->exchangeKeyInformation->q.len = 20;
- entry->exchangeKeyInformation->g.data = g;
- entry->exchangeKeyInformation->g.len = 128;
-
- entry->signatureKeyInformation = PORT_ZNew(fortKeyInformation);
- entry->signatureKeyInformation->keyFlags.data = PORT_ZAlloc(1);
- entry->signatureKeyInformation->keyFlags.data[0] = 1;
- entry->signatureKeyInformation->keyFlags.len = 1;
- key = PORT_Alloc(24);
- fort_skipjackWrap(Ks,24,xDSA,key);
- entry->signatureKeyInformation->privateKeyWrappedWithKs.data = key;
- entry->signatureKeyInformation->privateKeyWrappedWithKs.len = 24;
- entry->signatureKeyInformation->derPublicKey.data = pubKey;
- entry->signatureKeyInformation->derPublicKey.len = pubKeyLen;
- entry->signatureKeyInformation->p.data = p;
- entry->signatureKeyInformation->p.len = 128;
- entry->signatureKeyInformation->q.data = q;
- entry->signatureKeyInformation->q.len = 20;
- entry->signatureKeyInformation->g.data = g;
- entry->signatureKeyInformation->g.len = 128;
- } else {
- entry->exchangeKeyInformation = NULL;
- entry->signatureKeyInformation = NULL;
- }
-
- return;
-}
-
-
-void
-makeProtectedPhrase(FORTSWFile *file, fortProtectedPhrase *prot_phrase,
- FORTSkipjackKeyPtr Ks, FORTSkipjackKeyPtr Kinit, char *phrase)
-{
- SHA1Context *sha;
- unsigned char hashout[SHA1_LENGTH];
- FORTSkipjackKey Kfek;
- unsigned int len;
- unsigned char cw[4];
- unsigned char enc_version[2];
- unsigned char *data = NULL;
- int keySize;
- int i,version;
- char tmp_data[13];
-
- if (strlen(phrase) < 12) {
- PORT_Memset(tmp_data, ' ', sizeof(tmp_data));
- PORT_Memcpy(tmp_data,phrase,strlen(phrase));
- tmp_data[12] = 0;
- phrase = tmp_data;
- }
-
- /* now calculate the PBE key for fortezza */
- sha = SHA1_NewContext();
- SHA1_Begin(sha);
- version = DER_GetUInteger(&file->version);
- enc_version[0] = (version >> 8) & 0xff;
- enc_version[1] = version & 0xff;
- SHA1_Update(sha,enc_version,sizeof(enc_version));
- SHA1_Update(sha,file->derIssuer.data, file->derIssuer.len);
- SHA1_Update(sha,file->serialID.data, file->serialID.len);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- PORT_Memcpy(Kfek,hashout,sizeof(FORTSkipjackKey));
-
- keySize = sizeof(CI_KEY);
- if (Kinit) keySize = SKIPJACK_BLOCK_SIZE*2;
- data = PORT_ZAlloc(keySize);
- prot_phrase->wrappedKValue.data = data;
- prot_phrase->wrappedKValue.len = keySize;
- fort_skipjackWrap(Kfek,sizeof(CI_KEY),Ks,data);
-
- /* first, decrypt the hashed/Encrypted Memphrase */
- data = (unsigned char *) PORT_ZAlloc(SHA1_LENGTH+sizeof(cw));
-
- /* now build the hash for comparisons */
- SHA1_Begin(sha);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- SHA1_DestroyContext(sha,PR_TRUE);
-
-
- /* now calcuate the checkword and compare it */
- cw[0] = cw[1] = cw[2] = cw[3] = 0;
- for (i=0; i <5 ; i++) {
- cw[0] = cw[0] ^ hashout[i*4];
- cw[1] = cw[1] ^ hashout[i*4+1];
- cw[2] = cw[2] ^ hashout[i*4+2];
- cw[3] = cw[3] ^ hashout[i*4+3];
- }
-
- PORT_Memcpy(data,hashout,len);
- PORT_Memcpy(data+len,cw,sizeof(cw));
-
- prot_phrase->memPhraseIV.data = PORT_ZAlloc(24);
- prot_phrase->memPhraseIV.len = 24;
- PORT_Memcpy(prot_phrase->memPhraseIV.data,leafbits,SKIPJACK_LEAF_SIZE);
- fort_GenerateRandom(&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],
- SKIPJACK_BLOCK_SIZE);
- prot_phrase->kValueIV.data = PORT_ZAlloc(24);
- prot_phrase->kValueIV.len = 24;
- PORT_Memcpy(prot_phrase->kValueIV.data,leafbits,SKIPJACK_LEAF_SIZE);
- fort_GenerateRandom(&prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],
- SKIPJACK_BLOCK_SIZE);
- fort_skipjackEncrypt(Ks,&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],
- len+sizeof(cw), data,data);
-
- prot_phrase->hashedEncryptedMemPhrase.data = data;
- prot_phrase->hashedEncryptedMemPhrase.len = len+sizeof(cw);
-
- if (Kinit) {
- fort_skipjackEncrypt(Kinit,
- &prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],
- prot_phrase->wrappedKValue.len,
- prot_phrase->wrappedKValue.data,
- prot_phrase->wrappedKValue.data );
- }
-
- return;
-}
-
-
-void
-fill_in(SECItem *item,unsigned char *data, int len)
-{
- item->data = PORT_Alloc(len);
- PORT_Memcpy(item->data,data,len);
- item->len = len;
-}
-
diff --git a/security/nss/cmd/swfort/newuser/newuser.c b/security/nss/cmd/swfort/newuser/newuser.c
deleted file mode 100644
index 33b6b853a..000000000
--- a/security/nss/cmd/swfort/newuser/newuser.c
+++ /dev/null
@@ -1,1133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-#include <fcntl.h>
-#include <sys/types.h>
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-#include "cryptint.h"
-#include "blapi.h" /* program calls low level functions directly!*/
-#include "pk11func.h"
-#include "secmod.h"
-/*#include "secmodi.h"*/
-#include "cert.h"
-#include "key.h"
-#include "nss.h"
-#include "swforti.h"
-#include "secutil.h"
-#include "secrng.h"
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-#define MAX_PERSONALITIES 50
-typedef struct {
- int index;
- CI_CERT_STR label;
- CERTCertificate *cert;
-} certlist;
-
-typedef struct {
- int card;
- int index;
- CI_CERT_STR label;
- certlist valid[MAX_PERSONALITIES];
- int count;
-} Cert;
-
-
-#define EMAIL_OID_LEN 9
-#define EMAIL_OID 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01
-unsigned char emailAVA[127] = {
- 0x31, 6+EMAIL_OID_LEN, /* Set */
- 0x30, 4+EMAIL_OID_LEN, /* Sequence */
- 0x06, EMAIL_OID_LEN, EMAIL_OID,
- 0x13, 0, /* printable String */
-};
-#define EMAIL_DATA_START 8+EMAIL_OID_LEN
-
-int emailOffset[] = { 1, 3, EMAIL_DATA_START-1 };
-int offsetCount = sizeof(emailOffset)/sizeof(emailOffset[0]);
-
-unsigned char hash[20] = { 'H', 'a', 's', 'h', ' ', 'F', 'a', 'i', 'l', 'e',
- 'd', ' ', '*', '*', '*', '*', '*', '*', '*', '*' };
-unsigned char sig[40] = { 'H', 'a', 's', 'h', ' ', 'F', 'a', 'i', 'l', 'e',
- 'd', ' ', '*', '*', '*', '*', '*', '*', '*', '*',
- '>', '>', '>', ' ', 'N', 'o', 't', ' ', 'S', 'i',
- 'g', 'n', 'd', ' ', '<', '<', '<', ' ', ' ', ' ' };
-
-
-/*void *malloc(int); */
-
-unsigned char *data_start(unsigned char *buf, int length, int *data_length)
-{
- unsigned char tag;
- int used_length= 0;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return NULL;
- }
-
- *data_length = buf[used_length++];
-
- if (*data_length&0x80) {
- int len_count = *data_length & 0x7f;
-
- *data_length = 0;
-
- while (len_count-- > 0) {
- *data_length = (*data_length << 8) | buf[used_length++];
- }
- }
-
- if (*data_length > (length-used_length) ) {
- *data_length = length-used_length;
- return NULL;
- }
-
- return (buf + used_length);
-}
-
-unsigned char *
-GetAbove(unsigned char *cert,int cert_length,int *above_len)
-{
- unsigned char *buf = cert;
- int buf_length = cert_length;
- unsigned char *tmp;
- int len;
-
- *above_len = 0;
-
- /* optional serial number */
- if ((buf[0] & 0xa0) == 0xa0) {
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- }
- /* serial number */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the OID */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* issuer */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the date */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
-
- *above_len = buf - cert;
- return cert;
-}
-
-unsigned char *
-GetSubject(unsigned char *cert,int cert_length,int *subj_len) {
- unsigned char *buf = cert;
- int buf_length = cert_length;
- unsigned char *tmp;
- int len;
-
- *subj_len = 0;
-
- /* optional serial number */
- if ((buf[0] & 0xa0) == 0xa0) {
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- }
- /* serial number */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the OID */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* issuer */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the date */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
-
- return data_start(buf,buf_length,subj_len);
-}
-
-unsigned char *
-GetBelow(unsigned char *cert,int cert_length,int *below_len) {
- unsigned char *subj;
- int subj_len;
- unsigned char *below;
-
- *below_len = 0;
-
- subj = GetSubject(cert,cert_length,&subj_len);
-
- below = subj + subj_len;
- *below_len = cert_length - (below - cert);
- return below;
-}
-
-unsigned char *
-GetSignature(unsigned char *sig,int sig_length,int *subj_len) {
- unsigned char *buf = sig;
- int buf_length = sig_length;
- unsigned char *tmp;
- int len;
-
- *subj_len = 0;
-
- /* signature oid */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* signature data */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
-
- *subj_len = len -1;
- return tmp+1;
-}
-
-int DER_Sequence(unsigned char *buf, int length) {
- int next = 0;
-
- buf[next++] = 0x30;
- if (length < 0x80) {
- buf[next++] = length;
- } else {
- buf[next++] = 0x82;
- buf[next++] = (length >> 8) & 0xff;
- buf[next++] = length & 0xff;
- }
- return next;
-}
-
-static
-int Cert_length(unsigned char *buf, int length) {
- unsigned char tag;
- int used_length= 0;
- int data_length;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return 0;
- }
-
- data_length = buf[used_length++];
-
- if (data_length&0x80) {
- int len_count = data_length & 0x7f;
-
- data_length = 0;
-
- while (len_count-- > 0) {
- data_length = (data_length << 8) | buf[used_length++];
- }
- }
-
- if (data_length > (length-used_length) ) {
- return length;
- }
-
- return (data_length + used_length);
-}
-
-int
-InitCard(int card, char *inpass) {
- int cirv;
- char buf[50];
- char *pass;
-
- cirv = CI_Open( 0 /* flags */, card);
- if (cirv != CI_OK) return cirv;
-
- if (inpass == NULL) {
- sprintf(buf,"Enter PIN for card in socket %d: ",card);
- pass = SECU_GetPasswordString(NULL, buf);
-
- if (pass == NULL) {
- CI_Close(CI_POWER_DOWN_FLAG,card);
- return CI_FAIL;
- }
- } else pass=inpass;
-
- cirv = CI_CheckPIN(CI_USER_PIN,(unsigned char *)pass);
- if (cirv != CI_OK) {
- CI_Close(CI_POWER_DOWN_FLAG,card);
- }
- return cirv;
-}
-
-int
-isUser(CI_PERSON *person) {
- return 1;
-}
-
-int
-isCA(CI_PERSON *person) {
- return 0;
-}
-
-int FoundCert(int card, char *name, Cert *cert) {
- CI_PERSON personalities[MAX_PERSONALITIES];
- CI_PERSON *person;
- int cirv;
- int i;
- int user_len = strlen(name);
-
- PORT_Memset(personalities, 0, sizeof(CI_PERSON)*MAX_PERSONALITIES);
-
- cirv = CI_GetPersonalityList(MAX_PERSONALITIES,personalities);
- if (cirv != CI_OK) return 0;
-
-
- cert->count = 1;
- cert->valid[0].index = 0;
- memcpy(cert->valid[0].label,"RRXX0000Root PAA Certificate ",
- sizeof(cert->valid[0].label));
- cert->valid[0].cert = NULL;
- for (i=0; i < MAX_PERSONALITIES; i++) {
- person = &personalities[i];
- if ( (PORT_Memcmp(person->CertLabel,"RRXX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"RTXX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"LAXX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"INKS",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"INKX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"ONKS",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"ONKX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"KEAK",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"3IKX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"DSA1",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"DSAI",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"DSAO",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"3IXS",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"3OXS",4) == 0) ){
- int index;
-
- cert->valid[cert->count].cert = NULL;
- memcpy(cert->valid[cert->count].label,
- person->CertLabel,sizeof(person->CertLabel));
- for (index = sizeof(person->CertLabel)-1;
- cert->valid[cert->count].label[index] == ' '; index--) {
- cert->valid[cert->count].label[index] = 0;
- }
- cert->valid[cert->count++].index = person->CertificateIndex;
- }
- }
- for (i=0; i < MAX_PERSONALITIES; i++) {
- person = &personalities[i];
- if (strncmp((char *)&person->CertLabel[8],name,user_len) == 0) {
- cert->card = card;
- cert->index = person->CertificateIndex;
- memcpy(&cert->label,person->CertLabel,sizeof(person->CertLabel));
- return 1;
- }
- }
- return 0;
-}
-
-void
-Terminate(char *mess, int cirv, int card1, int card2)
-{
- fprintf(stderr,"FAIL: %s error %d\n",mess,cirv);
- if (card1 != -1) CI_Close(CI_POWER_DOWN_FLAG,card1);
- if (card2 != -1) CI_Close(CI_POWER_DOWN_FLAG,card2);
- CI_Terminate();
- exit(1);
-}
-
-void
-usage(char *prog)
-{
- fprintf(stderr,"usage: %s [-e email][-t transport][-u userpin][-U userpass][-s ssopin][-S ssopass][-o outfile] common_name ca_label\n",prog);
- exit(1);
-}
-
-#define CERT_SIZE 2048
-
-
-/* version and oid */
-unsigned char header[] = {
- /* Cert OID */
- 0x02, 0x10,
- 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- 0x30, 0x0b, 0x06, 0x09,
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13 };
-
-#define KEY_START 21
-#define KMID_OFFSET 4
-#define KEA_OFFSET 15
-#define DSA_OFFSET 148
-unsigned char key[] = {
- /* Sequence(Constructed): 293 bytes (0x125) */
- 0x30, 0x82, 0x01, 0x25,
- /*Sequence(Constructed): 11 bytes (0xb) */
- 0x30, 0x0b,
- /* ObjectId(Universal): 9 bytes (0x9) */
- 0x06, 0x09,
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x14,
- /* BitString(Universal): 276 bytes (0x114) */
- 0x03, 0x82, 0x01, 0x14,
- 0x00, 0x00, 0x01, 0xef, 0x04, 0x01, 0x00, 0x01,
- 0x00, 0x00, 0x69, 0x60, 0x70, 0x00, 0x80, 0x02,
- 0x2e, 0x46, 0xb9, 0xcb, 0x22, 0x72, 0x0b, 0x1c,
- 0xe6, 0x25, 0x20, 0x16, 0x86, 0x05, 0x8e, 0x2b,
- 0x98, 0xd1, 0x46, 0x3d, 0x00, 0xb8, 0x69, 0xe1,
- 0x1a, 0x42, 0x7d, 0x7d, 0xb5, 0xbf, 0x9f, 0x26,
- 0xd3, 0x2c, 0xb1, 0x73, 0x01, 0xb6, 0xb2, 0x6f,
- 0x7b, 0xa5, 0x54, 0x85, 0x60, 0x77, 0x81, 0x8a,
- 0x87, 0x86, 0xe0, 0x2d, 0xbf, 0xdb, 0x28, 0xe8,
- 0xfa, 0x20, 0x35, 0xb4, 0xc0, 0x94, 0x10, 0x8e,
- 0x1c, 0x58, 0xaa, 0x02, 0x60, 0x97, 0xf5, 0xb3,
- 0x2f, 0xf8, 0x99, 0x29, 0x28, 0x73, 0x47, 0x36,
- 0xdd, 0x1d, 0x78, 0x95, 0xeb, 0xb8, 0xec, 0x45,
- 0x96, 0x69, 0x6f, 0x54, 0xc8, 0x1f, 0x2d, 0x3a,
- 0xd9, 0x0e, 0x8e, 0xaa, 0x59, 0x11, 0x8c, 0x3b,
- 0x8d, 0xa4, 0xed, 0xf2, 0x7d, 0xdc, 0x42, 0xaa,
- 0xa4, 0xd2, 0x1c, 0xb9, 0x87, 0xd0, 0xd9, 0x3d,
- 0x8e, 0x89, 0xbb, 0x06, 0x54, 0xcf, 0x32, 0x00,
- 0x02, 0x00, 0x00, 0x80, 0x0b, 0x80, 0x6c, 0x0f,
- 0x71, 0xd1, 0xa1, 0xa9, 0x26, 0xb4, 0xf1, 0xcd,
- 0x6a, 0x7a, 0x09, 0xaa, 0x58, 0x28, 0xd7, 0x35,
- 0x74, 0x8e, 0x7c, 0x83, 0xcb, 0xfe, 0x00, 0x3b,
- 0x62, 0x00, 0xfb, 0x90, 0x37, 0xcd, 0x93, 0xcf,
- 0xf3, 0xe4, 0x6d, 0x8d, 0xdd, 0xb8, 0x53, 0xe0,
- 0x5c, 0xda, 0x1a, 0x7e, 0x56, 0x03, 0x95, 0x03,
- 0x2f, 0x74, 0x86, 0xb1, 0xa0, 0xbb, 0x05, 0x91,
- 0xe4, 0x76, 0x83, 0xe6, 0x62, 0xf9, 0x12, 0x64,
- 0x5a, 0x62, 0xd8, 0x94, 0x04, 0x1f, 0x83, 0x02,
- 0x2e, 0xc5, 0xa7, 0x17, 0x46, 0x46, 0x21, 0x96,
- 0xc3, 0xa9, 0x8e, 0x92, 0x18, 0xd1, 0x52, 0x08,
- 0x1d, 0xff, 0x8e, 0x24, 0xdb, 0x6c, 0xd8, 0xfe,
- 0x80, 0x93, 0xe1, 0xa5, 0x4a, 0x0a, 0x37, 0x24,
- 0x18, 0x07, 0xbe, 0x0f, 0xaf, 0x73, 0xea, 0x50,
- 0x64, 0xa1, 0xb3, 0x77, 0xe5, 0x41, 0x02, 0x82,
- 0x39, 0xb9, 0xe3, 0x94
-};
-
-unsigned char valitity[] = {
- 0x30, 0x1e,
- 0x17, 0x0d,
- '2','0','0','0','0','1','0','1','0','0','0','0','Z',
- 0x17, 0x0d,
- '2','0','0','5','1','2','0','1','0','0','0','0','Z'
-};
-
-
-unsigned char cnam_oid[] = { 0x06, 0x03, 0x55, 0x04, 0x03 };
-
-unsigned char signature[] = {
- /* the OID */
- 0x30, 0x0b, 0x06, 0x09,
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13,
- /* signature wrap */
- 0x03, 0x29, 0x00,
- /* 40 byte dsa signature */
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-
-unsigned char fortezza_oid [] = {
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13
-};
-
-unsigned char software_ou[] = {
- 0x31, 26, 0x30, 24,
- 0x06, 0x03, 0x55, 0x04, 0x0b,
- 0x13, 17,
- 'S','o','f','t','w',
- 'a','r','e',' ','F',
- 'O','R','T','E','Z','Z','A'
-};
-
-
-char letterarray[] = {
- 'a','b','c','d','e','f','g','h','i','j','k','l','m','n',
- 'o','p','q','r','s','t','u','v','w','x','y','z' };
-
-char constarray[] = {
- 'b','c','d','f','g','h','j','k','l','m','n',
- 'p','q','r','s','t','v','w','x','y','z' };
-
-char vowelarray[] = {
- 'a','e','i','o','u','y' };
-
-char digitarray[] = {
- '0','1','2','3','4','5','6','7','8','9' };
-
-unsigned long
-getRandom(unsigned long max) {
- unsigned short data;
- unsigned long result;
-
- fort_GenerateRandom((unsigned char *)&data,sizeof(data));
-
- result = (unsigned long)data * max;
- result = result >> 16;
- return result;
-}
-
-
-char getLetter(void)
-{
- return letterarray[getRandom(sizeof(letterarray))];
-}
-char getVowel(void)
-{
- return vowelarray[getRandom(sizeof(vowelarray))];
-}
-char getDigit(void)
-{
- return digitarray[getRandom(sizeof(digitarray))];
-}
-
-char getConst(void)
-{
- return constarray[getRandom(sizeof(constarray))];
-}
-
-char *getPinPhrase(void)
-{
- char * pass = PORT_ZAlloc(5);
-
- pass[0] = getDigit();
- pass[1] = getDigit();
- pass[2] = getDigit();
- pass[3] = getDigit();
-
- return pass;
-}
-
-char *getPassPhrase(void)
-{
- char * pass = PORT_ZAlloc(13);
-
- pass[0] = getConst()+'A'-'a';
- pass[1] = getVowel();
- pass[2] = getConst();
- pass[3] = getVowel();
- pass[4] = getConst();
- pass[5] = getVowel();
- pass[6] = getConst();
- pass[7] = getDigit();
- pass[8] = getDigit();
- pass[9] = getDigit();
- pass[10] = getDigit();
- pass[11] = getLetter()+'A'-'a';
-
- return pass;
-}
-
-extern void
-makeCertSlot(fortSlotEntry * entry,
- int index,
- char * label,
- SECItem * cert,
- FORTSkipjackKeyPtr Ks,
- unsigned char *xKEA,
- unsigned char *xDSA,
- unsigned char *pubKey,
- int pubKeyLen,
- unsigned char *p,
- unsigned char *q,
- unsigned char *g);
-
-extern void
-makeProtectedPhrase(FORTSWFile * file,
- fortProtectedPhrase *prot_phrase,
- FORTSkipjackKeyPtr Ks,
- FORTSkipjackKeyPtr Kinit,
- char * phrase);
-
-extern void
-fill_in(SECItem *item, unsigned char *data, int len);
-
-char *userLabel = "INKS0002 ";
-int main(int argc, char **argv)
-{
- char *progname = *argv++;
- char *commonName = NULL;
- char *caname = NULL;
- char *email = NULL;
- char *outname = NULL;
- char *cp;
- int arg_count = 0;
- Cert caCert;
- SECItem userCert;
- int cirv,i;
- int cards, start;
- unsigned char *subject;
- int subject_len;
- int signature_len = sizeof(signature);
- int newSubject_len, newCertBody_len, len;
- int cname1_len, cname_len, pstring_len;
- int valitity_len = sizeof(valitity);
- unsigned char origCert[CERT_SIZE];
- unsigned char newSubject[CERT_SIZE];
- unsigned char newCertBody[CERT_SIZE];
- unsigned char newCert[CERT_SIZE];
- unsigned char pstring[CERT_SIZE];
- unsigned char cname1[CERT_SIZE];
- unsigned char cname[CERT_SIZE];
- CERTCertificate *myCACert = NULL;
- CERTCertificate *cert;
- CERTCertDBHandle *certhandle;
- SECStatus rv;
- unsigned char serial[16];
- SECKEYPublicKey *pubKey;
- DSAPrivateKey *keaPrivKey;
- DSAPrivateKey *dsaPrivKey;
- CI_RANDOM randomVal;
- PQGParams *params;
- int pca_index = -1;
- unsigned char *p,*q,*g;
- FORTSkipjackKey Ks;
- FORTSkipjackKey Kinit;
- FORTSWFile *file;
- FORTSignedSWFile *signed_file;
- FORTSignedSWFile *signed_file2;
- unsigned char random[20];
- unsigned char vers;
- unsigned char *data;
- char *transportPin=NULL;
- char *ssoMemPhrase=NULL;
- char *userMemPhrase=NULL;
- char *ssoPin=NULL;
- char *userPin=NULL;
- char *pass=NULL;
- SECItem *outItem;
- int email_len = 0;
- int emailAVA_len = 0;
-
-
- /* put better argument parsing here */
- while ((cp = *argv++) != NULL) {
- if (*cp == '-') {
- while (*++cp) {
- switch (*cp) {
- /* verbose mode */
- case 'e':
- email = *argv++;
- break;
- /* explicitly set the target */
- case 'o':
- outname = *argv++;
- break;
- case 't':
- /* provide password on command line */
- transportPin = *argv++;
- break;
- case 'u':
- /* provide user password on command line */
- userPin = *argv++;
- break;
- case 'U':
- /* provide user password on command line */
- userMemPhrase = *argv++;
- break;
- case 's':
- /* provide user password on command line */
- ssoPin = *argv++;
- break;
- case 'S':
- /* provide user password on command line */
- ssoMemPhrase = *argv++;
- break;
- case 'p':
- /* provide card password on command line */
- pass = *argv++;
- break;
- case 'd':
- transportPin="test1234567890";
- ssoMemPhrase="sso1234567890";
- userMemPhrase="user1234567890";
- ssoPin="9999";
- userPin="0000";
- break;
- default:
- usage(progname);
- break;
- }
- }
- } else switch (arg_count++) {
- case 0:
- commonName = cp;
- break;
- case 1:
- caname = cp;
- break;
- default:
- usage(progname);
- }
- }
-
- if (outname == NULL) outname = "swfort.sfi";
- if (caname == NULL) usage(progname);
-
-
-
- caCert.card = -1;
- memset(newCert,0,CERT_SIZE);
-
- if (commonName == NULL) usage(progname);
-
-
- cirv = CI_Initialize(&cards);
-
- start = 0;
- for (i=0; i < cards; i++) {
- cirv = InitCard(i+1,pass);
- if (cirv == CI_OK) {
- if (FoundCert(i+1,caname,&caCert)) {
- break;
- }
- }
- }
-
- if (caCert.card == -1) {
- fprintf(stderr,
- "WARNING: Couldn't find Signing CA...new cert will not be signed\n");
- }
-
-
- /*
- * initialize enough security to deal with certificates.
- */
- NSS_NoDB_Init(NULL);
- certhandle = CERT_GetDefaultCertDB();
- if (certhandle == NULL) {
- Terminate("Couldn't build temparary Cert Database",
- 1, -1, caCert.card);
- exit(1);
- }
-
- CI_GenerateRandom(random);
- RNG_RandomUpdate(random,sizeof(random));
- CI_GenerateRandom(random);
- RNG_RandomUpdate(random,sizeof(random));
-
-
- if (transportPin == NULL) transportPin = getPassPhrase();
- if (ssoMemPhrase == NULL) ssoMemPhrase = getPassPhrase();
- if (userMemPhrase == NULL) userMemPhrase = getPassPhrase();
- if (ssoPin == NULL) ssoPin = getPinPhrase();
- if (userPin == NULL) userPin = getPinPhrase();
-
-
-
- /* now dump the certs into the temparary data base */
- for (i=0; i < caCert.count; i++) {
- int trusted = 0;
- SECItem derCert;
-
- cirv = CI_Select(caCert.card);
- if (cirv != CI_OK) {
- Terminate("Couldn't select on CA card",cirv,
- -1, caCert.card);
- }
- cirv = CI_GetCertificate(caCert.valid[i].index,origCert);
- if (cirv != CI_OK) {
- continue;
- }
- derCert.data = origCert;
- derCert.len = Cert_length(origCert, sizeof(origCert));
- cert =
- (CERTCertificate *)CERT_NewTempCertificate(certhandle,&derCert, NULL,
- PR_FALSE, PR_TRUE);
- caCert.valid[i].cert = cert;
- if (cert == NULL) continue;
- if (caCert.valid[i].index == caCert.index) myCACert=cert;
- if (caCert.valid[i].index == atoi((char *)&caCert.label[4]))
- pca_index = i;
- }
-
- if (myCACert == NULL) {
- Terminate("Couldn't find CA's Certificate", 1, -1, caCert.card);
- exit(1);
- }
-
-
- /*
- * OK now build the user cert.
- */
- /* first get the serial number and KMID */
- cirv = CI_GenerateRandom(randomVal);
- memcpy(&header[2],randomVal,sizeof(serial));
- memcpy(serial,randomVal,sizeof(serial));
- memcpy(&key[KEY_START+KMID_OFFSET],randomVal+sizeof(serial),7);
- /* KMID */
-
- /* now generate the keys */
- pubKey = CERT_ExtractPublicKey(myCACert);
- if (pubKey == NULL) {
- Terminate("Couldn't extract CA's public key",
- 1, -1, caCert.card);
- exit(1);
- }
-
-
- switch (pubKey->keyType) {
- case fortezzaKey:
- params = (PQGParams *)&pubKey->u.fortezza.params;
- break;
- case dsaKey:
- params = (PQGParams *)&pubKey->u.dsa.params;
- break;
- default:
- Terminate("Certificate is not a fortezza or DSA Cert",
- 1, -1, caCert.card);
- exit(1);
- }
-
- rv = DSA_NewKey(params,&keaPrivKey);
- if (rv != SECSuccess) {
- Terminate("Couldn't Generate KEA key",
- PORT_GetError(), -1, caCert.card);
- exit(1);
- }
- rv = DSA_NewKey(params,&dsaPrivKey);
- if (rv != SECSuccess) {
- Terminate("Couldn't Generate DSA key",
- PORT_GetError(), -1, caCert.card);
- exit(1);
- }
-
- if (keaPrivKey->publicValue.len == 129)
- keaPrivKey->publicValue.data++;
- if (dsaPrivKey->publicValue.len == 129)
- dsaPrivKey->publicValue.data++;
- if (keaPrivKey->privateValue.len == 21)
- keaPrivKey->privateValue.data++;
- if (dsaPrivKey->privateValue.len == 21)
- dsaPrivKey->privateValue.data++;
-
- /* save the parameters */
- p = params->prime.data;
- if (params->prime.len == 129) p++;
- q = params->subPrime.data;
- if (params->subPrime.len == 21) q++;
- g = params->base.data;
- if (params->base.len == 129) g++;
-
- memcpy(&key[KEY_START+KEA_OFFSET],
- keaPrivKey->publicValue.data,
- keaPrivKey->publicValue.len);
- memcpy(&key[KEY_START+DSA_OFFSET],
- dsaPrivKey->publicValue.data,
- dsaPrivKey->publicValue.len);
-
- /* build the der subject */
- subject = data_start(myCACert->derSubject.data,myCACert->derSubject.len,
- &subject_len);
-
- /* build the new Common name AVA */
- len = DER_Sequence(pstring,strlen(commonName));
- memcpy(pstring+len,commonName,strlen(commonName));
- len += strlen(commonName);
- pstring_len = len;
- pstring[0] = 0x13;
-
- len = DER_Sequence(cname1,sizeof(cnam_oid)+pstring_len);
- memcpy(cname1+len,cnam_oid,sizeof(cnam_oid)); len += sizeof(cnam_oid);
- memcpy(cname1+len,pstring,pstring_len); len += pstring_len;
- cname1_len = len;
-
- len = DER_Sequence(cname, cname1_len);
- memcpy(cname+len,cname1,cname1_len); len += cname1_len;
- cname_len = len;
- cname[0] = 0x31; /* make it a set rather than a sequence */
-
- if (email) {
- email_len = strlen(email);
- emailAVA_len = EMAIL_DATA_START + email_len;
- }
-
- /* now assemble it */
- len = DER_Sequence(newSubject,subject_len + sizeof(software_ou) +
- cname_len + emailAVA_len);
- memcpy(newSubject+len,subject,subject_len);
-
- for (i=0; i < subject_len; i++) {
- if (memcmp(newSubject+len+i,cnam_oid,sizeof(cnam_oid)) == 0) {
- newSubject[i+len+4] = 0x0b; /* change CN to OU */
- break;
- }
- }
- len += subject_len;
- memcpy(newSubject+len,software_ou,sizeof(software_ou));
- len += sizeof(software_ou);
- memcpy(newSubject+len,cname,cname_len); len += cname_len;
- newSubject_len = len;
-
- /*
- * build the email AVA
- */
- if (email) {
- memcpy(&emailAVA[EMAIL_DATA_START],email,email_len);
- for (i=0; i < offsetCount; i++) {
- emailAVA[emailOffset[i]] += email_len;
- }
- memcpy(newSubject+len,emailAVA,emailAVA_len);
- newSubject_len += emailAVA_len;
- }
-
-
- /*
- * Assemble the Cert
- */
-
- len = DER_Sequence(newCertBody,sizeof(header)+newSubject_len+
- valitity_len+myCACert->derSubject.len+sizeof(key));
- memcpy(newCertBody+len,header,sizeof(header));len += sizeof(header);
- memcpy(newCertBody+len,myCACert->derSubject.data,
- myCACert->derSubject.len);len += myCACert->derSubject.len;
- memcpy(newCertBody+len,valitity,valitity_len);len += valitity_len;
- memcpy(newCertBody+len,newSubject,newSubject_len);
- len += newSubject_len;
- memcpy(newCertBody+len,key,sizeof(key));len += sizeof(key);
- newCertBody_len = len;
-
-
- /*
- * generate the hash
- */
- cirv = CI_InitializeHash();
- if (cirv == CI_OK) {
- int hash_left = newCertBody_len & 63;
- int hash_len = newCertBody_len - hash_left;
- cirv = CI_Hash(hash_len,newCertBody);
- if (cirv == CI_OK) {
- cirv = CI_GetHash(hash_left,newCertBody+hash_len,hash);
- }
- }
-
- /*
- * now sign the hash
- */
- if ((cirv == CI_OK) && (caCert.card != -1)) {
- cirv = CI_Select(caCert.card);
- if (cirv == CI_OK) {
- cirv = CI_SetPersonality(caCert.index);
- if (cirv == CI_OK) {
- cirv = CI_Sign(hash,sig);
- }
- }
- } else cirv = -1;
-
- if (cirv != CI_OK) {
- memcpy(sig,hash,sizeof(hash));
- }
-
- /*
- * load in new signature
- */
- {
- int sig_len;
- unsigned char *sig_start =
- GetSignature(signature,signature_len,&sig_len);
- memcpy(sig_start,sig,sizeof(sig));
- }
-
- /*
- * now do the final wrap
- */
- len = DER_Sequence(newCert,newCertBody_len+signature_len);
- memcpy(newCert+len,newCertBody,newCertBody_len); len += newCertBody_len;
- memcpy(newCert+len, signature, signature_len); len +=signature_len;
- userCert.data = newCert;
- userCert.len = len;
-
-
- /* OK, we now have our cert, let's go build our software file */
- signed_file = PORT_ZNew(FORTSignedSWFile);
- file = &signed_file->file;
-
- signed_file->signatureWrap.signature.data = PORT_ZAlloc(40);
- signed_file->signatureWrap.signature.len = 40;
- signed_file->signatureWrap.signatureAlgorithm.algorithm.data =
- fortezza_oid;
- signed_file->signatureWrap.signatureAlgorithm.algorithm.len =
- sizeof(fortezza_oid);
-
- vers = 1;
- fill_in(&file->version,&vers,1);
- file->derIssuer.data = myCACert->derSubject.data;
- file->derIssuer.len = myCACert->derSubject.len;
- file->serialID.data = serial;
- file->serialID.len =sizeof(serial);
- /* generate out Ks value */
- fort_GenerateRandom(Ks,sizeof(Ks));
- makeProtectedPhrase(file,&file->initMemPhrase,Kinit,NULL,transportPin);
- makeProtectedPhrase(file,&file->ssoMemPhrase,Ks,Kinit,ssoMemPhrase);
- makeProtectedPhrase(file,&file->ssoPinPhrase,Ks,Kinit,ssoPin);
- makeProtectedPhrase(file,&file->userMemPhrase,Ks,Kinit,userMemPhrase);
- makeProtectedPhrase(file,&file->userPinPhrase,Ks,Kinit,userPin);
- file->wrappedRandomSeed.data = PORT_ZAlloc(12);
- file->wrappedRandomSeed.len = 12;
- cirv = fort_GenerateRandom(file->wrappedRandomSeed.data,10);
- if (cirv != CI_OK) {
- Terminate("Couldn't get Random Seed",
- cirv, -1, caCert.card);
- }
- fort_skipjackWrap(Ks,12,file->wrappedRandomSeed.data,
- file->wrappedRandomSeed.data);
- file->slotEntries = PORT_ZAlloc(sizeof(fortSlotEntry *)*5);
- /* paa */
- file->slotEntries[0] = PORT_ZNew(fortSlotEntry);
- makeCertSlot(file->slotEntries[0],0,
- (char *)caCert.valid[0].label,
- &caCert.valid[0].cert->derCert,
- Ks,NULL,NULL,NULL,0,p,q,g);
- /* pca */
- file->slotEntries[1] = PORT_ZNew(fortSlotEntry);
- makeCertSlot(file->slotEntries[1],1,
- (char *)caCert.valid[pca_index].label,
- &caCert.valid[pca_index].cert->derCert,
- Ks,NULL,NULL,NULL,0,p,q,g);
- /* ca */
- file->slotEntries[2] = PORT_ZNew(fortSlotEntry);
- /* make sure the caCert lable points to our new pca slot location */
- caCert.label[4] = '0';
- caCert.label[5] = '0';
- caCert.label[6] = '0';
- caCert.label[7] = '1';
- makeCertSlot(file->slotEntries[2],2,(char *)caCert.label,
- &myCACert->derCert,Ks,NULL,NULL,NULL,0,p,q,g);
- /* user */
- file->slotEntries[3] = PORT_ZNew(fortSlotEntry);
- strncpy(&userLabel[8],commonName,sizeof(CI_PERSON)-8);
- makeCertSlot(file->slotEntries[3],3,userLabel,&userCert,Ks,
- keaPrivKey->privateValue.data,
- dsaPrivKey->privateValue.data,
- key, sizeof(key), p, q, g);
- file->slotEntries[4] = 0;
-
- /* encode the file so we can sign it */
- outItem = FORT_PutSWFile(signed_file);
-
- /* get the der encoded data to sign */
- signed_file2 = FORT_GetSWFile(outItem);
-
- /* now sign it */
- len = signed_file2->signatureWrap.data.len;
- data = signed_file2->signatureWrap.data.data;
- /*
- * generate the hash
- */
- cirv = CI_InitializeHash();
- if (cirv == CI_OK) {
- int hash_left = len & 63;
- int hash_len = len - hash_left;
- cirv = CI_Hash(hash_len,data);
- if (cirv == CI_OK) {
- cirv = CI_GetHash(hash_left,data+hash_len,hash);
- }
- }
-
- /*
- * now sign the hash
- */
- if ((cirv == CI_OK) && (caCert.card != -1)) {
- cirv = CI_Select(caCert.card);
- if (cirv == CI_OK) {
- cirv = CI_SetPersonality(caCert.index);
- if (cirv == CI_OK) {
- cirv = CI_Sign(hash,sig);
- }
- }
- } else cirv = -1;
-
- if (cirv != CI_OK) {
- memcpy(sig,hash,sizeof(hash));
- }
- memcpy( signed_file->signatureWrap.signature.data,sig,sizeof(sig));
- signed_file->signatureWrap.signature.len = sizeof(sig)*8;
-
-
- /* encode it for the last time */
- outItem = FORT_PutSWFile(signed_file);
-
-
- /*
- * write it out to the .sfi file
- */
- {
- int fd = open(outname,O_WRONLY|O_CREAT|O_BINARY,0777);
-
- write(fd,outItem->data,outItem->len);
- close(fd);
- }
- CI_Close(CI_POWER_DOWN_FLAG,caCert.card);
- CI_Terminate();
-
- printf("Wrote %s to file %s.\n",commonName,outname);
- printf("Initialization Memphrase: %s\n",transportPin);
- printf("SSO Memphrase: %s\n",ssoMemPhrase);
- printf("User Memphrase: %s\n",userMemPhrase);
- printf("SSO pin: %s\n",ssoPin);
- printf("User pin: %s\n",userPin);
-
- return 0;
-}
-
diff --git a/security/nss/cmd/tests/Makefile b/security/nss/cmd/tests/Makefile
deleted file mode 100644
index da66e20df..000000000
--- a/security/nss/cmd/tests/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/tests/manifest.mn b/security/nss/cmd/tests/manifest.mn
deleted file mode 100644
index 878effc3c..000000000
--- a/security/nss/cmd/tests/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = remtest.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-PROGRAMS = $(CSRCS:.c=)
-
-TARGETS = $(PROGRAMS)
-
-#NO_MD_RELEASE = 1
diff --git a/security/nss/cmd/tests/remtest.c b/security/nss/cmd/tests/remtest.c
deleted file mode 100644
index b17bc0f8b..000000000
--- a/security/nss/cmd/tests/remtest.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-**
-** Sample client side test program that uses SSL and libsec
-**
-*/
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#else
-#include "ctype.h" /* for isalpha() */
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-#include "pk11func.h"
-#include "plgetopt.h"
-
-void
-Usage(char *progName)
-{
- fprintf(stderr,"usage: %s [-d profiledir] -t tokenName [-r]\n", progName);
- exit(1);
-}
-
-int main(int argc, char **argv)
-{
- char * certDir = NULL;
- PLOptState *optstate;
- PLOptStatus optstatus;
- SECStatus rv;
- char * tokenName = NULL;
- PRBool cont=PR_TRUE;
- PK11TokenEvent event = PK11TokenPresentEvent;
- PK11TokenStatus status;
- char *progName;
- PK11SlotInfo *slot;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "rd:t:");
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
-
- case 'd':
- certDir = strdup(optstate->value);
- certDir = SECU_ConfigDirectory(certDir);
- break;
- case 't':
- tokenName = strdup(optstate->value);
- break;
- case 'r':
- event = PK11TokenRemovedOrChangedEvent;
- break;
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if (tokenName == NULL) {
- Usage(progName);
- }
-
- if (!certDir) {
- certDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */
- certDir = SECU_ConfigDirectory(certDir); /* call even if it's NULL */
- }
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- /* open the cert DB, the key DB, and the secmod DB. */
- rv = NSS_Init(certDir);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to open cert database");
- return 1;
- }
-
- printf("Looking up tokenNamed: <%s>\n",tokenName);
- slot = PK11_FindSlotByName(tokenName);
- if (slot == NULL) {
- SECU_PrintError(progName, "unable to find token");
- return 1;
- }
-
- do {
- status =
- PK11_WaitForTokenEvent(slot,event,PR_INTERVAL_NO_TIMEOUT, 0, 0);
-
- switch (status) {
- case PK11TokenNotRemovable:
- cont = PR_FALSE;
- printf("%s Token Not Removable\n",tokenName);
- break;
- case PK11TokenChanged:
- event = PK11TokenRemovedOrChangedEvent;
- printf("%s Token Changed\n", tokenName);
- break;
- case PK11TokenRemoved:
- event = PK11TokenPresentEvent;
- printf("%s Token Removed\n", tokenName);
- break;
- case PK11TokenPresent:
- event = PK11TokenRemovedOrChangedEvent;
- printf("%s Token Present\n", tokenName);
- break;
- }
- } while (cont);
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
-}
diff --git a/security/nss/cmd/tstclnt/Makefile b/security/nss/cmd/tstclnt/Makefile
deleted file mode 100644
index b31a4fdc8..000000000
--- a/security/nss/cmd/tstclnt/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE
-ifndef BUILD_OPT
-ifndef NS_USE_GCC
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-endif
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/tstclnt/makefile.win b/security/nss/cmd/tstclnt/makefile.win
deleted file mode 100644
index 6cf6c12cf..000000000
--- a/security/nss/cmd/tstclnt/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = tstclnt
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/tstclnt/manifest.mn b/security/nss/cmd/tstclnt/manifest.mn
deleted file mode 100644
index 8762227e4..000000000
--- a/security/nss/cmd/tstclnt/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-# DIRS =
-
-CSRCS = tstclnt.c
-
-PROGRAM = tstclnt
-
diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c
deleted file mode 100644
index 84f08f3a6..000000000
--- a/security/nss/cmd/tstclnt/tstclnt.c
+++ /dev/null
@@ -1,779 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-**
-** Sample client side test program that uses SSL and libsec
-**
-*/
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#else
-#include "ctype.h" /* for isalpha() */
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-#include "plgetopt.h"
-
-#define PRINTF if (verbose) printf
-#define FPRINTF if (verbose) fprintf
-
-#define MAX_WAIT_FOR_SERVER 600
-#define WAIT_INTERVAL 100
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
-#ifdef NSS_ENABLE_ECC
- /* NOTE: Since no new SSL2 ciphersuites are being
- * invented, and we've run out of lowercase letters
- * for SSL3 ciphers, we use letters G and beyond
- * for new SSL3 ciphers.
- */
- TLS_ECDH_ECDSA_WITH_NULL_SHA, /* G */
- TLS_ECDH_ECDSA_WITH_RC4_128_SHA, /* H */
- TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, /* I */
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, /* J */
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, /* K */
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, /* L */
- TLS_ECDH_RSA_WITH_NULL_SHA, /* M */
- TLS_ECDH_RSA_WITH_RC4_128_SHA, /* N */
- TLS_ECDH_RSA_WITH_DES_CBC_SHA, /* O */
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, /* P */
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, /* Q */
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, /* R */
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, /* S */
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, /* T */
-#endif /* NSS_ENABLE_ECC */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
- SSL_DHE_RSA_WITH_DES_CBC_SHA, /* r */
- SSL_DHE_DSS_WITH_DES_CBC_SHA, /* s */
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- SSL_RSA_WITH_NULL_SHA, /* z */
- 0
-};
-
-unsigned long __cmp_umuls;
-PRBool verbose;
-
-static char *progName;
-
-/* This exists only for the automated test suite. It allows us to
- * pass in a password on the command line.
- */
-
-char *password = NULL;
-
-char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *passwd = NULL;
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
- return passwd;
-}
-
-void printSecurityInfo(PRFileDesc *fd)
-{
- CERTCertificate * cert;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
- SECStatus result;
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
-
- result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
- if (result == SECSuccess &&
- channel.length == sizeof channel &&
- channel.cipherSuite) {
- result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
- &suite, sizeof suite);
- if (result == SECSuccess) {
- FPRINTF(stderr,
- "tstclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
- channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
- suite.effectiveKeyBits, suite.symCipherName,
- suite.macBits, suite.macAlgorithmName);
- FPRINTF(stderr,
- "tstclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
- channel.authKeyBits, suite.authAlgorithmName,
- channel.keaKeyBits, suite.keaTypeName);
- }
- }
- cert = SSL_RevealCert(fd);
- if (cert) {
- char * ip = CERT_NameToAscii(&cert->issuer);
- char * sp = CERT_NameToAscii(&cert->subject);
- if (sp) {
- fprintf(stderr, "subject DN: %s\n", sp);
- PR_Free(sp);
- }
- if (ip) {
- fprintf(stderr, "issuer DN: %s\n", ip);
- PR_Free(ip);
- }
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- fprintf(stderr,
- "%ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hsh_sid_cache_hits, ssl3stats->hsh_sid_cache_misses,
- ssl3stats->hsh_sid_cache_not_ok);
-
-}
-
-void
-handshakeCallback(PRFileDesc *fd, void *client_data)
-{
- printSecurityInfo(fd);
-}
-
-static void Usage(const char *progName)
-{
- printf(
-"Usage: %s -h host [-p port] [-d certdir] [-n nickname] [-23Tovx] \n"
-" [-c ciphers] [-w passwd] [-q]\n", progName);
- printf("%-20s Hostname to connect with\n", "-h host");
- printf("%-20s Port number for SSL server\n", "-p port");
- printf("%-20s Directory with cert database (default is ~/.netscape)\n",
- "-d certdir");
- printf("%-20s Nickname of key and cert for client auth\n", "-n nickname");
- printf("%-20s Disable SSL v2.\n", "-2");
- printf("%-20s Disable SSL v3.\n", "-3");
- printf("%-20s Disable TLS (SSL v3.1).\n", "-T");
- printf("%-20s Override bad server cert. Make it OK.\n", "-o");
- printf("%-20s Verbose progress reporting.\n", "-v");
- printf("%-20s Use export policy.\n", "-x");
- printf("%-20s Ping the server and then exit.\n", "-q");
- printf("%-20s Letter(s) chosen from the following list\n", "-c ciphers");
- printf(
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-#ifdef NSS_ENABLE_ECC
-"G TLS ECDH ECDSA WITH NULL SHA\n"
-"H TLS ECDH ECDSA WITH RC4 128 CBC SHA\n"
-"I TLS ECDH ECDSA WITH DES CBC SHA\n"
-"J TLS ECDH ECDSA WITH 3DES EDE CBC SHA\n"
-"K TLS ECDH ECDSA WITH AES 128 CBC SHA\n"
-"L TLS ECDH ECDSA WITH AES 256 CBC SHA\n"
-"M TLS ECDH RSA WITH NULL SHA\n"
-"N TLS ECDH RSA WITH RC4 128 CBC SHA\n"
-"O TLS ECDH RSA WITH DES CBC SHA\n"
-"P TLS ECDH RSA WITH 3DES EDE CBC SHA\n"
-"Q TLS ECDH RSA WITH AES 128 CBC SHA\n"
-"R TLS ECDH RSA WITH AES 256 CBC SHA\n"
-"S TLS ECDHE ECDSA WITH AES 128 CBC SHA\n"
-"T TLS ECDHE RSA WITH AES 128 CBC SHA\n"
-#endif /* NSS_ENABLE_ECC */
-"\n"
-"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
-"n SSL3 RSA WITH RC4 128 SHA\n"
-"o SSL3 DHE DSS WITH RC4 128 SHA\n"
-"p SSL3 DHE RSA WITH 3DES EDE CBC SHA\n"
-"q SSL3 DHE DSS WITH 3DES EDE CBC SHA\n"
-"r SSL3 DHE RSA WITH DES CBC SHA\n"
-"s SSL3 DHE DSS WITH DES CBC SHA\n"
-"t SSL3 DHE DSS WITH AES 128 CBC SHA\n"
-"u SSL3 DHE RSA WITH AES 128 CBC SHA\n"
-"v SSL3 RSA WITH AES 128 CBC SHA\n"
-"w SSL3 DHE DSS WITH AES 256 CBC SHA\n"
-"x SSL3 DHE RSA WITH AES 256 CBC SHA\n"
-"y SSL3 RSA WITH AES 256 CBC SHA\n"
-"z SSL3 RSA WITH NULL SHA\n"
- );
- exit(1);
-}
-
-void
-milliPause(PRUint32 milli)
-{
- PRIntervalTime ticks = PR_MillisecondsToInterval(milli);
- PR_Sleep(ticks);
-}
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- PRErrorCode err = PR_GetError();
- printf("SSL_CipherPrefSet didn't like value 0x%04x (i = %d): %s\n",
- suite, i, SECU_Strerror(err));
- exit(2);
- }
- }
-}
-
-/*
- * Callback is called when incoming certificate is not valid.
- * Returns SECSuccess to accept the cert anyway, SECFailure to reject.
- */
-static SECStatus
-ownBadCertHandler(void * arg, PRFileDesc * socket)
-{
- PRErrorCode err = PR_GetError();
- /* can log invalid cert here */
- printf("Bad server certificate: %d, %s\n", err, SECU_Strerror(err));
- return SECSuccess; /* override, say it's OK. */
-}
-
-int main(int argc, char **argv)
-{
- PRFileDesc * s;
- PRFileDesc * std_out;
- CERTCertDBHandle * handle;
- char * host = NULL;
- char * port = "443";
- char * certDir = NULL;
- char * nickname = NULL;
- char * cipherString = NULL;
- int multiplier = 0;
- SECStatus rv;
- PRStatus status;
- PRInt32 filesReady;
- PRInt32 ip;
- int npds;
- int override = 0;
- int disableSSL2 = 0;
- int disableSSL3 = 0;
- int disableTLS = 0;
- int useExportPolicy = 0;
- int file_read = 0;
- PRSocketOptionData opt;
- PRNetAddr addr;
- PRHostEnt hp;
- PRPollDesc pollset[2];
- char buf[PR_NETDB_BUF_SIZE];
- PRBool useCommandLinePassword = PR_FALSE;
- PRBool pingServerFirst = PR_FALSE;
- int error=0;
- PLOptState *optstate;
- PLOptStatus optstatus;
- PRStatus prStatus;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "23Tfc:h:p:d:m:n:oqvw:x");
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- default : Usage(progName); break;
-
- case '2': disableSSL2 = 1; break;
-
- case '3': disableSSL3 = 1; break;
-
- case 'T': disableTLS = 1; break;
-
- case 'c': cipherString = strdup(optstate->value); break;
-
- case 'h': host = strdup(optstate->value); break;
-#ifdef _WINDOWS
- case 'f': file_read = 1; break;
-#else
- case 'f': break;
-#endif
-
- case 'd':
- certDir = strdup(optstate->value);
- certDir = SECU_ConfigDirectory(certDir);
- break;
-
- case 'm':
- multiplier = atoi(optstate->value);
- if (multiplier < 0)
- multiplier = 0;
- break;
-
- case 'n': nickname = strdup(optstate->value); break;
-
- case 'o': override = 1; break;
-
- case 'p': port = strdup(optstate->value); break;
-
- case 'q': pingServerFirst = PR_TRUE; break;
-
- case 'v': verbose++; break;
-
- case 'w':
- password = PORT_Strdup(optstate->value);
- useCommandLinePassword = PR_TRUE;
- break;
-
- case 'x': useExportPolicy = 1; break;
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if (!host || !port) Usage(progName);
-
- if (!certDir) {
- certDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */
- certDir = SECU_ConfigDirectory(certDir); /* call even if it's NULL */
- }
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* set our password function */
- if ( useCommandLinePassword ) {
- PK11_SetPasswordFunc(ownPasswd);
- } else {
- PK11_SetPasswordFunc(SECU_GetModulePassword);
- }
-
- /* open the cert DB, the key DB, and the secmod DB. */
- rv = NSS_Init(certDir);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to open cert database");
-#if 0
- rv = CERT_OpenVolatileCertDB(handle);
- CERT_SetDefaultCertDB(handle);
-#else
- return 1;
-#endif
- }
- handle = CERT_GetDefaultCertDB();
-
- /* set the policy bits true for all the cipher suites. */
- if (useExportPolicy)
- NSS_SetExportPolicy();
- else
- NSS_SetDomesticPolicy();
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
- }
-
- /* Lookup host */
- status = PR_GetHostByName(host, buf, sizeof(buf), &hp);
- if (status != PR_SUCCESS) {
- SECU_PrintError(progName, "error looking up host");
- return 1;
- }
- if (PR_EnumerateHostEnt(0, &hp, atoi(port), &addr) == -1) {
- SECU_PrintError(progName, "error looking up host address");
- return 1;
- }
-
- ip = PR_ntohl(addr.inet.ip);
- PRINTF("%s: connecting to %s:%d (address=%d.%d.%d.%d)\n",
- progName, host, PR_ntohs(addr.inet.port),
- (ip >> 24) & 0xff,
- (ip >> 16) & 0xff,
- (ip >> 8) & 0xff,
- (ip >> 0) & 0xff);
-
- if (pingServerFirst) {
- int iter = 0;
- PRErrorCode err;
- do {
- s = PR_NewTCPSocket();
- if (s == NULL) {
- SECU_PrintError(progName, "Failed to create a TCP socket");
- }
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- prStatus = PR_SetSocketOption(s, &opt);
- if (prStatus != PR_SUCCESS) {
- PR_Close(s);
- SECU_PrintError(progName,
- "Failed to set blocking socket option");
- return 1;
- }
- prStatus = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus == PR_SUCCESS) {
- PR_Shutdown(s, PR_SHUTDOWN_BOTH);
- PR_Close(s);
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
- }
- err = PR_GetError();
- if ((err != PR_CONNECT_REFUSED_ERROR) &&
- (err != PR_CONNECT_RESET_ERROR)) {
- SECU_PrintError(progName, "TCP Connection failed");
- return 1;
- }
- PR_Close(s);
- PR_Sleep(PR_MillisecondsToInterval(WAIT_INTERVAL));
- } while (++iter < MAX_WAIT_FOR_SERVER);
- SECU_PrintError(progName,
- "Client timed out while waiting for connection to server");
- return 1;
- }
-
- /* Create socket */
- s = PR_NewTCPSocket();
- if (s == NULL) {
- SECU_PrintError(progName, "error creating socket");
- return 1;
- }
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_TRUE;
- PR_SetSocketOption(s, &opt);
- /*PR_SetSocketOption(PR_GetSpecialFD(PR_StandardInput), &opt);*/
-
- s = SSL_ImportFD(NULL, s);
- if (s == NULL) {
- SECU_PrintError(progName, "error importing socket");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_SECURITY, 1);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling socket");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, 1);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling client handshake");
- return 1;
- }
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED);
- if (status != SECSuccess)
- SECU_PrintError(progName, "SSL_CipherPrefSet()");
- }
- }
- }
-
- rv = SSL_OptionSet(s, SSL_ENABLE_SSL2, !disableSSL2);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling SSLv2 ");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_ENABLE_SSL3, !disableSSL3);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling SSLv3 ");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_ENABLE_TLS, !disableTLS);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling TLS ");
- return 1;
- }
-
- /* disable ssl2 and ssl2-compatible client hellos. */
- rv = SSL_OptionSet(s, SSL_V2_COMPATIBLE_HELLO, !disableSSL2);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error disabling v2 compatibility");
- return 1;
- }
-
- if (useCommandLinePassword) {
- SSL_SetPKCS11PinArg(s, password);
- }
-
- SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle);
- if (override) {
- SSL_BadCertHook(s, ownBadCertHandler, NULL);
- }
- SSL_GetClientAuthDataHook(s, NSS_GetClientAuthData, (void *)nickname);
- SSL_HandshakeCallback(s, handshakeCallback, NULL);
- SSL_SetURL(s, host);
-
- /* Try to connect to the server */
- status = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (status != PR_SUCCESS) {
- if (PR_GetError() == PR_IN_PROGRESS_ERROR) {
- if (verbose)
- SECU_PrintError(progName, "connect");
- milliPause(50 * multiplier);
- pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
- pollset[0].out_flags = 0;
- pollset[0].fd = s;
- while(1) {
- PRINTF("%s: about to call PR_Poll for connect completion!\n", progName);
- filesReady = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
- if (filesReady < 0) {
- SECU_PrintError(progName, "unable to connect (poll)");
- return 1;
- }
- PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
- progName, pollset[0].out_flags);
- if (filesReady == 0) { /* shouldn't happen! */
- PRINTF("%s: PR_Poll returned zero!\n", progName);
- return 1;
- }
- /* Must milliPause between PR_Poll and PR_GetConnectStatus,
- * Or else winsock gets mighty confused.
- * Sleep(0);
- */
- milliPause(1);
- status = PR_GetConnectStatus(pollset);
- if (status == PR_SUCCESS) {
- break;
- }
- if (PR_GetError() != PR_IN_PROGRESS_ERROR) {
- SECU_PrintError(progName, "unable to connect (poll)");
- return 1;
- }
- SECU_PrintError(progName, "poll");
- milliPause(50 * multiplier);
- }
- } else {
- SECU_PrintError(progName, "unable to connect");
- return 1;
- }
- }
-
- pollset[0].fd = s;
- pollset[0].in_flags = PR_POLL_READ;
- pollset[1].fd = PR_GetSpecialFD(PR_StandardInput);
- pollset[1].in_flags = PR_POLL_READ;
- npds = 2;
- std_out = PR_GetSpecialFD(PR_StandardOutput);
-
-
- if (file_read) {
- pollset[1].out_flags = PR_POLL_READ;
- npds=1;
- }
-
- /*
- ** Select on stdin and on the socket. Write data from stdin to
- ** socket, read data from socket and write to stdout.
- */
- PRINTF("%s: ready...\n", progName);
-
- while (pollset[0].in_flags || pollset[1].in_flags) {
- char buf[4000]; /* buffer for stdin */
- int nb; /* num bytes read from stdin. */
-
- pollset[0].out_flags = 0;
- if (!file_read) {
- pollset[1].out_flags = 0;
- }
-
- PRINTF("%s: about to call PR_Poll !\n", progName);
- if (pollset[1].in_flags && file_read) {
- filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_WAIT);
- filesReady++;
- } else {
- filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_TIMEOUT);
- }
- if (filesReady < 0) {
- SECU_PrintError(progName, "select failed");
- error=1;
- goto done;
- }
- if (filesReady == 0) { /* shouldn't happen! */
- PRINTF("%s: PR_Poll returned zero!\n", progName);
- return 1;
- }
- PRINTF("%s: PR_Poll returned!\n", progName);
- if (pollset[1].in_flags) {
- PRINTF("%s: PR_Poll returned 0x%02x for stdin out_flags.\n",
- progName, pollset[1].out_flags);
-#ifndef _WINDOWS
- }
- if (pollset[1].out_flags & PR_POLL_READ) {
-#endif
- /* Read from stdin and write to socket */
- nb = PR_Read(pollset[1].fd, buf, sizeof(buf));
- PRINTF("%s: stdin read %d bytes\n", progName, nb);
- if (nb < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- SECU_PrintError(progName, "read from stdin failed");
- error=1;
- break;
- }
- } else if (nb == 0) {
- pollset[1].in_flags = 0;
- } else {
- char * bufp = buf;
- PRINTF("%s: Writing %d bytes to server\n", progName, nb);
- do {
- PRInt32 cc = PR_Write(s, bufp, nb);
- if (cc < 0) {
- PRErrorCode err = PR_GetError();
- if (err != PR_WOULD_BLOCK_ERROR) {
- SECU_PrintError(progName,
- "write to SSL socket failed");
- error=254;
- goto done;
- }
- cc = 0;
- }
- bufp += cc;
- nb -= cc;
- if (nb <= 0)
- break;
- pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
- pollset[0].out_flags = 0;
- PRINTF("%s: about to call PR_Poll on writable socket !\n", progName);
- cc = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
- PRINTF("%s: PR_Poll returned with writable socket !\n", progName);
- } while (1);
- pollset[0].in_flags = PR_POLL_READ;
- }
- }
-
- if (pollset[0].in_flags) {
- PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
- progName, pollset[0].out_flags);
- }
- if ( (pollset[0].out_flags & PR_POLL_READ)
- || (pollset[0].out_flags & PR_POLL_ERR)
-#ifdef PR_POLL_HUP
- || (pollset[0].out_flags & PR_POLL_HUP)
-#endif
- ) {
- /* Read from socket and write to stdout */
- nb = PR_Read(pollset[0].fd, buf, sizeof(buf));
- PRINTF("%s: Read from server %d bytes\n", progName, nb);
- if (nb < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- SECU_PrintError(progName, "read from socket failed");
- error=1;
- goto done;
- }
- } else if (nb == 0) {
- /* EOF from socket... bye bye */
- pollset[0].in_flags = 0;
- } else {
- PR_Write(std_out, buf, nb);
- puts("\n\n");
- }
- }
- milliPause(50 * multiplier);
- }
-
- done:
- PR_Close(s);
- SSL_ClearSessionCache();
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- PR_Cleanup();
- return error;
-}
diff --git a/security/nss/cmd/ttformat/Makefile b/security/nss/cmd/ttformat/Makefile
deleted file mode 100644
index f2a407990..000000000
--- a/security/nss/cmd/ttformat/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/ttformat/manifest.mn b/security/nss/cmd/ttformat/manifest.mn
deleted file mode 100644
index c63d5b052..000000000
--- a/security/nss/cmd/ttformat/manifest.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = ttformat.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-PROGRAM = ttformat
-
diff --git a/security/nss/cmd/ttformat/nClient b/security/nss/cmd/ttformat/nClient
deleted file mode 100755
index aab8402bd..000000000
--- a/security/nss/cmd/ttformat/nClient
+++ /dev/null
@@ -1,49 +0,0 @@
-# /bin/ksh
-#
-# nClient -- run the nss test strsclnt for performance testing
-#
-# syntax: nClient [options]
-#
-# where: options are:
-# any valid command line option for strsclnt
-# Note that some options are set by this script!
-#
-# Description:
-# nClient runs the nss test program "strsclnt" for purposes of
-# gathering performance data.
-#
-# some shell variables are set at the top of the script
-# you may have to change these, depending on the host you
-# are running on and other "stuff". caveat emptor.
-#
-# You will have to tinker with this script to get it to
-# run for you.
-#
-# See also: nServ
-#
-# --- begin nClient -------------------------------------------------------
-baseDir=/home/lorenzo/nss-raw/mozilla
-#
-# shell variables for running strsclnt
-#
-export HOST=`hostname -s`
-export DOMSUF=red.iplanet.com
-serverHost=dbldog
-nssDB=${baseDir}/tests_results/security/${HOST}.1/client
-nssHost=${HOST}.red.iplanet.com
-pushd ${baseDir}/security/nss/tests/common
-objDir=`gmake objdir_name`
-popd
-#
-#
-nssOptions="-p 12944 ${serverHost}.red.iplanet.com"
-export LD_LIBRARY_PATH=${baseDir}/dist/${objDir}/lib
-clientProg=${baseDir}/security/nss/cmd/strsclnt/${objDir}/strsclnt
-#
-# do the test
-#
-nssCommand="${clientProg} -d ${nssDB} ${nssOptions}"
-echo $nssCommand $*
-${nssCommand} $* &
-#
-# --- end nClient --------------------------------------------------------
diff --git a/security/nss/cmd/ttformat/nServ b/security/nss/cmd/ttformat/nServ
deleted file mode 100755
index ddf51b0e8..000000000
--- a/security/nss/cmd/ttformat/nServ
+++ /dev/null
@@ -1,49 +0,0 @@
-# /bin/ksh
-#
-# nServ -- run the nss test selfserv for performance testing
-#
-# syntax: nServ [options]
-#
-# where: options are:
-# Valid arguments to the selfserv program
-# Note that this script sets some options
-#
-# Description:
-# nServ runs the nss test program "selfserv" for purposes of
-# gathering performance data.
-#
-# some shell variables are set at the top of the script
-# you may have to change these, depending on the host you
-# are running on and other "stuff". caveat emptor.
-#
-# See also: nClinet
-#
-# --- begin nServ -------------------------------------------------------
-#
-baseDir=/home/lorenzo/nss-server/mozilla
-#
-# shell variables for running selfserv
-#
-export HOST=`hostname -s`
-export DOMSUF=red.iplanet.com
-nssDB=${baseDir}/tests_results/security/${HOST}.1/server
-nssHost=${HOST}.red.iplanet.com
-nssOptions="-p 12944 -w nss"
-pushd ${baseDir}/security/nss/tests/common
-objDir=`gmake objdir_name`
-popd
-export LD_LIBRARY_PATH=${baseDir}/dist/${objDir}/lib
-#
-# shell variables for capturing instrumentation data
-#
-export NSPR_LOG_MODULES=TestCase:6
-export NSPR_LOG_FILE=xxxLogfile
-#
-# do the test
-#
-nssCommand="${baseDir}/dist/${objDir}/bin/selfserv -d ${nssDB} -n ${nssHost} ${nssOptions}"
-echo $nssCommand
-${nssCommand} $* &
-# xxgdb ${baseDir}/dist/${objDir}/bin/selfserv
-#
-# --- end nServ -------------------------------------------------------
diff --git a/security/nss/cmd/ttformat/redux.pl b/security/nss/cmd/ttformat/redux.pl
deleted file mode 100755
index ccc13c24a..000000000
--- a/security/nss/cmd/ttformat/redux.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# redux.pl -- general nss trace data extraction
-#
-# syntax: redux.pl
-#
-# redux.pl reads a file of formatted trace table records from stdin
-# The trace records are formatted by nssilock.c
-# redux.pl parses the lines and accumulates data in a hash
-# When finished with stdin, redux.pl traverses the hash and emits
-# the accumulated data.
-#
-# Operation:
-# read stdin, accumulate in a hash by file, line, type.
-# traverse the hash, reporting data.
-#
-# raw data format:
-# thredid op ltype callTime heldTime lock line file
-#
-# Notes:
-# After running redux.pl, sort the report on column 4 in decending sequence
-# to see where the lock contention is.
-#
-#
-# -----------------------------------------------------------------------
-use Getopt::Std;
-
-getopts("h") || die "redux.pl: unrecognized command option";
-
-
-# -----------------------------------------------------------------------
-# read stdin to exhaustion
-while ( <STDIN> ) {
- $recordCount++;
-# next if ($recordCount < 36000 ); # skip initialization records
- chomp;
- ($thredid, $op, $ltype, $callTime, $heldTime, $lock, $line, $file) = split;
-
-# select out un-interesting lines
-# next if (( $callTime < $opt_c ) && ( $heldTime < $opt_h ));
-# print $_, "\n";
-
-# count general stats
- $interesting++;
-
-# format the key
- $hashKey = $file ." ". $line ." ". $ltype;
-
-# Update the data in the hash entry
- $theData = $theHash{$hashKey}; # read it if it already exists
- ( $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax ) = split(/\s+/, $theData );
- $hCount++;
- $hcallTime += $callTime;
- $hheldTime += $heldTime;
- $hcallMax = ( $hcallMax > $callTime )? $hcallMax : $callTime;
- $hheldMax = ( $hheldMax > $heldTime )? $hheldMax : $heldTime;
-
-# Write theData back to the hash
- $theData = $hCount." ".$hcallTime." ".$hheldTime." ".$hcallMax." ".$hheldMax;
- $theHash{$hashKey} = $theData;
-} # end while()
-
-# -----------------------------------------------------------------------
-# traverse theHash
- printf("%-16s %6s %-16s %8s %8s %8s %8s %8s\n",
- "File","line","ltype","hits","calltim","heldtim","callmax","heldmax" );
-while (($hashKey,$theData) = each(%theHash)) {
- $hashElements++;
- ($file, $line, $ltype) = split(/\s+/, $hashKey );
- ( $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax ) = split(/\s+/, $theData );
- printf("%-16s %6d %-16s %8d %8d %8d %8d %8d\n",
- $file, $line, $ltype, $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax );
-} # end while()
-
-# -----------------------------------------------------------------------
-# dump global statistics
-printf ("Record count: %d\n", $recordCount );
-printf("Interesting: %d, HashElements: %d\n", $interesting, $hashElements);
diff --git a/security/nss/cmd/ttformat/reduxhwm.pl b/security/nss/cmd/ttformat/reduxhwm.pl
deleted file mode 100644
index f442ff4e4..000000000
--- a/security/nss/cmd/ttformat/reduxhwm.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# reduxhwm.pl -- analyze highwatermark data in xxxLogfile
-#
-# example interesting line in xxxLogfile
-# 1026[8154da0]: selfserv: Launched thread in slot 37, highWaterMark: 63
-#
-#
-#
-while ( <STDIN> ) {
- chomp;
- ($proc, $who, $launched, $thread, $in, $slotx, $slot, $hwm, $highwatermark) = split;
- if ( $launched == "Launched" ) {
- next if ( $slot == 0 );
- $notInteresting++;
- if ( $hwmMax < $highwatermark ){
- $hwmMax = $highwatermark;
- }
- $hwmArray[$slot] += 1;
- $interesting++;
- }
-} # end while()
-
-printf ("Interesteing: %d\n", $interesting );
-printf ("Not Interesting: %d\n", $notInteresting - $interesting );
-
-foreach $element (@hwmArray) {
- $percent = 100*($element / $interesting);
- $percentTotal += $percent;
- printf("Slot %2d: %d hits, %2.2f percent, %2.2f total percent\n", $i, $element, $percent, $percentTotal );
- $i++;
-}
-printf("Sum of percentages: %3.2f\n", $percentTotal );
-# --- end ---
diff --git a/security/nss/cmd/ttformat/ttformat.c b/security/nss/cmd/ttformat/ttformat.c
deleted file mode 100644
index 7fcf04f86..000000000
--- a/security/nss/cmd/ttformat/ttformat.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape Portable Runtime (NSPR).
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: ttformat.c
-** Description: ttformat.c reads the file "xxxTTLog". xxxTTLog
-** contains fixed length binary data written by nssilock.
-** ttformat formats the data to a human readable form (printf)
-** usable for visual scanning and for processing via a perl script.
-** Output is written to stdout
-**
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <nssilock.h>
-
-/*
-** struct maps enum nssILockType to character representation
-*/
-struct {
- nssILockType ltype;
- char *name;
-} ltypeNameT[] = {
- { nssILockArena, "Arena" },
- { nssILockSession, "Session" },
- { nssILockObject, "Object" },
- { nssILockRefLock, "RefLock" },
- { nssILockCert, "Cert", },
- { nssILockCertDB, "CertDB" },
- { nssILockDBM, "DBM" },
- { nssILockCache, "Cache" },
- { nssILockSSL, "SSL" },
- { nssILockList, "List" },
- { nssILockSlot, "Slot" },
- { nssILockFreelist, "Freelist" },
- { nssILockOID, "OID" },
- { nssILockAttribute, "Attribute" },
- { nssILockPK11cxt, "PK11Context" },
- { nssILockRWLock, "RWLock" },
- { nssILockOther, "Other" },
- { nssILockSelfServ, "SelfServ" }
-}; /* end ltypeNameT */
-
-/*
-** struct maps enum nssILockOp to character representation
-*/
-struct {
- nssILockOp op;
- char *name;
-} opNameT[] = {
- { FlushTT, "FlushTT" },
- { NewLock, "NewLock" },
- { Lock, "Lock" },
- { Unlock, "Unlock" },
- { DestroyLock, "DestroyLock" },
- { NewCondVar, "NewCondVar" },
- { WaitCondVar, "WaitCondVar" },
- { NotifyCondVar, "NotifyCondVar" },
- { NotifyAllCondVar, "NotifyAllCondVar" },
- { DestroyCondVar, "DestroyCondVar" },
- { NewMonitor, "NewMonitor" },
- { EnterMonitor, "EnterMonitor" },
- { ExitMonitor, "ExitMonitor" },
- { Notify, "Notify" },
- { NotifyAll, "NotifyAll" },
- { Wait, "Wait" },
- { DestroyMonitor, "DestroyMonitor" }
-}; /* end opNameT */
-
-
-int main(int argc, char *argv[])
-{
- FILE *filea;
- struct pzTrace_s inBuf;
- char *opName;
- char *ltypeName;
- int rCount = 0;
- int oCount = 0;
-
- filea = fopen( "xxxTTLog", "r" );
- if ( NULL == filea ) {
- fprintf( stderr, "ttformat: Oh drat! Can't open 'xxxTTLog'\n" );
- exit(1);
- }
-
- while(1 == (fread( &inBuf, sizeof(inBuf), 1 , filea ))) {
- ++rCount;
- if ( inBuf.op > DestroyMonitor ) continue;
- if ( inBuf.op < FlushTT ) continue;
-
- opName = opNameT[inBuf.op].name;
- ltypeName = ltypeNameT[inBuf.ltype].name;
-
- ++oCount;
- printf("%8d %18s %18s %6d %6d %12p %6d %20s\n",
- inBuf.threadID, opName, ltypeName, inBuf.callTime, inBuf.heldTime,
- inBuf.lock, inBuf.line, inBuf.file );
- } /* end while() */
-
- fprintf( stderr, "Read: %d, Wrote: %d\n", rCount, oCount );
- return 0;
-} /* main() */
-/* end ttformat.c */
diff --git a/security/nss/cmd/vfychain/Makefile b/security/nss/cmd/vfychain/Makefile
deleted file mode 100644
index 8a0332d89..000000000
--- a/security/nss/cmd/vfychain/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE
-ifndef BUILD_OPT
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/vfychain/manifest.mn b/security/nss/cmd/vfychain/manifest.mn
deleted file mode 100644
index 1cdcc4de8..000000000
--- a/security/nss/cmd/vfychain/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd
-
-# DIRS =
-
-CSRCS = vfychain.c
-DEFINES += -DDLL_PREFIX=\"$(DLL_PREFIX)\" -DDLL_SUFFIX=\"$(DLL_SUFFIX)\"
-
-PROGRAM = vfychain
-
diff --git a/security/nss/cmd/vfychain/vfychain.c b/security/nss/cmd/vfychain/vfychain.c
deleted file mode 100644
index 91189ed19..000000000
--- a/security/nss/cmd/vfychain/vfychain.c
+++ /dev/null
@@ -1,438 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- * Read in a cert chain from one or more files, and verify the chain for
- * some usage.
- * *
- * This code was modified from other code also kept in the NSS directory.
- ****************************************************************************/
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "prerror.h"
-
-#include "nssrenam.h"
-#include "pk11func.h"
-#include "seccomon.h"
-#include "secutil.h"
-#include "secmod.h"
-#include "secitem.h"
-#include "cert.h"
-
-
-/* #include <stdlib.h> */
-/* #include <errno.h> */
-/* #include <fcntl.h> */
-/* #include <stdarg.h> */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "nss.h"
-
-/* #include "vfyutil.h" */
-
-#define RD_BUF_SIZE (60 * 1024)
-
-int verbose;
-
-char *password = NULL;
-
-/* Function: char * myPasswd()
- *
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PORT_Strdup((char *)arg);
- }
- return passwd;
-}
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-d dbdir] certfile [certfile ...]\n",
- progName);
- exit(1);
-}
-
-/**************************************************************************
-**
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
- PRErrorCode errorNumber = PR_GetError();
- const char * errorString = SECU_Strerror(errorNumber);
-
- fprintf(stderr, "Error in function %s: %d\n - %s\n",
- function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
- errWarn(function);
- /* Exit gracefully. */
- /* ignoring return value of NSS_Shutdown as code exits with 1 anyway*/
- (void) NSS_Shutdown();
- PR_Cleanup();
- exit(1);
-}
-
-static char *
-bestCertName(CERTCertificate *cert) {
- if (cert->nickname) {
- return cert->nickname;
- }
- if (cert->emailAddr) {
- return cert->emailAddr;
- }
- return cert->subjectName;
-}
-
-void
-printCertProblems(FILE *outfile, CERTCertDBHandle *handle,
- CERTCertificate *cert, PRBool checksig,
- SECCertUsage certUsage, void *pinArg)
-{
- CERTVerifyLog log;
- CERTVerifyLogNode *node = NULL;
- unsigned int depth = (unsigned int)-1;
- unsigned int flags = 0;
- char * errstr = NULL;
- PRErrorCode err = PORT_GetError();
-
- log.arena = PORT_NewArena(512);
- log.head = log.tail = NULL;
- log.count = 0;
- CERT_VerifyCert(handle, cert, checksig, certUsage,
- PR_Now(), pinArg, &log);
-
- if (log.count > 0) {
- fprintf(outfile,"PROBLEM WITH THE CERT CHAIN:\n");
- for (node = log.head; node; node = node->next) {
- if (depth != node->depth) {
- depth = node->depth;
- fprintf(outfile,"CERT %d. %s %s:\n", depth,
- bestCertName(node->cert),
- depth ? "[Certificate Authority]": "");
- if (verbose) {
- const char * emailAddr;
- emailAddr = CERT_GetFirstEmailAddress(node->cert);
- if (emailAddr) {
- fprintf(outfile,"Email Address(es): ");
- do {
- fprintf(outfile, "%s\n", emailAddr);
- emailAddr = CERT_GetNextEmailAddress(node->cert,
- emailAddr);
- } while (emailAddr);
- }
- }
- }
- fprintf(outfile," ERROR %d: %s\n", node->error,
- SECU_Strerror(node->error));
- errstr = NULL;
- switch (node->error) {
- case SEC_ERROR_INADEQUATE_KEY_USAGE:
- flags = (unsigned int)node->arg;
- switch (flags) {
- case KU_DIGITAL_SIGNATURE:
- errstr = "Cert cannot sign.";
- break;
- case KU_KEY_ENCIPHERMENT:
- errstr = "Cert cannot encrypt.";
- break;
- case KU_KEY_CERT_SIGN:
- errstr = "Cert cannot sign other certs.";
- break;
- default:
- errstr = "[unknown usage].";
- break;
- }
- case SEC_ERROR_INADEQUATE_CERT_TYPE:
- flags = (unsigned int)node->arg;
- switch (flags) {
- case NS_CERT_TYPE_SSL_CLIENT:
- case NS_CERT_TYPE_SSL_SERVER:
- errstr = "Cert cannot be used for SSL.";
- break;
- case NS_CERT_TYPE_SSL_CA:
- errstr = "Cert cannot be used as an SSL CA.";
- break;
- case NS_CERT_TYPE_EMAIL:
- errstr = "Cert cannot be used for SMIME.";
- break;
- case NS_CERT_TYPE_EMAIL_CA:
- errstr = "Cert cannot be used as an SMIME CA.";
- break;
- case NS_CERT_TYPE_OBJECT_SIGNING:
- errstr = "Cert cannot be used for object signing.";
- break;
- case NS_CERT_TYPE_OBJECT_SIGNING_CA:
- errstr = "Cert cannot be used as an object signing CA.";
- break;
- default:
- errstr = "[unknown usage].";
- break;
- }
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_ISSUER:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- errstr = node->cert->issuerName;
- break;
- default:
- break;
- }
- if (errstr) {
- fprintf(stderr," %s\n",errstr);
- }
- CERT_DestroyCertificate(node->cert);
- }
- }
- PORT_SetError(err); /* restore original error code */
-}
-
-typedef struct certMemStr {
- struct certMemStr * next;
- CERTCertificate * cert;
-} certMem;
-
-certMem * theCerts;
-
-void
-rememberCert(CERTCertificate * cert)
-{
- certMem * newCertMem = PORT_ZNew(certMem);
- if (newCertMem) {
- newCertMem->next = theCerts;
- newCertMem->cert = cert;
- theCerts = newCertMem;
- }
-}
-
-void
-forgetCerts(void)
-{
- certMem * oldCertMem;
- while (oldCertMem = theCerts) {
- theCerts = oldCertMem->next;
- CERT_DestroyCertificate(oldCertMem->cert);
- PORT_Free(oldCertMem);
- }
- theCerts = NULL;
-}
-
-
-CERTCertificate *
-readCertFile(const char * fileName, PRBool isAscii)
-{
- unsigned char * pb;
- CERTCertificate * cert = NULL;
- CERTCertDBHandle *defaultDB = NULL;
- PRFileDesc* fd;
- PRInt32 cc = -1;
- PRInt32 total;
- PRInt32 remaining;
- SECItem item;
- static unsigned char certBuf[RD_BUF_SIZE];
-
- fd = PR_Open(fileName, PR_RDONLY, 0777);
- if (!fd) {
- PRIntn err = PR_GetError();
- fprintf(stderr, "open of %s failed, %d = %s\n",
- fileName, err, SECU_Strerror(err));
- return cert;
- }
- /* read until EOF or buffer is full */
- pb = certBuf;
- while (0 < (remaining = (sizeof certBuf) - (pb - certBuf))) {
- cc = PR_Read(fd, pb, remaining);
- if (cc == 0)
- break;
- if (cc < 0) {
- PRIntn err = PR_GetError();
- fprintf(stderr, "read of %s failed, %d = %s\n",
- fileName, err, SECU_Strerror(err));
- break;
- }
- /* cc > 0 */
- pb += cc;
- }
- PR_Close(fd);
- if (cc < 0)
- return cert;
- if (!remaining || cc > 0) { /* file was too big. */
- fprintf(stderr, "cert file %s was too big.\n");
- return cert;
- }
- total = pb - certBuf;
- if (!total) { /* file was empty */
- fprintf(stderr, "cert file %s was empty.\n");
- return cert;
- }
- if (isAscii) {
- /* convert from Base64 to binary here ... someday */
- }
- item.type = siBuffer;
- item.data = certBuf;
- item.len = total;
- defaultDB = CERT_GetDefaultCertDB();
- cert = CERT_NewTempCertificate(defaultDB, &item,
- NULL /* nickname */,
- PR_FALSE /* isPerm */,
- PR_TRUE /* copyDER */);
- if (!cert) {
- PRIntn err = PR_GetError();
- fprintf(stderr, "couldn't import %s, %d = %s\n",
- fileName, err, SECU_Strerror(err));
- }
- return cert;
-}
-
-int
-main(int argc, char *argv[], char *envp[])
-{
- char * certDir = NULL;
- char * progName = NULL;
- char * cipherString = NULL;
- CERTCertificate * cert;
- CERTCertificate * firstCert = NULL;
- CERTCertDBHandle * defaultDB = NULL;
- PRBool isAscii = PR_FALSE;
- SECStatus secStatus;
- SECCertUsage certUsage = certUsageSSLServer;
- PLOptState * optstate;
- PLOptStatus status;
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- progName = PL_strdup(argv[0]);
-
- optstate = PL_CreateOptState(argc, argv, "ad:ru:w:v");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case 0 : /* positional parameter */ goto breakout;
- case 'a' : isAscii = PR_TRUE; break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
- case 'r' : isAscii = PR_FALSE; break;
- case 'u' : certUsage = (SECCertUsage)PORT_Atoi(optstate->value); break;
- case 'w' : password = PL_strdup(optstate->value); break;
- case 'v' : verbose++; break;
- default : Usage(progName); break;
- }
- }
-breakout:
- if (status != PL_OPT_OK)
- Usage(progName);
-
- /* Set our password function callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize the NSS libraries. */
- if (certDir) {
- secStatus = NSS_Init(certDir);
- } else {
- secStatus = NSS_NoDB_Init(NULL);
-
- /* load the builtins */
- SECMOD_AddNewModule("Builtins", DLL_PREFIX"nssckbi."DLL_SUFFIX, 0, 0);
- }
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
-
- while (status == PL_OPT_OK) {
- switch(optstate->option) {
- default : Usage(progName); break;
- case 'a' : isAscii = PR_TRUE; break;
- case 'r' : isAscii = PR_FALSE; break;
- case 0 : /* positional parameter */
- cert = readCertFile(optstate->value, isAscii);
- if (!cert)
- goto punt;
- rememberCert(cert);
- if (!firstCert)
- firstCert = cert;
- break;
- }
- status = PL_GetNextOpt(optstate);
- }
- if (status == PL_OPT_BAD || !firstCert)
- Usage(progName);
-
- /* NOW, verify the cert chain. */
- defaultDB = CERT_GetDefaultCertDB();
- secStatus = CERT_VerifyCert(defaultDB, firstCert,
- PR_TRUE /* check sig */,
- certUsage,
- PR_Now(),
- NULL, /* wincx */
- NULL); /* error log */
-
- if (secStatus != SECSuccess) {
- PRIntn err = PR_GetError();
- fprintf(stderr, "Chain is bad, %d = %s\n", err, SECU_Strerror(err));
- printCertProblems(stderr, defaultDB, firstCert,
- PR_TRUE, certUsage, NULL);
- } else {
- fprintf(stderr, "Chain is good!\n");
- }
-
-punt:
- forgetCerts();
- if (NSS_Shutdown != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
-}
diff --git a/security/nss/cmd/vfyserv/Makefile b/security/nss/cmd/vfyserv/Makefile
deleted file mode 100644
index b31a4fdc8..000000000
--- a/security/nss/cmd/vfyserv/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE
-ifndef BUILD_OPT
-ifndef NS_USE_GCC
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-endif
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/vfyserv/makefile.win b/security/nss/cmd/vfyserv/makefile.win
deleted file mode 100644
index 6cf6c12cf..000000000
--- a/security/nss/cmd/vfyserv/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = tstclnt
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/vfyserv/manifest.mn b/security/nss/cmd/vfyserv/manifest.mn
deleted file mode 100644
index ccbca1d75..000000000
--- a/security/nss/cmd/vfyserv/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-# DIRS =
-
-CSRCS = vfyserv.c vfyutil.c
-DEFINES += -DDLL_PREFIX=\"$(DLL_PREFIX)\" -DDLL_SUFFIX=\"$(DLL_SUFFIX)\"
-
-PROGRAM = vfyserv
-
diff --git a/security/nss/cmd/vfyserv/vfyserv.c b/security/nss/cmd/vfyserv/vfyserv.c
deleted file mode 100644
index 288319dcd..000000000
--- a/security/nss/cmd/vfyserv/vfyserv.c
+++ /dev/null
@@ -1,458 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- * SSL client program that tests a server for proper operation of SSL2, *
- * SSL3, and TLS. Test propder certificate installation. *
- * *
- * This code was modified from the SSLSample code also kept in the NSS *
- * directory. *
- ****************************************************************************/
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secmod.h"
-#include "secitem.h"
-
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-
-#include "vfyserv.h"
-
-#define RD_BUF_SIZE (60 * 1024)
-
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-GlobalThreadMgr threadMGR;
-char *certNickname = NULL;
-char *hostName = NULL;
-char *password = NULL;
-unsigned short port = 0;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-p port] [-c connections] [-C cipher(s)] hostname\n",
- progName);
- exit(1);
-}
-
-PRFileDesc *
-setupSSLSocket(PRNetAddr *addr)
-{
- PRFileDesc *tcpSocket;
- PRFileDesc *sslSocket;
- PRSocketOptionData socketOption;
- PRStatus prStatus;
- SECStatus secStatus;
-
-
- tcpSocket = PR_NewTCPSocket();
- if (tcpSocket == NULL) {
- errWarn("PR_NewTCPSocket");
- }
-
- /* Make the socket blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(tcpSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption");
- goto loser;
- }
-
-
- /* Import the socket into the SSL layer. */
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (!sslSocket) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- /* Set configuration options. */
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT");
- goto loser;
- }
-
- /* Set SSL callback routines. */
- secStatus = SSL_GetClientAuthDataHook(sslSocket,
- (SSLGetClientAuthData)myGetClientAuthData,
- (void *)certNickname);
- if (secStatus != SECSuccess) {
- errWarn("SSL_GetClientAuthDataHook");
- goto loser;
- }
-
- secStatus = SSL_AuthCertificateHook(sslSocket,
- (SSLAuthCertificate)myAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-
-const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection(PRFileDesc *sslSocket, int connection)
-{
- int countRead = 0;
- PRInt32 numBytes;
- char *readBuffer;
-
- readBuffer = PORT_Alloc(RD_BUF_SIZE);
- if (!readBuffer) {
- exitErr("PORT_Alloc");
- }
-
- /* compose the http request here. */
-
- numBytes = PR_Write(sslSocket, requestString, strlen(requestString));
- if (numBytes <= 0) {
- errWarn("PR_Write");
- PR_Free(readBuffer);
- readBuffer = NULL;
- return SECFailure;
- }
-
- /* read until EOF */
- while (PR_TRUE) {
- numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE);
- if (numBytes == 0) {
- break; /* EOF */
- }
- if (numBytes < 0) {
- errWarn("PR_Read");
- break;
- }
- countRead += numBytes;
- }
-
- printSecurityInfo(stderr, sslSocket);
-
- PR_Free(readBuffer);
- readBuffer = NULL;
-
- /* Caller closes the socket. */
-
- fprintf(stderr,
- "***** Connection %d read %d bytes total.\n",
- connection, countRead);
-
- return SECSuccess; /* success */
-}
-
-#define BYTE(n,i) (((i)>>((n)*8))&0xff)
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-SECStatus
-do_connects(void *a, int connection)
-{
- PRNetAddr *addr = (PRNetAddr *)a;
- PRFileDesc *sslSocket;
- PRHostEnt hostEntry;
- char buffer[PR_NETDB_BUF_SIZE];
- PRStatus prStatus;
- PRIntn hostenum;
- PRInt32 ip;
- SECStatus secStatus;
-
- /* Set up SSL secure socket. */
- sslSocket = setupSSLSocket(addr);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- return SECFailure;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetPKCS11PinArg");
- return secStatus;
- }
-
- secStatus = SSL_SetURL(sslSocket, hostName);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetURL");
- return secStatus;
- }
-
- /* Prepare and setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_GetHostByName");
- return SECFailure;
- }
-
- hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr);
- if (hostenum == -1) {
- errWarn("PR_EnumerateHostEnt");
- return SECFailure;
- }
-
- ip = PR_ntohl(addr->inet.ip);
- fprintf(stderr,
- "Connecting to host %s (addr %d.%d.%d.%d) on port %d\n",
- hostName, BYTE(3,ip), BYTE(2,ip), BYTE(1,ip),
- BYTE(0,ip), PR_ntohs(addr->inet.port));
-
- prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Connect");
- return SECFailure;
- }
-
- /* Established SSL connection, ready to send data. */
-#if 0
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return secStatus;
- }
-#endif
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- prStatus = PR_Close(sslSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
- return secStatus;
- }
-
- secStatus = handle_connection(sslSocket, connection);
- if (secStatus != SECSuccess) {
- /* error already printed out in handle_connection */
- /* errWarn("handle_connection"); */
- prStatus = PR_Close(sslSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
- return secStatus;
- }
-
- PR_Close(sslSocket);
- return SECSuccess;
-}
-
-void
-client_main(unsigned short port,
- int connections,
- const char * hostName)
-{
- int i;
- SECStatus secStatus;
- PRStatus prStatus;
- PRInt32 rv;
- PRNetAddr addr;
- PRHostEnt hostEntry;
- char buffer[256];
-
- /* Setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_GetHostByName");
- }
-
- rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr);
- if (rv < 0) {
- exitErr("PR_EnumerateHostEnt");
- }
-
- secStatus = launch_thread(&threadMGR, do_connects, &addr, 1);
- if (secStatus != SECSuccess) {
- exitErr("launch_thread");
- }
-
- if (connections > 1) {
- /* wait for the first connection to terminate, then launch the rest. */
- reap_threads(&threadMGR);
- /* Start up the connections */
- for (i = 2; i <= connections; ++i) {
- secStatus = launch_thread(&threadMGR, do_connects, &addr, i);
- if (secStatus != SECSuccess) {
- errWarn("launch_thread");
- }
- }
- }
-
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
-}
-
-int
-main(int argc, char **argv)
-{
- char * certDir = NULL;
- char * progName = NULL;
- int connections = 1;
- char * cipherString = NULL;
- SECStatus secStatus;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Call the NSPR initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- progName = PORT_Strdup(argv[0]);
-
- hostName = NULL;
- optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case 'C' : cipherString = PL_strdup(optstate->value); break;
- case 'c' : connections = PORT_Atoi(optstate->value); break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
- case 'p' : port = PORT_Atoi(optstate->value); break;
- case 'w' : password = PL_strdup(optstate->value); break;
- case '\0': hostName = PL_strdup(optstate->value); break;
- default : Usage(progName);
- }
- }
-
- if (port == 0) {
- port = 443;
- }
-
- if (port == 0 || hostName == NULL)
- Usage(progName);
-
- /* Set our password function callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize the NSS libraries. */
- if (certDir) {
- secStatus = NSS_Init(certDir);
- } else {
- secStatus = NSS_NoDB_Init(NULL);
-
- /* load the builtins */
- SECMOD_AddNewModule("Builtins",
- DLL_PREFIX"nssckbi."DLL_SUFFIX, 0, 0);
- }
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* All cipher suites except RSA_NULL_MD5 are enabled by
- * Domestic Policy. */
- NSS_SetDomesticPolicy();
- SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- }
- }
- }
-
- client_main(port, connections, hostName);
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- PR_Cleanup();
- PORT_Free(progName);
- return 0;
-}
-
diff --git a/security/nss/cmd/vfyserv/vfyserv.h b/security/nss/cmd/vfyserv/vfyserv.h
deleted file mode 100644
index e23b5e779..000000000
--- a/security/nss/cmd/vfyserv/vfyserv.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SSLSAMPLE_H
-#define SSLSAMPLE_H
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-/*
-#include "sslerror.h"
-*/
-
-#define BUFFER_SIZE 10240
-
-/* Declare SSL cipher suites. */
-
-extern int cipherSuites[];
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-/* Data buffer read from a socket. */
-typedef struct DataBufferStr {
- char data[BUFFER_SIZE];
- int index;
- int remaining;
- int dataStart;
- int dataEnd;
-} DataBuffer;
-
-/* SSL callback routines. */
-
-char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg);
-
-SECStatus myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer);
-
-SECStatus myBadCertHandler(void *arg, PRFileDesc *socket);
-
-SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg);
-
-SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* Disable all v2/v3 SSL ciphers. */
-
-void disableAllSSLCiphers(void);
-
-
-/* Error and information utilities. */
-
-void errWarn(char *function);
-
-void exitErr(char *function);
-
-void printSecurityInfo(FILE *outfile, PRFileDesc *fd);
-
-void printCertProblems(FILE *outfile, CERTCertDBHandle *handle,
- CERTCertificate *cert, PRBool checksig,
- SECCertUsage certUsage, void *pinArg);
-
-/* Some simple thread management routines. */
-
-#define MAX_THREADS 32
-
-typedef SECStatus startFn(void *a, int b);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- PRFileDesc *a;
- int b;
- int rv;
- startFn *startFunc;
- PRThread *prThread;
- PRBool inUse;
- runState running;
-} perThread;
-
-typedef struct GlobalThreadMgrStr {
- PRLock *threadLock;
- PRCondVar *threadStartQ;
- PRCondVar *threadEndQ;
- perThread threads[MAX_THREADS];
- int index;
- int numUsed;
- int numRunning;
-} GlobalThreadMgr;
-
-void thread_wrapper(void * arg);
-
-SECStatus launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc, void *a, int b);
-
-SECStatus reap_threads(GlobalThreadMgr *threadMGR);
-
-void destroy_thread_data(GlobalThreadMgr *threadMGR);
-
-/* Management of locked variables. */
-
-struct lockedVarsStr {
- PRLock * lock;
- int count;
- int waiters;
- PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void lockedVars_Init(lockedVars *lv);
-
-void lockedVars_Destroy(lockedVars *lv);
-
-void lockedVars_WaitForDone(lockedVars *lv);
-
-int lockedVars_AddToCount(lockedVars *lv, int addend);
-
-/* Buffer stuff. */
-
-static const char stopCmd[] = { "GET /stop " };
-static const char defaultHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: SSL sample server\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-#endif
diff --git a/security/nss/cmd/vfyserv/vfyutil.c b/security/nss/cmd/vfyserv/vfyutil.c
deleted file mode 100644
index 10e393458..000000000
--- a/security/nss/cmd/vfyserv/vfyutil.c
+++ /dev/null
@@ -1,714 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "vfyserv.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "nspr.h"
-#include "secutil.h"
-
-/* Declare SSL cipher suites. */
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
- SSL_DHE_RSA_WITH_DES_CBC_SHA, /* r */
- SSL_DHE_DSS_WITH_DES_CBC_SHA, /* s */
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- SSL_RSA_WITH_NULL_SHA, /* z */
- 0
-};
-
-/**************************************************************************
-**
-** SSL callback routines.
-**
-**************************************************************************/
-
-/* Function: char * myPasswd()
- *
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PORT_Strdup((char *)arg);
- }
- return passwd;
-}
-
-/* Function: SECStatus myAuthCertificate()
- *
- * Purpose: This function is our custom certificate authentication handler.
- *
- * Note: This implementation is essentially the same as the default
- * SSL_AuthCertificate().
- */
-SECStatus
-myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer)
-{
-
- SECCertUsage certUsage;
- CERTCertificate * cert;
- void * pinArg;
- char * hostName;
- SECStatus secStatus;
-
- if (!arg || !socket) {
- errWarn("myAuthCertificate");
- return SECFailure;
- }
-
- /* Define how the cert is being used based upon the isServer flag. */
-
- certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
- cert = SSL_PeerCertificate(socket);
-
- pinArg = SSL_RevealPinArg(socket);
-
- secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg,
- cert,
- checksig,
- certUsage,
- pinArg);
-
- /* If this is a server, we're finished. */
- if (isServer || secStatus != SECSuccess) {
- printCertProblems(stderr, (CERTCertDBHandle *)arg, cert,
- checksig, certUsage, pinArg);
- CERT_DestroyCertificate(cert);
- return secStatus;
- }
-
- /* Certificate is OK. Since this is the client side of an SSL
- * connection, we need to verify that the name field in the cert
- * matches the desired hostname. This is our defense against
- * man-in-the-middle attacks.
- */
-
- /* SSL_RevealURL returns a hostName, not an URL. */
- hostName = SSL_RevealURL(socket);
-
- if (hostName && hostName[0]) {
- secStatus = CERT_VerifyCertName(cert, hostName);
- } else {
- PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0);
- secStatus = SECFailure;
- }
-
- if (hostName)
- PR_Free(hostName);
-
- CERT_DestroyCertificate(cert);
- return secStatus;
-}
-
-/* Function: SECStatus myBadCertHandler()
- *
- * Purpose: This callback is called when the incoming certificate is not
- * valid. We define a certain set of parameters that still cause the
- * certificate to be "valid" for this session, and return SECSuccess to cause
- * the server to continue processing the request when any of these conditions
- * are met. Otherwise, SECFailure is return and the server rejects the
- * request.
- */
-SECStatus
-myBadCertHandler(void *arg, PRFileDesc *socket)
-{
-
- SECStatus secStatus = SECFailure;
- PRErrorCode err;
-
- /* log invalid cert here */
-
- if (!arg) {
- return secStatus;
- }
-
- *(PRErrorCode *)arg = err = PORT_GetError();
-
- /* If any of the cases in the switch are met, then we will proceed */
- /* with the processing of the request anyway. Otherwise, the default */
- /* case will be reached and we will reject the request. */
-
- switch (err) {
- case SEC_ERROR_INVALID_AVA:
- case SEC_ERROR_INVALID_TIME:
- case SEC_ERROR_BAD_SIGNATURE:
- case SEC_ERROR_EXPIRED_CERTIFICATE:
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_CERT:
- case SEC_ERROR_CERT_VALID:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- case SEC_ERROR_CRL_EXPIRED:
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- case SEC_ERROR_EXTENSION_VALUE_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_CERT_USAGES_INVALID:
- case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
- secStatus = SECSuccess;
- break;
- default:
- secStatus = SECFailure;
- break;
- }
-
- fprintf(stderr, "Bad certificate: %d, %s\n", err, SECU_Strerror(err));
-
- return secStatus;
-}
-
-/* Function: SECStatus ownGetClientAuthData()
- *
- * Purpose: This callback is used by SSL to pull client certificate
- * information upon server request.
- */
-SECStatus
-myGetClientAuthData(void *arg,
- PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
-
- CERTCertificate * cert;
- SECKEYPrivateKey * privKey;
- char * chosenNickName = (char *)arg;
- void * proto_win = NULL;
- SECStatus secStatus = SECFailure;
-
- proto_win = SSL_RevealPinArg(socket);
-
- if (chosenNickName) {
- cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
- if (cert) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- secStatus = SECSuccess;
- } else {
- CERT_DestroyCertificate(cert);
- }
- }
- } else { /* no nickname given, automatically find the right cert */
- CERTCertNicknames *names;
- int i;
-
- names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
-
- if (names != NULL) {
- for(i = 0; i < names->numnicknames; i++ ) {
-
- cert = PK11_FindCertFromNickname(names->nicknames[i],
- proto_win);
- if (!cert) {
- continue;
- }
-
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE)
- != secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
-
- secStatus = NSS_CmpCertChainWCANames(cert, caNames);
- if (secStatus == SECSuccess) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- break;
- }
- secStatus = SECFailure;
- break;
- }
- CERT_FreeNicknames(names);
- } /* for loop */
- }
- }
-
- if (secStatus == SECSuccess) {
- *pRetCert = cert;
- *pRetKey = privKey;
- }
-
- return secStatus;
-}
-
-/* Function: SECStatus myHandshakeCallback()
- *
- * Purpose: Called by SSL to inform application that the handshake is
- * complete. This function is mostly used on the server side of an SSL
- * connection, although it is provided for a client as well.
- * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake
- * is used to initiate a handshake.
- *
- * A typical scenario would be:
- *
- * 1. Server accepts an SSL connection from the client without client auth.
- * 2. Client sends a request.
- * 3. Server determines that to service request it needs to authenticate the
- * client and initiates another handshake requesting client auth.
- * 4. While handshake is in progress, server can do other work or spin waiting
- * for the handshake to complete.
- * 5. Server is notified that handshake has been successfully completed by
- * the custom handshake callback function and it can service the client's
- * request.
- *
- * Note: This function is not implemented in this sample, as we are using
- * blocking sockets.
- */
-SECStatus
-myHandshakeCallback(PRFileDesc *socket, void *arg)
-{
- fprintf(stderr,"Handshake Complete: SERVER CONFIGURED CORRECTLY\n");
- return SECSuccess;
-}
-
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-/**************************************************************************
-**
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
- PRErrorCode errorNumber = PR_GetError();
- const char * errorString = SECU_Strerror(errorNumber);
-
- fprintf(stderr, "Error in function %s: %d\n - %s\n",
- function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
- errWarn(function);
- /* Exit gracefully. */
- /* ignoring return value of NSS_Shutdown as code exits with 1 anyway*/
- (void) NSS_Shutdown();
- PR_Cleanup();
- exit(1);
-}
-
-void
-printSecurityInfo(FILE *outfile, PRFileDesc *fd)
-{
- char * cp; /* bulk cipher name */
- char * ip; /* cert issuer DN */
- char * sp; /* cert subject DN */
- int op; /* High, Low, Off */
- int kp0; /* total key bits */
- int kp1; /* secret key bits */
- int result;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
-
- if (!outfile) {
- outfile = stdout;
- }
-
- result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp);
- if (result != SECSuccess)
- return;
- fprintf(outfile,
- " bulk cipher %s, %d secret key bits, %d key bits, status: %d\n"
- " subject DN:\n %s\n"
- " issuer DN:\n %s\n", cp, kp1, kp0, op, sp, ip);
- PR_Free(cp);
- PR_Free(ip);
- PR_Free(sp);
-
- fprintf(outfile,
- " %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
- ssl3stats->hch_sid_cache_not_ok);
-
-}
-
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-void
-thread_wrapper(void * arg)
-{
- GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg;
- perThread *slot = &threadMGR->threads[threadMGR->index];
-
- /* wait for parent to finish launching us before proceeding. */
- PR_Lock(threadMGR->threadLock);
- PR_Unlock(threadMGR->threadLock);
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b);
-
- PR_Lock(threadMGR->threadLock);
- slot->running = rs_zombie;
-
- /* notify the thread exit handler. */
- PR_NotifyCondVar(threadMGR->threadEndQ);
-
- PR_Unlock(threadMGR->threadLock);
-}
-
-SECStatus
-launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc,
- void *a,
- int b)
-{
- perThread *slot;
- int i;
-
- if (!threadMGR->threadStartQ) {
- threadMGR->threadLock = PR_NewLock();
- threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock);
- threadMGR->threadEndQ = PR_NewCondVar(threadMGR->threadLock);
- }
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning >= MAX_THREADS) {
- PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_idle)
- break;
- }
- if (i >= threadMGR->numUsed) {
- if (i >= MAX_THREADS) {
- /* something's really wrong here. */
- PORT_Assert(i < MAX_THREADS);
- PR_Unlock(threadMGR->threadLock);
- return SECFailure;
- }
- ++(threadMGR->numUsed);
- PORT_Assert(threadMGR->numUsed == i + 1);
- slot = &threadMGR->threads[i];
- }
-
- slot->a = a;
- slot->b = b;
- slot->startFunc = startFunc;
-
- threadMGR->index = i;
-
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, threadMGR,
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
- PR_JOINABLE_THREAD, 0);
-
- if (slot->prThread == NULL) {
- PR_Unlock(threadMGR->threadLock);
- printf("Failed to launch thread!\n");
- return SECFailure;
- }
-
- slot->inUse = 1;
- slot->running = 1;
- ++(threadMGR->numRunning);
- PR_Unlock(threadMGR->threadLock);
-
- return SECSuccess;
-}
-
-SECStatus
-reap_threads(GlobalThreadMgr *threadMGR)
-{
- perThread * slot;
- int i;
-
- if (!threadMGR->threadLock)
- return SECSuccess;
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning > 0) {
- PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT);
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_zombie) {
- /* Handle cleanup of thread here. */
-
- /* Now make sure the thread has ended OK. */
- PR_JoinThread(slot->prThread);
- slot->running = rs_idle;
- --threadMGR->numRunning;
-
- /* notify the thread launcher. */
- PR_NotifyCondVar(threadMGR->threadStartQ);
- }
- }
- }
-
- /* Safety Sam sez: make sure count is right. */
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running != rs_idle) {
- fprintf(stderr, "Thread in slot %d is in state %d!\n",
- i, slot->running);
- }
- }
- PR_Unlock(threadMGR->threadLock);
- return SECSuccess;
-}
-
-void
-destroy_thread_data(GlobalThreadMgr *threadMGR)
-{
- PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads));
-
- if (threadMGR->threadEndQ) {
- PR_DestroyCondVar(threadMGR->threadEndQ);
- threadMGR->threadEndQ = NULL;
- }
- if (threadMGR->threadStartQ) {
- PR_DestroyCondVar(threadMGR->threadStartQ);
- threadMGR->threadStartQ = NULL;
- }
- if (threadMGR->threadLock) {
- PR_DestroyLock(threadMGR->threadLock);
- threadMGR->threadLock = NULL;
- }
-}
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PR_NewLock();
- lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PR_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PR_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PR_Lock(lv->lock);
- while (lv->count > 0) {
- PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PR_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PR_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PR_NotifyCondVar(lv->condVar);
- }
- PR_Unlock(lv->lock);
- return rv;
-}
-
-static char *
-bestCertName(CERTCertificate *cert) {
- if (cert->nickname) {
- return cert->nickname;
- }
- if (cert->emailAddr) {
- return cert->emailAddr;
- }
- return cert->subjectName;
-}
-
-void
-printCertProblems(FILE *outfile, CERTCertDBHandle *handle,
- CERTCertificate *cert, PRBool checksig,
- SECCertUsage certUsage, void *pinArg)
-{
- CERTVerifyLog log;
- CERTVerifyLogNode *node = NULL;
- unsigned int depth = (unsigned int)-1;
- unsigned int flags = 0;
- char * errstr = NULL;
- PRErrorCode err = PORT_GetError();
-
- log.arena = PORT_NewArena(512);
- log.head = log.tail = NULL;
- log.count = 0;
- CERT_VerifyCert(handle, cert, checksig, certUsage,
- PR_Now(), pinArg, &log);
-
- if (log.count > 0) {
- fprintf(outfile,"PROBLEM WITH THE CERT CHAIN:\n");
- for (node = log.head; node; node = node->next) {
- if (depth != node->depth) {
- depth = node->depth;
- fprintf(outfile,"CERT %d. %s %s:\n", depth,
- bestCertName(node->cert),
- depth ? "[Certificate Authority]": "");
- }
- fprintf(outfile," ERROR %d: %s\n", node->error,
- SECU_Strerror(node->error));
- errstr = NULL;
- switch (node->error) {
- case SEC_ERROR_INADEQUATE_KEY_USAGE:
- flags = (unsigned int)node->arg;
- switch (flags) {
- case KU_DIGITAL_SIGNATURE:
- errstr = "Cert cannot sign.";
- break;
- case KU_KEY_ENCIPHERMENT:
- errstr = "Cert cannot encrypt.";
- break;
- case KU_KEY_CERT_SIGN:
- errstr = "Cert cannot sign other certs.";
- break;
- default:
- errstr = "[unknown usage].";
- break;
- }
- case SEC_ERROR_INADEQUATE_CERT_TYPE:
- flags = (unsigned int)node->arg;
- switch (flags) {
- case NS_CERT_TYPE_SSL_CLIENT:
- case NS_CERT_TYPE_SSL_SERVER:
- errstr = "Cert cannot be used for SSL.";
- break;
- case NS_CERT_TYPE_SSL_CA:
- errstr = "Cert cannot be used as an SSL CA.";
- break;
- case NS_CERT_TYPE_EMAIL:
- errstr = "Cert cannot be used for SMIME.";
- break;
- case NS_CERT_TYPE_EMAIL_CA:
- errstr = "Cert cannot be used as an SMIME CA.";
- break;
- case NS_CERT_TYPE_OBJECT_SIGNING:
- errstr = "Cert cannot be used for object signing.";
- break;
- case NS_CERT_TYPE_OBJECT_SIGNING_CA:
- errstr = "Cert cannot be used as an object signing CA.";
- break;
- default:
- errstr = "[unknown usage].";
- break;
- }
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_ISSUER:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- errstr = node->cert->issuerName;
- break;
- default:
- break;
- }
- if (errstr) {
- fprintf(stderr," %s\n",errstr);
- }
- CERT_DestroyCertificate(node->cert);
- }
- }
- PR_SetError(err, 0); /* restore original error code */
-}
diff --git a/security/nss/cmd/zlib/Makefile b/security/nss/cmd/zlib/Makefile
deleted file mode 100644
index fa46e6763..000000000
--- a/security/nss/cmd/zlib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/zlib/README b/security/nss/cmd/zlib/README
deleted file mode 100644
index 28adc90b2..000000000
--- a/security/nss/cmd/zlib/README
+++ /dev/null
@@ -1,99 +0,0 @@
-zlib 1.0.4 is a general purpose data compression library. All the code
-is reentrant (thread safe). The data format used by the zlib library
-is described by RFCs (Request for Comments) 1950 to 1952 in the files
-ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate
-format) and rfc1952.txt (gzip format). These documents are also available in
-other formats from ftp://ftp.uu.net/graphics/png/documents/zlib/zdoc-index.html
-
-All functions of the compression library are documented in the file
-zlib.h. A usage example of the library is given in the file example.c
-which also tests that the library is working correctly. Another
-example is given in the file minigzip.c. The compression library itself
-is composed of all source files except example.c and minigzip.c.
-
-To compile all files and run the test program, follow the instructions
-given at the top of Makefile. In short "make test; make install"
-should work for most machines. For MSDOS, use one of the special
-makefiles such as Makefile.msc; for VMS, use Make_vms.com or descrip.mms.
-
-Questions about zlib should be sent to <zlib@quest.jpl.nasa.gov> or,
-if this fails, to the addresses given below in the Copyright section.
-The zlib home page is http://quest.jpl.nasa.gov/zlib/
-
-The changes made in version 1.0.4 are documented in the file ChangeLog.
-The main changes since 1.0.3 are:
-
-- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF
- bit, so the decompressor could decompress all the correct data but went
- on to attempt decompressing extra garbage data. This affected minigzip too.
-- zlibVersion and gzerror return const char* (needed for DLL)
-- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno)
-
-
-A Perl interface to zlib written by Paul Marquess <pmarquess@bfsec.bt.co.uk>
-is in the CPAN (Comprehensive Perl Archive Network) sites, such as:
-ftp://ftp.cis.ufl.edu/pub/perl/CPAN/modules/by-module/Compress/Compress-Zlib*
-
-
-Notes for some targets:
-
-- For Turbo C the small model is supported only with reduced performance to
- avoid any far allocation; it was tested with -DMAX_WBITS=11 -DMAX_MEM_LEVEL=3
-
-- For 64-bit Iris, deflate.c must be compiled without any optimization.
- With -O, one libpng test fails. The test works in 32 bit mode (with
- the -32 compiler flag). The compiler bug has been reported to SGI.
-
-- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1
- it works when compiled with cc.
-
-- zlib doesn't work on HP-UX 9.05 with one cc compiler (the one not
- accepting the -O option). It works with the other cc compiler.
-
-- To build a Windows DLL version, include in a DLL project zlib.def, zlib.rc
- and all .c files except example.c and minigzip.c; compile with -DZLIB_DLL
- For help on building a zlib DLL, contact Alessandro Iacopetti
- <iaco@email.alessandria.alpcom.it> http://lisa.unial.it/iaco ,
- or contact Brad Clarke <bclarke@cyberus.ca>.
-
-- gzdopen is not supported on RISCOS
-
-
-Acknowledgments:
-
- The deflate format used by zlib was defined by Phil Katz. The deflate
- and zlib specifications were written by Peter Deutsch. Thanks to all the
- people who reported problems and suggested various improvements in zlib;
- they are too numerous to cite here.
-
-Copyright notice:
-
- (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
- This software is provided 'as-is', without any express or implied
- warranty. In no event will the authors be held liable for any damages
- arising from the use of this software.
-
- Permission is granted to anyone to use this software for any purpose,
- including commercial applications, and to alter it and redistribute it
- freely, subject to the following restrictions:
-
- 1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
- 2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
- 3. This notice may not be removed or altered from any source distribution.
-
- Jean-loup Gailly Mark Adler
- gzip@prep.ai.mit.edu madler@alumni.caltech.edu
-
-If you use the zlib library in a product, we would appreciate *not*
-receiving lengthy legal documents to sign. The sources are provided
-for free but without warranty of any kind. The library has been
-entirely written by Jean-loup Gailly and Mark Adler; it does not
-include third-party code.
-
-If you redistribute modified sources, we would appreciate that you include
-in the file ChangeLog history information documenting your changes.
diff --git a/security/nss/cmd/zlib/adler32.c b/security/nss/cmd/zlib/adler32.c
deleted file mode 100644
index 9f4afd63c..000000000
--- a/security/nss/cmd/zlib/adler32.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* adler32.c -- compute the Adler-32 checksum of a data stream
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-#define BASE 65521L /* largest prime smaller than 65536 */
-#define NMAX 5552
-/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
-
-#define DO1(buf,i) {s1 += buf[i]; s2 += s1;}
-#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
-#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
-#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
-#define DO16(buf) DO8(buf,0); DO8(buf,8);
-
-/* ========================================================================= */
-PR_PUBLIC_API(uLong) adler32(adler, buf, len)
- uLong adler;
- const Bytef *buf;
- uInt len;
-{
- unsigned long s1 = adler & 0xffff;
- unsigned long s2 = (adler >> 16) & 0xffff;
- int k;
-
- if (buf == Z_NULL) return 1L;
-
- while (len > 0) {
- k = len < NMAX ? len : NMAX;
- len -= k;
- while (k >= 16) {
- DO16(buf);
- buf += 16;
- k -= 16;
- }
- if (k != 0) do {
- s1 += *buf++;
- s2 += s1;
- } while (--k);
- s1 %= BASE;
- s2 %= BASE;
- }
- return (s2 << 16) | s1;
-}
diff --git a/security/nss/cmd/zlib/compress.c b/security/nss/cmd/zlib/compress.c
deleted file mode 100644
index 3e1cc7c09..000000000
--- a/security/nss/cmd/zlib/compress.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* compress.c -- compress a memory buffer
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-/* ===========================================================================
- Compresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be at least 0.1% larger than
- sourceLen plus 8 bytes. Upon exit, destLen is the actual size of the
- compressed buffer.
- This function can be used to compress a whole file at once if the
- input file is mmap'ed.
- compress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer.
-*/
-PR_PUBLIC_API(int) compress (dest, destLen, source, sourceLen)
- Bytef *dest;
- uLongf *destLen;
- const Bytef *source;
- uLong sourceLen;
-{
- z_stream stream;
- int err;
-
- stream.next_in = (Bytef*)source;
- stream.avail_in = (uInt)sourceLen;
-#ifdef MAXSEG_64K
- /* Check for source > 64K on 16-bit machine: */
- if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-#endif
- stream.next_out = dest;
- stream.avail_out = (uInt)*destLen;
- if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
- stream.zalloc = (alloc_func)0;
- stream.zfree = (free_func)0;
- stream.opaque = (voidpf)0;
-
- err = deflateInit(&stream, Z_DEFAULT_COMPRESSION);
- if (err != Z_OK) return err;
-
- err = deflate(&stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- deflateEnd(&stream);
- return err == Z_OK ? Z_BUF_ERROR : err;
- }
- *destLen = stream.total_out;
-
- err = deflateEnd(&stream);
- return err;
-}
diff --git a/security/nss/cmd/zlib/config.mk b/security/nss/cmd/zlib/config.mk
deleted file mode 100644
index a1c67fdb4..000000000
--- a/security/nss/cmd/zlib/config.mk
+++ /dev/null
@@ -1,70 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Currently, override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-SECTOOLS_LIBS = $(LDOPTS) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) \
- $(LIBSECMOD) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) \
- $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) \
- $(LIBHASH) $(LIBDBM) $(DLLPLC) $(DLLPLDS) $(DLLPR) $(DLLSYSTEM)
-
-ifeq ($(OS_TARGET),AIX)
- OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-ifeq ($(OS_TARGET),NCR)
- OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-ifeq ($(OS_TARGET),SCO_SV)
- OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-LDFLAGS += $(SECTOOLS_LIBS)
-
-
-
-
diff --git a/security/nss/cmd/zlib/crc32.c b/security/nss/cmd/zlib/crc32.c
deleted file mode 100644
index 398871cf8..000000000
--- a/security/nss/cmd/zlib/crc32.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* crc32.c -- compute the CRC-32 of a data stream
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-#define local static
-
-#ifdef DYNAMIC_CRC_TABLE
-
-local int crc_table_empty = 1;
-local uLongf crc_table[256];
-local void make_crc_table OF((void));
-
-/*
- Generate a table for a byte-wise 32-bit CRC calculation on the polynomial:
- x^32+x^26+x^23+x^22+x^16+x^12+x^11+x^10+x^8+x^7+x^5+x^4+x^2+x+1.
-
- Polynomials over GF(2) are represented in binary, one bit per coefficient,
- with the lowest powers in the most significant bit. Then adding polynomials
- is just exclusive-or, and multiplying a polynomial by x is a right shift by
- one. If we call the above polynomial p, and represent a byte as the
- polynomial q, also with the lowest power in the most significant bit (so the
- byte 0xb1 is the polynomial x^7+x^3+x+1), then the CRC is (q*x^32) mod p,
- where a mod b means the remainder after dividing a by b.
-
- This calculation is done using the shift-register method of multiplying and
- taking the remainder. The register is initialized to zero, and for each
- incoming bit, x^32 is added mod p to the register if the bit is a one (where
- x^32 mod p is p+x^32 = x^26+...+1), and the register is multiplied mod p by
- x (which is shifting right by one and adding x^32 mod p if the bit shifted
- out is a one). We start with the highest power (least significant bit) of
- q and repeat for all eight bits of q.
-
- The table is simply the CRC of all possible eight bit values. This is all
- the information needed to generate CRC's on data a byte at a time for all
- combinations of CRC register values and incoming bytes.
-*/
-local void make_crc_table()
-{
- uLong c;
- int n, k;
- uLong poly; /* polynomial exclusive-or pattern */
- /* terms of polynomial defining this crc (except x^32): */
- static Byte p[] = {0,1,2,4,5,7,8,10,11,12,16,22,23,26};
-
- /* make exclusive-or pattern from polynomial (0xedb88320L) */
- poly = 0L;
- for (n = 0; n < sizeof(p)/sizeof(Byte); n++)
- poly |= 1L << (31 - p[n]);
-
- for (n = 0; n < 256; n++)
- {
- c = (uLong)n;
- for (k = 0; k < 8; k++)
- c = c & 1 ? poly ^ (c >> 1) : c >> 1;
- crc_table[n] = c;
- }
- crc_table_empty = 0;
-}
-#else
-/* ========================================================================
- * Table of CRC-32's of all single-byte values (made by make_crc_table)
- */
-local uLongf crc_table[256] = {
- 0x00000000UL, 0x77073096UL, 0xee0e612cUL, 0x990951baUL, 0x076dc419UL,
- 0x706af48fUL, 0xe963a535UL, 0x9e6495a3UL, 0x0edb8832UL, 0x79dcb8a4UL,
- 0xe0d5e91eUL, 0x97d2d988UL, 0x09b64c2bUL, 0x7eb17cbdUL, 0xe7b82d07UL,
- 0x90bf1d91UL, 0x1db71064UL, 0x6ab020f2UL, 0xf3b97148UL, 0x84be41deUL,
- 0x1adad47dUL, 0x6ddde4ebUL, 0xf4d4b551UL, 0x83d385c7UL, 0x136c9856UL,
- 0x646ba8c0UL, 0xfd62f97aUL, 0x8a65c9ecUL, 0x14015c4fUL, 0x63066cd9UL,
- 0xfa0f3d63UL, 0x8d080df5UL, 0x3b6e20c8UL, 0x4c69105eUL, 0xd56041e4UL,
- 0xa2677172UL, 0x3c03e4d1UL, 0x4b04d447UL, 0xd20d85fdUL, 0xa50ab56bUL,
- 0x35b5a8faUL, 0x42b2986cUL, 0xdbbbc9d6UL, 0xacbcf940UL, 0x32d86ce3UL,
- 0x45df5c75UL, 0xdcd60dcfUL, 0xabd13d59UL, 0x26d930acUL, 0x51de003aUL,
- 0xc8d75180UL, 0xbfd06116UL, 0x21b4f4b5UL, 0x56b3c423UL, 0xcfba9599UL,
- 0xb8bda50fUL, 0x2802b89eUL, 0x5f058808UL, 0xc60cd9b2UL, 0xb10be924UL,
- 0x2f6f7c87UL, 0x58684c11UL, 0xc1611dabUL, 0xb6662d3dUL, 0x76dc4190UL,
- 0x01db7106UL, 0x98d220bcUL, 0xefd5102aUL, 0x71b18589UL, 0x06b6b51fUL,
- 0x9fbfe4a5UL, 0xe8b8d433UL, 0x7807c9a2UL, 0x0f00f934UL, 0x9609a88eUL,
- 0xe10e9818UL, 0x7f6a0dbbUL, 0x086d3d2dUL, 0x91646c97UL, 0xe6635c01UL,
- 0x6b6b51f4UL, 0x1c6c6162UL, 0x856530d8UL, 0xf262004eUL, 0x6c0695edUL,
- 0x1b01a57bUL, 0x8208f4c1UL, 0xf50fc457UL, 0x65b0d9c6UL, 0x12b7e950UL,
- 0x8bbeb8eaUL, 0xfcb9887cUL, 0x62dd1ddfUL, 0x15da2d49UL, 0x8cd37cf3UL,
- 0xfbd44c65UL, 0x4db26158UL, 0x3ab551ceUL, 0xa3bc0074UL, 0xd4bb30e2UL,
- 0x4adfa541UL, 0x3dd895d7UL, 0xa4d1c46dUL, 0xd3d6f4fbUL, 0x4369e96aUL,
- 0x346ed9fcUL, 0xad678846UL, 0xda60b8d0UL, 0x44042d73UL, 0x33031de5UL,
- 0xaa0a4c5fUL, 0xdd0d7cc9UL, 0x5005713cUL, 0x270241aaUL, 0xbe0b1010UL,
- 0xc90c2086UL, 0x5768b525UL, 0x206f85b3UL, 0xb966d409UL, 0xce61e49fUL,
- 0x5edef90eUL, 0x29d9c998UL, 0xb0d09822UL, 0xc7d7a8b4UL, 0x59b33d17UL,
- 0x2eb40d81UL, 0xb7bd5c3bUL, 0xc0ba6cadUL, 0xedb88320UL, 0x9abfb3b6UL,
- 0x03b6e20cUL, 0x74b1d29aUL, 0xead54739UL, 0x9dd277afUL, 0x04db2615UL,
- 0x73dc1683UL, 0xe3630b12UL, 0x94643b84UL, 0x0d6d6a3eUL, 0x7a6a5aa8UL,
- 0xe40ecf0bUL, 0x9309ff9dUL, 0x0a00ae27UL, 0x7d079eb1UL, 0xf00f9344UL,
- 0x8708a3d2UL, 0x1e01f268UL, 0x6906c2feUL, 0xf762575dUL, 0x806567cbUL,
- 0x196c3671UL, 0x6e6b06e7UL, 0xfed41b76UL, 0x89d32be0UL, 0x10da7a5aUL,
- 0x67dd4accUL, 0xf9b9df6fUL, 0x8ebeeff9UL, 0x17b7be43UL, 0x60b08ed5UL,
- 0xd6d6a3e8UL, 0xa1d1937eUL, 0x38d8c2c4UL, 0x4fdff252UL, 0xd1bb67f1UL,
- 0xa6bc5767UL, 0x3fb506ddUL, 0x48b2364bUL, 0xd80d2bdaUL, 0xaf0a1b4cUL,
- 0x36034af6UL, 0x41047a60UL, 0xdf60efc3UL, 0xa867df55UL, 0x316e8eefUL,
- 0x4669be79UL, 0xcb61b38cUL, 0xbc66831aUL, 0x256fd2a0UL, 0x5268e236UL,
- 0xcc0c7795UL, 0xbb0b4703UL, 0x220216b9UL, 0x5505262fUL, 0xc5ba3bbeUL,
- 0xb2bd0b28UL, 0x2bb45a92UL, 0x5cb36a04UL, 0xc2d7ffa7UL, 0xb5d0cf31UL,
- 0x2cd99e8bUL, 0x5bdeae1dUL, 0x9b64c2b0UL, 0xec63f226UL, 0x756aa39cUL,
- 0x026d930aUL, 0x9c0906a9UL, 0xeb0e363fUL, 0x72076785UL, 0x05005713UL,
- 0x95bf4a82UL, 0xe2b87a14UL, 0x7bb12baeUL, 0x0cb61b38UL, 0x92d28e9bUL,
- 0xe5d5be0dUL, 0x7cdcefb7UL, 0x0bdbdf21UL, 0x86d3d2d4UL, 0xf1d4e242UL,
- 0x68ddb3f8UL, 0x1fda836eUL, 0x81be16cdUL, 0xf6b9265bUL, 0x6fb077e1UL,
- 0x18b74777UL, 0x88085ae6UL, 0xff0f6a70UL, 0x66063bcaUL, 0x11010b5cUL,
- 0x8f659effUL, 0xf862ae69UL, 0x616bffd3UL, 0x166ccf45UL, 0xa00ae278UL,
- 0xd70dd2eeUL, 0x4e048354UL, 0x3903b3c2UL, 0xa7672661UL, 0xd06016f7UL,
- 0x4969474dUL, 0x3e6e77dbUL, 0xaed16a4aUL, 0xd9d65adcUL, 0x40df0b66UL,
- 0x37d83bf0UL, 0xa9bcae53UL, 0xdebb9ec5UL, 0x47b2cf7fUL, 0x30b5ffe9UL,
- 0xbdbdf21cUL, 0xcabac28aUL, 0x53b39330UL, 0x24b4a3a6UL, 0xbad03605UL,
- 0xcdd70693UL, 0x54de5729UL, 0x23d967bfUL, 0xb3667a2eUL, 0xc4614ab8UL,
- 0x5d681b02UL, 0x2a6f2b94UL, 0xb40bbe37UL, 0xc30c8ea1UL, 0x5a05df1bUL,
- 0x2d02ef8dL
-};
-#endif
-
-/* =========================================================================
- * This function can be used by asm versions of crc32()
- */
-uLongf *get_crc_table()
-{
-#ifdef DYNAMIC_CRC_TABLE
- if (crc_table_empty) make_crc_table();
-#endif
- return (uLongf *)crc_table;
-}
-
-/* ========================================================================= */
-#define DO1(buf) crc = crc_table[((int)crc ^ (*buf++)) & 0xff] ^ (crc >> 8);
-#define DO2(buf) DO1(buf); DO1(buf);
-#define DO4(buf) DO2(buf); DO2(buf);
-#define DO8(buf) DO4(buf); DO4(buf);
-
-/* ========================================================================= */
-PR_PUBLIC_API(uLong) crc32(crc, buf, len)
- uLong crc;
- const Bytef *buf;
- uInt len;
-{
- if (buf == Z_NULL) return 0L;
-#ifdef DYNAMIC_CRC_TABLE
- if (crc_table_empty)
- make_crc_table();
-#endif
- crc = crc ^ 0xffffffffUL;
- while (len >= 8)
- {
- DO8(buf);
- len -= 8;
- }
- if (len) do {
- DO1(buf);
- } while (--len);
- return crc ^ 0xffffffffUL;
-}
diff --git a/security/nss/cmd/zlib/deflate.c b/security/nss/cmd/zlib/deflate.c
deleted file mode 100644
index f748ce156..000000000
--- a/security/nss/cmd/zlib/deflate.c
+++ /dev/null
@@ -1,1209 +0,0 @@
-/* deflate.c -- compress data using the deflation algorithm
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/*
- * ALGORITHM
- *
- * The "deflation" process depends on being able to identify portions
- * of the input text which are identical to earlier input (within a
- * sliding window trailing behind the input currently being processed).
- *
- * The most straightforward technique turns out to be the fastest for
- * most input files: try all possible matches and select the longest.
- * The key feature of this algorithm is that insertions into the string
- * dictionary are very simple and thus fast, and deletions are avoided
- * completely. Insertions are performed at each input character, whereas
- * string matches are performed only when the previous match ends. So it
- * is preferable to spend more time in matches to allow very fast string
- * insertions and avoid deletions. The matching algorithm for small
- * strings is inspired from that of Rabin & Karp. A brute force approach
- * is used to find longer strings when a small match has been found.
- * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
- * (by Leonid Broukhis).
- * A previous version of this file used a more sophisticated algorithm
- * (by Fiala and Greene) which is guaranteed to run in linear amortized
- * time, but has a larger average cost, uses more memory and is patented.
- * However the F&G algorithm may be faster for some highly redundant
- * files if the parameter max_chain_length (described below) is too large.
- *
- * ACKNOWLEDGEMENTS
- *
- * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
- * I found it in 'freeze' written by Leonid Broukhis.
- * Thanks to many people for bug reports and testing.
- *
- * REFERENCES
- *
- * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
- * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
- *
- * A description of the Rabin and Karp algorithm is given in the book
- * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
- *
- * Fiala,E.R., and Greene,D.H.
- * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
- *
- */
-
-/* $Id$ */
-
-#include "deflate.h"
-
-char deflate_copyright[] = " deflate 1.0.4 Copyright 1995-1996 Jean-loup Gailly ";
-/*
- If you use the zlib library in a product, an acknowledgment is welcome
- in the documentation of your product. If for some reason you cannot
- include such an acknowledgment, I would appreciate that you keep this
- copyright string in the executable of your product.
- */
-
-/* ===========================================================================
- * Function prototypes.
- */
-typedef enum {
- need_more, /* block not completed, need more input or more output */
- block_done, /* block flush performed */
- finish_started, /* finish started, need only more output at next deflate */
- finish_done /* finish done, accept no more input or output */
-} block_state;
-
-typedef block_state (*compress_func) OF((deflate_state *s, int flush));
-/* Compression function. Returns the block state after the call. */
-
-local void fill_window OF((deflate_state *s));
-local block_state deflate_stored OF((deflate_state *s, int flush));
-local block_state deflate_fast OF((deflate_state *s, int flush));
-local block_state deflate_slow OF((deflate_state *s, int flush));
-local void lm_init OF((deflate_state *s));
-local uInt longest_match OF((deflate_state *s, IPos cur_match));
-local void putShortMSB OF((deflate_state *s, uInt b));
-local void flush_pending OF((z_streamp strm));
-local int read_buf OF((z_streamp strm, charf *buf, unsigned size));
-#ifdef ASMV
- void match_init OF((void)); /* asm code initialization */
-#endif
-
-#ifdef DEBUG_NEVER
-local void check_match OF((deflate_state *s, IPos start, IPos match,
- int length));
-#endif
-
-/* ===========================================================================
- * Local data
- */
-
-#define NIL 0
-/* Tail of hash chains */
-
-#ifndef TOO_FAR
-# define TOO_FAR 4096
-#endif
-/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
-
-#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-/* Minimum amount of lookahead, except at the end of the input file.
- * See deflate.c for comments about the MIN_MATCH+1.
- */
-
-/* Values for max_lazy_match, good_match and max_chain_length, depending on
- * the desired pack level (0..9). The values given below have been tuned to
- * exclude worst case performance for pathological files. Better values may be
- * found for specific files.
- */
-typedef struct config_s {
- ush good_length; /* reduce lazy search above this match length */
- ush max_lazy; /* do not perform lazy search above this match length */
- ush nice_length; /* quit search above this match length */
- ush max_chain;
- compress_func func;
-} config;
-
-local config configuration_table[10] = {
-/* good lazy nice chain */
-/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
-/* 1 */ {4, 4, 8, 4, deflate_fast}, /* maximum speed, no lazy matches */
-/* 2 */ {4, 5, 16, 8, deflate_fast},
-/* 3 */ {4, 6, 32, 32, deflate_fast},
-
-/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
-/* 5 */ {8, 16, 32, 32, deflate_slow},
-/* 6 */ {8, 16, 128, 128, deflate_slow},
-/* 7 */ {8, 32, 128, 256, deflate_slow},
-/* 8 */ {32, 128, 258, 1024, deflate_slow},
-/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* maximum compression */
-
-/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
- * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
- * meaning.
- */
-
-#define EQUAL 0
-/* result of memcmp for equal strings */
-
-struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
-
-/* ===========================================================================
- * Update a hash value with the given input byte
- * IN assertion: all calls to to UPDATE_HASH are made with consecutive
- * input characters, so that a running hash key can be computed from the
- * previous key instead of complete recalculation each time.
- */
-#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
-
-
-/* ===========================================================================
- * Insert string str in the dictionary and set match_head to the previous head
- * of the hash chain (the most recent string with same hash key). Return
- * the previous length of the hash chain.
- * IN assertion: all calls to to INSERT_STRING are made with consecutive
- * input characters and the first MIN_MATCH bytes of str are valid
- * (except for the last MIN_MATCH-1 bytes of the input file).
- */
-#define INSERT_STRING(s, str, match_head) \
- (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
- s->prev[(str) & s->w_mask] = match_head = s->head[s->ins_h], \
- s->head[s->ins_h] = (Pos)(str))
-
-/* ===========================================================================
- * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
- * prev[] will be initialized on the fly.
- */
-#define CLEAR_HASH(s) \
- s->head[s->hash_size-1] = NIL; \
- zmemzero((charf *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateInit_(strm, level, version, stream_size)
- z_streamp strm;
- int level;
- const char *version;
- int stream_size;
-{
- return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
- Z_DEFAULT_STRATEGY, version, stream_size);
- /* To do: ignore strm->next_in if we use it as window */
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
- version, stream_size)
- z_streamp strm;
- int level;
- int method;
- int windowBits;
- int memLevel;
- int strategy;
- const char *version;
- int stream_size;
-{
- deflate_state *s;
- int noheader = 0;
-
- ushf *overlay;
- /* We overlay pending_buf and d_buf+l_buf. This works since the average
- * output size for (length,distance) codes is <= 24 bits.
- */
-
- if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
- stream_size != sizeof(z_stream)) {
- return Z_VERSION_ERROR;
- }
- if (strm == Z_NULL) return Z_STREAM_ERROR;
-
- strm->msg = Z_NULL;
- if (strm->zalloc == Z_NULL) {
- strm->zalloc = zcalloc;
- strm->opaque = (voidpf)0;
- }
- if (strm->zfree == Z_NULL) strm->zfree = zcfree;
-
- if (level == Z_DEFAULT_COMPRESSION) level = 6;
-
- if (windowBits < 0) { /* undocumented feature: suppress zlib header */
- noheader = 1;
- windowBits = -windowBits;
- }
- if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
- windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
- strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
- return Z_STREAM_ERROR;
- }
- s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
- if (s == Z_NULL) return Z_MEM_ERROR;
- strm->state = (struct internal_state FAR *)s;
- s->strm = strm;
-
- s->noheader = noheader;
- s->w_bits = windowBits;
- s->w_size = 1 << s->w_bits;
- s->w_mask = s->w_size - 1;
-
- s->hash_bits = memLevel + 7;
- s->hash_size = 1 << s->hash_bits;
- s->hash_mask = s->hash_size - 1;
- s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
-
- s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
- s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
- s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
-
- s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
-
- overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
- s->pending_buf = (uchf *) overlay;
-
- if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
- s->pending_buf == Z_NULL) {
- strm->msg = (char*)ERR_MSG(Z_MEM_ERROR);
- deflateEnd (strm);
- return Z_MEM_ERROR;
- }
- s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
- s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
-
- s->level = level;
- s->strategy = strategy;
- s->method = (Byte)method;
-
- return deflateReset(strm);
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateSetDictionary (strm, dictionary, dictLength)
- z_streamp strm;
- const Bytef *dictionary;
- uInt dictLength;
-{
- deflate_state *s;
- uInt length = dictLength;
- uInt n;
- IPos hash_head = 0;
-
- if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
- strm->state->status != INIT_STATE) return Z_STREAM_ERROR;
-
- s = strm->state;
- strm->adler = adler32(strm->adler, dictionary, dictLength);
-
- if (length < MIN_MATCH) return Z_OK;
- if (length > MAX_DIST(s)) {
- length = MAX_DIST(s);
- dictionary += dictLength - length;
- }
- zmemcpy((charf *)s->window, dictionary, length);
- s->strstart = length;
- s->block_start = (long)length;
-
- /* Insert all strings in the hash table (except for the last two bytes).
- * s->lookahead stays null, so s->ins_h will be recomputed at the next
- * call of fill_window.
- */
- s->ins_h = s->window[0];
- UPDATE_HASH(s, s->ins_h, s->window[1]);
- for (n = 0; n <= length - MIN_MATCH; n++) {
- INSERT_STRING(s, n, hash_head);
- }
- if (hash_head) hash_head = 0; /* to make compiler happy */
- return Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateReset (strm)
- z_streamp strm;
-{
- deflate_state *s;
-
- if (strm == Z_NULL || strm->state == Z_NULL ||
- strm->zalloc == Z_NULL || strm->zfree == Z_NULL) return Z_STREAM_ERROR;
-
- strm->total_in = strm->total_out = 0;
- strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
- strm->data_type = Z_UNKNOWN;
-
- s = (deflate_state *)strm->state;
- s->pending = 0;
- s->pending_out = s->pending_buf;
-
- if (s->noheader < 0) {
- s->noheader = 0; /* was set to -1 by deflate(..., Z_FINISH); */
- }
- s->status = s->noheader ? BUSY_STATE : INIT_STATE;
- strm->adler = 1;
- s->last_flush = Z_NO_FLUSH;
-
- _tr_init(s);
- lm_init(s);
-
- return Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateParams(strm, level, strategy)
- z_streamp strm;
- int level;
- int strategy;
-{
- deflate_state *s;
- compress_func func;
- int err = Z_OK;
-
- if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
- s = strm->state;
-
- if (level == Z_DEFAULT_COMPRESSION) {
- level = 6;
- }
- if (level < 0 || level > 9 || strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
- return Z_STREAM_ERROR;
- }
- func = configuration_table[s->level].func;
-
- if (func != configuration_table[level].func && strm->total_in != 0) {
- /* Flush the last buffer: */
- err = deflate(strm, Z_PARTIAL_FLUSH);
- }
- if (s->level != level) {
- s->level = level;
- s->max_lazy_match = configuration_table[level].max_lazy;
- s->good_match = configuration_table[level].good_length;
- s->nice_match = configuration_table[level].nice_length;
- s->max_chain_length = configuration_table[level].max_chain;
- }
- s->strategy = strategy;
- return err;
-}
-
-/* =========================================================================
- * Put a short in the pending buffer. The 16-bit value is put in MSB order.
- * IN assertion: the stream state is correct and there is enough room in
- * pending_buf.
- */
-local void putShortMSB (s, b)
- deflate_state *s;
- uInt b;
-{
- put_byte(s, (Byte)(b >> 8));
- put_byte(s, (Byte)(b & 0xff));
-}
-
-/* =========================================================================
- * Flush as much pending output as possible. All deflate() output goes
- * through this function so some applications may wish to modify it
- * to avoid allocating a large strm->next_out buffer and copying into it.
- * (See also read_buf()).
- */
-local void flush_pending(strm)
- z_streamp strm;
-{
- unsigned len = strm->state->pending;
-
- if (len > strm->avail_out) len = strm->avail_out;
- if (len == 0) return;
-
- zmemcpy(strm->next_out, strm->state->pending_out, len);
- strm->next_out += len;
- strm->state->pending_out += len;
- strm->total_out += len;
- strm->avail_out -= len;
- strm->state->pending -= len;
- if (strm->state->pending == 0) {
- strm->state->pending_out = strm->state->pending_buf;
- }
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflate (strm, flush)
- z_streamp strm;
- int flush;
-{
- int old_flush; /* value of flush param for previous deflate call */
- deflate_state *s;
-
- if (strm == Z_NULL || strm->state == Z_NULL ||
- flush > Z_FINISH || flush < 0) {
- return Z_STREAM_ERROR;
- }
- s = strm->state;
-
- if (strm->next_out == Z_NULL ||
- (strm->next_in == Z_NULL && strm->avail_in != 0) ||
- (s->status == FINISH_STATE && flush != Z_FINISH)) {
- ERR_RETURN(strm, Z_STREAM_ERROR);
- }
- if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
-
- s->strm = strm; /* just in case */
- old_flush = s->last_flush;
- s->last_flush = flush;
-
- /* Write the zlib header */
- if (s->status == INIT_STATE) {
-
- uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
- uInt level_flags = (s->level-1) >> 1;
-
- if (level_flags > 3) level_flags = 3;
- header |= (level_flags << 6);
- if (s->strstart != 0) header |= PRESET_DICT;
- header += 31 - (header % 31);
-
- s->status = BUSY_STATE;
- putShortMSB(s, header);
-
- /* Save the adler32 of the preset dictionary: */
- if (s->strstart != 0) {
- putShortMSB(s, (uInt)(strm->adler >> 16));
- putShortMSB(s, (uInt)(strm->adler & 0xffff));
- }
- strm->adler = 1L;
- }
-
- /* Flush as much pending output as possible */
- if (s->pending != 0) {
- flush_pending(strm);
- if (strm->avail_out == 0) {
- /* Since avail_out is 0, deflate will be called again with
- * more output space, but possibly with both pending and
- * avail_in equal to zero. There won't be anything to do,
- * but this is not an error situation so make sure we
- * return OK instead of BUF_ERROR at next call of deflate:
- */
- s->last_flush = -1;
- return Z_OK;
- }
-
- /* Make sure there is something to do and avoid duplicate consecutive
- * flushes. For repeated and useless calls with Z_FINISH, we keep
- * returning Z_STREAM_END instead of Z_BUFF_ERROR.
- */
- } else if (strm->avail_in == 0 && flush <= old_flush &&
- flush != Z_FINISH) {
- ERR_RETURN(strm, Z_BUF_ERROR);
- }
-
- /* User must not provide more input after the first FINISH: */
- if (s->status == FINISH_STATE && strm->avail_in != 0) {
- ERR_RETURN(strm, Z_BUF_ERROR);
- }
-
- /* Start a new block or continue the current one.
- */
- if (strm->avail_in != 0 || s->lookahead != 0 ||
- (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
- block_state bstate;
-
- bstate = (*(configuration_table[s->level].func))(s, flush);
-
- if (bstate == finish_started || bstate == finish_done) {
- s->status = FINISH_STATE;
- }
- if (bstate == need_more || bstate == finish_started) {
- if (strm->avail_out == 0) {
- s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
- }
- return Z_OK;
- /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
- * of deflate should use the same flush parameter to make sure
- * that the flush is complete. So we don't have to output an
- * empty block here, this will be done at next call. This also
- * ensures that for a very small output buffer, we emit at most
- * one empty block.
- */
- }
- if (bstate == block_done) {
- if (flush == Z_PARTIAL_FLUSH) {
- _tr_align(s);
- } else { /* FULL_FLUSH or SYNC_FLUSH */
- _tr_stored_block(s, (char*)0, 0L, 0);
- /* For a full flush, this empty block will be recognized
- * as a special marker by inflate_sync().
- */
- if (flush == Z_FULL_FLUSH) {
- CLEAR_HASH(s); /* forget history */
- }
- }
- flush_pending(strm);
- if (strm->avail_out == 0) {
- s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
- return Z_OK;
- }
- }
- }
- Assert(strm->avail_out > 0, "bug2");
-
- if (flush != Z_FINISH) return Z_OK;
- if (s->noheader) return Z_STREAM_END;
-
- /* Write the zlib trailer (adler32) */
- putShortMSB(s, (uInt)(strm->adler >> 16));
- putShortMSB(s, (uInt)(strm->adler & 0xffff));
- flush_pending(strm);
- /* If avail_out is zero, the application will call deflate again
- * to flush the rest.
- */
- s->noheader = -1; /* write the trailer only once! */
- return s->pending != 0 ? Z_OK : Z_STREAM_END;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateEnd (strm)
- z_streamp strm;
-{
- int status;
-
- if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-
- /* Deallocate in reverse order of allocations: */
- TRY_FREE(strm, strm->state->pending_buf);
- TRY_FREE(strm, strm->state->head);
- TRY_FREE(strm, strm->state->prev);
- TRY_FREE(strm, strm->state->window);
-
- status = strm->state->status;
- ZFREE(strm, strm->state);
- strm->state = Z_NULL;
-
- return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateCopy (dest, source)
- z_streamp dest;
- z_streamp source;
-{
- if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
- return Z_STREAM_ERROR;
- }
- *dest = *source;
- return Z_STREAM_ERROR; /* to be implemented */
-#if 0
- dest->state = (struct internal_state FAR *)
- (*dest->zalloc)(1, sizeof(deflate_state));
- if (dest->state == Z_NULL) return Z_MEM_ERROR;
-
- *(dest->state) = *(source->state);
- return Z_OK;
-#endif
-}
-
-/* ===========================================================================
- * Read a new buffer from the current input stream, update the adler32
- * and total number of bytes read. All deflate() input goes through
- * this function so some applications may wish to modify it to avoid
- * allocating a large strm->next_in buffer and copying from it.
- * (See also flush_pending()).
- */
-local int read_buf(strm, buf, size)
- z_streamp strm;
- charf *buf;
- unsigned size;
-{
- unsigned len = strm->avail_in;
-
- if (len > size) len = size;
- if (len == 0) return 0;
-
- strm->avail_in -= len;
-
- if (!strm->state->noheader) {
- strm->adler = adler32(strm->adler, strm->next_in, len);
- }
- zmemcpy(buf, strm->next_in, len);
- strm->next_in += len;
- strm->total_in += len;
-
- return (int)len;
-}
-
-/* ===========================================================================
- * Initialize the "longest match" routines for a new zlib stream
- */
-local void lm_init (s)
- deflate_state *s;
-{
- s->window_size = (ulg)2L*s->w_size;
-
- CLEAR_HASH(s);
-
- /* Set the default configuration parameters:
- */
- s->max_lazy_match = configuration_table[s->level].max_lazy;
- s->good_match = configuration_table[s->level].good_length;
- s->nice_match = configuration_table[s->level].nice_length;
- s->max_chain_length = configuration_table[s->level].max_chain;
-
- s->strstart = 0;
- s->block_start = 0L;
- s->lookahead = 0;
- s->match_length = s->prev_length = MIN_MATCH-1;
- s->match_available = 0;
- s->ins_h = 0;
-#ifdef ASMV
- match_init(); /* initialize the asm code */
-#endif
-}
-
-/* ===========================================================================
- * Set match_start to the longest match starting at the given string and
- * return its length. Matches shorter or equal to prev_length are discarded,
- * in which case the result is equal to prev_length and match_start is
- * garbage.
- * IN assertions: cur_match is the head of the hash chain for the current
- * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
- * OUT assertion: the match length is not greater than s->lookahead.
- */
-#ifndef ASMV
-/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
- * match.S. The code will be functionally equivalent.
- */
-local uInt longest_match(s, cur_match)
- deflate_state *s;
- IPos cur_match; /* current match */
-{
- unsigned chain_length = s->max_chain_length;/* max hash chain length */
- register Bytef *scan = s->window + s->strstart; /* current string */
- register Bytef *match; /* matched string */
- register int len; /* length of current match */
- int best_len = s->prev_length; /* best match length so far */
- int nice_match = s->nice_match; /* stop if match long enough */
- IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
- s->strstart - (IPos)MAX_DIST(s) : NIL;
- /* Stop when cur_match becomes <= limit. To simplify the code,
- * we prevent matches with the string of window index 0.
- */
- Posf *prev = s->prev;
- uInt wmask = s->w_mask;
-
-#ifdef UNALIGNED_OK
- /* Compare two bytes at a time. Note: this is not always beneficial.
- * Try with and without -DUNALIGNED_OK to check.
- */
- register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
- register ush scan_start = *(ushf*)scan;
- register ush scan_end = *(ushf*)(scan+best_len-1);
-#else
- register Bytef *strend = s->window + s->strstart + MAX_MATCH;
- register Byte scan_end1 = scan[best_len-1];
- register Byte scan_end = scan[best_len];
-#endif
-
- /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
- * It is easy to get rid of this optimization if necessary.
- */
- Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-
- /* Do not waste too much time if we already have a good match: */
- if (s->prev_length >= s->good_match) {
- chain_length >>= 2;
- }
- /* Do not look for matches beyond the end of the input. This is necessary
- * to make deflate deterministic.
- */
- if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
-
- Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-
- do {
- Assert(cur_match < s->strstart, "no future");
- match = s->window + cur_match;
-
- /* Skip to next match if the match length cannot increase
- * or if the match length is less than 2:
- */
-#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
- /* This code assumes sizeof(unsigned short) == 2. Do not use
- * UNALIGNED_OK if your compiler uses a different size.
- */
- if (*(ushf*)(match+best_len-1) != scan_end ||
- *(ushf*)match != scan_start) continue;
-
- /* It is not necessary to compare scan[2] and match[2] since they are
- * always equal when the other bytes match, given that the hash keys
- * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
- * strstart+3, +5, ... up to strstart+257. We check for insufficient
- * lookahead only every 4th comparison; the 128th check will be made
- * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
- * necessary to put more guard bytes at the end of the window, or
- * to check more often for insufficient lookahead.
- */
- Assert(scan[2] == match[2], "scan[2]?");
- scan++, match++;
- do {
- } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- scan < strend);
- /* The funny "do {}" generates better code on most compilers */
-
- /* Here, scan <= window+strstart+257 */
- Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
- if (*scan == *match) scan++;
-
- len = (MAX_MATCH - 1) - (int)(strend-scan);
- scan = strend - (MAX_MATCH-1);
-
-#else /* UNALIGNED_OK */
-
- if (match[best_len] != scan_end ||
- match[best_len-1] != scan_end1 ||
- *match != *scan ||
- *++match != scan[1]) continue;
-
- /* The check at best_len-1 can be removed because it will be made
- * again later. (This heuristic is not always a win.)
- * It is not necessary to compare scan[2] and match[2] since they
- * are always equal when the other bytes match, given that
- * the hash keys are equal and that HASH_BITS >= 8.
- */
- scan += 2, match++;
- Assert(*scan == *match, "match[2]?");
-
- /* We check for insufficient lookahead only every 8th comparison;
- * the 256th check will be made at strstart+258.
- */
- do {
- } while (*++scan == *++match && *++scan == *++match &&
- *++scan == *++match && *++scan == *++match &&
- *++scan == *++match && *++scan == *++match &&
- *++scan == *++match && *++scan == *++match &&
- scan < strend);
-
- Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-
- len = MAX_MATCH - (int)(strend - scan);
- scan = strend - MAX_MATCH;
-
-#endif /* UNALIGNED_OK */
-
- if (len > best_len) {
- s->match_start = cur_match;
- best_len = len;
- if (len >= nice_match) break;
-#ifdef UNALIGNED_OK
- scan_end = *(ushf*)(scan+best_len-1);
-#else
- scan_end1 = scan[best_len-1];
- scan_end = scan[best_len];
-#endif
- }
- } while ((cur_match = prev[cur_match & wmask]) > limit
- && --chain_length != 0);
-
- if ((uInt)best_len <= s->lookahead) return best_len;
- return s->lookahead;
-}
-#endif /* ASMV */
-
-#ifdef DEBUG_NEVER
-/* ===========================================================================
- * Check that the match at match_start is indeed a match.
- */
-local void check_match(s, start, match, length)
- deflate_state *s;
- IPos start, match;
- int length;
-{
- /* check that the match is indeed a match */
- if (zmemcmp((charf *)s->window + match,
- (charf *)s->window + start, length) != EQUAL) {
-#if 0
- fprintf(stderr, " start %u, match %u, length %d\n",
- start, match, length);
-#endif
- do {
- fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
- } while (--length != 0);
- z_error("invalid match");
- }
- if (verbose > 1) {
- fprintf(stderr,"\\[%d,%d]", start-match, length);
- do { putc(s->window[start++], stderr); } while (--length != 0);
- }
-}
-#else
-# define check_match(s, start, match, length)
-#endif
-
-/* ===========================================================================
- * Fill the window when the lookahead becomes insufficient.
- * Updates strstart and lookahead.
- *
- * IN assertion: lookahead < MIN_LOOKAHEAD
- * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
- * At least one byte has been read, or avail_in == 0; reads are
- * performed for at least two bytes (required for the zip translate_eol
- * option -- not supported here).
- */
-local void fill_window(s)
- deflate_state *s;
-{
- register unsigned n, m;
- register Posf *p;
- unsigned more; /* Amount of free space at the end of the window. */
- uInt wsize = s->w_size;
-
- do {
- more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
-
- /* Deal with !@#$% 64K limit: */
- if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
- more = wsize;
-
- } else if (more == (unsigned)(-1)) {
- /* Very unlikely, but possible on 16 bit machine if strstart == 0
- * and lookahead == 1 (input done one byte at time)
- */
- more--;
-
- /* If the window is almost full and there is insufficient lookahead,
- * move the upper half to the lower one to make room in the upper half.
- */
- } else if (s->strstart >= wsize+MAX_DIST(s)) {
-
- zmemcpy((charf *)s->window, (charf *)s->window+wsize,
- (unsigned)wsize);
- s->match_start -= wsize;
- s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
-
- s->block_start -= (long) wsize;
-
- /* Slide the hash table (could be avoided with 32 bit values
- at the expense of memory usage):
- */
- n = s->hash_size;
- p = &s->head[n];
- do {
- m = *--p;
- *p = (Pos)(m >= wsize ? m-wsize : NIL);
- } while (--n);
-
- n = wsize;
- p = &s->prev[n];
- do {
- m = *--p;
- *p = (Pos)(m >= wsize ? m-wsize : NIL);
- /* If n is not on any hash chain, prev[n] is garbage but
- * its value will never be used.
- */
- } while (--n);
-
- more += wsize;
- }
- if (s->strm->avail_in == 0) return;
-
- /* If there was no sliding:
- * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
- * more == window_size - lookahead - strstart
- * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
- * => more >= window_size - 2*WSIZE + 2
- * In the BIG_MEM or MMAP case (not yet supported),
- * window_size == input_size + MIN_LOOKAHEAD &&
- * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
- * Otherwise, window_size == 2*WSIZE so more >= 2.
- * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
- */
- Assert(more >= 2, "more < 2");
-
- n = read_buf(s->strm, (charf *)s->window + s->strstart + s->lookahead,
- more);
- s->lookahead += n;
-
- /* Initialize the hash value now that we have some input: */
- if (s->lookahead >= MIN_MATCH) {
- s->ins_h = s->window[s->strstart];
- UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-#if MIN_MATCH != 3
- Call UPDATE_HASH() MIN_MATCH-3 more times
-#endif
- }
- /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
- * but this is not important since only literal bytes will be emitted.
- */
-
- } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
-}
-
-/* ===========================================================================
- * Flush the current block, with given end-of-file flag.
- * IN assertion: strstart is set to the end of the current match.
- */
-#define FLUSH_BLOCK_ONLY(s, eof) { \
- _tr_flush_block(s, (s->block_start >= 0L ? \
- (charf *)&s->window[(unsigned)s->block_start] : \
- (charf *)Z_NULL), \
- (ulg)((long)s->strstart - s->block_start), \
- (eof)); \
- s->block_start = s->strstart; \
- flush_pending(s->strm); \
- Tracev((stderr,"[FLUSH]")); \
-}
-
-/* Same but force premature exit if necessary. */
-#define FLUSH_BLOCK(s, eof) { \
- FLUSH_BLOCK_ONLY(s, eof); \
- if (s->strm->avail_out == 0) return (eof) ? finish_started : need_more; \
-}
-
-/* ===========================================================================
- * Copy without compression as much as possible from the input stream, return
- * the current block state.
- * This function does not insert new strings in the dictionary since
- * uncompressible data is probably not useful. This function is used
- * only for the level=0 compression option.
- * NOTE: this function should be optimized to avoid extra copying.
- */
-local block_state deflate_stored(s, flush)
- deflate_state *s;
- int flush;
-{
- for (;;) {
- /* Fill the window as much as possible: */
- if (s->lookahead <= 1) {
-
- Assert(s->strstart < s->w_size+MAX_DIST(s) ||
- s->block_start >= (long)s->w_size, "slide too late");
-
- fill_window(s);
- if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
-
- if (s->lookahead == 0) break; /* flush the current block */
- }
- Assert(s->block_start >= 0L, "block gone");
-
- s->strstart += s->lookahead;
- s->lookahead = 0;
-
- /* Stored blocks are limited to 0xffff bytes: */
- if (s->strstart == 0 || s->strstart > 0xfffe) {
- /* strstart == 0 is possible when wraparound on 16-bit machine */
- s->lookahead = s->strstart - 0xffff;
- s->strstart = 0xffff;
- }
-
- /* Emit a stored block if it is large enough: */
- if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
- FLUSH_BLOCK(s, 0);
- }
- }
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
-}
-
-/* ===========================================================================
- * Compress as much as possible from the input stream, return the current
- * block state.
- * This function does not perform lazy evaluation of matches and inserts
- * new strings in the dictionary only for unmatched strings or for short
- * matches. It is used only for the fast compression options.
- */
-local block_state deflate_fast(s, flush)
- deflate_state *s;
- int flush;
-{
- IPos hash_head = NIL; /* head of the hash chain */
- int bflush; /* set if current block must be flushed */
-
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the next match, plus MIN_MATCH bytes to insert the
- * string following the next match.
- */
- if (s->lookahead < MIN_LOOKAHEAD) {
- fill_window(s);
- if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
- return need_more;
- }
- if (s->lookahead == 0) break; /* flush the current block */
- }
-
- /* Insert the string window[strstart .. strstart+2] in the
- * dictionary, and set hash_head to the head of the hash chain:
- */
- if (s->lookahead >= MIN_MATCH) {
- INSERT_STRING(s, s->strstart, hash_head);
- }
-
- /* Find the longest match, discarding those <= prev_length.
- * At this point we have always match_length < MIN_MATCH
- */
- if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
- /* To simplify the code, we prevent matches with the string
- * of window index 0 (in particular we have to avoid a match
- * of the string with itself at the start of the input file).
- */
- if (s->strategy != Z_HUFFMAN_ONLY) {
- s->match_length = longest_match (s, hash_head);
- }
- /* longest_match() sets match_start */
- }
- if (s->match_length >= MIN_MATCH) {
- check_match(s, s->strstart, s->match_start, s->match_length);
-
- bflush = _tr_tally(s, s->strstart - s->match_start,
- s->match_length - MIN_MATCH);
-
- s->lookahead -= s->match_length;
-
- /* Insert new strings in the hash table only if the match length
- * is not too large. This saves time but degrades compression.
- */
- if (s->match_length <= s->max_insert_length &&
- s->lookahead >= MIN_MATCH) {
- s->match_length--; /* string at strstart already in hash table */
- do {
- s->strstart++;
- INSERT_STRING(s, s->strstart, hash_head);
- /* strstart never exceeds WSIZE-MAX_MATCH, so there are
- * always MIN_MATCH bytes ahead.
- */
- } while (--s->match_length != 0);
- s->strstart++;
- } else {
- s->strstart += s->match_length;
- s->match_length = 0;
- s->ins_h = s->window[s->strstart];
- UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-#if MIN_MATCH != 3
- Call UPDATE_HASH() MIN_MATCH-3 more times
-#endif
- /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
- * matter since it will be recomputed at next deflate call.
- */
- }
- } else {
- /* No match, output a literal byte */
- Tracevv((stderr,"%c", s->window[s->strstart]));
- bflush = _tr_tally (s, 0, s->window[s->strstart]);
- s->lookahead--;
- s->strstart++;
- }
- if (bflush) FLUSH_BLOCK(s, 0);
- }
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
-}
-
-/* ===========================================================================
- * Same as above, but achieves better compression. We use a lazy
- * evaluation for matches: a match is finally adopted only if there is
- * no better match at the next window position.
- */
-local block_state deflate_slow(s, flush)
- deflate_state *s;
- int flush;
-{
- IPos hash_head = NIL; /* head of hash chain */
- int bflush; /* set if current block must be flushed */
-
- /* Process the input block. */
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the next match, plus MIN_MATCH bytes to insert the
- * string following the next match.
- */
- if (s->lookahead < MIN_LOOKAHEAD) {
- fill_window(s);
- if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
- return need_more;
- }
- if (s->lookahead == 0) break; /* flush the current block */
- }
-
- /* Insert the string window[strstart .. strstart+2] in the
- * dictionary, and set hash_head to the head of the hash chain:
- */
- if (s->lookahead >= MIN_MATCH) {
- INSERT_STRING(s, s->strstart, hash_head);
- }
-
- /* Find the longest match, discarding those <= prev_length.
- */
- s->prev_length = s->match_length, s->prev_match = s->match_start;
- s->match_length = MIN_MATCH-1;
-
- if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
- s->strstart - hash_head <= MAX_DIST(s)) {
- /* To simplify the code, we prevent matches with the string
- * of window index 0 (in particular we have to avoid a match
- * of the string with itself at the start of the input file).
- */
- if (s->strategy != Z_HUFFMAN_ONLY) {
- s->match_length = longest_match (s, hash_head);
- }
- /* longest_match() sets match_start */
-
- if (s->match_length <= 5 && (s->strategy == Z_FILTERED ||
- (s->match_length == MIN_MATCH &&
- s->strstart - s->match_start > TOO_FAR))) {
-
- /* If prev_match is also MIN_MATCH, match_start is garbage
- * but we will ignore the current match anyway.
- */
- s->match_length = MIN_MATCH-1;
- }
- }
- /* If there was a match at the previous step and the current
- * match is not better, output the previous match:
- */
- if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
- uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
- /* Do not insert strings in hash table beyond this. */
-
- check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-
- bflush = _tr_tally(s, s->strstart -1 - s->prev_match,
- s->prev_length - MIN_MATCH);
-
- /* Insert in hash table all strings up to the end of the match.
- * strstart-1 and strstart are already inserted. If there is not
- * enough lookahead, the last two strings are not inserted in
- * the hash table.
- */
- s->lookahead -= s->prev_length-1;
- s->prev_length -= 2;
- do {
- if (++s->strstart <= max_insert) {
- INSERT_STRING(s, s->strstart, hash_head);
- }
- } while (--s->prev_length != 0);
- s->match_available = 0;
- s->match_length = MIN_MATCH-1;
- s->strstart++;
-
- if (bflush) FLUSH_BLOCK(s, 0);
-
- } else if (s->match_available) {
- /* If there was no match at the previous position, output a
- * single literal. If there was a match but the current match
- * is longer, truncate the previous match to a single literal.
- */
- Tracevv((stderr,"%c", s->window[s->strstart-1]));
- if (_tr_tally (s, 0, s->window[s->strstart-1])) {
- FLUSH_BLOCK_ONLY(s, 0);
- }
- s->strstart++;
- s->lookahead--;
- if (s->strm->avail_out == 0) return need_more;
- } else {
- /* There is no previous match to compare with, wait for
- * the next step to decide.
- */
- s->match_available = 1;
- s->strstart++;
- s->lookahead--;
- }
- }
- Assert (flush != Z_NO_FLUSH, "no flush?");
- if (s->match_available) {
- Tracevv((stderr,"%c", s->window[s->strstart-1]));
- _tr_tally (s, 0, s->window[s->strstart-1]);
- s->match_available = 0;
- }
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
-}
diff --git a/security/nss/cmd/zlib/deflate.h b/security/nss/cmd/zlib/deflate.h
deleted file mode 100644
index 410b21984..000000000
--- a/security/nss/cmd/zlib/deflate.h
+++ /dev/null
@@ -1,275 +0,0 @@
-/* deflate.h -- internal compression state
- * Copyright (C) 1995-1996 Jean-loup Gailly
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* $Id$ */
-
-#ifndef _DEFLATE_H
-#define _DEFLATE_H
-
-#include "zutil.h"
-
-/* ===========================================================================
- * Internal compression state.
- */
-
-#define LENGTH_CODES 29
-/* number of length codes, not counting the special END_BLOCK code */
-
-#define LITERALS 256
-/* number of literal bytes 0..255 */
-
-#define L_CODES (LITERALS+1+LENGTH_CODES)
-/* number of Literal or Length codes, including the END_BLOCK code */
-
-#define D_CODES 30
-/* number of distance codes */
-
-#define BL_CODES 19
-/* number of codes used to transfer the bit lengths */
-
-#define HEAP_SIZE (2*L_CODES+1)
-/* maximum heap size */
-
-#define MAX_BITS 15
-/* All codes must not exceed MAX_BITS bits */
-
-#define INIT_STATE 42
-#define BUSY_STATE 113
-#define FINISH_STATE 666
-/* Stream status */
-
-
-/* Data structure describing a single value and its code string. */
-typedef struct ct_data_s {
- union {
- ush freq; /* frequency count */
- ush code; /* bit string */
- } fc;
- union {
- ush dad; /* father node in Huffman tree */
- ush len; /* length of bit string */
- } dl;
-} FAR ct_data;
-
-#define Freq fc.freq
-#define Code fc.code
-#define Dad dl.dad
-#define Len dl.len
-
-typedef struct static_tree_desc_s static_tree_desc;
-
-typedef struct tree_desc_s {
- ct_data *dyn_tree; /* the dynamic tree */
- int max_code; /* largest code with non zero frequency */
- static_tree_desc *stat_desc; /* the corresponding static tree */
-} FAR tree_desc;
-
-typedef ush Pos;
-typedef Pos FAR Posf;
-typedef unsigned IPos;
-
-/* A Pos is an index in the character window. We use short instead of int to
- * save space in the various tables. IPos is used only for parameter passing.
- */
-
-typedef struct internal_state {
- z_streamp strm; /* pointer back to this zlib stream */
- int status; /* as the name implies */
- Bytef *pending_buf; /* output still pending */
- Bytef *pending_out; /* next pending byte to output to the stream */
- int pending; /* nb of bytes in the pending buffer */
- int noheader; /* suppress zlib header and adler32 */
- Byte data_type; /* UNKNOWN, BINARY or ASCII */
- Byte method; /* STORED (for zip only) or DEFLATED */
- int last_flush; /* value of flush param for previous deflate call */
-
- /* used by deflate.c: */
-
- uInt w_size; /* LZ77 window size (32K by default) */
- uInt w_bits; /* log2(w_size) (8..16) */
- uInt w_mask; /* w_size - 1 */
-
- Bytef *window;
- /* Sliding window. Input bytes are read into the second half of the window,
- * and move to the first half later to keep a dictionary of at least wSize
- * bytes. With this organization, matches are limited to a distance of
- * wSize-MAX_MATCH bytes, but this ensures that IO is always
- * performed with a length multiple of the block size. Also, it limits
- * the window size to 64K, which is quite useful on MSDOS.
- * To do: use the user input buffer as sliding window.
- */
-
- ulg window_size;
- /* Actual size of window: 2*wSize, except when the user input buffer
- * is directly used as sliding window.
- */
-
- Posf *prev;
- /* Link to older string with same hash index. To limit the size of this
- * array to 64K, this link is maintained only for the last 32K strings.
- * An index in this array is thus a window index modulo 32K.
- */
-
- Posf *head; /* Heads of the hash chains or NIL. */
-
- uInt ins_h; /* hash index of string to be inserted */
- uInt hash_size; /* number of elements in hash table */
- uInt hash_bits; /* log2(hash_size) */
- uInt hash_mask; /* hash_size-1 */
-
- uInt hash_shift;
- /* Number of bits by which ins_h must be shifted at each input
- * step. It must be such that after MIN_MATCH steps, the oldest
- * byte no longer takes part in the hash key, that is:
- * hash_shift * MIN_MATCH >= hash_bits
- */
-
- long block_start;
- /* Window position at the beginning of the current output block. Gets
- * negative when the window is moved backwards.
- */
-
- uInt match_length; /* length of best match */
- IPos prev_match; /* previous match */
- int match_available; /* set if previous match exists */
- uInt strstart; /* start of string to insert */
- uInt match_start; /* start of matching string */
- uInt lookahead; /* number of valid bytes ahead in window */
-
- uInt prev_length;
- /* Length of the best match at previous step. Matches not greater than this
- * are discarded. This is used in the lazy match evaluation.
- */
-
- uInt max_chain_length;
- /* To speed up deflation, hash chains are never searched beyond this
- * length. A higher limit improves compression ratio but degrades the
- * speed.
- */
-
- uInt max_lazy_match;
- /* Attempt to find a better match only when the current match is strictly
- * smaller than this value. This mechanism is used only for compression
- * levels >= 4.
- */
-# define max_insert_length max_lazy_match
- /* Insert new strings in the hash table only if the match length is not
- * greater than this length. This saves time but degrades compression.
- * max_insert_length is used only for compression levels <= 3.
- */
-
- int level; /* compression level (1..9) */
- int strategy; /* favor or force Huffman coding*/
-
- uInt good_match;
- /* Use a faster search when the previous match is longer than this */
-
- int nice_match; /* Stop searching when current match exceeds this */
-
- /* used by trees.c: */
- /* Didn't use ct_data typedef below to supress compiler warning */
- struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
- struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
- struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
-
- struct tree_desc_s l_desc; /* desc. for literal tree */
- struct tree_desc_s d_desc; /* desc. for distance tree */
- struct tree_desc_s bl_desc; /* desc. for bit length tree */
-
- ush bl_count[MAX_BITS+1];
- /* number of codes at each bit length for an optimal tree */
-
- int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
- int heap_len; /* number of elements in the heap */
- int heap_max; /* element of largest frequency */
- /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
- * The same heap array is used to build all trees.
- */
-
- uch depth[2*L_CODES+1];
- /* Depth of each subtree used as tie breaker for trees of equal frequency
- */
-
- uchf *l_buf; /* buffer for literals or lengths */
-
- uInt lit_bufsize;
- /* Size of match buffer for literals/lengths. There are 4 reasons for
- * limiting lit_bufsize to 64K:
- * - frequencies can be kept in 16 bit counters
- * - if compression is not successful for the first block, all input
- * data is still in the window so we can still emit a stored block even
- * when input comes from standard input. (This can also be done for
- * all blocks if lit_bufsize is not greater than 32K.)
- * - if compression is not successful for a file smaller than 64K, we can
- * even emit a stored file instead of a stored block (saving 5 bytes).
- * This is applicable only for zip (not gzip or zlib).
- * - creating new Huffman trees less frequently may not provide fast
- * adaptation to changes in the input data statistics. (Take for
- * example a binary file with poorly compressible code followed by
- * a highly compressible string table.) Smaller buffer sizes give
- * fast adaptation but have of course the overhead of transmitting
- * trees more frequently.
- * - I can't count above 4
- */
-
- uInt last_lit; /* running index in l_buf */
-
- ushf *d_buf;
- /* Buffer for distances. To simplify the code, d_buf and l_buf have
- * the same number of elements. To use different lengths, an extra flag
- * array would be necessary.
- */
-
- ulg opt_len; /* bit length of current block with optimal trees */
- ulg static_len; /* bit length of current block with static trees */
- ulg compressed_len; /* total bit length of compressed file */
- uInt matches; /* number of string matches in current block */
- int last_eob_len; /* bit length of EOB code for last block */
-
-#ifdef DEBUG
- ulg bits_sent; /* bit length of the compressed data */
-#endif
-
- ush bi_buf;
- /* Output buffer. bits are inserted starting at the bottom (least
- * significant bits).
- */
- int bi_valid;
- /* Number of valid bits in bi_buf. All bits above the last valid bit
- * are always zero.
- */
-
-} FAR deflate_state;
-
-/* Output a byte on the stream.
- * IN assertion: there is enough room in pending_buf.
- */
-#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
-
-
-#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-/* Minimum amount of lookahead, except at the end of the input file.
- * See deflate.c for comments about the MIN_MATCH+1.
- */
-
-#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
-/* In order to simplify the code, particularly on 16 bit machines, match
- * distances are limited to MAX_DIST instead of WSIZE.
- */
-
- /* in trees.c */
-void _tr_init OF((deflate_state *s));
-int _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
-ulg _tr_flush_block OF((deflate_state *s, charf *buf, ulg stored_len,
- int eof));
-void _tr_align OF((deflate_state *s));
-void _tr_stored_block OF((deflate_state *s, charf *buf, ulg stored_len,
- int eof));
-#endif
diff --git a/security/nss/cmd/zlib/example.c b/security/nss/cmd/zlib/example.c
deleted file mode 100644
index 7c9176094..000000000
--- a/security/nss/cmd/zlib/example.c
+++ /dev/null
@@ -1,503 +0,0 @@
-/* example.c -- usage example of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* $Id$ */
-
-#include <stdio.h>
-#include "zlib.h"
-
-#ifdef STDC
-# include <string.h>
-# include <stdlib.h>
-#else
- extern void exit OF((int));
-#endif
-
-#define CHECK_ERR(err, msg) { \
- if (err != Z_OK) { \
- fprintf(stderr, "%s error: %d\n", msg, err); \
- exit(1); \
- } \
-}
-
-const char hello[] = "hello, hello!";
-/* "hello world" would be more standard, but the repeated "hello"
- * stresses the compression code better, sorry...
- */
-
-const char dictionary[] = "hello";
-uLong dictId; /* Adler32 value of the dictionary */
-
-void test_compress OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_gzio OF((const char *out, const char *in,
- Byte *uncompr, int uncomprLen));
-void test_deflate OF((Byte *compr, uLong comprLen));
-void test_inflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_large_deflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_large_inflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_flush OF((Byte *compr, uLong comprLen));
-void test_sync OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_dict_deflate OF((Byte *compr, uLong comprLen));
-void test_dict_inflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-int main OF((int argc, char *argv[]));
-
-/* ===========================================================================
- * Test compress() and uncompress()
- */
-void test_compress(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- uLong len = strlen(hello)+1;
-
- err = compress(compr, &comprLen, (const Bytef*)hello, len);
- CHECK_ERR(err, "compress");
-
- strcpy((char*)uncompr, "garbage");
-
- err = uncompress(uncompr, &uncomprLen, compr, comprLen);
- CHECK_ERR(err, "uncompress");
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad uncompress\n");
- } else {
- printf("uncompress(): %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Test read/write of .gz files
- */
-void test_gzio(out, in, uncompr, uncomprLen)
- const char *out; /* output file */
- const char *in; /* input file */
- Byte *uncompr;
- int uncomprLen;
-{
- int err;
- int len = strlen(hello)+1;
- gzFile file;
-
- file = gzopen(out, "wb");
- if (file == NULL) {
- fprintf(stderr, "gzopen error\n");
- exit(1);
- }
-
- if (gzwrite(file, (const voidp)hello, (unsigned)len) != len) {
- fprintf(stderr, "gzwrite err: %s\n", gzerror(file, &err));
- }
- gzclose(file);
-
- file = gzopen(in, "rb");
- if (file == NULL) {
- fprintf(stderr, "gzopen error\n");
- }
- strcpy((char*)uncompr, "garbage");
-
- uncomprLen = gzread(file, uncompr, (unsigned)uncomprLen);
- if (uncomprLen != len) {
- fprintf(stderr, "gzread err: %s\n", gzerror(file, &err));
- }
- gzclose(file);
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad gzread\n");
- } else {
- printf("gzread(): %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Test deflate() with small buffers
- */
-void test_deflate(compr, comprLen)
- Byte *compr;
- uLong comprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
- int len = strlen(hello)+1;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
- CHECK_ERR(err, "deflateInit");
-
- c_stream.next_in = (Bytef*)hello;
- c_stream.next_out = compr;
-
- while (c_stream.total_in != (uLong)len && c_stream.total_out < comprLen) {
- c_stream.avail_in = c_stream.avail_out = 1; /* force small buffers */
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
- }
- /* Finish the stream, still forcing small buffers: */
- for (;;) {
- c_stream.avail_out = 1;
- err = deflate(&c_stream, Z_FINISH);
- if (err == Z_STREAM_END) break;
- CHECK_ERR(err, "deflate");
- }
-
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with small buffers
- */
-void test_inflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.next_out = uncompr;
-
- while (d_stream.total_out < uncomprLen && d_stream.total_in < comprLen) {
- d_stream.avail_in = d_stream.avail_out = 1; /* force small buffers */
- err = inflate(&d_stream, Z_NO_FLUSH);
- if (err == Z_STREAM_END) break;
- CHECK_ERR(err, "inflate");
- }
-
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad inflate\n");
- } else {
- printf("inflate(): %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Test deflate() with large buffers and dynamic change of compression level
- */
-void test_large_deflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_BEST_SPEED);
- CHECK_ERR(err, "deflateInit");
-
- c_stream.next_out = compr;
- c_stream.avail_out = (uInt)comprLen;
-
- /* At this point, uncompr is still mostly zeroes, so it should compress
- * very well:
- */
- c_stream.next_in = uncompr;
- c_stream.avail_in = (uInt)uncomprLen;
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
- if (c_stream.avail_in != 0) {
- fprintf(stderr, "deflate not greedy\n");
- }
-
- /* Feed in already compressed data and switch to no compression: */
- deflateParams(&c_stream, Z_NO_COMPRESSION, Z_DEFAULT_STRATEGY);
- c_stream.next_in = compr;
- c_stream.avail_in = (uInt)comprLen/2;
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
-
- /* Switch back to compressing mode: */
- deflateParams(&c_stream, Z_BEST_COMPRESSION, Z_FILTERED);
- c_stream.next_in = uncompr;
- c_stream.avail_in = (uInt)uncomprLen;
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
-
- err = deflate(&c_stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- fprintf(stderr, "deflate should report Z_STREAM_END\n");
- }
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with large buffers
- */
-void test_large_inflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.avail_in = (uInt)comprLen;
-
- for (;;) {
- d_stream.next_out = uncompr; /* discard the output */
- d_stream.avail_out = (uInt)uncomprLen;
- err = inflate(&d_stream, Z_NO_FLUSH);
- if (err == Z_STREAM_END) break;
- CHECK_ERR(err, "large inflate");
- }
-
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- if (d_stream.total_out != 2*uncomprLen + comprLen/2) {
- fprintf(stderr, "bad large inflate: %ld\n", d_stream.total_out);
- } else {
- printf("large_inflate(): OK\n");
- }
-}
-
-/* ===========================================================================
- * Test deflate() with full flush
- */
-void test_flush(compr, comprLen)
- Byte *compr;
- uLong comprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
- int len = strlen(hello)+1;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
- CHECK_ERR(err, "deflateInit");
-
- c_stream.next_in = (Bytef*)hello;
- c_stream.next_out = compr;
- c_stream.avail_in = 3;
- c_stream.avail_out = (uInt)comprLen;
- err = deflate(&c_stream, Z_FULL_FLUSH);
- CHECK_ERR(err, "deflate");
-
- compr[3]++; /* force an error in first compressed block */
- c_stream.avail_in = len - 3;
-
- err = deflate(&c_stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- CHECK_ERR(err, "deflate");
- }
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflateSync()
- */
-void test_sync(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.next_out = uncompr;
- d_stream.avail_in = 2; /* just read the zlib header */
- d_stream.avail_out = (uInt)uncomprLen;
-
- inflate(&d_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "inflate");
-
- d_stream.avail_in = (uInt)comprLen-2; /* read all compressed data */
- err = inflateSync(&d_stream); /* but skip the damaged part */
- CHECK_ERR(err, "inflateSync");
-
- err = inflate(&d_stream, Z_FINISH);
- if (err != Z_DATA_ERROR) {
- fprintf(stderr, "inflate should report DATA_ERROR\n");
- /* Because of incorrect adler32 */
- }
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- printf("after inflateSync(): hel%s\n", uncompr);
-}
-
-/* ===========================================================================
- * Test deflate() with preset dictionary
- */
-void test_dict_deflate(compr, comprLen)
- Byte *compr;
- uLong comprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_BEST_COMPRESSION);
- CHECK_ERR(err, "deflateInit");
-
- err = deflateSetDictionary(&c_stream,
- (const Bytef*)dictionary, sizeof(dictionary));
- CHECK_ERR(err, "deflateSetDictionary");
-
- dictId = c_stream.adler;
- c_stream.next_out = compr;
- c_stream.avail_out = (uInt)comprLen;
-
- c_stream.next_in = (Bytef*)hello;
- c_stream.avail_in = (uInt)strlen(hello)+1;
-
- err = deflate(&c_stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- fprintf(stderr, "deflate should report Z_STREAM_END\n");
- }
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with a preset dictionary
- */
-void test_dict_inflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.avail_in = (uInt)comprLen;
-
- d_stream.next_out = uncompr;
- d_stream.avail_out = (uInt)uncomprLen;
-
- for (;;) {
- err = inflate(&d_stream, Z_NO_FLUSH);
- if (err == Z_STREAM_END) break;
- if (err == Z_NEED_DICT) {
- if (d_stream.adler != dictId) {
- fprintf(stderr, "unexpected dictionary");
- exit(1);
- }
- err = inflateSetDictionary(&d_stream, (const Bytef*)dictionary,
- sizeof(dictionary));
- }
- CHECK_ERR(err, "inflate with dict");
- }
-
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad inflate with dict\n");
- } else {
- printf("inflate with dictionary: %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Usage: example [output.gz [input.gz]]
- */
-
-int main(argc, argv)
- int argc;
- char *argv[];
-{
- Byte *compr, *uncompr;
- uLong comprLen = 10000*sizeof(int); /* don't overflow on MSDOS */
- uLong uncomprLen = comprLen;
-
- if (zlibVersion()[0] != ZLIB_VERSION[0]) {
- fprintf(stderr, "incompatible zlib version\n");
- exit(1);
-
- } else if (strcmp(zlibVersion(), ZLIB_VERSION) != 0) {
- fprintf(stderr, "warning: different zlib version\n");
- }
-
- compr = (Byte*)calloc((uInt)comprLen, 1);
- uncompr = (Byte*)calloc((uInt)uncomprLen, 1);
- /* compr and uncompr are cleared to avoid reading uninitialized
- * data and to ensure that uncompr compresses well.
- */
- if (compr == Z_NULL || uncompr == Z_NULL) {
- printf("out of memory\n");
- exit(1);
- }
-
- test_compress(compr, comprLen, uncompr, uncomprLen);
-
- test_gzio((argc > 1 ? argv[1] : "foo.gz"),
- (argc > 2 ? argv[2] : "foo.gz"),
- uncompr, (int)uncomprLen);
-
- test_deflate(compr, comprLen);
- test_inflate(compr, comprLen, uncompr, uncomprLen);
-
- test_large_deflate(compr, comprLen, uncompr, uncomprLen);
- test_large_inflate(compr, comprLen, uncompr, uncomprLen);
-
- test_flush(compr, comprLen);
- test_sync(compr, comprLen, uncompr, uncomprLen);
-
- test_dict_deflate(compr, comprLen);
- test_dict_inflate(compr, comprLen, uncompr, uncomprLen);
-
- exit(0);
- return 0; /* to avoid warning */
-}
diff --git a/security/nss/cmd/zlib/gzio.c b/security/nss/cmd/zlib/gzio.c
deleted file mode 100644
index c52d30d30..000000000
--- a/security/nss/cmd/zlib/gzio.c
+++ /dev/null
@@ -1,537 +0,0 @@
-/* gzio.c -- IO on .gz files
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-/* $Id$ */
-
-#include <stdio.h>
-
-#include "zutil.h"
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#define Z_BUFSIZE 4096
-
-#define ALLOC(size) malloc(size)
-#define TRYFREE(p) {if (p) free(p);}
-
-static int gz_magic[2] = {0x1f, 0x8b}; /* gzip magic header */
-
-/* gzip flag byte */
-#define ASCII_FLAG 0x01 /* bit 0 set: file probably ascii text */
-#define HEAD_CRC 0x02 /* bit 1 set: header CRC present */
-#define EXTRA_FIELD 0x04 /* bit 2 set: extra field present */
-#define ORIG_NAME 0x08 /* bit 3 set: original file name present */
-#define COMMENT 0x10 /* bit 4 set: file comment present */
-#define RESERVED 0xE0 /* bits 5..7: reserved */
-
-typedef struct gz_stream {
- z_stream stream;
- int z_err; /* error code for last stream operation */
- int z_eof; /* set if end of input file */
- FILE *file; /* .gz file */
- Byte *inbuf; /* input buffer */
- Byte *outbuf; /* output buffer */
- uLong crc; /* crc32 of uncompressed data */
- char *msg; /* error message */
- char *path; /* path name for debugging only */
- int transparent; /* 1 if input file is not a .gz file */
- char mode; /* 'w' or 'r' */
-} gz_stream;
-
-
-local gzFile gz_open OF((const char *path, const char *mode, int fd));
-local int get_byte OF((gz_stream *s));
-local void check_header OF((gz_stream *s));
-local int destroy OF((gz_stream *s));
-local void putLong OF((FILE *file, uLong x));
-local uLong getLong OF((gz_stream *s));
-
-/* ===========================================================================
- Opens a gzip (.gz) file for reading or writing. The mode parameter
- is as in fopen ("rb" or "wb"). The file is given either by file descriptor
- or path name (if fd == -1).
- gz_open return NULL if the file could not be opened or if there was
- insufficient memory to allocate the (de)compression state; errno
- can be checked to distinguish the two cases (if errno is zero, the
- zlib error is Z_MEM_ERROR).
-*/
-local gzFile gz_open (path, mode, fd)
- const char *path;
- const char *mode;
- int fd;
-{
- int err;
- int level = Z_DEFAULT_COMPRESSION; /* compression level */
- char *p = (char*)mode;
- gz_stream *s;
- char fmode[80]; /* copy of mode, without the compression level */
- char *m = fmode;
-
- if (!path || !mode) return Z_NULL;
-
- s = (gz_stream *)ALLOC(sizeof(gz_stream));
- if (!s) return Z_NULL;
-
- s->stream.zalloc = (alloc_func)0;
- s->stream.zfree = (free_func)0;
- s->stream.opaque = (voidpf)0;
- s->stream.next_in = s->inbuf = Z_NULL;
- s->stream.next_out = s->outbuf = Z_NULL;
- s->stream.avail_in = s->stream.avail_out = 0;
- s->file = NULL;
- s->z_err = Z_OK;
- s->z_eof = 0;
- s->crc = crc32(0L, Z_NULL, 0);
- s->msg = NULL;
- s->transparent = 0;
-
- s->path = (char*)ALLOC(strlen(path)+1);
- if (s->path == NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- strcpy(s->path, path); /* do this early for debugging */
-
- s->mode = '\0';
- do {
- if (*p == 'r') s->mode = 'r';
- if (*p == 'w' || *p == 'a') s->mode = 'w';
- if (*p >= '0' && *p <= '9') {
- level = *p - '0';
- } else {
- *m++ = *p; /* copy the mode */
- }
- } while (*p++ && m != fmode + sizeof(fmode));
- if (s->mode == '\0') return destroy(s), (gzFile)Z_NULL;
-
- if (s->mode == 'w') {
- err = deflateInit2(&(s->stream), level,
- Z_DEFLATED, -MAX_WBITS, DEF_MEM_LEVEL, 0);
- /* windowBits is passed < 0 to suppress zlib header */
-
- s->stream.next_out = s->outbuf = (Byte*)ALLOC(Z_BUFSIZE);
-
- if (err != Z_OK || s->outbuf == Z_NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- } else {
- err = inflateInit2(&(s->stream), -MAX_WBITS);
- s->stream.next_in = s->inbuf = (Byte*)ALLOC(Z_BUFSIZE);
-
- if (err != Z_OK || s->inbuf == Z_NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- }
- s->stream.avail_out = Z_BUFSIZE;
-
- errno = 0;
- s->file = fd < 0 ? FOPEN(path, fmode) : (FILE*)fdopen(fd, fmode);
-
- if (s->file == NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- if (s->mode == 'w') {
- /* Write a very simple .gz header:
- */
- fprintf(s->file, "%c%c%c%c%c%c%c%c%c%c", gz_magic[0], gz_magic[1],
- Z_DEFLATED, 0 /*flags*/, 0,0,0,0 /*time*/, 0 /*xflags*/, OS_CODE);
- } else {
- check_header(s); /* skip the .gz header */
- }
- return (gzFile)s;
-}
-
-/* ===========================================================================
- Opens a gzip (.gz) file for reading or writing.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen (const char *path, const char *mode)
-#else
-extern gzFile EXPORT gzopen OF((const char *path, const char *mode))
-#endif
-{
- return gz_open (path, mode, -1);
-}
-
-/* ===========================================================================
- Associate a gzFile with the file descriptor fd. fd is not dup'ed here
- to mimic the behavio(u)r of fdopen.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen (int fd, const char *mode)
-#else
-extern gzFile EXPORT gzdopen OF((int fd, const char *mode))
-#endif
-{
- char name[20];
-
- if (fd < 0) return (gzFile)Z_NULL;
- sprintf(name, "<fd:%d>", fd); /* for debugging */
-
- return gz_open (name, mode, fd);
-}
-
-/* ===========================================================================
- Read a byte from a gz_stream; update next_in and avail_in. Return EOF
- for end of file.
- IN assertion: the stream s has been sucessfully opened for reading.
-*/
-local int get_byte(s)
- gz_stream *s;
-{
- if (s->z_eof) return EOF;
- if (s->stream.avail_in == 0) {
- errno = 0;
- s->stream.avail_in = fread(s->inbuf, 1, Z_BUFSIZE, s->file);
- if (s->stream.avail_in == 0) {
- s->z_eof = 1;
- if (ferror(s->file)) s->z_err = Z_ERRNO;
- return EOF;
- }
- s->stream.next_in = s->inbuf;
- }
- s->stream.avail_in--;
- return *(s->stream.next_in)++;
-}
-
-/* ===========================================================================
- Check the gzip header of a gz_stream opened for reading. Set the stream
- mode to transparent if the gzip magic header is not present; set s->err
- to Z_DATA_ERROR if the magic header is present but the rest of the header
- is incorrect.
- IN assertion: the stream s has already been created sucessfully;
- s->stream.avail_in is zero for the first time, but may be non-zero
- for concatenated .gz files.
-*/
-local void check_header(s)
- gz_stream *s;
-{
- int method; /* method byte */
- int flags; /* flags byte */
- uInt len;
- int c;
-
- /* Check the gzip magic header */
- for (len = 0; len < 2; len++) {
- c = get_byte(s);
- if (c != gz_magic[len]) {
- s->transparent = 1;
- if (c != EOF) s->stream.avail_in++, s->stream.next_in--;
- s->z_err = s->stream.avail_in != 0 ? Z_OK : Z_STREAM_END;
- return;
- }
- }
- method = get_byte(s);
- flags = get_byte(s);
- if (method != Z_DEFLATED || (flags & RESERVED) != 0) {
- s->z_err = Z_DATA_ERROR;
- return;
- }
-
- /* Discard time, xflags and OS code: */
- for (len = 0; len < 6; len++) (void)get_byte(s);
-
- if ((flags & EXTRA_FIELD) != 0) { /* skip the extra field */
- len = (uInt)get_byte(s);
- len += ((uInt)get_byte(s))<<8;
- /* len is garbage if EOF but the loop below will quit anyway */
- while (len-- != 0 && get_byte(s) != EOF) ;
- }
- if ((flags & ORIG_NAME) != 0) { /* skip the original file name */
- while ((c = get_byte(s)) != 0 && c != EOF) ;
- }
- if ((flags & COMMENT) != 0) { /* skip the .gz file comment */
- while ((c = get_byte(s)) != 0 && c != EOF) ;
- }
- if ((flags & HEAD_CRC) != 0) { /* skip the header crc */
- for (len = 0; len < 2; len++) (void)get_byte(s);
- }
- s->z_err = s->z_eof ? Z_DATA_ERROR : Z_OK;
-}
-
- /* ===========================================================================
- * Cleanup then free the given gz_stream. Return a zlib error code.
- Try freeing in the reverse order of allocations.
- */
-local int destroy (s)
- gz_stream *s;
-{
- int err = Z_OK;
-
- if (!s) return Z_STREAM_ERROR;
-
- TRYFREE(s->msg);
-
- if (s->stream.state != NULL) {
- if (s->mode == 'w') {
- err = deflateEnd(&(s->stream));
- } else if (s->mode == 'r') {
- err = inflateEnd(&(s->stream));
- }
- }
- if (s->file != NULL && fclose(s->file)) {
- err = Z_ERRNO;
- }
- if (s->z_err < 0) err = s->z_err;
-
- TRYFREE(s->inbuf);
- TRYFREE(s->outbuf);
- TRYFREE(s->path);
- TRYFREE(s);
- return err;
-}
-
-/* ===========================================================================
- Reads the given number of uncompressed bytes from the compressed file.
- gzread returns the number of bytes actually read (0 for end of file).
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzread (gzFile file, voidp buf, unsigned len)
-#else
-extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len))
-#endif
-{
- gz_stream *s = (gz_stream*)file;
- Bytef *start = buf; /* starting point for crc computation */
- Byte *next_out; /* == stream.next_out but not forced far (for MSDOS) */
-
- if (s == NULL || s->mode != 'r') return Z_STREAM_ERROR;
-
- if (s->z_err == Z_DATA_ERROR || s->z_err == Z_ERRNO) return -1;
- if (s->z_err == Z_STREAM_END) return 0; /* EOF */
-
- s->stream.next_out = next_out = buf;
- s->stream.avail_out = len;
-
- while (s->stream.avail_out != 0) {
-
- if (s->transparent) {
- /* Copy first the lookahead bytes: */
- uInt n = s->stream.avail_in;
- if (n > s->stream.avail_out) n = s->stream.avail_out;
- if (n > 0) {
- zmemcpy(s->stream.next_out, s->stream.next_in, n);
- next_out += n;
- s->stream.next_out = next_out;
- s->stream.next_in += n;
- s->stream.avail_out -= n;
- s->stream.avail_in -= n;
- }
- if (s->stream.avail_out > 0) {
- s->stream.avail_out -= fread(next_out, 1, s->stream.avail_out,
- s->file);
- }
- return (int)(len - s->stream.avail_out);
- }
- if (s->stream.avail_in == 0 && !s->z_eof) {
-
- errno = 0;
- s->stream.avail_in = fread(s->inbuf, 1, Z_BUFSIZE, s->file);
- if (s->stream.avail_in == 0) {
- s->z_eof = 1;
- if (ferror(s->file)) {
- s->z_err = Z_ERRNO;
- break;
- }
- }
- s->stream.next_in = s->inbuf;
- }
- s->z_err = inflate(&(s->stream), Z_NO_FLUSH);
-
- if (s->z_err == Z_STREAM_END) {
- /* Check CRC and original size */
- s->crc = crc32(s->crc, start, (uInt)(s->stream.next_out - start));
- start = s->stream.next_out;
-
- if (getLong(s) != s->crc || getLong(s) != s->stream.total_out) {
- s->z_err = Z_DATA_ERROR;
- } else {
- /* Check for concatenated .gz files: */
- check_header(s);
- if (s->z_err == Z_OK) {
- inflateReset(&(s->stream));
- s->crc = crc32(0L, Z_NULL, 0);
- }
- }
- }
- if (s->z_err != Z_OK || s->z_eof) break;
- }
- s->crc = crc32(s->crc, start, (uInt)(s->stream.next_out - start));
-
- return (int)(len - s->stream.avail_out);
-}
-
-/* ===========================================================================
- Writes the given number of uncompressed bytes into the compressed file.
- gzwrite returns the number of bytes actually written (0 in case of error).
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzwrite (gzFile file, const voidp buf, unsigned len)
-#else
-extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len))
-#endif
-{
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL || s->mode != 'w') return Z_STREAM_ERROR;
-
- s->stream.next_in = buf;
- s->stream.avail_in = len;
-
- while (s->stream.avail_in != 0) {
-
- if (s->stream.avail_out == 0) {
-
- s->stream.next_out = s->outbuf;
- if (fwrite(s->outbuf, 1, Z_BUFSIZE, s->file) != Z_BUFSIZE) {
- s->z_err = Z_ERRNO;
- break;
- }
- s->stream.avail_out = Z_BUFSIZE;
- }
- s->z_err = deflate(&(s->stream), Z_NO_FLUSH);
- if (s->z_err != Z_OK) break;
- }
- s->crc = crc32(s->crc, buf, len);
-
- return (int)(len - s->stream.avail_in);
-}
-
-/* ===========================================================================
- Flushes all pending output into the compressed file. The parameter
- flush is as in the deflate() function.
- gzflush should be called only when strictly necessary because it can
- degrade compression.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzflush (gzFile file, int flush)
-#else
-extern int EXPORT gzflush OF((gzFile file, int flush))
-#endif
-{
- uInt len;
- int done = 0;
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL || s->mode != 'w') return Z_STREAM_ERROR;
-
- s->stream.avail_in = 0; /* should be zero already anyway */
-
- for (;;) {
- len = Z_BUFSIZE - s->stream.avail_out;
-
- if (len != 0) {
- if ((uInt)fwrite(s->outbuf, 1, len, s->file) != len) {
- s->z_err = Z_ERRNO;
- return Z_ERRNO;
- }
- s->stream.next_out = s->outbuf;
- s->stream.avail_out = Z_BUFSIZE;
- }
- if (done) break;
- s->z_err = deflate(&(s->stream), flush);
-
- /* deflate has finished flushing only when it hasn't used up
- * all the available space in the output buffer:
- */
- done = (s->stream.avail_out != 0 || s->z_err == Z_STREAM_END);
-
- if (s->z_err != Z_OK && s->z_err != Z_STREAM_END) break;
- }
- fflush(s->file);
- return s->z_err == Z_STREAM_END ? Z_OK : s->z_err;
-}
-
-/* ===========================================================================
- Outputs a long in LSB order to the given file
-*/
-local void putLong (file, x)
- FILE *file;
- uLong x;
-{
- int n;
- for (n = 0; n < 4; n++) {
- fputc((int)(x & 0xff), file);
- x >>= 8;
- }
-}
-
-/* ===========================================================================
- Reads a long in LSB order from the given gz_stream. Sets
-*/
-local uLong getLong (s)
- gz_stream *s;
-{
- uLong x = (uLong)get_byte(s);
- int c;
-
- x += ((uLong)get_byte(s))<<8;
- x += ((uLong)get_byte(s))<<16;
- c = get_byte(s);
- if (c == EOF) s->z_err = Z_DATA_ERROR;
- x += ((uLong)c)<<24;
- return x;
-}
-
-/* ===========================================================================
- Flushes all pending output if necessary, closes the compressed file
- and deallocates all the (de)compression state.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzclose (gzFile file)
-#else
-extern int EXPORT gzclose OF((gzFile file))
-#endif
-{
- int err;
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL) return Z_STREAM_ERROR;
-
- if (s->mode == 'w') {
- err = gzflush (file, Z_FINISH);
- if (err != Z_OK) return destroy(file);
-
- putLong (s->file, s->crc);
- putLong (s->file, s->stream.total_in);
-
- }
- return destroy(file);
-}
-
-/* ===========================================================================
- Returns the error message for the last error which occured on the
- given compressed file. errnum is set to zlib error number. If an
- error occured in the file system and not in the compression library,
- errnum is set to Z_ERRNO and the application may consult errno
- to get the exact error code.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum)
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum))
-#endif
-{
- char *m;
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL) {
- *errnum = Z_STREAM_ERROR;
- return (const char*)ERR_MSG(Z_STREAM_ERROR);
- }
- *errnum = s->z_err;
- if (*errnum == Z_OK) return (const char*)"";
-
- m = (char*)(*errnum == Z_ERRNO ? zstrerror(errno) : s->stream.msg);
-
- if (m == NULL || *m == '\0') m = (char*)ERR_MSG(s->z_err);
-
- TRYFREE(s->msg);
- s->msg = (char*)ALLOC(strlen(s->path) + strlen(m) + 3);
- strcpy(s->msg, s->path);
- strcat(s->msg, ": ");
- strcat(s->msg, m);
- return (const char*)s->msg;
-}
diff --git a/security/nss/cmd/zlib/infblock.c b/security/nss/cmd/zlib/infblock.c
deleted file mode 100644
index 8eddbafed..000000000
--- a/security/nss/cmd/zlib/infblock.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* infblock.c -- interpret and process block types to last block
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "infblock.h"
-#include "inftrees.h"
-#include "infcodes.h"
-#include "infutil.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* Table for deflate from PKZIP's appnote.txt. */
-local uInt border[] = { /* Order of the bit length code lengths */
- 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
-
-/*
- Notes beyond the 1.93a appnote.txt:
-
- 1. Distance pointers never point before the beginning of the output
- stream.
- 2. Distance pointers can point back across blocks, up to 32k away.
- 3. There is an implied maximum of 7 bits for the bit length table and
- 15 bits for the actual data.
- 4. If only one code exists, then it is encoded using one bit. (Zero
- would be more efficient, but perhaps a little confusing.) If two
- codes exist, they are coded using one bit each (0 and 1).
- 5. There is no way of sending zero distance codes--a dummy must be
- sent if there are none. (History: a pre 2.0 version of PKZIP would
- store blocks with no distance codes, but this was discovered to be
- too harsh a criterion.) Valid only for 1.93a. 2.04c does allow
- zero distance codes, which is sent as one code of zero bits in
- length.
- 6. There are up to 286 literal/length codes. Code 256 represents the
- end-of-block. Note however that the static length tree defines
- 288 codes just to fill out the Huffman codes. Codes 286 and 287
- cannot be used though, since there is no length base or extra bits
- defined for them. Similarily, there are up to 30 distance codes.
- However, static trees define 32 codes (all 5 bits) to fill out the
- Huffman codes, but the last two had better not show up in the data.
- 7. Unzip can check dynamic Huffman blocks for complete code sets.
- The exception is that a single code would not be complete (see #4).
- 8. The five bits following the block type is really the number of
- literal codes sent minus 257.
- 9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits
- (1+6+6). Therefore, to output three times the length, you output
- three codes (1+1+1), whereas to output four times the same length,
- you only need two codes (1+3). Hmm.
- 10. In the tree reconstruction algorithm, Code = Code + Increment
- only if BitLength(i) is not zero. (Pretty obvious.)
- 11. Correction: 4 Bits: # of Bit Length codes - 4 (4 - 19)
- 12. Note: length code 284 can represent 227-258, but length code 285
- really is 258. The last length deserves its own, short code
- since it gets used a lot in very redundant files. The length
- 258 is special since 258 - 3 (the min match length) is 255.
- 13. The literal/length and distance code bit lengths are read as a
- single stream of lengths. It is possible (and advantageous) for
- a repeat code (16, 17, or 18) to go across the boundary between
- the two sets of lengths.
- */
-
-
-void inflate_blocks_reset(s, z, c)
-inflate_blocks_statef *s;
-z_streamp z;
-uLongf *c;
-{
- if (s->checkfn != Z_NULL)
- *c = s->check;
- if (s->mode == BTREE || s->mode == DTREE)
- ZFREE(z, s->sub.trees.blens);
- if (s->mode == CODES)
- {
- inflate_codes_free(s->sub.decode.codes, z);
- inflate_trees_free(s->sub.decode.td, z);
- inflate_trees_free(s->sub.decode.tl, z);
- }
- s->mode = TYPE;
- s->bitk = 0;
- s->bitb = 0;
- s->read = s->write = s->window;
- if (s->checkfn != Z_NULL)
- z->adler = s->check = (*s->checkfn)(0L, Z_NULL, 0);
- Trace((stderr, "inflate: blocks reset\n"));
-}
-
-
-inflate_blocks_statef *inflate_blocks_new(z, c, w)
-z_streamp z;
-check_func c;
-uInt w;
-{
- inflate_blocks_statef *s;
-
- if ((s = (inflate_blocks_statef *)ZALLOC
- (z,1,sizeof(struct inflate_blocks_state))) == Z_NULL)
- return s;
- if ((s->window = (Bytef *)ZALLOC(z, 1, w)) == Z_NULL)
- {
- ZFREE(z, s);
- return Z_NULL;
- }
- s->end = s->window + w;
- s->checkfn = c;
- s->mode = TYPE;
- Trace((stderr, "inflate: blocks allocated\n"));
- inflate_blocks_reset(s, z, &s->check);
- return s;
-}
-
-
-#ifdef DEBUG
- extern uInt inflate_hufts;
-#endif
-int inflate_blocks(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
- uInt t; /* temporary storage */
- uLong b; /* bit buffer */
- uInt k; /* bits in bit buffer */
- Bytef *p; /* input data pointer */
- uInt n; /* bytes available there */
- Bytef *q; /* output window write pointer */
- uInt m; /* bytes to end of window or read pointer */
-
- /* copy input/output information to locals (UPDATE macro restores) */
- LOAD
-
- /* process input based on current state */
- while (1) switch (s->mode)
- {
- case TYPE:
- NEEDBITS(3)
- t = (uInt)b & 7;
- s->last = t & 1;
- switch (t >> 1)
- {
- case 0: /* stored */
- Trace((stderr, "inflate: stored block%s\n",
- s->last ? " (last)" : ""));
- DUMPBITS(3)
- t = k & 7; /* go to byte boundary */
- DUMPBITS(t)
- s->mode = LENS; /* get length of stored block */
- break;
- case 1: /* fixed */
- Trace((stderr, "inflate: fixed codes block%s\n",
- s->last ? " (last)" : ""));
- {
- uInt bl, bd;
- inflate_huft *tl, *td;
-
- inflate_trees_fixed(&bl, &bd, &tl, &td);
- s->sub.decode.codes = inflate_codes_new(bl, bd, tl, td, z);
- if (s->sub.decode.codes == Z_NULL)
- {
- r = Z_MEM_ERROR;
- LEAVE
- }
- s->sub.decode.tl = Z_NULL; /* don't try to free these */
- s->sub.decode.td = Z_NULL;
- }
- DUMPBITS(3)
- s->mode = CODES;
- break;
- case 2: /* dynamic */
- Trace((stderr, "inflate: dynamic codes block%s\n",
- s->last ? " (last)" : ""));
- DUMPBITS(3)
- s->mode = TABLE;
- break;
- case 3: /* illegal */
- DUMPBITS(3)
- s->mode = BAD;
- z->msg = (char*)"invalid block type";
- r = Z_DATA_ERROR;
- LEAVE
- }
- break;
- case LENS:
- NEEDBITS(32)
- if ((((~b) >> 16) & 0xffff) != (b & 0xffff))
- {
- s->mode = BAD;
- z->msg = (char*)"invalid stored block lengths";
- r = Z_DATA_ERROR;
- LEAVE
- }
- s->sub.left = (uInt)b & 0xffff;
- b = k = 0; /* dump bits */
- Tracev((stderr, "inflate: stored length %u\n", s->sub.left));
- s->mode = s->sub.left ? STORED : (s->last ? DRY : TYPE);
- break;
- case STORED:
- if (n == 0)
- LEAVE
- NEEDOUT
- t = s->sub.left;
- if (t > n) t = n;
- if (t > m) t = m;
- zmemcpy(q, p, t);
- p += t; n -= t;
- q += t; m -= t;
- if ((s->sub.left -= t) != 0)
- break;
- Tracev((stderr, "inflate: stored end, %lu total out\n",
- z->total_out + (q >= s->read ? q - s->read :
- (s->end - s->read) + (q - s->window))));
- s->mode = s->last ? DRY : TYPE;
- break;
- case TABLE:
- NEEDBITS(14)
- s->sub.trees.table = t = (uInt)b & 0x3fff;
-#ifndef PKZIP_BUG_WORKAROUND
- if ((t & 0x1f) > 29 || ((t >> 5) & 0x1f) > 29)
- {
- s->mode = BAD;
- z->msg = (char*)"too many length or distance symbols";
- r = Z_DATA_ERROR;
- LEAVE
- }
-#endif
- t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f);
- if (t < 19)
- t = 19;
- if ((s->sub.trees.blens = (uIntf*)ZALLOC(z, t, sizeof(uInt))) == Z_NULL)
- {
- r = Z_MEM_ERROR;
- LEAVE
- }
- DUMPBITS(14)
- s->sub.trees.index = 0;
- Tracev((stderr, "inflate: table sizes ok\n"));
- s->mode = BTREE;
- case BTREE:
- while (s->sub.trees.index < 4 + (s->sub.trees.table >> 10))
- {
- NEEDBITS(3)
- s->sub.trees.blens[border[s->sub.trees.index++]] = (uInt)b & 7;
- DUMPBITS(3)
- }
- while (s->sub.trees.index < 19)
- s->sub.trees.blens[border[s->sub.trees.index++]] = 0;
- s->sub.trees.bb = 7;
- t = inflate_trees_bits(s->sub.trees.blens, &s->sub.trees.bb,
- &s->sub.trees.tb, z);
- if (t != Z_OK)
- {
- ZFREE(z, s->sub.trees.blens);
- r = t;
- if (r == Z_DATA_ERROR)
- s->mode = BAD;
- LEAVE
- }
- s->sub.trees.index = 0;
- Tracev((stderr, "inflate: bits tree ok\n"));
- s->mode = DTREE;
- case DTREE:
- while (t = s->sub.trees.table,
- s->sub.trees.index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))
- {
- inflate_huft *h;
- uInt i, j, c;
-
- t = s->sub.trees.bb;
- NEEDBITS(t)
- h = s->sub.trees.tb + ((uInt)b & inflate_mask[t]);
- t = h->word.what.Bits;
- c = h->more.Base;
- if (c < 16)
- {
- DUMPBITS(t)
- s->sub.trees.blens[s->sub.trees.index++] = c;
- }
- else /* c == 16..18 */
- {
- i = c == 18 ? 7 : c - 14;
- j = c == 18 ? 11 : 3;
- NEEDBITS(t + i)
- DUMPBITS(t)
- j += (uInt)b & inflate_mask[i];
- DUMPBITS(i)
- i = s->sub.trees.index;
- t = s->sub.trees.table;
- if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) ||
- (c == 16 && i < 1))
- {
- inflate_trees_free(s->sub.trees.tb, z);
- ZFREE(z, s->sub.trees.blens);
- s->mode = BAD;
- z->msg = (char*)"invalid bit length repeat";
- r = Z_DATA_ERROR;
- LEAVE
- }
- c = c == 16 ? s->sub.trees.blens[i - 1] : 0;
- do {
- s->sub.trees.blens[i++] = c;
- } while (--j);
- s->sub.trees.index = i;
- }
- }
- inflate_trees_free(s->sub.trees.tb, z);
- s->sub.trees.tb = Z_NULL;
- {
- uInt bl, bd;
- inflate_huft *tl, *td;
- inflate_codes_statef *c;
-
- bl = 9; /* must be <= 9 for lookahead assumptions */
- bd = 6; /* must be <= 9 for lookahead assumptions */
- t = s->sub.trees.table;
-#ifdef DEBUG
- inflate_hufts = 0;
-#endif
- t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f),
- s->sub.trees.blens, &bl, &bd, &tl, &td, z);
- ZFREE(z, s->sub.trees.blens);
- if (t != Z_OK)
- {
- if (t == (uInt)Z_DATA_ERROR)
- s->mode = BAD;
- r = t;
- LEAVE
- }
- Tracev((stderr, "inflate: trees ok, %d * %d bytes used\n",
- inflate_hufts, sizeof(inflate_huft)));
- if ((c = inflate_codes_new(bl, bd, tl, td, z)) == Z_NULL)
- {
- inflate_trees_free(td, z);
- inflate_trees_free(tl, z);
- r = Z_MEM_ERROR;
- LEAVE
- }
- s->sub.decode.codes = c;
- s->sub.decode.tl = tl;
- s->sub.decode.td = td;
- }
- s->mode = CODES;
- case CODES:
- UPDATE
- if ((r = inflate_codes(s, z, r)) != Z_STREAM_END)
- return inflate_flush(s, z, r);
- r = Z_OK;
- inflate_codes_free(s->sub.decode.codes, z);
- inflate_trees_free(s->sub.decode.td, z);
- inflate_trees_free(s->sub.decode.tl, z);
- LOAD
- Tracev((stderr, "inflate: codes end, %lu total out\n",
- z->total_out + (q >= s->read ? q - s->read :
- (s->end - s->read) + (q - s->window))));
- if (!s->last)
- {
- s->mode = TYPE;
- break;
- }
- if (k > 7) /* return unused byte, if any */
- {
- Assert(k < 16, "inflate_codes grabbed too many bytes")
- k -= 8;
- n++;
- p--; /* can always return one */
- }
- s->mode = DRY;
- case DRY:
- FLUSH
- if (s->read != s->write)
- LEAVE
- s->mode = DONE;
- case DONE:
- r = Z_STREAM_END;
- LEAVE
- case BAD:
- r = Z_DATA_ERROR;
- LEAVE
- default:
- r = Z_STREAM_ERROR;
- LEAVE
- }
-}
-
-
-int inflate_blocks_free(s, z, c)
-inflate_blocks_statef *s;
-z_streamp z;
-uLongf *c;
-{
- inflate_blocks_reset(s, z, c);
- ZFREE(z, s->window);
- ZFREE(z, s);
- Trace((stderr, "inflate: blocks freed\n"));
- return Z_OK;
-}
-
-
-void inflate_set_dictionary(s, d, n)
-inflate_blocks_statef *s;
-const Bytef *d;
-uInt n;
-{
- zmemcpy((charf *)s->window, d, n);
- s->read = s->write = s->window + n;
-}
diff --git a/security/nss/cmd/zlib/infblock.h b/security/nss/cmd/zlib/infblock.h
deleted file mode 100644
index 3ecd50cd3..000000000
--- a/security/nss/cmd/zlib/infblock.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* infblock.h -- header to use infblock.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-struct inflate_blocks_state;
-typedef struct inflate_blocks_state FAR inflate_blocks_statef;
-
-extern inflate_blocks_statef * inflate_blocks_new OF((
- z_streamp z,
- check_func c, /* check function */
- uInt w)); /* window size */
-
-extern int inflate_blocks OF((
- inflate_blocks_statef *,
- z_streamp ,
- int)); /* initial return code */
-
-extern void inflate_blocks_reset OF((
- inflate_blocks_statef *,
- z_streamp ,
- uLongf *)); /* check value on output */
-
-extern int inflate_blocks_free OF((
- inflate_blocks_statef *,
- z_streamp ,
- uLongf *)); /* check value on output */
-
-extern void inflate_set_dictionary OF((
- inflate_blocks_statef *s,
- const Bytef *d, /* dictionary */
- uInt n)); /* dictionary length */
diff --git a/security/nss/cmd/zlib/infcodes.c b/security/nss/cmd/zlib/infcodes.c
deleted file mode 100644
index 3ae3818a1..000000000
--- a/security/nss/cmd/zlib/infcodes.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* infcodes.c -- process literals and length/distance pairs
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-#include "zutil.h"
-#include "inftrees.h"
-#include "infblock.h"
-#include "infcodes.h"
-#include "infutil.h"
-#include "inffast.h"
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* inflate codes private state */
-struct inflate_codes_state {
-
- /* mode */
- enum { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
- START, /* x: set up for LEN */
- LEN, /* i: get length/literal/eob next */
- LENEXT, /* i: getting length extra (have base) */
- DIST, /* i: get distance next */
- DISTEXT, /* i: getting distance extra */
- COPY, /* o: copying bytes in window, waiting for space */
- LIT, /* o: got literal, waiting for output space */
- WASH, /* o: got eob, possibly still output waiting */
- END, /* x: got eob and all data flushed */
- BADCODE} /* x: got error */
- mode; /* current inflate_codes mode */
-
- /* mode dependent information */
- uInt len;
- union {
- struct {
- inflate_huft *tree; /* pointer into tree */
- uInt need; /* bits needed */
- } code; /* if LEN or DIST, where in tree */
- uInt lit; /* if LIT, literal */
- struct {
- uInt get; /* bits to get for extra */
- uInt dist; /* distance back to copy from */
- } copy; /* if EXT or COPY, where and how much */
- } sub; /* submode */
-
- /* mode independent information */
- Byte lbits; /* ltree bits decoded per branch */
- Byte dbits; /* dtree bits decoder per branch */
- inflate_huft *ltree; /* literal/length/eob tree */
- inflate_huft *dtree; /* distance tree */
-
-};
-
-
-inflate_codes_statef *inflate_codes_new(bl, bd, tl, td, z)
-uInt bl, bd;
-inflate_huft *tl;
-inflate_huft *td; /* need separate declaration for Borland C++ */
-z_streamp z;
-{
- inflate_codes_statef *c;
-
- if ((c = (inflate_codes_statef *)
- ZALLOC(z,1,sizeof(struct inflate_codes_state))) != Z_NULL)
- {
- c->mode = START;
- c->lbits = (Byte)bl;
- c->dbits = (Byte)bd;
- c->ltree = tl;
- c->dtree = td;
- Tracev((stderr, "inflate: codes new\n"));
- }
- return c;
-}
-
-
-int inflate_codes(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
- uInt j; /* temporary storage */
- inflate_huft *t; /* temporary pointer */
- uInt e; /* extra bits or operation */
- uLong b; /* bit buffer */
- uInt k; /* bits in bit buffer */
- Bytef *p; /* input data pointer */
- uInt n; /* bytes available there */
- Bytef *q; /* output window write pointer */
- uInt m; /* bytes to end of window or read pointer */
- Bytef *f; /* pointer to copy strings from */
- inflate_codes_statef *c = s->sub.decode.codes; /* codes state */
-
- /* copy input/output information to locals (UPDATE macro restores) */
- LOAD
-
- /* process input and output based on current state */
- while (1) switch (c->mode)
- { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
- case START: /* x: set up for LEN */
-#ifndef SLOW
- if (m >= 258 && n >= 10)
- {
- UPDATE
- r = inflate_fast(c->lbits, c->dbits, c->ltree, c->dtree, s, z);
- LOAD
- if (r != Z_OK)
- {
- c->mode = r == Z_STREAM_END ? WASH : BADCODE;
- break;
- }
- }
-#endif /* !SLOW */
- c->sub.code.need = c->lbits;
- c->sub.code.tree = c->ltree;
- c->mode = LEN;
- case LEN: /* i: get length/literal/eob next */
- j = c->sub.code.need;
- NEEDBITS(j)
- t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
- DUMPBITS(t->bits)
- e = (uInt)(t->exop);
- if (e == 0) /* literal */
- {
- c->sub.lit = t->base;
- Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
- "inflate: literal '%c'\n" :
- "inflate: literal 0x%02x\n", t->base));
- c->mode = LIT;
- break;
- }
- if (e & 16) /* length */
- {
- c->sub.copy.get = e & 15;
- c->len = t->base;
- c->mode = LENEXT;
- break;
- }
- if ((e & 64) == 0) /* next table */
- {
- c->sub.code.need = e;
- c->sub.code.tree = t->next;
- break;
- }
- if (e & 32) /* end of block */
- {
- Tracevv((stderr, "inflate: end of block\n"));
- c->mode = WASH;
- break;
- }
- c->mode = BADCODE; /* invalid code */
- z->msg = (char*)"invalid literal/length code";
- r = Z_DATA_ERROR;
- LEAVE
- case LENEXT: /* i: getting length extra (have base) */
- j = c->sub.copy.get;
- NEEDBITS(j)
- c->len += (uInt)b & inflate_mask[j];
- DUMPBITS(j)
- c->sub.code.need = c->dbits;
- c->sub.code.tree = c->dtree;
- Tracevv((stderr, "inflate: length %u\n", c->len));
- c->mode = DIST;
- case DIST: /* i: get distance next */
- j = c->sub.code.need;
- NEEDBITS(j)
- t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
- DUMPBITS(t->bits)
- e = (uInt)(t->exop);
- if (e & 16) /* distance */
- {
- c->sub.copy.get = e & 15;
- c->sub.copy.dist = t->base;
- c->mode = DISTEXT;
- break;
- }
- if ((e & 64) == 0) /* next table */
- {
- c->sub.code.need = e;
- c->sub.code.tree = t->next;
- break;
- }
- c->mode = BADCODE; /* invalid code */
- z->msg = (char*)"invalid distance code";
- r = Z_DATA_ERROR;
- LEAVE
- case DISTEXT: /* i: getting distance extra */
- j = c->sub.copy.get;
- NEEDBITS(j)
- c->sub.copy.dist += (uInt)b & inflate_mask[j];
- DUMPBITS(j)
- Tracevv((stderr, "inflate: distance %u\n", c->sub.copy.dist));
- c->mode = COPY;
- case COPY: /* o: copying bytes in window, waiting for space */
-#ifndef __TURBOC__ /* Turbo C bug for following expression */
- f = (uInt)(q - s->window) < c->sub.copy.dist ?
- s->end - (c->sub.copy.dist - (q - s->window)) :
- q - c->sub.copy.dist;
-#else
- f = q - c->sub.copy.dist;
- if ((uInt)(q - s->window) < c->sub.copy.dist)
- f = s->end - (c->sub.copy.dist - (uInt)(q - s->window));
-#endif
- while (c->len)
- {
- NEEDOUT
- OUTBYTE(*f++)
- if (f == s->end)
- f = s->window;
- c->len--;
- }
- c->mode = START;
- break;
- case LIT: /* o: got literal, waiting for output space */
- NEEDOUT
- OUTBYTE(c->sub.lit)
- c->mode = START;
- break;
- case WASH: /* o: got eob, possibly more output */
- FLUSH
- if (s->read != s->write)
- LEAVE
- c->mode = END;
- case END:
- r = Z_STREAM_END;
- LEAVE
- case BADCODE: /* x: got error */
- r = Z_DATA_ERROR;
- LEAVE
- default:
- r = Z_STREAM_ERROR;
- LEAVE
- }
-}
-
-
-void inflate_codes_free(c, z)
-inflate_codes_statef *c;
-z_streamp z;
-{
- ZFREE(z, c);
- Tracev((stderr, "inflate: codes free\n"));
-}
diff --git a/security/nss/cmd/zlib/infcodes.h b/security/nss/cmd/zlib/infcodes.h
deleted file mode 100644
index c2c38df2c..000000000
--- a/security/nss/cmd/zlib/infcodes.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* infcodes.h -- header to use infcodes.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-struct inflate_codes_state;
-typedef struct inflate_codes_state FAR inflate_codes_statef;
-
-extern inflate_codes_statef *inflate_codes_new OF((
- uInt, uInt,
- inflate_huft *, inflate_huft *,
- z_streamp ));
-
-extern int inflate_codes OF((
- inflate_blocks_statef *,
- z_streamp ,
- int));
-
-extern void inflate_codes_free OF((
- inflate_codes_statef *,
- z_streamp ));
-
diff --git a/security/nss/cmd/zlib/inffast.c b/security/nss/cmd/zlib/inffast.c
deleted file mode 100644
index 86eee4a29..000000000
--- a/security/nss/cmd/zlib/inffast.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* inffast.c -- process literals and length/distance pairs fast
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-#include "zutil.h"
-#include "inftrees.h"
-#include "infblock.h"
-#include "infcodes.h"
-#include "infutil.h"
-#include "inffast.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* macros for bit input with no checking and for returning unused bytes */
-#define GRABBITS(j) {while(k<(j)){b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-#define UNGRAB {n+=(c=k>>3);p-=c;k&=7;}
-
-/* Called with number of bytes left to write in window at least 258
- (the maximum string length) and number of input bytes available
- at least ten. The ten bytes are six bytes for the longest length/
- distance pair plus four bytes for overloading the bit buffer. */
-
-int inflate_fast(bl, bd, tl, td, s, z)
-uInt bl, bd;
-inflate_huft *tl;
-inflate_huft *td; /* need separate declaration for Borland C++ */
-inflate_blocks_statef *s;
-z_streamp z;
-{
- inflate_huft *t; /* temporary pointer */
- uInt e; /* extra bits or operation */
- uLong b; /* bit buffer */
- uInt k; /* bits in bit buffer */
- Bytef *p; /* input data pointer */
- uInt n; /* bytes available there */
- Bytef *q; /* output window write pointer */
- uInt m; /* bytes to end of window or read pointer */
- uInt ml; /* mask for literal/length tree */
- uInt md; /* mask for distance tree */
- uInt c; /* bytes to copy */
- uInt d; /* distance back to copy from */
- Bytef *r; /* copy source pointer */
-
- /* load input, output, bit values */
- LOAD
-
- /* initialize masks */
- ml = inflate_mask[bl];
- md = inflate_mask[bd];
-
- /* do until not enough input or output space for fast loop */
- do { /* assume called with m >= 258 && n >= 10 */
- /* get literal/length code */
- GRABBITS(20) /* max bits for literal/length code */
- if ((e = (t = tl + ((uInt)b & ml))->exop) == 0)
- {
- DUMPBITS(t->bits)
- Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
- "inflate: * literal '%c'\n" :
- "inflate: * literal 0x%02x\n", t->base));
- *q++ = (Byte)t->base;
- m--;
- continue;
- }
- do {
- DUMPBITS(t->bits)
- if (e & 16)
- {
- /* get extra bits for length */
- e &= 15;
- c = t->base + ((uInt)b & inflate_mask[e]);
- DUMPBITS(e)
- Tracevv((stderr, "inflate: * length %u\n", c));
-
- /* decode distance base of block to copy */
- GRABBITS(15); /* max bits for distance code */
- e = (t = td + ((uInt)b & md))->exop;
- do {
- DUMPBITS(t->bits)
- if (e & 16)
- {
- /* get extra bits to add to distance base */
- e &= 15;
- GRABBITS(e) /* get extra bits (up to 13) */
- d = t->base + ((uInt)b & inflate_mask[e]);
- DUMPBITS(e)
- Tracevv((stderr, "inflate: * distance %u\n", d));
-
- /* do the copy */
- m -= c;
- if ((uInt)(q - s->window) >= d) /* offset before dest */
- { /* just copy */
- r = q - d;
- *q++ = *r++; c--; /* minimum count is three, */
- *q++ = *r++; c--; /* so unroll loop a little */
- }
- else /* else offset after destination */
- {
- e = d - (uInt)(q - s->window); /* bytes from offset to end */
- r = s->end - e; /* pointer to offset */
- if (c > e) /* if source crosses, */
- {
- c -= e; /* copy to end of window */
- do {
- *q++ = *r++;
- } while (--e);
- r = s->window; /* copy rest from start of window */
- }
- }
- do { /* copy all or what's left */
- *q++ = *r++;
- } while (--c);
- break;
- }
- else if ((e & 64) == 0)
- e = (t = t->next + ((uInt)b & inflate_mask[e]))->exop;
- else
- {
- z->msg = (char*)"invalid distance code";
- UNGRAB
- UPDATE
- return Z_DATA_ERROR;
- }
- } while (1);
- break;
- }
- if ((e & 64) == 0)
- {
- if ((e = (t = t->next + ((uInt)b & inflate_mask[e]))->exop) == 0)
- {
- DUMPBITS(t->bits)
- Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
- "inflate: * literal '%c'\n" :
- "inflate: * literal 0x%02x\n", t->base));
- *q++ = (Byte)t->base;
- m--;
- break;
- }
- }
- else if (e & 32)
- {
- Tracevv((stderr, "inflate: * end of block\n"));
- UNGRAB
- UPDATE
- return Z_STREAM_END;
- }
- else
- {
- z->msg = (char*)"invalid literal/length code";
- UNGRAB
- UPDATE
- return Z_DATA_ERROR;
- }
- } while (1);
- } while (m >= 258 && n >= 10);
-
- /* not enough input or output--restore pointers and return */
- UNGRAB
- UPDATE
- return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inffast.h b/security/nss/cmd/zlib/inffast.h
deleted file mode 100644
index 8cc644efb..000000000
--- a/security/nss/cmd/zlib/inffast.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* inffast.h -- header to use inffast.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-extern int inflate_fast OF((
- uInt,
- uInt,
- inflate_huft *,
- inflate_huft *,
- inflate_blocks_statef *,
- z_streamp ));
diff --git a/security/nss/cmd/zlib/inffixed.h b/security/nss/cmd/zlib/inffixed.h
deleted file mode 100644
index 77f7e7631..000000000
--- a/security/nss/cmd/zlib/inffixed.h
+++ /dev/null
@@ -1,151 +0,0 @@
-/* inffixed.h -- table for decoding fixed codes
- * Generated automatically by the maketree.c program
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-local uInt fixed_bl = 9;
-local uInt fixed_bd = 5;
-local inflate_huft fixed_tl[] = {
- {{{96,7}},256}, {{{0,8}},80}, {{{0,8}},16}, {{{84,8}},115},
- {{{82,7}},31}, {{{0,8}},112}, {{{0,8}},48}, {{{0,9}},192},
- {{{80,7}},10}, {{{0,8}},96}, {{{0,8}},32}, {{{0,9}},160},
- {{{0,8}},0}, {{{0,8}},128}, {{{0,8}},64}, {{{0,9}},224},
- {{{80,7}},6}, {{{0,8}},88}, {{{0,8}},24}, {{{0,9}},144},
- {{{83,7}},59}, {{{0,8}},120}, {{{0,8}},56}, {{{0,9}},208},
- {{{81,7}},17}, {{{0,8}},104}, {{{0,8}},40}, {{{0,9}},176},
- {{{0,8}},8}, {{{0,8}},136}, {{{0,8}},72}, {{{0,9}},240},
- {{{80,7}},4}, {{{0,8}},84}, {{{0,8}},20}, {{{85,8}},227},
- {{{83,7}},43}, {{{0,8}},116}, {{{0,8}},52}, {{{0,9}},200},
- {{{81,7}},13}, {{{0,8}},100}, {{{0,8}},36}, {{{0,9}},168},
- {{{0,8}},4}, {{{0,8}},132}, {{{0,8}},68}, {{{0,9}},232},
- {{{80,7}},8}, {{{0,8}},92}, {{{0,8}},28}, {{{0,9}},152},
- {{{84,7}},83}, {{{0,8}},124}, {{{0,8}},60}, {{{0,9}},216},
- {{{82,7}},23}, {{{0,8}},108}, {{{0,8}},44}, {{{0,9}},184},
- {{{0,8}},12}, {{{0,8}},140}, {{{0,8}},76}, {{{0,9}},248},
- {{{80,7}},3}, {{{0,8}},82}, {{{0,8}},18}, {{{85,8}},163},
- {{{83,7}},35}, {{{0,8}},114}, {{{0,8}},50}, {{{0,9}},196},
- {{{81,7}},11}, {{{0,8}},98}, {{{0,8}},34}, {{{0,9}},164},
- {{{0,8}},2}, {{{0,8}},130}, {{{0,8}},66}, {{{0,9}},228},
- {{{80,7}},7}, {{{0,8}},90}, {{{0,8}},26}, {{{0,9}},148},
- {{{84,7}},67}, {{{0,8}},122}, {{{0,8}},58}, {{{0,9}},212},
- {{{82,7}},19}, {{{0,8}},106}, {{{0,8}},42}, {{{0,9}},180},
- {{{0,8}},10}, {{{0,8}},138}, {{{0,8}},74}, {{{0,9}},244},
- {{{80,7}},5}, {{{0,8}},86}, {{{0,8}},22}, {{{192,8}},0},
- {{{83,7}},51}, {{{0,8}},118}, {{{0,8}},54}, {{{0,9}},204},
- {{{81,7}},15}, {{{0,8}},102}, {{{0,8}},38}, {{{0,9}},172},
- {{{0,8}},6}, {{{0,8}},134}, {{{0,8}},70}, {{{0,9}},236},
- {{{80,7}},9}, {{{0,8}},94}, {{{0,8}},30}, {{{0,9}},156},
- {{{84,7}},99}, {{{0,8}},126}, {{{0,8}},62}, {{{0,9}},220},
- {{{82,7}},27}, {{{0,8}},110}, {{{0,8}},46}, {{{0,9}},188},
- {{{0,8}},14}, {{{0,8}},142}, {{{0,8}},78}, {{{0,9}},252},
- {{{96,7}},256}, {{{0,8}},81}, {{{0,8}},17}, {{{85,8}},131},
- {{{82,7}},31}, {{{0,8}},113}, {{{0,8}},49}, {{{0,9}},194},
- {{{80,7}},10}, {{{0,8}},97}, {{{0,8}},33}, {{{0,9}},162},
- {{{0,8}},1}, {{{0,8}},129}, {{{0,8}},65}, {{{0,9}},226},
- {{{80,7}},6}, {{{0,8}},89}, {{{0,8}},25}, {{{0,9}},146},
- {{{83,7}},59}, {{{0,8}},121}, {{{0,8}},57}, {{{0,9}},210},
- {{{81,7}},17}, {{{0,8}},105}, {{{0,8}},41}, {{{0,9}},178},
- {{{0,8}},9}, {{{0,8}},137}, {{{0,8}},73}, {{{0,9}},242},
- {{{80,7}},4}, {{{0,8}},85}, {{{0,8}},21}, {{{80,8}},258},
- {{{83,7}},43}, {{{0,8}},117}, {{{0,8}},53}, {{{0,9}},202},
- {{{81,7}},13}, {{{0,8}},101}, {{{0,8}},37}, {{{0,9}},170},
- {{{0,8}},5}, {{{0,8}},133}, {{{0,8}},69}, {{{0,9}},234},
- {{{80,7}},8}, {{{0,8}},93}, {{{0,8}},29}, {{{0,9}},154},
- {{{84,7}},83}, {{{0,8}},125}, {{{0,8}},61}, {{{0,9}},218},
- {{{82,7}},23}, {{{0,8}},109}, {{{0,8}},45}, {{{0,9}},186},
- {{{0,8}},13}, {{{0,8}},141}, {{{0,8}},77}, {{{0,9}},250},
- {{{80,7}},3}, {{{0,8}},83}, {{{0,8}},19}, {{{85,8}},195},
- {{{83,7}},35}, {{{0,8}},115}, {{{0,8}},51}, {{{0,9}},198},
- {{{81,7}},11}, {{{0,8}},99}, {{{0,8}},35}, {{{0,9}},166},
- {{{0,8}},3}, {{{0,8}},131}, {{{0,8}},67}, {{{0,9}},230},
- {{{80,7}},7}, {{{0,8}},91}, {{{0,8}},27}, {{{0,9}},150},
- {{{84,7}},67}, {{{0,8}},123}, {{{0,8}},59}, {{{0,9}},214},
- {{{82,7}},19}, {{{0,8}},107}, {{{0,8}},43}, {{{0,9}},182},
- {{{0,8}},11}, {{{0,8}},139}, {{{0,8}},75}, {{{0,9}},246},
- {{{80,7}},5}, {{{0,8}},87}, {{{0,8}},23}, {{{192,8}},0},
- {{{83,7}},51}, {{{0,8}},119}, {{{0,8}},55}, {{{0,9}},206},
- {{{81,7}},15}, {{{0,8}},103}, {{{0,8}},39}, {{{0,9}},174},
- {{{0,8}},7}, {{{0,8}},135}, {{{0,8}},71}, {{{0,9}},238},
- {{{80,7}},9}, {{{0,8}},95}, {{{0,8}},31}, {{{0,9}},158},
- {{{84,7}},99}, {{{0,8}},127}, {{{0,8}},63}, {{{0,9}},222},
- {{{82,7}},27}, {{{0,8}},111}, {{{0,8}},47}, {{{0,9}},190},
- {{{0,8}},15}, {{{0,8}},143}, {{{0,8}},79}, {{{0,9}},254},
- {{{96,7}},256}, {{{0,8}},80}, {{{0,8}},16}, {{{84,8}},115},
- {{{82,7}},31}, {{{0,8}},112}, {{{0,8}},48}, {{{0,9}},193},
- {{{80,7}},10}, {{{0,8}},96}, {{{0,8}},32}, {{{0,9}},161},
- {{{0,8}},0}, {{{0,8}},128}, {{{0,8}},64}, {{{0,9}},225},
- {{{80,7}},6}, {{{0,8}},88}, {{{0,8}},24}, {{{0,9}},145},
- {{{83,7}},59}, {{{0,8}},120}, {{{0,8}},56}, {{{0,9}},209},
- {{{81,7}},17}, {{{0,8}},104}, {{{0,8}},40}, {{{0,9}},177},
- {{{0,8}},8}, {{{0,8}},136}, {{{0,8}},72}, {{{0,9}},241},
- {{{80,7}},4}, {{{0,8}},84}, {{{0,8}},20}, {{{85,8}},227},
- {{{83,7}},43}, {{{0,8}},116}, {{{0,8}},52}, {{{0,9}},201},
- {{{81,7}},13}, {{{0,8}},100}, {{{0,8}},36}, {{{0,9}},169},
- {{{0,8}},4}, {{{0,8}},132}, {{{0,8}},68}, {{{0,9}},233},
- {{{80,7}},8}, {{{0,8}},92}, {{{0,8}},28}, {{{0,9}},153},
- {{{84,7}},83}, {{{0,8}},124}, {{{0,8}},60}, {{{0,9}},217},
- {{{82,7}},23}, {{{0,8}},108}, {{{0,8}},44}, {{{0,9}},185},
- {{{0,8}},12}, {{{0,8}},140}, {{{0,8}},76}, {{{0,9}},249},
- {{{80,7}},3}, {{{0,8}},82}, {{{0,8}},18}, {{{85,8}},163},
- {{{83,7}},35}, {{{0,8}},114}, {{{0,8}},50}, {{{0,9}},197},
- {{{81,7}},11}, {{{0,8}},98}, {{{0,8}},34}, {{{0,9}},165},
- {{{0,8}},2}, {{{0,8}},130}, {{{0,8}},66}, {{{0,9}},229},
- {{{80,7}},7}, {{{0,8}},90}, {{{0,8}},26}, {{{0,9}},149},
- {{{84,7}},67}, {{{0,8}},122}, {{{0,8}},58}, {{{0,9}},213},
- {{{82,7}},19}, {{{0,8}},106}, {{{0,8}},42}, {{{0,9}},181},
- {{{0,8}},10}, {{{0,8}},138}, {{{0,8}},74}, {{{0,9}},245},
- {{{80,7}},5}, {{{0,8}},86}, {{{0,8}},22}, {{{192,8}},0},
- {{{83,7}},51}, {{{0,8}},118}, {{{0,8}},54}, {{{0,9}},205},
- {{{81,7}},15}, {{{0,8}},102}, {{{0,8}},38}, {{{0,9}},173},
- {{{0,8}},6}, {{{0,8}},134}, {{{0,8}},70}, {{{0,9}},237},
- {{{80,7}},9}, {{{0,8}},94}, {{{0,8}},30}, {{{0,9}},157},
- {{{84,7}},99}, {{{0,8}},126}, {{{0,8}},62}, {{{0,9}},221},
- {{{82,7}},27}, {{{0,8}},110}, {{{0,8}},46}, {{{0,9}},189},
- {{{0,8}},14}, {{{0,8}},142}, {{{0,8}},78}, {{{0,9}},253},
- {{{96,7}},256}, {{{0,8}},81}, {{{0,8}},17}, {{{85,8}},131},
- {{{82,7}},31}, {{{0,8}},113}, {{{0,8}},49}, {{{0,9}},195},
- {{{80,7}},10}, {{{0,8}},97}, {{{0,8}},33}, {{{0,9}},163},
- {{{0,8}},1}, {{{0,8}},129}, {{{0,8}},65}, {{{0,9}},227},
- {{{80,7}},6}, {{{0,8}},89}, {{{0,8}},25}, {{{0,9}},147},
- {{{83,7}},59}, {{{0,8}},121}, {{{0,8}},57}, {{{0,9}},211},
- {{{81,7}},17}, {{{0,8}},105}, {{{0,8}},41}, {{{0,9}},179},
- {{{0,8}},9}, {{{0,8}},137}, {{{0,8}},73}, {{{0,9}},243},
- {{{80,7}},4}, {{{0,8}},85}, {{{0,8}},21}, {{{80,8}},258},
- {{{83,7}},43}, {{{0,8}},117}, {{{0,8}},53}, {{{0,9}},203},
- {{{81,7}},13}, {{{0,8}},101}, {{{0,8}},37}, {{{0,9}},171},
- {{{0,8}},5}, {{{0,8}},133}, {{{0,8}},69}, {{{0,9}},235},
- {{{80,7}},8}, {{{0,8}},93}, {{{0,8}},29}, {{{0,9}},155},
- {{{84,7}},83}, {{{0,8}},125}, {{{0,8}},61}, {{{0,9}},219},
- {{{82,7}},23}, {{{0,8}},109}, {{{0,8}},45}, {{{0,9}},187},
- {{{0,8}},13}, {{{0,8}},141}, {{{0,8}},77}, {{{0,9}},251},
- {{{80,7}},3}, {{{0,8}},83}, {{{0,8}},19}, {{{85,8}},195},
- {{{83,7}},35}, {{{0,8}},115}, {{{0,8}},51}, {{{0,9}},199},
- {{{81,7}},11}, {{{0,8}},99}, {{{0,8}},35}, {{{0,9}},167},
- {{{0,8}},3}, {{{0,8}},131}, {{{0,8}},67}, {{{0,9}},231},
- {{{80,7}},7}, {{{0,8}},91}, {{{0,8}},27}, {{{0,9}},151},
- {{{84,7}},67}, {{{0,8}},123}, {{{0,8}},59}, {{{0,9}},215},
- {{{82,7}},19}, {{{0,8}},107}, {{{0,8}},43}, {{{0,9}},183},
- {{{0,8}},11}, {{{0,8}},139}, {{{0,8}},75}, {{{0,9}},247},
- {{{80,7}},5}, {{{0,8}},87}, {{{0,8}},23}, {{{192,8}},0},
- {{{83,7}},51}, {{{0,8}},119}, {{{0,8}},55}, {{{0,9}},207},
- {{{81,7}},15}, {{{0,8}},103}, {{{0,8}},39}, {{{0,9}},175},
- {{{0,8}},7}, {{{0,8}},135}, {{{0,8}},71}, {{{0,9}},239},
- {{{80,7}},9}, {{{0,8}},95}, {{{0,8}},31}, {{{0,9}},159},
- {{{84,7}},99}, {{{0,8}},127}, {{{0,8}},63}, {{{0,9}},223},
- {{{82,7}},27}, {{{0,8}},111}, {{{0,8}},47}, {{{0,9}},191},
- {{{0,8}},15}, {{{0,8}},143}, {{{0,8}},79}, {{{0,9}},255}
- };
-local inflate_huft fixed_td[] = {
- {{{80,5}},1}, {{{87,5}},257}, {{{83,5}},17}, {{{91,5}},4097},
- {{{81,5}},5}, {{{89,5}},1025}, {{{85,5}},65}, {{{93,5}},16385},
- {{{80,5}},3}, {{{88,5}},513}, {{{84,5}},33}, {{{92,5}},8193},
- {{{82,5}},9}, {{{90,5}},2049}, {{{86,5}},129}, {{{192,5}},24577},
- {{{80,5}},2}, {{{87,5}},385}, {{{83,5}},25}, {{{91,5}},6145},
- {{{81,5}},7}, {{{89,5}},1537}, {{{85,5}},97}, {{{93,5}},24577},
- {{{80,5}},4}, {{{88,5}},769}, {{{84,5}},49}, {{{92,5}},12289},
- {{{82,5}},13}, {{{90,5}},3073}, {{{86,5}},193}, {{{192,5}},24577}
- };
diff --git a/security/nss/cmd/zlib/inflate.c b/security/nss/cmd/zlib/inflate.c
deleted file mode 100644
index 8cd0c141c..000000000
--- a/security/nss/cmd/zlib/inflate.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/* inflate.c -- zlib interface to inflate modules
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "infblock.h"
-
-struct inflate_blocks_state {int dummy;}; /* for buggy compilers */
-
-/* inflate private state */
-struct internal_state {
-
- /* mode */
- enum {
- METHOD, /* waiting for method byte */
- FLAG, /* waiting for flag byte */
- DICT4, /* four dictionary check bytes to go */
- DICT3, /* three dictionary check bytes to go */
- DICT2, /* two dictionary check bytes to go */
- DICT1, /* one dictionary check byte to go */
- DICT0, /* waiting for inflateSetDictionary */
- BLOCKS, /* decompressing blocks */
- CHECK4, /* four check bytes to go */
- CHECK3, /* three check bytes to go */
- CHECK2, /* two check bytes to go */
- CHECK1, /* one check byte to go */
- DONE, /* finished check, done */
- BAD} /* got an error--stay here */
- mode; /* current inflate mode */
-
- /* mode dependent information */
- union {
- uInt method; /* if FLAGS, method byte */
- struct {
- uLong was; /* computed check value */
- uLong need; /* stream check value */
- } check; /* if CHECK, check values to compare */
- uInt marker; /* if BAD, inflateSync's marker bytes count */
- } sub; /* submode */
-
- /* mode independent information */
- int nowrap; /* flag for no wrapper */
- uInt wbits; /* log2(window size) (8..15, defaults to 15) */
- inflate_blocks_statef
- *blocks; /* current inflate_blocks state */
-
-};
-
-
-PR_PUBLIC_API(int) inflateReset(z)
-z_streamp z;
-{
- uLong c;
-
- if (z == Z_NULL || z->state == Z_NULL)
- return Z_STREAM_ERROR;
- z->total_in = z->total_out = 0;
- z->msg = Z_NULL;
- z->state->mode = z->state->nowrap ? BLOCKS : METHOD;
- inflate_blocks_reset(z->state->blocks, z, &c);
- Trace((stderr, "inflate: reset\n"));
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateEnd(z)
-z_streamp z;
-{
- uLong c;
-
- if (z == Z_NULL || z->state == Z_NULL || z->zfree == Z_NULL)
- return Z_STREAM_ERROR;
- if (z->state->blocks != Z_NULL)
- inflate_blocks_free(z->state->blocks, z, &c);
- ZFREE(z, z->state);
- z->state = Z_NULL;
- Trace((stderr, "inflate: end\n"));
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateInit2_(z, w, version, stream_size)
-z_streamp z;
-int w;
-const char *version;
-int stream_size;
-{
- if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
- stream_size != sizeof(z_stream))
- return Z_VERSION_ERROR;
-
- /* initialize state */
- if (z == Z_NULL)
- return Z_STREAM_ERROR;
- z->msg = Z_NULL;
- if (z->zalloc == Z_NULL)
- {
- z->zalloc = zcalloc;
- z->opaque = (voidpf)0;
- }
- if (z->zfree == Z_NULL) z->zfree = zcfree;
- if ((z->state = (struct internal_state FAR *)
- ZALLOC(z,1,sizeof(struct internal_state))) == Z_NULL)
- return Z_MEM_ERROR;
- z->state->blocks = Z_NULL;
-
- /* handle undocumented nowrap option (no zlib header or check) */
- z->state->nowrap = 0;
- if (w < 0)
- {
- w = - w;
- z->state->nowrap = 1;
- }
-
- /* set window size */
- if (w < 8 || w > 15)
- {
- inflateEnd(z);
- return Z_STREAM_ERROR;
- }
- z->state->wbits = (uInt)w;
-
- /* create inflate_blocks state */
- if ((z->state->blocks =
- inflate_blocks_new(z, z->state->nowrap ? Z_NULL : adler32, (uInt)1 << w))
- == Z_NULL)
- {
- inflateEnd(z);
- return Z_MEM_ERROR;
- }
- Trace((stderr, "inflate: allocated\n"));
-
- /* reset state */
- inflateReset(z);
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateInit_(z, version, stream_size)
-z_streamp z;
-const char *version;
-int stream_size;
-{
- return inflateInit2_(z, DEF_WBITS, version, stream_size);
-}
-
-
-#define NEEDBYTE {if(z->avail_in==0)return r;r=Z_OK;}
-#define NEXTBYTE (z->avail_in--,z->total_in++,*z->next_in++)
-
-PR_PUBLIC_API(int) inflate(z, f)
-z_streamp z;
-int f;
-{
- int r;
- uInt b;
-
- if (z == Z_NULL || z->state == Z_NULL || z->next_in == Z_NULL || f < 0)
- return Z_STREAM_ERROR;
- r = Z_BUF_ERROR;
- while (1) switch (z->state->mode)
- {
- case METHOD:
- NEEDBYTE
- if (((z->state->sub.method = NEXTBYTE) & 0xf) != Z_DEFLATED)
- {
- z->state->mode = BAD;
- z->msg = (char*)"unknown compression method";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- if ((z->state->sub.method >> 4) + 8 > z->state->wbits)
- {
- z->state->mode = BAD;
- z->msg = (char*)"invalid window size";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- z->state->mode = FLAG;
- case FLAG:
- NEEDBYTE
- b = NEXTBYTE;
- if (((z->state->sub.method << 8) + b) % 31)
- {
- z->state->mode = BAD;
- z->msg = (char*)"incorrect header check";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- Trace((stderr, "inflate: zlib header ok\n"));
- if (!(b & PRESET_DICT))
- {
- z->state->mode = BLOCKS;
- break;
- }
- z->state->mode = DICT4;
- case DICT4:
- NEEDBYTE
- z->state->sub.check.need = (uLong)NEXTBYTE << 24;
- z->state->mode = DICT3;
- case DICT3:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 16;
- z->state->mode = DICT2;
- case DICT2:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 8;
- z->state->mode = DICT1;
- case DICT1:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE;
- z->adler = z->state->sub.check.need;
- z->state->mode = DICT0;
- return Z_NEED_DICT;
- case DICT0:
- z->state->mode = BAD;
- z->msg = (char*)"need dictionary";
- z->state->sub.marker = 0; /* can try inflateSync */
- return Z_STREAM_ERROR;
- case BLOCKS:
- r = inflate_blocks(z->state->blocks, z, r);
- if (r == Z_DATA_ERROR)
- {
- z->state->mode = BAD;
- z->state->sub.marker = 0; /* can try inflateSync */
- break;
- }
- if (r != Z_STREAM_END)
- return r;
- r = Z_OK;
- inflate_blocks_reset(z->state->blocks, z, &z->state->sub.check.was);
- if (z->state->nowrap)
- {
- z->state->mode = DONE;
- break;
- }
- z->state->mode = CHECK4;
- case CHECK4:
- NEEDBYTE
- z->state->sub.check.need = (uLong)NEXTBYTE << 24;
- z->state->mode = CHECK3;
- case CHECK3:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 16;
- z->state->mode = CHECK2;
- case CHECK2:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 8;
- z->state->mode = CHECK1;
- case CHECK1:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE;
-
- if (z->state->sub.check.was != z->state->sub.check.need)
- {
- z->state->mode = BAD;
- z->msg = (char*)"incorrect data check";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- Trace((stderr, "inflate: zlib check ok\n"));
- z->state->mode = DONE;
- case DONE:
- return Z_STREAM_END;
- case BAD:
- return Z_DATA_ERROR;
- default:
- return Z_STREAM_ERROR;
- }
-}
-
-
-PR_PUBLIC_API(int) inflateSetDictionary(z, dictionary, dictLength)
-z_streamp z;
-const Bytef *dictionary;
-uInt dictLength;
-{
- uInt length = dictLength;
-
- if (z == Z_NULL || z->state == Z_NULL || z->state->mode != DICT0)
- return Z_STREAM_ERROR;
-
- if (adler32(1L, dictionary, dictLength) != z->adler) return Z_DATA_ERROR;
- z->adler = 1L;
-
- if (length >= ((uInt)1<<z->state->wbits))
- {
- length = (1<<z->state->wbits)-1;
- dictionary += dictLength - length;
- }
- inflate_set_dictionary(z->state->blocks, dictionary, length);
- z->state->mode = BLOCKS;
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateSync(z)
-z_streamp z;
-{
- uInt n; /* number of bytes to look at */
- Bytef *p; /* pointer to bytes */
- uInt m; /* number of marker bytes found in a row */
- uLong r, w; /* temporaries to save total_in and total_out */
-
- /* set up */
- if (z == Z_NULL || z->state == Z_NULL)
- return Z_STREAM_ERROR;
- if (z->state->mode != BAD)
- {
- z->state->mode = BAD;
- z->state->sub.marker = 0;
- }
- if ((n = z->avail_in) == 0)
- return Z_BUF_ERROR;
- p = z->next_in;
- m = z->state->sub.marker;
-
- /* search */
- while (n && m < 4)
- {
- if (*p == (Byte)(m < 2 ? 0 : 0xff))
- m++;
- else if (*p)
- m = 0;
- else
- m = 4 - m;
- p++, n--;
- }
-
- /* restore */
- z->total_in += p - z->next_in;
- z->next_in = p;
- z->avail_in = n;
- z->state->sub.marker = m;
-
- /* return no joy or set up to restart on a new block */
- if (m != 4)
- return Z_DATA_ERROR;
- r = z->total_in; w = z->total_out;
- inflateReset(z);
- z->total_in = r; z->total_out = w;
- z->state->mode = BLOCKS;
- return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inftrees.c b/security/nss/cmd/zlib/inftrees.c
deleted file mode 100644
index 91dc00375..000000000
--- a/security/nss/cmd/zlib/inftrees.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* inftrees.c -- generate Huffman trees for efficient decoding
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "inftrees.h"
-
-char inflate_copyright[] = " inflate 1.0.4 Copyright 1995-1996 Mark Adler ";
-/*
- If you use the zlib library in a product, an acknowledgment is welcome
- in the documentation of your product. If for some reason you cannot
- include such an acknowledgment, I would appreciate that you keep this
- copyright string in the executable of your product.
- */
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-
-local int huft_build OF((
- uIntf *, /* code lengths in bits */
- uInt, /* number of codes */
- uInt, /* number of "simple" codes */
- uIntf *, /* list of base values for non-simple codes */
- uIntf *, /* list of extra bits for non-simple codes */
- inflate_huft * FAR*,/* result: starting table */
- uIntf *, /* maximum lookup bits (returns actual) */
- z_streamp )); /* for zalloc function */
-
-local voidpf falloc OF((
- voidpf, /* opaque pointer (not used) */
- uInt, /* number of items */
- uInt)); /* size of item */
-
-/* Tables for deflate from PKZIP's appnote.txt. */
-local uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */
- 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
- 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
- /* see note #13 above about 258 */
-local uInt cplext[31] = { /* Extra bits for literal codes 257..285 */
- 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2,
- 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112}; /* 112==invalid */
-local uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */
- 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
- 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
- 8193, 12289, 16385, 24577};
-local uInt cpdext[30] = { /* Extra bits for distance codes */
- 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6,
- 7, 7, 8, 8, 9, 9, 10, 10, 11, 11,
- 12, 12, 13, 13};
-
-/*
- Huffman code decoding is performed using a multi-level table lookup.
- The fastest way to decode is to simply build a lookup table whose
- size is determined by the longest code. However, the time it takes
- to build this table can also be a factor if the data being decoded
- is not very long. The most common codes are necessarily the
- shortest codes, so those codes dominate the decoding time, and hence
- the speed. The idea is you can have a shorter table that decodes the
- shorter, more probable codes, and then point to subsidiary tables for
- the longer codes. The time it costs to decode the longer codes is
- then traded against the time it takes to make longer tables.
-
- This results of this trade are in the variables lbits and dbits
- below. lbits is the number of bits the first level table for literal/
- length codes can decode in one step, and dbits is the same thing for
- the distance codes. Subsequent tables are also less than or equal to
- those sizes. These values may be adjusted either when all of the
- codes are shorter than that, in which case the longest code length in
- bits is used, or when the shortest code is *longer* than the requested
- table size, in which case the length of the shortest code in bits is
- used.
-
- There are two different values for the two tables, since they code a
- different number of possibilities each. The literal/length table
- codes 286 possible values, or in a flat code, a little over eight
- bits. The distance table codes 30 possible values, or a little less
- than five bits, flat. The optimum values for speed end up being
- about one bit more than those, so lbits is 8+1 and dbits is 5+1.
- The optimum values may differ though from machine to machine, and
- possibly even between compilers. Your mileage may vary.
- */
-
-
-/* If BMAX needs to be larger than 16, then h and x[] should be uLong. */
-#define BMAX 15 /* maximum bit length of any code */
-#define N_MAX 288 /* maximum number of codes in any set */
-
-#ifdef DEBUG
- uInt inflate_hufts;
-#endif
-
-local int huft_build(b, n, s, d, e, t, m, zs)
-uIntf *b; /* code lengths in bits (all assumed <= BMAX) */
-uInt n; /* number of codes (assumed <= N_MAX) */
-uInt s; /* number of simple-valued codes (0..s-1) */
-uIntf *d; /* list of base values for non-simple codes */
-uIntf *e; /* list of extra bits for non-simple codes */
-inflate_huft * FAR *t; /* result: starting table */
-uIntf *m; /* maximum lookup bits, returns actual */
-z_streamp zs; /* for zalloc function */
-/* Given a list of code lengths and a maximum table size, make a set of
- tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR
- if the given code set is incomplete (the tables are still built in this
- case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of
- set of lengths), or Z_MEM_ERROR if not enough memory. */
-{
-
- uInt a; /* counter for codes of length k */
- uInt c[BMAX+1]; /* bit length count table */
- uInt f; /* i repeats in table every f entries */
- int g; /* maximum code length */
- int h; /* table level */
- register uInt i; /* counter, current code */
- register uInt j; /* counter */
- register int k; /* number of bits in current code */
- int l; /* bits per table (returned in m) */
- register uIntf *p; /* pointer into c[], b[], or v[] */
- inflate_huft *q; /* points to current table */
- struct inflate_huft_s r; /* table entry for structure assignment */
- inflate_huft *u[BMAX]; /* table stack */
- uInt v[N_MAX]; /* values in order of bit length */
- register int w; /* bits before this table == (l * h) */
- uInt x[BMAX+1]; /* bit offsets, then code stack */
- uIntf *xp; /* pointer into x */
- int y; /* number of dummy codes added */
- uInt z; /* number of entries in current table */
-
-
- /* Generate counts for each bit length */
- p = c;
-#define C0 *p++ = 0;
-#define C2 C0 C0 C0 C0
-#define C4 C2 C2 C2 C2
- C4 /* clear c[]--assume BMAX+1 is 16 */
- p = b; i = n;
- do {
- c[*p++]++; /* assume all entries <= BMAX */
- } while (--i);
- if (c[0] == n) /* null input--all zero length codes */
- {
- *t = (inflate_huft *)Z_NULL;
- *m = 0;
- return Z_OK;
- }
-
-
- /* Find minimum and maximum length, bound *m by those */
- l = *m;
- for (j = 1; j <= BMAX; j++)
- if (c[j])
- break;
- k = j; /* minimum code length */
- if ((uInt)l < j)
- l = j;
- for (i = BMAX; i; i--)
- if (c[i])
- break;
- g = i; /* maximum code length */
- if ((uInt)l > i)
- l = i;
- *m = l;
-
-
- /* Adjust last length count to fill out codes, if needed */
- for (y = 1 << j; j < i; j++, y <<= 1)
- if ((y -= c[j]) < 0)
- return Z_DATA_ERROR;
- if ((y -= c[i]) < 0)
- return Z_DATA_ERROR;
- c[i] += y;
-
-
- /* Generate starting offsets into the value table for each length */
- x[1] = j = 0;
- p = c + 1; xp = x + 2;
- while (--i) { /* note that i == g from above */
- *xp++ = (j += *p++);
- }
-
-
- /* Make a table of values in order of bit lengths */
- p = b; i = 0;
- do {
- if ((j = *p++) != 0)
- v[x[j]++] = i;
- } while (++i < n);
- n = x[g]; /* set n to length of v */
-
-
- /* Generate the Huffman codes and for each, make the table entries */
- x[0] = i = 0; /* first Huffman code is zero */
- p = v; /* grab values in bit order */
- h = -1; /* no tables yet--level -1 */
- w = -l; /* bits decoded == (l * h) */
- u[0] = (inflate_huft *)Z_NULL; /* just to keep compilers happy */
- q = (inflate_huft *)Z_NULL; /* ditto */
- z = 0; /* ditto */
-
- /* go through the bit lengths (k already is bits in shortest code) */
- for (; k <= g; k++)
- {
- a = c[k];
- while (a--)
- {
- /* here i is the Huffman code of length k bits for value *p */
- /* make tables up to required level */
- while (k > w + l)
- {
- h++;
- w += l; /* previous table always l bits */
-
- /* compute minimum size table less than or equal to l bits */
- z = g - w;
- z = z > (uInt)l ? l : z; /* table size upper limit */
- if ((f = 1 << (j = k - w)) > a + 1) /* try a k-w bit table */
- { /* too few codes for k-w bit table */
- f -= a + 1; /* deduct codes from patterns left */
- xp = c + k;
- if (j < z)
- while (++j < z) /* try smaller tables up to z bits */
- {
- if ((f <<= 1) <= *++xp)
- break; /* enough codes to use up j bits */
- f -= *xp; /* else deduct codes from patterns */
- }
- }
- z = 1 << j; /* table entries for j-bit table */
-
- /* allocate and link in new table */
- if ((q = (inflate_huft *)ZALLOC
- (zs,z + 1,sizeof(inflate_huft))) == Z_NULL)
- {
- if (h)
- inflate_trees_free(u[0], zs);
- return Z_MEM_ERROR; /* not enough memory */
- }
-#ifdef DEBUG
- inflate_hufts += z + 1;
-#endif
- *t = q + 1; /* link to list for huft_free() */
- *(t = &(q->next)) = Z_NULL;
- u[h] = ++q; /* table starts after link */
-
- /* connect to last table, if there is one */
- if (h)
- {
- x[h] = i; /* save pattern for backing up */
- r.bits = (Byte)l; /* bits to dump before this table */
- r.exop = (Byte)j; /* bits in this table */
- r.next = q; /* pointer to this table */
- j = i >> (w - l); /* (get around Turbo C bug) */
- u[h-1][j] = r; /* connect to last table */
- }
- }
-
- /* set up table entry in r */
- r.bits = (Byte)(k - w);
- if (p >= v + n)
- r.exop = 128 + 64; /* out of values--invalid code */
- else if (*p < s)
- {
- r.exop = (Byte)(*p < 256 ? 0 : 32 + 64); /* 256 is end-of-block */
- r.base = *p++; /* simple code is just the value */
- }
- else
- {
- r.exop = (Byte)(e[*p - s] + 16 + 64);/* non-simple--look up in lists */
- r.base = d[*p++ - s];
- }
-
- /* fill code-like entries with r */
- f = 1 << (k - w);
- for (j = i >> w; j < z; j += f)
- q[j] = r;
-
- /* backwards increment the k-bit code i */
- for (j = 1 << (k - 1); i & j; j >>= 1)
- i ^= j;
- i ^= j;
-
- /* backup over finished tables */
- while ((i & ((1 << w) - 1)) != x[h])
- {
- h--; /* don't need to update q */
- w -= l;
- }
- }
- }
-
-
- /* Return Z_BUF_ERROR if we were given an incomplete table */
- return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK;
-}
-
-
-int inflate_trees_bits(c, bb, tb, z)
-uIntf *c; /* 19 code lengths */
-uIntf *bb; /* bits tree desired/actual depth */
-inflate_huft * FAR *tb; /* bits tree result */
-z_streamp z; /* for zfree function */
-{
- int r;
-
- r = huft_build(c, 19, 19, (uIntf*)Z_NULL, (uIntf*)Z_NULL, tb, bb, z);
- if (r == Z_DATA_ERROR)
- z->msg = (char*)"oversubscribed dynamic bit lengths tree";
- else if (r == Z_BUF_ERROR || *bb == 0)
- {
- inflate_trees_free(*tb, z);
- z->msg = (char*)"incomplete dynamic bit lengths tree";
- r = Z_DATA_ERROR;
- }
- return r;
-}
-
-
-int inflate_trees_dynamic(nl, nd, c, bl, bd, tl, td, z)
-uInt nl; /* number of literal/length codes */
-uInt nd; /* number of distance codes */
-uIntf *c; /* that many (total) code lengths */
-uIntf *bl; /* literal desired/actual bit depth */
-uIntf *bd; /* distance desired/actual bit depth */
-inflate_huft * FAR *tl; /* literal/length tree result */
-inflate_huft * FAR *td; /* distance tree result */
-z_streamp z; /* for zfree function */
-{
- int r;
-
- /* build literal/length tree */
- r = huft_build(c, nl, 257, cplens, cplext, tl, bl, z);
- if (r != Z_OK || *bl == 0)
- {
- if (r == Z_DATA_ERROR)
- z->msg = (char*)"oversubscribed literal/length tree";
- else if (r != Z_MEM_ERROR)
- {
- inflate_trees_free(*tl, z);
- z->msg = (char*)"incomplete literal/length tree";
- r = Z_DATA_ERROR;
- }
- return r;
- }
-
- /* build distance tree */
- r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, z);
- if (r != Z_OK || (*bd == 0 && nl > 257))
- {
- if (r == Z_DATA_ERROR)
- z->msg = (char*)"oversubscribed literal/length tree";
- else if (r == Z_BUF_ERROR) {
-#ifdef PKZIP_BUG_WORKAROUND
- r = Z_OK;
- }
-#else
- inflate_trees_free(*td, z);
- z->msg = (char*)"incomplete distance tree";
- r = Z_DATA_ERROR;
- }
- else if (r != Z_MEM_ERROR)
- {
- z->msg = (char*)"empty distance tree with lengths";
- r = Z_DATA_ERROR;
- }
- inflate_trees_free(*tl, z);
- return r;
-#endif
- }
-
- /* done */
- return Z_OK;
-}
-
-
-/* build fixed tables only once--keep them here */
-local int fixed_built = 0;
-#define FIXEDH 530 /* number of hufts used by fixed tables */
-local inflate_huft fixed_mem[FIXEDH];
-local uInt fixed_bl;
-local uInt fixed_bd;
-local inflate_huft *fixed_tl;
-local inflate_huft *fixed_td;
-
-
-local voidpf falloc(q, n, s)
-voidpf q; /* opaque pointer */
-uInt n; /* number of items */
-uInt s; /* size of item */
-{
- Assert(s == sizeof(inflate_huft) && n <= *(intf *)q,
- "inflate_trees falloc overflow");
- *(intf *)q -= n+s-s; /* s-s to avoid warning */
- return (voidpf)(fixed_mem + *(intf *)q);
-}
-
-
-int inflate_trees_fixed(bl, bd, tl, td)
-uIntf *bl; /* literal desired/actual bit depth */
-uIntf *bd; /* distance desired/actual bit depth */
-inflate_huft * FAR *tl; /* literal/length tree result */
-inflate_huft * FAR *td; /* distance tree result */
-{
- /* build fixed tables if not already (multiple overlapped executions ok) */
- if (!fixed_built)
- {
- int k; /* temporary variable */
- unsigned c[288]; /* length list for huft_build */
- z_stream z; /* for falloc function */
- int f = FIXEDH; /* number of hufts left in fixed_mem */
-
- /* set up fake z_stream for memory routines */
- z.zalloc = falloc;
- z.zfree = Z_NULL;
- z.opaque = (voidpf)&f;
-
- /* literal table */
- for (k = 0; k < 144; k++)
- c[k] = 8;
- for (; k < 256; k++)
- c[k] = 9;
- for (; k < 280; k++)
- c[k] = 7;
- for (; k < 288; k++)
- c[k] = 8;
- fixed_bl = 7;
- huft_build(c, 288, 257, cplens, cplext, &fixed_tl, &fixed_bl, &z);
-
- /* distance table */
- for (k = 0; k < 30; k++)
- c[k] = 5;
- fixed_bd = 5;
- huft_build(c, 30, 0, cpdist, cpdext, &fixed_td, &fixed_bd, &z);
-
- /* done */
- Assert(f == 0, "invalid build of fixed tables");
- fixed_built = 1;
- }
- *bl = fixed_bl;
- *bd = fixed_bd;
- *tl = fixed_tl;
- *td = fixed_td;
- return Z_OK;
-}
-
-
-int inflate_trees_free(t, z)
-inflate_huft *t; /* table to free */
-z_streamp z; /* for zfree function */
-/* Free the malloc'ed tables built by huft_build(), which makes a linked
- list of the tables it made, with the links in a dummy first entry of
- each table. */
-{
- register inflate_huft *p, *q, *r;
-
- /* Reverse linked list */
- p = Z_NULL;
- q = t;
- while (q != Z_NULL)
- {
- r = (q - 1)->next;
- (q - 1)->next = p;
- p = q;
- q = r;
- }
- /* Go through linked list, freeing from the malloced (t[-1]) address. */
- while (p != Z_NULL)
- {
- q = (--p)->next;
- ZFREE(z,p);
- p = q;
- }
- return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inftrees.h b/security/nss/cmd/zlib/inftrees.h
deleted file mode 100644
index b06613ddd..000000000
--- a/security/nss/cmd/zlib/inftrees.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/* inftrees.h -- header to use inftrees.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* Huffman code lookup table entry--this entry is four bytes for machines
- that have 16-bit pointers (e.g. PC's in the small or medium model). */
-
-typedef struct inflate_huft_s FAR inflate_huft;
-
-struct inflate_huft_s {
- union {
- struct {
- Byte Exop; /* number of extra bits or operation */
- Byte Bits; /* number of bits in this code or subcode */
- } what;
- Bytef *pad; /* pad structure to a power of 2 (4 bytes for */
- } word; /* 16-bit, 8 bytes for 32-bit machines) */
- union {
- uInt Base; /* literal, length base, or distance base */
- inflate_huft *Next; /* pointer to next level of table */
- } more;
-};
-
-#ifdef DEBUG
- extern uInt inflate_hufts;
-#endif
-
-extern int inflate_trees_bits OF((
- uIntf *, /* 19 code lengths */
- uIntf *, /* bits tree desired/actual depth */
- inflate_huft * FAR *, /* bits tree result */
- z_streamp )); /* for zalloc, zfree functions */
-
-extern int inflate_trees_dynamic OF((
- uInt, /* number of literal/length codes */
- uInt, /* number of distance codes */
- uIntf *, /* that many (total) code lengths */
- uIntf *, /* literal desired/actual bit depth */
- uIntf *, /* distance desired/actual bit depth */
- inflate_huft * FAR *, /* literal/length tree result */
- inflate_huft * FAR *, /* distance tree result */
- z_streamp )); /* for zalloc, zfree functions */
-
-extern int inflate_trees_fixed OF((
- uIntf *, /* literal desired/actual bit depth */
- uIntf *, /* distance desired/actual bit depth */
- inflate_huft * FAR *, /* literal/length tree result */
- inflate_huft * FAR *)); /* distance tree result */
-
-extern int inflate_trees_free OF((
- inflate_huft *, /* tables to free */
- z_streamp )); /* for zfree function */
-
diff --git a/security/nss/cmd/zlib/infutil.c b/security/nss/cmd/zlib/infutil.c
deleted file mode 100644
index eb21199c3..000000000
--- a/security/nss/cmd/zlib/infutil.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* inflate_util.c -- data and routines common to blocks and codes
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-#include "zutil.h"
-#include "infblock.h"
-#include "inftrees.h"
-#include "infcodes.h"
-#include "infutil.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* And'ing with mask[n] masks the lower n bits */
-uInt inflate_mask[17] = {
- 0x0000,
- 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff,
- 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff
-};
-
-
-/* copy as much as possible from the sliding window to the output area */
-int inflate_flush(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
- uInt n;
- Bytef *p;
- Bytef *q;
-
- /* local copies of source and destination pointers */
- p = z->next_out;
- q = s->read;
-
- /* compute number of bytes to copy as far as end of window */
- n = (uInt)((q <= s->write ? s->write : s->end) - q);
- if (n > z->avail_out) n = z->avail_out;
- if (n && r == Z_BUF_ERROR) r = Z_OK;
-
- /* update counters */
- z->avail_out -= n;
- z->total_out += n;
-
- /* update check information */
- if (s->checkfn != Z_NULL)
- z->adler = s->check = (*s->checkfn)(s->check, q, n);
-
- /* copy as far as end of window */
- zmemcpy(p, q, n);
- p += n;
- q += n;
-
- /* see if more to copy at beginning of window */
- if (q == s->end)
- {
- /* wrap pointers */
- q = s->window;
- if (s->write == s->end)
- s->write = s->window;
-
- /* compute bytes to copy */
- n = (uInt)(s->write - q);
- if (n > z->avail_out) n = z->avail_out;
- if (n && r == Z_BUF_ERROR) r = Z_OK;
-
- /* update counters */
- z->avail_out -= n;
- z->total_out += n;
-
- /* update check information */
- if (s->checkfn != Z_NULL)
- z->adler = s->check = (*s->checkfn)(s->check, q, n);
-
- /* copy */
- zmemcpy(p, q, n);
- p += n;
- q += n;
- }
-
- /* update pointers */
- z->next_out = p;
- s->read = q;
-
- /* done */
- return r;
-}
diff --git a/security/nss/cmd/zlib/infutil.h b/security/nss/cmd/zlib/infutil.h
deleted file mode 100644
index 702cd290c..000000000
--- a/security/nss/cmd/zlib/infutil.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* infutil.h -- types and macros common to blocks and codes
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-#ifndef _INFUTIL_H
-#define _INFUTIL_H
-
-typedef enum {
- TYPE, /* get type bits (3, including end bit) */
- LENS, /* get lengths for stored */
- STORED, /* processing stored block */
- TABLE, /* get table lengths */
- BTREE, /* get bit lengths tree for a dynamic block */
- DTREE, /* get length, distance trees for a dynamic block */
- CODES, /* processing fixed or dynamic block */
- DRY, /* output remaining window bytes */
- DONE, /* finished last block, done */
- BAD} /* got a data error--stuck here */
-inflate_block_mode;
-
-/* inflate blocks semi-private state */
-struct inflate_blocks_state {
-
- /* mode */
- inflate_block_mode mode; /* current inflate_block mode */
-
- /* mode dependent information */
- union {
- uInt left; /* if STORED, bytes left to copy */
- struct {
- uInt table; /* table lengths (14 bits) */
- uInt index; /* index into blens (or border) */
- uIntf *blens; /* bit lengths of codes */
- uInt bb; /* bit length tree depth */
- inflate_huft *tb; /* bit length decoding tree */
- } trees; /* if DTREE, decoding info for trees */
- struct {
- inflate_huft *tl;
- inflate_huft *td; /* trees to free */
- inflate_codes_statef
- *codes;
- } decode; /* if CODES, current state */
- } sub; /* submode */
- uInt last; /* true if this block is the last block */
-
- /* mode independent information */
- uInt bitk; /* bits in bit buffer */
- uLong bitb; /* bit buffer */
- Bytef *window; /* sliding window */
- Bytef *end; /* one byte after sliding window */
- Bytef *read; /* window read pointer */
- Bytef *write; /* window write pointer */
- check_func checkfn; /* check function */
- uLong check; /* check on output */
-
-};
-
-
-/* defines for inflate input/output */
-/* update pointers and return */
-#define UPDBITS {s->bitb=b;s->bitk=k;}
-#define UPDIN {z->avail_in=n;z->total_in+=p-z->next_in;z->next_in=p;}
-#define UPDOUT {s->write=q;}
-#define UPDATE {UPDBITS UPDIN UPDOUT}
-#define LEAVE {UPDATE return inflate_flush(s,z,r);}
-/* get bytes and bits */
-#define LOADIN {p=z->next_in;n=z->avail_in;b=s->bitb;k=s->bitk;}
-#define NEEDBYTE {if(n)r=Z_OK;else LEAVE}
-#define NEXTBYTE (n--,*p++)
-#define NEEDBITS(j) {while(k<(j)){NEEDBYTE;b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-#define DUMPBITS(j) {b>>=(j);k-=(j);}
-/* output bytes */
-#define WAVAIL (uInt)(q<s->read?s->read-q-1:s->end-q)
-#define LOADOUT {q=s->write;m=(uInt)WAVAIL;}
-#define WRAP {if(q==s->end&&s->read!=s->window){q=s->window;m=(uInt)WAVAIL;}}
-#define FLUSH {UPDOUT r=inflate_flush(s,z,r); LOADOUT}
-#define NEEDOUT {if(m==0){WRAP if(m==0){FLUSH WRAP if(m==0) LEAVE}}r=Z_OK;}
-#define OUTBYTE(a) {*q++=(Byte)(a);m--;}
-/* load local pointers */
-#define LOAD {LOADIN LOADOUT}
-
-/* masks for lower bits (size given to avoid silly warnings with Visual C++) */
-extern uInt inflate_mask[17];
-
-/* copy as much as possible from the sliding window to the output area */
-extern int inflate_flush OF((
- inflate_blocks_statef *,
- z_streamp ,
- int));
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#endif
diff --git a/security/nss/cmd/zlib/makefile.win b/security/nss/cmd/zlib/makefile.win
deleted file mode 100644
index 0f87b40b8..000000000
--- a/security/nss/cmd/zlib/makefile.win
+++ /dev/null
@@ -1,91 +0,0 @@
-NODEPEND=1
-IGNORE_MANIFEST = 1
-
-#//------------------------------------------------------------------------
-#//
-# New build system where zip dll is build indepenant of java stubs.
-#//
-#//------------------------------------------------------------------------
-MODULE = zlib
-EXPORTS = \
- zlib.h \
- zconf.h \
- $(NULL)
-
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..\..\
-
-MAKE_OBJ_TYPE=DLL
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
-#//
-#//------------------------------------------------------------------------
-DLLNAME=$(ZIPDLL)
-PDBFILE=$(MOD_ZIP).pdb
-MAPFILE=$(MOD_ZIP).map
-!if "$(MOZ_BITS)" == "16"
-DEFFILE=zip16.def
-!endif
-#RESFILE=zip.res
-
-#//------------------------------------------------------------------------
-#//
-#// Define the files necessary to build the target (ie. OBJS)
-#//
-#//------------------------------------------------------------------------
-OBJS= \
- .\$(OBJDIR)\adler32.obj \
- .\$(OBJDIR)\compress.obj \
- .\$(OBJDIR)\crc32.obj \
- .\$(OBJDIR)\deflate.obj \
- .\$(OBJDIR)\gzio.obj \
- .\$(OBJDIR)\infblock.obj \
- .\$(OBJDIR)\infcodes.obj \
- .\$(OBJDIR)\inffast.obj \
- .\$(OBJDIR)\inflate.obj \
- .\$(OBJDIR)\inftrees.obj \
- .\$(OBJDIR)\infutil.obj \
- .\$(OBJDIR)\trees.obj \
- .\$(OBJDIR)\uncompr.obj \
- .\$(OBJDIR)\zutil.obj \
- $(NULL)
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
-#// (these must be defined before the common makefiles are included)
-#//
-#//------------------------------------------------------------------------
-
-DLL=.\$(OBJDIR)\$(DLLNAME)
-MAPFILE= $(MOD_ZIP).map
-
-
-#//------------------------------------------------------------------------
-#//
-#// Define any local options for the make tools
-#// (ie. LCFLAGS, LLFLAGS, LLIBS, LINCS)
-#//
-#//------------------------------------------------------------------------
-LLIBS=$(LLIBS) $(LIBNSPR)
-LINCS=$(LINCS) -I. -I_gen
-# clobber and clobber_all will remove the following garbage:
-GARBAGE = $(GARBAGE) _gen
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/sun-java/config/rules.mak>
-
-export:: $(DLL)
- $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME) $(DIST)\bin
- $(MAKE_INSTALL) .\$(OBJDIR)\$(MOD_ZIP).lib $(DIST)\lib
diff --git a/security/nss/cmd/zlib/maketree.c b/security/nss/cmd/zlib/maketree.c
deleted file mode 100644
index a16d4b146..000000000
--- a/security/nss/cmd/zlib/maketree.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* maketree.c -- make inffixed.h table for decoding fixed codes
- * Copyright (C) 1995-2002 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* This program is included in the distribution for completeness.
- You do not need to compile or run this program since inffixed.h
- is already included in the distribution. To use this program
- you need to compile zlib with BUILDFIXED defined and then compile
- and link this program with the zlib library. Then the output of
- this program can be piped to inffixed.h. */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "zutil.h"
-#include "inftrees.h"
-
-/* simplify the use of the inflate_huft type with some defines */
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* generate initialization table for an inflate_huft structure array */
-void maketree(uInt b, inflate_huft *t)
-{
- int i, e;
-
- i = 0;
- while (1)
- {
- e = t[i].exop;
- if (e && (e & (16+64)) == 0) /* table pointer */
- {
- fprintf(stderr, "maketree: cannot initialize sub-tables!\n");
- exit(1);
- }
- if (i % 4 == 0)
- printf("\n ");
- printf(" {{{%u,%u}},%u}", t[i].exop, t[i].bits, t[i].base);
- if (++i == (1<<b))
- break;
- putchar(',');
- }
- puts("");
-}
-
-/* create the fixed tables in C initialization syntax */
-void main(void)
-{
- int r;
- uInt bl, bd;
- inflate_huft *tl, *td;
- z_stream z;
-
- z.zalloc = zcalloc;
- z.opaque = (voidpf)0;
- z.zfree = zcfree;
- r = inflate_trees_fixed(&bl, &bd, &tl, &td, &z);
- if (r)
- {
- fprintf(stderr, "inflate_trees_fixed error %d\n", r);
- return;
- }
- puts("/* inffixed.h -- table for decoding fixed codes");
- puts(" * Generated automatically by the maketree.c program");
- puts(" */");
- puts("");
- puts("/* WARNING: this file should *not* be used by applications. It is");
- puts(" part of the implementation of the compression library and is");
- puts(" subject to change. Applications should only use zlib.h.");
- puts(" */");
- puts("");
- printf("local uInt fixed_bl = %d;\n", bl);
- printf("local uInt fixed_bd = %d;\n", bd);
- printf("local inflate_huft fixed_tl[] = {");
- maketree(bl, tl);
- puts(" };");
- printf("local inflate_huft fixed_td[] = {");
- maketree(bd, td);
- puts(" };");
-}
diff --git a/security/nss/cmd/zlib/manifest.mn b/security/nss/cmd/zlib/manifest.mn
deleted file mode 100644
index 13460377c..000000000
--- a/security/nss/cmd/zlib/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = seccmd
-
-EXPORTS = zlib.h zconf.h
-
-CSRCS = adler32.c \
- crc32.c \
- compress.c \
- uncompr.c \
- deflate.c \
- trees.c \
- zutil.c \
- inflate.c \
- infblock.c \
- inftrees.c \
- infcodes.c \
- infutil.c \
- inffast.c \
- $(NULL)
-
-LIBRARY_NAME = zlib
-
-# REQUIRES = nss
-
-DEFINES = -DNSPR20=1 -DMOZILLA_CLIENT=1
-
diff --git a/security/nss/cmd/zlib/minigzip.c b/security/nss/cmd/zlib/minigzip.c
deleted file mode 100644
index 60a48a12d..000000000
--- a/security/nss/cmd/zlib/minigzip.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/* minigzip.c -- simulate gzip using the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/*
- * minigzip is a minimal implementation of the gzip utility. This is
- * only an example of using zlib and isn't meant to replace the
- * full-featured gzip. No attempt is made to deal with file systems
- * limiting names to 14 or 8+3 characters, etc... Error checking is
- * very limited. So use minigzip only for testing; use gzip for the
- * real thing. On MSDOS, use only on file names without extension
- * or in pipe mode.
- */
-
-/* $Id$ */
-
-#include <stdio.h>
-#include "zlib.h"
-
-#ifdef STDC
-# include <string.h>
-# include <stdlib.h>
-#else
- extern void exit OF((int));
-#endif
-
-
-#if defined(MSDOS) || defined(OS2) || defined(WIN32)
-# include <fcntl.h>
-# include <io.h>
-# define SET_BINARY_MODE(file) setmode(fileno(file), O_BINARY)
-#else
-# define SET_BINARY_MODE(file)
-#endif
-
-#ifdef VMS
-# define unlink delete
-# define GZ_SUFFIX "-gz"
-#endif
-#ifdef RISCOS
-# define unlink remove
-# define GZ_SUFFIX "-gz"
-# define fileno(file) file->__file
-#endif
-
-#ifndef GZ_SUFFIX
-# define GZ_SUFFIX ".gz"
-#endif
-#define SUFFIX_LEN sizeof(GZ_SUFFIX)
-
-extern int unlink OF((const char *));
-
-#define BUFLEN 4096
-#define MAX_NAME_LEN 1024
-
-#define local static
-/* For MSDOS and other systems with limitation on stack size. For Unix,
- #define local
- works also.
- */
-
-char *prog;
-
-void error OF((const char *msg));
-void gz_compress OF((FILE *in, gzFile out));
-void gz_uncompress OF((gzFile in, FILE *out));
-void file_compress OF((char *file));
-void file_uncompress OF((char *file));
-int main OF((int argc, char *argv[]));
-
-/* ===========================================================================
- * Display error message and exit
- */
-void error(msg)
- const char *msg;
-{
- fprintf(stderr, "%s: %s\n", prog, msg);
- exit(1);
-}
-
-/* ===========================================================================
- * Compress input to output then close both files.
- */
-void gz_compress(in, out)
- FILE *in;
- gzFile out;
-{
- local char buf[BUFLEN];
- int len;
- int err;
-
- for (;;) {
- len = fread(buf, 1, sizeof(buf), in);
- if (ferror(in)) {
- perror("fread");
- exit(1);
- }
- if (len == 0) break;
-
- if (gzwrite(out, buf, (unsigned)len) != len) error(gzerror(out, &err));
- }
- fclose(in);
- if (gzclose(out) != Z_OK) error("failed gzclose");
-}
-
-/* ===========================================================================
- * Uncompress input to output then close both files.
- */
-void gz_uncompress(in, out)
- gzFile in;
- FILE *out;
-{
- local char buf[BUFLEN];
- int len;
- int err;
-
- for (;;) {
- len = gzread(in, buf, sizeof(buf));
- if (len < 0) error (gzerror(in, &err));
- if (len == 0) break;
-
- if ((int)fwrite(buf, 1, (unsigned)len, out) != len) {
- error("failed fwrite");
- }
- }
- if (fclose(out)) error("failed fclose");
-
- if (gzclose(in) != Z_OK) error("failed gzclose");
-}
-
-
-/* ===========================================================================
- * Compress the given file: create a corresponding .gz file and remove the
- * original.
- */
-void file_compress(file)
- char *file;
-{
- local char outfile[MAX_NAME_LEN];
- FILE *in;
- gzFile out;
-
- strcpy(outfile, file);
- strcat(outfile, GZ_SUFFIX);
-
- in = fopen(file, "rb");
- if (in == NULL) {
- perror(file);
- exit(1);
- }
- out = gzopen(outfile, "wb"); /* use "wb9" for maximal compression */
- if (out == NULL) {
- fprintf(stderr, "%s: can't gzopen %s\n", prog, outfile);
- exit(1);
- }
- gz_compress(in, out);
-
- unlink(file);
-}
-
-
-/* ===========================================================================
- * Uncompress the given file and remove the original.
- */
-void file_uncompress(file)
- char *file;
-{
- local char buf[MAX_NAME_LEN];
- char *infile, *outfile;
- FILE *out;
- gzFile in;
- int len = strlen(file);
-
- strcpy(buf, file);
-
- if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
- infile = file;
- outfile = buf;
- outfile[len-3] = '\0';
- } else {
- outfile = file;
- infile = buf;
- strcat(infile, GZ_SUFFIX);
- }
- in = gzopen(infile, "rb");
- if (in == NULL) {
- fprintf(stderr, "%s: can't gzopen %s\n", prog, infile);
- exit(1);
- }
- out = fopen(outfile, "wb");
- if (out == NULL) {
- perror(file);
- exit(1);
- }
-
- gz_uncompress(in, out);
-
- unlink(infile);
-}
-
-
-/* ===========================================================================
- * Usage: minigzip [-d] [files...]
- */
-
-int main(argc, argv)
- int argc;
- char *argv[];
-{
- int uncompr = 0;
- gzFile file;
-
- prog = argv[0];
- argc--, argv++;
-
- if (argc > 0) {
- uncompr = (strcmp(*argv, "-d") == 0);
- if (uncompr) {
- argc--, argv++;
- }
- }
- if (argc == 0) {
- SET_BINARY_MODE(stdin);
- SET_BINARY_MODE(stdout);
- if (uncompr) {
- file = gzdopen(fileno(stdin), "rb");
- if (file == NULL) error("can't gzdopen stdin");
- gz_uncompress(file, stdout);
- } else {
- file = gzdopen(fileno(stdout), "wb"); /* "wb9" for max compr. */
- if (file == NULL) error("can't gzdopen stdout");
- gz_compress(stdin, file);
- }
- } else {
- do {
- if (uncompr) {
- file_uncompress(*argv);
- } else {
- file_compress(*argv);
- }
- } while (argv++, --argc);
- }
- exit(0);
- return 0; /* to avoid warning */
-}
diff --git a/security/nss/cmd/zlib/netscape_mods.doc b/security/nss/cmd/zlib/netscape_mods.doc
deleted file mode 100644
index c8a72d159..000000000
--- a/security/nss/cmd/zlib/netscape_mods.doc
+++ /dev/null
@@ -1,43 +0,0 @@
-
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- */
-
-Netscape Modifications to Zlib source -
-
-
-Changes were made to the following files to
-create a zlib dll:
-
- adler32.c
- compress.c
- crc32.c
- deflate.c
- gzio.c
- inflate.c
- uncompr.c
- zutil.c
-
-
-Various changes for cross platform builds
-are clearly marked through out the source.
-
-
diff --git a/security/nss/cmd/zlib/trees.c b/security/nss/cmd/zlib/trees.c
deleted file mode 100644
index 84623d992..000000000
--- a/security/nss/cmd/zlib/trees.c
+++ /dev/null
@@ -1,1143 +0,0 @@
-/* trees.c -- output deflated data using Huffman coding
- * Copyright (C) 1995-1996 Jean-loup Gailly
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/*
- * ALGORITHM
- *
- * The "deflation" process uses several Huffman trees. The more
- * common source values are represented by shorter bit sequences.
- *
- * Each code tree is stored in a compressed form which is itself
- * a Huffman encoding of the lengths of all the code strings (in
- * ascending order by source values). The actual code strings are
- * reconstructed from the lengths in the inflate process, as described
- * in the deflate specification.
- *
- * REFERENCES
- *
- * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
- * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
- *
- * Storer, James A.
- * Data Compression: Methods and Theory, pp. 49-50.
- * Computer Science Press, 1988. ISBN 0-7167-8156-5.
- *
- * Sedgewick, R.
- * Algorithms, p290.
- * Addison-Wesley, 1983. ISBN 0-201-06672-6.
- */
-
-/* $Id$ */
-
-#include "deflate.h"
-
-#ifdef DEBUG
-# include <ctype.h>
-#endif
-
-/* ===========================================================================
- * Constants
- */
-
-#define MAX_BL_BITS 7
-/* Bit length codes must not exceed MAX_BL_BITS bits */
-
-#define END_BLOCK 256
-/* end of block literal code */
-
-#define REP_3_6 16
-/* repeat previous bit length 3-6 times (2 bits of repeat count) */
-
-#define REPZ_3_10 17
-/* repeat a zero length 3-10 times (3 bits of repeat count) */
-
-#define REPZ_11_138 18
-/* repeat a zero length 11-138 times (7 bits of repeat count) */
-
-local int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
- = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
-
-local int extra_dbits[D_CODES] /* extra bits for each distance code */
- = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
-
-local int extra_blbits[BL_CODES]/* extra bits for each bit length code */
- = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
-
-local uch bl_order[BL_CODES]
- = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
-/* The lengths of the bit length codes are sent in order of decreasing
- * probability, to avoid transmitting the lengths for unused bit length codes.
- */
-
-#define Buf_size (8 * 2*sizeof(char))
-/* Number of bits used within bi_buf. (bi_buf might be implemented on
- * more than 16 bits on some systems.)
- */
-
-/* ===========================================================================
- * Local data. These are initialized only once.
- */
-
-local ct_data static_ltree[L_CODES+2];
-/* The static literal tree. Since the bit lengths are imposed, there is no
- * need for the L_CODES extra codes used during heap construction. However
- * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
- * below).
- */
-
-local ct_data static_dtree[D_CODES];
-/* The static distance tree. (Actually a trivial tree since all codes use
- * 5 bits.)
- */
-
-local uch dist_code[512];
-/* distance codes. The first 256 values correspond to the distances
- * 3 .. 258, the last 256 values correspond to the top 8 bits of
- * the 15 bit distances.
- */
-
-local uch length_code[MAX_MATCH-MIN_MATCH+1];
-/* length code for each normalized match length (0 == MIN_MATCH) */
-
-local int base_length[LENGTH_CODES];
-/* First normalized length for each code (0 = MIN_MATCH) */
-
-local int base_dist[D_CODES];
-/* First normalized distance for each code (0 = distance of 1) */
-
-struct static_tree_desc_s {
- ct_data *static_tree; /* static tree or NULL */
- intf *extra_bits; /* extra bits for each code or NULL */
- int extra_base; /* base index for extra_bits */
- int elems; /* max number of elements in the tree */
- int max_length; /* max bit length for the codes */
-};
-
-local static_tree_desc static_l_desc =
-{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
-
-local static_tree_desc static_d_desc =
-{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
-
-local static_tree_desc static_bl_desc =
-{(ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
-
-/* ===========================================================================
- * Local (static) routines in this file.
- */
-
-local void tr_static_init OF((void));
-local void init_block OF((deflate_state *s));
-local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
-local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
-local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
-local void build_tree OF((deflate_state *s, tree_desc *desc));
-local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
-local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
-local int build_bl_tree OF((deflate_state *s));
-local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
- int blcodes));
-local void compress_block OF((deflate_state *s, ct_data *ltree,
- ct_data *dtree));
-local void set_data_type OF((deflate_state *s));
-local unsigned bi_reverse OF((unsigned value, int length));
-local void bi_windup OF((deflate_state *s));
-local void bi_flush OF((deflate_state *s));
-local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
- int header));
-
-#ifndef DEBUG_NEVER
-# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
- /* Send a code of the given tree. c and tree must not have side effects */
-
-#else /* DEBUG */
-# define send_code(s, c, tree) \
- { if (verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
- send_bits(s, tree[c].Code, tree[c].Len); }
-#endif
-
-#define d_code(dist) \
- ((dist) < 256 ? dist_code[dist] : dist_code[256+((dist)>>7)])
-/* Mapping from a distance to a distance code. dist is the distance - 1 and
- * must not have side effects. dist_code[256] and dist_code[257] are never
- * used.
- */
-
-/* ===========================================================================
- * Output a short LSB first on the stream.
- * IN assertion: there is enough room in pendingBuf.
- */
-#define put_short(s, w) { \
- put_byte(s, (uch)((w) & 0xff)); \
- put_byte(s, (uch)((ush)(w) >> 8)); \
-}
-
-/* ===========================================================================
- * Send a value on a given number of bits.
- * IN assertion: length <= 16 and value fits in length bits.
- */
-#ifdef DEBUG
-local void send_bits OF((deflate_state *s, int value, int length));
-
-local void send_bits(s, value, length)
- deflate_state *s;
- int value; /* value to send */
- int length; /* number of bits */
-{
- Tracevv((stderr," l %2d v %4x ", length, value));
- Assert(length > 0 && length <= 15, "invalid length");
- s->bits_sent += (ulg)length;
-
- /* If not enough room in bi_buf, use (valid) bits from bi_buf and
- * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
- * unused bits in value.
- */
- if (s->bi_valid > (int)Buf_size - length) {
- s->bi_buf |= (value << s->bi_valid);
- put_short(s, s->bi_buf);
- s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
- s->bi_valid += length - Buf_size;
- } else {
- s->bi_buf |= value << s->bi_valid;
- s->bi_valid += length;
- }
-}
-#else /* !DEBUG */
-
-#define send_bits(s, value, length) \
-{ int len = length;\
- if (s->bi_valid > (int)Buf_size - len) {\
- int val = value;\
- s->bi_buf |= (val << s->bi_valid);\
- put_short(s, s->bi_buf);\
- s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
- s->bi_valid += len - Buf_size;\
- } else {\
- s->bi_buf |= (value) << s->bi_valid;\
- s->bi_valid += len;\
- }\
-}
-#endif /* DEBUG */
-
-
-#ifndef MAX
-#define MAX(a,b) (a >= b ? a : b)
-#endif
-/* the arguments must not have side effects */
-
-/* ===========================================================================
- * Initialize the various 'constant' tables. In a multi-threaded environment,
- * this function may be called by two threads concurrently, but this is
- * harmless since both invocations do exactly the same thing.
- */
-local void tr_static_init()
-{
- static int static_init_done = 0;
- int n; /* iterates over tree elements */
- int bits; /* bit counter */
- int length; /* length value */
- int code; /* code value */
- int dist; /* distance index */
- ush bl_count[MAX_BITS+1];
- /* number of codes at each bit length for an optimal tree */
-
- if (static_init_done) return;
-
- /* Initialize the mapping length (0..255) -> length code (0..28) */
- length = 0;
- for (code = 0; code < LENGTH_CODES-1; code++) {
- base_length[code] = length;
- for (n = 0; n < (1<<extra_lbits[code]); n++) {
- length_code[length++] = (uch)code;
- }
- }
- Assert (length == 256, "tr_static_init: length != 256");
- /* Note that the length 255 (match length 258) can be represented
- * in two different ways: code 284 + 5 bits or code 285, so we
- * overwrite length_code[255] to use the best encoding:
- */
- length_code[length-1] = (uch)code;
-
- /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
- dist = 0;
- for (code = 0 ; code < 16; code++) {
- base_dist[code] = dist;
- for (n = 0; n < (1<<extra_dbits[code]); n++) {
- dist_code[dist++] = (uch)code;
- }
- }
- Assert (dist == 256, "tr_static_init: dist != 256");
- dist >>= 7; /* from now on, all distances are divided by 128 */
- for ( ; code < D_CODES; code++) {
- base_dist[code] = dist << 7;
- for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
- dist_code[256 + dist++] = (uch)code;
- }
- }
- Assert (dist == 256, "tr_static_init: 256+dist != 512");
-
- /* Construct the codes of the static literal tree */
- for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
- n = 0;
- while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
- while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
- while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
- while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
- /* Codes 286 and 287 do not exist, but we must include them in the
- * tree construction to get a canonical Huffman tree (longest code
- * all ones)
- */
- gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
-
- /* The static distance tree is trivial: */
- for (n = 0; n < D_CODES; n++) {
- static_dtree[n].Len = 5;
- static_dtree[n].Code = bi_reverse((unsigned)n, 5);
- }
- static_init_done = 1;
-}
-
-/* ===========================================================================
- * Initialize the tree data structures for a new zlib stream.
- */
-void _tr_init(s)
- deflate_state *s;
-{
- tr_static_init();
-
- s->compressed_len = 0L;
-
- s->l_desc.dyn_tree = s->dyn_ltree;
- s->l_desc.stat_desc = &static_l_desc;
-
- s->d_desc.dyn_tree = s->dyn_dtree;
- s->d_desc.stat_desc = &static_d_desc;
-
- s->bl_desc.dyn_tree = s->bl_tree;
- s->bl_desc.stat_desc = &static_bl_desc;
-
- s->bi_buf = 0;
- s->bi_valid = 0;
- s->last_eob_len = 8; /* enough lookahead for inflate */
-#ifdef DEBUG
- s->bits_sent = 0L;
-#endif
-
- /* Initialize the first block of the first file: */
- init_block(s);
-}
-
-/* ===========================================================================
- * Initialize a new block.
- */
-local void init_block(s)
- deflate_state *s;
-{
- int n; /* iterates over tree elements */
-
- /* Initialize the trees. */
- for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
- for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
- for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
-
- s->dyn_ltree[END_BLOCK].Freq = 1;
- s->opt_len = s->static_len = 0L;
- s->last_lit = s->matches = 0;
-}
-
-#define SMALLEST 1
-/* Index within the heap array of least frequent node in the Huffman tree */
-
-
-/* ===========================================================================
- * Remove the smallest element from the heap and recreate the heap with
- * one less element. Updates heap and heap_len.
- */
-#define pqremove(s, tree, top) \
-{\
- top = s->heap[SMALLEST]; \
- s->heap[SMALLEST] = s->heap[s->heap_len--]; \
- pqdownheap(s, tree, SMALLEST); \
-}
-
-/* ===========================================================================
- * Compares to subtrees, using the tree depth as tie breaker when
- * the subtrees have equal frequency. This minimizes the worst case length.
- */
-#define smaller(tree, n, m, depth) \
- (tree[n].Freq < tree[m].Freq || \
- (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
-
-/* ===========================================================================
- * Restore the heap property by moving down the tree starting at node k,
- * exchanging a node with the smallest of its two sons if necessary, stopping
- * when the heap property is re-established (each father smaller than its
- * two sons).
- */
-local void pqdownheap(s, tree, k)
- deflate_state *s;
- ct_data *tree; /* the tree to restore */
- int k; /* node to move down */
-{
- int v = s->heap[k];
- int j = k << 1; /* left son of k */
- while (j <= s->heap_len) {
- /* Set j to the smallest of the two sons: */
- if (j < s->heap_len &&
- smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
- j++;
- }
- /* Exit if v is smaller than both sons */
- if (smaller(tree, v, s->heap[j], s->depth)) break;
-
- /* Exchange v with the smallest son */
- s->heap[k] = s->heap[j]; k = j;
-
- /* And continue down the tree, setting j to the left son of k */
- j <<= 1;
- }
- s->heap[k] = v;
-}
-
-/* ===========================================================================
- * Compute the optimal bit lengths for a tree and update the total bit length
- * for the current block.
- * IN assertion: the fields freq and dad are set, heap[heap_max] and
- * above are the tree nodes sorted by increasing frequency.
- * OUT assertions: the field len is set to the optimal bit length, the
- * array bl_count contains the frequencies for each bit length.
- * The length opt_len is updated; static_len is also updated if stree is
- * not null.
- */
-local void gen_bitlen(s, desc)
- deflate_state *s;
- tree_desc *desc; /* the tree descriptor */
-{
- ct_data *tree = desc->dyn_tree;
- int max_code = desc->max_code;
- ct_data *stree = desc->stat_desc->static_tree;
- intf *extra = desc->stat_desc->extra_bits;
- int base = desc->stat_desc->extra_base;
- int max_length = desc->stat_desc->max_length;
- int h; /* heap index */
- int n, m; /* iterate over the tree elements */
- int bits; /* bit length */
- int xbits; /* extra bits */
- ush f; /* frequency */
- int overflow = 0; /* number of elements with bit length too large */
-
- for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
-
- /* In a first pass, compute the optimal bit lengths (which may
- * overflow in the case of the bit length tree).
- */
- tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
-
- for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
- n = s->heap[h];
- bits = tree[tree[n].Dad].Len + 1;
- if (bits > max_length) bits = max_length, overflow++;
- tree[n].Len = (ush)bits;
- /* We overwrite tree[n].Dad which is no longer needed */
-
- if (n > max_code) continue; /* not a leaf node */
-
- s->bl_count[bits]++;
- xbits = 0;
- if (n >= base) xbits = extra[n-base];
- f = tree[n].Freq;
- s->opt_len += (ulg)f * (bits + xbits);
- if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
- }
- if (overflow == 0) return;
-
- Trace((stderr,"\nbit length overflow\n"));
- /* This happens for example on obj2 and pic of the Calgary corpus */
-
- /* Find the first bit length which could increase: */
- do {
- bits = max_length-1;
- while (s->bl_count[bits] == 0) bits--;
- s->bl_count[bits]--; /* move one leaf down the tree */
- s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
- s->bl_count[max_length]--;
- /* The brother of the overflow item also moves one step up,
- * but this does not affect bl_count[max_length]
- */
- overflow -= 2;
- } while (overflow > 0);
-
- /* Now recompute all bit lengths, scanning in increasing frequency.
- * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
- * lengths instead of fixing only the wrong ones. This idea is taken
- * from 'ar' written by Haruhiko Okumura.)
- */
- for (bits = max_length; bits != 0; bits--) {
- n = s->bl_count[bits];
- while (n != 0) {
- m = s->heap[--h];
- if (m > max_code) continue;
- if (tree[m].Len != (unsigned) bits) {
- Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
- s->opt_len += ((long)bits - (long)tree[m].Len)
- *(long)tree[m].Freq;
- tree[m].Len = (ush)bits;
- }
- n--;
- }
- }
-}
-
-/* ===========================================================================
- * Generate the codes for a given tree and bit counts (which need not be
- * optimal).
- * IN assertion: the array bl_count contains the bit length statistics for
- * the given tree and the field len is set for all tree elements.
- * OUT assertion: the field code is set for all tree elements of non
- * zero code length.
- */
-local void gen_codes (tree, max_code, bl_count)
- ct_data *tree; /* the tree to decorate */
- int max_code; /* largest code with non zero frequency */
- ushf *bl_count; /* number of codes at each bit length */
-{
- ush next_code[MAX_BITS+1]; /* next code value for each bit length */
- ush code = 0; /* running code value */
- int bits; /* bit index */
- int n; /* code index */
-
- /* The distribution counts are first used to generate the code values
- * without bit reversal.
- */
- for (bits = 1; bits <= MAX_BITS; bits++) {
- next_code[bits] = code = (code + bl_count[bits-1]) << 1;
- }
- /* Check that the bit counts in bl_count are consistent. The last code
- * must be all ones.
- */
- Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
- "inconsistent bit counts");
- Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
-
- for (n = 0; n <= max_code; n++) {
- int len = tree[n].Len;
- if (len == 0) continue;
- /* Now reverse the bits */
- tree[n].Code = bi_reverse(next_code[len]++, len);
-
- Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
- n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
- }
-}
-
-/* ===========================================================================
- * Construct one Huffman tree and assigns the code bit strings and lengths.
- * Update the total bit length for the current block.
- * IN assertion: the field freq is set for all tree elements.
- * OUT assertions: the fields len and code are set to the optimal bit length
- * and corresponding code. The length opt_len is updated; static_len is
- * also updated if stree is not null. The field max_code is set.
- */
-local void build_tree(s, desc)
- deflate_state *s;
- tree_desc *desc; /* the tree descriptor */
-{
- ct_data *tree = desc->dyn_tree;
- ct_data *stree = desc->stat_desc->static_tree;
- int elems = desc->stat_desc->elems;
- int n, m; /* iterate over heap elements */
- int max_code = -1; /* largest code with non zero frequency */
- int node; /* new node being created */
-
- /* Construct the initial heap, with least frequent element in
- * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
- * heap[0] is not used.
- */
- s->heap_len = 0, s->heap_max = HEAP_SIZE;
-
- for (n = 0; n < elems; n++) {
- if (tree[n].Freq != 0) {
- s->heap[++(s->heap_len)] = max_code = n;
- s->depth[n] = 0;
- } else {
- tree[n].Len = 0;
- }
- }
-
- /* The pkzip format requires that at least one distance code exists,
- * and that at least one bit should be sent even if there is only one
- * possible code. So to avoid special checks later on we force at least
- * two codes of non zero frequency.
- */
- while (s->heap_len < 2) {
- node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
- tree[node].Freq = 1;
- s->depth[node] = 0;
- s->opt_len--; if (stree) s->static_len -= stree[node].Len;
- /* node is 0 or 1 so it does not have extra bits */
- }
- desc->max_code = max_code;
-
- /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
- * establish sub-heaps of increasing lengths:
- */
- for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
-
- /* Construct the Huffman tree by repeatedly combining the least two
- * frequent nodes.
- */
- node = elems; /* next internal node of the tree */
- do {
- pqremove(s, tree, n); /* n = node of least frequency */
- m = s->heap[SMALLEST]; /* m = node of next least frequency */
-
- s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
- s->heap[--(s->heap_max)] = m;
-
- /* Create a new node father of n and m */
- tree[node].Freq = tree[n].Freq + tree[m].Freq;
- s->depth[node] = (uch) (MAX(s->depth[n], s->depth[m]) + 1);
- tree[n].Dad = tree[m].Dad = (ush)node;
-#ifdef DUMP_BL_TREE
- if (tree == s->bl_tree) {
- fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
- node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
- }
-#endif
- /* and insert the new node in the heap */
- s->heap[SMALLEST] = node++;
- pqdownheap(s, tree, SMALLEST);
-
- } while (s->heap_len >= 2);
-
- s->heap[--(s->heap_max)] = s->heap[SMALLEST];
-
- /* At this point, the fields freq and dad are set. We can now
- * generate the bit lengths.
- */
- gen_bitlen(s, (tree_desc *)desc);
-
- /* The field len is now set, we can generate the bit codes */
- gen_codes ((ct_data *)tree, max_code, s->bl_count);
-}
-
-/* ===========================================================================
- * Scan a literal or distance tree to determine the frequencies of the codes
- * in the bit length tree.
- */
-local void scan_tree (s, tree, max_code)
- deflate_state *s;
- ct_data *tree; /* the tree to be scanned */
- int max_code; /* and its largest code of non zero frequency */
-{
- int n; /* iterates over all tree elements */
- int prevlen = -1; /* last emitted length */
- int curlen; /* length of current code */
- int nextlen = tree[0].Len; /* length of next code */
- int count = 0; /* repeat count of the current code */
- int max_count = 7; /* max repeat count */
- int min_count = 4; /* min repeat count */
-
- if (nextlen == 0) max_count = 138, min_count = 3;
- tree[max_code+1].Len = (ush)0xffff; /* guard */
-
- for (n = 0; n <= max_code; n++) {
- curlen = nextlen; nextlen = tree[n+1].Len;
- if (++count < max_count && curlen == nextlen) {
- continue;
- } else if (count < min_count) {
- s->bl_tree[curlen].Freq += count;
- } else if (curlen != 0) {
- if (curlen != prevlen) s->bl_tree[curlen].Freq++;
- s->bl_tree[REP_3_6].Freq++;
- } else if (count <= 10) {
- s->bl_tree[REPZ_3_10].Freq++;
- } else {
- s->bl_tree[REPZ_11_138].Freq++;
- }
- count = 0; prevlen = curlen;
- if (nextlen == 0) {
- max_count = 138, min_count = 3;
- } else if (curlen == nextlen) {
- max_count = 6, min_count = 3;
- } else {
- max_count = 7, min_count = 4;
- }
- }
-}
-
-/* ===========================================================================
- * Send a literal or distance tree in compressed form, using the codes in
- * bl_tree.
- */
-local void send_tree (s, tree, max_code)
- deflate_state *s;
- ct_data *tree; /* the tree to be scanned */
- int max_code; /* and its largest code of non zero frequency */
-{
- int n; /* iterates over all tree elements */
- int prevlen = -1; /* last emitted length */
- int curlen; /* length of current code */
- int nextlen = tree[0].Len; /* length of next code */
- int count = 0; /* repeat count of the current code */
- int max_count = 7; /* max repeat count */
- int min_count = 4; /* min repeat count */
-
- /* tree[max_code+1].Len = -1; */ /* guard already set */
- if (nextlen == 0) max_count = 138, min_count = 3;
-
- for (n = 0; n <= max_code; n++) {
- curlen = nextlen; nextlen = tree[n+1].Len;
- if (++count < max_count && curlen == nextlen) {
- continue;
- } else if (count < min_count) {
- do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
-
- } else if (curlen != 0) {
- if (curlen != prevlen) {
- send_code(s, curlen, s->bl_tree); count--;
- }
- Assert(count >= 3 && count <= 6, " 3_6?");
- send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
-
- } else if (count <= 10) {
- send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
-
- } else {
- send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
- }
- count = 0; prevlen = curlen;
- if (nextlen == 0) {
- max_count = 138, min_count = 3;
- } else if (curlen == nextlen) {
- max_count = 6, min_count = 3;
- } else {
- max_count = 7, min_count = 4;
- }
- }
-}
-
-/* ===========================================================================
- * Construct the Huffman tree for the bit lengths and return the index in
- * bl_order of the last bit length code to send.
- */
-local int build_bl_tree(s)
- deflate_state *s;
-{
- int max_blindex; /* index of last bit length code of non zero freq */
-
- /* Determine the bit length frequencies for literal and distance trees */
- scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
- scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
-
- /* Build the bit length tree: */
- build_tree(s, (tree_desc *)(&(s->bl_desc)));
- /* opt_len now includes the length of the tree representations, except
- * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
- */
-
- /* Determine the number of bit length codes to send. The pkzip format
- * requires that at least 4 bit length codes be sent. (appnote.txt says
- * 3 but the actual value used is 4.)
- */
- for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
- if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
- }
- /* Update opt_len to include the bit length tree and counts */
- s->opt_len += 3*(max_blindex+1) + 5+5+4;
- Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
- s->opt_len, s->static_len));
-
- return max_blindex;
-}
-
-/* ===========================================================================
- * Send the header for a block using dynamic Huffman trees: the counts, the
- * lengths of the bit length codes, the literal tree and the distance tree.
- * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
- */
-local void send_all_trees(s, lcodes, dcodes, blcodes)
- deflate_state *s;
- int lcodes, dcodes, blcodes; /* number of codes for each tree */
-{
- int rank; /* index in bl_order */
-
- Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
- Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
- "too many codes");
- Tracev((stderr, "\nbl counts: "));
- send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
- send_bits(s, dcodes-1, 5);
- send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
- for (rank = 0; rank < blcodes; rank++) {
- Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
- send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
- }
- Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
-
- send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
- Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
-
- send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
- Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
-}
-
-/* ===========================================================================
- * Send a stored block
- */
-void _tr_stored_block(s, buf, stored_len, eof)
- deflate_state *s;
- charf *buf; /* input block */
- ulg stored_len; /* length of input block */
- int eof; /* true if this is the last block for a file */
-{
- send_bits(s, (STORED_BLOCK<<1)+eof, 3); /* send block type */
- s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
- s->compressed_len += (stored_len + 4) << 3;
-
- copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
-}
-
-/* ===========================================================================
- * Send one empty static block to give enough lookahead for inflate.
- * This takes 10 bits, of which 7 may remain in the bit buffer.
- * The current inflate code requires 9 bits of lookahead. If the
- * last two codes for the previous block (real code plus EOB) were coded
- * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
- * the last real code. In this case we send two empty static blocks instead
- * of one. (There are no problems if the previous block is stored or fixed.)
- * To simplify the code, we assume the worst case of last real code encoded
- * on one bit only.
- */
-void _tr_align(s)
- deflate_state *s;
-{
- send_bits(s, STATIC_TREES<<1, 3);
- send_code(s, END_BLOCK, static_ltree);
- s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
- bi_flush(s);
- /* Of the 10 bits for the empty block, we have already sent
- * (10 - bi_valid) bits. The lookahead for the last real code (before
- * the EOB of the previous block) was thus at least one plus the length
- * of the EOB plus what we have just sent of the empty static block.
- */
- if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
- send_bits(s, STATIC_TREES<<1, 3);
- send_code(s, END_BLOCK, static_ltree);
- s->compressed_len += 10L;
- bi_flush(s);
- }
- s->last_eob_len = 7;
-}
-
-/* ===========================================================================
- * Determine the best encoding for the current block: dynamic trees, static
- * trees or store, and output the encoded block to the zip file. This function
- * returns the total compressed length for the file so far.
- */
-ulg _tr_flush_block(s, buf, stored_len, eof)
- deflate_state *s;
- charf *buf; /* input block, or NULL if too old */
- ulg stored_len; /* length of input block */
- int eof; /* true if this is the last block for a file */
-{
- ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
- int max_blindex = 0; /* index of last bit length code of non zero freq */
-
- /* Build the Huffman trees unless a stored block is forced */
- if (s->level > 0) {
-
- /* Check if the file is ascii or binary */
- if (s->data_type == Z_UNKNOWN) set_data_type(s);
-
- /* Construct the literal and distance trees */
- build_tree(s, (tree_desc *)(&(s->l_desc)));
- Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
- s->static_len));
-
- build_tree(s, (tree_desc *)(&(s->d_desc)));
- Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
- s->static_len));
- /* At this point, opt_len and static_len are the total bit lengths of
- * the compressed block data, excluding the tree representations.
- */
-
- /* Build the bit length tree for the above two trees, and get the index
- * in bl_order of the last bit length code to send.
- */
- max_blindex = build_bl_tree(s);
-
- /* Determine the best encoding. Compute first the block length in bytes*/
- opt_lenb = (s->opt_len+3+7)>>3;
- static_lenb = (s->static_len+3+7)>>3;
-
- Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
- opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
- s->last_lit));
-
- if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
-
- } else {
- Assert(buf != (char*)0, "lost buf");
- opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
- }
-
- /* If compression failed and this is the first and last block,
- * and if the .zip file can be seeked (to rewrite the local header),
- * the whole file is transformed into a stored file:
- */
-#ifdef STORED_FILE_OK
-# ifdef FORCE_STORED_FILE
- if (eof && s->compressed_len == 0L) { /* force stored file */
-# else
- if (stored_len <= opt_lenb && eof && s->compressed_len==0L && seekable()) {
-# endif
- /* Since LIT_BUFSIZE <= 2*WSIZE, the input data must be there: */
- if (buf == (charf*)0) error ("block vanished");
-
- copy_block(buf, (unsigned)stored_len, 0); /* without header */
- s->compressed_len = stored_len << 3;
- s->method = STORED;
- } else
-#endif /* STORED_FILE_OK */
-
-#ifdef FORCE_STORED
- if (buf != (char*)0) { /* force stored block */
-#else
- if (stored_len+4 <= opt_lenb && buf != (char*)0) {
- /* 4: two words for the lengths */
-#endif
- /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
- * Otherwise we can't have processed more than WSIZE input bytes since
- * the last block flush, because compression would have been
- * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
- * transform a block into a stored block.
- */
- _tr_stored_block(s, buf, stored_len, eof);
-
-#ifdef FORCE_STATIC
- } else if (static_lenb >= 0) { /* force static trees */
-#else
- } else if (static_lenb == opt_lenb) {
-#endif
- send_bits(s, (STATIC_TREES<<1)+eof, 3);
- compress_block(s, (ct_data *)static_ltree, (ct_data *)static_dtree);
- s->compressed_len += 3 + s->static_len;
- } else {
- send_bits(s, (DYN_TREES<<1)+eof, 3);
- send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
- max_blindex+1);
- compress_block(s, (ct_data *)s->dyn_ltree, (ct_data *)s->dyn_dtree);
- s->compressed_len += 3 + s->opt_len;
- }
- Assert (s->compressed_len == s->bits_sent, "bad compressed size");
- init_block(s);
-
- if (eof) {
- bi_windup(s);
- s->compressed_len += 7; /* align on byte boundary */
- }
- Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
- s->compressed_len-7*eof));
-
- return s->compressed_len >> 3;
-}
-
-/* ===========================================================================
- * Save the match info and tally the frequency counts. Return true if
- * the current block must be flushed.
- */
-int _tr_tally (s, dist, lc)
- deflate_state *s;
- unsigned dist; /* distance of matched string */
- unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
-{
- s->d_buf[s->last_lit] = (ush)dist;
- s->l_buf[s->last_lit++] = (uch)lc;
- if (dist == 0) {
- /* lc is the unmatched char */
- s->dyn_ltree[lc].Freq++;
- } else {
- s->matches++;
- /* Here, lc is the match length - MIN_MATCH */
- dist--; /* dist = match distance - 1 */
- Assert((ush)dist < (ush)MAX_DIST(s) &&
- (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
- (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
-
- s->dyn_ltree[length_code[lc]+LITERALS+1].Freq++;
- s->dyn_dtree[d_code(dist)].Freq++;
- }
-
- /* Try to guess if it is profitable to stop the current block here */
- if (s->level > 2 && (s->last_lit & 0xfff) == 0) {
- /* Compute an upper bound for the compressed length */
- ulg out_length = (ulg)s->last_lit*8L;
- ulg in_length = (ulg)((long)s->strstart - s->block_start);
- int dcode;
- for (dcode = 0; dcode < D_CODES; dcode++) {
- out_length += (ulg)s->dyn_dtree[dcode].Freq *
- (5L+extra_dbits[dcode]);
- }
- out_length >>= 3;
- Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
- s->last_lit, in_length, out_length,
- 100L - out_length*100L/in_length));
- if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
- }
- return (s->last_lit == s->lit_bufsize-1);
- /* We avoid equality with lit_bufsize because of wraparound at 64K
- * on 16 bit machines and because stored blocks are restricted to
- * 64K-1 bytes.
- */
-}
-
-/* ===========================================================================
- * Send the block data compressed using the given Huffman trees
- */
-local void compress_block(s, ltree, dtree)
- deflate_state *s;
- ct_data *ltree; /* literal tree */
- ct_data *dtree; /* distance tree */
-{
- unsigned dist; /* distance of matched string */
- int lc; /* match length or unmatched char (if dist == 0) */
- unsigned lx = 0; /* running index in l_buf */
- unsigned code; /* the code to send */
- int extra; /* number of extra bits to send */
-
- if (s->last_lit != 0) do {
- dist = s->d_buf[lx];
- lc = s->l_buf[lx++];
- if (dist == 0) {
- send_code(s, lc, ltree); /* send a literal byte */
- Tracecv(isgraph(lc), (stderr," '%c' ", lc));
- } else {
- /* Here, lc is the match length - MIN_MATCH */
- code = length_code[lc];
- send_code(s, code+LITERALS+1, ltree); /* send the length code */
- extra = extra_lbits[code];
- if (extra != 0) {
- lc -= base_length[code];
- send_bits(s, lc, extra); /* send the extra length bits */
- }
- dist--; /* dist is now the match distance - 1 */
- code = d_code(dist);
- Assert (code < D_CODES, "bad d_code");
-
- send_code(s, code, dtree); /* send the distance code */
- extra = extra_dbits[code];
- if (extra != 0) {
- dist -= base_dist[code];
- send_bits(s, dist, extra); /* send the extra distance bits */
- }
- } /* literal or match pair ? */
-
- /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
- Assert((uInt)s->pending < s->lit_bufsize + 2*lx, "pendingBuf overflow");
-
- } while (lx < s->last_lit);
-
- send_code(s, END_BLOCK, ltree);
- s->last_eob_len = ltree[END_BLOCK].Len;
-}
-
-/* ===========================================================================
- * Set the data type to ASCII or BINARY, using a crude approximation:
- * binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise.
- * IN assertion: the fields freq of dyn_ltree are set and the total of all
- * frequencies does not exceed 64K (to fit in an int on 16 bit machines).
- */
-local void set_data_type(s)
- deflate_state *s;
-{
- int n = 0;
- unsigned ascii_freq = 0;
- unsigned bin_freq = 0;
- while (n < 7) bin_freq += s->dyn_ltree[n++].Freq;
- while (n < 128) ascii_freq += s->dyn_ltree[n++].Freq;
- while (n < LITERALS) bin_freq += s->dyn_ltree[n++].Freq;
- s->data_type = (Byte)(bin_freq > (ascii_freq >> 2) ? Z_BINARY : Z_ASCII);
-}
-
-/* ===========================================================================
- * Reverse the first len bits of a code, using straightforward code (a faster
- * method would use a table)
- * IN assertion: 1 <= len <= 15
- */
-local unsigned bi_reverse(code, len)
- unsigned code; /* the value to invert */
- int len; /* its bit length */
-{
- register unsigned res = 0;
- do {
- res |= code & 1;
- code >>= 1, res <<= 1;
- } while (--len > 0);
- return res >> 1;
-}
-
-/* ===========================================================================
- * Flush the bit buffer, keeping at most 7 bits in it.
- */
-local void bi_flush(s)
- deflate_state *s;
-{
- if (s->bi_valid == 16) {
- put_short(s, s->bi_buf);
- s->bi_buf = 0;
- s->bi_valid = 0;
- } else if (s->bi_valid >= 8) {
- put_byte(s, (Byte)s->bi_buf);
- s->bi_buf >>= 8;
- s->bi_valid -= 8;
- }
-}
-
-/* ===========================================================================
- * Flush the bit buffer and align the output on a byte boundary
- */
-local void bi_windup(s)
- deflate_state *s;
-{
- if (s->bi_valid > 8) {
- put_short(s, s->bi_buf);
- } else if (s->bi_valid > 0) {
- put_byte(s, (Byte)s->bi_buf);
- }
- s->bi_buf = 0;
- s->bi_valid = 0;
-#ifdef DEBUG
- s->bits_sent = (s->bits_sent+7) & ~7;
-#endif
-}
-
-/* ===========================================================================
- * Copy a stored block, storing first the length and its
- * one's complement if requested.
- */
-local void copy_block(s, buf, len, header)
- deflate_state *s;
- charf *buf; /* the input data */
- unsigned len; /* its length */
- int header; /* true if block header must be written */
-{
- bi_windup(s); /* align on byte boundary */
- s->last_eob_len = 8; /* enough lookahead for inflate */
-
- if (header) {
- put_short(s, (ush)len);
- put_short(s, (ush)~len);
-#ifdef DEBUG
- s->bits_sent += 2*16;
-#endif
- }
-#ifdef DEBUG
- s->bits_sent += (ulg)len<<3;
-#endif
- while (len--) {
- put_byte(s, *buf++);
- }
-}
diff --git a/security/nss/cmd/zlib/trees.h b/security/nss/cmd/zlib/trees.h
deleted file mode 100644
index 72facf900..000000000
--- a/security/nss/cmd/zlib/trees.h
+++ /dev/null
@@ -1,128 +0,0 @@
-/* header created automatically with -DGEN_TREES_H */
-
-local const ct_data static_ltree[L_CODES+2] = {
-{{ 12},{ 8}}, {{140},{ 8}}, {{ 76},{ 8}}, {{204},{ 8}}, {{ 44},{ 8}},
-{{172},{ 8}}, {{108},{ 8}}, {{236},{ 8}}, {{ 28},{ 8}}, {{156},{ 8}},
-{{ 92},{ 8}}, {{220},{ 8}}, {{ 60},{ 8}}, {{188},{ 8}}, {{124},{ 8}},
-{{252},{ 8}}, {{ 2},{ 8}}, {{130},{ 8}}, {{ 66},{ 8}}, {{194},{ 8}},
-{{ 34},{ 8}}, {{162},{ 8}}, {{ 98},{ 8}}, {{226},{ 8}}, {{ 18},{ 8}},
-{{146},{ 8}}, {{ 82},{ 8}}, {{210},{ 8}}, {{ 50},{ 8}}, {{178},{ 8}},
-{{114},{ 8}}, {{242},{ 8}}, {{ 10},{ 8}}, {{138},{ 8}}, {{ 74},{ 8}},
-{{202},{ 8}}, {{ 42},{ 8}}, {{170},{ 8}}, {{106},{ 8}}, {{234},{ 8}},
-{{ 26},{ 8}}, {{154},{ 8}}, {{ 90},{ 8}}, {{218},{ 8}}, {{ 58},{ 8}},
-{{186},{ 8}}, {{122},{ 8}}, {{250},{ 8}}, {{ 6},{ 8}}, {{134},{ 8}},
-{{ 70},{ 8}}, {{198},{ 8}}, {{ 38},{ 8}}, {{166},{ 8}}, {{102},{ 8}},
-{{230},{ 8}}, {{ 22},{ 8}}, {{150},{ 8}}, {{ 86},{ 8}}, {{214},{ 8}},
-{{ 54},{ 8}}, {{182},{ 8}}, {{118},{ 8}}, {{246},{ 8}}, {{ 14},{ 8}},
-{{142},{ 8}}, {{ 78},{ 8}}, {{206},{ 8}}, {{ 46},{ 8}}, {{174},{ 8}},
-{{110},{ 8}}, {{238},{ 8}}, {{ 30},{ 8}}, {{158},{ 8}}, {{ 94},{ 8}},
-{{222},{ 8}}, {{ 62},{ 8}}, {{190},{ 8}}, {{126},{ 8}}, {{254},{ 8}},
-{{ 1},{ 8}}, {{129},{ 8}}, {{ 65},{ 8}}, {{193},{ 8}}, {{ 33},{ 8}},
-{{161},{ 8}}, {{ 97},{ 8}}, {{225},{ 8}}, {{ 17},{ 8}}, {{145},{ 8}},
-{{ 81},{ 8}}, {{209},{ 8}}, {{ 49},{ 8}}, {{177},{ 8}}, {{113},{ 8}},
-{{241},{ 8}}, {{ 9},{ 8}}, {{137},{ 8}}, {{ 73},{ 8}}, {{201},{ 8}},
-{{ 41},{ 8}}, {{169},{ 8}}, {{105},{ 8}}, {{233},{ 8}}, {{ 25},{ 8}},
-{{153},{ 8}}, {{ 89},{ 8}}, {{217},{ 8}}, {{ 57},{ 8}}, {{185},{ 8}},
-{{121},{ 8}}, {{249},{ 8}}, {{ 5},{ 8}}, {{133},{ 8}}, {{ 69},{ 8}},
-{{197},{ 8}}, {{ 37},{ 8}}, {{165},{ 8}}, {{101},{ 8}}, {{229},{ 8}},
-{{ 21},{ 8}}, {{149},{ 8}}, {{ 85},{ 8}}, {{213},{ 8}}, {{ 53},{ 8}},
-{{181},{ 8}}, {{117},{ 8}}, {{245},{ 8}}, {{ 13},{ 8}}, {{141},{ 8}},
-{{ 77},{ 8}}, {{205},{ 8}}, {{ 45},{ 8}}, {{173},{ 8}}, {{109},{ 8}},
-{{237},{ 8}}, {{ 29},{ 8}}, {{157},{ 8}}, {{ 93},{ 8}}, {{221},{ 8}},
-{{ 61},{ 8}}, {{189},{ 8}}, {{125},{ 8}}, {{253},{ 8}}, {{ 19},{ 9}},
-{{275},{ 9}}, {{147},{ 9}}, {{403},{ 9}}, {{ 83},{ 9}}, {{339},{ 9}},
-{{211},{ 9}}, {{467},{ 9}}, {{ 51},{ 9}}, {{307},{ 9}}, {{179},{ 9}},
-{{435},{ 9}}, {{115},{ 9}}, {{371},{ 9}}, {{243},{ 9}}, {{499},{ 9}},
-{{ 11},{ 9}}, {{267},{ 9}}, {{139},{ 9}}, {{395},{ 9}}, {{ 75},{ 9}},
-{{331},{ 9}}, {{203},{ 9}}, {{459},{ 9}}, {{ 43},{ 9}}, {{299},{ 9}},
-{{171},{ 9}}, {{427},{ 9}}, {{107},{ 9}}, {{363},{ 9}}, {{235},{ 9}},
-{{491},{ 9}}, {{ 27},{ 9}}, {{283},{ 9}}, {{155},{ 9}}, {{411},{ 9}},
-{{ 91},{ 9}}, {{347},{ 9}}, {{219},{ 9}}, {{475},{ 9}}, {{ 59},{ 9}},
-{{315},{ 9}}, {{187},{ 9}}, {{443},{ 9}}, {{123},{ 9}}, {{379},{ 9}},
-{{251},{ 9}}, {{507},{ 9}}, {{ 7},{ 9}}, {{263},{ 9}}, {{135},{ 9}},
-{{391},{ 9}}, {{ 71},{ 9}}, {{327},{ 9}}, {{199},{ 9}}, {{455},{ 9}},
-{{ 39},{ 9}}, {{295},{ 9}}, {{167},{ 9}}, {{423},{ 9}}, {{103},{ 9}},
-{{359},{ 9}}, {{231},{ 9}}, {{487},{ 9}}, {{ 23},{ 9}}, {{279},{ 9}},
-{{151},{ 9}}, {{407},{ 9}}, {{ 87},{ 9}}, {{343},{ 9}}, {{215},{ 9}},
-{{471},{ 9}}, {{ 55},{ 9}}, {{311},{ 9}}, {{183},{ 9}}, {{439},{ 9}},
-{{119},{ 9}}, {{375},{ 9}}, {{247},{ 9}}, {{503},{ 9}}, {{ 15},{ 9}},
-{{271},{ 9}}, {{143},{ 9}}, {{399},{ 9}}, {{ 79},{ 9}}, {{335},{ 9}},
-{{207},{ 9}}, {{463},{ 9}}, {{ 47},{ 9}}, {{303},{ 9}}, {{175},{ 9}},
-{{431},{ 9}}, {{111},{ 9}}, {{367},{ 9}}, {{239},{ 9}}, {{495},{ 9}},
-{{ 31},{ 9}}, {{287},{ 9}}, {{159},{ 9}}, {{415},{ 9}}, {{ 95},{ 9}},
-{{351},{ 9}}, {{223},{ 9}}, {{479},{ 9}}, {{ 63},{ 9}}, {{319},{ 9}},
-{{191},{ 9}}, {{447},{ 9}}, {{127},{ 9}}, {{383},{ 9}}, {{255},{ 9}},
-{{511},{ 9}}, {{ 0},{ 7}}, {{ 64},{ 7}}, {{ 32},{ 7}}, {{ 96},{ 7}},
-{{ 16},{ 7}}, {{ 80},{ 7}}, {{ 48},{ 7}}, {{112},{ 7}}, {{ 8},{ 7}},
-{{ 72},{ 7}}, {{ 40},{ 7}}, {{104},{ 7}}, {{ 24},{ 7}}, {{ 88},{ 7}},
-{{ 56},{ 7}}, {{120},{ 7}}, {{ 4},{ 7}}, {{ 68},{ 7}}, {{ 36},{ 7}},
-{{100},{ 7}}, {{ 20},{ 7}}, {{ 84},{ 7}}, {{ 52},{ 7}}, {{116},{ 7}},
-{{ 3},{ 8}}, {{131},{ 8}}, {{ 67},{ 8}}, {{195},{ 8}}, {{ 35},{ 8}},
-{{163},{ 8}}, {{ 99},{ 8}}, {{227},{ 8}}
-};
-
-local const ct_data static_dtree[D_CODES] = {
-{{ 0},{ 5}}, {{16},{ 5}}, {{ 8},{ 5}}, {{24},{ 5}}, {{ 4},{ 5}},
-{{20},{ 5}}, {{12},{ 5}}, {{28},{ 5}}, {{ 2},{ 5}}, {{18},{ 5}},
-{{10},{ 5}}, {{26},{ 5}}, {{ 6},{ 5}}, {{22},{ 5}}, {{14},{ 5}},
-{{30},{ 5}}, {{ 1},{ 5}}, {{17},{ 5}}, {{ 9},{ 5}}, {{25},{ 5}},
-{{ 5},{ 5}}, {{21},{ 5}}, {{13},{ 5}}, {{29},{ 5}}, {{ 3},{ 5}},
-{{19},{ 5}}, {{11},{ 5}}, {{27},{ 5}}, {{ 7},{ 5}}, {{23},{ 5}}
-};
-
-const uch _dist_code[DIST_CODE_LEN] = {
- 0, 1, 2, 3, 4, 4, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, 8, 8, 8, 8,
- 8, 8, 8, 8, 9, 9, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 10, 10, 10,
-10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
-13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
-15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 0, 0, 16, 17,
-18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
-23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
-26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
-26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
-27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
-27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
-};
-
-const uch _length_code[MAX_MATCH-MIN_MATCH+1]= {
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 12, 12,
-13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
-17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
-19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
-21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
-22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
-23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
-25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
-26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
-26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
-27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
-};
-
-local const int base_length[LENGTH_CODES] = {
-0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
-64, 80, 96, 112, 128, 160, 192, 224, 0
-};
-
-local const int base_dist[D_CODES] = {
- 0, 1, 2, 3, 4, 6, 8, 12, 16, 24,
- 32, 48, 64, 96, 128, 192, 256, 384, 512, 768,
- 1024, 1536, 2048, 3072, 4096, 6144, 8192, 12288, 16384, 24576
-};
-
diff --git a/security/nss/cmd/zlib/uncompr.c b/security/nss/cmd/zlib/uncompr.c
deleted file mode 100644
index 5e5a83247..000000000
--- a/security/nss/cmd/zlib/uncompr.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/* uncompr.c -- decompress a memory buffer
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-/* ===========================================================================
- Decompresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be large enough to hold the
- entire uncompressed data. (The size of the uncompressed data must have
- been saved previously by the compressor and transmitted to the decompressor
- by some mechanism outside the scope of this compression library.)
- Upon exit, destLen is the actual size of the compressed buffer.
- This function can be used to decompress a whole file at once if the
- input file is mmap'ed.
-
- uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-PR_PUBLIC_API(int) uncompress (dest, destLen, source, sourceLen)
- Bytef *dest;
- uLongf *destLen;
- const Bytef *source;
- uLong sourceLen;
-{
- z_stream stream;
- int err;
-
- stream.next_in = (Bytef*)source;
- stream.avail_in = (uInt)sourceLen;
- /* Check for source > 64K on 16-bit machine: */
- if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-
- stream.next_out = dest;
- stream.avail_out = (uInt)*destLen;
- if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
- stream.zalloc = (alloc_func)0;
- stream.zfree = (free_func)0;
-
- err = inflateInit(&stream);
- if (err != Z_OK) return err;
-
- err = inflate(&stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- inflateEnd(&stream);
- return err;
- }
- *destLen = stream.total_out;
-
- err = inflateEnd(&stream);
- return err;
-}
diff --git a/security/nss/cmd/zlib/zconf.h b/security/nss/cmd/zlib/zconf.h
deleted file mode 100644
index 096a448b4..000000000
--- a/security/nss/cmd/zlib/zconf.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#ifndef _ZCONF_H
-#define _ZCONF_H
-
-/*
- * If you *really* need a unique prefix for all types and library functions,
- * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
- */
-#ifdef Z_PREFIX
-# define deflateInit_ z_deflateInit_
-# define deflate z_deflate
-# define deflateEnd z_deflateEnd
-# define inflateInit_ z_inflateInit_
-# define inflate z_inflate
-# define inflateEnd z_inflateEnd
-# define deflateInit2_ z_deflateInit2_
-# define deflateSetDictionary z_deflateSetDictionary
-# define deflateCopy z_deflateCopy
-# define deflateReset z_deflateReset
-# define deflateParams z_deflateParams
-# define inflateInit2_ z_inflateInit2_
-# define inflateSetDictionary z_inflateSetDictionary
-# define inflateSync z_inflateSync
-# define inflateReset z_inflateReset
-# define compress z_compress
-# define uncompress z_uncompress
-# define adler32 z_adler32
-# define crc32 z_crc32
-# define get_crc_table z_get_crc_table
-
-# define Byte z_Byte
-# define uInt z_uInt
-# define uLong z_uLong
-# define Bytef z_Bytef
-# define charf z_charf
-# define intf z_intf
-# define uIntf z_uIntf
-# define uLongf z_uLongf
-# define voidpf z_voidpf
-# define voidp z_voidp
-#endif
-
-#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-# define WIN32
-#endif
-#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-# ifndef __32BIT__
-# define __32BIT__
-# endif
-#endif
-#if defined(__MSDOS__) && !defined(MSDOS)
-# define MSDOS
-#endif
-
-/*
- * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
- * than 64k bytes at a time (needed on systems with 16-bit int).
- */
-#if defined(MSDOS) && !defined(__32BIT__)
-# define MAXSEG_64K
-#endif
-#ifdef MSDOS
-# define UNALIGNED_OK
-#endif
-
-#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2)) && !defined(STDC)
-# define STDC
-#endif
-#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
-# define STDC
-#endif
-
-#ifndef STDC
-# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-# define const
-# endif
-#endif
-
-/* Some Mac compilers merge all .h files incorrectly: */
-#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-# define NO_DUMMY_DECL
-#endif
-
-/* Maximum value for memLevel in deflateInit2 */
-#ifndef MAX_MEM_LEVEL
-# ifdef MAXSEG_64K
-# define MAX_MEM_LEVEL 8
-# else
-# define MAX_MEM_LEVEL 9
-# endif
-#endif
-
-/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
-#ifndef MAX_WBITS
-# define MAX_WBITS 15 /* 32K LZ77 window */
-#endif
-
-/* The memory requirements for deflate are (in bytes):
- 1 << (windowBits+2) + 1 << (memLevel+9)
- that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
- plus a few kilobytes for small objects. For example, if you want to reduce
- the default memory requirements from 256K to 128K, compile with
- make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
- Of course this will generally degrade compression (there's no free lunch).
-
- The memory requirements for inflate are (in bytes) 1 << windowBits
- that is, 32K for windowBits=15 (default value) plus a few kilobytes
- for small objects.
-*/
-
- /* Type declarations */
-
-#ifndef OF /* function prototypes */
-# ifdef STDC
-# define OF(args) args
-# else
-# define OF(args) ()
-# endif
-#endif
-
-/* The following definitions for FAR are needed only for MSDOS mixed
- * model programming (small or medium model with some far allocations).
- * This was tested only with MSC; for other MSDOS compilers you may have
- * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
- * just define FAR to be empty.
- */
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
- /* MSC small or medium model */
-# define SMALL_MEDIUM
-# ifdef _MSC_VER
-# define FAR __far
-# else
-# define FAR far
-# endif
-#endif
-#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-# ifndef __32BIT__
-# define SMALL_MEDIUM
-# define FAR __far
-# endif
-#endif
-#ifndef FAR
-# define FAR
-#endif
-
-typedef unsigned char Byte; /* 8 bits */
-typedef unsigned int uInt; /* 16 bits or more */
-typedef unsigned long uLong; /* 32 bits or more */
-
-#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
- /* Borland C/C++ ignores FAR inside typedef */
-# define Bytef Byte FAR
-#else
- typedef Byte FAR Bytef;
-#endif
-typedef char FAR charf;
-typedef int FAR intf;
-typedef uInt FAR uIntf;
-typedef uLong FAR uLongf;
-
-#ifdef STDC
- typedef void FAR *voidpf;
- typedef void *voidp;
-#else
- typedef Byte FAR *voidpf;
- typedef Byte *voidp;
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#else
-/* Compile with -DZLIB_DLL for Windows DLL support */
-#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
-# include <windows.h>
-# define EXPORT WINAPI
-#else
-# define EXPORT
-#endif
-
-/* #define PR_PUBLIC_API(type) type */
-
-#endif /* MOZILLA_CLIENT */
-
-#endif /* _ZCONF_H */
diff --git a/security/nss/cmd/zlib/zip16.def b/security/nss/cmd/zlib/zip16.def
deleted file mode 100644
index 664eeab09..000000000
--- a/security/nss/cmd/zlib/zip16.def
+++ /dev/null
@@ -1,24 +0,0 @@
-LIBRARY zip1640.DLL
-EXETYPE WINDOWS
-PROTMODE
-
-DESCRIPTION '16-bit Zip DLL'
-
-STUB 'WINSTUB.EXE'
-
-CODE LOADONCALL MOVEABLE DISCARDABLE
-DATA PRELOAD MOVEABLE SINGLE
-
-HEAPSIZE 8192
-
-EXPORTS
-
-IMPORTS
- _malloc = nspr3.2
- _realloc = nspr3.3
- _calloc = nspr3.4
- _free = nspr3.5
- _getenv = nspr3.9
- _printf = nspr3.11
- _sscanf = nspr3.33
-
diff --git a/security/nss/cmd/zlib/zlib.h b/security/nss/cmd/zlib/zlib.h
deleted file mode 100644
index b216f00a3..000000000
--- a/security/nss/cmd/zlib/zlib.h
+++ /dev/null
@@ -1,892 +0,0 @@
-/* zlib.h -- interface of the 'zlib' general purpose compression library
- version 1.0.4, Jul 24th, 1996.
-
- Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
- This software is provided 'as-is', without any express or implied
- warranty. In no event will the authors be held liable for any damages
- arising from the use of this software.
-
- Permission is granted to anyone to use this software for any purpose,
- including commercial applications, and to alter it and redistribute it
- freely, subject to the following restrictions:
-
- 1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
- 2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
- 3. This notice may not be removed or altered from any source distribution.
-
- Jean-loup Gailly Mark Adler
- gzip@prep.ai.mit.edu madler@alumni.caltech.edu
-
-
- The data format used by the zlib library is described by RFCs (Request for
- Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
- (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-*/
-/* This file was modified since it was taken from the zlib distribution */
-
-#ifndef _ZLIB_H
-#define _ZLIB_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "zconf.h"
-
-#define ZLIB_VERSION "1.0.4"
-
-/*
- The 'zlib' compression library provides in-memory compression and
- decompression functions, including integrity checks of the uncompressed
- data. This version of the library supports only one compression method
- (deflation) but other algorithms may be added later and will have the same
- stream interface.
-
- For compression the application must provide the output buffer and
- may optionally provide the input buffer for optimization. For decompression,
- the application must provide the input buffer and may optionally provide
- the output buffer for optimization.
-
- Compression can be done in a single step if the buffers are large
- enough (for example if an input file is mmap'ed), or can be done by
- repeated calls of the compression function. In the latter case, the
- application must provide more input and/or consume the output
- (providing more output space) before each call.
-
- The library does not install any signal handler. It is recommended to
- add at least a handler for SIGSEGV when decompressing; the library checks
- the consistency of the input data whenever possible but may go nuts
- for some forms of corrupted input.
-*/
-
-typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-typedef void (*free_func) OF((voidpf opaque, voidpf address));
-
-struct internal_state;
-
-typedef struct z_stream_s {
- Bytef *next_in; /* next input byte */
- uInt avail_in; /* number of bytes available at next_in */
- uLong total_in; /* total nb of input bytes read so far */
-
- Bytef *next_out; /* next output byte should be put there */
- uInt avail_out; /* remaining free space at next_out */
- uLong total_out; /* total nb of bytes output so far */
-
- char *msg; /* last error message, NULL if no error */
- struct internal_state FAR *state; /* not visible by applications */
-
- alloc_func zalloc; /* used to allocate the internal state */
- free_func zfree; /* used to free the internal state */
- voidpf opaque; /* private data object passed to zalloc and zfree */
-
- int data_type; /* best guess about the data type: ascii or binary */
- uLong adler; /* adler32 value of the uncompressed data */
- uLong reserved; /* reserved for future use */
-} z_stream;
-
-typedef z_stream FAR *z_streamp;
-
-/*
- The application must update next_in and avail_in when avail_in has
- dropped to zero. It must update next_out and avail_out when avail_out
- has dropped to zero. The application must initialize zalloc, zfree and
- opaque before calling the init function. All other fields are set by the
- compression library and must not be updated by the application.
-
- The opaque value provided by the application will be passed as the first
- parameter for calls of zalloc and zfree. This can be useful for custom
- memory management. The compression library attaches no meaning to the
- opaque value.
-
- zalloc must return Z_NULL if there is not enough memory for the object.
- On 16-bit systems, the functions zalloc and zfree must be able to allocate
- exactly 65536 bytes, but will not be required to allocate more than this
- if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
- pointers returned by zalloc for objects of exactly 65536 bytes *must*
- have their offset normalized to zero. The default allocation function
- provided by this library ensures this (see zutil.c). To reduce memory
- requirements and avoid any allocation of 64K objects, at the expense of
- compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-
- The fields total_in and total_out can be used for statistics or
- progress reports. After compression, total_in holds the total size of
- the uncompressed data and may be saved for use in the decompressor
- (particularly if the decompressor wants to decompress everything in
- a single step).
-*/
-
- /* constants */
-
-#define Z_NO_FLUSH 0
-#define Z_PARTIAL_FLUSH 1
-#define Z_SYNC_FLUSH 2
-#define Z_FULL_FLUSH 3
-#define Z_FINISH 4
-/* Allowed flush values; see deflate() below for details */
-
-#define Z_OK 0
-#define Z_STREAM_END 1
-#define Z_NEED_DICT 2
-#define Z_ERRNO (-1)
-#define Z_STREAM_ERROR (-2)
-#define Z_DATA_ERROR (-3)
-#define Z_MEM_ERROR (-4)
-#define Z_BUF_ERROR (-5)
-#define Z_VERSION_ERROR (-6)
-/* Return codes for the compression/decompression functions. Negative
- * values are errors, positive values are used for special but normal events.
- */
-
-#define Z_NO_COMPRESSION 0
-#define Z_BEST_SPEED 1
-#define Z_BEST_COMPRESSION 9
-#define Z_DEFAULT_COMPRESSION (-1)
-/* compression levels */
-
-#define Z_FILTERED 1
-#define Z_HUFFMAN_ONLY 2
-#define Z_DEFAULT_STRATEGY 0
-/* compression strategy; see deflateInit2() below for details */
-
-#define Z_BINARY 0
-#define Z_ASCII 1
-#define Z_UNKNOWN 2
-/* Possible values of the data_type field */
-
-#define Z_DEFLATED 8
-/* The deflate compression method (the only one supported in this version) */
-
-#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
-
-#define zlib_version zlibVersion()
-/* for compatibility with versions < 1.0.2 */
-
- /* basic functions */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) zlibVersion (void);
-#else
-extern const char * EXPORT zlibVersion OF((void));
-#endif
-/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
- If the first character differs, the library code actually used is
- not compatible with the zlib.h header file used by the application.
- This check is automatically made by deflateInit and inflateInit.
- */
-
-/*
-extern int EXPORT deflateInit OF((z_streamp strm, int level));
-
- Initializes the internal stream state for compression. The fields
- zalloc, zfree and opaque must be initialized before by the caller.
- If zalloc and zfree are set to Z_NULL, deflateInit updates them to
- use default allocation functions.
-
- The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
- 1 gives best speed, 9 gives best compression, 0 gives no compression at
- all (the input data is simply copied a block at a time).
- Z_DEFAULT_COMPRESSION requests a default compromise between speed and
- compression (currently equivalent to level 6).
-
- deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if level is not a valid compression level,
- Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
- with the version assumed by the caller (ZLIB_VERSION).
- msg is set to null if there is no error message. deflateInit does not
- perform any compression: this will be done by deflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflate (z_streamp strm, int flush);
-#else
-extern int EXPORT deflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Compress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in and avail_in are updated and
- processing will resume at this point for the next call of deflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. This action is forced if the parameter flush is non zero.
- Forcing flush frequently degrades the compression ratio, so this parameter
- should be set only when necessary (in interactive applications).
- Some output may be provided even if flush is not set.
-
- Before the call of deflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating avail_in or avail_out accordingly; avail_out
- should never be zero before the call. The application can consume the
- compressed output when it wants, for example when the output buffer is full
- (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
- and with zero avail_out, it must be called again after making room in the
- output buffer because there might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
- block is terminated and flushed to the output buffer so that the
- decompressor can get all input data available so far. For method 9, a future
- variant on method 8, the current block will be flushed but not terminated.
- Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
- output is byte aligned (the compressor can clear its internal bit buffer)
- and the current block is always terminated; this can be useful if the
- compressor has to be restarted from scratch after an interruption (in which
- case the internal state of the compressor may be lost).
- If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
- special marker is output and the compression dictionary is discarded; this
- is useful to allow the decompressor to synchronize if one compressed block
- has been damaged (see inflateSync below). Flushing degrades compression and
- so should be used only when necessary. Using Z_FULL_FLUSH too often can
- seriously degrade the compression. If deflate returns with avail_out == 0,
- this function must be called again with the same value of the flush
- parameter and more output space (updated avail_out), until the flush is
- complete (deflate returns with non-zero avail_out).
-
- If the parameter flush is set to Z_FINISH, pending input is processed,
- pending output is flushed and deflate returns with Z_STREAM_END if there
- was enough output space; if deflate returns with Z_OK, this function must be
- called again with Z_FINISH and more output space (updated avail_out) but no
- more input data, until it returns with Z_STREAM_END or an error. After
- deflate has returned Z_STREAM_END, the only possible operations on the
- stream are deflateReset or deflateEnd.
-
- Z_FINISH can be used immediately after deflateInit if all the compression
- is to be done in a single step. In this case, avail_out must be at least
- 0.1% larger than avail_in plus 12 bytes. If deflate does not return
- Z_STREAM_END, then it must be called again as described above.
-
- deflate() may update data_type if it can make a good guess about
- the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
- binary. This field is only for information purposes and does not affect
- the compression algorithm in any manner.
-
- deflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if all input has been
- consumed and all output has been produced (only when flush is set to
- Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
- if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateEnd (z_streamp strm);
-#else
-extern int EXPORT deflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
- stream state was inconsistent, Z_DATA_ERROR if the stream was freed
- prematurely (some input or output was discarded). In the error case,
- msg may be set but then points to a static string (which must not be
- deallocated).
-*/
-
-
-/*
-extern int EXPORT inflateInit OF((z_streamp strm));
-
- Initializes the internal stream state for decompression. The fields
- zalloc, zfree and opaque must be initialized before by the caller. If
- zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
- allocation functions.
-
- inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
- with the version assumed by the caller. msg is set to null if there is no
- error message. inflateInit does not perform any decompression: this will be
- done by inflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflate (z_streamp strm, int flush);
-#else
-extern int EXPORT inflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Decompress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in is updated and processing
- will resume at this point for the next call of inflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. inflate() provides as much output as possible, until there
- is no more input data or no more space in the output buffer (see below
- about the flush parameter).
-
- Before the call of inflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating the next_* and avail_* values accordingly.
- The application can consume the uncompressed output when it wants, for
- example when the output buffer is full (avail_out == 0), or after each
- call of inflate(). If inflate returns Z_OK and with zero avail_out, it
- must be called again after making room in the output buffer because there
- might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
- output as possible to the output buffer. The flushing behavior of inflate is
- not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
- and Z_FINISH, but the current implementation actually flushes as much output
- as possible anyway.
-
- inflate() should normally be called until it returns Z_STREAM_END or an
- error. However if all decompression is to be performed in a single step
- (a single call of inflate), the parameter flush should be set to
- Z_FINISH. In this case all pending input is processed and all pending
- output is flushed; avail_out must be large enough to hold all the
- uncompressed data. (The size of the uncompressed data may have been saved
- by the compressor for this purpose.) The next operation on this stream must
- be inflateEnd to deallocate the decompression state. The use of Z_FINISH
- is never required, but can be used to inform inflate that a faster routine
- may be used for the single inflate() call.
-
- inflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if the end of the
- compressed data has been reached and all uncompressed output has been
- produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
- inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
- Z_STREAM_ERROR if the stream structure was inconsistent (for example if
- next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
- Z_BUF_ERROR if no progress is possible or if there was not enough room in
- the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
- application may then call inflateSync to look for a good compression block.
- In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
- dictionary chosen by the compressor.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateEnd (z_streamp strm);
-#else
-extern int EXPORT inflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
- was inconsistent. In the error case, msg may be set but then points to a
- static string (which must not be deallocated).
-*/
-
- /* Advanced functions */
-
-/*
- The following functions are needed only in some special applications.
-*/
-
-/*
-extern int EXPORT deflateInit2 OF((z_streamp strm,
- int level,
- int method,
- int windowBits,
- int memLevel,
- int strategy));
-
- This is another version of deflateInit with more compression options. The
- fields next_in, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The method parameter is the compression method. It must be Z_DEFLATED in
- this version of the library. (Method 9 will allow a 64K history buffer and
- partial block flushes.)
-
- The windowBits parameter is the base two logarithm of the window size
- (the size of the history buffer). It should be in the range 8..15 for this
- version of the library (the value 16 will be allowed for method 9). Larger
- values of this parameter result in better compression at the expense of
- memory usage. The default value is 15 if deflateInit is used instead.
-
- The memLevel parameter specifies how much memory should be allocated
- for the internal compression state. memLevel=1 uses minimum memory but
- is slow and reduces compression ratio; memLevel=9 uses maximum memory
- for optimal speed. The default value is 8. See zconf.h for total memory
- usage as a function of windowBits and memLevel.
-
- The strategy parameter is used to tune the compression algorithm. Use the
- value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
- filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
- string match). Filtered data consists mostly of small values with a
- somewhat random distribution. In this case, the compression algorithm is
- tuned to compress them better. The effect of Z_FILTERED is to force more
- Huffman coding and less string matching; it is somewhat intermediate
- between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
- the compression ratio but not the correctness of the compressed output even
- if it is not set appropriately.
-
- If next_in is not null, the library will use this buffer to hold also
- some history information; the buffer must either hold the entire input
- data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
- is null, the library will allocate its own history buffer (and leave next_in
- null). next_out need not be provided here but must be provided by the
- application for the next call of deflate().
-
- If the history buffer is provided by the application, next_in must
- must never be changed by the application since the compressor maintains
- information inside this buffer from call to call; the application
- must provide more input only by increasing avail_in. next_in is always
- reset by the library in this case.
-
- deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- an invalid method). msg is set to null if there is no error message.
- deflateInit2 does not perform any compression: this will be done by
- deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT deflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the compression dictionary (history buffer) from the given
- byte sequence without producing any compressed output. This function must
- be called immediately after deflateInit or deflateInit2, before any call
- of deflate. The compressor and decompressor must use exactly the same
- dictionary (see inflateSetDictionary).
- The dictionary should consist of strings (byte sequences) that are likely
- to be encountered later in the data to be compressed, with the most commonly
- used strings preferably put towards the end of the dictionary. Using a
- dictionary is most useful when the data to be compressed is short and
- can be predicted with good accuracy; the data can then be compressed better
- than with the default empty dictionary. In this version of the library,
- only the last 32K bytes of the dictionary are used.
- Upon return of this function, strm->adler is set to the Adler32 value
- of the dictionary; the decompressor may later use this value to determine
- which dictionary has been used by the compressor. (The Adler32 value
- applies to the whole dictionary even if only a subset of the dictionary is
- actually used by the compressor.)
-
- deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state
- is inconsistent (for example if deflate has already been called for this
- stream). deflateSetDictionary does not perform any compression: this will
- be done by deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateCopy (z_streamp dest, z_streamp source);
-#else
-extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
-#endif
-/*
- Sets the destination stream as a complete copy of the source stream. If
- the source stream is using an application-supplied history buffer, a new
- buffer is allocated for the destination stream. The compressed output
- buffer is always application-supplied. It's the responsibility of the
- application to provide the correct values of next_out and avail_out for the
- next call of deflate.
-
- This function can be useful when several compression strategies will be
- tried, for example when there are several ways of pre-processing the input
- data with a filter. The streams that will be discarded should then be freed
- by calling deflateEnd. Note that deflateCopy duplicates the internal
- compression state which can be quite large, so this strategy is slow and
- can consume lots of memory.
-
- deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
- (such as zalloc being NULL). msg is left unchanged in both source and
- destination.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateReset (z_streamp strm);
-#else
-extern int EXPORT deflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to deflateEnd followed by deflateInit,
- but does not free and reallocate all the internal compression state.
- The stream will keep the same compression level and any other attributes
- that may have been set by deflateInit2.
-
- deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateParams (z_streamp strm, int level, int strategy);
-#else
-extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
-#endif
-/*
- Dynamically update the compression level and compression strategy.
- This can be used to switch between compression and straight copy of
- the input data, or to switch to a different kind of input data requiring
- a different strategy. If the compression level is changed, the input
- available so far is compressed with the old level (and may be flushed);
- the new level will take effect only at the next call of deflate().
-
- Before the call of deflateParams, the stream state must be set as for
- a call of deflate(), since the currently available input may have to
- be compressed and flushed. In particular, strm->avail_out must be non-zero.
-
- deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
- stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
- if strm->avail_out was zero.
-*/
-
-/*
-extern int EXPORT inflateInit2 OF((z_streamp strm,
- int windowBits));
-
- This is another version of inflateInit with more compression options. The
- fields next_out, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The windowBits parameter is the base two logarithm of the maximum window
- size (the size of the history buffer). It should be in the range 8..15 for
- this version of the library (the value 16 will be allowed soon). The
- default value is 15 if inflateInit is used instead. If a compressed stream
- with a larger window size is given as input, inflate() will return with
- the error code Z_DATA_ERROR instead of trying to allocate a larger window.
-
- If next_out is not null, the library will use this buffer for the history
- buffer; the buffer must either be large enough to hold the entire output
- data, or have at least 1<<windowBits bytes. If next_out is null, the
- library will allocate its own buffer (and leave next_out null). next_in
- need not be provided here but must be provided by the application for the
- next call of inflate().
-
- If the history buffer is provided by the application, next_out must
- never be changed by the application since the decompressor maintains
- history information inside this buffer from call to call; the application
- can only reset next_out to the beginning of the history buffer when
- avail_out is zero and all output has been consumed.
-
- inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- windowBits < 8). msg is set to null if there is no error message.
- inflateInit2 does not perform any decompression: this will be done by
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT inflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the decompression dictionary (history buffer) from the given
- uncompressed byte sequence. This function must be called immediately after
- a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
- by the compressor can be determined from the Adler32 value returned by this
- call of inflate. The compressor and decompressor must use exactly the same
- dictionary (see deflateSetDictionary).
-
- inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state is
- inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
- expected one (incorrect Adler32 value). inflateSetDictionary does not
- perform any decompression: this will be done by subsequent calls of
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSync (z_streamp strm);
-#else
-extern int EXPORT inflateSync OF((z_streamp strm));
-#endif
-/*
- Skips invalid compressed data until the special marker (see deflate()
- above) can be found, or until all available input is skipped. No output
- is provided.
-
- inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
- if no more input was provided, Z_DATA_ERROR if no marker has been found,
- or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
- case, the application may save the current current value of total_in which
- indicates where valid compressed data was found. In the error case, the
- application may repeatedly call inflateSync, providing more input each time,
- until success or end of the input data.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateReset (z_streamp strm);
-#else
-extern int EXPORT inflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to inflateEnd followed by inflateInit,
- but does not free and reallocate all the internal decompression state.
- The stream will keep attributes that may have been set by inflateInit2.
-
- inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-
- /* utility functions */
-
-/*
- The following utility functions are implemented on top of the
- basic stream-oriented functions. To simplify the interface, some
- default options are assumed (compression level, window size,
- standard memory allocation functions). The source code of these
- utility functions can easily be modified if you need special options.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) compress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT compress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Compresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be at least 0.1% larger than
- sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
- compressed buffer.
- This function can be used to compress a whole file at once if the
- input file is mmap'ed.
- compress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) uncompress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT uncompress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Decompresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be large enough to hold the
- entire uncompressed data. (The size of the uncompressed data must have
- been saved previously by the compressor and transmitted to the decompressor
- by some mechanism outside the scope of this compression library.)
- Upon exit, destLen is the actual size of the compressed buffer.
- This function can be used to decompress a whole file at once if the
- input file is mmap'ed.
-
- uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-
-
-typedef voidp gzFile;
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen (const char *path, const char *mode);
-#else
-extern gzFile EXPORT gzopen OF((const char *path, const char *mode));
-#endif
-/*
- Opens a gzip (.gz) file for reading or writing. The mode parameter
- is as in fopen ("rb" or "wb") but can also include a compression level
- ("wb9"). gzopen can be used to read a file which is not in gzip format;
- in this case gzread will directly read from the file without decompression.
- gzopen returns NULL if the file could not be opened or if there was
- insufficient memory to allocate the (de)compression state; errno
- can be checked to distinguish the two cases (if errno is zero, the
- zlib error is Z_MEM_ERROR).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen (int fd, const char *mode);
-#else
-extern gzFile EXPORT gzdopen OF((int fd, const char *mode));
-#endif
-/*
- gzdopen() associates a gzFile with the file descriptor fd. File
- descriptors are obtained from calls like open, dup, creat, pipe or
- fileno (in the file has been previously opened with fopen).
- The mode parameter is as in gzopen.
- The next call of gzclose on the returned gzFile will also close the
- file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
- descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
- gzdopen returns NULL if there was insufficient memory to allocate
- the (de)compression state.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzread (gzFile file, voidp buf, unsigned len);
-#else
-extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len));
-#endif
-/*
- Reads the given number of uncompressed bytes from the compressed file.
- If the input file was not in gzip format, gzread copies the given number
- of bytes into the buffer.
- gzread returns the number of uncompressed bytes actually read (0 for
- end of file, -1 for error). */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzwrite (gzFile file, const voidp buf, unsigned len);
-#else
-extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len));
-#endif
-/*
- Writes the given number of uncompressed bytes into the compressed file.
- gzwrite returns the number of uncompressed bytes actually written
- (0 in case of error).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzflush (gzFile file, int flush);
-#else
-extern int EXPORT gzflush OF((gzFile file, int flush));
-#endif
-/*
- Flushes all pending output into the compressed file. The parameter
- flush is as in the deflate() function. The return value is the zlib
- error number (see function gzerror below). gzflush returns Z_OK if
- the flush parameter is Z_FINISH and all output could be flushed.
- gzflush should be called only when strictly necessary because it can
- degrade compression.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzclose (gzFile file);
-#else
-extern int EXPORT gzclose OF((gzFile file));
-#endif
-/*
- Flushes all pending output if necessary, closes the compressed file
- and deallocates all the (de)compression state. The return value is the zlib
- error number (see function gzerror below).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum);
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum));
-#endif
-/*
- Returns the error message for the last error which occurred on the
- given compressed file. errnum is set to zlib error number. If an
- error occurred in the file system and not in the compression library,
- errnum is set to Z_ERRNO and the application may consult errno
- to get the exact error code.
-*/
-
- /* checksum functions */
-
-/*
- These functions are not related to compression but are exported
- anyway because they might be useful in applications using the
- compression library.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) adler32 (uLong adler, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-#endif
-
-/*
- Update a running Adler-32 checksum with the bytes buf[0..len-1] and
- return the updated checksum. If buf is NULL, this function returns
- the required initial value for the checksum.
- An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
- much faster. Usage example:
-
- uLong adler = adler32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- adler = adler32(adler, buffer, length);
- }
- if (adler != original_adler) error();
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) crc32 (uLong crc, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
-#endif
-/*
- Update a running crc with the bytes buf[0..len-1] and return the updated
- crc. If buf is NULL, this function returns the required initial value
- for the crc. Pre- and post-conditioning (one's complement) is performed
- within this function so it shouldn't be done by the application.
- Usage example:
-
- uLong crc = crc32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- crc = crc32(crc, buffer, length);
- }
- if (crc != original_crc) error();
-*/
-
-
- /* various hacks, don't look :) */
-
-/* deflateInit and inflateInit are macros to allow checking the zlib version
- * and the compiler's view of z_stream:
- */
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateInit_ (z_streamp strm, int level, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) inflateInit_ (z_streamp strm, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) deflateInit2_ (z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size);
-PR_PUBLIC_API(extern int) inflateInit2_ (z_streamp strm, int windowBits,
- const char *version, int stream_size);
-#else
-extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version,
- int stream_size));
-extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version,
- int stream_size));
-extern int EXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size));
-extern int EXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
- const char *version, int stream_size));
-#endif /* MOZILLA_CLIENT */
-
-
-#define deflateInit(strm, level) \
- deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit(strm) \
- inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
-#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
- deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
- (strategy), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit2(strm, windowBits) \
- inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-
-#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
- struct internal_state {int dummy;}; /* hack for buggy compilers */
-#endif
-
-uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _ZLIB_H */
diff --git a/security/nss/cmd/zlib/zutil.c b/security/nss/cmd/zlib/zutil.c
deleted file mode 100644
index afca3ed0c..000000000
--- a/security/nss/cmd/zlib/zutil.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* zutil.c -- target dependent utility functions for the compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include <stdio.h>
-
-#include "zutil.h"
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#include "prlog.h"
-#endif
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#ifndef STDC
-extern void exit OF((int));
-#endif
-
-const char *z_errmsg[10] = {
-"need dictionary", /* Z_NEED_DICT 2 */
-"stream end", /* Z_STREAM_END 1 */
-"", /* Z_OK 0 */
-"file error", /* Z_ERRNO (-1) */
-"stream error", /* Z_STREAM_ERROR (-2) */
-"data error", /* Z_DATA_ERROR (-3) */
-"insufficient memory", /* Z_MEM_ERROR (-4) */
-"buffer error", /* Z_BUF_ERROR (-5) */
-"incompatible version",/* Z_VERSION_ERROR (-6) */
-""};
-
-
-PR_PUBLIC_API(const char *) zlibVersion()
-{
- return ZLIB_VERSION;
-}
-
-#if defined(DEBUG) && defined(MOZILLA_CLIENT)
-void z_error (m)
- char *m;
-{
- PR_ASSERT(0);
-}
-#endif
-
-#ifndef HAVE_MEMCPY
-
-void zmemcpy(dest, source, len)
- Bytef* dest;
- Bytef* source;
- uInt len;
-{
- if (len == 0) return;
- do {
- *dest++ = *source++; /* ??? to be unrolled */
- } while (--len != 0);
-}
-
-int zmemcmp(s1, s2, len)
- Bytef* s1;
- Bytef* s2;
- uInt len;
-{
- uInt j;
-
- for (j = 0; j < len; j++) {
- if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
- }
- return 0;
-}
-
-void zmemzero(dest, len)
- Bytef* dest;
- uInt len;
-{
- if (len == 0) return;
- do {
- *dest++ = 0; /* ??? to be unrolled */
- } while (--len != 0);
-}
-#endif
-
-#ifdef __TURBOC__
-#if (defined( __BORLANDC__) || !defined(SMALL_MEDIUM)) && !defined(__32BIT__)
-/* Small and medium model in Turbo C are for now limited to near allocation
- * with reduced MAX_WBITS and MAX_MEM_LEVEL
- */
-# define MY_ZCALLOC
-
-/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
- * and farmalloc(64K) returns a pointer with an offset of 8, so we
- * must fix the pointer. Warning: the pointer must be put back to its
- * original form in order to free it, use zcfree().
- */
-
-#define MAX_PTR 10
-/* 10*64K = 640K */
-
-local int next_ptr = 0;
-
-typedef struct ptr_table_s {
- voidpf org_ptr;
- voidpf new_ptr;
-} ptr_table;
-
-local ptr_table table[MAX_PTR];
-/* This table is used to remember the original form of pointers
- * to large buffers (64K). Such pointers are normalized with a zero offset.
- * Since MSDOS is not a preemptive multitasking OS, this table is not
- * protected from concurrent access. This hack doesn't work anyway on
- * a protected system like OS/2. Use Microsoft C instead.
- */
-
-voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-{
- voidpf buf = opaque; /* just to make some compilers happy */
- ulg bsize = (ulg)items*size;
-
- /* If we allocate less than 65520 bytes, we assume that farmalloc
- * will return a usable pointer which doesn't have to be normalized.
- */
- if (bsize < 65520L) {
- buf = farmalloc(bsize);
- if (*(ush*)&buf != 0) return buf;
- } else {
- buf = farmalloc(bsize + 16L);
- }
- if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
- table[next_ptr].org_ptr = buf;
-
- /* Normalize the pointer to seg:0 */
- *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
- *(ush*)&buf = 0;
- table[next_ptr++].new_ptr = buf;
- return buf;
-}
-
-void zcfree (voidpf opaque, voidpf ptr)
-{
- int n;
- if (*(ush*)&ptr != 0) { /* object < 64K */
- farfree(ptr);
- return;
- }
- /* Find the original pointer */
- for (n = 0; n < next_ptr; n++) {
- if (ptr != table[n].new_ptr) continue;
-
- farfree(table[n].org_ptr);
- while (++n < next_ptr) {
- table[n-1] = table[n];
- }
- next_ptr--;
- return;
- }
- ptr = opaque; /* just to make some compilers happy */
- Assert(0, "zcfree: ptr not found");
-}
-#endif
-#endif /* __TURBOC__ */
-
-
-#if defined(M_I86) && !defined(__32BIT__)
-/* Microsoft C in 16-bit mode */
-
-# define MY_ZCALLOC
-
-#if (!defined(_MSC_VER) || (_MSC_VER < 600))
-# define _halloc halloc
-# define _hfree hfree
-#endif
-
-voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-{
- if (opaque) opaque = 0; /* to make compiler happy */
- return _halloc((long)items, size);
-}
-
-void zcfree (voidpf opaque, voidpf ptr)
-{
- if (opaque) opaque = 0; /* to make compiler happy */
- _hfree(ptr);
-}
-
-#endif /* MSC */
-
-
-#ifndef MY_ZCALLOC /* Any system without a special alloc function */
-
-#ifndef STDC
-extern voidp calloc OF((uInt items, uInt size));
-extern void free OF((voidpf ptr));
-#endif
-
-voidpf zcalloc (opaque, items, size)
- voidpf opaque;
- unsigned items;
- unsigned size;
-{
- if (opaque) items += size - size; /* make compiler happy */
- return (voidpf)calloc(items, size);
-}
-
-void zcfree (opaque, ptr)
- voidpf opaque;
- voidpf ptr;
-{
- free(ptr);
- if (opaque) return; /* make compiler happy */
-}
-
-#endif /* MY_ZCALLOC */
diff --git a/security/nss/cmd/zlib/zutil.h b/security/nss/cmd/zlib/zutil.h
deleted file mode 100644
index 6918260cf..000000000
--- a/security/nss/cmd/zlib/zutil.h
+++ /dev/null
@@ -1,211 +0,0 @@
-/* zutil.h -- internal interface and configuration of the compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* $Id$ */
-
-#ifndef _Z_UTIL_H
-#define _Z_UTIL_H
-
-#include "zlib.h"
-
-#if defined(_WIN32_WCE)
-#elif defined(MSDOS)||defined(VMS)||defined(CRAY)||defined(WIN32)||defined(RISCOS)
-# include <stddef.h>
-# include <errno.h>
-#else
- extern int errno;
-#endif
-#ifdef STDC
-# include <string.h>
-# include <stdlib.h>
-#endif
-
-#ifndef local
-# define local static
-#endif
-/* compile with -Dlocal if your debugger can't find static symbols */
-
-typedef unsigned char uch;
-typedef uch FAR uchf;
-typedef unsigned short ush;
-typedef ush FAR ushf;
-typedef unsigned long ulg;
-
-extern const char *z_errmsg[10]; /* indexed by 2-zlib_error */
-/* (size given to avoid silly warnings with Visual C++) */
-
-#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
-
-#define ERR_RETURN(strm,err) \
- return (strm->msg = (char*)ERR_MSG(err), (err))
-/* To be used only when the state is known to be valid */
-
- /* common constants */
-
-#ifndef DEF_WBITS
-# define DEF_WBITS MAX_WBITS
-#endif
-/* default windowBits for decompression. MAX_WBITS is for compression only */
-
-#if MAX_MEM_LEVEL >= 8
-# define DEF_MEM_LEVEL 8
-#else
-# define DEF_MEM_LEVEL MAX_MEM_LEVEL
-#endif
-/* default memLevel */
-
-#define STORED_BLOCK 0
-#define STATIC_TREES 1
-#define DYN_TREES 2
-/* The three kinds of block type */
-
-#define MIN_MATCH 3
-#define MAX_MATCH 258
-/* The minimum and maximum match lengths */
-
-#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
-
- /* target dependencies */
-
-#ifdef MSDOS
-# define OS_CODE 0x00
-# ifdef __TURBOC__
-# include <alloc.h>
-# else /* MSC or DJGPP */
-# include <malloc.h>
-# endif
-#endif
-
-#ifdef OS2
-# define OS_CODE 0x06
-#endif
-
-#ifdef WIN32 /* Window 95 & Windows NT */
-# define OS_CODE 0x0b
-#endif
-
-#if defined(VAXC) || defined(VMS)
-# define OS_CODE 0x02
-# define FOPEN(name, mode) \
- fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
-#endif
-
-#ifdef AMIGA
-# define OS_CODE 0x01
-#endif
-
-#if defined(ATARI) || defined(atarist)
-# define OS_CODE 0x05
-#endif
-
-#ifdef MACOS
-# define OS_CODE 0x07
-#endif
-
-#ifdef __50SERIES /* Prime/PRIMOS */
-# define OS_CODE 0x0F
-#endif
-
-#ifdef TOPS20
-# define OS_CODE 0x0a
-#endif
-
-#if defined(_BEOS_) || defined(RISCOS)
-# define fdopen(fd,mode) NULL /* No fdopen() */
-#endif
-
- /* Common defaults */
-
-#ifndef OS_CODE
-# define OS_CODE 0x03 /* assume Unix */
-#endif
-
-#ifndef FOPEN
-# define FOPEN(name, mode) fopen((name), (mode))
-#endif
-
- /* functions */
-
-#ifdef HAVE_STRERROR
-#ifndef MOZILLA_CLIENT
- extern char *strerror OF((int));
-#endif
-# define zstrerror(errnum) strerror(errnum)
-#else
-# define zstrerror(errnum) ""
-#endif
-
-#if defined(pyr)
-# define NO_MEMCPY
-#endif
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(_MSC_VER)
- /* Use our own functions for small and medium model with MSC <= 5.0.
- * You may have to use the same strategy for Borland C (untested).
- */
-# define NO_MEMCPY
-#endif
-#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
-# define HAVE_MEMCPY
-#endif
-#ifdef HAVE_MEMCPY
-# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
-# define zmemcpy _fmemcpy
-# define zmemcmp _fmemcmp
-# define zmemzero(dest, len) _fmemset(dest, 0, len)
-# else
-# define zmemcpy memcpy
-# define zmemcmp memcmp
-# define zmemzero(dest, len) memset(dest, 0, len)
-# endif
-#else
- extern void zmemcpy OF((Bytef* dest, Bytef* source, uInt len));
- extern int zmemcmp OF((Bytef* s1, Bytef* s2, uInt len));
- extern void zmemzero OF((Bytef* dest, uInt len));
-#endif
-
-/* Diagnostic functions */
-#ifdef DEBUG_ZLIB
-# include <stdio.h>
-# ifndef verbose
-# define verbose 0
-# endif
- extern void z_error OF((char *m));
-# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
-# define Trace(x) fprintf x
-# define Tracev(x) {if (verbose) fprintf x ;}
-# define Tracevv(x) {if (verbose>1) fprintf x ;}
-# define Tracec(c,x) {if (verbose && (c)) fprintf x ;}
-# define Tracecv(c,x) {if (verbose>1 && (c)) fprintf x ;}
-#else
-# include <stdio.h>
-# ifndef verbose
-# define verbose 0
-# endif
- extern void z_error OF((char *m));
-# define Assert(cond,msg)
-# define Trace(x)
-# define Tracev(x)
-# define Tracevv(x)
-# define Tracec(c,x)
-# define Tracecv(c,x)
-#endif
-
-
-typedef uLong (*check_func) OF((uLong check, const Bytef *buf, uInt len));
-
-voidpf zcalloc OF((voidpf opaque, unsigned items, unsigned size));
-void zcfree OF((voidpf opaque, voidpf ptr));
-
-#define ZALLOC(strm, items, size) \
- (*((strm)->zalloc))((strm)->opaque, (items), (size))
-#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
-#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
-
-#endif /* _Z_UTIL_H */
diff --git a/security/nss/lib/Makefile b/security/nss/lib/Makefile
deleted file mode 100644
index d7c687fe8..000000000
--- a/security/nss/lib/Makefile
+++ /dev/null
@@ -1,91 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-ifeq ($(OS_TARGET), WINCE)
-DIRS := $(filter-out fortcrypt,$(DIRS))
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-ifdef MOZILLA_SECURITY_BUILD
-FILES=$(shell ls -d $(CORE_DEPTH)/../../ns/security/lib/crypto/*)
-
-export::
- if test -d $(CORE_DEPTH)/../../ns/security/lib/crypto; then \
- $(NSINSTALL) -D crypto; \
- for file in $(FILES) ; do \
- if test -f $$file; then \
- $(INSTALL) -m 444 $$file crypto; \
- fi; \
- done; \
- $(INSTALL) -m 444 freebl/sha_fast.c crypto; \
- $(INSTALL) -m 444 freebl/sha_fast.h crypto; \
- fi
-endif
diff --git a/security/nss/lib/asn1/Makefile b/security/nss/lib/asn1/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/asn1/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/asn1/asn1.c b/security/nss/lib/asn1/asn1.c
deleted file mode 100644
index 9c584c770..000000000
--- a/security/nss/lib/asn1/asn1.c
+++ /dev/null
@@ -1,1727 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1.c
- *
- * At this point in time, this file contains the NSS wrappers for
- * the old "SEC" ASN.1 encoder/decoder stuff.
- */
-
-#ifndef ASN1M_H
-#include "asn1m.h"
-#endif /* ASN1M_H */
-
-#include "plarena.h"
-#include "secasn1.h"
-
-/*
- * The pointer-tracking stuff
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker decoder_pointer_tracker;
-
-static PRStatus
-decoder_add_pointer
-(
- const nssASN1Decoder *decoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&decoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&decoder_pointer_tracker, decoder);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-decoder_remove_pointer
-(
- const nssASN1Decoder *decoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&decoder_pointer_tracker, decoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssASN1Decoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Decoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_verify
-(
- nssASN1Decoder *decoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&decoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&decoder_pointer_tracker, decoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ASN1DECODER);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-static nssPointerTracker encoder_pointer_tracker;
-
-static PRStatus
-encoder_add_pointer
-(
- const nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&encoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&encoder_pointer_tracker, encoder);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-encoder_remove_pointer
-(
- const nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&encoder_pointer_tracker, encoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssASN1Encoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Encoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_verify
-(
- nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&encoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&encoder_pointer_tracker, encoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ASN1ENCODER);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * nssASN1Decoder_Create
- *
- * This routine creates an ASN.1 Decoder, which will use the specified
- * template to decode a datastream into the specified destination
- * structure. If the optional arena argument is non-NULL, blah blah
- * blah. XXX fgmr Should we include an nssASN1EncodingType argument,
- * as a hint? Or is each encoding distinctive? This routine may
- * return NULL upon error, in which case an error will have been
- * placed upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Decoder upon success.
- */
-
-NSS_IMPLEMENT nssASN1Decoder *
-nssASN1Decoder_Create
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[]
-)
-{
- SEC_ASN1DecoderContext *rv;
- PLArenaPool *hack = (PLArenaPool *)arenaOpt;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (nssASN1Decoder *)NULL;
- }
- }
-
- /*
- * May destination be NULL? I'd think so, since one might
- * have only a filter proc. But if not, check the pointer here.
- */
-
- if( (nssASN1Template *)NULL == template ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Decoder *)NULL;
- }
-#endif /* DEBUG */
-
- rv = SEC_ASN1DecoderStart(hack, destination, template);
- if( (SEC_ASN1DecoderContext *)NULL == rv ) {
- nss_SetError(PORT_GetError()); /* also evil */
- return (nssASN1Decoder *)NULL;
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != decoder_add_pointer(rv) ) {
- (void)SEC_ASN1DecoderFinish(rv);
- return (nssASN1Decoder *)NULL;
- }
-#endif /* DEBUG */
-
- return (nssASN1Decoder *)rv;
-}
-
-/*
- * nssASN1Decoder_Update
- *
- * This routine feeds data to the decoder. In the event of an error,
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ASN1DECODER
- * NSS_ERROR_INVALID_BER
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success.
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_Update
-(
- nssASN1Decoder *decoder,
- const void *data,
- PRUint32 amount
-)
-{
- SECStatus rv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-
- if( (void *)NULL == data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- rv = SEC_ASN1DecoderUpdate((SEC_ASN1DecoderContext *)decoder,
- (const char *)data,
- (unsigned long)amount);
- if( SECSuccess != rv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_Finish
- *
- * This routine finishes the decoding and destroys the decoder.
- * In the event of an error, it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_Finish
-(
- nssASN1Decoder *decoder
-)
-{
- PRStatus rv = PR_SUCCESS;
- SECStatus srv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- srv = SEC_ASN1DecoderFinish((SEC_ASN1DecoderContext *)decoder);
-
- if( SECSuccess != srv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- rv = PR_FAILURE;
- }
-
-#ifdef DEBUG
- {
- PRStatus rv2 = decoder_remove_pointer(decoder);
- if( PR_SUCCESS == rv ) {
- rv = rv2;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * nssASN1Decoder_SetFilter
- *
- * This routine registers a callback filter routine with the decoder,
- * which will be called blah blah blah. The specified argument will
- * be passed as-is to the filter routine. The routine pointer may
- * be NULL, in which case no filter callback will be called. If the
- * noStore boolean is PR_TRUE, then decoded fields will not be stored
- * in the destination structure specified when the decoder was
- * created. This routine returns a PRStatus value; in the event of
- * an error, it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_SetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction *callback,
- void *argument,
- PRBool noStore
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1DecoderFilterFunction *)NULL == callback ) {
- SEC_ASN1DecoderClearFilterProc((SEC_ASN1DecoderContext *)decoder);
- } else {
- SEC_ASN1DecoderSetFilterProc((SEC_ASN1DecoderContext *)decoder,
- (SEC_ASN1WriteProc)callback,
- argument, noStore);
- }
-
- /* No error returns defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_GetFilter
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetFilter will be stored at the
- * location indicated by it. If the optional pArgumentOpt
- * pointer is non-null, the filter's closure argument will be stored
- * there. If the optional pNoStoreOpt pointer is non-null, the
- * noStore value specified when setting the filter will be stored
- * there. This routine returns a PRStatus value; in the event of
- * an error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_GetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction **pCallbackOpt,
- void **pArgumentOpt,
- PRBool *pNoStoreOpt
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1DecoderFilterFunction **)NULL != pCallbackOpt ) {
- *pCallbackOpt = (nssASN1DecoderFilterFunction *)NULL;
- }
-
- if( (void **)NULL != pArgumentOpt ) {
- *pArgumentOpt = (void *)NULL;
- }
-
- if( (PRBool *)NULL != pNoStoreOpt ) {
- *pNoStoreOpt = PR_FALSE;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1Decoder_SetNotify
- *
- * This routine registers a callback notify routine with the decoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_SetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction *callback,
- void *argument
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction *)NULL == callback ) {
- SEC_ASN1DecoderClearNotifyProc((SEC_ASN1DecoderContext *)decoder);
- } else {
- SEC_ASN1DecoderSetNotifyProc((SEC_ASN1DecoderContext *)decoder,
- (SEC_ASN1NotifyProc)callback,
- argument);
- }
-
- /* No error returns defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_GetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction **)NULL != pCallbackOpt ) {
- *pCallbackOpt = (nssASN1NotifyFunction *)NULL;
- }
-
- if( (void **)NULL != pArgumentOpt ) {
- *pArgumentOpt = (void *)NULL;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1_Decode
- *
- * This routine will decode the specified data into the specified
- * destination structure, as specified by the specified template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_Decode
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const void *berData,
- PRUint32 amount
-)
-{
- PRStatus rv;
- nssASN1Decoder *decoder;
-
- /* This call will do our pointer-checking for us! */
- decoder = nssASN1Decoder_Create(arenaOpt, destination, template);
- if( (nssASN1Decoder *)NULL == decoder ) {
- return PR_FAILURE;
- }
-
- rv = nssASN1Decoder_Update(decoder, berData, amount);
- if( PR_SUCCESS != nssASN1Decoder_Finish(decoder) ) {
- rv = PR_FAILURE;
- }
-
- return rv;
-}
-
-/*
- * nssASN1_DecodeBER
- *
- * This routine will decode the data in the specified NSSBER
- * into the destination structure, as specified by the template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_NSSBER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_DecodeBER
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const NSSBER *data
-)
-{
- return nssASN1_Decode(arenaOpt, destination, template,
- data->data, data->size);
-}
-
-/*
- * nssASN1Encoder_Create
- *
- * This routine creates an ASN.1 Encoder, blah blah blah. This
- * may return NULL upon error, in which case an error will have been
- * placed on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Encoder upon success
- */
-
-NSS_IMPLEMENT nssASN1Encoder *
-nssASN1Encoder_Create
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-)
-{
- SEC_ASN1EncoderContext *rv;
-
-#ifdef DEBUG
- if( (void *)NULL == source ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Encoder *)NULL;
- }
-
- if( (nssASN1Template *)NULL == template ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Encoder *)NULL;
- }
-
- if( (nssASN1EncoderWriteFunction *)NULL == sink ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Encoder *)NULL;
- }
-#endif /* DEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- case NSSASN1DER:
- break;
- case NSSASN1CER:
- case NSSASN1LWER:
- case NSSASN1PER:
- case NSSASN1UnknownEncoding:
- default:
- nss_SetError(NSS_ERROR_ENCODING_NOT_SUPPORTED);
- return (nssASN1Encoder *)NULL;
- }
-
- rv = SEC_ASN1EncoderStart((void *)source, template,
- (SEC_ASN1WriteProc)sink, argument);
- if( (SEC_ASN1EncoderContext *)NULL == rv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- return (nssASN1Encoder *)NULL;
- }
-
- if( NSSASN1DER == encoding ) {
- sec_ASN1EncoderSetDER(rv);
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != encoder_add_pointer(rv) ) {
- (void)SEC_ASN1EncoderFinish(rv);
- return (nssASN1Encoder *)NULL;
- }
-#endif /* DEBUG */
-
- return (nssASN1Encoder *)rv;
-}
-
-/*
- * nssASN1Encoder_Update
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_Update
-(
- nssASN1Encoder *encoder,
- const void *data,
- PRUint32 length
-)
-{
- SECStatus rv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-
- /*
- * Can data legitimately be NULL? If not, verify..
- */
-#endif /* DEBUG */
-
- rv = SEC_ASN1EncoderUpdate((SEC_ASN1EncoderContext *)encoder,
- (const char *)data,
- (unsigned long)length);
- if( SECSuccess != rv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_Finish
- *
- * Destructor.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_Finish
-(
- nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- SEC_ASN1EncoderFinish((SEC_ASN1EncoderContext *)encoder);
- rv = PR_SUCCESS; /* no error return defined for that call */
-
-#ifdef DEBUG
- {
- PRStatus rv2 = encoder_remove_pointer(encoder);
- if( PR_SUCCESS == rv ) {
- rv = rv2;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * nssASN1Encoder_SetNotify
- *
- * This routine registers a callback notify routine with the encoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction *callback,
- void *argument
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction *)NULL == callback ) {
- SEC_ASN1EncoderClearNotifyProc((SEC_ASN1EncoderContext *)encoder);
- } else {
- SEC_ASN1EncoderSetNotifyProc((SEC_ASN1EncoderContext *)encoder,
- (SEC_ASN1NotifyProc)callback,
- argument);
- }
-
- /* no error return defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Encoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_GetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction **)NULL != pCallbackOpt ) {
- *pCallbackOpt = (nssASN1NotifyFunction *)NULL;
- }
-
- if( (void **)NULL != pArgumentOpt ) {
- *pArgumentOpt = (void *)NULL;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1Encoder_SetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool streaming
-)
-{
- SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)encoder;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( streaming ) {
- SEC_ASN1EncoderSetStreaming(cx);
- } else {
- SEC_ASN1EncoderClearStreaming(cx);
- }
-
- /* no error return defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool *pStreaming
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (PRBool *)NULL != pStreaming ) {
- *pStreaming = PR_FALSE;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1Encoder_SetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool takeFromBuffer
-)
-{
- SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)encoder;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( takeFromBuffer ) {
- SEC_ASN1EncoderSetTakeFromBuf(cx);
- } else {
- SEC_ASN1EncoderClearTakeFromBuf(cx);
- }
-
- /* no error return defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_GetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool *pTakeFromBuffer
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (PRBool *)NULL != pTakeFromBuffer ) {
- *pTakeFromBuffer = PR_FALSE;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1_Encode
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_Encode
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-)
-{
- PRStatus rv;
- nssASN1Encoder *encoder;
-
- encoder = nssASN1Encoder_Create(source, template, encoding, sink, argument);
- if( (nssASN1Encoder *)NULL == encoder ) {
- return PR_FAILURE;
- }
-
- rv = nssASN1Encoder_Update(encoder, (const void *)NULL, 0);
- if( PR_SUCCESS != nssASN1Encoder_Finish(encoder) ) {
- rv = PR_FAILURE;
- }
-
- return rv;
-}
-
-/*
- * nssasn1_encode_item_count
- *
- * This is a helper function for nssASN1_EncodeItem. It just counts
- * up the space required for an encoding.
- */
-
-static void
-nssasn1_encode_item_count
-(
- void *arg,
- const char *buf,
- unsigned long len,
- int depth,
- nssASN1EncodingPart data_kind
-)
-{
- unsigned long *count;
-
- count = (unsigned long*)arg;
- PR_ASSERT (count != NULL);
-
- *count += len;
-}
-
-/*
- * nssasn1_encode_item_store
- *
- * This is a helper function for nssASN1_EncodeItem. It appends the
- * new data onto the destination item.
- */
-
-static void
-nssasn1_encode_item_store
-(
- void *arg,
- const char *buf,
- unsigned long len,
- int depth,
- nssASN1EncodingPart data_kind
-)
-{
- NSSItem *dest;
-
- dest = (NSSItem*)arg;
- PR_ASSERT (dest != NULL);
-
- memcpy((unsigned char *)dest->data + dest->size, buf, len);
- dest->size += len;
-}
-
-/*
- * nssASN1_EncodeItem
- *
- * There must be a better name. If the optional arena argument is
- * non-null, it'll be used for the space. If the optional rvOpt is
- * non-null, it'll be the return value-- if it is null, a new one
- * will be allocated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- *
- * Return value:
- * NULL upon error
- * A valid pointer to an NSSDER upon success
- */
-
-NSS_IMPLEMENT NSSDER *
-nssASN1_EncodeItem
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding
-)
-{
- NSSDER *rv;
- PRUint32 len = 0;
- PRStatus status;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-
- if( (void *)NULL == source ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSDER *)NULL;
- }
-
- if( (nssASN1Template *)NULL == template ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSDER *)NULL;
- }
-#endif /* DEBUG */
-
- status = nssASN1_Encode(source, template, encoding,
- (nssASN1EncoderWriteFunction *)nssasn1_encode_item_count,
- &len);
- if( PR_SUCCESS != status ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->size = len;
- rv->data = nss_ZAlloc(arenaOpt, len);
- if( (void *)NULL == rv->data ) {
- if( (NSSDER *)NULL == rvOpt ) {
- nss_ZFreeIf(rv);
- }
- return (NSSDER *)NULL;
- }
-
- rv->size = 0; /* for nssasn1_encode_item_store */
-
- status = nssASN1_Encode(source, template, encoding,
- (nssASN1EncoderWriteFunction *)nssasn1_encode_item_store,
- rv);
- if( PR_SUCCESS != status ) {
- nss_ZFreeIf(rv->data);
- if( (NSSDER *)NULL == rvOpt ) {
- nss_ZFreeIf(rv);
- }
- return (NSSDER *)NULL;
- }
-
- PR_ASSERT(rv->size == len);
-
- return rv;
-}
-
-/*
- * nssASN1_CreatePRUint32FromBER
- *
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_CreatePRUint32FromBER
-(
- NSSBER *encoded,
- PRUint32 *pResult
-)
-{
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FALSE;
-}
-
-/*
- * nssASN1_GetDERFromPRUint32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRUint32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRUint32 value
-)
-{
- NSSDER *rv;
- PLArenaPool *hack = (PLArenaPool *)arenaOpt;
- SECItem *item;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- item = SEC_ASN1EncodeUnsignedInteger(hack, (SECItem *)rv, value);
- if( (SECItem *)NULL == item ) {
- if( (NSSDER *)NULL == rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
-
- nss_SetError(PORT_GetError()); /* ugly */
- return (NSSDER *)NULL;
- }
-
- /*
- * I happen to know that these things look alike.. but I'm only
- * doing it for these "temporary" wrappers. This is an evil thing.
- */
- return (NSSDER *)item;
-}
-
-/*himom*/
-NSS_IMPLEMENT PRStatus
-nssASN1_CreatePRInt32FromBER
-(
- NSSBER *encoded,
- PRInt32 *pResult
-)
-{
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FALSE;
-}
-
-/*
- * nssASN1_GetDERFromPRInt32
- *
- */
-
-NSS_IMPLEMENT NSSDER *
-nssASN1_GetDERFromPRInt32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRInt32 value
-)
-{
- NSSDER *rv;
- PLArenaPool *hack = (PLArenaPool *)arenaOpt;
- SECItem *item;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- item = SEC_ASN1EncodeInteger(hack, (SECItem *)rv, value);
- if( (SECItem *)NULL == item ) {
- if( (NSSDER *)NULL == rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
-
- nss_SetError(PORT_GetError()); /* ugly */
- return (NSSDER *)NULL;
- }
-
- /*
- * I happen to know that these things look alike.. but I'm only
- * doing it for these "temporary" wrappers. This is an evil thing.
- */
- return (NSSDER *)item;
-}
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- * - a pointer to each one of those
- * - a set of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-const nssASN1Template *nssASN1Template_Any = (nssASN1Template *)SEC_AnyTemplate;
-const nssASN1Template *nssASN1Template_BitString = (nssASN1Template *)SEC_BitStringTemplate;
-const nssASN1Template *nssASN1Template_BMPString = (nssASN1Template *)SEC_BMPStringTemplate;
-const nssASN1Template *nssASN1Template_Boolean = (nssASN1Template *)SEC_BooleanTemplate;
-const nssASN1Template *nssASN1Template_Enumerated = (nssASN1Template *)SEC_EnumeratedTemplate;
-const nssASN1Template *nssASN1Template_GeneralizedTime = (nssASN1Template *)SEC_GeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_IA5String = (nssASN1Template *)SEC_IA5StringTemplate;
-const nssASN1Template *nssASN1Template_Integer = (nssASN1Template *)SEC_IntegerTemplate;
-const nssASN1Template *nssASN1Template_Null = (nssASN1Template *)SEC_NullTemplate;
-const nssASN1Template *nssASN1Template_ObjectID = (nssASN1Template *)SEC_ObjectIDTemplate;
-const nssASN1Template *nssASN1Template_OctetString = (nssASN1Template *)SEC_OctetStringTemplate;
-const nssASN1Template *nssASN1Template_PrintableString = (nssASN1Template *)SEC_PrintableStringTemplate;
-const nssASN1Template *nssASN1Template_T61String = (nssASN1Template *)SEC_T61StringTemplate;
-const nssASN1Template *nssASN1Template_UniversalString = (nssASN1Template *)SEC_UniversalStringTemplate;
-const nssASN1Template *nssASN1Template_UTCTime = (nssASN1Template *)SEC_UTCTimeTemplate;
-const nssASN1Template *nssASN1Template_UTF8String = (nssASN1Template *)SEC_UTF8StringTemplate;
-const nssASN1Template *nssASN1Template_VisibleString = (nssASN1Template *)SEC_VisibleStringTemplate;
-
-const nssASN1Template *nssASN1Template_PointerToAny = (nssASN1Template *)SEC_PointerToAnyTemplate;
-const nssASN1Template *nssASN1Template_PointerToBitString = (nssASN1Template *)SEC_PointerToBitStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToBMPString = (nssASN1Template *)SEC_PointerToBMPStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToBoolean = (nssASN1Template *)SEC_PointerToBooleanTemplate;
-const nssASN1Template *nssASN1Template_PointerToEnumerated = (nssASN1Template *)SEC_PointerToEnumeratedTemplate;
-const nssASN1Template *nssASN1Template_PointerToGeneralizedTime = (nssASN1Template *)SEC_PointerToGeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_PointerToIA5String = (nssASN1Template *)SEC_PointerToIA5StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToInteger = (nssASN1Template *)SEC_PointerToIntegerTemplate;
-const nssASN1Template *nssASN1Template_PointerToNull = (nssASN1Template *)SEC_PointerToNullTemplate;
-const nssASN1Template *nssASN1Template_PointerToObjectID = (nssASN1Template *)SEC_PointerToObjectIDTemplate;
-const nssASN1Template *nssASN1Template_PointerToOctetString = (nssASN1Template *)SEC_PointerToOctetStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToPrintableString = (nssASN1Template *)SEC_PointerToPrintableStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToT61String = (nssASN1Template *)SEC_PointerToT61StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToUniversalString = (nssASN1Template *)SEC_PointerToUniversalStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToUTCTime = (nssASN1Template *)SEC_PointerToUTCTimeTemplate;
-const nssASN1Template *nssASN1Template_PointerToUTF8String = (nssASN1Template *)SEC_PointerToUTF8StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToVisibleString = (nssASN1Template *)SEC_PointerToVisibleStringTemplate;
-
-const nssASN1Template *nssASN1Template_SetOfAny = (nssASN1Template *)SEC_SetOfAnyTemplate;
-const nssASN1Template *nssASN1Template_SetOfBitString = (nssASN1Template *)SEC_SetOfBitStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfBMPString = (nssASN1Template *)SEC_SetOfBMPStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfBoolean = (nssASN1Template *)SEC_SetOfBooleanTemplate;
-const nssASN1Template *nssASN1Template_SetOfEnumerated = (nssASN1Template *)SEC_SetOfEnumeratedTemplate;
-const nssASN1Template *nssASN1Template_SetOfGeneralizedTime = (nssASN1Template *)SEC_SetOfGeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_SetOfIA5String = (nssASN1Template *)SEC_SetOfIA5StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfInteger = (nssASN1Template *)SEC_SetOfIntegerTemplate;
-const nssASN1Template *nssASN1Template_SetOfNull = (nssASN1Template *)SEC_SetOfNullTemplate;
-const nssASN1Template *nssASN1Template_SetOfObjectID = (nssASN1Template *)SEC_SetOfObjectIDTemplate;
-const nssASN1Template *nssASN1Template_SetOfOctetString = (nssASN1Template *)SEC_SetOfOctetStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfPrintableString = (nssASN1Template *)SEC_SetOfPrintableStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfT61String = (nssASN1Template *)SEC_SetOfT61StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfUniversalString = (nssASN1Template *)SEC_SetOfUniversalStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfUTCTime = (nssASN1Template *)SEC_SetOfUTCTimeTemplate;
-const nssASN1Template *nssASN1Template_SetOfUTF8String = (nssASN1Template *)SEC_SetOfUTF8StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfVisibleString = (nssASN1Template *)SEC_SetOfVisibleStringTemplate;
-
-/*
- *
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_CreateFromBER
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSBER *berData
-)
-{
- NSSUTF8 *rv = NULL;
- PRUint8 tag;
- NSSArena *a;
- NSSItem in;
- NSSItem out;
- PRStatus st;
- const nssASN1Template *templ;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-
- if( (NSSBER *)NULL == berData ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-
- if( (void *)NULL == berData->data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- a = NSSArena_Create();
- if( (NSSArena *)NULL == a ) {
- return (NSSUTF8 *)NULL;
- }
-
- in = *berData;
-
- /*
- * By the way, at first I succumbed to the temptation to make
- * this an incestuous nested switch statement. Count yourself
- * lucky I cleaned it up.
- */
-
- switch( type ) {
- case nssStringType_DirectoryString:
- /*
- * draft-ietf-pkix-ipki-part1-11 says in part:
- *
- * DirectoryString { INTEGER:maxSize } ::= CHOICE {
- * teletexString TeletexString (SIZE (1..maxSize)),
- * printableString PrintableString (SIZE (1..maxSize)),
- * universalString UniversalString (SIZE (1..maxSize)),
- * bmpString BMPString (SIZE(1..maxSize)),
- * utf8String UTF8String (SIZE(1..maxSize))
- * }
- *
- * The tags are:
- * TeletexString UNIVERSAL 20
- * PrintableString UNIVERSAL 19
- * UniversalString UNIVERSAL 28
- * BMPString UNIVERSAL 30
- * UTF8String UNIVERSAL 12
- *
- * "UNIVERSAL" tags have bits 8 and 7 zero, bit 6 is zero for
- * primitive encodings, and if the tag value is less than 30,
- * the tag value is directly encoded in bits 5 through 1.
- */
- in.data = (void *)&(((PRUint8 *)berData->data)[1]);
- in.size = berData->size-1;
-
- tag = *(PRUint8 *)berData->data;
- switch( tag & nssASN1_TAGNUM_MASK ) {
- case 20:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- templ = nssASN1Template_T61String;
- type = nssStringType_TeletexString;
- break;
- case 19:
- templ = nssASN1Template_PrintableString;
- type = nssStringType_PrintableString;
- break;
- case 28:
- templ = nssASN1Template_UniversalString;
- type = nssStringType_UniversalString;
- break;
- case 30:
- templ = nssASN1Template_BMPString;
- type = nssStringType_BMPString;
- break;
- case 12:
- templ = nssASN1Template_UTF8String;
- type = nssStringType_UTF8String;
- break;
- default:
- nss_SetError(NSS_ERROR_INVALID_POINTER); /* "pointer"? */
- (void)NSSArena_Destroy(a);
- return (NSSUTF8 *)NULL;
- }
-
- break;
-
- case nssStringType_TeletexString:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- templ = nssASN1Template_T61String;
- break;
-
- case nssStringType_PrintableString:
- templ = nssASN1Template_PrintableString;
- break;
-
- case nssStringType_UniversalString:
- templ = nssASN1Template_UniversalString;
- break;
-
- case nssStringType_BMPString:
- templ = nssASN1Template_BMPString;
- break;
-
- case nssStringType_UTF8String:
- templ = nssASN1Template_UTF8String;
- break;
-
- case nssStringType_PHGString:
- templ = nssASN1Template_IA5String;
- break;
-
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- (void)NSSArena_Destroy(a);
- return (NSSUTF8 *)NULL;
- }
-
- st = nssASN1_DecodeBER(a, &out, templ, &in);
-
- if( PR_SUCCESS == st ) {
- rv = nssUTF8_Create(arenaOpt, type, out.data, out.size);
- }
- (void)NSSArena_Destroy(a);
-
- return rv;
-}
-
-NSS_EXTERN NSSDER *
-nssUTF8_GetDEREncoding
-(
- NSSArena *arenaOpt,
- nssStringType type,
- const NSSUTF8 *string
-)
-{
- NSSDER *rv = (NSSDER *)NULL;
- NSSItem str;
- NSSDER *der;
- const nssASN1Template *templ;
- NSSArena *a;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-
- if( (const NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSDER *)NULL;
- }
-#endif /* NSSDEBUG */
-
- str.data = (void *)string;
- str.size = nssUTF8_Size(string, (PRStatus *)NULL);
- if( 0 == str.size ) {
- return (NSSDER *)NULL;
- }
-
- a = NSSArena_Create();
- if( (NSSArena *)NULL == a ) {
- return (NSSDER *)NULL;
- }
-
- switch( type ) {
- case nssStringType_DirectoryString:
- {
- NSSDER *utf;
- PRUint8 *c;
-
- utf = nssASN1_EncodeItem(a, (NSSDER *)NULL, &str,
- nssASN1Template_UTF8String,
- NSSASN1DER);
- if( (NSSDER *)NULL == utf ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- rv->size = utf->size + 1;
- rv->data = nss_ZAlloc(arenaOpt, rv->size);
- if( (void *)NULL == rv->data ) {
- (void)nss_ZFreeIf(rv);
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- c = (PRUint8 *)rv->data;
- (void)nsslibc_memcpy(&c[1], utf->data, utf->size);
- *c = 12; /* UNIVERSAL primitive encoding tag for UTF8String */
-
- (void)NSSArena_Destroy(a);
- return rv;
- }
- case nssStringType_TeletexString:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- templ = nssASN1Template_T61String;
- break;
- case nssStringType_PrintableString:
- templ = nssASN1Template_PrintableString;
- break;
-
- case nssStringType_UniversalString:
- templ = nssASN1Template_UniversalString;
- break;
-
- case nssStringType_BMPString:
- templ = nssASN1Template_BMPString;
- break;
-
- case nssStringType_UTF8String:
- templ = nssASN1Template_UTF8String;
- break;
-
- case nssStringType_PHGString:
- templ = nssASN1Template_IA5String;
- break;
-
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- der = nssUTF8_GetDEREncoding(a, type, string);
- if( (NSSItem *)NULL == der ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- rv = nssASN1_EncodeItem(arenaOpt, (NSSDER *)NULL, der, templ, NSSASN1DER);
- if( (NSSDER *)NULL == rv ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- (void)NSSArena_Destroy(a);
- return rv;
-}
diff --git a/security/nss/lib/asn1/asn1.h b/security/nss/lib/asn1/asn1.h
deleted file mode 100644
index a81f3213d..000000000
--- a/security/nss/lib/asn1/asn1.h
+++ /dev/null
@@ -1,879 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1_H
-#define ASN1_H
-
-#ifdef DEBUG
-static const char ASN1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1.h
- *
- * This file contains the ASN.1 encoder/decoder routines available
- * internally within NSS. It's not clear right now if this file
- * will be folded into base.h or something, I just needed to get this
- * going. At the moment, most of these routines wrap the old SEC_ASN1
- * calls.
- */
-
-#ifndef ASN1T_H
-#include "asn1t.h"
-#endif /* ASN1T_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssASN1Decoder
- *
- * ... description here ...
- *
- * nssASN1Decoder_Create (Factory/Constructor)
- * nssASN1Decoder_Update
- * nssASN1Decoder_Finish (Destructor)
- * nssASN1Decoder_SetFilter
- * nssASN1Decoder_GetFilter
- * nssASN1Decoder_SetNotify
- * nssASN1Decoder_GetNotify
- *
- * Debug builds only:
- *
- * nssASN1Decoder_verify
- *
- * Related functions that aren't type methods:
- *
- * nssASN1_Decode
- * nssASN1_DecodeBER
- */
-
-/*
- * nssASN1Decoder_Create
- *
- * This routine creates an ASN.1 Decoder, which will use the specified
- * template to decode a datastream into the specified destination
- * structure. If the optional arena argument is non-NULL, blah blah
- * blah. XXX fgmr Should we include an nssASN1EncodingType argument,
- * as a hint? Or is each encoding distinctive? This routine may
- * return NULL upon error, in which case an error will have been
- * placed upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Decoder upon success.
- */
-
-NSS_EXTERN nssASN1Decoder *
-nssASN1Decoder_Create
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[]
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Decoder_Update
- *
- * This routine feeds data to the decoder. In the event of an error,
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ASN1DECODER
- * NSS_ERROR_INVALID_BER
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success.
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_Update
-(
- nssASN1Decoder *decoder,
- const void *data,
- PRUint32 amount
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1Decoder_Finish
- *
- * This routine finishes the decoding and destroys the decoder.
- * In the event of an error, it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_Finish
-(
- nssASN1Decoder *decoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_SetFilter
- *
- * This routine registers a callback filter routine with the decoder,
- * which will be called blah blah blah. The specified argument will
- * be passed as-is to the filter routine. The routine pointer may
- * be NULL, in which case no filter callback will be called. If the
- * noStore boolean is PR_TRUE, then decoded fields will not be stored
- * in the destination structure specified when the decoder was
- * created. This routine returns a PRStatus value; in the event of
- * an error, it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_SetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction *callback,
- void *argument,
- PRBool noStore
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_GetFilter
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetFilter will be stored at the
- * location indicated by it. If the optional pArgumentOpt
- * pointer is non-null, the filter's closure argument will be stored
- * there. If the optional pNoStoreOpt pointer is non-null, the
- * noStore value specified when setting the filter will be stored
- * there. This routine returns a PRStatus value; in the event of
- * an error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_GetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction **pCallbackOpt,
- void **pArgumentOpt,
- PRBool *pNoStoreOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_SetNotify
- *
- * This routine registers a callback notify routine with the decoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_SetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction *callback,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_GetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Decoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssASN1Decoder_verify
-(
- nssASN1Decoder *decoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-#endif /* DEBUG */
-
-/*
- * nssASN1_Decode
- *
- * This routine will decode the specified data into the specified
- * destination structure, as specified by the specified template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_Decode
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const void *berData,
- PRUint32 amount
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1_DecodeBER
- *
- * This routine will decode the data in the specified NSSBER
- * into the destination structure, as specified by the template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_NSSBER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_DecodeBER
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const NSSBER *data
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1Encoder
- *
- * ... description here ...
- *
- * nssASN1Encoder_Create (Factory/Constructor)
- * nssASN1Encoder_Update
- * nssASN1Encoder_Finish (Destructor)
- * nssASN1Encoder_SetNotify
- * nssASN1Encoder_GetNotify
- * nssASN1Encoder_SetStreaming
- * nssASN1Encoder_GetStreaming
- * nssASN1Encoder_SetTakeFromBuffer
- * nssASN1Encoder_GetTakeFromBuffer
- *
- * Debug builds only:
- *
- * nssASN1Encoder_verify
- *
- * Related functions that aren't type methods:
- *
- * nssASN1_Encode
- * nssASN1_EncodeItem
- */
-
-/*
- * nssASN1Encoder_Create
- *
- * This routine creates an ASN.1 Encoder, blah blah blah. This
- * may return NULL upon error, in which case an error will have been
- * placed on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Encoder upon success
- */
-
-NSS_EXTERN nssASN1Encoder *
-nssASN1Encoder_Create
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * nssASN1Encoder_Update
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_Update
-(
- nssASN1Encoder *encoder,
- const void *data,
- PRUint32 length
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_Finish
- *
- * Destructor.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_Finish
-(
- nssASN1Encoder *encoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_SetNotify
- *
- * This routine registers a callback notify routine with the encoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction *callback,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Encoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_SetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool streaming
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool *pStreaming
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_SetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool takeFromBuffer
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool *pTakeFromBuffer
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Encoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssASN1Encoder_verify
-(
- nssASN1Encoder *encoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-#endif /* DEBUG */
-
-/*
- * nssASN1_Encode
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_Encode
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * nssASN1_EncodeItem
- *
- * There must be a better name. If the optional arena argument is
- * non-null, it'll be used for the space. If the optional rvOpt is
- * non-null, it'll be the return value-- if it is null, a new one
- * will be allocated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- *
- * Return value:
- * NULL upon error
- * A valid pointer to an NSSDER upon success
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_EncodeItem
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * Other basic types' encoding and decoding helper functions:
- *
- * nssASN1_CreatePRUint32FromBER
- * nssASN1_GetDERFromPRUint32
- * nssASN1_CreatePRInt32FromBER
- * nssASN1_GetDERFromPRInt32
- * ..etc..
- */
-
-/*
- * nssASN1_CreatePRUint32FromBER
- *
- */
-
-NSS_EXTERN PRStatus
-nssASN1_CreatePRUint32FromBER
-(
- NSSBER *encoded,
- PRUint32 *pResult
-);
-
-/*
- * nssASN1_GetDERFromPRUint32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRUint32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRUint32 value
-);
-
-/*
- * nssASN1_CreatePRInt32FromBER
- *
- */
-
-NSS_EXTERN PRStatus
-nssASN1_CreatePRInt32FromBER
-(
- NSSBER *encoded,
- PRInt32 *pResult
-);
-
-/*
- * nssASN1_GetDERFromPRInt32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRInt32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRInt32 value
-);
-
-/*
- * Builtin templates
- */
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- * - a pointer to each one of those
- * - a set of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-extern const nssASN1Template *nssASN1Template_Any;
-extern const nssASN1Template *nssASN1Template_BitString;
-extern const nssASN1Template *nssASN1Template_BMPString;
-extern const nssASN1Template *nssASN1Template_Boolean;
-extern const nssASN1Template *nssASN1Template_Enumerated;
-extern const nssASN1Template *nssASN1Template_GeneralizedTime;
-extern const nssASN1Template *nssASN1Template_IA5String;
-extern const nssASN1Template *nssASN1Template_Integer;
-extern const nssASN1Template *nssASN1Template_Null;
-extern const nssASN1Template *nssASN1Template_ObjectID;
-extern const nssASN1Template *nssASN1Template_OctetString;
-extern const nssASN1Template *nssASN1Template_PrintableString;
-extern const nssASN1Template *nssASN1Template_T61String;
-extern const nssASN1Template *nssASN1Template_UniversalString;
-extern const nssASN1Template *nssASN1Template_UTCTime;
-extern const nssASN1Template *nssASN1Template_UTF8String;
-extern const nssASN1Template *nssASN1Template_VisibleString;
-
-extern const nssASN1Template *nssASN1Template_PointerToAny;
-extern const nssASN1Template *nssASN1Template_PointerToBitString;
-extern const nssASN1Template *nssASN1Template_PointerToBMPString;
-extern const nssASN1Template *nssASN1Template_PointerToBoolean;
-extern const nssASN1Template *nssASN1Template_PointerToEnumerated;
-extern const nssASN1Template *nssASN1Template_PointerToGeneralizedTime;
-extern const nssASN1Template *nssASN1Template_PointerToIA5String;
-extern const nssASN1Template *nssASN1Template_PointerToInteger;
-extern const nssASN1Template *nssASN1Template_PointerToNull;
-extern const nssASN1Template *nssASN1Template_PointerToObjectID;
-extern const nssASN1Template *nssASN1Template_PointerToOctetString;
-extern const nssASN1Template *nssASN1Template_PointerToPrintableString;
-extern const nssASN1Template *nssASN1Template_PointerToT61String;
-extern const nssASN1Template *nssASN1Template_PointerToUniversalString;
-extern const nssASN1Template *nssASN1Template_PointerToUTCTime;
-extern const nssASN1Template *nssASN1Template_PointerToUTF8String;
-extern const nssASN1Template *nssASN1Template_PointerToVisibleString;
-
-extern const nssASN1Template *nssASN1Template_SetOfAny;
-extern const nssASN1Template *nssASN1Template_SetOfBitString;
-extern const nssASN1Template *nssASN1Template_SetOfBMPString;
-extern const nssASN1Template *nssASN1Template_SetOfBoolean;
-extern const nssASN1Template *nssASN1Template_SetOfEnumerated;
-extern const nssASN1Template *nssASN1Template_SetOfGeneralizedTime;
-extern const nssASN1Template *nssASN1Template_SetOfIA5String;
-extern const nssASN1Template *nssASN1Template_SetOfInteger;
-extern const nssASN1Template *nssASN1Template_SetOfNull;
-extern const nssASN1Template *nssASN1Template_SetOfObjectID;
-extern const nssASN1Template *nssASN1Template_SetOfOctetString;
-extern const nssASN1Template *nssASN1Template_SetOfPrintableString;
-extern const nssASN1Template *nssASN1Template_SetOfT61String;
-extern const nssASN1Template *nssASN1Template_SetOfUniversalString;
-extern const nssASN1Template *nssASN1Template_SetOfUTCTime;
-extern const nssASN1Template *nssASN1Template_SetOfUTF8String;
-extern const nssASN1Template *nssASN1Template_SetOfVisibleString;
-
-/*
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_CreateFromBER
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSBER *berData
-);
-
-NSS_EXTERN NSSDER *
-nssUTF8_GetDEREncoding
-(
- NSSArena *arenaOpt,
- /* Should have an NSSDER *rvOpt */
- nssStringType type,
- const NSSUTF8 *string
-);
-
-PR_END_EXTERN_C
-
-#endif /* ASN1_H */
diff --git a/security/nss/lib/asn1/asn1m.h b/security/nss/lib/asn1/asn1m.h
deleted file mode 100644
index 37ed91919..000000000
--- a/security/nss/lib/asn1/asn1m.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1M_H
-#define ASN1M_H
-
-#ifdef DEBUG
-static const char ASN1M_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1m.h
- *
- * This file contains the ASN.1 encoder/decoder routines available
- * only within the ASN.1 module itself.
- */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssasn1_number_length
- *
- */
-
-NSS_EXTERN PRUint32
-nssasn1_length_length
-(
- PRUint32 number
-);
-
-/*
- * nssasn1_get_subtemplate
- *
- */
-
-NSS_EXTERN const nssASN1Template *
-nssasn1_get_subtemplate
-(
- const nssASN1Template template[],
- void *thing,
- PRBool encoding
-);
-
-PR_END_EXTERN_C
-
-#endif /* ASN1M_H */
diff --git a/security/nss/lib/asn1/asn1t.h b/security/nss/lib/asn1/asn1t.h
deleted file mode 100644
index 2f6c52cea..000000000
--- a/security/nss/lib/asn1/asn1t.h
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1T_H
-#define ASN1T_H
-
-#ifdef DEBUG
-static const char ASN1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1t.h
- *
- * This file contains the ASN.1 encoder/decoder types available
- * internally within NSS. It's not clear right now if this file
- * will be folded into baset.h or something, I just needed to
- * get this going. At the moment, these types are wrappers for
- * the old types.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSASN1T_H
-#include "nssasn1t.h"
-#endif /* NSSASN1T_H */
-
-#include "seccomon.h"
-#include "secasn1t.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * XXX fgmr
- *
- * This sort of bites. Let's keep an eye on this, to make sure
- * we aren't stuck with it forever.
- */
-
-struct nssASN1ItemStr {
- PRUint32 reserved;
- PRUint8 *data;
- PRUint32 size;
-};
-
-typedef struct nssASN1ItemStr nssASN1Item;
-
-/*
- * I'm not documenting these here, since this'll require another
- * pass anyway.
- */
-
-typedef SEC_ASN1Template nssASN1Template;
-
-#define nssASN1_TAG_MASK SEC_ASN1_TAG_MASK
-
-#define nssASN1_TAGNUM_MASK SEC_ASN1_TAGNUM_MASK
-#define nssASN1_BOOLEAN SEC_ASN1_BOOLEAN
-#define nssASN1_INTEGER SEC_ASN1_INTEGER
-#define nssASN1_BIT_STRING SEC_ASN1_BIT_STRING
-#define nssASN1_OCTET_STRING SEC_ASN1_OCTET_STRING
-#define nssASN1_NULL SEC_ASN1_NULL
-#define nssASN1_OBJECT_ID SEC_ASN1_OBJECT_ID
-#define nssASN1_OBJECT_DESCRIPTOR SEC_ASN1_OBJECT_DESCRIPTOR
-/* External type and instance-of type 0x08 */
-#define nssASN1_REAL SEC_ASN1_REAL
-#define nssASN1_ENUMERATED SEC_ASN1_ENUMERATED
-#define nssASN1_EMBEDDED_PDV SEC_ASN1_EMBEDDED_PDV
-#define nssASN1_UTF8_STRING SEC_ASN1_UTF8_STRING
-#define nssASN1_SEQUENCE SEC_ASN1_SEQUENCE
-#define nssASN1_SET SEC_ASN1_SET
-#define nssASN1_NUMERIC_STRING SEC_ASN1_NUMERIC_STRING
-#define nssASN1_PRINTABLE_STRING SEC_ASN1_PRINTABLE_STRING
-#define nssASN1_T61_STRING SEC_ASN1_T61_STRING
-#define nssASN1_TELETEX_STRING nssASN1_T61_STRING
-#define nssASN1_VIDEOTEX_STRING SEC_ASN1_VIDEOTEX_STRING
-#define nssASN1_IA5_STRING SEC_ASN1_IA5_STRING
-#define nssASN1_UTC_TIME SEC_ASN1_UTC_TIME
-#define nssASN1_GENERALIZED_TIME SEC_ASN1_GENERALIZED_TIME
-#define nssASN1_GRAPHIC_STRING SEC_ASN1_GRAPHIC_STRING
-#define nssASN1_VISIBLE_STRING SEC_ASN1_VISIBLE_STRING
-#define nssASN1_GENERAL_STRING SEC_ASN1_GENERAL_STRING
-#define nssASN1_UNIVERSAL_STRING SEC_ASN1_UNIVERSAL_STRING
-/* 0x1d */
-#define nssASN1_BMP_STRING SEC_ASN1_BMP_STRING
-#define nssASN1_HIGH_TAG_NUMBER SEC_ASN1_HIGH_TAG_NUMBER
-
-#define nssASN1_METHOD_MASK SEC_ASN1_METHOD_MASK
-#define nssASN1_PRIMITIVE SEC_ASN1_PRIMITIVE
-#define nssASN1_CONSTRUCTED SEC_ASN1_CONSTRUCTED
-
-#define nssASN1_CLASS_MASK SEC_ASN1_CLASS_MASK
-#define nssASN1_UNIVERSAL SEC_ASN1_UNIVERSAL
-#define nssASN1_APPLICATION SEC_ASN1_APPLICATION
-#define nssASN1_CONTEXT_SPECIFIC SEC_ASN1_CONTEXT_SPECIFIC
-#define nssASN1_PRIVATE SEC_ASN1_PRIVATE
-
-#define nssASN1_OPTIONAL SEC_ASN1_OPTIONAL
-#define nssASN1_EXPLICIT SEC_ASN1_EXPLICIT
-#define nssASN1_ANY SEC_ASN1_ANY
-#define nssASN1_INLINE SEC_ASN1_INLINE
-#define nssASN1_POINTER SEC_ASN1_POINTER
-#define nssASN1_GROUP SEC_ASN1_GROUP
-#define nssASN1_DYNAMIC SEC_ASN1_DYNAMIC
-#define nssASN1_SKIP SEC_ASN1_SKIP
-#define nssASN1_INNER SEC_ASN1_INNER
-#define nssASN1_SAVE SEC_ASN1_SAVE
-#define nssASN1_MAY_STREAM SEC_ASN1_MAY_STREAM
-#define nssASN1_SKIP_REST SEC_ASN1_SKIP_REST
-#define nssASN1_CHOICE SEC_ASN1_CHOICE
-
-#define nssASN1_SEQUENCE_OF SEC_ASN1_SEQUENCE_OF
-#define nssASN1_SET_OF SEC_ASN1_SET_OF
-#define nssASN1_ANY_CONTENTS SEC_ASN1_ANY_CONTENTS
-
-typedef SEC_ASN1TemplateChooserPtr nssASN1ChooseTemplateFunction;
-
-typedef SEC_ASN1DecoderContext nssASN1Decoder;
-typedef SEC_ASN1EncoderContext nssASN1Encoder;
-
-typedef enum {
- nssASN1EncodingPartIdentifier = SEC_ASN1_Identifier,
- nssASN1EncodingPartLength = SEC_ASN1_Length,
- nssASN1EncodingPartContents = SEC_ASN1_Contents,
- nssASN1EncodingPartEndOfContents = SEC_ASN1_EndOfContents
-} nssASN1EncodingPart;
-
-typedef SEC_ASN1NotifyProc nssASN1NotifyFunction;
-
-typedef SEC_ASN1WriteProc nssASN1EncoderWriteFunction;
-typedef SEC_ASN1WriteProc nssASN1DecoderFilterFunction;
-
-PR_END_EXTERN_C
-
-#endif /* ASN1T_H */
diff --git a/security/nss/lib/asn1/config.mk b/security/nss/lib/asn1/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/asn1/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/asn1/manifest.mn b/security/nss/lib/asn1/manifest.mn
deleted file mode 100644
index 5bc732222..000000000
--- a/security/nss/lib/asn1/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- asn1t.h \
- asn1m.h \
- asn1.h \
- nssasn1t.h \
- $(NULL)
-
-EXPORTS = \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- asn1.c \
- $(NULL)
-
-REQUIRES = nspr
-
-LIBRARY_NAME = asn1
diff --git a/security/nss/lib/asn1/nssasn1t.h b/security/nss/lib/asn1/nssasn1t.h
deleted file mode 100644
index 2488892b4..000000000
--- a/security/nss/lib/asn1/nssasn1t.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSASN1T_H
-#define NSSASN1T_H
-
-#ifdef DEBUG
-static const char NSSASN1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssasn1t.h
- *
- * This file contains the public types related to our ASN.1 encoder
- * and decoder.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSASN1EncodingType
- *
- * This type enumerates specific types of ASN.1 encodings.
- */
-
-typedef enum {
- NSSASN1BER, /* Basic Encoding Rules */
- NSSASN1CER, /* Canonical Encoding Rules */
- NSSASN1DER, /* Distinguished Encoding Rules */
- NSSASN1LWER, /* LightWeight Encoding Rules */
- NSSASN1PER, /* Packed Encoding Rules */
- NSSASN1UnknownEncoding = -1
-} NSSASN1EncodingType;
-
-PR_END_EXTERN_C
-
-#endif /* NSSASN1T_H */
diff --git a/security/nss/lib/base/Makefile b/security/nss/lib/base/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/base/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/base/arena.c b/security/nss/lib/base/arena.c
deleted file mode 100644
index 648b7e864..000000000
--- a/security/nss/lib/base/arena.c
+++ /dev/null
@@ -1,1142 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * arena.c
- *
- * This contains the implementation of NSS's thread-safe arenas.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef ARENA_THREADMARK
-#include "prthread.h"
-#endif /* ARENA_THREADMARK */
-
-#include "prlock.h"
-#include "plarena.h"
-
-#include <string.h>
-
-/*
- * NSSArena
- *
- * This is based on NSPR's arena code, but it is threadsafe.
- *
- * The public methods relating to this type are:
- *
- * NSSArena_Create -- constructor
- * NSSArena_Destroy
- *
- * The nonpublic methods relating to this type are:
- *
- * nssArena_Create -- constructor
- * nssArena_Destroy
- * nssArena_Mark
- * nssArena_Release
- * nssArena_Unmark
- *
- * nss_ZAlloc
- * nss_ZFreeIf
- * nss_ZRealloc
- *
- * In debug builds, the following calls are available:
- *
- * nssArena_verifyPointer
- * nssArena_registerDestructor
- * nssArena_deregisterDestructor
- */
-
-struct NSSArenaStr {
- PLArenaPool pool;
- PRLock *lock;
-#ifdef ARENA_THREADMARK
- PRThread *marking_thread;
- nssArenaMark *first_mark;
- nssArenaMark *last_mark;
-#endif /* ARENA_THREADMARK */
-#ifdef ARENA_DESTRUCTOR_LIST
- struct arena_destructor_node *first_destructor;
- struct arena_destructor_node *last_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-};
-
-/*
- * nssArenaMark
- *
- * This type is used to mark the current state of an NSSArena.
- */
-
-struct nssArenaMarkStr {
- PRUint32 magic;
- void *mark;
-#ifdef ARENA_THREADMARK
- nssArenaMark *next;
-#endif /* ARENA_THREADMARK */
-#ifdef ARENA_DESTRUCTOR_LIST
- struct arena_destructor_node *next_destructor;
- struct arena_destructor_node *prev_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-};
-
-#define MARK_MAGIC 0x4d41524b /* "MARK" how original */
-
-/*
- * But first, the pointer-tracking code
- */
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker arena_pointer_tracker;
-
-static PRStatus
-arena_add_pointer
-(
- const NSSArena *arena
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&arena_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&arena_pointer_tracker, arena);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-arena_remove_pointer
-(
- const NSSArena *arena
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&arena_pointer_tracker, arena);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssArena_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSArena object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_verifyPointer
-(
- const NSSArena *arena
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&arena_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- /*
- * This is a little disingenious. We have to initialize the
- * tracker, because someone could "legitimately" try to verify
- * an arena pointer before one is ever created. And this step
- * might fail, due to lack of memory. But the only way that
- * this step can fail is if it's doing the call_once stuff,
- * (later calls just no-op). And if it didn't no-op, there
- * aren't any valid arenas.. so the argument certainly isn't one.
- */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&arena_pointer_tracker, arena);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-#ifdef ARENA_DESTRUCTOR_LIST
-
-struct arena_destructor_node {
- struct arena_destructor_node *next;
- struct arena_destructor_node *prev;
- void (*destructor)(void *argument);
- void *arg;
-};
-
-/*
- * nssArena_registerDestructor
- *
- * This routine stores a pointer to a callback and an arbitrary
- * pointer-sized argument in the arena, at the current point in
- * the mark stack. If the arena is destroyed, or an "earlier"
- * mark is released, then this destructor will be called at that
- * time. Note that the destructor will be called with the arena
- * locked, which means the destructor may free memory in that
- * arena, but it may not allocate or cause to be allocated any
- * memory. This callback facility was included to support our
- * debug-version pointer-tracker feature; overuse runs counter to
- * the the original intent of arenas. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * unsuccessful, it will set an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_registerDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-)
-{
- struct arena_destructor_node *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- it = nss_ZNEW(arena, struct arena_destructor_node);
- if( (struct arena_destructor_node *)NULL == it ) {
- return PR_FAILURE;
- }
-
- it->prev = arena->last_destructor;
- arena->last_destructor->next = it;
- arena->last_destructor = it;
- it->destructor = destructor;
- it->arg = arg;
-
- if( (nssArenaMark *)NULL != arena->last_mark ) {
- arena->last_mark->prev_destructor = it->prev;
- arena->last_mark->next_destructor = it->next;
- }
-
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssArena_deregisterDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-)
-{
- struct arena_destructor_node *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- for( it = arena->first_destructor; it; it = it->next ) {
- if( (it->destructor == destructor) && (it->arg == arg) ) {
- break;
- }
- }
-
- if( (struct arena_destructor_node *)NULL == it ) {
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
- }
-
- if( it == arena->first_destructor ) {
- arena->first_destructor = it->next;
- }
-
- if( it == arena->last_destructor ) {
- arena->last_destructor = it->prev;
- }
-
- if( (struct arena_destructor_node *)NULL != it->prev ) {
- it->prev->next = it->next;
- }
-
- if( (struct arena_destructor_node *)NULL != it->next ) {
- it->next->prev = it->prev;
- }
-
- {
- nssArenaMark *m;
- for( m = arena->first_mark; m; m = m->next ) {
- if( m->next_destructor == it ) {
- m->next_destructor = it->next;
- }
- if( m->prev_destructor == it ) {
- m->prev_destructor = it->prev;
- }
- }
- }
-
- nss_ZFreeIf(it);
- return PR_SUCCESS;
-}
-
-static void
-nss_arena_call_destructor_chain
-(
- struct arena_destructor_node *it
-)
-{
- for( ; it ; it = it->next ) {
- (*(it->destructor))(it->arg);
- }
-}
-
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-/*
- * NSSArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSArena_Create
-(
- void
-)
-{
- nss_ClearErrorStack();
- return nssArena_Create();
-}
-
-/*
- * nssArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-NSS_IMPLEMENT NSSArena *
-nssArena_Create
-(
- void
-)
-{
- NSSArena *rv = (NSSArena *)NULL;
-
- rv = nss_ZNEW((NSSArena *)NULL, NSSArena);
- if( (NSSArena *)NULL == rv ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSArena *)NULL;
- }
-
- rv->lock = PR_NewLock();
- if( (PRLock *)NULL == rv->lock ) {
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSArena *)NULL;
- }
-
- /*
- * Arena sizes. The current security code has 229 occurrences of
- * PORT_NewArena. The default chunksizes specified break down as
- *
- * Size Mult. Specified as
- * 512 1 512
- * 1024 7 1024
- * 2048 5 2048
- * 2048 5 CRMF_DEFAULT_ARENA_SIZE
- * 2048 190 DER_DEFAULT_CHUNKSIZE
- * 2048 20 SEC_ASN1_DEFAULT_ARENA_SIZE
- * 4096 1 4096
- *
- * Obviously this "default chunksize" flexibility isn't very
- * useful to us, so I'll just pick 2048.
- */
-
- PL_InitArenaPool(&rv->pool, "NSS", 2048, sizeof(double));
-
-#ifdef DEBUG
- {
- PRStatus st;
- st = arena_add_pointer(rv);
- if( PR_SUCCESS != st ) {
- PL_FinishArenaPool(&rv->pool);
- PR_DestroyLock(rv->lock);
- (void)nss_ZFreeIf(rv);
- return (NSSArena *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * NSSArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSArena_Destroy
-(
- NSSArena *arena
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssArena_Destroy(arena);
-}
-
-/*
- * nssArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Destroy
-(
- NSSArena *arena
-)
-{
- PRLock *lock;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(arena->lock);
- if( (PRLock *)NULL == arena->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != arena_remove_pointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
-#ifdef ARENA_DESTRUCTOR_LIST
- /* Note that the arena is locked at this time */
- nss_arena_call_destructor_chain(arena->first_destructor);
-#endif /* ARENA_DESTRUCTOR_LIST */
-
- PL_FinishArenaPool(&arena->pool);
- lock = arena->lock;
- arena->lock = (PRLock *)NULL;
- PR_Unlock(lock);
- PR_DestroyLock(lock);
- (void)nss_ZFreeIf(arena);
- return PR_SUCCESS;
-}
-
-static void *nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size);
-
-/*
- * nssArena_Mark
- *
- * This routine "marks" the current state of an arena. Space
- * allocated after the arena has been marked can be freed by
- * releasing the arena back to the mark with nssArena_Release,
- * or committed by calling nssArena_Unmark. When successful,
- * this routine returns a valid nssArenaMark pointer. This
- * routine may return NULL upon error, in which case it will
- * have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon failure
- * An nssArenaMark pointer upon success
- */
-
-NSS_IMPLEMENT nssArenaMark *
-nssArena_Mark
-(
- NSSArena *arena
-)
-{
- nssArenaMark *rv;
- void *p;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return (nssArenaMark *)NULL;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(arena->lock);
- if( (PRLock *)NULL == arena->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return (nssArenaMark *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL == arena->marking_thread ) {
- /* Unmarked. Store our thread ID */
- arena->marking_thread = PR_GetCurrentThread();
- /* This call never fails. */
- } else {
- /* Marked. Verify it's the current thread */
- if( PR_GetCurrentThread() != arena->marking_thread ) {
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- return (nssArenaMark *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- p = PL_ARENA_MARK(&arena->pool);
- /* No error possible */
-
- /* Do this after the mark */
- rv = (nssArenaMark *)nss_zalloc_arena_locked(arena, sizeof(nssArenaMark));
- if( (nssArenaMark *)NULL == rv ) {
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (nssArenaMark *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if ( (nssArenaMark *)NULL == arena->first_mark) {
- arena->first_mark = rv;
- arena->last_mark = rv;
- } else {
- arena->last_mark->next = rv;
- arena->last_mark = rv;
- }
-#endif /* ARENA_THREADMARK */
-
- rv->mark = p;
- rv->magic = MARK_MAGIC;
-
-#ifdef ARENA_DESTRUCTOR_LIST
- rv->prev_destructor = arena->last_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-
- PR_Unlock(arena->lock);
-
- return rv;
-}
-
-/*
- * nss_arena_unmark_release
- *
- * This static routine implements the routines nssArena_Release
- * ans nssArena_Unmark, which are almost identical.
- */
-
-static PRStatus
-nss_arena_unmark_release
-(
- NSSArena *arena,
- nssArenaMark *arenaMark,
- PRBool release
-)
-{
- void *inner_mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( MARK_MAGIC != arenaMark->magic ) {
- nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
- return PR_FAILURE;
- }
-
- PR_Lock(arena->lock);
- if( (PRLock *)NULL == arena->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL != arena->marking_thread ) {
- if( PR_GetCurrentThread() != arena->marking_thread ) {
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- return PR_FAILURE;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- if( MARK_MAGIC != arenaMark->magic ) {
- /* Just got released */
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
- return PR_FAILURE;
- }
-
- arenaMark->magic = 0;
- inner_mark = arenaMark->mark;
-
-#ifdef ARENA_THREADMARK
- {
- nssArenaMark **pMark = &arena->first_mark;
- nssArenaMark *rest;
- nssArenaMark *last = (nssArenaMark *)NULL;
-
- /* Find this mark */
- while( *pMark != arenaMark ) {
- last = *pMark;
- pMark = &(*pMark)->next;
- }
-
- /* Remember the pointer, then zero it */
- rest = (*pMark)->next;
- *pMark = (nssArenaMark *)NULL;
-
- arena->last_mark = last;
-
- /* Invalidate any later marks being implicitly released */
- for( ; (nssArenaMark *)NULL != rest; rest = rest->next ) {
- rest->magic = 0;
- }
-
- /* If we just got rid of the first mark, clear the thread ID */
- if( (nssArenaMark *)NULL == arena->first_mark ) {
- arena->marking_thread = (PRThread *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- if( release ) {
-#ifdef ARENA_DESTRUCTOR_LIST
- if( (struct arena_destructor_node *)NULL != arenaMark->prev_destructor ) {
- arenaMark->prev_destructor->next = (struct arena_destructor_node *)NULL;
- }
- arena->last_destructor = arenaMark->prev_destructor;
-
- /* Note that the arena is locked at this time */
- nss_arena_call_destructor_chain(arenaMark->next_destructor);
-#endif /* ARENA_DESTRUCTOR_LIST */
-
- PR_ARENA_RELEASE(&arena->pool, inner_mark);
- /* No error return */
- }
-
- PR_Unlock(arena->lock);
- return PR_SUCCESS;
-}
-
-/*
- * nssArena_Release
- *
- * This routine invalidates and releases all memory allocated from
- * the specified arena after the point at which the specified mark
- * was obtained. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Release
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-)
-{
- return nss_arena_unmark_release(arena, arenaMark, PR_TRUE);
-}
-
-/*
- * nssArena_Unmark
- *
- * This routine "commits" the indicated mark and any marks after
- * it, making them unreleasable. Note that any earlier marks can
- * still be released, and such a release will invalidate these
- * later unmarked regions. If an arena is to be safely shared by
- * more than one thread, all marks must be either released or
- * unmarked. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Unmark
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-)
-{
- return nss_arena_unmark_release(arena, arenaMark, PR_FALSE);
-}
-
-/*
- * We prefix this header to all allocated blocks. It is a multiple
- * of the alignment size. Note that this usage of a header may make
- * purify spew bogus warnings about "potentially leaked blocks" of
- * memory; if that gets too annoying we can add in a pointer to the
- * header in the header itself. There's not a lot of safety here;
- * maybe we should add a magic value?
- */
-struct pointer_header {
- NSSArena *arena;
- PRUint32 size;
-};
-
-static void *
-nss_zalloc_arena_locked
-(
- NSSArena *arena,
- PRUint32 size
-)
-{
- void *p;
- void *rv;
- struct pointer_header *h;
- PRUint32 my_size = size + sizeof(struct pointer_header);
- PR_ARENA_ALLOCATE(p, &arena->pool, my_size);
- if( (void *)NULL == p ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
- /*
- * Do this before we unlock. This way if the user is using
- * an arena in one thread while destroying it in another, he'll
- * fault/FMR in his code, not ours.
- */
- h = (struct pointer_header *)p;
- h->arena = arena;
- h->size = size;
- rv = (void *)((char *)h + sizeof(struct pointer_header));
- (void)nsslibc_memset(rv, 0, size);
- return rv;
-}
-
-/*
- * nss_ZAlloc
- *
- * This routine allocates and zeroes a section of memory of the
- * size, and returns to the caller a pointer to that memory. If
- * the optional arena argument is non-null, the memory will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in
- * which case it will have set an error upon the error stack. The
- * value specified for size may be zero; in which case a valid
- * zero-length block of memory will be allocated. This block may
- * be expanded by calling nss_ZRealloc.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-NSS_IMPLEMENT void *
-nss_ZAlloc
-(
- NSSArena *arenaOpt,
- PRUint32 size
-)
-{
- struct pointer_header *h;
- PRUint32 my_size = size + sizeof(struct pointer_header);
-
- if( my_size < sizeof(struct pointer_header) ) {
- /* Wrapped */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- /* Heap allocation, no locking required. */
- h = (struct pointer_header *)PR_Calloc(1, my_size);
- if( (struct pointer_header *)NULL == h ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- h->arena = (NSSArena *)NULL;
- h->size = size;
- /* We used calloc: it's already zeroed */
-
- return (void *)((char *)h + sizeof(struct pointer_header));
- } else {
- void *rv;
- /* Arena allocation */
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(arenaOpt->lock);
- if( (PRLock *)NULL == arenaOpt->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return (void *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL != arenaOpt->marking_thread ) {
- if( PR_GetCurrentThread() != arenaOpt->marking_thread ) {
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- PR_Unlock(arenaOpt->lock);
- return (void *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- rv = nss_zalloc_arena_locked(arenaOpt, size);
-
- PR_Unlock(arenaOpt->lock);
- return rv;
- }
- /*NOTREACHED*/
-}
-
-/*
- * nss_ZFreeIf
- *
- * If the specified pointer is non-null, then the region of memory
- * to which it points -- which must have been allocated with
- * nss_ZAlloc -- will be zeroed and released. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nss_ZFreeIf
-(
- void *pointer
-)
-{
- struct pointer_header *h;
-
- if( (void *)NULL == pointer ) {
- return PR_SUCCESS;
- }
-
- h = (struct pointer_header *)&((char *)pointer)
- [ - sizeof(struct pointer_header) ];
-
- /* Check any magic here */
-
- if( (NSSArena *)NULL == h->arena ) {
- /* Heap */
- (void)nsslibc_memset(pointer, 0, h->size);
- PR_Free(h);
- return PR_SUCCESS;
- } else {
- /* Arena */
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(h->arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(h->arena->lock);
- if( (PRLock *)NULL == h->arena->lock ) {
- /* Just got destroyed.. so this pointer is invalid */
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- (void)nsslibc_memset(pointer, 0, h->size);
-
- /* No way to "free" it within an NSPR arena. */
-
- PR_Unlock(h->arena->lock);
- return PR_SUCCESS;
- }
- /*NOTREACHED*/
-}
-
-/*
- * nss_ZRealloc
- *
- * This routine reallocates a block of memory obtained by calling
- * nss_ZAlloc or nss_ZRealloc. The portion of memory
- * between the new and old sizes -- which is either being newly
- * obtained or released -- is in either case zeroed. This routine
- * may return NULL upon failure, in which case it will have placed
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the replacement segment of memory
- */
-
-NSS_EXTERN void *
-nss_ZRealloc
-(
- void *pointer,
- PRUint32 newSize
-)
-{
- struct pointer_header *h, *new_h;
- PRUint32 my_newSize = newSize + sizeof(struct pointer_header);
- void *rv;
-
- if( my_newSize < sizeof(struct pointer_header) ) {
- /* Wrapped */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- if( (void *)NULL == pointer ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-
- h = (struct pointer_header *)&((char *)pointer)
- [ - sizeof(struct pointer_header) ];
-
- /* Check any magic here */
-
- if( newSize == h->size ) {
- /* saves thrashing */
- return pointer;
- }
-
- if( (NSSArena *)NULL == h->arena ) {
- /* Heap */
- new_h = (struct pointer_header *)PR_Calloc(1, my_newSize);
- if( (struct pointer_header *)NULL == new_h ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- new_h->arena = (NSSArena *)NULL;
- new_h->size = newSize;
- rv = (void *)((char *)new_h + sizeof(struct pointer_header));
-
- if( newSize > h->size ) {
- (void)nsslibc_memcpy(rv, pointer, h->size);
- (void)nsslibc_memset(&((char *)rv)[ h->size ],
- 0, (newSize - h->size));
- } else {
- (void)nsslibc_memcpy(rv, pointer, newSize);
- }
-
- (void)nsslibc_memset(pointer, 0, h->size);
- h->size = 0;
- PR_Free(h);
-
- return rv;
- } else {
- void *p;
- /* Arena */
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(h->arena) ) {
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(h->arena->lock);
- if( (PRLock *)NULL == h->arena->lock ) {
- /* Just got destroyed.. so this pointer is invalid */
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL != h->arena->marking_thread ) {
- if( PR_GetCurrentThread() != h->arena->marking_thread ) {
- PR_Unlock(h->arena->lock);
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- return (void *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- if( newSize < h->size ) {
- /*
- * We have no general way of returning memory to the arena
- * (mark/release doesn't work because things may have been
- * allocated after this object), so the memory is gone
- * anyway. We might as well just return the same pointer to
- * the user, saying "yeah, uh-hunh, you can only use less of
- * it now." We'll zero the leftover part, of course. And
- * in fact we might as well *not* adjust h->size-- this way,
- * if the user reallocs back up to something not greater than
- * the original size, then voila, there's the memory! This
- * way a thrash big/small/big/small doesn't burn up the arena.
- */
- char *extra = &((char *)pointer)[ newSize ];
- (void)nsslibc_memset(extra, 0, (h->size - newSize));
- PR_Unlock(h->arena->lock);
- return pointer;
- }
-
- PR_ARENA_ALLOCATE(p, &h->arena->pool, my_newSize);
- if( (void *)NULL == p ) {
- PR_Unlock(h->arena->lock);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- new_h = (struct pointer_header *)p;
- new_h->arena = h->arena;
- new_h->size = newSize;
- rv = (void *)((char *)new_h + sizeof(struct pointer_header));
- if (rv != pointer) {
- (void)nsslibc_memcpy(rv, pointer, h->size);
- (void)nsslibc_memset(pointer, 0, h->size);
- }
- (void)nsslibc_memset(&((char *)rv)[ h->size ], 0, (newSize - h->size));
- h->arena = (NSSArena *)NULL;
- h->size = 0;
- PR_Unlock(new_h->arena->lock);
- return rv;
- }
- /*NOTREACHED*/
-}
diff --git a/security/nss/lib/base/base.h b/security/nss/lib/base/base.h
deleted file mode 100644
index 9a8d2d294..000000000
--- a/security/nss/lib/base/base.h
+++ /dev/null
@@ -1,1445 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef BASE_H
-#define BASE_H
-
-#ifdef DEBUG
-static const char BASE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * base.h
- *
- * This header file contains basic prototypes and preprocessor
- * definitions used throughout nss but not available publicly.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#include "plhash.h"
-#include "prthread.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSArena
- *
- * The nonpublic methods relating to this type are:
- *
- * nssArena_Create -- constructor
- * nssArena_Destroy
- * nssArena_Mark
- * nssArena_Release
- * nssArena_Unmark
- *
- * nss_ZAlloc
- * nss_ZFreeIf
- * nss_ZRealloc
- *
- * Additionally, there are some preprocessor macros:
- *
- * nss_ZNEW
- * nss_ZNEWARRAY
- *
- * In debug builds, the following calls are available:
- *
- * nssArena_verifyPointer
- * nssArena_registerDestructor
- * nssArena_deregisterDestructor
- *
- * The following preprocessor macro is also always available:
- *
- * nssArena_VERIFYPOINTER
- *
- * A constant PLHashAllocOps structure is available for users
- * of the NSPL PLHashTable routines.
- *
- * nssArenaHashAllocOps
- */
-
-/*
- * nssArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-/*
- * XXX fgmr
- * Arenas can be named upon creation; this is mostly of use when
- * debugging. Should we expose that here, allowing an optional
- * "const char *name" argument? Should the public version of this
- * call (NSSArena_Create) have it too?
- */
-
-NSS_EXTERN NSSArena *
-nssArena_Create
-(
- void
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Destroy
-(
- NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-
-/*
- * nssArena_Mark
- *
- * This routine "marks" the current state of an arena. Space
- * allocated after the arena has been marked can be freed by
- * releasing the arena back to the mark with nssArena_Release,
- * or committed by calling nssArena_Unmark. When successful,
- * this routine returns a valid nssArenaMark pointer. This
- * routine may return NULL upon error, in which case it will
- * have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon failure
- * An nssArenaMark pointer upon success
- */
-
-NSS_EXTERN nssArenaMark *
-nssArena_Mark
-(
- NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nssArena_Release
- *
- * This routine invalidates and releases all memory allocated from
- * the specified arena after the point at which the specified mark
- * was obtained. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Release
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
-
-/*
- * nssArena_Unmark
- *
- * This routine "commits" the indicated mark and any marks after
- * it, making them unreleasable. Note that any earlier marks can
- * still be released, and such a release will invalidate these
- * later unmarked regions. If an arena is to be safely shared by
- * more than one thread, all marks must be either released or
- * unmarked. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Unmark
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-#ifdef ARENA_DESTRUCTOR_LIST
-
-/*
- * nssArena_registerDestructor
- *
- * This routine stores a pointer to a callback and an arbitrary
- * pointer-sized argument in the arena, at the current point in
- * the mark stack. If the arena is destroyed, or an "earlier"
- * mark is released, then this destructor will be called at that
- * time. Note that the destructor will be called with the arena
- * locked, which means the destructor may free memory in that
- * arena, but it may not allocate or cause to be allocated any
- * memory. This callback facility was included to support our
- * debug-version pointer-tracker feature; overuse runs counter to
- * the the original intent of arenas. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * unsuccessful, it will set an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_registerDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssArena_deregisterDestructor
- *
- * This routine will remove the first destructor in the specified
- * arena which has the specified destructor and argument values.
- * The destructor will not be called. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * unsuccessful, it will set an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_deregisterDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-);
-
-extern const NSSError NSS_ERROR_INVALID_ITEM;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-/*
- * nss_ZAlloc
- *
- * This routine allocates and zeroes a section of memory of the
- * size, and returns to the caller a pointer to that memory. If
- * the optional arena argument is non-null, the memory will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in
- * which case it will have set an error upon the error stack. The
- * value specified for size may be zero; in which case a valid
- * zero-length block of memory will be allocated. This block may
- * be expanded by calling nss_ZRealloc.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-NSS_EXTERN void *
-nss_ZAlloc
-(
- NSSArena *arenaOpt,
- PRUint32 size
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nss_ZFreeIf
- *
- * If the specified pointer is non-null, then the region of memory
- * to which it points -- which must have been allocated with
- * nss_ZAlloc -- will be zeroed and released. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nss_ZFreeIf
-(
- void *pointer
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nss_ZRealloc
- *
- * This routine reallocates a block of memory obtained by calling
- * nss_ZAlloc or nss_ZRealloc. The portion of memory
- * between the new and old sizes -- which is either being newly
- * obtained or released -- is in either case zeroed. This routine
- * may return NULL upon failure, in which case it will have placed
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the replacement segment of memory
- */
-
-NSS_EXTERN void *
-nss_ZRealloc
-(
- void *pointer,
- PRUint32 newSize
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nss_ZNEW
- *
- * This preprocessor macro will allocate memory for a new object
- * of the specified type with nss_ZAlloc, and will cast the
- * return value appropriately. If the optional arena argument is
- * non-null, the memory will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have set an error
- * upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nss_ZNEW(arenaOpt, type) ((type *)nss_ZAlloc((arenaOpt), sizeof(type)))
-
-/*
- * nss_ZNEWARRAY
- *
- * This preprocessor macro will allocate memory for an array of
- * new objects, and will cast the return value appropriately.
- * If the optional arena argument is non-null, the memory will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon
- * error, in which case it will have set an error upon the error
- * stack. The array size may be specified as zero.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nss_ZNEWARRAY(arenaOpt, type, quantity) ((type *)nss_ZAlloc((arenaOpt), sizeof(type) * (quantity)))
-
-/*
- * nss_ZREALLOCARRAY
- *
- * This preprocessor macro will reallocate memory for an array of
- * new objects, and will cast the return value appropriately.
- * This routine may return NULL upon error, in which case it will
- * have set an error upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the replacement segment of memory
- */
-#define nss_ZREALLOCARRAY(p, type, quantity) ((type *)nss_ZRealloc((p), sizeof(type) * (quantity)))
-
-/*
- * nssArena_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSArena object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssArena_verifyPointer
-(
- const NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-#endif /* DEBUG */
-
-/*
- * nssArena_VERIFYPOINTER
- *
- * This macro is always available. In debug builds it will call
- * nssArena_verifyPointer; in non-debug builds, it will merely
- * check that the pointer is not null. Note that in non-debug
- * builds it cannot place an error on the error stack.
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-#define nssArena_VERIFYPOINTER(p) nssArena_verifyPointer(p)
-#else /* DEBUG */
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nssArena_VERIFYPOINTER(p) (((NSSArena *)NULL == (p))?PR_FAILURE:PR_SUCCESS)
-#endif /* DEBUG */
-
-/*
- * nssArenaHashAllocOps
- *
- * This constant structure contains allocation callbacks designed for
- * use with the NSPL routine PL_NewHashTable. For example:
- *
- * NSSArena *hashTableArena = nssArena_Create();
- * PLHashTable *t = PL_NewHashTable(n, hasher, key_compare,
- * value_compare, nssArenaHashAllocOps, hashTableArena);
- */
-
-NSS_EXTERN_DATA PLHashAllocOps nssArenaHashAllocOps;
-
-/*
- * The error stack
- *
- * The nonpublic methods relating to the error stack are:
- *
- * nss_SetError
- * nss_ClearErrorStack
- */
-
-/*
- * nss_SetError
- *
- * This routine places a new error code on the top of the calling
- * thread's error stack. Calling this routine wiht an error code
- * of zero will clear the error stack.
- */
-
-NSS_EXTERN void
-nss_SetError
-(
- PRUint32 error
-);
-
-/*
- * nss_ClearErrorStack
- *
- * This routine clears the calling thread's error stack.
- */
-
-NSS_EXTERN void
-nss_ClearErrorStack
-(
- void
-);
-
-/*
- * NSSItem
- *
- * nssItem_Create
- * nssItem_Duplicate
- * nssItem_Equal
- */
-
-NSS_EXTERN NSSItem *
-nssItem_Create
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- PRUint32 length,
- const void *data
-);
-
-NSS_EXTERN void
-nssItem_Destroy
-(
- NSSItem *item
-);
-
-NSS_EXTERN NSSItem *
-nssItem_Duplicate
-(
- NSSItem *obj,
- NSSArena *arenaOpt,
- NSSItem *rvOpt
-);
-
-NSS_EXTERN PRBool
-nssItem_Equal
-(
- const NSSItem *one,
- const NSSItem *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSUTF8
- *
- * nssUTF8_CaseIgnoreMatch
- * nssUTF8_Duplicate
- * nssUTF8_Size
- * nssUTF8_Length
- * nssUTF8_CopyIntoFixedBuffer
- */
-
-/*
- * nssUTF8_CaseIgnoreMatch
- *
- * Returns true if the two UTF8-encoded strings pointed to by the
- * two specified NSSUTF8 pointers differ only in typcase.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssUTF8_CaseIgnoreMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-);
-
-/*
- * nssUTF8_Duplicate
- *
- * This routine duplicates the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer. If the optional arenaOpt argument is
- * not null, the memory required will be obtained from that arena;
- * otherwise, the memory required will be obtained from the heap.
- * A pointer to the new string will be returned. In case of error,
- * an error will be placed on the error stack and NULL will be
- * returned.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_Duplicate
-(
- const NSSUTF8 *s,
- NSSArena *arenaOpt
-);
-
-/*
- * nssUTF8_PrintableMatch
- *
- * Returns true if the two Printable strings pointed to by the
- * two specified NSSUTF8 pointers match when compared with the
- * rules for Printable String (leading and trailing spaces are
- * disregarded, extents of whitespace match irregardless of length,
- * and case is not significant), then PR_TRUE will be returned.
- * Otherwise, PR_FALSE will be returned. Upon failure, PR_FALSE
- * will be returned. If the optional statusOpt argument is not
- * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
- * location.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssUTF8_PrintableMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-);
-
-/*
- * nssUTF8_Size
- *
- * This routine returns the length in bytes (including the terminating
- * null) of the UTF8-encoded string pointed to by the specified
- * NSSUTF8 pointer. Zero is returned on error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * nonzero size of the string
- * 0 on error
- */
-
-NSS_EXTERN PRUint32
-nssUTF8_Size
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
-
-/*
- * nssUTF8_Length
- *
- * This routine returns the length in characters (not including the
- * terminating null) of the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * length of the string (which may be zero)
- * 0 on error
- */
-
-NSS_EXTERN PRUint32
-nssUTF8_Length
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
-extern const NSSError NSS_ERROR_INVALID_STRING;
-
-/*
- * nssUTF8_Create
- *
- * This routine creates a UTF8 string from a string in some other
- * format. Some types of string may include embedded null characters,
- * so for them the length parameter must be used. For string types
- * that are null-terminated, the length parameter is optional; if it
- * is zero, it will be ignored. If the optional arena argument is
- * non-null, the memory used for the new string will be obtained from
- * that arena, otherwise it will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_UNSUPPORTED_TYPE
- *
- * Return value:
- * NULL upon error
- * A non-null pointer to a new UTF8 string otherwise
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- const void *inputString,
- PRUint32 size /* in bytes, not characters */
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_UNSUPPORTED_TYPE;
-
-NSS_EXTERN NSSItem *
-nssUTF8_GetEncoding
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- nssStringType type,
- NSSUTF8 *string
-);
-
-/*
- * nssUTF8_CopyIntoFixedBuffer
- *
- * This will copy a UTF8 string into a fixed-length buffer, making
- * sure that the all characters are valid. Any remaining space will
- * be padded with the specified ASCII character, typically either
- * null or space.
- *
- * Blah, blah, blah.
- */
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
-
-NSS_EXTERN PRStatus
-nssUTF8_CopyIntoFixedBuffer
-(
- NSSUTF8 *string,
- char *buffer,
- PRUint32 bufferSize,
- char pad
-);
-
-/*
- * nssUTF8_Equal
- *
- */
-
-NSS_EXTERN PRBool
-nssUTF8_Equal
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-);
-
-/*
- * nssList
- *
- * The goal is to provide a simple, optionally threadsafe, linked list
- * class. Since NSS did not seem to use the circularity of PRCList
- * much before, this provides a list that appears to be a linear,
- * NULL-terminated list.
- */
-
-/*
- * nssList_Create
- *
- * If threadsafe is true, the list will be locked during modifications
- * and traversals.
- */
-NSS_EXTERN nssList *
-nssList_Create
-(
- NSSArena *arenaOpt,
- PRBool threadSafe
-);
-
-/*
- * nssList_Destroy
- */
-NSS_EXTERN PRStatus
-nssList_Destroy
-(
- nssList *list
-);
-
-NSS_EXTERN void
-nssList_Clear
-(
- nssList *list,
- nssListElementDestructorFunc destructor
-);
-
-/*
- * nssList_SetCompareFunction
- *
- * By default, two list elements will be compared by comparing their
- * data pointers. By setting this function, the user can control
- * how elements are compared.
- */
-NSS_EXTERN void
-nssList_SetCompareFunction
-(
- nssList *list,
- nssListCompareFunc compareFunc
-);
-
-/*
- * nssList_SetSortFunction
- *
- * Sort function to use for an ordered list.
- */
-NSS_EXTERN void
-nssList_SetSortFunction
-(
- nssList *list,
- nssListSortFunc sortFunc
-);
-
-/*
- * nssList_Add
- */
-NSS_EXTERN PRStatus
-nssList_Add
-(
- nssList *list,
- void *data
-);
-
-/*
- * nssList_AddUnique
- *
- * This will use the compare function to see if the element is already
- * in the list.
- */
-NSS_EXTERN PRStatus
-nssList_AddUnique
-(
- nssList *list,
- void *data
-);
-
-/*
- * nssList_Remove
- *
- * Uses the compare function to locate the element and remove it.
- */
-NSS_EXTERN PRStatus
-nssList_Remove(nssList *list, void *data);
-
-/*
- * nssList_Get
- *
- * Uses the compare function to locate an element. Also serves as
- * nssList_Exists.
- */
-NSS_EXTERN void *
-nssList_Get
-(
- nssList *list,
- void *data
-);
-
-/*
- * nssList_Count
- */
-NSS_EXTERN PRUint32
-nssList_Count
-(
- nssList *list
-);
-
-/*
- * nssList_GetArray
- *
- * Fill rvArray, up to maxElements, with elements in the list. The
- * array is NULL-terminated, so its allocated size must be maxElements + 1.
- */
-NSS_EXTERN PRStatus
-nssList_GetArray
-(
- nssList *list,
- void **rvArray,
- PRUint32 maxElements
-);
-
-/*
- * nssList_CreateIterator
- *
- * Create an iterator for list traversal.
- */
-NSS_EXTERN nssListIterator *
-nssList_CreateIterator
-(
- nssList *list
-);
-
-NSS_EXTERN nssList *
-nssList_Clone
-(
- nssList *list
-);
-
-/*
- * nssListIterator_Destroy
- */
-NSS_EXTERN void
-nssListIterator_Destroy
-(
- nssListIterator *iter
-);
-
-/*
- * nssListIterator_Start
- *
- * Begin a list iteration. After this call, if the list is threadSafe,
- * the list is *locked*.
- */
-NSS_EXTERN void *
-nssListIterator_Start
-(
- nssListIterator *iter
-);
-
-/*
- * nssListIterator_Next
- *
- * Continue a list iteration.
- */
-NSS_EXTERN void *
-nssListIterator_Next
-(
- nssListIterator *iter
-);
-
-/*
- * nssListIterator_Finish
- *
- * Complete a list iteration. This *must* be called in order for the
- * lock to be released.
- */
-NSS_EXTERN PRStatus
-nssListIterator_Finish
-(
- nssListIterator *iter
-);
-
-/*
- * nssHash
- *
- * nssHash_Create
- * nssHash_Destroy
- * nssHash_Add
- * nssHash_Remove
- * nssHash_Count
- * nssHash_Exists
- * nssHash_Lookup
- * nssHash_Iterate
- */
-
-/*
- * nssHash_Create
- *
- */
-
-NSS_EXTERN nssHash *
-nssHash_Create
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets,
- PLHashFunction keyHash,
- PLHashComparator keyCompare,
- PLHashComparator valueCompare
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreatePointer
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateString
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateItem
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-/*
- * nssHash_Destroy
- *
- */
-NSS_EXTERN void
-nssHash_Destroy
-(
- nssHash *hash
-);
-
-/*
- * nssHash_Add
- *
- */
-
-extern const NSSError NSS_ERROR_HASH_COLLISION;
-
-NSS_EXTERN PRStatus
-nssHash_Add
-(
- nssHash *hash,
- const void *key,
- const void *value
-);
-
-/*
- * nssHash_Remove
- *
- */
-NSS_EXTERN void
-nssHash_Remove
-(
- nssHash *hash,
- const void *it
-);
-
-/*
- * nssHash_Count
- *
- */
-NSS_EXTERN PRUint32
-nssHash_Count
-(
- nssHash *hash
-);
-
-/*
- * nssHash_Exists
- *
- */
-NSS_EXTERN PRBool
-nssHash_Exists
-(
- nssHash *hash,
- const void *it
-);
-
-/*
- * nssHash_Lookup
- *
- */
-NSS_EXTERN void *
-nssHash_Lookup
-(
- nssHash *hash,
- const void *it
-);
-
-/*
- * nssHash_Iterate
- *
- */
-NSS_EXTERN void
-nssHash_Iterate
-(
- nssHash *hash,
- nssHashIterator fcn,
- void *closure
-);
-
-
-/*
- * nssPointerTracker
- *
- * This type and these methods are only present in debug builds.
- *
- * The nonpublic methods relating to this type are:
- *
- * nssPointerTracker_initialize
- * nssPointerTracker_finalize
- * nssPointerTracker_add
- * nssPointerTracker_remove
- * nssPointerTracker_verify
- */
-
-/*
- * nssPointerTracker_initialize
- *
- * This method is only present in debug builds.
- *
- * This routine initializes an nssPointerTracker object. Note that
- * the object must have been declared *static* to guarantee that it
- * is in a zeroed state initially. This routine is idempotent, and
- * may even be safely called by multiple threads simultaneously with
- * the same argument. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. On failure it will set an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_initialize
-(
- nssPointerTracker *tracker
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_finalize
- *
- * This method is only present in debug builds.
- *
- * This routine returns the nssPointerTracker object to the pre-
- * initialized state, releasing all resources used by the object.
- * It will *NOT* destroy the objects being tracked by the pointer
- * (should any remain), and therefore cannot be used to "sweep up"
- * remaining objects. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCES. On failure it will set an
- * error on the error stack and return PR_FAILURE. If any objects
- * remain in the tracker when it is finalized, that will be treated
- * as an error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_TRACKER_NOT_EMPTY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_finalize
-(
- nssPointerTracker *tracker
-);
-
-extern const NSSError NSS_ERROR_TRACKER_NOT_EMPTY;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_add
- *
- * This method is only present in debug builds.
- *
- * This routine adds the specified pointer to the nssPointerTracker
- * object. It should be called in constructor objects to register
- * new valid objects. The nssPointerTracker is threadsafe, but this
- * call is not idempotent. This routine returns a PRStatus value;
- * if successful it will return PR_SUCCESS. On failure it will set
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_DUPLICATE_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_add
-(
- nssPointerTracker *tracker,
- const void *pointer
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
-extern const NSSError NSS_ERROR_DUPLICATE_POINTER;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_remove
- *
- * This method is only present in debug builds.
- *
- * This routine removes the specified pointer from the
- * nssPointerTracker object. It does not call any destructor for the
- * object; rather, this should be called from the object's destructor.
- * The nssPointerTracker is threadsafe, but this call is not
- * idempotent. This routine returns a PRStatus value; if successful
- * it will return PR_SUCCESS. On failure it will set an error on the
- * error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_remove
-(
- nssPointerTracker *tracker,
- const void *pointer
-);
-
-extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
-extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_verify
- *
- * This method is only present in debug builds.
- *
- * This routine verifies that the specified pointer has been registered
- * with the nssPointerTracker object. The nssPointerTracker object is
- * threadsafe, and this call may be safely called from multiple threads
- * simultaneously with the same arguments. This routine returns a
- * PRStatus value; if the pointer is registered this will return
- * PR_SUCCESS. Otherwise it will set an error on the error stack and
- * return PR_FAILURE. Although the error is suitable for leaving on
- * the stack, callers may wish to augment the information available by
- * placing a more type-specific error on the stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILRUE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_verify
-(
- nssPointerTracker *tracker,
- const void *pointer
-);
-
-extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
-#endif /* DEBUG */
-
-/*
- * libc
- *
- * nsslibc_memcpy
- * nsslibc_memset
- * nsslibc_offsetof
- */
-
-/*
- * nsslibc_memcpy
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_EXTERN void *
-nsslibc_memcpy
-(
- void *dest,
- const void *source,
- PRUint32 n
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nsslibc_memset
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_EXTERN void *
-nsslibc_memset
-(
- void *dest,
- PRUint8 byte,
- PRUint32 n
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nsslibc_memequal
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if they match
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nsslibc_memequal
-(
- const void *a,
- const void *b,
- PRUint32 len,
- PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-#define nsslibc_offsetof(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
-
-/*
- * nss_NewThreadPrivateIndex
- *
- */
-
-NSS_EXTERN PRStatus
-nss_NewThreadPrivateIndex
-(
- PRUintn *ip,
- PRThreadPrivateDTOR dtor
-);
-
-/*
- * nss_GetThreadPrivate
- *
- */
-
-NSS_EXTERN void *
-nss_GetThreadPrivate
-(
- PRUintn i
-);
-
-/*
- * nss_SetThreadPrivate
- *
- */
-
-NSS_EXTERN void
-nss_SetThreadPrivate
-(
- PRUintn i,
- void *v
-);
-
-
-PR_END_EXTERN_C
-
-#endif /* BASE_H */
diff --git a/security/nss/lib/base/baset.h b/security/nss/lib/base/baset.h
deleted file mode 100644
index 6df6da5aa..000000000
--- a/security/nss/lib/base/baset.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef BASET_H
-#define BASET_H
-
-#ifdef DEBUG
-static const char BASET_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * baset.h
- *
- * This file contains definitions for the basic types used throughout
- * nss but not available publicly.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#include "plhash.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssArenaMark
- *
- * This type is used to mark the current state of an NSSArena.
- */
-
-struct nssArenaMarkStr;
-typedef struct nssArenaMarkStr nssArenaMark;
-
-#ifdef DEBUG
-/*
- * ARENA_THREADMARK
- *
- * Optionally, this arena implementation can be compiled with some
- * runtime checking enabled, which will catch the situation where
- * one thread "marks" the arena, another thread allocates memory,
- * and then the mark is released. Usually this is a surprise to
- * the second thread, and this leads to weird runtime errors.
- * Define ARENA_THREADMARK to catch these cases; we define it for all
- * (internal and external) debug builds.
- */
-#define ARENA_THREADMARK
-
-/*
- * ARENA_DESTRUCTOR_LIST
- *
- * Unfortunately, our pointer-tracker facility, used in debug
- * builds to agressively fight invalid pointers, requries that
- * pointers be deregistered when objects are destroyed. This
- * conflicts with the standard arena usage where "memory-only"
- * objects (that don't hold onto resources outside the arena)
- * can be allocated in an arena, and never destroyed other than
- * when the arena is destroyed. Therefore we have added a
- * destructor-registratio facility to our arenas. This was not
- * a simple decision, since we're getting ever-further away from
- * the original arena philosophy. However, it was felt that
- * adding this in debug builds wouldn't be so bad; as it would
- * discourage them from being used for "serious" purposes.
- * This facility requires ARENA_THREADMARK to be defined.
- */
-#ifdef ARENA_THREADMARK
-#define ARENA_DESTRUCTOR_LIST
-#endif /* ARENA_THREADMARK */
-
-#endif /* DEBUG */
-
-typedef struct nssListStr nssList;
-typedef struct nssListIteratorStr nssListIterator;
-typedef PRBool (* nssListCompareFunc)(void *a, void *b);
-typedef PRIntn (* nssListSortFunc)(void *a, void *b);
-typedef void (* nssListElementDestructorFunc)(void *el);
-
-typedef struct nssHashStr nssHash;
-typedef void (PR_CALLBACK *nssHashIterator)(const void *key,
- void *value,
- void *arg);
-
-/*
- * nssPointerTracker
- *
- * This type is used in debug builds (both external and internal) to
- * track our object pointers. Objects of this type must be statically
- * allocated, which means the structure size must be available to the
- * compiler. Therefore we must expose the contents of this structure.
- * But please don't access elements directly; use the accessors.
- */
-
-#ifdef DEBUG
-struct nssPointerTrackerStr {
- PRCallOnceType once;
- PZLock *lock;
- PLHashTable *table;
-};
-typedef struct nssPointerTrackerStr nssPointerTracker;
-#endif /* DEBUG */
-
-/*
- * nssStringType
- *
- * There are several types of strings in the real world. We try to
- * use only UTF8 and avoid the rest, but that's not always possible.
- * So we have a couple converter routines to go to and from the other
- * string types. We have to be able to specify those string types,
- * so we have this enumeration.
- */
-
-enum nssStringTypeEnum {
- nssStringType_DirectoryString,
- nssStringType_TeletexString, /* Not "teletext" with trailing 't' */
- nssStringType_PrintableString,
- nssStringType_UniversalString,
- nssStringType_BMPString,
- nssStringType_UTF8String,
- nssStringType_PHGString,
- nssStringType_GeneralString,
-
- nssStringType_Unknown = -1
-};
-typedef enum nssStringTypeEnum nssStringType;
-
-PR_END_EXTERN_C
-
-#endif /* BASET_H */
diff --git a/security/nss/lib/base/config.mk b/security/nss/lib/base/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/base/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/base/error.c b/security/nss/lib/base/error.c
deleted file mode 100644
index 3e736b2b0..000000000
--- a/security/nss/lib/base/error.c
+++ /dev/null
@@ -1,297 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * error.c
- *
- * This file contains the code implementing the per-thread error
- * stacks upon which most NSS routines report their errors.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * The stack itself has a header, and a sequence of integers.
- * The header records the amount of space (as measured in stack
- * slots) already allocated for the stack, and the count of the
- * number of records currently being used.
- */
-
-struct stack_header_str {
- PRUint16 space;
- PRUint16 count;
-};
-
-struct error_stack_str {
- struct stack_header_str header;
- PRInt32 stack[1];
-};
-typedef struct error_stack_str error_stack;
-
-/*
- * error_stack_index
- *
- * Thread-private data must be indexed. This is that index.
- * See PR_NewThreadPrivateIndex for more information.
- */
-
-static PRUintn error_stack_index;
-
-/*
- * call_once
- *
- * The thread-private index must be obtained (once!) at runtime.
- * This block is used for that one-time call.
- */
-
-static PRCallOnceType error_call_once;
-
-/*
- * error_once_function
- *
- * This is the once-called callback.
- */
-
-static PRStatus
-error_once_function
-(
- void
-)
-{
- return nss_NewThreadPrivateIndex(&error_stack_index,PR_Free);
- /* return PR_NewThreadPrivateIndex(&error_stack_index, PR_Free); */
-}
-
-/*
- * error_get_my_stack
- *
- * This routine returns the calling thread's error stack, creating
- * it if necessary. It may return NULL upon error, which implicitly
- * means that it ran out of memory.
- */
-
-static error_stack *
-error_get_my_stack
-(
- void
-)
-{
- PRStatus st;
- error_stack *rv;
- PRUintn new_size;
- PRUint32 new_bytes;
- error_stack *new_stack;
-
- if( 0 == error_stack_index ) {
- st = PR_CallOnce(&error_call_once, error_once_function);
- if( PR_SUCCESS != st ) {
- return (error_stack *)NULL;
- }
- }
-
- rv = (error_stack *)nss_GetThreadPrivate(error_stack_index);
- if( (error_stack *)NULL == rv ) {
- /* Doesn't exist; create one */
- new_size = 16;
- } else {
- if( rv->header.count == rv->header.space ) {
- /* Too small, expand it */
- new_size = rv->header.space + 16;
- } else {
- /* Okay, return it */
- return rv;
- }
- }
-
- new_bytes = (new_size * sizeof(PRInt32)) +
- sizeof(struct stack_header_str);
- /* Use NSPR's calloc/realloc, not NSS's, to avoid loops! */
- new_stack = PR_Calloc(1, new_bytes);
-
- if( (error_stack *)NULL != new_stack ) {
- if( (error_stack *)NULL != rv ) {
- (void)nsslibc_memcpy(new_stack,rv,rv->header.space);
- }
- new_stack->header.space = new_size;
- }
-
- /* Set the value, whether or not the allocation worked */
- nss_SetThreadPrivate(error_stack_index, new_stack);
- return new_stack;
-}
-
-/*
- * The error stack
- *
- * The public methods relating to the error stack are:
- *
- * NSS_GetError
- * NSS_GetErrorStack
- *
- * The nonpublic methods relating to the error stack are:
- *
- * nss_SetError
- * nss_ClearErrorStack
- *
- */
-
-/*
- * NSS_GetError
- *
- * This routine returns the highest-level (most general) error set
- * by the most recent NSS library routine called by the same thread
- * calling this routine.
- *
- * This routine cannot fail. However, it may return zero, which
- * indicates that the previous NSS library call did not set an error.
- *
- * Return value:
- * 0 if no error has been set
- * A nonzero error number
- */
-
-NSS_IMPLEMENT PRInt32
-NSS_GetError
-(
- void
-)
-{
- error_stack *es = error_get_my_stack();
-
- if( (error_stack *)NULL == es ) {
- return NSS_ERROR_NO_MEMORY; /* Good guess! */
- }
-
- if( 0 == es->header.count ) {
- return 0;
- }
-
- return es->stack[ es->header.count-1 ];
-}
-
-/*
- * NSS_GetErrorStack
- *
- * This routine returns a pointer to an array of integers, containing
- * the entire sequence or "stack" of errors set by the most recent NSS
- * library routine called by the same thread calling this routine.
- * NOTE: the caller DOES NOT OWN the memory pointed to by the return
- * value. The pointer will remain valid until the calling thread
- * calls another NSS routine. The lowest-level (most specific) error
- * is first in the array, and the highest-level is last. The array is
- * zero-terminated. This routine may return NULL upon error; this
- * indicates a low-memory situation.
- *
- * Return value:
- * NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
- * A NON-caller-owned pointer to an array of integers
- */
-
-NSS_IMPLEMENT PRInt32 *
-NSS_GetErrorStack
-(
- void
-)
-{
- error_stack *es = error_get_my_stack();
-
- if( (error_stack *)NULL == es ) {
- return (PRInt32 *)NULL;
- }
-
- /* Make sure it's terminated */
- es->stack[ es->header.count ] = 0;
-
- return es->stack;
-}
-
-/*
- * nss_SetError
- *
- * This routine places a new error code on the top of the calling
- * thread's error stack. Calling this routine wiht an error code
- * of zero will clear the error stack.
- */
-
-NSS_IMPLEMENT void
-nss_SetError
-(
- PRUint32 error
-)
-{
- error_stack *es;
-
- if( 0 == error ) {
- nss_ClearErrorStack();
- return;
- }
-
- es = error_get_my_stack();
- if( (error_stack *)NULL == es ) {
- /* Oh, well. */
- return;
- }
-
- es->stack[ es->header.count ] = error;
- es->header.count++;
- return;
-}
-
-/*
- * nss_ClearErrorStack
- *
- * This routine clears the calling thread's error stack.
- */
-
-NSS_IMPLEMENT void
-nss_ClearErrorStack
-(
- void
-)
-{
- error_stack *es = error_get_my_stack();
- if( (error_stack *)NULL == es ) {
- /* Oh, well. */
- return;
- }
-
- es->header.count = 0;
- es->stack[0] = 0;
- return;
-}
diff --git a/security/nss/lib/base/errorval.c b/security/nss/lib/base/errorval.c
deleted file mode 100644
index 88e406c84..000000000
--- a/security/nss/lib/base/errorval.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * errorval.c
- *
- * This file contains the actual error constants used in NSS.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-const NSSError NSS_ERROR_NO_ERROR = 0;
-const NSSError NSS_ERROR_INTERNAL_ERROR = 1;
-const NSSError NSS_ERROR_NO_MEMORY = 2;
-const NSSError NSS_ERROR_INVALID_POINTER = 3;
-const NSSError NSS_ERROR_INVALID_ARENA = 4;
-const NSSError NSS_ERROR_INVALID_ARENA_MARK = 5;
-const NSSError NSS_ERROR_DUPLICATE_POINTER = 6;
-const NSSError NSS_ERROR_POINTER_NOT_REGISTERED = 7;
-const NSSError NSS_ERROR_TRACKER_NOT_EMPTY = 8;
-const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED = 9;
-const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD = 10;
-const NSSError NSS_ERROR_VALUE_TOO_LARGE = 11;
-const NSSError NSS_ERROR_UNSUPPORTED_TYPE = 12;
-const NSSError NSS_ERROR_BUFFER_TOO_SHORT = 13;
-const NSSError NSS_ERROR_INVALID_ATOB_CONTEXT = 14;
-const NSSError NSS_ERROR_INVALID_BASE64 = 15;
-const NSSError NSS_ERROR_INVALID_BTOA_CONTEXT = 16;
-const NSSError NSS_ERROR_INVALID_ITEM = 17;
-const NSSError NSS_ERROR_INVALID_STRING = 18;
-const NSSError NSS_ERROR_INVALID_ASN1ENCODER = 19;
-const NSSError NSS_ERROR_INVALID_ASN1DECODER = 20;
-
-const NSSError NSS_ERROR_INVALID_BER = 21;
-const NSSError NSS_ERROR_INVALID_ATAV = 22;
-const NSSError NSS_ERROR_INVALID_ARGUMENT = 23;
-const NSSError NSS_ERROR_INVALID_UTF8 = 24;
-const NSSError NSS_ERROR_INVALID_NSSOID = 25;
-const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE = 26;
-
-const NSSError NSS_ERROR_NOT_FOUND = 27;
-
-const NSSError NSS_ERROR_INVALID_PASSWORD = 28;
-const NSSError NSS_ERROR_USER_CANCELED = 29;
-
-const NSSError NSS_ERROR_MAXIMUM_FOUND = 30;
-
-const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND = 31;
-
-const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE = 32;
-
-const NSSError NSS_ERROR_HASH_COLLISION = 33;
-const NSSError NSS_ERROR_DEVICE_ERROR = 34;
-const NSSError NSS_ERROR_INVALID_CERTIFICATE = 35;
-const NSSError NSS_ERROR_BUSY = 36;
-const NSSError NSS_ERROR_ALREADY_INITIALIZED = 37;
-
diff --git a/security/nss/lib/base/hash.c b/security/nss/lib/base/hash.c
deleted file mode 100644
index d14d9f036..000000000
--- a/security/nss/lib/base/hash.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hash.c
- *
- * This is merely a couple wrappers around NSPR's PLHashTable, using
- * the identity hash and arena-aware allocators.
- * This is a copy of ckfw/hash.c, with modifications to use NSS types
- * (not Cryptoki types). Would like for this to be a single implementation,
- * but doesn't seem like it will work.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * nssHash
- *
- * nssHash_Create
- * nssHash_Destroy
- * nssHash_Add
- * nssHash_Remove
- * nssHash_Count
- * nssHash_Exists
- * nssHash_Lookup
- * nssHash_Iterate
- */
-
-struct nssHashStr {
- NSSArena *arena;
- PRBool i_alloced_arena;
- PRLock *mutex;
-
- /*
- * The invariant that mutex protects is:
- * The count accurately reflects the hashtable state.
- */
-
- PLHashTable *plHashTable;
- PRUint32 count;
-};
-
-static PLHashNumber
-nss_identity_hash
-(
- const void *key
-)
-{
- PRUint32 i = (PRUint32)key;
- PR_ASSERT(sizeof(PLHashNumber) == sizeof(PRUint32));
- return (PLHashNumber)i;
-}
-
-static PLHashNumber
-nss_item_hash
-(
- const void *key
-)
-{
- unsigned int i;
- PLHashNumber h;
- NSSItem *it = (NSSItem *)key;
- h = 0;
- for (i=0; i<it->size; i++)
- h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)it->data)[i];
- return h;
-}
-
-static int
-nss_compare_items(const void *v1, const void *v2)
-{
- PRStatus ignore;
- return (int)nssItem_Equal((NSSItem *)v1, (NSSItem *)v2, &ignore);
-}
-
-/*
- * nssHash_create
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_Create
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets,
- PLHashFunction keyHash,
- PLHashComparator keyCompare,
- PLHashComparator valueCompare
-)
-{
- nssHash *rv;
- NSSArena *arena;
- PRBool i_alloced;
-
-#ifdef NSSDEBUG
- if( arenaOpt && PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if (arenaOpt) {
- arena = arenaOpt;
- i_alloced = PR_FALSE;
- } else {
- arena = nssArena_Create();
- i_alloced = PR_TRUE;
- }
-
- rv = nss_ZNEW(arena, nssHash);
- if( (nssHash *)NULL == rv ) {
- goto loser;
- }
-
- rv->mutex = PZ_NewLock(nssILockOther);
- if( (PZLock *)NULL == rv->mutex ) {
- goto loser;
- }
-
- rv->plHashTable = PL_NewHashTable(numBuckets,
- keyHash, keyCompare, valueCompare,
- &nssArenaHashAllocOps, arena);
- if( (PLHashTable *)NULL == rv->plHashTable ) {
- (void)PZ_DestroyLock(rv->mutex);
- goto loser;
- }
-
- rv->count = 0;
- rv->arena = arena;
- rv->i_alloced_arena = i_alloced;
-
- return rv;
-loser:
- (void)nss_ZFreeIf(rv);
- return (nssHash *)NULL;
-}
-
-/*
- * nssHash_CreatePointer
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreatePointer
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt, numBuckets,
- nss_identity_hash, PL_CompareValues, PL_CompareValues);
-}
-
-/*
- * nssHash_CreateString
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreateString
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt, numBuckets,
- PL_HashString, PL_CompareStrings, PL_CompareStrings);
-}
-
-/*
- * nssHash_CreateItem
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreateItem
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt, numBuckets,
- nss_item_hash, nss_compare_items, PL_CompareValues);
-}
-
-/*
- * nssHash_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssHash_Destroy
-(
- nssHash *hash
-)
-{
- (void)PZ_DestroyLock(hash->mutex);
- PL_HashTableDestroy(hash->plHashTable);
- if (hash->i_alloced_arena) {
- nssArena_Destroy(hash->arena);
- } else {
- nss_ZFreeIf(hash);
- }
-}
-
-/*
- * nssHash_Add
- *
- */
-NSS_IMPLEMENT PRStatus
-nssHash_Add
-(
- nssHash *hash,
- const void *key,
- const void *value
-)
-{
- PRStatus error = PR_FAILURE;
- PLHashEntry *he;
-
- PZ_Lock(hash->mutex);
-
- he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
- if( (PLHashEntry *)NULL == he ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- } else if (he->value != value) {
- nss_SetError(NSS_ERROR_HASH_COLLISION);
- } else {
- hash->count++;
- error = PR_SUCCESS;
- }
-
- (void)PZ_Unlock(hash->mutex);
-
- return error;
-}
-
-/*
- * nssHash_Remove
- *
- */
-NSS_IMPLEMENT void
-nssHash_Remove
-(
- nssHash *hash,
- const void *it
-)
-{
- PRBool found;
-
- PZ_Lock(hash->mutex);
-
- found = PL_HashTableRemove(hash->plHashTable, it);
- if( found ) {
- hash->count--;
- }
-
- (void)PZ_Unlock(hash->mutex);
- return;
-}
-
-/*
- * nssHash_Count
- *
- */
-NSS_IMPLEMENT PRUint32
-nssHash_Count
-(
- nssHash *hash
-)
-{
- PRUint32 count;
-
- PZ_Lock(hash->mutex);
-
- count = hash->count;
-
- (void)PZ_Unlock(hash->mutex);
-
- return count;
-}
-
-/*
- * nssHash_Exists
- *
- */
-NSS_IMPLEMENT PRBool
-nssHash_Exists
-(
- nssHash *hash,
- const void *it
-)
-{
- void *value;
-
- PZ_Lock(hash->mutex);
-
- value = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)PZ_Unlock(hash->mutex);
-
- if( (void *)NULL == value ) {
- return PR_FALSE;
- } else {
- return PR_TRUE;
- }
-}
-
-/*
- * nssHash_Lookup
- *
- */
-NSS_IMPLEMENT void *
-nssHash_Lookup
-(
- nssHash *hash,
- const void *it
-)
-{
- void *rv;
-
- PZ_Lock(hash->mutex);
-
- rv = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)PZ_Unlock(hash->mutex);
-
- return rv;
-}
-
-struct arg_str {
- nssHashIterator fcn;
- void *closure;
-};
-
-static PRIntn
-nss_hash_enumerator
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
-{
- struct arg_str *as = (struct arg_str *)arg;
- as->fcn(he->key, he->value, as->closure);
- return HT_ENUMERATE_NEXT;
-}
-
-/*
- * nssHash_Iterate
- *
- * NOTE that the iteration function will be called with the hashtable locked.
- */
-NSS_IMPLEMENT void
-nssHash_Iterate
-(
- nssHash *hash,
- nssHashIterator fcn,
- void *closure
-)
-{
- struct arg_str as;
- as.fcn = fcn;
- as.closure = closure;
-
- PZ_Lock(hash->mutex);
-
- PL_HashTableEnumerateEntries(hash->plHashTable, nss_hash_enumerator, &as);
-
- (void)PZ_Unlock(hash->mutex);
-
- return;
-}
diff --git a/security/nss/lib/base/hashops.c b/security/nss/lib/base/hashops.c
deleted file mode 100644
index 031f92649..000000000
--- a/security/nss/lib/base/hashops.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hashops.c
- *
- * This file includes a set of PLHashAllocOps that use NSSArenas.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-static void * PR_CALLBACK
-nss_arena_hash_alloc_table
-(
- void *pool,
- PRSize size
-)
-{
- NSSArena *arena = (NSSArena *)NULL;
-
-#ifdef NSSDEBUG
- if( (void *)NULL != arena ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return (void *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- return nss_ZAlloc(arena, size);
-}
-
-static void PR_CALLBACK
-nss_arena_hash_free_table
-(
- void *pool,
- void *item
-)
-{
- (void)nss_ZFreeIf(item);
-}
-
-static PLHashEntry * PR_CALLBACK
-nss_arena_hash_alloc_entry
-(
- void *pool,
- const void *key
-)
-{
- NSSArena *arena = NULL;
-
-#ifdef NSSDEBUG
- if( (void *)NULL != arena ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return (void *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- return nss_ZNEW(arena, PLHashEntry);
-}
-
-static void PR_CALLBACK
-nss_arena_hash_free_entry
-(
- void *pool,
- PLHashEntry *he,
- PRUintn flag
-)
-{
- if( HT_FREE_ENTRY == flag ) {
- (void)nss_ZFreeIf(he);
- }
-}
-
-NSS_IMPLEMENT_DATA PLHashAllocOps
-nssArenaHashAllocOps = {
- nss_arena_hash_alloc_table,
- nss_arena_hash_free_table,
- nss_arena_hash_alloc_entry,
- nss_arena_hash_free_entry
-};
diff --git a/security/nss/lib/base/item.c b/security/nss/lib/base/item.c
deleted file mode 100644
index efa9d1200..000000000
--- a/security/nss/lib/base/item.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * item.c
- *
- * This contains some item-manipulation code.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * nssItem_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssItem_Create
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- PRUint32 length,
- const void *data
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-
- if( (const void *)NULL == data ) {
- if( length > 0 ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSItem *)NULL;
- }
- }
-#endif /* DEBUG */
-
- if( (NSSItem *)NULL == rvOpt ) {
- rv = (NSSItem *)nss_ZNEW(arenaOpt, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- goto loser;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->size = length;
- rv->data = nss_ZAlloc(arenaOpt, length);
- if( (void *)NULL == rv->data ) {
- goto loser;
- }
-
- if( length > 0 ) {
- (void)nsslibc_memcpy(rv->data, data, length);
- }
-
- return rv;
-
- loser:
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSItem *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssItem_Destroy
-(
- NSSItem *item
-)
-{
- nss_ClearErrorStack();
-
- nss_ZFreeIf(item->data);
- nss_ZFreeIf(item);
-
-}
-
-/*
- * nssItem_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssItem_Duplicate
-(
- NSSItem *obj,
- NSSArena *arenaOpt,
- NSSItem *rvOpt
-)
-{
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-
- if( (NSSItem *)NULL == obj ) {
- nss_SetError(NSS_ERROR_INVALID_ITEM);
- return (NSSItem *)NULL;
- }
-#endif /* DEBUG */
-
- return nssItem_Create(arenaOpt, rvOpt, obj->size, obj->data);
-}
-
-#ifdef DEBUG
-/*
- * nssItem_verifyPointer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssItem_verifyPointer
-(
- const NSSItem *item
-)
-{
- if( ((const NSSItem *)NULL == item) ||
- (((void *)NULL == item->data) && (item->size > 0)) ) {
- nss_SetError(NSS_ERROR_INVALID_ITEM);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * nssItem_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_TRUE if the items are identical
- * PR_FALSE if they aren't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssItem_Equal
-(
- const NSSItem *one,
- const NSSItem *two,
- PRStatus *statusOpt
-)
-{
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- if( ((const NSSItem *)NULL == one) && ((const NSSItem *)NULL == two) ) {
- return PR_TRUE;
- }
-
- if( ((const NSSItem *)NULL == one) || ((const NSSItem *)NULL == two) ) {
- return PR_FALSE;
- }
-
- if( one->size != two->size ) {
- return PR_FALSE;
- }
-
- return nsslibc_memequal(one->data, two->data, one->size, statusOpt);
-}
diff --git a/security/nss/lib/base/libc.c b/security/nss/lib/base/libc.c
deleted file mode 100644
index 68ab9d920..000000000
--- a/security/nss/lib/base/libc.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * libc.c
- *
- * This file contains our wrappers/reimplementations for "standard"
- * libc functions. Things like "memcpy." We add to this as we need
- * it. Oh, and let's keep it in alphabetical order, should it ever
- * get large. Most string/character stuff should be in utf8.c, not
- * here. This file (and maybe utf8.c) should be the only ones in
- * NSS to include files with angle brackets.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include <string.h> /* memcpy, memset */
-
-/*
- * nsslibc_memcpy
- * nsslibc_memset
- * nsslibc_offsetof
- * nsslibc_memequal
- */
-
-/*
- * nsslibc_memcpy
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_IMPLEMENT void *
-nsslibc_memcpy
-(
- void *dest,
- const void *source,
- PRUint32 n
-)
-{
-#ifdef NSSDEBUG
- if( ((void *)NULL == dest) || ((const void *)NULL == source) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return memcpy(dest, source, (size_t)n);
-}
-
-/*
- * nsslibc_memset
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_IMPLEMENT void *
-nsslibc_memset
-(
- void *dest,
- PRUint8 byte,
- PRUint32 n
-)
-{
-#ifdef NSSDEBUG
- if( ((void *)NULL == dest) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return memset(dest, (int)byte, (size_t)n);
-}
-
-/*
- * nsslibc_memequal
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if they match
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nsslibc_memequal
-(
- const void *a,
- const void *b,
- PRUint32 len,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( (((void *)NULL == a) || ((void *)NULL == b)) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- if( 0 == memcmp(a, b, len) ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-/*
- * nsslibc_memcmp
- */
-
-NSS_IMPLEMENT PRInt32
-nsslibc_memcmp
-(
- const void *a,
- const void *b,
- PRUint32 len,
- PRStatus *statusOpt
-)
-{
- int v;
-
-#ifdef NSSDEBUG
- if( (((void *)NULL == a) || ((void *)NULL == b)) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return -2;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- v = memcmp(a, b, len);
- return (PRInt32)v;
-}
-
-/*
- * offsetof is a preprocessor definition
- */
diff --git a/security/nss/lib/base/list.c b/security/nss/lib/base/list.c
deleted file mode 100644
index ae601d50c..000000000
--- a/security/nss/lib/base/list.c
+++ /dev/null
@@ -1,433 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * list.c
- *
- * This contains the implementation of NSS's thread-safe linked list.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-struct nssListElementStr {
- PRCList link;
- void *data;
-};
-
-typedef struct nssListElementStr nssListElement;
-
-struct nssListStr {
- NSSArena *arena;
- PZLock *lock;
- nssListElement *head;
- PRUint32 count;
- nssListCompareFunc compareFunc;
- nssListSortFunc sortFunc;
- PRBool i_alloced_arena;
-};
-
-struct nssListIteratorStr {
- PZLock *lock;
- nssList *list;
- nssListElement *current;
-};
-
-#define NSSLIST_LOCK_IF(list) \
- if ((list)->lock) PZ_Lock((list)->lock)
-
-#define NSSLIST_UNLOCK_IF(list) \
- if ((list)->lock) PZ_Unlock((list)->lock)
-
-static PRBool
-pointer_compare(void *a, void *b)
-{
- return (PRBool)(a == b);
-}
-
-static nssListElement *
-nsslist_get_matching_element(nssList *list, void *data)
-{
- PRCList *link;
- nssListElement *node;
- node = list->head;
- if (!node) {
- return NULL;
- }
- link = &node->link;
- while (node) {
- /* using a callback slows things down when it's just compare ... */
- if (list->compareFunc(node->data, data)) {
- break;
- }
- link = &node->link;
- if (link == PR_LIST_TAIL(&list->head->link)) {
- node = NULL;
- break;
- }
- node = (nssListElement *)PR_NEXT_LINK(&node->link);
- }
- return node;
-}
-
-NSS_IMPLEMENT nssList *
-nssList_Create
-(
- NSSArena *arenaOpt,
- PRBool threadSafe
-)
-{
- NSSArena *arena;
- nssList *list;
- PRBool i_alloced;
- if (arenaOpt) {
- arena = arenaOpt;
- i_alloced = PR_FALSE;
- } else {
- arena = nssArena_Create();
- i_alloced = PR_TRUE;
- }
- if (!arena) {
- return (nssList *)NULL;
- }
- list = nss_ZNEW(arena, nssList);
- if (!list) {
- if (!arenaOpt) {
- NSSArena_Destroy(arena);
- }
- return (nssList *)NULL;
- }
- if (threadSafe) {
- list->lock = PZ_NewLock(nssILockOther);
- if (!list->lock) {
- if (arenaOpt) {
- nss_ZFreeIf(list);
- } else {
- NSSArena_Destroy(arena);
- }
- return (nssList *)NULL;
- }
- }
- list->arena = arena;
- list->i_alloced_arena = i_alloced;
- list->compareFunc = pointer_compare;
- return list;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Destroy(nssList *list)
-{
- if (!list->i_alloced_arena) {
- nssList_Clear(list, NULL);
- }
- if (list->lock) {
- (void)PZ_DestroyLock(list->lock);
- }
- if (list->i_alloced_arena) {
- NSSArena_Destroy(list->arena);
- list = NULL;
- }
- nss_ZFreeIf(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssList_SetCompareFunction(nssList *list, nssListCompareFunc compareFunc)
-{
- list->compareFunc = compareFunc;
-}
-
-NSS_IMPLEMENT void
-nssList_SetSortFunction(nssList *list, nssListSortFunc sortFunc)
-{
- /* XXX if list already has elements, sort them */
- list->sortFunc = sortFunc;
-}
-
-NSS_IMPLEMENT nssListCompareFunc
-nssList_GetCompareFunction(nssList *list)
-{
- return list->compareFunc;
-}
-
-NSS_IMPLEMENT void
-nssList_Clear(nssList *list, nssListElementDestructorFunc destructor)
-{
- PRCList *link;
- nssListElement *node, *tmp;
- NSSLIST_LOCK_IF(list);
- node = list->head;
- list->head = NULL;
- while (node && list->count > 0) {
- if (destructor) (*destructor)(node->data);
- link = &node->link;
- tmp = (nssListElement *)PR_NEXT_LINK(link);
- PR_REMOVE_LINK(link);
- nss_ZFreeIf(node);
- node = tmp;
- --list->count;
- }
- NSSLIST_UNLOCK_IF(list);
-}
-
-static PRStatus
-nsslist_add_element(nssList *list, void *data)
-{
- nssListElement *node = nss_ZNEW(list->arena, nssListElement);
- if (!node) {
- return PR_FAILURE;
- }
- PR_INIT_CLIST(&node->link);
- node->data = data;
- if (list->head) {
- if (list->sortFunc) {
- PRCList *link;
- nssListElement *currNode;
- currNode = list->head;
- /* insert in ordered list */
- while (currNode) {
- link = &currNode->link;
- if (list->sortFunc(data, currNode->data) <= 0) {
- /* new element goes before current node */
- PR_INSERT_BEFORE(&node->link, link);
- /* reset head if this is first */
- if (currNode == list->head) list->head = node;
- break;
- }
- if (link == PR_LIST_TAIL(&list->head->link)) {
- /* reached end of list, append */
- PR_INSERT_AFTER(&node->link, link);
- break;
- }
- currNode = (nssListElement *)PR_NEXT_LINK(&currNode->link);
- }
- } else {
- /* not sorting */
- PR_APPEND_LINK(&node->link, &list->head->link);
- }
- } else {
- list->head = node;
- }
- ++list->count;
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Add(nssList *list, void *data)
-{
- PRStatus nssrv;
- NSSLIST_LOCK_IF(list);
- nssrv = nsslist_add_element(list, data);
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_AddUnique(nssList *list, void *data)
-{
- PRStatus nssrv;
- nssListElement *node;
- NSSLIST_LOCK_IF(list);
- node = nsslist_get_matching_element(list, data);
- if (node) {
- /* already in, finish */
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
- }
- nssrv = nsslist_add_element(list, data);
- NSSLIST_UNLOCK_IF(list);
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Remove(nssList *list, void *data)
-{
- nssListElement *node;
- NSSLIST_LOCK_IF(list);
- node = nsslist_get_matching_element(list, data);
- if (node) {
- if (node == list->head) {
- list->head = (nssListElement *)PR_NEXT_LINK(&node->link);
- }
- PR_REMOVE_LINK(&node->link);
- nss_ZFreeIf(node);
- if (--list->count == 0) {
- list->head = NULL;
- }
- }
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void *
-nssList_Get(nssList *list, void *data)
-{
- nssListElement *node;
- NSSLIST_LOCK_IF(list);
- node = nsslist_get_matching_element(list, data);
- NSSLIST_UNLOCK_IF(list);
- return (node) ? node->data : NULL;
-}
-
-NSS_IMPLEMENT PRUint32
-nssList_Count(nssList *list)
-{
- return list->count;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_GetArray(nssList *list, void **rvArray, PRUint32 maxElements)
-{
- nssListElement *node;
- PRUint32 i = 0;
- PR_ASSERT(maxElements > 0);
- node = list->head;
- if (!node) {
- return PR_SUCCESS;
- }
- NSSLIST_LOCK_IF(list);
- while (node) {
- rvArray[i++] = node->data;
- if (i == maxElements) break;
- node = (nssListElement *)PR_NEXT_LINK(&node->link);
- if (node == list->head) {
- break;
- }
- }
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssList *
-nssList_Clone(nssList *list)
-{
- nssList *rvList;
- nssListElement *node;
- rvList = nssList_Create(NULL, (list->lock != NULL));
- if (!rvList) {
- return NULL;
- }
- NSSLIST_LOCK_IF(list);
- if (list->count > 0) {
- node = list->head;
- while (PR_TRUE) {
- nssList_Add(rvList, node->data);
- node = (nssListElement *)PR_NEXT_LINK(&node->link);
- if (node == list->head) {
- break;
- }
- }
- }
- NSSLIST_UNLOCK_IF(list);
- return rvList;
-}
-
-NSS_IMPLEMENT nssListIterator *
-nssList_CreateIterator(nssList *list)
-{
- nssListIterator *rvIterator;
- rvIterator = nss_ZNEW(NULL, nssListIterator);
- if (!rvIterator) {
- return NULL;
- }
- rvIterator->list = nssList_Clone(list);
- if (!rvIterator->list) {
- nss_ZFreeIf(rvIterator);
- return NULL;
- }
- rvIterator->current = rvIterator->list->head;
- if (list->lock) {
- rvIterator->lock = PZ_NewLock(nssILockOther);
- if (!rvIterator->lock) {
- nssList_Destroy(rvIterator->list);
- nss_ZFreeIf(rvIterator);
- }
- }
- return rvIterator;
-}
-
-NSS_IMPLEMENT void
-nssListIterator_Destroy(nssListIterator *iter)
-{
- if (iter->lock) {
- (void)PZ_DestroyLock(iter->lock);
- }
- nssList_Destroy(iter->list);
- nss_ZFreeIf(iter);
-}
-
-NSS_IMPLEMENT void *
-nssListIterator_Start(nssListIterator *iter)
-{
- NSSLIST_LOCK_IF(iter);
- if (iter->list->count == 0) {
- return NULL;
- }
- iter->current = iter->list->head;
- return iter->current->data;
-}
-
-NSS_IMPLEMENT void *
-nssListIterator_Next(nssListIterator *iter)
-{
- nssListElement *node;
- PRCList *link;
- if (iter->list->count == 1 || iter->current == NULL) {
- /* Reached the end of the list. Don't change the state, force to
- * user to call nssList_Finish to clean up.
- */
- return NULL;
- }
- node = (nssListElement *)PR_NEXT_LINK(&iter->current->link);
- link = &node->link;
- if (link == PR_LIST_TAIL(&iter->list->head->link)) {
- /* Signal the end of the list. */
- iter->current = NULL;
- return node->data;
- }
- iter->current = node;
- return node->data;
-}
-
-NSS_IMPLEMENT PRStatus
-nssListIterator_Finish(nssListIterator *iter)
-{
- iter->current = iter->list->head;
- return (iter->lock) ? PZ_Unlock(iter->lock) : PR_SUCCESS;
-}
-
diff --git a/security/nss/lib/base/manifest.mn b/security/nss/lib/base/manifest.mn
deleted file mode 100644
index 87ea50dad..000000000
--- a/security/nss/lib/base/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- baset.h \
- base.h \
- $(NULL)
-
-EXPORTS = \
- nssbaset.h \
- nssbase.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- arena.c \
- error.c \
- errorval.c \
- hashops.c \
- libc.c \
- tracker.c \
- item.c \
- utf8.c \
- list.c \
- hash.c \
- whatnspr.c \
- $(NULL)
-
-REQUIRES = nspr
-
-LIBRARY_NAME = nssb
diff --git a/security/nss/lib/base/nssbase.h b/security/nss/lib/base/nssbase.h
deleted file mode 100644
index 3960a7810..000000000
--- a/security/nss/lib/base/nssbase.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSBASE_H
-#define NSSBASE_H
-
-#ifdef DEBUG
-static const char NSSBASE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssbase.h
- *
- * This header file contains the prototypes of the basic public
- * NSS routines.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSArena
- *
- * The public methods relating to this type are:
- *
- * NSSArena_Create -- constructor
- * NSSArena_Destroy
- */
-
-/*
- * NSSArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-NSS_EXTERN NSSArena *
-NSSArena_Create
-(
- void
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSArena_Destroy
-(
- NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-
-/*
- * The error stack
- *
- * The public methods relating to the error stack are:
- *
- * NSS_GetError
- * NSS_GetErrorStack
- */
-
-/*
- * NSS_GetError
- *
- * This routine returns the highest-level (most general) error set
- * by the most recent NSS library routine called by the same thread
- * calling this routine.
- *
- * This routine cannot fail. It may return NSS_ERROR_NO_ERROR, which
- * indicates that the previous NSS library call did not set an error.
- *
- * Return value:
- * 0 if no error has been set
- * A nonzero error number
- */
-
-NSS_EXTERN NSSError
-NSS_GetError
-(
- void
-);
-
-extern const NSSError NSS_ERROR_NO_ERROR;
-
-/*
- * NSS_GetErrorStack
- *
- * This routine returns a pointer to an array of NSSError values,
- * containingthe entire sequence or "stack" of errors set by the most
- * recent NSS library routine called by the same thread calling this
- * routine. NOTE: the caller DOES NOT OWN the memory pointed to by
- * the return value. The pointer will remain valid until the calling
- * thread calls another NSS routine. The lowest-level (most specific)
- * error is first in the array, and the highest-level is last. The
- * array is zero-terminated. This routine may return NULL upon error;
- * this indicates a low-memory situation.
- *
- * Return value:
- * NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
- * A NON-caller-owned pointer to an array of NSSError values
- */
-
-NSS_EXTERN NSSError *
-NSS_GetErrorStack
-(
- void
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSBASE_H */
diff --git a/security/nss/lib/base/nssbaset.h b/security/nss/lib/base/nssbaset.h
deleted file mode 100644
index c3e84c46e..000000000
--- a/security/nss/lib/base/nssbaset.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSBASET_H
-#define NSSBASET_H
-
-#ifdef DEBUG
-static const char NSSBASET_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssbaset.h
- *
- * This file contains the most low-level, fundamental public types.
- */
-
-#include "nspr.h"
-#include "nssilock.h"
-
-/*
- * NSS_EXTERN, NSS_IMPLEMENT, NSS_EXTERN_DATA, NSS_IMPLEMENT_DATA
- *
- * NSS has its own versions of these NSPR macros, in a form which
- * does not confuse ctags and other related utilities. NSPR
- * defines these macros to take the type as an argument, because
- * of a requirement to support win16 dlls. We do not have that
- * requirement, so we can drop that restriction.
- */
-
-#define DUMMY /* dummy */
-#define NSS_EXTERN PR_EXTERN(DUMMY)
-#define NSS_IMPLEMENT PR_IMPLEMENT(DUMMY)
-#define NSS_EXTERN_DATA PR_EXTERN_DATA(DUMMY)
-#define NSS_IMPLEMENT_DATA PR_IMPLEMENT_DATA(DUMMY)
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSError
- *
- * Calls to NSS routines may result in one or more errors being placed
- * on the calling thread's "error stack." Every possible error that
- * may be returned from a function is declared where the function is
- * prototyped. All errors are of the following type.
- */
-
-typedef PRInt32 NSSError;
-
-/*
- * NSSArena
- *
- * Arenas are logical sets of heap memory, from which memory may be
- * allocated. When an arena is destroyed, all memory allocated within
- * that arena is implicitly freed. These arenas are thread-safe:
- * an arena pointer may be used by multiple threads simultaneously.
- * However, as they are not backed by shared memory, they may only be
- * used within one process.
- */
-
-struct NSSArenaStr;
-typedef struct NSSArenaStr NSSArena;
-
-/*
- * NSSItem
- *
- * This is the basic type used to refer to an unconstrained datum of
- * arbitrary size.
- */
-
-struct NSSItemStr {
- void *data;
- PRUint32 size;
-};
-typedef struct NSSItemStr NSSItem;
-
-
-/*
- * NSSBER
- *
- * Data packed according to the Basic Encoding Rules of ASN.1.
- */
-
-typedef NSSItem NSSBER;
-
-/*
- * NSSDER
- *
- * Data packed according to the Distinguished Encoding Rules of ASN.1;
- * this form is also known as the Canonical Encoding Rules form (CER).
- */
-
-typedef NSSBER NSSDER;
-
-/*
- * NSSBitString
- *
- * Some ASN.1 types use "bit strings," which are passed around as
- * octet strings but whose length is counted in bits. We use this
- * typedef of NSSItem to point out the occasions when the length
- * is counted in bits, not octets.
- */
-
-typedef NSSItem NSSBitString;
-
-/*
- * NSSUTF8
- *
- * Character strings encoded in UTF-8, as defined by RFC 2279.
- */
-
-typedef char NSSUTF8;
-
-/*
- * NSSASCII7
- *
- * Character strings guaranteed to be 7-bit ASCII.
- */
-
-typedef char NSSASCII7;
-
-PR_END_EXTERN_C
-
-#endif /* NSSBASET_H */
diff --git a/security/nss/lib/base/tracker.c b/security/nss/lib/base/tracker.c
deleted file mode 100644
index 5be77b7cf..000000000
--- a/security/nss/lib/base/tracker.c
+++ /dev/null
@@ -1,543 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * tracker.c
- *
- * This file contains the code used by the pointer-tracking calls used
- * in the debug builds to catch bad pointers. The entire contents are
- * only available in debug builds (both internal and external builds).
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef DEBUG
-
-/*
- * call_once
- *
- * Unfortunately, NSPR's PR_CallOnce function doesn't accept a closure
- * variable. So I have a static version here which does. This code
- * is based on NSPR's, and uses the NSPR function to initialize the
- * required lock.
- */
-
-/*
- * The is the "once block" that's passed to the "real" PR_CallOnce
- * function, to call the local initializer myOnceFunction once.
- */
-static PRCallOnceType myCallOnce;
-
-/*
- * This structure is used by the call_once function to make sure that
- * any "other" threads calling the call_once don't return too quickly,
- * before the initializer has finished.
- */
-static struct {
- PZLock *ml;
- PZCondVar *cv;
-} mod_init;
-
-/*
- * This is the initializer for the above mod_init structure.
- */
-static PRStatus
-myOnceFunction
-(
- void
-)
-{
- mod_init.ml = PZ_NewLock(nssILockOther);
- if( (PZLock *)NULL == mod_init.ml ) {
- return PR_FAILURE;
- }
-
- mod_init.cv = PZ_NewCondVar(mod_init.ml);
- if( (PZCondVar *)NULL == mod_init.cv ) {
- PZ_DestroyLock(mod_init.ml);
- mod_init.ml = (PZLock *)NULL;
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * The nss call_once callback takes a closure argument.
- */
-typedef PRStatus (PR_CALLBACK *nssCallOnceFN)(void *arg);
-
-/*
- * NSS's call_once function.
- */
-static PRStatus
-call_once
-(
- PRCallOnceType *once,
- nssCallOnceFN func,
- void *arg
-)
-{
- PRStatus rv;
-
- if( !myCallOnce.initialized ) {
- rv = PR_CallOnce(&myCallOnce, myOnceFunction);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
- }
-
- if( !once->initialized ) {
- if( 0 == PR_AtomicSet(&once->inProgress, 1) ) {
- once->status = (*func)(arg);
- PZ_Lock(mod_init.ml);
- once->initialized = 1;
- PZ_NotifyAllCondVar(mod_init.cv);
- PZ_Unlock(mod_init.ml);
- } else {
- PZ_Lock(mod_init.ml);
- while( !once->initialized ) {
- PZ_WaitCondVar(mod_init.cv, PR_INTERVAL_NO_TIMEOUT);
- }
- PZ_Unlock(mod_init.ml);
- }
- }
-
- return once->status;
-}
-
-/*
- * Now we actually get to my own "call once" payload function.
- * But wait, to create the hash, I need a hash function!
- */
-
-/*
- * identity_hash
- *
- * This static callback is a PLHashFunction as defined in plhash.h
- * It merely returns the value of the object pointer as its hash.
- * There are no possible errors.
- */
-
-static PLHashNumber PR_CALLBACK
-identity_hash
-(
- const void *key
-)
-{
- return (PLHashNumber)key;
-}
-
-/*
- * trackerOnceFunc
- *
- * This function is called once, using the nssCallOnce function above.
- * It creates a new pointer tracker object; initialising its hash
- * table and protective lock.
- */
-
-static PRStatus
-trackerOnceFunc
-(
- void *arg
-)
-{
- nssPointerTracker *tracker = (nssPointerTracker *)arg;
-
- tracker->lock = PZ_NewLock(nssILockOther);
- if( (PZLock *)NULL == tracker->lock ) {
- return PR_FAILURE;
- }
-
- tracker->table = PL_NewHashTable(0,
- identity_hash,
- PL_CompareValues,
- PL_CompareValues,
- (PLHashAllocOps *)NULL,
- (void *)NULL);
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_DestroyLock(tracker->lock);
- tracker->lock = (PZLock *)NULL;
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_initialize
- *
- * This method is only present in debug builds.
- *
- * This routine initializes an nssPointerTracker object. Note that
- * the object must have been declared *static* to guarantee that it
- * is in a zeroed state initially. This routine is idempotent, and
- * may even be safely called by multiple threads simultaneously with
- * the same argument. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. On failure it will set an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_initialize
-(
- nssPointerTracker *tracker
-)
-{
- PRStatus rv = call_once(&tracker->once, trackerOnceFunc, tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- }
-
- return rv;
-}
-
-#ifdef DONT_DESTROY_EMPTY_TABLES
-/* See same #ifdef below */
-/*
- * count_entries
- *
- * This static routine is a PLHashEnumerator, as defined in plhash.h.
- * It merely causes the enumeration function to count the number of
- * entries.
- */
-
-static PRIntn PR_CALLBACK
-count_entries
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
-{
- return HT_ENUMERATE_NEXT;
-}
-#endif /* DONT_DESTROY_EMPTY_TABLES */
-
-/*
- * zero_once
- *
- * This is a guaranteed zeroed once block. It's used to help clear
- * the tracker.
- */
-
-static const PRCallOnceType zero_once;
-
-/*
- * nssPointerTracker_finalize
- *
- * This method is only present in debug builds.
- *
- * This routine returns the nssPointerTracker object to the pre-
- * initialized state, releasing all resources used by the object.
- * It will *NOT* destroy the objects being tracked by the pointer
- * (should any remain), and therefore cannot be used to "sweep up"
- * remaining objects. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCES. On failure it will set an
- * error on the error stack and return PR_FAILURE. If any objects
- * remain in the tracker when it is finalized, that will be treated
- * as an error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_TRACKER_NOT_EMPTY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_finalize
-(
- nssPointerTracker *tracker
-)
-{
- PZLock *lock;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- lock = tracker->lock;
- PZ_Lock(lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
-#ifdef DONT_DESTROY_EMPTY_TABLES
- /*
- * I changed my mind; I think we don't want this after all.
- * Comments?
- */
- count = PL_HashTableEnumerateEntries(tracker->table,
- count_entries,
- (void *)NULL);
-
- if( 0 != count ) {
- PZ_Unlock(lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_EMPTY);
- return PR_FAILURE;
- }
-#endif /* DONT_DESTROY_EMPTY_TABLES */
-
- PL_HashTableDestroy(tracker->table);
- /* memset(tracker, 0, sizeof(nssPointerTracker)); */
- tracker->once = zero_once;
- tracker->lock = (PZLock *)NULL;
- tracker->table = (PLHashTable *)NULL;
-
- PZ_Unlock(lock);
- PZ_DestroyLock(lock);
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_add
- *
- * This method is only present in debug builds.
- *
- * This routine adds the specified pointer to the nssPointerTracker
- * object. It should be called in constructor objects to register
- * new valid objects. The nssPointerTracker is threadsafe, but this
- * call is not idempotent. This routine returns a PRStatus value;
- * if successful it will return PR_SUCCESS. On failure it will set
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_DUPLICATE_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_add
-(
- nssPointerTracker *tracker,
- const void *pointer
-)
-{
- void *check;
- PLHashEntry *entry;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- PZ_Lock(tracker->lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- check = PL_HashTableLookup(tracker->table, pointer);
- if( (void *)NULL != check ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_DUPLICATE_POINTER);
- return PR_FAILURE;
- }
-
- entry = PL_HashTableAdd(tracker->table, pointer, (void *)pointer);
-
- PZ_Unlock(tracker->lock);
-
- if( (PLHashEntry *)NULL == entry ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_remove
- *
- * This method is only present in debug builds.
- *
- * This routine removes the specified pointer from the
- * nssPointerTracker object. It does not call any destructor for the
- * object; rather, this should be called from the object's destructor.
- * The nssPointerTracker is threadsafe, but this call is not
- * idempotent. This routine returns a PRStatus value; if successful
- * it will return PR_SUCCESS. On failure it will set an error on the
- * error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_remove
-(
- nssPointerTracker *tracker,
- const void *pointer
-)
-{
- PRBool registered;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- PZ_Lock(tracker->lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- registered = PL_HashTableRemove(tracker->table, pointer);
- PZ_Unlock(tracker->lock);
-
- if( !registered ) {
- nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_verify
- *
- * This method is only present in debug builds.
- *
- * This routine verifies that the specified pointer has been registered
- * with the nssPointerTracker object. The nssPointerTracker object is
- * threadsafe, and this call may be safely called from multiple threads
- * simultaneously with the same arguments. This routine returns a
- * PRStatus value; if the pointer is registered this will return
- * PR_SUCCESS. Otherwise it will set an error on the error stack and
- * return PR_FAILURE. Although the error is suitable for leaving on
- * the stack, callers may wish to augment the information available by
- * placing a more type-specific error on the stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILRUE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_verify
-(
- nssPointerTracker *tracker,
- const void *pointer
-)
-{
- void *check;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- PZ_Lock(tracker->lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- check = PL_HashTableLookup(tracker->table, pointer);
- PZ_Unlock(tracker->lock);
-
- if( (void *)NULL == check ) {
- nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
diff --git a/security/nss/lib/base/utf8.c b/security/nss/lib/base/utf8.c
deleted file mode 100644
index 3a8641f95..000000000
--- a/security/nss/lib/base/utf8.c
+++ /dev/null
@@ -1,759 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * utf8.c
- *
- * This file contains some additional utility routines required for
- * handling UTF8 strings.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include "plstr.h"
-
-/*
- * NOTES:
- *
- * There's an "is hex string" function in pki1/atav.c. If we need
- * it in more places, pull that one out.
- */
-
-/*
- * nssUTF8_CaseIgnoreMatch
- *
- * Returns true if the two UTF8-encoded strings pointed to by the
- * two specified NSSUTF8 pointers differ only in typcase.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_CaseIgnoreMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( ((const NSSUTF8 *)NULL == a) ||
- ((const NSSUTF8 *)NULL == b) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- /*
- * XXX fgmr
- *
- * This is, like, so wrong!
- */
- if( 0 == PL_strcasecmp((const char *)a, (const char *)b) ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-/*
- * nssUTF8_PrintableMatch
- *
- * Returns true if the two Printable strings pointed to by the
- * two specified NSSUTF8 pointers match when compared with the
- * rules for Printable String (leading and trailing spaces are
- * disregarded, extents of whitespace match irregardless of length,
- * and case is not significant), then PR_TRUE will be returned.
- * Otherwise, PR_FALSE will be returned. Upon failure, PR_FALSE
- * will be returned. If the optional statusOpt argument is not
- * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
- * location.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_PrintableMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-)
-{
- PRUint8 *c;
- PRUint8 *d;
-
-#ifdef NSSDEBUG
- if( ((const NSSUTF8 *)NULL == a) ||
- ((const NSSUTF8 *)NULL == b) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- c = (PRUint8 *)a;
- d = (PRUint8 *)b;
-
- while( ' ' == *c ) {
- c++;
- }
-
- while( ' ' == *d ) {
- d++;
- }
-
- while( ('\0' != *c) && ('\0' != *d) ) {
- PRUint8 e, f;
-
- e = *c;
- f = *d;
-
- if( ('a' <= e) && (e <= 'z') ) {
- e -= ('a' - 'A');
- }
-
- if( ('a' <= f) && (f <= 'z') ) {
- f -= ('a' - 'A');
- }
-
- if( e != f ) {
- return PR_FALSE;
- }
-
- c++;
- d++;
-
- if( ' ' == *c ) {
- while( ' ' == *c ) {
- c++;
- }
- c--;
- }
-
- if( ' ' == *d ) {
- while( ' ' == *d ) {
- d++;
- }
- d--;
- }
- }
-
- while( ' ' == *c ) {
- c++;
- }
-
- while( ' ' == *d ) {
- d++;
- }
-
- if( *c == *d ) {
- /* And both '\0', btw */
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-/*
- * nssUTF8_Duplicate
- *
- * This routine duplicates the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer. If the optional arenaOpt argument is
- * not null, the memory required will be obtained from that arena;
- * otherwise, the memory required will be obtained from the heap.
- * A pointer to the new string will be returned. In case of error,
- * an error will be placed on the error stack and NULL will be
- * returned.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_Duplicate
-(
- const NSSUTF8 *s,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- PRUint32 len;
-
-#ifdef NSSDEBUG
- if( (const NSSUTF8 *)NULL == s ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- len = PL_strlen((const char *)s);
-#ifdef PEDANTIC
- if( '\0' != ((const char *)s)[ len ] ) {
- /* must have wrapped, e.g., too big for PRUint32 */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-#endif /* PEDANTIC */
- len++; /* zero termination */
-
- rv = nss_ZAlloc(arenaOpt, len);
- if( (void *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- (void)nsslibc_memcpy(rv, s, len);
- return rv;
-}
-
-/*
- * nssUTF8_Size
- *
- * This routine returns the length in bytes (including the terminating
- * null) of the UTF8-encoded string pointed to by the specified
- * NSSUTF8 pointer. Zero is returned on error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * 0 on error
- * nonzero length of the string.
- */
-
-NSS_IMPLEMENT PRUint32
-nssUTF8_Size
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-)
-{
- PRUint32 sv;
-
-#ifdef NSSDEBUG
- if( (const NSSUTF8 *)NULL == s ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-#endif /* NSSDEBUG */
-
- sv = PL_strlen((const char *)s) + 1;
-#ifdef PEDANTIC
- if( '\0' != ((const char *)s)[ sv-1 ] ) {
- /* wrapped */
- nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-#endif /* PEDANTIC */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- return sv;
-}
-
-/*
- * nssUTF8_Length
- *
- * This routine returns the length in characters (not including the
- * terminating null) of the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * length of the string (which may be zero)
- * 0 on error
- */
-
-NSS_IMPLEMENT PRUint32
-nssUTF8_Length
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-)
-{
- PRUint32 l = 0;
- const PRUint8 *c = (const PRUint8 *)s;
-
-#ifdef NSSDEBUG
- if( (const NSSUTF8 *)NULL == s ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- /*
- * From RFC 2044:
- *
- * UCS-4 range (hex.) UTF-8 octet sequence (binary)
- * 0000 0000-0000 007F 0xxxxxxx
- * 0000 0080-0000 07FF 110xxxxx 10xxxxxx
- * 0000 0800-0000 FFFF 1110xxxx 10xxxxxx 10xxxxxx
- * 0001 0000-001F FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0020 0000-03FF FFFF 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0400 0000-7FFF FFFF 1111110x 10xxxxxx ... 10xxxxxx
- */
-
- while( 0 != *c ) {
- PRUint32 incr;
- if( (*c & 0x80) == 0 ) {
- incr = 1;
- } else if( (*c & 0xE0) == 0xC0 ) {
- incr = 2;
- } else if( (*c & 0xF0) == 0xE0 ) {
- incr = 3;
- } else if( (*c & 0xF8) == 0xF0 ) {
- incr = 4;
- } else if( (*c & 0xFC) == 0xF8 ) {
- incr = 5;
- } else if( (*c & 0xFE) == 0xFC ) {
- incr = 6;
- } else {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- goto loser;
- }
-
- l += incr;
-
-#ifdef PEDANTIC
- if( l < incr ) {
- /* Wrapped-- too big */
- nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
- goto loser;
- }
-
- {
- PRUint8 *d;
- for( d = &c[1]; d < &c[incr]; d++ ) {
- if( (*d & 0xC0) != 0xF0 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- goto loser;
- }
- }
- }
-#endif /* PEDANTIC */
-
- c += incr;
- }
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- return l;
-
- loser:
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return 0;
-}
-
-
-/*
- * nssUTF8_Create
- *
- * This routine creates a UTF8 string from a string in some other
- * format. Some types of string may include embedded null characters,
- * so for them the length parameter must be used. For string types
- * that are null-terminated, the length parameter is optional; if it
- * is zero, it will be ignored. If the optional arena argument is
- * non-null, the memory used for the new string will be obtained from
- * that arena, otherwise it will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_UNSUPPORTED_TYPE
- *
- * Return value:
- * NULL upon error
- * A non-null pointer to a new UTF8 string otherwise
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR; /* XXX fgmr */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- const void *inputString,
- PRUint32 size /* in bytes, not characters */
-)
-{
- NSSUTF8 *rv = NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-
- if( (const void *)NULL == inputString ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( type ) {
- case nssStringType_DirectoryString:
- /* This is a composite type requiring BER */
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- break;
- case nssStringType_TeletexString:
- /*
- * draft-ietf-pkix-ipki-part1-11 says in part:
- *
- * In addition, many legacy implementations support names encoded
- * in the ISO 8859-1 character set (Latin1String) but tag them as
- * TeletexString. The Latin1String includes characters used in
- * Western European countries which are not part of the
- * TeletexString charcter set. Implementations that process
- * TeletexString SHOULD be prepared to handle the entire ISO
- * 8859-1 character set.[ISO 8859-1].
- */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_PrintableString:
- /*
- * PrintableString consists of A-Za-z0-9 ,()+,-./:=?
- * This is a subset of ASCII, which is a subset of UTF8.
- * So we can just duplicate the string over.
- */
-
- if( 0 == size ) {
- rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
- } else {
- rv = nss_ZAlloc(arenaOpt, size+1);
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- (void)nsslibc_memcpy(rv, inputString, size);
- }
-
- break;
- case nssStringType_UniversalString:
- /* 4-byte unicode */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_BMPString:
- /* Base Multilingual Plane of Unicode */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_UTF8String:
- if( 0 == size ) {
- rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
- } else {
- rv = nss_ZAlloc(arenaOpt, size+1);
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- (void)nsslibc_memcpy(rv, inputString, size);
- }
-
- break;
- case nssStringType_PHGString:
- /*
- * PHGString is an IA5String (with case-insensitive comparisons).
- * IA5 is ~almost~ ascii; ascii has dollar-sign where IA5 has
- * currency symbol.
- */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_GeneralString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- break;
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssUTF8_GetEncoding
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- nssStringType type,
- NSSUTF8 *string
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
- PRStatus status = PR_SUCCESS;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSItem *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( type ) {
- case nssStringType_DirectoryString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_TeletexString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_PrintableString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_UniversalString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_BMPString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_UTF8String:
- {
- NSSUTF8 *dup = nssUTF8_Duplicate(string, arenaOpt);
- if( (NSSUTF8 *)NULL == dup ) {
- return (NSSItem *)NULL;
- }
-
- if( (NSSItem *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- (void)nss_ZFreeIf(dup);
- return (NSSItem *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->data = dup;
- dup = (NSSUTF8 *)NULL;
- rv->size = nssUTF8_Size(rv->data, &status);
- if( (0 == rv->size) && (PR_SUCCESS != status) ) {
- if( (NSSItem *)NULL == rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
- return (NSSItem *)NULL;
- }
- }
- break;
- case nssStringType_PHGString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- break;
- }
-
- return rv;
-}
-
-/*
- * nssUTF8_CopyIntoFixedBuffer
- *
- * This will copy a UTF8 string into a fixed-length buffer, making
- * sure that the all characters are valid. Any remaining space will
- * be padded with the specified ASCII character, typically either
- * null or space.
- *
- * Blah, blah, blah.
- */
-
-NSS_IMPLEMENT PRStatus
-nssUTF8_CopyIntoFixedBuffer
-(
- NSSUTF8 *string,
- char *buffer,
- PRUint32 bufferSize,
- char pad
-)
-{
- PRUint32 stringSize = 0;
-
-#ifdef NSSDEBUG
- if( (char *)NULL == buffer ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FALSE;
- }
-
- if( 0 == bufferSize ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FALSE;
- }
-
- if( (pad & 0x80) != 0x00 ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == string ) {
- string = (NSSUTF8 *) "";
- }
-
- stringSize = nssUTF8_Size(string, (PRStatus *)NULL);
- stringSize--; /* don't count the trailing null */
- if( stringSize > bufferSize ) {
- PRUint32 bs = bufferSize;
- (void)nsslibc_memcpy(buffer, string, bufferSize);
-
- if( ( ((buffer[ bs-1 ] & 0x80) == 0x00)) ||
- ((bs > 1) && ((buffer[ bs-2 ] & 0xE0) == 0xC0)) ||
- ((bs > 2) && ((buffer[ bs-3 ] & 0xF0) == 0xE0)) ||
- ((bs > 3) && ((buffer[ bs-4 ] & 0xF8) == 0xF0)) ||
- ((bs > 4) && ((buffer[ bs-5 ] & 0xFC) == 0xF8)) ||
- ((bs > 5) && ((buffer[ bs-6 ] & 0xFE) == 0xFC)) ) {
- /* It fit exactly */
- return PR_SUCCESS;
- }
-
- /* Too long. We have to trim the last character */
- for( /*bs*/; bs != 0; bs-- ) {
- if( (buffer[bs-1] & 0xC0) != 0x80 ) {
- buffer[bs-1] = pad;
- break;
- } else {
- buffer[bs-1] = pad;
- }
- }
- } else {
- (void)nsslibc_memset(buffer, pad, bufferSize);
- (void)nsslibc_memcpy(buffer, string, stringSize);
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssUTF8_Equal
- *
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_Equal
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-)
-{
- PRUint32 la, lb;
-
-#ifdef NSSDEBUG
- if( ((const NSSUTF8 *)NULL == a) ||
- ((const NSSUTF8 *)NULL == b) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- la = nssUTF8_Size(a, statusOpt);
- if( 0 == la ) {
- return PR_FALSE;
- }
-
- lb = nssUTF8_Size(b, statusOpt);
- if( 0 == lb ) {
- return PR_FALSE;
- }
-
- if( la != lb ) {
- return PR_FALSE;
- }
-
- return nsslibc_memequal(a, b, la, statusOpt);
-}
diff --git a/security/nss/lib/base/whatnspr.c b/security/nss/lib/base/whatnspr.c
deleted file mode 100644
index 5303ec256..000000000
--- a/security/nss/lib/base/whatnspr.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This file isolates us from differences in NSPR versions.
- * We have to detect the library with which we're running at
- * runtime, and switch behaviours there. This lets us do
- * stuff like load cryptoki modules in Communicator.
- *
- * Hey, it's the PORT layer all over again!
- */
-
-static int whatnspr = 0;
-
-static int
-set_whatnspr
-(
- void
-)
-{
- /*
- * The only runtime difference I could find was the
- * return value of PR_dtoa. We can't just look for
- * a symbol in NSPR >=2, because it'll always be
- * found (because we compile against NSPR >=2).
- * Maybe we could look for a symbol merely in NSPR 1?
- *
- */
-
- char buffer[64];
- int decpt = 0, sign = 0;
- char *rve = (char *)0;
- /* extern int PR_dtoa(double, int, int, int *, int *, char **, char *, int); */
- int r = (int)PR_dtoa((double)1.0, 0, 5, &decpt, &sign, &rve,
- buffer, sizeof(buffer));
-
- switch( r ) {
- case 0:
- case -1:
- whatnspr = 2;
- /*
- * If we needed to, *now* we could look up "libVersionPoint"
- * and get more data there.. except all current NSPR's (up
- * to NSPR 4.x at time of writing) still say 2 in their
- * version structure.
- */
- break;
- default:
- whatnspr = 1;
- break;
- }
-
- return whatnspr;
-}
-
-#define WHATNSPR (whatnspr ? whatnspr : set_whatnspr())
-
-NSS_IMPLEMENT PRStatus
-nss_NewThreadPrivateIndex
-(
- PRUintn *ip,
- PRThreadPrivateDTOR dtor
-)
-{
- switch( WHATNSPR ) {
- case 1:
- {
- PRLibrary *l = (PRLibrary *)0;
- void *f = PR_FindSymbolAndLibrary("PR_NewThreadPrivateID", &l);
- typedef PRInt32 (*ntpt)(void);
- ntpt ntp = (ntpt) f;
-
- PR_ASSERT((void *)0 != f);
-
- *ip = ntp();
- return PR_SUCCESS;
- }
- case 2:
- default:
- return PR_NewThreadPrivateIndex(ip, dtor);
- }
-}
-
-NSS_IMPLEMENT void *
-nss_GetThreadPrivate
-(
- PRUintn i
-)
-{
- switch( WHATNSPR ) {
- case 1:
- {
- PRLibrary *l = (PRLibrary *)0;
- void *f = PR_FindSymbolAndLibrary("PR_GetThreadPrivate", &l);
- typedef void *(*gtpt)(PRThread *, PRInt32);
- gtpt gtp = (gtpt) f;
-
- PR_ASSERT((void *)0 != f);
-
- return gtp(PR_CurrentThread(), i);
- }
- case 2:
- default:
- return PR_GetThreadPrivate(i);
- }
-}
-
-NSS_IMPLEMENT void
-nss_SetThreadPrivate
-(
- PRUintn i,
- void *v
-)
-{
- switch( WHATNSPR ) {
- case 1:
- {
- PRLibrary *l = (PRLibrary *)0;
- void *f = PR_FindSymbolAndLibrary("PR_SetThreadPrivate", &l);
- typedef PRStatus (*stpt)(PRThread *, PRInt32, void *);
- stpt stp = (stpt) f;
-
- PR_ASSERT((void *)0 != f);
-
- (void)stp(PR_CurrentThread(), i, v);
- return;
- }
- case 2:
- default:
- (void)PR_SetThreadPrivate(i, v);
- return;
- }
-}
diff --git a/security/nss/lib/certdb/.cvsignore b/security/nss/lib/certdb/.cvsignore
deleted file mode 100644
index ec60123e5..000000000
--- a/security/nss/lib/certdb/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-nscertinit.c
diff --git a/security/nss/lib/certdb/Makefile b/security/nss/lib/certdb/Makefile
deleted file mode 100644
index 12eff17ab..000000000
--- a/security/nss/lib/certdb/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c
deleted file mode 100644
index e414f4eb4..000000000
--- a/security/nss/lib/certdb/alg1485.c
+++ /dev/null
@@ -1,1248 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prprf.h"
-#include "cert.h"
-#include "xconst.h"
-#include "genname.h"
-#include "secitem.h"
-#include "secerr.h"
-
-struct NameToKind {
- char *name;
- SECOidTag kind;
-};
-
-static struct NameToKind name2kinds[] = {
- { "CN", SEC_OID_AVA_COMMON_NAME, },
- { "ST", SEC_OID_AVA_STATE_OR_PROVINCE, },
- { "OU", SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME, },
- { "DC", SEC_OID_AVA_DC, },
- { "C", SEC_OID_AVA_COUNTRY_NAME, },
- { "O", SEC_OID_AVA_ORGANIZATION_NAME, },
- { "L", SEC_OID_AVA_LOCALITY, },
- { "dnQualifier", SEC_OID_AVA_DN_QUALIFIER, },
- { "E", SEC_OID_PKCS9_EMAIL_ADDRESS, },
- { "UID", SEC_OID_RFC1274_UID, },
- { "MAIL", SEC_OID_RFC1274_MAIL, },
- { 0, SEC_OID_UNKNOWN },
-};
-
-#define C_DOUBLE_QUOTE '\042'
-
-#define C_BACKSLASH '\134'
-
-#define C_EQUAL '='
-
-#define OPTIONAL_SPACE(c) \
- (((c) == ' ') || ((c) == '\r') || ((c) == '\n'))
-
-#define SPECIAL_CHAR(c) \
- (((c) == ',') || ((c) == '=') || ((c) == C_DOUBLE_QUOTE) || \
- ((c) == '\r') || ((c) == '\n') || ((c) == '+') || \
- ((c) == '<') || ((c) == '>') || ((c) == '#') || \
- ((c) == ';') || ((c) == C_BACKSLASH))
-
-
-
-
-
-
-
-#if 0
-/*
-** Find the start and end of a <string>. Strings can be wrapped in double
-** quotes to protect special characters.
-*/
-static int BracketThing(char **startp, char *end, char *result)
-{
- char *start = *startp;
- char c;
-
- /* Skip leading white space */
- while (start < end) {
- c = *start++;
- if (!OPTIONAL_SPACE(c)) {
- start--;
- break;
- }
- }
- if (start == end) return 0;
-
- switch (*start) {
- case '#':
- /* Process hex thing */
- start++;
- *startp = start;
- while (start < end) {
- c = *start++;
- if (((c >= '0') && (c <= '9')) ||
- ((c >= 'a') && (c <= 'f')) ||
- ((c >= 'A') && (c <= 'F'))) {
- continue;
- }
- break;
- }
- rv = IS_HEX;
- break;
-
- case C_DOUBLE_QUOTE:
- start++;
- *startp = start;
- while (start < end) {
- c = *start++;
- if (c == C_DOUBLE_QUOTE) {
- break;
- }
- *result++ = c;
- }
- rv = IS_STRING;
- break;
-
- default:
- while (start < end) {
- c = *start++;
- if (SPECIAL_CHAR(c)) {
- start--;
- break;
- }
- *result++ = c;
- }
- rv = IS_STRING;
- break;
- }
-
- /* Terminate result string */
- *result = 0;
- return start;
-}
-
-static char *BracketSomething(char **startp, char* end, int spacesOK)
-{
- char *start = *startp;
- char c;
- int stopAtDQ;
-
- /* Skip leading white space */
- while (start < end) {
- c = *start;
- if (!OPTIONAL_SPACE(c)) {
- break;
- }
- start++;
- }
- if (start == end) return 0;
- stopAtDQ = 0;
- if (*start == C_DOUBLE_QUOTE) {
- stopAtDQ = 1;
- }
-
- /*
- ** Find the end of the something. The something is terminated most of
- ** the time by a space. However, if spacesOK is true then it is
- ** terminated by a special character only.
- */
- *startp = start;
- while (start < end) {
- c = *start;
- if (stopAtDQ) {
- if (c == C_DOUBLE_QUOTE) {
- *start = ' ';
- break;
- }
- } else {
- if (SPECIAL_CHAR(c)) {
- break;
- }
- if (!spacesOK && OPTIONAL_SPACE(c)) {
- break;
- }
- }
- start++;
- }
- return start;
-}
-#endif
-
-#define IS_PRINTABLE(c) \
- ((((c) >= 'a') && ((c) <= 'z')) || \
- (((c) >= 'A') && ((c) <= 'Z')) || \
- (((c) >= '0') && ((c) <= '9')) || \
- ((c) == ' ') || \
- ((c) == '\'') || \
- ((c) == '\050') || /* ( */ \
- ((c) == '\051') || /* ) */ \
- (((c) >= '+') && ((c) <= '/')) || /* + , - . / */ \
- ((c) == ':') || \
- ((c) == '=') || \
- ((c) == '?'))
-
-static PRBool
-IsPrintable(unsigned char *data, unsigned len)
-{
- unsigned char ch, *end;
-
- end = data + len;
- while (data < end) {
- ch = *data++;
- if (!IS_PRINTABLE(ch)) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-static PRBool
-Is7Bit(unsigned char *data, unsigned len)
-{
- unsigned char ch, *end;
-
- end = data + len;
- while (data < end) {
- ch = *data++;
- if ((ch & 0x80)) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-static void
-skipSpace(char **pbp, char *endptr)
-{
- char *bp = *pbp;
- while (bp < endptr && OPTIONAL_SPACE(*bp)) {
- bp++;
- }
- *pbp = bp;
-}
-
-static SECStatus
-scanTag(char **pbp, char *endptr, char *tagBuf, int tagBufSize)
-{
- char *bp, *tagBufp;
- int taglen;
-
- PORT_Assert(tagBufSize > 0);
-
- /* skip optional leading space */
- skipSpace(pbp, endptr);
- if (*pbp == endptr) {
- /* nothing left */
- return SECFailure;
- }
-
- /* fill tagBuf */
- taglen = 0;
- bp = *pbp;
- tagBufp = tagBuf;
- while (bp < endptr && !OPTIONAL_SPACE(*bp) && (*bp != C_EQUAL)) {
- if (++taglen >= tagBufSize) {
- *pbp = bp;
- return SECFailure;
- }
- *tagBufp++ = *bp++;
- }
- /* null-terminate tagBuf -- guaranteed at least one space left */
- *tagBufp++ = 0;
- *pbp = bp;
-
- /* skip trailing spaces till we hit something - should be an equal sign */
- skipSpace(pbp, endptr);
- if (*pbp == endptr) {
- /* nothing left */
- return SECFailure;
- }
- if (**pbp != C_EQUAL) {
- /* should be an equal sign */
- return SECFailure;
- }
- /* skip over the equal sign */
- (*pbp)++;
-
- return SECSuccess;
-}
-
-static SECStatus
-scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
-{
- char *bp, *valBufp;
- int vallen;
- PRBool isQuoted;
-
- PORT_Assert(valBufSize > 0);
-
- /* skip optional leading space */
- skipSpace(pbp, endptr);
- if(*pbp == endptr) {
- /* nothing left */
- return SECFailure;
- }
-
- bp = *pbp;
-
- /* quoted? */
- if (*bp == C_DOUBLE_QUOTE) {
- isQuoted = PR_TRUE;
- /* skip over it */
- bp++;
- } else {
- isQuoted = PR_FALSE;
- }
-
- valBufp = valBuf;
- vallen = 0;
- while (bp < endptr) {
- char c = *bp;
- if (c == C_BACKSLASH) {
- /* escape character */
- bp++;
- if (bp >= endptr) {
- /* escape charater must appear with paired char */
- *pbp = bp;
- return SECFailure;
- }
- } else if (!isQuoted && SPECIAL_CHAR(c)) {
- /* unescaped special and not within quoted value */
- break;
- } else if (c == C_DOUBLE_QUOTE) {
- /* reached unescaped double quote */
- break;
- }
- /* append character */
- vallen++;
- if (vallen >= valBufSize) {
- *pbp = bp;
- return SECFailure;
- }
- *valBufp++ = *bp++;
- }
-
- /* stip trailing spaces from unquoted values */
- if (!isQuoted) {
- if (valBufp > valBuf) {
- valBufp--;
- while ((valBufp > valBuf) && OPTIONAL_SPACE(*valBufp)) {
- valBufp--;
- }
- valBufp++;
- }
- }
-
- if (isQuoted) {
- /* insist that we stopped on a double quote */
- if (*bp != C_DOUBLE_QUOTE) {
- *pbp = bp;
- return SECFailure;
- }
- /* skip over the quote and skip optional space */
- bp++;
- skipSpace(&bp, endptr);
- }
-
- *pbp = bp;
-
- if (valBufp == valBuf) {
- /* empty value -- not allowed */
- return SECFailure;
- }
-
- /* null-terminate valBuf -- guaranteed at least one space left */
- *valBufp++ = 0;
-
- return SECSuccess;
-}
-
-CERTAVA *
-CERT_ParseRFC1485AVA(PRArenaPool *arena, char **pbp, char *endptr,
- PRBool singleAVA)
-{
- CERTAVA *a;
- struct NameToKind *n2k;
- int vt;
- int valLen;
- char *bp;
-
- char tagBuf[32];
- char valBuf[384];
-
- if (scanTag(pbp, endptr, tagBuf, sizeof(tagBuf)) == SECFailure ||
- scanVal(pbp, endptr, valBuf, sizeof(valBuf)) == SECFailure) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
- }
-
- /* insist that if we haven't finished we've stopped on a separator */
- bp = *pbp;
- if (bp < endptr) {
- if (singleAVA || (*bp != ',' && *bp != ';')) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- *pbp = bp;
- return 0;
- }
- /* ok, skip over separator */
- bp++;
- }
- *pbp = bp;
-
- for (n2k = name2kinds; n2k->name; n2k++) {
- if (PORT_Strcasecmp(n2k->name, tagBuf) == 0) {
- valLen = PORT_Strlen(valBuf);
- if (n2k->kind == SEC_OID_AVA_COUNTRY_NAME) {
- vt = SEC_ASN1_PRINTABLE_STRING;
- if (valLen != 2) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
- }
- if (!IsPrintable((unsigned char*) valBuf, 2)) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
- }
- } else if ((n2k->kind == SEC_OID_PKCS9_EMAIL_ADDRESS) ||
- (n2k->kind == SEC_OID_RFC1274_MAIL)) {
- vt = SEC_ASN1_IA5_STRING;
- } else {
- /* Hack -- for rationale see X.520 DirectoryString defn */
- if (IsPrintable((unsigned char*)valBuf, valLen)) {
- vt = SEC_ASN1_PRINTABLE_STRING;
- } else if (Is7Bit((unsigned char *)valBuf, valLen)) {
- vt = SEC_ASN1_T61_STRING;
- } else {
- vt = SEC_ASN1_UNIVERSAL_STRING;
- }
- }
- a = CERT_CreateAVA(arena, n2k->kind, vt, (char *) valBuf);
- return a;
- }
- }
- /* matched no kind -- invalid tag */
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
-}
-
-static CERTName *
-ParseRFC1485Name(char *buf, int len)
-{
- SECStatus rv;
- CERTName *name;
- char *bp, *e;
- CERTAVA *ava;
- CERTRDN *rdn;
-
- name = CERT_CreateName(NULL);
- if (name == NULL) {
- return NULL;
- }
-
- e = buf + len;
- bp = buf;
- while (bp < e) {
- ava = CERT_ParseRFC1485AVA(name->arena, &bp, e, PR_FALSE);
- if (ava == 0) goto loser;
- rdn = CERT_CreateRDN(name->arena, ava, 0);
- if (rdn == 0) goto loser;
- rv = CERT_AddRDN(name, rdn);
- if (rv) goto loser;
- skipSpace(&bp, e);
- }
-
- if (name->rdns[0] == 0) {
- /* empty name -- illegal */
- goto loser;
- }
-
- /* Reverse order of RDNS to comply with RFC */
- {
- CERTRDN **firstRdn;
- CERTRDN **lastRdn;
- CERTRDN *tmp;
-
- /* get first one */
- firstRdn = name->rdns;
-
- /* find last one */
- lastRdn = name->rdns;
- while (*lastRdn) lastRdn++;
- lastRdn--;
-
- /* reverse list */
- for ( ; firstRdn < lastRdn; firstRdn++, lastRdn--) {
- tmp = *firstRdn;
- *firstRdn = *lastRdn;
- *lastRdn = tmp;
- }
- }
-
- /* return result */
- return name;
-
- loser:
- CERT_DestroyName(name);
- return NULL;
-}
-
-CERTName *
-CERT_AsciiToName(char *string)
-{
- CERTName *name;
- name = ParseRFC1485Name(string, PORT_Strlen(string));
- return name;
-}
-
-/************************************************************************/
-
-typedef struct stringBufStr {
- char *buffer;
- unsigned offset;
- unsigned size;
-} stringBuf;
-
-#define DEFAULT_BUFFER_SIZE 200
-#define MAX(x,y) ((x) > (y) ? (x) : (y))
-
-static SECStatus
-AppendStr(stringBuf *bufp, char *str)
-{
- char *buf;
- unsigned bufLen, bufSize, len;
- int size = 0;
-
- /* Figure out how much to grow buf by (add in the '\0') */
- buf = bufp->buffer;
- bufLen = bufp->offset;
- len = PORT_Strlen(str);
- bufSize = bufLen + len;
- if (!buf) {
- bufSize++;
- size = MAX(DEFAULT_BUFFER_SIZE,bufSize*2);
- buf = (char *) PORT_Alloc(size);
- bufp->size = size;
- } else if (bufp->size < bufSize) {
- size = bufSize*2;
- buf =(char *) PORT_Realloc(buf,size);
- bufp->size = size;
- }
- if (!buf) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- bufp->buffer = buf;
- bufp->offset = bufSize;
-
- /* Concatenate str onto buf */
- buf = buf + bufLen;
- if (bufLen) buf--; /* stomp on old '\0' */
- PORT_Memcpy(buf, str, len+1); /* put in new null */
- return SECSuccess;
-}
-
-SECStatus
-CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen)
-{
- int i, reqLen=0;
- char *d = dst;
- PRBool needsQuoting = PR_FALSE;
-
- /* need to make an initial pass to determine if quoting is needed */
- for (i = 0; i < srclen; i++) {
- char c = src[i];
- reqLen++;
- if (SPECIAL_CHAR(c)) {
- /* entirety will need quoting */
- needsQuoting = PR_TRUE;
- }
- if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
- /* this char will need escaping */
- reqLen++;
- }
- }
- /* if it begins or ends in optional space it needs quoting */
- if (srclen > 0 &&
- (OPTIONAL_SPACE(src[srclen-1]) || OPTIONAL_SPACE(src[0]))) {
- needsQuoting = PR_TRUE;
- }
-
- if (needsQuoting) reqLen += 2;
-
- /* space for terminal null */
- reqLen++;
-
- if (reqLen > dstlen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
-
- d = dst;
- if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
- for (i = 0; i < srclen; i++) {
- char c = src[i];
- if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
- /* escape it */
- *d++ = C_BACKSLASH;
- }
- *d++ = c;
- }
- if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
- *d++ = 0;
- return SECSuccess;
-}
-
-/* convert an OID to dotted-decimal representation */
-static char *
-get_oid_string
-(
- SECItem *oid
-)
-{
- PRUint8 *end;
- PRUint8 *d;
- PRUint8 *e;
- char *a;
- char *b;
-
- a = (char *)NULL;
-
- /* d will point to the next sequence of bytes to decode */
- d = (PRUint8 *)oid->data;
- /* end points to one past the legitimate data */
- end = &d[ oid->len ];
-
- /*
- * Check for our pseudo-encoded single-digit OIDs
- */
- if( (*d == 0x80) && (2 == oid->len) ) {
- /* Funky encoding. The second byte is the number */
- a = PR_smprintf("%lu", (PRUint32)d[1]);
- if( (char *)NULL == a ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return (char *)NULL;
- }
- return a;
- }
-
- for( ; d < end; d = &e[1] ) {
-
- for( e = d; e < end; e++ ) {
- if( 0 == (*e & 0x80) ) {
- break;
- }
- }
-
- if( ((e-d) > 4) || (((e-d) == 4) && (*d & 0x70)) ) {
- /* More than a 32-bit number */
- } else {
- PRUint32 n = 0;
-
- switch( e-d ) {
- case 4:
- n |= ((PRUint32)(e[-4] & 0x0f)) << 28;
- case 3:
- n |= ((PRUint32)(e[-3] & 0x7f)) << 21;
- case 2:
- n |= ((PRUint32)(e[-2] & 0x7f)) << 14;
- case 1:
- n |= ((PRUint32)(e[-1] & 0x7f)) << 7;
- case 0:
- n |= ((PRUint32)(e[-0] & 0x7f)) ;
- }
-
- if( (char *)NULL == a ) {
- /* This is the first number.. decompose it */
- PRUint32 one = PR_MIN(n/40, 2); /* never > 2 */
- PRUint32 two = n - one * 40;
-
- a = PR_smprintf("%lu.%lu", one, two);
- if( (char *)NULL == a ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return (char *)NULL;
- }
- } else {
- b = PR_smprintf("%s.%lu", a, n);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return (char *)NULL;
- }
-
- PR_smprintf_free(a);
- a = b;
- }
- }
- }
-
- return a;
-}
-
-/* convert DER-encoded hex to a string */
-static SECItem *
-get_hex_string(SECItem *data)
-{
- SECItem *rv;
- unsigned int i, j;
- static const char hex[] = { "0123456789ABCDEF" };
-
- /* '#' + 2 chars per octet + terminator */
- rv = SECITEM_AllocItem(NULL, NULL, data->len*2 + 2);
- if (!rv) {
- return NULL;
- }
- rv->data[0] = '#';
- rv->len = 1 + 2 * data->len;
- for (i=0; i<data->len; i++) {
- j = data->data[i];
- rv->data[2*i+1] = hex[j >> 4];
- rv->data[2*i+2] = hex[j & 15];
- }
- rv->data[rv->len] = 0;
- return rv;
-}
-
-static SECStatus
-AppendAVA(stringBuf *bufp, CERTAVA *ava)
-{
- char *tagName;
- char tmpBuf[384];
- unsigned len, maxLen;
- int tag;
- SECStatus rv;
- SECItem *avaValue = NULL;
- char *unknownTag = NULL;
-
- tag = CERT_GetAVATag(ava);
- switch (tag) {
- case SEC_OID_AVA_COUNTRY_NAME:
- tagName = "C";
- maxLen = 2;
- break;
- case SEC_OID_AVA_ORGANIZATION_NAME:
- tagName = "O";
- maxLen = 64;
- break;
- case SEC_OID_AVA_COMMON_NAME:
- tagName = "CN";
- maxLen = 64;
- break;
- case SEC_OID_AVA_LOCALITY:
- tagName = "L";
- maxLen = 128;
- break;
- case SEC_OID_AVA_STATE_OR_PROVINCE:
- tagName = "ST";
- maxLen = 128;
- break;
- case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
- tagName = "OU";
- maxLen = 64;
- break;
- case SEC_OID_AVA_DC:
- tagName = "DC";
- maxLen = 128;
- break;
- case SEC_OID_AVA_DN_QUALIFIER:
- tagName = "dnQualifier";
- maxLen = 0x7fff;
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- tagName = "E";
- maxLen = 128;
- break;
- case SEC_OID_RFC1274_UID:
- tagName = "UID";
- maxLen = 256;
- break;
- case SEC_OID_RFC1274_MAIL:
- tagName = "MAIL";
- maxLen = 256;
- break;
- default:
- /* handle unknown attribute types per RFC 2253 */
- tagName = unknownTag = get_oid_string(&ava->type);
- maxLen = 256;
- break;
- }
-
- avaValue = CERT_DecodeAVAValue(&ava->value);
- if(!avaValue) {
- /* the attribute value is not recognized, get the hex value */
- avaValue = get_hex_string(&ava->value);
- if(!avaValue) {
- if (unknownTag) PR_smprintf_free(unknownTag);
- return SECFailure;
- }
- }
-
- /* Check value length */
- if (avaValue->len > maxLen) {
- if (unknownTag) PR_smprintf_free(unknownTag);
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return SECFailure;
- }
-
- len = PORT_Strlen(tagName);
- if (len+1 > sizeof(tmpBuf)) {
- if (unknownTag) PR_smprintf_free(unknownTag);
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- PORT_Memcpy(tmpBuf, tagName, len);
- if (unknownTag) PR_smprintf_free(unknownTag);
- tmpBuf[len++] = '=';
-
- /* escape and quote as necessary */
- rv = CERT_RFC1485_EscapeAndQuote(tmpBuf+len, sizeof(tmpBuf)-len,
- (char *)avaValue->data, avaValue->len);
- SECITEM_FreeItem(avaValue, PR_TRUE);
- if (rv) return SECFailure;
-
- rv = AppendStr(bufp, tmpBuf);
- return rv;
-}
-
-char *
-CERT_NameToAscii(CERTName *name)
-{
- SECStatus rv;
- CERTRDN** rdns;
- CERTRDN** lastRdn;
- CERTRDN** rdn;
- CERTAVA** avas;
- CERTAVA* ava;
- PRBool first = PR_TRUE;
- stringBuf strBuf = { NULL, 0, 0 };
-
- rdns = name->rdns;
- if (rdns == NULL) {
- return NULL;
- }
-
- /* find last RDN */
- lastRdn = rdns;
- while (*lastRdn) lastRdn++;
- lastRdn--;
-
- /*
- * Loop over name contents in _reverse_ RDN order appending to string
- */
- for (rdn = lastRdn; rdn >= rdns; rdn--) {
- avas = (*rdn)->avas;
- while ((ava = *avas++) != NULL) {
- /* Put in comma separator */
- if (!first) {
- rv = AppendStr(&strBuf, ", ");
- if (rv) goto loser;
- } else {
- first = PR_FALSE;
- }
-
- /* Add in tag type plus value into buf */
- rv = AppendAVA(&strBuf, ava);
- if (rv) goto loser;
- }
- }
- return strBuf.buffer;
- loser:
- if (strBuf.buffer) {
- PORT_Free(strBuf.buffer);
- }
- return NULL;
-}
-
-/*
- * Return the string representation of a DER encoded distinguished name
- * "dername" - The DER encoded name to convert
- */
-char *
-CERT_DerNameToAscii(SECItem *dername)
-{
- int rv;
- PRArenaPool *arena = NULL;
- CERTName name;
- char *retstr = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( arena == NULL) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, &name, CERT_NameTemplate, dername);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- retstr = CERT_NameToAscii(&name);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(retstr);
-}
-
-static char *
-CERT_GetNameElement(PRArenaPool *arena, CERTName *name, int wantedTag)
-{
- CERTRDN** rdns;
- CERTRDN *rdn;
- CERTAVA** avas;
- CERTAVA* ava;
- char *buf = 0;
- int tag;
- SECItem *decodeItem = NULL;
-
- rdns = name->rdns;
- while ((rdn = *rdns++) != 0) {
- avas = rdn->avas;
- while ((ava = *avas++) != 0) {
- tag = CERT_GetAVATag(ava);
- if ( tag == wantedTag ) {
- decodeItem = CERT_DecodeAVAValue(&ava->value);
- if(!decodeItem) {
- return NULL;
- }
- if (arena) {
- buf = (char *)PORT_ArenaZAlloc(arena,decodeItem->len + 1);
- } else {
- buf = (char *)PORT_ZAlloc(decodeItem->len + 1);
- }
- if ( buf ) {
- PORT_Memcpy(buf, decodeItem->data, decodeItem->len);
- buf[decodeItem->len] = 0;
- }
- SECITEM_FreeItem(decodeItem, PR_TRUE);
- goto done;
- }
- }
- }
-
- done:
- return buf;
-}
-
-char *
-CERT_GetCertificateEmailAddress(CERTCertificate *cert)
-{
- char *rawEmailAddr = NULL;
- SECItem subAltName;
- SECStatus rv;
- CERTGeneralName *nameList = NULL;
- CERTGeneralName *current;
- PRArenaPool *arena = NULL;
- int i;
-
- subAltName.data = NULL;
-
- rawEmailAddr = CERT_GetNameElement(cert->arena, &(cert->subject),
- SEC_OID_PKCS9_EMAIL_ADDRESS);
- if ( rawEmailAddr == NULL ) {
- rawEmailAddr = CERT_GetNameElement(cert->arena, &(cert->subject),
- SEC_OID_RFC1274_MAIL);
- }
- if ( rawEmailAddr == NULL) {
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &subAltName);
- if (rv != SECSuccess) {
- goto finish;
- }
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- goto finish;
- }
- nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName);
- if (!nameList ) {
- goto finish;
- }
- if (nameList != NULL) {
- do {
- if (current->type == certDirectoryName) {
- rawEmailAddr = CERT_GetNameElement(cert->arena,
- &(current->name.directoryName),
- SEC_OID_PKCS9_EMAIL_ADDRESS);
- if ( rawEmailAddr == NULL ) {
- rawEmailAddr = CERT_GetNameElement(cert->arena,
- &(current->name.directoryName), SEC_OID_RFC1274_MAIL);
- }
- } else if (current->type == certRFC822Name) {
- rawEmailAddr = (char*)PORT_ArenaZAlloc(cert->arena,
- current->name.other.len + 1);
- if (!rawEmailAddr) {
- goto finish;
- }
- PORT_Memcpy(rawEmailAddr, current->name.other.data,
- current->name.other.len);
- rawEmailAddr[current->name.other.len] = '\0';
- }
- if (rawEmailAddr) {
- break;
- }
- current = cert_get_next_general_name(current);
- } while (current != nameList);
- }
- }
- if (rawEmailAddr) {
- for (i = 0; i <= (int) PORT_Strlen(rawEmailAddr); i++) {
- rawEmailAddr[i] = tolower(rawEmailAddr[i]);
- }
- }
-
-finish:
-
- /* Don't free nameList, it's part of the arena. */
-
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if ( subAltName.data ) {
- SECITEM_FreeItem(&subAltName, PR_FALSE);
- }
-
- return(rawEmailAddr);
-}
-
-static char *
-appendStringToBuf(char *dest, char *src, PRUint32 *pRemaining)
-{
- PRUint32 len;
- if (dest && src && src[0] && *pRemaining > (len = PL_strlen(src))) {
- PRUint32 i;
- for (i = 0; i < len; ++i)
- dest[i] = tolower(src[i]);
- dest[len] = 0;
- dest += len + 1;
- *pRemaining -= len + 1;
- }
- return dest;
-}
-
-static char *
-appendItemToBuf(char *dest, SECItem *src, PRUint32 *pRemaining)
-{
- if (dest && src && src->data && src->len && src->data[0] &&
- *pRemaining > src->len + 1 ) {
- PRUint32 len = src->len;
- PRUint32 i;
- for (i = 0; i < len && src->data[i] ; ++i)
- dest[i] = tolower(src->data[i]);
- dest[len] = 0;
- dest += len + 1;
- *pRemaining -= len + 1;
- }
- return dest;
-}
-
-/* Returns a pointer to an environment-like string, a series of
-** null-terminated strings, terminated by a zero-length string.
-** This function is intended to be internal to NSS.
-*/
-char *
-cert_GetCertificateEmailAddresses(CERTCertificate *cert)
-{
- char * rawEmailAddr = NULL;
- char * addrBuf = NULL;
- char * pBuf = NULL;
- PRArenaPool * tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- PRUint32 maxLen = 0;
- PRInt32 finalLen = 0;
- SECStatus rv;
- SECItem subAltName;
-
- if (!tmpArena)
- return addrBuf;
-
- subAltName.data = NULL;
- maxLen = cert->derCert.len;
- PORT_Assert(maxLen);
- if (!maxLen)
- maxLen = 2000; /* a guess, should never happen */
-
- pBuf = addrBuf = (char *)PORT_ArenaZAlloc(tmpArena, maxLen + 1);
- if (!addrBuf)
- goto loser;
-
- rawEmailAddr = CERT_GetNameElement(tmpArena, &cert->subject,
- SEC_OID_PKCS9_EMAIL_ADDRESS);
- pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
-
- rawEmailAddr = CERT_GetNameElement(tmpArena, &cert->subject,
- SEC_OID_RFC1274_MAIL);
- pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &subAltName);
- if (rv == SECSuccess && subAltName.data) {
- CERTGeneralName *nameList = NULL;
-
- if (!!(nameList = CERT_DecodeAltNameExtension(tmpArena, &subAltName))) {
- CERTGeneralName *current = nameList;
- do {
- if (current->type == certDirectoryName) {
- rawEmailAddr = CERT_GetNameElement(tmpArena,
- &current->name.directoryName,
- SEC_OID_PKCS9_EMAIL_ADDRESS);
- pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
-
- rawEmailAddr = CERT_GetNameElement(tmpArena,
- &current->name.directoryName,
- SEC_OID_RFC1274_MAIL);
- pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen);
- } else if (current->type == certRFC822Name) {
- pBuf = appendItemToBuf(pBuf, &current->name.other, &maxLen);
- }
- current = cert_get_next_general_name(current);
- } while (current != nameList);
- }
- SECITEM_FreeItem(&subAltName, PR_FALSE);
- /* Don't free nameList, it's part of the tmpArena. */
- }
- /* now copy superstring to cert's arena */
- finalLen = (pBuf - addrBuf) + 1;
- pBuf = PORT_ArenaAlloc(cert->arena, finalLen);
- if (pBuf) {
- PORT_Memcpy(pBuf, addrBuf, finalLen);
- }
-
-loser:
- if (tmpArena)
- PORT_FreeArena(tmpArena, PR_FALSE);
-
- return pBuf;
-}
-
-/* returns pointer to storage in cert's arena. Storage remains valid
-** as long as cert's reference count doesn't go to zero.
-** Caller should strdup or otherwise copy.
-*/
-const char * /* const so caller won't muck with it. */
-CERT_GetFirstEmailAddress(CERTCertificate * cert)
-{
- if (cert && cert->emailAddr && cert->emailAddr[0])
- return (const char *)cert->emailAddr;
- return NULL;
-}
-
-/* returns pointer to storage in cert's arena. Storage remains valid
-** as long as cert's reference count doesn't go to zero.
-** Caller should strdup or otherwise copy.
-*/
-const char * /* const so caller won't muck with it. */
-CERT_GetNextEmailAddress(CERTCertificate * cert, const char * prev)
-{
- if (cert && prev && prev[0]) {
- PRUint32 len = PL_strlen(prev);
- prev += len + 1;
- if (prev && prev[0])
- return prev;
- }
- return NULL;
-}
-
-/* This is seriously bogus, now that certs store their email addresses in
-** subject Alternative Name extensions.
-** Returns a string allocated by PORT_StrDup, which the caller must free.
-*/
-char *
-CERT_GetCertEmailAddress(CERTName *name)
-{
- char *rawEmailAddr;
- char *emailAddr;
-
-
- rawEmailAddr = CERT_GetNameElement(NULL, name, SEC_OID_PKCS9_EMAIL_ADDRESS);
- if ( rawEmailAddr == NULL ) {
- rawEmailAddr = CERT_GetNameElement(NULL, name, SEC_OID_RFC1274_MAIL);
- }
- emailAddr = CERT_FixupEmailAddr(rawEmailAddr);
- if ( rawEmailAddr ) {
- PORT_Free(rawEmailAddr);
- }
- return(emailAddr);
-}
-
-char *
-CERT_GetCommonName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_COMMON_NAME));
-}
-
-char *
-CERT_GetCountryName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_COUNTRY_NAME));
-}
-
-char *
-CERT_GetLocalityName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_LOCALITY));
-}
-
-char *
-CERT_GetStateName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_STATE_OR_PROVINCE));
-}
-
-char *
-CERT_GetOrgName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_ORGANIZATION_NAME));
-}
-
-char *
-CERT_GetDomainComponentName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_DC));
-}
-
-char *
-CERT_GetOrgUnitName(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME));
-}
-
-char *
-CERT_GetDnQualifier(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_DN_QUALIFIER));
-}
-
-char *
-CERT_GetCertUid(CERTName *name)
-{
- return(CERT_GetNameElement(NULL, name, SEC_OID_RFC1274_UID));
-}
-
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h
deleted file mode 100644
index 1131b1633..000000000
--- a/security/nss/lib/certdb/cert.h
+++ /dev/null
@@ -1,1493 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * cert.h - public data structures and prototypes for the certificate library
- *
- * $Id$
- */
-
-#ifndef _CERT_H_
-#define _CERT_H_
-
-#include "plarena.h"
-#include "plhash.h"
-#include "prlong.h"
-#include "prlog.h"
-
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "keyt.h"
-#include "certt.h"
-
-SEC_BEGIN_PROTOS
-
-/****************************************************************************
- *
- * RFC1485 ascii to/from X.? RelativeDistinguishedName (aka CERTName)
- *
- ****************************************************************************/
-
-/*
-** Convert an ascii RFC1485 encoded name into its CERTName equivalent.
-*/
-extern CERTName *CERT_AsciiToName(char *string);
-
-/*
-** Convert an CERTName into its RFC1485 encoded equivalent.
-*/
-extern char *CERT_NameToAscii(CERTName *name);
-
-extern CERTAVA *CERT_CopyAVA(PRArenaPool *arena, CERTAVA *src);
-
-/*
-** Examine an AVA and return the tag that refers to it. The AVA tags are
-** defined as SEC_OID_AVA*.
-*/
-extern SECOidTag CERT_GetAVATag(CERTAVA *ava);
-
-/*
-** Compare two AVA's, returning the difference between them.
-*/
-extern SECComparison CERT_CompareAVA(CERTAVA *a, CERTAVA *b);
-
-/*
-** Create an RDN (relative-distinguished-name). The argument list is a
-** NULL terminated list of AVA's.
-*/
-extern CERTRDN *CERT_CreateRDN(PRArenaPool *arena, CERTAVA *avas, ...);
-
-/*
-** Make a copy of "src" storing it in "dest".
-*/
-extern SECStatus CERT_CopyRDN(PRArenaPool *arena, CERTRDN *dest, CERTRDN *src);
-
-/*
-** Destory an RDN object.
-** "rdn" the RDN to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyRDN(CERTRDN *rdn, PRBool freeit);
-
-/*
-** Add an AVA to an RDN.
-** "rdn" the RDN to add to
-** "ava" the AVA to add
-*/
-extern SECStatus CERT_AddAVA(PRArenaPool *arena, CERTRDN *rdn, CERTAVA *ava);
-
-/*
-** Compare two RDN's, returning the difference between them.
-*/
-extern SECComparison CERT_CompareRDN(CERTRDN *a, CERTRDN *b);
-
-/*
-** Create an X.500 style name using a NULL terminated list of RDN's.
-*/
-extern CERTName *CERT_CreateName(CERTRDN *rdn, ...);
-
-/*
-** Make a copy of "src" storing it in "dest". Memory is allocated in
-** "dest" for each of the appropriate sub objects. Memory is not freed in
-** "dest" before allocation is done (use CERT_DestroyName(dest, PR_FALSE) to
-** do that).
-*/
-extern SECStatus CERT_CopyName(PRArenaPool *arena, CERTName *dest, CERTName *src);
-
-/*
-** Destroy a Name object.
-** "name" the CERTName to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyName(CERTName *name);
-
-/*
-** Add an RDN to a name.
-** "name" the name to add the RDN to
-** "rdn" the RDN to add to name
-*/
-extern SECStatus CERT_AddRDN(CERTName *name, CERTRDN *rdn);
-
-/*
-** Compare two names, returning the difference between them.
-*/
-extern SECComparison CERT_CompareName(CERTName *a, CERTName *b);
-
-/*
-** Convert a CERTName into something readable
-*/
-extern char *CERT_FormatName (CERTName *name);
-
-/*
-** Convert a der-encoded integer to a hex printable string form.
-** Perhaps this should be a SEC function but it's only used for certs.
-*/
-extern char *CERT_Hexify (SECItem *i, int do_colon);
-
-/******************************************************************************
- *
- * Certificate handling operations
- *
- *****************************************************************************/
-
-/*
-** Create a new validity object given two unix time values.
-** "notBefore" the time before which the validity is not valid
-** "notAfter" the time after which the validity is not valid
-*/
-extern CERTValidity *CERT_CreateValidity(int64 notBefore, int64 notAfter);
-
-/*
-** Destroy a validity object.
-** "v" the validity to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyValidity(CERTValidity *v);
-
-/*
-** Copy the "src" object to "dest". Memory is allocated in "dest" for
-** each of the appropriate sub-objects. Memory in "dest" is not freed
-** before memory is allocated (use CERT_DestroyValidity(v, PR_FALSE) to do
-** that).
-*/
-extern SECStatus CERT_CopyValidity
- (PRArenaPool *arena, CERTValidity *dest, CERTValidity *src);
-
-/*
-** The cert lib considers a cert or CRL valid if the "notBefore" time is
-** in the not-too-distant future, e.g. within the next 24 hours. This
-** prevents freshly issued certificates from being considered invalid
-** because the local system's time zone is incorrectly set.
-** The amount of "pending slop time" is adjustable by the application.
-** Units of SlopTime are seconds. Default is 86400 (24 hours).
-** Negative SlopTime values are not allowed.
-*/
-PRInt32 CERT_GetSlopTime(void);
-
-SECStatus CERT_SetSlopTime(PRInt32 slop);
-
-/*
-** Create a new certificate object. The result must be wrapped with an
-** CERTSignedData to create a signed certificate.
-** "serialNumber" the serial number
-** "issuer" the name of the certificate issuer
-** "validity" the validity period of the certificate
-** "req" the certificate request that prompted the certificate issuance
-*/
-extern CERTCertificate *
-CERT_CreateCertificate (unsigned long serialNumber, CERTName *issuer,
- CERTValidity *validity, CERTCertificateRequest *req);
-
-/*
-** Destroy a certificate object
-** "cert" the certificate to destroy
-** NOTE: certificate's are reference counted. This call decrements the
-** reference count, and if the result is zero, then the object is destroyed
-** and optionally freed.
-*/
-extern void CERT_DestroyCertificate(CERTCertificate *cert);
-
-/*
-** Make a shallow copy of a certificate "c". Just increments the
-** reference count on "c".
-*/
-extern CERTCertificate *CERT_DupCertificate(CERTCertificate *c);
-
-/*
-** Create a new certificate request. This result must be wrapped with an
-** CERTSignedData to create a signed certificate request.
-** "name" the subject name (who the certificate request is from)
-** "spki" describes/defines the public key the certificate is for
-** "attributes" if non-zero, some optional attribute data
-*/
-extern CERTCertificateRequest *
-CERT_CreateCertificateRequest (CERTName *name, CERTSubjectPublicKeyInfo *spki,
- SECItem **attributes);
-
-/*
-** Destroy a certificate-request object
-** "r" the certificate-request to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyCertificateRequest(CERTCertificateRequest *r);
-
-/*
-** Extract a public key object from a SubjectPublicKeyInfo
-*/
-extern SECKEYPublicKey *CERT_ExtractPublicKey(CERTCertificate *cert);
-
-/*
- * used to get a public key with Key Material ID. Only used for fortezza V1
- * certificates.
- */
-extern SECKEYPublicKey *CERT_KMIDPublicKey(CERTCertificate *cert);
-
-
-/*
-** Retrieve the Key Type associated with the cert we're dealing with
-*/
-
-extern KeyType CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki);
-
-/*
-** Initialize the certificate database. This is called to create
-** the initial list of certificates in the database.
-*/
-extern SECStatus CERT_InitCertDB(CERTCertDBHandle *handle);
-
-extern int CERT_GetDBContentVersion(CERTCertDBHandle *handle);
-
-/*
-** Default certificate database routines
-*/
-extern void CERT_SetDefaultCertDB(CERTCertDBHandle *handle);
-
-extern CERTCertDBHandle *CERT_GetDefaultCertDB(void);
-
-extern CERTCertList *CERT_GetCertChainFromCert(CERTCertificate *cert,
- int64 time,
- SECCertUsage usage);
-extern CERTCertificate *
-CERT_NewTempCertificate (CERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER);
-
-
-/******************************************************************************
- *
- * X.500 Name handling operations
- *
- *****************************************************************************/
-
-/*
-** Create an AVA (attribute-value-assertion)
-** "arena" the memory arena to alloc from
-** "kind" is one of SEC_OID_AVA_*
-** "valueType" is one of DER_PRINTABLE_STRING, DER_IA5_STRING, or
-** DER_T61_STRING
-** "value" is the null terminated string containing the value
-*/
-extern CERTAVA *CERT_CreateAVA
- (PRArenaPool *arena, SECOidTag kind, int valueType, char *value);
-
-/*
-** Extract the Distinguished Name from a DER encoded certificate
-** "derCert" is the DER encoded certificate
-** "derName" is the SECItem that the name is returned in
-*/
-extern SECStatus CERT_NameFromDERCert(SECItem *derCert, SECItem *derName);
-
-/*
-** Extract the Issuers Distinguished Name from a DER encoded certificate
-** "derCert" is the DER encoded certificate
-** "derName" is the SECItem that the name is returned in
-*/
-extern SECStatus CERT_IssuerNameFromDERCert(SECItem *derCert,
- SECItem *derName);
-
-
-
-/*
-** Generate a database search key for a certificate, based on the
-** issuer and serial number.
-** "arena" the memory arena to alloc from
-** "derCert" the DER encoded certificate
-** "key" the returned key
-*/
-extern SECStatus CERT_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-extern SECStatus CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer,
- SECItem *sn, SECItem *key);
-
-extern SECStatus CERT_SerialNumberFromDERCert(SECItem *derCert,
- SECItem *derName);
-
-
-/*
-** Generate a database search key for a crl, based on the
-** issuer.
-** "arena" the memory arena to alloc from
-** "derCrl" the DER encoded crl
-** "key" the returned key
-*/
-extern SECStatus CERT_KeyFromDERCrl(PRArenaPool *arena, SECItem *derCrl, SECItem *key);
-
-/*
-** Open the certificate database. Use callback to get name of database.
-*/
-extern SECStatus CERT_OpenCertDB(CERTCertDBHandle *handle, PRBool readOnly,
- CERTDBNameFunc namecb, void *cbarg);
-
-/* Open the certificate database. Use given filename for database. */
-extern SECStatus CERT_OpenCertDBFilename(CERTCertDBHandle *handle,
- char *certdbname, PRBool readOnly);
-
-/*
-** Open and initialize a cert database that is entirely in memory. This
-** can be used when the permanent database can not be opened or created.
-*/
-extern SECStatus CERT_OpenVolatileCertDB(CERTCertDBHandle *handle);
-
-/*
-** Check the hostname to make sure that it matches the shexp that
-** is given in the common name of the certificate.
-*/
-extern SECStatus CERT_VerifyCertName(CERTCertificate *cert, const char *hostname);
-
-/*
-** Add a domain name to the list of names that the user has explicitly
-** allowed (despite cert name mismatches) for use with a server cert.
-*/
-extern SECStatus CERT_AddOKDomainName(CERTCertificate *cert, const char *hostname);
-
-/*
-** Decode a DER encoded certificate into an CERTCertificate structure
-** "derSignedCert" is the DER encoded signed certificate
-** "copyDER" is true if the DER should be copied, false if the
-** existing copy should be referenced
-** "nickname" is the nickname to use in the database. If it is NULL
-** then a temporary nickname is generated.
-*/
-extern CERTCertificate *
-CERT_DecodeDERCertificate (SECItem *derSignedCert, PRBool copyDER, char *nickname);
-/*
-** Decode a DER encoded CRL/KRL into an CERTSignedCrl structure
-** "derSignedCrl" is the DER encoded signed crl/krl.
-** "type" is this a CRL or KRL.
-*/
-#define SEC_CRL_TYPE 1
-#define SEC_KRL_TYPE 0
-
-extern CERTSignedCrl *
-CERT_DecodeDERCrl (PRArenaPool *arena, SECItem *derSignedCrl,int type);
-
-/*
- * same as CERT_DecodeDERCrl, plus allow options to be passed in
- */
-
-extern CERTSignedCrl *
-CERT_DecodeDERCrlWithFlags(PRArenaPool *narena, SECItem *derSignedCrl,
- int type, PRInt32 options);
-
-/* CRL options to pass */
-
-#define CRL_DECODE_DEFAULT_OPTIONS 0x00000000
-
-/* when CRL_DECODE_DONT_COPY_DER is set, the DER is not copied . The
- application must then keep derSignedCrl until it destroys the
- CRL . Ideally, it should allocate derSignedCrl in an arena
- and pass that arena in as the first argument to
- CERT_DecodeDERCrlWithFlags */
-
-#define CRL_DECODE_DONT_COPY_DER 0x00000001
-#define CRL_DECODE_SKIP_ENTRIES 0x00000002
-#define CRL_DECODE_KEEP_BAD_CRL 0x00000004
-
-/* complete the decoding of a partially decoded CRL, ie. decode the
- entries. Note that entries is an optional field in a CRL, so the
- "entries" pointer in CERTCrlStr may still be NULL even after
- function returns SECSuccess */
-
-extern SECStatus CERT_CompleteCRLDecodeEntries(CERTSignedCrl* crl);
-
-/* Validate CRL then import it to the dbase. If there is already a CRL with the
- * same CA in the dbase, it will be replaced if derCRL is more up to date.
- * If the process successes, a CRL will be returned. Otherwise, a NULL will
- * be returned. The caller should call PORT_GetError() for the exactly error
- * code.
- */
-extern CERTSignedCrl *
-CERT_ImportCRL (CERTCertDBHandle *handle, SECItem *derCRL, char *url,
- int type, void * wincx);
-
-extern void CERT_DestroyCrl (CERTSignedCrl *crl);
-
-/* this is a hint to flush the CRL cache. crlKey is the DER subject of
- the issuer (CA). */
-void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey);
-
-/*
-** Decode a certificate and put it into the temporary certificate database
-*/
-extern CERTCertificate *
-CERT_DecodeCertificate (SECItem *derCert, char *nickname,PRBool copyDER);
-
-/*
-** Find a certificate in the database
-** "key" is the database key to look for
-*/
-extern CERTCertificate *CERT_FindCertByKey(CERTCertDBHandle *handle, SECItem *key);
-
-/*
-** Find a certificate in the database by name
-** "name" is the distinguished name to look up
-*/
-extern CERTCertificate *
-CERT_FindCertByName (CERTCertDBHandle *handle, SECItem *name);
-
-/*
-** Find a certificate in the database by name
-** "name" is the distinguished name to look up (in ascii)
-*/
-extern CERTCertificate *
-CERT_FindCertByNameString (CERTCertDBHandle *handle, char *name);
-
-/*
-** Find a certificate in the database by name and keyid
-** "name" is the distinguished name to look up
-** "keyID" is the value of the subjectKeyID to match
-*/
-extern CERTCertificate *
-CERT_FindCertByKeyID (CERTCertDBHandle *handle, SECItem *name, SECItem *keyID);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database. Return the cert if found.
-** "issuerAndSN" is the issuer and serial number to look for
-*/
-extern CERTCertificate *
-CERT_FindCertByIssuerAndSN (CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a subject key ID
-** "subjKeyID" is the subject Key ID to look for
-*/
-extern CERTCertificate *
-CERT_FindCertBySubjectKeyID (CERTCertDBHandle *handle, SECItem *subjKeyID);
-
-/*
-** Find a certificate in the database by a nickname
-** "nickname" is the ascii string nickname to look for
-*/
-extern CERTCertificate *
-CERT_FindCertByNickname (CERTCertDBHandle *handle, char *nickname);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-** "derCert" is the DER encoded certificate
-*/
-extern CERTCertificate *
-CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert);
-
-/*
-** Find a certificate in the database by a email address
-** "emailAddr" is the email address to look up
-*/
-CERTCertificate *
-CERT_FindCertByEmailAddr(CERTCertDBHandle *handle, char *emailAddr);
-
-/*
-** Find a certificate in the database by a email address or nickname
-** "name" is the email address or nickname to look up
-*/
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name);
-
-/*
-** Find a certificate in the database by a digest of a subject public key
-** "spkDigest" is the digest to look up
-*/
-extern CERTCertificate *
-CERT_FindCertBySPKDigest(CERTCertDBHandle *handle, SECItem *spkDigest);
-
-/*
- * Find the issuer of a cert
- */
-CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage);
-
-/*
-** Check the validity times of a certificate vs. time 't', allowing
-** some slop for broken clocks and stuff.
-** "cert" is the certificate to be checked
-** "t" is the time to check against
-** "allowOverride" if true then check to see if the invalidity has
-** been overridden by the user.
-*/
-extern SECCertTimeValidity CERT_CheckCertValidTimes(CERTCertificate *cert,
- PRTime t,
- PRBool allowOverride);
-
-/*
-** WARNING - this function is depricated, and will either go away or have
-** a new API in the near future.
-**
-** Check the validity times of a certificate vs. the current time, allowing
-** some slop for broken clocks and stuff.
-** "cert" is the certificate to be checked
-*/
-extern SECStatus CERT_CertTimesValid(CERTCertificate *cert);
-
-/*
-** Extract the validity times from a certificate
-** "c" is the certificate
-** "notBefore" is the start of the validity period
-** "notAfter" is the end of the validity period
-*/
-extern SECStatus
-CERT_GetCertTimes (CERTCertificate *c, PRTime *notBefore, PRTime *notAfter);
-
-/*
-** Extract the issuer and serial number from a certificate
-*/
-extern CERTIssuerAndSN *CERT_GetCertIssuerAndSN(PRArenaPool *,
- CERTCertificate *);
-
-/*
-** verify the signature of a signed data object with a given certificate
-** "sd" the signed data object to be verified
-** "cert" the certificate to use to check the signature
-*/
-extern SECStatus CERT_VerifySignedData(CERTSignedData *sd,
- CERTCertificate *cert,
- int64 t,
- void *wincx);
-/*
-** verify the signature of a signed data object with the given DER publickey
-*/
-extern SECStatus
-CERT_VerifySignedDataWithPublicKeyInfo(CERTSignedData *sd,
- CERTSubjectPublicKeyInfo *pubKeyInfo,
- void *wincx);
-
-/*
-** verify the signature of a signed data object with a SECKEYPublicKey.
-*/
-extern SECStatus
-CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd,
- SECKEYPublicKey *pubKey, void *wincx);
-
-/*
-** NEW FUNCTIONS with new bit-field-FIELD SECCertificateUsage - please use
-** verify a certificate by checking validity times against a certain time,
-** that we trust the issuer, and that the signature on the certificate is
-** valid.
-** "cert" the certificate to verify
-** "checkSig" only check signatures if true
-*/
-extern SECStatus
-CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertificateUsage requiredUsages,
- int64 t, void *wincx, CERTVerifyLog *log,
- SECCertificateUsage* returnedUsages);
-
-/* same as above, but uses current time */
-extern SECStatus
-CERT_VerifyCertificateNow(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertificateUsage requiredUsages,
- void *wincx, SECCertificateUsage* returnedUsages);
-
-/*
-** Verify that a CA cert can certify some (unspecified) leaf cert for a given
-** purpose. This is used by UI code to help identify where a chain may be
-** broken and why. This takes identical parameters to CERT_VerifyCert
-*/
-extern SECStatus
-CERT_VerifyCACertForUsage(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log);
-
-/*
-** OLD OBSOLETE FUNCTIONS with enum SECCertUsage - DO NOT USE FOR NEW CODE
-** verify a certificate by checking validity times against a certain time,
-** that we trust the issuer, and that the signature on the certificate is
-** valid.
-** "cert" the certificate to verify
-** "checkSig" only check signatures if true
-*/
-extern SECStatus
-CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log);
-
-/* same as above, but uses current time */
-extern SECStatus
-CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, void *wincx);
-
-SECStatus
-CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log);
-
-/*
-** This must only be called on a cert that is known to have an issuer
-** with an invalid time
-*/
-extern CERTCertificate *
-CERT_FindExpiredIssuer (CERTCertDBHandle *handle, CERTCertificate *cert);
-
-/*
-** Read a base64 ascii encoded DER certificate and convert it to our
-** internal format.
-** "certstr" is a null-terminated string containing the certificate
-*/
-extern CERTCertificate *CERT_ConvertAndDecodeCertificate(char *certstr);
-
-/*
-** Read a certificate in some foreign format, and convert it to our
-** internal format.
-** "certbuf" is the buffer containing the certificate
-** "certlen" is the length of the buffer
-** NOTE - currently supports netscape base64 ascii encoded raw certs
-** and netscape binary DER typed files.
-*/
-extern CERTCertificate *CERT_DecodeCertFromPackage(char *certbuf, int certlen);
-
-extern SECStatus
-CERT_ImportCAChain (SECItem *certs, int numcerts, SECCertUsage certUsage);
-
-extern SECStatus
-CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage);
-
-/*
-** Read a certificate chain in some foreign format, and pass it to a
-** callback function.
-** "certbuf" is the buffer containing the certificate
-** "certlen" is the length of the buffer
-** "f" is the callback function
-** "arg" is the callback argument
-*/
-typedef SECStatus (PR_CALLBACK *CERTImportCertificateFunc)
- (void *arg, SECItem **certs, int numcerts);
-
-extern SECStatus
-CERT_DecodeCertPackage(char *certbuf, int certlen, CERTImportCertificateFunc f,
- void *arg);
-
-/*
-** Pretty print a certificate in HTML
-** "cert" is the certificate to print
-** "showImages" controls whether or not to use about:security URLs
-** for subject and issuer images. This should only be true
-** in the browser.
-*/
-extern char *CERT_HTMLCertInfo(CERTCertificate *cert, PRBool showImages,
- PRBool showIssuer);
-
-/*
-** Returns the value of an AVA. This was a formerly static
-** function that has been exposed due to the need to decode
-** and convert unicode strings to UTF8.
-**
-** XXX This function resides in certhtml.c, should it be
-** moved elsewhere?
-*/
-extern SECItem *CERT_DecodeAVAValue(SECItem *derAVAValue);
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-CERTCertificate *
-CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname);
-
-
-
-/*
-** extract various element strings from a distinguished name.
-** "name" the distinguished name
-*/
-extern char *CERT_GetCommonName(CERTName *name);
-
-extern char *CERT_GetCertificateEmailAddress(CERTCertificate *cert);
-
-extern char *CERT_GetCertEmailAddress(CERTName *name);
-
-extern const char * CERT_GetFirstEmailAddress(CERTCertificate * cert);
-
-extern const char * CERT_GetNextEmailAddress(CERTCertificate * cert,
- const char * prev);
-
-extern char *CERT_GetCommonName(CERTName *name);
-
-extern char *CERT_GetCountryName(CERTName *name);
-
-extern char *CERT_GetLocalityName(CERTName *name);
-
-extern char *CERT_GetStateName(CERTName *name);
-
-extern char *CERT_GetOrgName(CERTName *name);
-
-extern char *CERT_GetOrgUnitName(CERTName *name);
-
-extern char *CERT_GetDomainComponentName(CERTName *name);
-
-extern char *CERT_GetCertUid(CERTName *name);
-
-/* manipulate the trust parameters of a certificate */
-
-extern SECStatus CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust);
-
-extern SECStatus
-CERT_ChangeCertTrust (CERTCertDBHandle *handle, CERTCertificate *cert,
- CERTCertTrust *trust);
-
-extern SECStatus
-CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb, CERTCertificate *cert,
- SECCertUsage usage);
-
-/*************************************************************************
- *
- * manipulate the extensions of a certificate
- *
- ************************************************************************/
-
-/*
-** Set up a cert for adding X509v3 extensions. Returns an opaque handle
-** used by the next two routines.
-** "cert" is the certificate we are adding extensions to
-*/
-extern void *CERT_StartCertExtensions(CERTCertificate *cert);
-
-/*
-** Add an extension to a certificate.
-** "exthandle" is the handle returned by the previous function
-** "idtag" is the integer tag for the OID that should ID this extension
-** "value" is the value of the extension
-** "critical" is the critical extension flag
-** "copyData" is a flag indicating whether the value data should be
-** copied.
-*/
-extern SECStatus CERT_AddExtension (void *exthandle, int idtag,
- SECItem *value, PRBool critical, PRBool copyData);
-
-extern SECStatus CERT_AddExtensionByOID (void *exthandle, SECItem *oid,
- SECItem *value, PRBool critical, PRBool copyData);
-
-extern SECStatus CERT_EncodeAndAddExtension
- (void *exthandle, int idtag, void *value, PRBool critical,
- const SEC_ASN1Template *atemplate);
-
-extern SECStatus CERT_EncodeAndAddBitStrExtension
- (void *exthandle, int idtag, SECItem *value, PRBool critical);
-
-
-extern SECStatus
-CERT_EncodeAltNameExtension(PRArenaPool *arena, CERTGeneralName *value, SECItem *encodedValue);
-
-
-/*
-** Finish adding cert extensions. Does final processing on extension
-** data, putting it in the right format, and freeing any temporary
-** storage.
-** "exthandle" is the handle used to add extensions to a certificate
-*/
-extern SECStatus CERT_FinishExtensions(void *exthandle);
-
-
-/* If the extension is found, return its criticality and value.
-** This allocate storage for the returning extension value.
-*/
-extern SECStatus CERT_GetExtenCriticality
- (CERTCertExtension **extensions, int tag, PRBool *isCritical);
-
-extern void
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq);
-
-/****************************************************************************
- *
- * DER encode and decode extension values
- *
- ****************************************************************************/
-
-/* Encode the value of the basicConstraint extension.
-** arena - where to allocate memory for the encoded value.
-** value - extension value to encode
-** encodedValue - output encoded value
-*/
-extern SECStatus CERT_EncodeBasicConstraintValue
- (PRArenaPool *arena, CERTBasicConstraints *value, SECItem *encodedValue);
-
-/*
-** Encode the value of the authorityKeyIdentifier extension.
-*/
-extern SECStatus CERT_EncodeAuthKeyID
- (PRArenaPool *arena, CERTAuthKeyID *value, SECItem *encodedValue);
-
-/*
-** Encode the value of the crlDistributionPoints extension.
-*/
-extern SECStatus CERT_EncodeCRLDistributionPoints
- (PRArenaPool *arena, CERTCrlDistributionPoints *value,SECItem *derValue);
-
-/*
-** Decodes a DER encoded basicConstaint extension value into a readable format
-** value - decoded value
-** encodedValue - value to decoded
-*/
-extern SECStatus CERT_DecodeBasicConstraintValue
- (CERTBasicConstraints *value, SECItem *encodedValue);
-
-/* Decodes a DER encoded authorityKeyIdentifier extension value into a
-** readable format.
-** arena - where to allocate memory for the decoded value
-** encodedValue - value to be decoded
-** Returns a CERTAuthKeyID structure which contains the decoded value
-*/
-extern CERTAuthKeyID *CERT_DecodeAuthKeyID
- (PRArenaPool *arena, SECItem *encodedValue);
-
-
-/* Decodes a DER encoded crlDistributionPoints extension value into a
-** readable format.
-** arena - where to allocate memory for the decoded value
-** der - value to be decoded
-** Returns a CERTCrlDistributionPoints structure which contains the
-** decoded value
-*/
-extern CERTCrlDistributionPoints * CERT_DecodeCRLDistributionPoints
- (PRArenaPool *arena, SECItem *der);
-
-/* Extract certain name type from a generalName */
-extern void *CERT_GetGeneralNameByType
- (CERTGeneralName *genNames, CERTGeneralNameType type, PRBool derFormat);
-
-
-extern CERTOidSequence *
-CERT_DecodeOidSequence(SECItem *seqItem);
-
-
-
-
-/****************************************************************************
- *
- * Find extension values of a certificate
- *
- ***************************************************************************/
-
-extern SECStatus CERT_FindCertExtension
- (CERTCertificate *cert, int tag, SECItem *value);
-
-extern SECStatus CERT_FindNSCertTypeExtension
- (CERTCertificate *cert, SECItem *value);
-
-extern char * CERT_FindNSStringExtension (CERTCertificate *cert, int oidtag);
-
-extern SECStatus CERT_FindIssuerCertExtension
- (CERTCertificate *cert, int tag, SECItem *value);
-
-extern SECStatus CERT_FindCertExtensionByOID
- (CERTCertificate *cert, SECItem *oid, SECItem *value);
-
-extern char *CERT_FindCertURLExtension (CERTCertificate *cert, int tag,
- int catag);
-
-/* Returns the decoded value of the authKeyID extension.
-** Note that this uses passed in the arena to allocate storage for the result
-*/
-extern CERTAuthKeyID * CERT_FindAuthKeyIDExten (PRArenaPool *arena,CERTCertificate *cert);
-
-/* Returns the decoded value of the basicConstraint extension.
- */
-extern SECStatus CERT_FindBasicConstraintExten
- (CERTCertificate *cert, CERTBasicConstraints *value);
-
-/* Returns the decoded value of the crlDistributionPoints extension.
-** Note that the arena in cert is used to allocate storage for the result
-*/
-extern CERTCrlDistributionPoints * CERT_FindCRLDistributionPoints
- (CERTCertificate *cert);
-
-/* Returns value of the keyUsage extension. This uses PR_Alloc to allocate
-** buffer for the decoded value, The caller should free up the storage
-** allocated in value->data.
-*/
-extern SECStatus CERT_FindKeyUsageExtension (CERTCertificate *cert,
- SECItem *value);
-
-/* Return the decoded value of the subjectKeyID extension. The caller should
-** free up the storage allocated in retItem->data.
-*/
-extern SECStatus CERT_FindSubjectKeyIDExtension (CERTCertificate *cert,
- SECItem *retItem);
-
-/*
-** If cert is a v3 certificate, and a critical keyUsage extension is included,
-** then check the usage against the extension value. If a non-critical
-** keyUsage extension is included, this will return SECSuccess without
-** checking, since the extension is an advisory field, not a restriction.
-** If cert is not a v3 certificate, this will return SECSuccess.
-** cert - certificate
-** usage - one of the x.509 v3 the Key Usage Extension flags
-*/
-extern SECStatus CERT_CheckCertUsage (CERTCertificate *cert,
- unsigned char usage);
-
-/****************************************************************************
- *
- * CRL v2 Extensions supported routines
- *
- ****************************************************************************/
-
-extern SECStatus CERT_FindCRLExtensionByOID
- (CERTCrl *crl, SECItem *oid, SECItem *value);
-
-extern SECStatus CERT_FindCRLExtension
- (CERTCrl *crl, int tag, SECItem *value);
-
-extern SECStatus
- CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value);
-
-extern void *CERT_StartCRLExtensions (CERTCrl *crl);
-
-extern CERTCertNicknames *CERT_GetCertNicknames (CERTCertDBHandle *handle,
- int what, void *wincx);
-
-/*
-** Finds the crlNumber extension and decodes its value into 'value'
-*/
-extern SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value);
-
-extern void CERT_FreeNicknames(CERTCertNicknames *nicknames);
-
-extern PRBool CERT_CompareCerts(CERTCertificate *c1, CERTCertificate *c2);
-
-extern PRBool CERT_CompareCertsForRedirection(CERTCertificate *c1,
- CERTCertificate *c2);
-
-/*
-** Generate an array of the Distinguished Names that the given cert database
-** "trusts"
-*/
-extern CERTDistNames *CERT_GetSSLCACerts(CERTCertDBHandle *handle);
-
-extern void CERT_FreeDistNames(CERTDistNames *names);
-
-/*
-** Generate an array of Distinguished names from an array of nicknames
-*/
-extern CERTDistNames *CERT_DistNamesFromNicknames
- (CERTCertDBHandle *handle, char **nicknames, int nnames);
-
-/*
-** Generate a certificate chain from a certificate.
-*/
-extern CERTCertificateList *
-CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool includeRoot);
-
-extern CERTCertificateList *
-CERT_CertListFromCert(CERTCertificate *cert);
-
-extern CERTCertificateList *
-CERT_DupCertList(CERTCertificateList * oldList);
-
-extern void CERT_DestroyCertificateList(CERTCertificateList *list);
-
-/*
-** is cert a user cert? i.e. does it have CERTDB_USER trust,
-** i.e. a private key?
-*/
-PRBool CERT_IsUserCert(CERTCertificate* cert);
-
-/* is cert a newer than cert b? */
-PRBool CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb);
-
-/* currently a stub for address book */
-PRBool
-CERT_IsCertRevoked(CERTCertificate *cert);
-
-void
-CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts);
-
-/* convert an email address to lower case */
-char *CERT_FixupEmailAddr(char *emailAddr);
-
-/* decode string representation of trust flags into trust struct */
-SECStatus
-CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts);
-
-/* encode trust struct into string representation of trust flags */
-char *
-CERT_EncodeTrustString(CERTCertTrust *trust);
-
-/* find the next or prev cert in a subject list */
-CERTCertificate *
-CERT_PrevSubjectCert(CERTCertificate *cert);
-CERTCertificate *
-CERT_NextSubjectCert(CERTCertificate *cert);
-
-/*
- * import a collection of certs into the temporary or permanent cert
- * database
- */
-SECStatus
-CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
- unsigned int ncerts, SECItem **derCerts,
- CERTCertificate ***retCerts, PRBool keepCerts,
- PRBool caOnly, char *nickname);
-
-SECStatus
-CERT_SaveImportedCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool caOnly, char *nickname);
-
-char *
-CERT_MakeCANickname(CERTCertificate *cert);
-
-PRBool
-CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype);
-
-PRBool
-CERT_IsCADERCert(SECItem *derCert, unsigned int *rettype);
-
-PRBool
-CERT_IsRootDERCert(SECItem *derCert);
-
-SECStatus
-CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
- SECItem *profileTime);
-
-/*
- * find the smime symmetric capabilities profile for a given cert
- */
-SECItem *
-CERT_FindSMimeProfile(CERTCertificate *cert);
-
-SECStatus
-CERT_AddNewCerts(CERTCertDBHandle *handle);
-
-CERTPackageType
-CERT_CertPackageType(SECItem *package, SECItem *certitem);
-
-CERTCertificatePolicies *
-CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue);
-
-void
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies);
-
-CERTUserNotice *
-CERT_DecodeUserNotice(SECItem *noticeItem);
-
-void
-CERT_DestroyUserNotice(CERTUserNotice *userNotice);
-
-typedef char * (* CERTPolicyStringCallback)(char *org,
- unsigned long noticeNumber,
- void *arg);
-void
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg);
-
-char *
-CERT_GetCertCommentString(CERTCertificate *cert);
-
-PRBool
-CERT_GovtApprovedBitSet(CERTCertificate *cert);
-
-SECStatus
-CERT_AddPermNickname(CERTCertificate *cert, char *nickname);
-
-/*
- * Given a cert, find the cert with the same subject name that
- * has the given key usage. If the given cert has the correct keyUsage, then
- * return it, otherwise search the list in order.
- */
-CERTCertificate *
-CERT_FindCertByUsage(CERTCertificate *basecert, unsigned int requiredKeyUsage);
-
-
-CERTCertList *
-CERT_MatchUserCert(CERTCertDBHandle *handle,
- SECCertUsage usage,
- int nCANames, char **caNames,
- void *proto_win);
-
-CERTCertList *
-CERT_NewCertList(void);
-
-void
-CERT_DestroyCertList(CERTCertList *certs);
-
-/* remove the node and free the cert */
-void
-CERT_RemoveCertListNode(CERTCertListNode *node);
-
-SECStatus
-CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert);
-
-SECStatus
-CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert);
-
-SECStatus
-CERT_AddCertToListTailWithData(CERTCertList *certs, CERTCertificate *cert,
- void *appData);
-
-SECStatus
-CERT_AddCertToListHeadWithData(CERTCertList *certs, CERTCertificate *cert,
- void *appData);
-
-typedef PRBool (* CERTSortCallback)(CERTCertificate *certa,
- CERTCertificate *certb,
- void *arg);
-SECStatus
-CERT_AddCertToListSorted(CERTCertList *certs, CERTCertificate *cert,
- CERTSortCallback f, void *arg);
-
-/* callback for CERT_AddCertToListSorted that sorts based on validity
- * period and a given time.
- */
-PRBool
-CERT_SortCBValidity(CERTCertificate *certa,
- CERTCertificate *certb,
- void *arg);
-
-SECStatus
-CERT_CheckForEvilCert(CERTCertificate *cert);
-
-CERTGeneralName *
-CERT_GetCertificateNames(CERTCertificate *cert, PRArenaPool *arena);
-
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-
-CERTCertificate *
-CERT_CompareNameSpace(CERTCertificate *cert,
- CERTGeneralName *namesList,
- SECItem *namesListIndex,
- PRArenaPool *arena,
- CERTCertDBHandle *handle);
-
-SECStatus
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue);
-
-char *
-CERT_GetNickName(CERTCertificate *cert, CERTCertDBHandle *handle, PRArenaPool *nicknameArena);
-
-/*
- * Creates or adds to a list of all certs with a give subject name, sorted by
- * validity time, newest first. Invalid certs are considered older than
- * valid certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- SECItem *name, int64 sorttime, PRBool validOnly);
-
-/*
- * Creates or adds to a list of all certs with a give nickname, sorted by
- * validity time, newest first. Invalid certs are considered older than valid
- * certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateNicknameCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- char *nickname, int64 sorttime, PRBool validOnly);
-
-/*
- * Creates or adds to a list of all certs with a give email addr, sorted by
- * validity time, newest first. Invalid certs are considered older than valid
- * certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateEmailAddrCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- char *emailAddr, int64 sorttime, PRBool validOnly);
-
-/*
- * remove certs from a list that don't have keyUsage and certType
- * that match the given usage.
- */
-SECStatus
-CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
- PRBool ca);
-
-/*
- * check the key usage of a cert against a set of required values
- */
-SECStatus
-CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage);
-
-/*
- * return required key usage and cert type based on cert usage
- */
-SECStatus
-CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
- PRBool ca,
- unsigned int *retKeyUsage,
- unsigned int *retCertType);
-/*
- * return required trust flags for various cert usages for CAs
- */
-SECStatus
-CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
- unsigned int *retFlags,
- SECTrustType *retTrustType);
-
-/*
- * Find all user certificates that match the given criteria.
- *
- * "handle" - database to search
- * "usage" - certificate usage to match
- * "oneCertPerName" - if set then only return the "best" cert per
- * name
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertList *
-CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
- SECCertUsage usage,
- PRBool oneCertPerName,
- PRBool validOnly,
- void *proto_win);
-
-/*
- * Find a user certificate that matchs the given criteria.
- *
- * "handle" - database to search
- * "nickname" - nickname to match
- * "usage" - certificate usage to match
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertificate *
-CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
- char *nickname,
- SECCertUsage usage,
- PRBool validOnly,
- void *proto_win);
-
-/*
- * Filter a list of certificates, removing those certs that do not have
- * one of the named CA certs somewhere in their cert chain.
- *
- * "certList" - the list of certificates to filter
- * "nCANames" - number of CA names
- * "caNames" - array of CA names in string(rfc 1485) form
- * "usage" - what use the certs are for, this is used when
- * selecting CA certs
- */
-SECStatus
-CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
- char **caNames, SECCertUsage usage);
-
-/*
- * Filter a list of certificates, removing those certs that aren't user certs
- */
-SECStatus
-CERT_FilterCertListForUserCerts(CERTCertList *certList);
-
-/*
- * Collect the nicknames from all certs in a CertList. If the cert is not
- * valid, append a string to that nickname.
- *
- * "certList" - the list of certificates
- * "expiredString" - the string to append to the nickname of any expired cert
- * "notYetGoodString" - the string to append to the nickname of any cert
- * that is not yet valid
- */
-CERTCertNicknames *
-CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
- char *notYetGoodString);
-
-/*
- * Extract the nickname from a nickmake string that may have either
- * expiredString or notYetGoodString appended.
- *
- * Args:
- * "namestring" - the string containing the nickname, and possibly
- * one of the validity label strings
- * "expiredString" - the expired validity label string
- * "notYetGoodString" - the not yet good validity label string
- *
- * Returns the raw nickname
- */
-char *
-CERT_ExtractNicknameString(char *namestring, char *expiredString,
- char *notYetGoodString);
-
-/*
- * Given a certificate, return a string containing the nickname, and possibly
- * one of the validity strings, based on the current validity state of the
- * certificate.
- *
- * "arena" - arena to allocate returned string from. If NULL, then heap
- * is used.
- * "cert" - the cert to get nickname from
- * "expiredString" - the string to append to the nickname if the cert is
- * expired.
- * "notYetGoodString" - the string to append to the nickname if the cert is
- * not yet good.
- */
-char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
- char *expiredString, char *notYetGoodString);
-
-/*
- * Return the string representation of a DER encoded distinguished name
- * "dername" - The DER encoded name to convert
- */
-char *
-CERT_DerNameToAscii(SECItem *dername);
-
-/*
- * Supported usage values and types:
- * certUsageSSLClient
- * certUsageSSLServer
- * certUsageSSLServerWithStepUp
- * certUsageEmailSigner
- * certUsageEmailRecipient
- * certUsageObjectSigner
- */
-
-CERTCertificate *
-CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
- CERTCertOwner owner, SECCertUsage usage,
- PRBool preferTrusted, int64 validTime, PRBool validOnly);
-
-
-/*********************************************************************/
-/* A thread safe implementation of General Names */
-/*********************************************************************/
-
-/* Destroy a Single CERTGeneralName */
-void
-CERT_DestroyGeneralName(CERTGeneralName *name);
-
-/* Destroys a CERTGeneralNameList */
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
-
-/* Creates a CERTGeneralNameList */
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name);
-
-/* Compares two CERTGeneralNameList */
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b);
-
-/* returns a copy of the first name of the type requested */
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- PRArenaPool *arena);
-
-/* Adds a name to the tail of the list */
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- void *data, SECItem *oid);
-
-/* returns a duplicate of the CERTGeneralNameList */
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list);
-
-/* returns the length of a CERTGeneralName */
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-
-/*
- * Acquire the global lock on the cert database.
- * This lock is currently used for the following operations:
- * adding or deleting a cert to either the temp or perm databases
- * converting a temp to perm or perm to temp
- * changing(maybe just adding?) the trust of a cert
- * adjusting the reference count of a cert
- */
-void
-CERT_LockDB(CERTCertDBHandle *handle);
-
-/*
- * Free the global cert database lock.
- */
-void
-CERT_UnlockDB(CERTCertDBHandle *handle);
-
-/*
- * Get the certificate status checking configuratino data for
- * the certificate database
- */
-CERTStatusConfig *
-CERT_GetStatusConfig(CERTCertDBHandle *handle);
-
-/*
- * Set the certificate status checking information for the
- * database. The input structure becomes part of the certificate
- * database and will be freed by calling the 'Destroy' function in
- * the configuration object.
- */
-void
-CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *config);
-
-
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertRefCount(CERTCertificate *cert);
-
-/*
- * Free the cert reference count lock
- */
-void
-CERT_UnlockCertRefCount(CERTCertificate *cert);
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertTrust(CERTCertificate *cert);
-
-/*
- * Free the cert trust lock
- */
-void
-CERT_UnlockCertTrust(CERTCertificate *cert);
-
-/*
- * Digest the cert's subject public key using the specified algorithm.
- * The necessary storage for the digest data is allocated. If "fill" is
- * non-null, the data is put there, otherwise a SECItem is allocated.
- * Allocation from "arena" if it is non-null, heap otherwise. Any problem
- * results in a NULL being returned (and an appropriate error set).
- */
-extern SECItem *
-CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert,
- SECOidTag digestAlg, SECItem *fill);
-
-/*
- * fill in nsCertType field of the cert based on the cert extension
- */
-extern SECStatus cert_GetCertType(CERTCertificate *cert);
-
-
-SECStatus CERT_CheckCRL(CERTCertificate* cert, CERTCertificate* issuer,
- SECItem* dp, int64 t, void* wincx);
-
-
-SEC_END_PROTOS
-
-#endif /* _CERT_H_ */
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
deleted file mode 100644
index 76c13e2de..000000000
--- a/security/nss/lib/certdb/certdb.c
+++ /dev/null
@@ -1,2918 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate handling code
- *
- * $Id$
- */
-
-#include "nssilock.h"
-#include "prmon.h"
-#include "prtime.h"
-#include "cert.h"
-#include "certi.h"
-#include "secder.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "genname.h"
-#include "keyhi.h"
-#include "secitem.h"
-#include "mcom_db.h"
-#include "certdb.h"
-#include "prprf.h"
-#include "sechash.h"
-#include "prlong.h"
-#include "certxutl.h"
-#include "portreg.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "nsslocks.h"
-#include "pk11func.h"
-#include "xconst.h" /* for CERT_DecodeAltNameExtension */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "pki.h"
-#include "pki3hack.h"
-
-/*
- * Certificate database handling code
- */
-
-
-const SEC_ASN1Template CERT_CertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertExtension) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTCertExtension,id) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(CERTCertExtension,critical) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTCertExtension,value) },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CERT_CertExtensionTemplate }
-};
-
-const SEC_ASN1Template CERT_CertificateTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertificate) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, /* XXX DER_DEFAULT */
- offsetof(CERTCertificate,version),
- SEC_IntegerTemplate },
- { SEC_ASN1_INTEGER,
- offsetof(CERTCertificate,serialNumber) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,signature),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,derIssuer) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,issuer),
- CERT_NameTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,validity),
- CERT_ValidityTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,derSubject) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,subject),
- CERT_NameTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,derPublicKey) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,subjectPublicKeyInfo),
- CERT_SubjectPublicKeyInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTCertificate,issuerID),
- SEC_ObjectIDTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(CERTCertificate,subjectID),
- SEC_ObjectIDTemplate },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 3,
- offsetof(CERTCertificate,extensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_SignedCertificateTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertificate) },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- 0, CERT_CertificateTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTCertificate,signatureWrap.signature) },
- { 0 }
-};
-
-/*
- * Find the subjectName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertSubjectTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_SKIP }, /* serial number */
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_SKIP }, /* issuer */
- { SEC_ASN1_SKIP }, /* validity */
- { SEC_ASN1_ANY, 0, NULL }, /* subject */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-/*
- * Find the issuerName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertIssuerTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_SKIP }, /* serial number */
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_ANY, 0, NULL }, /* issuer */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-/*
- * Find the subjectName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertSerialNumberTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_ANY, 0, NULL }, /* serial number */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-/*
- * Find the issuer and serialNumber in a DER encoded certificate.
- * This data is used as the database lookup key since its the unique
- * identifier of a certificate.
- */
-const SEC_ASN1Template CERT_CertKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertKey) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_INTEGER,
- offsetof(CERTCertKey,serialNumber) },
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_ANY,
- offsetof(CERTCertKey,derIssuer) },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SignedCertificateTemplate)
-
-SECStatus
-CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn,
- SECItem *key)
-{
- key->len = sn->len + issuer->len;
-
- if ((sn->data == NULL) || (issuer->data == NULL)) {
- goto loser;
- }
-
- key->data = (unsigned char*)PORT_ArenaAlloc(arena, key->len);
- if ( !key->data ) {
- goto loser;
- }
-
- /* copy the serialNumber */
- PORT_Memcpy(key->data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-
-/*
- * Extract the subject name from a DER certificate
- */
-SECStatus
-CERT_NameFromDERCert(SECItem *derCert, SECItem *derName)
-{
- int rv;
- PRArenaPool *arena;
- CERTSignedData sd;
- void *tmpptr;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(derName, 0, sizeof(SECItem));
- rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertSubjectTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- tmpptr = derName->data;
- derName->data = (unsigned char*)PORT_Alloc(derName->len);
- if ( derName->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(derName->data, tmpptr, derName->len);
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(SECFailure);
-}
-
-SECStatus
-CERT_IssuerNameFromDERCert(SECItem *derCert, SECItem *derName)
-{
- int rv;
- PRArenaPool *arena;
- CERTSignedData sd;
- void *tmpptr;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(derName, 0, sizeof(SECItem));
- rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertIssuerTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- tmpptr = derName->data;
- derName->data = (unsigned char*)PORT_Alloc(derName->len);
- if ( derName->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(derName->data, tmpptr, derName->len);
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(SECFailure);
-}
-
-SECStatus
-CERT_SerialNumberFromDERCert(SECItem *derCert, SECItem *derName)
-{
- int rv;
- PRArenaPool *arena;
- CERTSignedData sd;
- void *tmpptr;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(derName, 0, sizeof(SECItem));
- rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertSerialNumberTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- tmpptr = derName->data;
- derName->data = (unsigned char*)PORT_Alloc(derName->len);
- if ( derName->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(derName->data, tmpptr, derName->len);
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(SECFailure);
-}
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-CERT_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
- int rv;
- CERTSignedData sd;
- CERTCertKey certkey;
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(&certkey, 0, sizeof(CERTCertKey));
- rv = SEC_ASN1DecodeItem(arena, &certkey, CERT_CertKeyTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- return(CERT_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
- &certkey.serialNumber, key));
-loser:
- return(SECFailure);
-}
-
-/*
- * fill in keyUsage field of the cert based on the cert extension
- * if the extension is not critical, then we allow all uses
- */
-static SECStatus
-GetKeyUsage(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem tmpitem;
-
- rv = CERT_FindKeyUsageExtension(cert, &tmpitem);
- if ( rv == SECSuccess ) {
- /* remember the actual value of the extension */
- cert->rawKeyUsage = tmpitem.data[0];
- cert->keyUsagePresent = PR_TRUE;
- cert->keyUsage = tmpitem.data[0];
-
- PORT_Free(tmpitem.data);
- tmpitem.data = NULL;
-
- } else {
- /* if the extension is not present, then we allow all uses */
- cert->keyUsage = KU_ALL;
- cert->rawKeyUsage = KU_ALL;
- cert->keyUsagePresent = PR_FALSE;
- }
-
- if ( CERT_GovtApprovedBitSet(cert) ) {
- cert->keyUsage |= KU_NS_GOVT_APPROVED;
- cert->rawKeyUsage |= KU_NS_GOVT_APPROVED;
- }
-
- return(SECSuccess);
-}
-
-
-/*
- * determine if a fortezza V1 Cert is a CA or not.
- */
-static PRBool
-fortezzaIsCA( CERTCertificate *cert) {
- PRBool isCA = PR_FALSE;
- CERTSubjectPublicKeyInfo *spki = &cert->subjectPublicKeyInfo;
- int tag;
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- if ((tag == SEC_OID_MISSI_KEA_DSS_OLD) ||
- (tag == SEC_OID_MISSI_KEA_DSS) ||
- (tag == SEC_OID_MISSI_DSS_OLD) ||
- (tag == SEC_OID_MISSI_DSS) ) {
- SECItem rawkey;
- unsigned char *rawptr;
- unsigned char *end;
- int len;
-
- rawkey = spki->subjectPublicKey;
- DER_ConvertBitString(&rawkey);
- rawptr = rawkey.data;
- end = rawkey.data + rawkey.len;
-
- /* version */
- rawptr += sizeof(((SECKEYPublicKey*)0)->u.fortezza.KMID)+2;
-
- /* clearance (the string up to the first byte with the hi-bit on */
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return PR_FALSE; }
-
- /* KEAPrivilege (the string up to the first byte with the hi-bit on */
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return PR_FALSE; }
-
- /* skip the key */
- len = (*rawptr << 8) | rawptr[1];
- rawptr += 2 + len;
-
- /* shared key */
- if (rawptr >= end) { return PR_FALSE; }
- /* DSS Version is next */
- rawptr += 2;
-
- /* DSSPrivilege (the string up to the first byte with the hi-bit on */
- if (*rawptr & 0x30) isCA = PR_TRUE;
-
- }
- return isCA;
-}
-
-static SECStatus
-findOIDinOIDSeqByTagNum(CERTOidSequence *seq, SECOidTag tagnum)
-{
- SECItem **oids;
- SECItem *oid;
- SECStatus rv = SECFailure;
-
- if (seq != NULL) {
- oids = seq->oids;
- while (oids != NULL && *oids != NULL) {
- oid = *oids;
- if (SECOID_FindOIDTag(oid) == tagnum) {
- rv = SECSuccess;
- break;
- }
- oids++;
- }
- }
- return rv;
-}
-
-/*
- * fill in nsCertType field of the cert based on the cert extension
- */
-SECStatus
-cert_GetCertType(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem tmpitem;
- SECItem encodedExtKeyUsage;
- CERTOidSequence *extKeyUsage = NULL;
- PRBool basicConstraintPresent = PR_FALSE;
- CERTBasicConstraints basicConstraint;
- unsigned int nsCertType = 0;
-
- if (cert->nsCertType) {
- /* once set, no need to recalculate */
- return SECSuccess;
- }
-
- tmpitem.data = NULL;
- CERT_FindNSCertTypeExtension(cert, &tmpitem);
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE,
- &encodedExtKeyUsage);
- if (rv == SECSuccess) {
- extKeyUsage = CERT_DecodeOidSequence(&encodedExtKeyUsage);
- }
- rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
- if (rv == SECSuccess) {
- basicConstraintPresent = PR_TRUE;
- }
- if (tmpitem.data != NULL || extKeyUsage != NULL) {
- if (tmpitem.data == NULL) {
- nsCertType = 0;
- } else {
- nsCertType = tmpitem.data[0];
- }
-
- /* free tmpitem data pointer to avoid memory leak */
- PORT_Free(tmpitem.data);
- tmpitem.data = NULL;
-
- /*
- * for this release, we will allow SSL certs with an email address
- * to be used for email
- */
- if ( ( nsCertType & NS_CERT_TYPE_SSL_CLIENT ) &&
- cert->emailAddr ) {
- nsCertType |= NS_CERT_TYPE_EMAIL;
- }
- /*
- * for this release, we will allow SSL intermediate CAs to be
- * email intermediate CAs too.
- */
- if ( nsCertType & NS_CERT_TYPE_SSL_CA ) {
- nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- }
- /*
- * allow a cert with the extended key usage of EMail Protect
- * to be used for email or as an email CA, if basic constraints
- * indicates that it is a CA.
- */
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT) ==
- SECSuccess) {
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- } else {
- nsCertType |= NS_CERT_TYPE_EMAIL;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_SERVER_AUTH) ==
- SECSuccess){
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- nsCertType |= NS_CERT_TYPE_SSL_CA;
- } else {
- nsCertType |= NS_CERT_TYPE_SSL_SERVER;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH) ==
- SECSuccess){
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- nsCertType |= NS_CERT_TYPE_SSL_CA;
- } else {
- nsCertType |= NS_CERT_TYPE_SSL_CLIENT;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_CODE_SIGN) ==
- SECSuccess) {
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
- } else {
- nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_TIME_STAMP) ==
- SECSuccess) {
- nsCertType |= EXT_KEY_USAGE_TIME_STAMP;
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_OCSP_RESPONDER) ==
- SECSuccess) {
- nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
- }
- } else {
- /* if no extension, then allow any ssl or email (no ca or object
- * signing)
- */
- nsCertType = NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER |
- NS_CERT_TYPE_EMAIL;
-
- /* if the basic constraint extension says the cert is a CA, then
- allow SSL CA and EMAIL CA and Status Responder */
- if ((basicConstraintPresent == PR_TRUE)
- && (basicConstraint.isCA)) {
- nsCertType |= NS_CERT_TYPE_SSL_CA;
- nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
- } else if (CERT_IsCACert(cert, NULL) == PR_TRUE) {
- nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
- }
-
- /* if the cert is a fortezza CA cert, then allow SSL CA and EMAIL CA */
- if (fortezzaIsCA(cert)) {
- nsCertType |= NS_CERT_TYPE_SSL_CA;
- nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- }
- }
-
- if (extKeyUsage != NULL) {
- PORT_Free(encodedExtKeyUsage.data);
- CERT_DestroyOidSequence(extKeyUsage);
- }
- PR_AtomicSet(&cert->nsCertType, nsCertType);
- return(SECSuccess);
-}
-
-/*
- * cert_GetKeyID() - extract or generate the subjectKeyID from a certificate
- */
-SECStatus
-cert_GetKeyID(CERTCertificate *cert)
-{
- SECItem tmpitem;
- SECStatus rv;
- SECKEYPublicKey *key;
-
- cert->subjectKeyID.len = 0;
-
- /* see of the cert has a key identifier extension */
- rv = CERT_FindSubjectKeyIDExtension(cert, &tmpitem);
- if ( rv == SECSuccess ) {
- cert->subjectKeyID.data = (unsigned char*) PORT_ArenaAlloc(cert->arena, tmpitem.len);
- if ( cert->subjectKeyID.data != NULL ) {
- PORT_Memcpy(cert->subjectKeyID.data, tmpitem.data, tmpitem.len);
- cert->subjectKeyID.len = tmpitem.len;
- cert->keyIDGenerated = PR_FALSE;
- }
-
- PORT_Free(tmpitem.data);
- }
-
- /* if the cert doesn't have a key identifier extension and the cert is
- * a V1 fortezza certificate, use the cert's 8 byte KMID as the
- * key identifier. */
- key = CERT_KMIDPublicKey(cert);
-
- if (key != NULL) {
-
- if (key->keyType == fortezzaKey) {
-
- cert->subjectKeyID.data = (unsigned char *)PORT_ArenaAlloc(cert->arena, 8);
- if ( cert->subjectKeyID.data != NULL ) {
- PORT_Memcpy(cert->subjectKeyID.data, key->u.fortezza.KMID, 8);
- cert->subjectKeyID.len = 8;
- cert->keyIDGenerated = PR_FALSE;
- }
- }
-
- SECKEY_DestroyPublicKey(key);
- }
-
- /* if the cert doesn't have a key identifier extension, then generate one*/
- if ( cert->subjectKeyID.len == 0 ) {
- /*
- * pkix says that if the subjectKeyID is not present, then we should
- * use the SHA-1 hash of the DER-encoded publicKeyInfo from the cert
- */
- cert->subjectKeyID.data = (unsigned char *)PORT_ArenaAlloc(cert->arena, SHA1_LENGTH);
- if ( cert->subjectKeyID.data != NULL ) {
- rv = PK11_HashBuf(SEC_OID_SHA1,cert->subjectKeyID.data,
- cert->derPublicKey.data,
- cert->derPublicKey.len);
- if ( rv == SECSuccess ) {
- cert->subjectKeyID.len = SHA1_LENGTH;
- }
- }
- }
-
- if ( cert->subjectKeyID.len == 0 ) {
- return(SECFailure);
- }
- return(SECSuccess);
-
-}
-
-static PRBool
-cert_IsRootCert(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem tmpitem;
-
- /* cache the authKeyID extension, if present */
- cert->authKeyID = CERT_FindAuthKeyIDExten(cert->arena, cert);
-
- /* it MUST be self-issued to be a root */
- if (cert->derIssuer.len == 0 ||
- !SECITEM_ItemsAreEqual(&cert->derIssuer, &cert->derSubject))
- {
- return PR_FALSE;
- }
-
- /* check the authKeyID extension */
- if (cert->authKeyID) {
- /* authority key identifier is present */
- if (cert->authKeyID->keyID.len > 0) {
- /* the keyIdentifier field is set, look for subjectKeyID */
- rv = CERT_FindSubjectKeyIDExtension(cert, &tmpitem);
- if (rv == SECSuccess) {
- PRBool match;
- /* also present, they MUST match for it to be a root */
- match = SECITEM_ItemsAreEqual(&cert->authKeyID->keyID,
- &tmpitem);
- PORT_Free(tmpitem.data);
- if (!match) return PR_FALSE; /* else fall through */
- } else {
- /* the subject key ID is required when AKI is present */
- return PR_FALSE;
- }
- }
- if (cert->authKeyID->authCertIssuer) {
- SECItem *caName;
- caName = (SECItem *)CERT_GetGeneralNameByType(
- cert->authKeyID->authCertIssuer,
- certDirectoryName, PR_TRUE);
- if (caName) {
- if (!SECITEM_ItemsAreEqual(&cert->derIssuer, caName)) {
- return PR_FALSE;
- } /* else fall through */
- } /* else ??? could not get general name as directory name? */
- }
- if (cert->authKeyID->authCertSerialNumber.len > 0) {
- if (!SECITEM_ItemsAreEqual(&cert->serialNumber,
- &cert->authKeyID->authCertSerialNumber)) {
- return PR_FALSE;
- } /* else fall through */
- }
- /* all of the AKI fields that were present passed the test */
- return PR_TRUE;
- }
- /* else the AKI was not present, so this is a root */
- return PR_TRUE;
-}
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-CERTCertificate *
-CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname)
-{
- CERTCertificate *cert;
- PRArenaPool *arena;
- void *data;
- int rv;
- int len;
- char *tmpname;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return 0;
- }
-
- /* allocate the certificate structure */
- cert = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-
- if ( !cert ) {
- goto loser;
- }
-
- cert->arena = arena;
-
- if ( copyDER ) {
- /* copy the DER data for the cert into this arena */
- data = (void *)PORT_ArenaAlloc(arena, derSignedCert->len);
- if ( !data ) {
- goto loser;
- }
- cert->derCert.data = (unsigned char *)data;
- cert->derCert.len = derSignedCert->len;
- PORT_Memcpy(data, derSignedCert->data, derSignedCert->len);
- } else {
- /* point to passed in DER data */
- cert->derCert = *derSignedCert;
- }
-
- /* decode the certificate info */
- rv = SEC_QuickDERDecodeItem(arena, cert, SEC_SignedCertificateTemplate,
- &cert->derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- if (cert_HasUnknownCriticalExten (cert->extensions) == PR_TRUE) {
- PORT_SetError(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- goto loser;
- }
-
- /* generate and save the database key for the cert */
- rv = CERT_KeyFromIssuerAndSN(arena, &cert->derIssuer, &cert->serialNumber,
- &cert->certKey);
- if ( rv ) {
- goto loser;
- }
-
- /* set the nickname */
- if ( nickname == NULL ) {
- cert->nickname = NULL;
- } else {
- /* copy and install the nickname */
- len = PORT_Strlen(nickname) + 1;
- cert->nickname = (char*)PORT_ArenaAlloc(arena, len);
- if ( cert->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(cert->nickname, nickname, len);
- }
-
- /* set the email address */
- cert->emailAddr = cert_GetCertificateEmailAddresses(cert);
-
- /* initialize the subjectKeyID */
- rv = cert_GetKeyID(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize keyUsage */
- rv = GetKeyUsage(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize the certType */
- rv = cert_GetCertType(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* determine if this is a root cert */
- cert->isRoot = cert_IsRootCert(cert);
-
- tmpname = CERT_NameToAscii(&cert->subject);
- if ( tmpname != NULL ) {
- cert->subjectName = PORT_ArenaStrdup(cert->arena, tmpname);
- PORT_Free(tmpname);
- }
-
- tmpname = CERT_NameToAscii(&cert->issuer);
- if ( tmpname != NULL ) {
- cert->issuerName = PORT_ArenaStrdup(cert->arena, tmpname);
- PORT_Free(tmpname);
- }
-
- cert->referenceCount = 1;
- cert->slot = NULL;
- cert->pkcs11ID = CK_INVALID_HANDLE;
- cert->dbnickname = NULL;
-
- return(cert);
-
-loser:
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(0);
-}
-
-CERTCertificate *
-__CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname)
-{
- return CERT_DecodeDERCertificate(derSignedCert, copyDER, nickname);
-}
-
-
-/*
-** Amount of time that a certifiate is allowed good before it is actually
-** good. This is used for pending certificates, ones that are about to be
-** valid. The slop is designed to allow for some variance in the clocks
-** of the machine checking the certificate.
-*/
-#define PENDING_SLOP (24L*60L*60L) /* seconds per day */
-static PRInt32 pendingSlop = PENDING_SLOP; /* seconds */
-
-PRInt32
-CERT_GetSlopTime(void)
-{
- return pendingSlop; /* seconds */
-}
-
-SECStatus
-CERT_SetSlopTime(PRInt32 slop) /* seconds */
-{
- if (slop < 0)
- return SECFailure;
- pendingSlop = slop;
- return SECSuccess;
-}
-
-SECStatus
-CERT_GetCertTimes(CERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
- int rv;
-
- /* convert DER not-before time */
- rv = DER_UTCTimeToTime(notBefore, &c->validity.notBefore);
- if (rv) {
- return(SECFailure);
- }
-
- /* convert DER not-after time */
- rv = DER_UTCTimeToTime(notAfter, &c->validity.notAfter);
- if (rv) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * Check the validity times of a certificate
- */
-SECCertTimeValidity
-CERT_CheckCertValidTimes(CERTCertificate *c, PRTime t, PRBool allowOverride)
-{
- PRTime notBefore, notAfter, llPendingSlop, tmp1;
- SECStatus rv;
-
- /* if cert is already marked OK, then don't bother to check */
- if ( allowOverride && c->timeOK ) {
- return(secCertTimeValid);
- }
-
- rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
-
- if (rv) {
- return(secCertTimeExpired); /*XXX is this the right thing to do here?*/
- }
-
- LL_I2L(llPendingSlop, pendingSlop);
- /* convert to micro seconds */
- LL_UI2L(tmp1, PR_USEC_PER_SEC);
- LL_MUL(llPendingSlop, llPendingSlop, tmp1);
- LL_SUB(notBefore, notBefore, llPendingSlop);
- if ( LL_CMP( t, <, notBefore ) ) {
- PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
- return(secCertTimeNotValidYet);
- }
- if ( LL_CMP( t, >, notAfter) ) {
- PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
- return(secCertTimeExpired);
- }
-
- return(secCertTimeValid);
-}
-
-SECStatus
-SEC_GetCrlTimes(CERTCrl *date, PRTime *notBefore, PRTime *notAfter)
-{
- int rv;
-
- /* convert DER not-before time */
- rv = DER_UTCTimeToTime(notBefore, &date->lastUpdate);
- if (rv) {
- return(SECFailure);
- }
-
- /* convert DER not-after time */
- if (date->nextUpdate.data) {
- rv = DER_UTCTimeToTime(notAfter, &date->nextUpdate);
- if (rv) {
- return(SECFailure);
- }
- }
- else {
- LL_I2L(*notAfter, 0L);
- }
- return(SECSuccess);
-}
-
-/* These routines should probably be combined with the cert
- * routines using an common extraction routine.
- */
-SECCertTimeValidity
-SEC_CheckCrlTimes(CERTCrl *crl, PRTime t) {
- PRTime notBefore, notAfter, llPendingSlop, tmp1;
- SECStatus rv;
-
- rv = SEC_GetCrlTimes(crl, &notBefore, &notAfter);
-
- if (rv) {
- return(secCertTimeExpired);
- }
-
- LL_I2L(llPendingSlop, pendingSlop);
- /* convert to micro seconds */
- LL_I2L(tmp1, PR_USEC_PER_SEC);
- LL_MUL(llPendingSlop, llPendingSlop, tmp1);
- LL_SUB(notBefore, notBefore, llPendingSlop);
- if ( LL_CMP( t, <, notBefore ) ) {
- return(secCertTimeNotValidYet);
- }
-
- /* If next update is omitted and the test for notBefore passes, then
- we assume that the crl is up to date.
- */
- if ( LL_IS_ZERO(notAfter) ) {
- return(secCertTimeValid);
- }
-
- if ( LL_CMP( t, >, notAfter) ) {
- return(secCertTimeExpired);
- }
-
- return(secCertTimeValid);
-}
-
-PRBool
-SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old) {
- PRTime newNotBefore, newNotAfter;
- PRTime oldNotBefore, oldNotAfter;
- SECStatus rv;
-
- /* problems with the new CRL? reject it */
- rv = SEC_GetCrlTimes(inNew, &newNotBefore, &newNotAfter);
- if (rv) return PR_FALSE;
-
- /* problems with the old CRL? replace it */
- rv = SEC_GetCrlTimes(old, &oldNotBefore, &oldNotAfter);
- if (rv) return PR_TRUE;
-
- /* Question: what about the notAfter's? */
- return ((PRBool)LL_CMP(oldNotBefore, <, newNotBefore));
-}
-
-/*
- * return required key usage and cert type based on cert usage
- */
-SECStatus
-CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
- PRBool ca,
- unsigned int *retKeyUsage,
- unsigned int *retCertType)
-{
- unsigned int requiredKeyUsage = 0;
- unsigned int requiredCertType = 0;
-
- if ( ca ) {
- switch ( usage ) {
- case certUsageSSLServerWithStepUp:
- requiredKeyUsage = KU_NS_GOVT_APPROVED | KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageSSLClient:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageSSLServer:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageSSLCA:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageEmailSigner:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_EMAIL_CA;
- break;
- case certUsageEmailRecipient:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_EMAIL_CA;
- break;
- case certUsageObjectSigner:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA;
- break;
- case certUsageAnyCA:
- case certUsageStatusResponder:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA |
- NS_CERT_TYPE_EMAIL_CA |
- NS_CERT_TYPE_SSL_CA;
- break;
- default:
- PORT_Assert(0);
- goto loser;
- }
- } else {
- switch ( usage ) {
- case certUsageSSLClient:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = NS_CERT_TYPE_SSL_CLIENT;
- break;
- case certUsageSSLServer:
- requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
- requiredCertType = NS_CERT_TYPE_SSL_SERVER;
- break;
- case certUsageSSLServerWithStepUp:
- requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT |
- KU_NS_GOVT_APPROVED;
- requiredCertType = NS_CERT_TYPE_SSL_SERVER;
- break;
- case certUsageSSLCA:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageEmailSigner:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = NS_CERT_TYPE_EMAIL;
- break;
- case certUsageEmailRecipient:
- requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
- requiredCertType = NS_CERT_TYPE_EMAIL;
- break;
- case certUsageObjectSigner:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING;
- break;
- case certUsageStatusResponder:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = EXT_KEY_USAGE_STATUS_RESPONDER;
- break;
- default:
- PORT_Assert(0);
- goto loser;
- }
- }
-
- if ( retKeyUsage != NULL ) {
- *retKeyUsage = requiredKeyUsage;
- }
- if ( retCertType != NULL ) {
- *retCertType = requiredCertType;
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-/*
- * check the key usage of a cert against a set of required values
- */
-SECStatus
-CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage)
-{
- SECKEYPublicKey *key;
-
- /* choose between key agreement or key encipherment based on key
- * type in cert
- */
- if ( requiredUsage & KU_KEY_AGREEMENT_OR_ENCIPHERMENT ) {
- key = CERT_ExtractPublicKey(cert);
- if (!key)
- return SECFailure;
- if ( ( key->keyType == keaKey ) || ( key->keyType == fortezzaKey ) ||
- ( key->keyType == dhKey ) ) {
- requiredUsage |= KU_KEY_AGREEMENT;
- } else {
- requiredUsage |= KU_KEY_ENCIPHERMENT;
- }
-
- /* now turn off the special bit */
- requiredUsage &= (~KU_KEY_AGREEMENT_OR_ENCIPHERMENT);
-
- SECKEY_DestroyPublicKey(key);
- }
-
- if ( ( cert->keyUsage & requiredUsage ) != requiredUsage ) {
- return(SECFailure);
- }
- return(SECSuccess);
-}
-
-
-CERTCertificate *
-CERT_DupCertificate(CERTCertificate *c)
-{
- if (c) {
-#ifdef NSS_CLASSIC
- CERT_LockCertRefCount(c);
- ++c->referenceCount;
- CERT_UnlockCertRefCount(c);
-#else
- NSSCertificate *tmp = STAN_GetNSSCertificate(c);
- nssCertificate_AddRef(tmp);
-#endif
- }
- return c;
-}
-
-/*
- * Allow use of default cert database, so that apps(such as mozilla) don't
- * have to pass the handle all over the place.
- */
-static CERTCertDBHandle *default_cert_db_handle = 0;
-
-void
-CERT_SetDefaultCertDB(CERTCertDBHandle *handle)
-{
- default_cert_db_handle = handle;
-
- return;
-}
-
-CERTCertDBHandle *
-CERT_GetDefaultCertDB(void)
-{
- return(default_cert_db_handle);
-}
-
-/* XXX this would probably be okay/better as an xp routine? */
-static void
-sec_lower_string(char *s)
-{
- if ( s == NULL ) {
- return;
- }
-
- while ( *s ) {
- *s = PORT_Tolower(*s);
- s++;
- }
-
- return;
-}
-
-/*
-** Add a domain name to the list of names that the user has explicitly
-** allowed (despite cert name mismatches) for use with a server cert.
-*/
-SECStatus
-CERT_AddOKDomainName(CERTCertificate *cert, const char *hn)
-{
- CERTOKDomainName *domainOK;
- int newNameLen;
-
- if (!hn || !(newNameLen = strlen(hn))) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- domainOK = (CERTOKDomainName *)PORT_ArenaZAlloc(cert->arena,
- (sizeof *domainOK) + newNameLen);
- if (!domainOK)
- return SECFailure; /* error code is already set. */
-
- PORT_Strcpy(domainOK->name, hn);
- sec_lower_string(domainOK->name);
-
- /* put at head of list. */
- domainOK->next = cert->domainOK;
- cert->domainOK = domainOK;
- return SECSuccess;
-}
-
-/* returns SECSuccess if hn matches pattern cn,
-** returns SECFailure with SSL_ERROR_BAD_CERT_DOMAIN if no match,
-** returns SECFailure with some other error code if another error occurs.
-**
-** may modify cn, so caller must pass a modifiable copy.
-*/
-static SECStatus
-cert_TestHostName(char * cn, const char * hn)
-{
- char * hndomain;
- int regvalid;
-
- if ((hndomain = PORT_Strchr(hn, '.')) == NULL) {
- /* No domain in URI host name */
- char * cndomain;
- if ((cndomain = PORT_Strchr(cn, '.')) != NULL &&
- (cndomain - cn) > 0) {
- /* there is a domain in the cn string, so chop it off */
- *cndomain = '\0';
- }
- }
-
- regvalid = PORT_RegExpValid(cn);
- if (regvalid != NON_SXP) {
- SECStatus rv;
- /* cn is a regular expression, try to match the shexp */
- int match = PORT_RegExpCaseSearch(hn, cn);
-
- if ( match == 0 ) {
- rv = SECSuccess;
- } else {
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- rv = SECFailure;
- }
- return rv;
- }
- /* cn is not a regular expression */
-
- /* compare entire hn with cert name */
- if (PORT_Strcasecmp(hn, cn) == 0) {
- return SECSuccess;
- }
-
- if ( hndomain ) {
- /* compare just domain name with cert name */
- if ( PORT_Strcasecmp(hndomain+1, cn) == 0 ) {
- return SECSuccess;
- }
- }
-
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- return SECFailure;
-}
-
-
-SECStatus
-cert_VerifySubjectAltName(CERTCertificate *cert, const char *hn)
-{
- PRArenaPool * arena = NULL;
- CERTGeneralName * nameList = NULL;
- CERTGeneralName * current;
- char * cn;
- int cnBufLen;
- unsigned int hnLen;
- int DNSextCount = 0;
- int IPextCount = 0;
- PRBool isIPaddr;
- SECStatus rv = SECFailure;
- SECItem subAltName;
- PRNetAddr netAddr;
- char cnbuf[128];
-
- subAltName.data = NULL;
- hnLen = strlen(hn);
- cn = cnbuf;
- cnBufLen = sizeof cnbuf;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &subAltName);
- if (rv != SECSuccess) {
- goto finish;
- }
- isIPaddr = (PR_SUCCESS == PR_StringToNetAddr(hn, &netAddr));
- rv = SECFailure;
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena)
- goto finish;
-
- nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName);
- if (!current)
- goto finish;
-
- do {
- switch (current->type) {
- case certDNSName:
- if (!isIPaddr) {
- /* DNS name current->name.other.data is not null terminated.
- ** so must copy it.
- */
- int cnLen = current->name.other.len;
- if (cnLen + 1 > cnBufLen) {
- cnBufLen = cnLen + 1;
- cn = (char *)PORT_ArenaAlloc(arena, cnBufLen);
- if (!cn)
- goto finish;
- }
- PORT_Memcpy(cn, current->name.other.data, cnLen);
- cn[cnLen] = 0;
- rv = cert_TestHostName(cn ,hn);
- if (rv == SECSuccess)
- goto finish;
- }
- DNSextCount++;
- break;
- case certIPAddress:
- if (isIPaddr) {
- int match = 0;
- PRIPv6Addr v6Addr;
- if (current->name.other.len == 4 && /* IP v4 address */
- netAddr.inet.family == PR_AF_INET) {
- match = !memcmp(&netAddr.inet.ip,
- current->name.other.data, 4);
- } else if (current->name.other.len == 16 && /* IP v6 address */
- netAddr.ipv6.family == PR_AF_INET6) {
- match = !memcmp(&netAddr.ipv6.ip,
- current->name.other.data, 16);
- } else if (current->name.other.len == 16 && /* IP v6 address */
- netAddr.inet.family == PR_AF_INET) {
- /* convert netAddr to ipv6, then compare. */
- /* ipv4 must be in Network Byte Order on input. */
- PR_ConvertIPv4AddrToIPv6(netAddr.inet.ip, &v6Addr);
- match = !memcmp(&v6Addr, current->name.other.data, 16);
- } else if (current->name.other.len == 4 && /* IP v4 address */
- netAddr.inet.family == PR_AF_INET6) {
- /* convert netAddr to ipv6, then compare. */
- PRUint32 ipv4 = (current->name.other.data[0] << 24) |
- (current->name.other.data[1] << 16) |
- (current->name.other.data[2] << 8) |
- current->name.other.data[3];
- /* ipv4 must be in Network Byte Order on input. */
- PR_ConvertIPv4AddrToIPv6(PR_htonl(ipv4), &v6Addr);
- match = !memcmp(&netAddr.ipv6.ip, &v6Addr, 16);
- }
- if (match) {
- rv = SECSuccess;
- goto finish;
- }
- }
- IPextCount++;
- break;
- default:
- break;
- }
- current = cert_get_next_general_name(current);
- } while (current != nameList);
-
- if ((!isIPaddr && !DNSextCount) || (isIPaddr && !IPextCount)) {
- /* no relevant value in the extension was found. */
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- } else {
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- }
- rv = SECFailure;
-
-finish:
-
- /* Don't free nameList, it's part of the arena. */
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if (subAltName.data) {
- SECITEM_FreeItem(&subAltName, PR_FALSE);
- }
-
- return rv;
-}
-
-
-/* Make sure that the name of the host we are connecting to matches the
- * name that is incoded in the common-name component of the certificate
- * that they are using.
- */
-SECStatus
-CERT_VerifyCertName(CERTCertificate *cert, const char *hn)
-{
- char * cn;
- SECStatus rv;
- CERTOKDomainName *domainOK;
-
- if (!hn || !strlen(hn)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* if the name is one that the user has already approved, it's OK. */
- for (domainOK = cert->domainOK; domainOK; domainOK = domainOK->next) {
- if (0 == PORT_Strcasecmp(hn, domainOK->name)) {
- return SECSuccess;
- }
- }
-
- /* Per RFC 2818, if the SubjectAltName extension is present, it must
- ** be used as the cert's identity.
- */
- rv = cert_VerifySubjectAltName(cert, hn);
- if (rv == SECSuccess || PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
- return rv;
-
- /* try the cert extension first, then the common name */
- cn = CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
- if ( !cn ) {
- cn = CERT_GetCommonName(&cert->subject);
- }
- if ( cn ) {
- rv = cert_TestHostName(cn, hn);
- PORT_Free(cn);
- } else
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- return rv;
-}
-
-PRBool
-CERT_CompareCerts(CERTCertificate *c1, CERTCertificate *c2)
-{
- SECComparison comp;
-
- comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
- if ( comp == SECEqual ) { /* certs are the same */
- return(PR_TRUE);
- } else {
- return(PR_FALSE);
- }
-}
-
-static SECStatus
-StringsEqual(char *s1, char *s2) {
- if ( ( s1 == NULL ) || ( s2 == NULL ) ) {
- if ( s1 != s2 ) { /* only one is null */
- return(SECFailure);
- }
- return(SECSuccess); /* both are null */
- }
-
- if ( PORT_Strcmp( s1, s2 ) != 0 ) {
- return(SECFailure); /* not equal */
- }
-
- return(SECSuccess); /* strings are equal */
-}
-
-
-PRBool
-CERT_CompareCertsForRedirection(CERTCertificate *c1, CERTCertificate *c2)
-{
- SECComparison comp;
- char *c1str, *c2str;
- SECStatus eq;
-
- comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
- if ( comp == SECEqual ) { /* certs are the same */
- return(PR_TRUE);
- }
-
- /* check if they are issued by the same CA */
- comp = SECITEM_CompareItem(&c1->derIssuer, &c2->derIssuer);
- if ( comp != SECEqual ) { /* different issuer */
- return(PR_FALSE);
- }
-
- /* check country name */
- c1str = CERT_GetCountryName(&c1->subject);
- c2str = CERT_GetCountryName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
- /* check locality name */
- c1str = CERT_GetLocalityName(&c1->subject);
- c2str = CERT_GetLocalityName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
- /* check state name */
- c1str = CERT_GetStateName(&c1->subject);
- c2str = CERT_GetStateName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
- /* check org name */
- c1str = CERT_GetOrgName(&c1->subject);
- c2str = CERT_GetOrgName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
-#ifdef NOTDEF
- /* check orgUnit name */
- /*
- * We need to revisit this and decide which fields should be allowed to be
- * different
- */
- c1str = CERT_GetOrgUnitName(&c1->subject);
- c2str = CERT_GetOrgUnitName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-#endif
-
- return(PR_TRUE); /* all fields but common name are the same */
-}
-
-
-/* CERT_CertChainFromCert and CERT_DestroyCertificateList moved
- to certhigh.c */
-
-
-CERTIssuerAndSN *
-CERT_GetCertIssuerAndSN(PRArenaPool *arena, CERTCertificate *cert)
-{
- CERTIssuerAndSN *result;
- SECStatus rv;
-
- if ( arena == NULL ) {
- arena = cert->arena;
- }
-
- result = (CERTIssuerAndSN*)PORT_ArenaZAlloc(arena, sizeof(*result));
- if (result == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- rv = SECITEM_CopyItem(arena, &result->derIssuer, &cert->derIssuer);
- if (rv != SECSuccess)
- return NULL;
-
- rv = CERT_CopyName(arena, &result->issuer, &cert->issuer);
- if (rv != SECSuccess)
- return NULL;
-
- rv = SECITEM_CopyItem(arena, &result->serialNumber, &cert->serialNumber);
- if (rv != SECSuccess)
- return NULL;
-
- return result;
-}
-
-char *
-CERT_MakeCANickname(CERTCertificate *cert)
-{
- char *firstname = NULL;
- char *org = NULL;
- char *nickname = NULL;
- int count;
- CERTCertificate *dummycert;
- CERTCertDBHandle *handle;
-
- handle = cert->dbhandle;
-
- nickname = CERT_GetNickName(cert, handle, cert->arena);
- if (nickname == NULL) {
- firstname = CERT_GetCommonName(&cert->subject);
- if ( firstname == NULL ) {
- firstname = CERT_GetOrgUnitName(&cert->subject);
- }
-
- org = CERT_GetOrgName(&cert->issuer);
- if (org == NULL) {
- org = CERT_GetDomainComponentName(&cert->issuer);
- if (org == NULL) {
- if (firstname) {
- org = firstname;
- firstname = NULL;
- } else {
- org = PORT_Strdup("Unknown CA");
- }
- }
- }
-
- /* can only fail if PORT_Strdup fails, in which case
- * we're having memory problems. */
- if (org == NULL) {
- goto loser;
- }
-
-
- count = 1;
- while ( 1 ) {
-
- if ( firstname ) {
- if ( count == 1 ) {
- nickname = PR_smprintf("%s - %s", firstname, org);
- } else {
- nickname = PR_smprintf("%s - %s #%d", firstname, org, count);
- }
- } else {
- if ( count == 1 ) {
- nickname = PR_smprintf("%s", org);
- } else {
- nickname = PR_smprintf("%s #%d", org, count);
- }
- }
- if ( nickname == NULL ) {
- goto loser;
- }
-
- /* look up the nickname to make sure it isn't in use already */
- dummycert = CERT_FindCertByNickname(handle, nickname);
-
- if ( dummycert == NULL ) {
- goto done;
- }
-
- /* found a cert, destroy it and loop */
- CERT_DestroyCertificate(dummycert);
-
- /* free the nickname */
- PORT_Free(nickname);
-
- count++;
- }
- }
-loser:
- if ( nickname ) {
- PORT_Free(nickname);
- }
-
- nickname = "";
-
-done:
- if ( firstname ) {
- PORT_Free(firstname);
- }
- if ( org ) {
- PORT_Free(org);
- }
-
- return(nickname);
-}
-
-/* CERT_Import_CAChain moved to certhigh.c */
-
-void
-CERT_DestroyCrl (CERTSignedCrl *crl)
-{
- SEC_DestroyCrl (crl);
-}
-
-
-
-/*
- * Does a cert belong to a CA? We decide based on perm database trust
- * flags, Netscape Cert Type Extension, and KeyUsage Extension.
- */
-PRBool
-CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype)
-{
- CERTCertTrust *trust;
- SECStatus rv;
- unsigned int type;
- PRBool ret;
-
- ret = PR_FALSE;
- type = 0;
-
- if ( cert->trust && (cert->trust->sslFlags|cert->trust->emailFlags|
- cert->trust->objectSigningFlags)) {
- trust = cert->trust;
- if ( ( ( trust->sslFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
- ( ( trust->sslFlags & CERTDB_TRUSTED_CA ) == CERTDB_TRUSTED_CA ) ) {
- ret = PR_TRUE;
- type |= NS_CERT_TYPE_SSL_CA;
- }
-
- if ( ( ( trust->emailFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
- ( ( trust->emailFlags & CERTDB_TRUSTED_CA ) == CERTDB_TRUSTED_CA ) ) {
- ret = PR_TRUE;
- type |= NS_CERT_TYPE_EMAIL_CA;
- }
-
- if ( ( ( trust->objectSigningFlags & CERTDB_VALID_CA )
- == CERTDB_VALID_CA ) ||
- ( ( trust->objectSigningFlags & CERTDB_TRUSTED_CA )
- == CERTDB_TRUSTED_CA ) ) {
- ret = PR_TRUE;
- type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
- }
- } else {
- if ( cert->nsCertType &
- ( NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA |
- NS_CERT_TYPE_OBJECT_SIGNING_CA ) ) {
- ret = PR_TRUE;
- type = (cert->nsCertType & NS_CERT_TYPE_CA);
- } else {
- CERTBasicConstraints constraints;
- rv = CERT_FindBasicConstraintExten(cert, &constraints);
- if ( rv == SECSuccess ) {
- if ( constraints.isCA ) {
- ret = PR_TRUE;
- type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
- }
- }
- }
-
- /* finally check if it's a FORTEZZA V1 CA */
- if (ret == PR_FALSE) {
- if (fortezzaIsCA(cert)) {
- ret = PR_TRUE;
- type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
- }
- }
- }
-
- /* the isRoot flag trumps all */
- if (cert->isRoot) {
- ret = PR_TRUE;
- /* set only these by default, same as above */
- type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
- }
-
- if ( rettype != NULL ) {
- *rettype = type;
- }
-
- return(ret);
-}
-
-PRBool
-CERT_IsCADERCert(SECItem *derCert, unsigned int *type) {
- CERTCertificate *cert;
- PRBool isCA;
-
- /* This is okay -- only looks at extensions */
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if (cert == NULL) return PR_FALSE;
-
- isCA = CERT_IsCACert(cert,type);
- CERT_DestroyCertificate (cert);
- return isCA;
-}
-
-PRBool
-CERT_IsRootDERCert(SECItem *derCert)
-{
- CERTCertificate *cert;
- PRBool isRoot;
-
- /* This is okay -- only looks at extensions */
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if (cert == NULL) return PR_FALSE;
-
- isRoot = cert->isRoot;
- CERT_DestroyCertificate (cert);
- return isRoot;
-}
-
-
-/*
- * is certa newer than certb? If one is expired, pick the other one.
- */
-PRBool
-CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb)
-{
- PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
- SECStatus rv;
- PRBool newerbefore, newerafter;
-
- rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
- if ( rv != SECSuccess ) {
- return(PR_FALSE);
- }
-
- rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
- if ( rv != SECSuccess ) {
- return(PR_TRUE);
- }
-
- newerbefore = PR_FALSE;
- if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
- newerbefore = PR_TRUE;
- }
-
- newerafter = PR_FALSE;
- if ( LL_CMP(notAfterA, >, notAfterB) ) {
- newerafter = PR_TRUE;
- }
-
- if ( newerbefore && newerafter ) {
- return(PR_TRUE);
- }
-
- if ( ( !newerbefore ) && ( !newerafter ) ) {
- return(PR_FALSE);
- }
-
- /* get current UTC time */
- now = PR_Now();
-
- if ( newerbefore ) {
- /* cert A was issued after cert B, but expires sooner */
- /* if A is expired, then pick B */
- if ( LL_CMP(notAfterA, <, now ) ) {
- return(PR_FALSE);
- }
- return(PR_TRUE);
- } else {
- /* cert B was issued after cert A, but expires sooner */
- /* if B is expired, then pick A */
- if ( LL_CMP(notAfterB, <, now ) ) {
- return(PR_TRUE);
- }
- return(PR_FALSE);
- }
-}
-
-void
-CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts)
-{
- unsigned int i;
-
- if ( certs ) {
- for ( i = 0; i < ncerts; i++ ) {
- if ( certs[i] ) {
- CERT_DestroyCertificate(certs[i]);
- }
- }
-
- PORT_Free(certs);
- }
-
- return;
-}
-
-char *
-CERT_FixupEmailAddr(char *emailAddr)
-{
- char *retaddr;
- char *str;
-
- if ( emailAddr == NULL ) {
- return(NULL);
- }
-
- /* copy the string */
- str = retaddr = PORT_Strdup(emailAddr);
- if ( str == NULL ) {
- return(NULL);
- }
-
- /* make it lower case */
- while ( *str ) {
- *str = tolower( *str );
- str++;
- }
-
- return(retaddr);
-}
-
-/*
- * NOTE - don't allow encode of govt-approved or invisible bits
- */
-SECStatus
-CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts)
-{
- unsigned int i;
- unsigned int *pflags;
-
- trust->sslFlags = 0;
- trust->emailFlags = 0;
- trust->objectSigningFlags = 0;
-
- pflags = &trust->sslFlags;
-
- for (i=0; i < PORT_Strlen(trusts); i++) {
- switch (trusts[i]) {
- case 'p':
- *pflags = *pflags | CERTDB_VALID_PEER;
- break;
-
- case 'P':
- *pflags = *pflags | CERTDB_TRUSTED | CERTDB_VALID_PEER;
- break;
-
- case 'w':
- *pflags = *pflags | CERTDB_SEND_WARN;
- break;
-
- case 'c':
- *pflags = *pflags | CERTDB_VALID_CA;
- break;
-
- case 'T':
- *pflags = *pflags | CERTDB_TRUSTED_CLIENT_CA | CERTDB_VALID_CA;
- break;
-
- case 'C' :
- *pflags = *pflags | CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
- break;
-
- case 'u':
- *pflags = *pflags | CERTDB_USER;
- break;
-
-#ifdef DEBUG_NSSTEAM_ONLY
- case 'i':
- *pflags = *pflags | CERTDB_INVISIBLE_CA;
- break;
- case 'g':
- *pflags = *pflags | CERTDB_GOVT_APPROVED_CA;
- break;
-#endif /* DEBUG_NSSTEAM_ONLY */
-
- case ',':
- if ( pflags == &trust->sslFlags ) {
- pflags = &trust->emailFlags;
- } else {
- pflags = &trust->objectSigningFlags;
- }
- break;
- default:
- return SECFailure;
- }
- }
-
- return SECSuccess;
-}
-
-static void
-EncodeFlags(char *trusts, unsigned int flags)
-{
- if (flags & CERTDB_VALID_CA)
- if (!(flags & CERTDB_TRUSTED_CA) &&
- !(flags & CERTDB_TRUSTED_CLIENT_CA))
- PORT_Strcat(trusts, "c");
- if (flags & CERTDB_VALID_PEER)
- if (!(flags & CERTDB_TRUSTED))
- PORT_Strcat(trusts, "p");
- if (flags & CERTDB_TRUSTED_CA)
- PORT_Strcat(trusts, "C");
- if (flags & CERTDB_TRUSTED_CLIENT_CA)
- PORT_Strcat(trusts, "T");
- if (flags & CERTDB_TRUSTED)
- PORT_Strcat(trusts, "P");
- if (flags & CERTDB_USER)
- PORT_Strcat(trusts, "u");
- if (flags & CERTDB_SEND_WARN)
- PORT_Strcat(trusts, "w");
- if (flags & CERTDB_INVISIBLE_CA)
- PORT_Strcat(trusts, "I");
- if (flags & CERTDB_GOVT_APPROVED_CA)
- PORT_Strcat(trusts, "G");
- return;
-}
-
-char *
-CERT_EncodeTrustString(CERTCertTrust *trust)
-{
- char tmpTrustSSL[32];
- char tmpTrustEmail[32];
- char tmpTrustSigning[32];
- char *retstr = NULL;
-
- if ( trust ) {
- tmpTrustSSL[0] = '\0';
- tmpTrustEmail[0] = '\0';
- tmpTrustSigning[0] = '\0';
-
- EncodeFlags(tmpTrustSSL, trust->sslFlags);
- EncodeFlags(tmpTrustEmail, trust->emailFlags);
- EncodeFlags(tmpTrustSigning, trust->objectSigningFlags);
-
- retstr = PR_smprintf("%s,%s,%s", tmpTrustSSL, tmpTrustEmail,
- tmpTrustSigning);
- }
-
- return(retstr);
-}
-
-/* in 3.4, this will only set trust */
-SECStatus
-CERT_SaveImportedCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool caOnly, char *nickname)
-{
- SECStatus rv;
- PRBool saveit;
- CERTCertTrust trust;
- PRBool isCA;
- unsigned int certtype;
-
- isCA = CERT_IsCACert(cert, NULL);
- if ( caOnly && ( !isCA ) ) {
- return(SECSuccess);
- }
- /* In NSS 3.4, certs are given zero trust upon import. However, this
- * function needs to set up default CA trust (CERTDB_VALID_CA), or
- * PKCS#12 imported certs will not show up correctly. In the case of a
- * CA cert with zero trust, continue with this function. But if the cert
- * does already have some trust bits, exit and do not change them.
- */
- if (isCA && cert->trust &&
- (cert->trust->sslFlags |
- cert->trust->emailFlags |
- cert->trust->objectSigningFlags)) {
- return(SECSuccess);
- }
-
- saveit = PR_TRUE;
-
- PORT_Memset((void *)&trust, 0, sizeof(trust));
-
- certtype = cert->nsCertType;
-
- /* if no CA bits in cert type, then set all CA bits */
- if ( isCA && ( ! ( certtype & NS_CERT_TYPE_CA ) ) ) {
- certtype |= NS_CERT_TYPE_CA;
- }
-
- /* if no app bits in cert type, then set all app bits */
- if ( ( !isCA ) && ( ! ( certtype & NS_CERT_TYPE_APP ) ) ) {
- certtype |= NS_CERT_TYPE_APP;
- }
-
- switch ( usage ) {
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- if ( isCA ) {
- if ( certtype & NS_CERT_TYPE_EMAIL_CA ) {
- trust.emailFlags = CERTDB_VALID_CA;
- }
- } else {
- if ( cert->emailAddr == NULL ) {
- saveit = PR_FALSE;
- }
-
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- trust.emailFlags = CERTDB_VALID_PEER;
- if ( ! ( cert->rawKeyUsage & KU_KEY_ENCIPHERMENT ) ) {
- /* don't save it if KeyEncipherment is not allowed */
- saveit = PR_FALSE;
- }
- }
- }
- break;
- case certUsageUserCertImport:
- if ( isCA ) {
- if ( certtype & NS_CERT_TYPE_SSL_CA ) {
- trust.sslFlags = CERTDB_VALID_CA;
- }
-
- if ( certtype & NS_CERT_TYPE_EMAIL_CA ) {
- trust.emailFlags = CERTDB_VALID_CA;
- }
-
- if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING_CA ) {
- trust.objectSigningFlags = CERTDB_VALID_CA;
- }
-
- } else {
- if ( certtype & NS_CERT_TYPE_SSL_CLIENT ) {
- trust.sslFlags = CERTDB_VALID_PEER;
- }
-
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- trust.emailFlags = CERTDB_VALID_PEER;
- }
-
- if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING ) {
- trust.objectSigningFlags = CERTDB_VALID_PEER;
- }
- }
- break;
- case certUsageAnyCA:
- trust.sslFlags = CERTDB_VALID_CA;
- break;
- case certUsageSSLCA:
- trust.sslFlags = CERTDB_VALID_CA |
- CERTDB_TRUSTED_CA | CERTDB_TRUSTED_CLIENT_CA;
- break;
- default: /* XXX added to quiet warnings; no other cases needed? */
- break;
- }
-
- if ( saveit ) {
- rv = CERT_ChangeCertTrust(cert->dbhandle, cert, &trust);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- rv = SECSuccess;
- goto done;
-
-loser:
- rv = SECFailure;
-done:
-
- return(rv);
-}
-
-SECStatus
-CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
- unsigned int ncerts, SECItem **derCerts,
- CERTCertificate ***retCerts, PRBool keepCerts,
- PRBool caOnly, char *nickname)
-{
- unsigned int i;
- CERTCertificate **certs = NULL;
- SECStatus rv;
- unsigned int fcerts = 0;
-
- if ( ncerts ) {
- certs = (CERTCertificate**)PORT_ZAlloc(sizeof(CERTCertificate *) * ncerts );
- if ( certs == NULL ) {
- return(SECFailure);
- }
-
- /* decode all of the certs into the temporary DB */
- for ( i = 0, fcerts= 0; i < ncerts; i++) {
- certs[fcerts] = CERT_NewTempCertificate(certdb,
- derCerts[i],
- NULL,
- PR_FALSE,
- PR_TRUE);
- if (certs[fcerts]) fcerts++;
- }
-
- if ( keepCerts ) {
- for ( i = 0; i < fcerts; i++ ) {
- char* canickname = NULL;
- PRBool freeNickname = PR_FALSE;
-
- SECKEY_UpdateCertPQG(certs[i]);
-
- if ( CERT_IsCACert(certs[i], NULL) ) {
- canickname = CERT_MakeCANickname(certs[i]);
- if ( canickname != NULL ) {
- freeNickname = PR_TRUE;
- }
- }
-
- if(CERT_IsCACert(certs[i], NULL) && (fcerts > 1)) {
- /* if we are importing only a single cert and specifying
- * a nickname, we want to use that nickname if it a CA,
- * otherwise if there are more than one cert, we don't
- * know which cert it belongs to. But we still may try
- * the individual canickname from the cert itself.
- */
- rv = CERT_AddTempCertToPerm(certs[i], canickname, NULL);
- } else {
- rv = CERT_AddTempCertToPerm(certs[i],
- nickname?nickname:canickname, NULL);
- }
- if (rv == SECSuccess) {
- CERT_SaveImportedCert(certs[i], usage, caOnly, NULL);
- }
-
- if (PR_TRUE == freeNickname) {
- PORT_Free(canickname);
- }
- /* don't care if it fails - keep going */
- }
- }
- }
-
- if ( retCerts ) {
- *retCerts = certs;
- } else {
- if (certs) {
- CERT_DestroyCertArray(certs, fcerts);
- }
- }
-
- return(SECSuccess);
-
-#if 0 /* dead code here - why ?? XXX */
-loser:
- if ( retCerts ) {
- *retCerts = NULL;
- }
- if ( certs ) {
- CERT_DestroyCertArray(certs, ncerts);
- }
- return(SECFailure);
-#endif
-}
-
-/*
- * a real list of certificates - need to convert CERTCertificateList
- * stuff and ASN 1 encoder/decoder over to using this...
- */
-CERTCertList *
-CERT_NewCertList(void)
-{
- PRArenaPool *arena = NULL;
- CERTCertList *ret = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- ret = (CERTCertList *)PORT_ArenaZAlloc(arena, sizeof(CERTCertList));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->arena = arena;
-
- PR_INIT_CLIST(&ret->list);
-
- return(ret);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-CERT_DestroyCertList(CERTCertList *certs)
-{
- PRCList *node;
-
- while( !PR_CLIST_IS_EMPTY(&certs->list) ) {
- node = PR_LIST_HEAD(&certs->list);
- CERT_DestroyCertificate(((CERTCertListNode *)node)->cert);
- PR_REMOVE_LINK(node);
- }
-
- PORT_FreeArena(certs->arena, PR_FALSE);
-
- return;
-}
-
-void
-CERT_RemoveCertListNode(CERTCertListNode *node)
-{
- CERT_DestroyCertificate(node->cert);
- PR_REMOVE_LINK(&node->links);
- return;
-}
-
-
-SECStatus
-CERT_AddCertToListTailWithData(CERTCertList *certs,
- CERTCertificate *cert, void *appData)
-{
- CERTCertListNode *node;
-
- node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
- sizeof(CERTCertListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &certs->list);
- /* certs->count++; */
- node->cert = cert;
- node->appData = appData;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-SECStatus
-CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert)
-{
- return CERT_AddCertToListTailWithData(certs, cert, NULL);
-}
-
-SECStatus
-CERT_AddCertToListHeadWithData(CERTCertList *certs,
- CERTCertificate *cert, void *appData)
-{
- CERTCertListNode *node;
- CERTCertListNode *head;
-
- head = CERT_LIST_HEAD(certs);
-
- if (head == NULL) return CERT_AddCertToListTail(certs,cert);
-
- node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
- sizeof(CERTCertListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &head->links);
- /* certs->count++; */
- node->cert = cert;
- node->appData = appData;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-SECStatus
-CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert)
-{
- return CERT_AddCertToListHeadWithData(certs, cert, NULL);
-}
-
-/*
- * Sort callback function to determine if cert a is newer than cert b.
- * Not valid certs are considered older than valid certs.
- */
-PRBool
-CERT_SortCBValidity(CERTCertificate *certa,
- CERTCertificate *certb,
- void *arg)
-{
- PRTime sorttime;
- PRTime notBeforeA, notAfterA, notBeforeB, notAfterB;
- SECStatus rv;
- PRBool newerbefore, newerafter;
- PRBool aNotValid = PR_FALSE, bNotValid = PR_FALSE;
-
- sorttime = *(PRTime *)arg;
-
- rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
- if ( rv != SECSuccess ) {
- return(PR_FALSE);
- }
-
- rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
- if ( rv != SECSuccess ) {
- return(PR_TRUE);
- }
- newerbefore = PR_FALSE;
- if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
- newerbefore = PR_TRUE;
- }
- newerafter = PR_FALSE;
- if ( LL_CMP(notAfterA, >, notAfterB) ) {
- newerafter = PR_TRUE;
- }
-
- /* check if A is valid at sorttime */
- if ( CERT_CheckCertValidTimes(certa, sorttime, PR_FALSE)
- != secCertTimeValid ) {
- aNotValid = PR_TRUE;
- }
-
- /* check if B is valid at sorttime */
- if ( CERT_CheckCertValidTimes(certb, sorttime, PR_FALSE)
- != secCertTimeValid ) {
- bNotValid = PR_TRUE;
- }
-
- /* a is valid, b is not */
- if ( bNotValid && ( ! aNotValid ) ) {
- return(PR_TRUE);
- }
-
- /* b is valid, a is not */
- if ( aNotValid && ( ! bNotValid ) ) {
- return(PR_FALSE);
- }
-
- /* a and b are either valid or not valid */
- if ( newerbefore && newerafter ) {
- return(PR_TRUE);
- }
-
- if ( ( !newerbefore ) && ( !newerafter ) ) {
- return(PR_FALSE);
- }
-
- if ( newerbefore ) {
- /* cert A was issued after cert B, but expires sooner */
- return(PR_TRUE);
- } else {
- /* cert B was issued after cert A, but expires sooner */
- return(PR_FALSE);
- }
-}
-
-
-SECStatus
-CERT_AddCertToListSorted(CERTCertList *certs,
- CERTCertificate *cert,
- CERTSortCallback f,
- void *arg)
-{
- CERTCertListNode *node;
- CERTCertListNode *head;
- PRBool ret;
-
- node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
- sizeof(CERTCertListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- head = CERT_LIST_HEAD(certs);
-
- while ( !CERT_LIST_END(head, certs) ) {
-
- /* if cert is already in the list, then don't add it again */
- if ( cert == head->cert ) {
- /*XXX*/
- /* don't keep a reference */
- CERT_DestroyCertificate(cert);
- goto done;
- }
-
- ret = (* f)(cert, head->cert, arg);
- /* if sort function succeeds, then insert before current node */
- if ( ret ) {
- PR_INSERT_BEFORE(&node->links, &head->links);
- goto done;
- }
-
- head = CERT_LIST_NEXT(head);
- }
- /* if we get to the end, then just insert it at the tail */
- PR_INSERT_BEFORE(&node->links, &certs->list);
-
-done:
- /* certs->count++; */
- node->cert = cert;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/* This routine is here because pcertdb.c still has a call to it.
- * The SMIME profile code in pcertdb.c should be split into high (find
- * the email cert) and low (store the profile) code. At that point, we
- * can move this to certhigh.c where it belongs.
- *
- * remove certs from a list that don't have keyUsage and certType
- * that match the given usage.
- */
-SECStatus
-CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
- PRBool ca)
-{
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- CERTCertListNode *node, *savenode;
- PRBool bad;
- SECStatus rv;
- unsigned int certType;
- PRBool dummyret;
-
- if (certList == NULL) goto loser;
-
- rv = CERT_KeyUsageAndTypeForCertUsage(usage, ca, &requiredKeyUsage,
- &requiredCertType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- while ( !CERT_LIST_END(node, certList) ) {
-
- bad = PR_FALSE;
-
- /* bad key usage */
- if ( CERT_CheckKeyUsage(node->cert, requiredKeyUsage )
- != SECSuccess ) {
- bad = PR_TRUE;
- }
- /* bad cert type */
- if ( ca ) {
- /* This function returns a more comprehensive cert type that
- * takes trust flags into consideration. Should probably
- * fix the cert decoding code to do this.
- */
- dummyret = CERT_IsCACert(node->cert, &certType);
- } else {
- certType = node->cert->nsCertType;
- }
-
- if ( ! ( certType & requiredCertType ) ) {
- bad = PR_TRUE;
- }
-
- if ( bad ) {
- /* remove the node if it is bad */
- savenode = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(node);
- node = savenode;
- } else {
- node = CERT_LIST_NEXT(node);
- }
- }
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-PRBool CERT_IsUserCert(CERTCertificate* cert)
-{
- if ( (cert->trust->sslFlags & CERTDB_USER ) ||
- (cert->trust->emailFlags & CERTDB_USER ) ||
- (cert->trust->objectSigningFlags & CERTDB_USER ) ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-SECStatus
-CERT_FilterCertListForUserCerts(CERTCertList *certList)
-{
- CERTCertListNode *node, *freenode;
- CERTCertificate *cert;
-
- if (!certList) {
- return SECFailure;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- while ( ! CERT_LIST_END(node, certList) ) {
- cert = node->cert;
- if ( PR_TRUE != CERT_IsUserCert(cert) ) {
- /* Not a User Cert, so remove this cert from the list */
- freenode = node;
- node = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(freenode);
- } else {
- /* Is a User cert, so leave it in the list */
- node = CERT_LIST_NEXT(node);
- }
- }
-
- return(SECSuccess);
-}
-
-static PZLock *certRefCountLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertRefCount(CERTCertificate *cert)
-{
- if ( certRefCountLock == NULL ) {
- nss_InitLock(&certRefCountLock, nssILockRefLock);
- PORT_Assert(certRefCountLock != NULL);
- }
-
- PZ_Lock(certRefCountLock);
- return;
-}
-
-/*
- * Free the cert reference count lock
- */
-void
-CERT_UnlockCertRefCount(CERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certRefCountLock != NULL);
-
- prstat = PZ_Unlock(certRefCountLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *certTrustLock = NULL;
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertTrust(CERTCertificate *cert)
-{
- if ( certTrustLock == NULL ) {
- nss_InitLock(&certTrustLock, nssILockCertDB);
- PORT_Assert(certTrustLock != NULL);
- }
-
- PZ_Lock(certTrustLock);
- return;
-}
-
-/*
- * Free the cert trust lock
- */
-void
-CERT_UnlockCertTrust(CERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certTrustLock != NULL);
-
- prstat = PZ_Unlock(certTrustLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-
-/*
- * Get the StatusConfig data for this handle
- */
-CERTStatusConfig *
-CERT_GetStatusConfig(CERTCertDBHandle *handle)
-{
- return handle->statusConfig;
-}
-
-/*
- * Set the StatusConfig data for this handle. There
- * should not be another configuration set.
- */
-void
-CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *statusConfig)
-{
- PORT_Assert(handle->statusConfig == NULL);
- handle->statusConfig = statusConfig;
-}
-
-/*
- * Code for dealing with subjKeyID to cert mappings.
- */
-
-static PLHashTable *gSubjKeyIDHash = NULL;
-static PRLock *gSubjKeyIDLock = NULL;
-
-static void *cert_AllocTable(void *pool, PRSize size)
-{
- return PORT_Alloc(size);
-}
-
-static void cert_FreeTable(void *pool, void *item)
-{
- PORT_Free(item);
-}
-
-static PLHashEntry* cert_AllocEntry(void *pool, const void *key)
-{
- return PORT_New(PLHashEntry);
-}
-
-static void cert_FreeEntry(void *pool, PLHashEntry *he, PRUintn flag)
-{
- SECITEM_FreeItem((SECItem*)(he->value), PR_TRUE);
- if (flag == HT_FREE_ENTRY) {
- SECITEM_FreeItem((SECItem*)(he->key), PR_TRUE);
- PORT_Free(he);
- }
-}
-
-static PLHashAllocOps cert_AllocOps = {
- cert_AllocTable, cert_FreeTable, cert_AllocEntry, cert_FreeEntry
-};
-
-SECStatus
-cert_CreateSubjectKeyIDHashTable(void)
-{
- gSubjKeyIDHash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- SECITEM_HashCompare,
- &cert_AllocOps, NULL);
- if (!gSubjKeyIDHash) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- gSubjKeyIDLock = PR_NewLock();
- if (!gSubjKeyIDLock) {
- PL_HashTableDestroy(gSubjKeyIDHash);
- gSubjKeyIDHash = NULL;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- return SECSuccess;
-
-}
-
-SECStatus
-cert_AddSubjectKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert)
-{
- SECItem *newKeyID, *oldVal, *newVal;
- SECStatus rv = SECFailure;
-
- if (!gSubjKeyIDLock) {
- /* If one is created, then both are there. So only check for one. */
- return SECFailure;
- }
-
- newVal = SECITEM_DupItem(&cert->derCert);
- if (!newVal) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto done;
- }
- newKeyID = SECITEM_DupItem(subjKeyID);
- if (!newKeyID) {
- SECITEM_FreeItem(newVal, PR_TRUE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto done;
- }
-
- PR_Lock(gSubjKeyIDLock);
- /* The hash table implementation does not free up the memory
- * associated with the key of an already existing entry if we add a
- * duplicate, so we would wind up leaking the previously allocated
- * key if we don't remove before adding.
- */
- oldVal = (SECItem*)PL_HashTableLookup(gSubjKeyIDHash, subjKeyID);
- if (oldVal) {
- PL_HashTableRemove(gSubjKeyIDHash, subjKeyID);
- }
-
- rv = (PL_HashTableAdd(gSubjKeyIDHash, newKeyID, newVal)) ? SECSuccess :
- SECFailure;
- PR_Unlock(gSubjKeyIDLock);
-done:
- return rv;
-}
-
-SECStatus
-cert_RemoveSubjectKeyIDMapping(SECItem *subjKeyID)
-{
- SECStatus rv;
- if (!gSubjKeyIDLock)
- return SECFailure;
-
- PR_Lock(gSubjKeyIDLock);
- rv = (PL_HashTableRemove(gSubjKeyIDHash, subjKeyID)) ? SECSuccess :
- SECFailure;
- PR_Unlock(gSubjKeyIDLock);
- return rv;
-}
-
-SECStatus
-cert_DestroySubjectKeyIDHashTable(void)
-{
- if (gSubjKeyIDHash) {
- PR_Lock(gSubjKeyIDLock);
- PL_HashTableDestroy(gSubjKeyIDHash);
- gSubjKeyIDHash = NULL;
- PR_Unlock(gSubjKeyIDLock);
- PR_DestroyLock(gSubjKeyIDLock);
- gSubjKeyIDLock = NULL;
- }
- return SECSuccess;
-}
-
-SECItem*
-cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID)
-{
- SECItem *val;
-
- if (!gSubjKeyIDLock)
- return NULL;
-
- PR_Lock(gSubjKeyIDLock);
- val = (SECItem*)PL_HashTableLookup(gSubjKeyIDHash, subjKeyID);
- if (val) {
- val = SECITEM_DupItem(val);
- }
- PR_Unlock(gSubjKeyIDLock);
- return val;
-}
-
-CERTCertificate*
-CERT_FindCertBySubjectKeyID(CERTCertDBHandle *handle, SECItem *subjKeyID)
-{
- CERTCertificate *cert = NULL;
- SECItem *derCert;
-
- derCert = cert_FindDERCertBySubjectKeyID(subjKeyID);
- if (derCert) {
- cert = CERT_FindCertByDERCert(handle, derCert);
- SECITEM_FreeItem(derCert, PR_TRUE);
- }
- return cert;
-}
diff --git a/security/nss/lib/certdb/certdb.h b/security/nss/lib/certdb/certdb.h
deleted file mode 100644
index 7340961c2..000000000
--- a/security/nss/lib/certdb/certdb.h
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CERTDB_H_
-#define _CERTDB_H_
-
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER (1<<0)
-#define CERTDB_TRUSTED (1<<1)
-#define CERTDB_SEND_WARN (1<<2)
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA (1<<5)
-#define CERTDB_USER (1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA (1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA (1<<9) /* can do strong crypto in export ver */
-
-
-SEC_BEGIN_PROTOS
-
-CERTSignedCrl *
-SEC_FindCrlByKey(CERTCertDBHandle *handle, SECItem *crlKey, int type);
-
-CERTSignedCrl *
-SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type);
-
-CERTSignedCrl *
-SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type);
-
-PRBool
-SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
- CERTCertDBHandle *handle);
-CERTSignedCrl *
-SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type);
-
-SECStatus
-SEC_DeletePermCRL(CERTSignedCrl *crl);
-
-
-SECStatus
-SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type);
-
-SECStatus
-SEC_DestroyCrl(CERTSignedCrl *crl);
-
-SECStatus
-CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
- CERTCertTrust *trust);
-
-SECStatus SEC_DeletePermCertificate(CERTCertificate *cert);
-
-PRBool
-SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old);
-
-SECCertTimeValidity
-SEC_CheckCrlTimes(CERTCrl *crl, PRTime t);
-
-#ifdef notdef
-/*
-** Add a DER encoded certificate to the permanent database.
-** "derCert" is the DER encoded certificate.
-** "nickname" is the nickname to use for the cert
-** "trust" is the trust parameters for the cert
-*/
-SECStatus SEC_AddPermCertificate(PCERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PCERTCertTrust *trust);
-
-certDBEntryCert *
-SEC_FindPermCertByKey(PCERTCertDBHandle *handle, SECItem *certKey);
-
-certDBEntryCert
-*SEC_FindPermCertByName(PCERTCertDBHandle *handle, SECItem *name);
-
-SECStatus SEC_OpenPermCertDB(PCERTCertDBHandle *handle,
- PRBool readOnly,
- PCERTDBNameFunc namecb,
- void *cbarg);
-
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(PCERTCertificate *cert,
- SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-** "certfunc" is the user function to call for each certificate
-** "udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-PCERT_TraversePermCerts(PCERTCertDBHandle *handle,
- PermCertCallback certfunc,
- void *udata );
-
-SECStatus
-SEC_AddTempNickname(PCERTCertDBHandle *handle, char *nickname, SECItem *certKey);
-
-SECStatus
-SEC_DeleteTempNickname(PCERTCertDBHandle *handle, char *nickname);
-
-
-PRBool
-SEC_CertDBKeyConflict(SECItem *derCert, PCERTCertDBHandle *handle);
-
-SECStatus
-SEC_GetCrlTimes(PCERTCrl *dates, PRTime *notBefore, PRTime *notAfter);
-
-PCERTSignedCrl *
-SEC_AddPermCrlToTemp(PCERTCertDBHandle *handle, certDBEntryRevocation *entry);
-
-SECStatus
-SEC_DeleteTempCrl(PCERTSignedCrl *crl);
-
-
-SECStatus
-SEC_CheckKRL(PCERTCertDBHandle *handle,SECKEYLowPublicKey *key,
- PCERTCertificate *rootCert, int64 t, void *wincx);
-
-SECStatus
-SEC_CheckCRL(PCERTCertDBHandle *handle,PCERTCertificate *cert,
- PCERTCertificate *caCert, int64 t, void *wincx);
-
-SECStatus
-SEC_CrlReplaceUrl(PCERTSignedCrl *crl,char *url);
-#endif
-
-SEC_END_PROTOS
-
-#endif /* _CERTDB_H_ */
diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h
deleted file mode 100644
index d22acab3d..000000000
--- a/security/nss/lib/certdb/certi.h
+++ /dev/null
@@ -1,213 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certi.h - private data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _CERTI_H_
-#define _CERTI_H_
-
-#include "certt.h"
-#include "nssrwlkt.h"
-
-#define USE_RWLOCK 1
-
-/* all definitions in this file are subject to change */
-
-typedef struct OpaqueCRLFieldsStr OpaqueCRLFields;
-typedef struct CRLEntryCacheStr CRLEntryCache;
-typedef struct CRLDPCacheStr CRLDPCache;
-typedef struct CRLIssuerCacheStr CRLIssuerCache;
-typedef struct CRLCacheStr CRLCache;
-
-struct OpaqueCRLFieldsStr {
- PRBool partial;
- PRBool badEntries;
- PRBool bad;
- PRBool badDER;
- PRBool badExtensions;
- PRBool deleted;
- PRBool heapDER;
- PRBool unverified;
-};
-
-typedef struct PreAllocatorStr PreAllocator;
-
-struct PreAllocatorStr
-{
- PRSize len;
- void* data;
- PRSize used;
- PRArenaPool* arena;
- PRSize extra;
-};
-
-/* CRL entry cache.
- This is the same as an entry plus the next/prev pointers for the hash table
-*/
-
-struct CRLEntryCacheStr {
- CERTCrlEntry entry;
- CRLEntryCache *prev, *next;
-};
-
-#define CRL_CACHE_INVALID_CRLS 0x0001 /* this state will be set
- if we have CRL objects with an invalid DER or signature. Can be
- cleared if the invalid objects are deleted from the token */
-#define CRL_CACHE_LAST_FETCH_FAILED 0x0002 /* this state will be set
- if the last CRL fetch encountered an error. Can be cleared if a
- new fetch succeeds */
-
-#define CRL_CACHE_OUT_OF_MEMORY 0x0004 /* this state will be set
- if we don't have enough memory to build the hash table of entries */
-
-/* CRL distribution point cache object
- This is a cache of CRL entries for a given distribution point of an issuer
- It is built from a collection of one full and 0 or more delta CRLs.
-*/
-
-struct CRLDPCacheStr {
-#ifdef USE_RWLOCK
- NSSRWLock* lock;
-#else
- PRLock* lock;
-#endif
- CERTCertificate* issuer; /* cert issuer */
- SECItem* subject; /* DER of issuer subject */
- SECItem* distributionPoint; /* DER of distribution point. This may be
- NULL when distribution points aren't
- in use (ie. the CA has a single CRL) */
-
- /* hash table of entries. We use a PLHashTable and pre-allocate the
- required amount of memory in one shot, so that our allocator can
- simply pass offsets into it when hashing.
-
- This won't work anymore when we support delta CRLs and iCRLs, because
- the size of the hash table will vary over time. At that point, the best
- solution will be to allocate large CRLEntry structures by modifying
- the DER decoding template. The extra space would be for next/prev
- pointers. This would allow entries from different CRLs to be mixed in
- the same hash table.
- */
- PLHashTable* entries;
- PreAllocator* prebuffer; /* big pre-allocated buffer mentioned above */
-
- /* array of CRLs matching this distribution point */
- PRUint32 ncrls; /* total number of CRLs in crls */
- CERTSignedCrl** crls; /* array of all matching DER CRLs
- from all tokens */
- /* XCRL With iCRLs and multiple DPs, the CRL can be shared accross several
- issuers. In the future, we'll need to globally recycle the CRL in a
- separate list in order to avoid extra lookups, decodes, and copies */
-
- /* pointers to good decoded CRLs used to build the cache */
- CERTSignedCrl* full; /* full CRL used for the cache */
-#if 0
- /* for future use */
- PRInt32 numdeltas; /* number of delta CRLs used for the cache */
- CERTSignedCrl** deltas; /* delta CRLs used for the cache */
-#endif
- /* invalidity bitflag */
- PRUint16 invalid; /* this state will be set if either
- CRL_CACHE_INVALID_CRLS or CRL_CACHE_LAST_FETCH_FAILED is set.
- In those cases, all certs are considered revoked as a
- security precaution. The invalid state can only be cleared
- during an update if all error states are cleared */
-};
-
-/* CRL issuer cache object
- This object tracks all the distribution point caches for a given issuer.
- XCRL once we support multiple issuing distribution points, this object
- will be a hash table. For now, it just holds the single CRL distribution
- point cache structure.
-*/
-
-struct CRLIssuerCacheStr {
- SECItem* subject; /* DER of issuer subject */
- CRLDPCache dp; /* DER of distribution point */
- CRLDPCache* dpp;
-#if 0
- /* XCRL for future use.
- We don't need to lock at the moment because we only have one DP,
- which gets created at the same time as this object */
- NSSRWLock* lock;
- CRLDPCache** dps;
- PLHashTable* distributionpoints;
- CERTCertificate* issuer;
-#endif
-};
-
-/* CRL revocation cache object
- This object tracks all the issuer caches
-*/
-
-struct CRLCacheStr {
- PRLock* lock;
- /* hash table of issuer to CRLIssuerCacheStr,
- indexed by issuer DER subject */
- PLHashTable* issuers;
-};
-
-SECStatus InitCRLCache(void);
-SECStatus ShutdownCRLCache(void);
-
-/* Returns a pointer to an environment-like string, a series of
-** null-terminated strings, terminated by a zero-length string.
-** This function is intended to be internal to NSS.
-*/
-extern char * cert_GetCertificateEmailAddresses(CERTCertificate *cert);
-
-/*
- * These functions are used to map subjectKeyID extension values to certs.
- */
-SECStatus
-cert_CreateSubjectKeyIDHashTable(void);
-
-SECStatus
-cert_AddSubjectKeyIDMapping(SECItem *subjKeyID, CERTCertificate *cert);
-
-/*
- * Call this function to remove an entry from the mapping table.
- */
-SECStatus
-cert_RemoveSubjectKeyIDMapping(SECItem *subjKeyID);
-
-SECStatus
-cert_DestroySubjectKeyIDHashTable(void);
-
-SECItem*
-cert_FindDERCertBySubjectKeyID(SECItem *subjKeyID);
-
-#endif /* _CERTI_H_ */
-
diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h
deleted file mode 100644
index f6b8f74bc..000000000
--- a/security/nss/lib/certdb/certt.h
+++ /dev/null
@@ -1,853 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _CERTT_H_
-#define _CERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secmodt.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-/* Stan data types */
-struct NSSCertificateStr;
-struct NSSTrustDomainStr;
-
-/* Non-opaque objects */
-typedef struct CERTAVAStr CERTAVA;
-typedef struct CERTAttributeStr CERTAttribute;
-typedef struct CERTAuthInfoAccessStr CERTAuthInfoAccess;
-typedef struct CERTAuthKeyIDStr CERTAuthKeyID;
-typedef struct CERTBasicConstraintsStr CERTBasicConstraints;
-#ifdef NSS_CLASSIC
-typedef struct CERTCertDBHandleStr CERTCertDBHandle;
-#else
-typedef struct NSSTrustDomainStr CERTCertDBHandle;
-#endif
-typedef struct CERTCertExtensionStr CERTCertExtension;
-typedef struct CERTCertKeyStr CERTCertKey;
-typedef struct CERTCertListStr CERTCertList;
-typedef struct CERTCertListNodeStr CERTCertListNode;
-typedef struct CERTCertNicknamesStr CERTCertNicknames;
-typedef struct CERTCertTrustStr CERTCertTrust;
-typedef struct CERTCertificateStr CERTCertificate;
-typedef struct CERTCertificateListStr CERTCertificateList;
-typedef struct CERTCertificateRequestStr CERTCertificateRequest;
-typedef struct CERTCrlStr CERTCrl;
-typedef struct CERTCrlDistributionPointsStr CERTCrlDistributionPoints;
-typedef struct CERTCrlEntryStr CERTCrlEntry;
-typedef struct CERTCrlHeadNodeStr CERTCrlHeadNode;
-typedef struct CERTCrlKeyStr CERTCrlKey;
-typedef struct CERTCrlNodeStr CERTCrlNode;
-typedef struct CERTDERCertsStr CERTDERCerts;
-typedef struct CERTDistNamesStr CERTDistNames;
-typedef struct CERTGeneralNameStr CERTGeneralName;
-typedef struct CERTGeneralNameListStr CERTGeneralNameList;
-typedef struct CERTIssuerAndSNStr CERTIssuerAndSN;
-typedef struct CERTNameStr CERTName;
-typedef struct CERTNameConstraintStr CERTNameConstraint;
-typedef struct CERTNameConstraintsStr CERTNameConstraints;
-typedef struct CERTOKDomainNameStr CERTOKDomainName;
-typedef struct CERTPublicKeyAndChallengeStr CERTPublicKeyAndChallenge;
-typedef struct CERTRDNStr CERTRDN;
-typedef struct CERTSignedCrlStr CERTSignedCrl;
-typedef struct CERTSignedDataStr CERTSignedData;
-typedef struct CERTStatusConfigStr CERTStatusConfig;
-typedef struct CERTSubjectListStr CERTSubjectList;
-typedef struct CERTSubjectNodeStr CERTSubjectNode;
-typedef struct CERTSubjectPublicKeyInfoStr CERTSubjectPublicKeyInfo;
-typedef struct CERTValidityStr CERTValidity;
-typedef struct CERTVerifyLogStr CERTVerifyLog;
-typedef struct CERTVerifyLogNodeStr CERTVerifyLogNode;
-typedef struct CRLDistributionPointStr CRLDistributionPoint;
-
-/* CRL extensions type */
-typedef unsigned long CERTCrlNumber;
-
-/*
-** An X.500 AVA object
-*/
-struct CERTAVAStr {
- SECItem type;
- SECItem value;
-};
-
-/*
-** An X.500 RDN object
-*/
-struct CERTRDNStr {
- CERTAVA **avas;
-};
-
-/*
-** An X.500 name object
-*/
-struct CERTNameStr {
- PRArenaPool *arena;
- CERTRDN **rdns;
-};
-
-/*
-** An X.509 validity object
-*/
-struct CERTValidityStr {
- PRArenaPool *arena;
- SECItem notBefore;
- SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct CERTCertKeyStr {
- SECItem serialNumber;
- SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct CERTSignedDataStr {
- SECItem data;
- SECAlgorithmID signatureAlgorithm;
- SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct CERTSubjectPublicKeyInfoStr {
- PRArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem subjectPublicKey;
-};
-
-struct CERTPublicKeyAndChallengeStr {
- SECItem spki;
- SECItem challenge;
-};
-
-struct CERTCertTrustStr {
- unsigned int sslFlags;
- unsigned int emailFlags;
- unsigned int objectSigningFlags;
-};
-
-/*
- * defined the types of trust that exist
- */
-typedef enum SECTrustTypeEnum {
- trustSSL = 0,
- trustEmail = 1,
- trustObjectSigning = 2,
- trustTypeNone = 3
-} SECTrustType;
-
-#define SEC_GET_TRUST_FLAGS(trust,type) \
- (((type)==trustSSL)?((trust)->sslFlags): \
- (((type)==trustEmail)?((trust)->emailFlags): \
- (((type)==trustObjectSigning)?((trust)->objectSigningFlags):0)))
-
-/*
-** An X.509.3 certificate extension
-*/
-struct CERTCertExtensionStr {
- SECItem id;
- SECItem critical;
- SECItem value;
-};
-
-struct CERTSubjectNodeStr {
- struct CERTSubjectNodeStr *next;
- struct CERTSubjectNodeStr *prev;
- SECItem certKey;
- SECItem keyID;
-};
-
-struct CERTSubjectListStr {
- PRArenaPool *arena;
- int ncerts;
- char *emailAddr;
- CERTSubjectNode *head;
- CERTSubjectNode *tail; /* do we need tail? */
- void *entry;
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct CERTCertificateStr {
- /* the arena is used to allocate any data structures that have the same
- * lifetime as the cert. This is all stuff that hangs off of the cert
- * structure, and is all freed at the same time. I is used when the
- * cert is decoded, destroyed, and at some times when it changes
- * state
- */
- PRArenaPool *arena;
-
- /* The following fields are static after the cert has been decoded */
- char *subjectName;
- char *issuerName;
- CERTSignedData signatureWrap; /* XXX */
- SECItem derCert; /* original DER for the cert */
- SECItem derIssuer; /* DER for issuer name */
- SECItem derSubject; /* DER for subject name */
- SECItem derPublicKey; /* DER for the public key */
- SECItem certKey; /* database key for this cert */
- SECItem version;
- SECItem serialNumber;
- SECAlgorithmID signature;
- CERTName issuer;
- CERTValidity validity;
- CERTName subject;
- CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
- SECItem issuerID;
- SECItem subjectID;
- CERTCertExtension **extensions;
- char *emailAddr;
- CERTCertDBHandle *dbhandle;
- SECItem subjectKeyID; /* x509v3 subject key identifier */
- PRBool keyIDGenerated; /* was the keyid generated? */
- unsigned int keyUsage; /* what uses are allowed for this cert */
- unsigned int rawKeyUsage; /* value of the key usage extension */
- PRBool keyUsagePresent; /* was the key usage extension present */
- unsigned int nsCertType; /* value of the ns cert type extension */
-
- /* these values can be set by the application to bypass certain checks
- * or to keep the cert in memory for an entire session.
- * XXX - need an api to set these
- */
- PRBool keepSession; /* keep this cert for entire session*/
- PRBool timeOK; /* is the bad validity time ok? */
- CERTOKDomainName *domainOK; /* these domain names are ok */
-
- /*
- * these values can change when the cert changes state. These state
- * changes include transitions from temp to perm or vice-versa, and
- * changes of trust flags
- */
- PRBool isperm;
- PRBool istemp;
- char *nickname;
- char *dbnickname;
- struct NSSCertificateStr *nssCertificate; /* This is Stan stuff. */
- CERTCertTrust *trust;
-
- /* the reference count is modified whenever someone looks up, dups
- * or destroys a certificate
- */
- int referenceCount;
-
- /* The subject list is a list of all certs with the same subject name.
- * It can be modified any time a cert is added or deleted from either
- * the in-memory(temporary) or on-disk(permanent) database.
- */
- CERTSubjectList *subjectList;
-
- /* these belong in the static section, but are here to maintain
- * the structure's integrity
- */
- CERTAuthKeyID * authKeyID; /* x509v3 authority key identifier */
- PRBool isRoot; /* cert is the end of a chain */
-
- /* these fields are used by client GUI code to keep track of ssl sockets
- * that are blocked waiting on GUI feedback related to this cert.
- * XXX - these should be moved into some sort of application specific
- * data structure. They are only used by the browser right now.
- */
- struct SECSocketNode *authsocketlist;
- int series; /* was int authsocketcount; record the series of the pkcs11ID */
-
- /* This is PKCS #11 stuff. */
- PK11SlotInfo *slot; /*if this cert came of a token, which is it*/
- CK_OBJECT_HANDLE pkcs11ID; /*and which object on that token is it */
- PRBool ownSlot; /*true if the cert owns the slot reference */
-};
-#define SEC_CERTIFICATE_VERSION_1 0 /* default created */
-#define SEC_CERTIFICATE_VERSION_2 1 /* v2 */
-#define SEC_CERTIFICATE_VERSION_3 2 /* v3 extensions */
-
-#define SEC_CRL_VERSION_1 0 /* default */
-#define SEC_CRL_VERSION_2 1 /* v2 extensions */
-
-/*
- * used to identify class of cert in mime stream code
- */
-#define SEC_CERT_CLASS_CA 1
-#define SEC_CERT_CLASS_SERVER 2
-#define SEC_CERT_CLASS_USER 3
-#define SEC_CERT_CLASS_EMAIL 4
-
-struct CERTDERCertsStr {
- PRArenaPool *arena;
- int numcerts;
- SECItem *rawCerts;
-};
-
-/*
-** A PKCS ? Attribute
-** XXX this is duplicated through out the code, it *should* be moved
-** to a central location. Where would be appropriate?
-*/
-struct CERTAttributeStr {
- SECItem attrType;
- SECItem **attrValue;
-};
-
-/*
-** A PKCS#10 certificate-request object (the unsigned form)
-*/
-struct CERTCertificateRequestStr {
- PRArenaPool *arena;
- SECItem version;
- CERTName subject;
- CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
- SECItem **attributes;
-};
-#define SEC_CERTIFICATE_REQUEST_VERSION 0 /* what we *create* */
-
-
-/*
-** A certificate list object.
-*/
-struct CERTCertificateListStr {
- SECItem *certs;
- int len; /* number of certs */
- PRArenaPool *arena;
-};
-
-struct CERTCertListNodeStr {
- PRCList links;
- CERTCertificate *cert;
- void *appData;
-};
-
-struct CERTCertListStr {
- PRCList list;
- PRArenaPool *arena;
-};
-
-#define CERT_LIST_HEAD(l) ((CERTCertListNode *)PR_LIST_HEAD(&l->list))
-#define CERT_LIST_NEXT(n) ((CERTCertListNode *)n->links.next)
-#define CERT_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-#define CERT_LIST_EMPTY(l) CERT_LIST_END(CERT_LIST_HEAD(l), l)
-
-struct CERTCrlEntryStr {
- SECItem serialNumber;
- SECItem revocationDate;
- CERTCertExtension **extensions;
-};
-
-struct CERTCrlStr {
- PRArenaPool *arena;
- SECItem version;
- SECAlgorithmID signatureAlg;
- SECItem derName;
- CERTName name;
- SECItem lastUpdate;
- SECItem nextUpdate; /* optional for x.509 CRL */
- CERTCrlEntry **entries;
- CERTCertExtension **extensions;
- /* can't add anything there for binary backwards compatibility reasons */
-};
-
-struct CERTCrlKeyStr {
- SECItem derName;
- SECItem dummy; /* The decoder can not skip a primitive,
- this serves as a place holder for the
- decoder to finish its task only
- */
-};
-
-struct CERTSignedCrlStr {
- PRArenaPool *arena;
- CERTCrl crl;
- void *reserved1;
- PRBool reserved2;
- PRBool isperm;
- PRBool istemp;
- int referenceCount;
- CERTCertDBHandle *dbhandle;
- CERTSignedData signatureWrap; /* XXX */
- char *url;
- SECItem *derCrl;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE pkcs11ID;
- void* opaque; /* do not touch */
-};
-
-
-struct CERTCrlHeadNodeStr {
- PRArenaPool *arena;
- CERTCertDBHandle *dbhandle;
- CERTCrlNode *first;
- CERTCrlNode *last;
-};
-
-
-struct CERTCrlNodeStr {
- CERTCrlNode *next;
- int type;
- CERTSignedCrl *crl;
-};
-
-
-/*
- * Array of X.500 Distinguished Names
- */
-struct CERTDistNamesStr {
- PRArenaPool *arena;
- int nnames;
- SECItem *names;
- void *head; /* private */
-};
-
-
-#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
-#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
-#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
-#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
-#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
-#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
-#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
-#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
-
-#define EXT_KEY_USAGE_TIME_STAMP (0x8000)
-#define EXT_KEY_USAGE_STATUS_RESPONDER (0x4000)
-
-#define NS_CERT_TYPE_APP ( NS_CERT_TYPE_SSL_CLIENT | \
- NS_CERT_TYPE_SSL_SERVER | \
- NS_CERT_TYPE_EMAIL | \
- NS_CERT_TYPE_OBJECT_SIGNING )
-
-#define NS_CERT_TYPE_CA ( NS_CERT_TYPE_SSL_CA | \
- NS_CERT_TYPE_EMAIL_CA | \
- NS_CERT_TYPE_OBJECT_SIGNING_CA | \
- EXT_KEY_USAGE_STATUS_RESPONDER )
-typedef enum SECCertUsageEnum {
- certUsageSSLClient = 0,
- certUsageSSLServer = 1,
- certUsageSSLServerWithStepUp = 2,
- certUsageSSLCA = 3,
- certUsageEmailSigner = 4,
- certUsageEmailRecipient = 5,
- certUsageObjectSigner = 6,
- certUsageUserCertImport = 7,
- certUsageVerifyCA = 8,
- certUsageProtectedObjectSigner = 9,
- certUsageStatusResponder = 10,
- certUsageAnyCA = 11
-} SECCertUsage;
-
-typedef PRInt64 SECCertificateUsage;
-
-#define certificateUsageSSLClient (0x0001)
-#define certificateUsageSSLServer (0x0002)
-#define certificateUsageSSLServerWithStepUp (0x0004)
-#define certificateUsageSSLCA (0x0008)
-#define certificateUsageEmailSigner (0x0010)
-#define certificateUsageEmailRecipient (0x0020)
-#define certificateUsageObjectSigner (0x0040)
-#define certificateUsageUserCertImport (0x0080)
-#define certificateUsageVerifyCA (0x0100)
-#define certificateUsageProtectedObjectSigner (0x0200)
-#define certificateUsageStatusResponder (0x0400)
-#define certificateUsageAnyCA (0x0800)
-
-#define certificateUsageHighest certificateUsageAnyCA
-
-/*
- * Does the cert belong to the user, a peer, or a CA.
- */
-typedef enum CERTCertOwnerEnum {
- certOwnerUser = 0,
- certOwnerPeer = 1,
- certOwnerCA = 2
-} CERTCertOwner;
-
-/*
- * This enum represents the state of validity times of a certificate
- */
-typedef enum SECCertTimeValidityEnum {
- secCertTimeValid = 0,
- secCertTimeExpired = 1,
- secCertTimeNotValidYet = 2
-} SECCertTimeValidity;
-
-/*
- * Interface for getting certificate nickname strings out of the database
- */
-
-/* these are values for the what argument below */
-#define SEC_CERT_NICKNAMES_ALL 1
-#define SEC_CERT_NICKNAMES_USER 2
-#define SEC_CERT_NICKNAMES_SERVER 3
-#define SEC_CERT_NICKNAMES_CA 4
-
-struct CERTCertNicknamesStr {
- PRArenaPool *arena;
- void *head;
- int numnicknames;
- char **nicknames;
- int what;
- int totallen;
-};
-
-struct CERTIssuerAndSNStr {
- SECItem derIssuer;
- CERTName issuer;
- SECItem serialNumber;
-};
-
-
-/* X.509 v3 Key Usage Extension flags */
-#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
-#define KU_NON_REPUDIATION (0x40) /* bit 1 */
-#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
-#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
-#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
-#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
-#define KU_CRL_SIGN (0x02) /* bit 6 */
-#define KU_ALL (KU_DIGITAL_SIGNATURE | \
- KU_NON_REPUDIATION | \
- KU_KEY_ENCIPHERMENT | \
- KU_DATA_ENCIPHERMENT | \
- KU_KEY_AGREEMENT | \
- KU_KEY_CERT_SIGN | \
- KU_CRL_SIGN)
-
-/* This value will not occur in certs. It is used internally for the case
- * when the key type is not know ahead of time and either key agreement or
- * key encipherment are the correct value based on key type
- */
-#define KU_KEY_AGREEMENT_OR_ENCIPHERMENT (0x4000)
-
-/* internal bits that do not match bits in the x509v3 spec, but are used
- * for similar purposes
- */
-#define KU_NS_GOVT_APPROVED (0x8000) /*don't make part of KU_ALL!*/
-/*
- * x.509 v3 Basic Constraints Extension
- * If isCA is false, the pathLenConstraint is ignored.
- * Otherwise, the following pathLenConstraint values will apply:
- * < 0 - there is no limit to the certificate path
- * 0 - CA can issues end-entity certificates only
- * > 0 - the number of certificates in the certificate path is
- * limited to this number
- */
-#define CERT_UNLIMITED_PATH_CONSTRAINT -2
-
-struct CERTBasicConstraintsStr {
- PRBool isCA; /* on if is CA */
- int pathLenConstraint; /* maximum number of certificates that can be
- in the cert path. Only applies to a CA
- certificate; otherwise, it's ignored.
- */
-};
-
-/* Maximum length of a certificate chain */
-#define CERT_MAX_CERT_CHAIN 20
-
-/* x.509 v3 Reason Falgs, used in CRLDistributionPoint Extension */
-#define RF_UNUSED (0x80) /* bit 0 */
-#define RF_KEY_COMPROMISE (0x40) /* bit 1 */
-#define RF_CA_COMPROMISE (0x20) /* bit 2 */
-#define RF_AFFILIATION_CHANGED (0x10) /* bit 3 */
-#define RF_SUPERSEDED (0x08) /* bit 4 */
-#define RF_CESSATION_OF_OPERATION (0x04) /* bit 5 */
-#define RF_CERTIFICATE_HOLD (0x02) /* bit 6 */
-
-/* If we needed to extract the general name field, use this */
-/* General Name types */
-typedef enum CERTGeneralNameTypeEnum {
- certOtherName = 1,
- certRFC822Name = 2,
- certDNSName = 3,
- certX400Address = 4,
- certDirectoryName = 5,
- certEDIPartyName = 6,
- certURI = 7,
- certIPAddress = 8,
- certRegisterID = 9
-} CERTGeneralNameType;
-
-
-typedef struct OtherNameStr {
- SECItem name;
- SECItem oid;
-}OtherName;
-
-
-
-struct CERTGeneralNameStr {
- CERTGeneralNameType type; /* name type */
- union {
- CERTName directoryName; /* distinguish name */
- OtherName OthName; /* Other Name */
- SECItem other; /* the rest of the name forms */
- }name;
- SECItem derDirectoryName; /* this is saved to simplify directory name
- comparison */
- PRCList l;
-};
-
-struct CERTGeneralNameListStr {
- PRArenaPool *arena;
- CERTGeneralName *name;
- int refCount;
- int len;
- PZLock *lock;
-};
-
-struct CERTNameConstraintStr {
- CERTGeneralName name;
- SECItem DERName;
- SECItem min;
- SECItem max;
- PRCList l;
-};
-
-
-struct CERTNameConstraintsStr {
- CERTNameConstraint *permited;
- CERTNameConstraint *excluded;
- SECItem **DERPermited;
- SECItem **DERExcluded;
-};
-
-
-/* X.509 v3 Authority Key Identifier extension. For the authority certificate
- issuer field, we only support URI now.
- */
-struct CERTAuthKeyIDStr {
- SECItem keyID; /* unique key identifier */
- CERTGeneralName *authCertIssuer; /* CA's issuer name. End with a NULL */
- SECItem authCertSerialNumber; /* CA's certificate serial number */
- SECItem **DERAuthCertIssuer; /* This holds the DER encoded format of
- the authCertIssuer field. It is used
- by the encoding engine. It should be
- used as a read only field by the caller.
- */
-};
-
-/* x.509 v3 CRL Distributeion Point */
-
-/*
- * defined the types of CRL Distribution points
- */
-typedef enum DistributionPointTypesEnum {
- generalName = 1, /* only support this for now */
- relativeDistinguishedName = 2
-} DistributionPointTypes;
-
-struct CRLDistributionPointStr {
- DistributionPointTypes distPointType;
- union {
- CERTGeneralName *fullName;
- CERTRDN relativeName;
- } distPoint;
- SECItem reasons;
- CERTGeneralName *crlIssuer;
-
- /* Reserved for internal use only*/
- SECItem derDistPoint;
- SECItem derRelativeName;
- SECItem **derCrlIssuer;
- SECItem **derFullName;
- SECItem bitsmap;
-};
-
-struct CERTCrlDistributionPointsStr {
- CRLDistributionPoint **distPoints;
-};
-
-/*
- * This structure is used to keep a log of errors when verifying
- * a cert chain. This allows multiple errors to be reported all at
- * once.
- */
-struct CERTVerifyLogNodeStr {
- CERTCertificate *cert; /* what cert had the error */
- long error; /* what error was it? */
- unsigned int depth; /* how far up the chain are we */
- void *arg; /* error specific argument */
- struct CERTVerifyLogNodeStr *next; /* next in the list */
- struct CERTVerifyLogNodeStr *prev; /* next in the list */
-};
-
-
-struct CERTVerifyLogStr {
- PRArenaPool *arena;
- unsigned int count;
- struct CERTVerifyLogNodeStr *head;
- struct CERTVerifyLogNodeStr *tail;
-};
-
-
-struct CERTOKDomainNameStr {
- CERTOKDomainName *next;
- char name[1]; /* actual length may be longer. */
-};
-
-
-typedef SECStatus (PR_CALLBACK *CERTStatusChecker) (CERTCertDBHandle *handle,
- CERTCertificate *cert,
- int64 time,
- void *pwArg);
-
-typedef SECStatus (PR_CALLBACK *CERTStatusDestroy) (CERTStatusConfig *handle);
-
-struct CERTStatusConfigStr {
- CERTStatusChecker statusChecker; /* NULL means no checking enabled */
- CERTStatusDestroy statusDestroy; /* enabled or no, will clean up */
- void *statusContext; /* cx specific to checking protocol */
-};
-
-struct CERTAuthInfoAccessStr {
- SECItem method;
- SECItem derLocation;
- CERTGeneralName *location; /* decoded location */
-};
-
-
-/* This is the typedef for the callback passed to CERT_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*CERTDBNameFunc)(void *arg, int dbVersion);
-
-/*
- * types of cert packages that we can decode
- */
-typedef enum CERTPackageTypeEnum {
- certPackageNone = 0,
- certPackageCert = 1,
- certPackagePKCS7 = 2,
- certPackageNSCertSeq = 3,
- certPackageNSCertWrap = 4
-} CERTPackageType;
-
-/*
- * these types are for the PKIX Certificate Policies extension
- */
-typedef struct {
- SECOidTag oid;
- SECItem qualifierID;
- SECItem qualifierValue;
-} CERTPolicyQualifier;
-
-typedef struct {
- SECOidTag oid;
- SECItem policyID;
- CERTPolicyQualifier **policyQualifiers;
-} CERTPolicyInfo;
-
-typedef struct {
- PRArenaPool *arena;
- CERTPolicyInfo **policyInfos;
-} CERTCertificatePolicies;
-
-typedef struct {
- SECItem organization;
- SECItem **noticeNumbers;
-} CERTNoticeReference;
-
-typedef struct {
- PRArenaPool *arena;
- CERTNoticeReference noticeReference;
- SECItem derNoticeReference;
- SECItem displayText;
-} CERTUserNotice;
-
-typedef struct {
- PRArenaPool *arena;
- SECItem **oids;
-} CERTOidSequence;
-
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h" /* way down here because I expect template stuff to
- * move out of here anyway */
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template CERT_CertificateRequestTemplate[];
-extern const SEC_ASN1Template CERT_CertificateTemplate[];
-extern const SEC_ASN1Template SEC_SignedCertificateTemplate[];
-extern const SEC_ASN1Template CERT_CertExtensionTemplate[];
-extern const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[];
-extern const SEC_ASN1Template SECKEY_PublicKeyTemplate[];
-extern const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[];
-extern const SEC_ASN1Template CERT_ValidityTemplate[];
-extern const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[];
-extern const SEC_ASN1Template SEC_CertSequenceTemplate[];
-
-extern const SEC_ASN1Template CERT_IssuerAndSNTemplate[];
-extern const SEC_ASN1Template CERT_NameTemplate[];
-extern const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[];
-extern const SEC_ASN1Template CERT_RDNTemplate[];
-extern const SEC_ASN1Template CERT_SignedDataTemplate[];
-extern const SEC_ASN1Template CERT_CrlTemplate[];
-
-/*
-** XXX should the attribute stuff be centralized for all of ns/security?
-*/
-extern const SEC_ASN1Template CERT_AttributeTemplate[];
-extern const SEC_ASN1Template CERT_SetOfAttributeTemplate[];
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateRequestTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_CrlTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_NameTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SubjectPublicKeyInfoTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_SignedCertificateTemplate)
-
-SEC_END_PROTOS
-
-#endif /* _CERTT_H_ */
diff --git a/security/nss/lib/certdb/certv3.c b/security/nss/lib/certdb/certv3.c
deleted file mode 100644
index e50c66279..000000000
--- a/security/nss/lib/certdb/certv3.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with X509.V3 extensions.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-SECStatus
-CERT_FindCertExtensionByOID(CERTCertificate *cert, SECItem *oid,
- SECItem *value)
-{
- return (cert_FindExtensionByOID (cert->extensions, oid, value));
-}
-
-
-SECStatus
-CERT_FindCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
- return (cert_FindExtension (cert->extensions, tag, value));
-}
-
-static void
-SetExts(void *object, CERTCertExtension **exts)
-{
- CERTCertificate *cert = (CERTCertificate *)object;
-
- cert->extensions = exts;
- DER_SetUInteger (cert->arena, &(cert->version), SEC_CERTIFICATE_VERSION_3);
-}
-
-void *
-CERT_StartCertExtensions(CERTCertificate *cert)
-{
- return (cert_StartExtensions ((void *)cert, cert->arena, SetExts));
-}
-
-/* find the given extension in the certificate of the Issuer of 'cert' */
-SECStatus
-CERT_FindIssuerCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
- CERTCertificate *issuercert;
- SECStatus rv;
-
- issuercert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
- if ( issuercert ) {
- rv = cert_FindExtension(issuercert->extensions, tag, value);
- CERT_DestroyCertificate(issuercert);
- } else {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-/* find a URL extension in the cert or its CA
- * apply the base URL string if it exists
- */
-char *
-CERT_FindCertURLExtension(CERTCertificate *cert, int tag, int catag)
-{
- SECStatus rv;
- SECItem urlitem;
- SECItem baseitem;
- SECItem urlstringitem = {siBuffer,0};
- SECItem basestringitem = {siBuffer,0};
- PRArenaPool *arena = NULL;
- PRBool hasbase;
- char *urlstring;
- char *str;
- int len;
- unsigned int i;
-
- urlstring = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( ! arena ) {
- goto loser;
- }
-
- hasbase = PR_FALSE;
- urlitem.data = NULL;
- baseitem.data = NULL;
-
- rv = cert_FindExtension(cert->extensions, tag, &urlitem);
- if ( rv == SECSuccess ) {
- rv = cert_FindExtension(cert->extensions, SEC_OID_NS_CERT_EXT_BASE_URL,
- &baseitem);
- if ( rv == SECSuccess ) {
- hasbase = PR_TRUE;
- }
-
- } else if ( catag ) {
- /* if the cert doesn't have the extensions, see if the issuer does */
- rv = CERT_FindIssuerCertExtension(cert, catag, &urlitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = CERT_FindIssuerCertExtension(cert, SEC_OID_NS_CERT_EXT_BASE_URL,
- &baseitem);
- if ( rv == SECSuccess ) {
- hasbase = PR_TRUE;
- }
- } else {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, &urlstringitem, SEC_IA5StringTemplate,
- &urlitem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
- if ( hasbase ) {
- rv = SEC_QuickDERDecodeItem(arena, &basestringitem, SEC_IA5StringTemplate,
- &baseitem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- len = urlstringitem.len + ( hasbase ? basestringitem.len : 0 ) + 1;
-
- str = urlstring = (char *)PORT_Alloc(len);
- if ( urlstring == NULL ) {
- goto loser;
- }
-
- /* copy the URL base first */
- if ( hasbase ) {
-
- /* if the urlstring has a : in it, then we assume it is an absolute
- * URL, and will not get the base string pre-pended
- */
- for ( i = 0; i < urlstringitem.len; i++ ) {
- if ( urlstringitem.data[i] == ':' ) {
- goto nobase;
- }
- }
-
- PORT_Memcpy(str, basestringitem.data, basestringitem.len);
- str += basestringitem.len;
-
- }
-
-nobase:
- /* copy the rest (or all) of the URL */
- PORT_Memcpy(str, urlstringitem.data, urlstringitem.len);
- str += urlstringitem.len;
-
- *str = '\0';
- goto done;
-
-loser:
- if ( urlstring ) {
- PORT_Free(urlstring);
- }
-
- urlstring = NULL;
-done:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if ( baseitem.data ) {
- PORT_Free(baseitem.data);
- }
- if ( urlitem.data ) {
- PORT_Free(urlitem.data);
- }
-
- return(urlstring);
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindNSCertTypeExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- return (CERT_FindBitStringExtension
- (cert->extensions, SEC_OID_NS_CERT_EXT_CERT_TYPE, retItem));
-}
-
-
-/*
- * get the value of a string type extension
- */
-char *
-CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag)
-{
- SECItem wrapperItem, tmpItem = {siBuffer,0};
- SECStatus rv;
- PRArenaPool *arena = NULL;
- char *retstring = NULL;
-
- wrapperItem.data = NULL;
- tmpItem.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- goto loser;
- }
-
- rv = cert_FindExtension(cert->extensions, oidtag,
- &wrapperItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, &tmpItem, SEC_IA5StringTemplate,
- &wrapperItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- retstring = (char *)PORT_Alloc(tmpItem.len + 1 );
- if ( retstring == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retstring, tmpItem.data, tmpItem.len);
- retstring[tmpItem.len] = '\0';
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if ( wrapperItem.data ) {
- PORT_Free(wrapperItem.data);
- }
-
- return(retstring);
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindKeyUsageExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- return (CERT_FindBitStringExtension(cert->extensions,
- SEC_OID_X509_KEY_USAGE, retItem));
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindSubjectKeyIDExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- rv = cert_FindExtension
- (cert->extensions, SEC_OID_X509_SUBJECT_KEY_ID, &encodedValue);
- if (rv != SECSuccess)
- return (rv);
- rv = SEC_ASN1DecodeItem (NULL, retItem, SEC_OctetStringTemplate,
- &encodedValue);
- PORT_Free (encodedValue.data);
-
- return (rv);
-}
-
-SECStatus
-CERT_FindBasicConstraintExten(CERTCertificate *cert,
- CERTBasicConstraints *value)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (rv);
- }
-
- rv = CERT_DecodeBasicConstraintValue (value, &encodedExtenValue);
-
- /* free the raw extension data */
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return(rv);
-}
-
-CERTAuthKeyID *
-CERT_FindAuthKeyIDExten (PRArenaPool *arena, CERTCertificate *cert)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
- CERTAuthKeyID *ret;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_AUTH_KEY_ID,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (NULL);
- }
-
- ret = CERT_DecodeAuthKeyID (arena, &encodedExtenValue);
-
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return(ret);
-}
-
-SECStatus
-CERT_CheckCertUsage(CERTCertificate *cert, unsigned char usage)
-{
- PRBool critical;
- SECItem keyUsage;
- SECStatus rv;
-
- /* There is no extension, v1 or v2 certificate */
- if (cert->extensions == NULL) {
- return (SECSuccess);
- }
-
- keyUsage.data = NULL;
-
- do {
- /* if the keyUsage extension exists and is critical, make sure that the
- CA certificate is used for certificate signing purpose only. If the
- extension does not exist, we will assum that it can be used for
- certificate signing purpose.
- */
- rv = CERT_GetExtenCriticality(cert->extensions,
- SEC_OID_X509_KEY_USAGE,
- &critical);
- if (rv == SECFailure) {
- rv = (PORT_GetError () == SEC_ERROR_EXTENSION_NOT_FOUND) ?
- SECSuccess : SECFailure;
- break;
- }
-
- if (critical == PR_FALSE) {
- rv = SECSuccess;
- break;
- }
-
- rv = CERT_FindKeyUsageExtension(cert, &keyUsage);
- if (rv != SECSuccess) {
- break;
- }
- if (!(keyUsage.data[0] & usage)) {
- PORT_SetError (SEC_ERROR_CERT_USAGES_INVALID);
- rv = SECFailure;
- }
- }while (0);
- PORT_Free (keyUsage.data);
- return (rv);
-}
diff --git a/security/nss/lib/certdb/certxutl.c b/security/nss/lib/certdb/certxutl.c
deleted file mode 100644
index 9e9fa9b97..000000000
--- a/security/nss/lib/certdb/certxutl.c
+++ /dev/null
@@ -1,482 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate Extensions handling code
- *
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-#ifdef OLD
-#include "ocspti.h" /* XXX a better extensions interface would not
- * require knowledge of data structures of callers */
-#endif
-
-static CERTCertExtension *
-GetExtension (CERTCertExtension **extensions, SECItem *oid)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- SECComparison comp;
-
- exts = extensions;
-
- if (exts) {
- while ( *exts ) {
- ext = *exts;
- comp = SECITEM_CompareItem(oid, &ext->id);
- if ( comp == SECEqual )
- break;
-
- exts++;
- }
- return (*exts ? ext : NULL);
- }
- return (NULL);
-}
-
-SECStatus
-cert_FindExtensionByOID (CERTCertExtension **extensions, SECItem *oid, SECItem *value)
-{
- CERTCertExtension *ext;
- SECStatus rv = SECSuccess;
-
- ext = GetExtension (extensions, oid);
- if (ext == NULL) {
- PORT_SetError (SEC_ERROR_EXTENSION_NOT_FOUND);
- return (SECFailure);
- }
- if (value)
- rv = SECITEM_CopyItem(NULL, value, &ext->value);
- return (rv);
-}
-
-
-SECStatus
-CERT_GetExtenCriticality (CERTCertExtension **extensions, int tag, PRBool *isCritical)
-{
- CERTCertExtension *ext;
- SECOidData *oid;
-
- if (!isCritical)
- return (SECSuccess);
-
- /* find the extension in the extensions list */
- oid = SECOID_FindOIDByTag((SECOidTag)tag);
- if ( !oid ) {
- return(SECFailure);
- }
- ext = GetExtension (extensions, &oid->oid);
- if (ext == NULL) {
- PORT_SetError (SEC_ERROR_EXTENSION_NOT_FOUND);
- return (SECFailure);
- }
-
- /* If the criticality is omitted, then it is false by default.
- ex->critical.data is NULL */
- if (ext->critical.data == NULL)
- *isCritical = PR_FALSE;
- else
- *isCritical = (ext->critical.data[0] == 0xff) ? PR_TRUE : PR_FALSE;
- return (SECSuccess);
-}
-
-SECStatus
-cert_FindExtension(CERTCertExtension **extensions, int tag, SECItem *value)
-{
- SECOidData *oid;
-
- oid = SECOID_FindOIDByTag((SECOidTag)tag);
- if ( !oid ) {
- return(SECFailure);
- }
-
- return(cert_FindExtensionByOID(extensions, &oid->oid, value));
-}
-
-
-typedef struct _extNode {
- struct _extNode *next;
- CERTCertExtension *ext;
-} extNode;
-
-typedef struct {
- void (*setExts)(void *object, CERTCertExtension **exts);
- void *object;
- PRArenaPool *ownerArena;
- PRArenaPool *arena;
- extNode *head;
- int count;
-}extRec;
-
-/*
- * cert_StartExtensions
- *
- * NOTE: This interface changed significantly to remove knowledge
- * about callers data structures (owner objects)
- */
-void *
-cert_StartExtensions(void *owner, PRArenaPool *ownerArena,
- void (*setExts)(void *object, CERTCertExtension **exts))
-{
- PRArenaPool *arena;
- extRec *handle;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return(0);
- }
-
- handle = (extRec *)PORT_ArenaAlloc(arena, sizeof(extRec));
- if ( !handle ) {
- PORT_FreeArena(arena, PR_FALSE);
- return(0);
- }
-
- handle->object = owner;
- handle->ownerArena = ownerArena;
- handle->setExts = setExts;
-
- handle->arena = arena;
- handle->head = 0;
- handle->count = 0;
-
- return(handle);
-}
-
-static unsigned char hextrue = 0xff;
-
-/*
- * Note - assumes that data pointed to by oid->data will not move
- */
-SECStatus
-CERT_AddExtensionByOID (void *exthandle, SECItem *oid, SECItem *value,
- PRBool critical, PRBool copyData)
-{
- CERTCertExtension *ext;
- SECStatus rv;
- extNode *node;
- extRec *handle;
-
- handle = (extRec *)exthandle;
-
- /* allocate space for extension and list node */
- ext = (CERTCertExtension*)PORT_ArenaZAlloc(handle->ownerArena,
- sizeof(CERTCertExtension));
- if ( !ext ) {
- return(SECFailure);
- }
-
- node = (extNode*)PORT_ArenaAlloc(handle->arena, sizeof(extNode));
- if ( !node ) {
- return(SECFailure);
- }
-
- /* add to list */
- node->next = handle->head;
- handle->head = node;
-
- /* point to ext struct */
- node->ext = ext;
-
- /* the object ID of the extension */
- ext->id = *oid;
-
- /* set critical field */
- if ( critical ) {
- ext->critical.data = (unsigned char*)&hextrue;
- ext->critical.len = 1;
- }
-
- /* set the value */
- if ( copyData ) {
- rv = SECITEM_CopyItem(handle->ownerArena, &ext->value, value);
- if ( rv ) {
- return(SECFailure);
- }
- } else {
- ext->value = *value;
- }
-
- handle->count++;
-
- return(SECSuccess);
-
-}
-
-SECStatus
-CERT_AddExtension(void *exthandle, int idtag, SECItem *value,
- PRBool critical, PRBool copyData)
-{
- SECOidData *oid;
-
- oid = SECOID_FindOIDByTag((SECOidTag)idtag);
- if ( !oid ) {
- return(SECFailure);
- }
-
- return(CERT_AddExtensionByOID(exthandle, &oid->oid, value, critical, copyData));
-}
-
-SECStatus
-CERT_EncodeAndAddExtension(void *exthandle, int idtag, void *value,
- PRBool critical, const SEC_ASN1Template *atemplate)
-{
- extRec *handle;
- SECItem *encitem;
-
- handle = (extRec *)exthandle;
-
- encitem = SEC_ASN1EncodeItem(handle->ownerArena, NULL, value, atemplate);
- if ( encitem == NULL ) {
- return(SECFailure);
- }
-
- return CERT_AddExtension(exthandle, idtag, encitem, critical, PR_FALSE);
-}
-
-void
-PrepareBitStringForEncoding (SECItem *bitsmap, SECItem *value)
-{
- unsigned char onebyte;
- unsigned int i, len = 0;
-
- /* to prevent warning on some platform at compile time */
- onebyte = '\0';
- /* Get the position of the right-most turn-on bit */
- for (i = 0; i < (value->len ) * 8; ++i) {
- if (i % 8 == 0)
- onebyte = value->data[i/8];
- if (onebyte & 0x80)
- len = i;
- onebyte <<= 1;
-
- }
- bitsmap->data = value->data;
- /* Add one here since we work with base 1 */
- bitsmap->len = len + 1;
-}
-
-SECStatus
-CERT_EncodeAndAddBitStrExtension (void *exthandle, int idtag,
- SECItem *value, PRBool critical)
-{
- SECItem bitsmap;
-
- PrepareBitStringForEncoding (&bitsmap, value);
- return (CERT_EncodeAndAddExtension
- (exthandle, idtag, &bitsmap, critical, SEC_BitStringTemplate));
-}
-
-SECStatus
-CERT_FinishExtensions(void *exthandle)
-{
- extRec *handle;
- extNode *node;
- CERTCertExtension **exts;
- SECStatus rv = SECFailure;
-
- handle = (extRec *)exthandle;
-
- /* allocate space for extensions array */
- exts = PORT_ArenaNewArray(handle->ownerArena, CERTCertExtension *,
- handle->count + 1);
- if (exts == NULL) {
- goto loser;
- }
-
- /* put extensions in owner object and update its version number */
-
-#ifdef OLD
- switch (handle->type) {
- case CertificateExtensions:
- handle->owner.cert->extensions = exts;
- DER_SetUInteger (ownerArena, &(handle->owner.cert->version),
- SEC_CERTIFICATE_VERSION_3);
- break;
- case CrlExtensions:
- handle->owner.crl->extensions = exts;
- DER_SetUInteger (ownerArena, &(handle->owner.crl->version),
- SEC_CRL_VERSION_2);
- break;
- case OCSPRequestExtensions:
- handle->owner.request->tbsRequest->requestExtensions = exts;
- break;
- case OCSPSingleRequestExtensions:
- handle->owner.singleRequest->singleRequestExtensions = exts;
- break;
- case OCSPResponseSingleExtensions:
- handle->owner.singleResponse->singleExtensions = exts;
- break;
- }
-#endif
-
- handle->setExts(handle->object, exts);
-
- /* update the version number */
-
- /* copy each extension pointer */
- node = handle->head;
- while ( node ) {
- *exts = node->ext;
-
- node = node->next;
- exts++;
- }
-
- /* terminate the array of extensions */
- *exts = 0;
-
- rv = SECSuccess;
-
-loser:
- /* free working arena */
- PORT_FreeArena(handle->arena, PR_FALSE);
- return rv;
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindBitStringExtension (CERTCertExtension **extensions, int tag,
- SECItem *retItem)
-{
- SECItem wrapperItem, tmpItem = {siBuffer,0};
- SECStatus rv;
- PRArenaPool *arena = NULL;
-
- wrapperItem.data = NULL;
- tmpItem.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- rv = cert_FindExtension(extensions, tag, &wrapperItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, &tmpItem, SEC_BitStringTemplate,
- &wrapperItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- retItem->data = (unsigned char *)PORT_Alloc( ( tmpItem.len + 7 ) >> 3 );
- if ( retItem->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retItem->data, tmpItem.data, ( tmpItem.len + 7 ) >> 3);
- retItem->len = tmpItem.len;
-
- rv = SECSuccess;
- goto done;
-
-loser:
- rv = SECFailure;
-
-done:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if ( wrapperItem.data ) {
- PORT_Free(wrapperItem.data);
- }
-
- return(rv);
-}
-
-PRBool
-cert_HasCriticalExtension (CERTCertExtension **extensions)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- PRBool hasCriticalExten = PR_FALSE;
-
- exts = extensions;
-
- if (exts) {
- while ( *exts ) {
- ext = *exts;
- /* If the criticality is omitted, it's non-critical */
- if (ext->critical.data && ext->critical.data[0] == 0xff) {
- hasCriticalExten = PR_TRUE;
- break;
- }
- exts++;
- }
- }
- return (hasCriticalExten);
-}
-
-PRBool
-cert_HasUnknownCriticalExten (CERTCertExtension **extensions)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- PRBool hasUnknownCriticalExten = PR_FALSE;
-
- exts = extensions;
-
- if (exts) {
- while ( *exts ) {
- ext = *exts;
- /* If the criticality is omitted, it's non-critical.
- If an extension is critical, make sure that we know
- how to process the extension.
- */
- if (ext->critical.data && ext->critical.data[0] == 0xff) {
- if (SECOID_KnownCertExtenOID (&ext->id) == PR_FALSE) {
- hasUnknownCriticalExten = PR_TRUE;
- break;
- }
- }
- exts++;
- }
- }
- return (hasUnknownCriticalExten);
-}
diff --git a/security/nss/lib/certdb/certxutl.h b/security/nss/lib/certdb/certxutl.h
deleted file mode 100644
index 381226a43..000000000
--- a/security/nss/lib/certdb/certxutl.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * x.509 v3 certificate extension helper routines
- *
- */
-
-
-#ifndef _CERTXUTL_H_
-#define _CERTXUTL_H_
-
-#include "nspr.h"
-
-#ifdef OLD
-typedef enum {
- CertificateExtensions,
- CrlExtensions,
- OCSPRequestExtensions,
- OCSPSingleRequestExtensions,
- OCSPResponseSingleExtensions
-} ExtensionsType;
-#endif
-
-extern PRBool
-cert_HasCriticalExtension (CERTCertExtension **extensions);
-
-extern SECStatus
-CERT_FindBitStringExtension (CERTCertExtension **extensions,
- int tag, SECItem *retItem);
-extern void *
-cert_StartExtensions (void *owner, PLArenaPool *arena,
- void (*setExts)(void *object, CERTCertExtension **exts));
-
-extern SECStatus
-cert_FindExtension (CERTCertExtension **extensions, int tag, SECItem *value);
-
-extern SECStatus
-cert_FindExtensionByOID (CERTCertExtension **extensions,
- SECItem *oid, SECItem *value);
-
-extern SECStatus
-cert_GetExtenCriticality (CERTCertExtension **extensions,
- int tag, PRBool *isCritical);
-
-extern PRBool
-cert_HasUnknownCriticalExten (CERTCertExtension **extensions);
-
-#endif
diff --git a/security/nss/lib/certdb/config.mk b/security/nss/lib/certdb/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/certdb/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c
deleted file mode 100644
index 72e0aa94e..000000000
--- a/security/nss/lib/certdb/crl.c
+++ /dev/null
@@ -1,1950 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Moved from secpkcs7.c
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "certi.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "certdb.h"
-#include "certxutl.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "dev.h"
-#include "dev3hack.h"
-#include "nssbase.h"
-#ifdef USE_RWLOCK
-#include "nssrwlk.h"
-#endif
-
-const SEC_ASN1Template SEC_CERTExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertExtension) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTCertExtension,id) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(CERTCertExtension,critical), },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTCertExtension,value) },
- { 0, }
-};
-
-static const SEC_ASN1Template SEC_CERTExtensionsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_CERTExtensionTemplate}
-};
-
-/*
- * XXX Also, these templates, especially the Krl/FORTEZZA ones, need to
- * be tested; Lisa did the obvious translation but they still should be
- * verified.
- */
-
-const SEC_ASN1Template CERT_IssuerAndSNTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTIssuerAndSN) },
- { SEC_ASN1_SAVE,
- offsetof(CERTIssuerAndSN,derIssuer) },
- { SEC_ASN1_INLINE,
- offsetof(CERTIssuerAndSN,issuer),
- CERT_NameTemplate },
- { SEC_ASN1_INTEGER,
- offsetof(CERTIssuerAndSN,serialNumber) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_KrlEntryTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrlEntry) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTCrlEntry,serialNumber) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrlEntry,revocationDate) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_KrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrl) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,signatureAlg),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCrl,derName) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,name),
- CERT_NameTemplate },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,lastUpdate) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,nextUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrl,entries),
- cert_KrlEntryTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedKrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedCrl) },
- { SEC_ASN1_SAVE,
- offsetof(CERTSignedCrl,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,crl),
- cert_KrlTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedCrl,signatureWrap.signature) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_CrlKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrlKey) },
- { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(CERTCrlKey,dummy) },
- { SEC_ASN1_SKIP },
- { SEC_ASN1_ANY, offsetof(CERTCrlKey,derName) },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_CrlEntryTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrlEntry) },
- { SEC_ASN1_INTEGER,
- offsetof(CERTCrlEntry,serialNumber) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrlEntry,revocationDate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrlEntry, extensions),
- SEC_CERTExtensionTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CERT_CrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrl) },
- { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof (CERTCrl, version) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,signatureAlg),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCrl,derName) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,name),
- CERT_NameTemplate },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,lastUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,nextUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrl,entries),
- cert_CrlEntryTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | 0,
- offsetof(CERTCrl,extensions),
- SEC_CERTExtensionsTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CERT_CrlTemplateNoEntries[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrl) },
- { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof (CERTCrl, version) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,signatureAlg),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCrl,derName) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,name),
- CERT_NameTemplate },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,lastUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,nextUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF |
- SEC_ASN1_SKIP }, /* skip entries */
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | 0,
- offsetof(CERTCrl,extensions),
- SEC_CERTExtensionsTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_CrlTemplateEntriesOnly[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrl) },
- { SEC_ASN1_SKIP | SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL },
- { SEC_ASN1_SKIP },
- { SEC_ASN1_SKIP },
- { SEC_ASN1_SKIP | SEC_ASN1_UTC_TIME },
- { SEC_ASN1_SKIP | SEC_ASN1_OPTIONAL | SEC_ASN1_UTC_TIME },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrl,entries),
- cert_CrlEntryTemplate }, /* decode entries */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedCrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedCrl) },
- { SEC_ASN1_SAVE,
- offsetof(CERTSignedCrl,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,crl),
- CERT_CrlTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedCrl,signatureWrap.signature) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedCrlTemplateNoEntries[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedCrl) },
- { SEC_ASN1_SAVE,
- offsetof(CERTSignedCrl,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,crl),
- CERT_CrlTemplateNoEntries },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedCrl,signatureWrap.signature) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[] = {
- { SEC_ASN1_SET_OF, 0, cert_SignedCrlTemplate },
-};
-
-/* Check the version of the CRL. If there is a critical extension in the crl
- or crl entry, then the version must be v2. Otherwise, it should be v1. If
- the crl contains critical extension(s), then we must recognized the extension's
- OID.
- */
-SECStatus cert_check_crl_version (CERTCrl *crl)
-{
- CERTCrlEntry **entries;
- CERTCrlEntry *entry;
- PRBool hasCriticalExten = PR_FALSE;
- SECStatus rv = SECSuccess;
- int version;
-
- /* CRL version is defaulted to v1 */
- version = SEC_CRL_VERSION_1;
- if (crl->version.data != 0)
- version = (int)DER_GetUInteger (&crl->version);
-
- if (version > SEC_CRL_VERSION_2) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- return (SECFailure);
- }
-
- /* Check the crl extensions for a critial extension. If one is found,
- and the version is not v2, then we are done.
- */
- if (crl->extensions) {
- hasCriticalExten = cert_HasCriticalExtension (crl->extensions);
- if (hasCriticalExten) {
- if (version != SEC_CRL_VERSION_2)
- return (SECFailure);
- /* make sure that there is no unknown critical extension */
- if (cert_HasUnknownCriticalExten (crl->extensions) == PR_TRUE) {
- PORT_SetError (SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- return (SECFailure);
- }
- }
- }
-
-
- if (crl->entries == NULL) {
- return (SECSuccess);
- }
- /* Look in the crl entry extensions. If there is a critical extension,
- then the crl version must be v2; otherwise, it should be v1.
- */
- entries = crl->entries;
- while (*entries) {
- entry = *entries;
- if (entry->extensions) {
- /* If there is a critical extension in the entries, then the
- CRL must be of version 2. If we already saw a critical extension,
- there is no need to check the version again.
- */
- if (hasCriticalExten == PR_FALSE) {
- hasCriticalExten = cert_HasCriticalExtension (entry->extensions);
- if (hasCriticalExten && version != SEC_CRL_VERSION_2) {
- rv = SECFailure;
- break;
- }
- }
-
- /* For each entry, make sure that it does not contain an unknown
- critical extension. If it does, we must reject the CRL since
- we don't know how to process the extension.
- */
- if (cert_HasUnknownCriticalExten (entry->extensions) == PR_TRUE) {
- PORT_SetError (SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- rv = SECFailure;
- break;
- }
- }
- ++entries;
- }
- if (rv == SECFailure)
- return (rv);
-
- return (SECSuccess);
-}
-
-/*
- * Generate a database key, based on the issuer name from a
- * DER crl.
- */
-SECStatus
-CERT_KeyFromDERCrl(PRArenaPool *arena, SECItem *derCrl, SECItem *key)
-{
- SECStatus rv;
- CERTSignedData sd;
- CERTCrlKey crlkey;
-
- PORT_Memset (&sd, 0, sizeof (sd));
- rv = SEC_ASN1DecodeItem (arena, &sd, CERT_SignedDataTemplate, derCrl);
- if (rv != SECSuccess) {
- return rv;
- }
-
- PORT_Memset (&crlkey, 0, sizeof (crlkey));
- rv = SEC_ASN1DecodeItem(arena, &crlkey, cert_CrlKeyTemplate, &sd.data);
- if (rv != SECSuccess) {
- return rv;
- }
-
- key->len = crlkey.derName.len;
- key->data = crlkey.derName.data;
-
- return(SECSuccess);
-}
-
-#define GetOpaqueCRLFields(x) ((OpaqueCRLFields*)x->opaque)
-
-/*
-PRBool CERT_CRLIsInvalid(CERTSignedCrl* crl)
-{
- OpaqueCRLFields* extended = NULL;
-
- if (crl && (extended = (OpaqueCRLFields*) crl->opaque)) {
- return extended->bad;
- }
- return PR_TRUE;
-}
-*/
-
-SECStatus CERT_CompleteCRLDecodeEntries(CERTSignedCrl* crl)
-{
- SECStatus rv = SECSuccess;
- SECItem* crldata = NULL;
- OpaqueCRLFields* extended = NULL;
-
- if ( (!crl) ||
- (!(extended = (OpaqueCRLFields*) crl->opaque)) ) {
- rv = SECFailure;
- } else {
- if (PR_FALSE == extended->partial) {
- /* the CRL has already been fully decoded */
- return SECSuccess;
- }
- if (PR_TRUE == extended->badEntries) {
- /* the entries decoding already failed */
- return SECFailure;
- }
- crldata = &crl->signatureWrap.data;
- if (!crldata) {
- rv = SECFailure;
- }
- }
-
- if (SECSuccess == rv) {
- rv = SEC_QuickDERDecodeItem(crl->arena,
- &crl->crl,
- CERT_CrlTemplateEntriesOnly,
- crldata);
- if (SECSuccess == rv) {
- extended->partial = PR_FALSE; /* successful decode, avoid
- decoding again */
- } else {
- extended->bad = PR_TRUE;
- extended->badEntries = PR_TRUE;
- /* cache the decoding failure. If it fails the first time,
- it will fail again, which will grow the arena and leak
- memory, so we want to avoid it */
- }
- }
- return rv;
-}
-
-/*
- * take a DER CRL or KRL and decode it into a CRL structure
- * allow reusing the input DER without making a copy
- */
-CERTSignedCrl *
-CERT_DecodeDERCrlWithFlags(PRArenaPool *narena, SECItem *derSignedCrl,
- int type, PRInt32 options)
-{
- PRArenaPool *arena;
- CERTSignedCrl *crl;
- SECStatus rv;
- OpaqueCRLFields* extended = NULL;
- const SEC_ASN1Template* crlTemplate = cert_SignedCrlTemplate;
-
- /* make a new arena */
- if (narena == NULL) {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return NULL;
- }
- } else {
- arena = narena;
- }
-
- /* allocate the CRL structure */
- crl = (CERTSignedCrl *)PORT_ArenaZAlloc(arena, sizeof(CERTSignedCrl));
- if ( !crl ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- crl->arena = arena;
-
- /* allocate opaque fields */
- crl->opaque = (void*)PORT_ArenaZAlloc(arena, sizeof(OpaqueCRLFields));
- if ( !crl->opaque ) {
- goto loser;
- }
- extended = (OpaqueCRLFields*) crl->opaque;
-
- if (options & CRL_DECODE_DONT_COPY_DER) {
- crl->derCrl = derSignedCrl; /* DER is not copied . The application
- must keep derSignedCrl until it
- destroys the CRL */
- } else {
- crl->derCrl = (SECItem *)PORT_ArenaZAlloc(arena,sizeof(SECItem));
- if (crl->derCrl == NULL) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, crl->derCrl, derSignedCrl);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
-
- /* Save the arena in the inner crl for CRL extensions support */
- crl->crl.arena = arena;
- if (options & CRL_DECODE_SKIP_ENTRIES) {
- crlTemplate = cert_SignedCrlTemplateNoEntries;
- extended->partial = PR_TRUE;
- }
-
- /* decode the CRL info */
- switch (type) {
- case SEC_CRL_TYPE:
- rv = SEC_QuickDERDecodeItem(arena, crl, crlTemplate, crl->derCrl);
- if (rv != SECSuccess) {
- extended->badDER = PR_TRUE;
- break;
- }
- /* check for critical extentions */
- rv = cert_check_crl_version (&crl->crl);
- if (rv != SECSuccess) {
- extended->badExtensions = PR_TRUE;
- }
- break;
-
- case SEC_KRL_TYPE:
- rv = SEC_QuickDERDecodeItem
- (arena, crl, cert_SignedKrlTemplate, derSignedCrl);
- break;
- default:
- rv = SECFailure;
- break;
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- crl->referenceCount = 1;
-
- return(crl);
-
-loser:
- if (options & CRL_DECODE_KEEP_BAD_CRL) {
- extended->bad = PR_TRUE;
- crl->referenceCount = 1;
- return(crl);
- }
-
- if ((narena == NULL) && arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(0);
-}
-
-/*
- * take a DER CRL or KRL and decode it into a CRL structure
- */
-CERTSignedCrl *
-CERT_DecodeDERCrl(PRArenaPool *narena, SECItem *derSignedCrl, int type)
-{
- return CERT_DecodeDERCrlWithFlags(narena, derSignedCrl, type, CRL_DECODE_DEFAULT_OPTIONS);
-}
-
-/*
- * Lookup a CRL in the databases. We mirror the same fast caching data base
- * caching stuff used by certificates....?
- * return values :
- *
- * SECSuccess means we got a valid DER CRL (passed in "decoded"), or no CRL at all
- *
- * SECFailure means we got a fatal error - most likely, we found a CRL,
- * and it failed decoding, or there was an out of memory error. Do NOT ignore
- * it and specifically do NOT treat it the same as having no CRL, as this
- * can compromise security !!! Ideally, you should treat this case as if you
- * received a "catch-all" CRL where all certs you were looking up are
- * considered to be revoked
- */
-static SECStatus
-SEC_FindCrlByKeyOnSlot(PK11SlotInfo *slot, SECItem *crlKey, int type,
- CERTSignedCrl** decoded, PRInt32 decodeoptions)
-{
- SECStatus rv = SECSuccess;
- CERTSignedCrl *crl = NULL;
- SECItem *derCrl = NULL;
- CK_OBJECT_HANDLE crlHandle = 0;
- char *url = NULL;
- int nsserror;
-
- PORT_Assert(decoded);
- if (!decoded) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (slot) {
- PK11_ReferenceSlot(slot);
- }
-
- /* XXX it would be really useful to be able to fetch the CRL directly into an
- arena. This would avoid a copy later on in the decode step */
- PORT_SetError(0);
- derCrl = PK11_FindCrlByName(&slot, &crlHandle, crlKey, type, &url);
- if (derCrl == NULL) {
- /* if we had a problem other than the CRL just didn't exist, return
- * a failure to the upper level */
- nsserror = PORT_GetError();
- if ((nsserror != 0) && (nsserror != SEC_ERROR_CRL_NOT_FOUND)) {
- rv = SECFailure;
- }
- goto loser;
- }
- PORT_Assert(crlHandle != CK_INVALID_HANDLE);
-
- crl = CERT_DecodeDERCrlWithFlags(NULL, derCrl, type, decodeoptions);
- if (crl) {
- crl->slot = slot;
- slot = NULL; /* adopt it */
- crl->pkcs11ID = crlHandle;
- if (url) {
- crl->url = PORT_ArenaStrdup(crl->arena,url);
- }
- } else {
- rv = SECFailure;
- }
-
- if (url) {
- PORT_Free(url);
- }
-
-loser:
- if (slot) {
- PK11_FreeSlot(slot);
- }
-
- if (derCrl) {
- /* destroy the DER, unless a decoded CRL was returned with DER
- allocated on the heap. This is solely for cache purposes */
- if (crl && (decodeoptions & CRL_DECODE_DONT_COPY_DER)) {
- /* mark the DER as having come from the heap instead of the
- arena, so it can be destroyed */
- GetOpaqueCRLFields(crl)->heapDER = PR_TRUE;
- } else {
- SECITEM_FreeItem(derCrl, PR_TRUE);
- }
- }
-
- *decoded = crl;
-
- return rv;
-}
-
-SECStatus SEC_DestroyCrl(CERTSignedCrl *crl);
-
-CERTSignedCrl *
-crl_storeCRL (PK11SlotInfo *slot,char *url,
- CERTSignedCrl *newCrl, SECItem *derCrl, int type)
-{
- CERTSignedCrl *oldCrl = NULL, *crl = NULL;
- PRBool deleteOldCrl = PR_FALSE;
- CK_OBJECT_HANDLE crlHandle;
-
- PORT_Assert(newCrl);
- PORT_Assert(derCrl);
-
- /* we can't use the cache here because we must look in the same
- token */
- SEC_FindCrlByKeyOnSlot(slot, &newCrl->crl.derName, type,
- &oldCrl, CRL_DECODE_SKIP_ENTRIES);
-
- /* if there is an old crl on the token, make sure the one we are
- installing is newer. If not, exit out, otherwise delete the
- old crl.
- */
- if (oldCrl != NULL) {
- /* if it's already there, quietly continue */
- if (SECITEM_CompareItem(newCrl->derCrl, oldCrl->derCrl)
- == SECEqual) {
- crl = newCrl;
- crl->slot = PK11_ReferenceSlot(slot);
- crl->pkcs11ID = oldCrl->pkcs11ID;
- goto done;
- }
- if (!SEC_CrlIsNewer(&newCrl->crl,&oldCrl->crl)) {
-
- if (type == SEC_CRL_TYPE) {
- PORT_SetError(SEC_ERROR_OLD_CRL);
- } else {
- PORT_SetError(SEC_ERROR_OLD_KRL);
- }
-
- goto done;
- }
-
- if ((SECITEM_CompareItem(&newCrl->crl.derName,
- &oldCrl->crl.derName) != SECEqual) &&
- (type == SEC_KRL_TYPE) ) {
-
- PORT_SetError(SEC_ERROR_CKL_CONFLICT);
- goto done;
- }
-
- /* if we have a url in the database, use that one */
- if (oldCrl->url) {
- url = oldCrl->url;
- }
-
- /* really destroy this crl */
- /* first drum it out of the permanment Data base */
- deleteOldCrl = PR_TRUE;
- }
-
- /* invalidate CRL cache for this issuer */
- CERT_CRLCacheRefreshIssuer(NULL, &newCrl->crl.derName);
- /* Write the new entry into the data base */
- crlHandle = PK11_PutCrl(slot, derCrl, &newCrl->crl.derName, url, type);
- if (crlHandle != CK_INVALID_HANDLE) {
- crl = newCrl;
- crl->slot = PK11_ReferenceSlot(slot);
- crl->pkcs11ID = crlHandle;
- if (url) {
- crl->url = PORT_ArenaStrdup(crl->arena,url);
- }
- }
-
-done:
- if (oldCrl) {
- if (deleteOldCrl && crlHandle != CK_INVALID_HANDLE) {
- SEC_DeletePermCRL(oldCrl);
- }
- SEC_DestroyCrl(oldCrl);
- }
-
- return crl;
-}
-
-/*
- *
- * create a new CRL from DER material.
- *
- * The signature on this CRL must be checked before you
- * load it. ???
- */
-CERTSignedCrl *
-SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type)
-{
- CERTSignedCrl* retCrl = NULL;
- PK11SlotInfo* slot = PK11_GetInternalKeySlot();
- retCrl = PK11_ImportCRL(slot, derCrl, url, type, NULL,
- CRL_IMPORT_BYPASS_CHECKS, NULL, CRL_DECODE_DEFAULT_OPTIONS);
- PK11_FreeSlot(slot);
-
- return retCrl;
-}
-
-CERTSignedCrl *
-SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type)
-{
- PRArenaPool *arena;
- SECItem crlKey;
- SECStatus rv;
- CERTSignedCrl *crl = NULL;
-
- /* create a scratch arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return(NULL);
- }
-
- /* extract the database key from the cert */
- rv = CERT_KeyFromDERCrl(arena, derCrl, &crlKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* find the crl */
- crl = SEC_FindCrlByName(handle, &crlKey, type);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(crl);
-}
-
-CERTSignedCrl* SEC_DupCrl(CERTSignedCrl* acrl)
-{
- if (acrl)
- {
- PR_AtomicIncrement(&acrl->referenceCount);
- return acrl;
- }
- return NULL;
-}
-
-SECStatus
-SEC_DestroyCrl(CERTSignedCrl *crl)
-{
- if (crl) {
- if (PR_AtomicDecrement(&crl->referenceCount) < 1) {
- if (crl->slot) {
- PK11_FreeSlot(crl->slot);
- }
- if (PR_TRUE == GetOpaqueCRLFields(crl)->heapDER) {
- SECITEM_FreeItem(crl->derCrl, PR_TRUE);
- }
- PORT_FreeArena(crl->arena, PR_FALSE);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type)
-{
- CERTCrlHeadNode *head;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- *nodes = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return SECFailure;
- }
-
- /* build a head structure */
- head = (CERTCrlHeadNode *)PORT_ArenaAlloc(arena, sizeof(CERTCrlHeadNode));
- head->arena = arena;
- head->first = NULL;
- head->last = NULL;
- head->dbhandle = handle;
-
- /* Look up the proper crl types */
- *nodes = head;
-
- rv = PK11_LookupCrls(head, type, NULL);
-
- if (rv != SECSuccess) {
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- *nodes = NULL;
- }
- }
-
- return rv;
-}
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_IssuerAndSNTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CrlTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SetOfSignedCrlTemplate)
-
-/*
-** Pre-allocator hash allocator ops.
-*/
-static void * PR_CALLBACK
-PreAllocTable(void *pool, PRSize size)
-{
- PreAllocator* alloc = (PreAllocator*)pool;
- PR_ASSERT(alloc);
- if (!alloc)
- {
- /* no allocator, or buffer full */
- return NULL;
- }
- if (size > (alloc->len - alloc->used))
- {
- alloc->extra += size;
- return PORT_ArenaAlloc(alloc->arena, size);
- }
- alloc->used += size;
- return (char*) alloc->data + alloc->used - size;
-}
-
-static void PR_CALLBACK
-PreFreeTable(void *pool, void *item)
-{
-}
-
-static PLHashEntry * PR_CALLBACK
-PreAllocEntry(void *pool, const void *key)
-{
- return PreAllocTable(pool, sizeof(PLHashEntry));
-}
-
-static void PR_CALLBACK
-PreFreeEntry(void *pool, PLHashEntry *he, PRUintn flag)
-{
-}
-
-static PLHashAllocOps preAllocOps = {
- PreAllocTable, PreFreeTable,
- PreAllocEntry, PreFreeEntry
-};
-
-void PreAllocator_Destroy(PreAllocator* PreAllocator)
-{
- if (!PreAllocator)
- {
- return;
- }
- if (PreAllocator->arena)
- {
- PORT_FreeArena(PreAllocator->arena, PR_TRUE);
- }
- if (PreAllocator->data)
- {
- PORT_Free(PreAllocator->data);
- }
- PORT_Free(PreAllocator);
-}
-
-PreAllocator* PreAllocator_Create(PRSize size)
-{
- PreAllocator prebuffer;
- PreAllocator* prepointer = NULL;
- memset(&prebuffer, 0, sizeof(PreAllocator));
- prebuffer.len = size;
- prebuffer.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- PR_ASSERT(prebuffer.arena);
- if (!prebuffer.arena) {
- PreAllocator_Destroy(&prebuffer);
- return NULL;
- }
- if (prebuffer.len) {
- prebuffer.data = PR_Malloc(prebuffer.len);
- if (!prebuffer.data) {
- PreAllocator_Destroy(&prebuffer);
- return NULL;
- }
- } else {
- prebuffer.data = NULL;
- }
- prepointer = (PreAllocator*)PR_Malloc(sizeof(PreAllocator));
- if (!prepointer) {
- PreAllocator_Destroy(&prebuffer);
- return NULL;
- }
- *prepointer = prebuffer;
- return prepointer;
-}
-
-static CRLCache crlcache = { NULL, NULL };
-
-static PRBool crlcache_initialized = PR_FALSE;
-
-/* this needs to be called at NSS initialization time */
-
-SECStatus InitCRLCache(void)
-{
- if (PR_FALSE == crlcache_initialized)
- {
- PR_ASSERT(NULL == crlcache.lock);
- crlcache.lock = PR_NewLock();
- if (!crlcache.lock)
- {
- return SECFailure;
- }
- PR_ASSERT(NULL == crlcache.issuers);
- crlcache.issuers = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- PL_CompareValues, NULL, NULL);
- if (!crlcache.issuers)
- {
- PR_DestroyLock(crlcache.lock);
- crlcache.lock = NULL;
- return SECFailure;
- }
- crlcache_initialized = PR_TRUE;
- return SECSuccess;
- }
- else
- {
- PR_ASSERT(crlcache.lock);
- PR_ASSERT(crlcache.issuers);
- if ( (NULL == crlcache.lock) || (NULL == crlcache.issuers) )
- {
- return SECFailure;
- }
- else
- {
- return SECSuccess;
- }
- }
-}
-
-SECStatus DPCache_Destroy(CRLDPCache* cache)
-{
- PRUint32 i = 0;
- PR_ASSERT(cache);
- if (!cache) {
- return SECFailure;
- }
- if (cache->lock)
- {
-#ifdef USE_RWLOCK
- NSSRWLock_Destroy(cache->lock);
-#else
- PR_DestroyLock(cache->lock);
-#endif
- }
- /* destroy all our CRL objects */
- for (i=0;i<cache->ncrls;i++)
- {
- SEC_DestroyCrl(cache->crls[i]);
- }
- /* free the array of CRLs */
- if (cache->crls)
- {
- PR_Free(cache->crls);
- }
- /* destroy the hash table */
- if (cache->entries)
- {
- PL_HashTableDestroy(cache->entries);
- }
- /* free the pre buffer */
- if (cache->prebuffer)
- {
- PreAllocator_Destroy(cache->prebuffer);
- }
- /* destroy the cert */
- if (cache->issuer)
- {
- CERT_DestroyCertificate(cache->issuer);
- }
- /* free the subject */
- if (cache->subject)
- {
- SECITEM_FreeItem(cache->subject, PR_TRUE);
- }
- /* free the distribution points */
- if (cache->distributionPoint)
- {
- SECITEM_FreeItem(cache->distributionPoint, PR_TRUE);
- }
- return SECSuccess;
-}
-
-SECStatus IssuerCache_Destroy(CRLIssuerCache* cache)
-{
- PORT_Assert(cache);
- if (!cache)
- {
- return SECFailure;
- }
-#if 0
- /* XCRL */
- if (cache->lock)
- {
- NSSRWLock_Destroy(cache->lock);
- }
- if (cache->issuer)
- {
- CERT_DestroyCertificate(cache->issuer);
- }
-#endif
- /* free the subject */
- if (cache->subject)
- {
- SECITEM_FreeItem(cache->subject, PR_TRUE);
- }
- DPCache_Destroy(&cache->dp);
- PR_Free(cache);
- return SECSuccess;
-}
-
-PRIntn PR_CALLBACK FreeIssuer(PLHashEntry *he, PRIntn i, void *arg)
-{
- CRLIssuerCache* issuer = NULL;
- PR_ASSERT(he);
- if (!he) {
- return HT_ENUMERATE_NEXT;
- }
- issuer = (CRLIssuerCache*) he->value;
- PR_ASSERT(issuer);
- if (issuer) {
- IssuerCache_Destroy(issuer);
- }
- return HT_ENUMERATE_NEXT;
-}
-
-SECStatus ShutdownCRLCache(void)
-{
- if (!crlcache.lock || !crlcache.issuers)
- {
- return SECFailure;
- }
- /* empty the cache */
- PL_HashTableEnumerateEntries(crlcache.issuers, &FreeIssuer, NULL);
- PL_HashTableDestroy(crlcache.issuers);
- crlcache.issuers = NULL;
- PR_DestroyLock(crlcache.lock);
- crlcache.lock = NULL;
- crlcache_initialized = PR_FALSE;
- return SECSuccess;
-}
-
-SECStatus DPCache_AddCRL(CRLDPCache* cache, CERTSignedCrl* crl)
-{
- CERTSignedCrl** newcrls = NULL;
- PORT_Assert(cache);
- PORT_Assert(crl);
- if (!cache || !crl) {
- return SECFailure;
- }
-
- newcrls = (CERTSignedCrl**)PORT_Realloc(cache->crls,
- (cache->ncrls+1)*sizeof(CERTSignedCrl*));
- if (!newcrls) {
- return SECFailure;
- }
- cache->crls = newcrls;
- cache->ncrls++;
- cache->crls[cache->ncrls-1] = crl;
- return SECSuccess;
-}
-
-SECStatus DPCache_Cleanup(CRLDPCache* cache)
-{
- /* remove deleted CRLs from memory */
- PRUint32 i = 0;
- PORT_Assert(cache);
- if (!cache) {
- return SECFailure;
- }
- for (i=0;i<cache->ncrls;i++) {
- CERTSignedCrl* acrl = cache->crls[i];
- if (acrl && (PR_TRUE == GetOpaqueCRLFields(acrl)->deleted)) {
- cache->crls[i] = cache->crls[cache->ncrls-1];
- cache->crls[cache->ncrls-1] = NULL;
- cache->ncrls--;
- }
- }
- return SECSuccess;
-}
-
-PRBool CRLStillExists(CERTSignedCrl* crl)
-{
- NSSItem newsubject;
- SECItem subject;
- CK_ULONG crl_class;
- PRStatus status;
- PK11SlotInfo* slot = NULL;
- nssCryptokiObject instance;
- NSSArena* arena;
- PRBool xstatus = PR_TRUE;
- SECItem* oldSubject = NULL;
-
- PORT_Assert(crl);
- if (!crl) {
- return PR_FALSE;
- }
- slot = crl->slot;
- PORT_Assert(slot);
- if (!slot) {
- return PR_FALSE;
- }
- oldSubject = &crl->crl.derName;
- PR_ASSERT(oldSubject);
- if (!oldSubject) {
- return PR_FALSE;
- }
-
- /* query subject and type attributes in order to determine if the
- object has been deleted */
-
- /* first, make an nssCryptokiObject */
- instance.handle = crl->pkcs11ID;
- PORT_Assert(instance.handle);
- if (!instance.handle) {
- return PR_FALSE;
- }
- instance.token = PK11Slot_GetNSSToken(slot);
- PORT_Assert(instance.token);
- if (!instance.token) {
- return PR_FALSE;
- }
- instance.isTokenObject = PR_TRUE;
- instance.label = NULL;
-
- arena = NSSArena_Create();
- PORT_Assert(arena);
- if (!arena) {
- return PR_FALSE;
- }
-
- status = nssCryptokiCRL_GetAttributes(&instance,
- NULL, /* XXX sessionOpt */
- arena,
- NULL,
- &newsubject, /* subject */
- &crl_class, /* class */
- NULL,
- NULL);
- if (PR_SUCCESS == status) {
- subject.data = newsubject.data;
- subject.len = newsubject.size;
- if (SECITEM_CompareItem(oldSubject, &subject) != SECEqual) {
- xstatus = PR_FALSE;
- }
- if (CKO_NETSCAPE_CRL != crl_class) {
- xstatus = PR_FALSE;
- }
- } else {
- xstatus = PR_FALSE;
- }
- NSSArena_Destroy(arena);
- return xstatus;
-}
-
-SECStatus DPCache_Refresh(CRLDPCache* cache, CERTSignedCrl* crlobject,
- void* wincx)
-{
- SECStatus rv = SECSuccess;
- /* Check if it is an invalid CRL
- if we got a bad CRL, we want to cache it in order to avoid
- subsequent fetches of this same identical bad CRL. We set
- the cache to the invalid state to ensure that all certs
- on this DP are considered revoked from now on. The cache
- object will remain in this state until the bad CRL object
- is removed from the token it was fetched from. If the cause
- of the failure is that we didn't have the issuer cert to
- verify the signature, this state can be cleared when
- the issuer certificate becomes available if that causes the
- signature to verify */
-
- if (PR_TRUE == GetOpaqueCRLFields(crlobject)->bad) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- cache->invalid |= CRL_CACHE_INVALID_CRLS;
- return SECSuccess;
- } else {
- SECStatus signstatus = SECFailure;
- if (cache->issuer) {
- int64 issuingDate = 0;
- signstatus = DER_UTCTimeToTime(&issuingDate, &crlobject->crl.lastUpdate);
- if (SECSuccess == signstatus) {
- signstatus = CERT_VerifySignedData(&crlobject->signatureWrap,
- cache->issuer, issuingDate, wincx);
- }
- }
- if (SECSuccess != signstatus) {
- if (!cache->issuer) {
- /* we tried to verify without an issuer cert . This is
- because this CRL came through a call to SEC_FindCrlByName.
- So we don't cache this verification failure. We'll try
- to verify the CRL again when a certificate from that issuer
- becomes available */
- GetOpaqueCRLFields(crlobject)->unverified = PR_TRUE;
- } else {
- GetOpaqueCRLFields(crlobject)->unverified = PR_FALSE;
- }
- PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
- cache->invalid |= CRL_CACHE_INVALID_CRLS;
- return SECSuccess;
- } else {
- GetOpaqueCRLFields(crlobject)->unverified = PR_FALSE;
- }
- }
-
- /* complete the entry decoding */
- rv = CERT_CompleteCRLDecodeEntries(crlobject);
- if (SECSuccess == rv) {
- /* XCRL : if this is a delta, add it to the hash table */
- /* for now, always build the hash table from the full CRL */
- CERTCrlEntry** crlEntry = NULL;
- PRUint32 numEntries = 0;
- if (cache->entries) {
- /* we already have a hash table, destroy it */
- PL_HashTableDestroy(cache->entries);
- cache->entries = NULL;
- }
- /* also destroy the PreAllocator */
- if (cache->prebuffer)
- {
- PreAllocator_Destroy(cache->prebuffer);
- cache->prebuffer = NULL;
- }
- /* count CRL entries so we can pre-allocate space for hash table entries */
- for (crlEntry = crlobject->crl.entries; crlEntry && *crlEntry; crlEntry++) {
- numEntries++;
- }
- cache->prebuffer = PreAllocator_Create(numEntries*sizeof(PLHashEntry));
- PR_ASSERT(cache->prebuffer);
- if (cache->prebuffer) {
- /* create a new hash table */
- cache->entries = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- PL_CompareValues, &preAllocOps, cache->prebuffer);
- }
- PR_ASSERT(cache->entries);
- if (!cache->entries) {
- rv = SECFailure;
- }
- if (SECSuccess == rv) {
- /* add all serial numbers to the hash table */
- for (crlEntry = crlobject->crl.entries; crlEntry && *crlEntry; crlEntry++) {
- PL_HashTableAdd(cache->entries, &(*crlEntry)->serialNumber, *crlEntry);
- }
- cache->full = crlobject;
- cache->invalid = 0; /* valid cache */
- } else {
- cache->invalid |= CRL_CACHE_OUT_OF_MEMORY;
- }
- } else {
- cache->invalid |= CRL_CACHE_INVALID_CRLS;
- }
- return rv;
-}
-
-void DPCache_Empty(CRLDPCache* cache)
-{
- PRUint32 i;
- PR_ASSERT(cache);
- if (!cache)
- {
- return;
- }
- cache->full = NULL;
-
- cache->invalid = 0;
-
- if (cache->entries) {
- /* we already have a hash table, destroy it */
- PL_HashTableDestroy(cache->entries);
- cache->entries = NULL;
- }
- /* also destroy the PreAllocator */
- if (cache->prebuffer)
- {
- PreAllocator_Destroy(cache->prebuffer);
- cache->prebuffer = NULL;
- }
-
- for (i=0;i<cache->ncrls;i++)
- {
- CERTSignedCrl* crl = cache->crls[i];
- if (crl)
- {
- GetOpaqueCRLFields(crl)->deleted = PR_TRUE;
- }
- }
-}
-
-SECStatus DPCache_Fetch(CRLDPCache* cache, void* wincx)
-{
- SECStatus rv = SECSuccess;
- CERTSignedCrl* crlobject = NULL;
- PRUint32 i=0;
- /* XCRL For now, we can only get one full CRL. In the future, we'll be able to
- find more than one object, because of multiple tokens and deltas */
- rv = SEC_FindCrlByKeyOnSlot(NULL, cache->subject, SEC_CRL_TYPE,
- &crlobject, CRL_DECODE_DONT_COPY_DER |
- CRL_DECODE_SKIP_ENTRIES |
- CRL_DECODE_KEEP_BAD_CRL);
- /* if this function fails, something very wrong happened, such as an out
- of memory error during CRL decoding. We don't want to proceed and must
- mark the cache object invalid */
- if (SECFailure == rv) {
- cache->invalid |= CRL_CACHE_LAST_FETCH_FAILED;
- } else {
- cache->invalid &= (~CRL_CACHE_LAST_FETCH_FAILED);
- }
-
- if ((SECSuccess == rv) && (!crlobject)) {
- /* no CRL was found. This is OK */
- DPCache_Empty(cache);
- return SECSuccess;
- }
-
- /* now check if we already have a binary equivalent DER CRL */
- for (i=0;i<cache->ncrls;i++) {
- CERTSignedCrl* existing = cache->crls[i];
- if (existing && (SECEqual == SECITEM_CompareItem(existing->derCrl, crlobject->derCrl))) {
- /* yes. Has the matching CRL been marked deleted ? */
- if (PR_TRUE == GetOpaqueCRLFields(crlobject)->deleted) {
- /* Yes. Just replace the CK object ID and slot in the existing object.
- This avoids an unnecessary signature verification & entry decode */
- /* XCRL we'll need to lock the CRL here in the future for iCRLs that are
- shared between multiple CAs */
- existing->pkcs11ID = crlobject->pkcs11ID;
- PK11_FreeSlot(existing->slot); /* release reference to old
- CRL slot */
- existing->slot = crlobject->slot; /* adopt new CRL slot */
- crlobject->slot = NULL; /* clear slot to avoid double-freeing it
- during CRL destroy */
- rv = SEC_DestroyCrl(crlobject);
- PORT_Assert(SECSuccess == rv);
- return rv;
- } else {
- /* We got an identical CRL from a different token.
- Throw it away. */
- return SEC_DestroyCrl(crlobject);
- }
- }
- }
-
- /* add the CRL to our array */
- if (SECSuccess == rv) {
- rv = DPCache_AddCRL(cache, crlobject);
- }
-
- /* update the cache with this new CRL */
- if (SECSuccess == rv) {
- rv = DPCache_Refresh(cache, crlobject, wincx);
- }
- return rv;
-}
-
-SECStatus DPCache_Lookup(CRLDPCache* cache, SECItem* sn, CERTCrlEntry** returned)
-{
- CERTSignedCrl* crl = NULL;
- CERTCrlEntry* acrlEntry = NULL;
- if (!cache || !sn) {
- /* no cache or SN to look up, this is bad */
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (0 != cache->invalid) {
- /* the cache contains a bad CRL, consider all certs revoked
- as a security measure */
- PORT_SetError(SEC_ERROR_CRL_INVALID);
- return SECFailure;
- }
- if (!cache->full) {
- /* no CRL means no entry to return, but this is OK */
- *returned = NULL;
- return SECSuccess;
- }
- crl = cache->full;
- PR_ASSERT(cache->entries);
- if (!cache->entries)
- {
- return SECFailure;
- }
- acrlEntry = PL_HashTableLookup(cache->entries, (void*)sn);
- if (acrlEntry)
- {
- *returned = acrlEntry;
- }
- return SECSuccess;
-}
-
-#ifdef USE_RWLOCK
-
-#define DPCache_LockWrite() { \
- if (readlocked){ \
- NSSRWLock_UnlockRead(cache->lock); \
- } \
- NSSRWLock_LockWrite(cache->lock); \
-}
-
-#define DPCache_UnlockWrite() { \
- if (readlocked){ \
- NSSRWLock_LockRead(cache->lock); \
- } \
- NSSRWLock_UnlockWrite(cache->lock); \
-}
-
-#else
-
-#define DPCache_LockWrite() {}
-
-#define DPCache_UnlockWrite() {}
-
-#endif
-
-SECStatus DPCache_Update(CRLDPCache* cache, CERTCertificate* issuer,
- void* wincx, PRBool readlocked)
-{
- /* Update the CRLDPCache now. We don't cache token CRL lookup misses
- yet, as we have no way of getting notified of new PKCS#11 object
- creation that happens in a token */
- SECStatus rv = SECSuccess;
- PRUint32 i = 0;
- PRBool updated = PR_FALSE;
-
- if (!cache) {
- return SECFailure;
- }
-
- /* verify CRLs that couldn't be checked when inserted into the cache
- because the issuer cert was unavailable. These are CRLs that were
- inserted into the cache through SEC_FindCrlByName, rather than
- through a certificate verification (CERT_CheckCRL) */
- if (issuer) {
- /* if we didn't have a valid issuer cert yet, but we do now. add it */
- if (NULL == cache->issuer) {
- /* save the issuer cert */
- cache->issuer = CERT_DupCertificate(issuer);
- }
-
- /* re-process all unverified CRLs */
- if (cache->issuer) {
- for (i = 0; i < cache->ncrls ; i++) {
- CERTSignedCrl* acrl = cache->crls[i];
- if (PR_TRUE == GetOpaqueCRLFields(acrl)->unverified) {
- DPCache_LockWrite();
- /* check that we are the first thread to update */
- if (PR_TRUE == GetOpaqueCRLFields(acrl)->unverified) {
- DPCache_Refresh(cache, acrl, wincx);
- /* also check all the other CRLs */
- for (i = i+1 ; i < cache->ncrls ; i++) {
- acrl = cache->crls[i];
- if (acrl && (PR_TRUE == GetOpaqueCRLFields(acrl)->unverified)) {
- DPCache_Refresh(cache, acrl, wincx);
- }
- }
- }
- DPCache_UnlockWrite();
- break;
- }
- }
- }
- }
-
- if (cache->ncrls) {
- /* check if all CRLs still exist */
- for (i = 0; (i < cache->ncrls) && (PR_FALSE == updated); i++)
- {
- CERTSignedCrl* savcrl = cache->crls[i];
- if (savcrl && (PR_TRUE != CRLStillExists(savcrl))) {
-
- /* this CRL is gone */
- DPCache_LockWrite();
- /* first, we need to check if another thread updated
- it before we did, and abort if it has been modified since
- we acquired the lock */
- if ((savcrl == cache->crls[i]) &&
- PR_TRUE != CRLStillExists(savcrl)) {
- /* the CRL is gone. And we are the one to do the update */
- /* Mark the CRL deleted */
- GetOpaqueCRLFields(savcrl)->deleted = PR_TRUE;
- /* also check all the other CRLs */
- for (i = i+1 ; i < cache->ncrls ; i++) {
- CERTSignedCrl* acrl = cache->crls[i];
- if (acrl && (PR_TRUE != CRLStillExists(acrl))) {
- GetOpaqueCRLFields(acrl)->deleted = PR_TRUE;
- }
- }
- /* and try to fetch a new one */
- rv = DPCache_Fetch(cache, wincx);
- updated = PR_TRUE;
- if (SECSuccess == rv) {
- rv = DPCache_Cleanup(cache); /* clean up deleted CRLs
- from the cache*/
- }
- }
- DPCache_UnlockWrite();
- }
- }
- } else {
- /* we had zero CRL for this DP, try to get one from tokens */
- DPCache_LockWrite();
- /* check if another thread updated before us, and skip update if so */
- if (0 == cache->ncrls)
- {
- /* we are the first */
- rv = DPCache_Fetch(cache, wincx);
- }
- DPCache_UnlockWrite();
- }
-
- return rv;
-}
-
-SECStatus DPCache_Initialize(CRLDPCache* cache, CERTCertificate* issuer,
- SECItem* subject, SECItem* dp)
-{
- PORT_Assert(cache);
- if (!cache) {
- return SECFailure;
- }
- memset(cache, 0, sizeof(CRLDPCache));
-#ifdef USE_RWLOCK
- cache->lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL);
-#else
- cache->lock = PR_NewLock();
-#endif
- if (!cache->lock)
- {
- return SECFailure;
- }
- if (issuer)
- {
- cache->issuer = CERT_DupCertificate(issuer);
- }
- cache->distributionPoint = SECITEM_DupItem(dp);
- cache->subject = SECITEM_DupItem(subject);
- return SECSuccess;
-}
-
-SECStatus IssuerCache_Create(CRLIssuerCache** returned,
- CERTCertificate* issuer,
- SECItem* subject, SECItem* dp)
-{
- SECStatus rv = SECSuccess;
- CRLIssuerCache* cache = NULL;
- PORT_Assert(returned);
- PORT_Assert(subject);
- if (!returned || !subject)
- {
- return SECFailure;
- }
- cache = (CRLIssuerCache*) PR_Malloc(sizeof(CRLIssuerCache));
- if (!cache)
- {
- return SECFailure;
- }
- memset(cache, 0, sizeof(CRLIssuerCache));
- cache->subject = SECITEM_DupItem(subject);
-#if 0
- /* XCRL */
- cache->lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL);
- if (!cache->lock)
- {
- rv = SECFailure;
- }
- if (SECSuccess == rv && issuer)
- {
- cache->issuer = CERT_DupCertificate(issuer);
- if (!cache->issuer)
- {
- rv = SECFailure;
- }
- }
-#endif
- if (SECSuccess != rv)
- {
- return IssuerCache_Destroy(cache);
- }
- *returned = cache;
- return SECSuccess;
-}
-
-SECStatus IssuerCache_AddDP(CRLIssuerCache* cache, CERTCertificate* issuer,
- SECItem* subject, SECItem* dp, CRLDPCache** newdpc)
-{
- SECStatus rv = SECSuccess;
- /* now create the required DP cache object */
- if (!dp) {
- /* default distribution point */
- rv = DPCache_Initialize(&cache->dp, issuer, subject, NULL);
- if (SECSuccess == rv) {
- cache->dpp = &cache->dp;
- if (newdpc) {
- *newdpc = cache->dpp;
- }
- }
- } else {
- /* we should never hit this until we support multiple DPs */
- PORT_Assert(dp);
- rv = SECFailure;
- /* XCRL allocate a new distribution point cache object, initialize it,
- and add it to the hash table of DPs */
- }
- return rv;
-}
-
-SECStatus CRLCache_AddIssuer(CRLIssuerCache* issuer)
-{
- PORT_Assert(issuer);
- PORT_Assert(crlcache.issuers);
- if (!issuer || !crlcache.issuers) {
- return SECFailure;
- }
- if (NULL == PL_HashTableAdd(crlcache.issuers, (void*) issuer->subject,
- (void*) issuer)) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus GetIssuerCache(CRLCache* cache, SECItem* subject, CRLIssuerCache** returned)
-{
- /* we need to look up the issuer in the hash table */
- SECStatus rv = SECSuccess;
- PORT_Assert(cache);
- PORT_Assert(subject);
- PORT_Assert(returned);
- PORT_Assert(crlcache.issuers);
- if (!cache || !subject || !returned || !crlcache.issuers) {
- rv = SECFailure;
- }
-
- if (SECSuccess == rv){
- *returned = (CRLIssuerCache*) PL_HashTableLookup(crlcache.issuers,
- (void*) subject);
- }
-
- return rv;
-}
-
-CERTSignedCrl* GetBestCRL(CRLDPCache* cache)
-{
- PRUint32 i = 0;
- PR_ASSERT(cache);
- if (!cache) {
- return NULL;
- }
- if (0 == cache->ncrls) {
- /* no CRLs in the cache */
- return NULL;
- }
- /* first, check if we have a valid full CRL, and use that */
- if (cache->full) {
- return SEC_DupCrl(cache->full);
- }
- /* otherwise, check all the fetched CRLs for one with valid DER */
- for (i = 0; i < cache->ncrls ; i++) {
- CERTSignedCrl* acrl = cache->crls[i];
- if (PR_FALSE == GetOpaqueCRLFields(acrl)->bad) {
- SECStatus rv = CERT_CompleteCRLDecodeEntries(acrl);
- if (SECSuccess == rv) {
- return SEC_DupCrl(acrl);
- }
- }
- }
- return NULL;
-}
-
-CRLDPCache* GetDPCache(CRLIssuerCache* cache, SECItem* dp)
-{
- CRLDPCache* dpp = NULL;
- PORT_Assert(cache);
- /* XCRL for now we only support the "default" DP, ie. the
- full CRL. So we can return the global one without locking. In
- the future we will have a lock */
- PORT_Assert(NULL == dp);
- if (!cache || dp) {
- return NULL;
- }
-#if 0
- /* XCRL */
- NSSRWLock_LockRead(cache->lock);
-#endif
- dpp = cache->dpp;
-#if 0
- /* XCRL */
- NSSRWLock_UnlockRead(cache->lock);
-#endif
- return dpp;
-}
-
-SECStatus AcquireDPCache(CERTCertificate* issuer, SECItem* subject, SECItem* dp,
- int64 t, void* wincx, CRLDPCache** dpcache,
- PRBool* writeLocked)
-{
- SECStatus rv = SECSuccess;
- CRLIssuerCache* issuercache = NULL;
-
- PORT_Assert(crlcache.lock);
- if (!crlcache.lock) {
- /* CRL cache is not initialized */
- return SECFailure;
- }
- PR_Lock(crlcache.lock);
- rv = GetIssuerCache(&crlcache, subject, &issuercache);
- if (SECSuccess != rv) {
- PR_Unlock(crlcache.lock);
- return SECFailure;
- }
- if (!issuercache) {
- /* there is no cache for this issuer yet. This means this is the
- first time we look up a cert from that issuer, and we need to
- create the cache. Do it within the global cache lock to ensure
- no two threads will simultaneously try to create the same issuer
- cache. XXX this could be optimized with a r/w lock at this level
- too. But the code would have to check if it already exists when
- adding to the hash table */
-
- rv = IssuerCache_Create(&issuercache, issuer, subject, dp);
- if (SECSuccess == rv && !issuercache) {
- PORT_Assert(issuercache);
- rv = SECFailure;
- }
-
- if (SECSuccess == rv) {
- /* This is the first time we look up a cert of this issuer.
- Create the DPCache for this DP . */
- rv = IssuerCache_AddDP(issuercache, issuer, subject, dp, dpcache);
- }
-
- if (SECSuccess == rv) {
- /* lock the DPCache for write to ensure the update happens in this thread */
- *writeLocked = PR_TRUE;
-#ifdef USE_RWLOCK
- NSSRWLock_LockWrite((*dpcache)->lock);
-#else
- PR_Lock((*dpcache)->lock);
-#endif
- }
-
- if (SECSuccess == rv) {
- /* now add the new issuer cache to the global hash table of issuers */
- rv = CRLCache_AddIssuer(issuercache);
- if (SECSuccess != rv) {
- /* failure */
- rv = SECFailure;
- }
- }
-
- /* now unlock the global cache. We only want to lock the hash table
- addition. Holding it longer would hurt scalability */
- PR_Unlock(crlcache.lock);
-
- if (SECSuccess != rv && issuercache) {
- if (PR_TRUE == *writeLocked) {
-#ifdef USE_RWLOCK
- NSSRWLock_UnlockWrite((*dpcache)->lock);
-#else
- PR_Unlock((*dpcache)->lock);
-#endif
- }
- IssuerCache_Destroy(issuercache);
- issuercache = NULL;
- }
-
- if (SECSuccess != rv) {
- return SECFailure;
- }
- } else {
- PR_Unlock(crlcache.lock);
- *dpcache = GetDPCache(issuercache, dp);
- }
- /* we now have a DPCache that we can use for lookups */
- /* lock it for read, unless we already locked for write */
- if (PR_FALSE == *writeLocked)
- {
-#ifdef USE_RWLOCK
- NSSRWLock_LockRead((*dpcache)->lock);
-#else
- PR_Lock((*dpcache)->lock);
-#endif
- }
-
- if (SECSuccess == rv) {
- /* currently there is always one and only one DPCache */
- PORT_Assert(*dpcache);
- if (*dpcache)
- {
- /* make sure the DP cache is up to date before using it */
- rv = DPCache_Update(*dpcache, issuer, wincx, PR_FALSE == *writeLocked);
- }
- else
- {
- rv = SECFailure;
- }
- }
- return rv;
-}
-
-void ReleaseDPCache(CRLDPCache* dpcache, PRBool writeLocked)
-{
- if (!dpcache) {
- return;
- }
- if (PR_TRUE == writeLocked) {
-#ifdef USE_RWLOCK
- NSSRWLock_UnlockWrite(dpcache->lock);
-#else
- PR_Unlock(dpcache->lock);
-#endif
- } else {
-#ifdef USE_RWLOCK
- NSSRWLock_UnlockRead(dpcache->lock);
-#else
- PR_Unlock(dpcache->lock);
-#endif
- }
-}
-
-SECStatus
-CERT_CheckCRL(CERTCertificate* cert, CERTCertificate* issuer, SECItem* dp,
- int64 t, void* wincx)
-{
- PRBool lockedwrite = PR_FALSE;
- SECStatus rv = SECSuccess;
- CRLDPCache* dpcache = NULL;
- if (!cert || !issuer) {
- return SECFailure;
- }
-
- rv = AcquireDPCache(issuer, &issuer->derSubject, dp, t, wincx, &dpcache, &lockedwrite);
-
- if (SECSuccess == rv) {
- /* now look up the certificate SN in the DP cache's CRL */
- CERTCrlEntry* entry = NULL;
- rv = DPCache_Lookup(dpcache, &cert->serialNumber, &entry);
- if (SECSuccess == rv && entry) {
- /* check the time if we have one */
- if (entry->revocationDate.data && entry->revocationDate.len) {
- int64 revocationDate = 0;
- if (SECSuccess == DER_UTCTimeToTime(&revocationDate,
- &entry->revocationDate)) {
- /* we got a good revocation date, only consider the
- certificate revoked if the time we are inquiring about
- is past the revocation date */
- if (t>=revocationDate) {
- rv = SECFailure;
- }
- } else {
- /* invalid revocation date, consider the certificate
- permanently revoked */
- rv = SECFailure;
- }
- } else {
- /* no revocation date, certificate is permanently revoked */
- rv = SECFailure;
- }
- if (SECFailure == rv) {
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
- }
- }
- }
-
- ReleaseDPCache(dpcache, lockedwrite);
- return rv;
-}
-
-CERTSignedCrl *
-SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type)
-{
- CERTSignedCrl* acrl = NULL;
- CRLDPCache* dpcache = NULL;
- SECStatus rv = SECSuccess;
- PRBool writeLocked = PR_FALSE;
-
- rv = AcquireDPCache(NULL, crlKey, NULL, 0, NULL, &dpcache, &writeLocked);
- if (SECSuccess == rv)
- {
- acrl = GetBestCRL(dpcache);
- ReleaseDPCache(dpcache, writeLocked);
- }
- return acrl;
-}
-
-void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey)
-{
- CERTSignedCrl* acrl = NULL;
- CRLDPCache* cache = NULL;
- SECStatus rv = SECSuccess;
- PRBool writeLocked = PR_FALSE;
-
- (void) dbhandle; /* silence compiler warnings */
-
- rv = AcquireDPCache(NULL, crlKey, NULL, 0, NULL, &cache, &writeLocked);
- if (SECSuccess != rv)
- {
- return;
- }
- if (PR_TRUE == writeLocked)
- {
- /* the DPCache is write-locked. This means that the issuer was just
- added to the CRL cache. There is no need to do anything */
- }
- else
- {
- PRBool readlocked = PR_TRUE;
- /* we need to invalidate the DPCache here */
- DPCache_LockWrite();
- DPCache_Empty(cache);
- DPCache_Cleanup(cache);
- DPCache_UnlockWrite();
- }
- ReleaseDPCache(cache, writeLocked);
- return;
-}
-
diff --git a/security/nss/lib/certdb/genname.c b/security/nss/lib/certdb/genname.c
deleted file mode 100644
index a8dcf6dff..000000000
--- a/security/nss/lib/certdb/genname.c
+++ /dev/null
@@ -1,1610 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secitem.h"
-#include "secoidt.h"
-#include "mcom_db.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-#include "cert.h"
-#include "xconst.h"
-#include "secerr.h"
-#include "secoid.h"
-#include "prprf.h"
-#include "genname.h"
-
-
-
-static const SEC_ASN1Template CERTNameConstraintTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraint) },
- { SEC_ASN1_ANY, offsetof(CERTNameConstraint, DERName) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTNameConstraint, min), SEC_IntegerTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTNameConstraint, max), SEC_IntegerTemplate },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_NameConstraintSubtreeSubTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-
-const SEC_ASN1Template CERT_NameConstraintSubtreePermitedTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, CERT_NameConstraintSubtreeSubTemplate }
-};
-
-const SEC_ASN1Template CERT_NameConstraintSubtreeExcludedTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1, 0, CERT_NameConstraintSubtreeSubTemplate }
-};
-
-
-static const SEC_ASN1Template CERTNameConstraintsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraints) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTNameConstraints, DERPermited), CERT_NameConstraintSubtreeSubTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTNameConstraints, DERExcluded), CERT_NameConstraintSubtreeSubTemplate},
- { 0, }
-};
-
-
-static const SEC_ASN1Template CERTOthNameTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OtherName) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(OtherName, oid) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 0,
- offsetof(OtherName, name), SEC_AnyTemplate },
- { 0, }
-};
-
-static const SEC_ASN1Template CERTOtherNameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 0 ,
- offsetof(CERTGeneralName, name.OthName), CERTOthNameTemplate,
- sizeof(CERTGeneralName) }
-};
-
-static const SEC_ASN1Template CERTOtherName2Template[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_CONTEXT_SPECIFIC | 0 ,
- 0, NULL, sizeof(CERTGeneralName) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTGeneralName, name.OthName) + offsetof(OtherName, oid) },
- { SEC_ASN1_ANY,
- offsetof(CERTGeneralName, name.OthName) + offsetof(OtherName, name) },
- { 0, }
-};
-
-static const SEC_ASN1Template CERT_RFC822NameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1 ,
- offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_DNSNameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 2 ,
- offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_X400AddressTemplate[] = {
- { SEC_ASN1_ANY | SEC_ASN1_CONTEXT_SPECIFIC | 3,
- offsetof(CERTGeneralName, name.other), SEC_AnyTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_DirectoryNameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 4,
- offsetof(CERTGeneralName, derDirectoryName), SEC_AnyTemplate,
- sizeof (CERTGeneralName)}
-};
-
-
-static const SEC_ASN1Template CERT_EDIPartyNameTemplate[] = {
- { SEC_ASN1_ANY | SEC_ASN1_CONTEXT_SPECIFIC | 5,
- offsetof(CERTGeneralName, name.other), SEC_AnyTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_URITemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 6 ,
- offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_IPAddressTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 7 ,
- offsetof(CERTGeneralName, name.other), SEC_OctetStringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_RegisteredIDTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 8 ,
- offsetof(CERTGeneralName, name.other), SEC_ObjectIDTemplate,
- sizeof (CERTGeneralName)}
-};
-
-
-const SEC_ASN1Template CERT_GeneralNamesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-
-
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list)
-{
- PZLock *lock;
-
- if (list != NULL) {
- lock = list->lock;
- PZ_Lock(lock);
- if (--list->refCount <= 0 && list->arena != NULL) {
- PORT_FreeArena(list->arena, PR_FALSE);
- PZ_Unlock(lock);
- PZ_DestroyLock(lock);
- } else {
- PZ_Unlock(lock);
- }
- }
- return;
-}
-
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name) {
- PRArenaPool *arena;
- CERTGeneralNameList *list = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto done;
- }
- list = (CERTGeneralNameList *)
- PORT_ArenaZAlloc(arena, sizeof(CERTGeneralNameList));
- if (name != NULL) {
- list->name = (CERTGeneralName *)
- PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- list->name->l.next = list->name->l.prev = &list->name->l;
- CERT_CopyGeneralName(arena, list->name, name);
- }
- list->lock = PZ_NewLock(nssILockList);
- list->arena = arena;
- list->refCount = 1;
-done:
- return list;
-}
-
-CERTGeneralName *
-cert_get_next_general_name(CERTGeneralName *current)
-{
- PRCList *next;
-
- next = current->l.next;
- return (CERTGeneralName *) (((char *) next) - offsetof(CERTGeneralName, l));
-}
-
-CERTGeneralName *
-cert_get_prev_general_name(CERTGeneralName *current)
-{
- PRCList *prev;
- prev = current->l.prev;
- return (CERTGeneralName *) (((char *) prev) - offsetof(CERTGeneralName, l));
-}
-
-CERTNameConstraint *
-cert_get_next_name_constraint(CERTNameConstraint *current)
-{
- PRCList *next;
-
- next = current->l.next;
- return (CERTNameConstraint *) (((char *) next) - offsetof(CERTNameConstraint, l));
-}
-
-CERTNameConstraint *
-cert_get_prev_name_constraint(CERTNameConstraint *current)
-{
- PRCList *prev;
- prev = current->l.prev;
- return (CERTNameConstraint *) (((char *) prev) - offsetof(CERTNameConstraint, l));
-}
-
-SECItem *
-CERT_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest, PRArenaPool *arena)
-{
-
-
- PORT_Assert(arena);
- if (arena == NULL) {
- goto loser;
- }
- if (dest == NULL) {
- dest = (SECItem *) PORT_ArenaZAlloc(arena, sizeof(SECItem));
- }
- switch (genName->type) {
- case certURI:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_URITemplate);
- break;
- case certRFC822Name:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_RFC822NameTemplate);
- break;
- case certDNSName:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_DNSNameTemplate);
- break;
- case certIPAddress:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_IPAddressTemplate);
- break;
- case certOtherName:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERTOtherNameTemplate);
- break;
- case certRegisterID:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_RegisteredIDTemplate);
- break;
- case certEDIPartyName:
- /* for this type, we expect the value is already encoded */
- dest = SEC_ASN1EncodeItem (arena, dest, genName,
- CERT_EDIPartyNameTemplate);
- break;
- case certX400Address:
- /* for this type, we expect the value is already encoded */
- dest = SEC_ASN1EncodeItem (arena, dest, genName,
- CERT_X400AddressTemplate);
- break;
- case certDirectoryName:
- if (genName->derDirectoryName.data == NULL) {
- /* The field hasn't been encoded yet. */
- SEC_ASN1EncodeItem (arena, &(genName->derDirectoryName),
- &(genName->name.directoryName),
- CERT_NameTemplate);
- }
- if (genName->derDirectoryName.data == NULL) {
- goto loser;
- }
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_DirectoryNameTemplate);
- break;
- }
- if (!dest) {
- goto loser;
- }
- return dest;
-loser:
- return NULL;
-}
-
-
-
-SECItem **
-cert_EncodeGeneralNames(PRArenaPool *arena, CERTGeneralName *names)
-{
- CERTGeneralName *current_name;
- SECItem **items = NULL;
- int count = 0;
- int i;
- PRCList *head;
-
- PORT_Assert(arena);
- current_name = names;
- if (names != NULL) {
- count = 1;
- }
- head = &(names->l);
- while (current_name->l.next != head) {
- current_name = cert_get_next_general_name(current_name);
- ++count;
- }
- current_name = cert_get_next_general_name(current_name);
- items = (SECItem **) PORT_ArenaAlloc(arena, sizeof(SECItem *) * (count + 1));
-
- if (items == NULL) {
- goto loser;
- }
- for (i = 0; i < count; i++) {
- items[i] = CERT_EncodeGeneralName(current_name, (SECItem *) NULL, arena);
- if (items[i] == NULL) {
- goto loser;
- }
- current_name = cert_get_next_general_name(current_name);
- }
- items[i] = NULL;
- return items;
-loser:
- return NULL;
-}
-
-CERTGeneralName *
-CERT_DecodeGeneralName(PRArenaPool *arena,
- SECItem *encodedName,
- CERTGeneralName *genName)
-{
- CERTGeneralNameType genNameType;
- SECStatus rv = SECSuccess;
-
- PORT_Assert(arena);
- if (genName == NULL) {
- genName = (CERTGeneralName *) PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- }
- genNameType = (CERTGeneralNameType)((*(encodedName->data) & 0x0f) + 1);
- switch (genNameType) {
- case certURI:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_URITemplate, encodedName);
- break;
- case certRFC822Name:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_RFC822NameTemplate, encodedName);
- break;
- case certDNSName:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_DNSNameTemplate, encodedName);
- break;
- case certIPAddress:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_IPAddressTemplate, encodedName);
- break;
- case certOtherName:
- rv = SEC_ASN1DecodeItem(arena, genName, CERTOtherNameTemplate, encodedName);
- break;
- case certRegisterID:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_RegisteredIDTemplate, encodedName);
- break;
- case certEDIPartyName:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_EDIPartyNameTemplate, encodedName);
- break;
- case certX400Address:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_X400AddressTemplate, encodedName);
- break;
- case certDirectoryName:
- rv = SEC_ASN1DecodeItem
- (arena, genName, CERT_DirectoryNameTemplate, encodedName);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem
- (arena, &(genName->name.directoryName), CERT_NameTemplate,
- &(genName->derDirectoryName));
- break;
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
- genName->type = genNameType;
- genName->l.next = (PRCList *) ((char *) genName) + offsetof(CERTGeneralName, l);
- genName->l.prev = genName->l.next;
- return genName;
-loser:
- return NULL;
-}
-
-CERTGeneralName *
-cert_DecodeGeneralNames (PRArenaPool *arena,
- SECItem **encodedGenName)
-{
- PRCList *head = NULL;
- PRCList *tail = NULL;
- CERTGeneralName *currentName = NULL;
-
- PORT_Assert(arena);
- if (!encodedGenName) {
- goto loser;
- }
- while (*encodedGenName != NULL) {
- currentName = CERT_DecodeGeneralName(arena, *encodedGenName, NULL);
- if (currentName == NULL) {
- goto loser;
- }
- if (head == NULL) {
- head = &(currentName->l);
- tail = head;
- }
- currentName->l.next = head;
- currentName->l.prev = tail;
- tail = &(currentName->l);
- (cert_get_prev_general_name(currentName))->l.next = tail;
- encodedGenName++;
- }
- (cert_get_next_general_name(currentName))->l.prev = tail;
- return cert_get_next_general_name(currentName);
-loser:
- return NULL;
-}
-
-void
-CERT_DestroyGeneralName(CERTGeneralName *name)
-{
- cert_DestroyGeneralNames(name);
-}
-
-SECStatus
-cert_DestroyGeneralNames(CERTGeneralName *name)
-{
- CERTGeneralName *first;
- CERTGeneralName *next = NULL;
-
-
- first = name;
- do {
- next = cert_get_next_general_name(name);
- PORT_Free(name);
- name = next;
- } while (name != first);
- return SECSuccess;
-}
-
-SECItem *
-cert_EncodeNameConstraint(CERTNameConstraint *constraint,
- SECItem *dest,
- PRArenaPool *arena)
-{
- PORT_Assert(arena);
- if (dest == NULL) {
- dest = (SECItem *) PORT_ArenaZAlloc(arena, sizeof(SECItem));
- if (dest == NULL) {
- return NULL;
- }
- }
- CERT_EncodeGeneralName(&(constraint->name), &(constraint->DERName),
- arena);
-
- dest = SEC_ASN1EncodeItem (arena, dest, constraint,
- CERTNameConstraintTemplate);
- return dest;
-}
-
-SECStatus
-cert_EncodeNameConstraintSubTree(CERTNameConstraint *constraints,
- PRArenaPool *arena,
- SECItem ***dest,
- PRBool permited)
-{
- CERTNameConstraint *current_constraint = constraints;
- SECItem **items = NULL;
- int count = 0;
- int i;
- PRCList *head;
-
- PORT_Assert(arena);
- if (constraints != NULL) {
- count = 1;
- }
- head = (PRCList *) (((char *) constraints) + offsetof(CERTNameConstraint, l));
- while (current_constraint->l.next != head) {
- current_constraint = cert_get_next_name_constraint(current_constraint);
- ++count;
- }
- current_constraint = cert_get_next_name_constraint(current_constraint);
- items = (SECItem **) PORT_ArenaZAlloc(arena, sizeof(SECItem *) * (count + 1));
-
- if (items == NULL) {
- goto loser;
- }
- for (i = 0; i < count; i++) {
- items[i] = cert_EncodeNameConstraint(current_constraint,
- (SECItem *) NULL, arena);
- if (items[i] == NULL) {
- goto loser;
- }
- current_constraint = cert_get_next_name_constraint(current_constraint);
- }
- *dest = items;
- if (*dest == NULL) {
- goto loser;
- }
- return SECSuccess;
-loser:
- return SECFailure;
-}
-
-SECStatus
-cert_EncodeNameConstraints(CERTNameConstraints *constraints,
- PRArenaPool *arena,
- SECItem *dest)
-{
- SECStatus rv = SECSuccess;
-
- PORT_Assert(arena);
- if (constraints->permited != NULL) {
- rv = cert_EncodeNameConstraintSubTree(constraints->permited, arena,
- &constraints->DERPermited, PR_TRUE);
- if (rv == SECFailure) {
- goto loser;
- }
- }
- if (constraints->excluded != NULL) {
- rv = cert_EncodeNameConstraintSubTree(constraints->excluded, arena,
- &constraints->DERExcluded, PR_FALSE);
- if (rv == SECFailure) {
- goto loser;
- }
- }
- dest = SEC_ASN1EncodeItem(arena, dest, constraints,
- CERTNameConstraintsTemplate);
- if (dest == NULL) {
- goto loser;
- }
- return SECSuccess;
-loser:
- return SECFailure;
-}
-
-
-CERTNameConstraint *
-cert_DecodeNameConstraint(PRArenaPool *arena,
- SECItem *encodedConstraint)
-{
- CERTNameConstraint *constraint;
- SECStatus rv = SECSuccess;
- CERTGeneralName *temp;
-
-
-
- PORT_Assert(arena);
- constraint = (CERTNameConstraint *) PORT_ArenaZAlloc(arena, sizeof(CERTNameConstraint));
- rv = SEC_ASN1DecodeItem(arena, constraint, CERTNameConstraintTemplate, encodedConstraint);
- if (rv != SECSuccess) {
- goto loser;
- }
- temp = CERT_DecodeGeneralName(arena, &(constraint->DERName), &(constraint->name));
- if (temp != &(constraint->name)) {
- goto loser;
- }
-
- /* ### sjlee: since the name constraint contains only one
- * CERTGeneralName, the list within CERTGeneralName shouldn't
- * point anywhere else. Otherwise, bad things will happen.
- */
- constraint->name.l.prev = constraint->name.l.next = &(constraint->name.l);
- return constraint;
-loser:
- return NULL;
-}
-
-
-CERTNameConstraint *
-cert_DecodeNameConstraintSubTree(PRArenaPool *arena,
- SECItem **subTree,
- PRBool permited)
-{
- CERTNameConstraint *current = NULL;
- CERTNameConstraint *first = NULL;
- CERTNameConstraint *last = NULL;
- CERTNameConstraint *next = NULL;
- int i = 0;
-
- while (subTree[i] != NULL) {
- current = cert_DecodeNameConstraint(arena, subTree[i]);
- if (current == NULL) {
- goto loser;
- }
- if (last == NULL) {
- first = last = current;
- }
- current->l.prev = &(last->l);
- current->l.next = last->l.next;
- last->l.next = &(current->l);
- i++;
- }
- first->l.prev = &(current->l);
- return first;
-loser:
- if (first) {
- current = first;
- do {
- next = cert_get_next_name_constraint(current);
- PORT_Free(current);
- current = next;
- }while (current != first);
- }
- return NULL;
-}
-
-CERTNameConstraints *
-cert_DecodeNameConstraints(PRArenaPool *arena,
- SECItem *encodedConstraints)
-{
- CERTNameConstraints *constraints;
- SECStatus rv;
-
- PORT_Assert(arena);
- PORT_Assert(encodedConstraints);
- constraints = (CERTNameConstraints *) PORT_ArenaZAlloc(arena,
- sizeof(CERTNameConstraints));
- if (constraints == NULL) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem(arena, constraints, CERTNameConstraintsTemplate,
- encodedConstraints);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (constraints->DERPermited != NULL && constraints->DERPermited[0] != NULL) {
- constraints->permited = cert_DecodeNameConstraintSubTree(arena,
- constraints->DERPermited,
- PR_TRUE);
- if (constraints->permited == NULL) {
- goto loser;
- }
- }
- if (constraints->DERExcluded != NULL && constraints->DERExcluded[0] != NULL) {
- constraints->excluded = cert_DecodeNameConstraintSubTree(arena,
- constraints->DERExcluded,
- PR_FALSE);
- if (constraints->excluded == NULL) {
- goto loser;
- }
- }
- return constraints;
-loser:
- return NULL;
-}
-
-
-SECStatus
-CERT_CopyGeneralName(PRArenaPool *arena,
- CERTGeneralName *dest,
- CERTGeneralName *src)
-{
- SECStatus rv;
- CERTGeneralName *destHead = dest;
- CERTGeneralName *srcHead = src;
- CERTGeneralName *temp;
-
- PORT_Assert(dest != NULL);
- dest->type = src->type;
- do {
- switch (src->type) {
- case certDirectoryName: {
- rv = SECITEM_CopyItem(arena, &dest->derDirectoryName, &src->derDirectoryName);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = CERT_CopyName(arena, &dest->name.directoryName, &src->name.directoryName);
- break;
- }
- case certOtherName: {
- rv = SECITEM_CopyItem(arena, &dest->name.OthName.name, &src->name.OthName.name);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = SECITEM_CopyItem(arena, &dest->name.OthName.oid, &src->name.OthName.oid);
- break;
- }
- default: {
- rv = SECITEM_CopyItem(arena, &dest->name.other, &src->name.other);
- }
- }
- src = cert_get_next_general_name(src);
- /* if there is only one general name, we shouldn't do this */
- if (src != srcHead) {
- if (dest->l.next == &destHead->l) {
- if (arena) {
- temp = (CERTGeneralName *)
- PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- } else {
- temp = (CERTGeneralName *)
- PORT_ZAlloc(sizeof(CERTGeneralName));
- }
- temp->l.next = &destHead->l;
- temp->l.prev = &dest->l;
- destHead->l.prev = &temp->l;
- dest->l.next = &temp->l;
- dest = temp;
- } else {
- dest = cert_get_next_general_name(dest);
- }
- }
- } while (src != srcHead && rv == SECSuccess);
- return rv;
-}
-
-
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list)
-{
- if (list != NULL) {
- PZ_Lock(list->lock);
- list->refCount++;
- PZ_Unlock(list->lock);
- }
- return list;
-}
-
-CERTNameConstraint *
-CERT_CopyNameConstraint(PRArenaPool *arena,
- CERTNameConstraint *dest,
- CERTNameConstraint *src)
-{
- SECStatus rv;
-
- if (dest == NULL) {
- dest = (CERTNameConstraint *) PORT_ArenaZAlloc(arena, sizeof(CERTNameConstraint));
- /* mark that it is not linked */
- dest->name.l.prev = dest->name.l.next = &(dest->name.l);
- }
- rv = CERT_CopyGeneralName(arena, &dest->name, &src->name);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &dest->DERName, &src->DERName);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &dest->min, &src->min);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &dest->max, &src->max);
- if (rv != SECSuccess) {
- goto loser;
- }
- dest->l.prev = dest->l.next = &dest->l;
- return dest;
-loser:
- return NULL;
-}
-
-
-CERTGeneralName *
-cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2)
-{
- PRCList *begin1;
- PRCList *begin2;
- PRCList *end1;
- PRCList *end2;
-
- if (list1 == NULL){
- return list2;
- } else if (list2 == NULL) {
- return list1;
- } else {
- begin1 = &list1->l;
- begin2 = &list2->l;
- end1 = list1->l.prev;
- end2 = list2->l.prev;
- end1->next = begin2;
- end2->next = begin1;
- begin1->prev = end2;
- begin2->prev = end1;
- return list1;
- }
-}
-
-
-CERTNameConstraint *
-cert_CombineConstraintsLists(CERTNameConstraint *list1, CERTNameConstraint *list2)
-{
- PRCList *begin1;
- PRCList *begin2;
- PRCList *end1;
- PRCList *end2;
-
- if (list1 == NULL){
- return list2;
- } else if (list2 == NULL) {
- return list1;
- } else {
- begin1 = &list1->l;
- begin2 = &list2->l;
- end1 = list1->l.prev;
- end2 = list2->l.prev;
- end1->next = begin2;
- end2->next = begin1;
- begin1->prev = end2;
- begin2->prev = end1;
- return list1;
- }
-}
-
-
-CERTNameConstraint *
-CERT_AddNameConstraint(CERTNameConstraint *list,
- CERTNameConstraint *constraint)
-{
- PORT_Assert(constraint != NULL);
- constraint->l.next = constraint->l.prev = &constraint->l;
- list = cert_CombineConstraintsLists(list, constraint);
- return list;
-}
-
-
-SECStatus
-CERT_GetNameConstriantByType (CERTNameConstraint *constraints,
- CERTGeneralNameType type,
- CERTNameConstraint **returnList,
- PRArenaPool *arena)
-{
- CERTNameConstraint *current;
- CERTNameConstraint *temp;
-
- *returnList = NULL;
- if (!constraints)
- return SECSuccess;
- current = constraints;
-
- do {
- if (current->name.type == type ||
- (type == certDirectoryName && current->name.type == certRFC822Name)) {
- temp = NULL;
- temp = CERT_CopyNameConstraint(arena, temp, current);
- if (temp == NULL) {
- goto loser;
- }
- *returnList = CERT_AddNameConstraint(*returnList, temp);
- }
- current = cert_get_next_name_constraint(current);
- } while (current != constraints);
- return SECSuccess;
-loser:
- return SECFailure;
-}
-
-
-void *
-CERT_GetGeneralNameByType (CERTGeneralName *genNames,
- CERTGeneralNameType type, PRBool derFormat)
-{
- CERTGeneralName *current;
-
- if (!genNames)
- return (NULL);
- current = genNames;
-
- do {
- if (current->type == type) {
- switch (type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI: {
- return &(current->name.other);
- }
- case certOtherName: {
- return &(current->name.OthName);
- break;
- }
- case certDirectoryName: {
- if (derFormat) {
- return &(current->derDirectoryName);
- } else{
- return &(current->name.directoryName);
- }
- break;
- }
- }
- }
- current = cert_get_next_general_name(current);
- } while (current != genNames);
- return (NULL);
-}
-
-int
-CERT_GetNamesLength(CERTGeneralName *names)
-{
- int length = 0;
- CERTGeneralName *first;
-
- first = names;
- if (names != NULL) {
- do {
- length++;
- names = cert_get_next_general_name(names);
- } while (names != first);
- }
- return length;
-}
-
-CERTGeneralName *
-CERT_GetCertificateNames(CERTCertificate *cert, PRArenaPool *arena)
-{
- CERTGeneralName *DN;
- CERTGeneralName *altName;
- SECItem altNameExtension;
- SECStatus rv;
-
-
- DN = (CERTGeneralName *) PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- if (DN == NULL) {
- goto loser;
- }
- rv = CERT_CopyName(arena, &DN->name.directoryName, &cert->subject);
- DN->type = certDirectoryName;
- DN->l.next = DN->l.prev = &DN->l;
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &DN->derDirectoryName, &cert->derSubject);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &altNameExtension);
- if (rv != SECSuccess) {
- return DN;
- }
- altName = CERT_DecodeAltNameExtension(arena, &altNameExtension);
- PORT_Free(altNameExtension.data);
- DN = cert_CombineNamesLists(DN, altName);
- return DN;
-loser:
-
- return NULL;
-}
-
-static SECStatus
-compareNameToConstraint(char *name, char *constraint, PRBool substring)
-{
- SECStatus rv;
-
- if (*constraint == '\0' && *name == '\0') {
- return SECSuccess;
- }
- if (*constraint == '*') {
- return compareNameToConstraint(name, constraint + 1, PR_TRUE);
- }
- if (substring) {
- if (*constraint == '\0') {
- return SECSuccess;
- }
- while (*name != *constraint) {
- if (*name == '\0') {
- return SECFailure;
- }
- name++;
- }
- rv = compareNameToConstraint(name + 1, constraint + 1, PR_FALSE);
- if (rv == SECSuccess) {
- return rv;
- }
- name++;
- } else {
- if (*name == *constraint) {
- name++;
- constraint++;
- } else {
- return SECFailure;
- }
- }
- return compareNameToConstraint(name, constraint, substring);
-}
-
-SECStatus
-cert_CompareNameWithConstraints(CERTGeneralName *name,
- CERTNameConstraint *constraints,
- PRBool excluded)
-{
- SECStatus rv = SECSuccess;
- char *nameString = NULL;
- char *constraintString = NULL;
- int start;
- int end;
- int tag;
- CERTRDN **nameRDNS, *nameRDN;
- CERTRDN **constraintRDNS, *constraintRDN;
- CERTAVA **nameAVAS, *nameAVA;
- CERTAVA **constraintAVAS, *constraintAVA;
- CERTNameConstraint *current;
- SECItem *avaValue;
- CERTName constraintName;
- CERTName certName;
- SECComparison status = SECEqual;
- PRArenaPool *certNameArena;
- PRArenaPool *constraintNameArena;
-
- certName.arena = NULL;
- certName.rdns = NULL;
- constraintName.arena = NULL;
- constraintName.rdns = NULL;
- if (constraints != NULL) {
- current = constraints;
- if (name->type == certDirectoryName) {
- certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERT_CopyName(certNameArena, &certName, &name->name.directoryName);
- nameRDNS = certName.rdns;
- for (;;) {
- nameRDN = *nameRDNS++;
- nameAVAS = nameRDN->avas;
- for(;;) {
- nameAVA = *nameAVAS++;
- tag = CERT_GetAVATag(nameAVA);
- if ( tag == SEC_OID_PKCS9_EMAIL_ADDRESS ||
- tag == SEC_OID_RFC1274_MAIL) {
- avaValue = CERT_DecodeAVAValue(&nameAVA->value);
- nameString = (char*)PORT_ZAlloc(avaValue->len + 1);
- nameString = PORT_Strncpy(nameString, (char *) avaValue->data, avaValue->len);
- start = 0;
- while(nameString[start] != '@' && nameString[start + 1] != '\0') {
- start++;
- }
- start++;
- do{
- if (current->name.type == certRFC822Name) {
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString + start, constraintString,
- PR_FALSE);
-
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- constraintString = NULL;
- }
- if (nameString != NULL) {
- PORT_Free(nameString);
- nameString = NULL;
- }
- if (rv == SECSuccess && excluded == PR_TRUE) {
- goto found;
- }
- if (rv == SECSuccess && excluded == PR_FALSE) {
- break;
- }
- }
- current = cert_get_next_name_constraint(current);
- } while (current != constraints);
- }
- if (rv != SECSuccess && excluded == PR_FALSE) {
- goto loser;
- }
- if (*nameAVAS == NULL) {
- break;
- }
- }
- if (*nameRDNS == NULL) {
- break;
- }
- }
- }
- current = constraints;
- do {
- switch (name->type) {
- case certDNSName:
- nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
- nameString = PORT_Strncpy(nameString, (char *) name->name.other.data,
- name->name.other.len);
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString, constraintString, PR_FALSE);
- if (nameString != NULL) {
- PORT_Free(nameString);
- }
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- }
- break;
- case certRFC822Name:
- nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
- nameString = PORT_Strncpy(nameString, (char *) name->name.other.data,
- name->name.other.len);
- start = 0;
- while(nameString[start] != '@' && nameString[start + 1] != '\0') {
- start++;
- }
- start++;
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE);
- if (nameString != NULL) {
- PORT_Free(nameString);
- }
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- }
- break;
- case certURI:
- nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
- nameString = PORT_Strncpy(nameString, (char *) name->name.other.data,
- name->name.other.len);
- start = 0;
- while(PORT_Strncmp(nameString + start, "://", 3) != 0 &&
- nameString[start + 3] != '\0') {
- start++;
- }
- start +=3;
- end = 0;
- while(nameString[start + end] != '/' &&
- nameString[start + end] != '\0') {
- end++;
- }
- nameString[start + end] = '\0';
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE);
- if (nameString != NULL) {
- PORT_Free(nameString);
- }
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- }
- break;
- case certDirectoryName:
- if (current->name.type == certDirectoryName) {
- constraintNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERT_CopyName(constraintNameArena, &constraintName, &current->name.name.directoryName);
- constraintRDNS = constraintName.rdns;
- for (;;) {
- constraintRDN = *constraintRDNS++;
- constraintAVAS = constraintRDN->avas;
- for(;;) {
- constraintAVA = *constraintAVAS++;
- certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERT_CopyName(certNameArena, &certName, &name->name.directoryName);
- nameRDNS = certName.rdns;
- for (;;) {
- nameRDN = *nameRDNS++;
- nameAVAS = nameRDN->avas++;
- for(;;) {
- nameAVA = *nameAVAS++;
- status = CERT_CompareAVA(constraintAVA, nameAVA);
- if (status == SECEqual || *nameAVAS == NULL) {
- break;
- }
- }
- if (status == SECEqual || *nameRDNS == NULL) {
- break;
- }
- }
- if (status != SECEqual || *constraintAVAS == NULL) {
- break;
- }
- }
- if (status != SECEqual || *constraintRDNS == NULL) {
- break;
- }
- }
- if (status == SECEqual) {
- if (excluded == PR_FALSE) {
- goto found;
- } else {
- goto loser;
- }
- }
- break;
- } else if (current->name.type == certRFC822Name) {
- current = cert_get_next_name_constraint(current);
- continue;
- }
- default:
- /* other types are not supported */
- if (excluded) {
- goto found;
- } else {
- goto loser;
- }
- }
- if (rv == SECSuccess && status == SECEqual) {
- goto found;
- }
- current = cert_get_next_name_constraint(current);
- } while (current !=constraints);
- } else {
- goto found;
- }
-loser:
- if (certName.arena) {
- CERT_DestroyName(&certName);
- }
- if (constraintName.arena) {
- CERT_DestroyName(&constraintName);
- }
- return SECFailure;
-found:
- if (certName.arena) {
- CERT_DestroyName(&certName);
- }
- if (constraintName.arena) {
- CERT_DestroyName(&constraintName);
- }
- return SECSuccess;
-}
-
-
-CERTCertificate *
-CERT_CompareNameSpace(CERTCertificate *cert,
- CERTGeneralName *namesList,
- SECItem *namesListIndex,
- PRArenaPool *arena,
- CERTCertDBHandle *handle)
-{
- SECStatus rv;
- SECItem constraintsExtension;
- CERTNameConstraints *constraints;
- CERTGeneralName *currentName;
- int count = 0;
- CERTNameConstraint *matchingConstraints;
- CERTCertificate *badCert = NULL;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_NAME_CONSTRAINTS, &constraintsExtension);
- if (rv != SECSuccess) {
- return NULL;
- }
- constraints = cert_DecodeNameConstraints(arena, &constraintsExtension);
- currentName = namesList;
- if (constraints == NULL) {
- goto loser;
- }
- do {
- if (constraints->excluded != NULL) {
- rv = CERT_GetNameConstriantByType(constraints->excluded, currentName->type,
- &matchingConstraints, arena);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (matchingConstraints != NULL) {
- rv = cert_CompareNameWithConstraints(currentName, matchingConstraints,
- PR_TRUE);
- if (rv != SECFailure) {
- goto loser;
- }
- }
- }
- if (constraints->permited != NULL) {
- rv = CERT_GetNameConstriantByType(constraints->permited, currentName->type,
- &matchingConstraints, arena);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (matchingConstraints != NULL) {
- rv = cert_CompareNameWithConstraints(currentName, matchingConstraints,
- PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- goto loser;
- }
- }
- currentName = cert_get_next_general_name(currentName);
- count ++;
- } while (currentName != namesList);
- return NULL;
-loser:
- badCert = CERT_FindCertByName (handle, &namesListIndex[count]);
- return badCert;
-}
-
-
-
-/* Search the cert for an X509_SUBJECT_ALT_NAME extension.
-** ASN1 Decode it into a list of alternate names.
-** Search the list of alternate names for one with the NETSCAPE_NICKNAME OID.
-** ASN1 Decode that name. Turn the result into a zString.
-** Look for duplicate nickname already in the certdb.
-** If one is found, create a nickname string that is not a duplicate.
-*/
-char *
-CERT_GetNickName(CERTCertificate *cert,
- CERTCertDBHandle *handle,
- PRArenaPool *nicknameArena)
-{
- CERTGeneralName *current;
- CERTGeneralName *names;
- char *nickname = NULL;
- char *returnName = NULL;
- char *basename = NULL;
- PRArenaPool *arena = NULL;
- CERTCertificate *tmpcert;
- SECStatus rv;
- int count;
- int found = 0;
- SECItem altNameExtension;
- SECItem nick;
-
- if (handle == NULL) {
- handle = CERT_GetDefaultCertDB();
- }
- altNameExtension.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &altNameExtension);
- if (rv != SECSuccess) {
- goto loser;
- }
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
- names = CERT_DecodeAltNameExtension(arena, &altNameExtension);
- if (names == NULL) {
- goto loser;
- }
- current = names;
- do {
- if (current->type == certOtherName &&
- SECOID_FindOIDTag(&current->name.OthName.oid) ==
- SEC_OID_NETSCAPE_NICKNAME) {
- found = 1;
- break;
- }
- current = cert_get_next_general_name(current);
- } while (current != names);
- if (!found)
- goto loser;
-
- rv = SEC_ASN1DecodeItem(arena, &nick, SEC_IA5StringTemplate,
- &current->name.OthName.name);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* make a null terminated string out of nick, with room enough at
- ** the end to add on a number of up to 21 digits in length, (a signed
- ** 64-bit number in decimal) plus a space and a "#".
- */
- nickname = (char*)PORT_ZAlloc(nick.len + 24);
- if (!nickname)
- goto loser;
- PORT_Strncpy(nickname, (char *)nick.data, nick.len);
-
- /* Don't let this cert's nickname duplicate one already in the DB.
- ** If it does, create a variant of the nickname that doesn't.
- */
- count = 0;
- while ((tmpcert = CERT_FindCertByNickname(handle, nickname)) != NULL) {
- CERT_DestroyCertificate(tmpcert);
- if (!basename) {
- basename = PORT_Strdup(nickname);
- if (!basename)
- goto loser;
- }
- count++;
- sprintf(nickname, "%s #%d", basename, count);
- }
-
- /* success */
- if (nicknameArena) {
- returnName = PORT_ArenaStrdup(nicknameArena, nickname);
- } else {
- returnName = nickname;
- nickname = NULL;
- }
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- if (nickname)
- PORT_Free(nickname);
- if (basename)
- PORT_Free(basename);
- if (altNameExtension.data)
- PORT_Free(altNameExtension.data);
- return returnName;
-}
-
-
-SECStatus
-CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b)
-{
- CERTGeneralName *currentA;
- CERTGeneralName *currentB;
- PRBool found;
-
- currentA = a;
- currentB = b;
- if (a != NULL) {
- do {
- if (currentB == NULL) {
- return SECFailure;
- }
- currentB = cert_get_next_general_name(currentB);
- currentA = cert_get_next_general_name(currentA);
- } while (currentA != a);
- }
- if (currentB != b) {
- return SECFailure;
- }
- currentA = a;
- do {
- currentB = b;
- found = PR_FALSE;
- do {
- if (currentB->type == currentA->type) {
- switch (currentB->type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI:
- if (SECITEM_CompareItem(&currentA->name.other,
- &currentB->name.other)
- == SECEqual) {
- found = PR_TRUE;
- }
- break;
- case certOtherName:
- if (SECITEM_CompareItem(&currentA->name.OthName.oid,
- &currentB->name.OthName.oid)
- == SECEqual &&
- SECITEM_CompareItem(&currentA->name.OthName.name,
- &currentB->name.OthName.name)
- == SECEqual) {
- found = PR_TRUE;
- }
- break;
- case certDirectoryName:
- if (CERT_CompareName(&currentA->name.directoryName,
- &currentB->name.directoryName)
- == SECEqual) {
- found = PR_TRUE;
- }
- }
-
- }
- currentB = cert_get_next_general_name(currentB);
- } while (currentB != b && found != PR_TRUE);
- if (found != PR_TRUE) {
- return SECFailure;
- }
- currentA = cert_get_next_general_name(currentA);
- } while (currentA != a);
- return SECSuccess;
-}
-
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b)
-{
- SECStatus rv;
-
- if (a == b) {
- return SECSuccess;
- }
- if (a != NULL && b != NULL) {
- PZ_Lock(a->lock);
- PZ_Lock(b->lock);
- rv = CERT_CompareGeneralName(a->name, b->name);
- PZ_Unlock(a->lock);
- PZ_Unlock(b->lock);
- } else {
- rv = SECFailure;
- }
- return rv;
-}
-
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- PRArenaPool *arena)
-{
- CERTName *name = NULL;
- SECItem *item = NULL;
- OtherName *other = NULL;
- OtherName *tmpOther = NULL;
- void *data;
-
- PZ_Lock(list->lock);
- data = CERT_GetGeneralNameByType(list->name, type, PR_FALSE);
- if (data != NULL) {
- switch (type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI:
- if (arena != NULL) {
- item = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
- if (item != NULL) {
- SECITEM_CopyItem(arena, item, (SECItem *) data);
- }
- } else {
- item = SECITEM_DupItem((SECItem *) data);
- }
- PZ_Unlock(list->lock);
- return item;
- case certOtherName:
- other = (OtherName *) data;
- if (arena != NULL) {
- tmpOther = (OtherName *)PORT_ArenaAlloc(arena,
- sizeof(OtherName));
- } else {
- tmpOther = (OtherName *) PORT_Alloc(sizeof(OtherName));
- }
- if (tmpOther != NULL) {
- SECITEM_CopyItem(arena, &tmpOther->oid, &other->oid);
- SECITEM_CopyItem(arena, &tmpOther->name, &other->name);
- }
- PZ_Unlock(list->lock);
- return tmpOther;
- case certDirectoryName:
- if (arena == NULL) {
- PZ_Unlock(list->lock);
- return NULL;
- } else {
- name = (CERTName *) PORT_ArenaZAlloc(list->arena,
- sizeof(CERTName));
- if (name != NULL) {
- CERT_CopyName(arena, name, (CERTName *) data);
- }
- PZ_Unlock(list->lock);
- return name;
- }
- }
- }
- PZ_Unlock(list->lock);
- return NULL;
-}
-
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- void *data, SECItem *oid)
-{
- CERTGeneralName *name;
-
- if (list != NULL && data != NULL) {
- PZ_Lock(list->lock);
- name = (CERTGeneralName *)
- PORT_ArenaZAlloc(list->arena, sizeof(CERTGeneralName));
- name->type = type;
- switch (type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI:
- SECITEM_CopyItem(list->arena, &name->name.other, (SECItem *)data);
- break;
- case certOtherName:
- SECITEM_CopyItem(list->arena, &name->name.OthName.name,
- (SECItem *) data);
- SECITEM_CopyItem(list->arena, &name->name.OthName.oid,
- oid);
- break;
- case certDirectoryName:
- CERT_CopyName(list->arena, &name->name.directoryName,
- (CERTName *) data);
- break;
- }
- name->l.prev = name->l.next = &name->l;
- list->name = cert_CombineNamesLists(list->name, name);
- list->len++;
- PZ_Unlock(list->lock);
- }
- return;
-}
diff --git a/security/nss/lib/certdb/genname.h b/security/nss/lib/certdb/genname.h
deleted file mode 100644
index 8e3a58619..000000000
--- a/security/nss/lib/certdb/genname.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _GENAME_H_
-#define _GENAME_H_
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template CERT_GeneralNamesTemplate[];
-
-extern CERTGeneralName *
-cert_get_next_general_name(CERTGeneralName *current);
-
-extern CERTGeneralName *
-cert_get_prev_general_name(CERTGeneralName *current);
-
-extern SECItem *
-CERT_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest,
- PRArenaPool *arena);
-
-extern SECItem **
-cert_EncodeGeneralNames(PRArenaPool *arena, CERTGeneralName *names);
-
-extern CERTGeneralName *
-CERT_DecodeGeneralName(PRArenaPool *arena, SECItem *encodedName,
- CERTGeneralName *genName);
-
-extern CERTGeneralName *
-cert_DecodeGeneralNames(PRArenaPool *arena, SECItem **encodedGenName);
-
-extern SECStatus
-cert_DestroyGeneralNames(CERTGeneralName *name);
-
-extern SECStatus
-cert_EncodeNameConstraints(CERTNameConstraints *constraints, PRArenaPool *arena,
- SECItem *dest);
-
-extern CERTNameConstraints *
-cert_DecodeNameConstraints(PRArenaPool *arena, SECItem *encodedConstraints);
-
-extern CERTGeneralName *
-cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2);
-
-extern CERTNameConstraint *
-cert_CombineConstraintsLists(CERTNameConstraint *list1, CERTNameConstraint *list2);
-
-SECStatus
-CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b);
-
-SECStatus
-CERT_CopyGeneralName(PRArenaPool *arena,
- CERTGeneralName *dest,
- CERTGeneralName *src);
-
-/* General Name Lists are a thread safe, reference counting layer to
- * general names */
-
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
-
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name);
-
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b);
-
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- PRArenaPool *arena);
-
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- void *data, SECItem *oid);
-
-
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list);
-
-
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/certdb/manifest.mn b/security/nss/lib/certdb/manifest.mn
deleted file mode 100644
index 944d38a55..000000000
--- a/security/nss/lib/certdb/manifest.mn
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- cert.h \
- certt.h \
- certdb.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- genname.h \
- xconst.h \
- certxutl.h \
- certi.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- alg1485.c \
- certdb.c \
- certv3.c \
- certxutl.c \
- crl.c \
- genname.c \
- stanpcertdb.c \
- polcyxtn.c \
- secname.c \
- xauthkid.c \
- xbsconst.c \
- xconst.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = certdb
-
diff --git a/security/nss/lib/certdb/polcyxtn.c b/security/nss/lib/certdb/polcyxtn.c
deleted file mode 100644
index 41302f039..000000000
--- a/security/nss/lib/certdb/polcyxtn.c
+++ /dev/null
@@ -1,565 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for various policy related extensions
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secport.h"
-#include "secder.h"
-#include "cert.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "nspr.h"
-
-const SEC_ASN1Template CERT_NoticeReferenceTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTNoticeReference) },
-/* NOTE: this should be a choice */
- { SEC_ASN1_IA5_STRING,
- offsetof(CERTNoticeReference, organization) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTNoticeReference, noticeNumbers),
- SEC_IntegerTemplate },
- { 0 }
-};
-
-/* this template can not be encoded because of the option inline */
-const SEC_ASN1Template CERT_UserNoticeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTUserNotice) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED,
- offsetof(CERTUserNotice, derNoticeReference) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(CERTUserNotice, displayText) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_PolicyQualifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTPolicyQualifier) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTPolicyQualifier, qualifierID) },
- { SEC_ASN1_ANY,
- offsetof(CERTPolicyQualifier, qualifierValue) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_PolicyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTPolicyInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTPolicyInfo, policyID) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTPolicyInfo, policyQualifiers),
- CERT_PolicyQualifierTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_CertificatePoliciesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCertificatePolicies, policyInfos),
- CERT_PolicyInfoTemplate, sizeof(CERTCertificatePolicies) }
-};
-
-static void
-breakLines(char *string)
-{
- char *tmpstr;
- char *lastspace = NULL;
- int curlen = 0;
- int c;
-
- tmpstr = string;
-
- while ( ( c = *tmpstr ) != '\0' ) {
- switch ( c ) {
- case ' ':
- lastspace = tmpstr;
- break;
- case '\n':
- lastspace = NULL;
- curlen = 0;
- break;
- }
-
- if ( ( curlen >= 55 ) && ( lastspace != NULL ) ) {
- *lastspace = '\n';
- curlen = ( tmpstr - lastspace );
- lastspace = NULL;
- }
-
- curlen++;
- tmpstr++;
- }
-
- return;
-}
-
-CERTCertificatePolicies *
-CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTCertificatePolicies *policies;
- CERTPolicyInfo **policyInfos, *policyInfo;
- CERTPolicyQualifier **policyQualifiers, *policyQualifier;
- SECItem newExtnValue;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the certifiate policies structure */
- policies = (CERTCertificatePolicies *)
- PORT_ArenaZAlloc(arena, sizeof(CERTCertificatePolicies));
-
- if ( policies == NULL ) {
- goto loser;
- }
-
- policies->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* decode the policy info */
- rv = SEC_QuickDERDecodeItem(arena, policies, CERT_CertificatePoliciesTemplate,
- &newExtnValue);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize the oid tags */
- policyInfos = policies->policyInfos;
- while (*policyInfos != NULL ) {
- policyInfo = *policyInfos;
- policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);
- policyQualifiers = policyInfo->policyQualifiers;
- while ( *policyQualifiers != NULL ) {
- policyQualifier = *policyQualifiers;
- policyQualifier->oid =
- SECOID_FindOIDTag(&policyQualifier->qualifierID);
- policyQualifiers++;
- }
- policyInfos++;
- }
-
- return(policies);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies)
-{
- if ( policies != NULL ) {
- PORT_FreeArena(policies->arena, PR_FALSE);
- }
- return;
-}
-
-
-CERTUserNotice *
-CERT_DecodeUserNotice(SECItem *noticeItem)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTUserNotice *userNotice;
- SECItem newNoticeItem;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the userNotice structure */
- userNotice = (CERTUserNotice *)PORT_ArenaZAlloc(arena,
- sizeof(CERTUserNotice));
-
- if ( userNotice == NULL ) {
- goto loser;
- }
-
- userNotice->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newNoticeItem, noticeItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* decode the user notice */
- rv = SEC_QuickDERDecodeItem(arena, userNotice, CERT_UserNoticeTemplate,
- &newNoticeItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- if (userNotice->derNoticeReference.data != NULL) {
- /* sigh, the asn1 parser stripped the sequence encoding, re add it
- * before we decode.
- */
- SECItem tmpbuf;
- int newBytes;
-
- newBytes = SEC_ASN1LengthLength(userNotice->derNoticeReference.len)+1;
- tmpbuf.len = newBytes + userNotice->derNoticeReference.len;
- tmpbuf.data = PORT_ArenaZAlloc(arena, tmpbuf.len);
- if (tmpbuf.data == NULL) {
- goto loser;
- }
- tmpbuf.data[0] = SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED;
- SEC_ASN1EncodeLength(&tmpbuf.data[1],userNotice->derNoticeReference.len);
- PORT_Memcpy(&tmpbuf.data[newBytes],userNotice->derNoticeReference.data,
- userNotice->derNoticeReference.len);
-
- /* OK, no decode it */
- rv = SEC_QuickDERDecodeItem(arena, &userNotice->noticeReference,
- CERT_NoticeReferenceTemplate, &tmpbuf);
-
- PORT_Free(tmpbuf.data); tmpbuf.data = NULL;
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- return(userNotice);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-CERT_DestroyUserNotice(CERTUserNotice *userNotice)
-{
- if ( userNotice != NULL ) {
- PORT_FreeArena(userNotice->arena, PR_FALSE);
- }
- return;
-}
-
-static CERTPolicyStringCallback policyStringCB = NULL;
-static void *policyStringCBArg = NULL;
-
-void
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg)
-{
- policyStringCB = cb;
- policyStringCBArg = cbarg;
- return;
-}
-
-char *
-stringFromUserNotice(SECItem *noticeItem)
-{
- SECItem *org;
- unsigned int len, headerlen;
- char *stringbuf;
- CERTUserNotice *userNotice;
- char *policystr;
- char *retstr = NULL;
- SECItem *displayText;
- SECItem **noticeNumbers;
- unsigned int strnum;
-
- /* decode the user notice */
- userNotice = CERT_DecodeUserNotice(noticeItem);
- if ( userNotice == NULL ) {
- return(NULL);
- }
-
- org = &userNotice->noticeReference.organization;
- if ( (org->len != 0 ) && ( policyStringCB != NULL ) ) {
- /* has a noticeReference */
-
- /* extract the org string */
- len = org->len;
- stringbuf = (char*)PORT_Alloc(len + 1);
- if ( stringbuf != NULL ) {
- PORT_Memcpy(stringbuf, org->data, len);
- stringbuf[len] = '\0';
-
- noticeNumbers = userNotice->noticeReference.noticeNumbers;
- while ( *noticeNumbers != NULL ) {
- /* XXX - only one byte integers right now*/
- strnum = (*noticeNumbers)->data[0];
- policystr = (* policyStringCB)(stringbuf,
- strnum,
- policyStringCBArg);
- if ( policystr != NULL ) {
- if ( retstr != NULL ) {
- retstr = PR_sprintf_append(retstr, "\n%s", policystr);
- } else {
- retstr = PR_sprintf_append(retstr, "%s", policystr);
- }
-
- PORT_Free(policystr);
- }
-
- noticeNumbers++;
- }
-
- PORT_Free(stringbuf);
- }
- }
-
- if ( retstr == NULL ) {
- if ( userNotice->displayText.len != 0 ) {
- displayText = &userNotice->displayText;
-
- if ( displayText->len > 2 ) {
- if ( displayText->data[0] == SEC_ASN1_VISIBLE_STRING ) {
- headerlen = 2;
- if ( displayText->data[1] & 0x80 ) {
- /* multibyte length */
- headerlen += ( displayText->data[1] & 0x7f );
- }
-
- len = displayText->len - headerlen;
- retstr = (char*)PORT_Alloc(len + 1);
- if ( retstr != NULL ) {
- PORT_Memcpy(retstr, &displayText->data[headerlen],len);
- retstr[len] = '\0';
- }
- }
- }
- }
- }
-
- CERT_DestroyUserNotice(userNotice);
-
- return(retstr);
-}
-
-char *
-CERT_GetCertCommentString(CERTCertificate *cert)
-{
- char *retstring = NULL;
- SECStatus rv;
- SECItem policyItem;
- CERTCertificatePolicies *policies = NULL;
- CERTPolicyInfo **policyInfos;
- CERTPolicyQualifier **policyQualifiers, *qualifier;
-
- policyItem.data = NULL;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES,
- &policyItem);
- if ( rv != SECSuccess ) {
- goto nopolicy;
- }
-
- policies = CERT_DecodeCertificatePoliciesExtension(&policyItem);
- if ( policies == NULL ) {
- goto nopolicy;
- }
-
- policyInfos = policies->policyInfos;
- /* search through policyInfos looking for the verisign policy */
- while (*policyInfos != NULL ) {
- if ( (*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES ) {
- policyQualifiers = (*policyInfos)->policyQualifiers;
- /* search through the policy qualifiers looking for user notice */
- while ( *policyQualifiers != NULL ) {
- qualifier = *policyQualifiers;
- if ( qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER ) {
- retstring =
- stringFromUserNotice(&qualifier->qualifierValue);
- break;
- }
-
- policyQualifiers++;
- }
- break;
- }
- policyInfos++;
- }
-
-nopolicy:
- if ( policyItem.data != NULL ) {
- PORT_Free(policyItem.data);
- }
-
- if ( policies != NULL ) {
- CERT_DestroyCertificatePoliciesExtension(policies);
- }
-
- if ( retstring == NULL ) {
- retstring = CERT_FindNSStringExtension(cert,
- SEC_OID_NS_CERT_EXT_COMMENT);
- }
-
- if ( retstring != NULL ) {
- breakLines(retstring);
- }
-
- return(retstring);
-}
-
-
-const SEC_ASN1Template CERT_OidSeqTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTOidSequence, oids),
- SEC_ObjectIDTemplate }
-};
-
-CERTOidSequence *
-CERT_DecodeOidSequence(SECItem *seqItem)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTOidSequence *oidSeq;
- SECItem newSeqItem;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the userNotice structure */
- oidSeq = (CERTOidSequence *)PORT_ArenaZAlloc(arena,
- sizeof(CERTOidSequence));
-
- if ( oidSeq == NULL ) {
- goto loser;
- }
-
- oidSeq->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newSeqItem, seqItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* decode the user notice */
- rv = SEC_QuickDERDecodeItem(arena, oidSeq, CERT_OidSeqTemplate, &newSeqItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(oidSeq);
-
-loser:
- return(NULL);
-}
-
-
-void
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq)
-{
- if ( oidSeq != NULL ) {
- PORT_FreeArena(oidSeq->arena, PR_FALSE);
- }
- return;
-}
-
-PRBool
-CERT_GovtApprovedBitSet(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem extItem;
- CERTOidSequence *oidSeq = NULL;
- PRBool ret;
- SECItem **oids;
- SECItem *oid;
- SECOidTag oidTag;
-
- extItem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- oidSeq = CERT_DecodeOidSequence(&extItem);
- if ( oidSeq == NULL ) {
- goto loser;
- }
-
- oids = oidSeq->oids;
- while ( oids != NULL && *oids != NULL ) {
- oid = *oids;
-
- oidTag = SECOID_FindOIDTag(oid);
-
- if ( oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED ) {
- goto success;
- }
-
- oids++;
- }
-
-loser:
- ret = PR_FALSE;
- goto done;
-success:
- ret = PR_TRUE;
-done:
- if ( oidSeq != NULL ) {
- CERT_DestroyOidSequence(oidSeq);
- }
- if (extItem.data != NULL) {
- PORT_Free(extItem.data);
- }
- return(ret);
-}
diff --git a/security/nss/lib/certdb/secname.c b/security/nss/lib/certdb/secname.c
deleted file mode 100644
index a508dcb44..000000000
--- a/security/nss/lib/certdb/secname.c
+++ /dev/null
@@ -1,653 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "secoid.h"
-#include "secder.h" /* XXX remove this when remove the DERTemplates */
-#include "secasn1.h"
-#include "secitem.h"
-#include <stdarg.h>
-#include "secerr.h"
-
-static const SEC_ASN1Template cert_AVATemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTAVA) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTAVA,type), },
- { SEC_ASN1_ANY,
- offsetof(CERTAVA,value), },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_RDNTemplate[] = {
- { SEC_ASN1_SET_OF,
- offsetof(CERTRDN,avas), cert_AVATemplate, sizeof(CERTRDN) }
-};
-
-
-static int
-CountArray(void **array)
-{
- int count = 0;
- if (array) {
- while (*array++) {
- count++;
- }
- }
- return count;
-}
-
-static void
-**AddToArray(PRArenaPool *arena, void **array, void *element)
-{
- unsigned count;
- void **ap;
-
- /* Count up number of slots already in use in the array */
- count = 0;
- ap = array;
- if (ap) {
- while (*ap++) {
- count++;
- }
- }
-
- if (array) {
- array = (void**) PORT_ArenaGrow(arena, array,
- (count + 1) * sizeof(void *),
- (count + 2) * sizeof(void *));
- } else {
- array = (void**) PORT_ArenaAlloc(arena, (count + 2) * sizeof(void *));
- }
- if (array) {
- array[count] = element;
- array[count+1] = 0;
- }
- return array;
-}
-
-#if 0
-static void
-**RemoveFromArray(void **array, void *element)
-{
- unsigned count;
- void **ap;
- int slot;
-
- /* Look for element */
- ap = array;
- if (ap) {
- count = 1; /* count the null at the end */
- slot = -1;
- for (; *ap; ap++, count++) {
- if (*ap == element) {
- /* Found it */
- slot = ap - array;
- }
- }
- if (slot >= 0) {
- /* Found it. Squish array down */
- PORT_Memmove((void*) (array + slot), (void*) (array + slot + 1),
- (count - slot - 1) * sizeof(void*));
- /* Don't bother reallocing the memory */
- }
- }
- return array;
-}
-#endif /* 0 */
-
-SECOidTag
-CERT_GetAVATag(CERTAVA *ava)
-{
- SECOidData *oid;
- if (!ava->type.data) return (SECOidTag)-1;
-
- oid = SECOID_FindOID(&ava->type);
-
- if ( oid ) {
- return(oid->offset);
- }
- return (SECOidTag)-1;
-}
-
-static SECStatus
-SetupAVAType(PRArenaPool *arena, SECOidTag type, SECItem *it, unsigned *maxLenp)
-{
- unsigned char *oid;
- unsigned oidLen;
- unsigned char *cp;
- unsigned maxLen;
- SECOidData *oidrec;
-
- oidrec = SECOID_FindOIDByTag(type);
- if (oidrec == NULL)
- return SECFailure;
-
- oid = oidrec->oid.data;
- oidLen = oidrec->oid.len;
-
- switch (type) {
- case SEC_OID_AVA_COUNTRY_NAME:
- maxLen = 2;
- break;
- case SEC_OID_AVA_ORGANIZATION_NAME:
- maxLen = 64;
- break;
- case SEC_OID_AVA_COMMON_NAME:
- maxLen = 64;
- break;
- case SEC_OID_AVA_LOCALITY:
- maxLen = 128;
- break;
- case SEC_OID_AVA_STATE_OR_PROVINCE:
- maxLen = 128;
- break;
- case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
- maxLen = 64;
- break;
- case SEC_OID_AVA_DC:
- maxLen = 128;
- break;
- case SEC_OID_AVA_DN_QUALIFIER:
- maxLen = 0x7fff;
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- maxLen = 128;
- break;
- case SEC_OID_RFC1274_UID:
- maxLen = 256; /* RFC 1274 specifies 256 */
- break;
- case SEC_OID_RFC1274_MAIL:
- maxLen = 256; /* RFC 1274 specifies 256 */
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, oidLen);
- if (cp == NULL) {
- return SECFailure;
- }
- it->len = oidLen;
- PORT_Memcpy(cp, oid, oidLen);
- *maxLenp = maxLen;
- return SECSuccess;
-}
-
-static SECStatus
-SetupAVAValue(PRArenaPool *arena, int valueType, char *value, SECItem *it,
- unsigned maxLen)
-{
- unsigned valueLen, valueLenLen, total;
- unsigned ucs4Len = 0, ucs4MaxLen;
- unsigned char *cp, *ucs4Val;
-
- switch (valueType) {
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_T61_STRING:
- valueLen = PORT_Strlen(value);
- break;
- case SEC_ASN1_UNIVERSAL_STRING:
- valueLen = PORT_Strlen(value);
- ucs4Val = (unsigned char *)PORT_ArenaZAlloc(arena,
- PORT_Strlen(value) * 6);
- ucs4MaxLen = PORT_Strlen(value) * 6;
- if(!ucs4Val || !PORT_UCS4_UTF8Conversion(PR_TRUE, (unsigned char *)value, valueLen,
- ucs4Val, ucs4MaxLen, &ucs4Len)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- value = (char *)ucs4Val;
- valueLen = ucs4Len;
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (((valueType != SEC_ASN1_UNIVERSAL_STRING) && (valueLen > maxLen)) ||
- ((valueType == SEC_ASN1_UNIVERSAL_STRING) && (valueLen > (maxLen * 4)))) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- valueLenLen = DER_LengthLength(valueLen);
- total = 1 + valueLenLen + valueLen;
- it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, total);
- if (!cp) {
- return SECFailure;
- }
- it->len = total;
- cp = (unsigned char*) DER_StoreHeader(cp, valueType, valueLen);
- PORT_Memcpy(cp, value, valueLen);
- return SECSuccess;
-}
-
-CERTAVA *
-CERT_CreateAVA(PRArenaPool *arena, SECOidTag kind, int valueType, char *value)
-{
- CERTAVA *ava;
- int rv;
- unsigned maxLen;
-
- ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
- if (ava) {
- rv = SetupAVAType(arena, kind, &ava->type, &maxLen);
- if (rv) {
- /* Illegal AVA type */
- return 0;
- }
- rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen);
- if (rv) {
- /* Illegal value type */
- return 0;
- }
- }
- return ava;
-}
-
-CERTAVA *
-CERT_CopyAVA(PRArenaPool *arena, CERTAVA *from)
-{
- CERTAVA *ava;
- int rv;
-
- ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
- if (ava) {
- rv = SECITEM_CopyItem(arena, &ava->type, &from->type);
- if (rv) goto loser;
- rv = SECITEM_CopyItem(arena, &ava->value, &from->value);
- if (rv) goto loser;
- }
- return ava;
-
- loser:
- return 0;
-}
-
-/************************************************************************/
-/* XXX This template needs to go away in favor of the new SEC_ASN1 version. */
-static const SEC_ASN1Template cert_RDNTemplate[] = {
- { SEC_ASN1_SET_OF,
- offsetof(CERTRDN,avas), cert_AVATemplate, sizeof(CERTRDN) }
-};
-
-
-CERTRDN *
-CERT_CreateRDN(PRArenaPool *arena, CERTAVA *ava0, ...)
-{
- CERTAVA *ava;
- CERTRDN *rdn;
- va_list ap;
- unsigned count;
- CERTAVA **avap;
-
- rdn = (CERTRDN*) PORT_ArenaAlloc(arena, sizeof(CERTRDN));
- if (rdn) {
- /* Count number of avas going into the rdn */
- count = 0;
- if (ava0) {
- count++;
- va_start(ap, ava0);
- while ((ava = va_arg(ap, CERTAVA*)) != 0) {
- count++;
- }
- va_end(ap);
- }
-
- /* Now fill in the pointers */
- rdn->avas = avap =
- (CERTAVA**) PORT_ArenaAlloc( arena, (count + 1)*sizeof(CERTAVA*));
- if (!avap) {
- return 0;
- }
- if (ava0) {
- *avap++ = ava0;
- va_start(ap, ava0);
- while ((ava = va_arg(ap, CERTAVA*)) != 0) {
- *avap++ = ava;
- }
- va_end(ap);
- }
- *avap++ = 0;
- }
- return rdn;
-}
-
-SECStatus
-CERT_AddAVA(PRArenaPool *arena, CERTRDN *rdn, CERTAVA *ava)
-{
- rdn->avas = (CERTAVA**) AddToArray(arena, (void**) rdn->avas, ava);
- return rdn->avas ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyRDN(PRArenaPool *arena, CERTRDN *to, CERTRDN *from)
-{
- CERTAVA **avas, *fava, *tava;
- SECStatus rv;
-
- /* Copy each ava from from */
- avas = from->avas;
- while ((fava = *avas++) != 0) {
- tava = CERT_CopyAVA(arena, fava);
- if (!tava) return SECFailure;
- rv = CERT_AddAVA(arena, to, tava);
- if (rv) return rv;
- }
- return SECSuccess;
-}
-
-/************************************************************************/
-
-const SEC_ASN1Template CERT_NameTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTName,rdns), CERT_RDNTemplate, sizeof(CERTName) }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_NameTemplate)
-
-CERTName *
-CERT_CreateName(CERTRDN *rdn0, ...)
-{
- CERTRDN *rdn;
- CERTName *name;
- va_list ap;
- unsigned count;
- CERTRDN **rdnp;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return(0);
- }
-
- name = (CERTName*) PORT_ArenaAlloc(arena, sizeof(CERTName));
- if (name) {
- name->arena = arena;
-
- /* Count number of RDNs going into the Name */
- if (!rdn0) {
- count = 0;
- } else {
- count = 1;
- va_start(ap, rdn0);
- while ((rdn = va_arg(ap, CERTRDN*)) != 0) {
- count++;
- }
- va_end(ap);
- }
-
- /* Allocate space (including space for terminal null ptr) */
- name->rdns = rdnp =
- (CERTRDN**) PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTRDN*));
- if (!name->rdns) {
- goto loser;
- }
-
- /* Now fill in the pointers */
- if (count > 0) {
- *rdnp++ = rdn0;
- va_start(ap, rdn0);
- while ((rdn = va_arg(ap, CERTRDN*)) != 0) {
- *rdnp++ = rdn;
- }
- va_end(ap);
- }
-
- /* null terminate the list */
- *rdnp++ = 0;
- }
- return name;
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(0);
-}
-
-void
-CERT_DestroyName(CERTName *name)
-{
- if (name)
- {
- PRArenaPool *arena = name->arena;
- name->rdns = NULL;
- name->arena = NULL;
- if (arena) PORT_FreeArena(arena, PR_FALSE);
- }
-}
-
-SECStatus
-CERT_AddRDN(CERTName *name, CERTRDN *rdn)
-{
- name->rdns = (CERTRDN**) AddToArray(name->arena, (void**) name->rdns, rdn);
- return name->rdns ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyName(PRArenaPool *arena, CERTName *to, CERTName *from)
-{
- CERTRDN **rdns, *frdn, *trdn;
- SECStatus rv;
-
- if (!to || !from)
- return SECFailure;
-
- CERT_DestroyName(to);
- to->arena = arena;
-
- /* Copy each rdn from from */
- rdns = from->rdns;
- while ((frdn = *rdns++) != 0) {
- trdn = CERT_CreateRDN(arena, 0);
- if ( trdn == NULL ) {
- return(SECFailure);
- }
- rv = CERT_CopyRDN(arena, trdn, frdn);
- if (rv) return rv;
- rv = CERT_AddRDN(to, trdn);
- if (rv) return rv;
- }
- return SECSuccess;
-}
-
-/************************************************************************/
-
-SECComparison
-CERT_CompareAVA(CERTAVA *a, CERTAVA *b)
-{
- SECComparison rv;
-
- rv = SECITEM_CompareItem(&a->type, &b->type);
- if (rv) {
- /*
- ** XXX for now we are going to just assume that a bitwise
- ** comparison of the value codes will do the trick.
- */
- }
- rv = SECITEM_CompareItem(&a->value, &b->value);
- return rv;
-}
-
-SECComparison
-CERT_CompareRDN(CERTRDN *a, CERTRDN *b)
-{
- CERTAVA **aavas, *aava;
- CERTAVA **bavas, *bava;
- int ac, bc;
- SECComparison rv = SECEqual;
-
- aavas = a->avas;
- bavas = b->avas;
-
- /*
- ** Make sure array of ava's are the same length. If not, then we are
- ** not equal
- */
- ac = CountArray((void**) aavas);
- bc = CountArray((void**) bavas);
- if (ac < bc) return SECLessThan;
- if (ac > bc) return SECGreaterThan;
-
- for (;;) {
- aava = *aavas++;
- bava = *bavas++;
- if (!aava) {
- break;
- }
- rv = CERT_CompareAVA(aava, bava);
- if (rv) return rv;
- }
- return rv;
-}
-
-SECComparison
-CERT_CompareName(CERTName *a, CERTName *b)
-{
- CERTRDN **ardns, *ardn;
- CERTRDN **brdns, *brdn;
- int ac, bc;
- SECComparison rv = SECEqual;
-
- ardns = a->rdns;
- brdns = b->rdns;
-
- /*
- ** Make sure array of rdn's are the same length. If not, then we are
- ** not equal
- */
- ac = CountArray((void**) ardns);
- bc = CountArray((void**) brdns);
- if (ac < bc) return SECLessThan;
- if (ac > bc) return SECGreaterThan;
-
- for (;;) {
- ardn = *ardns++;
- brdn = *brdns++;
- if (!ardn) {
- break;
- }
- rv = CERT_CompareRDN(ardn, brdn);
- if (rv) return rv;
- }
- return rv;
-}
-
-/* Moved from certhtml.c */
-SECItem *
-CERT_DecodeAVAValue(SECItem *derAVAValue)
-{
- SECItem *retItem;
- const SEC_ASN1Template *theTemplate = NULL;
- PRBool convertUCS4toUTF8 = PR_FALSE;
- PRBool convertUCS2toUTF8 = PR_FALSE;
- SECItem avaValue = {siBuffer, 0};
- PLArenaPool *newarena = NULL;
-
- if(!derAVAValue) {
- return NULL;
- }
-
- switch(derAVAValue->data[0]) {
- case SEC_ASN1_UNIVERSAL_STRING:
- convertUCS4toUTF8 = PR_TRUE;
- theTemplate = SEC_UniversalStringTemplate;
- break;
- case SEC_ASN1_IA5_STRING:
- theTemplate = SEC_IA5StringTemplate;
- break;
- case SEC_ASN1_PRINTABLE_STRING:
- theTemplate = SEC_PrintableStringTemplate;
- break;
- case SEC_ASN1_T61_STRING:
- theTemplate = SEC_T61StringTemplate;
- break;
- case SEC_ASN1_BMP_STRING:
- convertUCS2toUTF8 = PR_TRUE;
- theTemplate = SEC_BMPStringTemplate;
- break;
- case SEC_ASN1_UTF8_STRING:
- /* No conversion needed ! */
- theTemplate = SEC_UTF8StringTemplate;
- break;
- default:
- return NULL;
- }
-
- PORT_Memset(&avaValue, 0, sizeof(SECItem));
- newarena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!newarena) {
- return NULL;
- }
- if(SEC_QuickDERDecodeItem(newarena, &avaValue, theTemplate, derAVAValue)
- != SECSuccess) {
- PORT_FreeArena(newarena, PR_FALSE);
- return NULL;
- }
-
- if (convertUCS4toUTF8) {
- unsigned int utf8ValLen = avaValue.len * 3;
- unsigned char *utf8Val = (unsigned char*)
- PORT_ArenaZAlloc(newarena, utf8ValLen);
-
- if(!PORT_UCS4_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len,
- utf8Val, utf8ValLen, &utf8ValLen)) {
- PORT_FreeArena(newarena, PR_FALSE);
- return NULL;
- }
-
- avaValue.data = utf8Val;
- avaValue.len = utf8ValLen;
-
- } else if (convertUCS2toUTF8) {
-
- unsigned int utf8ValLen = avaValue.len * 3;
- unsigned char *utf8Val = (unsigned char*)
- PORT_ArenaZAlloc(newarena, utf8ValLen);
-
- if(!PORT_UCS2_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len,
- utf8Val, utf8ValLen, &utf8ValLen)) {
- PORT_FreeArena(newarena, PR_FALSE);
- return NULL;
- }
-
- avaValue.data = utf8Val;
- avaValue.len = utf8ValLen;
- }
-
- retItem = SECITEM_DupItem(&avaValue);
- PORT_FreeArena(newarena, PR_FALSE);
- return retItem;
-}
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c
deleted file mode 100644
index bd905e5fb..000000000
--- a/security/nss/lib/certdb/stanpcertdb.c
+++ /dev/null
@@ -1,978 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtime.h"
-
-#include "cert.h"
-#include "mcom_db.h"
-#include "certdb.h"
-#include "secitem.h"
-#include "secder.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "base64.h"
-#include "sechash.h"
-#include "plhash.h"
-#include "pk11func.h" /* sigh */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspki.h"
-#include "pki.h"
-#include "pkim.h"
-#include "pki3hack.h"
-#include "ckhelper.h"
-#include "base.h"
-#include "pkistore.h"
-#include "dev3hack.h"
-#include "dev.h"
-
-PRBool
-SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
- CERTCertDBHandle *handle)
-{
- CERTCertificate *cert;
- PRBool conflict = PR_FALSE;
-
- cert=CERT_FindCertByNickname(handle, nickname);
-
- if (!cert) {
- return conflict;
- }
-
- conflict = !SECITEM_ItemsAreEqual(derSubject,&cert->derSubject);
- CERT_DestroyCertificate(cert);
- return conflict;
-}
-
-SECStatus
-SEC_DeletePermCertificate(CERTCertificate *cert)
-{
- PRStatus nssrv;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSCertificate *c = STAN_GetNSSCertificate(cert);
-
- /* get rid of the token instances */
- nssrv = NSSCertificate_DeleteStoredObject(c, NULL);
-
- /* get rid of the cache entry */
- nssTrustDomain_LockCertCache(td);
- nssTrustDomain_RemoveCertFromCacheLOCKED(td, c);
- nssTrustDomain_UnlockCertCache(td);
-
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust)
-{
- SECStatus rv;
- CERT_LockCertTrust(cert);
- if ( cert->trust == NULL ) {
- rv = SECFailure;
- } else {
- *trust = *cert->trust;
- rv = SECSuccess;
- }
- CERT_UnlockCertTrust(cert);
- return(rv);
-}
-
-#ifdef notdef
-static char *
-cert_parseNickname(char *nickname)
-{
- char *cp;
- for (cp=nickname; *cp && *cp != ':'; cp++);
- if (*cp == ':') return cp+1;
- return nickname;
-}
-#endif
-
-SECStatus
-CERT_ChangeCertTrust(CERTCertDBHandle *handle, CERTCertificate *cert,
- CERTCertTrust *trust)
-{
- SECStatus rv = SECFailure;
- PRStatus ret;
-
- CERT_LockCertTrust(cert);
- ret = STAN_ChangeCertTrust(cert, trust);
- rv = (ret == PR_SUCCESS) ? SECSuccess : SECFailure;
- CERT_UnlockCertTrust(cert);
- return rv;
-}
-
-extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
-
-SECStatus
-__CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
- CERTCertTrust *trust)
-{
- NSSUTF8 *stanNick;
- PK11SlotInfo *slot;
- NSSToken *internal;
- NSSCryptoContext *context;
- nssCryptokiObject *permInstance;
- NSSCertificate *c = STAN_GetNSSCertificate(cert);
- context = c->object.cryptoContext;
- if (!context) {
- return SECFailure; /* wasn't a temp cert */
- }
- stanNick = nssCertificate_GetNickname(c, NULL);
- if (stanNick && nickname && strcmp(nickname, stanNick) != 0) {
- /* take the new nickname */
- cert->nickname = NULL;
- stanNick = NULL;
- }
- if (!stanNick && nickname) {
- stanNick = nssUTF8_Duplicate((NSSUTF8 *)nickname, c->object.arena);
- }
- /* Delete the temp instance */
- nssCertificateStore_Lock(context->certStore);
- nssCertificateStore_RemoveCertLOCKED(context->certStore, c);
- nssCertificateStore_Unlock(context->certStore);
- c->object.cryptoContext = NULL;
- /* Import the perm instance onto the internal token */
- slot = PK11_GetInternalKeySlot();
- internal = PK11Slot_GetNSSToken(slot);
- permInstance = nssToken_ImportCertificate(internal, NULL,
- NSSCertificateType_PKIX,
- &c->id,
- stanNick,
- &c->encoding,
- &c->issuer,
- &c->subject,
- &c->serial,
- cert->emailAddr,
- PR_TRUE);
- PK11_FreeSlot(slot);
- if (!permInstance) {
- if (NSS_GetError() == NSS_ERROR_INVALID_CERTIFICATE) {
- PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
- }
- return SECFailure;
- }
- nssPKIObject_AddInstance(&c->object, permInstance);
- nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
- /* reset the CERTCertificate fields */
- cert->nssCertificate = NULL;
- cert = STAN_GetCERTCertificate(c); /* will return same pointer */
- if (!cert) {
- return SECFailure;
- }
- cert->istemp = PR_FALSE;
- cert->isperm = PR_TRUE;
- if (!trust) {
- return SECSuccess;
- }
- return (STAN_ChangeCertTrust(cert, trust) == PR_SUCCESS) ?
- SECSuccess: SECFailure;
-}
-
-SECStatus
-CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
- CERTCertTrust *trust)
-{
- return __CERT_AddTempCertToPerm(cert, nickname, trust);
-}
-
-CERTCertificate *
-__CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER)
-{
- PRStatus nssrv;
- NSSCertificate *c;
- CERTCertificate *cc;
- NSSCertificate *tempCert;
- nssPKIObject *pkio;
- NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext();
- NSSTrustDomain *gTD = STAN_GetDefaultTrustDomain();
- if (!isperm) {
- NSSDER encoding;
- NSSITEM_FROM_SECITEM(&encoding, derCert);
- /* First, see if it is already a temp cert */
- c = NSSCryptoContext_FindCertificateByEncodedCertificate(gCC,
- &encoding);
- if (!c) {
- /* Then, see if it is already a perm cert */
- c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
- &encoding);
- /* actually, that search ends up going by issuer/serial,
- * so it is still possible to return a cert with the same
- * issuer/serial but a different encoding, and we're
- * going to reject that
- */
- if (c && !nssItem_Equal(&c->encoding, &encoding, NULL)) {
- nssCertificate_Destroy(c);
- PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
- return NULL;
- }
- }
- if (c) {
- return STAN_GetCERTCertificate(c);
- }
- }
- pkio = nssPKIObject_Create(NULL, NULL, gTD, gCC);
- if (!pkio) {
- return NULL;
- }
- c = nss_ZNEW(pkio->arena, NSSCertificate);
- if (!c) {
- nssPKIObject_Destroy(pkio);
- return NULL;
- }
- c->object = *pkio;
- if (copyDER) {
- nssItem_Create(c->object.arena, &c->encoding,
- derCert->len, derCert->data);
- } else {
- NSSITEM_FROM_SECITEM(&c->encoding, derCert);
- }
- /* Forces a decoding of the cert in order to obtain the parts used
- * below
- */
- cc = STAN_GetCERTCertificate(c);
- if (!cc) {
- return NULL;
- }
- nssItem_Create(c->object.arena,
- &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
- nssItem_Create(c->object.arena,
- &c->subject, cc->derSubject.len, cc->derSubject.data);
- if (PR_TRUE) {
- /* CERTCertificate stores serial numbers decoded. I need the DER
- * here. sigh.
- */
- SECItem derSerial = { 0 };
- CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
- if (!derSerial.data) goto loser;
- nssItem_Create(c->object.arena, &c->serial, derSerial.len, derSerial.data);
- PORT_Free(derSerial.data);
- }
- if (nickname) {
- c->object.tempName = nssUTF8_Create(c->object.arena,
- nssStringType_UTF8String,
- (NSSUTF8 *)nickname,
- PORT_Strlen(nickname));
- }
- if (cc->emailAddr) {
- c->email = nssUTF8_Create(c->object.arena,
- nssStringType_PrintableString,
- (NSSUTF8 *)cc->emailAddr,
- PORT_Strlen(cc->emailAddr));
- }
- /* this function cannot detect if the cert exists as a temp cert now, but
- * didn't when CERT_NewTemp was first called.
- */
- nssrv = NSSCryptoContext_ImportCertificate(gCC, c);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- /* so find the entry in the temp store */
- tempCert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(gCC,
- &c->issuer,
- &c->serial);
- /* destroy the copy */
- NSSCertificate_Destroy(c);
- if (tempCert) {
- /* and use the "official" entry */
- c = tempCert;
- cc = STAN_GetCERTCertificate(c);
- if (!cc) {
- return NULL;
- }
- } else {
- return NULL;
- }
- cc->istemp = PR_TRUE;
- cc->isperm = PR_FALSE;
- return cc;
-loser:
- nssPKIObject_Destroy(&c->object);
- return NULL;
-}
-
-CERTCertificate *
-CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER)
-{
- return( __CERT_NewTempCertificate(handle, derCert, nickname,
- isperm, copyDER) );
-}
-
-/* maybe all the wincx's should be some const for internal token login? */
-CERTCertificate *
-CERT_FindCertByIssuerAndSN(CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN)
-{
- PK11SlotInfo *slot;
- CERTCertificate *cert;
-
- cert = PK11_FindCertByIssuerAndSN(&slot,issuerAndSN,NULL);
- if (cert && slot) {
- PK11_FreeSlot(slot);
- }
-
- return cert;
-}
-
-static NSSCertificate *
-get_best_temp_or_perm(NSSCertificate *ct, NSSCertificate *cp)
-{
- NSSUsage usage;
- NSSCertificate *arr[3];
- if (!ct) {
- return nssCertificate_AddRef(cp);
- } else if (!cp) {
- return nssCertificate_AddRef(ct);
- }
- arr[0] = ct;
- arr[1] = cp;
- arr[2] = NULL;
- usage.anyUsage = PR_TRUE;
- return nssCertificateArray_FindBestCertificate(arr, NULL, &usage, NULL);
-}
-
-CERTCertificate *
-CERT_FindCertByName(CERTCertDBHandle *handle, SECItem *name)
-{
- NSSCertificate *cp, *ct, *c;
- NSSDER subject;
- NSSUsage usage;
- NSSCryptoContext *cc;
- NSSITEM_FROM_SECITEM(&subject, name);
- usage.anyUsage = PR_TRUE;
- cc = STAN_GetDefaultCryptoContext();
- ct = NSSCryptoContext_FindBestCertificateBySubject(cc, &subject,
- NULL, &usage, NULL);
- cp = NSSTrustDomain_FindBestCertificateBySubject(handle, &subject,
- NULL, &usage, NULL);
- c = get_best_temp_or_perm(ct, cp);
- if (ct) {
- CERTCertificate *cert = STAN_GetCERTCertificate(ct);
- if (!cert) {
- return NULL;
- }
- CERT_DestroyCertificate(cert);
- }
- if (cp) {
- CERTCertificate *cert = STAN_GetCERTCertificate(cp);
- if (!cert) {
- return NULL;
- }
- CERT_DestroyCertificate(cert);
- }
- if (c) {
- return STAN_GetCERTCertificate(c);
- } else {
- return NULL;
- }
-}
-
-CERTCertificate *
-CERT_FindCertByKeyID(CERTCertDBHandle *handle, SECItem *name, SECItem *keyID)
-{
- CERTCertList *list =
- CERT_CreateSubjectCertList(NULL,handle,name,0,PR_FALSE);
- CERTCertificate *cert = NULL;
- CERTCertListNode *node = CERT_LIST_HEAD(list);
-
- if (list == NULL) return NULL;
-
- for (node = CERT_LIST_HEAD(list); node ; node = CERT_LIST_NEXT(node)) {
- if (SECITEM_ItemsAreEqual(&cert->subjectKeyID, keyID) ) {
- cert = CERT_DupCertificate(node->cert);
- break;
- }
- }
- return cert;
-}
-
-CERTCertificate *
-CERT_FindCertByNickname(CERTCertDBHandle *handle, char *nickname)
-{
- NSSCryptoContext *cc;
- NSSCertificate *c, *ct;
- CERTCertificate *cert;
- NSSUsage usage;
- usage.anyUsage = PR_TRUE;
- cc = STAN_GetDefaultCryptoContext();
- ct = NSSCryptoContext_FindBestCertificateByNickname(cc, nickname,
- NULL, &usage, NULL);
- cert = PK11_FindCertFromNickname(nickname, NULL);
- c = NULL;
- if (cert) {
- c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
- CERT_DestroyCertificate(cert);
- if (ct) {
- CERTCertificate *cert2 = STAN_GetCERTCertificate(ct);
- if (!cert2) {
- return NULL;
- }
- CERT_DestroyCertificate(cert2);
- }
- } else {
- c = ct;
- }
- if (c) {
- return STAN_GetCERTCertificate(c);
- } else {
- return NULL;
- }
-}
-
-CERTCertificate *
-CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert)
-{
- NSSCryptoContext *cc;
- NSSCertificate *c;
- NSSDER encoding;
- NSSITEM_FROM_SECITEM(&encoding, derCert);
- cc = STAN_GetDefaultCryptoContext();
- c = NSSCryptoContext_FindCertificateByEncodedCertificate(cc, &encoding);
- if (!c) {
- c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
- &encoding);
- if (!c) return NULL;
- }
- return STAN_GetCERTCertificate(c);
-}
-
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name)
-{
- NSSCryptoContext *cc;
- NSSCertificate *c, *ct;
- CERTCertificate *cert;
- NSSUsage usage;
- usage.anyUsage = PR_TRUE;
- cc = STAN_GetDefaultCryptoContext();
- ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name,
- NULL, &usage, NULL);
- if (!ct) {
- ct = NSSCryptoContext_FindBestCertificateByEmail(cc, name,
- NULL, &usage, NULL);
- }
- cert = PK11_FindCertFromNickname(name, NULL);
- if (cert) {
- c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
- CERT_DestroyCertificate(cert);
- if (ct) {
- CERTCertificate *cert2 = STAN_GetCERTCertificate(ct);
- if (!cert2) {
- return NULL;
- }
- CERT_DestroyCertificate(cert2);
- }
- } else {
- c = ct;
- }
- if (c) {
- return STAN_GetCERTCertificate(c);
- }
- return NULL;
-}
-
-static void
-add_to_subject_list(CERTCertList *certList, CERTCertificate *cert,
- PRBool validOnly, int64 sorttime)
-{
- SECStatus secrv;
- if (!validOnly ||
- CERT_CheckCertValidTimes(cert, sorttime, PR_FALSE)
- == secCertTimeValid) {
- secrv = CERT_AddCertToListSorted(certList, cert,
- CERT_SortCBValidity,
- (void *)&sorttime);
- if (secrv != SECSuccess) {
- CERT_DestroyCertificate(cert);
- }
- } else {
- CERT_DestroyCertificate(cert);
- }
-}
-
-CERTCertList *
-CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- SECItem *name, int64 sorttime, PRBool validOnly)
-{
- NSSCryptoContext *cc;
- NSSCertificate **tSubjectCerts, **pSubjectCerts;
- NSSCertificate **ci;
- CERTCertificate *cert;
- NSSDER subject;
- PRBool myList = PR_FALSE;
- cc = STAN_GetDefaultCryptoContext();
- NSSITEM_FROM_SECITEM(&subject, name);
- /* Collect both temp and perm certs for the subject */
- tSubjectCerts = NSSCryptoContext_FindCertificatesBySubject(cc,
- &subject,
- NULL,
- 0,
- NULL);
- pSubjectCerts = NSSTrustDomain_FindCertificatesBySubject(handle,
- &subject,
- NULL,
- 0,
- NULL);
- if (!tSubjectCerts && !pSubjectCerts) {
- return NULL;
- }
- if (certList == NULL) {
- certList = CERT_NewCertList();
- myList = PR_TRUE;
- if (!certList) goto loser;
- }
- /* Iterate over the matching temp certs. Add them to the list */
- ci = tSubjectCerts;
- while (ci && *ci) {
- cert = STAN_GetCERTCertificate(*ci);
- if (cert) {
- add_to_subject_list(certList, cert, validOnly, sorttime);
- }
- ci++;
- }
- /* Iterate over the matching perm certs. Add them to the list */
- ci = pSubjectCerts;
- while (ci && *ci) {
- cert = STAN_GetCERTCertificate(*ci);
- if (cert) {
- add_to_subject_list(certList, cert, validOnly, sorttime);
- }
- ci++;
- }
- nss_ZFreeIf(tSubjectCerts);
- nss_ZFreeIf(pSubjectCerts);
- return certList;
-loser:
- nss_ZFreeIf(tSubjectCerts);
- nss_ZFreeIf(pSubjectCerts);
- if (myList && certList != NULL) {
- CERT_DestroyCertList(certList);
- }
- return NULL;
-}
-
-void
-CERT_DestroyCertificate(CERTCertificate *cert)
-{
- if ( cert ) {
- /* don't use STAN_GetNSSCertificate because we don't want to
- * go to the trouble of translating the CERTCertificate into
- * an NSSCertificate just to destroy it. If it hasn't been done
- * yet, don't do it at all.
- */
- NSSCertificate *tmp = cert->nssCertificate;
- if (tmp) {
- /* delete the NSSCertificate */
- NSSCertificate_Destroy(tmp);
- } else {
- PORT_FreeArena(cert->arena, PR_FALSE);
- }
- }
- return;
-}
-
-#ifdef notdef
-SECStatus
-CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb,
- CERTCertificate *cert, SECCertUsage usage)
-{
- SECStatus rv;
- CERTCertTrust trust;
- CERTCertTrust tmptrust;
- unsigned int certtype;
- PRBool saveit;
-
- saveit = PR_TRUE;
-
- PORT_Memset((void *)&trust, 0, sizeof(trust));
-
- certtype = cert->nsCertType;
-
- /* if no app bits in cert type, then set all app bits */
- if ( ! ( certtype & NS_CERT_TYPE_APP ) ) {
- certtype |= NS_CERT_TYPE_APP;
- }
-
- switch ( usage ) {
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- trust.emailFlags = CERTDB_VALID_PEER;
- if ( ! ( cert->rawKeyUsage & KU_KEY_ENCIPHERMENT ) ) {
- /* don't save it if KeyEncipherment is not allowed */
- saveit = PR_FALSE;
- }
- }
- break;
- case certUsageUserCertImport:
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- trust.emailFlags = CERTDB_VALID_PEER;
- }
- /* VALID_USER is already set if the cert was imported,
- * in the case that the cert was already in the database
- * through SMIME or other means, we should set the USER
- * flags, if they are not already set.
- */
- if( cert->isperm ) {
- if ( certtype & NS_CERT_TYPE_SSL_CLIENT ) {
- if( !(cert->trust->sslFlags & CERTDB_USER) ) {
- trust.sslFlags |= CERTDB_USER;
- }
- }
-
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- if( !(cert->trust->emailFlags & CERTDB_USER) ) {
- trust.emailFlags |= CERTDB_USER;
- }
- }
-
- if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING ) {
- if( !(cert->trust->objectSigningFlags & CERTDB_USER) ) {
- trust.objectSigningFlags |= CERTDB_USER;
- }
- }
- }
- break;
- default: /* XXX added to quiet warnings; no other cases needed? */
- break;
- }
-
- if ( (trust.sslFlags | trust.emailFlags | trust.objectSigningFlags) == 0 ){
- saveit = PR_FALSE;
- }
-
- if ( saveit && cert->isperm ) {
- /* Cert already in the DB. Just adjust flags */
- tmptrust = *cert->trust;
- tmptrust.sslFlags |= trust.sslFlags;
- tmptrust.emailFlags |= trust.emailFlags;
- tmptrust.objectSigningFlags |= trust.objectSigningFlags;
-
- rv = CERT_ChangeCertTrust(cert->dbhandle, cert,
- &tmptrust);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- rv = SECSuccess;
- goto done;
-
-loser:
- rv = SECFailure;
-done:
-
- return(rv);
-}
-#endif
-
-int
-CERT_GetDBContentVersion(CERTCertDBHandle *handle)
-{
- /* should read the DB content version from the pkcs #11 device */
- return 0;
-}
-
-SECStatus
-certdb_SaveSingleProfile(CERTCertificate *cert, const char *emailAddr,
- SECItem *emailProfile, SECItem *profileTime)
-{
- int64 oldtime;
- int64 newtime;
- SECStatus rv = SECFailure;
- PRBool saveit;
- SECItem oldprof, oldproftime;
- SECItem *oldProfile = NULL;
- SECItem *oldProfileTime = NULL;
- PK11SlotInfo *slot = NULL;
- NSSCertificate *c;
- NSSCryptoContext *cc;
- nssSMIMEProfile *stanProfile = NULL;
- PRBool freeOldProfile = PR_FALSE;
-
- c = STAN_GetNSSCertificate(cert);
- if (!c) return SECFailure;
- cc = c->object.cryptoContext;
- if (cc != NULL) {
- stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
- if (stanProfile) {
- PORT_Assert(stanProfile->profileData);
- SECITEM_FROM_NSSITEM(&oldprof, stanProfile->profileData);
- oldProfile = &oldprof;
- SECITEM_FROM_NSSITEM(&oldproftime, stanProfile->profileTime);
- oldProfileTime = &oldproftime;
- }
- } else {
- oldProfile = PK11_FindSMimeProfile(&slot, (char *)emailAddr,
- &cert->derSubject, &oldProfileTime);
- freeOldProfile = PR_TRUE;
- }
-
- saveit = PR_FALSE;
-
- /* both profileTime and emailProfile have to exist or not exist */
- if ( emailProfile == NULL ) {
- profileTime = NULL;
- } else if ( profileTime == NULL ) {
- emailProfile = NULL;
- }
-
- if ( oldProfileTime == NULL ) {
- saveit = PR_TRUE;
- } else {
- /* there was already a profile for this email addr */
- if ( profileTime ) {
- /* we have an old and new profile - save whichever is more recent*/
- if ( oldProfileTime->len == 0 ) {
- /* always replace if old entry doesn't have a time */
- oldtime = LL_MININT;
- } else {
- rv = DER_UTCTimeToTime(&oldtime, oldProfileTime);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- rv = DER_UTCTimeToTime(&newtime, profileTime);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- if ( LL_CMP(newtime, >, oldtime ) ) {
- /* this is a newer profile, save it and cert */
- saveit = PR_TRUE;
- }
- } else {
- saveit = PR_TRUE;
- }
- }
-
-
- if (saveit) {
- if (cc) {
- if (stanProfile) {
- /* stanProfile is already stored in the crypto context,
- * overwrite the data
- */
- NSSArena *arena = stanProfile->object.arena;
- stanProfile->profileTime = nssItem_Create(arena,
- NULL,
- profileTime->len,
- profileTime->data);
- stanProfile->profileData = nssItem_Create(arena,
- NULL,
- emailProfile->len,
- emailProfile->data);
- } else if (profileTime && emailProfile) {
- PRStatus nssrv;
- NSSDER subject;
- NSSItem profTime, profData;
- NSSItem *pprofTime, *pprofData;
- NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
- if (profileTime) {
- NSSITEM_FROM_SECITEM(&profTime, profileTime);
- pprofTime = &profTime;
- } else {
- pprofTime = NULL;
- }
- if (emailProfile) {
- NSSITEM_FROM_SECITEM(&profData, emailProfile);
- pprofData = &profData;
- } else {
- pprofData = NULL;
- }
- stanProfile = nssSMIMEProfile_Create(c, pprofTime, pprofData);
- if (!stanProfile) goto loser;
- nssrv = nssCryptoContext_ImportSMIMEProfile(cc, stanProfile);
- rv = (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
- }
- } else {
- rv = PK11_SaveSMimeProfile(slot, (char *)emailAddr,
- &cert->derSubject, emailProfile, profileTime);
- }
- } else {
- rv = SECSuccess;
- }
-
-loser:
- if (oldProfile && freeOldProfile) {
- SECITEM_FreeItem(oldProfile,PR_TRUE);
- }
- if (oldProfileTime && freeOldProfile) {
- SECITEM_FreeItem(oldProfileTime,PR_TRUE);
- }
- if (stanProfile) {
- nssSMIMEProfile_Destroy(stanProfile);
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
-
- return(rv);
-}
-
-/*
- *
- * Manage S/MIME profiles
- *
- */
-
-SECStatus
-CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
- SECItem *profileTime)
-{
- const char *emailAddr;
- SECStatus rv;
-
- if (!cert) {
- return SECFailure;
- }
-
- if (cert->slot && !PK11_IsInternal(cert->slot)) {
- /* this cert comes from an external source, we need to add it
- to the cert db before creating an S/MIME profile */
- PK11SlotInfo* internalslot = PK11_GetInternalKeySlot();
- if (!internalslot) {
- return SECFailure;
- }
- rv = PK11_ImportCert(internalslot, cert,
- CK_INVALID_HANDLE, NULL, PR_FALSE);
-
- PK11_FreeSlot(internalslot);
- if (rv != SECSuccess ) {
- return SECFailure;
- }
- }
-
-
- for (emailAddr = CERT_GetFirstEmailAddress(cert); emailAddr != NULL;
- emailAddr = CERT_GetNextEmailAddress(cert,emailAddr)) {
- rv = certdb_SaveSingleProfile(cert,emailAddr,emailProfile,profileTime);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- }
- return SECSuccess;
-
-}
-
-
-SECItem *
-CERT_FindSMimeProfile(CERTCertificate *cert)
-{
- PK11SlotInfo *slot = NULL;
- NSSCertificate *c;
- NSSCryptoContext *cc;
- SECItem *rvItem = NULL;
-
- c = STAN_GetNSSCertificate(cert);
- if (!c) return NULL;
- cc = c->object.cryptoContext;
- if (cc != NULL) {
- nssSMIMEProfile *stanProfile;
- stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
- if (stanProfile) {
- rvItem = SECITEM_AllocItem(NULL, NULL,
- stanProfile->profileData->size);
- if (rvItem) {
- rvItem->data = stanProfile->profileData->data;
- }
- nssSMIMEProfile_Destroy(stanProfile);
- }
- return rvItem;
- }
- rvItem =
- PK11_FindSMimeProfile(&slot, cert->emailAddr, &cert->derSubject, NULL);
- if (slot) {
- PK11_FreeSlot(slot);
- }
- return rvItem;
-}
-
-/*
- * depricated functions that are now just stubs.
- */
-/*
- * Close the database
- */
-void
-__CERT_ClosePermCertDB(CERTCertDBHandle *handle)
-{
- PORT_Assert("CERT_ClosePermCertDB is Depricated" == NULL);
- return;
-}
-
-SECStatus
-CERT_OpenCertDBFilename(CERTCertDBHandle *handle, char *certdbname,
- PRBool readOnly)
-{
- PORT_Assert("CERT_OpenCertDBFilename is Depricated" == NULL);
- return SECFailure;
-}
-
-SECItem *
-SECKEY_HashPassword(char *pw, SECItem *salt)
-{
- PORT_Assert("SECKEY_HashPassword is Depricated" == NULL);
- return NULL;
-}
-
-SECStatus
-__CERT_TraversePermCertsForSubject(CERTCertDBHandle *handle,
- SECItem *derSubject,
- void *cb, void *cbarg)
-{
- PORT_Assert("CERT_TraversePermCertsForSubject is Depricated" == NULL);
- return SECFailure;
-}
-
-
-SECStatus
-__CERT_TraversePermCertsForNickname(CERTCertDBHandle *handle, char *nickname,
- void *cb, void *cbarg)
-{
- PORT_Assert("CERT_TraversePermCertsForNickname is Depricated" == NULL);
- return SECFailure;
-}
-
-
-
diff --git a/security/nss/lib/certdb/xauthkid.c b/security/nss/lib/certdb/xauthkid.c
deleted file mode 100644
index 089d16f14..000000000
--- a/security/nss/lib/certdb/xauthkid.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 v3 Subject Key Usage Extension
- *
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "secport.h"
-#include "certt.h"
-#include "genname.h"
-#include "secerr.h"
-
-
-const SEC_ASN1Template CERTAuthKeyIDTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthKeyID) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTAuthKeyID,keyID), SEC_OctetStringTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTAuthKeyID, DERAuthCertIssuer), CERT_GeneralNamesTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(CERTAuthKeyID,authCertSerialNumber), SEC_IntegerTemplate},
- { 0 }
-};
-
-
-
-SECStatus CERT_EncodeAuthKeyID (PRArenaPool *arena, CERTAuthKeyID *value, SECItem *encodedValue)
-{
- SECStatus rv = SECFailure;
-
- PORT_Assert (value);
- PORT_Assert (arena);
- PORT_Assert (value->DERAuthCertIssuer == NULL);
- PORT_Assert (encodedValue);
-
- do {
-
- /* If both of the authCertIssuer and the serial number exist, encode
- the name first. Otherwise, it is an error if one exist and the other
- is not.
- */
- if (value->authCertIssuer) {
- if (!value->authCertSerialNumber.data) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
-
- value->DERAuthCertIssuer = cert_EncodeGeneralNames
- (arena, value->authCertIssuer);
- if (!value->DERAuthCertIssuer) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
- }
- else if (value->authCertSerialNumber.data) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
-
- if (SEC_ASN1EncodeItem (arena, encodedValue, value,
- CERTAuthKeyIDTemplate) == NULL)
- break;
- rv = SECSuccess;
-
- } while (0);
- return(rv);
-}
-
-CERTAuthKeyID *
-CERT_DecodeAuthKeyID (PRArenaPool *arena, SECItem *encodedValue)
-{
- CERTAuthKeyID * value = NULL;
- SECStatus rv = SECFailure;
- void * mark;
- SECItem newEncodedValue;
-
- PORT_Assert (arena);
-
- do {
- mark = PORT_ArenaMark (arena);
- value = (CERTAuthKeyID*)PORT_ArenaZAlloc (arena, sizeof (*value));
- value->DERAuthCertIssuer = NULL;
- if (value == NULL)
- break;
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue);
- if ( rv != SECSuccess ) {
- break;
- }
-
- rv = SEC_QuickDERDecodeItem
- (arena, value, CERTAuthKeyIDTemplate, &newEncodedValue);
- if (rv != SECSuccess)
- break;
-
- value->authCertIssuer = cert_DecodeGeneralNames (arena, value->DERAuthCertIssuer);
- if (value->authCertIssuer == NULL)
- break;
-
- /* what if the general name contains other format but not URI ?
- hl
- */
- if ((value->authCertSerialNumber.data && !value->authCertIssuer) ||
- (!value->authCertSerialNumber.data && value->authCertIssuer)){
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
- } while (0);
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease (arena, mark);
- return ((CERTAuthKeyID *)NULL);
- }
- PORT_ArenaUnmark(arena, mark);
- return (value);
-}
diff --git a/security/nss/lib/certdb/xbsconst.c b/security/nss/lib/certdb/xbsconst.c
deleted file mode 100644
index fea0e5dc8..000000000
--- a/security/nss/lib/certdb/xbsconst.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 v3 Basic Constraints Extension
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secerr.h"
-
-typedef struct EncodedContext{
- SECItem isCA;
- SECItem pathLenConstraint;
- SECItem encodedValue;
- PRArenaPool *arena;
-}EncodedContext;
-
-static const SEC_ASN1Template CERTBasicConstraintsTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(EncodedContext) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(EncodedContext,isCA)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(EncodedContext,pathLenConstraint) },
- { 0, }
-};
-
-static unsigned char hexTrue = 0xff;
-static unsigned char hexFalse = 0x00;
-
-#define GEN_BREAK(status) rv = status; break;
-
-SECStatus CERT_EncodeBasicConstraintValue
- (PRArenaPool *arena, CERTBasicConstraints *value, SECItem *encodedValue)
-{
- EncodedContext encodeContext;
- PRArenaPool *our_pool = NULL;
- SECStatus rv = SECSuccess;
-
- do {
- PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
- if (!value->isCA && value->pathLenConstraint >= 0) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- GEN_BREAK (SECFailure);
- }
-
- encodeContext.arena = arena;
- if (value->isCA == PR_TRUE) {
- encodeContext.isCA.data = &hexTrue ;
- encodeContext.isCA.len = 1;
- }
-
- /* If the pathLenConstraint is less than 0, then it should be
- * omitted from the encoding.
- */
- if (value->isCA && value->pathLenConstraint >= 0) {
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- GEN_BREAK (SECFailure);
- }
- if (SEC_ASN1EncodeUnsignedInteger
- (our_pool, &encodeContext.pathLenConstraint,
- (unsigned long)value->pathLenConstraint) == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- GEN_BREAK (SECFailure);
- }
- }
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
- CERTBasicConstraintsTemplate) == NULL) {
- GEN_BREAK (SECFailure);
- }
- } while (0);
- if (our_pool)
- PORT_FreeArena (our_pool, PR_FALSE);
- return(rv);
-
-}
-
-SECStatus CERT_DecodeBasicConstraintValue
- (CERTBasicConstraints *value, SECItem *encodedValue)
-{
- EncodedContext decodeContext;
- PRArenaPool *our_pool;
- SECStatus rv = SECSuccess;
-
- do {
- PORT_Memset (&decodeContext, 0, sizeof (decodeContext));
- /* initialize the value just in case we got "0x30 00", or when the
- pathLenConstraint is omitted.
- */
- decodeContext.isCA.data =&hexFalse;
- decodeContext.isCA.len = 1;
-
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- GEN_BREAK (SECFailure);
- }
-
- rv = SEC_QuickDERDecodeItem
- (our_pool, &decodeContext, CERTBasicConstraintsTemplate, encodedValue);
- if (rv == SECFailure)
- break;
-
- value->isCA = (PRBool)(*decodeContext.isCA.data);
- if (decodeContext.pathLenConstraint.data == NULL) {
- /* if the pathLenConstraint is not encoded, and the current setting
- is CA, then the pathLenConstraint should be set to a negative number
- for unlimited certificate path.
- */
- if (value->isCA)
- value->pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- }
- else if (value->isCA)
- value->pathLenConstraint = DER_GetUInteger (&decodeContext.pathLenConstraint);
- else {
- /* here we get an error where the subject is not a CA, but
- the pathLenConstraint is set */
- PORT_SetError (SEC_ERROR_BAD_DER);
- GEN_BREAK (SECFailure);
- break;
- }
-
- } while (0);
- PORT_FreeArena (our_pool, PR_FALSE);
- return (rv);
-
-}
diff --git a/security/nss/lib/certdb/xconst.c b/security/nss/lib/certdb/xconst.c
deleted file mode 100644
index d86483098..000000000
--- a/security/nss/lib/certdb/xconst.c
+++ /dev/null
@@ -1,257 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 Extension Encoding
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "xconst.h"
-#include "genname.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-
-static const SEC_ASN1Template CERTSubjectKeyIDTemplate[] = {
- { SEC_ASN1_OCTET_STRING }
-};
-
-
-static const SEC_ASN1Template CERTIA5TypeTemplate[] = {
- { SEC_ASN1_IA5_STRING }
-};
-
-
-static const SEC_ASN1Template CERTPrivateKeyUsagePeriodTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(PKUPEncodedContext) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(PKUPEncodedContext, notBefore), SEC_GeneralizedTimeTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(PKUPEncodedContext, notAfter), SEC_GeneralizedTimeTemplate},
- { 0, }
-};
-
-
-const SEC_ASN1Template CERTAltNameTemplate[] = {
- { SEC_ASN1_CONSTRUCTED, offsetof(AltNameEncodedContext, encodedGenName),
- CERT_GeneralNamesTemplate}
-};
-
-const SEC_ASN1Template CERTAuthInfoAccessItemTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTAuthInfoAccess) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTAuthInfoAccess, method) },
- { SEC_ASN1_ANY,
- offsetof(CERTAuthInfoAccess, derLocation) },
- { 0, }
-};
-
-const SEC_ASN1Template CERTAuthInfoAccessTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CERTAuthInfoAccessItemTemplate }
-};
-
-
-SECStatus
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue)
-{
- SECItem encodeContext;
- SECStatus rv = SECSuccess;
-
-
- PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-
- if (value != NULL) {
- encodeContext.data = (unsigned char *)value;
- encodeContext.len = len;
- }
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
- CERTSubjectKeyIDTemplate) == NULL) {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-
-SECStatus
-CERT_EncodePublicKeyUsagePeriod(PRArenaPool *arena, PKUPEncodedContext *pkup, SECItem *encodedValue)
-{
- SECStatus rv = SECSuccess;
-
- if (SEC_ASN1EncodeItem (arena, encodedValue, pkup,
- CERTPrivateKeyUsagePeriodTemplate) == NULL) {
- rv = SECFailure;
- }
- return(rv);
-}
-
-
-SECStatus
-CERT_EncodeIA5TypeExtension(PRArenaPool *arena, char *value, SECItem *encodedValue)
-{
- SECItem encodeContext;
- SECStatus rv = SECSuccess;
-
-
- PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-
- if (value != NULL) {
- encodeContext.data = (unsigned char *)value;
- encodeContext.len = strlen(value);
- }
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
- CERTIA5TypeTemplate) == NULL) {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-SECStatus
-CERT_EncodeAltNameExtension(PRArenaPool *arena, CERTGeneralName *value, SECItem *encodedValue)
-{
- SECItem **encodedGenName;
- SECStatus rv = SECSuccess;
-
- encodedGenName = cert_EncodeGeneralNames(arena, value);
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodedGenName,
- CERT_GeneralNamesTemplate) == NULL) {
- rv = SECFailure;
- }
-
- return rv;
-}
-
-CERTGeneralName *
-CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName)
-{
- SECStatus rv = SECSuccess;
- AltNameEncodedContext encodedContext;
-
- encodedContext.encodedGenName = NULL;
- PORT_Memset(&encodedContext, 0, sizeof(AltNameEncodedContext));
- rv = SEC_ASN1DecodeItem (arena, &encodedContext, CERT_GeneralNamesTemplate,
- EncodedAltName);
- if (rv == SECFailure) {
- goto loser;
- }
- if (encodedContext.encodedGenName)
- return cert_DecodeGeneralNames(arena, encodedContext.encodedGenName);
- /* Extension contained an empty GeneralNames sequence */
- /* Treat as extension not found */
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
-loser:
- return NULL;
-}
-
-
-SECStatus
-CERT_EncodeNameConstraintsExtension(PRArenaPool *arena,
- CERTNameConstraints *value,
- SECItem *encodedValue)
-{
- SECStatus rv = SECSuccess;
-
- rv = cert_EncodeNameConstraints(value, arena, encodedValue);
- return rv;
-}
-
-
-CERTNameConstraints *
-CERT_DecodeNameConstraintsExtension(PRArenaPool *arena,
- SECItem *encodedConstraints)
-{
- return cert_DecodeNameConstraints(arena, encodedConstraints);
-}
-
-
-CERTAuthInfoAccess **
-cert_DecodeAuthInfoAccessExtension(PRArenaPool *arena,
- SECItem *encodedExtension)
-{
- CERTAuthInfoAccess **info = NULL;
- SECStatus rv;
- int i;
-
- rv = SEC_ASN1DecodeItem(arena, &info, CERTAuthInfoAccessTemplate,
- encodedExtension);
- if (rv != SECSuccess || info == NULL) {
- return NULL;
- }
-
- for (i = 0; info[i] != NULL; i++) {
- info[i]->location = CERT_DecodeGeneralName(arena,
- &(info[i]->derLocation),
- NULL);
- }
- return info;
-}
-
-SECStatus
-cert_EncodeAuthInfoAccessExtension(PRArenaPool *arena,
- CERTAuthInfoAccess **info,
- SECItem *dest)
-{
- SECItem *dummy;
- int i;
-
- PORT_Assert(info != NULL);
- PORT_Assert(dest != NULL);
- if (info == NULL || dest == NULL) {
- return SECFailure;
- }
-
- for (i = 0; info[i] != NULL; i++) {
- if (CERT_EncodeGeneralName(info[i]->location, &(info[i]->derLocation),
- arena) == NULL)
- /* Note that this may leave some of the locations filled in. */
- return SECFailure;
- }
- dummy = SEC_ASN1EncodeItem(arena, dest, &info,
- CERTAuthInfoAccessTemplate);
- if (dummy == NULL) {
- return SECFailure;
- }
- return SECSuccess;
-}
diff --git a/security/nss/lib/certdb/xconst.h b/security/nss/lib/certdb/xconst.h
deleted file mode 100644
index e615fa3b4..000000000
--- a/security/nss/lib/certdb/xconst.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "certt.h"
-
-typedef struct PKUPEncodedContext{
- SECItem notBefore;
- SECItem notAfter;
- /* SECItem encodedValue; */
- PRArenaPool *arena;
-}PKUPEncodedContext;
-
-typedef struct AltNameEncodedContext{
- SECItem **encodedGenName;
-}AltNameEncodedContext;
-
-
-typedef struct NameConstraint{
- CERTGeneralName generalName;
- int min;
- int max;
-}NameConstraint;
-
-
-
-extern SECStatus
-CERT_EncodePublicKeyUsagePeriod(PRArenaPool *arena, PKUPEncodedContext *pkup,
- SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeNameConstraintsExtension(PRArenaPool *arena, CERTNameConstraints *value,
- SECItem *encodedValue);
-extern CERTGeneralName *
-CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName);
-
-extern CERTNameConstraints *
-CERT_DecodeNameConstraintsExtension(PRArenaPool *arena, SECItem *encodedConstraints);
-
-extern SECStatus
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeIA5TypeExtension(PRArenaPool *arena, char *value, SECItem *encodedValue);
-
-CERTAuthInfoAccess **
-cert_DecodeAuthInfoAccessExtension(PRArenaPool *arena,
- SECItem *encodedExtension);
-
-SECStatus
-cert_EncodeAuthInfoAccessExtension(PRArenaPool *arena,
- CERTAuthInfoAccess **info,
- SECItem *dest);
diff --git a/security/nss/lib/certhigh/Makefile b/security/nss/lib/certhigh/Makefile
deleted file mode 100644
index 08b7137d5..000000000
--- a/security/nss/lib/certhigh/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c
deleted file mode 100644
index 3b818d370..000000000
--- a/security/nss/lib/certhigh/certhigh.c
+++ /dev/null
@@ -1,1206 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-#include "secerr.h"
-#include "secasn1.h"
-#include "seccomon.h"
-#include "pk11func.h"
-#include "certdb.h"
-#include "certt.h"
-#include "cert.h"
-#include "certxutl.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif
-#include "nsspki.h"
-#include "pki.h"
-#include "pkit.h"
-#include "pkitm.h"
-#include "pki3hack.h"
-
-
-PRBool
-CERT_MatchNickname(char *name1, char *name2) {
- char *nickname1= NULL;
- char *nickname2 = NULL;
- char *token1;
- char *token2;
- char *token = NULL;
- int len;
-
- /* first deal with the straight comparison */
- if (PORT_Strcmp(name1, name2) == 0) {
- return PR_TRUE;
- }
- /* we need to handle the case where one name has an explicit token and the other
- * doesn't */
- token1 = PORT_Strchr(name1,':');
- token2 = PORT_Strchr(name2,':');
- if ((token1 && token2) || (!token1 && !token2)) {
- /* either both token names are specified or neither are, not match */
- return PR_FALSE;
- }
- if (token1) {
- token=name1;
- nickname1=token1;
- nickname2=name2;
- } else {
- token=name2;
- nickname1=token2;
- nickname2=name1;
- }
- len = nickname1-token;
- nickname1++;
- if (PORT_Strcmp(nickname1,nickname2) != 0) {
- return PR_FALSE;
- }
- /* compare the other token with the internal slot here */
- return PR_TRUE;
-}
-
-/*
- * Find all user certificates that match the given criteria.
- *
- * "handle" - database to search
- * "usage" - certificate usage to match
- * "oneCertPerName" - if set then only return the "best" cert per
- * name
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertList *
-CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
- SECCertUsage usage,
- PRBool oneCertPerName,
- PRBool validOnly,
- void *proto_win)
-{
- CERTCertNicknames *nicknames = NULL;
- char **nnptr;
- int nn;
- CERTCertificate *cert = NULL;
- CERTCertList *certList = NULL;
- SECStatus rv;
- int64 time;
- CERTCertListNode *node = NULL;
- CERTCertListNode *freenode = NULL;
- int n;
-
- time = PR_Now();
-
- nicknames = CERT_GetCertNicknames(handle, SEC_CERT_NICKNAMES_USER,
- proto_win);
-
- if ( ( nicknames == NULL ) || ( nicknames->numnicknames == 0 ) ) {
- goto loser;
- }
-
- nnptr = nicknames->nicknames;
- nn = nicknames->numnicknames;
-
- while ( nn > 0 ) {
- cert = NULL;
- /* use the pk11 call so that we pick up any certs on tokens,
- * which may require login
- */
- if ( proto_win != NULL ) {
- cert = PK11_FindCertFromNickname(*nnptr,proto_win);
- }
-
- /* Sigh, It turns out if the cert is already in the temp db, because
- * it's in the perm db, then the nickname lookup doesn't work.
- * since we already have the cert here, though, than we can just call
- * CERT_CreateSubjectCertList directly. For those cases where we didn't
- * find the cert in pkcs #11 (because we didn't have a password arg,
- * or because the nickname is for a peer, server, or CA cert, then we
- * go look the cert up.
- */
- if (cert == NULL) {
- cert = CERT_FindCertByNickname(handle,*nnptr);
- }
-
- if ( cert != NULL ) {
- /* collect certs for this nickname, sorting them into the list */
- certList = CERT_CreateSubjectCertList(certList, handle,
- &cert->derSubject, time, validOnly);
-
- CERT_FilterCertListForUserCerts(certList);
-
- /* drop the extra reference */
- CERT_DestroyCertificate(cert);
- }
-
- nnptr++;
- nn--;
- }
-
- /* remove certs with incorrect usage */
- rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* remove any extra certs for each name */
- if ( oneCertPerName ) {
- PRBool *flags;
-
- nn = nicknames->numnicknames;
- nnptr = nicknames->nicknames;
-
- flags = (PRBool *)PORT_ZAlloc(sizeof(PRBool) * nn);
- if ( flags == NULL ) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- /* treverse all certs in the list */
- while ( !CERT_LIST_END(node, certList) ) {
-
- /* find matching nickname index */
- for ( n = 0; n < nn; n++ ) {
- if ( CERT_MatchNickname(nnptr[n], node->cert->nickname) ) {
- /* We found a match. If this is the first one, then
- * set the flag and move on to the next cert. If this
- * is not the first one then delete it from the list.
- */
- if ( flags[n] ) {
- /* We have already seen a cert with this nickname,
- * so delete this one.
- */
- freenode = node;
- node = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(freenode);
- } else {
- /* keep the first cert for each nickname, but set the
- * flag so we know to delete any others with the same
- * nickname.
- */
- flags[n] = PR_TRUE;
- node = CERT_LIST_NEXT(node);
- }
- break;
- }
- }
- if ( n == nn ) {
- /* if we get here it means that we didn't find a matching
- * nickname, which should not happen.
- */
- PORT_Assert(0);
- node = CERT_LIST_NEXT(node);
- }
- }
- PORT_Free(flags);
- }
-
- goto done;
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
-
-done:
- if ( nicknames != NULL ) {
- CERT_FreeNicknames(nicknames);
- }
-
- return(certList);
-}
-
-/*
- * Find a user certificate that matchs the given criteria.
- *
- * "handle" - database to search
- * "nickname" - nickname to match
- * "usage" - certificate usage to match
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertificate *
-CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
- char *nickname,
- SECCertUsage usage,
- PRBool validOnly,
- void *proto_win)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *certList = NULL;
- SECStatus rv;
- int64 time;
-
- time = PR_Now();
-
- /* use the pk11 call so that we pick up any certs on tokens,
- * which may require login
- */
- /* XXX - why is this restricted? */
- if ( proto_win != NULL ) {
- cert = PK11_FindCertFromNickname(nickname,proto_win);
- }
-
-
- /* sigh, There are still problems find smart cards from the temp
- * db. This will get smart cards working again. The real fix
- * is to make sure we can search the temp db by their token nickname.
- */
- if (cert == NULL) {
- cert = CERT_FindCertByNickname(handle,nickname);
- }
-
- if ( cert != NULL ) {
- /* collect certs for this nickname, sorting them into the list */
- certList = CERT_CreateSubjectCertList(certList, handle,
- &cert->derSubject, time, validOnly);
-
- CERT_FilterCertListForUserCerts(certList);
-
- /* drop the extra reference */
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
-
- if ( certList == NULL ) {
- goto loser;
- }
-
- /* remove certs with incorrect usage */
- rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- if ( ! CERT_LIST_END(CERT_LIST_HEAD(certList), certList) ) {
- cert = CERT_DupCertificate(CERT_LIST_HEAD(certList)->cert);
- }
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- }
-
- return(cert);
-}
-
-CERTCertList *
-CERT_MatchUserCert(CERTCertDBHandle *handle,
- SECCertUsage usage,
- int nCANames, char **caNames,
- void *proto_win)
-{
- CERTCertList *certList = NULL;
- SECStatus rv;
-
- certList = CERT_FindUserCertsByUsage(handle, usage, PR_TRUE, PR_TRUE,
- proto_win);
- if ( certList == NULL ) {
- goto loser;
- }
-
- rv = CERT_FilterCertListByCANames(certList, nCANames, caNames, usage);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- goto done;
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
-
-done:
-
- return(certList);
-}
-
-
-typedef struct stringNode {
- struct stringNode *next;
- char *string;
-} stringNode;
-
-static PRStatus
-CollectNicknames( NSSCertificate *c, void *data)
-{
- CERTCertNicknames *names;
- PRBool saveit = PR_FALSE;
- stringNode *node;
- int len;
-#ifdef notdef
- NSSTrustDomain *td;
- NSSTrust *trust;
-#endif
- char *stanNickname;
- char *nickname = NULL;
-
- names = (CERTCertNicknames *)data;
-
- stanNickname = nssCertificate_GetNickname(c,NULL);
-
- if ( stanNickname ) {
- if (names->what == SEC_CERT_NICKNAMES_USER) {
- saveit = NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL);
- }
-#ifdef notdef
- else {
- td = NSSCertificate_GetTrustDomain(c);
- if (!td) {
- return PR_SUCCESS;
- }
- trust = nssTrustDomain_FindTrustForCertificate(td,c);
-
- switch(names->what) {
- case SEC_CERT_NICKNAMES_ALL:
- if ((trust->sslFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ||
- (trust->emailFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ||
- (trust->objectSigningFlags &
- (CERTDB_VALID_CA|CERTDB_VALID_PEER))) {
- saveit = PR_TRUE;
- }
-
- break;
- case SEC_CERT_NICKNAMES_SERVER:
- if ( trust->sslFlags & CERTDB_VALID_PEER ) {
- saveit = PR_TRUE;
- }
-
- break;
- case SEC_CERT_NICKNAMES_CA:
- if (((trust->sslFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA)||
- ((trust->emailFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA) ||
- ((trust->objectSigningFlags & CERTDB_VALID_CA )
- == CERTDB_VALID_CA)) {
- saveit = PR_TRUE;
- }
- break;
- }
- }
-#endif
- }
-
- /* traverse the list of collected nicknames and make sure we don't make
- * a duplicate
- */
- if ( saveit ) {
- nickname = STAN_GetCERTCertificateName(c);
- /* nickname can only be NULL here if we are having memory
- * alloc problems */
- if (nickname == NULL) {
- return PR_FAILURE;
- }
- node = (stringNode *)names->head;
- while ( node != NULL ) {
- if ( PORT_Strcmp(nickname, node->string) == 0 ) {
- /* if the string matches, then don't save this one */
- saveit = PR_FALSE;
- break;
- }
- node = node->next;
- }
- }
-
- if ( saveit ) {
-
- /* allocate the node */
- node = (stringNode*)PORT_ArenaAlloc(names->arena, sizeof(stringNode));
- if ( node == NULL ) {
- return(PR_FAILURE);
- }
-
- /* copy the string */
- len = PORT_Strlen(nickname) + 1;
- node->string = (char*)PORT_ArenaAlloc(names->arena, len);
- if ( node->string == NULL ) {
- if (nickname) PORT_Free(nickname);
- return(PR_FAILURE);
- }
- PORT_Memcpy(node->string, nickname, len);
-
- /* link it into the list */
- node->next = (stringNode *)names->head;
- names->head = (void *)node;
-
- /* bump the count */
- names->numnicknames++;
- }
-
- if (nickname) PORT_Free(nickname);
- return(PR_SUCCESS);
-}
-
-CERTCertNicknames *
-CERT_GetCertNicknames(CERTCertDBHandle *handle, int what, void *wincx)
-{
- PRArenaPool *arena;
- CERTCertNicknames *names;
- int i;
- stringNode *node;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(NULL);
- }
-
- names = (CERTCertNicknames *)PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
- if ( names == NULL ) {
- goto loser;
- }
-
- names->arena = arena;
- names->head = NULL;
- names->numnicknames = 0;
- names->nicknames = NULL;
- names->what = what;
- names->totallen = 0;
-
- /* make sure we are logged in */
- (void) pk11_TraverseAllSlots(NULL, NULL, wincx);
-
- NSSTrustDomain_TraverseCertificates(handle,
- CollectNicknames, (void *)names);
- if ( names->numnicknames ) {
- names->nicknames = (char**)PORT_ArenaAlloc(arena,
- names->numnicknames * sizeof(char *));
-
- if ( names->nicknames == NULL ) {
- goto loser;
- }
-
- node = (stringNode *)names->head;
-
- for ( i = 0; i < names->numnicknames; i++ ) {
- PORT_Assert(node != NULL);
-
- names->nicknames[i] = node->string;
- names->totallen += PORT_Strlen(node->string);
- node = node->next;
- }
-
- PORT_Assert(node == NULL);
- }
-
- return(names);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(NULL);
-}
-
-void
-CERT_FreeNicknames(CERTCertNicknames *nicknames)
-{
- PORT_FreeArena(nicknames->arena, PR_FALSE);
-
- return;
-}
-
-/* [ FROM pcertdb.c ] */
-
-typedef struct dnameNode {
- struct dnameNode *next;
- SECItem name;
-} dnameNode;
-
-void
-CERT_FreeDistNames(CERTDistNames *names)
-{
- PORT_FreeArena(names->arena, PR_FALSE);
-
- return;
-}
-
-static SECStatus
-CollectDistNames( CERTCertificate *cert, SECItem *k, void *data)
-{
- CERTDistNames *names;
- PRBool saveit = PR_FALSE;
- CERTCertTrust *trust;
- dnameNode *node;
- int len;
-
- names = (CERTDistNames *)data;
-
- if ( cert->trust ) {
- trust = cert->trust;
-
- /* only collect names of CAs trusted for issuing SSL clients */
- if ( trust->sslFlags & CERTDB_TRUSTED_CLIENT_CA ) {
- saveit = PR_TRUE;
- }
- }
-
- if ( saveit ) {
- /* allocate the node */
- node = (dnameNode*)PORT_ArenaAlloc(names->arena, sizeof(dnameNode));
- if ( node == NULL ) {
- return(SECFailure);
- }
-
- /* copy the name */
- node->name.len = len = cert->derSubject.len;
- node->name.type = siBuffer;
- node->name.data = (unsigned char*)PORT_ArenaAlloc(names->arena, len);
- if ( node->name.data == NULL ) {
- return(SECFailure);
- }
- PORT_Memcpy(node->name.data, cert->derSubject.data, len);
-
- /* link it into the list */
- node->next = (dnameNode *)names->head;
- names->head = (void *)node;
-
- /* bump the count */
- names->nnames++;
- }
-
- return(SECSuccess);
-}
-
-/*
- * Return all of the CAs that are "trusted" for SSL.
- */
-CERTDistNames *
-CERT_GetSSLCACerts(CERTCertDBHandle *handle)
-{
- PRArenaPool *arena;
- CERTDistNames *names;
- int i;
- SECStatus rv;
- dnameNode *node;
-
- /* allocate an arena to use */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(NULL);
- }
-
- /* allocate the header structure */
- names = (CERTDistNames *)PORT_ArenaAlloc(arena, sizeof(CERTDistNames));
- if ( names == NULL ) {
- goto loser;
- }
-
- /* initialize the header struct */
- names->arena = arena;
- names->head = NULL;
- names->nnames = 0;
- names->names = NULL;
-
- /* collect the names from the database */
- rv = PK11_TraverseSlotCerts(CollectDistNames, (void *)names, NULL);
- if ( rv ) {
- goto loser;
- }
-
- /* construct the array from the list */
- if ( names->nnames ) {
- names->names = (SECItem*)PORT_ArenaAlloc(arena, names->nnames * sizeof(SECItem));
-
- if ( names->names == NULL ) {
- goto loser;
- }
-
- node = (dnameNode *)names->head;
-
- for ( i = 0; i < names->nnames; i++ ) {
- PORT_Assert(node != NULL);
-
- names->names[i] = node->name;
- node = node->next;
- }
-
- PORT_Assert(node == NULL);
- }
-
- return(names);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(NULL);
-}
-
-CERTDistNames *
-CERT_DistNamesFromNicknames(CERTCertDBHandle *handle, char **nicknames,
- int nnames)
-{
- CERTDistNames *dnames = NULL;
- PRArenaPool *arena;
- int i, rv;
- SECItem *names = NULL;
- CERTCertificate *cert = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto loser;
- dnames = (CERTDistNames*)PORT_Alloc(sizeof(CERTDistNames));
- if (dnames == NULL) goto loser;
-
- dnames->arena = arena;
- dnames->nnames = nnames;
- dnames->names = names = (SECItem*)PORT_Alloc(nnames * sizeof(SECItem));
- if (names == NULL) goto loser;
-
- for (i = 0; i < nnames; i++) {
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, nicknames[i]);
- if (cert == NULL) goto loser;
- rv = SECITEM_CopyItem(arena, &names[i], &cert->derSubject);
- if (rv == SECFailure) goto loser;
- CERT_DestroyCertificate(cert);
- }
- return dnames;
-
-loser:
- if (cert != NULL)
- CERT_DestroyCertificate(cert);
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/* [ from pcertdb.c - calls Ascii to Name ] */
-/*
- * Lookup a certificate in the database by name
- */
-CERTCertificate *
-CERT_FindCertByNameString(CERTCertDBHandle *handle, char *nameStr)
-{
- CERTName *name;
- SECItem *nameItem;
- CERTCertificate *cert = NULL;
- PRArenaPool *arena = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( arena == NULL ) {
- goto loser;
- }
-
- name = CERT_AsciiToName(nameStr);
-
- if ( name ) {
- nameItem = SEC_ASN1EncodeItem (arena, NULL, (void *)name,
- CERT_NameTemplate);
- if ( nameItem == NULL ) {
- goto loser;
- }
-
- cert = CERT_FindCertByName(handle, nameItem);
- CERT_DestroyName(name);
- }
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(cert);
-}
-
-/* From certv3.c */
-
-CERTCrlDistributionPoints *
-CERT_FindCRLDistributionPoints (CERTCertificate *cert)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_CRL_DIST_POINTS,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (NULL);
- }
-
- return (CERT_DecodeCRLDistributionPoints (cert->arena,
- &encodedExtenValue));
-}
-
-/* From crl.c */
-CERTSignedCrl * CERT_ImportCRL
- (CERTCertDBHandle *handle, SECItem *derCRL, char *url, int type, void *wincx)
-{
- CERTSignedCrl* retCrl = NULL;
- PK11SlotInfo* slot = PK11_GetInternalKeySlot();
- retCrl = PK11_ImportCRL(slot, derCRL, url, type, wincx,
- CRL_IMPORT_DEFAULT_OPTIONS, NULL, CRL_DECODE_DEFAULT_OPTIONS);
- PK11_FreeSlot(slot);
-
- return retCrl;
-}
-
-/* From certdb.c */
-static SECStatus
-cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool trusted)
-{
- SECStatus rv;
- SECItem *derCert;
- PRArenaPool *arena;
- CERTCertificate *cert = NULL;
- CERTCertificate *newcert = NULL;
- CERTCertDBHandle *handle;
- CERTCertTrust trust;
- PRBool isca;
- char *nickname;
- unsigned int certtype;
-
- handle = CERT_GetDefaultCertDB();
-
- arena = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( ! arena ) {
- goto loser;
- }
-
- while (numcerts--) {
- derCert = certs;
- certs++;
-
- /* decode my certificate */
- /* This use is ok -- only looks at decoded parts, calls NewTemp later */
- newcert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if ( newcert == NULL ) {
- goto loser;
- }
-
- if (!trusted) {
- /* make sure that cert is valid */
- rv = CERT_CertTimesValid(newcert);
- if ( rv == SECFailure ) {
- goto endloop;
- }
- }
-
- /* does it have the CA extension */
-
- /*
- * Make sure that if this is an intermediate CA in the chain that
- * it was given permission by its signer to be a CA.
- */
- isca = CERT_IsCACert(newcert, &certtype);
-
- if ( !isca ) {
- if (!trusted) {
- goto endloop;
- }
- trust.sslFlags = CERTDB_VALID_CA;
- trust.emailFlags = CERTDB_VALID_CA;
- trust.objectSigningFlags = CERTDB_VALID_CA;
- } else {
- /* SSL ca's must have the ssl bit set */
- if ( ( certUsage == certUsageSSLCA ) &&
- (( certtype & NS_CERT_TYPE_SSL_CA ) != NS_CERT_TYPE_SSL_CA )) {
- goto endloop;
- }
-
- /* it passed all of the tests, so lets add it to the database */
- /* mark it as a CA */
- PORT_Memset((void *)&trust, 0, sizeof(trust));
- switch ( certUsage ) {
- case certUsageSSLCA:
- trust.sslFlags = CERTDB_VALID_CA;
- break;
- case certUsageUserCertImport:
- if ((certtype & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
- trust.sslFlags = CERTDB_VALID_CA;
- }
- if ((certtype & NS_CERT_TYPE_EMAIL_CA)
- == NS_CERT_TYPE_EMAIL_CA ) {
- trust.emailFlags = CERTDB_VALID_CA;
- }
- if ( ( certtype & NS_CERT_TYPE_OBJECT_SIGNING_CA ) ==
- NS_CERT_TYPE_OBJECT_SIGNING_CA ) {
- trust.objectSigningFlags = CERTDB_VALID_CA;
- }
- break;
- default:
- PORT_Assert(0);
- break;
- }
- }
-
- cert = CERT_NewTempCertificate(handle, derCert, NULL,
- PR_FALSE, PR_FALSE);
- if ( cert == NULL ) {
- goto loser;
- }
-
- /* if the cert is temp, make it perm; otherwise we're done */
- if (cert->istemp) {
- /* get a default nickname for it */
- nickname = CERT_MakeCANickname(cert);
-
- rv = CERT_AddTempCertToPerm(cert, nickname, &trust);
-
- /* free the nickname */
- if ( nickname ) {
- PORT_Free(nickname);
- }
- } else {
- rv = SECSuccess;
- }
-
- CERT_DestroyCertificate(cert);
- cert = NULL;
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
-endloop:
- if ( newcert ) {
- CERT_DestroyCertificate(newcert);
- newcert = NULL;
- }
-
- }
-
- rv = SECSuccess;
- goto done;
-loser:
- rv = SECFailure;
-done:
-
- if ( newcert ) {
- CERT_DestroyCertificate(newcert);
- newcert = NULL;
- }
-
- if ( cert ) {
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-SECStatus
-CERT_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage)
-{
- return cert_ImportCAChain(certs, numcerts, certUsage, PR_FALSE);
-}
-
-SECStatus
-CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage) {
- return cert_ImportCAChain(certs, numcerts, certUsage, PR_TRUE);
-}
-
-/* Moved from certdb.c */
-/*
-** CERT_CertChainFromCert
-**
-** Construct a CERTCertificateList consisting of the given certificate and all
-** of the issuer certs until we either get to a self-signed cert or can't find
-** an issuer. Since we don't know how many certs are in the chain we have to
-** build a linked list first as we count them.
-*/
-
-typedef struct certNode {
- struct certNode *next;
- CERTCertificate *cert;
-} certNode;
-
-CERTCertificateList *
-CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool includeRoot)
-{
-#ifdef NSS_CLASSIC
- CERTCertificateList *chain = NULL;
- CERTCertificate *c;
- SECItem *p;
- int rv, len = 0;
- PRArenaPool *tmpArena, *arena;
- certNode *head, *tail, *node;
-
- /*
- * Initialize stuff so we can goto loser.
- */
- head = NULL;
- arena = NULL;
-
- /* arena for linked list */
- tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (tmpArena == NULL) goto no_memory;
-
- /* arena for SecCertificateList */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto no_memory;
-
- head = tail = (certNode*)PORT_ArenaZAlloc(tmpArena, sizeof(certNode));
- if (head == NULL) goto no_memory;
-
- /* put primary cert first in the linked list */
- head->cert = c = CERT_DupCertificate(cert);
- if (head->cert == NULL) goto loser;
- len++;
-
- /* add certs until we come to a self-signed one */
- while(SECITEM_CompareItem(&c->derIssuer, &c->derSubject) != SECEqual) {
- c = CERT_FindCertIssuer(tail->cert, PR_Now(), usage);
- if (c == NULL) {
- /* no root is found, so make sure we don't attempt to delete one
- * below
- */
- includeRoot = PR_TRUE;
- break;
- }
-
- tail->next = (certNode*)PORT_ArenaZAlloc(tmpArena, sizeof(certNode));
- tail = tail->next;
- if (tail == NULL) goto no_memory;
-
- tail->cert = c;
- len++;
- }
-
- /* now build the CERTCertificateList */
- chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
- if (chain == NULL) goto no_memory;
- chain->certs = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
- if (chain->certs == NULL) goto no_memory;
-
- for(node = head, p = chain->certs; node; node = node->next, p++) {
- rv = SECITEM_CopyItem(arena, p, &node->cert->derCert);
- CERT_DestroyCertificate(node->cert);
- node->cert = NULL;
- if (rv < 0) goto loser;
- }
- if ( !includeRoot && len > 1) {
- chain->len = len - 1;
- } else {
- chain->len = len;
- }
-
- chain->arena = arena;
-
- PORT_FreeArena(tmpArena, PR_FALSE);
-
- return chain;
-
-no_memory:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
- if (head != NULL) {
- for (node = head; node; node = node->next) {
- if (node->cert != NULL)
- CERT_DestroyCertificate(node->cert);
- }
- }
-
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if (tmpArena != NULL) {
- PORT_FreeArena(tmpArena, PR_FALSE);
- }
-
- return NULL;
-#else
- CERTCertificateList *chain = NULL;
- NSSCertificate **stanChain;
- NSSCertificate *stanCert;
- PRArenaPool *arena;
- NSSUsage nssUsage;
- int i, len;
-
- stanCert = STAN_GetNSSCertificate(cert);
- nssUsage.anyUsage = PR_FALSE;
- nssUsage.nss3usage = usage;
- nssUsage.nss3lookingForCA = PR_FALSE;
- stanChain = NSSCertificate_BuildChain(stanCert, NULL, &nssUsage, NULL,
- NULL, 0, NULL, NULL);
- if (!stanChain) {
- return NULL;
- }
-
- len = 0;
- stanCert = stanChain[0];
- while (stanCert) {
- stanCert = stanChain[++len];
- }
-
- arena = PORT_NewArena(4096);
- if (arena == NULL) {
- goto loser;
- }
-
- chain = (CERTCertificateList *)PORT_ArenaAlloc(arena,
- sizeof(CERTCertificateList));
- if (!chain) goto loser;
- chain->certs = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
- if (!chain->certs) goto loser;
- i = 0;
- stanCert = stanChain[i];
- while (stanCert) {
- SECItem derCert;
- CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);
- if (!cCert) {
- goto loser;
- }
- derCert.len = (unsigned int)stanCert->encoding.size;
- derCert.data = (unsigned char *)stanCert->encoding.data;
- derCert.type = siBuffer;
- SECITEM_CopyItem(arena, &chain->certs[i], &derCert);
- stanCert = stanChain[++i];
- if (!stanCert && !cCert->isRoot) {
- /* reached the end of the chain, but the final cert is
- * not a root. Don't discard it.
- */
- includeRoot = PR_TRUE;
- }
- CERT_DestroyCertificate(cCert);
- }
- if ( !includeRoot && len > 1) {
- chain->len = len - 1;
- } else {
- chain->len = len;
- }
-
- chain->arena = arena;
- nss_ZFreeIf(stanChain);
- return chain;
-loser:
- i = 0;
- stanCert = stanChain[i];
- while (stanCert) {
- CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);
- if (cCert) {
- CERT_DestroyCertificate(cCert);
- }
- stanCert = stanChain[++i];
- }
- nss_ZFreeIf(stanChain);
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-#endif
-}
-
-/* Builds a CERTCertificateList holding just one DER-encoded cert, namely
-** the one for the cert passed as an argument.
-*/
-CERTCertificateList *
-CERT_CertListFromCert(CERTCertificate *cert)
-{
- CERTCertificateList *chain = NULL;
- int rv;
- PRArenaPool *arena;
-
- /* arena for SecCertificateList */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto no_memory;
-
- /* build the CERTCertificateList */
- chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
- if (chain == NULL) goto no_memory;
- chain->certs = (SECItem*)PORT_ArenaAlloc(arena, 1 * sizeof(SECItem));
- if (chain->certs == NULL) goto no_memory;
- rv = SECITEM_CopyItem(arena, chain->certs, &(cert->derCert));
- if (rv < 0) goto loser;
- chain->len = 1;
- chain->arena = arena;
-
- return chain;
-
-no_memory:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-CERTCertificateList *
-CERT_DupCertList(CERTCertificateList * oldList)
-{
- CERTCertificateList *newList = NULL;
- PRArenaPool *arena = NULL;
- SECItem *newItem;
- SECItem *oldItem;
- int len = oldList->len;
- int rv;
-
- /* arena for SecCertificateList */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto no_memory;
-
- /* now build the CERTCertificateList */
- newList = PORT_ArenaNew(arena, CERTCertificateList);
- if (newList == NULL)
- goto no_memory;
- newList->arena = arena;
- newItem = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
- if (newItem == NULL)
- goto no_memory;
- newList->certs = newItem;
- newList->len = len;
-
- for (oldItem = oldList->certs; len > 0; --len, ++newItem, ++oldItem) {
- rv = SECITEM_CopyItem(arena, newItem, oldItem);
- if (rv < 0)
- goto loser;
- }
- return newList;
-
-no_memory:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-void
-CERT_DestroyCertificateList(CERTCertificateList *list)
-{
- PORT_FreeArena(list->arena, PR_FALSE);
-}
-
diff --git a/security/nss/lib/certhigh/certhtml.c b/security/nss/lib/certhigh/certhtml.c
deleted file mode 100644
index ff5f3c82d..000000000
--- a/security/nss/lib/certhigh/certhtml.c
+++ /dev/null
@@ -1,605 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * certhtml.c --- convert a cert to html
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "sechash.h"
-#include "cert.h"
-#include "keyhi.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secport.h"
-#include "secasn1.h"
-#include "pk11func.h"
-
-static char *hex = "0123456789ABCDEF";
-
-/*
-** Convert a der-encoded integer to a hex printable string form
-*/
-char *CERT_Hexify (SECItem *i, int do_colon)
-{
- unsigned char *cp, *end;
- char *rv, *o;
-
- if (!i->len) {
- return PORT_Strdup("00");
- }
-
- rv = o = (char*) PORT_Alloc(i->len * 3);
- if (!rv) return rv;
-
- cp = i->data;
- end = cp + i->len;
- while (cp < end) {
- unsigned char ch = *cp++;
- *o++ = hex[(ch >> 4) & 0xf];
- *o++ = hex[ch & 0xf];
- if (cp != end) {
- if (do_colon) {
- *o++ = ':';
- }
- }
- }
- *o = 0; /* Null terminate the string */
- return rv;
-}
-
-static char *
-gatherStrings(char **strings)
-{
- char **strs;
- int len;
- char *ret;
- char *s;
-
- /* find total length of all strings */
- strs = strings;
- len = 0;
- while ( *strs ) {
- len += PORT_Strlen(*strs);
- strs++;
- }
-
- /* alloc enough memory for it */
- ret = (char*)PORT_Alloc(len + 1);
- if ( !ret ) {
- return(ret);
- }
-
- s = ret;
-
- /* copy the strings */
- strs = strings;
- while ( *strs ) {
- PORT_Strcpy(s, *strs);
- s += PORT_Strlen(*strs);
- strs++;
- }
-
- return( ret );
-}
-
-#define BREAK "<br>"
-#define BREAKLEN 4
-#define COMMA ", "
-#define COMMALEN 2
-
-#define MAX_OUS 20
-#define MAX_DC MAX_OUS
-
-
-char *CERT_FormatName (CERTName *name)
-{
- CERTRDN** rdns;
- CERTRDN * rdn;
- CERTAVA** avas;
- CERTAVA* ava;
- char * buf = 0;
- char * tmpbuf = 0;
- SECItem * cn = 0;
- SECItem * email = 0;
- SECItem * org = 0;
- SECItem * loc = 0;
- SECItem * state = 0;
- SECItem * country = 0;
- SECItem * dq = 0;
-
- unsigned len = 0;
- int tag;
- int i;
- int ou_count = 0;
- int dc_count = 0;
- PRBool first;
- SECItem * orgunit[MAX_OUS];
- SECItem * dc[MAX_DC];
-
- /* Loop over name components and gather the interesting ones */
- rdns = name->rdns;
- while ((rdn = *rdns++) != 0) {
- avas = rdn->avas;
- while ((ava = *avas++) != 0) {
- tag = CERT_GetAVATag(ava);
- switch(tag) {
- case SEC_OID_AVA_COMMON_NAME:
- cn = CERT_DecodeAVAValue(&ava->value);
- len += cn->len;
- break;
- case SEC_OID_AVA_COUNTRY_NAME:
- country = CERT_DecodeAVAValue(&ava->value);
- len += country->len;
- break;
- case SEC_OID_AVA_LOCALITY:
- loc = CERT_DecodeAVAValue(&ava->value);
- len += loc->len;
- break;
- case SEC_OID_AVA_STATE_OR_PROVINCE:
- state = CERT_DecodeAVAValue(&ava->value);
- len += state->len;
- break;
- case SEC_OID_AVA_ORGANIZATION_NAME:
- org = CERT_DecodeAVAValue(&ava->value);
- len += org->len;
- break;
- case SEC_OID_AVA_DN_QUALIFIER:
- dq = CERT_DecodeAVAValue(&ava->value);
- len += dq->len;
- break;
- case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
- if (ou_count < MAX_OUS) {
- orgunit[ou_count] = CERT_DecodeAVAValue(&ava->value);
- len += orgunit[ou_count++]->len;
- }
- break;
- case SEC_OID_AVA_DC:
- if (dc_count < MAX_DC) {
- dc[dc_count] = CERT_DecodeAVAValue(&ava->value);
- len += dc[dc_count++]->len;
- }
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- case SEC_OID_RFC1274_MAIL:
- email = CERT_DecodeAVAValue(&ava->value);
- len += email->len;
- break;
- default:
- break;
- }
- }
- }
-
- /* XXX - add some for formatting */
- len += 128;
-
- /* allocate buffer */
- buf = (char *)PORT_Alloc(len);
- if ( !buf ) {
- return(0);
- }
-
- tmpbuf = buf;
-
- if ( cn ) {
- PORT_Memcpy(tmpbuf, cn->data, cn->len);
- tmpbuf += cn->len;
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(cn, PR_TRUE);
- }
- if ( email ) {
- PORT_Memcpy(tmpbuf, email->data, email->len);
- tmpbuf += ( email->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(email, PR_TRUE);
- }
- for (i=ou_count-1; i >= 0; i--) {
- PORT_Memcpy(tmpbuf, orgunit[i]->data, orgunit[i]->len);
- tmpbuf += ( orgunit[i]->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(orgunit[i], PR_TRUE);
- }
- if ( dq ) {
- PORT_Memcpy(tmpbuf, dq->data, dq->len);
- tmpbuf += ( dq->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(dq, PR_TRUE);
- }
- if ( org ) {
- PORT_Memcpy(tmpbuf, org->data, org->len);
- tmpbuf += ( org->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(org, PR_TRUE);
- }
- for (i=dc_count-1; i >= 0; i--) {
- PORT_Memcpy(tmpbuf, dc[i]->data, dc[i]->len);
- tmpbuf += ( dc[i]->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(dc[i], PR_TRUE);
- }
- first = PR_TRUE;
- if ( loc ) {
- PORT_Memcpy(tmpbuf, loc->data, loc->len);
- tmpbuf += ( loc->len );
- first = PR_FALSE;
- SECITEM_FreeItem(loc, PR_TRUE);
- }
- if ( state ) {
- if ( !first ) {
- PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
- tmpbuf += COMMALEN;
- }
- PORT_Memcpy(tmpbuf, state->data, state->len);
- tmpbuf += ( state->len );
- first = PR_FALSE;
- SECITEM_FreeItem(state, PR_TRUE);
- }
- if ( country ) {
- if ( !first ) {
- PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
- tmpbuf += COMMALEN;
- }
- PORT_Memcpy(tmpbuf, country->data, country->len);
- tmpbuf += ( country->len );
- first = PR_FALSE;
- SECITEM_FreeItem(country, PR_TRUE);
- }
- if ( !first ) {
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- }
-
- *tmpbuf = 0;
-
- return(buf);
-}
-
-static char *sec_FortezzaClearance(SECItem *clearance) {
- unsigned char clr = 0;
-
- if (clearance->len > 0) { clr = clearance->data[0]; }
-
- if (clr & 0x4) return "Top Secret";
- if (clr & 0x8) return "Secret";
- if (clr & 0x10) return "Confidential";
- if (clr & 0x20) return "Sensitive";
- if (clr & 0x40) return "Unclassified";
- return "None";
-}
-
-static char *sec_FortezzaMessagePrivilege(SECItem *priv) {
- unsigned char clr = 0;
-
- if (priv->len > 0) { clr = (priv->data[0]) & 0x78; }
-
- if (clr == 0x00) {
- return "None";
- } else {
-
- return PR_smprintf("%s%s%s%s%s%s%s",
-
- clr&0x40?"Critical/Flash":"",
- (clr&0x40) && (clr&0x38) ? ", " : "" ,
-
- clr&0x20?"Immediate/Priority":"",
- (clr&0x20) && (clr&0x18) ? ", " : "" ,
-
- clr&0x10?"Routine/Deferred":"",
- (clr&0x10) && (clr&0x08) ? ", " : "" ,
-
- clr&0x08?"Rekey Agent":"");
- }
-
-}
-
-static char *sec_FortezzaCertPrivilege(SECItem *priv) {
- unsigned char clr = 0;
-
- if (priv->len > 0) { clr = priv->data[0]; }
-
- return PR_smprintf("%s%s%s%s%s%s%s%s%s%s%s%s",
- clr&0x40?"Organizational Releaser":"",
- (clr&0x40) && (clr&0x3e) ? "," : "" ,
- clr&0x20?"Policy Creation Authority":"",
- (clr&0x20) && (clr&0x1e) ? "," : "" ,
- clr&0x10?"Certificate Authority":"",
- (clr&0x10) && (clr&0x0e) ? "," : "" ,
- clr&0x08?"Local Managment Authority":"",
- (clr&0x08) && (clr&0x06) ? "," : "" ,
- clr&0x04?"Configuration Vector Authority":"",
- (clr&0x04) && (clr&0x02) ? "," : "" ,
- clr&0x02?"No Signature Capability":"",
- clr&0x7e?"":"Signing Only"
- );
-}
-
-static char *htmlcertstrings[] = {
- "<table border=0 cellspacing=0 cellpadding=0><tr><td valign=top>"
- "<font size=2><b>This Certificate belongs to:</b><br>"
- "<table border=0 cellspacing=0 cellpadding=0><tr><td>",
- 0, /* image goes here */
- 0,
- 0,
- "</td><td width=10> </td><td><font size=2>",
- 0, /* subject name goes here */
- "</td></tr></table></font></td><td width=20> </td><td valign=top>"
- "<font size=2><b>This Certificate was issued by:</b><br>"
- "<table border=0 cellspacing=0 cellpadding=0><tr><td>",
- 0, /* image goes here */
- 0,
- 0,
- "</td><td width=10> </td><td><font size=2>",
- 0, /* issuer name goes here */
- "</td></tr></table></font></td></tr></table>"
- "<b>Serial Number:</b> ",
- 0,
- "<br><b>This Certificate is valid from ",
- 0, /* notBefore goes here */
- " to ",
- 0, /* notAfter does here */
- "</b><br><b>Clearance:</b>",
- 0,
- "<br><b>DSS Privileges:</b>",
- 0,
- "<br><b>KEA Privileges:</b>",
- 0,
- "<br><b>KMID:</b>",
- 0,
- "<br><b>Certificate Fingerprint:</b>"
- "<table border=0 cellspacing=0 cellpadding=0><tr>"
- "<td width=10> </td><td><font size=2>",
- 0, /* fingerprint goes here */
- "</td></tr></table>",
- 0, /* comment header goes here */
- 0, /* comment goes here */
- 0, /* comment trailer goes here */
- 0
-};
-
-char *
-CERT_HTMLCertInfo(CERTCertificate *cert, PRBool showImages, PRBool showIssuer)
-{
- SECStatus rv;
- char *issuer, *subject, *serialNumber, *version;
- char *notBefore, *notAfter;
- char *ret;
- char *nickname;
- SECItem dummyitem;
- unsigned char fingerprint[16]; /* result of MD5, always 16 bytes */
- char *fpstr;
- SECItem fpitem;
- char *commentstring = NULL;
- SECKEYPublicKey *pubk;
- char *DSSPriv;
- char *KMID = NULL;
- char *servername;
-
- if (!cert) {
- return(0);
- }
-
- issuer = CERT_FormatName (&cert->issuer);
- subject = CERT_FormatName (&cert->subject);
- version = CERT_Hexify (&cert->version,1);
- serialNumber = CERT_Hexify (&cert->serialNumber,1);
- notBefore = DER_UTCDayToAscii(&cert->validity.notBefore);
- notAfter = DER_UTCDayToAscii(&cert->validity.notAfter);
- servername = CERT_FindNSStringExtension(cert,
- SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-
- nickname = cert->nickname;
- if ( nickname == NULL ) {
- showImages = PR_FALSE;
- }
-
- dummyitem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
- &dummyitem);
- if ( dummyitem.data ) {
- PORT_Free(dummyitem.data);
- }
-
- if ( rv || !showImages ) {
- htmlcertstrings[1] = "";
- htmlcertstrings[2] = "";
- htmlcertstrings[3] = "";
- } else {
- htmlcertstrings[1] = "<img src=\"about:security?subject-logo=";
- htmlcertstrings[2] = nickname;
- htmlcertstrings[3] = "\">";
- }
-
- if ( servername ) {
- char *tmpstr;
- tmpstr = (char *)PORT_Alloc(PORT_Strlen(subject) +
- PORT_Strlen(servername) +
- sizeof("<br>") + 1);
- if ( tmpstr ) {
- PORT_Strcpy(tmpstr, servername);
- PORT_Strcat(tmpstr, "<br>");
- PORT_Strcat(tmpstr, subject);
- PORT_Free(subject);
- subject = tmpstr;
- }
- }
-
- htmlcertstrings[5] = subject;
-
- dummyitem.data = NULL;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
- &dummyitem);
- if ( dummyitem.data ) {
- PORT_Free(dummyitem.data);
- }
-
- if ( rv || !showImages ) {
- htmlcertstrings[7] = "";
- htmlcertstrings[8] = "";
- htmlcertstrings[9] = "";
- } else {
- htmlcertstrings[7] = "<img src=\"about:security?issuer-logo=";
- htmlcertstrings[8] = nickname;
- htmlcertstrings[9] = "\">";
- }
-
-
- if (showIssuer == PR_TRUE) {
- htmlcertstrings[11] = issuer;
- } else {
- htmlcertstrings[11] = "";
- }
-
- htmlcertstrings[13] = serialNumber;
- htmlcertstrings[15] = notBefore;
- htmlcertstrings[17] = notAfter;
-
- pubk = CERT_ExtractPublicKey(cert);
- DSSPriv = NULL;
- if (pubk && (pubk->keyType == fortezzaKey)) {
- htmlcertstrings[18] = "</b><br><b>Clearance:</b>";
- htmlcertstrings[19] = sec_FortezzaClearance(
- &pubk->u.fortezza.clearance);
- htmlcertstrings[20] = "<br><b>DSS Privileges:</b>";
- DSSPriv = sec_FortezzaCertPrivilege(
- &pubk->u.fortezza.DSSpriviledge);
- htmlcertstrings[21] = DSSPriv;
- htmlcertstrings[22] = "<br><b>KEA Privileges:</b>";
- htmlcertstrings[23] = sec_FortezzaMessagePrivilege(
- &pubk->u.fortezza.KEApriviledge);
- htmlcertstrings[24] = "<br><b>KMID:</b>";
- dummyitem.data = &pubk->u.fortezza.KMID[0];
- dummyitem.len = sizeof(pubk->u.fortezza.KMID);
- KMID = CERT_Hexify (&dummyitem,0);
- htmlcertstrings[25] = KMID;
- } else {
- /* clear out the headers in the non-fortezza cases */
- htmlcertstrings[18] = "";
- htmlcertstrings[19] = "";
- htmlcertstrings[20] = "";
- htmlcertstrings[21] = "";
- htmlcertstrings[22] = "";
- htmlcertstrings[23] = "";
- htmlcertstrings[24] = "";
- htmlcertstrings[25] = "</b>";
- }
-
- if (pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
-
-#define HTML_OFF 27
- rv = PK11_HashBuf(SEC_OID_MD5, fingerprint,
- cert->derCert.data, cert->derCert.len);
-
- fpitem.data = fingerprint;
- fpitem.len = sizeof(fingerprint);
-
- fpstr = CERT_Hexify (&fpitem,1);
-
- htmlcertstrings[HTML_OFF] = fpstr;
-
- commentstring = CERT_GetCertCommentString(cert);
-
- if (commentstring == NULL) {
- htmlcertstrings[HTML_OFF+2] = "";
- htmlcertstrings[HTML_OFF+3] = "";
- htmlcertstrings[HTML_OFF+4] = "";
- } else {
- htmlcertstrings[HTML_OFF+2] =
- "<b>Comment:</b>"
- "<table border=0 cellspacing=0 cellpadding=0><tr>"
- "<td width=10> </td><td><font size=3>"
- "<textarea name=foobar rows=4 cols=55 onfocus=\"this.blur()\">";
- htmlcertstrings[HTML_OFF+3] = commentstring;
- htmlcertstrings[HTML_OFF+4] = "</textarea></font></td></tr></table>";
- }
-
- ret = gatherStrings(htmlcertstrings);
-
- if ( issuer ) {
- PORT_Free(issuer);
- }
-
- if ( subject ) {
- PORT_Free(subject);
- }
-
- if ( version ) {
- PORT_Free(version);
- }
-
- if ( serialNumber ) {
- PORT_Free(serialNumber);
- }
-
- if ( notBefore ) {
- PORT_Free(notBefore);
- }
-
- if ( notAfter ) {
- PORT_Free(notAfter);
- }
-
- if ( fpstr ) {
- PORT_Free(fpstr);
- }
- if (DSSPriv) {
- PORT_Free(DSSPriv);
- }
-
- if (KMID) {
- PORT_Free(KMID);
- }
-
- if ( commentstring ) {
- PORT_Free(commentstring);
- }
-
- if ( servername ) {
- PORT_Free(servername);
- }
-
- return(ret);
-}
-
diff --git a/security/nss/lib/certhigh/certreq.c b/security/nss/lib/certhigh/certreq.c
deleted file mode 100644
index 1588c1896..000000000
--- a/security/nss/lib/certhigh/certreq.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "secder.h"
-#include "key.h"
-#include "secitem.h"
-#include "secasn1.h"
-
-const SEC_ASN1Template CERT_AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTAttribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(CERTAttribute, attrType) },
- { SEC_ASN1_SET_OF, offsetof(CERTAttribute, attrValue),
- SEC_AnyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_SetOfAttributeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, CERT_AttributeTemplate },
-};
-
-const SEC_ASN1Template CERT_CertificateRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertificateRequest) },
- { SEC_ASN1_INTEGER,
- offsetof(CERTCertificateRequest,version) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificateRequest,subject),
- CERT_NameTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificateRequest,subjectPublicKeyInfo),
- CERT_SubjectPublicKeyInfoTemplate },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTCertificateRequest,attributes),
- CERT_SetOfAttributeTemplate },
- { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateRequestTemplate)
-
-CERTCertificate *
-CERT_CreateCertificate(unsigned long serialNumber,
- CERTName *issuer,
- CERTValidity *validity,
- CERTCertificateRequest *req)
-{
- CERTCertificate *c;
- int rv;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return(0);
- }
-
- c = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-
- if (c) {
- c->referenceCount = 1;
- c->arena = arena;
-
- /*
- * Default is a plain version 1.
- * If extensions are added, it will get changed as appropriate.
- */
- rv = DER_SetUInteger(arena, &c->version, SEC_CERTIFICATE_VERSION_1);
- if (rv) goto loser;
-
- rv = DER_SetUInteger(arena, &c->serialNumber, serialNumber);
- if (rv) goto loser;
-
- rv = CERT_CopyName(arena, &c->issuer, issuer);
- if (rv) goto loser;
-
- rv = CERT_CopyValidity(arena, &c->validity, validity);
- if (rv) goto loser;
-
- rv = CERT_CopyName(arena, &c->subject, &req->subject);
- if (rv) goto loser;
- rv = SECKEY_CopySubjectPublicKeyInfo(arena, &c->subjectPublicKeyInfo,
- &req->subjectPublicKeyInfo);
- if (rv) goto loser;
- }
- return c;
-
- loser:
- CERT_DestroyCertificate(c);
- return 0;
-}
-
-/************************************************************************/
-
-CERTCertificateRequest *
-CERT_CreateCertificateRequest(CERTName *subject,
- CERTSubjectPublicKeyInfo *spki,
- SECItem **attributes)
-{
- CERTCertificateRequest *certreq;
- PRArenaPool *arena;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return NULL;
- }
-
- certreq = (CERTCertificateRequest *)
- PORT_ArenaZAlloc(arena, sizeof(CERTCertificateRequest));
-
- if (certreq != NULL) {
- certreq->arena = arena;
-
- rv = DER_SetUInteger(arena, &certreq->version,
- SEC_CERTIFICATE_REQUEST_VERSION);
- if (rv != SECSuccess)
- goto loser;
-
- rv = CERT_CopyName(arena, &certreq->subject, subject);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SECKEY_CopySubjectPublicKeyInfo(arena,
- &certreq->subjectPublicKeyInfo,
- spki);
- if (rv != SECSuccess)
- goto loser;
-
- /* Copy over attribute information */
- if (attributes) {
- int i = 0;
-
- /* allocate space for attributes */
- while(attributes[i] != NULL) i++;
- certreq->attributes = (SECItem**)PORT_ArenaZAlloc(arena,
- sizeof(SECItem *) * (i + 1));
- if(!certreq->attributes) {
- goto loser;
- }
-
- /* copy attributes */
- i = 0;
- while(attributes[i]) {
- /*
- ** Attributes are a SetOf Attribute which implies
- ** lexigraphical ordering. It is assumes that the
- ** attributes are passed in sorted. If we need to
- ** add functionality to sort them, there is an
- ** example in the PKCS 7 code.
- */
- certreq->attributes[i] = (SECItem*)PORT_ArenaZAlloc(arena,
- sizeof(SECItem));
- if(!certreq->attributes[i]) {
- goto loser;
- };
- rv = SECITEM_CopyItem(arena, certreq->attributes[i],
- attributes[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- i++;
- }
- certreq->attributes[i] = NULL;
- } else {
- /*
- ** Invent empty attribute information. According to the
- ** pkcs#10 spec, attributes has this ASN.1 type:
- **
- ** attributes [0] IMPLICIT Attributes
- **
- ** Which means, we should create a NULL terminated list
- ** with the first entry being NULL;
- */
- certreq->attributes = (SECItem**)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
- if(!certreq->attributes) {
- goto loser;
- }
- certreq->attributes[0] = NULL;
- }
- } else {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return certreq;
-
-loser:
- CERT_DestroyCertificateRequest(certreq);
- return NULL;
-}
-
-void
-CERT_DestroyCertificateRequest(CERTCertificateRequest *req)
-{
- if (req && req->arena) {
- PORT_FreeArena(req->arena, PR_FALSE);
- }
- return;
-}
-
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
deleted file mode 100644
index 87ef671ef..000000000
--- a/security/nss/lib/certhigh/certvfy.c
+++ /dev/null
@@ -1,2113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-#include "secerr.h"
-#include "secport.h"
-#include "seccomon.h"
-#include "secoid.h"
-#include "sslerr.h"
-#include "genname.h"
-#include "keyhi.h"
-#include "cert.h"
-#include "certdb.h"
-#include "cryptohi.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspki.h"
-#include "pkitm.h"
-#include "pkim.h"
-#include "pki3hack.h"
-#include "base.h"
-
-#define PENDING_SLOP (24L*60L*60L)
-
-/*
- * WARNING - this function is depricated, and will go away in the near future.
- * It has been superseded by CERT_CheckCertValidTimes().
- *
- * Check the validity times of a certificate
- */
-SECStatus
-CERT_CertTimesValid(CERTCertificate *c)
-{
- int64 now, notBefore, notAfter, pendingSlop;
- SECStatus rv;
-
- /* if cert is already marked OK, then don't bother to check */
- if ( c->timeOK ) {
- return(SECSuccess);
- }
-
- /* get current UTC time */
- now = PR_Now();
- rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
-
- if (rv) {
- return(SECFailure);
- }
-
- LL_I2L(pendingSlop, PENDING_SLOP);
- LL_SUB(notBefore, notBefore, pendingSlop);
-
- if (LL_CMP(now, <, notBefore) || LL_CMP(now, >, notAfter)) {
- PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * verify the signature of a signed data object with the given DER publickey
- */
-SECStatus
-CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd,
- SECKEYPublicKey *pubKey,
- void *wincx)
-{
- SECStatus rv;
- SECOidTag algid;
- SECItem sig;
-
- if ( !pubKey || !sd ) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
-
- /* check the signature */
- sig = sd->signature;
- /* convert sig->len from bit counts to byte count. */
- DER_ConvertBitString(&sig);
-
- algid = SECOID_GetAlgorithmTag(&sd->signatureAlgorithm);
- rv = VFY_VerifyData(sd->data.data, sd->data.len, pubKey, &sig,
- algid, wincx);
-
- return rv ? SECFailure : SECSuccess;
-}
-
-/*
- * verify the signature of a signed data object with the given DER publickey
- */
-SECStatus
-CERT_VerifySignedDataWithPublicKeyInfo(CERTSignedData *sd,
- CERTSubjectPublicKeyInfo *pubKeyInfo,
- void *wincx)
-{
- SECKEYPublicKey *pubKey;
- SECStatus rv = SECFailure;
-
- /* get cert's public key */
- pubKey = SECKEY_ExtractPublicKey(pubKeyInfo);
- if (pubKey) {
- rv = CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);
- SECKEY_DestroyPublicKey(pubKey);
- }
- return rv;
-}
-
-/*
- * verify the signature of a signed data object with the given certificate
- */
-SECStatus
-CERT_VerifySignedData(CERTSignedData *sd, CERTCertificate *cert,
- int64 t, void *wincx)
-{
- SECKEYPublicKey *pubKey = 0;
- SECStatus rv = SECFailure;
- SECCertTimeValidity validity;
-
- /* check the certificate's validity */
- validity = CERT_CheckCertValidTimes(cert, t, PR_FALSE);
- if ( validity != secCertTimeValid ) {
- return rv;
- }
-
- /* get cert's public key */
- pubKey = CERT_ExtractPublicKey(cert);
- if (pubKey) {
- rv = CERT_VerifySignedDataWithPublicKey(sd, pubKey, wincx);
- SECKEY_DestroyPublicKey(pubKey);
- }
- return rv;
-}
-
-
-/*
- * This must only be called on a cert that is known to have an issuer
- * with an invalid time
- */
-CERTCertificate *
-CERT_FindExpiredIssuer(CERTCertDBHandle *handle, CERTCertificate *cert)
-{
- CERTCertificate *issuerCert = NULL;
- CERTCertificate *subjectCert;
- int count;
- SECStatus rv;
- SECComparison rvCompare;
-
- subjectCert = CERT_DupCertificate(cert);
- if ( subjectCert == NULL ) {
- goto loser;
- }
-
- for ( count = 0; count < CERT_MAX_CERT_CHAIN; count++ ) {
- /* find the certificate of the issuer */
- issuerCert = CERT_FindCertByName(handle, &subjectCert->derIssuer);
-
- if ( ! issuerCert ) {
- goto loser;
- }
-
- rv = CERT_CertTimesValid(issuerCert);
- if ( rv == SECFailure ) {
- /* this is the invalid issuer */
- CERT_DestroyCertificate(subjectCert);
- return(issuerCert);
- }
-
- /* make sure that the issuer is not self signed. If it is, then
- * stop here to prevent looping.
- */
- rvCompare = SECITEM_CompareItem(&issuerCert->derSubject,
- &issuerCert->derIssuer);
- if (rvCompare == SECEqual) {
- PORT_Assert(0); /* No expired issuer! */
- goto loser;
- }
- CERT_DestroyCertificate(subjectCert);
- subjectCert = issuerCert;
- }
-
-loser:
- if ( issuerCert ) {
- CERT_DestroyCertificate(issuerCert);
- }
-
- if ( subjectCert ) {
- CERT_DestroyCertificate(subjectCert);
- }
-
- return(NULL);
-}
-
-/* Software FORTEZZA installation hack. The software fortezza installer does
- * not have access to the krl and cert.db file. Accept FORTEZZA Certs without
- * KRL's in this case.
- */
-static int dont_use_krl = 0;
-/* not a public exposed function... */
-void sec_SetCheckKRLState(int value) { dont_use_krl = value; }
-
-SECStatus
-SEC_CheckKRL(CERTCertDBHandle *handle,SECKEYPublicKey *key,
- CERTCertificate *rootCert, int64 t, void * wincx)
-{
- CERTSignedCrl *crl = NULL;
- SECStatus rv = SECFailure;
- SECStatus rv2;
- CERTCrlEntry **crlEntry;
- SECCertTimeValidity validity;
- CERTCertificate *issuerCert = NULL;
-
- if (dont_use_krl) return SECSuccess;
-
- /* first look up the KRL */
- crl = SEC_FindCrlByName(handle,&rootCert->derSubject, SEC_KRL_TYPE);
- if (crl == NULL) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- goto done;
- }
-
- /* get the issuing certificate */
- issuerCert = CERT_FindCertByName(handle, &crl->crl.derName);
- if (issuerCert == NULL) {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- goto done;
- }
-
-
- /* now verify the KRL signature */
- rv2 = CERT_VerifySignedData(&crl->signatureWrap, issuerCert, t, wincx);
- if (rv2 != SECSuccess) {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- goto done;
- }
-
- /* Verify the date validity of the KRL */
- validity = SEC_CheckCrlTimes(&crl->crl, t);
- if (validity == secCertTimeExpired) {
- PORT_SetError(SEC_ERROR_KRL_EXPIRED);
- goto done;
- }
-
- /* now make sure the key in this cert is still valid */
- if (key->keyType != fortezzaKey) {
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- goto done; /* This should be an assert? */
- }
-
- /* now make sure the key is not on the revocation list */
- for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
- if (PORT_Memcmp((*crlEntry)->serialNumber.data,
- key->u.fortezza.KMID,
- (*crlEntry)->serialNumber.len) == 0) {
- PORT_SetError(SEC_ERROR_REVOKED_KEY);
- goto done;
- }
- }
- rv = SECSuccess;
-
-done:
- if (issuerCert) CERT_DestroyCertificate(issuerCert);
- if (crl) SEC_DestroyCrl(crl);
- return rv;
-}
-
-SECStatus
-SEC_CheckCRL(CERTCertDBHandle *handle,CERTCertificate *cert,
- CERTCertificate *caCert, int64 t, void * wincx)
-{
- return CERT_CheckCRL(cert, caCert, NULL, t, wincx);
-}
-
-/*
- * Find the issuer of a cert. Use the authorityKeyID if it exists.
- */
-CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage)
-{
-#ifdef NSS_CLASSIC
- CERTAuthKeyID * authorityKeyID = NULL;
- CERTCertificate * issuerCert = NULL;
- SECItem * caName;
- PRArenaPool *tmpArena = NULL;
-
- tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !tmpArena ) {
- goto loser;
- }
- authorityKeyID = CERT_FindAuthKeyIDExten(tmpArena,cert);
-
- if ( authorityKeyID != NULL ) {
- /* has the authority key ID extension */
- if ( authorityKeyID->keyID.data != NULL ) {
- /* extension contains a key ID, so lookup based on it */
- issuerCert = CERT_FindCertByKeyID(cert->dbhandle, &cert->derIssuer,
- &authorityKeyID->keyID);
- if ( issuerCert == NULL ) {
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- goto loser;
- }
-
- } else if ( authorityKeyID->authCertIssuer != NULL ) {
- /* no key ID, so try issuer and serial number */
- caName = (SECItem*)CERT_GetGeneralNameByType(authorityKeyID->authCertIssuer,
- certDirectoryName, PR_TRUE);
-
- /*
- * caName is NULL when the authCertIssuer field is not
- * being used, or other name form is used instead.
- * If the directoryName format and serialNumber fields are
- * used, we use them to find the CA cert.
- * Note:
- * By the time it gets here, we known for sure that if the
- * authCertIssuer exists, then the authCertSerialNumber
- * must also exists (CERT_DecodeAuthKeyID() ensures this).
- * We don't need to check again.
- */
-
- if (caName != NULL) {
- CERTIssuerAndSN issuerSN;
-
- issuerSN.derIssuer.data = caName->data;
- issuerSN.derIssuer.len = caName->len;
- issuerSN.serialNumber.data =
- authorityKeyID->authCertSerialNumber.data;
- issuerSN.serialNumber.len =
- authorityKeyID->authCertSerialNumber.len;
- issuerCert = CERT_FindCertByIssuerAndSN(cert->dbhandle,
- &issuerSN);
- if ( issuerCert == NULL ) {
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- goto loser;
- }
- }
- }
- }
- if ( issuerCert == NULL ) {
- /* if there is not authorityKeyID, then try to find the issuer */
- /* find a valid CA cert with correct usage */
- issuerCert = CERT_FindMatchingCert(cert->dbhandle,
- &cert->derIssuer,
- certOwnerCA, usage, PR_TRUE,
- validTime, PR_TRUE);
-
- /* if that fails, then fall back to grabbing any cert with right name*/
- if ( issuerCert == NULL ) {
- issuerCert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
- if ( issuerCert == NULL ) {
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- }
- }
- }
-
-loser:
- if (tmpArena != NULL) {
- PORT_FreeArena(tmpArena, PR_FALSE);
- tmpArena = NULL;
- }
-
- return(issuerCert);
-#else
- NSSCertificate *me;
- NSSTime *nssTime;
- NSSUsage nssUsage;
- NSSCertificate *chain[3];
- PRStatus status;
- me = STAN_GetNSSCertificate(cert);
- nssTime = NSSTime_SetPRTime(NULL, validTime);
- nssUsage.anyUsage = PR_FALSE;
- nssUsage.nss3usage = usage;
- nssUsage.nss3lookingForCA = PR_TRUE;
- memset(chain, 0, 3*sizeof(NSSCertificate *));
- if (!me) {
- PORT_SetError (SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
- (void)NSSCertificate_BuildChain(me, nssTime, &nssUsage, NULL,
- chain, 2, NULL, &status);
- nss_ZFreeIf(nssTime);
- if (status == PR_SUCCESS) {
- /* if it's a root, the chain will only have one cert */
- if (!chain[1]) {
- /* already has a reference from the call to BuildChain */
- return cert;
- } else {
- CERT_DestroyCertificate(cert); /* the first cert in the chain */
- return STAN_GetCERTCertificate(chain[1]); /* return the 2nd */
- }
- } else {
- if (chain[0]) {
- CERT_DestroyCertificate(cert);
- }
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- }
- return NULL;
-#endif
-}
-
-/*
- * return required trust flags for various cert usages for CAs
- */
-SECStatus
-CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
- unsigned int *retFlags,
- SECTrustType *retTrustType)
-{
- unsigned int requiredFlags;
- SECTrustType trustType;
-
- switch ( usage ) {
- case certUsageSSLClient:
- requiredFlags = CERTDB_TRUSTED_CLIENT_CA;
- trustType = trustSSL;
- break;
- case certUsageSSLServer:
- case certUsageSSLCA:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustSSL;
- break;
- case certUsageSSLServerWithStepUp:
- requiredFlags = CERTDB_TRUSTED_CA | CERTDB_GOVT_APPROVED_CA;
- trustType = trustSSL;
- break;
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustEmail;
- break;
- case certUsageObjectSigner:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustObjectSigning;
- break;
- case certUsageVerifyCA:
- case certUsageAnyCA:
- case certUsageStatusResponder:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustTypeNone;
- break;
- default:
- PORT_Assert(0);
- goto loser;
- }
- if ( retFlags != NULL ) {
- *retFlags = requiredFlags;
- }
- if ( retTrustType != NULL ) {
- *retTrustType = trustType;
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-
-
-
-
-static void
-AddToVerifyLog(CERTVerifyLog *log, CERTCertificate *cert, unsigned long error,
- unsigned int depth, void *arg)
-{
- CERTVerifyLogNode *node, *tnode;
-
- PORT_Assert(log != NULL);
-
- node = (CERTVerifyLogNode *)PORT_ArenaAlloc(log->arena,
- sizeof(CERTVerifyLogNode));
- if ( node != NULL ) {
- node->cert = CERT_DupCertificate(cert);
- node->error = error;
- node->depth = depth;
- node->arg = arg;
-
- if ( log->tail == NULL ) {
- /* empty list */
- log->head = log->tail = node;
- node->prev = NULL;
- node->next = NULL;
- } else if ( depth >= log->tail->depth ) {
- /* add to tail */
- node->prev = log->tail;
- log->tail->next = node;
- log->tail = node;
- node->next = NULL;
- } else if ( depth < log->head->depth ) {
- /* add at head */
- node->prev = NULL;
- node->next = log->head;
- log->head->prev = node;
- log->head = node;
- } else {
- /* add in middle */
- tnode = log->tail;
- while ( tnode != NULL ) {
- if ( depth >= tnode->depth ) {
- /* insert after tnode */
- node->prev = tnode;
- node->next = tnode->next;
- tnode->next->prev = node;
- tnode->next = node;
- break;
- }
-
- tnode = tnode->prev;
- }
- }
-
- log->count++;
- }
- return;
-}
-
-#define EXIT_IF_NOT_LOGGING(log) \
- if ( log == NULL ) { \
- goto loser; \
- }
-
-#define LOG_ERROR_OR_EXIT(log,cert,depth,arg) \
- if ( log != NULL ) { \
- AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
- } else { \
- goto loser; \
- }
-
-#define LOG_ERROR(log,cert,depth,arg) \
- if ( log != NULL ) { \
- AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
- }
-
-
-typedef enum { cbd_None, cbd_User, cbd_CA } cbd_FortezzaType;
-
-static SECStatus
-cert_VerifyFortezzaV1Cert(CERTCertDBHandle *handle, CERTCertificate *cert,
- cbd_FortezzaType *next_type, cbd_FortezzaType last_type,
- int64 t, void *wincx)
-{
- unsigned char priv = 0;
- SECKEYPublicKey *key;
- SECStatus rv;
-
- *next_type = cbd_CA;
-
- /* read the key */
- key = CERT_ExtractPublicKey(cert);
-
- /* Cant' get Key? fail. */
- if (key == NULL) {
- PORT_SetError(SEC_ERROR_BAD_KEY);
- return SECFailure;
- }
-
-
- /* if the issuer is not an old fortezza cert, we bail */
- if (key->keyType != fortezzaKey) {
- SECKEY_DestroyPublicKey(key);
- /* CA Cert not fortezza */
- PORT_SetError(SEC_ERROR_NOT_FORTEZZA_ISSUER);
- return SECFailure;
- }
-
- /* get the privilege mask */
- if (key->u.fortezza.DSSpriviledge.len > 0) {
- priv = key->u.fortezza.DSSpriviledge.data[0];
- }
-
- /*
- * make sure the CA's keys are OK
- */
-
- rv = SEC_CheckKRL(handle, key, NULL, t, wincx);
- SECKEY_DestroyPublicKey(key);
- if (rv != SECSuccess) {
- return rv;
- }
-
- switch (last_type) {
- case cbd_User:
- /* first check for subordination */
- /*rv = FortezzaSubordinateCheck(cert,issuerCert);*/
- rv = SECSuccess;
-
- /* now check for issuer privilege */
- if ((rv != SECSuccess) || ((priv & 0x10) == 0)) {
- /* bail */
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- return SECFailure;
- }
- break;
- case cbd_CA:
- if ((priv & 0x20) == 0) {
- /* bail */
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- return SECFailure;
- }
- break;
- case cbd_None:
- *next_type = (priv & 0x30) ? cbd_CA : cbd_User;
- break;
- default:
- /* bail */ /* shouldn't ever happen */
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-static SECStatus
-cert_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, PRBool* sigerror,
- SECCertUsage certUsage, int64 t, void *wincx,
- CERTVerifyLog *log, PRBool doCRL, PRBool* revoked)
-{
- SECTrustType trustType;
- CERTBasicConstraints basicConstraint;
- CERTCertificate *issuerCert = NULL;
- CERTCertificate *subjectCert = NULL;
- CERTCertificate *badCert = NULL;
- PRBool isca;
- PRBool isFortezzaV1 = PR_FALSE;
- SECStatus rv;
- SECStatus rvFinal = SECSuccess;
- int count;
- int currentPathLen = -1;
- int flags;
- unsigned int caCertType;
- unsigned int requiredCAKeyUsage;
- unsigned int requiredFlags;
- PRArenaPool *arena = NULL;
- CERTGeneralName *namesList = NULL;
- CERTGeneralName *subjectNameList = NULL;
- SECItem *namesIndex = NULL;
- int namesIndexLen = 10;
- int namesCount = 0;
-
- cbd_FortezzaType last_type = cbd_None;
-
- if (revoked) {
- *revoked = PR_FALSE;
- }
-
- if (CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_TRUE,
- &requiredCAKeyUsage,
- &caCertType)
- != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredCAKeyUsage = 0;
- caCertType = 0;
- }
-
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- case certUsageSSLCA:
- case certUsageSSLServerWithStepUp:
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- case certUsageObjectSigner:
- case certUsageVerifyCA:
- case certUsageStatusResponder:
- if ( CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
- &trustType) != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredFlags = 0;
- trustType = trustSSL;
- }
- break;
- default:
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredFlags = 0;
- trustType = trustSSL;/* This used to be 0, but we need something
- * that matches the enumeration type.
- */
- caCertType = 0;
- }
-
- subjectCert = CERT_DupCertificate(cert);
- if ( subjectCert == NULL ) {
- goto loser;
- }
-
- /* determine if the cert is fortezza.
- */
- isFortezzaV1 = (PRBool)
- (CERT_GetCertKeyType(&subjectCert->subjectPublicKeyInfo)
- == fortezzaKey);
-
- if (isFortezzaV1) {
- rv = cert_VerifyFortezzaV1Cert(handle, subjectCert, &last_type,
- cbd_None, t, wincx);
- if (rv == SECFailure) {
- /**** PORT_SetError is already set by cert_VerifyFortezzaV1Cert **/
- LOG_ERROR_OR_EXIT(log,subjectCert,0,0);
- }
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
-
- namesIndex = (SECItem *) PORT_ZAlloc(sizeof(SECItem) * namesIndexLen);
- if (namesIndex == NULL) {
- goto loser;
- }
-
- for ( count = 0; count < CERT_MAX_CERT_CHAIN; count++ ) {
- int subjectNameListLen;
- int i;
-
- /* Construct a list of names for the current and all previous certifcates
- to be verified against the name constraints extension of the issuer
- certificate. */
- subjectNameList = CERT_GetCertificateNames(subjectCert, arena);
- subjectNameListLen = CERT_GetNamesLength(subjectNameList);
- for (i = 0; i < subjectNameListLen; i++) {
- if (namesIndexLen <= namesCount + i) {
- namesIndexLen = namesIndexLen * 2;
- namesIndex = (SECItem *) PORT_Realloc(namesIndex, namesIndexLen *
- sizeof(SECItem));
- if (namesIndex == NULL) {
- goto loser;
- }
- }
- rv = SECITEM_CopyItem(arena, &(namesIndex[namesCount + i]), &(subjectCert->derSubject));
- }
- namesCount += subjectNameListLen;
- namesList = cert_CombineNamesLists(namesList, subjectNameList);
-
- /* find the certificate of the issuer */
- issuerCert = CERT_FindCertIssuer(subjectCert, t, certUsage);
- if ( ! issuerCert ) {
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- LOG_ERROR(log,subjectCert,count,0);
- goto loser;
- }
-
- /* verify the signature on the cert */
- if ( checkSig ) {
- rv = CERT_VerifySignedData(&subjectCert->signatureWrap,
- issuerCert, t, wincx);
-
- if ( rv != SECSuccess ) {
- if (sigerror) {
- *sigerror = PR_TRUE;
- }
- if ( PORT_GetError() == SEC_ERROR_EXPIRED_CERTIFICATE ) {
- PORT_SetError(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- } else {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- LOG_ERROR_OR_EXIT(log,subjectCert,count,0);
- }
- }
- }
-
- /*
- * XXX - fortezza may need error logging stuff added
- */
- if (isFortezzaV1) {
- rv = cert_VerifyFortezzaV1Cert(handle, issuerCert, &last_type,
- last_type, t, wincx);
- if (rv == SECFailure) {
- /**** PORT_SetError is already set by *
- * cert_VerifyFortezzaV1Cert **/
- LOG_ERROR_OR_EXIT(log,subjectCert,0,0);
- }
- }
-
- /* If the basicConstraint extension is included in an immediate CA
- * certificate, make sure that the isCA flag is on. If the
- * pathLenConstraint component exists, it must be greater than the
- * number of CA certificates we have seen so far. If the extension
- * is omitted, we will assume that this is a CA certificate with
- * an unlimited pathLenConstraint (since it already passes the
- * netscape-cert-type extension checking).
- *
- * In the fortezza (V1) case, we've already checked the CA bits
- * in the key, so we're presumed to be a CA; however we really don't
- * want to bypass Basic constraint or netscape extension parsing.
- *
- * In Fortezza V2, basicConstraint will be set for every CA,PCA,PAA
- */
-
- rv = CERT_FindBasicConstraintExten(issuerCert, &basicConstraint);
- if ( rv != SECSuccess ) {
- if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- } else {
- currentPathLen = CERT_UNLIMITED_PATH_CONSTRAINT;
- }
- /* no basic constraints found, if we're fortezza, CA bit is already
- * verified (isca = PR_TRUE). otherwise, we aren't (yet) a ca
- * isca = PR_FALSE */
- isca = isFortezzaV1;
- } else {
- if ( basicConstraint.isCA == PR_FALSE ) {
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
-
- /* make sure that the path len constraint is properly set.
- */
- if ( basicConstraint.pathLenConstraint ==
- CERT_UNLIMITED_PATH_CONSTRAINT ) {
- currentPathLen = CERT_UNLIMITED_PATH_CONSTRAINT;
- } else if ( currentPathLen == CERT_UNLIMITED_PATH_CONSTRAINT ) {
- /* error if the previous CA's path length constraint is
- * unlimited but its CA's path is not.
- */
- PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,basicConstraint.pathLenConstraint);
- } else if (basicConstraint.pathLenConstraint > currentPathLen) {
- currentPathLen = basicConstraint.pathLenConstraint;
- } else {
- PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,basicConstraint.pathLenConstraint);
- }
-
- isca = PR_TRUE;
- }
-
- /* XXX - the error logging may need to go down into CRL stuff at some
- * point
- */
- /* check revoked list (issuer) */
- if (PR_TRUE == doCRL) {
- rv = SEC_CheckCRL(handle, subjectCert, issuerCert, t, wincx);
- if (rv == SECFailure) {
- if (revoked) {
- *revoked = PR_TRUE;
- }
- LOG_ERROR_OR_EXIT(log,subjectCert,count,0);
- } else if (rv == SECWouldBlock) {
- /* We found something fishy, so we intend to issue an
- * error to the user, but the user may wish to continue
- * processing, in which case we better make sure nothing
- * worse has happened... so keep cranking the loop */
- rvFinal = SECFailure;
- if (revoked) {
- *revoked = PR_TRUE;
- }
- LOG_ERROR(log,subjectCert,count,0);
- }
- }
-
-
- if ( issuerCert->trust ) {
- /*
- * check the trust parms of the issuer
- */
- if ( certUsage == certUsageVerifyCA ) {
- if ( subjectCert->nsCertType & NS_CERT_TYPE_EMAIL_CA ) {
- trustType = trustEmail;
- } else if ( subjectCert->nsCertType & NS_CERT_TYPE_SSL_CA ) {
- trustType = trustSSL;
- } else {
- trustType = trustObjectSigning;
- }
- }
-
- flags = SEC_GET_TRUST_FLAGS(issuerCert->trust, trustType);
-
- if ( (flags & CERTDB_VALID_CA) ||
- (certUsage == certUsageStatusResponder)) {
- if ( ( flags & requiredFlags ) == requiredFlags ||
- certUsage == certUsageStatusResponder ) {
- /* we found a trusted one, so return */
- rv = rvFinal;
- goto done;
- }
- }
- }
-
- /*
- * Make sure that if this is an intermediate CA in the chain that
- * it was given permission by its signer to be a CA.
- */
- if ( isca ) {
- /*
- * if basicConstraints says it is a ca, then we check the
- * nsCertType. If the nsCertType has any CA bits set, then
- * it must have the right one.
- */
- if ( issuerCert->nsCertType & NS_CERT_TYPE_CA ) {
- if ( issuerCert->nsCertType & caCertType ) {
- isca = PR_TRUE;
- } else {
- isca = PR_FALSE;
- }
- }
- } else {
- if ( issuerCert->nsCertType & caCertType ) {
- isca = PR_TRUE;
- } else {
- isca = PR_FALSE;
- }
- }
-
- if ( !isca ) {
- PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
-
- /* make sure key usage allows cert signing */
- if (CERT_CheckKeyUsage(issuerCert, requiredCAKeyUsage) != SECSuccess) {
- PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,requiredCAKeyUsage);
- }
- /* make sure that the entire chain is within the name space of the current issuer
- * certificate.
- */
-
- badCert = CERT_CompareNameSpace(issuerCert, namesList, namesIndex, arena, handle);
- if (badCert != NULL) {
- PORT_SetError(SEC_ERROR_CERT_NOT_IN_NAME_SPACE);
- LOG_ERROR_OR_EXIT(log, badCert, count + 1, 0);
- goto loser;
- }
- /* make sure that the issuer is not self signed. If it is, then
- * stop here to prevent looping.
- */
- if (issuerCert->isRoot) {
- PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
- LOG_ERROR(log, issuerCert, count+1, 0);
- goto loser;
- }
-
- CERT_DestroyCertificate(subjectCert);
- subjectCert = issuerCert;
- }
-
- subjectCert = NULL;
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- LOG_ERROR(log,issuerCert,count,0);
-loser:
- rv = SECFailure;
-done:
- if (namesIndex != NULL) {
- PORT_Free(namesIndex);
- }
- if ( issuerCert ) {
- CERT_DestroyCertificate(issuerCert);
- }
-
- if ( subjectCert ) {
- CERT_DestroyCertificate(subjectCert);
- }
-
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
-
-SECStatus
-CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log)
-{
- return cert_VerifyCertChain(handle, cert, checkSig, NULL, certUsage, t,
- wincx, log, PR_TRUE, NULL);
-}
-
-/*
- * verify that a CA can sign a certificate with the requested usage.
- */
-SECStatus
-CERT_VerifyCACertForUsage(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log)
-{
- SECTrustType trustType;
- CERTBasicConstraints basicConstraint;
- PRBool isca;
- SECStatus rv;
- SECComparison rvCompare;
- SECStatus rvFinal = SECSuccess;
- int flags;
- unsigned int caCertType;
- unsigned int requiredCAKeyUsage;
- unsigned int requiredFlags;
- CERTCertificate *issuerCert;
-
-
- if (CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_TRUE,
- &requiredCAKeyUsage,
- &caCertType) != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredCAKeyUsage = 0;
- caCertType = 0;
- }
-
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- case certUsageSSLCA:
- case certUsageSSLServerWithStepUp:
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- case certUsageObjectSigner:
- case certUsageVerifyCA:
- case certUsageStatusResponder:
- if ( CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
- &trustType) != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredFlags = 0;
- trustType = trustSSL;
- }
- break;
- default:
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredFlags = 0;
- trustType = trustSSL;/* This used to be 0, but we need something
- * that matches the enumeration type.
- */
- caCertType = 0;
- }
-
- /* If the basicConstraint extension is included in an immediate CA
- * certificate, make sure that the isCA flag is on. If the
- * pathLenConstraint component exists, it must be greater than the
- * number of CA certificates we have seen so far. If the extension
- * is omitted, we will assume that this is a CA certificate with
- * an unlimited pathLenConstraint (since it already passes the
- * netscape-cert-type extension checking).
- *
- * In the fortezza (V1) case, we've already checked the CA bits
- * in the key, so we're presumed to be a CA; however we really don't
- * want to bypass Basic constraint or netscape extension parsing.
- *
- * In Fortezza V2, basicConstraint will be set for every CA,PCA,PAA
- */
-
- rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
- if ( rv != SECSuccess ) {
- if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
- /* no basic constraints found, if we're fortezza, CA bit is already
- * verified (isca = PR_TRUE). otherwise, we aren't (yet) a ca
- * isca = PR_FALSE */
- isca = PR_FALSE;
- } else {
- if ( basicConstraint.isCA == PR_FALSE ) {
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
-
- /* can't check path length if we don't know the previous path */
- isca = PR_TRUE;
- }
-
- if ( cert->trust ) {
- /*
- * check the trust parms of the issuer
- */
- flags = SEC_GET_TRUST_FLAGS(cert->trust, trustType);
-
- if ( (flags & CERTDB_VALID_CA) ||
- (certUsage == certUsageStatusResponder)) {
- if ( ( flags & requiredFlags ) == requiredFlags ||
- certUsage == certUsageStatusResponder ) {
- /* we found a trusted one, so return */
- /* Check the special case of certUsageStatusResponder */
- if(certUsage == certUsageStatusResponder) {
- issuerCert = CERT_FindCertIssuer(cert, t, certUsage);
- if (issuerCert) {
- if(SEC_CheckCRL(handle, cert, issuerCert, t, wincx) != SECSuccess) {
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
- CERT_DestroyCertificate(issuerCert);
- goto loser;
- }
- CERT_DestroyCertificate(issuerCert);
- }
- }
- rv = rvFinal;
- goto done;
- }
- }
- }
-
- /*
- * Make sure that if this is an intermediate CA in the chain that
- * it was given permission by its signer to be a CA.
- */
- if ( isca ) {
- /*
- * if basicConstraints says it is a ca, then we check the
- * nsCertType. If the nsCertType has any CA bits set, then
- * it must have the right one.
- */
- if ( cert->nsCertType & NS_CERT_TYPE_CA ) {
- if ( cert->nsCertType & caCertType ) {
- isca = PR_TRUE;
- } else {
- isca = PR_FALSE;
- }
- }
- } else {
- if ( cert->nsCertType & caCertType ) {
- isca = PR_TRUE;
- } else {
- isca = PR_FALSE;
- }
- }
-
- if ( !isca ) {
- PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
-
- /* make sure key usage allows cert signing */
- if (CERT_CheckKeyUsage(cert, requiredCAKeyUsage) != SECSuccess) {
- PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- LOG_ERROR_OR_EXIT(log,cert,0,requiredCAKeyUsage);
- }
- /* make sure that the issuer is not self signed. If it is, then
- * stop here to prevent looping.
- */
- rvCompare = SECITEM_CompareItem(&cert->derSubject,
- &cert->derIssuer);
- if (rvCompare == SECEqual) {
- PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
- LOG_ERROR(log, cert, 0, 0);
- goto loser;
- }
-
- return CERT_VerifyCertChain(handle, cert, checkSig, certUsage, t,
- wincx, log);
-loser:
- rv = SECFailure;
-done:
- return rv;
-}
-
-#define NEXT_ITERATION() { \
- i*=2; \
- certUsage++; \
- continue; \
-}
-
-#define VALID_USAGE() { \
- NEXT_ITERATION(); \
-}
-
-#define INVALID_USAGE() { \
- if (returnedUsages) { \
- *returnedUsages &= (~i); \
- } \
- if (PR_TRUE == requiredUsage) { \
- valid = SECFailure; \
- } \
- NEXT_ITERATION(); \
-}
-
-/*
- * verify a certificate by checking if it's valid and that we
- * trust the issuer.
- *
- * certificateUsage contains a bitfield of all cert usages that are
- * required for verification to succeed
- *
- * a bitfield of cert usages is returned in *returnedUsages
- * if requiredUsages is non-zero, the returned bitmap is only
- * for those required usages, otherwise it is for all usages
- *
- */
-SECStatus
-CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertificateUsage requiredUsages, int64 t,
- void *wincx, CERTVerifyLog *log, SECCertificateUsage* returnedUsages)
-{
- SECStatus rv;
- SECStatus valid;
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- unsigned int flags;
- unsigned int certType;
- PRBool allowOverride;
- SECCertTimeValidity validity;
- CERTStatusConfig *statusConfig;
- PRBool checkedChain = PR_FALSE;
- PRInt32 i;
- SECCertUsage certUsage = 0;
- PRBool checkedOCSP = PR_FALSE;
- PRBool checkAllUsages = PR_FALSE;
- PRBool revoked = PR_FALSE;
- PRBool sigerror = PR_FALSE;
-
- if (!requiredUsages) {
- /* there are no required usages, so the user probably wants to
- get status for all usages */
- checkAllUsages = PR_TRUE;
- }
-
- if (returnedUsages) {
- *returnedUsages = 0;
- } else {
- /* we don't have a place to return status for all usages,
- so we can skip checks for usages that aren't required */
- checkAllUsages = PR_FALSE;
- }
- valid = SECSuccess ; /* start off assuming cert is valid */
-
-#ifdef notdef
- /* check if this cert is in the Evil list */
- rv = CERT_CheckForEvilCert(cert);
- if ( rv != SECSuccess ) {
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
- LOG_ERROR(log,cert,0,0);
- return SECFailure;
- }
-#endif
-
- /* make sure that the cert is valid at time t */
- allowOverride = (PRBool)((requiredUsages & certUsageSSLServer) ||
- (requiredUsages & certificateUsageSSLServerWithStepUp));
- validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
- if ( validity != secCertTimeValid ) {
- LOG_ERROR(log,cert,0,validity);
- return SECFailure;
- }
-
- /* check key usage and netscape cert type */
- cert_GetCertType(cert);
- certType = cert->nsCertType;
-
- for (i=1;i<=certificateUsageHighest && !(SECFailure == valid && !returnedUsages) ;) {
- PRBool requiredUsage = (i & requiredUsages) ? PR_TRUE : PR_FALSE;
- if (PR_FALSE == requiredUsage && PR_FALSE == checkAllUsages) {
- NEXT_ITERATION();
- }
- if (returnedUsages) {
- *returnedUsages |= i; /* start off assuming this usage is valid */
- }
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- case certUsageSSLServerWithStepUp:
- case certUsageSSLCA:
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- case certUsageObjectSigner:
- case certUsageStatusResponder:
- rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
- &requiredKeyUsage,
- &requiredCertType);
- if ( rv != SECSuccess ) {
- PORT_Assert(0);
- /* EXIT_IF_NOT_LOGGING(log); XXX ??? */
- requiredKeyUsage = 0;
- requiredCertType = 0;
- INVALID_USAGE();
- }
- break;
-
- case certUsageAnyCA:
- case certUsageProtectedObjectSigner:
- case certUsageUserCertImport:
- case certUsageVerifyCA:
- /* these usages cannot be verified */
- NEXT_ITERATION();
-
- default:
- PORT_Assert(0);
- requiredKeyUsage = 0;
- requiredCertType = 0;
- INVALID_USAGE();
- }
- if ( CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess ) {
- if (PR_TRUE == requiredUsage) {
- PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- }
- LOG_ERROR(log,cert,0,requiredKeyUsage);
- INVALID_USAGE();
- }
- if ( !( certType & requiredCertType ) ) {
- if (PR_TRUE == requiredUsage) {
- PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
- }
- LOG_ERROR(log,cert,0,requiredCertType);
- INVALID_USAGE();
- }
-
- /* check trust flags to see if this cert is directly trusted */
- if ( cert->trust ) { /* the cert is in the DB */
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- flags = cert->trust->sslFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
- if ( flags & CERTDB_TRUSTED ) { /* trust this cert */
- VALID_USAGE();
- } else { /* don't trust this cert */
- if (PR_TRUE == requiredUsage) {
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- }
- LOG_ERROR(log,cert,0,flags);
- INVALID_USAGE();
- }
- }
- break;
- case certUsageSSLServerWithStepUp:
- /* XXX - step up certs can't be directly trusted */
- break;
- case certUsageSSLCA:
- break;
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- flags = cert->trust->emailFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) ==
- ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) {
- VALID_USAGE();
- }
- break;
- case certUsageObjectSigner:
- flags = cert->trust->objectSigningFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
- if ( flags & CERTDB_TRUSTED ) { /* trust this cert */
- VALID_USAGE();
- } else { /* don't trust this cert */
- if (PR_TRUE == requiredUsage) {
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- }
- LOG_ERROR(log,cert,0,flags);
- INVALID_USAGE();
- }
- }
- break;
- case certUsageVerifyCA:
- case certUsageStatusResponder:
- flags = cert->trust->sslFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- VALID_USAGE();
- }
- flags = cert->trust->emailFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- VALID_USAGE();
- }
- flags = cert->trust->objectSigningFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- VALID_USAGE();
- }
- break;
- case certUsageAnyCA:
- case certUsageProtectedObjectSigner:
- case certUsageUserCertImport:
- /* XXX to make the compiler happy. Should these be
- * explicitly handled?
- */
- break;
- }
- }
-
- if (PR_TRUE == revoked || PR_TRUE == sigerror) {
- INVALID_USAGE();
- }
-
- /* only check CRL and signature for the first usage check */
- rv = cert_VerifyCertChain(handle, cert,
- (PR_TRUE == checkedChain) ? PR_FALSE : checkSig, &sigerror,
- certUsage, t, wincx, log,
- (PR_TRUE == checkedChain) ? PR_FALSE : PR_TRUE, &revoked);
- checkedChain = PR_TRUE;
-
- if (rv != SECSuccess) {
- /* EXIT_IF_NOT_LOGGING(log); XXX ???? */
- INVALID_USAGE();
- }
-
- /*
- * Check OCSP revocation status, but only if the cert we are checking
- * is not a status reponder itself. We only do this in the case
- * where we checked the cert chain (above); explicit trust "wins"
- * (avoids status checking, just as it avoids CRL checking) by
- * bypassing this code.
- */
-
- if (PR_FALSE == checkedOCSP) {
- checkedOCSP = PR_TRUE; /* only check OCSP once */
- statusConfig = CERT_GetStatusConfig(handle);
- if ( (! (requiredUsages & certificateUsageStatusResponder)) &&
- statusConfig != NULL) {
- if (statusConfig->statusChecker != NULL) {
- rv = (* statusConfig->statusChecker)(handle, cert,
- t, wincx);
- if (rv != SECSuccess) {
- LOG_ERROR(log,cert,0,0);
- revoked = PR_TRUE;
- INVALID_USAGE();
- }
- }
- }
- }
-
- NEXT_ITERATION();
- }
-
- return(valid);
-}
-
-/* obsolete, do not use for new code */
-SECStatus
-CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log)
-{
- SECStatus rv;
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- unsigned int flags;
- unsigned int certType;
- PRBool allowOverride;
- SECCertTimeValidity validity;
- CERTStatusConfig *statusConfig;
-
-#ifdef notdef
- /* check if this cert is in the Evil list */
- rv = CERT_CheckForEvilCert(cert);
- if ( rv != SECSuccess ) {
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
-#endif
-
- /* make sure that the cert is valid at time t */
- allowOverride = (PRBool)((certUsage == certUsageSSLServer) ||
- (certUsage == certUsageSSLServerWithStepUp));
- validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
- if ( validity != secCertTimeValid ) {
- LOG_ERROR_OR_EXIT(log,cert,0,validity);
- }
-
- /* check key usage and netscape cert type */
- cert_GetCertType(cert);
- certType = cert->nsCertType;
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- case certUsageSSLServerWithStepUp:
- case certUsageSSLCA:
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- case certUsageObjectSigner:
- case certUsageStatusResponder:
- rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
- &requiredKeyUsage,
- &requiredCertType);
- if ( rv != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredKeyUsage = 0;
- requiredCertType = 0;
- }
- break;
- case certUsageVerifyCA:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_CA;
- if ( ! ( certType & NS_CERT_TYPE_CA ) ) {
- certType |= NS_CERT_TYPE_CA;
- }
- break;
- default:
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredKeyUsage = 0;
- requiredCertType = 0;
- }
- if ( CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess ) {
- PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- LOG_ERROR_OR_EXIT(log,cert,0,requiredKeyUsage);
- }
- if ( !( certType & requiredCertType ) ) {
- PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
- LOG_ERROR_OR_EXIT(log,cert,0,requiredCertType);
- }
-
- /* check trust flags to see if this cert is directly trusted */
- if ( cert->trust ) { /* the cert is in the DB */
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- flags = cert->trust->sslFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
- if ( flags & CERTDB_TRUSTED ) { /* trust this cert */
- goto winner;
- } else { /* don't trust this cert */
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- LOG_ERROR_OR_EXIT(log,cert,0,flags);
- }
- }
- break;
- case certUsageSSLServerWithStepUp:
- /* XXX - step up certs can't be directly trusted */
- break;
- case certUsageSSLCA:
- break;
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- flags = cert->trust->emailFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) ==
- ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) {
- goto winner;
- }
- break;
- case certUsageObjectSigner:
- flags = cert->trust->objectSigningFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
- if ( flags & CERTDB_TRUSTED ) { /* trust this cert */
- goto winner;
- } else { /* don't trust this cert */
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- LOG_ERROR_OR_EXIT(log,cert,0,flags);
- }
- }
- break;
- case certUsageVerifyCA:
- case certUsageStatusResponder:
- flags = cert->trust->sslFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- goto winner;
- }
- flags = cert->trust->emailFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- goto winner;
- }
- flags = cert->trust->objectSigningFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- goto winner;
- }
- break;
- case certUsageAnyCA:
- case certUsageProtectedObjectSigner:
- case certUsageUserCertImport:
- /* XXX to make the compiler happy. Should these be
- * explicitly handled?
- */
- break;
- }
- }
-
- rv = CERT_VerifyCertChain(handle, cert, checkSig, certUsage,
- t, wincx, log);
- if (rv != SECSuccess) {
- EXIT_IF_NOT_LOGGING(log);
- }
-
- /*
- * Check revocation status, but only if the cert we are checking
- * is not a status reponder itself. We only do this in the case
- * where we checked the cert chain (above); explicit trust "wins"
- * (avoids status checking, just as it avoids CRL checking, which
- * is all done inside VerifyCertChain) by bypassing this code.
- */
- statusConfig = CERT_GetStatusConfig(handle);
- if (certUsage != certUsageStatusResponder && statusConfig != NULL) {
- if (statusConfig->statusChecker != NULL) {
- rv = (* statusConfig->statusChecker)(handle, cert,
- t, wincx);
- if (rv != SECSuccess) {
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
- }
- }
-
-winner:
- return(SECSuccess);
-
-loser:
- rv = SECFailure;
-
- return(rv);
-}
-
-/*
- * verify a certificate by checking if its valid and that we
- * trust the issuer. Verify time against now.
- */
-SECStatus
-CERT_VerifyCertificateNow(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertificateUsage requiredUsages,
- void *wincx, SECCertificateUsage* returnedUsages)
-{
- return(CERT_VerifyCertificate(handle, cert, checkSig,
- requiredUsages, PR_Now(), wincx, NULL, returnedUsages));
-}
-
-/* obsolete, do not use for new code */
-SECStatus
-CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, void *wincx)
-{
- return(CERT_VerifyCert(handle, cert, checkSig,
- certUsage, PR_Now(), wincx, NULL));
-}
-
-
-/* [ FROM pcertdb.c ] */
-/*
- * Supported usage values and types:
- * certUsageSSLClient
- * certUsageSSLServer
- * certUsageSSLServerWithStepUp
- * certUsageEmailSigner
- * certUsageEmailRecipient
- * certUsageObjectSigner
- */
-
-CERTCertificate *
-CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
- CERTCertOwner owner, SECCertUsage usage,
- PRBool preferTrusted, int64 validTime, PRBool validOnly)
-{
- CERTCertList *certList = NULL;
- CERTCertificate *cert = NULL;
- unsigned int requiredTrustFlags;
- SECTrustType requiredTrustType;
- unsigned int flags;
-
- PRBool lookingForCA = PR_FALSE;
- SECStatus rv;
- CERTCertListNode *node;
- CERTCertificate *saveUntrustedCA = NULL;
-
- /* if preferTrusted is set, must be a CA cert */
- PORT_Assert( ! ( preferTrusted && ( owner != certOwnerCA ) ) );
-
- if ( owner == certOwnerCA ) {
- lookingForCA = PR_TRUE;
- if ( preferTrusted ) {
- rv = CERT_TrustFlagsForCACertUsage(usage, &requiredTrustFlags,
- &requiredTrustType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- requiredTrustFlags |= CERTDB_VALID_CA;
- }
- }
-
- certList = CERT_CreateSubjectCertList(NULL, handle, derName, validTime,
- validOnly);
- if ( certList != NULL ) {
- rv = CERT_FilterCertListByUsage(certList, usage, lookingForCA);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- while ( !CERT_LIST_END(node, certList) ) {
- cert = node->cert;
-
- /* looking for a trusted CA cert */
- if ( ( owner == certOwnerCA ) && preferTrusted &&
- ( requiredTrustType != trustTypeNone ) ) {
-
- if ( cert->trust == NULL ) {
- flags = 0;
- } else {
- flags = SEC_GET_TRUST_FLAGS(cert->trust, requiredTrustType);
- }
-
- if ( ( flags & requiredTrustFlags ) != requiredTrustFlags ) {
- /* cert is not trusted */
- /* if this is the first cert to get this far, then save
- * it, so we can use it if we can't find a trusted one
- */
- if ( saveUntrustedCA == NULL ) {
- saveUntrustedCA = cert;
- }
- goto endloop;
- }
- }
- /* if we got this far, then this cert meets all criteria */
- break;
-
-endloop:
- node = CERT_LIST_NEXT(node);
- cert = NULL;
- }
-
- /* use the saved one if we have it */
- if ( cert == NULL ) {
- cert = saveUntrustedCA;
- }
-
- /* if we found one then bump the ref count before freeing the list */
- if ( cert != NULL ) {
- /* bump the ref count */
- cert = CERT_DupCertificate(cert);
- }
-
- CERT_DestroyCertList(certList);
- }
-
- return(cert);
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- }
-
- return(NULL);
-}
-
-
-/* [ From certdb.c ] */
-/*
- * Filter a list of certificates, removing those certs that do not have
- * one of the named CA certs somewhere in their cert chain.
- *
- * "certList" - the list of certificates to filter
- * "nCANames" - number of CA names
- * "caNames" - array of CA names in string(rfc 1485) form
- * "usage" - what use the certs are for, this is used when
- * selecting CA certs
- */
-SECStatus
-CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
- char **caNames, SECCertUsage usage)
-{
- CERTCertificate *issuerCert = NULL;
- CERTCertificate *subjectCert;
- CERTCertListNode *node, *freenode;
- CERTCertificate *cert;
- int n;
- char **names;
- PRBool found;
- int64 time;
-
- if ( nCANames <= 0 ) {
- return(SECSuccess);
- }
-
- time = PR_Now();
-
- node = CERT_LIST_HEAD(certList);
-
- while ( ! CERT_LIST_END(node, certList) ) {
- cert = node->cert;
-
- subjectCert = CERT_DupCertificate(cert);
-
- /* traverse the CA certs for this cert */
- found = PR_FALSE;
- while ( subjectCert != NULL ) {
- n = nCANames;
- names = caNames;
-
- if (subjectCert->issuerName != NULL) {
- while ( n > 0 ) {
- if ( PORT_Strcmp(*names, subjectCert->issuerName) == 0 ) {
- found = PR_TRUE;
- break;
- }
-
- n--;
- names++;
- }
- }
-
- if ( found ) {
- break;
- }
-
- issuerCert = CERT_FindCertIssuer(subjectCert, time, usage);
- if ( issuerCert == subjectCert ) {
- CERT_DestroyCertificate(issuerCert);
- issuerCert = NULL;
- break;
- }
- CERT_DestroyCertificate(subjectCert);
- subjectCert = issuerCert;
-
- }
- CERT_DestroyCertificate(subjectCert);
- if ( !found ) {
- /* CA was not found, so remove this cert from the list */
- freenode = node;
- node = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(freenode);
- } else {
- /* CA was found, so leave it in the list */
- node = CERT_LIST_NEXT(node);
- }
- }
-
- return(SECSuccess);
-}
-
-/*
- * Given a certificate, return a string containing the nickname, and possibly
- * one of the validity strings, based on the current validity state of the
- * certificate.
- *
- * "arena" - arena to allocate returned string from. If NULL, then heap
- * is used.
- * "cert" - the cert to get nickname from
- * "expiredString" - the string to append to the nickname if the cert is
- * expired.
- * "notYetGoodString" - the string to append to the nickname if the cert is
- * not yet good.
- */
-char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
- char *expiredString, char *notYetGoodString)
-{
- SECCertTimeValidity validity;
- char *nickname, *tmpstr;
-
- validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
-
- /* if the cert is good, then just use the nickname directly */
- if ( validity == secCertTimeValid ) {
- if ( arena == NULL ) {
- nickname = PORT_Strdup(cert->nickname);
- } else {
- nickname = PORT_ArenaStrdup(arena, cert->nickname);
- }
-
- if ( nickname == NULL ) {
- goto loser;
- }
- } else {
-
- /* if the cert is not valid, then tack one of the strings on the
- * end
- */
- if ( validity == secCertTimeExpired ) {
- tmpstr = PR_smprintf("%s%s", cert->nickname,
- expiredString);
- } else {
- /* not yet valid */
- tmpstr = PR_smprintf("%s%s", cert->nickname,
- notYetGoodString);
- }
- if ( tmpstr == NULL ) {
- goto loser;
- }
-
- if ( arena ) {
- /* copy the string into the arena and free the malloc'd one */
- nickname = PORT_ArenaStrdup(arena, tmpstr);
- PORT_Free(tmpstr);
- } else {
- nickname = tmpstr;
- }
- if ( nickname == NULL ) {
- goto loser;
- }
- }
- return(nickname);
-
-loser:
- return(NULL);
-}
-
-/*
- * Collect the nicknames from all certs in a CertList. If the cert is not
- * valid, append a string to that nickname.
- *
- * "certList" - the list of certificates
- * "expiredString" - the string to append to the nickname of any expired cert
- * "notYetGoodString" - the string to append to the nickname of any cert
- * that is not yet valid
- */
-CERTCertNicknames *
-CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
- char *notYetGoodString)
-{
- CERTCertNicknames *names;
- PRArenaPool *arena;
- CERTCertListNode *node;
- char **nn;
-
- /* allocate an arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return(NULL);
- }
-
- /* allocate the structure */
- names = PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
- if ( names == NULL ) {
- goto loser;
- }
-
- /* init the structure */
- names->arena = arena;
- names->head = NULL;
- names->numnicknames = 0;
- names->nicknames = NULL;
- names->totallen = 0;
-
- /* count the certs in the list */
- node = CERT_LIST_HEAD(certList);
- while ( ! CERT_LIST_END(node, certList) ) {
- names->numnicknames++;
- node = CERT_LIST_NEXT(node);
- }
-
- /* allocate nicknames array */
- names->nicknames = PORT_ArenaAlloc(arena,
- sizeof(char *) * names->numnicknames);
- if ( names->nicknames == NULL ) {
- goto loser;
- }
-
- /* just in case printf can't deal with null strings */
- if (expiredString == NULL ) {
- expiredString = "";
- }
-
- if ( notYetGoodString == NULL ) {
- notYetGoodString = "";
- }
-
- /* traverse the list of certs and collect the nicknames */
- nn = names->nicknames;
- node = CERT_LIST_HEAD(certList);
- while ( ! CERT_LIST_END(node, certList) ) {
- *nn = CERT_GetCertNicknameWithValidity(arena, node->cert,
- expiredString,
- notYetGoodString);
- if ( *nn == NULL ) {
- goto loser;
- }
-
- names->totallen += PORT_Strlen(*nn);
-
- nn++;
- node = CERT_LIST_NEXT(node);
- }
-
- return(names);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(NULL);
-}
-
-/*
- * Extract the nickname from a nickmake string that may have either
- * expiredString or notYetGoodString appended.
- *
- * Args:
- * "namestring" - the string containing the nickname, and possibly
- * one of the validity label strings
- * "expiredString" - the expired validity label string
- * "notYetGoodString" - the not yet good validity label string
- *
- * Returns the raw nickname
- */
-char *
-CERT_ExtractNicknameString(char *namestring, char *expiredString,
- char *notYetGoodString)
-{
- int explen, nyglen, namelen;
- int retlen;
- char *retstr;
-
- namelen = PORT_Strlen(namestring);
- explen = PORT_Strlen(expiredString);
- nyglen = PORT_Strlen(notYetGoodString);
-
- if ( namelen > explen ) {
- if ( PORT_Strcmp(expiredString, &namestring[namelen-explen]) == 0 ) {
- retlen = namelen - explen;
- retstr = (char *)PORT_Alloc(retlen+1);
- if ( retstr == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retstr, namestring, retlen);
- retstr[retlen] = '\0';
- goto done;
- }
- }
-
- if ( namelen > nyglen ) {
- if ( PORT_Strcmp(notYetGoodString, &namestring[namelen-nyglen]) == 0) {
- retlen = namelen - nyglen;
- retstr = (char *)PORT_Alloc(retlen+1);
- if ( retstr == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retstr, namestring, retlen);
- retstr[retlen] = '\0';
- goto done;
- }
- }
-
- /* if name string is shorter than either invalid string, then it must
- * be a raw nickname
- */
- retstr = PORT_Strdup(namestring);
-
-done:
- return(retstr);
-
-loser:
- return(NULL);
-}
-
-CERTCertList *
-CERT_GetCertChainFromCert(CERTCertificate *cert, int64 time, SECCertUsage usage)
-{
- CERTCertList *chain = NULL;
-
- if (NULL == cert) {
- return NULL;
- }
-
- cert = CERT_DupCertificate(cert);
- if (NULL == cert) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- chain = CERT_NewCertList();
- if (NULL == chain) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- while (cert != NULL) {
- if (SECSuccess != CERT_AddCertToListTail(chain, cert)) {
- /* return partial chain */
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return chain;
- }
-
- if (SECITEM_CompareItem(&cert->derIssuer, &cert->derSubject)
- == SECEqual) {
- /* return complete chain */
- return chain;
- }
-
- cert = CERT_FindCertIssuer(cert, time, usage);
- }
-
- /* return partial chain */
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- return chain;
-}
diff --git a/security/nss/lib/certhigh/config.mk b/security/nss/lib/certhigh/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/certhigh/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/certhigh/crlv2.c b/security/nss/lib/certhigh/crlv2.c
deleted file mode 100644
index 2600d9878..000000000
--- a/security/nss/lib/certhigh/crlv2.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with x.509 v3 crl and crl entries extensions.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secoidt.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-
-SECStatus
-CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
-{
- return (cert_FindExtensionByOID (crl->extensions, oid, value));
-}
-
-
-SECStatus
-CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
-{
- return (cert_FindExtension (crl->extensions, tag, value));
-}
-
-
-/* Callback to set extensions and adjust verison */
-static void
-SetCrlExts(void *object, CERTCertExtension **exts)
-{
- CERTCrl *crl = (CERTCrl *)object;
-
- crl->extensions = exts;
- DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);
-}
-
-void *
-CERT_StartCRLExtensions(CERTCrl *crl)
-{
- return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));
-}
-
-
-SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension
- (crl->extensions, SEC_OID_X509_CRL_NUMBER, &encodedExtenValue);
- if ( rv != SECSuccess )
- return (rv);
-
- rv = SEC_ASN1DecodeItem (NULL, value, SEC_IntegerTemplate,
- &encodedExtenValue);
- PORT_Free (encodedExtenValue.data);
- return (rv);
-}
-
-SECStatus CERT_FindCRLReasonExten (CERTCrl *crl, SECItem *value)
-{
- return (CERT_FindBitStringExtension
- (crl->extensions, SEC_OID_X509_REASON_CODE, value));
-}
-
-SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value)
-{
- SECItem encodedExtenValue;
- SECItem decodedExtenValue = {siBuffer,0};
- SECStatus rv;
-
- encodedExtenValue.data = decodedExtenValue.data = NULL;
- encodedExtenValue.len = decodedExtenValue.len = 0;
-
- rv = cert_FindExtension
- (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
- if ( rv != SECSuccess )
- return (rv);
-
- rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,
- SEC_GeneralizedTimeTemplate, &encodedExtenValue);
- if (rv != SECSuccess)
- return (rv);
- rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
- PORT_Free (decodedExtenValue.data);
- PORT_Free (encodedExtenValue.data);
- return (rv);
-}
diff --git a/security/nss/lib/certhigh/manifest.mn b/security/nss/lib/certhigh/manifest.mn
deleted file mode 100644
index 80deff5bb..000000000
--- a/security/nss/lib/certhigh/manifest.mn
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- ocsp.h \
- ocspt.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- ocspti.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- certhtml.c \
- certreq.c \
- crlv2.c \
- ocsp.c \
- certhigh.c \
- certvfy.c \
- xcrldist.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = certhi
-
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
deleted file mode 100644
index 909b0ad5d..000000000
--- a/security/nss/lib/certhigh/ocsp.c
+++ /dev/null
@@ -1,4000 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Implementation of OCSP services, for both client and server.
- * (XXX, really, mostly just for client right now, but intended to do both.)
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prprf.h"
-#include "plarena.h"
-#include "prnetdb.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "cert.h"
-#include "xconst.h"
-#include "secerr.h"
-#include "secoid.h"
-#include "hasht.h"
-#include "sechash.h"
-#include "secasn1.h"
-#include "keyhi.h"
-#include "cryptohi.h"
-#include "ocsp.h"
-#include "ocspti.h"
-#include "genname.h"
-#include "certxutl.h"
-#include "pk11func.h" /* for PK11_HashBuf */
-#include <stdarg.h>
-
-
-/*
- * The following structure is only used internally. It is allocated when
- * someone turns on OCSP checking, and hangs off of the status-configuration
- * structure in the certdb structure. We use it to keep configuration
- * information specific to OCSP checking.
- */
-typedef struct ocspCheckingContextStr {
- PRBool useDefaultResponder;
- char *defaultResponderURI;
- char *defaultResponderNickname;
- CERTCertificate *defaultResponderCert;
-} ocspCheckingContext;
-
-
-/*
- * Forward declarations of sub-types, so I can lay out the types in the
- * same order as the ASN.1 is laid out in the OCSP spec itself.
- *
- * These are in alphabetical order (case-insensitive); please keep it that way!
- */
-extern const SEC_ASN1Template ocsp_CertIDTemplate[];
-extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
-extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
-extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
-extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
-extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
-extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
-extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
-
-
-/*
- * Request-related templates...
- */
-
-/*
- * OCSPRequest ::= SEQUENCE {
- * tbsRequest TBSRequest,
- * optionalSignature [0] EXPLICIT Signature OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPRequest) },
- { SEC_ASN1_POINTER,
- offsetof(CERTOCSPRequest, tbsRequest),
- ocsp_TBSRequestTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTOCSPRequest, optionalSignature),
- ocsp_PointerToSignatureTemplate },
- { 0 }
-};
-
-/*
- * TBSRequest ::= SEQUENCE {
- * version [0] EXPLICIT Version DEFAULT v1,
- * requestorName [1] EXPLICIT GeneralName OPTIONAL,
- * requestList SEQUENCE OF Request,
- * requestExtensions [2] EXPLICIT Extensions OPTIONAL }
- *
- * Version ::= INTEGER { v1(0) }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspTBSRequest) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspTBSRequest, version),
- SEC_IntegerTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspTBSRequest, derRequestorName),
- SEC_PointerToAnyTemplate },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(ocspTBSRequest, requestList),
- ocsp_SingleRequestTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(ocspTBSRequest, requestExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-/*
- * Signature ::= SEQUENCE {
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING,
- * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspSignature) },
- { SEC_ASN1_INLINE,
- offsetof(ocspSignature, signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(ocspSignature, signature) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspSignature, derCerts),
- SEC_SequenceOfAnyTemplate },
- { 0 }
-};
-
-/*
- * This template is just an extra level to use in an explicitly-tagged
- * reference to a Signature.
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
- { SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
-};
-
-/*
- * Request ::= SEQUENCE {
- * reqCert CertID,
- * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspSingleRequest) },
- { SEC_ASN1_POINTER,
- offsetof(ocspSingleRequest, reqCert),
- ocsp_CertIDTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspSingleRequest, singleRequestExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-
-/*
- * This data structure and template (CertID) is used by both OCSP
- * requests and responses. It is the only one that is shared.
- *
- * CertID ::= SEQUENCE {
- * hashAlgorithm AlgorithmIdentifier,
- * issuerNameHash OCTET STRING, -- Hash of Issuer DN
- * issuerKeyHash OCTET STRING, -- Hash of Issuer public key
- * serialNumber CertificateSerialNumber }
- *
- * CertificateSerialNumber ::= INTEGER
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_CertIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPCertID) },
- { SEC_ASN1_INLINE,
- offsetof(CERTOCSPCertID, hashAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTOCSPCertID, issuerNameHash) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTOCSPCertID, issuerKeyHash) },
- { SEC_ASN1_INTEGER,
- offsetof(CERTOCSPCertID, serialNumber) },
- { 0 }
-};
-
-
-/*
- * Response-related templates...
- */
-
-/*
- * OCSPResponse ::= SEQUENCE {
- * responseStatus OCSPResponseStatus,
- * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPResponse) },
- { SEC_ASN1_ENUMERATED,
- offsetof(CERTOCSPResponse, responseStatus) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTOCSPResponse, responseBytes),
- ocsp_PointerToResponseBytesTemplate },
- { 0 }
-};
-
-/*
- * ResponseBytes ::= SEQUENCE {
- * responseType OBJECT IDENTIFIER,
- * response OCTET STRING }
- */
-static const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspResponseBytes) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(ocspResponseBytes, responseType) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(ocspResponseBytes, response) },
- { 0 }
-};
-
-/*
- * This template is just an extra level to use in an explicitly-tagged
- * reference to a ResponseBytes.
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
- { SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
-};
-
-/*
- * BasicOCSPResponse ::= SEQUENCE {
- * tbsResponseData ResponseData,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING,
- * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspBasicOCSPResponse) },
- { SEC_ASN1_POINTER,
- offsetof(ocspBasicOCSPResponse, tbsResponseData),
- ocsp_ResponseDataTemplate },
- { SEC_ASN1_INLINE,
- offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
- SEC_SequenceOfAnyTemplate },
- { 0 }
-};
-
-/*
- * ResponseData ::= SEQUENCE {
- * version [0] EXPLICIT Version DEFAULT v1,
- * responderID ResponderID,
- * producedAt GeneralizedTime,
- * responses SEQUENCE OF SingleResponse,
- * responseExtensions [1] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspResponseData) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspResponseData, version),
- SEC_IntegerTemplate },
- { SEC_ASN1_ANY,
- offsetof(ocspResponseData, derResponderID) },
- { SEC_ASN1_GENERALIZED_TIME,
- offsetof(ocspResponseData, producedAt) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(ocspResponseData, responses),
- ocsp_SingleResponseTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspResponseData, responseExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-/*
- * ResponderID ::= CHOICE {
- * byName [1] EXPLICIT Name,
- * byKey [2] EXPLICIT KeyHash }
- *
- * KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
- * (excluding the tag and length fields)
- *
- * XXX Because the ASN.1 encoder and decoder currently do not provide
- * a way to automatically handle a CHOICE, we need to do it in two
- * steps, looking at the type tag and feeding the exact choice back
- * to the ASN.1 code. Hopefully that will change someday and this
- * can all be simplified down into a single template. Anyway, for
- * now we list each choice as its own template:
- */
-static const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspResponderID, responderIDValue.name),
- CERT_NameTemplate }
-};
-static const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(ocspResponderID, responderIDValue.keyHash),
- SEC_OctetStringTemplate }
-};
-static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
- { SEC_ASN1_ANY,
- offsetof(ocspResponderID, responderIDValue.other) }
-};
-
-/*
- * SingleResponse ::= SEQUENCE {
- * certID CertID,
- * certStatus CertStatus,
- * thisUpdate GeneralizedTime,
- * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
- * singleExtensions [1] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPSingleResponse) },
- { SEC_ASN1_POINTER,
- offsetof(CERTOCSPSingleResponse, certID),
- ocsp_CertIDTemplate },
- { SEC_ASN1_ANY,
- offsetof(CERTOCSPSingleResponse, derCertStatus) },
- { SEC_ASN1_GENERALIZED_TIME,
- offsetof(CERTOCSPSingleResponse, thisUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTOCSPSingleResponse, nextUpdate),
- SEC_PointerToGeneralizedTimeTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTOCSPSingleResponse, singleExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-/*
- * CertStatus ::= CHOICE {
- * good [0] IMPLICIT NULL,
- * revoked [1] IMPLICIT RevokedInfo,
- * unknown [2] IMPLICIT UnknownInfo }
- *
- * Because the ASN.1 encoder and decoder currently do not provide
- * a way to automatically handle a CHOICE, we need to do it in two
- * steps, looking at the type tag and feeding the exact choice back
- * to the ASN.1 code. Hopefully that will change someday and this
- * can all be simplified down into a single template. Anyway, for
- * now we list each choice as its own template:
- */
-static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspCertStatus, certStatusInfo.goodInfo),
- SEC_NullTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
- ocsp_RevokedInfoTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
- SEC_NullTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
- { SEC_ASN1_POINTER,
- offsetof(ocspCertStatus, certStatusInfo.otherInfo),
- SEC_AnyTemplate }
-};
-
-/*
- * RevokedInfo ::= SEQUENCE {
- * revocationTime GeneralizedTime,
- * revocationReason [0] EXPLICIT CRLReason OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspRevokedInfo) },
- { SEC_ASN1_GENERALIZED_TIME,
- offsetof(ocspRevokedInfo, revocationTime) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspRevokedInfo, revocationReason),
- SEC_PointerToEnumeratedTemplate },
- { 0 }
-};
-
-
-/*
- * OCSP-specific extension templates:
- */
-
-/*
- * ServiceLocator ::= SEQUENCE {
- * issuer Name,
- * locator AuthorityInfoAccessSyntax OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspServiceLocator) },
- { SEC_ASN1_POINTER,
- offsetof(ocspServiceLocator, issuer),
- CERT_NameTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(ocspServiceLocator, locator) },
- { 0 }
-};
-
-
-/*
- * REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
- */
-
-/*
- * FUNCTION: CERT_EncodeOCSPRequest
- * DER encodes an OCSP Request, possibly adding a signature as well.
- * XXX Signing is not yet supported, however; see comments in code.
- * INPUTS:
- * PRArenaPool *arena
- * The return value is allocated from here.
- * If a NULL is passed in, allocation is done from the heap instead.
- * CERTOCSPRequest *request
- * The request to be encoded.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * RETURN:
- * Returns a NULL on error and a pointer to the SECItem with the
- * encoded value otherwise. Any error is likely to be low-level
- * (e.g. no memory).
- */
-SECItem *
-CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request,
- void *pwArg)
-{
- ocspTBSRequest *tbsRequest;
- SECStatus rv;
-
- /* XXX All of these should generate errors if they fail. */
- PORT_Assert(request);
- PORT_Assert(request->tbsRequest);
-
- tbsRequest = request->tbsRequest;
-
- if (request->tbsRequest->extensionHandle != NULL) {
- rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
- request->tbsRequest->extensionHandle = NULL;
- if (rv != SECSuccess)
- return NULL;
- }
-
- /*
- * XXX When signed requests are supported and request->optionalSignature
- * is not NULL:
- * - need to encode tbsRequest->requestorName
- * - need to encode tbsRequest
- * - need to sign that encoded result (using cert in sig), filling in the
- * request->optionalSignature structure with the result, the signing
- * algorithm and (perhaps?) the cert (and its chain?) in derCerts
- */
-
- return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
-}
-
-
-/*
- * FUNCTION: CERT_DecodeOCSPRequest
- * Decode a DER encoded OCSP Request.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Request.
- * RETURN:
- * Returns a pointer to a CERTOCSPRequest containing the decoded request.
- * On error, returns NULL. Most likely error is trouble decoding
- * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
- */
-CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv = SECFailure;
- CERTOCSPRequest *dest = NULL;
- int i;
- SECItem newSrc;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
- dest = (CERTOCSPRequest *) PORT_ArenaZAlloc(arena,
- sizeof(CERTOCSPRequest));
- if (dest == NULL) {
- goto loser;
- }
- dest->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newSrc, src);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, dest, ocsp_OCSPRequestTemplate, &newSrc);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
- goto loser;
- }
-
- /*
- * XXX I would like to find a way to get rid of the necessity
- * of doing this copying of the arena pointer.
- */
- for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
- dest->tbsRequest->requestList[i]->arena = arena;
- }
-
- return dest;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CERT_DestroyOCSPCertID(CERTOCSPCertID* certID)
-{
- if (certID->poolp) {
- PORT_FreeArena(certID->poolp, PR_FALSE);
- return SECSuccess;
- }
- return SECFailure;
-}
-
-
-/*
- * Create and fill-in a CertID. This function fills in the hash values
- * (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
- * Someday it might need to be more flexible about hash algorithm, but
- * for now we have no intention/need to create anything else.
- *
- * Error causes a null to be returned; most likely cause is trouble
- * finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static CERTOCSPCertID *
-ocsp_CreateCertID(PRArenaPool *arena, CERTCertificate *cert, int64 time)
-{
- CERTOCSPCertID *certID;
- CERTCertificate *issuerCert = NULL;
- SECItem *tempItem = NULL;
- void *mark = PORT_ArenaMark(arena);
- SECStatus rv;
-
- PORT_Assert(arena != NULL);
-
- certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
- if (certID == NULL) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
- NULL);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
- if (issuerCert == NULL) {
- goto loser;
- }
-
- tempItem = SEC_ASN1EncodeItem(NULL, NULL, &issuerCert->subject,
- CERT_NameTemplate);
- if (tempItem == NULL) {
- goto loser;
- }
-
- if (SECITEM_AllocItem(arena, &(certID->issuerNameHash),
- SHA1_LENGTH) == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_SHA1, certID->issuerNameHash.data,
- tempItem->data, tempItem->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
- certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
- /* cache the other two hash algorithms as well */
- if (SECITEM_AllocItem(arena, &(certID->issuerMD5NameHash),
- MD5_LENGTH) == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_MD5, certID->issuerMD5NameHash.data,
- tempItem->data, tempItem->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (SECITEM_AllocItem(arena, &(certID->issuerMD2NameHash),
- MD2_LENGTH) == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_MD2, certID->issuerMD2NameHash.data,
- tempItem->data, tempItem->len);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SECITEM_FreeItem(tempItem, PR_TRUE);
- tempItem = NULL;
-
- if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_SHA1,
- &(certID->issuerKeyHash)) == NULL) {
- goto loser;
- }
- certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
- certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
- /* cache the other two hash algorithms as well */
- if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_MD5,
- &(certID->issuerMD5KeyHash)) == NULL) {
- goto loser;
- }
- if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_MD2,
- &(certID->issuerMD2KeyHash)) == NULL) {
- goto loser;
- }
-
-
- /* now we are done with issuerCert */
- CERT_DestroyCertificate(issuerCert);
- issuerCert = NULL;
-
- rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return certID;
-
-loser:
- if (issuerCert != NULL) {
- CERT_DestroyCertificate(issuerCert);
- }
- if (tempItem != NULL) {
- SECITEM_FreeItem(tempItem, PR_TRUE);
- }
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-CERTOCSPCertID*
-CERT_CreateOCSPCertID(CERTCertificate *cert, int64 time)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTOCSPCertID *certID;
- PORT_Assert(arena != NULL);
- if (!arena)
- return NULL;
-
- certID = ocsp_CreateCertID(arena, cert, time);
- if (!certID) {
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
- }
- certID->poolp = arena;
- return certID;
-}
-
-
-
-/*
- * Callback to set Extensions in request object
- */
-void SetSingleReqExts(void *object, CERTCertExtension **exts)
-{
- ocspSingleRequest *singleRequest =
- (ocspSingleRequest *)object;
-
- singleRequest->singleRequestExtensions = exts;
-}
-
-/*
- * Add the Service Locator extension to the singleRequestExtensions
- * for the given singleRequest.
- *
- * All errors are internal or low-level problems (e.g. no memory).
- */
-static SECStatus
-ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
- CERTCertificate *cert)
-{
- ocspServiceLocator *serviceLocator = NULL;
- void *extensionHandle = NULL;
- SECStatus rv = SECFailure;
-
- serviceLocator = PORT_ZNew(ocspServiceLocator);
- if (serviceLocator == NULL)
- goto loser;
-
- /*
- * Normally it would be a bad idea to do a direct reference like
- * this rather than allocate and copy the name *or* at least dup
- * a reference of the cert. But all we need is to be able to read
- * the issuer name during the encoding we are about to do, so a
- * copy is just a waste of time.
- */
- serviceLocator->issuer = &cert->issuer;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
- &serviceLocator->locator);
- if (rv != SECSuccess) {
- if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
- goto loser;
- }
-
- /* prepare for following loser gotos */
- rv = SECFailure;
-
- extensionHandle = cert_StartExtensions(singleRequest,
- singleRequest->arena, SetSingleReqExts);
- if (extensionHandle == NULL)
- goto loser;
-
- rv = CERT_EncodeAndAddExtension(extensionHandle,
- SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
- serviceLocator, PR_FALSE,
- ocsp_ServiceLocatorTemplate);
-
-loser:
- if (extensionHandle != NULL) {
- /*
- * Either way we have to finish out the extension context (so it gets
- * freed). But careful not to override any already-set bad status.
- */
- SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
- if (rv == SECSuccess)
- rv = tmprv;
- }
-
- /*
- * Finally, free the serviceLocator structure itself and we are done.
- */
- if (serviceLocator != NULL) {
- if (serviceLocator->locator.data != NULL)
- SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
- PORT_Free(serviceLocator);
- }
-
- return rv;
-}
-
-/*
- * Creates an array of ocspSingleRequest based on a list of certs.
- * Note that the code which later compares the request list with the
- * response expects this array to be in the exact same order as the
- * certs are found in the list. It would be harder to change that
- * order than preserve it, but since the requirement is not obvious,
- * it deserves to be mentioned.
- *
- * Any problem causes a null return and error set:
- * SEC_ERROR_UNKNOWN_ISSUER
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static ocspSingleRequest **
-ocsp_CreateSingleRequestList(PRArenaPool *arena, CERTCertList *certList,
- int64 time, PRBool includeLocator)
-{
- ocspSingleRequest **requestList = NULL;
- CERTCertListNode *node;
- int i, count;
- void *mark = PORT_ArenaMark(arena);
-
- node = CERT_LIST_HEAD(certList);
- for (count = 0; !CERT_LIST_END(node, certList); count++) {
- node = CERT_LIST_NEXT(node);
- }
-
- if (count == 0)
- goto loser;
-
- requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
- if (requestList == NULL)
- goto loser;
-
- node = CERT_LIST_HEAD(certList);
- for (i = 0; !CERT_LIST_END(node, certList); i++) {
- requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
- if (requestList[i] == NULL)
- goto loser;
-
- requestList[i]->arena = arena;
- requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
- if (requestList[i]->reqCert == NULL)
- goto loser;
-
- if (includeLocator == PR_TRUE) {
- SECStatus rv;
-
- rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
- if (rv != SECSuccess)
- goto loser;
- }
-
- node = CERT_LIST_NEXT(node);
- }
-
- PORT_Assert(i == count);
-
- PORT_ArenaUnmark(arena, mark);
- requestList[i] = NULL;
- return requestList;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_CreateOCSPRequest
- * Creates a CERTOCSPRequest, requesting the status of the certs in
- * the given list.
- * INPUTS:
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no effect on the request itself.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * XXX note that request signing is not yet supported; see comment in code
- * RETURN:
- * A pointer to a CERTOCSPRequest structure containing an OCSP request
- * for the cert list. On error, null is returned, with an error set
- * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
- * (The issuer is needed to create a request for the certificate.)
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-CERTOCSPRequest *
-CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert)
-{
- PRArenaPool *arena = NULL;
- CERTOCSPRequest *request = NULL;
- ocspTBSRequest *tbsRequest = NULL;
-
- /*
- * XXX This should set an error, but since it is only temporary and
- * since PSM will not initially provide a way to turn on signing of
- * requests anyway, I figure we can just skip defining an error that
- * will be obsolete in the next release. When we are prepared to
- * put signing of requests back in, this entire check will go away,
- * and later in this function we will need to allocate a signature
- * structure for the request, fill in the "derCerts" field in it,
- * save the signerCert there, as well as fill in the "requestorName"
- * field of the tbsRequest.
- */
- if (signerCert != NULL) {
- return NULL;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
-
- request = PORT_ArenaZNew(arena, CERTOCSPRequest);
- if (request == NULL) {
- goto loser;
- }
- request->arena = arena;
-
- tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
- if (tbsRequest == NULL) {
- goto loser;
- }
- request->tbsRequest = tbsRequest;
-
- /* version 1 is the default, so we need not fill in a version number */
-
- /*
- * Now create the list of single requests, one for each cert.
- */
- tbsRequest->requestList = ocsp_CreateSingleRequestList(arena, certList,
- time,
- addServiceLocator);
- if (tbsRequest->requestList == NULL) {
- goto loser;
- }
- return request;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_AddOCSPAcceptableResponses
- * Add the AcceptableResponses extension to an OCSP Request.
- * INPUTS:
- * CERTOCSPRequest *request
- * The request to which the extension should be added.
- * ...
- * A list (of one or more) of SECOidTag -- each of the response types
- * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
- * (This marks the end of the list, and it must be specified because a
- * client conforming to the OCSP standard is required to handle the basic
- * response type.) The OIDs are not checked in any way.
- * RETURN:
- * SECSuccess if the extension is added; SECFailure if anything goes wrong.
- * All errors are internal or low-level problems (e.g. no memory).
- */
-
-void SetRequestExts(void *object, CERTCertExtension **exts)
-{
- CERTOCSPRequest *request = (CERTOCSPRequest *)object;
-
- request->tbsRequest->requestExtensions = exts;
-}
-
-SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
- SECOidTag responseType0, ...)
-{
- void *extHandle;
- va_list ap;
- int i, count;
- SECOidTag responseType;
- SECOidData *responseOid;
- SECItem **acceptableResponses = NULL;
- SECStatus rv = SECFailure;
-
- extHandle = request->tbsRequest->extensionHandle;
- if (extHandle == NULL) {
- extHandle = cert_StartExtensions(request, request->arena, SetRequestExts);
- if (extHandle == NULL)
- goto loser;
- }
-
- /* Count number of OIDS going into the extension value. */
- count = 1;
- if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
- va_start(ap, responseType0);
- do {
- count++;
- responseType = va_arg(ap, SECOidTag);
- } while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
- va_end(ap);
- }
-
- acceptableResponses = PORT_NewArray(SECItem *, count + 1);
- if (acceptableResponses == NULL)
- goto loser;
-
- i = 0;
- responseOid = SECOID_FindOIDByTag(responseType0);
- acceptableResponses[i++] = &(responseOid->oid);
- if (count > 1) {
- va_start(ap, responseType0);
- for ( ; i < count; i++) {
- responseType = va_arg(ap, SECOidTag);
- responseOid = SECOID_FindOIDByTag(responseType);
- acceptableResponses[i] = &(responseOid->oid);
- }
- va_end(ap);
- }
- acceptableResponses[i] = NULL;
-
- rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
- &acceptableResponses, PR_FALSE,
- SEC_SequenceOfObjectIDTemplate);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_Free(acceptableResponses);
- if (request->tbsRequest->extensionHandle == NULL)
- request->tbsRequest->extensionHandle = extHandle;
- return SECSuccess;
-
-loser:
- if (acceptableResponses != NULL)
- PORT_Free(acceptableResponses);
- if (extHandle != NULL)
- (void) CERT_FinishExtensions(extHandle);
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_DestroyOCSPRequest
- * Frees an OCSP Request structure.
- * INPUTS:
- * CERTOCSPRequest *request
- * Pointer to CERTOCSPRequest to be freed.
- * RETURN:
- * No return value; no errors.
- */
-void
-CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
-{
- if (request == NULL)
- return;
-
- if (request->tbsRequest != NULL) {
- if (request->tbsRequest->requestorName != NULL)
- CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
- if (request->tbsRequest->extensionHandle != NULL)
- (void) CERT_FinishExtensions(request->tbsRequest->extensionHandle);
- }
-
- if (request->optionalSignature != NULL) {
- if (request->optionalSignature->cert != NULL)
- CERT_DestroyCertificate(request->optionalSignature->cert);
-
- /*
- * XXX Need to free derCerts? Or do they come out of arena?
- * (Currently we never fill in derCerts, which is why the
- * answer is not obvious. Once we do, add any necessary code
- * here and remove this comment.)
- */
- }
-
- /*
- * We should actually never have a request without an arena,
- * but check just in case. (If there isn't one, there is not
- * much we can do about it...)
- */
- PORT_Assert(request->arena != NULL);
- if (request->arena != NULL)
- PORT_FreeArena(request->arena, PR_FALSE);
-}
-
-
-/*
- * RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
- */
-
-/*
- * Helper function for encoding or decoding a ResponderID -- based on the
- * given type, return the associated template for that choice.
- */
-static const SEC_ASN1Template *
-ocsp_ResponderIDTemplateByType(ocspResponderIDType responderIDType)
-{
- const SEC_ASN1Template *responderIDTemplate;
-
- switch (responderIDType) {
- case ocspResponderID_byName:
- responderIDTemplate = ocsp_ResponderIDByNameTemplate;
- break;
- case ocspResponderID_byKey:
- responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
- break;
- case ocspResponderID_other:
- default:
- PORT_Assert(responderIDType == ocspResponderID_other);
- responderIDTemplate = ocsp_ResponderIDOtherTemplate;
- break;
- }
-
- return responderIDTemplate;
-}
-
-/*
- * Helper function for encoding or decoding a CertStatus -- based on the
- * given type, return the associated template for that choice.
- */
-static const SEC_ASN1Template *
-ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
-{
- const SEC_ASN1Template *certStatusTemplate;
-
- switch (certStatusType) {
- case ocspCertStatus_good:
- certStatusTemplate = ocsp_CertStatusGoodTemplate;
- break;
- case ocspCertStatus_revoked:
- certStatusTemplate = ocsp_CertStatusRevokedTemplate;
- break;
- case ocspCertStatus_unknown:
- certStatusTemplate = ocsp_CertStatusUnknownTemplate;
- break;
- case ocspCertStatus_other:
- default:
- PORT_Assert(certStatusType == ocspCertStatus_other);
- certStatusTemplate = ocsp_CertStatusOtherTemplate;
- break;
- }
-
- return certStatusTemplate;
-}
-
-/*
- * Helper function for decoding a certStatus -- turn the actual DER tag
- * into our local translation.
- */
-static ocspCertStatusType
-ocsp_CertStatusTypeByTag(int derTag)
-{
- ocspCertStatusType certStatusType;
-
- switch (derTag) {
- case 0:
- certStatusType = ocspCertStatus_good;
- break;
- case 1:
- certStatusType = ocspCertStatus_revoked;
- break;
- case 2:
- certStatusType = ocspCertStatus_unknown;
- break;
- default:
- certStatusType = ocspCertStatus_other;
- break;
- }
-
- return certStatusType;
-}
-
-/*
- * Helper function for decoding SingleResponses -- they each contain
- * a status which is encoded as CHOICE, which needs to be decoded "by hand".
- *
- * Note -- on error, this routine does not release the memory it may
- * have allocated; it expects its caller to do that.
- */
-static SECStatus
-ocsp_FinishDecodingSingleResponses(PRArenaPool *arena,
- CERTOCSPSingleResponse **responses)
-{
- ocspCertStatus *certStatus;
- ocspCertStatusType certStatusType;
- const SEC_ASN1Template *certStatusTemplate;
- int derTag;
- int i;
- SECStatus rv = SECFailure;
-
- if (responses == NULL) /* nothing to do */
- return SECSuccess;
-
- for (i = 0; responses[i] != NULL; i++) {
- /*
- * The following assert points out internal errors (problems in
- * the template definitions or in the ASN.1 decoder itself, etc.).
- */
- PORT_Assert(responses[i]->derCertStatus.data != NULL);
-
- derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
- certStatusType = ocsp_CertStatusTypeByTag(derTag);
- certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
-
- certStatus = PORT_ArenaZAlloc(arena, sizeof(ocspCertStatus));
- if (certStatus == NULL) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem(arena, certStatus, certStatusTemplate,
- &responses[i]->derCertStatus);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- certStatus->certStatusType = certStatusType;
- responses[i]->certStatus = certStatus;
- }
-
- return SECSuccess;
-
-loser:
- return rv;
-}
-
-/*
- * Helper function for decoding a responderID -- turn the actual DER tag
- * into our local translation.
- */
-static ocspResponderIDType
-ocsp_ResponderIDTypeByTag(int derTag)
-{
- ocspResponderIDType responderIDType;
-
- switch (derTag) {
- case 1:
- responderIDType = ocspResponderID_byName;
- break;
- case 2:
- responderIDType = ocspResponderID_byKey;
- break;
- default:
- responderIDType = ocspResponderID_other;
- break;
- }
-
- return responderIDType;
-}
-
-/*
- * Decode "src" as a BasicOCSPResponse, returning the result.
- */
-static ocspBasicOCSPResponse *
-ocsp_DecodeBasicOCSPResponse(PRArenaPool *arena, SECItem *src)
-{
- void *mark;
- ocspBasicOCSPResponse *basicResponse;
- ocspResponseData *responseData;
- ocspResponderID *responderID;
- ocspResponderIDType responderIDType;
- const SEC_ASN1Template *responderIDTemplate;
- int derTag;
- SECStatus rv;
- SECItem newsrc;
-
- mark = PORT_ArenaMark(arena);
-
- basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
- if (basicResponse == NULL) {
- goto loser;
- }
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newsrc, src);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, basicResponse,
- ocsp_BasicOCSPResponseTemplate, &newsrc);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- responseData = basicResponse->tbsResponseData;
-
- /*
- * The following asserts point out internal errors (problems in
- * the template definitions or in the ASN.1 decoder itself, etc.).
- */
- PORT_Assert(responseData != NULL);
- PORT_Assert(responseData->derResponderID.data != NULL);
-
- /*
- * XXX Because responderID is a CHOICE, which is not currently handled
- * by our ASN.1 decoder, we have to decode it "by hand".
- */
- derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
- responderIDType = ocsp_ResponderIDTypeByTag(derTag);
- responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
-
- responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
- if (responderID == NULL) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, responderID, responderIDTemplate,
- &responseData->derResponderID);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- responderID->responderIDType = responderIDType;
- responseData->responderID = responderID;
-
- /*
- * XXX Each SingleResponse also contains a CHOICE, which has to be
- * fixed up by hand.
- */
- rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return basicResponse;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-
-/*
- * Decode the responseBytes based on the responseType found in "rbytes",
- * leaving the resulting translated/decoded information in there as well.
- */
-static SECStatus
-ocsp_DecodeResponseBytes(PRArenaPool *arena, ocspResponseBytes *rbytes)
-{
- PORT_Assert(rbytes != NULL); /* internal error, really */
- if (rbytes == NULL)
- PORT_SetError(SEC_ERROR_INVALID_ARGS); /* XXX set better error? */
-
- rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
- switch (rbytes->responseTypeTag) {
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- {
- ocspBasicOCSPResponse *basicResponse;
-
- basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
- &rbytes->response);
- if (basicResponse == NULL)
- return SECFailure;
-
- rbytes->decodedResponse.basic = basicResponse;
- }
- break;
-
- /*
- * Add new/future response types here.
- */
-
- default:
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DecodeOCSPResponse
- * Decode a DER encoded OCSP Response.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Response.
- * RETURN:
- * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
- * the caller is responsible for destroying it. Or NULL if error (either
- * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
- * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
- * or a low-level or internal error occurred).
- */
-CERTOCSPResponse *
-CERT_DecodeOCSPResponse(SECItem *src)
-{
- PRArenaPool *arena = NULL;
- CERTOCSPResponse *response = NULL;
- SECStatus rv = SECFailure;
- ocspResponseStatus sv;
- SECItem newSrc;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
- response = (CERTOCSPResponse *) PORT_ArenaZAlloc(arena,
- sizeof(CERTOCSPResponse));
- if (response == NULL) {
- goto loser;
- }
- response->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newSrc, src);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, response, ocsp_OCSPResponseTemplate, &newSrc);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- sv = (ocspResponseStatus) DER_GetInteger(&response->responseStatus);
- response->statusValue = sv;
- if (sv != ocspResponse_successful) {
- /*
- * If the response status is anything but successful, then we
- * are all done with decoding; the status is all there is.
- */
- return response;
- }
-
- /*
- * A successful response contains much more information, still encoded.
- * Now we need to decode that.
- */
- rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- return response;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-/*
- * The way an OCSPResponse is defined, there are many levels to descend
- * before getting to the actual response information. And along the way
- * we need to check that the response *type* is recognizable, which for
- * now means that it is a BasicOCSPResponse, because that is the only
- * type currently defined. Rather than force all routines to perform
- * a bunch of sanity checking every time they want to work on a response,
- * this function isolates that and gives back the interesting part.
- * Note that no copying is done, this just returns a pointer into the
- * substructure of the response which is passed in.
- *
- * XXX This routine only works when a valid response structure is passed
- * into it; this is checked with many assertions. Assuming the response
- * was creating by decoding, it wouldn't make it this far without being
- * okay. That is a sufficient assumption since the entire OCSP interface
- * is only used internally. When this interface is officially exported,
- * each assertion below will need to be followed-up with setting an error
- * and returning (null).
- */
-static ocspResponseData *
-ocsp_GetResponseData(CERTOCSPResponse *response)
-{
- ocspBasicOCSPResponse *basic;
- ocspResponseData *responseData;
-
- PORT_Assert(response != NULL);
-
- PORT_Assert(response->responseBytes != NULL);
-
- PORT_Assert(response->responseBytes->responseTypeTag
- == SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-
- basic = response->responseBytes->decodedResponse.basic;
- PORT_Assert(basic != NULL);
-
- responseData = basic->tbsResponseData;
- PORT_Assert(responseData != NULL);
-
- return responseData;
-}
-
-/*
- * Much like the routine above, except it returns the response signature.
- * Again, no copy is done.
- */
-static ocspSignature *
-ocsp_GetResponseSignature(CERTOCSPResponse *response)
-{
- ocspBasicOCSPResponse *basic;
-
- PORT_Assert(response != NULL);
- if (NULL == response->responseBytes) {
- return NULL;
- }
- PORT_Assert(response->responseBytes != NULL);
- PORT_Assert(response->responseBytes->responseTypeTag
- == SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-
- basic = response->responseBytes->decodedResponse.basic;
- PORT_Assert(basic != NULL);
-
- return &(basic->responseSignature);
-}
-
-
-/*
- * FUNCTION: CERT_DestroyOCSPResponse
- * Frees an OCSP Response structure.
- * INPUTS:
- * CERTOCSPResponse *request
- * Pointer to CERTOCSPResponse to be freed.
- * RETURN:
- * No return value; no errors.
- */
-void
-CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
-{
- if (response != NULL) {
- ocspSignature *signature = ocsp_GetResponseSignature(response);
- if (signature && signature->cert != NULL)
- CERT_DestroyCertificate(signature->cert);
-
- /*
- * We should actually never have a response without an arena,
- * but check just in case. (If there isn't one, there is not
- * much we can do about it...)
- */
- PORT_Assert(response->arena != NULL);
- if (response->arena != NULL) {
- PORT_FreeArena(response->arena, PR_FALSE);
- }
- }
-}
-
-
-/*
- * OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
- */
-
-
-/*
- * Pick apart a URL, saving the important things in the passed-in pointers.
- *
- * We expect to find "http://<hostname>[:<port>]/[path]", though we will
- * tolerate that final slash character missing, as well as beginning and
- * trailing whitespace, and any-case-characters for "http". All of that
- * tolerance is what complicates this routine. What we want is just to
- * pick out the hostname, the port, and the path.
- *
- * On a successful return, the caller will need to free the output pieces
- * of hostname and path, which are copies of the values found in the url.
- */
-static SECStatus
-ocsp_ParseURL(char *url, char **pHostname, PRUint16 *pPort, char **pPath)
-{
- unsigned short port = 80; /* default, in case not in url */
- char *hostname = NULL;
- char *path = NULL;
- char *save;
- char c;
- int len;
-
- if (url == NULL)
- goto loser;
-
- /*
- * Skip beginning whitespace.
- */
- c = *url;
- while ((c == ' ' || c == '\t') && c != '\0') {
- url++;
- c = *url;
- }
- if (c == '\0')
- goto loser;
-
- /*
- * Confirm, then skip, protocol. (Since we only know how to do http,
- * that is all we will accept).
- */
- if (PORT_Strncasecmp(url, "http://", 7) != 0)
- goto loser;
- url += 7;
-
- /*
- * Whatever comes next is the hostname (or host IP address). We just
- * save it aside and then search for its end so we can determine its
- * length and copy it.
- *
- * XXX Note that because we treat a ':' as a terminator character
- * (and below, we expect that to mean there is a port specification
- * immediately following), we will not handle IPv6 addresses. That is
- * apparently an acceptable limitation, for the time being. Some day,
- * when there is a clear way to specify a URL with an IPv6 address that
- * can be parsed unambiguously, this code should be made to do that.
- */
- save = url;
- c = *url;
- while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
- url++;
- c = *url;
- }
- len = url - save;
- hostname = PORT_Alloc(len + 1);
- if (hostname == NULL)
- goto loser;
- PORT_Memcpy(hostname, save, len);
- hostname[len] = '\0';
-
- /*
- * Now we figure out if there was a port specified or not.
- * If so, we need to parse it (as a number) and skip it.
- */
- if (c == ':') {
- url++;
- port = (unsigned short) PORT_Atoi(url);
- c = *url;
- while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
- if (c < '0' || c > '9')
- goto loser;
- url++;
- c = *url;
- }
- }
-
- /*
- * Last thing to find is a path. There *should* be a slash,
- * if nothing else -- but if there is not we provide one.
- */
- if (c == '/') {
- save = url;
- while (c != '\0' && c != ' ' && c != '\t') {
- url++;
- c = *url;
- }
- len = url - save;
- path = PORT_Alloc(len + 1);
- if (path == NULL)
- goto loser;
- PORT_Memcpy(path, save, len);
- path[len] = '\0';
- } else {
- path = PORT_Strdup("/");
- }
-
- *pHostname = hostname;
- *pPort = port;
- *pPath = path;
- return SECSuccess;
-
-loser:
- if (hostname != NULL)
- PORT_Free(hostname);
- if (path != NULL)
- PORT_Free(path);
- PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
- return SECFailure;
-}
-
-/*
- * Open a socket to the specified host on the specified port, and return it.
- * The host is either a hostname or an IP address.
- */
-static PRFileDesc *
-ocsp_ConnectToHost(const char *host, PRUint16 port)
-{
- PRFileDesc *sock = NULL;
- PRIntervalTime timeout;
- PRNetAddr addr;
- char *netdbbuf = NULL;
-
- sock = PR_NewTCPSocket();
- if (sock == NULL)
- goto loser;
-
- /* XXX Some day need a way to set (and get?) the following value */
- timeout = PR_SecondsToInterval(30);
-
- /*
- * If the following converts an IP address string in "dot notation"
- * into a PRNetAddr. If it fails, we assume that is because we do not
- * have such an address, but instead a host *name*. In that case we
- * then lookup the host by name. Using the NSPR function this way
- * means we do not have to have our own logic for distinguishing a
- * valid numerical IP address from a hostname.
- */
- if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
- PRIntn hostIndex;
- PRHostEnt hostEntry;
-
- netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
- if (netdbbuf == NULL)
- goto loser;
-
- if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
- &hostEntry) != PR_SUCCESS)
- goto loser;
-
- hostIndex = 0;
- do {
- hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
- if (hostIndex < 0)
- goto loser;
- } while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS
- && hostIndex > 0);
-
- if (hostIndex == 0)
- goto loser;
-
- PORT_Free(netdbbuf);
- } else {
- /*
- * First put the port into the address, then connect.
- */
- if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
- goto loser;
- if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
- goto loser;
- }
-
- return sock;
-
-loser:
- if (sock != NULL)
- PR_Close(sock);
- if (netdbbuf != NULL)
- PORT_Free(netdbbuf);
- return NULL;
-}
-
-/*
- * Sends an encoded OCSP request to the server identified by "location",
- * and returns the socket on which it was sent (so can listen for the reply).
- * "location" is expected to be a valid URL -- an error parsing it produces
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION. Other errors are likely problems
- * connecting to it, or writing to it, or allocating memory, and the low-level
- * errors appropriate to the problem will be set.
- */
-static PRFileDesc *
-ocsp_SendEncodedRequest(char *location, SECItem *encodedRequest)
-{
- char *hostname = NULL;
- char *path = NULL;
- PRUint16 port;
- SECStatus rv;
- PRFileDesc *sock = NULL;
- PRFileDesc *returnSock = NULL;
- char *header = NULL;
-
- /*
- * Take apart the location, getting the hostname, port, and path.
- */
- rv = ocsp_ParseURL(location, &hostname, &port, &path);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_Assert(hostname != NULL);
- PORT_Assert(path != NULL);
-
- sock = ocsp_ConnectToHost(hostname, port);
- if (sock == NULL)
- goto loser;
-
- header = PR_smprintf("POST %s HTTP/1.0\r\n"
- "Host: %s:%d\r\n"
- "Content-Type: application/ocsp-request\r\n"
- "Content-Length: %u\r\n\r\n",
- path, hostname, port, encodedRequest->len);
- if (header == NULL)
- goto loser;
-
- /*
- * The NSPR documentation promises that if it can, it will write the full
- * amount; this will not return a partial value expecting us to loop.
- */
- if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
- goto loser;
-
- if (PR_Write(sock, encodedRequest->data,
- (PRInt32) encodedRequest->len) < 0)
- goto loser;
-
- returnSock = sock;
- sock = NULL;
-
-loser:
- if (header != NULL)
- PORT_Free(header);
- if (sock != NULL)
- PR_Close(sock);
- if (path != NULL)
- PORT_Free(path);
- if (hostname != NULL)
- PORT_Free(hostname);
-
- return returnSock;
-}
-
-/*
- * Read from "fd" into "buf" -- expect/attempt to read a given number of bytes
- * Obviously, stop if hit end-of-stream. Timeout is passed in.
- */
-
-static int
-ocsp_read(PRFileDesc *fd, char *buf, int toread, PRIntervalTime timeout)
-{
- int total = 0;
-
- while (total < toread)
- {
- PRInt32 got;
-
- got = PR_Recv(fd, buf + total, (PRInt32) (toread - total), 0, timeout);
- if (got < 0)
- {
- if (0 == total)
- {
- total = -1; /* report the error if we didn't read anything yet */
- }
- break;
- }
- else
- if (got == 0)
- { /* EOS */
- break;
- }
-
- total += got;
- }
-
- return total;
-}
-
-#define OCSP_BUFSIZE 1024
-
-#define AbortHttpDecode(error) \
-{ \
- if (inBuffer) \
- PORT_Free(inBuffer); \
- PORT_SetError(error); \
- return NULL; \
-}
-
-
-/*
- * Reads on the given socket and returns an encoded response when received.
- * Properly formatted HTTP/1.0 response headers are expected to be read
- * from the socket, preceding a binary-encoded OCSP response. Problems
- * with parsing cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be
- * set; any other problems are likely low-level i/o or memory allocation
- * errors.
- */
-static SECItem *
-ocsp_GetEncodedResponse(PRArenaPool *arena, PRFileDesc *sock)
-{
- /* first read HTTP status line and headers */
-
- char* inBuffer = NULL;
- PRInt32 offset = 0;
- PRInt32 inBufsize = 0;
- const PRInt32 bufSizeIncrement = OCSP_BUFSIZE; /* 1 KB at a time */
- const PRInt32 maxBufSize = 8 * bufSizeIncrement ; /* 8 KB max */
- const char* CRLF = "\r\n";
- const PRInt32 CRLFlen = strlen(CRLF);
- const char* headerEndMark = "\r\n\r\n";
- const PRInt32 markLen = strlen(headerEndMark);
- const PRIntervalTime ocsptimeout =
- PR_SecondsToInterval(30); /* hardcoded to 30s for now */
- char* headerEnd = NULL;
- PRBool EOS = PR_FALSE;
- const char* httpprotocol = "HTTP/";
- const PRInt32 httplen = strlen(httpprotocol);
- const char* httpcode = NULL;
- const char* contenttype = NULL;
- PRInt32 contentlength = 0;
- PRInt32 bytesRead = 0;
- char* statusLineEnd = NULL;
- char* space = NULL;
- char* nextHeader = NULL;
- SECItem* result = NULL;
-
- /* read up to at least the end of the HTTP headers */
- do
- {
- inBufsize += bufSizeIncrement;
- inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
- if (NULL == inBuffer)
- {
- AbortHttpDecode(SEC_ERROR_NO_MEMORY);
- }
- bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
- ocsptimeout);
- if (bytesRead > 0)
- {
- PRInt32 searchOffset = (offset - markLen) >0 ? offset-markLen : 0;
- offset += bytesRead;
- *(inBuffer + offset) = '\0'; /* NULL termination */
- headerEnd = strstr((const char*)inBuffer + searchOffset, headerEndMark);
- if (bytesRead < bufSizeIncrement)
- {
- /* we read less data than requested, therefore we are at
- EOS or there was a read error */
- EOS = PR_TRUE;
- }
- }
- else
- {
- /* recv error or EOS */
- EOS = PR_TRUE;
- }
- } while ( (!headerEnd) && (PR_FALSE == EOS) &&
- (inBufsize < maxBufSize) );
-
- if (!headerEnd)
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- /* parse the HTTP status line */
- statusLineEnd = strstr((const char*)inBuffer, CRLF);
- if (!statusLineEnd)
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
- *statusLineEnd = '\0';
-
- /* check for HTTP/ response */
- space = strchr((const char*)inBuffer, ' ');
- if (!space || PORT_Strncasecmp((const char*)inBuffer, httpprotocol, httplen) != 0 )
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- /* check the HTTP status code of 200 */
- httpcode = space +1;
- space = strchr(httpcode, ' ');
- if (!space)
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
- *space = 0;
- if (0 != strcmp(httpcode, "200"))
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- /* parse the HTTP headers in the buffer . We only care about
- content-type and content-length
- */
-
- nextHeader = statusLineEnd + CRLFlen;
- *headerEnd = '\0'; /* terminate */
- do
- {
- char* thisHeaderEnd = NULL;
- char* value = NULL;
- char* colon = strchr(nextHeader, ':');
-
- if (!colon)
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- *colon = '\0';
- value = colon + 1;
-
- /* jpierre - note : the following code will only handle the basic form
- of HTTP/1.0 response headers, of the form "name: value" . Headers
- split among multiple lines are not supported. This is not common
- and should not be an issue, but it could become one in the
- future */
-
- if (*value != ' ')
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- value++;
- thisHeaderEnd = strstr(value, CRLF);
- if (thisHeaderEnd )
- {
- *thisHeaderEnd = '\0';
- }
-
- if (0 == PORT_Strcasecmp(nextHeader, "content-type"))
- {
- contenttype = value;
- }
- else
- if (0 == PORT_Strcasecmp(nextHeader, "content-length"))
- {
- contentlength = atoi(value);
- }
-
- if (thisHeaderEnd )
- {
- nextHeader = thisHeaderEnd + CRLFlen;
- }
- else
- {
- nextHeader = NULL;
- }
-
- } while (nextHeader && (nextHeader < (headerEnd + CRLFlen) ) );
-
- /* check content-type */
- if (!contenttype ||
- (0 != PORT_Strcasecmp(contenttype, "application/ocsp-response")) )
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- /* read the body of the OCSP response */
- offset = offset - (PRInt32) (headerEnd - (const char*)inBuffer) - markLen;
- if (offset)
- {
- /* move all data to the beginning of the buffer */
- PORT_Memmove(inBuffer, headerEnd + markLen, offset);
- }
-
- /* resize buffer to only what's needed to hold the current response */
- inBufsize = (1 + (offset-1) / bufSizeIncrement ) * bufSizeIncrement ;
-
- while ( (PR_FALSE == EOS) &&
- ( (contentlength == 0) || (offset < contentlength) ) &&
- (inBufsize < maxBufSize)
- )
- {
- /* we still need to receive more body data */
- inBufsize += bufSizeIncrement;
- inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
- if (NULL == inBuffer)
- {
- AbortHttpDecode(SEC_ERROR_NO_MEMORY);
- }
- bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
- ocsptimeout);
- if (bytesRead > 0)
- {
- offset += bytesRead;
- if (bytesRead < bufSizeIncrement)
- {
- /* we read less data than requested, therefore we are at
- EOS or there was a read error */
- EOS = PR_TRUE;
- }
- }
- else
- {
- /* recv error or EOS */
- EOS = PR_TRUE;
- }
- }
-
- if (0 == offset)
- {
- AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
-
- /*
- * Now allocate the item to hold the data.
- */
- result = SECITEM_AllocItem(arena, NULL, offset);
- if (NULL == result)
- {
- AbortHttpDecode(SEC_ERROR_NO_MEMORY);
- }
-
- /*
- * And copy the data left in the buffer.
- */
- PORT_Memcpy(result->data, inBuffer, offset);
-
- /* and free the temporary buffer */
- PORT_Free(inBuffer);
- return result;
-}
-
-
-/*
- * FUNCTION: CERT_GetEncodedOCSPResponse
- * Creates and sends a request to an OCSP responder, then reads and
- * returns the (encoded) response.
- * INPUTS:
- * PRArenaPool *arena
- * Pointer to arena from which return value will be allocated.
- * If NULL, result will be allocated from the heap (and thus should
- * be freed via SECITEM_FreeItem).
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * char *location
- * The location of the OCSP responder (a URL).
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no other bearing on the operation.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * OUTPUTS:
- * CERTOCSPRequest **pRequest
- * Pointer in which to store the OCSP request created for the given
- * list of certificates. It is only filled in if the entire operation
- * is successful and the pointer is not null -- and in that case the
- * caller is then reponsible for destroying it.
- * RETURN:
- * Returns a pointer to the SECItem holding the response.
- * On error, returns null with error set describing the reason:
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-SECItem *
-CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
- char *location, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert, void *pwArg,
- CERTOCSPRequest **pRequest)
-{
- CERTOCSPRequest *request = NULL;
- SECItem *encodedRequest = NULL;
- SECItem *encodedResponse = NULL;
- PRFileDesc *sock = NULL;
- SECStatus rv;
-
- request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
- signerCert);
- if (request == NULL)
- goto loser;
-
- rv = CERT_AddOCSPAcceptableResponses(request,
- SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
- if (rv != SECSuccess)
- goto loser;
-
- encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
- if (encodedRequest == NULL)
- goto loser;
-
- sock = ocsp_SendEncodedRequest(location, encodedRequest);
- if (sock == NULL)
- goto loser;
-
- encodedResponse = ocsp_GetEncodedResponse(arena, sock);
- if (encodedResponse != NULL && pRequest != NULL) {
- *pRequest = request;
- request = NULL; /* avoid destroying below */
- }
-
-loser:
- if (request != NULL)
- CERT_DestroyOCSPRequest(request);
- if (encodedRequest != NULL)
- SECITEM_FreeItem(encodedRequest, PR_TRUE);
- if (sock != NULL)
- PR_Close(sock);
-
- return encodedResponse;
-}
-
-
-/* Checks a certificate for the key usage extension of OCSP signer. */
-static PRBool
-ocsp_CertIsOCSPSigner(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem extItem;
- SECItem **oids;
- SECItem *oid;
- SECOidTag oidTag;
- PRBool retval;
- CERTOidSequence *oidSeq = NULL;
-
-
- extItem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- oidSeq = CERT_DecodeOidSequence(&extItem);
- if ( oidSeq == NULL ) {
- goto loser;
- }
-
- oids = oidSeq->oids;
- while ( *oids != NULL ) {
- oid = *oids;
-
- oidTag = SECOID_FindOIDTag(oid);
-
- if ( oidTag == SEC_OID_OCSP_RESPONDER ) {
- goto success;
- }
-
- oids++;
- }
-
-loser:
- retval = PR_FALSE;
- goto done;
-success:
- retval = PR_TRUE;
-done:
- if ( extItem.data != NULL ) {
- PORT_Free(extItem.data);
- }
- if ( oidSeq != NULL ) {
- CERT_DestroyOidSequence(oidSeq);
- }
-
- return(retval);
-}
-
-
-#ifdef LATER /*
- * XXX This function is not currently used, but will
- * be needed later when we do revocation checking of
- * the responder certificate. Of course, it may need
- * revising then, if the cert extension interface has
- * changed. (Hopefully it will!)
- */
-
-/* Checks a certificate to see if it has the OCSP no check extension. */
-static PRBool
-ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem extItem;
-
- extItem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK,
- &extItem);
- if (extItem.data != NULL) {
- PORT_Free(extItem.data);
- }
- if (rv == SECSuccess) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-#endif /* LATER */
-
-static PRBool
-ocsp_matchcert(SECItem *certIndex,CERTCertificate *testCert)
-{
- SECItem item;
- unsigned char buf[HASH_LENGTH_MAX];
-
- item.data = buf;
- item.len = SHA1_LENGTH;
-
- if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_SHA1, &item) == NULL) {
- return PR_FALSE;
- }
- if (SECITEM_ItemsAreEqual(certIndex,&item)) {
- return PR_TRUE;
- }
- if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_MD5, &item) == NULL) {
- return PR_FALSE;
- }
- if (SECITEM_ItemsAreEqual(certIndex,&item)) {
- return PR_TRUE;
- }
- if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_MD2, &item) == NULL) {
- return PR_FALSE;
- }
- if (SECITEM_ItemsAreEqual(certIndex,&item)) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-static CERTCertificate *
-ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID);
-
-/*
- * Check the signature on some OCSP data. This is a helper function that
- * can be used to check either a request or a response. The result is
- * saved in the signature structure itself for future reference (to avoid
- * repeating the expensive verification operation), as well as returned.
- * In addition to checking the signature, the certificate (and its chain)
- * are also checked for validity (at the specified time) and usage.
- *
- * The type of cert lookup to be performed is specified by "lookupByName":
- * if true, then "certIndex" is actually a CERTName; otherwise it is a
- * SECItem which contains a key hash.
- *
- * If the signature verifies okay, and the argument "pSignerCert" is not
- * null, that parameter will be filled-in with a pointer to the signer's
- * certificate. The caller is then responsible for destroying the cert.
- *
- * A return of SECSuccess means the verification succeeded. If not,
- * an error will be set with the reason. Most likely are:
- * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-static SECStatus
-ocsp_CheckSignature(ocspSignature *signature, void *tbs,
- const SEC_ASN1Template *encodeTemplate,
- CERTCertDBHandle *handle, SECCertUsage certUsage,
- int64 checkTime, PRBool lookupByName, void *certIndex,
- void *pwArg, CERTCertificate **pSignerCert,
- CERTCertificate *issuer)
-{
- SECItem rawSignature;
- SECItem *encodedTBS = NULL;
- CERTCertificate *responder = NULL;
- CERTCertificate *signerCert = NULL;
- SECKEYPublicKey *signerKey = NULL;
- CERTCertificate **certs = NULL;
- SECStatus rv = SECFailure;
- int certCount;
- int i;
-
- /*
- * If this signature has already gone through verification, just
- * return the cached result.
- */
- if (signature->wasChecked) {
- if (signature->status == SECSuccess) {
- if (pSignerCert != NULL)
- *pSignerCert = CERT_DupCertificate(signature->cert);
- } else {
- PORT_SetError(signature->failureReason);
- }
- return signature->status;
- }
-
- /*
- * If the signature contains some certificates as well, temporarily
- * import them in case they are needed for verification.
- *
- * Note that the result of this is that each cert in "certs" needs
- * to be destroyed.
- */
- certCount = 0;
- if (signature->derCerts != NULL) {
- for (; signature->derCerts[certCount] != NULL; certCount++) {
- /* just counting */
- /*IMPORT CERT TO SPKI TABLE */
- }
- }
- rv = CERT_ImportCerts(handle, certUsage, certCount,
- signature->derCerts, &certs,
- PR_FALSE, PR_FALSE, NULL);
- if (rv != SECSuccess)
- goto finish;
-
- /*
- * Now look up the certificate that did the signing.
- * The signer can be specified either by name or by key hash.
- */
- if (lookupByName) {
- SECItem *encodedName;
-
- encodedName = SEC_ASN1EncodeItem(NULL, NULL, certIndex,
- CERT_NameTemplate);
- if (encodedName == NULL)
- goto finish;
-
- signerCert = CERT_FindCertByName(handle, encodedName);
- SECITEM_FreeItem(encodedName, PR_TRUE);
- } else {
- /*
- * The signer is either 1) a known issuer CA we passed in,
- * 2) the default OCSP responder, or 3) an intermediate CA
- * passed in the cert list to use. Figure out which it is.
- */
- responder = ocsp_CertGetDefaultResponder(handle,NULL);
- if (responder && ocsp_matchcert(certIndex,responder)) {
- signerCert = CERT_DupCertificate(responder);
- } else if (issuer && ocsp_matchcert(certIndex,issuer)) {
- signerCert = CERT_DupCertificate(issuer);
- }
- for (i=0; (signerCert == NULL) && (i < certCount); i++) {
- if (ocsp_matchcert(certIndex,certs[i])) {
- signerCert = CERT_DupCertificate(certs[i]);
- }
- }
- }
-
- if (signerCert == NULL) {
- rv = SECFailure;
- if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
- /* Make the error a little more specific. */
- PORT_SetError(SEC_ERROR_UNKNOWN_SIGNER);
- }
- goto finish;
- }
-
- /*
- * We could mark this true at the top of this function, or always
- * below at "finish", but if the problem was just that we could not
- * find the signer's cert, leave that as if the signature hasn't
- * been checked in case a subsequent call might have better luck.
- */
- signature->wasChecked = PR_TRUE;
-
- /*
- * Just because we have a cert does not mean it is any good; check
- * it for validity, trust and usage.
- */
- rv = CERT_VerifyCert(handle, signerCert, PR_TRUE, certUsage, checkTime,
- pwArg, NULL);
- if (rv != SECSuccess)
- goto finish;
-
- /*
- * Now get the public key from the signer's certificate; we need
- * it to perform the verification.
- */
- signerKey = CERT_ExtractPublicKey(signerCert);
- if (signerKey == NULL)
- goto finish;
-
- /*
- * Prepare the data to be verified; it needs to be DER encoded first.
- */
- encodedTBS = SEC_ASN1EncodeItem(NULL, NULL, tbs, encodeTemplate);
- if (encodedTBS == NULL)
- goto finish;
-
- /*
- * We copy the signature data *pointer* and length, so that we can
- * modify the length without damaging the original copy. This is a
- * simple copy, not a dup, so no destroy/free is necessary.
- */
- rawSignature = signature->signature;
- /*
- * The raw signature is a bit string, but we need to represent its
- * length in bytes, because that is what the verify function expects.
- */
- DER_ConvertBitString(&rawSignature);
-
- rv = VFY_VerifyData(encodedTBS->data, encodedTBS->len, signerKey,
- &rawSignature,
- SECOID_GetAlgorithmTag(&signature->signatureAlgorithm),
- pwArg);
-
-finish:
- if (signature->wasChecked)
- signature->status = rv;
-
- if (rv != SECSuccess) {
- signature->failureReason = PORT_GetError();
- if (signerCert != NULL)
- CERT_DestroyCertificate(signerCert);
- } else {
- /*
- * Save signer's certificate in signature.
- */
- signature->cert = signerCert;
- if (pSignerCert != NULL) {
- /*
- * Pass pointer to signer's certificate back to our caller,
- * who is also now responsible for destroying it.
- */
- *pSignerCert = CERT_DupCertificate(signerCert);
- }
- }
-
- if (encodedTBS != NULL)
- SECITEM_FreeItem(encodedTBS, PR_TRUE);
-
- if (signerKey != NULL)
- SECKEY_DestroyPublicKey(signerKey);
-
- if (certs != NULL)
- CERT_DestroyCertArray(certs, certCount);
- /* Free CERTS from SPKDigest Table */
-
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_VerifyOCSPResponseSignature
- * Check the signature on an OCSP Response. Will also perform a
- * verification of the signer's certificate. Note, however, that a
- * successful verification does not make any statement about the
- * signer's *authority* to provide status for the certificate(s),
- * that must be checked individually for each certificate.
- * INPUTS:
- * CERTOCSPResponse *response
- * Pointer to response structure with signature to be checked.
- * CERTCertDBHandle *handle
- * Pointer to CERTCertDBHandle for certificate DB to use for verification.
- * void *pwArg
- * Pointer to argument for password prompting, if needed.
- * OUTPUTS:
- * CERTCertificate **pSignerCert
- * Pointer in which to store signer's certificate; only filled-in if
- * non-null.
- * RETURN:
- * Returns SECSuccess when signature is valid, anything else means invalid.
- * Possible errors set:
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
- * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
- * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-SECStatus
-CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
- CERTCertDBHandle *handle, void *pwArg,
- CERTCertificate **pSignerCert,
- CERTCertificate *issuer)
-{
- ocspResponseData *tbsData; /* this is what is signed */
- PRBool byName;
- void *certIndex;
- int64 producedAt;
- SECStatus rv;
-
- tbsData = ocsp_GetResponseData(response);
-
- PORT_Assert(tbsData->responderID != NULL);
- switch (tbsData->responderID->responderIDType) {
- case ocspResponderID_byName:
- byName = PR_TRUE;
- certIndex = &tbsData->responderID->responderIDValue.name;
- break;
- case ocspResponderID_byKey:
- byName = PR_FALSE;
- certIndex = &tbsData->responderID->responderIDValue.keyHash;
- break;
- case ocspResponderID_other:
- default:
- PORT_Assert(0);
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- return SECFailure;
- }
-
- /*
- * ocsp_CheckSignature will also verify the signer certificate; we
- * need to tell it *when* that certificate must be valid -- for our
- * purposes we expect it to be valid when the response was signed.
- * The value of "producedAt" is the signing time.
- */
- rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
- if (rv != SECSuccess)
- return rv;
-
- return ocsp_CheckSignature(ocsp_GetResponseSignature(response),
- tbsData, ocsp_ResponseDataTemplate,
- handle, certUsageStatusResponder, producedAt,
- byName, certIndex, pwArg, pSignerCert, issuer);
-}
-
-/*
- * See if two certIDs match. This can be easy or difficult, depending
- * on whether the same hash algorithm was used.
- */
-static PRBool
-ocsp_CertIDsMatch(CERTCertDBHandle *handle,
- CERTOCSPCertID *certID1, CERTOCSPCertID *certID2)
-{
- PRBool match = PR_FALSE;
- SECItem *foundHash = NULL;
- SECOidTag hashAlg;
- SECItem *keyHash = NULL;
- SECItem *nameHash = NULL;
-
- /*
- * In order to match, they must have the same issuer and the same
- * serial number.
- *
- * We just compare the easier things first.
- */
- if (SECITEM_CompareItem(&certID1->serialNumber,
- &certID2->serialNumber) != SECEqual) {
- goto done;
- }
-
- if (SECOID_CompareAlgorithmID(&certID1->hashAlgorithm,
- &certID2->hashAlgorithm) == SECEqual) {
- /*
- * If the hash algorithms match then we can do a simple compare
- * of the hash values themselves.
- */
- if ((SECITEM_CompareItem(&certID1->issuerNameHash,
- &certID2->issuerNameHash) == SECEqual)
- && (SECITEM_CompareItem(&certID1->issuerKeyHash,
- &certID2->issuerKeyHash) == SECEqual)) {
- match = PR_TRUE;
- }
- goto done;
- }
-
- hashAlg = SECOID_FindOIDTag(&certID2->hashAlgorithm.algorithm);
- switch (hashAlg) {
- case SEC_OID_SHA1:
- keyHash = &certID1->issuerSHA1KeyHash;
- nameHash = &certID1->issuerSHA1NameHash;
- break;
- case SEC_OID_MD5:
- keyHash = &certID1->issuerMD5KeyHash;
- nameHash = &certID1->issuerMD5NameHash;
- break;
- case SEC_OID_MD2:
- keyHash = &certID1->issuerMD2KeyHash;
- nameHash = &certID1->issuerMD2NameHash;
- break;
- default:
- foundHash = NULL;
- break;
- }
-
- if (foundHash == NULL) {
- goto done;
- }
- PORT_Assert(keyHash && nameHash);
-
- if ((SECITEM_CompareItem(nameHash, &certID2->issuerNameHash) == SECEqual)
- && (SECITEM_CompareItem(keyHash, &certID2->issuerKeyHash) == SECEqual)) {
- match = PR_TRUE;
- }
-
-done:
- return match;
-}
-
-/*
- * Find the single response for the cert specified by certID.
- * No copying is done; this just returns a pointer to the appropriate
- * response within responses, if it is found (and null otherwise).
- * This is fine, of course, since this function is internal-use only.
- */
-static CERTOCSPSingleResponse *
-ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
- CERTCertDBHandle *handle,
- CERTOCSPCertID *certID)
-{
- CERTOCSPSingleResponse *single;
- int i;
-
- if (responses == NULL)
- return NULL;
-
- for (i = 0; responses[i] != NULL; i++) {
- single = responses[i];
- if (ocsp_CertIDsMatch(handle, certID, single->certID) == PR_TRUE) {
- return single;
- }
- }
-
- /*
- * The OCSP server should have included a response even if it knew
- * nothing about the certificate in question. Since it did not,
- * this will make it look as if it had.
- *
- * XXX Should we make this a separate error to notice the server's
- * bad behavior?
- */
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
- return NULL;
-}
-
-static ocspCheckingContext *
-ocsp_GetCheckingContext(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
- ocspCheckingContext *ocspcx = NULL;
-
- statusConfig = CERT_GetStatusConfig(handle);
- if (statusConfig != NULL) {
- ocspcx = statusConfig->statusContext;
-
- /*
- * This is actually an internal error, because we should never
- * have a good statusConfig without a good statusContext, too.
- * For lack of anything better, though, we just assert and use
- * the same error as if there were no statusConfig (set below).
- */
- PORT_Assert(ocspcx != NULL);
- }
-
- if (ocspcx == NULL)
- PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
-
- return ocspcx;
-}
-/*
- * Return true if the given signerCert is the default responder for
- * the given certID. If not, or if any error, return false.
- */
-static CERTCertificate *
-ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID)
-{
- ocspCheckingContext *ocspcx;
-
- ocspcx = ocsp_GetCheckingContext(handle);
- if (ocspcx == NULL)
- goto loser;
-
- /*
- * Right now we have only one default responder. It applies to
- * all certs when it is used, so the check is simple and certID
- * has no bearing on the answer. Someday in the future we may
- * allow configuration of different responders for different
- * issuers, and then we would have to use the issuer specified
- * in certID to determine if signerCert is the right one.
- */
- if (ocspcx->useDefaultResponder) {
- PORT_Assert(ocspcx->defaultResponderCert != NULL);
- return ocspcx->defaultResponderCert;
- }
-
-loser:
- return NULL;
-}
-
-/*
- * Return true if the given signerCert is the default responder for
- * the given certID. If not, or if any error, return false.
- */
-static PRBool
-ocsp_CertIsDefaultResponderForCertID(CERTCertDBHandle *handle,
- CERTCertificate *signerCert,
- CERTOCSPCertID *certID)
-{
- CERTCertificate *defaultResponderCert;
-
- defaultResponderCert = ocsp_CertGetDefaultResponder(handle, certID);
- return (PRBool) (defaultResponderCert == signerCert);
-}
-
-/*
- * Check that the given signer certificate is authorized to sign status
- * information for the given certID. Return true if it is, false if not
- * (or if there is any error along the way). If false is returned because
- * the signer is not authorized, the following error will be set:
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- *
- * There are three ways to be authorized. In the order in which we check,
- * using the terms used in the OCSP spec, the signer must be one of:
- * 1. A "trusted responder" -- it matches a local configuration
- * of OCSP signing authority for the certificate in question.
- * 2. The CA who issued the certificate in question.
- * 3. A "CA designated responder", aka an "authorized responder" -- it
- * must be represented by a special cert issued by the CA who issued
- * the certificate in question.
- */
-static PRBool
-ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
- CERTCertificate *signerCert,
- CERTOCSPCertID *certID,
- int64 thisUpdate)
-{
- CERTCertificate *issuerCert = NULL;
- SECItem *issuerKeyHash = NULL;
- SECOidTag hashAlg;
- PRBool okay = PR_FALSE;
-
- /*
- * Check first for a trusted responder, which overrides everything else.
- */
- if (ocsp_CertIsDefaultResponderForCertID(handle, signerCert, certID))
- return PR_TRUE;
-
- /*
- * In the other two cases, we need to do an issuer comparison.
- * How we do it depends on whether the signer certificate has the
- * special extension (for a designated responder) or not.
- */
-
- if (ocsp_CertIsOCSPSigner(signerCert)) {
- /*
- * The signer is a designated responder. Its issuer must match
- * the issuer of the cert being checked.
- */
- issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
- certUsageAnyCA);
- if (issuerCert == NULL) {
- /*
- * We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
- * but the following will give slightly more information.
- * Once we have an error stack, things will be much better.
- */
- PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
- goto loser;
- }
- } else {
- /*
- * The signer must *be* the issuer of the cert being checked.
- */
- issuerCert = signerCert;
- }
-
- hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
- issuerKeyHash = CERT_SPKDigestValueForCert(NULL, issuerCert, hashAlg, NULL);
- if (issuerKeyHash == NULL)
- goto loser;
-
- if (SECITEM_CompareItem(issuerKeyHash,
- &certID->issuerKeyHash) != SECEqual) {
- PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
- goto loser;
- }
-
- okay = PR_TRUE;
-
-loser:
- if (issuerKeyHash != NULL)
- SECITEM_FreeItem(issuerKeyHash, PR_TRUE);
-
- if (issuerCert != NULL && issuerCert != signerCert)
- CERT_DestroyCertificate(issuerCert);
-
- return okay;
-}
-
-/*
- * We need to check that a responder gives us "recent" information.
- * Since a responder can pre-package responses, we need to pick an amount
- * of time that is acceptable to us, and reject any response that is
- * older than that.
- *
- * XXX This *should* be based on some configuration parameter, so that
- * different usages could specify exactly what constitutes "sufficiently
- * recent". But that is not going to happen right away. For now, we
- * want something from within the last 24 hours. This macro defines that
- * number in seconds.
- */
-#define OCSP_ALLOWABLE_LAPSE_SECONDS (24L * 60L * 60L)
-
-static PRBool
-ocsp_TimeIsRecent(int64 checkTime)
-{
- int64 now = PR_Now();
- int64 lapse, tmp;
-
- LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
- LL_I2L(tmp, PR_USEC_PER_SEC);
- LL_MUL(lapse, lapse, tmp); /* allowable lapse in microseconds */
-
- LL_ADD(checkTime, checkTime, lapse);
- if (LL_CMP(now, >, checkTime))
- return PR_FALSE;
-
- return PR_TRUE;
-}
-
-#define OCSP_SLOP (5L*60L) /* OCSP responses are allowed to be 5 minutes
- in the future by default */
-
-static PRUint32 ocspsloptime = OCSP_SLOP; /* seconds */
-
-/*
- * Check that this single response is okay. A return of SECSuccess means:
- * 1. The signer (represented by "signerCert") is authorized to give status
- * for the cert represented by the individual response in "single".
- * 2. The value of thisUpdate is earlier than now.
- * 3. The value of producedAt is later than or the same as thisUpdate.
- * 4. If nextUpdate is given:
- * - The value of nextUpdate is later than now.
- * - The value of producedAt is earlier than nextUpdate.
- * Else if no nextUpdate:
- * - The value of thisUpdate is fairly recent.
- * - The value of producedAt is fairly recent.
- * However we do not need to perform an explicit check for this last
- * constraint because it is already guaranteed by checking that
- * producedAt is later than thisUpdate and thisUpdate is recent.
- * Oh, and any responder is "authorized" to say that a cert is unknown to it.
- *
- * If any of those checks fail, SECFailure is returned and an error is set:
- * SEC_ERROR_OCSP_FUTURE_RESPONSE
- * SEC_ERROR_OCSP_OLD_RESPONSE
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static SECStatus
-ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
- CERTCertDBHandle *handle,
- CERTCertificate *signerCert,
- int64 producedAt)
-{
- CERTOCSPCertID *certID = single->certID;
- int64 now, thisUpdate, nextUpdate, tmstamp, tmp;
- SECStatus rv;
-
- /*
- * If all the responder said was that the given cert was unknown to it,
- * that is a valid response. Not very interesting to us, of course,
- * but all this function is concerned with is validity of the response,
- * not the status of the cert.
- */
- PORT_Assert(single->certStatus != NULL);
- if (single->certStatus->certStatusType == ocspCertStatus_unknown)
- return SECSuccess;
-
- /*
- * We need to extract "thisUpdate" for use below and to pass along
- * to AuthorizedResponderForCertID in case it needs it for doing an
- * issuer look-up.
- */
- rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * First confirm that signerCert is authorized to give this status.
- */
- if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
- thisUpdate) != PR_TRUE)
- return SECFailure;
-
- /*
- * Now check the time stuff, as described above.
- */
- now = PR_Now();
- /* allow slop time for future response */
- LL_UI2L(tmstamp, ocspsloptime); /* get slop time in seconds */
- LL_UI2L(tmp, PR_USEC_PER_SEC);
- LL_MUL(tmstamp, tmstamp, tmp); /* convert the slop time to PRTime */
- LL_ADD(tmstamp, tmstamp, now); /* add current time to it */
- if (LL_CMP(thisUpdate, >, tmstamp) || LL_CMP(producedAt, <, thisUpdate)) {
- PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
- return SECFailure;
- }
- if (single->nextUpdate != NULL) {
- rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
- if (rv != SECSuccess)
- return rv;
-
- if (LL_CMP(nextUpdate, <, now) || LL_CMP(producedAt, >, nextUpdate)) {
- PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
- return SECFailure;
- }
- } else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
- PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
- * Get the value of the URI of the OCSP responder for the given cert.
- * This is found in the (optional) Authority Information Access extension
- * in the cert.
- * INPUTS:
- * CERTCertificate *cert
- * The certificate being examined.
- * RETURN:
- * char *
- * A copy of the URI for the OCSP method, if found. If either the
- * extension is not present or it does not contain an entry for OCSP,
- * SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
- * Any other error will also result in a NULL being returned.
- *
- * This result should be freed (via PORT_Free) when no longer in use.
- */
-char *
-CERT_GetOCSPAuthorityInfoAccessLocation(CERTCertificate *cert)
-{
- CERTGeneralName *locname = NULL;
- SECItem *location = NULL;
- SECItem *encodedAuthInfoAccess = NULL;
- CERTAuthInfoAccess **authInfoAccess = NULL;
- char *locURI = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv;
- int i;
-
- /*
- * Allocate this one from the heap because it will get filled in
- * by CERT_FindCertExtension which will also allocate from the heap,
- * and we can free the entire thing on our way out.
- */
- encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
- if (encodedAuthInfoAccess == NULL)
- goto loser;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
- encodedAuthInfoAccess);
- if (rv == SECFailure)
- goto loser;
-
- /*
- * The rest of the things allocated in the routine will come out of
- * this arena, which is temporary just for us to decode and get at the
- * AIA extension. The whole thing will be destroyed on our way out,
- * after we have copied the location string (url) itself (if found).
- */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto loser;
-
- authInfoAccess = cert_DecodeAuthInfoAccessExtension(arena,
- encodedAuthInfoAccess);
- if (authInfoAccess == NULL)
- goto loser;
-
- for (i = 0; authInfoAccess[i] != NULL; i++) {
- if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
- locname = authInfoAccess[i]->location;
- }
-
- /*
- * If we found an AIA extension, but it did not include an OCSP method,
- * that should look to our caller as if we did not find the extension
- * at all, because it is only an OCSP method that we care about.
- * So set the same error that would be set if the AIA extension was
- * not there at all.
- */
- if (locname == NULL) {
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- goto loser;
- }
-
- /*
- * The following is just a pointer back into locname (i.e. not a copy);
- * thus it should not be freed.
- */
- location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
- if (location == NULL) {
- /*
- * XXX Appears that CERT_GetGeneralNameByType does not set an
- * error if there is no name by that type. For lack of anything
- * better, act as if the extension was not found. In the future
- * this should probably be something more like the extension was
- * badly formed.
- */
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- goto loser;
- }
-
- /*
- * That location is really a string, but it has a specified length
- * without a null-terminator. We need a real string that does have
- * a null-terminator, and we need a copy of it anyway to return to
- * our caller -- so allocate and copy.
- */
- locURI = PORT_Alloc(location->len + 1);
- if (locURI == NULL) {
- goto loser;
- }
- PORT_Memcpy(locURI, location->data, location->len);
- locURI[location->len] = '\0';
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
-
- if (encodedAuthInfoAccess != NULL)
- SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
-
- return locURI;
-}
-
-
-/*
- * Figure out where we should go to find out the status of the given cert
- * via OCSP. If a default responder is set up, that is our answer.
- * If not, see if the certificate has an Authority Information Access (AIA)
- * extension for OCSP, and return the value of that. Otherwise return NULL.
- * We also let our caller know whether or not the responder chosen was
- * a default responder or not through the output variable isDefault;
- * its value has no meaning unless a good (non-null) value is returned
- * for the location.
- *
- * The result needs to be freed (PORT_Free) when no longer in use.
- */
-static char *
-ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool *isDefault)
-{
- ocspCheckingContext *ocspcx;
-
- ocspcx = ocsp_GetCheckingContext(handle);
- if (ocspcx != NULL && ocspcx->useDefaultResponder) {
- /*
- * A default responder wins out, if specified.
- * XXX Someday this may be a more complicated determination based
- * on the cert's issuer. (That is, we could have different default
- * responders configured for different issuers.)
- */
- PORT_Assert(ocspcx->defaultResponderURI != NULL);
- *isDefault = PR_TRUE;
- return (PORT_Strdup(ocspcx->defaultResponderURI));
- }
-
- /*
- * No default responder set up, so go see if we can find an AIA
- * extension that has a value for OCSP, and get the url from that.
- */
- *isDefault = PR_FALSE;
- return CERT_GetOCSPAuthorityInfoAccessLocation(cert);
-}
-
-/*
- * Return SECSuccess if the cert was revoked *after* "time",
- * SECFailure otherwise.
- */
-static SECStatus
-ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, int64 time)
-{
- int64 revokedTime;
- SECStatus rv;
-
- rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * Set the error even if we will return success; someone might care.
- */
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
-
- if (LL_CMP(revokedTime, >, time))
- return SECSuccess;
-
- return SECFailure;
-}
-
-/*
- * See if the cert represented in the single response had a good status
- * at the specified time.
- */
-static SECStatus
-ocsp_CertHasGoodStatus(CERTOCSPSingleResponse *single, int64 time)
-{
- ocspCertStatus *status;
- SECStatus rv;
-
- status = single->certStatus;
-
- switch (status->certStatusType) {
- case ocspCertStatus_good:
- rv = SECSuccess;
- break;
- case ocspCertStatus_revoked:
- rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
- break;
- case ocspCertStatus_unknown:
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
- rv = SECFailure;
- break;
- case ocspCertStatus_other:
- default:
- PORT_Assert(0);
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- rv = SECFailure;
- break;
- }
-
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_CheckOCSPStatus
- * Checks the status of a certificate via OCSP. Will only check status for
- * a certificate that has an AIA (Authority Information Access) extension
- * for OCSP *or* when a "default responder" is specified and enabled.
- * (If no AIA extension for OCSP and no default responder in place, the
- * cert is considered to have a good status and SECSuccess is returned.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * certificate DB of the cert that is being checked
- * CERTCertificate *cert
- * the certificate being checked
- * XXX in the long term also need a boolean parameter that specifies
- * whether to check the cert chain, as well; for now we check only
- * the leaf (the specified certificate)
- * int64 time
- * time for which status is to be determined
- * void *pwArg
- * argument for password prompting, if needed
- * RETURN:
- * Returns SECSuccess if an approved OCSP responder "knows" the cert
- * *and* returns a non-revoked status for it; SECFailure otherwise,
- * with an error set describing the reason:
- *
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * SEC_ERROR_OCSP_FUTURE_RESPONSE
- * SEC_ERROR_OCSP_MALFORMED_REQUEST
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE
- * SEC_ERROR_OCSP_OLD_RESPONSE
- * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- * SEC_ERROR_OCSP_SERVER_ERROR
- * SEC_ERROR_OCSP_TRY_SERVER_LATER
- * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * SEC_ERROR_OCSP_UNKNOWN_CERT
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
- *
- * SEC_ERROR_BAD_SIGNATURE
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_INVALID_TIME
- * SEC_ERROR_REVOKED_CERTIFICATE
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_UNKNOWN_SIGNER
- *
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (error allocating
- * memory, error performing ASN.1 decoding, etc.).
- */
-SECStatus
-CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
- int64 time, void *pwArg)
-{
- char *location = NULL;
- PRBool locationIsDefault;
- CERTCertList *certList = NULL;
- SECItem *encodedResponse = NULL;
- CERTOCSPRequest *request = NULL;
- CERTOCSPResponse *response = NULL;
- CERTCertificate *signerCert = NULL;
- CERTCertificate *issuerCert = NULL;
- CERTOCSPCertID *certID;
- SECStatus rv = SECFailure;
-
-
- /*
- * The first thing we need to do is find the location of the responder.
- * This will be the value of the default responder (if enabled), else
- * it will come out of the AIA extension in the cert (if present).
- * If we have no such location, then this cert does not "deserve" to
- * be checked -- that is, we consider it a success and just return.
- * The way we tell that is by looking at the error number to see if
- * the problem was no AIA extension was found; any other error was
- * a true failure that we unfortunately have to treat as an overall
- * failure here.
- */
- location = ocsp_GetResponderLocation(handle, cert, &locationIsDefault);
- if (location == NULL) {
- if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND)
- return SECSuccess;
- else
- return SECFailure;
- }
-
- /*
- * For now, create a cert-list of one.
- * XXX In the fullness of time, we will want/need to handle a
- * certificate chain. This will be done either when a new parameter
- * tells us to, or some configuration variable tells us to. In any
- * case, handling it is complicated because we may need to send as
- * many requests (and receive as many responses) as we have certs
- * in the chain. If we are going to talk to a default responder,
- * and we only support one default responder, we can put all of the
- * certs together into one request. Otherwise, we must break them up
- * into multiple requests. (Even if all of the requests will go to
- * the same location, the signature on each response will be different,
- * because each issuer is different. Carefully read the OCSP spec
- * if you do not understand this.)
- */
-
- certList = CERT_NewCertList();
- if (certList == NULL)
- goto loser;
-
- /* dup it because freeing the list will destroy the cert, too */
- cert = CERT_DupCertificate(cert);
- if (cert == NULL)
- goto loser;
-
- if (CERT_AddCertToListTail(certList, cert) != SECSuccess) {
- CERT_DestroyCertificate(cert);
- goto loser;
- }
-
- /*
- * XXX If/when signing of requests is supported, that second NULL
- * should be changed to be the signer certificate. Not sure if that
- * should be passed into this function or retrieved via some operation
- * on the handle/context.
- */
- encodedResponse = CERT_GetEncodedOCSPResponse(NULL, certList, location,
- time, locationIsDefault,
- NULL, pwArg, &request);
- if (encodedResponse == NULL) {
- goto loser;
- }
-
- response = CERT_DecodeOCSPResponse(encodedResponse);
- if (response == NULL) {
- goto loser;
- }
-
- /*
- * Okay, we at least have a response that *looks* like a response!
- * Now see if the overall response status value is good or not.
- * If not, we set an error and give up. (It means that either the
- * server had a problem, or it didn't like something about our
- * request. Either way there is nothing to do but give up.)
- * Otherwise, we continue to find the actual per-cert status
- * in the response.
- */
- if (CERT_GetOCSPResponseStatus(response) != SECSuccess) {
- goto loser;
- }
-
- /*
- * If we've made it this far, we expect a response with a good signature.
- * So, check for that.
- */
- issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
- rv = CERT_VerifyOCSPResponseSignature(response, handle, pwArg, &signerCert,
- issuerCert);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_Assert(signerCert != NULL); /* internal consistency check */
- /* XXX probably should set error, return failure if signerCert is null */
-
-
- /*
- * Again, we are only doing one request for one cert.
- * XXX When we handle cert chains, the following code will obviously
- * have to be modified, in coordation with the code above that will
- * have to determine how to make multiple requests, etc. It will need
- * to loop, and for each certID in the request, find the matching
- * single response and check the status specified by it.
- *
- * We are helped here in that we know that the requests are made with
- * the request list in the same order as the order of the certs we hand
- * to it. This is why I can directly access the first member of the
- * single request array for the one cert I care about.
- */
-
- certID = request->tbsRequest->requestList[0]->reqCert;
- rv = CERT_GetOCSPStatusForCertID(handle, response, certID,
- signerCert, time);
-loser:
- if (issuerCert != NULL)
- CERT_DestroyCertificate(issuerCert);
- if (signerCert != NULL)
- CERT_DestroyCertificate(signerCert);
- if (response != NULL)
- CERT_DestroyOCSPResponse(response);
- if (request != NULL)
- CERT_DestroyOCSPRequest(request);
- if (encodedResponse != NULL)
- SECITEM_FreeItem(encodedResponse, PR_TRUE);
- if (certList != NULL)
- CERT_DestroyCertList(certList);
- if (location != NULL)
- PORT_Free(location);
- return rv;
-}
-
-SECStatus
-CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
- CERTOCSPResponse *response,
- CERTOCSPCertID *certID,
- CERTCertificate *signerCert,
- int64 time)
-{
- SECStatus rv;
- ocspResponseData *responseData;
- int64 producedAt;
- CERTOCSPSingleResponse *single;
-
- /*
- * The ResponseData part is the real guts of the response.
- */
- responseData = ocsp_GetResponseData(response);
- if (responseData == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- /*
- * There is one producedAt time for the entire response (and a separate
- * thisUpdate time for each individual single response). We need to
- * compare them, so get the overall time to pass into the check of each
- * single response.
- */
- rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
- if (rv != SECSuccess)
- goto loser;
-
- single = ocsp_GetSingleResponseForCertID(responseData->responses,
- handle, certID);
- if (single == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * Okay, the last step is to check whether the status says revoked,
- * and if so how that compares to the time value passed into this routine.
- */
-
- rv = ocsp_CertHasGoodStatus(single, time);
-loser:
- return rv;
-}
-
-
-/*
- * Disable status checking and destroy related structures/data.
- */
-static SECStatus
-ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
-{
- ocspCheckingContext *statusContext;
-
- /*
- * Disable OCSP checking
- */
- statusConfig->statusChecker = NULL;
-
- statusContext = statusConfig->statusContext;
- PORT_Assert(statusContext != NULL);
- if (statusContext == NULL)
- return SECFailure;
-
- if (statusContext->defaultResponderURI != NULL)
- PORT_Free(statusContext->defaultResponderURI);
- if (statusContext->defaultResponderNickname != NULL)
- PORT_Free(statusContext->defaultResponderNickname);
-
- PORT_Free(statusContext);
- statusConfig->statusContext = NULL;
-
- PORT_Free(statusConfig);
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DisableOCSPChecking
- * Turns off OCSP checking for the given certificate database.
- * This routine disables OCSP checking. Though it will return
- * SECFailure if OCSP checking is not enabled, it is "safe" to
- * call it that way and just ignore the return value, if it is
- * easier to just call it than to "remember" whether it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be disabled.
- * RETURN:
- * Returns SECFailure if an error occurred (usually means that OCSP
- * checking was not enabled or status contexts were not initialized --
- * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
- */
-SECStatus
-CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
- ocspCheckingContext *statusContext;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusConfig = CERT_GetStatusConfig(handle);
- statusContext = ocsp_GetCheckingContext(handle);
- if (statusContext == NULL)
- return SECFailure;
-
- if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
- /*
- * Status configuration is present, but either not currently
- * enabled or not for OCSP.
- */
- PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
- return SECFailure;
- }
-
- /*
- * This is how we disable status checking. Everything else remains
- * in place in case we are enabled again.
- */
- statusConfig->statusChecker = NULL;
-
- return SECSuccess;
-}
-
-/*
- * Allocate and initialize the informational structures for status checking.
- * This is done when some configuration of OCSP is being done or when OCSP
- * checking is being turned on, whichever comes first.
- */
-static SECStatus
-ocsp_InitStatusChecking(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig = NULL;
- ocspCheckingContext *statusContext = NULL;
-
- PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
- if (CERT_GetStatusConfig(handle) != NULL) {
- /* XXX or call statusConfig->statusDestroy and continue? */
- return SECFailure;
- }
-
- statusConfig = PORT_ZNew(CERTStatusConfig);
- if (statusConfig == NULL)
- goto loser;
-
- statusContext = PORT_ZNew(ocspCheckingContext);
- if (statusContext == NULL)
- goto loser;
-
- statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
- statusConfig->statusContext = statusContext;
-
- CERT_SetStatusConfig(handle, statusConfig);
-
- return SECSuccess;
-
-loser:
- if (statusContext != NULL)
- PORT_Free(statusContext);
- if (statusConfig != NULL)
- PORT_Free(statusConfig);
- return SECFailure;
-}
-
-
-/*
- * FUNCTION: CERT_EnableOCSPChecking
- * Turns on OCSP checking for the given certificate database.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be enabled.
- * RETURN:
- * Returns SECFailure if an error occurred (likely only problem
- * allocating memory); SECSuccess otherwise.
- */
-SECStatus
-CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
-
- SECStatus rv;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusConfig = CERT_GetStatusConfig(handle);
- if (statusConfig == NULL) {
- rv = ocsp_InitStatusChecking(handle);
- if (rv != SECSuccess)
- return rv;
-
- /* Get newly established value */
- statusConfig = CERT_GetStatusConfig(handle);
- PORT_Assert(statusConfig != NULL);
- }
-
- /*
- * Setting the checker function is what really enables the checking
- * when each cert verification is done.
- */
- statusConfig->statusChecker = CERT_CheckOCSPStatus;
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_SetOCSPDefaultResponder
- * Specify the location and cert of the default responder.
- * If OCSP checking is already enabled *and* use of a default responder
- * is also already enabled, all OCSP checking from now on will go directly
- * to the specified responder. If OCSP checking is not enabled, or if
- * it is but use of a default responder is not enabled, the information
- * will be recorded and take effect whenever both are enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * char *url
- * The location of the default responder (e.g. "http://foo.com:80/ocsp")
- * Note that the location will not be tested until the first attempt
- * to send a request there.
- * char *name
- * The nickname of the cert to trust (expected) to sign the OCSP responses.
- * If the corresponding cert cannot be found, SECFailure is returned.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * The most likely error is that the cert for "name" could not be found
- * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
- * bad database, etc.).
- */
-SECStatus
-CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
- const char *url, const char *name)
-{
- CERTCertificate *cert;
- ocspCheckingContext *statusContext;
- char *url_copy = NULL;
- char *name_copy = NULL;
- SECStatus rv;
-
- if (handle == NULL || url == NULL || name == NULL) {
- /*
- * XXX When interface is exported, probably want better errors;
- * perhaps different one for each parameter.
- */
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /*
- * Find the certificate for the specified nickname. Do this first
- * because it seems the most likely to fail.
- *
- * XXX Shouldn't need that cast if the FindCertByNickname interface
- * used const to convey that it does not modify the name. Maybe someday.
- */
- cert = CERT_FindCertByNickname(handle, (char *) name);
- if (cert == NULL) {
- /*
- * look for the cert on an external token.
- */
- cert = PK11_FindCertFromNickname((char *)name, NULL);
- }
- if (cert == NULL)
- return SECFailure;
-
- /*
- * Make a copy of the url and nickname.
- */
- url_copy = PORT_Strdup(url);
- name_copy = PORT_Strdup(name);
- if (url_copy == NULL || name_copy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- statusContext = ocsp_GetCheckingContext(handle);
-
- /*
- * Allocate and init the context if it doesn't already exist.
- */
- if (statusContext == NULL) {
- rv = ocsp_InitStatusChecking(handle);
- if (rv != SECSuccess)
- goto loser;
-
- statusContext = ocsp_GetCheckingContext(handle);
- PORT_Assert(statusContext != NULL); /* extreme paranoia */
- }
-
- /*
- * Note -- we do not touch the status context until after all of
- * the steps which could cause errors. If something goes wrong,
- * we want to leave things as they were.
- */
-
- /*
- * Get rid of old url and name if there.
- */
- if (statusContext->defaultResponderNickname != NULL)
- PORT_Free(statusContext->defaultResponderNickname);
- if (statusContext->defaultResponderURI != NULL)
- PORT_Free(statusContext->defaultResponderURI);
-
- /*
- * And replace them with the new ones.
- */
- statusContext->defaultResponderURI = url_copy;
- statusContext->defaultResponderNickname = name_copy;
-
- /*
- * If there was already a cert in place, get rid of it and replace it.
- * Otherwise, we are not currently enabled, so we don't want to save it;
- * it will get re-found and set whenever use of a default responder is
- * enabled.
- */
- if (statusContext->defaultResponderCert != NULL) {
- CERT_DestroyCertificate(statusContext->defaultResponderCert);
- statusContext->defaultResponderCert = cert;
- } else {
- PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
- CERT_DestroyCertificate(cert);
- }
-
- return SECSuccess;
-
-loser:
- CERT_DestroyCertificate(cert);
- if (url_copy != NULL)
- PORT_Free(url_copy);
- if (name_copy != NULL)
- PORT_Free(name_copy);
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_EnableOCSPDefaultResponder
- * Turns on use of a default responder when OCSP checking.
- * If OCSP checking is already enabled, this will make subsequent checks
- * go directly to the default responder. (The location of the responder
- * and the nickname of the responder cert must already be specified.)
- * If OCSP checking is not enabled, this will be recorded and take effect
- * whenever it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * No errors are especially likely unless the caller did not previously
- * perform a successful call to SetOCSPDefaultResponder (in which case
- * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
- */
-SECStatus
-CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
-{
- ocspCheckingContext *statusContext;
- CERTCertificate *cert;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusContext = ocsp_GetCheckingContext(handle);
-
- if (statusContext == NULL) {
- /*
- * Strictly speaking, the error already set is "correct",
- * but cover over it with one more helpful in this context.
- */
- PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
- return SECFailure;
- }
-
- if (statusContext->defaultResponderURI == NULL) {
- PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
- return SECFailure;
- }
-
- if (statusContext->defaultResponderNickname == NULL) {
- PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
- return SECFailure;
- }
-
- /*
- * Find the cert for the nickname.
- */
- cert = CERT_FindCertByNickname(handle,
- statusContext->defaultResponderNickname);
- if (cert == NULL) {
- cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname,
- NULL);
- }
- /*
- * We should never have trouble finding the cert, because its
- * existence should have been proven by SetOCSPDefaultResponder.
- */
- PORT_Assert(cert != NULL);
- if (cert == NULL)
- return SECFailure;
-
- /*
- * And hang onto it.
- */
- statusContext->defaultResponderCert = cert;
-
- /*
- * Finally, record the fact that we now have a default responder enabled.
- */
- statusContext->useDefaultResponder = PR_TRUE;
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DisableOCSPDefaultResponder
- * Turns off use of a default responder when OCSP checking.
- * (Does nothing if use of a default responder is not enabled.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should stop using a default
- * responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * Errors very unlikely (like random memory corruption...).
- */
-SECStatus
-CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
- ocspCheckingContext *statusContext;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusConfig = CERT_GetStatusConfig(handle);
- if (statusConfig == NULL)
- return SECSuccess;
-
- statusContext = ocsp_GetCheckingContext(handle);
- PORT_Assert(statusContext != NULL);
- if (statusContext == NULL)
- return SECFailure;
-
- if (statusContext->defaultResponderCert != NULL) {
- CERT_DestroyCertificate(statusContext->defaultResponderCert);
- statusContext->defaultResponderCert = NULL;
- }
-
- /*
- * Finally, record the fact.
- */
- statusContext->useDefaultResponder = PR_FALSE;
- return SECSuccess;
-}
-
-/*
- * Digest the cert's subject public key using the specified algorithm.
- * The necessary storage for the digest data is allocated. If "fill" is
- * non-null, the data is put there, otherwise a SECItem is allocated.
- * Allocation from "arena" if it is non-null, heap otherwise. Any problem
- * results in a NULL being returned (and an appropriate error set).
- */
-SECItem *
-CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert,
- SECOidTag digestAlg, SECItem *fill)
-{
- const SECHashObject *digestObject;
- void *digestContext;
- SECItem *result = NULL;
- void *mark = NULL;
- SECItem spk;
-
- if ( arena != NULL ) {
- mark = PORT_ArenaMark(arena);
- }
-
- digestObject = HASH_GetHashObjectByOidTag(digestAlg);
- if ( digestObject == NULL ) {
- goto loser;
- }
-
- if ((fill == NULL) || (fill->data == NULL)) {
- result = SECITEM_AllocItem(arena, fill, digestObject->length);
- if ( result == NULL ) {
- goto loser;
- }
- fill = result;
- }
-
- /*
- * Copy just the length and data pointer (nothing needs to be freed)
- * of the subject public key so we can convert the length from bits
- * to bytes, which is what the digest function expects.
- */
- spk = cert->subjectPublicKeyInfo.subjectPublicKey;
- DER_ConvertBitString(&spk);
-
- /*
- * Now digest the value, using the specified algorithm.
- */
- digestContext = digestObject->create();
- if ( digestContext == NULL ) {
- goto loser;
- }
- digestObject->begin(digestContext);
- digestObject->update(digestContext, spk.data, spk.len);
- digestObject->end(digestContext, fill->data, &(fill->len), fill->len);
- digestObject->destroy(digestContext, PR_TRUE);
-
- if ( arena != NULL ) {
- PORT_ArenaUnmark(arena, mark);
- }
- return(fill);
-
-loser:
- if ( arena != NULL ) {
- PORT_ArenaRelease(arena, mark);
- } else {
- if ( result != NULL ) {
- SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
- }
- }
- return(NULL);
-}
-
-SECStatus
-CERT_GetOCSPResponseStatus(CERTOCSPResponse *response)
-{
- PORT_Assert(response);
- if (response->statusValue == ocspResponse_successful)
- return SECSuccess;
-
- switch (response->statusValue) {
- case ocspResponse_malformedRequest:
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
- break;
- case ocspResponse_internalError:
- PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
- break;
- case ocspResponse_tryLater:
- PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
- break;
- case ocspResponse_sigRequired:
- /* XXX We *should* retry with a signature, if possible. */
- PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
- break;
- case ocspResponse_unauthorized:
- PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
- break;
- case ocspResponse_other:
- case ocspResponse_unused:
- default:
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
- break;
- }
- return SECFailure;
-}
diff --git a/security/nss/lib/certhigh/ocsp.h b/security/nss/lib/certhigh/ocsp.h
deleted file mode 100644
index 428c624d4..000000000
--- a/security/nss/lib/certhigh/ocsp.h
+++ /dev/null
@@ -1,534 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interface to the OCSP implementation.
- *
- * $Id$
- */
-
-#ifndef _OCSP_H_
-#define _OCSP_H_
-
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "keyt.h"
-#include "certt.h"
-#include "ocspt.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * FUNCTION: CERT_EnableOCSPChecking
- * Turns on OCSP checking for the given certificate database.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be enabled.
- * RETURN:
- * Returns SECFailure if an error occurred (likely only problem
- * allocating memory); SECSuccess otherwise.
- */
-extern SECStatus
-CERT_EnableOCSPChecking(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_DisableOCSPChecking
- * Turns off OCSP checking for the given certificate database.
- * This routine disables OCSP checking. Though it will return
- * SECFailure if OCSP checking is not enabled, it is "safe" to
- * call it that way and just ignore the return value, if it is
- * easier to just call it than to "remember" whether it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be disabled.
- * RETURN:
- * Returns SECFailure if an error occurred (usually means that OCSP
- * checking was not enabled or status contexts were not initialized --
- * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
- */
-extern SECStatus
-CERT_DisableOCSPChecking(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_SetOCSPDefaultResponder
- * Specify the location and cert of the default responder.
- * If OCSP checking is already enabled *and* use of a default responder
- * is also already enabled, all OCSP checking from now on will go directly
- * to the specified responder. If OCSP checking is not enabled, or if
- * it is but use of a default responder is not enabled, the information
- * will be recorded and take effect whenever both are enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * char *url
- * The location of the default responder (e.g. "http://foo.com:80/ocsp")
- * Note that the location will not be tested until the first attempt
- * to send a request there.
- * char *name
- * The nickname of the cert to trust (expected) to sign the OCSP responses.
- * If the corresponding cert cannot be found, SECFailure is returned.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * The most likely error is that the cert for "name" could not be found
- * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
- * bad database, etc.).
- */
-extern SECStatus
-CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
- const char *url, const char *name);
-
-/*
- * FUNCTION: CERT_EnableOCSPDefaultResponder
- * Turns on use of a default responder when OCSP checking.
- * If OCSP checking is already enabled, this will make subsequent checks
- * go directly to the default responder. (The location of the responder
- * and the nickname of the responder cert must already be specified.)
- * If OCSP checking is not enabled, this will be recorded and take effect
- * whenever it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * No errors are especially likely unless the caller did not previously
- * perform a successful call to SetOCSPDefaultResponder (in which case
- * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
- */
-extern SECStatus
-CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_DisableOCSPDefaultResponder
- * Turns off use of a default responder when OCSP checking.
- * (Does nothing if use of a default responder is not enabled.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should stop using a default
- * responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * Errors very unlikely (like random memory corruption...).
- */
-extern SECStatus
-CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle);
-
-/*
- * -------------------------------------------------------
- * The Functions above are those expected to be used by a client
- * providing OCSP status checking along with every cert verification.
- * The functions below are for OCSP testing, debugging, or clients
- * or servers performing more specialized OCSP tasks.
- * -------------------------------------------------------
- */
-
-/*
- * FUNCTION: CERT_CreateOCSPRequest
- * Creates a CERTOCSPRequest, requesting the status of the certs in
- * the given list.
- * INPUTS:
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no effect on the request itself.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * XXX note that request signing is not yet supported; see comment in code
- * RETURN:
- * A pointer to a CERTOCSPRequest structure containing an OCSP request
- * for the cert list. On error, null is returned, with an error set
- * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
- * (The issuer is needed to create a request for the certificate.)
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-extern CERTOCSPRequest *
-CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert);
-
-/*
- * FUNCTION: CERT_AddOCSPAcceptableResponses
- * Add the AcceptableResponses extension to an OCSP Request.
- * INPUTS:
- * CERTOCSPRequest *request
- * The request to which the extension should be added.
- * SECOidTag responseType0, ...
- * A list (of one or more) of SECOidTag -- each of the response types
- * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
- * (This marks the end of the list, and it must be specified because a
- * client conforming to the OCSP standard is required to handle the basic
- * response type.) The OIDs are not checked in any way.
- * RETURN:
- * SECSuccess if the extension is added; SECFailure if anything goes wrong.
- * All errors are internal or low-level problems (e.g. no memory).
- */
-extern SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
- SECOidTag responseType0, ...);
-
-/*
- * FUNCTION: CERT_EncodeOCSPRequest
- * DER encodes an OCSP Request, possibly adding a signature as well.
- * XXX Signing is not yet supported, however; see comments in code.
- * INPUTS:
- * PRArenaPool *arena
- * The return value is allocated from here.
- * If a NULL is passed in, allocation is done from the heap instead.
- * CERTOCSPRequest *request
- * The request to be encoded.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * RETURN:
- * Returns a NULL on error and a pointer to the SECItem with the
- * encoded value otherwise. Any error is likely to be low-level
- * (e.g. no memory).
- */
-extern SECItem *
-CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request,
- void *pwArg);
-
-/*
- * FUNCTION: CERT_DecodeOCSPRequest
- * Decode a DER encoded OCSP Request.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Request.
- * RETURN:
- * Returns a pointer to a CERTOCSPRequest containing the decoded request.
- * On error, returns NULL. Most likely error is trouble decoding
- * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
- */
-extern CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src);
-
-/*
- * FUNCTION: CERT_DestroyOCSPRequest
- * Frees an OCSP Request structure.
- * INPUTS:
- * CERTOCSPRequest *request
- * Pointer to CERTOCSPRequest to be freed.
- * RETURN:
- * No return value; no errors.
- */
-extern void
-CERT_DestroyOCSPRequest(CERTOCSPRequest *request);
-
-/*
- * FUNCTION: CERT_DecodeOCSPResponse
- * Decode a DER encoded OCSP Response.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Response.
- * RETURN:
- * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
- * the caller is responsible for destroying it. Or NULL if error (either
- * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
- * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
- * or a low-level or internal error occurred).
- */
-extern CERTOCSPResponse *
-CERT_DecodeOCSPResponse(SECItem *src);
-
-/*
- * FUNCTION: CERT_DestroyOCSPResponse
- * Frees an OCSP Response structure.
- * INPUTS:
- * CERTOCSPResponse *request
- * Pointer to CERTOCSPResponse to be freed.
- * RETURN:
- * No return value; no errors.
- */
-extern void
-CERT_DestroyOCSPResponse(CERTOCSPResponse *response);
-
-/*
- * FUNCTION: CERT_GetEncodedOCSPResponse
- * Creates and sends a request to an OCSP responder, then reads and
- * returns the (encoded) response.
- * INPUTS:
- * PRArenaPool *arena
- * Pointer to arena from which return value will be allocated.
- * If NULL, result will be allocated from the heap (and thus should
- * be freed via SECITEM_FreeItem).
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * char *location
- * The location of the OCSP responder (a URL).
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no other bearing on the operation.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * OUTPUTS:
- * CERTOCSPRequest **pRequest
- * Pointer in which to store the OCSP request created for the given
- * list of certificates. It is only filled in if the entire operation
- * is successful and the pointer is not null -- and in that case the
- * caller is then reponsible for destroying it.
- * RETURN:
- * Returns a pointer to the SECItem holding the response.
- * On error, returns null with error set describing the reason:
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-extern SECItem *
-CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
- char *location, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert, void *pwArg,
- CERTOCSPRequest **pRequest);
-
-/*
- * FUNCTION: CERT_VerifyOCSPResponseSignature
- * Check the signature on an OCSP Response. Will also perform a
- * verification of the signer's certificate. Note, however, that a
- * successful verification does not make any statement about the
- * signer's *authority* to provide status for the certificate(s),
- * that must be checked individually for each certificate.
- * INPUTS:
- * CERTOCSPResponse *response
- * Pointer to response structure with signature to be checked.
- * CERTCertDBHandle *handle
- * Pointer to CERTCertDBHandle for certificate DB to use for verification.
- * void *pwArg
- * Pointer to argument for password prompting, if needed.
- * CERTCertificate *issuerCert
- * Issuer of the certificate that generated the OCSP request.
- * OUTPUTS:
- * CERTCertificate **pSignerCert
- * Pointer in which to store signer's certificate; only filled-in if
- * non-null.
- * RETURN:
- * Returns SECSuccess when signature is valid, anything else means invalid.
- * Possible errors set:
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
- * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
- * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-extern SECStatus
-CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
- CERTCertDBHandle *handle, void *pwArg,
- CERTCertificate **pSignerCert,
- CERTCertificate *issuerCert);
-
-/*
- * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
- * Get the value of the URI of the OCSP responder for the given cert.
- * This is found in the (optional) Authority Information Access extension
- * in the cert.
- * INPUTS:
- * CERTCertificate *cert
- * The certificate being examined.
- * RETURN:
- * char *
- * A copy of the URI for the OCSP method, if found. If either the
- * extension is not present or it does not contain an entry for OCSP,
- * SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
- * Any other error will also result in a NULL being returned.
- *
- * This result should be freed (via PORT_Free) when no longer in use.
- */
-extern char *
-CERT_GetOCSPAuthorityInfoAccessLocation(CERTCertificate *cert);
-
-/*
- * FUNCTION: CERT_CheckOCSPStatus
- * Checks the status of a certificate via OCSP. Will only check status for
- * a certificate that has an AIA (Authority Information Access) extension
- * for OCSP *or* when a "default responder" is specified and enabled.
- * (If no AIA extension for OCSP and no default responder in place, the
- * cert is considered to have a good status and SECSuccess is returned.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * certificate DB of the cert that is being checked
- * CERTCertificate *cert
- * the certificate being checked
- * XXX in the long term also need a boolean parameter that specifies
- * whether to check the cert chain, as well; for now we check only
- * the leaf (the specified certificate)
- * int64 time
- * time for which status is to be determined
- * void *pwArg
- * argument for password prompting, if needed
- * RETURN:
- * Returns SECSuccess if an approved OCSP responder "knows" the cert
- * *and* returns a non-revoked status for it; SECFailure otherwise,
- * with an error set describing the reason:
- *
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * SEC_ERROR_OCSP_FUTURE_RESPONSE
- * SEC_ERROR_OCSP_MALFORMED_REQUEST
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE
- * SEC_ERROR_OCSP_OLD_RESPONSE
- * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- * SEC_ERROR_OCSP_SERVER_ERROR
- * SEC_ERROR_OCSP_TRY_SERVER_LATER
- * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * SEC_ERROR_OCSP_UNKNOWN_CERT
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
- *
- * SEC_ERROR_BAD_SIGNATURE
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_INVALID_TIME
- * SEC_ERROR_REVOKED_CERTIFICATE
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_UNKNOWN_SIGNER
- *
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (error allocating
- * memory, error performing ASN.1 decoding, etc.).
- */
-extern SECStatus
-CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
- int64 time, void *pwArg);
-/*
- * FUNCTION: CERT_GetOCSPStatusForCertID
- * Returns the OCSP status contained in the passed in paramter response
- * that corresponds to the certID passed in.
- * INPUTS:
- * CERTCertDBHandle *handle
- * certificate DB of the cert that is being checked
- * CERTOCSPResponse *response
- * the OCSP response we want to retrieve status from.
- * CERTOCSPCertID *certID
- * the ID we want to look for from the response.
- * CERTCertificate *signerCert
- * the certificate that was used to sign the OCSP response.
- * must be obtained via a call to CERT_VerifyOCSPResponseSignature.
- * int64 time
- * The time at which we're checking the status for.
- * RETURN:
- * Return values are the same as those for CERT_CheckOCSPStatus
- */
-extern SECStatus
-CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
- CERTOCSPResponse *response,
- CERTOCSPCertID *certID,
- CERTCertificate *signerCert,
- int64 time);
-
-/*
- * FUNCTION CERT_GetOCSPResponseStatus
- * Returns the response status for the response passed.
- * INPUTS:
- * CERTOCSPResponse *response
- * The response to query for status
- * RETURN:
- * Returns SECSuccess if the response has a successful status value.
- * Otherwise it returns SECFailure and sets one of the following error
- * codes via PORT_SetError
- * SEC_ERROR_OCSP_MALFORMED_REQUEST
- * SEC_ERROR_OCSP_SERVER_ERROR
- * SEC_ERROR_OCSP_TRY_SERVER_LATER
- * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- */
-extern SECStatus
-CERT_GetOCSPResponseStatus(CERTOCSPResponse *response);
-
-/*
- * FUNCTION CERT_CreateOCSPCertID
- * Returns the OCSP certID for the certificate passed in.
- * INPUTS:
- * CERTCertificate *cert
- * The certificate for which to create the certID for.
- * int64 time
- * The time at which the id is requested for. This is used
- * to determine the appropriate issuer for the cert since
- * the issuing CA may be an older expired certificate.
- * RETURN:
- * A new copy of a CERTOCSPCertID*. The memory for this certID
- * should be freed by calling CERT_DestroyOCSPCertID when the
- * certID is no longer necessary.
- */
-extern CERTOCSPCertID*
-CERT_CreateOCSPCertID(CERTCertificate *cert, int64 time);
-
-/*
- * FUNCTION: CERT_DestroyOCSPCertID
- * Frees the memory associated with the certID passed in.
- * INPUTS:
- * CERTOCSPCertID* certID
- * The certID that the caller no longer needs and wants to
- * free the associated memory.
- * RETURN:
- * SECSuccess if freeing the memory was successful. Returns
- * SECFailure if the memory passed in was not allocated with
- * a call to CERT_CreateOCSPCertID.
- */
-extern SECStatus
-CERT_DestroyOCSPCertID(CERTOCSPCertID* certID);
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _OCSP_H_ */
diff --git a/security/nss/lib/certhigh/ocspt.h b/security/nss/lib/certhigh/ocspt.h
deleted file mode 100644
index 3f1563855..000000000
--- a/security/nss/lib/certhigh/ocspt.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public header for exported OCSP types.
- *
- * $Id$
- */
-
-#ifndef _OCSPT_H_
-#define _OCSPT_H_
-
-/*
- * The following are all opaque types. If someone needs to get at
- * a field within, then we need to fix the API. Try very hard not
- * make the type available to them.
- */
-typedef struct CERTOCSPRequestStr CERTOCSPRequest;
-typedef struct CERTOCSPResponseStr CERTOCSPResponse;
-
-/*
- * XXX I think only those first two above should need to be exported,
- * but until I know for certain I am leaving the rest of these here, too.
- */
-typedef struct CERTOCSPCertIDStr CERTOCSPCertID;
-typedef struct CERTOCSPCertStatusStr CERTOCSPCertStatus;
-typedef struct CERTOCSPSingleResponseStr CERTOCSPSingleResponse;
-
-#endif /* _OCSPT_H_ */
diff --git a/security/nss/lib/certhigh/ocspti.h b/security/nss/lib/certhigh/ocspti.h
deleted file mode 100644
index 2bb7bfe72..000000000
--- a/security/nss/lib/certhigh/ocspti.h
+++ /dev/null
@@ -1,405 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Private header defining OCSP types.
- *
- * $Id$
- */
-
-#ifndef _OCSPTI_H_
-#define _OCSPTI_H_
-
-#include "ocspt.h"
-
-#include "certt.h"
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-
-
-/*
- * Some notes about naming conventions...
- *
- * The public data types all start with "CERTOCSP" (e.g. CERTOCSPRequest).
- * (Even the public types are opaque, however. Only their names are
- * "exported".)
- *
- * Internal-only data types drop the "CERT" prefix and use only the
- * lower-case "ocsp" (e.g. ocspTBSRequest), for brevity sake.
- *
- * In either case, the base/suffix of the type name usually matches the
- * name as defined in the OCSP specification. The exceptions to this are:
- * - When there is overlap between the "OCSP" or "ocsp" prefix and
- * the name used in the standard. That is, you cannot strip off the
- * "CERTOCSP" or "ocsp" prefix and necessarily get the name of the
- * type as it is defined in the standard; the "real" name will be
- * *either* "OCSPSuffix" or just "Suffix".
- * - When the name in the standard was a little too generic. (e.g. The
- * standard defines "Request" but we call it a "SingleRequest".)
- * In this case a comment above the type definition calls attention
- * to the difference.
- *
- * The definitions laid out in this header file are intended to follow
- * the same order as the definitions in the OCSP specification itself.
- * With the OCSP standard in hand, you should be able to move through
- * this file and follow along. To future modifiers of this file: please
- * try to keep it that way. The only exceptions are the few cases where
- * we need to define a type before it is referenced (e.g. enumerations),
- * whereas in the OCSP specification these are usually defined the other
- * way around (reference before definition).
- */
-
-
-/*
- * Forward-declarations of internal-only data structures.
- *
- * These are in alphabetical order (case-insensitive); please keep it that way!
- */
-typedef struct ocspBasicOCSPResponseStr ocspBasicOCSPResponse;
-typedef struct ocspCertStatusStr ocspCertStatus;
-typedef struct ocspResponderIDStr ocspResponderID;
-typedef struct ocspResponseBytesStr ocspResponseBytes;
-typedef struct ocspResponseDataStr ocspResponseData;
-typedef struct ocspRevokedInfoStr ocspRevokedInfo;
-typedef struct ocspServiceLocatorStr ocspServiceLocator;
-typedef struct ocspSignatureStr ocspSignature;
-typedef struct ocspSingleRequestStr ocspSingleRequest;
-typedef struct ocspSingleResponseStr ocspSingleResponse;
-typedef struct ocspTBSRequestStr ocspTBSRequest;
-
-
-/*
- * An OCSPRequest; this is what is sent (encoded) to an OCSP responder.
- */
-struct CERTOCSPRequestStr {
- PRArenaPool *arena; /* local; not part of encoding */
- ocspTBSRequest *tbsRequest;
- ocspSignature *optionalSignature;
-};
-
-/*
- * A TBSRequest; when an OCSPRequest is signed, the encoding of this
- * is what the signature is actually applied to. ("TBS" == To Be Signed)
- * Whether signed or not, however, this structure will be present, and
- * is the "meat" of the OCSPRequest.
- *
- * Note that the "requestorName" field cannot be encoded/decoded in the
- * same pass as the entire request -- it needs to be handled with a special
- * call to convert to/from our internal form of a GeneralName. Thus the
- * "derRequestorName" field, which is the actual DER-encoded bytes.
- *
- * The "extensionHandle" field is used on creation only; it holds
- * in-progress extensions as they are optionally added to the request.
- */
-struct ocspTBSRequestStr {
- SECItem version; /* an INTEGER */
- SECItem *derRequestorName; /* encoded GeneralName; see above */
- CERTGeneralNameList *requestorName; /* local; not part of encoding */
- ocspSingleRequest **requestList;
- CERTCertExtension **requestExtensions;
- void *extensionHandle; /* local; not part of encoding */
-};
-
-/*
- * This is the actual signature information for an OCSPRequest (applied to
- * the TBSRequest structure) or for a BasicOCSPResponse (applied to a
- * ResponseData structure).
- *
- * Note that the "signature" field itself is a BIT STRING; operations on
- * it need to keep that in mind, converting the length to bytes as needed
- * and back again afterward (so that the length is usually expressing bits).
- *
- * The "cert" field is the signer's certificate. In the case of a received
- * signature, it will be filled in when the signature is verified. In the
- * case of a created signature, it is filled in on creation and will be the
- * cert used to create the signature when the signing-and-encoding occurs,
- * as well as the cert (and its chain) to fill in derCerts if requested.
- *
- * The extra fields cache information about the signature after we have
- * attempted a verification. "wasChecked", if true, means the signature
- * has been checked against the appropriate data and thus that "status"
- * contains the result of that verification. If "status" is not SECSuccess,
- * "failureReason" is a copy of the error code that was set at the time;
- * presumably it tells why the signature verification failed.
- */
-struct ocspSignatureStr {
- SECAlgorithmID signatureAlgorithm;
- SECItem signature; /* a BIT STRING */
- SECItem **derCerts; /* a SEQUENCE OF Certificate */
- CERTCertificate *cert; /* local; not part of encoding */
- PRBool wasChecked; /* local; not part of encoding */
- SECStatus status; /* local; not part of encoding */
- int failureReason; /* local; not part of encoding */
-};
-
-/*
- * An OCSPRequest contains a SEQUENCE OF these, one for each certificate
- * whose status is being checked.
- *
- * Note that in the OCSP specification this is just called "Request",
- * but since that seemed confusing (vs. an OCSPRequest) and to be more
- * consistent with the parallel type "SingleResponse", I called it a
- * "SingleRequest".
- *
- * XXX figure out how to get rid of that arena -- there must be a way
- */
-struct ocspSingleRequestStr {
- PRArenaPool *arena; /* just a copy of the response arena,
- * needed here for extension handling
- * routines, on creation only */
- CERTOCSPCertID *reqCert;
- CERTCertExtension **singleRequestExtensions;
-};
-
-/*
- * A CertID is the means of identifying a certificate, used both in requests
- * and in responses.
- *
- * When in a SingleRequest it specifies the certificate to be checked.
- * When in a SingleResponse it is the cert whose status is being given.
- */
-struct CERTOCSPCertIDStr {
- SECAlgorithmID hashAlgorithm;
- SECItem issuerNameHash; /* an OCTET STRING */
- SECItem issuerKeyHash; /* an OCTET STRING */
- SECItem serialNumber; /* an INTEGER */
- SECItem issuerSHA1NameHash; /* keep other hashes around when */
- SECItem issuerMD5NameHash; /* we have them */
- SECItem issuerMD2NameHash;
- SECItem issuerSHA1KeyHash; /* keep other hashes around when */
- SECItem issuerMD5KeyHash; /* we have them */
- SECItem issuerMD2KeyHash;
- PRArenaPool *poolp;
-};
-
-/*
- * This describes the value of the responseStatus field in an OCSPResponse.
- * The corresponding ASN.1 definition is:
- *
- * OCSPResponseStatus ::= ENUMERATED {
- * successful (0), --Response has valid confirmations
- * malformedRequest (1), --Illegal confirmation request
- * internalError (2), --Internal error in issuer
- * tryLater (3), --Try again later
- * --(4) is not used
- * sigRequired (5), --Must sign the request
- * unauthorized (6), --Request unauthorized
- * }
- */
-typedef enum {
- ocspResponse_successful = 0,
- ocspResponse_malformedRequest = 1,
- ocspResponse_internalError = 2,
- ocspResponse_tryLater = 3,
- ocspResponse_unused = 4,
- ocspResponse_sigRequired = 5,
- ocspResponse_unauthorized = 6,
- ocspResponse_other /* unknown/unrecognized value */
-} ocspResponseStatus;
-
-/*
- * An OCSPResponse is what is sent (encoded) by an OCSP responder.
- *
- * The field "responseStatus" is the ASN.1 encoded value; the field
- * "statusValue" is simply that same value translated into our local
- * type ocspResponseStatus.
- */
-struct CERTOCSPResponseStr {
- PRArenaPool *arena; /* local; not part of encoding */
- SECItem responseStatus; /* an ENUMERATED, see above */
- ocspResponseStatus statusValue; /* local; not part of encoding */
- ocspResponseBytes *responseBytes; /* only when status is successful */
-};
-
-/*
- * A ResponseBytes (despite appearances) is what contains the meat
- * of a successful response -- but still in encoded form. The type
- * given as "responseType" tells you how to decode the string.
- *
- * We look at the OID and translate it into our local OID representation
- * "responseTypeTag", and use that value to tell us how to decode the
- * actual response itself. For now the only kind of OCSP response we
- * know about is a BasicOCSPResponse. However, the intention in the
- * OCSP specification is to allow for other response types, so we are
- * building in that flexibility from the start and thus put a pointer
- * to that data structure inside of a union. Whenever OCSP adds more
- * response types, just add them to the union.
- */
-struct ocspResponseBytesStr {
- SECItem responseType; /* an OBJECT IDENTIFIER */
- SECOidTag responseTypeTag; /* local; not part of encoding */
- SECItem response; /* an OCTET STRING */
- union {
- ocspBasicOCSPResponse *basic; /* when type is id-pkix-ocsp-basic */
- } decodedResponse; /* local; not part of encoding */
-};
-
-/*
- * A BasicOCSPResponse -- when the responseType in a ResponseBytes is
- * id-pkix-ocsp-basic, the "response" OCTET STRING above is the DER
- * encoding of one of these.
- *
- * Note that in the OCSP specification, the signature fields are not
- * part of a separate sub-structure. But since they are the same fields
- * as we define for the signature in a request, it made sense to share
- * the C data structure here and in some shared code to operate on them.
- */
-struct ocspBasicOCSPResponseStr {
- ocspResponseData *tbsResponseData; /* "tbs" == To Be Signed */
- ocspSignature responseSignature;
-};
-
-/*
- * A ResponseData is the part of a BasicOCSPResponse that is signed
- * (after it is DER encoded). It contains the real details of the response
- * (a per-certificate status).
- */
-struct ocspResponseDataStr {
- SECItem version; /* an INTEGER */
- SECItem derResponderID;
- ocspResponderID *responderID; /* local; not part of encoding */
- SECItem producedAt; /* a GeneralizedTime */
- CERTOCSPSingleResponse **responses;
- CERTCertExtension **responseExtensions;
-};
-
-/*
- * A ResponderID identifies the responder -- or more correctly, the
- * signer of the response. The ASN.1 definition of a ResponderID is:
- *
- * ResponderID ::= CHOICE {
- * byName [1] EXPLICIT Name,
- * byKey [2] EXPLICIT KeyHash }
- *
- * Because it is CHOICE, the type of identification used and the
- * identification itself are actually encoded together. To represent
- * this same information internally, we explicitly define a type and
- * save it, along with the value, into a data structure.
- */
-
-typedef enum {
- ocspResponderID_byName,
- ocspResponderID_byKey,
- ocspResponderID_other /* unknown kind of responderID */
-} ocspResponderIDType;
-
-struct ocspResponderIDStr {
- ocspResponderIDType responderIDType;/* local; not part of encoding */
- union {
- CERTName name; /* when ocspResponderID_byName */
- SECItem keyHash; /* when ocspResponderID_byKey */
- SECItem other; /* when ocspResponderID_other */
- } responderIDValue;
-};
-
-/*
- * The ResponseData in a BasicOCSPResponse contains a SEQUENCE OF
- * SingleResponse -- one for each certificate whose status is being supplied.
- *
- * XXX figure out how to get rid of that arena -- there must be a way
- */
-struct CERTOCSPSingleResponseStr {
- PRArenaPool *arena; /* just a copy of the response arena,
- * needed here for extension handling
- * routines, on creation only */
- CERTOCSPCertID *certID;
- SECItem derCertStatus;
- ocspCertStatus *certStatus; /* local; not part of encoding */
- SECItem thisUpdate; /* a GeneralizedTime */
- SECItem *nextUpdate; /* a GeneralizedTime */
- CERTCertExtension **singleExtensions;
-};
-
-/*
- * A CertStatus is the actual per-certificate status. Its ASN.1 definition:
- *
- * CertStatus ::= CHOICE {
- * good [0] IMPLICIT NULL,
- * revoked [1] IMPLICIT RevokedInfo,
- * unknown [2] IMPLICIT UnknownInfo }
- *
- * (where for now UnknownInfo is defined to be NULL but in the
- * future may be replaced with an enumeration).
- *
- * Because it is CHOICE, the status value and its associated information
- * (if any) are actually encoded together. To represent this same
- * information internally, we explicitly define a type and save it,
- * along with the value, into a data structure.
- */
-
-typedef enum {
- ocspCertStatus_good, /* cert is not revoked */
- ocspCertStatus_revoked, /* cert is revoked */
- ocspCertStatus_unknown, /* cert was unknown to the responder */
- ocspCertStatus_other /* status was not an expected value */
-} ocspCertStatusType;
-
-/*
- * This is the actual per-certificate status.
- *
- * The "goodInfo" and "unknownInfo" items are only place-holders for a NULL.
- * (Though someday OCSP may replace UnknownInfo with an enumeration that
- * gives more detailed information.)
- */
-struct ocspCertStatusStr {
- ocspCertStatusType certStatusType; /* local; not part of encoding */
- union {
- SECItem *goodInfo; /* when ocspCertStatus_good */
- ocspRevokedInfo *revokedInfo; /* when ocspCertStatus_revoked */
- SECItem *unknownInfo; /* when ocspCertStatus_unknown */
- SECItem *otherInfo; /* when ocspCertStatus_other */
- } certStatusInfo;
-};
-
-/*
- * A RevokedInfo gives information about a revoked certificate -- when it
- * was revoked and why.
- */
-struct ocspRevokedInfoStr {
- SECItem revocationTime; /* a GeneralizedTime */
- SECItem *revocationReason; /* a CRLReason; ignored for now */
-};
-
-/*
- * ServiceLocator can be included as one of the singleRequestExtensions.
- * When added, it specifies the (name of the) issuer of the cert being
- * checked, and optionally the value of the AuthorityInfoAccess extension
- * if the cert has one.
- */
-struct ocspServiceLocatorStr {
- CERTName *issuer;
- SECItem locator; /* DER encoded authInfoAccess extension from cert */
-};
-
-#endif /* _OCSPTI_H_ */
diff --git a/security/nss/lib/certhigh/xcrldist.c b/security/nss/lib/certhigh/xcrldist.c
deleted file mode 100644
index d428d73c8..000000000
--- a/security/nss/lib/certhigh/xcrldist.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with x.509 v3 CRL Distribution Point extension.
- */
-#include "genname.h"
-#include "certt.h"
-#include "secerr.h"
-
-extern void PrepareBitStringForEncoding (SECItem *bitMap, SECItem *value);
-
-static const SEC_ASN1Template FullNameTemplate[] = {
- {SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
- offsetof (CRLDistributionPoint,derFullName), CERT_GeneralNamesTemplate}
-};
-
-static const SEC_ASN1Template RelativeNameTemplate[] = {
- {SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 1,
- offsetof (CRLDistributionPoint,distPoint.relativeName), CERT_RDNTemplate}
-};
-
-static const SEC_ASN1Template CRLDistributionPointTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRLDistributionPoint) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 0,
- offsetof(CRLDistributionPoint,derDistPoint), SEC_AnyTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CRLDistributionPoint,bitsmap), SEC_BitStringTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | 2,
- offsetof(CRLDistributionPoint, derCrlIssuer), CERT_GeneralNamesTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CERTCRLDistributionPointsTemplate[] = {
- {SEC_ASN1_SEQUENCE_OF, 0, CRLDistributionPointTemplate}
-};
-
-SECStatus
-CERT_EncodeCRLDistributionPoints (PRArenaPool *arena, CERTCrlDistributionPoints *value,
- SECItem *derValue)
-{
- CRLDistributionPoint **pointList, *point;
- PRArenaPool *ourPool = NULL;
- SECStatus rv = SECSuccess;
-
- PORT_Assert (derValue);
- PORT_Assert (value && value->distPoints);
-
- do {
- ourPool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (ourPool == NULL) {
- rv = SECFailure;
- break;
- }
-
- pointList = value->distPoints;
- while (*pointList) {
- point = *pointList;
- point->derFullName = NULL;
- point->derDistPoint.data = NULL;
-
- if (point->distPointType == generalName) {
- point->derFullName = cert_EncodeGeneralNames
- (ourPool, point->distPoint.fullName);
-
- if (point->derFullName) {
- rv = (SEC_ASN1EncodeItem (ourPool, &point->derDistPoint,
- point, FullNameTemplate) == NULL) ? SECFailure : SECSuccess;
- } else {
- rv = SECFailure;
- }
- }
- else if (point->distPointType == relativeDistinguishedName) {
- if (SEC_ASN1EncodeItem
- (ourPool, &point->derDistPoint,
- point, RelativeNameTemplate) == NULL)
- rv = SECFailure;
- }
- /* distributionPointName is omitted */
- else if (point->distPointType != 0) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- rv = SECFailure;
- }
- if (rv != SECSuccess)
- break;
-
- if (point->reasons.data)
- PrepareBitStringForEncoding (&point->bitsmap, &point->reasons);
-
- if (point->crlIssuer) {
- point->derCrlIssuer = cert_EncodeGeneralNames
- (ourPool, point->crlIssuer);
- if (!point->crlIssuer)
- break;
- }
-
- ++pointList;
- }
- if (rv != SECSuccess)
- break;
- if (SEC_ASN1EncodeItem
- (arena, derValue, value, CERTCRLDistributionPointsTemplate) == NULL) {
- rv = SECFailure;
- break;
- }
- } while (0);
- PORT_FreeArena (ourPool, PR_FALSE);
- return (rv);
-}
-
-CERTCrlDistributionPoints *
-CERT_DecodeCRLDistributionPoints (PRArenaPool *arena, SECItem *encodedValue)
-{
- CERTCrlDistributionPoints *value = NULL;
- CRLDistributionPoint **pointList, *point;
- SECStatus rv;
- SECItem newEncodedValue;
-
- PORT_Assert (arena);
- do {
- value = (CERTCrlDistributionPoints*)PORT_ArenaZAlloc (arena, sizeof (*value));
- if (value == NULL) {
- rv = SECFailure;
- break;
- }
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue);
- if ( rv != SECSuccess ) {
- break;
- }
-
- rv = SEC_QuickDERDecodeItem
- (arena, &value->distPoints, CERTCRLDistributionPointsTemplate,
- &newEncodedValue);
- if (rv != SECSuccess)
- break;
-
- pointList = value->distPoints;
- while (*pointList) {
- point = *pointList;
-
- /* get the data if the distributionPointName is not omitted */
- if (point->derDistPoint.data != NULL) {
- point->distPointType = (DistributionPointTypes)
- ((point->derDistPoint.data[0] & 0x1f) +1);
- if (point->distPointType == generalName) {
- SECItem innerDER;
-
- innerDER.data = NULL;
- rv = SEC_QuickDERDecodeItem
- (arena, point, FullNameTemplate, &(point->derDistPoint));
- if (rv != SECSuccess)
- break;
- point->distPoint.fullName = cert_DecodeGeneralNames
- (arena, point->derFullName);
-
- if (!point->distPoint.fullName)
- break;
- }
- else if ( relativeDistinguishedName) {
- rv = SEC_QuickDERDecodeItem
- (arena, point, RelativeNameTemplate, &(point->derDistPoint));
- if (rv != SECSuccess)
- break;
- }
- else {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
- }
-
- /* Get the reason code if it's not omitted in the encoding */
- if (point->bitsmap.data != NULL) {
- point->reasons.data = (unsigned char*) PORT_ArenaAlloc
- (arena, (point->bitsmap.len + 7) >> 3);
- if (!point->reasons.data) {
- rv = SECFailure;
- break;
- }
- PORT_Memcpy (point->reasons.data, point->bitsmap.data,
- point->reasons.len = ((point->bitsmap.len + 7) >> 3));
- }
-
- /* Get the crl issuer name if it's not omitted in the encoding */
- if (point->derCrlIssuer != NULL) {
- point->crlIssuer = cert_DecodeGeneralNames
- (arena, point->derCrlIssuer);
-
- if (!point->crlIssuer)
- break;
- }
- ++pointList;
- }
- } while (0);
- return (rv == SECSuccess ? value : NULL);
-}
diff --git a/security/nss/lib/ckfw/.cvsignore b/security/nss/lib/ckfw/.cvsignore
deleted file mode 100644
index 988228d5a..000000000
--- a/security/nss/lib/ckfw/.cvsignore
+++ /dev/null
@@ -1,4 +0,0 @@
-nssckepv.h
-nssckg.h
-nssckft.h
-nssck.api
diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile
deleted file mode 100644
index 1a9dd6915..000000000
--- a/security/nss/lib/ckfw/Makefile
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# This'll need some help from a build person.
-
-# The generated files are checked in, and differ from what ckapi.perl
-# will produce. ckapi.perl is currently newer than the targets, so
-# these rules are invoked, causing the wrong files to be generated.
-# Turning off to fix builds.
-#
-# nssckepv.h: ck.api ckapi.perl
-# nssckft.h: ck.api ckapi.perl
-# nssckg.h: ck.api ckapi.perl
-# nssck.api: ck.api ckapi.perl
-# perl ckapi.perl ck.api
-
-export:: private_export
-
diff --git a/security/nss/lib/ckfw/builtins/.cvsignore b/security/nss/lib/ckfw/builtins/.cvsignore
deleted file mode 100644
index ccbbcce86..000000000
--- a/security/nss/lib/ckfw/builtins/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-certdata.c
diff --git a/security/nss/lib/ckfw/builtins/Makefile b/security/nss/lib/ckfw/builtins/Makefile
deleted file mode 100644
index 164e0c369..000000000
--- a/security/nss/lib/ckfw/builtins/Makefile
+++ /dev/null
@@ -1,101 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-EXTRA_LIBS = \
- $(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
- $(NULL)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# Link with the real NSPR DLLs for MinGW because the NSPR stubs in
-# nsprstub.c can't resolve the references to the _imp__PR_XXX symbols.
-# This is merely an expedient hack and not the right solution.
-ifdef NS_USE_GCC
-EXTRA_LIBS += \
- -L$(DIST)/lib \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-else
-EXTRA_LIBS += \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \
- $(NULL)
-endif
-
-else
-
-EXTRA_LIBS += \
- $(DIST)/lib/$(LIB_PREFIX)plc4.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)plds4.$(LIB_SUFFIX) \
- $(NULL)
-
-endif
-
-
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# Generate certdata.c.
-generate:
- perl certdata.perl < certdata.txt
-
-# This'll need some help from a build person.
-
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS = -lc
-MKSHLIB = xlC $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
- $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
- chmod +x $@
-
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-LD += -G
-endif
-
-
diff --git a/security/nss/lib/ckfw/builtins/README b/security/nss/lib/ckfw/builtins/README
deleted file mode 100644
index 1533420bd..000000000
--- a/security/nss/lib/ckfw/builtins/README
+++ /dev/null
@@ -1,31 +0,0 @@
-This README file explains how to add a builtin root CA certificate to NSS.
-The builtin root CA certificates in NSS are stored in the nssckbi PKCS #11
-module. The sources to the nssckbi module are in this directory. You need
-to use the addbuiltin command-line tool to add a root CA certificate to
-the nssckbi module. In the procedure described below, we assume that the
-new root CA certificate is distributed in DER format in the file newroot.der.
-
-1. Build addbuiltin by doing gmake in mozilla/security/nss/cmd/addbuiltin.
-(addbuiltin is not built by default.)
-
-2. Add the directory where the addbuiltin executable resides to your PATH
-environment variable. Then, add the directory where the NSPR and NSS shared
-libraries (DLLs) reside to the platform-specific environment variable that
-specifies your shared library search path: LD_LIBRARY_PATH (most Unix
-variants), SHLIB_PATH (32-bit HP-UX), LIBPATH (AIX), or PATH (Windows).
-
-3. Copy newroot.der to this directory.
-
-4. In this directory, run addbuiltin to add the new root certificate. The
-argument to the -n option should be replaced by the name of the root
-certificate. Then run "gmake generate".
-
- % addbuiltin -n "Name of the Root Certificate" -t C,C,C < newroot.der >> certdata.txt
- % gmake generate
-
-5. Edit nssckbi.h to bump the version of the module.
-
-6. Run gmake in this directory to build the nssckbi module.
-
-7. After you verify that the new nssckbi module is correct, check in
-certdata.txt, certdata.c, and nssckbi.h.
diff --git a/security/nss/lib/ckfw/builtins/anchor.c b/security/nss/lib/ckfw/builtins/anchor.c
deleted file mode 100644
index 12c77a75c..000000000
--- a/security/nss/lib/ckfw/builtins/anchor.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * builtins/anchor.c
- *
- * This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
- * comments in nssck.api for more information.
- */
-
-#include "builtins.h"
-
-#define MODULE_NAME builtins
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_builtins_mdInstance
-#include "nssck.api"
diff --git a/security/nss/lib/ckfw/builtins/bfind.c b/security/nss/lib/ckfw/builtins/bfind.c
deleted file mode 100644
index 13f45166f..000000000
--- a/security/nss/lib/ckfw/builtins/bfind.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-/*
- * builtins/find.c
- *
- * This file implements the NSSCKMDFindObjects object for the
- * "builtin objects" cryptoki module.
- */
-
-struct builtinsFOStr {
- NSSArena *arena;
- CK_ULONG n;
- CK_ULONG i;
- builtinsInternalObject **objs;
-};
-
-static void
-builtins_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
- NSSArena *arena = fo->arena;
-
- nss_ZFreeIf(fo->objs);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(mdFindObjects);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
-
- return;
-}
-
-static NSSCKMDObject *
-builtins_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
- builtinsInternalObject *io;
-
- if( fo->i == fo->n ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- io = fo->objs[ fo->i ];
- fo->i++;
-
- return nss_builtins_CreateMDObject(arena, io, pError);
-}
-
-static int
-builtins_derUnwrapInt(unsigned char *src, int size, unsigned char **dest) {
- unsigned char *start = src;
- int len = 0;
-
- if (*src ++ != 2) {
- return 0;
- }
- len = *src++;
- if (len & 0x80) {
- int count = len & 0x7f;
- len =0;
-
- if (count+2 > size) {
- return 0;
- }
- while (count-- > 0) {
- len = (len << 8) | *src++;
- }
- }
- if (len + (src-start) != size) {
- return 0;
- }
- *dest = src;
- return len;
-}
-
-static CK_BBOOL
-builtins_attrmatch
-(
- CK_ATTRIBUTE_PTR a,
- const NSSItem *b
-)
-{
- PRBool prb;
-
- if( a->ulValueLen != b->size ) {
- /* match a decoded serial number */
- if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
- int len;
- unsigned char *data;
-
- len = builtins_derUnwrapInt(b->data,b->size,&data);
- if ((len == a->ulValueLen) &&
- nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
- return CK_TRUE;
- }
- }
- return CK_FALSE;
- }
-
- prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
-
- if( PR_TRUE == prb ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
-}
-
-
-static CK_BBOOL
-builtins_match
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- builtinsInternalObject *o
-)
-{
- CK_ULONG i;
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- CK_ULONG j;
-
- for( j = 0; j < o->n; j++ ) {
- if( o->types[j] == pTemplate[i].type ) {
- if( CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j]) ) {
- return CK_FALSE;
- } else {
- break;
- }
- }
- }
-
- if( j == o->n ) {
- /* Loop ran to the end: no matching attribute */
- return CK_FALSE;
- }
- }
-
- /* Every attribute passed */
- return CK_TRUE;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- /* This could be made more efficient. I'm rather rushed. */
- NSSArena *arena;
- NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
- struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
- builtinsInternalObject **temp = (builtinsInternalObject **)NULL;
- PRUint32 i;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo = nss_ZNEW(arena, struct builtinsFOStr);
- if( (struct builtinsFOStr *)NULL == fo ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo->arena = arena;
- /* fo->n and fo->i are already zero */
-
- rv->etc = (void *)fo;
- rv->Final = builtins_mdFindObjects_Final;
- rv->Next = builtins_mdFindObjects_Next;
- rv->null = (void *)NULL;
-
- temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
- nss_builtins_nObjects);
- if( (builtinsInternalObject **)NULL == temp ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- for( i = 0; i < nss_builtins_nObjects; i++ ) {
- builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
-
- if( CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o) ) {
- temp[ fo->n ] = o;
- fo->n++;
- }
- }
-
- fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
- if( (builtinsInternalObject **)NULL == fo->objs ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
- nss_ZFreeIf(temp);
- temp = (builtinsInternalObject **)NULL;
-
- return rv;
-
- loser:
- nss_ZFreeIf(temp);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(rv);
- if ((NSSArena *)NULL != arena) {
- NSSArena_Destroy(arena);
- }
- return (NSSCKMDFindObjects *)NULL;
-}
-
diff --git a/security/nss/lib/ckfw/builtins/binst.c b/security/nss/lib/ckfw/builtins/binst.c
deleted file mode 100644
index e97c0d4bf..000000000
--- a/security/nss/lib/ckfw/builtins/binst.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/instance.c
- *
- * This file implements the NSSCKMDInstance object for the
- * "builtin objects" cryptoki module.
- */
-
-/*
- * NSSCKMDInstance methods
- */
-
-static CK_ULONG
-builtins_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (CK_ULONG)1;
-}
-
-static CK_VERSION
-builtins_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_CryptokiVersion;
-}
-
-static NSSUTF8 *
-builtins_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static NSSUTF8 *
-builtins_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_LibraryDescription;
-}
-
-static CK_VERSION
-builtins_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_LibraryVersion;
-}
-
-static CK_RV
-builtins_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
-{
- slots[0] = (NSSCKMDSlot *)&nss_builtins_mdSlot;
- return CKR_OK;
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDInstance
-nss_builtins_mdInstance = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Finalize */
- builtins_mdInstance_GetNSlots,
- builtins_mdInstance_GetCryptokiVersion,
- builtins_mdInstance_GetManufacturerID,
- builtins_mdInstance_GetLibraryDescription,
- builtins_mdInstance_GetLibraryVersion,
- NULL, /* ModuleHandlesSessionObjects -- defaults to false */
- builtins_mdInstance_GetSlots,
- NULL, /* WaitForSlotEvent */
- (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/bobject.c b/security/nss/lib/ckfw/builtins/bobject.c
deleted file mode 100644
index 0fff19932..000000000
--- a/security/nss/lib/ckfw/builtins/bobject.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/object.c
- *
- * This file implements the NSSCKMDObject object for the
- * "builtin objects" cryptoki module.
- */
-
-/*
- * Finalize - unneeded
- * Destroy - CKR_SESSION_READ_ONLY
- * IsTokenObject - CK_TRUE
- * GetAttributeCount
- * GetAttributeTypes
- * GetAttributeSize
- * GetAttribute
- * SetAttribute - unneeded
- * GetObjectSize
- */
-
-static CK_RV
-builtins_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CKR_SESSION_READ_ONLY;
-}
-
-static CK_BBOOL
-builtins_mdObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_TRUE;
-}
-
-static CK_ULONG
-builtins_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- return io->n;
-}
-
-static CK_RV
-builtins_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- if( io->n != ulCount ) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- for( i = 0; i < io->n; i++ ) {
- typeArray[i] = io->types[i];
- }
-
- return CKR_OK;
-}
-
-static CK_ULONG
-builtins_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- for( i = 0; i < io->n; i++ ) {
- if( attribute == io->types[i] ) {
- return (CK_ULONG)(io->items[i].size);
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
-}
-
-static NSSCKFWItem
-builtins_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- NSSCKFWItem mdItem;
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- mdItem.needsFreeing = PR_FALSE;
- mdItem.item = (NSSItem*) NULL;
-
- for( i = 0; i < io->n; i++ ) {
- if( attribute == io->types[i] ) {
- mdItem.item = (NSSItem*) &io->items[i];
- return mdItem;
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return mdItem;
-}
-
-static CK_ULONG
-builtins_mdObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
- CK_ULONG rv = sizeof(CK_ULONG);
-
- for( i = 0; i < io->n; i++ ) {
- rv += sizeof(CK_ATTRIBUTE_TYPE) + sizeof(NSSItem) + io->items[i].size;
- }
-
- return rv;
-}
-
-static const NSSCKMDObject
-builtins_prototype_mdObject = {
- (void *)NULL, /* etc */
- NULL, /* Finalize */
- builtins_mdObject_Destroy,
- builtins_mdObject_IsTokenObject,
- builtins_mdObject_GetAttributeCount,
- builtins_mdObject_GetAttributeTypes,
- builtins_mdObject_GetAttributeSize,
- builtins_mdObject_GetAttribute,
- NULL, /* FreeAttribute */
- NULL, /* SetAttribute */
- builtins_mdObject_GetObjectSize,
- (void *)NULL /* null terminator */
-};
-
-NSS_IMPLEMENT NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
- NSSArena *arena,
- builtinsInternalObject *io,
- CK_RV *pError
-)
-{
- if ( (void*)NULL == io->mdObject.etc) {
- (void) nsslibc_memcpy(&io->mdObject,&builtins_prototype_mdObject,
- sizeof(builtins_prototype_mdObject));
- io->mdObject.etc = (void *)io;
- }
-
- return &io->mdObject;
-}
diff --git a/security/nss/lib/ckfw/builtins/bsession.c b/security/nss/lib/ckfw/builtins/bsession.c
deleted file mode 100644
index e8d7f7522..000000000
--- a/security/nss/lib/ckfw/builtins/bsession.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/session.c
- *
- * This file implements the NSSCKMDSession object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSCKMDFindObjects *
-builtins_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- return nss_builtins_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
-}
-
-NSS_IMPLEMENT NSSCKMDSession *
-nss_builtins_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- NSSCKMDSession *rv;
-
- arena = NSSCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- return (NSSCKMDSession *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- /*
- * rv was zeroed when allocated, so we only
- * need to set the non-zero members.
- */
-
- rv->etc = (void *)fwSession;
- /* rv->Close */
- /* rv->GetDeviceError */
- /* rv->Login */
- /* rv->Logout */
- /* rv->InitPIN */
- /* rv->SetPIN */
- /* rv->GetOperationStateLen */
- /* rv->GetOperationState */
- /* rv->SetOperationState */
- /* rv->CreateObject */
- /* rv->CopyObject */
- rv->FindObjectsInit = builtins_mdSession_FindObjectsInit;
- /* rv->SeedRandom */
- /* rv->GetRandom */
- /* rv->null */
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/builtins/bslot.c b/security/nss/lib/ckfw/builtins/bslot.c
deleted file mode 100644
index 1a2df9e70..000000000
--- a/security/nss/lib/ckfw/builtins/bslot.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/slot.c
- *
- * This file implements the NSSCKMDSlot object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSUTF8 *
-builtins_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_SlotDescription;
-}
-
-static NSSUTF8 *
-builtins_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static CK_VERSION
-builtins_mdSlot_GetHardwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_HardwareVersion;
-}
-
-static CK_VERSION
-builtins_mdSlot_GetFirmwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_FirmwareVersion;
-}
-
-static NSSCKMDToken *
-builtins_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSCKMDToken *)&nss_builtins_mdToken;
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDSlot
-nss_builtins_mdSlot = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Destroy */
- builtins_mdSlot_GetSlotDescription,
- builtins_mdSlot_GetManufacturerID,
- NULL, /* GetTokenPresent -- defaults to true */
- NULL, /* GetRemovableDevice -- defaults to false */
- NULL, /* GetHardwareSlot -- defaults to false */
- builtins_mdSlot_GetHardwareVersion,
- builtins_mdSlot_GetFirmwareVersion,
- builtins_mdSlot_GetToken,
- (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/btoken.c b/security/nss/lib/ckfw/builtins/btoken.c
deleted file mode 100644
index ddf068e8e..000000000
--- a/security/nss/lib/ckfw/builtins/btoken.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/token.c
- *
- * This file implements the NSSCKMDToken object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSUTF8 *
-builtins_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_TokenLabel;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_TokenModel;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetSerialNumber
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_TokenSerialNumber;
-}
-
-static CK_BBOOL
-builtins_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_TRUE;
-}
-
-static CK_VERSION
-builtins_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_HardwareVersion;
-}
-
-static CK_VERSION
-builtins_mdToken_GetFirmwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_FirmwareVersion;
-}
-
-static NSSCKMDSession *
-builtins_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
-{
- return nss_builtins_CreateSession(fwSession, pError);
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDToken
-nss_builtins_mdToken = {
- (void *)NULL, /* etc */
- NULL, /* Setup */
- NULL, /* Invalidate */
- NULL, /* InitToken -- default errs */
- builtins_mdToken_GetLabel,
- builtins_mdToken_GetManufacturerID,
- builtins_mdToken_GetModel,
- builtins_mdToken_GetSerialNumber,
- NULL, /* GetHasRNG -- default is false */
- builtins_mdToken_GetIsWriteProtected,
- NULL, /* GetLoginRequired -- default is false */
- NULL, /* GetUserPinInitialized -- default is false */
- NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
- NULL, /* GetHasClockOnToken -- default is false */
- NULL, /* GetHasProtectedAuthenticationPath -- default is false */
- NULL, /* GetSupportsDualCryptoOperations -- default is false */
- NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxPinLen -- irrelevant */
- NULL, /* GetMinPinLen -- irrelevant */
- NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- builtins_mdToken_GetHardwareVersion,
- builtins_mdToken_GetFirmwareVersion,
- NULL, /* GetUTCTime -- no clock */
- builtins_mdToken_OpenSession,
- NULL, /* GetMechanismCount -- default is zero */
- NULL, /* GetMechanismTypes -- irrelevant */
- NULL, /* GetMechanism -- irrelevant */
- (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/builtins.h b/security/nss/lib/ckfw/builtins/builtins.h
deleted file mode 100644
index e53826fed..000000000
--- a/security/nss/lib/ckfw/builtins/builtins.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char BUILTINS_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "nssckmdt.h"
-#include "nssckfw.h"
-
-/*
- * I'm including this for access to the arena functions.
- * Looks like we should publish that API.
- */
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This is where the Netscape extensions live, at least for now.
- */
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-struct builtinsInternalObjectStr {
- CK_ULONG n;
- const CK_ATTRIBUTE_TYPE *types;
- const NSSItem *items;
- NSSCKMDObject mdObject;
-};
-typedef struct builtinsInternalObjectStr builtinsInternalObject;
-
-NSS_EXTERN_DATA builtinsInternalObject nss_builtins_data[];
-NSS_EXTERN_DATA const PRUint32 nss_builtins_nObjects;
-
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_CryptokiVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_ManufacturerID;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_LibraryDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_LibraryVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_SlotDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_HardwareVersion;
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_FirmwareVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_TokenLabel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_TokenModel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_TokenSerialNumber;
-
-NSS_EXTERN_DATA const NSSCKMDInstance nss_builtins_mdInstance;
-NSS_EXTERN_DATA const NSSCKMDSlot nss_builtins_mdSlot;
-NSS_EXTERN_DATA const NSSCKMDToken nss_builtins_mdToken;
-
-NSS_EXTERN NSSCKMDSession *
-nss_builtins_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
- NSSArena *arena,
- builtinsInternalObject *io,
- CK_RV *pError
-);
diff --git a/security/nss/lib/ckfw/builtins/certdata.c b/security/nss/lib/ckfw/builtins/certdata.c
deleted file mode 100644
index 90b8de68c..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.c
+++ /dev/null
@@ -1,8570 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST;
-static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID;
-static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
-static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR;
-static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509;
-static const CK_OBJECT_CLASS cko_data = CKO_DATA;
-static const CK_BBOOL ck_false = CK_FALSE;
-static const CK_BBOOL ck_true = CK_TRUE;
-static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
-#ifdef DEBUG
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_0 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_APPLICATION, CKA_VALUE
-};
-#endif /* DEBUG */
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_1 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_2 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_3 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_4 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_5 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_6 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_7 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_8 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_9 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_10 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_11 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_12 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_13 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_14 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_15 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_16 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_17 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_18 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_19 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_20 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_21 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_22 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_23 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_24 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_25 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_26 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_27 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_28 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_29 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_30 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_31 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_32 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_33 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_34 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_35 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_36 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_37 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_38 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_39 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_40 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_41 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_42 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_43 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_44 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_45 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_46 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_47 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_48 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_49 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_50 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_51 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_52 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_53 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_54 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_55 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_56 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_57 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_58 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_59 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_60 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_61 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_62 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_63 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_64 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_65 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_66 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_67 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_68 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_69 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_70 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_71 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_72 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_73 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_74 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_75 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_76 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_77 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_78 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_79 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_80 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_81 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_82 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_83 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_84 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_85 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_86 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_87 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_88 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_89 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_90 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_91 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_92 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_93 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_94 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_95 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_96 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_97 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_98 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_99 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_100 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_101 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_102 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_103 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_104 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_105 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_106 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_107 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_108 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_109 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_110 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_111 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_112 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_113 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_114 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_115 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_116 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_117 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_118 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_119 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_120 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_121 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_122 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_123 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_124 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_125 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_126 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_127 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_128 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_129 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_130 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_131 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_132 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_133 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_134 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_135 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-#ifdef DEBUG
-static const NSSItem nss_builtins_items_0 [] = {
- { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"CVS ID", (PRUint32)7 },
- { (void *)"NSS", (PRUint32)4 },
- { (void *)"@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$", (PRUint32)179 }
-};
-#endif /* DEBUG */
-static const NSSItem nss_builtins_items_1 [] = {
- { (void *)&cko_netscape_builtin_root_list, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Mozilla Builtin Roots", (PRUint32)22 }
-};
-static const NSSItem nss_builtins_items_2 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign/RSA Secure Server CA", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\002\255\146\176\116\105\376\136\127\157\074\230\031\136"
-"\335\300"
-, (PRUint32)18 },
- { (void *)"\060\202\002\064\060\202\001\241\002\020\002\255\146\176\116\105"
-"\376\136\127\157\074\230\031\136\335\300\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004"
-"\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143\165"
-"\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006\003"
-"\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\064"
-"\061\061\060\071\060\060\060\060\060\060\132\027\015\061\060\060"
-"\061\060\067\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125"
-"\004\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143"
-"\165\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006"
-"\003\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162"
-"\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\233\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\211"
-"\000\060\201\205\002\176\000\222\316\172\301\256\203\076\132\252"
-"\211\203\127\254\045\001\166\014\255\256\216\054\067\316\353\065"
-"\170\144\124\003\345\204\100\121\311\277\217\010\342\212\202\010"
-"\322\026\206\067\125\351\261\041\002\255\166\150\201\232\005\242"
-"\113\311\113\045\146\042\126\154\210\007\217\367\201\131\155\204"
-"\007\145\160\023\161\166\076\233\167\114\343\120\211\126\230\110"
-"\271\035\247\051\032\023\056\112\021\131\234\036\025\325\111\124"
-"\054\163\072\151\202\261\227\071\234\155\160\147\110\345\335\055"
-"\326\310\036\173\002\003\001\000\001\060\015\006\011\052\206\110"
-"\206\367\015\001\001\002\005\000\003\176\000\145\335\176\341\262"
-"\354\260\342\072\340\354\161\106\232\031\021\270\323\307\240\264"
-"\003\100\046\002\076\011\234\341\022\263\321\132\366\067\245\267"
-"\141\003\266\133\026\151\073\306\104\010\014\210\123\014\153\227"
-"\111\307\076\065\334\154\271\273\252\337\134\273\072\057\223\140"
-"\266\251\113\115\362\040\367\315\137\177\144\173\216\334\000\134"
-"\327\372\167\312\071\026\131\157\016\352\323\265\203\177\115\115"
-"\102\126\166\264\311\137\004\370\070\370\353\322\137\165\137\315"
-"\173\374\345\216\200\174\374\120"
-, (PRUint32)568 }
-};
-static const NSSItem nss_builtins_items_3 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign/RSA Secure Server CA", (PRUint32)30 },
- { (void *)"\104\143\305\061\327\314\301\000\147\224\141\053\266\126\323\277"
-"\202\127\204\157"
-, (PRUint32)20 },
- { (void *)"\164\173\202\003\103\360\000\236\153\263\354\107\277\205\245\223"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\002\255\146\176\116\105\376\136\127\157\074\230\031\136"
-"\335\300"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_4 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
- { (void *)"\002\002\001\243"
-, (PRUint32)4 },
- { (void *)"\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157"
-"\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061"
-"\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060"
-"\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006"
-"\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257"
-"\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215"
-"\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373"
-"\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014"
-"\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114"
-"\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011"
-"\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371"
-"\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143"
-"\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263"
-"\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043"
-"\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352"
-"\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245"
-"\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276"
-"\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131"
-"\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162"
-"\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351"
-"\264\172\341\345\132\037\204\060\234\323\237\245\045\330"
-, (PRUint32)510 }
-};
-static const NSSItem nss_builtins_items_5 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
- { (void *)"\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274"
-"\145\246\211\144"
-, (PRUint32)20 },
- { (void *)"\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130"
-, (PRUint32)16 },
- { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
- { (void *)"\002\002\001\243"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_6 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
- { (void *)"\002\002\001\245"
-, (PRUint32)4 },
- { (void *)"\060\202\002\132\060\202\001\303\002\002\001\245\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\165\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\047\060\045\006\003\125\004\013\023\036\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\123\157"
-"\154\165\164\151\157\156\163\054\040\111\156\143\056\061\043\060"
-"\041\006\003\125\004\003\023\032\107\124\105\040\103\171\142\145"
-"\162\124\162\165\163\164\040\107\154\157\142\141\154\040\122\157"
-"\157\164\060\036\027\015\071\070\060\070\061\063\060\060\062\071"
-"\060\060\132\027\015\061\070\060\070\061\063\062\063\065\071\060"
-"\060\132\060\165\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006"
-"\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040"
-"\111\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154"
-"\157\142\141\154\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\225\017\240\266\360\120\234\350\172\307"
-"\210\315\335\027\016\056\260\224\320\033\075\016\366\224\300\212"
-"\224\307\006\310\220\227\310\270\144\032\172\176\154\074\123\341"
-"\067\050\163\140\177\262\227\123\007\237\123\371\155\130\224\322"
-"\257\215\155\210\147\200\346\355\262\225\317\162\061\312\245\034"
-"\162\272\134\002\347\144\102\347\371\251\054\326\072\015\254\215"
-"\102\252\044\001\071\346\234\077\001\205\127\015\130\207\105\370"
-"\323\205\252\223\151\046\205\160\110\200\077\022\025\307\171\264"
-"\037\005\057\073\142\231\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\155\353"
-"\033\011\351\136\331\121\333\147\042\141\244\052\074\110\167\343"
-"\240\174\246\336\163\242\024\003\205\075\373\253\016\060\305\203"
-"\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175"
-"\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331"
-"\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277"
-"\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017"
-"\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117"
-"\037\042\265\315\225\255\272\247\314\371\253\013\172\177"
-, (PRUint32)606 }
-};
-static const NSSItem nss_builtins_items_7 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
- { (void *)"\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061"
-"\066\176\364\164"
-, (PRUint32)20 },
- { (void *)"\312\075\323\150\361\003\134\320\062\372\270\053\131\350\132\333"
-, (PRUint32)16 },
- { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
- { (void *)"\002\002\001\245"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_8 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Basic CA", (PRUint32)25 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)"\060\202\003\041\060\202\002\212\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151\143"
-"\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015\001"
-"\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141\163"
-"\151\143\100\164\150\141\167\164\145\056\143\157\155\060\036\027"
-"\015\071\066\060\061\060\061\060\060\060\060\060\060\132\027\015"
-"\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\313"
-"\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060"
-"\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040"
-"\103\141\160\145\061\022\060\020\006\003\125\004\007\023\011\103"
-"\141\160\145\040\124\157\167\156\061\032\060\030\006\003\125\004"
-"\012\023\021\124\150\141\167\164\145\040\103\157\156\163\165\154"
-"\164\151\156\147\061\050\060\046\006\003\125\004\013\023\037\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162"
-"\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061\041"
-"\060\037\006\003\125\004\003\023\030\124\150\141\167\164\145\040"
-"\120\145\162\163\157\156\141\154\040\102\141\163\151\143\040\103"
-"\101\061\050\060\046\006\011\052\206\110\206\367\015\001\011\001"
-"\026\031\160\145\162\163\157\156\141\154\055\142\141\163\151\143"
-"\100\164\150\141\167\164\145\056\143\157\155\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\274\274\223\123\155\300\120\117"
-"\202\025\346\110\224\065\246\132\276\157\102\372\017\107\356\167"
-"\165\162\335\215\111\233\226\127\240\170\324\312\077\121\263\151"
-"\013\221\166\027\042\007\227\152\304\121\223\113\340\215\357\067"
-"\225\241\014\115\332\064\220\035\027\211\227\340\065\070\127\112"
-"\300\364\010\160\351\074\104\173\120\176\141\232\220\343\043\323"
-"\210\021\106\047\365\013\007\016\273\335\321\177\040\012\210\271"
-"\126\013\056\034\200\332\361\343\236\051\357\024\275\012\104\373"
-"\033\133\030\321\277\043\223\041\002\003\001\000\001\243\023\060"
-"\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001"
-"\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\055\342\231\153\260\075\172\211\327\131\242"
-"\224\001\037\053\335\022\113\123\302\255\177\252\247\000\134\221"
-"\100\127\045\112\070\252\204\160\271\331\200\017\245\173\134\373"
-"\163\306\275\327\212\141\134\003\343\055\047\250\027\340\204\205"
-"\102\334\136\233\306\267\262\155\273\164\257\344\077\313\247\267"
-"\260\340\135\276\170\203\045\224\322\333\201\017\171\007\155\117"
-"\364\071\025\132\122\001\173\336\062\326\115\070\366\022\134\006"
-"\120\337\005\133\275\024\113\241\337\051\272\073\101\215\367\143"
-"\126\241\337\042\261"
-, (PRUint32)805 }
-};
-static const NSSItem nss_builtins_items_9 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Basic CA", (PRUint32)25 },
- { (void *)"\100\347\214\035\122\075\034\331\225\117\254\032\032\263\275\074"
-"\272\241\133\374"
-, (PRUint32)20 },
- { (void *)"\346\013\322\311\312\055\210\333\032\161\016\113\170\353\002\101"
-, (PRUint32)16 },
- { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_10 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Premium CA", (PRUint32)27 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155\151"
-"\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206\367"
-"\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055\160"
-"\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143\157"
-"\155\060\036\027\015\071\066\060\061\060\061\060\060\060\060\060"
-"\060\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071"
-"\132\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132"
-"\101\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164"
-"\145\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004"
-"\007\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030"
-"\006\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157"
-"\156\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004"
-"\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151"
-"\157\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141"
-"\167\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145"
-"\155\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110"
-"\206\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154"
-"\055\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056"
-"\143\157\155\060\201\237\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000"
-"\311\146\331\370\007\104\317\271\214\056\360\241\357\023\105\154"
-"\005\337\336\047\026\121\066\101\021\154\154\073\355\376\020\175"
-"\022\236\345\233\102\232\376\140\061\303\146\267\163\072\110\256"
-"\116\320\062\067\224\210\265\015\266\331\363\362\104\331\325\210"
-"\022\335\166\115\362\032\374\157\043\036\172\361\330\230\105\116"
-"\007\020\357\026\102\320\103\165\155\112\336\342\252\311\061\377"
-"\037\000\160\174\146\317\020\045\010\272\372\356\000\351\106\003"
-"\146\047\021\025\073\252\133\362\230\335\066\102\262\332\210\165"
-"\002\003\001\000\001\243\023\060\021\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\003\201\201\000\151\066\211"
-"\367\064\052\063\162\057\155\073\324\042\262\270\157\232\305\066"
-"\146\016\033\074\241\261\165\132\346\375\065\323\370\250\362\007"
-"\157\205\147\216\336\053\271\342\027\260\072\240\360\016\242\000"
-"\232\337\363\024\025\156\273\310\205\132\230\200\371\377\276\164"
-"\035\075\363\376\060\045\321\067\064\147\372\245\161\171\060\141"
-"\051\162\300\340\054\114\373\126\344\072\250\157\345\062\131\122"
-"\333\165\050\120\131\014\370\013\031\344\254\331\257\226\215\057"
-"\120\333\007\303\352\037\253\063\340\365\053\061\211"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_11 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Premium CA", (PRUint32)27 },
- { (void *)"\066\206\065\143\375\121\050\307\276\246\360\005\317\351\264\066"
-"\150\010\154\316"
-, (PRUint32)20 },
- { (void *)"\072\262\336\042\232\040\223\111\371\355\310\322\212\347\150\015"
-, (PRUint32)16 },
- { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_12 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)"\060\202\003\055\060\202\002\226\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145\155"
-"\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110\206"
-"\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154\055"
-"\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145\056"
-"\143\157\155\060\036\027\015\071\066\060\061\060\061\060\060\060"
-"\060\060\060\132\027\015\062\060\061\062\063\061\062\063\065\071"
-"\065\071\132\060\201\321\061\013\060\011\006\003\125\004\006\023"
-"\002\132\101\061\025\060\023\006\003\125\004\010\023\014\127\145"
-"\163\164\145\162\156\040\103\141\160\145\061\022\060\020\006\003"
-"\125\004\007\023\011\103\141\160\145\040\124\157\167\156\061\032"
-"\060\030\006\003\125\004\012\023\021\124\150\141\167\164\145\040"
-"\103\157\156\163\165\154\164\151\156\147\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\044\060\042\006\003\125\004\003\023\033\124"
-"\150\141\167\164\145\040\120\145\162\163\157\156\141\154\040\106"
-"\162\145\145\155\141\151\154\040\103\101\061\053\060\051\006\011"
-"\052\206\110\206\367\015\001\011\001\026\034\160\145\162\163\157"
-"\156\141\154\055\146\162\145\145\155\141\151\154\100\164\150\141"
-"\167\164\145\056\143\157\155\060\201\237\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211"
-"\002\201\201\000\324\151\327\324\260\224\144\133\161\351\107\330"
-"\014\121\266\352\162\221\260\204\136\175\055\015\217\173\022\337"
-"\205\045\165\050\164\072\102\054\143\047\237\225\173\113\357\176"
-"\031\207\035\206\352\243\335\271\316\226\144\032\302\024\156\104"
-"\254\174\346\217\350\115\017\161\037\100\070\246\000\243\207\170"
-"\366\371\224\206\136\255\352\300\136\166\353\331\024\243\135\156"
-"\172\174\014\245\113\125\177\006\031\051\177\236\232\046\325\152"
-"\273\070\044\010\152\230\307\261\332\243\230\221\375\171\333\345"
-"\132\304\034\271\002\003\001\000\001\243\023\060\021\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201"
-"\000\307\354\222\176\116\370\365\226\245\147\142\052\244\360\115"
-"\021\140\320\157\215\140\130\141\254\046\273\122\065\134\010\317"
-"\060\373\250\112\226\212\037\142\102\043\214\027\017\364\272\144"
-"\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254"
-"\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232"
-"\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163"
-"\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246"
-"\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242"
-"\201"
-, (PRUint32)817 }
-};
-static const NSSItem nss_builtins_items_13 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
- { (void *)"\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207"
-"\244\353\000\205"
-, (PRUint32)20 },
- { (void *)"\036\164\303\206\074\014\065\305\076\302\177\357\074\252\074\331"
-, (PRUint32)16 },
- { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_14 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Server CA", (PRUint32)17 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\003\023\060\202\002\174\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003"
-"\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125"
-"\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163"
-"\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124\150"
-"\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061\046"
-"\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027\163"
-"\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141\167"
-"\164\145\056\143\157\155\060\036\027\015\071\066\060\070\060\061"
-"\060\060\060\060\060\060\132\027\015\062\060\061\062\063\061\062"
-"\063\065\071\065\071\132\060\201\304\061\013\060\011\006\003\125"
-"\004\006\023\002\132\101\061\025\060\023\006\003\125\004\010\023"
-"\014\127\145\163\164\145\162\156\040\103\141\160\145\061\022\060"
-"\020\006\003\125\004\007\023\011\103\141\160\145\040\124\157\167"
-"\156\061\035\060\033\006\003\125\004\012\023\024\124\150\141\167"
-"\164\145\040\103\157\156\163\165\154\164\151\156\147\040\143\143"
-"\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145"
-"\163\040\104\151\166\151\163\151\157\156\061\031\060\027\006\003"
-"\125\004\003\023\020\124\150\141\167\164\145\040\123\145\162\166"
-"\145\162\040\103\101\061\046\060\044\006\011\052\206\110\206\367"
-"\015\001\011\001\026\027\163\145\162\166\145\162\055\143\145\162"
-"\164\163\100\164\150\141\167\164\145\056\143\157\155\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\323\244\120\156\310\377"
-"\126\153\346\317\135\266\352\014\150\165\107\242\252\302\332\204"
-"\045\374\250\364\107\121\332\205\265\040\164\224\206\036\017\165"
-"\311\351\010\141\365\006\155\060\156\025\031\002\351\122\300\142"
-"\333\115\231\236\342\152\014\104\070\315\376\276\343\144\011\160"
-"\305\376\261\153\051\266\057\111\310\073\324\047\004\045\020\227"
-"\057\347\220\155\300\050\102\231\327\114\103\336\303\365\041\155"
-"\124\237\135\303\130\341\300\344\331\133\260\270\334\264\173\337"
-"\066\072\302\265\146\042\022\326\207\015\002\003\001\000\001\243"
-"\023\060\021\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\007\372\114\151\134\373\225\314\106"
-"\356\205\203\115\041\060\216\312\331\250\157\111\032\346\332\121"
-"\343\140\160\154\204\141\021\241\032\310\110\076\131\103\175\117"
-"\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236"
-"\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212"
-"\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325"
-"\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131"
-"\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274"
-"\243\377\212\043\056\160\107"
-, (PRUint32)791 }
-};
-static const NSSItem nss_builtins_items_15 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Server CA", (PRUint32)17 },
- { (void *)"\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243"
-"\365\330\213\214"
-, (PRUint32)20 },
- { (void *)"\305\160\304\242\355\123\170\014\310\020\123\201\144\313\320\035"
-, (PRUint32)16 },
- { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_16 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Premium Server CA", (PRUint32)25 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\003\047\060\202\002\220\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003"
-"\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125"
-"\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163"
-"\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124\150"
-"\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145\162"
-"\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110\206"
-"\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055\163"
-"\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157\155"
-"\060\036\027\015\071\066\060\070\060\061\060\060\060\060\060\060"
-"\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071\132"
-"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\322\066"
-"\066\152\213\327\302\133\236\332\201\101\142\217\070\356\111\004"
-"\125\326\320\357\034\033\225\026\107\357\030\110\065\072\122\364"
-"\053\152\006\217\073\057\352\126\343\257\206\215\236\027\367\236"
-"\264\145\165\002\115\357\313\011\242\041\121\330\233\320\147\320"
-"\272\015\222\006\024\163\324\223\313\227\052\000\234\134\116\014"
-"\274\372\025\122\374\362\104\156\332\021\112\156\010\237\057\055"
-"\343\371\252\072\206\163\266\106\123\130\310\211\005\275\203\021"
-"\270\163\077\252\007\215\364\102\115\347\100\235\034\067\002\003"
-"\001\000\001\243\023\060\021\060\017\006\003\125\035\023\001\001"
-"\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206"
-"\367\015\001\001\004\005\000\003\201\201\000\046\110\054\026\302"
-"\130\372\350\026\164\014\252\252\137\124\077\362\327\311\170\140"
-"\136\136\156\067\143\042\167\066\176\262\027\304\064\271\365\010"
-"\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106"
-"\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274"
-"\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114"
-"\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310"
-"\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047"
-"\246\015\246\043\371\273\313\246\007\024\102"
-, (PRUint32)811 }
-};
-static const NSSItem nss_builtins_items_17 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Premium Server CA", (PRUint32)25 },
- { (void *)"\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263"
-"\363\076\372\232"
-, (PRUint32)20 },
- { (void *)"\006\237\151\171\026\146\220\002\033\214\214\242\303\007\157\072"
-, (PRUint32)16 },
- { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_18 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure CA", (PRUint32)18 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
- { (void *)"\002\004\065\336\364\317"
-, (PRUint32)6 },
- { (void *)"\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\065"
-"\336\364\317\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\036\027\015\071\070\060\070\062\062\061\066\064\061"
-"\065\061\132\027\015\061\070\060\070\062\062\061\066\064\061\065"
-"\061\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\301"
-"\135\261\130\147\010\142\356\240\232\055\037\010\155\221\024\150"
-"\230\012\036\376\332\004\157\023\204\142\041\303\321\174\316\237"
-"\005\340\270\001\360\116\064\354\342\212\225\004\144\254\361\153"
-"\123\137\005\263\313\147\200\277\102\002\216\376\335\001\011\354"
-"\341\000\024\117\374\373\360\014\335\103\272\133\053\341\037\200"
-"\160\231\025\127\223\026\361\017\227\152\267\302\150\043\034\314"
-"\115\131\060\254\121\036\073\257\053\326\356\143\105\173\305\331"
-"\137\120\322\343\120\017\072\210\347\277\024\375\340\307\271\002"
-"\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003"
-"\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060"
-"\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\020"
-"\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141\170"
-"\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151\146"
-"\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151\146"
-"\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061"
-"\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032"
-"\006\003\125\035\020\004\023\060\021\201\017\062\060\061\070\060"
-"\070\062\062\061\066\064\061\065\061\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\110\346\150\371\053\322\262\225\327\107\330\043"
-"\040\020\117\063\230\220\237\324\060\035\006\003\125\035\016\004"
-"\026\004\024\110\346\150\371\053\322\262\225\327\107\330\043\040"
-"\020\117\063\230\220\237\324\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007"
-"\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006"
-"\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\201\201\000\130\316\051\352\374\367\336\265\316\002\271\027"
-"\265\205\321\271\343\340\225\314\045\061\015\000\246\222\156\177"
-"\266\222\143\236\120\225\321\232\157\344\021\336\143\205\156\230"
-"\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075"
-"\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265"
-"\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141"
-"\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041"
-"\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117"
-"\254\007\167\070"
-, (PRUint32)804 }
-};
-static const NSSItem nss_builtins_items_19 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure CA", (PRUint32)18 },
- { (void *)"\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023"
-"\227\206\143\072"
-, (PRUint32)20 },
- { (void *)"\147\313\235\300\023\044\212\202\233\262\027\036\321\033\354\324"
-, (PRUint32)16 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
- { (void *)"\002\004\065\336\364\317"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_20 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ABAecom (sub., Am. Bankers Assn.) Root CA", (PRUint32)42 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
- { (void *)"\002\021\000\320\036\100\220\000\000\106\122\000\000\000\001\000"
-"\000\000\004"
-, (PRUint32)19 },
- { (void *)"\060\202\003\265\060\202\002\235\240\003\002\001\002\002\021\000"
-"\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060\021"
-"\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164\157"
-"\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101\056"
-"\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006\003"
-"\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122\157"
-"\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206\367"
-"\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147\163"
-"\151\147\164\162\165\163\164\056\143\157\155\060\036\027\015\071"
-"\071\060\067\061\062\061\067\063\063\065\063\132\027\015\060\071"
-"\060\067\060\071\061\067\063\063\065\063\132\060\201\211\061\013"
-"\060\011\006\003\125\004\006\023\002\125\123\061\013\060\011\006"
-"\003\125\004\010\023\002\104\103\061\023\060\021\006\003\125\004"
-"\007\023\012\127\141\163\150\151\156\147\164\157\156\061\027\060"
-"\025\006\003\125\004\012\023\016\101\102\101\056\105\103\117\115"
-"\054\040\111\116\103\056\061\031\060\027\006\003\125\004\003\023"
-"\020\101\102\101\056\105\103\117\115\040\122\157\157\164\040\103"
-"\101\061\044\060\042\006\011\052\206\110\206\367\015\001\011\001"
-"\026\025\141\144\155\151\156\100\144\151\147\163\151\147\164\162"
-"\165\163\164\056\143\157\155\060\202\001\042\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060"
-"\202\001\012\002\202\001\001\000\261\323\021\340\171\125\103\007"
-"\010\114\313\005\102\000\342\015\203\106\075\344\223\272\266\006"
-"\323\015\131\275\076\301\316\103\147\001\212\041\250\357\274\314"
-"\320\242\314\260\125\226\123\204\146\005\000\332\104\111\200\330"
-"\124\012\245\045\206\224\355\143\126\377\160\154\243\241\031\322"
-"\170\276\150\052\104\136\057\317\314\030\136\107\274\072\261\106"
-"\075\036\360\271\054\064\137\214\174\114\010\051\235\100\125\353"
-"\074\175\203\336\265\360\367\212\203\016\241\114\264\072\245\263"
-"\137\132\042\227\354\031\233\301\005\150\375\346\267\251\221\224"
-"\054\344\170\110\044\032\045\031\072\353\225\234\071\012\212\317"
-"\102\262\360\034\325\137\373\153\355\150\126\173\071\054\162\070"
-"\260\356\223\251\323\173\167\074\353\161\003\251\070\112\026\154"
-"\211\052\312\332\063\023\171\302\125\214\355\234\273\362\313\133"
-"\020\370\056\141\065\306\051\114\052\320\052\143\321\145\131\264"
-"\370\315\371\364\000\204\266\127\102\205\235\062\250\371\052\124"
-"\373\377\170\101\274\275\161\050\364\273\220\274\377\226\064\004"
-"\343\105\236\241\106\050\100\201\002\003\001\000\001\243\026\060"
-"\024\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001"
-"\001\377\002\001\010\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\202\001\001\000\004\157\045\206\344\346\226"
-"\047\264\331\102\300\320\311\000\261\177\124\076\207\262\155\044"
-"\251\057\012\176\375\244\104\260\370\124\007\275\033\235\235\312"
-"\173\120\044\173\021\133\111\243\246\277\022\164\325\211\267\267"
-"\057\230\144\045\024\267\141\351\177\140\200\153\323\144\350\253"
-"\275\032\326\121\372\300\264\135\167\032\177\144\010\136\171\306"
-"\005\114\361\172\335\115\175\316\346\110\173\124\322\141\222\201"
-"\326\033\326\000\360\016\236\050\167\240\115\210\307\042\166\031"
-"\303\307\236\033\246\167\170\370\137\233\126\321\360\362\027\254"
-"\216\235\131\346\037\376\127\266\331\136\341\135\237\105\354\141"
-"\150\031\101\341\262\040\046\376\132\060\166\044\377\100\162\074"
-"\171\237\174\042\110\253\106\315\333\263\206\054\217\277\005\101"
-"\323\301\343\024\343\101\027\046\320\174\247\161\114\031\350\112"
-"\017\162\130\061\175\354\140\172\243\042\050\275\031\044\140\077"
-"\073\207\163\300\153\344\313\256\267\253\045\103\262\125\055\173"
-"\253\006\016\165\135\064\345\135\163\155\236\262\165\100\245\131"
-"\311\117\061\161\210\331\210\177\124"
-, (PRUint32)953 }
-};
-static const NSSItem nss_builtins_items_21 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ABAecom (sub., Am. Bankers Assn.) Root CA", (PRUint32)42 },
- { (void *)"\172\164\101\017\260\315\134\227\052\066\113\161\277\003\035\210"
-"\246\121\016\236"
-, (PRUint32)20 },
- { (void *)"\101\270\007\367\250\321\011\356\264\232\216\160\115\374\033\170"
-, (PRUint32)16 },
- { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
- { (void *)"\002\021\000\320\036\100\220\000\000\106\122\000\000\000\001\000"
-"\000\000\004"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_22 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
- { (void *)"\002\004\066\160\025\226"
-, (PRUint32)6 },
- { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066"
-"\160\025\226\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151"
-"\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162"
-"\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013"
-"\023\010\104\123\124\103\101\040\105\061\060\036\027\015\071\070"
-"\061\062\061\060\061\070\061\060\062\063\132\027\015\061\070\061"
-"\062\061\060\061\070\064\060\062\063\132\060\106\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125"
-"\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156"
-"\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061"
-"\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040"
-"\105\061\060\201\235\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\240"
-"\154\201\251\317\064\036\044\335\376\206\050\314\336\203\057\371"
-"\136\324\102\322\350\164\140\146\023\230\006\034\251\121\022\151"
-"\157\061\125\271\111\162\000\010\176\323\245\142\104\067\044\231"
-"\217\331\203\110\217\231\155\225\023\273\103\073\056\111\116\210"
-"\067\301\273\130\177\376\341\275\370\273\141\315\363\107\300\231"
-"\246\361\363\221\350\170\174\000\313\141\311\104\047\161\151\125"
-"\112\176\111\115\355\242\243\276\002\114\000\312\002\250\356\001"
-"\002\061\144\017\122\055\023\164\166\066\265\172\264\055\161\002"
-"\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006"
-"\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127"
-"\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061\061\015\060\013\006\003\125\004"
-"\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044"
-"\060\042\200\017\061\071\071\070\061\062\061\060\061\070\061\060"
-"\062\063\132\201\017\062\060\061\070\061\062\061\060\061\070\061"
-"\060\062\063\132\060\013\006\003\125\035\017\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\152\171"
-"\176\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016"
-"\242\370\060\035\006\003\125\035\016\004\026\004\024\152\171\176"
-"\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016\242"
-"\370\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060"
-"\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012"
-"\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\201\201\000\042\022\330"
-"\172\035\334\201\006\266\011\145\262\207\310\037\136\264\057\351"
-"\304\036\362\074\301\273\004\220\021\112\203\116\176\223\271\115"
-"\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040"
-"\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311"
-"\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376"
-"\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233"
-"\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274"
-"\241\223\004\273\206\237\072\133\103\172\303\212\145"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_23 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
- { (void *)"\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143"
-"\133\321\043\323"
-, (PRUint32)20 },
- { (void *)"\045\172\272\203\056\266\242\013\332\376\365\002\017\010\327\255"
-, (PRUint32)16 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
- { (void *)"\002\004\066\160\025\226"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_24 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
- { (void *)"\002\004\066\156\323\316"
-, (PRUint32)6 },
- { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066"
-"\156\323\316\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151"
-"\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162"
-"\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013"
-"\023\010\104\123\124\103\101\040\105\062\060\036\027\015\071\070"
-"\061\062\060\071\061\071\061\067\062\066\132\027\015\061\070\061"
-"\062\060\071\061\071\064\067\062\066\132\060\106\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125"
-"\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156"
-"\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061"
-"\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040"
-"\105\062\060\201\235\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\277"
-"\223\217\027\222\357\063\023\030\353\020\177\116\026\277\377\006"
-"\217\052\205\274\136\371\044\246\044\210\266\003\267\301\303\137"
-"\003\133\321\157\256\176\102\352\146\043\270\143\203\126\373\050"
-"\055\341\070\213\264\356\250\001\341\316\034\266\210\052\042\106"
-"\205\373\237\247\160\251\107\024\077\316\336\145\360\250\161\367"
-"\117\046\154\214\274\306\265\357\336\111\047\377\110\052\175\350"
-"\115\003\314\307\262\122\306\027\061\023\073\265\115\333\310\304"
-"\366\303\017\044\052\332\014\235\347\221\133\200\315\224\235\002"
-"\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006"
-"\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127"
-"\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062\061\015\060\013\006\003\125\004"
-"\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044"
-"\060\042\200\017\061\071\071\070\061\062\060\071\061\071\061\067"
-"\062\066\132\201\017\062\060\061\070\061\062\060\071\061\071\061"
-"\067\062\066\132\060\013\006\003\125\035\017\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\036\202"
-"\115\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370"
-"\071\133\060\035\006\003\125\035\016\004\026\004\024\036\202\115"
-"\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370\071"
-"\133\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060"
-"\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012"
-"\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\201\201\000\107\215\203"
-"\255\142\362\333\260\236\105\042\005\271\242\326\003\016\070\162"
-"\347\236\374\173\346\223\266\232\245\242\224\310\064\035\221\321"
-"\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114"
-"\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055"
-"\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113"
-"\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113"
-"\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371"
-"\307\177\033\033\326\006\040\002\130\241\303\242\003"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_25 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
- { (void *)"\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127"
-"\360\066\233\106"
-, (PRUint32)20 },
- { (void *)"\223\302\216\021\173\324\363\003\031\275\050\165\023\112\105\112"
-, (PRUint32)16 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
- { (void *)"\002\004\066\156\323\316"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_26 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 2", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\002\021\000\320\036\100\213\000\000\002\174\000\000\000\002\000"
-"\000\000\001"
-, (PRUint32)19 },
- { (void *)"\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000"
-"\000\002\174\000\000\000\002\000\000\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060"
-"\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003"
-"\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125"
-"\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151"
-"\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147"
-"\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124"
-"\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004"
-"\013\023\010\104\123\124\103\101\040\130\061\061\026\060\024\006"
-"\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101"
-"\040\130\061\061\041\060\037\006\011\052\206\110\206\367\015\001"
-"\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165"
-"\163\164\056\143\157\155\060\036\027\015\071\070\061\062\060\061"
-"\061\070\061\070\065\065\132\027\015\060\070\061\061\062\070\061"
-"\070\061\070\065\065\132\060\201\251\061\013\060\011\006\003\125"
-"\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023"
-"\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016"
-"\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044"
-"\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154"
-"\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164"
-"\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104"
-"\123\124\103\101\040\130\061\061\026\060\024\006\003\125\004\003"
-"\023\015\104\123\124\040\122\157\157\164\103\101\040\130\061\061"
-"\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022"
-"\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143"
-"\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\322\306\046\266\347\245\075\301\304\150\325\120\157"
-"\123\305\157\111\023\011\270\257\054\110\215\024\152\243\027\137"
-"\132\371\323\056\165\057\330\050\142\321\223\057\374\115\324\253"
-"\207\345\010\307\231\347\222\077\165\275\353\045\264\025\301\233"
-"\031\075\322\104\215\327\164\040\155\067\002\217\151\223\133\212"
-"\304\031\235\364\262\016\374\026\154\271\261\005\222\203\321\205"
-"\054\140\224\076\105\125\240\331\253\010\041\346\140\350\073\164"
-"\362\231\120\121\150\320\003\055\261\200\276\243\330\122\260\104"
-"\315\103\112\160\216\130\205\225\341\116\054\326\055\101\157\326"
-"\204\347\310\230\104\312\107\333\054\044\245\151\046\317\153\270"
-"\047\142\303\364\311\172\222\043\355\023\147\202\256\105\056\105"
-"\345\176\162\077\205\235\224\142\020\346\074\221\241\255\167\000"
-"\340\025\354\363\204\200\162\172\216\156\140\227\307\044\131\020"
-"\064\203\133\341\245\244\151\266\127\065\034\170\131\306\323\057"
-"\072\163\147\356\224\312\004\023\005\142\006\160\043\263\364\174"
-"\356\105\331\144\013\133\111\252\244\103\316\046\304\104\022\154"
-"\270\335\171\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\242\067\262\077"
-"\151\373\327\206\171\124\111\061\225\063\053\363\321\011\024\111"
-"\142\140\206\245\260\021\342\120\302\035\006\127\076\055\350\063"
-"\144\276\233\252\255\137\033\115\324\231\225\242\213\232\311\142"
-"\162\265\151\352\331\130\253\065\355\025\242\103\326\266\274\007"
-"\171\145\144\163\175\327\171\312\173\325\132\121\306\341\123\004"
-"\226\215\070\317\243\027\254\071\161\153\001\303\213\123\074\143"
-"\351\356\171\300\344\276\222\062\144\172\263\037\227\224\142\275"
-"\352\262\040\025\225\373\227\362\170\057\143\066\100\070\343\106"
-"\017\035\335\254\225\312\347\113\220\173\261\113\251\324\305\353"
-"\232\332\252\325\243\224\024\106\215\055\037\363\072\326\223\072"
-"\366\076\171\374\350\346\260\165\355\356\075\311\160\307\135\252"
-"\201\113\106\045\034\307\154\025\343\225\116\017\252\062\067\224"
-"\012\027\044\222\023\204\130\322\143\157\053\367\346\133\142\013"
-"\023\027\260\015\122\114\376\376\157\134\342\221\156\035\375\244"
-"\142\327\150\372\216\172\117\322\010\332\223\334\360\222\021\172"
-"\320\334\162\223\014\163\223\142\205\150\320\364"
-, (PRUint32)988 }
-};
-static const NSSItem nss_builtins_items_27 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 2", (PRUint32)40 },
- { (void *)"\267\057\377\222\322\316\103\336\012\215\114\124\214\120\067\046"
-"\250\036\053\223"
-, (PRUint32)20 },
- { (void *)"\154\311\247\156\107\361\014\343\123\073\170\114\115\302\152\305"
-, (PRUint32)16 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\002\021\000\320\036\100\213\000\000\002\174\000\000\000\002\000"
-"\000\000\001"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_28 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 4", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\002\021\000\320\036\100\213\000\000\167\155\000\000\000\001\000"
-"\000\000\004"
-, (PRUint32)19 },
- { (void *)"\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000"
-"\000\167\155\000\000\000\001\000\000\000\004\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060"
-"\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003"
-"\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125"
-"\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151"
-"\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147"
-"\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124"
-"\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004"
-"\013\023\010\104\123\124\103\101\040\130\062\061\026\060\024\006"
-"\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101"
-"\040\130\062\061\041\060\037\006\011\052\206\110\206\367\015\001"
-"\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165"
-"\163\164\056\143\157\155\060\036\027\015\071\070\061\061\063\060"
-"\062\062\064\066\061\066\132\027\015\060\070\061\061\062\067\062"
-"\062\064\066\061\066\132\060\201\251\061\013\060\011\006\003\125"
-"\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023"
-"\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016"
-"\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044"
-"\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154"
-"\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164"
-"\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104"
-"\123\124\103\101\040\130\062\061\026\060\024\006\003\125\004\003"
-"\023\015\104\123\124\040\122\157\157\164\103\101\040\130\062\061"
-"\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022"
-"\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143"
-"\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\334\165\360\214\300\165\226\232\300\142\037\046\367"
-"\304\341\232\352\340\126\163\133\231\315\001\104\250\010\266\325"
-"\247\332\032\004\030\071\222\112\170\243\201\302\365\167\172\120"
-"\264\160\377\232\253\306\307\312\156\203\117\102\230\373\046\013"
-"\332\334\155\326\251\231\125\122\147\351\050\003\222\334\345\260"
-"\005\232\017\025\371\153\131\162\126\362\372\071\374\252\150\356"
-"\017\037\020\203\057\374\235\372\027\226\335\202\343\346\105\175"
-"\300\113\200\104\037\355\054\340\204\375\221\134\222\124\151\045"
-"\345\142\151\334\345\356\000\122\275\063\013\255\165\002\205\247"
-"\144\120\055\305\031\031\060\300\046\333\311\323\375\056\231\255"
-"\131\265\013\115\324\101\256\205\110\103\131\334\267\250\342\242"
-"\336\303\217\327\270\241\142\246\150\120\122\344\317\061\247\224"
-"\205\332\237\106\062\027\126\345\362\353\146\075\022\377\103\333"
-"\230\357\167\317\313\201\215\064\261\306\120\112\046\321\344\076"
-"\101\120\257\154\256\042\064\056\325\153\156\203\272\171\270\166"
-"\145\110\332\011\051\144\143\042\271\373\107\166\205\214\206\104"
-"\313\011\333\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\265\066\016\135"
-"\341\141\050\132\021\145\300\077\203\003\171\115\276\050\246\013"
-"\007\002\122\205\315\370\221\320\020\154\265\152\040\133\034\220"
-"\331\060\074\306\110\236\212\136\144\371\241\161\167\357\004\047"
-"\037\007\353\344\046\367\163\164\311\104\030\032\146\323\340\103"
-"\257\221\073\321\313\054\330\164\124\072\034\115\312\324\150\315"
-"\043\174\035\020\236\105\351\366\000\156\246\315\031\377\117\054"
-"\051\217\127\115\304\167\222\276\340\114\011\373\135\104\206\146"
-"\041\250\271\062\242\126\325\351\214\203\174\131\077\304\361\013"
-"\347\235\354\236\275\234\030\016\076\302\071\171\050\267\003\015"
-"\010\313\306\347\331\001\067\120\020\354\314\141\026\100\324\257"
-"\061\164\173\374\077\061\247\320\107\163\063\071\033\314\116\152"
-"\327\111\203\021\006\376\353\202\130\063\062\114\360\126\254\036"
-"\234\057\126\232\173\301\112\034\245\375\125\066\316\374\226\115"
-"\364\260\360\354\267\154\202\355\057\061\231\102\114\251\262\015"
-"\270\025\135\361\337\272\311\265\112\324\144\230\263\046\251\060"
-"\310\375\246\354\253\226\041\255\177\302\170\266"
-, (PRUint32)988 }
-};
-static const NSSItem nss_builtins_items_29 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 4", (PRUint32)40 },
- { (void *)"\147\353\063\173\150\114\353\016\302\260\166\012\264\210\047\214"
-"\335\225\227\335"
-, (PRUint32)20 },
- { (void *)"\315\073\075\142\133\011\270\011\066\207\236\022\057\161\144\272"
-, (PRUint32)16 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\002\021\000\320\036\100\213\000\000\167\155\000\000\000\001\000"
-"\000\000\004"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_30 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\021\000\315\272\177\126\360\337\344\274\124\376\042\254\263"
-"\162\252\125"
-, (PRUint32)19 },
- { (void *)"\060\202\002\075\060\202\001\246\002\021\000\315\272\177\126\360"
-"\337\344\274\124\376\042\254\263\162\252\125\060\015\006\011\052"
-"\206\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071"
-"\066\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070"
-"\060\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154"
-"\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151"
-"\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201"
-"\215\000\060\201\211\002\201\201\000\345\031\277\155\243\126\141"
-"\055\231\110\161\366\147\336\271\215\353\267\236\206\200\012\221"
-"\016\372\070\045\257\106\210\202\345\163\250\240\233\044\135\015"
-"\037\314\145\156\014\260\320\126\204\030\207\232\006\233\020\241"
-"\163\337\264\130\071\153\156\301\366\025\325\250\250\077\252\022"
-"\006\215\061\254\177\260\064\327\217\064\147\210\011\315\024\021"
-"\342\116\105\126\151\037\170\002\200\332\334\107\221\051\273\066"
-"\311\143\134\305\340\327\055\207\173\241\267\062\260\173\060\272"
-"\052\057\061\252\356\243\147\332\333\002\003\001\000\001\060\015"
-"\006\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201"
-"\000\114\077\270\213\306\150\337\356\103\063\016\135\351\246\313"
-"\007\204\115\172\063\377\222\033\364\066\255\330\225\042\066\150"
-"\021\154\174\102\314\363\234\056\304\007\077\024\260\017\117\377"
-"\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051"
-"\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171"
-"\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100"
-"\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173"
-"\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161"
-"\224"
-, (PRUint32)577 }
-};
-static const NSSItem nss_builtins_items_31 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)"\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204"
-"\167\257\125\157"
-, (PRUint32)20 },
- { (void *)"\227\140\350\127\137\323\120\107\345\103\014\224\066\212\260\142"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\021\000\315\272\177\126\360\337\344\274\124\376\042\254\263"
-"\162\252\125"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_32 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\055\033\374\112\027\215\243\221\353\347\377\365\213\105"
-"\276\013"
-, (PRUint32)18 },
- { (void *)"\060\202\002\074\060\202\001\245\002\020\055\033\374\112\027\215"
-"\243\221\353\347\377\365\213\105\276\013\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004"
-"\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143"
-"\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163"
-"\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155\141"
-"\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066"
-"\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060"
-"\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\266\132\213\243\015\152\043\203"
-"\200\153\317\071\207\364\041\023\063\006\114\045\242\355\125\022"
-"\227\305\247\200\271\372\203\301\040\240\372\057\025\015\174\241"
-"\140\153\176\171\054\372\006\017\072\256\366\033\157\261\322\377"
-"\057\050\122\137\203\175\113\304\172\267\370\146\037\200\124\374"
-"\267\302\216\131\112\024\127\106\321\232\223\276\101\221\003\273"
-"\025\200\223\134\353\347\314\010\154\077\076\263\112\374\377\113"
-"\154\043\325\120\202\046\104\031\216\043\303\161\352\031\044\107"
-"\004\236\165\277\310\246\000\037\002\003\001\000\001\060\015\006"
-"\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000"
-"\212\033\053\372\071\301\164\327\136\330\031\144\242\130\112\055"
-"\067\340\063\107\017\254\355\367\252\333\036\344\213\006\134\140"
-"\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063"
-"\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005"
-"\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134"
-"\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213"
-"\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003"
-"\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330"
-, (PRUint32)576 }
-};
-static const NSSItem nss_builtins_items_33 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)"\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012"
-"\117\140\024\052"
-, (PRUint32)20 },
- { (void *)"\263\234\045\261\303\056\062\123\200\025\060\235\115\002\167\076"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\055\033\374\112\027\215\243\221\353\347\377\365\213\105"
-"\276\013"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_34 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\160\272\344\035\020\331\051\064\266\070\312\173\003\314"
-"\272\277"
-, (PRUint32)18 },
- { (void *)"\060\202\002\074\060\202\001\245\002\020\160\272\344\035\020\331"
-"\051\064\266\070\312\173\003\314\272\277\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004"
-"\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143"
-"\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163"
-"\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155\141"
-"\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066"
-"\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060"
-"\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\311\134\131\236\362\033\212\001"
-"\024\264\020\337\004\100\333\343\127\257\152\105\100\217\204\014"
-"\013\321\063\331\331\021\317\356\002\130\037\045\367\052\250\104"
-"\005\252\354\003\037\170\177\236\223\271\232\000\252\043\175\326"
-"\254\205\242\143\105\307\162\047\314\364\114\306\165\161\322\071"
-"\357\117\102\360\165\337\012\220\306\216\040\157\230\017\370\254"
-"\043\137\160\051\066\244\311\206\347\261\232\040\313\123\245\205"
-"\347\075\276\175\232\376\044\105\063\334\166\025\355\017\242\161"
-"\144\114\145\056\201\150\105\247\002\003\001\000\001\060\015\006"
-"\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000"
-"\273\114\022\053\317\054\046\000\117\024\023\335\246\373\374\012"
-"\021\204\214\363\050\034\147\222\057\174\266\305\372\337\360\350"
-"\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116"
-"\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320"
-"\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234"
-"\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075"
-"\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237"
-"\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144"
-, (PRUint32)576 }
-};
-static const NSSItem nss_builtins_items_35 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)"\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305"
-"\076\141\164\342"
-, (PRUint32)20 },
- { (void *)"\020\374\143\135\366\046\076\015\363\045\276\137\171\315\147\147"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\160\272\344\035\020\331\051\064\266\070\312\173\003\314"
-"\272\277"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_36 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\114\307\352\252\230\076\161\323\223\020\370\075\072\211"
-"\221\222"
-, (PRUint32)18 },
- { (void *)"\060\202\003\002\060\202\002\153\002\020\114\307\352\252\230\076"
-"\161\323\223\020\370\075\072\211\221\222\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\252\320"
-"\272\276\026\055\270\203\324\312\322\017\274\166\061\312\224\330"
-"\035\223\214\126\002\274\331\157\032\157\122\066\156\165\126\012"
-"\125\323\337\103\207\041\021\145\212\176\217\275\041\336\153\062"
-"\077\033\204\064\225\005\235\101\065\353\222\353\226\335\252\131"
-"\077\001\123\155\231\117\355\345\342\052\132\220\301\271\304\246"
-"\025\317\310\105\353\246\135\216\234\076\360\144\044\166\245\315"
-"\253\032\157\266\330\173\121\141\156\246\177\207\310\342\267\345"
-"\064\334\101\210\352\011\100\276\163\222\075\153\347\165\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\251\117\303\015\307\147\276\054\313\331"
-"\250\315\055\165\347\176\025\236\073\162\353\176\353\134\055\011"
-"\207\326\153\155\140\174\345\256\305\220\043\014\134\112\320\257"
-"\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166"
-"\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245"
-"\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352"
-"\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152"
-"\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274"
-"\017\061\134\350\362\331"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_37 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142"
-"\365\062\345\107"
-, (PRUint32)20 },
- { (void *)"\333\043\075\371\151\372\113\271\225\200\104\163\136\175\101\203"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\114\307\352\252\230\076\161\323\223\020\370\075\072\211"
-"\221\222"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_38 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\021\000\271\057\140\314\210\237\241\172\106\011\270\133\160"
-"\154\212\257"
-, (PRUint32)19 },
- { (void *)"\060\202\003\003\060\202\002\154\002\021\000\271\057\140\314\210"
-"\237\241\172\106\011\270\133\160\154\212\257\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154"
-"\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151"
-"\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107"
-"\062\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060"
-"\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156"
-"\040\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036"
-"\027\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027"
-"\015\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201"
-"\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013"
-"\023\063\103\154\141\163\163\040\062\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061"
-"\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165"
-"\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154"
-"\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151"
-"\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157"
-"\162\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\247"
-"\210\001\041\164\054\347\032\003\360\230\341\227\074\017\041\010"
-"\361\234\333\227\351\232\374\302\004\006\023\276\137\122\310\314"
-"\036\054\022\126\054\270\001\151\054\314\231\037\255\260\226\256"
-"\171\004\362\023\071\301\173\230\272\010\054\350\302\204\023\054"
-"\252\151\351\011\364\307\251\002\244\102\302\043\117\112\330\360"
-"\016\242\373\061\154\311\346\157\231\047\007\365\346\364\114\170"
-"\236\155\353\106\206\372\271\206\311\124\362\262\304\257\324\106"
-"\034\132\311\025\060\377\015\154\365\055\016\155\316\177\167\002"
-"\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\201\201\000\162\056\371\177\321\361\161\373\304"
-"\236\366\305\136\121\212\100\230\270\150\370\233\034\203\330\342"
-"\235\275\377\355\241\346\146\352\057\011\364\312\327\352\245\053"
-"\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170"
-"\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027"
-"\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163"
-"\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263"
-"\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047"
-"\214\022\173\305\104\264\256"
-, (PRUint32)775 }
-};
-static const NSSItem nss_builtins_items_39 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010"
-"\033\147\354\235"
-, (PRUint32)20 },
- { (void *)"\055\273\345\045\323\321\145\202\072\267\016\372\346\353\342\341"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\021\000\271\057\140\314\210\237\241\172\106\011\270\133\160"
-"\154\212\257"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_40 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\175\331\376\007\317\250\036\267\020\171\147\373\247\211"
-"\064\306"
-, (PRUint32)18 },
- { (void *)"\060\202\003\002\060\202\002\153\002\020\175\331\376\007\317\250"
-"\036\267\020\171\147\373\247\211\064\306\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\314\136"
-"\321\021\135\134\151\320\253\323\271\152\114\231\037\131\230\060"
-"\216\026\205\040\106\155\107\077\324\205\040\204\341\155\263\370"
-"\244\355\014\361\027\017\073\371\247\371\045\327\301\317\204\143"
-"\362\174\143\317\242\107\362\306\133\063\216\144\100\004\150\301"
-"\200\271\144\034\105\167\307\330\156\365\225\051\074\120\350\064"
-"\327\170\037\250\272\155\103\221\225\217\105\127\136\176\305\373"
-"\312\244\004\353\352\227\067\124\060\157\273\001\107\062\063\315"
-"\334\127\233\144\151\141\370\233\035\034\211\117\134\147\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\121\115\315\276\134\313\230\031\234\025"
-"\262\001\071\170\056\115\017\147\160\160\231\306\020\132\224\244"
-"\123\115\124\155\053\257\015\135\100\213\144\323\327\356\336\126"
-"\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011"
-"\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342"
-"\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151"
-"\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263"
-"\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130"
-"\240\235\235\151\221\375"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_41 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011"
-"\350\370\167\017"
-, (PRUint32)20 },
- { (void *)"\242\063\233\114\164\170\163\324\154\347\301\363\215\313\134\351"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\175\331\376\007\317\250\036\267\020\171\147\373\247\211"
-"\064\306"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_42 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\062\210\216\232\322\365\353\023\107\370\177\304\040\067"
-"\045\370"
-, (PRUint32)18 },
- { (void *)"\060\202\003\002\060\202\002\153\002\020\062\210\216\232\322\365"
-"\353\023\107\370\177\304\040\067\045\370\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\064\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\272\360"
-"\344\317\371\304\256\205\124\271\007\127\371\217\305\177\150\021"
-"\370\304\027\260\104\334\343\060\163\325\052\142\052\270\320\314"
-"\034\355\050\133\176\275\152\334\263\221\044\312\101\142\074\374"
-"\002\001\277\034\026\061\224\005\227\166\156\242\255\275\141\027"
-"\154\116\060\206\360\121\067\052\120\307\250\142\201\334\133\112"
-"\252\301\240\264\156\353\057\345\127\305\261\053\100\160\333\132"
-"\115\241\216\037\275\003\037\330\003\324\217\114\231\161\274\342"
-"\202\314\130\350\230\072\206\323\206\070\363\000\051\037\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\205\214\022\301\247\271\120\025\172\313"
-"\076\254\270\103\212\334\252\335\024\272\211\201\176\001\074\043"
-"\161\041\210\057\202\334\143\372\002\105\254\105\131\327\052\130"
-"\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217"
-"\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062"
-"\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351"
-"\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131"
-"\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117"
-"\117\312\200\221\266\051"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_43 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374"
-"\172\275\233\122"
-, (PRUint32)20 },
- { (void *)"\046\155\054\031\230\266\160\150\070\120\124\031\354\220\064\140"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\062\210\216\232\322\365\353\023\107\370\177\304\040\067"
-"\045\370"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_44 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Root CA", (PRUint32)19 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\013\002\000\000\000\000\000\326\170\267\224\005"
-, (PRUint32)13 },
- { (void *)"\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\267\224\005\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060"
-"\060\060\132\027\015\061\064\060\061\062\070\061\062\060\060\060"
-"\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016"
-"\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033"
-"\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123"
-"\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231"
-"\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037"
-"\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034"
-"\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351"
-"\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215"
-"\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351"
-"\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351"
-"\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052"
-"\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365"
-"\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106"
-"\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351"
-"\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274"
-"\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011"
-"\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171"
-"\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052"
-"\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174"
-"\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000"
-"\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004"
-"\004\003\002\000\006\060\035\006\003\125\035\016\004\026\004\024"
-"\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064\250"
-"\377\374\375\113\060\017\006\003\125\035\023\001\001\377\004\005"
-"\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001"
-"\001\004\005\000\003\202\001\001\000\256\252\237\374\267\322\313"
-"\037\137\071\051\050\030\236\064\311\154\117\157\032\360\144\242"
-"\160\112\117\023\206\233\140\050\236\350\201\111\230\175\012\273"
-"\345\260\235\075\066\333\217\005\121\377\011\061\052\037\335\211"
-"\167\236\017\056\154\225\004\355\206\313\264\000\077\204\002\115"
-"\200\152\052\055\170\013\256\157\053\242\203\104\203\037\315\120"
-"\202\114\044\257\275\367\245\264\310\132\017\364\347\107\136\111"
-"\216\067\226\376\232\210\005\072\331\300\333\051\207\346\031\226"
-"\107\247\072\246\214\213\074\167\376\106\143\247\123\332\041\321"
-"\254\176\111\242\113\346\303\147\131\057\263\212\016\273\054\275"
-"\251\252\102\174\065\301\330\177\325\247\061\072\116\143\103\071"
-"\257\010\260\141\064\214\323\230\251\103\064\366\017\207\051\073"
-"\235\302\126\130\230\167\303\367\033\254\366\235\370\076\252\247"
-"\124\105\360\365\371\325\061\145\376\153\130\234\161\263\036\327"
-"\122\352\062\027\374\100\140\035\311\171\044\262\366\154\375\250"
-"\146\016\202\335\230\313\332\302\104\117\056\240\173\362\367\153"
-"\054\166\021\204\106\212\170\243\343"
-, (PRUint32)889 }
-};
-static const NSSItem nss_builtins_items_45 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Root CA", (PRUint32)19 },
- { (void *)"\057\027\077\175\351\226\147\257\245\172\370\012\242\321\261\057"
-"\254\203\003\070"
-, (PRUint32)20 },
- { (void *)"\253\277\352\343\153\051\246\314\246\170\065\231\357\255\053\200"
-, (PRUint32)16 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\013\002\000\000\000\000\000\326\170\267\224\005"
-, (PRUint32)13 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_46 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\061\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\065\062\062\062\063\064\070\132\027\015\061\071\060\066\062"
-"\065\062\062\062\063\064\070\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\061\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\330\131\202\172\211\270\226\272\246\057\150\157\130"
-"\056\247\124\034\006\156\364\352\215\110\274\061\224\027\360\363"
-"\116\274\262\270\065\222\166\260\320\245\245\001\327\000\003\022"
-"\042\031\010\370\377\021\043\233\316\007\365\277\151\032\046\376"
-"\116\351\321\177\235\054\100\035\131\150\156\246\370\130\260\235"
-"\032\217\323\077\361\334\031\006\201\250\016\340\072\335\310\123"
-"\105\011\006\346\017\160\303\372\100\246\016\342\126\005\017\030"
-"\115\374\040\202\321\163\125\164\215\166\162\240\035\235\035\300"
-"\335\077\161\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\120\150\075\111\364"
-"\054\034\006\224\337\225\140\177\226\173\027\376\117\161\255\144"
-"\310\335\167\322\357\131\125\350\077\350\216\005\052\041\362\007"
-"\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326"
-"\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152"
-"\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105"
-"\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360"
-"\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355"
-"\161\202\053\231\317\072\267\365\055\162\310"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_47 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
- { (void *)"\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201"
-"\020\237\344\216"
-, (PRUint32)20 },
- { (void *)"\145\130\253\025\255\127\154\036\250\247\265\151\254\277\377\353"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_48 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\062\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\066\060\060\061\071\065\064\132\027\015\061\071\060\066\062"
-"\066\060\060\061\071\065\064\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\062\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\316\072\161\312\345\253\310\131\222\125\327\253\330"
-"\164\016\371\356\331\366\125\107\131\145\107\016\005\125\334\353"
-"\230\066\074\134\123\135\323\060\317\070\354\275\101\211\355\045"
-"\102\011\044\153\012\136\263\174\335\122\055\114\346\324\326\175"
-"\132\131\251\145\324\111\023\055\044\115\034\120\157\265\301\205"
-"\124\073\376\161\344\323\134\102\371\200\340\221\032\012\133\071"
-"\066\147\363\077\125\174\033\077\264\137\144\163\064\343\264\022"
-"\277\207\144\370\332\022\377\067\047\301\263\103\273\357\173\156"
-"\056\151\367\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\073\177\120\157\157"
-"\120\224\231\111\142\070\070\037\113\370\245\310\076\247\202\201"
-"\366\053\307\350\305\316\350\072\020\202\313\030\000\216\115\275"
-"\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356"
-"\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120"
-"\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041"
-"\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002"
-"\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370"
-"\276\355\164\114\274\133\325\142\037\103\335"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_49 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
- { (void *)"\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267"
-"\330\361\374\246"
-, (PRUint32)20 },
- { (void *)"\251\043\165\233\272\111\066\156\061\302\333\362\347\146\272\207"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_50 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"RSA Root Certificate 1", (PRUint32)23 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\063\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\066\060\060\062\062\063\063\132\027\015\061\071\060\066\062"
-"\066\060\060\062\062\063\063\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\063\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\343\230\121\226\034\350\325\261\006\201\152\127\303"
-"\162\165\223\253\317\236\246\374\363\026\122\326\055\115\237\065"
-"\104\250\056\004\115\007\111\212\070\051\365\167\067\347\267\253"
-"\135\337\066\161\024\231\217\334\302\222\361\347\140\222\227\354"
-"\330\110\334\277\301\002\040\306\044\244\050\114\060\132\166\155"
-"\261\134\363\335\336\236\020\161\241\210\307\133\233\101\155\312"
-"\260\270\216\025\356\255\063\053\317\107\004\134\165\161\012\230"
-"\044\230\051\247\111\131\245\335\370\267\103\142\141\363\323\342"
-"\320\125\077\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\126\273\002\130\204"
-"\147\010\054\337\037\333\173\111\063\365\323\147\235\364\264\012"
-"\020\263\311\305\054\342\222\152\161\170\047\362\160\203\102\323"
-"\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311"
-"\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250"
-"\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274"
-"\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300"
-"\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010"
-"\040\017\105\176\153\242\177\243\214\025\356"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_51 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"RSA Root Certificate 1", (PRUint32)23 },
- { (void *)"\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363"
-"\354\252\065\373"
-, (PRUint32)20 },
- { (void *)"\242\157\123\267\356\100\333\112\150\347\372\030\331\020\113\162"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_52 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110"
-"\316\261\244"
-, (PRUint32)19 },
- { (void *)"\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204"
-"\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170"
-"\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046"
-"\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033"
-"\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016"
-"\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155"
-"\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116"
-"\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325"
-"\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312"
-"\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114"
-"\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333"
-"\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240"
-"\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170"
-"\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366"
-"\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264"
-"\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301"
-"\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153"
-"\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146"
-"\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132"
-"\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052"
-"\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262"
-"\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370"
-"\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201"
-"\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151"
-"\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367"
-"\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066"
-"\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361"
-"\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354"
-"\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216"
-"\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042"
-"\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170"
-"\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043"
-"\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243"
-"\113\336\006\226\161\054\362\333\266\037\244\357\077\356"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_53 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321"
-"\351\216\106\245"
-, (PRUint32)20 },
- { (void *)"\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110"
-"\316\261\244"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_54 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120"
-"\133\172"
-, (PRUint32)18 },
- { (void *)"\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137"
-"\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162"
-"\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167"
-"\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143"
-"\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054"
-"\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150"
-"\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061"
-"\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151"
-"\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061"
-"\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062"
-"\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125"
-"\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023"
-"\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061"
-"\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151"
-"\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103"
-"\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040"
-"\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120"
-"\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055"
-"\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367"
-"\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002"
-"\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224"
-"\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364"
-"\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301"
-"\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316"
-"\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213"
-"\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040"
-"\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030"
-"\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040"
-"\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262"
-"\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150"
-"\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304"
-"\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366"
-"\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315"
-"\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106"
-"\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131"
-"\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304"
-"\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025"
-"\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336"
-"\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214"
-"\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363"
-"\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256"
-"\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337"
-"\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156"
-"\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224"
-"\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373"
-"\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276"
-"\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110"
-"\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153"
-"\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045"
-"\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317"
-"\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263"
-"\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125"
-"\311\130\020\371\252\357\132\266\317\113\113\337\052"
-, (PRUint32)1053 }
-};
-static const NSSItem nss_builtins_items_55 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257"
-"\237\353\143\021"
-, (PRUint32)20 },
- { (void *)"\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120"
-"\133\172"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_56 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161"
-"\051\357\127"
-, (PRUint32)19 },
- { (void *)"\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243"
-"\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033"
-"\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221"
-"\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166"
-"\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255"
-"\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130"
-"\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316"
-"\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256"
-"\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127"
-"\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211"
-"\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146"
-"\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302"
-"\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114"
-"\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311"
-"\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063"
-"\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123"
-"\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256"
-"\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024"
-"\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336"
-"\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177"
-"\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053"
-"\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036"
-"\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107"
-"\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317"
-"\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202"
-"\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112"
-"\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217"
-"\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151"
-"\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246"
-"\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156"
-"\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255"
-"\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126"
-"\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255"
-"\153\271\012\172\116\117\113\204\356\113\361\175\335\021"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_57 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166"
-"\140\233\134\306"
-, (PRUint32)20 },
- { (void *)"\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161"
-"\051\357\127"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_58 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\021\000\354\240\247\213\156\165\152\001\317\304\174\314\057"
-"\224\136\327"
-, (PRUint32)19 },
- { (void *)"\060\202\004\032\060\202\003\002\002\021\000\354\240\247\213\156"
-"\165\152\001\317\304\174\314\057\224\136\327\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\255\313\245\021\151\306\131\253\361\217\265"
-"\031\017\126\316\314\265\037\040\344\236\046\045\113\340\163\145"
-"\211\131\336\320\203\344\365\017\265\273\255\361\174\350\041\374"
-"\344\350\014\356\174\105\042\031\166\222\264\023\267\040\133\011"
-"\372\141\256\250\362\245\215\205\302\052\326\336\146\066\322\233"
-"\002\364\250\222\140\174\234\151\264\217\044\036\320\206\122\366"
-"\062\234\101\130\036\042\275\315\105\142\225\010\156\320\146\335"
-"\123\242\314\360\020\334\124\163\213\004\241\106\063\063\134\027"
-"\100\271\236\115\323\363\276\125\203\350\261\211\216\132\174\232"
-"\226\042\220\073\210\045\362\322\123\210\002\014\013\170\362\346"
-"\067\027\113\060\106\007\344\200\155\246\330\226\056\350\054\370"
-"\021\263\070\015\146\246\233\352\311\043\133\333\216\342\363\023"
-"\216\032\131\055\252\002\360\354\244\207\146\334\301\077\365\330"
-"\271\364\354\202\306\322\075\225\035\345\300\117\204\311\331\243"
-"\104\050\006\152\327\105\254\360\153\152\357\116\137\370\021\202"
-"\036\070\143\064\146\120\324\076\223\163\372\060\303\146\255\377"
-"\223\055\227\357\003\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\217\372"
-"\045\153\117\133\344\244\116\047\125\253\042\025\131\074\312\265"
-"\012\324\112\333\253\335\241\137\123\305\240\127\071\302\316\107"
-"\053\276\072\310\126\277\302\331\047\020\072\261\005\074\300\167"
-"\061\273\072\323\005\173\155\232\034\060\214\200\313\223\223\052"
-"\203\253\005\121\202\002\000\021\147\153\363\210\141\107\137\003"
-"\223\325\133\015\340\361\324\241\062\065\205\262\072\333\260\202"
-"\253\321\313\012\274\117\214\133\305\113\000\073\037\052\202\246"
-"\176\066\205\334\176\074\147\000\265\344\073\122\340\250\353\135"
-"\025\371\306\155\360\255\035\016\205\267\251\232\163\024\132\133"
-"\217\101\050\300\325\350\055\115\244\136\315\252\331\355\316\334"
-"\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205"
-"\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136"
-"\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177"
-"\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304"
-"\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347"
-"\367\146\103\363\236\203\076\040\252\303\065\140\221\316"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_59 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363"
-"\024\225\163\235"
-, (PRUint32)20 },
- { (void *)"\333\310\362\047\056\261\352\152\051\043\135\376\126\076\063\337"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\002\021\000\354\240\247\213\156\165\152\001\317\304\174\314\057"
-"\224\136\327"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_60 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
- { (void *)"\002\004\067\112\322\103"
-, (PRUint32)6 },
- { (void *)"\060\202\004\330\060\202\004\101\240\003\002\001\002\002\004\067"
-"\112\322\103\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\201\303\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\073\060\071\006\003\125\004"
-"\013\023\062\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\120\123\040\151\156\143\157\162\160\056\040\142"
-"\171\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154"
-"\151\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034"
-"\050\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164"
-"\056\156\145\164\040\114\151\155\151\164\145\144\061\072\060\070"
-"\006\003\125\004\003\023\061\105\156\164\162\165\163\164\056\156"
-"\145\164\040\123\145\143\165\162\145\040\123\145\162\166\145\162"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\060\036\027\015\071\071\060\065"
-"\062\065\061\066\060\071\064\060\132\027\015\061\071\060\065\062"
-"\065\061\066\063\071\064\060\132\060\201\303\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004"
-"\012\023\013\105\156\164\162\165\163\164\056\156\145\164\061\073"
-"\060\071\006\003\125\004\013\023\062\167\167\167\056\145\156\164"
-"\162\165\163\164\056\156\145\164\057\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164"
-"\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040"
-"\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\201"
-"\235\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\201\213\000\060\201\207\002\201\201\000\315\050\203\064\124"
-"\033\211\363\017\257\067\221\061\377\257\061\140\311\250\350\262"
-"\020\150\355\237\347\223\066\361\012\144\273\107\365\004\027\077"
-"\043\107\115\305\047\031\201\046\014\124\162\015\210\055\331\037"
-"\232\022\237\274\263\161\323\200\031\077\107\146\173\214\065\050"
-"\322\271\012\337\044\332\234\326\120\171\201\172\132\323\067\367"
-"\302\112\330\051\222\046\144\321\344\230\154\072\000\212\365\064"
-"\233\145\370\355\343\020\377\375\270\111\130\334\240\336\202\071"
-"\153\201\261\026\031\141\271\124\266\346\103\002\001\003\243\202"
-"\001\327\060\202\001\323\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\202\001\031\006\003\125"
-"\035\037\004\202\001\020\060\202\001\014\060\201\336\240\201\333"
-"\240\201\330\244\201\325\060\201\322\061\013\060\011\006\003\125"
-"\004\006\023\002\125\123\061\024\060\022\006\003\125\004\012\023"
-"\013\105\156\164\162\165\163\164\056\156\145\164\061\073\060\071"
-"\006\003\125\004\013\023\062\167\167\167\056\145\156\164\162\165"
-"\163\164\056\156\145\164\057\103\120\123\040\151\156\143\157\162"
-"\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151"
-"\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125"
-"\004\013\023\034\050\143\051\040\061\071\071\071\040\105\156\164"
-"\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144"
-"\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165"
-"\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145"
-"\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\061\015\060\013"
-"\006\003\125\004\003\023\004\103\122\114\061\060\051\240\047\240"
-"\045\206\043\150\164\164\160\072\057\057\167\167\167\056\145\156"
-"\164\162\165\163\164\056\156\145\164\057\103\122\114\057\156\145"
-"\164\061\056\143\162\154\060\053\006\003\125\035\020\004\044\060"
-"\042\200\017\061\071\071\071\060\065\062\065\061\066\060\071\064"
-"\060\132\201\017\062\060\061\071\060\065\062\065\061\066\060\071"
-"\064\060\132\060\013\006\003\125\035\017\004\004\003\002\001\006"
-"\060\037\006\003\125\035\043\004\030\060\026\200\024\360\027\142"
-"\023\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320"
-"\032\060\035\006\003\125\035\016\004\026\004\024\360\027\142\023"
-"\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320\032"
-"\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\031"
-"\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012\033"
-"\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\220\334\060\002"
-"\372\144\164\302\247\012\245\174\041\215\064\027\250\373\107\016"
-"\377\045\174\215\023\012\373\344\230\265\357\214\370\305\020\015"
-"\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145"
-"\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030"
-"\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035"
-"\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255"
-"\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076"
-"\155\055\105\013\367\012\223\352\355\006\371\262"
-, (PRUint32)1244 }
-};
-static const NSSItem nss_builtins_items_61 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
- { (void *)"\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374"
-"\061\176\025\071"
-, (PRUint32)20 },
- { (void *)"\337\362\200\163\314\361\346\141\163\374\365\102\351\305\174\356"
-, (PRUint32)16 },
- { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
- { (void *)"\002\004\067\112\322\103"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_62 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
- { (void *)"\002\004\070\003\221\356"
-, (PRUint32)6 },
- { (void *)"\060\202\004\355\060\202\004\126\240\003\002\001\002\002\004\070"
-"\003\221\356\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\311\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004"
-"\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146"
-"\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141"
-"\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036"
-"\027\015\071\071\061\060\061\062\061\071\062\064\063\060\132\027"
-"\015\061\071\061\060\061\062\061\071\065\064\063\060\132\060\201"
-"\311\061\013\060\011\006\003\125\004\006\023\002\125\123\061\024"
-"\060\022\006\003\125\004\012\023\013\105\156\164\162\165\163\164"
-"\056\156\145\164\061\110\060\106\006\003\125\004\013\024\077\167"
-"\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\103"
-"\154\151\145\156\164\137\103\101\137\111\156\146\157\057\103\120"
-"\123\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146"
-"\056\040\154\151\155\151\164\163\040\154\151\141\142\056\061\045"
-"\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071"
-"\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151"
-"\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052"
-"\105\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145"
-"\156\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\201\235\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\201\213\000"
-"\060\201\207\002\201\201\000\310\072\231\136\061\027\337\254\047"
-"\157\220\173\344\031\377\105\243\064\302\333\301\250\117\360\150"
-"\352\204\375\237\165\171\317\301\212\121\224\257\307\127\003\107"
-"\144\236\255\202\033\132\332\177\067\170\107\273\067\230\022\226"
-"\316\306\023\175\357\322\014\060\121\251\071\236\125\370\373\261"
-"\347\060\336\203\262\272\076\361\325\211\073\073\205\272\252\164"
-"\054\376\077\061\156\257\221\225\156\006\324\007\115\113\054\126"
-"\107\030\004\122\332\016\020\223\277\143\220\233\341\337\214\346"
-"\002\244\346\117\136\367\213\002\001\003\243\202\001\340\060\202"
-"\001\334\060\021\006\011\140\206\110\001\206\370\102\001\001\004"
-"\004\003\002\000\007\060\202\001\042\006\003\125\035\037\004\202"
-"\001\031\060\202\001\025\060\201\344\240\201\341\240\201\336\244"
-"\201\333\060\201\330\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004"
-"\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146"
-"\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141"
-"\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015"
-"\060\013\006\003\125\004\003\023\004\103\122\114\061\060\054\240"
-"\052\240\050\206\046\150\164\164\160\072\057\057\167\167\167\056"
-"\145\156\164\162\165\163\164\056\156\145\164\057\103\122\114\057"
-"\103\154\151\145\156\164\061\056\143\162\154\060\053\006\003\125"
-"\035\020\004\044\060\042\200\017\061\071\071\071\061\060\061\062"
-"\061\071\062\064\063\060\132\201\017\062\060\061\071\061\060\061"
-"\062\061\071\062\064\063\060\132\060\013\006\003\125\035\017\004"
-"\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312"
-"\231\164\213\225\352\114\060\035\006\003\125\035\016\004\026\004"
-"\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312\231"
-"\164\213\225\352\114\060\014\006\003\125\035\023\004\005\060\003"
-"\001\001\377\060\031\006\011\052\206\110\206\366\175\007\101\000"
-"\004\014\060\012\033\004\126\064\056\060\003\002\004\220\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201"
-"\000\077\256\212\361\327\146\003\005\236\076\372\352\034\106\273"
-"\244\133\217\170\232\022\110\231\371\364\065\336\014\066\007\002"
-"\153\020\072\211\024\201\234\061\246\174\262\101\262\152\347\007"
-"\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363"
-"\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070"
-"\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003"
-"\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332"
-"\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134"
-"\354"
-, (PRUint32)1265 }
-};
-static const NSSItem nss_builtins_items_63 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
- { (void *)"\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125"
-"\262\371\365\200"
-, (PRUint32)20 },
- { (void *)"\014\101\057\023\133\240\124\365\226\146\055\176\315\016\003\364"
-, (PRUint32)16 },
- { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
- { (void *)"\002\004\070\003\221\356"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_64 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
- { (void *)"\002\004\070\143\271\146"
-, (PRUint32)6 },
- { (void *)"\060\202\004\134\060\202\003\104\240\003\002\001\002\002\004\070"
-"\143\271\146\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006"
-"\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105"
-"\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061"
-"\062\062\064\061\067\065\060\065\061\132\027\015\061\071\061\062"
-"\062\064\061\070\062\060\065\061\132\060\201\264\061\024\060\022"
-"\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156"
-"\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167"
-"\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123"
-"\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151"
-"\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050"
-"\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056"
-"\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006"
-"\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051"
-"\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001"
-"\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052"
-"\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100"
-"\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223"
-"\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036"
-"\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245"
-"\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167"
-"\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227"
-"\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211"
-"\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140"
-"\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123"
-"\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316"
-"\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337"
-"\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077"
-"\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220"
-"\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016"
-"\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007"
-"\341\002\003\001\000\001\243\164\060\162\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\037\006"
-"\003\125\035\043\004\030\060\026\200\024\125\344\201\321\021\200"
-"\276\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035"
-"\006\003\125\035\016\004\026\004\024\125\344\201\321\021\200\276"
-"\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035\006"
-"\011\052\206\110\206\366\175\007\101\000\004\020\060\016\033\010"
-"\126\065\056\060\072\064\056\060\003\002\004\220\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\131\107\254\041\204\212\027\311\234\211\123\036\272\200\205\032"
-"\306\074\116\076\261\234\266\174\306\222\135\030\144\002\343\323"
-"\006\010\021\141\174\143\343\053\235\061\003\160\166\322\243\050"
-"\240\364\273\232\143\163\355\155\345\052\333\355\024\251\053\306"
-"\066\021\320\053\353\007\213\245\332\236\134\031\235\126\022\365"
-"\124\051\310\005\355\262\022\052\215\364\003\033\377\347\222\020"
-"\207\260\072\265\303\235\005\067\022\243\307\364\025\271\325\244"
-"\071\026\233\123\072\043\221\361\250\202\242\152\210\150\301\171"
-"\002\042\274\252\246\326\256\337\260\024\137\270\207\320\335\174"
-"\177\173\377\257\034\317\346\333\007\255\136\333\205\235\320\053"
-"\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211"
-"\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315"
-"\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074"
-"\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331"
-"\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162"
-"\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305"
-, (PRUint32)1120 }
-};
-static const NSSItem nss_builtins_items_65 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
- { (void *)"\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104"
-"\074\052\130\376"
-, (PRUint32)20 },
- { (void *)"\272\041\352\040\326\335\333\217\301\127\213\100\255\241\374\374"
-, (PRUint32)16 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
- { (void *)"\002\004\070\143\271\146"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_66 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert OCSP Responder", (PRUint32)24 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154"
-"\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156"
-"\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004"
-"\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143"
-"\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163"
-"\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061"
-"\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057"
-"\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145"
-"\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011"
-"\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164"
-"\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061"
-"\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065"
-"\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007"
-"\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144"
-"\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060"
-"\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164"
-"\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023"
-"\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040"
-"\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150"
-"\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145"
-"\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110"
-"\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154"
-"\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327"
-"\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361"
-"\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265"
-"\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146"
-"\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221"
-"\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142"
-"\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163"
-"\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117"
-"\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060"
-"\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000"
-"\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001"
-"\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002"
-"\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051"
-"\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031"
-"\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154"
-"\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270"
-"\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334"
-"\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242"
-"\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032"
-"\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332"
-"\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171"
-"\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041"
-"\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146"
-"\246\167\067\270\125\074\255\376\145\260\142\351"
-, (PRUint32)844 }
-};
-static const NSSItem nss_builtins_items_67 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert OCSP Responder", (PRUint32)24 },
- { (void *)"\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151"
-"\017\027\077\163"
-, (PRUint32)20 },
- { (void *)"\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255"
-, (PRUint32)16 },
- { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_68 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\002\004\002\000\000\277"
-, (PRUint32)6 },
- { (void *)"\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002"
-"\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003"
-"\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123"
-"\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060"
-"\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065"
-"\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060"
-"\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003"
-"\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023"
-"\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162"
-"\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141"
-"\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165"
-"\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040"
-"\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374"
-"\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046"
-"\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373"
-"\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066"
-"\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264"
-"\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073"
-"\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207"
-"\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327"
-"\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221"
-"\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003"
-"\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106"
-"\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132"
-"\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073"
-"\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222"
-"\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305"
-"\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237"
-"\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023"
-"\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005"
-"\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101"
-"\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207"
-"\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006"
-"\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042"
-"\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126"
-"\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375"
-"\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303"
-"\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215"
-"\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225"
-"\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107"
-"\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104"
-"\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124"
-"\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276"
-"\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341"
-"\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046"
-"\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363"
-"\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301"
-"\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341"
-"\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017"
-"\306\003\256\254\343\277\267\300\252\052"
-, (PRUint32)938 }
-};
-static const NSSItem nss_builtins_items_69 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 },
- { (void *)"\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174"
-"\140\126\173\015"
-, (PRUint32)20 },
- { (void *)"\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042"
-, (PRUint32)16 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\002\004\002\000\000\277"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_70 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
- { (void *)"\002\004\002\000\000\271"
-, (PRUint32)6 },
- { (void *)"\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002"
-"\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003"
-"\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036"
-"\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027"
-"\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060"
-"\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162"
-"\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145"
-"\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023"
-"\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162"
-"\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253"
-"\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200"
-"\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005"
-"\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353"
-"\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271"
-"\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055"
-"\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212"
-"\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033"
-"\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172"
-"\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256"
-"\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230"
-"\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353"
-"\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162"
-"\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077"
-"\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072"
-"\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236"
-"\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001"
-"\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345"
-"\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265"
-"\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060"
-"\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001"
-"\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367"
-"\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344"
-"\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144"
-"\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166"
-"\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141"
-"\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215"
-"\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061"
-"\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377"
-"\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300"
-"\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364"
-"\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174"
-"\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275"
-"\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163"
-"\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021"
-"\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017"
-"\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322"
-"\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374"
-"\347\201\035\031\303\044\102\352\143\071\251"
-, (PRUint32)891 }
-};
-static const NSSItem nss_builtins_items_71 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
- { (void *)"\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050"
-"\122\312\344\164"
-, (PRUint32)20 },
- { (void *)"\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
- { (void *)"\002\004\002\000\000\271"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_72 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
- { (void *)"\002\004\002\000\000\270"
-, (PRUint32)6 },
- { (void *)"\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002"
-"\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003"
-"\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145"
-"\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061"
-"\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063"
-"\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006"
-"\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102"
-"\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004"
-"\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060"
-"\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162"
-"\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142"
-"\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201"
-"\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336"
-"\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324"
-"\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040"
-"\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214"
-"\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322"
-"\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055"
-"\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342"
-"\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016"
-"\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035"
-"\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132"
-"\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016"
-"\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
-"\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343"
-"\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344"
-"\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117"
-"\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144"
-"\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022"
-"\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135"
-"\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342"
-"\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146"
-"\365"
-, (PRUint32)641 }
-};
-static const NSSItem nss_builtins_items_73 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 },
- { (void *)"\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377"
-"\151\267\072\161"
-, (PRUint32)20 },
- { (void *)"\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
- { (void *)"\002\004\002\000\000\270"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_74 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\002\220\060\202\001\371\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053"
-"\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123"
-"\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165"
-"\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\071"
-"\071\060\066\062\061\060\064\060\060\060\060\132\027\015\062\060"
-"\060\066\062\061\060\064\060\060\060\060\132\060\132\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\034\060\032\006\003"
-"\125\004\012\023\023\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\111\156\143\056\061\055\060\053\006\003\125\004"
-"\003\023\044\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\107\154\157\142\141\154\040\145\102\165\163\151\156\145"
-"\163\163\040\103\101\055\061\060\201\237\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211"
-"\002\201\201\000\272\347\027\220\002\145\261\064\125\074\111\302"
-"\121\325\337\247\321\067\217\321\347\201\163\101\122\140\233\235"
-"\241\027\046\170\255\307\261\350\046\224\062\265\336\063\215\072"
-"\057\333\362\232\172\132\163\230\243\134\351\373\212\163\033\134"
-"\347\303\277\200\154\315\251\364\326\053\300\367\371\231\252\143"
-"\242\261\107\002\017\324\344\121\072\022\074\154\212\132\124\204"
-"\160\333\301\305\220\317\162\105\313\250\131\300\315\063\235\077"
-"\243\226\353\205\063\041\034\076\036\076\140\156\166\234\147\205"
-"\305\310\303\141\002\003\001\000\001\243\146\060\144\060\021\006"
-"\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250"
-"\240\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153"
-"\150\154\060\035\006\003\125\035\016\004\026\004\024\276\250\240"
-"\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150"
-"\154\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000"
-"\003\201\201\000\060\342\001\121\252\307\352\137\332\271\320\145"
-"\017\060\326\076\332\015\024\111\156\221\223\047\024\061\357\304"
-"\367\055\105\370\354\307\277\242\101\015\043\264\222\371\031\000"
-"\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320"
-"\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145"
-"\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257"
-"\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263"
-"\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031"
-"\126\224\251\125"
-, (PRUint32)660 }
-};
-static const NSSItem nss_builtins_items_75 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
- { (void *)"\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312"
-"\331\012\031\105"
-, (PRUint32)20 },
- { (void *)"\217\135\167\006\047\304\230\074\133\223\170\347\327\175\233\314"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_76 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
- { (void *)"\002\001\004"
-, (PRUint32)3 },
- { (void *)"\060\202\002\202\060\202\001\353\240\003\002\001\002\002\001\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060\044"
-"\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040\123"
-"\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163\040"
-"\103\101\055\061\060\036\027\015\071\071\060\066\062\061\060\064"
-"\060\060\060\060\132\027\015\062\060\060\066\062\061\060\064\060"
-"\060\060\060\132\060\123\061\013\060\011\006\003\125\004\006\023"
-"\002\125\123\061\034\060\032\006\003\125\004\012\023\023\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\111\156\143"
-"\056\061\046\060\044\006\003\125\004\003\023\035\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\145\102\165\163\151"
-"\156\145\163\163\040\103\101\055\061\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\316\057\031\274\027\267\167\336\223\251"
-"\137\132\015\027\117\064\032\014\230\364\042\331\131\324\304\150"
-"\106\360\264\065\305\205\003\040\306\257\105\245\041\121\105\101"
-"\353\026\130\066\062\157\342\120\142\144\371\375\121\234\252\044"
-"\331\364\235\203\052\207\012\041\323\022\070\064\154\215\000\156"
-"\132\240\331\102\356\032\041\225\371\122\114\125\132\305\017\070"
-"\117\106\372\155\370\056\065\326\035\174\353\342\360\260\165\200"
-"\310\251\023\254\276\210\357\072\156\253\137\052\070\142\002\260"
-"\022\173\376\217\246\003\002\003\001\000\001\243\146\060\144\060"
-"\021\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002"
-"\000\007\060\017\006\003\125\035\023\001\001\377\004\005\060\003"
-"\001\001\377\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\112\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152"
-"\107\174\114\241\060\035\006\003\125\035\016\004\026\004\024\112"
-"\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152\107"
-"\174\114\241\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\003\201\201\000\165\133\250\233\003\021\346\351\126\114"
-"\315\371\251\114\300\015\232\363\314\145\151\346\045\166\314\131"
-"\267\326\124\303\035\315\231\254\031\335\264\205\325\340\075\374"
-"\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176"
-"\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274"
-"\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174"
-"\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215"
-"\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315"
-"\132\052\202\262\067\171"
-, (PRUint32)646 }
-};
-static const NSSItem nss_builtins_items_77 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
- { (void *)"\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365"
-"\267\321\212\101"
-, (PRUint32)20 },
- { (void *)"\144\234\357\056\104\374\306\217\122\007\320\121\163\217\313\075"
-, (PRUint32)16 },
- { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
- { (void *)"\002\001\004"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_78 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
- { (void *)"\002\004\067\160\317\265"
-, (PRUint32)6 },
- { (void *)"\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\067"
-"\160\317\265\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003"
-"\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101"
-"\055\062\060\036\027\015\071\071\060\066\062\063\061\062\061\064"
-"\064\065\132\027\015\061\071\060\066\062\063\061\062\061\064\064"
-"\065\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003"
-"\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101"
-"\055\062\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\344"
-"\071\071\223\036\122\006\033\050\066\370\262\243\051\305\355\216"
-"\262\021\275\376\353\347\264\164\302\217\377\005\347\331\235\006"
-"\277\022\310\077\016\362\326\321\044\262\021\336\321\163\011\212"
-"\324\261\054\230\011\015\036\120\106\262\203\246\105\215\142\150"
-"\273\205\033\040\160\062\252\100\315\246\226\137\304\161\067\077"
-"\004\363\267\101\044\071\007\032\036\056\141\130\240\022\013\345"
-"\245\337\305\253\352\067\161\314\034\310\067\072\271\227\122\247"
-"\254\305\152\044\224\116\234\173\317\300\152\326\337\041\275\002"
-"\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003"
-"\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060"
-"\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004\013"
-"\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162\145"
-"\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062\061"
-"\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032"
-"\006\003\125\035\020\004\023\060\021\201\017\062\060\061\071\060"
-"\066\062\063\061\062\061\064\064\065\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\120\236\013\352\257\136\271\040\110\246\120\152"
-"\313\375\330\040\172\247\202\166\060\035\006\003\125\035\016\004"
-"\026\004\024\120\236\013\352\257\136\271\040\110\246\120\152\313"
-"\375\330\040\172\247\202\166\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007"
-"\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006"
-"\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\201\201\000\014\206\202\255\350\116\032\365\216\211\047\342"
-"\065\130\075\051\264\007\217\066\120\225\277\156\301\236\353\304"
-"\220\262\205\250\273\267\102\340\017\007\071\337\373\236\220\262"
-"\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347"
-"\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050"
-"\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365"
-"\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240"
-"\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341"
-"\221\060\352\315"
-, (PRUint32)804 }
-};
-static const NSSItem nss_builtins_items_79 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
- { (void *)"\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350"
-"\202\263\205\314"
-, (PRUint32)20 },
- { (void *)"\252\277\277\144\227\332\230\035\157\306\010\072\225\160\063\312"
-, (PRUint32)16 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
- { (void *)"\002\004\067\160\317\265"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_80 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 2", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
- { (void *)"\002\002\003\036"
-, (PRUint32)4 },
- { (void *)"\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003"
-"\036\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062\060\036\027\015\060\060\060\070\061\066\062\062\065"
-"\061\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071"
-"\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123"
-"\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123"
-"\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151"
-"\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040"
-"\122\157\157\164\040\062\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\251\001\160\265\252\304\100\360\253"
-"\152\046\141\171\031\000\374\277\233\067\131\014\257\157\144\033"
-"\370\332\225\224\044\151\063\021\160\312\343\126\164\242\027\127"
-"\144\134\040\006\341\326\357\161\267\073\367\253\301\151\320\111"
-"\244\261\004\327\364\127\142\211\134\260\165\055\027\044\151\343"
-"\102\140\344\356\164\326\253\200\126\330\210\050\341\373\155\042"
-"\375\043\174\106\163\117\176\124\163\036\250\054\125\130\165\267"
-"\114\363\132\105\245\002\032\372\332\235\303\105\303\042\136\363"
-"\213\361\140\051\322\307\137\264\014\072\121\203\357\060\370\324"
-"\347\307\362\372\231\243\042\120\276\371\005\067\243\255\355\232"
-"\303\346\354\210\033\266\031\047\033\070\213\200\115\354\271\307"
-"\305\211\313\374\032\062\355\043\360\265\001\130\371\366\217\340"
-"\205\251\114\011\162\071\022\333\263\365\317\116\142\144\332\306"
-"\031\025\072\143\035\351\027\125\241\114\042\074\064\062\106\370"
-"\145\127\272\053\357\066\214\152\372\331\331\104\364\252\335\204"
-"\327\015\034\262\124\254\062\205\264\144\015\336\101\273\261\064"
-"\306\001\206\062\144\325\237\002\003\001\000\001\243\102\060\100"
-"\060\035\006\003\125\035\016\004\026\004\024\236\175\113\064\277"
-"\161\255\302\005\366\003\165\200\316\251\117\032\304\044\114\060"
-"\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377"
-"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
-"\202\001\001\000\041\245\166\024\125\371\255\047\160\217\074\364"
-"\325\154\310\314\012\253\243\230\013\212\006\043\305\311\141\333"
-"\231\007\151\065\046\061\376\307\056\204\302\231\141\324\015\351"
-"\175\056\023\053\174\216\205\266\205\307\113\317\065\266\054\107"
-"\075\316\051\057\330\157\237\211\034\144\223\277\010\275\166\320"
-"\220\212\224\263\177\050\133\156\254\115\063\054\355\145\334\026"
-"\314\342\315\256\244\075\142\222\006\225\046\277\337\271\344\040"
-"\246\163\152\301\276\367\224\104\326\115\157\052\013\153\030\115"
-"\164\020\066\150\152\132\301\152\247\335\066\051\214\270\060\213"
-"\117\041\077\000\056\124\060\007\072\272\212\344\303\236\312\330"
-"\265\330\173\316\165\105\146\007\364\155\055\330\172\312\351\211"
-"\212\362\043\330\057\313\156\000\066\117\373\360\057\001\314\017"
-"\300\042\145\364\253\342\116\141\055\003\202\175\221\026\265\060"
-"\325\024\336\136\307\220\374\241\374\253\020\257\134\153\160\247"
-"\007\357\051\206\350\262\045\307\040\377\046\335\167\357\171\104"
-"\024\304\275\335\073\305\003\233\167\043\354\240\354\273\132\071"
-"\265\314\255\006"
-, (PRUint32)900 }
-};
-static const NSSItem nss_builtins_items_81 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 2", (PRUint32)33 },
- { (void *)"\311\015\033\352\210\075\247\321\027\276\073\171\364\041\016\032"
-"\130\224\247\055"
-, (PRUint32)20 },
- { (void *)"\065\110\225\066\112\124\132\162\226\216\340\144\314\357\054\214"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
- { (void *)"\002\002\003\036"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_82 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA", (PRUint32)18 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
- { (void *)"\002\004\071\117\175\207"
-, (PRUint32)6 },
- { (void *)"\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071"
-"\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127"
-"\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122"
-"\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124"
-"\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036"
-"\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027"
-"\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060"
-"\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145"
-"\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032"
-"\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124"
-"\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023"
-"\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064"
-"\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372"
-"\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117"
-"\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117"
-"\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232"
-"\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014"
-"\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163"
-"\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026"
-"\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327"
-"\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034"
-"\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065"
-"\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215"
-"\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266"
-"\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201"
-"\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143"
-"\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001"
-"\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001"
-"\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125"
-"\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012"
-"\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202"
-"\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032"
-"\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150"
-"\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142"
-"\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165"
-"\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157"
-"\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151"
-"\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164"
-"\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151"
-"\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040"
-"\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162"
-"\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164"
-"\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146"
-"\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145"
-"\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164"
-"\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123"
-"\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145"
-"\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026"
-"\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124"
-"\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164"
-"\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060"
-"\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006"
-"\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061"
-"\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003"
-"\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315"
-"\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125"
-"\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330"
-"\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313"
-"\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350"
-"\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306"
-"\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247"
-"\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366"
-"\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226"
-"\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073"
-"\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036"
-"\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000"
-"\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226"
-"\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071"
-"\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334"
-"\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363"
-"\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034"
-"\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077"
-"\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256"
-, (PRUint32)1328 }
-};
-static const NSSItem nss_builtins_items_83 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA", (PRUint32)18 },
- { (void *)"\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114"
-"\106\364\160\070"
-, (PRUint32)20 },
- { (void *)"\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
- { (void *)"\002\004\071\117\175\207"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_84 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Low-Value Services Root", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144"
-"\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103"
-"\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060"
-"\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061"
-"\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004"
-"\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013"
-"\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006"
-"\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124"
-"\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003"
-"\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154"
-"\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001"
-"\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226"
-"\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043"
-"\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245"
-"\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003"
-"\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126"
-"\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247"
-"\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242"
-"\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215"
-"\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245"
-"\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373"
-"\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274"
-"\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041"
-"\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232"
-"\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233"
-"\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302"
-"\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061"
-"\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003"
-"\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016"
-"\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011"
-"\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004"
-"\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201"
-"\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321"
-"\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145"
-"\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060"
-"\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164"
-"\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144"
-"\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157"
-"\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144"
-"\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101"
-"\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033"
-"\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227"
-"\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105"
-"\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036"
-"\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063"
-"\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043"
-"\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036"
-"\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030"
-"\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256"
-"\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123"
-"\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145"
-"\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030"
-"\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173"
-"\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200"
-"\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317"
-"\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344"
-"\065\341\035\026\034\320\274\053\216\326\161\331"
-, (PRUint32)1052 }
-};
-static const NSSItem nss_builtins_items_85 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Low-Value Services Root", (PRUint32)33 },
- { (void *)"\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353"
-"\044\343\224\235"
-, (PRUint32)20 },
- { (void *)"\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374"
-, (PRUint32)16 },
- { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_86 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust External Root", (PRUint32)23 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101"
-"\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154"
-"\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040"
-"\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040"
-"\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164"
-"\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070"
-"\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132"
-"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355"
-"\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244"
-"\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345"
-"\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375"
-"\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117"
-"\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232"
-"\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327"
-"\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023"
-"\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117"
-"\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327"
-"\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171"
-"\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070"
-"\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315"
-"\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043"
-"\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053"
-"\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064"
-"\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006"
-"\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367"
-"\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125"
-"\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264"
-"\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163"
-"\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123"
-"\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124"
-"\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013"
-"\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162"
-"\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061"
-"\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165"
-"\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122"
-"\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302"
-"\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331"
-"\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107"
-"\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245"
-"\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065"
-"\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071"
-"\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044"
-"\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030"
-"\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302"
-"\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152"
-"\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247"
-"\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027"
-"\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236"
-"\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163"
-"\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132"
-"\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202"
-"\027\132\173\320\274\307\217\116\206\004"
-, (PRUint32)1082 }
-};
-static const NSSItem nss_builtins_items_87 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust External Root", (PRUint32)23 },
- { (void *)"\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133"
-"\150\205\030\150"
-, (PRUint32)20 },
- { (void *)"\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077"
-, (PRUint32)16 },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_88 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Public Services Root", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101"
-"\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103"
-"\101\040\122\157\157\164"
-, (PRUint32)102 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101"
-"\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103"
-"\101\040\122\157\157\164"
-, (PRUint32)102 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144"
-"\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101"
-"\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061"
-"\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060"
-"\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006"
-"\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101"
-"\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003"
-"\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124"
-"\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125"
-"\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142"
-"\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217"
-"\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151"
-"\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125"
-"\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362"
-"\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305"
-"\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327"
-"\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167"
-"\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325"
-"\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317"
-"\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121"
-"\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136"
-"\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207"
-"\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263"
-"\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320"
-"\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105"
-"\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353"
-"\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000"
-"\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026"
-"\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252"
-"\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003"
-"\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060"
-"\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253"
-"\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013"
-"\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006"
-"\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101"
-"\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124"
-"\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153"
-"\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162"
-"\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157"
-"\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332"
-"\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272"
-"\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332"
-"\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262"
-"\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277"
-"\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175"
-"\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132"
-"\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050"
-"\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307"
-"\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146"
-"\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341"
-"\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266"
-"\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120"
-"\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046"
-"\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035"
-"\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362"
-"\116\072\063\014\053\263\055\220\006"
-, (PRUint32)1049 }
-};
-static const NSSItem nss_builtins_items_89 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Public Services Root", (PRUint32)30 },
- { (void *)"\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231"
-"\162\054\226\345"
-, (PRUint32)20 },
- { (void *)"\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177"
-, (PRUint32)16 },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_90 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144"
-"\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144"
-"\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065"
-"\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063"
-"\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003"
-"\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012"
-"\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060"
-"\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164"
-"\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041"
-"\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040"
-"\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157"
-"\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137"
-"\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052"
-"\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322"
-"\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022"
-"\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106"
-"\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050"
-"\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052"
-"\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042"
-"\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076"
-"\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255"
-"\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024"
-"\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370"
-"\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341"
-"\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065"
-"\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113"
-"\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145"
-"\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006"
-"\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324"
-"\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125"
-"\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134"
-"\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153"
-"\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123"
-"\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124"
-"\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013"
-"\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116"
-"\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023"
-"\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146"
-"\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001"
-"\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357"
-"\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125"
-"\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263"
-"\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146"
-"\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043"
-"\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152"
-"\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227"
-"\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311"
-"\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262"
-"\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267"
-"\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056"
-"\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033"
-"\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130"
-"\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335"
-"\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336"
-"\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350"
-"\306\241"
-, (PRUint32)1058 }
-};
-static const NSSItem nss_builtins_items_91 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
- { (void *)"\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036"
-"\305\115\213\317"
-, (PRUint32)20 },
- { (void *)"\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273"
-, (PRUint32)16 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_92 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\053\150\324\243\106\236\305\073\050\011\253\070\135\177"
-"\047\040"
-, (PRUint32)18 },
- { (void *)"\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\053"
-"\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132"
-"\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\271\355\136\172\072\167\137\316\137\072"
-"\122\374\315\144\367\161\265\157\152\226\306\131\222\125\224\135"
-"\057\133\056\301\021\352\046\212\313\247\201\074\366\132\104\336"
-"\172\023\057\375\132\121\331\173\067\046\112\300\047\077\004\003"
-"\152\126\301\203\054\341\157\133\251\124\120\044\112\306\056\172"
-"\114\241\133\067\124\044\041\061\037\241\170\030\166\247\261\160"
-"\332\042\320\152\376\007\142\100\306\367\366\233\175\014\006\270"
-"\113\307\050\344\146\043\204\121\357\106\267\223\330\201\063\313"
-"\345\066\254\306\350\005\002\003\001\000\001\243\202\001\020\060"
-"\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\061\060\061\006\003\125\035\037\004\052\060\050"
-"\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\061\056\143\162\154\060\023\006\003\125\035\045\004"
-"\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006"
-"\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006"
-"\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164"
-"\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147"
-"\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165"
-"\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013"
-"\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006"
-"\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163"
-"\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056"
-"\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002"
-"\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201"
-"\201\000\160\220\335\270\344\276\123\027\174\177\002\351\325\367"
-"\213\231\223\061\140\215\176\346\140\153\044\357\140\254\322\316"
-"\221\336\200\155\011\244\323\270\070\345\104\312\162\136\015\055"
-"\301\167\234\275\054\003\170\051\215\244\245\167\207\365\361\053"
-"\046\255\314\007\154\072\124\132\050\340\011\363\115\012\004\312"
-"\324\130\151\013\247\263\365\335\001\245\347\334\360\037\272\301"
-"\135\220\215\263\352\117\301\021\131\227\152\262\053\023\261\332"
-"\255\227\241\263\261\240\040\133\312\062\253\215\317\023\360\037"
-"\051\303"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_93 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)"\004\226\110\344\112\311\314\255\105\203\230\331\074\175\221\365"
-"\042\104\033\212"
-, (PRUint32)20 },
- { (void *)"\176\157\072\123\033\174\276\260\060\333\103\036\036\224\211\262"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\053\150\324\243\106\236\305\073\050\011\253\070\135\177"
-"\047\040"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_94 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\011\106\027\346\035\330\324\034\240\014\240\142\350\171"
-"\212\247"
-, (PRUint32)18 },
- { (void *)"\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\011"
-"\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\061\060\060\060\060\060\060\132"
-"\027\015\060\064\060\067\063\061\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\320\312\143\061\141\177\104\064\174\005"
-"\175\013\075\152\220\313\171\113\167\012\077\113\307\043\345\300"
-"\142\055\176\234\176\076\210\207\221\320\254\350\115\111\207\242"
-"\226\220\212\335\004\245\002\077\214\233\351\211\376\142\240\342"
-"\132\275\310\335\264\170\346\245\102\223\010\147\001\300\040\115"
-"\327\134\364\135\332\263\343\067\246\122\032\054\114\145\115\212"
-"\207\331\250\243\361\111\124\273\074\134\200\121\150\306\373\111"
-"\377\013\125\253\025\335\373\232\301\271\035\164\015\262\214\104"
-"\135\211\374\237\371\203\002\003\001\000\001\243\202\001\020\060"
-"\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\062\060\061\006\003\125\035\037\004\052\060\050"
-"\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\062\056\143\162\154\060\023\006\003\125\035\045\004"
-"\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006"
-"\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006"
-"\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164"
-"\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147"
-"\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165"
-"\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013"
-"\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006"
-"\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163"
-"\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056"
-"\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002"
-"\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201"
-"\201\000\037\175\011\156\044\106\165\004\234\363\046\233\343\071"
-"\156\027\357\274\275\242\033\322\002\204\206\253\320\100\227\054"
-"\304\103\210\067\031\153\042\250\003\161\120\235\040\334\066\140"
-"\040\232\163\055\163\125\154\130\233\054\302\264\064\054\172\063"
-"\102\312\221\331\351\103\257\317\036\340\365\304\172\253\077\162"
-"\143\036\251\067\341\133\073\210\263\023\206\202\220\127\313\127"
-"\377\364\126\276\042\335\343\227\250\341\274\042\103\302\335\115"
-"\333\366\201\236\222\024\236\071\017\023\124\336\202\330\300\136"
-"\064\215"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_95 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)"\042\171\151\276\320\122\116\115\035\066\262\361\162\041\167\361"
-"\124\123\110\167"
-, (PRUint32)20 },
- { (void *)"\363\105\275\020\226\015\205\113\357\237\021\142\064\247\136\265"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\011\106\027\346\035\330\324\034\240\014\240\142\350\171"
-"\212\247"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_96 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\056\226\236\277\266\142\154\354\173\351\163\314\343\154"
-"\301\204"
-, (PRUint32)18 },
- { (void *)"\060\202\003\242\060\202\003\013\240\003\002\001\002\002\020\056"
-"\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132"
-"\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\361\344\010\016\203\273\165\343\110\345"
-"\270\333\246\360\271\253\351\074\142\307\136\065\133\320\002\124"
-"\021\330\311\321\126\271\166\113\271\253\172\346\315\272\366\014"
-"\004\326\176\326\260\012\145\254\116\071\343\361\367\055\243\045"
-"\071\357\260\213\317\276\333\014\135\156\160\364\007\315\160\367"
-"\072\300\076\065\026\355\170\214\103\317\302\046\056\107\326\206"
-"\175\234\361\276\326\147\014\042\045\244\312\145\346\037\172\170"
-"\050\057\077\005\333\004\041\277\341\105\146\376\074\267\202\355"
-"\132\270\026\025\271\125\002\003\001\000\001\243\202\001\024\060"
-"\202\001\020\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\063\060\065\006\003\125\035\037\004\056\060\054"
-"\060\052\240\050\240\046\206\044\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\063\056\061\056\061\056\143\162\154\060\023\006\003"
-"\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007\003"
-"\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066\060"
-"\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046\026"
-"\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145\162"
-"\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057\163"
-"\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060\073"
-"\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001\060"
-"\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150"
-"\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163"
-"\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003\125"
-"\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004\003"
-"\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\002\366\123\143\300\251\036\362\320\213"
-"\063\060\217\110\233\114\260\126\264\203\161\112\276\334\120\330"
-"\365\266\340\013\333\275\170\117\351\317\011\064\332\051\111\235"
-"\001\163\132\221\221\202\124\054\023\012\323\167\043\317\067\374"
-"\143\336\247\343\366\267\265\151\105\050\111\303\221\334\252\107"
-"\034\251\210\231\054\005\052\215\215\212\372\142\342\132\267\000"
-"\040\135\071\304\050\302\313\374\236\250\211\256\133\075\216\022"
-"\352\062\262\374\353\024\327\011\025\032\300\315\033\325\265\025"
-"\116\101\325\226\343\116"
-, (PRUint32)934 }
-};
-static const NSSItem nss_builtins_items_97 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)"\265\355\267\332\046\072\126\164\322\042\105\060\324\307\217\172"
-"\007\365\345\137"
-, (PRUint32)20 },
- { (void *)"\175\121\222\311\166\203\230\026\336\214\263\206\304\175\146\373"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\020\056\226\236\277\266\142\154\354\173\351\163\314\343\154"
-"\301\204"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_98 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Secure Server OCSP Responder", (PRUint32)38 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003"
-"\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145"
-"\162"
-, (PRUint32)161 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\021\000\377\105\325\047\135\044\373\263\302\071\044\123\127"
-"\341\117\336"
-, (PRUint32)19 },
- { (void *)"\060\202\003\237\060\202\003\014\240\003\002\001\002\002\021\000"
-"\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117\336"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040"
-"\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141\164"
-"\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143\056"
-"\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060"
-"\132\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132"
-"\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003"
-"\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145"
-"\162\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\270\121"
-"\231\144\205\016\356\263\012\150\360\277\143\166\035\123\365\374"
-"\241\170\214\063\356\237\364\276\071\332\233\017\115\107\251\217"
-"\040\350\113\104\275\316\315\173\220\321\060\350\220\304\045\173"
-"\211\050\336\275\366\223\035\377\271\377\222\265\251\215\344\256"
-"\314\342\303\007\203\152\243\162\020\001\047\142\042\246\065\046"
-"\071\055\236\317\140\014\374\107\244\327\320\102\170\247\035\154"
-"\320\313\117\025\247\051\012\264\225\105\304\261\347\132\011\327"
-"\071\225\330\035\065\236\302\275\263\135\301\014\113\037\002\003"
-"\001\000\001\243\202\001\035\060\202\001\031\060\040\006\003\125"
-"\035\021\004\031\060\027\244\025\060\023\061\021\060\017\006\003"
-"\125\004\003\023\010\117\103\123\120\040\061\055\064\060\076\006"
-"\003\125\035\037\004\067\060\065\060\063\240\061\240\057\206\055"
-"\150\164\164\160\072\057\057\143\162\154\056\166\145\162\151\163"
-"\151\147\156\056\143\157\155\057\122\123\101\123\145\143\165\162"
-"\145\123\145\162\166\145\162\055\160\056\143\162\154\060\023\006"
-"\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007"
-"\003\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066"
-"\060\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046"
-"\026\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145"
-"\162\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057"
-"\163\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060"
-"\073\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001"
-"\060\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034"
-"\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151"
-"\163\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003"
-"\125\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004"
-"\003\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\176\000\000\263\020\123\146\234\111\223\056\061"
-"\240\002\102\322\130\127\176\146\241\376\033\212\141\030\120\100"
-"\054\036\053\101\245\326\333\377\254\010\034\132\005\155\002\134"
-"\052\266\226\117\107\333\276\116\333\316\314\272\206\270\030\316"
-"\261\022\221\137\143\367\363\110\076\314\361\115\023\344\155\011"
-"\224\170\000\222\313\243\040\235\006\013\152\240\103\007\316\321"
-"\031\154\217\030\165\232\237\027\063\375\251\046\270\343\342\336"
-"\302\250\304\132\212\177\230\326\007\006\153\314\126\236\206\160"
-"\316\324\357"
-, (PRUint32)931 }
-};
-static const NSSItem nss_builtins_items_99 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Secure Server OCSP Responder", (PRUint32)38 },
- { (void *)"\161\236\140\141\327\175\054\203\361\242\135\074\366\215\002\274"
-"\224\070\305\056"
-, (PRUint32)20 },
- { (void *)"\054\142\303\330\200\001\026\011\352\131\352\170\253\020\103\366"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\021\000\377\105\325\047\135\044\373\263\302\071\044\123\127"
-"\341\117\336"
-, (PRUint32)19 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_100 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Time Stamping Authority CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\245\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\162\160\141\040\050\143\051\060\060\061\054\060\052\006\003"
-"\125\004\003\023\043\126\145\162\151\123\151\147\156\040\124\151"
-"\155\145\040\123\164\141\155\160\151\156\147\040\101\165\164\150"
-"\157\162\151\164\171\040\103\101"
-, (PRUint32)168 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\123\141\262\140\256\333\161\216\247\224\263\023\063\364"
-"\007\011"
-, (PRUint32)18 },
- { (void *)"\060\202\003\315\060\202\003\066\240\003\002\001\002\002\020\123"
-"\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201"
-"\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013"
-"\023\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061"
-"\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165"
-"\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154"
-"\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151"
-"\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157"
-"\162\153\060\036\027\015\060\060\060\071\062\066\060\060\060\060"
-"\060\060\132\027\015\061\060\060\071\062\065\062\063\065\071\065"
-"\071\132\060\201\245\061\027\060\025\006\003\125\004\012\023\016"
-"\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061\037"
-"\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147"
-"\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061"
-"\073\060\071\006\003\125\004\013\023\062\124\145\162\155\163\040"
-"\157\146\040\165\163\145\040\141\164\040\150\164\164\160\163\072"
-"\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056\143"
-"\157\155\057\162\160\141\040\050\143\051\060\060\061\054\060\052"
-"\006\003\125\004\003\023\043\126\145\162\151\123\151\147\156\040"
-"\124\151\155\145\040\123\164\141\155\160\151\156\147\040\101\165"
-"\164\150\157\162\151\164\171\040\103\101\060\201\237\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000"
-"\060\201\211\002\201\201\000\322\031\235\147\302\000\041\131\142"
-"\316\264\011\042\104\151\212\370\045\132\333\355\015\267\066\176"
-"\116\340\273\224\076\220\045\207\302\141\107\051\331\275\124\270"
-"\143\314\054\175\151\264\063\066\364\067\007\232\301\335\100\124"
-"\374\340\170\235\240\223\271\011\075\043\121\177\104\302\024\164"
-"\333\012\276\313\311\060\064\100\230\076\320\327\045\020\201\224"
-"\275\007\117\234\326\124\047\337\056\250\277\313\220\214\215\165"
-"\113\274\342\350\104\207\315\346\101\012\045\156\350\364\044\002"
-"\305\122\017\156\354\230\165\002\003\001\000\001\243\201\337\060"
-"\201\334\060\017\006\003\125\035\023\004\010\060\006\001\001\377"
-"\002\001\000\060\105\006\003\125\035\040\004\076\060\074\060\072"
-"\006\014\140\206\110\001\206\370\105\001\007\027\001\003\060\052"
-"\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164"
-"\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163\151"
-"\147\156\056\143\157\155\057\162\160\141\060\061\006\003\125\035"
-"\037\004\052\060\050\060\046\240\044\240\042\206\040\150\164\164"
-"\160\072\057\057\143\162\154\056\166\145\162\151\163\151\147\156"
-"\056\143\157\155\057\160\143\141\063\056\143\162\154\060\013\006"
-"\003\125\035\017\004\004\003\002\001\006\060\102\006\010\053\006"
-"\001\005\005\007\001\001\004\066\060\064\060\062\006\010\053\006"
-"\001\005\005\007\060\001\246\046\026\044\150\164\164\160\072\057"
-"\057\157\143\163\160\056\166\145\162\151\163\151\147\156\056\143"
-"\157\155\057\157\143\163\160\057\163\164\141\164\165\163\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
-"\000\202\160\150\225\337\266\015\302\001\160\031\112\322\124\126"
-"\036\254\362\105\114\207\270\365\065\353\170\113\005\251\310\235"
-"\073\031\041\056\160\064\112\242\365\211\340\025\165\105\347\050"
-"\067\000\064\047\051\350\067\113\362\357\104\227\153\027\121\032"
-"\303\126\235\074\032\212\366\112\106\106\067\214\372\313\365\144"
-"\132\070\150\056\034\303\357\160\316\270\106\006\026\277\367\176"
-"\347\265\250\076\105\254\251\045\165\042\173\157\077\260\234\224"
-"\347\307\163\253\254\037\356\045\233\300\026\355\267\312\133\360"
-"\024"
-, (PRUint32)977 }
-};
-static const NSSItem nss_builtins_items_101 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Time Stamping Authority CA", (PRUint32)36 },
- { (void *)"\246\017\064\310\142\154\201\366\213\367\175\251\366\147\130\212"
-"\220\077\175\066"
-, (PRUint32)20 },
- { (void *)"\211\111\124\214\310\150\232\203\051\354\334\006\163\041\253\227"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\002\020\123\141\262\140\256\333\161\216\247\224\263\023\063\364"
-"\007\011"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_102 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)"\060\202\002\241\060\202\002\012\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007\023"
-"\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060\015"
-"\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035\060"
-"\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060\035"
-"\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124\151"
-"\155\145\163\164\141\155\160\151\156\147\040\103\101\060\036\027"
-"\015\071\067\060\061\060\061\060\060\060\060\060\060\132\027\015"
-"\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\213"
-"\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060"
-"\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040"
-"\103\141\160\145\061\024\060\022\006\003\125\004\007\023\013\104"
-"\165\162\142\141\156\166\151\154\154\145\061\017\060\015\006\003"
-"\125\004\012\023\006\124\150\141\167\164\145\061\035\060\033\006"
-"\003\125\004\013\023\024\124\150\141\167\164\145\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\061\037\060\035\006\003"
-"\125\004\003\023\026\124\150\141\167\164\145\040\124\151\155\145"
-"\163\164\141\155\160\151\156\147\040\103\101\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\326\053\130\170\141\105\206\123"
-"\352\064\173\121\234\355\260\346\056\030\016\376\340\137\250\047"
-"\323\264\311\340\174\131\116\026\016\163\124\140\301\177\366\237"
-"\056\351\072\205\044\025\074\333\107\004\143\303\236\304\224\032"
-"\132\337\114\172\363\331\103\035\074\020\172\171\045\333\220\376"
-"\360\121\347\060\326\101\000\375\237\050\337\171\276\224\273\235"
-"\266\024\343\043\205\327\251\101\340\114\244\171\260\053\032\213"
-"\362\370\073\212\076\105\254\161\222\000\264\220\101\230\373\137"
-"\355\372\267\056\212\370\210\067\002\003\001\000\001\243\023\060"
-"\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001"
-"\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\147\333\342\302\346\207\075\100\203\206\067"
-"\065\175\037\316\232\303\014\146\040\250\272\252\004\211\206\302"
-"\365\020\010\015\277\313\242\005\212\320\115\066\076\364\327\357"
-"\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333"
-"\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220"
-"\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354"
-"\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003"
-"\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031"
-"\011\254\211\111\323"
-, (PRUint32)677 }
-};
-static const NSSItem nss_builtins_items_103 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
- { (void *)"\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105"
-"\010\116\326\126"
-, (PRUint32)20 },
- { (void *)"\177\146\172\161\323\353\151\170\040\232\121\024\235\203\332\040"
-, (PRUint32)16 },
- { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
- { (void *)"\002\001\000"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_104 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
- { (void *)"\002\004\070\233\021\074"
-, (PRUint32)6 },
- { (void *)"\060\202\004\225\060\202\003\376\240\003\002\001\002\002\004\070"
-"\233\021\074\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\272\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075\006"
-"\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151\156"
-"\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154"
-"\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043"
-"\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040"
-"\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151"
-"\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156"
-"\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145"
-"\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\062\060\064\061\067\062\060\060\060\132"
-"\027\015\062\060\060\062\060\064\061\067\065\060\060\060\132\060"
-"\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125\004"
-"\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157\162"
-"\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151"
-"\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125"
-"\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156\164"
-"\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144"
-"\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165"
-"\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145"
-"\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201"
-"\215\000\060\201\211\002\201\201\000\307\301\137\116\161\361\316"
-"\360\140\206\017\322\130\177\323\063\227\055\027\242\165\060\265"
-"\226\144\046\057\150\303\104\253\250\165\346\000\147\064\127\236"
-"\145\307\042\233\163\346\323\335\010\016\067\125\252\045\106\201"
-"\154\275\376\250\366\165\127\127\214\220\154\112\303\076\213\113"
-"\103\012\311\021\126\232\232\047\042\231\317\125\236\141\331\002"
-"\342\174\266\174\070\007\334\343\177\117\232\271\003\101\200\266"
-"\165\147\023\013\237\350\127\066\310\135\000\066\336\146\024\332"
-"\156\166\037\117\067\214\202\023\211\002\003\001\000\001\243\202"
-"\001\244\060\202\001\240\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\201\343\006\003\125\035"
-"\037\004\201\333\060\201\330\060\201\325\240\201\322\240\201\317"
-"\244\201\314\060\201\311\061\024\060\022\006\003\125\004\012\023"
-"\013\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075"
-"\006\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165"
-"\163\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105"
-"\156\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\061\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060"
-"\053\006\003\125\035\020\004\044\060\042\200\017\062\060\060\060"
-"\060\062\060\064\061\067\062\060\060\060\132\201\017\062\060\062"
-"\060\060\062\060\064\061\067\065\060\060\060\132\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\313\154\300\153\343\273\076\313\374\042"
-"\234\376\373\213\222\234\260\362\156\042\060\035\006\003\125\035"
-"\016\004\026\004\024\313\154\300\153\343\273\076\313\374\042\234"
-"\376\373\213\222\234\260\362\156\042\060\014\006\003\125\035\023"
-"\004\005\060\003\001\001\377\060\035\006\011\052\206\110\206\366"
-"\175\007\101\000\004\020\060\016\033\010\126\065\056\060\072\064"
-"\056\060\003\002\004\220\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\142\333\201\221\316\310\232"
-"\167\102\057\354\275\047\243\123\017\120\033\352\116\222\360\251"
-"\257\251\240\272\110\141\313\357\311\006\357\037\325\364\356\337"
-"\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205"
-"\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021"
-"\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154"
-"\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124"
-"\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274"
-"\005\377\154\211\063\360\354\025\017"
-, (PRUint32)1177 }
-};
-static const NSSItem nss_builtins_items_105 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
- { (void *)"\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366"
-"\045\072\110\223"
-, (PRUint32)20 },
- { (void *)"\235\146\152\314\377\325\365\103\264\277\214\026\321\053\250\231"
-, (PRUint32)16 },
- { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
- { (void *)"\002\004\070\233\021\074"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_106 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
- { (void *)"\002\004\070\236\366\344"
-, (PRUint32)6 },
- { (void *)"\060\202\004\203\060\202\003\354\240\003\002\001\002\002\004\070"
-"\236\366\344\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006"
-"\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\107\103\103\101\137\103\120\123\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105"
-"\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145\156"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\060\036\027\015\060\060\060"
-"\062\060\067\061\066\061\066\064\060\132\027\015\062\060\060\062"
-"\060\067\061\066\064\066\064\060\132\060\201\264\061\024\060\022"
-"\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156"
-"\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167"
-"\056\145\156\164\162\165\163\164\056\156\145\164\057\107\103\103"
-"\101\137\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151"
-"\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050"
-"\143\051\040\062\060\060\060\040\105\156\164\162\165\163\164\056"
-"\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006"
-"\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145"
-"\164\040\103\154\151\145\156\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
-"\005\000\003\201\215\000\060\201\211\002\201\201\000\223\164\264"
-"\266\344\305\113\326\241\150\177\142\325\354\367\121\127\263\162"
-"\112\230\365\320\211\311\255\143\315\115\065\121\152\204\324\255"
-"\311\150\171\157\270\353\021\333\207\256\134\044\121\023\361\124"
-"\045\204\257\051\053\237\343\200\342\331\313\335\306\105\111\064"
-"\210\220\136\001\227\357\352\123\246\335\374\301\336\113\052\045"
-"\344\351\065\372\125\005\006\345\211\172\352\244\021\127\073\374"
-"\174\075\066\315\147\065\155\244\251\045\131\275\146\365\371\047"
-"\344\225\147\326\077\222\200\136\362\064\175\053\205\002\003\001"
-"\000\001\243\202\001\236\060\202\001\232\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201\335"
-"\006\003\125\035\037\004\201\325\060\201\322\060\201\317\240\201"
-"\314\240\201\311\244\201\306\060\201\303\061\024\060\022\006\003"
-"\125\004\012\023\013\105\156\164\162\165\163\164\056\156\145\164"
-"\061\100\060\076\006\003\125\004\013\024\067\167\167\167\056\145"
-"\156\164\162\165\163\164\056\156\145\164\057\107\103\103\101\137"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141\142"
-"\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\062\060\060\060\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015"
-"\060\013\006\003\125\004\003\023\004\103\122\114\061\060\053\006"
-"\003\125\035\020\004\044\060\042\200\017\062\060\060\060\060\062"
-"\060\067\061\066\061\066\064\060\132\201\017\062\060\062\060\060"
-"\062\060\067\061\066\064\066\064\060\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\204\213\164\375\305\215\300\377\047\155\040\067"
-"\105\174\376\055\316\272\323\175\060\035\006\003\125\035\016\004"
-"\026\004\024\204\213\164\375\305\215\300\377\047\155\040\067\105"
-"\174\376\055\316\272\323\175\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\035\006\011\052\206\110\206\366\175\007"
-"\101\000\004\020\060\016\033\010\126\065\056\060\072\064\056\060"
-"\003\002\004\220\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\116\157\065\200\073\321\212\365\016"
-"\247\040\313\055\145\125\320\222\364\347\204\265\006\046\203\022"
-"\204\013\254\073\262\104\356\275\317\100\333\040\016\272\156\024"
-"\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276"
-"\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277"
-"\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172"
-"\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103"
-"\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235"
-"\316\145\146\227\256\046\136"
-, (PRUint32)1159 }
-};
-static const NSSItem nss_builtins_items_107 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
- { (void *)"\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266"
-"\266\360\277\163"
-, (PRUint32)20 },
- { (void *)"\232\167\031\030\355\226\317\337\033\267\016\365\215\271\210\056"
-, (PRUint32)16 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
- { (void *)"\002\004\070\236\366\344"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_108 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AOL Time Warner Root Certification Authority 1", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\061"
-, (PRUint32)134 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\061"
-, (PRUint32)134 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\003\346\060\202\002\316\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151"
-"\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034"
-"\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141"
-"\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065"
-"\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040"
-"\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\061\060\036\027\015\060\062\060\065\062\071\060"
-"\066\060\060\060\060\132\027\015\063\067\061\061\062\060\061\065"
-"\060\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004"
-"\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024"
-"\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040"
-"\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101"
-"\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114"
-"\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\061\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\231\336\217\303"
-"\045\243\151\064\350\005\367\164\271\277\132\227\031\271\057\224"
-"\322\223\345\055\211\312\204\174\077\020\103\033\214\213\174\204"
-"\130\370\044\174\110\317\052\375\300\025\331\030\176\204\032\027"
-"\323\333\236\327\312\344\331\327\252\130\121\207\360\360\213\110"
-"\116\342\302\304\131\151\060\142\266\060\242\214\013\021\231\141"
-"\065\155\176\357\305\261\031\006\040\022\216\102\341\337\017\226"
-"\020\122\250\317\234\137\225\024\330\257\073\165\013\061\040\037"
-"\104\057\242\142\101\263\273\030\041\333\312\161\074\214\354\266"
-"\271\015\237\357\121\357\115\173\022\362\013\014\341\254\100\217"
-"\167\177\260\312\170\161\014\135\026\161\160\242\327\302\072\205"
-"\315\016\232\304\340\000\260\325\045\352\334\053\344\224\055\070"
-"\234\211\101\127\144\050\145\031\034\266\104\264\310\061\153\216"
-"\001\173\166\131\045\177\025\034\204\010\174\163\145\040\012\241"
-"\004\056\032\062\250\232\040\261\234\054\041\131\347\373\317\356"
-"\160\055\010\312\143\076\054\233\223\031\152\244\302\227\377\267"
-"\206\127\210\205\154\236\025\026\053\115\054\263\002\003\001\000"
-"\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004"
-"\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310\330"
-"\075\174\276\137\022\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310"
-"\330\075\174\276\137\022\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\212\040\030\245\276\263"
-"\057\264\246\204\000\100\060\051\372\264\024\163\114\171\105\247"
-"\366\160\340\350\176\144\036\012\225\174\152\141\302\357\116\037"
-"\276\377\311\231\037\007\141\112\341\135\114\315\255\356\320\122"
-"\062\331\131\062\274\332\171\162\326\173\011\350\002\201\065\323"
-"\012\337\021\035\311\171\240\200\115\376\132\327\126\326\355\017"
-"\052\257\247\030\165\063\014\352\301\141\005\117\152\232\211\362"
-"\215\271\237\056\357\260\137\132\000\353\276\255\240\370\104\005"
-"\147\274\313\004\357\236\144\305\351\310\077\005\277\306\057\007"
-"\034\303\066\161\206\312\070\146\112\315\326\270\113\306\154\247"
-"\227\073\372\023\055\156\043\141\207\241\143\102\254\302\313\227"
-"\237\141\150\317\055\114\004\235\327\045\117\012\016\115\220\213"
-"\030\126\250\223\110\127\334\157\256\275\236\147\127\167\211\120"
-"\263\276\021\233\105\147\203\206\031\207\323\230\275\010\032\026"
-"\037\130\202\013\341\226\151\005\113\216\354\203\121\061\007\325"
-"\324\237\377\131\173\250\156\205\317\323\113\251\111\260\137\260"
-"\071\050\150\016\163\335\045\232\336\022"
-, (PRUint32)1002 }
-};
-static const NSSItem nss_builtins_items_109 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AOL Time Warner Root Certification Authority 1", (PRUint32)47 },
- { (void *)"\164\124\123\134\044\243\247\130\040\176\076\076\323\044\370\026"
-"\373\041\026\111"
-, (PRUint32)20 },
- { (void *)"\347\172\334\261\037\156\006\037\164\154\131\026\047\303\113\300"
-, (PRUint32)16 },
- { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\061"
-, (PRUint32)134 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_110 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AOL Time Warner Root Certification Authority 2", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\062"
-, (PRUint32)134 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\062"
-, (PRUint32)134 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\005\346\060\202\003\316\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151"
-"\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034"
-"\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141"
-"\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065"
-"\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040"
-"\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\062\060\036\027\015\060\062\060\065\062\071\060"
-"\066\060\060\060\060\132\027\015\063\067\060\071\062\070\062\063"
-"\064\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004"
-"\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024"
-"\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040"
-"\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101"
-"\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114"
-"\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\062\060\202\002\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\002\017\000\060\202\002\012\002\202\002\001\000\264\067\132\010"
-"\026\231\024\350\125\261\033\044\153\374\307\213\346\207\251\211"
-"\356\213\231\315\117\100\206\244\266\115\311\331\261\334\074\115"
-"\015\205\114\025\154\106\213\122\170\237\370\043\375\147\365\044"
-"\072\150\135\320\367\144\141\101\124\243\213\245\010\322\051\133"
-"\233\140\117\046\203\321\143\022\126\111\166\244\026\302\245\235"
-"\105\254\213\204\225\250\026\261\354\237\352\044\032\357\271\127"
-"\134\232\044\041\054\115\016\161\037\246\254\135\105\164\003\230"
-"\304\124\214\026\112\101\167\206\225\165\014\107\001\146\140\374"
-"\025\361\017\352\365\024\170\307\016\327\156\201\034\136\277\136"
-"\347\072\052\330\227\027\060\174\000\255\010\235\063\257\270\231"
-"\141\200\213\250\225\176\024\334\022\154\244\320\330\357\100\111"
-"\002\066\371\156\251\326\035\226\126\004\262\263\055\026\126\206"
-"\217\331\040\127\200\315\147\020\155\260\114\360\332\106\266\352"
-"\045\056\106\257\215\260\205\070\064\213\024\046\202\053\254\256"
-"\231\013\216\024\327\122\275\236\151\303\206\002\013\352\166\165"
-"\061\011\316\063\031\041\205\103\346\211\055\237\045\067\147\361"
-"\043\152\322\000\155\227\371\237\347\051\312\335\037\327\006\352"
-"\270\311\271\011\041\237\310\077\006\305\322\351\022\106\000\116"
-"\173\010\353\102\075\053\110\156\235\147\335\113\002\344\104\363"
-"\223\031\245\047\316\151\172\276\147\323\374\120\244\054\253\303"
-"\153\271\343\200\114\317\005\141\113\053\334\033\271\246\322\320"
-"\252\365\053\163\373\316\220\065\237\014\122\034\277\134\041\141"
-"\021\133\025\113\251\044\121\374\244\134\367\027\235\260\322\372"
-"\007\351\217\126\344\032\214\150\212\004\323\174\132\343\236\242"
-"\241\312\161\133\242\324\240\347\051\205\135\003\150\052\117\322"
-"\006\327\075\371\303\003\057\077\145\371\147\036\107\100\323\143"
-"\017\343\325\216\371\205\253\227\114\263\327\046\353\226\012\224"
-"\336\205\066\234\310\177\201\011\002\111\052\016\365\144\062\014"
-"\202\321\272\152\202\033\263\113\164\021\363\214\167\326\237\277"
-"\334\067\244\247\125\004\057\324\061\350\323\106\271\003\174\332"
-"\022\116\131\144\267\121\061\061\120\240\312\034\047\331\020\056"
-"\255\326\275\020\146\053\303\260\042\112\022\133\002\003\001\000"
-"\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004"
-"\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116\325"
-"\277\251\304\040\050\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116"
-"\325\277\251\304\040\050\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\002\001\000\073\363\256\312\350\056"
-"\207\205\373\145\131\347\255\021\024\245\127\274\130\237\044\022"
-"\127\273\373\077\064\332\356\255\172\052\064\162\160\061\153\307"
-"\031\230\200\311\202\336\067\167\136\124\213\216\362\352\147\117"
-"\311\164\204\221\126\011\325\345\172\232\201\266\201\302\255\066"
-"\344\361\124\021\123\363\064\105\001\046\310\345\032\274\064\104"
-"\041\336\255\045\374\166\026\167\041\220\200\230\127\235\116\352"
-"\354\057\252\074\024\173\127\301\176\030\024\147\356\044\306\275"
-"\272\025\260\322\030\275\267\125\201\254\123\300\350\335\151\022"
-"\023\102\267\002\265\005\101\312\171\120\156\202\016\161\162\223"
-"\106\350\235\015\135\275\256\316\051\255\143\325\125\026\200\060"
-"\047\377\166\272\367\270\326\112\343\331\265\371\122\320\116\100"
-"\251\307\345\302\062\307\252\166\044\341\153\005\120\353\305\277"
-"\012\124\345\271\102\074\044\373\267\007\234\060\237\171\132\346"
-"\340\100\122\025\364\374\252\364\126\371\104\227\207\355\016\145"
-"\162\136\276\046\373\115\244\055\010\007\336\330\134\240\334\201"
-"\063\231\030\045\021\167\247\353\375\130\011\054\231\153\033\212"
-"\363\122\077\032\115\110\140\361\240\366\063\002\123\213\355\045"
-"\011\270\015\055\355\227\163\354\327\226\037\216\140\016\332\020"
-"\233\057\030\044\366\246\115\012\371\073\313\165\302\314\057\316"
-"\044\151\311\012\042\216\131\247\367\202\014\327\327\153\065\234"
-"\103\000\152\304\225\147\272\234\105\313\270\016\067\367\334\116"
-"\001\117\276\012\266\003\323\255\212\105\367\332\047\115\051\261"
-"\110\337\344\021\344\226\106\275\154\002\076\326\121\310\225\027"
-"\001\025\251\362\252\252\362\277\057\145\033\157\320\271\032\223"
-"\365\216\065\304\200\207\076\224\057\146\344\351\250\377\101\234"
-"\160\052\117\052\071\030\225\036\176\373\141\001\074\121\010\056"
-"\050\030\244\026\017\061\375\072\154\043\223\040\166\341\375\007"
-"\205\321\133\077\322\034\163\062\335\372\271\370\214\317\002\207"
-"\172\232\226\344\355\117\211\215\123\103\253\016\023\300\001\025"
-"\264\171\070\333\374\156\075\236\121\266\270\023\213\147\317\371"
-"\174\331\042\035\366\135\305\034\001\057\230\350\172\044\030\274"
-"\204\327\372\334\162\133\367\301\072\150"
-, (PRUint32)1514 }
-};
-static const NSSItem nss_builtins_items_111 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AOL Time Warner Root Certification Authority 2", (PRUint32)47 },
- { (void *)"\374\041\232\166\021\057\166\301\305\010\203\074\232\057\242\272"
-"\204\254\010\172"
-, (PRUint32)20 },
- { (void *)"\001\132\231\303\326\117\251\113\074\073\261\243\253\047\114\277"
-, (PRUint32)16 },
- { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\062"
-, (PRUint32)134 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_112 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA-Baltimore Implementation", (PRUint32)43 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
- { (void *)"\002\004\074\265\075\106"
-, (PRUint32)6 },
- { (void *)"\060\202\005\152\060\202\004\122\240\003\002\001\002\002\004\074"
-"\265\075\106\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\055\102\141\154\164\151\155\157\162\145\040\111\155\160\154"
-"\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062"
-"\060\064\061\061\060\067\063\070\065\061\132\027\015\062\062\060"
-"\064\061\061\060\067\063\070\065\061\132\060\146\061\022\060\020"
-"\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144"
-"\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060"
-"\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145"
-"\144\040\122\157\157\164\040\103\101\055\102\141\154\164\151\155"
-"\157\162\145\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\274\176\304\071\234\214\343\326\034\206\377\312\142"
-"\255\340\177\060\105\172\216\032\263\270\307\371\321\066\377\042"
-"\363\116\152\137\204\020\373\146\201\303\224\171\061\322\221\341"
-"\167\216\030\052\303\024\336\121\365\117\243\053\274\030\026\342"
-"\265\335\171\336\042\370\202\176\313\201\037\375\047\054\217\372"
-"\227\144\042\216\370\377\141\243\234\033\036\222\217\300\250\011"
-"\337\011\021\354\267\175\061\232\032\352\203\041\006\074\237\272"
-"\134\377\224\352\152\270\303\153\125\064\117\075\062\037\335\201"
-"\024\340\304\074\315\235\060\370\060\251\227\323\356\314\243\320"
-"\037\137\034\023\201\324\030\253\224\321\143\303\236\177\065\222"
-"\236\137\104\352\354\364\042\134\267\350\075\175\244\371\211\251"
-"\221\262\052\331\353\063\207\356\245\375\343\332\314\210\346\211"
-"\046\156\307\053\202\320\136\235\131\333\024\354\221\203\005\303"
-"\136\016\306\052\320\004\335\161\075\040\116\130\047\374\123\373"
-"\170\170\031\024\262\374\220\122\211\070\142\140\007\264\240\354"
-"\254\153\120\326\375\271\050\153\357\122\055\072\262\377\361\001"
-"\100\254\067\002\003\001\000\001\243\202\002\036\060\202\002\032"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060\202"
-"\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076\000"
-"\000\001\011\050\203\221\061\060\202\001\217\060\202\001\110\006"
-"\010\053\006\001\005\005\007\002\002\060\202\001\072\032\202\001"
-"\066\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040"
-"\165\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040"
-"\141\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156"
-"\164\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145"
-"\040\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160"
-"\154\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144"
-"\040\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151"
-"\164\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150"
-"\145\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\120\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145"
-"\156\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151"
-"\156\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145"
-"\156\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145"
-"\040\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145"
-"\124\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145"
-"\054\040\150\164\164\160\072\057\057\167\167\167\056\142\145\164"
-"\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165"
-"\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144"
-"\145\170\056\150\164\155\154\060\101\006\010\053\006\001\005\005"
-"\007\002\001\026\065\150\164\164\160\072\057\057\167\167\167\056"
-"\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160\162"
-"\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163\057"
-"\151\156\144\145\170\056\150\164\155\154\060\035\006\003\125\035"
-"\016\004\026\004\024\105\075\303\251\321\334\077\044\126\230\034"
-"\163\030\210\152\377\203\107\355\266\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\105\075\303\251\321\334\077\044\126\230"
-"\034\163\030\210\152\377\203\107\355\266\060\016\006\003\125\035"
-"\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\111\222"
-"\274\243\356\254\275\372\015\311\213\171\206\034\043\166\260\200"
-"\131\167\374\332\177\264\113\337\303\144\113\152\116\016\255\362"
-"\175\131\167\005\255\012\211\163\260\372\274\313\334\215\000\210"
-"\217\246\240\262\352\254\122\047\277\241\110\174\227\020\173\272"
-"\355\023\035\232\007\156\313\061\142\022\350\143\003\252\175\155"
-"\343\370\033\166\041\170\033\237\113\103\214\323\111\206\366\033"
-"\134\366\056\140\025\323\351\343\173\165\077\320\002\203\320\030"
-"\202\101\315\145\067\352\216\062\176\275\153\231\135\060\021\310"
-"\333\110\124\034\073\341\247\023\323\152\110\223\367\075\214\177"
-"\005\350\316\363\210\052\143\004\270\352\176\130\174\001\173\133"
-"\341\305\175\357\041\340\215\016\135\121\175\261\147\375\243\275"
-"\070\066\306\362\070\206\207\032\226\150\140\106\373\050\024\107"
-"\125\341\247\200\014\153\342\352\337\115\174\220\110\240\066\275"
-"\011\027\211\177\303\362\323\234\234\343\335\304\033\335\365\267"
-"\161\263\123\005\211\006\320\313\112\200\301\310\123\220\265\074"
-"\061\210\027\120\237\311\304\016\213\330\250\002\143\015"
-, (PRUint32)1390 }
-};
-static const NSSItem nss_builtins_items_113 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA-Baltimore Implementation", (PRUint32)43 },
- { (void *)"\334\273\236\267\031\113\304\162\005\301\021\165\051\206\203\133"
-"\123\312\344\370"
-, (PRUint32)20 },
- { (void *)"\201\065\271\373\373\022\312\030\151\066\353\256\151\170\241\361"
-, (PRUint32)16 },
- { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
- { (void *)"\002\004\074\265\075\106"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_114 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA - Entrust Implementation", (PRUint32)43 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
- { (void *)"\002\004\074\265\117\100"
-, (PRUint32)6 },
- { (void *)"\060\202\006\121\060\202\005\071\240\003\002\001\002\002\004\074"
-"\265\117\100\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160\154"
-"\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062"
-"\060\064\061\061\060\070\062\064\062\067\132\027\015\062\062\060"
-"\064\061\061\060\070\065\064\062\067\132\060\146\061\022\060\020"
-"\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144"
-"\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060"
-"\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145"
-"\144\040\122\157\157\164\040\103\101\040\055\040\105\156\164\162"
-"\165\163\164\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\272\364\104\003\252\022\152\265\103\354\125\222\266"
-"\060\175\065\127\014\333\363\015\047\156\114\367\120\250\233\116"
-"\053\157\333\365\255\034\113\135\263\251\301\376\173\104\353\133"
-"\243\005\015\037\305\064\053\060\000\051\361\170\100\262\244\377"
-"\072\364\001\210\027\176\346\324\046\323\272\114\352\062\373\103"
-"\167\227\207\043\305\333\103\243\365\052\243\121\136\341\073\322"
-"\145\151\176\125\025\233\172\347\151\367\104\340\127\265\025\350"
-"\146\140\017\015\003\373\202\216\243\350\021\173\154\276\307\143"
-"\016\027\223\337\317\113\256\156\163\165\340\363\252\271\244\300"
-"\011\033\205\352\161\051\210\101\062\371\360\052\016\154\011\362"
-"\164\153\146\154\122\023\037\030\274\324\076\367\330\156\040\236"
-"\312\376\374\041\224\356\023\050\113\327\134\136\014\146\356\351"
-"\273\017\301\064\261\177\010\166\363\075\046\160\311\213\045\035"
-"\142\044\014\352\034\165\116\300\022\344\272\023\035\060\051\055"
-"\126\063\005\273\227\131\176\306\111\117\211\327\057\044\250\266"
-"\210\100\265\144\222\123\126\044\344\242\240\205\263\136\220\264"
-"\022\063\315\002\003\001\000\001\243\202\003\005\060\202\003\001"
-"\060\202\001\267\006\003\125\035\040\004\202\001\256\060\202\001"
-"\252\060\202\001\246\006\017\053\006\001\004\001\261\076\000\000"
-"\002\011\050\203\221\061\060\202\001\221\060\202\001\111\006\010"
-"\053\006\001\005\005\007\002\002\060\202\001\073\032\202\001\067"
-"\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040\165"
-"\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040\141"
-"\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156\164"
-"\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145\040"
-"\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154"
-"\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040"
-"\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164"
-"\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150\145"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\120"
-"\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145\156"
-"\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151\156"
-"\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145\156"
-"\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040"
-"\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145\124"
-"\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145\054"
-"\040\150\164\164\160\163\072\057\057\167\167\167\056\142\145\164"
-"\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165"
-"\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144"
-"\145\170\056\150\164\155\154\060\102\006\010\053\006\001\005\005"
-"\007\002\001\026\066\150\164\164\160\163\072\057\057\167\167\167"
-"\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160"
-"\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163"
-"\057\151\156\144\145\170\056\150\164\155\154\060\021\006\011\140"
-"\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201"
-"\211\006\003\125\035\037\004\201\201\060\177\060\175\240\173\240"
-"\171\244\167\060\165\061\022\060\020\006\003\125\004\012\023\011"
-"\142\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125"
-"\004\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157"
-"\157\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023"
-"\052\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160"
-"\154\145\155\145\156\164\141\164\151\157\156\061\015\060\013\006"
-"\003\125\004\003\023\004\103\122\114\061\060\053\006\003\125\035"
-"\020\004\044\060\042\200\017\062\060\060\062\060\064\061\061\060"
-"\070\062\064\062\067\132\201\017\062\060\062\062\060\064\061\061"
-"\060\070\065\064\062\067\132\060\013\006\003\125\035\017\004\004"
-"\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200"
-"\024\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044"
-"\060\252\204\204\026\060\035\006\003\125\035\016\004\026\004\024"
-"\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044\060"
-"\252\204\204\026\060\014\006\003\125\035\023\004\005\060\003\001"
-"\001\377\060\035\006\011\052\206\110\206\366\175\007\101\000\004"
-"\020\060\016\033\010\126\066\056\060\072\064\056\060\003\002\004"
-"\220\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\202\001\001\000\052\270\027\316\037\020\224\353\270\232\267"
-"\271\137\354\332\367\222\044\254\334\222\073\307\040\215\362\231"
-"\345\135\070\241\302\064\355\305\023\131\134\005\265\053\117\141"
-"\233\221\373\101\374\374\325\074\115\230\166\006\365\201\175\353"
-"\335\220\346\321\126\124\332\343\055\014\237\021\062\224\042\001"
-"\172\366\154\054\164\147\004\314\245\217\216\054\263\103\265\224"
-"\242\320\175\351\142\177\006\276\047\001\203\236\072\375\212\356"
-"\230\103\112\153\327\265\227\073\072\277\117\155\264\143\372\063"
-"\000\064\056\055\155\226\311\173\312\231\143\272\276\364\366\060"
-"\240\055\230\226\351\126\104\005\251\104\243\141\020\353\202\241"
-"\147\135\274\135\047\165\252\212\050\066\052\070\222\331\335\244"
-"\136\000\245\314\314\174\051\052\336\050\220\253\267\341\266\377"
-"\175\045\013\100\330\252\064\243\055\336\007\353\137\316\012\335"
-"\312\176\072\175\046\301\142\150\072\346\057\067\363\201\206\041"
-"\304\251\144\252\357\105\066\321\032\146\174\370\351\067\326\326"
-"\141\276\242\255\110\347\337\346\164\376\323\155\175\322\045\334"
-"\254\142\127\251\367"
-, (PRUint32)1621 }
-};
-static const NSSItem nss_builtins_items_115 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA - Entrust Implementation", (PRUint32)43 },
- { (void *)"\162\231\171\023\354\233\015\256\145\321\266\327\262\112\166\243"
-"\256\302\356\026"
-, (PRUint32)20 },
- { (void *)"\175\206\220\217\133\361\362\100\300\367\075\142\265\244\251\073"
-, (PRUint32)16 },
- { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
- { (void *)"\002\004\074\265\117\100"
-, (PRUint32)6 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_116 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA - RSA Implementation", (PRUint32)39 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
- { (void *)"\002\020\073\131\307\173\315\133\127\236\275\067\122\254\166\264"
-"\252\032"
-, (PRUint32)18 },
- { (void *)"\060\202\005\150\060\202\004\120\240\003\002\001\002\002\020\073"
-"\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\142"
-"\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125"
-"\123\124\145\144\061\033\060\031\006\003\125\004\013\023\022\142"
-"\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101"
-"\163\061\057\060\055\006\003\125\004\003\023\046\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\040\055\040"
-"\122\123\101\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\036\027\015\060\062\060\064\061\061\061\061\061\070"
-"\061\063\132\027\015\062\062\060\064\061\062\061\061\060\067\062"
-"\065\132\060\142\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\057\060\055\006\003\125\004\003\023\046"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\040\055\040\122\123\101\040\111\155\160\154\145\155\145\156"
-"\164\141\164\151\157\156\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\344\272\064\060\011\216\127\320\271"
-"\006\054\157\156\044\200\042\277\135\103\246\372\117\254\202\347"
-"\034\150\160\205\033\243\156\265\252\170\331\156\007\113\077\351"
-"\337\365\352\350\124\241\141\212\016\057\151\165\030\267\014\345"
-"\024\215\161\156\230\270\125\374\014\225\320\233\156\341\055\210"
-"\324\072\100\153\222\361\231\226\144\336\333\377\170\364\356\226"
-"\035\107\211\174\324\276\271\210\167\043\072\011\346\004\236\155"
-"\252\136\322\310\275\232\116\031\337\211\352\133\016\176\303\344"
-"\264\360\340\151\073\210\017\101\220\370\324\161\103\044\301\217"
-"\046\113\073\126\351\377\214\154\067\351\105\255\205\214\123\303"
-"\140\206\220\112\226\311\263\124\260\273\027\360\034\105\331\324"
-"\033\031\144\126\012\031\367\314\341\377\206\257\176\130\136\254"
-"\172\220\037\311\050\071\105\173\242\266\307\234\037\332\205\324"
-"\041\206\131\060\223\276\123\063\067\366\357\101\317\063\307\253"
-"\162\153\045\365\363\123\033\014\114\056\361\165\113\357\240\207"
-"\367\376\212\025\320\154\325\313\371\150\123\271\160\025\023\302"
-"\365\056\373\103\065\165\055\002\003\001\000\001\243\202\002\030"
-"\060\202\002\024\060\014\006\003\125\035\023\004\005\060\003\001"
-"\001\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060"
-"\202\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076"
-"\000\000\003\011\050\203\221\061\060\202\001\217\060\101\006\010"
-"\053\006\001\005\005\007\002\001\026\065\150\164\164\160\072\057"
-"\057\167\167\167\056\142\145\164\162\165\163\164\145\144\056\143"
-"\157\155\057\160\162\157\144\165\143\164\163\137\163\145\162\166"
-"\151\143\145\163\057\151\156\144\145\170\056\150\164\155\154\060"
-"\202\001\110\006\010\053\006\001\005\005\007\002\002\060\202\001"
-"\072\032\202\001\066\122\145\154\151\141\156\143\145\040\157\156"
-"\040\157\162\040\165\163\145\040\157\146\040\164\150\151\163\040"
-"\103\145\162\164\151\146\151\143\141\164\145\040\143\162\145\141"
-"\164\145\163\040\141\156\040\141\143\153\156\157\167\154\145\144"
-"\147\155\145\156\164\040\141\156\144\040\141\143\143\145\160\164"
-"\141\156\143\145\040\157\146\040\164\150\145\040\164\150\145\156"
-"\040\141\160\160\154\151\143\141\142\154\145\040\163\164\141\156"
-"\144\141\162\144\040\164\145\162\155\163\040\141\156\144\040\143"
-"\157\156\144\151\164\151\157\156\163\040\157\146\040\165\163\145"
-"\054\040\164\150\145\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\120\162\141\143\164\151\143\145\040\123\164\141"
-"\164\145\155\145\156\164\040\141\156\144\040\164\150\145\040\122"
-"\145\154\171\151\156\147\040\120\141\162\164\171\040\101\147\162"
-"\145\145\155\145\156\164\054\040\167\150\151\143\150\040\143\141"
-"\156\040\142\145\040\146\157\165\156\144\040\141\164\040\164\150"
-"\145\040\142\145\124\122\125\123\124\145\144\040\167\145\142\040"
-"\163\151\164\145\054\040\150\164\164\160\072\057\057\167\167\167"
-"\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160"
-"\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163"
-"\057\151\156\144\145\170\056\150\164\155\154\060\013\006\003\125"
-"\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004"
-"\030\060\026\200\024\251\354\024\176\371\331\103\314\123\053\024"
-"\255\317\367\360\131\211\101\315\031\060\035\006\003\125\035\016"
-"\004\026\004\024\251\354\024\176\371\331\103\314\123\053\024\255"
-"\317\367\360\131\211\101\315\031\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\333\227\260\165"
-"\352\014\304\301\230\312\126\005\300\250\255\046\110\257\055\040"
-"\350\201\307\266\337\103\301\054\035\165\113\324\102\215\347\172"
-"\250\164\334\146\102\131\207\263\365\151\155\331\251\236\263\175"
-"\034\061\301\365\124\342\131\044\111\345\356\275\071\246\153\212"
-"\230\104\373\233\327\052\203\227\064\055\307\175\065\114\055\064"
-"\270\076\015\304\354\210\047\257\236\222\375\120\141\202\250\140"
-"\007\024\123\314\145\023\301\366\107\104\151\322\061\310\246\335"
-"\056\263\013\336\112\215\133\075\253\015\302\065\122\242\126\067"
-"\314\062\213\050\205\102\234\221\100\172\160\053\070\066\325\341"
-"\163\032\037\345\372\176\137\334\326\234\073\060\352\333\300\133"
-"\047\134\323\163\007\301\302\363\114\233\157\237\033\312\036\252"
-"\250\070\063\011\130\262\256\374\007\350\066\334\125\272\057\117"
-"\100\376\172\275\006\246\201\301\223\042\174\206\021\012\006\167"
-"\110\256\065\267\057\062\232\141\136\213\276\051\237\051\044\210"
-"\126\071\054\250\322\253\226\003\132\324\110\237\271\100\204\013"
-"\230\150\373\001\103\326\033\342\011\261\227\034"
-, (PRUint32)1388 }
-};
-static const NSSItem nss_builtins_items_117 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA - RSA Implementation", (PRUint32)39 },
- { (void *)"\035\202\131\312\041\047\303\313\301\154\331\062\366\054\145\051"
-"\214\250\207\022"
-, (PRUint32)20 },
- { (void *)"\206\102\005\011\274\247\235\354\035\363\056\016\272\330\035\320"
-, (PRUint32)16 },
- { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
- { (void *)"\002\020\073\131\307\173\315\133\127\236\275\067\122\254\166\264"
-"\252\032"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_118 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"RSA Security 2048 v3", (PRUint32)21 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\062\060\064\070\040\126\063"
-, (PRUint32)60 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\062\060\064\070\040\126\063"
-, (PRUint32)60 },
- { (void *)"\002\020\012\001\001\001\000\000\002\174\000\000\000\012\000\000"
-"\000\002"
-, (PRUint32)18 },
- { (void *)"\060\202\003\141\060\202\002\111\240\003\002\001\002\002\020\012"
-"\001\001\001\000\000\002\174\000\000\000\012\000\000\000\002\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072"
-"\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123"
-"\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006"
-"\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151"
-"\164\171\040\062\060\064\070\040\126\063\060\036\027\015\060\061"
-"\060\062\062\062\062\060\063\071\062\063\132\027\015\062\066\060"
-"\062\062\062\062\060\063\071\062\063\132\060\072\061\031\060\027"
-"\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162"
-"\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013"
-"\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\062"
-"\060\064\070\040\126\063\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\267\217\125\161\322\200\335\173\151"
-"\171\247\360\030\120\062\074\142\147\366\012\225\007\335\346\033"
-"\363\236\331\322\101\124\153\255\237\174\276\031\315\373\106\253"
-"\101\150\036\030\352\125\310\057\221\170\211\050\373\047\051\140"
-"\377\337\217\214\073\311\111\233\265\244\224\316\001\352\076\265"
-"\143\173\177\046\375\031\335\300\041\275\204\321\055\117\106\303"
-"\116\334\330\067\071\073\050\257\313\235\032\352\053\257\041\245"
-"\301\043\042\270\270\033\132\023\207\127\203\321\360\040\347\350"
-"\117\043\102\260\000\245\175\211\351\351\141\163\224\230\161\046"
-"\274\055\152\340\367\115\360\361\266\052\070\061\201\015\051\341"
-"\000\301\121\017\114\122\370\004\132\252\175\162\323\270\207\052"
-"\273\143\020\003\052\263\241\117\015\132\136\106\267\075\016\365"
-"\164\354\231\237\371\075\044\201\210\246\335\140\124\350\225\066"
-"\075\306\011\223\232\243\022\200\000\125\231\031\107\275\320\245"
-"\174\303\272\373\037\367\365\017\370\254\271\265\364\067\230\023"
-"\030\336\205\133\267\014\202\073\207\157\225\071\130\060\332\156"
-"\001\150\027\042\314\300\013\002\003\001\000\001\243\143\060\141"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\007\303"
-"\121\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261"
-"\235\214\060\035\006\003\125\035\016\004\026\004\024\007\303\121"
-"\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261\235"
-"\214\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\202\001\001\000\137\076\206\166\156\270\065\074\116\066\034"
-"\036\171\230\277\375\325\022\021\171\122\016\356\061\211\274\335"
-"\177\371\321\306\025\041\350\212\001\124\015\072\373\124\271\326"
-"\143\324\261\252\226\115\242\102\115\324\123\037\213\020\336\177"
-"\145\276\140\023\047\161\210\244\163\343\204\143\321\244\125\341"
-"\120\223\346\033\016\171\320\147\274\106\310\277\077\027\015\225"
-"\346\306\220\151\336\347\264\057\336\225\175\320\022\077\075\076"
-"\177\115\077\024\150\365\021\120\325\301\364\220\245\010\035\061"
-"\140\377\140\214\043\124\012\257\376\241\156\305\321\172\052\150"
-"\170\317\036\202\012\040\264\037\255\345\205\262\152\150\165\116"
-"\255\045\067\224\205\276\275\241\324\352\267\014\113\074\235\350"
-"\022\000\360\137\254\015\341\254\160\143\163\367\177\171\237\062"
-"\045\102\164\005\200\050\277\275\301\044\226\130\025\261\027\041"
-"\351\211\113\333\007\210\147\364\025\255\160\076\057\115\205\073"
-"\302\267\333\376\230\150\043\211\341\164\017\336\364\305\204\143"
-"\051\033\314\313\007\311\000\244\251\327\302\042\117\147\327\167"
-"\354\040\005\141\336"
-, (PRUint32)869 }
-};
-static const NSSItem nss_builtins_items_119 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"RSA Security 2048 v3", (PRUint32)21 },
- { (void *)"\045\001\220\031\317\373\331\231\034\267\150\045\164\215\224\137"
-"\060\223\225\102"
-, (PRUint32)20 },
- { (void *)"\167\015\031\261\041\375\000\102\234\076\014\245\335\013\002\216"
-, (PRUint32)16 },
- { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\062\060\064\070\040\126\063"
-, (PRUint32)60 },
- { (void *)"\002\020\012\001\001\001\000\000\002\174\000\000\000\012\000\000"
-"\000\002"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_120 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"RSA Security 1024 v3", (PRUint32)21 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\061\060\062\064\040\126\063"
-, (PRUint32)60 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\061\060\062\064\040\126\063"
-, (PRUint32)60 },
- { (void *)"\002\020\012\001\001\001\000\000\002\174\000\000\000\013\000\000"
-"\000\002"
-, (PRUint32)18 },
- { (void *)"\060\202\002\134\060\202\001\305\240\003\002\001\002\002\020\012"
-"\001\001\001\000\000\002\174\000\000\000\013\000\000\000\002\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072"
-"\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123"
-"\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006"
-"\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151"
-"\164\171\040\061\060\062\064\040\126\063\060\036\027\015\060\061"
-"\060\062\062\062\062\061\060\061\064\071\132\027\015\062\066\060"
-"\062\062\062\062\060\060\061\064\071\132\060\072\061\031\060\027"
-"\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162"
-"\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013"
-"\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\061"
-"\060\062\064\040\126\063\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\325\335\376\146\011\317\044\074\076\256\201\116\116"
-"\212\304\151\200\133\131\073\337\271\115\114\312\265\055\303\047"
-"\055\074\257\000\102\155\274\050\246\226\317\177\327\130\254\203"
-"\012\243\125\265\173\027\220\025\204\114\212\356\046\231\334\130"
-"\357\307\070\246\252\257\320\216\102\310\142\327\253\254\251\373"
-"\112\175\277\352\376\022\115\335\377\046\055\157\066\124\150\310"
-"\322\204\126\356\222\123\141\011\263\077\071\233\250\311\233\275"
-"\316\237\176\324\031\152\026\051\030\276\327\072\151\334\045\133"
-"\063\032\121\002\003\001\000\001\243\143\060\141\060\017\006\003"
-"\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006"
-"\003\125\035\017\001\001\377\004\004\003\002\001\006\060\037\006"
-"\003\125\035\043\004\030\060\026\200\024\304\300\034\244\007\224"
-"\375\315\115\001\324\124\332\245\014\137\336\256\005\132\060\035"
-"\006\003\125\035\016\004\026\004\024\304\300\034\244\007\224\375"
-"\315\115\001\324\124\332\245\014\137\336\256\005\132\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000"
-"\077\055\152\343\046\103\225\175\211\227\145\373\165\344\162\035"
-"\106\127\304\141\153\151\237\022\233\054\325\132\350\300\242\360"
-"\103\225\343\037\351\166\315\334\353\274\223\240\145\012\307\115"
-"\117\137\247\257\242\106\024\271\014\363\314\275\152\156\267\235"
-"\336\045\102\320\124\377\236\150\163\143\334\044\353\042\277\250"
-"\162\362\136\000\341\015\116\072\103\156\231\116\077\211\170\003"
-"\230\312\363\125\314\235\256\216\301\252\105\230\372\217\032\240"
-"\215\210\043\361\025\101\015\245\106\076\221\077\213\353\367\161"
-, (PRUint32)608 }
-};
-static const NSSItem nss_builtins_items_121 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"RSA Security 1024 v3", (PRUint32)21 },
- { (void *)"\074\273\135\340\374\326\071\174\005\210\345\146\227\275\106\052"
-"\275\371\134\166"
-, (PRUint32)20 },
- { (void *)"\072\345\120\260\071\276\307\106\066\063\241\376\202\076\215\224"
-, (PRUint32)16 },
- { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\061\060\062\064\040\126\063"
-, (PRUint32)60 },
- { (void *)"\002\020\012\001\001\001\000\000\002\174\000\000\000\013\000\000"
-"\000\002"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_122 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GeoTrust Global CA", (PRUint32)19 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
-"\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003"
-"\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141"
-"\154\040\103\101"
-, (PRUint32)68 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
-"\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003"
-"\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141"
-"\154\040\103\101"
-, (PRUint32)68 },
- { (void *)"\002\003\002\064\126"
-, (PRUint32)5 },
- { (void *)"\060\202\003\124\060\202\002\074\240\003\002\001\002\002\003\002"
-"\064\126\060\015\006\011\052\206\110\206\367\015\001\001\005\005"
-"\000\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162"
-"\165\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004"
-"\003\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\103\101\060\036\027\015\060\062\060\065\062\061\060"
-"\064\060\060\060\060\132\027\015\062\062\060\065\062\061\060\064"
-"\060\060\060\060\132\060\102\061\013\060\011\006\003\125\004\006"
-"\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015\107"
-"\145\157\124\162\165\163\164\040\111\156\143\056\061\033\060\031"
-"\006\003\125\004\003\023\022\107\145\157\124\162\165\163\164\040"
-"\107\154\157\142\141\154\040\103\101\060\202\001\042\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017"
-"\000\060\202\001\012\002\202\001\001\000\332\314\030\143\060\375"
-"\364\027\043\032\126\176\133\337\074\154\070\344\161\267\170\221"
-"\324\274\241\330\114\370\250\103\266\003\351\115\041\007\010\210"
-"\332\130\057\146\071\051\275\005\170\213\235\070\350\005\267\152"
-"\176\161\244\346\304\140\246\260\357\200\344\211\050\017\236\045"
-"\326\355\203\363\255\246\221\307\230\311\102\030\065\024\235\255"
-"\230\106\222\056\117\312\361\207\103\301\026\225\127\055\120\357"
-"\211\055\200\172\127\255\362\356\137\153\322\000\215\271\024\370"
-"\024\025\065\331\300\106\243\173\162\310\221\277\311\125\053\315"
-"\320\227\076\234\046\144\314\337\316\203\031\161\312\116\346\324"
-"\325\173\251\031\315\125\336\310\354\322\136\070\123\345\134\117"
-"\214\055\376\120\043\066\374\146\346\313\216\244\071\031\000\267"
-"\225\002\071\221\013\016\376\070\056\321\035\005\232\366\115\076"
-"\157\017\007\035\257\054\036\217\140\071\342\372\066\123\023\071"
-"\324\136\046\053\333\075\250\024\275\062\353\030\003\050\122\004"
-"\161\345\253\063\075\341\070\273\007\066\204\142\234\171\352\026"
-"\060\364\137\300\053\350\161\153\344\371\002\003\001\000\001\243"
-"\123\060\121\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\300"
-"\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145\270"
-"\312\314\116\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\300\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145"
-"\270\312\314\116\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\001\001\000\065\343\051\152\345\057\135\124"
-"\216\051\120\224\237\231\032\024\344\217\170\052\142\224\242\047"
-"\147\236\320\317\032\136\107\351\301\262\244\317\335\101\032\005"
-"\116\233\113\356\112\157\125\122\263\044\241\067\012\353\144\166"
-"\052\056\054\363\375\073\165\220\277\372\161\330\307\075\067\322"
-"\265\005\225\142\271\246\336\211\075\066\173\070\167\110\227\254"
-"\246\040\217\056\246\311\014\302\262\231\105\000\307\316\021\121"
-"\042\042\340\245\352\266\025\110\011\144\352\136\117\164\367\005"
-"\076\307\212\122\014\333\025\264\275\155\233\345\306\261\124\150"
-"\251\343\151\220\266\232\245\017\270\271\077\040\175\256\112\265"
-"\270\234\344\035\266\253\346\224\245\301\307\203\255\333\365\047"
-"\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002"
-"\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115"
-"\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325"
-"\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013"
-"\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355"
-"\302\005\146\200\241\313\346\063"
-, (PRUint32)856 }
-};
-static const NSSItem nss_builtins_items_123 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GeoTrust Global CA", (PRUint32)19 },
- { (void *)"\336\050\364\244\377\345\271\057\243\305\003\321\243\111\247\371"
-"\226\052\202\022"
-, (PRUint32)20 },
- { (void *)"\367\165\253\051\373\121\116\267\167\136\377\005\074\231\216\365"
-, (PRUint32)16 },
- { (void *)"\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
-"\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003"
-"\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141"
-"\154\040\103\101"
-, (PRUint32)68 },
- { (void *)"\002\003\002\064\126"
-, (PRUint32)5 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_124 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"UTN-USER First-Network Applications", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060"
-"\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153"
-"\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023"
-"\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116"
-"\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023"
-"\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162"
-"\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125"
-"\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163"
-"\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143"
-"\141\164\151\157\156\163"
-, (PRUint32)166 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060"
-"\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153"
-"\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023"
-"\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116"
-"\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023"
-"\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162"
-"\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125"
-"\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163"
-"\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143"
-"\141\164\151\157\156\163"
-, (PRUint32)166 },
- { (void *)"\002\020\104\276\014\213\120\000\044\264\021\323\066\060\113\300"
-"\063\167"
-, (PRUint32)18 },
- { (void *)"\060\202\004\144\060\202\003\114\240\003\002\001\002\002\020\104"
-"\276\014\213\120\000\044\264\021\323\066\060\113\300\063\167\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201"
-"\243\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013"
-"\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006"
-"\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040"
-"\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124"
-"\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150"
-"\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162"
-"\165\163\164\056\143\157\155\061\053\060\051\006\003\125\004\003"
-"\023\042\125\124\116\055\125\123\105\122\106\151\162\163\164\055"
-"\116\145\164\167\157\162\153\040\101\160\160\154\151\143\141\164"
-"\151\157\156\163\060\036\027\015\071\071\060\067\060\071\061\070"
-"\064\070\063\071\132\027\015\061\071\060\067\060\071\061\070\065"
-"\067\064\071\132\060\201\243\061\013\060\011\006\003\125\004\006"
-"\023\002\125\123\061\013\060\011\006\003\125\004\010\023\002\125"
-"\124\061\027\060\025\006\003\125\004\007\023\016\123\141\154\164"
-"\040\114\141\153\145\040\103\151\164\171\061\036\060\034\006\003"
-"\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122\125"
-"\123\124\040\116\145\164\167\157\162\153\061\041\060\037\006\003"
-"\125\004\013\023\030\150\164\164\160\072\057\057\167\167\167\056"
-"\165\163\145\162\164\162\165\163\164\056\143\157\155\061\053\060"
-"\051\006\003\125\004\003\023\042\125\124\116\055\125\123\105\122"
-"\106\151\162\163\164\055\116\145\164\167\157\162\153\040\101\160"
-"\160\154\151\143\141\164\151\157\156\163\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\263\373\221\241\344"
-"\066\125\205\254\006\064\133\240\232\130\262\370\265\017\005\167"
-"\203\256\062\261\166\222\150\354\043\112\311\166\077\343\234\266"
-"\067\171\003\271\253\151\215\007\045\266\031\147\344\260\033\030"
-"\163\141\112\350\176\315\323\057\144\343\246\174\014\372\027\200"
-"\243\015\107\211\117\121\161\057\356\374\077\371\270\026\200\207"
-"\211\223\045\040\232\103\202\151\044\166\050\131\065\241\035\300"
-"\177\203\006\144\026\040\054\323\111\244\205\264\300\141\177\121"
-"\010\370\150\025\221\200\313\245\325\356\073\072\364\204\004\136"
-"\140\131\247\214\064\162\356\270\170\305\321\073\022\112\157\176"
-"\145\047\271\244\125\305\271\157\103\244\305\035\054\231\300\122"
-"\244\170\114\025\263\100\230\010\153\103\306\001\260\172\173\365"
-"\153\034\042\077\313\357\377\250\320\072\113\166\025\236\322\321"
-"\306\056\343\333\127\033\062\242\270\157\350\206\246\077\160\253"
-"\345\160\222\253\104\036\100\120\373\234\243\142\344\154\156\240"
-"\310\336\342\200\102\372\351\057\350\316\062\004\217\174\215\267"
-"\034\243\065\074\025\335\236\303\256\227\245\002\003\001\000\001"
-"\243\201\221\060\201\216\060\013\006\003\125\035\017\004\004\003"
-"\002\001\306\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\372"
-"\206\311\333\340\272\351\170\365\113\250\326\025\337\360\323\341"
-"\152\024\074\060\117\006\003\125\035\037\004\110\060\106\060\104"
-"\240\102\240\100\206\076\150\164\164\160\072\057\057\143\162\154"
-"\056\165\163\145\162\164\162\165\163\164\056\143\157\155\057\125"
-"\124\116\055\125\123\105\122\106\151\162\163\164\055\116\145\164"
-"\167\157\162\153\101\160\160\154\151\143\141\164\151\157\156\163"
-"\056\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\001\001\000\244\363\045\314\321\324\221\203"
-"\042\320\314\062\253\233\226\116\064\221\124\040\045\064\141\137"
-"\052\002\025\341\213\252\377\175\144\121\317\012\377\274\175\330"
-"\041\152\170\313\057\121\157\370\102\035\063\275\353\265\173\224"
-"\303\303\251\240\055\337\321\051\037\035\376\217\077\273\250\105"
-"\052\177\321\156\125\044\342\273\002\373\061\077\276\350\274\354"
-"\100\053\370\001\324\126\070\344\312\104\202\265\141\040\041\147"
-"\145\366\360\013\347\064\370\245\302\234\243\134\100\037\205\223"
-"\225\006\336\117\324\047\251\266\245\374\026\315\163\061\077\270"
-"\145\047\317\324\123\032\360\254\156\237\117\005\014\003\201\247"
-"\204\051\304\132\275\144\127\162\255\073\317\067\030\246\230\306"
-"\255\006\264\334\010\243\004\325\051\244\226\232\022\147\112\214"
-"\140\105\235\361\043\232\260\000\234\150\265\230\120\323\357\216"
-"\056\222\145\261\110\076\041\276\025\060\052\015\265\014\243\153"
-"\077\256\177\127\365\037\226\174\337\157\335\202\060\054\145\033"
-"\100\112\315\150\271\162\354\161\166\354\124\216\037\205\014\001"
-"\152\372\246\070\254\037\304\204"
-, (PRUint32)1128 }
-};
-static const NSSItem nss_builtins_items_125 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"UTN-USER First-Network Applications", (PRUint32)36 },
- { (void *)"\135\230\234\333\025\226\021\066\121\145\144\033\126\017\333\352"
-"\052\302\076\361"
-, (PRUint32)20 },
- { (void *)"\277\140\131\243\133\272\366\247\166\102\332\157\032\173\120\317"
-, (PRUint32)16 },
- { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060"
-"\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153"
-"\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023"
-"\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116"
-"\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023"
-"\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162"
-"\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125"
-"\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163"
-"\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143"
-"\141\164\151\157\156\163"
-, (PRUint32)166 },
- { (void *)"\002\020\104\276\014\213\120\000\044\264\021\323\066\060\113\300"
-"\063\167"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_126 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"America Online Root Certification Authority 1", (PRUint32)46 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060"
-"\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040"
-"\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\061"
-, (PRUint32)101 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060"
-"\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040"
-"\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\061"
-, (PRUint32)101 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\003\244\060\202\002\214\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143\141"
-"\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060\064"
-"\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040\117"
-"\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\061\060\036\027\015\060\062\060\065\062\070\060\066"
-"\060\060\060\060\132\027\015\063\067\061\061\061\071\062\060\064"
-"\063\060\060\132\060\143\061\013\060\011\006\003\125\004\006\023"
-"\002\125\123\061\034\060\032\006\003\125\004\012\023\023\101\155"
-"\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156\143"
-"\056\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162"
-"\151\143\141\040\117\156\154\151\156\145\040\122\157\157\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171\040\061\060\202\001\042\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017"
-"\000\060\202\001\012\002\202\001\001\000\250\057\350\244\151\006"
-"\003\107\303\351\052\230\377\031\242\160\232\306\120\262\176\245"
-"\337\150\115\033\174\017\266\227\150\175\055\246\213\227\351\144"
-"\206\311\243\357\240\206\277\140\145\234\113\124\210\302\110\305"
-"\112\071\277\024\343\131\125\345\031\264\164\310\264\005\071\134"
-"\026\245\342\225\005\340\022\256\131\213\242\063\150\130\034\246"
-"\324\025\267\330\237\327\334\161\253\176\232\277\233\216\063\017"
-"\042\375\037\056\347\007\066\357\142\071\305\335\313\272\045\024"
-"\043\336\014\306\075\074\316\202\010\346\146\076\332\121\073\026"
-"\072\243\005\177\240\334\207\325\234\374\162\251\240\175\170\344"
-"\267\061\125\036\145\273\324\141\260\041\140\355\020\062\162\305"
-"\222\045\036\370\220\112\030\170\107\337\176\060\067\076\120\033"
-"\333\034\323\153\232\206\123\007\260\357\254\006\170\370\204\231"
-"\376\041\215\114\200\266\014\202\366\146\160\171\032\323\117\243"
-"\317\361\317\106\260\113\017\076\335\210\142\270\214\251\011\050"
-"\073\172\307\227\341\036\345\364\237\300\300\256\044\240\310\241"
-"\331\017\326\173\046\202\151\062\075\247\002\003\001\000\001\243"
-"\143\060\141\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\000"
-"\255\331\243\366\171\366\156\164\251\177\063\075\201\027\327\114"
-"\317\063\336\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\000\255\331\243\366\171\366\156\164\251\177\063\075\201\027\327"
-"\114\317\063\336\060\016\006\003\125\035\017\001\001\377\004\004"
-"\003\002\001\206\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\001\001\000\174\212\321\037\030\067\202\340"
-"\270\260\243\355\126\225\310\142\141\234\005\242\315\302\142\046"
-"\141\315\020\026\327\314\264\145\064\320\021\212\255\250\251\005"
-"\146\357\164\363\155\137\235\231\257\366\213\373\353\122\262\005"
-"\230\242\157\052\305\124\275\045\275\137\256\310\206\352\106\054"
-"\301\263\275\301\351\111\160\030\026\227\010\023\214\040\340\033"
-"\056\072\107\313\036\344\000\060\225\133\364\105\243\300\032\260"
-"\001\116\253\275\300\043\156\143\077\200\112\305\007\355\334\342"
-"\157\307\301\142\361\343\162\326\004\310\164\147\013\372\210\253"
-"\241\001\310\157\360\024\257\322\231\315\121\223\176\355\056\070"
-"\307\275\316\106\120\075\162\343\171\045\235\233\210\053\020\040"
-"\335\245\270\062\237\215\340\051\337\041\164\206\202\333\057\202"
-"\060\306\307\065\206\263\371\226\137\106\333\014\105\375\363\120"
-"\303\157\306\303\110\255\106\246\341\047\107\012\035\016\233\266"
-"\302\167\177\143\362\340\175\032\276\374\340\337\327\307\247\154"
-"\260\371\256\272\074\375\164\264\021\350\130\015\200\274\323\250"
-"\200\072\231\355\165\314\106\173"
-, (PRUint32)936 }
-};
-static const NSSItem nss_builtins_items_127 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"America Online Root Certification Authority 1", (PRUint32)46 },
- { (void *)"\071\041\301\025\301\135\016\312\134\313\133\304\360\175\041\330"
-"\005\013\126\152"
-, (PRUint32)20 },
- { (void *)"\024\361\010\255\235\372\144\342\211\347\034\317\250\255\175\136"
-, (PRUint32)16 },
- { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060"
-"\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040"
-"\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\061"
-, (PRUint32)101 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_128 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"America Online Root Certification Authority 2", (PRUint32)46 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060"
-"\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040"
-"\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\062"
-, (PRUint32)101 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060"
-"\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040"
-"\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\062"
-, (PRUint32)101 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\005\244\060\202\003\214\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143\141"
-"\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060\064"
-"\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040\117"
-"\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\062\060\036\027\015\060\062\060\065\062\070\060\066"
-"\060\060\060\060\132\027\015\063\067\060\071\062\071\061\064\060"
-"\070\060\060\132\060\143\061\013\060\011\006\003\125\004\006\023"
-"\002\125\123\061\034\060\032\006\003\125\004\012\023\023\101\155"
-"\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156\143"
-"\056\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162"
-"\151\143\141\040\117\156\154\151\156\145\040\122\157\157\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171\040\062\060\202\002\042\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017"
-"\000\060\202\002\012\002\202\002\001\000\314\101\105\035\351\075"
-"\115\020\366\214\261\101\311\340\136\313\015\267\277\107\163\323"
-"\360\125\115\335\306\014\372\261\146\005\152\315\170\264\334\002"
-"\333\116\201\363\327\247\174\161\274\165\143\240\135\343\007\014"
-"\110\354\045\304\003\040\364\377\016\073\022\377\233\215\341\306"
-"\325\033\264\155\042\343\261\333\177\041\144\257\206\274\127\042"
-"\052\326\107\201\127\104\202\126\123\275\206\024\001\013\374\177"
-"\164\244\132\256\361\272\021\265\233\130\132\200\264\067\170\011"
-"\063\174\062\107\003\134\304\245\203\110\364\127\126\156\201\066"
-"\047\030\117\354\233\050\302\324\264\327\174\014\076\014\053\337"
-"\312\004\327\306\216\352\130\116\250\244\245\030\034\154\105\230"
-"\243\101\321\055\322\307\155\215\031\361\255\171\267\201\077\275"
-"\006\202\047\055\020\130\005\265\170\005\271\057\333\014\153\220"
-"\220\176\024\131\070\273\224\044\023\345\321\235\024\337\323\202"
-"\115\106\360\200\071\122\062\017\343\204\262\172\103\362\136\336"
-"\137\077\035\335\343\262\033\240\241\052\043\003\156\056\001\025"
-"\207\134\246\165\165\307\227\141\276\336\206\334\324\110\333\275"
-"\052\277\112\125\332\350\175\120\373\264\200\027\270\224\277\001"
-"\075\352\332\272\174\340\130\147\027\271\130\340\210\206\106\147"
-"\154\235\020\107\130\062\320\065\174\171\052\220\242\132\020\021"
-"\043\065\255\057\314\344\112\133\247\310\047\362\203\336\136\273"
-"\136\167\347\350\245\156\143\302\015\135\141\320\214\322\154\132"
-"\041\016\312\050\243\316\052\351\225\307\110\317\226\157\035\222"
-"\045\310\306\306\301\301\014\005\254\046\304\322\165\322\341\052"
-"\147\300\075\133\245\232\353\317\173\032\250\235\024\105\345\017"
-"\240\232\145\336\057\050\275\316\157\224\146\203\110\051\330\352"
-"\145\214\257\223\331\144\237\125\127\046\277\157\313\067\061\231"
-"\243\140\273\034\255\211\064\062\142\270\103\041\006\162\014\241"
-"\134\155\106\305\372\051\317\060\336\211\334\161\133\335\266\067"
-"\076\337\120\365\270\007\045\046\345\274\265\376\074\002\263\267"
-"\370\276\103\301\207\021\224\236\043\154\027\212\270\212\047\014"
-"\124\107\360\251\263\300\200\214\240\047\353\035\031\343\007\216"
-"\167\160\312\053\364\175\166\340\170\147\002\003\001\000\001\243"
-"\143\060\141\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\115"
-"\105\301\150\070\273\163\251\151\241\040\347\355\365\042\241\043"
-"\024\327\236\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\115\105\301\150\070\273\163\251\151\241\040\347\355\365\042\241"
-"\043\024\327\236\060\016\006\003\125\035\017\001\001\377\004\004"
-"\003\002\001\206\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\002\001\000\147\153\006\271\137\105\073\052"
-"\113\063\263\346\033\153\131\116\042\314\271\267\244\045\311\247"
-"\304\360\124\226\013\144\363\261\130\117\136\121\374\262\227\173"
-"\047\145\302\345\312\347\015\014\045\173\142\343\372\237\264\207"
-"\267\105\106\257\203\245\227\110\214\245\275\361\026\053\233\166"
-"\054\172\065\140\154\021\200\227\314\251\222\122\346\053\346\151"
-"\355\251\370\066\055\054\167\277\141\110\321\143\013\271\133\122"
-"\355\030\260\103\102\042\246\261\167\256\336\151\305\315\307\034"
-"\241\261\245\034\020\373\030\276\032\160\335\301\222\113\276\051"
-"\132\235\077\065\276\345\175\121\370\125\340\045\165\043\207\036"
-"\134\334\272\235\260\254\263\151\333\027\203\311\367\336\014\274"
-"\010\334\221\236\250\320\327\025\067\163\245\065\270\374\176\305"
-"\104\100\006\303\353\370\042\200\134\107\316\002\343\021\237\104"
-"\377\375\232\062\314\175\144\121\016\353\127\046\166\072\343\036"
-"\042\074\302\246\066\335\031\357\247\374\022\363\046\300\131\061"
-"\205\114\234\330\317\337\244\314\314\051\223\377\224\155\166\134"
-"\023\010\227\362\355\245\013\115\335\350\311\150\016\146\323\000"
-"\016\063\022\133\274\225\345\062\220\250\263\306\154\203\255\167"
-"\356\213\176\176\261\251\253\323\341\361\266\300\261\352\210\300"
-"\347\323\220\351\050\222\224\173\150\173\227\052\012\147\055\205"
-"\002\070\020\344\003\141\324\332\045\066\307\010\130\055\241\247"
-"\121\257\060\012\111\365\246\151\207\007\055\104\106\166\216\052"
-"\345\232\073\327\030\242\374\234\070\020\314\306\073\322\265\027"
-"\072\157\375\256\045\275\365\162\131\144\261\164\052\070\137\030"
-"\114\337\317\161\004\132\066\324\277\057\231\234\350\331\272\261"
-"\225\346\002\113\041\241\133\325\301\117\217\256\151\155\123\333"
-"\001\223\265\134\036\030\335\144\132\312\030\050\076\143\004\021"
-"\375\034\215\000\017\270\067\337\147\212\235\146\251\002\152\221"
-"\377\023\312\057\135\203\274\207\223\154\334\044\121\026\004\045"
-"\146\372\263\331\302\272\051\276\232\110\070\202\231\364\277\073"
-"\112\061\031\371\277\216\041\063\024\312\117\124\137\373\316\373"
-"\217\161\177\375\136\031\240\017\113\221\270\304\124\274\006\260"
-"\105\217\046\221\242\216\376\251"
-, (PRUint32)1448 }
-};
-static const NSSItem nss_builtins_items_129 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"America Online Root Certification Authority 2", (PRUint32)46 },
- { (void *)"\205\265\377\147\233\014\171\226\037\310\156\104\042\000\106\023"
-"\333\027\222\204"
-, (PRUint32)20 },
- { (void *)"\326\355\074\312\342\146\017\257\020\103\015\167\233\004\011\277"
-, (PRUint32)16 },
- { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060"
-"\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040"
-"\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\062"
-, (PRUint32)101 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_130 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa eCommerce Root", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145"
-"\103\157\155\155\145\162\143\145\040\122\157\157\164"
-, (PRUint32)109 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145"
-"\103\157\155\155\145\162\143\145\040\122\157\157\164"
-, (PRUint32)109 },
- { (void *)"\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220"
-"\034\142"
-, (PRUint32)18 },
- { (void *)"\060\202\003\242\060\202\002\212\240\003\002\001\002\002\020\023"
-"\206\065\115\035\077\006\362\301\371\145\005\325\220\034\142\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\153"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015\060"
-"\013\006\003\125\004\012\023\004\126\111\123\101\061\057\060\055"
-"\006\003\125\004\013\023\046\126\151\163\141\040\111\156\164\145"
-"\162\156\141\164\151\157\156\141\154\040\123\145\162\166\151\143"
-"\145\040\101\163\163\157\143\151\141\164\151\157\156\061\034\060"
-"\032\006\003\125\004\003\023\023\126\151\163\141\040\145\103\157"
-"\155\155\145\162\143\145\040\122\157\157\164\060\036\027\015\060"
-"\062\060\066\062\066\060\062\061\070\063\066\132\027\015\062\062"
-"\060\066\062\064\060\060\061\066\061\062\132\060\153\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\015\060\013\006\003"
-"\125\004\012\023\004\126\111\123\101\061\057\060\055\006\003\125"
-"\004\013\023\046\126\151\163\141\040\111\156\164\145\162\156\141"
-"\164\151\157\156\141\154\040\123\145\162\166\151\143\145\040\101"
-"\163\163\157\143\151\141\164\151\157\156\061\034\060\032\006\003"
-"\125\004\003\023\023\126\151\163\141\040\145\103\157\155\155\145"
-"\162\143\145\040\122\157\157\164\060\202\001\042\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000"
-"\060\202\001\012\002\202\001\001\000\257\127\336\126\036\156\241"
-"\332\140\261\224\047\313\027\333\007\077\200\205\117\310\234\266"
-"\320\364\157\117\317\231\330\341\333\302\110\134\072\254\071\063"
-"\307\037\152\213\046\075\053\065\365\110\261\221\301\002\116\004"
-"\226\221\173\260\063\360\261\024\116\021\157\265\100\257\033\105"
-"\245\112\357\176\266\254\362\240\037\130\077\022\106\140\074\215"
-"\241\340\175\317\127\076\063\036\373\107\361\252\025\227\007\125"
-"\146\245\265\055\056\330\200\131\262\247\015\267\106\354\041\143"
-"\377\065\253\245\002\317\052\364\114\376\173\365\224\135\204\115"
-"\250\362\140\217\333\016\045\074\237\163\161\317\224\337\112\352"
-"\333\337\162\070\214\363\226\275\361\027\274\322\272\073\105\132"
-"\306\247\366\306\027\213\001\235\374\031\250\052\203\026\270\072"
-"\110\376\116\076\240\253\006\031\351\123\363\200\023\007\355\055"
-"\277\077\012\074\125\040\071\054\054\000\151\164\225\112\274\040"
-"\262\251\171\345\030\211\221\250\334\034\115\357\273\176\067\013"
-"\135\376\071\245\210\122\214\000\154\354\030\174\101\275\366\213"
-"\165\167\272\140\235\204\347\376\055\002\003\001\000\001\243\102"
-"\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003"
-"\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003"
-"\002\001\006\060\035\006\003\125\035\016\004\026\004\024\025\070"
-"\203\017\077\054\077\160\063\036\315\106\376\007\214\040\340\327"
-"\303\267\060\015\006\011\052\206\110\206\367\015\001\001\005\005"
-"\000\003\202\001\001\000\137\361\101\175\174\134\010\271\053\340"
-"\325\222\107\372\147\134\245\023\303\003\041\233\053\114\211\106"
-"\317\131\115\311\376\245\100\266\143\315\335\161\050\225\147\021"
-"\314\044\254\323\104\154\161\256\001\040\153\003\242\217\030\267"
-"\051\072\175\345\026\140\123\170\074\300\257\025\203\367\217\122"
-"\063\044\275\144\223\227\356\213\367\333\030\250\155\161\263\367"
-"\054\027\320\164\045\151\367\376\153\074\224\276\115\113\101\214"
-"\116\342\163\320\343\220\042\163\103\315\363\357\352\163\316\105"
-"\212\260\246\111\377\114\175\235\161\210\304\166\035\220\133\035"
-"\356\375\314\367\356\375\140\245\261\172\026\161\321\026\320\174"
-"\022\074\154\151\227\333\256\137\071\232\160\057\005\074\031\106"
-"\004\231\040\066\320\140\156\141\006\273\026\102\214\160\367\060"
-"\373\340\333\146\243\000\001\275\346\054\332\221\137\240\106\213"
-"\115\152\234\075\075\335\005\106\376\166\277\240\012\074\344\000"
-"\346\047\267\377\204\055\336\272\042\047\226\020\161\353\042\355"
-"\337\337\063\234\317\343\255\256\216\324\216\346\117\121\257\026"
-"\222\340\134\366\007\017"
-, (PRUint32)934 }
-};
-static const NSSItem nss_builtins_items_131 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa eCommerce Root", (PRUint32)20 },
- { (void *)"\160\027\233\206\214\000\244\372\140\221\122\042\077\237\076\062"
-"\275\340\005\142"
-, (PRUint32)20 },
- { (void *)"\374\021\270\330\010\223\060\000\155\043\371\176\353\122\036\002"
-, (PRUint32)16 },
- { (void *)"\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145"
-"\103\157\155\155\145\162\143\145\040\122\157\157\164"
-, (PRUint32)109 },
- { (void *)"\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220"
-"\034\142"
-, (PRUint32)18 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_132 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002\002\003\352"
-, (PRUint32)4 },
- { (void *)"\060\202\003\134\060\202\002\305\240\003\002\001\002\002\002\003"
-"\352\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000"
-"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060"
-"\036\027\015\071\070\060\063\060\071\061\061\065\071\065\071\132"
-"\027\015\061\061\060\061\060\061\061\061\065\071\065\071\132\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201"
-"\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\201\215\000\060\201\211\002\201\201\000\332\070\350\355\062"
-"\000\051\161\203\001\015\277\214\001\334\332\306\255\071\244\251"
-"\212\057\325\213\134\150\137\120\306\142\365\146\275\312\221\042"
-"\354\252\035\121\327\075\263\121\262\203\116\135\313\111\260\360"
-"\114\125\345\153\055\307\205\013\060\034\222\116\202\324\312\002"
-"\355\367\157\276\334\340\343\024\270\005\123\362\232\364\126\213"
-"\132\236\205\223\321\264\202\126\256\115\273\250\113\127\026\274"
-"\376\370\130\236\370\051\215\260\173\315\170\311\117\254\213\147"
-"\014\361\234\373\374\127\233\127\134\117\015\002\003\001\000\001"
-"\243\153\060\151\060\017\006\003\125\035\023\001\001\377\004\005"
-"\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004"
-"\004\003\002\001\206\060\063\006\011\140\206\110\001\206\370\102"
-"\001\010\004\046\026\044\150\164\164\160\072\057\057\167\167\167"
-"\056\164\162\165\163\164\143\145\156\164\145\162\056\144\145\057"
-"\147\165\151\144\145\154\151\156\145\163\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\015\006"
-"\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201\000"
-"\204\122\373\050\337\377\037\165\001\274\001\276\004\126\227\152"
-"\164\102\044\061\203\371\106\261\006\212\211\317\226\054\063\277"
-"\214\265\137\172\162\241\205\006\316\206\370\005\216\350\371\045"
-"\312\332\203\214\006\254\353\066\155\205\221\064\004\066\364\102"
-"\360\370\171\056\012\110\134\253\314\121\117\170\166\240\331\254"
-"\031\275\052\321\151\004\050\221\312\066\020\047\200\127\133\322"
-"\134\365\302\133\253\144\201\143\164\121\364\227\277\315\022\050"
-"\367\115\146\177\247\360\034\001\046\170\262\146\107\160\121\144"
-, (PRUint32)864 }
-};
-static const NSSItem nss_builtins_items_133 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
- { (void *)"\203\216\060\367\177\335\024\252\070\136\321\105\000\234\016\042"
-"\066\111\117\252"
-, (PRUint32)20 },
- { (void *)"\270\026\063\114\114\114\362\330\323\115\006\264\246\133\100\003"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002\002\003\352"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_134 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002\002\003\353"
-, (PRUint32)4 },
- { (void *)"\060\202\003\134\060\202\002\305\240\003\002\001\002\002\002\003"
-"\353\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000"
-"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060"
-"\036\027\015\071\070\060\063\060\071\061\061\065\071\065\071\132"
-"\027\015\061\061\060\061\060\061\061\061\065\071\065\071\132\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201"
-"\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\201\215\000\060\201\211\002\201\201\000\266\264\301\065\005"
-"\056\015\215\354\240\100\152\034\016\047\246\120\222\153\120\033"
-"\007\336\056\347\166\314\340\332\374\204\250\136\214\143\152\053"
-"\115\331\116\002\166\021\301\013\362\215\171\312\000\266\361\260"
-"\016\327\373\244\027\075\257\253\151\172\226\047\277\257\063\241"
-"\232\052\131\252\304\265\067\010\362\022\245\061\266\103\365\062"
-"\226\161\050\050\253\215\050\206\337\273\356\343\014\175\060\326"
-"\303\122\253\217\135\047\234\153\300\243\347\005\153\127\111\104"
-"\263\156\352\144\317\322\216\172\120\167\167\002\003\001\000\001"
-"\243\153\060\151\060\017\006\003\125\035\023\001\001\377\004\005"
-"\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004"
-"\004\003\002\001\206\060\063\006\011\140\206\110\001\206\370\102"
-"\001\010\004\046\026\044\150\164\164\160\072\057\057\167\167\167"
-"\056\164\162\165\163\164\143\145\156\164\145\162\056\144\145\057"
-"\147\165\151\144\145\154\151\156\145\163\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\015\006"
-"\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201\000"
-"\026\075\306\315\301\273\205\161\205\106\237\076\040\217\121\050"
-"\231\354\055\105\041\143\043\133\004\273\114\220\270\210\222\004"
-"\115\275\175\001\243\077\366\354\316\361\336\376\175\345\341\076"
-"\273\306\253\136\013\335\075\226\304\313\251\324\371\046\346\006"
-"\116\236\014\245\172\272\156\303\174\202\031\321\307\261\261\303"
-"\333\015\216\233\100\174\067\013\361\135\350\375\037\220\210\245"
-"\016\116\067\144\041\250\116\215\264\237\361\336\110\255\325\126"
-"\030\122\051\213\107\064\022\011\324\273\222\065\357\017\333\064"
-, (PRUint32)864 }
-};
-static const NSSItem nss_builtins_items_135 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
- { (void *)"\237\307\226\350\370\122\117\206\072\341\111\155\070\022\102\020"
-"\137\033\170\365"
-, (PRUint32)20 },
- { (void *)"\137\224\112\163\042\270\367\321\061\354\131\071\367\216\376\156"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002\002\003\353"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-
-PR_IMPLEMENT_DATA(builtinsInternalObject)
-nss_builtins_data[] = {
-#ifdef DEBUG
- { 7, nss_builtins_types_0, nss_builtins_items_0, {NULL} },
-#endif /* DEBUG */
- { 5, nss_builtins_types_1, nss_builtins_items_1, {NULL} },
- { 11, nss_builtins_types_2, nss_builtins_items_2, {NULL} },
- { 12, nss_builtins_types_3, nss_builtins_items_3, {NULL} },
- { 11, nss_builtins_types_4, nss_builtins_items_4, {NULL} },
- { 12, nss_builtins_types_5, nss_builtins_items_5, {NULL} },
- { 11, nss_builtins_types_6, nss_builtins_items_6, {NULL} },
- { 12, nss_builtins_types_7, nss_builtins_items_7, {NULL} },
- { 11, nss_builtins_types_8, nss_builtins_items_8, {NULL} },
- { 12, nss_builtins_types_9, nss_builtins_items_9, {NULL} },
- { 11, nss_builtins_types_10, nss_builtins_items_10, {NULL} },
- { 12, nss_builtins_types_11, nss_builtins_items_11, {NULL} },
- { 11, nss_builtins_types_12, nss_builtins_items_12, {NULL} },
- { 12, nss_builtins_types_13, nss_builtins_items_13, {NULL} },
- { 11, nss_builtins_types_14, nss_builtins_items_14, {NULL} },
- { 12, nss_builtins_types_15, nss_builtins_items_15, {NULL} },
- { 11, nss_builtins_types_16, nss_builtins_items_16, {NULL} },
- { 12, nss_builtins_types_17, nss_builtins_items_17, {NULL} },
- { 11, nss_builtins_types_18, nss_builtins_items_18, {NULL} },
- { 12, nss_builtins_types_19, nss_builtins_items_19, {NULL} },
- { 11, nss_builtins_types_20, nss_builtins_items_20, {NULL} },
- { 12, nss_builtins_types_21, nss_builtins_items_21, {NULL} },
- { 11, nss_builtins_types_22, nss_builtins_items_22, {NULL} },
- { 12, nss_builtins_types_23, nss_builtins_items_23, {NULL} },
- { 11, nss_builtins_types_24, nss_builtins_items_24, {NULL} },
- { 12, nss_builtins_types_25, nss_builtins_items_25, {NULL} },
- { 11, nss_builtins_types_26, nss_builtins_items_26, {NULL} },
- { 12, nss_builtins_types_27, nss_builtins_items_27, {NULL} },
- { 11, nss_builtins_types_28, nss_builtins_items_28, {NULL} },
- { 12, nss_builtins_types_29, nss_builtins_items_29, {NULL} },
- { 11, nss_builtins_types_30, nss_builtins_items_30, {NULL} },
- { 12, nss_builtins_types_31, nss_builtins_items_31, {NULL} },
- { 11, nss_builtins_types_32, nss_builtins_items_32, {NULL} },
- { 12, nss_builtins_types_33, nss_builtins_items_33, {NULL} },
- { 11, nss_builtins_types_34, nss_builtins_items_34, {NULL} },
- { 12, nss_builtins_types_35, nss_builtins_items_35, {NULL} },
- { 11, nss_builtins_types_36, nss_builtins_items_36, {NULL} },
- { 12, nss_builtins_types_37, nss_builtins_items_37, {NULL} },
- { 11, nss_builtins_types_38, nss_builtins_items_38, {NULL} },
- { 12, nss_builtins_types_39, nss_builtins_items_39, {NULL} },
- { 11, nss_builtins_types_40, nss_builtins_items_40, {NULL} },
- { 12, nss_builtins_types_41, nss_builtins_items_41, {NULL} },
- { 11, nss_builtins_types_42, nss_builtins_items_42, {NULL} },
- { 12, nss_builtins_types_43, nss_builtins_items_43, {NULL} },
- { 11, nss_builtins_types_44, nss_builtins_items_44, {NULL} },
- { 12, nss_builtins_types_45, nss_builtins_items_45, {NULL} },
- { 11, nss_builtins_types_46, nss_builtins_items_46, {NULL} },
- { 12, nss_builtins_types_47, nss_builtins_items_47, {NULL} },
- { 11, nss_builtins_types_48, nss_builtins_items_48, {NULL} },
- { 12, nss_builtins_types_49, nss_builtins_items_49, {NULL} },
- { 11, nss_builtins_types_50, nss_builtins_items_50, {NULL} },
- { 12, nss_builtins_types_51, nss_builtins_items_51, {NULL} },
- { 11, nss_builtins_types_52, nss_builtins_items_52, {NULL} },
- { 12, nss_builtins_types_53, nss_builtins_items_53, {NULL} },
- { 11, nss_builtins_types_54, nss_builtins_items_54, {NULL} },
- { 12, nss_builtins_types_55, nss_builtins_items_55, {NULL} },
- { 11, nss_builtins_types_56, nss_builtins_items_56, {NULL} },
- { 12, nss_builtins_types_57, nss_builtins_items_57, {NULL} },
- { 11, nss_builtins_types_58, nss_builtins_items_58, {NULL} },
- { 12, nss_builtins_types_59, nss_builtins_items_59, {NULL} },
- { 11, nss_builtins_types_60, nss_builtins_items_60, {NULL} },
- { 12, nss_builtins_types_61, nss_builtins_items_61, {NULL} },
- { 11, nss_builtins_types_62, nss_builtins_items_62, {NULL} },
- { 12, nss_builtins_types_63, nss_builtins_items_63, {NULL} },
- { 11, nss_builtins_types_64, nss_builtins_items_64, {NULL} },
- { 12, nss_builtins_types_65, nss_builtins_items_65, {NULL} },
- { 11, nss_builtins_types_66, nss_builtins_items_66, {NULL} },
- { 12, nss_builtins_types_67, nss_builtins_items_67, {NULL} },
- { 11, nss_builtins_types_68, nss_builtins_items_68, {NULL} },
- { 12, nss_builtins_types_69, nss_builtins_items_69, {NULL} },
- { 11, nss_builtins_types_70, nss_builtins_items_70, {NULL} },
- { 12, nss_builtins_types_71, nss_builtins_items_71, {NULL} },
- { 11, nss_builtins_types_72, nss_builtins_items_72, {NULL} },
- { 12, nss_builtins_types_73, nss_builtins_items_73, {NULL} },
- { 11, nss_builtins_types_74, nss_builtins_items_74, {NULL} },
- { 12, nss_builtins_types_75, nss_builtins_items_75, {NULL} },
- { 11, nss_builtins_types_76, nss_builtins_items_76, {NULL} },
- { 12, nss_builtins_types_77, nss_builtins_items_77, {NULL} },
- { 11, nss_builtins_types_78, nss_builtins_items_78, {NULL} },
- { 12, nss_builtins_types_79, nss_builtins_items_79, {NULL} },
- { 11, nss_builtins_types_80, nss_builtins_items_80, {NULL} },
- { 12, nss_builtins_types_81, nss_builtins_items_81, {NULL} },
- { 11, nss_builtins_types_82, nss_builtins_items_82, {NULL} },
- { 12, nss_builtins_types_83, nss_builtins_items_83, {NULL} },
- { 11, nss_builtins_types_84, nss_builtins_items_84, {NULL} },
- { 12, nss_builtins_types_85, nss_builtins_items_85, {NULL} },
- { 11, nss_builtins_types_86, nss_builtins_items_86, {NULL} },
- { 12, nss_builtins_types_87, nss_builtins_items_87, {NULL} },
- { 11, nss_builtins_types_88, nss_builtins_items_88, {NULL} },
- { 12, nss_builtins_types_89, nss_builtins_items_89, {NULL} },
- { 11, nss_builtins_types_90, nss_builtins_items_90, {NULL} },
- { 12, nss_builtins_types_91, nss_builtins_items_91, {NULL} },
- { 11, nss_builtins_types_92, nss_builtins_items_92, {NULL} },
- { 12, nss_builtins_types_93, nss_builtins_items_93, {NULL} },
- { 11, nss_builtins_types_94, nss_builtins_items_94, {NULL} },
- { 12, nss_builtins_types_95, nss_builtins_items_95, {NULL} },
- { 11, nss_builtins_types_96, nss_builtins_items_96, {NULL} },
- { 12, nss_builtins_types_97, nss_builtins_items_97, {NULL} },
- { 11, nss_builtins_types_98, nss_builtins_items_98, {NULL} },
- { 12, nss_builtins_types_99, nss_builtins_items_99, {NULL} },
- { 11, nss_builtins_types_100, nss_builtins_items_100, {NULL} },
- { 12, nss_builtins_types_101, nss_builtins_items_101, {NULL} },
- { 11, nss_builtins_types_102, nss_builtins_items_102, {NULL} },
- { 12, nss_builtins_types_103, nss_builtins_items_103, {NULL} },
- { 11, nss_builtins_types_104, nss_builtins_items_104, {NULL} },
- { 12, nss_builtins_types_105, nss_builtins_items_105, {NULL} },
- { 11, nss_builtins_types_106, nss_builtins_items_106, {NULL} },
- { 12, nss_builtins_types_107, nss_builtins_items_107, {NULL} },
- { 11, nss_builtins_types_108, nss_builtins_items_108, {NULL} },
- { 12, nss_builtins_types_109, nss_builtins_items_109, {NULL} },
- { 11, nss_builtins_types_110, nss_builtins_items_110, {NULL} },
- { 12, nss_builtins_types_111, nss_builtins_items_111, {NULL} },
- { 11, nss_builtins_types_112, nss_builtins_items_112, {NULL} },
- { 12, nss_builtins_types_113, nss_builtins_items_113, {NULL} },
- { 11, nss_builtins_types_114, nss_builtins_items_114, {NULL} },
- { 12, nss_builtins_types_115, nss_builtins_items_115, {NULL} },
- { 11, nss_builtins_types_116, nss_builtins_items_116, {NULL} },
- { 12, nss_builtins_types_117, nss_builtins_items_117, {NULL} },
- { 11, nss_builtins_types_118, nss_builtins_items_118, {NULL} },
- { 12, nss_builtins_types_119, nss_builtins_items_119, {NULL} },
- { 11, nss_builtins_types_120, nss_builtins_items_120, {NULL} },
- { 12, nss_builtins_types_121, nss_builtins_items_121, {NULL} },
- { 11, nss_builtins_types_122, nss_builtins_items_122, {NULL} },
- { 12, nss_builtins_types_123, nss_builtins_items_123, {NULL} },
- { 11, nss_builtins_types_124, nss_builtins_items_124, {NULL} },
- { 12, nss_builtins_types_125, nss_builtins_items_125, {NULL} },
- { 11, nss_builtins_types_126, nss_builtins_items_126, {NULL} },
- { 12, nss_builtins_types_127, nss_builtins_items_127, {NULL} },
- { 11, nss_builtins_types_128, nss_builtins_items_128, {NULL} },
- { 12, nss_builtins_types_129, nss_builtins_items_129, {NULL} },
- { 11, nss_builtins_types_130, nss_builtins_items_130, {NULL} },
- { 12, nss_builtins_types_131, nss_builtins_items_131, {NULL} },
- { 11, nss_builtins_types_132, nss_builtins_items_132, {NULL} },
- { 12, nss_builtins_types_133, nss_builtins_items_133, {NULL} },
- { 11, nss_builtins_types_134, nss_builtins_items_134, {NULL} },
- { 12, nss_builtins_types_135, nss_builtins_items_135, {NULL} }
-};
-PR_IMPLEMENT_DATA(const PRUint32)
-#ifdef DEBUG
- nss_builtins_nObjects = 135+1;
-#else
- nss_builtins_nObjects = 135;
-#endif /* DEBUG */
diff --git a/security/nss/lib/ckfw/builtins/certdata.perl b/security/nss/lib/ckfw/builtins/certdata.perl
deleted file mode 100644
index 81ab8273b..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.perl
+++ /dev/null
@@ -1,292 +0,0 @@
-#!perl -w
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-my $cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-use strict;
-
-my %constants;
-my $count = 0;
-my $o;
-my @objects = ();
-my @objsize;
-my $cvsid;
-
-$constants{CKO_DATA} = "static const CK_OBJECT_CLASS cko_data = CKO_DATA;\n";
-$constants{CK_TRUE} = "static const CK_BBOOL ck_true = CK_TRUE;\n";
-$constants{CK_FALSE} = "static const CK_BBOOL ck_false = CK_FALSE;\n";
-
-while(<>) {
- my @fields = ();
- my $size;
-
- s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
- next if (/^\s*$/);
-
- if( /(^CVS_ID\s+)(.*)/ ) {
-# print "The CVS ID is $2\n";
- $cvsid = $2 . "\"; $cvs_id\"";
- my $scratch = $cvsid;
- $size = 1 + $scratch =~ s/[^"\n]//g;
- @{$objects[0][0]} = ( "CKA_CLASS", "&cko_data", "sizeof(CK_OBJECT_CLASS)" );
- @{$objects[0][1]} = ( "CKA_TOKEN", "&ck_true", "sizeof(CK_BBOOL)" );
- @{$objects[0][2]} = ( "CKA_PRIVATE", "&ck_false", "sizeof(CK_BBOOL)" );
- @{$objects[0][3]} = ( "CKA_MODIFIABLE", "&ck_false", "sizeof(CK_BBOOL)" );
- @{$objects[0][4]} = ( "CKA_LABEL", "\"CVS ID\"", "7" );
- @{$objects[0][5]} = ( "CKA_APPLICATION", "\"NSS\"", "4" );
- @{$objects[0][6]} = ( "CKA_VALUE", $cvsid, "$size" );
- $objsize[0] = 7;
- next;
- }
-
- # This was taken from the perl faq #4.
- my $text = $_;
- push(@fields, $+) while $text =~ m{
- "([^\"\\]*(?:\\.[^\"\\]*)*)"\s? # groups the phrase inside the quotes
- | ([^\s]+)\s?
- | \s
- }gx;
- push(@fields, undef) if substr($text,-1,1) eq '\s';
-
- if( $fields[0] =~ /BEGINDATA/ ) {
- next;
- }
-
- if( $fields[1] =~ /MULTILINE/ ) {
- $fields[2] = "";
- while(<>) {
- last if /END/;
- chomp;
- $fields[2] .= "\"$_\"\n";
- }
- }
-
- if( $fields[1] =~ /UTF8/ ) {
- if( $fields[2] =~ /^"/ ) {
- ;
- } else {
- $fields[2] = "\"" . $fields[2] . "\"";
- }
-
- my $scratch = $fields[2];
- $size = $scratch =~ s/[^"\n]//g; # should supposedly handle multilines, too..
- $size += 1; # null terminate
- }
-
- if( $fields[1] =~ /OCTAL/ ) {
- if( $fields[2] =~ /^"/ ) {
- ;
- } else {
- $fields[2] = "\"" . $fields[2] . "\"";
- }
-
- my $scratch = $fields[2];
- $size = $scratch =~ tr/\\//;
- # no null termination
- }
-
- if( $fields[1] =~ /^CK_/ ) {
- my $lcv = $fields[2];
- $lcv =~ tr/A-Z/a-z/;
- if( !defined($constants{$fields[2]}) ) {
- $constants{$fields[2]} = "static const $fields[1] $lcv = $fields[2];\n";
- }
-
- $size = "sizeof($fields[1])";
- $fields[2] = "&$lcv";
- }
-
- if( $fields[0] =~ /CKA_CLASS/ ) {
- $count++;
- $objsize[$count] = 0;
- }
-
- @{$objects[$count][$objsize[$count]++]} = ( "$fields[0]", $fields[2], "$size" );
-
- # print "$fields[0] | $fields[1] | $size | $fields[2]\n";
-}
-
-doprint();
-
-sub dudump {
-my $i;
-for( $i = 0; $i <= $count; $i++ ) {
- print "\n";
- $o = $objects[$i];
- my @ob = @{$o};
- my $l;
- my $j;
- for( $j = 0; $j < @ob; $j++ ) {
- $l = $ob[$j];
- my @a = @{$l};
- print "$a[0] ! $a[1] ! $a[2]\n";
- }
-}
-
-}
-
-sub doprint {
-my $i;
-
-open(CFILE, ">certdata.c") || die "Can't open certdata.c: $!";
-
-print CFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = $cvsid;
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-EOD
- ;
-
-while(($a,$b) = each(%constants)) {
- print CFILE $b;
-}
-
-for( $i = 0; $i <= $count; $i++ ) {
- if( 0 == $i ) {
- print CFILE "#ifdef DEBUG\n";
- }
-
- print CFILE "static const CK_ATTRIBUTE_TYPE nss_builtins_types_$i [] = {\n";
- $o = $objects[$i];
- # print STDOUT "type $i object $o \n";
- my @ob = @{$o};
- my $j;
- for( $j = 0; $j < @ob; $j++ ) {
- my $l = $ob[$j];
- my @a = @{$l};
- print CFILE " $a[0]";
- if( $j+1 != @ob ) {
- print CFILE ", ";
- }
- }
- print CFILE "\n};\n";
-
- if( 0 == $i ) {
- print CFILE "#endif /* DEBUG */\n";
- }
-}
-
-for( $i = 0; $i <= $count; $i++ ) {
- if( 0 == $i ) {
- print CFILE "#ifdef DEBUG\n";
- }
-
- print CFILE "static const NSSItem nss_builtins_items_$i [] = {\n";
- $o = $objects[$i];
- my @ob = @{$o};
- my $j;
- for( $j = 0; $j < @ob; $j++ ) {
- my $l = $ob[$j];
- my @a = @{$l};
- print CFILE " { (void *)$a[1], (PRUint32)$a[2] }";
- if( $j+1 != @ob ) {
- print CFILE ",\n";
- } else {
- print CFILE "\n";
- }
- }
- print CFILE "};\n";
-
- if( 0 == $i ) {
- print CFILE "#endif /* DEBUG */\n";
- }
-}
-
-print CFILE "\nPR_IMPLEMENT_DATA(builtinsInternalObject)\n";
-print CFILE "nss_builtins_data[] = {\n";
-
-for( $i = 0; $i <= $count; $i++ ) {
-
- if( 0 == $i ) {
- print CFILE "#ifdef DEBUG\n";
- }
-
- print CFILE " { $objsize[$i], nss_builtins_types_$i, nss_builtins_items_$i, {NULL} }";
-
- if( $i == $count ) {
- print CFILE "\n";
- } else {
- print CFILE ",\n";
- }
-
- if( 0 == $i ) {
- print CFILE "#endif /* DEBUG */\n";
- }
-}
-
-print CFILE "};\n";
-
-print CFILE "PR_IMPLEMENT_DATA(const PRUint32)\n";
-print CFILE "#ifdef DEBUG\n";
-print CFILE " nss_builtins_nObjects = $count+1;\n";
-print CFILE "#else\n";
-print CFILE " nss_builtins_nObjects = $count;\n";
-print CFILE "#endif /* DEBUG */\n";
-}
diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt
deleted file mode 100644
index 3e28a3c6d..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.txt
+++ /dev/null
@@ -1,8712 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-#
-# certdata.txt
-#
-# This file contains the object definitions for the certs and other
-# information "built into" NSS.
-#
-# Object definitions:
-#
-# Certificates
-#
-# -- Attribute -- -- type -- -- value --
-# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-# CKA_TOKEN CK_BBOOL CK_TRUE
-# CKA_PRIVATE CK_BBOOL CK_FALSE
-# CKA_MODIFIABLE CK_BBOOL CK_FALSE
-# CKA_LABEL UTF8 (varies)
-# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-# CKA_SUBJECT DER+base64 (varies)
-# CKA_ID byte array (varies)
-# CKA_ISSUER DER+base64 (varies)
-# CKA_SERIAL_NUMBER DER+base64 (varies)
-# CKA_VALUE DER+base64 (varies)
-# CKA_NETSCAPE_EMAIL ASCII7 (unused here)
-#
-# Trust
-#
-# -- Attribute -- -- type -- -- value --
-# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST
-# CKA_TOKEN CK_BBOOL CK_TRUE
-# CKA_PRIVATE CK_BBOOL CK_FALSE
-# CKA_MODIFIABLE CK_BBOOL CK_FALSE
-# CKA_LABEL UTF8 (varies)
-# CKA_ISSUER DER+base64 (varies)
-# CKA_SERIAL_NUMBER DER+base64 (varies)
-# CKA_CERT_HASH binary+base64 (varies)
-# CKA_EXPIRES CK_DATE (not used here)
-# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)
-# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)
-# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)
-# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)
-# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)
-# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)
-# CKA_TRUST_CRL_SIGN CK_TRUST (varies)
-# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)
-# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)
-# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)
-# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)
-# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)
-# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)
-# CKA_TRUST_IPSEC_USER CK_TRUST (varies)
-# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)
-# (other trust attributes can be defined)
-#
-
-#
-# The object to tell NSS that this is a root list and we don't
-# have to go looking for others.
-#
-BEGINDATA
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Mozilla Builtin Roots"
-
-#
-# Certificate "Verisign/RSA Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign/RSA Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\002\255\146\176\116\105\376\136\127\157\074\230\031\136
-\335\300
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\064\060\202\001\241\002\020\002\255\146\176\116\105
-\376\136\127\157\074\230\031\136\335\300\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004
-\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143\165
-\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006\003
-\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\064
-\061\061\060\071\060\060\060\060\060\060\132\027\015\061\060\060
-\061\060\067\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125
-\004\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143
-\165\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006
-\003\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162
-\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\233\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\211
-\000\060\201\205\002\176\000\222\316\172\301\256\203\076\132\252
-\211\203\127\254\045\001\166\014\255\256\216\054\067\316\353\065
-\170\144\124\003\345\204\100\121\311\277\217\010\342\212\202\010
-\322\026\206\067\125\351\261\041\002\255\166\150\201\232\005\242
-\113\311\113\045\146\042\126\154\210\007\217\367\201\131\155\204
-\007\145\160\023\161\166\076\233\167\114\343\120\211\126\230\110
-\271\035\247\051\032\023\056\112\021\131\234\036\025\325\111\124
-\054\163\072\151\202\261\227\071\234\155\160\147\110\345\335\055
-\326\310\036\173\002\003\001\000\001\060\015\006\011\052\206\110
-\206\367\015\001\001\002\005\000\003\176\000\145\335\176\341\262
-\354\260\342\072\340\354\161\106\232\031\021\270\323\307\240\264
-\003\100\046\002\076\011\234\341\022\263\321\132\366\067\245\267
-\141\003\266\133\026\151\073\306\104\010\014\210\123\014\153\227
-\111\307\076\065\334\154\271\273\252\337\134\273\072\057\223\140
-\266\251\113\115\362\040\367\315\137\177\144\173\216\334\000\134
-\327\372\167\312\071\026\131\157\016\352\323\265\203\177\115\115
-\102\126\166\264\311\137\004\370\070\370\353\322\137\165\137\315
-\173\374\345\216\200\174\374\120
-END
-
-# Trust for Certificate "Verisign/RSA Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign/RSA Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\104\143\305\061\327\314\301\000\147\224\141\053\266\126\323\277
-\202\127\204\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\164\173\202\003\103\360\000\236\153\263\354\107\277\205\245\223
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\002\255\146\176\116\105\376\136\127\157\074\230\031\136
-\335\300
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "GTE CyberTrust Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\001\243
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003
-\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141
-\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157
-\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061
-\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060
-\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006
-\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257
-\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215
-\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373
-\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014
-\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114
-\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011
-\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371
-\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143
-\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263
-\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043
-\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352
-\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245
-\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276
-\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131
-\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162
-\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351
-\264\172\341\345\132\037\204\060\234\323\237\245\045\330
-END
-
-# Trust for Certificate "GTE CyberTrust Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274
-\145\246\211\144
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\001\243
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Global Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Global Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\001\245
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\132\060\202\001\303\002\002\001\245\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\165\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003
-\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141
-\164\151\157\156\061\047\060\045\006\003\125\004\013\023\036\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\123\157
-\154\165\164\151\157\156\163\054\040\111\156\143\056\061\043\060
-\041\006\003\125\004\003\023\032\107\124\105\040\103\171\142\145
-\162\124\162\165\163\164\040\107\154\157\142\141\154\040\122\157
-\157\164\060\036\027\015\071\070\060\070\061\063\060\060\062\071
-\060\060\132\027\015\061\070\060\070\061\063\062\063\065\071\060
-\060\132\060\165\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006
-\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040
-\111\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154
-\157\142\141\154\040\122\157\157\164\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\225\017\240\266\360\120\234\350\172\307
-\210\315\335\027\016\056\260\224\320\033\075\016\366\224\300\212
-\224\307\006\310\220\227\310\270\144\032\172\176\154\074\123\341
-\067\050\163\140\177\262\227\123\007\237\123\371\155\130\224\322
-\257\215\155\210\147\200\346\355\262\225\317\162\061\312\245\034
-\162\272\134\002\347\144\102\347\371\251\054\326\072\015\254\215
-\102\252\044\001\071\346\234\077\001\205\127\015\130\207\105\370
-\323\205\252\223\151\046\205\160\110\200\077\022\025\307\171\264
-\037\005\057\073\142\231\002\003\001\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\003\201\201\000\155\353
-\033\011\351\136\331\121\333\147\042\141\244\052\074\110\167\343
-\240\174\246\336\163\242\024\003\205\075\373\253\016\060\305\203
-\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175
-\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331
-\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277
-\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017
-\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117
-\037\042\265\315\225\255\272\247\314\371\253\013\172\177
-END
-
-# Trust for Certificate "GTE CyberTrust Global Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Global Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061
-\066\176\364\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\312\075\323\150\361\003\134\320\062\372\270\053\131\350\132\333
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\001\245
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Basic CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Basic CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\041\060\202\002\212\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151\143
-\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015\001
-\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141\163
-\151\143\100\164\150\141\167\164\145\056\143\157\155\060\036\027
-\015\071\066\060\061\060\061\060\060\060\060\060\060\132\027\015
-\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\313
-\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060
-\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040
-\103\141\160\145\061\022\060\020\006\003\125\004\007\023\011\103
-\141\160\145\040\124\157\167\156\061\032\060\030\006\003\125\004
-\012\023\021\124\150\141\167\164\145\040\103\157\156\163\165\154
-\164\151\156\147\061\050\060\046\006\003\125\004\013\023\037\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162
-\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061\041
-\060\037\006\003\125\004\003\023\030\124\150\141\167\164\145\040
-\120\145\162\163\157\156\141\154\040\102\141\163\151\143\040\103
-\101\061\050\060\046\006\011\052\206\110\206\367\015\001\011\001
-\026\031\160\145\162\163\157\156\141\154\055\142\141\163\151\143
-\100\164\150\141\167\164\145\056\143\157\155\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\274\274\223\123\155\300\120\117
-\202\025\346\110\224\065\246\132\276\157\102\372\017\107\356\167
-\165\162\335\215\111\233\226\127\240\170\324\312\077\121\263\151
-\013\221\166\027\042\007\227\152\304\121\223\113\340\215\357\067
-\225\241\014\115\332\064\220\035\027\211\227\340\065\070\127\112
-\300\364\010\160\351\074\104\173\120\176\141\232\220\343\043\323
-\210\021\106\047\365\013\007\016\273\335\321\177\040\012\210\271
-\126\013\056\034\200\332\361\343\236\051\357\024\275\012\104\373
-\033\133\030\321\277\043\223\041\002\003\001\000\001\243\023\060
-\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\055\342\231\153\260\075\172\211\327\131\242
-\224\001\037\053\335\022\113\123\302\255\177\252\247\000\134\221
-\100\127\045\112\070\252\204\160\271\331\200\017\245\173\134\373
-\163\306\275\327\212\141\134\003\343\055\047\250\027\340\204\205
-\102\334\136\233\306\267\262\155\273\164\257\344\077\313\247\267
-\260\340\135\276\170\203\045\224\322\333\201\017\171\007\155\117
-\364\071\025\132\122\001\173\336\062\326\115\070\366\022\134\006
-\120\337\005\133\275\024\113\241\337\051\272\073\101\215\367\143
-\126\241\337\042\261
-END
-
-# Trust for Certificate "Thawte Personal Basic CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Basic CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\100\347\214\035\122\075\034\331\225\117\254\032\032\263\275\074
-\272\241\133\374
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\346\013\322\311\312\055\210\333\032\161\016\113\170\353\002\101
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Premium CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Premium CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155\151
-\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206\367
-\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055\160
-\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143\157
-\155\060\036\027\015\071\066\060\061\060\061\060\060\060\060\060
-\060\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071
-\132\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132
-\101\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164
-\145\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004
-\007\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030
-\006\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157
-\156\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004
-\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151
-\157\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141
-\167\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145
-\155\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110
-\206\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154
-\055\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056
-\143\157\155\060\201\237\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000
-\311\146\331\370\007\104\317\271\214\056\360\241\357\023\105\154
-\005\337\336\047\026\121\066\101\021\154\154\073\355\376\020\175
-\022\236\345\233\102\232\376\140\061\303\146\267\163\072\110\256
-\116\320\062\067\224\210\265\015\266\331\363\362\104\331\325\210
-\022\335\166\115\362\032\374\157\043\036\172\361\330\230\105\116
-\007\020\357\026\102\320\103\165\155\112\336\342\252\311\061\377
-\037\000\160\174\146\317\020\045\010\272\372\356\000\351\106\003
-\146\047\021\025\073\252\133\362\230\335\066\102\262\332\210\165
-\002\003\001\000\001\243\023\060\021\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\003\201\201\000\151\066\211
-\367\064\052\063\162\057\155\073\324\042\262\270\157\232\305\066
-\146\016\033\074\241\261\165\132\346\375\065\323\370\250\362\007
-\157\205\147\216\336\053\271\342\027\260\072\240\360\016\242\000
-\232\337\363\024\025\156\273\310\205\132\230\200\371\377\276\164
-\035\075\363\376\060\045\321\067\064\147\372\245\161\171\060\141
-\051\162\300\340\054\114\373\126\344\072\250\157\345\062\131\122
-\333\165\050\120\131\014\370\013\031\344\254\331\257\226\215\057
-\120\333\007\303\352\037\253\063\340\365\053\061\211
-END
-
-# Trust for Certificate "Thawte Personal Premium CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Premium CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\066\206\065\143\375\121\050\307\276\246\360\005\317\351\264\066
-\150\010\154\316
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\072\262\336\042\232\040\223\111\371\355\310\322\212\347\150\015
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Freemail CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Freemail CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\055\060\202\002\226\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145\155
-\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110\206
-\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154\055
-\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145\056
-\143\157\155\060\036\027\015\071\066\060\061\060\061\060\060\060
-\060\060\060\132\027\015\062\060\061\062\063\061\062\063\065\071
-\065\071\132\060\201\321\061\013\060\011\006\003\125\004\006\023
-\002\132\101\061\025\060\023\006\003\125\004\010\023\014\127\145
-\163\164\145\162\156\040\103\141\160\145\061\022\060\020\006\003
-\125\004\007\023\011\103\141\160\145\040\124\157\167\156\061\032
-\060\030\006\003\125\004\012\023\021\124\150\141\167\164\145\040
-\103\157\156\163\165\154\164\151\156\147\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\044\060\042\006\003\125\004\003\023\033\124
-\150\141\167\164\145\040\120\145\162\163\157\156\141\154\040\106
-\162\145\145\155\141\151\154\040\103\101\061\053\060\051\006\011
-\052\206\110\206\367\015\001\011\001\026\034\160\145\162\163\157
-\156\141\154\055\146\162\145\145\155\141\151\154\100\164\150\141
-\167\164\145\056\143\157\155\060\201\237\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211
-\002\201\201\000\324\151\327\324\260\224\144\133\161\351\107\330
-\014\121\266\352\162\221\260\204\136\175\055\015\217\173\022\337
-\205\045\165\050\164\072\102\054\143\047\237\225\173\113\357\176
-\031\207\035\206\352\243\335\271\316\226\144\032\302\024\156\104
-\254\174\346\217\350\115\017\161\037\100\070\246\000\243\207\170
-\366\371\224\206\136\255\352\300\136\166\353\331\024\243\135\156
-\172\174\014\245\113\125\177\006\031\051\177\236\232\046\325\152
-\273\070\044\010\152\230\307\261\332\243\230\221\375\171\333\345
-\132\304\034\271\002\003\001\000\001\243\023\060\021\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201
-\000\307\354\222\176\116\370\365\226\245\147\142\052\244\360\115
-\021\140\320\157\215\140\130\141\254\046\273\122\065\134\010\317
-\060\373\250\112\226\212\037\142\102\043\214\027\017\364\272\144
-\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254
-\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232
-\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163
-\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246
-\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242
-\201
-END
-
-# Trust for Certificate "Thawte Personal Freemail CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Freemail CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207
-\244\353\000\205
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\036\164\303\206\074\014\065\305\076\302\177\357\074\252\074\331
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Thawte Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\023\060\202\002\174\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003
-\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125
-\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163
-\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124\150
-\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061\046
-\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027\163
-\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141\167
-\164\145\056\143\157\155\060\036\027\015\071\066\060\070\060\061
-\060\060\060\060\060\060\132\027\015\062\060\061\062\063\061\062
-\063\065\071\065\071\132\060\201\304\061\013\060\011\006\003\125
-\004\006\023\002\132\101\061\025\060\023\006\003\125\004\010\023
-\014\127\145\163\164\145\162\156\040\103\141\160\145\061\022\060
-\020\006\003\125\004\007\023\011\103\141\160\145\040\124\157\167
-\156\061\035\060\033\006\003\125\004\012\023\024\124\150\141\167
-\164\145\040\103\157\156\163\165\154\164\151\156\147\040\143\143
-\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145
-\163\040\104\151\166\151\163\151\157\156\061\031\060\027\006\003
-\125\004\003\023\020\124\150\141\167\164\145\040\123\145\162\166
-\145\162\040\103\101\061\046\060\044\006\011\052\206\110\206\367
-\015\001\011\001\026\027\163\145\162\166\145\162\055\143\145\162
-\164\163\100\164\150\141\167\164\145\056\143\157\155\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\323\244\120\156\310\377
-\126\153\346\317\135\266\352\014\150\165\107\242\252\302\332\204
-\045\374\250\364\107\121\332\205\265\040\164\224\206\036\017\165
-\311\351\010\141\365\006\155\060\156\025\031\002\351\122\300\142
-\333\115\231\236\342\152\014\104\070\315\376\276\343\144\011\160
-\305\376\261\153\051\266\057\111\310\073\324\047\004\045\020\227
-\057\347\220\155\300\050\102\231\327\114\103\336\303\365\041\155
-\124\237\135\303\130\341\300\344\331\133\260\270\334\264\173\337
-\066\072\302\265\146\042\022\326\207\015\002\003\001\000\001\243
-\023\060\021\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\007\372\114\151\134\373\225\314\106
-\356\205\203\115\041\060\216\312\331\250\157\111\032\346\332\121
-\343\140\160\154\204\141\021\241\032\310\110\076\131\103\175\117
-\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236
-\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212
-\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325
-\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131
-\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274
-\243\377\212\043\056\160\107
-END
-
-# Trust for Certificate "Thawte Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243
-\365\330\213\214
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\305\160\304\242\355\123\170\014\310\020\123\201\144\313\320\035
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Premium Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Premium Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\047\060\202\002\220\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003
-\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125
-\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163
-\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124\150
-\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145\162
-\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110\206
-\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055\163
-\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157\155
-\060\036\027\015\071\066\060\070\060\061\060\060\060\060\060\060
-\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071\132
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\322\066
-\066\152\213\327\302\133\236\332\201\101\142\217\070\356\111\004
-\125\326\320\357\034\033\225\026\107\357\030\110\065\072\122\364
-\053\152\006\217\073\057\352\126\343\257\206\215\236\027\367\236
-\264\145\165\002\115\357\313\011\242\041\121\330\233\320\147\320
-\272\015\222\006\024\163\324\223\313\227\052\000\234\134\116\014
-\274\372\025\122\374\362\104\156\332\021\112\156\010\237\057\055
-\343\371\252\072\206\163\266\106\123\130\310\211\005\275\203\021
-\270\163\077\252\007\215\364\102\115\347\100\235\034\067\002\003
-\001\000\001\243\023\060\021\060\017\006\003\125\035\023\001\001
-\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206
-\367\015\001\001\004\005\000\003\201\201\000\046\110\054\026\302
-\130\372\350\026\164\014\252\252\137\124\077\362\327\311\170\140
-\136\136\156\067\143\042\167\066\176\262\027\304\064\271\365\010
-\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106
-\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274
-\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114
-\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310
-\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047
-\246\015\246\043\371\273\313\246\007\024\102
-END
-
-# Trust for Certificate "Thawte Premium Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Premium Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263
-\363\076\372\232
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\006\237\151\171\026\146\220\002\033\214\214\242\303\007\157\072
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\065\336\364\317
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\065
-\336\364\317\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\036\027\015\071\070\060\070\062\062\061\066\064\061
-\065\061\132\027\015\061\070\060\070\062\062\061\066\064\061\065
-\061\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\301
-\135\261\130\147\010\142\356\240\232\055\037\010\155\221\024\150
-\230\012\036\376\332\004\157\023\204\142\041\303\321\174\316\237
-\005\340\270\001\360\116\064\354\342\212\225\004\144\254\361\153
-\123\137\005\263\313\147\200\277\102\002\216\376\335\001\011\354
-\341\000\024\117\374\373\360\014\335\103\272\133\053\341\037\200
-\160\231\025\127\223\026\361\017\227\152\267\302\150\043\034\314
-\115\131\060\254\121\036\073\257\053\326\356\143\105\173\305\331
-\137\120\322\343\120\017\072\210\347\277\024\375\340\307\271\002
-\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003
-\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060
-\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\020
-\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141\170
-\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151\146
-\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151\146
-\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061
-\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032
-\006\003\125\035\020\004\023\060\021\201\017\062\060\061\070\060
-\070\062\062\061\066\064\061\065\061\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\110\346\150\371\053\322\262\225\327\107\330\043
-\040\020\117\063\230\220\237\324\060\035\006\003\125\035\016\004
-\026\004\024\110\346\150\371\053\322\262\225\327\107\330\043\040
-\020\117\063\230\220\237\324\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007
-\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006
-\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\201\201\000\130\316\051\352\374\367\336\265\316\002\271\027
-\265\205\321\271\343\340\225\314\045\061\015\000\246\222\156\177
-\266\222\143\236\120\225\321\232\157\344\021\336\143\205\156\230
-\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075
-\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265
-\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141
-\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041
-\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117
-\254\007\167\070
-END
-
-# Trust for Certificate "Equifax Secure CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023
-\227\206\143\072
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\147\313\235\300\023\044\212\202\233\262\027\036\321\033\354\324
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\065\336\364\317
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ABAecom (sub., Am. Bankers Assn.) Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\320\036\100\220\000\000\106\122\000\000\000\001\000
-\000\000\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\265\060\202\002\235\240\003\002\001\002\002\021\000
-\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000\004
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060\021
-\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164\157
-\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101\056
-\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006\003
-\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122\157
-\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206\367
-\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147\163
-\151\147\164\162\165\163\164\056\143\157\155\060\036\027\015\071
-\071\060\067\061\062\061\067\063\063\065\063\132\027\015\060\071
-\060\067\060\071\061\067\063\063\065\063\132\060\201\211\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\013\060\011\006
-\003\125\004\010\023\002\104\103\061\023\060\021\006\003\125\004
-\007\023\012\127\141\163\150\151\156\147\164\157\156\061\027\060
-\025\006\003\125\004\012\023\016\101\102\101\056\105\103\117\115
-\054\040\111\116\103\056\061\031\060\027\006\003\125\004\003\023
-\020\101\102\101\056\105\103\117\115\040\122\157\157\164\040\103
-\101\061\044\060\042\006\011\052\206\110\206\367\015\001\011\001
-\026\025\141\144\155\151\156\100\144\151\147\163\151\147\164\162
-\165\163\164\056\143\157\155\060\202\001\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
-\202\001\012\002\202\001\001\000\261\323\021\340\171\125\103\007
-\010\114\313\005\102\000\342\015\203\106\075\344\223\272\266\006
-\323\015\131\275\076\301\316\103\147\001\212\041\250\357\274\314
-\320\242\314\260\125\226\123\204\146\005\000\332\104\111\200\330
-\124\012\245\045\206\224\355\143\126\377\160\154\243\241\031\322
-\170\276\150\052\104\136\057\317\314\030\136\107\274\072\261\106
-\075\036\360\271\054\064\137\214\174\114\010\051\235\100\125\353
-\074\175\203\336\265\360\367\212\203\016\241\114\264\072\245\263
-\137\132\042\227\354\031\233\301\005\150\375\346\267\251\221\224
-\054\344\170\110\044\032\045\031\072\353\225\234\071\012\212\317
-\102\262\360\034\325\137\373\153\355\150\126\173\071\054\162\070
-\260\356\223\251\323\173\167\074\353\161\003\251\070\112\026\154
-\211\052\312\332\063\023\171\302\125\214\355\234\273\362\313\133
-\020\370\056\141\065\306\051\114\052\320\052\143\321\145\131\264
-\370\315\371\364\000\204\266\127\102\205\235\062\250\371\052\124
-\373\377\170\101\274\275\161\050\364\273\220\274\377\226\064\004
-\343\105\236\241\106\050\100\201\002\003\001\000\001\243\026\060
-\024\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001
-\001\377\002\001\010\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\202\001\001\000\004\157\045\206\344\346\226
-\047\264\331\102\300\320\311\000\261\177\124\076\207\262\155\044
-\251\057\012\176\375\244\104\260\370\124\007\275\033\235\235\312
-\173\120\044\173\021\133\111\243\246\277\022\164\325\211\267\267
-\057\230\144\045\024\267\141\351\177\140\200\153\323\144\350\253
-\275\032\326\121\372\300\264\135\167\032\177\144\010\136\171\306
-\005\114\361\172\335\115\175\316\346\110\173\124\322\141\222\201
-\326\033\326\000\360\016\236\050\167\240\115\210\307\042\166\031
-\303\307\236\033\246\167\170\370\137\233\126\321\360\362\027\254
-\216\235\131\346\037\376\127\266\331\136\341\135\237\105\354\141
-\150\031\101\341\262\040\046\376\132\060\166\044\377\100\162\074
-\171\237\174\042\110\253\106\315\333\263\206\054\217\277\005\101
-\323\301\343\024\343\101\027\046\320\174\247\161\114\031\350\112
-\017\162\130\061\175\354\140\172\243\042\050\275\031\044\140\077
-\073\207\163\300\153\344\313\256\267\253\045\103\262\125\055\173
-\253\006\016\165\135\064\345\135\163\155\236\262\165\100\245\131
-\311\117\061\161\210\331\210\177\124
-END
-
-# Trust for Certificate "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\172\164\101\017\260\315\134\227\052\066\113\161\277\003\035\210
-\246\121\016\236
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\101\270\007\367\250\321\011\356\264\232\216\160\115\374\033\170
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\320\036\100\220\000\000\106\122\000\000\000\001\000
-\000\000\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\066\160\025\226
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066
-\160\025\226\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
-\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
-\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013
-\023\010\104\123\124\103\101\040\105\061\060\036\027\015\071\070
-\061\062\061\060\061\070\061\060\062\063\132\027\015\061\070\061
-\062\061\060\061\070\064\060\062\063\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125
-\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156
-\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061
-\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040
-\105\061\060\201\235\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\240
-\154\201\251\317\064\036\044\335\376\206\050\314\336\203\057\371
-\136\324\102\322\350\164\140\146\023\230\006\034\251\121\022\151
-\157\061\125\271\111\162\000\010\176\323\245\142\104\067\044\231
-\217\331\203\110\217\231\155\225\023\273\103\073\056\111\116\210
-\067\301\273\130\177\376\341\275\370\273\141\315\363\107\300\231
-\246\361\363\221\350\170\174\000\313\141\311\104\047\161\151\125
-\112\176\111\115\355\242\243\276\002\114\000\312\002\250\356\001
-\002\061\144\017\122\055\023\164\166\066\265\172\264\055\161\002
-\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006
-\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127
-\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061\061\015\060\013\006\003\125\004
-\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044
-\060\042\200\017\061\071\071\070\061\062\061\060\061\070\061\060
-\062\063\132\201\017\062\060\061\070\061\062\061\060\061\070\061
-\060\062\063\132\060\013\006\003\125\035\017\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\152\171
-\176\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016
-\242\370\060\035\006\003\125\035\016\004\026\004\024\152\171\176
-\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016\242
-\370\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
-\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012
-\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\201\201\000\042\022\330
-\172\035\334\201\006\266\011\145\262\207\310\037\136\264\057\351
-\304\036\362\074\301\273\004\220\021\112\203\116\176\223\271\115
-\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040
-\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311
-\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376
-\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233
-\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274
-\241\223\004\273\206\237\072\133\103\172\303\212\145
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143
-\133\321\043\323
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\045\172\272\203\056\266\242\013\332\376\365\002\017\010\327\255
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\066\160\025\226
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\066\156\323\316
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066
-\156\323\316\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
-\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
-\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013
-\023\010\104\123\124\103\101\040\105\062\060\036\027\015\071\070
-\061\062\060\071\061\071\061\067\062\066\132\027\015\061\070\061
-\062\060\071\061\071\064\067\062\066\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125
-\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156
-\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061
-\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040
-\105\062\060\201\235\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\277
-\223\217\027\222\357\063\023\030\353\020\177\116\026\277\377\006
-\217\052\205\274\136\371\044\246\044\210\266\003\267\301\303\137
-\003\133\321\157\256\176\102\352\146\043\270\143\203\126\373\050
-\055\341\070\213\264\356\250\001\341\316\034\266\210\052\042\106
-\205\373\237\247\160\251\107\024\077\316\336\145\360\250\161\367
-\117\046\154\214\274\306\265\357\336\111\047\377\110\052\175\350
-\115\003\314\307\262\122\306\027\061\023\073\265\115\333\310\304
-\366\303\017\044\052\332\014\235\347\221\133\200\315\224\235\002
-\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006
-\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127
-\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062\061\015\060\013\006\003\125\004
-\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044
-\060\042\200\017\061\071\071\070\061\062\060\071\061\071\061\067
-\062\066\132\201\017\062\060\061\070\061\062\060\071\061\071\061
-\067\062\066\132\060\013\006\003\125\035\017\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\036\202
-\115\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370
-\071\133\060\035\006\003\125\035\016\004\026\004\024\036\202\115
-\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370\071
-\133\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
-\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012
-\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\201\201\000\107\215\203
-\255\142\362\333\260\236\105\042\005\271\242\326\003\016\070\162
-\347\236\374\173\346\223\266\232\245\242\224\310\064\035\221\321
-\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114
-\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055
-\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113
-\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113
-\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371
-\307\177\033\033\326\006\040\002\130\241\303\242\003
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127
-\360\066\233\106
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\223\302\216\021\173\324\363\003\031\275\050\165\023\112\105\112
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\066\156\323\316
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\320\036\100\213\000\000\002\174\000\000\000\002\000
-\000\000\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000
-\000\002\174\000\000\000\002\000\000\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060
-\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003
-\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125
-\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151
-\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147
-\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
-\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004
-\013\023\010\104\123\124\103\101\040\130\061\061\026\060\024\006
-\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101
-\040\130\061\061\041\060\037\006\011\052\206\110\206\367\015\001
-\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165
-\163\164\056\143\157\155\060\036\027\015\071\070\061\062\060\061
-\061\070\061\070\065\065\132\027\015\060\070\061\061\062\070\061
-\070\061\070\065\065\132\060\201\251\061\013\060\011\006\003\125
-\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023
-\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016
-\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154
-\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164
-\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104
-\123\124\103\101\040\130\061\061\026\060\024\006\003\125\004\003
-\023\015\104\123\124\040\122\157\157\164\103\101\040\130\061\061
-\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022
-\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143
-\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\322\306\046\266\347\245\075\301\304\150\325\120\157
-\123\305\157\111\023\011\270\257\054\110\215\024\152\243\027\137
-\132\371\323\056\165\057\330\050\142\321\223\057\374\115\324\253
-\207\345\010\307\231\347\222\077\165\275\353\045\264\025\301\233
-\031\075\322\104\215\327\164\040\155\067\002\217\151\223\133\212
-\304\031\235\364\262\016\374\026\154\271\261\005\222\203\321\205
-\054\140\224\076\105\125\240\331\253\010\041\346\140\350\073\164
-\362\231\120\121\150\320\003\055\261\200\276\243\330\122\260\104
-\315\103\112\160\216\130\205\225\341\116\054\326\055\101\157\326
-\204\347\310\230\104\312\107\333\054\044\245\151\046\317\153\270
-\047\142\303\364\311\172\222\043\355\023\147\202\256\105\056\105
-\345\176\162\077\205\235\224\142\020\346\074\221\241\255\167\000
-\340\025\354\363\204\200\162\172\216\156\140\227\307\044\131\020
-\064\203\133\341\245\244\151\266\127\065\034\170\131\306\323\057
-\072\163\147\356\224\312\004\023\005\142\006\160\043\263\364\174
-\356\105\331\144\013\133\111\252\244\103\316\046\304\104\022\154
-\270\335\171\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\242\067\262\077
-\151\373\327\206\171\124\111\061\225\063\053\363\321\011\024\111
-\142\140\206\245\260\021\342\120\302\035\006\127\076\055\350\063
-\144\276\233\252\255\137\033\115\324\231\225\242\213\232\311\142
-\162\265\151\352\331\130\253\065\355\025\242\103\326\266\274\007
-\171\145\144\163\175\327\171\312\173\325\132\121\306\341\123\004
-\226\215\070\317\243\027\254\071\161\153\001\303\213\123\074\143
-\351\356\171\300\344\276\222\062\144\172\263\037\227\224\142\275
-\352\262\040\025\225\373\227\362\170\057\143\066\100\070\343\106
-\017\035\335\254\225\312\347\113\220\173\261\113\251\324\305\353
-\232\332\252\325\243\224\024\106\215\055\037\363\072\326\223\072
-\366\076\171\374\350\346\260\165\355\356\075\311\160\307\135\252
-\201\113\106\045\034\307\154\025\343\225\116\017\252\062\067\224
-\012\027\044\222\023\204\130\322\143\157\053\367\346\133\142\013
-\023\027\260\015\122\114\376\376\157\134\342\221\156\035\375\244
-\142\327\150\372\216\172\117\322\010\332\223\334\360\222\021\172
-\320\334\162\223\014\163\223\142\205\150\320\364
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\267\057\377\222\322\316\103\336\012\215\114\124\214\120\067\046
-\250\036\053\223
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\154\311\247\156\107\361\014\343\123\073\170\114\115\302\152\305
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\320\036\100\213\000\000\002\174\000\000\000\002\000
-\000\000\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 4"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 4"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\320\036\100\213\000\000\167\155\000\000\000\001\000
-\000\000\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000
-\000\167\155\000\000\000\001\000\000\000\004\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060
-\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003
-\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125
-\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151
-\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147
-\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
-\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004
-\013\023\010\104\123\124\103\101\040\130\062\061\026\060\024\006
-\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101
-\040\130\062\061\041\060\037\006\011\052\206\110\206\367\015\001
-\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165
-\163\164\056\143\157\155\060\036\027\015\071\070\061\061\063\060
-\062\062\064\066\061\066\132\027\015\060\070\061\061\062\067\062
-\062\064\066\061\066\132\060\201\251\061\013\060\011\006\003\125
-\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023
-\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016
-\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154
-\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164
-\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104
-\123\124\103\101\040\130\062\061\026\060\024\006\003\125\004\003
-\023\015\104\123\124\040\122\157\157\164\103\101\040\130\062\061
-\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022
-\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143
-\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\334\165\360\214\300\165\226\232\300\142\037\046\367
-\304\341\232\352\340\126\163\133\231\315\001\104\250\010\266\325
-\247\332\032\004\030\071\222\112\170\243\201\302\365\167\172\120
-\264\160\377\232\253\306\307\312\156\203\117\102\230\373\046\013
-\332\334\155\326\251\231\125\122\147\351\050\003\222\334\345\260
-\005\232\017\025\371\153\131\162\126\362\372\071\374\252\150\356
-\017\037\020\203\057\374\235\372\027\226\335\202\343\346\105\175
-\300\113\200\104\037\355\054\340\204\375\221\134\222\124\151\045
-\345\142\151\334\345\356\000\122\275\063\013\255\165\002\205\247
-\144\120\055\305\031\031\060\300\046\333\311\323\375\056\231\255
-\131\265\013\115\324\101\256\205\110\103\131\334\267\250\342\242
-\336\303\217\327\270\241\142\246\150\120\122\344\317\061\247\224
-\205\332\237\106\062\027\126\345\362\353\146\075\022\377\103\333
-\230\357\167\317\313\201\215\064\261\306\120\112\046\321\344\076
-\101\120\257\154\256\042\064\056\325\153\156\203\272\171\270\166
-\145\110\332\011\051\144\143\042\271\373\107\166\205\214\206\104
-\313\011\333\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\265\066\016\135
-\341\141\050\132\021\145\300\077\203\003\171\115\276\050\246\013
-\007\002\122\205\315\370\221\320\020\154\265\152\040\133\034\220
-\331\060\074\306\110\236\212\136\144\371\241\161\167\357\004\047
-\037\007\353\344\046\367\163\164\311\104\030\032\146\323\340\103
-\257\221\073\321\313\054\330\164\124\072\034\115\312\324\150\315
-\043\174\035\020\236\105\351\366\000\156\246\315\031\377\117\054
-\051\217\127\115\304\167\222\276\340\114\011\373\135\104\206\146
-\041\250\271\062\242\126\325\351\214\203\174\131\077\304\361\013
-\347\235\354\236\275\234\030\016\076\302\071\171\050\267\003\015
-\010\313\306\347\331\001\067\120\020\354\314\141\026\100\324\257
-\061\164\173\374\077\061\247\320\107\163\063\071\033\314\116\152
-\327\111\203\021\006\376\353\202\130\063\062\114\360\126\254\036
-\234\057\126\232\173\301\112\034\245\375\125\066\316\374\226\115
-\364\260\360\354\267\154\202\355\057\061\231\102\114\251\262\015
-\270\025\135\361\337\272\311\265\112\324\144\230\263\046\251\060
-\310\375\246\354\253\226\041\255\177\302\170\266
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 4"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 4"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\353\063\173\150\114\353\016\302\260\166\012\264\210\047\214
-\335\225\227\335
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\073\075\142\133\011\270\011\066\207\236\022\057\161\144\272
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\320\036\100\213\000\000\167\155\000\000\000\001\000
-\000\000\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\315\272\177\126\360\337\344\274\124\376\042\254\263
-\162\252\125
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\075\060\202\001\246\002\021\000\315\272\177\126\360
-\337\344\274\124\376\042\254\263\162\252\125\060\015\006\011\052
-\206\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071
-\066\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070
-\060\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154
-\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151
-\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201
-\215\000\060\201\211\002\201\201\000\345\031\277\155\243\126\141
-\055\231\110\161\366\147\336\271\215\353\267\236\206\200\012\221
-\016\372\070\045\257\106\210\202\345\163\250\240\233\044\135\015
-\037\314\145\156\014\260\320\126\204\030\207\232\006\233\020\241
-\163\337\264\130\071\153\156\301\366\025\325\250\250\077\252\022
-\006\215\061\254\177\260\064\327\217\064\147\210\011\315\024\021
-\342\116\105\126\151\037\170\002\200\332\334\107\221\051\273\066
-\311\143\134\305\340\327\055\207\173\241\267\062\260\173\060\272
-\052\057\061\252\356\243\147\332\333\002\003\001\000\001\060\015
-\006\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201
-\000\114\077\270\213\306\150\337\356\103\063\016\135\351\246\313
-\007\204\115\172\063\377\222\033\364\066\255\330\225\042\066\150
-\021\154\174\102\314\363\234\056\304\007\077\024\260\017\117\377
-\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051
-\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171
-\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100
-\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173
-\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161
-\224
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204
-\167\257\125\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\227\140\350\127\137\323\120\107\345\103\014\224\066\212\260\142
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\315\272\177\126\360\337\344\274\124\376\042\254\263
-\162\252\125
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\055\033\374\112\027\215\243\221\353\347\377\365\213\105
-\276\013
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\074\060\202\001\245\002\020\055\033\374\112\027\215
-\243\221\353\347\377\365\213\105\276\013\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
-\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
-\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163
-\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155\141
-\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066
-\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060
-\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\266\132\213\243\015\152\043\203
-\200\153\317\071\207\364\041\023\063\006\114\045\242\355\125\022
-\227\305\247\200\271\372\203\301\040\240\372\057\025\015\174\241
-\140\153\176\171\054\372\006\017\072\256\366\033\157\261\322\377
-\057\050\122\137\203\175\113\304\172\267\370\146\037\200\124\374
-\267\302\216\131\112\024\127\106\321\232\223\276\101\221\003\273
-\025\200\223\134\353\347\314\010\154\077\076\263\112\374\377\113
-\154\043\325\120\202\046\104\031\216\043\303\161\352\031\044\107
-\004\236\165\277\310\246\000\037\002\003\001\000\001\060\015\006
-\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000
-\212\033\053\372\071\301\164\327\136\330\031\144\242\130\112\055
-\067\340\063\107\017\254\355\367\252\333\036\344\213\006\134\140
-\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063
-\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005
-\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134
-\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213
-\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003
-\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012
-\117\140\024\052
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\263\234\045\261\303\056\062\123\200\025\060\235\115\002\167\076
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\055\033\374\112\027\215\243\221\353\347\377\365\213\105
-\276\013
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\160\272\344\035\020\331\051\064\266\070\312\173\003\314
-\272\277
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\074\060\202\001\245\002\020\160\272\344\035\020\331
-\051\064\266\070\312\173\003\314\272\277\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
-\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
-\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163
-\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155\141
-\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066
-\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060
-\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\311\134\131\236\362\033\212\001
-\024\264\020\337\004\100\333\343\127\257\152\105\100\217\204\014
-\013\321\063\331\331\021\317\356\002\130\037\045\367\052\250\104
-\005\252\354\003\037\170\177\236\223\271\232\000\252\043\175\326
-\254\205\242\143\105\307\162\047\314\364\114\306\165\161\322\071
-\357\117\102\360\165\337\012\220\306\216\040\157\230\017\370\254
-\043\137\160\051\066\244\311\206\347\261\232\040\313\123\245\205
-\347\075\276\175\232\376\044\105\063\334\166\025\355\017\242\161
-\144\114\145\056\201\150\105\247\002\003\001\000\001\060\015\006
-\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000
-\273\114\022\053\317\054\046\000\117\024\023\335\246\373\374\012
-\021\204\214\363\050\034\147\222\057\174\266\305\372\337\360\350
-\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116
-\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320
-\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234
-\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075
-\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237
-\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305
-\076\141\164\342
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\020\374\143\135\366\046\076\015\363\045\276\137\171\315\147\147
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\160\272\344\035\020\331\051\064\266\070\312\173\003\314
-\272\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\114\307\352\252\230\076\161\323\223\020\370\075\072\211
-\221\222
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\114\307\352\252\230\076
-\161\323\223\020\370\075\072\211\221\222\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\252\320
-\272\276\026\055\270\203\324\312\322\017\274\166\061\312\224\330
-\035\223\214\126\002\274\331\157\032\157\122\066\156\165\126\012
-\125\323\337\103\207\041\021\145\212\176\217\275\041\336\153\062
-\077\033\204\064\225\005\235\101\065\353\222\353\226\335\252\131
-\077\001\123\155\231\117\355\345\342\052\132\220\301\271\304\246
-\025\317\310\105\353\246\135\216\234\076\360\144\044\166\245\315
-\253\032\157\266\330\173\121\141\156\246\177\207\310\342\267\345
-\064\334\101\210\352\011\100\276\163\222\075\153\347\165\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\251\117\303\015\307\147\276\054\313\331
-\250\315\055\165\347\176\025\236\073\162\353\176\353\134\055\011
-\207\326\153\155\140\174\345\256\305\220\043\014\134\112\320\257
-\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166
-\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245
-\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352
-\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152
-\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274
-\017\061\134\350\362\331
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142
-\365\062\345\107
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\333\043\075\371\151\372\113\271\225\200\104\163\136\175\101\203
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\114\307\352\252\230\076\161\323\223\020\370\075\072\211
-\221\222
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\271\057\140\314\210\237\241\172\106\011\270\133\160
-\154\212\257
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\003\060\202\002\154\002\021\000\271\057\140\314\210
-\237\241\172\106\011\270\133\160\154\212\257\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154
-\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151
-\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
-\062\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060
-\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156
-\040\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036
-\027\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027
-\015\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201
-\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013
-\023\063\103\154\141\163\163\040\062\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061
-\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
-\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
-\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
-\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\247
-\210\001\041\164\054\347\032\003\360\230\341\227\074\017\041\010
-\361\234\333\227\351\232\374\302\004\006\023\276\137\122\310\314
-\036\054\022\126\054\270\001\151\054\314\231\037\255\260\226\256
-\171\004\362\023\071\301\173\230\272\010\054\350\302\204\023\054
-\252\151\351\011\364\307\251\002\244\102\302\043\117\112\330\360
-\016\242\373\061\154\311\346\157\231\047\007\365\346\364\114\170
-\236\155\353\106\206\372\271\206\311\124\362\262\304\257\324\106
-\034\132\311\025\060\377\015\154\365\055\016\155\316\177\167\002
-\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\201\201\000\162\056\371\177\321\361\161\373\304
-\236\366\305\136\121\212\100\230\270\150\370\233\034\203\330\342
-\235\275\377\355\241\346\146\352\057\011\364\312\327\352\245\053
-\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170
-\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027
-\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163
-\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263
-\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047
-\214\022\173\305\104\264\256
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010
-\033\147\354\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\055\273\345\045\323\321\145\202\072\267\016\372\346\353\342\341
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\271\057\140\314\210\237\241\172\106\011\270\133\160
-\154\212\257
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\175\331\376\007\317\250\036\267\020\171\147\373\247\211
-\064\306
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\175\331\376\007\317\250
-\036\267\020\171\147\373\247\211\064\306\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\314\136
-\321\021\135\134\151\320\253\323\271\152\114\231\037\131\230\060
-\216\026\205\040\106\155\107\077\324\205\040\204\341\155\263\370
-\244\355\014\361\027\017\073\371\247\371\045\327\301\317\204\143
-\362\174\143\317\242\107\362\306\133\063\216\144\100\004\150\301
-\200\271\144\034\105\167\307\330\156\365\225\051\074\120\350\064
-\327\170\037\250\272\155\103\221\225\217\105\127\136\176\305\373
-\312\244\004\353\352\227\067\124\060\157\273\001\107\062\063\315
-\334\127\233\144\151\141\370\233\035\034\211\117\134\147\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\121\115\315\276\134\313\230\031\234\025
-\262\001\071\170\056\115\017\147\160\160\231\306\020\132\224\244
-\123\115\124\155\053\257\015\135\100\213\144\323\327\356\336\126
-\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011
-\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342
-\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151
-\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263
-\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130
-\240\235\235\151\221\375
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011
-\350\370\167\017
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\063\233\114\164\170\163\324\154\347\301\363\215\313\134\351
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\175\331\376\007\317\250\036\267\020\171\147\373\247\211
-\064\306
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 4 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\062\210\216\232\322\365\353\023\107\370\177\304\040\067
-\045\370
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\062\210\216\232\322\365
-\353\023\107\370\177\304\040\067\045\370\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\064\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\272\360
-\344\317\371\304\256\205\124\271\007\127\371\217\305\177\150\021
-\370\304\027\260\104\334\343\060\163\325\052\142\052\270\320\314
-\034\355\050\133\176\275\152\334\263\221\044\312\101\142\074\374
-\002\001\277\034\026\061\224\005\227\166\156\242\255\275\141\027
-\154\116\060\206\360\121\067\052\120\307\250\142\201\334\133\112
-\252\301\240\264\156\353\057\345\127\305\261\053\100\160\333\132
-\115\241\216\037\275\003\037\330\003\324\217\114\231\161\274\342
-\202\314\130\350\230\072\206\323\206\070\363\000\051\037\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\205\214\022\301\247\271\120\025\172\313
-\076\254\270\103\212\334\252\335\024\272\211\201\176\001\074\043
-\161\041\210\057\202\334\143\372\002\105\254\105\131\327\052\130
-\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217
-\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062
-\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351
-\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131
-\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117
-\117\312\200\221\266\051
-END
-
-# Trust for Certificate "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374
-\172\275\233\122
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\046\155\054\031\230\266\160\150\070\120\124\031\354\220\064\140
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\062\210\216\232\322\365\353\023\107\370\177\304\040\067
-\045\370
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GlobalSign Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\013\002\000\000\000\000\000\326\170\267\224\005
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\267\224\005\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060
-\060\060\132\027\015\061\064\060\061\062\070\061\062\060\060\060
-\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016
-\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033
-\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123
-\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231
-\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037
-\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034
-\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351
-\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215
-\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351
-\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351
-\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052
-\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365
-\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106
-\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351
-\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274
-\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011
-\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171
-\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052
-\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174
-\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000
-\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\000\006\060\035\006\003\125\035\016\004\026\004\024
-\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064\250
-\377\374\375\113\060\017\006\003\125\035\023\001\001\377\004\005
-\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001
-\001\004\005\000\003\202\001\001\000\256\252\237\374\267\322\313
-\037\137\071\051\050\030\236\064\311\154\117\157\032\360\144\242
-\160\112\117\023\206\233\140\050\236\350\201\111\230\175\012\273
-\345\260\235\075\066\333\217\005\121\377\011\061\052\037\335\211
-\167\236\017\056\154\225\004\355\206\313\264\000\077\204\002\115
-\200\152\052\055\170\013\256\157\053\242\203\104\203\037\315\120
-\202\114\044\257\275\367\245\264\310\132\017\364\347\107\136\111
-\216\067\226\376\232\210\005\072\331\300\333\051\207\346\031\226
-\107\247\072\246\214\213\074\167\376\106\143\247\123\332\041\321
-\254\176\111\242\113\346\303\147\131\057\263\212\016\273\054\275
-\251\252\102\174\065\301\330\177\325\247\061\072\116\143\103\071
-\257\010\260\141\064\214\323\230\251\103\064\366\017\207\051\073
-\235\302\126\130\230\167\303\367\033\254\366\235\370\076\252\247
-\124\105\360\365\371\325\061\145\376\153\130\234\161\263\036\327
-\122\352\062\027\374\100\140\035\311\171\044\262\366\154\375\250
-\146\016\202\335\230\313\332\302\104\117\056\240\173\362\367\153
-\054\166\021\204\106\212\170\243\343
-END
-
-# Trust for Certificate "GlobalSign Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\057\027\077\175\351\226\147\257\245\172\370\012\242\321\261\057
-\254\203\003\070
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\253\277\352\343\153\051\246\314\246\170\065\231\357\255\053\200
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\013\002\000\000\000\000\000\326\170\267\224\005
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert Class 1 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 1 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\061\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\065\062\062\062\063\064\070\132\027\015\061\071\060\066\062
-\065\062\062\062\063\064\070\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\061\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\330\131\202\172\211\270\226\272\246\057\150\157\130
-\056\247\124\034\006\156\364\352\215\110\274\061\224\027\360\363
-\116\274\262\270\065\222\166\260\320\245\245\001\327\000\003\022
-\042\031\010\370\377\021\043\233\316\007\365\277\151\032\046\376
-\116\351\321\177\235\054\100\035\131\150\156\246\370\130\260\235
-\032\217\323\077\361\334\031\006\201\250\016\340\072\335\310\123
-\105\011\006\346\017\160\303\372\100\246\016\342\126\005\017\030
-\115\374\040\202\321\163\125\164\215\166\162\240\035\235\035\300
-\335\077\161\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\120\150\075\111\364
-\054\034\006\224\337\225\140\177\226\173\027\376\117\161\255\144
-\310\335\167\322\357\131\125\350\077\350\216\005\052\041\362\007
-\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326
-\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152
-\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105
-\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360
-\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355
-\161\202\053\231\317\072\267\365\055\162\310
-END
-
-# Trust for Certificate "ValiCert Class 1 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 1 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201
-\020\237\344\216
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\145\130\253\025\255\127\154\036\250\247\265\151\254\277\377\353
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert Class 2 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 2 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\062\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\066\060\060\061\071\065\064\132\027\015\061\071\060\066\062
-\066\060\060\061\071\065\064\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\062\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\316\072\161\312\345\253\310\131\222\125\327\253\330
-\164\016\371\356\331\366\125\107\131\145\107\016\005\125\334\353
-\230\066\074\134\123\135\323\060\317\070\354\275\101\211\355\045
-\102\011\044\153\012\136\263\174\335\122\055\114\346\324\326\175
-\132\131\251\145\324\111\023\055\044\115\034\120\157\265\301\205
-\124\073\376\161\344\323\134\102\371\200\340\221\032\012\133\071
-\066\147\363\077\125\174\033\077\264\137\144\163\064\343\264\022
-\277\207\144\370\332\022\377\067\047\301\263\103\273\357\173\156
-\056\151\367\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\073\177\120\157\157
-\120\224\231\111\142\070\070\037\113\370\245\310\076\247\202\201
-\366\053\307\350\305\316\350\072\020\202\313\030\000\216\115\275
-\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356
-\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120
-\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041
-\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002
-\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370
-\276\355\164\114\274\133\325\142\037\103\335
-END
-
-# Trust for Certificate "ValiCert Class 2 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 2 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267
-\330\361\374\246
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\251\043\165\233\272\111\066\156\061\302\333\362\347\146\272\207
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "RSA Root Certificate 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Root Certificate 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\063\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\066\060\060\062\062\063\063\132\027\015\061\071\060\066\062
-\066\060\060\062\062\063\063\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\063\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\343\230\121\226\034\350\325\261\006\201\152\127\303
-\162\165\223\253\317\236\246\374\363\026\122\326\055\115\237\065
-\104\250\056\004\115\007\111\212\070\051\365\167\067\347\267\253
-\135\337\066\161\024\231\217\334\302\222\361\347\140\222\227\354
-\330\110\334\277\301\002\040\306\044\244\050\114\060\132\166\155
-\261\134\363\335\336\236\020\161\241\210\307\133\233\101\155\312
-\260\270\216\025\356\255\063\053\317\107\004\134\165\161\012\230
-\044\230\051\247\111\131\245\335\370\267\103\142\141\363\323\342
-\320\125\077\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\126\273\002\130\204
-\147\010\054\337\037\333\173\111\063\365\323\147\235\364\264\012
-\020\263\311\305\054\342\222\152\161\170\047\362\160\203\102\323
-\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311
-\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250
-\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274
-\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300
-\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010
-\040\017\105\176\153\242\177\243\214\025\356
-END
-
-# Trust for Certificate "RSA Root Certificate 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Root Certificate 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363
-\354\252\065\373
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\157\123\267\356\100\333\112\150\347\372\030\331\020\113\162
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110
-\316\261\244
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204
-\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170
-\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046
-\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033
-\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016
-\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155
-\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116
-\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325
-\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312
-\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114
-\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333
-\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240
-\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170
-\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366
-\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264
-\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301
-\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153
-\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146
-\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132
-\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052
-\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262
-\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370
-\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201
-\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151
-\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367
-\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066
-\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361
-\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354
-\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216
-\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042
-\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170
-\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043
-\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243
-\113\336\006\226\161\054\362\333\266\037\244\357\077\356
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321
-\351\216\106\245
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110
-\316\261\244
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120
-\133\172
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137
-\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162
-\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167
-\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143
-\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054
-\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150
-\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061
-\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151
-\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061
-\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062
-\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023
-\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061
-\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151
-\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103
-\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040
-\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120
-\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055
-\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367
-\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
-\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224
-\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364
-\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301
-\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316
-\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213
-\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040
-\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030
-\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040
-\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262
-\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150
-\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304
-\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366
-\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315
-\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106
-\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131
-\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304
-\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025
-\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336
-\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214
-\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363
-\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256
-\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337
-\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156
-\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224
-\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373
-\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276
-\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110
-\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153
-\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045
-\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317
-\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263
-\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125
-\311\130\020\371\252\357\132\266\317\113\113\337\052
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257
-\237\353\143\021
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120
-\133\172
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161
-\051\357\127
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243
-\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033
-\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221
-\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166
-\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255
-\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130
-\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316
-\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256
-\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127
-\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211
-\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146
-\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302
-\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114
-\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311
-\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063
-\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123
-\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256
-\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024
-\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336
-\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177
-\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053
-\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036
-\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107
-\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317
-\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202
-\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112
-\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217
-\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151
-\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246
-\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156
-\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255
-\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126
-\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255
-\153\271\012\172\116\117\113\204\356\113\361\175\335\021
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166
-\140\233\134\306
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161
-\051\357\127
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 4 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\354\240\247\213\156\165\152\001\317\304\174\314\057
-\224\136\327
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\354\240\247\213\156
-\165\152\001\317\304\174\314\057\224\136\327\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\255\313\245\021\151\306\131\253\361\217\265
-\031\017\126\316\314\265\037\040\344\236\046\045\113\340\163\145
-\211\131\336\320\203\344\365\017\265\273\255\361\174\350\041\374
-\344\350\014\356\174\105\042\031\166\222\264\023\267\040\133\011
-\372\141\256\250\362\245\215\205\302\052\326\336\146\066\322\233
-\002\364\250\222\140\174\234\151\264\217\044\036\320\206\122\366
-\062\234\101\130\036\042\275\315\105\142\225\010\156\320\146\335
-\123\242\314\360\020\334\124\163\213\004\241\106\063\063\134\027
-\100\271\236\115\323\363\276\125\203\350\261\211\216\132\174\232
-\226\042\220\073\210\045\362\322\123\210\002\014\013\170\362\346
-\067\027\113\060\106\007\344\200\155\246\330\226\056\350\054\370
-\021\263\070\015\146\246\233\352\311\043\133\333\216\342\363\023
-\216\032\131\055\252\002\360\354\244\207\146\334\301\077\365\330
-\271\364\354\202\306\322\075\225\035\345\300\117\204\311\331\243
-\104\050\006\152\327\105\254\360\153\152\357\116\137\370\021\202
-\036\070\143\064\146\120\324\076\223\163\372\060\303\146\255\377
-\223\055\227\357\003\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\217\372
-\045\153\117\133\344\244\116\047\125\253\042\025\131\074\312\265
-\012\324\112\333\253\335\241\137\123\305\240\127\071\302\316\107
-\053\276\072\310\126\277\302\331\047\020\072\261\005\074\300\167
-\061\273\072\323\005\173\155\232\034\060\214\200\313\223\223\052
-\203\253\005\121\202\002\000\021\147\153\363\210\141\107\137\003
-\223\325\133\015\340\361\324\241\062\065\205\262\072\333\260\202
-\253\321\313\012\274\117\214\133\305\113\000\073\037\052\202\246
-\176\066\205\334\176\074\147\000\265\344\073\122\340\250\353\135
-\025\371\306\155\360\255\035\016\205\267\251\232\163\024\132\133
-\217\101\050\300\325\350\055\115\244\136\315\252\331\355\316\334
-\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205
-\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136
-\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177
-\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304
-\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347
-\367\146\103\363\236\203\076\040\252\303\065\140\221\316
-END
-
-# Trust for Certificate "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363
-\024\225\163\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\333\310\362\047\056\261\352\152\051\043\135\376\126\076\063\337
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\354\240\247\213\156\165\152\001\317\304\174\314\057
-\224\136\327
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\067\112\322\103
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\330\060\202\004\101\240\003\002\001\002\002\004\067
-\112\322\103\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\201\303\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\073\060\071\006\003\125\004
-\013\023\062\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\120\123\040\151\156\143\157\162\160\056\040\142
-\171\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154
-\151\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034
-\050\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164
-\056\156\145\164\040\114\151\155\151\164\145\144\061\072\060\070
-\006\003\125\004\003\023\061\105\156\164\162\165\163\164\056\156
-\145\164\040\123\145\143\165\162\145\040\123\145\162\166\145\162
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\060\036\027\015\071\071\060\065
-\062\065\061\066\060\071\064\060\132\027\015\061\071\060\065\062
-\065\061\066\063\071\064\060\132\060\201\303\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004
-\012\023\013\105\156\164\162\165\163\164\056\156\145\164\061\073
-\060\071\006\003\125\004\013\023\062\167\167\167\056\145\156\164
-\162\165\163\164\056\156\145\164\057\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164
-\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040
-\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\201
-\235\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\201\213\000\060\201\207\002\201\201\000\315\050\203\064\124
-\033\211\363\017\257\067\221\061\377\257\061\140\311\250\350\262
-\020\150\355\237\347\223\066\361\012\144\273\107\365\004\027\077
-\043\107\115\305\047\031\201\046\014\124\162\015\210\055\331\037
-\232\022\237\274\263\161\323\200\031\077\107\146\173\214\065\050
-\322\271\012\337\044\332\234\326\120\171\201\172\132\323\067\367
-\302\112\330\051\222\046\144\321\344\230\154\072\000\212\365\064
-\233\145\370\355\343\020\377\375\270\111\130\334\240\336\202\071
-\153\201\261\026\031\141\271\124\266\346\103\002\001\003\243\202
-\001\327\060\202\001\323\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\202\001\031\006\003\125
-\035\037\004\202\001\020\060\202\001\014\060\201\336\240\201\333
-\240\201\330\244\201\325\060\201\322\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\024\060\022\006\003\125\004\012\023
-\013\105\156\164\162\165\163\164\056\156\145\164\061\073\060\071
-\006\003\125\004\013\023\062\167\167\167\056\145\156\164\162\165
-\163\164\056\156\145\164\057\103\120\123\040\151\156\143\157\162
-\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151
-\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125
-\004\013\023\034\050\143\051\040\061\071\071\071\040\105\156\164
-\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144
-\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165
-\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145
-\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\061\015\060\013
-\006\003\125\004\003\023\004\103\122\114\061\060\051\240\047\240
-\045\206\043\150\164\164\160\072\057\057\167\167\167\056\145\156
-\164\162\165\163\164\056\156\145\164\057\103\122\114\057\156\145
-\164\061\056\143\162\154\060\053\006\003\125\035\020\004\044\060
-\042\200\017\061\071\071\071\060\065\062\065\061\066\060\071\064
-\060\132\201\017\062\060\061\071\060\065\062\065\061\066\060\071
-\064\060\132\060\013\006\003\125\035\017\004\004\003\002\001\006
-\060\037\006\003\125\035\043\004\030\060\026\200\024\360\027\142
-\023\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320
-\032\060\035\006\003\125\035\016\004\026\004\024\360\027\142\023
-\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320\032
-\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\031
-\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012\033
-\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\220\334\060\002
-\372\144\164\302\247\012\245\174\041\215\064\027\250\373\107\016
-\377\045\174\215\023\012\373\344\230\265\357\214\370\305\020\015
-\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145
-\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030
-\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035
-\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255
-\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076
-\155\055\105\013\367\012\223\352\355\006\371\262
-END
-
-# Trust for Certificate "Entrust.net Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374
-\061\176\025\071
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\337\362\200\163\314\361\346\141\163\374\365\102\351\305\174\356
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\067\112\322\103
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Secure Personal CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Personal CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\003\221\356
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\355\060\202\004\126\240\003\002\001\002\002\004\070
-\003\221\356\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\311\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004
-\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146
-\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141
-\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
-\027\015\071\071\061\060\061\062\061\071\062\064\063\060\132\027
-\015\061\071\061\060\061\062\061\071\065\064\063\060\132\060\201
-\311\061\013\060\011\006\003\125\004\006\023\002\125\123\061\024
-\060\022\006\003\125\004\012\023\013\105\156\164\162\165\163\164
-\056\156\145\164\061\110\060\106\006\003\125\004\013\024\077\167
-\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\103
-\154\151\145\156\164\137\103\101\137\111\156\146\157\057\103\120
-\123\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146
-\056\040\154\151\155\151\164\163\040\154\151\141\142\056\061\045
-\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071
-\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151
-\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052
-\105\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145
-\156\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\201\235\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\201\213\000
-\060\201\207\002\201\201\000\310\072\231\136\061\027\337\254\047
-\157\220\173\344\031\377\105\243\064\302\333\301\250\117\360\150
-\352\204\375\237\165\171\317\301\212\121\224\257\307\127\003\107
-\144\236\255\202\033\132\332\177\067\170\107\273\067\230\022\226
-\316\306\023\175\357\322\014\060\121\251\071\236\125\370\373\261
-\347\060\336\203\262\272\076\361\325\211\073\073\205\272\252\164
-\054\376\077\061\156\257\221\225\156\006\324\007\115\113\054\126
-\107\030\004\122\332\016\020\223\277\143\220\233\341\337\214\346
-\002\244\346\117\136\367\213\002\001\003\243\202\001\340\060\202
-\001\334\060\021\006\011\140\206\110\001\206\370\102\001\001\004
-\004\003\002\000\007\060\202\001\042\006\003\125\035\037\004\202
-\001\031\060\202\001\025\060\201\344\240\201\341\240\201\336\244
-\201\333\060\201\330\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004
-\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146
-\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141
-\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015
-\060\013\006\003\125\004\003\023\004\103\122\114\061\060\054\240
-\052\240\050\206\046\150\164\164\160\072\057\057\167\167\167\056
-\145\156\164\162\165\163\164\056\156\145\164\057\103\122\114\057
-\103\154\151\145\156\164\061\056\143\162\154\060\053\006\003\125
-\035\020\004\044\060\042\200\017\061\071\071\071\061\060\061\062
-\061\071\062\064\063\060\132\201\017\062\060\061\071\061\060\061
-\062\061\071\062\064\063\060\132\060\013\006\003\125\035\017\004
-\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026
-\200\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312
-\231\164\213\225\352\114\060\035\006\003\125\035\016\004\026\004
-\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312\231
-\164\213\225\352\114\060\014\006\003\125\035\023\004\005\060\003
-\001\001\377\060\031\006\011\052\206\110\206\366\175\007\101\000
-\004\014\060\012\033\004\126\064\056\060\003\002\004\220\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201
-\000\077\256\212\361\327\146\003\005\236\076\372\352\034\106\273
-\244\133\217\170\232\022\110\231\371\364\065\336\014\066\007\002
-\153\020\072\211\024\201\234\061\246\174\262\101\262\152\347\007
-\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363
-\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070
-\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003
-\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332
-\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134
-\354
-END
-
-# Trust for Certificate "Entrust.net Secure Personal CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Personal CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125
-\262\371\365\200
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\014\101\057\023\133\240\124\365\226\146\055\176\315\016\003\364
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\003\221\356
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Premium 2048 Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\143\271\146
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\134\060\202\003\104\240\003\002\001\002\002\004\070
-\143\271\146\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
-\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
-\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061
-\062\062\064\061\067\065\060\065\061\132\027\015\061\071\061\062
-\062\064\061\070\062\060\065\061\132\060\201\264\061\024\060\022
-\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
-\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
-\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123
-\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
-\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
-\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056
-\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
-\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051
-\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
-\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052
-\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100
-\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223
-\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036
-\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245
-\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167
-\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227
-\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211
-\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140
-\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123
-\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316
-\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337
-\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077
-\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220
-\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016
-\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007
-\341\002\003\001\000\001\243\164\060\162\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\037\006
-\003\125\035\043\004\030\060\026\200\024\125\344\201\321\021\200
-\276\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035
-\006\003\125\035\016\004\026\004\024\125\344\201\321\021\200\276
-\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035\006
-\011\052\206\110\206\366\175\007\101\000\004\020\060\016\033\010
-\126\065\056\060\072\064\056\060\003\002\004\220\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
-\131\107\254\041\204\212\027\311\234\211\123\036\272\200\205\032
-\306\074\116\076\261\234\266\174\306\222\135\030\144\002\343\323
-\006\010\021\141\174\143\343\053\235\061\003\160\166\322\243\050
-\240\364\273\232\143\163\355\155\345\052\333\355\024\251\053\306
-\066\021\320\053\353\007\213\245\332\236\134\031\235\126\022\365
-\124\051\310\005\355\262\022\052\215\364\003\033\377\347\222\020
-\207\260\072\265\303\235\005\067\022\243\307\364\025\271\325\244
-\071\026\233\123\072\043\221\361\250\202\242\152\210\150\301\171
-\002\042\274\252\246\326\256\337\260\024\137\270\207\320\335\174
-\177\173\377\257\034\317\346\333\007\255\136\333\205\235\320\053
-\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211
-\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315
-\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074
-\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331
-\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162
-\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305
-END
-
-# Trust for Certificate "Entrust.net Premium 2048 Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104
-\074\052\130\376
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\272\041\352\040\326\335\333\217\301\127\213\100\255\241\374\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\143\271\146
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154
-\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156
-\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004
-\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143
-\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163
-\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061
-\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057
-\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145
-\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011
-\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164
-\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061
-\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065
-\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007
-\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144
-\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060
-\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164
-\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023
-\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
-\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150
-\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145
-\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110
-\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154
-\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327
-\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361
-\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265
-\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146
-\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221
-\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142
-\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163
-\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117
-\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060
-\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000
-\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001
-\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002
-\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051
-\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031
-\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154
-\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270
-\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334
-\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242
-\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032
-\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332
-\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171
-\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041
-\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146
-\246\167\067\270\125\074\255\376\145\260\142\351
-END
-
-# Trust for Certificate "ValiCert OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151
-\017\027\077\163
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Baltimore CyberTrust Code Signing Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\002\000\000\277
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002
-\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003
-\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123
-\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060
-\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065
-\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060
-\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003
-\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023
-\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162
-\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141
-\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165
-\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040
-\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374
-\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046
-\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373
-\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066
-\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264
-\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073
-\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207
-\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327
-\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221
-\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003
-\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106
-\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132
-\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073
-\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222
-\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305
-\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237
-\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023
-\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005
-\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101
-\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207
-\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006
-\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042
-\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126
-\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375
-\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303
-\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215
-\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225
-\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107
-\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104
-\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124
-\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276
-\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341
-\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046
-\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363
-\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301
-\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341
-\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017
-\306\003\256\254\343\277\267\300\252\052
-END
-
-# Trust for Certificate "Baltimore CyberTrust Code Signing Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174
-\140\126\173\015
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\002\000\000\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Baltimore CyberTrust Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\002\000\000\271
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002
-\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003
-\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036
-\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027
-\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060
-\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162
-\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145
-\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023
-\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162
-\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253
-\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200
-\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005
-\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353
-\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271
-\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055
-\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212
-\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033
-\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172
-\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256
-\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230
-\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353
-\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162
-\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077
-\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072
-\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236
-\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001
-\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345
-\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265
-\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060
-\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001
-\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367
-\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344
-\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144
-\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166
-\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141
-\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215
-\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061
-\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377
-\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300
-\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364
-\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174
-\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275
-\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163
-\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021
-\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017
-\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322
-\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374
-\347\201\035\031\303\044\102\352\143\071\251
-END
-
-# Trust for Certificate "Baltimore CyberTrust Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050
-\122\312\344\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\002\000\000\271
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Baltimore CyberTrust Mobile Commerce Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\002\000\000\270
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002
-\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003
-\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145
-\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061
-\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063
-\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006
-\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102
-\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004
-\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060
-\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162
-\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142
-\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201
-\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336
-\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324
-\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040
-\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214
-\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322
-\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055
-\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342
-\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016
-\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035
-\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132
-\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
-\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
-\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343
-\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344
-\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117
-\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144
-\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022
-\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135
-\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342
-\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146
-\365
-END
-
-# Trust for Certificate "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377
-\151\267\072\161
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\002\000\000\270
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Equifax Secure Global eBusiness CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure Global eBusiness CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\220\060\202\001\371\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053
-\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123
-\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165
-\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\071
-\071\060\066\062\061\060\064\060\060\060\060\132\027\015\062\060
-\060\066\062\061\060\064\060\060\060\060\132\060\132\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\034\060\032\006\003
-\125\004\012\023\023\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\111\156\143\056\061\055\060\053\006\003\125\004
-\003\023\044\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\107\154\157\142\141\154\040\145\102\165\163\151\156\145
-\163\163\040\103\101\055\061\060\201\237\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211
-\002\201\201\000\272\347\027\220\002\145\261\064\125\074\111\302
-\121\325\337\247\321\067\217\321\347\201\163\101\122\140\233\235
-\241\027\046\170\255\307\261\350\046\224\062\265\336\063\215\072
-\057\333\362\232\172\132\163\230\243\134\351\373\212\163\033\134
-\347\303\277\200\154\315\251\364\326\053\300\367\371\231\252\143
-\242\261\107\002\017\324\344\121\072\022\074\154\212\132\124\204
-\160\333\301\305\220\317\162\105\313\250\131\300\315\063\235\077
-\243\226\353\205\063\041\034\076\036\076\140\156\166\234\147\205
-\305\310\303\141\002\003\001\000\001\243\146\060\144\060\021\006
-\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250
-\240\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153
-\150\154\060\035\006\003\125\035\016\004\026\004\024\276\250\240
-\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150
-\154\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000
-\003\201\201\000\060\342\001\121\252\307\352\137\332\271\320\145
-\017\060\326\076\332\015\024\111\156\221\223\047\024\061\357\304
-\367\055\105\370\354\307\277\242\101\015\043\264\222\371\031\000
-\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320
-\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145
-\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257
-\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263
-\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031
-\126\224\251\125
-END
-
-# Trust for Certificate "Equifax Secure Global eBusiness CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure Global eBusiness CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312
-\331\012\031\105
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\217\135\167\006\047\304\230\074\133\223\170\347\327\175\233\314
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure eBusiness CA 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\202\060\202\001\353\240\003\002\001\002\002\001\004
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060\044
-\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040\123
-\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163\040
-\103\101\055\061\060\036\027\015\071\071\060\066\062\061\060\064
-\060\060\060\060\132\027\015\062\060\060\066\062\061\060\064\060
-\060\060\060\132\060\123\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\034\060\032\006\003\125\004\012\023\023\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\111\156\143
-\056\061\046\060\044\006\003\125\004\003\023\035\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\145\102\165\163\151
-\156\145\163\163\040\103\101\055\061\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\316\057\031\274\027\267\167\336\223\251
-\137\132\015\027\117\064\032\014\230\364\042\331\131\324\304\150
-\106\360\264\065\305\205\003\040\306\257\105\245\041\121\105\101
-\353\026\130\066\062\157\342\120\142\144\371\375\121\234\252\044
-\331\364\235\203\052\207\012\041\323\022\070\064\154\215\000\156
-\132\240\331\102\356\032\041\225\371\122\114\125\132\305\017\070
-\117\106\372\155\370\056\065\326\035\174\353\342\360\260\165\200
-\310\251\023\254\276\210\357\072\156\253\137\052\070\142\002\260
-\022\173\376\217\246\003\002\003\001\000\001\243\146\060\144\060
-\021\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002
-\000\007\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\037\006\003\125\035\043\004\030\060\026\200\024
-\112\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152
-\107\174\114\241\060\035\006\003\125\035\016\004\026\004\024\112
-\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152\107
-\174\114\241\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\003\201\201\000\165\133\250\233\003\021\346\351\126\114
-\315\371\251\114\300\015\232\363\314\145\151\346\045\166\314\131
-\267\326\124\303\035\315\231\254\031\335\264\205\325\340\075\374
-\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176
-\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274
-\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174
-\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215
-\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315
-\132\052\202\262\067\171
-END
-
-# Trust for Certificate "Equifax Secure eBusiness CA 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365
-\267\321\212\101
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\144\234\357\056\104\374\306\217\122\007\320\121\163\217\313\075
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure eBusiness CA 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\067\160\317\265
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\067
-\160\317\265\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003
-\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101
-\055\062\060\036\027\015\071\071\060\066\062\063\061\062\061\064
-\064\065\132\027\015\061\071\060\066\062\063\061\062\061\064\064
-\065\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003
-\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101
-\055\062\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\344
-\071\071\223\036\122\006\033\050\066\370\262\243\051\305\355\216
-\262\021\275\376\353\347\264\164\302\217\377\005\347\331\235\006
-\277\022\310\077\016\362\326\321\044\262\021\336\321\163\011\212
-\324\261\054\230\011\015\036\120\106\262\203\246\105\215\142\150
-\273\205\033\040\160\062\252\100\315\246\226\137\304\161\067\077
-\004\363\267\101\044\071\007\032\036\056\141\130\240\022\013\345
-\245\337\305\253\352\067\161\314\034\310\067\072\271\227\122\247
-\254\305\152\044\224\116\234\173\317\300\152\326\337\041\275\002
-\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003
-\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060
-\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004\013
-\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162\145
-\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062\061
-\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032
-\006\003\125\035\020\004\023\060\021\201\017\062\060\061\071\060
-\066\062\063\061\062\061\064\064\065\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\120\236\013\352\257\136\271\040\110\246\120\152
-\313\375\330\040\172\247\202\166\060\035\006\003\125\035\016\004
-\026\004\024\120\236\013\352\257\136\271\040\110\246\120\152\313
-\375\330\040\172\247\202\166\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007
-\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006
-\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\201\201\000\014\206\202\255\350\116\032\365\216\211\047\342
-\065\130\075\051\264\007\217\066\120\225\277\156\301\236\353\304
-\220\262\205\250\273\267\102\340\017\007\071\337\373\236\220\262
-\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347
-\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050
-\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365
-\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240
-\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341
-\221\060\352\315
-END
-
-# Trust for Certificate "Equifax Secure eBusiness CA 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350
-\202\263\205\314
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\252\277\277\144\227\332\230\035\157\306\010\072\225\160\063\312
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\067\160\317\265
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Visa International Global Root 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\003\036
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003
-\036\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062\060\036\027\015\060\060\060\070\061\066\062\062\065
-\061\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071
-\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123
-\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123
-\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151
-\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040
-\122\157\157\164\040\062\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\251\001\160\265\252\304\100\360\253
-\152\046\141\171\031\000\374\277\233\067\131\014\257\157\144\033
-\370\332\225\224\044\151\063\021\160\312\343\126\164\242\027\127
-\144\134\040\006\341\326\357\161\267\073\367\253\301\151\320\111
-\244\261\004\327\364\127\142\211\134\260\165\055\027\044\151\343
-\102\140\344\356\164\326\253\200\126\330\210\050\341\373\155\042
-\375\043\174\106\163\117\176\124\163\036\250\054\125\130\165\267
-\114\363\132\105\245\002\032\372\332\235\303\105\303\042\136\363
-\213\361\140\051\322\307\137\264\014\072\121\203\357\060\370\324
-\347\307\362\372\231\243\042\120\276\371\005\067\243\255\355\232
-\303\346\354\210\033\266\031\047\033\070\213\200\115\354\271\307
-\305\211\313\374\032\062\355\043\360\265\001\130\371\366\217\340
-\205\251\114\011\162\071\022\333\263\365\317\116\142\144\332\306
-\031\025\072\143\035\351\027\125\241\114\042\074\064\062\106\370
-\145\127\272\053\357\066\214\152\372\331\331\104\364\252\335\204
-\327\015\034\262\124\254\062\205\264\144\015\336\101\273\261\064
-\306\001\206\062\144\325\237\002\003\001\000\001\243\102\060\100
-\060\035\006\003\125\035\016\004\026\004\024\236\175\113\064\277
-\161\255\302\005\366\003\165\200\316\251\117\032\304\044\114\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
-\202\001\001\000\041\245\166\024\125\371\255\047\160\217\074\364
-\325\154\310\314\012\253\243\230\013\212\006\043\305\311\141\333
-\231\007\151\065\046\061\376\307\056\204\302\231\141\324\015\351
-\175\056\023\053\174\216\205\266\205\307\113\317\065\266\054\107
-\075\316\051\057\330\157\237\211\034\144\223\277\010\275\166\320
-\220\212\224\263\177\050\133\156\254\115\063\054\355\145\334\026
-\314\342\315\256\244\075\142\222\006\225\046\277\337\271\344\040
-\246\163\152\301\276\367\224\104\326\115\157\052\013\153\030\115
-\164\020\066\150\152\132\301\152\247\335\066\051\214\270\060\213
-\117\041\077\000\056\124\060\007\072\272\212\344\303\236\312\330
-\265\330\173\316\165\105\146\007\364\155\055\330\172\312\351\211
-\212\362\043\330\057\313\156\000\066\117\373\360\057\001\314\017
-\300\042\145\364\253\342\116\141\055\003\202\175\221\026\265\060
-\325\024\336\136\307\220\374\241\374\253\020\257\134\153\160\247
-\007\357\051\206\350\262\045\307\040\377\046\335\167\357\171\104
-\024\304\275\335\073\305\003\233\167\043\354\240\354\273\132\071
-\265\314\255\006
-END
-
-# Trust for Certificate "Visa International Global Root 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\311\015\033\352\210\075\247\321\027\276\073\171\364\041\016\032
-\130\224\247\055
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\065\110\225\066\112\124\132\162\226\216\340\144\314\357\054\214
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\003\036
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "beTRUSTed Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\071\117\175\207
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071
-\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127
-\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122
-\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124
-\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036
-\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027
-\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060
-\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145
-\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122
-\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032
-\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124
-\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023
-\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064
-\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372
-\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117
-\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117
-\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232
-\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014
-\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163
-\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026
-\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327
-\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034
-\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065
-\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215
-\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266
-\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201
-\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143
-\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001
-\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001
-\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125
-\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012
-\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202
-\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032
-\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150
-\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142
-\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165
-\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157
-\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151
-\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164
-\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151
-\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040
-\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162
-\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164
-\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146
-\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145
-\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164
-\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123
-\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145
-\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026
-\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124
-\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164
-\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060
-\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006
-\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061
-\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003
-\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315
-\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125
-\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330
-\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
-\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313
-\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350
-\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306
-\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247
-\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366
-\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226
-\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073
-\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036
-\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000
-\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226
-\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071
-\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334
-\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363
-\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034
-\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077
-\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256
-END
-
-# Trust for Certificate "beTRUSTed Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114
-\106\364\160\070
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\071\117\175\207
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Low-Value Services Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Low-Value Services Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144
-\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103
-\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060
-\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061
-\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004
-\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013
-\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006
-\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124
-\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003
-\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154
-\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001
-\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226
-\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043
-\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245
-\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003
-\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126
-\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247
-\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242
-\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215
-\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245
-\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373
-\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274
-\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041
-\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232
-\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233
-\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302
-\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061
-\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003
-\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016
-\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011
-\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004
-\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201
-\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321
-\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145
-\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060
-\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164
-\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144
-\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157
-\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144
-\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101
-\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033
-\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227
-\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105
-\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036
-\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063
-\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043
-\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036
-\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030
-\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256
-\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123
-\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145
-\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030
-\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173
-\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200
-\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317
-\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344
-\065\341\035\026\034\320\274\053\216\326\161\331
-END
-
-# Trust for Certificate "AddTrust Low-Value Services Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Low-Value Services Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353
-\044\343\224\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "AddTrust External Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust External Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101
-\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154
-\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040
-\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040
-\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164
-\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070
-\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355
-\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244
-\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345
-\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375
-\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117
-\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232
-\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327
-\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023
-\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117
-\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327
-\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171
-\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070
-\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315
-\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043
-\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053
-\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064
-\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006
-\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367
-\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125
-\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264
-\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163
-\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123
-\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
-\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013
-\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162
-\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061
-\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165
-\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122
-\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302
-\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331
-\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107
-\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245
-\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065
-\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071
-\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044
-\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030
-\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302
-\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152
-\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247
-\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027
-\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236
-\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163
-\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132
-\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202
-\027\132\173\320\274\307\217\116\206\004
-END
-
-# Trust for Certificate "AddTrust External Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust External Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133
-\150\205\030\150
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Public Services Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Public Services Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
-\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
-\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
-\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
-\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144
-\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101
-\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061
-\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060
-\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006
-\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101
-\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003
-\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124
-\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125
-\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142
-\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217
-\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151
-\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125
-\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362
-\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305
-\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327
-\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167
-\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325
-\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317
-\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121
-\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136
-\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207
-\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263
-\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320
-\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105
-\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353
-\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000
-\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026
-\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252
-\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003
-\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060
-\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253
-\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013
-\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006
-\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101
-\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124
-\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153
-\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162
-\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157
-\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332
-\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272
-\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332
-\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262
-\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277
-\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175
-\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132
-\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050
-\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307
-\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146
-\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341
-\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266
-\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120
-\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046
-\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035
-\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362
-\116\072\063\014\053\263\055\220\006
-END
-
-# Trust for Certificate "AddTrust Public Services Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Public Services Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231
-\162\054\226\345
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Qualified Certificates Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144
-\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144
-\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065
-\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063
-\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003
-\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012
-\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060
-\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164
-\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041
-\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040
-\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157
-\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137
-\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052
-\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322
-\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022
-\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106
-\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050
-\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052
-\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042
-\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076
-\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255
-\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024
-\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370
-\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341
-\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065
-\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113
-\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145
-\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006
-\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324
-\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125
-\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134
-\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153
-\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123
-\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
-\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013
-\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116
-\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023
-\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146
-\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001
-\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357
-\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125
-\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263
-\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146
-\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043
-\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152
-\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227
-\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311
-\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262
-\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267
-\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056
-\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033
-\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130
-\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335
-\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336
-\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350
-\306\241
-END
-
-# Trust for Certificate "AddTrust Qualified Certificates Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036
-\305\115\213\317
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\053\150\324\243\106\236\305\073\050\011\253\070\135\177
-\047\040
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\053
-\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132
-\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\271\355\136\172\072\167\137\316\137\072
-\122\374\315\144\367\161\265\157\152\226\306\131\222\125\224\135
-\057\133\056\301\021\352\046\212\313\247\201\074\366\132\104\336
-\172\023\057\375\132\121\331\173\067\046\112\300\047\077\004\003
-\152\126\301\203\054\341\157\133\251\124\120\044\112\306\056\172
-\114\241\133\067\124\044\041\061\037\241\170\030\166\247\261\160
-\332\042\320\152\376\007\142\100\306\367\366\233\175\014\006\270
-\113\307\050\344\146\043\204\121\357\106\267\223\330\201\063\313
-\345\066\254\306\350\005\002\003\001\000\001\243\202\001\020\060
-\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\061\060\061\006\003\125\035\037\004\052\060\050
-\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\061\056\143\162\154\060\023\006\003\125\035\045\004
-\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006
-\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006
-\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164
-\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147
-\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165
-\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013
-\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006
-\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163
-\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056
-\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002
-\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201
-\201\000\160\220\335\270\344\276\123\027\174\177\002\351\325\367
-\213\231\223\061\140\215\176\346\140\153\044\357\140\254\322\316
-\221\336\200\155\011\244\323\270\070\345\104\312\162\136\015\055
-\301\167\234\275\054\003\170\051\215\244\245\167\207\365\361\053
-\046\255\314\007\154\072\124\132\050\340\011\363\115\012\004\312
-\324\130\151\013\247\263\365\335\001\245\347\334\360\037\272\301
-\135\220\215\263\352\117\301\021\131\227\152\262\053\023\261\332
-\255\227\241\263\261\240\040\133\312\062\253\215\317\023\360\037
-\051\303
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\004\226\110\344\112\311\314\255\105\203\230\331\074\175\221\365
-\042\104\033\212
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\176\157\072\123\033\174\276\260\060\333\103\036\036\224\211\262
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\053\150\324\243\106\236\305\073\050\011\253\070\135\177
-\047\040
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 2 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\011\106\027\346\035\330\324\034\240\014\240\142\350\171
-\212\247
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\011
-\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\061\060\060\060\060\060\060\132
-\027\015\060\064\060\067\063\061\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\320\312\143\061\141\177\104\064\174\005
-\175\013\075\152\220\313\171\113\167\012\077\113\307\043\345\300
-\142\055\176\234\176\076\210\207\221\320\254\350\115\111\207\242
-\226\220\212\335\004\245\002\077\214\233\351\211\376\142\240\342
-\132\275\310\335\264\170\346\245\102\223\010\147\001\300\040\115
-\327\134\364\135\332\263\343\067\246\122\032\054\114\145\115\212
-\207\331\250\243\361\111\124\273\074\134\200\121\150\306\373\111
-\377\013\125\253\025\335\373\232\301\271\035\164\015\262\214\104
-\135\211\374\237\371\203\002\003\001\000\001\243\202\001\020\060
-\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\062\060\061\006\003\125\035\037\004\052\060\050
-\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\062\056\143\162\154\060\023\006\003\125\035\045\004
-\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006
-\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006
-\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164
-\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147
-\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165
-\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013
-\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006
-\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163
-\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056
-\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002
-\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201
-\201\000\037\175\011\156\044\106\165\004\234\363\046\233\343\071
-\156\027\357\274\275\242\033\322\002\204\206\253\320\100\227\054
-\304\103\210\067\031\153\042\250\003\161\120\235\040\334\066\140
-\040\232\163\055\163\125\154\130\233\054\302\264\064\054\172\063
-\102\312\221\331\351\103\257\317\036\340\365\304\172\253\077\162
-\143\036\251\067\341\133\073\210\263\023\206\202\220\127\313\127
-\377\364\126\276\042\335\343\227\250\341\274\042\103\302\335\115
-\333\366\201\236\222\024\236\071\017\023\124\336\202\330\300\136
-\064\215
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\042\171\151\276\320\122\116\115\035\066\262\361\162\041\167\361
-\124\123\110\167
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\363\105\275\020\226\015\205\113\357\237\021\142\064\247\136\265
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\011\106\027\346\035\330\324\034\240\014\240\142\350\171
-\212\247
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\056\226\236\277\266\142\154\354\173\351\163\314\343\154
-\301\204
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\242\060\202\003\013\240\003\002\001\002\002\020\056
-\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132
-\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\361\344\010\016\203\273\165\343\110\345
-\270\333\246\360\271\253\351\074\142\307\136\065\133\320\002\124
-\021\330\311\321\126\271\166\113\271\253\172\346\315\272\366\014
-\004\326\176\326\260\012\145\254\116\071\343\361\367\055\243\045
-\071\357\260\213\317\276\333\014\135\156\160\364\007\315\160\367
-\072\300\076\065\026\355\170\214\103\317\302\046\056\107\326\206
-\175\234\361\276\326\147\014\042\045\244\312\145\346\037\172\170
-\050\057\077\005\333\004\041\277\341\105\146\376\074\267\202\355
-\132\270\026\025\271\125\002\003\001\000\001\243\202\001\024\060
-\202\001\020\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\063\060\065\006\003\125\035\037\004\056\060\054
-\060\052\240\050\240\046\206\044\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\063\056\061\056\061\056\143\162\154\060\023\006\003
-\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007\003
-\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066\060
-\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046\026
-\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145\162
-\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057\163
-\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060\073
-\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001\060
-\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150
-\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163
-\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003\125
-\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004\003
-\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\002\366\123\143\300\251\036\362\320\213
-\063\060\217\110\233\114\260\126\264\203\161\112\276\334\120\330
-\365\266\340\013\333\275\170\117\351\317\011\064\332\051\111\235
-\001\163\132\221\221\202\124\054\023\012\323\167\043\317\067\374
-\143\336\247\343\366\267\265\151\105\050\111\303\221\334\252\107
-\034\251\210\231\054\005\052\215\215\212\372\142\342\132\267\000
-\040\135\071\304\050\302\313\374\236\250\211\256\133\075\216\022
-\352\062\262\374\353\024\327\011\025\032\300\315\033\325\265\025
-\116\101\325\226\343\116
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\265\355\267\332\046\072\126\164\322\042\105\060\324\307\217\172
-\007\365\345\137
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\121\222\311\166\203\230\026\336\214\263\206\304\175\146\373
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\056\226\236\277\266\142\154\354\173\351\163\314\343\154
-\301\204
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Secure Server OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Secure Server OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003
-\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145
-\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\377\105\325\047\135\044\373\263\302\071\044\123\127
-\341\117\336
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\237\060\202\003\014\240\003\002\001\002\002\021\000
-\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117\336
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040
-\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141\164
-\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143\056
-\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060
-\132\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132
-\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003
-\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145
-\162\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\270\121
-\231\144\205\016\356\263\012\150\360\277\143\166\035\123\365\374
-\241\170\214\063\356\237\364\276\071\332\233\017\115\107\251\217
-\040\350\113\104\275\316\315\173\220\321\060\350\220\304\045\173
-\211\050\336\275\366\223\035\377\271\377\222\265\251\215\344\256
-\314\342\303\007\203\152\243\162\020\001\047\142\042\246\065\046
-\071\055\236\317\140\014\374\107\244\327\320\102\170\247\035\154
-\320\313\117\025\247\051\012\264\225\105\304\261\347\132\011\327
-\071\225\330\035\065\236\302\275\263\135\301\014\113\037\002\003
-\001\000\001\243\202\001\035\060\202\001\031\060\040\006\003\125
-\035\021\004\031\060\027\244\025\060\023\061\021\060\017\006\003
-\125\004\003\023\010\117\103\123\120\040\061\055\064\060\076\006
-\003\125\035\037\004\067\060\065\060\063\240\061\240\057\206\055
-\150\164\164\160\072\057\057\143\162\154\056\166\145\162\151\163
-\151\147\156\056\143\157\155\057\122\123\101\123\145\143\165\162
-\145\123\145\162\166\145\162\055\160\056\143\162\154\060\023\006
-\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007
-\003\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066
-\060\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046
-\026\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145
-\162\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057
-\163\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060
-\073\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001
-\060\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034
-\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151
-\163\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003
-\125\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004
-\003\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\176\000\000\263\020\123\146\234\111\223\056\061
-\240\002\102\322\130\127\176\146\241\376\033\212\141\030\120\100
-\054\036\053\101\245\326\333\377\254\010\034\132\005\155\002\134
-\052\266\226\117\107\333\276\116\333\316\314\272\206\270\030\316
-\261\022\221\137\143\367\363\110\076\314\361\115\023\344\155\011
-\224\170\000\222\313\243\040\235\006\013\152\240\103\007\316\321
-\031\154\217\030\165\232\237\027\063\375\251\046\270\343\342\336
-\302\250\304\132\212\177\230\326\007\006\153\314\126\236\206\160
-\316\324\357
-END
-
-# Trust for Certificate "Verisign Secure Server OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Secure Server OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\161\236\140\141\327\175\054\203\361\242\135\074\366\215\002\274
-\224\070\305\056
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\054\142\303\330\200\001\026\011\352\131\352\170\253\020\103\366
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\377\105\325\047\135\044\373\263\302\071\044\123\127
-\341\117\336
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Time Stamping Authority CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Time Stamping Authority CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\245\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\162\160\141\040\050\143\051\060\060\061\054\060\052\006\003
-\125\004\003\023\043\126\145\162\151\123\151\147\156\040\124\151
-\155\145\040\123\164\141\155\160\151\156\147\040\101\165\164\150
-\157\162\151\164\171\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\123\141\262\140\256\333\161\216\247\224\263\023\063\364
-\007\011
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\315\060\202\003\066\240\003\002\001\002\002\020\123
-\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
-\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013
-\023\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061
-\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
-\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
-\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
-\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\060\036\027\015\060\060\060\071\062\066\060\060\060\060
-\060\060\132\027\015\061\060\060\071\062\065\062\063\065\071\065
-\071\132\060\201\245\061\027\060\025\006\003\125\004\012\023\016
-\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061\037
-\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147
-\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061
-\073\060\071\006\003\125\004\013\023\062\124\145\162\155\163\040
-\157\146\040\165\163\145\040\141\164\040\150\164\164\160\163\072
-\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056\143
-\157\155\057\162\160\141\040\050\143\051\060\060\061\054\060\052
-\006\003\125\004\003\023\043\126\145\162\151\123\151\147\156\040
-\124\151\155\145\040\123\164\141\155\160\151\156\147\040\101\165
-\164\150\157\162\151\164\171\040\103\101\060\201\237\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000
-\060\201\211\002\201\201\000\322\031\235\147\302\000\041\131\142
-\316\264\011\042\104\151\212\370\045\132\333\355\015\267\066\176
-\116\340\273\224\076\220\045\207\302\141\107\051\331\275\124\270
-\143\314\054\175\151\264\063\066\364\067\007\232\301\335\100\124
-\374\340\170\235\240\223\271\011\075\043\121\177\104\302\024\164
-\333\012\276\313\311\060\064\100\230\076\320\327\045\020\201\224
-\275\007\117\234\326\124\047\337\056\250\277\313\220\214\215\165
-\113\274\342\350\104\207\315\346\101\012\045\156\350\364\044\002
-\305\122\017\156\354\230\165\002\003\001\000\001\243\201\337\060
-\201\334\060\017\006\003\125\035\023\004\010\060\006\001\001\377
-\002\001\000\060\105\006\003\125\035\040\004\076\060\074\060\072
-\006\014\140\206\110\001\206\370\105\001\007\027\001\003\060\052
-\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164
-\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163\151
-\147\156\056\143\157\155\057\162\160\141\060\061\006\003\125\035
-\037\004\052\060\050\060\046\240\044\240\042\206\040\150\164\164
-\160\072\057\057\143\162\154\056\166\145\162\151\163\151\147\156
-\056\143\157\155\057\160\143\141\063\056\143\162\154\060\013\006
-\003\125\035\017\004\004\003\002\001\006\060\102\006\010\053\006
-\001\005\005\007\001\001\004\066\060\064\060\062\006\010\053\006
-\001\005\005\007\060\001\246\046\026\044\150\164\164\160\072\057
-\057\157\143\163\160\056\166\145\162\151\163\151\147\156\056\143
-\157\155\057\157\143\163\160\057\163\164\141\164\165\163\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
-\000\202\160\150\225\337\266\015\302\001\160\031\112\322\124\126
-\036\254\362\105\114\207\270\365\065\353\170\113\005\251\310\235
-\073\031\041\056\160\064\112\242\365\211\340\025\165\105\347\050
-\067\000\064\047\051\350\067\113\362\357\104\227\153\027\121\032
-\303\126\235\074\032\212\366\112\106\106\067\214\372\313\365\144
-\132\070\150\056\034\303\357\160\316\270\106\006\026\277\367\176
-\347\265\250\076\105\254\251\045\165\042\173\157\077\260\234\224
-\347\307\163\253\254\037\356\045\233\300\026\355\267\312\133\360
-\024
-END
-
-# Trust for Certificate "Verisign Time Stamping Authority CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Time Stamping Authority CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\246\017\064\310\142\154\201\366\213\367\175\251\366\147\130\212
-\220\077\175\066
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\211\111\124\214\310\150\232\203\051\354\334\006\163\041\253\227
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\123\141\262\140\256\333\161\216\247\224\263\023\063\364
-\007\011
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Time Stamping CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Time Stamping CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\241\060\202\002\012\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007\023
-\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060\015
-\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035\060
-\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060\035
-\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124\151
-\155\145\163\164\141\155\160\151\156\147\040\103\101\060\036\027
-\015\071\067\060\061\060\061\060\060\060\060\060\060\132\027\015
-\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\213
-\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060
-\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040
-\103\141\160\145\061\024\060\022\006\003\125\004\007\023\013\104
-\165\162\142\141\156\166\151\154\154\145\061\017\060\015\006\003
-\125\004\012\023\006\124\150\141\167\164\145\061\035\060\033\006
-\003\125\004\013\023\024\124\150\141\167\164\145\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\061\037\060\035\006\003
-\125\004\003\023\026\124\150\141\167\164\145\040\124\151\155\145
-\163\164\141\155\160\151\156\147\040\103\101\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\326\053\130\170\141\105\206\123
-\352\064\173\121\234\355\260\346\056\030\016\376\340\137\250\047
-\323\264\311\340\174\131\116\026\016\163\124\140\301\177\366\237
-\056\351\072\205\044\025\074\333\107\004\143\303\236\304\224\032
-\132\337\114\172\363\331\103\035\074\020\172\171\045\333\220\376
-\360\121\347\060\326\101\000\375\237\050\337\171\276\224\273\235
-\266\024\343\043\205\327\251\101\340\114\244\171\260\053\032\213
-\362\370\073\212\076\105\254\161\222\000\264\220\101\230\373\137
-\355\372\267\056\212\370\210\067\002\003\001\000\001\243\023\060
-\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\147\333\342\302\346\207\075\100\203\206\067
-\065\175\037\316\232\303\014\146\040\250\272\252\004\211\206\302
-\365\020\010\015\277\313\242\005\212\320\115\066\076\364\327\357
-\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333
-\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220
-\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354
-\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003
-\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031
-\011\254\211\111\323
-END
-
-# Trust for Certificate "Thawte Time Stamping CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Time Stamping CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105
-\010\116\326\126
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\177\146\172\161\323\353\151\170\040\232\121\024\235\203\332\040
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Global Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\233\021\074
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\225\060\202\003\376\240\003\002\001\002\002\004\070
-\233\021\074\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\272\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075\006
-\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151\156
-\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154
-\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043
-\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040
-\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151
-\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156
-\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145
-\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\062\060\064\061\067\062\060\060\060\132
-\027\015\062\060\060\062\060\064\061\067\065\060\060\060\132\060
-\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125\004
-\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157\162
-\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151
-\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125
-\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156\164
-\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144
-\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165
-\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145
-\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201
-\215\000\060\201\211\002\201\201\000\307\301\137\116\161\361\316
-\360\140\206\017\322\130\177\323\063\227\055\027\242\165\060\265
-\226\144\046\057\150\303\104\253\250\165\346\000\147\064\127\236
-\145\307\042\233\163\346\323\335\010\016\067\125\252\045\106\201
-\154\275\376\250\366\165\127\127\214\220\154\112\303\076\213\113
-\103\012\311\021\126\232\232\047\042\231\317\125\236\141\331\002
-\342\174\266\174\070\007\334\343\177\117\232\271\003\101\200\266
-\165\147\023\013\237\350\127\066\310\135\000\066\336\146\024\332
-\156\166\037\117\067\214\202\023\211\002\003\001\000\001\243\202
-\001\244\060\202\001\240\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\201\343\006\003\125\035
-\037\004\201\333\060\201\330\060\201\325\240\201\322\240\201\317
-\244\201\314\060\201\311\061\024\060\022\006\003\125\004\012\023
-\013\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075
-\006\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165
-\163\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105
-\156\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\061\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060
-\053\006\003\125\035\020\004\044\060\042\200\017\062\060\060\060
-\060\062\060\064\061\067\062\060\060\060\132\201\017\062\060\062
-\060\060\062\060\064\061\067\065\060\060\060\132\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043
-\004\030\060\026\200\024\313\154\300\153\343\273\076\313\374\042
-\234\376\373\213\222\234\260\362\156\042\060\035\006\003\125\035
-\016\004\026\004\024\313\154\300\153\343\273\076\313\374\042\234
-\376\373\213\222\234\260\362\156\042\060\014\006\003\125\035\023
-\004\005\060\003\001\001\377\060\035\006\011\052\206\110\206\366
-\175\007\101\000\004\020\060\016\033\010\126\065\056\060\072\064
-\056\060\003\002\004\220\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\142\333\201\221\316\310\232
-\167\102\057\354\275\047\243\123\017\120\033\352\116\222\360\251
-\257\251\240\272\110\141\313\357\311\006\357\037\325\364\356\337
-\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205
-\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021
-\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154
-\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124
-\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274
-\005\377\154\211\063\360\354\025\017
-END
-
-# Trust for Certificate "Entrust.net Global Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366
-\045\072\110\223
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\235\146\152\314\377\325\365\103\264\277\214\026\321\053\250\231
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\233\021\074
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Global Secure Personal CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Personal CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\236\366\344
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\203\060\202\003\354\240\003\002\001\002\002\004\070
-\236\366\344\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
-\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\107\103\103\101\137\103\120\123\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
-\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145\156
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\060\036\027\015\060\060\060
-\062\060\067\061\066\061\066\064\060\132\027\015\062\060\060\062
-\060\067\061\066\064\066\064\060\132\060\201\264\061\024\060\022
-\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
-\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
-\056\145\156\164\162\165\163\164\056\156\145\164\057\107\103\103
-\101\137\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
-\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
-\143\051\040\062\060\060\060\040\105\156\164\162\165\163\164\056
-\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
-\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
-\164\040\103\154\151\145\156\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\201\215\000\060\201\211\002\201\201\000\223\164\264
-\266\344\305\113\326\241\150\177\142\325\354\367\121\127\263\162
-\112\230\365\320\211\311\255\143\315\115\065\121\152\204\324\255
-\311\150\171\157\270\353\021\333\207\256\134\044\121\023\361\124
-\045\204\257\051\053\237\343\200\342\331\313\335\306\105\111\064
-\210\220\136\001\227\357\352\123\246\335\374\301\336\113\052\045
-\344\351\065\372\125\005\006\345\211\172\352\244\021\127\073\374
-\174\075\066\315\147\065\155\244\251\045\131\275\146\365\371\047
-\344\225\147\326\077\222\200\136\362\064\175\053\205\002\003\001
-\000\001\243\202\001\236\060\202\001\232\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201\335
-\006\003\125\035\037\004\201\325\060\201\322\060\201\317\240\201
-\314\240\201\311\244\201\306\060\201\303\061\024\060\022\006\003
-\125\004\012\023\013\105\156\164\162\165\163\164\056\156\145\164
-\061\100\060\076\006\003\125\004\013\024\067\167\167\167\056\145
-\156\164\162\165\163\164\056\156\145\164\057\107\103\103\101\137
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141\142
-\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\062\060\060\060\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015
-\060\013\006\003\125\004\003\023\004\103\122\114\061\060\053\006
-\003\125\035\020\004\044\060\042\200\017\062\060\060\060\060\062
-\060\067\061\066\061\066\064\060\132\201\017\062\060\062\060\060
-\062\060\067\061\066\064\066\064\060\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\204\213\164\375\305\215\300\377\047\155\040\067
-\105\174\376\055\316\272\323\175\060\035\006\003\125\035\016\004
-\026\004\024\204\213\164\375\305\215\300\377\047\155\040\067\105
-\174\376\055\316\272\323\175\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\035\006\011\052\206\110\206\366\175\007
-\101\000\004\020\060\016\033\010\126\065\056\060\072\064\056\060
-\003\002\004\220\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\116\157\065\200\073\321\212\365\016
-\247\040\313\055\145\125\320\222\364\347\204\265\006\046\203\022
-\204\013\254\073\262\104\356\275\317\100\333\040\016\272\156\024
-\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276
-\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277
-\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172
-\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103
-\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235
-\316\145\146\227\256\046\136
-END
-
-# Trust for Certificate "Entrust.net Global Secure Personal CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Personal CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266
-\266\360\277\163
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\232\167\031\030\355\226\317\337\033\267\016\365\215\271\210\056
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\070\236\366\344
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AOL Time Warner Root Certification Authority 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\346\060\202\002\316\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151
-\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034
-\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141
-\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065
-\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040
-\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\061\060\036\027\015\060\062\060\065\062\071\060
-\066\060\060\060\060\132\027\015\063\067\061\061\062\060\061\065
-\060\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
-\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040
-\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101
-\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156
-\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114
-\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\061\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\231\336\217\303
-\045\243\151\064\350\005\367\164\271\277\132\227\031\271\057\224
-\322\223\345\055\211\312\204\174\077\020\103\033\214\213\174\204
-\130\370\044\174\110\317\052\375\300\025\331\030\176\204\032\027
-\323\333\236\327\312\344\331\327\252\130\121\207\360\360\213\110
-\116\342\302\304\131\151\060\142\266\060\242\214\013\021\231\141
-\065\155\176\357\305\261\031\006\040\022\216\102\341\337\017\226
-\020\122\250\317\234\137\225\024\330\257\073\165\013\061\040\037
-\104\057\242\142\101\263\273\030\041\333\312\161\074\214\354\266
-\271\015\237\357\121\357\115\173\022\362\013\014\341\254\100\217
-\167\177\260\312\170\161\014\135\026\161\160\242\327\302\072\205
-\315\016\232\304\340\000\260\325\045\352\334\053\344\224\055\070
-\234\211\101\127\144\050\145\031\034\266\104\264\310\061\153\216
-\001\173\166\131\045\177\025\034\204\010\174\163\145\040\012\241
-\004\056\032\062\250\232\040\261\234\054\041\131\347\373\317\356
-\160\055\010\312\143\076\054\233\223\031\152\244\302\227\377\267
-\206\127\210\205\154\236\025\026\053\115\054\263\002\003\001\000
-\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
-\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310\330
-\075\174\276\137\022\060\037\006\003\125\035\043\004\030\060\026
-\200\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310
-\330\075\174\276\137\022\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\212\040\030\245\276\263
-\057\264\246\204\000\100\060\051\372\264\024\163\114\171\105\247
-\366\160\340\350\176\144\036\012\225\174\152\141\302\357\116\037
-\276\377\311\231\037\007\141\112\341\135\114\315\255\356\320\122
-\062\331\131\062\274\332\171\162\326\173\011\350\002\201\065\323
-\012\337\021\035\311\171\240\200\115\376\132\327\126\326\355\017
-\052\257\247\030\165\063\014\352\301\141\005\117\152\232\211\362
-\215\271\237\056\357\260\137\132\000\353\276\255\240\370\104\005
-\147\274\313\004\357\236\144\305\351\310\077\005\277\306\057\007
-\034\303\066\161\206\312\070\146\112\315\326\270\113\306\154\247
-\227\073\372\023\055\156\043\141\207\241\143\102\254\302\313\227
-\237\141\150\317\055\114\004\235\327\045\117\012\016\115\220\213
-\030\126\250\223\110\127\334\157\256\275\236\147\127\167\211\120
-\263\276\021\233\105\147\203\206\031\207\323\230\275\010\032\026
-\037\130\202\013\341\226\151\005\113\216\354\203\121\061\007\325
-\324\237\377\131\173\250\156\205\317\323\113\251\111\260\137\260
-\071\050\150\016\163\335\045\232\336\022
-END
-
-# Trust for Certificate "AOL Time Warner Root Certification Authority 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\124\123\134\044\243\247\130\040\176\076\076\323\044\370\026
-\373\041\026\111
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\347\172\334\261\037\156\006\037\164\154\131\026\047\303\113\300
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AOL Time Warner Root Certification Authority 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\346\060\202\003\316\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151
-\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034
-\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141
-\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065
-\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040
-\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\062\060\036\027\015\060\062\060\065\062\071\060
-\066\060\060\060\060\132\027\015\063\067\060\071\062\070\062\063
-\064\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
-\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040
-\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101
-\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156
-\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114
-\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\062\060\202\002\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\002\017\000\060\202\002\012\002\202\002\001\000\264\067\132\010
-\026\231\024\350\125\261\033\044\153\374\307\213\346\207\251\211
-\356\213\231\315\117\100\206\244\266\115\311\331\261\334\074\115
-\015\205\114\025\154\106\213\122\170\237\370\043\375\147\365\044
-\072\150\135\320\367\144\141\101\124\243\213\245\010\322\051\133
-\233\140\117\046\203\321\143\022\126\111\166\244\026\302\245\235
-\105\254\213\204\225\250\026\261\354\237\352\044\032\357\271\127
-\134\232\044\041\054\115\016\161\037\246\254\135\105\164\003\230
-\304\124\214\026\112\101\167\206\225\165\014\107\001\146\140\374
-\025\361\017\352\365\024\170\307\016\327\156\201\034\136\277\136
-\347\072\052\330\227\027\060\174\000\255\010\235\063\257\270\231
-\141\200\213\250\225\176\024\334\022\154\244\320\330\357\100\111
-\002\066\371\156\251\326\035\226\126\004\262\263\055\026\126\206
-\217\331\040\127\200\315\147\020\155\260\114\360\332\106\266\352
-\045\056\106\257\215\260\205\070\064\213\024\046\202\053\254\256
-\231\013\216\024\327\122\275\236\151\303\206\002\013\352\166\165
-\061\011\316\063\031\041\205\103\346\211\055\237\045\067\147\361
-\043\152\322\000\155\227\371\237\347\051\312\335\037\327\006\352
-\270\311\271\011\041\237\310\077\006\305\322\351\022\106\000\116
-\173\010\353\102\075\053\110\156\235\147\335\113\002\344\104\363
-\223\031\245\047\316\151\172\276\147\323\374\120\244\054\253\303
-\153\271\343\200\114\317\005\141\113\053\334\033\271\246\322\320
-\252\365\053\163\373\316\220\065\237\014\122\034\277\134\041\141
-\021\133\025\113\251\044\121\374\244\134\367\027\235\260\322\372
-\007\351\217\126\344\032\214\150\212\004\323\174\132\343\236\242
-\241\312\161\133\242\324\240\347\051\205\135\003\150\052\117\322
-\006\327\075\371\303\003\057\077\145\371\147\036\107\100\323\143
-\017\343\325\216\371\205\253\227\114\263\327\046\353\226\012\224
-\336\205\066\234\310\177\201\011\002\111\052\016\365\144\062\014
-\202\321\272\152\202\033\263\113\164\021\363\214\167\326\237\277
-\334\067\244\247\125\004\057\324\061\350\323\106\271\003\174\332
-\022\116\131\144\267\121\061\061\120\240\312\034\047\331\020\056
-\255\326\275\020\146\053\303\260\042\112\022\133\002\003\001\000
-\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
-\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116\325
-\277\251\304\040\050\060\037\006\003\125\035\043\004\030\060\026
-\200\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116
-\325\277\251\304\040\050\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\002\001\000\073\363\256\312\350\056
-\207\205\373\145\131\347\255\021\024\245\127\274\130\237\044\022
-\127\273\373\077\064\332\356\255\172\052\064\162\160\061\153\307
-\031\230\200\311\202\336\067\167\136\124\213\216\362\352\147\117
-\311\164\204\221\126\011\325\345\172\232\201\266\201\302\255\066
-\344\361\124\021\123\363\064\105\001\046\310\345\032\274\064\104
-\041\336\255\045\374\166\026\167\041\220\200\230\127\235\116\352
-\354\057\252\074\024\173\127\301\176\030\024\147\356\044\306\275
-\272\025\260\322\030\275\267\125\201\254\123\300\350\335\151\022
-\023\102\267\002\265\005\101\312\171\120\156\202\016\161\162\223
-\106\350\235\015\135\275\256\316\051\255\143\325\125\026\200\060
-\047\377\166\272\367\270\326\112\343\331\265\371\122\320\116\100
-\251\307\345\302\062\307\252\166\044\341\153\005\120\353\305\277
-\012\124\345\271\102\074\044\373\267\007\234\060\237\171\132\346
-\340\100\122\025\364\374\252\364\126\371\104\227\207\355\016\145
-\162\136\276\046\373\115\244\055\010\007\336\330\134\240\334\201
-\063\231\030\045\021\167\247\353\375\130\011\054\231\153\033\212
-\363\122\077\032\115\110\140\361\240\366\063\002\123\213\355\045
-\011\270\015\055\355\227\163\354\327\226\037\216\140\016\332\020
-\233\057\030\044\366\246\115\012\371\073\313\165\302\314\057\316
-\044\151\311\012\042\216\131\247\367\202\014\327\327\153\065\234
-\103\000\152\304\225\147\272\234\105\313\270\016\067\367\334\116
-\001\117\276\012\266\003\323\255\212\105\367\332\047\115\051\261
-\110\337\344\021\344\226\106\275\154\002\076\326\121\310\225\027
-\001\025\251\362\252\252\362\277\057\145\033\157\320\271\032\223
-\365\216\065\304\200\207\076\224\057\146\344\351\250\377\101\234
-\160\052\117\052\071\030\225\036\176\373\141\001\074\121\010\056
-\050\030\244\026\017\061\375\072\154\043\223\040\166\341\375\007
-\205\321\133\077\322\034\163\062\335\372\271\370\214\317\002\207
-\172\232\226\344\355\117\211\215\123\103\253\016\023\300\001\025
-\264\171\070\333\374\156\075\236\121\266\270\023\213\147\317\371
-\174\331\042\035\366\135\305\034\001\057\230\350\172\044\030\274
-\204\327\372\334\162\133\367\301\072\150
-END
-
-# Trust for Certificate "AOL Time Warner Root Certification Authority 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\374\041\232\166\021\057\166\301\305\010\203\074\232\057\242\272
-\204\254\010\172
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\001\132\231\303\326\117\251\113\074\073\261\243\253\047\114\277
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "beTRUSTed Root CA-Baltimore Implementation"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA-Baltimore Implementation"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055
-\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055
-\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\074\265\075\106
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\152\060\202\004\122\240\003\002\001\002\002\004\074
-\265\075\106\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142
-\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004
-\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157
-\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\055\102\141\154\164\151\155\157\162\145\040\111\155\160\154
-\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062
-\060\064\061\061\060\067\063\070\065\061\132\027\015\062\062\060
-\064\061\061\060\067\063\070\065\061\132\060\146\061\022\060\020
-\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144
-\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060
-\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145
-\144\040\122\157\157\164\040\103\101\055\102\141\154\164\151\155
-\157\162\145\040\111\155\160\154\145\155\145\156\164\141\164\151
-\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\274\176\304\071\234\214\343\326\034\206\377\312\142
-\255\340\177\060\105\172\216\032\263\270\307\371\321\066\377\042
-\363\116\152\137\204\020\373\146\201\303\224\171\061\322\221\341
-\167\216\030\052\303\024\336\121\365\117\243\053\274\030\026\342
-\265\335\171\336\042\370\202\176\313\201\037\375\047\054\217\372
-\227\144\042\216\370\377\141\243\234\033\036\222\217\300\250\011
-\337\011\021\354\267\175\061\232\032\352\203\041\006\074\237\272
-\134\377\224\352\152\270\303\153\125\064\117\075\062\037\335\201
-\024\340\304\074\315\235\060\370\060\251\227\323\356\314\243\320
-\037\137\034\023\201\324\030\253\224\321\143\303\236\177\065\222
-\236\137\104\352\354\364\042\134\267\350\075\175\244\371\211\251
-\221\262\052\331\353\063\207\356\245\375\343\332\314\210\346\211
-\046\156\307\053\202\320\136\235\131\333\024\354\221\203\005\303
-\136\016\306\052\320\004\335\161\075\040\116\130\047\374\123\373
-\170\170\031\024\262\374\220\122\211\070\142\140\007\264\240\354
-\254\153\120\326\375\271\050\153\357\122\055\072\262\377\361\001
-\100\254\067\002\003\001\000\001\243\202\002\036\060\202\002\032
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060\202
-\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076\000
-\000\001\011\050\203\221\061\060\202\001\217\060\202\001\110\006
-\010\053\006\001\005\005\007\002\002\060\202\001\072\032\202\001
-\066\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040
-\165\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164
-\151\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040
-\141\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156
-\164\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145
-\040\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160
-\154\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144
-\040\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151
-\164\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150
-\145\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\120\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145
-\156\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151
-\156\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145
-\156\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145
-\040\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145
-\124\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145
-\054\040\150\164\164\160\072\057\057\167\167\167\056\142\145\164
-\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165
-\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144
-\145\170\056\150\164\155\154\060\101\006\010\053\006\001\005\005
-\007\002\001\026\065\150\164\164\160\072\057\057\167\167\167\056
-\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160\162
-\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163\057
-\151\156\144\145\170\056\150\164\155\154\060\035\006\003\125\035
-\016\004\026\004\024\105\075\303\251\321\334\077\044\126\230\034
-\163\030\210\152\377\203\107\355\266\060\037\006\003\125\035\043
-\004\030\060\026\200\024\105\075\303\251\321\334\077\044\126\230
-\034\163\030\210\152\377\203\107\355\266\060\016\006\003\125\035
-\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\111\222
-\274\243\356\254\275\372\015\311\213\171\206\034\043\166\260\200
-\131\167\374\332\177\264\113\337\303\144\113\152\116\016\255\362
-\175\131\167\005\255\012\211\163\260\372\274\313\334\215\000\210
-\217\246\240\262\352\254\122\047\277\241\110\174\227\020\173\272
-\355\023\035\232\007\156\313\061\142\022\350\143\003\252\175\155
-\343\370\033\166\041\170\033\237\113\103\214\323\111\206\366\033
-\134\366\056\140\025\323\351\343\173\165\077\320\002\203\320\030
-\202\101\315\145\067\352\216\062\176\275\153\231\135\060\021\310
-\333\110\124\034\073\341\247\023\323\152\110\223\367\075\214\177
-\005\350\316\363\210\052\143\004\270\352\176\130\174\001\173\133
-\341\305\175\357\041\340\215\016\135\121\175\261\147\375\243\275
-\070\066\306\362\070\206\207\032\226\150\140\106\373\050\024\107
-\125\341\247\200\014\153\342\352\337\115\174\220\110\240\066\275
-\011\027\211\177\303\362\323\234\234\343\335\304\033\335\365\267
-\161\263\123\005\211\006\320\313\112\200\301\310\123\220\265\074
-\061\210\027\120\237\311\304\016\213\330\250\002\143\015
-END
-
-# Trust for Certificate "beTRUSTed Root CA-Baltimore Implementation"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA-Baltimore Implementation"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\334\273\236\267\031\113\304\162\005\301\021\165\051\206\203\133
-\123\312\344\370
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\201\065\271\373\373\022\312\030\151\066\353\256\151\170\241\361
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055
-\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\074\265\075\106
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "beTRUSTed Root CA - Entrust Implementation"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - Entrust Implementation"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\074\265\117\100
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\006\121\060\202\005\071\240\003\002\001\002\002\004\074
-\265\117\100\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142
-\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004
-\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157
-\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160\154
-\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062
-\060\064\061\061\060\070\062\064\062\067\132\027\015\062\062\060
-\064\061\061\060\070\065\064\062\067\132\060\146\061\022\060\020
-\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144
-\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060
-\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145
-\144\040\122\157\157\164\040\103\101\040\055\040\105\156\164\162
-\165\163\164\040\111\155\160\154\145\155\145\156\164\141\164\151
-\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\272\364\104\003\252\022\152\265\103\354\125\222\266
-\060\175\065\127\014\333\363\015\047\156\114\367\120\250\233\116
-\053\157\333\365\255\034\113\135\263\251\301\376\173\104\353\133
-\243\005\015\037\305\064\053\060\000\051\361\170\100\262\244\377
-\072\364\001\210\027\176\346\324\046\323\272\114\352\062\373\103
-\167\227\207\043\305\333\103\243\365\052\243\121\136\341\073\322
-\145\151\176\125\025\233\172\347\151\367\104\340\127\265\025\350
-\146\140\017\015\003\373\202\216\243\350\021\173\154\276\307\143
-\016\027\223\337\317\113\256\156\163\165\340\363\252\271\244\300
-\011\033\205\352\161\051\210\101\062\371\360\052\016\154\011\362
-\164\153\146\154\122\023\037\030\274\324\076\367\330\156\040\236
-\312\376\374\041\224\356\023\050\113\327\134\136\014\146\356\351
-\273\017\301\064\261\177\010\166\363\075\046\160\311\213\045\035
-\142\044\014\352\034\165\116\300\022\344\272\023\035\060\051\055
-\126\063\005\273\227\131\176\306\111\117\211\327\057\044\250\266
-\210\100\265\144\222\123\126\044\344\242\240\205\263\136\220\264
-\022\063\315\002\003\001\000\001\243\202\003\005\060\202\003\001
-\060\202\001\267\006\003\125\035\040\004\202\001\256\060\202\001
-\252\060\202\001\246\006\017\053\006\001\004\001\261\076\000\000
-\002\011\050\203\221\061\060\202\001\221\060\202\001\111\006\010
-\053\006\001\005\005\007\002\002\060\202\001\073\032\202\001\067
-\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040\165
-\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164\151
-\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040\141
-\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156\164
-\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145\040
-\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154
-\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040
-\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164
-\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150\145
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\120
-\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145\156
-\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151\156
-\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145\156
-\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040
-\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145\124
-\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145\054
-\040\150\164\164\160\163\072\057\057\167\167\167\056\142\145\164
-\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165
-\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144
-\145\170\056\150\164\155\154\060\102\006\010\053\006\001\005\005
-\007\002\001\026\066\150\164\164\160\163\072\057\057\167\167\167
-\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160
-\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163
-\057\151\156\144\145\170\056\150\164\155\154\060\021\006\011\140
-\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201
-\211\006\003\125\035\037\004\201\201\060\177\060\175\240\173\240
-\171\244\167\060\165\061\022\060\020\006\003\125\004\012\023\011
-\142\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125
-\004\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157
-\157\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023
-\052\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160
-\154\145\155\145\156\164\141\164\151\157\156\061\015\060\013\006
-\003\125\004\003\023\004\103\122\114\061\060\053\006\003\125\035
-\020\004\044\060\042\200\017\062\060\060\062\060\064\061\061\060
-\070\062\064\062\067\132\201\017\062\060\062\062\060\064\061\061
-\060\070\065\064\062\067\132\060\013\006\003\125\035\017\004\004
-\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200
-\024\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044
-\060\252\204\204\026\060\035\006\003\125\035\016\004\026\004\024
-\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044\060
-\252\204\204\026\060\014\006\003\125\035\023\004\005\060\003\001
-\001\377\060\035\006\011\052\206\110\206\366\175\007\101\000\004
-\020\060\016\033\010\126\066\056\060\072\064\056\060\003\002\004
-\220\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\202\001\001\000\052\270\027\316\037\020\224\353\270\232\267
-\271\137\354\332\367\222\044\254\334\222\073\307\040\215\362\231
-\345\135\070\241\302\064\355\305\023\131\134\005\265\053\117\141
-\233\221\373\101\374\374\325\074\115\230\166\006\365\201\175\353
-\335\220\346\321\126\124\332\343\055\014\237\021\062\224\042\001
-\172\366\154\054\164\147\004\314\245\217\216\054\263\103\265\224
-\242\320\175\351\142\177\006\276\047\001\203\236\072\375\212\356
-\230\103\112\153\327\265\227\073\072\277\117\155\264\143\372\063
-\000\064\056\055\155\226\311\173\312\231\143\272\276\364\366\060
-\240\055\230\226\351\126\104\005\251\104\243\141\020\353\202\241
-\147\135\274\135\047\165\252\212\050\066\052\070\222\331\335\244
-\136\000\245\314\314\174\051\052\336\050\220\253\267\341\266\377
-\175\045\013\100\330\252\064\243\055\336\007\353\137\316\012\335
-\312\176\072\175\046\301\142\150\072\346\057\067\363\201\206\041
-\304\251\144\252\357\105\066\321\032\146\174\370\351\067\326\326
-\141\276\242\255\110\347\337\346\164\376\323\155\175\322\045\334
-\254\142\127\251\367
-END
-
-# Trust for Certificate "beTRUSTed Root CA - Entrust Implementation"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - Entrust Implementation"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\162\231\171\023\354\233\015\256\145\321\266\327\262\112\166\243
-\256\302\356\026
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\206\220\217\133\361\362\100\300\367\075\142\265\244\251\073
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\004\074\265\117\100
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "beTRUSTed Root CA - RSA Implementation"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - RSA Implementation"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141
-\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141
-\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\073\131\307\173\315\133\127\236\275\067\122\254\166\264
-\252\032
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\150\060\202\004\120\240\003\002\001\002\002\020\073
-\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\142
-\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125
-\123\124\145\144\061\033\060\031\006\003\125\004\013\023\022\142
-\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101
-\163\061\057\060\055\006\003\125\004\003\023\046\142\145\124\122
-\125\123\124\145\144\040\122\157\157\164\040\103\101\040\055\040
-\122\123\101\040\111\155\160\154\145\155\145\156\164\141\164\151
-\157\156\060\036\027\015\060\062\060\064\061\061\061\061\061\070
-\061\063\132\027\015\062\062\060\064\061\062\061\061\060\067\062
-\065\132\060\142\061\022\060\020\006\003\125\004\012\023\011\142
-\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004
-\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157
-\164\040\103\101\163\061\057\060\055\006\003\125\004\003\023\046
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\040\055\040\122\123\101\040\111\155\160\154\145\155\145\156
-\164\141\164\151\157\156\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\344\272\064\060\011\216\127\320\271
-\006\054\157\156\044\200\042\277\135\103\246\372\117\254\202\347
-\034\150\160\205\033\243\156\265\252\170\331\156\007\113\077\351
-\337\365\352\350\124\241\141\212\016\057\151\165\030\267\014\345
-\024\215\161\156\230\270\125\374\014\225\320\233\156\341\055\210
-\324\072\100\153\222\361\231\226\144\336\333\377\170\364\356\226
-\035\107\211\174\324\276\271\210\167\043\072\011\346\004\236\155
-\252\136\322\310\275\232\116\031\337\211\352\133\016\176\303\344
-\264\360\340\151\073\210\017\101\220\370\324\161\103\044\301\217
-\046\113\073\126\351\377\214\154\067\351\105\255\205\214\123\303
-\140\206\220\112\226\311\263\124\260\273\027\360\034\105\331\324
-\033\031\144\126\012\031\367\314\341\377\206\257\176\130\136\254
-\172\220\037\311\050\071\105\173\242\266\307\234\037\332\205\324
-\041\206\131\060\223\276\123\063\067\366\357\101\317\063\307\253
-\162\153\045\365\363\123\033\014\114\056\361\165\113\357\240\207
-\367\376\212\025\320\154\325\313\371\150\123\271\160\025\023\302
-\365\056\373\103\065\165\055\002\003\001\000\001\243\202\002\030
-\060\202\002\024\060\014\006\003\125\035\023\004\005\060\003\001
-\001\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060
-\202\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076
-\000\000\003\011\050\203\221\061\060\202\001\217\060\101\006\010
-\053\006\001\005\005\007\002\001\026\065\150\164\164\160\072\057
-\057\167\167\167\056\142\145\164\162\165\163\164\145\144\056\143
-\157\155\057\160\162\157\144\165\143\164\163\137\163\145\162\166
-\151\143\145\163\057\151\156\144\145\170\056\150\164\155\154\060
-\202\001\110\006\010\053\006\001\005\005\007\002\002\060\202\001
-\072\032\202\001\066\122\145\154\151\141\156\143\145\040\157\156
-\040\157\162\040\165\163\145\040\157\146\040\164\150\151\163\040
-\103\145\162\164\151\146\151\143\141\164\145\040\143\162\145\141
-\164\145\163\040\141\156\040\141\143\153\156\157\167\154\145\144
-\147\155\145\156\164\040\141\156\144\040\141\143\143\145\160\164
-\141\156\143\145\040\157\146\040\164\150\145\040\164\150\145\156
-\040\141\160\160\154\151\143\141\142\154\145\040\163\164\141\156
-\144\141\162\144\040\164\145\162\155\163\040\141\156\144\040\143
-\157\156\144\151\164\151\157\156\163\040\157\146\040\165\163\145
-\054\040\164\150\145\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\120\162\141\143\164\151\143\145\040\123\164\141
-\164\145\155\145\156\164\040\141\156\144\040\164\150\145\040\122
-\145\154\171\151\156\147\040\120\141\162\164\171\040\101\147\162
-\145\145\155\145\156\164\054\040\167\150\151\143\150\040\143\141
-\156\040\142\145\040\146\157\165\156\144\040\141\164\040\164\150
-\145\040\142\145\124\122\125\123\124\145\144\040\167\145\142\040
-\163\151\164\145\054\040\150\164\164\160\072\057\057\167\167\167
-\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160
-\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163
-\057\151\156\144\145\170\056\150\164\155\154\060\013\006\003\125
-\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004
-\030\060\026\200\024\251\354\024\176\371\331\103\314\123\053\024
-\255\317\367\360\131\211\101\315\031\060\035\006\003\125\035\016
-\004\026\004\024\251\354\024\176\371\331\103\314\123\053\024\255
-\317\367\360\131\211\101\315\031\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\333\227\260\165
-\352\014\304\301\230\312\126\005\300\250\255\046\110\257\055\040
-\350\201\307\266\337\103\301\054\035\165\113\324\102\215\347\172
-\250\164\334\146\102\131\207\263\365\151\155\331\251\236\263\175
-\034\061\301\365\124\342\131\044\111\345\356\275\071\246\153\212
-\230\104\373\233\327\052\203\227\064\055\307\175\065\114\055\064
-\270\076\015\304\354\210\047\257\236\222\375\120\141\202\250\140
-\007\024\123\314\145\023\301\366\107\104\151\322\061\310\246\335
-\056\263\013\336\112\215\133\075\253\015\302\065\122\242\126\067
-\314\062\213\050\205\102\234\221\100\172\160\053\070\066\325\341
-\163\032\037\345\372\176\137\334\326\234\073\060\352\333\300\133
-\047\134\323\163\007\301\302\363\114\233\157\237\033\312\036\252
-\250\070\063\011\130\262\256\374\007\350\066\334\125\272\057\117
-\100\376\172\275\006\246\201\301\223\042\174\206\021\012\006\167
-\110\256\065\267\057\062\232\141\136\213\276\051\237\051\044\210
-\126\071\054\250\322\253\226\003\132\324\110\237\271\100\204\013
-\230\150\373\001\103\326\033\342\011\261\227\034
-END
-
-# Trust for Certificate "beTRUSTed Root CA - RSA Implementation"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - RSA Implementation"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\035\202\131\312\041\047\303\313\301\154\331\062\366\054\145\051
-\214\250\207\022
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\206\102\005\011\274\247\235\354\035\363\056\016\272\330\035\320
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141
-\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\073\131\307\173\315\133\127\236\275\067\122\254\166\264
-\252\032
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "RSA Security 2048 v3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 2048 v3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\062\060\064\070\040\126\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\062\060\064\070\040\126\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\012\001\001\001\000\000\002\174\000\000\000\012\000\000
-\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\141\060\202\002\111\240\003\002\001\002\002\020\012
-\001\001\001\000\000\002\174\000\000\000\012\000\000\000\002\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072
-\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123
-\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006
-\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151
-\164\171\040\062\060\064\070\040\126\063\060\036\027\015\060\061
-\060\062\062\062\062\060\063\071\062\063\132\027\015\062\066\060
-\062\062\062\062\060\063\071\062\063\132\060\072\061\031\060\027
-\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162
-\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013
-\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\062
-\060\064\070\040\126\063\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\267\217\125\161\322\200\335\173\151
-\171\247\360\030\120\062\074\142\147\366\012\225\007\335\346\033
-\363\236\331\322\101\124\153\255\237\174\276\031\315\373\106\253
-\101\150\036\030\352\125\310\057\221\170\211\050\373\047\051\140
-\377\337\217\214\073\311\111\233\265\244\224\316\001\352\076\265
-\143\173\177\046\375\031\335\300\041\275\204\321\055\117\106\303
-\116\334\330\067\071\073\050\257\313\235\032\352\053\257\041\245
-\301\043\042\270\270\033\132\023\207\127\203\321\360\040\347\350
-\117\043\102\260\000\245\175\211\351\351\141\163\224\230\161\046
-\274\055\152\340\367\115\360\361\266\052\070\061\201\015\051\341
-\000\301\121\017\114\122\370\004\132\252\175\162\323\270\207\052
-\273\143\020\003\052\263\241\117\015\132\136\106\267\075\016\365
-\164\354\231\237\371\075\044\201\210\246\335\140\124\350\225\066
-\075\306\011\223\232\243\022\200\000\125\231\031\107\275\320\245
-\174\303\272\373\037\367\365\017\370\254\271\265\364\067\230\023
-\030\336\205\133\267\014\202\073\207\157\225\071\130\060\332\156
-\001\150\027\042\314\300\013\002\003\001\000\001\243\143\060\141
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\007\303
-\121\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261
-\235\214\060\035\006\003\125\035\016\004\026\004\024\007\303\121
-\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261\235
-\214\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\202\001\001\000\137\076\206\166\156\270\065\074\116\066\034
-\036\171\230\277\375\325\022\021\171\122\016\356\061\211\274\335
-\177\371\321\306\025\041\350\212\001\124\015\072\373\124\271\326
-\143\324\261\252\226\115\242\102\115\324\123\037\213\020\336\177
-\145\276\140\023\047\161\210\244\163\343\204\143\321\244\125\341
-\120\223\346\033\016\171\320\147\274\106\310\277\077\027\015\225
-\346\306\220\151\336\347\264\057\336\225\175\320\022\077\075\076
-\177\115\077\024\150\365\021\120\325\301\364\220\245\010\035\061
-\140\377\140\214\043\124\012\257\376\241\156\305\321\172\052\150
-\170\317\036\202\012\040\264\037\255\345\205\262\152\150\165\116
-\255\045\067\224\205\276\275\241\324\352\267\014\113\074\235\350
-\022\000\360\137\254\015\341\254\160\143\163\367\177\171\237\062
-\045\102\164\005\200\050\277\275\301\044\226\130\025\261\027\041
-\351\211\113\333\007\210\147\364\025\255\160\076\057\115\205\073
-\302\267\333\376\230\150\043\211\341\164\017\336\364\305\204\143
-\051\033\314\313\007\311\000\244\251\327\302\042\117\147\327\167
-\354\040\005\141\336
-END
-
-# Trust for Certificate "RSA Security 2048 v3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 2048 v3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\045\001\220\031\317\373\331\231\034\267\150\045\164\215\224\137
-\060\223\225\102
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\167\015\031\261\041\375\000\102\234\076\014\245\335\013\002\216
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\062\060\064\070\040\126\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\012\001\001\001\000\000\002\174\000\000\000\012\000\000
-\000\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "RSA Security 1024 v3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 1024 v3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\061\060\062\064\040\126\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\061\060\062\064\040\126\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\012\001\001\001\000\000\002\174\000\000\000\013\000\000
-\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\134\060\202\001\305\240\003\002\001\002\002\020\012
-\001\001\001\000\000\002\174\000\000\000\013\000\000\000\002\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072
-\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123
-\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006
-\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151
-\164\171\040\061\060\062\064\040\126\063\060\036\027\015\060\061
-\060\062\062\062\062\061\060\061\064\071\132\027\015\062\066\060
-\062\062\062\062\060\060\061\064\071\132\060\072\061\031\060\027
-\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162
-\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013
-\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\061
-\060\062\064\040\126\063\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\325\335\376\146\011\317\044\074\076\256\201\116\116
-\212\304\151\200\133\131\073\337\271\115\114\312\265\055\303\047
-\055\074\257\000\102\155\274\050\246\226\317\177\327\130\254\203
-\012\243\125\265\173\027\220\025\204\114\212\356\046\231\334\130
-\357\307\070\246\252\257\320\216\102\310\142\327\253\254\251\373
-\112\175\277\352\376\022\115\335\377\046\055\157\066\124\150\310
-\322\204\126\356\222\123\141\011\263\077\071\233\250\311\233\275
-\316\237\176\324\031\152\026\051\030\276\327\072\151\334\045\133
-\063\032\121\002\003\001\000\001\243\143\060\141\060\017\006\003
-\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
-\003\125\035\017\001\001\377\004\004\003\002\001\006\060\037\006
-\003\125\035\043\004\030\060\026\200\024\304\300\034\244\007\224
-\375\315\115\001\324\124\332\245\014\137\336\256\005\132\060\035
-\006\003\125\035\016\004\026\004\024\304\300\034\244\007\224\375
-\315\115\001\324\124\332\245\014\137\336\256\005\132\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000
-\077\055\152\343\046\103\225\175\211\227\145\373\165\344\162\035
-\106\127\304\141\153\151\237\022\233\054\325\132\350\300\242\360
-\103\225\343\037\351\166\315\334\353\274\223\240\145\012\307\115
-\117\137\247\257\242\106\024\271\014\363\314\275\152\156\267\235
-\336\045\102\320\124\377\236\150\163\143\334\044\353\042\277\250
-\162\362\136\000\341\015\116\072\103\156\231\116\077\211\170\003
-\230\312\363\125\314\235\256\216\301\252\105\230\372\217\032\240
-\215\210\043\361\025\101\015\245\106\076\221\077\213\353\367\161
-END
-
-# Trust for Certificate "RSA Security 1024 v3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 1024 v3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\074\273\135\340\374\326\071\174\005\210\345\146\227\275\106\052
-\275\371\134\166
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\072\345\120\260\071\276\307\106\066\063\241\376\202\076\215\224
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\061\060\062\064\040\126\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\012\001\001\001\000\000\002\174\000\000\000\013\000\000
-\000\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GeoTrust Global CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GeoTrust Global CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
-\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
-\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
-\154\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
-\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
-\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
-\154\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\003\002\064\126
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\124\060\202\002\074\240\003\002\001\002\002\003\002
-\064\126\060\015\006\011\052\206\110\206\367\015\001\001\005\005
-\000\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
-\165\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004
-\003\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142
-\141\154\040\103\101\060\036\027\015\060\062\060\065\062\061\060
-\064\060\060\060\060\132\027\015\062\062\060\065\062\061\060\064
-\060\060\060\060\132\060\102\061\013\060\011\006\003\125\004\006
-\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015\107
-\145\157\124\162\165\163\164\040\111\156\143\056\061\033\060\031
-\006\003\125\004\003\023\022\107\145\157\124\162\165\163\164\040
-\107\154\157\142\141\154\040\103\101\060\202\001\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
-\000\060\202\001\012\002\202\001\001\000\332\314\030\143\060\375
-\364\027\043\032\126\176\133\337\074\154\070\344\161\267\170\221
-\324\274\241\330\114\370\250\103\266\003\351\115\041\007\010\210
-\332\130\057\146\071\051\275\005\170\213\235\070\350\005\267\152
-\176\161\244\346\304\140\246\260\357\200\344\211\050\017\236\045
-\326\355\203\363\255\246\221\307\230\311\102\030\065\024\235\255
-\230\106\222\056\117\312\361\207\103\301\026\225\127\055\120\357
-\211\055\200\172\127\255\362\356\137\153\322\000\215\271\024\370
-\024\025\065\331\300\106\243\173\162\310\221\277\311\125\053\315
-\320\227\076\234\046\144\314\337\316\203\031\161\312\116\346\324
-\325\173\251\031\315\125\336\310\354\322\136\070\123\345\134\117
-\214\055\376\120\043\066\374\146\346\313\216\244\071\031\000\267
-\225\002\071\221\013\016\376\070\056\321\035\005\232\366\115\076
-\157\017\007\035\257\054\036\217\140\071\342\372\066\123\023\071
-\324\136\046\053\333\075\250\024\275\062\353\030\003\050\122\004
-\161\345\253\063\075\341\070\273\007\066\204\142\234\171\352\026
-\060\364\137\300\053\350\161\153\344\371\002\003\001\000\001\243
-\123\060\121\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\300
-\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145\270
-\312\314\116\060\037\006\003\125\035\043\004\030\060\026\200\024
-\300\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145
-\270\312\314\116\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\001\001\000\065\343\051\152\345\057\135\124
-\216\051\120\224\237\231\032\024\344\217\170\052\142\224\242\047
-\147\236\320\317\032\136\107\351\301\262\244\317\335\101\032\005
-\116\233\113\356\112\157\125\122\263\044\241\067\012\353\144\166
-\052\056\054\363\375\073\165\220\277\372\161\330\307\075\067\322
-\265\005\225\142\271\246\336\211\075\066\173\070\167\110\227\254
-\246\040\217\056\246\311\014\302\262\231\105\000\307\316\021\121
-\042\042\340\245\352\266\025\110\011\144\352\136\117\164\367\005
-\076\307\212\122\014\333\025\264\275\155\233\345\306\261\124\150
-\251\343\151\220\266\232\245\017\270\271\077\040\175\256\112\265
-\270\234\344\035\266\253\346\224\245\301\307\203\255\333\365\047
-\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002
-\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115
-\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325
-\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013
-\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355
-\302\005\146\200\241\313\346\063
-END
-
-# Trust for Certificate "GeoTrust Global CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GeoTrust Global CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\336\050\364\244\377\345\271\057\243\305\003\321\243\111\247\371
-\226\052\202\022
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\367\165\253\051\373\121\116\267\167\136\377\005\074\231\216\365
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
-\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
-\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
-\154\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\003\002\064\126
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "UTN-USER First-Network Applications"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "UTN-USER First-Network Applications"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
-\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
-\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
-\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
-\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
-\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
-\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125
-\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163
-\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143
-\141\164\151\157\156\163
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
-\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
-\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
-\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
-\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
-\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
-\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125
-\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163
-\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143
-\141\164\151\157\156\163
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\104\276\014\213\120\000\044\264\021\323\066\060\113\300
-\063\167
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\144\060\202\003\114\240\003\002\001\002\002\020\104
-\276\014\213\120\000\044\264\021\323\066\060\113\300\063\167\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
-\243\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
-\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
-\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
-\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
-\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
-\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
-\165\163\164\056\143\157\155\061\053\060\051\006\003\125\004\003
-\023\042\125\124\116\055\125\123\105\122\106\151\162\163\164\055
-\116\145\164\167\157\162\153\040\101\160\160\154\151\143\141\164
-\151\157\156\163\060\036\027\015\071\071\060\067\060\071\061\070
-\064\070\063\071\132\027\015\061\071\060\067\060\071\061\070\065
-\067\064\071\132\060\201\243\061\013\060\011\006\003\125\004\006
-\023\002\125\123\061\013\060\011\006\003\125\004\010\023\002\125
-\124\061\027\060\025\006\003\125\004\007\023\016\123\141\154\164
-\040\114\141\153\145\040\103\151\164\171\061\036\060\034\006\003
-\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122\125
-\123\124\040\116\145\164\167\157\162\153\061\041\060\037\006\003
-\125\004\013\023\030\150\164\164\160\072\057\057\167\167\167\056
-\165\163\145\162\164\162\165\163\164\056\143\157\155\061\053\060
-\051\006\003\125\004\003\023\042\125\124\116\055\125\123\105\122
-\106\151\162\163\164\055\116\145\164\167\157\162\153\040\101\160
-\160\154\151\143\141\164\151\157\156\163\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\263\373\221\241\344
-\066\125\205\254\006\064\133\240\232\130\262\370\265\017\005\167
-\203\256\062\261\166\222\150\354\043\112\311\166\077\343\234\266
-\067\171\003\271\253\151\215\007\045\266\031\147\344\260\033\030
-\163\141\112\350\176\315\323\057\144\343\246\174\014\372\027\200
-\243\015\107\211\117\121\161\057\356\374\077\371\270\026\200\207
-\211\223\045\040\232\103\202\151\044\166\050\131\065\241\035\300
-\177\203\006\144\026\040\054\323\111\244\205\264\300\141\177\121
-\010\370\150\025\221\200\313\245\325\356\073\072\364\204\004\136
-\140\131\247\214\064\162\356\270\170\305\321\073\022\112\157\176
-\145\047\271\244\125\305\271\157\103\244\305\035\054\231\300\122
-\244\170\114\025\263\100\230\010\153\103\306\001\260\172\173\365
-\153\034\042\077\313\357\377\250\320\072\113\166\025\236\322\321
-\306\056\343\333\127\033\062\242\270\157\350\206\246\077\160\253
-\345\160\222\253\104\036\100\120\373\234\243\142\344\154\156\240
-\310\336\342\200\102\372\351\057\350\316\062\004\217\174\215\267
-\034\243\065\074\025\335\236\303\256\227\245\002\003\001\000\001
-\243\201\221\060\201\216\060\013\006\003\125\035\017\004\004\003
-\002\001\306\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\372
-\206\311\333\340\272\351\170\365\113\250\326\025\337\360\323\341
-\152\024\074\060\117\006\003\125\035\037\004\110\060\106\060\104
-\240\102\240\100\206\076\150\164\164\160\072\057\057\143\162\154
-\056\165\163\145\162\164\162\165\163\164\056\143\157\155\057\125
-\124\116\055\125\123\105\122\106\151\162\163\164\055\116\145\164
-\167\157\162\153\101\160\160\154\151\143\141\164\151\157\156\163
-\056\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\001\001\000\244\363\045\314\321\324\221\203
-\042\320\314\062\253\233\226\116\064\221\124\040\045\064\141\137
-\052\002\025\341\213\252\377\175\144\121\317\012\377\274\175\330
-\041\152\170\313\057\121\157\370\102\035\063\275\353\265\173\224
-\303\303\251\240\055\337\321\051\037\035\376\217\077\273\250\105
-\052\177\321\156\125\044\342\273\002\373\061\077\276\350\274\354
-\100\053\370\001\324\126\070\344\312\104\202\265\141\040\041\147
-\145\366\360\013\347\064\370\245\302\234\243\134\100\037\205\223
-\225\006\336\117\324\047\251\266\245\374\026\315\163\061\077\270
-\145\047\317\324\123\032\360\254\156\237\117\005\014\003\201\247
-\204\051\304\132\275\144\127\162\255\073\317\067\030\246\230\306
-\255\006\264\334\010\243\004\325\051\244\226\232\022\147\112\214
-\140\105\235\361\043\232\260\000\234\150\265\230\120\323\357\216
-\056\222\145\261\110\076\041\276\025\060\052\015\265\014\243\153
-\077\256\177\127\365\037\226\174\337\157\335\202\060\054\145\033
-\100\112\315\150\271\162\354\161\166\354\124\216\037\205\014\001
-\152\372\246\070\254\037\304\204
-END
-
-# Trust for Certificate "UTN-USER First-Network Applications"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "UTN-USER First-Network Applications"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\135\230\234\333\025\226\021\066\121\145\144\033\126\017\333\352
-\052\302\076\361
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\277\140\131\243\133\272\366\247\166\102\332\157\032\173\120\317
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
-\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
-\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
-\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
-\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
-\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
-\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125
-\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163
-\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143
-\141\164\151\157\156\163
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\104\276\014\213\120\000\044\264\021\323\066\060\113\300
-\063\167
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "America Online Root Certification Authority 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "America Online Root Certification Authority 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060
-\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040
-\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060
-\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040
-\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\244\060\202\002\214\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143\141
-\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060\064
-\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040\117
-\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\061\060\036\027\015\060\062\060\065\062\070\060\066
-\060\060\060\060\132\027\015\063\067\061\061\061\071\062\060\064
-\063\060\060\132\060\143\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\034\060\032\006\003\125\004\012\023\023\101\155
-\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156\143
-\056\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162
-\151\143\141\040\117\156\154\151\156\145\040\122\157\157\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171\040\061\060\202\001\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
-\000\060\202\001\012\002\202\001\001\000\250\057\350\244\151\006
-\003\107\303\351\052\230\377\031\242\160\232\306\120\262\176\245
-\337\150\115\033\174\017\266\227\150\175\055\246\213\227\351\144
-\206\311\243\357\240\206\277\140\145\234\113\124\210\302\110\305
-\112\071\277\024\343\131\125\345\031\264\164\310\264\005\071\134
-\026\245\342\225\005\340\022\256\131\213\242\063\150\130\034\246
-\324\025\267\330\237\327\334\161\253\176\232\277\233\216\063\017
-\042\375\037\056\347\007\066\357\142\071\305\335\313\272\045\024
-\043\336\014\306\075\074\316\202\010\346\146\076\332\121\073\026
-\072\243\005\177\240\334\207\325\234\374\162\251\240\175\170\344
-\267\061\125\036\145\273\324\141\260\041\140\355\020\062\162\305
-\222\045\036\370\220\112\030\170\107\337\176\060\067\076\120\033
-\333\034\323\153\232\206\123\007\260\357\254\006\170\370\204\231
-\376\041\215\114\200\266\014\202\366\146\160\171\032\323\117\243
-\317\361\317\106\260\113\017\076\335\210\142\270\214\251\011\050
-\073\172\307\227\341\036\345\364\237\300\300\256\044\240\310\241
-\331\017\326\173\046\202\151\062\075\247\002\003\001\000\001\243
-\143\060\141\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\000
-\255\331\243\366\171\366\156\164\251\177\063\075\201\027\327\114
-\317\063\336\060\037\006\003\125\035\043\004\030\060\026\200\024
-\000\255\331\243\366\171\366\156\164\251\177\063\075\201\027\327
-\114\317\063\336\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\206\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\001\001\000\174\212\321\037\030\067\202\340
-\270\260\243\355\126\225\310\142\141\234\005\242\315\302\142\046
-\141\315\020\026\327\314\264\145\064\320\021\212\255\250\251\005
-\146\357\164\363\155\137\235\231\257\366\213\373\353\122\262\005
-\230\242\157\052\305\124\275\045\275\137\256\310\206\352\106\054
-\301\263\275\301\351\111\160\030\026\227\010\023\214\040\340\033
-\056\072\107\313\036\344\000\060\225\133\364\105\243\300\032\260
-\001\116\253\275\300\043\156\143\077\200\112\305\007\355\334\342
-\157\307\301\142\361\343\162\326\004\310\164\147\013\372\210\253
-\241\001\310\157\360\024\257\322\231\315\121\223\176\355\056\070
-\307\275\316\106\120\075\162\343\171\045\235\233\210\053\020\040
-\335\245\270\062\237\215\340\051\337\041\164\206\202\333\057\202
-\060\306\307\065\206\263\371\226\137\106\333\014\105\375\363\120
-\303\157\306\303\110\255\106\246\341\047\107\012\035\016\233\266
-\302\167\177\143\362\340\175\032\276\374\340\337\327\307\247\154
-\260\371\256\272\074\375\164\264\021\350\130\015\200\274\323\250
-\200\072\231\355\165\314\106\173
-END
-
-# Trust for Certificate "America Online Root Certification Authority 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "America Online Root Certification Authority 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\071\041\301\025\301\135\016\312\134\313\133\304\360\175\041\330
-\005\013\126\152
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\024\361\010\255\235\372\144\342\211\347\034\317\250\255\175\136
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060
-\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040
-\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "America Online Root Certification Authority 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "America Online Root Certification Authority 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060
-\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040
-\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060
-\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040
-\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\244\060\202\003\214\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143\141
-\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060\064
-\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040\117
-\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\062\060\036\027\015\060\062\060\065\062\070\060\066
-\060\060\060\060\132\027\015\063\067\060\071\062\071\061\064\060
-\070\060\060\132\060\143\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\034\060\032\006\003\125\004\012\023\023\101\155
-\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156\143
-\056\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162
-\151\143\141\040\117\156\154\151\156\145\040\122\157\157\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171\040\062\060\202\002\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017
-\000\060\202\002\012\002\202\002\001\000\314\101\105\035\351\075
-\115\020\366\214\261\101\311\340\136\313\015\267\277\107\163\323
-\360\125\115\335\306\014\372\261\146\005\152\315\170\264\334\002
-\333\116\201\363\327\247\174\161\274\165\143\240\135\343\007\014
-\110\354\045\304\003\040\364\377\016\073\022\377\233\215\341\306
-\325\033\264\155\042\343\261\333\177\041\144\257\206\274\127\042
-\052\326\107\201\127\104\202\126\123\275\206\024\001\013\374\177
-\164\244\132\256\361\272\021\265\233\130\132\200\264\067\170\011
-\063\174\062\107\003\134\304\245\203\110\364\127\126\156\201\066
-\047\030\117\354\233\050\302\324\264\327\174\014\076\014\053\337
-\312\004\327\306\216\352\130\116\250\244\245\030\034\154\105\230
-\243\101\321\055\322\307\155\215\031\361\255\171\267\201\077\275
-\006\202\047\055\020\130\005\265\170\005\271\057\333\014\153\220
-\220\176\024\131\070\273\224\044\023\345\321\235\024\337\323\202
-\115\106\360\200\071\122\062\017\343\204\262\172\103\362\136\336
-\137\077\035\335\343\262\033\240\241\052\043\003\156\056\001\025
-\207\134\246\165\165\307\227\141\276\336\206\334\324\110\333\275
-\052\277\112\125\332\350\175\120\373\264\200\027\270\224\277\001
-\075\352\332\272\174\340\130\147\027\271\130\340\210\206\106\147
-\154\235\020\107\130\062\320\065\174\171\052\220\242\132\020\021
-\043\065\255\057\314\344\112\133\247\310\047\362\203\336\136\273
-\136\167\347\350\245\156\143\302\015\135\141\320\214\322\154\132
-\041\016\312\050\243\316\052\351\225\307\110\317\226\157\035\222
-\045\310\306\306\301\301\014\005\254\046\304\322\165\322\341\052
-\147\300\075\133\245\232\353\317\173\032\250\235\024\105\345\017
-\240\232\145\336\057\050\275\316\157\224\146\203\110\051\330\352
-\145\214\257\223\331\144\237\125\127\046\277\157\313\067\061\231
-\243\140\273\034\255\211\064\062\142\270\103\041\006\162\014\241
-\134\155\106\305\372\051\317\060\336\211\334\161\133\335\266\067
-\076\337\120\365\270\007\045\046\345\274\265\376\074\002\263\267
-\370\276\103\301\207\021\224\236\043\154\027\212\270\212\047\014
-\124\107\360\251\263\300\200\214\240\047\353\035\031\343\007\216
-\167\160\312\053\364\175\166\340\170\147\002\003\001\000\001\243
-\143\060\141\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\115
-\105\301\150\070\273\163\251\151\241\040\347\355\365\042\241\043
-\024\327\236\060\037\006\003\125\035\043\004\030\060\026\200\024
-\115\105\301\150\070\273\163\251\151\241\040\347\355\365\042\241
-\043\024\327\236\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\206\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\002\001\000\147\153\006\271\137\105\073\052
-\113\063\263\346\033\153\131\116\042\314\271\267\244\045\311\247
-\304\360\124\226\013\144\363\261\130\117\136\121\374\262\227\173
-\047\145\302\345\312\347\015\014\045\173\142\343\372\237\264\207
-\267\105\106\257\203\245\227\110\214\245\275\361\026\053\233\166
-\054\172\065\140\154\021\200\227\314\251\222\122\346\053\346\151
-\355\251\370\066\055\054\167\277\141\110\321\143\013\271\133\122
-\355\030\260\103\102\042\246\261\167\256\336\151\305\315\307\034
-\241\261\245\034\020\373\030\276\032\160\335\301\222\113\276\051
-\132\235\077\065\276\345\175\121\370\125\340\045\165\043\207\036
-\134\334\272\235\260\254\263\151\333\027\203\311\367\336\014\274
-\010\334\221\236\250\320\327\025\067\163\245\065\270\374\176\305
-\104\100\006\303\353\370\042\200\134\107\316\002\343\021\237\104
-\377\375\232\062\314\175\144\121\016\353\127\046\166\072\343\036
-\042\074\302\246\066\335\031\357\247\374\022\363\046\300\131\061
-\205\114\234\330\317\337\244\314\314\051\223\377\224\155\166\134
-\023\010\227\362\355\245\013\115\335\350\311\150\016\146\323\000
-\016\063\022\133\274\225\345\062\220\250\263\306\154\203\255\167
-\356\213\176\176\261\251\253\323\341\361\266\300\261\352\210\300
-\347\323\220\351\050\222\224\173\150\173\227\052\012\147\055\205
-\002\070\020\344\003\141\324\332\045\066\307\010\130\055\241\247
-\121\257\060\012\111\365\246\151\207\007\055\104\106\166\216\052
-\345\232\073\327\030\242\374\234\070\020\314\306\073\322\265\027
-\072\157\375\256\045\275\365\162\131\144\261\164\052\070\137\030
-\114\337\317\161\004\132\066\324\277\057\231\234\350\331\272\261
-\225\346\002\113\041\241\133\325\301\117\217\256\151\155\123\333
-\001\223\265\134\036\030\335\144\132\312\030\050\076\143\004\021
-\375\034\215\000\017\270\067\337\147\212\235\146\251\002\152\221
-\377\023\312\057\135\203\274\207\223\154\334\044\121\026\004\045
-\146\372\263\331\302\272\051\276\232\110\070\202\231\364\277\073
-\112\061\031\371\277\216\041\063\024\312\117\124\137\373\316\373
-\217\161\177\375\136\031\240\017\113\221\270\304\124\274\006\260
-\105\217\046\221\242\216\376\251
-END
-
-# Trust for Certificate "America Online Root Certification Authority 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "America Online Root Certification Authority 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\205\265\377\147\233\014\171\226\037\310\156\104\042\000\106\023
-\333\027\222\204
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\326\355\074\312\342\146\017\257\020\103\015\167\233\004\011\277
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\066\060
-\064\006\003\125\004\003\023\055\101\155\145\162\151\143\141\040
-\117\156\154\151\156\145\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Visa eCommerce Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa eCommerce Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
-\103\157\155\155\145\162\143\145\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
-\103\157\155\155\145\162\143\145\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220
-\034\142
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\242\060\202\002\212\240\003\002\001\002\002\020\023
-\206\065\115\035\077\006\362\301\371\145\005\325\220\034\142\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\153
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015\060
-\013\006\003\125\004\012\023\004\126\111\123\101\061\057\060\055
-\006\003\125\004\013\023\046\126\151\163\141\040\111\156\164\145
-\162\156\141\164\151\157\156\141\154\040\123\145\162\166\151\143
-\145\040\101\163\163\157\143\151\141\164\151\157\156\061\034\060
-\032\006\003\125\004\003\023\023\126\151\163\141\040\145\103\157
-\155\155\145\162\143\145\040\122\157\157\164\060\036\027\015\060
-\062\060\066\062\066\060\062\061\070\063\066\132\027\015\062\062
-\060\066\062\064\060\060\061\066\061\062\132\060\153\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\015\060\013\006\003
-\125\004\012\023\004\126\111\123\101\061\057\060\055\006\003\125
-\004\013\023\046\126\151\163\141\040\111\156\164\145\162\156\141
-\164\151\157\156\141\154\040\123\145\162\166\151\143\145\040\101
-\163\163\157\143\151\141\164\151\157\156\061\034\060\032\006\003
-\125\004\003\023\023\126\151\163\141\040\145\103\157\155\155\145
-\162\143\145\040\122\157\157\164\060\202\001\042\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
-\060\202\001\012\002\202\001\001\000\257\127\336\126\036\156\241
-\332\140\261\224\047\313\027\333\007\077\200\205\117\310\234\266
-\320\364\157\117\317\231\330\341\333\302\110\134\072\254\071\063
-\307\037\152\213\046\075\053\065\365\110\261\221\301\002\116\004
-\226\221\173\260\063\360\261\024\116\021\157\265\100\257\033\105
-\245\112\357\176\266\254\362\240\037\130\077\022\106\140\074\215
-\241\340\175\317\127\076\063\036\373\107\361\252\025\227\007\125
-\146\245\265\055\056\330\200\131\262\247\015\267\106\354\041\143
-\377\065\253\245\002\317\052\364\114\376\173\365\224\135\204\115
-\250\362\140\217\333\016\045\074\237\163\161\317\224\337\112\352
-\333\337\162\070\214\363\226\275\361\027\274\322\272\073\105\132
-\306\247\366\306\027\213\001\235\374\031\250\052\203\026\270\072
-\110\376\116\076\240\253\006\031\351\123\363\200\023\007\355\055
-\277\077\012\074\125\040\071\054\054\000\151\164\225\112\274\040
-\262\251\171\345\030\211\221\250\334\034\115\357\273\176\067\013
-\135\376\071\245\210\122\214\000\154\354\030\174\101\275\366\213
-\165\167\272\140\235\204\347\376\055\002\003\001\000\001\243\102
-\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
-\002\001\006\060\035\006\003\125\035\016\004\026\004\024\025\070
-\203\017\077\054\077\160\063\036\315\106\376\007\214\040\340\327
-\303\267\060\015\006\011\052\206\110\206\367\015\001\001\005\005
-\000\003\202\001\001\000\137\361\101\175\174\134\010\271\053\340
-\325\222\107\372\147\134\245\023\303\003\041\233\053\114\211\106
-\317\131\115\311\376\245\100\266\143\315\335\161\050\225\147\021
-\314\044\254\323\104\154\161\256\001\040\153\003\242\217\030\267
-\051\072\175\345\026\140\123\170\074\300\257\025\203\367\217\122
-\063\044\275\144\223\227\356\213\367\333\030\250\155\161\263\367
-\054\027\320\164\045\151\367\376\153\074\224\276\115\113\101\214
-\116\342\163\320\343\220\042\163\103\315\363\357\352\163\316\105
-\212\260\246\111\377\114\175\235\161\210\304\166\035\220\133\035
-\356\375\314\367\356\375\140\245\261\172\026\161\321\026\320\174
-\022\074\154\151\227\333\256\137\071\232\160\057\005\074\031\106
-\004\231\040\066\320\140\156\141\006\273\026\102\214\160\367\060
-\373\340\333\146\243\000\001\275\346\054\332\221\137\240\106\213
-\115\152\234\075\075\335\005\106\376\166\277\240\012\074\344\000
-\346\047\267\377\204\055\336\272\042\047\226\020\161\353\042\355
-\337\337\063\234\317\343\255\256\216\324\216\346\117\121\257\026
-\222\340\134\366\007\017
-END
-
-# Trust for Certificate "Visa eCommerce Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa eCommerce Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\160\027\233\206\214\000\244\372\140\221\122\042\077\237\076\062
-\275\340\005\142
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\374\021\270\330\010\223\060\000\155\043\371\176\353\122\036\002
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
-\103\157\155\155\145\162\143\145\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220
-\034\142
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 2 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 2 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\003\352
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\134\060\202\002\305\240\003\002\001\002\002\002\003
-\352\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060
-\036\027\015\071\070\060\063\060\071\061\061\065\071\065\071\132
-\027\015\061\061\060\061\060\061\061\061\065\071\065\071\132\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201
-\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\201\215\000\060\201\211\002\201\201\000\332\070\350\355\062
-\000\051\161\203\001\015\277\214\001\334\332\306\255\071\244\251
-\212\057\325\213\134\150\137\120\306\142\365\146\275\312\221\042
-\354\252\035\121\327\075\263\121\262\203\116\135\313\111\260\360
-\114\125\345\153\055\307\205\013\060\034\222\116\202\324\312\002
-\355\367\157\276\334\340\343\024\270\005\123\362\232\364\126\213
-\132\236\205\223\321\264\202\126\256\115\273\250\113\127\026\274
-\376\370\130\236\370\051\215\260\173\315\170\311\117\254\213\147
-\014\361\234\373\374\127\233\127\134\117\015\002\003\001\000\001
-\243\153\060\151\060\017\006\003\125\035\023\001\001\377\004\005
-\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\001\206\060\063\006\011\140\206\110\001\206\370\102
-\001\010\004\046\026\044\150\164\164\160\072\057\057\167\167\167
-\056\164\162\165\163\164\143\145\156\164\145\162\056\144\145\057
-\147\165\151\144\145\154\151\156\145\163\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\015\006
-\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201\000
-\204\122\373\050\337\377\037\165\001\274\001\276\004\126\227\152
-\164\102\044\061\203\371\106\261\006\212\211\317\226\054\063\277
-\214\265\137\172\162\241\205\006\316\206\370\005\216\350\371\045
-\312\332\203\214\006\254\353\066\155\205\221\064\004\066\364\102
-\360\370\171\056\012\110\134\253\314\121\117\170\166\240\331\254
-\031\275\052\321\151\004\050\221\312\066\020\047\200\127\133\322
-\134\365\302\133\253\144\201\143\164\121\364\227\277\315\022\050
-\367\115\146\177\247\360\034\001\046\170\262\146\107\160\121\144
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 2 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 2 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\203\216\060\367\177\335\024\252\070\136\321\105\000\234\016\042
-\066\111\117\252
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\270\026\063\114\114\114\362\330\323\115\006\264\246\133\100\003
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\003\352
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 3 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 3 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\003\353
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\134\060\202\002\305\240\003\002\001\002\002\002\003
-\353\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060
-\036\027\015\071\070\060\063\060\071\061\061\065\071\065\071\132
-\027\015\061\061\060\061\060\061\061\061\065\071\065\071\132\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201
-\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\201\215\000\060\201\211\002\201\201\000\266\264\301\065\005
-\056\015\215\354\240\100\152\034\016\047\246\120\222\153\120\033
-\007\336\056\347\166\314\340\332\374\204\250\136\214\143\152\053
-\115\331\116\002\166\021\301\013\362\215\171\312\000\266\361\260
-\016\327\373\244\027\075\257\253\151\172\226\047\277\257\063\241
-\232\052\131\252\304\265\067\010\362\022\245\061\266\103\365\062
-\226\161\050\050\253\215\050\206\337\273\356\343\014\175\060\326
-\303\122\253\217\135\047\234\153\300\243\347\005\153\127\111\104
-\263\156\352\144\317\322\216\172\120\167\167\002\003\001\000\001
-\243\153\060\151\060\017\006\003\125\035\023\001\001\377\004\005
-\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\001\206\060\063\006\011\140\206\110\001\206\370\102
-\001\010\004\046\026\044\150\164\164\160\072\057\057\167\167\167
-\056\164\162\165\163\164\143\145\156\164\145\162\056\144\145\057
-\147\165\151\144\145\154\151\156\145\163\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\015\006
-\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201\000
-\026\075\306\315\301\273\205\161\205\106\237\076\040\217\121\050
-\231\354\055\105\041\143\043\133\004\273\114\220\270\210\222\004
-\115\275\175\001\243\077\366\354\316\361\336\376\175\345\341\076
-\273\306\253\136\013\335\075\226\304\313\251\324\371\046\346\006
-\116\236\014\245\172\272\156\303\174\202\031\321\307\261\261\303
-\333\015\216\233\100\174\067\013\361\135\350\375\037\220\210\245
-\016\116\067\144\041\250\116\215\264\237\361\336\110\255\325\126
-\030\122\051\213\107\064\022\011\324\273\222\065\357\017\333\064
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 3 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 3 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\237\307\226\350\370\122\117\206\072\341\111\155\070\022\102\020
-\137\033\170\365
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\137\224\112\163\042\270\367\321\061\354\131\071\367\216\376\156
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\002\003\353
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
diff --git a/security/nss/lib/ckfw/builtins/config.mk b/security/nss/lib/ckfw/builtins/config.mk
deleted file mode 100644
index f4d64b0f0..000000000
--- a/security/nss/lib/ckfw/builtins/config.mk
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-#
-# Override TARGETS variable so that only shared libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(SHARED_LIBRARY)
-LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
-ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET)))
- SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-endif
-
-ifdef BUILD_IDG
- DEFINES += -DNSSDEBUG
-endif
-
-#
-# To create a loadable module on Darwin, we must use -bundle.
-#
-ifeq ($(OS_TARGET),Darwin)
-DSO_LDOPTS = -bundle
-endif
diff --git a/security/nss/lib/ckfw/builtins/constants.c b/security/nss/lib/ckfw/builtins/constants.c
deleted file mode 100644
index a773638b1..000000000
--- a/security/nss/lib/ckfw/builtins/constants.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * builtins/constants.c
- *
- * Identification and other constants, all collected here in one place.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKBI_H
-#include "nssckbi.h"
-#endif /* NSSCKBI_H */
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_CryptokiVersion = {
- NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR,
- NSS_BUILTINS_CRYPTOKI_VERSION_MINOR };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_ManufacturerID = (NSSUTF8 *) "Netscape Communications Corp.";
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_LibraryDescription = (NSSUTF8 *) "NSS Builtin Object Cryptoki Module";
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_LibraryVersion = {
- NSS_BUILTINS_LIBRARY_VERSION_MAJOR,
- NSS_BUILTINS_LIBRARY_VERSION_MINOR};
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_SlotDescription = (NSSUTF8 *) "";
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_HardwareVersion = {
- NSS_BUILTINS_HARDWARE_VERSION_MAJOR,
- NSS_BUILTINS_HARDWARE_VERSION_MINOR };
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_FirmwareVersion = {
- NSS_BUILTINS_FIRMWARE_VERSION_MAJOR,
- NSS_BUILTINS_FIRMWARE_VERSION_MINOR };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenLabel = (NSSUTF8 *) "Builtin Object Token";
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenModel = (NSSUTF8 *) "1";
-
-/* should this be e.g. the certdata.txt RCS revision number? */
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenSerialNumber = (NSSUTF8 *) "1";
-
diff --git a/security/nss/lib/ckfw/builtins/manifest.mn b/security/nss/lib/ckfw/builtins/manifest.mn
deleted file mode 100644
index 23360f081..000000000
--- a/security/nss/lib/ckfw/builtins/manifest.mn
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../../..
-
-MODULE = nss
-
-EXPORTS = \
- nssckbi.h \
- $(NULL)
-
-CSRCS = \
- anchor.c \
- constants.c \
- bfind.c \
- binst.c \
- bobject.c \
- bsession.c \
- bslot.c \
- btoken.c \
- certdata.c \
- $(NULL)
-
-REQUIRES = nspr
-
-LIBRARY_NAME = nssckbi
-
-#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h
deleted file mode 100644
index 81c3f47a3..000000000
--- a/security/nss/lib/ckfw/builtins/nssckbi.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKBI_H
-#define NSSCKBI_H
-
-/*
- * NSS BUILTINS Version numbers.
- *
- * These are the version numbers for the builtins module packaged with
- * this release on NSS. To determine the version numbers of the builtin
- * module you are using, use the appropriate PKCS #11 calls.
- *
- * These version number details changes to the PKCS #11 interface. They map
- * to the PKCS #11 spec versions.
- */
-#define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2
-#define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 1
-
-/* These are the correct verion numbers that details the changes
- * to the list of trusted certificates. */
-#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 20
-
-/* These verion numbers that details the semantic changes to the ckfw engine. */
-#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
-#define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0
-
-/* These verion numbers that details the semantic changes to ckbi itself
- * (new PKCS #11 objects), etc. */
-#define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1
-#define NSS_BUILTINS_FIRMWARE_VERSION_MINOR 0
-
-#endif /* NSSCKBI_H */
diff --git a/security/nss/lib/ckfw/ck.api b/security/nss/lib/ckfw/ck.api
deleted file mode 100644
index 6bae20fd3..000000000
--- a/security/nss/lib/ckfw/ck.api
+++ /dev/null
@@ -1,571 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# This file is in part derived from a file "pkcs11f.h" made available
-# by RSA Security at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/pkcs11f.h
-
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-# Fields
-# FUNCTION introduces a Cryptoki function
-# CK_type specifies and introduces an argument
-#
-
-# General-purpose
-
-# C_Initialize initializes the Cryptoki library.
-FUNCTION C_Initialize
-CK_VOID_PTR pInitArgs # if this is not NULL_PTR, it gets
- # cast to CK_C_INITIALIZE_ARGS_PTR
- # and dereferenced
-
-# C_Finalize indicates that an application is done with the
-# Cryptoki library.
-FUNCTION C_Finalize
-CK_VOID_PTR pReserved # reserved. Should be NULL_PTR
-
-# C_GetInfo returns general information about Cryptoki.
-FUNCTION C_GetInfo
-CK_INFO_PTR pInfo # location that receives information
-
-# C_GetFunctionList returns the function list.
-FUNCTION C_GetFunctionList
-CK_FUNCTION_LIST_PTR_PTR ppFunctionList # receives pointer to function
- # list
-
-
-# Slot and token management
-
-# C_GetSlotList obtains a list of slots in the system.
-FUNCTION C_GetSlotList
-CK_BBOOL tokenPresent # only slots with tokens?
-CK_SLOT_ID_PTR pSlotList # receives array of slot IDs
-CK_ULONG_PTR pulCount # receives number of slots
-
-# C_GetSlotInfo obtains information about a particular slot in the
-# system.
-FUNCTION C_GetSlotInfo
-CK_SLOT_ID slotID # the ID of the slot
-CK_SLOT_INFO_PTR pInfo # receives the slot information
-
-# C_GetTokenInfo obtains information about a particular token in the
-# system.
-FUNCTION C_GetTokenInfo
-CK_SLOT_ID slotID # ID of the token's slot
-CK_TOKEN_INFO_PTR pInfo # receives the token information
-
-# C_GetMechanismList obtains a list of mechanism types supported by a
-# token.
-FUNCTION C_GetMechanismList
-CK_SLOT_ID slotID # ID of token's slot
-CK_MECHANISM_TYPE_PTR pMechanismList # gets mech. array
-CK_ULONG_PTR pulCount # gets # of mechs.
-
-# C_GetMechanismInfo obtains information about a particular mechanism
-# possibly supported by a token.
-FUNCTION C_GetMechanismInfo
-CK_SLOT_ID slotID # ID of the token's slot
-CK_MECHANISM_TYPE type # type of mechanism
-CK_MECHANISM_INFO_PTR pInfo # receives mechanism info
-
-# C_InitToken initializes a token.
-FUNCTION C_InitToken
-CK_SLOT_ID slotID # ID of the token's slot
-CK_CHAR_PTR pPin # the SO's initial PIN
-CK_ULONG ulPinLen # length in bytes of the PIN
-CK_CHAR_PTR pLabel # 32-byte token label (blank padded)
-
-# C_InitPIN initializes the normal user's PIN.
-FUNCTION C_InitPIN
-CK_SESSION_HANDLE hSession # the session's handle
-CK_CHAR_PTR pPin # the normal user's PIN
-CK_ULONG ulPinLen # length in bytes of the PIN
-
-# C_SetPIN modifies the PIN of the user who is logged in.
-FUNCTION C_SetPIN
-CK_SESSION_HANDLE hSession # the session's handle
-CK_CHAR_PTR pOldPin # the old PIN
-CK_ULONG ulOldLen # length of the old PIN
-CK_CHAR_PTR pNewPin # the new PIN
-CK_ULONG ulNewLen # length of the new PIN
-
-
-# Session management
-
-# C_OpenSession opens a session between an application and a token.
-FUNCTION C_OpenSession
-CK_SLOT_ID slotID # the slot's ID
-CK_FLAGS flags # from CK_SESSION_INFO
-CK_VOID_PTR pApplication # passed to callback
-CK_NOTIFY Notify # callback function
-CK_SESSION_HANDLE_PTR phSession # gets session handle
-
-# C_CloseSession closes a session between an application and a token.
-FUNCTION C_CloseSession
-CK_SESSION_HANDLE hSession # the session's handle
-
-# C_CloseAllSessions closes all sessions with a token.
-FUNCTION C_CloseAllSessions
-CK_SLOT_ID slotID # the token's slot
-
-# C_GetSessionInfo obtains information about the session.
-FUNCTION C_GetSessionInfo
-CK_SESSION_HANDLE hSession # the session's handle
-CK_SESSION_INFO_PTR pInfo # receives session info
-
-# C_GetOperationState obtains the state of the cryptographic
-# operation in a session.
-FUNCTION C_GetOperationState
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pOperationState # gets state
-CK_ULONG_PTR pulOperationStateLen # gets state length
-
-# C_SetOperationState restores the state of the cryptographic
-# operation in a session.
-FUNCTION C_SetOperationState
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pOperationState # holds state
-CK_ULONG ulOperationStateLen # holds state length
-CK_OBJECT_HANDLE hEncryptionKey # en/decryption key
-CK_OBJECT_HANDLE hAuthenticationKey # sign/verify key
-
-# C_Login logs a user into a token.
-FUNCTION C_Login
-CK_SESSION_HANDLE hSession # the session's handle
-CK_USER_TYPE userType # the user type
-CK_CHAR_PTR pPin # the user's PIN
-CK_ULONG ulPinLen # the length of the PIN
-
-# C_Logout logs a user out from a token.
-FUNCTION C_Logout
-CK_SESSION_HANDLE hSession # the session's handle
-
-
-# Object management
-
-# C_CreateObject creates a new object.
-FUNCTION C_CreateObject
-CK_SESSION_HANDLE hSession # the session's handle
-CK_ATTRIBUTE_PTR pTemplate # the object's template
-CK_ULONG ulCount # attributes in template
-CK_OBJECT_HANDLE_PTR phObject # gets new object's handle.
-
-# C_CopyObject copies an object, creating a new object for the copy.
-FUNCTION C_CopyObject
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ATTRIBUTE_PTR pTemplate # template for new object
-CK_ULONG ulCount # attributes in template
-CK_OBJECT_HANDLE_PTR phNewObject # receives handle of copy
-
-# C_DestroyObject destroys an object.
-FUNCTION C_DestroyObject
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-
-# C_GetObjectSize gets the size of an object in bytes.
-FUNCTION C_GetObjectSize
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ULONG_PTR pulSize # receives size of object
-
-# C_GetAttributeValue obtains the value of one or more object
-# attributes.
-FUNCTION C_GetAttributeValue
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ATTRIBUTE_PTR pTemplate # specifies attrs; gets vals
-CK_ULONG ulCount # attributes in template
-
-# C_SetAttributeValue modifies the value of one or more object
-# attributes
-FUNCTION C_SetAttributeValue
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ATTRIBUTE_PTR pTemplate # specifies attrs and values
-CK_ULONG ulCount # attributes in template
-
-# C_FindObjectsInit initializes a search for token and session
-# objects that match a template.
-FUNCTION C_FindObjectsInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_ATTRIBUTE_PTR pTemplate # attribute values to match
-CK_ULONG ulCount # attrs in search template
-
-# C_FindObjects continues a search for token and session objects that
-# match a template, obtaining additional object handles.
-FUNCTION C_FindObjects
-CK_SESSION_HANDLE hSession # session's handle
-CK_OBJECT_HANDLE_PTR phObject # gets obj. handles
-CK_ULONG ulMaxObjectCount # max handles to get
-CK_ULONG_PTR pulObjectCount # actual # returned
-
-# C_FindObjectsFinal finishes a search for token and session objects.
-FUNCTION C_FindObjectsFinal
-CK_SESSION_HANDLE hSession # the session's handle
-
-
-# Encryption and decryption
-
-# C_EncryptInit initializes an encryption operation.
-FUNCTION C_EncryptInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the encryption mechanism
-CK_OBJECT_HANDLE hKey # handle of encryption key
-
-# C_Encrypt encrypts single-part data.
-FUNCTION C_Encrypt
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pData # the plaintext data
-CK_ULONG ulDataLen # bytes of plaintext
-CK_BYTE_PTR pEncryptedData # gets ciphertext
-CK_ULONG_PTR pulEncryptedDataLen # gets c-text size
-
-# C_EncryptUpdate continues a multiple-part encryption operation.
-FUNCTION C_EncryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pPart # the plaintext data
-CK_ULONG ulPartLen # plaintext data len
-CK_BYTE_PTR pEncryptedPart # gets ciphertext
-CK_ULONG_PTR pulEncryptedPartLen # gets c-text size
-
-# C_EncryptFinal finishes a multiple-part encryption operation.
-FUNCTION C_EncryptFinal
-CK_SESSION_HANDLE hSession # session handle
-CK_BYTE_PTR pLastEncryptedPart # last c-text
-CK_ULONG_PTR pulLastEncryptedPartLen # gets last size
-
-# C_DecryptInit initializes a decryption operation.
-FUNCTION C_DecryptInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the decryption mechanism
-CK_OBJECT_HANDLE hKey # handle of decryption key
-
-# C_Decrypt decrypts encrypted data in a single part.
-FUNCTION C_Decrypt
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedData # ciphertext
-CK_ULONG ulEncryptedDataLen # ciphertext length
-CK_BYTE_PTR pData # gets plaintext
-CK_ULONG_PTR pulDataLen # gets p-text size
-
-# C_DecryptUpdate continues a multiple-part decryption operation.
-FUNCTION C_DecryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedPart # encrypted data
-CK_ULONG ulEncryptedPartLen # input length
-CK_BYTE_PTR pPart # gets plaintext
-CK_ULONG_PTR pulPartLen # p-text size
-
-# C_DecryptFinal finishes a multiple-part decryption operation.
-FUNCTION C_DecryptFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pLastPart # gets plaintext
-CK_ULONG_PTR pulLastPartLen # p-text size
-
-
-# Message digesting
-
-# C_DigestInit initializes a message-digesting operation.
-FUNCTION C_DigestInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the digesting mechanism
-
-# C_Digest digests data in a single part.
-FUNCTION C_Digest
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # data to be digested
-CK_ULONG ulDataLen # bytes of data to digest
-CK_BYTE_PTR pDigest # gets the message digest
-CK_ULONG_PTR pulDigestLen # gets digest length
-
-# C_DigestUpdate continues a multiple-part message-digesting operation.
-FUNCTION C_DigestUpdate
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pPart # data to be digested
-CK_ULONG ulPartLen # bytes of data to be digested
-
-# C_DigestKey continues a multi-part message-digesting operation, by
-# digesting the value of a secret key as part of the data already
-# digested.
-FUNCTION C_DigestKey
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hKey # secret key to digest
-
-# C_DigestFinal finishes a multiple-part message-digesting operation.
-FUNCTION C_DigestFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pDigest # gets the message digest
-CK_ULONG_PTR pulDigestLen # gets byte count of digest
-
-
-# Signing and MACing
-
-# C_SignInit initializes a signature (private key encryption)
-# operation, where the signature is (will be) an appendix to the
-# data, and plaintext cannot be recovered from the signature.
-FUNCTION C_SignInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the signature mechanism
-CK_OBJECT_HANDLE hKey # handle of signature key
-
-# C_Sign signs (encrypts with private key) data in a single part,
-# where the signature is (will be) an appendix to the data, and
-# plaintext cannot be recovered from the signature.
-FUNCTION C_Sign
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # the data to sign
-CK_ULONG ulDataLen # count of bytes to sign
-CK_BYTE_PTR pSignature # gets the signature
-CK_ULONG_PTR pulSignatureLen # gets signature length
-
-# C_SignUpdate continues a multiple-part signature operation, where
-# the signature is (will be) an appendix to the data, and plaintext
-# cannot be recovered from the signature.
-FUNCTION C_SignUpdate
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pPart # the data to sign
-CK_ULONG ulPartLen # count of bytes to sign
-
-# C_SignFinal finishes a multiple-part signature operation, returning
-# the signature.
-FUNCTION C_SignFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSignature # gets the signature
-CK_ULONG_PTR pulSignatureLen # gets signature length
-
-# C_SignRecoverInit initializes a signature operation, where the data
-# can be recovered from the signature.
-FUNCTION C_SignRecoverInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the signature mechanism
-CK_OBJECT_HANDLE hKey # handle of the signature key
-
-# C_SignRecover signs data in a single operation, where the data can
-# be recovered from the signature.
-FUNCTION C_SignRecover
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # the data to sign
-CK_ULONG ulDataLen # count of bytes to sign
-CK_BYTE_PTR pSignature # gets the signature
-CK_ULONG_PTR pulSignatureLen # gets signature length
-
-
-# Verifying signatures and MACs
-
-# C_VerifyInit initializes a verification operation, where the
-# signature is an appendix to the data, and plaintext cannot cannot
-# be recovered from the signature (e.g. DSA).
-FUNCTION C_VerifyInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the verification mechanism
-CK_OBJECT_HANDLE hKey # verification key
-
-# C_Verify verifies a signature in a single-part operation, where the
-# signature is an appendix to the data, and plaintext cannot be
-# recovered from the signature.
-FUNCTION C_Verify
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # signed data
-CK_ULONG ulDataLen # length of signed data
-CK_BYTE_PTR pSignature # signature
-CK_ULONG ulSignatureLen # signature length
-
-# C_VerifyUpdate continues a multiple-part verification operation,
-# where the signature is an appendix to the data, and plaintext cannot be
-# recovered from the signature.
-FUNCTION C_VerifyUpdate
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pPart # signed data
-CK_ULONG ulPartLen # length of signed data
-
-# C_VerifyFinal finishes a multiple-part verification operation,
-# checking the signature.
-FUNCTION C_VerifyFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSignature # signature to verify
-CK_ULONG ulSignatureLen # signature length
-
-# C_VerifyRecoverInit initializes a signature verification operation,
-# where the data is recovered from the signature.
-FUNCTION C_VerifyRecoverInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the verification mechanism
-CK_OBJECT_HANDLE hKey # verification key
-
-# C_VerifyRecover verifies a signature in a single-part operation,
-# where the data is recovered from the signature.
-FUNCTION C_VerifyRecover
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSignature # signature to verify
-CK_ULONG ulSignatureLen # signature length
-CK_BYTE_PTR pData # gets signed data
-CK_ULONG_PTR pulDataLen # gets signed data len
-
-
-# Dual-function cryptographic operations
-
-# C_DigestEncryptUpdate continues a multiple-part digesting and
-# encryption operation.
-FUNCTION C_DigestEncryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pPart # the plaintext data
-CK_ULONG ulPartLen # plaintext length
-CK_BYTE_PTR pEncryptedPart # gets ciphertext
-CK_ULONG_PTR pulEncryptedPartLen # gets c-text length
-
-# C_DecryptDigestUpdate continues a multiple-part decryption and
-# digesting operation.
-FUNCTION C_DecryptDigestUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedPart # ciphertext
-CK_ULONG ulEncryptedPartLen # ciphertext length
-CK_BYTE_PTR pPart # gets plaintext
-CK_ULONG_PTR pulPartLen # gets plaintext len
-
-# C_SignEncryptUpdate continues a multiple-part signing and
-# encryption operation.
-FUNCTION C_SignEncryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pPart # the plaintext data
-CK_ULONG ulPartLen # plaintext length
-CK_BYTE_PTR pEncryptedPart # gets ciphertext
-CK_ULONG_PTR pulEncryptedPartLen # gets c-text length
-
-# C_DecryptVerifyUpdate continues a multiple-part decryption and
-# verify operation.
-FUNCTION C_DecryptVerifyUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedPart # ciphertext
-CK_ULONG ulEncryptedPartLen # ciphertext length
-CK_BYTE_PTR pPart # gets plaintext
-CK_ULONG_PTR pulPartLen # gets p-text length
-
-
-# Key management
-
-# C_GenerateKey generates a secret key, creating a new key object.
-FUNCTION C_GenerateKey
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # key generation mech.
-CK_ATTRIBUTE_PTR pTemplate # template for new key
-CK_ULONG ulCount # # of attrs in template
-CK_OBJECT_HANDLE_PTR phKey # gets handle of new key
-
-# C_GenerateKeyPair generates a public-key/private-key pair, creating
-# new key objects.
-FUNCTION C_GenerateKeyPair
-CK_SESSION_HANDLE hSession # session handle
-CK_MECHANISM_PTR pMechanism # key-gen mech.
-CK_ATTRIBUTE_PTR pPublicKeyTemplate # template for pub. key
-CK_ULONG ulPublicKeyAttributeCount # # pub. attrs.
-CK_ATTRIBUTE_PTR pPrivateKeyTemplate # template for priv. key
-CK_ULONG ulPrivateKeyAttributeCount # # priv. attrs.
-CK_OBJECT_HANDLE_PTR phPublicKey # gets pub. key handle
-CK_OBJECT_HANDLE_PTR phPrivateKey # gets priv. key handle
-
-# C_WrapKey wraps (i.e., encrypts) a key.
-FUNCTION C_WrapKey
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the wrapping mechanism
-CK_OBJECT_HANDLE hWrappingKey # wrapping key
-CK_OBJECT_HANDLE hKey # key to be wrapped
-CK_BYTE_PTR pWrappedKey # gets wrapped key
-CK_ULONG_PTR pulWrappedKeyLen # gets wrapped key size
-
-# C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key
-# object.
-FUNCTION C_UnwrapKey
-CK_SESSION_HANDLE hSession # session's handle
-CK_MECHANISM_PTR pMechanism # unwrapping mech.
-CK_OBJECT_HANDLE hUnwrappingKey # unwrapping key
-CK_BYTE_PTR pWrappedKey # the wrapped key
-CK_ULONG ulWrappedKeyLen # wrapped key len
-CK_ATTRIBUTE_PTR pTemplate # new key template
-CK_ULONG ulAttributeCount # template length
-CK_OBJECT_HANDLE_PTR phKey # gets new handle
-
-# C_DeriveKey derives a key from a base key, creating a new key object.
-FUNCTION C_DeriveKey
-CK_SESSION_HANDLE hSession # session's handle
-CK_MECHANISM_PTR pMechanism # key deriv. mech.
-CK_OBJECT_HANDLE hBaseKey # base key
-CK_ATTRIBUTE_PTR pTemplate # new key template
-CK_ULONG ulAttributeCount # template length
-CK_OBJECT_HANDLE_PTR phKey # gets new handle
-
-
-# Random number generation
-
-# C_SeedRandom mixes additional seed material into the token's random
-# number generator.
-FUNCTION C_SeedRandom
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSeed # the seed material
-CK_ULONG ulSeedLen # length of seed material
-
-# C_GenerateRandom generates random data.
-FUNCTION C_GenerateRandom
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR RandomData # receives the random data
-CK_ULONG ulRandomLen # # of bytes to generate
-
-
-# Parallel function management
-
-# C_GetFunctionStatus is a legacy function; it obtains an updated
-# status of a function running in parallel with an application.
-FUNCTION C_GetFunctionStatus
-CK_SESSION_HANDLE hSession # the session's handle
-
-# C_CancelFunction is a legacy function; it cancels a function running
-# in parallel.
-FUNCTION C_CancelFunction
-CK_SESSION_HANDLE hSession # the session's handle
-
-
-# Functions added in for Cryptoki Version 2.01 or later
-
-# C_WaitForSlotEvent waits for a slot event (token insertion, removal,
-# etc.) to occur.
-FUNCTION C_WaitForSlotEvent
-CK_FLAGS flags # blocking/nonblocking flag
-CK_SLOT_ID_PTR pSlot # location that receives the slot ID
-CK_VOID_PTR pRserved # reserved. Should be NULL_PTR
-
-## C_ConfigureSlot passes an installation-specified bytestring to a
-## slot.
-#FUNCTION C_ConfigureSlot
-#CK_SLOT_ID slotID # the slot to configure
-#CK_BYTE_PTR pConfig # the configuration string
-#CK_ULONG ulConfigLen # length of the config string
diff --git a/security/nss/lib/ckfw/ck.h b/security/nss/lib/ckfw/ck.h
deleted file mode 100644
index 04df10656..000000000
--- a/security/nss/lib/ckfw/ck.h
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CK_H
-#define CK_H
-
-#ifdef DEBUG
-static const char CK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ck.h
- *
- * This header file consolidates all header files needed by the source
- * files implementing the NSS Cryptoki Framework. This makes managing
- * the source files a bit easier.
- */
-
-/* Types */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFT_H
-#include "nssckft.h"
-#endif /* NSSCKFT_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-#ifndef CKFWTM_H
-#include "ckfwtm.h"
-#endif /* CKFWTM_H */
-
-/* Prototypes */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef NSSCKG_H
-#include "nssckg.h"
-#endif /* NSSCKG_H */
-
-#ifndef NSSCKFW_H
-#include "nssckfw.h"
-#endif /* NSSCKFW_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef CKFW_H
-#include "ckfw.h"
-#endif /* CKFW_H */
-
-#ifndef CKFWM_H
-#include "ckfwm.h"
-#endif /* CKFWM_H */
-
-#ifndef CKMD_H
-#include "ckmd.h"
-#endif /* CKMD_H */
-
-/* NSS-private */
-
-/* nss_ZNEW and the like. We might want to publish the memory APIs.. */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#endif /* CK_H */
diff --git a/security/nss/lib/ckfw/ckapi.perl b/security/nss/lib/ckfw/ckapi.perl
deleted file mode 100644
index 09dfc9199..000000000
--- a/security/nss/lib/ckfw/ckapi.perl
+++ /dev/null
@@ -1,512 +0,0 @@
-#!perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-$cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-
-$copyright = '/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-';
-
-$count = -1;
-$i = 0;
-
-open(INPUT, "<$ARGV[0]") || die "Can't open $ARGV[0]: $!";
-
-while(<INPUT>) {
- s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
- next if (/^\s*$/);
-
-# print;
-
- /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
- $name = $1;
- $value = $2;
-
- if( ($name =~ "FUNCTION") && !($name =~ "CK_FUNCTION") ) {
- $count++;
- $x[$count]{name} = $value;
- $i = 0;
- } else {
- if( $count < 0 ) {
- $value =~ s/"//g;
- $g{$name} = $value;
- } else {
- $x[$count]{args}[$i]{type} = $name;
- $x[$count]{args}[$i]{name} = $value;
- $i++;
- $x[$count]{nargs} = $i; # rewritten each time, oh well
- }
- }
-}
-
-close INPUT;
-
-# dodump();
-doprint();
-
-sub dodump {
- for( $j = 0; $j <= $count; $j++ ) {
- print "CK_RV CK_ENTRY $x[$j]{name}\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- }
-}
-
-sub doprint {
-open(PROTOTYPE, ">nssckg.h") || die "Can't open nssckg.h: $!";
-open(TYPEDEF, ">nssckft.h") || die "Can't open nssckft.h: $!";
-open(EPV, ">nssckepv.h") || die "Can't open nssckepv.h: $!";
-open(API, ">nssck.api") || die "Can't open nssck.api: $!";
-
-select PROTOTYPE;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKG_H
-#define NSSCKG_H
-
-#ifdef DEBUG
-static const char NSSCKG_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckg.h
- *
- * This automatically-generated header file prototypes the Cryptoki
- * functions specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
- print "CK_RV CK_ENTRY $x[$j]{name}\n";
- print "(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ");\n\n";
-}
-
-print <<EOD
-#endif /* NSSCKG_H */
-EOD
- ;
-
-select TYPEDEF;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKFT_H
-#define NSSCKFT_H
-
-#ifdef DEBUG
-static const char NSSCKFT_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckft.h
- *
- * The automatically-generated header file declares a typedef
- * each of the Cryptoki functions specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
-# print "typedef CK_RV (CK_ENTRY *CK_$x[$j]{name})(\n";
- print "typedef CK_CALLBACK_FUNCTION(CK_RV, CK_$x[$j]{name})(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ");\n\n";
-}
-
-print <<EOD
-#endif /* NSSCKFT_H */
-EOD
- ;
-
-select EPV;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKEPV_H
-#define NSSCKEPV_H
-
-#ifdef DEBUG
-static const char NSSCKEPV_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckepv.h
- *
- * This automatically-generated header file defines the type
- * CK_FUNCTION_LIST specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFT_H
-#include "nssckft.h"
-#endif /* NSSCKFT_H */
-
-#include "nssckp.h"
-
-struct CK_FUNCTION_LIST {
- CK_VERSION version;
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
- print " CK_$x[$j]{name} $x[$j]{name};\n";
-}
-
-print <<EOD
-};
-
-#include "nsscku.h"
-
-#endif /* NSSCKEPV_H */
-EOD
- ;
-
-select API;
-
-print $copyright;
-print <<EOD
-
-#ifdef DEBUG
-static const char NSSCKAPI_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssck.api
- *
- * This automatically-generated file is used to generate a set of
- * Cryptoki entry points within the object space of a Module using
- * the NSS Cryptoki Framework.
- *
- * The Module should have a .c file with the following:
- *
- * #define MODULE_NAME name
- * #define INSTANCE_NAME instance
- * #include "nssck.api"
- *
- * where "name" is some module-specific name that can be used to
- * disambiguate various modules. This included file will then
- * define the actual Cryptoki routines which pass through to the
- * Framework calls. All routines, except C_GetFunctionList, will
- * be prefixed with the name; C_GetFunctionList will be generated
- * to return an entry-point vector with these routines. The
- * instance specified should be the basic instance of NSSCKMDInstance.
- *
- * If, prior to including nssck.api, the .c file also specifies
- *
- * #define DECLARE_STRICT_CRYTPOKI_NAMES
- *
- * Then a set of "stub" routines not prefixed with the name will
- * be included. This would allow the combined module and framework
- * to be used in applications which are hard-coded to use the
- * PKCS#11 names (instead of going through the EPV). Please note
- * that such applications should be careful resolving symbols when
- * more than one PKCS#11 module is loaded.
- */
-
-#ifndef MODULE_NAME
-#error "Error: MODULE_NAME must be defined."
-#endif /* MODULE_NAME */
-
-#ifndef INSTANCE_NAME
-#error "Error: INSTANCE_NAME must be defined."
-#endif /* INSTANCE_NAME */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#define ADJOIN(x,y) x##y
-
-#define __ADJOIN(x,y) ADJOIN(x,y)
-
-/*
- * The anchor. This object is used to store an "anchor" pointer in
- * the Module's object space, so the wrapper functions can relate
- * back to this instance.
- */
-
-static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Initialize)
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Initialize
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Finalize)
-(
- CK_VOID_PTR pReserved
-)
-{
- return NSSCKFWC_Finalize(&fwInstance);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Finalize
-(
- CK_VOID_PTR pReserved
-)
-{
- return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetInfo)
-(
- CK_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetInfo(fwInstance, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetInfo
-(
- CK_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-/*
- * C_GetFunctionList is defined at the end.
- */
-
-EOD
- ;
-
-for( $j = 4; $j <= $count; $j++ ) {
- print "static CK_RV CK_ENTRY\n";
- print "__ADJOIN(MODULE_NAME,$x[$j]{name})\n";
- print "(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ")\n";
- print "{\n";
- print " return NSSCKFW$x[$j]{name}(fwInstance, ";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print "$x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print ");\n";
- } else {
- print ", ";
- }
- }
- print "}\n\n";
-
- print "#ifdef DECLARE_STRICT_CRYPTOKI_NAMES\n";
- print "CK_RV CK_ENTRY\n";
- print "$x[$j]{name}\n";
- print "(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ")\n";
- print "{\n";
- print " return __ADJOIN(MODULE_NAME,$x[$j]{name})(";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print "$x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print ");\n";
- } else {
- print ", ";
- }
- }
- print "}\n";
- print "#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */\n\n";
-}
-
-print <<EOD
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-);
-
-static CK_FUNCTION_LIST FunctionList = {
- { 2, 1 },
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
- print "__ADJOIN(MODULE_NAME,$x[$j]{name})";
- if( $j < $count ) {
- print ",\n";
- } else {
- print "\n};\n\n";
- }
-}
-
-print <<EOD
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- *ppFunctionList = &FunctionList;
- return CKR_OK;
-}
-
-/* This one is always present */
-#ifdef WIN32
-CK_RV _declspec(dllexport)
-#else
-CK_RV CK_ENTRY
-#endif
-C_GetFunctionList
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
-}
-
-#undef __ADJOIN
-
-EOD
- ;
-
-select STDOUT;
-
-}
diff --git a/security/nss/lib/ckfw/ckfw.h b/security/nss/lib/ckfw/ckfw.h
deleted file mode 100644
index 2e83f8c35..000000000
--- a/security/nss/lib/ckfw/ckfw.h
+++ /dev/null
@@ -1,1858 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFW_H
-#define CKFW_H
-
-#ifdef DEBUG
-static const char CKFW_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfw.h
- *
- * This file prototypes the private calls of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-/*
- * NSSCKFWInstance
- *
- * -- create/destroy --
- * nssCKFWInstance_Create
- * nssCKFWInstance_Destroy
- *
- * -- implement public accessors --
- * nssCKFWInstance_GetMDInstance
- * nssCKFWInstance_GetArena
- * nssCKFWInstance_MayCreatePthreads
- * nssCKFWInstance_CreateMutex
- * nssCKFWInstance_GetConfigurationData
- *
- * -- private accessors --
- * nssCKFWInstance_CreateSessionHandle
- * nssCKFWInstance_ResolveSessionHandle
- * nssCKFWInstance_DestroySessionHandle
- * nssCKFWInstance_FindSessionHandle
- * nssCKFWInstance_CreateObjectHandle
- * nssCKFWInstance_ResolveObjectHandle
- * nssCKFWInstance_DestroyObjectHandle
- * nssCKFWInstance_FindObjectHandle
- *
- * -- module fronts --
- * nssCKFWInstance_GetNSlots
- * nssCKFWInstance_GetCryptokiVersion
- * nssCKFWInstance_GetManufacturerID
- * nssCKFWInstance_GetFlags
- * nssCKFWInstance_GetLibraryDescription
- * nssCKFWInstance_GetLibraryVersion
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- * nssCKFWInstance_GetSlots
- * nssCKFWInstance_WaitForSlotEvent
- *
- * -- debugging versions only --
- * nssCKFWInstance_verifyPointer
- */
-
-/*
- * nssCKFWInstance_Create
- *
- */
-NSS_EXTERN NSSCKFWInstance *
-nssCKFWInstance_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSCKMDInstance *mdInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_Destroy
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetMDInstance
- *
- */
-NSS_EXTERN NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_MayCreatePthreads
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_CreateMutex
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_GetConfigurationData
- *
- */
-NSS_EXTERN NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_CreateSessionHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_ResolveSessionHandle
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWInstance_DestroySessionHandle
- *
- */
-NSS_EXTERN void
-nssCKFWInstance_DestroySessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWInstance_FindSessionHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWInstance_CreateObjectHandle
- *
- */
-NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_ResolveObjectHandle
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWInstance_ReassignObjectHandle
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_DestroyObjectHandle
- *
- */
-NSS_EXTERN void
-nssCKFWInstance_DestroyObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_GetNSlots
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetNSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_GetCryptokiVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_GetManufacturerID
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWInstance_GetFlags
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetFlags
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetLibraryDescription
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR libraryDescription[32]
-);
-
-/*
- * nssCKFWInstance_GetLibraryVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetSlots
- *
- */
-NSS_EXTERN NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_WaitForSlotEvent
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_verifyPointer
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_verifyPointer
-(
- const NSSCKFWInstance *fwInstance
-);
-
-
-/*
- * NSSCKFWSlot
- *
- * -- create/destroy --
- * nssCKFWSlot_Create
- * nssCKFWSlot_Destroy
- *
- * -- implement public accessors --
- * nssCKFWSlot_GetMDSlot
- * nssCKFWSlot_GetFWInstance
- * nssCKFWSlot_GetMDInstance
- *
- * -- private accessors --
- * nssCKFWSlot_GetSlotID
- *
- * -- module fronts --
- * nssCKFWSlot_GetSlotDescription
- * nssCKFWSlot_GetManufacturerID
- * nssCKFWSlot_GetTokenPresent
- * nssCKFWSlot_GetRemovableDevice
- * nssCKFWSlot_GetHardwareSlot
- * nssCKFWSlot_GetHardwareVersion
- * nssCKFWSlot_GetFirmwareVersion
- * nssCKFWSlot_GetToken
- */
-
-/*
- * nssCKFWSlot_Create
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWSlot_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *mdSlot,
- CK_SLOT_ID slotID,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSlot_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_Destroy
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetMDSlot
- *
- */
-NSS_EXTERN NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetFWInstance
- *
- */
-
-NSS_EXTERN NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetSlotID
- *
- */
-NSS_EXTERN CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetSlotDescription
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_GetSlotDescription
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR slotDescription[64]
-);
-
-/*
- * nssCKFWSlot_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_GetManufacturerID
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWSlot_GetTokenPresent
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetRemovableDevice
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetHardwareSlot
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetHardwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetFirmwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetToken
- *
- */
-NSS_EXTERN NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
- NSSCKFWSlot *fwSlot,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSlot_ClearToken
- *
- */
-NSS_EXTERN void
-nssCKFWSlot_ClearToken
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWToken
- *
- * -- create/destroy --
- * nssCKFWToken_Create
- * nssCKFWToken_Destroy
- *
- * -- implement public accessors --
- * nssCKFWToken_GetMDToken
- * nssCKFWToken_GetFWSlot
- * nssCKFWToken_GetMDSlot
- * nssCKFWToken_GetSessionState
- *
- * -- private accessors --
- * nssCKFWToken_SetSessionState
- * nssCKFWToken_RemoveSession
- * nssCKFWToken_CloseAllSessions
- * nssCKFWToken_GetSessionCount
- * nssCKFWToken_GetRwSessionCount
- * nssCKFWToken_GetRoSessionCount
- * nssCKFWToken_GetSessionObjectHash
- * nssCKFWToken_GetMDObjectHash
- * nssCKFWToken_GetObjectHandleHash
- *
- * -- module fronts --
- * nssCKFWToken_InitToken
- * nssCKFWToken_GetLabel
- * nssCKFWToken_GetManufacturerID
- * nssCKFWToken_GetModel
- * nssCKFWToken_GetSerialNumber
- * nssCKFWToken_GetHasRNG
- * nssCKFWToken_GetIsWriteProtected
- * nssCKFWToken_GetLoginRequired
- * nssCKFWToken_GetUserPinInitialized
- * nssCKFWToken_GetRestoreKeyNotNeeded
- * nssCKFWToken_GetHasClockOnToken
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- * nssCKFWToken_GetSupportsDualCryptoOperations
- * nssCKFWToken_GetMaxSessionCount
- * nssCKFWToken_GetMaxRwSessionCount
- * nssCKFWToken_GetMaxPinLen
- * nssCKFWToken_GetMinPinLen
- * nssCKFWToken_GetTotalPublicMemory
- * nssCKFWToken_GetFreePublicMemory
- * nssCKFWToken_GetTotalPrivateMemory
- * nssCKFWToken_GetFreePrivateMemory
- * nssCKFWToken_GetHardwareVersion
- * nssCKFWToken_GetFirmwareVersion
- * nssCKFWToken_GetUTCTime
- * nssCKFWToken_OpenSession
- * nssCKFWToken_GetMechanismCount
- * nssCKFWToken_GetMechanismTypes
- * nssCKFWToken_GetMechanism
- */
-
-/*
- * nssCKFWToken_Create
- *
- */
-NSS_EXTERN NSSCKFWToken *
-nssCKFWToken_Create
-(
- NSSCKFWSlot *fwSlot,
- NSSCKMDToken *mdToken,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_Destroy
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDToken
- *
- */
-NSS_EXTERN NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_GetFWSlot
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDSlot
- *
- */
-NSS_EXTERN NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionState
- *
- */
-NSS_EXTERN CK_STATE
-nssCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_InitToken
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_InitToken
-(
- NSSCKFWToken *fwToken,
- NSSItem *pin,
- NSSUTF8 *label
-);
-
-/*
- * nssCKFWToken_GetLabel
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetLabel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR label[32]
-);
-
-/*
- * nssCKFWToken_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetManufacturerID
-(
- NSSCKFWToken *fwToken,
- CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWToken_GetModel
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetModel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR model[16]
-);
-
-/*
- * nssCKFWToken_GetSerialNumber
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetSerialNumber
-(
- NSSCKFWToken *fwToken,
- CK_CHAR serialNumber[16]
-);
-
-/*
- * nssCKFWToken_GetHasRNG
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetIsWriteProtected
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetLoginRequired
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetUserPinInitialized
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRestoreKeyNotNeeded
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHasClockOnToken
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSupportsDualCryptoOperations
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxRwSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxPinLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMinPinLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetTotalPublicMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFreePublicMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetTotalPrivateMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFreePrivateMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHardwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFirmwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetUTCTime
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetUTCTime
-(
- NSSCKFWToken *fwToken,
- CK_CHAR utcTime[16]
-);
-
-/*
- * nssCKFWToken_OpenSession
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_GetMechanismCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMechanismTypes
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetMechanismTypes
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE types[]
-);
-
-/*
- * nssCKFWToken_GetMechanism
- *
- */
-NSS_EXTERN NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_SetSessionState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_SetSessionState
-(
- NSSCKFWToken *fwToken,
- CK_STATE newState
-);
-
-/*
- * nssCKFWToken_RemoveSession
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_RemoveSession
-(
- NSSCKFWToken *fwToken,
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWToken_CloseAllSessions
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_CloseAllSessions
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRwSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRoSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionObjectHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDObjectHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetObjectHandleHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWMechanism
- *
- * -- create/destroy --
- * nssCKFWMechanism_Create
- * nssCKFWMechanism_Destroy
- *
- * -- implement public accessors --
- * nssCKFWMechanism_GetMDMechanism
- * nssCKFWMechanism_GetParameter
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWMechanism_GetMinKeySize
- * nssCKFWMechanism_GetMaxKeySize
- * nssCKFWMechanism_GetInHardware
- */
-
-/*
- * nssCKFWMechanism_Create
- *
- */
-NSS_EXTERN NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
- void /* XXX fgmr */
-);
-
-/*
- * nssCKFWMechanism_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMechanism_Destroy
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMDMechanism
- *
- */
-
-NSS_EXTERN NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetParameter
- *
- * XXX fgmr-- or as an additional parameter to the crypto ops?
- */
-NSS_EXTERN NSSItem *
-nssCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMinKeySize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMaxKeySize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetInHardware
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWSession
- *
- * -- create/destroy --
- * nssCKFWSession_Create
- * nssCKFWSession_Destroy
- *
- * -- implement public accessors --
- * nssCKFWSession_GetMDSession
- * nssCKFWSession_GetArena
- * nssCKFWSession_CallNotification
- * nssCKFWSession_IsRWSession
- * nssCKFWSession_IsSO
- *
- * -- private accessors --
- * nssCKFWSession_GetFWSlot
- * nssCKFWSession_GetSessionState
- * nssCKFWSession_SetFWFindObjects
- * nssCKFWSession_GetFWFindObjects
- * nssCKFWSession_SetMDSession
- * nssCKFWSession_SetHandle
- * nssCKFWSession_GetHandle
- * nssCKFWSession_RegisterSessionObject
- * nssCKFWSession_DeregisterSessionObject
- *
- * -- module fronts --
- * nssCKFWSession_GetDeviceError
- * nssCKFWSession_Login
- * nssCKFWSession_Logout
- * nssCKFWSession_InitPIN
- * nssCKFWSession_SetPIN
- * nssCKFWSession_GetOperationStateLen
- * nssCKFWSession_GetOperationState
- * nssCKFWSession_SetOperationState
- * nssCKFWSession_CreateObject
- * nssCKFWSession_CopyObject
- * nssCKFWSession_FindObjectsInit
- * nssCKFWSession_SeedRandom
- * nssCKFWSession_GetRandom
- */
-
-/*
- * nssCKFWSession_Create
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWSession_Create
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Destroy
-(
- NSSCKFWSession *fwSession,
- CK_BBOOL removeFromTokenHash
-);
-
-/*
- * nssCKFWSession_GetMDSession
- *
- */
-NSS_EXTERN NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_CallNotification
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-);
-
-/*
- * nssCKFWSession_IsRWSession
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_IsSO
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_GetFWSlot
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCFKWSession_GetSessionState
- *
- */
-NSS_EXTERN CK_STATE
-nssCKFWSession_GetSessionState
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_SetFWFindObjects
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWSession_GetFWFindObjects
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
- NSSCKFWSession *fwSesssion,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_SetMDSession
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetMDSession
-(
- NSSCKFWSession *fwSession,
- NSSCKMDSession *mdSession
-);
-
-/*
- * nssCKFWSession_SetHandle
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetHandle
-(
- NSSCKFWSession *fwSession,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWSession_GetHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_RegisterSessionObject
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_RegisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWSession_DeregisterSessionObject
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWSession_GetDeviceError
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWSession_GetDeviceError
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_Login
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Login
-(
- NSSCKFWSession *fwSession,
- CK_USER_TYPE userType,
- NSSItem *pin
-);
-
-/*
- * nssCKFWSession_Logout
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Logout
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_InitPIN
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_InitPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *pin
-);
-
-/*
- * nssCKFWSession_SetPIN
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *newPin,
- NSSItem *oldPin
-);
-
-/*
- * nssCKFWSession_GetOperationStateLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_GetOperationState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_GetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-);
-
-/*
- * nssCKFWSession_SetOperationState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *state,
- NSSCKFWObject *encryptionKey,
- NSSCKFWObject *authenticationKey
-);
-
-/*
- * nssCKFWSession_CreateObject
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_CopyObject
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *object,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_FindObjectsInit
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_SeedRandom
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SeedRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *seed
-);
-
-/*
- * nssCKFWSession_GetRandom
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_GetRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-);
-
-/*
- * NSSCKFWObject
- *
- * -- create/destroy --
- * nssCKFWObject_Create
- * nssCKFWObject_Finalize
- * nssCKFWObject_Destroy
- *
- * -- implement public accessors --
- * nssCKFWObject_GetMDObject
- * nssCKFWObject_GetArena
- *
- * -- private accessors --
- * nssCKFWObject_SetHandle
- * nssCKFWObject_GetHandle
- *
- * -- module fronts --
- * nssCKFWObject_IsTokenObject
- * nssCKFWObject_GetAttributeCount
- * nssCKFWObject_GetAttributeTypes
- * nssCKFWObject_GetAttributeSize
- * nssCKFWObject_GetAttribute
- * nssCKFWObject_SetAttribute
- * nssCKFWObject_GetObjectSize
- */
-
-/*
- * nssCKFWObject_Create
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWObject_Create
-(
- NSSArena *arena,
- NSSCKMDObject *mdObject,
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_Finalize
- *
- */
-NSS_EXTERN void
-nssCKFWObject_Finalize
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWObject_Destroy
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetMDObject
- *
- */
-NSS_EXTERN NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
- NSSCKFWObject *fwObject,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWObject_GetHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_IsTokenObject
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetAttributeCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_GetAttributeTypes
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
-
-/*
- * nssCKFWObject_GetAttributeSize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_GetAttribute
- *
- * Usual NSS allocation rules:
- * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
- * will be allocated. If itemOpt is not NULL but itemOpt->data is,
- * the buffer will be allocated; otherwise, the buffer will be used.
- * Any allocations will come from the optional arena, if one is
- * specified.
- */
-NSS_EXTERN NSSItem *
-nssCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_SetAttribute
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWObject_SetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-);
-
-/*
- * nssCKFWObject_GetObjectSize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWFindObjects
- *
- * -- create/destroy --
- * nssCKFWFindObjects_Create
- * nssCKFWFindObjects_Destroy
- *
- * -- implement public accessors --
- * nssCKFWFindObjects_GetMDFindObjects
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWFindObjects_Next
- */
-
-/*
- * nssCKFWFindObjects_Create
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- NSSCKMDFindObjects *mdFindObjects1,
- NSSCKMDFindObjects *mdFindObjects2,
- CK_RV *pError
-);
-
-/*
- * nssCKFWFindObjects_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
- NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWFindObjects_GetMDFindObjects
- *
- */
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWFindObjects_Next
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
- NSSCKFWFindObjects *fwFindObjects,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWMutex
- *
- * nssCKFWMutex_Create
- * nssCKFWMutex_Destroy
- * nssCKFWMutex_Lock
- * nssCKFWMutex_Unlock
- *
- */
-
-/*
- * nssCKFWMutex_Create
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * nssCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * nssCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * nssCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-);
-
-#endif /* CKFW_H */
diff --git a/security/nss/lib/ckfw/ckfwm.h b/security/nss/lib/ckfw/ckfwm.h
deleted file mode 100644
index 615efe2b6..000000000
--- a/security/nss/lib/ckfw/ckfwm.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFWM_H
-#define CKFWM_H
-
-#ifdef DEBUG
-static const char CKFWM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfwm.h
- *
- * This file prototypes the module-private calls of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-/*
- * nssCKFWHash
- *
- * nssCKFWHash_Create
- * nssCKFWHash_Destroy
- * nssCKFWHash_Add
- * nssCKFWHash_Remove
- * nssCKFWHash_Count
- * nssCKFWHash_Exists
- * nssCKFWHash_Lookup
- * nssCKFWHash_Iterate
- */
-
-/*
- * nssCKFWHash_Create
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWHash_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * nssCKFWHash_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Destroy
-(
- nssCKFWHash *hash
-);
-
-/*
- * nssCKFWHash_Add
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWHash_Add
-(
- nssCKFWHash *hash,
- const void *key,
- const void *value
-);
-
-/*
- * nssCKFWHash_Remove
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Remove
-(
- nssCKFWHash *hash,
- const void *it
-);
-
-/*
- * nssCKFWHash_Count
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWHash_Count
-(
- nssCKFWHash *hash
-);
-
-/*
- * nssCKFWHash_Exists
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWHash_Exists
-(
- nssCKFWHash *hash,
- const void *it
-);
-
-/*
- * nssCKFWHash_Lookup
- *
- */
-NSS_EXTERN void *
-nssCKFWHash_Lookup
-(
- nssCKFWHash *hash,
- const void *it
-);
-
-/*
- * nssCKFWHash_Iterate
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Iterate
-(
- nssCKFWHash *hash,
- nssCKFWHashIterator fcn,
- void *closure
-);
-
-NSS_EXTERN void
-nssSetLockArgs(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs
-);
-
-
-#endif /* CKFWM_H */
diff --git a/security/nss/lib/ckfw/ckfwtm.h b/security/nss/lib/ckfw/ckfwtm.h
deleted file mode 100644
index 0f631f02d..000000000
--- a/security/nss/lib/ckfw/ckfwtm.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFWTM_H
-#define CKFWTM_H
-
-#ifdef DEBUG
-static const char CKFWTM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfwtm.h
- *
- * This file declares the module-private types of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-struct nssCKFWHashStr;
-typedef struct nssCKFWHashStr nssCKFWHash;
-
-typedef void (PR_CALLBACK *nssCKFWHashIterator)(const void *key, void *value, void *closure);
-
-#endif /* CKFWTM_H */
diff --git a/security/nss/lib/ckfw/ckmd.h b/security/nss/lib/ckfw/ckmd.h
deleted file mode 100644
index 5b7f394f5..000000000
--- a/security/nss/lib/ckfw/ckmd.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKMD_H
-#define CKMD_H
-
-#ifdef DEBUG
-static const char CKMD_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckmd.h
- *
- */
-
-NSS_EXTERN NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
- NSSCKFWToken *fwToken,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR attributes,
- CK_ULONG ulCount,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
- NSSCKFWToken *fwToken,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_RV *pError
-);
-
-#endif /* CKMD_H */
diff --git a/security/nss/lib/ckfw/ckt.h b/security/nss/lib/ckfw/ckt.h
deleted file mode 100644
index bf114dbc0..000000000
--- a/security/nss/lib/ckfw/ckt.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* get back to just one set of PKCS #11 headers. Use the onese that
- * are easiest to maintain from the RSA website */
-/* this one is the one that defines NSS specific data */
-#include "pkcs11n.h"
diff --git a/security/nss/lib/ckfw/config.mk b/security/nss/lib/ckfw/config.mk
deleted file mode 100644
index 521c93d31..000000000
--- a/security/nss/lib/ckfw/config.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Hack to see if everything still builds
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
-
diff --git a/security/nss/lib/ckfw/dbm/Makefile b/security/nss/lib/ckfw/dbm/Makefile
deleted file mode 100644
index 03e1fb4c6..000000000
--- a/security/nss/lib/ckfw/dbm/Makefile
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include config.mk
-include $(CORE_DEPTH)/coreconf/config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/security/nss/lib/ckfw/dbm/anchor.c b/security/nss/lib/ckfw/dbm/anchor.c
deleted file mode 100644
index 588fd00e0..000000000
--- a/security/nss/lib/ckfw/dbm/anchor.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * dbm/anchor.c
- *
- * This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
- * comments in nssck.api for more information.
- */
-
-#include "ckdbm.h"
-
-#define MODULE_NAME dbm
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_dbm_mdInstance
-#include "nssck.api"
diff --git a/security/nss/lib/ckfw/dbm/ckdbm.h b/security/nss/lib/ckfw/dbm/ckdbm.h
deleted file mode 100644
index 7bab87ec7..000000000
--- a/security/nss/lib/ckfw/dbm/ckdbm.h
+++ /dev/null
@@ -1,281 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CKDBM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef CKDBM_H
-#define CKDBM_H
-
-#include "nssckmdt.h"
-#include "nssckfw.h"
-
-/*
- * I'm including this for access to the arena functions.
- * Looks like we should publish that API.
- */
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This is where the Netscape extensions live, at least for now.
- */
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-#include "mcom_db.h"
-
-NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance;
-
-typedef struct nss_dbm_db_struct nss_dbm_db_t;
-struct nss_dbm_db_struct {
- DB *db;
- NSSCKFWMutex *crustylock;
-};
-
-typedef struct nss_dbm_dbt_struct nss_dbm_dbt_t;
-struct nss_dbm_dbt_struct {
- DBT dbt;
- nss_dbm_db_t *my_db;
-};
-
-typedef struct nss_dbm_instance_struct nss_dbm_instance_t;
-struct nss_dbm_instance_struct {
- NSSArena *arena;
- CK_ULONG nSlots;
- char **filenames;
- int *flags; /* e.g. O_RDONLY, O_RDWR */
-};
-
-typedef struct nss_dbm_slot_struct nss_dbm_slot_t;
-struct nss_dbm_slot_struct {
- nss_dbm_instance_t *instance;
- char *filename;
- int flags;
- nss_dbm_db_t *token_db;
-};
-
-typedef struct nss_dbm_token_struct nss_dbm_token_t;
-struct nss_dbm_token_struct {
- NSSArena *arena;
- nss_dbm_slot_t *slot;
- nss_dbm_db_t *session_db;
- NSSUTF8 *label;
-};
-
-struct nss_dbm_dbt_node {
- struct nss_dbm_dbt_node *next;
- nss_dbm_dbt_t *dbt;
-};
-
-typedef struct nss_dbm_session_struct nss_dbm_session_t;
-struct nss_dbm_session_struct {
- NSSArena *arena;
- nss_dbm_token_t *token;
- CK_ULONG deviceError;
- struct nss_dbm_dbt_node *session_objects;
- NSSCKFWMutex *list_lock;
-};
-
-typedef struct nss_dbm_object_struct nss_dbm_object_t;
-struct nss_dbm_object_struct {
- NSSArena *arena; /* token or session */
- nss_dbm_dbt_t *handle;
-};
-
-typedef struct nss_dbm_find_struct nss_dbm_find_t;
-struct nss_dbm_find_struct {
- NSSArena *arena;
- struct nss_dbm_dbt_node *found;
- NSSCKFWMutex *list_lock;
-};
-
-NSS_EXTERN NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
- nss_dbm_instance_t *instance,
- char *filename,
- int flags,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
- nss_dbm_slot_t *slot,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
- nss_dbm_token_t *token,
- NSSCKFWSession *fwSession,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL rw,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
- nss_dbm_object_t *object,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
- nss_dbm_find_t *find,
- CK_RV *pError
-);
-
-NSS_EXTERN nss_dbm_db_t *
-nss_dbm_db_open
-(
- NSSArena *arena,
- NSSCKFWInstance *fwInstance,
- char *filename,
- int flags,
- CK_RV *pError
-);
-
-NSS_EXTERN void
-nss_dbm_db_close
-(
- nss_dbm_db_t *db
-);
-
-NSS_EXTERN CK_VERSION
-nss_dbm_db_get_format_version
-(
- nss_dbm_db_t *db
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_set_label
-(
- nss_dbm_db_t *db,
- NSSUTF8 *label
-);
-
-NSS_EXTERN NSSUTF8 *
-nss_dbm_db_get_label
-(
- nss_dbm_db_t *db,
- NSSArena *arena,
- CK_RV *pError
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_delete_object
-(
- nss_dbm_dbt_t *dbt
-);
-
-NSS_EXTERN nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
- NSSArena *arena,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_find_objects
-(
- nss_dbm_find_t *find,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_BBOOL
-nss_dbm_db_object_still_exists
-(
- nss_dbm_dbt_t *dbt
-);
-
-NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
- nss_dbm_dbt_t *dbt,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_get_object_attribute_types
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN NSSItem *
-nss_dbm_db_get_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- NSSArena *arena,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_set_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- NSSItem *value,
- CK_ULONG *pdbrv
-);
-
-#endif /* CKDBM_H */
diff --git a/security/nss/lib/ckfw/dbm/config.mk b/security/nss/lib/ckfw/dbm/config.mk
deleted file mode 100644
index 80b3135f4..000000000
--- a/security/nss/lib/ckfw/dbm/config.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
diff --git a/security/nss/lib/ckfw/dbm/db.c b/security/nss/lib/ckfw/dbm/db.c
deleted file mode 100644
index 307c7f21d..000000000
--- a/security/nss/lib/ckfw/dbm/db.c
+++ /dev/null
@@ -1,1065 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-#define PREFIX_METADATA "0000"
-#define PREFIX_OBJECT "0001"
-#define PREFIX_INDEX "0002"
-
-static CK_VERSION nss_dbm_db_format_version = { 1, 0 };
-struct handle {
- char prefix[4];
- CK_ULONG id;
-};
-
-NSS_IMPLEMENT nss_dbm_db_t *
-nss_dbm_db_open
-(
- NSSArena *arena,
- NSSCKFWInstance *fwInstance,
- char *filename,
- int flags,
- CK_RV *pError
-)
-{
- nss_dbm_db_t *rv;
- CK_VERSION db_version;
-
- rv = nss_ZNEW(arena, nss_dbm_db_t);
- if( (nss_dbm_db_t *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_db_t *)NULL;
- }
-
- rv->db = dbopen(filename, flags, 0600, DB_HASH, (const void *)NULL);
- if( (DB *)NULL == rv->db ) {
- *pError = CKR_TOKEN_NOT_PRESENT;
- return (nss_dbm_db_t *)NULL;
- }
-
- rv->crustylock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == rv->crustylock ) {
- return (nss_dbm_db_t *)NULL;
- }
-
- db_version = nss_dbm_db_get_format_version(rv);
- if( db_version.major != nss_dbm_db_format_version.major ) {
- nss_dbm_db_close(rv);
- *pError = CKR_TOKEN_NOT_RECOGNIZED;
- return (nss_dbm_db_t *)NULL;
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT void
-nss_dbm_db_close
-(
- nss_dbm_db_t *db
-)
-{
- if( (NSSCKFWMutex *)NULL != db->crustylock ) {
- (void)NSSCKFWMutex_Destroy(db->crustylock);
- }
-
- if( (DB *)NULL != db->db ) {
- (void)db->db->close(db->db);
- }
-
- nss_ZFreeIf(db);
-}
-
-NSS_IMPLEMENT CK_VERSION
-nss_dbm_db_get_format_version
-(
- nss_dbm_db_t *db
-)
-{
- CK_VERSION rv;
- DBT k, v;
- int dbrv;
- char buffer[64];
-
- rv.major = rv.minor = 0;
-
- k.data = PREFIX_METADATA "FormatVersion";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- (void)memset(&v, 0, sizeof(v));
-
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
-
- dbrv = db->db->get(db->db, &k, &v, 0);
- if( dbrv == 0 ) {
- CK_ULONG major = 0, minor = 0;
- (void)PR_sscanf(v.data, "%ld.%ld", &major, &minor);
- rv.major = major;
- rv.minor = minor;
- } else if( dbrv > 0 ) {
- (void)PR_snprintf(buffer, sizeof(buffer), "%ld.%ld", nss_dbm_db_format_version.major,
- nss_dbm_db_format_version.minor);
- v.data = buffer;
- v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
- dbrv = db->db->put(db->db, &k, &v, 0);
- (void)db->db->sync(db->db, 0);
- rv = nss_dbm_db_format_version;
- } else {
- /* No error return.. */
- ;
- }
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_label
-(
- nss_dbm_db_t *db,
- NSSUTF8 *label
-)
-{
- CK_RV rv;
- DBT k, v;
- int dbrv;
-
- k.data = PREFIX_METADATA "Label";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- v.data = label;
- v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
-
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
-
- dbrv = db->db->put(db->db, &k, &v, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- }
-
- dbrv = db->db->sync(db->db, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- }
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nss_dbm_db_get_label
-(
- nss_dbm_db_t *db,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- NSSUTF8 *rv = (NSSUTF8 *)NULL;
- DBT k, v;
- int dbrv;
-
- k.data = PREFIX_METADATA "Label";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
-
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
-
- dbrv = db->db->get(db->db, &k, &v, 0);
- if( 0 == dbrv ) {
- rv = nssUTF8_Duplicate((NSSUTF8 *)v.data, arena);
- if( (NSSUTF8 *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- }
- } else if( dbrv > 0 ) {
- /* Just return null */
- ;
- } else {
- *pError = CKR_DEVICE_ERROR;
- ;
- }
-
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_delete_object
-(
- nss_dbm_dbt_t *dbt
-)
-{
- CK_RV rv;
- int dbrv;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
-
- dbrv = dbt->my_db->db->del(dbt->my_db->db, &dbt->dbt, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- dbrv = dbt->my_db->db->sync(dbt->my_db->db, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-static CK_ULONG
-nss_dbm_db_new_handle
-(
- nss_dbm_db_t *db,
- DBT *dbt, /* pre-allocated */
- CK_RV *pError
-)
-{
- CK_ULONG rv;
- DBT k, v;
- CK_ULONG align = 0, id, myid;
- struct handle *hp;
-
- if( sizeof(struct handle) != dbt->size ) {
- return EINVAL;
- }
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != *pError ) {
- return EINVAL;
- }
-
- k.data = PREFIX_METADATA "LastID";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- (void)memset(&v, 0, sizeof(v));
-
- rv = db->db->get(db->db, &k, &v, 0);
- if( 0 == rv ) {
- (void)memcpy(&align, v.data, sizeof(CK_ULONG));
- id = ntohl(align);
- } else if( rv > 0 ) {
- id = 0;
- } else {
- goto done;
- }
-
- myid = id;
- id++;
- align = htonl(id);
- v.data = &align;
- v.size = sizeof(CK_ULONG);
-
- rv = db->db->put(db->db, &k, &v, 0);
- if( 0 != rv ) {
- goto done;
- }
-
- rv = db->db->sync(db->db, 0);
- if( 0 != rv ) {
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- if( 0 != rv ) {
- return rv;
- }
-
- hp = (struct handle *)dbt->data;
- (void)memcpy(&hp->prefix[0], PREFIX_OBJECT, 4);
- hp->id = myid;
-
- return 0;
-}
-
-/*
- * This attribute-type-dependent swapping should probably
- * be in the Framework, because it'll be a concern of just
- * about every Module. Of course any Framework implementation
- * will have to be augmentable or overridable by a Module.
- */
-
-enum swap_type { type_byte, type_short, type_long, type_opaque };
-
-static enum swap_type
-nss_dbm_db_swap_type
-(
- CK_ATTRIBUTE_TYPE type
-)
-{
- switch( type ) {
- case CKA_CLASS: return type_long;
- case CKA_TOKEN: return type_byte;
- case CKA_PRIVATE: return type_byte;
- case CKA_LABEL: return type_opaque;
- case CKA_APPLICATION: return type_opaque;
- case CKA_VALUE: return type_opaque;
- case CKA_CERTIFICATE_TYPE: return type_long;
- case CKA_ISSUER: return type_opaque;
- case CKA_SERIAL_NUMBER: return type_opaque;
- case CKA_KEY_TYPE: return type_long;
- case CKA_SUBJECT: return type_opaque;
- case CKA_ID: return type_opaque;
- case CKA_SENSITIVE: return type_byte;
- case CKA_ENCRYPT: return type_byte;
- case CKA_DECRYPT: return type_byte;
- case CKA_WRAP: return type_byte;
- case CKA_UNWRAP: return type_byte;
- case CKA_SIGN: return type_byte;
- case CKA_SIGN_RECOVER: return type_byte;
- case CKA_VERIFY: return type_byte;
- case CKA_VERIFY_RECOVER: return type_byte;
- case CKA_DERIVE: return type_byte;
- case CKA_START_DATE: return type_opaque;
- case CKA_END_DATE: return type_opaque;
- case CKA_MODULUS: return type_opaque;
- case CKA_MODULUS_BITS: return type_long;
- case CKA_PUBLIC_EXPONENT: return type_opaque;
- case CKA_PRIVATE_EXPONENT: return type_opaque;
- case CKA_PRIME_1: return type_opaque;
- case CKA_PRIME_2: return type_opaque;
- case CKA_EXPONENT_1: return type_opaque;
- case CKA_EXPONENT_2: return type_opaque;
- case CKA_COEFFICIENT: return type_opaque;
- case CKA_PRIME: return type_opaque;
- case CKA_SUBPRIME: return type_opaque;
- case CKA_BASE: return type_opaque;
- case CKA_VALUE_BITS: return type_long;
- case CKA_VALUE_LEN: return type_long;
- case CKA_EXTRACTABLE: return type_byte;
- case CKA_LOCAL: return type_byte;
- case CKA_NEVER_EXTRACTABLE: return type_byte;
- case CKA_ALWAYS_SENSITIVE: return type_byte;
- case CKA_MODIFIABLE: return type_byte;
- case CKA_NETSCAPE_URL: return type_opaque;
- case CKA_NETSCAPE_EMAIL: return type_opaque;
- case CKA_NETSCAPE_SMIME_INFO: return type_opaque;
- case CKA_NETSCAPE_SMIME_TIMESTAMP: return type_opaque;
- case CKA_NETSCAPE_PKCS8_SALT: return type_opaque;
- case CKA_NETSCAPE_PASSWORD_CHECK: return type_opaque;
- case CKA_NETSCAPE_EXPIRES: return type_opaque;
- case CKA_TRUST_DIGITAL_SIGNATURE: return type_long;
- case CKA_TRUST_NON_REPUDIATION: return type_long;
- case CKA_TRUST_KEY_ENCIPHERMENT: return type_long;
- case CKA_TRUST_DATA_ENCIPHERMENT: return type_long;
- case CKA_TRUST_KEY_AGREEMENT: return type_long;
- case CKA_TRUST_KEY_CERT_SIGN: return type_long;
- case CKA_TRUST_CRL_SIGN: return type_long;
- case CKA_TRUST_SERVER_AUTH: return type_long;
- case CKA_TRUST_CLIENT_AUTH: return type_long;
- case CKA_TRUST_CODE_SIGNING: return type_long;
- case CKA_TRUST_EMAIL_PROTECTION: return type_long;
- case CKA_TRUST_IPSEC_END_SYSTEM: return type_long;
- case CKA_TRUST_IPSEC_TUNNEL: return type_long;
- case CKA_TRUST_IPSEC_USER: return type_long;
- case CKA_TRUST_TIME_STAMPING: return type_long;
- case CKA_NETSCAPE_DB: return type_opaque;
- case CKA_NETSCAPE_TRUST: return type_opaque;
- default: return type_opaque;
- }
-}
-
-static void
-nss_dbm_db_swap_copy
-(
- CK_ATTRIBUTE_TYPE type,
- void *dest,
- void *src,
- CK_ULONG len
-)
-{
- switch( nss_dbm_db_swap_type(type) ) {
- case type_byte:
- case type_opaque:
- (void)memcpy(dest, src, len);
- break;
- case type_short:
- {
- CK_USHORT s, d;
- (void)memcpy(&s, src, sizeof(CK_USHORT));
- d = htons(s);
- (void)memcpy(dest, &d, sizeof(CK_USHORT));
- break;
- }
- case type_long:
- {
- CK_ULONG s, d;
- (void)memcpy(&s, src, sizeof(CK_ULONG));
- d = htonl(s);
- (void)memcpy(dest, &d, sizeof(CK_ULONG));
- break;
- }
- }
-}
-
-static CK_RV
-nss_dbm_db_wrap_object
-(
- NSSArena *arena,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- DBT *object
-)
-{
- CK_ULONG object_size;
- CK_ULONG i;
- CK_ULONG *pulData;
- char *pcData;
- CK_ULONG offset;
-
- object_size = (1 + ulAttributeCount*3) * sizeof(CK_ULONG);
- offset = object_size;
- for( i = 0; i < ulAttributeCount; i++ ) {
- object_size += pTemplate[i].ulValueLen;
- }
-
- object->size = object_size;
- object->data = nss_ZAlloc(arena, object_size);
- if( (void *)NULL == object->data ) {
- return CKR_HOST_MEMORY;
- }
-
- pulData = (CK_ULONG *)object->data;
- pcData = (char *)object->data;
-
- pulData[0] = htonl(ulAttributeCount);
- for( i = 0; i < ulAttributeCount; i++ ) {
- CK_ULONG len = pTemplate[i].ulValueLen;
- pulData[1 + i*3] = htonl(pTemplate[i].type);
- pulData[2 + i*3] = htonl(len);
- pulData[3 + i*3] = htonl(offset);
- nss_dbm_db_swap_copy(pTemplate[i].type, &pcData[offset], pTemplate[i].pValue, len);
- offset += len;
- }
-
- return CKR_OK;
-}
-
-static CK_RV
-nss_dbm_db_unwrap_object
-(
- NSSArena *arena,
- DBT *object,
- CK_ATTRIBUTE_PTR *ppTemplate,
- CK_ULONG *pulAttributeCount
-)
-{
- CK_ULONG *pulData;
- char *pcData;
- CK_ULONG n, i;
- CK_ATTRIBUTE_PTR pTemplate;
-
- pulData = (CK_ULONG *)object->data;
- pcData = (char *)object->data;
-
- n = ntohl(pulData[0]);
- *pulAttributeCount = n;
- pTemplate = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, n);
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- return CKR_HOST_MEMORY;
- }
-
- for( i = 0; i < n; i++ ) {
- CK_ULONG len;
- CK_ULONG offset;
- void *p;
-
- pTemplate[i].type = ntohl(pulData[1 + i*3]);
- len = ntohl(pulData[2 + i*3]);
- offset = ntohl(pulData[3 + i*3]);
-
- p = nss_ZAlloc(arena, len);
- if( (void *)NULL == p ) {
- return CKR_HOST_MEMORY;
- }
-
- nss_dbm_db_swap_copy(pTemplate[i].type, p, &pcData[offset], len);
- pTemplate[i].ulValueLen = len;
- pTemplate[i].pValue = p;
- }
-
- *ppTemplate = pTemplate;
- return CKR_OK;
-}
-
-
-NSS_IMPLEMENT nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
- NSSArena *arena,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- NSSArena *tmparena = (NSSArena *)NULL;
- nss_dbm_dbt_t *rv = (nss_dbm_dbt_t *)NULL;
- DBT object;
-
- rv = nss_ZNEW(arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- rv->my_db = db;
- rv->dbt.size = sizeof(struct handle);
- rv->dbt.data = nss_ZAlloc(arena, rv->dbt.size);
- if( (void *)NULL == rv->dbt.data ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- *pdbrv = nss_dbm_db_new_handle(db, &rv->dbt, pError);
- if( 0 != *pdbrv ) {
- return (nss_dbm_dbt_t *)NULL;
- }
-
- tmparena = NSSArena_Create();
- if( (NSSArena *)NULL == tmparena ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- *pError = nss_dbm_db_wrap_object(tmparena, pTemplate, ulAttributeCount, &object);
- if( CKR_OK != *pError ) {
- return (nss_dbm_dbt_t *)NULL;
- }
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pdbrv = db->db->put(db->db, &rv->dbt, &object, 0);
- if( 0 != *pdbrv ) {
- *pError = CKR_DEVICE_ERROR;
- }
-
- (void)db->db->sync(db->db, 0);
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- loser:
- if( (NSSArena *)NULL != tmparena ) {
- (void)NSSArena_Destroy(tmparena);
- }
-
- return rv;
-}
-
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_find_objects
-(
- nss_dbm_find_t *find,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_ULONG *pdbrv
-)
-{
- CK_RV rv = CKR_OK;
-
- if( (nss_dbm_db_t *)NULL != db ) {
- DBT k, v;
-
- rv = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
-
- *pdbrv = db->db->seq(db->db, &k, &v, R_FIRST);
- while( 0 == *pdbrv ) {
- CK_ULONG i, j;
- NSSArena *tmparena = (NSSArena *)NULL;
- CK_ULONG ulac;
- CK_ATTRIBUTE_PTR pt;
-
- if( (k.size < 4) || (0 != memcmp(k.data, PREFIX_OBJECT, 4)) ) {
- goto nomatch;
- }
-
- tmparena = NSSArena_Create();
-
- rv = nss_dbm_db_unwrap_object(tmparena, &v, &pt, &ulac);
- if( CKR_OK != rv ) {
- goto loser;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- for( j = 0; j < ulac; j++ ) {
- if( pTemplate[i].type == pt[j].type ) {
- if( pTemplate[i].ulValueLen != pt[j].ulValueLen ) {
- goto nomatch;
- }
- if( 0 != memcmp(pTemplate[i].pValue, pt[j].pValue, pt[j].ulValueLen) ) {
- goto nomatch;
- }
- break;
- }
- }
- if( j == ulac ) {
- goto nomatch;
- }
- }
-
- /* entire template matches */
- {
- struct nss_dbm_dbt_node *node;
-
- node = nss_ZNEW(find->arena, struct nss_dbm_dbt_node);
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- node->dbt = nss_ZNEW(find->arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == node->dbt ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- node->dbt->dbt.size = k.size;
- node->dbt->dbt.data = nss_ZAlloc(find->arena, k.size);
- if( (void *)NULL == node->dbt->dbt.data ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)memcpy(node->dbt->dbt.data, k.data, k.size);
-
- node->dbt->my_db = db;
-
- node->next = find->found;
- find->found = node;
- }
-
- nomatch:
- if( (NSSArena *)NULL != tmparena ) {
- (void)NSSArena_Destroy(tmparena);
- }
- *pdbrv = db->db->seq(db->db, &k, &v, R_NEXT);
- }
-
- if( *pdbrv < 0 ) {
- rv = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- rv = CKR_OK;
-
- loser:
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_BBOOL
-nss_dbm_db_object_still_exists
-(
- nss_dbm_dbt_t *dbt
-)
-{
- CK_BBOOL rv;
- CK_RV ckrv;
- int dbrv;
- DBT object;
-
- ckrv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != ckrv ) {
- return CK_FALSE;
- }
-
- dbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == dbrv ) {
- rv = CK_TRUE;
- } else {
- rv = CK_FALSE;
- }
-
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
- nss_dbm_dbt_t *dbt,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- CK_ULONG rv = 0;
- DBT object;
- CK_ULONG *pulData;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- return rv;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
-
- pulData = (CK_ULONG *)object.data;
- rv = ntohl(pulData[0]);
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_get_object_attribute_types
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount,
- CK_ULONG *pdbrv
-)
-{
- CK_RV rv = CKR_OK;
- DBT object;
- CK_ULONG *pulData;
- CK_ULONG n, i;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- rv = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- pulData = (CK_ULONG *)object.data;
- n = ntohl(pulData[0]);
-
- if( ulCount < n ) {
- rv = CKR_BUFFER_TOO_SMALL;
- goto done;
- }
-
- for( i = 0; i < n; i++ ) {
- typeArray[i] = ntohl(pulData[1 + i*3]);
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- CK_ULONG rv = 0;
- DBT object;
- CK_ULONG *pulData;
- CK_ULONG n, i;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- return rv;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
-
- pulData = (CK_ULONG *)object.data;
- n = ntohl(pulData[0]);
-
- for( i = 0; i < n; i++ ) {
- if( type == ntohl(pulData[1 + i*3]) ) {
- rv = ntohl(pulData[2 + i*3]);
- }
- }
-
- if( i == n ) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSItem *
-nss_dbm_db_get_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- NSSArena *arena,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
- DBT object;
- CK_ULONG i;
- NSSArena *tmp = NSSArena_Create();
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
-
- *pError = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( type == pTemplate[i].type ) {
- rv = nss_ZNEW(arena, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
- }
- rv->size = pTemplate[i].ulValueLen;
- rv->data = nss_ZAlloc(arena, rv->size);
- if( (void *)NULL == rv->data ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
- }
- (void)memcpy(rv->data, pTemplate[i].pValue, rv->size);
- break;
- }
- }
- if( ulAttributeCount == i ) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- loser:
- if( (NSSArena *)NULL != tmp ) {
- NSSArena_Destroy(tmp);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- NSSItem *value,
- CK_ULONG *pdbrv
-)
-{
- CK_RV rv = CKR_OK;
- DBT object;
- CK_ULONG i;
- NSSArena *tmp = NSSArena_Create();
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- goto loser;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- rv = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- rv = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
- if( CKR_OK != rv ) {
- goto done;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( type == pTemplate[i].type ) {
- /* Replacing an existing attribute */
- pTemplate[i].ulValueLen = value->size;
- pTemplate[i].pValue = value->data;
- break;
- }
- }
-
- if( i == ulAttributeCount ) {
- /* Adding a new attribute */
- CK_ATTRIBUTE_PTR npt = nss_ZNEWARRAY(tmp, CK_ATTRIBUTE, ulAttributeCount+1);
- if( (CK_ATTRIBUTE_PTR)NULL == npt ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- npt[i] = pTemplate[i];
- }
-
- npt[ulAttributeCount].type = type;
- npt[ulAttributeCount].ulValueLen = value->size;
- npt[ulAttributeCount].pValue = value->data;
-
- pTemplate = npt;
- ulAttributeCount++;
- }
-
- rv = nss_dbm_db_wrap_object(tmp, pTemplate, ulAttributeCount, &object);
- if( CKR_OK != rv ) {
- goto done;
- }
-
- *pdbrv = dbt->my_db->db->put(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 != *pdbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- (void)dbt->my_db->db->sync(dbt->my_db->db, 0);
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- loser:
- if( (NSSArena *)NULL != tmp ) {
- NSSArena_Destroy(tmp);
- }
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/find.c b/security/nss/lib/ckfw/dbm/find.c
deleted file mode 100644
index 81fe5d8fb..000000000
--- a/security/nss/lib/ckfw/dbm/find.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
-
- /* Locks might have system resources associated */
- (void)NSSCKFWMutex_Destroy(find->list_lock);
- (void)NSSArena_Destroy(find->arena);
-}
-
-
-static NSSCKMDObject *
-nss_dbm_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
- struct nss_dbm_dbt_node *node;
- nss_dbm_object_t *object;
- NSSCKMDObject *rv;
-
- while(1) {
- /* Lock */
- {
- *pError = NSSCKFWMutex_Lock(find->list_lock);
- if( CKR_OK != *pError ) {
- return (NSSCKMDObject *)NULL;
- }
-
- node = find->found;
- if( (struct nss_dbm_dbt_node *)NULL != node ) {
- find->found = node->next;
- }
-
- *pError = NSSCKFWMutex_Unlock(find->list_lock);
- if( CKR_OK != *pError ) {
- /* screwed now */
- return (NSSCKMDObject *)NULL;
- }
- }
-
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- break;
- }
-
- if( nss_dbm_db_object_still_exists(node->dbt) ) {
- break;
- }
- }
-
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- object = nss_ZNEW(arena, nss_dbm_object_t);
- if( (nss_dbm_object_t *)NULL == object ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->arena = arena;
- object->handle = nss_ZNEW(arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == object->handle ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->handle->my_db = node->dbt->my_db;
- object->handle->dbt.size = node->dbt->dbt.size;
- object->handle->dbt.data = nss_ZAlloc(arena, node->dbt->dbt.size);
- if( (void *)NULL == object->handle->dbt.data ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- (void)memcpy(object->handle->dbt.data, node->dbt->dbt.data, node->dbt->dbt.size);
-
- rv = nss_dbm_mdObject_factory(object, pError);
- if( (NSSCKMDObject *)NULL == rv ) {
- return (NSSCKMDObject *)NULL;
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
- nss_dbm_find_t *find,
- CK_RV *pError
-)
-{
- NSSCKMDFindObjects *rv;
-
- rv = nss_ZNEW(find->arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- rv->etc = (void *)find;
- rv->Final = nss_dbm_mdFindObjects_Final;
- rv->Next = nss_dbm_mdFindObjects_Next;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/instance.c b/security/nss/lib/ckfw/dbm/instance.c
deleted file mode 100644
index 70681803f..000000000
--- a/security/nss/lib/ckfw/dbm/instance.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdInstance_Initialize
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSUTF8 *configurationData
-)
-{
- CK_RV rv = CKR_OK;
- NSSArena *arena;
- nss_dbm_instance_t *instance;
-
- arena = NSSCKFWInstance_GetArena(fwInstance, &rv);
- if( ((NSSArena *)NULL == arena) && (CKR_OK != rv) ) {
- return rv;
- }
-
- instance = nss_ZNEW(arena, nss_dbm_instance_t);
- if( (nss_dbm_instance_t *)NULL == instance ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->arena = arena;
-
- /*
- * This should parse the configuration data for information on
- * number and locations of databases, modes (e.g. readonly), etc.
- * But for now, we'll have one slot with a creatable read-write
- * database called "cert8.db."
- */
-
- instance->nSlots = 1;
- instance->filenames = nss_ZNEWARRAY(arena, char *, instance->nSlots);
- if( (char **)NULL == instance->filenames ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->flags = nss_ZNEWARRAY(arena, int, instance->nSlots);
- if( (int *)NULL == instance->flags ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->filenames[0] = "cert8.db";
- instance->flags[0] = O_RDWR|O_CREAT;
-
- mdInstance->etc = (void *)instance;
- return CKR_OK;
-}
-
-/* nss_dbm_mdInstance_Finalize is not required */
-
-static CK_ULONG
-nss_dbm_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- return instance->nSlots;
-}
-
-static CK_VERSION
-nss_dbm_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- static CK_VERSION rv = { 2, 1 };
- return rv;
-}
-
-static NSSUTF8 *
-nss_dbm_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Netscape Communications Corp.";
-}
-
-static NSSUTF8 *
-nss_dbm_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Berkeley Database Module";
-}
-
-static CK_VERSION
-nss_dbm_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- static CK_VERSION rv = { 1, 0 }; /* My own version number */
- return rv;
-}
-
-static CK_BBOOL
-nss_dbm_mdInstance_ModuleHandlesSessionObjects
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_TRUE;
-}
-
-static CK_RV
-nss_dbm_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
-{
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_ULONG i;
- CK_RV rv = CKR_OK;
-
- for( i = 0; i < instance->nSlots; i++ ) {
- slots[i] = nss_dbm_mdSlot_factory(instance, instance->filenames[i],
- instance->flags[i], &rv);
- if( (NSSCKMDSlot *)NULL == slots[i] ) {
- return rv;
- }
- }
-
- return rv;
-}
-
-/* nss_dbm_mdInstance_WaitForSlotEvent is not relevant */
-
-NSS_IMPLEMENT_DATA NSSCKMDInstance
-nss_dbm_mdInstance = {
- NULL, /* etc; filled in later */
- nss_dbm_mdInstance_Initialize,
- NULL, /* nss_dbm_mdInstance_Finalize */
- nss_dbm_mdInstance_GetNSlots,
- nss_dbm_mdInstance_GetCryptokiVersion,
- nss_dbm_mdInstance_GetManufacturerID,
- nss_dbm_mdInstance_GetLibraryDescription,
- nss_dbm_mdInstance_GetLibraryVersion,
- nss_dbm_mdInstance_ModuleHandlesSessionObjects,
- nss_dbm_mdInstance_GetSlots,
- NULL, /* nss_dbm_mdInstance_WaitForSlotEvent */
- NULL /* terminator */
-};
diff --git a/security/nss/lib/ckfw/dbm/manifest.mn b/security/nss/lib/ckfw/dbm/manifest.mn
deleted file mode 100644
index 8f0053b39..000000000
--- a/security/nss/lib/ckfw/dbm/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../../..
-
-MODULE = nss
-
-CSRCS = \
- anchor.c \
- instance.c \
- slot.c \
- token.c \
- session.c \
- object.c \
- find.c \
- db.c \
- $(NULL)
-
-REQUIRES = dbm nspr
-
-LIBRARY_NAME = nssckdbm
-
-EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -ldbm -lnspr4 -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/dbm/object.c b/security/nss/lib/ckfw/dbm/object.c
deleted file mode 100644
index 2bd7578fd..000000000
--- a/security/nss/lib/ckfw/dbm/object.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- ;
-}
-
-static CK_RV
-nss_dbm_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- return nss_dbm_db_delete_object(object->handle);
-}
-
-static CK_ULONG
-nss_dbm_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_count(object->handle, pError,
- &session->deviceError);
-}
-
-static CK_RV
-nss_dbm_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_types(object->handle, typeArray,
- ulCount, &session->deviceError);
-}
-
-static CK_ULONG
-nss_dbm_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_size(object->handle, attribute, pError,
- &session->deviceError);
-}
-
-static NSSItem *
-nss_dbm_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute(object->handle, object->arena, attribute,
- pError, &session->deviceError);
-}
-
-static CK_RV
-nss_dbm_mdObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_set_object_attribute(object->handle, attribute, value,
- &session->deviceError);
-}
-
-NSS_IMPLEMENT NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
- nss_dbm_object_t *object,
- CK_RV *pError
-)
-{
- NSSCKMDObject *rv;
-
- rv = nss_ZNEW(object->arena, NSSCKMDObject);
- if( (NSSCKMDObject *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- rv->etc = (void *)object;
- rv->Finalize = nss_dbm_mdObject_Finalize;
- rv->Destroy = nss_dbm_mdObject_Destroy;
- /* IsTokenObject can be deferred */
- rv->GetAttributeCount = nss_dbm_mdObject_GetAttributeCount;
- rv->GetAttributeTypes = nss_dbm_mdObject_GetAttributeTypes;
- rv->GetAttributeSize = nss_dbm_mdObject_GetAttributeSize;
- rv->GetAttribute = nss_dbm_mdObject_GetAttribute;
- rv->SetAttribute = nss_dbm_mdObject_SetAttribute;
- /* GetObjectSize can be deferred */
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/session.c b/security/nss/lib/ckfw/dbm/session.c
deleted file mode 100644
index c0969d948..000000000
--- a/security/nss/lib/ckfw/dbm/session.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdSession_Close
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-
- struct nss_dbm_dbt_node *w;
-
- /* Lock */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(session->list_lock) ) {
- return;
- }
-
- w = session->session_objects;
- session->session_objects = (struct nss_dbm_dbt_node *)NULL; /* sanity */
-
- (void)NSSCKFWMutex_Unlock(session->list_lock);
- }
-
- for( ; (struct nss_dbm_dbt_node *)NULL != w; w = w->next ) {
- (void)nss_dbm_db_delete_object(w->dbt);
- }
-}
-
-static CK_ULONG
-nss_dbm_mdSession_GetDeviceError
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return session->deviceError;
-}
-
-/* Login isn't needed */
-/* Logout isn't needed */
-/* InitPIN is irrelevant */
-/* SetPIN is irrelevant */
-/* GetOperationStateLen is irrelevant */
-/* GetOperationState is irrelevant */
-/* SetOperationState is irrelevant */
-
-static NSSCKMDObject *
-nss_dbm_mdSession_CreateObject
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- CK_ULONG i;
- CK_BBOOL isToken = CK_FALSE; /* defaults to false */
- NSSCKMDObject *rv;
- struct nss_dbm_dbt_node *node = (struct nss_dbm_dbt_node *)NULL;
- nss_dbm_object_t *object;
- nss_dbm_db_t *which_db;
-
- /* This framework should really pass this to me */
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- isToken = *(CK_BBOOL *)pTemplate[i].pValue;
- break;
- }
- }
-
- object = nss_ZNEW(handyArenaPointer, nss_dbm_object_t);
- if( (nss_dbm_object_t *)NULL == object ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->arena = handyArenaPointer;
- which_db = isToken ? token->slot->token_db : token->session_db;
-
- /* Do this before the actual database call; it's easier to recover from */
- rv = nss_dbm_mdObject_factory(object, pError);
- if( (NSSCKMDObject *)NULL == rv ) {
- return (NSSCKMDObject *)NULL;
- }
-
- if( CK_FALSE == isToken ) {
- node = nss_ZNEW(session->arena, struct nss_dbm_dbt_node);
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
- }
-
- object->handle = nss_dbm_db_create_object(handyArenaPointer, which_db,
- pTemplate, ulAttributeCount,
- pError, &session->deviceError);
- if( (nss_dbm_dbt_t *)NULL == object->handle ) {
- return (NSSCKMDObject *)NULL;
- }
-
- if( CK_FALSE == isToken ) {
- node->dbt = object->handle;
- /* Lock */
- {
- *pError = NSSCKFWMutex_Lock(session->list_lock);
- if( CKR_OK != *pError ) {
- (void)nss_dbm_db_delete_object(object->handle);
- return (NSSCKMDObject *)NULL;
- }
-
- node->next = session->session_objects;
- session->session_objects = node;
-
- *pError = NSSCKFWMutex_Unlock(session->list_lock);
- }
- }
-
- return rv;
-}
-
-/* CopyObject isn't needed; the framework will use CreateObject */
-
-static NSSCKMDFindObjects *
-nss_dbm_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- NSSArena *arena;
- nss_dbm_find_t *find;
- NSSCKMDFindObjects *rv;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- find = nss_ZNEW(arena, nss_dbm_find_t);
- if( (nss_dbm_find_t *)NULL == find ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- find->arena = arena;
- find->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == find->list_lock ) {
- goto loser;
- }
-
- *pError = nss_dbm_db_find_objects(find, token->slot->token_db, pTemplate,
- ulAttributeCount, &session->deviceError);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pError = nss_dbm_db_find_objects(find, token->session_db, pTemplate,
- ulAttributeCount, &session->deviceError);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- rv = nss_dbm_mdFindObjects_factory(find, pError);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- if( (NSSArena *)NULL != arena ) {
- (void)NSSArena_Destroy(arena);
- }
-
- return (NSSCKMDFindObjects *)NULL;
-}
-
-/* SeedRandom is irrelevant */
-/* GetRandom is irrelevant */
-
-NSS_IMPLEMENT NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
- nss_dbm_token_t *token,
- NSSCKFWSession *fwSession,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL rw,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- nss_dbm_session_t *session;
- NSSCKMDSession *rv;
-
- arena = NSSCKFWSession_GetArena(fwSession, pError);
-
- session = nss_ZNEW(arena, nss_dbm_session_t);
- if( (nss_dbm_session_t *)NULL == session ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- session->arena = arena;
- session->token = token;
- session->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == session->list_lock ) {
- return (NSSCKMDSession *)NULL;
- }
-
- rv->etc = (void *)session;
- rv->Close = nss_dbm_mdSession_Close;
- rv->GetDeviceError = nss_dbm_mdSession_GetDeviceError;
- /* Login isn't needed */
- /* Logout isn't needed */
- /* InitPIN is irrelevant */
- /* SetPIN is irrelevant */
- /* GetOperationStateLen is irrelevant */
- /* GetOperationState is irrelevant */
- /* SetOperationState is irrelevant */
- rv->CreateObject = nss_dbm_mdSession_CreateObject;
- /* CopyObject isn't needed; the framework will use CreateObject */
- rv->FindObjectsInit = nss_dbm_mdSession_FindObjectsInit;
- rv->null = NULL;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/slot.c b/security/nss/lib/ckfw/dbm/slot.c
deleted file mode 100644
index 40898897a..000000000
--- a/security/nss/lib/ckfw/dbm/slot.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdSlot_Initialize
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_RV rv = CKR_OK;
-
- slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, slot->filename,
- slot->flags, &rv);
- if( (nss_dbm_db_t *)NULL == slot->token_db ) {
- if( CKR_TOKEN_NOT_PRESENT == rv ) {
- /* This is not an error-- just means "the token isn't there" */
- rv = CKR_OK;
- }
- }
-
- return rv;
-}
-
-static void
-nss_dbm_mdSlot_Destroy
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-
- if( (nss_dbm_db_t *)NULL != slot->token_db ) {
- nss_dbm_db_close(slot->token_db);
- slot->token_db = (nss_dbm_db_t *)NULL;
- }
-}
-
-static NSSUTF8 *
-nss_dbm_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Database";
-}
-
-static NSSUTF8 *
-nss_dbm_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Berkeley";
-}
-
-static CK_BBOOL
-nss_dbm_mdSlot_GetTokenPresent
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-
- if( (nss_dbm_db_t *)NULL == slot->token_db ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
-}
-
-static CK_BBOOL
-nss_dbm_mdSlot_GetRemovableDevice
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- /*
- * Well, this supports "tokens" (databases) that aren't there, so in
- * that sense they're removable. It'd be nice to handle databases
- * that suddenly disappear (NFS-mounted home directories and network
- * errors, for instance) but that's a harder problem. We'll say
- * we support removable devices, badly.
- */
-
- return CK_TRUE;
-}
-
-/* nss_dbm_mdSlot_GetHardwareSlot defaults to CK_FALSE */
-/*
- * nss_dbm_mdSlot_GetHardwareVersion
- * nss_dbm_mdSlot_GetFirmwareVersion
- *
- * These are kinda fuzzy concepts here. I suppose we could return the
- * Berkeley DB version for one of them, if we had an actual number we
- * were confident in. But mcom's "dbm" has been hacked enough that I
- * don't really know from what "real" version it stems..
- */
-
-static NSSCKMDToken *
-nss_dbm_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- return nss_dbm_mdToken_factory(slot, pError);
-}
-
-NSS_IMPLEMENT NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
- nss_dbm_instance_t *instance,
- char *filename,
- int flags,
- CK_RV *pError
-)
-{
- nss_dbm_slot_t *slot;
- NSSCKMDSlot *rv;
-
- slot = nss_ZNEW(instance->arena, nss_dbm_slot_t);
- if( (nss_dbm_slot_t *)NULL == slot ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSlot *)NULL;
- }
-
- slot->instance = instance;
- slot->filename = filename;
- slot->flags = flags;
- slot->token_db = (nss_dbm_db_t *)NULL;
-
- rv = nss_ZNEW(instance->arena, NSSCKMDSlot);
- if( (NSSCKMDSlot *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSlot *)NULL;
- }
-
- rv->etc = (void *)slot;
- rv->Initialize = nss_dbm_mdSlot_Initialize;
- rv->Destroy = nss_dbm_mdSlot_Destroy;
- rv->GetSlotDescription = nss_dbm_mdSlot_GetSlotDescription;
- rv->GetManufacturerID = nss_dbm_mdSlot_GetManufacturerID;
- rv->GetTokenPresent = nss_dbm_mdSlot_GetTokenPresent;
- rv->GetRemovableDevice = nss_dbm_mdSlot_GetRemovableDevice;
- /* GetHardwareSlot */
- /* GetHardwareVersion */
- /* GetFirmwareVersion */
- rv->GetToken = nss_dbm_mdSlot_GetToken;
- rv->null = (void *)NULL;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/token.c b/security/nss/lib/ckfw/dbm/token.c
deleted file mode 100644
index 7c7fbf9e5..000000000
--- a/security/nss/lib/ckfw/dbm/token.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdToken_Setup
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- CK_RV rv = CKR_OK;
-
- token->arena = NSSCKFWToken_GetArena(fwToken, &rv);
- token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
- O_RDWR|O_CREAT, &rv);
- if( (nss_dbm_db_t *)NULL == token->session_db ) {
- return rv;
- }
-
- /* Add a label record if there isn't one? */
-
- return CKR_OK;
-}
-
-static void
-nss_dbm_mdToken_Invalidate
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
- if( (nss_dbm_db_t *)NULL != token->session_db ) {
- nss_dbm_db_close(token->session_db);
- token->session_db = (nss_dbm_db_t *)NULL;
- }
-}
-
-static CK_RV
-nss_dbm_mdToken_InitToken
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin,
- NSSUTF8 *label
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_RV rv;
-
- /* Wipe the session object data */
-
- if( (nss_dbm_db_t *)NULL != token->session_db ) {
- nss_dbm_db_close(token->session_db);
- }
-
- token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
- O_RDWR|O_CREAT, &rv);
- if( (nss_dbm_db_t *)NULL == token->session_db ) {
- return rv;
- }
-
- /* Wipe the token object data */
-
- if( token->slot->flags & O_RDWR ) {
- if( (nss_dbm_db_t *)NULL != token->slot->token_db ) {
- nss_dbm_db_close(token->slot->token_db);
- }
-
- token->slot->token_db = nss_dbm_db_open(instance->arena, fwInstance,
- token->slot->filename,
- token->slot->flags | O_CREAT | O_TRUNC,
- &rv);
- if( (nss_dbm_db_t *)NULL == token->slot->token_db ) {
- return rv;
- }
-
- /* PIN is irrelevant */
-
- rv = nss_dbm_db_set_label(token->slot->token_db, label);
- if( CKR_OK != rv ) {
- return rv;
- }
- }
-
- return CKR_OK;
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
- if( (NSSUTF8 *)NULL == token->label ) {
- token->label = nss_dbm_db_get_label(token->slot->token_db, token->arena, pError);
- }
-
- /* If no label has been set, return *something* */
- if( (NSSUTF8 *)NULL == token->label ) {
- return token->slot->filename;
- }
-
- return token->label;
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "mozilla.org NSS";
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "dbm";
-}
-
-/* GetSerialNumber is irrelevant */
-/* GetHasRNG defaults to CK_FALSE */
-
-static CK_BBOOL
-nss_dbm_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
- if( token->slot->flags & O_RDWR ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
-}
-
-/* GetLoginRequired defaults to CK_FALSE */
-/* GetUserPinInitialized defaults to CK_FALSE */
-/* GetRestoreKeyNotNeeded is irrelevant */
-/* GetHasClockOnToken defaults to CK_FALSE */
-/* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
-/* GetSupportsDualCryptoOperations is irrelevant */
-
-static CK_ULONG
-nss_dbm_mdToken_effectively_infinite
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_EFFECTIVELY_INFINITE;
-}
-
-static CK_VERSION
-nss_dbm_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- return nss_dbm_db_get_format_version(token->slot->token_db);
-}
-
-/* GetFirmwareVersion is irrelevant */
-/* GetUTCTime is irrelevant */
-
-static NSSCKMDSession *
-nss_dbm_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- return nss_dbm_mdSession_factory(token, fwSession, fwInstance, rw, pError);
-}
-
-/* GetMechanismCount defaults to zero */
-/* GetMechanismTypes is irrelevant */
-/* GetMechanism is irrelevant */
-
-NSS_IMPLEMENT NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
- nss_dbm_slot_t *slot,
- CK_RV *pError
-)
-{
- nss_dbm_token_t *token;
- NSSCKMDToken *rv;
-
- token = nss_ZNEW(slot->instance->arena, nss_dbm_token_t);
- if( (nss_dbm_token_t *)NULL == token ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDToken *)NULL;
- }
-
- rv = nss_ZNEW(slot->instance->arena, NSSCKMDToken);
- if( (NSSCKMDToken *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDToken *)NULL;
- }
-
- token->slot = slot;
-
- rv->etc = (void *)token;
- rv->Setup = nss_dbm_mdToken_Setup;
- rv->Invalidate = nss_dbm_mdToken_Invalidate;
- rv->InitToken = nss_dbm_mdToken_InitToken;
- rv->GetLabel = nss_dbm_mdToken_GetLabel;
- rv->GetManufacturerID = nss_dbm_mdToken_GetManufacturerID;
- rv->GetModel = nss_dbm_mdToken_GetModel;
- /* GetSerialNumber is irrelevant */
- /* GetHasRNG defaults to CK_FALSE */
- rv->GetIsWriteProtected = nss_dbm_mdToken_GetIsWriteProtected;
- /* GetLoginRequired defaults to CK_FALSE */
- /* GetUserPinInitialized defaults to CK_FALSE */
- /* GetRestoreKeyNotNeeded is irrelevant */
- /* GetHasClockOnToken defaults to CK_FALSE */
- /* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
- /* GetSupportsDualCryptoOperations is irrelevant */
- rv->GetMaxSessionCount = nss_dbm_mdToken_effectively_infinite;
- rv->GetMaxRwSessionCount = nss_dbm_mdToken_effectively_infinite;
- /* GetMaxPinLen is irrelevant */
- /* GetMinPinLen is irrelevant */
- /* GetTotalPublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetFreePublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetTotalPrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetFreePrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
- rv->GetHardwareVersion = nss_dbm_mdToken_GetHardwareVersion;
- /* GetFirmwareVersion is irrelevant */
- /* GetUTCTime is irrelevant */
- rv->OpenSession = nss_dbm_mdToken_OpenSession;
- rv->null = NULL;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/find.c b/security/nss/lib/ckfw/find.c
deleted file mode 100644
index 9f8a22a31..000000000
--- a/security/nss/lib/ckfw/find.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * find.c
- *
- * This file implements the nssCKFWFindObjects type and methods.
- */
-
-#ifndef CK_H
-#include "ck.h"
-#endif /* CK_H */
-
-/*
- * NSSCKFWFindObjects
- *
- * -- create/destroy --
- * nssCKFWFindObjects_Create
- * nssCKFWFindObjects_Destroy
- *
- * -- public accessors --
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- * -- implement public accessors --
- * nssCKFWFindObjects_GetMDFindObjects
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWFindObjects_Next
- */
-
-struct NSSCKFWFindObjectsStr {
- NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
- NSSCKMDFindObjects *mdfo1;
- NSSCKMDFindObjects *mdfo2;
- NSSCKFWSession *fwSession;
- NSSCKMDSession *mdSession;
- NSSCKFWToken *fwToken;
- NSSCKMDToken *mdToken;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
-
- NSSCKMDFindObjects *mdFindObjects; /* varies */
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do these routines as no-ops.
- */
-
-static CK_RV
-findObjects_add_pointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-findObjects_remove_pointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWFindObjects_verifyPointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWFindObjects_Create
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- NSSCKMDFindObjects *mdFindObjects1,
- NSSCKMDFindObjects *mdFindObjects2,
- CK_RV *pError
-)
-{
- NSSCKFWFindObjects *fwFindObjects = NULL;
- NSSCKMDSession *mdSession;
- NSSCKMDToken *mdToken;
- NSSCKMDInstance *mdInstance;
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdToken = nssCKFWToken_GetMDToken(fwToken);
- mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
-
- fwFindObjects = nss_ZNEW(NULL, NSSCKFWFindObjects);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwFindObjects->mdfo1 = mdFindObjects1;
- fwFindObjects->mdfo2 = mdFindObjects2;
- fwFindObjects->fwSession = fwSession;
- fwFindObjects->mdSession = mdSession;
- fwFindObjects->fwToken = fwToken;
- fwFindObjects->mdToken = mdToken;
- fwFindObjects->fwInstance = fwInstance;
- fwFindObjects->mdInstance = mdInstance;
-
- fwFindObjects->mutex = nssCKFWInstance_CreateMutex(fwInstance, NULL, pError);
- if( (NSSCKFWMutex *)NULL == fwFindObjects->mutex ) {
- goto loser;
- }
-
-#ifdef DEBUG
- *pError = findObjects_add_pointer(fwFindObjects);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return fwFindObjects;
-
- loser:
- nss_ZFreeIf(fwFindObjects);
-
- if( (NSSCKMDFindObjects *)NULL != mdFindObjects1 ) {
- if( (void *)NULL != (void *)mdFindObjects1->Final ) {
- fwFindObjects->mdFindObjects = mdFindObjects1;
- mdFindObjects1->Final(mdFindObjects1, fwFindObjects, mdSession,
- fwSession, mdToken, fwToken, mdInstance, fwInstance);
- }
- }
-
- if( (NSSCKMDFindObjects *)NULL != mdFindObjects2 ) {
- if( (void *)NULL != (void *)mdFindObjects2->Final ) {
- fwFindObjects->mdFindObjects = mdFindObjects2;
- mdFindObjects2->Final(mdFindObjects2, fwFindObjects, mdSession,
- fwSession, mdToken, fwToken, mdInstance, fwInstance);
- }
- }
-
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- return (NSSCKFWFindObjects *)NULL;
-}
-
-
-/*
- * nssCKFWFindObjects_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwFindObjects->mutex);
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo1 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo1->Final ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
- fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- }
- }
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo2 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo2->Final ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
- fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- }
- }
-
- nss_ZFreeIf(fwFindObjects);
-
-#ifdef DEBUG
- (void)findObjects_remove_pointer(fwFindObjects);
-#endif /* DEBUG */
-
- return;
-}
-
-/*
- * nssCKFWFindObjects_GetMDFindObjects
- *
- */
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwFindObjects->mdFindObjects;
-}
-
-/*
- * nssCKFWFindObjects_Next
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
- NSSCKFWFindObjects *fwFindObjects,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
-{
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
- NSSArena *objArena;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo1 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo1->Next ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
- mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
- fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance,
- arenaOpt, pError);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- /* All done. */
- fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
- } else {
- goto wrap;
- }
- }
- }
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo2 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo2->Next ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
- mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
- fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance,
- arenaOpt, pError);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- /* All done. */
- fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
- } else {
- goto wrap;
- }
- }
- }
-
- /* No more objects */
- *pError = CKR_OK;
- goto done;
-
- wrap:
- /*
- * This is less than ideal-- we should determine if it's a token
- * object or a session object, and use the appropriate arena.
- * But that duplicates logic in nssCKFWObject_IsTokenObject.
- * Worry about that later. For now, be conservative, and use
- * the token arena.
- */
- objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
- if( (NSSArena *)NULL == objArena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_HOST_MEMORY;
- }
- goto done;
- }
-
- fwObject = nssCKFWObject_Create(objArena, mdObject,
- fwFindObjects->fwSession, fwFindObjects->fwToken,
- fwFindObjects->fwInstance, pError);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
- return fwObject;
-}
-
-/*
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWFindObjects_GetMDFindObjects(fwFindObjects);
-}
diff --git a/security/nss/lib/ckfw/hash.c b/security/nss/lib/ckfw/hash.c
deleted file mode 100644
index f9790493b..000000000
--- a/security/nss/lib/ckfw/hash.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hash.c
- *
- * This is merely a couple wrappers around NSPR's PLHashTable, using
- * the identity hash and arena-aware allocators. The reason I did
- * this is that hash tables are used in a few places throughout the
- * NSS Cryptoki Framework in a fairly stereotyped way, and this allows
- * me to pull the commonalities into one place. Should we ever want
- * to change the implementation, it's all right here.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * nssCKFWHash
- *
- * nssCKFWHash_Create
- * nssCKFWHash_Destroy
- * nssCKFWHash_Add
- * nssCKFWHash_Remove
- * nssCKFWHash_Count
- * nssCKFWHash_Exists
- * nssCKFWHash_Lookup
- * nssCKFWHash_Iterate
- */
-
-struct nssCKFWHashStr {
- NSSCKFWMutex *mutex;
-
- /*
- * The invariant that mutex protects is:
- * The count accurately reflects the hashtable state.
- */
-
- PLHashTable *plHashTable;
- CK_ULONG count;
-};
-
-static PLHashNumber
-nss_ckfw_identity_hash
-(
- const void *key
-)
-{
- PRUint32 i = (PRUint32)key;
- PR_ASSERT(sizeof(PLHashNumber) == sizeof(PRUint32));
- return (PLHashNumber)i;
-}
-
-/*
- * nssCKFWHash_Create
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWHash_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- nssCKFWHash *rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (nssCKFWHash *)NULL;
- }
-
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- rv = nss_ZNEW(arena, nssCKFWHash);
- if( (nssCKFWHash *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nssCKFWHash *)NULL;
- }
-
- rv->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == rv->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (nssCKFWHash *)NULL;
- }
-
- rv->plHashTable = PL_NewHashTable(0, nss_ckfw_identity_hash,
- PL_CompareValues, PL_CompareValues, &nssArenaHashAllocOps, arena);
- if( (PLHashTable *)NULL == rv->plHashTable ) {
- (void)nssCKFWMutex_Destroy(rv->mutex);
- (void)nss_ZFreeIf(rv);
- *pError = CKR_HOST_MEMORY;
- return (nssCKFWHash *)NULL;
- }
-
- rv->count = 0;
-
- return rv;
-}
-
-/*
- * nssCKFWHash_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Destroy
-(
- nssCKFWHash *hash
-)
-{
- (void)nssCKFWMutex_Destroy(hash->mutex);
- PL_HashTableDestroy(hash->plHashTable);
- (void)nss_ZFreeIf(hash);
-}
-
-/*
- * nssCKFWHash_Add
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWHash_Add
-(
- nssCKFWHash *hash,
- const void *key,
- const void *value
-)
-{
- CK_RV error = CKR_OK;
- PLHashEntry *he;
-
- error = nssCKFWMutex_Lock(hash->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
- if( (PLHashEntry *)NULL == he ) {
- error = CKR_HOST_MEMORY;
- } else {
- hash->count++;
- }
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return error;
-}
-
-/*
- * nssCKFWHash_Remove
- *
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Remove
-(
- nssCKFWHash *hash,
- const void *it
-)
-{
- PRBool found;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return;
- }
-
- found = PL_HashTableRemove(hash->plHashTable, it);
- if( found ) {
- hash->count--;
- }
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
- return;
-}
-
-/*
- * nssCKFWHash_Count
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWHash_Count
-(
- nssCKFWHash *hash
-)
-{
- CK_ULONG count;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return (CK_ULONG)0;
- }
-
- count = hash->count;
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return count;
-}
-
-/*
- * nssCKFWHash_Exists
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWHash_Exists
-(
- nssCKFWHash *hash,
- const void *it
-)
-{
- void *value;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return CK_FALSE;
- }
-
- value = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- if( (void *)NULL == value ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
-}
-
-/*
- * nssCKFWHash_Lookup
- *
- */
-NSS_IMPLEMENT void *
-nssCKFWHash_Lookup
-(
- nssCKFWHash *hash,
- const void *it
-)
-{
- void *rv;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return (void *)NULL;
- }
-
- rv = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return rv;
-}
-
-struct arg_str {
- nssCKFWHashIterator fcn;
- void *closure;
-};
-
-static PRIntn
-nss_ckfwhash_enumerator
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
-{
- struct arg_str *as = (struct arg_str *)arg;
- as->fcn(he->key, he->value, as->closure);
- return HT_ENUMERATE_NEXT;
-}
-
-/*
- * nssCKFWHash_Iterate
- *
- * NOTE that the iteration function will be called with the hashtable locked.
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Iterate
-(
- nssCKFWHash *hash,
- nssCKFWHashIterator fcn,
- void *closure
-)
-{
- struct arg_str as;
- as.fcn = fcn;
- as.closure = closure;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return;
- }
-
- PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return;
-}
diff --git a/security/nss/lib/ckfw/instance.c b/security/nss/lib/ckfw/instance.c
deleted file mode 100644
index 103726573..000000000
--- a/security/nss/lib/ckfw/instance.c
+++ /dev/null
@@ -1,1355 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * instance.c
- *
- * This file implements the NSSCKFWInstance type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWInstance
- *
- * -- create/destroy --
- * nssCKFWInstance_Create
- * nssCKFWInstance_Destroy
- *
- * -- public accessors --
- * NSSCKFWInstance_GetMDInstance
- * NSSCKFWInstance_GetArena
- * NSSCKFWInstance_MayCreatePthreads
- * NSSCKFWInstance_CreateMutex
- * NSSCKFWInstance_GetConfigurationData
- * NSSCKFWInstance_GetInitArgs
- *
- * -- implement public accessors --
- * nssCKFWInstance_GetMDInstance
- * nssCKFWInstance_GetArena
- * nssCKFWInstance_MayCreatePthreads
- * nssCKFWInstance_CreateMutex
- * nssCKFWInstance_GetConfigurationData
- * nssCKFWInstance_GetInitArgs
- *
- * -- private accessors --
- * nssCKFWInstance_CreateSessionHandle
- * nssCKFWInstance_ResolveSessionHandle
- * nssCKFWInstance_DestroySessionHandle
- * nssCKFWInstance_FindSessionHandle
- * nssCKFWInstance_CreateObjectHandle
- * nssCKFWInstance_ResolveObjectHandle
- * nssCKFWInstance_DestroyObjectHandle
- *
- * -- module fronts --
- * nssCKFWInstance_GetNSlots
- * nssCKFWInstance_GetCryptokiVersion
- * nssCKFWInstance_GetManufacturerID
- * nssCKFWInstance_GetFlags
- * nssCKFWInstance_GetLibraryDescription
- * nssCKFWInstance_GetLibraryVersion
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- * nssCKFWInstance_GetSlots
- * nssCKFWInstance_WaitForSlotEvent
- *
- * -- debugging versions only --
- * nssCKFWInstance_verifyPointer
- */
-
-struct NSSCKFWInstanceStr {
- NSSCKFWMutex *mutex;
- NSSArena *arena;
- NSSCKMDInstance *mdInstance;
- CK_C_INITIALIZE_ARGS_PTR pInitArgs;
- CK_BBOOL mayCreatePthreads;
- NSSUTF8 *configurationData;
- CK_ULONG nSlots;
- NSSCKFWSlot **fwSlotList;
- NSSCKMDSlot **mdSlotList;
- CK_BBOOL moduleHandlesSessionObjects;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The session handle hashes and count are consistant
- *
- * 3) The object handle hashes and count are consistant.
- *
- * I could use multiple locks, but let's wait to see if that's
- * really necessary.
- *
- * Note that the calls accessing the cached descriptions will
- * call the NSSCKMDInstance methods with the mutex locked. Those
- * methods may then call the public NSSCKFWInstance routines.
- * Those public routines only access the constant data above, so
- * there's no problem. But be careful if you add to this object;
- * mutexes are in general not reentrant, so don't create deadlock
- * situations.
- */
-
- CK_VERSION cryptokiVersion;
- NSSUTF8 *manufacturerID;
- NSSUTF8 *libraryDescription;
- CK_VERSION libraryVersion;
-
- CK_ULONG lastSessionHandle;
- nssCKFWHash *sessionHandleHash;
-
- CK_ULONG lastObjectHandle;
- nssCKFWHash *objectHandleHash;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-instance_add_pointer
-(
- const NSSCKFWInstance *fwInstance
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-instance_remove_pointer
-(
- const NSSCKFWInstance *fwInstance
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_verifyPointer
-(
- const NSSCKFWInstance *fwInstance
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWInstance_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWInstance_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSCKMDInstance *mdInstance,
- CK_RV *pError
-)
-{
- NSSCKFWInstance *fwInstance;
- NSSArena *arena = (NSSArena *)NULL;
- CK_ULONG i;
- CK_BBOOL called_Initialize = CK_FALSE;
-
-#ifdef NSSDEBUG
- if( (CK_RV)NULL == pError ) {
- return (NSSCKFWInstance *)NULL;
- }
-
- if( (NSSCKMDInstance *)NULL == mdInstance ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWInstance *)NULL;
- }
-
- fwInstance = nss_ZNEW(arena, NSSCKFWInstance);
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- goto nomem;
- }
-
- fwInstance->arena = arena;
- fwInstance->mdInstance = mdInstance;
- fwInstance->pInitArgs = pInitArgs;
-
- if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
- if( pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS ) {
- fwInstance->mayCreatePthreads = CK_FALSE;
- } else {
- fwInstance->mayCreatePthreads = CK_TRUE;
- }
- fwInstance->configurationData = (NSSUTF8 *)(pInitArgs->pReserved);
- } else {
- fwInstance->mayCreatePthreads = CK_TRUE;
- }
-
- fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwInstance->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- if( (void *)NULL != (void *)mdInstance->Initialize ) {
- *pError = mdInstance->Initialize(mdInstance, fwInstance, fwInstance->configurationData);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- called_Initialize = CK_TRUE;
- }
-
- if( (void *)NULL != (void *)mdInstance->ModuleHandlesSessionObjects ) {
- fwInstance->moduleHandlesSessionObjects =
- mdInstance->ModuleHandlesSessionObjects(mdInstance, fwInstance);
- } else {
- fwInstance->moduleHandlesSessionObjects = CK_FALSE;
- }
-
- if( (void *)NULL == (void *)mdInstance->GetNSlots ) {
- /* That routine is required */
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- fwInstance->nSlots = mdInstance->GetNSlots(mdInstance, fwInstance, pError);
- if( (CK_ULONG)0 == fwInstance->nSlots ) {
- if( CKR_OK == *pError ) {
- /* Zero is not a legitimate answer */
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- fwInstance->fwSlotList = nss_ZNEWARRAY(arena, NSSCKFWSlot *, fwInstance->nSlots);
- if( (NSSCKFWSlot **)NULL == fwInstance->fwSlotList ) {
- goto nomem;
- }
-
- fwInstance->mdSlotList = nss_ZNEWARRAY(arena, NSSCKMDSlot *, fwInstance->nSlots);
- if( (NSSCKMDSlot **)NULL == fwInstance->mdSlotList ) {
- goto nomem;
- }
-
- fwInstance->sessionHandleHash = nssCKFWHash_Create(fwInstance,
- fwInstance->arena, pError);
- if( (nssCKFWHash *)NULL == fwInstance->sessionHandleHash ) {
- goto loser;
- }
-
- fwInstance->objectHandleHash = nssCKFWHash_Create(fwInstance,
- fwInstance->arena, pError);
- if( (nssCKFWHash *)NULL == fwInstance->objectHandleHash ) {
- goto loser;
- }
-
- if( (void *)NULL == (void *)mdInstance->GetSlots ) {
- /* That routine is required */
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- *pError = mdInstance->GetSlots(mdInstance, fwInstance, fwInstance->mdSlotList);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- NSSCKMDSlot *mdSlot = fwInstance->mdSlotList[i];
-
- if( (NSSCKMDSlot *)NULL == mdSlot ) {
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- fwInstance->fwSlotList[i] = nssCKFWSlot_Create(fwInstance, mdSlot, i, pError);
- if( CKR_OK != *pError ) {
- CK_ULONG j;
-
- for( j = 0; j < i; j++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[j]);
- }
-
- for( j = i; j < fwInstance->nSlots; j++ ) {
- NSSCKMDSlot *mds = fwInstance->mdSlotList[j];
- if( (void *)NULL != (void *)mds->Destroy ) {
- mds->Destroy(mds, (NSSCKFWSlot *)NULL, mdInstance, fwInstance);
- }
- }
-
- goto loser;
- }
- }
-
-#ifdef DEBUG
- *pError = instance_add_pointer(fwInstance);
- if( CKR_OK != *pError ) {
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
- }
-
- goto loser;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return fwInstance;
-
- nomem:
- *pError = CKR_HOST_MEMORY;
- /*FALLTHROUGH*/
- loser:
-
- if( CK_TRUE == called_Initialize ) {
- if( (void *)NULL != (void *)mdInstance->Finalize ) {
- mdInstance->Finalize(mdInstance, fwInstance);
- }
- }
-
- (void)NSSArena_Destroy(arena);
- return (NSSCKFWInstance *)NULL;
-}
-
-/*
- * nssCKFWInstance_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_Destroy
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- nssCKFWMutex_Destroy(fwInstance->mutex);
-
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
- }
-
- if( (void *)NULL != (void *)fwInstance->mdInstance->Finalize ) {
- fwInstance->mdInstance->Finalize(fwInstance->mdInstance, fwInstance);
- }
-
- if (fwInstance->sessionHandleHash) {
- nssCKFWHash_Destroy(fwInstance->sessionHandleHash);
- }
-
- if (fwInstance->objectHandleHash) {
- nssCKFWHash_Destroy(fwInstance->objectHandleHash);
- }
-
-#ifdef DEBUG
- (void)instance_remove_pointer(fwInstance);
-#endif /* DEBUG */
-
- (void)NSSArena_Destroy(fwInstance->arena);
- return CKR_OK;
-}
-
-/*
- * nssCKFWInstance_GetMDInstance
- *
- */
-NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->mdInstance;
-}
-
-/*
- * nssCKFWInstance_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = CKR_OK;
- return fwInstance->arena;
-}
-
-/*
- * nssCKFWInstance_MayCreatePthreads
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->mayCreatePthreads;
-}
-
-/*
- * nssCKFWInstance_CreateMutex
- *
- */
-NSS_IMPLEMENT NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- NSSCKFWMutex *mutex;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, arena, pError);
- if( (NSSCKFWMutex *)NULL == mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- return (NSSCKFWMutex *)NULL;
- }
-
- return mutex;
-}
-
-/*
- * nssCKFWInstance_GetConfigurationData
- *
- */
-NSS_IMPLEMENT NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->configurationData;
-}
-
-/*
- * nssCKFWInstance_GetInitArgs
- *
- */
-CK_C_INITIALIZE_ARGS_PTR
-nssCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_C_INITIALIZE_ARGS_PTR)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->pInitArgs;
-}
-
-/*
- * nssCKFWInstance_CreateSessionHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
- CK_SESSION_HANDLE hSession;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != *pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- hSession = ++(fwInstance->lastSessionHandle);
-
- /* Alan would say I should unlock for this call. */
-
- *pError = nssCKFWSession_SetHandle(fwSession, hSession);
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwInstance->sessionHandleHash,
- (const void *)hSession, (const void *)fwSession);
- if( CKR_OK != *pError ) {
- hSession = (CK_SESSION_HANDLE)0;
- goto done;
- }
-
- done:
- nssCKFWMutex_Unlock(fwInstance->mutex);
- return hSession;
-}
-
-/*
- * nssCKFWInstance_ResolveSessionHandle
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- NSSCKFWSession *fwSession;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKFWSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return (NSSCKFWSession *)NULL;
- }
-
- fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
- fwInstance->sessionHandleHash, (const void *)hSession);
-
- /* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-
- return fwSession;
-}
-
-/*
- * nssCKFWInstance_DestroySessionHandle
- *
- */
-NSS_IMPLEMENT void
-nssCKFWInstance_DestroySessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- NSSCKFWSession *fwSession;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return;
- }
-
- fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
- fwInstance->sessionHandleHash, (const void *)hSession);
-
- nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
- nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-
- return;
-}
-
-/*
- * nssCKFWInstance_FindSessionHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (CK_SESSION_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWSession_GetHandle(fwSession);
- /* look it up and assert? */
-}
-
-/*
- * nssCKFWInstance_CreateObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
- CK_OBJECT_HANDLE hObject;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != *pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- hObject = ++(fwInstance->lastObjectHandle);
-
- *pError = nssCKFWObject_SetHandle(fwObject, hObject);
- if( CKR_OK != *pError ) {
- hObject = (CK_OBJECT_HANDLE)0;
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwInstance->objectHandleHash,
- (const void *)hObject, (const void *)fwObject);
- if( CKR_OK != *pError ) {
- hObject = (CK_OBJECT_HANDLE)0;
- goto done;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return hObject;
-}
-
-/*
- * nssCKFWInstance_ResolveObjectHandle
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-)
-{
- NSSCKFWObject *fwObject;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
-
- /* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return fwObject;
-}
-
-/*
- * nssCKFWInstance_ReassignObjectHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject,
- NSSCKFWObject *fwObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWObject *oldObject;
-
-#ifdef NSSDEBUG
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
- /* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
- (void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
- nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
-
- error = nssCKFWObject_SetHandle(fwObject, hObject);
- if( CKR_OK != error ) {
- goto done;
- }
- error = nssCKFWHash_Add(fwInstance->objectHandleHash,
- (const void *)hObject, (const void *)fwObject);
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
-}
-
-/*
- * nssCKFWInstance_DestroyObjectHandle
- *
- */
-NSS_IMPLEMENT void
-nssCKFWInstance_DestroyObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-)
-{
- NSSCKFWObject *fwObject;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return;
- }
-
- fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
- /* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
- nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
- (void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return;
-}
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (CK_OBJECT_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWObject_GetHandle(fwObject);
-}
-
-/*
- * nssCKFWInstance_GetNSlots
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetNSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- *pError = CKR_OK;
- return fwInstance->nSlots;
-}
-
-/*
- * nssCKFWInstance_GetCryptokiVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
- NSSCKFWInstance *fwInstance
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwInstance->cryptokiVersion.major) ||
- (0 != fwInstance->cryptokiVersion.minor) ) {
- rv = fwInstance->cryptokiVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetCryptokiVersion ) {
- fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
- fwInstance->mdInstance, fwInstance);
- } else {
- fwInstance->cryptokiVersion.major = 2;
- fwInstance->cryptokiVersion.minor = 1;
- }
-
- rv = fwInstance->cryptokiVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return rv;
-}
-
-/*
- * nssCKFWInstance_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetManufacturerID
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR manufacturerID[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwInstance->manufacturerID ) {
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetManufacturerID ) {
- fwInstance->manufacturerID = fwInstance->mdInstance->GetManufacturerID(
- fwInstance->mdInstance, fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwInstance->manufacturerID) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwInstance->manufacturerID = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
-}
-
-/*
- * nssCKFWInstance_GetFlags
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetFlags
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- /* No "instance flags" are yet defined by Cryptoki. */
- return (CK_ULONG)0;
-}
-
-/*
- * nssCKFWInstance_GetLibraryDescription
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR libraryDescription[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == libraryDescription ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwInstance->libraryDescription ) {
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetLibraryDescription ) {
- fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
- fwInstance->mdInstance, fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwInstance->libraryDescription) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwInstance->libraryDescription = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
-}
-
-/*
- * nssCKFWInstance_GetLibraryVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
- NSSCKFWInstance *fwInstance
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwInstance->libraryVersion.major) ||
- (0 != fwInstance->libraryVersion.minor) ) {
- rv = fwInstance->libraryVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetLibraryVersion ) {
- fwInstance->libraryVersion = fwInstance->mdInstance->GetLibraryVersion(
- fwInstance->mdInstance, fwInstance);
- } else {
- fwInstance->libraryVersion.major = 0;
- fwInstance->libraryVersion.minor = 3;
- }
-
- rv = fwInstance->libraryVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return rv;
-}
-
-/*
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->moduleHandlesSessionObjects;
-}
-
-/*
- * nssCKFWInstance_GetSlots
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSlot **)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot **)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->fwSlotList;
-}
-
-/*
- * nssCKFWInstance_WaitForSlotEvent
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
-)
-{
- NSSCKFWSlot *fwSlot = (NSSCKFWSlot *)NULL;
- NSSCKMDSlot *mdSlot;
- CK_ULONG i, n;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- switch( block ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwInstance->mdInstance->WaitForSlotEvent ) {
- *pError = CKR_NO_EVENT;
- return (NSSCKFWSlot *)NULL;
- }
-
- mdSlot = fwInstance->mdInstance->WaitForSlotEvent(
- fwInstance->mdInstance,
- fwInstance,
- block,
- pError
- );
-
- if( (NSSCKMDSlot *)NULL == mdSlot ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- n = nssCKFWInstance_GetNSlots(fwInstance, pError);
- if( ((CK_ULONG)0 == n) && (CKR_OK != *pError) ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- for( i = 0; i < n; i++ ) {
- if( fwInstance->mdSlotList[i] == mdSlot ) {
- fwSlot = fwInstance->fwSlotList[i];
- break;
- }
- }
-
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- /* Internal error */
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWSlot *)NULL;
- }
-
- return fwSlot;
-}
-
-/*
- * NSSCKFWInstance_GetMDInstance
- *
- */
-NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetMDInstance(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-NSSCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetArena(fwInstance, pError);
-}
-
-/*
- * NSSCKFWInstance_MayCreatePthreads
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_MayCreatePthreads(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_CreateMutex
- *
- */
-NSS_IMPLEMENT NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
-}
-
-/*
- * NSSCKFWInstance_GetConfigurationData
- *
- */
-NSS_IMPLEMENT NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetConfigurationData(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_GetInitArgs
- *
- */
-NSS_IMPLEMENT CK_C_INITIALIZE_ARGS_PTR
-NSSCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_C_INITIALIZE_ARGS_PTR)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetInitArgs(fwInstance);
-}
-
diff --git a/security/nss/lib/ckfw/manifest.mn b/security/nss/lib/ckfw/manifest.mn
deleted file mode 100644
index fb84a733b..000000000
--- a/security/nss/lib/ckfw/manifest.mn
+++ /dev/null
@@ -1,79 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-DIRS = builtins
-
-PRIVATE_EXPORTS = \
- ck.h \
- ckfw.h \
- ckfwm.h \
- ckfwtm.h \
- ckmd.h \
- ckt.h \
- $(NULL)
-
-EXPORTS = \
- nssck.api \
- nssckepv.h \
- nssckft.h \
- nssckfw.h \
- nssckfwc.h \
- nssckfwt.h \
- nssckg.h \
- nssckmdt.h \
- nssckt.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- find.c \
- hash.c \
- instance.c \
- mutex.c \
- nsprstub.c \
- object.c \
- session.c \
- sessobj.c \
- slot.c \
- token.c \
- wrap.c \
- mechanism.c \
- $(NULL)
-
-REQUIRES = nspr
-
-LIBRARY_NAME = nssckfw
diff --git a/security/nss/lib/ckfw/mechanism.c b/security/nss/lib/ckfw/mechanism.c
deleted file mode 100644
index 634c5ae8b..000000000
--- a/security/nss/lib/ckfw/mechanism.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * mechanism.c
- *
- * This file implements the NSSCKFWMechanism type and methods.
- * These functions are currently stubs.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWMechanism
- *
- * -- create/destroy --
- * nssCKFWMechanism_Create
- * nssCKFWMechanism_Destroy
- *
- * -- implement public accessors --
- * nssCKFWMechanism_GetMDMechanism
- * nssCKFWMechanism_GetParameter
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWMechanism_GetMinKeySize
- * nssCKFWMechanism_GetMaxKeySize
- * nssCKFWMechanism_GetInHardware
- */
-
-
-struct NSSCKFWMechanismStr {
- void * dummy;
-};
-
-/*
- * nssCKFWMechanism_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
- void /* XXX fgmr */
-)
-{
- return (NSSCKFWMechanism *)NULL;
-}
-
-/*
- * nssCKFWMechanism_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWMechanism_Destroy
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return CKR_OK;
-}
-
-/*
- * nssCKFWMechanism_GetMDMechanism
- *
- */
-
-NSS_IMPLEMENT NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return NULL;
-}
-
-/*
- * nssCKFWMechanism_GetParameter
- *
- * XXX fgmr-- or as an additional parameter to the crypto ops?
- */
-NSS_IMPLEMENT NSSItem *
-nssCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return NULL;
-}
-
-/*
- * nssCKFWMechanism_GetMinKeySize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return 0;
-}
-
-/*
- * nssCKFWMechanism_GetMaxKeySize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return 0;
-}
-
-/*
- * nssCKFWMechanism_GetInHardware
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return PR_FALSE;
-}
-
diff --git a/security/nss/lib/ckfw/mutex.c b/security/nss/lib/ckfw/mutex.c
deleted file mode 100644
index 789616683..000000000
--- a/security/nss/lib/ckfw/mutex.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * mutex.c
- *
- * This file implements a mutual-exclusion locking facility for Modules
- * using the NSS Cryptoki Framework.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWMutex
- *
- * NSSCKFWMutex_Destroy
- * NSSCKFWMutex_Lock
- * NSSCKFWMutex_Unlock
- *
- * nssCKFWMutex_Create
- * nssCKFWMutex_Destroy
- * nssCKFWMutex_Lock
- * nssCKFWMutex_Unlock
- *
- * -- debugging versions only --
- * nssCKFWMutex_verifyPointer
- *
- */
-
-struct NSSCKFWMutexStr {
- CK_VOID_PTR etc;
-
- CK_DESTROYMUTEX Destroy;
- CK_LOCKMUTEX Lock;
- CK_UNLOCKMUTEX Unlock;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-mutex_add_pointer
-(
- const NSSCKFWMutex *fwMutex
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-mutex_remove_pointer
-(
- const NSSCKFWMutex *fwMutex
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWMutex_verifyPointer
-(
- const NSSCKFWMutex *fwMutex
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-static CK_RV
-mutex_noop
-(
- CK_VOID_PTR pMutex
-)
-{
- return CKR_OK;
-}
-
-/*
- * nssCKFWMutex_Create
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- NSSCKFWMutex *mutex;
- CK_ULONG count = (CK_ULONG)0;
- CK_BBOOL os_ok = CK_FALSE;
-
- if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
- if( (CK_CREATEMUTEX )NULL != pInitArgs->CreateMutex ) count++;
- if( (CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex ) count++;
- if( (CK_LOCKMUTEX )NULL != pInitArgs->LockMutex ) count++;
- if( (CK_UNLOCKMUTEX )NULL != pInitArgs->UnlockMutex ) count++;
- os_ok = (pInitArgs->flags & CKF_OS_LOCKING_OK) ? CK_TRUE : CK_FALSE;
-
- if( (0 != count) && (4 != count) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWMutex *)NULL;
- }
- }
-
- if( (0 == count) && (CK_TRUE == os_ok) ) {
- /*
- * This is case #2 in the description of C_Initialize:
- * The library will be called in a multithreaded way, but
- * no routines were specified: os locking calls should be
- * used. Unfortunately, this can be hard.. like, I think
- * I may have to dynamically look up the entry points in
- * the instance of NSPR already going in the application.
- *
- * I know that *we* always specify routines, so this only
- * comes up if someone is using NSS to create their own
- * PCKS#11 modules for other products. Oh, heck, I'll
- * worry about this then.
- */
- *pError = CKR_CANT_LOCK;
- return (NSSCKFWMutex *)NULL;
- }
-
- mutex = nss_ZNEW(arena, NSSCKFWMutex);
- if( (NSSCKFWMutex *)NULL == mutex ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWMutex *)NULL;
- }
-
- if( 0 == count ) {
- /*
- * With the above test out of the way, we know this is case
- * #1 in the description of C_Initialize: this library will
- * not be called in a multithreaded way. I'll just return
- * an object with noop calls.
- */
-
- mutex->Destroy = (CK_DESTROYMUTEX)mutex_noop;
- mutex->Lock = (CK_LOCKMUTEX )mutex_noop;
- mutex->Unlock = (CK_UNLOCKMUTEX )mutex_noop;
- } else {
- /*
- * We know that we're in either case #3 or #4 in the description
- * of C_Initialize. Case #3 says we should use the specified
- * functions, case #4 cays we can use either the specified ones
- * or the OS ones. I'll use the specified ones.
- */
-
- mutex->Destroy = pInitArgs->DestroyMutex;
- mutex->Lock = pInitArgs->LockMutex;
- mutex->Unlock = pInitArgs->UnlockMutex;
-
- *pError = pInitArgs->CreateMutex(&mutex->etc);
- if( CKR_OK != *pError ) {
- (void)nss_ZFreeIf(mutex);
- return (NSSCKFWMutex *)NULL;
- }
- }
-
-#ifdef DEBUG
- *pError = mutex_add_pointer(mutex);
- if( CKR_OK != *pError ) {
- (void)nss_ZFreeIf(mutex);
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* DEBUG */
-
- return mutex;
-}
-
-/*
- * nssCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-)
-{
- CK_RV rv = CKR_OK;
-
-#ifdef NSSDEBUG
- rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* NSSDEBUG */
-
- rv = mutex->Destroy(mutex->etc);
-
-#ifdef DEBUG
- (void)mutex_remove_pointer(mutex);
-#endif /* DEBUG */
-
- (void)nss_ZFreeIf(mutex);
- return rv;
-}
-
-/*
- * nssCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef NSSDEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* NSSDEBUG */
-
- return mutex->Lock(mutex->etc);
-}
-
-/*
- * nssCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef NSSDEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* NSSDEBUG */
-
- return mutex->Unlock(mutex->etc);
-}
-
-/*
- * NSSCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* DEBUG */
-
- return nssCKFWMutex_Destroy(mutex);
-}
-
-/*
- * NSSCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* DEBUG */
-
- return nssCKFWMutex_Lock(mutex);
-}
-
-/*
- * NSSCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* DEBUG */
-
- return nssCKFWMutex_Unlock(mutex);
-}
diff --git a/security/nss/lib/ckfw/nsprstub.c b/security/nss/lib/ckfw/nsprstub.c
deleted file mode 100644
index 0801023d4..000000000
--- a/security/nss/lib/ckfw/nsprstub.c
+++ /dev/null
@@ -1,456 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces. These stubs are to allow the
- * SW FORTEZZA to link with some low level security functions without dragging
- * in NSPR.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "prbit.h"
-#include "ck.h"
-
-#ifdef notdef
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.
- * Is this the appropriate location? or should they be
- * moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)malloc(bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
- void *rv;
-
- rv = (void *)realloc(oldptr, bytes);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)calloc(1, bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
- if (ptr) {
- free(ptr);
- }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
- if (ptr) {
- memset(ptr, 0, len);
- free(ptr);
- }
-}
-
-/********************* Arena code follows *****************************/
-
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
- PLArenaPool *arena;
-
- arena = (PLArenaPool*)PORT_ZAlloc(sizeof(PLArenaPool));
- if ( arena != NULL ) {
- PR_InitArenaPool(arena, "security", chunksize, sizeof(double));
- }
- return(arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- }
-
- return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- } else {
- PORT_Memset(p, 0, size);
- }
-
- return(p);
-}
-
-/* need to zeroize!! */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
- PR_FinishArenaPool(arena);
- PORT_Free(arena);
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
- PORT_Assert(newsize >= oldsize);
-
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-
- return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
- void * result;
-
- result = PL_ARENA_MARK(arena);
- return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
- PL_ARENA_RELEASE(arena, mark);
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
- /* do nothing */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena,const char *str) {
- int len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char*)PORT_ArenaAlloc(arena,len);
- if (newstr) {
- PORT_Memcpy(newstr,str,len);
- }
- return newstr;
-}
-#endif
-
-/*
- * replace the nice thread-safe Error stack code with something
- * that will work without all the NSPR features.
- */
-static PRInt32 stack[2] = {0, 0};
-
-PR_IMPLEMENT(void)
-nss_SetError(PRUint32 value)
-{
- stack[0] = value;
- return;
-}
-
-PR_IMPLEMENT(PRInt32)
-NSS_GetError(void)
-{
- return(stack[0]);
-}
-
-
-PR_IMPLEMENT(PRInt32 *)
-NSS_GetErrorStack(void)
-{
- return(&stack[0]);
-}
-
-PR_IMPLEMENT(void)
-nss_ClearErrorStack(void)
-{
- stack[0] = 0;
- return;
-}
-
-#ifdef DEBUG
-/*
- * replace the pointer tracking stuff for the same reasons.
- * If you want to turn pointer tracking on, simply ifdef out this code and
- * link with real NSPR.
- */
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_initialize(nssPointerTracker *tracker)
-{
- return PR_SUCCESS;
-}
-
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_finalize(nssPointerTracker *tracker)
-{
- return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_add(nssPointerTracker *tracker, const void *pointer)
-{
- return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_remove(nssPointerTracker *tracker, const void *pointer)
-{
- return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_verify(nssPointerTracker *tracker, const void *pointer)
-{
- return PR_SUCCESS;
-}
-#endif
-
-/*
- * Do not use NSPR stubs for MinGW because they can't resolve references
- * to the _imp__PR_XXX symbols. This is merely an expedient hack and not
- * the right solution.
- */
-#if !(defined(WIN32) && defined(__GNUC__))
-PR_IMPLEMENT(PRThread *)
-PR_GetCurrentThread(void)
-{
- return (PRThread *)1;
-}
-
-
-
-PR_IMPLEMENT(void)
-PR_Assert(const char *expr, const char *file, int line) {
- return;
-}
-
-PR_IMPLEMENT(void *)
-PR_Alloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Malloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Calloc(PRUint32 blocks, PRUint32 bytes) { return calloc(blocks,bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Realloc(void * blocks, PRUint32 bytes) { return realloc(blocks,bytes); }
-
-PR_IMPLEMENT(void)
-PR_Free(void *ptr) { free(ptr); }
-
-#ifdef notdef
-/* Old template; want to expunge it eventually. */
-#include "secasn1.h"
-#include "secoid.h"
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-PR_IMPLEMENT(PRStatus) PR_Sleep(PRIntervalTime ticks) { return PR_SUCCESS; }
-
-/* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicDecrement(PRInt32 *val) { return --(*val); }
-
-PR_IMPLEMENT(PRInt32) PR_AtomicSet(PRInt32 *val) { return ++(*val); }
-
-#endif
-
-/* now make the RNG happy */ /* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); }
-#endif /* ! (WIN32 && GCC) */
-
-CK_C_INITIALIZE_ARGS_PTR nssstub_initArgs = NULL;
-NSSArena *nssstub_arena = NULL;
-PR_IMPLEMENT(void)
-nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs)
-{
- if (nssstub_initArgs == NULL) {
- nssstub_initArgs = pInitArgs;
- /* nssstub_arena = NSSArena_Create(); */
- }
-}
-
-/*
- * Do not use NSPR stubs for MinGW because they can't resolve references
- * to the _imp__PR_XXX symbols. This is merely an expedient hack and not
- * the right solution.
- */
-#if !(defined(WIN32) && defined(__GNUC__))
-#include "prlock.h"
-PR_IMPLEMENT(PRLock *)
-PR_NewLock(void) {
- PRLock *lock = NULL;
- NSSCKFWMutex *mlock = NULL;
- CK_RV error;
-
- mlock = nssCKFWMutex_Create(nssstub_initArgs,nssstub_arena,&error);
- lock = (PRLock *)mlock;
-
- /* if we don't have a lock, nssCKFWMutex can deal with things */
- if (lock == NULL) lock=(PRLock *) 1;
- return lock;
-}
-
-PR_IMPLEMENT(void)
-PR_DestroyLock(PRLock *lock) {
- NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
- if (lock == (PRLock *)1) return;
- nssCKFWMutex_Destroy(mlock);
-}
-
-PR_IMPLEMENT(void)
-PR_Lock(PRLock *lock) {
- NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
- if (lock == (PRLock *)1) return;
- nssCKFWMutex_Lock(mlock);
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_Unlock(PRLock *lock) {
- NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
- if (lock == (PRLock *)1) return PR_SUCCESS;
- nssCKFWMutex_Unlock(mlock);
- return PR_SUCCESS;
-}
-
-#ifdef notdef
-#endif
-/* this implementation is here to satisfy the PRMonitor use in plarena.c.
-** It appears that it doesn't need re-entrant locks. It could have used
-** PRLock instead of PRMonitor. So, this implementation just uses
-** PRLock for a PRMonitor.
-*/
-PR_IMPLEMENT(PRMonitor*)
-PR_NewMonitor(void)
-{
- return (PRMonitor *) PR_NewLock();
-}
-
-
-PR_IMPLEMENT(void)
-PR_EnterMonitor(PRMonitor *mon)
-{
- PR_Lock( (PRLock *)mon );
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_ExitMonitor(PRMonitor *mon)
-{
- return PR_Unlock( (PRLock *)mon );
-}
-
-#include "prinit.h"
-
-/* This is NOT threadsafe. It is merely a pseudo-functional stub.
-*/
-PR_IMPLEMENT(PRStatus) PR_CallOnce(
- PRCallOnceType *once,
- PRCallOnceFN func)
-{
- /* This is not really atomic! */
- if (1 == PR_AtomicIncrement(&once->initialized)) {
- once->status = (*func)();
- } else {
- /* Should wait to be sure that func has finished before returning. */
- }
- return once->status;
-}
-
-/*
-** Compute the log of the least power of 2 greater than or equal to n
-*/
-PRIntn PR_CeilingLog2(PRUint32 i) {
- PRIntn log2;
- PR_CEILING_LOG2(log2,i);
- return log2;
-}
-#endif /* ! (WIN32 && GCC) */
-
-/********************** end of arena functions ***********************/
-
diff --git a/security/nss/lib/ckfw/nssck.api b/security/nss/lib/ckfw/nssck.api
deleted file mode 100644
index 4cbe5e8cc..000000000
--- a/security/nss/lib/ckfw/nssck.api
+++ /dev/null
@@ -1,1891 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char NSSCKAPI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssck.api
- *
- * This automatically-generated file is used to generate a set of
- * Cryptoki entry points within the object space of a Module using
- * the NSS Cryptoki Framework.
- *
- * The Module should have a .c file with the following:
- *
- * #define MODULE_NAME name
- * #define INSTANCE_NAME instance
- * #include "nssck.api"
- *
- * where "name" is some module-specific name that can be used to
- * disambiguate various modules. This included file will then
- * define the actual Cryptoki routines which pass through to the
- * Framework calls. All routines, except C_GetFunctionList, will
- * be prefixed with the name; C_GetFunctionList will be generated
- * to return an entry-point vector with these routines. The
- * instance specified should be the basic instance of NSSCKMDInstance.
- *
- * If, prior to including nssck.api, the .c file also specifies
- *
- * #define DECLARE_STRICT_CRYTPOKI_NAMES
- *
- * Then a set of "stub" routines not prefixed with the name will
- * be included. This would allow the combined module and framework
- * to be used in applications which are hard-coded to use the
- * PKCS#11 names (instead of going through the EPV). Please note
- * that such applications should be careful resolving symbols when
- * more than one PKCS#11 module is loaded.
- */
-
-#ifndef MODULE_NAME
-#error "Error: MODULE_NAME must be defined."
-#endif /* MODULE_NAME */
-
-#ifndef INSTANCE_NAME
-#error "Error: INSTANCE_NAME must be defined."
-#endif /* INSTANCE_NAME */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#define ADJOIN(x,y) x##y
-
-#define __ADJOIN(x,y) ADJOIN(x,y)
-
-/*
- * The anchor. This object is used to store an "anchor" pointer in
- * the Module's object space, so the wrapper functions can relate
- * back to this instance.
- */
-
-static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Initialize)
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Initialize
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Finalize)
-(
- CK_VOID_PTR pReserved
-)
-{
- return NSSCKFWC_Finalize(&fwInstance);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Finalize
-(
- CK_VOID_PTR pReserved
-)
-{
- return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetInfo)
-(
- CK_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetInfo(fwInstance, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetInfo
-(
- CK_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-/*
- * C_GetFunctionList is defined at the end.
- */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSlotList)
-(
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- return NSSCKFWC_GetSlotList(fwInstance, tokenPresent, pSlotList, pulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSlotList
-(
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetSlotList)(tokenPresent, pSlotList, pulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSlotInfo)
-(
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetSlotInfo(fwInstance, slotID, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSlotInfo
-(
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetSlotInfo)(slotID, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetTokenInfo)
-(
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetTokenInfo(fwInstance, slotID, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetTokenInfo
-(
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetTokenInfo)(slotID, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetMechanismList)
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- return NSSCKFWC_GetMechanismList(fwInstance, slotID, pMechanismList, pulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetMechanismList
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetMechanismList)(slotID, pMechanismList, pulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetMechanismInfo)
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetMechanismInfo(fwInstance, slotID, type, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetMechanismInfo
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetMechanismInfo)(slotID, type, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_InitToken)
-(
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- return NSSCKFWC_InitToken(fwInstance, slotID, pPin, ulPinLen, pLabel);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_InitToken
-(
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- return __ADJOIN(MODULE_NAME,C_InitToken)(slotID, pPin, ulPinLen, pLabel);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_InitPIN)
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return NSSCKFWC_InitPIN(fwInstance, hSession, pPin, ulPinLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_InitPIN
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_InitPIN)(hSession, pPin, ulPinLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetPIN)
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- return NSSCKFWC_SetPIN(fwInstance, hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetPIN
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SetPIN)(hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_OpenSession)
-(
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- return NSSCKFWC_OpenSession(fwInstance, slotID, flags, pApplication, Notify, phSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_OpenSession
-(
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_OpenSession)(slotID, flags, pApplication, Notify, phSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CloseSession)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_CloseSession(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CloseSession
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_CloseSession)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CloseAllSessions)
-(
- CK_SLOT_ID slotID
-)
-{
- return NSSCKFWC_CloseAllSessions(fwInstance, slotID);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CloseAllSessions
-(
- CK_SLOT_ID slotID
-)
-{
- return __ADJOIN(MODULE_NAME,C_CloseAllSessions)(slotID);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSessionInfo)
-(
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetSessionInfo(fwInstance, hSession, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSessionInfo
-(
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetSessionInfo)(hSession, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetOperationState)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- return NSSCKFWC_GetOperationState(fwInstance, hSession, pOperationState, pulOperationStateLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetOperationState
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetOperationState)(hSession, pOperationState, pulOperationStateLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetOperationState)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- return NSSCKFWC_SetOperationState(fwInstance, hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetOperationState
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_SetOperationState)(hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Login)
-(
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return NSSCKFWC_Login(fwInstance, hSession, userType, pPin, ulPinLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Login
-(
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Login)(hSession, userType, pPin, ulPinLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Logout)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_Logout(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Logout
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_Logout)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CreateObject)
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- return NSSCKFWC_CreateObject(fwInstance, hSession, pTemplate, ulCount, phObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CreateObject
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- return __ADJOIN(MODULE_NAME,C_CreateObject)(hSession, pTemplate, ulCount, phObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CopyObject)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- return NSSCKFWC_CopyObject(fwInstance, hSession, hObject, pTemplate, ulCount, phNewObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CopyObject
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- return __ADJOIN(MODULE_NAME,C_CopyObject)(hSession, hObject, pTemplate, ulCount, phNewObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DestroyObject)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- return NSSCKFWC_DestroyObject(fwInstance, hSession, hObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DestroyObject
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- return __ADJOIN(MODULE_NAME,C_DestroyObject)(hSession, hObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetObjectSize)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- return NSSCKFWC_GetObjectSize(fwInstance, hSession, hObject, pulSize);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetObjectSize
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetObjectSize)(hSession, hObject, pulSize);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetAttributeValue)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return NSSCKFWC_GetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetAttributeValue
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetAttributeValue)(hSession, hObject, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetAttributeValue)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return NSSCKFWC_SetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetAttributeValue
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_SetAttributeValue)(hSession, hObject, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjectsInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return NSSCKFWC_FindObjectsInit(fwInstance, hSession, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjectsInit
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_FindObjectsInit)(hSession, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjects)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- return NSSCKFWC_FindObjects(fwInstance, hSession, phObject, ulMaxObjectCount, pulObjectCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjects
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_FindObjects)(hSession, phObject, ulMaxObjectCount, pulObjectCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjectsFinal)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_FindObjectsFinal(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjectsFinal
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_FindObjectsFinal)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_EncryptInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_EncryptInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Encrypt)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- return NSSCKFWC_Encrypt(fwInstance, hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Encrypt
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Encrypt)(hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return NSSCKFWC_EncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_EncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- return NSSCKFWC_EncryptFinal(fwInstance, hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_EncryptFinal)(hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_DecryptInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Decrypt)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return NSSCKFWC_Decrypt(fwInstance, hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Decrypt
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Decrypt)(hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return NSSCKFWC_DecryptUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- return NSSCKFWC_DecryptFinal(fwInstance, hSession, pLastPart, pulLastPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptFinal)(hSession, pLastPart, pulLastPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- return NSSCKFWC_DigestInit(fwInstance, hSession, pMechanism);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestInit)(hSession, pMechanism);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Digest)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return NSSCKFWC_Digest(fwInstance, hSession, pData, ulDataLen, pDigest, pulDigestLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Digest
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Digest)(hSession, pData, ulDataLen, pDigest, pulDigestLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return NSSCKFWC_DigestUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_DigestKey(fwInstance, hSession, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestKey
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestKey)(hSession, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return NSSCKFWC_DigestFinal(fwInstance, hSession, pDigest, pulDigestLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestFinal)(hSession, pDigest, pulDigestLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_SignInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Sign)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return NSSCKFWC_Sign(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Sign
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Sign)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return NSSCKFWC_SignUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return NSSCKFWC_SignFinal(fwInstance, hSession, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignFinal)(hSession, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignRecoverInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_SignRecoverInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignRecoverInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignRecoverInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignRecover)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return NSSCKFWC_SignRecover(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignRecover
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignRecover)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_VerifyInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Verify)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return NSSCKFWC_Verify(fwInstance, hSession, pData, ulDataLen, pSignature, ulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Verify
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Verify)(hSession, pData, ulDataLen, pSignature, ulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return NSSCKFWC_VerifyUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return NSSCKFWC_VerifyFinal(fwInstance, hSession, pSignature, ulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyFinal)(hSession, pSignature, ulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyRecoverInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_VerifyRecoverInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyRecoverInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyRecoverInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyRecover)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return NSSCKFWC_VerifyRecover(fwInstance, hSession, pSignature, ulSignatureLen, pData, pulDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyRecover
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyRecover)(hSession, pSignature, ulSignatureLen, pData, pulDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return NSSCKFWC_DigestEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestEncryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return NSSCKFWC_DecryptDigestUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptDigestUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignEncryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return NSSCKFWC_SignEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignEncryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return NSSCKFWC_DecryptVerifyUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptVerifyUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return NSSCKFWC_GenerateKey(fwInstance, hSession, pMechanism, pTemplate, ulCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_GenerateKey)(hSession, pMechanism, pTemplate, ulCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateKeyPair)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- return NSSCKFWC_GenerateKeyPair(fwInstance, hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateKeyPair
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_GenerateKeyPair)(hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_WrapKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- return NSSCKFWC_WrapKey(fwInstance, hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_WrapKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_WrapKey)(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_UnwrapKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return NSSCKFWC_UnwrapKey(fwInstance, hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_UnwrapKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_UnwrapKey)(hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DeriveKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return NSSCKFWC_DeriveKey(fwInstance, hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DeriveKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_DeriveKey)(hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SeedRandom)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- return NSSCKFWC_SeedRandom(fwInstance, hSession, pSeed, ulSeedLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SeedRandom
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SeedRandom)(hSession, pSeed, ulSeedLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateRandom)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR RandomData,
- CK_ULONG ulRandomLen
-)
-{
- return NSSCKFWC_GenerateRandom(fwInstance, hSession, RandomData, ulRandomLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateRandom
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR RandomData,
- CK_ULONG ulRandomLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_GenerateRandom)(hSession, RandomData, ulRandomLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionStatus)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_GetFunctionStatus(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetFunctionStatus
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetFunctionStatus)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CancelFunction)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_CancelFunction(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CancelFunction
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_CancelFunction)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
-(
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved
-)
-{
- return NSSCKFWC_WaitForSlotEvent(fwInstance, flags, pSlot, pRserved);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_WaitForSlotEvent
-(
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved
-)
-{
- return __ADJOIN(MODULE_NAME,C_WaitForSlotEvent)(flags, pSlot, pRserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-);
-
-static CK_FUNCTION_LIST FunctionList = {
- { 2, 1 },
-__ADJOIN(MODULE_NAME,C_Initialize),
-__ADJOIN(MODULE_NAME,C_Finalize),
-__ADJOIN(MODULE_NAME,C_GetInfo),
-__ADJOIN(MODULE_NAME,C_GetFunctionList),
-__ADJOIN(MODULE_NAME,C_GetSlotList),
-__ADJOIN(MODULE_NAME,C_GetSlotInfo),
-__ADJOIN(MODULE_NAME,C_GetTokenInfo),
-__ADJOIN(MODULE_NAME,C_GetMechanismList),
-__ADJOIN(MODULE_NAME,C_GetMechanismInfo),
-__ADJOIN(MODULE_NAME,C_InitToken),
-__ADJOIN(MODULE_NAME,C_InitPIN),
-__ADJOIN(MODULE_NAME,C_SetPIN),
-__ADJOIN(MODULE_NAME,C_OpenSession),
-__ADJOIN(MODULE_NAME,C_CloseSession),
-__ADJOIN(MODULE_NAME,C_CloseAllSessions),
-__ADJOIN(MODULE_NAME,C_GetSessionInfo),
-__ADJOIN(MODULE_NAME,C_GetOperationState),
-__ADJOIN(MODULE_NAME,C_SetOperationState),
-__ADJOIN(MODULE_NAME,C_Login),
-__ADJOIN(MODULE_NAME,C_Logout),
-__ADJOIN(MODULE_NAME,C_CreateObject),
-__ADJOIN(MODULE_NAME,C_CopyObject),
-__ADJOIN(MODULE_NAME,C_DestroyObject),
-__ADJOIN(MODULE_NAME,C_GetObjectSize),
-__ADJOIN(MODULE_NAME,C_GetAttributeValue),
-__ADJOIN(MODULE_NAME,C_SetAttributeValue),
-__ADJOIN(MODULE_NAME,C_FindObjectsInit),
-__ADJOIN(MODULE_NAME,C_FindObjects),
-__ADJOIN(MODULE_NAME,C_FindObjectsFinal),
-__ADJOIN(MODULE_NAME,C_EncryptInit),
-__ADJOIN(MODULE_NAME,C_Encrypt),
-__ADJOIN(MODULE_NAME,C_EncryptUpdate),
-__ADJOIN(MODULE_NAME,C_EncryptFinal),
-__ADJOIN(MODULE_NAME,C_DecryptInit),
-__ADJOIN(MODULE_NAME,C_Decrypt),
-__ADJOIN(MODULE_NAME,C_DecryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptFinal),
-__ADJOIN(MODULE_NAME,C_DigestInit),
-__ADJOIN(MODULE_NAME,C_Digest),
-__ADJOIN(MODULE_NAME,C_DigestUpdate),
-__ADJOIN(MODULE_NAME,C_DigestKey),
-__ADJOIN(MODULE_NAME,C_DigestFinal),
-__ADJOIN(MODULE_NAME,C_SignInit),
-__ADJOIN(MODULE_NAME,C_Sign),
-__ADJOIN(MODULE_NAME,C_SignUpdate),
-__ADJOIN(MODULE_NAME,C_SignFinal),
-__ADJOIN(MODULE_NAME,C_SignRecoverInit),
-__ADJOIN(MODULE_NAME,C_SignRecover),
-__ADJOIN(MODULE_NAME,C_VerifyInit),
-__ADJOIN(MODULE_NAME,C_Verify),
-__ADJOIN(MODULE_NAME,C_VerifyUpdate),
-__ADJOIN(MODULE_NAME,C_VerifyFinal),
-__ADJOIN(MODULE_NAME,C_VerifyRecoverInit),
-__ADJOIN(MODULE_NAME,C_VerifyRecover),
-__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate),
-__ADJOIN(MODULE_NAME,C_SignEncryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate),
-__ADJOIN(MODULE_NAME,C_GenerateKey),
-__ADJOIN(MODULE_NAME,C_GenerateKeyPair),
-__ADJOIN(MODULE_NAME,C_WrapKey),
-__ADJOIN(MODULE_NAME,C_UnwrapKey),
-__ADJOIN(MODULE_NAME,C_DeriveKey),
-__ADJOIN(MODULE_NAME,C_SeedRandom),
-__ADJOIN(MODULE_NAME,C_GenerateRandom),
-__ADJOIN(MODULE_NAME,C_GetFunctionStatus),
-__ADJOIN(MODULE_NAME,C_CancelFunction),
-__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
-};
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- *ppFunctionList = &FunctionList;
- return CKR_OK;
-}
-
-/* This one is always present */
-#if defined(WIN32) || defined(XP_OS2_VACPP)
-CK_RV _declspec(dllexport)
-#else
-CK_RV CK_ENTRY
-#endif
-C_GetFunctionList
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
-}
-
-#undef __ADJOIN
-
diff --git a/security/nss/lib/ckfw/nssckepv.h b/security/nss/lib/ckfw/nssckepv.h
deleted file mode 100644
index 351765b70..000000000
--- a/security/nss/lib/ckfw/nssckepv.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef NSSCKEPV_H
-#define NSSCKEPV_H
-
-#include "pkcs11.h"
-
-#endif /* NSSCKEPV_H */
diff --git a/security/nss/lib/ckfw/nssckft.h b/security/nss/lib/ckfw/nssckft.h
deleted file mode 100644
index a258144db..000000000
--- a/security/nss/lib/ckfw/nssckft.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _NSSCKFT_H_
-#define _NSSCKFT_H_ 1
-
-#include "pkcs11t.h"
-
-#endif /* _NSSCKFT_H_ */
diff --git a/security/nss/lib/ckfw/nssckfw.h b/security/nss/lib/ckfw/nssckfw.h
deleted file mode 100644
index 769427ab6..000000000
--- a/security/nss/lib/ckfw/nssckfw.h
+++ /dev/null
@@ -1,510 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFW_H
-#define NSSCKFW_H
-
-#ifdef DEBUG
-static const char NSSCKFW_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfw.h
- *
- * This file prototypes the publicly available calls of the
- * NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-/*
- * NSSCKFWInstance
- *
- * NSSCKFWInstance_GetMDInstance
- * NSSCKFWInstance_GetArena
- * NSSCKFWInstance_MayCreatePthreads
- * NSSCKFWInstance_CreateMutex
- * NSSCKFWInstance_GetConfigurationData
- */
-
-/*
- * NSSCKFWInstance_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWInstance_MayCreatePthreads
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_CreateMutex
- *
- */
-
-NSS_EXTERN NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWInstance_GetConfigurationData
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_GetInitArgs
- *
- */
-
-NSS_EXTERN CK_C_INITIALIZE_ARGS_PTR
-NSSCKFWInstance_GetInitArgs
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWSlot
- *
- * NSSCKFWSlot_GetMDSlot
- * NSSCKFWSlot_GetFWInstance
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-/*
- * NSSCKFWSlot_GetMDSlot
- *
- */
-
-NSS_EXTERN NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWSlot_GetFWInstance
- *
- */
-
-NSS_EXTERN NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWToken
- *
- * NSSCKFWToken_GetMDToken
- * NSSCKFWToken_GetFWSlot
- * NSSCKFWToken_GetMDSlot
- * NSSCKFWToken_GetSessionState
- *
- */
-
-/*
- * NSSCKFWToken_GetMDToken
- *
- */
-
-NSS_EXTERN NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWToken_GetFWSlot
- *
- */
-
-NSS_EXTERN NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetMDSlot
- *
- */
-
-NSS_EXTERN NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetSessionState
- *
- */
-
-NSS_EXTERN CK_STATE
-NSSCKFWSession_GetSessionState
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWMechanism
- *
- * NSSKCFWMechanism_GetMDMechanism
- * NSSCKFWMechanism_GetParameter
- *
- */
-
-/*
- * NSSKCFWMechanism_GetMDMechanism
- *
- */
-
-NSS_EXTERN NSSCKMDMechanism *
-NSSCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWMechanism_GetParameter
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWSession
- *
- * NSSCKFWSession_GetMDSession
- * NSSCKFWSession_GetArena
- * NSSCKFWSession_CallNotification
- * NSSCKFWSession_IsRWSession
- * NSSCKFWSession_IsSO
- *
- */
-
-/*
- * NSSCKFWSession_GetMDSession
- *
- */
-
-NSS_EXTERN NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWSession_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWSession_CallNotification
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-);
-
-/*
- * NSSCKFWSession_IsRWSession
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWSession_IsSO
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWObject
- *
- * NSSCKFWObject_GetMDObject
- * NSSCKFWObject_GetArena
- * NSSCKFWObject_IsTokenObject
- * NSSCKFWObject_GetAttributeCount
- * NSSCKFWObject_GetAttributeTypes
- * NSSCKFWObject_GetAttributeSize
- * NSSCKFWObject_GetAttribute
- * NSSCKFWObject_GetObjectSize
- */
-
-/*
- * NSSCKFWObject_GetMDObject
- *
- */
-NSS_EXTERN NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * NSSCKFWObject_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-NSSCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_IsTokenObject
- *
- */
-NSS_EXTERN CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * NSSCKFWObject_GetAttributeCount
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetAttributeTypes
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWObject_GetAttributeSize
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetAttribute
- *
- */
-NSS_EXTERN NSSItem *
-NSSCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetObjectSize
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWFindObjects
- *
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-/*
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *
-);
-
-/*
- * NSSCKFWMutex
- *
- * NSSCKFWMutex_Destroy
- * NSSCKFWMutex_Lock
- * NSSCKFWMutex_Unlock
- *
- */
-
-/*
- * NSSCKFWMutex_Destroy
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * NSSCKFWMutex_Lock
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * NSSCKFWMutex_Unlock
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-);
-
-#endif /* NSSCKFW_H */
-
diff --git a/security/nss/lib/ckfw/nssckfwc.h b/security/nss/lib/ckfw/nssckfwc.h
deleted file mode 100644
index 02b15ec35..000000000
--- a/security/nss/lib/ckfw/nssckfwc.h
+++ /dev/null
@@ -1,1046 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFWC_H
-#define NSSCKFWC_H
-
-#ifdef DEBUG
-static const char NSSCKFWC_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfwc.h
- *
- * This file prototypes all of the NSS Cryptoki Framework "wrapper"
- * which implement the PKCS#11 API. Technically, these are public
- * routines (with capital "NSS" prefixes), since they are called
- * from (generated) code within a Module using the Framework.
- * However, they should not be called except from those generated
- * calls. Hence, the prototypes have been split out into this file.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-/*
- * NSSCKFWC_Initialize
- * NSSCKFWC_Finalize
- * NSSCKFWC_GetInfo
- * -- NSSCKFWC_GetFunctionList -- see the API insert file
- * NSSCKFWC_GetSlotList
- * NSSCKFWC_GetSlotInfo
- * NSSCKFWC_GetTokenInfo
- * NSSCKFWC_WaitForSlotEvent
- * NSSCKFWC_GetMechanismList
- * NSSCKFWC_GetMechanismInfo
- * NSSCKFWC_InitToken
- * NSSCKFWC_InitPIN
- * NSSCKFWC_SetPIN
- * NSSCKFWC_OpenSession
- * NSSCKFWC_CloseSession
- * NSSCKFWC_CloseAllSessions
- * NSSCKFWC_GetSessionInfo
- * NSSCKFWC_GetOperationState
- * NSSCKFWC_SetOperationState
- * NSSCKFWC_Login
- * NSSCKFWC_Logout
- * NSSCKFWC_CreateObject
- * NSSCKFWC_CopyObject
- * NSSCKFWC_DestroyObject
- * NSSCKFWC_GetObjectSize
- * NSSCKFWC_GetAttributeValue
- * NSSCKFWC_SetAttributeValue
- * NSSCKFWC_FindObjectsInit
- * NSSCKFWC_FindObjects
- * NSSCKFWC_FindObjectsFinal
- * NSSCKFWC_EncryptInit
- * NSSCKFWC_Encrypt
- * NSSCKFWC_EncryptUpdate
- * NSSCKFWC_EncryptFinal
- * NSSCKFWC_DecryptInit
- * NSSCKFWC_Decrypt
- * NSSCKFWC_DecryptUpdate
- * NSSCKFWC_DecryptFinal
- * NSSCKFWC_DigestInit
- * NSSCKFWC_Digest
- * NSSCKFWC_DigestUpdate
- * NSSCKFWC_DigestKey
- * NSSCKFWC_DigestFinal
- * NSSCKFWC_SignInit
- * NSSCKFWC_Sign
- * NSSCKFWC_SignUpdate
- * NSSCKFWC_SignFinal
- * NSSCKFWC_SignRecoverInit
- * NSSCKFWC_SignRecover
- * NSSCKFWC_VerifyInit
- * NSSCKFWC_Verify
- * NSSCKFWC_VerifyUpdate
- * NSSCKFWC_VerifyFinal
- * NSSCKFWC_VerifyRecoverInit
- * NSSCKFWC_VerifyRecover
- * NSSCKFWC_DigestEncryptUpdate
- * NSSCKFWC_DecryptDigestUpdate
- * NSSCKFWC_SignEncryptUpdate
- * NSSCKFWC_DecryptVerifyUpdate
- * NSSCKFWC_GenerateKey
- * NSSCKFWC_GenerateKeyPair
- * NSSCKFWC_WrapKey
- * NSSCKFWC_UnwrapKey
- * NSSCKFWC_DeriveKey
- * NSSCKFWC_SeedRandom
- * NSSCKFWC_GenerateRandom
- * NSSCKFWC_GetFunctionStatus
- * NSSCKFWC_CancelFunction
- */
-
-/*
- * NSSCKFWC_Initialize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Initialize
-(
- NSSCKFWInstance **pFwInstance,
- NSSCKMDInstance *mdInstance,
- CK_VOID_PTR pInitArgs
-);
-
-/*
- * NSSCKFWC_Finalize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Finalize
-(
- NSSCKFWInstance **pFwInstance
-);
-
-/*
- * NSSCKFWC_GetInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_INFO_PTR pInfo
-);
-
-/*
- * C_GetFunctionList is implemented entirely in the Module's file which
- * includes the Framework API insert file. It requires no "actual"
- * NSSCKFW routine.
- */
-
-/*
- * NSSCKFWC_GetSlotList
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotList
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-);
-
-/*
- * NSSCKFWC_GetSlotInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_GetTokenInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetTokenInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_WaitForSlotEvent
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved
-);
-
-/*
- * NSSCKFWC_GetMechanismList
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismList
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-);
-
-/*
- * NSSCKFWC_GetMechanismInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_InitToken
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_InitToken
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-);
-
-/*
- * NSSCKFWC_InitPIN
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_InitPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-);
-
-/*
- * NSSCKFWC_SetPIN
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-);
-
-/*
- * NSSCKFWC_OpenSession
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_OpenSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-);
-
-/*
- * NSSCKFWC_CloseSession
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CloseSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CloseAllSessions
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CloseAllSessions
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID
-);
-
-/*
- * NSSCKFWC_GetSessionInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSessionInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_GetOperationState
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-);
-
-/*
- * NSSCKFWC_SetOperationState
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-);
-
-/*
- * NSSCKFWC_Login
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Login
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-);
-
-/*
- * NSSCKFWC_Logout
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Logout
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CreateObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CreateObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-);
-
-/*
- * NSSCKFWC_CopyObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CopyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-);
-
-/*
- * NSSCKFWC_DestroyObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DestroyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * NSSCKFWC_GetObjectSize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetObjectSize
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-);
-
-/*
- * NSSCKFWC_GetAttributeValue
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_SetAttributeValue
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_FindObjectsInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_FindObjects
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjects
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-);
-
-/*
- * NSSCKFWC_FindObjectsFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_EncryptInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Encrypt
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Encrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-);
-
-/*
- * NSSCKFWC_EncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_EncryptFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Decrypt
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Decrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-);
-
-/*
- * NSSCKFWC_DecryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_DecryptFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-);
-
-/*
- * NSSCKFWC_DigestInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-);
-
-/*
- * NSSCKFWC_Digest
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Digest
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-);
-
-/*
- * NSSCKFWC_DigestUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen
-);
-
-/*
- * NSSCKFWC_DigestKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_DigestFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-);
-
-/*
- * NSSCKFWC_SignInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Sign
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Sign
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_SignUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-);
-
-/*
- * NSSCKFWC_SignFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_SignRecoverInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_SignRecover
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Verify
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Verify
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-);
-
-/*
- * NSSCKFWC_VerifyFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyRecoverInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_VerifyRecover
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-);
-
-/*
- * NSSCKFWC_DigestEncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptDigestUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_SignEncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptVerifyUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_GenerateKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_GenerateKeyPair
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKeyPair
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-);
-
-/*
- * NSSCKFWC_WrapKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_WrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-);
-
-/*
- * NSSCKFWC_UnwrapKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_UnwrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_DeriveKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DeriveKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_SeedRandom
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SeedRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-);
-
-/*
- * NSSCKFWC_GenerateRandom
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen
-);
-
-/*
- * NSSCKFWC_GetFunctionStatus
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetFunctionStatus
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CancelFunction
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CancelFunction
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-#endif /* NSSCKFWC_H */
diff --git a/security/nss/lib/ckfw/nssckfwt.h b/security/nss/lib/ckfw/nssckfwt.h
deleted file mode 100644
index 13be0f325..000000000
--- a/security/nss/lib/ckfw/nssckfwt.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFWT_H
-#define NSSCKFWT_H
-
-#ifdef DEBUG
-static const char NSSCKFWT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfwt.h
- *
- * This file declares the public types used by the NSS Cryptoki Framework.
- */
-
-/*
- * NSSCKFWInstance
- *
- */
-
-struct NSSCKFWInstanceStr;
-typedef struct NSSCKFWInstanceStr NSSCKFWInstance;
-
-/*
- * NSSCKFWSlot
- *
- */
-
-struct NSSCKFWSlotStr;
-typedef struct NSSCKFWSlotStr NSSCKFWSlot;
-
-/*
- * NSSCKFWToken
- *
- */
-
-struct NSSCKFWTokenStr;
-typedef struct NSSCKFWTokenStr NSSCKFWToken;
-
-/*
- * NSSCKFWMechanism
- *
- */
-
-struct NSSCKFWMechanismStr;
-typedef struct NSSCKFWMechanismStr NSSCKFWMechanism;
-
-/*
- * NSSCKFWSession
- *
- */
-
-struct NSSCKFWSessionStr;
-typedef struct NSSCKFWSessionStr NSSCKFWSession;
-
-/*
- * NSSCKFWObject
- *
- */
-
-struct NSSCKFWObjectStr;
-typedef struct NSSCKFWObjectStr NSSCKFWObject;
-
-/*
- * NSSCKFWFindObjects
- *
- */
-
-struct NSSCKFWFindObjectsStr;
-typedef struct NSSCKFWFindObjectsStr NSSCKFWFindObjects;
-
-/*
- * NSSCKFWMutex
- *
- */
-
-struct NSSCKFWMutexStr;
-typedef struct NSSCKFWMutexStr NSSCKFWMutex;
-
-#endif /* NSSCKFWT_H */
diff --git a/security/nss/lib/ckfw/nssckg.h b/security/nss/lib/ckfw/nssckg.h
deleted file mode 100644
index ae7dbeb91..000000000
--- a/security/nss/lib/ckfw/nssckg.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef NSSCKG_H
-#define NSSCKG_H
-
-#include "pkcs11.h"
-
-#endif /* NSSCKG_H */
diff --git a/security/nss/lib/ckfw/nssckmdt.h b/security/nss/lib/ckfw/nssckmdt.h
deleted file mode 100644
index c4a18a814..000000000
--- a/security/nss/lib/ckfw/nssckmdt.h
+++ /dev/null
@@ -1,2036 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKMDT_H
-#define NSSCKMDT_H
-
-#ifdef DEBUG
-static const char NSSCKMDT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckmdt.h
- *
- * This file specifies the basic types that must be implemented by
- * any Module using the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-typedef struct NSSCKMDInstanceStr NSSCKMDInstance;
-typedef struct NSSCKMDSlotStr NSSCKMDSlot;
-typedef struct NSSCKMDTokenStr NSSCKMDToken;
-typedef struct NSSCKMDSessionStr NSSCKMDSession;
-typedef struct NSSCKMDFindObjectsStr NSSCKMDFindObjects;
-typedef struct NSSCKMDMechanismStr NSSCKMDMechanism;
-typedef struct NSSCKMDObjectStr NSSCKMDObject;
-
-/*
- * NSSCKFWItem
- *
- * This is a structure used by modules to return object attributes.
- * The needsFreeing bit indicates whether the object needs to be freed.
- * If so, the framework will call the FreeAttribute function on the item
- * after it is done using it.
- *
- */
-
-typedef struct {
- PRBool needsFreeing;
- NSSItem* item;
-} NSSCKFWItem ;
-
-/*
- * NSSCKMDInstance
- *
- * This is the basic handle for an instance of a PKCS#11 Module.
- * It is returned by the Module's CreateInstance routine, and
- * may be obtained from the corresponding NSSCKFWInstance object.
- * It contains a pointer for use by the Module, to store any
- * instance-related data, and it contains the EPV for a set of
- * routines which the Module may implement for use by the Framework.
- * Some of these routines are optional; others are mandatory.
- */
-
-struct NSSCKMDInstanceStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework to initialize
- * the Module. This routine is optional; if unimplemented,
- * it won't be called. If this routine returns an error,
- * then the initialization will fail.
- */
- CK_RV (PR_CALLBACK *Initialize)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSUTF8 *configurationData
- );
-
- /*
- * This routine is called when the Framework is finalizing
- * the PKCS#11 Module. It is the last thing called before
- * the NSSCKFWInstance's NSSArena is destroyed. This routine
- * is optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Finalize)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine gets the number of slots. This value must
- * never change, once the instance is initialized. This
- * routine must be implemented. It may return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetNSlots)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the version of the Cryptoki standard
- * to which this Module conforms. This routine is optional;
- * if unimplemented, the Framework uses the version to which
- * ~it~ was implemented.
- */
- CK_VERSION (PR_CALLBACK *GetCryptokiVersion)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing the manufacturer ID for this Module. Only
- * the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of this Module library. Only
- * the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetLibraryDescription)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the version of this Module library.
- * This routine is optional; if unimplemented, the Framework
- * will assume a Module library version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetLibraryVersion)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the Module wishes to
- * handle session objects. This routine is optional.
- * If this routine is NULL, or if it exists but returns
- * CK_FALSE, the Framework will assume responsibility
- * for managing session objects.
- */
- CK_BBOOL (PR_CALLBACK *ModuleHandlesSessionObjects)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs pointers to NSSCKMDSlot objects into
- * the specified array; one for each slot supported by this
- * instance. The Framework will determine the size needed
- * for the array by calling GetNSlots. This routine is
- * required.
- */
- CK_RV (PR_CALLBACK *GetSlots)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
- );
-
- /*
- * This call returns a pointer to the slot in which an event
- * has occurred. If the block argument is CK_TRUE, the call
- * should block until a slot event occurs; if CK_FALSE, it
- * should check to see if an event has occurred, occurred,
- * but return NULL (and set *pError to CK_NO_EVENT) if one
- * hasn't. This routine is optional; if unimplemented, the
- * Framework will assume that no event has happened. This
- * routine may return NULL upon error.
- */
- NSSCKMDSlot *(PR_CALLBACK *WaitForSlotEvent)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-
-/*
- * NSSCKMDSlot
- *
- * This is the basic handle for a PKCS#11 Module Slot. It is
- * created by the NSSCKMDInstance->GetSlots call, and may be
- * obtained from the Framework's corresponding NSSCKFWSlot
- * object. It contains a pointer for use by the Module, to
- * store any slot-related data, and it contains the EPV for
- * a set of routines which the Module may implement for use
- * by the Framework. Some of these routines are optional.
- */
-
-struct NSSCKMDSlotStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called during the Framework initialization
- * step, after the Framework Instance has obtained the list
- * of slots (by calling NSSCKMDInstance->GetSlots). Any slot-
- * specific initialization can be done here. This routine is
- * optional; if unimplemented, it won't be called. Note that
- * if this routine returns an error, the entire Framework
- * initialization for this Module will fail.
- */
- CK_RV (PR_CALLBACK *Initialize)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is called when the Framework is finalizing
- * the PKCS#11 Module. This call (for each of the slots)
- * is the last thing called before NSSCKMDInstance->Finalize.
- * This routine is optional; if unimplemented, it merely
- * won't be called. Note: In the rare circumstance that
- * the Framework initialization cannot complete (due to,
- * for example, memory limitations), this can be called with
- * a NULL value for fwSlot.
- */
- void (PR_CALLBACK *Destroy)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of this slot. Only the characters
- * completely encoded in the first sixty-four bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetSlotDescription)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of the manufacturer of this slot.
- * Only the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns CK_TRUE if a token is present in this
- * slot. This routine is optional; if unimplemented, CK_TRUE
- * is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetTokenPresent)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the slot supports removable
- * tokens. This routine is optional; if unimplemented, CK_FALSE
- * is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetRemovableDevice)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this slot is a hardware
- * device, or CK_FALSE if this slot is a software device. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHardwareSlot)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version of this slot's hardware.
- * This routine is optional; if unimplemented, the Framework
- * will assume a hardware version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version of this slot's firmware.
- * This routine is optional; if unimplemented, the Framework
- * will assume a hardware version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine should return a pointer to an NSSCKMDToken
- * object corresponding to the token in the specified slot.
- * The NSSCKFWToken object passed in has an NSSArena
- * available which is dedicated for this token. This routine
- * must be implemented. This routine may return NULL upon
- * error.
- */
- NSSCKMDToken *(PR_CALLBACK *GetToken)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDToken
- *
- * This is the basic handle for a PKCS#11 Token. It is created by
- * the NSSCKMDSlot->GetToken call, and may be obtained from the
- * Framework's corresponding NSSCKFWToken object. It contains a
- * pointer for use by the Module, to store any token-related
- * data, and it contains the EPV for a set of routines which the
- * Module may implement for use by the Framework. Some of these
- * routines are optional.
- */
-
-struct NSSCKMDTokenStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is used to prepare a Module token object for
- * use. It is called after the NSSCKMDToken object is obtained
- * from NSSCKMDSlot->GetToken. It is named "Setup" here because
- * Cryptoki already defines "InitToken" to do the process of
- * wiping out any existing state on a token and preparing it for
- * a new use. This routine is optional; if unimplemented, it
- * merely won't be called.
- */
- CK_RV (PR_CALLBACK *Setup)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is called by the Framework whenever it notices
- * that the token object is invalid. (Typically this is when a
- * routine indicates an error such as CKR_DEVICE_REMOVED). This
- * call is the last thing called before the NSSArena in the
- * corresponding NSSCKFWToken is destroyed. This routine is
- * optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Invalidate)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine initialises the token in the specified slot.
- * This routine is optional; if unimplemented, the Framework
- * will fail this operation with an error of CKR_DEVICE_ERROR.
- */
-
- CK_RV (PR_CALLBACK *InitToken)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin,
- NSSUTF8 *label
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's label. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetLabel)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's manufacturer ID. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's model name. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetModel)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's serial number. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetSerialNumber)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns CK_TRUE if the token has its own
- * random number generator. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasRNG)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this token is write-protected.
- * This routine is optional; if unimplemented, CK_FALSE is
- * assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetIsWriteProtected)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this token requires a login.
- * This routine is optional; if unimplemented, CK_FALSE is
- * assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetLoginRequired)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the normal user's PIN on this
- * token has been initialised. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetUserPinInitialized)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if a successful save of a
- * session's cryptographic operations state ~always~ contains
- * all keys needed to restore the state of the session. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetRestoreKeyNotNeeded)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token has its own
- * hardware clock. This routine is optional; if unimplemented,
- * CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasClockOnToken)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token has a protected
- * authentication path. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasProtectedAuthenticationPath)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token supports dual
- * cryptographic operations within a single session. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetSupportsDualCryptoOperations)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * XXX fgmr-- should we have a call to return all the flags
- * at once, for folks who already know about Cryptoki?
- */
-
- /*
- * This routine returns the maximum number of sessions that
- * may be opened on this token. This routine is optional;
- * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed. XXX fgmr-- or CK_EFFECTIVELY_INFINITE?
- */
- CK_ULONG (PR_CALLBACK *GetMaxSessionCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the maximum number of read/write
- * sesisons that may be opened on this token. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed. XXX fgmr-- or
- * CK_EFFECTIVELY_INFINITE?
- */
- CK_ULONG (PR_CALLBACK *GetMaxRwSessionCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the maximum PIN code length that is
- * supported on this token. This routine is optional;
- * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetMaxPinLen)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the minimum PIN code length that is
- * supported on this token. This routine is optional; if
- * unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed. XXX fgmr-- or 0?
- */
- CK_ULONG (PR_CALLBACK *GetMinPinLen)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the total amount of memory on the token
- * in which public objects may be stored. This routine is
- * optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetTotalPublicMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the amount of unused memory on the
- * token in which public objects may be stored. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetFreePublicMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the total amount of memory on the token
- * in which private objects may be stored. This routine is
- * optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetTotalPrivateMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the amount of unused memory on the
- * token in which private objects may be stored. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetFreePrivateMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version number of this token's
- * hardware. This routine is optional; if unimplemented,
- * the value 0.1 is assumed.
- */
- CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version number of this token's
- * firmware. This routine is optional; if unimplemented,
- * the value 0.1 is assumed.
- */
- CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs the current UTC time, as obtained from
- * the token, into the sixteen-byte buffer in the form
- * YYYYMMDDhhmmss00. This routine need only be implemented
- * by token which indicate that they have a real-time clock.
- * XXX fgmr-- think about time formats.
- */
- CK_RV (PR_CALLBACK *GetUTCTime)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_CHAR utcTime[16]
- );
-
- /*
- * This routine creates a session on the token, and returns
- * the corresponding NSSCKMDSession object. The value of
- * rw will be CK_TRUE if the session is to be a read/write
- * session, or CK_FALSE otherwise. An NSSArena dedicated to
- * the new session is available from the specified NSSCKFWSession.
- * This routine may return NULL upon error.
- */
- NSSCKMDSession *(PR_CALLBACK *OpenSession)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
- );
-
- /*
- * This routine returns the number of PKCS#11 Mechanisms
- * supported by this token. This routine is optional; if
- * unimplemented, zero is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetMechanismCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs into the specified array the types
- * of the mechanisms supported by this token. The Framework
- * determines the size of the array by calling GetMechanismCount.
- */
- CK_RV (PR_CALLBACK *GetMechanismTypes)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE types[]
- );
-
- /*
- * This routine returns a pointer to a Module mechanism
- * object corresponding to a specified type. This routine
- * need only exist for tokens implementing at least one
- * mechanism.
- */
- NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_TYPE which
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDSession
- *
- * This is the basic handle for a session on a PKCS#11 Token. It
- * is created by NSSCKMDToken->OpenSession, and may be obtained
- * from the Framework's corresponding NSSCKFWSession object. It
- * contains a pointer for use by the Module, to store any session-
- * realted data, and it contains the EPV for a set of routines
- * which the Module may implement for use by the Framework. Some
- * of these routines are optional.
- */
-
-struct NSSCKMDSessionStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework when a session is
- * closed. This call is the last thing called before the
- * NSSArena in the correspoinding NSSCKFWSession is destroyed.
- * This routine is optional; if unimplemented, it merely won't
- * be called.
- */
- void (PR_CALLBACK *Close)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to get any device-specific error.
- * This routine is optional.
- */
- CK_ULONG (PR_CALLBACK *GetDeviceError)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to log in a user to the token. This
- * routine is optional, since the Framework's NSSCKFWSession
- * object keeps track of the login state.
- */
- CK_RV (PR_CALLBACK *Login)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_USER_TYPE userType,
- NSSItem *pin,
- CK_STATE oldState,
- CK_STATE newState
- );
-
- /*
- * This routine is used to log out a user from the token. This
- * routine is optional, since the Framework's NSSCKFWSession
- * object keeps track of the login state.
- */
- CK_RV (PR_CALLBACK *Logout)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_STATE oldState,
- CK_STATE newState
- );
-
- /*
- * This routine is used to initialize the normal user's PIN or
- * password. This will only be called in the "read/write
- * security officer functions" state. If this token has a
- * protected authentication path, then the pin argument will
- * be NULL. This routine is optional; if unimplemented, the
- * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
- */
- CK_RV (PR_CALLBACK *InitPIN)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin
- );
-
- /*
- * This routine is used to modify a user's PIN or password. This
- * routine will only be called in the "read/write security officer
- * functions" or "read/write user functions" state. If this token
- * has a protected authentication path, then the pin arguments
- * will be NULL. This routine is optional; if unimplemented, the
- * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
- */
- CK_RV (PR_CALLBACK *SetPIN)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *oldPin,
- NSSItem *newPin
- );
-
- /*
- * This routine is used to find out how much space would be required
- * to save the current operational state. This routine is optional;
- * if unimplemented, the Framework will reject any attempts to save
- * the operational state with the error CKR_STATE_UNSAVEABLE. This
- * routine may return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetOperationStateLen)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine is used to store the current operational state. This
- * routine is only required if GetOperationStateLen is implemented
- * and can return a nonzero value. The buffer in the specified item
- * will be pre-allocated, and the length will specify the amount of
- * space available (which may be more than GetOperationStateLen
- * asked for, but which will not be smaller).
- */
- CK_RV (PR_CALLBACK *GetOperationState)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- * This routine is used to restore an operational state previously
- * obtained with GetOperationState. The Framework will take pains
- * to be sure that the state is (or was at one point) valid; if the
- * Module notices that the state is invalid, it should return an
- * error, but it is not required to be paranoid about the issue.
- * [XXX fgmr-- should (can?) the framework verify the keys match up?]
- * This routine is required only if GetOperationState is implemented.
- */
- CK_RV (PR_CALLBACK *SetOperationState)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *state,
- NSSCKMDObject *mdEncryptionKey,
- NSSCKFWObject *fwEncryptionKey,
- NSSCKMDObject *mdAuthenticationKey,
- NSSCKFWObject *fwAuthenticationKey
- );
-
- /*
- * This routine is used to create an object. The specified template
- * will only specify a session object if the Module has indicated
- * that it wishes to handle its own session objects. This routine
- * is optional; if unimplemented, the Framework will reject the
- * operation with the error CKR_TOKEN_WRITE_PROTECTED. Space for
- * token objects should come from the NSSArena available from the
- * NSSCKFWToken object; space for session objects (if supported)
- * should come from the NSSArena available from the NSSCKFWSession
- * object. The appropriate NSSArena pointer will, as a convenience,
- * be passed as the handyArenaPointer argument. This routine may
- * return NULL upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *CreateObject)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine is used to make a copy of an object. It is entirely
- * optional; if unimplemented, the Framework will try to use
- * CreateObject instead. If the Module has indicated that it does
- * not wish to handle session objects, then this routine will only
- * be called to copy a token object to another token object.
- * Otherwise, either the original object or the new may be of
- * either the token or session variety. As with CreateObject, the
- * handyArenaPointer will point to the appropriate arena for the
- * new object. This routine may return NULL upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *CopyObject)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdOldObject,
- NSSCKFWObject *fwOldObject,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine is used to begin an object search. This routine may
- * be unimplemented only if the Module does not handle session
- * objects, and if none of its tokens have token objects. The
- * NSSCKFWFindObjects pointer has an NSSArena that may be used for
- * storage for the life of this "find" operation. This routine may
- * return NULL upon error. If the Module can determine immediately
- * that the search will not find any matching objects, it may return
- * NULL, and specify CKR_OK as the error.
- */
- NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine seeds the random-number generator. It is
- * optional, even if GetRandom is implemented. If unimplemented,
- * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED.
- */
- CK_RV (PR_CALLBACK *SeedRandom)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *seed
- );
-
- /*
- * This routine gets random data. It is optional. If unimplemented,
- * the Framework will issue the error CKR_RANDOM_NO_RNG.
- */
- CK_RV (PR_CALLBACK *GetRandom)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDFindObjects
- *
- * This is the basic handle for an object search. It is
- * created by NSSCKMDSession->FindObjectsInit, and may be
- * obtained from the Framework's corresponding object.
- * It contains a pointer for use by the Module, to store
- * any search-related data, and it contains the EPV for a
- * set of routines which the Module may implement for use
- * by the Framework. Some of these routines are optional.
- */
-
-struct NSSCKMDFindObjectsStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework to finish a
- * search operation. Note that the Framework may finish
- * a search before it has completed. This routine is
- * optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Final)(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to obtain another pointer to an
- * object matching the search criteria. This routine is
- * required. If no (more) objects match the search, it
- * should return NULL and set the error to CKR_OK.
- */
- NSSCKMDObject *(PR_CALLBACK *Next)(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDMechanism
- *
- */
-
-struct NSSCKMDMechanismStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine returns the minimum key size allowed for
- * this mechanism. This routine is optional; if unimplemented,
- * zero will be assumed. This routine may return zero on
- * error; if the error is CKR_OK, zero will be accepted as
- * a valid response.
- */
- CK_ULONG (PR_CALLBACK *GetMinKeySize)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the maximum key size allowed for
- * this mechanism. This routine is optional; if unimplemented,
- * zero will be assumed. This routine may return zero on
- * error; if the error is CKR_OK, zero will be accepted as
- * a valid response.
- */
- CK_ULONG (PR_CALLBACK *GetMaxKeySize)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine is called to determine if the mechanism is
- * implemented in hardware or software. It returns CK_TRUE
- * if it is done in hardware.
- */
- CK_BBOOL (PR_CALLBACK *GetInHardware)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * The crypto routines themselves. Most crypto operations may
- * be performed in two ways, streaming and single-part. The
- * streaming operations involve the use of (typically) three
- * calls-- an Init method to set up the operation, an Update
- * method to feed data to the operation, and a Final method to
- * obtain the final result. Single-part operations involve
- * one method, to perform the crypto operation all at once.
- * The NSS Cryptoki Framework can implement the single-part
- * operations in terms of the streaming operations on behalf
- * of the Module. There are a few variances.
- *
- * For simplicity, the routines are listed in summary here:
- *
- * EncryptInit, EncryptUpdate, EncryptFinal; Encrypt
- * DecryptInit, DecryptUpdate, DecryptFinal; Decrypt
- * DigestInit, DigestUpdate, DigestKey, DigestFinal; Digest
- * SignInit, SignUpdate, SignFinal; Sign
- * SignRecoverInit; SignRecover
- * VerifyInit, VerifyUpdate, VerifyFinal; Verify
- * VerifyRecoverInit; VerifyRecover
- *
- * Also, there are some combined-operation calls:
- *
- * DigestEncryptUpdate
- * DecryptDigestUpdate
- * SignEncryptUpdate
- * DecryptVerifyUpdate
- *
- * The key-management routines are
- *
- * GenerateKey
- * GenerateKeyPair
- * WrapKey
- * UnwrapKey
- * DeriveKey
- *
- * All of these routines based directly on the Cryptoki API;
- * see PKCS#11 for further information.
- */
-
- /*
- */
- CK_RV (PR_CALLBACK *EncryptInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *EncryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *EncryptFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Encrypt)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Decrypt)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Digest)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Sign)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *key
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyFinish)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Verify)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *key,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignRecover)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyRecover)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestEncryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptDigestUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignEncryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptVerifyUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- * Key management operations.
- */
-
- /*
- * This routine generates a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *GenerateKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine generates a key pair.
- */
- CK_RV (PR_CALLBACK *GenerateKeyPair)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- NSSCKMDObject **pPublicKey,
- NSSCKMDObject **pPrivateKey
- );
-
- /*
- * This routine wraps a key.
- */
- CK_RV (PR_CALLBACK *WrapKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSCKMDObject *mdWrappedKey,
- NSSCKFWObject *fwWrappedKey,
- NSSItem *buffer
- );
-
- /*
- * This routine unwraps a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *UnwrapKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSItem *wrappedKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine derives a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *DeriveKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdBaseKey,
- NSSCKFWObject *fwBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDObject
- *
- * This is the basic handle for any object used by a PKCS#11 Module.
- * Modules must implement it if they support their own objects, and
- * the Framework supports it for Modules that do not handle session
- * objects. This type contains a pointer for use by the implementor,
- * to store any object-specific data, and it contains an EPV for a
- * set of routines used to access the object.
- */
-
-struct NSSCKMDObjectStr {
- /*
- * The implementation my use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework when it is letting
- * go of an object handle. It can be used by the Module to
- * free any resources tied up by an object "in use." It is
- * optional.
- */
- void (PR_CALLBACK *Finalize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to completely destroy an object.
- * It is optional. The parameter fwObject might be NULL
- * if the framework runs out of memory at the wrong moment.
- */
- CK_RV (PR_CALLBACK *Destroy)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This helper routine is used by the Framework, and is especially
- * useful when it is managing session objects on behalf of the
- * Module. This routine is optional; if unimplemented, the
- * Framework will actually look up the CKA_TOKEN attribute. In the
- * event of an error, just make something up-- the Framework will
- * find out soon enough anyway.
- */
- CK_BBOOL (PR_CALLBACK *IsTokenObject)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the number of attributes of which this
- * object consists. It is mandatory. It can return zero on
- * error.
- */
- CK_ULONG (PR_CALLBACK *GetAttributeCount)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine stuffs the attribute types into the provided array.
- * The array size (as obtained from GetAttributeCount) is passed in
- * as a check; return CKR_BUFFER_TOO_SMALL if the count is wrong
- * (either too big or too small).
- */
- CK_RV (PR_CALLBACK *GetAttributeTypes)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
- );
-
- /*
- * This routine returns the size (in bytes) of the specified
- * attribute. It can return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetAttributeSize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
- );
-
- /*
- * This routine returns an NSSCKFWItem structure.
- * The item pointer points to an NSSItem containing the attribute value.
- * The needsFreeing bit tells the framework whether to call the
- * FreeAttribute function . Upon error, an NSSCKFWItem structure
- * with a NULL NSSItem item pointer will be returned
- */
- NSSCKFWItem (PR_CALLBACK *GetAttribute)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
- );
-
- /*
- * This routine returns CKR_OK if the attribute could be freed.
- */
- CK_RV (PR_CALLBACK *FreeAttribute)(
- NSSCKFWItem * item
- );
-
- /*
- * This routine changes the specified attribute. If unimplemented,
- * the object will be considered read-only.
- */
- CK_RV (PR_CALLBACK *SetAttribute)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
- );
-
- /*
- * This routine returns the storage requirements of this object,
- * in bytes. Cryptoki doesn't strictly define the definition,
- * but it should relate to the values returned by the "Get Memory"
- * routines of the NSSCKMDToken. This routine is optional; if
- * unimplemented, the Framework will consider this information
- * sensitive. This routine may return zero on error. If the
- * specified error is CKR_OK, zero will be accepted as a valid
- * response.
- */
- CK_ULONG (PR_CALLBACK *GetObjectSize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-
-#endif /* NSSCKMDT_H */
diff --git a/security/nss/lib/ckfw/nssckt.h b/security/nss/lib/ckfw/nssckt.h
deleted file mode 100644
index f1b2ef1b5..000000000
--- a/security/nss/lib/ckfw/nssckt.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _NSSCKT_H_
-#define _NSSCKT_H_ 1
-
-#include "pkcs11t.h"
-
-typedef CK_ATTRIBUTE_TYPE CK_PTR CK_ATTRIBUTE_TYPE_PTR;
-#define CK_ENTRY
-
-#endif /* _NSSCKT_H_ */
-
diff --git a/security/nss/lib/ckfw/object.c b/security/nss/lib/ckfw/object.c
deleted file mode 100644
index 1cbcf0172..000000000
--- a/security/nss/lib/ckfw/object.c
+++ /dev/null
@@ -1,1046 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * object.c
- *
- * This file implements the NSSCKFWObject type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWObject
- *
- * -- create/destroy --
- * nssCKFWObject_Create
- * nssCKFWObject_Finalize
- * nssCKFWObject_Destroy
- *
- * -- public accessors --
- * NSSCKFWObject_GetMDObject
- * NSSCKFWObject_GetArena
- * NSSCKFWObject_IsTokenObject
- * NSSCKFWObject_GetAttributeCount
- * NSSCKFWObject_GetAttributeTypes
- * NSSCKFWObject_GetAttributeSize
- * NSSCKFWObject_GetAttribute
- * NSSCKFWObject_SetAttribute
- * NSSCKFWObject_GetObjectSize
- *
- * -- implement public accessors --
- * nssCKFWObject_GetMDObject
- * nssCKFWObject_GetArena
- *
- * -- private accessors --
- * nssCKFWObject_SetHandle
- * nssCKFWObject_GetHandle
- *
- * -- module fronts --
- * nssCKFWObject_IsTokenObject
- * nssCKFWObject_GetAttributeCount
- * nssCKFWObject_GetAttributeTypes
- * nssCKFWObject_GetAttributeSize
- * nssCKFWObject_GetAttribute
- * nssCKFWObject_SetAttribute
- * nssCKFWObject_GetObjectSize
- */
-
-struct NSSCKFWObjectStr {
- NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
- NSSArena *arena;
- NSSCKMDObject *mdObject;
- NSSCKMDSession *mdSession;
- NSSCKFWSession *fwSession;
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
- NSSCKMDInstance *mdInstance;
- NSSCKFWInstance *fwInstance;
- CK_OBJECT_HANDLE hObject;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-object_add_pointer
-(
- const NSSCKFWObject *fwObject
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-object_remove_pointer
-(
- const NSSCKFWObject *fwObject
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_verifyPointer
-(
- const NSSCKFWObject *fwObject
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-
-/*
- * nssCKFWObject_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWObject_Create
-(
- NSSArena *arena,
- NSSCKMDObject *mdObject,
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- NSSCKFWObject *fwObject;
- nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwToken);
- if( (nssCKFWHash *)NULL == mdObjectHash ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-
- if( nssCKFWHash_Exists(mdObjectHash, mdObject) ) {
- fwObject = nssCKFWHash_Lookup(mdObjectHash, mdObject);
- return fwObject;
- }
-
- fwObject = nss_ZNEW(arena, NSSCKFWObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject->arena = arena;
- fwObject->mdObject = mdObject;
- fwObject->fwSession = fwSession;
-
- if( (NSSCKFWSession *)NULL != fwSession ) {
- fwObject->mdSession = nssCKFWSession_GetMDSession(fwSession);
- }
-
- fwObject->fwToken = fwToken;
-
- if( (NSSCKFWToken *)NULL != fwToken ) {
- fwObject->mdToken = nssCKFWToken_GetMDToken(fwToken);
- }
-
- fwObject->fwInstance = fwInstance;
- fwObject->mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
- fwObject->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwObject->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWHash_Add(mdObjectHash, mdObject, fwObject);
- if( CKR_OK != *pError ) {
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
-
-#ifdef DEBUG
- *pError = object_add_pointer(fwObject);
- if( CKR_OK != *pError ) {
- nssCKFWHash_Remove(mdObjectHash, mdObject);
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return fwObject;
-}
-
-/*
- * nssCKFWObject_Finalize
- *
- */
-NSS_IMPLEMENT void
-nssCKFWObject_Finalize
-(
- NSSCKFWObject *fwObject
-)
-{
- nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwObject->mutex);
-
- if( (void *)NULL != (void *)fwObject->mdObject->Finalize ) {
- fwObject->mdObject->Finalize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- }
-
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
- if( (nssCKFWHash *)NULL != mdObjectHash ) {
- nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
- }
-
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- nss_ZFreeIf(fwObject);
-
-#ifdef DEBUG
- (void)object_remove_pointer(fwObject);
-#endif /* DEBUG */
-
- return;
-}
-
-/*
- * nssCKFWObject_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssCKFWObject_Destroy
-(
- NSSCKFWObject *fwObject
-)
-{
- nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwObject->mutex);
-
- if( (void *)NULL != (void *)fwObject->mdObject->Destroy ) {
- fwObject->mdObject->Destroy(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- }
-
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
- if( (nssCKFWHash *)NULL != mdObjectHash ) {
- nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
- }
-
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- nss_ZFreeIf(fwObject);
-
-#ifdef DEBUG
- (void)object_remove_pointer(fwObject);
-#endif /* DEBUG */
-
- return;
-}
-
-/*
- * nssCKFWObject_GetMDObject
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (NSSCKMDObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwObject->mdObject;
-}
-
-/*
- * nssCKFWObject_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwObject->arena;
-}
-
-/*
- * nssCKFWObject_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
- NSSCKFWObject *fwObject,
- CK_OBJECT_HANDLE hObject
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( (CK_OBJECT_HANDLE)0 != fwObject->hObject ) {
- return CKR_GENERAL_ERROR;
- }
-
- fwObject->hObject = hObject;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWObject_GetHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (CK_OBJECT_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- return fwObject->hObject;
-}
-
-/*
- * nssCKFWObject_IsTokenObject
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-)
-{
- CK_BBOOL b = CK_FALSE;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->IsTokenObject ) {
- NSSItem item;
- NSSItem *pItem;
- CK_RV rv = CKR_OK;
-
- item.data = (void *)&b;
- item.size = sizeof(b);
-
- pItem = nssCKFWObject_GetAttribute(fwObject, CKA_TOKEN, &item,
- (NSSArena *)NULL, &rv);
- if( (NSSItem *)NULL == pItem ) {
- /* Error of some type */
- b = CK_FALSE;
- goto done;
- }
-
- goto done;
- }
-
- b = fwObject->mdObject->IsTokenObject(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
-
- done:
- return b;
-}
-
-/*
- * nssCKFWObject_GetAttributeCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeCount ) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- rv = fwObject->mdObject->GetAttributeCount(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- pError);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * nssCKFWObject_GetAttributeTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeTypes ) {
- return CKR_GENERAL_ERROR;
- }
-
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- typeArray, ulCount);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return error;
-}
-
-/*
- * nssCKFWObject_GetAttributeSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeSize ) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG )0;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, pError);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * nssCKFWObject_GetAttribute
- *
- * Usual NSS allocation rules:
- * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
- * will be allocated. If itemOpt is not NULL but itemOpt->data is,
- * the buffer will be allocated; otherwise, the buffer will be used.
- * Any allocations will come from the optional arena, if one is
- * specified.
- */
-NSS_IMPLEMENT NSSItem *
-nssCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
- NSSCKFWItem mdItem;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttribute ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
-
- mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, pError);
-
- if( (NSSItem *)NULL == mdItem.item ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- goto done;
- }
-
- if( (NSSItem *)NULL == itemOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
- }
- } else {
- rv = itemOpt;
- }
-
- if( (void *)NULL == rv->data ) {
- rv->size = mdItem.item->size;
- rv->data = nss_ZAlloc(arenaOpt, rv->size);
- if( (void *)NULL == rv->data ) {
- *pError = CKR_HOST_MEMORY;
- if( (NSSItem *)NULL == itemOpt ) {
- nss_ZFreeIf(rv);
- }
- rv = (NSSItem *)NULL;
- goto done;
- }
- } else {
- if( rv->size >= mdItem.item->size ) {
- rv->size = mdItem.item->size;
- } else {
- *pError = CKR_BUFFER_TOO_SMALL;
- /* Should we set rv->size to mdItem->size? */
- /* rv can't have been allocated */
- rv = (NSSItem *)NULL;
- goto done;
- }
- }
-
- (void)nsslibc_memcpy(rv->data, mdItem.item->data, rv->size);
-
- if (PR_TRUE == mdItem.needsFreeing) {
- PR_ASSERT(fwObject->mdObject->FreeAttribute);
- if (fwObject->mdObject->FreeAttribute) {
- *pError = fwObject->mdObject->FreeAttribute(&mdItem);
- }
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * nssCKFWObject_SetAttribute
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( CKA_TOKEN == attribute ) {
- /*
- * We're changing from a session object to a token object or
- * vice-versa.
- */
-
- CK_ATTRIBUTE a;
- NSSCKFWObject *newFwObject;
- NSSCKFWObject swab;
-
- a.type = CKA_TOKEN;
- a.pValue = value->data;
- a.ulValueLen = value->size;
-
- newFwObject = nssCKFWSession_CopyObject(fwObject->fwSession, fwObject,
- &a, 1, &error);
- if( (NSSCKFWObject *)NULL == newFwObject ) {
- if( CKR_OK == error ) {
- error = CKR_GENERAL_ERROR;
- }
- return error;
- }
-
- /*
- * Actually, I bet the locking is worse than this.. this part of
- * the code could probably use some scrutiny and reworking.
- */
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- nssCKFWObject_Destroy(newFwObject);
- return error;
- }
-
- error = nssCKFWMutex_Lock(newFwObject->mutex);
- if( CKR_OK != error ) {
- nssCKFWMutex_Unlock(fwObject->mutex);
- nssCKFWObject_Destroy(newFwObject);
- return error;
- }
-
- /*
- * Now, we have our new object, but it has a new fwObject pointer,
- * while we have to keep the existing one. So quick swap the contents.
- */
- swab = *fwObject;
- *fwObject = *newFwObject;
- *newFwObject = swab;
-
- /* But keep the mutexes the same */
- swab.mutex = fwObject->mutex;
- fwObject->mutex = newFwObject->mutex;
- newFwObject->mutex = swab.mutex;
-
- (void)nssCKFWMutex_Unlock(newFwObject->mutex);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
- /*
- * Either remove or add this to the list of session objects
- */
-
- if( CK_FALSE == *(CK_BBOOL *)value->data ) {
- /*
- * New one is a session object, except since we "stole" the fwObject, it's
- * not in the list. Add it.
- */
- nssCKFWSession_RegisterSessionObject(fwObject->fwSession, fwObject);
- } else {
- /*
- * New one is a token object, except since we "stole" the fwObject, it's
- * in the list. Remove it.
- */
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- }
-
- /*
- * Now delete the old object. Remember the names have changed.
- */
- nssCKFWObject_Destroy(newFwObject);
-
- return CKR_OK;
- } else {
- /*
- * An "ordinary" change.
- */
- if( (void *)NULL == (void *)fwObject->mdObject->SetAttribute ) {
- /* We could fake it with copying, like above.. later */
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, value);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
- return error;
- }
-}
-
-/*
- * nssCKFWObject_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetObjectSize ) {
- *pError = CKR_INFORMATION_SENSITIVE;
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- pError);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * NSSCKFWObject_GetMDObject
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (NSSCKMDObject *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetMDObject(fwObject);
-}
-
-/*
- * NSSCKFWObject_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-NSSCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetArena(fwObject, pError);
-}
-
-/*
- * NSSCKFWObject_IsTokenObject
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_IsTokenObject(fwObject);
-}
-
-/*
- * NSSCKFWObject_GetAttributeCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttributeCount(fwObject, pError);
-}
-
-/*
- * NSSCKFWObject_GetAttributeTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
-#ifdef DEBUG
- CK_RV error = CKR_OK;
-
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttributeTypes(fwObject, typeArray, ulCount);
-}
-
-/*
- * NSSCKFWObject_GetAttributeSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttributeSize(fwObject, attribute, pError);
-}
-
-/*
- * NSSCKFWObject_GetAttribute
- *
- */
-NSS_IMPLEMENT NSSItem *
-NSSCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttribute(fwObject, attribute, itemOpt, arenaOpt, pError);
-}
-
-/*
- * NSSCKFWObject_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetObjectSize(fwObject, pError);
-}
diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c
deleted file mode 100644
index 4e8fe2c18..000000000
--- a/security/nss/lib/ckfw/session.c
+++ /dev/null
@@ -1,1962 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * session.c
- *
- * This file implements the NSSCKFWSession type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWSession
- *
- * -- create/destroy --
- * nssCKFWSession_Create
- * nssCKFWSession_Destroy
- *
- * -- public accessors --
- * NSSCKFWSession_GetMDSession
- * NSSCKFWSession_GetArena
- * NSSCKFWSession_CallNotification
- * NSSCKFWSession_IsRWSession
- * NSSCKFWSession_IsSO
- *
- * -- implement public accessors --
- * nssCKFWSession_GetMDSession
- * nssCKFWSession_GetArena
- * nssCKFWSession_CallNotification
- * nssCKFWSession_IsRWSession
- * nssCKFWSession_IsSO
- *
- * -- private accessors --
- * nssCKFWSession_GetSlot
- * nssCKFWSession_GetSessionState
- * nssCKFWSession_SetFWFindObjects
- * nssCKFWSession_GetFWFindObjects
- * nssCKFWSession_SetMDSession
- * nssCKFWSession_SetHandle
- * nssCKFWSession_GetHandle
- * nssCKFWSession_RegisterSessionObject
- * nssCKFWSession_DeegisterSessionObject
- *
- * -- module fronts --
- * nssCKFWSession_GetDeviceError
- * nssCKFWSession_Login
- * nssCKFWSession_Logout
- * nssCKFWSession_InitPIN
- * nssCKFWSession_SetPIN
- * nssCKFWSession_GetOperationStateLen
- * nssCKFWSession_GetOperationState
- * nssCKFWSession_SetOperationState
- * nssCKFWSession_CreateObject
- * nssCKFWSession_CopyObject
- * nssCKFWSession_FindObjectsInit
- * nssCKFWSession_SeedRandom
- * nssCKFWSession_GetRandom
- */
-
-struct NSSCKFWSessionStr {
- NSSArena *arena;
- NSSCKMDSession *mdSession;
- NSSCKFWToken *fwToken;
- NSSCKMDToken *mdToken;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
- CK_VOID_PTR pApplication;
- CK_NOTIFY Notify;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The items below are atomic. No locking required. If we fear
- * about pointer-copies being nonatomic, we'll lock fwFindObjects.
- */
-
- CK_BBOOL rw;
- NSSCKFWFindObjects *fwFindObjects;
- nssCKFWHash *sessionObjectHash;
- CK_SESSION_HANDLE hSession;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-session_add_pointer
-(
- const NSSCKFWSession *fwSession
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-session_remove_pointer
-(
- const NSSCKFWSession *fwSession
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_verifyPointer
-(
- const NSSCKFWSession *fwSession
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWSession_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWSession_Create
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-)
-{
- NSSArena *arena = (NSSArena *)NULL;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWSession *)NULL;
- }
-
- fwSession = nss_ZNEW(arena, NSSCKFWSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwSession->arena = arena;
- fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
- fwSession->fwToken = fwToken;
- fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
-
- fwSlot = nssCKFWToken_GetFWSlot(fwToken);
- fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
- fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
-
- fwSession->rw = rw;
- fwSession->pApplication = pApplication;
- fwSession->Notify = Notify;
-
- fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
-
- fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
- if( (nssCKFWHash *)NULL == fwSession->sessionObjectHash ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
-#ifdef DEBUG
- *pError = session_add_pointer(fwSession);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return fwSession;
-
- loser:
- if( (NSSArena *)NULL != arena ) {
- if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
- (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
- }
- NSSArena_Destroy(arena);
- }
-
- return (NSSCKFWSession *)NULL;
-}
-
-static void
-nss_ckfw_session_object_destroy_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
-{
- NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
- nssCKFWObject_Finalize(fwObject);
-}
-
-/*
- * nssCKFWSession_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Destroy
-(
- NSSCKFWSession *fwSession,
- CK_BBOOL removeFromTokenHash
-)
-{
- CK_RV error = CKR_OK;
- nssCKFWHash *sessionObjectHash;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( removeFromTokenHash ) {
- error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
- }
-
- /*
- * Invalidate session objects
- */
-
- sessionObjectHash = fwSession->sessionObjectHash;
- fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
-
- nssCKFWHash_Iterate(sessionObjectHash,
- nss_ckfw_session_object_destroy_iterator,
- (void *)NULL);
-
-#ifdef DEBUG
- (void)session_remove_pointer(fwSession);
-#endif /* DEBUG */
- (void)nssCKFWHash_Destroy(sessionObjectHash);
- NSSArena_Destroy(fwSession->arena);
-
- return error;
-}
-
-/*
- * nssCKFWSession_GetMDSession
- *
- */
-NSS_IMPLEMENT NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKMDSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->mdSession;
-}
-
-/*
- * nssCKFWSession_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->arena;
-}
-
-/*
- * nssCKFWSession_CallNotification
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-)
-{
- CK_RV error = CKR_OK;
- CK_SESSION_HANDLE handle;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( (CK_NOTIFY)NULL == fwSession->Notify ) {
- return CKR_OK;
- }
-
- handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
- if( (CK_SESSION_HANDLE)0 == handle ) {
- return CKR_GENERAL_ERROR;
- }
-
- error = fwSession->Notify(handle, event, fwSession->pApplication);
-
- return error;
-}
-
-/*
- * nssCKFWSession_IsRWSession
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->rw;
-}
-
-/*
- * nssCKFWSession_IsSO
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-)
-{
- CK_STATE state;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- switch( state ) {
- case CKS_RO_PUBLIC_SESSION:
- case CKS_RO_USER_FUNCTIONS:
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RW_USER_FUNCTIONS:
- return CK_FALSE;
- case CKS_RW_SO_FUNCTIONS:
- return CK_TRUE;
- default:
- return CK_FALSE;
- }
-}
-
-/*
- * nssCKFWSession_GetFWSlot
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWToken_GetFWSlot(fwSession->fwToken);
-}
-
-/*
- * nssCFKWSession_GetSessionState
- *
- */
-NSS_IMPLEMENT CK_STATE
-nssCKFWSession_GetSessionState
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKS_RO_PUBLIC_SESSION; /* whatever */
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWToken_GetSessionState(fwSession->fwToken);
-}
-
-/*
- * nssCKFWSession_SetFWFindObjects
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* fwFindObjects may be null */
-#endif /* NSSDEBUG */
-
- if( ((NSSCKFWFindObjects *)NULL != fwSession->fwFindObjects) &&
- ((NSSCKFWFindObjects *)NULL != fwFindObjects) ) {
- return CKR_OPERATION_ACTIVE;
- }
-
- fwSession->fwFindObjects = fwFindObjects;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetFWFindObjects
- *
- */
-NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSCKFWFindObjects *)NULL == fwSession->fwFindObjects ) {
- *pError = CKR_OPERATION_NOT_INITIALIZED;
- return (NSSCKFWFindObjects *)NULL;
- }
-
- return fwSession->fwFindObjects;
-}
-
-/*
- * nssCKFWSession_SetMDSession
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetMDSession
-(
- NSSCKFWSession *fwSession,
- NSSCKMDSession *mdSession
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == mdSession ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSCKMDSession *)NULL != fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-
- fwSession->mdSession = mdSession;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetHandle
-(
- NSSCKFWSession *fwSession,
- CK_SESSION_HANDLE hSession
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) {
- return CKR_GENERAL_ERROR;
- }
-
- fwSession->hSession = hSession;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->hSession;
-}
-
-/*
- * nssCKFWSession_RegisterSessionObject
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_RegisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
-{
- CK_RV rv = CKR_OK;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
- rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
- }
-
- return rv;
-}
-
-/*
- * nssCKFWSession_DeregisterSessionObject
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
- nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
- }
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetDeviceError
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetDeviceError
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (CK_ULONG)0;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetDeviceError ) {
- return (CK_ULONG)0;
- }
-
- return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance);
-}
-
-/*
- * nssCKFWSession_Login
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Login
-(
- NSSCKFWSession *fwSession,
- CK_USER_TYPE userType,
- NSSItem *pin
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE oldState;
- CK_STATE newState;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- switch( userType ) {
- case CKU_SO:
- case CKU_USER:
- break;
- default:
- return CKR_USER_TYPE_INVALID;
- }
-
- if( (NSSItem *)NULL == pin ) {
- if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken) ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
- /*
- * It's not clear what happens when you're already logged in.
- * I'll just fail; but if we decide to change, the logic is
- * all right here.
- */
-
- if( CKU_SO == userType ) {
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- /*
- * There's no such thing as a read-only security officer
- * session, so fail. The error should be CKR_SESSION_READ_ONLY,
- * except that C_Login isn't defined to return that. So we'll
- * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
- */
- return CKR_SESSION_READ_ONLY_EXISTS;
- case CKS_RO_USER_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- case CKS_RW_PUBLIC_SESSION:
- newState = CKS_RW_SO_FUNCTIONS;
- break;
- case CKS_RW_USER_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- case CKS_RW_SO_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- default:
- return CKR_GENERAL_ERROR;
- }
- } else /* CKU_USER == userType */ {
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- newState = CKS_RO_USER_FUNCTIONS;
- break;
- case CKS_RO_USER_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- case CKS_RW_PUBLIC_SESSION:
- newState = CKS_RW_USER_FUNCTIONS;
- break;
- case CKS_RW_USER_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- case CKS_RW_SO_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- default:
- return CKR_GENERAL_ERROR;
- }
- }
-
- /*
- * So now we're in one of three cases:
- *
- * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
- * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
- * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
- */
-
- if( (void *)NULL == (void *)fwSession->mdSession->Login ) {
- /*
- * The Module doesn't want to be informed (or check the pin)
- * it'll just rely on the Framework as needed.
- */
- ;
- } else {
- error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, userType, pin, oldState, newState);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_Logout
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Logout
-(
- NSSCKFWSession *fwSession
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE oldState;
- CK_STATE newState;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- return CKR_USER_NOT_LOGGED_IN;
- case CKS_RO_USER_FUNCTIONS:
- newState = CKS_RO_PUBLIC_SESSION;
- break;
- case CKS_RW_PUBLIC_SESSION:
- return CKR_USER_NOT_LOGGED_IN;
- case CKS_RW_USER_FUNCTIONS:
- newState = CKS_RW_PUBLIC_SESSION;
- break;
- case CKS_RW_SO_FUNCTIONS:
- newState = CKS_RW_PUBLIC_SESSION;
- break;
- default:
- return CKR_GENERAL_ERROR;
- }
-
- /*
- * So now we're in one of three cases:
- *
- * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
- * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
- * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
- */
-
- if( (void *)NULL == (void *)fwSession->mdSession->Logout ) {
- /*
- * The Module doesn't want to be informed. Okay.
- */
- ;
- } else {
- error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, oldState, newState);
- if( CKR_OK != error ) {
- /*
- * Now what?! A failure really should end up with the Framework
- * considering it logged out, right?
- */
- ;
- }
- }
-
- (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
- return error;
-}
-
-/*
- * nssCKFWSession_InitPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_InitPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *pin
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE state;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- if( CKS_RW_SO_FUNCTIONS != state ) {
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- if( (NSSItem *)NULL == pin ) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (void *)NULL == (void *)fwSession->mdSession->InitPIN ) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, pin);
-
- return error;
-}
-
-/*
- * nssCKFWSession_SetPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *newPin,
- NSSItem *oldPin
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE state;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- if( (CKS_RW_SO_FUNCTIONS != state) &&
- (CKS_RW_USER_FUNCTIONS != state) ) {
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- if( (NSSItem *)NULL == newPin ) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (NSSItem *)NULL == oldPin ) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (void *)NULL == (void *)fwSession->mdSession->SetPIN ) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, newPin, oldPin);
-
- return error;
-}
-
-/*
- * nssCKFWSession_GetOperationStateLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
- CK_ULONG mdAmt;
- CK_ULONG fwAmt;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetOperationStateLen ) {
- *pError = CKR_STATE_UNSAVEABLE;
- }
-
- /*
- * We could check that the session is actually in some state..
- */
-
- mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, pError);
-
- if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) {
- return (CK_ULONG)0;
- }
-
- /*
- * Add a bit of sanity-checking
- */
- fwAmt = mdAmt + 2*sizeof(CK_ULONG);
-
- return fwAmt;
-}
-
-/*
- * nssCKFWSession_GetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG fwAmt;
- CK_ULONG *ulBuffer;
- NSSItem i2;
- CK_ULONG n, i;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == buffer ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == buffer->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetOperationState ) {
- return CKR_STATE_UNSAVEABLE;
- }
-
- /*
- * Sanity-check the caller's buffer.
- */
-
- error = CKR_OK;
- fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
- if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) {
- return error;
- }
-
- if( buffer->size < fwAmt ) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- ulBuffer = (CK_ULONG *)buffer->data;
-
- i2.size = buffer->size - 2*sizeof(CK_ULONG);
- i2.data = (void *)&ulBuffer[2];
-
- error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, &i2);
-
- if( CKR_OK != error ) {
- return error;
- }
-
- /*
- * Add a little integrety/identity check.
- * NOTE: right now, it's pretty stupid.
- * A CRC or something would be better.
- */
-
- ulBuffer[0] = 0x434b4657; /* CKFW */
- ulBuffer[1] = 0;
- n = i2.size/sizeof(CK_ULONG);
- for( i = 0; i < n; i++ ) {
- ulBuffer[1] ^= ulBuffer[2+i];
- }
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_SetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *state,
- NSSCKFWObject *encryptionKey,
- NSSCKFWObject *authenticationKey
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG *ulBuffer;
- CK_ULONG n, i;
- CK_ULONG x;
- NSSItem s;
- NSSCKMDObject *mdek;
- NSSCKMDObject *mdak;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == state ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == state->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKFWObject *)NULL != encryptionKey ) {
- error = nssCKFWObject_verifyPointer(encryptionKey);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- if( (NSSCKFWObject *)NULL != authenticationKey ) {
- error = nssCKFWObject_verifyPointer(authenticationKey);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- ulBuffer = (CK_ULONG *)state->data;
- if( 0x43b4657 != ulBuffer[0] ) {
- return CKR_SAVED_STATE_INVALID;
- }
- n = (state->size / sizeof(CK_ULONG)) - 2;
- x = (CK_ULONG)0;
- for( i = 0; i < n; i++ ) {
- x ^= ulBuffer[2+i];
- }
-
- if( x != ulBuffer[1] ) {
- return CKR_SAVED_STATE_INVALID;
- }
-
- if( (void *)NULL == (void *)fwSession->mdSession->SetOperationState ) {
- return CKR_GENERAL_ERROR;
- }
-
- s.size = state->size - 2*sizeof(CK_ULONG);
- s.data = (void *)&ulBuffer[2];
-
- if( (NSSCKFWObject *)NULL != encryptionKey ) {
- mdek = nssCKFWObject_GetMDObject(encryptionKey);
- } else {
- mdek = (NSSCKMDObject *)NULL;
- }
-
- if( (NSSCKFWObject *)NULL != authenticationKey ) {
- mdak = nssCKFWObject_GetMDObject(authenticationKey);
- } else {
- mdak = (NSSCKMDObject *)NULL;
- }
-
- error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
-
- if( CKR_OK != error ) {
- return error;
- }
-
- /*
- * Here'd we restore any session data
- */
-
- return CKR_OK;
-}
-
-static CK_BBOOL
-nss_attributes_form_token_object
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount
-)
-{
- CK_ULONG i;
- CK_BBOOL rv;
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* If we sanity-check, we can remove this sizeof check */
- if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) {
- (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
- return rv;
- } else {
- return CK_FALSE;
- }
- }
- }
-
- return CK_FALSE;
-}
-
-/*
- * nssCKFWSession_CreateObject
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject;
- CK_BBOOL isTokenObject;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Here would be an excellent place to sanity-check the object.
- */
-
- isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
- if( CK_TRUE == isTokenObject ) {
- /* === TOKEN OBJECT === */
-
- if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
- *pError = CKR_TOKEN_WRITE_PROTECTED;
- return (NSSCKFWObject *)NULL;
- }
-
- arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- goto callmdcreateobject;
- } else {
- /* === SESSION OBJECT === */
-
- arena = nssCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance) ) {
- /* --- module handles the session object -- */
-
- if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-
- goto callmdcreateobject;
- } else {
- /* --- framework handles the session object -- */
- mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
- arena, pTemplate, ulAttributeCount, pError);
- goto gotmdobject;
- }
- }
-
- callmdcreateobject:
- mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
- ulAttributeCount, pError);
-
- gotmdobject:
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject = nssCKFWObject_Create(arena, mdObject, fwSession,
- fwSession->fwToken, fwSession->fwInstance, pError);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- if( (void *)NULL != (void *)mdObject->Destroy ) {
- (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
- fwSession->mdSession, fwSession, fwSession->mdToken,
- fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
- }
-
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_FALSE == isTokenObject ) {
- if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) {
- *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
- if( CKR_OK != *pError ) {
- nssCKFWObject_Finalize(fwObject);
- return (NSSCKFWObject *)NULL;
- }
- }
- }
-
- return fwObject;
-}
-
-/*
- * nssCKFWSession_CopyObject
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- CK_BBOOL oldIsToken;
- CK_BBOOL newIsToken;
- CK_ULONG i;
- NSSCKFWObject *rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Sanity-check object
- */
-
- oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
-
- newIsToken = oldIsToken;
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* Since we sanity-checked the object, we know this is the right size. */
- (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
- break;
- }
- }
-
- /*
- * If the Module handles its session objects, or if both the new
- * and old object are token objects, use CopyObject if it exists.
- */
-
- if( ((void *)NULL != (void *)fwSession->mdSession->CopyObject) &&
- (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
- (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance))) ) {
- /* use copy object */
- NSSArena *arena;
- NSSCKMDObject *mdOldObject;
- NSSCKMDObject *mdObject;
-
- mdOldObject = nssCKFWObject_GetMDObject(fwObject);
-
- if( CK_TRUE == newIsToken ) {
- arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
- } else {
- arena = nssCKFWSession_GetArena(fwSession, pError);
- }
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
- fwObject, arena, pTemplate, ulAttributeCount, pError);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- rv = nssCKFWObject_Create(arena, mdObject, fwSession,
- fwSession->fwToken, fwSession->fwInstance, pError);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- if( (void *)NULL != (void *)mdObject->Destroy ) {
- (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
- fwSession->mdSession, fwSession, fwSession->mdToken,
- fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
- }
-
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_FALSE == newIsToken ) {
- if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
- *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
- if( CKR_OK != *pError ) {
- nssCKFWObject_Finalize(rv);
- return (NSSCKFWObject *)NULL;
- }
- }
- }
-
- return rv;
- } else {
- /* use create object */
- NSSArena *tmpArena;
- CK_ATTRIBUTE_PTR newTemplate;
- CK_ULONG i, j, n, newLength, k;
- CK_ATTRIBUTE_TYPE_PTR oldTypes;
- NSSCKFWObject *rv;
-
- tmpArena = NSSArena_Create();
- if( (NSSArena *)NULL == tmpArena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- n = nssCKFWObject_GetAttributeCount(fwObject, pError);
- if( (0 == n) && (CKR_OK != *pError) ) {
- return (NSSCKFWObject *)NULL;
- }
-
- oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) {
- NSSArena_Destroy(tmpArena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
- if( CKR_OK != *pError ) {
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
-
- newLength = n;
- for( i = 0; i < ulAttributeCount; i++ ) {
- for( j = 0; j < n; j++ ) {
- if( oldTypes[j] == pTemplate[i].type ) {
- if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
- /* Removing the attribute */
- newLength--;
- }
- break;
- }
- }
- if( j == n ) {
- /* Not found */
- newLength++;
- }
- }
-
- newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
- if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) {
- NSSArena_Destroy(tmpArena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- k = 0;
- for( j = 0; j < n; j++ ) {
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( oldTypes[j] == pTemplate[i].type ) {
- if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
- /* This attribute is being deleted */
- ;
- } else {
- /* This attribute is being replaced */
- newTemplate[k].type = pTemplate[i].type;
- newTemplate[k].pValue = pTemplate[i].pValue;
- newTemplate[k].ulValueLen = pTemplate[i].ulValueLen;
- k++;
- }
- break;
- }
- }
- if( i == ulAttributeCount ) {
- /* This attribute is being copied over from the old object */
- NSSItem item, *it;
- item.size = 0;
- item.data = (void *)NULL;
- it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
- &item, tmpArena, pError);
- if( (NSSItem *)NULL == it ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
- newTemplate[k].type = oldTypes[j];
- newTemplate[k].pValue = it->data;
- newTemplate[k].ulValueLen = it->size;
- k++;
- }
- }
- /* assert that k == newLength */
-
- rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
- if( (NSSCKFWObject *)NULL == rv ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
-
- NSSArena_Destroy(tmpArena);
- return rv;
- }
-}
-
-/*
- * nssCKFWSession_FindObjectsInit
- *
- */
-NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
- NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWFindObjects *)NULL;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance) ) {
- CK_ULONG i;
-
- /*
- * Does the search criteria restrict us to token or session
- * objects?
- */
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* Yes, it does. */
- CK_BBOOL isToken;
- if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (NSSCKFWFindObjects *)NULL;
- }
- (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
-
- if( CK_TRUE == isToken ) {
- /* Pass it on to the module's search routine */
- if( (void *)NULL == (void *)fwSession->mdSession->FindObjectsInit ) {
- goto wrap;
- }
-
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
- } else {
- /* Do the search ourselves */
- mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
- pTemplate, ulAttributeCount, pError);
- }
-
- if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
- }
-
- if( i == ulAttributeCount ) {
- /* No, it doesn't. Do a hybrid search. */
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
-
- if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
- pTemplate, ulAttributeCount, pError);
- if( (NSSCKMDFindObjects *)NULL == mdfo2 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- if( (void *)NULL != (void *)mdfo1->Final ) {
- mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance);
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
- /*NOTREACHED*/
- } else {
- /* Module handles all its own objects. Pass on to module's search */
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
-
- if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
-
- wrap:
- return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
- fwSession->fwInstance, mdfo1, mdfo2, pError);
-}
-
-/*
- * nssCKFWSession_SeedRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SeedRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *seed
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == seed ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == seed->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( 0 == seed->size ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->SeedRandom ) {
- return CKR_RANDOM_SEED_NOT_SUPPORTED;
- }
-
- error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, seed);
-
- return error;
-}
-
-/*
- * nssCKFWSession_GetRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == buffer ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == buffer->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetRandom ) {
- if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) {
- return CKR_GENERAL_ERROR;
- } else {
- return CKR_RANDOM_NO_RNG;
- }
- }
-
- if( 0 == buffer->size ) {
- return CKR_OK;
- }
-
- error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, buffer);
-
- return error;
-}
-
-/*
- * NSSCKFWSession_GetMDSession
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKMDSession *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_GetMDSession(fwSession);
-}
-
-/*
- * NSSCKFWSession_GetArena
- *
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_GetArena(fwSession, pError);
-}
-
-/*
- * NSSCKFWSession_CallNotification
- *
- */
-
-NSS_IMPLEMENT CK_RV
-NSSCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-)
-{
-#ifdef DEBUG
- CK_RV error = CKR_OK;
-
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_CallNotification(fwSession, event);
-}
-
-/*
- * NSSCKFWSession_IsRWSession
- *
- */
-
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_IsRWSession(fwSession);
-}
-
-/*
- * NSSCKFWSession_IsSO
- *
- */
-
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_IsSO(fwSession);
-}
diff --git a/security/nss/lib/ckfw/sessobj.c b/security/nss/lib/ckfw/sessobj.c
deleted file mode 100644
index 66555fe23..000000000
--- a/security/nss/lib/ckfw/sessobj.c
+++ /dev/null
@@ -1,1099 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * sessobj.c
- *
- * This file contains an NSSCKMDObject implementation for session
- * objects. The framework uses this implementation to manage
- * session objects when a Module doesn't wish to be bothered.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * nssCKMDSessionObject
- *
- * -- create --
- * nssCKMDSessionObject_Create
- *
- * -- EPV calls --
- * nss_ckmdSessionObject_Finalize
- * nss_ckmdSessionObject_IsTokenObject
- * nss_ckmdSessionObject_GetAttributeCount
- * nss_ckmdSessionObject_GetAttributeTypes
- * nss_ckmdSessionObject_GetAttributeSize
- * nss_ckmdSessionObject_GetAttribute
- * nss_ckmdSessionObject_SetAttribute
- * nss_ckmdSessionObject_GetObjectSize
- */
-
-struct nssCKMDSessionObjectStr {
- CK_ULONG n;
- NSSArena *arena;
- NSSItem *attributes;
- CK_ATTRIBUTE_TYPE_PTR types;
- nssCKFWHash *hash;
-};
-typedef struct nssCKMDSessionObjectStr nssCKMDSessionObject;
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-nss_ckmdSessionObject_add_pointer
-(
- const NSSCKMDObject *mdObject
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdSessionObject_remove_pointer
-(
- const NSSCKMDObject *mdObject
-)
-{
- return CKR_OK;
-}
-
-#ifdef NSS_DEBUG
-static CK_RV
-nss_ckmdSessionObject_verifyPointer
-(
- const NSSCKMDObject *mdObject
-)
-{
- return CKR_OK;
-}
-#endif
-
-#endif /* DEBUG */
-
-/*
- * We must forward-declare these routines
- */
-static void
-nss_ckmdSessionObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static CK_RV
-nss_ckmdSessionObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-static NSSCKFWItem
-nss_ckmdSessionObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKMDSessionObject_Create
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
- NSSCKFWToken *fwToken,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR attributes,
- CK_ULONG ulCount,
- CK_RV *pError
-)
-{
- NSSCKMDObject *mdObject = (NSSCKMDObject *)NULL;
- nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)NULL;
- CK_ULONG i;
- nssCKFWHash *hash;
-
- mdso = nss_ZNEW(arena, nssCKMDSessionObject);
- if( (nssCKMDSessionObject *)NULL == mdso ) {
- goto loser;
- }
-
- mdso->arena = arena;
- mdso->n = ulCount;
- mdso->attributes = nss_ZNEWARRAY(arena, NSSItem, ulCount);
- if( (NSSItem *)NULL == mdso->attributes ) {
- goto loser;
- }
-
- mdso->types = nss_ZNEWARRAY(arena, CK_ATTRIBUTE_TYPE, ulCount);
-
- for( i = 0; i < ulCount; i++ ) {
- mdso->types[i] = attributes[i].type;
- mdso->attributes[i].size = attributes[i].ulValueLen;
- mdso->attributes[i].data = nss_ZAlloc(arena, attributes[i].ulValueLen);
- if( (void *)NULL == mdso->attributes[i].data ) {
- goto loser;
- }
- (void)nsslibc_memcpy(mdso->attributes[i].data, attributes[i].pValue,
- attributes[i].ulValueLen);
- }
-
- mdObject = nss_ZNEW(arena, NSSCKMDObject);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- goto loser;
- }
-
- mdObject->etc = (void *)mdso;
- mdObject->Finalize = nss_ckmdSessionObject_Finalize;
- mdObject->Destroy = nss_ckmdSessionObject_Destroy;
- mdObject->IsTokenObject = nss_ckmdSessionObject_IsTokenObject;
- mdObject->GetAttributeCount = nss_ckmdSessionObject_GetAttributeCount;
- mdObject->GetAttributeTypes = nss_ckmdSessionObject_GetAttributeTypes;
- mdObject->GetAttributeSize = nss_ckmdSessionObject_GetAttributeSize;
- mdObject->GetAttribute = nss_ckmdSessionObject_GetAttribute;
- mdObject->SetAttribute = nss_ckmdSessionObject_SetAttribute;
- mdObject->GetObjectSize = nss_ckmdSessionObject_GetObjectSize;
-
- hash = nssCKFWToken_GetSessionObjectHash(fwToken);
- if( (nssCKFWHash *)NULL == hash ) {
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- mdso->hash = hash;
-
- *pError = nssCKFWHash_Add(hash, mdObject, mdObject);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
-#ifdef DEBUG
- if( CKR_OK != nss_ckmdSessionObject_add_pointer(mdObject) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return mdObject;
-
- loser:
- if( (nssCKMDSessionObject *)NULL != mdso ) {
- if( (NSSItem *)NULL != mdso->attributes ) {
- for( i = 0; i < ulCount; i++ ) {
- nss_ZFreeIf(mdso->attributes[i].data);
- }
-
- nss_ZFreeIf(mdso->attributes);
- }
-
- nss_ZFreeIf(mdso->types);
- nss_ZFreeIf(mdso);
- }
-
- nss_ZFreeIf(mdObject);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
-}
-
-/*
- * nss_ckmdSessionObject_Finalize
- *
- */
-static void
-nss_ckmdSessionObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- /* This shouldn't ever be called */
- return;
-}
-
-/*
- * nss_ckmdSessionObject_Destroy
- *
- */
-
-static CK_RV
-nss_ckmdSessionObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
- nssCKMDSessionObject *mdso;
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- mdso = (nssCKMDSessionObject *)mdObject->etc;
-
- nssCKFWHash_Remove(mdso->hash, mdObject);
-
- for( i = 0; i < mdso->n; i++ ) {
- nss_ZFreeIf(mdso->attributes[i].data);
- }
- nss_ZFreeIf(mdso->attributes);
- nss_ZFreeIf(mdso->types);
- nss_ZFreeIf(mdso);
- nss_ZFreeIf(mdObject);
-
-#ifdef DEBUG
- (void)nss_ckmdSessionObject_remove_pointer(mdObject);
-#endif /* DEBUG */
-
- return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_IsTokenObject
- *
- */
-
-static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdSessionObject_verifyPointer(mdObject) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- /*
- * This implementation is only ever used for session objects.
- */
- return CK_FALSE;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeCount
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- return obj->n;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeTypes
- *
- */
-static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
- nssCKMDSessionObject *obj;
-
-#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- if( ulCount < obj->n ) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- (void)nsslibc_memcpy(typeArray, obj->types,
- sizeof(CK_ATTRIBUTE_TYPE) * obj->n);
-
- return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeSize
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- return (CK_ULONG)(obj->attributes[i].size);
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttribute
- *
- */
-static NSSCKFWItem
-nss_ckmdSessionObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- NSSCKFWItem item;
- nssCKMDSessionObject *obj;
- CK_ULONG i;
-
- item.needsFreeing = PR_FALSE;
- item.item = NULL;
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return item;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return item;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- item.item = &obj->attributes[i];
- return item;
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return item;
-}
-
-/*
- * nss_ckmdSessionObject_SetAttribute
- *
- */
-
-/*
- * Okay, so this implementation sucks. It doesn't support removing
- * an attribute (if value == NULL), and could be more graceful about
- * memory. It should allow "blank" slots in the arrays, with some
- * invalid attribute type, and then it could support removal much
- * more easily. Do this later.
- */
-static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
- NSSItem n;
- NSSItem *ra;
- CK_ATTRIBUTE_TYPE_PTR rt;
-#ifdef NSSDEBUG
- CK_RV error;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- n.size = value->size;
- n.data = nss_ZAlloc(obj->arena, n.size);
- if( (void *)NULL == n.data ) {
- return CKR_HOST_MEMORY;
- }
- (void)nsslibc_memcpy(n.data, value->data, n.size);
-
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- nss_ZFreeIf(obj->attributes[i].data);
- obj->attributes[i] = n;
- return CKR_OK;
- }
- }
-
- /*
- * It's new.
- */
-
- ra = (NSSItem *)nss_ZRealloc(obj->attributes, sizeof(NSSItem) * (obj->n + 1));
- if( (NSSItem *)NULL == ra ) {
- nss_ZFreeIf(n.data);
- return CKR_HOST_MEMORY;
- }
-
- rt = (CK_ATTRIBUTE_TYPE_PTR)nss_ZRealloc(obj->types, (obj->n + 1));
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == rt ) {
- nss_ZFreeIf(n.data);
- obj->attributes = (NSSItem *)nss_ZRealloc(ra, sizeof(NSSItem) * obj->n);
- if( (NSSItem *)NULL == obj->attributes ) {
- return CKR_GENERAL_ERROR;
- }
- return CKR_HOST_MEMORY;
- }
-
- obj->attributes = ra;
- obj->types = rt;
- obj->attributes[obj->n] = n;
- obj->types[obj->n] = attribute;
- obj->n++;
-
- return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_GetObjectSize
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
- CK_ULONG rv = (CK_ULONG)0;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- for( i = 0; i < obj->n; i++ ) {
- rv += obj->attributes[i].size;
- }
-
- rv += sizeof(NSSItem) * obj->n;
- rv += sizeof(CK_ATTRIBUTE_TYPE) * obj->n;
- rv += sizeof(nssCKMDSessionObject);
-
- return rv;
-}
-
-/*
- * nssCKMDFindSessionObjects
- *
- * -- create --
- * nssCKMDFindSessionObjects_Create
- *
- * -- EPV calls --
- * nss_ckmdFindSessionObjects_Final
- * nss_ckmdFindSessionObjects_Next
- */
-
-struct nodeStr {
- struct nodeStr *next;
- NSSCKMDObject *mdObject;
-};
-
-struct nssCKMDFindSessionObjectsStr {
- NSSArena *arena;
- CK_RV error;
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulCount;
- struct nodeStr *list;
- nssCKFWHash *hash;
-
-};
-typedef struct nssCKMDFindSessionObjectsStr nssCKMDFindSessionObjects;
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-nss_ckmdFindSessionObjects_add_pointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdFindSessionObjects_remove_pointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
-{
- return CKR_OK;
-}
-
-#ifdef NSS_DEBUG
-static CK_RV
-nss_ckmdFindSessionObjects_verifyPointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
-{
- return CKR_OK;
-}
-#endif
-
-#endif /* DEBUG */
-
-/*
- * We must forward-declare these routines.
- */
-static void
-nss_ckmdFindSessionObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-static CK_BBOOL
-items_match
-(
- NSSItem *a,
- CK_VOID_PTR pValue,
- CK_ULONG ulValueLen
-)
-{
- if( a->size != ulValueLen ) {
- return CK_FALSE;
- }
-
- if( PR_TRUE == nsslibc_memequal(a->data, pValue, ulValueLen, (PRStatus *)NULL) ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
-}
-
-/*
- * Our hashtable iterator
- */
-static void
-findfcn
-(
- const void *key,
- void *value,
- void *closure
-)
-{
- NSSCKMDObject *mdObject = (NSSCKMDObject *)value;
- nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)mdObject->etc;
- nssCKMDFindSessionObjects *mdfso = (nssCKMDFindSessionObjects *)closure;
- CK_ULONG i, j;
- struct nodeStr *node;
-
- if( CKR_OK != mdfso->error ) {
- return;
- }
-
- for( i = 0; i < mdfso->ulCount; i++ ) {
- CK_ATTRIBUTE_PTR p = &mdfso->pTemplate[i];
-
- for( j = 0; j < mdso->n; j++ ) {
- if( mdso->types[j] == p->type ) {
- if( !items_match(&mdso->attributes[j], p->pValue, p->ulValueLen) ) {
- return;
- } else {
- break;
- }
- }
- }
-
- if( j == mdso->n ) {
- /* Attribute not found */
- return;
- }
- }
-
- /* Matches */
- node = nss_ZNEW(mdfso->arena, struct nodeStr);
- if( (struct nodeStr *)NULL == node ) {
- mdfso->error = CKR_HOST_MEMORY;
- return;
- }
-
- node->mdObject = mdObject;
- node->next = mdfso->list;
- mdfso->list = node;
-
- return;
-}
-
-/*
- * nssCKMDFindSessionObjects_Create
- *
- */
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
- NSSCKFWToken *fwToken,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- nssCKMDFindSessionObjects *mdfso;
- nssCKFWHash *hash;
- NSSCKMDFindObjects *rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- hash = nssCKFWToken_GetSessionObjectHash(fwToken);
- if( (nssCKFWHash *)NULL == hash ) {
- *pError= CKR_GENERAL_ERROR;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- mdfso = nss_ZNEW(arena, nssCKMDFindSessionObjects);
- if( (nssCKMDFindSessionObjects *)NULL == mdfso ) {
- NSSArena_Destroy(arena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
-
- mdfso->error = CKR_OK;
- mdfso->pTemplate = pTemplate;
- mdfso->ulCount = ulCount;
- mdfso->hash = hash;
-
- nssCKFWHash_Iterate(hash, findfcn, mdfso);
-
- if( CKR_OK != mdfso->error ) {
- NSSArena_Destroy(arena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- rv->etc = (void *)mdfso;
- rv->Final = nss_ckmdFindSessionObjects_Final;
- rv->Next = nss_ckmdFindSessionObjects_Next;
-
-#ifdef DEBUG
- if( (*pError = nss_ckmdFindSessionObjects_add_pointer(rv)) != CKR_OK ) {
- NSSArena_Destroy(arena);
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* DEBUG */
- mdfso->arena = arena;
-
- return rv;
-}
-
-static void
-nss_ckmdFindSessionObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nssCKMDFindSessionObjects *mdfso;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
- if (mdfso->arena) NSSArena_Destroy(mdfso->arena);
-
-#ifdef DEBUG
- (void)nss_ckmdFindSessionObjects_remove_pointer(mdFindObjects);
-#endif /* DEBUG */
-
- return;
-}
-
-static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- nssCKMDFindSessionObjects *mdfso;
- NSSCKMDObject *rv = (NSSCKMDObject *)NULL;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
- return (NSSCKMDObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
-
- while( (NSSCKMDObject *)NULL == rv ) {
- if( (struct nodeStr *)NULL == mdfso->list ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- if( nssCKFWHash_Exists(mdfso->hash, mdfso->list->mdObject) ) {
- rv = mdfso->list->mdObject;
- }
-
- mdfso->list = mdfso->list->next;
- }
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/slot.c b/security/nss/lib/ckfw/slot.c
deleted file mode 100644
index 4d3ae5761..000000000
--- a/security/nss/lib/ckfw/slot.c
+++ /dev/null
@@ -1,756 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * slot.c
- *
- * This file implements the NSSCKFWSlot type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWSlot
- *
- * -- create/destroy --
- * nssCKFWSlot_Create
- * nssCKFWSlot_Destroy
- *
- * -- public accessors --
- * NSSCKFWSlot_GetMDSlot
- * NSSCKFWSlot_GetFWInstance
- * NSSCKFWSlot_GetMDInstance
- *
- * -- implement public accessors --
- * nssCKFWSlot_GetMDSlot
- * nssCKFWSlot_GetFWInstance
- * nssCKFWSlot_GetMDInstance
- *
- * -- private accessors --
- * nssCKFWSlot_GetSlotID
- * nssCKFWSlot_ClearToken
- *
- * -- module fronts --
- * nssCKFWSlot_GetSlotDescription
- * nssCKFWSlot_GetManufacturerID
- * nssCKFWSlot_GetTokenPresent
- * nssCKFWSlot_GetRemovableDevice
- * nssCKFWSlot_GetHardwareSlot
- * nssCKFWSlot_GetHardwareVersion
- * nssCKFWSlot_GetFirmwareVersion
- * nssCKFWSlot_InitToken
- * nssCKFWSlot_GetToken
- */
-
-struct NSSCKFWSlotStr {
- NSSCKFWMutex *mutex;
- NSSCKMDSlot *mdSlot;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
- CK_SLOT_ID slotID;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The fwToken points to the token currently in the slot, and
- * it is in a consistant state.
- *
- * Note that the calls accessing the cached descriptions will
- * call the NSSCKMDSlot methods with the mutex locked. Those
- * methods may then call the public NSSCKFWSlot routines. Those
- * public routines only access the constant data above, so there's
- * no problem. But be careful if you add to this object; mutexes
- * are in general not reentrant, so don't create deadlock situations.
- */
-
- NSSUTF8 *slotDescription;
- NSSUTF8 *manufacturerID;
- CK_VERSION hardwareVersion;
- CK_VERSION firmwareVersion;
- NSSCKFWToken *fwToken;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-slot_add_pointer
-(
- const NSSCKFWSlot *fwSlot
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-slot_remove_pointer
-(
- const NSSCKFWSlot *fwSlot
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_verifyPointer
-(
- const NSSCKFWSlot *fwSlot
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWSlot_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSlot_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *mdSlot,
- CK_SLOT_ID slotID,
- CK_RV *pError
-)
-{
- NSSCKFWSlot *fwSlot;
- NSSCKMDInstance *mdInstance;
- NSSArena *arena;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
- if( (NSSCKMDInstance *)NULL == mdInstance ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWSlot *)NULL;
- }
-
- arena = nssCKFWInstance_GetArena(fwInstance, pError);
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- }
-
- fwSlot = nss_ZNEW(arena, NSSCKFWSlot);
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWSlot *)NULL;
- }
-
- fwSlot->mdSlot = mdSlot;
- fwSlot->fwInstance = fwInstance;
- fwSlot->mdInstance = mdInstance;
- fwSlot->slotID = slotID;
-
- fwSlot->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwSlot->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
-
- if( (void *)NULL != (void *)mdSlot->Initialize ) {
- *pError = CKR_OK;
- *pError = mdSlot->Initialize(mdSlot, fwSlot, mdInstance, fwInstance);
- if( CKR_OK != *pError ) {
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
- }
-
-#ifdef DEBUG
- *pError = slot_add_pointer(fwSlot);
- if( CKR_OK != *pError ) {
- if( (void *)NULL != (void *)mdSlot->Destroy ) {
- mdSlot->Destroy(mdSlot, fwSlot, mdInstance, fwInstance);
- }
-
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return fwSlot;
-}
-
-/*
- * nssCKFWSlot_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_Destroy
-(
- NSSCKFWSlot *fwSlot
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
- if (fwSlot->fwToken) {
- nssCKFWToken_Destroy(fwSlot->fwToken);
- }
-
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
-
- if( (void *)NULL != (void *)fwSlot->mdSlot->Destroy ) {
- fwSlot->mdSlot->Destroy(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
- }
-
-#ifdef DEBUG
- error = slot_remove_pointer(fwSlot);
-#endif /* DEBUG */
- (void)nss_ZFreeIf(fwSlot);
- return error;
-}
-
-/*
- * nssCKFWSlot_GetMDSlot
- *
- */
-NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->mdSlot;
-}
-
-/*
- * nssCKFWSlot_GetFWInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKFWInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->fwInstance;
-}
-
-/*
- * nssCKFWSlot_GetMDInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->mdInstance;
-}
-
-/*
- * nssCKFWSlot_GetSlotID
- *
- */
-NSS_IMPLEMENT CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (CK_SLOT_ID)0;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->slotID;
-}
-
-/*
- * nssCKFWSlot_GetSlotDescription
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetSlotDescription
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR slotDescription[64]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == slotDescription ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwSlot->slotDescription ) {
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetSlotDescription ) {
- fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
- fwSlot->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwSlot->slotDescription) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwSlot->slotDescription = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return error;
-}
-
-/*
- * nssCKFWSlot_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetManufacturerID
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR manufacturerID[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwSlot->manufacturerID ) {
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetManufacturerID ) {
- fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
- fwSlot->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwSlot->manufacturerID) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwSlot->manufacturerID = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return error;
-}
-
-/*
- * nssCKFWSlot_GetTokenPresent
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetTokenPresent ) {
- return CK_TRUE;
- }
-
- return fwSlot->mdSlot->GetTokenPresent(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetRemovableDevice
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetRemovableDevice ) {
- return CK_FALSE;
- }
-
- return fwSlot->mdSlot->GetRemovableDevice(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetHardwareSlot
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetHardwareSlot ) {
- return CK_FALSE;
- }
-
- return fwSlot->mdSlot->GetHardwareSlot(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetHardwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
- NSSCKFWSlot *fwSlot
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwSlot->hardwareVersion.major) ||
- (0 != fwSlot->hardwareVersion.minor) ) {
- rv = fwSlot->hardwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetHardwareVersion ) {
- fwSlot->hardwareVersion = fwSlot->mdSlot->GetHardwareVersion(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
- } else {
- fwSlot->hardwareVersion.major = 0;
- fwSlot->hardwareVersion.minor = 1;
- }
-
- rv = fwSlot->hardwareVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return rv;
-}
-
-/*
- * nssCKFWSlot_GetFirmwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
- NSSCKFWSlot *fwSlot
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwSlot->firmwareVersion.major) ||
- (0 != fwSlot->firmwareVersion.minor) ) {
- rv = fwSlot->firmwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetFirmwareVersion ) {
- fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
- } else {
- fwSlot->firmwareVersion.major = 0;
- fwSlot->firmwareVersion.minor = 1;
- }
-
- rv = fwSlot->firmwareVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return rv;
-}
-
-/*
- * nssCKFWSlot_GetToken
- *
- */
-NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
- NSSCKFWSlot *fwSlot,
- CK_RV *pError
-)
-{
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWToken *)NULL;
- }
-
- *pError = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != *pError ) {
- return (NSSCKFWToken *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWToken *)NULL;
- }
-
- if( (NSSCKFWToken *)NULL == fwSlot->fwToken ) {
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetToken ) {
- *pError = CKR_GENERAL_ERROR;
- fwToken = (NSSCKFWToken *)NULL;
- goto done;
- }
-
- mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance, pError);
- if( (NSSCKMDToken *)NULL == mdToken ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWToken *)NULL;
- }
-
- fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
- fwSlot->fwToken = fwToken;
- } else {
- fwToken = fwSlot->fwToken;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return fwToken;
-}
-
-/*
- * nssCKFWSlot_ClearToken
- *
- */
-NSS_IMPLEMENT void
-nssCKFWSlot_ClearToken
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- /* Now what? */
- return;
- }
-
- fwSlot->fwToken = (NSSCKFWToken *)NULL;
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return;
-}
-
-/*
- * NSSCKFWSlot_GetMDSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSlot_GetMDSlot(fwSlot);
-}
-
-/*
- * NSSCKFWSlot_GetFWInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKFWInstance *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSlot_GetFWInstance(fwSlot);
-}
-
-/*
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSlot_GetMDInstance(fwSlot);
-}
diff --git a/security/nss/lib/ckfw/token.c b/security/nss/lib/ckfw/token.c
deleted file mode 100644
index f0e04eb3f..000000000
--- a/security/nss/lib/ckfw/token.c
+++ /dev/null
@@ -1,1869 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * token.c
- *
- * This file implements the NSSCKFWToken type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWToken
- *
- * -- create/destroy --
- * nssCKFWToken_Create
- * nssCKFWToken_Destroy
- *
- * -- public accessors --
- * NSSCKFWToken_GetMDToken
- * NSSCKFWToken_GetFWSlot
- * NSSCKFWToken_GetMDSlot
- * NSSCKFWToken_GetSessionState
- *
- * -- implement public accessors --
- * nssCKFWToken_GetMDToken
- * nssCKFWToken_GetFWSlot
- * nssCKFWToken_GetMDSlot
- * nssCKFWToken_GetSessionState
- * nssCKFWToken_SetSessionState
- *
- * -- private accessors --
- * nssCKFWToken_SetSessionState
- * nssCKFWToken_RemoveSession
- * nssCKFWToken_CloseAllSessions
- * nssCKFWToken_GetSessionCount
- * nssCKFWToken_GetRwSessionCount
- * nssCKFWToken_GetRoSessionCount
- * nssCKFWToken_GetSessionObjectHash
- * nssCKFWToken_GetMDObjectHash
- * nssCKFWToken_GetObjectHandleHash
- *
- * -- module fronts --
- * nssCKFWToken_InitToken
- * nssCKFWToken_GetLabel
- * nssCKFWToken_GetManufacturerID
- * nssCKFWToken_GetModel
- * nssCKFWToken_GetSerialNumber
- * nssCKFWToken_GetHasRNG
- * nssCKFWToken_GetIsWriteProtected
- * nssCKFWToken_GetLoginRequired
- * nssCKFWToken_GetUserPinInitialized
- * nssCKFWToken_GetRestoreKeyNotNeeded
- * nssCKFWToken_GetHasClockOnToken
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- * nssCKFWToken_GetSupportsDualCryptoOperations
- * nssCKFWToken_GetMaxSessionCount
- * nssCKFWToken_GetMaxRwSessionCount
- * nssCKFWToken_GetMaxPinLen
- * nssCKFWToken_GetMinPinLen
- * nssCKFWToken_GetTotalPublicMemory
- * nssCKFWToken_GetFreePublicMemory
- * nssCKFWToken_GetTotalPrivateMemory
- * nssCKFWToken_GetFreePrivateMemory
- * nssCKFWToken_GetHardwareVersion
- * nssCKFWToken_GetFirmwareVersion
- * nssCKFWToken_GetUTCTime
- * nssCKFWToken_OpenSession
- * nssCKFWToken_GetMechanismCount
- * nssCKFWToken_GetMechanismTypes
- * nssCKFWToken_GetMechanism
- */
-
-struct NSSCKFWTokenStr {
- NSSCKFWMutex *mutex;
- NSSArena *arena;
- NSSCKMDToken *mdToken;
- NSSCKFWSlot *fwSlot;
- NSSCKMDSlot *mdSlot;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The session counts and hashes are consistant.
- *
- * 3) The object hashes are consistant.
- *
- * Note that the calls accessing the cached descriptions will call
- * the NSSCKMDToken methods with the mutex locked. Those methods
- * may then call the public NSSCKFWToken routines. Those public
- * routines only access the constant data above and the atomic
- * CK_STATE session state variable below, so there's no problem.
- * But be careful if you add to this object; mutexes are in
- * general not reentrant, so don't create deadlock situations.
- */
-
- NSSUTF8 *label;
- NSSUTF8 *manufacturerID;
- NSSUTF8 *model;
- NSSUTF8 *serialNumber;
- CK_VERSION hardwareVersion;
- CK_VERSION firmwareVersion;
-
- CK_ULONG sessionCount;
- CK_ULONG rwSessionCount;
- nssCKFWHash *sessions;
- nssCKFWHash *sessionObjectHash;
- nssCKFWHash *mdObjectHash;
-
- CK_STATE state;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-token_add_pointer
-(
- const NSSCKFWToken *fwToken
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-token_remove_pointer
-(
- const NSSCKFWToken *fwToken
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_verifyPointer
-(
- const NSSCKFWToken *fwToken
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWToken_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWToken_Create
-(
- NSSCKFWSlot *fwSlot,
- NSSCKMDToken *mdToken,
- CK_RV *pError
-)
-{
- NSSArena *arena = (NSSArena *)NULL;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- CK_BBOOL called_setup = CK_FALSE;
-
- /*
- * We have already verified the arguments in nssCKFWSlot_GetToken.
- */
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwToken = nss_ZNEW(arena, NSSCKFWToken);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwToken->arena = arena;
- fwToken->mdToken = mdToken;
- fwToken->fwSlot = fwSlot;
- fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
- fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- fwToken->sessionCount = 0;
- fwToken->rwSessionCount = 0;
-
- fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwToken->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
- if( (nssCKFWHash *)NULL == fwToken->sessions ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwToken->fwInstance) ) {
- fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if( (nssCKFWHash *)NULL == fwToken->sessionObjectHash ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
- }
-
- fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if( (nssCKFWHash *)NULL == fwToken->mdObjectHash ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- /* More here */
-
- if( (void *)NULL != (void *)mdToken->Setup ) {
- *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- if( CKR_OK != *pError ) {
- goto loser;
- }
- }
-
- called_setup = CK_TRUE;
-
-#ifdef DEBUG
- *pError = token_add_pointer(fwToken);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return fwToken;
-
- loser:
-
- if( CK_TRUE == called_setup ) {
- if( (void *)NULL != (void *)mdToken->Invalidate ) {
- mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- }
- }
-
- if( (NSSArena *)NULL != arena ) {
- (void)NSSArena_Destroy(arena);
- }
-
- return (NSSCKFWToken *)NULL;
-}
-
-static void
-nss_ckfwtoken_session_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
-{
- /*
- * Remember that the fwToken->mutex is locked
- */
- NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- return;
-}
-
-/*
- * nssCKFWToken_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_Destroy
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwToken->mutex);
-
- if( (void *)NULL != (void *)fwToken->mdToken->Invalidate ) {
- fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
- }
- /* we can destroy the list without locking now because no one else is
- * referencing us (or _Destroy was invalidly called!)
- */
- nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator,
- (void *)NULL);
- nssCKFWHash_Destroy(fwToken->sessions);
-
- if (fwToken->sessionObjectHash) {
- nssCKFWHash_Destroy(fwToken->sessionObjectHash);
- }
- if (fwToken->mdObjectHash) {
- nssCKFWHash_Destroy(fwToken->mdObjectHash);
- }
-
- nssCKFWSlot_ClearToken(fwToken->fwSlot);
-
-#ifdef DEBUG
- error = token_remove_pointer(fwToken);
-#endif /* DEBUG */
-
- (void)NSSArena_Destroy(fwToken->arena);
- return error;
-}
-
-/*
- * nssCKFWToken_GetMDToken
- *
- */
-NSS_IMPLEMENT NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDToken *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdToken;
-}
-
-/*
- * nssCKFWToken_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->arena;
-}
-
-/*
- * nssCKFWToken_GetFWSlot
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->fwSlot;
-}
-
-/*
- * nssCKFWToken_GetMDSlot
- *
- */
-NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdSlot;
-}
-
-/*
- * nssCKFWToken_GetSessionState
- *
- */
-NSS_IMPLEMENT CK_STATE
-nssCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKS_RO_PUBLIC_SESSION; /* whatever */
- }
-#endif /* NSSDEBUG */
-
- /*
- * BTW, do not lock the token in this method.
- */
-
- /*
- * Theoretically, there is no state if there aren't any
- * sessions open. But then we'd need to worry about
- * reporting an error, etc. What the heck-- let's just
- * revert to CKR_RO_PUBLIC_SESSION as the "default."
- */
-
- return fwToken->state;
-}
-
-/*
- * nssCKFWToken_InitToken
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_InitToken
-(
- NSSCKFWToken *fwToken,
- NSSItem *pin,
- NSSUTF8 *label
-)
-{
- CK_RV error;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( fwToken->sessionCount > 0 ) {
- error = CKR_SESSION_EXISTS;
- goto done;
- }
-
- if( (void *)NULL == (void *)fwToken->mdToken->InitToken ) {
- error = CKR_DEVICE_ERROR;
- goto done;
- }
-
- if( (NSSItem *)NULL == pin ) {
- if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
- ; /* okay */
- } else {
- error = CKR_PIN_INCORRECT;
- goto done;
- }
- }
-
- if( (NSSUTF8 *)NULL == label ) {
- label = (NSSUTF8 *) "";
- }
-
- error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, pin, label);
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetLabel
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetLabel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR label[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == label ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->label ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetLabel ) {
- fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->label) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->label = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetManufacturerID
-(
- NSSCKFWToken *fwToken,
- CK_CHAR manufacturerID[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->manufacturerID ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetManufacturerID ) {
- fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->manufacturerID) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->manufacturerID = (NSSUTF8 *)"";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetModel
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetModel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR model[16]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == model ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->model ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetModel ) {
- fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->model) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->model = (NSSUTF8 *)"";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetSerialNumber
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetSerialNumber
-(
- NSSCKFWToken *fwToken,
- CK_CHAR serialNumber[16]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == serialNumber ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->serialNumber ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetSerialNumber ) {
- fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->serialNumber) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->serialNumber = (NSSUTF8 *)"";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-
-/*
- * nssCKFWToken_GetHasRNG
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetHasRNG ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetIsWriteProtected
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetIsWriteProtected ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetLoginRequired
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetLoginRequired ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetUserPinInitialized
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetUserPinInitialized ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetRestoreKeyNotNeeded
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetRestoreKeyNotNeeded ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHasClockOnToken
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetHasClockOnToken ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetHasProtectedAuthenticationPath ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetSupportsDualCryptoOperations
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetSupportsDualCryptoOperations ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMaxSessionCount ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxRwSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMaxRwSessionCount ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxPinLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMaxPinLen ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMinPinLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMinPinLen ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetTotalPublicMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetTotalPublicMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetFreePublicMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetFreePublicMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetTotalPrivateMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetTotalPrivateMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetFreePrivateMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetFreePrivateMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHardwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwToken->hardwareVersion.major) ||
- (0 != fwToken->hardwareVersion.minor) ) {
- rv = fwToken->hardwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwToken->mdToken->GetHardwareVersion ) {
- fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
- fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- } else {
- fwToken->hardwareVersion.major = 0;
- fwToken->hardwareVersion.minor = 1;
- }
-
- rv = fwToken->hardwareVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetFirmwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwToken->firmwareVersion.major) ||
- (0 != fwToken->firmwareVersion.minor) ) {
- rv = fwToken->firmwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwToken->mdToken->GetFirmwareVersion ) {
- fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
- fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- } else {
- fwToken->firmwareVersion.major = 0;
- fwToken->firmwareVersion.minor = 1;
- }
-
- rv = fwToken->firmwareVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetUTCTime
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetUTCTime
-(
- NSSCKFWToken *fwToken,
- CK_CHAR utcTime[16]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (CK_CHAR_PTR)NULL == utcTime ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* DEBUG */
-
- if( CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken) ) {
- /* return CKR_DEVICE_ERROR; */
- (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
- return CKR_OK;
- }
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetUTCTime ) {
- /* It said it had one! */
- return CKR_GENERAL_ERROR;
- }
-
- error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, utcTime);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* Sanity-check the data */
- {
- /* Format is YYYYMMDDhhmmss00 */
- int i;
- int Y, M, D, h, m, s, z;
- static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
-
- for( i = 0; i < 16; i++ ) {
- if( (utcTime[i] < '0') || (utcTime[i] > '9') ) {
- goto badtime;
- }
- }
-
- Y = ((utcTime[ 0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
- ((utcTime[ 2] - '0') * 10) + (utcTime[ 3] - '0');
- M = ((utcTime[ 4] - '0') * 10) + (utcTime[ 5] - '0');
- D = ((utcTime[ 6] - '0') * 10) + (utcTime[ 7] - '0');
- h = ((utcTime[ 8] - '0') * 10) + (utcTime[ 9] - '0');
- m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
- s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
- z = ((utcTime[14] - '0') * 10) + (utcTime[15] - '0');
-
- if( (Y < 1990) || (Y > 3000) ) goto badtime; /* Y3K problem. heh heh heh */
- if( (M < 1) || (M > 12) ) goto badtime;
- if( (D < 1) || (D > 31) ) goto badtime;
-
- if( D > dims[M-1] ) goto badtime; /* per-month check */
- if( (2 == M) && (((Y%4)||!(Y%100))&&(Y%400)) && (D > 28) ) goto badtime; /* leap years */
-
- if( (h < 0) || (h > 23) ) goto badtime;
- if( (m < 0) || (m > 60) ) goto badtime;
- if( (s < 0) || (s > 61) ) goto badtime;
-
- /* 60m and 60 or 61s is only allowed for leap seconds. */
- if( (60 == m) || (s >= 60) ) {
- if( (23 != h) || (60 != m) || (s < 60) ) goto badtime;
- /* leap seconds can only happen on June 30 or Dec 31.. I think */
- /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
- }
- }
-
- return CKR_OK;
-
- badtime:
- return CKR_GENERAL_ERROR;
-}
-
-/*
- * nssCKFWToken_OpenSession
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-)
-{
- NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
- NSSCKMDSession *mdSession;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- switch( rw ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- if( CK_TRUE == rw ) {
- /* Read-write session desired */
- if( CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken) ) {
- *pError = CKR_TOKEN_WRITE_PROTECTED;
- goto done;
- }
- } else {
- /* Read-only session desired */
- if( CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken) ) {
- *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
- goto done;
- }
- }
-
- /* We could compare sesion counts to any limits we know of, I guess.. */
-
- if( (void *)NULL == (void *)fwToken->mdToken->OpenSession ) {
- /*
- * I'm not sure that the Module actually needs to implement
- * mdSessions -- the Framework can keep track of everything
- * needed, really. But I'll sort out that detail later..
- */
- *pError = CKR_GENERAL_ERROR;
- goto done;
- }
-
- fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, fwSession,
- rw, pError);
- if( (NSSCKMDSession *)NULL == mdSession ) {
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
- if( CKR_OK != *pError ) {
- if( (void *)NULL != (void *)mdSession->Close ) {
- mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
- }
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
- if( CKR_OK != *pError ) {
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- fwSession = (NSSCKFWSession *)NULL;
- goto done;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return fwSession;
-}
-
-/*
- * nssCKFWToken_GetMechanismCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return 0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMechanismCount ) {
- return 0;
- }
-
- return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMechanismTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetMechanismTypes
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE types[]
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (CK_MECHANISM_TYPE *)NULL == types ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMechanismTypes ) {
- /*
- * This should only be called with a sufficiently-large
- * "types" array, which can only be done if GetMechanismCount
- * is implemented. If that's implemented (and returns nonzero),
- * then this should be too. So return an error.
- */
- return CKR_GENERAL_ERROR;
- }
-
- return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, types);
-}
-
-
-/*
- * nssCKFWToken_GetMechanism
- *
- */
-NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-)
-{
- /* XXX fgmr */
- return (NSSCKFWMechanism *)NULL;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_SetSessionState
-(
- NSSCKFWToken *fwToken,
- CK_STATE newState
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- switch( newState ) {
- case CKS_RO_PUBLIC_SESSION:
- case CKS_RO_USER_FUNCTIONS:
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RW_USER_FUNCTIONS:
- case CKS_RW_SO_FUNCTIONS:
- break;
- default:
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- fwToken->state = newState;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return CKR_OK;
-}
-
-/*
- * nssCKFWToken_RemoveSession
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_RemoveSession
-(
- NSSCKFWToken *fwToken,
- NSSCKFWSession *fwSession
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession) ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto done;
- }
-
- nssCKFWHash_Remove(fwToken->sessions, fwSession);
- fwToken->sessionCount--;
-
- if( nssCKFWSession_IsRWSession(fwSession) ) {
- fwToken->rwSessionCount--;
- }
-
- if( 0 == fwToken->sessionCount ) {
- fwToken->rwSessionCount = 0; /* sanity */
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- }
-
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-
-/*
- * nssCKFWToken_CloseAllSessions
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_CloseAllSessions
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
-
- nssCKFWHash_Destroy(fwToken->sessions);
-
- fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
- if( (nssCKFWHash *)NULL == fwToken->sessions ) {
- if( CKR_OK == error ) {
- error = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- fwToken->sessionCount = 0;
- fwToken->rwSessionCount = 0;
-
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
-
- rv = fwToken->sessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetRwSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
-
- rv = fwToken->rwSessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetRoSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
-
- rv = fwToken->sessionCount - fwToken->rwSessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetSessionObjectHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->sessionObjectHash;
-}
-
-/*
- * nssCKFWToken_GetMDObjectHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdObjectHash;
-}
-
-/*
- * nssCKFWToken_GetObjectHandleHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdObjectHash;
-}
-
-/*
- * NSSCKFWToken_GetMDToken
- *
- */
-
-NSS_IMPLEMENT NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDToken *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetMDToken(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetArena
- *
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetArena(fwToken, pError);
-}
-
-/*
- * NSSCKFWToken_GetFWSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetFWSlot(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetMDSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetMDSlot(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetSessionState
- *
- */
-
-NSS_IMPLEMENT CK_STATE
-NSSCKFWSession_GetSessionState
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKS_RO_PUBLIC_SESSION;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetSessionState(fwToken);
-}
diff --git a/security/nss/lib/ckfw/wrap.c b/security/nss/lib/ckfw/wrap.c
deleted file mode 100644
index 08ad62baf..000000000
--- a/security/nss/lib/ckfw/wrap.c
+++ /dev/null
@@ -1,3412 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * wrap.c
- *
- * This file contains the routines that actually implement the cryptoki
- * API, using the internal APIs of the NSS Cryptoki Framework. There is
- * one routine here for every cryptoki routine. For linking reasons
- * the actual entry points passed back with C_GetFunctionList have to
- * exist in one of the Module's source files; however, those are merely
- * simple wrappers that call these routines. The intelligence of the
- * implementations is here.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWC_Initialize
- * NSSCKFWC_Finalize
- * NSSCKFWC_GetInfo
- * -- NSSCKFWC_GetFunctionList -- see the API insert file
- * NSSCKFWC_GetSlotList
- * NSSCKFWC_GetSlotInfo
- * NSSCKFWC_GetTokenInfo
- * NSSCKFWC_WaitForSlotEvent
- * NSSCKFWC_GetMechanismList
- * NSSCKFWC_GetMechanismInfo
- * NSSCKFWC_InitToken
- * NSSCKFWC_InitPIN
- * NSSCKFWC_SetPIN
- * NSSCKFWC_OpenSession
- * NSSCKFWC_CloseSession
- * NSSCKFWC_CloseAllSessions
- * NSSCKFWC_GetSessionInfo
- * NSSCKFWC_GetOperationState
- * NSSCKFWC_SetOperationState
- * NSSCKFWC_Login
- * NSSCKFWC_Logout
- * NSSCKFWC_CreateObject
- * NSSCKFWC_CopyObject
- * NSSCKFWC_DestroyObject
- * NSSCKFWC_GetObjectSize
- * NSSCKFWC_GetAttributeValue
- * NSSCKFWC_SetAttributeValue
- * NSSCKFWC_FindObjectsInit
- * NSSCKFWC_FindObjects
- * NSSCKFWC_FindObjectsFinal
- * NSSCKFWC_EncryptInit
- * NSSCKFWC_Encrypt
- * NSSCKFWC_EncryptUpdate
- * NSSCKFWC_EncryptFinal
- * NSSCKFWC_DecryptInit
- * NSSCKFWC_Decrypt
- * NSSCKFWC_DecryptUpdate
- * NSSCKFWC_DecryptFinal
- * NSSCKFWC_DigestInit
- * NSSCKFWC_Digest
- * NSSCKFWC_DigestUpdate
- * NSSCKFWC_DigestKey
- * NSSCKFWC_DigestFinal
- * NSSCKFWC_SignInit
- * NSSCKFWC_Sign
- * NSSCKFWC_SignUpdate
- * NSSCKFWC_SignFinal
- * NSSCKFWC_SignRecoverInit
- * NSSCKFWC_SignRecover
- * NSSCKFWC_VerifyInit
- * NSSCKFWC_Verify
- * NSSCKFWC_VerifyUpdate
- * NSSCKFWC_VerifyFinal
- * NSSCKFWC_VerifyRecoverInit
- * NSSCKFWC_VerifyRecover
- * NSSCKFWC_DigestEncryptUpdate
- * NSSCKFWC_DecryptDigestUpdate
- * NSSCKFWC_SignEncryptUpdate
- * NSSCKFWC_DecryptVerifyUpdate
- * NSSCKFWC_GenerateKey
- * NSSCKFWC_GenerateKeyPair
- * NSSCKFWC_WrapKey
- * NSSCKFWC_UnwrapKey
- * NSSCKFWC_DeriveKey
- * NSSCKFWC_SeedRandom
- * NSSCKFWC_GenerateRandom
- * NSSCKFWC_GetFunctionStatus
- * NSSCKFWC_CancelFunction
- */
-
-/*
- * NSSCKFWC_Initialize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Initialize
-(
- NSSCKFWInstance **pFwInstance,
- NSSCKMDInstance *mdInstance,
- CK_VOID_PTR pInitArgs
-)
-{
- CK_RV error = CKR_OK;
-
- if( (NSSCKFWInstance **)NULL == pFwInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- if( (NSSCKFWInstance *)NULL != *pFwInstance ) {
- error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
- goto loser;
- }
-
- if( (NSSCKMDInstance *)NULL == mdInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- /* remember the locking args for those times we need to get a lock in code
- * outside the framework.
- */
- nssSetLockArgs(pInitArgs);
-
- *pFwInstance = nssCKFWInstance_Create(pInitArgs, mdInstance, &error);
- if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CANT_LOCK:
- case CKR_CRYPTOKI_ALREADY_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_NEED_TO_CREATE_THREADS:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_Finalize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Finalize
-(
- NSSCKFWInstance **pFwInstance
-)
-{
- CK_RV error = CKR_OK;
-
- if( (NSSCKFWInstance **)NULL == pFwInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- error = nssCKFWInstance_Destroy(*pFwInstance);
-
- /* In any case */
- *pFwInstance = (NSSCKFWInstance *)NULL;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OK:
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
-
- if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here means a caller error
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
-
- pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
-
- error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
-
- error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * C_GetFunctionList is implemented entirely in the Module's file which
- * includes the Framework API insert file. It requires no "actual"
- * NSSCKFW routine.
- */
-
-/*
- * NSSCKFWC_GetSlotList
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotList
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- switch( tokenPresent ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
- *pulCount = nSlots;
- return CKR_OK;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
-
- if( *pulCount < nSlots ) {
- *pulCount = nSlots;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- } else {
- CK_ULONG i;
- *pulCount = nSlots;
-
- /*
- * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
- * just index one when we need it.
- */
-
- for( i = 0; i < nSlots; i++ ) {
- pSlotList[i] = i+1;
- }
-
- return CKR_OK;
- }
-
- loser:
- switch( error ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetSlotInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- pInfo->flags |= CKF_TOKEN_PRESENT;
- }
-
- if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
- pInfo->flags |= CKF_REMOVABLE_DEVICE;
- }
-
- if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
- pInfo->flags |= CKF_HW_SLOT;
- }
-
- pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
- pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetTokenInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetTokenInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetModel(fwToken, pInfo->model);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- if( nssCKFWToken_GetHasRNG(fwToken) ) {
- pInfo->flags |= CKF_RNG;
- }
-
- if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
- pInfo->flags |= CKF_WRITE_PROTECTED;
- }
-
- if( nssCKFWToken_GetLoginRequired(fwToken) ) {
- pInfo->flags |= CKF_LOGIN_REQUIRED;
- }
-
- if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
- pInfo->flags |= CKF_USER_PIN_INITIALIZED;
- }
-
- if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
- pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
- }
-
- if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
- pInfo->flags |= CKF_CLOCK_ON_TOKEN;
- }
-
- if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
- pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
- }
-
- if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
- pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
- }
-
- pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
- pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
- pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
- pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
- pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
- pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
- pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
- pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
- pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
- pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
- pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
- pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
-
- error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_WaitForSlotEvent
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- CK_BBOOL block;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- CK_ULONG i;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- if( flags & ~CKF_DONT_BLOCK ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- goto loser;
- }
-
- for( i = 0; i < nSlots; i++ ) {
- if( fwSlot == slots[i] ) {
- *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
- return CKR_OK;
- }
- }
-
- error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_NO_EVENT:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetMechanismList
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismList
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- CK_ULONG count;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- count = nssCKFWToken_GetMechanismCount(fwToken);
-
- if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
- *pulCount = count;
- return CKR_OK;
- }
-
- if( *pulCount < count ) {
- *pulCount = count;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
-
- *pulCount = count;
-
- if( 0 != count ) {
- error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
- } else {
- error = CKR_OK;
- }
-
- if( CKR_OK == error ) {
- return CKR_OK;
- }
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetMechanismInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSCKFWMechanism *fwMechanism;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
- if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
- goto loser;
- }
-
- pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism);
- pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism);
-
- if( nssCKFWMechanism_GetInHardware(fwMechanism) ) {
- pInfo->flags |= CKF_HW;
- }
-
- /* More here... */
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_InitToken
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitToken
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSItem pin;
- NSSUTF8 *label;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- label = (NSSUTF8 *)pLabel; /* identity conversion */
-
- error = nssCKFWToken_InitToken(fwToken, &pin, label);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_EXISTS:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_InitPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem pin, *arg;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
- arg = (NSSItem *)NULL;
- } else {
- arg = &pin;
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- }
-
- error = nssCKFWSession_InitPIN(fwSession, arg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INVALID:
- case CKR_PIN_LEN_RANGE:
- case CKR_SESSION_READ_ONLY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_SetPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem oldPin, newPin, *oldArg, *newArg;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
- oldArg = (NSSItem *)NULL;
- } else {
- oldArg = &oldPin;
- oldPin.size = (PRUint32)ulOldLen;
- oldPin.data = (void *)pOldPin;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
- newArg = (NSSItem *)NULL;
- } else {
- newArg = &newPin;
- newPin.size = (PRUint32)ulNewLen;
- newPin.data = (void *)pNewPin;
- }
-
- error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_INVALID:
- case CKR_PIN_LEN_RANGE:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_OpenSession
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_OpenSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSCKFWSession *fwSession;
- CK_BBOOL rw;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( flags & CKF_RW_SESSION ) {
- rw = CK_TRUE;
- } else {
- rw = CK_FALSE;
- }
-
- if( flags & CKF_SERIAL_SESSION ) {
- ;
- } else {
- error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
- goto loser;
- }
-
- if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phSession = (CK_SESSION_HANDLE)0;
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
- Notify, &error);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- goto loser;
- }
-
- *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
- fwSession, &error);
- if( (CK_SESSION_HANDLE)0 == *phSession ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_COUNT:
- case CKR_SESSION_EXISTS:
- case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
- case CKR_SESSION_READ_WRITE_SO_EXISTS:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_PRESENT:
- case CKR_TOKEN_NOT_RECOGNIZED:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CloseSession
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
- error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CloseAllSessions
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseAllSessions
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- error = nssCKFWToken_CloseAllSessions(fwToken);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_PRESENT:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetSessionInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSessionInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
- pInfo->state = nssCKFWSession_GetSessionState(fwSession);
-
- if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
- pInfo->flags |= CKF_RW_SESSION;
- }
-
- pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
-
- pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- CK_ULONG len;
- NSSItem buf;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
- if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
- *pulOperationStateLen = len;
- return CKR_OK;
- }
-
- if( *pulOperationStateLen < len ) {
- *pulOperationStateLen = len;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- buf.size = (PRUint32)*pulOperationStateLen;
- buf.data = (void *)pOperationState;
- *pulOperationStateLen = len;
- error = nssCKFWSession_GetOperationState(fwSession, &buf);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_STATE_UNSAVEABLE:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_SetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *eKey;
- NSSCKFWObject *aKey;
- NSSItem state;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * We could loop through the buffer, to catch any purify errors
- * in a place with a "user error" note.
- */
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
- eKey = (NSSCKFWObject *)NULL;
- } else {
- eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
- if( (NSSCKFWObject *)NULL == eKey ) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
- }
-
- if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
- aKey = (NSSCKFWObject *)NULL;
- } else {
- aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
- if( (NSSCKFWObject *)NULL == aKey ) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
- }
-
- error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_CHANGED:
- case CKR_KEY_NEEDED:
- case CKR_KEY_NOT_NEEDED:
- case CKR_SAVED_STATE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_Login
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Login
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem pin, *arg;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
- arg = (NSSItem *)NULL;
- } else {
- arg = &pin;
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- }
-
- error = nssCKFWSession_Login(fwSession, userType, arg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_EXPIRED:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY_EXISTS:
- case CKR_USER_ALREADY_LOGGED_IN:
- case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
- case CKR_USER_PIN_NOT_INITIALIZED:
- case CKR_USER_TOO_MANY_TYPES:
- case CKR_USER_TYPE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_Logout
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Logout
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Logout(fwSession);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CreateObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CreateObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phObject = (CK_OBJECT_HANDLE)0;
-
- fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
- ulCount, &error);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- goto loser;
- }
-
- *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
- if( (CK_OBJECT_HANDLE)0 == *phObject ) {
- nssCKFWObject_Destroy(fwObject);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CopyObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CopyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *fwNewObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phNewObject = (CK_OBJECT_HANDLE)0;
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
- pTemplate, ulCount, &error);
- if( (NSSCKFWObject *)NULL == fwNewObject ) {
- goto loser;
- }
-
- *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
- fwNewObject, &error);
- if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
- nssCKFWObject_Destroy(fwNewObject);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_DestroyObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DestroyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
- nssCKFWObject_Destroy(fwObject);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetObjectSize
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *pulSize = (CK_ULONG)0;
-
- *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
- if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_INFORMATION_SENSITIVE:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetAttributeValue
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- CK_BBOOL sensitive = CK_FALSE;
- CK_BBOOL invalid = CK_FALSE;
- CK_BBOOL tooSmall = CK_FALSE;
- CK_ULONG i;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- for( i = 0; i < ulCount; i++ ) {
- CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
- pTemplate[i].type, &error);
- if( (CK_ULONG)0 == size ) {
- switch( error ) {
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_INFORMATION_SENSITIVE:
- sensitive = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- invalid = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_OK:
- break;
- default:
- goto loser;
- }
- }
-
- if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
- pTemplate[i].ulValueLen = size;
- } else {
- NSSItem it, *p;
-
- if( pTemplate[i].ulValueLen < size ) {
- tooSmall = CK_TRUE;
- continue;
- }
-
- it.size = (PRUint32)pTemplate[i].ulValueLen;
- it.data = (void *)pTemplate[i].pValue;
- p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
- (NSSArena *)NULL, &error);
- if( (NSSItem *)NULL == p ) {
- switch( error ) {
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_INFORMATION_SENSITIVE:
- sensitive = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- invalid = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- default:
- goto loser;
- }
- }
-
- pTemplate[i].ulValueLen = size;
- }
- }
-
- if( sensitive ) {
- error = CKR_ATTRIBUTE_SENSITIVE;
- goto loser;
- } else if( invalid ) {
- error = CKR_ATTRIBUTE_TYPE_INVALID;
- goto loser;
- } else if( tooSmall ) {
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_SetAttributeValue
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *newFwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject, pTemplate,
- ulCount, &error);
- if( (NSSCKFWObject *)NULL == newFwObject ) {
- goto loser;
- }
-
- error = nssCKFWInstance_ReassignObjectHandle(fwInstance, hObject, newFwObject);
- nssCKFWObject_Destroy(fwObject);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_FindObjectsInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if( (NSSCKFWFindObjects *)NULL != fwFindObjects ) {
- error = CKR_OPERATION_ACTIVE;
- goto loser;
- }
-
- if( CKR_OPERATION_NOT_INITIALIZED != error ) {
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
- pTemplate, ulCount, &error);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- goto loser;
- }
-
- error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
-
- if( CKR_OK != error ) {
- nssCKFWFindObjects_Destroy(fwFindObjects);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_FindObjects
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjects
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
- CK_ULONG i;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
- *pulObjectCount = (CK_ULONG)0;
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- goto loser;
- }
-
- for( i = 0; i < ulMaxObjectCount; i++ ) {
- NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
- NULL, &error);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- break;
- }
-
- phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
- if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
- phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
- }
- if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
- /* This isn't right either, is it? */
- nssCKFWObject_Destroy(fwObject);
- goto loser;
- }
- }
-
- *pulObjectCount = i;
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_FindObjectsFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- error = CKR_OPERATION_NOT_INITIALIZED;
- goto loser;
- }
-
- nssCKFWFindObjects_Destroy(fwFindObjects);
- error = nssCKFWSession_SetFWFindObjects(fwSession, (NSSCKFWFindObjects *)NULL);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_EncryptInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Encrypt
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Encrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_EncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_EncryptFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Decrypt
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Decrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Digest
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Digest
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Sign
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Sign
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignRecoverInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignRecover
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Verify
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Verify
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyRecoverInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyRecover
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestEncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptDigestUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignEncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptVerifyUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_GenerateKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_GenerateKeyPair
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKeyPair
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_WrapKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_WrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_UnwrapKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_UnwrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DeriveKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DeriveKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SeedRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SeedRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem seed;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /* We could read through the buffer in a Purify trap */
-
- seed.size = (PRUint32)ulSeedLen;
- seed.data = (void *)pSeed;
-
- error = nssCKFWSession_SeedRandom(fwSession, &seed);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_RANDOM_SEED_NOT_SUPPORTED:
- case CKR_RANDOM_NO_RNG:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GenerateRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem buffer;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
-
- buffer.size = (PRUint32)ulRandomLen;
- buffer.data = (void *)pRandomData;
-
- error = nssCKFWSession_GetRandom(fwSession, &buffer);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_RANDOM_NO_RNG:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetFunctionStatus
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetFunctionStatus
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/*
- * NSSCKFWC_CancelFunction
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CancelFunction
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
diff --git a/security/nss/lib/crmf/Makefile b/security/nss/lib/crmf/Makefile
deleted file mode 100644
index a376529c7..000000000
--- a/security/nss/lib/crmf/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-export:: private_export
diff --git a/security/nss/lib/crmf/asn1cmn.c b/security/nss/lib/crmf/asn1cmn.c
deleted file mode 100644
index 3ca062027..000000000
--- a/security/nss/lib/crmf/asn1cmn.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cmmf.h"
-#include "cmmfi.h"
-
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(SEC_IntegerTemplate)
-SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
-
-static const SEC_ASN1Template CMMFCertResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse)},
- { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId)},
- { SEC_ASN1_INLINE, offsetof(CMMFCertResponse, status),
- CMMFPKIStatusInfoTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER,
- offsetof(CMMFCertResponse, certifiedKeyPair),
- CMMFCertifiedKeyPairTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template CMMFCertOrEncCertTemplate[] = {
- { SEC_ASN1_ANY, offsetof(CMMFCertOrEncCert, derValue), NULL,
- sizeof(CMMFCertOrEncCert)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertifiedKeyPair)},
- { SEC_ASN1_INLINE, offsetof(CMMFCertifiedKeyPair, certOrEncCert),
- CMMFCertOrEncCertTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0,
- offsetof(CMMFCertifiedKeyPair, privateKey),
- CRMFEncryptedValueTemplate},
- { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof (CMMFCertifiedKeyPair, derPublicationInfo),
- SEC_ASN1_SUB(SEC_AnyTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CMMFPKIStatusInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFPKIStatusInfo)},
- { SEC_ASN1_INTEGER, offsetof(CMMFPKIStatusInfo, status)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_UTF8_STRING,
- offsetof(CMMFPKIStatusInfo, statusString)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
- offsetof(CMMFPKIStatusInfo, failInfo)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFSequenceOfCertsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF| SEC_ASN1_XTRN, 0,
- SEC_ASN1_SUB(SEC_SignedCertificateTemplate)}
-};
-
-const SEC_ASN1Template CMMFRandTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFRand)},
- { SEC_ASN1_INTEGER, offsetof(CMMFRand, integer)},
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFRand, senderHash)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN,
- offsetof(CMMFPOPODecKeyRespContent, responses),
- SEC_ASN1_SUB(SEC_IntegerTemplate),
- sizeof(CMMFPOPODecKeyRespContent)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1,
- 0,
- CRMFEncryptedValueTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- 0,
- SEC_ASN1_SUB(SEC_SignedCertificateTemplate)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertRepContentTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertRepContent)},
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CMMFCertRepContent, caPubs),
- CMMFSequenceOfCertsTemplate },
- { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFCertRepContent, response),
- CMMFCertResponseTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template CMMFChallengeTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge)},
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN,
- offsetof(CMMFChallenge, owf),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, witness) },
- { SEC_ASN1_ANY, offsetof(CMMFChallenge, senderDER) },
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, key) },
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, challenge) },
- { 0 }
-};
-
-const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,offsetof(CMMFPOPODecKeyChallContent, challenges),
- CMMFChallengeTemplate, sizeof(CMMFPOPODecKeyChallContent) },
- { 0 }
-};
-
-SECStatus
-cmmf_decode_process_cert_response(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertResponse *inCertResp)
-{
- SECStatus rv = SECSuccess;
-
- if (inCertResp->certifiedKeyPair != NULL) {
- rv = cmmf_decode_process_certified_key_pair(poolp,
- db,
- inCertResp->certifiedKeyPair);
- }
- return rv;
-}
-
-static CERTCertificate*
-cmmf_DecodeDERCertificate(CERTCertDBHandle *db, SECItem *derCert)
-{
- CERTCertificate *newCert;
-
- newCert = CERT_NewTempCertificate(db, derCert, NULL, PR_FALSE, PR_TRUE);
- return newCert;
-}
-
-static CMMFCertOrEncCertChoice
-cmmf_get_certorenccertchoice_from_der(SECItem *der)
-{
- CMMFCertOrEncCertChoice retChoice;
-
- switch(der->data[0] & 0x0f) {
- case 0:
- retChoice = cmmfCertificate;
- break;
- case 1:
- retChoice = cmmfEncryptedCert;
- break;
- default:
- retChoice = cmmfNoCertOrEncCert;
- break;
- }
- return retChoice;
-}
-
-static SECStatus
-cmmf_decode_process_certorenccert(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertOrEncCert *inCertOrEncCert)
-{
- SECStatus rv = SECSuccess;
-
- inCertOrEncCert->choice =
- cmmf_get_certorenccertchoice_from_der(&inCertOrEncCert->derValue);
-
- switch (inCertOrEncCert->choice) {
- case cmmfCertificate:
- {
- /* The DER has implicit tagging, so we gotta switch it to
- * un-tagged in order for the ASN1 parser to understand it.
- * Saving the bits that were changed.
- */
- inCertOrEncCert->derValue.data[0] = 0x30;
- inCertOrEncCert->cert.certificate =
- cmmf_DecodeDERCertificate(db, &inCertOrEncCert->derValue);
- if (inCertOrEncCert->cert.certificate == NULL) {
- rv = SECFailure;
- }
-
- }
- break;
- case cmmfEncryptedCert:
- inCertOrEncCert->cert.encryptedCert =
- PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (inCertOrEncCert->cert.encryptedCert == NULL) {
- rv = SECFailure;
- break;
- }
- rv = SEC_ASN1Decode(poolp, inCertOrEncCert->cert.encryptedCert,
- CMMFCertOrEncCertEncryptedCertTemplate,
- (const char*)inCertOrEncCert->derValue.data,
- inCertOrEncCert->derValue.len);
- break;
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-cmmf_decode_process_certified_key_pair(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertifiedKeyPair *inCertKeyPair)
-{
- return cmmf_decode_process_certorenccert (poolp,
- db,
- &inCertKeyPair->certOrEncCert);
-}
-
-
diff --git a/security/nss/lib/crmf/challcli.c b/security/nss/lib/crmf/challcli.c
deleted file mode 100644
index 43d09aad6..000000000
--- a/security/nss/lib/crmf/challcli.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secder.h"
-#include "sechash.h"
-
-CMMFPOPODecKeyChallContent*
-CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyChallContent *challContent;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
- if (challContent == NULL) {
- goto loser;
- }
- challContent->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, challContent,
- CMMFPOPODecKeyChallContentTemplate, buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (challContent->challenges) {
- while (challContent->challenges[challContent->numChallenges] != NULL) {
- challContent->numChallenges++;
- }
- challContent->numAllocated = challContent->numChallenges;
- }
- return challContent;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-int
-CMMF_POPODecKeyChallContentGetNumChallenges
- (CMMFPOPODecKeyChallContent *inKeyChallCont)
-{
- PORT_Assert(inKeyChallCont != NULL);
- if (inKeyChallCont == NULL) {
- return 0;
- }
- return inKeyChallCont->numChallenges;
-}
-
-SECItem*
-CMMF_POPODecKeyChallContentGetPublicValue
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex)
-{
- PORT_Assert(inKeyChallCont != NULL);
- if (inKeyChallCont == NULL || (inIndex > inKeyChallCont->numChallenges-1)||
- inIndex < 0) {
- return NULL;
- }
- return SECITEM_DupItem(&inKeyChallCont->challenges[inIndex]->key);
-}
-
-static SECAlgorithmID*
-cmmf_get_owf(CMMFPOPODecKeyChallContent *inChalCont,
- int inIndex)
-{
- int i;
-
- for (i=inIndex; i >= 0; i--) {
- if (inChalCont->challenges[i]->owf != NULL) {
- return inChalCont->challenges[i]->owf;
- }
- }
- return NULL;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
- int inIndex,
- SECKEYPrivateKey *inPrivKey)
-{
- CMMFChallenge *challenge;
- SECItem *decryptedRand=NULL;
- SECAlgorithmID *owf;
- PK11SlotInfo *slot;
- PK11SymKey *symKey = NULL;
- SECStatus rv = SECFailure;
- CMMFRand randStr;
- SECItem hashItem;
- SECOidTag tag;
- unsigned char hash[HASH_LENGTH_MAX];
-
- PORT_Assert(inChalCont != NULL && inPrivKey != NULL);
- if (inChalCont == NULL || inIndex <0 || inIndex > inChalCont->numChallenges
- || inPrivKey == NULL){
- return SECFailure;
- }
- challenge = inChalCont->challenges[inIndex];
- decryptedRand = PORT_ZNew(SECItem);
- if (decryptedRand == NULL) {
- goto loser;
- }
- decryptedRand->data =
- PORT_NewArray(unsigned char, challenge->challenge.len);
- if (decryptedRand->data == NULL) {
- goto loser;
- }
- slot = inPrivKey->pkcs11Slot;
- symKey = PK11_PubUnwrapSymKey(inPrivKey, &challenge->challenge,
- CKM_RSA_PKCS, CKA_VALUE, 0);
- if (symKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
- rv = PK11_ExtractKeyValue(symKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- decryptedRand = PK11_GetKeyData(symKey);
- rv = SEC_ASN1DecodeItem(NULL, &randStr, CMMFRandTemplate,
- decryptedRand);
- /* The decryptedRand returned points to a member within the symKey
- * structure, so we don't want to free it. Let the symKey destruction
- * function deal with freeing that memory.
- */
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECFailure; /* Just so that when we do go to loser,
- * I won't have to set it again.
- */
- owf = cmmf_get_owf(inChalCont, inIndex);
- if (owf == NULL) {
- /* No hashing algorithm came with the challenges. Can't verify */
- goto loser;
- }
- /* Verify the hashes in the challenge */
- tag = SECOID_FindOIDTag(&owf->algorithm);
- hashItem.len = HASH_ResultLenByOidTag(tag);
- if (!hashItem.len)
- goto loser; /* error code has been set */
-
- rv = PK11_HashBuf(tag, hash, randStr.integer.data, randStr.integer.len);
- if (rv != SECSuccess) {
- goto loser;
- }
- hashItem.data = hash;
- if (SECITEM_CompareItem(&hashItem, &challenge->witness) != SECEqual) {
- /* The hash for the data we decrypted doesn't match the hash provided
- * in the challenge. Bail out.
- */
- rv = SECFailure;
- goto loser;
- }
- rv = PK11_HashBuf(tag, hash, challenge->senderDER.data,
- challenge->senderDER.len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (SECITEM_CompareItem(&hashItem, &randStr.senderHash) != SECEqual) {
- /* The hash for the data we decrypted doesn't match the hash provided
- * in the challenge. Bail out.
- */
- rv = SECFailure;
- goto loser;
- }
- /* All of the hashes have verified, so we can now store the integer away.*/
- rv = SECITEM_CopyItem(inChalCont->poolp, &challenge->randomNumber,
- &randStr.integer);
- loser:
- if (symKey != NULL) {
- PK11_FreeSymKey(symKey);
- }
- return rv;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContentGetRandomNumber
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex,
- long *inDest)
-{
- CMMFChallenge *challenge;
-
- PORT_Assert(inKeyChallCont != NULL);
- if (inKeyChallCont == NULL || inIndex > 0 || inIndex >=
- inKeyChallCont->numChallenges) {
- return SECFailure;
- }
- challenge = inKeyChallCont->challenges[inIndex];
- if (challenge->randomNumber.data == NULL) {
- /* There is no random number here, nothing to see. */
- return SECFailure;
- }
- *inDest = DER_GetInteger(&challenge->randomNumber);
- return (*inDest == -1) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CMMF_EncodePOPODecKeyRespContent(long *inDecodedRand,
- int inNumRand,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyRespContent *response;
- SECItem *currItem;
- SECStatus rv=SECFailure;
- int i;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return SECFailure;
- }
- response = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
- if (response == NULL) {
- goto loser;
- }
- response->responses = PORT_ArenaZNewArray(poolp, SECItem*, inNumRand+1);
- if (response->responses == NULL) {
- goto loser;
- }
- for (i=0; i<inNumRand; i++) {
- currItem = response->responses[i] = PORT_ArenaZNew(poolp,SECItem);
- if (currItem == NULL) {
- goto loser;
- }
- SEC_ASN1EncodeInteger(poolp, currItem,inDecodedRand[i]);
- }
- rv = cmmf_user_encode(response, inCallback, inArg,
- CMMFPOPODecKeyRespContentTemplate);
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return rv;
-}
diff --git a/security/nss/lib/crmf/cmmf.h b/security/nss/lib/crmf/cmmf.h
deleted file mode 100644
index a10220429..000000000
--- a/security/nss/lib/crmf/cmmf.h
+++ /dev/null
@@ -1,1119 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMF_H_
-#define _CMMF_H_
-/*
- * These are the functions exported by the security library for
- * implementing Certificate Management Message Formats (CMMF).
- *
- * This API is designed against July 1998 CMMF draft. Please read this
- * draft before trying to use this API in an application that use CMMF.
- */
-#include "seccomon.h"
-#include "cmmft.h"
-#include "crmf.h"
-
-SEC_BEGIN_PROTOS
-
-/******************* Creation Functions *************************/
-
-/*
- * FUNCTION: CMMF_CreateCertRepContent
- * INPUTS:
- * NONE
- * NOTES:
- * This function will create an empty CMMFCertRepContent Structure.
- * The client of the library must set the CMMFCertResponses.
- * Call CMMF_CertRepContentSetCertResponse to accomplish this task.
- * If the client of the library also wants to include the chain of
- * CA certs required to make the certificates in CMMFCertResponse valid,
- * then the user must also set the caPubs field of CMMFCertRepContent.
- * Call CMMF_CertRepContentSetCAPubs to accomplish this. After setting
- * the desired fields, the user can then call CMMF_EncodeCertRepContent
- * to DER-encode the CertRepContent.
- * RETURN:
- * A pointer to the CMMFCertRepContent. A NULL return value indicates
- * an error in allocating memory or failure to initialize the structure.
- */
-extern CMMFCertRepContent* CMMF_CreateCertRepContent(void);
-
-/*
- * FUNCTION: CMMF_CreateCertRepContentFromDER
- * INPUTS
- * db
- * The certificate database where the certificates will be placed.
- * The certificates will be placed in the temporary database associated
- * with the handle.
- * buf
- * A buffer to the DER-encoded CMMFCertRepContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFCertRepContent structure. The user must call
- * CMMF_DestroyCertRepContent after the return value is no longer needed.
- *
- * RETURN:
- * A pointer to the CMMFCertRepContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFCertRepContent*
- CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db,
- const char *buf,
- long len);
-
-/*
- * FUNCTION: CMMF_CreateCertResponse
- * INPUTS:
- * inCertReqId
- * The Certificate Request Id this response is for.
- * NOTES:
- * This creates a CMMFCertResponse. This response should correspond
- * to a request that was received via CRMF. From the CRMF message you
- * can get the Request Id to pass in as inCertReqId, in essence binding
- * a CMRFCertRequest message to the CMMFCertResponse created by this
- * function. If no requuest id is associated with the response to create
- * then the user should pass in -1 for 'inCertReqId'.
- *
- * RETURN:
- * A pointer to the new CMMFCertResponse corresponding to the request id
- * passed in. A NULL return value indicates an error while trying to
- * create the CMMFCertResponse.
- */
-extern CMMFCertResponse* CMMF_CreateCertResponse(long inCertReqId);
-
-/*
- * FUNCTION: CMMF_CreateKeyRecRepContent
- * INPUTS:
- * NONE
- * NOTES:
- * This function creates a new empty CMMFKeyRecRepContent structure.
- * At the very minimum, the user must call
- * CMMF_KeyRecRepContentSetPKIStatusInfoStatus field to have an
- * encodable structure. Depending on what the response is, the user may
- * have to set other fields as well to properly build up the structure so
- * that it can be encoded. Refer to the CMMF draft for how to properly
- * set up a CMMFKeyRecRepContent. This is the structure that an RA returns
- * to an end entity when doing key recovery.
-
- * The user must call CMMF_DestroyKeyRecRepContent when the return value
- * is no longer needed.
- * RETURN:
- * A pointer to the empty CMMFKeyRecRepContent. A return value of NULL
- * indicates an error in allocating memory or initializing the structure.
- */
-extern CMMFKeyRecRepContent *CMMF_CreateKeyRecRepContent(void);
-
-/*
- * FUNCTION: CMMF_CreateKeyRecRepContentFromDER
- * INPUTS:
- * db
- * The handle for the certificate database where the decoded
- * certificates will be placed. The decoded certificates will
- * be placed in the temporary database associated with the
- * handle.
- * buf
- * A buffer contatining the DER-encoded CMMFKeyRecRepContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFKeyRecRepContent structure.
- *
- * RETURN:
- * A pointer to the CMMFKeyRecRepContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFKeyRecRepContent*
- CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db,
- const char *buf,
- long len);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyChallContent
- * INPUTS:
- * NONE
- * NOTES:
- * This function creates an empty CMMFPOPODecKeyChallContent. The user
- * must add the challenges individually specifying the random number to
- * be used and the public key to be used when creating each individual
- * challenge. User can accomplish this by calling the function
- * CMMF_POPODecKeyChallContentSetNextChallenge.
- * RETURN:
- * A pointer to a CMMFPOPODecKeyChallContent structure. Ther user can
- * then call CMMF_EncodePOPODecKeyChallContent passing in the return
- * value from this function after setting all of the challenges. A
- * return value of NULL indicates an error while creating the
- * CMMFPOPODecKeyChallContent structure.
- */
-extern CMMFPOPODecKeyChallContent*
- CMMF_CreatePOPODecKeyChallContent(void);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyChallContentFromDER
- * INPUTS
- * buf
- * A buffer containing the DER-encoded CMMFPOPODecKeyChallContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFPOPODecKeyChallContent structure.
- *
- * RETURN:
- * A pointer to the CMMFPOPODecKeyChallContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFPOPODecKeyChallContent*
- CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyRespContentFromDER
- * INPUTS:
- * buf
- * A buffer contatining the DER-encoded CMMFPOPODecKeyRespContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFPOPODecKeyRespContent structure.
- *
- * RETURN:
- * A pointer to the CMMFPOPODecKeyRespContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFPOPODecKeyRespContent*
- CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len);
-
-/************************** Set Functions *************************/
-
-/*
- * FUNCTION: CMMF_CertRepContentSetCertResponses
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * inCertResponses
- * An array of pointers to CMMFCertResponse structures to
- * add to the CMMFCertRepContent structure.
- * inNumResponses
- * The length of the array 'inCertResponses'
- * NOTES:
- * This function will add the CMMFCertResponse structure to the
- * CMMFCertRepContent passed in. The CMMFCertResponse field of
- * CMMFCertRepContent is required, so the client must call this function
- * before calling CMMF_EncodeCertRepContent. If the user calls
- * CMMF_EncodeCertRepContent before calling this function,
- * CMMF_EncodeCertRepContent will fail.
- *
- * RETURN:
- * SECSuccess if adding the CMMFCertResponses to the CMMFCertRepContent
- * structure was successful. Any other return value indicates an error
- * while trying to add the CMMFCertResponses.
- */
-extern SECStatus
- CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
- CMMFCertResponse **inCertResponses,
- int inNumResponses);
-
-/*
- * FUNCTION: CMMF_CertRepContentSetCAPubs
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * inCAPubs
- * The certificate list which makes up the chain of CA certificates
- * required to make the issued cert valid.
- * NOTES:
- * This function will set the the certificates in the CA chain as part
- * of the CMMFCertRepContent. This field is an optional member of the
- * CMMFCertRepContent structure, so the client is not required to call
- * this function before calling CMMF_EncodeCertRepContent.
- *
- * RETURN:
- * SECSuccess if adding the 'inCAPubs' to the CERTRepContent was successful.
- * Any other return value indicates an error while adding 'inCAPubs' to the
- * CMMFCertRepContent structure.
- *
- */
-extern SECStatus
- CMMF_CertRepContentSetCAPubs (CMMFCertRepContent *inCertRepContent,
- CERTCertList *inCAPubs);
-
-/*
- * FUNCTION: CMMF_CertResponseSetPKIStatusInfoStatus
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * inPKIStatus
- * The value to set for the PKIStatusInfo.status field.
- * NOTES:
- * This function will set the CertResponse.status.status field of
- * the CMMFCertResponse structure. (View the definition of CertResponse
- * in the CMMF draft to see exactly which value this talks about.) This
- * field is a required member of the structure, so the user must call this
- * function in order to have a CMMFCertResponse that can be encoded.
- *
- * RETURN:
- * SECSuccess if setting the field with the passed in value was successful.
- * Any other return value indicates an error while trying to set the field.
- */
-extern SECStatus
- CMMF_CertResponseSetPKIStatusInfoStatus (CMMFCertResponse *inCertResp,
- CMMFPKIStatus inPKIStatus);
-
-/*
- * FUNCTION: CMMF_CertResponseSetCertificate
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * inCertificate
- * The certificate to add to the
- * CertResponse.CertifiedKeyPair.certOrEncCert.certificate field.
- * NOTES:
- * This function will take the certificate and make it a member of the
- * CMMFCertResponse. The certificate should be the actual certificate
- * being issued via the response.
- *
- * RETURN:
- * SECSuccess if adding the certificate to the response was successful.
- * Any other return value indicates an error in adding the certificate to
- * the CertResponse.
- */
-extern SECStatus
- CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
- CERTCertificate *inCertificate);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetPKIStatusInfoStatus
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inPKIStatus
- * The value to set the PKIStatusInfo.status field to.
- * NOTES:
- * This function sets the only required field for the KeyRecRepContent.
- * In most cases, the user will set this field and other fields of the
- * structure to properly create the CMMFKeyRecRepContent structure.
- * Refer to the CMMF draft to see which fields need to be set in order
- * to create the desired CMMFKeyRecRepContent.
- *
- * RETURN:
- * SECSuccess if setting the PKIStatusInfo.status field was successful.
- * Any other return value indicates an error in setting the field.
- */
-extern SECStatus
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
- CMMFPKIStatus inPKIStatus);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetNewSignCert
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inNewSignCert
- * The new signing cert to add to the CMMFKeyRecRepContent structure.
- * NOTES:
- * This function sets the new signeing cert in the CMMFKeyRecRepContent
- * structure.
- *
- * RETURN:
- * SECSuccess if setting the new signing cert was successful. Any other
- * return value indicates an error occurred while trying to add the
- * new signing certificate.
- */
-extern SECStatus
- CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inNewSignCert);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetCACerts
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inCACerts
- * The list of CA certificates required to construct a valid
- * certificate chain with the certificates that will be returned
- * to the end user via this KeyRecRepContent.
- * NOTES:
- * This function sets the caCerts that are required to form a chain with the
- * end entity certificates that are being re-issued in this
- * CMMFKeyRecRepContent structure.
- *
- * RETURN:
- * SECSuccess if adding the caCerts was successful. Any other return value
- * indicates an error while tring to add the caCerts.
- */
-extern SECStatus
- CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertList *inCACerts);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetCertifiedKeyPair
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inCert
- * The certificate to add to the CMMFKeyRecRepContent structure.
- * inPrivKey
- * The private key associated with the certificate above passed in.
- * inPubKey
- * The public key to use for wrapping the private key.
- * NOTES:
- * This function adds another certificate-key pair to the
- * CMMFKeyRecRepcontent structure. There may be more than one
- * certificate-key pair in the structure, so the user must call this
- * function multiple times to add more than one cert-key pair.
- *
- * RETURN:
- * SECSuccess if adding the certified key pair was successful. Any other
- * return value indicates an error in adding certified key pair to
- * CMMFKeyRecRepContent structure.
- */
-extern SECStatus
- CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inCert,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
- * INPUTS:
- * inDecKeyChall
- * The CMMFPOPODecKeyChallContent to operate on.
- * inRandom
- * The random number to use when generating the challenge,
- * inSender
- * The GeneralName representation of the sender of the challenge.
- * inPubKey
- * The public key to use when encrypting the challenge.
- * passwdArg
- * This value will be passed to the function used for getting a
- * password. The password for getting a password should be registered
- * by calling PK11_SetPasswordFunc before this function is called.
- * If no password callback is registered and the library needs to
- * authenticate to the slot for any reason, this function will fail.
- * NOTES:
- * This function adds a challenge to the end of the list of challenges
- * contained by 'inDecKeyChall'. Refer to the CMMF draft on how the
- * the random number passed in and the sender's GeneralName are used
- * to generate the challenge and witness fields of the challenge. This
- * library will use SHA1 as the one-way function for generating the
- * witess field of the challenge.
- *
- * RETURN:
- * SECSuccess if generating the challenge and adding to the end of list
- * of challenges was successful. Any other return value indicates an error
- * while trying to generate the challenge.
- */
-extern SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
- (CMMFPOPODecKeyChallContent *inDecKeyChall,
- long inRandom,
- CERTGeneralName *inSender,
- SECKEYPublicKey *inPubKey,
- void *passwdArg);
-
-
-/************************** Encoding Functions *************************/
-
-/*
- * FUNCTION: CMMF_EncodeCertRepContent
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to DER-encode.
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback funtion whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded CMMFCertRepContent structure.
- *
- * RETURN:
- * SECSuccess if encoding the CMMFCertRepContent was successful. Any
- * other return value indicates an error while decoding the structure.
- */
-extern SECStatus
- CMMF_EncodeCertRepContent (CMMFCertRepContent *inCertRepContent,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*
- * FUNCTION: CMMF_EncodeKeyRecRepContent
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRepContent to DER-encode.
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback funtion whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded CMMFCertRepContent structure.
- *
- * RETURN:
- * SECSuccess if encoding the CMMFKeyRecRepContent was successful. Any
- * other return value indicates an error while decoding the structure.
- */
-extern SECStatus
- CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*
- * FUNCTION: CMMF_EncodePOPODecKeyChallContent
- * INPUTS:
- * inDecKeyChall
- * The CMMFDecKeyChallContent to operate on.
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback function whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded CMMFCertRepContent structure.
- * The DER will be an encoding of the type POPODecKeyChallContents, which
- * is just a sequence of challenges.
- *
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value indicates
- * an error in trying to encode the Challenges.
- */
-extern SECStatus
-CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*
- * FUNCTION: CMMF_EncodePOPODecKeyRespContent
- * INPUTS:
- * inDecodedRand
- * An array of integers to encode as the responses to
- * CMMFPOPODecKeyChallContent. The integers must be in the same order
- * as the challenges extracted from CMMFPOPODecKeyChallContent.
- * inNumRand
- * The number of random integers contained in the array 'inDecodedRand'
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback funtion whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded POPODecKeyRespContent.
- *
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value indicates
- * an error in trying to encode the Challenges.
- */
-extern SECStatus
- CMMF_EncodePOPODecKeyRespContent(long *inDecodedRand,
- int inNumRand,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*************** Accessor function ***********************************/
-
-/*
- * FUNCTION: CMMF_CertRepContentGetCAPubs
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to extract the caPubs from.
- * NOTES:
- * This function will return a copy of the list of certificates that
- * make up the chain of CA's required to make the cert issued valid.
- * The user must call CERT_DestroyCertList on the return value when
- * done using the return value.
- *
- * Only call this function on a CertRepContent that has been decoded.
- * The client must call CERT_DestroyCertList when the certificate list
- * is no longer needed.
- *
- * The certs in the list will not be in the temporary database. In order
- * to make these certificates a part of the permanent CA internal database,
- * the user must collect the der for all of these certs and call
- * CERT_ImportCAChain. Afterwards the certs will be part of the permanent
- * database.
- *
- * RETURN:
- * A pointer to the CERTCertList representing the CA chain associated
- * with the issued cert. A NULL return value indicates that no CA Pubs
- * were available in the CMMFCertRepContent structure.
- */
-extern CERTCertList*
- CMMF_CertRepContentGetCAPubs (CMMFCertRepContent *inCertRepContent);
-
-
-/*
- * FUNCTION: CMMF_CertRepContentGetNumResponses
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * NOTES:
- * This function will return the number of CertResponses that are contained
- * by the CMMFCertRepContent passed in.
- *
- * RETURN:
- * The number of CMMFCertResponses contained in the structure passed in.
- */
-extern int
- CMMF_CertRepContentGetNumResponses (CMMFCertRepContent *inCertRepContent);
-
-/*
- * FUNCTION: CMMF_CertRepContentGetResponseAtIndex
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * inIndex
- * The index of the CMMFCertResponse the user wants a copy of.
- * NOTES:
- * This funciton creates a copy of the CMMFCertResponse at the index
- * corresponding to the parameter 'inIndex'. Indexing is done like a
- * traditional C array, ie the valid indexes are (0...numResponses-1).
- * The user must call CMMF_DestroyCertResponse after the return value is
- * no longer needed.
- *
- * RETURN:
- * A pointer to the CMMFCertResponse at the index corresponding to
- * 'inIndex'. A return value of NULL indicates an error in copying
- * the CMMFCertResponse.
- */
-extern CMMFCertResponse*
-CMMF_CertRepContentGetResponseAtIndex (CMMFCertRepContent *inCertRepContent,
- int inIndex);
-
-/*
- * FUNCTION: CMMF_CertResponseGetCertReqId
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * NOTES:
- * This function returns the CertResponse.certReqId from the
- * CMMFCertResponse structure passed in. If the return value is -1, that
- * means there is no associated certificate request with the CertResponse.
- * RETURN:
- * A long representing the id of the certificate request this
- * CMMFCertResponse corresponds to. A return value of -1 indicates an
- * error in extracting the value of the integer.
- */
-extern long CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_CertResponseGetPKIStatusInfoStatus
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * NOTES:
- * This function returns the CertResponse.status.status field of the
- * CMMFCertResponse structure.
- *
- * RETURN:
- * The enumerated value corresponding to the PKIStatus defined in the CMMF
- * draft. See the CMMF draft for the definition of PKIStatus. See crmft.h
- * for the definition of CMMFPKIStatus.
- */
-extern CMMFPKIStatus
- CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_CertResponseGetCertificate
- * INPUTS:
- * inCertResp
- * The Certificate Response to operate on.
- * inCertdb
- * This is the certificate database where the function will place the
- * newly issued certificate.
- * NOTES:
- * This function retrieves the CertResponse.certifiedKeyPair.certificate
- * from the CMMFCertResponse. The user will get a copy of that certificate
- * so the user must call CERT_DestroyCertificate when the return value is
- * no longer needed. The certificate returned will be in the temporary
- * certificate database.
- *
- * RETURN:
- * A pointer to a copy of the certificate contained within the
- * CMMFCertResponse. A return value of NULL indicates an error while trying
- * to make a copy of the certificate.
- */
-extern CERTCertificate*
- CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
- CERTCertDBHandle *inCertdb);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetPKIStatusInfoStatus
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent structure to operate on.
- * NOTES:
- * This function retrieves the KeyRecRepContent.status.status field of
- * the CMMFKeyRecRepContent structure.
- * RETURN:
- * The CMMFPKIStatus corresponding to the value held in the
- * CMMFKeyRecRepContent structure.
- */
-extern CMMFPKIStatus
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetNewSignCert
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * NOTES:
- * This function retrieves the KeyRecRepContent.newSignCert field of the
- * CMMFKeyRecRepContent structure. The user must call
- * CERT_DestroyCertificate when the return value is no longer needed. The
- * returned certificate will be in the temporary database. The user
- * must then place the certificate permanently in whatever token the
- * user determines is the proper destination. A return value of NULL
- * indicates the newSigCert field was not present.
- */
-extern CERTCertificate*
- CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetCACerts
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * NOTES:
- * This function returns a CERTCertList which contains all of the
- * certficates that are in the sequence KeyRecRepContent.caCerts
- * User must call CERT_DestroyCertList when the return value is no longer
- * needed. All of these certificates will be placed in the tempoaray
- * database.
- *
- * RETURN:
- * A pointer to the list of caCerts contained in the CMMFKeyRecRepContent
- * structure. A return value of NULL indicates the library was not able to
- * make a copy of the certifcates. This may be because there are no caCerts
- * included in the CMMFKeyRecRepContent strucure or an internal error. Call
- * CMMF_KeyRecRepContentHasCACerts to find out if there are any caCerts
- * included in 'inKeyRecRep'.
- */
-extern CERTCertList*
- CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetNumKeyPairs
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * RETURN:
- * This function returns the number of CMMFCertifiedKeyPair structures that
- * that are stored in the KeyRecRepContent structure.
- */
-extern int
- CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetCertKeyAtIndex
- * INPUTS:
- * inKeyRecRepContent
- * The CMMFKeyRecRepContent to operate on.
- * inIndex
- * The index of the desired CMMFCertifiedKeyPair
- * NOTES:
- * This function retrieves the CMMFCertifiedKeyPair structure at the index
- * 'inIndex'. Valid indexes are 0...(numKeyPairs-1) The user must call
- * CMMF_DestroyCertifiedKeyPair when the return value is no longer needed.
- *
- * RETURN:
- * A pointer to the Certified Key Pair at the desired index. A return value
- * of NULL indicates an error in extracting the Certified Key Pair at the
- * desired index.
- */
-extern CMMFCertifiedKeyPair*
- CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
- int inIndex);
-
-/*
- * FUNCTION: CMMF_CertifiedKeyPairGetCertificate
- * INPUTS:
- * inCertKeyPair
- * The CMMFCertifiedKeyPair to operate on.
- * inCertdb
- * The database handle for the database you want this certificate
- * to wind up in.
- * NOTES:
- * This function retrieves the certificate at
- * CertifiedKeyPair.certOrEncCert.certificate
- * The user must call CERT_DestroyCertificate when the return value is no
- * longer needed. The user must import this certificate as a token object
- * onto PKCS#11 slot in order to make it a permanent object. The returned
- * certificate will be in the temporary database.
- *
- * RETURN:
- * A pointer to the certificate contained within the certified key pair.
- * A return value of NULL indicates an error in creating the copy of the
- * certificate.
- */
-extern CERTCertificate*
- CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
- CERTCertDBHandle *inCertdb);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
- * INPUTS:
- * inKeyChallCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * RETURN:
- * This function returns the number of CMMFChallenges are contained in
- * the CMMFPOPODecKeyChallContent structure.
- */
-extern int CMMF_POPODecKeyChallContentGetNumChallenges
- (CMMFPOPODecKeyChallContent *inKeyChallCont);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetPublicValue
- * ---------------------------------------------------
- * INPUTS:
- * inKeyChallCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * inIndex
- * The index of the Challenge within inKeyChallCont to operate on.
- * Indexes start from 0, ie the Nth Challenge corresponds to index
- * N-1.
- * NOTES:
- * This function retrieves the public value stored away in the Challenge at
- * index inIndex of inKeyChallCont.
- * RETURN:
- * A pointer to a SECItem containing the public value. User must call
- * SECITEM_FreeItem on the return value when the value is no longer necessary.
- * A return value of NULL indicates an error while retrieving the public value.
- */
-extern SECItem* CMMF_POPODecKeyChallContentGetPublicValue
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex);
-
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetRandomNumber
- * INPUTS:
- * inChallContent
- * The CMMFPOPODecKeyChallContent to operate on.
- * inIndex
- * The index of the challenge to look at. Valid indexes are 0 through
- * (CMMF_POPODecKeyChallContentGetNumChallenges(inChallContent) - 1).
- * inDest
- * A pointer to a user supplied buffer where the library
- * can place a copy of the random integer contatained in the
- * challenge.
- * NOTES:
- * This function returns the value held in the decrypted Rand structure
- * corresponding to the random integer. The user must call
- * CMMF_POPODecKeyChallContentDecryptChallenge before calling this function. Call
- * CMMF_ChallengeIsDecrypted to find out if the challenge has been
- * decrypted.
- *
- * RETURN:
- * SECSuccess indicates the witness field has been previously decrypted
- * and the value for the random integer was successfully placed at *inDest.
- * Any other return value indicates an error and that the value at *inDest
- * is not a valid value.
- */
-extern SECStatus CMMF_POPODecKeyChallContentGetRandomNumber
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex,
- long *inDest);
-
-/*
- * FUNCTION: CMMF_POPODecKeyRespContentGetNumResponses
- * INPUTS:
- * inRespCont
- * The POPODecKeyRespContent to operate on.
- * RETURN:
- * This function returns the number of responses contained in inRespContent.
- */
-extern int
- CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont);
-
-/*
- * FUNCTION: CMMF_POPODecKeyRespContentGetResponse
- * INPUTS:
- * inRespCont
- * The POPODecKeyRespContent to operate on.
- * inIndex
- * The index of the response to retrieve.
- * The Nth response is at index N-1, ie the 1st response is at index 0,
- * the 2nd response is at index 1, and so on.
- * inDest
- * A pointer to a pre-allocated buffer where the library can put the
- * value of the response located at inIndex.
- * NOTES:
- * The function returns the response contained at index inIndex.
- * CMMFPOPODecKeyRespContent is a structure that the server will generally
- * get in response to a CMMFPOPODecKeyChallContent. The server will expect
- * to see the responses in the same order as it constructed them in
- * the CMMFPOPODecKeyChallContent structure.
- * RETURN:
- * SECSuccess if getting the response at the desired index was successful. Any
- * other return value indicates an errror.
- */
-extern SECStatus
- CMMF_POPODecKeyRespContentGetResponse (CMMFPOPODecKeyRespContent *inRespCont,
- int inIndex,
- long *inDest);
-
-/************************* Destructor Functions ******************************/
-
-/*
- * FUNCTION: CMMF_DestroyCertResponse
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to destroy.
- * NOTES:
- * This function frees all the memory associated with the CMMFCertResponse
- * passed in.
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_DestroyCertRepContent
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to destroy
- * NOTES:
- * This function frees the memory associated with the CMMFCertRepContent
- * passed in.
- * RETURN:
- * SECSuccess if freeing all the memory associated with the
- * CMMFCertRepContent passed in is successful. Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyCertRepContent (CMMFCertRepContent *inCertRepContent);
-
-/*
- * FUNCTION: CMMF_DestroyKeyRecRepContent
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to destroy.
- * NOTES:
- * This function destroys all the memory associated with the
- * CMMFKeyRecRepContent passed in.
- *
- * RETURN:
- * SECSuccess if freeing all the memory is successful. Any other return
- * value indicates an error in freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_DestroyCertifiedKeyPair
- * INPUTS:
- * inCertKeyPair
- * The CMMFCertifiedKeyPair to operate on.
- * NOTES:
- * This function frees up all the memory associated with 'inCertKeyPair'
- *
- * RETURN:
- * SECSuccess if freeing all the memory associated with 'inCertKeyPair'
- * is successful. Any other return value indicates an error while trying
- * to free the memory.
- */
-extern SECStatus
- CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
- * INPUTS:
- * inDecKeyResp
- * The CMMFPOPODecKeyRespContent structure to free.
- * NOTES:
- * This function frees up all the memory associate with the
- * CMMFPOPODecKeyRespContent.
- *
- * RETURN:
- * SECSuccess if freeing up all the memory associated with the
- * CMMFPOPODecKeyRespContent structure is successful. Any other
- * return value indicates an error while freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
-
-
-/************************** Miscellaneous Functions *************************/
-
-/*
- * FUNCTION: CMMF_CertifiedKeyPairUnwrapPrivKey
- * INPUTS:
- * inCertKeyPair
- * The CMMFCertifiedKeyPair to operate on.
- * inPrivKey
- * The private key to use to un-wrap the private key
- * inNickName
- * This is the nickname that will be associated with the private key
- * to be unwrapped.
- * inSlot
- * The PKCS11 slot where the unwrapped private key should end up.
- * inCertdb
- * The Certificate database with which the new key will be associated.
- * destPrivKey
- * A pointer to memory where the library can place a pointer to the
- * private key after importing the key onto the specified slot.
- * wincx
- * An opaque pointer that the library will use in a callback function
- * to get the password if necessary.
- *
- * NOTES:
- * This function uses the private key passed in to unwrap the private key
- * contained within the CMMFCertifiedKeyPair structure. After this
- * function successfully returns, the private key has been unwrapped and
- * placed in the specified slot.
- *
- * RETURN:
- * SECSuccess if unwrapping the private key was successful. Any other
- * return value indicates an error while trying to un-wrap the private key.
- */
-extern SECStatus
- CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
- SECKEYPrivateKey *inPrivKey,
- SECItem *inNickName,
- PK11SlotInfo *inSlot,
- CERTCertDBHandle *inCertdb,
- SECKEYPrivateKey **destPrivKey,
- void *wincx);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentHasCACerts
- * INPUTS:
- * inKeyRecRecp
- * The CMMFKeyRecRepContent to operate on.
- * RETURN:
- * This function returns PR_TRUE if there are one or more certificates in
- * the sequence KeyRecRepContent.caCerts within the CMMFKeyRecRepContent
- * structure. The function will return PR_FALSE if there are 0 certificate
- * in the above mentioned sequence.
- */
-extern PRBool
- CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContDecryptChallenge
- * INPUTS:
- * inChalCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * inIndex
- * The index of the Challenge to operate on. The 1st Challenge is
- * at index 0, the second at index 1 and so forth.
- * inPrivKey
- * The private key to use to decrypt the witness field.
- * NOTES:
- * This function uses the private key to decrypt the challenge field
- * contained in the appropriate challenge. Make sure the private key matches
- * the public key that was used to encrypt the witness. Use
- * CMMF_POPODecKeyChallContentGetPublicValue to get the public value of
- * the key used to encrypt the witness and then use that to determine the
- * appropriate private key. This can be done by calling PK11_MakeIDFromPubKey
- * and then passing that return value to PK11_FindKeyByKeyID. The creator of
- * the challenge will most likely be an RA that has the public key
- * from a Cert request. So the private key should be the private key
- * associated with public key in that request. This function will also
- * verify the witness field of the challenge. This function also verifies
- * that the sender and witness hashes match within the challenge.
- *
- * RETURN:
- * SECSuccess if decrypting the witness field was successful. This does
- * not indicate that the decrypted data is valid, since the private key
- * passed in may not be the actual key needed to properly decrypt the
- * witness field. Meaning that there is a decrypted structure now, but
- * may be garbage because the private key was incorrect.
- * Any other return value indicates the function could not complete the
- * decryption process.
- */
-extern SECStatus
- CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
- int inIndex,
- SECKEYPrivateKey *inPrivKey);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
- * INPUTS:
- * inDecKeyCont
- * The CMMFPOPODecKeyChallContent to free
- * NOTES:
- * This function frees up all the memory associated with the
- * CMMFPOPODecKeyChallContent
- * RETURN:
- * SECSuccess if freeing up all the memory associatd with the
- * CMMFPOPODecKeyChallContent is successful. Any other return value
- * indicates an error while freeing the memory.
- *
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyChallContent (CMMFPOPODecKeyChallContent *inDecKeyCont);
-
-SEC_END_PROTOS
-#endif /* _CMMF_H_ */
diff --git a/security/nss/lib/crmf/cmmfasn1.c b/security/nss/lib/crmf/cmmfasn1.c
deleted file mode 100644
index c9ab99a5a..000000000
--- a/security/nss/lib/crmf/cmmfasn1.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secasn1.h"
-#include "secitem.h"
-
-SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
-
-static const SEC_ASN1Template CMMFSequenceOfCertifiedKeyPairsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CMMFCertifiedKeyPairTemplate}
-};
-
-static const SEC_ASN1Template CMMFKeyRecRepContentTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFKeyRecRepContent)},
- { SEC_ASN1_INLINE, offsetof(CMMFKeyRecRepContent, status),
- CMMFPKIStatusInfoTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 0,
- offsetof(CMMFKeyRecRepContent, newSigCert),
- SEC_ASN1_SUB(SEC_SignedCertificateTemplate)},
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CMMFKeyRecRepContent, caCerts),
- CMMFSequenceOfCertsTemplate},
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(CMMFKeyRecRepContent, keyPairHist),
- CMMFSequenceOfCertifiedKeyPairsTemplate},
- { 0 }
-};
-
-SECStatus
-CMMF_EncodeCertRepContent (CMMFCertRepContent *inCertRepContent,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- return cmmf_user_encode(inCertRepContent, inCallback, inArg,
- CMMFCertRepContentTemplate);
-}
-
-SECStatus
-CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- return cmmf_user_encode(inDecKeyChall, inCallback, inArg,
- CMMFPOPODecKeyChallContentTemplate);
-}
-
-CMMFPOPODecKeyRespContent*
-CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyRespContent *decKeyResp;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- decKeyResp = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
- if (decKeyResp == NULL) {
- goto loser;
- }
- decKeyResp->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, decKeyResp, CMMFPOPODecKeyRespContentTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- return decKeyResp;
-
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- return cmmf_user_encode(inKeyRecRep, inCallback, inArg,
- CMMFKeyRecRepContentTemplate);
-}
-
-CMMFKeyRecRepContent*
-CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db, const char *buf,
- long len)
-{
- PRArenaPool *poolp;
- CMMFKeyRecRepContent *keyRecContent;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
- if (keyRecContent == NULL) {
- goto loser;
- }
- keyRecContent->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, keyRecContent, CMMFKeyRecRepContentTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (keyRecContent->keyPairHist != NULL) {
- while(keyRecContent->keyPairHist[keyRecContent->numKeyPairs] != NULL) {
- rv = cmmf_decode_process_certified_key_pair(poolp, db,
- keyRecContent->keyPairHist[keyRecContent->numKeyPairs]);
- if (rv != SECSuccess) {
- goto loser;
- }
- keyRecContent->numKeyPairs++;
- }
- keyRecContent->allocKeyPairs = keyRecContent->numKeyPairs;
- }
- keyRecContent->isDecoded = PR_TRUE;
- return keyRecContent;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
diff --git a/security/nss/lib/crmf/cmmfchal.c b/security/nss/lib/crmf/cmmfchal.c
deleted file mode 100644
index 3d7ad2319..000000000
--- a/security/nss/lib/crmf/cmmfchal.c
+++ /dev/null
@@ -1,319 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "sechash.h"
-#include "genname.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "secitem.h"
-#include "secmod.h"
-#include "keyhi.h"
-
-static int
-cmmf_create_witness_and_challenge(PRArenaPool *poolp,
- CMMFChallenge *challenge,
- long inRandom,
- SECItem *senderDER,
- SECKEYPublicKey *inPubKey,
- void *passwdArg)
-{
- SECItem *encodedRandNum;
- SECItem encodedRandStr = {siBuffer, NULL, 0};
- SECItem *dummy;
- unsigned char *randHash, *senderHash, *encChal=NULL;
- unsigned modulusLen = 0;
- SECStatus rv = SECFailure;
- CMMFRand randStr= { {siBuffer, NULL, 0}, {siBuffer, NULL, 0}};
- PK11SlotInfo *slot;
- PK11SymKey *symKey = NULL;
- CK_OBJECT_HANDLE id;
- CERTSubjectPublicKeyInfo *spki = NULL;
-
-
- encodedRandNum = SEC_ASN1EncodeInteger(poolp, &challenge->randomNumber,
- inRandom);
- encodedRandNum = &challenge->randomNumber;
- randHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
- senderHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
- if (randHash == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_SHA1, randHash, encodedRandNum->data,
- (uint32)encodedRandNum->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_SHA1, senderHash, senderDER->data,
- (uint32)senderDER->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- challenge->witness.data = randHash;
- challenge->witness.len = SHA1_LENGTH;
-
- randStr.integer = *encodedRandNum;
- randStr.senderHash.data = senderHash;
- randStr.senderHash.len = SHA1_LENGTH;
- dummy = SEC_ASN1EncodeItem(NULL, &encodedRandStr, &randStr,
- CMMFRandTemplate);
- if (dummy != &encodedRandStr) {
- rv = SECFailure;
- goto loser;
- }
- /* XXXX Now I have to encrypt encodedRandStr and stash it away. */
- modulusLen = SECKEY_PublicKeyStrength(inPubKey);
- encChal = PORT_ArenaNewArray(poolp, unsigned char, modulusLen);
- if (encChal == NULL) {
- rv = SECFailure;
- goto loser;
- }
- slot =PK11_GetBestSlot(CKM_RSA_PKCS, passwdArg);
- if (slot == NULL) {
- rv = SECFailure;
- goto loser;
- }
- id = PK11_ImportPublicKey(slot, inPubKey, PR_FALSE);
- /* In order to properly encrypt the data, we import as a symmetric
- * key, and then wrap that key. That in essence encrypts the data.
- * This is the method recommended in the PK11 world in order
- * to prevent threading issues as well as breaking any other semantics
- * the PK11 libraries depend on.
- */
- symKey = PK11_ImportSymKey(slot, CKM_RSA_PKCS, PK11_OriginGenerated,
- CKA_VALUE, &encodedRandStr, passwdArg);
- if (symKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
- challenge->challenge.data = encChal;
- challenge->challenge.len = modulusLen;
- rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, inPubKey, symKey,
- &challenge->challenge);
- PK11_FreeSlot(slot);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &challenge->senderDER, senderDER);
- crmf_get_public_value(inPubKey, &challenge->key);
- /* Fall through */
- loser:
- if (spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- if (encodedRandStr.data != NULL) {
- PORT_Free(encodedRandStr.data);
- }
- if (encodedRandNum != NULL) {
- SECITEM_FreeItem(encodedRandNum, PR_TRUE);
- }
- if (symKey != NULL) {
- PK11_FreeSymKey(symKey);
- }
- return rv;
-}
-
-static SECStatus
-cmmf_create_first_challenge(CMMFPOPODecKeyChallContent *challContent,
- long inRandom,
- SECItem *senderDER,
- SECKEYPublicKey *inPubKey,
- void *passwdArg)
-{
- SECOidData *oidData;
- CMMFChallenge *challenge;
- SECAlgorithmID *algId;
- PRArenaPool *poolp;
- SECStatus rv;
-
- oidData = SECOID_FindOIDByTag(SEC_OID_SHA1);
- if (oidData == NULL) {
- return SECFailure;
- }
- poolp = challContent->poolp;
- challenge = PORT_ArenaZNew(poolp, CMMFChallenge);
- if (challenge == NULL) {
- return SECFailure;
- }
- algId = challenge->owf = PORT_ArenaZNew(poolp, SECAlgorithmID);
- if (algId == NULL) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &algId->algorithm, &oidData->oid);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- rv = cmmf_create_witness_and_challenge(poolp, challenge, inRandom,
- senderDER, inPubKey, passwdArg);
- challContent->challenges[0] = (rv == SECSuccess) ? challenge : NULL;
- challContent->numChallenges++;
- return rv ;
-}
-
-CMMFPOPODecKeyChallContent*
-CMMF_CreatePOPODecKeyChallContent (void)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyChallContent *challContent;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
- if (challContent == NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
- challContent->poolp = poolp;
- return challContent;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
- (CMMFPOPODecKeyChallContent *inDecKeyChall,
- long inRandom,
- CERTGeneralName *inSender,
- SECKEYPublicKey *inPubKey,
- void *passwdArg)
-{
- CMMFChallenge *curChallenge;
- PRArenaPool *genNamePool = NULL, *poolp;
- SECStatus rv;
- SECItem *genNameDER;
- void *mark;
-
- PORT_Assert (inDecKeyChall != NULL &&
- inSender != NULL &&
- inPubKey != NULL);
-
- if (inDecKeyChall == NULL ||
- inSender == NULL || inPubKey == NULL) {
- return SECFailure;
- }
- poolp = inDecKeyChall->poolp;
- mark = PORT_ArenaMark(poolp);
-
- genNamePool = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- genNameDER = CERT_EncodeGeneralName(inSender, NULL, genNamePool);
- if (genNameDER == NULL) {
- rv = SECFailure;
- goto loser;
- }
- if (inDecKeyChall->challenges == NULL) {
- inDecKeyChall->challenges =
- PORT_ArenaZNewArray(poolp, CMMFChallenge*,(CMMF_MAX_CHALLENGES+1));
- inDecKeyChall->numAllocated = CMMF_MAX_CHALLENGES;
- }
-
- if (inDecKeyChall->numChallenges >= inDecKeyChall->numAllocated) {
- rv = SECFailure;
- goto loser;
- }
-
- if (inDecKeyChall->numChallenges == 0) {
- rv = cmmf_create_first_challenge(inDecKeyChall, inRandom,
- genNameDER, inPubKey, passwdArg);
- } else {
- curChallenge = PORT_ArenaZNew(poolp, CMMFChallenge);
- if (curChallenge == NULL) {
- rv = SECFailure;
- goto loser;
- }
- rv = cmmf_create_witness_and_challenge(poolp, curChallenge, inRandom,
- genNameDER, inPubKey,
- passwdArg);
- if (rv == SECSuccess) {
- inDecKeyChall->challenges[inDecKeyChall->numChallenges] =
- curChallenge;
- inDecKeyChall->numChallenges++;
- }
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- PORT_FreeArena(genNamePool, PR_FALSE);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- if (genNamePool != NULL) {
- PORT_FreeArena(genNamePool, PR_FALSE);
- }
- PORT_Assert(rv != SECSuccess);
- return rv;
-}
-
-SECStatus
-CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp)
-{
- PORT_Assert(inDecKeyResp != NULL);
- if (inDecKeyResp != NULL && inDecKeyResp->poolp != NULL) {
- PORT_FreeArena(inDecKeyResp->poolp, PR_FALSE);
- }
- return SECSuccess;
-}
-
-int
-CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont)
-{
- int numResponses = 0;
-
- PORT_Assert(inRespCont != NULL);
- if (inRespCont == NULL) {
- return 0;
- }
-
- while (inRespCont->responses[numResponses] != NULL) {
- numResponses ++;
- }
- return numResponses;
-}
-
-SECStatus
-CMMF_POPODecKeyRespContentGetResponse (CMMFPOPODecKeyRespContent *inRespCont,
- int inIndex,
- long *inDest)
-{
- PORT_Assert(inRespCont != NULL);
-
- if (inRespCont == NULL || inIndex < 0 ||
- inIndex >= CMMF_POPODecKeyRespContentGetNumResponses(inRespCont)) {
- return SECFailure;
- }
- *inDest = DER_GetInteger(inRespCont->responses[inIndex]);
- return (*inDest == -1) ? SECFailure : SECSuccess;
-}
diff --git a/security/nss/lib/crmf/cmmfi.h b/security/nss/lib/crmf/cmmfi.h
deleted file mode 100644
index 0a476badd..000000000
--- a/security/nss/lib/crmf/cmmfi.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * These are the definitions needed by the library internally to implement
- * CMMF. Most of these will be helper utilities for manipulating internal
- * data strucures.
- */
-#ifndef _CMMFI_H_
-#define _CMMFI_H_
-#include "cmmfit.h"
-#include "crmfi.h"
-
-#define CMMF_MAX_CHALLENGES 10
-#define CMMF_MAX_KEY_PAIRS 50
-
-/*
- * Some templates that the code will need to implement CMMF.
- */
-extern const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[];
-extern const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[];
-extern const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[];
-extern const SEC_ASN1Template CMMFRandTemplate[];
-extern const SEC_ASN1Template CMMFSequenceOfCertsTemplate[];
-extern const SEC_ASN1Template CMMFPKIStatusInfoTemplate[];
-extern const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[];
-
-
-/*
- * Some utility functions that are shared by multiple files in this
- * implementation.
- */
-
-extern SECStatus cmmf_CopyCertResponse (PRArenaPool *poolp,
- CMMFCertResponse *dest,
- CMMFCertResponse *src);
-
-extern SECStatus cmmf_CopyPKIStatusInfo (PRArenaPool *poolp,
- CMMFPKIStatusInfo *dest,
- CMMFPKIStatusInfo *src);
-
-extern SECStatus cmmf_CopyCertifiedKeyPair(PRArenaPool *poolp,
- CMMFCertifiedKeyPair *dest,
- CMMFCertifiedKeyPair *src);
-
-extern SECStatus cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info,
- PRBool freeit);
-
-extern SECStatus cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert,
- PRBool freeit);
-
-extern SECStatus cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
- PRArenaPool *poolp,
- CMMFPKIStatus inStatus);
-
-extern SECStatus cmmf_ExtractCertsFromList(CERTCertList *inCertList,
- PRArenaPool *poolp,
- CERTCertificate ***certArray);
-
-extern SECStatus
- cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
- PRArenaPool *poolp,
- CERTCertificate *inCert);
-
-extern CMMFPKIStatus
- cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus);
-
-extern CERTCertList*
- cmmf_MakeCertList(CERTCertificate **inCerts);
-
-extern CERTCertificate*
-cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
- CERTCertDBHandle *certdb);
-
-extern SECStatus
-cmmf_decode_process_cert_response(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertResponse *inCertResp);
-
-extern SECStatus
-cmmf_decode_process_certified_key_pair(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertifiedKeyPair *inCertKeyPair);
-
-extern SECStatus
-cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
- const SEC_ASN1Template *inTemplate);
-
-extern SECStatus
-cmmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src);
-#endif /*_CMMFI_H_*/
-
-
-
-
-
diff --git a/security/nss/lib/crmf/cmmfit.h b/security/nss/lib/crmf/cmmfit.h
deleted file mode 100644
index e6ef02f96..000000000
--- a/security/nss/lib/crmf/cmmfit.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMFIT_H_
-#define _CMMFIT_H_
-
-/*
- * All fields marked by a PKIStausInfo in comments is an integer
- * with the following possible values.
- *
- * Integer Value Meaning
- * ------------- -------
- * 0 granted- got exactly what you asked for.
- *
- * 1 grantedWithMods-got something like what you asked
- * for;requester is responsible for ascertainging the
- * differences.
- *
- * 2 rejection-you don't get what you asked for; more
- * information elsewhere in the message
- *
- * 3 waiting-the request body part has not yet been
- * processed, expect to hear more later.
- *
- * 4 revocationWarning-this message contains a warning
- * that a revocation is imminent.
- *
- * 5 revocationNotification-notification that a
- * revocation has occurred.
- *
- * 6 keyUpdateWarning-update already done for the
- * oldCertId specified in FullCertTemplate.
- */
-
-struct CMMFPKIStatusInfoStr {
- SECItem status;
- SECItem statusString;
- SECItem failInfo;
-};
-
-struct CMMFCertOrEncCertStr {
- union {
- CERTCertificate *certificate;
- CRMFEncryptedValue *encryptedCert;
- } cert;
- CMMFCertOrEncCertChoice choice;
- SECItem derValue;
-};
-
-struct CMMFCertifiedKeyPairStr {
- CMMFCertOrEncCert certOrEncCert;
- CRMFEncryptedValue *privateKey;
- SECItem derPublicationInfo; /* We aren't creating
- * PKIPublicationInfo's, so
- * we'll store away the der
- * here if we decode one that
- * does have pubInfo.
- */
- SECItem unwrappedPrivKey;
-};
-
-struct CMMFCertResponseStr {
- SECItem certReqId;
- CMMFPKIStatusInfo status; /*PKIStatusInfo*/
- CMMFCertifiedKeyPair *certifiedKeyPair;
-};
-
-struct CMMFCertRepContentStr {
- CERTCertificate **caPubs;
- CMMFCertResponse **response;
- PRArenaPool *poolp;
- PRBool isDecoded;
-};
-
-struct CMMFChallengeStr {
- SECAlgorithmID *owf;
- SECItem witness;
- SECItem senderDER;
- SECItem key;
- SECItem challenge;
- SECItem randomNumber;
-};
-
-struct CMMFRandStr {
- SECItem integer;
- SECItem senderHash;
- CERTGeneralName *sender;
-};
-
-struct CMMFPOPODecKeyChallContentStr {
- CMMFChallenge **challenges;
- PRArenaPool *poolp;
- int numChallenges;
- int numAllocated;
-};
-
-struct CMMFPOPODecKeyRespContentStr {
- SECItem **responses;
- PRArenaPool *poolp;
-};
-
-struct CMMFKeyRecRepContentStr {
- CMMFPKIStatusInfo status; /* PKIStatusInfo */
- CERTCertificate *newSigCert;
- CERTCertificate **caCerts;
- CMMFCertifiedKeyPair **keyPairHist;
- PRArenaPool *poolp;
- int numKeyPairs;
- int allocKeyPairs;
- PRBool isDecoded;
-};
-
-#endif /* _CMMFIT_H_ */
-
diff --git a/security/nss/lib/crmf/cmmfrec.c b/security/nss/lib/crmf/cmmfrec.c
deleted file mode 100644
index e58b86aad..000000000
--- a/security/nss/lib/crmf/cmmfrec.c
+++ /dev/null
@@ -1,338 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * This file will implement the functions related to key recovery in
- * CMMF
- */
-
-#include "nssrenam.h"
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-
-CMMFKeyRecRepContent*
-CMMF_CreateKeyRecRepContent(void)
-{
- PRArenaPool *poolp;
- CMMFKeyRecRepContent *keyRecContent;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
- if (keyRecContent == NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
- keyRecContent->poolp = poolp;
- return keyRecContent;
-}
-
-SECStatus
-CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep != NULL && inKeyRecRep->poolp != NULL) {
- if (!inKeyRecRep->isDecoded) {
- int i;
-
- CERT_DestroyCertificate(inKeyRecRep->newSigCert);
- if (inKeyRecRep->caCerts != NULL) {
- for (i=0; inKeyRecRep->caCerts[i] != NULL; i++) {
- CERT_DestroyCertificate(inKeyRecRep->caCerts[i]);
- }
- }
- if (inKeyRecRep->keyPairHist != NULL) {
- for (i=0; inKeyRecRep->keyPairHist[i] != NULL; i++) {
- if (inKeyRecRep->keyPairHist[i]->certOrEncCert.choice ==
- cmmfCertificate) {
- CERT_DestroyCertificate(inKeyRecRep->keyPairHist[i]->
- certOrEncCert.cert.certificate);
- }
- }
- }
- }
- PORT_FreeArena(inKeyRecRep->poolp, PR_TRUE);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
- CMMFPKIStatus inPKIStatus)
-{
- PORT_Assert(inKeyRecRep != NULL && inPKIStatus >= cmmfGranted &&
- inPKIStatus < cmmfNumPKIStatus);
- if (inKeyRecRep == NULL) {
- return SECFailure;
- }
-
- return cmmf_PKIStatusInfoSetStatus(&inKeyRecRep->status,
- inKeyRecRep->poolp,
- inPKIStatus);
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inNewSignCert)
-{
- PORT_Assert (inKeyRecRep != NULL && inNewSignCert != NULL);
- if (inKeyRecRep == NULL || inNewSignCert == NULL) {
- return SECFailure;
- }
- inKeyRecRep->newSigCert = CERT_DupCertificate(inNewSignCert);
- return (inKeyRecRep->newSigCert == NULL) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertList *inCACerts)
-{
- SECStatus rv;
- void *mark;
-
- PORT_Assert (inKeyRecRep != NULL && inCACerts != NULL);
- if (inKeyRecRep == NULL || inCACerts == NULL) {
- return SECFailure;
- }
- mark = PORT_ArenaMark(inKeyRecRep->poolp);
- rv = cmmf_ExtractCertsFromList(inCACerts, inKeyRecRep->poolp,
- &inKeyRecRep->caCerts);
- if (rv != SECSuccess) {
- PORT_ArenaRelease(inKeyRecRep->poolp, mark);
- } else {
- PORT_ArenaUnmark(inKeyRecRep->poolp, mark);
- }
- return rv;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inCert,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey)
-{
- CMMFCertifiedKeyPair *keyPair;
- CRMFEncryptedValue *dummy;
- PRArenaPool *poolp;
- void *mark;
- SECStatus rv;
-
- PORT_Assert (inKeyRecRep != NULL &&
- inCert != NULL &&
- inPrivKey != NULL &&
- inPubKey != NULL);
- if (inKeyRecRep == NULL ||
- inCert == NULL ||
- inPrivKey == NULL ||
- inPubKey == NULL) {
- return SECFailure;
- }
- poolp = inKeyRecRep->poolp;
- mark = PORT_ArenaMark(poolp);
- if (inKeyRecRep->keyPairHist == NULL) {
- inKeyRecRep->keyPairHist = PORT_ArenaNewArray(poolp,
- CMMFCertifiedKeyPair*,
- (CMMF_MAX_KEY_PAIRS+1));
- if (inKeyRecRep->keyPairHist == NULL) {
- goto loser;
- }
- inKeyRecRep->allocKeyPairs = CMMF_MAX_KEY_PAIRS;
- inKeyRecRep->numKeyPairs = 0;
- }
-
- if (inKeyRecRep->allocKeyPairs == inKeyRecRep->numKeyPairs) {
- goto loser;
- }
-
- keyPair = PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
- if (keyPair == NULL) {
- goto loser;
- }
- rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert,
- poolp, inCert);
- if (rv != SECSuccess) {
- goto loser;
- }
- keyPair->privateKey = PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (keyPair->privateKey == NULL) {
- goto loser;
- }
- dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey, inPubKey,
- keyPair->privateKey);
- PORT_Assert(dummy = keyPair->privateKey);
- if (dummy != keyPair->privateKey) {
- crmf_destroy_encrypted_value(dummy, PR_TRUE);
- goto loser;
- }
- inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = keyPair;
- inKeyRecRep->numKeyPairs++;
- inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-CMMFPKIStatus
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL) {
- return cmmfNoPKIStatus;
- }
- return cmmf_PKIStatusInfoGetStatus(&inKeyRecRep->status);
-}
-
-CERTCertificate*
-CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL ||
- inKeyRecRep->newSigCert == NULL) {
- return NULL;
- }
- return CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- &inKeyRecRep->newSigCert->signatureWrap.data,
- NULL, PR_FALSE, PR_TRUE);
-}
-
-CERTCertList*
-CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL || inKeyRecRep->caCerts == NULL) {
- return NULL;
- }
- return cmmf_MakeCertList(inKeyRecRep->caCerts);
-}
-
-int
-CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- return (inKeyRecRep == NULL) ? 0 : inKeyRecRep->numKeyPairs;
-}
-
-PRBool
-cmmf_KeyRecRepContentIsValidIndex(CMMFKeyRecRepContent *inKeyRecRep,
- int inIndex)
-{
- int numKeyPairs = CMMF_KeyRecRepContentGetNumKeyPairs(inKeyRecRep);
-
- return (PRBool)(inIndex >= 0 && inIndex < numKeyPairs);
-}
-
-CMMFCertifiedKeyPair*
-CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
- int inIndex)
-{
- CMMFCertifiedKeyPair *newKeyPair;
- SECStatus rv;
-
- PORT_Assert(inKeyRecRep != NULL &&
- cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex));
- if (inKeyRecRep == NULL ||
- !cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex)) {
- return NULL;
- }
- newKeyPair = PORT_ZNew(CMMFCertifiedKeyPair);
- if (newKeyPair == NULL) {
- return NULL;
- }
- rv = cmmf_CopyCertifiedKeyPair(NULL, newKeyPair,
- inKeyRecRep->keyPairHist[inIndex]);
- if (rv != SECSuccess) {
- CMMF_DestroyCertifiedKeyPair(newKeyPair);
- newKeyPair = NULL;
- }
- return newKeyPair;
-}
-
-SECStatus
-CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
- SECKEYPrivateKey *inPrivKey,
- SECItem *inNickName,
- PK11SlotInfo *inSlot,
- CERTCertDBHandle *inCertdb,
- SECKEYPrivateKey **destPrivKey,
- void *wincx)
-{
- CERTCertificate *cert;
- SECItem keyUsageValue = {siBuffer, NULL, 0};
- unsigned char keyUsage = 0x0;
- SECKEYPublicKey *pubKey;
- SECStatus rv;
-
- PORT_Assert(inKeyPair != NULL &&
- inPrivKey != NULL && inCertdb != NULL);
- if (inKeyPair == NULL ||
- inPrivKey == NULL ||
- inKeyPair->privateKey == NULL ||
- inCertdb == NULL) {
- return SECFailure;
- }
-
- cert = CMMF_CertifiedKeyPairGetCertificate(inKeyPair, inCertdb);
- CERT_FindKeyUsageExtension(cert, &keyUsageValue);
- if (keyUsageValue.data != NULL) {
- keyUsage = keyUsageValue.data[3];
- PORT_Free(keyUsageValue.data);
- }
- pubKey = CERT_ExtractPublicKey(cert);
- rv = crmf_encrypted_value_unwrap_priv_key(NULL, inKeyPair->privateKey,
- inPrivKey, pubKey,
- inNickName, inSlot, keyUsage,
- destPrivKey, wincx);
- SECKEY_DestroyPublicKey(pubKey);
- CERT_DestroyCertificate(cert);
- return rv;
-}
-
-
-PRBool
-CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL) {
- return PR_FALSE;
- }
- return (PRBool)(inKeyRecRep->caCerts != NULL &&
- inKeyRecRep->caCerts[0] != NULL);
-}
diff --git a/security/nss/lib/crmf/cmmfresp.c b/security/nss/lib/crmf/cmmfresp.c
deleted file mode 100644
index b26fb39fb..000000000
--- a/security/nss/lib/crmf/cmmfresp.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * This file will contain all routines dealing with creating a
- * CMMFCertRepContent structure through Create/Set functions.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-#include "secder.h"
-
-CMMFCertRepContent*
-CMMF_CreateCertRepContent(void)
-{
- CMMFCertRepContent *retCertRep;
- PRArenaPool *poolp;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- retCertRep = PORT_ArenaZNew(poolp, CMMFCertRepContent);
- if (retCertRep == NULL) {
- goto loser;
- }
- retCertRep->poolp = poolp;
- return retCertRep;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
- PRArenaPool *poolp,
- CERTCertificate *inCert)
-{
- SECItem *derDest = NULL;
- SECStatus rv = SECFailure;
-
- if (inCert->derCert.data == NULL) {
- derDest = SEC_ASN1EncodeItem(NULL, NULL, inCert,
- CMMFCertOrEncCertCertificateTemplate);
- if (derDest == NULL) {
- goto loser;
- }
- } else {
- derDest = SECITEM_DupItem(&inCert->derCert);
- if (derDest == NULL) {
- goto loser;
- }
- }
- PORT_Assert(certOrEncCert->cert.certificate == NULL);
- certOrEncCert->cert.certificate = CERT_DupCertificate(inCert);
- certOrEncCert->choice = cmmfCertificate;
- if (poolp != NULL) {
- rv = SECITEM_CopyItem(poolp, &certOrEncCert->derValue, derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- certOrEncCert->derValue = *derDest;
- }
- PORT_Free(derDest);
- return SECSuccess;
- loser:
- if (derDest != NULL) {
- SECITEM_FreeItem(derDest, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-cmmf_ExtractCertsFromList(CERTCertList *inCertList,
- PRArenaPool *poolp,
- CERTCertificate ***certArray)
-{
- CERTCertificate **arrayLocalCopy;
- CERTCertListNode *node;
- int numNodes = 0, i;
-
- for (node = CERT_LIST_HEAD(inCertList); !CERT_LIST_END(node, inCertList);
- node = CERT_LIST_NEXT(node)) {
- numNodes++;
- }
-
- arrayLocalCopy = *certArray = (poolp == NULL) ?
- PORT_NewArray(CERTCertificate*, (numNodes+1)) :
- PORT_ArenaNewArray(poolp, CERTCertificate*, (numNodes+1));
- if (arrayLocalCopy == NULL) {
- return SECFailure;
- }
- for (node = CERT_LIST_HEAD(inCertList), i=0;
- !CERT_LIST_END(node, inCertList);
- node = CERT_LIST_NEXT(node), i++) {
- arrayLocalCopy[i] = CERT_DupCertificate(node->cert);
- if (arrayLocalCopy[i] == NULL) {
- int j;
-
- for (j=0; j<i; j++) {
- CERT_DestroyCertificate(arrayLocalCopy[j]);
- }
- if (poolp == NULL) {
- PORT_Free(arrayLocalCopy);
- }
- *certArray = NULL;
- return SECFailure;
- }
- }
- arrayLocalCopy[numNodes] = NULL;
- return SECSuccess;
-}
-
-SECStatus
-CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
- CMMFCertResponse **inCertResponses,
- int inNumResponses)
-{
- PRArenaPool *poolp;
- CMMFCertResponse **respArr, *newResp;
- void *mark;
- SECStatus rv;
- int i;
-
- PORT_Assert (inCertRepContent != NULL &&
- inCertResponses != NULL &&
- inNumResponses > 0);
- if (inCertRepContent == NULL ||
- inCertResponses == NULL ||
- inCertRepContent->response != NULL) {
- return SECFailure;
- }
- poolp = inCertRepContent->poolp;
- mark = PORT_ArenaMark(poolp);
- respArr = inCertRepContent->response =
- PORT_ArenaZNewArray(poolp, CMMFCertResponse*, (inNumResponses+1));
- if (respArr == NULL) {
- goto loser;
- }
- for (i=0; i<inNumResponses; i++) {
- newResp = PORT_ArenaZNew(poolp, CMMFCertResponse);
- if (newResp == NULL) {
- goto loser;
- }
- rv = cmmf_CopyCertResponse(poolp, newResp, inCertResponses[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- respArr[i] = newResp;
- }
- respArr[inNumResponses] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-CMMFCertResponse*
-CMMF_CreateCertResponse(long inCertReqId)
-{
- SECItem *dummy;
- CMMFCertResponse *newResp;
-
- newResp = PORT_ZNew(CMMFCertResponse);
- if (newResp == NULL) {
- goto loser;
- }
- dummy = SEC_ASN1EncodeInteger(NULL, &newResp->certReqId, inCertReqId);
- if (dummy != &newResp->certReqId) {
- goto loser;
- }
- return newResp;
-
- loser:
- if (newResp != NULL) {
- CMMF_DestroyCertResponse(newResp);
- }
- return NULL;
-}
-
-SECStatus
-CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
- CMMFPKIStatus inPKIStatus)
-{
- PORT_Assert (inCertResp != NULL && inPKIStatus >= cmmfGranted
- && inPKIStatus < cmmfNumPKIStatus);
-
- if (inCertResp == NULL) {
- return SECFailure;
- }
- return cmmf_PKIStatusInfoSetStatus(&inCertResp->status, NULL,
- inPKIStatus);
-}
-
-SECStatus
-CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
- CERTCertificate *inCertificate)
-{
- CMMFCertifiedKeyPair *keyPair = NULL;
- SECStatus rv = SECFailure;
-
- PORT_Assert(inCertResp != NULL && inCertificate != NULL);
- if (inCertResp == NULL || inCertificate == NULL) {
- return SECFailure;
- }
- if (inCertResp->certifiedKeyPair == NULL) {
- keyPair = inCertResp->certifiedKeyPair =
- PORT_ZNew(CMMFCertifiedKeyPair);
- } else {
- keyPair = inCertResp->certifiedKeyPair;
- }
- if (keyPair == NULL) {
- goto loser;
- }
- rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert, NULL,
- inCertificate);
- if (rv != SECSuccess) {
- goto loser;
- }
- return SECSuccess;
- loser:
- if (keyPair) {
- if (keyPair->certOrEncCert.derValue.data) {
- PORT_Free(keyPair->certOrEncCert.derValue.data);
- }
- PORT_Free(keyPair);
- }
- return rv;
-}
-
-
-SECStatus
-CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
- CERTCertList *inCAPubs)
-{
- PRArenaPool *poolp;
- void *mark;
- SECStatus rv;
-
- PORT_Assert(inCertRepContent != NULL &&
- inCAPubs != NULL &&
- inCertRepContent->caPubs == NULL);
-
- if (inCertRepContent == NULL ||
- inCAPubs == NULL || inCertRepContent == NULL) {
- return SECFailure;
- }
-
- poolp = inCertRepContent->poolp;
- mark = PORT_ArenaMark(poolp);
-
- rv = cmmf_ExtractCertsFromList(inCAPubs, poolp,
- &inCertRepContent->caPubs);
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
- return rv;
-}
-
-CERTCertificate*
-CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
- CERTCertDBHandle *inCertdb)
-{
- PORT_Assert(inCertKeyPair != NULL);
- if (inCertKeyPair == NULL) {
- return NULL;
- }
- return cmmf_CertOrEncCertGetCertificate(&inCertKeyPair->certOrEncCert,
- inCertdb);
-}
diff --git a/security/nss/lib/crmf/cmmft.h b/security/nss/lib/crmf/cmmft.h
deleted file mode 100644
index 078253057..000000000
--- a/security/nss/lib/crmf/cmmft.h
+++ /dev/null
@@ -1,102 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMFT_H_
-#define _CMMFT_H_
-
-#include "secasn1.h"
-
-/*
- * These are the enumerations used to distinguish between the different
- * choices available for the CMMFCertOrEncCert structure.
- */
-typedef enum {
- cmmfNoCertOrEncCert = 0,
- cmmfCertificate = 1,
- cmmfEncryptedCert = 2
-} CMMFCertOrEncCertChoice;
-
-/*
- * This is the enumeration and the corresponding values used to
- * represent the CMMF type PKIStatus
- */
-typedef enum {
- cmmfNoPKIStatus = -1,
- cmmfGranted = 0,
- cmmfGrantedWithMods = 1,
- cmmfRejection = 2,
- cmmfWaiting = 3,
- cmmfRevocationWarning = 4,
- cmmfRevocationNotification = 5,
- cmmfKeyUpdateWarning = 6,
- cmmfNumPKIStatus
-} CMMFPKIStatus;
-
-/*
- * These enumerations are used to represent the corresponding values
- * in PKIFailureInfo defined in CMMF.
- */
-typedef enum {
- cmmfBadAlg = 0,
- cmmfBadMessageCheck = 1,
- cmmfBadRequest = 2,
- cmmfBadTime = 3,
- cmmfBadCertId = 4,
- cmmfBadDataFormat = 5,
- cmmfWrongAuthority = 6,
- cmmfIncorrectData = 7,
- cmmfMissingTimeStamp = 8,
- cmmfNoFailureInfo = 9
-} CMMFPKIFailureInfo;
-
-typedef struct CMMFPKIStatusInfoStr CMMFPKIStatusInfo;
-typedef struct CMMFCertOrEncCertStr CMMFCertOrEncCert;
-typedef struct CMMFCertifiedKeyPairStr CMMFCertifiedKeyPair;
-typedef struct CMMFCertResponseStr CMMFCertResponse;
-typedef struct CMMFCertResponseSeqStr CMMFCertResponseSeq;
-typedef struct CMMFPOPODecKeyChallContentStr CMMFPOPODecKeyChallContent;
-typedef struct CMMFChallengeStr CMMFChallenge;
-typedef struct CMMFRandStr CMMFRand;
-typedef struct CMMFPOPODecKeyRespContentStr CMMFPOPODecKeyRespContent;
-typedef struct CMMFKeyRecRepContentStr CMMFKeyRecRepContent;
-typedef struct CMMFCertRepContentStr CMMFCertRepContent;
-
-/* Export this so people can call SEC_ASN1EncodeItem instead of having to
- * write callbacks that are passed in to the high level encode function
- * for CMMFCertRepContent.
- */
-extern const SEC_ASN1Template CMMFCertRepContentTemplate[];
-extern const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[];
-
-#endif /*_CMMFT_H_*/
diff --git a/security/nss/lib/crmf/config.mk b/security/nss/lib/crmf/config.mk
deleted file mode 100644
index 3b647d954..000000000
--- a/security/nss/lib/crmf/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/crmf/crmf.h b/security/nss/lib/crmf/crmf.h
deleted file mode 100644
index cf7b91095..000000000
--- a/security/nss/lib/crmf/crmf.h
+++ /dev/null
@@ -1,1779 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMF_H_
-#define _CRMF_H_
-
-#include "seccomon.h"
-#include "cert.h"
-#include "crmft.h"
-#include "secoid.h"
-#include "secpkcs7.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * FUNCTION: CRMF_EncodeCertReqMsg
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to be encoded.
- * fn
- * A Callback function that the ASN1 encoder calls whenever
- * the encoder wants to write out some DER encoded bytes.
- * arg
- * An opaque pointer that gets passed to the function fn
- * OUTPUT:
- * The function fn will be called multiple times. Look at the
- * comments in crmft.h where the CRMFEncoderOutputCallback type is
- * defined for information on proper behavior of the function fn.
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value
- * indicates an error occurred during encoding.
- */
-extern SECStatus
- CRMF_EncodeCertReqMsg (CRMFCertReqMsg *inCertReqMsg,
- CRMFEncoderOutputCallback fn,
- void *arg);
-
-/*
- * FUNCTION: CRMF_EncoderCertRequest
- * INPUTS:
- * inCertReq
- * The Certificate Request to be encoded.
- * fn
- * A Callback function that the ASN1 encoder calls whenever
- * the encoder wants to write out some DER encoded bytes.
- * arg
- * An opaque pointer that gets passed to the function fn.
- * OUTPUT:
- * The function fn will be called, probably multiple times whenever
- * the ASN1 encoder wants to write out DER-encoded bytes. Look at the
- * comments in crmft.h where the CRMFEncoderOuputCallback type is
- * defined for information on proper behavior of the funciton fn.
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value
- * indicates an error occured during encoding.
- */
-extern SECStatus CRMF_EncodeCertRequest (CRMFCertRequest *inCertReq,
- CRMFEncoderOutputCallback fn,
- void *arg);
-/*
- * FUNCTION: CRMF_EncodeCertReqMessages
- * INPUTS:
- * inCertReqMsgs
- * An array of pointers to the Certificate Request Messages
- * to encode. The user must place a NULL pointer in the index
- * after the last message to be encoded. When the library runs
- * into the NULL pointer, the library assumes there are no more
- * messages to encode.
- * fn
- * A Callback function that the ASN1 encoder calls whenever
- * the encoder wants to write out some DER encoded byts.
- * arg
- * An opaque pointer that gets passed to the function fn.
- *
- * NOTES:
- * The parameter inCertReqMsgs needs to be an array with a NULL pointer
- * to signal the end of messages. An array in the form of
- * {m1, m2, m3, NULL, m4, ...} will only encode the messages m1, m2, and
- * m3. All messages from m4 on will not be looked at by the library.
- *
- * OUTPUT:
- * The function fn will be called, probably multiple times. Look at the
- * comments in crmft.h where the CRMFEncoderOuputCallback type is
- * defined for information on proper behavior of the funciton fn.
- *
- * RETURN:
- * SECSuccess if encoding the Certificate Request Messages was successful.
- * Any other return value indicates an error occurred while encoding the
- * certificate request messages.
- */
-extern SECStatus
- CRMF_EncodeCertReqMessages(CRMFCertReqMsg **inCertReqMsgs,
- CRMFEncoderOutputCallback fn,
- void *arg);
-
-
-/*
- * FUNCTION: CRMF_CreateCertReqMsg
- * INPUTS:
- * NONE
- * OUTPUT:
- * An empty CRMF Certificate Request Message.
- * Before encoding this message, the user must set
- * the ProofOfPossession field and the certificate
- * request which are necessary for the full message.
- * After the user no longer needs this CertReqMsg,
- * the user must call CRMF_DestroyCertReqMsg to free
- * all memory associated with the Certificate Request
- * Message.
- * RETURN:
- * A pointer to a Certificate Request Message. The user
- * must pass the return value of this function to
- * CRMF_DestroyCertReqMsg after the Certificate Request
- * Message is no longer necessary.
- */
-extern CRMFCertReqMsg* CRMF_CreateCertReqMsg(void);
-
-/*
- * FUNCTION: CRMF_DestroyCertReqMsg
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to destroy.
- * NOTES:
- * This function frees all the memory used for the Certificate
- * Request Message and all the memory used in making copies of
- * fields of elelments of the message, eg. the Proof Of Possession
- * filed and the Cetificate Request.
- * RETURN:
- * SECSuccess if destruction was successful. Any other return value
- * indicates an error while trying to free the memory associated
- * with inCertReqMsg.
- *
- */
-extern SECStatus CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetCertRequest
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message that the function will set
- * the certificate request for.
- * inCertReq
- * The Certificate Request that will be added to the Certificate
- * Request Message.
- * NOTES:
- * This function will make a copy of the Certificate Request passed in
- * and store it as part of the Certificate Request Message. Therefore,
- * the user must not call this function until the Certificate Request
- * has been fully built and is ready to be encoded.
- * RETURN:
- * SECSuccess
- * If copying the Certificate as a member of the Certificate
- * request message was successful.
- * Any other return value indicates a failure to copy the Certificate
- * Request and make it a part of the Certificate Request Message.
- */
-extern SECStatus CRMF_CertReqMsgSetCertRequest(CRMFCertReqMsg *inCertReqMsg,
- CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CreateCertRequest
- * INPUTS:
- * inRequestID
- * The ID that will be associated with this certificate request.
- * OUTPUTS:
- * A certificate request which only has the requestID set.
- * NOTES:
- * The user must call the function CRMF_DestroyCertRequest when
- * the returned value is no longer needed. This is usually the
- * case after fully constructing the Certificate Request and then
- * calling the function CRMF_CertReqMsgSetCertRequest.
- * RETURN:
- * A pointer to the new Certificate Request. A NULL return value
- * indicates an error in creating the Certificate Request.
- */
-extern CRMFCertRequest *CRMF_CreateCertRequest (long inRequestID);
-
-/*
- * FUNCTION: CRMF_DestroyCertRequest
- * INPUTS:
- * inCertReq
- * The Certificate Request that will be destroyed.
- * RETURN:
- * SECSuccess
- * If freeing the memory associated with the certificate request
- * was successful.
- * Any other return value indicates an error while trying to free the
- * memory.
- */
-extern SECStatus CRMF_DestroyCertRequest (CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CreateCertExtension
- * INPUTS:
- * id
- * The SECOidTag to associate with this CertExtension. This must
- * correspond to a valid Certificate Extension, if not the function
- * will fail.
- * isCritical
- * A boolean value stating if the extension value is crtical. PR_TRUE
- * means the value is crtical. PR_FALSE indicates the value is not
- * critical.
- * data
- * This is the data associated with the extension. The user of the
- * library is responsible for making sure the value passed in is a
- * valid interpretation of the certificate extension.
- * NOTES:
- * Use this function to create CRMFCertExtension Structures which will
- * then be passed to CRMF_AddFieldToCertTemplate as part of the
- * CRMFCertCreationInfo.extensions The user must call
- * CRMF_DestroyCertExtension after the extension has been added to a certifcate
- * and the extension is no longer needed.
- *
- * RETURN:
- * A pointer to a newly created CertExtension. A return value of NULL
- * indicates the id passed in was an invalid certificate extension.
- */
-extern CRMFCertExtension *CRMF_CreateCertExtension(SECOidTag id,
- PRBool isCritical,
- SECItem *data);
-
-/*
- * FUNCTION: CMRF_DestroyCertExtension
- * INPUTS:
- * inExtension
- * The Cert Extension to destroy
- * NOTES:
- * Destroy a structure allocated by CRMF_CreateCertExtension.
- *
- * RETURN:
- * SECSuccess if freeing the memory associated with the certificate extension
- * was successful. Any other error indicates an error while freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyCertExtension(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertRequestSetTemplateField
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * inTemplateField
- * An enumeration that indicates which field of the Certificate
- * template to add.
- * data
- * A generic pointer that will be type cast according to the
- * table under NOTES and used as the key for adding to the
- * certificate template;
- * NOTES:
- *
- * Below is a table that tells what type to pass in as data
- * depending on the template field one wants to set.
- *
- * Look in crmft.h for the definition of CRMFCertTemplateField.
- *
- * In all cases, the library makes copies of the data passed in.
- *
- * CRMFCertTemplateField Type of data What data means
- * --------------------- ------------ ---------------
- * crmfVersion long * The version of
- * the certificate
- * to be created.
- *
- * crmfSerialNumber long * The serial number
- * for the cert to be
- * created.
- *
- * crmfSigningAlg SECAlgorithm * The ASN.1 object ID for
- * the algorithm used in encoding
- * the certificate.
- *
- * crmfIssuer CERTName * Certificate Library
- * representation of the ASN1 type
- * Name from X.509
- *
- * crmfValidity CRMFValidityCreationInfo * At least one of the two
- * fields in the structure must
- * be present. A NULL pointer
- * in the structure indicates
- * that member should not be
- * added.
- *
- * crmfSubject CERTName * Certificate Library
- * representation of the ASN1 type
- * Name from X.509
- *
- * crmfPublicKey CERTSubjectPublicKeyInfo * The public key info for the
- * certificate being requested.
- *
- * crmfIssuerUID SECItem * A bit string representation
- * of the issuer UID. NOTE: The
- * length is the number of bits
- * and not the number of bytes.
- *
- * crmfSubjectUID SECItem* A bit string representation
- * of the subject UID. NOTE: The
- * length is the number of bits
- * and not the number of bytes.
- *
- * crmfExtension CRMFCertExtCreationInfo * A pointer to the structure
- * populated with an array of
- * of certificate extensions
- * and an integer that tells
- * how many elements are in the
- * array. Look in crmft.h for
- * the definition of
- * CRMFCertExtCreationInfo
- * RETURN:
- * SECSuccess if adding the desired field to the template was successful.
- * Any other return value indicates failure when trying to add the field
- * to the template.
- *
- */
-extern SECStatus
- CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField,
- void *data);
-
-/*
- * FUNCTION: CRMF_CertRequestIsFieldPresent
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * inTemplateField
- * The enumeration for the template field the user wants to query
- * about.
- * NOTES:
- * This function checks to see if the the field associated with inTemplateField
- * enumeration is already present in the certificate request passed in.
- *
- * RETURN:
- * The function returns PR_TRUE if the field associated with inTemplateField
- * is already present in the certificate request. If the field is not present
- * the function returns PR_FALSE.
- */
-extern PRBool
- CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField);
-
-/*
- * FUNCTION: CRMF_CertRequestIsControlPresent
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * inControlType
- * The type of control to look for.
- * NOTES:
- * This function looks at the control present in the certificate request
- * and returns PR_TRUE iff a control of type inControlType already exists.
- * The CRMF draft does not explicitly state that two controls of the same
- * type can not exist within the same request. So the library will not
- * cause an error if you try to add a control and one of the same type
- * already exists. It is up to the application to ensure that multiple
- * controls of the same type do not exist, if that is the desired behavior
- * by the application.
- *
- * RETURN:
- * The function returns PR_TRUE if a control of type inControlType already
- * exists in the certificate request. If a control of type inControlType
- * does not exist, the function will return PR_FALSE.
- */
-extern PRBool
- CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
- CRMFControlType inControlType);
-
-
-/*
- * FUNCTION: CRMF_CertRequestSetRegTokenControl
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * value
- * The UTF8 value which will be the Registration Token Control
- * for this Certificate Request.
- * NOTES:
- * The library does no verification that the value passed in is
- * a valid UTF8 value. The caller must make sure of this in order
- * to get an encoding that is valid. The library will ultimately
- * encode this value as it was passed in.
- * RETURN:
- * SECSucces on successful addition of the Registration Token Control.
- * Any other return value indicates an unsuccessful attempt to add the
- * control.
- *
- */
-extern SECStatus CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq,
- SECItem *value);
-
-/*
- * FUNCTION: CRMF_CertRequestSetAuthenticatorControl
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * value
- * The UTF8 value that will become the Authenticator Control
- * for the passed in Certificate Request.
- * NOTES:
- * The library does no verification that the value passed in is
- * a valid UTF8 value. The caller must make sure of this in order
- * to get an encoding that is valid. The library will ultimately
- * encode this value as it was passed in.
- * RETURN:
- * SECSucces on successful addition of the Authenticator Control.
- * Any other return value indicates an unsuccessful attempt to add the
- * control.
- */
-extern SECStatus
- CRMF_CertRequestSetAuthenticatorControl (CRMFCertRequest *inCertReq,
- SECItem *value);
-
-/*
- * FUNCTION: CRMF_CreateEncryptedKeyWithencryptedValue
- * INPUTS:
- * inPrivKey
- * This is the private key associated with a certificate that is
- * being requested. This structure will eventually wind up as
- * a part of the PKIArchiveOptions Control.
- * inCACert
- * This is the certificate for the CA that will be receiving the
- * certificate request for the private key passed in.
- * OUTPUT:
- * A CRMFEncryptedKey that can ultimately be used as part of the
- * PKIArchiveOptions Control.
- *
- * RETURN:
- * A pointer to a CRMFEncyptedKey. A NULL return value indicates an erro
- * during the creation of the encrypted key.
- */
-extern CRMFEncryptedKey*
- CRMF_CreateEncryptedKeyWithEncryptedValue(SECKEYPrivateKey *inPrivKey,
- CERTCertificate *inCACert);
-
-/*
- * FUNCTION: CRMF_DestroyEncryptedKey
- * INPUTS:
- * inEncrKey
- * The CRMFEncryptedKey to be destroyed.
- * NOTES:
- * Frees all memory associated with the CRMFEncryptedKey passed in.
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return
- * value indicates an error while freeig the memroy.
- */
-extern SECStatus CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey);
-
-/*
- * FUNCTION: CRMF_CreatePKIArchiveOptions
- * INPUTS:
- * inType
- * An enumeration value indicating which option for
- * PKIArchiveOptions to use.
- * data
- * A pointer that will be type-cast and de-referenced according
- * to the table under NOTES.
- * NOTES:
- * A table listing what should be passed in as data
- * ------------------------------------------------
- *
- * inType data
- * ------ ----
- * crmfEncryptedPrivateKey CRMFEncryptedKey*
- * crmfKeyGenParameters SECItem*(This needs to be an octet string)
- * crmfArchiveRemGenPrivKey PRBool*
- *
- * RETURN:
- * A pointer the a CRMFPKIArchiveOptions that can be added to a Certificate
- * Request. A NULL pointer indicates an error occurred while creating
- * the CRMFPKIArchiveOptions Structure.
- */
-extern CRMFPKIArchiveOptions*
- CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType,
- void *data);
-/*
- * FUNCTION: CRMF_DestroyPKIArchiveOptions
- * INPUTS:
- * inArchOpt
- * A pointer to the CRMFPKIArchiveOptions structure to free.
- * NOTES:
- * Will free all memory associated with 'inArchOpt'.
- * RETURN:
- * SECSuccess if successful in freeing the memory used by 'inArchOpt'
- * Any other return value indicates an error while freeing the memory.
- */
-extern SECStatus
- CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOpt);
-
-/*
- * FUNCTION: CRMF_CertRequestSetPKIArchiveOptions
- * INPUTS:
- * inCertReq
- * The Certificate Request to add the the options to.
- * inOptions
- * The Archive Options to add to the Certificate Request.
- * NOTES:
- * Adds the PKIArchiveOption to the Certificate Request. This is what
- * enables Key Escrow to take place through CRMF. The library makes
- * its own copy of the information.
- * RETURN:
- * SECSuccess if successful in adding the ArchiveOptions to the Certificate
- * request. Any other return value indicates an error when trying to add
- * the Archive Options to the Certificate Request.
- */
-extern SECStatus
- CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq,
- CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPType
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * NOTES:
- * Returns an enumeration value indicating the method of Proof
- * of Possession that was used for the passed in Certificate Request
- * Message.
- * RETURN:
- * An enumeration indicating what method for Proof Of Possession is
- * being used in this Certificate Request Message. Look in the file
- * crmft.h for the definition of CRMFPOPChoice for the possible return
- * values.
- */
-extern CRMFPOPChoice CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetRAVerifiedPOP
- * INPUT:
- * InCertReqMsg
- * The Certificate Request Message to operate on.
- * NOTES:
- * This function will set the method of Proof Of Possession to
- * crmfRAVerified which means the RA has already verified the
- * requester does possess the private key.
- * RETURN:
- * SECSuccess if adding RAVerified to the message is successful.
- * Any other message indicates an error while trying to add RAVerified
- * as the Proof of Possession.
- */
-extern SECStatus CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetSignaturePOP
- * INPUT:
- * inCertReqMsg
- * The Certificate Request Message to add the SignaturePOP to.
- * inPrivKey
- * The Private Key which corresponds to the the Certificate Request
- * Message.
- * inPubKey
- * The Public Key which corresponds to the Private Key passed in.
- * inCertForInput
- * A Certificate that in the future may be used to create
- * POPOSigningKeyInput.
- * fn
- * A callback for retrieving a password which may be used in the
- * future to generate POPOSigningKeyInput.
- * arg
- * An opaque pointer that would be passed to fn whenever it is
- * called.
- * NOTES:
- * Adds Proof Of Possession to the CertRequest using the signature field
- * of the ProofOfPossession field. NOTE: In order to use this option,
- * the certificate template must contain the publicKey at the very minimum.
- *
- * If you don't want the function to generate POPOSigningKeyInput, then
- * make sure the cert template already contains the subject and public key
- * values. Currently creating POPOSigningKeyInput is not supported, so
- * a Message passed to this function must have the publicKey and the subject
- * as part of the template
- *
- * This will take care of creating the entire POPOSigningKey structure
- * that will become part of the message.
- *
- * inPrivKey is the key to be used in the signing operation when creating
- * POPOSigningKey structure. This should be the key corresponding to
- * the certificate being requested.
- *
- * inCertForInput will be used if POPOSigningKeyInput needs to be generated.
- * It will be used in generating the authInfo.sender field. If the parameter
- * is not passed in then authInfo.publicKeyMAC will be generated instead.
- * If passed in, this certificate needs to be a valid certificate.
- *
- * The last 3 arguments are for future compatibility in case we ever want to
- * support generating POPOSigningKeyInput. Pass in NULL for all 3 if you
- * definitely don't want the funciton to even try to generate
- * POPOSigningKeyInput. If you try to use POPOSigningKeyInput, the function
- * will fail.
- *
- * RETURN:
- * SECSuccess if adding the Signature Proof Of Possession worked.
- * Any other return value indicates an error in trying to add
- * the Signature Proof Of Possession.
- */
-extern SECStatus
- CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg *inCertReqMsg,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey,
- CERTCertificate *inCertForInput,
- CRMFMACPasswordCallback fn,
- void *arg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetKeyEnciphermentPOP
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * inKeyChoice
- * An enumeration indicating which POPOPrivKey Choice to use
- * in constructing the KeyEnciphermentPOP.
- * subseqMess
- * This parameter must be provided iff inKeyChoice is
- * crmfSubsequentMessage. This details how the RA is to respond
- * in order to perform Proof Of Possession. Look in crmft.h under
- * the definition of CRMFSubseqMessOptions for possible values.
- * encPrivKey
- * This parameter only needs to be provided if inKeyChoice is
- * crmfThisMessage. The item should contain the encrypted private
- * key.
- *
- * NOTES:
- * Adds Proof Of Possession using the keyEncipherment field of
- * ProofOfPossession.
- *
- * The funciton looks at the the inKeyChoice parameter and interprets it in
- * in the following manner.
- *
- * If a parameter is not mentioned under interpretation, the funciton will not
- * look at its value when implementing that case.
- *
- * inKeyChoice Interpretation
- * ----------- --------------
- * crmfThisMessage This options requires that the encrypted private key
- * be included in the thisMessage field of POPOPrivKey.
- * We don't support this yet, so any clients who want
- * to use this feature have to implement a wrapping
- * function and agree with the server on how to properly
- * wrap the key. That encrypted key must be passed in
- * as the encPrivKey parameter.
- *
- * crmfSubequentMessage Must pass in a value for subseqMess. The value must
- * be either CRMFEncrCert or CRMFChallengeResp. The
- * parameter encPrivKey will not be looked at in this
- * case.
- *
- * crmfDHMAC This is not a valid option for this function. Passing
- * in this value will result in the function returning
- * SECFailure.
- * RETURN:
- * SECSuccess if adding KeyEnciphermentPOP was successful. Any other return
- * value indicates an error in adding KeyEnciphermentPOP.
- */
-extern SECStatus
- CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetKeyAgreementPOP
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * inKeyChoice
- * An enumeration indicating which POPOPrivKey Choice to use
- * in constructing the KeyAgreementPOP.
- * subseqMess
- * This parameter must be provided iff inKeyChoice is
- * crmfSubsequentMessage. This details how the RA is to respond
- * in order to perform Proof Of Possession. Look in crmft.h under
- * the definition of CRMFSubseqMessOptions for possible values.
- * encPrivKey
- * This parameter only needs to be provided if inKeyChoice is
- * crmfThisMessage. The item should contain the encrypted private
- * key.
- * Adds Proof Of Possession using the keyAgreement field of
- * ProofOfPossession.
- *
- * The funciton looks at the the inKeyChoice parameter and interprets it in
- * in the following manner.
- *
- * If a parameter is not mentioned under interpretation, the funciton will not
- * look at its value when implementing that case.
- *
- * inKeyChoice Interpretation
- * ----------- --------------
- * crmfThisMessage This options requires that the encrypted private key
- * be included in the thisMessage field of POPOPrivKey.
- * We don't support this yet, so any clients who want
- * to use this feature have to implement a wrapping
- * function and agree with the server on how to properly
- * wrap the key. That encrypted key must be passed in
- * as the encPrivKey parameter.
- *
- * crmfSubequentMessage Must pass in a value for subseqMess. The value must
- * be either crmfEncrCert or crmfChallengeResp. The
- * parameter encPrivKey will not be looked at in this
- * case.
- *
- * crmfDHMAC This option is not supported.
- */
-extern SECStatus
- CRMF_CertReqMsgSetKeyAgreementPOP(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey);
-
-/*
- * FUNCTION: CRMF_CreateCertReqMsgFromDER
- * INPUTS:
- * buf
- * A buffer to the DER-encoded Certificate Request Message.
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CRMFCertReqMsg structure. Do not try adding any fields to a message
- * returned from this function. Specifically adding more Controls or
- * Extensions may cause your program to crash.
- *
- * RETURN:
- * A pointer to the Certificate Request Message structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CRMFCertReqMsg* CRMF_CreateCertReqMsgFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CRMF_CreateCertReqMessagesFromDER
- * INPUTS:
- * buf
- * A buffer to the DER-encoded Certificate Request Messages.
- * len
- * The length in bytes of buf
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CRMFCertReqMessages structure. Do not try adding any fields to a message
- * derived from this function. Specifically adding more Controls or
- * Extensions may cause your program to crash.
- * The user must call CRMF_DestroyCertReqMessages after the return value is
- * no longer needed, ie when all individual messages have been extracted.
- *
- * RETURN:
- * A pointer to the Certificate Request Messages structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CRMFCertReqMessages*
- CRMF_CreateCertReqMessagesFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CRMF_DestroyCertReqMessages
- * INPUTS
- * inCertReqMsgs
- * The Messages to destroy.
- * RETURN:
- * SECSuccess if freeing the memory was done successfully. Any other
- * return value indicates an error in freeing up memory.
- */
-extern SECStatus
- CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs);
-
-/*
- * FUNCTION: CRMF_CertReqMessagesGetNumMessages
- * INPUTS:
- * inCertReqMsgs
- * The Request Messages to operate on.
- * RETURN:
- * The number of messages contained in the in the Request Messages
- * strucure.
- */
-extern int
- CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs);
-
-/*
- * FUNCTION: CRMF_CertReqMessagesGetCertReqMsgAtIndex
- * INPUTS:
- * inReqMsgs
- * The Certificate Request Messages to operate on.
- * index
- * The index of the single message the user wants a copy of.
- * NOTES:
- * This function returns a copy of the request messages stored at the
- * index corresponding to the parameter 'index'. Indexing of the messages
- * is done in the same manner as a C array. Meaning the valid index are
- * 0...numMessages-1. User must call CRMF_DestroyCertReqMsg when done using
- * the return value of this function.
- *
- * RETURN:
- * SECSuccess if copying the message at the requested index was successful.
- * Any other return value indicates an invalid index or error while copying
- * the single request message.
- */
-extern CRMFCertReqMsg*
- CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
- int index);
-
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetID
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to get the ID from.
- * destID
- * A pointer to where the library can place the ID of the Message.
- * RETURN:
- * SECSuccess if the function was able to retrieve the ID and place it
- * at *destID. Any other return value indicates an error meaning the value
- * in *destId is un-reliable and should not be used by the caller of this
- * function.
- *
- */
-extern SECStatus CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg,
- long *destID);
-
-/*
- * FUNCTION: CRMF_DoesRequestHaveField
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * inField
- * An enumeration indicating which filed of the certificate template
- * to look for.
- * NOTES:
- * All the fields in a certificate template are optional. This function
- * checks to see if the requested field is present. Look in crmft.h at the
- * definition of CRMFCertTemplateField for possible values for possible
- * querying.
- *
- * RETURN:
- * PR_TRUE iff the field corresponding to 'inField' has been specified as part
- * of 'inCertReq'
- * PR_FALSE iff the field corresponding to 'inField' has not been speicified
- * as part of 'inCertReq'
- *
- */
-extern PRBool CRMF_DoesRequestHaveField(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inField);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetCertRequest
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * NOTES:
- * This function returns a copy of the Certificate Request to the user.
- * The user can keep adding to this request and then making it a part
- * of another message. After the user no longer wants to use the
- * returned request, the user must call CRMF_DestroyCertRequest and
- * pass it the request returned by this function.
- * RETURN:
- * A pointer to a copy of the certificate request contained by the message.
- * A NULL return value indicates an error occurred while copying the
- * certificate request.
- */
-extern CRMFCertRequest *
- CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateVersion
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * version
- * A pointer to where the library can store the version contatined
- * in the certificate template within the certifcate request.
- * RETURN:
- * SECSuccess if the Certificate template contains the version field. In
- * this case, *version will hold the value of the certificate template
- * version.
- * SECFailure indicates that version field was not present as part of
- * of the certificate template.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
- long *version);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSerialNumber
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * serialNumber
- * A pointer where the library can put the serial number contained
- * in the certificate request's certificate template.
- * RETURN:
- * If a serial number exists in the CertTemplate of the request, the function
- * returns SECSuccess and the value at *serialNumber contains the serial
- * number.
- * If no serial number is present, then the function returns SECFailure and
- * the value at *serialNumber is un-changed.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
- long *serialNumber);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSigningAlg
- * INPUT:
- * inCertReq
- * The Certificate Request to operate on.
- * destAlg
- * A Pointer to where the library can place a copy of the signing alg
- * used in the cert request's cert template.
- * RETURN:
- * If the signingAlg is present in the CertRequest's CertTemplate, then
- * the function returns SECSuccess and places a copy of sigingAlg in
- * *destAlg.
- * If no signingAlg is present, then the function returns SECFailure and
- * the value at *destAlg is un-changed
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
- SECAlgorithmID *destAlg);
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateIssuer
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * destIssuer
- * A pointer to where the library can place a copy of the cert
- * request's cert template issuer field.
- * RETURN:
- * If the issuer is present in the cert request cert template, the function
- * returns SECSuccess and places a copy of the issuer in *destIssuer.
- * If there is no issuer present, the funciton returns SECFailure and the
- * value at *destIssuer is unchanged.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
- CERTName *destIssuer);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateValidity
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * destValdity
- * A pointer to where the library can place a copy of the validity
- * info in the cert request cert template.
- * NOTES:
- * Pass the pointer to
- * RETURN:
- * If there is an OptionalValidity field, the function will return SECSuccess
- * and place the appropriate values in *destValidity->notBefore and
- * *destValidity->notAfter. (Each field is optional, but at least one will
- * be present if the function returns SECSuccess)
- *
- * If there is no OptionalValidity field, the function will return SECFailure
- * and the values at *destValidity will be un-changed.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
- CRMFGetValidity *destValidity);
-/*
- * FUNCTION: CRMF_DestroyGetValidity
- * INPUTS:
- * inValidity
- * A pointer to the memroy to be freed.
- * NOTES:
- * The function will free the memory allocated by the function
- * CRMF_CertRequestGetCertTemplateValidity. That means only memory pointed
- * to within the CRMFGetValidity structure. Since
- * CRMF_CertRequestGetCertTemplateValidity does not allocate memory for the
- * structure passed into it, it will not free it. Meaning this function will
- * free the memory at inValidity->notBefore and inValidity->notAfter, but not
- * the memory directly at inValdity.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus
- CRMF_DestroyGetValidity(CRMFGetValidity *inValidity);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSubject
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * destSubject
- * A pointer to where the library can place a copy of the subject
- * contained in the request's cert template.
- * RETURN:
- * If there is a subject in the CertTemplate, then the function returns
- * SECSuccess and a copy of the subject is placed in *destSubject.
- *
- * If there is no subject, the function returns SECFailure and the values at
- * *destSubject is unchanged.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateSubject (CRMFCertRequest *inCertReq,
- CERTName *destSubject);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplatePublicKey
- * INPUTS:
- * inCertReq
- * The Cert request to operate on.
- * destPublicKey
- * A pointer to where the library can place a copy of the request's
- * cert template public key.
- * RETURN:
- * If there is a publicKey parameter in the CertRequest, the function returns
- * SECSuccess, and places a copy of the publicKey in *destPublicKey.
- *
- * If there is no publicKey, the function returns SECFailure and the value
- * at *destPublicKey is un-changed.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
- CERTSubjectPublicKeyInfo *destPublicKey);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateIssuerUID
- * INPUTS:
- * inCertReq
- * The Cert request to operate on.
- * destIssuerUID
- * A pointer to where the library can store a copy of the request's
- * cert template destIssuerUID.
- *
- * NOTES:
- * destIssuerUID is a bit string and will be returned in a SECItem as
- * a bit string. Meaning the len field contains the number of valid bits as
- * opposed to the number of bytes allocated.
- *
- * RETURN:
- * If the CertTemplate has an issuerUID, the function returns SECSuccess and
- * places a copy of the issuerUID in *destIssuerUID.
- *
- * If there is no issuerUID, the function returns SECFailure and the value
- * *destIssuerUID is unchanged.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
- SECItem *destIssuerUID);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSubjectUID
- * inCertReq
- * The Cert request to operate on.
- * destSubjectUID
- * A pointer to where the library can store a copy of the request's
- * cert template destIssuerUID.
- *
- * NOTES:
- * destSubjectUID is a bit string and will be returned in a SECItem as
- * a bit string. Meaning the len field contains the number of valid bits as
- * opposed to the number of bytes allocated.
- *
- * RETURN:
- * If the CertTemplate has an issuerUID, the function returns SECSuccess and
- * places a copy of the issuerUID in *destIssuerUID.
- *
- * If there is no issuerUID, the function returns SECSuccess and the value
- * *destIssuerUID is unchanged.
- */
-extern SECStatus CRMF_GetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
- SECItem *destSubjectUID);
-
-/*
- * FUNCTION: CRMF_CertRequestGetNumberOfExtensions
- * INPUTS:
- * inCertReq
- * The cert request to operate on.
- * RETURN:
- * Returns the number of extensions contained by the Cert Request.
- */
-extern int CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CertRequestGetExtensionAtIndex
- * INPUTS:
- * inCertReq
- * The Certificate request to operate on.
- * index
- * The index of the extension array whihc the user wants to access.
- * NOTES:
- * This function retrieves the extension at the index corresponding to the
- * parameter "index" indicates. Indexing is done like a C array.
- * (0 ... numElements-1)
- *
- * Call CRMF_DestroyCertExtension when done using the return value.
- *
- * RETURN:
- * A pointer to a copy of the extension at the desired index. A NULL
- * return value indicates an invalid index or an error while copying
- * the extension.
- */
-extern CRMFCertExtension *
- CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
- int index);
-/*
- * FUNCTION: CRMF_CertExtensionGetOidTag
- * INPUTS:
- * inExtension
-
- * The extension to operate on.
- * RETURN:
- * Returns the SECOidTag associated with the cert extension passed in.
- */
-extern SECOidTag CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertExtensionGetIsCritical
- * INPUT:
- * inExt
- * The cert extension to operate on.
- *
- * RETURN:
- * PR_TRUE if the extension is critical.
- * PR_FALSE if the extension is not critical.
- */
-extern PRBool CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt);
-
-/*
- * FUNCTION: CRMF_CertExtensionGetValue
- * INPUT:
- * inExtension
- * The extension to operate on.
- * NOTES:
- * Caller is responsible for freeing the memory associated with the return
- * value. Call SECITEM_FreeItem(retVal, PR_TRUE) when done using the return
- * value.
- *
- * RETURN:
- * A pointer to an item containig the value for the certificate extension.
- * A NULL return value indicates an error in copying the information.
- */
-extern SECItem* CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPOSigningKey
- * INPUTS:
- * inCertReqMsg
- * The certificate request message to operate on.
- * destKey
- * A pointer to where the library can place a pointer to
- * a copy of the Proof Of Possession Signing Key used
- * by the message.
- *
- * RETURN:
- * Get the POPOSigningKey associated with this CRMFCertReqMsg.
- * If the CertReqMsg does not have a pop, the function returns
- * SECFailure and the value at *destKey is un-changed..
- *
- * If the CertReqMsg does have a pop, then the CertReqMsg's
- * POPOSigningKey will be placed at *destKey.
- */
-extern SECStatus
- CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOSigningKey **destKey);
-
-/*
- * FUNCTION: CRMF_DestroyPOPOSigningKey
- * INPUTS:
- * inKey
- * The signing key to free.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return value
- * indicates an error while freeing memory.
- */
-extern SECStatus CRMF_DestroyPOPOSigningKey (CRMFPOPOSigningKey *inKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetAlgID
- * INPUTS:
- * inSignKey
- * The Signing Key to operate on.
- * RETURN:
- * Return the algorithmID used by the CRMFPOPOSigningKey. User must
- * call SECOID_DestroyAlgorithmID(destID, PR_TRUE) when done using the
- * return value.
- */
-extern SECAlgorithmID*
- CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetSignature
- * INPUTS:
- * inSignKey
- * The Signing Key to operate on.
- *
- * RETURN:
- * Get the actual signature stored away in the CRMFPOPOSigningKey. SECItem
- * returned is a BIT STRING, so the len field is the number of bits as opposed
- * to the total number of bytes allocatd. User must call
- * SECITEM_FreeItem(retVal,PR_TRUE) when done using the return value.
- */
-extern SECItem* CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetInput
- * INPUTS:
- * inSignKey
- * The Signing Key to operate on.
- * NOTES:
- * This function will return the der encoded input that was read in while
- * decoding. The API does not support this option when creating, so you
- * cannot add this field.
- *
- * RETURN:
- * Get the poposkInput that is part of the of the POPOSigningKey. If the
- * optional field is not part of the POPOSigningKey, the function returns
- * NULL.
- *
- * If the optional field is part of the POPOSingingKey, the function will
- * return a copy of the der encoded poposkInput.
- */
-extern SECItem* CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPKeyEncipherment
- * INPUTS:
- * inCertReqMsg
- * The certificate request message to operate on.
- * destKey
- * A pointer to where the library can place a pointer to a
- * copy of the POPOPrivKey representing Key Encipherment
- * Proof of Possession.
- *NOTES:
- * This function gets the POPOPrivKey associated with this CRMFCertReqMsg
- * for Key Encipherment.
- *
- * RETURN:
- * If the CertReqMsg did not use Key Encipherment for Proof Of Possession, the
- * function returns SECFailure and the value at *destKey is un-changed.
- *
- * If the CertReqMsg did use Key Encipherment for ProofOfPossession, the
- * function returns SECSuccess and places the POPOPrivKey representing the
- * Key Encipherment Proof Of Possessin at *destKey.
- */
-extern SECStatus
- CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPKeyAgreement
- * INPUTS:
- * inCertReqMsg
- * The certificate request message to operate on.
- * destKey
- * A pointer to where the library can place a pointer to a
- * copy of the POPOPrivKey representing Key Agreement
- * Proof of Possession.
- * NOTES:
- * This function gets the POPOPrivKey associated with this CRMFCertReqMsg for
- * Key Agreement.
- *
- * RETURN:
- * If the CertReqMsg used Key Agreement for Proof Of Possession, the
- * function returns SECSuccess and the POPOPrivKey for Key Agreement
- * is placed at *destKey.
- *
- * If the CertReqMsg did not use Key Agreement for Proof Of Possession, the
- * function return SECFailure and the value at *destKey is unchanged.
- */
-extern SECStatus
- CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey);
-
-/*
- * FUNCTION: CRMF_DestroyPOPOPrivKey
- * INPUTS:
- * inPrivKey
- * The POPOPrivKey to destroy.
- * NOTES:
- * Destroy a structure allocated by CRMF_GetPOPKeyEncipherment or
- * CRMF_GetPOPKeyAgreement.
- *
- * RETURN:
- * SECSuccess on successful destruction of the POPOPrivKey.
- * Any other return value indicates an error in freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetChoice
- * INPUT:
- * inKey
- * The POPOPrivKey to operate on.
- * RETURN:
- * Returns which choice was used in constructing the POPPOPrivKey. Look at
- * the definition of CRMFPOPOPrivKeyChoice in crmft.h for the possible return
- * values.
- */
-extern CRMFPOPOPrivKeyChoice CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inKey);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetThisMessage
- * INPUTS:
- * inKey
- * The POPOPrivKey to operate on.
- * destString
- * A pointer to where the library can place a copy of the This Message
- * field stored in the POPOPrivKey
- *
- * RETURN:
- * Returns the field thisMessage from the POPOPrivKey.
- * If the POPOPrivKey did not use the field thisMessage, the function
- * returns SECFailure and the value at *destString is unchanged.
- *
- * If the POPOPrivKey did use the field thisMessage, the function returns
- * SECSuccess and the BIT STRING representing thisMessage is placed
- * at *destString. BIT STRING representation means the len field is the
- * number of valid bits as opposed to the total number of bytes.
- */
-extern SECStatus CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
- SECItem *destString);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetSubseqMess
- * INPUTS:
- * inKey
- * The POPOPrivKey to operate on.
- * destOpt
- * A pointer to where the library can place the value of the
- * Subsequent Message option used by POPOPrivKey.
- *
- * RETURN:
- * Retrieves the field subsequentMessage from the POPOPrivKey.
- * If the POPOPrivKey used the subsequentMessage option, the function
- * returns SECSuccess and places the appropriate enumerated value at
- * *destMessageOption.
- *
- * If the POPOPrivKey did not use the subsequenMessage option, the function
- * returns SECFailure and the value at *destOpt is un-changed.
- */
-extern SECStatus CRMF_POPOPrivKeyGetSubseqMess(CRMFPOPOPrivKey *inKey,
- CRMFSubseqMessOptions *destOpt);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetDHMAC
- * INPUTS:
- * inKey
- * The POPOPrivKey to operate on.
- * destMAC
- * A pointer to where the library can place a copy of the dhMAC
- * field of the POPOPrivKey.
- *
- * NOTES:
- * Returns the field dhMAC from the POPOPrivKey. The populated SECItem
- * is in BIT STRING format.
- *
- * RETURN:
- * If the POPOPrivKey used the dhMAC option, the function returns SECSuccess
- * and the BIT STRING for dhMAC will be placed at *destMAC. The len field in
- * destMAC (ie destMAC->len) will be the valid number of bits as opposed to
- * the number of allocated bytes.
- *
- * If the POPOPrivKey did not use the dhMAC option, the function returns
- * SECFailure and the value at *destMAC is unchanged.
- *
- */
-extern SECStatus CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey,
- SECItem *destMAC);
-
-/*
- * FUNCTION: CRMF_CertRequestGetNumControls
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * RETURN:
- * Returns the number of Controls registered with this CertRequest.
- */
-extern int CRMF_CertRequestGetNumControls (CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CertRequestGetControlAtIndex
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * index
- * The index of the control the user wants a copy of.
- * NOTES:
- * Function retrieves the Control at located at index. The Controls
- * are numbered like a traditional C array (0 ... numElements-1)
- *
- * RETURN:
- * Returns a copy of the control at the index specified. This is a copy
- * so the user must call CRMF_DestroyControl after the return value is no
- * longer needed. A return value of NULL indicates an error while copying
- * the control or that the index was invalid.
- */
-extern CRMFControl*
- CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq,
- int index);
-
-/*
- * FUNCTION: CRMF_DestroyControl
- * INPUTS:
- * inControl
- * The Control to destroy.
- * NOTES:
- * Destroy a CRMFControl allocated by CRMF_GetControlAtIndex.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return
- * value indicates an error while freeing the memory.
- */
-extern SECStatus CRMF_DestroyControl(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetControlType
- * INPUTS:
- * inControl
- * The control to operate on.
- * NOTES:
- * The function returns an enumertion which indicates the type of control
- * 'inControl'.
- *
- * RETURN:
- * Look in crmft.h at the definition of the enumerated type CRMFControlType
- * for the possible return values.
- */
-extern CRMFControlType CRMF_ControlGetControlType(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetRegTokenControlValue
- * INPUTS:
- * inControl
- * The Control to operate on.
- * NOTES:
- * The user must call SECITEM_FreeItem passing in the return value
- * after the returnvalue is no longer needed.
-
- * RETURN:
- * Return the value for a Registration Token Control.
- * The SECItem returned should be in UTF8 format. A NULL
- * return value indicates there was no Registration Control associated
- * with the Control.
- * (This library will not verify format. It assumes the client properly
- * formatted the strings when adding it or the message decoded was properly
- * formatted. The library will just give back the bytes it was given.)
- */
-extern SECItem* CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetAuthenticatorControlValue
- * INPUTS:
- * inControl
- * The Control to operate on.
- * NOTES:
- * The user must call SECITEM_FreeItem passing in the return value
- * after the returnvalue is no longer needed.
- *
- * RETURN:
- * Return the value for the Authenticator Control.
- * The SECItem returned should be in UTF8 format. A NULL
- * return value indicates there was no Authenticator Control associated
- * with the CRMFControl..
- * (This library will not verify format. It assumes the client properly
- * formatted the strings when adding it or the message decoded was properly
- * formatted. The library will just give back the bytes it was given.)
- */
-extern SECItem* CRMF_ControlGetAuthicatorControlValue(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetPKIArchiveOptions
- * INPUTS:inControl
- * The Control tooperate on.
- * NOTES:
- * This function returns a copy of the PKIArchiveOptions. The user must call
- * the function CRMF_DestroyPKIArchiveOptions when the return value is no
- * longer needed.
- *
- * RETURN:
- * Get the PKIArchiveOptions associated with the Control. A return
- * value of NULL indicates the Control was not a PKIArchiveOptions
- * Control.
- */
-extern CRMFPKIArchiveOptions*
- CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl);
-
-/*
- * FUNCTION: CMRF_DestroyPKIArchiveOptions
- * INPUTS:
- * inOptions
- * The ArchiveOptions to destroy.
- * NOTE:
- * Destroy the CRMFPKIArchiveOptions structure.
- *
- * RETURN:
- * SECSuccess if successful in freeing all the memory associated with
- * the PKIArchiveOptions. Any other return value indicates an error while
- * freeing the PKIArchiveOptions.
- */
-extern SECStatus
- CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetOptionType
- * INPUTS:
- * inOptions
- * The PKIArchiveOptions to operate on.
- * RETURN:
- * Returns the choice used for the PKIArchiveOptions. Look at the definition
- * of CRMFPKIArchiveOptionsType in crmft.h for possible return values.
- */
-extern CRMFPKIArchiveOptionsType
- CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetEncryptedPrivKey
- * INPUTS:
- * inOpts
- * The PKIArchiveOptions to operate on.
- *
- * NOTES:
- * The user must call CRMF_DestroyEncryptedKey when done using this return
- * value.
- *
- * RETURN:
- * Get the encryptedPrivKey field of the PKIArchiveOptions structure.
- * A return value of NULL indicates that encryptedPrivKey was not used as
- * the choice for this PKIArchiveOptions.
- */
-extern CRMFEncryptedKey*
- CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts);
-
-/*
- * FUNCTION: CRMF_EncryptedKeyGetChoice
- * INPUTS:
- * inEncrKey
- * The EncryptedKey to operate on.
- *
- * NOTES:
- * Get the choice used for representing the EncryptedKey.
- *
- * RETURN:
- * Returns the Choice used in representing the EncryptedKey. Look in
- * crmft.h at the definition of CRMFEncryptedKeyChoice for possible return
- * values.
- */
-extern CRMFEncryptedKeyChoice
- CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey);
-
-
-/*
- * FUNCTION: CRMF_EncryptedKeyGetEncryptedValue
- * INPUTS:
- * inKey
- * The EncryptedKey to operate on.
- *
- * NOTES:
- * The user must call CRMF_DestroyEncryptedValue passing in
- * CRMF_GetEncryptedValue's return value.
- *
- * RETURN:
- * A pointer to a copy of the EncryptedValue contained as a member of
- * the EncryptedKey.
- */
-extern CRMFEncryptedValue*
- CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inKey);
-
-/*
- * FUNCTION: CRMF_DestroyEncryptedValue
- * INPUTS:
- * inEncrValue
- * The EncryptedValue to destroy.
- *
- * NOTES:
- * Free up all memory associated with 'inEncrValue'.
- *
- * RETURN:
- * SECSuccess if freeing up the memory associated with the EncryptedValue
- * is successful. Any other return value indicates an error while freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetEncValue
- * INPUTS:
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Function retrieves the encValue from an EncryptedValue structure.
- *
- * RETURN:
- * A poiner to a SECItem containing the encValue of the EncryptedValue
- * structure. The return value is in BIT STRING format, meaning the
- * len field of the return structure represents the number of valid bits
- * as opposed to the allocated number of bytes.
- * ANULL return value indicates an error in copying the encValue field.
- */
-extern SECItem* CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetIntendedAlg
- * INPUTS
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the IntendedAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value. When present, this alogorithm is the alogrithm for
- * which the private key will be used.
- *
- * RETURN:
- * A Copy of the intendedAlg field. A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID*
- CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue);
-
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetSymmAlg
- * INPUTS
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the symmAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value. When present, this is algorithm used to
- * encrypt the encValue of the EncryptedValue.
- *
- * RETURN:
- * A Copy of the symmAlg field. A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID*
- CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue);
-
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetKeyAlg
- * INPUTS
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the keyAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value. When present, this is the algorithm used to encrypt
- * the symmetric key in the encSymmKey field of the EncryptedValue structure.
- *
- * RETURN:
- * A Copy of the keyAlg field. A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID*
- CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetValueHint
- * INPUTS:
- * inEncValue
- * The EncryptedValue to operate on.
- *
- * NOTES:
- * Return a copy of the der-encoded value hint.
- * User must call SECITEM_FreeItem(retVal, PR_TRUE) when done using the
- * return value. When, present, this is a value that the client which
- * originally issued a certificate request can use to reproduce any data
- * it wants. The RA does not know how to interpret this data.
- *
- * RETURN:
- * A copy of the valueHint field of the EncryptedValue. A NULL return
- * value indicates the optional valueHint field is not present in the
- * EncryptedValue.
- */
-extern SECItem*
- CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncrypteValueGetEncSymmKey
- * INPUTS:
- * inEncValue
- * The EncryptedValue to operate on.
- *
- * NOTES:
- * Return a copy of the encSymmKey field. This field is the encrypted
- * symmetric key that the client uses in doing Public Key wrap of a private
- * key. When present, this is the symmetric key that was used to wrap the
- * private key. (The encrypted private key will be stored in encValue
- * of the same EncryptedValue structure.) The user must call
- * SECITEM_FreeItem(retVal, PR_TRUE) when the return value is no longer
- * needed.
- *
- * RETURN:
- * A copy of the optional encSymmKey field of the EncryptedValue structure.
- * The return value will be in BIT STRING format, meaning the len field will
- * be the number of valid bits as opposed to the number of bytes. A return
- * value of NULL means the optional encSymmKey field was not present in
- * the EncryptedValue structure.
- */
-extern SECItem*
- CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetKeyGenParameters
- * INPUTS:
- * inOptions
- * The PKiArchiveOptions to operate on.
- *
- * NOTES:
- * User must call SECITEM_FreeItem(retVal, PR_TRUE) after the return
- * value is no longer needed.
- *
- * RETURN:
- * Get the keyGenParameters field of the PKIArchiveOptions.
- * A NULL return value indicates that keyGenParameters was not
- * used as the choice for this PKIArchiveOptions.
- *
- * The SECItem returned is in BIT STRING format (ie, the len field indicates
- * number of valid bits as opposed to allocated number of bytes.)
- */
-extern SECItem*
- CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey
- * INPUTS:
- * inOpt
- * The PKIArchiveOptions to operate on.
- * destVal
- * A pointer to where the library can place the value for
- * arciveRemGenPrivKey
- * RETURN:
- * If the PKIArchiveOptions used the archiveRemGenPrivKey field, the
- * function returns SECSuccess and fills the value at *destValue with either
- * PR_TRUE or PR_FALSE, depending on what the PKIArchiveOptions has as a
- * value.
- *
- * If the PKIArchiveOptions does not use the archiveRemGenPrivKey field, the
- * function returns SECFailure and the value at *destValue is unchanged.
- */
-extern SECStatus
- CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
- PRBool *destVal);
-
-/* Helper functions that can be used by other libraries. */
-/*
- * A quick helper funciton to get the best wrap mechanism.
- */
-extern CK_MECHANISM_TYPE CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot);
-
-/*
- * A helper function to get a randomly generated IV from a mechanism
- * type.
- */
-extern SECItem* CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType);
-
-SEC_END_PROTOS
-#endif /*_CRMF_H_*/
-
-
diff --git a/security/nss/lib/crmf/crmfcont.c b/security/nss/lib/crmf/crmfcont.c
deleted file mode 100644
index 3b4b9a98b..000000000
--- a/security/nss/lib/crmf/crmfcont.c
+++ /dev/null
@@ -1,1166 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "pk11func.h"
-#include "keyhi.h"
-#include "secoid.h"
-
-static SECStatus
-crmf_modify_control_array (CRMFCertRequest *inCertReq, int count)
-{
- if (count > 0) {
- void *dummy = PORT_Realloc(inCertReq->controls,
- sizeof(CRMFControl*)*(count+2));
- if (dummy == NULL) {
- return SECFailure;
- }
- inCertReq->controls = dummy;
- } else {
- inCertReq->controls = PORT_ZNewArray(CRMFControl*, 2);
- }
- return (inCertReq->controls == NULL) ? SECFailure : SECSuccess ;
-}
-
-static SECStatus
-crmf_add_new_control(CRMFCertRequest *inCertReq,SECOidTag inTag,
- CRMFControl **destControl)
-{
- SECOidData *oidData;
- SECStatus rv;
- PRArenaPool *poolp;
- int numControls = 0;
- CRMFControl *newControl;
- CRMFControl **controls;
- void *mark;
-
- poolp = inCertReq->poolp;
- if (poolp == NULL) {
- return SECFailure;
- }
- mark = PORT_ArenaMark(poolp);
- if (inCertReq->controls != NULL) {
- while (inCertReq->controls[numControls] != NULL)
- numControls++;
- }
- rv = crmf_modify_control_array(inCertReq, numControls);
- if (rv != SECSuccess) {
- goto loser;
- }
- controls = inCertReq->controls;
- oidData = SECOID_FindOIDByTag(inTag);
- newControl = *destControl = PORT_ArenaZNew(poolp,CRMFControl);
- if (newControl == NULL) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &newControl->derTag, &oidData->oid);
- if (rv != SECSuccess) {
- goto loser;
- }
- newControl->tag = inTag;
- controls[numControls] = newControl;
- controls[numControls+1] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- *destControl = NULL;
- return SECFailure;
-
-}
-
-SECStatus
-crmf_add_secitem_control(CRMFCertRequest *inCertReq, SECItem *value,
- SECOidTag inTag)
-{
- SECStatus rv;
- CRMFControl *newControl;
- void *mark;
-
- rv = crmf_add_new_control(inCertReq, inTag, &newControl);
- if (rv != SECSuccess) {
- return rv;
- }
- mark = PORT_ArenaMark(inCertReq->poolp);
- rv = SECITEM_CopyItem(inCertReq->poolp, &newControl->derValue, value);
- if (rv != SECSuccess) {
- PORT_ArenaRelease(inCertReq->poolp, mark);
- return rv;
- }
- PORT_ArenaUnmark(inCertReq->poolp, mark);
- return SECSuccess;
-}
-
-SECStatus
-CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq, SECItem *value)
-{
- return crmf_add_secitem_control(inCertReq, value,
- SEC_OID_PKIX_REGCTRL_REGTOKEN);
-}
-
-SECStatus
-CRMF_CertRequestSetAuthenticatorControl (CRMFCertRequest *inCertReq,
- SECItem *value)
-{
- return crmf_add_secitem_control(inCertReq, value,
- SEC_OID_PKIX_REGCTRL_AUTHENTICATOR);
-}
-
-SECStatus
-crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue, PRBool freeit)
-{
- if (inEncrValue != NULL) {
- if (inEncrValue->intendedAlg) {
- SECOID_DestroyAlgorithmID(inEncrValue->intendedAlg, PR_TRUE);
- }
- if (inEncrValue->symmAlg) {
- SECOID_DestroyAlgorithmID(inEncrValue->symmAlg, PR_TRUE);
- }
- if (inEncrValue->encSymmKey.data) {
- PORT_Free(inEncrValue->encSymmKey.data);
- }
- if (inEncrValue->keyAlg) {
- SECOID_DestroyAlgorithmID(inEncrValue->keyAlg, PR_TRUE);
- }
- if (inEncrValue->valueHint.data) {
- PORT_Free(inEncrValue->valueHint.data);
- }
- if (inEncrValue->encValue.data) {
- PORT_Free(inEncrValue->encValue.data);
- }
- if (freeit) {
- PORT_Free(inEncrValue);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue)
-{
- return crmf_destroy_encrypted_value(inEncrValue, PR_TRUE);
-}
-
-SECStatus
-crmf_copy_encryptedvalue_secalg(PRArenaPool *poolp,
- SECAlgorithmID *srcAlgId,
- SECAlgorithmID **destAlgId)
-{
- SECAlgorithmID *newAlgId;
-
- *destAlgId = newAlgId = (poolp != NULL) ?
- PORT_ArenaZNew(poolp, SECAlgorithmID) :
- PORT_ZNew(SECAlgorithmID);
- if (newAlgId == NULL) {
- return SECFailure;
- }
-
- return SECOID_CopyAlgorithmID(poolp, newAlgId, srcAlgId);
-}
-
-SECStatus
-crmf_copy_encryptedvalue(PRArenaPool *poolp,
- CRMFEncryptedValue *srcValue,
- CRMFEncryptedValue *destValue)
-{
- SECStatus rv;
-
- if (srcValue->intendedAlg != NULL) {
- rv = crmf_copy_encryptedvalue_secalg(poolp,
- srcValue->intendedAlg,
- &destValue->intendedAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->symmAlg != NULL) {
- rv = crmf_copy_encryptedvalue_secalg(poolp,
- srcValue->symmAlg,
- &destValue->symmAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->encSymmKey.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp,
- &destValue->encSymmKey,
- &srcValue->encSymmKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->keyAlg != NULL) {
- rv = crmf_copy_encryptedvalue_secalg(poolp,
- srcValue->keyAlg,
- &destValue->keyAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->valueHint.data != NULL) {
- rv = SECITEM_CopyItem(poolp,
- &destValue->valueHint,
- &srcValue->valueHint);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->encValue.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp,
- &destValue->encValue,
- &srcValue->encValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return SECSuccess;
- loser:
- if (poolp == NULL && destValue != NULL) {
- crmf_destroy_encrypted_value(destValue, PR_TRUE);
- }
- return SECFailure;
-}
-
-SECStatus
-crmf_copy_encryptedkey(PRArenaPool *poolp,
- CRMFEncryptedKey *srcEncrKey,
- CRMFEncryptedKey *destEncrKey)
-{
- SECStatus rv;
- void *mark = NULL;
-
- if (poolp != NULL) {
- mark = PORT_ArenaMark(poolp);
- }
-
- switch (srcEncrKey->encKeyChoice) {
- case crmfEncryptedValueChoice:
- rv = crmf_copy_encryptedvalue(poolp,
- &srcEncrKey->value.encryptedValue,
- &destEncrKey->value.encryptedValue);
- break;
- case crmfEnvelopedDataChoice:
- destEncrKey->value.envelopedData =
- SEC_PKCS7CopyContentInfo(srcEncrKey->value.envelopedData);
- rv = (destEncrKey->value.envelopedData != NULL) ? SECSuccess:
- SECFailure;
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- destEncrKey->encKeyChoice = srcEncrKey->encKeyChoice;
- if (mark) {
- PORT_ArenaUnmark(poolp, mark);
- }
- return SECSuccess;
-
- loser:
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- return SECFailure;
-}
-
-CRMFPKIArchiveOptions*
-crmf_create_encr_pivkey_option(CRMFEncryptedKey *inEncryptedKey)
-{
- CRMFPKIArchiveOptions *newArchOpt;
- SECStatus rv;
-
- newArchOpt = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newArchOpt == NULL) {
- goto loser;
- }
-
- rv = crmf_copy_encryptedkey(NULL, inEncryptedKey,
- &newArchOpt->option.encryptedKey);
-
- if (rv != SECSuccess) {
- goto loser;
- }
- newArchOpt->archOption = crmfEncryptedPrivateKey;
- return newArchOpt;
- loser:
- if (newArchOpt != NULL) {
- CRMF_DestroyPKIArchiveOptions(newArchOpt);
- }
- return NULL;
-}
-
-static CRMFPKIArchiveOptions*
-crmf_create_keygen_param_option(SECItem *inKeyGenParams)
-{
- CRMFPKIArchiveOptions *newArchOptions;
- SECStatus rv;
-
- newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newArchOptions == NULL) {
- goto loser;
- }
- newArchOptions->archOption = crmfKeyGenParameters;
- rv = SECITEM_CopyItem(NULL, &newArchOptions->option.keyGenParameters,
- inKeyGenParams);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newArchOptions;
- loser:
- if (newArchOptions != NULL) {
- CRMF_DestroyPKIArchiveOptions(newArchOptions);
- }
- return NULL;
-}
-
-static CRMFPKIArchiveOptions*
-crmf_create_arch_rem_gen_privkey(PRBool archiveRemGenPrivKey)
-{
- unsigned char value;
- SECItem *dummy;
- CRMFPKIArchiveOptions *newArchOptions;
-
- value = (archiveRemGenPrivKey) ? hexTrue : hexFalse;
- newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newArchOptions == NULL) {
- goto loser;
- }
- dummy = SEC_ASN1EncodeItem(NULL,
- &newArchOptions->option.archiveRemGenPrivKey,
- &value, SEC_ASN1_GET(SEC_BooleanTemplate));
- PORT_Assert (dummy == &newArchOptions->option.archiveRemGenPrivKey);
- if (dummy != &newArchOptions->option.archiveRemGenPrivKey) {
- SECITEM_FreeItem (dummy, PR_TRUE);
- goto loser;
- }
- newArchOptions->archOption = crmfArchiveRemGenPrivKey;
- return newArchOptions;
- loser:
- if (newArchOptions != NULL) {
- CRMF_DestroyPKIArchiveOptions(newArchOptions);
- }
- return NULL;
-}
-
-CRMFPKIArchiveOptions*
-CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType, void *data)
-{
- CRMFPKIArchiveOptions* retOptions;
-
- PORT_Assert(data != NULL);
- if (data == NULL) {
- return NULL;
- }
- switch(inType) {
- case crmfEncryptedPrivateKey:
- retOptions = crmf_create_encr_pivkey_option((CRMFEncryptedKey*)data);
- break;
- case crmfKeyGenParameters:
- retOptions = crmf_create_keygen_param_option((SECItem*)data);
- break;
- case crmfArchiveRemGenPrivKey:
- retOptions = crmf_create_arch_rem_gen_privkey(*(PRBool*)data);
- break;
- default:
- retOptions = NULL;
- }
- return retOptions;
-}
-
-static SECStatus
-crmf_destroy_encrypted_key(CRMFEncryptedKey *inEncrKey, PRBool freeit)
-{
- PORT_Assert(inEncrKey != NULL);
- if (inEncrKey != NULL) {
- switch (inEncrKey->encKeyChoice){
- case crmfEncryptedValueChoice:
- crmf_destroy_encrypted_value(&inEncrKey->value.encryptedValue,
- PR_FALSE);
- break;
- case crmfEnvelopedDataChoice:
- SEC_PKCS7DestroyContentInfo(inEncrKey->value.envelopedData);
- break;
- default:
- break;
- }
- if (freeit) {
- PORT_Free(inEncrKey);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
- PRBool freeit)
-{
- PORT_Assert(inArchOptions != NULL);
- if (inArchOptions != NULL) {
- switch (inArchOptions->archOption) {
- case crmfEncryptedPrivateKey:
- crmf_destroy_encrypted_key(&inArchOptions->option.encryptedKey,
- PR_FALSE);
- break;
- case crmfKeyGenParameters:
- case crmfArchiveRemGenPrivKey:
- /* This is a union, so having a pointer to one is like
- * having a pointer to both.
- */
- SECITEM_FreeItem(&inArchOptions->option.keyGenParameters,
- PR_FALSE);
- break;
- case crmfNoArchiveOptions:
- break;
- }
- if (freeit) {
- PORT_Free(inArchOptions);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOptions)
-{
- return crmf_destroy_pkiarchiveoptions(inArchOptions, PR_TRUE);
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_non_pad_mechanism(CK_MECHANISM_TYPE type)
-{
- switch (type) {
- case CKM_DES3_CBC_PAD:
- return CKM_DES3_CBC;
- case CKM_CAST5_CBC_PAD:
- return CKM_CAST5_CBC;
- case CKM_DES_CBC_PAD:
- return CKM_DES_CBC;
- case CKM_IDEA_CBC_PAD:
- return CKM_IDEA_CBC;
- case CKM_CAST3_CBC_PAD:
- return CKM_CAST3_CBC;
- case CKM_CAST_CBC_PAD:
- return CKM_CAST_CBC;
- case CKM_RC5_CBC_PAD:
- return CKM_RC5_CBC;
- case CKM_RC2_CBC_PAD:
- return CKM_RC2_CBC;
- case CKM_CDMF_CBC_PAD:
- return CKM_CDMF_CBC;
- }
- return type;
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_pad_mech_from_tag(SECOidTag oidTag)
-{
- CK_MECHANISM_TYPE mechType;
- SECOidData *oidData;
-
- oidData = SECOID_FindOIDByTag(oidTag);
- mechType = (CK_MECHANISM_TYPE)oidData->mechanism;
- return PK11_GetPadMechanism(mechType);
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_best_privkey_wrap_mechanism(PK11SlotInfo *slot)
-{
- CK_MECHANISM_TYPE privKeyPadMechs[] = { CKM_DES3_CBC_PAD,
- CKM_CAST5_CBC_PAD,
- CKM_DES_CBC_PAD,
- CKM_IDEA_CBC_PAD,
- CKM_CAST3_CBC_PAD,
- CKM_CAST_CBC_PAD,
- CKM_RC5_CBC_PAD,
- CKM_RC2_CBC_PAD,
- CKM_CDMF_CBC_PAD };
- int mechCount = sizeof(privKeyPadMechs)/sizeof(privKeyPadMechs[0]);
- int i;
-
- for (i=0; i < mechCount; i++) {
- if (PK11_DoesMechanism(slot, privKeyPadMechs[i])) {
- return privKeyPadMechs[i];
- }
- }
- return CKM_INVALID_MECHANISM;
-}
-
-CK_MECHANISM_TYPE
-CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot)
-{
- return crmf_get_best_privkey_wrap_mechanism(slot);
-}
-
-static SECItem*
-crmf_get_iv(CK_MECHANISM_TYPE mechType)
-{
- int iv_size = PK11_GetIVLength(mechType);
- SECItem *iv;
- SECStatus rv;
-
- iv = PORT_ZNew(SECItem);
- if (iv == NULL) {
- return NULL;
- }
- if (iv_size == 0) {
- iv->data = NULL;
- iv->len = 0;
- return iv;
- }
- iv->data = PORT_NewArray(unsigned char, iv_size);
- if (iv->data == NULL) {
- iv->len = 0;
- return iv;
- }
- iv->len = iv_size;
- rv = PK11_GenerateRandom(iv->data, iv->len);
- if (rv != SECSuccess) {
- PORT_Free(iv->data);
- iv->data = NULL;
- iv->len = 0;
- }
- return iv;
-}
-
-SECItem*
-CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType)
-{
- return crmf_get_iv(mechType);
-}
-
-CK_MECHANISM_TYPE
-crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey)
-{
- CERTSubjectPublicKeyInfo *spki = NULL;
- SECOidTag tag;
-
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
- if (spki == NULL) {
- return CKM_INVALID_MECHANISM;
- }
- tag = SECOID_FindOIDTag(&spki->algorithm.algorithm);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- spki = NULL;
- return PK11_AlgtagToMechanism(tag);
-}
-
-SECItem*
-crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest)
-{
- SECItem *pubValue;
-
- if (dest != NULL) {
- pubValue = dest;
- } else {
- pubValue = PORT_ZNew(SECItem);
- }
- switch(pubKey->keyType) {
- case dsaKey:
- SECITEM_CopyItem(NULL, pubValue, &pubKey->u.dsa.publicValue);
- break;
- case rsaKey:
- SECITEM_CopyItem(NULL, pubValue, &pubKey->u.rsa.modulus);
- break;
- case dhKey:
- SECITEM_CopyItem(NULL, pubValue, &pubKey->u.dh.publicValue);
- break;
- default:
- if (dest == NULL) {
- PORT_Free(pubValue);
- }
- pubValue = NULL;
- break;
- }
- return pubValue;
-}
-
-static SECItem*
-crmf_decode_params(SECItem *inParams)
-{
- SECItem *params;
- SECStatus rv;
-
- params = PORT_ZNew(SECItem);
- rv = SEC_ASN1DecodeItem(NULL, params,
- SEC_ASN1_GET(SEC_OctetStringTemplate),
- inParams);
- if (rv != SECSuccess) {
- SECITEM_FreeItem(params, PR_TRUE);
- return NULL;
- }
- return params;
-}
-
-int
-crmf_get_key_size_from_mech(CK_MECHANISM_TYPE mechType)
-{
- CK_MECHANISM_TYPE keyGen = PK11_GetKeyGen(mechType);
-
- switch (keyGen) {
- case CKM_CDMF_KEY_GEN:
- case CKM_DES_KEY_GEN:
- return 8;
- case CKM_DES2_KEY_GEN:
- return 16;
- case CKM_DES3_KEY_GEN:
- return 24;
- }
- return 0;
-}
-
-SECStatus
-crmf_encrypted_value_unwrap_priv_key(PRArenaPool *poolp,
- CRMFEncryptedValue *encValue,
- SECKEYPrivateKey *privKey,
- SECKEYPublicKey *newPubKey,
- SECItem *nickname,
- PK11SlotInfo *slot,
- unsigned char keyUsage,
- SECKEYPrivateKey **unWrappedKey,
- void *wincx)
-{
- PK11SymKey *wrappingKey = NULL;
- CK_MECHANISM_TYPE wrapMechType;
- SECOidTag oidTag;
- SECItem *params = NULL, *publicValue = NULL;
- int keySize, origLen;
- CK_KEY_TYPE keyType;
- CK_ATTRIBUTE_TYPE *usage = NULL;
- CK_ATTRIBUTE_TYPE rsaUsage[] = {
- CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER };
- CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
- CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
- int usageCount = 0;
-
- oidTag = SECOID_GetAlgorithmTag(encValue->symmAlg);
- wrapMechType = crmf_get_pad_mech_from_tag(oidTag);
- keySize = crmf_get_key_size_from_mech(wrapMechType);
- wrappingKey = PK11_PubUnwrapSymKey(privKey, &encValue->encSymmKey,
- wrapMechType, CKA_UNWRAP, keySize);
- if (wrappingKey == NULL) {
- goto loser;
- }/* Make the length a byte length instead of bit length*/
- params = (encValue->symmAlg != NULL) ?
- crmf_decode_params(&encValue->symmAlg->parameters) : NULL;
- origLen = encValue->encValue.len;
- encValue->encValue.len = CRMF_BITS_TO_BYTES(origLen);
- publicValue = crmf_get_public_value(newPubKey, NULL);
- switch(newPubKey->keyType) {
- default:
- case rsaKey:
- keyType = CKK_RSA;
- switch (keyUsage & (KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE)) {
- case KU_KEY_ENCIPHERMENT:
- usage = rsaUsage;
- usageCount = 2;
- break;
- case KU_DIGITAL_SIGNATURE:
- usage = &rsaUsage[2];
- usageCount = 2;
- break;
- case KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE:
- case 0: /* default to everything */
- usage = rsaUsage;
- usageCount = 4;
- break;
- }
- break;
- case dhKey:
- keyType = CKK_DH;
- usage = dhUsage;
- usageCount = sizeof(dhUsage)/sizeof(dhUsage[0]);
- break;
- case dsaKey:
- keyType = CKK_DSA;
- usage = dsaUsage;
- usageCount = sizeof(dsaUsage)/sizeof(dsaUsage[0]);
- break;
- }
- PORT_Assert(usage != NULL);
- PORT_Assert(usageCount != 0);
- *unWrappedKey = PK11_UnwrapPrivKey(slot, wrappingKey, wrapMechType, params,
- &encValue->encValue, nickname,
- publicValue, PR_TRUE,PR_TRUE,
- keyType, usage, usageCount, wincx);
- encValue->encValue.len = origLen;
- if (*unWrappedKey == NULL) {
- goto loser;
- }
- SECITEM_FreeItem (publicValue, PR_TRUE);
- if (params!= NULL) {
- SECITEM_FreeItem(params, PR_TRUE);
- }
- PK11_FreeSymKey(wrappingKey);
- return SECSuccess;
- loser:
- *unWrappedKey = NULL;
- return SECFailure;
-}
-
-CRMFEncryptedValue *
-crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inCAKey,
- CRMFEncryptedValue *destValue)
-{
- SECItem wrappedPrivKey, wrappedSymKey;
- SECItem encodedParam, *dummy;
- SECStatus rv;
- CK_MECHANISM_TYPE pubMechType, symKeyType;
- unsigned char *wrappedSymKeyBits;
- unsigned char *wrappedPrivKeyBits;
- SECItem *iv = NULL;
- SECOidTag tag;
- PK11SymKey *symKey;
- PK11SlotInfo *slot;
- SECAlgorithmID *symmAlg;
- CRMFEncryptedValue *myEncrValue = NULL;
-
- encodedParam.data = NULL;
- wrappedSymKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
- wrappedPrivKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
- if (wrappedSymKeyBits == NULL || wrappedPrivKeyBits == NULL) {
- goto loser;
- }
- if (destValue == NULL) {
- myEncrValue = destValue = PORT_ZNew(CRMFEncryptedValue);
- if (destValue == NULL) {
- goto loser;
- }
- }
-
- pubMechType = crmf_get_mechanism_from_public_key(inCAKey);
- if (pubMechType == CKM_INVALID_MECHANISM) {
- /* XXX I should probably do something here for non-RSA
- * keys that are in certs. (ie DSA)
- */
- goto loser;
- }
- slot = inPrivKey->pkcs11Slot;
- PORT_Assert(slot != NULL);
- symKeyType = crmf_get_best_privkey_wrap_mechanism(slot);
- symKey = PK11_KeyGen(slot, symKeyType, NULL, 0, NULL);
- if (symKey == NULL) {
- goto loser;
- }
-
- wrappedSymKey.data = wrappedSymKeyBits;
- wrappedSymKey.len = MAX_WRAPPED_KEY_LEN;
- rv = PK11_PubWrapSymKey(pubMechType, inCAKey, symKey, &wrappedSymKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* Make the length of the result a Bit String length. */
- wrappedSymKey.len <<= 3;
-
- wrappedPrivKey.data = wrappedPrivKeyBits;
- wrappedPrivKey.len = MAX_WRAPPED_KEY_LEN;
- iv = crmf_get_iv(symKeyType);
- rv = PK11_WrapPrivKey(slot, symKey, inPrivKey, symKeyType, iv,
- &wrappedPrivKey, NULL);
- PK11_FreeSymKey(symKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* Make the length of the result a Bit String length. */
- wrappedPrivKey.len <<= 3;
- rv = crmf_make_bitstring_copy(NULL,
- &destValue->encValue,
- &wrappedPrivKey);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_make_bitstring_copy(NULL,
- &destValue->encSymmKey,
- &wrappedSymKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- destValue->symmAlg = symmAlg = PORT_ZNew(SECAlgorithmID);
- if (symmAlg == NULL) {
- goto loser;
- }
-
- dummy = SEC_ASN1EncodeItem(NULL, &encodedParam, iv,
- SEC_ASN1_GET(SEC_OctetStringTemplate));
- if (dummy != &encodedParam) {
- SECITEM_FreeItem(dummy, PR_TRUE);
- goto loser;
- }
-
- symKeyType = crmf_get_non_pad_mechanism(symKeyType);
- tag = PK11_MechanismToAlgtag(symKeyType);
- rv = SECOID_SetAlgorithmID(NULL, symmAlg, tag, &encodedParam);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_Free(encodedParam.data);
- PORT_Free(wrappedPrivKeyBits);
- PORT_Free(wrappedSymKeyBits);
- if (iv->data != NULL) {
- PORT_Free(iv->data);
- }
- PORT_Free(iv);
- return destValue;
- loser:
- if (iv != NULL) {
- if (iv->data) {
- PORT_Free(iv->data);
- }
- PORT_Free(iv);
- }
- if (myEncrValue != NULL) {
- crmf_destroy_encrypted_value(myEncrValue, PR_TRUE);
- }
- if (wrappedSymKeyBits != NULL) {
- PORT_Free(wrappedSymKeyBits);
- }
- if (wrappedPrivKeyBits != NULL) {
- PORT_Free(wrappedPrivKeyBits);
- }
- if (encodedParam.data != NULL) {
- PORT_Free(encodedParam.data);
- }
- return NULL;
-}
-
-CRMFEncryptedKey*
-CRMF_CreateEncryptedKeyWithEncryptedValue (SECKEYPrivateKey *inPrivKey,
- CERTCertificate *inCACert)
-{
- SECKEYPublicKey *caPubKey = NULL;
- CRMFEncryptedKey *encKey = NULL;
- CRMFEncryptedValue *dummy;
-
- PORT_Assert(inPrivKey != NULL && inCACert != NULL);
- if (inPrivKey == NULL || inCACert == NULL) {
- return NULL;
- }
-
- caPubKey = CERT_ExtractPublicKey(inCACert);
- if (caPubKey == NULL) {
- goto loser;
- }
-
- encKey = PORT_ZNew(CRMFEncryptedKey);
- if (encKey == NULL) {
- goto loser;
- }
- dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey,
- caPubKey,
- &encKey->value.encryptedValue);
- PORT_Assert(dummy == &encKey->value.encryptedValue);
- /* We won't add the der value here, but rather when it
- * becomes part of a certificate request.
- */
- SECKEY_DestroyPublicKey(caPubKey);
- encKey->encKeyChoice = crmfEncryptedValueChoice;
- return encKey;
- loser:
- if (encKey != NULL) {
- CRMF_DestroyEncryptedKey(encKey);
- }
- if (caPubKey != NULL) {
- SECKEY_DestroyPublicKey(caPubKey);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey)
-{
- return crmf_destroy_encrypted_key(inEncrKey, PR_TRUE);
-}
-
-SECStatus
-crmf_copy_pkiarchiveoptions(PRArenaPool *poolp,
- CRMFPKIArchiveOptions *destOpt,
- CRMFPKIArchiveOptions *srcOpt)
-{
- SECStatus rv;
- destOpt->archOption = srcOpt->archOption;
- switch (srcOpt->archOption) {
- case crmfEncryptedPrivateKey:
- rv = crmf_copy_encryptedkey(poolp,
- &srcOpt->option.encryptedKey,
- &destOpt->option.encryptedKey);
- break;
- case crmfKeyGenParameters:
- case crmfArchiveRemGenPrivKey:
- /* We've got a union, so having a pointer to one is just
- * like having a pointer to the other one.
- */
- rv = SECITEM_CopyItem(poolp,
- &destOpt->option.keyGenParameters,
- &srcOpt->option.keyGenParameters);
- break;
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus
-crmf_check_and_adjust_archoption(CRMFControl *inControl)
-{
- CRMFPKIArchiveOptions *options;
-
- options = &inControl->value.archiveOptions;
- if (options->archOption == crmfNoArchiveOptions) {
- /* It hasn't been set, so figure it out from the
- * der.
- */
- switch (inControl->derValue.data[0] & 0x0f) {
- case 0:
- options->archOption = crmfEncryptedPrivateKey;
- break;
- case 1:
- options->archOption = crmfKeyGenParameters;
- break;
- case 2:
- options->archOption = crmfArchiveRemGenPrivKey;
- break;
- default:
- /* We've got bad DER. Return an error. */
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static const SEC_ASN1Template *
-crmf_get_pkiarchive_subtemplate(CRMFControl *inControl)
-{
- const SEC_ASN1Template *retTemplate;
- SECStatus rv;
- /*
- * We could be in the process of decoding, in which case the
- * archOption field will not be set. Let's check it and set
- * it accordingly.
- */
-
- rv = crmf_check_and_adjust_archoption(inControl);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- switch (inControl->value.archiveOptions.archOption) {
- case crmfEncryptedPrivateKey:
- retTemplate = CRMFEncryptedKeyWithEncryptedValueTemplate;
- inControl->value.archiveOptions.option.encryptedKey.encKeyChoice =
- crmfEncryptedValueChoice;
- break;
- default:
- retTemplate = NULL;
- }
- return retTemplate;
-}
-
-const SEC_ASN1Template*
-crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl)
-{
- const SEC_ASN1Template *retTemplate;
-
- switch (inControl->tag) {
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- retTemplate = SEC_ASN1_GET(SEC_UTF8StringTemplate);
- break;
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- retTemplate = crmf_get_pkiarchive_subtemplate(inControl);
- break;
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- /* We don't support these controls, so we fail for now.*/
- retTemplate = NULL;
- break;
- default:
- retTemplate = NULL;
- }
- return retTemplate;
-}
-
-static SECStatus
-crmf_encode_pkiarchiveoptions(PRArenaPool *poolp, CRMFControl *inControl)
-{
- const SEC_ASN1Template *asn1Template;
-
- asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
- /* We've got a union, so passing a pointer to one element of the
- * union, is the same as passing a pointer to any of the other
- * members of the union.
- */
- SEC_ASN1EncodeItem(poolp, &inControl->derValue,
- &inControl->value.archiveOptions, asn1Template);
-
- if (inControl->derValue.data == NULL) {
- goto loser;
- }
- return SECSuccess;
- loser:
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq,
- CRMFPKIArchiveOptions *inOptions)
-{
- CRMFControl *newControl;
- PRArenaPool *poolp;
- SECStatus rv;
- void *mark;
-
- PORT_Assert(inCertReq != NULL && inOptions != NULL);
- if (inCertReq == NULL || inOptions == NULL) {
- return SECFailure;
- }
- poolp = inCertReq->poolp;
- mark = PORT_ArenaMark(poolp);
- rv = crmf_add_new_control(inCertReq,
- SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
- &newControl);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_copy_pkiarchiveoptions(poolp,
- &newControl->value.archiveOptions,
- inOptions);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_encode_pkiarchiveoptions(poolp, newControl);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-crmf_destroy_control(CRMFControl *inControl, PRBool freeit)
-{
- PORT_Assert(inControl != NULL);
- if (inControl != NULL) {
- SECITEM_FreeItem(&inControl->derTag, PR_FALSE);
- SECITEM_FreeItem(&inControl->derValue, PR_FALSE);
- /* None of the other tags require special processing at
- * the moment when freeing because they are not supported,
- * but if/when they are, add the necessary routines here.
- * If all controls are supported, then every member of the
- * union inControl->value will have a case that deals with
- * it in the following switch statement.
- */
- switch (inControl->tag) {
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- crmf_destroy_pkiarchiveoptions(&inControl->value.archiveOptions,
- PR_FALSE);
- break;
- default:
- /* Put this here to get rid of all those annoying warnings.*/
- break;
- }
- if (freeit) {
- PORT_Free(inControl);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyControl(CRMFControl *inControl)
-{
- return crmf_destroy_control(inControl, PR_TRUE);
-}
-
-static SECOidTag
-crmf_controltype_to_tag(CRMFControlType inControlType)
-{
- SECOidTag retVal;
-
- switch(inControlType) {
- case crmfRegTokenControl:
- retVal = SEC_OID_PKIX_REGCTRL_REGTOKEN;
- break;
- case crmfAuthenticatorControl:
- retVal = SEC_OID_PKIX_REGCTRL_AUTHENTICATOR;
- break;
- case crmfPKIPublicationInfoControl:
- retVal = SEC_OID_PKIX_REGCTRL_PKIPUBINFO;
- break;
- case crmfPKIArchiveOptionsControl:
- retVal = SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS;
- break;
- case crmfOldCertIDControl:
- retVal = SEC_OID_PKIX_REGCTRL_OLD_CERT_ID;
- break;
- case crmfProtocolEncrKeyControl:
- retVal = SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY;
- break;
- default:
- retVal = SEC_OID_UNKNOWN;
- break;
- }
- return retVal;
-}
-
-PRBool
-CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
- CRMFControlType inControlType)
-{
- SECOidTag controlTag;
- int i;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL || inCertReq->controls == NULL) {
- return PR_FALSE;
- }
- controlTag = crmf_controltype_to_tag(inControlType);
- for (i=0; inCertReq->controls[i] != NULL; i++) {
- if (inCertReq->controls[i]->tag == controlTag) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
diff --git a/security/nss/lib/crmf/crmfdec.c b/security/nss/lib/crmf/crmfdec.c
deleted file mode 100644
index cce945e6d..000000000
--- a/security/nss/lib/crmf/crmfdec.c
+++ /dev/null
@@ -1,380 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-
-static CRMFPOPChoice
-crmf_get_popchoice_from_der(SECItem *derPOP)
-{
- CRMFPOPChoice retChoice;
-
- switch (derPOP->data[0] & 0x0f) {
- case 0:
- retChoice = crmfRAVerified;
- break;
- case 1:
- retChoice = crmfSignature;
- break;
- case 2:
- retChoice = crmfKeyEncipherment;
- break;
- case 3:
- retChoice = crmfKeyAgreement;
- break;
- default:
- retChoice = crmfNoPOPChoice;
- break;
- }
- return retChoice;
-}
-
-static SECStatus
-crmf_decode_process_raverified(CRMFCertReqMsg *inCertReqMsg)
-{
- CRMFProofOfPossession *pop;
- /* Just set up the structure so that the message structure
- * looks like one that was created using the API
- */
- pop = inCertReqMsg->pop;
- pop->popChoice.raVerified.data = NULL;
- pop->popChoice.raVerified.len = 0;
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_signature(CRMFCertReqMsg *inCertReqMsg)
-{
- return SEC_ASN1Decode(inCertReqMsg->poolp,
- &inCertReqMsg->pop->popChoice.signature,
- CRMFPOPOSigningKeyTemplate,
- (const char*)inCertReqMsg->derPOP.data,
- inCertReqMsg->derPOP.len);
-}
-
-static CRMFPOPOPrivKeyChoice
-crmf_get_messagechoice_from_der(SECItem *derPOP)
-{
- CRMFPOPOPrivKeyChoice retChoice;
-
- switch (derPOP->data[2] & 0x0f) {
- case 0:
- retChoice = crmfThisMessage;
- break;
- case 1:
- retChoice = crmfSubsequentMessage;
- break;
- case 2:
- retChoice = crmfDHMAC;
- break;
- default:
- retChoice = crmfNoMessage;
- }
- return retChoice;
-}
-
-static SECStatus
-crmf_decode_process_popoprivkey(CRMFCertReqMsg *inCertReqMsg)
-{
- /* We've got a union, so a pointer to one POPOPrivKey
- * struct is the same as having a pointer to the other
- * one.
- */
- CRMFPOPOPrivKey *popoPrivKey =
- &inCertReqMsg->pop->popChoice.keyEncipherment;
- SECItem *derPOP, privKeyDer;
- SECStatus rv;
-
- derPOP = &inCertReqMsg->derPOP;
- popoPrivKey->messageChoice = crmf_get_messagechoice_from_der(derPOP);
- if (popoPrivKey->messageChoice == crmfNoMessage) {
- return SECFailure;
- }
- /* If we ever encounter BER encodings of this, we'll get in trouble*/
- switch (popoPrivKey->messageChoice) {
- case crmfThisMessage:
- case crmfDHMAC:
- privKeyDer.data = &derPOP->data[5];
- privKeyDer.len = derPOP->len - 5;
- break;
- case crmfSubsequentMessage:
- privKeyDer.data = &derPOP->data[4];
- privKeyDer.len = derPOP->len - 4;
- break;
- default:
- rv = SECFailure;
- }
-
- rv = SECITEM_CopyItem(inCertReqMsg->poolp,
- &popoPrivKey->message.subsequentMessage,
- &privKeyDer);
-
- if (rv != SECSuccess) {
- return rv;
- }
-
- if (popoPrivKey->messageChoice == crmfThisMessage ||
- popoPrivKey->messageChoice == crmfDHMAC) {
-
- popoPrivKey->message.thisMessage.len =
- CRMF_BYTES_TO_BITS(privKeyDer.len) - (int)derPOP->data[4];
-
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_keyagreement(CRMFCertReqMsg *inCertReqMsg)
-{
- return crmf_decode_process_popoprivkey(inCertReqMsg);
-}
-
-static SECStatus
-crmf_decode_process_keyencipherment(CRMFCertReqMsg *inCertReqMsg)
-{
- SECStatus rv;
-
- rv = crmf_decode_process_popoprivkey(inCertReqMsg);
- if (rv != SECSuccess) {
- return rv;
- }
- if (inCertReqMsg->pop->popChoice.keyEncipherment.messageChoice ==
- crmfDHMAC) {
- /* Key Encipherment can not use the dhMAC option for
- * POPOPrivKey.
- */
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_pop(CRMFCertReqMsg *inCertReqMsg)
-{
- SECItem *derPOP;
- PRArenaPool *poolp;
- CRMFProofOfPossession *pop;
- void *mark;
- SECStatus rv;
-
- derPOP = &inCertReqMsg->derPOP;
- poolp = inCertReqMsg->poolp;
- if (derPOP->data == NULL) {
- /* There is no Proof of Possession field in this message. */
- return SECSuccess;
- }
- mark = PORT_ArenaMark(poolp);
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
- pop->popUsed = crmf_get_popchoice_from_der(derPOP);
- if (pop->popUsed == crmfNoPOPChoice) {
- /* A bad encoding of CRMF. Not a valid tag was given to the
- * Proof Of Possession field.
- */
- goto loser;
- }
- inCertReqMsg->pop = pop;
- switch (pop->popUsed) {
- case crmfRAVerified:
- rv = crmf_decode_process_raverified(inCertReqMsg);
- break;
- case crmfSignature:
- rv = crmf_decode_process_signature(inCertReqMsg);
- break;
- case crmfKeyEncipherment:
- rv = crmf_decode_process_keyencipherment(inCertReqMsg);
- break;
- case crmfKeyAgreement:
- rv = crmf_decode_process_keyagreement(inCertReqMsg);
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- inCertReqMsg->pop = NULL;
- return SECFailure;
-
-}
-
-static SECStatus
-crmf_decode_process_single_control(PRArenaPool *poolp,
- CRMFControl *inControl)
-{
- const SEC_ASN1Template *asn1Template = NULL;
-
- inControl->tag = SECOID_FindOIDTag(&inControl->derTag);
- asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
-
- PORT_Assert (asn1Template != NULL);
- /* We've got a union, so passing a pointer to one element of the
- * union is the same as passing a pointer to any of the other
- * members of the union.
- */
- return SEC_ASN1Decode(poolp, &inControl->value.archiveOptions,
- asn1Template, (const char*)inControl->derValue.data,
- inControl->derValue.len);
-}
-
-static SECStatus
-crmf_decode_process_controls(CRMFCertReqMsg *inCertReqMsg)
-{
- int i, numControls;
- SECStatus rv;
- PRArenaPool *poolp;
- CRMFControl **controls;
-
- numControls = CRMF_CertRequestGetNumControls(inCertReqMsg->certReq);
- controls = inCertReqMsg->certReq->controls;
- poolp = inCertReqMsg->poolp;
- for (i=0; i < numControls; i++) {
- rv = crmf_decode_process_single_control(poolp, controls[i]);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_single_reqmsg(CRMFCertReqMsg *inCertReqMsg)
-{
- SECStatus rv;
-
- rv = crmf_decode_process_pop(inCertReqMsg);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_decode_process_controls(inCertReqMsg);
- if (rv != SECSuccess) {
- goto loser;
- }
- inCertReqMsg->certReq->certTemplate.numExtensions =
- CRMF_CertRequestGetNumberOfExtensions(inCertReqMsg->certReq);
- inCertReqMsg->isDecoded = PR_TRUE;
- rv = SECSuccess;
- loser:
- return rv;
-}
-
-CRMFCertReqMsg*
-CRMF_CreateCertReqMsgFromDER (const char * buf, long len)
-{
- PRArenaPool *poolp;
- CRMFCertReqMsg *certReqMsg;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- certReqMsg = PORT_ArenaZNew (poolp, CRMFCertReqMsg);
- if (certReqMsg == NULL) {
- goto loser;
- }
- certReqMsg->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, certReqMsg, CRMFCertReqMsgTemplate, buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_decode_process_single_reqmsg(certReqMsg);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- return certReqMsg;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-CRMFCertReqMessages*
-CRMF_CreateCertReqMessagesFromDER(const char *buf, long len)
-{
- long arenaSize;
- int i;
- SECStatus rv;
- PRArenaPool *poolp;
- CRMFCertReqMessages *certReqMsgs;
-
- PORT_Assert (buf != NULL);
- /* Wanna make sure the arena is big enough to store all of the requests
- * coming in. We'll guestimate according to the length of the buffer.
- */
- arenaSize = len * 1.5;
- poolp = PORT_NewArena(arenaSize);
- if (poolp == NULL) {
- return NULL;
- }
- certReqMsgs = PORT_ArenaZNew(poolp, CRMFCertReqMessages);
- if (certReqMsgs == NULL) {
- goto loser;
- }
- certReqMsgs->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, certReqMsgs, CRMFCertReqMessagesTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- for (i=0; certReqMsgs->messages[i] != NULL; i++) {
- /* The sub-routines expect the individual messages to have
- * an arena. We'll give them one temporarily.
- */
- certReqMsgs->messages[i]->poolp = poolp;
- rv = crmf_decode_process_single_reqmsg(certReqMsgs->messages[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- certReqMsgs->messages[i]->poolp = NULL;
- }
- return certReqMsgs;
-
- loser:
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
-}
diff --git a/security/nss/lib/crmf/crmfenc.c b/security/nss/lib/crmf/crmfenc.c
deleted file mode 100644
index f96041c96..000000000
--- a/security/nss/lib/crmf/crmfenc.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-
-SECStatus
-CRMF_EncodeCertReqMsg(CRMFCertReqMsg *inCertReqMsg,
- CRMFEncoderOutputCallback fn,
- void *arg)
-{
- struct crmfEncoderOutput output;
-
- output.fn = fn;
- output.outputArg = arg;
- return SEC_ASN1Encode(inCertReqMsg,CRMFCertReqMsgTemplate,
- crmf_encoder_out, &output);
-
-}
-
-
-SECStatus
-CRMF_EncodeCertRequest(CRMFCertRequest *inCertReq,
- CRMFEncoderOutputCallback fn,
- void *arg)
-{
- struct crmfEncoderOutput output;
-
- output.fn = fn;
- output.outputArg = arg;
- return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate,
- crmf_encoder_out, &output);
-}
-
-SECStatus
-CRMF_EncodeCertReqMessages(CRMFCertReqMsg **inCertReqMsgs,
- CRMFEncoderOutputCallback fn,
- void *arg)
-{
- struct crmfEncoderOutput output;
- CRMFCertReqMessages msgs;
-
- output.fn = fn;
- output.outputArg = arg;
- msgs.messages = inCertReqMsgs;
- return SEC_ASN1Encode(&msgs, CRMFCertReqMessagesTemplate,
- crmf_encoder_out, &output);
-}
-
-
-
-
diff --git a/security/nss/lib/crmf/crmffut.h b/security/nss/lib/crmf/crmffut.h
deleted file mode 100644
index e4244f3e6..000000000
--- a/security/nss/lib/crmf/crmffut.h
+++ /dev/null
@@ -1,390 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * These functions to be implemented in the future if the features
- * which these functions would implement wind up being needed.
- */
-
-/*
- * Use this functionto create the CRMFSinglePubInfo* variables that will
- * populate the inPubInfoArray paramter for the funciton
- * CRMF_CreatePKIPublicationInfo.
- *
- * "inPubMethod" specifies which publication method will be used
- * "pubLocation" is a representation of the location where
- */
-extern CRMFSinglePubInfo*
- CRMF_CreateSinglePubInfo(CRMFPublicationMethod inPubMethod,
- CRMFGeneralName *pubLocation);
-
-/*
- * Create a PKIPublicationInfo that can later be passed to the function
- * CRMFAddPubInfoControl.
- */
-extern CRMFPKIPublicationInfo *
- CRMF_CreatePKIPublicationInfo(CRMFPublicationAction inAction,
- CRMFSinglePubInfo **inPubInfoArray,
- int numPubInfo);
-
-/*
- * Only call this function on a CRMFPublicationInfo that was created by
- * CRMF_CreatePKIPublicationInfo that was passed in NULL for arena.
- */
-
-extern SECStatus
- CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
-
-extern SECStatus CRMF_AddPubInfoControl(CRMFCertRequest *inCertReq,
- CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * This is to create a Cert ID Control which can later be added to
- * a certificate request.
- */
-extern CRMFCertID* CRMF_CreateCertID(CRMFGeneralName *issuer,
- long serialNumber);
-
-extern SECStatus CRMF_DestroyCertID(CRMFCertID* certID);
-
-extern SECStatus CRMF_AddCertIDControl(CRMFCertRequest *inCertReq,
- CRMFCertID *certID);
-
-extern SECStatus
- CRMF_AddProtocolEncryptioKeyControl(CRMFCertRequest *inCertReq,
- CERTSubjectPublicKeyInfo *spki);
-
-/*
- * Add the ASCII Pairs Registration Info to the Certificate Request.
- * The SECItem must be an OCTET string representation.
- */
-extern SECStatus
- CRMF_AddUTF8PairsRegInfo(CRMFCertRequest *inCertReq,
- SECItem *asciiPairs);
-
-/*
- * This takes a CertRequest and adds it to another CertRequest.
- */
-extern SECStatus
- CRMF_AddCertReqToRegInfo(CRMFCertRequest *certReqToAddTo,
- CRMFCertRequest *certReqBeingAdded);
-
-/*
- * Returns which option was used for the authInfo field of POPOSigningKeyInput
- */
-extern CRMFPOPOSkiInputAuthChoice
- CRMF_GetSignKeyInputAuthChoice(CRMFPOPOSigningKeyInput *inKeyInput);
-
-/*
- * Gets the PKMACValue associated with the POPOSigningKeyInput.
- * If the POPOSigningKeyInput did not use authInfo.publicKeyMAC
- * the function returns SECFailure and the value at *destValue is unchanged.
- *
- * If the POPOSigningKeyInput did use authInfo.publicKeyMAC, the function
- * returns SECSuccess and places the PKMACValue at *destValue.
- */
-extern SECStatus
- CRMF_GetSignKeyInputPKMACValue(CRMFPOPOSigningKeyInput *inKeyInput,
- CRMFPKMACValue **destValue);
-/*
- * Gets the SubjectPublicKeyInfo from the POPOSigningKeyInput
- */
-extern CERTSubjectPublicKeyInfo *
- CRMF_GetSignKeyInputPublicKey(CRMFPOPOSigningKeyInput *inKeyInput);
-
-
-/*
- * Return the value for the PKIPublicationInfo Control.
- * A return value of NULL indicates that the Control was
- * not a PKIPublicationInfo Control. Call
- * CRMF_DestroyPKIPublicationInfo on the return value when done
- * using the pointer.
- */
-extern CRMFPKIPublicationInfo* CRMF_GetPKIPubInfo(CRMFControl *inControl);
-
-/*
- * Free up a CRMFPKIPublicationInfo structure.
- */
-extern SECStatus
- CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the choice used for action in this PKIPublicationInfo.
- */
-extern CRMFPublicationAction
- CRMF_GetPublicationAction(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the number of pubInfos are stored in the PKIPubicationInfo.
- */
-extern int CRMF_GetNumPubInfos(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the pubInfo at index for the given PKIPubicationInfo.
- * Indexing is done like a traditional C Array. (0 .. numElements-1)
- */
-extern CRMFSinglePubInfo*
- CRMF_GetPubInfoAtIndex(CRMFPKIPublicationInfo *inPubInfo,
- int index);
-
-/*
- * Destroy the CRMFSinglePubInfo.
- */
-extern SECStatus CRMF_DestroySinglePubInfo(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the pubMethod used by the SinglePubInfo.
- */
-extern CRMFPublicationMethod
- CRMF_GetPublicationMethod(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the pubLocation associated with the SinglePubInfo.
- * A NULL return value indicates there was no pubLocation associated
- * with the SinglePuInfo.
- */
-extern CRMFGeneralName* CRMF_GetPubLocation(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the authInfo.sender field out of the POPOSigningKeyInput.
- * If the POPOSigningKeyInput did not use the authInfo the function
- * returns SECFailure and the value at *destName is unchanged.
- *
- * If the POPOSigningKeyInput did use authInfo.sender, the function returns
- * SECSuccess and puts the authInfo.sender at *destName/
- */
-extern SECStatus CRMF_GetSignKeyInputSender(CRMFPOPOSigningKeyInput *keyInput,
- CRMFGeneralName **destName);
-
-/**************** CMMF Functions that need to be added. **********************/
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
- * INPUTS:
- * inDecKeyChall
- * The CMMFPOPODecKeyChallContent to operate on.
- * inRandom
- * The random number to use when generating the challenge,
- * inSender
- * The GeneralName representation of the sender of the challenge.
- * inPubKey
- * The public key to use when encrypting the challenge.
- * NOTES:
- * This function adds a challenge to the end of the list of challenges
- * contained by 'inDecKeyChall'. Refer to the CMMF draft on how the
- * the random number passed in and the sender's GeneralName are used
- * to generate the challenge and witness fields of the challenge. This
- * library will use SHA1 as the one-way function for generating the
- * witess field of the challenge.
- *
- * RETURN:
- * SECSuccess if generating the challenge and adding to the end of list
- * of challenges was successful. Any other return value indicates an error
- * while trying to generate the challenge.
- */
-extern SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
- (CMMFPOPODecKeyChallContent *inDecKeyChall,
- long inRandom,
- CERTGeneralName *inSender,
- SECKEYPublicKey *inPubKey);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
- * INPUTS:
- * inKeyChallCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * RETURN:
- * This function returns the number of CMMFChallenges are contained in
- * the CMMFPOPODecKeyChallContent structure.
- */
-extern int CMMF_POPODecKeyChallContentGetNumChallenges
- (CMMFPOPODecKeyChallContent *inKeyChallCont);
-
-/*
- * FUNCTION: CMMF_ChallengeGetRandomNumber
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * inDest
- * A pointer to a user supplied buffer where the library
- * can place a copy of the random integer contatained in the
- * challenge.
- * NOTES:
- * This function returns the value held in the decrypted Rand structure
- * corresponding to the random integer. The user must call
- * CMMF_ChallengeDecryptWitness before calling this function. Call
- * CMMF_ChallengeIsDecrypted to find out if the challenge has been
- * decrypted.
- *
- * RETURN:
- * SECSuccess indicates the witness field has been previously decrypted
- * and the value for the random integer was successfully placed at *inDest.
- * Any other return value indicates an error and that the value at *inDest
- * is not a valid value.
- */
-extern SECStatus CMMF_ChallengeGetRandomNumber(CMMFChallenge *inChallenge,
- long *inDest);
-
-/*
- * FUNCTION: CMMF_ChallengeGetSender
- * INPUTS:
- * inChallenge
- * the CMMFChallenge to operate on.
- * NOTES:
- * This function returns the value held in the decrypted Rand structure
- * corresponding to the sender. The user must call
- * CMMF_ChallengeDecryptWitness before calling this function. Call
- * CMMF_ChallengeIsDecrypted to find out if the witness field has been
- * decrypted. The user must call CERT_DestroyGeneralName after the return
- * value is no longer needed.
- *
- * RETURN:
- * A pointer to a copy of the sender CERTGeneralName. A return value of
- * NULL indicates an error in trying to copy the information or that the
- * witness field has not been decrypted.
- */
-extern CERTGeneralName* CMMF_ChallengeGetSender(CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_ChallengeGetAlgId
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * inDestAlgId
- * A pointer to memory where a pointer to a copy of the algorithm
- * id can be placed.
- * NOTES:
- * This function retrieves the one way function algorithm identifier
- * contained within the CMMFChallenge if the optional field is present.
- *
- * RETURN:
- * SECSucces indicates the function was able to place a pointer to a copy of
- * the alogrithm id at *inAlgId. If the value at *inDestAlgId is NULL,
- * that means there was no algorithm identifier present in the
- * CMMFChallenge. Any other return value indicates the function was not
- * able to make a copy of the algorithm identifier. In this case the value
- * at *inDestAlgId is not valid.
- */
-extern SECStatus CMMF_ChallengeGetAlgId(CMMFChallenge *inChallenge,
- SECAlgorithmID *inAlgId);
-
-/*
- * FUNCTION: CMMF_DestroyChallenge
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to free up.
- * NOTES:
- * This function frees up all the memory associated with the CMMFChallenge
- * passed in.
- * RETURN:
- * SECSuccess if freeing all the memory associated with the CMMFChallenge
- * passed in is successful. Any other return value indicates an error
- * while freeing the memory.
- */
-extern SECStatus CMMF_DestroyChallenge (CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
- * INPUTS:
- * inDecKeyResp
- * The CMMFPOPODecKeyRespContent structure to free.
- * NOTES:
- * This function frees up all the memory associate with the
- * CMMFPOPODecKeyRespContent.
- *
- * RETURN:
- * SECSuccess if freeint up all the memory associated with the
- * CMMFPOPODecKeyRespContent structure is successful. Any other
- * return value indicates an error while freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
-
-/*
- * FUNCTION: CMMF_ChallengeDecryptWitness
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * inPrivKey
- * The private key to use to decrypt the witness field.
- * NOTES:
- * This function uses the private key to decrypt the challenge field
- * contained in the CMMFChallenge. Make sure the private key matches the
- * public key that was used to encrypt the witness. The creator of
- * the challenge will most likely be an RA that has the public key
- * from a Cert request. So the private key should be the private key
- * associated with public key in that request. This function will also
- * verify the witness field of the challenge.
- *
- * RETURN:
- * SECSuccess if decrypting the witness field was successful. This does
- * not indicate that the decrypted data is valid, since the private key
- * passed in may not be the actual key needed to properly decrypt the
- * witness field. Meaning that there is a decrypted structure now, but
- * may be garbage because the private key was incorrect.
- * Any other return value indicates the function could not complete the
- * decryption process.
- */
-extern SECStatus CMMF_ChallengeDecryptWitness(CMMFChallenge *inChallenge,
- SECKEYPrivateKey *inPrivKey);
-
-/*
- * FUNCTION: CMMF_ChallengeIsDecrypted
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * RETURN:
- * This is a predicate function that returns PR_TRUE if the decryption
- * process has already been performed. The function return PR_FALSE if
- * the decryption process has not been performed yet.
- */
-extern PRBool CMMF_ChallengeIsDecrypted(CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
- * INPUTS:
- * inDecKeyCont
- * The CMMFPOPODecKeyChallContent to free
- * NOTES:
- * This function frees up all the memory associated with the
- * CMMFPOPODecKeyChallContent
- * RETURN:
- * SECSuccess if freeing up all the memory associatd with the
- * CMMFPOPODecKeyChallContent is successful. Any other return value
- * indicates an error while freeing the memory.
- *
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyChallContent (CMMFPOPODecKeyChallContent *inDecKeyCont);
-
diff --git a/security/nss/lib/crmf/crmfget.c b/security/nss/lib/crmf/crmfget.c
deleted file mode 100644
index 11f27a72d..000000000
--- a/security/nss/lib/crmf/crmfget.c
+++ /dev/null
@@ -1,478 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "keyhi.h"
-#include "secder.h"
-
-
-CRMFPOPChoice
-CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg)
-{
- PORT_Assert(inCertReqMsg != NULL);
- if (inCertReqMsg != NULL && inCertReqMsg->pop != NULL) {
- return inCertReqMsg->pop->popUsed;
- }
- return crmfNoPOPChoice;
-}
-
-static SECStatus
-crmf_destroy_validity(CRMFOptionalValidity *inValidity, PRBool freeit)
-{
- if (inValidity != NULL){
- if (inValidity->notBefore.data != NULL) {
- PORT_Free(inValidity->notBefore.data);
- }
- if (inValidity->notAfter.data != NULL) {
- PORT_Free(inValidity->notAfter.data);
- }
- if (freeit) {
- PORT_Free(inValidity);
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_copy_cert_request_validity(PRArenaPool *poolp,
- CRMFOptionalValidity **destValidity,
- CRMFOptionalValidity *srcValidity)
-{
- CRMFOptionalValidity *myValidity = NULL;
- SECStatus rv;
-
- *destValidity = myValidity = (poolp == NULL) ?
- PORT_ZNew(CRMFOptionalValidity) :
- PORT_ArenaZNew(poolp, CRMFOptionalValidity);
- if (myValidity == NULL) {
- goto loser;
- }
- if (srcValidity->notBefore.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &myValidity->notBefore,
- &srcValidity->notBefore);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValidity->notAfter.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &myValidity->notAfter,
- &srcValidity->notAfter);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return SECSuccess;
- loser:
- if (myValidity != NULL && poolp == NULL) {
- crmf_destroy_validity(myValidity, PR_TRUE);
- }
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_extensions(PRArenaPool *poolp,
- CRMFCertTemplate *destTemplate,
- CRMFCertExtension **srcExt)
-{
- int numExt = 0, i;
- CRMFCertExtension **myExtArray = NULL;
-
- while (srcExt[numExt] != NULL) {
- numExt++;
- }
- if (numExt == 0) {
- /*No extensions to copy.*/
- destTemplate->extensions = NULL;
- destTemplate->numExtensions = 0;
- return SECSuccess;
- }
- destTemplate->extensions = myExtArray =
- PORT_NewArray(CRMFCertExtension*, numExt+1);
- if (myExtArray == NULL) {
- goto loser;
- }
-
- for (i=0; i<numExt; i++) {
- myExtArray[i] = crmf_copy_cert_extension(poolp, srcExt[i]);
- if (myExtArray[i] == NULL) {
- goto loser;
- }
- }
- destTemplate->numExtensions = numExt;
- myExtArray[numExt] = NULL;
- return SECSuccess;
- loser:
- if (myExtArray != NULL) {
- if (poolp == NULL) {
- for (i=0; myExtArray[i] != NULL; i++) {
- CRMF_DestroyCertExtension(myExtArray[i]);
- }
- }
- PORT_Free(myExtArray);
- }
- destTemplate->extensions = NULL;
- destTemplate->numExtensions = 0;
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_cert_request_template(PRArenaPool *poolp,
- CRMFCertTemplate *destTemplate,
- CRMFCertTemplate *srcTemplate)
-{
- SECStatus rv;
-
- if (srcTemplate->version.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &destTemplate->version,
- &srcTemplate->version);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->serialNumber.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &destTemplate->serialNumber,
- &srcTemplate->serialNumber);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->signingAlg != NULL) {
- rv = crmf_template_copy_secalg(poolp, &destTemplate->signingAlg,
- srcTemplate->signingAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->issuer != NULL) {
- rv = crmf_copy_cert_name(poolp, &destTemplate->issuer,
- srcTemplate->issuer);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->validity != NULL) {
- rv = crmf_copy_cert_request_validity(poolp, &destTemplate->validity,
- srcTemplate->validity);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->subject != NULL) {
- rv = crmf_copy_cert_name(poolp, &destTemplate->subject,
- srcTemplate->subject);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->publicKey != NULL) {
- rv = crmf_template_add_public_key(poolp, &destTemplate->publicKey,
- srcTemplate->publicKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->issuerUID.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp, &destTemplate->issuerUID,
- &srcTemplate->issuerUID);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->subjectUID.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp, &destTemplate->subjectUID,
- &srcTemplate->subjectUID);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->extensions != NULL) {
- rv = crmf_copy_extensions(poolp, destTemplate,
- srcTemplate->extensions);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return SECSuccess;
- loser:
- return SECFailure;
-}
-
-static CRMFControl*
-crmf_copy_control(PRArenaPool *poolp, CRMFControl *srcControl)
-{
- CRMFControl *newControl;
- SECStatus rv;
-
- newControl = (poolp == NULL) ? PORT_ZNew(CRMFControl) :
- PORT_ArenaZNew(poolp, CRMFControl);
- if (newControl == NULL) {
- goto loser;
- }
- newControl->tag = srcControl->tag;
- rv = SECITEM_CopyItem(poolp, &newControl->derTag, &srcControl->derTag);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &newControl->derValue, &srcControl->derValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* We only handle PKIArchiveOptions Control right now. But if in
- * the future, more controls that are part of the union are added,
- * then they need to be handled here as well.
- */
- switch (newControl->tag) {
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- rv = crmf_copy_pkiarchiveoptions(poolp,
- &newControl->value.archiveOptions,
- &srcControl->value.archiveOptions);
- break;
- default:
- rv = SECSuccess;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- return newControl;
-
- loser:
- if (poolp == NULL && newControl != NULL) {
- CRMF_DestroyControl(newControl);
- }
- return NULL;
-}
-
-static SECStatus
-crmf_copy_cert_request_controls(PRArenaPool *poolp,
- CRMFCertRequest *destReq,
- CRMFCertRequest *srcReq)
-{
- int numControls, i;
- CRMFControl **myControls = NULL;
-
- numControls = CRMF_CertRequestGetNumControls(srcReq);
- if (numControls == 0) {
- /* No Controls To Copy*/
- return SECSuccess;
- }
- myControls = destReq->controls = PORT_NewArray(CRMFControl*,
- numControls+1);
- if (myControls == NULL) {
- goto loser;
- }
- for (i=0; i<numControls; i++) {
- myControls[i] = crmf_copy_control(poolp, srcReq->controls[i]);
- if (myControls[i] == NULL) {
- goto loser;
- }
- }
- myControls[numControls] = NULL;
- return SECSuccess;
- loser:
- if (myControls != NULL) {
- if (poolp == NULL) {
- for (i=0; myControls[i] != NULL; i++) {
- CRMF_DestroyControl(myControls[i]);
- }
- }
- PORT_Free(myControls);
- }
- return SECFailure;
-}
-
-
-CRMFCertRequest*
-crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq)
-{
- CRMFCertRequest *newReq = NULL;
- SECStatus rv;
-
- if (srcReq == NULL) {
- return NULL;
- }
- newReq = (poolp == NULL) ? PORT_ZNew(CRMFCertRequest) :
- PORT_ArenaZNew(poolp, CRMFCertRequest);
- if (newReq == NULL) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &newReq->certReqId, &srcReq->certReqId);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = crmf_copy_cert_request_template(poolp, &newReq->certTemplate,
- &srcReq->certTemplate);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = crmf_copy_cert_request_controls(poolp, newReq, srcReq);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newReq;
- loser:
- if (newReq != NULL && poolp == NULL) {
- CRMF_DestroyCertRequest(newReq);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyGetValidity(CRMFGetValidity *inValidity)
-{
- PORT_Assert(inValidity != NULL);
- if (inValidity != NULL) {
- if (inValidity->notAfter) {
- PORT_Free(inValidity->notAfter);
- inValidity->notAfter = NULL;
- }
- if (inValidity->notBefore) {
- PORT_Free(inValidity->notBefore);
- inValidity->notBefore = NULL;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest, SECItem *src)
-{
- int origLenBits;
- int bytesToCopy;
- SECStatus rv;
-
- origLenBits = src->len;
- bytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
- src->len = bytesToCopy;
- rv = SECITEM_CopyItem(arena, dest, src);
- src->len = origLenBits;
- if (rv != SECSuccess) {
- return rv;
- }
- dest->len = origLenBits;
- return SECSuccess;
-}
-
-int
-CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq)
-{
- CRMFCertTemplate *certTemplate;
- int count = 0;
-
- certTemplate = &inCertReq->certTemplate;
- if (certTemplate->extensions) {
- while (certTemplate->extensions[count] != NULL)
- count++;
- }
- return count;
-}
-
-SECOidTag
-CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension)
-{
- PORT_Assert(inExtension != NULL);
- if (inExtension == NULL) {
- return SEC_OID_UNKNOWN;
- }
- return SECOID_FindOIDTag(&inExtension->id);
-}
-
-PRBool
-CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt)
-{
- PORT_Assert(inExt != NULL);
- if (inExt == NULL) {
- return PR_FALSE;
- }
- return inExt->critical.data != NULL;
-}
-
-SECItem*
-CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension)
-{
- PORT_Assert(inExtension != NULL);
- if (inExtension == NULL) {
- return NULL;
- }
-
- return SECITEM_DupItem(&inExtension->value);
-}
-
-
-SECStatus
-CRMF_DestroyPOPOSigningKey(CRMFPOPOSigningKey *inKey)
-{
- PORT_Assert(inKey != NULL);
- if (inKey != NULL) {
- if (inKey->derInput.data != NULL) {
- SECITEM_FreeItem(&inKey->derInput, PR_FALSE);
- }
- if (inKey->algorithmIdentifier != NULL) {
- SECOID_DestroyAlgorithmID(inKey->algorithmIdentifier, PR_TRUE);
- }
- if (inKey->signature.data != NULL) {
- SECITEM_FreeItem(&inKey->signature, PR_FALSE);
- }
- PORT_Free(inKey);
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey)
-{
- PORT_Assert(inPrivKey != NULL);
- if (inPrivKey != NULL) {
- SECITEM_FreeItem(&inPrivKey->message.thisMessage, PR_FALSE);
- PORT_Free(inPrivKey);
- }
- return SECSuccess;
-}
-
-int
-CRMF_CertRequestGetNumControls(CRMFCertRequest *inCertReq)
-{
- int count = 0;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return 0;
- }
- if (inCertReq->controls) {
- while (inCertReq->controls[count] != NULL)
- count++;
- }
- return count;
-}
-
diff --git a/security/nss/lib/crmf/crmfi.h b/security/nss/lib/crmf/crmfi.h
deleted file mode 100644
index 2a950452d..000000000
--- a/security/nss/lib/crmf/crmfi.h
+++ /dev/null
@@ -1,186 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMFI_H_
-#define _CRMFI_H_
-/* This file will contain all declarations common to both
- * encoding and decoding of CRMF Cert Requests. This header
- * file should only be included internally by CRMF implementation
- * files.
- */
-#include "secasn1.h"
-#include "crmfit.h"
-
-#define CRMF_DEFAULT_ARENA_SIZE 1024
-#define MAX_WRAPPED_KEY_LEN 2048
-
-
-#define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
-#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
-
-struct crmfEncoderArg {
- SECItem *buffer;
- long allocatedLen;
-};
-
-struct crmfEncoderOutput {
- CRMFEncoderOutputCallback fn;
- void *outputArg;
-};
-
-/*
- * This funciton is used by the API for encoding functions that are
- * exposed through the API, ie all of the CMMF_Encode* and CRMF_Encode*
- * functions.
- */
-extern void
- crmf_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-
-/*
- * This function is used when we want to encode something locally within
- * the library, ie the CertRequest so that we can produce its signature.
- */
-extern SECStatus
- crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
- SECItem *derDest);
-
-/*
- * This is the callback function we feed to the ASN1 encoder when doing
- * internal DER-encodings. ie, encoding the cert request so we can
- * produce a signature.
- */
-extern void
-crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-
-/* The ASN1 templates that need to be seen by internal files
- * in order to implement CRMF.
- */
-extern const SEC_ASN1Template CRMFCertReqMsgTemplate[];
-extern const SEC_ASN1Template CRMFRAVerifiedTemplate[];
-extern const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[];
-extern const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[];
-extern const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[];
-extern const SEC_ASN1Template CRMFThisMessageTemplate[];
-extern const SEC_ASN1Template CRMFSubsequentMessageTemplate[];
-extern const SEC_ASN1Template CRMFDHMACTemplate[];
-extern const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[];
-extern const SEC_ASN1Template CRMFEncryptedValueTemplate[];
-
-/*
- * Use these two values for encoding Boolean values.
- */
-extern const unsigned char hexTrue;
-extern const unsigned char hexFalse;
-/*
- * Prototypes for helper routines used internally by multiple files.
- */
-extern SECStatus crmf_encode_integer(PRArenaPool *poolp, SECItem *dest,
- long value);
-extern SECStatus crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest,
- SECItem *src);
-
-extern SECStatus crmf_copy_pkiarchiveoptions(PRArenaPool *poolp,
- CRMFPKIArchiveOptions *destOpt,
- CRMFPKIArchiveOptions *srcOpt);
-extern SECStatus
- crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
- PRBool freeit);
-extern const SEC_ASN1Template*
- crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl);
-
-extern SECStatus crmf_copy_encryptedkey(PRArenaPool *poolp,
- CRMFEncryptedKey *srcEncrKey,
- CRMFEncryptedKey *destEncrKey);
-extern SECStatus
-crmf_copy_encryptedvalue(PRArenaPool *poolp,
- CRMFEncryptedValue *srcValue,
- CRMFEncryptedValue *destValue);
-
-extern SECStatus
-crmf_copy_encryptedvalue_secalg(PRArenaPool *poolp,
- SECAlgorithmID *srcAlgId,
- SECAlgorithmID **destAlgId);
-
-extern SECStatus crmf_template_copy_secalg(PRArenaPool *poolp,
- SECAlgorithmID **dest,
- SECAlgorithmID *src);
-
-extern SECStatus crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest,
- CERTName *src);
-
-extern SECStatus crmf_template_add_public_key(PRArenaPool *poolp,
- CERTSubjectPublicKeyInfo **dest,
- CERTSubjectPublicKeyInfo *pubKey);
-
-extern CRMFCertExtension* crmf_create_cert_extension(PRArenaPool *poolp,
- SECOidTag tag,
- PRBool isCritical,
- SECItem *data);
-extern CRMFCertRequest*
-crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq);
-
-extern SECStatus crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue,
- PRBool freeit);
-
-extern CRMFEncryptedValue *
-crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey,
- CRMFEncryptedValue *destValue);
-
-extern CK_MECHANISM_TYPE
- crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey);
-
-extern SECStatus
-crmf_encrypted_value_unwrap_priv_key(PRArenaPool *poolp,
- CRMFEncryptedValue *encValue,
- SECKEYPrivateKey *privKey,
- SECKEYPublicKey *newPubKey,
- SECItem *nickname,
- PK11SlotInfo *slot,
- unsigned char keyUsage,
- SECKEYPrivateKey **unWrappedKey,
- void *wincx);
-
-extern SECItem*
-crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest);
-
-extern CRMFCertExtension*
-crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension);
-
-extern SECStatus
-crmf_create_prtime(SECItem *src, PRTime **dest);
-#endif /*_CRMFI_H_*/
diff --git a/security/nss/lib/crmf/crmfit.h b/security/nss/lib/crmf/crmfit.h
deleted file mode 100644
index 4cc95319a..000000000
--- a/security/nss/lib/crmf/crmfit.h
+++ /dev/null
@@ -1,216 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMFIT_H_
-#define _CRMFIT_H_
-
-struct CRMFCertReqMessagesStr {
- CRMFCertReqMsg **messages;
- PRArenaPool *poolp;
-};
-
-struct CRMFCertExtensionStr {
- SECItem id;
- SECItem critical;
- SECItem value;
-};
-
-
-struct CRMFOptionalValidityStr {
- SECItem notBefore;
- SECItem notAfter;
-};
-
-struct CRMFCertTemplateStr {
- SECItem version;
- SECItem serialNumber;
- SECAlgorithmID *signingAlg;
- CERTName *issuer;
- CRMFOptionalValidity *validity;
- CERTName *subject;
- CERTSubjectPublicKeyInfo *publicKey;
- SECItem issuerUID;
- SECItem subjectUID;
- CRMFCertExtension **extensions;
- int numExtensions;
-};
-
-struct CRMFCertIDStr {
- SECItem issuer; /* General Name */
- SECItem serialNumber; /*INTEGER*/
-};
-
-struct CRMFEncryptedValueStr {
- SECAlgorithmID *intendedAlg;
- SECAlgorithmID *symmAlg;
- SECItem encSymmKey; /*BIT STRING */
- SECAlgorithmID *keyAlg;
- SECItem valueHint; /*OCTET STRING */
- SECItem encValue; /*BIT STRING */
-};
-
-/*
- * The field derValue will contain the actual der
- * to include in the encoding or that was read in
- * from a der blob.
- */
-struct CRMFEncryptedKeyStr {
- union {
- SEC_PKCS7ContentInfo *envelopedData;
- CRMFEncryptedValue encryptedValue;
- } value;
- CRMFEncryptedKeyChoice encKeyChoice;
- SECItem derValue;
-};
-
-/* ASN1 must only have one of the following 3 options. */
-struct CRMFPKIArchiveOptionsStr {
- union {
- CRMFEncryptedKey encryptedKey;
- SECItem keyGenParameters;
- SECItem archiveRemGenPrivKey; /* BOOLEAN */
- } option;
- CRMFPKIArchiveOptionsType archOption;
-};
-
-struct CRMFPKIPublicationInfoStr {
- SECItem action; /* Possible values */
- /* dontPublish (0), pleasePublish (1) */
- CRMFSinglePubInfo **pubInfos;
-};
-
-struct CRMFControlStr {
- SECOidTag tag;
- SECItem derTag;
- SECItem derValue;
- /* These will be C structures used to represent the various
- * options. Values that can't be stored as der right away.
- * After creating these structures, we'll place their der
- * encoding in derValue so the encoder knows how to get to
- * it.
- */
- union {
- CRMFCertID oldCertId;
- CRMFPKIArchiveOptions archiveOptions;
- CRMFPKIPublicationInfo pubInfo;
- CRMFProtocolEncrKey protEncrKey;
- } value;
-};
-
-struct CRMFCertRequestStr {
- SECItem certReqId;
- CRMFCertTemplate certTemplate;
- CRMFControl **controls;
- /* The following members are used by the internal implementation, but
- * are not part of the encoding.
- */
- PRArenaPool *poolp;
- long requestID; /* This is the value that will be encoded into
- * the certReqId field.
- */
-};
-
-struct CRMFAttributeStr {
- SECItem derTag;
- SECItem derValue;
-};
-
-struct CRMFCertReqMsgStr {
- CRMFCertRequest *certReq;
- CRMFProofOfPossession *pop;
- CRMFAttribute **regInfo;
- SECItem derPOP;
- /* This arena will be used for allocating memory when decoding.
- */
- PRArenaPool *poolp;
- PRBool isDecoded;
-};
-
-struct CRMFPOPOSigningKeyInputStr {
- /* ASN1 must have only one of the next 2 options */
- union {
- SECItem sender; /*General Name*/
- CRMFPKMACValue *publicKeyMAC;
- }authInfo;
- CERTSubjectPublicKeyInfo publicKey;
-};
-
-struct CRMFPOPOSigningKeyStr {
- SECItem derInput; /*If in the future we support
- *POPOSigningKeyInput, this will
- *a C structure representation
- *instead.
- */
- SECAlgorithmID *algorithmIdentifier;
- SECItem signature; /* This is a BIT STRING. Remember */
-}; /* that when interpreting. */
-
-/* ASN1 must only choose one of these members */
-struct CRMFPOPOPrivKeyStr {
- union {
- SECItem thisMessage; /* BIT STRING */
- SECItem subsequentMessage; /*INTEGER*/
- SECItem dhMAC; /*BIT STRING*/
- } message;
- CRMFPOPOPrivKeyChoice messageChoice;
-};
-
-/* ASN1 must only have one of these options. */
-struct CRMFProofOfPossessionStr {
- union {
- SECItem raVerified;
- CRMFPOPOSigningKey signature;
- CRMFPOPOPrivKey keyEncipherment;
- CRMFPOPOPrivKey keyAgreement;
- } popChoice;
- CRMFPOPChoice popUsed; /*Not part of encoding*/
-};
-
-struct CRMFPKMACValueStr {
- SECAlgorithmID algID;
- SECItem value; /*BIT STRING*/
-};
-
-struct CRMFSinglePubInfoStr {
- SECItem pubMethod; /* Possible Values:
- * dontCare (0)
- * x500 (1)
- * web (2)
- * ldap (3)
- */
- CERTGeneralName *pubLocation; /* General Name */
-};
-
-#endif /* _CRMFIT_H_ */
diff --git a/security/nss/lib/crmf/crmfpop.c b/security/nss/lib/crmf/crmfpop.c
deleted file mode 100644
index 83cc43369..000000000
--- a/security/nss/lib/crmf/crmfpop.c
+++ /dev/null
@@ -1,605 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secasn1.h"
-#include "keyhi.h"
-#include "cryptohi.h"
-
-#define CRMF_DEFAULT_ALLOC_SIZE 1024
-
-SECStatus
-crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
- SECItem *derDest)
-{
- derDest->data = PORT_ZNewArray(unsigned char, CRMF_DEFAULT_ALLOC_SIZE);
- if (derDest->data == NULL) {
- return SECFailure;
- }
- derDest->len = 0;
- encoderArg->allocatedLen = CRMF_DEFAULT_ALLOC_SIZE;
- encoderArg->buffer = derDest;
- return SECSuccess;
-
-}
-
-/* Caller should release or unmark the pool, instead of doing it here.
-** But there are NO callers of this function at present...
-*/
-SECStatus
-CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg)
-{
- SECItem *dummy;
- CRMFProofOfPossession *pop;
- PRArenaPool *poolp;
- void *mark;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
- return SECFailure;
- }
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
- pop->popUsed = crmfRAVerified;
- pop->popChoice.raVerified.data = NULL;
- pop->popChoice.raVerified.len = 0;
- inCertReqMsg->pop = pop;
- dummy = SEC_ASN1EncodeItem(poolp, &(inCertReqMsg->derPOP),
- &(pop->popChoice.raVerified),
- CRMFRAVerifiedTemplate);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECOidTag
-crmf_map_keytag_to_signtag(SECOidTag inTag)
-{
- switch (inTag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- default:
- /* Put this in here to kill warnings. */
- break;
- }
- return inTag;
-}
-
-SECOidTag
-crmf_get_key_sign_tag(SECKEYPublicKey *inPubKey)
-{
- CERTSubjectPublicKeyInfo *spki;
- SECOidTag tag;
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
- if (spki == NULL) {
- return SEC_OID_UNKNOWN;
- }
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- return crmf_map_keytag_to_signtag(tag);
-}
-
-SECAlgorithmID*
-crmf_create_poposignkey_algid(PRArenaPool *poolp,
- SECKEYPublicKey *inPubKey)
-{
- SECAlgorithmID *algID;
- SECOidTag tag;
- SECStatus rv;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
- algID = PORT_ArenaZNew(poolp, SECAlgorithmID);
- if (algID == NULL) {
- goto loser;
- }
- tag = crmf_get_key_sign_tag(inPubKey);
- if (tag == SEC_OID_UNKNOWN) {
- goto loser;
- }
- rv = SECOID_SetAlgorithmID(poolp, algID, tag, NULL);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return algID;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-static CRMFPOPOSigningKeyInput*
-crmf_create_poposigningkeyinput(PRArenaPool *poolp, CERTCertificate *inCert,
- CRMFMACPasswordCallback fn, void *arg)
-{
- /* PSM isn't going to do this, so we'll fail here for now.*/
- return NULL;
-}
-
-void
-crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct crmfEncoderArg *encoderArg = (struct crmfEncoderArg*)arg;
- unsigned char *cursor;
-
- if (encoderArg->buffer->len + len > encoderArg->allocatedLen) {
- int newSize = encoderArg->buffer->len+CRMF_DEFAULT_ALLOC_SIZE;
- void *dummy = PORT_Realloc(encoderArg->buffer->data, newSize);
- if (dummy == NULL) {
- /* I really want to return an error code here */
- PORT_Assert(0);
- return;
- }
- encoderArg->buffer->data = dummy;
- encoderArg->allocatedLen = newSize;
- }
- cursor = &(encoderArg->buffer->data[encoderArg->buffer->len]);
- PORT_Memcpy (cursor, buf, len);
- encoderArg->buffer->len += len;
-}
-
-static SECStatus
-crmf_encode_certreq(CRMFCertRequest *inCertReq, SECItem *derDest)
-{
- struct crmfEncoderArg encoderArg;
- SECStatus rv;
-
- rv = crmf_init_encoder_callback_arg (&encoderArg, derDest);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate,
- crmf_generic_encoder_callback, &encoderArg);
-}
-
-static SECStatus
-crmf_sign_certreq(PRArenaPool *poolp,
- CRMFPOPOSigningKey *crmfSignKey,
- CRMFCertRequest *certReq,
- SECKEYPrivateKey *inKey,
- SECAlgorithmID *inAlgId)
-{
- SECItem derCertReq;
- SECItem certReqSig;
- SECStatus rv = SECSuccess;
-
- rv = crmf_encode_certreq(certReq, &derCertReq);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SEC_SignData(&certReqSig, derCertReq.data, derCertReq.len,
- inKey,SECOID_GetAlgorithmTag(inAlgId));
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* Now make it a part of the POPOSigningKey */
- rv = SECITEM_CopyItem(poolp, &(crmfSignKey->signature), &certReqSig);
- /* Convert this length to number of bits */
- crmfSignKey->signature.len <<= 3;
-
- loser:
- if (derCertReq.data != NULL) {
- PORT_Free(derCertReq.data);
- }
- if (certReqSig.data != NULL) {
- PORT_Free(certReqSig.data);
- }
- return rv;
-}
-
-static SECStatus
-crmf_create_poposignkey(PRArenaPool *poolp,
- CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOSigningKeyInput *signKeyInput,
- SECKEYPrivateKey *inPrivKey,
- SECAlgorithmID *inAlgID,
- CRMFPOPOSigningKey *signKey)
-{
- CRMFCertRequest *certReq;
- void *mark;
- PRBool useSignKeyInput;
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL);
- mark = PORT_ArenaMark(poolp);
- if (signKey == NULL) {
- goto loser;
- }
- certReq = inCertReqMsg->certReq;
- useSignKeyInput = !(CRMF_DoesRequestHaveField(certReq,crmfSubject) &&
- CRMF_DoesRequestHaveField(certReq,crmfPublicKey));
-
- if (useSignKeyInput) {
- goto loser;
- } else {
- rv = crmf_sign_certreq(poolp, signKey, certReq,inPrivKey, inAlgID);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- PORT_ArenaUnmark(poolp,mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp,mark);
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg *inCertReqMsg,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey,
- CERTCertificate *inCertForInput,
- CRMFMACPasswordCallback fn,
- void *arg)
-{
- SECAlgorithmID *algID;
- PRArenaPool *poolp;
- SECItem derDest = {siBuffer, NULL, 0};
- void *mark;
- SECStatus rv;
- CRMFPOPOSigningKeyInput *signKeyInput = NULL;
- CRMFCertRequest *certReq;
- CRMFProofOfPossession *pop;
- struct crmfEncoderArg encoderArg;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL &&
- inCertReqMsg->pop == NULL);
- certReq = inCertReqMsg->certReq;
- if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice ||
- !CRMF_DoesRequestHaveField(certReq, crmfPublicKey)) {
- return SECFailure;
- }
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- algID = crmf_create_poposignkey_algid(poolp, inPubKey);
-
- if(!CRMF_DoesRequestHaveField(certReq,crmfSubject)) {
- signKeyInput = crmf_create_poposigningkeyinput(poolp, inCertForInput,
- fn, arg);
- if (signKeyInput == NULL) {
- goto loser;
- }
- }
-
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
-
- rv = crmf_create_poposignkey(poolp, inCertReqMsg,
- signKeyInput, inPrivKey, algID,
- &(pop->popChoice.signature));
- if (rv != SECSuccess) {
- goto loser;
- }
-
- pop->popUsed = crmfSignature;
- pop->popChoice.signature.algorithmIdentifier = algID;
- inCertReqMsg->pop = pop;
-
- rv = crmf_init_encoder_callback_arg (&encoderArg, &derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SEC_ASN1Encode(&pop->popChoice.signature,
- CRMFPOPOSigningKeyTemplate,
- crmf_generic_encoder_callback, &encoderArg);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &(inCertReqMsg->derPOP), &derDest);
- PORT_Free (derDest.data);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp,mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp,mark);
- if (derDest.data != NULL) {
- PORT_Free(derDest.data);
- }
- return SECFailure;
-}
-
-static const SEC_ASN1Template*
-crmf_get_popoprivkey_subtemplate(CRMFPOPOPrivKey *inPrivKey)
-{
- const SEC_ASN1Template *retTemplate = NULL;
-
- switch (inPrivKey->messageChoice) {
- case crmfThisMessage:
- retTemplate = CRMFThisMessageTemplate;
- break;
- case crmfSubsequentMessage:
- retTemplate = CRMFSubsequentMessageTemplate;
- break;
- case crmfDHMAC:
- retTemplate = CRMFDHMACTemplate;
- break;
- default:
- retTemplate = NULL;
- }
- return retTemplate;
-}
-
-static SECStatus
-crmf_encode_popoprivkey(PRArenaPool *poolp,
- CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey *popoPrivKey,
- const SEC_ASN1Template *privKeyTemplate)
-{
- struct crmfEncoderArg encoderArg;
- SECItem derDest;
- SECStatus rv;
- void *mark;
- const SEC_ASN1Template *subDerTemplate;
-
- mark = PORT_ArenaMark(poolp);
- rv = crmf_init_encoder_callback_arg(&encoderArg, &derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- subDerTemplate = crmf_get_popoprivkey_subtemplate(popoPrivKey);
- /* We've got a union, so a pointer to one item is a pointer to
- * all the items in the union.
- */
- rv = SEC_ASN1Encode(&popoPrivKey->message.thisMessage,
- subDerTemplate,
- crmf_generic_encoder_callback, &encoderArg);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (encoderArg.allocatedLen > derDest.len+2) {
- void *dummy = PORT_Realloc(derDest.data, derDest.len+2);
- if (dummy == NULL) {
- goto loser;
- }
- derDest.data = dummy;
- }
- PORT_Memmove(&derDest.data[2], &derDest.data[0], derDest.len);
- /* I couldn't figure out how to get the ASN1 encoder to implicitly
- * tag an implicitly tagged der blob. So I'm putting in the outter-
- * most tag myself. -javi
- */
- derDest.data[0] = (unsigned char)privKeyTemplate->kind;
- derDest.data[1] = (unsigned char)derDest.len;
- derDest.len += 2;
- rv = SECITEM_CopyItem(poolp, &inCertReqMsg->derPOP, &derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_Free(derDest.data);
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- if (derDest.data) {
- PORT_Free(derDest.data);
- }
- return SECFailure;
-}
-
-static const SEC_ASN1Template*
-crmf_get_template_for_privkey(CRMFPOPChoice inChoice)
-{
- switch (inChoice) {
- case crmfKeyAgreement:
- return CRMFPOPOKeyAgreementTemplate;
- case crmfKeyEncipherment:
- return CRMFPOPOKeyEnciphermentTemplate;
- default:
- break;
- }
- return NULL;
-}
-
-static SECStatus
-crmf_add_privkey_thismessage(CRMFCertReqMsg *inCertReqMsg, SECItem *encPrivKey,
- CRMFPOPChoice inChoice)
-{
- PRArenaPool *poolp;
- void *mark;
- CRMFPOPOPrivKey *popoPrivKey;
- CRMFProofOfPossession *pop;
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && encPrivKey != NULL);
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
- pop->popUsed = inChoice;
- /* popChoice is a union, so getting a pointer to one
- * field gives me a pointer to the other fields as
- * well. This in essence points to both
- * pop->popChoice.keyEncipherment and
- * pop->popChoice.keyAgreement
- */
- popoPrivKey = &pop->popChoice.keyEncipherment;
-
- rv = SECITEM_CopyItem(poolp, &(popoPrivKey->message.thisMessage),
- encPrivKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- popoPrivKey->message.thisMessage.len <<= 3;
- popoPrivKey->messageChoice = crmfThisMessage;
- inCertReqMsg->pop = pop;
- rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
- crmf_get_template_for_privkey(inChoice));
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-static SECStatus
-crmf_add_privkey_subseqmessage(CRMFCertReqMsg *inCertReqMsg,
- CRMFSubseqMessOptions subsequentMessage,
- CRMFPOPChoice inChoice)
-{
- void *mark;
- PRArenaPool *poolp;
- CRMFProofOfPossession *pop;
- CRMFPOPOPrivKey *popoPrivKey;
- SECStatus rv;
- const SEC_ASN1Template *privKeyTemplate;
-
- if (subsequentMessage == crmfNoSubseqMess) {
- return SECFailure;
- }
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
-
- pop->popUsed = inChoice;
- /*
- * We have a union, so a pointer to one member of the union
- * is also a member to another member of that same union.
- */
- popoPrivKey = &pop->popChoice.keyEncipherment;
-
- switch (subsequentMessage) {
- case crmfEncrCert:
- rv = crmf_encode_integer(poolp,
- &(popoPrivKey->message.subsequentMessage),
- 0);
- break;
- case crmfChallengeResp:
- rv = crmf_encode_integer(poolp,
- &(popoPrivKey->message.subsequentMessage),
- 1);
- break;
- default:
- goto loser;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- popoPrivKey->messageChoice = crmfSubsequentMessage;
- privKeyTemplate = crmf_get_template_for_privkey(inChoice);
- inCertReqMsg->pop = pop;
- rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
- privKeyTemplate);
-
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey)
-{
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
- if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
- return SECFailure;
- }
- switch (inKeyChoice) {
- case crmfThisMessage:
- rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
- crmfKeyEncipherment);
- break;
- case crmfSubsequentMessage:
- rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess,
- crmfKeyEncipherment);
- break;
- case crmfDHMAC:
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-CRMF_CertReqMsgSetKeyAgreementPOP (CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey)
-{
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
- switch (inKeyChoice) {
- case crmfThisMessage:
- rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
- crmfKeyAgreement);
- break;
- case crmfSubsequentMessage:
- rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess,
- crmfKeyAgreement);
- break;
- case crmfDHMAC:
- /* This case should be added in the future. */
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
diff --git a/security/nss/lib/crmf/crmfreq.c b/security/nss/lib/crmf/crmfreq.c
deleted file mode 100644
index 7367f7d26..000000000
--- a/security/nss/lib/crmf/crmfreq.c
+++ /dev/null
@@ -1,697 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "keyhi.h"
-#include "secder.h"
-
-/*
- * Macro that returns PR_TRUE if the pointer is not NULL.
- * If the pointer is NULL, then the macro will return PR_FALSE.
- */
-#define IS_NOT_NULL(ptr) ((ptr) == NULL) ? PR_FALSE : PR_TRUE
-
-const unsigned char hexTrue = 0xff;
-const unsigned char hexFalse = 0x00;
-
-
-SECStatus
-crmf_encode_integer(PRArenaPool *poolp, SECItem *dest, long value)
-{
- SECItem *dummy;
-
- dummy = SEC_ASN1EncodeInteger(poolp, dest, value);
- PORT_Assert (dummy == dest);
- if (dummy == NULL) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
- return SECITEM_CopyItem (poolp, dest, src);
-}
-
-PRBool
-CRMF_DoesRequestHaveField (CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inField)
-{
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return PR_FALSE;
- }
- switch (inField) {
- case crmfVersion:
- return inCertReq->certTemplate.version.data != NULL;
- case crmfSerialNumber:
- return inCertReq->certTemplate.serialNumber.data != NULL;
- case crmfSigningAlg:
- return inCertReq->certTemplate.signingAlg != NULL;
- case crmfIssuer:
- return inCertReq->certTemplate.issuer != NULL;
- case crmfValidity:
- return inCertReq->certTemplate.validity != NULL;
- case crmfSubject:
- return inCertReq->certTemplate.subject != NULL;
- case crmfPublicKey:
- return inCertReq->certTemplate.publicKey != NULL;
- case crmfIssuerUID:
- return inCertReq->certTemplate.issuerUID.data != NULL;
- case crmfSubjectUID:
- return inCertReq->certTemplate.subjectUID.data != NULL;
- case crmfExtension:
- return CRMF_CertRequestGetNumberOfExtensions(inCertReq) != 0;
- }
- return PR_FALSE;
-}
-
-CRMFCertRequest *
-CRMF_CreateCertRequest (long inRequestID) {
- PRArenaPool *poolp;
- CRMFCertRequest *certReq;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
-
- certReq=PORT_ArenaZNew(poolp,CRMFCertRequest);
- if (certReq == NULL) {
- goto loser;
- }
-
- certReq->poolp = poolp;
- certReq->requestID = inRequestID;
-
- rv = crmf_encode_integer(poolp, &(certReq->certReqId), inRequestID);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- return certReq;
- loser:
- if (poolp) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyCertRequest(CRMFCertRequest *inCertReq)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq != NULL) {
- if (inCertReq->certTemplate.extensions) {
- PORT_Free(inCertReq->certTemplate.extensions);
- }
- if (inCertReq->controls) {
- /* Right now we don't support EnveloppedData option,
- * so we won't go through and delete each occurrence of
- * an EnveloppedData in the control.
- */
- PORT_Free(inCertReq->controls);
- }
- if (inCertReq->poolp) {
- PORT_FreeArena(inCertReq->poolp, PR_TRUE);
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_template_add_version(PRArenaPool *poolp, SECItem *dest, long version)
-{
- return (crmf_encode_integer(poolp, dest, version));
-}
-
-static SECStatus
-crmf_template_add_serialnumber(PRArenaPool *poolp, SECItem *dest, long serial)
-{
- return (crmf_encode_integer(poolp, dest, serial));
-}
-
-SECStatus
-crmf_template_copy_secalg (PRArenaPool *poolp, SECAlgorithmID **dest,
- SECAlgorithmID* src)
-{
- SECStatus rv;
- void *mark = NULL;
- SECAlgorithmID *mySecAlg;
-
- if (poolp != NULL) {
- mark = PORT_ArenaMark(poolp);
- }
- *dest = mySecAlg = PORT_ArenaZNew(poolp, SECAlgorithmID);
- if (mySecAlg == NULL) {
- goto loser;
- }
- rv = SECOID_CopyAlgorithmID(poolp, mySecAlg, src);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (mark) {
- PORT_ArenaUnmark(poolp, mark);
- }
- return SECSuccess;
-
- loser:
- *dest = NULL;
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- return SECFailure;
-}
-
-SECStatus
-crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest,
- CERTName *src)
-{
- CERTName *newName;
- SECStatus rv;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
- *dest = newName = PORT_ArenaZNew(poolp, CERTName);
- if (newName == NULL) {
- goto loser;
- }
-
- rv = CERT_CopyName(poolp, newName, src);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- *dest = NULL;
- return SECFailure;
-}
-
-static SECStatus
-crmf_template_add_issuer (PRArenaPool *poolp, CERTName **dest,
- CERTName* issuerName)
-{
- return crmf_copy_cert_name(poolp, dest, issuerName);
-}
-
-
-static SECStatus
-crmf_encode_utctime(PRArenaPool *poolp, SECItem *destTime, PRTime time)
-{
- SECItem tmpItem;
- SECStatus rv;
-
-
- rv = DER_TimeToUTCTime (&tmpItem, time);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = SECITEM_CopyItem(poolp, destTime, &tmpItem);
- PORT_Free(tmpItem.data);
- return rv;
-}
-
-static SECStatus
-crmf_template_add_validity (PRArenaPool *poolp, CRMFOptionalValidity **dest,
- CRMFValidityCreationInfo *info)
-{
- SECStatus rv;
- void *mark;
- CRMFOptionalValidity *myValidity;
-
- /*First off, let's make sure at least one of the two fields is present*/
- if (!info || (!info->notBefore && !info->notAfter)) {
- return SECFailure;
- }
- mark = PORT_ArenaMark (poolp);
- *dest = myValidity = PORT_ArenaZNew(poolp, CRMFOptionalValidity);
- if (myValidity == NULL) {
- goto loser;
- }
-
- if (info->notBefore) {
- rv = crmf_encode_utctime (poolp, &myValidity->notBefore,
- *info->notBefore);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (info->notAfter) {
- rv = crmf_encode_utctime (poolp, &myValidity->notAfter,
- *info->notAfter);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- *dest = NULL;
- return SECFailure;
-}
-
-static SECStatus
-crmf_template_add_subject (PRArenaPool *poolp, CERTName **dest,
- CERTName *subject)
-{
- return crmf_copy_cert_name(poolp, dest, subject);
-}
-
-SECStatus
-crmf_template_add_public_key(PRArenaPool *poolp,
- CERTSubjectPublicKeyInfo **dest,
- CERTSubjectPublicKeyInfo *pubKey)
-{
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
-
- *dest = spki = (poolp == NULL) ?
- PORT_ZNew(CERTSubjectPublicKeyInfo) :
- PORT_ArenaZNew (poolp, CERTSubjectPublicKeyInfo);
- if (spki == NULL) {
- goto loser;
- }
- rv = SECKEY_CopySubjectPublicKeyInfo (poolp, spki, pubKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- return SECSuccess;
- loser:
- if (poolp == NULL && spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- *dest = NULL;
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_bitstring (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
- SECStatus rv;
- int origLenBits, numBytesToCopy;
-
- origLenBits = src->len;
- numBytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
- rv = crmf_copy_secitem(poolp, dest, src);
- src->len = origLenBits;
- dest->len = origLenBits;
- return rv;
-}
-
-static SECStatus
-crmf_template_add_issuer_uid(PRArenaPool *poolp, SECItem *dest,
- SECItem *issuerUID)
-{
- return crmf_copy_bitstring (poolp, dest, issuerUID);
-}
-
-static SECStatus
-crmf_template_add_subject_uid(PRArenaPool *poolp, SECItem *dest,
- SECItem *subjectUID)
-{
- return crmf_copy_bitstring (poolp, dest, subjectUID);
-}
-
-static void
-crmf_zeroize_new_extensions (CRMFCertExtension **extensions,
- int numToZeroize)
-{
- PORT_Memset((void*)extensions, 0, sizeof(CERTCertExtension*)*numToZeroize);
-}
-
-/*
- * The strategy for adding templates will differ from all the other
- * attributes in the template. First, we want to allow the client
- * of this API to set extensions more than just once. So we will
- * need the ability grow the array of extensions. Since arenas don't
- * give us the realloc function, we'll use the generic PORT_* functions
- * to allocate the array of pointers *ONLY*. Then we will allocate each
- * individual extension from the arena that comes along with the certReq
- * structure that owns this template.
- */
-static SECStatus
-crmf_template_add_extensions(PRArenaPool *poolp, CRMFCertTemplate *inTemplate,
- CRMFCertExtCreationInfo *extensions)
-{
- void *mark;
- int newSize, oldSize, i;
- SECStatus rv;
- CRMFCertExtension **extArray;
- CRMFCertExtension *newExt, *currExt;
-
- mark = PORT_ArenaMark(poolp);
- if (inTemplate->extensions == NULL) {
- newSize = extensions->numExtensions;
- extArray = PORT_ZNewArray(CRMFCertExtension*,newSize+1);
- } else {
- newSize = inTemplate->numExtensions + extensions->numExtensions;
- extArray = PORT_Realloc(inTemplate->extensions,
- sizeof(CRMFCertExtension*)*(newSize+1));
- }
- if (extArray == NULL) {
- goto loser;
- }
- oldSize = inTemplate->numExtensions;
- inTemplate->extensions = extArray;
- inTemplate->numExtensions = newSize;
- for (i=oldSize; i < newSize; i++) {
- newExt = PORT_ArenaZNew(poolp, CRMFCertExtension);
- if (newExt == NULL) {
- goto loser2;
- }
- currExt = extensions->extensions[i-oldSize];
- rv = crmf_copy_secitem(poolp, &(newExt->id), &(currExt->id));
- if (rv != SECSuccess) {
- goto loser2;
- }
- rv = crmf_copy_secitem(poolp, &(newExt->critical),
- &(currExt->critical));
- if (rv != SECSuccess) {
- goto loser2;
- }
- rv = crmf_copy_secitem(poolp, &(newExt->value), &(currExt->value));
- if (rv != SECSuccess) {
- goto loser2;
- }
- extArray[i] = newExt;
- }
- extArray[newSize] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser2:
- crmf_zeroize_new_extensions (&(inTemplate->extensions[oldSize]),
- extensions->numExtensions);
- inTemplate->numExtensions = oldSize;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField,
- void *data)
-{
- CRMFCertTemplate *certTemplate;
- PRArenaPool *poolp;
- SECStatus rv = SECFailure;
- void *mark;
-
-
- if (inCertReq == NULL) {
- return SECFailure;
- }
-
- certTemplate = &(inCertReq->certTemplate);
-
- poolp = inCertReq->poolp;
- mark = PORT_ArenaMark(poolp);
- switch (inTemplateField) {
- case crmfVersion:
- rv = crmf_template_add_version(poolp,&(certTemplate->version),
- *(long*)data);
- break;
- case crmfSerialNumber:
- rv = crmf_template_add_serialnumber(poolp,
- &(certTemplate->serialNumber),
- *(long*)data);
- break;
- case crmfSigningAlg:
- rv = crmf_template_copy_secalg (poolp, &(certTemplate->signingAlg),
- (SECAlgorithmID*)data);
- break;
- case crmfIssuer:
- rv = crmf_template_add_issuer (poolp, &(certTemplate->issuer),
- (CERTName*)data);
- break;
- case crmfValidity:
- rv = crmf_template_add_validity (poolp, &(certTemplate->validity),
- (CRMFValidityCreationInfo*)data);
- break;
- case crmfSubject:
- rv = crmf_template_add_subject (poolp, &(certTemplate->subject),
- (CERTName*)data);
- break;
- case crmfPublicKey:
- rv = crmf_template_add_public_key(poolp, &(certTemplate->publicKey),
- (CERTSubjectPublicKeyInfo*)data);
- break;
- case crmfIssuerUID:
- rv = crmf_template_add_issuer_uid(poolp, &(certTemplate->issuerUID),
- (SECItem*)data);
- break;
- case crmfSubjectUID:
- rv = crmf_template_add_subject_uid(poolp, &(certTemplate->subjectUID),
- (SECItem*)data);
- break;
- case crmfExtension:
- rv = crmf_template_add_extensions(poolp, certTemplate,
- (CRMFCertExtCreationInfo*)data);
- break;
- }
- if (rv != SECSuccess) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
- return rv;
-}
-
-SECStatus
-CRMF_CertReqMsgSetCertRequest (CRMFCertReqMsg *inCertReqMsg,
- CRMFCertRequest *inCertReq)
-{
- PORT_Assert (inCertReqMsg != NULL && inCertReq != NULL);
- if (inCertReqMsg == NULL || inCertReq == NULL) {
- return SECFailure;
- }
- inCertReqMsg->certReq = crmf_copy_cert_request(inCertReqMsg->poolp,
- inCertReq);
- return (inCertReqMsg->certReq == NULL) ? SECFailure : SECSuccess;
-}
-
-CRMFCertReqMsg*
-CRMF_CreateCertReqMsg(void)
-{
- PRArenaPool *poolp;
- CRMFCertReqMsg *reqMsg;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- reqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
- if (reqMsg == NULL) {
- goto loser;
- }
- reqMsg->poolp = poolp;
- return reqMsg;
-
- loser:
- if (poolp) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg)
-{
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->poolp != NULL);
- if (!inCertReqMsg->isDecoded) {
- if (inCertReqMsg->certReq->certTemplate.extensions != NULL) {
- PORT_Free(inCertReqMsg->certReq->certTemplate.extensions);
- }
- if (inCertReqMsg->certReq->controls != NULL) {
- PORT_Free(inCertReqMsg->certReq->controls);
- }
- }
- PORT_FreeArena(inCertReqMsg->poolp, PR_TRUE);
- return SECSuccess;
-}
-
-CRMFCertExtension*
-crmf_create_cert_extension(PRArenaPool *poolp,
- SECOidTag id,
- PRBool isCritical,
- SECItem *data)
-{
- CRMFCertExtension *newExt;
- SECOidData *oidData;
- SECStatus rv;
-
- newExt = (poolp == NULL) ? PORT_ZNew(CRMFCertExtension) :
- PORT_ArenaZNew(poolp, CRMFCertExtension);
- if (newExt == NULL) {
- goto loser;
- }
- oidData = SECOID_FindOIDByTag(id);
- if (oidData == NULL ||
- oidData->supportedExtension != SUPPORTED_CERT_EXTENSION) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(poolp, &(newExt->id), &(oidData->oid));
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(poolp, &(newExt->value), data);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (isCritical) {
- newExt->critical.data = (poolp == NULL) ?
- PORT_New(unsigned char) :
- PORT_ArenaNew(poolp, unsigned char);
- if (newExt->critical.data == NULL) {
- goto loser;
- }
- newExt->critical.data[0] = hexTrue;
- newExt->critical.len = 1;
- }
- return newExt;
- loser:
- if (newExt != NULL && poolp == NULL) {
- CRMF_DestroyCertExtension(newExt);
- }
- return NULL;
-}
-
-CRMFCertExtension *
-CRMF_CreateCertExtension(SECOidTag id,
- PRBool isCritical,
- SECItem *data)
-{
- return crmf_create_cert_extension(NULL, id, isCritical, data);
-}
-
-SECStatus
-crmf_destroy_cert_extension(CRMFCertExtension *inExtension, PRBool freeit)
-{
- if (inExtension != NULL) {
- SECITEM_FreeItem (&(inExtension->id), PR_FALSE);
- SECITEM_FreeItem (&(inExtension->value), PR_FALSE);
- SECITEM_FreeItem (&(inExtension->critical), PR_FALSE);
- if (freeit) {
- PORT_Free(inExtension);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyCertExtension(CRMFCertExtension *inExtension)
-{
- return crmf_destroy_cert_extension(inExtension, PR_TRUE);
-}
-
-SECStatus
-CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs)
-{
- PORT_Assert (inCertReqMsgs != NULL);
- if (inCertReqMsgs != NULL) {
- PORT_FreeArena(inCertReqMsgs->poolp, PR_TRUE);
- }
- return SECSuccess;
-}
-
-static PRBool
-crmf_item_has_data(SECItem *item)
-{
- if (item != NULL && item->data != NULL) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-PRBool
-CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField)
-{
- PRBool retVal;
- CRMFCertTemplate *certTemplate;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- /* This is probably some kind of error, but this is
- * the safest return value for this function.
- */
- return PR_FALSE;
- }
- certTemplate = &inCertReq->certTemplate;
- switch (inTemplateField) {
- case crmfVersion:
- retVal = crmf_item_has_data(&certTemplate->version);
- break;
- case crmfSerialNumber:
- retVal = crmf_item_has_data(&certTemplate->serialNumber);
- break;
- case crmfSigningAlg:
- retVal = IS_NOT_NULL(certTemplate->signingAlg);
- break;
- case crmfIssuer:
- retVal = IS_NOT_NULL(certTemplate->issuer);
- break;
- case crmfValidity:
- retVal = IS_NOT_NULL(certTemplate->validity);
- break;
- case crmfSubject:
- retVal = IS_NOT_NULL(certTemplate->subject);
- break;
- case crmfPublicKey:
- retVal = IS_NOT_NULL(certTemplate->publicKey);
- break;
- case crmfIssuerUID:
- retVal = crmf_item_has_data(&certTemplate->issuerUID);
- break;
- case crmfSubjectUID:
- retVal = crmf_item_has_data(&certTemplate->subjectUID);
- break;
- case crmfExtension:
- retVal = IS_NOT_NULL(certTemplate->extensions);
- break;
- default:
- retVal = PR_FALSE;
- }
- return retVal;
-}
diff --git a/security/nss/lib/crmf/crmft.h b/security/nss/lib/crmf/crmft.h
deleted file mode 100644
index 3bc4d3826..000000000
--- a/security/nss/lib/crmf/crmft.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/* Header file with all of the structures and types that will be exported
- * by the security library for implementation of CRMF.
- */
-
-#ifndef _CRMFT_H_
-#define _CRMFT_H_
-
-/* Use these enumerated values for adding fields to the certificate request */
-typedef enum {
- crmfVersion = 0,
- crmfSerialNumber = 1,
- crmfSigningAlg = 2,
- crmfIssuer = 3,
- crmfValidity = 4,
- crmfSubject = 5,
- crmfPublicKey = 6,
- crmfIssuerUID = 7,
- crmfSubjectUID = 8,
- crmfExtension = 9
-} CRMFCertTemplateField;
-
-/*
- * An enumeration for the different types of controls.
- */
-typedef enum {
- crmfNoControl = 0,
- crmfRegTokenControl = 1,
- crmfAuthenticatorControl = 2,
- crmfPKIPublicationInfoControl = 3,
- crmfPKIArchiveOptionsControl = 4,
- crmfOldCertIDControl = 5,
- crmfProtocolEncrKeyControl = 6
-} CRMFControlType;
-
-/*
- * The possible values that are passed into CRMF_CreatePKIPublicationInfo
- */
-typedef enum {
- crmfDontPublish = 0,
- crmfPleasePublish = 1
-} CRMFPublicationAction;
-
-/*
- * An enumeration for the possible for pubMethod which is a part of
- * the SinglePubInfo ASN1 type.
- */
-typedef enum {
- crmfDontCare = 0,
- crmfX500 = 1,
- crmfWeb = 2,
- crmfLdap = 3
-} CRMFPublicationMethod;
-
-/*
- * An enumeration for the different options for PKIArchiveOptions type.
- */
-typedef enum {
- crmfNoArchiveOptions = 0,
- crmfEncryptedPrivateKey = 1,
- crmfKeyGenParameters = 2,
- crmfArchiveRemGenPrivKey = 3
-} CRMFPKIArchiveOptionsType;
-
-/*
- * An enumeration for the different options for ProofOfPossession
- */
-typedef enum {
- crmfNoPOPChoice = 0,
- crmfRAVerified = 1,
- crmfSignature = 2,
- crmfKeyEncipherment = 3,
- crmfKeyAgreement = 4
-} CRMFPOPChoice;
-
-/*
- * An enumertion type for options for the authInfo field of the
- * CRMFPOPOSigningKeyInput structure.
- */
-typedef enum {
- crmfSender = 0,
- crmfPublicKeyMAC = 1
-} CRMFPOPOSkiInputAuthChoice;
-
-/*
- * An enumeration for the SubsequentMessage Options.
- */
-typedef enum {
- crmfNoSubseqMess = 0,
- crmfEncrCert = 1,
- crmfChallengeResp = 2
-} CRMFSubseqMessOptions;
-
-/*
- * An enumeration for the choice used by POPOPrivKey.
- */
-typedef enum {
- crmfNoMessage = 0,
- crmfThisMessage = 1,
- crmfSubsequentMessage = 2,
- crmfDHMAC = 3
-} CRMFPOPOPrivKeyChoice;
-
-/*
- * An enumeration for the choices for the EncryptedKey type.
- */
-typedef enum {
- crmfNoEncryptedKeyChoice = 0,
- crmfEncryptedValueChoice = 1,
- crmfEnvelopedDataChoice = 2
-} CRMFEncryptedKeyChoice;
-
-/*
- * TYPE: CRMFEncoderOutputCallback
- * This function type defines a prototype for a function that the CRMF
- * library expects when encoding is performed.
- *
- * ARGUMENTS:
- * arg
- * This will be a pointer the user passed into an encoding function.
- * The user of the library is free to use this pointer in any way.
- * The most common use is to keep around a buffer for writing out
- * the DER encoded bytes.
- * buf
- * The DER encoded bytes that should be written out.
- * len
- * The number of DER encoded bytes to write out.
- *
- */
-typedef void (*CRMFEncoderOutputCallback) (void *arg,
- const char *buf,
- unsigned long len);
-
-/*
- * Type for the function that gets a password. Just in case we ever
- * need to support publicKeyMAC for POPOSigningKeyInput
- */
-typedef SECItem* (*CRMFMACPasswordCallback) (void *arg);
-
-typedef struct CRMFOptionalValidityStr CRMFOptionalValidity;
-typedef struct CRMFValidityCreationInfoStr CRMFGetValidity;
-typedef struct CRMFCertTemplateStr CRMFCertTemplate;
-typedef struct CRMFCertRequestStr CRMFCertRequest;
-typedef struct CRMFCertReqMsgStr CRMFCertReqMsg;
-typedef struct CRMFCertReqMessagesStr CRMFCertReqMessages;
-typedef struct CRMFProofOfPossessionStr CRMFProofOfPossession;
-typedef struct CRMFPOPOSigningKeyStr CRMFPOPOSigningKey;
-typedef struct CRMFPOPOSigningKeyInputStr CRMFPOPOSigningKeyInput;
-typedef struct CRMFPOPOPrivKeyStr CRMFPOPOPrivKey;
-typedef struct CRMFPKIPublicationInfoStr CRMFPKIPublicationInfo;
-typedef struct CRMFSinglePubInfoStr CRMFSinglePubInfo;
-typedef struct CRMFPKIArchiveOptionsStr CRMFPKIArchiveOptions;
-typedef struct CRMFEncryptedKeyStr CRMFEncryptedKey;
-typedef struct CRMFEncryptedValueStr CRMFEncryptedValue;
-typedef struct CRMFCertIDStr CRMFCertID;
-typedef struct CRMFCertIDStr CRMFOldCertID;
-typedef CERTSubjectPublicKeyInfo CRMFProtocolEncrKey;
-typedef struct CRMFValidityCreationInfoStr CRMFValidityCreationInfo;
-typedef struct CRMFCertExtCreationInfoStr CRMFCertExtCreationInfo;
-typedef struct CRMFPKMACValueStr CRMFPKMACValue;
-typedef struct CRMFAttributeStr CRMFAttribute;
-typedef struct CRMFControlStr CRMFControl;
-typedef CERTGeneralName CRMFGeneralName;
-typedef struct CRMFCertExtensionStr CRMFCertExtension;
-
-struct CRMFValidityCreationInfoStr {
- PRTime *notBefore;
- PRTime *notAfter;
-};
-
-struct CRMFCertExtCreationInfoStr {
- CRMFCertExtension **extensions;
- int numExtensions;
-};
-
-/*
- * Some ASN1 Templates that may be needed.
- */
-extern const SEC_ASN1Template CRMFCertReqMessagesTemplate[];
-extern const SEC_ASN1Template CRMFCertRequestTemplate[];
-
-
-#endif /*_CRMFT_H_*/
diff --git a/security/nss/lib/crmf/crmftmpl.c b/security/nss/lib/crmf/crmftmpl.c
deleted file mode 100644
index a65a074a1..000000000
--- a/security/nss/lib/crmf/crmftmpl.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secoid.h"
-#include "secasn1.h"
-
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(SEC_NullTemplate)
-SEC_ASN1_MKSUB(SEC_BitStringTemplate)
-SEC_ASN1_MKSUB(SEC_IntegerTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_UTCTimeTemplate)
-SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate)
-SEC_ASN1_MKSUB(CERT_NameTemplate)
-
-/*
- * It's all implicit tagging.
- */
-
-const SEC_ASN1Template CRMFControlTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl)},
- { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag)},
- { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) },
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFCertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CRMFCertExtension) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CRMFCertExtension,id) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
- offsetof(CRMFCertExtension,critical) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CRMFCertExtension,value) },
- { 0, }
-};
-
-static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate }
-};
-
-static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFOptionalValidity) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0,
- offsetof (CRMFOptionalValidity, notBefore),
- SEC_ASN1_SUB(SEC_UTCTimeTemplate) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1,
- offsetof (CRMFOptionalValidity, notAfter),
- SEC_ASN1_SUB(SEC_UTCTimeTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template crmfPointerToNameTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate)},
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFCertTemplateTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(CRMFCertTemplate, version),
- SEC_ASN1_SUB(SEC_IntegerTemplate) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1 ,
- offsetof (CRMFCertTemplate, serialNumber),
- SEC_ASN1_SUB(SEC_IntegerTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 2,
- offsetof (CRMFCertTemplate, signingAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3,
- offsetof (CRMFCertTemplate, issuer), crmfPointerToNameTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4,
- offsetof (CRMFCertTemplate, validity),
- CRMFOptionalValidityTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5,
- offsetof (CRMFCertTemplate, subject), crmfPointerToNameTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 6,
- offsetof (CRMFCertTemplate, publicKey),
- SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
- SEC_ASN1_XTRN | 7,
- offsetof (CRMFCertTemplate, issuerUID),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
- SEC_ASN1_XTRN | 8,
- offsetof (CRMFCertTemplate, subjectUID),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONTEXT_SPECIFIC | 9,
- offsetof (CRMFCertTemplate, extensions),
- CRMFSequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFAttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute)},
- { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag)},
- { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFCertRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFCertRequest) },
- { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId)},
- { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate),
- CRMFCertTemplateTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CRMFCertRequest,controls),
- CRMFControlTemplate}, /* SEQUENCE SIZE (1...MAX)*/
- { 0 }
-};
-
-const SEC_ASN1Template CRMFCertReqMsgTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) },
- { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq),
- CRMFCertRequestTemplate },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(CRMFCertReqMsg, derPOP) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CRMFCertReqMsg, regInfo),
- CRMFAttributeTemplate}, /* SEQUENCE SIZE (1...MAX)*/
- { 0 }
-};
-
-const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages),
- CRMFCertReqMsgTemplate, sizeof (CRMFCertReqMessages)}
-};
-
-static const SEC_ASN1Template CRMFPOPOSigningKeyInputTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL,sizeof(CRMFPOPOSigningKeyInput) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CRMFPOPOSigningKeyInput, authInfo.sender) },
- { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL | 1,
- offsetof (CRMFPOPOSigningKeyInput, authInfo.publicKeyMAC) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(CRMFPOPOSigningKeyInput, publicKey),
- SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFRAVerifiedTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN,
- 0,
- SEC_ASN1_SUB(SEC_NullTemplate) },
- { 0 }
-};
-
-
-/* This template will need to add POPOSigningKeyInput eventually, maybe*/
-static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(CRMFPOPOSigningKey, derInput),
- SEC_ASN1_SUB(SEC_AnyTemplate) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(CRMFPOPOSigningKey, algorithmIdentifier),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN,
- offsetof(CRMFPOPOSigningKey, signature),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1,
- 0,
- crmfPOPOSigningKeyTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CRMFThisMessageTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- 0,
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
- 0,
- SEC_ASN1_SUB(SEC_IntegerTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFDHMACTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- 0,
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
- 0,
- SEC_ASN1_SUB(SEC_AnyTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3,
- 0,
- SEC_ASN1_SUB(SEC_AnyTemplate)},
- { 0 }
-};
-
-const SEC_ASN1Template CRMFEncryptedValueTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 0,
- offsetof(CRMFEncryptedValue, intendedAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 1,
- offsetof (CRMFEncryptedValue, symmAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
- SEC_ASN1_XTRN | 2,
- offsetof(CRMFEncryptedValue, encSymmKey),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 3,
- offsetof(CRMFEncryptedValue, keyAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 4,
- offsetof(CRMFEncryptedValue, valueHint),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate [] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0,
- CRMFEncryptedValueTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFSinglePubInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFSinglePubInfo)},
- { SEC_ASN1_INTEGER, offsetof(CRMFSinglePubInfo, pubMethod) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC,
- offsetof(CRMFSinglePubInfo, pubLocation) },
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFPublicationInfoTemplate[] ={
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPKIPublicationInfo) },
- { SEC_ASN1_INTEGER, offsetof(CRMFPKIPublicationInfo, action) },
- { SEC_ASN1_POINTER, offsetof(CRMFPKIPublicationInfo, pubInfos),
- CRMFSinglePubInfoTemplate},
- { 0 }
-};
diff --git a/security/nss/lib/crmf/encutil.c b/security/nss/lib/crmf/encutil.c
deleted file mode 100644
index 7862e1482..000000000
--- a/security/nss/lib/crmf/encutil.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secasn1.h"
-#include "crmf.h"
-#include "crmfi.h"
-
-void
-crmf_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct crmfEncoderOutput *output;
-
- output = (struct crmfEncoderOutput*) arg;
- output->fn (output->outputArg, buf, len);
-}
-
-SECStatus
-cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
- const SEC_ASN1Template *inTemplate)
-{
- struct crmfEncoderOutput output;
-
- PORT_Assert(src != NULL);
- if (src == NULL) {
- return SECFailure;
- }
- output.fn = inCallback;
- output.outputArg = inArg;
- return SEC_ASN1Encode(src, inTemplate, crmf_encoder_out, &output);
-}
-
diff --git a/security/nss/lib/crmf/manifest.mn b/security/nss/lib/crmf/manifest.mn
deleted file mode 100644
index 9a1958bce..000000000
--- a/security/nss/lib/crmf/manifest.mn
+++ /dev/null
@@ -1,71 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS = \
- crmf.h \
- crmft.h \
- cmmf.h \
- cmmft.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- crmfi.h \
- crmfit.h \
- cmmfi.h \
- cmmfit.h \
- $(NULL)
-
-CSRCS = crmfenc.c \
- crmftmpl.c \
- crmfreq.c \
- crmfpop.c \
- crmfdec.c \
- crmfget.c \
- crmfcont.c \
- cmmfasn1.c \
- cmmfresp.c \
- cmmfrec.c \
- cmmfchal.c \
- servget.c \
- encutil.c \
- respcli.c \
- respcmn.c \
- challcli.c \
- asn1cmn.c \
- $(NULL)
-
-LIBRARY_NAME = crmf
diff --git a/security/nss/lib/crmf/respcli.c b/security/nss/lib/crmf/respcli.c
deleted file mode 100644
index 9dac74a5e..000000000
--- a/security/nss/lib/crmf/respcli.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/*
- * This file will contain all routines needed by a client that has
- * to parse a CMMFCertRepContent structure and retirieve the appropriate
- * data.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-
-CMMFCertRepContent*
-CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db, const char *buf,
- long len)
-{
- PRArenaPool *poolp;
- CMMFCertRepContent *certRepContent;
- SECStatus rv;
- int i;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- certRepContent = PORT_ArenaZNew(poolp, CMMFCertRepContent);
- if (certRepContent == NULL) {
- goto loser;
- }
- certRepContent->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, certRepContent, CMMFCertRepContentTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (certRepContent->response != NULL) {
- for (i=0; certRepContent->response[i] != NULL; i++) {
- rv = cmmf_decode_process_cert_response(poolp, db,
- certRepContent->response[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- }
- certRepContent->isDecoded = PR_TRUE;
- return certRepContent;
- loser:
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
-}
-
-long
-CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp == NULL) {
- return -1;
- }
- return DER_GetInteger(&inCertResp->certReqId);
-}
-
-PRBool
-cmmf_CertRepContentIsIndexValid(CMMFCertRepContent *inCertRepContent,
- int inIndex)
-{
- int numResponses;
-
- PORT_Assert(inCertRepContent != NULL);
- numResponses = CMMF_CertRepContentGetNumResponses(inCertRepContent);
- return (PRBool)(inIndex >= 0 && inIndex < numResponses);
-}
-
-CMMFCertResponse*
-CMMF_CertRepContentGetResponseAtIndex(CMMFCertRepContent *inCertRepContent,
- int inIndex)
-{
- CMMFCertResponse *certResponse;
- SECStatus rv;
-
- PORT_Assert(inCertRepContent != NULL &&
- cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex));
- if (inCertRepContent == NULL ||
- !cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex)) {
- return NULL;
- }
- certResponse = PORT_ZNew(CMMFCertResponse);
- rv = cmmf_CopyCertResponse(NULL, certResponse,
- inCertRepContent->response[inIndex]);
- if (rv != SECSuccess) {
- CMMF_DestroyCertResponse(certResponse);
- certResponse = NULL;
- }
- return certResponse;
-}
-
-CMMFPKIStatus
-CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp == NULL) {
- return cmmfNoPKIStatus;
- }
- return cmmf_PKIStatusInfoGetStatus(&inCertResp->status);
-}
-
-CERTCertificate*
-CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
- CERTCertDBHandle *inCertdb)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp == NULL || inCertResp->certifiedKeyPair == NULL) {
- return NULL;
- }
-
- return cmmf_CertOrEncCertGetCertificate
- (&inCertResp->certifiedKeyPair->certOrEncCert,
- inCertdb);
-
-}
-
-CERTCertList*
-CMMF_CertRepContentGetCAPubs (CMMFCertRepContent *inCertRepContent)
-{
- PORT_Assert (inCertRepContent != NULL);
- if (inCertRepContent == NULL || inCertRepContent->caPubs == NULL) {
- return NULL;
- }
- return cmmf_MakeCertList(inCertRepContent->caPubs);
-}
-
diff --git a/security/nss/lib/crmf/respcmn.c b/security/nss/lib/crmf/respcmn.c
deleted file mode 100644
index c4e1ba9cc..000000000
--- a/security/nss/lib/crmf/respcmn.c
+++ /dev/null
@@ -1,409 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "secder.h"
-
-SECStatus
-cmmf_DestroyPKIStatusInfo (CMMFPKIStatusInfo *info, PRBool freeit)
-{
- if (info->status.data != NULL) {
- PORT_Free(info->status.data);
- }
- if (info->statusString.data != NULL) {
- PORT_Free(info->statusString.data);
- }
- if (info->failInfo.data != NULL) {
- PORT_Free(info->failInfo.data);
- }
- if (freeit) {
- PORT_Free(info);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp != NULL) {
- if (inCertResp->certReqId.data != NULL) {
- PORT_Free(inCertResp->certReqId.data);
- }
- cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
- if (inCertResp->certifiedKeyPair != NULL) {
- CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
- }
- PORT_Free(inCertResp);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
-{
- CMMFCertifiedKeyPair *certKeyPair;
- int i;
-
- PORT_Assert(inCertRepContent != NULL);
- if (inCertRepContent != NULL && inCertRepContent->poolp != NULL) {
- if (inCertRepContent->response != NULL) {
- for (i=0; inCertRepContent->response[i] != NULL; i++) {
- certKeyPair = inCertRepContent->response[i]->certifiedKeyPair;
- if (certKeyPair != NULL &&
- certKeyPair->certOrEncCert.choice == cmmfCertificate &&
- certKeyPair->certOrEncCert.cert.certificate != NULL) {
- CERT_DestroyCertificate
- (certKeyPair->certOrEncCert.cert.certificate);
- }
- }
- }
- PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
-{
- PORT_Assert(inDecKeyCont != NULL);
- if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
- PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
- }
- return SECSuccess;
-}
-
-SECStatus
-crmf_create_prtime(SECItem *src, PRTime **dest)
-{
- *dest = PORT_ZNew(PRTime);
- return DER_UTCTimeToTime(*dest, src);
-}
-
-CRMFCertExtension*
-crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension)
-{
- PRBool isCritical;
- SECOidTag id;
- SECItem *data;
- CRMFCertExtension *newExt;
-
- PORT_Assert(inExtension != NULL);
- if (inExtension == NULL) {
- return NULL;
- }
- id = CRMF_CertExtensionGetOidTag(inExtension);
- isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
- data = CRMF_CertExtensionGetValue(inExtension);
- newExt = crmf_create_cert_extension(poolp, id,
- isCritical,
- data);
- SECITEM_FreeItem(data, PR_TRUE);
- return newExt;
-}
-
-static SECItem*
-cmmf_encode_certificate(CERTCertificate *inCert)
-{
- return SEC_ASN1EncodeItem(NULL, NULL, inCert,
- SEC_ASN1_GET(SEC_SignedCertificateTemplate));
-}
-
-CERTCertList*
-cmmf_MakeCertList(CERTCertificate **inCerts)
-{
- CERTCertList *certList;
- CERTCertificate *currCert;
- SECItem *derCert, *freeCert = NULL;
- SECStatus rv;
- int i;
-
- certList = CERT_NewCertList();
- if (certList == NULL) {
- return NULL;
- }
- for (i=0; inCerts[i] != NULL; i++) {
- derCert = &inCerts[i]->derCert;
- if (derCert->data == NULL) {
- derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
- }
- currCert=CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- derCert, NULL, PR_FALSE, PR_TRUE);
- if (freeCert != NULL) {
- SECITEM_FreeItem(freeCert, PR_TRUE);
- freeCert = NULL;
- }
- if (currCert == NULL) {
- goto loser;
- }
- rv = CERT_AddCertToListTail(certList, currCert);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return certList;
- loser:
- CERT_DestroyCertList(certList);
- return NULL;
-}
-
-CMMFPKIStatus
-cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
-{
- long derVal;
-
- derVal = DER_GetInteger(&inStatus->status);
- if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
- return cmmfNoPKIStatus;
- }
- return (CMMFPKIStatus)derVal;
-}
-
-int
-CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
-{
- int numResponses = 0;
- PORT_Assert (inCertRepContent != NULL);
- if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
- while (inCertRepContent->response[numResponses] != NULL) {
- numResponses++;
- }
- }
- return numResponses;
-}
-
-
-SECStatus
-cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
-{
- switch (certOrEncCert->choice) {
- case cmmfCertificate:
- CERT_DestroyCertificate(certOrEncCert->cert.certificate);
- break;
- case cmmfEncryptedCert:
- crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
- PR_TRUE);
- break;
- default:
- break;
- }
- if (freeit) {
- PORT_Free(certOrEncCert);
- }
- return SECSuccess;
-}
-
-SECStatus
-cmmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
- SECStatus rv;
-
- if (src->data != NULL) {
- rv = SECITEM_CopyItem(poolp, dest, src);
- } else {
- dest->data = NULL;
- dest->len = 0;
- rv = SECSuccess;
- }
- return rv;
-}
-
-SECStatus
-CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
-{
- PORT_Assert(inCertKeyPair != NULL);
- if (inCertKeyPair != NULL) {
- cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
- }
- if (inCertKeyPair->privateKey) {
- crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
- }
- if (inCertKeyPair->derPublicationInfo.data) {
- PORT_Free(inCertKeyPair->derPublicationInfo.data);
- }
- PORT_Free(inCertKeyPair);
- return SECSuccess;
-}
-
-SECStatus
-cmmf_CopyCertResponse(PRArenaPool *poolp,
- CMMFCertResponse *dest,
- CMMFCertResponse *src)
-{
- SECStatus rv;
-
- if (src->certReqId.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
- if (rv != SECSuccess) {
- return rv;
- }
- if (src->certifiedKeyPair != NULL) {
- dest->certifiedKeyPair = (poolp == NULL) ?
- PORT_ZNew(CMMFCertifiedKeyPair) :
- PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
- if (dest->certifiedKeyPair == NULL) {
- return SECFailure;
- }
- rv = cmmf_CopyCertifiedKeyPair(poolp, dest->certifiedKeyPair,
- src->certifiedKeyPair);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-cmmf_CopyCertOrEncCert(PRArenaPool *poolp, CMMFCertOrEncCert *dest,
- CMMFCertOrEncCert *src)
-{
- SECStatus rv = SECSuccess;
- CRMFEncryptedValue *encVal;
-
- dest->choice = src->choice;
- rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
- switch (src->choice) {
- case cmmfCertificate:
- dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
- break;
- case cmmfEncryptedCert:
- dest->cert.encryptedCert = encVal = (poolp == NULL) ?
- PORT_ZNew(CRMFEncryptedValue) :
- PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (encVal == NULL) {
- return SECFailure;
- }
- rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
- if (rv != SECSuccess) {
- return rv;
- }
- break;
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-cmmf_CopyCertifiedKeyPair(PRArenaPool *poolp, CMMFCertifiedKeyPair *dest,
- CMMFCertifiedKeyPair *src)
-{
- SECStatus rv;
-
- rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert,
- &src->certOrEncCert);
- if (rv != SECSuccess) {
- return rv;
- }
-
- if (src->privateKey != NULL) {
- CRMFEncryptedValue *encVal;
-
- encVal = dest->privateKey = (poolp == NULL) ?
- PORT_ZNew(CRMFEncryptedValue) :
- PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (encVal == NULL) {
- return SECFailure;
- }
- rv = crmf_copy_encryptedvalue(poolp, src->privateKey,
- dest->privateKey);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo,
- &src->derPublicationInfo);
- return rv;
-}
-
-SECStatus
-cmmf_CopyPKIStatusInfo(PRArenaPool *poolp, CMMFPKIStatusInfo *dest,
- CMMFPKIStatusInfo *src)
-{
- SECStatus rv;
-
- rv = cmmf_copy_secitem (poolp, &dest->status, &src->status);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = cmmf_copy_secitem (poolp, &dest->statusString, &src->statusString);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = cmmf_copy_secitem (poolp, &dest->failInfo, &src->failInfo);
- return rv;
-}
-
-CERTCertificate*
-cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
- CERTCertDBHandle *certdb)
-{
- if (certOrEncCert->choice != cmmfCertificate ||
- certOrEncCert->cert.certificate == NULL) {
- return NULL;
- }
- return CERT_NewTempCertificate(certdb,
- &certOrEncCert->cert.certificate->derCert,
- NULL, PR_FALSE, PR_TRUE);
-}
-
-SECStatus
-cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
- PRArenaPool *poolp,
- CMMFPKIStatus inStatus)
-{
- SECItem *dummy;
-
- if (inStatus <cmmfGranted || inStatus >= cmmfNumPKIStatus) {
- return SECFailure;
- }
-
- dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus);
- PORT_Assert(dummy == &statusInfo->status);
- if (dummy != &statusInfo->status) {
- SECITEM_FreeItem(dummy, PR_TRUE);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
diff --git a/security/nss/lib/crmf/servget.c b/security/nss/lib/crmf/servget.c
deleted file mode 100644
index 7b863d337..000000000
--- a/security/nss/lib/crmf/servget.c
+++ /dev/null
@@ -1,1008 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-#include "secder.h"
-
-CRMFEncryptedKeyChoice
-CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey)
-{
- PORT_Assert(inEncrKey != NULL);
- if (inEncrKey == NULL) {
- return crmfNoEncryptedKeyChoice;
- }
- return inEncrKey->encKeyChoice;
-}
-
-CRMFEncryptedValue*
-CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inEncrKey)
-{
- CRMFEncryptedValue *newEncrValue = NULL;
- SECStatus rv;
-
- PORT_Assert(inEncrKey != NULL);
- if (inEncrKey == NULL ||
- CRMF_EncryptedKeyGetChoice(inEncrKey) != crmfEncryptedValueChoice) {
- goto loser;
- }
- newEncrValue = PORT_ZNew(CRMFEncryptedValue);
- if (newEncrValue == NULL) {
- goto loser;
- }
- rv = crmf_copy_encryptedvalue(NULL, &inEncrKey->value.encryptedValue,
- newEncrValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newEncrValue;
- loser:
- if (newEncrValue != NULL) {
- CRMF_DestroyEncryptedValue(newEncrValue);
- }
- return NULL;
-}
-
-static SECItem*
-crmf_get_encvalue_bitstring(SECItem *srcItem)
-{
- SECItem *newItem = NULL;
- SECStatus rv;
-
- if (srcItem->data == NULL) {
- return NULL;
- }
- newItem = PORT_ZNew(SECItem);
- if (newItem == NULL) {
- goto loser;
- }
- rv = crmf_make_bitstring_copy(NULL, newItem, srcItem);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newItem;
- loser:
- if (newItem != NULL) {
- SECITEM_FreeItem(newItem, PR_TRUE);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_bitstring(&inEncValue->encSymmKey);
-}
-
-SECItem*
-CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncrValue)
-{
- if (inEncrValue == NULL || inEncrValue->encValue.data == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_bitstring(&inEncrValue->encValue);
-}
-
-static SECAlgorithmID*
-crmf_get_encvalue_algid(SECAlgorithmID *srcAlg)
-{
- SECStatus rv;
- SECAlgorithmID *newAlgID;
-
- if (srcAlg == NULL) {
- return NULL;
- }
- rv = crmf_copy_encryptedvalue_secalg(NULL, srcAlg, &newAlgID);
- if (rv != SECSuccess) {
- return NULL;
- }
- return newAlgID;
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_algid(inEncValue->intendedAlg);
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_algid(inEncValue->keyAlg);
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_algid(inEncValue->symmAlg);
-}
-
-SECItem*
-CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL || inEncValue->valueHint.data == NULL) {
- return NULL;
- }
- return SECITEM_DupItem(&inEncValue->valueHint);
-}
-
-SECStatus
-CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
- PRBool *destVal)
-{
- if (inOpt == NULL || destVal == NULL ||
- CRMF_PKIArchiveOptionsGetOptionType(inOpt) != crmfArchiveRemGenPrivKey){
- return SECFailure;
- }
- *destVal = (inOpt->option.archiveRemGenPrivKey.data[0] == hexFalse)
- ? PR_FALSE:
- PR_TRUE;
- return SECSuccess;
-}
-
-CRMFEncryptedKey*
-CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts)
-{
- CRMFEncryptedKey *newEncrKey = NULL;
- SECStatus rv;
-
- PORT_Assert(inOpts != NULL);
- if (inOpts == NULL ||
- CRMF_PKIArchiveOptionsGetOptionType(inOpts) != crmfEncryptedPrivateKey){
- return NULL;
- }
- newEncrKey = PORT_ZNew(CRMFEncryptedKey);
- if (newEncrKey == NULL) {
- goto loser;
- }
- rv = crmf_copy_encryptedkey(NULL, &inOpts->option.encryptedKey,
- newEncrKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newEncrKey;
- loser:
- if (newEncrKey != NULL) {
- CRMF_DestroyEncryptedKey(newEncrKey);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions)
-{
- if (inOptions == NULL ||
- CRMF_PKIArchiveOptionsGetOptionType(inOptions) != crmfKeyGenParameters ||
- inOptions->option.keyGenParameters.data == NULL) {
- return NULL;
- }
- return SECITEM_DupItem(&inOptions->option.keyGenParameters);
-}
-
-CRMFPKIArchiveOptionsType
-CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions)
-{
- PORT_Assert (inOptions != NULL);
- if (inOptions == NULL) {
- return crmfNoArchiveOptions;
- }
- return inOptions->archOption;
-}
-
-static SECStatus
-crmf_extract_long_from_item(SECItem *intItem, long *destLong)
-{
- *destLong = DER_GetInteger(intItem);
- return (*destLong == -1) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CRMF_POPOPrivGetKeySubseqMess(CRMFPOPOPrivKey *inKey,
- CRMFSubseqMessOptions *destOpt)
-{
- long value;
- SECStatus rv;
-
- PORT_Assert(inKey != NULL);
- if (inKey == NULL ||
- inKey->messageChoice != crmfSubsequentMessage) {
- return SECFailure;
- }
- rv = crmf_extract_long_from_item(&inKey->message.subsequentMessage,&value);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- switch (value) {
- case 0:
- *destOpt = crmfEncrCert;
- break;
- case 1:
- *destOpt = crmfChallengeResp;
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- return rv;
- }
- return SECSuccess;
-}
-
-CRMFPOPOPrivKeyChoice
-CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inPrivKey)
-{
- PORT_Assert(inPrivKey != NULL);
- if (inPrivKey != NULL) {
- return inPrivKey->messageChoice;
- }
- return crmfNoMessage;
-}
-
-SECStatus
-CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey, SECItem *destMAC)
-{
- PORT_Assert(inKey != NULL);
- if (inKey == NULL || inKey->message.dhMAC.data == NULL) {
- return SECFailure;
- }
- return crmf_make_bitstring_copy(NULL, destMAC, &inKey->message.dhMAC);
-}
-
-SECStatus
-CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
- SECItem *destString)
-{
- PORT_Assert(inKey != NULL);
- if (inKey == NULL ||
- inKey->messageChoice != crmfThisMessage) {
- return SECFailure;
- }
-
- return crmf_make_bitstring_copy(NULL, destString,
- &inKey->message.thisMessage);
-}
-
-SECAlgorithmID*
-CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey)
-{
- SECAlgorithmID *newAlgId = NULL;
- SECStatus rv;
-
- PORT_Assert(inSignKey != NULL);
- if (inSignKey == NULL) {
- return NULL;
- }
- newAlgId = PORT_ZNew(SECAlgorithmID);
- if (newAlgId == NULL) {
- goto loser;
- }
- rv = SECOID_CopyAlgorithmID(NULL, newAlgId,
- inSignKey->algorithmIdentifier);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newAlgId;
-
- loser:
- if (newAlgId != NULL) {
- SECOID_DestroyAlgorithmID(newAlgId, PR_TRUE);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey)
-{
- PORT_Assert(inSignKey != NULL);
- if (inSignKey == NULL || inSignKey->derInput.data == NULL) {
- return NULL;
- }
- return SECITEM_DupItem(&inSignKey->derInput);
-}
-
-SECItem*
-CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey)
-{
- SECItem *newSig = NULL;
- SECStatus rv;
-
- PORT_Assert(inSignKey != NULL);
- if (inSignKey == NULL) {
- return NULL;
- }
- newSig = PORT_ZNew(SECItem);
- if (newSig == NULL) {
- goto loser;
- }
- rv = crmf_make_bitstring_copy(NULL, newSig, &inSignKey->signature);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newSig;
- loser:
- if (newSig != NULL) {
- SECITEM_FreeItem(newSig, PR_TRUE);
- }
- return NULL;
-}
-
-static SECStatus
-crmf_copy_poposigningkey(PRArenaPool *poolp,
- CRMFPOPOSigningKey *inPopoSignKey,
- CRMFPOPOSigningKey *destPopoSignKey)
-{
- SECStatus rv;
-
- /* We don't support use of the POPOSigningKeyInput, so we'll only
- * store away the DER encoding.
- */
- if (inPopoSignKey->derInput.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &destPopoSignKey->derInput,
- &inPopoSignKey->derInput);
- }
- destPopoSignKey->algorithmIdentifier = (poolp == NULL) ?
- PORT_ZNew(SECAlgorithmID) :
- PORT_ArenaZNew(poolp, SECAlgorithmID);
-
- if (destPopoSignKey->algorithmIdentifier == NULL) {
- goto loser;
- }
- rv = SECOID_CopyAlgorithmID(poolp, destPopoSignKey->algorithmIdentifier,
- inPopoSignKey->algorithmIdentifier);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_make_bitstring_copy(poolp, &destPopoSignKey->signature,
- &inPopoSignKey->signature);
- if (rv != SECSuccess) {
- goto loser;
- }
- return SECSuccess;
- loser:
- if (destPopoSignKey && poolp == NULL) {
- CRMF_DestroyPOPOSigningKey(destPopoSignKey);
- }
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_popoprivkey(PRArenaPool *poolp,
- CRMFPOPOPrivKey *srcPrivKey,
- CRMFPOPOPrivKey *destPrivKey)
-{
- SECStatus rv;
-
- destPrivKey->messageChoice = srcPrivKey->messageChoice;
- switch (destPrivKey->messageChoice) {
- case crmfThisMessage:
- case crmfDHMAC:
- /* I've got a union, so taking the address of one, will also give
- * me a pointer to the other (eg, message.dhMAC)
- */
- rv = crmf_make_bitstring_copy(poolp, &destPrivKey->message.thisMessage,
- &srcPrivKey->message.thisMessage);
- break;
- case crmfSubsequentMessage:
- rv = SECITEM_CopyItem(poolp, &destPrivKey->message.subsequentMessage,
- &srcPrivKey->message.subsequentMessage);
- break;
- default:
- rv = SECFailure;
- }
-
- if (rv != SECSuccess) {
- if (destPrivKey && poolp == NULL) {
- CRMF_DestroyPOPOPrivKey(destPrivKey);
- }
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static CRMFProofOfPossession*
-crmf_copy_pop(PRArenaPool *poolp, CRMFProofOfPossession *srcPOP)
-{
- CRMFProofOfPossession *newPOP;
- SECStatus rv;
-
- /*
- * Proof Of Possession structures are always part of the Request
- * message, so there will always be an arena for allocating memory.
- */
- if (poolp == NULL) {
- return NULL;
- }
- newPOP = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (newPOP == NULL) {
- return NULL;
- }
- switch (srcPOP->popUsed) {
- case crmfRAVerified:
- newPOP->popChoice.raVerified.data = NULL;
- newPOP->popChoice.raVerified.len = 0;
- break;
- case crmfSignature:
- rv = crmf_copy_poposigningkey(poolp, &srcPOP->popChoice.signature,
- &newPOP->popChoice.signature);
- if (rv != SECSuccess) {
- goto loser;
- }
- break;
- case crmfKeyEncipherment:
- case crmfKeyAgreement:
- /* We've got a union, so a pointer to one, is a pointer to the
- * other one.
- */
- rv = crmf_copy_popoprivkey(poolp, &srcPOP->popChoice.keyEncipherment,
- &newPOP->popChoice.keyEncipherment);
- if (rv != SECSuccess) {
- goto loser;
- }
- break;
- default:
- goto loser;
- }
- newPOP->popUsed = srcPOP->popUsed;
- return newPOP;
-
- loser:
- return NULL;
-}
-
-static CRMFCertReqMsg*
-crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg)
-{
- CRMFCertReqMsg *newReqMsg;
- PRArenaPool *poolp;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
- newReqMsg->poolp = poolp;
- if (newReqMsg == NULL) {
- goto loser;
- }
- newReqMsg->certReq = crmf_copy_cert_request(poolp, srcReqMsg->certReq);
- if (newReqMsg->certReq == NULL) {
- goto loser;
- }
- newReqMsg->pop = crmf_copy_pop(poolp, srcReqMsg->pop);
- if (newReqMsg->pop == NULL) {
- goto loser;
- }
- /* None of my set/get routines operate on the regInfo field, so
- * for now, that won't get copied over.
- */
- return newReqMsg;
-
- loser:
- if (newReqMsg != NULL) {
- CRMF_DestroyCertReqMsg(newReqMsg);
- }
- return NULL;
-}
-
-CRMFCertReqMsg*
-CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
- int index)
-{
- int numMsgs;
-
- PORT_Assert(inReqMsgs != NULL && index >= 0);
- if (inReqMsgs == NULL) {
- return NULL;
- }
- numMsgs = CRMF_CertReqMessagesGetNumMessages(inReqMsgs);
- if (index < 0 || index >= numMsgs) {
- return NULL;
- }
- return crmf_copy_cert_req_msg(inReqMsgs->messages[index]);
-}
-
-int
-CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs)
-{
- int numMessages = 0;
-
- PORT_Assert(inCertReqMsgs != NULL);
- if (inCertReqMsgs == NULL) {
- return 0;
- }
- while (inCertReqMsgs->messages[numMessages] != NULL) {
- numMessages++;
- }
- return numMessages;
-}
-
-CRMFCertRequest*
-CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg)
-{
- PRArenaPool *poolp = NULL;
- CRMFCertRequest *newCertReq = NULL;
-
- PORT_Assert(inCertReqMsg != NULL);
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- newCertReq = crmf_copy_cert_request(poolp, inCertReqMsg->certReq);
- if (newCertReq == NULL) {
- goto loser;
- }
- newCertReq->poolp = poolp;
- return newCertReq;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg, long *destID)
-{
- PORT_Assert(inCertReqMsg != NULL && destID != NULL);
- if (inCertReqMsg == NULL || inCertReqMsg->certReq == NULL) {
- return SECFailure;
- }
- return crmf_extract_long_from_item(&inCertReqMsg->certReq->certReqId,
- destID);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey)
-{
- PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
- if (inCertReqMsg == NULL || destKey == NULL ||
- CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyAgreement) {
- return SECFailure;
- }
- *destKey = PORT_ZNew(CRMFPOPOPrivKey);
- if (*destKey == NULL) {
- return SECFailure;
- }
- return crmf_copy_popoprivkey(NULL,
- &inCertReqMsg->pop->popChoice.keyAgreement,
- *destKey);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey)
-{
- PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
- if (inCertReqMsg == NULL || destKey == NULL ||
- CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyEncipherment) {
- return SECFailure;
- }
- *destKey = PORT_ZNew(CRMFPOPOPrivKey);
- if (destKey == NULL) {
- return SECFailure;
- }
- return crmf_copy_popoprivkey(NULL,
- &inCertReqMsg->pop->popChoice.keyEncipherment,
- *destKey);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOSigningKey **destKey)
-{
- CRMFProofOfPossession *pop;
- PORT_Assert(inCertReqMsg != NULL);
- if (inCertReqMsg == NULL) {
- return SECFailure;
- }
- pop = inCertReqMsg->pop;;
- if (pop->popUsed != crmfSignature) {
- return SECFailure;
- }
- *destKey = PORT_ZNew(CRMFPOPOSigningKey);
- if (*destKey == NULL) {
- return SECFailure;
- }
- return crmf_copy_poposigningkey(NULL,&pop->popChoice.signature, *destKey);
-}
-
-static SECStatus
-crmf_copy_name(CERTName *destName, CERTName *srcName)
-{
- PRArenaPool *poolp = NULL;
- SECStatus rv;
-
- if (destName->arena != NULL) {
- poolp = destName->arena;
- } else {
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- }
- if (poolp == NULL) {
- return SECFailure;
- }
- /* Need to do this so that CERT_CopyName doesn't free out
- * the arena from underneath us.
- */
- destName->arena = NULL;
- rv = CERT_CopyName(poolp, destName, srcName);
- destName->arena = poolp;
- return rv;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
- CERTName *destIssuer)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuer)) {
- return crmf_copy_name(destIssuer,
- inCertReq->certTemplate.issuer);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
- SECItem *destIssuerUID)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuerUID)) {
- return crmf_make_bitstring_copy(NULL, destIssuerUID,
- &inCertReq->certTemplate.issuerUID);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
- CERTSubjectPublicKeyInfo *destPublicKey)
-{
- PORT_Assert (inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfPublicKey)) {
- return SECKEY_CopySubjectPublicKeyInfo(NULL, destPublicKey,
- inCertReq->certTemplate.publicKey);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
- long *serialNumber)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSerialNumber)) {
- return
- crmf_extract_long_from_item(&inCertReq->certTemplate.serialNumber,
- serialNumber);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
- SECAlgorithmID *destAlg)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSigningAlg)) {
- return SECOID_CopyAlgorithmID(NULL, destAlg,
- inCertReq->certTemplate.signingAlg);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSubject(CRMFCertRequest *inCertReq,
- CERTName *destSubject)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSubject)) {
- return crmf_copy_name(destSubject, inCertReq->certTemplate.subject);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
- SECItem *destSubjectUID)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSubjectUID)) {
- return crmf_make_bitstring_copy(NULL, destSubjectUID,
- &inCertReq->certTemplate.subjectUID);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
- long *version)
-{
- PORT_Assert (inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfVersion)) {
- return crmf_extract_long_from_item(&inCertReq->certTemplate.version,
- version);
- }
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_validity(CRMFGetValidity *destValidity,
- CRMFOptionalValidity *src)
-{
- SECStatus rv;
-
- destValidity->notBefore = destValidity->notAfter = NULL;
- if (src->notBefore.data != NULL) {
- rv = crmf_create_prtime(&src->notBefore,
- &destValidity->notBefore);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- if (src->notAfter.data != NULL) {
- rv = crmf_create_prtime(&src->notAfter,
- &destValidity->notAfter);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
- CRMFGetValidity *destValidity)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfValidity)) {
- return crmf_copy_validity(destValidity,
- inCertReq->certTemplate.validity);
- }
- return SECFailure;
-}
-
-CRMFControl*
-CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, int index)
-{
- CRMFControl *newControl, *srcControl;
- int numControls;
- SECStatus rv;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return NULL;
- }
- numControls = CRMF_CertRequestGetNumControls(inCertReq);
- if (index >= numControls || index < 0) {
- return NULL;
- }
- newControl = PORT_ZNew(CRMFControl);
- if (newControl == NULL) {
- return NULL;
- }
- srcControl = inCertReq->controls[index];
- newControl->tag = srcControl->tag;
- rv = SECITEM_CopyItem (NULL, &newControl->derTag, &srcControl->derTag);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(NULL, &newControl->derValue,
- &srcControl->derValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* Copy over the PKIArchiveOptions stuff */
- switch (srcControl->tag) {
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- /* No further processing necessary for these types. */
- rv = SECSuccess;
- break;
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- /* These aren't supported yet, so no post-processing will
- * be done at this time. But we don't want to fail in case
- * we read in DER that has one of these options.
- */
- rv = SECSuccess;
- break;
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- rv = crmf_copy_pkiarchiveoptions(NULL,
- &newControl->value.archiveOptions,
- &srcControl->value.archiveOptions);
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- return newControl;
- loser:
- if (newControl != NULL) {
- CRMF_DestroyControl(newControl);
- }
- return NULL;
-}
-
-static SECItem*
-crmf_copy_control_value(CRMFControl *inControl)
-{
- return SECITEM_DupItem(&inControl->derValue);
-}
-
-SECItem*
-CRMF_ControlGetAuthenticatorControlValue(CRMFControl *inControl)
-{
- PORT_Assert (inControl!= NULL);
- if (inControl == NULL ||
- CRMF_ControlGetControlType(inControl) != crmfAuthenticatorControl) {
- return NULL;
- }
- return crmf_copy_control_value(inControl);
-}
-
-CRMFControlType
-CRMF_ControlGetControlType(CRMFControl *inControl)
-{
- CRMFControlType retType;
-
- PORT_Assert(inControl != NULL);
- switch (inControl->tag) {
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- retType = crmfRegTokenControl;
- break;
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- retType = crmfAuthenticatorControl;
- break;
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- retType = crmfPKIPublicationInfoControl;
- break;
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- retType = crmfPKIArchiveOptionsControl;
- break;
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- retType = crmfOldCertIDControl;
- break;
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- retType = crmfProtocolEncrKeyControl;
- break;
- default:
- retType = crmfNoControl;
- }
- return retType;
-}
-
-CRMFPKIArchiveOptions*
-CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl)
-{
- CRMFPKIArchiveOptions *newOpt = NULL;
- SECStatus rv;
-
- PORT_Assert(inControl != NULL);
- if (inControl == NULL ||
- CRMF_ControlGetControlType(inControl) != crmfPKIArchiveOptionsControl){
- goto loser;
- }
- newOpt = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newOpt == NULL) {
- goto loser;
- }
- rv = crmf_copy_pkiarchiveoptions(NULL, newOpt,
- &inControl->value.archiveOptions);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- loser:
- if (newOpt != NULL) {
- CRMF_DestroyPKIArchiveOptions(newOpt);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl)
-{
- PORT_Assert(inControl != NULL);
- if (inControl == NULL ||
- CRMF_ControlGetControlType(inControl) != crmfRegTokenControl) {
- return NULL;
- }
- return crmf_copy_control_value(inControl);;
-}
-
-CRMFCertExtension*
-CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
- int index)
-{
- int numExtensions;
-
- PORT_Assert(inCertReq != NULL);
- numExtensions = CRMF_CertRequestGetNumberOfExtensions(inCertReq);
- if (index >= numExtensions || index < 0) {
- return NULL;
- }
- return
- crmf_copy_cert_extension(NULL,
- inCertReq->certTemplate.extensions[index]);
-}
-
diff --git a/security/nss/lib/cryptohi/Makefile b/security/nss/lib/cryptohi/Makefile
deleted file mode 100644
index ced902117..000000000
--- a/security/nss/lib/cryptohi/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-export:: private_export
-
diff --git a/security/nss/lib/cryptohi/config.mk b/security/nss/lib/cryptohi/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/cryptohi/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/cryptohi/cryptohi.h b/security/nss/lib/cryptohi/cryptohi.h
deleted file mode 100644
index 28359cb65..000000000
--- a/security/nss/lib/cryptohi/cryptohi.h
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _CRYPTOHI_H_
-#define _CRYPTOHI_H_
-
-#include "blapi.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "cryptoht.h"
-#include "keyt.h"
-#include "certt.h"
-
-
-SEC_BEGIN_PROTOS
-
-
-/****************************************/
-/*
-** DER encode/decode DSA signatures
-*/
-
-/* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA code (and
- * most of the rest of the world) just generates 40 bytes of raw data. These
- * functions convert between formats.
- */
-extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
-extern SECItem *DSAU_DecodeDerSig(SECItem *item);
-
-
-
-/****************************************/
-/*
-** Signature creation operations
-*/
-
-/*
-** Create a new signature context used for signing a data stream.
-** "alg" the signature algorithm to use (e.g. SEC_OID_RSA_WITH_MD5)
-** "privKey" the private key to use
-*/
-extern SGNContext *SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *privKey);
-
-/*
-** Destroy a signature-context object
-** "key" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SGN_DestroyContext(SGNContext *cx, PRBool freeit);
-
-/*
-** Reset the signing context "cx" to its initial state, preparing it for
-** another stream of data.
-*/
-extern SECStatus SGN_Begin(SGNContext *cx);
-
-/*
-** Update the signing context with more data to sign.
-** "cx" the context
-** "input" the input data to sign
-** "inputLen" the length of the input data
-*/
-extern SECStatus SGN_Update(SGNContext *cx, unsigned char *input,
- unsigned int inputLen);
-
-/*
-** Finish the signature process. Use either k0 or k1 to sign the data
-** stream that was input using SGN_Update. The resulting signature is
-** formatted using PKCS#1 and then encrypted using RSA private or public
-** encryption.
-** "cx" the context
-** "result" the final signature data (memory is allocated)
-*/
-extern SECStatus SGN_End(SGNContext *cx, SECItem *result);
-
-/*
-** Sign a single block of data using private key encryption and given
-** signature/hash algorithm.
-** "result" the final signature data (memory is allocated)
-** "buf" the input data to sign
-** "len" the amount of data to sign
-** "pk" the private key to encrypt with
-** "algid" the signature/hash algorithm to sign with
-** (must be compatible with the key type).
-*/
-extern SECStatus SEC_SignData(SECItem *result, unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algid);
-
-/*
-** Sign a pre-digested block of data using private key encryption, encoding
-** The given signature/hash algorithm.
-** "result" the final signature data (memory is allocated)
-** "digest" the digest to sign
-** "pk" the private key to encrypt with
-** "algtag" The algorithm tag to encode (need for RSA only)
-*/
-extern SECStatus SGN_Digest(SECKEYPrivateKey *privKey,
- SECOidTag algtag, SECItem *result, SECItem *digest);
-
-/*
-** DER sign a single block of data using private key encryption and the
-** MD5 hashing algorithm. This routine first computes a digital signature
-** using SEC_SignData, then wraps it with an CERTSignedData and then der
-** encodes the result.
-** "arena" is the memory arena to use to allocate data from
-** "result" the final der encoded data (memory is allocated)
-** "buf" the input data to sign
-** "len" the amount of data to sign
-** "pk" the private key to encrypt with
-*/
-extern SECStatus SEC_DerSignData(PRArenaPool *arena, SECItem *result,
- unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algid);
-
-/*
-** Destroy a signed-data object.
-** "sd" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SEC_DestroySignedData(CERTSignedData *sd, PRBool freeit);
-
-/****************************************/
-/*
-** Signature verification operations
-*/
-
-/*
-** Create a signature verification context.
-** "key" the public key to verify with
-** "sig" the encrypted signature data if sig is NULL then
-** VFY_EndWithSignature must be called with the correct signature at
-** the end of the processing.
-** "algid" specifies the signing algorithm to use. This must match
-** the key type.
-** "wincx" void pointer to the window context
-*/
-extern VFYContext *VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx);
-
-/*
-** Destroy a verification-context object.
-** "cx" the context to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void VFY_DestroyContext(VFYContext *cx, PRBool freeit);
-
-extern SECStatus VFY_Begin(VFYContext *cx);
-
-/*
-** Update a verification context with more input data. The input data
-** is fed to a secure hash function (depending on what was in the
-** encrypted signature data).
-** "cx" the context
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus VFY_Update(VFYContext *cx, unsigned char *input,
- unsigned int inputLen);
-
-/*
-** Finish the verification process. The return value is a status which
-** indicates success or failure. On success, the SECSuccess value is
-** returned. Otherwise, SECFailure is returned and the error code found
-** using PORT_GetError() indicates what failure occurred.
-** "cx" the context
-*/
-extern SECStatus VFY_End(VFYContext *cx);
-
-/*
-** Finish the verification process. The return value is a status which
-** indicates success or failure. On success, the SECSuccess value is
-** returned. Otherwise, SECFailure is returned and the error code found
-** using PORT_GetError() indicates what failure occurred. If signature is
-** supplied the verification uses this signature to verify, otherwise the
-** signature passed in VFY_CreateContext() is used.
-** VFY_EndWithSignature(cx,NULL); is identical to VFY_End(cx);.
-** "cx" the context
-** "sig" the encrypted signature data
-*/
-extern SECStatus VFY_EndWithSignature(VFYContext *cx, SECItem *sig);
-
-
-/*
-** Verify the signature on a block of data for which we already have
-** the digest. The signature data is an RSA private key encrypted
-** block of data formatted according to PKCS#1.
-** "dig" the digest
-** "key" the public key to check the signature with
-** "sig" the encrypted signature data
-** "algid" specifies the signing algorithm to use. This must match
-** the key type.
-**/
-extern SECStatus VFY_VerifyDigest(SECItem *dig, SECKEYPublicKey *key,
- SECItem *sig, SECOidTag algid, void *wincx);
-
-/*
-** Verify the signature on a block of data. The signature data is an RSA
-** private key encrypted block of data formatted according to PKCS#1.
-** "buf" the input data
-** "len" the length of the input data
-** "key" the public key to check the signature with
-** "sig" the encrypted signature data
-** "algid" specifies the signing algorithm to use. This must match
-** the key type.
-*/
-extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
- SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx);
-
-
-SEC_END_PROTOS
-
-#endif /* _CRYPTOHI_H_ */
diff --git a/security/nss/lib/cryptohi/cryptoht.h b/security/nss/lib/cryptohi/cryptoht.h
deleted file mode 100644
index 3116db279..000000000
--- a/security/nss/lib/cryptohi/cryptoht.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * cryptoht.h - public data structures for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _CRYPTOHT_H_
-#define _CRYPTOHT_H_
-
-typedef struct SGNContextStr SGNContext;
-typedef struct VFYContextStr VFYContext;
-
-
-#endif /* _CRYPTOHT_H_ */
diff --git a/security/nss/lib/cryptohi/dsautil.c b/security/nss/lib/cryptohi/dsautil.c
deleted file mode 100644
index 504e69907..000000000
--- a/security/nss/lib/cryptohi/dsautil.c
+++ /dev/null
@@ -1,231 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secasn1.h"
-#include "secitem.h"
-#include "prerr.h"
-
-#ifndef DSA_SUBPRIME_LEN
-#define DSA_SUBPRIME_LEN 20 /* bytes */
-#endif
-
-typedef struct {
- SECItem r;
- SECItem s;
-} DSA_ASN1Signature;
-
-const SEC_ASN1Template DSA_SignatureTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(DSA_ASN1Signature) },
- { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,r) },
- { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,s) },
- { 0, }
-};
-
-/* Input is variable length multi-byte integer, MSB first (big endian).
-** Most signficant bit of first byte is NOT treated as a sign bit.
-** May be one or more leading bytes of zeros.
-** Output is variable length multi-byte integer, MSB first (big endian).
-** Most significant bit of first byte will be zero (positive sign bit)
-** No more than one leading zero byte.
-** Caller supplies dest buffer, and assures that it is long enough,
-** e.g. at least one byte longer that src's buffer.
-*/
-void
-DSAU_ConvertUnsignedToSigned(SECItem *dest, SECItem *src)
-{
- unsigned char *pSrc = src->data;
- unsigned char *pDst = dest->data;
- unsigned int cntSrc = src->len;
-
- /* skip any leading zeros. */
- while (cntSrc && !(*pSrc)) {
- pSrc++;
- cntSrc--;
- }
- if (!cntSrc) {
- *pDst = 0;
- dest->len = 1;
- return;
- }
-
- if (*pSrc & 0x80)
- *pDst++ = 0;
-
- PORT_Memcpy(pDst, pSrc, cntSrc);
- dest->len = (pDst - dest->data) + cntSrc;
-}
-
-/*
-** src is a buffer holding a signed variable length integer.
-** dest is a buffer which will be filled with an unsigned integer,
-** MSB first (big endian) with leading zeros, so that the last byte
-** of src will be the LSB of the integer. The result will be exactly
-** the length specified by the caller in dest->len.
-** src can be shorter than dest. src can be longer than dst, but only
-** if the extra leading bytes are zeros.
-*/
-SECStatus
-DSAU_ConvertSignedToFixedUnsigned(SECItem *dest, SECItem *src)
-{
- unsigned char *pSrc = src->data;
- unsigned char *pDst = dest->data;
- unsigned int cntSrc = src->len;
- unsigned int cntDst = dest->len;
- int zCount = cntDst - cntSrc;
-
- if (zCount > 0) {
- PORT_Memset(pDst, 0, zCount);
- PORT_Memcpy(pDst + zCount, pSrc, cntSrc);
- return SECSuccess;
- }
- if (zCount <= 0) {
- /* Source is longer than destination. Check for leading zeros. */
- while (zCount++ < 0) {
- if (*pSrc++ != 0)
- goto loser;
- }
- }
- PORT_Memcpy(pDst, pSrc, cntDst);
- return SECSuccess;
-
-loser:
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR );
- return SECFailure;
-}
-
-/* src is a "raw" DSA signature, 20 bytes of r followed by 20 bytes of s.
-** dest is the signature DER encoded. ?
-*/
-SECStatus
-DSAU_EncodeDerSig(SECItem *dest, SECItem *src)
-{
- SECItem * item;
- SECItem srcItem;
- DSA_ASN1Signature sig;
- unsigned char signedR[DSA_SUBPRIME_LEN + 1];
- unsigned char signedS[DSA_SUBPRIME_LEN + 1];
-
- PORT_Memset(&sig, 0, sizeof(sig));
-
- PORT_Assert(src->len == 2 * DSA_SUBPRIME_LEN);
- if (src->len != 2 * DSA_SUBPRIME_LEN) {
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR );
- return SECFailure;
- }
-
- /* Must convert r and s from "unsigned" integers to "signed" integers.
- ** If the high order bit of the first byte (MSB) is 1, then must
- ** prepend with leading zero.
- ** Must remove all but one leading zero byte from numbers.
- */
- sig.r.type = siUnsignedInteger;
- sig.r.data = signedR;
- sig.r.len = sizeof signedR;
- sig.s.type = siUnsignedInteger;
- sig.s.data = signedS;
- sig.s.len = sizeof signedR;
-
- srcItem.data = src->data;
- srcItem.len = DSA_SUBPRIME_LEN;
-
- DSAU_ConvertUnsignedToSigned(&sig.r, &srcItem);
- srcItem.data += DSA_SUBPRIME_LEN;
- DSAU_ConvertUnsignedToSigned(&sig.s, &srcItem);
-
- item = SEC_ASN1EncodeItem(NULL, dest, &sig, DSA_SignatureTemplate);
- if (item == NULL)
- return SECFailure;
-
- /* XXX leak item? */
- return SECSuccess;
-}
-
-/* src is a DER-encoded DSA signature.
-** Returns a newly-allocated SECItem structure, pointing at a newly allocated
-** buffer containing the "raw" DSA signature, which is 20 bytes of r,
-** followed by 20 bytes of s.
-*/
-SECItem *
-DSAU_DecodeDerSig(SECItem *item)
-{
- SECItem * result = NULL;
- SECStatus status;
- DSA_ASN1Signature sig;
- SECItem dst;
-
- PORT_Memset(&sig, 0, sizeof(sig));
-
- result = PORT_ZNew(SECItem);
- if (result == NULL)
- goto loser;
-
- result->len = 2 * DSA_SUBPRIME_LEN;
- result->data = (unsigned char*)PORT_Alloc(2 * DSA_SUBPRIME_LEN);
- if (result->data == NULL)
- goto loser;
-
- sig.r.type = siUnsignedInteger;
- sig.s.type = siUnsignedInteger;
- status = SEC_ASN1DecodeItem(NULL, &sig, DSA_SignatureTemplate, item);
- if (status != SECSuccess)
- goto loser;
-
- /* Convert sig.r and sig.s from variable length signed integers to
- ** fixed length unsigned integers.
- */
- dst.data = result->data;
- dst.len = DSA_SUBPRIME_LEN;
- status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.r);
- if (status != SECSuccess)
- goto loser;
-
- dst.data += DSA_SUBPRIME_LEN;
- status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.s);
- if (status != SECSuccess)
- goto loser;
-
-done:
- if (sig.r.data != NULL)
- PORT_Free(sig.r.data);
- if (sig.s.data != NULL)
- PORT_Free(sig.s.data);
-
- return result;
-
-loser:
- if (result != NULL) {
- SECITEM_FreeItem(result, PR_TRUE);
- result = NULL;
- }
- goto done;
-}
diff --git a/security/nss/lib/cryptohi/hasht.h b/security/nss/lib/cryptohi/hasht.h
deleted file mode 100644
index 852ee706e..000000000
--- a/security/nss/lib/cryptohi/hasht.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * hasht.h - public data structures for the hashing library
- *
- * $Id$
- */
-
-#ifndef _HASHT_H_
-#define _HASHT_H_
-
-/* Opaque objects */
-typedef struct SECHashObjectStr SECHashObject;
-typedef struct HASHContextStr HASHContext;
-
-/*
- * The hash functions the security library supports
- * NOTE the order must match the definition of SECHashObjects[]!
- */
-typedef enum {
- HASH_AlgNULL = 0,
- HASH_AlgMD2 = 1,
- HASH_AlgMD5 = 2,
- HASH_AlgSHA1 = 3,
- HASH_AlgSHA256 = 4,
- HASH_AlgSHA384 = 5,
- HASH_AlgSHA512 = 6,
- HASH_AlgTOTAL
-} HASH_HashType;
-
-/*
- * Number of bytes each hash algorithm produces
- */
-#define MD2_LENGTH 16
-#define MD5_LENGTH 16
-#define SHA1_LENGTH 20
-#define SHA256_LENGTH 32
-#define SHA384_LENGTH 48
-#define SHA512_LENGTH 64
-#define HASH_LENGTH_MAX SHA512_LENGTH
-
-/*
- * Structure to hold hash computation info and routines
- */
-struct SECHashObjectStr {
- unsigned int length;
- void * (*create)(void);
- void * (*clone)(void *);
- void (*destroy)(void *, PRBool);
- void (*begin)(void *);
- void (*update)(void *, const unsigned char *, unsigned int);
- void (*end)(void *, unsigned char *, unsigned int *, unsigned int);
-};
-
-struct HASHContextStr {
- const struct SECHashObjectStr *hashobj;
- void *hash_context;
-};
-
-/* This symbol is NOT exported from the NSS DLL. Code that needs a
- * pointer to one of the SECHashObjects should call HASH_GetHashObject()
- * instead. See "sechash.h".
- */
-extern const SECHashObject SECHashObjects[];
-
-/* Only those functions below the PKCS #11 line should use SECRawHashObjects.
- * This symbol is not exported from the NSS DLL.
- */
-extern const SECHashObject SECRawHashObjects[];
-
-#endif /* _HASHT_H_ */
diff --git a/security/nss/lib/cryptohi/key.h b/security/nss/lib/cryptohi/key.h
deleted file mode 100644
index 678beafd8..000000000
--- a/security/nss/lib/cryptohi/key.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEY_H_
-#define _KEY_H_
-
-#include "keyhi.h"
-
-#endif /* _KEY_H_ */
diff --git a/security/nss/lib/cryptohi/keyhi.h b/security/nss/lib/cryptohi/keyhi.h
deleted file mode 100644
index 4061352af..000000000
--- a/security/nss/lib/cryptohi/keyhi.h
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEYHI_H_
-#define _KEYHI_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "keythi.h"
-#include "certt.h"
-/*#include "secpkcs5.h" */
-
-SEC_BEGIN_PROTOS
-
-
-/*
-** Destroy a subject-public-key-info object.
-*/
-extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki);
-
-/*
-** Copy subject-public-key-info "src" to "dst". "dst" is filled in
-** appropriately (memory is allocated for each of the sub objects).
-*/
-extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *dst,
- CERTSubjectPublicKeyInfo *src);
-
-/*
-** Update the PQG parameters for a cert's public key.
-** Only done for DSA and Fortezza certs
-*/
-extern SECStatus
-SECKEY_UpdateCertPQG(CERTCertificate * subjectCert);
-
-
-/* Compare the KEA parameters of two public keys.
- * Only used by fortezza. */
-
-extern SECStatus
-SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2);
-
-/*
-** Return the strength of the public key in bytes
-*/
-extern unsigned SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk);
-
-/*
-** Return the strength of the public key in bits
-*/
-extern unsigned SECKEY_PublicKeyStrengthInBits(SECKEYPublicKey *pubk);
-
-/*
-** Make a copy of the private key "privKey"
-*/
-extern SECKEYPrivateKey *SECKEY_CopyPrivateKey(SECKEYPrivateKey *privKey);
-
-/*
-** Make a copy of the public key "pubKey"
-*/
-extern SECKEYPublicKey *SECKEY_CopyPublicKey(SECKEYPublicKey *pubKey);
-
-/*
-** Convert a private key "privateKey" into a public key
-*/
-extern SECKEYPublicKey *SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privateKey);
-
-/*
- * create a new RSA key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits,
- SECKEYPublicKey **pubk, void *cx);
-
-/*
- * create a new DH key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param,
- SECKEYPublicKey **pubk, void *cx);
-
-/*
- * create a new EC key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateECPrivateKey(SECKEYECParams *param,
- SECKEYPublicKey **pubk, void *cx);
-
-/*
-** Create a subject-public-key-info based on a public key.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *k);
-
-/*
-** Decode a DER encoded public key into an SECKEYPublicKey structure.
-*/
-extern SECKEYPublicKey *SECKEY_DecodeDERPublicKey(SECItem *pubkder);
-
-/*
-** Convert a base64 ascii encoded DER public key to our internal format.
-*/
-extern SECKEYPublicKey *SECKEY_ConvertAndDecodePublicKey(char *pubkstr);
-
-/*
-** Convert a base64 ascii encoded DER public key and challenge to spki,
-** and verify the signature and challenge data are correct
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
- void *cx);
-
-/*
-** Encode a CERTSubjectPublicKeyInfo structure. into a
-** DER encoded subject public key info.
-*/
-SECItem *
-SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk);
-
-/*
-** Decode a DER encoded subject public key info into a
-** CERTSubjectPublicKeyInfo structure.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider);
-
-/*
-** Convert a base64 ascii encoded DER subject public key info to our
-** internal format.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr);
-
-/*
- * extract the public key from a subject Public Key info structure.
- * (used by JSS).
- */
-extern SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *);
-
-/*
-** Destroy a private key object.
-** "key" the object
-*/
-extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key);
-
-
-/*
-** Destroy a public key object.
-** "key" the object
-*/
-extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key);
-
-/* Destroy and zero out a private key info structure. for now this
- * function zero's out memory allocated in an arena for the key
- * since PORT_FreeArena does not currently do this.
- *
- * NOTE -- If a private key info is allocated in an arena, one should
- * not call this function with freeit = PR_FALSE. The function should
- * destroy the arena.
- */
-extern void
-SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit);
-
-/* Destroy and zero out an encrypted private key info.
- *
- * NOTE -- If a encrypted private key info is allocated in an arena, one should
- * not call this function with freeit = PR_FALSE. The function should
- * destroy the arena.
- */
-extern void
-SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
- PRBool freeit);
-
-/* Copy private key info structure.
- * poolp is the arena into which the contents of from is to be copied.
- * NULL is a valid entry.
- * to is the destination private key info
- * from is the source private key info
- * if either from or to is NULL or an error occurs, SECFailure is
- * returned. otherwise, SECSuccess is returned.
- */
-extern SECStatus
-SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYPrivateKeyInfo *to,
- SECKEYPrivateKeyInfo *from);
-
-/* Copy encrypted private key info structure.
- * poolp is the arena into which the contents of from is to be copied.
- * NULL is a valid entry.
- * to is the destination encrypted private key info
- * from is the source encrypted private key info
- * if either from or to is NULL or an error occurs, SECFailure is
- * returned. otherwise, SECSuccess is returned.
- */
-extern SECStatus
-SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYEncryptedPrivateKeyInfo *to,
- SECKEYEncryptedPrivateKeyInfo *from);
-/*
- * Accessor functions for key type of public and private keys.
- */
-KeyType SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey);
-KeyType SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey);
-
-/*
- * Creates a PublicKey from its DER encoding.
- * Currently only supports RSA and DSA keys.
- */
-SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type);
-
-SECKEYPrivateKeyList*
-SECKEY_NewPrivateKeyList(void);
-
-void
-SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
-
-void
-SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
-
-SECStatus
-SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
- SECKEYPrivateKey *key);
-
-#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode*)PR_LIST_HEAD(&l->list))
-#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
-#define PRIVKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-SECKEYPublicKeyList*
-SECKEY_NewPublicKeyList(void);
-
-void
-SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys);
-
-void
-SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node);
-
-SECStatus
-SECKEY_AddPublicKeyToListTail( SECKEYPublicKeyList *list,
- SECKEYPublicKey *key);
-
-#define PUBKEY_LIST_HEAD(l) ((SECKEYPublicKeyListNode*)PR_LIST_HEAD(&l->list))
-#define PUBKEY_LIST_NEXT(n) ((SECKEYPublicKeyListNode *)n->links.next)
-#define PUBKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-SEC_END_PROTOS
-
-#endif /* _KEYHI_H_ */
diff --git a/security/nss/lib/cryptohi/keyt.h b/security/nss/lib/cryptohi/keyt.h
deleted file mode 100644
index 1b104b96a..000000000
--- a/security/nss/lib/cryptohi/keyt.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * keyt.h - public data structures for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEYT_H_
-#define _KEYT_H_
-
-#include "keythi.h"
-
-#endif /* _KEYT_H_ */
diff --git a/security/nss/lib/cryptohi/keythi.h b/security/nss/lib/cryptohi/keythi.h
deleted file mode 100644
index 6c4f3aaf3..000000000
--- a/security/nss/lib/cryptohi/keythi.h
+++ /dev/null
@@ -1,248 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _KEYTHI_H_
-#define _KEYTHI_H_ 1
-
-#include "plarena.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "prclist.h"
-
-typedef enum {
- nullKey = 0,
- rsaKey = 1,
- dsaKey = 2,
- fortezzaKey = 3,
- dhKey = 4,
- keaKey = 5,
- ecKey = 6
-} KeyType;
-
-/*
-** Template Definitions
-**/
-
-SEC_BEGIN_PROTOS
-extern const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DHParamKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[];
-extern const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[];
-
-/* Windows DLL accessor functions */
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_DSAPublicKeyTemplate;
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_RSAPublicKeyTemplate;
-SEC_END_PROTOS
-
-
-/*
-** RSA Public Key structures
-** member names from PKCS#1, section 7.1
-*/
-
-struct SECKEYRSAPublicKeyStr {
- PRArenaPool * arena;
- SECItem modulus;
- SECItem publicExponent;
-};
-typedef struct SECKEYRSAPublicKeyStr SECKEYRSAPublicKey;
-
-
-/*
-** DSA Public Key and related structures
-*/
-
-struct SECKEYPQGParamsStr {
- PRArenaPool *arena;
- SECItem prime; /* p */
- SECItem subPrime; /* q */
- SECItem base; /* g */
- /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
-};
-typedef struct SECKEYPQGParamsStr SECKEYPQGParams;
-
-struct SECKEYDSAPublicKeyStr {
- SECKEYPQGParams params;
- SECItem publicValue;
-};
-typedef struct SECKEYDSAPublicKeyStr SECKEYDSAPublicKey;
-
-
-/*
-** Diffie-Hellman Public Key structure
-** Structure member names suggested by PKCS#3.
-*/
-struct SECKEYDHParamsStr {
- PRArenaPool * arena;
- SECItem prime; /* p */
- SECItem base; /* g */
-};
-typedef struct SECKEYDHParamsStr SECKEYDHParams;
-
-struct SECKEYDHPublicKeyStr {
- PRArenaPool * arena;
- SECItem prime;
- SECItem base;
- SECItem publicValue;
-};
-typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
-
-/*
-** Elliptic curve Public Key structure
-** The PKCS#11 layer needs DER encoding of ANSI X9.62
-** parameters value
-*/
-typedef SECItem SECKEYECParams;
-
-struct SECKEYECPublicKeyStr {
- SECKEYECParams DEREncodedParams;
- int size; /* size in bits */
- SECItem publicValue; /* encoded point */
- /* XXX Even though the PKCS#11 interface takes encoded parameters,
- * we may still wish to decode them above PKCS#11 for things like
- * printing key information. For named curves, which is what
- * we initially support, we ought to have the curve name at the
- * very least.
- */
-};
-typedef struct SECKEYECPublicKeyStr SECKEYECPublicKey;
-
-/*
-** FORTEZZA Public Key structures
-*/
-struct SECKEYFortezzaPublicKeyStr {
- int KEAversion;
- int DSSversion;
- unsigned char KMID[8];
- SECItem clearance;
- SECItem KEApriviledge;
- SECItem DSSpriviledge;
- SECItem KEAKey;
- SECItem DSSKey;
- SECKEYPQGParams params;
- SECKEYPQGParams keaParams;
-};
-typedef struct SECKEYFortezzaPublicKeyStr SECKEYFortezzaPublicKey;
-
-struct SECKEYDiffPQGParamsStr {
- SECKEYPQGParams DiffKEAParams;
- SECKEYPQGParams DiffDSAParams;
-};
-typedef struct SECKEYDiffPQGParamsStr SECKEYDiffPQGParams;
-
-struct SECKEYPQGDualParamsStr {
- SECKEYPQGParams CommParams;
- SECKEYDiffPQGParams DiffParams;
-};
-typedef struct SECKEYPQGDualParamsStr SECKEYPQGDualParams;
-
-struct SECKEYKEAParamsStr {
- PLArenaPool *arena;
- SECItem hash;
-};
-typedef struct SECKEYKEAParamsStr SECKEYKEAParams;
-
-struct SECKEYKEAPublicKeyStr {
- SECKEYKEAParams params;
- SECItem publicValue;
-};
-typedef struct SECKEYKEAPublicKeyStr SECKEYKEAPublicKey;
-
-/*
-** A Generic public key object.
-*/
-struct SECKEYPublicKeyStr {
- PLArenaPool *arena;
- KeyType keyType;
- PK11SlotInfo *pkcs11Slot;
- CK_OBJECT_HANDLE pkcs11ID;
- union {
- SECKEYRSAPublicKey rsa;
- SECKEYDSAPublicKey dsa;
- SECKEYDHPublicKey dh;
- SECKEYKEAPublicKey kea;
- SECKEYFortezzaPublicKey fortezza;
- SECKEYECPublicKey ec;
- } u;
-};
-typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
-
-/*
-** A generic key structure
-*/
-struct SECKEYPrivateKeyStr {
- PLArenaPool *arena;
- KeyType keyType;
- PK11SlotInfo *pkcs11Slot; /* pkcs11 slot this key lives in */
- CK_OBJECT_HANDLE pkcs11ID; /* ID of pkcs11 object */
- PRBool pkcs11IsTemp; /* temp pkcs11 object, delete it when done */
- void *wincx; /* context for errors and pw prompts */
-};
-typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
-
-/* Despite the name, this struct isn't used by any pkcs5 code.
-** It's used by pkcs7 and pkcs12 code.
-*/
-typedef struct {
- SECItem *pwitem;
- PK11SymKey *key;
- PK11SlotInfo *slot;
- void *wincx;
-} SEC_PKCS5KeyAndPassword;
-
-typedef struct {
- PRCList links;
- SECKEYPrivateKey *key;
-} SECKEYPrivateKeyListNode;
-
-typedef struct {
- PRCList list;
- PRArenaPool *arena;
-} SECKEYPrivateKeyList;
-
-typedef struct {
- PRCList links;
- SECKEYPublicKey *key;
-} SECKEYPublicKeyListNode;
-
-typedef struct {
- PRCList list;
- PRArenaPool *arena;
-} SECKEYPublicKeyList;
-#endif /* _KEYTHI_H_ */
-
diff --git a/security/nss/lib/cryptohi/manifest.mn b/security/nss/lib/cryptohi/manifest.mn
deleted file mode 100644
index ff0125ac8..000000000
--- a/security/nss/lib/cryptohi/manifest.mn
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-REQUIRES = dbm
-
-LIBRARY_NAME = cryptohi
-
-EXPORTS = \
- cryptohi.h \
- cryptoht.h \
- hasht.h \
- key.h \
- keyhi.h \
- keyt.h \
- keythi.h \
- sechash.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- $(NULL)
-
-LIBSRCS = \
- sechash.c \
- seckey.c \
- secsign.c \
- secvfy.c \
- dsautil.c \
- $(NULL)
-
-CSRCS = $(LIBSRCS)
-
diff --git a/security/nss/lib/cryptohi/sechash.c b/security/nss/lib/cryptohi/sechash.c
deleted file mode 100644
index 0cea81d07..000000000
--- a/security/nss/lib/cryptohi/sechash.c
+++ /dev/null
@@ -1,364 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "sechash.h"
-#include "secoidt.h"
-#include "secerr.h"
-#include "blapi.h"
-#include "pk11func.h" /* for the PK11_ calls below. */
-
-static void *
-null_hash_new_context(void)
-{
- return NULL;
-}
-
-static void *
-null_hash_clone_context(void *v)
-{
- PORT_Assert(v == NULL);
- return NULL;
-}
-
-static void
-null_hash_begin(void *v)
-{
-}
-
-static void
-null_hash_update(void *v, const unsigned char *input, unsigned int length)
-{
-}
-
-static void
-null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
- unsigned int maxOut)
-{
- *outLen = 0;
-}
-
-static void
-null_hash_destroy_context(void *v, PRBool b)
-{
- PORT_Assert(v == NULL);
-}
-
-
-static void *
-md2_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_MD2);
-}
-
-static void *
-md5_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_MD5);
-}
-
-static void *
-sha1_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_SHA1);
-}
-
-static void *
-sha256_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_SHA256);
-}
-
-static void *
-sha384_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_SHA384);
-}
-
-static void *
-sha512_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_SHA512);
-}
-
-const SECHashObject SECHashObjects[] = {
- { 0,
- (void * (*)(void)) null_hash_new_context,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) null_hash_destroy_context,
- (void (*)(void *)) null_hash_begin,
- (void (*)(void *, const unsigned char *, unsigned int)) null_hash_update,
- (void (*)(void *, unsigned char *, unsigned int *,
- unsigned int)) null_hash_end
- },
- { MD2_LENGTH,
- (void * (*)(void)) md2_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { MD5_LENGTH,
- (void * (*)(void)) md5_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { SHA1_LENGTH,
- (void * (*)(void)) sha1_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { SHA256_LENGTH,
- (void * (*)(void)) sha256_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { SHA384_LENGTH,
- (void * (*)(void)) sha384_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { SHA512_LENGTH,
- (void * (*)(void)) sha512_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
-};
-
-const SECHashObject *
-HASH_GetHashObject(HASH_HashType type)
-{
- return &SECHashObjects[type];
-}
-
-HASH_HashType
-HASH_GetHashTypeByOidTag(SECOidTag hashOid)
-{
- HASH_HashType ht = HASH_AlgNULL;
-
- switch(hashOid) {
- case SEC_OID_MD2: ht = HASH_AlgMD2; break;
- case SEC_OID_MD5: ht = HASH_AlgMD5; break;
- case SEC_OID_SHA1: ht = HASH_AlgSHA1; break;
- case SEC_OID_SHA256: ht = HASH_AlgSHA256; break;
- case SEC_OID_SHA384: ht = HASH_AlgSHA384; break;
- case SEC_OID_SHA512: ht = HASH_AlgSHA512; break;
- default: ht = HASH_AlgNULL;
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- break;
- }
- return ht;
-}
-
-const SECHashObject *
-HASH_GetHashObjectByOidTag(SECOidTag hashOid)
-{
- HASH_HashType ht = HASH_GetHashTypeByOidTag(hashOid);
-
- return (ht == HASH_AlgNULL) ? NULL : &SECHashObjects[ht];
-}
-
-/* returns zero for unknown hash OID */
-unsigned int
-HASH_ResultLenByOidTag(SECOidTag hashOid)
-{
- const SECHashObject * hashObject = HASH_GetHashObjectByOidTag(hashOid);
- unsigned int resultLen = 0;
-
- if (hashObject)
- resultLen = hashObject->length;
- return resultLen;
-}
-
-/* returns zero if hash type invalid. */
-unsigned int
-HASH_ResultLen(HASH_HashType type)
-{
- if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return(0);
- }
-
- return(SECHashObjects[type].length);
-}
-
-unsigned int
-HASH_ResultLenContext(HASHContext *context)
-{
- return(context->hashobj->length);
-}
-
-
-
-SECStatus
-HASH_HashBuf(HASH_HashType type,
- unsigned char *dest,
- unsigned char *src,
- uint32 src_len)
-{
- HASHContext *cx;
- unsigned int part;
-
- if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
- return(SECFailure);
- }
-
- cx = HASH_Create(type);
- if ( cx == NULL ) {
- return(SECFailure);
- }
- HASH_Begin(cx);
- HASH_Update(cx, src, src_len);
- HASH_End(cx, dest, &part, HASH_ResultLenContext(cx));
- HASH_Destroy(cx);
-
- return(SECSuccess);
-}
-
-HASHContext *
-HASH_Create(HASH_HashType type)
-{
- void *hash_context = NULL;
- HASHContext *ret = NULL;
-
- if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
- return(NULL);
- }
-
- hash_context = (* SECHashObjects[type].create)();
- if ( hash_context == NULL ) {
- goto loser;
- }
-
- ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->hash_context = hash_context;
- ret->hashobj = &SECHashObjects[type];
-
- return(ret);
-
-loser:
- if ( hash_context != NULL ) {
- (* SECHashObjects[type].destroy)(hash_context, PR_TRUE);
- }
-
- return(NULL);
-}
-
-
-HASHContext *
-HASH_Clone(HASHContext *context)
-{
- void *hash_context = NULL;
- HASHContext *ret = NULL;
-
- hash_context = (* context->hashobj->clone)(context->hash_context);
- if ( hash_context == NULL ) {
- goto loser;
- }
-
- ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->hash_context = hash_context;
- ret->hashobj = context->hashobj;
-
- return(ret);
-
-loser:
- if ( hash_context != NULL ) {
- (* context->hashobj->destroy)(hash_context, PR_TRUE);
- }
-
- return(NULL);
-
-}
-
-void
-HASH_Destroy(HASHContext *context)
-{
- (* context->hashobj->destroy)(context->hash_context, PR_TRUE);
- PORT_Free(context);
- return;
-}
-
-
-void
-HASH_Begin(HASHContext *context)
-{
- (* context->hashobj->begin)(context->hash_context);
- return;
-}
-
-
-void
-HASH_Update(HASHContext *context,
- const unsigned char *src,
- unsigned int len)
-{
- (* context->hashobj->update)(context->hash_context, src, len);
- return;
-}
-
-void
-HASH_End(HASHContext *context,
- unsigned char *result,
- unsigned int *result_len,
- unsigned int max_result_len)
-{
- (* context->hashobj->end)(context->hash_context, result, result_len,
- max_result_len);
- return;
-}
-
-
-
diff --git a/security/nss/lib/cryptohi/sechash.h b/security/nss/lib/cryptohi/sechash.h
deleted file mode 100644
index 6bcbd5144..000000000
--- a/security/nss/lib/cryptohi/sechash.h
+++ /dev/null
@@ -1,86 +0,0 @@
-#ifndef _HASH_H_
-#define _HASH_H_
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * hash.h - public data structures and prototypes for the hashing library
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "hasht.h"
-#include "secoidt.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Generic hash api.
-*/
-
-extern unsigned int HASH_ResultLen(HASH_HashType type);
-
-extern unsigned int HASH_ResultLenContext(HASHContext *context);
-
-extern unsigned int HASH_ResultLenByOidTag(SECOidTag hashOid);
-
-extern SECStatus HASH_HashBuf(HASH_HashType type,
- unsigned char *dest,
- unsigned char *src,
- uint32 src_len);
-
-extern HASHContext * HASH_Create(HASH_HashType type);
-
-extern HASHContext * HASH_Clone(HASHContext *context);
-
-extern void HASH_Destroy(HASHContext *context);
-
-extern void HASH_Begin(HASHContext *context);
-
-extern void HASH_Update(HASHContext *context,
- const unsigned char *src,
- unsigned int len);
-
-extern void HASH_End(HASHContext *context,
- unsigned char *result,
- unsigned int *result_len,
- unsigned int max_result_len);
-
-extern const SECHashObject * HASH_GetHashObject(HASH_HashType type);
-
-extern const SECHashObject * HASH_GetHashObjectByOidTag(SECOidTag hashOid);
-
-extern HASH_HashType HASH_GetHashTypeByOidTag(SECOidTag hashOid);
-
-SEC_END_PROTOS
-
-#endif /* _HASH_H_ */
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
deleted file mode 100644
index fa80fe344..000000000
--- a/security/nss/lib/cryptohi/seckey.c
+++ /dev/null
@@ -1,2304 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "secrng.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secdig.h"
-#include "prtime.h"
-#include "ec.h"
-
-const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSubjectPublicKeyInfo) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSubjectPublicKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSubjectPublicKeyInfo,subjectPublicKey), },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPublicKeyAndChallenge) },
- { SEC_ASN1_ANY, offsetof(CERTPublicKeyAndChallenge,spki) },
- { SEC_ASN1_IA5_STRING, offsetof(CERTPublicKeyAndChallenge,challenge) },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.rsa.modulus), },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.rsa.publicExponent), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dsa.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DHParamKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.prime), },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.base), },
- /* XXX chrisk: this needs to be expanded for decoding of j and validationParms (RFC2459 7.3.2) */
- { SEC_ASN1_SKIP_REST },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaParameterTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,prime), },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,subPrime), },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,base), },
- { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaDiffParameterTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYDiffPQGParams) },
- { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffKEAParams),
- SECKEY_FortezzaParameterTemplate},
- { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffDSAParams),
- SECKEY_FortezzaParameterTemplate},
- { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaPreParamTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(SECKEYPQGDualParams,CommParams),
- SECKEY_FortezzaParameterTemplate},
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaAltPreParamTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SECKEYPQGDualParams,DiffParams),
- SECKEY_FortezzaDiffParameterTemplate},
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.kea.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAParamsTemplate[] = {
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPublicKey,u.kea.params.hash), },
- { 0, }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SubjectPublicKeyInfoTemplate)
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type. This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-static void
-prepare_rsa_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
- pubk->u.rsa.modulus.type = siUnsignedInteger;
- pubk->u.rsa.publicExponent.type = siUnsignedInteger;
-}
-
-static void
-prepare_dsa_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
- pubk->u.dsa.publicValue.type = siUnsignedInteger;
-}
-
-static void
-prepare_pqg_params_for_asn1(SECKEYPQGParams *params)
-{
- params->prime.type = siUnsignedInteger;
- params->subPrime.type = siUnsignedInteger;
- params->base.type = siUnsignedInteger;
-}
-
-static void
-prepare_dh_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
- pubk->u.dh.prime.type = siUnsignedInteger;
- pubk->u.dh.base.type = siUnsignedInteger;
- pubk->u.dh.publicValue.type = siUnsignedInteger;
-}
-
-static void
-prepare_kea_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
- pubk->u.kea.publicValue.type = siUnsignedInteger;
-}
-
-/* Create an RSA key pair is any slot able to do so.
-** The created keys are "session" (temporary), not "token" (permanent),
-** and they are "sensitive", which makes them costly to move to another token.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateRSAPrivateKey(int keySizeInBits,SECKEYPublicKey **pubk, void *cx)
-{
- SECKEYPrivateKey *privk;
- PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN,cx);
- PK11RSAGenParams param;
-
- param.keySizeInBits = keySizeInBits;
- param.pe = 65537L;
-
- privk = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN,&param,pubk,
- PR_FALSE, PR_TRUE, cx);
- PK11_FreeSlot(slot);
- return(privk);
-}
-
-/* Create a DH key pair in any slot able to do so,
-** This is a "session" (temporary), not "token" (permanent) key.
-** Because of the high probability that this key will need to be moved to
-** another token, and the high cost of moving "sensitive" keys, we attempt
-** to create this key pair without the "sensitive" attribute, but revert to
-** creating a "sensitive" key if necessary.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx)
-{
- SECKEYPrivateKey *privk;
- PK11SlotInfo *slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx);
-
- privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param,
- pubk, PR_FALSE, PR_FALSE, cx);
- if (!privk)
- privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param,
- pubk, PR_FALSE, PR_TRUE, cx);
-
- PK11_FreeSlot(slot);
- return(privk);
-}
-
-/* Create an EC key pair in any slot able to do so,
-** This is a "session" (temporary), not "token" (permanent) key.
-** Because of the high probability that this key will need to be moved to
-** another token, and the high cost of moving "sensitive" keys, we attempt
-** to create this key pair without the "sensitive" attribute, but revert to
-** creating a "sensitive" key if necessary.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateECPrivateKey(SECKEYECParams *param, SECKEYPublicKey **pubk, void *cx)
-{
-#ifdef NSS_ENABLE_ECC
- SECKEYPrivateKey *privk;
- PK11SlotInfo *slot = PK11_GetBestSlot(CKM_EC_KEY_PAIR_GEN,cx);
-
- privk = PK11_GenerateKeyPair(slot, CKM_EC_KEY_PAIR_GEN, param,
- pubk, PR_FALSE, PR_FALSE, cx);
- if (!privk)
- privk = PK11_GenerateKeyPair(slot, CKM_EC_KEY_PAIR_GEN, param,
- pubk, PR_FALSE, PR_TRUE, cx);
-
- PK11_FreeSlot(slot);
- return(privk);
-#else
- return NULL;
-#endif /* NSS_ENABLE_ECC */
-}
-
-void
-SECKEY_DestroyPrivateKey(SECKEYPrivateKey *privk)
-{
- if (privk) {
- if (privk->pkcs11Slot) {
- if (privk->pkcs11IsTemp) {
- PK11_DestroyObject(privk->pkcs11Slot,privk->pkcs11ID);
- }
- PK11_FreeSlot(privk->pkcs11Slot);
-
- }
- if (privk->arena) {
- PORT_FreeArena(privk->arena, PR_TRUE);
- }
- }
-}
-
-void
-SECKEY_DestroyPublicKey(SECKEYPublicKey *pubk)
-{
- if (pubk) {
- if (pubk->pkcs11Slot) {
- if (!PK11_IsPermObject(pubk->pkcs11Slot,pubk->pkcs11ID)) {
- PK11_DestroyObject(pubk->pkcs11Slot,pubk->pkcs11ID);
- }
- PK11_FreeSlot(pubk->pkcs11Slot);
- }
- if (pubk->arena) {
- PORT_FreeArena(pubk->arena, PR_FALSE);
- }
- }
-}
-
-SECStatus
-SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *to,
- CERTSubjectPublicKeyInfo *from)
-{
- SECStatus rv;
-
- rv = SECOID_CopyAlgorithmID(arena, &to->algorithm, &from->algorithm);
- if (rv == SECSuccess)
- rv = SECITEM_CopyItem(arena, &to->subjectPublicKey, &from->subjectPublicKey);
-
- return rv;
-}
-
-SECStatus
-SECKEY_KEASetParams(SECKEYKEAParams * params, SECKEYPublicKey * pubKey) {
-
- if (pubKey->keyType == fortezzaKey) {
- /* the key is a fortezza V1 public key */
-
- /* obtain hash of pubkey->u.fortezza.params.prime.data +
- pubkey->u.fortezza.params.subPrime.data +
- pubkey->u.fortezza.params.base.data */
-
- /* store hash in params->hash */
-
- } else if (pubKey->keyType == keaKey) {
-
- /* the key is a new fortezza KEA public key. */
- SECITEM_CopyItem(pubKey->arena, &params->hash,
- &pubKey->u.kea.params.hash );
-
- } else {
-
- /* the key has no KEA parameters */
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-SECStatus
-SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2)
-{
-
- SECStatus rv;
-
- SECKEYPublicKey *pubKey1 = 0;
- SECKEYPublicKey *pubKey2 = 0;
-
- SECKEYKEAParams params1;
- SECKEYKEAParams params2;
-
-
- rv = SECFailure;
-
- /* get cert1's public key */
- pubKey1 = CERT_ExtractPublicKey(cert1);
- if ( !pubKey1 ) {
- return(SECFailure);
- }
-
-
- /* get cert2's public key */
- pubKey2 = CERT_ExtractPublicKey(cert2);
- if ( !pubKey2 ) {
- return(SECFailure);
- }
-
- /* handle the case when both public keys are new
- * fortezza KEA public keys. */
-
- if ((pubKey1->keyType == keaKey) &&
- (pubKey2->keyType == keaKey) ) {
-
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.kea.params.hash,
- &pubKey2->u.kea.params.hash);
- goto done;
- }
-
- /* handle the case when both public keys are old fortezza
- * public keys. */
-
- if ((pubKey1->keyType == fortezzaKey) &&
- (pubKey2->keyType == fortezzaKey) ) {
-
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.prime,
- &pubKey2->u.fortezza.keaParams.prime);
-
- if (rv == SECEqual) {
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.subPrime,
- &pubKey2->u.fortezza.keaParams.subPrime);
- }
-
- if (rv == SECEqual) {
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.base,
- &pubKey2->u.fortezza.keaParams.base);
- }
-
- goto done;
- }
-
-
- /* handle the case when the public keys are a mixture of
- * old and new. */
-
- rv = SECKEY_KEASetParams(&params1, pubKey1);
- if (rv != SECSuccess) return rv;
-
- rv = SECKEY_KEASetParams(&params2, pubKey2);
- if (rv != SECSuccess) return rv;
-
- rv = (SECStatus)SECITEM_CompareItem(&params1.hash, &params2.hash);
-
-done:
- SECKEY_DestroyPublicKey(pubKey1);
- SECKEY_DestroyPublicKey(pubKey2);
-
- return rv; /* returns SECEqual if parameters are equal */
-
-}
-
-
-/* Procedure to update the pqg parameters for a cert's public key.
- * pqg parameters only need to be updated for DSA and fortezza certificates.
- * The procedure uses calls to itself recursively to update a certificate
- * issuer's pqg parameters. Some important rules are:
- * - Do nothing if the cert already has PQG parameters.
- * - If the cert does not have PQG parameters, obtain them from the issuer.
- * - A valid cert chain cannot have a DSA or Fortezza cert without
- * pqg parameters that has a parent that is not a DSA or Fortezza cert.
- * - pqg paramters are stored in two different formats: the standard
- * DER encoded format and the fortezza-only wrapped format. The params
- * should be copied from issuer to subject cert without modifying the
- * formats. The public key extraction code will deal with the different
- * formats at the time of extraction. */
-
-SECStatus
-seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count)
-{
- SECStatus rv, rvCompare;
- SECOidData *oid=NULL;
- int tag;
- CERTSubjectPublicKeyInfo * subjectSpki=NULL;
- CERTSubjectPublicKeyInfo * issuerSpki=NULL;
- CERTCertificate *issuerCert = NULL;
-
- rv = SECSuccess;
-
- /* increment cert chain length counter*/
- count++;
-
- /* check if cert chain length exceeds the maximum length*/
- if (count > CERT_MAX_CERT_CHAIN) {
- return SECFailure;
- }
-
- oid = SECOID_FindOID(&subjectCert->subjectPublicKeyInfo.algorithm.algorithm);
- if (oid != NULL) {
- tag = oid->offset;
-
- /* Check if cert has a DSA or Fortezza public key. If not, return
- * success since no PQG params need to be updated. */
-
- if ( (tag != SEC_OID_MISSI_KEA_DSS_OLD) &&
- (tag != SEC_OID_MISSI_DSS_OLD) &&
- (tag != SEC_OID_MISSI_KEA_DSS) &&
- (tag != SEC_OID_MISSI_DSS) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_SDN702_DSA_SIGNATURE) &&
- (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY) ) {
-
- return SECSuccess;
- }
- } else {
- return SECFailure; /* return failure if oid is NULL */
- }
-
- /* if cert has PQG parameters, return success */
-
- subjectSpki=&subjectCert->subjectPublicKeyInfo;
-
- if (subjectSpki->algorithm.parameters.len != 0) {
- return SECSuccess;
- }
-
- /* check if the cert is self-signed */
- rvCompare = (SECStatus)SECITEM_CompareItem(&subjectCert->derSubject,
- &subjectCert->derIssuer);
- if (rvCompare == SECEqual) {
- /* fail since cert is self-signed and has no pqg params. */
- return SECFailure;
- }
-
- /* get issuer cert */
- issuerCert = CERT_FindCertIssuer(subjectCert, PR_Now(), certUsageAnyCA);
- if ( ! issuerCert ) {
- return SECFailure;
- }
-
- /* if parent is not DSA or fortezza, return failure since
- we don't allow this case. */
-
- oid = SECOID_FindOID(&issuerCert->subjectPublicKeyInfo.algorithm.algorithm);
- if (oid != NULL) {
- tag = oid->offset;
-
- /* Check if issuer cert has a DSA or Fortezza public key. If not,
- * return failure. */
-
- if ( (tag != SEC_OID_MISSI_KEA_DSS_OLD) &&
- (tag != SEC_OID_MISSI_DSS_OLD) &&
- (tag != SEC_OID_MISSI_KEA_DSS) &&
- (tag != SEC_OID_MISSI_DSS) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_SDN702_DSA_SIGNATURE) &&
- (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY) ) {
- return SECFailure;
- }
- } else {
- return SECFailure; /* return failure if oid is NULL */
- }
-
-
- /* at this point the subject cert has no pqg parameters and the
- * issuer cert has a DSA or fortezza public key. Update the issuer's
- * pqg parameters with a recursive call to this same function. */
-
- rv = seckey_UpdateCertPQGChain(issuerCert, count);
- if (rv != SECSuccess) return rv;
-
- /* ensure issuer has pqg parameters */
-
- issuerSpki=&issuerCert->subjectPublicKeyInfo;
- if (issuerSpki->algorithm.parameters.len == 0) {
- rv = SECFailure;
- }
-
- /* if update was successful and pqg params present, then copy the
- * parameters to the subject cert's key. */
-
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem(subjectCert->arena,
- &subjectSpki->algorithm.parameters,
- &issuerSpki->algorithm.parameters);
- }
-
- return rv;
-
-}
-
-
-SECStatus
-SECKEY_UpdateCertPQG(CERTCertificate * subjectCert)
-{
- return(seckey_UpdateCertPQGChain(subjectCert,0));
-}
-
-
-/* Decode the PQG parameters. The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the standard DER encoded format. Store the decoded parameters in an
- * old fortezza cert data structure */
-
-SECStatus
-SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
- SECItem *params) {
- SECStatus rv;
- SECKEYPQGDualParams dual_params;
-
- if (params == NULL) return SECFailure;
-
- if (params->data == NULL) return SECFailure;
-
- /* Check if params use the standard format.
- * The value 0xa1 will appear in the first byte of the parameter data
- * if the PQG parameters are not using the standard format. This
- * code should be changed to use a better method to detect non-standard
- * parameters. */
-
- if ((params->data[0] != 0xa1) &&
- (params->data[0] != 0xa0)) {
-
- /* PQG params are in the standard format */
-
- /* Store DSA PQG parameters */
- prepare_pqg_params_for_asn1(&pubk->u.fortezza.params);
- rv = SEC_ASN1DecodeItem(arena, &pubk->u.fortezza.params,
- SECKEY_PQGParamsTemplate,
- params);
-
- if (rv == SECSuccess) {
-
- /* Copy the DSA PQG parameters to the KEA PQG parameters. */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.params.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.params.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.params.base);
- if (rv != SECSuccess) return rv;
- }
-
- } else {
-
- dual_params.CommParams.prime.len = 0;
- dual_params.CommParams.subPrime.len = 0;
- dual_params.CommParams.base.len = 0;
- dual_params.DiffParams.DiffDSAParams.prime.len = 0;
- dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
- dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
- /* else the old fortezza-only wrapped format is used. */
-
- if (params->data[0] == 0xa1) {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaPreParamTemplate, params);
- } else {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaAltPreParamTemplate, params);
- }
-
- if (rv < 0) return rv;
-
- if ( (dual_params.CommParams.prime.len > 0) &&
- (dual_params.CommParams.subPrime.len > 0) &&
- (dual_params.CommParams.base.len > 0) ) {
- /* copy in common params */
-
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
- &dual_params.CommParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
- &dual_params.CommParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
- &dual_params.CommParams.base);
-
- /* Copy the DSA PQG parameters to the KEA PQG parameters. */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.params.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.params.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.params.base);
- if (rv != SECSuccess) return rv;
-
- } else {
-
- /* else copy in different params */
-
- /* copy DSA PQG parameters */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
- &dual_params.DiffParams.DiffDSAParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
- &dual_params.DiffParams.DiffDSAParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
- &dual_params.DiffParams.DiffDSAParams.base);
-
- /* copy KEA PQG parameters */
-
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &dual_params.DiffParams.DiffKEAParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &dual_params.DiffParams.DiffKEAParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &dual_params.DiffParams.DiffKEAParams.base);
- }
-
- }
- return rv;
-}
-
-
-/* Decode the DSA PQG parameters. The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the normal standard format. Store the decoded parameters in
- * a V3 certificate data structure. */
-
-SECStatus
-SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
- SECStatus rv;
- SECKEYPQGDualParams dual_params;
-
- if (params == NULL) return SECFailure;
-
- if (params->data == NULL) return SECFailure;
-
- /* Check if params use the standard format.
- * The value 0xa1 will appear in the first byte of the parameter data
- * if the PQG parameters are not using the standard format. This
- * code should be changed to use a better method to detect non-standard
- * parameters. */
-
- if ((params->data[0] != 0xa1) &&
- (params->data[0] != 0xa0)) {
-
- /* PQG params are in the standard format */
- prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
- rv = SEC_ASN1DecodeItem(arena, &pubk->u.dsa.params,
- SECKEY_PQGParamsTemplate,
- params);
- } else {
-
- dual_params.CommParams.prime.len = 0;
- dual_params.CommParams.subPrime.len = 0;
- dual_params.CommParams.base.len = 0;
- dual_params.DiffParams.DiffDSAParams.prime.len = 0;
- dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
- dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
- /* else the old fortezza-only wrapped format is used. */
- if (params->data[0] == 0xa1) {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaPreParamTemplate, params);
- } else {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaAltPreParamTemplate, params);
- }
-
- if (rv < 0) return rv;
-
- if ( (dual_params.CommParams.prime.len > 0) &&
- (dual_params.CommParams.subPrime.len > 0) &&
- (dual_params.CommParams.base.len > 0) ) {
- /* copy in common params */
-
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &dual_params.CommParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &dual_params.CommParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &dual_params.CommParams.base);
-
- } else {
-
- /* else copy in different params */
-
- /* copy DSA PQG parameters */
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &dual_params.DiffParams.DiffDSAParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &dual_params.DiffParams.DiffDSAParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &dual_params.DiffParams.DiffDSAParams.base);
-
- }
- }
- return rv;
-}
-
-
-
-/* Decodes the DER encoded fortezza public key and stores the results in a
- * structure of type SECKEYPublicKey. */
-
-SECStatus
-SECKEY_FortezzaDecodeCertKey(PRArenaPool *arena, SECKEYPublicKey *pubk,
- SECItem *rawkey, SECItem *params) {
-
- unsigned char *rawptr = rawkey->data;
- unsigned char *end = rawkey->data + rawkey->len;
- unsigned char *clearptr;
-
- /* first march down and decode the raw key data */
-
- /* version */
- pubk->u.fortezza.KEAversion = *rawptr++;
- if (*rawptr++ != 0x01) {
- return SECFailure;
- }
-
- /* KMID */
- PORT_Memcpy(pubk->u.fortezza.KMID,rawptr,
- sizeof(pubk->u.fortezza.KMID));
- rawptr += sizeof(pubk->u.fortezza.KMID);
-
- /* clearance (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
-
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.clearance.len = rawptr - clearptr;
- pubk->u.fortezza.clearance.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.clearance.len);
- if (pubk->u.fortezza.clearance.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.clearance.data,clearptr,
- pubk->u.fortezza.clearance.len);
-
- /* KEAPrivilege (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.KEApriviledge.len = rawptr - clearptr;
- pubk->u.fortezza.KEApriviledge.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEApriviledge.len);
- if (pubk->u.fortezza.KEApriviledge.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.KEApriviledge.data,clearptr,
- pubk->u.fortezza.KEApriviledge.len);
-
-
- /* now copy the key. The next to bytes are the key length, and the
- * key follows */
- pubk->u.fortezza.KEAKey.len = (*rawptr << 8) | rawptr[1];
-
- rawptr += 2;
- if (rawptr+pubk->u.fortezza.KEAKey.len > end) { return SECFailure; }
- pubk->u.fortezza.KEAKey.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEAKey.len);
- if (pubk->u.fortezza.KEAKey.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.KEAKey.data,rawptr,
- pubk->u.fortezza.KEAKey.len);
- rawptr += pubk->u.fortezza.KEAKey.len;
-
- /* shared key */
- if (rawptr >= end) {
- pubk->u.fortezza.DSSKey.len = pubk->u.fortezza.KEAKey.len;
- /* this depends on the fact that we are going to get freed with an
- * ArenaFree call. We cannot free DSSKey and KEAKey separately */
- pubk->u.fortezza.DSSKey.data=
- pubk->u.fortezza.KEAKey.data;
- pubk->u.fortezza.DSSpriviledge.len =
- pubk->u.fortezza.KEApriviledge.len;
- pubk->u.fortezza.DSSpriviledge.data =
- pubk->u.fortezza.DSSpriviledge.data;
- goto done;
- }
-
-
- /* DSS Version is next */
- pubk->u.fortezza.DSSversion = *rawptr++;
-
- if (*rawptr++ != 2) {
- return SECFailure;
- }
-
- /* DSSPrivilege (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.DSSpriviledge.len = rawptr - clearptr;
- pubk->u.fortezza.DSSpriviledge.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSpriviledge.len);
- if (pubk->u.fortezza.DSSpriviledge.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.DSSpriviledge.data,clearptr,
- pubk->u.fortezza.DSSpriviledge.len);
-
- /* finally copy the DSS key. The next to bytes are the key length,
- * and the key follows */
- pubk->u.fortezza.DSSKey.len = (*rawptr << 8) | rawptr[1];
-
- rawptr += 2;
- if (rawptr+pubk->u.fortezza.DSSKey.len > end){ return SECFailure; }
- pubk->u.fortezza.DSSKey.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSKey.len);
- if (pubk->u.fortezza.DSSKey.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.DSSKey.data,rawptr,
- pubk->u.fortezza.DSSKey.len);
-
- /* ok, now we decode the parameters */
-done:
-
- return SECKEY_FortezzaDecodePQGtoOld(arena, pubk, params);
-}
-
-
-/* Function used to determine what kind of cert we are dealing with. */
-KeyType
-CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki) {
- int tag;
- KeyType keyType;
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- switch (tag) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keyType = rsaKey;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- keyType = dsaKey;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- keyType = fortezzaKey;
- break;
- case SEC_OID_MISSI_KEA:
- case SEC_OID_MISSI_ALT_KEA:
- keyType = keaKey;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- keyType = dhKey;
- break;
- case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
- keyType = ecKey;
- break;
- default:
- keyType = nullKey;
- }
- return keyType;
-}
-
-#ifdef NSS_ENABLE_ECC
-static int
-seckey_supportedECParams(SECItem *encodedParams)
-{
- SECOidTag tag;
- SECItem oid = { siBuffer, NULL, 0};
-
- /* We do not currently support explicit DER encoding of curve
- * parameters. Make sure the encoding takes the form of
- * an object identifier (this is how named curves are encoded).
- */
- if (encodedParams->data[0] != SEC_ASN1_OBJECT_ID) return 0;
-
- /* The encodedParams data contains 0x06 (SEC_ASN1_OBJECT_ID),
- * followed by the length of the curve oid and the curve oid.
- */
- oid.len = encodedParams->data[1];
- oid.data = encodedParams->data + 2;
- tag = SECOID_FindOIDTag(&oid);
-
- return (((tag >= SEC_OID_ANSIX962_EC_PRIME192V1) &&
- (tag <= SEC_OID_ANSIX962_EC_PRIME256V1)) ||
- ((tag >= SEC_OID_SECG_EC_SECP112R1) &&
- (tag <= SEC_OID_SECG_EC_SECP521R1)) ||
- ((tag >= SEC_OID_ANSIX962_EC_C2PNB163V1) &&
- (tag <= SEC_OID_ANSIX962_EC_C2TNB431R1)) ||
- ((tag >= SEC_OID_SECG_EC_SECT113R1) &&
- (tag <= SEC_OID_SECG_EC_SECT571R1)));
-}
-
-static int
-seckey_supportedECPointForm(SECItem *ecPoint)
-{
- /* For now, we only support uncompressed points */
- return (ecPoint->data[0] == EC_POINT_FORM_UNCOMPRESSED);
-}
-#endif /* NSS_ENABLE_ECC */
-
-static SECKEYPublicKey *
-seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
-{
- SECKEYPublicKey *pubk;
- SECItem os, newOs, newParms;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag tag;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- pubk->arena = arena;
- pubk->pkcs11Slot = 0;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
-
-
- /* Convert bit string length from bits to bytes */
- os = spki->subjectPublicKey;
- DER_ConvertBitString (&os);
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newOs, &os);
- if ( rv == SECSuccess )
- switch ( tag ) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- pubk->keyType = rsaKey;
- prepare_rsa_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, &newOs);
- if (rv == SECSuccess)
- return pubk;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_SDN702_DSA_SIGNATURE:
- pubk->keyType = dsaKey;
- prepare_dsa_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &newOs);
- if (rv != SECSuccess) break;
-
- rv = SECKEY_DSADecodePQG(arena, pubk,
- &spki->algorithm.parameters);
-
- if (rv == SECSuccess) return pubk;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- pubk->keyType = dhKey;
- prepare_dh_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &newOs);
- if (rv != SECSuccess) break;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newParms, &spki->algorithm.parameters);
- if ( rv != SECSuccess )
- break;
-
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHParamKeyTemplate,
- &newParms);
-
- if (rv == SECSuccess) return pubk;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- pubk->keyType = fortezzaKey;
- rv = SECKEY_FortezzaDecodeCertKey(arena, pubk, &newOs,
- &spki->algorithm.parameters);
- if (rv == SECSuccess)
- return pubk;
- break;
-
- case SEC_OID_MISSI_KEA:
- pubk->keyType = keaKey;
-
- prepare_kea_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk,
- SECKEY_KEAPublicKeyTemplate, &newOs);
- if (rv != SECSuccess) break;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newParms, &spki->algorithm.parameters);
- if ( rv != SECSuccess )
- break;
-
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
- &newParms);
-
- if (rv == SECSuccess)
- return pubk;
-
- break;
-
- case SEC_OID_MISSI_ALT_KEA:
- pubk->keyType = keaKey;
-
- rv = SECITEM_CopyItem(arena,&pubk->u.kea.publicValue,&newOs);
- if (rv != SECSuccess) break;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newParms, &spki->algorithm.parameters);
- if ( rv != SECSuccess )
- break;
-
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
- &newParms);
-
- if (rv == SECSuccess)
- return pubk;
-
- break;
-
-#ifdef NSS_ENABLE_ECC
- case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
- pubk->keyType = ecKey;
- pubk->u.ec.size = 0;
-#if 0
- /* If we uncomment these checks, ssl3con.c produces an "SSL
- * was unable to extract the public key from the peer's
- * certificate" error upon encountering an EC certificate with
- * an unsupported curve or point form. It isn't clear that we
- * should be triggering this error because the EC key was
- * *successfully extracted* even though we can't use
- * it. Commenting these checks delays detection of unsupported
- * curves to a later point in the handshake (e.g. when a
- * client attempts to generate a key pair before sending the
- * ClientKeyExchange message).
- */
- if (!seckey_supportedECParams(&spki->algorithm.parameters)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
- rv = SECFailure;
- break;
- }
-
- if (!seckey_supportedECPointForm(&newOs)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM);
- rv = SECFailure;
- break;
- }
-#endif
-
- /* Since PKCS#11 directly takes the DER encoding of EC params
- * and public value, we don't need any decoding here.
- */
- rv = SECITEM_CopyItem(arena, &pubk->u.ec.DEREncodedParams,
- &spki->algorithm.parameters);
- if ( rv != SECSuccess )
- break;
- rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, &newOs);
- if (rv == SECSuccess) return pubk;
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- rv = SECFailure;
- break;
- }
-
- SECKEY_DestroyPublicKey (pubk);
- return NULL;
-}
-
-
-/* required for JSS */
-SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
-{
- return seckey_ExtractPublicKey(spki);
-}
-
-SECKEYPublicKey *
-CERT_ExtractPublicKey(CERTCertificate *cert)
-{
- SECStatus rv;
-
- rv = SECKEY_UpdateCertPQG(cert);
- if (rv != SECSuccess) return NULL;
-
- return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
-}
-
-/*
- * Get the public key for the fortezza KMID. NOTE this requires the
- * PQG paramters to be set. We probably should have a fortezza call that
- * just extracts the kmid for us directly so this function can work
- * without having the whole cert chain
- */
-SECKEYPublicKey *
-CERT_KMIDPublicKey(CERTCertificate *cert)
-{
- return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
-}
-
-#ifdef NSS_ENABLE_ECC
-static int
-seckey_ECParams2KeySize(SECItem *encodedParams)
-{
- SECOidTag tag;
- SECItem oid = { siBuffer, NULL, 0};
-
- /* The encodedParams data contains 0x06 (SEC_ASN1_OBJECT_ID),
- * followed by the length of the curve oid and the curve oid.
- */
- oid.len = encodedParams->data[1];
- oid.data = encodedParams->data + 2;
- if ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)
- return 0;
-
- switch (tag) {
- case SEC_OID_SECG_EC_SECP112R1:
- case SEC_OID_SECG_EC_SECP112R2:
- return 112;
-
- case SEC_OID_SECG_EC_SECT113R1:
- case SEC_OID_SECG_EC_SECT113R2:
- return 113;
-
- case SEC_OID_SECG_EC_SECP128R1:
- case SEC_OID_SECG_EC_SECP128R2:
- return 128;
-
- case SEC_OID_SECG_EC_SECT131R1:
- case SEC_OID_SECG_EC_SECT131R2:
- return 131;
-
- case SEC_OID_SECG_EC_SECP160K1:
- case SEC_OID_SECG_EC_SECP160R1:
- case SEC_OID_SECG_EC_SECP160R2:
- return 160;
-
- case SEC_OID_SECG_EC_SECT163K1:
- case SEC_OID_SECG_EC_SECT163R1:
- case SEC_OID_SECG_EC_SECT163R2:
- case SEC_OID_ANSIX962_EC_C2PNB163V1:
- case SEC_OID_ANSIX962_EC_C2PNB163V2:
- case SEC_OID_ANSIX962_EC_C2PNB163V3:
- return 163;
-
- case SEC_OID_ANSIX962_EC_C2PNB176V1:
- return 176;
-
- case SEC_OID_ANSIX962_EC_C2TNB191V1:
- case SEC_OID_ANSIX962_EC_C2TNB191V2:
- case SEC_OID_ANSIX962_EC_C2TNB191V3:
- case SEC_OID_ANSIX962_EC_C2ONB191V4:
- case SEC_OID_ANSIX962_EC_C2ONB191V5:
- return 191;
-
- case SEC_OID_SECG_EC_SECP192K1:
- case SEC_OID_ANSIX962_EC_PRIME192V1:
- case SEC_OID_ANSIX962_EC_PRIME192V2:
- case SEC_OID_ANSIX962_EC_PRIME192V3:
- return 192;
-
- case SEC_OID_SECG_EC_SECT193R1:
- case SEC_OID_SECG_EC_SECT193R2:
- return 193;
-
- case SEC_OID_ANSIX962_EC_C2PNB208W1:
- return 208;
-
- case SEC_OID_SECG_EC_SECP224K1:
- case SEC_OID_SECG_EC_SECP224R1:
- return 224;
-
- case SEC_OID_SECG_EC_SECT233K1:
- case SEC_OID_SECG_EC_SECT233R1:
- return 233;
-
- case SEC_OID_SECG_EC_SECT239K1:
- case SEC_OID_ANSIX962_EC_C2TNB239V1:
- case SEC_OID_ANSIX962_EC_C2TNB239V2:
- case SEC_OID_ANSIX962_EC_C2TNB239V3:
- case SEC_OID_ANSIX962_EC_C2ONB239V4:
- case SEC_OID_ANSIX962_EC_C2ONB239V5:
- case SEC_OID_ANSIX962_EC_PRIME239V1:
- case SEC_OID_ANSIX962_EC_PRIME239V2:
- case SEC_OID_ANSIX962_EC_PRIME239V3:
- return 239;
-
- case SEC_OID_SECG_EC_SECP256K1:
- case SEC_OID_ANSIX962_EC_PRIME256V1:
- return 256;
-
- case SEC_OID_ANSIX962_EC_C2PNB272W1:
- return 272;
-
- case SEC_OID_SECG_EC_SECT283K1:
- case SEC_OID_SECG_EC_SECT283R1:
- return 283;
-
- case SEC_OID_ANSIX962_EC_C2PNB304W1:
- return 304;
-
- case SEC_OID_ANSIX962_EC_C2TNB359V1:
- return 359;
-
- case SEC_OID_ANSIX962_EC_C2PNB368W1:
- return 368;
-
- case SEC_OID_SECG_EC_SECP384R1:
- return 384;
-
- case SEC_OID_SECG_EC_SECT409K1:
- case SEC_OID_SECG_EC_SECT409R1:
- return 409;
-
- case SEC_OID_ANSIX962_EC_C2TNB431R1:
- return 431;
-
- case SEC_OID_SECG_EC_SECP521R1:
- return 521;
-
- case SEC_OID_SECG_EC_SECT571K1:
- case SEC_OID_SECG_EC_SECT571R1:
- return 571;
-
- default:
- return 0;
- }
-}
-#endif /* NSS_ENABLE_ECC */
-
-/* returns key strength in bytes (not bits) */
-unsigned
-SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk)
-{
- unsigned char b0;
-
- /* interpret modulus length as key strength... in
- * fortezza that's the public key length */
-
- switch (pubk->keyType) {
- case rsaKey:
- b0 = pubk->u.rsa.modulus.data[0];
- return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
- case dsaKey:
- b0 = pubk->u.dsa.publicValue.data[0];
- return b0 ? pubk->u.dsa.publicValue.len :
- pubk->u.dsa.publicValue.len - 1;
- case dhKey:
- b0 = pubk->u.dh.publicValue.data[0];
- return b0 ? pubk->u.dh.publicValue.len :
- pubk->u.dh.publicValue.len - 1;
- case fortezzaKey:
- return PR_MAX(pubk->u.fortezza.KEAKey.len, pubk->u.fortezza.DSSKey.len);
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- /* Get the key size in bits and adjust */
- if (pubk->u.ec.size == 0) {
- pubk->u.ec.size =
- seckey_ECParams2KeySize(&pubk->u.ec.DEREncodedParams);
- }
- return (pubk->u.ec.size + 7)/8;
-#endif /* NSS_ENABLE_ECC */
- default:
- break;
- }
- return 0;
-}
-
-/* returns key strength in bits */
-unsigned
-SECKEY_PublicKeyStrengthInBits(SECKEYPublicKey *pubk)
-{
- switch (pubk->keyType) {
- case rsaKey:
- case dsaKey:
- case dhKey:
- case fortezzaKey:
- return SECKEY_PublicKeyStrength(pubk) * 8; /* 1 byte = 8 bits */
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- if (pubk->u.ec.size == 0) {
- pubk->u.ec.size =
- seckey_ECParams2KeySize(&pubk->u.ec.DEREncodedParams);
- }
- return pubk->u.ec.size;
-#endif /* NSS_ENABLE_ECC */
- default:
- break;
- }
- return 0;
-}
-
-SECKEYPrivateKey *
-SECKEY_CopyPrivateKey(SECKEYPrivateKey *privk)
-{
- SECKEYPrivateKey *copyk;
- PRArenaPool *arena;
-
- if (privk == NULL) {
- return NULL;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- copyk = (SECKEYPrivateKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPrivateKey));
- if (copyk) {
- copyk->arena = arena;
- copyk->keyType = privk->keyType;
-
- /* copy the PKCS #11 parameters */
- copyk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot);
- /* if the key we're referencing was a temparary key we have just
- * created, that we want to go away when we're through, we need
- * to make a copy of it */
- if (privk->pkcs11IsTemp) {
- copyk->pkcs11ID =
- PK11_CopyKey(privk->pkcs11Slot,privk->pkcs11ID);
- if (copyk->pkcs11ID == CK_INVALID_HANDLE) goto fail;
- } else {
- copyk->pkcs11ID = privk->pkcs11ID;
- }
- copyk->pkcs11IsTemp = privk->pkcs11IsTemp;
- copyk->wincx = privk->wincx;
- return copyk;
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
-
-fail:
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-SECKEYPublicKey *
-SECKEY_CopyPublicKey(SECKEYPublicKey *pubk)
-{
- SECKEYPublicKey *copyk;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- copyk = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey));
- if (copyk != NULL) {
- SECStatus rv = SECSuccess;
-
- copyk->arena = arena;
- copyk->keyType = pubk->keyType;
- if (pubk->pkcs11Slot &&
- PK11_IsPermObject(pubk->pkcs11Slot,pubk->pkcs11ID)) {
- copyk->pkcs11Slot = PK11_ReferenceSlot(pubk->pkcs11Slot);
- copyk->pkcs11ID = pubk->pkcs11ID;
- } else {
- copyk->pkcs11Slot = NULL; /* go get own reference */
- copyk->pkcs11ID = CK_INVALID_HANDLE;
- }
- switch (pubk->keyType) {
- case rsaKey:
- rv = SECITEM_CopyItem(arena, &copyk->u.rsa.modulus,
- &pubk->u.rsa.modulus);
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem (arena, &copyk->u.rsa.publicExponent,
- &pubk->u.rsa.publicExponent);
- if (rv == SECSuccess)
- return copyk;
- }
- break;
- case dsaKey:
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.publicValue,
- &pubk->u.dsa.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.prime,
- &pubk->u.dsa.params.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.subPrime,
- &pubk->u.dsa.params.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.base,
- &pubk->u.dsa.params.base);
- break;
- case keaKey:
- rv = SECITEM_CopyItem(arena, &copyk->u.kea.publicValue,
- &pubk->u.kea.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.kea.params.hash,
- &pubk->u.kea.params.hash);
- break;
- case fortezzaKey:
- copyk->u.fortezza.KEAversion = pubk->u.fortezza.KEAversion;
- copyk->u.fortezza.DSSversion = pubk->u.fortezza.DSSversion;
- PORT_Memcpy(copyk->u.fortezza.KMID, pubk->u.fortezza.KMID,
- sizeof(pubk->u.fortezza.KMID));
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.clearance,
- &pubk->u.fortezza.clearance);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.KEApriviledge,
- &pubk->u.fortezza.KEApriviledge);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.DSSpriviledge,
- &pubk->u.fortezza.DSSpriviledge);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.KEAKey,
- &pubk->u.fortezza.KEAKey);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.DSSKey,
- &pubk->u.fortezza.DSSKey);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.prime,
- &pubk->u.fortezza.params.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.subPrime,
- &pubk->u.fortezza.params.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.base,
- &pubk->u.fortezza.params.base);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.keaParams.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.keaParams.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.keaParams.base);
- break;
- case dhKey:
- rv = SECITEM_CopyItem(arena,&copyk->u.dh.prime,&pubk->u.dh.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena,&copyk->u.dh.base,&pubk->u.dh.base);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dh.publicValue,
- &pubk->u.dh.publicValue);
- break;
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- copyk->u.ec.size = pubk->u.ec.size;
- rv = SECITEM_CopyItem(arena,&copyk->u.ec.DEREncodedParams,
- &pubk->u.ec.DEREncodedParams);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena,&copyk->u.ec.publicValue,
- &pubk->u.ec.publicValue);
- break;
-#endif /* NSS_ENABLE_ECC */
- case nullKey:
- return copyk;
- default:
- rv = SECFailure;
- break;
- }
- if (rv == SECSuccess)
- return copyk;
-
- SECKEY_DestroyPublicKey (copyk);
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-
-SECKEYPublicKey *
-SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk)
-{
- SECKEYPublicKey *pubk;
- PRArenaPool *arena;
- CERTCertificate *cert;
- SECStatus rv;
-
- /*
- * First try to look up the cert.
- */
- cert = PK11_GetCertFromPrivateKey(privk);
- if (cert) {
- pubk = CERT_ExtractPublicKey(cert);
- CERT_DestroyCertificate(cert);
- return pubk;
- }
-
- /* couldn't find the cert, build pub key by hand */
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- pubk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof (SECKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- pubk->keyType = privk->keyType;
- pubk->pkcs11Slot = NULL;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
- pubk->arena = arena;
-
- /*
- * fortezza is at the head of this switch, since we don't want to
- * allocate an arena... CERT_ExtractPublicKey will to that for us.
- */
- switch(privk->keyType) {
- case fortezzaKey:
- case nullKey:
- case dhKey:
- case dsaKey:
- /* Nothing to query, if the cert isn't there, we're done -- no way
- * to get the public key */
- break;
- case rsaKey:
- rv = PK11_ReadAttribute(privk->pkcs11Slot,privk->pkcs11ID,
- CKA_MODULUS,arena,&pubk->u.rsa.modulus);
- if (rv != SECSuccess) break;
- rv = PK11_ReadAttribute(privk->pkcs11Slot,privk->pkcs11ID,
- CKA_PUBLIC_EXPONENT,arena,&pubk->u.rsa.publicExponent);
- if (rv != SECSuccess) break;
- return pubk;
- break;
- default:
- break;
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-CERTSubjectPublicKeyInfo *
-SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *pubk)
-{
- CERTSubjectPublicKeyInfo *spki;
- PRArenaPool *arena;
- SECItem params = { siBuffer, NULL, 0 };
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- spki = (CERTSubjectPublicKeyInfo *) PORT_ArenaZAlloc(arena, sizeof (*spki));
- if (spki != NULL) {
- SECStatus rv;
- SECItem *rv_item;
-
- spki->arena = arena;
- switch(pubk->keyType) {
- case rsaKey:
- rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
- SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
- if (rv == SECSuccess) {
- /*
- * DER encode the public key into the subjectPublicKeyInfo.
- */
- prepare_rsa_pub_key_for_asn1(pubk);
- rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
- pubk, SECKEY_RSAPublicKeyTemplate);
- if (rv_item != NULL) {
- /*
- * The stored value is supposed to be a BIT_STRING,
- * so convert the length.
- */
- spki->subjectPublicKey.len <<= 3;
- /*
- * We got a good one; return it.
- */
- return spki;
- }
- }
- break;
- case dsaKey:
- /* DER encode the params. */
- prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
- rv_item = SEC_ASN1EncodeItem(arena, &params, &pubk->u.dsa.params,
- SECKEY_PQGParamsTemplate);
- if (rv_item != NULL) {
- rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
- SEC_OID_ANSIX9_DSA_SIGNATURE,
- &params);
- if (rv == SECSuccess) {
- /*
- * DER encode the public key into the subjectPublicKeyInfo.
- */
- prepare_dsa_pub_key_for_asn1(pubk);
- rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
- pubk,
- SECKEY_DSAPublicKeyTemplate);
- if (rv_item != NULL) {
- /*
- * The stored value is supposed to be a BIT_STRING,
- * so convert the length.
- */
- spki->subjectPublicKey.len <<= 3;
- /*
- * We got a good one; return it.
- */
- return spki;
- }
- }
- }
- SECITEM_FreeItem(&params, PR_FALSE);
- break;
- case keaKey:
- case dhKey: /* later... */
-
- break;
- case fortezzaKey:
-#ifdef notdef
- /* encode the DSS parameters (PQG) */
- rv = FortezzaBuildParams(&params,pubk);
- if (rv != SECSuccess) break;
-
- /* set the algorithm */
- rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
- SEC_OID_MISSI_KEA_DSS, &params);
- PORT_Free(params.data);
- if (rv == SECSuccess) {
- /*
- * Encode the public key into the subjectPublicKeyInfo.
- * Fortezza key material is not standard DER
- */
- rv = FortezzaEncodeCertKey(arena,&spki->subjectPublicKey,pubk);
- if (rv == SECSuccess) {
- /*
- * The stored value is supposed to be a BIT_STRING,
- * so convert the length.
- */
- spki->subjectPublicKey.len <<= 3;
-
- /*
- * We got a good one; return it.
- */
- return spki;
- }
- }
-#endif
- break;
- default:
- break;
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-void
-SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki)
-{
- if (spki && spki->arena) {
- PORT_FreeArena(spki->arena, PR_FALSE);
- }
-}
-
-/*
- * this only works for RSA keys... need to do something
- * similiar to CERT_ExtractPublicKey for other key times.
- */
-SECKEYPublicKey *
-SECKEY_DecodeDERPublicKey(SECItem *pubkder)
-{
- PRArenaPool *arena;
- SECKEYPublicKey *pubk;
- SECStatus rv;
- SECItem newPubkder;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey));
- if (pubk != NULL) {
- pubk->arena = arena;
- pubk->pkcs11Slot = NULL;
- pubk->pkcs11ID = 0;
- prepare_rsa_pub_key_for_asn1(pubk);
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newPubkder, pubkder);
- if ( rv == SECSuccess ) {
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate,
- &newPubkder);
- }
- if (rv == SECSuccess)
- return pubk;
- SECKEY_DestroyPublicKey (pubk);
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded public key.
- */
-SECKEYPublicKey *
-SECKEY_ConvertAndDecodePublicKey(char *pubkstr)
-{
- SECKEYPublicKey *pubk;
- SECStatus rv;
- SECItem der;
-
- rv = ATOB_ConvertAsciiToItem (&der, pubkstr);
- if (rv != SECSuccess)
- return NULL;
-
- pubk = SECKEY_DecodeDERPublicKey (&der);
-
- PORT_Free (der.data);
- return pubk;
-}
-
-SECItem *
-SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk)
-{
- CERTSubjectPublicKeyInfo *spki=NULL;
- SECItem *spkiDER=NULL;
-
- /* get the subjectpublickeyinfo */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if( spki == NULL ) {
- goto finish;
- }
-
- /* DER-encode the subjectpublickeyinfo */
- spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL/*dest*/, spki,
- CERT_SubjectPublicKeyInfoTemplate);
-finish:
- if (spki!=NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- return spkiDER;
-}
-
-
-CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider)
-{
- PRArenaPool *arena;
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
- SECItem newSpkider;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- spki = (CERTSubjectPublicKeyInfo *)
- PORT_ArenaZAlloc(arena, sizeof (CERTSubjectPublicKeyInfo));
- if (spki != NULL) {
- spki->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newSpkider, spkider);
- if ( rv == SECSuccess ) {
- rv = SEC_QuickDERDecodeItem(arena,spki,
- CERT_SubjectPublicKeyInfoTemplate, &newSpkider);
- }
- if (rv == SECSuccess)
- return spki;
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded subject public key info.
- */
-CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr)
-{
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
- SECItem der;
-
- rv = ATOB_ConvertAsciiToItem(&der, spkistr);
- if (rv != SECSuccess)
- return NULL;
-
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
-
- PORT_Free(der.data);
- return spki;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded public key and challenge
- * Verify digital signature and make sure challenge matches
- */
-CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
- void *wincx)
-{
- CERTSubjectPublicKeyInfo *spki = NULL;
- CERTPublicKeyAndChallenge pkac;
- SECStatus rv;
- SECItem signedItem;
- PRArenaPool *arena = NULL;
- CERTSignedData sd;
- SECItem sig;
- SECKEYPublicKey *pubKey = NULL;
- unsigned int len;
-
- signedItem.data = NULL;
-
- /* convert the base64 encoded data to binary */
- rv = ATOB_ConvertAsciiToItem(&signedItem, pkacstr);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* create an arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
-
- /* decode the outer wrapping of signed data */
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, &signedItem );
- if ( rv ) {
- goto loser;
- }
-
- /* decode the public key and challenge wrapper */
- PORT_Memset(&pkac, 0, sizeof(CERTPublicKeyAndChallenge));
- rv = SEC_QuickDERDecodeItem(arena, &pkac, CERT_PublicKeyAndChallengeTemplate,
- &sd.data);
- if ( rv ) {
- goto loser;
- }
-
- /* decode the subject public key info */
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&pkac.spki);
- if ( spki == NULL ) {
- goto loser;
- }
-
- /* get the public key */
- pubKey = seckey_ExtractPublicKey(spki);
- if ( pubKey == NULL ) {
- goto loser;
- }
-
- /* check the signature */
- sig = sd.signature;
- DER_ConvertBitString(&sig);
- rv = VFY_VerifyData(sd.data.data, sd.data.len, pubKey, &sig,
- SECOID_GetAlgorithmTag(&(sd.signatureAlgorithm)), wincx);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* check the challenge */
- if ( challenge ) {
- len = PORT_Strlen(challenge);
- /* length is right */
- if ( len != pkac.challenge.len ) {
- goto loser;
- }
- /* actual data is right */
- if ( PORT_Memcmp(challenge, pkac.challenge.data, len) != 0 ) {
- goto loser;
- }
- }
- goto done;
-
-loser:
- /* make sure that we return null if we got an error */
- if ( spki ) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- spki = NULL;
-
-done:
- if ( signedItem.data ) {
- PORT_Free(signedItem.data);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if ( pubKey ) {
- SECKEY_DestroyPublicKey(pubKey);
- }
-
- return spki;
-}
-
-void
-SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk,
- PRBool freeit)
-{
- PRArenaPool *poolp;
-
- if(pvk != NULL) {
- if(pvk->arena) {
- poolp = pvk->arena;
- /* zero structure since PORT_FreeArena does not support
- * this yet.
- */
- PORT_Memset(pvk->privateKey.data, 0, pvk->privateKey.len);
- PORT_Memset((char *)pvk, 0, sizeof(*pvk));
- if(freeit == PR_TRUE) {
- PORT_FreeArena(poolp, PR_TRUE);
- } else {
- pvk->arena = poolp;
- }
- } else {
- SECITEM_ZfreeItem(&pvk->version, PR_FALSE);
- SECITEM_ZfreeItem(&pvk->privateKey, PR_FALSE);
- SECOID_DestroyAlgorithmID(&pvk->algorithm, PR_FALSE);
- PORT_Memset((char *)pvk, 0, sizeof(pvk));
- if(freeit == PR_TRUE) {
- PORT_Free(pvk);
- }
- }
- }
-}
-
-void
-SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
- PRBool freeit)
-{
- PRArenaPool *poolp;
-
- if(epki != NULL) {
- if(epki->arena) {
- poolp = epki->arena;
- /* zero structure since PORT_FreeArena does not support
- * this yet.
- */
- PORT_Memset(epki->encryptedData.data, 0, epki->encryptedData.len);
- PORT_Memset((char *)epki, 0, sizeof(*epki));
- if(freeit == PR_TRUE) {
- PORT_FreeArena(poolp, PR_TRUE);
- } else {
- epki->arena = poolp;
- }
- } else {
- SECITEM_ZfreeItem(&epki->encryptedData, PR_FALSE);
- SECOID_DestroyAlgorithmID(&epki->algorithm, PR_FALSE);
- PORT_Memset((char *)epki, 0, sizeof(epki));
- if(freeit == PR_TRUE) {
- PORT_Free(epki);
- }
- }
- }
-}
-
-SECStatus
-SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYPrivateKeyInfo *to,
- SECKEYPrivateKeyInfo *from)
-{
- SECStatus rv = SECFailure;
-
- if((to == NULL) || (from == NULL)) {
- return SECFailure;
- }
-
- rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
- if(rv != SECSuccess) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &to->privateKey, &from->privateKey);
- if(rv != SECSuccess) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &to->version, &from->version);
-
- return rv;
-}
-
-SECStatus
-SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYEncryptedPrivateKeyInfo *to,
- SECKEYEncryptedPrivateKeyInfo *from)
-{
- SECStatus rv = SECFailure;
-
- if((to == NULL) || (from == NULL)) {
- return SECFailure;
- }
-
- rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
- if(rv != SECSuccess) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &to->encryptedData, &from->encryptedData);
-
- return rv;
-}
-
-KeyType
-SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey)
-{
- return privKey->keyType;
-}
-
-KeyType
-SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey)
-{
- return pubKey->keyType;
-}
-
-SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type)
-{
- SECKEYPublicKey *pubk = NULL;
- SECStatus rv = SECFailure;
- SECItem newDerKey;
-
- if (!derKey) {
- return NULL;
- }
-
- pubk = PORT_ZNew(SECKEYPublicKey);
- if(pubk == NULL) {
- goto finish;
- }
- pubk->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (NULL == pubk->arena) {
- goto finish;
- }
- rv = SECITEM_CopyItem(pubk->arena, &newDerKey, derKey);
- if (SECSuccess != rv) {
- goto finish;
- }
-
- pubk->pkcs11Slot = NULL;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
-
- switch( type ) {
- case CKK_RSA:
- prepare_rsa_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(pubk->arena, pubk, SECKEY_RSAPublicKeyTemplate, &newDerKey);
- pubk->keyType = rsaKey;
- break;
- case CKK_DSA:
- prepare_dsa_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(pubk->arena, pubk, SECKEY_DSAPublicKeyTemplate, &newDerKey);
- pubk->keyType = dsaKey;
- break;
- case CKK_DH:
- prepare_dh_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(pubk->arena, pubk, SECKEY_DHPublicKeyTemplate, &newDerKey);
- pubk->keyType = dhKey;
- break;
- default:
- rv = SECFailure;
- break;
- }
-
-finish:
- if( rv != SECSuccess && pubk != NULL) {
- if (pubk->arena) {
- PORT_FreeArena(pubk->arena, PR_TRUE);
- }
- PORT_Free(pubk);
- pubk = NULL;
- }
- return pubk;
-}
-
-SECKEYPrivateKeyList*
-SECKEY_NewPrivateKeyList(void)
-{
- PRArenaPool *arena = NULL;
- SECKEYPrivateKeyList *ret = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- ret = (SECKEYPrivateKeyList *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYPrivateKeyList));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->arena = arena;
-
- PR_INIT_CLIST(&ret->list);
-
- return(ret);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys)
-{
- while( !PR_CLIST_IS_EMPTY(&keys->list) ) {
- SECKEY_RemovePrivateKeyListNode(
- (SECKEYPrivateKeyListNode*)(PR_LIST_HEAD(&keys->list)) );
- }
-
- PORT_FreeArena(keys->arena, PR_FALSE);
-
- return;
-}
-
-
-void
-SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node)
-{
- PR_ASSERT(node->key);
- SECKEY_DestroyPrivateKey(node->key);
- node->key = NULL;
- PR_REMOVE_LINK(&node->links);
- return;
-
-}
-
-SECStatus
-SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
- SECKEYPrivateKey *key)
-{
- SECKEYPrivateKeyListNode *node;
-
- node = (SECKEYPrivateKeyListNode *)PORT_ArenaZAlloc(list->arena,
- sizeof(SECKEYPrivateKeyListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &list->list);
- node->key = key;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-
-SECKEYPublicKeyList*
-SECKEY_NewPublicKeyList(void)
-{
- PRArenaPool *arena = NULL;
- SECKEYPublicKeyList *ret = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- ret = (SECKEYPublicKeyList *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYPublicKeyList));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->arena = arena;
-
- PR_INIT_CLIST(&ret->list);
-
- return(ret);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys)
-{
- while( !PR_CLIST_IS_EMPTY(&keys->list) ) {
- SECKEY_RemovePublicKeyListNode(
- (SECKEYPublicKeyListNode*)(PR_LIST_HEAD(&keys->list)) );
- }
-
- PORT_FreeArena(keys->arena, PR_FALSE);
-
- return;
-}
-
-
-void
-SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node)
-{
- PR_ASSERT(node->key);
- SECKEY_DestroyPublicKey(node->key);
- node->key = NULL;
- PR_REMOVE_LINK(&node->links);
- return;
-
-}
-
-SECStatus
-SECKEY_AddPublicKeyToListTail( SECKEYPublicKeyList *list,
- SECKEYPublicKey *key)
-{
- SECKEYPublicKeyListNode *node;
-
- node = (SECKEYPublicKeyListNode *)PORT_ArenaZAlloc(list->arena,
- sizeof(SECKEYPublicKeyListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &list->list);
- node->key = key;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c
deleted file mode 100644
index fa7738a3a..000000000
--- a/security/nss/lib/cryptohi/secsign.c
+++ /dev/null
@@ -1,507 +0,0 @@
-/*
- * Signature stuff.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include "cryptohi.h"
-#include "sechash.h"
-#include "secder.h"
-#include "keyhi.h"
-#include "secoid.h"
-#include "secdig.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-struct SGNContextStr {
- SECOidTag signalg;
- SECOidTag hashalg;
- void *hashcx;
- const SECHashObject *hashobj;
- SECKEYPrivateKey *key;
-};
-
-SGNContext *
-SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *key)
-{
- SGNContext *cx;
- SECOidTag hashalg, signalg;
- KeyType keyType;
-
- /* OK, map a PKCS #7 hash and encrypt algorithm into
- * a standard hashing algorithm. Why did we pass in the whole
- * PKCS #7 algTag if we were just going to change here you might
- * ask. Well the answer is for some cards we may have to do the
- * hashing on card. It may not support CKM_RSA_PKCS sign algorithm,
- * it may just support CKM_RSA_PKCS_WITH_SHA1 and/or CKM_RSA_PKCS_WITH_MD5.
- */
- switch (alg) {
- /* We probably shouldn't be generating MD2 signatures either */
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_MD2;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_MD5;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
- hashalg = SEC_OID_SHA1;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
-
- case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_SHA256;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_SHA384;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_SHA512;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
-
- /* what about normal DSA? */
- case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- hashalg = SEC_OID_SHA1;
- signalg = SEC_OID_ANSIX9_DSA_SIGNATURE;
- keyType = dsaKey;
- break;
- case SEC_OID_MISSI_DSS:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_DSS_OLD:
- hashalg = SEC_OID_SHA1;
- signalg = SEC_OID_MISSI_DSS; /* XXX Is there a better algid? */
- keyType = fortezzaKey;
- break;
- /* we don't implement MD4 hashes.
- * we *CERTAINLY* don't want to sign one! */
- case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return 0;
- }
-
- /* verify our key type */
- if (key->keyType != keyType &&
- !((key->keyType == dsaKey) && (keyType == fortezzaKey)) &&
- !((key->keyType == fortezzaKey) && (keyType == dsaKey)) ) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return 0;
- }
-
- cx = (SGNContext*) PORT_ZAlloc(sizeof(SGNContext));
- if (cx) {
- cx->hashalg = hashalg;
- cx->signalg = signalg;
- cx->key = key;
- }
- return cx;
-}
-
-void
-SGN_DestroyContext(SGNContext *cx, PRBool freeit)
-{
- if (cx) {
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
- if (freeit) {
- PORT_ZFree(cx, sizeof(SGNContext));
- }
- }
-}
-
-SECStatus
-SGN_Begin(SGNContext *cx)
-{
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
-
- cx->hashobj = HASH_GetHashObjectByOidTag(cx->hashalg);
- if (!cx->hashobj)
- return SECFailure; /* error code is already set */
-
- cx->hashcx = (*cx->hashobj->create)();
- if (cx->hashcx == NULL)
- return SECFailure;
-
- (*cx->hashobj->begin)(cx->hashcx);
- return SECSuccess;
-}
-
-SECStatus
-SGN_Update(SGNContext *cx, unsigned char *input, unsigned inputLen)
-{
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->update)(cx->hashcx, input, inputLen);
- return SECSuccess;
-}
-
-SECStatus
-SGN_End(SGNContext *cx, SECItem *result)
-{
- unsigned char digest[32];
- unsigned part1, signatureLen;
- SECStatus rv;
- SECItem digder, sigitem;
- PRArenaPool *arena = 0;
- SECKEYPrivateKey *privKey = cx->key;
- SGNDigestInfo *di = 0;
-
-
- result->data = 0;
- digder.data = 0;
-
- /* Finish up digest function */
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->end)(cx->hashcx, digest, &part1, sizeof(digest));
-
-
- if (privKey->keyType == rsaKey) {
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Construct digest info */
- di = SGN_CreateDigestInfo(cx->hashalg, digest, part1);
- if (!di) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Der encode the digest as a DigestInfo */
- rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- digder.data = digest;
- digder.len = part1;
- }
-
- /*
- ** Encrypt signature after constructing appropriate PKCS#1 signature
- ** block
- */
- signatureLen = PK11_SignatureLen(privKey);
- sigitem.len = signatureLen;
- sigitem.data = (unsigned char*) PORT_Alloc(signatureLen);
-
- if (sigitem.data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_Sign(privKey, &sigitem, &digder);
- if (rv != SECSuccess) {
- PORT_Free(sigitem.data);
- sigitem.data = NULL;
- goto loser;
- }
-
- if (cx->signalg == SEC_OID_ANSIX9_DSA_SIGNATURE) {
- rv = DSAU_EncodeDerSig(result, &sigitem);
- PORT_Free(sigitem.data);
- if (rv != SECSuccess)
- goto loser;
- } else {
- result->len = sigitem.len;
- result->data = sigitem.data;
- }
-
- loser:
- SGN_DestroyDigestInfo(di);
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Sign a block of data returning in result a bunch of bytes that are the
-** signature. Returns zero on success, an error code on failure.
-*/
-SECStatus
-SEC_SignData(SECItem *res, unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algid)
-{
- SECStatus rv;
- SGNContext *sgn;
-
-
- sgn = SGN_NewContext(algid, pk);
-
- if (sgn == NULL)
- return SECFailure;
-
- rv = SGN_Begin(sgn);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SGN_Update(sgn, buf, len);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SGN_End(sgn, res);
-
- loser:
- SGN_DestroyContext(sgn, PR_TRUE);
- return rv;
-}
-
-/*
-** Sign the input file's contents returning in result a bunch of bytes
-** that are the signature. Returns zero on success, an error code on
-** failure.
-*/
-SECStatus
-SEC_SignFile(SECItem *result, FILE *input,
- SECKEYPrivateKey *pk, SECOidTag algid)
-{
- unsigned char buf[1024];
- SECStatus rv;
- int nb;
- SGNContext *sgn;
-
- sgn = SGN_NewContext(algid, pk);
- if (sgn == NULL)
- return SECFailure;
- rv = SGN_Begin(sgn);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- ** Now feed the contents of the input file into the digest
- ** algorithm, one chunk at a time, until we have exhausted the
- ** input
- */
- for (;;) {
- if (feof(input)) break;
- nb = fread(buf, 1, sizeof(buf), input);
- if (nb == 0) {
- if (ferror(input)) {
- PORT_SetError(SEC_ERROR_IO);
- rv = SECFailure;
- goto loser;
- }
- break;
- }
- rv = SGN_Update(sgn, buf, nb);
- if (rv != SECSuccess)
- goto loser;
- }
-
- /* Sign the digest */
- rv = SGN_End(sgn, result);
- /* FALL THROUGH */
-
- loser:
- SGN_DestroyContext(sgn, PR_TRUE);
- return rv;
-}
-
-/************************************************************************/
-
-DERTemplate CERTSignedDataTemplate[] =
-{
- { DER_SEQUENCE,
- 0, NULL, sizeof(CERTSignedData) },
- { DER_ANY,
- offsetof(CERTSignedData,data), },
- { DER_INLINE,
- offsetof(CERTSignedData,signatureAlgorithm),
- SECAlgorithmIDTemplate, },
- { DER_BIT_STRING,
- offsetof(CERTSignedData,signature), },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_SignedDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedData) },
- { SEC_ASN1_ANY,
- offsetof(CERTSignedData,data), },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedData,signatureAlgorithm),
- SECOID_AlgorithmIDTemplate, },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedData,signature), },
- { 0, }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedDataTemplate)
-
-
-SECStatus
-SEC_DerSignData(PRArenaPool *arena, SECItem *result,
- unsigned char *buf, int len, SECKEYPrivateKey *pk, SECOidTag algID)
-{
- SECItem it;
- CERTSignedData sd;
- SECStatus rv;
-
- it.data = 0;
-
- /* XXX We should probably have some asserts here to make sure the key type
- * and algID match
- */
-
- if (algID == SEC_OID_UNKNOWN) {
- switch(pk->keyType) {
- case rsaKey:
- algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- return SECFailure;
- break;
- }
- }
-
- /* Sign input buffer */
- rv = SEC_SignData(&it, buf, len, pk, algID);
- if (rv) goto loser;
-
- /* Fill out SignedData object */
- PORT_Memset(&sd, 0, sizeof(sd));
- sd.data.data = buf;
- sd.data.len = len;
- sd.signature.data = it.data;
- sd.signature.len = it.len << 3; /* convert to bit string */
- rv = SECOID_SetAlgorithmID(arena, &sd.signatureAlgorithm, algID, 0);
- if (rv) goto loser;
-
- /* DER encode the signed data object */
- rv = DER_Encode(arena, result, CERTSignedDataTemplate, &sd);
- /* FALL THROUGH */
-
- loser:
- PORT_Free(it.data);
- return rv;
-}
-
-SECStatus
-SGN_Digest(SECKEYPrivateKey *privKey,
- SECOidTag algtag, SECItem *result, SECItem *digest)
-{
- unsigned modulusLen;
- SECStatus rv;
- SECItem digder;
- PRArenaPool *arena = 0;
- SGNDigestInfo *di = 0;
-
-
- result->data = 0;
-
- if (privKey->keyType == rsaKey) {
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Construct digest info */
- di = SGN_CreateDigestInfo(algtag, digest->data, digest->len);
- if (!di) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Der encode the digest as a DigestInfo */
- rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- digder.data = digest->data;
- digder.len = digest->len;
- }
-
- /*
- ** Encrypt signature after constructing appropriate PKCS#1 signature
- ** block
- */
- modulusLen = PK11_SignatureLen(privKey);
- result->len = modulusLen;
- result->data = (unsigned char*) PORT_Alloc(modulusLen);
-
- if (result->data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_Sign(privKey, result, &digder);
- if (rv != SECSuccess) {
- PORT_Free(result->data);
- result->data = NULL;
- }
-
- loser:
- SGN_DestroyDigestInfo(di);
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c
deleted file mode 100644
index acfbd810b..000000000
--- a/security/nss/lib/cryptohi/secvfy.c
+++ /dev/null
@@ -1,590 +0,0 @@
-/*
- * Verification stuff.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include "cryptohi.h"
-#include "sechash.h"
-#include "keyhi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secdig.h"
-#include "secerr.h"
-
-/*
-** Decrypt signature block using public key (in place)
-** XXX this is assuming that the signature algorithm has WITH_RSA_ENCRYPTION
-*/
-static SECStatus
-DecryptSigBlock(int *tagp, unsigned char *digest, SECKEYPublicKey *key,
- SECItem *sig, char *wincx)
-{
- SGNDigestInfo *di = NULL;
- unsigned char *dsig = NULL;
- unsigned char *buf = NULL;
- SECStatus rv;
- SECOidTag tag;
- SECItem it;
-
- if (key == NULL) goto loser;
-
- it.len = SECKEY_PublicKeyStrength(key);
- if (!it.len) goto loser;
- it.data = buf = (unsigned char *)PORT_Alloc(it.len);
- if (!buf) goto loser;
-
- /* Decrypt signature block */
- dsig = (unsigned char*) PORT_Alloc(sig->len);
- if (dsig == NULL) goto loser;
-
- /* decrypt the block */
- rv = PK11_VerifyRecover(key, sig, &it, wincx);
- if (rv != SECSuccess) goto loser;
-
- di = SGN_DecodeDigestInfo(&it);
- if (di == NULL) goto sigloser;
-
- /*
- ** Finally we have the digest info; now we can extract the algorithm
- ** ID and the signature block
- */
- tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm);
- /* XXX Check that tag is an appropriate algorithm? */
- if (di->digest.len > 32) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- goto loser;
- }
- PORT_Memcpy(digest, di->digest.data, di->digest.len);
- *tagp = tag;
- goto done;
-
- sigloser:
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-
- loser:
- rv = SECFailure;
-
- done:
- if (di != NULL) SGN_DestroyDigestInfo(di);
- if (dsig != NULL) PORT_Free(dsig);
- if (buf != NULL) PORT_Free(buf);
-
- return rv;
-}
-
-typedef enum { VFY_RSA, VFY_DSA, VFY_ECDSA } VerifyType;
-
-struct VFYContextStr {
- SECOidTag alg;
- VerifyType type;
- SECKEYPublicKey *key;
- /* digest holds the full dsa signature... 40 bytes */
- unsigned char digest[DSA_SIGNATURE_LEN];
- void * wincx;
- void *hashcx;
- const SECHashObject *hashobj;
- SECOidTag sigAlg;
- PRBool hasSignature;
- unsigned char ecdsadigest[2 * MAX_ECKEY_LEN];
-};
-
-/*
- * decode the DSA signature from it's DER wrapping.
- */
-static SECStatus
-decodeDSASignature(SECOidTag algid, SECItem *sig, unsigned char *digest) {
- SECItem *dsasig = NULL;
- SECStatus rv=SECSuccess;
-
- /* if this is a DER encoded signature, decode it first */
- if ((algid == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
- (algid == SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
- (algid == SEC_OID_ANSIX9_DSA_SIGNATURE)) {
- dsasig = DSAU_DecodeDerSig(sig);
- if ((dsasig == NULL) || (dsasig->len != DSA_SIGNATURE_LEN)) {
- rv = SECFailure;
- goto loser;
- }
- PORT_Memcpy(digest, dsasig->data, dsasig->len);
- } else {
- if (sig->len != DSA_SIGNATURE_LEN) {
- rv = SECFailure;
- goto loser;
- }
- PORT_Memcpy(digest, sig->data, sig->len);
- }
-
-loser:
- if (dsasig != NULL)
- SECITEM_FreeItem(dsasig, PR_TRUE);
- return rv;
-
-}
-/*
- * Pulls the hash algorithm, signing algorithm, and key type out of a
- * composite algorithm.
- *
- * alg: the composite algorithm to dissect.
- * hashalg: address of a SECOidTag which will be set with the hash algorithm.
- * signalg: address of a SECOidTag which will be set with the signing alg.
- * keyType: address of a KeyType which will be set with the key type.
- * Returns: SECSuccess if the algorithm was acceptable, SECFailure if the
- * algorithm was not found or was not a signing algorithm.
- */
-static SECStatus
-decodeSigAlg(SECOidTag alg, SECOidTag *hashalg)
-{
- PR_ASSERT(hashalg!=NULL);
-
- switch (alg) {
- /* We probably shouldn't be generating MD2 signatures either */
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_MD2;
- break;
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_MD5;
- break;
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
- *hashalg = SEC_OID_SHA1;
- break;
-
- case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_SHA256;
- break;
- case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_SHA384;
- break;
- case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_SHA512;
- break;
-
- /* what about normal DSA? */
- case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- *hashalg = SEC_OID_SHA1;
- break;
- case SEC_OID_MISSI_DSS:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_DSS_OLD:
- *hashalg = SEC_OID_SHA1;
- break;
- /* we don't implement MD4 hashes */
- case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-#ifdef NSS_ENABLE_ECC
-/*
- * decode the ECDSA signature from it's DER wrapping.
- */
-static SECStatus
-decodeECDSASignature(SECOidTag algid, SECItem *sig,
- unsigned char *digest, int len)
-{
- SECStatus rv=SECSuccess;
-
- if (len > MAX_ECKEY_LEN * 2) {
- rv = SECFailure;
- goto loser;
- }
-
- /* if this is a DER encoded signature, decode it first */
- if (algid == SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST) {
- /* XXX Use a better decoder */
- if ((sig->len < len + 6) ||
- (sig->data[0] != 0x30) || /* must start with a SEQUENCE */
- (sig->data[1] != sig->len - 2) ||
- (sig->data[2] != 0x02) || /* 1st INTEGER, r */
- (sig->data[3] < len/2) ||
- (sig->data[4 + sig->data[3]] != 0x02) || /* 2nd INTEGER, s */
- (sig->data[5 + sig->data[3]] < len/2)) {
- rv = SECFailure;
- goto loser;
- }
-
- PORT_Memcpy(digest, sig->data + 4 + (sig->data[3]-len/2), len/2);
- PORT_Memcpy(digest + len/2, sig->data + sig->len - len/2, len/2);
- } else {
- if (sig->len != len) {
- rv = SECFailure;
- goto loser;
- }
- PORT_Memcpy(digest, sig->data, sig->len);
- }
-
-loser:
- if (rv == SECFailure) PORT_SetError(SEC_ERROR_BAD_DER);
- return rv;
-}
-#endif /* NSS_ENABLE_ECC */
-
-VFYContext *
-VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig, SECOidTag algid,
- void *wincx)
-{
- VFYContext *cx;
- SECStatus rv;
-#ifdef NSS_ENABLE_ECC
- int sigLen;
-#endif /* NSS_ENABLE_ECC */
-
- cx = (VFYContext*) PORT_ZAlloc(sizeof(VFYContext));
- if (cx) {
- cx->wincx = wincx;
- cx->hasSignature = (sig != NULL);
- cx->sigAlg = algid;
- rv = SECSuccess;
- switch (key->keyType) {
- case rsaKey:
- cx->type = VFY_RSA;
- cx->key = SECKEY_CopyPublicKey(key); /* extra safety precautions */
- if (sig) {
- int hashid;
- rv = DecryptSigBlock(&hashid, &cx->digest[0],
- key, sig, (char*)wincx);
- cx->alg = hashid;
- } else {
- rv = decodeSigAlg(algid,&cx->alg);
- }
- break;
- case fortezzaKey:
- case dsaKey:
- cx->type = VFY_DSA;
- cx->alg = SEC_OID_SHA1;
- cx->key = SECKEY_CopyPublicKey(key);
- if (sig) {
- rv = decodeDSASignature(algid,sig,&cx->digest[0]);
- }
- break;
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- cx->type = VFY_ECDSA;
- cx->alg = SEC_OID_SHA1;
- cx->key = SECKEY_CopyPublicKey(key);
- /* Unlike DSA, EDSA does not have a fixed signature length
- * (it depends on the key size)
- */
- sigLen = SECKEY_PublicKeyStrength(key) * 2;
- if (sig) {
- rv = decodeECDSASignature(algid,sig,&cx->ecdsadigest[0],
- sigLen);
- }
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- rv = SECFailure;
- break;
- }
- if (rv) goto loser;
- switch (cx->alg) {
- case SEC_OID_MD2:
- case SEC_OID_MD5:
- case SEC_OID_SHA1:
- case SEC_OID_SHA256:
- case SEC_OID_SHA384:
- case SEC_OID_SHA512:
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- goto loser;
- }
- }
- return cx;
-
- loser:
- VFY_DestroyContext(cx, PR_TRUE);
- return 0;
-}
-
-void
-VFY_DestroyContext(VFYContext *cx, PRBool freeit)
-{
- if (cx) {
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
- if (cx->key) {
- SECKEY_DestroyPublicKey(cx->key);
- }
- if (freeit) {
- PORT_ZFree(cx, sizeof(VFYContext));
- }
- }
-}
-
-SECStatus
-VFY_Begin(VFYContext *cx)
-{
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
-
- cx->hashobj = HASH_GetHashObjectByOidTag(cx->alg);
- if (!cx->hashobj)
- return SECFailure; /* error code is set */
-
- cx->hashcx = (*cx->hashobj->create)();
- if (cx->hashcx == NULL)
- return SECFailure;
-
- (*cx->hashobj->begin)(cx->hashcx);
- return SECSuccess;
-}
-
-SECStatus
-VFY_Update(VFYContext *cx, unsigned char *input, unsigned inputLen)
-{
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->update)(cx->hashcx, input, inputLen);
- return SECSuccess;
-}
-
-SECStatus
-VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
-{
- unsigned char final[32];
- unsigned part;
- SECItem hash,dsasig;
- SECStatus rv;
-#ifdef NSS_ENABLE_ECC
- SECItem ecdsasig;
-#endif /* NSS_ENABLE_ECC */
-
- if ((cx->hasSignature == PR_FALSE) && (sig == NULL)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->end)(cx->hashcx, final, &part, sizeof(final));
- switch (cx->type) {
- case VFY_DSA:
- if (sig) {
- rv = decodeDSASignature(cx->sigAlg,sig,&cx->digest[0]);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- }
- dsasig.data = cx->digest;
- dsasig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
- hash.data = final;
- hash.len = part;
- if (PK11_Verify(cx->key,&dsasig,&hash,cx->wincx) != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- break;
- case VFY_RSA:
- if (sig) {
- int hashid;
- rv = DecryptSigBlock(&hashid, &cx->digest[0],
- cx->key, sig, (char*)cx->wincx);
- if ((rv != SECSuccess) || (hashid != cx->alg)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- }
- if (PORT_Memcmp(final, cx->digest, part)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- break;
-
-#ifdef NSS_ENABLE_ECC
- case VFY_ECDSA:
- if (sig) {
- rv = decodeECDSASignature(cx->sigAlg,sig,&cx->ecdsadigest[0],
- SECKEY_PublicKeyStrength(cx->key) * 2);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- }
- ecdsasig.data = cx->ecdsadigest;
- ecdsasig.len = SECKEY_PublicKeyStrength(cx->key) * 2;
- hash.data = final;
- hash.len = part;
- if (PK11_Verify(cx->key,&ecdsasig,&hash,cx->wincx) != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure; /* shouldn't happen */
- }
- return SECSuccess;
-}
-
-SECStatus
-VFY_End(VFYContext *cx)
-{
- return VFY_EndWithSignature(cx,NULL);
-}
-
-/************************************************************************/
-/*
- * Verify that a previously-computed digest matches a signature.
- * XXX This should take a parameter that specifies the digest algorithm,
- * and we should compare that the algorithm found in the DigestInfo
- * matches it!
- */
-SECStatus
-VFY_VerifyDigest(SECItem *digest, SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx)
-{
- SECStatus rv;
- VFYContext *cx;
- SECItem dsasig;
-
- rv = SECFailure;
-
- cx = VFY_CreateContext(key, sig, algid, wincx);
- if (cx != NULL) {
- switch (key->keyType) {
- case rsaKey:
- if (PORT_Memcmp(digest->data, cx->digest, digest->len)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- } else {
- rv = SECSuccess;
- }
- break;
- case fortezzaKey:
- case dsaKey:
- dsasig.data = &cx->digest[0];
- dsasig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
- if (PK11_Verify(cx->key, &dsasig, digest, cx->wincx) != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- } else {
- rv = SECSuccess;
- }
- break;
- default:
- break;
- }
- VFY_DestroyContext(cx, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-VFY_VerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
- SECItem *sig, SECOidTag algid, void *wincx)
-{
- SECStatus rv;
- VFYContext *cx;
-
- cx = VFY_CreateContext(key, sig, algid, wincx);
- if (cx == NULL)
- return SECFailure;
-
- rv = VFY_Begin(cx);
- if (rv == SECSuccess) {
- rv = VFY_Update(cx, buf, len);
- if (rv == SECSuccess)
- rv = VFY_End(cx);
- }
-
- VFY_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SEC_VerifyFile(FILE *input, SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx)
-{
- unsigned char buf[1024];
- SECStatus rv;
- int nb;
- VFYContext *cx;
-
- cx = VFY_CreateContext(key, sig, algid, wincx);
- if (cx == NULL)
- rv = SECFailure;
-
- rv = VFY_Begin(cx);
- if (rv == SECSuccess) {
- /*
- * Now feed the contents of the input file into the digest algorithm,
- * one chunk at a time, until we have exhausted the input.
- */
- for (;;) {
- if (feof(input))
- break;
- nb = fread(buf, 1, sizeof(buf), input);
- if (nb == 0) {
- if (ferror(input)) {
- PORT_SetError(SEC_ERROR_IO);
- VFY_DestroyContext(cx, PR_TRUE);
- return SECFailure;
- }
- break;
- }
- rv = VFY_Update(cx, buf, nb);
- if (rv != SECSuccess)
- goto loser;
- }
- }
-
- /* Verify the digest */
- rv = VFY_End(cx);
- /* FALL THROUGH */
-
- loser:
- VFY_DestroyContext(cx, PR_TRUE);
- return rv;
-}
diff --git a/security/nss/lib/dev/Makefile b/security/nss/lib/dev/Makefile
deleted file mode 100644
index cd7561ce6..000000000
--- a/security/nss/lib/dev/Makefile
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# ckhelper.c in 64-bit mode for unknown reasons. A workaround is
-# to compile it with optimizations turned on. (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/ckhelper.o: ckhelper.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
-
-export:: private_export
diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c
deleted file mode 100644
index 60ba7c105..000000000
--- a/security/nss/lib/dev/ckhelper.c
+++ /dev/null
@@ -1,731 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-extern const NSSError NSS_ERROR_DEVICE_ERROR;
-
-static const CK_BBOOL s_true = CK_TRUE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_true = { (CK_VOID_PTR)&s_true, sizeof(s_true) };
-
-static const CK_BBOOL s_false = CK_FALSE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_false = { (CK_VOID_PTR)&s_false, sizeof(s_false) };
-
-static const CK_OBJECT_CLASS s_class_cert = CKO_CERTIFICATE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_cert = { (CK_VOID_PTR)&s_class_cert, sizeof(s_class_cert) };
-
-static const CK_OBJECT_CLASS s_class_pubkey = CKO_PUBLIC_KEY;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_pubkey = { (CK_VOID_PTR)&s_class_pubkey, sizeof(s_class_pubkey) };
-
-static const CK_OBJECT_CLASS s_class_privkey = CKO_PRIVATE_KEY;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_privkey = { (CK_VOID_PTR)&s_class_privkey, sizeof(s_class_privkey) };
-
-static PRBool
-is_string_attribute
-(
- CK_ATTRIBUTE_TYPE aType
-)
-{
- PRBool isString;
- switch (aType) {
- case CKA_LABEL:
- case CKA_NETSCAPE_EMAIL:
- isString = PR_TRUE;
- break;
- default:
- isString = PR_FALSE;
- break;
- }
- return isString;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_GetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot
-)
-{
- nssArenaMark *mark = NULL;
- CK_SESSION_HANDLE hSession;
- CK_ULONG i = 0;
- CK_RV ckrv;
- PRStatus nssrv;
- PRBool alloced = PR_FALSE;
- void *epv = nssSlot_GetCryptokiEPV(slot);
- hSession = session->handle;
- if (arenaOpt) {
- mark = nssArena_Mark(arenaOpt);
- if (!mark) {
- goto loser;
- }
- }
- nssSession_EnterMonitor(session);
- /* XXX kinda hacky, if the storage size is already in the first template
- * item, then skip the alloc portion
- */
- if (obj_template[0].ulValueLen == 0) {
- /* Get the storage size needed for each attribute */
- ckrv = CKAPI(epv)->C_GetAttributeValue(hSession,
- object, obj_template, count);
- if (ckrv != CKR_OK &&
- ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
- ckrv != CKR_ATTRIBUTE_SENSITIVE)
- {
- nssSession_ExitMonitor(session);
- nss_SetError(NSS_ERROR_DEVICE_ERROR);
- goto loser;
- }
- /* Allocate memory for each attribute. */
- for (i=0; i<count; i++) {
- CK_ULONG ulValueLen = obj_template[i].ulValueLen;
- if (ulValueLen == 0) continue;
- if (ulValueLen == (CK_ULONG) -1) {
- obj_template[i].ulValueLen = 0;
- continue;
- }
- if (is_string_attribute(obj_template[i].type)) {
- ulValueLen++;
- }
- obj_template[i].pValue = nss_ZAlloc(arenaOpt, ulValueLen);
- if (!obj_template[i].pValue) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- }
- alloced = PR_TRUE;
- }
- /* Obtain the actual attribute values. */
- ckrv = CKAPI(epv)->C_GetAttributeValue(hSession,
- object, obj_template, count);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK &&
- ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
- ckrv != CKR_ATTRIBUTE_SENSITIVE)
- {
- nss_SetError(NSS_ERROR_DEVICE_ERROR);
- goto loser;
- }
- if (alloced && arenaOpt) {
- nssrv = nssArena_Unmark(arenaOpt, mark);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- }
-
- if (count > 1 && ((ckrv == CKR_ATTRIBUTE_TYPE_INVALID) ||
- (ckrv == CKR_ATTRIBUTE_SENSITIVE))) {
- /* old tokens would keep the length of '0' and not deal with any
- * of the attributes we passed. For those tokens read them one at
- * a time */
- for (i=0; i < count; i++) {
- if ((obj_template[i].ulValueLen == 0)
- || (obj_template[i].ulValueLen == -1)) {
- obj_template[i].ulValueLen=0;
- (void) nssCKObject_GetAttributes(object,&obj_template[i], 1,
- arenaOpt, session, slot);
- }
- }
- }
- return PR_SUCCESS;
-loser:
- if (alloced) {
- if (arenaOpt) {
- /* release all arena memory allocated before the failure. */
- (void)nssArena_Release(arenaOpt, mark);
- } else {
- CK_ULONG j;
- /* free each heap object that was allocated before the failure. */
- for (j=0; j<i; j++) {
- nss_ZFreeIf(obj_template[j].pValue);
- }
- }
- }
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_GetAttributeItem
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot,
- NSSItem *rvItem
-)
-{
- CK_ATTRIBUTE attr = { 0, NULL, 0 };
- PRStatus nssrv;
- attr.type = attribute;
- nssrv = nssCKObject_GetAttributes(object, &attr, 1,
- arenaOpt, session, slot);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- rvItem->data = (void *)attr.pValue;
- rvItem->size = (PRUint32)attr.ulValueLen;
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRBool
-nssCKObject_IsAttributeTrue
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- nssSession *session,
- NSSSlot *slot,
- PRStatus *rvStatus
-)
-{
- CK_BBOOL bool;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE atemplate = { 0, NULL, 0 };
- CK_RV ckrv;
- void *epv = nssSlot_GetCryptokiEPV(slot);
- attr = &atemplate;
- NSS_CK_SET_ATTRIBUTE_VAR(attr, attribute, bool);
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_GetAttributeValue(session->handle, object,
- &atemplate, 1);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- *rvStatus = PR_FAILURE;
- return PR_FALSE;
- }
- *rvStatus = PR_SUCCESS;
- return (PRBool)(bool == CK_TRUE);
-}
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_SetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- nssSession *session,
- NSSSlot *slot
-)
-{
- CK_RV ckrv;
- void *epv = nssSlot_GetCryptokiEPV(slot);
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle, object,
- obj_template, count);
- nssSession_ExitMonitor(session);
- if (ckrv == CKR_OK) {
- return PR_SUCCESS;
- } else {
- return PR_FAILURE;
- }
-}
-
-NSS_IMPLEMENT PRBool
-nssCKObject_IsTokenObjectTemplate
-(
- CK_ATTRIBUTE_PTR objectTemplate,
- CK_ULONG otsize
-)
-{
- CK_ULONG ul;
- for (ul=0; ul<otsize; ul++) {
- if (objectTemplate[ul].type == CKA_TOKEN) {
- return (*((CK_BBOOL*)objectTemplate[ul].pValue) == CK_TRUE);
- }
- }
- return PR_FALSE;
-}
-
-static NSSCertificateType
-nss_cert_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
-{
- CK_CERTIFICATE_TYPE ckCertType;
- if (!attrib->pValue) {
- /* default to PKIX */
- return NSSCertificateType_PKIX;
- }
- ckCertType = *((CK_ULONG *)attrib->pValue);
- switch (ckCertType) {
- case CKC_X_509:
- return NSSCertificateType_PKIX;
- default:
- break;
- }
- return NSSCertificateType_Unknown;
-}
-
-/* incoming pointers must be valid */
-NSS_IMPLEMENT PRStatus
-nssCryptokiCertificate_GetAttributes
-(
- nssCryptokiObject *certObject,
- nssSession *sessionOpt,
- NSSArena *arenaOpt,
- NSSCertificateType *certTypeOpt,
- NSSItem *idOpt,
- NSSDER *encodingOpt,
- NSSDER *issuerOpt,
- NSSDER *serialOpt,
- NSSDER *subjectOpt
-)
-{
- PRStatus status;
- PRUint32 i;
- nssSession *session;
- NSSSlot *slot;
- CK_ULONG template_size;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE cert_template[6];
- /* Set up a template of all options chosen by caller */
- NSS_CK_TEMPLATE_START(cert_template, attr, template_size);
- if (certTypeOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_CERTIFICATE_TYPE);
- }
- if (idOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
- }
- if (encodingOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
- }
- if (issuerOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ISSUER);
- }
- if (serialOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SERIAL_NUMBER);
- }
- if (subjectOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SUBJECT);
- }
- NSS_CK_TEMPLATE_FINISH(cert_template, attr, template_size);
- if (template_size == 0) {
- /* caller didn't want anything */
- return PR_SUCCESS;
- }
-
- status = nssToken_GetCachedObjectAttributes(certObject->token, arenaOpt,
- certObject, CKO_CERTIFICATE,
- cert_template, template_size);
- if (status != PR_SUCCESS) {
-
- session = sessionOpt ?
- sessionOpt :
- nssToken_GetDefaultSession(certObject->token);
-
- slot = nssToken_GetSlot(certObject->token);
- status = nssCKObject_GetAttributes(certObject->handle,
- cert_template, template_size,
- arenaOpt, session, slot);
- nssSlot_Destroy(slot);
- if (status != PR_SUCCESS) {
- return status;
- }
- }
-
- i=0;
- if (certTypeOpt) {
- *certTypeOpt = nss_cert_type_from_ck_attrib(&cert_template[i]); i++;
- }
- if (idOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], idOpt); i++;
- }
- if (encodingOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], encodingOpt); i++;
- }
- if (issuerOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], issuerOpt); i++;
- }
- if (serialOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], serialOpt); i++;
- }
- if (subjectOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], subjectOpt); i++;
- }
- return PR_SUCCESS;
-}
-
-#ifdef PURE_STAN_BUILD
-static NSSKeyPairType
-nss_key_pair_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
-{
- CK_KEY_TYPE ckKeyType;
- PR_ASSERT(attrib->pValue);
- ckKeyType = *((CK_ULONG *)attrib->pValue);
- switch (ckKeyType) {
- case CKK_RSA: return NSSKeyPairType_RSA;
- case CKK_DSA: return NSSKeyPairType_DSA;
- default: break;
- }
- return NSSKeyPairType_Unknown;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiPrivateKey_GetAttributes
-(
- nssCryptokiObject *keyObject,
- nssSession *sessionOpt,
- NSSArena *arenaOpt,
- NSSKeyPairType *keyTypeOpt,
- NSSItem *idOpt
-)
-{
- PRStatus status;
- PRUint32 i;
- nssSession *session;
- NSSSlot *slot;
- CK_ULONG template_size;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE key_template[2];
- /* Set up a template of all options chosen by caller */
- NSS_CK_TEMPLATE_START(key_template, attr, template_size);
- if (keyTypeOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_KEY_TYPE);
- }
- if (idOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
- }
- NSS_CK_TEMPLATE_FINISH(key_template, attr, template_size);
- if (template_size == 0) {
- /* caller didn't want anything */
- return PR_SUCCESS;
- }
-
- session = sessionOpt ?
- sessionOpt :
- nssToken_GetDefaultSession(keyObject->token);
-
- slot = nssToken_GetSlot(keyObject->token);
- status = nssCKObject_GetAttributes(keyObject->handle,
- key_template, template_size,
- arenaOpt, session, slot);
- nssSlot_Destroy(slot);
- if (status != PR_SUCCESS) {
- return status;
- }
-
- i=0;
- if (keyTypeOpt) {
- *keyTypeOpt = nss_key_pair_type_from_ck_attrib(&key_template[i]); i++;
- }
- if (idOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&key_template[i], idOpt); i++;
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiPublicKey_GetAttributes
-(
- nssCryptokiObject *keyObject,
- nssSession *sessionOpt,
- NSSArena *arenaOpt,
- NSSKeyPairType *keyTypeOpt,
- NSSItem *idOpt
-)
-{
- PRStatus status;
- PRUint32 i;
- nssSession *session;
- NSSSlot *slot;
- CK_ULONG template_size;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE key_template[2];
- /* Set up a template of all options chosen by caller */
- NSS_CK_TEMPLATE_START(key_template, attr, template_size);
- if (keyTypeOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_KEY_TYPE);
- }
- if (idOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
- }
- NSS_CK_TEMPLATE_FINISH(key_template, attr, template_size);
- if (template_size == 0) {
- /* caller didn't want anything */
- return PR_SUCCESS;
- }
-
- session = sessionOpt ?
- sessionOpt :
- nssToken_GetDefaultSession(keyObject->token);
-
- slot = nssToken_GetSlot(keyObject->token);
- status = nssCKObject_GetAttributes(keyObject->handle,
- key_template, template_size,
- arenaOpt, session, slot);
- nssSlot_Destroy(slot);
- if (status != PR_SUCCESS) {
- return status;
- }
-
- i=0;
- if (keyTypeOpt) {
- *keyTypeOpt = nss_key_pair_type_from_ck_attrib(&key_template[i]); i++;
- }
- if (idOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&key_template[i], idOpt); i++;
- }
- return PR_SUCCESS;
-}
-#endif /* PURE_STAN_BUILD */
-
-static nssTrustLevel
-get_nss_trust
-(
- CK_TRUST ckt
-)
-{
- nssTrustLevel t;
- switch (ckt) {
- case CKT_NETSCAPE_UNTRUSTED: t = nssTrustLevel_NotTrusted; break;
- case CKT_NETSCAPE_TRUSTED_DELEGATOR: t = nssTrustLevel_TrustedDelegator;
- break;
- case CKT_NETSCAPE_VALID_DELEGATOR: t = nssTrustLevel_ValidDelegator; break;
- case CKT_NETSCAPE_TRUSTED: t = nssTrustLevel_Trusted; break;
- case CKT_NETSCAPE_VALID: t = nssTrustLevel_Valid; break;
- case CKT_NETSCAPE_MUST_VERIFY:
- case CKT_NETSCAPE_TRUST_UNKNOWN:
- default:
- t = nssTrustLevel_Unknown; break;
- }
- return t;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiTrust_GetAttributes
-(
- nssCryptokiObject *trustObject,
- nssSession *sessionOpt,
- NSSItem *sha1_hash,
- nssTrustLevel *serverAuth,
- nssTrustLevel *clientAuth,
- nssTrustLevel *codeSigning,
- nssTrustLevel *emailProtection
-)
-{
- PRStatus status;
- NSSSlot *slot;
- nssSession *session;
- CK_BBOOL isToken;
- CK_TRUST saTrust, caTrust, epTrust, csTrust;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE trust_template[6];
- CK_ULONG trust_size;
-
- /* Use the trust object to find the trust settings */
- NSS_CK_TEMPLATE_START(trust_template, attr, trust_size);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TOKEN, isToken);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_SERVER_AUTH, saTrust);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH, caTrust);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, epTrust);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING, csTrust);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH, sha1_hash);
- NSS_CK_TEMPLATE_FINISH(trust_template, attr, trust_size);
-
- status = nssToken_GetCachedObjectAttributes(trustObject->token, NULL,
- trustObject,
- CKO_NETSCAPE_TRUST,
- trust_template, trust_size);
- if (status != PR_SUCCESS) {
- session = sessionOpt ?
- sessionOpt :
- nssToken_GetDefaultSession(trustObject->token);
-
- slot = nssToken_GetSlot(trustObject->token);
- status = nssCKObject_GetAttributes(trustObject->handle,
- trust_template, trust_size,
- NULL, session, slot);
- nssSlot_Destroy(slot);
- if (status != PR_SUCCESS) {
- return status;
- }
- }
-
- *serverAuth = get_nss_trust(saTrust);
- *clientAuth = get_nss_trust(caTrust);
- *emailProtection = get_nss_trust(epTrust);
- *codeSigning = get_nss_trust(csTrust);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiCRL_GetAttributes
-(
- nssCryptokiObject *crlObject,
- nssSession *sessionOpt,
- NSSArena *arenaOpt,
- NSSItem *encodingOpt,
- NSSItem *subjectOpt,
- CK_ULONG* crl_class,
- NSSUTF8 **urlOpt,
- PRBool *isKRLOpt
-)
-{
- PRStatus status;
- NSSSlot *slot;
- nssSession *session;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE crl_template[7];
- CK_ULONG crl_size;
- PRUint32 i;
-
- NSS_CK_TEMPLATE_START(crl_template, attr, crl_size);
- if (crl_class) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_CLASS);
- }
- if (encodingOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
- }
- if (urlOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NETSCAPE_URL);
- }
- if (isKRLOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NETSCAPE_KRL);
- }
- if (subjectOpt) {
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SUBJECT);
- }
- NSS_CK_TEMPLATE_FINISH(crl_template, attr, crl_size);
-
- status = nssToken_GetCachedObjectAttributes(crlObject->token, NULL,
- crlObject,
- CKO_NETSCAPE_CRL,
- crl_template, crl_size);
- if (status != PR_SUCCESS) {
- session = sessionOpt ?
- sessionOpt :
- nssToken_GetDefaultSession(crlObject->token);
-
- slot = nssToken_GetSlot(crlObject->token);
- status = nssCKObject_GetAttributes(crlObject->handle,
- crl_template, crl_size,
- arenaOpt, session, slot);
- nssSlot_Destroy(slot);
- if (status != PR_SUCCESS) {
- return status;
- }
- }
-
- i=0;
- if (crl_class) {
- NSS_CK_ATTRIBUTE_TO_ULONG(&crl_template[i], *crl_class); i++;
- }
- if (encodingOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&crl_template[i], encodingOpt); i++;
- }
- if (urlOpt) {
- NSS_CK_ATTRIBUTE_TO_UTF8(&crl_template[i], *urlOpt); i++;
- }
- if (isKRLOpt) {
- NSS_CK_ATTRIBUTE_TO_BOOL(&crl_template[i], *isKRLOpt); i++;
- }
- if (subjectOpt) {
- NSS_CK_ATTRIBUTE_TO_ITEM(&crl_template[i], subjectOpt); i++;
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiPrivateKey_SetCertificate
-(
- nssCryptokiObject *keyObject,
- nssSession *sessionOpt,
- NSSUTF8 *nickname,
- NSSItem *id,
- NSSDER *subject
-)
-{
- CK_RV ckrv;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE key_template[3];
- CK_ULONG key_size;
- void *epv = nssToken_GetCryptokiEPV(keyObject->token);
- nssSession *session;
- NSSToken *token = keyObject->token;
- nssSession *defaultSession = nssToken_GetDefaultSession(token);
- PRBool createdSession = PR_FALSE;
-
- NSS_CK_TEMPLATE_START(key_template, attr, key_size);
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
- NSS_CK_TEMPLATE_FINISH(key_template, attr, key_size);
-
- if (sessionOpt) {
- if (!nssSession_IsReadWrite(sessionOpt)) {
- return PR_FAILURE;
- } else {
- session = sessionOpt;
- }
- } else if (nssSession_IsReadWrite(defaultSession)) {
- session = defaultSession;
- } else {
- NSSSlot *slot = nssToken_GetSlot(token);
- session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
- createdSession = PR_TRUE;
- nssSlot_Destroy(slot);
- }
-
- ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle,
- keyObject->handle,
- key_template,
- key_size);
-
- if (createdSession) {
- nssSession_Destroy(session);
- }
-
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
diff --git a/security/nss/lib/dev/ckhelper.h b/security/nss/lib/dev/ckhelper.h
deleted file mode 100644
index aa232e578..000000000
--- a/security/nss/lib/dev/ckhelper.h
+++ /dev/null
@@ -1,194 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ckhelper.h
- *
- * This file contains some helper utilities for interaction with cryptoki.
- */
-
-#ifndef CKHELPER_H
-#define CKHELPER_H
-
-#ifdef DEBUG
-static const char CKHELPER_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* Some globals to keep from constantly redeclaring common cryptoki
- * attribute types on the stack.
- */
-
-/* Boolean values */
-NSS_EXTERN_DATA const NSSItem g_ck_true;
-NSS_EXTERN_DATA const NSSItem g_ck_false;
-
-/* Object classes */
-NSS_EXTERN_DATA const NSSItem g_ck_class_cert;
-NSS_EXTERN_DATA const NSSItem g_ck_class_pubkey;
-NSS_EXTERN_DATA const NSSItem g_ck_class_privkey;
-
-#define NSS_CK_TEMPLATE_START(_template, attr, size) \
- attr = _template; \
- size = 0;
-
-#define NSS_CK_SET_ATTRIBUTE_ITEM(pattr, kind, item) \
- (pattr)->type = kind; \
- (pattr)->pValue = (CK_VOID_PTR)(item)->data; \
- (pattr)->ulValueLen = (CK_ULONG)(item)->size; \
- (pattr)++;
-
-#define NSS_CK_SET_ATTRIBUTE_UTF8(pattr, kind, utf8) \
- (pattr)->type = kind; \
- (pattr)->pValue = (CK_VOID_PTR)utf8; \
- (pattr)->ulValueLen = (CK_ULONG)nssUTF8_Size(utf8, NULL); \
- if ((pattr)->ulValueLen) ((pattr)->ulValueLen)--; \
- (pattr)++;
-
-#define NSS_CK_SET_ATTRIBUTE_VAR(pattr, kind, var) \
- (pattr)->type = kind; \
- (pattr)->pValue = (CK_VOID_PTR)&var; \
- (pattr)->ulValueLen = (CK_ULONG)sizeof(var); \
- (pattr)++;
-
-#define NSS_CK_SET_ATTRIBUTE_NULL(pattr, kind) \
- (pattr)->type = kind; \
- (pattr)->pValue = (CK_VOID_PTR)NULL; \
- (pattr)->ulValueLen = 0; \
- (pattr)++;
-
-#define NSS_CK_TEMPLATE_FINISH(_template, attr, size) \
- size = (attr) - (_template); \
- PR_ASSERT(size <= sizeof(_template)/sizeof(_template[0]));
-
-/* NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item)
- *
- * Convert a CK_ATTRIBUTE to an NSSItem.
- */
-#define NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item) \
- if ((CK_LONG)(attrib)->ulValueLen > 0) { \
- (item)->data = (void *)(attrib)->pValue; \
- (item)->size = (PRUint32)(attrib)->ulValueLen; \
- } else { \
- (item)->data = 0; \
- (item)->size = 0; \
- }
-
-#define NSS_CK_ATTRIBUTE_TO_BOOL(attrib, boolvar) \
- if ((attrib)->ulValueLen > 0) { \
- if (*((CK_BBOOL*)(attrib)->pValue) == CK_TRUE) { \
- boolvar = PR_TRUE; \
- } else { \
- boolvar = PR_FALSE; \
- } \
- }
-
-#define NSS_CK_ATTRIBUTE_TO_ULONG(attrib, ulongvar) \
- if ((attrib)->ulValueLen > 0) { \
- ulongvar = *((CK_ULONG*)(attrib)->pValue); \
- }
-
-/* NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str)
- *
- * Convert a CK_ATTRIBUTE to a string.
- */
-#define NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str) \
- str = (NSSUTF8 *)((attrib)->pValue);
-
-/* NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib)
- *
- * Convert an NSSItem to a CK_ATTRIBUTE.
- */
-#define NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib) \
- (attrib)->pValue = (CK_VOID_PTR)(item)->data; \
- (attrib)->ulValueLen = (CK_ULONG)(item)->size; \
-
-/* Get an array of attributes from an object. */
-NSS_EXTERN PRStatus
-nssCKObject_GetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot
-);
-
-/* Get a single attribute as an item. */
-NSS_EXTERN PRStatus
-nssCKObject_GetAttributeItem
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot,
- NSSItem *rvItem
-);
-
-NSS_EXTERN PRBool
-nssCKObject_IsAttributeTrue
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- nssSession *session,
- NSSSlot *slot,
- PRStatus *rvStatus
-);
-
-NSS_EXTERN PRStatus
-nssCKObject_SetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- nssSession *session,
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssCKObject_IsTokenObjectTemplate
-(
- CK_ATTRIBUTE_PTR objectTemplate,
- CK_ULONG otsize
-);
-
-PR_END_EXTERN_C
-
-#endif /* CKHELPER_H */
diff --git a/security/nss/lib/dev/config.mk b/security/nss/lib/dev/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/dev/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h
deleted file mode 100644
index 43ad7ac98..000000000
--- a/security/nss/lib/dev/dev.h
+++ /dev/null
@@ -1,981 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEV_H
-#define DEV_H
-
-/*
- * dev.h
- *
- * Low-level methods for interaction with cryptoki devices
- */
-
-#ifdef DEBUG
-static const char DEV_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSDEV_H
-#include "nssdev.h"
-#endif /* NSSDEV_H */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* the global module list
- *
- * These functions are for managing the global set of modules. Trust Domains,
- * etc., will draw from this set. These functions are completely internal
- * and only invoked when there are changes to the global module state
- * (load or unload).
- *
- * nss_InitializeGlobalModuleList
- * nss_DestroyGlobalModuleList
- * nss_GetLoadedModules
- *
- * nssGlobalModuleList_Add
- * nssGlobalModuleList_Remove
- * nssGlobalModuleList_FindModuleByName
- * nssGlobalModuleList_FindSlotByName
- * nssGlobalModuleList_FindTokenByName
- */
-
-NSS_EXTERN PRStatus
-nss_InitializeGlobalModuleList
-(
- void
-);
-
-NSS_EXTERN PRStatus
-nss_DestroyGlobalModuleList
-(
- void
-);
-
-NSS_EXTERN NSSModule **
-nss_GetLoadedModules
-(
- void
-);
-
-NSS_EXTERN PRStatus
-nssGlobalModuleList_Add
-(
- NSSModule *module
-);
-
-NSS_EXTERN PRStatus
-nssGlobalModuleList_Remove
-(
- NSSModule *module
-);
-
-NSS_EXTERN NSSModule *
-nssGlobalModuleList_FindModuleByName
-(
- NSSUTF8 *moduleName
-);
-
-NSS_EXTERN NSSSlot *
-nssGlobalModuleList_FindSlotByName
-(
- NSSUTF8 *slotName
-);
-
-NSS_EXTERN NSSToken *
-nssGlobalModuleList_FindTokenByName
-(
- NSSUTF8 *tokenName
-);
-
-NSS_EXTERN NSSToken *
-nss_GetDefaultCryptoToken
-(
- void
-);
-
-NSS_EXTERN NSSToken *
-nss_GetDefaultDatabaseToken
-(
- void
-);
-
-/*
- * |-----------|<---> NSSSlot <--> NSSToken
- * | NSSModule |<---> NSSSlot <--> NSSToken
- * |-----------|<---> NSSSlot <--> NSSToken
- */
-
-/* NSSModule
- *
- * nssModule_Create
- * nssModule_CreateFromSpec
- * nssModule_AddRef
- * nssModule_GetName
- * nssModule_GetSlots
- * nssModule_FindSlotByName
- * nssModule_FindTokenByName
- * nssModule_GetCertOrder
- */
-
-NSS_EXTERN NSSModule *
-nssModule_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-);
-
-/* This is to use the new loading mechanism. */
-NSS_EXTERN NSSModule *
-nssModule_CreateFromSpec
-(
- NSSUTF8 *moduleSpec,
- NSSModule *parent,
- PRBool loadSubModules
-);
-
-NSS_EXTERN PRStatus
-nssModule_Destroy
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSModule *
-nssModule_AddRef
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSUTF8 *
-nssModule_GetName
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot **
-nssModule_GetSlots
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot *
-nssModule_FindSlotByName
-(
- NSSModule *mod,
- NSSUTF8 *slotName
-);
-
-NSS_EXTERN NSSToken *
-nssModule_FindTokenByName
-(
- NSSModule *mod,
- NSSUTF8 *tokenName
-);
-
-NSS_EXTERN PRInt32
-nssModule_GetCertOrder
-(
- NSSModule *module
-);
-
-/* NSSSlot
- *
- * nssSlot_Destroy
- * nssSlot_AddRef
- * nssSlot_GetName
- * nssSlot_GetTokenName
- * nssSlot_IsTokenPresent
- * nssSlot_IsPermanent
- * nssSlot_IsFriendly
- * nssSlot_IsHardware
- * nssSlot_Refresh
- * nssSlot_GetModule
- * nssSlot_GetToken
- * nssSlot_Login
- * nssSlot_Logout
- * nssSlot_SetPassword
- * nssSlot_CreateSession
- */
-
-NSS_EXTERN PRStatus
-nssSlot_Destroy
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSSlot *
-nssSlot_AddRef
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSUTF8 *
-nssSlot_GetName
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSUTF8 *
-nssSlot_GetTokenName
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSModule *
-nssSlot_GetModule
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSToken *
-nssSlot_GetToken
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsTokenPresent
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsPermanent
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsFriendly
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsHardware
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsLoggedIn
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRStatus
-nssSlot_Refresh
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN PRStatus
-nssSlot_Login
-(
- NSSSlot *slot,
- NSSCallback *pwcb
-);
-extern const NSSError NSS_ERROR_INVALID_PASSWORD;
-extern const NSSError NSS_ERROR_USER_CANCELED;
-
-NSS_EXTERN PRStatus
-nssSlot_Logout
-(
- NSSSlot *slot,
- nssSession *sessionOpt
-);
-
-#define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1
-#define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0
-NSS_EXTERN void
-nssSlot_SetPasswordDefaults
-(
- NSSSlot *slot,
- PRInt32 askPasswordTimeout
-);
-
-NSS_EXTERN PRStatus
-nssSlot_SetPassword
-(
- NSSSlot *slot,
- NSSUTF8 *oldPasswordOpt,
- NSSUTF8 *newPassword
-);
-extern const NSSError NSS_ERROR_INVALID_PASSWORD;
-extern const NSSError NSS_ERROR_USER_CANCELED;
-
-/*
- * nssSlot_IsLoggedIn
- */
-
-NSS_EXTERN nssSession *
-nssSlot_CreateSession
-(
- NSSSlot *slot,
- NSSArena *arenaOpt,
- PRBool readWrite /* so far, this is the only flag used */
-);
-
-/* NSSToken
- *
- * nssToken_Destroy
- * nssToken_AddRef
- * nssToken_GetName
- * nssToken_GetModule
- * nssToken_GetSlot
- * nssToken_NeedsPINInitialization
- * nssToken_ImportCertificate
- * nssToken_ImportTrust
- * nssToken_ImportCRL
- * nssToken_GenerateKeyPair
- * nssToken_GenerateSymmetricKey
- * nssToken_DeleteStoredObject
- * nssToken_FindCertificates
- * nssToken_FindCertificatesBySubject
- * nssToken_FindCertificatesByNickname
- * nssToken_FindCertificatesByEmail
- * nssToken_FindCertificateByIssuerAndSerialNumber
- * nssToken_FindCertificateByEncodedCertificate
- * nssToken_FindTrustObjects
- * nssToken_FindTrustForCertificate
- * nssToken_FindCRLs
- * nssToken_FindCRLsBySubject
- * nssToken_FindPrivateKeys
- * nssToken_FindPrivateKeyByID
- * nssToken_Digest
- * nssToken_BeginDigest
- * nssToken_ContinueDigest
- * nssToken_FinishDigest
- */
-
-NSS_EXTERN PRStatus
-nssToken_Destroy
-(
- NSSToken *tok
-);
-
-NSS_EXTERN NSSToken *
-nssToken_AddRef
-(
- NSSToken *tok
-);
-
-NSS_EXTERN NSSUTF8 *
-nssToken_GetName
-(
- NSSToken *tok
-);
-
-NSS_EXTERN NSSModule *
-nssToken_GetModule
-(
- NSSToken *token
-);
-
-NSS_EXTERN NSSSlot *
-nssToken_GetSlot
-(
- NSSToken *tok
-);
-
-NSS_EXTERN PRBool
-nssToken_NeedsPINInitialization
-(
- NSSToken *token
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_ImportCertificate
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSCertificateType certType,
- NSSItem *id,
- NSSUTF8 *nickname,
- NSSDER *encoding,
- NSSDER *issuer,
- NSSDER *subject,
- NSSDER *serial,
- NSSASCII7 *emailAddr,
- PRBool asTokenObject
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_ImportTrust
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSDER *certEncoding,
- NSSDER *certIssuer,
- NSSDER *certSerial,
- nssTrustLevel serverAuth,
- nssTrustLevel clientAuth,
- nssTrustLevel codeSigning,
- nssTrustLevel emailProtection,
- PRBool asTokenObject
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_ImportCRL
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- NSSDER *encoding,
- PRBool isKRL,
- NSSUTF8 *url,
- PRBool asTokenObject
-);
-
-/* Permanently remove an object from the token. */
-NSS_EXTERN PRStatus
-nssToken_DeleteStoredObject
-(
- nssCryptokiObject *instance
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificates
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesBySubject
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByNickname
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSUTF8 *name,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByEmail
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSASCII7 *email,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByID
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSItem *id,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindCertificateByIssuerAndSerialNumber
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *issuer,
- NSSDER *serial,
- nssTokenSearchType searchType,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindCertificateByEncodedCertificate
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSBER *encodedCertificate,
- nssTokenSearchType searchType,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindTrustObjects
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindTrustForCertificate
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *certEncoding,
- NSSDER *certIssuer,
- NSSDER *certSerial,
- nssTokenSearchType searchType
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCRLs
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCRLsBySubject
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindPrivateKeys
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindPrivateKeyByID
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSItem *keyID
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindPublicKeyByID
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSItem *keyID
-);
-
-NSS_EXTERN NSSItem *
-nssToken_Digest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN PRStatus
-nssToken_BeginDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap
-);
-
-NSS_EXTERN PRStatus
-nssToken_ContinueDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *item
-);
-
-NSS_EXTERN NSSItem *
-nssToken_FinishDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/* nssSession
- *
- * nssSession_Destroy
- * nssSession_EnterMonitor
- * nssSession_ExitMonitor
- * nssSession_IsReadWrite
- */
-
-NSS_EXTERN PRStatus
-nssSession_Destroy
-(
- nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRStatus
-nssSession_EnterMonitor
-(
- nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRStatus
-nssSession_ExitMonitor
-(
- nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRBool
-nssSession_IsReadWrite
-(
- nssSession *s
-);
-
-/* nssCryptokiObject
- *
- * An object living on a cryptoki token.
- * Not really proper to mix up the object types just because
- * nssCryptokiObject itself is generic, but doing so anyway.
- *
- * nssCryptokiObject_Destroy
- * nssCryptokiObject_Equal
- * nssCryptokiObject_Clone
- * nssCryptokiCertificate_GetAttributes
- * nssCryptokiPrivateKey_GetAttributes
- * nssCryptokiPublicKey_GetAttributes
- * nssCryptokiTrust_GetAttributes
- * nssCryptokiCRL_GetAttributes
- */
-
-NSS_EXTERN void
-nssCryptokiObject_Destroy
-(
- nssCryptokiObject *object
-);
-
-NSS_EXTERN PRBool
-nssCryptokiObject_Equal
-(
- nssCryptokiObject *object1,
- nssCryptokiObject *object2
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssCryptokiObject_Clone
-(
- nssCryptokiObject *object
-);
-
-NSS_EXTERN PRStatus
-nssCryptokiCertificate_GetAttributes
-(
- nssCryptokiObject *object,
- nssSession *sessionOpt,
- NSSArena *arenaOpt,
- NSSCertificateType *certTypeOpt,
- NSSItem *idOpt,
- NSSDER *encodingOpt,
- NSSDER *issuerOpt,
- NSSDER *serialOpt,
- NSSDER *subjectOpt
-);
-
-NSS_EXTERN PRStatus
-nssCryptokiTrust_GetAttributes
-(
- nssCryptokiObject *trustObject,
- nssSession *sessionOpt,
- NSSItem *sha1_hash,
- nssTrustLevel *serverAuth,
- nssTrustLevel *clientAuth,
- nssTrustLevel *codeSigning,
- nssTrustLevel *emailProtection
-);
-
-NSS_EXTERN PRStatus
-nssCryptokiCRL_GetAttributes
-(
- nssCryptokiObject *crlObject,
- nssSession *sessionOpt,
- NSSArena *arenaOpt,
- NSSItem *encodingOpt,
- NSSItem * subjectOpt,
- CK_ULONG * crl_class,
- NSSUTF8 **urlOpt,
- PRBool *isKRLOpt
-);
-
-/* I'm including this to handle import of certificates in NSS 3.5. This
- * function will set the cert-related attributes of a key, in order to
- * associate it with a cert. Does it stay like this for 4.0?
- */
-NSS_EXTERN PRStatus
-nssCryptokiPrivateKey_SetCertificate
-(
- nssCryptokiObject *keyObject,
- nssSession *sessionOpt,
- NSSUTF8 *nickname,
- NSSItem *id,
- NSSDER *subject
-);
-
-NSS_EXTERN void
-nssModuleArray_Destroy
-(
- NSSModule **modules
-);
-
-/* nssSlotArray
- *
- * nssSlotArray_Destroy
- */
-
-NSS_EXTERN void
-nssSlotArray_Destroy
-(
- NSSSlot **slots
-);
-
-/* nssTokenArray
- *
- * nssTokenArray_Destroy
- */
-
-NSS_EXTERN void
-nssTokenArray_Destroy
-(
- NSSToken **tokens
-);
-
-/* nssCryptokiObjectArray
- *
- * nssCryptokiObjectArray_Destroy
- */
-NSS_EXTERN void
-nssCryptokiObjectArray_Destroy
-(
- nssCryptokiObject **object
-);
-
-/* nssSlotList
-*
- * An ordered list of slots. The order can be anything, it is set in the
- * Add methods. Perhaps it should be CreateInCertOrder, ...?
- *
- * nssSlotList_Create
- * nssSlotList_Destroy
- * nssSlotList_Add
- * nssSlotList_AddModuleSlots
- * nssSlotList_GetSlots
- * nssSlotList_FindSlotByName
- * nssSlotList_FindTokenByName
- * nssSlotList_GetBestSlot
- * nssSlotList_GetBestSlotForAlgorithmAndParameters
- * nssSlotList_GetBestSlotForAlgorithmsAndParameters
- */
-
-/* nssSlotList_Create
- */
-NSS_EXTERN nssSlotList *
-nssSlotList_Create
-(
- NSSArena *arenaOpt
-);
-
-/* nssSlotList_Destroy
- */
-NSS_EXTERN void
-nssSlotList_Destroy
-(
- nssSlotList *slotList
-);
-
-/* nssSlotList_Add
- *
- * Add the given slot in the given order.
- */
-NSS_EXTERN PRStatus
-nssSlotList_Add
-(
- nssSlotList *slotList,
- NSSSlot *slot,
- PRUint32 order
-);
-
-/* nssSlotList_AddModuleSlots
- *
- * Add all slots in the module, in the given order (the slots will have
- * equal weight).
- */
-NSS_EXTERN PRStatus
-nssSlotList_AddModuleSlots
-(
- nssSlotList *slotList,
- NSSModule *module,
- PRUint32 order
-);
-
-/* nssSlotList_GetSlots
- */
-NSS_EXTERN NSSSlot **
-nssSlotList_GetSlots
-(
- nssSlotList *slotList
-);
-
-/* nssSlotList_FindSlotByName
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_FindSlotByName
-(
- nssSlotList *slotList,
- NSSUTF8 *slotName
-);
-
-/* nssSlotList_FindTokenByName
- */
-NSS_EXTERN NSSToken *
-nssSlotList_FindTokenByName
-(
- nssSlotList *slotList,
- NSSUTF8 *tokenName
-);
-
-/* nssSlotList_GetBestSlot
- *
- * The best slot is the highest ranking in order, i.e., the first in the
- * list.
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_GetBestSlot
-(
- nssSlotList *slotList
-);
-
-/* nssSlotList_GetBestSlotForAlgorithmAndParameters
- *
- * Highest-ranking slot than can handle algorithm/parameters.
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_GetBestSlotForAlgorithmAndParameters
-(
- nssSlotList *slotList,
- NSSAlgorithmAndParameters *ap
-);
-
-/* nssSlotList_GetBestSlotForAlgorithmsAndParameters
- *
- * Highest-ranking slot than can handle all algorithms/parameters.
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_GetBestSlotForAlgorithmsAndParameters
-(
- nssSlotList *slotList,
- NSSAlgorithmAndParameters **ap
-);
-
-#ifdef NSS_3_4_CODE
-
-NSS_EXTERN PRBool
-nssToken_IsPresent
-(
- NSSToken *token
-);
-
-NSS_EXTERN nssSession *
-nssToken_GetDefaultSession
-(
- NSSToken *token
-);
-
-NSS_EXTERN PRStatus
-nssToken_GetTrustOrder
-(
- NSSToken *tok
-);
-
-NSS_EXTERN PRStatus
-nssToken_NotifyCertsNotVisible
-(
- NSSToken *tok
-);
-
-NSS_EXTERN PRStatus
-nssToken_TraverseCertificates
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRStatus (* callback)(nssCryptokiObject *instance, void *arg),
- void *arg
-);
-
-NSS_EXTERN PRBool
-nssToken_IsPrivateKeyAvailable
-(
- NSSToken *token,
- NSSCertificate *c,
- nssCryptokiObject *instance
-);
-
-
-#endif
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devm.h b/security/nss/lib/dev/devm.h
deleted file mode 100644
index 0dd0d5b36..000000000
--- a/security/nss/lib/dev/devm.h
+++ /dev/null
@@ -1,242 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVM_H
-#define DEVM_H
-
-#ifdef DEBUG
-static const char DEVM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVTM_H
-#include "devtm.h"
-#endif /* DEVTM_H */
-
-PR_BEGIN_EXTERN_C
-
-/* Shortcut to cryptoki API functions. */
-#define CKAPI(epv) \
- ((CK_FUNCTION_LIST_PTR)(epv))
-
-NSS_EXTERN void
-nssDevice_AddRef
-(
- struct nssDeviceBaseStr *device
-);
-
-NSS_EXTERN PRBool
-nssDevice_Destroy
-(
- struct nssDeviceBaseStr *device
-);
-
-NSS_EXTERN PRBool
-nssModule_IsThreadSafe
-(
- NSSModule *module
-);
-
-NSS_EXTERN PRBool
-nssModule_IsInternal
-(
- NSSModule *mod
-);
-
-NSS_EXTERN PRBool
-nssModule_IsModuleDBOnly
-(
- NSSModule *mod
-);
-
-NSS_EXTERN void *
-nssModule_GetCryptokiEPV
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot *
-nssSlot_Create
-(
- CK_SLOT_ID slotId,
- NSSModule *parent
-);
-
-NSS_EXTERN void *
-nssSlot_GetCryptokiEPV
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSToken *
-nssToken_Create
-(
- CK_SLOT_ID slotID,
- NSSSlot *peer
-);
-
-NSS_EXTERN void *
-nssToken_GetCryptokiEPV
-(
- NSSToken *token
-);
-
-NSS_EXTERN nssSession *
-nssToken_GetDefaultSession
-(
- NSSToken *token
-);
-
-NSS_EXTERN PRBool
-nssToken_IsLoginRequired
-(
- NSSToken *token
-);
-
-NSS_EXTERN void
-nssToken_Remove
-(
- NSSToken *token
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssCryptokiObject_Create
-(
- NSSToken *t,
- nssSession *session,
- CK_OBJECT_HANDLE h
-);
-
-NSS_EXTERN nssTokenObjectCache *
-nssTokenObjectCache_Create
-(
- NSSToken *token,
- PRBool cacheCerts,
- PRBool cacheTrust,
- PRBool cacheCRLs
-);
-
-NSS_EXTERN void
-nssTokenObjectCache_Destroy
-(
- nssTokenObjectCache *cache
-);
-
-NSS_EXTERN void
-nssTokenObjectCache_Clear
-(
- nssTokenObjectCache *cache
-);
-
-NSS_EXTERN PRBool
-nssTokenObjectCache_HaveObjectClass
-(
- nssTokenObjectCache *cache,
- CK_OBJECT_CLASS objclass
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssTokenObjectCache_FindObjectsByTemplate
-(
- nssTokenObjectCache *cache,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR otemplate,
- CK_ULONG otlen,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN PRStatus
-nssTokenObjectCache_GetObjectAttributes
-(
- nssTokenObjectCache *cache,
- NSSArena *arenaOpt,
- nssCryptokiObject *object,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR atemplate,
- CK_ULONG atlen
-);
-
-NSS_EXTERN PRStatus
-nssTokenObjectCache_ImportObject
-(
- nssTokenObjectCache *cache,
- nssCryptokiObject *object,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR ot,
- CK_ULONG otlen
-);
-
-NSS_EXTERN void
-nssTokenObjectCache_RemoveObject
-(
- nssTokenObjectCache *cache,
- nssCryptokiObject *object
-);
-
-/* XXX allows peek back into token */
-NSS_EXTERN PRStatus
-nssToken_GetCachedObjectAttributes
-(
- NSSToken *token,
- NSSArena *arenaOpt,
- nssCryptokiObject *object,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR atemplate,
- CK_ULONG atlen
-);
-
-/* PKCS#11 stores strings in a fixed-length buffer padded with spaces. This
- * function gets the length of the actual string.
- */
-NSS_EXTERN PRUint32
-nssPKCS11String_Length
-(
- CK_CHAR *pkcs11str,
- PRUint32 bufLen
-);
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devmod.c b/security/nss/lib/dev/devmod.c
deleted file mode 100644
index e0006370f..000000000
--- a/security/nss/lib/dev/devmod.c
+++ /dev/null
@@ -1,900 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifdef PURE_STAN_CODE
-
-extern void FC_GetFunctionList(void);
-extern void NSC_GetFunctionList(void);
-extern void NSC_ModuleDBFunc(void);
-
-/* The list of boolean flags used to describe properties of a
- * module.
- */
-#define NSSMODULE_FLAGS_NOT_THREADSAFE 0x0001 /* isThreadSafe */
-#define NSSMODULE_FLAGS_INTERNAL 0x0002 /* isInternal */
-#define NSSMODULE_FLAGS_FIPS 0x0004 /* isFIPS */
-#define NSSMODULE_FLAGS_MODULE_DB 0x0008 /* isModuleDB */
-#define NSSMODULE_FLAGS_MODULE_DB_ONLY 0x0010 /* moduleDBOnly */
-#define NSSMODULE_FLAGS_CRITICAL 0x0020 /* isCritical */
-
-struct NSSModuleStr {
- struct nssDeviceBaseStr base;
- NSSUTF8 *libraryName;
- PRLibrary *library;
- char *libraryParams;
- void *moduleDBFunc;
- void *epv;
- CK_INFO info;
- NSSSlot **slots;
- PRUint32 numSlots;
- PRBool isLoaded;
- struct {
- PRInt32 trust;
- PRInt32 cipher;
- PRInt32 certStorage;
- } order;
-};
-
-#define NSSMODULE_IS_THREADSAFE(module) \
- (!(module->base.flags & NSSMODULE_FLAGS_NOT_THREADSAFE))
-
-#define NSSMODULE_IS_INTERNAL(module) \
- (module->base.flags & NSSMODULE_FLAGS_INTERNAL)
-
-#define NSSMODULE_IS_FIPS(module) \
- (module->base.flags & NSSMODULE_FLAGS_FIPS)
-
-#define NSSMODULE_IS_MODULE_DB(module) \
- (module->base.flags & NSSMODULE_FLAGS_MODULE_DB)
-
-#define NSSMODULE_IS_MODULE_DB_ONLY(module) \
- (module->base.flags & NSSMODULE_FLAGS_MODULE_DB_ONLY)
-
-#define NSSMODULE_IS_CRITICAL(module) \
- (module->base.flags & NSSMODULE_FLAGS_CRITICAL)
-
-/* Threading callbacks for C_Initialize. Use NSPR threads. */
-
-CK_RV PR_CALLBACK
-nss_ck_CreateMutex(CK_VOID_PTR_PTR pMutex)
-{
- CK_VOID_PTR mutex = (CK_VOID_PTR)PZ_NewLock(nssILockOther);
- if (mutex != NULL) {
- *pMutex = (CK_VOID_PTR)mutex;
- return CKR_OK;
- }
- return CKR_HOST_MEMORY;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_DestroyMutex(CK_VOID_PTR mutex)
-{
- PZ_DestroyLock((PZLock *)mutex);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_LockMutex(CK_VOID_PTR mutex)
-{
- PZ_Lock((PZLock *)mutex);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_UnlockMutex(CK_VOID_PTR mutex)
-{
- return (PZ_Unlock((PZLock *)mutex) == PR_SUCCESS) ?
- CKR_OK : CKR_MUTEX_NOT_LOCKED;
-}
-
-/* Default callback args to C_Initialize */
-/* XXX not const because we are modifying the pReserved argument in order
- * to use the libraryParams extension.
- */
-static CK_C_INITIALIZE_ARGS
-s_ck_initialize_args = {
- nss_ck_CreateMutex, /* CreateMutex */
- nss_ck_DestroyMutex, /* DestroyMutex */
- nss_ck_LockMutex, /* LockMutex */
- nss_ck_UnlockMutex, /* UnlockMutex */
- CKF_LIBRARY_CANT_CREATE_OS_THREADS |
- CKF_OS_LOCKING_OK, /* flags */
- NULL /* pReserved */
-};
-
-/* load all slots in a module. */
-static PRStatus
-module_load_slots(NSSModule *mod)
-{
- CK_ULONG i, ulNumSlots;
- CK_SLOT_ID *slotIDs;
- nssArenaMark *mark = NULL;
- NSSSlot **slots;
- PRStatus nssrv;
- CK_RV ckrv;
- /* Get the number of slots */
- ckrv = CKAPI(mod->epv)->C_GetSlotList(CK_FALSE, NULL, &ulNumSlots);
- if (ckrv != CKR_OK) {
- /* what is the error? */
- return PR_FAILURE;
- }
- /* Alloc memory for the array of slot ID's */
- slotIDs = nss_ZNEWARRAY(NULL, CK_SLOT_ID, ulNumSlots);
- if (!slotIDs) {
- goto loser;
- }
- /* Get the actual slot list */
- ckrv = CKAPI(mod->epv)->C_GetSlotList(CK_FALSE, slotIDs, &ulNumSlots);
- if (ckrv != CKR_OK) {
- /* what is the error? */
- goto loser;
- }
- /* Alloc memory for the array of slots, in the module's arena */
- mark = nssArena_Mark(mod->base.arena); /* why mark? it'll be destroyed */
- if (!mark) {
- return PR_FAILURE;
- }
- slots = nss_ZNEWARRAY(mod->base.arena, NSSSlot *, ulNumSlots);
- if (!slots) {
- goto loser;
- }
- /* Initialize each slot */
- for (i=0; i<ulNumSlots; i++) {
- slots[i] = nssSlot_Create(slotIDs[i], mod);
- }
- nss_ZFreeIf(slotIDs);
- nssrv = nssArena_Unmark(mod->base.arena, mark);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- mod->slots = slots;
- mod->numSlots = ulNumSlots;
- return PR_SUCCESS;
-loser:
- if (mark) {
- nssArena_Release(mod->base.arena, mark);
- }
- nss_ZFreeIf(slotIDs);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Load
-(
- NSSModule *mod
-)
-{
- PRLibrary *library = NULL;
- CK_C_GetFunctionList epv;
- CK_RV ckrv;
- if (NSSMODULE_IS_INTERNAL(mod)) {
- /* internal, statically get the C_GetFunctionList function */
- if (NSSMODULE_IS_FIPS(mod)) {
- epv = (CK_C_GetFunctionList) FC_GetFunctionList;
- } else {
- epv = (CK_C_GetFunctionList) NSC_GetFunctionList;
- }
- if (NSSMODULE_IS_MODULE_DB(mod)) {
- mod->moduleDBFunc = (void *) NSC_ModuleDBFunc;
- }
- if (NSSMODULE_IS_MODULE_DB_ONLY(mod)) {
- mod->isLoaded = PR_TRUE; /* XXX needed? */
- return PR_SUCCESS;
- }
- } else {
- /* Use NSPR to load the library */
- library = PR_LoadLibrary(mod->libraryName);
- if (!library) {
- /* what's the error to set? */
- return PR_FAILURE;
- }
- mod->library = library;
- /* Skip if only getting the db loader function */
- if (!NSSMODULE_IS_MODULE_DB_ONLY(mod)) {
- /* Load the cryptoki entry point function */
- epv = (CK_C_GetFunctionList)PR_FindSymbol(library,
- "C_GetFunctionList");
- }
- /* Load the module database loader function */
- if (NSSMODULE_IS_MODULE_DB(mod)) {
- mod->moduleDBFunc = (void *)PR_FindSymbol(library,
- "NSS_ReturnModuleSpecData");
- }
- }
- if (epv == NULL) {
- goto loser;
- }
- /* Load the cryptoki entry point vector (function list) */
- ckrv = (*epv)((CK_FUNCTION_LIST_PTR *)&mod->epv);
- if (ckrv != CKR_OK) {
- goto loser;
- }
- /* Initialize the module */
- if (mod->libraryParams) {
- s_ck_initialize_args.LibraryParameters = (void *)mod->libraryParams;
- } else {
- s_ck_initialize_args.LibraryParameters = NULL;
- }
- ckrv = CKAPI(mod->epv)->C_Initialize(&s_ck_initialize_args);
- if (ckrv != CKR_OK) {
- /* Apparently the token is not thread safe. Retry without
- * threading parameters.
- */
- mod->base.flags |= NSSMODULE_FLAGS_NOT_THREADSAFE;
- ckrv = CKAPI(mod->epv)->C_Initialize((CK_VOID_PTR)NULL);
- if (ckrv != CKR_OK) {
- goto loser;
- }
- }
- /* TODO: check the version # using C_GetInfo */
- ckrv = CKAPI(mod->epv)->C_GetInfo(&mod->info);
- if (ckrv != CKR_OK) {
- goto loser;
- }
- /* TODO: if the name is not set, get it from info.libraryDescription */
- /* Now load the slots */
- if (module_load_slots(mod) != PR_SUCCESS) {
- goto loser;
- }
- /* Module has successfully loaded */
- mod->isLoaded = PR_TRUE;
- return PR_SUCCESS;
-loser:
- if (library) {
- PR_UnloadLibrary(library);
- }
- /* clear all values set above, they are invalid now */
- mod->library = NULL;
- mod->epv = NULL;
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Unload
-(
- NSSModule *mod
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- if (mod->library) {
- (void)CKAPI(mod->epv)->C_Finalize(NULL);
- nssrv = PR_UnloadLibrary(mod->library);
- }
- /* Free the slots, yes? */
- mod->library = NULL;
- mod->epv = NULL;
- mod->isLoaded = PR_FALSE;
- return nssrv;
-}
-
-/* Alloc memory for a module. Copy in the module name and library path
- * if provided. XXX use the opaque arg also, right?
- */
-NSS_IMPLEMENT NSSModule *
-nssModule_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-)
-{
- NSSArena *arena;
- NSSModule *rvMod;
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSModule *)NULL;
- }
- rvMod = nss_ZNEW(arena, NSSModule);
- if (!rvMod) {
- goto loser;
- }
- if (moduleOpt) {
- /* XXX making the gross assumption this is just the module name */
- /* if the name is a duplicate, should that be tested here? or
- * wait for Load?
- */
- rvMod->base.name = nssUTF8_Duplicate(moduleOpt, arena);
- if (!rvMod->base.name) {
- goto loser;
- }
- }
- if (uriOpt) {
- /* Load the module from a URI. */
- /* XXX at this time - only file URI (even worse, no file:// for now) */
- rvMod->libraryName = nssUTF8_Duplicate(uriOpt, arena);
- if (!rvMod->libraryName) {
- goto loser;
- }
- }
- rvMod->base.arena = arena;
- rvMod->base.refCount = 1;
- rvMod->base.lock = PZ_NewLock(nssNSSILockOther);
- if (!rvMod->base.lock) {
- goto loser;
- }
- /* everything else is 0/NULL at this point. */
- return rvMod;
-loser:
- nssArena_Destroy(arena);
- return (NSSModule *)NULL;
-}
-
-NSS_EXTERN PRStatus
-nssCryptokiArgs_ParseNextPair
-(
- NSSUTF8 *start,
- NSSUTF8 **attrib,
- NSSUTF8 **value,
- NSSUTF8 **remainder,
- NSSArena *arenaOpt
-);
-
-static PRStatus
-parse_slot_flags
-(
- NSSSlot *slot,
- NSSUTF8 *slotFlags
-)
-{
- PRStatus nssrv = PR_SUCCESS;
-#if 0
- PRBool done = PR_FALSE;
- NSSUTF8 *mark, *last;
- last = mark = slotFlags;
- while (PR_TRUE) {
- while (*mark && *mark != ',') ++mark;
- if (!*mark) done = PR_TRUE;
- *mark = '\0';
- if (nssUTF8_Equal(last, "RANDOM", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_HAS_RANDOM;
- } else if (nssUTF8_Equal(last, "RSA", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_RSA;
- } else if (nssUTF8_Equal(last, "DSA", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_DSA;
- } else if (nssUTF8_Equal(last, "DH", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_DH;
- } else if (nssUTF8_Equal(last, "RC2", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_RC2;
- } else if (nssUTF8_Equal(last, "RC4", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_RC4;
- } else if (nssUTF8_Equal(last, "RC5", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_RC5;
- } else if (nssUTF8_Equal(last, "DES", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_DES;
- } else if (nssUTF8_Equal(last, "AES", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_AES;
- } else if (nssUTF8_Equal(last, "SHA1", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_SHA1;
- } else if (nssUTF8_Equal(last, "MD2", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_MD2;
- } else if (nssUTF8_Equal(last, "MD5", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_MD5;
- } else if (nssUTF8_Equal(last, "SSL", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_SSL;
- } else if (nssUTF8_Equal(last, "TLS", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_TLS;
- } else if (nssUTF8_Equal(last, "PublicCerts", &nssrv)) {
- slot->base.flags |= NSSSLOT_FLAGS_FRIENDLY;
- } else {
- return PR_FAILURE;
- }
- if (done) break;
- last = ++mark;
- }
-#endif
- return nssrv;
-}
-
-static PRStatus
-parse_slot_parameters
-(
- NSSSlot *slot,
- NSSUTF8 *slotParams,
- NSSArena *tmparena
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- NSSUTF8 *current, *remainder;
- NSSUTF8 *attrib, *value;
- current = slotParams;
- while (nssrv == PR_SUCCESS) {
- nssrv = nssCryptokiArgs_ParseNextPair(current,
- &attrib, &value,
- &remainder, tmparena);
- if (nssrv != PR_SUCCESS) break;
- if (value) {
- if (nssUTF8_Equal(attrib, "slotFlags", &nssrv)) {
- nssrv = parse_slot_flags(slot, value);
- } else if (nssUTF8_Equal(attrib, "askpw", &nssrv)) {
- } else if (nssUTF8_Equal(attrib, "timeout", &nssrv)) {
- }
- }
- if (*remainder == '\0') break;
- current = remainder;
- }
- return nssrv;
-}
-
-/* softoken seems to use "0x0000001", but no standard yet... perhaps this
- * should store the number as an ID, in case the input isn't 1,2,3,...?
- */
-static PRIntn
-get_slot_number(NSSUTF8* snString)
-{
- /* XXX super big hack */
- return atoi(&snString[strlen(snString)-1]);
-}
-
-static PRStatus
-parse_module_slot_parameters
-(
- NSSModule *mod,
- NSSUTF8 *slotParams
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- NSSUTF8 *current, *remainder;
- NSSUTF8 *attrib, *value;
- NSSArena *tmparena;
- PRIntn slotNum;
- tmparena = nssArena_Create();
- if (!tmparena) {
- return PR_FAILURE;
- }
- current = slotParams;
- while (nssrv == PR_SUCCESS) {
- nssrv = nssCryptokiArgs_ParseNextPair(current,
- &attrib, &value,
- &remainder, tmparena);
- if (nssrv != PR_SUCCESS) break;
- if (value) {
- slotNum = get_slot_number(attrib);
- if (slotNum < 0 || slotNum > mod->numSlots) {
- return PR_FAILURE;
- }
- nssrv = parse_slot_parameters(mod->slots[slotNum],
- value, tmparena);
- if (nssrv != PR_SUCCESS) break;
- }
- if (*remainder == '\0') break;
- current = remainder;
- }
- return nssrv;
-}
-
-static PRStatus
-parse_nss_flags
-(
- NSSModule *mod,
- NSSUTF8 *nssFlags
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- PRBool done = PR_FALSE;
- NSSUTF8 *mark, *last;
- last = mark = nssFlags;
- while (PR_TRUE) {
- while (*mark && *mark != ',') ++mark;
- if (!*mark) done = PR_TRUE;
- *mark = '\0';
- if (nssUTF8_Equal(last, "internal", &nssrv)) {
- mod->base.flags |= NSSMODULE_FLAGS_INTERNAL;
- } else if (nssUTF8_Equal(last, "moduleDB", &nssrv)) {
- mod->base.flags |= NSSMODULE_FLAGS_MODULE_DB;
- } else if (nssUTF8_Equal(last, "moduleDBOnly", &nssrv)) {
- mod->base.flags |= NSSMODULE_FLAGS_MODULE_DB_ONLY;
- } else if (nssUTF8_Equal(last, "critical", &nssrv)) {
- mod->base.flags |= NSSMODULE_FLAGS_CRITICAL;
- } else {
- return PR_FAILURE;
- }
- if (done) break;
- last = ++mark;
- }
- return nssrv;
-}
-
-static PRStatus
-parse_nss_parameters
-(
- NSSModule *mod,
- NSSUTF8 *nssParams,
- NSSArena *tmparena,
- NSSUTF8 **slotParams
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- NSSUTF8 *current, *remainder;
- NSSUTF8 *attrib, *value;
- current = nssParams;
- while (nssrv == PR_SUCCESS) {
- nssrv = nssCryptokiArgs_ParseNextPair(current,
- &attrib, &value,
- &remainder, tmparena);
- if (nssrv != PR_SUCCESS) break;
- if (value) {
- if (nssUTF8_Equal(attrib, "flags", &nssrv) ||
- nssUTF8_Equal(attrib, "Flags", &nssrv)) {
- nssrv = parse_nss_flags(mod, value);
- } else if (nssUTF8_Equal(attrib, "trustOrder", &nssrv)) {
- mod->order.trust = atoi(value);
- } else if (nssUTF8_Equal(attrib, "cipherOrder", &nssrv)) {
- mod->order.cipher = atoi(value);
- } else if (nssUTF8_Equal(attrib, "ciphers", &nssrv)) {
- } else if (nssUTF8_Equal(attrib, "slotParams", &nssrv)) {
- /* slotParams doesn't get an arena, it is handled separately */
- *slotParams = nssUTF8_Duplicate(value, NULL);
- }
- }
- if (*remainder == '\0') break;
- current = remainder;
- }
- return nssrv;
-}
-
-static PRStatus
-parse_module_parameters
-(
- NSSModule *mod,
- NSSUTF8 *moduleParams,
- NSSUTF8 **slotParams
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- NSSUTF8 *current, *remainder;
- NSSUTF8 *attrib, *value;
- NSSArena *arena = mod->base.arena;
- NSSArena *tmparena;
- current = moduleParams;
- tmparena = nssArena_Create();
- if (!tmparena) {
- return PR_FAILURE;
- }
- while (nssrv == PR_SUCCESS) {
- nssrv = nssCryptokiArgs_ParseNextPair(current,
- &attrib, &value,
- &remainder, tmparena);
- if (nssrv != PR_SUCCESS) break;
- if (value) {
- if (nssUTF8_Equal(attrib, "name", &nssrv)) {
- mod->base.name = nssUTF8_Duplicate(value, arena);
- } else if (nssUTF8_Equal(attrib, "library", &nssrv)) {
- mod->libraryName = nssUTF8_Duplicate(value, arena);
- } else if (nssUTF8_Equal(attrib, "parameters", &nssrv)) {
- mod->libraryParams = nssUTF8_Duplicate(value, arena);
- } else if (nssUTF8_Equal(attrib, "NSS", &nssrv)) {
- parse_nss_parameters(mod, value, tmparena, slotParams);
- }
- }
- if (*remainder == '\0') break;
- current = remainder;
- }
- nssArena_Destroy(tmparena);
- return nssrv;
-}
-
-static NSSUTF8 **
-get_module_specs
-(
- NSSModule *mod
-)
-{
- SECMODModuleDBFunc func = (SECMODModuleDBFunc)mod->moduleDBFunc;
- if (func) {
- return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
- mod->libraryParams,
- NULL);
- }
- return NULL;
-}
-
-/* XXX continue working on */
-NSS_IMPLEMENT NSSModule *
-nssModule_CreateFromSpec
-(
- NSSUTF8 *moduleSpec,
- NSSModule *parent,
- PRBool loadSubModules
-)
-{
- PRStatus nssrv;
- NSSModule *thisModule;
- NSSArena *arena;
- NSSUTF8 *slotParams = NULL;
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- thisModule = nss_ZNEW(arena, NSSModule);
- if (!thisModule) {
- goto loser;
- }
- thisModule->base.lock = PZ_NewLock(nssILockOther);
- if (!thisModule->base.lock) {
- goto loser;
- }
- PR_AtomicIncrement(&thisModule->base.refCount);
- thisModule->base.arena = arena;
- thisModule->base.lock = PZ_NewLock(nssNSSILockOther);
- if (!thisModule->base.lock) {
- goto loser;
- }
- nssrv = parse_module_parameters(thisModule, moduleSpec, &slotParams);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- nssrv = nssModule_Load(thisModule);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- if (slotParams) {
- nssrv = parse_module_slot_parameters(thisModule, slotParams);
- nss_ZFreeIf(slotParams);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- }
- if (loadSubModules && NSSMODULE_IS_MODULE_DB(thisModule)) {
- NSSUTF8 **moduleSpecs;
- NSSUTF8 **index;
- /* get the array of sub modules one level below this module */
- moduleSpecs = get_module_specs(thisModule);
- /* iterate over the array */
- for (index = moduleSpecs; index && *index; index++) {
- NSSModule *child;
- /* load the child recursively */
- child = nssModule_CreateFromSpec(*index, thisModule, PR_TRUE);
- if (!child) {
- /* when children fail, does the parent? */
- nssrv = PR_FAILURE;
- break;
- }
- if (NSSMODULE_IS_CRITICAL(child) && !child->isLoaded) {
- nssrv = PR_FAILURE;
- nssModule_Destroy(child);
- break;
- }
- nssModule_Destroy(child);
- /*nss_ZFreeIf(*index);*/
- }
- /*nss_ZFreeIf(moduleSpecs);*/
- }
- /* The global list inherits the reference */
- nssrv = nssGlobalModuleList_Add(thisModule);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- return thisModule;
-loser:
- if (thisModule->base.lock) {
- PZ_DestroyLock(thisModule->base.lock);
- }
- nssArena_Destroy(arena);
- return (NSSModule *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Destroy
-(
- NSSModule *mod
-)
-{
- PRUint32 i, numSlots;
- PR_AtomicDecrement(&mod->base.refCount);
- if (mod->base.refCount == 0) {
- if (mod->numSlots == 0) {
- (void)nssModule_Unload(mod);
- return nssArena_Destroy(mod->base.arena);
- } else {
- numSlots = mod->numSlots;
- for (i=0; i<numSlots; i++) {
- nssSlot_Destroy(mod->slots[i]);
- }
- }
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_DestroyFromSlot
-(
- NSSModule *mod,
- NSSSlot *slot
-)
-{
- PRUint32 i, numSlots = 0;
- PR_ASSERT(mod->base.refCount == 0);
- for (i=0; i<mod->numSlots; i++) {
- if (mod->slots[i] == slot) {
- mod->slots[i] = NULL;
- } else if (mod->slots[i]) {
- numSlots++;
- }
- }
- if (numSlots == 0) {
- (void)nssModule_Unload(mod);
- return nssArena_Destroy(mod->base.arena);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSModule *
-nssModule_AddRef
-(
- NSSModule *mod
-)
-{
- PR_AtomicIncrement(&mod->base.refCount);
- return mod;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssModule_GetName
-(
- NSSModule *mod
-)
-{
- return mod->base.name;
-}
-
-NSS_IMPLEMENT PRBool
-nssModule_IsThreadSafe
-(
- NSSModule *module
-)
-{
- return NSSMODULE_IS_THREADSAFE(module);
-}
-
-NSS_IMPLEMENT PRBool
-nssModule_IsInternal
-(
- NSSModule *mod
-)
-{
- return NSSMODULE_IS_INTERNAL(mod);
-}
-
-NSS_IMPLEMENT PRBool
-nssModule_IsModuleDBOnly
-(
- NSSModule *mod
-)
-{
- return NSSMODULE_IS_MODULE_DB_ONLY(mod);
-}
-
-NSS_IMPLEMENT void *
-nssModule_GetCryptokiEPV
-(
- NSSModule *mod
-)
-{
- return mod->epv;
-}
-
-NSS_IMPLEMENT NSSSlot **
-nssModule_GetSlots
-(
- NSSModule *mod
-)
-{
- PRUint32 i;
- NSSSlot **rvSlots;
- rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, mod->numSlots + 1);
- if (rvSlots) {
- for (i=0; i<mod->numSlots; i++) {
- rvSlots[i] = nssSlot_AddRef(mod->slots[i]);
- }
- }
- return rvSlots;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssModule_FindSlotByName
-(
- NSSModule *mod,
- NSSUTF8 *slotName
-)
-{
- PRUint32 i;
- PRStatus nssrv;
- NSSSlot *slot;
- NSSUTF8 *name;
- for (i=0; i<mod->numSlots; i++) {
- slot = mod->slots[i];
- name = nssSlot_GetName(slot);
- if (nssUTF8_Equal(name, slotName, &nssrv)) {
- return nssSlot_AddRef(slot);
- }
- if (nssrv != PR_SUCCESS) {
- break;
- }
- }
- return (NSSSlot *)NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssModule_FindTokenByName
-(
- NSSModule *mod,
- NSSUTF8 *tokenName
-)
-{
- PRUint32 i;
- PRStatus nssrv;
- NSSToken *tok;
- NSSUTF8 *name;
- for (i=0; i<mod->numSlots; i++) {
- tok = nssSlot_GetToken(mod->slots[i]);
- if (tok) {
- name = nssToken_GetName(tok);
- if (nssUTF8_Equal(name, tokenName, &nssrv)) {
- return tok;
- }
- if (nssrv != PR_SUCCESS) {
- break;
- }
- }
- }
- return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT PRInt32
-nssModule_GetCertOrder
-(
- NSSModule *module
-)
-{
- return 1; /* XXX */
-}
-
-#endif /* PURE_STAN_BUILD */
-
diff --git a/security/nss/lib/dev/devslot.c b/security/nss/lib/dev/devslot.c
deleted file mode 100644
index 81cd512d5..000000000
--- a/security/nss/lib/dev/devslot.c
+++ /dev/null
@@ -1,841 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-/* measured in seconds */
-#define NSSSLOT_TOKEN_DELAY_TIME 1
-
-/* this should track global and per-transaction login information */
-
-#ifdef PURE_STAN_CODE
-typedef enum {
- nssSlotAskPasswordTimes_FirstTime = 0,
- nssSlotAskPasswordTimes_EveryTime = 1,
- nssSlotAskPasswordTimes_Timeout = 2
-}
-nssSlotAskPasswordTimes;
-
-struct nssSlotAuthInfoStr
-{
- PRTime lastLogin;
- nssSlotAskPasswordTimes askTimes;
- PRIntervalTime askPasswordTimeout;
-};
-
-struct NSSSlotStr
-{
- struct nssDeviceBaseStr base;
- NSSModule *module; /* Parent */
- NSSToken *token; /* Peer */
- CK_SLOT_ID slotID;
- CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */
- struct nssSlotAuthInfoStr authInfo;
- PRIntervalTime lastTokenPing;
-#ifdef NSS_3_4_CODE
- PK11SlotInfo *pk11slot;
-#endif
-};
-#endif /* PURE_STAN_CODE */
-
-#define NSSSLOT_IS_FRIENDLY(slot) \
- (slot->base.flags & NSSSLOT_FLAGS_FRIENDLY)
-
-/* measured as interval */
-static PRIntervalTime s_token_delay_time = 0;
-
-/* The flags needed to open a read-only session. */
-static const CK_FLAGS s_ck_readonly_flags = CKF_SERIAL_SESSION;
-
-#ifdef PURE_STAN_BUILD
-/* In pk11slot.c, this was a no-op. So it is here also. */
-static CK_RV PR_CALLBACK
-nss_ck_slot_notify
-(
- CK_SESSION_HANDLE session,
- CK_NOTIFICATION event,
- CK_VOID_PTR pData
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssSlot_Create
-(
- CK_SLOT_ID slotID,
- NSSModule *parent
-)
-{
- NSSArena *arena = NULL;
- NSSSlot *rvSlot;
- NSSToken *token = NULL;
- NSSUTF8 *slotName = NULL;
- PRUint32 length;
- CK_SLOT_INFO slotInfo;
- CK_RV ckrv;
- void *epv;
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSSlot *)NULL;
- }
- rvSlot = nss_ZNEW(arena, NSSSlot);
- if (!rvSlot) {
- goto loser;
- }
- /* Get slot information */
- epv = nssModule_GetCryptokiEPV(parent);
- ckrv = CKAPI(epv)->C_GetSlotInfo(slotID, &slotInfo);
- if (ckrv != CKR_OK) {
- /* set an error here, eh? */
- goto loser;
- }
- /* Grab the slot description from the PKCS#11 fixed-length buffer */
- length = nssPKCS11String_Length(slotInfo.slotDescription,
- sizeof(slotInfo.slotDescription));
- if (length > 0) {
- slotName = nssUTF8_Create(arena, nssStringType_UTF8String,
- (void *)slotInfo.slotDescription, length);
- if (!slotName) {
- goto loser;
- }
- }
- rvSlot->base.arena = arena;
- rvSlot->base.refCount = 1;
- rvSlot->base.name = slotName;
- rvSlot->base.lock = PZ_NewLock(nssNSSILockOther); /* XXX */
- if (!rvSlot->base.lock) {
- goto loser;
- }
- rvSlot->module = parent; /* refs go from module to slots */
- rvSlot->slotID = slotID;
- rvSlot->ckFlags = slotInfo.flags;
- /* Initialize the token if present. */
- if (slotInfo.flags & CKF_TOKEN_PRESENT) {
- token = nssToken_Create(slotID, rvSlot);
- if (!token) {
- goto loser;
- }
- }
- rvSlot->token = token;
- return rvSlot;
-loser:
- nssArena_Destroy(arena);
- /* everything was created in the arena, nothing to see here, move along */
- return (NSSSlot *)NULL;
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Destroy
-(
- NSSSlot *slot
-)
-{
- if (slot) {
- PR_AtomicDecrement(&slot->base.refCount);
- if (slot->base.refCount == 0) {
- PZ_DestroyLock(slot->base.lock);
-#ifdef PURE_STAN_BUILD
- nssToken_Destroy(slot->token);
- nssModule_DestroyFromSlot(slot->module, slot);
-#endif
- return nssArena_Destroy(slot->base.arena);
- }
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-NSSSlot_Destroy
-(
- NSSSlot *slot
-)
-{
- (void)nssSlot_Destroy(slot);
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssSlot_AddRef
-(
- NSSSlot *slot
-)
-{
- PR_AtomicIncrement(&slot->base.refCount);
- return slot;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssSlot_GetName
-(
- NSSSlot *slot
-)
-{
- return slot->base.name;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssSlot_GetTokenName
-(
- NSSSlot *slot
-)
-{
- return nssToken_GetName(slot->token);
-}
-
-static PRBool
-within_token_delay_period(NSSSlot *slot)
-{
- PRIntervalTime time, lastTime;
- /* Set the delay time for checking the token presence */
- if (s_token_delay_time == 0) {
- s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
- }
- time = PR_IntervalNow();
- lastTime = slot->lastTokenPing;
- if ((lastTime) &&
- (time > lastTime) && ((time - lastTime) < s_token_delay_time)) {
- return PR_TRUE;
- }
- slot->lastTokenPing = time;
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsTokenPresent
-(
- NSSSlot *slot
-)
-{
- CK_RV ckrv;
- PRStatus nssrv;
- /* XXX */
- nssSession *session;
- CK_SLOT_INFO slotInfo;
- void *epv;
- /* permanent slots are always present */
- if (nssSlot_IsPermanent(slot)) {
- return PR_TRUE;
- }
- /* avoid repeated calls to check token status within set interval */
- if (within_token_delay_period(slot)) {
- return (PRBool)((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
- }
- /* First obtain the slot info */
-#ifdef PURE_STAN_BUILD
- epv = nssModule_GetCryptokiEPV(slot->module);
-#else
- epv = slot->epv;
-#endif
- if (!epv) {
- return PR_FALSE;
- }
- ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
- if (ckrv != CKR_OK) {
- slot->token->base.name[0] = 0; /* XXX */
- return PR_FALSE;
- }
- slot->ckFlags = slotInfo.flags;
- /* check for the presence of the token */
- if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
- if (!slot->token) {
- /* token was ne'er present */
- return PR_FALSE;
- }
- session = nssToken_GetDefaultSession(slot->token);
- nssSession_EnterMonitor(session);
- /* token is not present */
- if (session->handle != CK_INVALID_SESSION) {
- /* session is valid, close and invalidate it */
- CKAPI(epv)->C_CloseSession(session->handle);
- session->handle = CK_INVALID_SESSION;
- }
- nssSession_ExitMonitor(session);
-#ifdef NSS_3_4_CODE
- if (slot->token->base.name[0] != 0) {
- /* notify the high-level cache that the token is removed */
- slot->token->base.name[0] = 0; /* XXX */
- nssToken_NotifyCertsNotVisible(slot->token);
- }
-#endif
- slot->token->base.name[0] = 0; /* XXX */
- /* clear the token cache */
- nssToken_Remove(slot->token);
- return PR_FALSE;
-#ifdef PURE_STAN_CODE
- } else if (!slot->token) {
- /* token was not present at boot time, is now */
- slot->token = nssToken_Create(slot->slotID, slot);
- return (slot->token != NULL);
-#endif
- }
- /* token is present, use the session info to determine if the card
- * has been removed and reinserted.
- */
- session = nssToken_GetDefaultSession(slot->token);
- nssSession_EnterMonitor(session);
- if (session->handle != CK_INVALID_SESSION) {
- CK_SESSION_INFO sessionInfo;
- ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
- if (ckrv != CKR_OK) {
- /* session is screwy, close and invalidate it */
- CKAPI(epv)->C_CloseSession(session->handle);
- session->handle = CK_INVALID_SESSION;
- }
- }
- nssSession_ExitMonitor(session);
- /* token not removed, finished */
- if (session->handle != CK_INVALID_SESSION) {
- return PR_TRUE;
- } else {
- /* the token has been removed, and reinserted, invalidate all the old
- * information we had on this token */
-#ifdef NSS_3_4_CODE
- nssToken_NotifyCertsNotVisible(slot->token);
-#endif /* NSS_3_4_CODE */
- nssToken_Remove(slot->token);
- /* token has been removed, need to refresh with new session */
- nssrv = nssSlot_Refresh(slot);
- if (nssrv != PR_SUCCESS) {
- slot->token->base.name[0] = 0; /* XXX */
- return PR_FALSE;
- }
- return PR_TRUE;
- }
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT NSSModule *
-nssSlot_GetModule
-(
- NSSSlot *slot
-)
-{
- return nssModule_AddRef(slot->module);
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT void *
-nssSlot_GetCryptokiEPV
-(
- NSSSlot *slot
-)
-{
-#ifdef PURE_STAN_BUILD
- return nssModule_GetCryptokiEPV(slot->module);
-#else
- return slot->epv;
-#endif
-}
-
-NSS_IMPLEMENT NSSToken *
-nssSlot_GetToken
-(
- NSSSlot *slot
-)
-{
- if (nssSlot_IsTokenPresent(slot)) {
- return nssToken_AddRef(slot->token);
- }
- return (NSSToken *)NULL;
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT PRBool
-nssSlot_IsPermanent
-(
- NSSSlot *slot
-)
-{
- return (!(slot->ckFlags & CKF_REMOVABLE_DEVICE));
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsFriendly
-(
- NSSSlot *slot
-)
-{
- return PR_TRUE /* XXX NSSSLOT_IS_FRIENDLY(slot)*/;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsHardware
-(
- NSSSlot *slot
-)
-{
- return (slot->ckFlags & CKF_HW_SLOT);
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Refresh
-(
- NSSSlot *slot
-)
-{
- /* XXX */
-#if 0
- nssToken_Destroy(slot->token);
- if (slotInfo.flags & CKF_TOKEN_PRESENT) {
- slot->token = nssToken_Create(NULL, slotID, slot);
- }
-#endif
- return PR_SUCCESS;
-}
-
-static PRBool
-slot_needs_login
-(
- NSSSlot *slot,
- nssSession *session
-)
-{
- PRBool needsLogin, logout;
- struct nssSlotAuthInfoStr *authInfo = &slot->authInfo;
- void *epv = nssModule_GetCryptokiEPV(slot->module);
- if (!nssToken_IsLoginRequired(slot->token)) {
- return PR_FALSE;
- }
- if (authInfo->askTimes == nssSlotAskPasswordTimes_EveryTime) {
- logout = PR_TRUE;
- } else if (authInfo->askTimes == nssSlotAskPasswordTimes_Timeout) {
- PRIntervalTime currentTime = PR_IntervalNow();
- if (authInfo->lastLogin - currentTime < authInfo->askPasswordTimeout) {
- logout = PR_FALSE;
- } else {
- logout = PR_TRUE;
- }
- } else { /* nssSlotAskPasswordTimes_FirstTime */
- logout = PR_FALSE;
- }
- if (logout) {
- /* The login has expired, timeout */
- nssSession_EnterMonitor(session);
- CKAPI(epv)->C_Logout(session->handle);
- nssSession_ExitMonitor(session);
- needsLogin = PR_TRUE;
- } else {
- CK_RV ckrv;
- CK_SESSION_INFO sessionInfo;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- /* XXX error -- invalidate session */
- return PR_FALSE;
- }
- switch (sessionInfo.state) {
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RO_PUBLIC_SESSION:
- default:
- needsLogin = PR_TRUE;
- break;
- case CKS_RW_USER_FUNCTIONS:
- case CKS_RW_SO_FUNCTIONS:
- case CKS_RO_USER_FUNCTIONS:
- needsLogin = PR_FALSE;
- break;
- }
- }
- return needsLogin;
-}
-
-static PRStatus
-slot_login
-(
- NSSSlot *slot,
- nssSession *session,
- CK_USER_TYPE userType,
- NSSCallback *pwcb
-)
-{
- PRStatus nssrv;
- PRUint32 attempts;
- PRBool keepTrying;
- NSSUTF8 *password = NULL;
- CK_ULONG pwLen;
- CK_RV ckrv;
- void *epv;
- if (!pwcb->getPW) {
- /* set error INVALID_ARG */
- return PR_FAILURE;
- }
- epv = nssModule_GetCryptokiEPV(slot->module);
- keepTrying = PR_TRUE;
- nssrv = PR_FAILURE;
- attempts = 0;
- while (keepTrying) {
- /* use the token name, since it is present */
- NSSUTF8 *tokenName = nssToken_GetName(slot->token);
- nssrv = pwcb->getPW(tokenName, attempts, pwcb->arg, &password);
- if (nssrv != PR_SUCCESS) {
- nss_SetError(NSS_ERROR_USER_CANCELED);
- break;
- }
- pwLen = (CK_ULONG)nssUTF8_Length(password, &nssrv);
- if (nssrv != PR_SUCCESS) {
- break;
- }
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_Login(session->handle, userType,
- (CK_CHAR_PTR)password, pwLen);
- nssSession_ExitMonitor(session);
- switch (ckrv) {
- case CKR_OK:
- case CKR_USER_ALREADY_LOGGED_IN:
- slot->authInfo.lastLogin = PR_Now();
- nssrv = PR_SUCCESS;
- keepTrying = PR_FALSE;
- break;
- case CKR_PIN_INCORRECT:
- nss_SetError(NSS_ERROR_INVALID_PASSWORD);
- keepTrying = PR_TRUE; /* received bad pw, keep going */
- break;
- default:
- nssrv = PR_FAILURE;
- keepTrying = PR_FALSE;
- break;
- }
- nss_ZFreeIf(password);
- password = NULL;
- ++attempts;
- }
- return nssrv;
-}
-
-static PRStatus
-init_slot_password
-(
- NSSSlot *slot,
- nssSession *rwSession,
- NSSUTF8 *password
-)
-{
- PRStatus status;
- NSSUTF8 *ssoPW = "";
- CK_ULONG userPWLen, ssoPWLen;
- CK_RV ckrv;
- void *epv = nssModule_GetCryptokiEPV(slot->module);
- /* Get the SO and user passwords */
- userPWLen = (CK_ULONG)nssUTF8_Length(password, &status);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- ssoPWLen = (CK_ULONG)nssUTF8_Length(ssoPW, &status);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- /* First log in as SO */
- ckrv = CKAPI(epv)->C_Login(rwSession->handle, CKU_SO,
- (CK_CHAR_PTR)ssoPW, ssoPWLen);
- if (ckrv != CKR_OK) {
- /* set error ...SO_LOGIN_FAILED */
- goto loser;
- }
- /* Now change the user PIN */
- ckrv = CKAPI(epv)->C_InitPIN(rwSession->handle,
- (CK_CHAR_PTR)password, userPWLen);
- if (ckrv != CKR_OK) {
- /* set error */
- goto loser;
- }
- return PR_SUCCESS;
-loser:
- return PR_FAILURE;
-}
-
-static PRStatus
-change_slot_password
-(
- NSSSlot *slot,
- nssSession *rwSession,
- NSSUTF8 *oldPassword,
- NSSUTF8 *newPassword
-)
-{
- PRStatus status;
- CK_ULONG userPWLen, newPWLen;
- CK_RV ckrv;
- void *epv = nssModule_GetCryptokiEPV(slot->module);
- userPWLen = (CK_ULONG)nssUTF8_Length(oldPassword, &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- newPWLen = (CK_ULONG)nssUTF8_Length(newPassword, &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- nssSession_EnterMonitor(rwSession);
- ckrv = CKAPI(epv)->C_SetPIN(rwSession->handle,
- (CK_CHAR_PTR)oldPassword, userPWLen,
- (CK_CHAR_PTR)newPassword, newPWLen);
- nssSession_ExitMonitor(rwSession);
- switch (ckrv) {
- case CKR_OK:
- slot->authInfo.lastLogin = PR_Now();
- status = PR_SUCCESS;
- break;
- case CKR_PIN_INCORRECT:
- nss_SetError(NSS_ERROR_INVALID_PASSWORD);
- status = PR_FAILURE;
- break;
- default:
- status = PR_FAILURE;
- break;
- }
- return status;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Login
-(
- NSSSlot *slot,
- NSSCallback *pwcb
-)
-{
- PRStatus status;
- CK_USER_TYPE userType = CKU_USER;
- NSSToken *token = nssSlot_GetToken(slot);
- nssSession *session;
- if (!token) {
- return PR_FAILURE;
- }
- if (!nssToken_IsLoginRequired(token)) {
- nssToken_Destroy(token);
- return PR_SUCCESS;
- }
- session = nssToken_GetDefaultSession(slot->token);
- if (nssToken_NeedsPINInitialization(token)) {
- NSSUTF8 *password = NULL;
- if (!pwcb->getInitPW) {
- nssToken_Destroy(token);
- return PR_FAILURE; /* don't know how to get initial password */
- }
- status = (*pwcb->getInitPW)(slot->base.name, pwcb->arg, &password);
- if (status == PR_SUCCESS) {
- session = nssSlot_CreateSession(slot, NULL, PR_TRUE);
- status = init_slot_password(slot, session, password);
- nssSession_Destroy(session);
- }
- } else if (slot_needs_login(slot, session)) {
- status = slot_login(slot, session, userType, pwcb);
- } else {
- status = PR_SUCCESS;
- }
- nssToken_Destroy(token);
- return status;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Logout
-(
- NSSSlot *slot,
- nssSession *sessionOpt
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- nssSession *session;
- CK_RV ckrv;
- void *epv = nssModule_GetCryptokiEPV(slot->module);
- session = sessionOpt ?
- sessionOpt :
- nssToken_GetDefaultSession(slot->token);
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_Logout(session->handle);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- /* translate the error */
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsLoggedIn
-(
- NSSSlot *slot
-)
-{
- nssSession *session = nssToken_GetDefaultSession(slot->token);
- return !slot_needs_login(slot, session);
-}
-
-NSS_IMPLEMENT void
-nssSlot_SetPasswordDefaults
-(
- NSSSlot *slot,
- PRInt32 askPasswordTimeout
-)
-{
- slot->authInfo.askPasswordTimeout = askPasswordTimeout;
-}
-
-
-NSS_IMPLEMENT PRStatus
-nssSlot_SetPassword
-(
- NSSSlot *slot,
- NSSUTF8 *oldPasswordOpt,
- NSSUTF8 *newPassword
-)
-{
- PRStatus status;
- nssSession *rwSession;
- NSSToken *token = nssSlot_GetToken(slot);
- if (!token) {
- return PR_FAILURE;
- }
- rwSession = nssSlot_CreateSession(slot, NULL, PR_TRUE);
- if (nssToken_NeedsPINInitialization(token)) {
- status = init_slot_password(slot, rwSession, newPassword);
- } else if (oldPasswordOpt) {
- status = change_slot_password(slot, rwSession,
- oldPasswordOpt, newPassword);
- } else {
- /* old password must be given in order to change */
- status = PR_FAILURE;
- }
- nssSession_Destroy(rwSession);
- nssToken_Destroy(token);
- return status;
-}
-
-NSS_IMPLEMENT nssSession *
-nssSlot_CreateSession
-(
- NSSSlot *slot,
- NSSArena *arenaOpt,
- PRBool readWrite /* so far, this is the only flag used */
-)
-{
- CK_RV ckrv;
- CK_FLAGS ckflags;
- CK_SESSION_HANDLE handle;
- void *epv = nssModule_GetCryptokiEPV(slot->module);
- nssSession *rvSession;
- ckflags = s_ck_readonly_flags;
- if (readWrite) {
- ckflags |= CKF_RW_SESSION;
- }
- ckrv = CKAPI(epv)->C_OpenSession(slot->slotID, ckflags,
- slot, nss_ck_slot_notify, &handle);
- if (ckrv != CKR_OK) {
- /* set an error here, eh? */
- return (nssSession *)NULL;
- }
- rvSession = nss_ZNEW(arenaOpt, nssSession);
- if (!rvSession) {
- return (nssSession *)NULL;
- }
- if (!nssModule_IsThreadSafe(slot->module)) {
- /* If the parent module is not threadsafe, create lock to manage
- * session within threads.
- */
- rvSession->lock = PZ_NewLock(nssILockOther);
- if (!rvSession->lock) {
- /* need to translate NSPR error? */
- if (arenaOpt) {
- } else {
- nss_ZFreeIf(rvSession);
- }
- return (nssSession *)NULL;
- }
- }
- rvSession->handle = handle;
- rvSession->slot = slot;
- rvSession->isRW = readWrite;
- return rvSession;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_Destroy
-(
- nssSession *s
-)
-{
- CK_RV ckrv = CKR_OK;
- if (s) {
- void *epv = s->slot->epv;
- ckrv = CKAPI(epv)->C_CloseSession(s->handle);
- if (s->lock) {
- PZ_DestroyLock(s->lock);
- }
- nss_ZFreeIf(s);
- }
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT PRStatus
-nssSession_EnterMonitor
-(
- nssSession *s
-)
-{
- if (s->lock) PZ_Lock(s->lock);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_ExitMonitor
-(
- nssSession *s
-)
-{
- return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
-}
-
-NSS_EXTERN PRBool
-nssSession_IsReadWrite
-(
- nssSession *s
-)
-{
- return s->isRW;
-}
-
diff --git a/security/nss/lib/dev/devt.h b/security/nss/lib/dev/devt.h
deleted file mode 100644
index 10a7978c3..000000000
--- a/security/nss/lib/dev/devt.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVT_H
-#define DEVT_H
-
-#ifdef DEBUG
-static const char DEVT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * devt.h
- *
- * This file contains definitions for the low-level cryptoki devices.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifdef NSS_3_4_CODE
-#include "secmodt.h"
-#endif /* NSS_3_4_CODE */
-
-PR_BEGIN_EXTERN_C
-
-typedef struct nssSessionStr nssSession;
-
-/* XXX until NSSTokenStr is moved */
-struct nssDeviceBaseStr
-{
- NSSArena *arena;
- PZLock *lock;
- PRInt32 refCount;
- NSSUTF8 *name;
- PRUint32 flags;
-};
-
-typedef struct nssTokenObjectCacheStr nssTokenObjectCache;
-
-/* XXX until devobject.c goes away */
-struct NSSTokenStr
-{
- struct nssDeviceBaseStr base;
- NSSSlot *slot; /* Parent (or peer, if you will) */
- CK_FLAGS ckFlags; /* from CK_TOKEN_INFO.flags */
- PRUint32 flags;
- void *epv;
- nssSession *defaultSession;
- NSSTrustDomain *trustDomain;
- PRIntervalTime lastTime;
- nssTokenObjectCache *cache;
-#ifdef NSS_3_4_CODE
- PK11SlotInfo *pk11slot;
-#endif
-};
-
-typedef enum {
- nssSlotAskPasswordTimes_FirstTime = 0,
- nssSlotAskPasswordTimes_EveryTime = 1,
- nssSlotAskPasswordTimes_Timeout = 2
-}
-nssSlotAskPasswordTimes;
-
-struct nssSlotAuthInfoStr
-{
- PRTime lastLogin;
- nssSlotAskPasswordTimes askTimes;
- PRIntervalTime askPasswordTimeout;
-};
-
-struct NSSSlotStr
-{
- struct nssDeviceBaseStr base;
- NSSModule *module; /* Parent */
- NSSToken *token; /* Peer */
- CK_SLOT_ID slotID;
- CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */
- struct nssSlotAuthInfoStr authInfo;
- PRIntervalTime lastTokenPing;
-#ifdef NSS_3_4_CODE
- void *epv;
- PK11SlotInfo *pk11slot;
-#endif
-};
-
-struct nssSessionStr
-{
- PZLock *lock;
- CK_SESSION_HANDLE handle;
- NSSSlot *slot;
- PRBool isRW;
-};
-
-typedef enum {
- NSSCertificateType_Unknown = 0,
- NSSCertificateType_PKIX = 1
-} NSSCertificateType;
-
-#ifdef nodef
-/* the current definition of NSSTrust depends on this value being CK_ULONG */
-typedef CK_ULONG nssTrustLevel;
-#else
-typedef enum {
- nssTrustLevel_Unknown = 0,
- nssTrustLevel_NotTrusted = 1,
- nssTrustLevel_Trusted = 2,
- nssTrustLevel_TrustedDelegator = 3,
- nssTrustLevel_Valid = 4,
- nssTrustLevel_ValidDelegator = 5
-} nssTrustLevel;
-#endif
-
-typedef struct nssCryptokiInstanceStr nssCryptokiInstance;
-
-struct nssCryptokiInstanceStr
-{
- CK_OBJECT_HANDLE handle;
- NSSToken *token;
- PRBool isTokenObject;
- NSSUTF8 *label;
-};
-
-typedef struct nssCryptokiInstanceStr nssCryptokiObject;
-
-typedef struct nssTokenCertSearchStr nssTokenCertSearch;
-
-typedef enum {
- nssTokenSearchType_AllObjects = 0,
- nssTokenSearchType_SessionOnly = 1,
- nssTokenSearchType_TokenOnly = 2,
- nssTokenSearchType_TokenForced = 3
-} nssTokenSearchType;
-
-struct nssTokenCertSearchStr
-{
- nssTokenSearchType searchType;
- PRStatus (* callback)(NSSCertificate *c, void *arg);
- void *cbarg;
- nssList *cached;
- /* TODO: add a cache query callback if the list would be large
- * (traversal)
- */
-};
-
-struct nssSlotListStr;
-typedef struct nssSlotListStr nssSlotList;
-
-struct NSSAlgorithmAndParametersStr
-{
- CK_MECHANISM mechanism;
-};
-
-PR_END_EXTERN_C
-
-#endif /* DEVT_H */
diff --git a/security/nss/lib/dev/devtm.h b/security/nss/lib/dev/devtm.h
deleted file mode 100644
index 5e48c5d80..000000000
--- a/security/nss/lib/dev/devtm.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVTM_H
-#define DEVTM_H
-
-#ifdef DEBUG
-static const char DEVTM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * devtm.h
- *
- * This file contains module-private definitions for the low-level
- * cryptoki devices.
- */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-#define MAX_LOCAL_CACHE_OBJECTS 10
-
-PR_END_EXTERN_C
-
-#endif /* DEVTM_H */
diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c
deleted file mode 100644
index 46624d362..000000000
--- a/security/nss/lib/dev/devtoken.c
+++ /dev/null
@@ -1,1755 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifdef NSS_3_4_CODE
-#include "pk11func.h"
-#include "dev3hack.h"
-#include "secerr.h"
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-/* The number of object handles to grab during each call to C_FindObjects */
-#define OBJECT_STACK_SIZE 16
-
-#ifdef PURE_STAN_BUILD
-struct NSSTokenStr
-{
- struct nssDeviceBaseStr base;
- NSSSlot *slot; /* Peer */
- CK_FLAGS ckFlags; /* from CK_TOKEN_INFO.flags */
- nssSession *defaultSession;
- nssTokenObjectCache *cache;
-};
-
-NSS_IMPLEMENT NSSToken *
-nssToken_Create
-(
- CK_SLOT_ID slotID,
- NSSSlot *peer
-)
-{
- NSSArena *arena;
- NSSToken *rvToken;
- nssSession *session = NULL;
- NSSUTF8 *tokenName = NULL;
- PRUint32 length;
- PRBool readWrite;
- CK_TOKEN_INFO tokenInfo;
- CK_RV ckrv;
- void *epv = nssSlot_GetCryptokiEPV(peer);
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSToken *)NULL;
- }
- rvToken = nss_ZNEW(arena, NSSToken);
- if (!rvToken) {
- goto loser;
- }
- /* Get token information */
- ckrv = CKAPI(epv)->C_GetTokenInfo(slotID, &tokenInfo);
- if (ckrv != CKR_OK) {
- /* set an error here, eh? */
- goto loser;
- }
- /* Grab the slot description from the PKCS#11 fixed-length buffer */
- length = nssPKCS11String_Length(tokenInfo.label, sizeof(tokenInfo.label));
- if (length > 0) {
- tokenName = nssUTF8_Create(arena, nssStringType_UTF8String,
- (void *)tokenInfo.label, length);
- if (!tokenName) {
- goto loser;
- }
- }
- /* Open a default session handle for the token. */
- if (tokenInfo.ulMaxSessionCount == 1) {
- /* if the token can only handle one session, it must be RW. */
- readWrite = PR_TRUE;
- } else {
- readWrite = PR_FALSE;
- }
- session = nssSlot_CreateSession(peer, arena, readWrite);
- if (session == NULL) {
- goto loser;
- }
- /* TODO: seed the RNG here */
- rvToken->base.arena = arena;
- rvToken->base.refCount = 1;
- rvToken->base.name = tokenName;
- rvToken->base.lock = PZ_NewLock(nssNSSILockOther); /* XXX */
- if (!rvToken->base.lock) {
- goto loser;
- }
- rvToken->slot = peer; /* slot owns ref to token */
- rvToken->ckFlags = tokenInfo.flags;
- rvToken->defaultSession = session;
- if (nssSlot_IsHardware(peer)) {
- rvToken->cache = nssTokenObjectCache_Create(rvToken,
- PR_TRUE, PR_TRUE, PR_TRUE);
- if (!rvToken->cache) {
- nssSlot_Destroy(peer);
- goto loser;
- }
- }
- return rvToken;
-loser:
- if (session) {
- nssSession_Destroy(session);
- }
- nssArena_Destroy(arena);
- return (NSSToken *)NULL;
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT PRStatus
-nssToken_Destroy
-(
- NSSToken *tok
-)
-{
- if (tok) {
- PR_AtomicDecrement(&tok->base.refCount);
- if (tok->base.refCount == 0) {
- PZ_DestroyLock(tok->base.lock);
- nssTokenObjectCache_Destroy(tok->cache);
- return nssArena_Destroy(tok->base.arena);
- }
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssToken_Remove
-(
- NSSToken *tok
-)
-{
- nssTokenObjectCache_Clear(tok->cache);
-}
-
-NSS_IMPLEMENT void
-NSSToken_Destroy
-(
- NSSToken *tok
-)
-{
- (void)nssToken_Destroy(tok);
-}
-
-NSS_IMPLEMENT NSSToken *
-nssToken_AddRef
-(
- NSSToken *tok
-)
-{
- PR_AtomicIncrement(&tok->base.refCount);
- return tok;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssToken_GetSlot
-(
- NSSToken *tok
-)
-{
- return nssSlot_AddRef(tok->slot);
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT NSSModule *
-nssToken_GetModule
-(
- NSSToken *token
-)
-{
- return nssSlot_GetModule(token->slot);
-}
-#endif
-
-NSS_IMPLEMENT void *
-nssToken_GetCryptokiEPV
-(
- NSSToken *token
-)
-{
- return nssSlot_GetCryptokiEPV(token->slot);
-}
-
-NSS_IMPLEMENT nssSession *
-nssToken_GetDefaultSession
-(
- NSSToken *token
-)
-{
- return token->defaultSession;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssToken_GetName
-(
- NSSToken *tok
-)
-{
- if (tok == NULL) {
- return "";
- }
- if (tok->base.name[0] == 0) {
- (void) nssSlot_IsTokenPresent(tok->slot);
- }
- return tok->base.name;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSToken_GetName
-(
- NSSToken *token
-)
-{
- return nssToken_GetName(token);
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_IsLoginRequired
-(
- NSSToken *token
-)
-{
- return (token->ckFlags & CKF_LOGIN_REQUIRED);
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_NeedsPINInitialization
-(
- NSSToken *token
-)
-{
- return (!(token->ckFlags & CKF_USER_PIN_INITIALIZED));
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_DeleteStoredObject
-(
- nssCryptokiObject *instance
-)
-{
- CK_RV ckrv;
- PRStatus status;
- PRBool createdSession = PR_FALSE;
- NSSToken *token = instance->token;
- nssSession *session = NULL;
- void *epv = nssToken_GetCryptokiEPV(instance->token);
- if (token->cache) {
- nssTokenObjectCache_RemoveObject(token->cache, instance);
- }
- if (instance->isTokenObject) {
- if (nssSession_IsReadWrite(token->defaultSession)) {
- session = token->defaultSession;
- } else {
- session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
- createdSession = PR_TRUE;
- }
- }
- if (session == NULL) {
- return PR_FAILURE;
- }
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_DestroyObject(session->handle, instance->handle);
- nssSession_ExitMonitor(session);
- if (createdSession) {
- nssSession_Destroy(session);
- }
- status = (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
- return status;
-}
-
-static nssCryptokiObject *
-import_object
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- CK_ATTRIBUTE_PTR objectTemplate,
- CK_ULONG otsize
-)
-{
- nssSession *session = NULL;
- PRBool createdSession = PR_FALSE;
- nssCryptokiObject *object = NULL;
- CK_OBJECT_HANDLE handle;
- CK_RV ckrv;
- void *epv = nssToken_GetCryptokiEPV(tok);
- if (nssCKObject_IsTokenObjectTemplate(objectTemplate, otsize)) {
- if (sessionOpt) {
- if (!nssSession_IsReadWrite(sessionOpt)) {
- return CK_INVALID_HANDLE;
- } else {
- session = sessionOpt;
- }
- } else if (nssSession_IsReadWrite(tok->defaultSession)) {
- session = tok->defaultSession;
- } else {
- session = nssSlot_CreateSession(tok->slot, NULL, PR_TRUE);
- createdSession = PR_TRUE;
- }
- } else {
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- }
- if (session == NULL) {
- return CK_INVALID_HANDLE;
- }
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_CreateObject(session->handle,
- objectTemplate, otsize,
- &handle);
- nssSession_ExitMonitor(session);
- if (ckrv == CKR_OK) {
- object = nssCryptokiObject_Create(tok, session, handle);
- }
- if (createdSession) {
- nssSession_Destroy(session);
- }
- return object;
-}
-
-static nssCryptokiObject **
-create_objects_from_handles
-(
- NSSToken *tok,
- nssSession *session,
- CK_OBJECT_HANDLE *handles,
- PRUint32 numH
-)
-{
- nssCryptokiObject **objects;
- objects = nss_ZNEWARRAY(NULL, nssCryptokiObject *, numH + 1);
- if (objects) {
- PRInt32 i;
- for (i=0; i<(PRInt32)numH; i++) {
- objects[i] = nssCryptokiObject_Create(tok, session, handles[i]);
- if (!objects[i]) {
- for (--i; i>0; --i) {
- nssCryptokiObject_Destroy(objects[i]);
- }
- return (nssCryptokiObject **)NULL;
- }
- }
- }
- return objects;
-}
-
-static nssCryptokiObject **
-find_objects
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG otsize,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_RV ckrv = CKR_OK;
- CK_ULONG count;
- CK_OBJECT_HANDLE *objectHandles;
- CK_OBJECT_HANDLE staticObjects[OBJECT_STACK_SIZE];
- PRUint32 arraySize, numHandles;
- void *epv = nssToken_GetCryptokiEPV(tok);
- nssCryptokiObject **objects;
- nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-
- /* the arena is only for the array of object handles */
- if (maximumOpt > 0) {
- arraySize = maximumOpt;
- } else {
- arraySize = OBJECT_STACK_SIZE;
- }
- numHandles = 0;
- if (arraySize <= OBJECT_STACK_SIZE) {
- objectHandles = staticObjects;
- } else {
- objectHandles = nss_ZNEWARRAY(NULL, CK_OBJECT_HANDLE, arraySize);
- }
- if (!objectHandles) {
- ckrv = CKR_HOST_MEMORY;
- goto loser;
- }
- nssSession_EnterMonitor(session); /* ==== session lock === */
- /* Initialize the find with the template */
- ckrv = CKAPI(epv)->C_FindObjectsInit(session->handle,
- obj_template, otsize);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- while (PR_TRUE) {
- /* Issue the find for up to arraySize - numHandles objects */
- ckrv = CKAPI(epv)->C_FindObjects(session->handle,
- objectHandles + numHandles,
- arraySize - numHandles,
- &count);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- /* bump the number of found objects */
- numHandles += count;
- if (maximumOpt > 0 || numHandles < arraySize) {
- /* When a maximum is provided, the search is done all at once,
- * so the search is finished. If the number returned was less
- * than the number sought, the search is finished.
- */
- break;
- }
- /* the array is filled, double it and continue */
- arraySize *= 2;
- if (objectHandles == staticObjects) {
- objectHandles = nss_ZNEWARRAY(NULL,CK_OBJECT_HANDLE, arraySize);
- if (objectHandles) {
- PORT_Memcpy(objectHandles, staticObjects,
- OBJECT_STACK_SIZE * sizeof(objectHandles[1]));
- }
- } else {
- objectHandles = nss_ZREALLOCARRAY(objectHandles,
- CK_OBJECT_HANDLE,
- arraySize);
- }
- if (!objectHandles) {
- nssSession_ExitMonitor(session);
- ckrv = CKR_HOST_MEMORY;
- goto loser;
- }
- }
- ckrv = CKAPI(epv)->C_FindObjectsFinal(session->handle);
- nssSession_ExitMonitor(session); /* ==== end session lock === */
- if (ckrv != CKR_OK) {
- goto loser;
- }
- if (numHandles > 0) {
- objects = create_objects_from_handles(tok, session,
- objectHandles, numHandles);
- } else {
- nss_SetError(NSS_ERROR_NOT_FOUND);
- objects = NULL;
- }
- if (objectHandles && objectHandles != staticObjects) {
- nss_ZFreeIf(objectHandles);
- }
- if (statusOpt) *statusOpt = PR_SUCCESS;
- return objects;
-loser:
- if (objectHandles && objectHandles != staticObjects) {
- nss_ZFreeIf(objectHandles);
- }
- /*
- * These errors should be treated the same as if the objects just weren't
- * found..
- */
- if ((ckrv == CKR_ATTRIBUTE_TYPE_INVALID) ||
- (ckrv == CKR_ATTRIBUTE_VALUE_INVALID) ||
- (ckrv == CKR_DATA_INVALID) ||
- (ckrv == CKR_DATA_LEN_RANGE) ||
- (ckrv == CKR_FUNCTION_NOT_SUPPORTED) ||
- (ckrv == CKR_TEMPLATE_INCOMPLETE) ||
- (ckrv == CKR_TEMPLATE_INCONSISTENT)) {
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- if (statusOpt) *statusOpt = PR_SUCCESS;
- } else {
- if (statusOpt) *statusOpt = PR_FAILURE;
- }
- return (nssCryptokiObject **)NULL;
-}
-
-static nssCryptokiObject **
-find_objects_by_template
-(
- NSSToken *token,
- nssSession *sessionOpt,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG otsize,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_OBJECT_CLASS objclass = (CK_OBJECT_CLASS)-1;
- nssCryptokiObject **objects = NULL;
- PRUint32 i;
- for (i=0; i<otsize; i++) {
- if (obj_template[i].type == CKA_CLASS) {
- objclass = *(CK_OBJECT_CLASS *)obj_template[i].pValue;
- break;
- }
- }
- PR_ASSERT(i < otsize);
- if (i == otsize) {
-#ifdef NSS_3_4_CODE
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-#endif
- return NULL;
- }
- /* If these objects are being cached, try looking there first */
- if (token->cache &&
- nssTokenObjectCache_HaveObjectClass(token->cache, objclass))
- {
- PRStatus status;
- objects = nssTokenObjectCache_FindObjectsByTemplate(token->cache,
- objclass,
- obj_template,
- otsize,
- maximumOpt,
- &status);
- if (status == PR_SUCCESS) {
- if (statusOpt) *statusOpt = status;
- return objects;
- }
- }
- /* Either they are not cached, or cache failed; look on token. */
- objects = find_objects(token, sessionOpt,
- obj_template, otsize,
- maximumOpt, statusOpt);
- return objects;
-}
-
-extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportCertificate
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSCertificateType certType,
- NSSItem *id,
- NSSUTF8 *nickname,
- NSSDER *encoding,
- NSSDER *issuer,
- NSSDER *subject,
- NSSDER *serial,
- NSSASCII7 *email,
- PRBool asTokenObject
-)
-{
- PRStatus status;
- CK_CERTIFICATE_TYPE cert_type;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE cert_tmpl[10];
- CK_ULONG ctsize;
- nssTokenSearchType searchType;
- nssCryptokiObject *rvObject = NULL;
-
- if (certType == NSSCertificateType_PKIX) {
- cert_type = CKC_X_509;
- } else {
- return (nssCryptokiObject *)NULL;
- }
- NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
- if (asTokenObject) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- searchType = nssTokenSearchType_TokenOnly;
- } else {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- searchType = nssTokenSearchType_SessionOnly;
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CERTIFICATE_TYPE, cert_type);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encoding);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, issuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, serial);
- if (email) {
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NETSCAPE_EMAIL, email);
- }
- NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
- /* see if the cert is already there */
- rvObject = nssToken_FindCertificateByIssuerAndSerialNumber(tok,
- sessionOpt,
- issuer,
- serial,
- searchType,
- NULL);
- if (rvObject) {
- NSSItem existingDER;
- NSSSlot *slot = nssToken_GetSlot(tok);
- nssSession *session = nssSlot_CreateSession(slot, NULL, PR_TRUE);
- if (!session) {
- nssCryptokiObject_Destroy(rvObject);
- nssSlot_Destroy(slot);
- return (nssCryptokiObject *)NULL;
- }
- /* Reject any attempt to import a new cert that has the same
- * issuer/serial as an existing cert, but does not have the
- * same encoding
- */
- NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
- NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
- NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
- status = nssCKObject_GetAttributes(rvObject->handle,
- cert_tmpl, ctsize, NULL,
- session, slot);
- NSS_CK_ATTRIBUTE_TO_ITEM(cert_tmpl, &existingDER);
- if (status == PR_SUCCESS) {
- if (!nssItem_Equal(encoding, &existingDER, NULL)) {
- nss_SetError(NSS_ERROR_INVALID_CERTIFICATE);
- status = PR_FAILURE;
- }
- nss_ZFreeIf(existingDER.data);
- }
- if (status == PR_FAILURE) {
- nssCryptokiObject_Destroy(rvObject);
- nssSession_Destroy(session);
- nssSlot_Destroy(slot);
- return (nssCryptokiObject *)NULL;
- }
- /* according to PKCS#11, label, ID, issuer, and serial number
- * may change after the object has been created. For PKIX, the
- * last two attributes can't change, so for now we'll only worry
- * about the first two.
- */
- NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
- NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
- /* reset the mutable attributes on the token */
- nssCKObject_SetAttributes(rvObject->handle,
- cert_tmpl, ctsize,
- session, slot);
- if (!rvObject->label && nickname) {
- rvObject->label = nssUTF8_Duplicate(nickname, NULL);
- }
- nssSession_Destroy(session);
- nssSlot_Destroy(slot);
- } else {
- /* Import the certificate onto the token */
- rvObject = import_object(tok, sessionOpt, cert_tmpl, ctsize);
- }
- if (rvObject && tok->cache) {
- /* The cache will overwrite the attributes if the object already
- * exists.
- */
- nssTokenObjectCache_ImportObject(tok->cache, rvObject,
- CKO_CERTIFICATE,
- cert_tmpl, ctsize);
- }
- return rvObject;
-}
-
-/* traverse all certificates - this should only happen if the token
- * has been marked as "traversable"
- */
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificates
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE cert_template[2];
- CK_ULONG ctsize;
- nssCryptokiObject **objects;
- NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly ||
- searchType == nssTokenSearchType_TokenForced) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
-
- if (searchType == nssTokenSearchType_TokenForced) {
- objects = find_objects(token, sessionOpt,
- cert_template, ctsize,
- maximumOpt, statusOpt);
- } else {
- objects = find_objects_by_template(token, sessionOpt,
- cert_template, ctsize,
- maximumOpt, statusOpt);
- }
- return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesBySubject
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE subj_template[3];
- CK_ULONG stsize;
- nssCryptokiObject **objects;
- NSS_CK_TEMPLATE_START(subj_template, attr, stsize);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
- NSS_CK_TEMPLATE_FINISH(subj_template, attr, stsize);
- /* now locate the token certs matching this template */
- objects = find_objects_by_template(token, sessionOpt,
- subj_template, stsize,
- maximumOpt, statusOpt);
- return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByNickname
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSUTF8 *name,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE nick_template[3];
- CK_ULONG ntsize;
- nssCryptokiObject **objects;
- NSS_CK_TEMPLATE_START(nick_template, attr, ntsize);
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, name);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_TEMPLATE_FINISH(nick_template, attr, ntsize);
- /* now locate the token certs matching this template */
- objects = find_objects_by_template(token, sessionOpt,
- nick_template, ntsize,
- maximumOpt, statusOpt);
- if (!objects) {
- /* This is to workaround the fact that PKCS#11 doesn't specify
- * whether the '\0' should be included. XXX Is that still true?
- * im - this is not needed by the current softoken. However, I'm
- * leaving it in until I have surveyed more tokens to see if it needed.
- * well, its needed by the builtin token...
- */
- nick_template[0].ulValueLen++;
- objects = find_objects_by_template(token, sessionOpt,
- nick_template, ntsize,
- maximumOpt, statusOpt);
- }
- return objects;
-}
-
-/* XXX
- * This function *does not* use the token object cache, because not even
- * the softoken will return a value for CKA_NETSCAPE_EMAIL from a call
- * to GetAttributes. The softoken does allow searches with that attribute,
- * it just won't return a value for it.
- */
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByEmail
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSASCII7 *email,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE email_template[3];
- CK_ULONG etsize;
- nssCryptokiObject **objects;
- NSS_CK_TEMPLATE_START(email_template, attr, etsize);
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NETSCAPE_EMAIL, email);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_TEMPLATE_FINISH(email_template, attr, etsize);
- /* now locate the token certs matching this template */
- objects = find_objects(token, sessionOpt,
- email_template, etsize,
- maximumOpt, statusOpt);
- if (!objects) {
- /* This is to workaround the fact that PKCS#11 doesn't specify
- * whether the '\0' should be included. XXX Is that still true?
- * im - this is not needed by the current softoken. However, I'm
- * leaving it in until I have surveyed more tokens to see if it needed.
- * well, its needed by the builtin token...
- */
- email_template[0].ulValueLen++;
- objects = find_objects(token, sessionOpt,
- email_template, etsize,
- maximumOpt, statusOpt);
- }
- return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByID
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSItem *id,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE id_template[3];
- CK_ULONG idtsize;
- nssCryptokiObject **objects;
- NSS_CK_TEMPLATE_START(id_template, attr, idtsize);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_TEMPLATE_FINISH(id_template, attr, idtsize);
- /* now locate the token certs matching this template */
- objects = find_objects_by_template(token, sessionOpt,
- id_template, idtsize,
- maximumOpt, statusOpt);
- return objects;
-}
-
-/*
- * decode the serial item and return our result.
- * NOTE serialDecode's data is really stored in serial. Don't free it.
- */
-static PRStatus
-nssToken_decodeSerialItem(NSSItem *serial, NSSItem *serialDecode)
-{
- unsigned char *data = (unsigned char *)serial->data;
- int data_left, data_len, index;
-
- if ((serial->size >= 3) && (data[0] == 0x2)) {
- /* remove the der encoding of the serial number before generating the
- * key.. */
- data_left = serial->size-2;
- data_len = data[1];
- index = 2;
-
- /* extended length ? (not very likely for a serial number) */
- if (data_len & 0x80) {
- int len_count = data_len & 0x7f;
-
- data_len = 0;
- data_left -= len_count;
- if (data_left > 0) {
- while (len_count --) {
- data_len = (data_len << 8) | data[index++];
- }
- }
- }
- /* XXX leaving any leading zeros on the serial number for backwards
- * compatibility
- */
- /* not a valid der, must be just an unlucky serial number value */
- if (data_len == data_left) {
- serialDecode->size = data_len;
- serialDecode->data = &data[index];
- return PR_SUCCESS;
- }
- }
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindCertificateByIssuerAndSerialNumber
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *issuer,
- NSSDER *serial,
- nssTokenSearchType searchType,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE_PTR serialAttr;
- CK_ATTRIBUTE cert_template[4];
- CK_ULONG ctsize;
- nssCryptokiObject **objects;
- nssCryptokiObject *rvObject = NULL;
- NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if ((searchType == nssTokenSearchType_TokenOnly) ||
- (searchType == nssTokenSearchType_TokenForced)) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- /* Set the unique id */
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, issuer);
- serialAttr = attr;
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, serial);
- NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
- /* get the object handle */
- if (searchType == nssTokenSearchType_TokenForced) {
- objects = find_objects(token, sessionOpt,
- cert_template, ctsize,
- 1, statusOpt);
- } else {
- objects = find_objects_by_template(token, sessionOpt,
- cert_template, ctsize,
- 1, statusOpt);
- }
- if (objects) {
- rvObject = objects[0];
- nss_ZFreeIf(objects);
- }
-
- /*
- * NSS used to incorrectly store serial numbers in their decoded form.
- * because of this old tokens have decoded serial numbers.
- */
- if (!objects) {
- NSSItem serialDecode;
- PRStatus status;
-
- status = nssToken_decodeSerialItem(serial, &serialDecode);
- if (status != PR_SUCCESS) {
- return NULL;
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(serialAttr,CKA_SERIAL_NUMBER,&serialDecode);
- if (searchType == nssTokenSearchType_TokenForced) {
- objects = find_objects(token, sessionOpt,
- cert_template, ctsize,
- 1, statusOpt);
- } else {
- objects = find_objects_by_template(token, sessionOpt,
- cert_template, ctsize,
- 1, statusOpt);
- }
- if (objects) {
- rvObject = objects[0];
- nss_ZFreeIf(objects);
- }
- }
- return rvObject;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindCertificateByEncodedCertificate
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSBER *encodedCertificate,
- nssTokenSearchType searchType,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE cert_template[3];
- CK_ULONG ctsize;
- nssCryptokiObject **objects;
- nssCryptokiObject *rvObject = NULL;
- NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
- /* Set the search to token/session only if provided */
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCertificate);
- NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
- /* get the object handle */
- objects = find_objects_by_template(token, sessionOpt,
- cert_template, ctsize,
- 1, statusOpt);
- if (objects) {
- rvObject = objects[0];
- nss_ZFreeIf(objects);
- }
- return rvObject;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindPrivateKeys
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE key_template[2];
- CK_ULONG ktsize;
- nssCryptokiObject **objects;
-
- NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_privkey);
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
-
- objects = find_objects_by_template(token, sessionOpt,
- key_template, ktsize,
- maximumOpt, statusOpt);
- return objects;
-}
-
-/* XXX ?there are no session cert objects, so only search token objects */
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindPrivateKeyByID
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSItem *keyID
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE key_template[3];
- CK_ULONG ktsize;
- nssCryptokiObject **objects;
- nssCryptokiObject *rvKey = NULL;
-
- NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_privkey);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, keyID);
- NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
-
- objects = find_objects_by_template(token, sessionOpt,
- key_template, ktsize,
- 1, NULL);
- if (objects) {
- rvKey = objects[0];
- nss_ZFreeIf(objects);
- }
- return rvKey;
-}
-
-/* XXX ?there are no session cert objects, so only search token objects */
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindPublicKeyByID
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSItem *keyID
-)
-{
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE key_template[3];
- CK_ULONG ktsize;
- nssCryptokiObject **objects;
- nssCryptokiObject *rvKey = NULL;
-
- NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_pubkey);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, keyID);
- NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
-
- objects = find_objects_by_template(token, sessionOpt,
- key_template, ktsize,
- 1, NULL);
- if (objects) {
- rvKey = objects[0];
- nss_ZFreeIf(objects);
- }
- return rvKey;
-}
-
-static void
-sha1_hash(NSSItem *input, NSSItem *output)
-{
- NSSAlgorithmAndParameters *ap;
-#ifdef NSS_3_4_CODE
- PK11SlotInfo *internal = PK11_GetInternalSlot();
- NSSToken *token = PK11Slot_GetNSSToken(internal);
-#else
- NSSToken *token = nss_GetDefaultCryptoToken();
-#endif
- ap = NSSAlgorithmAndParameters_CreateSHA1Digest(NULL);
- (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
-#ifdef NSS_3_4_CODE
- PK11_FreeSlot(token->pk11slot);
-#endif
- nss_ZFreeIf(ap);
-}
-
-static void
-md5_hash(NSSItem *input, NSSItem *output)
-{
- NSSAlgorithmAndParameters *ap;
-#ifdef NSS_3_4_CODE
- PK11SlotInfo *internal = PK11_GetInternalSlot();
- NSSToken *token = PK11Slot_GetNSSToken(internal);
-#else
- NSSToken *token = nss_GetDefaultCryptoToken();
-#endif
- ap = NSSAlgorithmAndParameters_CreateMD5Digest(NULL);
- (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
-#ifdef NSS_3_4_CODE
- PK11_FreeSlot(token->pk11slot);
-#endif
- nss_ZFreeIf(ap);
-}
-
-static CK_TRUST
-get_ck_trust
-(
- nssTrustLevel nssTrust
-)
-{
- CK_TRUST t;
- switch (nssTrust) {
- case nssTrustLevel_NotTrusted: t = CKT_NETSCAPE_UNTRUSTED; break;
- case nssTrustLevel_TrustedDelegator: t = CKT_NETSCAPE_TRUSTED_DELEGATOR;
- break;
- case nssTrustLevel_ValidDelegator: t = CKT_NETSCAPE_VALID_DELEGATOR; break;
- case nssTrustLevel_Trusted: t = CKT_NETSCAPE_TRUSTED; break;
- case nssTrustLevel_Valid: t = CKT_NETSCAPE_VALID; break;
- case nssTrustLevel_Unknown:
- default: t = CKT_NETSCAPE_TRUST_UNKNOWN; break;
- }
- return t;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportTrust
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSDER *certEncoding,
- NSSDER *certIssuer,
- NSSDER *certSerial,
- nssTrustLevel serverAuth,
- nssTrustLevel clientAuth,
- nssTrustLevel codeSigning,
- nssTrustLevel emailProtection,
- PRBool asTokenObject
-)
-{
- nssCryptokiObject *object;
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_TRUST ckSA, ckCA, ckCS, ckEP;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE trust_tmpl[10];
- CK_ULONG tsize;
- PRUint8 sha1[20]; /* this is cheating... */
- PRUint8 md5[16];
- NSSItem sha1_result, md5_result;
- sha1_result.data = sha1; sha1_result.size = sizeof sha1;
- md5_result.data = md5; md5_result.size = sizeof md5;
- sha1_hash(certEncoding, &sha1_result);
- md5_hash(certEncoding, &md5_result);
- ckSA = get_ck_trust(serverAuth);
- ckCA = get_ck_trust(clientAuth);
- ckCS = get_ck_trust(codeSigning);
- ckEP = get_ck_trust(emailProtection);
- NSS_CK_TEMPLATE_START(trust_tmpl, attr, tsize);
- if (asTokenObject) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- } else {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, tobjc);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, certIssuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER, certSerial);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH, &sha1_result);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_MD5_HASH, &md5_result);
- /* now set the trust values */
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_SERVER_AUTH, ckSA);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH, ckCA);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING, ckCS);
- NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, ckEP);
- NSS_CK_TEMPLATE_FINISH(trust_tmpl, attr, tsize);
- /* import the trust object onto the token */
- object = import_object(tok, sessionOpt, trust_tmpl, tsize);
- if (object && tok->cache) {
- nssTokenObjectCache_ImportObject(tok->cache, object, tobjc,
- trust_tmpl, tsize);
- }
- return object;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindTrustObjects
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE tobj_template[2];
- CK_ULONG tobj_size;
- nssCryptokiObject **objects;
- nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-
- NSS_CK_TEMPLATE_START(tobj_template, attr, tobj_size);
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly ||
- searchType == nssTokenSearchType_TokenForced) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, tobjc);
- NSS_CK_TEMPLATE_FINISH(tobj_template, attr, tobj_size);
-
- if (searchType == nssTokenSearchType_TokenForced) {
- objects = find_objects(token, session,
- tobj_template, tobj_size,
- maximumOpt, statusOpt);
- } else {
- objects = find_objects_by_template(token, session,
- tobj_template, tobj_size,
- maximumOpt, statusOpt);
- }
- return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindTrustForCertificate
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *certEncoding,
- NSSDER *certIssuer,
- NSSDER *certSerial,
- nssTokenSearchType searchType
-)
-{
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE tobj_template[5];
- CK_ULONG tobj_size;
- nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
- nssCryptokiObject *object, **objects;
-
- NSS_CK_TEMPLATE_START(tobj_template, attr, tobj_size);
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, tobjc);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER, certIssuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER , certSerial);
- NSS_CK_TEMPLATE_FINISH(tobj_template, attr, tobj_size);
- object = NULL;
- objects = find_objects_by_template(token, session,
- tobj_template, tobj_size,
- 1, NULL);
- if (objects) {
- object = objects[0];
- nss_ZFreeIf(objects);
- }
- return object;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportCRL
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- NSSDER *encoding,
- PRBool isKRL,
- NSSUTF8 *url,
- PRBool asTokenObject
-)
-{
- nssCryptokiObject *object;
- CK_OBJECT_CLASS crlobjc = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE crl_tmpl[6];
- CK_ULONG crlsize;
-
- NSS_CK_TEMPLATE_START(crl_tmpl, attr, crlsize);
- if (asTokenObject) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- } else {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, crlobjc);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encoding);
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NETSCAPE_URL, url);
- if (isKRL) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_NETSCAPE_KRL, &g_ck_true);
- } else {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_NETSCAPE_KRL, &g_ck_false);
- }
- NSS_CK_TEMPLATE_FINISH(crl_tmpl, attr, crlsize);
-
- /* import the crl object onto the token */
- object = import_object(token, sessionOpt, crl_tmpl, crlsize);
- if (object && token->cache) {
- nssTokenObjectCache_ImportObject(token->cache, object, crlobjc,
- crl_tmpl, crlsize);
- }
- return object;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCRLs
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_OBJECT_CLASS crlobjc = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE crlobj_template[2];
- CK_ULONG crlobj_size;
- nssCryptokiObject **objects;
- nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-
- NSS_CK_TEMPLATE_START(crlobj_template, attr, crlobj_size);
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly ||
- searchType == nssTokenSearchType_TokenForced) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, crlobjc);
- NSS_CK_TEMPLATE_FINISH(crlobj_template, attr, crlobj_size);
-
- if (searchType == nssTokenSearchType_TokenForced) {
- objects = find_objects(token, session,
- crlobj_template, crlobj_size,
- maximumOpt, statusOpt);
- } else {
- objects = find_objects_by_template(token, session,
- crlobj_template, crlobj_size,
- maximumOpt, statusOpt);
- }
- return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCRLsBySubject
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- nssTokenSearchType searchType,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- CK_OBJECT_CLASS crlobjc = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE crlobj_template[3];
- CK_ULONG crlobj_size;
- nssCryptokiObject **objects;
- nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-
- NSS_CK_TEMPLATE_START(crlobj_template, attr, crlobj_size);
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly ||
- searchType == nssTokenSearchType_TokenForced) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, crlobjc);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
- NSS_CK_TEMPLATE_FINISH(crlobj_template, attr, crlobj_size);
-
- objects = find_objects_by_template(token, session,
- crlobj_template, crlobj_size,
- maximumOpt, statusOpt);
- return objects;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_GetCachedObjectAttributes
-(
- NSSToken *token,
- NSSArena *arenaOpt,
- nssCryptokiObject *object,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR atemplate,
- CK_ULONG atlen
-)
-{
- if (!token->cache) {
- return PR_FAILURE;
- }
- return nssTokenObjectCache_GetObjectAttributes(token->cache, arenaOpt,
- object, objclass,
- atemplate, atlen);
-}
-
-NSS_IMPLEMENT NSSItem *
-nssToken_Digest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- CK_RV ckrv;
- CK_ULONG digestLen;
- CK_BYTE_PTR digest;
- NSSItem *rvItem = NULL;
- void *epv = nssToken_GetCryptokiEPV(tok);
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_DigestInit(session->handle, &ap->mechanism);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
-#if 0
- /* XXX the standard says this should work, but it doesn't */
- ckrv = CKAPI(epv)->C_Digest(session->handle, NULL, 0, NULL, &digestLen);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
-#endif
- digestLen = 0; /* XXX for now */
- digest = NULL;
- if (rvOpt) {
- if (rvOpt->size > 0 && rvOpt->size < digestLen) {
- nssSession_ExitMonitor(session);
- /* the error should be bad args */
- return NULL;
- }
- if (rvOpt->data) {
- digest = rvOpt->data;
- }
- digestLen = rvOpt->size;
- }
- if (!digest) {
- digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
- if (!digest) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
- }
- ckrv = CKAPI(epv)->C_Digest(session->handle,
- (CK_BYTE_PTR)data->data,
- (CK_ULONG)data->size,
- (CK_BYTE_PTR)digest,
- &digestLen);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- nss_ZFreeIf(digest);
- return NULL;
- }
- if (!rvOpt) {
- rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
- }
- return rvItem;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_BeginDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap
-)
-{
- CK_RV ckrv;
- nssSession *session;
- void *epv = nssToken_GetCryptokiEPV(tok);
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_DigestInit(session->handle, &ap->mechanism);
- nssSession_ExitMonitor(session);
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_ContinueDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *item
-)
-{
- CK_RV ckrv;
- nssSession *session;
- void *epv = nssToken_GetCryptokiEPV(tok);
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_DigestUpdate(session->handle,
- (CK_BYTE_PTR)item->data,
- (CK_ULONG)item->size);
- nssSession_ExitMonitor(session);
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssToken_FinishDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- CK_RV ckrv;
- CK_ULONG digestLen;
- CK_BYTE_PTR digest;
- NSSItem *rvItem = NULL;
- void *epv = nssToken_GetCryptokiEPV(tok);
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(epv)->C_DigestFinal(session->handle, NULL, &digestLen);
- if (ckrv != CKR_OK || digestLen == 0) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
- digest = NULL;
- if (rvOpt) {
- if (rvOpt->size > 0 && rvOpt->size < digestLen) {
- nssSession_ExitMonitor(session);
- /* the error should be bad args */
- return NULL;
- }
- if (rvOpt->data) {
- digest = rvOpt->data;
- }
- digestLen = rvOpt->size;
- }
- if (!digest) {
- digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
- if (!digest) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
- }
- ckrv = CKAPI(epv)->C_DigestFinal(session->handle, digest, &digestLen);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- nss_ZFreeIf(digest);
- return NULL;
- }
- if (!rvOpt) {
- rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
- }
- return rvItem;
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_IsPresent
-(
- NSSToken *token
-)
-{
- return nssSlot_IsTokenPresent(token->slot);
-}
-
-/* Sigh. The methods to find objects declared above cause problems with
- * the low-level object cache in the softoken -- the objects are found in
- * toto, then one wave of GetAttributes is done, then another. Having a
- * large number of objects causes the cache to be thrashed, as the objects
- * are gone before there's any chance to ask for their attributes.
- * So, for now, bringing back traversal methods for certs. This way all of
- * the cert's attributes can be grabbed immediately after finding it,
- * increasing the likelihood that the cache takes care of it.
- */
-NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificates
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenSearchType searchType,
- PRStatus (* callback)(nssCryptokiObject *instance, void *arg),
- void *arg
-)
-{
- CK_RV ckrv;
- CK_ULONG count;
- CK_OBJECT_HANDLE *objectHandles;
- CK_ATTRIBUTE_PTR attr;
- CK_ATTRIBUTE cert_template[2];
- CK_ULONG ctsize;
- NSSArena *arena;
- PRStatus status;
- PRUint32 arraySize, numHandles;
- nssCryptokiObject **objects;
- void *epv = nssToken_GetCryptokiEPV(token);
- nssSession *session = (sessionOpt) ? sessionOpt : token->defaultSession;
-
- /* template for all certs */
- NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
- if (searchType == nssTokenSearchType_SessionOnly) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
- } else if (searchType == nssTokenSearchType_TokenOnly ||
- searchType == nssTokenSearchType_TokenForced) {
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
-
- /* the arena is only for the array of object handles */
- arena = nssArena_Create();
- if (!arena) {
- return PR_FAILURE;
- }
- arraySize = OBJECT_STACK_SIZE;
- numHandles = 0;
- objectHandles = nss_ZNEWARRAY(arena, CK_OBJECT_HANDLE, arraySize);
- if (!objectHandles) {
- goto loser;
- }
- nssSession_EnterMonitor(session); /* ==== session lock === */
- /* Initialize the find with the template */
- ckrv = CKAPI(epv)->C_FindObjectsInit(session->handle,
- cert_template, ctsize);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- while (PR_TRUE) {
- /* Issue the find for up to arraySize - numHandles objects */
- ckrv = CKAPI(epv)->C_FindObjects(session->handle,
- objectHandles + numHandles,
- arraySize - numHandles,
- &count);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- /* bump the number of found objects */
- numHandles += count;
- if (numHandles < arraySize) {
- break;
- }
- /* the array is filled, double it and continue */
- arraySize *= 2;
- objectHandles = nss_ZREALLOCARRAY(objectHandles,
- CK_OBJECT_HANDLE,
- arraySize);
- if (!objectHandles) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- }
- ckrv = CKAPI(epv)->C_FindObjectsFinal(session->handle);
- nssSession_ExitMonitor(session); /* ==== end session lock === */
- if (ckrv != CKR_OK) {
- goto loser;
- }
- if (numHandles > 0) {
- objects = create_objects_from_handles(token, session,
- objectHandles, numHandles);
- if (objects) {
- nssCryptokiObject **op;
- for (op = objects; *op; op++) {
- status = (*callback)(*op, arg);
- }
- nss_ZFreeIf(objects);
- }
- }
- nssArena_Destroy(arena);
- return PR_SUCCESS;
-loser:
- nssArena_Destroy(arena);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_IsPrivateKeyAvailable
-(
- NSSToken *token,
- NSSCertificate *c,
- nssCryptokiObject *instance
-)
-{
- CK_OBJECT_CLASS theClass;
-
- if (token == NULL) return PR_FALSE;
- if (c == NULL) return PR_FALSE;
-
- theClass = CKO_PRIVATE_KEY;
- if (!nssSlot_IsLoggedIn(token->slot)) {
- theClass = CKO_PUBLIC_KEY;
- }
- if (PK11_MatchItem(token->pk11slot, instance->handle, theClass)
- != CK_INVALID_HANDLE) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c
deleted file mode 100644
index 35e08db03..000000000
--- a/security/nss/lib/dev/devutil.c
+++ /dev/null
@@ -1,1471 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssCryptokiObject_Create
-(
- NSSToken *t,
- nssSession *session,
- CK_OBJECT_HANDLE h
-)
-{
- PRStatus status;
- NSSSlot *slot;
- nssCryptokiObject *object;
- CK_BBOOL *isTokenObject;
- CK_ATTRIBUTE cert_template[] = {
- { CKA_TOKEN, NULL, 0 },
- { CKA_LABEL, NULL, 0 }
- };
- slot = nssToken_GetSlot(t);
- status = nssCKObject_GetAttributes(h, cert_template, 2,
- NULL, session, slot);
- nssSlot_Destroy(slot);
- if (status != PR_SUCCESS) {
- /* a failure here indicates a device error */
- return (nssCryptokiObject *)NULL;
- }
- object = nss_ZNEW(NULL, nssCryptokiObject);
- if (!object) {
- return (nssCryptokiObject *)NULL;
- }
- object->handle = h;
- object->token = nssToken_AddRef(t);
- isTokenObject = (CK_BBOOL *)cert_template[0].pValue;
- object->isTokenObject = *isTokenObject;
- nss_ZFreeIf(isTokenObject);
- NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[1], object->label);
- return object;
-}
-
-NSS_IMPLEMENT void
-nssCryptokiObject_Destroy
-(
- nssCryptokiObject *object
-)
-{
- if (object) {
- nssToken_Destroy(object->token);
- nss_ZFreeIf(object->label);
- nss_ZFreeIf(object);
- }
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssCryptokiObject_Clone
-(
- nssCryptokiObject *object
-)
-{
- nssCryptokiObject *rvObject;
- rvObject = nss_ZNEW(NULL, nssCryptokiObject);
- if (rvObject) {
- rvObject->handle = object->handle;
- rvObject->token = nssToken_AddRef(object->token);
- rvObject->isTokenObject = object->isTokenObject;
- if (object->label) {
- rvObject->label = nssUTF8_Duplicate(object->label, NULL);
- }
- }
- return rvObject;
-}
-
-NSS_EXTERN PRBool
-nssCryptokiObject_Equal
-(
- nssCryptokiObject *o1,
- nssCryptokiObject *o2
-)
-{
- return (o1->token == o2->token && o1->handle == o2->handle);
-}
-
-NSS_IMPLEMENT PRUint32
-nssPKCS11String_Length(CK_CHAR *pkcs11Str, PRUint32 bufLen)
-{
- PRInt32 i;
- for (i = bufLen - 1; i>=0; ) {
- if (pkcs11Str[i] != ' ' && pkcs11Str[i] != '\0') break;
- --i;
- }
- return (PRUint32)(i + 1);
-}
-
-/*
- * Slot arrays
- */
-
-NSS_IMPLEMENT NSSSlot **
-nssSlotArray_Clone
-(
- NSSSlot **slots
-)
-{
- NSSSlot **rvSlots = NULL;
- NSSSlot **sp = slots;
- PRUint32 count = 0;
- while (sp && *sp) count++;
- if (count > 0) {
- rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1);
- if (rvSlots) {
- sp = slots;
- count = 0;
- for (sp = slots; *sp; sp++) {
- rvSlots[count++] = nssSlot_AddRef(*sp);
- }
- }
- }
- return rvSlots;
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT void
-nssModuleArray_Destroy
-(
- NSSModule **modules
-)
-{
- if (modules) {
- NSSModule **mp;
- for (mp = modules; *mp; mp++) {
- nssModule_Destroy(*mp);
- }
- nss_ZFreeIf(modules);
- }
-}
-#endif
-
-NSS_IMPLEMENT void
-nssSlotArray_Destroy
-(
- NSSSlot **slots
-)
-{
- if (slots) {
- NSSSlot **slotp;
- for (slotp = slots; *slotp; slotp++) {
- nssSlot_Destroy(*slotp);
- }
- nss_ZFreeIf(slots);
- }
-}
-
-NSS_IMPLEMENT void
-NSSSlotArray_Destroy
-(
- NSSSlot **slots
-)
-{
- nssSlotArray_Destroy(slots);
-}
-
-NSS_IMPLEMENT void
-nssTokenArray_Destroy
-(
- NSSToken **tokens
-)
-{
- if (tokens) {
- NSSToken **tokenp;
- for (tokenp = tokens; *tokenp; tokenp++) {
- nssToken_Destroy(*tokenp);
- }
- nss_ZFreeIf(tokens);
- }
-}
-
-NSS_IMPLEMENT void
-NSSTokenArray_Destroy
-(
- NSSToken **tokens
-)
-{
- nssTokenArray_Destroy(tokens);
-}
-
-NSS_IMPLEMENT void
-nssCryptokiObjectArray_Destroy
-(
- nssCryptokiObject **objects
-)
-{
- if (objects) {
- nssCryptokiObject **op;
- for (op = objects; *op; op++) {
- nssCryptokiObject_Destroy(*op);
- }
- nss_ZFreeIf(objects);
- }
-}
-
-#ifdef PURE_STAN_BUILD
-/*
- * Slot lists
- */
-
-struct nssSlotListNodeStr
-{
- PRCList link;
- NSSSlot *slot;
- PRUint32 order;
-};
-
-/* XXX separate slots with non-present tokens? */
-struct nssSlotListStr
-{
- NSSArena *arena;
- PRBool i_allocated_arena;
- PZLock *lock;
- PRCList head;
- PRUint32 count;
-};
-
-NSS_IMPLEMENT nssSlotList *
-nssSlotList_Create
-(
- NSSArena *arenaOpt
-)
-{
- nssSlotList *rvList;
- NSSArena *arena;
- nssArenaMark *mark;
- if (arenaOpt) {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if (!mark) {
- return (nssSlotList *)NULL;
- }
- } else {
- arena = nssArena_Create();
- if (!arena) {
- return (nssSlotList *)NULL;
- }
- }
- rvList = nss_ZNEW(arena, nssSlotList);
- if (!rvList) {
- goto loser;
- }
- rvList->lock = PZ_NewLock(nssILockOther); /* XXX */
- if (!rvList->lock) {
- goto loser;
- }
- PR_INIT_CLIST(&rvList->head);
- rvList->arena = arena;
- rvList->i_allocated_arena = (arenaOpt == NULL);
- nssArena_Unmark(arena, mark);
- return rvList;
-loser:
- if (arenaOpt) {
- nssArena_Release(arena, mark);
- } else {
- nssArena_Destroy(arena);
- }
- return (nssSlotList *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssSlotList_Destroy
-(
- nssSlotList *slotList
-)
-{
- PRCList *link;
- struct nssSlotListNodeStr *node;
- if (slotList) {
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- node = (struct nssSlotListNodeStr *)link;
- nssSlot_Destroy(node->slot);
- link = PR_NEXT_LINK(link);
- }
- if (slotList->i_allocated_arena) {
- nssArena_Destroy(slotList->arena);
- }
- }
-}
-
-/* XXX should do allocs outside of lock */
-NSS_IMPLEMENT PRStatus
-nssSlotList_Add
-(
- nssSlotList *slotList,
- NSSSlot *slot,
- PRUint32 order
-)
-{
- PRCList *link;
- struct nssSlotListNodeStr *node;
- PZ_Lock(slotList->lock);
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- node = (struct nssSlotListNodeStr *)link;
- if (order < node->order) {
- break;
- }
- link = PR_NEXT_LINK(link);
- }
- node = nss_ZNEW(slotList->arena, struct nssSlotListNodeStr);
- if (!node) {
- return PR_FAILURE;
- }
- PR_INIT_CLIST(&node->link);
- node->slot = nssSlot_AddRef(slot);
- node->order = order;
- PR_INSERT_AFTER(&node->link, link);
- slotList->count++;
- PZ_Unlock(slotList->lock);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlotList_AddModuleSlots
-(
- nssSlotList *slotList,
- NSSModule *module,
- PRUint32 order
-)
-{
- nssArenaMark *mark = NULL;
- NSSSlot **sp, **slots = NULL;
- PRCList *link;
- struct nssSlotListNodeStr *node;
- PZ_Lock(slotList->lock);
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- node = (struct nssSlotListNodeStr *)link;
- if (order < node->order) {
- break;
- }
- link = PR_NEXT_LINK(link);
- }
- slots = nssModule_GetSlots(module);
- if (!slots) {
- PZ_Unlock(slotList->lock);
- return PR_SUCCESS;
- }
- mark = nssArena_Mark(slotList->arena);
- if (!mark) {
- goto loser;
- }
- for (sp = slots; *sp; sp++) {
- node = nss_ZNEW(slotList->arena, struct nssSlotListNodeStr);
- if (!node) {
- goto loser;
- }
- PR_INIT_CLIST(&node->link);
- node->slot = *sp; /* have ref from nssModule_GetSlots */
- node->order = order;
- PR_INSERT_AFTER(&node->link, link);
- slotList->count++;
- }
- PZ_Unlock(slotList->lock);
- nssArena_Unmark(slotList->arena, mark);
- return PR_SUCCESS;
-loser:
- PZ_Unlock(slotList->lock);
- if (mark) {
- nssArena_Release(slotList->arena, mark);
- }
- if (slots) {
- nssSlotArray_Destroy(slots);
- }
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSlot **
-nssSlotList_GetSlots
-(
- nssSlotList *slotList
-)
-{
- PRUint32 i;
- PRCList *link;
- struct nssSlotListNodeStr *node;
- NSSSlot **rvSlots = NULL;
- PZ_Lock(slotList->lock);
- rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, slotList->count + 1);
- if (!rvSlots) {
- PZ_Unlock(slotList->lock);
- return (NSSSlot **)NULL;
- }
- i = 0;
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- node = (struct nssSlotListNodeStr *)link;
- rvSlots[i] = nssSlot_AddRef(node->slot);
- link = PR_NEXT_LINK(link);
- i++;
- }
- PZ_Unlock(slotList->lock);
- return rvSlots;
-}
-
-#if 0
-NSS_IMPLEMENT NSSSlot *
-nssSlotList_GetBestSlotForAlgorithmAndParameters
-(
- nssSlotList *slotList,
- NSSAlgorithmAndParameters *ap
-)
-{
- PRCList *link;
- struct nssSlotListNodeStr *node;
- NSSSlot *rvSlot = NULL;
- PZ_Lock(slotList->lock);
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- node = (struct nssSlotListNodeStr *)link;
- if (nssSlot_DoesAlgorithmAndParameters(ap)) {
- rvSlot = nssSlot_AddRef(node->slot); /* XXX check isPresent? */
- }
- link = PR_NEXT_LINK(link);
- }
- PZ_Unlock(slotList->lock);
- return rvSlot;
-}
-#endif
-
-NSS_IMPLEMENT NSSSlot *
-nssSlotList_GetBestSlot
-(
- nssSlotList *slotList
-)
-{
- PRCList *link;
- struct nssSlotListNodeStr *node;
- NSSSlot *rvSlot = NULL;
- PZ_Lock(slotList->lock);
- if (PR_CLIST_IS_EMPTY(&slotList->head)) {
- PZ_Unlock(slotList->lock);
- return (NSSSlot *)NULL;
- }
- link = PR_NEXT_LINK(&slotList->head);
- node = (struct nssSlotListNodeStr *)link;
- rvSlot = nssSlot_AddRef(node->slot); /* XXX check isPresent? */
- PZ_Unlock(slotList->lock);
- return rvSlot;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssSlotList_FindSlotByName
-(
- nssSlotList *slotList,
- NSSUTF8 *slotName
-)
-{
- PRCList *link;
- struct nssSlotListNodeStr *node;
- NSSSlot *rvSlot = NULL;
- PZ_Lock(slotList->lock);
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- NSSUTF8 *sName;
- node = (struct nssSlotListNodeStr *)link;
- sName = nssSlot_GetName(node->slot);
- if (nssUTF8_Equal(sName, slotName, NULL)) {
- rvSlot = nssSlot_AddRef(node->slot);
- break;
- }
- link = PR_NEXT_LINK(link);
- }
- PZ_Unlock(slotList->lock);
- return rvSlot;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssSlotList_FindTokenByName
-(
- nssSlotList *slotList,
- NSSUTF8 *tokenName
-)
-{
- PRCList *link;
- struct nssSlotListNodeStr *node;
- NSSToken *rvToken = NULL;
- PZ_Lock(slotList->lock);
- link = PR_NEXT_LINK(&slotList->head);
- while (link != &slotList->head) {
- NSSUTF8 *tName;
- node = (struct nssSlotListNodeStr *)link;
- tName = nssSlot_GetTokenName(node->slot);
- if (nssUTF8_Equal(tName, tokenName, NULL)) {
- rvToken = nssSlot_GetToken(node->slot);
- break;
- }
- link = PR_NEXT_LINK(link);
- }
- PZ_Unlock(slotList->lock);
- return rvToken;
-}
-#endif /* PURE_STAN_BUILD */
-
-/* object cache for token */
-
-typedef struct
-{
- NSSArena *arena;
- nssCryptokiObject *object;
- CK_ATTRIBUTE_PTR attributes;
- CK_ULONG numAttributes;
-}
-nssCryptokiObjectAndAttributes;
-
-enum {
- cachedCerts = 0,
- cachedTrust = 1,
- cachedCRLs = 2
-} cachedObjectType;
-
-struct nssTokenObjectCacheStr
-{
- NSSToken *token;
- PZLock *lock;
- PRBool loggedIn;
- PRBool doObjectType[3];
- PRBool searchedObjectType[3];
- nssCryptokiObjectAndAttributes **objects[3];
-};
-
-NSS_IMPLEMENT nssTokenObjectCache *
-nssTokenObjectCache_Create
-(
- NSSToken *token,
- PRBool cacheCerts,
- PRBool cacheTrust,
- PRBool cacheCRLs
-)
-{
- nssTokenObjectCache *rvCache;
- rvCache = nss_ZNEW(NULL, nssTokenObjectCache);
- if (!rvCache) {
- goto loser;
- }
- rvCache->lock = PZ_NewLock(nssILockOther); /* XXX */
- if (!rvCache->lock) {
- goto loser;
- }
- rvCache->doObjectType[cachedCerts] = cacheCerts;
- rvCache->doObjectType[cachedTrust] = cacheTrust;
- rvCache->doObjectType[cachedCRLs] = cacheCRLs;
- rvCache->token = token; /* cache goes away with token */
- return rvCache;
-loser:
- return (nssTokenObjectCache *)NULL;
-}
-
-static void
-clear_cache
-(
- nssTokenObjectCache *cache
-)
-{
- nssCryptokiObjectAndAttributes **oa;
- PRUint32 objectType;
- for (objectType = cachedCerts; objectType <= cachedCRLs; objectType++) {
- if (!cache->objects[objectType]) {
- continue;
- }
- for (oa = cache->objects[objectType]; *oa; oa++) {
- /* prevent the token from being destroyed */
- (*oa)->object->token = NULL;
- nssCryptokiObject_Destroy((*oa)->object);
- nssArena_Destroy((*oa)->arena);
- }
- nss_ZFreeIf(cache->objects[objectType]);
- cache->objects[objectType] = NULL;
- cache->searchedObjectType[objectType] = PR_FALSE;
- }
-}
-
-NSS_IMPLEMENT void
-nssTokenObjectCache_Clear
-(
- nssTokenObjectCache *cache
-)
-{
- if (cache) {
- clear_cache(cache);
- }
-}
-
-NSS_IMPLEMENT void
-nssTokenObjectCache_Destroy
-(
- nssTokenObjectCache *cache
-)
-{
- if (cache) {
- clear_cache(cache);
- PZ_DestroyLock(cache->lock);
- nss_ZFreeIf(cache);
- }
-}
-
-NSS_IMPLEMENT PRBool
-nssTokenObjectCache_HaveObjectClass
-(
- nssTokenObjectCache *cache,
- CK_OBJECT_CLASS objclass
-)
-{
- PRBool haveIt;
- PZ_Lock(cache->lock);
- switch (objclass) {
- case CKO_CERTIFICATE: haveIt = cache->doObjectType[cachedCerts]; break;
- case CKO_NETSCAPE_TRUST: haveIt = cache->doObjectType[cachedTrust]; break;
- case CKO_NETSCAPE_CRL: haveIt = cache->doObjectType[cachedCRLs]; break;
- default: haveIt = PR_FALSE;
- }
- PZ_Unlock(cache->lock);
- return haveIt;
-}
-
-static nssCryptokiObjectAndAttributes **
-create_object_array
-(
- nssCryptokiObject **objects,
- PRBool *doObjects,
- PRUint32 *numObjects,
- PRStatus *status
-)
-{
- nssCryptokiObject **op = objects;
- nssCryptokiObjectAndAttributes **rvOandA = NULL;
- *numObjects = 0;
- /* There are no objects for this type */
- if (!objects) {
- return (nssCryptokiObjectAndAttributes **)NULL;
- }
- while (*op++) (*numObjects)++;
- if (*numObjects == MAX_LOCAL_CACHE_OBJECTS) {
- /* Hit the maximum allowed, so don't use a cache (there are
- * too many objects to make caching worthwhile, presumably, if
- * the token can handle that many objects, it can handle searching.
- */
- *doObjects = PR_FALSE;
- *status = PR_FAILURE;
- *numObjects = 0;
- } else if (*numObjects > 0) {
- rvOandA = nss_ZNEWARRAY(NULL,
- nssCryptokiObjectAndAttributes *,
- *numObjects + 1);
- *status = rvOandA ? PR_SUCCESS : PR_FALSE;
- }
- return rvOandA;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_object
-(
- nssCryptokiObject *object,
- CK_ATTRIBUTE_TYPE *types,
- PRUint32 numTypes,
- PRStatus *status
-)
-{
- PRUint32 j;
- NSSArena *arena;
- NSSSlot *slot = NULL;
- nssSession *session = NULL;
- nssCryptokiObjectAndAttributes *rvCachedObject = NULL;
-
- slot = nssToken_GetSlot(object->token);
- session = nssToken_GetDefaultSession(object->token);
-
- arena = nssArena_Create();
- if (!arena) {
- nssSlot_Destroy(slot);
- return (nssCryptokiObjectAndAttributes *)NULL;
- }
- rvCachedObject = nss_ZNEW(arena, nssCryptokiObjectAndAttributes);
- if (!rvCachedObject) {
- goto loser;
- }
- rvCachedObject->arena = arena;
- /* The cache is tied to the token, and therefore the objects
- * in it should not hold references to the token.
- */
- nssToken_Destroy(object->token);
- rvCachedObject->object = object;
- rvCachedObject->attributes = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, numTypes);
- if (!rvCachedObject->attributes) {
- goto loser;
- }
- for (j=0; j<numTypes; j++) {
- rvCachedObject->attributes[j].type = types[j];
- }
- *status = nssCKObject_GetAttributes(object->handle,
- rvCachedObject->attributes,
- numTypes,
- arena,
- session,
- slot);
- if (*status != PR_SUCCESS) {
- goto loser;
- }
- rvCachedObject->numAttributes = numTypes;
- *status = PR_SUCCESS;
- if (slot) {
- nssSlot_Destroy(slot);
- }
- return rvCachedObject;
-loser:
- *status = PR_FAILURE;
- if (slot) {
- nssSlot_Destroy(slot);
- }
- nssArena_Destroy(arena);
- return (nssCryptokiObjectAndAttributes *)NULL;
-}
-
-/*
- *
- * State diagram for cache:
- *
- * token !present token removed
- * +-------------------------+<----------------------+
- * | ^ |
- * v | |
- * +----------+ slot friendly | token present +----------+
- * | cache | -----------------> % ---------------> | cache |
- * | unloaded | | loaded |
- * +----------+ +----------+
- * ^ | ^ |
- * | | slot !friendly slot logged in | |
- * | +-----------------------> % ----------------------+ |
- * | | |
- * | slot logged out v slot !friendly |
- * +-----------------------------+<--------------------------+
- *
- */
-static PRBool
-search_for_objects
-(
- nssTokenObjectCache *cache
-)
-{
- PRBool doSearch = PR_FALSE;
- NSSSlot *slot = nssToken_GetSlot(cache->token);
- if (!nssSlot_IsTokenPresent(slot)) {
- /* The token is no longer present, destroy any cached objects */
- /* clear_cache(cache); */
- nssSlot_Destroy(slot);
- return PR_FALSE;
- }
- /* Handle non-friendly slots (slots which require login for objects) */
- if (!nssSlot_IsFriendly(slot)) {
- if (nssSlot_IsLoggedIn(slot)) {
- /* Either no state change, or went from !logged in -> logged in */
- cache->loggedIn = PR_TRUE;
- doSearch = PR_TRUE;
- } else {
- if (cache->loggedIn) {
- /* went from logged in -> !logged in, destroy cached objects */
- clear_cache(cache);
- cache->loggedIn = PR_FALSE;
- } /* else no state change, still not logged in, so exit */
- }
- } else {
- /* slot is friendly, thus always available for search */
- doSearch = PR_TRUE;
- }
- nssSlot_Destroy(slot);
- return doSearch;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_cert
-(
- nssCryptokiObject *object,
- PRStatus *status
-)
-{
- CK_ATTRIBUTE_TYPE certAttr[] = {
- CKA_CLASS,
- CKA_TOKEN,
- CKA_LABEL,
- CKA_CERTIFICATE_TYPE,
- CKA_ID,
- CKA_VALUE,
- CKA_ISSUER,
- CKA_SERIAL_NUMBER,
- CKA_SUBJECT,
- CKA_NETSCAPE_EMAIL
- };
- PRUint32 numCertAttr = sizeof(certAttr) / sizeof(certAttr[0]);
- return create_object(object, certAttr, numCertAttr, status);
-}
-
-static PRStatus
-get_token_certs_for_cache
-(
- nssTokenObjectCache *cache
-)
-{
- PRStatus status;
- nssCryptokiObject **objects;
- PRBool *doIt = &cache->doObjectType[cachedCerts];
- PRUint32 i, numObjects;
-
- if (!search_for_objects(cache) ||
- cache->searchedObjectType[cachedCerts] ||
- !cache->doObjectType[cachedCerts])
- {
- /* Either there was a state change that prevents a search
- * (token removed or logged out), or the search was already done,
- * or certs are not being cached.
- */
- return PR_SUCCESS;
- }
- objects = nssToken_FindCertificates(cache->token, NULL,
- nssTokenSearchType_TokenForced,
- MAX_LOCAL_CACHE_OBJECTS, &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- cache->objects[cachedCerts] = create_object_array(objects,
- doIt,
- &numObjects,
- &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- for (i=0; i<numObjects; i++) {
- cache->objects[cachedCerts][i] = create_cert(objects[i], &status);
- if (status != PR_SUCCESS) {
- break;
- }
- }
- if (status == PR_SUCCESS) {
- nss_ZFreeIf(objects);
- } else {
- PRUint32 j;
- for (j=0; j<i; j++) {
- /* sigh */
- nssToken_AddRef(cache->objects[cachedCerts][i]->object->token);
- nssArena_Destroy(cache->objects[cachedCerts][i]->arena);
- }
- nssCryptokiObjectArray_Destroy(objects);
- }
- cache->searchedObjectType[cachedCerts] = PR_TRUE;
- return status;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_trust
-(
- nssCryptokiObject *object,
- PRStatus *status
-)
-{
- CK_ATTRIBUTE_TYPE trustAttr[] = {
- CKA_CLASS,
- CKA_TOKEN,
- CKA_LABEL,
- CKA_CERT_SHA1_HASH,
- CKA_CERT_MD5_HASH,
- CKA_ISSUER,
- CKA_SUBJECT,
- CKA_TRUST_SERVER_AUTH,
- CKA_TRUST_CLIENT_AUTH,
- CKA_TRUST_EMAIL_PROTECTION,
- CKA_TRUST_CODE_SIGNING
- };
- PRUint32 numTrustAttr = sizeof(trustAttr) / sizeof(trustAttr[0]);
- return create_object(object, trustAttr, numTrustAttr, status);
-}
-
-static PRStatus
-get_token_trust_for_cache
-(
- nssTokenObjectCache *cache
-)
-{
- PRStatus status;
- nssCryptokiObject **objects;
- PRBool *doIt = &cache->doObjectType[cachedTrust];
- PRUint32 i, numObjects;
-
- if (!search_for_objects(cache) ||
- cache->searchedObjectType[cachedTrust] ||
- !cache->doObjectType[cachedTrust])
- {
- /* Either there was a state change that prevents a search
- * (token removed or logged out), or the search was already done,
- * or trust is not being cached.
- */
- return PR_SUCCESS;
- }
- objects = nssToken_FindTrustObjects(cache->token, NULL,
- nssTokenSearchType_TokenForced,
- MAX_LOCAL_CACHE_OBJECTS, &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- cache->objects[cachedTrust] = create_object_array(objects,
- doIt,
- &numObjects,
- &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- for (i=0; i<numObjects; i++) {
- cache->objects[cachedTrust][i] = create_trust(objects[i], &status);
- if (status != PR_SUCCESS) {
- break;
- }
- }
- if (status == PR_SUCCESS) {
- nss_ZFreeIf(objects);
- } else {
- PRUint32 j;
- for (j=0; j<i; j++) {
- /* sigh */
- nssToken_AddRef(cache->objects[cachedTrust][i]->object->token);
- nssArena_Destroy(cache->objects[cachedTrust][i]->arena);
- }
- nssCryptokiObjectArray_Destroy(objects);
- }
- cache->searchedObjectType[cachedTrust] = PR_TRUE;
- return status;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_crl
-(
- nssCryptokiObject *object,
- PRStatus *status
-)
-{
- CK_ATTRIBUTE_TYPE crlAttr[] = {
- CKA_CLASS,
- CKA_TOKEN,
- CKA_LABEL,
- CKA_VALUE,
- CKA_SUBJECT,
- CKA_NETSCAPE_KRL,
- CKA_NETSCAPE_URL
- };
- PRUint32 numCRLAttr = sizeof(crlAttr) / sizeof(crlAttr[0]);
- return create_object(object, crlAttr, numCRLAttr, status);
-}
-
-static PRStatus
-get_token_crls_for_cache
-(
- nssTokenObjectCache *cache
-)
-{
- PRStatus status;
- nssCryptokiObject **objects;
- PRBool *doIt = &cache->doObjectType[cachedCRLs];
- PRUint32 i, numObjects;
-
- if (!search_for_objects(cache) ||
- cache->searchedObjectType[cachedCRLs] ||
- !cache->doObjectType[cachedCRLs])
- {
- /* Either there was a state change that prevents a search
- * (token removed or logged out), or the search was already done,
- * or CRLs are not being cached.
- */
- return PR_SUCCESS;
- }
- objects = nssToken_FindCRLs(cache->token, NULL,
- nssTokenSearchType_TokenForced,
- MAX_LOCAL_CACHE_OBJECTS, &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- cache->objects[cachedCRLs] = create_object_array(objects,
- doIt,
- &numObjects,
- &status);
- if (status != PR_SUCCESS) {
- return status;
- }
- for (i=0; i<numObjects; i++) {
- cache->objects[cachedCRLs][i] = create_crl(objects[i], &status);
- if (status != PR_SUCCESS) {
- break;
- }
- }
- if (status == PR_SUCCESS) {
- nss_ZFreeIf(objects);
- } else {
- PRUint32 j;
- for (j=0; j<i; j++) {
- /* sigh */
- nssToken_AddRef(cache->objects[cachedCRLs][i]->object->token);
- nssArena_Destroy(cache->objects[cachedCRLs][i]->arena);
- }
- nssCryptokiObjectArray_Destroy(objects);
- }
- cache->searchedObjectType[cachedCRLs] = PR_TRUE;
- return status;
-}
-
-static CK_ATTRIBUTE_PTR
-find_attribute_in_object
-(
- nssCryptokiObjectAndAttributes *obj,
- CK_ATTRIBUTE_TYPE attrType
-)
-{
- PRUint32 j;
- for (j=0; j<obj->numAttributes; j++) {
- if (attrType == obj->attributes[j].type) {
- return &obj->attributes[j];
- }
- }
- return (CK_ATTRIBUTE_PTR)NULL;
-}
-
-/* Find all objects in the array that match the supplied template */
-static nssCryptokiObject **
-find_objects_in_array
-(
- nssCryptokiObjectAndAttributes **objArray,
- CK_ATTRIBUTE_PTR ot,
- CK_ULONG otlen,
- PRUint32 maximumOpt
-)
-{
- PRIntn oi = 0;
- PRUint32 i;
- NSSArena *arena;
- PRUint32 size = 8;
- PRUint32 numMatches = 0;
- nssCryptokiObject **objects = NULL;
- nssCryptokiObjectAndAttributes **matches = NULL;
- CK_ATTRIBUTE_PTR attr;
-
- if (!objArray) {
- return (nssCryptokiObject **)NULL;
- }
- arena = nssArena_Create();
- if (!arena) {
- return (nssCryptokiObject **)NULL;
- }
- matches = nss_ZNEWARRAY(arena, nssCryptokiObjectAndAttributes *, size);
- if (!matches) {
- goto loser;
- }
- if (maximumOpt == 0) maximumOpt = ~0;
- /* loop over the cached objects */
- for (; *objArray && numMatches < maximumOpt; objArray++) {
- nssCryptokiObjectAndAttributes *obj = *objArray;
- /* loop over the test template */
- for (i=0; i<otlen; i++) {
- /* see if the object has the attribute */
- attr = find_attribute_in_object(obj, ot[i].type);
- if (!attr) {
- /* nope, match failed */
- break;
- }
- /* compare the attribute against the test value */
- if (ot[i].ulValueLen != attr->ulValueLen ||
- !nsslibc_memequal(ot[i].pValue,
- attr->pValue,
- attr->ulValueLen, NULL))
- {
- /* nope, match failed */
- break;
- }
- }
- if (i == otlen) {
- /* all of the attributes in the test template were found
- * in the object's template, and they all matched
- */
- matches[numMatches++] = obj;
- if (numMatches == size) {
- size *= 2;
- matches = nss_ZREALLOCARRAY(matches,
- nssCryptokiObjectAndAttributes *,
- size);
- if (!matches) {
- goto loser;
- }
- }
- }
- }
- if (numMatches > 0) {
- objects = nss_ZNEWARRAY(NULL, nssCryptokiObject *, numMatches + 1);
- if (!objects) {
- goto loser;
- }
- for (oi=0; oi<(PRIntn)numMatches; oi++) {
- objects[oi] = nssCryptokiObject_Clone(matches[oi]->object);
- if (!objects[oi]) {
- goto loser;
- }
- }
- }
- nssArena_Destroy(arena);
- return objects;
-loser:
- if (objects) {
- for (--oi; oi>=0; --oi) {
- nssCryptokiObject_Destroy(objects[oi]);
- }
- }
- nssArena_Destroy(arena);
- return (nssCryptokiObject **)NULL;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssTokenObjectCache_FindObjectsByTemplate
-(
- nssTokenObjectCache *cache,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR otemplate,
- CK_ULONG otlen,
- PRUint32 maximumOpt,
- PRStatus *statusOpt
-)
-{
- PRStatus status = PR_FAILURE;
- nssCryptokiObject **rvObjects = NULL;
- PZ_Lock(cache->lock);
- switch (objclass) {
- case CKO_CERTIFICATE:
- if (cache->doObjectType[cachedCerts]) {
- status = get_token_certs_for_cache(cache);
- if (status != PR_SUCCESS) {
- goto finish;
- }
- rvObjects = find_objects_in_array(cache->objects[cachedCerts],
- otemplate, otlen, maximumOpt);
- }
- break;
- case CKO_NETSCAPE_TRUST:
- if (cache->doObjectType[cachedTrust]) {
- status = get_token_trust_for_cache(cache);
- if (status != PR_SUCCESS) {
- goto finish;
- }
- rvObjects = find_objects_in_array(cache->objects[cachedTrust],
- otemplate, otlen, maximumOpt);
- }
- break;
- case CKO_NETSCAPE_CRL:
- if (cache->doObjectType[cachedCRLs]) {
- status = get_token_crls_for_cache(cache);
- if (status != PR_SUCCESS) {
- goto finish;
- }
- rvObjects = find_objects_in_array(cache->objects[cachedCRLs],
- otemplate, otlen, maximumOpt);
- }
- break;
- default: break;
- }
-finish:
- PZ_Unlock(cache->lock);
- if (statusOpt) {
- *statusOpt = status;
- }
- return rvObjects;
-}
-
-static PRBool
-cache_available_for_object_type
-(
- nssTokenObjectCache *cache,
- PRUint32 objectType
-)
-{
- if (!cache->doObjectType[objectType]) {
- /* not caching this object kind */
- return PR_FALSE;
- }
- if (!cache->searchedObjectType[objectType]) {
- /* objects are not cached yet */
- return PR_FALSE;
- }
- if (!search_for_objects(cache)) {
- /* not logged in or removed */
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTokenObjectCache_GetObjectAttributes
-(
- nssTokenObjectCache *cache,
- NSSArena *arenaOpt,
- nssCryptokiObject *object,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR atemplate,
- CK_ULONG atlen
-)
-{
- PRUint32 i, j;
- NSSArena *arena = NULL;
- nssArenaMark *mark = NULL;
- nssCryptokiObjectAndAttributes *cachedOA = NULL;
- nssCryptokiObjectAndAttributes **oa = NULL;
- PRUint32 objectType;
- PZ_Lock(cache->lock);
- switch (objclass) {
- case CKO_CERTIFICATE: objectType = cachedCerts; break;
- case CKO_NETSCAPE_TRUST: objectType = cachedTrust; break;
- case CKO_NETSCAPE_CRL: objectType = cachedCRLs; break;
- default: goto loser;
- }
- if (!cache_available_for_object_type(cache, objectType)) {
- goto loser;
- }
- oa = cache->objects[objectType];
- if (!oa) {
- goto loser;
- }
- for (; *oa; oa++) {
- if (nssCryptokiObject_Equal((*oa)->object, object)) {
- cachedOA = *oa;
- break;
- }
- }
- if (!cachedOA) {
- goto loser; /* don't have this object */
- }
- if (arenaOpt) {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- }
- for (i=0; i<atlen; i++) {
- for (j=0; j<cachedOA->numAttributes; j++) {
- if (atemplate[i].type == cachedOA->attributes[j].type) {
- CK_ATTRIBUTE_PTR attr = &cachedOA->attributes[j];
- if (cachedOA->attributes[j].ulValueLen == 0 ||
- cachedOA->attributes[j].ulValueLen == (CK_ULONG)-1)
- {
- break; /* invalid attribute */
- }
- if (atemplate[i].ulValueLen > 0) {
- if (atemplate[i].pValue == NULL ||
- atemplate[i].ulValueLen < attr->ulValueLen)
- {
- goto loser;
- }
- } else {
- atemplate[i].pValue = nss_ZAlloc(arena, attr->ulValueLen);
- if (!atemplate[i].pValue) {
- goto loser;
- }
- }
- nsslibc_memcpy(atemplate[i].pValue,
- attr->pValue, attr->ulValueLen);
- atemplate[i].ulValueLen = attr->ulValueLen;
- break;
- }
- }
- if (j == cachedOA->numAttributes) {
- atemplate[i].ulValueLen = (CK_ULONG)-1;
- }
- }
- PZ_Unlock(cache->lock);
- if (mark) {
- nssArena_Unmark(arena, mark);
- }
- return PR_SUCCESS;
-loser:
- PZ_Unlock(cache->lock);
- if (mark) {
- nssArena_Release(arena, mark);
- }
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTokenObjectCache_ImportObject
-(
- nssTokenObjectCache *cache,
- nssCryptokiObject *object,
- CK_OBJECT_CLASS objclass,
- CK_ATTRIBUTE_PTR ot,
- CK_ULONG otlen
-)
-{
- PRStatus status = PR_SUCCESS;
- PRUint32 count;
- nssCryptokiObjectAndAttributes **oa, ***otype;
- PRUint32 objectType;
- PRBool haveIt = PR_FALSE;
-
- PZ_Lock(cache->lock);
- switch (objclass) {
- case CKO_CERTIFICATE: objectType = cachedCerts; break;
- case CKO_NETSCAPE_TRUST: objectType = cachedTrust; break;
- case CKO_NETSCAPE_CRL: objectType = cachedCRLs; break;
- default:
- PZ_Unlock(cache->lock);
- return PR_SUCCESS; /* don't need to import it here */
- }
- if (!cache_available_for_object_type(cache, objectType)) {
- PZ_Unlock(cache->lock);
- return PR_SUCCESS; /* cache not active, ignored */
- }
- count = 0;
- otype = &cache->objects[objectType]; /* index into array of types */
- oa = *otype; /* the array of objects for this type */
- while (oa && *oa) {
- if (nssCryptokiObject_Equal((*oa)->object, object)) {
- haveIt = PR_TRUE;
- break;
- }
- count++;
- oa++;
- }
- if (haveIt) {
- /* Destroy the old entry */
- (*oa)->object->token = NULL;
- nssCryptokiObject_Destroy((*oa)->object);
- nssArena_Destroy((*oa)->arena);
- } else {
- /* Create space for a new entry */
- if (count > 0) {
- *otype = nss_ZREALLOCARRAY(*otype,
- nssCryptokiObjectAndAttributes *,
- count + 2);
- } else {
- *otype = nss_ZNEWARRAY(NULL, nssCryptokiObjectAndAttributes *, 2);
- }
- }
- if (*otype) {
- nssCryptokiObject *copyObject = nssCryptokiObject_Clone(object);
- if (objectType == cachedCerts) {
- (*otype)[count] = create_cert(copyObject, &status);
- } else if (objectType == cachedTrust) {
- (*otype)[count] = create_trust(copyObject, &status);
- } else if (objectType == cachedCRLs) {
- (*otype)[count] = create_crl(copyObject, &status);
- }
- } else {
- status = PR_FAILURE;
- }
- PZ_Unlock(cache->lock);
- return status;
-}
-
-NSS_IMPLEMENT void
-nssTokenObjectCache_RemoveObject
-(
- nssTokenObjectCache *cache,
- nssCryptokiObject *object
-)
-{
- PRUint32 oType;
- nssCryptokiObjectAndAttributes **oa, **swp = NULL;
- PZ_Lock(cache->lock);
- for (oType=0; oType<3; oType++) {
- if (!cache_available_for_object_type(cache, oType) ||
- !cache->objects[oType])
- {
- continue;
- }
- for (oa = cache->objects[oType]; *oa; oa++) {
- if (nssCryptokiObject_Equal((*oa)->object, object)) {
- swp = oa; /* the entry to remove */
- while (oa[1]) oa++; /* go to the tail */
- (*swp)->object->token = NULL;
- nssCryptokiObject_Destroy((*swp)->object);
- nssArena_Destroy((*swp)->arena); /* destroy it */
- *swp = *oa; /* swap the last with the removed */
- *oa = NULL; /* null-terminate the array */
- break;
- }
- }
- if (swp) {
- break;
- }
- }
- if ((oType <3) &&
- cache->objects[oType] && cache->objects[oType][0] == NULL) {
- nss_ZFreeIf(cache->objects[oType]); /* no entries remaining */
- cache->objects[oType] = NULL;
- }
- PZ_Unlock(cache->lock);
-}
-
-/* These two hash algorithms are presently sufficient.
-** They are used for fingerprints of certs which are stored as the
-** CKA_CERT_SHA1_HASH and CKA_CERT_MD5_HASH attributes.
-** We don't need to add SHAxxx to these now.
-*/
-/* XXX of course this doesn't belong here */
-NSS_IMPLEMENT NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateSHA1Digest
-(
- NSSArena *arenaOpt
-)
-{
- NSSAlgorithmAndParameters *rvAP = NULL;
- rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
- if (rvAP) {
- rvAP->mechanism.mechanism = CKM_SHA_1;
- rvAP->mechanism.pParameter = NULL;
- rvAP->mechanism.ulParameterLen = 0;
- }
- return rvAP;
-}
-
-NSS_IMPLEMENT NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateMD5Digest
-(
- NSSArena *arenaOpt
-)
-{
- NSSAlgorithmAndParameters *rvAP = NULL;
- rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
- if (rvAP) {
- rvAP->mechanism.mechanism = CKM_MD5;
- rvAP->mechanism.pParameter = NULL;
- rvAP->mechanism.ulParameterLen = 0;
- }
- return rvAP;
-}
-
diff --git a/security/nss/lib/dev/manifest.mn b/security/nss/lib/dev/manifest.mn
deleted file mode 100644
index 6297b4cc3..000000000
--- a/security/nss/lib/dev/manifest.mn
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- ckhelper.h \
- devt.h \
- dev.h \
- nssdevt.h \
- nssdev.h \
- $(NULL)
-
-EXPORTS = \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- devmod.c \
- devslot.c \
- devtoken.c \
- devutil.c \
- ckhelper.c \
- $(NULL)
-
-# here is where the 3.4 glue code is added
-ifndef PURE_STAN_BUILD
-DEFINES = -DNSS_3_4_CODE
-PRIVATE_EXPORTS += devm.h devtm.h
-endif
-
-REQUIRES = nspr
-
-LIBRARY_NAME = nssdev
diff --git a/security/nss/lib/dev/nssdev.h b/security/nss/lib/dev/nssdev.h
deleted file mode 100644
index 7b219adfe..000000000
--- a/security/nss/lib/dev/nssdev.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSDEV_H
-#define NSSDEV_H
-
-#ifdef DEBUG
-static const char NSSDEV_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-/*
- * nssdev.h
- *
- * High-level methods for interaction with cryptoki devices
- */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* NSSAlgorithmAndParameters
- *
- * NSSAlgorithmAndParameters_CreateSHA1Digest
- * NSSAlgorithmAndParameters_CreateMD5Digest
- */
-
-NSS_EXTERN NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateSHA1Digest
-(
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateMD5Digest
-(
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/nssdevt.h b/security/nss/lib/dev/nssdevt.h
deleted file mode 100644
index a603ce545..000000000
--- a/security/nss/lib/dev/nssdevt.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSDEVT_H
-#define NSSDEVT_H
-
-#ifdef DEBUG
-static const char NSSDEVT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssdevt.h
- *
- * This file contains definitions for the low-level cryptoki devices.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSModule and NSSSlot -- placeholders for the PKCS#11 types
- */
-
-typedef struct NSSModuleStr NSSModule;
-
-typedef struct NSSSlotStr NSSSlot;
-
-typedef struct NSSTokenStr NSSToken;
-
-PR_END_EXTERN_C
-
-#endif /* NSSDEVT_H */
diff --git a/security/nss/lib/fortcrypt/Makefile b/security/nss/lib/fortcrypt/Makefile
deleted file mode 100644
index b3913b3a0..000000000
--- a/security/nss/lib/fortcrypt/Makefile
+++ /dev/null
@@ -1,176 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-CILIB = $(OBJDIR)/cilib.$(LIB_SUFFIX)
-ORIG_CILIB = libci/$(OS_TARGET)$(OS_RELEASE).$(LIB_SUFFIX)
-
-ifeq (,$(filter-out WINNT WINCE,$(OS_TARGET))) # omits WIN16 WIN95
-ORIG_CILIB = libci/tssp32.lib
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-ORIG_CILIB = libci/tssp.lib
-endif
-
-ifeq ($(OS_TARGET), WIN95)
-ORIG_CILIB = libci/tssp32.lib
-endif
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-STUBDLL = $(OBJDIR)/stub.$(DLL_SUFFIX)
-endif
-
-STUBLIB = $(OBJDIR)/stub.$(LIB_SUFFIX)
-
-ifeq ($(OS_TARGET), WIN16)
-W16LIBS += $(CILIB)
-else
-EXTRA_LIBS += $(CILIB)
-endif
-
-INST_JS = inst.js
-LIBCI_JAR = $(OBJDIR)/libfort.jar
-LIBCI_JAR_SRC = $(INST_JS) $(SHARED_LIBRARY)
-
-ifneq ($(OS_TARGET), WIN16)
-TARGETS : $(LIBCI_JAR)
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-# note that rules.mk is not included below for WIN16
-all:
- @echo Skipping fortcrypt directory for 16-bit windows builds
-
-all_platforms alltags clean clobber clobber_all realclean: all
-
-boot export install libs program release: all
-
-endif
-
-$(SHARED_LIBRARY): $(CILIB) $(DIRS)
-
-cilib_name:
- @echo $(CILIB)
-
-$(CILIB):
- @$(MAKE_OBJDIR)
- @if test -f $(ORIG_CILIB); then \
- echo "Copying $(ORIG_CILIB) to $@"; \
- cp $(ORIG_CILIB) $@; \
- else \
- echo "Making empty stub $@"; \
- $(MAKE) $(STUBLIB); \
- fi
- @$(RANLIB) $@
-
-$(STUBLIB): $(OBJDIR)/maci$(OBJ_SUFFIX)
- @$(MAKE_OBJDIR)
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- $(MAKE) $(STUBDLL)
-else
- $(AR) $<
-endif
- cp $@ $(CILIB)
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-$(STUBDLL): $(OBJDIR)/maci.o
-ifdef NS_USE_GCC
- $(LINK_DLL) -Wl,--out-implib,$(STUBLIB) $(OBJDIR)/maci.o $(OS_LIBS)
-else
- $(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJDIR)/maci.o $(OS_LIBS))
-endif
-
-$(OBJDIR)/maci.o: maci.c
-ifdef NS_USE_GCC
- $(CC) -o $@ -c $(CFLAGS) $<
-else
- $(CC) -Fo$@ -c $(CFLAGS) $<
-endif
-endif
-
-#
-# The following rules packages the shared library into a JAR,
-# ready to be signed
-#
-$(OBJDIR)/replace: replace.c
- $(CC) -o $@ $<
-
-# ZIP options:
-# -5 means medium compression
-# -q means quiet
-# -j means do not store tree structure, all files go into one dir
-#
-$(LIBCI_JAR): $(DIRS) $(LIBCI_JAR_SRC)
- @echo +++ building $@ from $(LIBCI_JAR_SRC)
- @rm -f $@
- zip -5qj $@ $(LIBCI_JAR_SRC)
-
-force:
- (cd swfort ; $(MAKE))
-
-
-MD_FILES += $(LIBCI_JAR)
-
-# coreconf doesn't build the AIX shared library for FORTEZZA,
-# so I'm going to override their shared library command and build the shared
-# library the way config used to.
-#
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS = -lc
-MKSHLIB = svld $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
- $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
- chmod +x $@
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-LD += -G
-endif
-
-
-ifneq ($(OS_TARGET), WIN16)
-include $(CORE_DEPTH)/coreconf/rules.mk
-endif
-
-export:: private_export
-
-
diff --git a/security/nss/lib/fortcrypt/config.mk b/security/nss/lib/fortcrypt/config.mk
deleted file mode 100644
index d54a9dfc0..000000000
--- a/security/nss/lib/fortcrypt/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only shared libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(SHARED_LIBRARY)
-LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/fortcrypt/cryptint.h b/security/nss/lib/fortcrypt/cryptint.h
deleted file mode 100644
index c4de00ff2..000000000
--- a/security/nss/lib/fortcrypt/cryptint.h
+++ /dev/null
@@ -1,703 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* @(#)cryptint.h 1.26\t10 Nov 1995 */
-/*****************************************************************************
- Definitive Fortezza header file.
- Application Level Interface to Fortezza CI Library.
-
- Version for CI Library 1.52
- November 8, 1995
-
-
- NOTICE: Fortezza Export Policy
-
- The Fortezza Cryptologic Interface (CI) Library (both source and
- object) and Fortezza CI Library based applications are defense
- articles, as defined in the International Traffic In Arms
- Regulations (ITAR), and are subject to export controls under the
- ITAR and the Arms Export Control Act. Any export to any country
- of (a) the Fortezza CI Library, related documentation, and
- technical data, or (b) your cryptographic application, process,
- or service that is the direct product of, or contains the
- Fortezza CI Library must comply with the requirements of the ITAR.
- If you or your customer intends to engage in such export, contact
- the United States Department of State, Office of Defense Trade
- Controls for specific guidance.
-
-
- ****************************************************************************/
-#ifndef __CRYPTINT_H
-#define __CRYPTINT_H
-
-#if __cplusplus__ || __cplusplus
-extern "C"
-{
-#endif /* C++ */
-
-#ifndef PROTO_LIST
-#ifdef _K_AND_R_
-#define PROTO_LIST(list) ()
-#else
-#define PROTO_LIST(list) list
-#endif /*_K_AND_R_ */
-#endif /* PROTO_LIST */
-
-
-#ifndef RETURN_TYPE
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE __declspec(dllimport) int
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define RETURN_TYPE extern int _far _pascal
-#else
-#define RETURN_TYPE extern int
-#endif /* Windows */
-#endif /* RETURN_TYPE */
-
-/* MS Visual C++ defines _MSDOS and _WINDOWS */
-/* Borland C/C++ defines __MSDOS__ and _Windows */
-#if defined( _WIN32 ) || defined ( __WIN32__ )
-#define CI_FAR
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define CI_FAR _far
-#else
-#define CI_FAR
-#endif /* MS DOS or Windows */
-
-
-/*****************************************************************************
- Constants
- ****************************************************************************/
-#define CI_LIB_VERSION_VAL 0x0152 /* Version 1.52 */
-
-#define CI_CERT_SIZE 2048
-#define CI_CERT_FLAGS_SIZE 16
-#define CI_CERT_NAME_SIZE 32
-#define CI_CHALLENGE_SIZE 20
-
-#define CI_G_SIZE 128
-
-#define CI_HASHVALUE_SIZE 20
-
-#define CI_IV_SIZE 24
-
-#define CI_KEY_SIZE 12
-#define CI_KS_SIZE 10
-
-#define CI_NAME_SIZE 32
-
-#define CI_PASSWORD_SIZE 24
-#define CI_PIN_SIZE 12
-#define CI_P_SIZE 128
-
-#define CI_Q_SIZE 20
-
-#define CI_R_SIZE 40
-#define CI_RANDOM_NO_SIZE 20
-#define CI_RANDOM_SEED_SIZE 8
-#define CI_RA_SIZE 128
-#define CI_RB_SIZE 128
-#define CI_REG_FLAGS_SIZE 4
-
-#define CI_S_SIZE 40
-#define CI_SAVE_DATA_SIZE 28
-#define CI_SERIAL_NUMBER_SIZE 8
-#define CI_SIGNATURE_SIZE 40
-#define CI_STATUS_FLAGS_SIZE 4
-
-#define CI_TIME_SIZE 16
-#define CI_TIMESTAMP_SIZE 16
-
-#define CI_WRAPPED_X_SIZE 24
-
-#define CI_Y_SIZE 128
-
-#define CI_X_SIZE 20
-
-
-/* Miscellaneous */
-#define CI_NULL_FLAG 0
-#define CI_POWER_DOWN_FLAG 2
-#define CI_NO_LOG_OFF_FLAG 4
-#define CI_INITIATOR_FLAG 0
-#define CI_RECIPIENT_FLAG 1
-
-#define CI_BLOCK_LOCK_FLAG 1
-#define CI_SSO_LOGGED_ON 0x40
-#define CI_USER_LOGGED_ON 0x00
-#define CI_FAST_MODE 0x10
-#define CI_SLOW_MODE 0x00
-#define CI_WORST_CASE_MODE 0x40
-#define CI_TYPICAL_CASE_MODE 0x00
-
-/* Card Public Key Algorithms Types */
-#define CI_DSA_TYPE 0xA
-#define CI_KEA_TYPE 0x5
-#define CI_DSA_KEA_TYPE 0xF
-
-/* Fortezza Pin Types */
-#define CI_SSO_PIN 0x25
-#define CI_USER_PIN 0x2A
-
-/* Crypto Types */
-#define CI_ENCRYPT_TYPE 0
-#define CI_DECRYPT_TYPE 1
-#define CI_HASH_TYPE 2
-
-/* Save and Restore Types */
-#define CI_ENCRYPT_INT_TYPE 0x00 /* Internal Encryption */
-#define CI_ENCRYPT_EXT_TYPE 0x10 /* External Encryption */
-#define CI_DECRYPT_INT_TYPE 0x01 /* Internal Decryption */
-#define CI_DECRYPT_EXT_TYPE 0x11 /* External Decryption */
-#define CI_HASH_INT_TYPE 0x02 /* Internal Hash */
-#define CI_HASH_EXT_TYPE 0x12 /* External Hash */
-#define CI_TYPE_EXT_FLAG 0x10 /* Used to differentiate */
-
-/* Configuration types */
-#define CI_SET_SPEED_TYPE 1
-#define CI_SET_TIMING_TYPE 2
-
-/* Lock States */
-#define CI_SOCKET_UNLOCKED 0
-#define CI_HOLD_LOCK 1
-#define CI_SOCKET_LOCKED 2
-
-/* Fortezza Crypto Types Modes */
-#define CI_ECB64_MODE 0
-#define CI_CBC64_MODE 1
-#define CI_OFB64_MODE 2
-#define CI_CFB64_MODE 3
-#define CI_CFB32_MODE 4
-#define CI_CFB16_MODE 5
-#define CI_CFB8_MODE 6
-
-/* Card States */
-#define CI_POWER_UP 0
-#define CI_UNINITIALIZED 1
-#define CI_INITIALIZED 2
-#define CI_SSO_INITIALIZED 3
-#define CI_LAW_INITIALIZED 4
-#define CI_USER_INITIALIZED 5
-#define CI_STANDBY 6
-#define CI_READY 7
-#define CI_ZEROIZE 8
-#define CI_INTERNAL_FAILURE (-1)
-
-/* Flags for Firmware Update. */
-#define CI_NOT_LAST_BLOCK_FLAG 0x00000000UL
-#define CI_LAST_BLOCK_FLAG 0x80000000UL
-#define CI_DESTRUCTIVE_FLAG 0x000000FFUL
-#define CI_NONDESTRUCTIVE_FLAG 0x0000FF00UL
-
-
-/****************************************************************************
- Fortezza Library Return Codes
- ***************************************************************************/
-
-/* Card Responses */
-#define CI_OK 0
-#define CI_FAIL 1
-#define CI_CHECKWORD_FAIL 2
-#define CI_INV_TYPE 3
-#define CI_INV_MODE 4
-#define CI_INV_KEY_INDEX 5
-#define CI_INV_CERT_INDEX 6
-#define CI_INV_SIZE 7
-#define CI_INV_HEADER 8
-#define CI_INV_STATE 9
-#define CI_EXEC_FAIL 10
-#define CI_NO_KEY 11
-#define CI_NO_IV 12
-#define CI_NO_X 13
-
-#define CI_NO_SAVE 15
-#define CI_REG_IN_USE 16
-#define CI_INV_COMMAND 17
-#define CI_INV_POINTER 18
-#define CI_BAD_CLOCK 19
-#define CI_NO_DSA_PARMS 20
-
-/* Library Errors */
-#define CI_ERROR (-1)
-#define CI_LIB_NOT_INIT (-2)
-#define CI_CARD_NOT_READY (-3)
-#define CI_CARD_IN_USE (-4)
-#define CI_TIME_OUT (-5)
-#define CI_OUT_OF_MEMORY (-6)
-#define CI_NULL_PTR (-7)
-#define CI_BAD_SIZE (-8)
-#define CI_NO_DECRYPT (-9)
-#define CI_NO_ENCRYPT (-10)
-#define CI_NO_EXECUTE (-11)
-#define CI_BAD_PARAMETER (-12)
-#define CI_OUT_OF_RESOURCES (-13)
-
-#define CI_NO_CARD (-20)
-#define CI_NO_DRIVER (-21)
-#define CI_NO_CRDSRV (-22)
-#define CI_NO_SCTSRV (-23)
-
-#define CI_BAD_CARD (-30)
-#define CI_BAD_IOCTL (-31)
-#define CI_BAD_READ (-32)
-#define CI_BAD_SEEK (-33)
-#define CI_BAD_WRITE (-34)
-#define CI_BAD_FLUSH (-35)
-#define CI_BAD_IOSEEK (-36)
-#define CI_BAD_ADDR (-37)
-
-#define CI_INV_SOCKET_INDEX (-40)
-#define CI_SOCKET_IN_USE (-41)
-#define CI_NO_SOCKET (-42)
-#define CI_SOCKET_NOT_OPENED (-43)
-#define CI_BAD_TUPLES (-44)
-#define CI_NOT_A_CRYPTO_CARD (-45)
-
-#define CI_INVALID_FUNCTION (-50)
-#define CI_LIB_ALRDY_INIT (-51)
-#define CI_SRVR_ERROR (-52)
-
-
-/*****************************************************************************
- Data Structures
- ****************************************************************************/
-
-typedef unsigned char CI_CERTIFICATE[CI_CERT_SIZE];
-
-typedef unsigned char CI_CERT_FLAGS[CI_CERT_FLAGS_SIZE];
-
-typedef unsigned char CI_CERT_STR[CI_CERT_NAME_SIZE+4];
-
-typedef unsigned char CI_FAR *CI_DATA;
-
-typedef unsigned char CI_G[CI_G_SIZE];
-
-typedef unsigned char CI_HASHVALUE[CI_HASHVALUE_SIZE];
-
-typedef unsigned char CI_IV[CI_IV_SIZE];
-
-typedef unsigned char CI_KEY[CI_KEY_SIZE];
-
-typedef unsigned char CI_KS[CI_KS_SIZE];
-
-typedef unsigned char CI_P[CI_P_SIZE];
-
-typedef unsigned char CI_PASSWORD[CI_PASSWORD_SIZE + 4];
-
-typedef unsigned char CI_PIN[CI_PIN_SIZE + 4];
-
-typedef unsigned char CI_Q[CI_Q_SIZE];
-
-typedef unsigned char CI_RA[CI_RA_SIZE];
-
-typedef unsigned char CI_RB[CI_RB_SIZE];
-
-typedef unsigned char CI_RANDOM[CI_RANDOM_NO_SIZE];
-
-typedef unsigned char CI_RANDSEED[CI_RANDOM_SEED_SIZE];
-
-typedef unsigned char CI_REG_FLAGS[CI_REG_FLAGS_SIZE];
-
-typedef unsigned char CI_SIGNATURE[CI_SIGNATURE_SIZE];
-
-typedef unsigned char CI_SAVE_DATA[CI_SAVE_DATA_SIZE];
-
-typedef unsigned char CI_SERIAL_NUMBER[CI_SERIAL_NUMBER_SIZE];
-
-typedef unsigned int CI_STATE, CI_FAR *CI_STATE_PTR;
-
-typedef unsigned char CI_TIME[CI_TIME_SIZE];
-
-typedef unsigned char CI_TIMESTAMP[CI_TIMESTAMP_SIZE];
-
-typedef unsigned char CI_WRAPPED_X[CI_WRAPPED_X_SIZE];
-
-typedef unsigned char CI_Y[CI_Y_SIZE];
-
-typedef unsigned char CI_X[CI_X_SIZE];
-
-typedef struct {
- int LibraryVersion; /* CI Library version */
- int ManufacturerVersion; /* Card's hardware version */
- char ManufacturerName[CI_NAME_SIZE+4]; /* Card manufacturer's name*/
- char ProductName[CI_NAME_SIZE+4]; /* Card's product name */
- char ProcessorType[CI_NAME_SIZE+4]; /* Card's processor type */
- unsigned long UserRAMSize; /* Amount of User RAM in bytes */
- unsigned long LargestBlockSize; /* Largest block of data to pass in */
- int KeyRegisterCount; /* Number of key registers */
- int CertificateCount; /* Maximum number of personalities (# certs-1) */
- int CryptoCardFlag; /* A flag that if non-zero indicates that there is
- a Crypto-Card in the socket. If this value is
- zero then there is NOT a Crypto-Card in the
- sockets. */
- int ICDVersion; /* The ICD compliance level */
- int ManufacturerSWVer; /* The Manufacturer's Software Version */
- int DriverVersion; /* Driver Version */
-} CI_CONFIG, CI_FAR *CI_CONFIG_PTR;
-
-typedef struct {
- int CertificateIndex; /* Index from 1 to CertificateCount */
- CI_CERT_STR CertLabel; /* The certificate label */
-} CI_PERSON, CI_FAR *CI_PERSON_PTR;
-
-typedef struct {
- int CurrentSocket; /* The currently selected socket */
- int LockState; /* Lock status of the current socket */
- CI_SERIAL_NUMBER SerialNumber; /* Serial number of the Crypto Engine chip */
- CI_STATE CurrentState; /* State of The Card */
- int DecryptionMode; /* Decryption mode of The Card */
- int EncryptionMode; /* Encryption mode of The Card */
- int CurrentPersonality; /* Index of the current personality */
- int KeyRegisterCount; /* No. of Key Register on The Card */
- CI_REG_FLAGS KeyRegisterFlags; /* Bit Masks indicating Key Register use */
- int CertificateCount; /* No. of Certificates on The Card */
- CI_CERT_FLAGS CertificateFlags; /* Bit Mask indicating certificate use */
- unsigned char Flags[CI_STATUS_FLAGS_SIZE];
- /* Flag[0] : bit 6 for Condition mode */
- /* bit 4 for Clock mode */
-} CI_STATUS, CI_FAR *CI_STATUS_PTR;
-
-
-/*****************************************************************************
- Function Call Prototypes
- ****************************************************************************/
-
-RETURN_TYPE
-CI_ChangePIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) );
-
-RETURN_TYPE
-CI_CheckPIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pPIN ) );
-
-RETURN_TYPE
-CI_Close PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-CI_Decrypt PROTO_LIST( (
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) );
-
-RETURN_TYPE
-CI_DeleteCertificate PROTO_LIST( (
- int CertificateIndex ) );
-
-RETURN_TYPE
-CI_DeleteKey PROTO_LIST( (
- int RegisterIndex ) );
-
-RETURN_TYPE
-CI_Encrypt PROTO_LIST( (
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) );
-
-RETURN_TYPE
-CI_ExtractX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-CI_FirmwareUpdate PROTO_LIST( (
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-CI_GenerateIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-CI_GenerateMEK PROTO_LIST( (
- int RegisterIndex,
- int Reserved ) );
-
-RETURN_TYPE
-CI_GenerateRa PROTO_LIST( (
- CI_RA CI_FAR pRa ) );
-
-RETURN_TYPE
-CI_GenerateRandom PROTO_LIST( (
- CI_RANDOM CI_FAR pRandom ) );
-
-RETURN_TYPE
-CI_GenerateTEK PROTO_LIST( (
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-CI_GenerateX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-CI_GetCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) );
-
-RETURN_TYPE
-CI_GetConfiguration PROTO_LIST( (
- CI_CONFIG_PTR pConfiguration ) );
-
-RETURN_TYPE
-CI_GetHash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) );
-
-RETURN_TYPE
-CI_GetPersonalityList PROTO_LIST( (
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) );
-
-RETURN_TYPE
-CI_GetState PROTO_LIST( (
- CI_STATE_PTR pState ) );
-
-RETURN_TYPE
-CI_GetStatus PROTO_LIST( (
- CI_STATUS_PTR pStatus ) );
-
-RETURN_TYPE
-CI_GetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-CI_Hash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-CI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) );
-
-RETURN_TYPE
-CI_InitializeHash PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_InstallX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-CI_LoadCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) );
-
-RETURN_TYPE
-CI_LoadDSAParameters PROTO_LIST( (
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-CI_LoadInitValues PROTO_LIST( (
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) );
-
-RETURN_TYPE
-CI_LoadIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-CI_LoadX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-CI_Lock PROTO_LIST( (
- int Flags ) );
-
-RETURN_TYPE
-CI_Open PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-CI_RelayX PROTO_LIST( (
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) );
-
-RETURN_TYPE
-CI_Reset PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_Restore PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-CI_Save PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-CI_Select PROTO_LIST( (
- int SocketIndex ) );
-
-RETURN_TYPE
-CI_SetConfiguration PROTO_LIST( (
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-CI_SetKey PROTO_LIST( (
- int RegisterIndex ) );
-
-RETURN_TYPE
-CI_SetMode PROTO_LIST( (
- int CryptoType,
- int CryptoMode ) );
-
-RETURN_TYPE
-CI_SetPersonality PROTO_LIST( (
- int CertificateIndex ) );
-
-RETURN_TYPE
-CI_SetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-CI_Sign PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-CI_Terminate PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_TimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-CI_Unlock PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_UnwrapKey PROTO_LIST( (
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-CI_VerifySignature PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-CI_VerifyTimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-CI_WrapKey PROTO_LIST( (
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-CI_Zeroize PROTO_LIST( (
- void ) );
-
-#if __cplusplus__ || __cplusplus
-}
-#endif /* C++ */
-
-#endif /* CRYPTINT_H */
diff --git a/security/nss/lib/fortcrypt/fmutex.c b/security/nss/lib/fortcrypt/fmutex.c
deleted file mode 100644
index ad98c04b6..000000000
--- a/security/nss/lib/fortcrypt/fmutex.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "fmutex.h"
-#include "fpkmem.h"
-#include <stdio.h>
-
-typedef struct PKMutexFunctions {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- int useMutex;
-} PKMutexFunctions;
-
-static PKMutexFunctions gMutex = {NULL, NULL, NULL, NULL, 0};
-static int gInit = 0;
-
-#define FMUTEX_CHECKS() \
- if (gInit == 0) { \
- return CKR_GENERAL_ERROR; \
- } \
- if (!gMutex.useMutex) { \
- return CKR_GENERAL_ERROR; \
- }
-
-CK_RV FMUTEX_Init(CK_C_INITIALIZE_ARGS_PTR pArgs) {
- if (gInit != 0) {
- return CKR_GENERAL_ERROR;
- }
-
- if (pArgs && pArgs->CreateMutex && pArgs->DestroyMutex &&
- pArgs->LockMutex && pArgs->UnlockMutex) {
-
- gMutex.CreateMutex = pArgs->CreateMutex;
- gMutex.DestroyMutex = pArgs->DestroyMutex;
- gMutex.LockMutex = pArgs->LockMutex;
- gMutex.UnlockMutex = pArgs->UnlockMutex;
- gMutex.useMutex = 1;
- gInit = 1;
- } else {
- gInit = 0;
- return CKR_GENERAL_ERROR;
- }
-
- return CKR_OK;
-}
-
-
-CK_RV FMUTEX_Create(CK_VOID_PTR_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.CreateMutex(pMutex);
- return rv;
-}
-
-CK_RV FMUTEX_Destroy(CK_VOID_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.DestroyMutex(pMutex);
- return rv;
-}
-
-CK_RV FMUTEX_Lock(CK_VOID_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.LockMutex(pMutex);
- return rv;
-}
-
-CK_RV FMUTEX_Unlock(CK_VOID_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.UnlockMutex(pMutex);
- return rv;
-}
-
-int FMUTEX_MutexEnabled (void) {
- return gMutex.useMutex;
-}
diff --git a/security/nss/lib/fortcrypt/fmutex.h b/security/nss/lib/fortcrypt/fmutex.h
deleted file mode 100644
index 589eea786..000000000
--- a/security/nss/lib/fortcrypt/fmutex.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _FMUTEX_H_
-#define _FMUTEX_H_ 1
-
-#include "fpkcs11t.h"
-
-/*
- * All of these functions will return CK_RV values.
- */
-extern CK_RV FMUTEX_Init(CK_C_INITIALIZE_ARGS_PTR pArgs);
-
-
-extern CK_RV FMUTEX_Create(CK_VOID_PTR_PTR pMutex);
-
-extern CK_RV FMUTEX_Destroy(CK_VOID_PTR pMutex);
-
-extern CK_RV FMUTEX_Lock(CK_VOID_PTR pMutex);
-
-extern CK_RV FMUTEX_Unlock(CK_VOID_PTR pMutex);
-
-/* Returns 0 if mutexes have not been enabled.
- * Returns 1 if mutexes have been enabled.
- */
-extern int FMUTEX_MutexEnabled(void);
-
-#endif /*_FMUTEX_H_*/
diff --git a/security/nss/lib/fortcrypt/forsock.c b/security/nss/lib/fortcrypt/forsock.c
deleted file mode 100644
index eb4d5ef87..000000000
--- a/security/nss/lib/fortcrypt/forsock.c
+++ /dev/null
@@ -1,816 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "fortsock.h"
-#include "fpkmem.h"
-#include "fmutex.h"
-#include <string.h>
-#include <stdlib.h>
-
-#define DEF_ENCRYPT_SIZE 0x8000
-
-static unsigned char Fortezza_mail_Rb[128] = {
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,1,
-};
-
-int InitSocket (FortezzaSocket *inSocket, int inSlotID) {
- int ci_rv;
- CK_RV mrv;
-
- if (inSocket == NULL)
- return SOCKET_FAILURE;
-
- inSocket->isLoggedIn = PR_FALSE;
- inSocket->personalitiesLoaded = PR_FALSE;
- inSocket->isOpen = PR_FALSE;
- inSocket->personalityList = NULL;
- inSocket->keyRegisters = NULL;
- inSocket->keys = NULL;
- inSocket->numPersonalities = 0;
- inSocket->numKeyRegisters = 0;
- inSocket->hitCount = 0;
-
- inSocket->slotID = inSlotID;
- ci_rv = MACI_GetSessionID(&(inSocket->maciSession));
- if (ci_rv != CI_OK)
- return SOCKET_FAILURE;
-
- ci_rv = MACI_Open (inSocket->maciSession, 0, inSlotID);
- if (ci_rv == CI_OK) {
- inSocket->isOpen = PR_TRUE;
- } else {
- MACI_Close (inSocket->maciSession, CI_NULL_FLAG, inSlotID);
- }
-
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&inSocket->registersLock);
- if (mrv != CKR_OK) {
- inSocket->registersLock = NULL;
- }
- } else {
- inSocket->registersLock = NULL;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int FreeSocket (FortezzaSocket *inSocket) {
- if (inSocket->registersLock) {
- FMUTEX_Destroy(inSocket->registersLock);
- }
- MACI_Close(inSocket->maciSession, CI_NULL_FLAG, inSocket->slotID);
- return SOCKET_SUCCESS;
-}
-
-int LoginToSocket (FortezzaSocket *inSocket, int inUserType, CI_PIN inPin) {
- int ci_rv, i;
- CI_STATUS ciStatus;
- CI_CONFIG ciConfig;
- FortezzaKey **oldRegisters, **newRegisters;
- int oldCount;
- HSESSION hs;
-
- if (inSocket == NULL || inSocket->isLoggedIn)
- return SOCKET_FAILURE;
-
- hs = inSocket->maciSession;
- ci_rv = MACI_Select (hs, inSocket->slotID);
- if (ci_rv != CI_OK)
- return ci_rv;
-
- ci_rv = MACI_CheckPIN(hs, inUserType, inPin);
-
- if (ci_rv != CI_OK) {
- return ci_rv;
- }
-
- ci_rv = MACI_GetStatus(hs, &ciStatus);
-
- if (ci_rv != CI_OK) {
- if (ci_rv == CI_FAIL) {
- ci_rv = CI_EXEC_FAIL;
- }
- return ci_rv;
- }
-
- ci_rv = MACI_GetConfiguration(hs, &ciConfig);
- if (ci_rv != CI_OK) {
- return ci_rv;
- }
-
- inSocket->isLoggedIn = PR_TRUE;
- inSocket->hasLoggedIn = PR_TRUE;
- PORT_Memcpy (inSocket->openCardSerial, ciStatus.SerialNumber,
- sizeof (CI_SERIAL_NUMBER));
- inSocket->openCardState = ciStatus.CurrentState;
- inSocket->numPersonalities = ciStatus.CertificateCount;
- inSocket->numKeyRegisters = ciConfig.KeyRegisterCount;
- newRegisters =
- (FortezzaKey**)PORT_Alloc (sizeof(FortezzaKey)*ciConfig.KeyRegisterCount);
-
- FMUTEX_Lock(inSocket->registersLock);
- oldRegisters = inSocket->keyRegisters;
- oldCount = inSocket->numKeyRegisters;
- inSocket->keyRegisters = newRegisters;
- if (oldRegisters) {
- for (i=0; i<oldCount; i++) {
- if (oldRegisters[i]) {
- oldRegisters[i]->keyRegister = KeyNotLoaded;
- }
- oldRegisters[i] = NULL;
- }
- PORT_Free(oldRegisters);
- }
-
- if (inSocket->keyRegisters == NULL) {
- FMUTEX_Unlock(inSocket->registersLock);
- return SOCKET_FAILURE;
- }
-
- for (i=0; i<ciConfig.KeyRegisterCount; i++) {
- inSocket->keyRegisters[i] = NULL;
- }
- FMUTEX_Unlock(inSocket->registersLock);
-
- return SOCKET_SUCCESS;
-}
-
-int LogoutFromSocket (FortezzaSocket *inSocket) {
- if (inSocket == NULL)
- return SOCKET_FAILURE;
-
- inSocket->isLoggedIn = PR_FALSE;
- inSocket->hasLoggedIn = PR_FALSE;
- if (UnloadPersonalityList(inSocket) != SOCKET_SUCCESS)
- return SOCKET_FAILURE;
-
-
- return SOCKET_SUCCESS;
-}
-
-
-int FetchPersonalityList(FortezzaSocket *inSocket) {
- int rv;
-
- if (inSocket == NULL || inSocket->numPersonalities == 0) {
- return SOCKET_FAILURE;
- }
-
- rv = MACI_Select (inSocket->maciSession, inSocket->slotID);
-
- inSocket->personalityList =
- (CI_PERSON*)PORT_Alloc (sizeof(CI_PERSON)*inSocket->numPersonalities);
-
- if (inSocket->personalityList == NULL) {
- return SOCKET_FAILURE;
- }
-
- rv = MACI_GetPersonalityList(inSocket->maciSession,
- inSocket->numPersonalities,
- inSocket->personalityList);
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- inSocket->personalitiesLoaded = PR_TRUE;
- return SOCKET_SUCCESS;
-}
-
-int UnloadPersonalityList(FortezzaSocket *inSocket) {
- if (inSocket == NULL)
- return SOCKET_FAILURE;
-
- inSocket->personalitiesLoaded = PR_FALSE;
- if (inSocket->personalityList) {
- PORT_Free(inSocket->personalityList);
- }
- inSocket->numPersonalities = 0;
- inSocket->personalityList = NULL;
-
- return SOCKET_SUCCESS;
-}
-
-PRBool SocketIsLoggedIn(CI_STATE status) {
-
- return (PRBool)((status == CI_READY) || (status == CI_STANDBY));
-}
-
-PRBool SocketStateUnchanged(FortezzaSocket* inSocket) {
- CI_STATUS ciStatus;
- int ciRV;
-
- ciRV = MACI_Select (inSocket->maciSession, inSocket->slotID);
- if (ciRV != CI_OK)
- return PR_FALSE;
-
- if (inSocket->hasLoggedIn && !inSocket->isLoggedIn)
- return PR_FALSE; /* User Logged out from the socket */
-
- /*
- * Some vendor cards are slow. so if we think we are logged in,
- * and the card still thinks we're logged in, we must have the same
- * card.
- */
- if (inSocket->isLoggedIn) {
- CI_STATE state;
- ciRV = MACI_GetState(inSocket->maciSession, &state);
- if (ciRV != CI_OK) return PR_FALSE;
-
- return SocketIsLoggedIn(state);
- }
-
- ciRV = MACI_GetStatus(inSocket->maciSession, &ciStatus);
- if(ciRV != CI_OK) {
- return PR_FALSE;
- }
- if (inSocket->isLoggedIn) {
- if (PORT_Memcmp(ciStatus.SerialNumber, inSocket->openCardSerial,
- sizeof (CI_SERIAL_NUMBER)) != 0)
- return PR_FALSE; /* Serial Number of card in slot has changed */
- /* Probably means there is a new card */
- }
-
- if (inSocket->isLoggedIn && !SocketIsLoggedIn(ciStatus.CurrentState))
- return PR_FALSE; /* State of card changed. */
- /* Probably re-inserted same card */
-
- return PR_TRUE; /* No change in the state of the socket */
-}
-
-/*
- * can we regenerate this key on the fly?
- */
-static PRBool
-FortezzaIsRegenerating(FortezzaKey *key) {
- /* TEK's are the only type of key that can't be regenerated */
- if (key->keyType != TEK) return PR_TRUE;
- /* Client TEK's can never be regenerated */
- if (key->keyData.tek.flags == CI_INITIATOR_FLAG) return PR_FALSE;
- /* Only Server TEK's that use the Mail protocol can be regenerated */
- return ((PRBool)(memcmp(key->keyData.tek.Rb,Fortezza_mail_Rb,
- sizeof(key->keyData.tek.Rb)) == 0));
-}
-
-int GetBestKeyRegister(FortezzaSocket *inSocket) {
- int i, candidate = -1, candidate2 = 1;
- CK_ULONG minHitCount = 0xffffffff;
- CK_ULONG minRegHitCount = 0xffffffff;
- FortezzaKey **registers;
-
- registers = inSocket->keyRegisters;
- for (i=1; i< inSocket->numKeyRegisters; i++) {
- if (registers[i] == NULL)
- return i;
- }
-
- for (i=1; i < inSocket->numKeyRegisters; i++) {
- if (registers[i]->hitCount < minHitCount) {
- minHitCount = registers[i]->hitCount;
- candidate2 = i;
- }
-
- if (FortezzaIsRegenerating(registers[i]) &&
- (registers[i]->hitCount < minRegHitCount)) {
- minRegHitCount = registers[i]->hitCount;
- candidate = i;
- }
- }
-
- if (candidate == -1)
- candidate = candidate2;
-
- return candidate;
-}
-
-int SetFortezzaKeyHandle (FortezzaKey *inKey, CK_OBJECT_HANDLE inHandle) {
- inKey->keyHandle = inHandle;
- return SOCKET_SUCCESS;
-}
-
-void
-RemoveKey (FortezzaKey *inKey) {
- if (inKey != NULL && inKey->keySocket->keyRegisters != NULL) {
- if (inKey->keyRegister != KeyNotLoaded) {
- FortezzaKey **registers = inKey->keySocket->keyRegisters;
- registers[inKey->keyRegister] = NULL;
- MACI_DeleteKey(inKey->keySocket->maciSession, inKey->keyRegister);
- }
-
- PORT_Free(inKey);
- }
-}
-
-FortezzaKey *NewFortezzaKey(FortezzaSocket *inSocket,
- FortezzaKeyType inKeyType,
- CreateTEKInfo *TEKinfo,
- int inKeyRegister) {
- FortezzaKey *newKey, *oldKey;
- FortezzaKey **registers;
- HSESSION hs = inSocket->maciSession;
- int ciRV;
-
- newKey = (FortezzaKey*)PORT_Alloc (sizeof(FortezzaKey));
- if (newKey == NULL) {
- return NULL;
- }
-
- newKey->keyHandle = 0;
- newKey->keyRegister = KeyNotLoaded;
- newKey->keyType = inKeyType;
- newKey->keySocket = inSocket;
- newKey->hitCount = 0;
- newKey->id = TEKinfo ? TEKinfo->personality : 0;
-
- if (inKeyType != Ks && inSocket->keyRegisters) {
- registers = inSocket->keyRegisters;
- oldKey = registers[inKeyRegister];
- if (oldKey != NULL) {
- oldKey->keyRegister = KeyNotLoaded;
- }
-
- registers[inKeyRegister] = newKey;
- newKey->hitCount = inSocket->hitCount++;
-
- MACI_DeleteKey (hs, inKeyRegister);
- }
- newKey->keyRegister = inKeyRegister;
-
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- switch (inKeyType) {
- case MEK:
- ciRV = MACI_GenerateMEK (hs, inKeyRegister, 0);
- if (ciRV != CI_OK) {
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
- MACI_WrapKey(hs, 0, inKeyRegister, newKey->keyData.mek);
- break;
- case TEK:
- PORT_Memcpy (newKey->keyData.tek.Rb, TEKinfo->Rb, TEKinfo->randomLen);
- PORT_Memcpy (newKey->keyData.tek.Ra, TEKinfo->Ra, TEKinfo->randomLen);
- PORT_Memcpy (newKey->keyData.tek.pY, TEKinfo->pY, TEKinfo->YSize);
- newKey->keyData.tek.ySize = TEKinfo->YSize;
- newKey->keyData.tek.randomLen = TEKinfo->randomLen;
- newKey->keyData.tek.registerIndex = TEKinfo->personality;
- newKey->keyData.tek.flags = TEKinfo->flag;
-
- ciRV = MACI_SetPersonality(hs,TEKinfo->personality);
- if (ciRV != CI_OK) {
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
- ciRV = MACI_GenerateTEK(hs, TEKinfo->flag, inKeyRegister,
- newKey->keyData.tek.Ra, TEKinfo->Rb,
- TEKinfo->YSize, TEKinfo->pY);
- if (ciRV != CI_OK) {
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
-
-
- break;
- case Ks:
- break;
- default:
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
- MACI_Unlock(hs);
- return newKey;
-}
-
-FortezzaKey *NewUnwrappedKey(int inKeyRegister, int id,
- FortezzaSocket *inSocket) {
- FortezzaKey *newKey;
-
- newKey = (FortezzaKey*)PORT_Alloc (sizeof(FortezzaKey));
- if (newKey == NULL) {
- return NULL;
- }
-
- newKey->keyRegister = inKeyRegister;
- newKey->keyType = UNWRAP;
- newKey->keySocket = inSocket;
- newKey->id = id;
- newKey->hitCount = inSocket->hitCount++;
- MACI_WrapKey(inSocket->maciSession,0 , inKeyRegister, newKey->keyData.mek);
- inSocket->keyRegisters[inKeyRegister] = newKey;
-
- return newKey;
-}
-
-int LoadKeyIntoRegister (FortezzaKey *inKey) {
- int registerIndex = GetBestKeyRegister(inKey->keySocket);
- FortezzaSocket *socket = inKey->keySocket;
- FortezzaKey **registers = socket->keyRegisters;
- HSESSION hs = socket->maciSession;
- FortezzaTEK *tek = &inKey->keyData.tek;
- FortezzaKey *oldKey;
- int rv = CI_FAIL;
-
- if (inKey->keyRegister != KeyNotLoaded) {
- return inKey->keyRegister;
- }
-
- oldKey = registers[registerIndex];
-
- MACI_Select(hs, socket->slotID);
- if (oldKey) {
- oldKey->keyRegister = KeyNotLoaded;
- }
- MACI_DeleteKey (hs, registerIndex);
-
- switch (inKey->keyType) {
- case TEK:
- if (!FortezzaIsRegenerating(inKey)) {
- return KeyNotLoaded;
- }
- if (MACI_SetPersonality(hs, tek->registerIndex) == CI_OK) {
- rv = MACI_GenerateTEK (hs, tek->flags, registerIndex,
- tek->Ra, tek->Rb, tek->ySize,
- tek->pY);
- }
- if (rv != CI_OK)
- return KeyNotLoaded;
- break;
- case MEK:
- case UNWRAP:
- rv = MACI_UnwrapKey (hs, 0, registerIndex, inKey->keyData.mek);
- if (rv != CI_OK)
- return KeyNotLoaded;
- break;
- default:
- return KeyNotLoaded;
- }
- inKey->keyRegister = registerIndex;
- registers[registerIndex] = inKey;
-
- return registerIndex;
-}
-
-int InitCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation) {
- inContext->cryptoOperation = inCryptoOperation;
- return SOCKET_SUCCESS;
-}
-
-int EndCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation) {
- if (inCryptoOperation != inContext->cryptoOperation) {
- return SOCKET_FAILURE;
- }
- inContext->cryptoOperation = None;
- return SOCKET_SUCCESS;
-}
-
-CryptoType GetCryptoOperation (FortezzaContext *inContext) {
- return inContext->cryptoOperation;
-}
-
-void InitContext(FortezzaContext *inContext, FortezzaSocket *inSocket,
- CK_OBJECT_HANDLE hKey) {
- inContext->fortezzaKey = NULL;
- inContext->fortezzaSocket = inSocket;
- inContext->session = NULL;
- inContext->mechanism = NO_MECHANISM;
- inContext->userRamSize = 0;
- inContext->cryptoOperation = None;
- inContext->hKey = hKey;
-}
-
-extern PRBool fort11_FortezzaIsUserCert(unsigned char *label);
-
-static int
-GetValidPersonality (FortezzaSocket *inSocket) {
- int index = -1; /* return an invalid personalidyt if one isn't found */
- int i;
- PRBool unLoadList = PR_FALSE;
- int numPersonalities = 0;
-
- if (!inSocket->personalitiesLoaded) {
- numPersonalities = inSocket->numPersonalities;
- FetchPersonalityList (inSocket);
- unLoadList = PR_TRUE;
- }
-
- for (i=0; i<inSocket->numPersonalities; i++) {
- if (fort11_FortezzaIsUserCert(inSocket->personalityList[i].CertLabel)) {
- index = inSocket->personalityList[i].CertificateIndex;
- break;
- }
- }
-
- if (unLoadList) {
- UnloadPersonalityList(inSocket);
- /* UnloadPersonality sets numPersonalities to zero,
- * so we set it back to what it was when this function
- * was called.
- */
- inSocket->numPersonalities = numPersonalities;
- }
- return index;
-}
-
-int RestoreState (FortezzaContext *inContext, CryptoType inType) {
- FortezzaKey *key = inContext->fortezzaKey;
- FortezzaSocket *socket = inContext->fortezzaSocket;
- HSESSION hs = socket->maciSession;
- CI_IV bogus_iv;
- int rv, cryptoType = -1;
- int personality = inContext->fortezzaKey->id;
-
- if (key == NULL)
- return SOCKET_FAILURE;
-
- if (personality == 0) {
- personality = GetValidPersonality (socket);
- }
- rv = MACI_SetPersonality(hs, personality);
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
- /*
- * The cards need to have some state bits set because
- * save and restore don't necessarily save all the state.
- * Instead of fixing the cards, they decided to change the
- * protocol :(.
- */
- switch (inType) {
- case Encrypt:
- rv = MACI_SetKey(hs, key->keyRegister);
- if (rv != CI_OK)
- break;
- rv = MACI_GenerateIV (hs, bogus_iv);
- cryptoType = CI_ENCRYPT_EXT_TYPE;
- break;
- case Decrypt:
- rv = MACI_SetKey(hs, key->keyRegister);
- rv = MACI_LoadIV (hs, inContext->cardIV);
- cryptoType = CI_DECRYPT_EXT_TYPE;
- break;
- default:
- rv = CI_INV_POINTER;
- break;
- }
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
- /*PORT_Assert(cryptoType != -1); */
-
- rv = MACI_Restore(hs, cryptoType, inContext->cardState);
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int SaveState (FortezzaContext *inContext, CI_IV inIV,
- PK11Session *inSession, FortezzaKey *inKey,
- int inCryptoType, CK_MECHANISM_TYPE inMechanism){
- int ciRV;
- FortezzaSocket *socket = inContext->fortezzaSocket;
- HSESSION hs = socket->maciSession;
- CI_CONFIG ciConfig;
-
- ciRV = MACI_Select (hs, socket->slotID);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
- inContext->session = inSession;
- inContext->fortezzaKey = inKey;
- inContext->mechanism = inMechanism;
- PORT_Memcpy (inContext->cardIV, inIV, sizeof (CI_IV));
- ciRV = MACI_Save(hs, inCryptoType, inContext->cardState);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
- ciRV = MACI_GetConfiguration (hs, &ciConfig);
- if (ciRV == CI_OK) {
- inContext->userRamSize = ciConfig.LargestBlockSize;
- }
-
- if (inContext->userRamSize == 0) inContext->userRamSize = 0x4000;
-
- return SOCKET_SUCCESS;
-}
-
-int SocketSaveState (FortezzaContext *inContext, int inCryptoType) {
- int ciRV;
-
- ciRV = MACI_Save (inContext->fortezzaSocket->maciSession, inCryptoType,
- inContext->cardState);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
- return SOCKET_SUCCESS;
-}
-
-int DecryptData (FortezzaContext *inContext,
- CK_BYTE_PTR inData,
- CK_ULONG inDataLen,
- CK_BYTE_PTR inDest,
- CK_ULONG inDestLen) {
- FortezzaSocket *socket = inContext->fortezzaSocket;
- FortezzaKey *key = inContext->fortezzaKey;
- HSESSION hs = socket->maciSession;
- CK_ULONG defaultEncryptSize;
- CK_ULONG left = inDataLen;
- CK_BYTE_PTR loopin, loopout;
- int rv = CI_OK;
-
- MACI_Select (hs, socket->slotID);
-
- defaultEncryptSize = (inContext->userRamSize > DEF_ENCRYPT_SIZE)
- ? DEF_ENCRYPT_SIZE : inContext->userRamSize;
-
- if (key->keyRegister == KeyNotLoaded) {
- rv = LoadKeyIntoRegister(key);
- if (rv == KeyNotLoaded) {
- return SOCKET_FAILURE;
- }
- }
-
- key->hitCount = socket->hitCount++;
- loopin = inData;
- loopout = inDest;
- left = inDataLen;
- rv = CI_OK;
-
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- RestoreState (inContext, Decrypt);
-
- while ((left > 0) && (rv == CI_OK)) {
- CK_ULONG current = (left > defaultEncryptSize)
- ? defaultEncryptSize : left;
- rv = MACI_Decrypt(hs, current, loopin, loopout);
- loopin += current;
- loopout += current;
- left -= current;
- }
-
- MACI_Unlock(hs);
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
-
- rv = SocketSaveState (inContext, CI_DECRYPT_EXT_TYPE);
- if (rv != SOCKET_SUCCESS) {
- return rv;
- }
-
-
- return SOCKET_SUCCESS;
-}
-
-int EncryptData (FortezzaContext *inContext,
- CK_BYTE_PTR inData,
- CK_ULONG inDataLen,
- CK_BYTE_PTR inDest,
- CK_ULONG inDestLen) {
- FortezzaSocket *socket = inContext->fortezzaSocket;
- FortezzaKey *key = inContext->fortezzaKey;
- HSESSION hs = socket->maciSession;
- CK_ULONG defaultEncryptSize;
- CK_ULONG left = inDataLen;
- CK_BYTE_PTR loopin, loopout;
- int rv = CI_OK;
-
- MACI_Select (hs, socket->slotID);
-
- defaultEncryptSize = (inContext->userRamSize > DEF_ENCRYPT_SIZE)
- ? DEF_ENCRYPT_SIZE : inContext->userRamSize;
- if (key->keyRegister == KeyNotLoaded) {
- rv = LoadKeyIntoRegister(key);
- if (rv == KeyNotLoaded) {
- return rv;
- }
- }
-
- key->hitCount = socket->hitCount++;
- loopin = inData;
- loopout = inDest;
-
- RestoreState (inContext,Encrypt);
-
- rv = CI_OK;
- while ((left > 0) && (rv == CI_OK)) {
- CK_ULONG current = (left > defaultEncryptSize) ? defaultEncryptSize :
- left;
- rv = MACI_Encrypt(hs, current, loopin, loopout);
- loopin += current;
- loopout += current;
- left -= current;
- }
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- rv = SocketSaveState (inContext, CI_ENCRYPT_EXT_TYPE);
- if (rv != SOCKET_SUCCESS) {
- return rv;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int WrapKey (FortezzaKey *wrappingKey, FortezzaKey *srcKey,
- CK_BYTE_PTR pDest, CK_ULONG ulDestLen) {
- int ciRV;
- HSESSION hs = wrappingKey->keySocket->maciSession;
-
- if (wrappingKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(wrappingKey) == KeyNotLoaded) {
- return SOCKET_FAILURE;
- }
- }
-
- if (srcKey->id == 0) srcKey->id = wrappingKey->id;
-
- ciRV = MACI_WrapKey (hs, wrappingKey->keyRegister,
- srcKey->keyRegister, pDest);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int UnwrapKey (CK_BYTE_PTR inWrappedKey, FortezzaKey *inUnwrapKey) {
- int newIndex;
- int ciRV;
- FortezzaSocket *socket = inUnwrapKey->keySocket;
- HSESSION hs = socket->maciSession;
- FortezzaKey *oldKey;
-
- if (inUnwrapKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(inUnwrapKey) == KeyNotLoaded) {
- return KeyNotLoaded;
- }
- }
-
- ciRV = MACI_Select(hs, socket->slotID);
- if (ciRV != CI_OK) {
- return KeyNotLoaded;
- }
-
- newIndex = GetBestKeyRegister(inUnwrapKey->keySocket);
- oldKey = socket->keyRegisters[newIndex];
-
- MACI_Select(hs, socket->slotID);
- if (oldKey) {
- oldKey->keyRegister = KeyNotLoaded;
- socket->keyRegisters[newIndex] = NULL;
- }
- MACI_DeleteKey (hs, newIndex);
- ciRV = MACI_UnwrapKey(hs,inUnwrapKey->keyRegister, newIndex, inWrappedKey);
- if (ciRV != CI_OK) {
- inUnwrapKey->keyRegister = KeyNotLoaded;
- socket->keyRegisters[newIndex] = NULL;
- return KeyNotLoaded;
- }
-
- return newIndex;
-}
-
diff --git a/security/nss/lib/fortcrypt/fortinst.htm b/security/nss/lib/fortcrypt/fortinst.htm
deleted file mode 100644
index 649012c82..000000000
--- a/security/nss/lib/fortcrypt/fortinst.htm
+++ /dev/null
@@ -1,161 +0,0 @@
-<HTML>
-<TITLE>Generic PKCS #11 Installer</TITLE>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-
-<SCRIPT>
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = 0;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-var new_window;
-var has_new_window = 0;
-
-function HandleCipher(checkBox) {
- if (checkBox.checked) {
- pkcs11MechanismFlags |= checkBox.value;
- } else {
- pkcs11MechanismFlags &= ~checkBox.value;
- }
-}
-
-function HandleSSL(checkBox) {
- if (checkBox.checked) {
- pkcs11CipherFlags |= checkBox.value;
- } else {
- pkcs11CipherFlags &= ~checkBox.value;
- }
-}
-
-function colonize(string) {
- len = string.length;
- end = len -1;
-
- if (len == 0) return string;
-
-
- for (i=0; i < len; i++) {
- if (string.charAt(i) == "/") {
- if (i == 0) {
- new_string = ":" + string.substring(1,len);
- } else if (i == end) {
- new_string = string.substring(0,i)+':';
- } else {
- new_string = string.substring(0,i)+':'+
- string.substring(i+1,len);
- }
- string = new_string;
- }
- }
-
- if (string.charAt(0) == ":") string = string.substring(1,len);
- return string;
-}
-
-function DoInstall(name,module) {
- if ((navigator.platform == "MacPPC")
- || (navigator.platform == "Mac68K")) {
- module = colonize(module);
- }
- result = pkcs11.addmodule(name, module,
- pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- }
- if (has_new_window) new_window.close();
-}
-
-default_name = "Netscape FORTEZZA Module"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>FORTEZZA PKCS #11 Installer version 1.5</H2>");
-document.writeln(" Module name: <Input Type=Text Name=modName value=\""+default_name+"\" size=50 required><br>");
-document.writeln(" Module Library: <Input Type=FILE required Name=module><br>");
-document.writeln("<i>Note: If you use the browse button, be sure to change the filter to show all the files (*), not just the HTML files (*.html).</i><p>");
-document.writeln("<hr>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln( "document.instform.modName.value,document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/fortpk11.c b/security/nss/lib/fortcrypt/fortpk11.c
deleted file mode 100644
index e28fd7909..000000000
--- a/security/nss/lib/fortcrypt/fortpk11.c
+++ /dev/null
@@ -1,4553 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * This file implements PKCS 11 for FORTEZZA using MACI
- * drivers. Except for the Mac. They only have CI libraries, so
- * that's what we use there.
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *
- * This implementations queries the MACI to figure out how
- * many slots exist on a given system. There is an artificial boundary
- * of 32 slots, because allocating slots dynamically caused memory
- * problems in the client when first this module was first developed.
- * Some how the heap was being corrupted and we couldn't find out where.
- * Subsequent attempts to allocate dynamic memory caused no problem.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-
-#include "fpkmem.h"
-#include "seccomon.h"
-#include "fpkcs11.h"
-#include "fpkcs11i.h"
-#include "cryptint.h"
-#include "pk11func.h"
-#include "fortsock.h"
-#include "fmutex.h"
-#ifdef notdef
-#include <ctype.h>
-#include <stdio.h>
-#endif
-
-/* sigh */
-#ifndef EOF
-/* stdio was not included */
-extern int sprintf(char *out, char *fmt, ...);
-#endif
-
-#ifdef XP_MAC
-#ifndef __POWERPC__
-#include <A4Stuff.h>
-#endif
-
-
-/* This is not a 4.0 project, so I can't depend on
- * 4.0 defines, so instead I depend on CodeWarrior
- * defines. I define XP_MAC in fpkmem.h
- */
-#if __POWERPC__
-#elif __CFM68K__
-#else
-/* These include are taken fromn npmac.cpp which are used
- * by the plugin group to properly set-up a plug-in for
- * dynamic loading on 68K.
- */
-
-#include <Quickdraw.h>
-
-/*
-** The Mixed Mode procInfos defined in npupp.h assume Think C-
-** style calling conventions. These conventions are used by
-** Metrowerks with the exception of pointer return types, which
-** in Metrowerks 68K are returned in A0, instead of the standard
-** D0. Thus, since NPN_MemAlloc and NPN_UserAgent return pointers,
-** Mixed Mode will return the values to a 68K plugin in D0, but
-** a 68K plugin compiled by Metrowerks will expect the result in
-** A0. The following pragma forces Metrowerks to use D0 instead.
-*/
-#ifdef __MWERKS__
-#ifndef powerc
-#pragma pointers_in_D0
-#endif
-#endif
-
-#ifdef __MWERKS__
-#ifndef powerc
-#pragma pointers_in_A0
-#endif
-#endif
-
-/* The following fix for static initializers fixes a previous
-** incompatibility with some parts of PowerPlant.
-*/
-#ifdef __MWERKS__
-#ifdef __cplusplus
- extern "C" {
-#endif
-#ifndef powerc
- extern void __InitCode__(void);
-#else
- extern void __sinit(void);
-#endif
- extern void __destroy_global_chain(void);
-#ifdef __cplusplus
- }
-#endif /* __cplusplus */
-#endif /* __MWERKS__ */
-
-#endif
-#endif
-
-
-typedef struct {
- unsigned char *data;
- int len;
-} CertItem;
-
-
-/*
- * ******************** Static data *******************************
- */
-
-/* The next three strings must be exactly 32 characters long */
-static char *manufacturerID = "Netscape Communications Corp ";
-static char *libraryDescription = "Communicator Fortezza Crypto Svc";
-
-typedef enum {DSA_KEY, KEA_KEY, V1_KEY, INVALID_KEY } PrivKeyType;
-
-static PK11Slot fort11_slot[NUM_SLOTS];
-static FortezzaSocket fortezzaSockets[NUM_SLOTS];
-static PRBool init = PR_FALSE;
-static CK_ULONG kNumSockets = 0;
-
-#define __PASTE(x,y) x##y
-
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-#define fort11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define fort11_SlotFromSession pk11_SlotFromSession
-#define fort11_isToken pk11_isToken
-
-static CK_FUNCTION_LIST fort11_funcList = {
- { 2, 1 },
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-#define CK_EXTERN
-#define CK_FUNC(name) name,
-#define _CK_RV
-
-#include "fpkcs11f.h"
-
-};
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef _CK_RV
-
-
-#undef __PASTE
-#undef pk11_SlotFromSessionHandle
-#undef pk11_SlotFromID
-
-#define MAJOR_VERSION_MASK 0xFF00
-#define MINOR_VERSION_MASK 0x00FF
-
-/* Mechanisms */
-struct mechanismList {
- CK_MECHANISM_TYPE type;
- CK_MECHANISM_INFO domestic;
- PRBool privkey;
-};
-
-static struct mechanismList mechanisms[] = {
- {CKM_DSA, {512,1024,CKF_SIGN}, PR_TRUE},
- {CKM_SKIPJACK_KEY_GEN, {92, 92, CKF_GENERATE}, PR_TRUE},
- {CKM_SKIPJACK_CBC64, {92, 92, CKF_ENCRYPT | CKF_DECRYPT}, PR_TRUE},
- {CKM_SKIPJACK_WRAP, {92, 92, CKF_WRAP}, PR_TRUE},
- {CKM_KEA_KEY_DERIVE, {128, 128, CKF_DERIVE}, PR_TRUE},
-};
-static CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
-
-/*************Static function prototypes********************************/
-static PRBool fort11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type);
-static void fort11_FreeAttribute(PK11Attribute *attribute);
-static void fort11_DestroyAttribute(PK11Attribute *attribute);
-static PK11Object* fort11_NewObject(PK11Slot *slot);
-static PK11FreeStatus fort11_FreeObject(PK11Object *object);
-static CK_RV fort11_AddAttributeType(PK11Object *object,
- CK_ATTRIBUTE_TYPE type,
- void *valPtr,
- CK_ULONG length);
-static void fort11_AddSlotObject(PK11Slot *slot, PK11Object *object);
-static PK11Attribute* fort11_FindAttribute(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-static PK11Attribute* fort11_NewAttribute(CK_ATTRIBUTE_TYPE type,
- CK_VOID_PTR value, CK_ULONG len);
-static void fort11_DeleteAttributeType(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-static void fort11_AddAttribute(PK11Object *object,
- PK11Attribute *attribute);
-static void fort11_AddObject(PK11Session *session,
- PK11Object *object);
-static PK11Object * fort11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
- PK11Session *session);
-static void fort11_DeleteObject(PK11Session *session,PK11Object *object);
-static CK_RV fort11_DestroyObject(PK11Object *object);
-void fort11_FreeSession(PK11Session *session);
-
-#define FIRST_SLOT_SESS_ID 0x00000100L
-#define ADD_NEXT_SESS_ID 0x00000100L
-#define SLOT_MASK 0x000000FFL
-
-#define FAILED CKR_FUNCTION_FAILED
-
-static void
-fort11_FreeFortezzaKey (void *inFortezzaKey) {
- RemoveKey ((FortezzaKey*) inFortezzaKey);
-}
-
-static void
-fort11_DestroySlotObjects (PK11Slot *slot, PK11Session *session) {
- PK11Object *currObject, *nextObject = NULL, *oldObject;
- int i;
-
- for (i=0; i<HASH_SIZE; i++) {
- currObject = slot->tokObjects[i];
- slot->tokObjects[i] = NULL;
- do {
- FMUTEX_Lock(slot->sessionLock);
-
- if (currObject) {
- nextObject = currObject->next;
- FMUTEX_Lock(currObject->refLock);
- currObject->refCount++;
- FMUTEX_Unlock(currObject->refLock);
- fort11_DeleteObject(session, currObject);
- }
- FMUTEX_Unlock(slot->sessionLock);
- if (currObject) {
- oldObject = currObject;
- currObject = nextObject;
- fort11_FreeObject(oldObject);
- }
- } while (currObject != NULL);
- }
-}
-
-static void
-fort11_TokenRemoved(PK11Slot *slot, PK11Session *session) {
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
-
- LogoutFromSocket (socket);
- slot->isLoggedIn = PR_FALSE;
- if (session && session->notify) {
- /*If no session pointer exists, lots of leaked memory*/
- session->notify (session->handle, CKN_SURRENDER,
- session->appData);
- fort11_FreeSession(session); /* Release the reference held
- * by the slot with the session
- */
- }
-
- fort11_DestroySlotObjects(slot, session);
- fort11_FreeSession(session); /* Release the reference held
- * by the slot with the session
- */
-
- /* All keys will have been freed at this point so we can
- * NULL out this pointer
- */
- socket->keys = NULL;
-
-}
-
-PRBool
-fort11_FortezzaIsUserCert(unsigned char * label) {
-
- if ( (!PORT_Memcmp(label, "KEAK", 4)) || /* v3 user certs */
- (!PORT_Memcmp(label, "DSA1", 4)) ||
- (!PORT_Memcmp(label, "DSAI", 4)) ||
- (!PORT_Memcmp(label, "DSAO", 4)) ||
- (!PORT_Memcmp(label, "INKS", 4)) || /* v1 user certs */
- (!PORT_Memcmp(label, "INKX", 4)) ||
- (!PORT_Memcmp(label, "ONKS", 4)) ||
- (!PORT_Memcmp(label, "ONKX", 4)) ||
- (!PORT_Memcmp(label, "3IXS", 4)) || /* old v3 user certs */
- (!PORT_Memcmp(label, "3OXS", 4)) ||
- (!PORT_Memcmp(label, "3IKX", 4)) ) {
-
- return PR_TRUE;
-
- } else { return PR_FALSE; }
-
-}
-
-static PRBool
-fort11_FortezzaIsACert(unsigned char * label) {
- if (label == NULL) return PR_FALSE;
-
- if ( (!PORT_Memcmp(label, "DSA1", 4)) || /* v3 certs */
- (!PORT_Memcmp(label, "DSAI", 4)) ||
- (!PORT_Memcmp(label, "DSAO", 4)) ||
- (!PORT_Memcmp(label, "DSAX", 4)) ||
- (!PORT_Memcmp(label, "KEAK", 4)) ||
- (!PORT_Memcmp(label, "KEAX", 4)) ||
- (!PORT_Memcmp(label, "CAX1", 4)) ||
- (!PORT_Memcmp(label, "PCA1", 4)) ||
- (!PORT_Memcmp(label, "PAA1", 4)) ||
- (!PORT_Memcmp(label, "ICA1", 4)) ||
-
- (!PORT_Memcmp(label, "3IXS", 4)) || /* old v3 certs */
- (!PORT_Memcmp(label, "3OXS", 4)) ||
- (!PORT_Memcmp(label, "3CAX", 4)) ||
- (!PORT_Memcmp(label, "3IKX", 4)) ||
- (!PORT_Memcmp(label, "3PCA", 4)) ||
- (!PORT_Memcmp(label, "3PAA", 4)) ||
- (!PORT_Memcmp(label, "3ICA", 4)) ||
-
- (!PORT_Memcmp(label, "INKS", 4)) || /* v1 certs */
- (!PORT_Memcmp(label, "INKX", 4)) ||
- (!PORT_Memcmp(label, "ONKS", 4)) ||
- (!PORT_Memcmp(label, "ONKX", 4)) ||
- (!PORT_Memcmp(label, "RRXX", 4)) ||
- (!PORT_Memcmp(label, "RTXX", 4)) ||
- (!PORT_Memcmp(label, "LAXX", 4)) ) {
-
- return PR_TRUE;
-
- }
-
- return PR_FALSE;
-}
-
-static
-int fort11_cert_length(unsigned char *buf, int length) {
- unsigned char tag;
- int used_length= 0;
- int data_length;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return 0;
- }
-
- data_length = buf[used_length++];
-
- if (data_length&0x80) {
- int len_count = data_length & 0x7f;
-
- data_length = 0;
-
- while (len_count-- > 0) {
- data_length = (data_length << 8) | buf[used_length++];
- }
- }
-
- if (data_length > (length-used_length) ) {
- return length;
- }
-
- return (data_length + used_length);
-}
-
-unsigned char *fort11_data_start(unsigned char *buf, int length,
- int *data_length, PRBool includeTag) {
- unsigned char tag;
- int used_length= 0;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return NULL;
- }
-
- *data_length = buf[used_length++];
-
- if (*data_length&0x80) {
- int len_count = *data_length & 0x7f;
-
- *data_length = 0;
-
- while (len_count-- > 0) {
- *data_length = (*data_length << 8) | buf[used_length++];
- }
- }
-
- if (*data_length > (length-used_length) ) {
- *data_length = length-used_length;
- return NULL;
- }
- if (includeTag) *data_length += used_length;
-
- return (buf + (includeTag ? 0 : used_length));
-}
-
-int
-fort11_GetCertFields(unsigned char *cert,int cert_length,CertItem *issuer,
- CertItem *serial,CertItem *subject)
-{
- unsigned char *buf;
- int buf_length;
- unsigned char *date;
- int datelen;
-
- /* get past the signature wrap */
- buf = fort11_data_start(cert,cert_length,&buf_length,PR_FALSE);
- if (buf == NULL) return FAILED;
- /* get into the raw cert data */
- buf = fort11_data_start(buf,buf_length,&buf_length,PR_FALSE);
- if (buf == NULL) return FAILED;
- /* skip past any optional version number */
- if ((buf[0] & 0xa0) == 0xa0) {
- date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
- if (date == NULL) return FAILED;
- buf_length -= (date-buf) + datelen;
- buf = date + datelen;
- }
- /* serial number */
- serial->data = fort11_data_start(buf,buf_length,&serial->len,PR_FALSE);
- if (serial->data == NULL) return FAILED;
- buf_length -= (serial->data-buf) + serial->len;
- buf = serial->data + serial->len;
- /* skip the OID */
- date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
- if (date == NULL) return FAILED;
- buf_length -= (date-buf) + datelen;
- buf = date + datelen;
- /* issuer */
- issuer->data = fort11_data_start(buf,buf_length,&issuer->len,PR_TRUE);
- if (issuer->data == NULL) return FAILED;
- buf_length -= (issuer->data-buf) + issuer->len;
- buf = issuer->data + issuer->len;
- /* skip the date */
- date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
- if (date == NULL) return FAILED;
- buf_length -= (date-buf) + datelen;
- buf = date + datelen;
- /*subject */
- subject->data=fort11_data_start(buf,buf_length,&subject->len,PR_TRUE);
- if (subject->data == NULL) return FAILED;
- buf_length -= (subject->data-buf) + subject->len;
- buf = subject->data +subject->len;
- /*subject */
- return CKR_OK;
-}
-
-/* quick tohex function to get rid of scanf */
-static
-int fort11_tohex(char *s) {
- int val = 0;
-
- for(;*s;s++) {
- if ((*s >= '0') && (*s <= '9')) {
- val = (val << 4) + (*s - '0');
- continue;
- } else if ((*s >= 'a') && (*s <= 'f')) {
- val = (val << 4) + (*s - 'a') + 10;
- continue;
- } else if ((*s >= 'A') && (*s <= 'F')) {
- val = (val << 4) + (*s - 'A') + 10;
- continue;
- }
- break;
- }
- return val;
-}
-
-/* only should be called for V3 KEA cert labels. */
-
-static int
-fort11_GetSibling(CI_CERT_STR label) {
-
- int value = 0;
- char s[3];
-
- label +=4;
-
- strcpy(s,"00");
- memcpy(s, label, 2);
- value = fort11_tohex(s);
-
- /* sibling of 255 means no sibling */
- if (value == 255) {
- value = -1;
- }
-
- return value;
-}
-
-
-static PrivKeyType
-fort11_GetKeyType(CI_CERT_STR label) {
- if (label == NULL) return INVALID_KEY;
-
- if ( (!PORT_Memcmp(label, "DSA1", 4)) || /* v3 certs */
- (!PORT_Memcmp(label, "DSAI", 4)) ||
- (!PORT_Memcmp(label, "DSAO", 4)) ||
- (!PORT_Memcmp(label, "3IXS", 4)) || /* old v3 certs */
- (!PORT_Memcmp(label, "3OXS", 4)) ) {
-
- return DSA_KEY;
- }
-
-
- if ( (!PORT_Memcmp(label, "KEAK", 4)) ||
- (!PORT_Memcmp(label, "3IKX", 4)) ) {
- return KEA_KEY;
- }
-
- if ( (!PORT_Memcmp(label, "INKS", 4)) || /* V1 Certs*/
- (!PORT_Memcmp(label, "INKX", 4)) ||
- (!PORT_Memcmp(label, "ONKS", 4)) ||
- (!PORT_Memcmp(label, "ONKX", 4)) ||
- (!PORT_Memcmp(label, "RRXX", 4)) ||
- (!PORT_Memcmp(label, "RTXX", 4)) ||
- (!PORT_Memcmp(label, "LAXX", 4)) ) {
-
- return V1_KEY;
- }
-
- return INVALID_KEY;
-}
-
-static CK_RV
-fort11_ConvertToDSAKey(PK11Object *privateKey, PK11Slot *slot) {
- CK_KEY_TYPE key_type = CKK_DSA;
- CK_BBOOL cktrue = TRUE;
- CK_BBOOL ckfalse = FALSE;
- CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
- CK_CHAR label[] = "A DSA Private Key";
-
-
- /* Fill in the common Default values */
- if (fort11_AddAttributeType(privateKey,CKA_START_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey,CKA_END_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey,CKA_SUBJECT, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_CLASS, &privClass,
- sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_KEY_TYPE, &key_type,
- sizeof(CK_KEY_TYPE)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_TOKEN, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_LABEL, label,
- PORT_Strlen((char*)label)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SENSITIVE, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SIGN, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(privateKey, CKA_DERIVE, &cktrue,
- sizeof(cktrue)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_LOCAL, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_DECRYPT, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SIGN_RECOVER, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_UNWRAP, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_EXTRACTABLE, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_ALWAYS_SENSITIVE, &cktrue,
- sizeof(cktrue)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_NEVER_EXTRACTABLE, &cktrue,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_PRIME, NULL, 0) != CKR_OK){
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SUBPRIME, NULL, 0) != CKR_OK){
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_BASE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_VALUE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_PRIVATE, &cktrue,
- sizeof(cktrue)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_MODIFIABLE,&ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- FMUTEX_Lock(slot->objectLock);
- privateKey->handle = slot->tokenIDCount++;
- privateKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- privateKey->objclass = privClass;
- privateKey->slot = slot;
- privateKey->inDB = PR_TRUE;
-
-
- return CKR_OK;
-}
-
-static int
-fort11_LoadRootPAAKey(PK11Slot *slot, PK11Session *session) {
- CK_OBJECT_CLASS theClass = CKO_SECRET_KEY;
- int id = 0;
- CK_BBOOL True = TRUE;
- CK_BBOOL False = FALSE;
- CK_CHAR label[] = "Trusted Root PAA Key";
- PK11Object *rootKey;
- FortezzaKey *newKey;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
-
- /*Don't know the key type. Does is matter?*/
-
- rootKey = fort11_NewObject(slot);
-
- if (rootKey == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_CLASS, &theClass,
- sizeof(theClass)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_TOKEN, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_LABEL, label,
- sizeof(label)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_PRIVATE, &True,
- sizeof (True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey,CKA_MODIFIABLE, &False,
- sizeof(False)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_ID, &id,
- sizeof(int)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_DERIVE, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_SENSITIVE, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- FMUTEX_Lock(slot->objectLock);
- rootKey->handle = slot->tokenIDCount++;
- rootKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
-
- rootKey->objclass = theClass;
- rootKey->slot = slot;
- rootKey->inDB = PR_TRUE;
-
- newKey = NewFortezzaKey(socket, Ks, NULL, 0);
- if (newKey == NULL) {
- fort11_FreeObject(rootKey);
- return CKR_HOST_MEMORY;
- }
-
- rootKey->objectInfo = (void*)newKey;
- rootKey->infoFree = fort11_FreeFortezzaKey;
- fort11_AddObject(session, rootKey);
-
- return CKR_OK;
-}
-
-static CK_RV
-fort11_ConvertToKEAKey (PK11Object *privateKey, PK11Slot *slot) {
- CK_OBJECT_CLASS theClass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keyType = CKK_KEA;
- CK_CHAR label[] = "A KEA private key Object";
- CK_BBOOL True = TRUE;
- CK_BBOOL False = FALSE;
-
- if (fort11_AddAttributeType(privateKey, CKA_CLASS, &theClass,
- sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_KEY_TYPE, &keyType,
- sizeof (CK_KEY_TYPE)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_TOKEN, &True,
- sizeof(CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_LABEL, label,
- PORT_Strlen((char*)label)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_SENSITIVE,
- &True, sizeof(CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_DERIVE,
- &True, sizeof(CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_PRIVATE, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_START_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_END_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_LOCAL, &False,
- sizeof(False)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- FMUTEX_Lock(slot->objectLock);
- privateKey->handle = slot->tokenIDCount++;
- privateKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- privateKey->objclass = theClass;
- privateKey->slot = slot;
- privateKey->inDB = PR_TRUE;
-
- return CKR_OK;
-}
-
-static CK_RV
-fort11_ConvertToV1Key (PK11Object* privateKey, PK11Slot *slot) {
- CK_RV rv;
- CK_BBOOL True = TRUE;
-
- rv = fort11_ConvertToDSAKey(privateKey, slot);
- if (rv != CKR_OK) {
- return rv;
- }
-
- if (fort11_AddAttributeType(privateKey, CKA_DERIVE, &True,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- return CKR_OK;
-}
-
-static CK_RV
-fort11_NewPrivateKey(PK11Object *privKeyObject, PK11Slot *slot,CI_PERSON currPerson) {
- PrivKeyType keyType = fort11_GetKeyType(currPerson.CertLabel);
- CK_RV rv;
-
- switch (keyType) {
- case DSA_KEY:
- rv = fort11_ConvertToDSAKey(privKeyObject, slot);
- break;
- case KEA_KEY:
- rv = fort11_ConvertToKEAKey(privKeyObject, slot);
- break;
- case V1_KEY:
- rv = fort11_ConvertToV1Key(privKeyObject, slot);
- break;
- default:
- rv = CKR_GENERAL_ERROR;
- break;
- }
- return rv;
-}
-
-
-PRBool
-fort11_LoadCertObjectForSearch(CI_PERSON currPerson, PK11Slot *slot,
- PK11Session *session, CI_PERSON *pers_array) {
- PK11Object *certObject, *privKeyObject;
- PK11Attribute *attribute, *newAttribute;
- int ci_rv;
- CI_CERTIFICATE cert;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_CERTIFICATE_TYPE certType = CKC_X_509;
- CK_BBOOL cktrue = TRUE;
- CK_BBOOL ckfalse = FALSE;
- CertItem issuer, serial, subject;
- int certSize;
- char nickname[50];
- char *cursor;
- PrivKeyType priv_key;
- int sibling;
-
-
- certObject = fort11_NewObject(slot);
- if (certObject == NULL)
- return PR_FALSE;
-
- ci_rv = MACI_GetCertificate (fortezzaSockets[slot->slotID-1].maciSession,
- currPerson.CertificateIndex, cert);
- if (ci_rv != CI_OK){
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
- ci_rv = fort11_GetCertFields(cert,CI_CERT_SIZE,&issuer,&serial,&subject);
-
- if (ci_rv != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
- if (fort11_AddAttributeType(certObject, CKA_CLASS, &certClass,
- sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
- fort11_FreeObject (certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_TOKEN, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_PRIVATE, &ckfalse,
- sizeof (CK_BBOOL)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
-
- /* check if the label represents a KEA key. if so, the
- nickname should be made the same as the corresponding DSA
- sibling cert. */
-
- priv_key = fort11_GetKeyType(currPerson.CertLabel);
-
- if (priv_key == KEA_KEY) {
- sibling = fort11_GetSibling(currPerson.CertLabel);
-
- /* check for failure of fort11_GetSibling. also check that
- the sibling is not zero. */
-
- if (sibling > 0) {
- /* assign the KEA cert label to be the same as the
- sibling DSA label */
-
- sprintf (nickname, "%s", &pers_array[sibling-1].CertLabel[8] );
- } else {
- sprintf (nickname, "%s", &currPerson.CertLabel[8]);
- }
- } else {
- sprintf (nickname, "%s", &currPerson.CertLabel[8]);
- }
-
- cursor = nickname+PORT_Strlen(nickname)-1;
- while ((*cursor) == ' ') {
- cursor--;
- }
- cursor[1] = '\0';
- if (fort11_AddAttributeType(certObject, CKA_LABEL, nickname,
- PORT_Strlen(nickname)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
-
-
- if (fort11_AddAttributeType(certObject, CKA_CERTIFICATE_TYPE, &certType,
- sizeof(CK_CERTIFICATE_TYPE)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- certSize = fort11_cert_length(cert,CI_CERT_SIZE);
- if (fort11_AddAttributeType (certObject, CKA_VALUE, cert, certSize)
- != CI_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_ISSUER, issuer.data,
- issuer.len) != CKR_OK) {
- fort11_FreeObject (certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_SUBJECT, subject.data,
- subject.len) != CKR_OK) {
- fort11_FreeObject (certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_SERIAL_NUMBER,
- serial.data, serial.len) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- /*Change this to a byte array later*/
- if (fort11_AddAttributeType(certObject, CKA_ID,
- &currPerson.CertificateIndex,
- sizeof(int)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- certObject->objectInfo = NULL;
- certObject->infoFree = NULL;
-
- certObject->objclass = certClass;
- certObject->slot = slot;
- certObject->inDB = PR_TRUE;
-
- FMUTEX_Lock(slot->objectLock);
-
- certObject->handle = slot->tokenIDCount++;
- certObject->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_CERT);
-
- FMUTEX_Unlock(slot->objectLock);
-
- if (fort11_FortezzaIsUserCert (currPerson.CertLabel)) {
- privKeyObject = fort11_NewObject(slot);
- if (fort11_NewPrivateKey(privKeyObject, slot, currPerson) != CKR_OK) {
- fort11_FreeObject(privKeyObject);
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- if(fort11_AddAttributeType(privKeyObject,CKA_ID,
- &currPerson.CertificateIndex,
- sizeof(int)) != CKR_OK) {
- fort11_FreeObject(privKeyObject);
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- attribute = fort11_FindAttribute(certObject,CKA_SUBJECT);
- newAttribute=
- fort11_NewAttribute(pk11_attr_expand(&attribute->attrib));
- fort11_FreeAttribute(attribute);
- if (newAttribute != NULL) {
- fort11_DeleteAttributeType(privKeyObject,
- CKA_SUBJECT);
- fort11_AddAttribute(privKeyObject,
- newAttribute);
- }
- fort11_AddObject (session, privKeyObject);
- }
-
-
- fort11_AddObject (session, certObject);
-
-
- return PR_TRUE;
-}
-
-#define TRUSTED_PAA "00000000Trusted Root PAA"
-
-static int
-fort11_BuildCertObjects(FortezzaSocket *currSocket, PK11Slot *slot,
- PK11Session *session) {
-
- int i;
- CI_PERSON rootPAA;
-
- PORT_Memcpy (rootPAA.CertLabel, TRUSTED_PAA, 1+PORT_Strlen (TRUSTED_PAA));
- rootPAA.CertificateIndex = 0;
-
- if (!fort11_LoadCertObjectForSearch(rootPAA, slot, session,
- currSocket->personalityList)) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_LoadRootPAAKey(slot, session) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- for (i=0 ; i < currSocket->numPersonalities; i++) {
- if (fort11_FortezzaIsACert (currSocket->personalityList[i].CertLabel)){
- if (!fort11_LoadCertObjectForSearch(currSocket->personalityList[i],
- slot, session,
- currSocket->personalityList)){
- return CKR_GENERAL_ERROR;
- }
- }
- }
-
- return CKR_OK;
-}
-
-PK11Slot*
-fort11_SlotFromSessionHandle(CK_SESSION_HANDLE inHandle) {
- CK_SESSION_HANDLE whichSlot = inHandle & SLOT_MASK;
-
- if (whichSlot >= kNumSockets) return NULL_PTR;
-
- return &fort11_slot[whichSlot];
-}
-
-PK11Slot*
-fort11_SlotFromID (CK_SLOT_ID inSlotID) {
- if (inSlotID == 0 || inSlotID > kNumSockets)
- return NULL;
-
- return &fort11_slot[inSlotID-1];
-}
-
-CK_ULONG fort11_firstSessionID (int inSlotNum) {
- return (CK_ULONG)(inSlotNum);
-}
-
-/*
- * Utility to convert passed in PIN to a CI_PIN
- */
-void fort11_convertToCIPin (CI_PIN ciPin,CK_CHAR_PTR pPin, CK_ULONG ulLen) {
- unsigned long i;
-
- for (i=0; i<ulLen; i++) {
- ciPin[i] = pPin[i];
- }
- ciPin[ulLen] = '\0';
-}
-
-
-/*
- * return true if object has attribute
- */
-static PRBool
-fort11_hasAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
-
- FMUTEX_Lock(object->attributeLock);
- pk11queue_find(attribute,type,object->head,HASH_SIZE);
- FMUTEX_Unlock(object->attributeLock);
-
- return (PRBool)(attribute != NULL);
-}
-
-/*
- * create a new attribute with type, value, and length. Space is allocated
- * to hold value.
- */
-static PK11Attribute *
-fort11_NewAttribute(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, CK_ULONG len) {
- PK11Attribute *attribute;
- CK_RV mrv;
-
- attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
- if (attribute == NULL) return NULL;
-
- attribute->attrib.type = type;
- if (value) {
- attribute->attrib.pValue = (CK_VOID_PTR)PORT_Alloc(len);
- if (attribute->attrib.pValue == NULL) {
- PORT_Free(attribute);
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- attribute->handle = type;
- attribute->next = attribute->prev = NULL;
- attribute->refCount = 1;
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create (&attribute->refLock);
- if (mrv != CKR_OK) {
- if (attribute->attrib.pValue) PORT_Free(attribute->attrib.pValue);
- PORT_Free(attribute);
- return NULL;
- }
- } else {
- attribute->refLock = NULL;
- }
-
- return attribute;
-}
-
-/*
- * add an attribute to an object
- */
-static
-void fort11_AddAttribute(PK11Object *object,PK11Attribute *attribute) {
- FMUTEX_Lock (object->attributeLock);
- pk11queue_add(attribute,attribute->handle,object->head,HASH_SIZE);
- FMUTEX_Unlock(object->attributeLock);
-}
-
-static CK_RV
-fort11_AddAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *valPtr,
- CK_ULONG length) {
- PK11Attribute *attribute;
- attribute = fort11_NewAttribute(type,valPtr,length);
- if (attribute == NULL) { return CKR_HOST_MEMORY; }
- fort11_AddAttribute(object,attribute);
- return CKR_OK;
-}
-
-
-
-/* Make sure a given attribute exists. If it doesn't, initialize it to
- * value and len
- */
-static CK_RV
-fort11_forceAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *value,
- unsigned int len) {
- if ( !fort11_hasAttribute(object, type)) {
- return fort11_AddAttributeType(object,type,value,len);
- }
- return CKR_OK;
-}
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when
- * it is no longer needed.
- */
-static PK11Attribute *
-fort11_FindAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
-
- FMUTEX_Lock(object->attributeLock);
- pk11queue_find(attribute,type,object->head,HASH_SIZE);
- if (attribute) {
- /* atomic increment would be nice here */
- FMUTEX_Lock(attribute->refLock);
- attribute->refCount++;
- FMUTEX_Unlock(attribute->refLock);
- }
- FMUTEX_Unlock(object->attributeLock);
-
- return(attribute);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-static PRBool
-fort11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
- PRBool tok = PR_FALSE;
-
- attribute=fort11_FindAttribute(object,type);
- if (attribute == NULL) { return PR_FALSE; }
- tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
- fort11_FreeAttribute(attribute);
-
- return tok;
-}
-
-/*
- * add an object to a slot and session queue
- */
-static
-void fort11_AddSlotObject(PK11Slot *slot, PK11Object *object) {
- FMUTEX_Lock(slot->objectLock);
- pk11queue_add(object,object->handle,slot->tokObjects,HASH_SIZE);
- FMUTEX_Unlock(slot->objectLock);
-}
-
-static
-void fort11_AddObject(PK11Session *session, PK11Object *object) {
- PK11Slot *slot = fort11_SlotFromSession(session);
-
- if (!fort11_isToken(object->handle)) {
- FMUTEX_Lock(session->objectLock);
- pk11queue_add(&object->sessionList,0,session->objects,0);
- FMUTEX_Unlock(session->objectLock);
- }
- fort11_AddSlotObject(slot,object);
-}
-
-/*
- * free all the data associated with an object. Object reference count must
- * be 'zero'.
- */
-static CK_RV
-fort11_DestroyObject(PK11Object *object) {
- int i;
- CK_RV crv = CKR_OK;
-/* PORT_Assert(object->refCount == 0);*/
-
- if (object->label) PORT_Free(object->label);
-
- /* clean out the attributes */
- /* since no one is referencing us, it's safe to walk the chain
- * without a lock */
- for (i=0; i < HASH_SIZE; i++) {
- PK11Attribute *ap,*next;
- for (ap = object->head[i]; ap != NULL; ap = next) {
- next = ap->next;
- /* paranoia */
- ap->next = ap->prev = NULL;
- fort11_FreeAttribute(ap);
- }
- object->head[i] = NULL;
- }
- FMUTEX_Destroy(object->attributeLock);
- FMUTEX_Destroy(object->refLock);
- if (object->objectInfo) {
- (*object->infoFree)(object->objectInfo);
- }
- PORT_Free(object);
- return crv;
-}
-
-
-/*
- * release a reference to an attribute structure
- */
-static void
-fort11_FreeAttribute(PK11Attribute *attribute) {
- PRBool destroy = PR_FALSE;
-
- FMUTEX_Lock(attribute->refLock);
- if (attribute->refCount == 1) destroy = PR_TRUE;
- attribute->refCount--;
- FMUTEX_Unlock(attribute->refLock);
-
- if (destroy) fort11_DestroyAttribute(attribute);
-}
-
-
-/*
- * release a reference to an object handle
- */
-static PK11FreeStatus
-fort11_FreeObject(PK11Object *object) {
- PRBool destroy = PR_FALSE;
- CK_RV crv;
-
- FMUTEX_Lock(object->refLock);
- if (object->refCount == 1) destroy = PR_TRUE;
- object->refCount--;
- FMUTEX_Unlock(object->refLock);
-
- if (destroy) {
- crv = fort11_DestroyObject(object);
- if (crv != CKR_OK) {
- return PK11_DestroyFailure;
- }
- return PK11_Destroyed;
- }
- return PK11_Busy;
-}
-
-static void
-fort11_update_state(PK11Slot *slot,PK11Session *session) {
- if (slot->isLoggedIn) {
- if (slot->ssoLoggedIn) {
- session->info.state = CKS_RW_SO_FUNCTIONS;
- } else if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_USER_FUNCTIONS;
- } else {
- session->info.state = CKS_RO_USER_FUNCTIONS;
- }
- } else {
- if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_PUBLIC_SESSION;
- } else {
- session->info.state = CKS_RO_PUBLIC_SESSION;
- }
- }
-}
-
-/* update the state of all the sessions on a slot */
-static void
-fort11_update_all_states(PK11Slot *slot) {
- int i;
- PK11Session *session;
-
- for (i=0; i < SESSION_HASH_SIZE; i++) {
- FMUTEX_Lock(slot->sessionLock);
- for (session = slot->head[i]; session; session = session->next) {
- fort11_update_state(slot,session);
- }
- FMUTEX_Unlock(slot->sessionLock);
- }
-}
-
-
-/*
- * Create a new object
- */
-static PK11Object *
-fort11_NewObject(PK11Slot *slot) {
- PK11Object *object;
- CK_RV mrv;
- int i;
-
- object = (PK11Object*)PORT_Alloc(sizeof(PK11Object));
- if (object == NULL) return NULL;
-
- object->handle = 0;
- object->next = object->prev = NULL;
- object->sessionList.next = NULL;
- object->sessionList.prev = NULL;
- object->sessionList.parent = object;
- object->inDB = PR_FALSE;
- object->label = NULL;
- object->refCount = 1;
- object->session = NULL;
- object->slot = slot;
- object->objclass = 0xffff;
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&object->refLock);
- if (mrv != CKR_OK) {
- PORT_Free(object);
- return NULL;
- }
- mrv = FMUTEX_Create(&object->attributeLock);
- if (mrv != CKR_OK) {
- FMUTEX_Destroy(object->refLock);
- PORT_Free(object);
- return NULL;
- }
- } else {
- object->attributeLock = NULL;
- object->refLock = NULL;
- }
- for (i=0; i < HASH_SIZE; i++) {
- object->head[i] = NULL;
- }
- object->objectInfo = NULL;
- object->infoFree = NULL;
- return object;
-}
-
-/*
- * look up and object structure from a handle. OBJECT_Handles only make
- * sense in terms of a given session. make a reference to that object
- * structure returned.
- */
-static PK11Object * fort11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
- PK11Session *session) {
- PK11Object **head;
- void *lock;
- PK11Slot *slot = fort11_SlotFromSession(session);
- PK11Object *object;
-
- /*
- * Token objects are stored in the slot. Session objects are stored
- * with the session.
- */
- head = slot->tokObjects;
- lock = slot->objectLock;
-
- FMUTEX_Lock(lock);
- pk11queue_find(object,handle,head,HASH_SIZE);
- if (object) {
- FMUTEX_Lock(object->refLock);
- object->refCount++;
- FMUTEX_Unlock(object->refLock);
- }
- FMUTEX_Unlock(lock);
-
- return(object);
-}
-
-/*
- * add an object to a slot andsession queue
- */
-static
-void fort11_DeleteObject(PK11Session *session, PK11Object *object) {
- PK11Slot *slot;
-
- if (session == NULL)
- return;
- slot = fort11_SlotFromSession(session);
- if (!fort11_isToken(object->handle)) {
- FMUTEX_Lock(session->objectLock);
- pk11queue_delete(&object->sessionList,0,session->objects,0);
- FMUTEX_Unlock(session->objectLock);
- }
- FMUTEX_Lock(slot->objectLock);
- pk11queue_delete(object,object->handle,slot->tokObjects,HASH_SIZE);
- FMUTEX_Unlock(slot->objectLock);
- fort11_FreeObject(object);
-}
-
-
-
-/*
- * ******************** Search Utilities *******************************
- */
-
-/* add an object to a search list */
-CK_RV
-fort11_AddToList(PK11ObjectListElement **list,PK11Object *object) {
- PK11ObjectListElement *newelem =
- (PK11ObjectListElement *)PORT_Alloc(sizeof(PK11ObjectListElement));
-
- if (newelem == NULL) return CKR_HOST_MEMORY;
-
- newelem->next = *list;
- newelem->object = object;
- FMUTEX_Lock(object->refLock);
- object->refCount++;
- FMUTEX_Unlock(object->refLock);
-
- *list = newelem;
- return CKR_OK;
-}
-
-
-/*
- * free a single list element. Return the Next object in the list.
- */
-PK11ObjectListElement *
-fort11_FreeObjectListElement(PK11ObjectListElement *objectList) {
- PK11ObjectListElement *ol = objectList->next;
-
- fort11_FreeObject(objectList->object);
- PORT_Free(objectList);
- return ol;
-}
-
-/* free an entire object list */
-void
-fort11_FreeObjectList(PK11ObjectListElement *objectList) {
- PK11ObjectListElement *ol;
-
- for (ol= objectList; ol != NULL; ol = fort11_FreeObjectListElement(ol)) {}
-}
-
-/*
- * free a search structure
- */
-void
-fort11_FreeSearch(PK11SearchResults *search) {
- if (search->handles) {
- PORT_Free(search->handles);
- }
- PORT_Free(search);
-}
-
-
-/*
- * Free up all the memory associated with an attribute. Reference count
- * must be zero to call this.
- */
-static void
-fort11_DestroyAttribute(PK11Attribute *attribute) {
- /*PORT_Assert(attribute->refCount == 0);*/
- FMUTEX_Destroy(attribute->refLock);
- if (attribute->attrib.pValue) {
- /* clear out the data in the attribute value... it may have been
- * sensitive data */
- PORT_Memset(attribute->attrib.pValue,0,attribute->attrib.ulValueLen);
- PORT_Free(attribute->attrib.pValue);
- }
- PORT_Free(attribute);
-}
-
-/*
- * delete an attribute from an object
- */
-static void
-fort11_DeleteAttribute(PK11Object *object, PK11Attribute *attribute) {
- FMUTEX_Lock(object->attributeLock);
- if (attribute->next || attribute->prev) {
- pk11queue_delete(attribute,attribute->handle,
- object->head,HASH_SIZE);
- }
- FMUTEX_Unlock(object->attributeLock);
- fort11_FreeAttribute(attribute);
-}
-
-/*
- * decode when a particular attribute may be modified
- * PK11_NEVER: This attribute must be set at object creation time and
- * can never be modified.
- * PK11_ONCOPY: This attribute may be modified only when you copy the
- * object.
- * PK11_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
- * FALSE to TRUE.
- * PK11_ALWAYS: This attribute can always be modified.
- * Some attributes vary their modification type based on the class of the
- * object.
- */
-PK11ModifyType
-fort11_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass) {
- /* if we don't know about it, user user defined, always allow modify */
- PK11ModifyType mtype = PK11_ALWAYS;
-
- switch(type) {
- /* NEVER */
- case CKA_CLASS:
- case CKA_CERTIFICATE_TYPE:
- case CKA_KEY_TYPE:
- case CKA_MODULUS:
- case CKA_MODULUS_BITS:
- case CKA_PUBLIC_EXPONENT:
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME:
- case CKA_SUBPRIME:
- case CKA_BASE:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- case CKA_VALUE_LEN:
- mtype = PK11_NEVER;
- break;
-
- /* ONCOPY */
- case CKA_TOKEN:
- case CKA_PRIVATE:
- mtype = PK11_ONCOPY;
- break;
-
- /* SENSITIVE */
- case CKA_SENSITIVE:
- mtype = PK11_SENSITIVE;
- break;
-
- /* ALWAYS */
- case CKA_LABEL:
- case CKA_APPLICATION:
- case CKA_ID:
- case CKA_SERIAL_NUMBER:
- case CKA_START_DATE:
- case CKA_END_DATE:
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_VERIFY:
- case CKA_SIGN_RECOVER:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- case CKA_UNWRAP:
- mtype = PK11_ALWAYS;
- break;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- mtype = (inClass == CKO_DATA) ? PK11_ALWAYS : PK11_NEVER;
- break;
-
- case CKA_SUBJECT:
- mtype = (inClass == CKO_CERTIFICATE) ? PK11_NEVER : PK11_ALWAYS;
- break;
- default:
- break;
- }
- return mtype;
-}
-
-/* decode if a particular attribute is sensitive (cannot be read
- * back to the user of if the object is set to SENSITIVE) */
-PRBool
-fort11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass) {
- switch(type) {
- /* ALWAYS */
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- return PR_TRUE;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- /* PRIVATE and SECRET KEYS have SENSITIVE values */
- return (PRBool)((inClass == CKO_PRIVATE_KEY) ||
- (inClass == CKO_SECRET_KEY));
-
- default:
- break;
- }
- return PR_FALSE;
-}
-
-static void
-fort11_DeleteAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
- attribute = fort11_FindAttribute(object, type);
- if (attribute == NULL) return ;
- fort11_DeleteAttribute(object,attribute);
-}
-
-
-/*
- * create a new nession. NOTE: The session handle is not set, and the
- * session is not added to the slot's session queue.
- */
-static PK11Session *
-fort11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
- CK_VOID_PTR pApplication,
- CK_FLAGS flags) {
- PK11Session *session;
- PK11Slot *slot = &fort11_slot[slotID-1];
- CK_RV mrv;
-
- if (slot == NULL) return NULL;
-
- session = (PK11Session*)PORT_Alloc(sizeof(PK11Session));
- if (session == NULL) return NULL;
-
- session->next = session->prev = NULL;
- session->refCount = 1;
- session->context = NULL;
- session->search = NULL;
- session->objectIDCount = 1;
- session->fortezzaContext.fortezzaKey = NULL;
- session->fortezzaContext.fortezzaSocket = NULL;
-
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&session->refLock);
- if (mrv != CKR_OK) {
- PORT_Free(session);
- return NULL;
- }
- mrv = FMUTEX_Create(&session->objectLock);
- if (mrv != CKR_OK) {
- FMUTEX_Destroy(session->refLock);
- PORT_Free(session);
- return NULL;
- }
- } else {
- session->refLock = NULL;
- session->objectLock = NULL;
- }
-
- session->objects[0] = NULL;
-
- session->slot = slot;
- session->notify = notify;
- session->appData = pApplication;
- session->info.flags = flags;
- session->info.slotID = slotID;
- fort11_update_state(slot,session);
- return session;
-}
-
-
-/*
- * look up a session structure from a session handle
- * generate a reference to it.
- */
-PK11Session *
-fort11_SessionFromHandle(CK_SESSION_HANDLE handle, PRBool isCloseSession) {
- PK11Slot *slot = fort11_SlotFromSessionHandle(handle);
- PK11Session *session;
-
- if (!isCloseSession &&
- !SocketStateUnchanged(&fortezzaSockets[slot->slotID-1]))
- return NULL;
-
- FMUTEX_Lock(slot->sessionLock);
- pk11queue_find(session,handle,slot->head,SESSION_HASH_SIZE);
- if (session) session->refCount++;
- FMUTEX_Unlock(slot->sessionLock);
-
- return (session);
-}
-
-/* free all the data associated with a session. */
-static void
-fort11_DestroySession(PK11Session *session)
-{
- PK11ObjectList *op,*next;
-/* PORT_Assert(session->refCount == 0);*/
-
- /* clean out the attributes */
- FMUTEX_Lock(session->objectLock);
- for (op = session->objects[0]; op != NULL; op = next) {
- next = op->next;
- /* paranoia */
- op->next = op->prev = NULL;
- fort11_DeleteObject(session,op->parent);
- }
- FMUTEX_Unlock(session->objectLock);
-
- FMUTEX_Destroy(session->objectLock);
- FMUTEX_Destroy(session->refLock);
-
- if (session->search) {
- fort11_FreeSearch(session->search);
- }
-
- pk11queue_delete(session, session->handle, session->slot->head,
- SESSION_HASH_SIZE);
-
- PORT_Free(session);
-}
-
-
-/*
- * release a reference to a session handle
- */
-void
-fort11_FreeSession(PK11Session *session) {
- PRBool destroy = PR_FALSE;
- PK11Slot *slot = NULL;
-
- if (!session) return; /*Quick fix to elminate crash*/
- /*Fix in later version */
-
- if (FMUTEX_MutexEnabled()) {
- slot = fort11_SlotFromSession(session);
- FMUTEX_Lock(slot->sessionLock);
- }
- if (session->refCount == 1) destroy = PR_TRUE;
- session->refCount--;
- if (FMUTEX_MutexEnabled()) {
- FMUTEX_Unlock(slot->sessionLock);
- }
-
- if (destroy) {
- fort11_DestroySession(session);
- }
-}
-
-
-/* return true if the object matches the template */
-PRBool
-fort11_objectMatch(PK11Object *object,CK_ATTRIBUTE_PTR theTemplate,int count) {
- int i;
-
- for (i=0; i < count; i++) {
- PK11Attribute *attribute =
- fort11_FindAttribute(object,theTemplate[i].type);
- if (attribute == NULL) {
- return PR_FALSE;
- }
- if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
- if (PORT_Memcmp(attribute->attrib.pValue,theTemplate[i].pValue,
- theTemplate[i].ulValueLen) == 0) {
- fort11_FreeAttribute(attribute);
- continue;
- }
- }
- fort11_FreeAttribute(attribute);
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-/* search through all the objects in the queue and return the template matches
- * in the object list.
- */
-CK_RV
-fort11_searchObjectList(PK11ObjectListElement **objectList,PK11Object **head,
- void *lock, CK_ATTRIBUTE_PTR theTemplate, int count) {
- int i;
- PK11Object *object;
- CK_RV rv;
-
- for(i=0; i < HASH_SIZE; i++) {
- /* We need to hold the lock to copy a consistant version of
- * the linked list. */
- FMUTEX_Lock(lock);
- for (object = head[i]; object != NULL; object= object->next) {
- if (fort11_objectMatch(object,theTemplate,count)) {
- rv = fort11_AddToList(objectList,object);
- if (rv != CKR_OK) {
- return rv;
- }
- }
- }
- FMUTEX_Unlock(lock);
- }
- return CKR_OK;
-}
-
-static PRBool
-fort11_NotAllFuncsNULL (CK_C_INITIALIZE_ARGS_PTR pArgs) {
- return (PRBool)(pArgs && pArgs->CreateMutex && pArgs->DestroyMutex &&
- pArgs->LockMutex && pArgs->UnlockMutex);
-}
-
-static PRBool
-fort11_InArgCheck(CK_C_INITIALIZE_ARGS_PTR pArgs) {
- PRBool rv;
- /* The only check for now, is to make sure that all of the
- * function pointers are either all NULL or all Non-NULL.
- * We also need to make sure the pReserved field in pArgs is
- * set to NULL.
- */
- if (pArgs == NULL) {
- return PR_TRUE; /* If the argument is NULL, no
- * inconsistencies can exist.
- */
- }
-
- if (pArgs->pReserved != NULL) {
- return PR_FALSE;
- }
-
- if (pArgs->CreateMutex != NULL) {
- rv = (PRBool) (pArgs->DestroyMutex != NULL &&
- pArgs->LockMutex != NULL &&
- pArgs->UnlockMutex != NULL);
- } else { /*pArgs->CreateMutex == NULL*/
- rv = (PRBool) (pArgs->DestroyMutex == NULL &&
- pArgs->LockMutex == NULL &&
- pArgs->UnlockMutex == NULL);
- }
- return rv;
-}
-
-
-
-/**********************************************************************
- *
- * Start of PKCS 11 functions
- *
- **********************************************************************/
-
-
-/**********************************************************************
- *
- * In order to get this to work on 68K, we have to do some special tricks,
- * First trick is that we need to make the module a Code Resource, and
- * all Code Resources on 68K have to have a main function. So we
- * define main to be a wrapper for C_GetFunctionList which will be the
- * first funnction called by any software that uses the PKCS11 module.
- *
- * The second trick is that whenever you access a global variable from
- * the Code Resource, it does funny things to the stack on 68K, so we
- * need to call some macros that handle the stack for us. First thing
- * you do is call EnterCodeResource() first thing in a function that
- * accesses a global, right before you leave that function, you call
- * ExitCodeResource. This will take care of stack management.
- *
- * Third trick is to call __InitCode__() when we first enter the module
- * so that all of the global variables get initialized properly.
- *
- **********************************************************************/
-
-#if defined(XP_MAC) && !defined(__POWERPC__)
-
-#define FORT11_RETURN(exp) {ExitCodeResource(); return (exp);}
-#define FORT11_ENTER() EnterCodeResource();
-
-#else /*XP_MAC*/
-
-#define FORT11_RETURN(exp) return (exp);
-#define FORT11_ENTER()
-
-#endif /*XP_MAC*/
-
-#define CARD_OK(rv) if ((rv) != CI_OK) FORT11_RETURN (CKR_DEVICE_ERROR);
-#define SLOT_OK(slot) if ((slot) > kNumSockets) FORT11_RETURN (CKR_SLOT_ID_INVALID);
-
-#ifdef XP_MAC
-/* This is not a 4.0 project, so I can't depend on
- * 4.0 defines, so instead I depend on CodeWarrior
- * defines.
- */
-#if __POWERPC__
-#elif __CFM68K__
-#else
-/* To get this to work on 68K, we need to have
- * the symbol main. So we just make it a wrapper for C_GetFunctionList.
- */
-PR_PUBLIC_API(CK_RV) main(CK_FUNCTION_LIST_PTR *pFunctionList) {
- FORT11_ENTER()
- CK_RV rv;
-
- __InitCode__();
-
- rv = C_GetFunctionList(pFunctionList);
- FORT11_RETURN (rv);
-}
-#endif
-
-#endif /*XP_MAC*/
-
-/* Return the function list */
-PR_PUBLIC_API(CK_RV) C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
- /* No need to do a FORT11_RETURN as this function will never be directly
- * called in the case where we need to do stack management.
- * The main function will call this after taking care of stack stuff.
- */
- *pFunctionList = &fort11_funcList;
- return CKR_OK;
-}
-
-
-/* C_Initialize initializes the Cryptoki library. */
-PR_PUBLIC_API(CK_RV) C_Initialize(CK_VOID_PTR pReserved) {
- FORT11_ENTER()
- int i,j, tempNumSockets;
- int rv = 1;
- CK_C_INITIALIZE_ARGS_PTR pArgs = (CK_C_INITIALIZE_ARGS_PTR)pReserved;
- CK_RV mrv;
-
- /* intialize all the slots */
- if (!init) {
- init = PR_TRUE;
-
- /* need to initialize locks before MACI_Initialize is called in
- * software fortezza. */
- if (pArgs) {
- if (!fort11_InArgCheck(pArgs)) {
- FORT11_RETURN (CKR_ARGUMENTS_BAD);
- }
- if (pArgs->flags & CKF_OS_LOCKING_OK){
- if (!fort11_NotAllFuncsNULL(pArgs)) {
- FORT11_RETURN (CKR_CANT_LOCK);
- }
- }
- if (fort11_NotAllFuncsNULL(pArgs)) {
- mrv = FMUTEX_Init(pArgs);
- if (mrv != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- }
- }
- rv = MACI_Initialize (&tempNumSockets);
- kNumSockets = (CK_ULONG)tempNumSockets;
-
- CARD_OK (rv);
- for (i=0; i < (int) kNumSockets; i++) {
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&fort11_slot[i].sessionLock);
- if (mrv != CKR_OK) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
- mrv = FMUTEX_Create(&fort11_slot[i].objectLock);
- if (mrv != CKR_OK) {
- FMUTEX_Destroy(fort11_slot[i].sessionLock);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
- } else {
- fort11_slot[i].sessionLock = NULL;
- fort11_slot[i].objectLock = NULL;
- }
- for(j=0; j < SESSION_HASH_SIZE; j++) {
- fort11_slot[i].head[j] = NULL;
- }
- for(j=0; j < HASH_SIZE; j++) {
- fort11_slot[i].tokObjects[j] = NULL;
- }
- fort11_slot[i].password = NULL;
- fort11_slot[i].hasTokens = PR_FALSE;
- fort11_slot[i].sessionIDCount = fort11_firstSessionID (i);
- fort11_slot[i].sessionCount = 0;
- fort11_slot[i].rwSessionCount = 0;
- fort11_slot[i].tokenIDCount = 1;
- fort11_slot[i].needLogin = PR_TRUE;
- fort11_slot[i].isLoggedIn = PR_FALSE;
- fort11_slot[i].ssoLoggedIn = PR_FALSE;
- fort11_slot[i].DB_loaded = PR_FALSE;
- fort11_slot[i].slotID= i+1;
- InitSocket(&fortezzaSockets[i], i+1);
- }
- }
- FORT11_RETURN (CKR_OK);
-}
-
-/*C_Finalize indicates that an application is done with the Cryptoki library.*/
-PR_PUBLIC_API(CK_RV) C_Finalize (CK_VOID_PTR pReserved) {
- FORT11_ENTER()
- int i;
-
- for (i=0; i< (int) kNumSockets; i++) {
- FreeSocket(&fortezzaSockets[i]);
- }
- MACI_Terminate(fortezzaSockets[0].maciSession);
- init = PR_FALSE;
- FORT11_RETURN (CKR_OK);
-}
-
-
-
-
-/* C_GetInfo returns general information about Cryptoki. */
-PR_PUBLIC_API(CK_RV) C_GetInfo(CK_INFO_PTR pInfo) {
- FORT11_ENTER()
- pInfo->cryptokiVersion = fort11_funcList.version;
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- pInfo->libraryVersion.major = 1;
- pInfo->libraryVersion.minor = 7;
- PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
- pInfo->flags = 0;
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_GetSlotList obtains a list of slots in the system. */
-PR_PUBLIC_API(CK_RV) C_GetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount) {
- FORT11_ENTER()
- int i;
-
- if (pSlotList != NULL) {
- if (*pulCount >= kNumSockets) {
- for (i=0; i < (int) kNumSockets; i++) {
- pSlotList[i] = i+1;
- }
- } else {
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
- } else {
- *pulCount = kNumSockets;
- }
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_GetSlotInfo obtains information about a particular slot in the system. */
-PR_PUBLIC_API(CK_RV) C_GetSlotInfo(CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo) {
- FORT11_ENTER()
- int rv;
- CI_CONFIG ciConfig;
- CI_STATE ciState;
- HSESSION maciSession;
- char slotDescription[65];
- FortezzaSocket *socket;
-
-
- SLOT_OK(slotID);
-
- socket = &fortezzaSockets[slotID-1];
- if (!socket->isOpen) {
- InitSocket(socket, slotID);
- }
- maciSession = socket->maciSession;
-
- rv = MACI_Select(maciSession, slotID);
-
- CARD_OK (rv)
-
- rv = MACI_GetConfiguration (maciSession, &ciConfig);
-
-
- pInfo->firmwareVersion.major = 0;
- pInfo->firmwareVersion.minor = 0;
-#ifdef SWFORT
- PORT_Memcpy (pInfo->manufacturerID,"Netscape Communications Corp ",32);
- PORT_Memcpy (slotDescription,"Netscape Software Slot # ",32);
-#define _local_BASE 24
-#else
- PORT_Memcpy (pInfo->manufacturerID,"LITRONIC ",32);
- PORT_Memcpy (slotDescription,"Litronic MACI Slot # ",32);
-#define _local_BASE 20
-#endif
- slotDescription[_local_BASE] = (char )((slotID < 10) ? slotID :
- slotID/10) + '0';
- if (slotID >= 10) slotDescription[_local_BASE+1] =
- (char)(slotID % 10) + '0';
- PORT_Memcpy (&slotDescription[32]," ",32);
- PORT_Memcpy (pInfo->slotDescription, slotDescription , 64);
- if (rv == CI_OK) {
- pInfo->hardwareVersion.major =
- (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
- pInfo->hardwareVersion.minor =
- ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
- pInfo->flags = CKF_TOKEN_PRESENT;
- } else {
- pInfo->hardwareVersion.major = 0;
- pInfo->hardwareVersion.minor = 0;
- pInfo->flags = 0;
- }
-#ifdef SWFORT
- /* do we need to make it a removable device as well?? */
- pInfo->flags |= CKF_REMOVABLE_DEVICE;
-#else
- pInfo->flags |= (CKF_REMOVABLE_DEVICE | CKF_HW_SLOT);
-#endif
-
- rv = MACI_GetState(maciSession, &ciState);
-
- if (rv == CI_OK) {
- switch (ciState) {
- case CI_ZEROIZE:
- case CI_INTERNAL_FAILURE:
- pInfo->flags &= (~CKF_TOKEN_PRESENT);
- default:
- break;
- }
- } else {
- pInfo->flags &= (~CKF_TOKEN_PRESENT);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-#define CKF_THREAD_SAFE 0x8000
-
-/* C_GetTokenInfo obtains information about a particular token
- in the system. */
-PR_PUBLIC_API(CK_RV) C_GetTokenInfo(CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo) {
- FORT11_ENTER()
- CI_STATUS cardStatus;
- CI_CONFIG ciConfig;
- PK11Slot *slot;
- int rv, i;
- char tmp[33];
- FortezzaSocket *socket;
-
- SLOT_OK (slotID);
-
- slot = &fort11_slot[slotID-1];
-
- socket = &fortezzaSockets[slotID-1];
- if (!socket->isOpen) {
- InitSocket(socket, slotID);
- }
-
- rv = MACI_Select (socket->maciSession, slotID);
- rv = MACI_GetStatus (socket->maciSession, &cardStatus);
- if (rv != CI_OK) {
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
-#ifdef SWFORT
- sprintf (tmp, "Software FORTEZZA Slot #%d", (int) slotID);
-#else
- sprintf (tmp, "FORTEZZA Slot #%d", (int) slotID);
-#endif
-
- PORT_Memcpy (pInfo->label, tmp, PORT_Strlen(tmp)+1);
-
- for (i=0; i<8; i++) {
- int serNum;
-
- serNum = (int)cardStatus.SerialNumber[i];
- sprintf ((char*)&pInfo->serialNumber[2*i], "%.2x", serNum);
- }
-
- rv = MACI_GetTime (fortezzaSockets[slotID-1].maciSession, pInfo->utcTime);
- if (rv == CI_OK) {
- pInfo->flags = CKF_CLOCK_ON_TOKEN;
- } else {
- switch (rv) {
- case CI_LIB_NOT_INIT:
- case CI_INV_POINTER:
- case CI_NO_CARD:
- case CI_NO_SOCKET:
- FORT11_RETURN (CKR_DEVICE_ERROR);
- default:
- pInfo->flags = 0;
- break;
- }
- }
-
- rv = MACI_GetConfiguration (fortezzaSockets[slotID-1].maciSession,
- &ciConfig);
-
- if (rv == CI_OK) {
- PORT_Memcpy(pInfo->manufacturerID,ciConfig.ManufacturerName,
- PORT_Strlen(ciConfig.ManufacturerName));
- for (i=PORT_Strlen(ciConfig.ManufacturerName); i<32; i++) {
- pInfo->manufacturerID[i] = ' ';
- }
- PORT_Memcpy(pInfo->model,ciConfig.ProcessorType,16);
- }
- pInfo->ulMaxPinLen = CI_PIN_SIZE;
- pInfo->ulMinPinLen = 0;
- pInfo->ulTotalPublicMemory = 0;
- pInfo->ulFreePublicMemory = 0;
- pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED| CKF_USER_PIN_INITIALIZED |
- CKF_THREAD_SAFE | CKF_WRITE_PROTECTED;
-
- pInfo->ulMaxSessionCount = 0;
- pInfo->ulSessionCount = slot->sessionCount;
- pInfo->ulMaxRwSessionCount = 0;
- pInfo->ulRwSessionCount = slot->rwSessionCount;
-
- if (rv == CI_OK) {
- pInfo->firmwareVersion.major =
- (ciConfig.ManufacturerSWVer & MAJOR_VERSION_MASK) >> 8;
- pInfo->firmwareVersion.minor =
- ciConfig.ManufacturerSWVer & MINOR_VERSION_MASK;
- pInfo->hardwareVersion.major =
- (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
- pInfo->hardwareVersion.minor =
- ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
- }
- FORT11_RETURN (CKR_OK);
-}
-
-
-
-/* C_GetMechanismList obtains a list of mechanism types supported by a
- token. */
-PR_PUBLIC_API(CK_RV) C_GetMechanismList(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount) {
- FORT11_ENTER()
- CK_RV rv = CKR_OK;
- int i;
-
- SLOT_OK (slotID);
-
- if (pMechanismList == NULL) {
- *pulCount = mechanismCount;
- } else {
- if (*pulCount >= mechanismCount) {
- *pulCount = mechanismCount;
- for (i=0; i< (int)mechanismCount; i++) {
- pMechanismList[i] = mechanisms[i].type;
- }
- } else {
- rv = CKR_BUFFER_TOO_SMALL;
- }
- }
- FORT11_RETURN (rv);
-}
-
-
-/* C_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
-PR_PUBLIC_API(CK_RV) C_GetMechanismInfo(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo) {
- int i;
- FORT11_ENTER()
- SLOT_OK (slotID);
-
- for (i=0; i< (int)mechanismCount; i++) {
- if (type == mechanisms[i].type) {
- PORT_Memcpy (pInfo, &mechanisms[i].domestic, sizeof (CK_MECHANISM_INFO));
- FORT11_RETURN (CKR_OK);
- }
- }
- FORT11_RETURN (CKR_MECHANISM_INVALID);
-}
-
-
-/* C_InitToken initializes a token. */
-PR_PUBLIC_API(CK_RV) C_InitToken(CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-PR_PUBLIC_API(CK_RV) C_InitPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
-PR_PUBLIC_API(CK_RV) C_SetPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen) {
- FORT11_ENTER()
-#ifndef SWFORT
- CI_PIN ciOldPin, ciNewPin;
-#endif
- PK11Session *session;
- PK11Slot *slot;
- int rv;
-
- session = fort11_SessionFromHandle (hSession, PR_FALSE);
-
- slot = fort11_SlotFromSession (session);
- SLOT_OK(slot->slotID)
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- rv = MACI_Select (fortezzaSockets[slot->slotID-1].maciSession, slot->slotID);
- CARD_OK (rv)
-
- if (slot->needLogin && session->info.state != CKS_RW_USER_FUNCTIONS) {
- fort11_FreeSession (session);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- fort11_FreeSession (session);
-
- if (ulNewLen > CI_PIN_SIZE || ulOldLen > CI_PIN_SIZE)
- FORT11_RETURN (CKR_PIN_LEN_RANGE);
-
-#ifndef SWFORT
- fort11_convertToCIPin (ciOldPin,pOldPin, ulOldLen);
- fort11_convertToCIPin (ciNewPin,pNewPin, ulNewLen);
-
- rv = MACI_ChangePIN (fortezzaSockets[slot->slotID-1].maciSession,
- CI_USER_PIN, ciOldPin, ciNewPin);
-#else
- rv = MACI_ChangePIN (fortezzaSockets[slot->slotID-1].maciSession,
- CI_USER_PIN, pOldPin, pNewPin);
-#endif
-
- if (rv != CI_OK) {
- switch (rv) {
- case CI_FAIL:
- FORT11_RETURN (CKR_PIN_INCORRECT);
- default:
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_OpenSession opens a session between an application and a token. */
-PR_PUBLIC_API(CK_RV) C_OpenSession(CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession) {
- FORT11_ENTER()
- PK11Slot *slot;
- CK_SESSION_HANDLE sessionID;
- PK11Session *session;
- FortezzaSocket *socket;
-
- SLOT_OK (slotID)
- slot = &fort11_slot[slotID-1];
- socket = &fortezzaSockets[slotID-1];
-
- if (!socket->isOpen) {
- if (InitSocket(socket, slotID) != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_TOKEN_NOT_PRESENT);
- }
- }
-
- session = fort11_NewSession (slotID, Notify, pApplication,
- flags | CKF_SERIAL_SESSION);
-
- if (session == NULL) FORT11_RETURN (CKR_HOST_MEMORY);
-
- FMUTEX_Lock(slot->sessionLock);
-
- slot->sessionIDCount += ADD_NEXT_SESS_ID;
- sessionID = slot->sessionIDCount;
- fort11_update_state (slot, session);
- pk11queue_add (session, sessionID, slot->head, SESSION_HASH_SIZE);
- slot->sessionCount++;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount++;
- }
- session->handle = sessionID;
- session->info.ulDeviceError = 0;
-
- FMUTEX_Unlock(slot->sessionLock);
-
- *phSession = sessionID;
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_CloseSession closes a session between an application and a token. */
-PR_PUBLIC_API(CK_RV) C_CloseSession(CK_SESSION_HANDLE hSession) {
- FORT11_ENTER()
- PK11Slot *slot;
- PK11Session *session;
-
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- slot = fort11_SlotFromSessionHandle (hSession);
-
- if (session == NULL) {
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- FMUTEX_Lock(slot->sessionLock);
- if (session->next || session->prev) {
- session->refCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- if (slot->sessionCount == 0) {
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- }
- }
-
- FMUTEX_Unlock(slot->sessionLock);
-
- fort11_FreeSession (session);
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-PR_PUBLIC_API(CK_RV) C_CloseAllSessions (CK_SLOT_ID slotID) {
- FORT11_ENTER()
- PK11Slot *slot;
- PK11Session *session;
- int i;
-
-
- slot = fort11_SlotFromID(slotID);
- if (slot == NULL) FORT11_RETURN (CKR_SLOT_ID_INVALID);
-
- /* first log out the card */
- FMUTEX_Lock(slot->sessionLock);
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- FMUTEX_Unlock(slot->sessionLock);
-
- /* now close all the current sessions */
- /* NOTE: If you try to open new sessions before C_CloseAllSessions
- * completes, some of those new sessions may or may not be closed by
- * C_CloseAllSessions... but any session running when this code starts
- * will guarrenteed be close, and no session will be partially closed */
- for (i=0; i < SESSION_HASH_SIZE; i++) {
- do {
- FMUTEX_Lock(slot->sessionLock);
- session = slot->head[i];
- /* hand deque */
- /* this duplicates much of C_close session functionality, but because
- * we know that we are freeing all the sessions, we and do some
- * more efficient processing */
- if (session) {
- slot->head[i] = session->next;
- if (session->next) session->next->prev = NULL;
- session->next = session->prev = NULL;
- slot->sessionCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- }
- FMUTEX_Unlock(slot->sessionLock);
- if (session) fort11_FreeSession(session);
- } while (session != NULL);
- }
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_GetSessionInfo obtains information about the session. */
-PR_PUBLIC_API(CK_RV) C_GetSessionInfo(CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo) {
- FORT11_ENTER()
- PK11Session *session;
- PK11Slot *slot;
- CI_STATE cardState;
- FortezzaSocket *socket;
- int ciRV;
-
- session = fort11_SessionFromHandle (hSession, PR_FALSE);
- slot = fort11_SlotFromSessionHandle(hSession);
- socket = &fortezzaSockets[slot->slotID-1];
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- PORT_Memcpy (pInfo, &session->info, sizeof (CK_SESSION_INFO));
- fort11_FreeSession(session);
-
- ciRV = MACI_Select(socket->maciSession, slot->slotID);
- CARD_OK(ciRV)
-
- ciRV = MACI_GetState(socket->maciSession, &cardState);
- CARD_OK(ciRV)
-
- if (socket->isLoggedIn) {
- switch (cardState) {
- case CI_POWER_UP:
- case CI_UNINITIALIZED:
- case CI_INITIALIZED:
- case CI_SSO_INITIALIZED:
- case CI_LAW_INITIALIZED:
- case CI_USER_INITIALIZED:
- pInfo->state = CKS_RO_PUBLIC_SESSION;
- break;
- case CI_STANDBY:
- case CI_READY:
- pInfo->state = CKS_RO_USER_FUNCTIONS;
- break;
- default:
- pInfo->state = CKS_RO_PUBLIC_SESSION;
- break;
- }
- } else {
- pInfo->state = CKS_RO_PUBLIC_SESSION;
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Login logs a user into a token. */
-PR_PUBLIC_API(CK_RV) C_Login(CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen) {
- FORT11_ENTER()
- PK11Slot *slot;
- PK11Session *session;
-#ifndef SWFORT
- CI_PIN ciPin;
-#endif
- int rv, ciUserType;
-
- slot = fort11_SlotFromSessionHandle (hSession);
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- fort11_FreeSession(session);
-
- if (slot->isLoggedIn) FORT11_RETURN (CKR_USER_ALREADY_LOGGED_IN);
- slot->ssoLoggedIn = PR_FALSE;
-
-#ifndef SWFORT
- if (ulPinLen > CI_PIN_SIZE) FORT11_RETURN (CKR_PIN_LEN_RANGE);
-
- fort11_convertToCIPin (ciPin, pPin, ulPinLen);
-#endif
- switch (userType) {
- case CKU_SO:
- ciUserType = CI_SSO_PIN;
- break;
- case CKU_USER:
- ciUserType = CI_USER_PIN;
- break;
- default:
- FORT11_RETURN (CKR_USER_TYPE_INVALID);
- }
-
-#ifndef SWFORT
- rv = LoginToSocket(&fortezzaSockets[slot->slotID-1], ciUserType, ciPin);
-#else
- rv = LoginToSocket(&fortezzaSockets[slot->slotID-1], ciUserType, pPin);
-#endif
-
- switch (rv) {
- case SOCKET_SUCCESS:
- break;
- case CI_FAIL:
- FORT11_RETURN (CKR_PIN_INCORRECT);
- default:
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- FMUTEX_Lock(slot->sessionLock);
- slot->isLoggedIn = PR_TRUE;
- if (userType == CKU_SO) {
- slot->ssoLoggedIn = PR_TRUE;
- }
- FMUTEX_Unlock(slot->sessionLock);
-
- fort11_update_all_states(slot);
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Logout logs a user out from a token. */
-PR_PUBLIC_API(CK_RV) C_Logout(CK_SESSION_HANDLE hSession) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (!slot->isLoggedIn)
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-
- FMUTEX_Lock(slot->sessionLock);
-
- slot->isLoggedIn = PR_FALSE;
- slot->ssoLoggedIn = PR_FALSE;
- slot->password = NULL;
- LogoutFromSocket (&fortezzaSockets[slot->slotID-1]);
-
- FMUTEX_Unlock(slot->sessionLock);
-
- fort11_update_all_states(slot);
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_CreateObject creates a new object. */
-PR_PUBLIC_API(CK_RV) C_CreateObject(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_CopyObject copies an object, creating a new object for the copy. */
-PR_PUBLIC_API(CK_RV) C_CopyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DestroyObject destroys an object. */
-PR_PUBLIC_API(CK_RV) C_DestroyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11FreeStatus status;
-
- /*
- * This whole block just makes sure we really can destroy the
- * requested object.
- */
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- object = fort11_ObjectFromHandle(hObject,session);
- if (object == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OBJECT_HANDLE_INVALID);
- }
-
- /* don't destroy a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (fort11_isTrue(object,CKA_PRIVATE))) {
- fort11_FreeSession(session);
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- /* don't destroy a token object if we aren't in a rw session */
-
- if (((session->info.flags & CKF_RW_SESSION) == 0) &&
- (fort11_isTrue(object,CKA_TOKEN))) {
- fort11_FreeSession(session);
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_SESSION_READ_ONLY);
- }
-
- /* ACTUALLY WE NEED TO DEAL WITH TOKEN OBJECTS AS WELL */
- FMUTEX_Lock(session->objectLock);
- fort11_DeleteObject(session,object);
- FMUTEX_Unlock(session->objectLock);
-
- fort11_FreeSession(session);
-
- /*
- * get some indication if the object is destroyed. Note: this is not
- * 100%. Someone may have an object reference outstanding (though that
- * should not be the case by here. Also now that the object is "half"
- * destroyed. Our internal representation is destroyed, but it is still
- * in the data base.
- */
- status = fort11_FreeObject(object);
-
- FORT11_RETURN ((status != PK11_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR);
-}
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-PR_PUBLIC_API(CK_RV) C_GetObjectSize(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- *pulSize = 0;
- return CKR_OK;
-}
-
-
-/* C_GetAttributeValue obtains the value of one or more object attributes. */
-PR_PUBLIC_API(CK_RV) C_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11Attribute *attribute;
- PRBool sensitive;
- int i;
-
- /*
- * make sure we're allowed
- */
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- object = fort11_ObjectFromHandle(hObject,session);
- fort11_FreeSession(session);
- if (object == NULL) {
- FORT11_RETURN (CKR_OBJECT_HANDLE_INVALID);
- }
-
- /* don't read a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (fort11_isTrue(object,CKA_PRIVATE))) {
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- sensitive = fort11_isTrue(object,CKA_SENSITIVE);
- for (i=0; i < (int)ulCount; i++) {
- /* Make sure that this attribute is retrievable */
- if (sensitive && fort11_isSensitive(pTemplate[i].type,object->objclass)) {
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_ATTRIBUTE_SENSITIVE);
- }
- attribute = fort11_FindAttribute(object,pTemplate[i].type);
- if (attribute == NULL) {
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_ATTRIBUTE_TYPE_INVALID);
- }
- if (pTemplate[i].pValue != NULL) {
- PORT_Memcpy(pTemplate[i].pValue,attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- }
- pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
- fort11_FreeAttribute(attribute);
- }
-
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_SetAttributeValue modifies the value of one or more object attributes */
-PR_PUBLIC_API(CK_RV) C_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
-PR_PUBLIC_API(CK_RV) C_FindObjectsInit(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11ObjectListElement *objectList = NULL;
- PK11ObjectListElement *olp;
- PK11SearchResults *search, *freeSearch;
- FortezzaSocket *currSocket;
- int rv, count, i;
-
- if (slot == NULL) {
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
-
- if ((!slot->isLoggedIn) && (slot->needLogin))
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- currSocket = &fortezzaSockets[slot->slotID-1];
- if (currSocket->personalityList == NULL) {
- rv = FetchPersonalityList(currSocket);
- if (rv != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- rv = fort11_BuildCertObjects(currSocket, slot, session);
-
- if (rv != CKR_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (rv);
- }
-
-
- }
- rv = fort11_searchObjectList(&objectList, slot->tokObjects,
- slot->objectLock, pTemplate, ulCount);
- if (rv != CKR_OK) {
- fort11_FreeObjectList(objectList);
- fort11_FreeSession(session);
- FORT11_RETURN (rv);
- }
-
- /*copy list to session*/
-
- count = 0;
- for(olp = objectList; olp != NULL; olp = olp->next) {
- count++;
- }
-
- search = (PK11SearchResults *)PORT_Alloc(sizeof(PK11SearchResults));
- if (search != NULL) {
- search->handles = (CK_OBJECT_HANDLE *)
- PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * count);
- if (search->handles != NULL) {
- for (i=0; i < count; i++) {
- search->handles[i] = objectList->object->handle;
- objectList = fort11_FreeObjectListElement(objectList);
- }
- } else {
- PORT_Free(search);
- search = NULL;
- }
- }
- if (search == NULL) {
- fort11_FreeObjectList(objectList);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- /* store the search info */
- search->index = 0;
- search->size = count;
- if ((freeSearch = session->search) != NULL) {
- session->search = NULL;
- fort11_FreeSearch(freeSearch);
- }
- session->search = search;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
-PR_PUBLIC_API(CK_RV) C_FindObjects(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount) {
- FORT11_ENTER()
- PK11Session *session;
- PK11SearchResults *search;
- PK11Slot *slot;
- int transfer;
- unsigned long left;
-
- *pulObjectCount = 0;
- session = fort11_SessionFromHandle(hSession,PR_FALSE);
- slot = fort11_SlotFromSessionHandle(hSession);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- if (session->search == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
- search = session->search;
- left = session->search->size - session->search->index;
- transfer = (ulMaxObjectCount > left) ? left : ulMaxObjectCount;
- PORT_Memcpy(phObject,&search->handles[search->index],
- transfer*sizeof(CK_OBJECT_HANDLE_PTR));
- search->index += transfer;
- if (search->index == search->size) {
- session->search = NULL;
- fort11_FreeSearch(search);
- }
- fort11_FreeSession(session);
- *pulObjectCount = transfer;
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_FindObjectsFinal finishes a search for token and session objects. */
-PR_PUBLIC_API(CK_RV) C_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
- FORT11_ENTER()
- PK11Session *session;
- PK11SearchResults *search;
- PK11Slot *slot;
-
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- slot = fort11_SlotFromSessionHandle(hSession);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- search = session->search;
- session->search = NULL;
- if (search == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
- fort11_FreeSearch(search);
-
- /* UnloadPersonalityList(&fortezzaSockets[session->slot->slotID-1]); */
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptInit initializes an encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Object *keyObject;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs = socket->maciSession;
- FortezzaKey *fortezzaKey;
- CI_IV fortezzaIV;
- int ciRV, registerIndex;
-
-
- if (pMechanism->mechanism != CKM_SKIPJACK_CBC64) {
- if (session) {
- fort11_FreeSession(session);
- }
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- keyObject = fort11_ObjectFromHandle (hKey, session);
-
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- ciRV = MACI_Select (hs, slot->slotID);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_SetMode(hs, CI_ENCRYPT_TYPE, CI_CBC64_MODE);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- /*Load the correct key into a key register*/
- fortezzaKey = (FortezzaKey*)keyObject->objectInfo;
- fort11_FreeObject (keyObject);
- if (fortezzaKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (fortezzaKey->keyRegister == KeyNotLoaded) {
- registerIndex = LoadKeyIntoRegister (fortezzaKey);
- } else {
- registerIndex = fortezzaKey->keyRegister;
- }
-
- if (registerIndex == KeyNotLoaded) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_SetKey (hs,registerIndex);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_GenerateIV(hs, fortezzaIV);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- context = &session->fortezzaContext;
- InitContext(context, socket, hKey);
- ciRV = SaveState(context, fortezzaIV, session, fortezzaKey,
- CI_ENCRYPT_EXT_TYPE, pMechanism->mechanism);
- if (ciRV != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (pMechanism->pParameter != NULL &&
- pMechanism->ulParameterLen >= sizeof(CI_IV)) {
- PORT_Memcpy (pMechanism->pParameter, fortezzaIV, sizeof(CI_IV));
- }
-
- InitCryptoOperation(context, Encrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Encrypt encrypts single-part data. */
-PR_PUBLIC_API(CK_RV) C_Encrypt (CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs;
- CK_RV rv;
-
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession , PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- if (GetCryptoOperation(context) != Encrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- *pulEncryptedDataLen = ulDataLen;
- if (pEncryptedData == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- hs = socket->maciSession;
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- rv = EncryptData (context, pData, ulDataLen,
- pEncryptedData, *pulEncryptedDataLen);
- MACI_Unlock(hs);
- FMUTEX_Unlock(socket->registersLock);
-
- if (rv != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- EndCryptoOperation(context, Encrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptUpdate continues a multiple-part encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
-
- if (GetCryptoOperation(context) != Encrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- if (pEncryptedPart == NULL) {
- *pulEncryptedPartLen = ulPartLen;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- if (*pulEncryptedPartLen < ulPartLen) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
-
- *pulEncryptedPartLen = ulPartLen;
-
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock(socket->maciSession, CI_BLOCK_LOCK_FLAG);
- rv = EncryptData(context,pPart, ulPartLen, pEncryptedPart,
- *pulEncryptedPartLen);
- MACI_Unlock(socket->maciSession);
- FMUTEX_Unlock(socket->registersLock);
-
- fort11_FreeSession(session);
- if (rv != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptFinal finishes a multiple-part encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen){
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
-
- rv = EndCryptoOperation(context, Encrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-/* C_DecryptInit initializes a decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptInit( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Object *keyObject;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs = socket->maciSession;
- FortezzaKey *fortezzaKey;
- CI_IV fortezzaIV;
- int ciRV, registerIndex;
-
- if (pMechanism->mechanism != CKM_SKIPJACK_CBC64) {
- if (session) fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- keyObject = fort11_ObjectFromHandle (hKey, session);
-
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- fortezzaKey = (FortezzaKey*)keyObject->objectInfo;
- fort11_FreeObject(keyObject);
-
- if (fortezzaKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- ciRV = MACI_Select (hs, slot->slotID);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_SetMode(hs, CI_DECRYPT_TYPE, CI_CBC64_MODE);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- FMUTEX_Lock(socket->registersLock);
- if (fortezzaKey->keyRegister == KeyNotLoaded) {
- registerIndex = LoadKeyIntoRegister(fortezzaKey);
- } else {
- registerIndex = fortezzaKey->keyRegister;
- }
-
- if (registerIndex == KeyNotLoaded) {
- FMUTEX_Unlock(socket->registersLock);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- if (pMechanism->pParameter == NULL ||
- pMechanism->ulParameterLen < sizeof (CI_IV)) {
- FORT11_RETURN (CKR_MECHANISM_PARAM_INVALID);
- }
-
- PORT_Memcpy (fortezzaIV, pMechanism->pParameter, sizeof(CI_IV));
-
- ciRV = MACI_SetKey (hs, registerIndex);
- if (ciRV != CI_OK) {
- FMUTEX_Unlock(socket->registersLock);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_LoadIV (hs, fortezzaIV);
- if (ciRV != CI_OK) {
- FMUTEX_Unlock(socket->registersLock);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- context = &session->fortezzaContext;
- InitContext(context, socket, hKey);
- ciRV = SaveState (context, fortezzaIV, session, fortezzaKey,
- CI_DECRYPT_EXT_TYPE, pMechanism->mechanism);
-
- FMUTEX_Unlock(socket->registersLock);
-
- if (ciRV != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- InitCryptoOperation (context, Decrypt);
- fort11_FreeSession (session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-PR_PUBLIC_API(CK_RV) C_Decrypt(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs;
- CK_RV rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
-
- if (GetCryptoOperation(context) != Decrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- *pulDataLen = ulEncryptedDataLen;
- if (pData == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- hs = socket->maciSession;
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock(hs, CI_NULL_FLAG);
- rv = DecryptData (context, pEncryptedData, ulEncryptedDataLen,
- pData, *pulDataLen);
- MACI_Unlock(hs);
- FMUTEX_Unlock(socket->registersLock);
- if (rv != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- EndCryptoOperation (context, Decrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DecryptUpdate continues a multiple-part decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession (session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- hs = socket->maciSession;
-
- if (GetCryptoOperation(context) != Decrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- if (pPart == NULL) {
- *pulPartLen = ulEncryptedPartLen;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- *pulPartLen = ulEncryptedPartLen;
-
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock (hs, CI_NULL_FLAG);
- rv = DecryptData (context, pEncryptedPart, ulEncryptedPartLen, pPart,
- *pulPartLen);
- MACI_Unlock(hs);
- FMUTEX_Unlock(socket->registersLock);
-
- fort11_FreeSession(session);
-
- if (rv != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DecryptFinal finishes a multiple-part decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- EndCryptoOperation (context, Decrypt);
-
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/*
- ************** Crypto Functions: Digest (HASH) ************************
- */
-
-/* C_DigestInit initializes a message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_Digest digests data in a single part. */
-PR_PUBLIC_API(CK_RV) C_Digest(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/*
- ************** Crypto Functions: Sign ************************
- */
-
-/* C_SignInit initializes a signature (private key encryption) operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_SignInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Object *keyObject;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- PK11Attribute *idAttribute;
- int personalityIndex;
- HSESSION hs = socket->maciSession;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pMechanism->mechanism != CKM_DSA) {
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- keyObject = fort11_ObjectFromHandle (hKey, session);
-
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- InitContext(context, socket, hKey);
- InitCryptoOperation (context, Sign);
- fort11_FreeSession(session);
-
- idAttribute = fort11_FindAttribute(keyObject, CKA_ID);
- fort11_FreeObject(keyObject);
-
- if (idAttribute == NULL) {
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- personalityIndex = *(int*)(idAttribute->attrib.pValue);
- fort11_FreeAttribute(idAttribute);
-
- MACI_Select (hs, slot->slotID);
- if (MACI_SetPersonality (hs,personalityIndex) != CI_OK) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_Sign(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen) {
-
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- HSESSION hs = socket->maciSession;
- PK11Object *keyObject;
- PK11Attribute *idAttribute;
- int ciRV, personalityIndex;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
-
- context = &session->fortezzaContext;
- if (GetCryptoOperation(context) != Sign) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- if (pSignature == NULL) {
- *pulSignatureLen = 40;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- if (ulDataLen > 20) {
- FORT11_RETURN (CKR_DATA_LEN_RANGE);
- }
-
- if (*pulSignatureLen < 40) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
- *pulSignatureLen = 40;
-
- keyObject = fort11_ObjectFromHandle(context->hKey, session);
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN(CKR_GENERAL_ERROR);
- }
-
- idAttribute = fort11_FindAttribute(keyObject, CKA_ID);
- fort11_FreeObject(keyObject);
-
- personalityIndex = *(int*)(idAttribute->attrib.pValue);
- fort11_FreeAttribute(idAttribute);
-
- MACI_Select(hs, slot->slotID);
-
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- ciRV = MACI_SetPersonality(hs, personalityIndex);
- if (ciRV != CI_OK) {
- MACI_Unlock(hs);
- fort11_FreeSession(session);
- FORT11_RETURN(CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_Sign (hs, pData, pSignature);
- if (ciRV != CI_OK) {
- MACI_Unlock(hs);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- MACI_Unlock(hs);
- EndCryptoOperation (context, Sign);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_SignUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * FORT11_RETURNing the signature. */
-PR_PUBLIC_API(CK_RV) C_SignFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions: Sign Recover ************************
- */
-/* C_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-PR_PUBLIC_API(CK_RV) C_SignRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-PR_PUBLIC_API(CK_RV) C_SignRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions: verify ************************
- */
-
-/* C_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-PR_PUBLIC_API(CK_RV) C_VerifyInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_Verify(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_VerifyUpdate( CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
-PR_PUBLIC_API(CK_RV) C_VerifyFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions: Verify Recover ************************
- */
-
-/* C_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-PR_PUBLIC_API(CK_RV) C_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-PR_PUBLIC_API(CK_RV) C_VerifyRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- **************************** Key Functions: ************************
- */
-
-#define MAX_KEY_LEN 256
-/* C_GenerateKey generates a secret key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_GenerateKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *key;
- FortezzaKey *newKey;
- int i, keyRegister;
- CK_ULONG key_length = 0;
- CK_RV crv = CKR_OK;
- CK_OBJECT_CLASS secretKey = CKO_SECRET_KEY;
- CK_BBOOL False = FALSE;
- CK_BBOOL cktrue = TRUE;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- if (pMechanism->mechanism != CKM_SKIPJACK_KEY_GEN) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- key = fort11_NewObject(slot);
-
- if (key == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- for (i=0; i < (int) ulCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG *)pTemplate[i].pValue;
- continue;
- }
- crv = fort11_AddAttributeType (key, pk11_attr_expand (&pTemplate[i]));
- if (crv != CKR_OK)
- break;
- }
-
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
-
- /* make sure we don't have any class, key_type, or value fields */
- fort11_DeleteAttributeType(key,CKA_CLASS);
- fort11_DeleteAttributeType(key,CKA_KEY_TYPE);
- fort11_DeleteAttributeType(key,CKA_VALUE);
-
- if (MAX_KEY_LEN < key_length) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- }
-
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
-
- if (fort11_AddAttributeType(key, CKA_CLASS,&secretKey,
- sizeof(CK_OBJECT_CLASS)) != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (fort11_AddAttributeType(key, CKA_TOKEN, &False,
- sizeof(CK_BBOOL)) != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (fort11_isTrue(key,CKA_SENSITIVE)) {
- fort11_forceAttribute(key,CKA_ALWAYS_SENSITIVE,&cktrue,
- sizeof(CK_BBOOL));
- }
- if (!fort11_isTrue(key,CKA_EXTRACTABLE)) {
- fort11_forceAttribute(key,CKA_NEVER_EXTRACTABLE,&cktrue,
- sizeof(CK_BBOOL));
- }
-
- FMUTEX_Lock(socket->registersLock);
-
- keyRegister = GetBestKeyRegister(socket);
- newKey = NewFortezzaKey(socket, MEK, NULL, keyRegister);
-
- FMUTEX_Unlock(socket->registersLock);
-
- if (newKey == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- key->objectInfo = (void*)newKey;
- key->infoFree = fort11_FreeFortezzaKey;
-
- FMUTEX_Lock(slot->objectLock);
- key->handle = slot->tokenIDCount++;
- key->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
-
- key->objclass = secretKey;
- key->slot = slot;
- key->inDB = PR_TRUE;
-
- fort11_AddObject(session, key);
- fort11_FreeSession(session);
- SetFortezzaKeyHandle(newKey, key->handle);
- *phKey = key->handle;
-
- FORT11_RETURN (CKR_OK);
-
-}
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-PR_PUBLIC_API(CK_RV) C_GenerateKeyPair
- (CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPrivateKey,
- CK_OBJECT_HANDLE_PTR phPublicKey) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-PR_PUBLIC_API(CK_RV) C_WrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *wrapKey;
- PK11Object *srcKey;
- FortezzaKey *wrapFortKey;
- FortezzaKey *srcFortKey;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (!socket->isLoggedIn) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- if (pMechanism->mechanism != CKM_SKIPJACK_WRAP) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- wrapKey = fort11_ObjectFromHandle (hWrappingKey, session);
- if ((wrapKey == NULL) || (wrapKey->objectInfo == NULL)) {
- if (wrapKey)
- fort11_FreeObject(wrapKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- srcKey = fort11_ObjectFromHandle (hKey, session);
- fort11_FreeSession(session);
- if ((srcKey == NULL) || (srcKey->objectInfo == NULL)) {
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- wrapFortKey = (FortezzaKey*)wrapKey->objectInfo;
- fort11_FreeObject(wrapKey);
-
- srcFortKey = (FortezzaKey*)srcKey->objectInfo;
- fort11_FreeObject(srcKey);
-
- FMUTEX_Lock(socket->registersLock);
- if (wrapFortKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(wrapFortKey) == KeyNotLoaded) {
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
-
- if (srcFortKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(srcFortKey) == KeyNotLoaded) {
- FMUTEX_Unlock(socket->registersLock);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
-
- MACI_Lock(socket->maciSession, CI_BLOCK_LOCK_FLAG);
- rv = WrapKey (wrapFortKey, srcFortKey, pWrappedKey, *pulWrappedKeyLen);
- MACI_Unlock(socket->maciSession);
- FMUTEX_Unlock(socket->registersLock);
-
- if (rv != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_UnwrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *wrapKey;
- PK11Object *newKey;
- FortezzaKey *fortKey;
- FortezzaKey *unwrapFort;
- CK_ULONG key_length;
- int i, newKeyRegister;
- CK_RV crv = CKR_OK;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pMechanism->mechanism != CKM_SKIPJACK_WRAP){
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- if (!socket->isLoggedIn) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- wrapKey = fort11_ObjectFromHandle(hUnwrappingKey, session);
- if (wrapKey == NULL || wrapKey->objectInfo == NULL) {
- if (wrapKey)
- fort11_FreeObject(wrapKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_UNWRAPPING_KEY_HANDLE_INVALID);
- }
-
- fortKey = (FortezzaKey*)wrapKey->objectInfo;
- fort11_FreeObject(wrapKey);
-
- newKey = fort11_NewObject(slot);
- if (newKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- for (i=0; i< (int)ulAttributeCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG*)pTemplate[i].pValue;
- continue;
- }
- crv=fort11_AddAttributeType(newKey,fort11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) {
- break;
- }
- }
-
- if (crv != CKR_OK) {
- fort11_FreeSession(session);
- fort11_FreeObject(newKey);
- FORT11_RETURN (crv);
- }
-
- /* make sure we don't have any class, key_type, or value fields */
- if (!fort11_hasAttribute(newKey,CKA_CLASS)) {
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_TEMPLATE_INCOMPLETE);
- }
- if (!fort11_hasAttribute(newKey,CKA_KEY_TYPE)) {
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_TEMPLATE_INCOMPLETE);
- }
-
- FMUTEX_Lock(socket->registersLock);
- newKeyRegister = UnwrapKey (pWrappedKey, fortKey);
- if (newKeyRegister == KeyNotLoaded) {
- /*Couldn't Unwrap the key*/
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FMUTEX_Unlock(socket->registersLock);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- unwrapFort = NewUnwrappedKey(newKeyRegister, fortKey->id, socket);
- FMUTEX_Unlock(socket->registersLock);
-
- if (unwrapFort == NULL) {
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
- newKey->objectInfo = unwrapFort;
- newKey->infoFree = fort11_FreeFortezzaKey;
-
- FMUTEX_Lock(slot->objectLock);
- newKey->handle = slot->tokenIDCount++;
- newKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- newKey->objclass = CKO_SECRET_KEY;
- newKey->slot = slot;
- newKey->inDB = PR_TRUE;
-
- fort11_AddObject (session, newKey);
- fort11_FreeSession(session);
-
- SetFortezzaKeyHandle(unwrapFort, newKey->handle);
- *phKey = newKey->handle;
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_DeriveKey( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *key, *sourceKey;
- CK_ULONG i;
- CK_ULONG key_length = 0;
- CK_RV crv = 0;
- CK_KEY_TYPE keyType = CKK_SKIPJACK;
- CK_OBJECT_CLASS classType = CKO_SECRET_KEY;
- CK_BBOOL ckTrue = TRUE;
- CK_BBOOL ckFalse = FALSE;
- int ciRV;
- int personality;
- PK11Attribute *att;
-
- CK_KEA_DERIVE_PARAMS_PTR params;
- FortezzaKey *derivedKey;
- CreateTEKInfo tekInfo;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pMechanism->mechanism != CKM_KEA_KEY_DERIVE) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- key = fort11_NewObject (slot);
-
- if (key == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- for (i = 0; i < ulAttributeCount; i++) {
- crv = fort11_AddAttributeType (key, fort11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) {
- break;
- }
- if (pTemplate[i].type == CKA_KEY_TYPE) {
- keyType = *(CK_KEY_TYPE*)pTemplate[i].pValue;
- } else if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG*)pTemplate[i].pValue;
- }
- }
-
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
-
- if (key_length == 0) {
- key_length = 12;
- }
-
- classType = CKO_SECRET_KEY;
- crv = fort11_forceAttribute (key, CKA_CLASS, &classType,
- sizeof(classType));
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
- crv = fort11_forceAttribute (key, CKA_SENSITIVE, &ckTrue,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
- crv = fort11_forceAttribute (key, CKA_EXTRACTABLE, &ckFalse,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) {
- fort11_FreeSession(session);
- fort11_FreeObject(key);
- FORT11_RETURN (crv);
- }
-
- sourceKey = fort11_ObjectFromHandle (hBaseKey, session);
-
- if (sourceKey == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- att = fort11_FindAttribute(sourceKey,CKA_ID);
- fort11_FreeObject(sourceKey);
- if (att == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_TYPE_INCONSISTENT);
- }
- personality = *(int *) att->attrib.pValue;
- fort11_FreeAttribute(att);
-
- params = (CK_KEA_DERIVE_PARAMS_PTR)pMechanism->pParameter;
-
- if (params == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_PARAM_INVALID);
- }
-
- ciRV = MACI_SetPersonality(socket->maciSession,personality);
- if (ciRV != CI_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- /*
- * If we're sending, generate our own RA.
- */
- if (params->isSender) {
- ciRV = MACI_GenerateRa(socket->maciSession,params->pRandomA);
- if (ciRV != CI_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
- PORT_Memcpy (tekInfo.Ra, params->pRandomA, params->ulRandomLen);
- PORT_Memcpy (tekInfo.Rb, params->pRandomB, params->ulRandomLen);
- tekInfo.randomLen = params->ulRandomLen;
- tekInfo.personality = personality;
- tekInfo.flag = (params->isSender) ? CI_INITIATOR_FLAG : CI_RECIPIENT_FLAG;
-
- PORT_Memcpy (tekInfo.pY, params->pPublicData, params->ulPublicDataLen);
- tekInfo.YSize = params->ulPublicDataLen;
-
- FMUTEX_Lock(socket->registersLock);
- derivedKey = NewFortezzaKey(socket, TEK, &tekInfo,
- GetBestKeyRegister(socket));
- FMUTEX_Unlock(socket->registersLock);
-
- if (derivedKey == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- key->objectInfo = derivedKey;
- key->infoFree = fort11_FreeFortezzaKey;
-
- FMUTEX_Lock(slot->objectLock);
- key->handle = slot->tokenIDCount++;
- key->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- key->objclass = classType;
- key->slot = slot;
- key->inDB = PR_TRUE;
-
- fort11_AddObject (session, key);
- fort11_FreeSession(session);
-
- SetFortezzaKeyHandle(derivedKey, key->handle);
- *phKey = key->handle;
-
- FORT11_RETURN (CKR_OK);
-}
-
-/*
- **************************** Random Functions: ************************
- */
-
-/* C_SeedRandom mixes additional seed material into the token's random number
- * generator. */
-PR_PUBLIC_API(CK_RV) C_SeedRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_GenerateRandom generates random data. */
-PR_PUBLIC_API(CK_RV) C_GenerateRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
- CI_RANDOM randomNum;
- CK_ULONG randomSize = sizeof (CI_RANDOM);
- int ciRV;
- CK_ULONG bytesCopied = 0, bytesToCopy;
- CK_ULONG bufferSize = 0, bytesRemaining;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- fort11_FreeSession(session);
- ciRV = MACI_Select(fortezzaSockets[slot->slotID-1].maciSession,
- slot->slotID);
- if (ciRV != CI_OK) {
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- while (bytesCopied < ulRandomLen) {
- bytesRemaining = ulRandomLen - bytesCopied;
- if (bufferSize < bytesRemaining) {
- ciRV =
- MACI_GenerateRandom(fortezzaSockets[slot->slotID-1].maciSession,
- randomNum);
- if (ciRV != CI_OK)
- FORT11_RETURN (CKR_DEVICE_ERROR);
- bufferSize = randomSize;
- }
- bytesToCopy = (bytesRemaining > randomSize) ? randomSize :
- bytesRemaining;
-
- PORT_Memcpy (&pRandomData[bytesCopied],
- &randomNum[randomSize-bufferSize], bytesToCopy);
-
- bytesCopied += bytesToCopy;
- bufferSize -= bytesToCopy;
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
-PR_PUBLIC_API(CK_RV) C_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_CancelFunction cancels a function running in parallel */
-PR_PUBLIC_API(CK_RV) C_CancelFunction(CK_SESSION_HANDLE hSession) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_GetOperationState saves the state of the cryptographic
- *operation in a session. */
-PR_PUBLIC_API(CK_RV) C_GetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pOperationState == NULL) {
- *pulOperationStateLen = sizeof (FortezzaContext);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- if (*pulOperationStateLen < sizeof (FortezzaContext)) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
-
- context = &session->fortezzaContext;
- fort11_FreeSession(session);
- PORT_Memcpy (pOperationState, context, sizeof(FortezzaContext));
- ((FortezzaContext *)pOperationState)->session = NULL;
- ((FortezzaContext *)pOperationState)->fortezzaKey = NULL;
- *pulOperationStateLen = sizeof(FortezzaContext);
- FORT11_RETURN (CKR_OK);
-}
-
-
-
-/* C_SetOperationState restores the state of the cryptographic operation in a session. */
-PR_PUBLIC_API(CK_RV) C_SetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey){
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
- FortezzaContext passedInCxt;
- PK11Object *keyObject;
- FortezzaKey *fortKey;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (ulOperationStateLen != sizeof(FortezzaContext)) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SAVED_STATE_INVALID);
- }
-
- PORT_Memcpy(&passedInCxt, pOperationState, sizeof(FortezzaContext));
- if (passedInCxt.fortezzaSocket->slotID != slot->slotID) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SAVED_STATE_INVALID);
- }
- passedInCxt.session = NULL;
- passedInCxt.fortezzaKey = NULL;
-
- if (hEncryptionKey != 0) {
- keyObject = fort11_ObjectFromHandle(hEncryptionKey, session);
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
- fortKey = (FortezzaKey*)keyObject->objectInfo;
- fort11_FreeObject(keyObject);
- if (fortKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SAVED_STATE_INVALID);
- }
- if (fortKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister (fortKey) == KeyNotLoaded) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
- passedInCxt.fortezzaKey = fortKey;
-
- }
- if (hAuthenticationKey != 0) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- passedInCxt.session = session;
- context = &session->fortezzaContext;
- fort11_FreeSession (session);
- PORT_Memcpy (context, &passedInCxt, sizeof(passedInCxt));
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting and
- encryption operation. */
-PR_PUBLIC_API(CK_RV) C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and digesting
- operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and encryption
- operation. */
-PR_PUBLIC_API(CK_RV) C_SignEncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and verify
- operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-PR_PUBLIC_API(CK_RV) C_DigestKey(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-PR_PUBLIC_API(CK_RV) C_WaitForSlotEvent(CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved) {
- return CKR_FUNCTION_FAILED;
-}
-
diff --git a/security/nss/lib/fortcrypt/fortsock.h b/security/nss/lib/fortcrypt/fortsock.h
deleted file mode 100644
index f74fc80b8..000000000
--- a/security/nss/lib/fortcrypt/fortsock.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef FORSOCK_H_
-#define FORSOCK_H_
-
-#include "seccomon.h"
-#include "fpkcs11.h"
-#include "fpkcs11i.h"
-#include "fpkstrs.h"
-
-
-#ifndef prtypes_h___
-typedef enum { PR_FALSE, PR_TRUE }PRBool;
-#endif
-
-
-#define SOCKET_SUCCESS 0
-#define SOCKET_FAILURE 1
-
-#define KeyNotLoaded -1
-#define NoCryptoType -1
-#define NoCryptoMode -1
-#define NO_MECHANISM 0xFFFFFFFFL
-
-
-/*Get the Fortezza context in here*/
-
-int InitSocket (FortezzaSocket *inSocket, int inSlotID);
-int FreeSocket (FortezzaSocket *inSocket);
-
-int FetchPersonalityList (FortezzaSocket *inSocket);
-int UnloadPersonalityList(FortezzaSocket *inSocket);
-
-int LoginToSocket (FortezzaSocket *inSocket, int inUserType, CI_PIN inPin);
-
-int LogoutFromSocket (FortezzaSocket *inSocket);
-
-PRBool SocketStateUnchanged(FortezzaSocket* inSocket);
-
-int GetBestKeyRegister(FortezzaSocket *inSocket);
-
-FortezzaKey *NewFortezzaKey(FortezzaSocket *inSocket,
- FortezzaKeyType inKeyType,
- CreateTEKInfo *TEKinfo,
- int inKeyRegister);
-FortezzaKey *NewUnwrappedKey(int inKeyRegister, int i,
- FortezzaSocket *inSocket);
-
-int LoadKeyIntoRegister (FortezzaKey *inKey);
-int SetFortezzaKeyHandle (FortezzaKey *inKey, CK_OBJECT_HANDLE inHandle);
-void RemoveKey (FortezzaKey *inKey);
-
-void InitContext(FortezzaContext *inContext, FortezzaSocket *inSocket,
- CK_OBJECT_HANDLE hKey);
-int InitCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation);
-int EndCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation);
-CryptoType GetCryptoOperation (FortezzaContext *inContext);
-int EncryptData (FortezzaContext *inContext, CK_BYTE_PTR inData,
- CK_ULONG inDataLen, CK_BYTE_PTR inDest,
- CK_ULONG inDestLen);
-int DecryptData (FortezzaContext *inContext, CK_BYTE_PTR inData,
- CK_ULONG inDataLen, CK_BYTE_PTR inDest,
- CK_ULONG inDestLen);
-
-int SaveState (FortezzaContext *inContext, CI_IV inIV,
- PK11Session *inSession, FortezzaKey *inKey,
- int inCryptoType, CK_MECHANISM_TYPE inMechanism);
-
-int WrapKey (FortezzaKey *wrappingKey, FortezzaKey *srcKey,
- CK_BYTE_PTR pDest, CK_ULONG ulDestLen);
-int UnwrapKey (CK_BYTE_PTR inWrappedKey, FortezzaKey *inKey);
-
-#endif /*SOCKET_H_*/
diff --git a/security/nss/lib/fortcrypt/fpkcs11.h b/security/nss/lib/fortcrypt/fpkcs11.h
deleted file mode 100644
index 09f3dfe29..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* Define API */
-#ifndef _FPKCS11_H_
-#define _FPKCS11_H_ 1
-
-#include "seccomon.h"
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-
-#ifndef TRUE
-#define TRUE (!FALSE)
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* All the various pkcs11 types and #define'd values are in the file */
-/* pkcs11t.h. CK_PTR should be defined there, too; it's the recipe for */
-/* making pointers. */
-#include "fpkcs11t.h"
-
-#define __PASTE(x,y) x##y
-
-/* ================================================================= */
-/* Define the "extern" form of all the entry points */
-
-#define CK_EXTERN extern
-#define CK_FUNC(name) CK_ENTRY name
-#define CK_NEED_ARG_LIST 1
-#define _CK_RV PR_PUBLIC_API(CK_RV)
-
-/* pkcs11f.h has all the information about the PKCS #11 functions. */
-#include "fpkcs11f.h"
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-/* ================================================================= */
-/* Define the typedef form of all the entry points. */
-/* That is, for each Cryptoki function C_XXX, define a type CK_C_XXX */
-/* which is a pointer to that kind of function. */
-
-#define CK_EXTERN typedef
-#define CK_FUNC(name) CK_ENTRY (CK_PTR __PASTE(CK_,name))
-#define CK_NEED_ARG_LIST 1
-#define _CK_RV CK_RV
-
-#include "fpkcs11f.h"
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-/* =================================================================
- * Define structed vector of entry points.
- * The CK_FUNCTION_LIST contains a CK_VERSION indicating the PKCS #11
- * version, and then a whole slew of function pointers to the routines
- * in the library. This type was declared, but not defined, in
- * pkcs11t.h. */
-
-
-/* These data types are platform/implementation dependent. */
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win32 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, cryptoki, 1)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, 1)
-#else /* not Watcom 16-bit */
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(1)
-#endif
-#endif
-#else /* not windows */
-#define CK_ENTRY
-#define CK_PTR * /* definition for UNIX */
-#define NULL_PTR 0 /* NULL pointer */
-#endif
-
-
-#define CK_EXTERN
-#define CK_FUNC(name) __PASTE(CK_,name) name;
-#define _CK_RV
-
-struct CK_FUNCTION_LIST {
-
- CK_VERSION version; /* PKCS #11 version */
-
-/* Pile all the function pointers into it. */
-#include "fpkcs11f.h"
-
-};
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef _CK_RV
-
-
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#pragma pack(pop, cryptoki)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#pragma pack(pop)
-#else /* not Watcom 16-bit */
-#pragma pack()
-#endif
-#endif
-#endif
-
-
-#undef __PASTE
-/* ================================================================= */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkcs11f.h b/security/nss/lib/fortcrypt/fpkcs11f.h
deleted file mode 100644
index 6fa7e755d..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11f.h
+++ /dev/null
@@ -1,953 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all */
-/* the PKCS #11 function prototypes. */
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_EXTERN _CK_RV CK_FUNC(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the PKCS #11
- * library. */
-CK_EXTERN _CK_RV CK_FUNC(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_INFO_PTR pInfo /* location that receives the information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives ptr to function
-list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_BBOOL tokenPresent, /* only slots with token present */
- CK_SLOT_ID_PTR pSlotList, /* receives the array of slot IDs */
- CK_ULONG_PTR pulCount /* receives the number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in the
-system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the ID of the slot */
- CK_SLOT_INFO_PTR pInfo /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token in the
- * system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_TOKEN_INFO_PTR pInfo /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types supported by
- * a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE_PTR pMechanismList, /* receives mech. types array
-*/
- CK_ULONG_PTR pulCount /* receives number of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE type, /* type of mechanism */
- CK_MECHANISM_INFO_PTR pInfo /* receives mechanism information */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_CHAR_PTR pPin, /* the SO's initial PIN */
- CK_ULONG ulPinLen, /* length in bytes of the PIN */
- CK_CHAR_PTR pLabel /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_EXTERN _CK_RV CK_FUNC(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pPin, /* the normal user's PIN */
- CK_ULONG ulPinLen /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of user that is currently logged in. */
-CK_EXTERN _CK_RV CK_FUNC(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pOldPin, /* the old PIN */
- CK_ULONG ulOldLen, /* length of the old PIN */
- CK_CHAR_PTR pNewPin, /* the new PIN */
- CK_ULONG ulNewLen /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the slot's ID */
- CK_FLAGS flags, /* defined in CK_SESSION_INFO */
- CK_VOID_PTR pApplication, /* pointer passed to callback */
- CK_NOTIFY Notify, /* notification callback function
-*/
- CK_SESSION_HANDLE_PTR phSession /* receives new session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a token.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_SESSION_INFO_PTR pInfo /* receives session information */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pOperationState, /* location receiving state */
- CK_ULONG_PTR pulOperationStateLen /* location receiving state
-length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic operation
- * in a session. */
-CK_EXTERN _CK_RV CK_FUNC(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pOperationState, /* the location holding the
-state */
- CK_ULONG ulOperationStateLen, /* location holding state
-length */
- CK_OBJECT_HANDLE hEncryptionKey, /* handle of en/decryption key
-*/
- CK_OBJECT_HANDLE hAuthenticationKey /* handle of sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_USER_TYPE userType, /* the user type */
- CK_CHAR_PTR pPin, /* the user's PIN */
- CK_ULONG ulPinLen /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_EXTERN _CK_RV CK_FUNC(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phObject /* receives new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the copy. */
-CK_EXTERN _CK_RV CK_FUNC(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_EXTERN _CK_RV CK_FUNC(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ULONG_PTR pulSize /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
-attributes. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes, gets values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
-attributes */
-CK_EXTERN _CK_RV CK_FUNC(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes and values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
- CK_ULONG ulCount /* attributes in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE_PTR phObject, /* receives object handle array
-*/
- CK_ULONG ulMaxObjectCount, /* max handles to be returned
-*/
- CK_ULONG_PTR pulObjectCount /* actual number returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session objects.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_EXTERN _CK_RV CK_FUNC(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the plaintext data */
- CK_ULONG ulDataLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedData, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedDataLen /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte count
-*/
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastEncryptedPart, /* receives encrypted last
-part */
- CK_ULONG_PTR pulLastEncryptedPartLen /* receives byte count */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_EXTERN _CK_RV CK_FUNC(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedData, /* input encrypted data */
- CK_ULONG ulEncryptedDataLen, /* count of bytes of input */
- CK_BYTE_PTR pData, /* receives decrypted output */
- CK_ULONG_PTR pulDataLen /* receives decrypted byte count
-*/
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
- CK_ULONG ulEncryptedPartLen, /* count of bytes of input */
- CK_BYTE_PTR pPart, /* receives decrypted output */
- CK_ULONG_PTR pulPartLen /* receives decrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastPart, /* receives decrypted output */
- CK_ULONG_PTR pulLastPartLen /* receives decrypted byte count */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_EXTERN _CK_RV CK_FUNC(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* data to be digested */
- CK_ULONG ulDataLen, /* bytes of data to be digested */
- CK_BYTE_PTR pDigest, /* receives the message digest */
- CK_ULONG_PTR pulDigestLen /* receives byte length of digest */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting operation.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* data to be digested */
- CK_ULONG ulPartLen /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting operation, by
- * digesting the value of a secret key as part of the data already
-digested.
- */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hKey /* handle of secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting operation.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pDigest, /* receives the message digest */
- CK_ULONG_PTR pulDigestLen /* receives byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
-operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data (digest) to be signed
-*/
- CK_ULONG ulDataLen, /* count of bytes to be signed */
- CK_BYTE_PTR pSignature, /* receives the signature */
- CK_ULONG_PTR pulSignatureLen /* receives byte count of signature
-*/
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the data (digest) to be signed */
- CK_ULONG ulPartLen /* count of bytes to be signed */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
-CK_EXTERN _CK_RV CK_FUNC(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* receives the signature */
- CK_ULONG_PTR pulSignatureLen /* receives byte count of signature
-*/
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_EXTERN _CK_RV CK_FUNC(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_EXTERN _CK_RV CK_FUNC(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data (digest) to be signed
-*/
- CK_ULONG ulDataLen, /* count of bytes to be signed */
- CK_BYTE_PTR pSignature, /* receives the signature */
- CK_ULONG_PTR pulSignatureLen /* receives byte count of signature
-*/
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the verification key */
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* plaintext data (digest) to
-compare */
- CK_ULONG ulDataLen, /* length of data (digest) in bytes
-*/
- CK_BYTE_PTR pSignature, /* the signature to be verified */
- CK_ULONG ulSignatureLen /* count of bytes of signature */
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* plaintext data (digest) to compare */
- CK_ULONG ulPartLen /* length of data (digest) in bytes */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* the signature to be verified */
- CK_ULONG ulSignatureLen /* count of bytes of signature */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* the signature to be verified */
- CK_ULONG ulSignatureLen, /* count of bytes of signature */
- CK_BYTE_PTR pData, /* receives decrypted data (digest)
-*/
- CK_ULONG_PTR pulDataLen /* receives byte count of data */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting and
-encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
- CK_ULONG ulEncryptedPartLen, /* count of bytes of input */
- CK_BYTE_PTR pPart, /* receives decrypted output */
- CK_ULONG_PTR pulPartLen /* receives decrypted byte
-count */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
- CK_ULONG ulEncryptedPartLen, /* count of byes of input */
- CK_BYTE_PTR pPart, /* receives decrypted output */
- CK_ULONG_PTR pulPartLen /* receives decrypted byte
-count */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key object. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the key generation mechanism */
- CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
- CK_ULONG ulCount, /* number of attributes in template
-*/
- CK_OBJECT_HANDLE_PTR phKey /* receives handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's
-handle */
- CK_MECHANISM_PTR pMechanism, /* the key gen.
-mech. */
- CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* pub. attr.
-template */
- CK_ULONG ulPublicKeyAttributeCount, /* # of pub. attrs.
-*/
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* priv. attr.
-template */
- CK_ULONG ulPrivateKeyAttributeCount, /* # of priv. attrs.
-*/
- CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key
-handle */
- CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key
-handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_EXTERN _CK_RV CK_FUNC(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
- CK_OBJECT_HANDLE hWrappingKey, /* handle of the wrapping key */
- CK_OBJECT_HANDLE hKey, /* handle of the key to be wrapped
-*/
- CK_BYTE_PTR pWrappedKey, /* receives the wrapped key */
- CK_ULONG_PTR pulWrappedKeyLen /* receives byte size of wrapped
-key */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key
-object. */
-CK_EXTERN _CK_RV CK_FUNC(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the unwrapping mechanism */
- CK_OBJECT_HANDLE hUnwrappingKey, /* handle of the unwrapping
-key */
- CK_BYTE_PTR pWrappedKey, /* the wrapped key */
- CK_ULONG ulWrappedKeyLen, /* bytes length of wrapped key
-*/
- CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
- CK_ULONG ulAttributeCount, /* # of attributes in template
-*/
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of recovered
-key */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key object.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the key derivation
-mechanism */
- CK_OBJECT_HANDLE hBaseKey, /* handle of the base key */
- CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
- CK_ULONG ulAttributeCount, /* # of attributes in template
-*/
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of derived key
-*/
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's random
-number
- * generator. */
-CK_EXTERN _CK_RV CK_FUNC(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSeed, /* the seed material */
- CK_ULONG ulSeedLen /* count of bytes of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR RandomData, /* receives the random data */
- CK_ULONG ulRandomLen /* number of bytes to be generated */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction cancels a function running in parallel. */
-CK_EXTERN _CK_RV CK_FUNC(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_EXTERN _CK_RV CK_FUNC(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FLAGS flags, /* blocking/nonblocking flag */
- CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
- CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
-);
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkcs11i.h b/security/nss/lib/fortcrypt/fpkcs11i.h
deleted file mode 100644
index 9359bb8d6..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11i.h
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal data structures used by pkcs11.c
- */
-#ifndef _FPKCS11I_H_
-#define _FPKCS11I_H_ 1
-
-#include "fpkstrs.h"
-#ifdef SWFORT
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-#endif
-#include "genci.h"
-
-typedef struct PK11AttributeStr PK11Attribute;
-typedef struct PK11ObjectListStr PK11ObjectList;
-typedef struct PK11ObjectListElementStr PK11ObjectListElement;
-typedef struct PK11ObjectStr PK11Object;
-typedef struct PK11SessionStr PK11Session;
-typedef struct PK11SlotStr PK11Slot;
-typedef struct PK11SessionContextStr PK11SessionContext;
-typedef struct PK11SearchResultsStr PK11SearchResults;
-
-typedef void (*PK11Destroy)(void *, PRBool);
-typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
- void *, unsigned int);
-typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*PK11Hash)(void *,void *,unsigned int);
-typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
-typedef void (*PK11Free)(void *);
-
-#define HASH_SIZE 32
-#define SESSION_HASH_SIZE 64
-
-/* Value to tell if an attribute is modifiable or not.
- * NEVER: attribute is only set on creation.
- * ONCOPY: attribute is set on creation and can only be changed on copy.
- * SENSITIVE: attribute can only be changed to TRUE.
- * ALWAYS: attribute can always be changed.
- */
-typedef enum {
- PK11_NEVER = 0,
- PK11_ONCOPY = 1,
- PK11_SENSITIVE = 2,
- PK11_ALWAYS = 3
-} PK11ModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
- PK11_DestroyFailure,
- PK11_Destroyed,
- PK11_Busy
-} PK11FreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct PK11AttributeStr {
- PK11Attribute *next;
- PK11Attribute *prev;
- int refCount;
- void *refLock;
- /*must be called handle to make pk11queue_find work */
- CK_ATTRIBUTE_TYPE handle;
- CK_ATTRIBUTE attrib;
-};
-
-struct PK11ObjectListStr {
- PK11ObjectList *next;
- PK11ObjectList *prev;
- PK11Object *parent;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct PK11ObjectStr {
- PK11Object *next;
- PK11Object *prev;
- PK11ObjectList sessionList;
- CK_OBJECT_HANDLE handle;
- int refCount;
- void *refLock;
- void *attributeLock;
- PK11Session *session;
- PK11Slot *slot;
- CK_OBJECT_CLASS objclass;
- void *objectInfo;
- PK11Free infoFree;
- char *label;
- PRBool inDB;
- PK11Attribute *head[HASH_SIZE];
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct PK11ObjectListElementStr {
- PK11ObjectListElement *next;
- PK11Object *object;
-};
-
-/*
- * Area to hold Search results
- */
-struct PK11SearchResultsStr {
- CK_OBJECT_HANDLE *handles;
- int size;
- int index;
-};
-
-
-/*
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
- PK11_ENCRYPT,
- PK11_DECRYPT,
- PK11_HASH,
- PK11_SIGN,
- PK11_SIGN_RECOVER,
- PK11_VERIFY,
- PK11_VERIFY_RECOVER
-} PK11ContextType;
-
-
-struct PK11SessionContextStr {
- PK11ContextType type;
- PRBool multi; /* is multipart */
- void *cipherInfo;
- unsigned int cipherInfoLen;
- CK_MECHANISM_TYPE currentMech;
- PK11Cipher update;
- PK11Hash hashUpdate;
- PK11End end;
- PK11Destroy destroy;
- PK11Verify verify;
- unsigned int maxLen;
-};
-
-/*
- * Sessions (have objects)
- */
-struct PK11SessionStr {
- PK11Session *next;
- PK11Session *prev;
- CK_SESSION_HANDLE handle;
- int refCount;
- void *refLock;
- void *objectLock;
- int objectIDCount;
- CK_SESSION_INFO info;
- CK_NOTIFY notify;
- CK_VOID_PTR appData;
- PK11Slot *slot;
- PK11SearchResults *search;
- PK11SessionContext *context;
- PK11ObjectList *objects[1];
- FortezzaContext fortezzaContext;
-};
-
-/*
- * slots (have sessions and objects)
- */
-struct PK11SlotStr {
- CK_SLOT_ID slotID;
- void *sessionLock;
- void *objectLock;
- SECItem *password;
- PRBool hasTokens;
- PRBool isLoggedIn;
- PRBool ssoLoggedIn;
- PRBool needLogin;
- PRBool DB_loaded;
- int sessionIDCount;
- int sessionCount;
- int rwSessionCount;
- int tokenIDCount;
- PK11Object *tokObjects[HASH_SIZE];
- PK11Session *head[SESSION_HASH_SIZE];
-};
-
-/*
- * session handle modifiers
- */
-#define PK11_PRIVATE_KEY_FLAG 0x80000000L
-
-/*
- * object handle modifiers
- */
-#define PK11_TOKEN_MASK 0x80000000L
-#define PK11_TOKEN_MAGIC 0x80000000L
-#define PK11_TOKEN_TYPE_MASK 0x70000000L
-#define PK11_TOKEN_TYPE_CERT 0x00000000L
-#define PK11_TOKEN_TYPE_PRIV 0x10000000L
-
-/* how big a password/pin we can deal with */
-#define PK11_MAX_PIN 255
-
-/* slot helper macros */
-#define pk11_SlotFromSessionHandle(handle) (((handle) & PK11_PRIVATE_KEY_FLAG)\
- ? &pk11_slot[1] : &pk11_slot[0])
-#define PK11_TOSLOT1(handle) handle &= ~PK11_PRIVATE_KEY_FLAG
-#define PK11_TOSLOT2(handle) handle |= PK11_PRIVATE_KEY_FLAG
-#define pk11_SlotFromSession(sp) ((sp)->slot)
-#define pk11_SlotFromID(id) ((id) == NETSCAPE_SLOT_ID ? \
- &pk11_slot[0] : (((id) == PRIVATE_KEY_SLOT_ID) ? &pk11_slot[1] : NULL))
-#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
-
-/* queueing helper macros */
-#define pk11_hash(value,size) ((value) & (size-1))/*size must be a power of 2*/
-#define pk11queue_add(element,id,head,hash_size) \
- { int tmp = pk11_hash(id,hash_size); \
- (element)->next = (head)[tmp]; \
- (element)->prev = NULL; \
- if ((head)[tmp]) (head)[tmp]->prev = (element); \
- (head)[tmp] = (element); }
-#define pk11queue_find(element,id,head,hash_size) \
- for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
- (element) = (element)->next) { \
- if ((element)->handle == (id)) { break; } }
-#define pk11queue_delete(element,id,head,hash_size) \
- if ((element)->next) (element)->next->prev = (element)->prev; \
- if ((element)->prev) (element)->prev->next = (element)->next; \
- else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
- (element)->next = NULL; \
- (element)->prev = NULL; \
-
-/* expand an attribute & secitem structures out */
-#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define pk11_item_expand(ip) (ip)->data,(ip)->len
-
-#endif
-
diff --git a/security/nss/lib/fortcrypt/fpkcs11t.h b/security/nss/lib/fortcrypt/fpkcs11t.h
deleted file mode 100644
index f3c6b0470..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11t.h
+++ /dev/null
@@ -1,1098 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-/* an unsigned 8-bit value */
-typedef unsigned char CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-/* CK_LONG is new for v2.0 */
-typedef long int CK_LONG;
-
-/* at least 32 bits, each bit is a Boolean flag */
-typedef CK_ULONG CK_FLAGS;
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE 0
-
-/* these data types are platform/implementation dependent. */
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win32 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, cryptoki, 1)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, 1)
-#else /* not Watcom 16-bit */
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(1)
-#endif
-#endif
-#else /* not windows */
-#define CK_ENTRY
-#define CK_PTR * /* definition for UNIX */
-#define NULL_PTR 0 /* NULL pointer */
-#endif
-
-
-typedef CK_BYTE CK_PTR CK_BYTE_PTR; /* Pointer to a CK_BYTE */
-typedef CK_CHAR CK_PTR CK_CHAR_PTR; /* Pointer to a CK_CHAR */
-typedef CK_ULONG CK_PTR CK_ULONG_PTR; /* Pointer to a CK_ULONG */
-typedef void CK_PTR CK_VOID_PTR; /* Pointer to a void */
-typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; /* Pointer to a CK_VOID_PTR */
-
-/* The following value is always invalid if used as a session */
-/* handle or object handle */
-#define CK_INVALID_HANDLE 0
-
-typedef struct CK_VERSION {
- CK_BYTE major; /* integer portion of the version number */
- CK_BYTE minor; /* hundredths portion of the version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR; /* points to a CK_VERSION */
-
-
-typedef struct CK_INFO {
- CK_VERSION cryptokiVersion; /* PKCS #11 interface version number */
- CK_CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags; /* must be zero */
-
- /* libraryDescription and libraryVersion are new for v2.0 */
- CK_CHAR libraryDescription[32]; /* blank padded */
- CK_VERSION libraryVersion; /* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR CK_INFO_PTR; /* points to a CK_INFO structure */
-
-
-/* CK_NOTIFICATION enumerates the types of notifications
- * that PKCS #11 provides to an application. */
-/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER 0
-
-
-typedef CK_ULONG CK_SLOT_ID;
-
-/* CK_SLOT_ID_PTR points to a CK_SLOT_ID. */
-typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot. */
-typedef struct CK_SLOT_INFO {
- CK_CHAR slotDescription[64]; /* blank padded */
- CK_CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags;
-
- /* hardwareVersion and firmwareVersion are new for v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags: bits flags that provide capabilities of the slot.
- * Bit Flag Mask Meaning
- */
-#define CKF_TOKEN_PRESENT 0x00000001 /* a token is present in the slot */
-#define CKF_REMOVABLE_DEVICE 0x00000002 /* reader supports removable devices*/
-#define CKF_HW_SLOT 0x00000004 /* a hardware slot, not a "soft token"*/
-
-/* CK_SLOT_INFO_PTR points to a CK_SLOT_INFO. */
-typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token. */
-typedef struct CK_TOKEN_INFO {
- CK_CHAR label[32]; /* blank padded */
- CK_CHAR manufacturerID[32]; /* blank padded */
- CK_CHAR model[16]; /* blank padded */
- CK_CHAR serialNumber[16]; /* blank padded */
- CK_FLAGS flags; /* see below */
-
- /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
- * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
- * changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulMaxSessionCount; /* max open sessions */
- CK_ULONG ulSessionCount; /* sessions currently open */
- CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
- CK_ULONG ulRwSessionCount; /* R/W sessions currently open */
- CK_ULONG ulMaxPinLen; /* in bytes */
- CK_ULONG ulMinPinLen; /* in bytes */
- CK_ULONG ulTotalPublicMemory; /* in bytes */
- CK_ULONG ulFreePublicMemory; /* in bytes */
- CK_ULONG ulTotalPrivateMemory; /* in bytes */
- CK_ULONG ulFreePrivateMemory; /* in bytes */
-
- /* hardwareVersion, firmwareVersion, and time are new for v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
- CK_CHAR utcTime[16]; /* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- * Table 7-2, Token Information Flags
- * Bit Flag Mask Meaning
- */
-#define CKF_RNG 0x00000001 /* has random number generator */
-#define CKF_WRITE_PROTECTED 0x00000002 /* token is write-protected */
-#define CKF_LOGIN_REQUIRED 0x00000004 /* a user must be logged in */
-#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's PIN is initialized */
-
-
-/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, then that means */
-/* that *every* time the state of cryptographic operations of a session is */
-/* successfully saved, all keys needed to continue those operations are */
-/* stored in the state. */
-#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 /* key always saved in saved sessions */
-
-/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, then that means that */
-/* the token has some sort of clock. The time on that clock is returned in */
-/* the token info structure. */
-#define CKF_CLOCK_ON_TOKEN 0x00000040 /* token has a clock */
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is true, that means */
-/* that there is some way for the user to login without sending a PIN through */
-/* the PKCS #11 library itself. */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 /* token has protected path */
-/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, that
- * means that a single session with the token can perform dual
- * simultaneous cryptographic operations (digest and encrypt;
- * decrypt and digest; sign and encrypt; and decrypt and sign) */
-#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 /* dual crypto operations */
-
-/* CK_TOKEN_INFO_PTR points to a CK_TOKEN_INFO. */
-typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a PKCS #11-assigned value that identifies a session. */
-typedef CK_ULONG CK_SESSION_HANDLE;
-
-/* CK_SESSION_HANDLE_PTR points to a CK_SESSION_HANDLE. */
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
-
-
-/* CK_USER_TYPE enumerates the types of PKCS #11 users */
-/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO 0
-/* Normal user */
-#define CKU_USER 1
-
-
-/* CK_STATE enumerates the session states */
-/* CK_STATE has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_STATE;
-#define CKS_RO_PUBLIC_SESSION 0
-#define CKS_RO_USER_FUNCTIONS 1
-#define CKS_RW_PUBLIC_SESSION 2
-#define CKS_RW_SO_FUNCTIONS 3
-#define CKS_RW_USER_FUNCTIONS 4
-
-
-/* CK_SESSION_INFO provides information about a session. */
-typedef struct CK_SESSION_INFO {
- CK_SLOT_ID slotID;
- CK_STATE state;
- CK_FLAGS flags; /* see below */
-
- /* ulDeviceError was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulDeviceError; /* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table. */
-/* Table 7-3, Session Information Flags */
-/* Bit Flag Mask Meaning
- */
-#define CKF_RW_SESSION 0x00000002 /* session is read/write; not R/O */
-#define CKF_SERIAL_SESSION 0x00000004 /* session doesn't support parallel */
-
-/* CK_SESSION_INFO_PTR points to a CK_SESSION_INFO. */
-typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an object. */
-typedef CK_ULONG CK_OBJECT_HANDLE;
-
-/* CK_OBJECT_HANDLE_PTR points to a CK_OBJECT_HANDLE. */
-typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or types)
- * of objects that PKCS #11 recognizes. It is defined as follows: */
-/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-#define CKO_DATA 0x00000000
-#define CKO_CERTIFICATE 0x00000001
-#define CKO_PUBLIC_KEY 0x00000002
-#define CKO_PRIVATE_KEY 0x00000003
-#define CKO_SECRET_KEY 0x00000004
-#define CKO_VENDOR_DEFINED 0x80000000L
-
-/* CK_OBJECT_CLASS_PTR points to a CK_OBJECT_CLASS structure. */
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-
-/* CK_KEY_TYPE is a value that identifies a key type. */
-/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA 0x00000000
-#define CKK_DSA 0x00000001
-#define CKK_DH 0x00000002
-
-/* CKK_ECDSA, and CKK_KEA are new for v2.0 */
-#define CKK_ECDSA 0x00000003
-#define CKK_KEA 0x00000005
-
-#define CKK_GENERIC_SECRET 0x00000010
-#define CKK_RC2 0x00000011
-#define CKK_RC4 0x00000012
-#define CKK_DES 0x00000013
-#define CKK_DES2 0x00000014
-#define CKK_DES3 0x00000015
-
-/* all these key types are new for v2.0 */
-#define CKK_CAST 0x00000016
-#define CKK_CAST3 0x00000017
-#define CKK_CAST5 0x00000018
-#define CKK_RC5 0x00000019
-#define CKK_IDEA 0x0000001A
-#define CKK_SKIPJACK 0x0000001B
-#define CKK_BATON 0x0000001C
-#define CKK_JUNIPER 0x0000001D
-#define CKK_CDMF 0x0000001E
-
-#define CKK_VENDOR_DEFINED 0x80000000L
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate type. */
-/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_CERTIFICATE_TYPE;
-
-/* The following certificate types are defined: */
-#define CKC_X_509 0x00000000
-#define CKC_VENDOR_DEFINED 0x80000000L
-
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute type. */
-/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_ATTRIBUTE_TYPE;
-
-/* The following attribute types are defined: */
-#define CKA_CLASS 0x00000000
-#define CKA_TOKEN 0x00000001
-#define CKA_PRIVATE 0x00000002
-#define CKA_LABEL 0x00000003
-#define CKA_APPLICATION 0x00000010
-#define CKA_VALUE 0x00000011
-#define CKA_CERTIFICATE_TYPE 0x00000080
-#define CKA_ISSUER 0x00000081
-#define CKA_SERIAL_NUMBER 0x00000082
-#define CKA_KEY_TYPE 0x00000100
-#define CKA_SUBJECT 0x00000101
-#define CKA_ID 0x00000102
-#define CKA_SENSITIVE 0x00000103
-#define CKA_ENCRYPT 0x00000104
-#define CKA_DECRYPT 0x00000105
-#define CKA_WRAP 0x00000106
-#define CKA_UNWRAP 0x00000107
-#define CKA_SIGN 0x00000108
-#define CKA_SIGN_RECOVER 0x00000109
-#define CKA_VERIFY 0x0000010A
-#define CKA_VERIFY_RECOVER 0x0000010B
-#define CKA_DERIVE 0x0000010C
-#define CKA_START_DATE 0x00000110
-#define CKA_END_DATE 0x00000111
-#define CKA_MODULUS 0x00000120
-#define CKA_MODULUS_BITS 0x00000121
-#define CKA_PUBLIC_EXPONENT 0x00000122
-#define CKA_PRIVATE_EXPONENT 0x00000123
-#define CKA_PRIME_1 0x00000124
-#define CKA_PRIME_2 0x00000125
-#define CKA_EXPONENT_1 0x00000126
-#define CKA_EXPONENT_2 0x00000127
-#define CKA_COEFFICIENT 0x00000128
-#define CKA_PRIME 0x00000130
-#define CKA_SUBPRIME 0x00000131
-#define CKA_BASE 0x00000132
-#define CKA_VALUE_BITS 0x00000160
-#define CKA_VALUE_LEN 0x00000161
-
-/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, CKA_ALWAYS_SENSITIVE, */
-/* and CKA_MODIFIABLE are new for v2.0 */
-#define CKA_EXTRACTABLE 0x00000162
-#define CKA_LOCAL 0x00000163
-#define CKA_NEVER_EXTRACTABLE 0x00000164
-#define CKA_ALWAYS_SENSITIVE 0x00000165
-#define CKA_MODIFIABLE 0x00000170
-
-#define CKA_VENDOR_DEFINED 0x80000000L
-
-/* CK_ATTRIBUTE is a structure that includes the type, length and value
- * of an attribute. */
-typedef struct CK_ATTRIBUTE {
- CK_ATTRIBUTE_TYPE type;
- CK_VOID_PTR pValue;
-
- /* ulValueLen was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulValueLen; /* in bytes */
-} CK_ATTRIBUTE;
-
-/* CK_ATTRIBUTE_PTR points to a CK_ATTRIBUTE. */
-typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
-
-
-/* CK_DATE is a structure that defines a date. */
-typedef struct CK_DATE{
- CK_CHAR year[4]; /* the year ("1900" - "9999") */
- CK_CHAR month[2]; /* the month ("01" - "12") */
- CK_CHAR day[2]; /* the day ("01" - "31") */
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism type. */
-/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
-#define CKM_RSA_PKCS 0x00000001
-#define CKM_RSA_9796 0x00000002
-#define CKM_RSA_X_509 0x00000003
-
-/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS are */
-/* new for v2.0. They are mechanisms which hash and sign */
-#define CKM_MD2_RSA_PKCS 0x00000004
-#define CKM_MD5_RSA_PKCS 0x00000005
-#define CKM_SHA1_RSA_PKCS 0x00000006
-
-#define CKM_DSA_KEY_PAIR_GEN 0x00000010
-#define CKM_DSA 0x00000011
-#define CKM_DSA_SHA1 0x00000012
-#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
-#define CKM_DH_PKCS_DERIVE 0x00000021
-#define CKM_RC2_KEY_GEN 0x00000100
-#define CKM_RC2_ECB 0x00000101
-#define CKM_RC2_CBC 0x00000102
-#define CKM_RC2_MAC 0x00000103
-
-/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new to v2.0 */
-#define CKM_RC2_MAC_GENERAL 0x00000104
-#define CKM_RC2_CBC_PAD 0x00000105
-
-#define CKM_RC4_KEY_GEN 0x00000110
-#define CKM_RC4 0x00000111
-#define CKM_DES_KEY_GEN 0x00000120
-#define CKM_DES_ECB 0x00000121
-#define CKM_DES_CBC 0x00000122
-#define CKM_DES_MAC 0x00000123
-
-/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new to v2.0 */
-#define CKM_DES_MAC_GENERAL 0x00000124
-#define CKM_DES_CBC_PAD 0x00000125
-
-#define CKM_DES2_KEY_GEN 0x00000130
-#define CKM_DES3_KEY_GEN 0x00000131
-#define CKM_DES3_ECB 0x00000132
-#define CKM_DES3_CBC 0x00000133
-#define CKM_DES3_MAC 0x00000134
-
-/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, */
-/* CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, CKM_CDMF_MAC_GENERAL, */
-/* and CKM_CDMF_CBC_PAD are new to v2.0 */
-#define CKM_DES3_MAC_GENERAL 0x00000135
-#define CKM_DES3_CBC_PAD 0x00000136
-#define CKM_CDMF_KEY_GEN 0x00000140
-#define CKM_CDMF_ECB 0x00000141
-#define CKM_CDMF_CBC 0x00000142
-#define CKM_CDMF_MAC 0x00000143
-#define CKM_CDMF_MAC_GENERAL 0x00000144
-#define CKM_CDMF_CBC_PAD 0x00000145
-
-#define CKM_MD2 0x00000200
-
-/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new to v2.0 */
-#define CKM_MD2_HMAC 0x00000201
-#define CKM_MD2_HMAC_GENERAL 0x00000202
-
-#define CKM_MD5 0x00000210
-
-/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new to v2.0 */
-#define CKM_MD5_HMAC 0x00000211
-#define CKM_MD5_HMAC_GENERAL 0x00000212
-
-#define CKM_SHA_1 0x00000220
-
-/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new to v2.0 */
-#define CKM_SHA_1_HMAC 0x00000221
-#define CKM_SHA_1_HMAC_GENERAL 0x00000222
-
-/* All the following mechanisms are new to v2.0 */
-#define CKM_CAST_KEY_GEN 0x00000300
-#define CKM_CAST_ECB 0x00000301
-#define CKM_CAST_CBC 0x00000302
-#define CKM_CAST_MAC 0x00000303
-#define CKM_CAST_MAC_GENERAL 0x00000304
-#define CKM_CAST_CBC_PAD 0x00000305
-#define CKM_CAST3_KEY_GEN 0x00000310
-#define CKM_CAST3_ECB 0x00000311
-#define CKM_CAST3_CBC 0x00000312
-#define CKM_CAST3_MAC 0x00000313
-#define CKM_CAST3_MAC_GENERAL 0x00000314
-#define CKM_CAST3_CBC_PAD 0x00000315
-#define CKM_CAST5_KEY_GEN 0x00000320
-#define CKM_CAST5_ECB 0x00000321
-#define CKM_CAST5_CBC 0x00000322
-#define CKM_CAST5_MAC 0x00000323
-#define CKM_CAST5_MAC_GENERAL 0x00000324
-#define CKM_CAST5_CBC_PAD 0x00000325
-#define CKM_RC5_KEY_GEN 0x00000330
-#define CKM_RC5_ECB 0x00000331
-#define CKM_RC5_CBC 0x00000332
-#define CKM_RC5_MAC 0x00000333
-#define CKM_RC5_MAC_GENERAL 0x00000334
-#define CKM_RC5_CBC_PAD 0x00000335
-#define CKM_IDEA_KEY_GEN 0x00000340
-#define CKM_IDEA_ECB 0x00000341
-#define CKM_IDEA_CBC 0x00000342
-#define CKM_IDEA_MAC 0x00000343
-#define CKM_IDEA_MAC_GENERAL 0x00000344
-#define CKM_IDEA_CBC_PAD 0x00000345
-#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
-#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
-#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
-#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
-#define CKM_XOR_BASE_AND_DATA 0x00000364
-#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
-#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
-#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
-#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
-#define CKM_SSL3_MD5_MAC 0x00000380
-#define CKM_SSL3_SHA1_MAC 0x00000381
-#define CKM_MD5_KEY_DERIVATION 0x00000390
-#define CKM_MD2_KEY_DERIVATION 0x00000391
-#define CKM_SHA1_KEY_DERIVATION 0x00000392
-#define CKM_PBE_MD2_DES_CBC 0x000003A0
-#define CKM_PBE_MD5_DES_CBC 0x000003A1
-#define CKM_PBE_MD5_CAST_CBC 0x000003A2
-#define CKM_PBE_MD5_CAST3_CBC 0x000003A3
-#define CKM_PBE_MD5_CAST5_CBC 0x000003A4
-#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
-#define CKM_PBE_SHA1_RC4_128 0x000003A6
-#define CKM_PBE_SHA1_RC4_40 0x000003A7
-#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
-#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
-#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
-#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
-#define CKM_KEY_WRAP_LYNKS 0x00000400
-#define CKM_KEY_WRAP_SET_OAEP 0x00000401
-
-/* Fortezza mechanisms */
-#define CKM_SKIPJACK_KEY_GEN 0x00001000
-#define CKM_SKIPJACK_ECB64 0x00001001
-#define CKM_SKIPJACK_CBC64 0x00001002
-#define CKM_SKIPJACK_OFB64 0x00001003
-#define CKM_SKIPJACK_CFB64 0x00001004
-#define CKM_SKIPJACK_CFB32 0x00001005
-#define CKM_SKIPJACK_CFB16 0x00001006
-#define CKM_SKIPJACK_CFB8 0x00001007
-#define CKM_SKIPJACK_WRAP 0x00001008
-#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
-#define CKM_SKIPJACK_RELAYX 0x0000100a
-#define CKM_KEA_KEY_PAIR_GEN 0x00001010
-#define CKM_KEA_KEY_DERIVE 0x00001011
-#define CKM_FORTEZZA_TIMESTAMP 0x00001020
-#define CKM_BATON_KEY_GEN 0x00001030
-#define CKM_BATON_ECB128 0x00001031
-#define CKM_BATON_ECB96 0x00001032
-#define CKM_BATON_CBC128 0x00001033
-#define CKM_BATON_COUNTER 0x00001034
-#define CKM_BATON_SHUFFLE 0x00001035
-#define CKM_BATON_WRAP 0x00001036
-#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
-#define CKM_ECDSA 0x00001041
-#define CKM_ECDSA_SHA1 0x00001042
-#define CKM_JUNIPER_KEY_GEN 0x00001060
-#define CKM_JUNIPER_ECB128 0x00001061
-#define CKM_JUNIPER_CBC128 0x00001062
-#define CKM_JUNIPER_COUNTER 0x00001063
-#define CKM_JUNIPER_SHUFFLE 0x00001064
-#define CKM_JUNIPER_WRAP 0x00001065
-#define CKM_FASTHASH 0x00001070
-
-#define CKM_VENDOR_DEFINED 0x80000000L
-
-
-/* CK_MECHANISM_TYPE_PTR points to a CK_MECHANISM_TYPE structure. */
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular mechanism. */
-typedef struct CK_MECHANISM {
- CK_MECHANISM_TYPE mechanism;
- CK_VOID_PTR pParameter;
-
- /* ulParameterLen was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulParameterLen; /* in bytes */
-} CK_MECHANISM;
-
-/* CK_MECHANISM_PTR points to a CK_MECHANISM structure. */
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular mechanism. */
-typedef struct CK_MECHANISM_INFO {
- CK_ULONG ulMinKeySize;
- CK_ULONG ulMaxKeySize;
- CK_FLAGS flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows.
- * Table 7-4, Mechanism Information FLags
- * Bit Flag Mask Meaning */
-#define CKF_HW 0x00000001 /* performed by HW device; not SW */
-
-/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, CKG_SIGN_RECOVER, */
-/* CKF_VERIFY, CKF_VERIFY_RECOVER, CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, */
-/* CKF_UNWRAP, and CKF_DERIVE are new for v2.0 */
-#define CKF_ENCRYPT 0x00000100 /* can be used with C_EncryptInit */
-#define CKF_DECRYPT 0x00000200 /* can be used with C_DecryptInit */
-#define CKF_DIGEST 0x00000400 /* can be used with C_DigestInit */
-#define CKF_SIGN 0x00000800 /* can be used with C_SignInit */
-#define CKF_SIGN_RECOVER 0x00001000 /* can use with C_SignRecoverInit */
-#define CKF_VERIFY 0x00002000 /* can be used with C_VerifyInit */
-#define CKF_VERIFY_RECOVER 0x00004000 /* can use w/ C_VerifyRecoverInit */
-#define CKF_GENERATE 0x00008000L /* can be used with C_GenerateKey */
-#define CKF_GENERATE_KEY_PAIR 0x00010000L /* can use with C_GenerateKeyPair */
-#define CKF_WRAP 0x00020000L /* can be used with C_WrapKey */
-#define CKF_UNWRAP 0x00040000L /* can be used with C_UnwrapKey */
-#define CKF_DERIVE 0x00080000L /* can be used with C_DeriveKey */
-
-#define CKF_EXTENSION 0x80000000L /* Must be FALSE for this version */
-
-/* CK_MECHANISM_INFO_PTR points to a CK_MECHANISM_INFO structure. */
-typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
-
-
-/* CK_RV is a value that identifies the return value of a PKCS #11 function. */
-/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_RV;
-
-#define CKR_OK 0x00000000
-#define CKR_CANCEL 0x00000001
-#define CKR_HOST_MEMORY 0x00000002
-#define CKR_SLOT_ID_INVALID 0x00000003
-
-/* CKR_FLAGS_INVALID was removed for v2.0 */
-
-/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
-#define CKR_GENERAL_ERROR 0x00000005
-#define CKR_FUNCTION_FAILED 0x00000006
-
-/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
- * and CKR_CANT_LOCK are new for v2.01 */
-#define CKR_ARGUMENTS_BAD 0x00000007
-#define CKR_NO_EVENT 0x00000008
-#define CKR_NEED_TO_CREATE_THREADS 0x00000009
-#define CKR_CANT_LOCK 0x0000000A
-
-#define CKR_ATTRIBUTE_READ_ONLY 0x00000010
-#define CKR_ATTRIBUTE_SENSITIVE 0x00000011
-#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
-#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
-#define CKR_DATA_INVALID 0x00000020
-#define CKR_DATA_LEN_RANGE 0x00000021
-#define CKR_DEVICE_ERROR 0x00000030
-#define CKR_DEVICE_MEMORY 0x00000031
-#define CKR_DEVICE_REMOVED 0x00000032
-#define CKR_ENCRYPTED_DATA_INVALID 0x00000040
-#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
-#define CKR_FUNCTION_CANCELED 0x00000050
-#define CKR_FUNCTION_NOT_PARALLEL 0x00000051
-
-/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
-#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
-
-#define CKR_KEY_HANDLE_INVALID 0x00000060
-
-/* CKR_KEY_SENSITIVE was removed for v2.0 */
-
-#define CKR_KEY_SIZE_RANGE 0x00000062
-#define CKR_KEY_TYPE_INCONSISTENT 0x00000063
-
-/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are
- * new for v2.0 */
-#define CKR_KEY_NOT_NEEDED 0x00000064
-#define CKR_KEY_CHANGED 0x00000065
-#define CKR_KEY_NEEDED 0x00000066
-#define CKR_KEY_INDIGESTIBLE 0x00000067
-#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
-#define CKR_KEY_NOT_WRAPPABLE 0x00000069
-#define CKR_KEY_UNEXTRACTABLE 0x0000006A
-
-#define CKR_MECHANISM_INVALID 0x00000070
-#define CKR_MECHANISM_PARAM_INVALID 0x00000071
-
-/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
- * were removed for v2.0 */
-#define CKR_OBJECT_HANDLE_INVALID 0x00000082
-#define CKR_OPERATION_ACTIVE 0x00000090
-#define CKR_OPERATION_NOT_INITIALIZED 0x00000091
-#define CKR_PIN_INCORRECT 0x000000A0
-#define CKR_PIN_INVALID 0x000000A1
-#define CKR_PIN_LEN_RANGE 0x000000A2
-
-/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
-#define CKR_PIN_EXPIRED 0x000000A3
-#define CKR_PIN_LOCKED 0x000000A4
-
-#define CKR_SESSION_CLOSED 0x000000B0
-#define CKR_SESSION_COUNT 0x000000B1
-#define CKR_SESSION_HANDLE_INVALID 0x000000B3
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
-#define CKR_SESSION_READ_ONLY 0x000000B5
-#define CKR_SESSION_EXISTS 0x000000B6
-
-/* CKR_SESSION_READ_ONLY_EXISTS and CKR_SESSION_READ_WRITE_SO_EXISTS
- * are new for v2.0 */
-#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
-#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
-
-#define CKR_SIGNATURE_INVALID 0x000000C0
-#define CKR_SIGNATURE_LEN_RANGE 0x000000C1
-#define CKR_TEMPLATE_INCOMPLETE 0x000000D0
-#define CKR_TEMPLATE_INCONSISTENT 0x000000D1
-#define CKR_TOKEN_NOT_PRESENT 0x000000E0
-#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
-#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
-#define CKR_USER_ALREADY_LOGGED_IN 0x00000100
-#define CKR_USER_NOT_LOGGED_IN 0x00000101
-#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
-#define CKR_USER_TYPE_INVALID 0x00000103
-
-/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
- * are new to v2.01 */
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
-#define CKR_USER_TOO_MANY_TYPES 0x00000105
-
-#define CKR_WRAPPED_KEY_INVALID 0x00000110
-#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
-#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
-#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
-#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
-
-/* These are new to v2.0 */
-#define CKR_RANDOM_NO_RNG 0x00000121
-#define CKR_INSERTION_CALLBACK_SET 0x00000140
-#define CKR_INSERTION_CALLBACK_NOT_SUPPORTED 0x00000141
-#define CKR_BUFFER_TOO_SMALL 0x00000150
-#define CKR_SAVED_STATE_INVALID 0x00000160
-#define CKR_INFORMATION_SENSITIVE 0x00000170
-#define CKR_STATE_UNSAVEABLE 0x00000180
-
-/* These are new to v2.01 */
-#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
-#define CKR_MUTEX_BAD 0x000001A0
-#define CKR_MUTEX_NOT_LOCKED 0x000001A1
-
-#define CKR_VENDOR_DEFINED 0x80000000L
-
-
-/* CK_NOTIFY is an application callback that processes events. */
-typedef CK_RV (CK_ENTRY CK_PTR CK_NOTIFY)(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_NOTIFICATION event,
- CK_VOID_PTR pApplication /* same as passed to C_OpenSession. */
-);
-
-/* CK_FUNCTION_LIST is going to be a structure holding a PKCS #11 spec */
-/* version and pointers of appropriate types to all the PKCS #11 functions. */
-/* CK_FUNCTION_LIST is new for v2.0 */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-/* CK_CREATEMUTEX is an application callback for creating a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_CREATEMUTEX)(
- CK_VOID_PTR_PTR ppMutex /* location to receive pointer to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_DESTROYMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_LOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_UNLOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to C_Initialize
-*/
-typedef struct CK_C_INITIALIZE_ARGS {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- CK_FLAGS flags;
- CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 /* library may not
- * spawn its own
- * threads */
-#define CKF_OS_LOCKING_OK 0x00000002 /* library can use
- * native operating
- * system thread
- * synchronization */
-
-/* CK_C_INITIALIZE_ARGS_PTR is a pointer to a CK_C_INITIALIZE_ARGS */
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK 1
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the CKM_KEA_DERIVE
- * mechanism. */
-/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
-typedef struct CK_KEA_DERIVE_PARAMS {
- CK_BBOOL isSender;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pRandomB;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-/* CK_KEA_DERIVE_PARAMS_PTR points to a CK_KEA_DERIVE_PARAMS. */
-typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and CKM_RC2_MAC */
-/* mechanisms. An instance of CK_RC2_PARAMS just holds the effective keysize. */
-typedef CK_ULONG CK_RC2_PARAMS;
-
-
-/* CK_RC2_PARAMS_PTR points to a CK_RC2_PARAMS. */
-typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC mechanism. */
-typedef struct CK_RC2_CBC_PARAMS {
- /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
-
- CK_BYTE iv[8]; /* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-/* CK_RC2_CBC_PARAMS_PTR points to a CK_RC2_CBC_PARAMS. */
-typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the */
-/* CKM_RC2_MAC_GENERAL mechanism. */
-/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and CKM_RC5_MAC */
-/* mechanisms. */
-/* CK_RC5_PARAMS is new for v2.0 */
-typedef struct CK_RC5_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
-} CK_RC5_PARAMS;
-
-/* CK_RC5_PARAMS_PTR points to a CK_RC5_PARAMS. */
-typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC mechanism. */
-/* CK_RC5_CBC_PARAMS is new for v2.0 */
-typedef struct CK_RC5_CBC_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_BYTE_PTR pIv; /* pointer to IV */
- CK_ULONG ulIvLen; /* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-/* CK_RC5_CBC_PARAMS_PTR points to a CK_RC5_CBC_PARAMS. */
-typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the */
-/* CKM_RC5_MAC_GENERAL mechanism. */
-/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block ciphers' */
-/* MAC_GENERAL mechanisms. Its value is the length of the MAC. */
-/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
- CK_ULONG ulPasswordLen;
- CK_BYTE_PTR pPassword;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPAndGLen;
- CK_ULONG ulQLen;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pPrimeP;
- CK_BYTE_PTR pBaseG;
- CK_BYTE_PTR pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR points to a
- * CK_SKIPJACK_PRIVATE_WRAP_PARAMS */
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
- CK_SKIPJACK_PRIVATE_WRAP_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism */
-/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
- CK_ULONG ulOldWrappedXLen;
- CK_BYTE_PTR pOldWrappedX;
- CK_ULONG ulOldPasswordLen;
- CK_BYTE_PTR pOldPassword;
- CK_ULONG ulOldPublicDataLen;
- CK_BYTE_PTR pOldPublicData;
- CK_ULONG ulOldRandomLen;
- CK_BYTE_PTR pOldRandomA;
- CK_ULONG ulNewPasswordLen;
- CK_BYTE_PTR pNewPassword;
- CK_ULONG ulNewPublicDataLen;
- CK_BYTE_PTR pNewPublicData;
- CK_ULONG ulNewRandomLen;
- CK_BYTE_PTR pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-/* CK_SKIPJACK_RELAYX_PARAMS_PTR points to a CK_SKIPJACK_RELAYX_PARAMS
-*/
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-typedef struct CK_PBE_PARAMS {
- CK_CHAR_PTR pInitVector;
- CK_CHAR_PTR pPassword;
- CK_ULONG ulPasswordLen;
- CK_CHAR_PTR pSalt;
- CK_ULONG ulSaltLen;
- CK_ULONG ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the */
-/* CKM_KEY_WRAP_SET_OAEP mechanism. */
-/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
- CK_BYTE bBC; /* block contents byte */
- CK_BYTE_PTR pX; /* extra data */
- CK_ULONG ulXLen; /* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS_PTR points to a CK_KEY_WRAP_SET_OAEP_PARAMS. */
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-/* CK_BATON_PARAMS provides the parameters to the CKM_BATON_ECB128, */
-/* CKM_BATON_ECB96, CKM_BATON_CBC128, CKM_BATON_COUNTER, and */
-/* CKM_BATON_SHUFFLE mechanisms. */
-/* CK_BATON_PARAMS is new for v2.0 */
-typedef struct CK_BATON_PARAMS {
- CK_BYTE iv[24];
-} CK_BATON_PARAMS;
-
-/* CK_BATON_PARAMS_PTR points to a CK_BATON_PARAMS. */
-typedef CK_BATON_PARAMS CK_PTR CK_BATON_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_RANDOM_DATA {
- CK_BYTE_PTR pClientRandom;
- CK_ULONG ulClientRandomLen;
- CK_BYTE_PTR pServerRandom;
- CK_ULONG ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
- CK_OBJECT_HANDLE hClientMacSecret;
- CK_OBJECT_HANDLE hServerMacSecret;
- CK_OBJECT_HANDLE hClientKey;
- CK_OBJECT_HANDLE hServerKey;
- CK_BYTE_PTR pIVClient;
- CK_BYTE_PTR pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_BBOOL bIsExport;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-/* The CK_DERIVATION_STRING_DATA is used for bunches of Deriviation
- * Mechanisms. */
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
- CK_BYTE_PTR pData;
- CK_ULONG ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-/* The CK_EXTRACT_PARAMS is used for the CKM_EXTRACT_KEY_FROM_KEY mechanism. */
-/* CK_EXTRACT_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-/* CK_EXTRACT_PARAMS_PTR points to a CK_EXTRACT_PARAMS. */
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-
-/* Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_KEY_GEN 0x80000001L
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC 0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC 0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC 0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC 0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC 0x80000008L
-#define CKM_TLS_MASTER_KEY_DERIVE 0x80000371L
-#define CKM_TLS_KEY_AND_MAC_DERIVE 0x80000372L
-
-/* define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB 0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST 0x80000001L
-
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#pragma pack(pop, cryptoki)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#pragma pack(pop)
-#else /* not Watcom 16-bit */
-#pragma pack()
-#endif
-#endif
-#endif
-
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkmem.h b/security/nss/lib/fortcrypt/fpkmem.h
deleted file mode 100644
index 5097828c6..000000000
--- a/security/nss/lib/fortcrypt/fpkmem.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _FPKMEM_H_
-#define _FPKMEM_H_
-
-#define PORT_Free free
-#define PORT_Alloc malloc
-
-#define PORT_Memcmp memcmp
-#define PORT_Memcpy memcpy
-
-#define NUM_SLOTS 32
-
-#if !defined (XP_UNIX) && !defined (_WINDOWS) && !defined (XP_OS2) && !defined (XP_BEOS)
-#define XP_MAC 1 /*Make sure we get this define in for Mac builds*/
-#endif
-
-#endif /*_FPKMEM_H_*/
diff --git a/security/nss/lib/fortcrypt/fpkstrs.h b/security/nss/lib/fortcrypt/fpkstrs.h
deleted file mode 100644
index 144ea1ee7..000000000
--- a/security/nss/lib/fortcrypt/fpkstrs.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _context_h_
-#define _context_h_
-
-#ifdef SWFORT
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-#endif
-#include "cryptint.h"
-#include "genci.h"
-#include "maci.h"
-
-typedef enum {NOKEY, TEK, MEK, UNWRAP, Ks} FortezzaKeyType;
-typedef enum {Encrypt, Decrypt, Sign, None} CryptoType;
-
-typedef struct FortezzaKeyStr *FortezzaKeyPtr;
-typedef struct FortezzaSocketStr *FortezzaSocketPtr;
-typedef struct FortezzaKeyStr FortezzaKey;
-typedef unsigned char FortezzaMEK[12];
-
-
-typedef struct CreateTEKInfoStr {
- CI_RA Ra;
- CI_RB Rb;
- unsigned long randomLen;
- int personality;
- int flag; /*Either CI_INITIATOR_FLAG or CI_RECIPIENT_FLAG*/
- CI_Y pY;
- unsigned int YSize;
-} CreateTEKInfo;
-
-typedef struct FortezzaTEKStr {
- CI_RA Ra; /*All the parameters necessary to create a TEK */
- CI_RB Rb;
- unsigned long randomLen;
- CI_Y pY;
- int flags;
- int registerIndex;
- unsigned int ySize;
-} FortezzaTEK;
-
-struct FortezzaKeyStr {
- FortezzaKeyPtr next, prev;
- CK_OBJECT_HANDLE keyHandle;
- int keyRegister;
- FortezzaKeyType keyType;
- FortezzaSocketPtr keySocket;
- unsigned long id;
- unsigned long hitCount;
- union {
- FortezzaTEK tek;
- FortezzaMEK mek;
- } keyData;
-};
-
-typedef struct FortezzaSocketStr {
- PRBool isOpen;
- PRBool isLoggedIn;
- PRBool hasLoggedIn;
- PRBool personalitiesLoaded;
- unsigned long slotID;
- unsigned long hitCount;
- HSESSION maciSession;
- CI_SERIAL_NUMBER openCardSerial;
- CI_STATE openCardState;
- CI_PERSON *personalityList;
- int numPersonalities;
- int numKeyRegisters;
- FortezzaKey **keyRegisters; /*Array of pointers to keys in registers*/
- FortezzaKey *keys; /*Linked list of all the keys*/
- void *registersLock;
-} FortezzaSocket;
-
-typedef struct PK11SessionStr *PK11SessionPtr;
-
-typedef struct FortezzaConstextStr {
- FortezzaKey *fortezzaKey;
- FortezzaSocket *fortezzaSocket;
- PK11SessionPtr session;
- CryptoType cryptoOperation;
- CK_MECHANISM_TYPE mechanism;
- CI_SAVE_DATA cardState;
- CI_IV cardIV;
- unsigned long userRamSize;
- CK_OBJECT_HANDLE hKey;
-} FortezzaContext;
-
-
-
-#endif /*_context_h_*/
diff --git a/security/nss/lib/fortcrypt/genci.h b/security/nss/lib/fortcrypt/genci.h
deleted file mode 100644
index 6a44cd7a7..000000000
--- a/security/nss/lib/fortcrypt/genci.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * the following header file switches between MACI and CI based on
- * compile options. That lest the rest of the source code operate
- * without change, even if it only suports CI_ calls, not MACI_ calls
- */
-#ifndef _GENCI_H_
-#define _GENCI_H_ 1
-#include "seccomon.h"
-
-#if defined (XP_UNIX) || defined (XP_WIN32) || defined (XP_OS2) || defined (XP_BEOS)
-
-/*
- * On unix, NT, Windows '95, and OS/2 we use full maci
- */
-#include "maci.h"
-
-#define MACI_SEL(x)
-
-/*
- * for sec-for.c
- */
-#define CI_Initialize MACI_Initialize
-#define CI_Terminate() { HSESSION hs;\
- MACI_GetSessionID(&hs);\
- MACI_Terminate(hs); }
-
-#else
-
-/*
- * On Mac we use the original CI_LIB
- */
-#include "cryptint.h"
-
-/*
- * MACI specific values not defined for CI lib
- */
-#define MACI_SESSION_EXCEEDED (-53)
-
-#ifndef HSESSION_DEFINE
-typedef unsigned int HSESSION;
-#define HSESSION_DEFINE
-#endif
-
-/*
- * Map MACI_ calls to CI_ calls. NOTE: this assumes the proper CI_Select
- * calls are issued in the CI_ case
- */
-#define MACI_ChangePIN(s,pin,old,new) CI_ChangePIN(pin,old,new)
-#define MACI_CheckPIN(s,type,pin) CI_CheckPIN(type,pin)
-#define MACI_Close(s,flag,socket) CI_Close(flag,socket)
-#define MACI_Decrypt(s,size,in,out) CI_Decrypt(size,in,out)
-#define MACI_DeleteCertificate(s,cert) CI_DeleteCertificate(cert)
-#define MACI_DeleteKey(s,index) CI_DeleteKey(index)
-#define MACI_Encrypt(s,size,in,out) CI_Encrypt(size,in,out)
-#define MACI_ExtractX(s,cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g) \
- CI_ExtractX(cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g)
-#define MACI_FirmwareUpdate(s,flags,Cksum,len,size,data) \
- CI_FirmwareUpdate(flags,Cksum,len,size,data)
-#define MACI_GenerateIV(s,iv) CI_GenerateIV(iv)
-#define MACI_GenerateMEK(s,index,res) CI_GenerateMEK(index,res)
-#define MACI_GenerateRa(s,Ra) CI_GenerateRa(Ra)
-#define MACI_GenerateRandom(s,ran) CI_GenerateRandom(ran)
-#define MACI_GenerateTEK(s,flag,index,Ra,Rb,size,Y) \
- CI_GenerateTEK(flag,index,Ra,Rb,size,Y)
-#define MACI_GenerateX(s,cert,type,pgSize,qSize,p,q,g,ySize,y) \
- CI_GenerateX(cert,type,pgSize,qSize,p,q,g,ySize,y)
-#define MACI_GetCertificate(s,cert,val) CI_GetCertificate(cert,val)
-#define MACI_GetConfiguration(s,config) CI_GetConfiguration(config)
-#define MACI_GetHash(s,size,data,val) CI_GetHash(size,data,val)
-#define MACI_GetPersonalityList(s,cnt,list) CI_GetPersonalityList(cnt,list)
-#define MACI_GetSessionID(s) CI_OK
-#define MACI_GetState(s,state) CI_GetState(state)
-#define MACI_GetStatus(s,status) CI_GetStatus(status)
-#define MACI_GetTime(s,time) CI_GetTime(time)
-#define MACI_Hash(s,size,data) CI_Hash(size,data)
-#define MACI_Initialize(count) CI_Initialize(count)
-#define MACI_InitializeHash(s) CI_InitializeHash()
-#define MACI_InstallX(s,cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g) \
- CI_InstallX(cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g)
-#define MACI_LoadCertificate(s,cert,label,data,res) \
- CI_LoadCertificate(cert,label,data,res)
-#define MACI_LoadDSAParameters(s,pgSize,qSize,p,q,g) \
- CI_LoadDSAParameters(pgSize,qSize,p,q,g)
-#define MACI_LoadInitValues(s,seed,Ks) CI_LoadInitValues(seed,Ks)
-#define MACI_LoadIV(s,iv) CI_LoadIV(iv)
-#define MACI_LoadX(s,cert,type,pgSize,qSize,p,q,g,x,ySize,y) \
- CI_LoadX(cert,type,pgSize,qSize,p,q,g,x,ySize,y)
-#define MACI_Lock(s,flags) CI_Lock(flags)
-#define MACI_Open(s,flags,index) CI_Open(flags,index)
-#define MACI_RelayX(s,oPass,oSize,oY,oRa,oX,nPass,nSize,nY,nRa,nX) \
- CI_RelayX(oPass,oSize,oY,oRa,oX,nPass,nSize,nY,nRa,nX)
-#define MACI_Reset(s) CI_Reset()
-#define MACI_Restore(s,type,data) CI_Restore(type,data)
-#define MACI_Save(s,type,data) CI_Save(type,data)
-#define MACI_Select(s,socket) CI_Select(socket)
-#define MACI_SetConfiguration(s,typ,sz,d) CI_SetConfiguration(typ,sz,d)
-#define MACI_SetKey(s,key) CI_SetKey(key)
-#define MACI_SetMode(s,type,mode) CI_SetMode(type,mode)
-#define MACI_SetPersonality(s,index) CI_SetPersonality(index)
-#define MACI_SetTime(s,time) CI_SetTime(time)
-#define MACI_Sign(s,hash,sig) CI_Sign(hash,sig)
-#define MACI_Terminate(s) CI_Terminate()
-#define MACI_TimeStamp(s,val,sig,time) CI_TimeStamp(val,sig,time)
-#define MACI_Unlock(s) CI_Unlock()
-#define MACI_UnwrapKey(s,targ,wrap,key) CI_UnwrapKey(targ,wrap,key)
-#define MACI_VerifySignature(s,h,siz,y,sig) CI_VerifySignature(h,siz,y,sig)
-#define MACI_VerifyTimeStamp(s,hash,sig,tim) CI_VerityTimeStap(hash,sig,tim)
-#define MACI_WrapKey(s,src,wrap,key) CI_WrapKey(src,wrap,key)
-#define MACI_Zeroize(s) CI_Zeroize()
-
-#define MACI_SEL(x) CI_Select(x)
-#endif /* ! XP_UNIX */
-#endif /* _GENCI_H_ */
diff --git a/security/nss/lib/fortcrypt/globinst.htm b/security/nss/lib/fortcrypt/globinst.htm
deleted file mode 100644
index cd0a194d4..000000000
--- a/security/nss/lib/fortcrypt/globinst.htm
+++ /dev/null
@@ -1,139 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<SCRIPT>
-
-
-// ---------------------- Configuration variables ----------------
-var pkcs11jar="fortpk11.jar";
-//var pkcs11base="file://d|/dogbert/ns/dist/";
-pkcs11base="";
-
-var comm_platforms = pk_init_array (
- "Win32", "Win16", "Mac68k", "MacPPC",
- "AIX4.1", "HP-UXA.09", "HP-UXB.10",
- "SunOS4.1.3_U1", "SunOS5.4", "SunOS5.5.1" );
-var directories = pk_init_array (
- "win32", "win16", "none", "macppc",
- "aix", "hpux", "hpux",
- "sunos", "sol24",
- "sol251" );
-
-function mapPlatform(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return directories[i];
- }
- }
- return InPlat;
-}
-
-
-function pk_init_array()
-{
- var numArgs = pk_init_array.arguments.length;
- var a = new Array(numArgs);
-
- for (var i = 0; i < numArgs; i++) {
- a[i] = pk_init_array.arguments[i];
- }
- return a;
-}
-
-function getPlatform() {
- return navigator.platform;
-// var string = navigator.appVersion;
-// start = string.indexOf("(",0);
-// if (start == -1) {
-// return "unknown";
-// }
-// end = string.indexOf(";",start);
-// if (end == -1) {
-// end = string.indexOf(")",start);
-// }
-// if (end == -1) {
-// end = string.length;
-// }
-// platform = string.substring(start+1,end);
-// return platform;
-}
-
-function getURLPath() {
- var string = window.location.href;
- end = string.lastIndexOf("/");
- if (end == -1) {
- end = string.length-1;
- }
- return string.substring(0,end+1);
-}
-
-
-
-plat=getPlatform();
-platDir = mapPlatform(plat);
-if (pkcs11base == "") pkcs11base=getURLPath();
-
-if (plat == "MacPPC") {
- pkcs11jar= "macinst.htm"
-}
-
-function DoInstall(url) {
- window.location.href = url;
-}
-
-function DoCancel() {
- // set window.location.href to your home page if you wish
- //alert('Cancel Installation?');
- history.back();
-}
-
-// ------ Change the following for your own Message --------
-document.write("<CENTER><H1>Netscape Fortezza PKCS #11 Module Installer</H1>");
-document.write("</CENTER>");
-document.write("<Table><TR><TD>");
-document.write("<DD><p><IMG SRC=about:logo WIDTH=90 Height=77 NAME=LITRONIC></TD>");
-document.write("<TD VAlign=Center><i> Netscape Fortezza PKCS #11 Modules require Litronic's MACI drivers to be installed on your platform.");
-document.write(" If you haven't already installed theLitronic MACI drivers, please to do so now.</I>");
-document.write("</TD></TR></Table>");
-// ----- end of generic message section --------
-document.write("<p>Netscape has detected you are installing on <b>"+plat+"</b>.<br>");
-document.write("Installing: <b>"+pkcs11base+platDir+"/"+pkcs11jar+"</b><br>");
-document.write("<FORM>");
-document.write("<CENTER><Table><TR><TD><Input Type=Button name=install value='Install Now' onclick=DoInstall("+ "\"" +pkcs11base+platDir+"/"+pkcs11jar+"\""+")>");
-document.write("</TD><TD><Input type=Button name=cancel value=Cancel Onclick=DoCancel()>");
-document.write("</TD></TR></Table></CENTER>");
-document.write("</FORM>");
-document.close();
-</SCRIPT>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/handinst.htm b/security/nss/lib/fortcrypt/handinst.htm
deleted file mode 100644
index f816432e1..000000000
--- a/security/nss/lib/fortcrypt/handinst.htm
+++ /dev/null
@@ -1,180 +0,0 @@
-<HTML>
-<TITLE>Generic PKCS #11 Installer</TITLE>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<SCRIPT>
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-var new_window;
-var has_new_window = 0;
-
-function HandleCipher(checkBox) {
- if (checkBox.checked) {
- pkcs11MechanismFlags |= checkBox.value;
- } else {
- pkcs11MechanismFlags &= ~checkBox.value;
- }
-}
-
-function HandleSSL(checkBox) {
- if (checkBox.checked) {
- pkcs11CipherFlags |= checkBox.value;
- } else {
- pkcs11CipherFlags &= ~checkBox.value;
- }
-}
-
-function colonize(string) {
- len = string.length;
- end = len -1;
-
- if (len == 0) return string;
-
-
- for (i=0; i < len; i++) {
- if (string.charAt(i) == "/") {
- if (i == 0) {
- new_string = ":" + string.substring(1,len);
- } else if (i == end) {
- new_string = string.substring(0,i)+':';
- } else {
- new_string = string.substring(0,i)+':'+
- string.substring(i+1,len);
- }
- string = new_string;
- }
- }
-
- if (string.charAt(0) == ":") string = string.substring(1,len);
- return string;
-}
-
-function DoInstall(name,module) {
- if ((navigator.platform == "MacPPC")
- || (navigator.platform == "Mac68K")) {
- module = colonize(module);
- }
- result = pkcs11.addmodule(name, module,
- pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- }
- if (has_new_window) new_window.close();
-}
-
-default_name = "Netscape FORTEZZA Module"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>PKCS #11 Installer</H2>");
-document.writeln(" Module name: <Input Type=Text Name=modName value=\""+default_name+"\" size=50 required><br>");
-document.writeln(" Module Library: <Input Type=FILE required Name=module><p>");
-document.writeln("<hr><TABLE><TR><TD>");
-document.writeln("<Input type=Checkbox name=RSA value="+PKCS11_MECH_RSA_FLAG+" onclick=HandleCipher(document.instform.RSA)> RSA<br>");
-document.writeln("<Input type=Checkbox name=DSA value="+PKCS11_MECH_DSA_FLAG+" onclick=HandleCipher(document.instform.DSA)> DSA<br>");
-document.writeln("<Input type=Checkbox name=RC2 value="+PKCS11_MECH_RC2_FLAG+" onclick=HandleCipher(document.instform.RC2)> RC2<br>");
-document.writeln("<Input type=Checkbox name=RC4 value="+PKCS11_MECH_RC4_FLAG+" onclick=HandleCipher(document.instform.RC4)> RC4<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=DES value="+PKCS11_MECH_DES_FLAG+" onclick=HandleCipher(document.instform.DES)> DES<br>");
-document.writeln("<Input type=Checkbox name=DH value="+PKCS11_MECH_DH_FLAG+" onclick=HandleCipher(document.instform.DH)> DH<br>");
-document.writeln("<Input type=Checkbox name=SKIPJACK value="+PKCS11_MECH_SKIPJACK_FLAG+" onclick=HandleCipher(document.instform.SKIPJACK)> SKIPJACK<br>");
-document.writeln("<Input type=Checkbox name=RC5 value="+PKCS11_MECH_RC5_FLAG+" onclick=HandleCipher(document.instform.RC5)> RC5<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=SHA1 value="+PKCS11_MECH_SHA1_FLAG+" onclick=HandleCipher(document.instform.SHA1)> SHA1<br>");
-document.writeln("<Input type=Checkbox name=MD5 value="+PKCS11_MECH_MD5_FLAG+" onclick=HandleCipher(document.instform.MD5)> MD5<br>");
-document.writeln("<Input type=Checkbox name=MD2 value="+PKCS11_MECH_MD2_FLAG+" onclick=HandleCipher(document.instform.MD2)> MD2<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=Random value="+PKCS11_MECH_RANDOM_FLAG+" CHECKED onclick=HandleCipher(document.instform.Random)> Random Number Generation<br>");
-document.writeln("<Input type=Checkbox name=readCert value="+PKCS11_PUB_READABLE_CERT_FLAG+" onclick=HandleCipher(document.instform.ReadCert)> Public Readable Certificates<br>");
-document.writeln("<Input type=Checkbox name=Disable value="+PKCS11_DISABLE_FLAG+" onclick=HandleCipher(document.instform.Disable)> Disable<br>");
-document.writeln("</TD></TR></TABLE>");
-document.writeln("<hr>");
-document.writeln("<Input type=Checkbox name=fortssl value="+ PKCS11_CIPHER_FORTEZZA_FLAG +" checked onclick=HandleSSL(document.instform.fortssl)> Enable FORTEZZA menus<br>");
-document.writeln("<hr>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln( "document.instform.modName.value,document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/homeinst.htm b/security/nss/lib/fortcrypt/homeinst.htm
deleted file mode 100644
index a0583fbc7..000000000
--- a/security/nss/lib/fortcrypt/homeinst.htm
+++ /dev/null
@@ -1,211 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<SCRIPT>
-
-
-// ---------------------- Configuration variables ----------------
-var pkcs11jar="bin/fortWIN32.jar";
-var pkcs11base="ftp://sweetlou/products/client/dogbert/new";
-//pkcs11base="";
-win_file = "libfort.jar"
-unix = "libfort-v404b9."
-mac_file = "macinst.htm"
-
-
-var winDates = pk_init_array (
- "oct_02a_404", "oct_01a_404" );
-
-var unixDates = pk_init_array (
- "current", "Oct_02", "Oct_O1");
-
-
-var comm_platforms = pk_init_array (
- "Win32", "Win16", "Mac68k", "MacPPC",
- "AIX4.1", "HP-UXA.09", "HP-UXB.10",
- "SunOS4.1.3_U1", "SunOS5.4", "SunOS5.5.1",
- "BSD_3861.1","BSD_3862.1", "FreeBSD2", "IRIX5.3", "IRIX6.2",
- "LinuxELF1.2","LinusELF2.0","NCR4.0","NEC4.2","OSF1V3","SCOOS5.0",
- "SINIX-N5.42","SunOS5.4_i86pc","UNIXWARE2.1",
- "OS23.0","OS24.0");
-var isSupport = pk_init_array ( 1, 1, 0, 1,
- 1, 1, 1,
- 1, 1, 1, 1,
- 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0,
- 0, 0, 0,
- 0, 0 );
-var directories = pk_init_array (
- "32bit/fortezza", "16bit/fortezza", "", "404-fortezza-items",
- "aix4", "hpux", "hpux10",
- "sunos4", "sol24", "sol251",
- // not really supported
- "bsdi", "bsdi2", "freebsd", "irix53", "irix62",
- "linux12","linux20","ncr","nec","osf132","sco",
- "sinix","solx86","unixware",
- "" ,"" );
-var files = pk_init_array (
- win_file, win_file, mac_file, mac_file,
- unix+"rs6000-ibm-aix4.jar",unix+"hppa1.1-hp-hpux9.jar",
- unix+"hppa1.1-hp-hpux10.jar",
- unix+"sparc-sun-sunos4.1.3_U1.jar",unix+"sparc-sun-solaris2.4.jar",
- unix+"sparc-sun-solaris2.5.1.jar",
- unix+"x86-bsdi-bsd.jar",unix+"x86-bsdi-bsd2.jar",
- unix+"x86-unknown-freebsd.jar",
- unix+"mips-sgi-irix5.3.jar",unix+"mips-sgi-irix6.2.jar",
- unix+"x86-unknown-linix1.2.jar",unix+"x86-unknown-linix2.0.jar",
- unix+"x86-ncr-sysv5.jar",unix+"mips-nec-uxv4.2.jar",
- unix+"alpha-dec-osf3.2.jar",unix+"x86-sco-opensv5.0.2",
- unix+"mips-sni-reliantunix.jar",unix+"x86-sun-solaris2.4.jar",
- unix+"x86-sco-unixware2.1.jar",
- win_file, win_file );
-
-function isSupported(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return isSupport[i];
- }
- }
- return 0;
-}
-
-function mapPlatform(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return directories[i];
- }
- }
- return InPlat;
-}
-
-function mapFile(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return files[i];
- }
- }
- return unix+"unknown-unknown-unknown.jar";
-}
-
-function mapDate(platform) {
- if ((platform == "MacPPC") || (platform == "Mac68K")) {
- return "";
- } else if ((platform == "Win32") || (platform == "Win16")) {
- return "/oct_2a_404";
- } else if ((platform == "OS23.0") || (platform == "OS24.0")) {
- return "";
- }
- return "/current/signed";
-}
-function mapBaseDir(platform) {
- if ((platform == "MacPPC") || (platform == "Mac68K")) {
- return "mac";
- } else if ((platform == "Win32") || (platform == "Win16")) {
- return "windows"
- } else if ((platform == "OS23.0") || (platform == "OS24.0")) {
- return "os2";
- }
- return "unix/Fortezza";
-}
-
-function pk_init_array()
-{
- var numArgs = pk_init_array.arguments.length;
- var a = new Array(numArgs);
-
- for (var i = 0; i < numArgs; i++) {
- a[i] = pk_init_array.arguments[i];
- }
- return a;
-}
-
-function getPlatform() {
- return navigator.platform;
-}
-
-function getURLPath() {
- var string = window.location.href;
- end = string.lastIndexOf("/");
- if (end == -1) {
- end = string.length-1;
- }
- return string.substring(0,end+1);
-}
-
-
-
-plat=getPlatform();
-platDir = mapPlatform(plat);
-platFile = mapFile(plat);
-platBase = mapBaseDir(plat);
-platDate = mapDate(plat);
-if (pkcs11base == "") pkcs11base=getURLPath();
-pkcs11loc=pkcs11base+"/"+platBase+"/"+platDir + platDate + "/" + platFile;
-
-
-
-function DoInstall(url) {
- window.location.href = url;
-}
-
-function DoCancel() {
- // set window.location.href to your home page if you wish
- //alert('Cancel Installation?');
- history.back();
-}
-
-// ------ Change the following for your own Message --------
-document.write("<CENTER><H1>Netscape Fortezza PKCS #11 Module Installer</H1>");
-document.write("</CENTER>");
-document.write("<Table><TR><TD>");
-document.write("<DD><p><IMG SRC=litronic.gif WIDTH=110 Height=63 NAME=LITRONIC></TD>");
-document.write("<TD VAlign=Center><i> Netscape Fortezza PKCS #11 Modules require Litronic's MACI drivers to be installed on your platform.");
-document.write(" If you haven't already installed theLitronic MACI drivers, please to do so now.</I>");
-document.write("</TD></TR></Table>");
-// ----- end of generic message section --------
-document.write("<p>Netscape has detected you are installing on <b>"+plat+"</b>.<br>");
-if (!isSupported(plat)) {
- document.write("<b>This platform is currently not suppported for FORTEZZA</b><br>");
-}
-document.write("Installing: <b>"+pkcs11loc+"</b><br>");
-document.write("<FORM>");
-document.write("<CENTER><Table><TR><TD><Input Type=Button name=install value='Install Now' onclick=DoInstall("+ "\"" +pkcs11loc+"\""+")>");
-document.write("</TD><TD><Input type=Button name=cancel value=Cancel Onclick=DoCancel()>");
-document.write("</TD></TR></Table></CENTER>");
-document.write("</FORM>");
-document.close();
-</SCRIPT>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/inst.js b/security/nss/lib/fortcrypt/inst.js
deleted file mode 100644
index 2c2b1ab64..000000000
--- a/security/nss/lib/fortcrypt/inst.js
+++ /dev/null
@@ -1,268 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-////////////////////////////////////////////////////////////////////////////////////////
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-var pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3; // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2; // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1; // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1; // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2; // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4; // Error deleting a module
-JS_ERR_ADD_MODULE = -5; // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6; // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7; // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8; // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9; // The SSL, S/MIME cipher flags are invalid
-JS_ERR_ADD_MODULE_DULICATE =-10; // Module with the same name already installed
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Find out which library is to be installed depending on the platform
-
-// pathname seperator is platform specific
-var sep = "/";
-var vendor = "netscape";
-var moduleName = "not_supported";
-var plat = navigator.platform;
-
-var dir = "pkcs11/" + vendor + "/" + plat + "/";
-if (plat == "Win16") {
- dir = "pkcs11/";
-}
-
-bAbort = false;
-if (plat == "Win32") {
- moduleName = "fort32.dll";
- sep = "\\";
-} else if (plat == "Win16") {
- moduleName = "FORT16.DLL";
- sep = "\\";
-} else if (plat == "MacPPC") {
- moduleName = "FortPK11Lib";
- sep = ":";
-} else if (plat == "AIX4.1") {
- moduleName = "libfort_shr.a";
-} else if (plat == "SunOS4.1.3_U1") {
- moduleName = "libfort.so.1.0";
-} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
- moduleName = "libfort.so";
-} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
- moduleName = "libfort.sl";
-} else if (plat == "IRIX6.2"){
- // The module only works on 6.3, but Communicator returns 6.2 even when
- // running 6.3. So in order to prevent the user from thinking
- // the module actually works on 6.2, we will force the name to
- // say 6.3 instead of 6.2. In the even the user tries to install
- // on 6.2, the user will see 6.3 instead. If they don't get it that
- // it's not going to work at this point in time, then the entire install
- // process wil just fail miserably, and that is OK.
- plat = "IRIX6.3";
- moduleName = "libfort.so";
-} else {
- window.alert("Sorry, platform "+plat+" is not supported.");
- bAbort = true;
-}
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Installation Begins...
-if (!bAbort) {
-if (confirm("This script will install a security module. \nIt may over-write older files having the same name. \nDo you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- ////////////////////////////////////////
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical)
- vi,
- netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
-
- bAbort = (err!=0);
-
- if (err == 0) {
- ////////////////////////////////////////
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- ////////////////////////////////////////
- // Step 4. Install the files. Unpack them and list where they go
-
- err = su.AddSubcomponent("FortezzaLibrary_"+plat, //component name (logical)
- vi, // version info
- moduleName, // source file in JAR (physical)
- Folder, // target folder (physical)
- dir + moduleName, // target path & filename (physical)
- true); // forces update
- if (err != 0) {
- if (err == -200) {
- errmsg = "Bad Package Name.";
- } else if (err == -201) {
- errmsg = "Unexpected error.";
- } else if (err == -203) {
- errmsg = "Installation script was signed by more than one certificate.";
- } else if (err == -204) {
- errmsg = "Installation script was not signed."
- } else if (err == -205) {
- errmsg = "The file to be installed is not signed."
- } else if (err == -206) {
- errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script.";
- } else if (err == -207) {
- errmsg = "JAR archive has not been opened."
- } else if (err == -208) {
- errmsg = "Bad arguments to AddSubcomponent( )."
- } else if (err == -209) {
- errmsg = "Illegal relative path( )."
- } else if (err == -210) {
- errmsg = "User cancelled installation."
- } else if (err == -211) {
- errmsg = "A problem occurred with the StartInstall( )."
- } else {
- errmsg = "Unknown error";
- }
- window.alert("Error adding sub-component: "+"("+err+")"+errmsg);
- //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
- bAbort = true;
- }
- }
-
- ////////////////////////////////////////
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
-
- if (err != 0) {
-
- if (err == -900) {
- errmsg = "Restart the computer, and install again.";
- } else if (err == -201) {
- errmsg = "Unexpected error.";
- } else if (err == -202) {
- errmsg = "Access denied. Make sure you have the permissions to write to the disk.";
- } else if (err == -203) {
- errmsg = "Installation script was signed by more than one certificate.";
- } else if (err == -204) {
- errmsg = "Installation script was not signed."
- } else if (err == -205) {
- errmsg = "The file to be installed is not signed."
- } else if (err == -206) {
- errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script."
- } else if (err == -207) {
- errmsg = "JAR archive has not been opened."
- } else if (err == -208) {
- errmsg = "Bad arguments to AddSubcomponent( )."
- } else if (err == -209) {
- errmsg = "Illegal relative path( )."
- } else if (err == -210) {
- errmsg = "User cancelled installation."
- } else if (err == -211) {
- errmsg = "A problem occurred with the StartInstall( )."
- } else {
- errmsg = "\nIf you have FORTEZZA module already installed, try deleting it first.";
- }
- window.alert("Error Finalizing Install: "+"("+err+")"+errmsg);
- //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
-
- } else {
-
- // Platform specific full path
- if (plat=="Win16") {
- fullpath = Folder + "pkcs11" + sep + moduleName;
- } else {
- fullpath = Folder + "pkcs11" + sep + vendor + sep + plat + sep + moduleName;
- }
-
- ////////////////////////////////////////
- // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
- moduleCommonName = "Netscape FORTEZZA Module " + plat;
- result = pkcs11.addmodule(moduleCommonName,
- fullpath,
- pkcs11MechanismFlags,
- pkcs11CipherFlags);
- if (result == -10) {
- window.alert("New module was copied to destination, \nbut setup failed because a module "
- +"with the same name has been installed. \nTry deleting the module "
- + moduleCommonName +" first.")
- } else if (result < 0) {
- window.alert("New module was copied to destination, but setup failed. Error code: " + result);
- }
- }
- }
-}
-}
diff --git a/security/nss/lib/fortcrypt/inst_PPC.js b/security/nss/lib/fortcrypt/inst_PPC.js
deleted file mode 100644
index 490910fff..000000000
--- a/security/nss/lib/fortcrypt/inst_PPC.js
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-
-if (confirm("This script will install and configure a security module, do you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
- // nsfortezza is the component folder (logical)
- bAbort = bAbort || (err !=0);
-
- if (err == 0) {
-
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- // Step 4. Install the files. Unpack them and list where they go
- err = su.AddSubcomponent("FortezzaCardDLL", //component name (logical)
- vi, // version info
- "FortPK11Lib", // source file in JAR (physical)
- Folder, // target folder (physical)
- "FortPK11Lib", // target path & filename (physical)
- this.force); // forces update
- bAbort = bAbort || (err !=0);
- }
-
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- window.alert("Installation Aborted");
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
- window.alert("Files have been installed.\nContinue to setup the newly isntalled module...");
- // Add Module
- compFolder = su.GetComponentFolder("NSfortezza/FortezzaCardDLL") + "/FortPK11Lib";
- result = pkcs11.addmodule("Netscape FORTEZZA Module", compFolder, pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- } else {
- window.alert("New module setup completed.");
- }
- }
-}
diff --git a/security/nss/lib/fortcrypt/install.js b/security/nss/lib/fortcrypt/install.js
deleted file mode 100644
index e823e213b..000000000
--- a/security/nss/lib/fortcrypt/install.js
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-
-if (confirm("This script will install and configure a security module, do you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
- // nsfortezza is the component folder (logical)
- bAbort = bAbort || (err !=0);
-
- if (err == 0) {
-
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- // Step 4. Install the files. Unpack them and list where they go
- err = su.AddSubcomponent("FortezzaCardDLL", //component name (logical)
- vi, // version info
- "DUMMY_DLL", // source file in JAR (physical)
- Folder, // target folder (physical)
- "DUMMY_DLL", // target path & filename (physical)
- this.force); // forces update
- bAbort = bAbort || (err !=0);
- }
-
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- window.alert("Installation Aborted");
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
- window.alert("Files have been installed.\nContinue to setup the newly isntalled module...");
- // Add Module
- compFolder = su.GetComponentFolder("NSfortezza/FortezzaCardDLL") + "/DUMMY_DLL";
- result = pkcs11.addmodule("Netscape FORTEZZA Module", compFolder, pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- } else {
- window.alert("New module setup completed.");
- }
- }
-}
diff --git a/security/nss/lib/fortcrypt/maci.c b/security/nss/lib/fortcrypt/maci.c
deleted file mode 100644
index a0120b771..000000000
--- a/security/nss/lib/fortcrypt/maci.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "seccomon.h"
-
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE extern _declspec( dllexport ) int _cdecl
-#endif /* Windows */
-#include "maci.h"
-
-
-RETURN_TYPE
-MACI_ChangePIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_CheckPIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Close PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Decrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_DeleteCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_DeleteKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Encrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_ExtractX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_FirmwareUpdate PROTO_LIST( (
- HSESSION hSession,
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateMEK PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex,
- int Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateRa PROTO_LIST( (
- HSESSION hSession,
- CI_RA CI_FAR pRa ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateRandom PROTO_LIST( (
- HSESSION hSession,
- CI_RANDOM CI_FAR pRandom ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateTEK PROTO_LIST( (
- HSESSION hSession,
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetConfiguration PROTO_LIST( (
- HSESSION hSession,
- CI_CONFIG_PTR pConfiguration ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetHash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetPersonalityList PROTO_LIST( (
- HSESSION hSession,
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetSessionID PROTO_LIST( (
- HSESSION *hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetState PROTO_LIST( (
- HSESSION hSession,
- CI_STATE_PTR pState ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetStatus PROTO_LIST( (
- HSESSION hSession,
- CI_STATUS_PTR pStatus ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Hash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_InitializeHash PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_InstallX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadDSAParameters PROTO_LIST( (
- HSESSION hSession,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadInitValues PROTO_LIST( (
- HSESSION hSession,
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Lock PROTO_LIST( (
- HSESSION hSession,
- int Flags ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Open PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_RelayX PROTO_LIST( (
- HSESSION hSession,
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Reset PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Restore PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Save PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Select PROTO_LIST( (
- HSESSION hSession,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetConfiguration PROTO_LIST( (
- HSESSION hSession,
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetMode PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- int CryptoMode ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetPersonality PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Sign PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Terminate PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_TimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Unlock PROTO_LIST( (
- HSESSION hSession) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_UnwrapKey PROTO_LIST( (
- HSESSION hSession,
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_VerifySignature PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_VerifyTimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_WrapKey PROTO_LIST( (
- HSESSION hSession,
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Zeroize PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_ChangePIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_CheckPIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Close PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Decrypt PROTO_LIST( (
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_DeleteCertificate PROTO_LIST( (
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_DeleteKey PROTO_LIST( (
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Encrypt PROTO_LIST( (
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_ExtractX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_FirmwareUpdate PROTO_LIST( (
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateMEK PROTO_LIST( (
- int RegisterIndex,
- int Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateRa PROTO_LIST( (
- CI_RA CI_FAR pRa ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateRandom PROTO_LIST( (
- CI_RANDOM CI_FAR pRandom ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateTEK PROTO_LIST( (
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetConfiguration PROTO_LIST( (
- CI_CONFIG_PTR pConfiguration ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetHash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetPersonalityList PROTO_LIST( (
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) ) {
- return CI_ERROR;
-}
-
-
-RETURN_TYPE
-CI_GetState PROTO_LIST( (
- CI_STATE_PTR pState ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetStatus PROTO_LIST( (
- CI_STATUS_PTR pStatus ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Hash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_InitializeHash PROTO_LIST( () ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_InstallX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadDSAParameters PROTO_LIST( (
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadInitValues PROTO_LIST( (
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Lock PROTO_LIST( (
- int Flags ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Open PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_RelayX PROTO_LIST( (
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Reset PROTO_LIST( ( ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Restore PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Save PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Select PROTO_LIST( (
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetConfiguration PROTO_LIST( (
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetKey PROTO_LIST( (
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetMode PROTO_LIST( (
- int CryptoType,
- int CryptoMode ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetPersonality PROTO_LIST( (
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Sign PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Terminate PROTO_LIST( ( ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_TimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Unlock PROTO_LIST( () ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_UnwrapKey PROTO_LIST( (
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_VerifySignature PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_VerifyTimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_WrapKey PROTO_LIST( (
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
diff --git a/security/nss/lib/fortcrypt/maci.h b/security/nss/lib/fortcrypt/maci.h
deleted file mode 100644
index cab61ace8..000000000
--- a/security/nss/lib/fortcrypt/maci.h
+++ /dev/null
@@ -1,776 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* @(#)maci.h 1.27\t05 Jan 1996 */
-/*****************************************************************************
- Definitive Fortezza header file.
- Application Level Interface to Fortezza MACI Library.
-
- Version for CI Library 1.52
- January 5, 1996
-
-
- NOTICE: Fortezza Export Policy
-
- The Fortezza Cryptologic Interface (CI) Library (both source and
- object) and Fortezza CI Library based applications are defense
- articles, as defined in the International Traffic In Arms
- Regulations (ITAR), and are subject to export controls under the
- ITAR and the Arms Export Control Act. Any export to any country
- of (a) the Fortezza CI Library, related documentation, and
- technical data, or (b) your cryptographic application, process,
- or service that is the direct product of, or contains the
- Fortezza CI Library must comply with the requirements of the ITAR.
- If you or your customer intends to engage in such export, contact
- the United States Department of State, Office of Defense Trade
- Controls for specific guidance.
-
-
- ****************************************************************************/
-#ifndef __MACI_H
-#define __MACI_H
-
-#if __cplusplus__ || __cplusplus
-extern "C"
-{
-#endif /* C++ */
-
-
-#ifndef __CRYPTINT_H
-
-#ifndef PROTO_LIST
-#ifdef _K_AND_R_
-#define PROTO_LIST(list) ()
-#else
-#define PROTO_LIST(list) list
-#endif /*_K_AND_R_ */
-#endif /* PROTO_LIST */
-
-
-#ifndef RETURN_TYPE
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE extern __declspec( dllimport ) int _cdecl
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define RETURN_TYPE extern int _far _pascal
-#else
-#define RETURN_TYPE extern int
-#endif /* Windows */
-#endif /* RETURN_TYPE */
-
-/* MS Visual C++ defines _MSDOS and _WINDOWS */
-/* Borland C/C++ defines __MSDOS__ and _Windows */
-#if (defined( _WINDOWS ) || defined( _Windows )) && \
- !(defined( _WIN32 ) || defined( __WIN32__ ))
-#define CI_FAR _far
-#else
-#define CI_FAR
-#endif /* MS DOS or Windows */
-
-
-/*****************************************************************************
- Constants
- ****************************************************************************/
-#define CI_LIB_VERSION_VAL 0x0152 /* Version 1.52 */
-
-#define CI_CERT_SIZE 2048
-#define CI_CERT_FLAGS_SIZE 16
-#define CI_CERT_NAME_SIZE 32
-#define CI_CHALLENGE_SIZE 20
-
-#define CI_G_SIZE 128
-
-#define CI_HASHVALUE_SIZE 20
-
-#define CI_IV_SIZE 24
-
-#define CI_KEY_SIZE 12
-#define CI_KS_SIZE 10
-
-#define CI_NAME_SIZE 32
-
-#define CI_PASSWORD_SIZE 24
-#define CI_PIN_SIZE 12
-#define CI_P_SIZE 128
-
-#define CI_Q_SIZE 20
-
-#define CI_R_SIZE 40
-#define CI_RANDOM_NO_SIZE 20
-#define CI_RANDOM_SEED_SIZE 8
-#define CI_RA_SIZE 128
-#define CI_RB_SIZE 128
-#define CI_REG_FLAGS_SIZE 4
-
-#define CI_S_SIZE 40
-#define CI_SAVE_DATA_SIZE 28
-#define CI_SERIAL_NUMBER_SIZE 8
-#define CI_SIGNATURE_SIZE 40
-#define CI_STATUS_FLAGS_SIZE 4
-
-#define CI_TIME_SIZE 16
-#define CI_TIMESTAMP_SIZE 16
-
-#define CI_WRAPPED_X_SIZE 24
-
-#define CI_Y_SIZE 128
-
-#define CI_X_SIZE 20
-
-
-/* Miscellaneous */
-#define CI_NULL_FLAG 0
-#define CI_POWER_DOWN_FLAG 2
-#define CI_NO_LOG_OFF_FLAG 4
-#define CI_INITIATOR_FLAG 0
-#define CI_RECIPIENT_FLAG 1
-
-#define CI_BLOCK_LOCK_FLAG 1
-#define CI_SSO_LOGGED_ON 0x40
-#define CI_USER_LOGGED_ON 0x00
-#define CI_FAST_MODE 0x10
-#define CI_SLOW_MODE 0x00
-#define CI_WORST_CASE_MODE 0x40
-#define CI_TYPICAL_CASE_MODE 0x00
-
-/* Card Public Key Algorithms Types */
-#define CI_DSA_TYPE 0xA
-#define CI_KEA_TYPE 0x5
-#define CI_DSA_KEA_TYPE 0xF
-
-/* Fortezza Pin Types */
-#define CI_SSO_PIN 0x25
-#define CI_USER_PIN 0x2A
-
-/* Crypto Types */
-#define CI_ENCRYPT_TYPE 0
-#define CI_DECRYPT_TYPE 1
-#define CI_HASH_TYPE 2
-
-/* Save and Restore Types */
-#define CI_ENCRYPT_INT_TYPE 0x00 /* Internal Encryption */
-#define CI_ENCRYPT_EXT_TYPE 0x10 /* External Encryption */
-#define CI_DECRYPT_INT_TYPE 0x01 /* Internal Decryption */
-#define CI_DECRYPT_EXT_TYPE 0x11 /* External Decryption */
-#define CI_HASH_INT_TYPE 0x02 /* Internal Hash */
-#define CI_HASH_EXT_TYPE 0x12 /* External Hash */
-#define CI_TYPE_EXT_FLAG 0x10 /* Used to differentiate */
-
-/* Configuration types */
-#define CI_SET_SPEED_TYPE 1
-#define CI_SET_TIMING_TYPE 2
-
-/* Lock States */
-#define CI_SOCKET_UNLOCKED 0
-#define CI_HOLD_LOCK 1
-#define CI_SOCKET_LOCKED 2
-
-/* Fortezza Crypto Types Modes */
-#define CI_ECB64_MODE 0
-#define CI_CBC64_MODE 1
-#define CI_OFB64_MODE 2
-#define CI_CFB64_MODE 3
-#define CI_CFB32_MODE 4
-#define CI_CFB16_MODE 5
-#define CI_CFB8_MODE 6
-
-/* Card States */
-#define CI_POWER_UP 0
-#define CI_UNINITIALIZED 1
-#define CI_INITIALIZED 2
-#define CI_SSO_INITIALIZED 3
-#define CI_LAW_INITIALIZED 4
-#define CI_USER_INITIALIZED 5
-#define CI_STANDBY 6
-#define CI_READY 7
-#define CI_ZEROIZE 8
-#define CI_INTERNAL_FAILURE (-1)
-
-/* Flags for Firmware Update. */
-#if !defined( _K_AND_R_ )
-
-#define CI_NOT_LAST_BLOCK_FLAG 0x00000000UL
-#define CI_LAST_BLOCK_FLAG 0x80000000UL
-#define CI_DESTRUCTIVE_FLAG 0x000000FFUL
-#define CI_NONDESTRUCTIVE_FLAG 0x0000FF00UL
-
-#else
-
-#define CI_NOT_LAST_BLOCK_FLAG 0x00000000L
-#define CI_LAST_BLOCK_FLAG 0x80000000L
-#define CI_DESTRUCTIVE_FLAG 0x000000FFL
-#define CI_NONDESTRUCTIVE_FLAG 0x0000FF00L
-
-#endif /* _K_AND_R_ */
-
-/****************************************************************************
- Fortezza Library Return Codes
- ***************************************************************************/
-
-/* Card Responses */
-#define CI_OK 0
-#define CI_FAIL 1
-#define CI_CHECKWORD_FAIL 2
-#define CI_INV_TYPE 3
-#define CI_INV_MODE 4
-#define CI_INV_KEY_INDEX 5
-#define CI_INV_CERT_INDEX 6
-#define CI_INV_SIZE 7
-#define CI_INV_HEADER 8
-#define CI_INV_STATE 9
-#define CI_EXEC_FAIL 10
-#define CI_NO_KEY 11
-#define CI_NO_IV 12
-#define CI_NO_X 13
-
-#define CI_NO_SAVE 15
-#define CI_REG_IN_USE 16
-#define CI_INV_COMMAND 17
-#define CI_INV_POINTER 18
-#define CI_BAD_CLOCK 19
-#define CI_NO_DSA_PARMS 20
-
-/* Library Errors */
-#define CI_ERROR (-1)
-#define CI_LIB_NOT_INIT (-2)
-#define CI_CARD_NOT_READY (-3)
-#define CI_CARD_IN_USE (-4)
-#define CI_TIME_OUT (-5)
-#define CI_OUT_OF_MEMORY (-6)
-#define CI_NULL_PTR (-7)
-#define CI_BAD_SIZE (-8)
-#define CI_NO_DECRYPT (-9)
-#define CI_NO_ENCRYPT (-10)
-#define CI_NO_EXECUTE (-11)
-#define CI_BAD_PARAMETER (-12)
-#define CI_OUT_OF_RESOURCES (-13)
-
-#define CI_NO_CARD (-20)
-#define CI_NO_DRIVER (-21)
-#define CI_NO_CRDSRV (-22)
-#define CI_NO_SCTSRV (-23)
-
-#define CI_BAD_CARD (-30)
-#define CI_BAD_IOCTL (-31)
-#define CI_BAD_READ (-32)
-#define CI_BAD_SEEK (-33)
-#define CI_BAD_WRITE (-34)
-#define CI_BAD_FLUSH (-35)
-#define CI_BAD_IOSEEK (-36)
-#define CI_BAD_ADDR (-37)
-
-#define CI_INV_SOCKET_INDEX (-40)
-#define CI_SOCKET_IN_USE (-41)
-#define CI_NO_SOCKET (-42)
-#define CI_SOCKET_NOT_OPENED (-43)
-#define CI_BAD_TUPLES (-44)
-#define CI_NOT_A_CRYPTO_CARD (-45)
-
-#define CI_INVALID_FUNCTION (-50)
-#define CI_LIB_ALRDY_INIT (-51)
-#define CI_SRVR_ERROR (-52)
-#define MACI_SESSION_EXCEEDED (-53)
-
-
-/*****************************************************************************
- Data Structures
- ****************************************************************************/
-
-
-typedef unsigned char CI_CERTIFICATE[CI_CERT_SIZE];
-
-typedef unsigned char CI_CERT_FLAGS[CI_CERT_FLAGS_SIZE];
-
-typedef unsigned char CI_CERT_STR[CI_CERT_NAME_SIZE+4];
-
-typedef unsigned char CI_FAR *CI_DATA;
-
-typedef unsigned char CI_G[CI_G_SIZE];
-
-typedef unsigned char CI_HASHVALUE[CI_HASHVALUE_SIZE];
-
-typedef unsigned char CI_IV[CI_IV_SIZE];
-
-typedef unsigned char CI_KEY[CI_KEY_SIZE];
-
-typedef unsigned char CI_KS[CI_KS_SIZE];
-
-typedef unsigned char CI_P[CI_P_SIZE];
-
-typedef unsigned char CI_PASSWORD[CI_PASSWORD_SIZE + 4];
-
-typedef unsigned char CI_PIN[CI_PIN_SIZE + 4];
-
-typedef unsigned char CI_Q[CI_Q_SIZE];
-
-typedef unsigned char CI_RA[CI_RA_SIZE];
-
-typedef unsigned char CI_RB[CI_RB_SIZE];
-
-typedef unsigned char CI_RANDOM[CI_RANDOM_NO_SIZE];
-
-typedef unsigned char CI_RANDSEED[CI_RANDOM_SEED_SIZE];
-
-typedef unsigned char CI_REG_FLAGS[CI_REG_FLAGS_SIZE];
-
-typedef unsigned char CI_SIGNATURE[CI_SIGNATURE_SIZE];
-
-typedef unsigned char CI_SAVE_DATA[CI_SAVE_DATA_SIZE];
-
-typedef unsigned char CI_SERIAL_NUMBER[CI_SERIAL_NUMBER_SIZE];
-
-typedef unsigned int CI_STATE, CI_FAR *CI_STATE_PTR;
-
-typedef unsigned char CI_TIME[CI_TIME_SIZE];
-
-typedef unsigned char CI_TIMESTAMP[CI_TIMESTAMP_SIZE];
-
-typedef unsigned char CI_WRAPPED_X[CI_WRAPPED_X_SIZE];
-
-typedef unsigned char CI_Y[CI_Y_SIZE];
-
-typedef unsigned char CI_X[CI_X_SIZE];
-
-typedef struct {
- int LibraryVersion; /* CI Library version */
- int ManufacturerVersion; /* Card's hardware version */
- char ManufacturerName[CI_NAME_SIZE+4]; /* Card manufacturer's name*/
- char ProductName[CI_NAME_SIZE+4]; /* Card's product name */
- char ProcessorType[CI_NAME_SIZE+4]; /* Card's processor type */
- unsigned long UserRAMSize; /* Amount of User RAM in bytes */
- unsigned long LargestBlockSize; /* Largest block of data to pass in */
- int KeyRegisterCount; /* Number of key registers */
- int CertificateCount; /* Maximum number of personalities (# certs-1) */
- int CryptoCardFlag; /* A flag that if non-zero indicates that there is
- a Crypto-Card in the socket. If this value is
- zero then there is NOT a Crypto-Card in the
- sockets. */
- int ICDVersion; /* The ICD compliance level */
- int ManufacturerSWVer; /* The Manufacturer's Software Version */
- int DriverVersion; /* Driver Version */
-} CI_CONFIG, CI_FAR *CI_CONFIG_PTR;
-
-typedef struct {
- int CertificateIndex; /* Index from 1 to CertificateCount */
- CI_CERT_STR CertLabel; /* The certificate label */
-} CI_PERSON, CI_FAR *CI_PERSON_PTR;
-
-typedef struct {
- int CurrentSocket; /* The currently selected socket */
- int LockState; /* Lock status of the current socket */
- CI_SERIAL_NUMBER SerialNumber; /* Serial number of the Crypto Engine chip */
- CI_STATE CurrentState; /* State of The Card */
- int DecryptionMode; /* Decryption mode of The Card */
- int EncryptionMode; /* Encryption mode of The Card */
- int CurrentPersonality; /* Index of the current personality */
- int KeyRegisterCount; /* No. of Key Register on The Card */
- CI_REG_FLAGS KeyRegisterFlags; /* Bit Masks indicating Key Register use */
- int CertificateCount; /* No. of Certificates on The Card */
- CI_CERT_FLAGS CertificateFlags; /* Bit Mask indicating certificate use */
- unsigned char Flags[CI_STATUS_FLAGS_SIZE];
- /* Flag[0] : bit 6 for Condition mode */
- /* bit 4 for Clock mode */
-} CI_STATUS, CI_FAR *CI_STATUS_PTR;
-
-#endif
-
-/* Session constants */
-#ifndef HSESSION_DEFINE
-typedef unsigned int HSESSION;
-#define HSESSION_DEFINE
-#endif
-#define MAXSESSION 100
-
-/*****************************************************************************
- Function Call Prototypes
- ****************************************************************************/
-
-RETURN_TYPE
-MACI_ChangePIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) );
-
-RETURN_TYPE
-MACI_CheckPIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pPIN ) );
-
-RETURN_TYPE
-MACI_Close PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-MACI_Decrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) );
-
-RETURN_TYPE
-MACI_DeleteCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) );
-
-RETURN_TYPE
-MACI_DeleteKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) );
-
-RETURN_TYPE
-MACI_Encrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) );
-
-RETURN_TYPE
-MACI_ExtractX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-MACI_FirmwareUpdate PROTO_LIST( (
- HSESSION hSession,
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-MACI_GenerateIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-MACI_GenerateMEK PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex,
- int Reserved ) );
-
-RETURN_TYPE
-MACI_GenerateRa PROTO_LIST( (
- HSESSION hSession,
- CI_RA CI_FAR pRa ) );
-
-RETURN_TYPE
-MACI_GenerateRandom PROTO_LIST( (
- HSESSION hSession,
- CI_RANDOM CI_FAR pRandom ) );
-
-RETURN_TYPE
-MACI_GenerateTEK PROTO_LIST( (
- HSESSION hSession,
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-MACI_GenerateX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-MACI_GetCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) );
-
-RETURN_TYPE
-MACI_GetConfiguration PROTO_LIST( (
- HSESSION hSession,
- CI_CONFIG_PTR pConfiguration ) );
-
-RETURN_TYPE
-MACI_GetHash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) );
-
-RETURN_TYPE
-MACI_GetPersonalityList PROTO_LIST( (
- HSESSION hSession,
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) );
-
-RETURN_TYPE
-MACI_GetSessionID PROTO_LIST( (
- HSESSION *hSession ) );
-
-RETURN_TYPE
-MACI_GetState PROTO_LIST( (
- HSESSION hSession,
- CI_STATE_PTR pState ) );
-
-RETURN_TYPE
-MACI_GetStatus PROTO_LIST( (
- HSESSION hSession,
- CI_STATUS_PTR pStatus ) );
-
-RETURN_TYPE
-MACI_GetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-MACI_Hash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-MACI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) );
-
-RETURN_TYPE
-MACI_InitializeHash PROTO_LIST( (
- HSESSION hSession ) );
-
-RETURN_TYPE
-MACI_InstallX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-MACI_LoadCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) );
-
-RETURN_TYPE
-MACI_LoadDSAParameters PROTO_LIST( (
- HSESSION hSession,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-MACI_LoadInitValues PROTO_LIST( (
- HSESSION hSession,
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) );
-
-RETURN_TYPE
-MACI_LoadIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-MACI_LoadX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-MACI_Lock PROTO_LIST( (
- HSESSION hSession,
- int Flags ) );
-
-RETURN_TYPE
-MACI_Open PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-MACI_RelayX PROTO_LIST( (
- HSESSION hSession,
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) );
-
-RETURN_TYPE
-MACI_Reset PROTO_LIST( (
- HSESSION hSession ) );
-
-RETURN_TYPE
-MACI_Restore PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-MACI_Save PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-MACI_Select PROTO_LIST( (
- HSESSION hSession,
- int SocketIndex ) );
-
-RETURN_TYPE
-MACI_SetConfiguration PROTO_LIST( (
- HSESSION hSession,
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-MACI_SetKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) );
-
-RETURN_TYPE
-MACI_SetMode PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- int CryptoMode ) );
-
-RETURN_TYPE
-MACI_SetPersonality PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) );
-
-RETURN_TYPE
-MACI_SetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-MACI_Sign PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-MACI_Terminate PROTO_LIST( (
- HSESSION hSession ) );
-
-RETURN_TYPE
-MACI_TimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-MACI_Unlock PROTO_LIST( (
- HSESSION hSession) );
-
-RETURN_TYPE
-MACI_UnwrapKey PROTO_LIST( (
- HSESSION hSession,
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-MACI_VerifySignature PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-MACI_VerifyTimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-MACI_WrapKey PROTO_LIST( (
- HSESSION hSession,
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-MACI_Zeroize PROTO_LIST( (
- HSESSION hSession ) );
-
-#if __cplusplus__ || __cplusplus
-}
-#endif /* C++ */
-
-#endif /* CRYPTINT_H */
-
diff --git a/security/nss/lib/fortcrypt/macinst.htm b/security/nss/lib/fortcrypt/macinst.htm
deleted file mode 100644
index cf3988157..000000000
--- a/security/nss/lib/fortcrypt/macinst.htm
+++ /dev/null
@@ -1,148 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<TITLE>MAC Installer</TITLE>
-
-<SCRIPT>
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-var new_window;
-var has_new_window = 0;
-
-function colonize(string) {
- len = string.length;
- end = len -1;
-
- if (len == 0) return string;
-
-
- for (i=0; i < len; i++) {
- if (string.charAt(i) == "/") {
- if (i == 0) {
- new_string = ":" + string.substring(1,len);
- } else if (i == end) {
- new_string = string.substring(0,i)+':';
- } else {
- new_string = string.substring(0,i)+':'+
- string.substring(i+1,len);
- }
- string = new_string;
- }
- }
-
- if (string.charAt(0) == ":") string = string.substring(1,len);
- return string;
-}
-
-function DoInstall(module) {
- module = colonize(module);
- result = pkcs11.addmodule("Netscape FORTEZZA Module", module, pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- }
- if (has_new_window) new_window.close();
-}
-
-function DoUnpack(name) {
- new_window = open(name,"unpacking","toolbar=no,location=no,status=yes,scrollbar=no,width=50,height=50");
- has_new_window = 1;
-}
-
-filename=navigator.platform+".hqx"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>Mac Fortezza Installer</H2>");
-document.writeln("<I>You must first unpack the <b>"+filename+"</b> file.");
-document.writeln(" Do that by clicking on button below.</i><p>");
-document.writeln("<Input type=button value=Unpack name=unpack onclick=DoUnpack(\""+filename+"\"); ><p>");
-document.writeln("<I>Then move <b>FortPK11Lib</b> to an appropriate directory ");
-document.writeln(" enter that directory below, then click the Install button.</i><p>");
-document.writeln(" Module Name: <Input Type=FILE Name=module><p>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln( "document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/manifest.mn b/security/nss/lib/fortcrypt/manifest.mn
deleted file mode 100644
index 04057bcba..000000000
--- a/security/nss/lib/fortcrypt/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = nss
-LIBRARY_NAME = fort
-#LIBRARY_VERSION = 32
-
-DIRS = swfort
-
-CSRCS = forsock.c \
- fortpk11.c \
- fmutex.c \
- $(NULL)
-
-EXPORTS =
-PRIVATE_EXPORTS = maci.h cryptint.h
-
-REQUIRES = dbm
-
diff --git a/security/nss/lib/fortcrypt/replace.c b/security/nss/lib/fortcrypt/replace.c
deleted file mode 100644
index b4c5edd18..000000000
--- a/security/nss/lib/fortcrypt/replace.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-# include <stdio.h>
-# include <string.h>
-
-int main(int argc, char* argv[]) {
- FILE *templ;
- FILE *target;
- unsigned char buffer[81];
- unsigned char *find, *replace;
- int matchcount = 0;
- int ch;
- int len;
-
- buffer[0] = '\0';
-
- if (argc != 5) {
- fprintf(stderr, "usuage: replace template.js searchstring replacestring target.js \n");
- return 1;
- }
-
- templ = fopen(argv[1], "r");
- if (!templ) {
- fprintf(stderr, "Cannot open template script %s\n", argv[1]);
- return 2;
- }
-
- find = (unsigned char*) argv[2];
- replace = (unsigned char*) argv[3];
-
- target = fopen(argv[4], "w");
- if (!target) {
- fclose(templ);
- fprintf(stderr, "Cannot write to target script %s\n", argv[4]);
- return 3;
- }
-
- for (len = 0; find[len]!='\0'; len++);
-
- if (len > 80) {
- fprintf(stderr, "length of searchstring exceeds 80 chars");
- return 4;
- }
-
- /* get a char from templ */
- while ((int)(ch=fgetc(templ)) != EOF) {
- if ((unsigned char)ch == find[matchcount]) {
- /* if it matches find[matchcount],
- * then store one more char in buffer,
- * increase match count, and checks if
- * the whole word has been found */
- buffer[matchcount] = (unsigned char) ch;
- buffer[++matchcount] = '\0';
-
- if (matchcount == len) {
- matchcount = 0;
- fprintf(target, "%s", replace);
- }
- } else {
- /* reset matchcount, flush buffer */
- if (matchcount > 0) {
- fprintf(target, "%s", buffer);
- matchcount = 0;
- }
- fputc(ch, target);
- }
- }
- fclose(templ);
- fclose(target);
- return 0;
-}
diff --git a/security/nss/lib/fortcrypt/secmodjar.html b/security/nss/lib/fortcrypt/secmodjar.html
deleted file mode 100644
index f093a5965..000000000
--- a/security/nss/lib/fortcrypt/secmodjar.html
+++ /dev/null
@@ -1,441 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<HEAD>
- <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
- <META NAME="Author" CONTENT="Hoi-Sheung Wilson So">
- <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (WinNT; I) [Netscape]">
- <TITLE>How to Package Your Security Module for use with SmartUpdate</TITLE>
-</HEAD>
-<BODY>
-<FONT SIZE=+2>Using
-JAR Installation Manager Technology to Install Your PKCS11 Security Module</FONT>
-
-<P>Table of contents
-<BR><A HREF="#intro">I. Introduction</A>
-<BR><A HREF="#procedure">II. How to Create a Security Module JAR</A>
-<BR><A HREF="#samplescript">III. Sample Installer Script</A>
-<BR><A HREF="#reference">IV. Programmers' Reference</A>
-<BR><A HREF="#copyright">VI. Copyright Notice</A>
-<BR><A NAME="intro"></A><FONT SIZE=+1>I. Introduction</FONT>
-<BR>This docuemnt describes how to prepare your security module so that
-users can download it from the Internet, verify its integrity, and install
-by only pointing and clicking mouses.&nbsp; The packaged module is a signed
-JAR archive. This JAR archive contains a dynamically-linked library which
-implements the Security Module and a pice of installer script (.js) that
-registers and configures the newly installed module.&nbsp; SmartUpdate
-allows users to download JAR archinve that has been signed digitally by
-the software vendor.&nbsp; SmartUpdate then decompresses the JAR file,
-verify the signature and validity of the files packaged into the archive.&nbsp;
-If the signature is valid, SmartUpdate will run the installer script found
-in the archive.&nbsp; The installer script will instruct SmartUpdate to
-move the downloaded security module library to a specified location.&nbsp;
-Next, the script will register the module with Navigator, and configure
-it.
-
-<P>This document does not describe how SmartUpdate works.&nbsp; For more
-information about SmartUpdate, check out <A HREF="http://developer.netscape.com/library/documentation/communicator/jarman/index.htm">JAR
-Installation Manager</A>.
-
-<P><A NAME="procedure"></A><FONT SIZE=+1>II. How to Create a Security Module
-JAR</FONT>
-<OL>
-<LI>
-Obtain a copy of PKCS#11: Cryptographic Token Interface Standard Version
-2.00, published by <A HREF="http://www.rsa.com">RSA Laboratories</A>, Redwood
-City, California.</LI>
-
-<LI>
-Implement a PKCS#11 library according to PKCS#11 standards.</LI>
-
-<LI>
-Write a installer script that will register the module with Navigator.</LI>
-
-<LI>
-Use either JAR Packager or command line tool to package the library and
-the script in a signed JAR archive.</LI>
-
-<LI>
-Publish the JAR file on the web, and notify users to install/upgrade their
-library.</LI>
-</OL>
-<A NAME="samplescript"></A><FONT SIZE=+1>III. Sample Installer Script</FONT>
-
-<P>Functions of the following installer script:
-<BR>1. Start SmartUpdate and declares the version and the name of the module
-to be installed.
-<BR>2. Extract a library called DUMMY_DLL from the JAR archive and install
-it under the Netscape Program folder.
-<BR>3. Register the installed module by calling pkcs11.addmodule( ) method
-with information about the capabilities of the module.
-<BR>4. Check to see if pkcs11.addmodule( ) has been successful, and display
-appropriate messages.
-
-<P><TT>// Crypto Mechanism Flags</TT>
-<BR><TT>PKCS11_MECH_RSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;0;</TT>
-<BR><TT>PKCS11_MECH_DSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;1;</TT>
-<BR><TT>PKCS11_MECH_RC2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;2;</TT>
-<BR><TT>PKCS11_MECH_RC4_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;3;</TT>
-<BR><TT>PKCS11_MECH_DES_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;4;</TT>
-<BR><TT>PKCS11_MECH_DH_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;5; //Diffie-Hellman</TT>
-<BR><TT>PKCS11_MECH_SKIPJACK_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;
-0x1&lt;&lt;6; //SKIPJACK algorithm as in Fortezza cards</TT>
-<BR><TT>PKCS11_MECH_RC5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;7;</TT>
-<BR><TT>PKCS11_MECH_SHA1_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;8;</TT>
-<BR><TT>PKCS11_MECH_MD5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;9;</TT>
-<BR><TT>PKCS11_MECH_MD2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;10;</TT>
-<BR><TT>PKCS11_MECH_RANDOM_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;27; //Random number generator</TT>
-<BR><TT>PKCS11_PUB_READABLE_CERT_FLAG&nbsp; =&nbsp; 0x1&lt;&lt;28; //Stored
-certs can be read off the token w/o logging in</TT>
-<BR><TT>PKCS11_DISABLE_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;30; //tell Navigator to disable this slot by default</TT>
-
-<P><TT>// Important:</TT>
-<BR><TT>// 0x1&lt;&lt;11, 0x1&lt;&lt;12, ... , 0x1&lt;&lt;26, and 0x1&lt;&lt;31
-are reserved</TT>
-<BR><TT>// for internal use in Navigator.</TT>
-<BR><TT>// Therefore, these bits should always be set to 0; otherwise,</TT>
-<BR><TT>// Navigator might exhibit unpredictable behavior.</TT>
-
-<P><TT>// These flags indicate which mechanisms should be turned on by</TT>
-<BR><TT>pkcs11MechanismFlags = PKCS11_MECH_DSA_FLAG | PKCS11_MECH_SKIPJACK_FLAG
-| PKCS11_MECH_RANDOM_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-
-<P><TT>// Ciphers that support SSL or S/MIME</TT>
-<BR><TT>PKCS11_CIPHER_FORTEZZA_FLAG&nbsp;&nbsp;&nbsp; = 0x1&lt;&lt;0;</TT>
-
-<P><TT>// Important:</TT>
-<BR><TT>// 0x1&lt;&lt;11, 0x1&lt;&lt;12, ... , 0x1&lt;&lt;26, 0x1&lt;&lt;29,
-and 0x1&lt;&lt;31 are reserved</TT>
-<BR><TT>// for internal use in Navigator.</TT>
-<BR><TT>// Therefore, these bits should ALWAYS be set to 0; otherwise,</TT>
-<BR><TT>// Navigator might exhibit unpredictable behavior.</TT>
-
-<P><TT>// These flags indicate which SSL ciphers are supported</TT>
-<BR><TT>pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-
-<P><TT>// Return values of pkcs11.addmodule() &amp; pkcs11.delmodule()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 3 // Successfully added a module</TT>
-<BR><TT>JS_OK_DEL_EXTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 2 // Successfully deleted ext. module</TT>
-<BR><TT>JS_OK_DEL_INTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 1 // Successfully deleted int. module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_DEL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -4 // Error deleting a module</TT>
-<BR><TT>JS_ERR_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -5 // Error adding a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-<BR><TT>JS_ERR_BAD_DLL_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -7 // The DLL name is bad</TT>
-<BR><TT>JS_ERR_BAD_MECHANISM_FLAGS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -8 // The mechanism flags are invalid</TT>
-<BR><TT>JS_ERR_BAD_CIPHER_ENABLE_FLAGS&nbsp;&nbsp; = -9 // The SSL, S/MIME
-cipher flags are invalid</TT>
-<BR>&nbsp;
-
-<P><TT>if (confirm("This script will install and configure a security module,
-do you want to continue?")) {</TT>
-<BR><TT>&nbsp;// Step 1. Create a version object and a software update
-object</TT>
-<BR><TT>&nbsp;vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);</TT>
-<BR><TT>&nbsp;su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza
-Card PKCS#11 Module");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-// "Fortezza ... Module" is the logical name of the bundle</TT>
-
-<P><TT>&nbsp;// Step 2. Start the install process</TT>
-<BR><TT>&nbsp;bAbort = false;</TT>
-<BR><TT>&nbsp;err = su.StartInstall("litronic", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-// litronic is the component folder (logical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bAbort = bAbort || (err
-!=0);</TT>
-
-<P><TT>&nbsp;if (err == 0) {</TT>
-
-<P><TT>&nbsp;&nbsp;&nbsp; // Step 3. Find out the physical location of
-the Program dir</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; Folder = su.GetFolder("Program");</TT>
-
-<P><TT>&nbsp;&nbsp;&nbsp; // Step 4. Install the files. Unpack them and
-list where they go</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; err = su.AddSubcomponent("FortezzaCardDLL",
-//component name (logical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-vi, // version info</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-"DUMMY_DLL", // source file in JAR (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-Folder, // target folder (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-"DUMMY_DLL", // target path &amp; filename (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-this.force); // forces update</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; bAbort = bAbort || (err !=0);</TT>
-<BR><TT>&nbsp;}</TT>
-
-<P><TT>&nbsp;// Step 5. Unless there was a problem, move files to final
-location</TT>
-<BR><TT>&nbsp;// and update the Client Version Registry</TT>
-<BR><TT>&nbsp;if (bAbort) {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; window.alert("Installation Aborted");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; su.AbortInstall();</TT>
-<BR><TT>&nbsp;} else {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; err = su.FinalizeInstall();</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; window.alert("Files have been installed.\nContinue
-to setup the newly isntalled module...");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; // Add Module</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; compFolder = su.GetComponentFolder("litronic/FortezzaCardDLL")
-+ "/DUMMY_DLL";</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; result = pkcs11.addmodule("Fortezza", compFolder,
-pkcs11MechanismFlags, pkcs11CipherFlags);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if
-( result &lt; 0) {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-window.alert("New module setup failed.&nbsp; Error code: " + result);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }
-else {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-window.alert("New module setup completed.");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }</TT>
-<BR><TT>&nbsp;}</TT>
-<BR><TT>}</TT>
-
-<P><A NAME="reference"></A><FONT SIZE=+1>IV. Appendix A: Programmers' Refernce</FONT>
-<UL>
-<LI>
-<A HREF="#delmodule">pkcs11.addmodule( )</A></LI>
-
-<LI>
-<A HREF="#delmodule">pkcs11.delmodule( )</A></LI>
-</UL>
-
-<HR ALIGN=LEFT WIDTH="70%">
-<BR><A NAME="addmodule"></A>Name
-<BR><TT>addmodule</TT>
-<BR>Adds a PKCS#11 security module to the security module database, and
-notifies Communicator which cryptographic mechanisms should be turned on
-by default, and which SSL or S/MIME ciphers are supported.&nbsp; For security
-reasons, it will pop up a dialog box to ask the user to confirm this action.&nbsp;
-It might pop up other dialog boxes if necessary.
-
-<P>Method of
-<BR><TT>pkcs11</TT>
-
-<P>Syntax
-<BR><TT>int pkcs11.addmodule( string ModuleName,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-string LibraryFullPath,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-int CryptoMechanismFlags,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-int CipherFlags);</TT>
-<BR>&nbsp;
-<BR>Parameters
-<TABLE BORDER WIDTH="90%" >
-<TR>
-<TD><TT>ModuleName</TT></TD>
-
-<TD>Name of the module</TD>
-</TR>
-
-<TR>
-<TD><TT>LibraryFullPath</TT></TD>
-
-<TD>The filename of the library prepended with its full path</TD>
-</TR>
-
-<TR>
-<TD><TT>CryptoMechanismFlags</TT></TD>
-
-<TD>A bit vector indicating all cryptographic mechanisms should be turned
-on by default&nbsp; (See below)</TD>
-</TR>
-
-<TR>
-<TD><TT>CipherFlags</TT></TD>
-
-<TD>A bit vector indicating all SSL or S/MIME cipher functions supported
-by the module (Seel below)</TD>
-</TR>
-</TABLE>
-Cryptographic Mechanism Flags
-<BR><TT>PKCS11_MECH_RSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;0;</TT>
-<BR><TT>PKCS11_MECH_DSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;1;</TT>
-<BR><TT>PKCS11_MECH_RC2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;2;</TT>
-<BR><TT>PKCS11_MECH_RC4_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;3;</TT>
-<BR><TT>PKCS11_MECH_DES_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;4;</TT>
-<BR><TT>PKCS11_MECH_DH_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;5; //Diffie-Hellman</TT>
-<BR><TT>PKCS11_MECH_SKIPJACK_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;
-0x1&lt;&lt;6; //SKIPJACK algorithm as in Fortezza cards</TT>
-<BR><TT>PKCS11_MECH_RC5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;7;</TT>
-<BR><TT>PKCS11_MECH_SHA1_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;8;</TT>
-<BR><TT>PKCS11_MECH_MD5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;9;</TT>
-<BR><TT>PKCS11_MECH_MD2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;10;</TT>
-<BR><TT>PKCS11_MECH_RANDOM_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;27; //Random number generator</TT>
-<BR><TT>PKCS11_PUB_READABLE_CERT_FLAG&nbsp; =&nbsp; 0x1&lt;&lt;28; //Stored
-certs can be read off the token w/o logging in</TT>
-<BR><TT>PKCS11_DISABLE_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;30; //tell Navigator to disable this slot by default</TT>
-
-<P>Supported SSL or S/MIME Ciphers
-<BR><TT>PKCS11_CIPHER_FORTEZZA_FLAG&nbsp;&nbsp;&nbsp; = 0x1&lt;&lt;0;</TT>
-
-<P>Important for CryptoMechanismFlags:
-<BR><TT>0x1&lt;&lt;11</TT>, <TT>0x1&lt;&lt;12</TT>, ... , <TT>0x1&lt;&lt;26</TT>,
-<TT>0x1&lt;&lt;29, </TT>and <TT>0x1&lt;&lt;31</TT> are reserved for internal
-use in Navigator.
-<BR>Therefore, these bits should always be set to 0; otherwise, Navigator
-might exhibit unpredictable behavior.
-
-<P>Important for CipherFlags:
-<BR><TT>0x1&lt;&lt;1</TT>, <TT>0x1&lt;&lt;2</TT>, ... , <TT>0x1&lt;&lt;31</TT>
-are reserved for internal use in Navigator.
-<BR>Therefore, these bits should ALWAYS be set to 0; otherwise, Navigator
-might exhibit unpredictable behavior.
-
-<P>Example of CryptoMechanismFlags and CipherFlags:
-<BR><TT>pkcs11MechanismFlags = PKCS11_MECH_DSA_FLAG | PKCS11_MECH_SKIPJACK_FLAG
-| PKCS11_MECH_RANDOM_FLAG;</TT>
-<BR><TT>pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-<BR>Return Values:
-<BR><TT>// Return values of pkcs11.addmod()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 3 // Successfully added a module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -5 // Error adding a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-<BR><TT>JS_ERR_BAD_DLL_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -7 // The DLL name is bad</TT>
-<BR><TT>JS_ERR_BAD_MECHANISM_FLAGS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -8 // The mechanism flags are invalid</TT>
-<BR><TT>JS_ERR_BAD_CIPHER_ENABLE_FLAGS&nbsp;&nbsp; = -9 // The SSL, S/MIME
-cipher flags are invalid</TT>
-<BR>&nbsp;
-<HR ALIGN=LEFT WIDTH="70%">
-<BR><A NAME="delmodule"></A>Name
-<BR><TT>delmodule</TT>
-<BR>Deletes a PKCS#11 security module from the module database, but does
-not physically remove the file.&nbsp; For security reasons, it will pop
-up a dialog box to ask the user to confirm this action.&nbsp; It might
-pop up other dialog boxes if necessary.
-
-<P>Method of
-<BR><TT>pkcs11</TT>
-
-<P>Syntax
-<BR><TT>int pkcs11.delmodule( string ModuleName);</TT>
-<BR>&nbsp;
-<BR>Parameters
-<TABLE BORDER WIDTH="90%" >
-<TR>
-<TD><TT>ModuleName</TT></TD>
-
-<TD>Name of the module</TD>
-</TR>
-</TABLE>
-<TT>&nbsp;</TT>
-<BR>Return Values:
-<BR><TT>// Return values of pkcs11.addmod() &amp; pkcs11.delmod()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_DEL_EXTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 2 // Successfully deleted ext. module</TT>
-<BR><TT>JS_OK_DEL_INTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 1 // Successfully deleted int. module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_DEL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -4 // Error deleting a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-
-<P><A NAME="copyright"></A><FONT SIZE=+1>VI. Copyright Notice</FONT>
-<BR>&nbsp;
-
-<P><FONT SIZE=+4>XXX Don't know what to put here!!!</FONT>
-
-<P>Last modified 9/26/97
-</BODY>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/swfort/Makefile b/security/nss/lib/fortcrypt/swfort/Makefile
deleted file mode 100644
index 9c5e39de2..000000000
--- a/security/nss/lib/fortcrypt/swfort/Makefile
+++ /dev/null
@@ -1,83 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-$(OBJDIR)/nslib.c: nsmap.h swflib.c
- @$(MAKE_OBJDIR)
- rm -f $@
- cat $+ > $@
-
-export:: private_export
-
-
diff --git a/security/nss/lib/fortcrypt/swfort/config.mk b/security/nss/lib/fortcrypt/swfort/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/fortcrypt/swfort/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/fortcrypt/swfort/manifest.mn b/security/nss/lib/fortcrypt/swfort/manifest.mn
deleted file mode 100644
index 597d86c3c..000000000
--- a/security/nss/lib/fortcrypt/swfort/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-MODULE = nss
-LIBRARY_NAME = swfci
-#LIBRARY_VERSION = 12
-
-BUILT_CSRCS = nslib.c \
- $(NULL)
-
-CSRCS = swfalg.c \
- swfparse.c \
- swflib.c \
- swfutl.c \
- $(NULL)
-DIRS = pkcs11
-
-EXPORTS = swfort.h swfortt.h
-PRIVATE_EXPORTS = swforti.h swfortti.h
-
-REQUIRES = dbm nspr
diff --git a/security/nss/lib/fortcrypt/swfort/nsmap.h b/security/nss/lib/fortcrypt/swfort/nsmap.h
deleted file mode 100644
index b5e1c2cda..000000000
--- a/security/nss/lib/fortcrypt/swfort/nsmap.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define MACI_ChangePIN NSCI_ChangePIN
-#define MACI_CheckPIN NSCI_CheckPIN
-#define MACI_Close NSCI_Close
-#define MACI_Decrypt NSCI_Decrypt
-#define MACI_DeleteCertificate NSCI_DeleteCertificate
-#define MACI_DeleteKey NSCI_DeleteKey
-#define MACI_Encrypt NSCI_Encrypt
-#define MACI_ExtractX NSCI_ExtractX
-#define MACI_FirmwareUpdate NSCI_FirmwareUpdate
-#define MACI_GenerateIV NSCI_GenerateIV
-#define MACI_GenerateMEK NSCI_GenerateMEK
-#define MACI_GenerateRa NSCI_GenerateRa
-#define MACI_GenerateRandom NSCI_GenerateRandom
-#define MACI_GenerateTEK NSCI_GenerateTEK
-#define MACI_GenerateX NSCI_GenerateX
-#define MACI_GetCertificate NSCI_GetCertificate
-#define MACI_GetConfiguration NSCI_GetConfiguration
-#define MACI_GetHash NSCI_GetHash
-#define MACI_GetPersonalityList NSCI_GetPersonalityList
-#define MACI_GetSessionID NSCI_GetSessionID
-#define MACI_GetState NSCI_GetState
-#define MACI_GetStatus NSCI_GetStatus
-#define MACI_GetTime NSCI_GetTime
-#define MACI_Hash NSCI_Hash
-#define MACI_Initialize NSCI_Initialize
-#define MACI_InitializeHash NSCI_InitializeHash
-#define MACI_InstallX NSCI_InstallX
-#define MACI_LoadCertificate NSCI_LoadCertificate
-#define MACI_LoadDSAParameters NSCI_LoadDSAParameters
-#define MACI_LoadInitValues NSCI_LoadInitValues
-#define MACI_LoadIV NSCI_LoadIV
-#define MACI_LoadX NSCI_LoadX
-#define MACI_Lock NSCI_Lock
-#define MACI_Open NSCI_Open
-#define MACI_RelayX NSCI_RelayX
-#define MACI_Reset NSCI_Reset
-#define MACI_Restore NSCI_Restore
-#define MACI_Save NSCI_Save
-#define MACI_Select NSCI_Select
-#define MACI_SetConfiguration NSCI_SetConfiguration
-#define MACI_SetKey NSCI_SetKey
-#define MACI_SetMode NSCI_SetMode
-#define MACI_SetPersonality NSCI_SetPersonality
-#define MACI_SetTime NSCI_SetTime
-#define MACI_Sign NSCI_Sign
-#define MACI_Terminate NSCI_Terminate
-#define MACI_TimeStamp NSCI_TimeStamp
-#define MACI_Unlock NSCI_Unlock
-#define MACI_UnwrapKey NSCI_UnwrapKey
-#define MACI_VerifySignature NSCI_VerifySignature
-#define MACI_VerifyTimeStamp NSCI_VerityTimeStap
-#define MACI_WrapKey NSCI_WrapKey
-#define MACI_Zeroize NSCI_Zeroize
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore b/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore
deleted file mode 100644
index 6532d294d..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore
+++ /dev/null
@@ -1,15 +0,0 @@
-forsock.c
-cryptint.h
-fmutex.h
-fortsock.h
-fpkcs11.h
-fpkcs11f.h
-fpkcs11i.h
-fpkcs11t.h
-fpkmem.h
-fpkstrs.h
-genci.h
-maci.h
-fortpk11.c
-fmutex.c
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile b/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile
deleted file mode 100644
index 44e50063b..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile
+++ /dev/null
@@ -1,175 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-CRYPTO_LIB = $(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-#SWCILI = ../$(OBJDIR)/$(LIB_PREFIX)swfci.$(LIB_SUFFIX)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-ifdef MOZILLA_SECURITY_BUILD
-CRYPTO_LIB = $(DIST)/lib/crypto.lib
-endif
-ifdef MOZILLA_BSAFE_BUILD
-CRYPTO_LIB += $(DIST)/lib/bsafe$(BSAFEVER).lib
-CRYPTO_LIB += $(DIST)/lib/freebl.lib
-endif
-
-# Link with the real NSPR DLLs for MinGW because the NSPR stubs in
-# stub.c can't resolve the references to the _imp__PR_XXX symbols.
-# This is merely an expedient hack and not the right solution.
-ifdef NS_USE_GCC
-EXTRA_LIBS = \
- $(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
- $(CRYPTO_LIB) \
- $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
- -L$(DIST)/lib \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- -lws2_32 \
- -lwinmm \
- $(NULL)
-else # ! NS_USE_GCC
-EXTRA_LIBS = \
- $(DIST)/lib/swfci.lib \
- $(DIST)/lib/softokn.lib \
- $(CRYPTO_LIB) \
- $(DIST)/lib/secutil.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-endif # NS_USE_GCC
-
-else
-
-ifdef MOZILLA_SECURITY_BUILD
-CRYPTO_LIB = $(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-endif
-ifdef MOZILLA_BSAFE_BUILD
-CRYPTO_LIB += $(DIST)/lib/$(LIB_PREFIX)bsafe.$(LIB_SUFFIX)
-CRYPTO_LIB += $(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-endif
-
-EXTRA_LIBS += \
- $(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
- $(CRYPTO_LIB) \
- $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)plc4.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)plds4.$(LIB_SUFFIX) \
- $(NULL)
-
-endif
-
-INST_JS = inst.js
-LIBCI_JAR = $(OBJDIR)/lib$(LIBRARY_NAME).jar
-LIBCI_JAR_SRC = $(INST_JS) pk11inst $(SHARED_LIBRARY)
-
-ifneq ($(OS_TARGET), WIN16)
-TARGETS : $(LIBCI_JAR)
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-# note that rules.mk is not included below for WIN16
-all:
- @echo Skipping fortcrypt directory for 16-bit windows builds
-
-all_platforms alltags clean clobber clobber_all realclean: all
-
-boot export install libs program release: all
-
-endif
-
-#$(SHARED_LIBRARY): $(SWCILIB)
-
-#
-# The following rules packages the shared library into a JAR,
-# ready to be signed
-#
-$(OBJDIR)/replace: replace.c
- $(CC) -o $@ $<
-
-# ZIP options:
-# -5 means medium compression
-# -q means quiet
-# -j means do not store tree structure, all files go into one dir
-#
-$(LIBCI_JAR): $(LIBCI_JAR_SRC)
- @echo +++ building $@ from $(LIBCI_JAR_SRC)
- @rm -f $@
- zip -5qj $@ $(LIBCI_JAR_SRC)
-
-$(LIBSWCI_JAR): $(LIBSWCI_JAR_SRC)
- @echo +++ building $@ from $(LIBSWCI_JAR_SRC)
- @rm -f $@
- zip -5qj $@ $(LIBSWCI_JAR_SRC)
-
-
-MD_FILES += $(LIBCI_JAR) $(LIBSWCI_JAR)
-
-# coreconf doesn't build the AIX shared library for FORTEZZA,
-# so I'm going to override their shared library command and build the shared
-# library the way config used to.
-#
-
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS = -lc
-MKSHLIB = xlC $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
- $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
- chmod +x $@
-
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-LD += -G
-endif
-
-ifneq ($(OS_TARGET), WIN16)
-include $(CORE_DEPTH)/coreconf/rules.mk
-endif
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk b/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk
deleted file mode 100644
index 960774691..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only shared libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(SHARED_LIBRARY) $(SHARED_SW_LIBRARY) $(LIBCI_JAR) $(LIBCI_SW_JAR)
-LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js b/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js
deleted file mode 100644
index 2f7574717..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js
+++ /dev/null
@@ -1,189 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-////////////////////////////////////////////////////////////////////////////////////////
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-var pkcs11MechanismFlags = 0;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3; // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2; // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1; // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1; // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2; // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4; // Error deleting a module
-JS_ERR_ADD_MODULE = -5; // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6; // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7; // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8; // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9; // The SSL, S/MIME cipher flags are invalid
-
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Find out which library is to be installed depending on the platform
-
-// pathname seperator is platform specific
-var sep = "/";
-var vendor = "netscape";
-var moduleName = "not_supported";
-
-// platform-independent relative path
-var dir = "pkcs11/" + vendor + "/";
-
-var plat = navigator.platform;
-
-bAbort = false;
-progName = "instinit";
-if (plat == "Win32") {
- moduleName = "swft32.dll";
- // progName = "instinit.exe";
- sep = "\\";
-} else if (plat == "AIX4.1") {
- moduleName = "libswft.so";
-} else if (plat == "SunOS4.1.3_U1") {
- moduleName = "libswft.so.1.0";
-} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
- moduleName = "libswft.so";
-} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
- moduleName = "libswft.sl";
-} else {
- window.alert("Sorry, platform "+plat+" is not supported.");
- bAbort = true;
-}
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Installation Begins...
-if (!bAbort) {
-if (confirm("This script will install and configure a security module, do you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 5, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- ////////////////////////////////////////
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical)
- vi,
- netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
-
- bAbort = bAbort || (err !=0);
-
- if (err == 0) {
- ////////////////////////////////////////
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- ////////////////////////////////////////
- // Step 4. Install the files. Unpack them and list where they go
- err = su.AddSubcomponent("FortezzaLibrary", //component name (logical)
- vi, // version info
- moduleName, // source file in JAR (physical)
- Folder, // target folder (physical)
- dir + moduleName, // target path & filename (physical)
- this.force); // forces update
- bAbort = bAbort || (err !=0);
- if (err != 0) window.alert("Add sub err= "+ err);
- }
-
- if (err == 0) {
- /// Try installing the init program
- err = su.AddSubcomponent("FortezzaInitProg", vi, progName, Folder, progName, this.force);
- // don't fail because it didn't install, may just not be part of the package
-}
-
- ////////////////////////////////////////
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
- // Platform specific full path
- fullpath = Folder + "pkcs11" + sep + vendor + sep + moduleName;
-
- ////////////////////////////////////////
- // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
- result = pkcs11.addmodule("Netscape Software FORTEZZA Module",
- fullpath,
- pkcs11MechanismFlags,
- pkcs11CipherFlags);
-
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- } else {
- window.alert("New module setup completed.");
- }
- }
-}
-}
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn b/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn
deleted file mode 100644
index fce80320a..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn
+++ /dev/null
@@ -1,63 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../../../..
-
-MODULE = nss
-LIBRARY_NAME = swft
-#LIBRARY_VERSION = 32
-
-COPIED_CSRCS = forsock.c \
- fortpk11.c \
- fmutex.c \
- $(NULL)
-
-CSRCS = \
- $(COPIED_CSRCS) \
- stub.c \
- $(NULL)
-
-vpath %.c ../../
-INCLUDES = -I../..
-
-EXPORTS =
-
-REQUIRES = dbm
-
-
-DEFINES = -DSWFORT
-
-GARBAGE = $(COPIED_CSRCS) cryptint.h fmutex.h fortsock.h fpkcs11.h \
- fpkcs11f.h fpkcs11i.h fpkcs11t.h fpkmem.h fpkstrs.h genci.h maci.h
-
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst b/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst
deleted file mode 100755
index 31d73eb4a..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst
+++ /dev/null
@@ -1,49 +0,0 @@
-ForwardCompatible { HPUX:10:hppa1.1 Solaris:5.5.1:sparc AIX:4.1:rs6000 }
- Platforms {
- WINNT::x86 {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/swft32.dll }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- swft32.dll {
- RelativePath { %root%/pkcs11/netscape/swft32.dll }
- }
- }
- WIN95::x86 {
- EquivalentPlatform {WINNT::x86}
- }
- Solaris:5.5.1:sparc {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/libswft.so }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- libswft.so {
- RelativePath { %root%/pkcs11/netscape/libswft.so }
- }
- }
- }
- AIX:4.1:rs6000 {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/libswft.so }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- libswft.so {
- RelativePath { %root%/pkcs11/netscape/libswft.so }
- }
- }
- }
- HPUX:10:hppa1.1 {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/libswft.sl }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- libswft.so {
- RelativePath { %root%/pkcs11/netscape/libswft.sl }
- }
- }
- }
- }
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c b/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c
deleted file mode 100644
index 12ce3cd27..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c
+++ /dev/null
@@ -1,377 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces. These stubs are to allow the
- * SW FORTEZZA to link with some low level security functions without dragging
- * in NSPR.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "prbit.h"
-
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.
- * Is this the appropriate location? or should they be
- * moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)malloc(bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
- void *rv;
-
- rv = (void *)realloc(oldptr, bytes);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)calloc(1, bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
- if (ptr) {
- free(ptr);
- }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
- if (ptr) {
- memset(ptr, 0, len);
- free(ptr);
- }
-}
-
-char *
-PORT_Strdup(const char *str)
-{
- size_t len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char *)PORT_Alloc(len);
- if (newstr) {
- PORT_Memcpy(newstr, str, len);
- }
- return newstr;
-}
-
-void
-PORT_SetError(int value)
-{
- return;
-}
-
-int
-PORT_GetError(void)
-{
- return(1);
-}
-
-/********************* Arena code follows *****************************/
-
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
- PLArenaPool *arena;
-
- arena = (PLArenaPool*)PORT_ZAlloc(sizeof(PLArenaPool));
- if ( arena != NULL ) {
- PR_InitArenaPool(arena, "security", chunksize, sizeof(double));
- }
- return(arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- }
-
- return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- } else {
- PORT_Memset(p, 0, size);
- }
-
- return(p);
-}
-
-/* need to zeroize!! */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
- PR_FinishArenaPool(arena);
- PORT_Free(arena);
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
- PORT_Assert(newsize >= oldsize);
-
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-
- return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
- void * result;
-
- result = PL_ARENA_MARK(arena);
- return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
- PL_ARENA_RELEASE(arena, mark);
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
- /* do nothing */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena,const char *str) {
- int len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char*)PORT_ArenaAlloc(arena,len);
- if (newstr) {
- PORT_Memcpy(newstr,str,len);
- }
- return newstr;
-}
-
-/*
- * Do not use NSPR stubs for MinGW because they can't resolve references
- * to the _imp__PR_XXX symbols. This is merely an expedient hack and not
- * the right solution.
- */
-#if !(defined(WIN32) && defined(__GNUC__))
-PR_IMPLEMENT(void)
-PR_Assert(const char *expr, const char *file, int line) {
- return;
-}
-
-PR_IMPLEMENT(void *)
-PR_Alloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Malloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Calloc(PRUint32 blocks, PRUint32 bytes) { return calloc(blocks,bytes); }
-
-PR_IMPLEMENT(void)
-PR_Free(void *ptr) { free(ptr); }
-
-PR_IMPLEMENT(void)
-PR_SetError(PRErrorCode errorCode, PRInt32 oserr) { return; }
-
-PR_IMPLEMENT(void)
-PR_SetErrorText(PRIntn textLength, const char *text) { return; }
-#endif /* ! (WIN32 && GCC) */
-
-
-/* Old template; want to expunge it eventually. */
-#include "secasn1.h"
-#include "secoid.h"
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-/*
- * Do not use NSPR stubs for MinGW because they can't resolve references
- * to the _imp__PR_XXX symbols. This is merely an expedient hack and not
- * the right solution.
- */
-#if !(defined(WIN32) && defined(__GNUC__))
-/* now make the RNG happy */ /* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); }
-/* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicDecrement(PRInt32 *val) { return --(*val); }
-
-PR_IMPLEMENT(PRStatus) PR_Sleep(PRIntervalTime ticks) { return PR_SUCCESS; }
-
-#include "nssilock.h"
-#include "fmutex.h"
-PR_IMPLEMENT(PRLock *)
-PR_NewLock(void) {
- PRLock *lock = NULL;
-
- FMUTEX_Create((void **)&lock);
-
- /* if we don't have a lock, FMUTEX can deal with things */
- if (lock == NULL) lock=(PRLock *) 1;
- return lock;
-}
-
-PR_IMPLEMENT(void)
-PR_DestroyLock(PRLock *lock) {
- FMUTEX_Destroy(lock);
-}
-
-PR_IMPLEMENT(void)
-PR_Lock(PRLock *lock) {
- FMUTEX_Lock(lock);
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_Unlock(PRLock *lock) {
- FMUTEX_Unlock(lock);
- return PR_SUCCESS;
-}
-
-/* this implementation is here to satisfy the PRMonitor use in plarena.c.
-** It appears that it doesn't need re-entrant locks. It could have used
-** PRLock instead of PRMonitor. So, this implementation just uses
-** PRLock for a PRMonitor.
-*/
-PR_IMPLEMENT(PRMonitor*)
-PR_NewMonitor(void)
-{
- return (PRMonitor *) PR_NewLock();
-}
-
-
-PR_IMPLEMENT(void)
-PR_EnterMonitor(PRMonitor *mon)
-{
- PR_Lock( (PRLock *)mon );
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_ExitMonitor(PRMonitor *mon)
-{
- return PR_Unlock( (PRLock *)mon );
-}
-
-#include "prinit.h"
-
-/* This is NOT threadsafe. It is merely a pseudo-functional stub.
-*/
-PR_IMPLEMENT(PRStatus) PR_CallOnce(
- PRCallOnceType *once,
- PRCallOnceFN func)
-{
- /* This is not really atomic! */
- if (1 == PR_AtomicIncrement(&once->initialized)) {
- once->status = (*func)();
- } else {
- /* Should wait to be sure that func has finished before returning. */
- }
- return once->status;
-}
-
-
-/*
-** Compute the log of the least power of 2 greater than or equal to n
-*/
-PRIntn PR_CeilingLog2(PRUint32 i) {
- PRIntn log2;
- PR_CEILING_LOG2(log2,i);
- return log2;
-}
-#endif /* ! (WIN32 && GCC) */
-
-/********************** end of arena functions ***********************/
-
diff --git a/security/nss/lib/fortcrypt/swfort/swfalg.c b/security/nss/lib/fortcrypt/swfort/swfalg.c
deleted file mode 100644
index 6f8ab9f6c..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfalg.c
+++ /dev/null
@@ -1,506 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA skipjack primatives
- */
-#include "maci.h"
-#include "seccomon.h"
-#include "swforti.h"
-
-/*
- * Xor the IV into the plaintext buffer either just before encryption, or
- * just after decryption.
- */
-static void
-fort_XorIV(unsigned char *obuffer, unsigned char *buffer, unsigned char *iv) {
- int i;
-#ifdef USE_INT32
- if ((buffer & 0x3) == 0) && ((iv & 0x3) == 0)) {
- int32 *ibuffer = (int32 *)buffer;
- int32 *iobuffer = (int32 *)obuffer;
- int32 *iiv = (int32 *)iv;
-
- iobuffer[0] = ibuffer[0] ^ iiv[0];
- iobuffer[1] = ibuffer[1] ^ iiv[1];
- return;
- }
-#endif
-
- for (i=0; i < SKIPJACK_BLOCK_SIZE; i++) {
- obuffer[i] = buffer[i] ^ iv[i];
- }
-}
-
-
-/* the F-table for Skipjack */
-unsigned char F[256] = {
- 0xa3, 0xd7, 0x09, 0x83, 0xf8, 0x48, 0xf6, 0xf4,
- 0xb3, 0x21, 0x15, 0x78, 0x99, 0xb1, 0xaf, 0xf9,
- 0xe7, 0x2d, 0x4d, 0x8a, 0xce, 0x4c, 0xca, 0x2e,
- 0x52, 0x95, 0xd9, 0x1e, 0x4e, 0x38, 0x44, 0x28,
- 0x0a, 0xdf, 0x02, 0xa0, 0x17, 0xf1, 0x60, 0x68,
- 0x12, 0xb7, 0x7a, 0xc3, 0xe9, 0xfa, 0x3d, 0x53,
- 0x96, 0x84, 0x6b, 0xba, 0xf2, 0x63, 0x9a, 0x19,
- 0x7c, 0xae, 0xe5, 0xf5, 0xf7, 0x16, 0x6a, 0xa2,
- 0x39, 0xb6, 0x7b, 0x0f, 0xc1, 0x93, 0x81, 0x1b,
- 0xee, 0xb4, 0x1a, 0xea, 0xd0, 0x91, 0x2f, 0xb8,
- 0x55, 0xb9, 0xda, 0x85, 0x3f, 0x41, 0xbf, 0xe0,
- 0x5a, 0x58, 0x80, 0x5f, 0x66, 0x0b, 0xd8, 0x90,
- 0x35, 0xd5, 0xc0, 0xa7, 0x33, 0x06, 0x65, 0x69,
- 0x45, 0x00, 0x94, 0x56, 0x6d, 0x98, 0x9b, 0x76,
- 0x97, 0xfc, 0xb2, 0xc2, 0xb0, 0xfe, 0xdb, 0x20,
- 0xe1, 0xeb, 0xd6, 0xe4, 0xdd, 0x47, 0x4a, 0x1d,
- 0x42, 0xed, 0x9e, 0x6e, 0x49, 0x3c, 0xcd, 0x43,
- 0x27, 0xd2, 0x07, 0xd4, 0xde, 0xc7, 0x67, 0x18,
- 0x89, 0xcb, 0x30, 0x1f, 0x8d, 0xc6, 0x8f, 0xaa,
- 0xc8, 0x74, 0xdc, 0xc9, 0x5d, 0x5c, 0x31, 0xa4,
- 0x70, 0x88, 0x61, 0x2c, 0x9f, 0x0d, 0x2b, 0x87,
- 0x50, 0x82, 0x54, 0x64, 0x26, 0x7d, 0x03, 0x40,
- 0x34, 0x4b, 0x1c, 0x73, 0xd1, 0xc4, 0xfd, 0x3b,
- 0xcc, 0xfb, 0x7f, 0xab, 0xe6, 0x3e, 0x5b, 0xa5,
- 0xad, 0x04, 0x23, 0x9c, 0x14, 0x51, 0x22, 0xf0,
- 0x29, 0x79, 0x71, 0x7e, 0xff, 0x8c, 0x0e, 0xe2,
- 0x0c, 0xef, 0xbc, 0x72, 0x75, 0x6f, 0x37, 0xa1,
- 0xec, 0xd3, 0x8e, 0x62, 0x8b, 0x86, 0x10, 0xe8,
- 0x08, 0x77, 0x11, 0xbe, 0x92, 0x4f, 0x24, 0xc5,
- 0x32, 0x36, 0x9d, 0xcf, 0xf3, 0xa6, 0xbb, 0xac,
- 0x5e, 0x6c, 0xa9, 0x13, 0x57, 0x25, 0xb5, 0xe3,
- 0xbd, 0xa8, 0x3a, 0x01, 0x05, 0x59, 0x2a, 0x46
-};
-
-typedef unsigned char fort_keysched[32*4];
-
-/* do the key schedule work once for efficency */
-static void
-fort_skipKeySchedule(FORTSkipjackKeyPtr key,fort_keysched keysched)
-{
- unsigned char *keyptr = key;
- unsigned char *first = keyptr +sizeof(FORTSkipjackKey)-1;
- int i;
-
- keyptr = first;
-
- for (i=0; i < (32*4); i++) {
- keysched[i] = *keyptr--;
- if (keyptr < key) keyptr = first;
- }
- return;
-}
-
-static void
-fort_clearShedule(fort_keysched keysched)
-{
- PORT_Memset(keysched, 0, sizeof(keysched));
-}
-
-
-static unsigned int
-G(fort_keysched cv, int k, unsigned int wordIn)
-{
- unsigned char g1, g2, g3, g4, g5, g6;
-
- g1 = (unsigned char) (wordIn >> 8) & 0xff;
- g2 = (unsigned char) wordIn & 0xff;
-
- g3 = F[g2^cv[4*k]]^g1;
- g4 = F[g3^cv[4*k+1]]^g2;
- g5 = F[g4^cv[4*k+2]]^g3;
- g6 = F[g5^cv[4*k+3]]^g4;
-
- return ((g5<<8)+g6);
-}
-
-static unsigned int
-G1(fort_keysched cv, int k, unsigned int wordIn)
-{
- unsigned char g1, g2, g3, g4, g5, g6;
-
- g5 = (unsigned char) (wordIn >> 8) & 0xff;
- g6 = (unsigned char) wordIn & 0xff;
-
- g4 = F[g5^cv[4*k+3]]^g6;
- g3 = F[g4^cv[4*k+2]]^g5;
- g2 = F[g3^cv[4*k+1]]^g4;
- g1 = F[g2^cv[4*k]]^g3;
-
- return ((g1<<8)+g2);
-}
-
-static void
-ruleA(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=0; i<8; i++) {
- int k = round*16+i;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[3];
- w[3] = w[2];
- w[2] = G(cv,k,w[1]);
- w[1] = G(cv,k,w[1]) ^ w4 ^ counter;
- }
- return;
-}
-
-static void
-ruleB(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=0; i<8; i++) {
- int k = round*16+i+8;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[3];
- w[3] = w[1] ^ w[2] ^ counter;
- w[2] = G(cv,k,w[1]);
- w[1] = w4;
- }
- return;
-}
-
-static void
-ruleA1(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=7; i>=0; i--) {
- int k = round*16+i;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[1] ^ w[2] ^ counter;
- w[1] = G1(cv,k,w[2]);
- w[2] = w[3];
- w[3] = w4;
- }
- return;
-}
-
-static void
-ruleB1(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=7; i>=0; i--) {
- int k = round*16+i+8;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[1];
- w[1] = G1(cv,k,w[2]);
- w[2] = G1(cv,k,w[2]) ^ w[3] ^ counter;
- w[3] = w4;
- }
- return;
-}
-
-
-static void
-fort_doskipD(fort_keysched cv,unsigned char *cipherIn,
- unsigned char *plainOut) {
- unsigned int w[5]; /* ignore w[0] so the code matches the doc */
-
- /* initial byte swap */
- w[1]=(cipherIn[7]<<8)+cipherIn[6];
- w[2]=(cipherIn[5]<<8)+cipherIn[4];
- w[3]=(cipherIn[3]<<8)+cipherIn[2];
- w[4]=(cipherIn[1]<<8)+cipherIn[0];
-
- ruleB1(cv,1,w);
- ruleA1(cv,1,w);
- ruleB1(cv,0,w);
- ruleA1(cv,0,w);
-
- /* final byte swap */
- plainOut[0] = w[4] & 0xff;
- plainOut[1] = (w[4] >> 8) & 0xff;
- plainOut[2] = w[3] & 0xff;
- plainOut[3] = (w[3] >> 8) & 0xff;
- plainOut[4] = w[2] & 0xff;
- plainOut[5] = (w[2] >> 8) & 0xff;
- plainOut[6] = w[1] & 0xff;
- plainOut[7] = (w[1] >> 8) & 0xff;
- return;
-}
-
-static void
-fort_doskipE(fort_keysched cv,unsigned char *cipherIn,
- unsigned char *plainOut) {
- unsigned int w[5]; /* ignore w[0] so the code matches the doc */
-
- /* initial byte swap */
- w[1]=(cipherIn[7]<<8)+cipherIn[6];
- w[2]=(cipherIn[5]<<8)+cipherIn[4];
- w[3]=(cipherIn[3]<<8)+cipherIn[2];
- w[4]=(cipherIn[1]<<8)+cipherIn[0];
-
- ruleA(cv,0,w);
- ruleB(cv,0,w);
- ruleA(cv,1,w);
- ruleB(cv,1,w);
-
- /* final byte swap */
- plainOut[0] = w[4] & 0xff;
- plainOut[1] = (w[4] >> 8) & 0xff;
- plainOut[2] = w[3] & 0xff;
- plainOut[3] = (w[3] >> 8) & 0xff;
- plainOut[4] = w[2] & 0xff;
- plainOut[5] = (w[2] >> 8) & 0xff;
- plainOut[6] = w[1] & 0xff;
- plainOut[7] = (w[1] >> 8) & 0xff;
- return;
-}
-
-/* Checksums are calculated by encrypted a fixed string with the key, then
- * taking 16 bytes of the result from the block */
-static int
-fort_CalcKeyChecksum(FORTSkipjackKeyPtr key, unsigned char *sum) {
- unsigned char ckdata[8] = {
- 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55 };
- unsigned char ckres[8];
- fort_keysched keysched;
-
-
- fort_skipKeySchedule(key,keysched);
-
- fort_doskipE(keysched,ckdata,ckres);
- fort_clearShedule(keysched);
- PORT_Memcpy(sum,&ckres[1],2);
- return CI_OK;
-}
-
-/* These function actually implements skipjack CBC Decrypt */
-int
-fort_skipjackDecrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *cipherIn,
- unsigned char *plainOut) {
- unsigned char ivdata1[SKIPJACK_BLOCK_SIZE];
- unsigned char ivdata2[SKIPJACK_BLOCK_SIZE];
- unsigned char *lastiv, *nextiv, *tmpiv;
- fort_keysched keysched;
-
- /* do the key schedule work once for efficency */
- fort_skipKeySchedule(key,keysched);
-
- /* As we decrypt, we need to save the last block so that we can
- * Xor it out of decrypted text to get the real plain text. We actually
- * have to save it because cipherIn and plainOut may point to the same
- * buffer. */
- lastiv =ivdata1;
- nextiv = ivdata2;
- PORT_Memcpy(lastiv,iv,SKIPJACK_BLOCK_SIZE);
- while (size >= SKIPJACK_BLOCK_SIZE) {
- /* save the IV for the next block */
- PORT_Memcpy(nextiv,cipherIn,SKIPJACK_BLOCK_SIZE);
- fort_doskipD(keysched,cipherIn,plainOut);
- /* xor out the last IV */
- fort_XorIV(plainOut,plainOut,lastiv);
-
- /* swap the IV buffers */
- tmpiv = lastiv;
- lastiv = nextiv;
- nextiv =tmpiv;
-
- /* increment the loop pointers... be sure to get the input, output,
- * and size (decrement) each fortdoskipD operates on an entire block*/
- cipherIn += SKIPJACK_BLOCK_SIZE;
- plainOut += SKIPJACK_BLOCK_SIZE;
- size -= SKIPJACK_BLOCK_SIZE;
- }
- fort_clearShedule(keysched); /* don't leave the key lying around the stack*/
- if (size != 0) return CI_INV_SIZE;
- return CI_OK;
-}
-
-/* These function actually implements skipjack CBC Encrypt */
-int
-fort_skipjackEncrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *plainIn,
- unsigned char *cipherOut) {
- unsigned char *tmpiv;
- fort_keysched keysched;
- unsigned char plain[SKIPJACK_BLOCK_SIZE];
-
- fort_skipKeySchedule(key,keysched);
- tmpiv = iv;
- while (size >= SKIPJACK_BLOCK_SIZE) {
- /* We Xor into a temp buffer because we don't want to modify plainIn,
- * doing so may make the caller very unhappy:). */
- fort_XorIV(plain,plainIn,tmpiv);
- fort_doskipE(keysched,plain,cipherOut);
- tmpiv = cipherOut;
- cipherOut += SKIPJACK_BLOCK_SIZE;
- plainIn += SKIPJACK_BLOCK_SIZE;
- size -= SKIPJACK_BLOCK_SIZE;
- }
- fort_clearShedule(keysched); /* don't leave the key lying around the stack*/
- if (size != 0) return CI_INV_SIZE;
- return CI_OK;
-}
-
-
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackUnwrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *cipherIn, unsigned char *plainOut) {
- unsigned char low[10];
- fort_keysched keysched;
- int i,ret;
-
- /* unwrap can only unwrap 80 bit symetric keys and 160 private keys
- * sometimes these values have checksums. When they do, we should verify
- * those checksums. */
- switch (len) {
- case 20: /* private key */
- case 24: /* private key with checksum */
- ret = fort_skipjackUnwrap(key,len/2,cipherIn,plainOut);
- if (ret != CI_OK) return ret;
- ret = fort_skipjackUnwrap(key,len/2,&cipherIn[len/2],low);
-
- /* unmunge the low word */
- for (i=0; i < 10; i++) {
- low[i] = low[i] ^ plainOut[i];
- }
-
- /* the unwrap will fail above because the checkword is on
- * low, not low ^ high.
- */
- if (ret == CI_CHECKWORD_FAIL) {
- unsigned char checksum[2];
-
- ret = fort_CalcKeyChecksum(low,checksum);
- if (ret != CI_OK) return ret;
- if (PORT_Memcmp(checksum,&cipherIn[len-2],2) != 0) {
- return CI_CHECKWORD_FAIL;
- }
- }
- if (ret != CI_OK) return ret;
-
- /* re-order the low word */
- PORT_Memcpy(&plainOut[10],&low[8],2);
- PORT_Memcpy(&plainOut[12],&low[0],8);
- return CI_OK;
- case 10: /* 80 bit skipjack key */
- case 12: /* 80 bit skipjack key with checksum */
- fort_skipKeySchedule(key,keysched);
- fort_doskipD(keysched,cipherIn,plainOut);
- plainOut[8] = cipherIn[8] ^ plainOut[0];
- plainOut[9] = cipherIn[9] ^ plainOut[1];
- fort_doskipD(keysched,plainOut,plainOut);
- fort_clearShedule(keysched);
- /* if we have a checkum, verify it */
- if (len == 12) {
- unsigned char checksum[2];
-
- ret = fort_CalcKeyChecksum(plainOut,checksum);
- if (ret != CI_OK) return ret;
- if (PORT_Memcmp(checksum,&cipherIn[10],2) != 0) {
- return CI_CHECKWORD_FAIL;
- }
- }
- return CI_OK;
- default:
- break;
- }
- return CI_INV_SIZE;
-}
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackWrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *plainIn, unsigned char *cipherOut) {
- unsigned char low[10];
- unsigned char checksum[2];
- fort_keysched keysched;
- int i,ret;
-
-
- /* NOTE: length refers to the target in the case of wrap */
- /* Wrap can only Wrap 80 bit symetric keys and 160 private keys
- * sometimes these values have checksums. When they do, we should verify
- * those checksums. */
- switch (len) {
- case 20: /* private key */
- case 24: /* private key with checksum */
- /* re-order the low word */
- PORT_Memcpy(&low[8],&plainIn[10],2);
- PORT_Memcpy(&low[0],&plainIn[12],8);
- if (len == 24) {
- ret = fort_CalcKeyChecksum(low,checksum);
- if (ret != CI_OK) return ret;
- }
- /* munge the low word */
- for (i=0; i < 10; i++) {
- low[i] = low[i] ^ plainIn[i];
- }
- ret = fort_skipjackWrap(key,len/2,plainIn,cipherOut);
- ret = fort_skipjackWrap(key,len/2,low,&cipherOut[len/2]);
- if (len == 24) {
- PORT_Memcpy(&cipherOut[len - 2], checksum, sizeof(checksum));
- }
-
- return CI_OK;
- case 10: /* 80 bit skipjack key */
- case 12: /* 80 bit skipjack key with checksum */
-
- fort_skipKeySchedule(key,keysched);
- fort_doskipE(keysched,plainIn,cipherOut);
- cipherOut[8] = plainIn[8] ^ cipherOut[0];
- cipherOut[9] = plainIn[9] ^ cipherOut[1];
- fort_doskipE(keysched,cipherOut,cipherOut);
- fort_clearShedule(keysched);
- /* if we need a checkum, get it */
- if (len == 12) {
- ret = fort_CalcKeyChecksum(plainIn,&cipherOut[10]);
- if (ret != CI_OK) return ret;
- }
- return CI_OK;
- default:
- break;
- }
- return CI_INV_SIZE;
-}
-
diff --git a/security/nss/lib/fortcrypt/swfort/swflib.c b/security/nss/lib/fortcrypt/swfort/swflib.c
deleted file mode 100644
index c41a878fb..000000000
--- a/security/nss/lib/fortcrypt/swfort/swflib.c
+++ /dev/null
@@ -1,1028 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * implement the MACI calls as Software Fortezza Calls.
- * only do the ones Nescape Needs. This provides a single software slot,
- * with 100 key registers, and 50 backup Ra private registers. Since we only
- * create one session per slot, this implementation only uses one session.
- * One future enhancement may be to try to improve on this for better threading
- * support.
- */
-
-#include "prtypes.h"
-#include "prio.h"
-
-#include "swforti.h"
-/*#include "keytlow.h"*/
-/* #include "dh.h" */
-#include "blapi.h"
-#include "maci.h"
-/* #include "dsa.h" */
-/* #include "hasht.h" */
-#include "secitem.h"
-#include "secrng.h"
-/*#include "keylow.h" */
-#include "secder.h"
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include <unistd.h>
-#endif
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-
-/* currently we only support one software token. In the future we can use the
- * session to determin which of many possible tokens we are talking about.
- * all the calls which need tokens take a pointer to the software token as a
- * target.
- */
-static FORTSWToken *swtoken = NULL;
-
-#define SOCKET_ID 1
-
-
-/* can't change the pin on SW fortezza for now */
-int
-MACI_ChangePIN(HSESSION session, int PINType, CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPin)
-{
- return CI_INV_STATE;
-}
-
-
-/*
- * Check pin checks the pin, then logs the user in or out depending on if
- * the pin succedes. The General implementation would support both SSO and
- * User mode our's only needs User mode. Pins are checked by whether or not
- * they can produce our valid Ks for this 'card'.
- */
-int
-MACI_CheckPIN(HSESSION session, int PINType, CI_PIN CI_FAR pin)
-{
- FORTSkipjackKeyPtr Ks;
- FORTSWFile *config_file = NULL;
- FORTSkipjackKey seed;
- unsigned char pinArea[13];
- unsigned char *padPin = NULL;
-
- /* This SW module can only log in as USER */
- if (PINType != CI_USER_PIN) return CI_INV_TYPE;
-
- if (swtoken == NULL) return CI_NO_CARD;
- /* we can't check a pin if we haven't been initialized yet */
- if (swtoken->config_file == NULL) return CI_NO_CARD;
- config_file = swtoken->config_file;
-
- /* Make sure the pin value meets minimum lengths */
- if (PORT_Strlen((char *)pin) < 12) {
- PORT_Memset(pinArea, ' ', sizeof(pinArea));
- PORT_Memcpy(pinArea,pin,PORT_Strlen((char *)pin));
- pinArea[12] = 0;
- padPin = pinArea;
- }
-
- /* get the Ks by unwrapping it from the memphrase with the pbe generated
- * from the pin */
- Ks = fort_CalculateKMemPhrase(config_file,
- &config_file->fortezzaPhrase, (char *)pin, NULL);
-
- if (Ks == 0) {
- Ks = fort_CalculateKMemPhrase(config_file,
- &config_file->fortezzaPhrase, (char *)padPin, NULL);
- if (Ks == 0) {
- PORT_Memset(pinArea, 0, sizeof(pinArea));
- fort_Logout(swtoken);
- return CI_FAIL;
- }
- }
-
- /* use Ks and hash to verify that pin is correct */
- if (! fort_CheckMemPhrase(config_file, &config_file->fortezzaPhrase,
- (char *)pin, Ks) ) {
- if ((padPin == NULL) ||
- ! fort_CheckMemPhrase(config_file, &config_file->fortezzaPhrase,
- (char *)padPin, Ks) ) {
- PORT_Memset(pinArea, 0, sizeof(pinArea));
- fort_Logout(swtoken);
- return CI_FAIL;
- }
- }
-
- PORT_Memset(pinArea, 0, sizeof(pinArea));
-
-
- /* OK, add the random Seed value into the random number generator */
- fort_skipjackUnwrap(Ks,config_file->wrappedRandomSeed.len,
- config_file->wrappedRandomSeed.data,seed);
- RNG_RandomUpdate(seed,sizeof(seed));
-
- /* it is, go ahead and log in */
- swtoken->login = PR_TRUE;
- /* Ks is always stored in keyReg[0] when we log in */
- PORT_Memcpy(swtoken->keyReg[0].data, Ks, sizeof (FORTSkipjackKey));
- swtoken->keyReg[0].present = PR_TRUE;
- PORT_Memset(Ks, 0, sizeof(FORTSkipjackKey));
- PORT_Free(Ks);
-
-
- return CI_OK;
-}
-
-/*
- * close an open socket. Power_Down flag is set when we want to reset the
- * cards complete state.
- */
-int
-MACI_Close(HSESSION session, unsigned int flags, int socket)
-{
- if (socket != SOCKET_ID) return CI_BAD_CARD;
- if (swtoken == NULL) return CI_BAD_CARD;
-
- if (flags == CI_POWER_DOWN_FLAG) {
- fort_Logout(swtoken);
- }
- return CI_OK;
-}
-
-/*
- * Decrypt keeps track of it's own IV.
- */
-int
-MACI_Decrypt(HSESSION session, unsigned int size, CI_DATA cipherIn,
- CI_DATA plainOut)
-{
- int ret;
- unsigned char IV[SKIPJACK_BLOCK_SIZE];
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK) return ret;
-
- /*fort_AddNoise();*/
-
- /* save the IV, before we potentially trash the new one when we decrypt.
- * (it's permissible to decrypt into the cipher text buffer by passing the
- * same buffers for both cipherIn and plainOut.
- */
- PORT_Memcpy(IV,swtoken->IV, sizeof(IV));
- fort_UpdateIV(cipherIn,size,swtoken->IV);
- return fort_skipjackDecrypt(swtoken->keyReg[swtoken->key].data,
- IV,size,cipherIn,plainOut);
-}
-
-/*
- * Clear a key from one of the key registers (indicated by index).
- * return an error if no key exists.
- */
-int
-MACI_DeleteKey(HSESSION session, int index)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
- /* can't delete Ks */
- if (index == 0) return CI_INV_KEY_INDEX;
-
- if ((ret = fort_KeyOK(swtoken,index,PR_TRUE)) != CI_OK) return ret;
- fort_ClearKey(&swtoken->keyReg[index]);
- return CI_OK;
-}
-
-
-/*
- * encrypt some blocks of data and update the IV.
- */
-int
-MACI_Encrypt(HSESSION session, unsigned int size, CI_DATA plainIn,
- CI_DATA cipherOut)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK) return ret;
-
- /*fort_AddNoise();*/
-
- ret = fort_skipjackEncrypt(swtoken->keyReg[swtoken->key].data,
- swtoken->IV,size,plainIn,cipherOut);
- fort_UpdateIV(cipherOut,size,swtoken->IV);
-
- return ret;
-
-}
-
-/*
- * create a new IV and encode it.
- */
-
-static char *leafbits="THIS IS NOT LEAF";
-
-int
-MACI_GenerateIV(HSESSION Session, CI_IV CI_FAR pIV)
-{
- int ret;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK) return ret;
-
- ret = fort_GenerateRandom(swtoken->IV,SKIPJACK_BLOCK_SIZE);
- if (ret != CI_OK) return ret;
-
- PORT_Memcpy(pIV,leafbits,SKIPJACK_LEAF_SIZE);
- PORT_Memcpy(&pIV[SKIPJACK_LEAF_SIZE],swtoken->IV,SKIPJACK_BLOCK_SIZE);
-
- return CI_OK;
-}
-
-
-/*
- * create a new Key
- */
-int
-MACI_GenerateMEK(HSESSION session, int index, int reserved)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,index,PR_FALSE)) != CI_OK) return ret;
-
- ret = fort_GenerateRandom(swtoken->keyReg[index].data,
- sizeof (swtoken->keyReg[index].data));
- if (ret == CI_OK) swtoken->keyReg[index].present = PR_TRUE;
-
- return ret;
-}
-
-/*
- * build a new Ra/ra pair for a KEA exchange.
- */
-int
-MACI_GenerateRa(HSESSION session, CI_RA CI_FAR pRa)
-{
- int ret;
- int counter;
- int RaLen,raLen;
- DSAPrivateKey *privKey = NULL;
- PQGParams params;
- SECStatus rv;
- int crv = CI_EXEC_FAIL;
- fortSlotEntry *certEntry = NULL;
- unsigned char *unsignedRa = NULL;
- unsigned char *unsignedra = NULL;
- fortKeyInformation *key_info = NULL;
-
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- /* make sure the personality is set */
- if (swtoken->certIndex == 0) return CI_INV_STATE;
-
- /* pick next Ra circular buffer */
- counter = swtoken->nextRa;
- swtoken->nextRa++;
- if (swtoken->nextRa >= MAX_RA_SLOTS) swtoken->nextRa = 0;
-
- /* now get the params for diffie -helman key gen */
- certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
- if (certEntry->exchangeKeyInformation) {
- key_info = certEntry->exchangeKeyInformation;
- } else {
- key_info = certEntry->signatureKeyInformation;
- }
- if (key_info == NULL) return CI_NO_X;
-
- /* Generate Diffie Helman key Pair -- but we use DSA key gen to do it */
- rv = SECITEM_CopyItem(NULL,&params.prime,&key_info->p);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
- rv = SECITEM_CopyItem(NULL,&params.subPrime,&key_info->q);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
- rv = SECITEM_CopyItem(NULL,&params.base,&key_info->g);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
-
- /* KEA uses DSA like key generation with short DSA keys that have to
- * maintain a relationship to q */
- rv = DSA_NewKey(&params, &privKey);
- SECITEM_FreeItem(&params.prime,PR_FALSE);
- SECITEM_FreeItem(&params.subPrime,PR_FALSE);
- SECITEM_FreeItem(&params.base,PR_FALSE);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
-
- /* save private key, public key, and param in Ra Circular buffer */
- unsignedRa = privKey->publicValue.data;
- RaLen = privKey->publicValue.len;
- while ((unsignedRa[0] == 0) && (RaLen > CI_RA_SIZE)) {
- unsignedRa++;
- RaLen--;
- }
- if (RaLen > CI_RA_SIZE) goto loser;
-
- unsignedra = privKey->privateValue.data;
- raLen = privKey->privateValue.len;
- while ((unsignedra[0] == 0) && (raLen > sizeof(fortRaPrivate))) {
- unsignedra++;
- raLen--;
- }
-
- if (raLen > sizeof(fortRaPrivate)) goto loser;
-
- PORT_Memset(swtoken->RaValues[counter].private, 0, sizeof(fortRaPrivate));
- PORT_Memcpy(
- &swtoken->RaValues[counter].private[sizeof(fortRaPrivate) - raLen],
- unsignedra, raLen);
- PORT_Memset(pRa, 0, CI_RA_SIZE);
- PORT_Memcpy(&pRa[CI_RA_SIZE-RaLen], unsignedRa, RaLen);
- PORT_Memcpy(swtoken->RaValues[counter].public, pRa, CI_RA_SIZE);
- crv = CI_OK;
-
-loser:
- PORT_FreeArena(privKey->params.arena, PR_TRUE);
-
- return crv;
-}
-
-
-/*
- * return some random data.
- */
-int
-MACI_GenerateRandom(HSESSION session, CI_RANDOM CI_FAR random)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
- return fort_GenerateRandom(random,sizeof (CI_RANDOM));
-}
-
-
-static CI_RA Remail = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1
-};
-
-/*
- * build a new Token exchange key using KEA.
- */
-int
-MACI_GenerateTEK(HSESSION hSession, int flags, int target,
- CI_RA CI_FAR Ra, CI_RA CI_FAR Rb, unsigned int YSize, CI_Y CI_FAR pY )
-{
- FORTEZZAPrivateKey *key = NULL;
- fortSlotEntry * certEntry;
- unsigned char * w = NULL;
- SECItem *q;
- SECStatus rv;
- int ret,i;
- PRBool email = PR_TRUE;
- SECItem R; /* public */
- SECItem Y; /* public */
- SECItem r; /* private */
- SECItem x; /* private */
- SECItem wItem; /* derived secret */
- fortRaPrivatePtr ra;
- FORTSkipjackKey cover_key;
-
- unsigned char pad[10] = { 0x72, 0xf1, 0xa8, 0x7e, 0x92,
- 0x82, 0x41, 0x98, 0xab, 0x0b };
-
- /* verify that everything is ok with the token, keys and certs */
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- /* make sure the personality is set */
- if (swtoken->certIndex == 0) return CI_INV_STATE;
- if ((ret = fort_KeyOK(swtoken,target,PR_FALSE)) != CI_OK) return ret;
-
- /* get the cert from the entry, then look up the key from that cert */
- certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
- key = fort_GetPrivKey(swtoken,fortezzaDHKey,certEntry);
- if (key == NULL) return CI_NO_X;
-
- if (certEntry->exchangeKeyInformation) {
- q = &certEntry->exchangeKeyInformation->q;
- } else {
- q = &certEntry->signatureKeyInformation->q;
- }
-
- email = (PORT_Memcmp(Rb,Remail,sizeof(Rb)) == 0) ? PR_TRUE: PR_FALSE;
-
-
- /* load the common elements */
- Y.data = pY;
- Y.len = YSize;
- x.data = key->u.dh.privateValue.data;
- x.len = key->u.dh.privateValue.len;
-
- /* now initialize the rest of the values */
- if (flags == CI_INITIATOR_FLAG) {
- if (email) {
- R.data = Y.data;
- R.len = Y.len;
- } else {
- R.data = Rb;
- R.len = sizeof(CI_RA);
- }
- ra = fort_LookupPrivR(swtoken,Ra);
- if (ra == NULL) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
- r.data = ra;
- r.len = sizeof(fortRaPrivate);
- } else {
- R.data = Ra;
- R.len = sizeof(CI_RA);
- if (email) {
- r.data = x.data;
- r.len = x.len;
- } else {
- ra = fort_LookupPrivR(swtoken,Rb);
- if (ra == NULL) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
- r.data = ra;
- r.len = sizeof(fortRaPrivate);
- }
- }
-
-
- if (!KEA_Verify(&Y,&key->u.dh.prime,q)) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
- if (!KEA_Verify(&R,&key->u.dh.prime,q)) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
-
- /* calculate the base key */
- rv = KEA_Derive(&key->u.dh.prime, &Y, &R, &r, &x, &wItem);
- if (rv != SECSuccess) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
-
- w = wItem.data;
- /* use the skipjack wrapping function to 'mix' the key up */
- for (i=0; i < sizeof(FORTSkipjackKey); i++)
- cover_key[i] = pad[i] ^ w[i];
-
- ret = fort_skipjackWrap(cover_key,sizeof(FORTSkipjackKey),
- &w[sizeof(FORTSkipjackKey)],swtoken->keyReg[target].data);
- if (ret != CI_OK) goto loser;
-
- swtoken->keyReg[target].present = PR_TRUE;
-
- ret = CI_OK;
-loser:
- if (w) PORT_Free(w);
- if (key) fort_DestroyPrivateKey(key);
-
- return ret;
-}
-
-
-/*
- * return the bytes of a certificate.
- */
-int
-MACI_GetCertificate(HSESSION hSession, int certIndex,
- CI_CERTIFICATE CI_FAR cert)
-{
- int len;
- int ret;
- fortSlotEntry *certEntry = NULL;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
- certEntry = fort_GetCertEntry(swtoken->config_file,certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
-
- len = certEntry->certificateData.dataEncryptedWithKs.len;
- PORT_Memset(cert,0,sizeof(CI_CERTIFICATE));
- PORT_Memcpy(cert, certEntry->certificateData.dataEncryptedWithKs.data,len);
-
- /* Ks is always stored in keyReg[0] when we log in */
- return fort_skipjackDecrypt(swtoken->keyReg[0].data,
- &certEntry->certificateData.dataIV.data[SKIPJACK_LEAF_SIZE],
- len,cert,cert);
-}
-
-
-/*
- * return out sofware configuration bytes. Those field not used by the PKCS #11
- * module may not be filled in exactly.
- */
-#define NETSCAPE "Netscape Communications Corp "
-#define PRODUCT "Netscape Software FORTEZZA Lib "
-#define SOFTWARE "Software FORTEZZA Implementation"
-
-int
-MACI_GetConfiguration(HSESSION hSession, CI_CONFIG_PTR config)
-{
- config->LibraryVersion = 0x0100;
- config->ManufacturerVersion = 0x0100;
- PORT_Memcpy(config->ManufacturerName,NETSCAPE,sizeof(NETSCAPE));
- PORT_Memcpy(config->ProductName,PRODUCT,sizeof(PRODUCT));
- PORT_Memcpy(config->ProcessorType,SOFTWARE,sizeof(SOFTWARE));
- config->UserRAMSize = 0;
- config->LargestBlockSize = 0x10000;
- config->KeyRegisterCount = KEY_REGISTERS;
- config->CertificateCount =
- swtoken ? fort_GetCertCount(swtoken->config_file): 0;
- config->CryptoCardFlag = 0;
- config->ICDVersion = 0;
- config->ManufacturerSWVer = 0x0100;
- config->DriverVersion = 0x0100;
- return CI_OK;
-}
-
-/*
- * return a list of all the personalities (up to the value 'EntryCount')
- */
-int
-MACI_GetPersonalityList(HSESSION hSession, int EntryCount,
- CI_PERSON CI_FAR personList[])
-{
- int count;
- int i,ret;
- FORTSWFile *config_file = NULL;
- unsigned char tmp[32];
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- config_file = swtoken->config_file;
-
- /* search for the index */
- count= fort_GetCertCount(config_file);
-
- /* don't return more than the user asked for */
- if (count > EntryCount) count = EntryCount;
- for (i=0; i < count ;i ++) {
- int len, dataLen;
- personList[i].CertificateIndex =
- config_file->slotEntries[i]->certIndex;
- len = config_file->slotEntries[i]->certificateLabel.
- dataEncryptedWithKs.len;
- if (len > sizeof(tmp)) len = sizeof(tmp);
- PORT_Memset(personList[i].CertLabel, ' ',
- sizeof(personList[i].CertLabel));
- PORT_Memcpy(tmp,
- config_file->slotEntries[i]->
- certificateLabel.dataEncryptedWithKs.data,
- len);
- /* Ks is always stored in keyReg[0] when we log in */
- ret = fort_skipjackDecrypt(swtoken->keyReg[0].data,
- &config_file->slotEntries[i]->
- certificateLabel.dataIV.data[SKIPJACK_LEAF_SIZE],len,
- tmp,tmp);
- if (ret != CI_OK) return ret;
- dataLen = DER_GetInteger(&config_file->slotEntries[i]->
- certificateLabel.length);
- if (dataLen > sizeof(tmp)) dataLen = sizeof(tmp);
- PORT_Memcpy(personList[i].CertLabel, tmp, dataLen);
- personList[i].CertLabel[32] = 0;
- personList[i].CertLabel[33] = 0;
- personList[i].CertLabel[34] = 0;
- personList[i].CertLabel[35] = 0;
- }
- return CI_OK;
-}
-
-
-/*
- * get a new session ID. This function is only to make the interface happy,
- * the PKCS #11 module only uses one session per token.
- */
-int
-MACI_GetSessionID(HSESSION *session)
-{
- *session = 1;
- return CI_OK;
-}
-
-/*
- * return the current card state.
- */
-int
-MACI_GetState(HSESSION hSession, CI_STATE_PTR state)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
- *state = fort_GetState(swtoken);
- return CI_OK;
-}
-
-/*
- * return the status. NOTE that KeyRegisterFlags and CertificateFlags are never
- * really used by the PKCS #11 module, so they are not implemented.
- */
-int
-MACI_GetStatus(HSESSION hSession, CI_STATUS_PTR status)
-{
- int ret;
- FORTSWFile *config_file = NULL;
-
- if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
- config_file = swtoken->config_file;
- status->CurrentSocket = 1;
- status->LockState = swtoken->lock;
- PORT_Memcpy(status->SerialNumber,
- config_file->serialID.data, config_file->serialID.len);
- status->CurrentState = fort_GetState(swtoken);
- status->DecryptionMode = CI_CBC64_MODE;
- status->EncryptionMode = CI_CBC64_MODE;
- status->CurrentPersonality = swtoken->certIndex;
- status->KeyRegisterCount = KEY_REGISTERS;
- /* our code doesn't use KeyRegisters, which is good, because there's not
- * enough of them .... */
- PORT_Memset(status->KeyRegisterFlags,0,sizeof(status->KeyRegisterFlags));
- status->CertificateCount = fort_GetCertCount(config_file);
- PORT_Memset(status->CertificateFlags,0,sizeof(status->CertificateFlags));
- PORT_Memset(status->Flags,0,sizeof(status->Flags));
-
- return CI_OK;
-}
-
-/*
- * add the time call because the PKCS #11 module calls it, but always pretend
- * the clock is bad, so it never uses the returned time.
- */
-int
-MACI_GetTime(HSESSION hSession, CI_TIME CI_FAR time)
-{
- return CI_BAD_CLOCK;
-}
-
-
-/* This function is copied from NSPR so that the PKCS #11 module can be
- * independent of NSPR */
-PRInt32 local_getFileInfo(const char *fn, PRFileInfo *info);
-
-/*
- * initialize the SW module, and return the number of slots we support (1).
- */
-int
-MACI_Initialize(int CI_FAR *count)
-{
- char *filename = NULL;
- SECItem file;
- FORTSignedSWFile *decode_file = NULL;
- PRFileInfo info;
- /*PRFileDesc *fd = NULL;*/
- int fd = -1;
- PRStatus err;
- int ret = CI_OK;
- int fcount;
-
- file.data = NULL;
- file.len = 0;
-
- *count = 1;
-
- /* allocate swtoken structure */
- swtoken = PORT_ZNew(FORTSWToken);
- if (swtoken == NULL) return CI_OUT_OF_MEMORY;
-
- filename = (char *)fort_LookupFORTEZZAInitFile();
- if (filename == NULL) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- fd = open(filename,O_RDONLY|O_BINARY,0);
- if (fd < 0) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- err = local_getFileInfo(filename,&info);
- if ((err != 0) || (info.size == 0)) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- file.data = PORT_ZAlloc(info.size);
- if (file.data == NULL) {
- ret = CI_OUT_OF_MEMORY;
- goto failed;
- }
-
- fcount = read(fd,file.data,info.size);
- close(fd); fd = -1;
- if (fcount != (int)info.size) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- file.len = fcount;
-
- decode_file = FORT_GetSWFile(&file);
- if (decode_file == NULL) {
- ret = CI_BAD_READ;
- goto failed;
- }
- swtoken->config_file = &decode_file->file;
-
- RNG_SystemInfoForRNG();
- RNG_FileForRNG(filename);
-
-
-failed:
- if (filename) PORT_Free(filename);
- if (fd != -1) close(fd);
- if (file.data) PORT_Free(file.data);
- if (ret != CI_OK) {
- if (decode_file) FORT_DestroySignedSWFile(decode_file);
- if (swtoken) PORT_Free(swtoken);
- swtoken = NULL;
- }
-
- return CI_OK;
-}
-
-/*
- * load an IV from an external source. We technically should check it with the
- * key we received.
- */
-int
-MACI_LoadIV(HSESSION session, CI_IV CI_FAR iv)
-{
- int ret;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- PORT_Memcpy(swtoken->IV,&iv[SKIPJACK_LEAF_SIZE],SKIPJACK_BLOCK_SIZE);
- return CI_OK;
-}
-
-/* implement token lock (should call PR_Monitor here) */
-int
-MACI_Lock(HSESSION session, int flags)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- swtoken->lock = 1;
-
- return CI_OK;
-}
-
-/* open a token. For software there isn't much to do that hasn't already been
- * done by initialize. */
-int
-MACI_Open(HSESSION session, unsigned int flags, int socket)
-{
- if (socket != SOCKET_ID) return CI_NO_CARD;
- if (swtoken == NULL) return CI_NO_CARD;
- return CI_OK;
-}
-
-/*
- * Reset logs out the token...
- */
-int
-MACI_Reset(HSESSION session)
-{
- if (swtoken) fort_Logout(swtoken);
- return CI_OK;
-}
-
-/*
- * restore and encrypt/decrypt state. NOTE: there is no error checking in this
- * or the save function.
- */
-int
-MACI_Restore(HSESSION session, int type, CI_SAVE_DATA CI_FAR data)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- PORT_Memcpy(swtoken->IV,data, sizeof (swtoken->IV));
- return CI_OK;
-}
-
-/*
- * save and encrypt/decrypt state. NOTE: there is no error checking in this
- * or the restore function.
- */
-int
-MACI_Save(HSESSION session, int type,CI_SAVE_DATA CI_FAR data)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- PORT_Memcpy(data,swtoken->IV, sizeof (swtoken->IV));
- return CI_OK;
-}
-
-/*
- * picks a token to operate against. In our case there can be only one.
- */
-int
-MACI_Select(HSESSION session, int socket)
-{
- if (socket == SOCKET_ID) return CKR_OK;
- return CI_NO_CARD;
-}
-
-/*
- * set a register as the key to use for encrypt/decrypt operations.
- */
-int
-MACI_SetKey(HSESSION session, int index)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,index,PR_TRUE)) != CI_OK) return ret;
-
- swtoken->key = index;
- return CI_OK;
-}
-
-/*
- * only CBC64 is supported. Keep setmode for compatibility */
-int
-MACI_SetMode(HSESSION session, int type, int mode)
-{
- if (mode != CI_CBC64_MODE) return CI_INV_MODE;
- return CI_OK;
-}
-
-/* set the personality to use for sign/verify */
-int
-MACI_SetPersonality(HSESSION session, int cert)
-{
- int ret;
- fortSlotEntry *certEntry = NULL;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
- certEntry = fort_GetCertEntry(swtoken->config_file,cert);
- if ((certEntry == NULL) ||
- ((certEntry->exchangeKeyInformation == NULL) &&
- (certEntry->signatureKeyInformation == NULL)) )
- return CI_INV_CERT_INDEX;
- swtoken->certIndex = cert;
- return CI_OK;
-}
-
-
-/* DSA sign some data */
-int
-MACI_Sign(HSESSION session, CI_HASHVALUE CI_FAR hash, CI_SIGNATURE CI_FAR sig)
-{
- FORTEZZAPrivateKey *key = NULL;
- fortSlotEntry * certEntry = NULL;
- int ret = CI_OK;
- SECStatus rv;
- SECItem signItem;
- SECItem hashItem;
- unsigned char random[DSA_SUBPRIME_LEN];
-
- /* standard checks */
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- /* make sure the personality is set */
- if (swtoken->certIndex == 0) return CI_INV_STATE;
-
- /* get the current personality */
- certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
-
- /* extract the private key from the personality */
- ret = CI_OK;
- key = fort_GetPrivKey(swtoken,fortezzaDSAKey,certEntry);
- if (key == NULL) {
- ret = CI_NO_X;
- goto loser;
- }
-
- /* create a random value for the signature */
- ret = fort_GenerateRandom(random, sizeof(random));
- if (ret != CI_OK) goto loser;
-
- /* Sign with that private key */
- signItem.data = sig;
- signItem.len = DSA_SIGNATURE_LEN;
-
- hashItem.data = hash;
- hashItem.len = SHA1_LENGTH;
-
- rv = DSA_SignDigestWithSeed(&key->u.dsa, &signItem, &hashItem, random);
- if (rv != SECSuccess) {
- ret = CI_EXEC_FAIL;
- }
-
- /* clean up */
-loser:
- if (key != NULL) fort_DestroyPrivateKey(key);
-
- return ret;
-}
-
-/*
- * clean up after ourselves.
- */
-int
-MACI_Terminate(HSESSION session)
-{
- if (swtoken == NULL) return CI_OUT_OF_MEMORY;
-
- /* clear all the keys */
- fort_Logout(swtoken);
-
- FORT_DestroySWFile(swtoken->config_file);
- PORT_Free(swtoken);
- swtoken = NULL;
- return CI_OK;
-}
-
-
-
-/* implement token unlock (should call PR_Monitor here) */
-int
-MACI_Unlock(HSESSION session)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- swtoken->lock = 0;
- return CI_OK;
-}
-
-/*
- * unwrap a key into our software token. NOTE: this function does not
- * verify that the wrapping key is Ks or a TEK. This is because our higher
- * level software doesn't try to wrap MEKs with MEKs. If this API was exposed
- * generically, then we would have to worry about things like this.
- */
-int
-MACI_UnwrapKey(HSESSION session, int wrapKey, int target,
- CI_KEY CI_FAR keyData)
-{
- int ret = CI_OK;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,target,PR_FALSE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,wrapKey,PR_TRUE)) != CI_OK) return ret;
- ret = fort_skipjackUnwrap(swtoken->keyReg[wrapKey].data,
- sizeof(CI_KEY), keyData, swtoken->keyReg[target].data);
- if (ret != CI_OK) goto loser;
-
- swtoken->keyReg[target].present = PR_TRUE;
-
-loser:
- return ret;
-}
-
-/*
- * Wrap a key out of our software token. NOTE: this function does not
- * verify that the wrapping key is Ks or a TEK, or that the source key is
- * a MEK. This is because our higher level software doesn't try to wrap MEKs
- * with MEKs, or wrap out TEKS and Ks. If this API was exposed
- * generically, then we would have to worry about things like this.
- */
-int
-MACI_WrapKey(HSESSION session, int wrapKey, int source, CI_KEY CI_FAR keyData)
-{
- int ret;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,source,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,wrapKey,PR_TRUE)) != CI_OK) return ret;
- ret = fort_skipjackWrap(swtoken->keyReg[wrapKey].data,
- sizeof(CI_KEY), swtoken->keyReg[source].data,keyData);
-
- return ret;
-}
-
diff --git a/security/nss/lib/fortcrypt/swfort/swfort.h b/security/nss/lib/fortcrypt/swfort/swfort.h
deleted file mode 100644
index d0cefb098..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfort.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA skipjack primatives
- */
-#ifndef _SWFORT_H_
-#define _SWFORT_H_
-
-#include "seccomon.h"
-#include "swfortt.h"
-/*#include "genci.h"*/
-
-
-SEC_BEGIN_PROTOS
-
-FORTSignedSWFile *
-FORT_GetSWFile(SECItem *initBits);
-
-SECStatus
-FORT_CheckInitPhrase(FORTSignedSWFile *sw_init_file, char *initMemPhrase);
-
-SECStatus
-FORT_CheckUserPhrase(FORTSignedSWFile *sw_init_file, char *userMemPhrase);
-
-void
-FORT_DestroySWFile(FORTSWFile *file);
-
-void
-FORT_DestroySignedSWFile(FORTSignedSWFile *swfile);
-
-SECItem *
-FORT_GetDERCert(FORTSignedSWFile *swfile, int index);
-
-SECItem *
-FORT_PutSWFile(FORTSignedSWFile *sw_init_file);
-
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swforti.h b/security/nss/lib/fortcrypt/swfort/swforti.h
deleted file mode 100644
index bcc07ee62..000000000
--- a/security/nss/lib/fortcrypt/swfort/swforti.h
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA Skipjack primatives and helper functions.
- */
-#ifndef _SWFORTI_H_
-#define _SWFORTI_H_
-
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-
-#include "seccomon.h"
-#include "swfort.h"
-#include "swfortti.h"
-#include "maci.h"
-
-
-SEC_BEGIN_PROTOS
-/*
- * Check to see if the index is ok, and that key is appropriately present or
- * absent.
- */
-int fort_KeyOK(FORTSWToken *token, int index, PRBool isPresent);
-
-/*
- * clear out a key register
- */
-void fort_ClearKey(FORTKeySlot *key);
-
-/*
- * clear out an Ra register
- */
-void fort_ClearRaSlot(FORTRaRegisters *ra);
-
-/*
- * provide a helper function to do all the loggin out functions.
- * NOTE: Logging in only happens in MACI_CheckPIN
- */
-void fort_Logout(FORTSWToken *token);
-
-/*
- * update the new IV value based on the current cipherText (should be the last
- * block of the cipher text).
- */
-int fort_UpdateIV(unsigned char *cipherText, unsigned int size,unsigned char *IV);
-
-
-/*
- * verify that we have a card initialized, and if necessary, logged in.
- */
-int fort_CardExists(FORTSWToken *token,PRBool needLogin);
-
-/*
- * walk down the cert slot entries, counting them.
- * return that count.
- */
-int fort_GetCertCount(FORTSWFile *file);
-
-/*
- * copy an unsigned SECItem to a signed SecItem. (if the high bit is on,
- * pad with a leading 0.
- */
-SECStatus fort_CopyUnsigned(PRArenaPool *arena, SECItem *to, const SECItem *from);
-
-/*
- * return the private key based on the token and entry.
- */
-FORTEZZAPrivateKey *fort_GetPrivKey(FORTSWToken *token,FORTEZZAKeyType keyType,fortSlotEntry *certEntry);
-
-/*
- * Free the key acquired above.
- */
-void fort_DestroyPrivateKey(FORTEZZAPrivateKey *key);
-
-/*
- * find a particulare certificate entry from the config
- * file.
- */
-fortSlotEntry * fort_GetCertEntry(FORTSWFile *file,int index);
-
-/*
- * use the token to termine it's CI_State.
- */
-CI_STATE fort_GetState(FORTSWToken *token);
-
-/*
- * find the private ra value for a given public Ra value.
- */
-fortRaPrivatePtr fort_LookupPrivR(FORTSWToken *token,CI_RA Ra);
-
-/*
- * go add more noise to the random number generator
- */
-void fort_AddNoise(void);
-
-/*
- * Get a random number
- */
-int fort_GenerateRandom(unsigned char *buf, int bytes);
-
-
-/*
- * We're deep in the bottom of MACI and PKCS #11... We need to
- * find our fortezza key file. This function lets us search manual paths to
- * find our key file.
- */
-char *fort_FindFileInPath(char *path, char *fn);
-
-
-char *fort_LookupFORTEZZAInitFile(void);
-
-
-FORTSkipjackKeyPtr fort_CalculateKMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey);
-
-
-PRBool fort_CheckMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey);
-
-
-/* These function actually implements skipjack CBC64 Decrypt */
-int fort_skipjackDecrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *cipherIn,
- unsigned char *plainOut);
-
-/* These function actually implements skipjack CBC64 Encrypt */
-int fort_skipjackEncrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *plainIn,
- unsigned char *cipherOut);
-
-/*
- * unwrap is used for key generation and mixing
- */
-int fort_skipjackUnwrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *cipherIn, unsigned char *plainOut);
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackWrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *plainIn, unsigned char *cipherOut);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfortt.h b/security/nss/lib/fortcrypt/swfort/swfortt.h
deleted file mode 100644
index a5ee7b2b5..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfortt.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * All the data structures for Software fortezza are internal only.
- * The external API for Software fortezza is MACI (which is only used by
- * the PKCS #11 module.
- */
-
-#ifndef _SWFORTT_H_
-#define _SWFORTT_H_
-
-/* structure typedefs */
-typedef struct FORTKeySlotStr FORTKeySlot;
-typedef struct FORTRaRegistersStr FORTRaRegisters;
-typedef struct FORTSWTokenStr FORTSWToken;
-
-/* Der parsing typedefs */
-typedef struct fortKeyInformationStr fortKeyInformation;
-typedef struct fortProtectedDataStr fortProtectedData;
-typedef struct fortSlotEntryStr fortSlotEntry;
-typedef struct fortProtectedPhraseStr fortProtectedPhrase;
-typedef struct FORTSWFileStr FORTSWFile;
-typedef struct FORTSignedSWFileStr FORTSignedSWFile;
-
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfortti.h b/security/nss/lib/fortcrypt/swfort/swfortti.h
deleted file mode 100644
index 0fd2d0e34..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfortti.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * All the data structures for Software fortezza are internal only.
- * The external API for Software fortezza is MACI (which is only used by
- * the PKCS #11 module.
- */
-
-#ifndef _SWFORTTI_H_
-#define _SWFORTTI_H_
-
-#include "maci.h"
-#include "seccomon.h"
-#include "mcom_db.h" /* really should be included by certt.h */
-#include "certt.h"
-/*#include "keyt.h"*/
-#include "blapit.h"
-#include "swfortt.h"
-
-
-typedef enum {
- fortezzaDSAKey = 0,
- fortezzaDHKey = 1
-} FORTEZZAKeyType;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct FORTEZZAPrivateKeyStr {
- PLArenaPool *arena;
- FORTEZZAKeyType keyType;
- union {
- DSAPrivateKey dsa;
- DHPrivateKey dh;
- } u;
-};
-typedef struct FORTEZZAPrivateKeyStr FORTEZZAPrivateKey;
-
-
-/* the following parameters are tunable. The bigger the key registers are,
- * the less likely the PKCS #11 module will thrash. */
-#define KEY_REGISTERS 100
-#define MAX_RA_SLOTS 20
-
-/* SKIPJACK algorithm constants */
-#define SKIPJACK_KEY_SIZE 10
-#define SKIPJACK_BLOCK_SIZE 8
-#define SKIPJACK_LEAF_SIZE 16
-
-/* private typedefs */
-typedef unsigned char FORTSkipjackKey[SKIPJACK_KEY_SIZE];
-typedef unsigned char *FORTSkipjackKeyPtr;
-typedef unsigned char fortRaPrivate[20];
-typedef unsigned char *fortRaPrivatePtr;
-
-/* save a public/private key pair */
-struct FORTRaRegistersStr {
- CI_RA public;
- fortRaPrivate private;
-};
-
-/* FORTEZZA Key Register */
-struct FORTKeySlotStr {
- FORTSkipjackKey data;
- PRBool present;
-};
-
-/* structure to hole private key information */
-struct fortKeyInformationStr {
- SECItem keyFlags;
- SECItem privateKeyWrappedWithKs;
- SECItem derPublicKey;
- SECItem p;
- SECItem g;
- SECItem q;
-};
-
-/* struture to hole Ks wrapped data */
-struct fortProtectedDataStr {
- SECItem length;
- SECItem dataIV;
- SECItem dataEncryptedWithKs;
-};
-
-/* This structure represents a fortezza personality */
-struct fortSlotEntryStr {
- SECItem trusted;
- SECItem certificateIndex;
- int certIndex;
- fortProtectedData certificateLabel;
- fortProtectedData certificateData;
- fortKeyInformation *exchangeKeyInformation;
- fortKeyInformation *signatureKeyInformation;
-};
-
-/* this structure represents a K value wrapped by a protected pin */
-struct fortProtectedPhraseStr {
- SECItem kValueIV;
- SECItem wrappedKValue;
- SECItem memPhraseIV;
- SECItem hashedEncryptedMemPhrase;
-};
-
-
-/* This structure represents all the relevant data stored in a der encoded
- * fortezza slot file. */
-struct FORTSWFileStr {
- PRArenaPool *arena;
- SECItem version;
- SECItem derIssuer;
- SECItem serialID;
- fortProtectedPhrase initMemPhrase;
-#define fortezzaPhrase initMemPhrase
- fortProtectedPhrase ssoMemPhrase;
- fortProtectedPhrase userMemPhrase;
- fortProtectedPhrase ssoPinPhrase;
- fortProtectedPhrase userPinPhrase;
- SECItem wrappedRandomSeed;
- fortSlotEntry **slotEntries;
-};
-
-/* This data structed represents a signed data structure */
-struct FORTSignedSWFileStr {
- FORTSWFile file;
- CERTSignedData signatureWrap;
- FORTSkipjackKeyPtr Kinit;
- FORTSkipjackKeyPtr Ks;
-};
-
-
-/* collect all the data that makes up a token */
-struct FORTSWTokenStr {
- PRBool login; /* has this token been logged in? */
- int lock; /* the current lock state */
- int certIndex; /* index of the current personality */
- int key; /* currently selected key */
- int nextRa; /* where the next Ra/ra pair will go */
- FORTSWFile *config_file; /* parsed Fortezza Config file */
- unsigned char IV[SKIPJACK_BLOCK_SIZE];
- FORTKeySlot keyReg[KEY_REGISTERS]; /* sw fortezza key slots */
- FORTRaRegisters RaValues[MAX_RA_SLOTS]; /* Ra/ra values */
-};
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfparse.c b/security/nss/lib/fortcrypt/swfort/swfparse.c
deleted file mode 100644
index 30672c73d..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfparse.c
+++ /dev/null
@@ -1,539 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following program decodes the FORTEZZA Init File, and stores the result
- * into the fortezza directory.
- */
-#include "secasn1.h"
-#include "swforti.h"
-#include "blapi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-
-
-/*
- * templates for parsing the FORTEZZA Init File. These were taken from DER
- * definitions on SWF Initialization File Format Version 1.0 pp1-3.
- */
-
-/* Key info structure... There are up to two of these per slot entry */
-static const SEC_ASN1Template fortKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortKeyInformation) },
- { SEC_ASN1_INTEGER,
- offsetof(fortKeyInformation,keyFlags) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortKeyInformation,privateKeyWrappedWithKs) },
- { SEC_ASN1_ANY ,
- offsetof(fortKeyInformation, derPublicKey) },
- { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,p) },
- { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,g) },
- { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,q) },
- { 0 }
-};
-
-/* This is data that has been wrapped by Ks */
-static const SEC_ASN1Template fortProtDataTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortProtectedData) },
- { SEC_ASN1_INTEGER,
- offsetof(fortProtectedData,length) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedData,dataIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedData,dataEncryptedWithKs) },
- { 0 }
-};
-
-/* DER to describe each Certificate Slot ... there are an arbitrary number */
-static const SEC_ASN1Template fortSlotEntryTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortSlotEntry) },
- { SEC_ASN1_BOOLEAN,
- offsetof(fortSlotEntry,trusted) },
- { SEC_ASN1_INTEGER,
- offsetof(fortSlotEntry,certificateIndex) },
- { SEC_ASN1_INLINE,
- offsetof(fortSlotEntry,certificateLabel), fortProtDataTemplate },
- { SEC_ASN1_INLINE,
- offsetof(fortSlotEntry,certificateData), fortProtDataTemplate },
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | 0,
- offsetof(fortSlotEntry, exchangeKeyInformation),
- fortKeyInfoTemplate },
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | 1,
- offsetof(fortSlotEntry, signatureKeyInformation),
- fortKeyInfoTemplate },
- { 0 }
-};
-
-/* This data is used to check MemPhrases, and to generate Ks
- * each file has two mem phrases, one for SSO, one for User */
-static const SEC_ASN1Template fortProtectedMemPhrase[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortProtectedPhrase) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,kValueIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,wrappedKValue) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,memPhraseIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,hashedEncryptedMemPhrase) },
- { 0 }
-};
-
-/* This data is used to check the Mem Init Phrases, and to generate Kinit
- * each file has one mem init phrase, which is used only in transport of
- * this file */
-static const SEC_ASN1Template fortMemInitPhrase[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortProtectedPhrase) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,wrappedKValue) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,memPhraseIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,hashedEncryptedMemPhrase) },
- { 0 }
-};
-
-static const SEC_ASN1Template fortSlotEntriesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, fortSlotEntryTemplate }
-};
-
-/* This is the complete file with all it's data, but has not been signed
- * yet. */
-static const SEC_ASN1Template fortSwFortezzaInitFileToSign[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(FORTSWFile) },
- { SEC_ASN1_INTEGER,
- offsetof(FORTSWFile,version) },
- { SEC_ASN1_ANY,
- offsetof(FORTSWFile,derIssuer) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(FORTSWFile,serialID) },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,initMemPhrase), fortMemInitPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,ssoMemPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,userMemPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,ssoPinPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,userPinPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_OCTET_STRING,
- offsetof(FORTSWFile,wrappedRandomSeed) },
- { SEC_ASN1_SEQUENCE_OF, offsetof(FORTSWFile,slotEntries),
- fortSlotEntryTemplate },
- /* optional extentions to ignore here... */
- { 0 }
-};
-
-/* The complete, signed init file */
-static const SEC_ASN1Template fortSwFortezzaInitFile[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(FORTSignedSWFile) },
- { SEC_ASN1_SAVE,
- offsetof(FORTSignedSWFile,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(FORTSignedSWFile,file),
- fortSwFortezzaInitFileToSign },
- { SEC_ASN1_INLINE,
- offsetof(FORTSignedSWFile,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(FORTSignedSWFile,signatureWrap.signature) },
- { 0 }
-};
-
-FORTSkipjackKeyPtr
-fort_CalculateKMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey)
-{
- unsigned char *data = NULL;
- unsigned char hashout[SHA1_LENGTH];
- int data_len = prot_phrase->wrappedKValue.len;
- int ret;
- unsigned int len;
- unsigned int version;
- unsigned char enc_version[2];
- FORTSkipjackKeyPtr Kout = NULL;
- FORTSkipjackKey Kfek;
- SHA1Context *sha;
-
- data = (unsigned char *) PORT_ZAlloc(data_len);
- if (data == NULL) goto fail;
-
- PORT_Memcpy(data,prot_phrase->wrappedKValue.data,data_len);
-
- /* if it's a real protected mem phrase, it's been wrapped by kinit, which
- * was passed to us. */
- if (wrapKey) {
- fort_skipjackDecrypt(wrapKey,
- &prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],data_len,
- data,data);
- data_len = sizeof(CI_KEY);
- }
-
- /* now calculate the PBE key for fortezza */
- sha = SHA1_NewContext();
- if (sha == NULL) goto fail;
- SHA1_Begin(sha);
- version = DER_GetUInteger(&file->version);
- enc_version[0] = (version >> 8) & 0xff;
- enc_version[1] = version & 0xff;
- SHA1_Update(sha,enc_version,sizeof(enc_version));
- SHA1_Update(sha,file->derIssuer.data, file->derIssuer.len);
- SHA1_Update(sha,file->serialID.data, file->serialID.len);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- SHA1_DestroyContext(sha, PR_TRUE);
- PORT_Memcpy(Kfek,hashout,sizeof(FORTSkipjackKey));
-
- /* now use that key to unwrap */
- Kout = (FORTSkipjackKeyPtr) PORT_Alloc(sizeof(FORTSkipjackKey));
- ret = fort_skipjackUnwrap(Kfek,data_len,data,Kout);
- if (ret != CI_OK) {
- PORT_Free(Kout);
- Kout = NULL;
- }
-
-fail:
- PORT_Memset(&Kfek, 0, sizeof(FORTSkipjackKey));
- if (data) PORT_ZFree(data,data_len);
- return Kout;
-}
-
-
-PRBool
-fort_CheckMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey)
-{
- unsigned char *data = NULL;
- unsigned char hashout[SHA1_LENGTH];
- int data_len = prot_phrase->hashedEncryptedMemPhrase.len;
- unsigned int len;
- SHA1Context *sha;
- PRBool pinOK = PR_FALSE;
- unsigned char cw[4];
- int i;
-
-
- /* first, decrypt the hashed/Encrypted Memphrase */
- data = (unsigned char *) PORT_ZAlloc(data_len);
- if (data == NULL) goto failed;
-
- PORT_Memcpy(data,prot_phrase->hashedEncryptedMemPhrase.data,data_len);
- fort_skipjackDecrypt(wrapKey,
- &prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],data_len,
- data,data);
-
- /* now build the hash for comparisons */
- sha = SHA1_NewContext();
- if (sha == NULL) goto failed;
- SHA1_Begin(sha);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- SHA1_DestroyContext(sha, PR_TRUE);
-
- /* hashes don't match... must not be the right pass mem */
- if (PORT_Memcmp(data,hashout,len) != 0) goto failed;
-
- /* now calcuate the checkword and compare it */
- cw[0] = cw[1] = cw[2] = cw[3] = 0;
- for (i=0; i <5 ; i++) {
- cw[0] = cw[0] ^ hashout[i*4];
- cw[1] = cw[1] ^ hashout[i*4+1];
- cw[2] = cw[2] ^ hashout[i*4+2];
- cw[3] = cw[3] ^ hashout[i*4+3];
- }
-
- /* checkword doesn't match, must not be the right pass mem */
- if (PORT_Memcmp(data+len,cw,4) != 0) goto failed;
-
- /* pased all our test, its OK */
- pinOK = PR_TRUE;
-
-failed:
- PORT_Free(data);
-
- return pinOK;
-}
-
-/*
- * walk through the list of memphrases. This function allows us to use a
- * for loop to walk down them.
- */
-fortProtectedPhrase *
-fort_getNextPhrase( FORTSWFile *file, fortProtectedPhrase *last)
-{
- if (last == &file->userMemPhrase) {
- return &file->userPinPhrase;
- }
- /* we can add more test here if we want to support SSO mode someday. */
-
- return NULL;
-}
-
-/*
- * decode the DER file data into our nice data structures, including turning
- * cert indexes into integers.
- */
-FORTSignedSWFile *
-FORT_GetSWFile(SECItem *initBits)
-{
- FORTSignedSWFile *sw_init_file;
- PRArenaPool *arena = NULL;
- SECStatus rv;
- int i, count;
- SECItem newInitBits;
-
- /* get the local arena... be sure to free this at the end */
-
- /* get the local arena... be sure to free this at the end */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto fail;
-
- sw_init_file = (FORTSignedSWFile *)
- PORT_ArenaZAlloc(arena,sizeof(FORTSignedSWFile));
- if (sw_init_file == NULL) goto fail;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newInitBits, initBits);
- if ( rv != SECSuccess ) {
- goto fail;
- }
-
- /* ANS1 decode the complete init file */
- rv = SEC_QuickDERDecodeItem(arena,sw_init_file,fortSwFortezzaInitFile,&newInitBits);
- if (rv != SECSuccess) {
- goto fail;
- }
-
- /* count the certs */
- count = 0;
- while (sw_init_file->file.slotEntries[count]) count++;
-
- for (i=0; i < count; i++) {
- /* update the cert Index Pointers */
- sw_init_file->file.slotEntries[i]->certIndex =
- DER_GetInteger(&sw_init_file->
- file.slotEntries[i]->certificateIndex );
- }
-
- /* now start checking the mem phrases and pins, as well as calculating the
- * file's 'K' values. First we start with K(init). */
- sw_init_file->file.arena = arena;
-
- return sw_init_file;
- /* OK now that we've read in the init file, and now have Kinit, Ks, and the
- * appropriate Pin Phrase, we need to build our database file. */
-
-fail:
- if (arena) PORT_FreeArena(arena,PR_TRUE);
- return NULL;
-}
-
-/*
- * Check the init memphrases and the user mem phrases. Remove all the init
- * memphrase wrappings. Save the Kinit and Ks values for use.
- */
-SECStatus
-FORT_CheckInitPhrase(FORTSignedSWFile *sw_init_file, char *initMemPhrase)
-{
- SECStatus rv = SECFailure;
-
- sw_init_file->Kinit = fort_CalculateKMemPhrase(&sw_init_file->file,
- &sw_init_file->file.initMemPhrase, initMemPhrase, NULL);
- if (sw_init_file->Kinit == NULL) goto fail;
-
- /* now check the init Mem phrase */
- if (!fort_CheckMemPhrase(&sw_init_file->file,
- &sw_init_file->file.initMemPhrase,
- initMemPhrase, sw_init_file->Kinit)) {
- goto fail;
- }
- rv = SECSuccess;
-
-fail:
- return rv;
-}
-
- /* now check user user mem phrase and calculate Ks */
-SECStatus
-FORT_CheckUserPhrase(FORTSignedSWFile *sw_init_file, char *userMemPhrase)
-{
- SECStatus rv = SECFailure;
- char tmp_data[13];
- char *padMemPhrase = NULL;
- fortProtectedPhrase *phrase_store;
-
- if (strlen(userMemPhrase) < 12) {
- PORT_Memset(tmp_data, ' ', sizeof(tmp_data));
- PORT_Memcpy(tmp_data,userMemPhrase,strlen(userMemPhrase));
- tmp_data[12] = 0;
- padMemPhrase = tmp_data;
- }
-
- for (phrase_store = &sw_init_file->file.userMemPhrase; phrase_store;
- phrase_store = fort_getNextPhrase(&sw_init_file->file,phrase_store)) {
- sw_init_file->Ks = fort_CalculateKMemPhrase(&sw_init_file->file,
- phrase_store, userMemPhrase, sw_init_file->Kinit);
-
- if ((sw_init_file->Ks == NULL) && (padMemPhrase != NULL)) {
- sw_init_file->Ks = fort_CalculateKMemPhrase(&sw_init_file->file,
- phrase_store, padMemPhrase, sw_init_file->Kinit);
- userMemPhrase = padMemPhrase;
- }
- if (sw_init_file->Ks == NULL) {
- continue;
- }
-
- /* now check the User Mem phrase */
- if (fort_CheckMemPhrase(&sw_init_file->file, phrase_store,
- userMemPhrase, sw_init_file->Ks)) {
- break;
- }
- PORT_Free(sw_init_file->Ks);
- sw_init_file->Ks = NULL;
- }
-
-
- if (phrase_store == NULL) goto fail;
-
- /* strip the Kinit wrapping */
- fort_skipjackDecrypt(sw_init_file->Kinit,
- &phrase_store->kValueIV.data[SKIPJACK_LEAF_SIZE],
- phrase_store->wrappedKValue.len, phrase_store->wrappedKValue.data,
- phrase_store->wrappedKValue.data);
- phrase_store->wrappedKValue.len = 12;
-
- PORT_Memset(phrase_store->kValueIV.data,0,phrase_store->kValueIV.len);
-
- sw_init_file->file.initMemPhrase = *phrase_store;
- sw_init_file->file.ssoMemPhrase = *phrase_store;
- sw_init_file->file.ssoPinPhrase = *phrase_store;
- sw_init_file->file.userMemPhrase = *phrase_store;
- sw_init_file->file.userPinPhrase = *phrase_store;
-
-
- rv = SECSuccess;
-
-fail:
- /* don't keep the pin around */
- PORT_Memset(tmp_data, 0, sizeof(tmp_data));
- return rv;
-}
-
-void
-FORT_DestroySWFile(FORTSWFile *file)
-{
- PORT_FreeArena(file->arena,PR_FALSE);
-}
-
-void
-FORT_DestroySignedSWFile(FORTSignedSWFile *swfile)
-{
- FORT_DestroySWFile(&swfile->file);
-}
-
-
-SECItem *
-FORT_GetDERCert(FORTSignedSWFile *swfile,int index)
-{
- SECItem *newItem = NULL;
- unsigned char *cert = NULL;
- int len,ret;
- fortSlotEntry *certEntry = NULL;
-
-
- newItem = PORT_ZNew(SECItem);
- if (newItem == NULL) return NULL;
-
- certEntry = fort_GetCertEntry(&swfile->file,index);
- if (certEntry == NULL) {
- PORT_Free(newItem);
- return NULL;
- }
-
- newItem->len = len = certEntry->certificateData.dataEncryptedWithKs.len;
- newItem->data = cert = PORT_ZAlloc(len);
- if (cert == NULL) {
- PORT_Free(newItem);
- return NULL;
- }
- newItem->len = DER_GetUInteger(&certEntry->certificateData.length);
-
-
- PORT_Memcpy(cert, certEntry->certificateData.dataEncryptedWithKs.data,len);
-
- /* Ks is always stored in keyReg[0] when we log in */
- ret = fort_skipjackDecrypt(swfile->Ks,
- &certEntry->certificateData.dataIV.data[SKIPJACK_LEAF_SIZE],
- len,cert,cert);
- if (ret != CI_OK) {
- SECITEM_FreeItem(newItem,PR_TRUE);
- return NULL;
- }
- return newItem;
-}
-
-/*
- * decode the DER file data into our nice data structures, including turning
- * cert indexes into integers.
- */
-SECItem *
-FORT_PutSWFile(FORTSignedSWFile *sw_init_file)
-{
- SECItem *outBits, *tmpBits;
-
- outBits = PORT_ZNew(SECItem);
- if (outBits == NULL) goto fail;
-
- /* ANS1 encode the complete init file */
- tmpBits = SEC_ASN1EncodeItem(NULL,outBits,sw_init_file,fortSwFortezzaInitFile);
- if (tmpBits == NULL) {
- goto fail;
- }
-
- return outBits;
-
-fail:
- if (outBits) SECITEM_FreeItem(outBits,PR_TRUE);
- return NULL;
-}
diff --git a/security/nss/lib/fortcrypt/swfort/swfutl.c b/security/nss/lib/fortcrypt/swfort/swfutl.c
deleted file mode 100644
index eee677f65..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfutl.c
+++ /dev/null
@@ -1,750 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This File includes utility functions used by cilib. and swfparse.c
- */
-
-#include "prtypes.h"
-#include "prsystem.h"
-#include "prio.h"
-
-#include "swforti.h"
-#include "keyt.h"
-/* #include "dh.h" */
-#include "maci.h"
-#include "secport.h"
-#include "secrng.h"
-#ifdef XP_OS2
-#include <sys/stat.h>
-#endif
-
-#ifdef XP_WIN
-#include <windows.h>
-#include <winsock.h>
-#include <direct.h>
-#endif
-
-/* no platform seem to agree on where this function is defined */
-static char *local_index(char *source, char target) {
- while ((*source != target) && (*source != 0)) {
- source++;
- }
- return (*source != 0) ? source : NULL;
-}
-
-/*
- * Check to see if the index is ok, and that key is appropriately present or
- * absent.
- */
-int
-fort_KeyOK(FORTSWToken *token, int index, PRBool isPresent)
-{
- if (index < 0) return CI_INV_KEY_INDEX;
- if (index >= KEY_REGISTERS) return CI_INV_KEY_INDEX;
-
- return (token->keyReg[index].present == isPresent) ? CI_OK :
- (isPresent ? CI_NO_KEY : CI_REG_IN_USE);
-}
-
-/*
- * clear out a key register
- */
-void
-fort_ClearKey(FORTKeySlot *key)
-{
- key->present = PR_FALSE;
- PORT_Memset(key->data, 0, sizeof (key->data));
- return;
-}
-
-/*
- * clear out an Ra register
- */
-void
-fort_ClearRaSlot(FORTRaRegisters *ra)
-{
- PORT_Memset(ra->public, 0, sizeof(ra->public));
- PORT_Memset(ra->private, 0, sizeof(ra->private));
- return;
-}
-
-/*
- * provide a helper function to do all the loggin out functions.
- * NOTE: Logining in only happens in MACI_CheckPIN
- */
-void
-fort_Logout(FORTSWToken *token)
-{
- int i;
-
- /* ditch all the stored keys */
- for (i=0; i < KEY_REGISTERS; i++) {
- fort_ClearKey(&token->keyReg[i]);
- }
- for (i=0; i < MAX_RA_SLOTS; i++) {
- fort_ClearRaSlot(&token->RaValues[i]);
- }
-
- /* mark as logged out */
- token->login = PR_FALSE;
- token->certIndex = 0;
- token->key = 0;
- return;
-}
-
-/*
- * update the new IV value based on the current cipherText (should be the last
- * block of the cipher text).
- */
-int
-fort_UpdateIV(unsigned char *cipherText, unsigned int size,unsigned char *IV)
-{
- if (size == 0) return CI_INV_SIZE;
- if ((size & (SKIPJACK_BLOCK_SIZE-1)) != 0) return CI_INV_SIZE;
- size -= SKIPJACK_BLOCK_SIZE;
- PORT_Memcpy(IV,&cipherText[size],SKIPJACK_BLOCK_SIZE);
- return CI_OK;
-}
-
-
-/*
- * verify that we have a card initialized, and if necessary, logged in.
- */
-int
-fort_CardExists(FORTSWToken *token,PRBool needLogin)
-{
- if (token == NULL ) return CI_LIB_NOT_INIT;
- if (token->config_file == NULL) return CI_NO_CARD;
- if (needLogin && !token->login) return CI_INV_STATE;
- return CI_OK;
-}
-
-/*
- * walk down the cert slot entries, counting them.
- * return that count.
- */
-int
-fort_GetCertCount(FORTSWFile *file)
-{
- int i;
-
- if (file->slotEntries == NULL) return 0;
-
- for (i=0; file->slotEntries[i]; i++)
- /* no body */ ;
-
- return i;
-}
-
-/*
- * copy an unsigned SECItem to a signed SecItem. (if the high bit is on,
- * pad with a leading 0.
- */
-SECStatus
-fort_CopyUnsigned(PRArenaPool *arena, SECItem *to, const SECItem *from)
-{
- int offset = 0;
-
- if (from->data && from->len) {
- if (from->data[0] & 0x80) offset = 1;
- if ( arena ) {
- to->data = (unsigned char*) PORT_ArenaZAlloc(arena,
- from->len+offset);
- } else {
- to->data = (unsigned char*) PORT_ZAlloc(from->len+offset);
- }
-
- if (!to->data) {
- return SECFailure;
- }
- PORT_Memcpy(to->data+offset, from->data, from->len);
- to->len = from->len+offset;
- } else {
- to->data = 0;
- to->len = 0;
- }
- return SECSuccess;
-}
-
-/*
- * NOTE: these keys do not have the public values, and cannot be used to
- * extract the public key from the private key. Since we never do this in
- * this code, and this function is static, we're reasonably safe (as long as
- * any of your callees do not try to extract the public value as well).
- * Also -- the token must be logged in before this function is called.
- */
-FORTEZZAPrivateKey *
-fort_GetPrivKey(FORTSWToken *token,FORTEZZAKeyType keyType,
- fortSlotEntry *certEntry)
-{
- FORTEZZAPrivateKey *returnKey = NULL;
- SECStatus rv = SECFailure;
- PRArenaPool *poolp;
- fortKeyInformation *keyInfo = NULL;
- unsigned char *keyData;
- int len, ret;
-
-
- /* select the right keyinfo */
- switch (keyType) {
- case fortezzaDSAKey:
- keyInfo = certEntry->signatureKeyInformation;
- if (keyInfo == NULL) keyInfo = certEntry->exchangeKeyInformation;
- break;
- case fortezzaDHKey:
- keyInfo = certEntry->exchangeKeyInformation;
- if (keyInfo == NULL) keyInfo = certEntry->signatureKeyInformation;
- break;
- }
-
- /* if we don't have any key information, blow out of here */
- if (keyInfo == NULL) return NULL;
-
- poolp = PORT_NewArena(2048);
- if(!poolp) {
- return NULL;
- }
-
- returnKey = (FORTEZZAPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(FORTEZZAPrivateKey));
- if(!returnKey) {
- rv = SECFailure;
- goto loser;
- }
-
- returnKey->keyType = keyType;
- returnKey->arena = poolp;
-
- /*
- * decrypt the private key
- */
- len = keyInfo->privateKeyWrappedWithKs.len;
- keyData = PORT_ArenaZAlloc(poolp,len);
- if (keyData == NULL) {
- rv = SECFailure;
- goto loser;
- }
- /* keys must be 160 bits (20 bytes) if that's not the case the Unwrap will
- * fail.. */
- ret = fort_skipjackUnwrap(token->keyReg[0].data, len,
- keyInfo->privateKeyWrappedWithKs.data, keyData);
- if (ret != CI_OK) {
- rv = SECFailure;
- goto loser;
- }
-
- switch(keyType) {
- case dsaKey:
- returnKey->u.dsa.privateValue.data = keyData;
- returnKey->u.dsa.privateValue.len = 20;
- returnKey->u.dsa.params.arena = poolp;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.prime),
- &(keyInfo->p));
- if(rv != SECSuccess) break;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.subPrime),
- &(keyInfo->q));
- if(rv != SECSuccess) break;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.base),
- &(keyInfo->g));
- if(rv != SECSuccess) break;
- break;
- case dhKey:
- returnKey->u.dh.arena = poolp;
- returnKey->u.dh.privateValue.data = keyData;
- returnKey->u.dh.privateValue.len = 20;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dh.prime),
- &(keyInfo->p));
- if(rv != SECSuccess) break;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dh.base),
- &(keyInfo->g));
- if(rv != SECSuccess) break;
- rv = SECSuccess;
- break;
- default:
- rv = SECFailure;
- }
-
-loser:
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_TRUE);
- returnKey = NULL;
- }
-
- return returnKey;
-}
-
-
-void
-fort_DestroyPrivateKey(FORTEZZAPrivateKey *key)
-{
- if (key && key->arena) {
- PORT_FreeArena(key->arena, PR_TRUE);
- }
-}
-
-/*
- * find a particulare certificate entry from the config
- * file.
- */
-fortSlotEntry *
-fort_GetCertEntry(FORTSWFile *file,int index)
-{
- /* search for the index */
- int i,count= fort_GetCertCount(file);
-
- /* make sure the given index exists & has key material */
- for (i=0; i < count ;i ++) {
- if (file->slotEntries[i]->certIndex == index) {
- return file->slotEntries[i];
- }
- }
- return NULL;
-}
-
-/*
- * use the token to determine it's CI_State.
- */
-CI_STATE
-fort_GetState(FORTSWToken *token)
-{
- /* no file? then the token has not been initialized */
- if (!token->config_file) {
- return CI_UNINITIALIZED;
- }
- /* we're initialized, are we logged in (CI_USER_INITIALIZED is not logged
- * in) */
- if (!token->login) {
- return CI_USER_INITIALIZED;
- }
- /* We're logged in, do we have a personality set */
- if (token->certIndex) {
- return CI_READY;
- }
- /* We're logged in, with no personality set */
- return CI_STANDBY;
-}
-
-/*
- * find the private ra value for a given public Ra value.
- */
-fortRaPrivatePtr
-fort_LookupPrivR(FORTSWToken *token,CI_RA Ra)
-{
- int i;
-
- /* probably a more efficient way of doing this would be to search first
- * several entries before nextRa (or search backwards from next Ra)
- */
- for (i=0; i < MAX_RA_SLOTS; i++) {
- if (PORT_Memcmp(token->RaValues[i].public,Ra,CI_RA_SIZE) == 0) {
- return token->RaValues[i].private;
- }
- }
- return NULL;
-}
-
-/*
- * go add more noise to the random number generator
- */
-void
-fort_AddNoise(void)
-{
- unsigned char seed[20];
-
- /* note: GetNoise doesn't always get 20 bytes, but adding more
- * random data from the stack doesn't subtract entropy from the
- * Random number generator, so just send it all.
- */
- RNG_GetNoise(seed,sizeof(seed));
- RNG_RandomUpdate(seed,sizeof(seed));
-}
-
-/*
- * Get a random number
- */
-int
-fort_GenerateRandom(unsigned char *buf, int bytes)
-{
- SECStatus rv;
-
- fort_AddNoise();
- rv = RNG_GenerateGlobalRandomBytes(buf,bytes);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
- return CI_OK;
-}
-
-/*
- * NOTE: that MAC is missing below.
- */
-#if defined (XP_UNIX) || defined (XP_OS2) || defined (XP_BEOS)
-#if defined (XP_UNIX) || defined (XP_BEOS)
-#define NS_PATH_SEP ':'
-#define NS_DIR_SEP '/'
-#define NS_DEFAULT_PATH ".:/bin/netscape:/etc/netscape/:/etc"
-#endif
-
-#ifdef XP_OS2 /* for OS/2 */
-#define NS_PATH_SEP ';'
-#define NS_DIR_SEP '\\'
-#define NS_DEFAULT_PATH ".:\\bin\\netscape:\\etc\\netscape\\:\\etc"
-#endif
-
-PRInt32
-local_getFileInfo(const char *fn, PRFileInfo *info)
-{
- PRInt32 rv;
- struct stat sb;
-
- rv = stat(fn, &sb);
- if (rv < 0)
- return -1;
- else if (NULL != info)
- {
- if (S_IFREG & sb.st_mode)
- info->type = PR_FILE_FILE;
- else if (S_IFDIR & sb.st_mode)
- info->type = PR_FILE_DIRECTORY;
- else
- info->type = PR_FILE_OTHER;
-
-#if defined(OSF1)
- if (0x7fffffffLL < sb.st_size)
- {
- return -1;
- }
-#endif /* defined(OSF1) */
- info->size = sb.st_size;
-
- }
- return rv;
-}
-#endif /* UNIX, OS/2, and BEOS */
-
-#ifdef XP_WIN
-#define NS_PATH_SEP ';'
-#define NS_DIR_SEP '\\'
-#define NS_DEFAULT_PATH ".;c:\\program files\\netscape\\communicator\\program\\pkcs11\\netscape;c:\\netscape\\communicator\\program\\pkcs11\\netscape;c:\\windows\\system"
-
-
-/*
- * Since we're a pkcs #11 module, we may get
- * loaded into lots of different binaries, each with different or no versions
- * of NSPR running... so we copy the one function we need.
- */
-
-#define _PR_IS_SLASH(ch) ((ch) == '/' || (ch) == '\\')
-
-/*
- * IsRootDirectory --
- *
- * Return PR_TRUE if the pathname 'fn' is a valid root directory,
- * else return PR_FALSE. The char buffer pointed to by 'fn' must
- * be writable. During the execution of this function, the contents
- * of the buffer pointed to by 'fn' may be modified, but on return
- * the original contents will be restored. 'buflen' is the size of
- * the buffer pointed to by 'fn'.
- *
- * Root directories come in three formats:
- * 1. / or \, meaning the root directory of the current drive.
- * 2. C:/ or C:\, where C is a drive letter.
- * 3. \\<server name>\<share point name>\ or
- * \\<server name>\<share point name>, meaning the root directory
- * of a UNC (Universal Naming Convention) name.
- */
-
-static PRBool
-IsRootDirectory(char *fn, size_t buflen)
-{
- char *p;
- PRBool slashAdded = PR_FALSE;
- PRBool rv = PR_FALSE;
-
- if (_PR_IS_SLASH(fn[0]) && fn[1] == '\0') {
- return PR_TRUE;
- }
-
- if (isalpha(fn[0]) && fn[1] == ':' && _PR_IS_SLASH(fn[2])
- && fn[3] == '\0') {
- rv = GetDriveType(fn) > 1 ? PR_TRUE : PR_FALSE;
- return rv;
- }
-
- /* The UNC root directory */
-
- if (_PR_IS_SLASH(fn[0]) && _PR_IS_SLASH(fn[1])) {
- /* The 'server' part should have at least one character. */
- p = &fn[2];
- if (*p == '\0' || _PR_IS_SLASH(*p)) {
- return PR_FALSE;
- }
-
- /* look for the next slash */
- do {
- p++;
- } while (*p != '\0' && !_PR_IS_SLASH(*p));
- if (*p == '\0') {
- return PR_FALSE;
- }
-
- /* The 'share' part should have at least one character. */
- p++;
- if (*p == '\0' || _PR_IS_SLASH(*p)) {
- return PR_FALSE;
- }
-
- /* look for the final slash */
- do {
- p++;
- } while (*p != '\0' && !_PR_IS_SLASH(*p));
- if (_PR_IS_SLASH(*p) && p[1] != '\0') {
- return PR_FALSE;
- }
- if (*p == '\0') {
- /*
- * GetDriveType() doesn't work correctly if the
- * path is of the form \\server\share, so we add
- * a final slash temporarily.
- */
- if ((p + 1) < (fn + buflen)) {
- *p++ = '\\';
- *p = '\0';
- slashAdded = PR_TRUE;
- } else {
- return PR_FALSE; /* name too long */
- }
- }
- rv = GetDriveType(fn) > 1 ? PR_TRUE : PR_FALSE;
- /* restore the 'fn' buffer */
- if (slashAdded) {
- *--p = '\0';
- }
- }
- return rv;
-}
-
-PRInt32
-local_getFileInfo(const char *fn, PRFileInfo *info)
-{
- HANDLE hFindFile;
- WIN32_FIND_DATA findFileData;
- char pathbuf[MAX_PATH + 1];
-
- if (NULL == fn || '\0' == *fn) {
- return -1;
- }
-
- /*
- * FindFirstFile() expands wildcard characters. So
- * we make sure the pathname contains no wildcard.
- */
- if (NULL != strpbrk(fn, "?*")) {
- return -1;
- }
-
- hFindFile = FindFirstFile(fn, &findFileData);
- if (INVALID_HANDLE_VALUE == hFindFile) {
- DWORD len;
- char *filePart;
-
- /*
- * FindFirstFile() does not work correctly on root directories.
- * It also doesn't work correctly on a pathname that ends in a
- * slash. So we first check to see if the pathname specifies a
- * root directory. If not, and if the pathname ends in a slash,
- * we remove the final slash and try again.
- */
-
- /*
- * If the pathname does not contain ., \, and /, it cannot be
- * a root directory or a pathname that ends in a slash.
- */
- if (NULL == strpbrk(fn, ".\\/")) {
- return -1;
- }
- len = GetFullPathName(fn, sizeof(pathbuf), pathbuf,
- &filePart);
- if (len > sizeof(pathbuf)) {
- return -1;
- }
- if (IsRootDirectory(pathbuf, sizeof(pathbuf))) {
- info->type = PR_FILE_DIRECTORY;
- info->size = 0;
- /*
- * These timestamps don't make sense for root directories.
- */
- info->modifyTime = 0;
- info->creationTime = 0;
- return 0;
- }
- if (!((pathbuf[len - 1] == '/') || (pathbuf[len-1] == '\\'))) {
- return -1;
- } else {
- pathbuf[len - 1] = '\0';
- hFindFile = FindFirstFile(pathbuf, &findFileData);
- if (INVALID_HANDLE_VALUE == hFindFile) {
- return -1;
- }
- }
- }
-
- FindClose(hFindFile);
-
- if (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
- info->type = PR_FILE_DIRECTORY;
- } else {
- info->type = PR_FILE_FILE;
- }
-
- info->size = findFileData.nFileSizeLow;
-
- return 0;
-}
-
-#endif /* XP_WIN */
-
-#ifdef XP_MAC
-#error Need to write fort_FindFileInPath for Mac
-#define NS_PATH_SEP ','
-#define NS_DIR_SEP ':'
-#define NS_DEFAULT_PATH ",System Folder,System Folder:Netscape f:pkcs11:netscape"
-#endif
-
-#define NETSCAPE_INIT_FILE "nsswft.swf"
-
-/*
- * OK, We're deep in the bottom of MACI and PKCS #11... We need to
- * find our fortezza key file. We have no clue of where the our binary lives
- * or where our key file lives. This function lets us search manual paths
- * to find our key file.
- */
-char *fort_FindFileInPath(char *path, char *fn)
-{
- char *next;
- char *holdData;
- char *ret = NULL;
- int len = 0;
- int fn_len = PORT_Strlen(fn)+1; /* include the NULL */
- PRFileInfo info;
- char dirSep = NS_DIR_SEP;
-
- holdData = PORT_Alloc(strlen(path)+1+fn_len);
-
- while ((next = local_index(path,NS_PATH_SEP)) != NULL) {
- len = next - path;
-
- PORT_Memcpy(holdData,path,len);
- if ((len != 0) && (holdData[len-1] != dirSep)) {
- PORT_Memcpy(&holdData[len],&dirSep,1);
- len++;
- }
- PORT_Memcpy(&holdData[len],fn,fn_len);
-
- if ((local_getFileInfo(holdData,&info) == 0) &&
- (info.type == PR_FILE_FILE) && (info.size != 0)) {
- ret = PORT_Strdup(holdData);
- PORT_Free(holdData);
- return ret;
- }
- path = next+1;
- }
-
- len = strlen(path);
- PORT_Memcpy(holdData,path,len);
- if ((len != 0) && (holdData[len-1] != dirSep)) {
- PORT_Memcpy(&holdData[len],&dirSep,1);
- len++;
- }
- PORT_Memcpy(&holdData[len],fn,fn_len);
-
- if ((local_getFileInfo(holdData,&info) == 0) &&
- (info.type == PR_FILE_FILE) && (info.size != 0)) {
- ret = PORT_Strdup(holdData);
- }
- PORT_Free(holdData);
- return ret;
-}
-
-static char *path_table[] = {
- "PATH","LD_LIBRARY_PATH","LIBPATH"
-};
-
-static int path_table_size = sizeof(path_table)/sizeof(path_table[0]);
-
-char *fort_LookupFORTEZZAInitFile(void)
-{
- char *fname = NULL;
- char *home = NULL;
-#ifdef XP_UNIX
- char unix_home[512];
-#endif
- int i;
-
- /* first try to get it from the environment */
- fname = getenv("SW_FORTEZZA_FILE");
- if (fname != NULL) {
- return PORT_Strdup(fname);
- }
-
-#ifdef XP_UNIX
- home = getenv("HOME");
- if (home) {
- strncpy(unix_home,home, sizeof(unix_home)-sizeof("/.netscape"));
- strcat(unix_home,"/.netscape");
- fname = fort_FindFileInPath(unix_home,NETSCAPE_INIT_FILE);
- if (fname) return fname;
- }
-#endif
-#ifdef XP_WIN
- home = getenv("windir");
- if (home) {
- fname = fort_FindFileInPath(home,NETSCAPE_INIT_FILE);
- if (fname) return fname;
- }
-#endif
-
- fname = fort_FindFileInPath(NS_DEFAULT_PATH,NETSCAPE_INIT_FILE);
- if (fname) return fname;
-
- /* now search the system paths */
- for (i=0; i < path_table_size; i++) {
- char *path = getenv(path_table[i]);
-
- if (path != NULL) {
- fname = fort_FindFileInPath(path,NETSCAPE_INIT_FILE);
- if (fname) return fname;
- }
- }
-
-
- return NULL;
-}
diff --git a/security/nss/lib/freebl/md2.c b/security/nss/lib/freebl/md2.c
deleted file mode 100644
index 3f7427c14..000000000
--- a/security/nss/lib/freebl/md2.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-
-#include "blapi.h"
-
-#define MD2_DIGEST_LEN 16
-#define MD2_BUFSIZE 16
-#define MD2_X_SIZE 48 /* The X array, [CV | INPUT | TMP VARS] */
-#define MD2_CV 0 /* index into X for chaining variables */
-#define MD2_INPUT 16 /* index into X for input */
-#define MD2_TMPVARS 32 /* index into X for temporary variables */
-#define MD2_CHECKSUM_SIZE 16
-
-struct MD2ContextStr {
- unsigned char checksum[MD2_BUFSIZE];
- unsigned char X[MD2_X_SIZE];
- PRUint8 unusedBuffer;
-};
-
-static const PRUint8 MD2S[256] = {
- 0051, 0056, 0103, 0311, 0242, 0330, 0174, 0001,
- 0075, 0066, 0124, 0241, 0354, 0360, 0006, 0023,
- 0142, 0247, 0005, 0363, 0300, 0307, 0163, 0214,
- 0230, 0223, 0053, 0331, 0274, 0114, 0202, 0312,
- 0036, 0233, 0127, 0074, 0375, 0324, 0340, 0026,
- 0147, 0102, 0157, 0030, 0212, 0027, 0345, 0022,
- 0276, 0116, 0304, 0326, 0332, 0236, 0336, 0111,
- 0240, 0373, 0365, 0216, 0273, 0057, 0356, 0172,
- 0251, 0150, 0171, 0221, 0025, 0262, 0007, 0077,
- 0224, 0302, 0020, 0211, 0013, 0042, 0137, 0041,
- 0200, 0177, 0135, 0232, 0132, 0220, 0062, 0047,
- 0065, 0076, 0314, 0347, 0277, 0367, 0227, 0003,
- 0377, 0031, 0060, 0263, 0110, 0245, 0265, 0321,
- 0327, 0136, 0222, 0052, 0254, 0126, 0252, 0306,
- 0117, 0270, 0070, 0322, 0226, 0244, 0175, 0266,
- 0166, 0374, 0153, 0342, 0234, 0164, 0004, 0361,
- 0105, 0235, 0160, 0131, 0144, 0161, 0207, 0040,
- 0206, 0133, 0317, 0145, 0346, 0055, 0250, 0002,
- 0033, 0140, 0045, 0255, 0256, 0260, 0271, 0366,
- 0034, 0106, 0141, 0151, 0064, 0100, 0176, 0017,
- 0125, 0107, 0243, 0043, 0335, 0121, 0257, 0072,
- 0303, 0134, 0371, 0316, 0272, 0305, 0352, 0046,
- 0054, 0123, 0015, 0156, 0205, 0050, 0204, 0011,
- 0323, 0337, 0315, 0364, 0101, 0201, 0115, 0122,
- 0152, 0334, 0067, 0310, 0154, 0301, 0253, 0372,
- 0044, 0341, 0173, 0010, 0014, 0275, 0261, 0112,
- 0170, 0210, 0225, 0213, 0343, 0143, 0350, 0155,
- 0351, 0313, 0325, 0376, 0073, 0000, 0035, 0071,
- 0362, 0357, 0267, 0016, 0146, 0130, 0320, 0344,
- 0246, 0167, 0162, 0370, 0353, 0165, 0113, 0012,
- 0061, 0104, 0120, 0264, 0217, 0355, 0037, 0032,
- 0333, 0231, 0215, 0063, 0237, 0021, 0203, 0024
-};
-
-SECStatus
-MD2_Hash(unsigned char *dest, const char *src)
-{
- unsigned int len;
- MD2Context *cx = MD2_NewContext();
- if (!cx) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- MD2_Begin(cx);
- MD2_Update(cx, (unsigned char *)src, PL_strlen(src));
- MD2_End(cx, dest, &len, MD2_DIGEST_LEN);
- MD2_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-MD2Context *
-MD2_NewContext(void)
-{
- MD2Context *cx = (MD2Context *)PORT_ZAlloc(sizeof(MD2Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- return cx;
-}
-
-void
-MD2_DestroyContext(MD2Context *cx, PRBool freeit)
-{
- if (freeit)
- PORT_ZFree(cx, sizeof(*cx));
-}
-
-void
-MD2_Begin(MD2Context *cx)
-{
- memset(cx, 0, sizeof(*cx));
- cx->unusedBuffer = MD2_BUFSIZE;
-}
-
-static void
-md2_compress(MD2Context *cx)
-{
- int j;
- unsigned char P;
- P = cx->checksum[MD2_CHECKSUM_SIZE-1];
- /* Compute the running checksum, and set the tmp variables to be
- * CV[i] XOR input[i]
- */
-#define CKSUMFN(n) \
- P = cx->checksum[n] ^ MD2S[cx->X[MD2_INPUT+n] ^ P]; \
- cx->checksum[n] = P; \
- cx->X[MD2_TMPVARS+n] = cx->X[n] ^ cx->X[MD2_INPUT+n];
- CKSUMFN(0);
- CKSUMFN(1);
- CKSUMFN(2);
- CKSUMFN(3);
- CKSUMFN(4);
- CKSUMFN(5);
- CKSUMFN(6);
- CKSUMFN(7);
- CKSUMFN(8);
- CKSUMFN(9);
- CKSUMFN(10);
- CKSUMFN(11);
- CKSUMFN(12);
- CKSUMFN(13);
- CKSUMFN(14);
- CKSUMFN(15);
- /* The compression function. */
-#define COMPRESS(n) \
- P = cx->X[n] ^ MD2S[P]; \
- cx->X[n] = P;
- P = 0x00;
- for (j=0; j<18; j++) {
- COMPRESS(0);
- COMPRESS(1);
- COMPRESS(2);
- COMPRESS(3);
- COMPRESS(4);
- COMPRESS(5);
- COMPRESS(6);
- COMPRESS(7);
- COMPRESS(8);
- COMPRESS(9);
- COMPRESS(10);
- COMPRESS(11);
- COMPRESS(12);
- COMPRESS(13);
- COMPRESS(14);
- COMPRESS(15);
- COMPRESS(16);
- COMPRESS(17);
- COMPRESS(18);
- COMPRESS(19);
- COMPRESS(20);
- COMPRESS(21);
- COMPRESS(22);
- COMPRESS(23);
- COMPRESS(24);
- COMPRESS(25);
- COMPRESS(26);
- COMPRESS(27);
- COMPRESS(28);
- COMPRESS(29);
- COMPRESS(30);
- COMPRESS(31);
- COMPRESS(32);
- COMPRESS(33);
- COMPRESS(34);
- COMPRESS(35);
- COMPRESS(36);
- COMPRESS(37);
- COMPRESS(38);
- COMPRESS(39);
- COMPRESS(40);
- COMPRESS(41);
- COMPRESS(42);
- COMPRESS(43);
- COMPRESS(44);
- COMPRESS(45);
- COMPRESS(46);
- COMPRESS(47);
- P = (P + j) % 256;
- }
- cx->unusedBuffer = MD2_BUFSIZE;
-}
-
-void
-MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
-{
- PRUint32 bytesToConsume;
-
- /* Fill the remaining input buffer. */
- if (cx->unusedBuffer != MD2_BUFSIZE) {
- bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer);
- memcpy(&cx->X[MD2_INPUT + (MD2_BUFSIZE - cx->unusedBuffer)],
- input, bytesToConsume);
- if (cx->unusedBuffer + bytesToConsume >= MD2_BUFSIZE)
- md2_compress(cx);
- inputLen -= bytesToConsume;
- input += bytesToConsume;
- }
-
- /* Iterate over 16-byte chunks of the input. */
- while (inputLen >= MD2_BUFSIZE) {
- memcpy(&cx->X[MD2_INPUT], input, MD2_BUFSIZE);
- md2_compress(cx);
- inputLen -= MD2_BUFSIZE;
- input += MD2_BUFSIZE;
- }
-
- /* Copy any input that remains into the buffer. */
- if (inputLen)
- memcpy(&cx->X[MD2_INPUT], input, inputLen);
- cx->unusedBuffer = MD2_BUFSIZE - inputLen;
-}
-
-void
-MD2_End(MD2Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
- PRUint8 padStart;
- if (maxDigestLen < MD2_BUFSIZE) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- padStart = MD2_BUFSIZE - cx->unusedBuffer;
- memset(&cx->X[MD2_INPUT + padStart], cx->unusedBuffer,
- cx->unusedBuffer);
- md2_compress(cx);
- memcpy(&cx->X[MD2_INPUT], cx->checksum, MD2_BUFSIZE);
- md2_compress(cx);
- *digestLen = MD2_DIGEST_LEN;
- memcpy(digest, &cx->X[MD2_CV], MD2_DIGEST_LEN);
-}
-
-unsigned int
-MD2_FlattenSize(MD2Context *cx)
-{
- return sizeof(*cx);
-}
-
-SECStatus
-MD2_Flatten(MD2Context *cx, unsigned char *space)
-{
- memcpy(space, cx, sizeof(*cx));
- return SECSuccess;
-}
-
-MD2Context *
-MD2_Resurrect(unsigned char *space, void *arg)
-{
- MD2Context *cx = MD2_NewContext();
- if (cx)
- memcpy(cx, space, sizeof(*cx));
- return cx;
-}
diff --git a/security/nss/lib/freebl/md5.c b/security/nss/lib/freebl/md5.c
deleted file mode 100644
index ebdebe351..000000000
--- a/security/nss/lib/freebl/md5.c
+++ /dev/null
@@ -1,532 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prlong.h"
-
-#include "blapi.h"
-
-#define MD5_HASH_LEN 16
-#define MD5_BUFFER_SIZE 64
-#define MD5_END_BUFFER (MD5_BUFFER_SIZE - 8)
-
-#define CV0_1 0x67452301
-#define CV0_2 0xefcdab89
-#define CV0_3 0x98badcfe
-#define CV0_4 0x10325476
-
-#define T1_0 0xd76aa478
-#define T1_1 0xe8c7b756
-#define T1_2 0x242070db
-#define T1_3 0xc1bdceee
-#define T1_4 0xf57c0faf
-#define T1_5 0x4787c62a
-#define T1_6 0xa8304613
-#define T1_7 0xfd469501
-#define T1_8 0x698098d8
-#define T1_9 0x8b44f7af
-#define T1_10 0xffff5bb1
-#define T1_11 0x895cd7be
-#define T1_12 0x6b901122
-#define T1_13 0xfd987193
-#define T1_14 0xa679438e
-#define T1_15 0x49b40821
-
-#define T2_0 0xf61e2562
-#define T2_1 0xc040b340
-#define T2_2 0x265e5a51
-#define T2_3 0xe9b6c7aa
-#define T2_4 0xd62f105d
-#define T2_5 0x02441453
-#define T2_6 0xd8a1e681
-#define T2_7 0xe7d3fbc8
-#define T2_8 0x21e1cde6
-#define T2_9 0xc33707d6
-#define T2_10 0xf4d50d87
-#define T2_11 0x455a14ed
-#define T2_12 0xa9e3e905
-#define T2_13 0xfcefa3f8
-#define T2_14 0x676f02d9
-#define T2_15 0x8d2a4c8a
-
-#define T3_0 0xfffa3942
-#define T3_1 0x8771f681
-#define T3_2 0x6d9d6122
-#define T3_3 0xfde5380c
-#define T3_4 0xa4beea44
-#define T3_5 0x4bdecfa9
-#define T3_6 0xf6bb4b60
-#define T3_7 0xbebfbc70
-#define T3_8 0x289b7ec6
-#define T3_9 0xeaa127fa
-#define T3_10 0xd4ef3085
-#define T3_11 0x04881d05
-#define T3_12 0xd9d4d039
-#define T3_13 0xe6db99e5
-#define T3_14 0x1fa27cf8
-#define T3_15 0xc4ac5665
-
-#define T4_0 0xf4292244
-#define T4_1 0x432aff97
-#define T4_2 0xab9423a7
-#define T4_3 0xfc93a039
-#define T4_4 0x655b59c3
-#define T4_5 0x8f0ccc92
-#define T4_6 0xffeff47d
-#define T4_7 0x85845dd1
-#define T4_8 0x6fa87e4f
-#define T4_9 0xfe2ce6e0
-#define T4_10 0xa3014314
-#define T4_11 0x4e0811a1
-#define T4_12 0xf7537e82
-#define T4_13 0xbd3af235
-#define T4_14 0x2ad7d2bb
-#define T4_15 0xeb86d391
-
-#define R1B0 0
-#define R1B1 1
-#define R1B2 2
-#define R1B3 3
-#define R1B4 4
-#define R1B5 5
-#define R1B6 6
-#define R1B7 7
-#define R1B8 8
-#define R1B9 9
-#define R1B10 10
-#define R1B11 11
-#define R1B12 12
-#define R1B13 13
-#define R1B14 14
-#define R1B15 15
-
-#define R2B0 1
-#define R2B1 6
-#define R2B2 11
-#define R2B3 0
-#define R2B4 5
-#define R2B5 10
-#define R2B6 15
-#define R2B7 4
-#define R2B8 9
-#define R2B9 14
-#define R2B10 3
-#define R2B11 8
-#define R2B12 13
-#define R2B13 2
-#define R2B14 7
-#define R2B15 12
-
-#define R3B0 5
-#define R3B1 8
-#define R3B2 11
-#define R3B3 14
-#define R3B4 1
-#define R3B5 4
-#define R3B6 7
-#define R3B7 10
-#define R3B8 13
-#define R3B9 0
-#define R3B10 3
-#define R3B11 6
-#define R3B12 9
-#define R3B13 12
-#define R3B14 15
-#define R3B15 2
-
-#define R4B0 0
-#define R4B1 7
-#define R4B2 14
-#define R4B3 5
-#define R4B4 12
-#define R4B5 3
-#define R4B6 10
-#define R4B7 1
-#define R4B8 8
-#define R4B9 15
-#define R4B10 6
-#define R4B11 13
-#define R4B12 4
-#define R4B13 11
-#define R4B14 2
-#define R4B15 9
-
-#define S1_0 7
-#define S1_1 12
-#define S1_2 17
-#define S1_3 22
-
-#define S2_0 5
-#define S2_1 9
-#define S2_2 14
-#define S2_3 20
-
-#define S3_0 4
-#define S3_1 11
-#define S3_2 16
-#define S3_3 23
-
-#define S4_0 6
-#define S4_1 10
-#define S4_2 15
-#define S4_3 21
-
-struct MD5ContextStr {
- PRUint32 lsbInput;
- PRUint32 msbInput;
- PRUint32 cv[4];
- union {
- PRUint8 b[64];
- PRUint32 w[16];
- } u;
-};
-
-#define inBuf u.b
-
-SECStatus
-MD5_Hash(unsigned char *dest, const char *src)
-{
- return MD5_HashBuf(dest, (unsigned char *)src, PL_strlen(src));
-}
-
-SECStatus
-MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- unsigned int len;
- MD5Context *cx = MD5_NewContext();
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- MD5_Begin(cx);
- MD5_Update(cx, src, src_length);
- MD5_End(cx, dest, &len, MD5_HASH_LEN);
- MD5_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-MD5Context *
-MD5_NewContext(void)
-{
- /* no need to ZAlloc, MD5_Begin will init the context */
- MD5Context *cx = (MD5Context *)PORT_Alloc(sizeof(MD5Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- return cx;
-}
-
-void
-MD5_DestroyContext(MD5Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_ZFree(cx, sizeof(MD5Context));
- }
-}
-
-void
-MD5_Begin(MD5Context *cx)
-{
- cx->lsbInput = 0;
- cx->msbInput = 0;
- memset(cx->inBuf, 0, sizeof(cx->inBuf));
- cx->cv[0] = CV0_1;
- cx->cv[1] = CV0_2;
- cx->cv[2] = CV0_3;
- cx->cv[3] = CV0_4;
-}
-
-#define cls(i32, s) (tmp = i32, tmp << s | tmp >> (32 - s))
-
-#define MASK 0x00ff00ff
-#ifdef IS_LITTLE_ENDIAN
-#define lendian(i32) \
- (i32)
-#else
-#define lendian(i32) \
- (tmp = i32 >> 16 | i32 << 16, (tmp & MASK) << 8 | tmp >> 8 & MASK)
-#endif
-
-#if defined(SOLARIS) || defined(HPUX)
-#define addto64(sumhigh, sumlow, addend) \
- sumlow += addend; sumhigh += (sumlow < addend);
-#else
-#define addto64(sumhigh, sumlow, addend) \
- sumlow += addend; if (sumlow < addend) ++sumhigh;
-#endif
-
-#define F(X, Y, Z) \
- ((X & Y) | ((~X) & Z))
-
-#define G(X, Y, Z) \
- ((X & Z) | (Y & (~Z)))
-
-#define H(X, Y, Z) \
- (X ^ Y ^ Z)
-
-#define I(X, Y, Z) \
- (Y ^ (X | (~Z)))
-
-#define FF(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + F(b, c, d) + bufint + ti, s)
-
-#define GG(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + G(b, c, d) + bufint + ti, s)
-
-#define HH(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + H(b, c, d) + bufint + ti, s)
-
-#define II(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + I(b, c, d) + bufint + ti, s)
-
-static void
-md5_compress(MD5Context *cx)
-{
- PRUint32 a, b, c, d;
- PRUint32 tmp;
- a = cx->cv[0];
- b = cx->cv[1];
- c = cx->cv[2];
- d = cx->cv[3];
-#ifndef IS_LITTLE_ENDIAN
- cx->u.w[0] = lendian(cx->u.w[0]);
- cx->u.w[1] = lendian(cx->u.w[1]);
- cx->u.w[2] = lendian(cx->u.w[2]);
- cx->u.w[3] = lendian(cx->u.w[3]);
- cx->u.w[4] = lendian(cx->u.w[4]);
- cx->u.w[5] = lendian(cx->u.w[5]);
- cx->u.w[6] = lendian(cx->u.w[6]);
- cx->u.w[7] = lendian(cx->u.w[7]);
- cx->u.w[8] = lendian(cx->u.w[8]);
- cx->u.w[9] = lendian(cx->u.w[9]);
- cx->u.w[10] = lendian(cx->u.w[10]);
- cx->u.w[11] = lendian(cx->u.w[11]);
- cx->u.w[12] = lendian(cx->u.w[12]);
- cx->u.w[13] = lendian(cx->u.w[13]);
- cx->u.w[14] = lendian(cx->u.w[14]);
- cx->u.w[15] = lendian(cx->u.w[15]);
-#endif
- FF(a, b, c, d, cx->u.w[R1B0 ], S1_0, T1_0);
- FF(d, a, b, c, cx->u.w[R1B1 ], S1_1, T1_1);
- FF(c, d, a, b, cx->u.w[R1B2 ], S1_2, T1_2);
- FF(b, c, d, a, cx->u.w[R1B3 ], S1_3, T1_3);
- FF(a, b, c, d, cx->u.w[R1B4 ], S1_0, T1_4);
- FF(d, a, b, c, cx->u.w[R1B5 ], S1_1, T1_5);
- FF(c, d, a, b, cx->u.w[R1B6 ], S1_2, T1_6);
- FF(b, c, d, a, cx->u.w[R1B7 ], S1_3, T1_7);
- FF(a, b, c, d, cx->u.w[R1B8 ], S1_0, T1_8);
- FF(d, a, b, c, cx->u.w[R1B9 ], S1_1, T1_9);
- FF(c, d, a, b, cx->u.w[R1B10], S1_2, T1_10);
- FF(b, c, d, a, cx->u.w[R1B11], S1_3, T1_11);
- FF(a, b, c, d, cx->u.w[R1B12], S1_0, T1_12);
- FF(d, a, b, c, cx->u.w[R1B13], S1_1, T1_13);
- FF(c, d, a, b, cx->u.w[R1B14], S1_2, T1_14);
- FF(b, c, d, a, cx->u.w[R1B15], S1_3, T1_15);
- GG(a, b, c, d, cx->u.w[R2B0 ], S2_0, T2_0);
- GG(d, a, b, c, cx->u.w[R2B1 ], S2_1, T2_1);
- GG(c, d, a, b, cx->u.w[R2B2 ], S2_2, T2_2);
- GG(b, c, d, a, cx->u.w[R2B3 ], S2_3, T2_3);
- GG(a, b, c, d, cx->u.w[R2B4 ], S2_0, T2_4);
- GG(d, a, b, c, cx->u.w[R2B5 ], S2_1, T2_5);
- GG(c, d, a, b, cx->u.w[R2B6 ], S2_2, T2_6);
- GG(b, c, d, a, cx->u.w[R2B7 ], S2_3, T2_7);
- GG(a, b, c, d, cx->u.w[R2B8 ], S2_0, T2_8);
- GG(d, a, b, c, cx->u.w[R2B9 ], S2_1, T2_9);
- GG(c, d, a, b, cx->u.w[R2B10], S2_2, T2_10);
- GG(b, c, d, a, cx->u.w[R2B11], S2_3, T2_11);
- GG(a, b, c, d, cx->u.w[R2B12], S2_0, T2_12);
- GG(d, a, b, c, cx->u.w[R2B13], S2_1, T2_13);
- GG(c, d, a, b, cx->u.w[R2B14], S2_2, T2_14);
- GG(b, c, d, a, cx->u.w[R2B15], S2_3, T2_15);
- HH(a, b, c, d, cx->u.w[R3B0 ], S3_0, T3_0);
- HH(d, a, b, c, cx->u.w[R3B1 ], S3_1, T3_1);
- HH(c, d, a, b, cx->u.w[R3B2 ], S3_2, T3_2);
- HH(b, c, d, a, cx->u.w[R3B3 ], S3_3, T3_3);
- HH(a, b, c, d, cx->u.w[R3B4 ], S3_0, T3_4);
- HH(d, a, b, c, cx->u.w[R3B5 ], S3_1, T3_5);
- HH(c, d, a, b, cx->u.w[R3B6 ], S3_2, T3_6);
- HH(b, c, d, a, cx->u.w[R3B7 ], S3_3, T3_7);
- HH(a, b, c, d, cx->u.w[R3B8 ], S3_0, T3_8);
- HH(d, a, b, c, cx->u.w[R3B9 ], S3_1, T3_9);
- HH(c, d, a, b, cx->u.w[R3B10], S3_2, T3_10);
- HH(b, c, d, a, cx->u.w[R3B11], S3_3, T3_11);
- HH(a, b, c, d, cx->u.w[R3B12], S3_0, T3_12);
- HH(d, a, b, c, cx->u.w[R3B13], S3_1, T3_13);
- HH(c, d, a, b, cx->u.w[R3B14], S3_2, T3_14);
- HH(b, c, d, a, cx->u.w[R3B15], S3_3, T3_15);
- II(a, b, c, d, cx->u.w[R4B0 ], S4_0, T4_0);
- II(d, a, b, c, cx->u.w[R4B1 ], S4_1, T4_1);
- II(c, d, a, b, cx->u.w[R4B2 ], S4_2, T4_2);
- II(b, c, d, a, cx->u.w[R4B3 ], S4_3, T4_3);
- II(a, b, c, d, cx->u.w[R4B4 ], S4_0, T4_4);
- II(d, a, b, c, cx->u.w[R4B5 ], S4_1, T4_5);
- II(c, d, a, b, cx->u.w[R4B6 ], S4_2, T4_6);
- II(b, c, d, a, cx->u.w[R4B7 ], S4_3, T4_7);
- II(a, b, c, d, cx->u.w[R4B8 ], S4_0, T4_8);
- II(d, a, b, c, cx->u.w[R4B9 ], S4_1, T4_9);
- II(c, d, a, b, cx->u.w[R4B10], S4_2, T4_10);
- II(b, c, d, a, cx->u.w[R4B11], S4_3, T4_11);
- II(a, b, c, d, cx->u.w[R4B12], S4_0, T4_12);
- II(d, a, b, c, cx->u.w[R4B13], S4_1, T4_13);
- II(c, d, a, b, cx->u.w[R4B14], S4_2, T4_14);
- II(b, c, d, a, cx->u.w[R4B15], S4_3, T4_15);
- cx->cv[0] += a;
- cx->cv[1] += b;
- cx->cv[2] += c;
- cx->cv[3] += d;
-}
-
-void
-MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
-{
- PRUint32 bytesToConsume;
- PRUint32 inBufIndex = cx->lsbInput & 63;
-
- /* Add the number of input bytes to the 64-bit input counter. */
- addto64(cx->msbInput, cx->lsbInput, inputLen);
- if (inBufIndex) {
- /* There is already data in the buffer. Fill with input. */
- bytesToConsume = PR_MIN(inputLen, MD5_BUFFER_SIZE - inBufIndex);
- memcpy(&cx->inBuf[inBufIndex], input, bytesToConsume);
- if (inBufIndex + bytesToConsume >= MD5_BUFFER_SIZE)
- /* The buffer is filled. Run the compression function. */
- md5_compress(cx);
- /* Remaining input. */
- inputLen -= bytesToConsume;
- input += bytesToConsume;
- }
-
- /* Iterate over 64-byte chunks of the message. */
- while (inputLen >= MD5_BUFFER_SIZE) {
- memcpy(cx->inBuf, input, MD5_BUFFER_SIZE);
- md5_compress(cx);
- inputLen -= MD5_BUFFER_SIZE;
- input += MD5_BUFFER_SIZE;
- }
-
- /* Tail of message (message bytes mod 64). */
- if (inputLen)
- memcpy(cx->inBuf, input, inputLen);
-}
-
-static const unsigned char padbytes[] = {
- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-
-void
-MD5_End(MD5Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
-#ifndef IS_LITTLE_ENDIAN
- PRUint32 tmp;
-#endif
- PRUint32 lowInput, highInput;
- PRUint32 inBufIndex = cx->lsbInput & 63;
-
- if (maxDigestLen < MD5_HASH_LEN) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
-
- /* Copy out the length of bits input before padding. */
- lowInput = cx->lsbInput;
- highInput = (cx->msbInput << 3) | (lowInput >> 29);
- lowInput <<= 3;
-
- if (inBufIndex < MD5_END_BUFFER) {
- MD5_Update(cx, padbytes, MD5_END_BUFFER - inBufIndex);
- } else {
- MD5_Update(cx, padbytes,
- MD5_END_BUFFER + MD5_BUFFER_SIZE - inBufIndex);
- }
-
- /* Store the number of bytes input (before padding) in final 64 bits. */
- cx->u.w[14] = lendian(lowInput);
- cx->u.w[15] = lendian(highInput);
-
- /* Final call to compress. */
- md5_compress(cx);
-
- /* Copy the resulting values out of the chain variables into return buf. */
- *digestLen = MD5_HASH_LEN;
-#ifndef IS_LITTLE_ENDIAN
- cx->cv[0] = lendian(cx->cv[0]);
- cx->cv[1] = lendian(cx->cv[1]);
- cx->cv[2] = lendian(cx->cv[2]);
- cx->cv[3] = lendian(cx->cv[3]);
-#endif
- memcpy(digest, cx->cv, MD5_HASH_LEN);
-}
-
-unsigned int
-MD5_FlattenSize(MD5Context *cx)
-{
- return sizeof(*cx);
-}
-
-SECStatus
-MD5_Flatten(MD5Context *cx, unsigned char *space)
-{
- memcpy(space, cx, sizeof(*cx));
- return SECSuccess;
-}
-
-MD5Context *
-MD5_Resurrect(unsigned char *space, void *arg)
-{
- MD5Context *cx = MD5_NewContext();
- if (cx)
- memcpy(cx, space, sizeof(*cx));
- return cx;
-}
-
-void
-MD5_TraceState(MD5Context *cx)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-}
diff --git a/security/nss/lib/freebl/mknewpc2.c b/security/nss/lib/freebl/mknewpc2.c
deleted file mode 100644
index 3bd3f0cf0..000000000
--- a/security/nss/lib/freebl/mknewpc2.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
- * mknewpc2.c
- *
- * Generate PC-2 tables for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-typedef unsigned char BYTE;
-typedef unsigned int HALF;
-
-#define DES_ENCRYPT 0
-#define DES_DECRYPT 1
-
-/* two 28-bit registers defined in key schedule production process */
-static HALF C0, D0;
-
-static HALF L0, R0;
-
-/* key schedule, 16 internal keys, each with 8 6-bit parts */
-static BYTE KS [8] [16];
-
-
-/*
- * This table takes the 56 bits in C0 and D0 and shows show they are
- * permuted into the 8 6-bit parts of the key in the key schedule.
- * The bits of C0 are numbered left to right, 1-28.
- * The bits of D0 are numbered left to right, 29-56.
- * Zeros in this table represent bits that are always zero.
- * Note that all the bits in the first 4 rows come from C0,
- * and all the bits in the second 4 rows come from D0.
- */
-static const BYTE PC2[64] = {
- 14, 17, 11, 24, 1, 5, 0, 0, /* S1 */
- 3, 28, 15, 6, 21, 10, 0, 0, /* S2 */
- 23, 19, 12, 4, 26, 8, 0, 0, /* S3 */
- 16, 7, 27, 20, 13, 2, 0, 0, /* S4 */
-
- 41, 52, 31, 37, 47, 55, 0, 0, /* S5 */
- 30, 40, 51, 45, 33, 48, 0, 0, /* S6 */
- 44, 49, 39, 56, 34, 53, 0, 0, /* S7 */
- 46, 42, 50, 36, 29, 32, 0, 0 /* S8 */
-};
-
-/* This table represents the same info as PC2, except that
- * The bits of C0 and D0 are each numbered right to left, 0-27.
- * -1 values indicate bits that are always zero.
- * As before all the bits in the first 4 rows come from C0,
- * and all the bits in the second 4 rows come from D0.
- */
-static signed char PC2a[64] = {
-/* bits of C0 */
- 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */
- 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */
- 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */
- 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */
-/* bits of D0 */
- 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */
- 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */
- 12, 7, 17, 0, 22, 3, -1, -1, /* S7 */
- 10, 14, 6, 20, 27, 24, -1, -1 /* S8 */
-};
-
-/* This table represents the same info as PC2a, except that
- * The order of of the rows has been changed to increase the efficiency
- * with which the key sechedule is created.
- * Fewer shifts and ANDs are required to make the KS from these.
- */
-static const signed char PC2b[64] = {
-/* bits of C0 */
- 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */
- 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */
- 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */
- 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */
-/* bits of D0 */
- 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */
- 10, 14, 6, 20, 27, 24, -1, -1, /* S8 */
- 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */
- 12, 7, 17, 0, 22, 3, -1, -1 /* S7 */
-};
-
-/* Only 24 of the 28 bits in C0 and D0 are used in PC2.
- * The used bits of C0 and D0 are grouped into 4 groups of 6,
- * so that the PC2 permutation can be accomplished with 4 lookups
- * in tables of 64 entries.
- * The following table shows how the bits of C0 and D0 are grouped
- * into indexes for the respective table lookups.
- * Bits are numbered right-to-left, 0-27, as in PC2b.
- */
-static BYTE NDX[48] = {
-/* Bits of C0 */
- 27, 26, 25, 24, 23, 22, /* C0 table 0 */
- 18, 17, 16, 15, 14, 13, /* C0 table 1 */
- 9, 8, 7, 2, 1, 0, /* C0 table 2 */
- 5, 4, 21, 20, 12, 11, /* C0 table 3 */
-/* bits of D0 */
- 27, 26, 25, 24, 23, 22, /* D0 table 0 */
- 20, 19, 17, 16, 15, 14, /* D0 table 1 */
- 12, 11, 10, 9, 8, 7, /* D0 table 2 */
- 6, 5, 4, 3, 1, 0 /* D0 table 3 */
-};
-
-/* Here's the code that does that grouping.
- left = PC2LOOKUP(0, 0, ((c0 >> 22) & 0x3F) );
- left |= PC2LOOKUP(0, 1, ((c0 >> 13) & 0x3F) );
- left |= PC2LOOKUP(0, 2, ((c0 >> 4) & 0x38) | (c0 & 0x7) );
- left |= PC2LOOKUP(0, 3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30));
-
- right = PC2LOOKUP(1, 0, ((d0 >> 22) & 0x3F) );
- right |= PC2LOOKUP(1, 1, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) );
- right |= PC2LOOKUP(1, 2, ((d0 >> 7) & 0x3F) );
- right |= PC2LOOKUP(1, 3, ((d0 >> 1) & 0x3C) | (d0 & 0x3));
-*/
-
-void
-make_pc2a( void )
-{
-
- int i, j;
-
- for ( i = 0; i < 64; ++i ) {
- j = PC2[i];
- if (j == 0)
- j = -1;
- else if ( j < 29 )
- j = 28 - j ;
- else
- j = 56 - j;
- PC2a[i] = j;
- }
- for ( i = 0; i < 64; i += 8 ) {
- printf("%3d,%3d,%3d,%3d,%3d,%3d,%3d,%3d,\n",
- PC2a[i+0],PC2a[i+1],PC2a[i+2],PC2a[i+3],
- PC2a[i+4],PC2a[i+5],PC2a[i+6],PC2a[i+7] );
- }
-}
-
-HALF PC2cd0[64];
-
-HALF PC_2H[8][64];
-
-void
-mktable( )
-{
- int i;
- int table;
- const BYTE * ndx = NDX;
- HALF mask;
-
- mask = 0x80000000;
- for (i = 0; i < 32; ++i, mask >>= 1) {
- int bit = PC2b[i];
- if (bit < 0)
- continue;
- PC2cd0[bit + 32] = mask;
- }
-
- mask = 0x80000000;
- for (i = 32; i < 64; ++i, mask >>= 1) {
- int bit = PC2b[i];
- if (bit < 0)
- continue;
- PC2cd0[bit] = mask;
- }
-
-#if DEBUG
- for (i = 0; i < 64; ++i) {
- printf("0x%08x,\n", PC2cd0[i]);
- }
-#endif
- for (i = 0; i < 24; ++i) {
- NDX[i] += 32; /* because c0 is the upper half */
- }
-
- for (table = 0; table < 8; ++table) {
- HALF bitvals[6];
- for (i = 0; i < 6; ++i) {
- bitvals[5-i] = PC2cd0[*ndx++];
- }
- for (i = 0; i < 64; ++i) {
- int j;
- int k = 0;
- HALF value = 0;
-
- for (j = i; j; j >>= 1, ++k) {
- if (j & 1) {
- value |= bitvals[k];
- }
- }
- PC_2H[table][i] = value;
- }
- printf("/* table %d */ {\n", table );
- for (i = 0; i < 64; i += 4) {
- printf(" 0x%08x, 0x%08x, 0x%08x, 0x%08x, \n",
- PC_2H[table][i], PC_2H[table][i+1],
- PC_2H[table][i+2], PC_2H[table][i+3]);
- }
- printf(" },\n");
- }
-}
-
-
-int
-main(void)
-{
-/* make_pc2a(); */
- mktable();
- return 0;
-}
diff --git a/security/nss/lib/freebl/mksp.c b/security/nss/lib/freebl/mksp.c
deleted file mode 100644
index 17ce7bc2a..000000000
--- a/security/nss/lib/freebl/mksp.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * mksp.c
- *
- * Generate SP tables for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-
-/*
- * sboxes - the tables for the s-box functions
- * from FIPS 46, pages 15-16.
- */
-unsigned char S[8][64] = {
-/* Func S1 = */ {
- 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
- 3, 10, 10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
- 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
- 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13
- },
-/* Func S2 = */ {
- 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
- 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
- 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
- 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9
- },
-/* Func S3 = */ {
- 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
- 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
- 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
- 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12
- },
-/* Func S4 = */ {
- 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
- 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
- 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
- 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14
- },
-/* Func S5 = */ {
- 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
- 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
- 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
- 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3
- },
-/* Func S6 = */ {
- 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
- 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
- 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
- 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13
- },
-/* Func S7 = */ {
- 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
- 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
- 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
- 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12
- },
-/* Func S8 = */ {
- 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
- 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
- 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
- 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
- }
-};
-
-/*
- * Permutation function for results from s-boxes
- * from FIPS 46 pages 12 and 16.
- * P =
- */
-unsigned char P[32] = {
- 16, 7, 20, 21, 29, 12, 28, 17,
- 1, 15, 23, 26, 5, 18, 31, 10,
- 2, 8, 24, 14, 32, 27, 3, 9,
- 19, 13, 30, 6, 22, 11, 4, 25
-};
-
-unsigned int Pinv[32];
-unsigned int SP[8][64];
-
-void
-makePinv(void)
-{
- int i;
- unsigned int Pi = 0x80000000;
- for (i = 0; i < 32; ++i) {
- int j = 32 - P[i];
- Pinv[j] = Pi;
- Pi >>= 1;
- }
-}
-
-void
-makeSP(void)
-{
- int box;
- for (box = 0; box < 8; ++box) {
- int item;
- printf("/* box S%d */ {\n", box + 1);
- for (item = 0; item < 64; ++item ) {
- unsigned int s = S[box][item];
- unsigned int val = 0;
- unsigned int bitnum = (7-box) * 4;
- for (; s; s >>= 1, ++bitnum) {
- if (s & 1) {
- val |= Pinv[bitnum];
- }
- }
- val = (val << 3) | (val >> 29);
- SP[box][item] = val;
- }
- for (item = 0; item < 64; item += 4) {
- printf("\t0x%08x, 0x%08x, 0x%08x, 0x%08x,\n",
- SP[box][item], SP[box][item+1], SP[box][item+2], SP[box][item+3]);
- }
- printf(" },\n");
- }
-}
-
-int
-main()
-{
- makePinv();
- makeSP();
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/Makefile b/security/nss/lib/freebl/mpi/Makefile
deleted file mode 100644
index edf22894d..000000000
--- a/security/nss/lib/freebl/mpi/Makefile
+++ /dev/null
@@ -1,451 +0,0 @@
-##
-## Makefile for MPI library
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-## Richard C. Swift (swift@netscape.com)
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use. The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-
-##
-## Define PERL to point to your local Perl interpreter. It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
-CFLAGS= -O $(MPICMN)
-#CFLAGS=-ansi -fullwarn -woff 1521 -O3 $(MPICMN)
-#CFLAGS=-ansi -pedantic -Wall -O3 $(MPICMN)
-#CFLAGS=-ansi -pedantic -Wall -g -O2 -DMP_DEBUG=1 $(MPICMN)
-
-ifeq ($(TARGET),mipsIRIX)
-#IRIX
-#MPICMN += -DMP_MONT_USE_MP_MUL
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-MPICMN += -DMP_USE_UINT_DIGIT
-#MPICMN += -DMP_NO_MP_WORD
-AS_OBJS = mpi_mips.o
-#ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 -exceptions
-ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3
-#CFLAGS=-ansi -n32 -O3 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-CFLAGS=-ansi -n32 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-#CFLAGS=-ansi -n32 -g -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-#CFLAGS=-ansi -64 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE -DMP_NO_MP_WORD \
- $(MPICMN)
-endif
-
-ifeq ($(TARGET),alphaOSF1)
-#Alpha/OSF1
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-AS_OBJS+= mpvalpha.o
-#CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT $(MPICMN)
-CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT \
- -DMP_NO_MP_WORD $(MPICMN)
-endif
-
-ifeq ($(TARGET),v9SOLARIS)
-#Solaris 64
-SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt
-#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v9a -KPIC -mt
-SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v9a -KPIC -mt
-AS_OBJS += montmulfv9.o
-AS_OBJS += mpi_sparc.o mpv_sparcv9.o
-MPICMN += -DMP_USE_UINT_DIGIT
-#MPICMN += -DMP_NO_MP_WORD
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-MPICMN += -DMP_USING_MONT_MULF
-CFLAGS= -O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN)
-#CFLAGS= -g -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),v8plusSOLARIS)
-#Solaris 32
-SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8plusa -KPIC -mt
-SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt
-AS_OBJS += montmulfv8.o
-AS_OBJS += mpi_sparc.o mpv_sparcv8.o
-#AS_OBJS = montmulf.o
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-MPICMN += -DMP_USING_MONT_MULF
-MPICMN += -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_MP_WORD
-CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8plus -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),v8SOLARIS)
-#Solaris 32
-#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8 -KPIC -mt
-#SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt
-#AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o
-#AS_OBJS = montmulf.o
-#MPICMN += -DMP_USING_MONT_MULF
-#MPICMN += -DMP_ASSEMBLY_MULTIPLY
-MPICMN += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_MP_WORD
-CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),ia64HPUX)
-#HPUX 32 on ia64 -- 64 bit digits SCREAM.
-# This one is for DD32 which is the 32-bit ABI with 64-bit registers.
-CFLAGS= +O3 -DHPUX10 -D_POSIX_C_SOURCE=199506L -Aa +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +p +DD32 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
-#CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Aa +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +p +DD32 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
-#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +p +DD32 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
-endif
-
-ifeq ($(TARGET),ia64HPUX64)
-#HPUX 32 on ia64
-# This one is for DD64 which is the 64-bit ABI
-CFLAGS= +O3 -DHPUX10 -D_POSIX_C_SOURCE=199506L -Aa +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +p +DD64 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
-#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +p +DD64 -DHPUX11 -DXP_UNIX -Wl,+k $(MPICMN)
-endif
-
-ifeq ($(TARGET),PA2.0WHPUX)
-#HPUX64 (HP PA 2.0 Wide) using MAXPY and 64-bit digits
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-AS_OBJS = mpi_hp.o hpma512.o hppa20.o
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +O3 +DChpux -DHPUX11 -DXP_UNIX \
- $(MPICMN)
-#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
- $(MPICMN)
-AS = $(CC) $(CFLAGS) -c
-endif
-
-ifeq ($(TARGET),PA2.0NHPUX)
-#HPUX32 (HP PA 2.0 Narrow) hybrid model, using 32-bit digits
-# This one is for DA2.0 (N) which is the 32-bit ABI with 64-bit registers.
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-AS_OBJS = mpi_hp.o hpma512.o hppa20.o
-CFLAGS= +O3 -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
- -Wl,+k $(MPICMN)
-#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
- -Wl,+k $(MPICMN)
-AS = $(CC) $(CFLAGS) -c
-endif
-
-ifeq ($(TARGET),PA1.1HPUX)
-#HPUX32 (HP PA 1.1) Pure 32 bit
-MPICMN += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
-##CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
-# -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),32AIX)
-#
-CC = xlC_r
-MPICMN += -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_DIV_WORD
-#MPICMN += -DMP_NO_MUL_WORD
-MPICMN += -DMP_NO_ADD_WORD
-MPICMN += -DMP_NO_SUB_WORD
-#MPICMN += -DMP_NO_MP_WORD
-#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
-CFLAGS = -O -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-#CFLAGS = -g -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-#CFLAGS += -pg
-endif
-
-ifeq ($(TARGET),64AIX)
-#
-CC = xlC_r
-MPICMN += -DMP_USE_UINT_DIGIT
-CFLAGS = -O -O2 -DAIX -DSYSV -qarch=com -DAIX_64BIT -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-OBJECT_MODE=64
-export OBJECT_MODE
-endif
-
-ifeq ($(TARGET),x86LINUX)
-#Linux
-AS_OBJS = mpi_x86.o
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-MPICMN += -DMP_MONT_USE_MP_MUL
-CFLAGS= -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
-#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -DDEBUG -UNDEBUG -D_REENTRANT $(MPICMN)
-#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
-endif
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library. Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-##
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and
-## building the distribution tarball. Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS= mpi.c mpprime.c mplogic.c mp_gf2m.c mpmontg.c mpi-test.c primes.c tests/ \
- utils/gcd.c utils/invmod.c utils/lap.c \
- utils/ptab.pl utils/sieve.c utils/isprime.c\
- utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
- utils/bbsrand.c utils/prng.c utils/primegen.c \
- utils/basecvt.c utils/makeprime.c\
- utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
- utils/mpi.h utils/mpprime.h mulsqr.c \
- make-test-arrays test-arrays.txt all-tests make-logtab \
- types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h mp_gf2m.h \
- utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd invmod isprime lap dec2hex hex2dec primegen prng \
- basecvt fact exptmod pi makeprime identest
-
-LIBOBJS = mpprime.o mpmontg.o mplogic.o mp_gf2m.o mpi.o $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mp_gf2m.h mpprime.h
-
-help:
- @ echo ""
- @ echo "The following targets can be built with this Makefile:"
- @ echo ""
- @ echo "libmpi.a - arithmetic and prime testing library"
- @ echo "mpi-test - test driver (requires MP_IOFUNC)"
- @ echo "tools - command line tools"
- @ echo "doc - manual pages for tools"
- @ echo "clean - clean up objects and such"
- @ echo "distclean - get ready for distribution"
- @ echo "dist - distribution tarball"
- @ echo ""
-
-.SUFFIXES: .c .o .i
-
-.c.i:
- $(CC) $(CFLAGS) -E $< > $@
-
-#.c.o: $*.h $*.c
-# $(CC) $(CFLAGS) -c $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
- $(PERL) make-logtab > logtab.h
-
-mpi.o: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.o: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mp_gf2m.o: mp_gf2m.c mpi-priv.h mp_gf2m.h $(LIBHDRS)
-
-mpmontg.o: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.o: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.o: mpi_mips.s
- $(CC) -o $@ $(ASFLAGS) -c mpi_mips.s
-
-mpi_sparc.o : montmulf.h
-
-mpv_sparcv9.s: vis_64.il mpv_sparc.c
- $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_64.il mpv_sparc.c
-
-mpv_sparcv8.s: vis_64.il mpv_sparc.c
- $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_32.il mpv_sparc.c
-
-montmulfv8.o montmulfv9.o mpv_sparcv8.o mpv_sparcv9.o : %.o : %.s
- $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -c $<
-
-# This rule is used to build the .s sources, which are then hand optimized.
-#montmulfv8.s montmulfv9.s : montmulf%.s : montmulf%.il montmulf.c montmulf.h
-# $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -S montmulf$*.il montmulf.c
-
-
-libmpi.a: $(LIBOBJS)
- ar -cvr libmpi.a $(LIBOBJS)
- $(RANLIB) libmpi.a
-
-lib libs: libmpi.a
-
-mpi.i: mpi.h
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.o mptest2.o mptest3.o mptest3a.o mptest4.o mptest4a.o \
- mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o mptestb.o
-MPTESTS = $(MPTESTOBJS:.o=)
-
-$(MPTESTOBJS): mptest%.o: tests/mptest-%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -o $@ -c $<
-
-$(MPTESTS): mptest%: mptest%.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-tests: mptest1 mptest2 mptest3 mptest3a mptest4 mptest4a mptest4b mptest6 \
- mptestb bbsrand
-
-utests: mptest7 mptest8 mptest9
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.o bbs_rand.o prng.o
-UTILOBJS = primegen.o metime.o identest.o basecvt.o fact.o exptmod.o pi.o \
- makeprime.o gcd.o invmod.o lap.o isprime.o \
- dec2hex.o hex2dec.o
-UTILS = $(UTILOBJS:.o=)
-
-$(UTILS): % : %.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-$(UTILOBJS) $(EXTRAOBJS): %.o : utils/%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -o $@ -c $<
-
-prng: prng.o bbs_rand.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-bbsrand: bbsrand.o bbs_rand.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-utils: $(UTILS) prng bbsrand
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
- $(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.o: mpi-test.c test-info.c $(LIBHDRS)
- $(CC) $(CFLAGS) -o $@ -c $<
-
-mpi-test: mpi-test.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-mdxptest.o: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest: mdxptest.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-mulsqr.o: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
- $(CC) $(CFLAGS) -DMP_SQUARE=1 -o $@ -c mulsqr.c
-
-mulsqr: mulsqr.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-#---------------------------------------
-
-alltests: tests utests mpi-test
-
-tools: $(TOOLS)
-
-doc:
- (cd doc; ./build)
-
-clean:
- rm -f *.o *.a *.i
- rm -f core
- rm -f *~ .*~
- rm -f utils/*.o
- rm -f utils/core
- rm -f utils/*~ utils/.*~
-
-clobber: clean
- rm -f $(TOOLS) $(UTILS)
-
-distclean: clean
- rm -f mptest? mpi-test metime mulsqr karatsuba
- rm -f mptest?a mptest?b
- rm -f utils/mptest?
- rm -f test-info.c logtab.h
- rm -f libmpi.a
- rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
- tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
- pgps -ab mpi-$(VERS).tar
- chmod +r mpi-$(VERS).tar.asc
- gzip -9 mpi-$(VERS).tar
-
-# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.os2 b/security/nss/lib/freebl/mpi/Makefile.os2
deleted file mode 100644
index e81b64649..000000000
--- a/security/nss/lib/freebl/mpi/Makefile.os2
+++ /dev/null
@@ -1,277 +0,0 @@
-##
-## Makefile.win - gmake Makefile for building MPI with VACPP on OS/2
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use. The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-CC=icc.exe
-AS=alp.exe
-
-##
-## Define PERL to point to your local Perl interpreter. It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-
-#OS/2
-AS_SRCS = mpi_x86.asm
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
- -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-CFLAGS = /Ti+ -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- $(MPICMN)
-ASFLAGS =
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library. Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-##
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and
-## building the distribution tarball. Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
- utils/gcd.c utils/invmod.c utils/lap.c \
- utils/ptab.pl utils/sieve.c utils/isprime.c\
- utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
- utils/bbsrand.c utils/prng.c utils/primegen.c \
- utils/basecvt.c utils/makeprime.c\
- utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
- utils/mpi.h utils/mpprime.h mulsqr.c \
- make-test-arrays test-arrays.txt all-tests make-logtab \
- types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
- utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
- primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
-
-AS_OBJS = $(AS_SRCS:.asm=.obj)
-LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-
-help:
- @ echo ""
- @ echo "The following targets can be built with this Makefile:"
- @ echo ""
- @ echo "mpi.lib - arithmetic and prime testing library"
- @ echo "mpi-test.exe - test driver (requires MP_IOFUNC)"
- @ echo "tools - command line tools"
- @ echo "doc - manual pages for tools"
- @ echo "clean - clean up objects and such"
- @ echo "distclean - get ready for distribution"
- @ echo "dist - distribution tarball"
- @ echo ""
-
-.SUFFIXES: .c .obj .i .lib .exe .asm
-
-.c.i:
- $(CC) $(CFLAGS) -E $< > $@
-
-.c.obj:
- $(CC) $(CFLAGS) -c $<
-
-.asm.obj:
- $(AS) $(ASFLAGS) $<
-
-.obj.exe:
- $(CC) $(CFLAGS) -Fo$@ $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
- $(PERL) make-logtab > logtab.h
-
-mpi.obj: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.obj: mpi_mips.s
- $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
-
-mpi.lib: $(LIBOBJS)
- ilib /out:mpi.lib $(LIBOBJS)
- $(RANLIB) mpi.lib
-
-lib libs: mpi.lib
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
- mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
-MPTESTS = $(MPTESTOBJS:.obj=.exe)
-
-$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
- mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
-
-utests: mptest7.exe mptest8.exe mptest9.exe
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
-UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
- exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
- isprime.obj dec2hex.obj hex2dec.obj
-UTILS = $(UTILOBJS:.obj=.exe)
-
-$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-utils: $(UTILS) prng.exe bbsrand.exe
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
- $(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
- $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c
-
-mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-#---------------------------------------
-
-alltests: tests utests mpi-test.exe
-
-tools: $(TOOLS)
-
-doc:
- (cd doc; ./build)
-
-clean:
- rm -f *.obj *.lib *.pdb *.ilk
- cd utils; rm -f *.obj *.lib *.pdb *.ilk
-
-distclean: clean
- rm -f mptest? mpi-test metime mulsqr karatsuba
- rm -f mptest?a mptest?b
- rm -f utils/mptest?
- rm -f test-info.c logtab.h
- rm -f mpi.lib
- rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
- tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
- pgps -ab mpi-$(VERS).tar
- chmod +r mpi-$(VERS).tar.asc
- gzip -9 mpi-$(VERS).tar
-
-
-print:
- @echo LIBOBJS = $(LIBOBJS)
-# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.win b/security/nss/lib/freebl/mpi/Makefile.win
deleted file mode 100644
index 1c403f4d3..000000000
--- a/security/nss/lib/freebl/mpi/Makefile.win
+++ /dev/null
@@ -1,277 +0,0 @@
-##
-## Makefile.win - gmake Makefile for building MPI with MSVC on NT
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use. The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-CC=cl.exe
-AS=ml.exe
-
-##
-## Define PERL to point to your local Perl interpreter. It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
-
-#NT
-AS_SRCS = mpi_x86.asm
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
- -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-CFLAGS = -O2 -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-ASFLAGS = -Cp -Sn -Zi -coff -I.
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library. Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-##
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and
-## building the distribution tarball. Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
- utils/gcd.c utils/invmod.c utils/lap.c \
- utils/ptab.pl utils/sieve.c utils/isprime.c\
- utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
- utils/bbsrand.c utils/prng.c utils/primegen.c \
- utils/basecvt.c utils/makeprime.c\
- utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
- utils/mpi.h utils/mpprime.h mulsqr.c \
- make-test-arrays test-arrays.txt all-tests make-logtab \
- types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
- utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
- primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
-
-AS_OBJS = $(AS_SRCS:.asm=.obj)
-LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-
-help:
- @ echo ""
- @ echo "The following targets can be built with this Makefile:"
- @ echo ""
- @ echo "mpi.lib - arithmetic and prime testing library"
- @ echo "mpi-test - test driver (requires MP_IOFUNC)"
- @ echo "tools - command line tools"
- @ echo "doc - manual pages for tools"
- @ echo "clean - clean up objects and such"
- @ echo "distclean - get ready for distribution"
- @ echo "dist - distribution tarball"
- @ echo ""
-
-.SUFFIXES: .c .obj .i .lib .exe .asm
-
-.c.i:
- $(CC) $(CFLAGS) -E $< > $@
-
-.c.obj:
- $(CC) $(CFLAGS) -c $<
-
-.asm.obj:
- $(AS) $(ASFLAGS) -c $<
-
-.obj.exe:
- $(CC) $(CFLAGS) -Fo$@ $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
- $(PERL) make-logtab > logtab.h
-
-mpi.obj: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.obj: mpi_mips.s
- $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
-
-mpi.lib: $(LIBOBJS)
- ar -cvr mpi.lib $(LIBOBJS)
- $(RANLIB) mpi.lib
-
-lib libs: mpi.lib
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
- mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
-MPTESTS = $(MPTESTOBJS:.obj=.exe)
-
-$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
- mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
-
-utests: mptest7.exe mptest8.exe mptest9.exe
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
-UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
- exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
- isprime.obj dec2hex.obj hex2dec.obj
-UTILS = $(UTILOBJS:.obj=.exe)
-
-$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-utils: $(UTILS) prng.exe bbsrand.exe
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
- $(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
- $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c
-
-mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-#---------------------------------------
-
-alltests: tests utests mpi-test.exe
-
-tools: $(TOOLS)
-
-doc:
- (cd doc; ./build)
-
-clean:
- rm -f *.obj *.lib *.pdb *.ilk
- cd utils; rm -f *.obj *.lib *.pdb *.ilk
-
-distclean: clean
- rm -f mptest? mpi-test metime mulsqr karatsuba
- rm -f mptest?a mptest?b
- rm -f utils/mptest?
- rm -f test-info.c logtab.h
- rm -f mpi.lib
- rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
- tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
- pgps -ab mpi-$(VERS).tar
- chmod +r mpi-$(VERS).tar.asc
- gzip -9 mpi-$(VERS).tar
-
-
-print:
- @echo LIBOBJS = $(LIBOBJS)
-# END
diff --git a/security/nss/lib/freebl/mpi/README b/security/nss/lib/freebl/mpi/README
deleted file mode 100644
index 3c5cbdaa6..000000000
--- a/security/nss/lib/freebl/mpi/README
+++ /dev/null
@@ -1,795 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
-All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-About the MPI Library
----------------------
-
-The files 'mpi.h' and 'mpi.c' define a simple, arbitrary precision
-signed integer arithmetic package. The implementation is not the most
-efficient possible, but the code is small and should be fairly easily
-portable to just about any machine that supports an ANSI C compiler,
-as long as it is capable of at least 16-bit arithmetic (but also see
-below for more on this).
-
-This library was written with an eye to cryptographic applications;
-thus, some care is taken to make sure that temporary values are not
-left lying around in memory when they are no longer in use. This adds
-some overhead for zeroing buffers before they are released back into
-the free pool; however, it gives you the assurance that there is only
-one copy of your important values residing in your process's address
-space at a time. Obviously, it is difficult to guarantee anything, in
-a pre-emptive multitasking environment, but this at least helps you
-keep a lid on the more obvious ways your data can get spread around in
-memory.
-
-
-Using the Library
------------------
-
-To use the MPI library in your program, you must include the header:
-
-#include "mpi.h"
-
-This header provides all the type and function declarations you'll
-need to use the library. Almost all the names defined by the library
-begin with the prefix 'mp_', so it should be easy to keep them from
-clashing with your program's namespace (he says, glibly, knowing full
-well there are always pathological cases).
-
-There are a few things you may want to configure about the library.
-By default, the MPI library uses an unsigned short for its digit type,
-and an unsigned int for its word type. The word type must be big
-enough to contain at least two digits, for the primitive arithmetic to
-work out. On my machine, a short is 2 bytes and an int is 4 bytes --
-but if you have 64-bit ints, you might want to use a 4-byte digit and
-an 8-byte word. I have tested the library using 1-byte digits and
-2-byte words, as well. Whatever you choose to do, the things you need
-to change are:
-
-(1) The type definitions for mp_digit and mp_word.
-
-(2) The macro DIGIT_FMT which tells mp_print() how to display a
- single digit. This is just a printf() format string, so you
- can adjust it appropriately.
-
-(3) The macros DIGIT_MAX and MP_WORD_MAX, which specify the
- largest value expressible in an mp_digit and an mp_word,
- respectively.
-
-Both the mp_digit and mp_word should be UNSIGNED integer types. The
-code relies on having the full positive precision of the type used for
-digits and words.
-
-The remaining type definitions should be left alone, for the most
-part. The code in the library does not make any significant
-assumptions about the sizes of things, but there is little if any
-reason to change the other parameters, so I would recommend you leave
-them as you found them.
-
-The library comes with a Perl script, 'types.pl', which will scan your
-current Makefile settings, and attempt to find good definitions for
-these types. It relies on a Unix sort of build environment, so it
-probably won't work under MacOS or Windows, but it can be convenient
-if you're porting to a new flavour of Unix. Just run 'types.pl' at
-the command line, and it will spit out its results to the standard
-output.
-
-
-Conventions
------------
-
-Most functions in the library return a value of type mp_err. This
-permits the library to communicate success or various kinds of failure
-to the calling program. The return values currently defined are:
-
- MP_OKAY - okay, operation succeeded, all's well
- MP_YES - okay, the answer is yes (same as MP_OKAY)
- MP_NO - okay, but answer is no (not MP_OKAY)
- MP_MEM - operation ran out of memory
- MP_RANGE - input parameter was out of range
- MP_BADARG - an invalid input parameter was provided
- MP_UNDEF - no output value is defined for this input
-
-The only function which currently uses MP_UNDEF is mp_invmod().
-Division by zero is undefined, but the division functions will return
-MP_RANGE for a zero divisor. MP_BADARG usually means you passed a
-bogus mp_int structure to the function. MP_YES and MP_NO are not used
-by the library itself; they're defined so you can use them in your own
-extensions.
-
-If you need a readable interpretation of these error codes in your
-program, you may also use the mp_strerror() function. This function
-takes an mp_err as input, and returns a pointer to a human-readable
-string describing the meaning of the error. These strings are stored
-as constants within the library, so the caller should not attempt to
-modify or free the memory associated with these strings.
-
-The library represents values in signed-magnitude format. Values
-strictly less than zero are negative, all others are considered
-positive (zero is positive by fiat). You can access the 'sign' member
-of the mp_int structure directly, but better is to use the mp_cmp_z()
-function, to find out which side of zero the value lies on.
-
-Most arithmetic functions have a single-digit variant, as well as the
-full arbitrary-precision. An mp_digit is an unsigned value between 0
-and DIGIT_MAX inclusive. The radix is available as RADIX. The number
-of bits in a given digit is given as DIGIT_BIT.
-
-Generally, input parameters are given before output parameters.
-Unless otherwise specified, any input parameter can be re-used as an
-output parameter, without confusing anything.
-
-The basic numeric type defined by the library is an mp_int. Virtually
-all the functions in the library take a pointer to an mp_int as one of
-their parameters. An explanation of how to create and use these
-<HR>
-<A NAME="p23">
-<H3>Problem 23:</H3>
-
-structures follows. And so, without further ado...
-
-
-Initialization and Cleanup
---------------------------
-
-The basic numeric type defined by the library is an 'mp_int'.
-However, it is not sufficient to simply declare a variable of type
-mp_int in your program. These variables also need to be initialized
-before they can be used, to allocate the internal storage they require
-for computation.
-
-This is done using one of the following functions:
-
- mp_init(mp_int *mp);
- mp_init_copy(mp_int *mp, mp_int *from);
- mp_init_size(mp_int *mp, mp_size p);
-
-Each of these requires a pointer to a structure of type mp_int. The
-basic mp_init() simply initializes the mp_int to a default size, and
-sets its value to zero. If you would like to initialize a copy of an
-existing mp_int, use mp_init_copy(), where the 'from' parameter is the
-mp_int you'd like to make a copy of. The third function,
-mp_init_size(), permits you to specify how many digits of precision
-should be preallocated for your mp_int. This can help the library
-avoid unnecessary re-allocations later on.
-
-The default precision used by mp_init() can be retrieved using:
-
- precision = mp_get_prec();
-
-This returns the number of digits that will be allocated. You can
-change this value by using:
-
- mp_set_prec(unsigned int prec);
-
-Any positive value is acceptable -- if you pass zero, the default
-precision will be re-set to the compiled-in library default (this is
-specified in the header file 'mpi-config.h', and typically defaults to
-8 or 16).
-
-Just as you must allocate an mp_int before you can use it, you must
-clean up the structure when you are done with it. This is performed
-using the mp_clear() function. Remember that any mp_int that you
-create as a local variable in a function must be mp_clear()'d before
-that function exits, or else the memory allocated to that mp_int will
-be orphaned and unrecoverable.
-
-To set an mp_int to a given value, the following functions are given:
-
- mp_set(mp_int *mp, mp_digit d);
- mp_set_int(mp_int *mp, long z);
-
-The mp_set() function sets the mp_int to a single digit value, while
-mp_set_int() sets the mp_int to a signed long integer value.
-
-To set an mp_int to zero, use:
-
- mp_zero(mp_int *mp);
-
-
-Copying and Moving
-------------------
-
-If you have two initialized mp_int's, and you want to copy the value
-of one into the other, use:
-
- mp_copy(from, to)
-
-This takes care of clearing the old value of 'to', and copies the new
-value into it. If 'to' is not yet initialized, use mp_init_copy()
-instead (see above).
-
-Note: The library tries, whenever possible, to avoid allocating
----- new memory. Thus, mp_copy() tries first to satisfy the needs
- of the copy by re-using the memory already allocated to 'to'.
- Only if this proves insufficient will mp_copy() actually
- allocate new memory.
-
- For this reason, if you know a priori that 'to' has enough
- available space to hold 'from', you don't need to check the
- return value of mp_copy() for memory failure. The USED()
- macro tells you how many digits are used by an mp_int, and
- the ALLOC() macro tells you how many are allocated.
-
-If you have two initialized mp_int's, and you want to exchange their
-values, use:
-
- mp_exch(a, b)
-
-This is better than using mp_copy() with a temporary, since it will
-not (ever) touch the memory allocator -- it just swaps the exact
-contents of the two structures. The mp_exch() function cannot fail;
-if you pass it an invalid structure, it just ignores it, and does
-nothing.
-
-
-Basic Arithmetic
-----------------
-
-Once you have initialized your integers, you can operate on them. The
-basic arithmetic functions on full mp_int values are:
-
-mp_add(a, b, c) - computes c = a + b
-mp_sub(a, b, c) - computes c = a - b
-mp_mul(a, b, c) - computes c = a * b
-mp_sqr(a, b) - computes b = a * a
-mp_div(a, b, q, r) - computes q, r such that a = bq + r
-mp_div_2d(a, d, q, r) - computes q = a / 2^d, r = a % 2^d
-mp_expt(a, b, c) - computes c = a ** b
-mp_2expt(a, k) - computes a = 2^k
-mp_sqrt(a, c) - computes c = floor(sqrt(a))
-
-The mp_div_2d() function efficiently computes division by powers of
-two. Either the q or r parameter may be NULL, in which case that
-portion of the computation will be discarded.
-
-The algorithms used for some of the computations here are described in
-the following files which are included with this distribution:
-
-mul.txt Describes the multiplication algorithm
-div.txt Describes the division algorithm
-expt.txt Describes the exponentiation algorithm
-sqrt.txt Describes the square-root algorithm
-square.txt Describes the squaring algorithm
-
-There are single-digit versions of most of these routines, as well.
-In the following prototypes, 'd' is a single mp_digit:
-
-mp_add_d(a, d, c) - computes c = a + d
-mp_sub_d(a, d, c) - computes c = a - d
-mp_mul_d(a, d, c) - computes c = a * d
-mp_mul_2(a, c) - computes c = a * 2
-mp_div_d(a, d, q, r) - computes q, r such that a = bq + r
-mp_div_2(a, c) - computes c = a / 2
-mp_expt_d(a, d, c) - computes c = a ** d
-
-The mp_mul_2() and mp_div_2() functions take advantage of the internal
-representation of an mp_int to do multiplication by two more quickly
-than mp_mul_d() would. Other basic functions of an arithmetic variety
-include:
-
-mp_zero(a) - assign 0 to a
-mp_neg(a, c) - negate a: c = -a
-mp_abs(a, c) - absolute value: c = |a|
-
-
-Comparisons
------------
-
-Several comparison functions are provided. Each of these, unless
-otherwise specified, returns zero if the comparands are equal, < 0 if
-the first is less than the second, and > 0 if the first is greater
-than the second:
-
-mp_cmp_z(a) - compare a <=> 0
-mp_cmp_d(a, d) - compare a <=> d, d is a single digit
-mp_cmp(a, b) - compare a <=> b
-mp_cmp_mag(a, b) - compare |a| <=> |b|
-mp_cmp_int(a, z) - compare a <=> z, z is a signed long integer
-mp_isodd(a) - return nonzero if odd, zero otherwise
-mp_iseven(a) - return nonzero if even, zero otherwise
-
-
-Modular Arithmetic
-------------------
-
-Modular variations of the basic arithmetic functions are also
-supported. These are available if the MP_MODARITH parameter in
-mpi-config.h is turned on (it is by default). The modular arithmetic
-functions are:
-
-mp_mod(a, m, c) - compute c = a (mod m), 0 <= c < m
-mp_mod_d(a, d, c) - compute c = a (mod d), 0 <= c < d (see below)
-mp_addmod(a, b, m, c) - compute c = (a + b) mod m
-mp_submod(a, b, m, c) - compute c = (a - b) mod m
-mp_mulmod(a, b, m, c) - compute c = (a * b) mod m
-mp_sqrmod(a, m, c) - compute c = (a * a) mod m
-mp_exptmod(a, b, m, c) - compute c = (a ** b) mod m
-mp_exptmod_d(a, d, m, c)- compute c = (a ** d) mod m
-
-The mp_sqr() function squares its input argument. A call to mp_sqr(a,
-c) is identical in meaning to mp_mul(a, a, c); however, if the
-MP_SQUARE variable is set true in mpi-config.h (see below), then it
-will be implemented with a different algorithm, that is supposed to
-take advantage of the redundant computation that takes place during
-squaring. Unfortunately, some compilers result in worse performance
-on this code, so you can change the behaviour at will. There is a
-utility program "mulsqr.c" that lets you test which does better on
-your system.
-
-The mp_sqrmod() function is analogous to the mp_sqr() function; it
-uses the mp_sqr() function rather than mp_mul(), and then performs the
-modular reduction. This probably won't help much unless you are doing
-a lot of them.
-
-See the file 'square.txt' for a synopsis of the algorithm used.
-
-Note: The mp_mod_d() function computes a modular reduction around
----- a single digit d. The result is a single digit c.
-
-Because an inverse is defined for a (mod m) if and only if (a, m) = 1
-(that is, if a and m are relatively prime), mp_invmod() may not be
-able to compute an inverse for the arguments. In this case, it
-returns the value MP_UNDEF, and does not modify c. If an inverse is
-defined, however, it returns MP_OKAY, and sets c to the value of the
-inverse (mod m).
-
-See the file 'redux.txt' for a description of the modular reduction
-algorithm used by mp_exptmod().
-
-
-Greatest Common Divisor
------------------------
-
-If The greates common divisor of two values can be found using one of the
-following functions:
-
-mp_gcd(a, b, c) - compute c = (a, b) using binary algorithm
-mp_lcm(a, b, c) - compute c = [a, b] = ab / (a, b)
-mp_xgcd(a, b, g, x, y) - compute g, x, y so that ax + by = g = (a, b)
-
-Also provided is a function to compute modular inverses, if they
-exist:
-
-mp_invmod(a, m, c) - compute c = a^-1 (mod m), if it exists
-
-The function mp_xgcd() computes the greatest common divisor, and also
-returns values of x and y satisfying Bezout's identity. This is used
-by mp_invmod() to find modular inverses. However, if you do not need
-these values, you will find that mp_gcd() is MUCH more efficient,
-since it doesn't need all the intermediate values that mp_xgcd()
-requires in order to compute x and y.
-
-The mp_gcd() (and mp_xgcd()) functions use the binary (extended) GCD
-algorithm due to Josef Stein.
-
-
-Input & Output Functions
-------------------------
-
-The following basic I/O routines are provided. These are present at
-all times:
-
-mp_read_radix(mp, str, r) - convert a string in radix r to an mp_int
-mp_read_raw(mp, s, len) - convert a string of bytes to an mp_int
-mp_radix_size(mp, r) - return length of buffer needed by mp_toradix()
-mp_raw_size(mp) - return length of buffer needed by mp_toraw()
-mp_toradix(mp, str, r) - convert an mp_int to a string of radix r
- digits
-mp_toraw(mp, str) - convert an mp_int to a string of bytes
-mp_tovalue(ch, r) - convert ch to its value when taken as
- a radix r digit, or -1 if invalid
-mp_strerror(err) - get a string describing mp_err value 'err'
-
-If you compile the MPI library with MP_IOFUNC defined, you will also
-have access to the following additional I/O function:
-
-mp_print(mp, ofp) - print an mp_int as text to output stream ofp
-
-Note that mp_radix_size() returns a size in bytes guaranteed to be AT
-LEAST big enough for the digits output by mp_toradix(). Because it
-uses an approximation technique to figure out how many digits will be
-needed, it may return a figure which is larger than necessary. Thus,
-the caller should not rely on the value to determine how many bytes
-will actually be written by mp_toradix(). The string mp_toradix()
-creates will be NUL terminated, so the standard C library function
-strlen() should be able to ascertain this for you, if you need it.
-
-The mp_read_radix() and mp_toradix() functions support bases from 2 to
-64 inclusive. If you require more general radix conversion facilities
-than this, you will need to write them yourself (that's why mp_div_d()
-is provided, after all).
-
-Note: mp_read_radix() will accept as digits either capital or
----- lower-case letters. However, the current implementation of
- mp_toradix() only outputs upper-case letters, when writing
- bases betwee 10 and 36. The underlying code supports using
- lower-case letters, but the interface stub does not have a
- selector for it. You can add one yourself if you think it
- is worthwhile -- I do not. Bases from 36 to 64 use lower-
- case letters as distinct from upper-case. Bases 63 and
- 64 use the characters '+' and '/' as digits.
-
- Note also that compiling with MP_IOFUNC defined will cause
- inclusion of <stdio.h>, so if you are trying to write code
- which does not depend on the standard C library, you will
- probably want to avoid this option. This is needed because
- the mp_print() function takes a standard library FILE * as
- one of its parameters, and uses the fprintf() function.
-
-The mp_toraw() function converts the integer to a sequence of bytes,
-in big-endian ordering (most-significant byte first). Assuming your
-bytes are 8 bits wide, this corresponds to base 256. The sign is
-encoded as a single leading byte, whose value is 0 for zero or
-positive values, or 1 for negative values. The mp_read_raw() function
-reverses this process -- it takes a buffer of bytes, interprets the
-first as a sign indicator (0 = zero/positive, nonzero = negative), and
-the rest as a sequence of 1-byte digits in big-endian ordering.
-
-The mp_raw_size() function returns the exact number of bytes required
-to store the given integer in "raw" format (as described in the
-previous paragraph). Zero is returned in case of error; a valid
-integer will require at least three bytes of storage.
-
-In previous versions of the MPI library, an "external representation
-format" was supported. This was removed, however, because I found I
-was never using it, it was not as portable as I would have liked, and
-I decided it was a waste of space.
-
-
-Other Functions
----------------
-
-The files 'mpprime.h' and 'mpprime.c' define some routines which are
-useful for divisibility testing and probabilistic primality testing.
-The routines defined are:
-
-mpp_divis(a, b) - is a divisible by b?
-mpp_divis_d(a, d) - is a divisible by digit d?
-mpp_random(a) - set a to random value at current precision
-mpp_random_size(a, prec) - set a to random value at given precision
-
-Note: The mpp_random() and mpp_random_size() functions use the C
----- library's rand() function to generate random values. It is
- up to the caller to seed this generator before it is called.
- These functions are not suitable for generating quantities
- requiring cryptographic-quality randomness; they are intended
- primarily for use in primality testing.
-
- Note too that the MPI library does not call srand(), so your
- application should do this, if you ever want the sequence
- to change.
-
-mpp_divis_vector(a, v, s, w) - is a divisible by any of the s digits
- in v? If so, let w be the index of
- that digit
-
-mpp_divis_primes(a, np) - is a divisible by any of the first np
- primes? If so, set np to the prime
- which divided a.
-
-mpp_fermat(a, d) - test if w^a = w (mod a). If so,
- returns MP_YES, otherwise MP_NO.
-
-mpp_pprime(a, nt) - perform nt iterations of the Rabin-
- Miller probabilistic primality test
- on a. Returns MP_YES if all tests
- passed, or MP_NO if any test fails.
-
-The mpp_fermat() function works based on Fermat's little theorem, a
-consequence of which is that if p is a prime, and (w, p) = 1, then:
-
- w^p = w (mod p)
-
-Put another way, if w^p != w (mod p), then p is not prime. The test
-is expensive to compute, but it helps to quickly eliminate an enormous
-class of composite numbers prior to Rabin-Miller testing.
-
-Building the Library
---------------------
-
-The MPI library is designed to be as self-contained as possible. You
-should be able to compile it with your favourite ANSI C compiler, and
-link it into your program directly. If you are on a Unix system using
-the GNU C compiler (gcc), the following should work:
-
-% gcc -ansi -pedantic -Wall -O2 -c mpi.c
-
-The file 'mpi-config.h' defines several configurable parameters for
-the library, which you can adjust to suit your application. At the
-time of this writing, the available options are:
-
-MP_IOFUNC - Define true to include the mp_print() function,
- which is moderately useful for debugging. This
- implicitly includes <stdio.h>.
-
-MP_MODARITH - Define true to include the modular arithmetic
- functions. If you don't need modular arithmetic
- in your application, you can set this to zero to
- leave out all the modular routines.
-
-MP_NUMTH - Define true to include number theoretic functions
- such as mp_gcd(), mp_lcm(), and mp_invmod().
-
-MP_LOGTAB - If true, the file "logtab.h" is included, which
- is basically a static table of base 2 logarithms.
- These are used to compute how big the buffers for
- radix conversion need to be. If you set this false,
- the library includes <math.h> and uses log(). This
- typically forces you to link against math libraries.
-
-MP_MEMSET - If true, use memset() to zero buffers. If you run
- into weird alignment related bugs, set this to zero
- and an explicit loop will be used.
-
-MP_MEMCPY - If true, use memcpy() to copy buffers. If you run
- into weird alignment bugs, set this to zero and an
- explicit loop will be used.
-
-MP_CRYPTO - If true, whenever arrays of digits are free'd, they
- are zeroed first. This is useful if you're using
- the library in a cryptographic environment; however,
- it does add overhead to each free operation. For
- performance, if you don't care about zeroing your
- buffers, set this to false.
-
-MP_ARGCHK - Set to 0, 1, or 2. This defines how the argument
- checking macro, ARGCHK(), gets expanded. If this
- is set to zero, ARGCHK() expands to nothing; no
- argument checks are performed. If this is 1, the
- ARGCHK() macro expands to code that returns MP_BADARG
- or similar at runtime. If it is 2, ARGCHK() expands
- to an assert() call that aborts the program on a
- bad input.
-
-MP_DEBUG - Turns on debugging output. This is probably not at
- all useful unless you are debugging the library. It
- tends to spit out a LOT of output.
-
-MP_DEFPREC - The default precision of a newly-created mp_int, in
- digits. The precision can be changed at runtime by
- the mp_set_prec() function, but this is its initial
- value.
-
-MP_SQUARE - If this is set to a nonzero value, the mp_sqr()
- function will use an alternate algorithm that takes
- advantage of the redundant inner product computation
- when both multiplicands are identical. Unfortunately,
- with some compilers this is actually SLOWER than just
- calling mp_mul() with the same argument twice. So
- if you set MP_SQUARE to zero, mp_sqr() will be expan-
- ded into a call to mp_mul(). This applies to all
- the uses of mp_sqr(), including mp_sqrmod() and the
- internal calls to s_mp_sqr() inside mpi.c
-
- The program 'mulsqr' (mulsqr.c) can be used to test
- which works best for your configuration. Set up the
- CC and CFLAGS variables in the Makefile, then type:
-
- make mulsqr
-
- Invoke it with arguments similar to the following:
-
- mulsqr 25000 1024
-
- That is, 25000 products computed on 1024-bit values.
- The output will compare the two timings, and recommend
- a setting for MP_SQUARE. It is off by default.
-
-If you would like to use the mp_print() function (see above), be sure
-to define MP_IOFUNC in mpi-config.h. Many of the test drivers in the
-'tests' subdirectory expect this to be defined (although the test
-driver 'mpi-test' doesn't need it)
-
-The Makefile which comes with the library should take care of building
-the library for you, if you have set the CC and CFLAGS variables at
-the top of the file appropriately. By default, they are set up to
-use the GNU C compiler:
-
-CC=gcc
-CFLAGS=-ansi -pedantic -Wall -O2
-
-If all goes well, the library should compile without warnings using
-this combination. You should, of course, make whatever adjustments
-you find necessary.
-
-The MPI library distribution comes with several additional programs
-which are intended to demonstrate the use of the library, and provide
-a framework for testing it. There are a handful of test driver
-programs, in the files named 'mptest-X.c', where X is a digit. Also,
-there are some simple command-line utilities (in the 'utils'
-directory) for manipulating large numbers. These include:
-
-basecvt.c A radix-conversion program, supporting bases from
- 2 to 64 inclusive.
-
-bbsrand.c A BBS (quadratic residue) pseudo-random number
- generator. The file 'bbsrand.c' is just the driver
- for the program; the real code lives in the files
- 'bbs_rand.h' and 'bbs_rand.c'
-
-dec2hex.c Converts decimal to hexadecimal
-
-gcd.c Computes the greatest common divisor of two values.
- If invoked as 'xgcd', also computes constants x and
- y such that (a, b) = ax + by, in accordance with
- Bezout's identity.
-
-hex2dec.c Converts hexadecimal to decimal
-
-invmod.c Computes modular inverses
-
-isprime.c Performs the Rabin-Miller probabilistic primality
- test on a number. Values which fail this test are
- definitely composite, and those which pass are very
- likely to be prime (although there are no guarantees)
-
-lap.c Computes the order (least annihilating power) of
- a value v modulo m. Very dumb algorithm.
-
-primegen.c Generates large (probable) primes.
-
-prng.c A pseudo-random number generator based on the
- BBS generator code in 'bbs_rand.c'
-
-sieve.c Implements the Sieve of Eratosthenes, using a big
- bitmap, to generate a list of prime numbers.
-
-fact.c Computes the factorial of an arbitrary precision
- integer (iterative).
-
-exptmod.c Computes arbitrary precision modular exponentiation
- from the command line (exptmod a b m -> a^b (mod m))
-
-Most of these can be built from the Makefile that comes with the
-library. Try 'make tools', if your environment supports it. (If you
-are compiling on a Macintosh, I'm afraid you'll have to build them by
-hand -- fortunately, this is not difficult -- the library itself
-should compile just fine under Metrowerks CodeWarrior).
-
-
-Testing the Library
--------------------
-
-Automatic test vectors are included, in the form of a program called
-'mpi-test'. To build this program and run all the tests, simply
-invoke the shell script 'all-tests'. If all the tests pass, you
-should see a message:
-
- All tests passed
-
-If something went wrong, you'll get:
-
- One or more tests failed.
-
-If this happens, scan back through the preceding lines, to see which
-test failed. Any failure indicates a bug in the library, which needs
-to be fixed before it will give accurate results. If you get any such
-thing, please let me know, and I'll try to fix it. Please let me know
-what platform and compiler you were using, as well as which test
-failed. If a reason for failure was given, please send me that text
-as well.
-
-If you're on a system such as the Macintosh, where the standard Unix
-build tools don't work, you can build the 'mpi-test' program manually,
-and run it by hand. This is tedious and obnoxious, sorry.
-
-Further manual testing can be performed by building the manual testing
-programs, whose source is found in the 'tests' subdirectory. Each
-test is in a source file called 'mptest-X.c'. The Makefile contains a
-target to build all of them at once:
-
- make tests
-
-Read the comments at the top of each source file to see what the
-driver is supposed to test. You probably don't need to do this; these
-programs were only written to help me as I was developing the library.
-
-The relevant files are:
-
-mpi-test.c The source for the test driver
-
-make-test-arrays A Perl script to generate some of the internal
- data structures used by mpi-test.c
-
-test-arrays.txt The source file for make-test-arrays
-
-all-tests A Bourne shell script which runs all the
- tests in the mpi-test suite
-
-Running 'make mpi-test' should build the mpi-test program. If you
-cannot use make, here is what needs to be done:
-
-(1) Use 'make-test-arrays' to generate the file 'test-info.c' from
- the 'test-arrays.txt' file. Since Perl can be found everywhere,
- even on the Macintosh, this should be no trouble. Under Unix,
- this looks like:
-
- make-test-arrays test-arrays.txt > test-info.c
-
-(2) Build the MPI library:
-
- gcc -ansi -pedantic -Wall -c mpi.c
-
-(3) Build the mpi-test program:
-
- gcc -ansi -pedantic -Wall -o mpi-test mpi.o mpi-test.c
-
-When you've got mpi-test, you can use 'all-tests' to run all the tests
-made available by mpi-test. If any of them fail, there should be a
-diagnostic indicating what went wrong. These are fairly high-level
-diagnostics, and won't really help you debug the problem; they're
-simply intended to help you isolate which function caused the problem.
-If you encounter a problem of this sort, feel free to e-mail me, and I
-will certainly attempt to help you debug it.
-
-Note: Several of the tests hard-wired into 'mpi-test' operate under
----- the assumption that you are using at least a 16-bit mp_digit
- type. If that is not true, several tests might fail, because
- of range problems with the maximum digit value.
-
- If you are using an 8-bit digit, you will also need to
- modify the code for mp_read_raw(), which assumes that
- multiplication by 256 can be done with mp_mul_d(), a
- fact that fails when DIGIT_MAX is 255. You can replace
- the call with s_mp_lshd(), which will give you the same
- effect, and without doing as much work. :)
-
-Acknowledgements:
-----------------
-
-The algorithms used in this library were drawn primarily from Volume
-2 of Donald Knuth's magnum opus, _The Art of Computer Programming_,
-"Semi-Numerical Methods". Barrett's algorithm for modular reduction
-came from Menezes, Oorschot, and Vanstone's _Handbook of Applied
-Cryptography_, Chapter 14.
-
-Thanks are due to Tom St. Denis, for finding an obnoxious sign-related
-bug in mp_read_raw() that made things break on platforms which use
-signed chars.
-
-About the Author
-----------------
-
-This software was written by Michael J. Fromberger. You can contact
-the author as follows:
-
-E-mail: <sting@linguist.dartmouth.edu>
-
-Postal: 8000 Cummings Hall, Thayer School of Engineering
- Dartmouth College, Hanover, New Hampshire, USA
-
-PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html
- 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907
-
-Last updated: 16-Jan-2000
diff --git a/security/nss/lib/freebl/mpi/all-tests b/security/nss/lib/freebl/mpi/all-tests
deleted file mode 100755
index fa60e95ed..000000000
--- a/security/nss/lib/freebl/mpi/all-tests
+++ /dev/null
@@ -1,112 +0,0 @@
-#!/bin/sh
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
-## All Rights Reserved.
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-
-ECHO=/bin/echo
-MAKE=gmake
-
-$ECHO "\n** Running unit tests for MPI library\n"
-
-# Build the mpi-test program, which comprises all the unit tests for
-# the MPI library...
-
-$ECHO "Bringing mpi-test up to date ... "
-if $MAKE mpi-test ; then
- :
-else
- $ECHO " "
- $ECHO "Make failed to build mpi-test."
- $ECHO " "
- exit 1
-fi
-
-if [ ! -x mpi-test ] ; then
- $ECHO " "
- $ECHO "Cannot find 'mpi-test' program, testing cannot continue."
- $ECHO " "
- exit 1
-fi
-
-# Get the list of available test suites...
-tests=`mpi-test list | awk '{print $1}'`
-errs=0
-
-# Run each test suite and check the result code of mpi-test
-for test in $tests ; do
- $ECHO "$test ... \c"
- if mpi-test $test ; then
- $ECHO "passed"
- else
- $ECHO "FAILED"
- errs=1
- fi
-done
-
-# If any tests failed, we'll stop at this point
-if [ "$errs" = "0" ] ; then
- $ECHO "All unit tests passed"
-else
- $ECHO "One or more tests failed"
- exit 1
-fi
-
-# Now try to build the 'pi' program, and see if it can compute the
-# first thousand digits of pi correctly
-$ECHO "\n** Running other tests\n"
-
-$ECHO "Bringing 'pi' up to date ... "
-if $MAKE pi ; then
- :
-else
- $ECHO "\nMake failed to build pi.\n"
- exit 1
-fi
-
-if [ ! -x pi ] ; then
- $ECHO "\nCannot find 'pi' program; testing cannot continue.\n"
- exit 1
-fi
-
-./pi 2000 > /tmp/pi.tmp.$$
-if cmp tests/pi2k.txt /tmp/pi.tmp.$$ ; then
- $ECHO "Okay! The pi test passes."
-else
- $ECHO "Oops! The pi test failed. :("
- exit 1
-fi
-
-rm -f /tmp/pi.tmp.$$
-
-exit 0
-
-# Here there be dragons
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE b/security/nss/lib/freebl/mpi/doc/LICENSE
deleted file mode 100644
index 35cca68ce..000000000
--- a/security/nss/lib/freebl/mpi/doc/LICENSE
+++ /dev/null
@@ -1,11 +0,0 @@
-Within this directory, each of the file listed below is licensed under
-the terms given in the file LICENSE-MPL, also in this directory.
-
-basecvt.pod
-gcd.pod
-invmod.pod
-isprime.pod
-lap.pod
-mpi-test.pod
-prime.txt
-prng.pod
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/basecvt.pod b/security/nss/lib/freebl/mpi/doc/basecvt.pod
deleted file mode 100644
index 5c072ccd6..000000000
--- a/security/nss/lib/freebl/mpi/doc/basecvt.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=head1 NAME
-
- basecvt - radix conversion for arbitrary precision integers
-
-=head1 SYNOPSIS
-
- basecvt <ibase> <obase> [values]
-
-=head1 DESCRIPTION
-
-The B<basecvt> program is a command-line tool for converting integers
-of arbitrary precision from one radix to another. The current version
-supports radix values from 2 (binary) to 64, inclusive. The first two
-command line arguments specify the input and output radix, in base 10.
-Any further arguments are taken to be integers notated in the input
-radix, and these are converted to the output radix. The output is
-written, one integer per line, to standard output.
-
-When reading integers, only digits considered "valid" for the input
-radix are considered. Processing of an integer terminates when an
-invalid input digit is encountered. So, for example, if you set the
-input radix to 10 and enter '10ACF', B<basecvt> would assume that you
-had entered '10' and ignore the rest of the string.
-
-If no values are provided, no output is written, but the program
-simply terminates with a zero exit status. Error diagnostics are
-written to standard error in the event of out-of-range radix
-specifications. Regardless of the actual values of the input and
-output radix, the radix arguments are taken to be in base 10 (decimal)
-notation.
-
-=head1 DIGITS
-
-For radices from 2-10, standard ASCII decimal digits 0-9 are used for
-both input and output. For radices from 11-36, the ASCII letters A-Z
-are also included, following the convention used in hexadecimal. In
-this range, input is accepted in either upper or lower case, although
-on output only lower-case letters are used.
-
-For radices from 37-62, the output includes both upper- and lower-case
-ASCII letters, and case matters. In this range, case is distinguished
-both for input and for output values.
-
-For radices 63 and 64, the characters '+' (plus) and '/' (forward
-solidus) are also used. These are derived from the MIME base64
-encoding scheme. The overall encoding is not the same as base64,
-because the ASCII digits are used for the bottom of the range, and the
-letters are shifted upward; however, the output will consist of the
-same character set.
-
-This input and output behaviour is inherited from the MPI library used
-by B<basecvt>, and so is not configurable at runtime.
-
-=head1 SEE ALSO
-
- dec2hex(1), hex2dec(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
diff --git a/security/nss/lib/freebl/mpi/doc/build b/security/nss/lib/freebl/mpi/doc/build
deleted file mode 100755
index 5b6f921fc..000000000
--- a/security/nss/lib/freebl/mpi/doc/build
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-## $Id$
-##
-
-VERS="1.7p6"
-SECT="1"
-NAME="MPI Tools"
-
-echo "Building manual pages ..."
-case $# in
- 0)
- files=`ls *.pod`
- ;;
- *)
- files=$*
- ;;
-esac
-
-for name in $files
-do
- echo -n "$name ... "
-# sname=`noext $name`
- sname=`basename $name .pod`
- pod2man --section="$SECT" --center="$NAME" --release="$VERS" $name > $sname.$SECT
- echo "(done)"
-done
-
-echo "Finished building."
-
diff --git a/security/nss/lib/freebl/mpi/doc/div.txt b/security/nss/lib/freebl/mpi/doc/div.txt
deleted file mode 100644
index b1ca744e1..000000000
--- a/security/nss/lib/freebl/mpi/doc/div.txt
+++ /dev/null
@@ -1,96 +0,0 @@
-Division
-
-This describes the division algorithm used by the MPI library.
-
-Input: a, b; a > b
-Compute: Q, R; a = Qb + R
-
-The input numbers are normalized so that the high-order digit of b is
-at least half the radix. This guarantees that we have a reasonable
-way to guess at the digits of the quotient (this method was taken from
-Knuth, vol. 2, with adaptations).
-
-To normalize, test the high-order digit of b. If it is less than half
-the radix, multiply both a and b by d, where:
-
- radix - 1
- d = -----------
- bmax + 1
-
-...where bmax is the high-order digit of b. Otherwise, set d = 1.
-
-Given normalize values for a and b, let the notation a[n] denote the
-nth digit of a. Let #a be the number of significant figures of a (not
-including any leading zeroes).
-
- Let R = 0
- Let p = #a - 1
-
- while(p >= 0)
- do
- R = (R * radix) + a[p]
- p = p - 1
- while(R < b and p >= 0)
-
- if(R < b)
- break
-
- q = (R[#R - 1] * radix) + R[#R - 2]
- q = q / b[#b - 1]
-
- T = b * q
-
- while(T > L)
- q = q - 1
- T = T - b
- endwhile
-
- L = L - T
-
- Q = (Q * radix) + q
-
- endwhile
-
-At this point, Q is the quotient, and R is the normalized remainder.
-To denormalize R, compute:
-
- R = (R / d)
-
-At this point, you are finished.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/expt.txt b/security/nss/lib/freebl/mpi/doc/expt.txt
deleted file mode 100644
index 4c12eb2af..000000000
--- a/security/nss/lib/freebl/mpi/doc/expt.txt
+++ /dev/null
@@ -1,127 +0,0 @@
-Exponentiation
-
-For exponentiation, the MPI library uses a simple and fairly standard
-square-and-multiply method. The algorithm is this:
-
-Input: a, b
-Output: a ** b
-
- s = 1
-
- while(b != 0)
- if(b is odd)
- s = s * a
- endif
-
- b = b / 2
-
- x = x * x
- endwhile
-
- return s
-
-The modular exponentiation is done the same way, except replacing:
-
- s = s * a
-
-with
- s = (s * a) mod m
-
-and replacing
-
- x = x * x
-
-with
-
- x = (x * x) mod m
-
-Here is a sample exponentiation using the MPI library, as compared to
-the same problem solved by the Unix 'bc' program on my system:
-
-Computation of 2,381,283 ** 235
-
-'bc' says:
-
-4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
-4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
-6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
-4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
-6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
-FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
-CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
-5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
-CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
-49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
-5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
-A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
-D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
-92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
-A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
-AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
-E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
-1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
-CFFF2E1AC93F3CA264A1B
-
-MPI says:
-
-4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
-4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
-6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
-4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
-6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
-FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
-CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
-5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
-CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
-49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
-5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
-A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
-D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
-92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
-A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
-AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
-E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
-1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
-CFFF2E1AC93F3CA264A1B
-
-Diff says:
-% diff bc.txt mp.txt
-%
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/gcd.pod b/security/nss/lib/freebl/mpi/doc/gcd.pod
deleted file mode 100644
index 53b955f7e..000000000
--- a/security/nss/lib/freebl/mpi/doc/gcd.pod
+++ /dev/null
@@ -1,27 +0,0 @@
-=head1 NAME
-
- gcd - compute greatest common divisor of two integers
-
-=head1 SYNOPSIS
-
- gcd <a> <b>
-
-=head1 DESCRIPTION
-
-The B<gcd> program computes the greatest common divisor of two
-arbitrary-precision integers I<a> and I<b>. The result is written in
-standard decimal notation to the standard output.
-
-If I<b> is zero, B<gcd> will print an error message and exit.
-
-=head1 SEE ALSO
-
-invmod(1), isprime(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/invmod.pod b/security/nss/lib/freebl/mpi/doc/invmod.pod
deleted file mode 100644
index faa8f9d0c..000000000
--- a/security/nss/lib/freebl/mpi/doc/invmod.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=head1 NAME
-
- invmod - compute modular inverse of an integer
-
-=head1 SYNOPSIS
-
- invmod <a> <m>
-
-=head1 DESCRIPTION
-
-The B<invmod> program computes the inverse of I<a>, modulo I<m>, if
-that inverse exists. Both I<a> and I<m> are arbitrary-precision
-integers in decimal notation. The result is written in standard
-decimal notation to the standard output.
-
-If there is no inverse, the message:
-
- No inverse
-
-...will be printed to the standard output (an inverse exists if and
-only if the greatest common divisor of I<a> and I<m> is 1).
-
-=head1 SEE ALSO
-
-gcd(1), isprime(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/isprime.pod b/security/nss/lib/freebl/mpi/doc/isprime.pod
deleted file mode 100644
index a17c1c1bd..000000000
--- a/security/nss/lib/freebl/mpi/doc/isprime.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=head1 NAME
-
- isprime - probabilistic primality testing
-
-=head1 SYNOPSIS
-
- isprime <a>
-
-=head1 DESCRIPTION
-
-The B<isprime> program attempts to determine whether the arbitrary
-precision integer I<a> is prime. It first tests I<a> for divisibility
-by the first 170 or so small primes, and assuming I<a> is not
-divisible by any of these, applies 15 iterations of the Rabin-Miller
-probabilistic primality test.
-
-If the program discovers that the number is composite, it will print:
-
- Not prime (reason)
-
-Where I<reason> is either:
-
- divisible by small prime x
-
-Or:
-
- failed nth pseudoprime test
-
-In the first case, I<x> indicates the first small prime factor that
-was found. In the second case, I<n> indicates which of the
-pseudoprime tests failed (numbered from 1)
-
-If this happens, the number is definitely not prime. However, if the
-number succeeds, this message results:
-
- Probably prime, 1 in 4^15 chance of false positive
-
-If this happens, the number is prime with very high probability, but
-its primality has not been absolutely proven, only demonstrated to a
-very convincing degree.
-
-The value I<a> can be input in standard decimal notation, or, if it is
-prefixed with I<Ox>, it will be read as hexadecimal.
-
-=head1 ENVIRONMENT
-
-You can control how many iterations of Rabin-Miller are performed on
-the candidate number by setting the I<RM_TESTS> environment variable
-to an integer value before starting up B<isprime>. This will change
-the output slightly if the number passes all the tests.
-
-=head1 SEE ALSO
-
-gcd(1), invmod(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/lap.pod b/security/nss/lib/freebl/mpi/doc/lap.pod
deleted file mode 100644
index ac100639b..000000000
--- a/security/nss/lib/freebl/mpi/doc/lap.pod
+++ /dev/null
@@ -1,35 +0,0 @@
-=head1 NAME
-
- lap - compute least annihilating power of a number
-
-=head1 SYNOPSIS
-
- lap <a> <m>
-
-=head1 DESCRIPTION
-
-The B<lap> program computes the order of I<a> modulo I<m>, for
-arbitrary precision integers I<a> and I<m>. The B<order> of I<a>
-modulo I<m> is defined as the smallest positive value I<n> for which
-I<a> raised to the I<n>th power, modulo I<m>, is equal to 1. The
-order may not exist, if I<m> is composite.
-
-=head1 RESTRICTIONS
-
-This program is very slow, especially for large moduli. It is
-intended as a way to help find primitive elements in a modular field,
-but it does not do so in a particularly inefficient manner. It was
-written simply to help verify that a particular candidate does not
-have an obviously short cycle mod I<m>.
-
-=head1 SEE ALSO
-
-gcd(1), invmod(1), isprime(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/mpi-test.pod b/security/nss/lib/freebl/mpi/doc/mpi-test.pod
deleted file mode 100644
index 16050f09f..000000000
--- a/security/nss/lib/freebl/mpi/doc/mpi-test.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=head1 NAME
-
- mpi-test - automated test program for MPI library
-
-=head1 SYNOPSIS
-
- mpi-test <suite-name> [quiet]
- mpi-test list
- mpi-test help
-
-=head1 DESCRIPTION
-
-The B<mpi-test> program is a general unit test driver for the MPI
-library. It is used to verify that the library works as it is
-supposed to on your architecture. As with most such things, passing
-all the tests in B<mpi-test> does not guarantee the code is correct,
-but if any of them fail, there are certainly problems.
-
-Each major function of the library can be tested individually. For a
-list of the test suites understood by B<mpi-test>, run it with the
-I<list> command line option:
-
- mpi-test list
-
-This will display a list of the available test suites and a brief
-synopsis of what each one does. For a brief overview of this
-document, run B<mpi-test> I<help>.
-
-B<mpi-test> exits with a zero status if the selected test succeeds, or
-a nonzero status if it fails. If a I<suite-name> which is not
-understood by B<mpi-test> is given, a diagnostic is printed to the
-standard error, and the program exits with a result code of 2. If a
-test fails, the result code will be 1, and a diagnostic is ordinarily
-printed to the standard error. However, if the I<quiet> option is
-provided, these diagnostics will be suppressed.
-
-=head1 RESTRICTIONS
-
-Only a few canned test cases are provided. The solutions have been
-verified using the GNU bc(1) program, so bugs there may cause problems
-here; however, this is very unlikely, so if a test fails, it is almost
-certainly my fault, not bc(1)'s.
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
diff --git a/security/nss/lib/freebl/mpi/doc/mul.txt b/security/nss/lib/freebl/mpi/doc/mul.txt
deleted file mode 100644
index 436d01bf7..000000000
--- a/security/nss/lib/freebl/mpi/doc/mul.txt
+++ /dev/null
@@ -1,109 +0,0 @@
-Multiplication
-
-This describes the multiplication algorithm used by the MPI library.
-
-This is basically a standard "schoolbook" algorithm. It is slow --
-O(mn) for m = #a, n = #b -- but easy to implement and verify.
-Basically, we run two nested loops, as illustrated here (R is the
-radix):
-
-k = 0
-for j <- 0 to (#b - 1)
- for i <- 0 to (#a - 1)
- w = (a[j] * b[i]) + k + c[i+j]
- c[i+j] = w mod R
- k = w div R
- endfor
- c[i+j] = k;
- k = 0;
-endfor
-
-It is necessary that 'w' have room for at least two radix R digits.
-The product of any two digits in radix R is at most:
-
- (R - 1)(R - 1) = R^2 - 2R + 1
-
-Since a two-digit radix-R number can hold R^2 - 1 distinct values,
-this insures that the product will fit into the two-digit register.
-
-To insure that two digits is enough for w, we must also show that
-there is room for the carry-in from the previous multiplication, and
-the current value of the product digit that is being recomputed.
-Assuming each of these may be as big as R - 1 (and no larger,
-certainly), two digits will be enough if and only if:
-
- (R^2 - 2R + 1) + 2(R - 1) <= R^2 - 1
-
-Solving this equation shows that, indeed, this is the case:
-
- R^2 - 2R + 1 + 2R - 2 <= R^2 - 1
-
- R^2 - 1 <= R^2 - 1
-
-This suggests that a good radix would be one more than the largest
-value that can be held in half a machine word -- so, for example, as
-in this implementation, where we used a radix of 65536 on a machine
-with 4-byte words. Another advantage of a radix of this sort is that
-binary-level operations are easy on numbers in this representation.
-
-Here's an example multiplication worked out longhand in radix-10,
-using the above algorithm:
-
- a = 999
- b = x 999
- -------------
- p = 98001
-
-w = (a[jx] * b[ix]) + kin + c[ix + jx]
-c[ix+jx] = w % RADIX
-k = w / RADIX
- product
-ix jx a[jx] b[ix] kin w c[i+j] kout 000000
-0 0 9 9 0 81+0+0 1 8 000001
-0 1 9 9 8 81+8+0 9 8 000091
-0 2 9 9 8 81+8+0 9 8 000991
- 8 0 008991
-1 0 9 9 0 81+0+9 0 9 008901
-1 1 9 9 9 81+9+9 9 9 008901
-1 2 9 9 9 81+9+8 8 9 008901
- 9 0 098901
-2 0 9 9 0 81+0+9 0 9 098001
-2 1 9 9 9 81+9+8 8 9 098001
-2 2 9 9 9 81+9+9 9 9 098001
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/pi.txt b/security/nss/lib/freebl/mpi/doc/pi.txt
deleted file mode 100644
index 5edfdb4cb..000000000
--- a/security/nss/lib/freebl/mpi/doc/pi.txt
+++ /dev/null
@@ -1,85 +0,0 @@
-This file describes how pi is computed by the program in 'pi.c' (see
-the utils subdirectory).
-
-Basically, we use Machin's formula, which is what everyone in the
-world uses as a simple method for computing approximations to pi.
-This works for up to a few thousand digits without too much effort.
-Beyond that, though, it gets too slow.
-
-Machin's formula states:
-
- pi := 16 * arctan(1/5) - 4 * arctan(1/239)
-
-We compute this in integer arithmetic by first multiplying everything
-through by 10^d, where 'd' is the number of digits of pi we wanted to
-compute. It turns out, the last few digits will be wrong, but the
-number that are wrong is usually very small (ordinarly only 2-3).
-Having done this, we compute the arctan() function using the formula:
-
- 1 1 1 1 1
- arctan(1/x) := --- - ----- + ----- - ----- + ----- - ...
- x 3 x^3 5 x^5 7 x^7 9 x^9
-
-This is done iteratively by computing the first term manually, and
-then iteratively dividing x^2 and k, where k = 3, 5, 7, ... out of the
-current figure. This is then added to (or subtracted from) a running
-sum, as appropriate. The iteration continues until we overflow our
-available precision and the current figure goes to zero under integer
-division. At that point, we're finished.
-
-Actually, we get a couple extra bits of precision out of the fact that
-we know we're computing y * arctan(1/x), by setting up the multiplier
-as:
-
- y * 10^d
-
-... instead of just 10^d. There is also a bit of cleverness in how
-the loop is constructed, to avoid special-casing the first term.
-Check out the code for arctan() in 'pi.c', if you are interested in
-seeing how it is set up.
-
-Thanks to Jason P. for this algorithm, which I assembled from notes
-and programs found on his cool "Pile of Pi Programs" page, at:
-
- http://www.isr.umd.edu/~jasonp/pipage.html
-
-Thanks also to Henrik Johansson <Henrik.Johansson@Nexus.Comm.SE>, from
-whose pi program I borrowed the clever idea of pre-multiplying by x in
-order to avoid a special case on the loop iteration.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/prime.txt b/security/nss/lib/freebl/mpi/doc/prime.txt
deleted file mode 100644
index 694797d5f..000000000
--- a/security/nss/lib/freebl/mpi/doc/prime.txt
+++ /dev/null
@@ -1,6542 +0,0 @@
-2
-3
-5
-7
-11
-13
-17
-19
-23
-29
-31
-37
-41
-43
-47
-53
-59
-61
-67
-71
-73
-79
-83
-89
-97
-101
-103
-107
-109
-113
-127
-131
-137
-139
-149
-151
-157
-163
-167
-173
-179
-181
-191
-193
-197
-199
-211
-223
-227
-229
-233
-239
-241
-251
-257
-263
-269
-271
-277
-281
-283
-293
-307
-311
-313
-317
-331
-337
-347
-349
-353
-359
-367
-373
-379
-383
-389
-397
-401
-409
-419
-421
-431
-433
-439
-443
-449
-457
-461
-463
-467
-479
-487
-491
-499
-503
-509
-521
-523
-541
-547
-557
-563
-569
-571
-577
-587
-593
-599
-601
-607
-613
-617
-619
-631
-641
-643
-647
-653
-659
-661
-673
-677
-683
-691
-701
-709
-719
-727
-733
-739
-743
-751
-757
-761
-769
-773
-787
-797
-809
-811
-821
-823
-827
-829
-839
-853
-857
-859
-863
-877
-881
-883
-887
-907
-911
-919
-929
-937
-941
-947
-953
-967
-971
-977
-983
-991
-997
-1009
-1013
-1019
-1021
-1031
-1033
-1039
-1049
-1051
-1061
-1063
-1069
-1087
-1091
-1093
-1097
-1103
-1109
-1117
-1123
-1129
-1151
-1153
-1163
-1171
-1181
-1187
-1193
-1201
-1213
-1217
-1223
-1229
-1231
-1237
-1249
-1259
-1277
-1279
-1283
-1289
-1291
-1297
-1301
-1303
-1307
-1319
-1321
-1327
-1361
-1367
-1373
-1381
-1399
-1409
-1423
-1427
-1429
-1433
-1439
-1447
-1451
-1453
-1459
-1471
-1481
-1483
-1487
-1489
-1493
-1499
-1511
-1523
-1531
-1543
-1549
-1553
-1559
-1567
-1571
-1579
-1583
-1597
-1601
-1607
-1609
-1613
-1619
-1621
-1627
-1637
-1657
-1663
-1667
-1669
-1693
-1697
-1699
-1709
-1721
-1723
-1733
-1741
-1747
-1753
-1759
-1777
-1783
-1787
-1789
-1801
-1811
-1823
-1831
-1847
-1861
-1867
-1871
-1873
-1877
-1879
-1889
-1901
-1907
-1913
-1931
-1933
-1949
-1951
-1973
-1979
-1987
-1993
-1997
-1999
-2003
-2011
-2017
-2027
-2029
-2039
-2053
-2063
-2069
-2081
-2083
-2087
-2089
-2099
-2111
-2113
-2129
-2131
-2137
-2141
-2143
-2153
-2161
-2179
-2203
-2207
-2213
-2221
-2237
-2239
-2243
-2251
-2267
-2269
-2273
-2281
-2287
-2293
-2297
-2309
-2311
-2333
-2339
-2341
-2347
-2351
-2357
-2371
-2377
-2381
-2383
-2389
-2393
-2399
-2411
-2417
-2423
-2437
-2441
-2447
-2459
-2467
-2473
-2477
-2503
-2521
-2531
-2539
-2543
-2549
-2551
-2557
-2579
-2591
-2593
-2609
-2617
-2621
-2633
-2647
-2657
-2659
-2663
-2671
-2677
-2683
-2687
-2689
-2693
-2699
-2707
-2711
-2713
-2719
-2729
-2731
-2741
-2749
-2753
-2767
-2777
-2789
-2791
-2797
-2801
-2803
-2819
-2833
-2837
-2843
-2851
-2857
-2861
-2879
-2887
-2897
-2903
-2909
-2917
-2927
-2939
-2953
-2957
-2963
-2969
-2971
-2999
-3001
-3011
-3019
-3023
-3037
-3041
-3049
-3061
-3067
-3079
-3083
-3089
-3109
-3119
-3121
-3137
-3163
-3167
-3169
-3181
-3187
-3191
-3203
-3209
-3217
-3221
-3229
-3251
-3253
-3257
-3259
-3271
-3299
-3301
-3307
-3313
-3319
-3323
-3329
-3331
-3343
-3347
-3359
-3361
-3371
-3373
-3389
-3391
-3407
-3413
-3433
-3449
-3457
-3461
-3463
-3467
-3469
-3491
-3499
-3511
-3517
-3527
-3529
-3533
-3539
-3541
-3547
-3557
-3559
-3571
-3581
-3583
-3593
-3607
-3613
-3617
-3623
-3631
-3637
-3643
-3659
-3671
-3673
-3677
-3691
-3697
-3701
-3709
-3719
-3727
-3733
-3739
-3761
-3767
-3769
-3779
-3793
-3797
-3803
-3821
-3823
-3833
-3847
-3851
-3853
-3863
-3877
-3881
-3889
-3907
-3911
-3917
-3919
-3923
-3929
-3931
-3943
-3947
-3967
-3989
-4001
-4003
-4007
-4013
-4019
-4021
-4027
-4049
-4051
-4057
-4073
-4079
-4091
-4093
-4099
-4111
-4127
-4129
-4133
-4139
-4153
-4157
-4159
-4177
-4201
-4211
-4217
-4219
-4229
-4231
-4241
-4243
-4253
-4259
-4261
-4271
-4273
-4283
-4289
-4297
-4327
-4337
-4339
-4349
-4357
-4363
-4373
-4391
-4397
-4409
-4421
-4423
-4441
-4447
-4451
-4457
-4463
-4481
-4483
-4493
-4507
-4513
-4517
-4519
-4523
-4547
-4549
-4561
-4567
-4583
-4591
-4597
-4603
-4621
-4637
-4639
-4643
-4649
-4651
-4657
-4663
-4673
-4679
-4691
-4703
-4721
-4723
-4729
-4733
-4751
-4759
-4783
-4787
-4789
-4793
-4799
-4801
-4813
-4817
-4831
-4861
-4871
-4877
-4889
-4903
-4909
-4919
-4931
-4933
-4937
-4943
-4951
-4957
-4967
-4969
-4973
-4987
-4993
-4999
-5003
-5009
-5011
-5021
-5023
-5039
-5051
-5059
-5077
-5081
-5087
-5099
-5101
-5107
-5113
-5119
-5147
-5153
-5167
-5171
-5179
-5189
-5197
-5209
-5227
-5231
-5233
-5237
-5261
-5273
-5279
-5281
-5297
-5303
-5309
-5323
-5333
-5347
-5351
-5381
-5387
-5393
-5399
-5407
-5413
-5417
-5419
-5431
-5437
-5441
-5443
-5449
-5471
-5477
-5479
-5483
-5501
-5503
-5507
-5519
-5521
-5527
-5531
-5557
-5563
-5569
-5573
-5581
-5591
-5623
-5639
-5641
-5647
-5651
-5653
-5657
-5659
-5669
-5683
-5689
-5693
-5701
-5711
-5717
-5737
-5741
-5743
-5749
-5779
-5783
-5791
-5801
-5807
-5813
-5821
-5827
-5839
-5843
-5849
-5851
-5857
-5861
-5867
-5869
-5879
-5881
-5897
-5903
-5923
-5927
-5939
-5953
-5981
-5987
-6007
-6011
-6029
-6037
-6043
-6047
-6053
-6067
-6073
-6079
-6089
-6091
-6101
-6113
-6121
-6131
-6133
-6143
-6151
-6163
-6173
-6197
-6199
-6203
-6211
-6217
-6221
-6229
-6247
-6257
-6263
-6269
-6271
-6277
-6287
-6299
-6301
-6311
-6317
-6323
-6329
-6337
-6343
-6353
-6359
-6361
-6367
-6373
-6379
-6389
-6397
-6421
-6427
-6449
-6451
-6469
-6473
-6481
-6491
-6521
-6529
-6547
-6551
-6553
-6563
-6569
-6571
-6577
-6581
-6599
-6607
-6619
-6637
-6653
-6659
-6661
-6673
-6679
-6689
-6691
-6701
-6703
-6709
-6719
-6733
-6737
-6761
-6763
-6779
-6781
-6791
-6793
-6803
-6823
-6827
-6829
-6833
-6841
-6857
-6863
-6869
-6871
-6883
-6899
-6907
-6911
-6917
-6947
-6949
-6959
-6961
-6967
-6971
-6977
-6983
-6991
-6997
-7001
-7013
-7019
-7027
-7039
-7043
-7057
-7069
-7079
-7103
-7109
-7121
-7127
-7129
-7151
-7159
-7177
-7187
-7193
-7207
-7211
-7213
-7219
-7229
-7237
-7243
-7247
-7253
-7283
-7297
-7307
-7309
-7321
-7331
-7333
-7349
-7351
-7369
-7393
-7411
-7417
-7433
-7451
-7457
-7459
-7477
-7481
-7487
-7489
-7499
-7507
-7517
-7523
-7529
-7537
-7541
-7547
-7549
-7559
-7561
-7573
-7577
-7583
-7589
-7591
-7603
-7607
-7621
-7639
-7643
-7649
-7669
-7673
-7681
-7687
-7691
-7699
-7703
-7717
-7723
-7727
-7741
-7753
-7757
-7759
-7789
-7793
-7817
-7823
-7829
-7841
-7853
-7867
-7873
-7877
-7879
-7883
-7901
-7907
-7919
-7927
-7933
-7937
-7949
-7951
-7963
-7993
-8009
-8011
-8017
-8039
-8053
-8059
-8069
-8081
-8087
-8089
-8093
-8101
-8111
-8117
-8123
-8147
-8161
-8167
-8171
-8179
-8191
-8209
-8219
-8221
-8231
-8233
-8237
-8243
-8263
-8269
-8273
-8287
-8291
-8293
-8297
-8311
-8317
-8329
-8353
-8363
-8369
-8377
-8387
-8389
-8419
-8423
-8429
-8431
-8443
-8447
-8461
-8467
-8501
-8513
-8521
-8527
-8537
-8539
-8543
-8563
-8573
-8581
-8597
-8599
-8609
-8623
-8627
-8629
-8641
-8647
-8663
-8669
-8677
-8681
-8689
-8693
-8699
-8707
-8713
-8719
-8731
-8737
-8741
-8747
-8753
-8761
-8779
-8783
-8803
-8807
-8819
-8821
-8831
-8837
-8839
-8849
-8861
-8863
-8867
-8887
-8893
-8923
-8929
-8933
-8941
-8951
-8963
-8969
-8971
-8999
-9001
-9007
-9011
-9013
-9029
-9041
-9043
-9049
-9059
-9067
-9091
-9103
-9109
-9127
-9133
-9137
-9151
-9157
-9161
-9173
-9181
-9187
-9199
-9203
-9209
-9221
-9227
-9239
-9241
-9257
-9277
-9281
-9283
-9293
-9311
-9319
-9323
-9337
-9341
-9343
-9349
-9371
-9377
-9391
-9397
-9403
-9413
-9419
-9421
-9431
-9433
-9437
-9439
-9461
-9463
-9467
-9473
-9479
-9491
-9497
-9511
-9521
-9533
-9539
-9547
-9551
-9587
-9601
-9613
-9619
-9623
-9629
-9631
-9643
-9649
-9661
-9677
-9679
-9689
-9697
-9719
-9721
-9733
-9739
-9743
-9749
-9767
-9769
-9781
-9787
-9791
-9803
-9811
-9817
-9829
-9833
-9839
-9851
-9857
-9859
-9871
-9883
-9887
-9901
-9907
-9923
-9929
-9931
-9941
-9949
-9967
-9973
-10007
-10009
-10037
-10039
-10061
-10067
-10069
-10079
-10091
-10093
-10099
-10103
-10111
-10133
-10139
-10141
-10151
-10159
-10163
-10169
-10177
-10181
-10193
-10211
-10223
-10243
-10247
-10253
-10259
-10267
-10271
-10273
-10289
-10301
-10303
-10313
-10321
-10331
-10333
-10337
-10343
-10357
-10369
-10391
-10399
-10427
-10429
-10433
-10453
-10457
-10459
-10463
-10477
-10487
-10499
-10501
-10513
-10529
-10531
-10559
-10567
-10589
-10597
-10601
-10607
-10613
-10627
-10631
-10639
-10651
-10657
-10663
-10667
-10687
-10691
-10709
-10711
-10723
-10729
-10733
-10739
-10753
-10771
-10781
-10789
-10799
-10831
-10837
-10847
-10853
-10859
-10861
-10867
-10883
-10889
-10891
-10903
-10909
-10937
-10939
-10949
-10957
-10973
-10979
-10987
-10993
-11003
-11027
-11047
-11057
-11059
-11069
-11071
-11083
-11087
-11093
-11113
-11117
-11119
-11131
-11149
-11159
-11161
-11171
-11173
-11177
-11197
-11213
-11239
-11243
-11251
-11257
-11261
-11273
-11279
-11287
-11299
-11311
-11317
-11321
-11329
-11351
-11353
-11369
-11383
-11393
-11399
-11411
-11423
-11437
-11443
-11447
-11467
-11471
-11483
-11489
-11491
-11497
-11503
-11519
-11527
-11549
-11551
-11579
-11587
-11593
-11597
-11617
-11621
-11633
-11657
-11677
-11681
-11689
-11699
-11701
-11717
-11719
-11731
-11743
-11777
-11779
-11783
-11789
-11801
-11807
-11813
-11821
-11827
-11831
-11833
-11839
-11863
-11867
-11887
-11897
-11903
-11909
-11923
-11927
-11933
-11939
-11941
-11953
-11959
-11969
-11971
-11981
-11987
-12007
-12011
-12037
-12041
-12043
-12049
-12071
-12073
-12097
-12101
-12107
-12109
-12113
-12119
-12143
-12149
-12157
-12161
-12163
-12197
-12203
-12211
-12227
-12239
-12241
-12251
-12253
-12263
-12269
-12277
-12281
-12289
-12301
-12323
-12329
-12343
-12347
-12373
-12377
-12379
-12391
-12401
-12409
-12413
-12421
-12433
-12437
-12451
-12457
-12473
-12479
-12487
-12491
-12497
-12503
-12511
-12517
-12527
-12539
-12541
-12547
-12553
-12569
-12577
-12583
-12589
-12601
-12611
-12613
-12619
-12637
-12641
-12647
-12653
-12659
-12671
-12689
-12697
-12703
-12713
-12721
-12739
-12743
-12757
-12763
-12781
-12791
-12799
-12809
-12821
-12823
-12829
-12841
-12853
-12889
-12893
-12899
-12907
-12911
-12917
-12919
-12923
-12941
-12953
-12959
-12967
-12973
-12979
-12983
-13001
-13003
-13007
-13009
-13033
-13037
-13043
-13049
-13063
-13093
-13099
-13103
-13109
-13121
-13127
-13147
-13151
-13159
-13163
-13171
-13177
-13183
-13187
-13217
-13219
-13229
-13241
-13249
-13259
-13267
-13291
-13297
-13309
-13313
-13327
-13331
-13337
-13339
-13367
-13381
-13397
-13399
-13411
-13417
-13421
-13441
-13451
-13457
-13463
-13469
-13477
-13487
-13499
-13513
-13523
-13537
-13553
-13567
-13577
-13591
-13597
-13613
-13619
-13627
-13633
-13649
-13669
-13679
-13681
-13687
-13691
-13693
-13697
-13709
-13711
-13721
-13723
-13729
-13751
-13757
-13759
-13763
-13781
-13789
-13799
-13807
-13829
-13831
-13841
-13859
-13873
-13877
-13879
-13883
-13901
-13903
-13907
-13913
-13921
-13931
-13933
-13963
-13967
-13997
-13999
-14009
-14011
-14029
-14033
-14051
-14057
-14071
-14081
-14083
-14087
-14107
-14143
-14149
-14153
-14159
-14173
-14177
-14197
-14207
-14221
-14243
-14249
-14251
-14281
-14293
-14303
-14321
-14323
-14327
-14341
-14347
-14369
-14387
-14389
-14401
-14407
-14411
-14419
-14423
-14431
-14437
-14447
-14449
-14461
-14479
-14489
-14503
-14519
-14533
-14537
-14543
-14549
-14551
-14557
-14561
-14563
-14591
-14593
-14621
-14627
-14629
-14633
-14639
-14653
-14657
-14669
-14683
-14699
-14713
-14717
-14723
-14731
-14737
-14741
-14747
-14753
-14759
-14767
-14771
-14779
-14783
-14797
-14813
-14821
-14827
-14831
-14843
-14851
-14867
-14869
-14879
-14887
-14891
-14897
-14923
-14929
-14939
-14947
-14951
-14957
-14969
-14983
-15013
-15017
-15031
-15053
-15061
-15073
-15077
-15083
-15091
-15101
-15107
-15121
-15131
-15137
-15139
-15149
-15161
-15173
-15187
-15193
-15199
-15217
-15227
-15233
-15241
-15259
-15263
-15269
-15271
-15277
-15287
-15289
-15299
-15307
-15313
-15319
-15329
-15331
-15349
-15359
-15361
-15373
-15377
-15383
-15391
-15401
-15413
-15427
-15439
-15443
-15451
-15461
-15467
-15473
-15493
-15497
-15511
-15527
-15541
-15551
-15559
-15569
-15581
-15583
-15601
-15607
-15619
-15629
-15641
-15643
-15647
-15649
-15661
-15667
-15671
-15679
-15683
-15727
-15731
-15733
-15737
-15739
-15749
-15761
-15767
-15773
-15787
-15791
-15797
-15803
-15809
-15817
-15823
-15859
-15877
-15881
-15887
-15889
-15901
-15907
-15913
-15919
-15923
-15937
-15959
-15971
-15973
-15991
-16001
-16007
-16033
-16057
-16061
-16063
-16067
-16069
-16073
-16087
-16091
-16097
-16103
-16111
-16127
-16139
-16141
-16183
-16187
-16189
-16193
-16217
-16223
-16229
-16231
-16249
-16253
-16267
-16273
-16301
-16319
-16333
-16339
-16349
-16361
-16363
-16369
-16381
-16411
-16417
-16421
-16427
-16433
-16447
-16451
-16453
-16477
-16481
-16487
-16493
-16519
-16529
-16547
-16553
-16561
-16567
-16573
-16603
-16607
-16619
-16631
-16633
-16649
-16651
-16657
-16661
-16673
-16691
-16693
-16699
-16703
-16729
-16741
-16747
-16759
-16763
-16787
-16811
-16823
-16829
-16831
-16843
-16871
-16879
-16883
-16889
-16901
-16903
-16921
-16927
-16931
-16937
-16943
-16963
-16979
-16981
-16987
-16993
-17011
-17021
-17027
-17029
-17033
-17041
-17047
-17053
-17077
-17093
-17099
-17107
-17117
-17123
-17137
-17159
-17167
-17183
-17189
-17191
-17203
-17207
-17209
-17231
-17239
-17257
-17291
-17293
-17299
-17317
-17321
-17327
-17333
-17341
-17351
-17359
-17377
-17383
-17387
-17389
-17393
-17401
-17417
-17419
-17431
-17443
-17449
-17467
-17471
-17477
-17483
-17489
-17491
-17497
-17509
-17519
-17539
-17551
-17569
-17573
-17579
-17581
-17597
-17599
-17609
-17623
-17627
-17657
-17659
-17669
-17681
-17683
-17707
-17713
-17729
-17737
-17747
-17749
-17761
-17783
-17789
-17791
-17807
-17827
-17837
-17839
-17851
-17863
-17881
-17891
-17903
-17909
-17911
-17921
-17923
-17929
-17939
-17957
-17959
-17971
-17977
-17981
-17987
-17989
-18013
-18041
-18043
-18047
-18049
-18059
-18061
-18077
-18089
-18097
-18119
-18121
-18127
-18131
-18133
-18143
-18149
-18169
-18181
-18191
-18199
-18211
-18217
-18223
-18229
-18233
-18251
-18253
-18257
-18269
-18287
-18289
-18301
-18307
-18311
-18313
-18329
-18341
-18353
-18367
-18371
-18379
-18397
-18401
-18413
-18427
-18433
-18439
-18443
-18451
-18457
-18461
-18481
-18493
-18503
-18517
-18521
-18523
-18539
-18541
-18553
-18583
-18587
-18593
-18617
-18637
-18661
-18671
-18679
-18691
-18701
-18713
-18719
-18731
-18743
-18749
-18757
-18773
-18787
-18793
-18797
-18803
-18839
-18859
-18869
-18899
-18911
-18913
-18917
-18919
-18947
-18959
-18973
-18979
-19001
-19009
-19013
-19031
-19037
-19051
-19069
-19073
-19079
-19081
-19087
-19121
-19139
-19141
-19157
-19163
-19181
-19183
-19207
-19211
-19213
-19219
-19231
-19237
-19249
-19259
-19267
-19273
-19289
-19301
-19309
-19319
-19333
-19373
-19379
-19381
-19387
-19391
-19403
-19417
-19421
-19423
-19427
-19429
-19433
-19441
-19447
-19457
-19463
-19469
-19471
-19477
-19483
-19489
-19501
-19507
-19531
-19541
-19543
-19553
-19559
-19571
-19577
-19583
-19597
-19603
-19609
-19661
-19681
-19687
-19697
-19699
-19709
-19717
-19727
-19739
-19751
-19753
-19759
-19763
-19777
-19793
-19801
-19813
-19819
-19841
-19843
-19853
-19861
-19867
-19889
-19891
-19913
-19919
-19927
-19937
-19949
-19961
-19963
-19973
-19979
-19991
-19993
-19997
-20011
-20021
-20023
-20029
-20047
-20051
-20063
-20071
-20089
-20101
-20107
-20113
-20117
-20123
-20129
-20143
-20147
-20149
-20161
-20173
-20177
-20183
-20201
-20219
-20231
-20233
-20249
-20261
-20269
-20287
-20297
-20323
-20327
-20333
-20341
-20347
-20353
-20357
-20359
-20369
-20389
-20393
-20399
-20407
-20411
-20431
-20441
-20443
-20477
-20479
-20483
-20507
-20509
-20521
-20533
-20543
-20549
-20551
-20563
-20593
-20599
-20611
-20627
-20639
-20641
-20663
-20681
-20693
-20707
-20717
-20719
-20731
-20743
-20747
-20749
-20753
-20759
-20771
-20773
-20789
-20807
-20809
-20849
-20857
-20873
-20879
-20887
-20897
-20899
-20903
-20921
-20929
-20939
-20947
-20959
-20963
-20981
-20983
-21001
-21011
-21013
-21017
-21019
-21023
-21031
-21059
-21061
-21067
-21089
-21101
-21107
-21121
-21139
-21143
-21149
-21157
-21163
-21169
-21179
-21187
-21191
-21193
-21211
-21221
-21227
-21247
-21269
-21277
-21283
-21313
-21317
-21319
-21323
-21341
-21347
-21377
-21379
-21383
-21391
-21397
-21401
-21407
-21419
-21433
-21467
-21481
-21487
-21491
-21493
-21499
-21503
-21517
-21521
-21523
-21529
-21557
-21559
-21563
-21569
-21577
-21587
-21589
-21599
-21601
-21611
-21613
-21617
-21647
-21649
-21661
-21673
-21683
-21701
-21713
-21727
-21737
-21739
-21751
-21757
-21767
-21773
-21787
-21799
-21803
-21817
-21821
-21839
-21841
-21851
-21859
-21863
-21871
-21881
-21893
-21911
-21929
-21937
-21943
-21961
-21977
-21991
-21997
-22003
-22013
-22027
-22031
-22037
-22039
-22051
-22063
-22067
-22073
-22079
-22091
-22093
-22109
-22111
-22123
-22129
-22133
-22147
-22153
-22157
-22159
-22171
-22189
-22193
-22229
-22247
-22259
-22271
-22273
-22277
-22279
-22283
-22291
-22303
-22307
-22343
-22349
-22367
-22369
-22381
-22391
-22397
-22409
-22433
-22441
-22447
-22453
-22469
-22481
-22483
-22501
-22511
-22531
-22541
-22543
-22549
-22567
-22571
-22573
-22613
-22619
-22621
-22637
-22639
-22643
-22651
-22669
-22679
-22691
-22697
-22699
-22709
-22717
-22721
-22727
-22739
-22741
-22751
-22769
-22777
-22783
-22787
-22807
-22811
-22817
-22853
-22859
-22861
-22871
-22877
-22901
-22907
-22921
-22937
-22943
-22961
-22963
-22973
-22993
-23003
-23011
-23017
-23021
-23027
-23029
-23039
-23041
-23053
-23057
-23059
-23063
-23071
-23081
-23087
-23099
-23117
-23131
-23143
-23159
-23167
-23173
-23189
-23197
-23201
-23203
-23209
-23227
-23251
-23269
-23279
-23291
-23293
-23297
-23311
-23321
-23327
-23333
-23339
-23357
-23369
-23371
-23399
-23417
-23431
-23447
-23459
-23473
-23497
-23509
-23531
-23537
-23539
-23549
-23557
-23561
-23563
-23567
-23581
-23593
-23599
-23603
-23609
-23623
-23627
-23629
-23633
-23663
-23669
-23671
-23677
-23687
-23689
-23719
-23741
-23743
-23747
-23753
-23761
-23767
-23773
-23789
-23801
-23813
-23819
-23827
-23831
-23833
-23857
-23869
-23873
-23879
-23887
-23893
-23899
-23909
-23911
-23917
-23929
-23957
-23971
-23977
-23981
-23993
-24001
-24007
-24019
-24023
-24029
-24043
-24049
-24061
-24071
-24077
-24083
-24091
-24097
-24103
-24107
-24109
-24113
-24121
-24133
-24137
-24151
-24169
-24179
-24181
-24197
-24203
-24223
-24229
-24239
-24247
-24251
-24281
-24317
-24329
-24337
-24359
-24371
-24373
-24379
-24391
-24407
-24413
-24419
-24421
-24439
-24443
-24469
-24473
-24481
-24499
-24509
-24517
-24527
-24533
-24547
-24551
-24571
-24593
-24611
-24623
-24631
-24659
-24671
-24677
-24683
-24691
-24697
-24709
-24733
-24749
-24763
-24767
-24781
-24793
-24799
-24809
-24821
-24841
-24847
-24851
-24859
-24877
-24889
-24907
-24917
-24919
-24923
-24943
-24953
-24967
-24971
-24977
-24979
-24989
-25013
-25031
-25033
-25037
-25057
-25073
-25087
-25097
-25111
-25117
-25121
-25127
-25147
-25153
-25163
-25169
-25171
-25183
-25189
-25219
-25229
-25237
-25243
-25247
-25253
-25261
-25301
-25303
-25307
-25309
-25321
-25339
-25343
-25349
-25357
-25367
-25373
-25391
-25409
-25411
-25423
-25439
-25447
-25453
-25457
-25463
-25469
-25471
-25523
-25537
-25541
-25561
-25577
-25579
-25583
-25589
-25601
-25603
-25609
-25621
-25633
-25639
-25643
-25657
-25667
-25673
-25679
-25693
-25703
-25717
-25733
-25741
-25747
-25759
-25763
-25771
-25793
-25799
-25801
-25819
-25841
-25847
-25849
-25867
-25873
-25889
-25903
-25913
-25919
-25931
-25933
-25939
-25943
-25951
-25969
-25981
-25997
-25999
-26003
-26017
-26021
-26029
-26041
-26053
-26083
-26099
-26107
-26111
-26113
-26119
-26141
-26153
-26161
-26171
-26177
-26183
-26189
-26203
-26209
-26227
-26237
-26249
-26251
-26261
-26263
-26267
-26293
-26297
-26309
-26317
-26321
-26339
-26347
-26357
-26371
-26387
-26393
-26399
-26407
-26417
-26423
-26431
-26437
-26449
-26459
-26479
-26489
-26497
-26501
-26513
-26539
-26557
-26561
-26573
-26591
-26597
-26627
-26633
-26641
-26647
-26669
-26681
-26683
-26687
-26693
-26699
-26701
-26711
-26713
-26717
-26723
-26729
-26731
-26737
-26759
-26777
-26783
-26801
-26813
-26821
-26833
-26839
-26849
-26861
-26863
-26879
-26881
-26891
-26893
-26903
-26921
-26927
-26947
-26951
-26953
-26959
-26981
-26987
-26993
-27011
-27017
-27031
-27043
-27059
-27061
-27067
-27073
-27077
-27091
-27103
-27107
-27109
-27127
-27143
-27179
-27191
-27197
-27211
-27239
-27241
-27253
-27259
-27271
-27277
-27281
-27283
-27299
-27329
-27337
-27361
-27367
-27397
-27407
-27409
-27427
-27431
-27437
-27449
-27457
-27479
-27481
-27487
-27509
-27527
-27529
-27539
-27541
-27551
-27581
-27583
-27611
-27617
-27631
-27647
-27653
-27673
-27689
-27691
-27697
-27701
-27733
-27737
-27739
-27743
-27749
-27751
-27763
-27767
-27773
-27779
-27791
-27793
-27799
-27803
-27809
-27817
-27823
-27827
-27847
-27851
-27883
-27893
-27901
-27917
-27919
-27941
-27943
-27947
-27953
-27961
-27967
-27983
-27997
-28001
-28019
-28027
-28031
-28051
-28057
-28069
-28081
-28087
-28097
-28099
-28109
-28111
-28123
-28151
-28163
-28181
-28183
-28201
-28211
-28219
-28229
-28277
-28279
-28283
-28289
-28297
-28307
-28309
-28319
-28349
-28351
-28387
-28393
-28403
-28409
-28411
-28429
-28433
-28439
-28447
-28463
-28477
-28493
-28499
-28513
-28517
-28537
-28541
-28547
-28549
-28559
-28571
-28573
-28579
-28591
-28597
-28603
-28607
-28619
-28621
-28627
-28631
-28643
-28649
-28657
-28661
-28663
-28669
-28687
-28697
-28703
-28711
-28723
-28729
-28751
-28753
-28759
-28771
-28789
-28793
-28807
-28813
-28817
-28837
-28843
-28859
-28867
-28871
-28879
-28901
-28909
-28921
-28927
-28933
-28949
-28961
-28979
-29009
-29017
-29021
-29023
-29027
-29033
-29059
-29063
-29077
-29101
-29123
-29129
-29131
-29137
-29147
-29153
-29167
-29173
-29179
-29191
-29201
-29207
-29209
-29221
-29231
-29243
-29251
-29269
-29287
-29297
-29303
-29311
-29327
-29333
-29339
-29347
-29363
-29383
-29387
-29389
-29399
-29401
-29411
-29423
-29429
-29437
-29443
-29453
-29473
-29483
-29501
-29527
-29531
-29537
-29567
-29569
-29573
-29581
-29587
-29599
-29611
-29629
-29633
-29641
-29663
-29669
-29671
-29683
-29717
-29723
-29741
-29753
-29759
-29761
-29789
-29803
-29819
-29833
-29837
-29851
-29863
-29867
-29873
-29879
-29881
-29917
-29921
-29927
-29947
-29959
-29983
-29989
-30011
-30013
-30029
-30047
-30059
-30071
-30089
-30091
-30097
-30103
-30109
-30113
-30119
-30133
-30137
-30139
-30161
-30169
-30181
-30187
-30197
-30203
-30211
-30223
-30241
-30253
-30259
-30269
-30271
-30293
-30307
-30313
-30319
-30323
-30341
-30347
-30367
-30389
-30391
-30403
-30427
-30431
-30449
-30467
-30469
-30491
-30493
-30497
-30509
-30517
-30529
-30539
-30553
-30557
-30559
-30577
-30593
-30631
-30637
-30643
-30649
-30661
-30671
-30677
-30689
-30697
-30703
-30707
-30713
-30727
-30757
-30763
-30773
-30781
-30803
-30809
-30817
-30829
-30839
-30841
-30851
-30853
-30859
-30869
-30871
-30881
-30893
-30911
-30931
-30937
-30941
-30949
-30971
-30977
-30983
-31013
-31019
-31033
-31039
-31051
-31063
-31069
-31079
-31081
-31091
-31121
-31123
-31139
-31147
-31151
-31153
-31159
-31177
-31181
-31183
-31189
-31193
-31219
-31223
-31231
-31237
-31247
-31249
-31253
-31259
-31267
-31271
-31277
-31307
-31319
-31321
-31327
-31333
-31337
-31357
-31379
-31387
-31391
-31393
-31397
-31469
-31477
-31481
-31489
-31511
-31513
-31517
-31531
-31541
-31543
-31547
-31567
-31573
-31583
-31601
-31607
-31627
-31643
-31649
-31657
-31663
-31667
-31687
-31699
-31721
-31723
-31727
-31729
-31741
-31751
-31769
-31771
-31793
-31799
-31817
-31847
-31849
-31859
-31873
-31883
-31891
-31907
-31957
-31963
-31973
-31981
-31991
-32003
-32009
-32027
-32029
-32051
-32057
-32059
-32063
-32069
-32077
-32083
-32089
-32099
-32117
-32119
-32141
-32143
-32159
-32173
-32183
-32189
-32191
-32203
-32213
-32233
-32237
-32251
-32257
-32261
-32297
-32299
-32303
-32309
-32321
-32323
-32327
-32341
-32353
-32359
-32363
-32369
-32371
-32377
-32381
-32401
-32411
-32413
-32423
-32429
-32441
-32443
-32467
-32479
-32491
-32497
-32503
-32507
-32531
-32533
-32537
-32561
-32563
-32569
-32573
-32579
-32587
-32603
-32609
-32611
-32621
-32633
-32647
-32653
-32687
-32693
-32707
-32713
-32717
-32719
-32749
-32771
-32779
-32783
-32789
-32797
-32801
-32803
-32831
-32833
-32839
-32843
-32869
-32887
-32909
-32911
-32917
-32933
-32939
-32941
-32957
-32969
-32971
-32983
-32987
-32993
-32999
-33013
-33023
-33029
-33037
-33049
-33053
-33071
-33073
-33083
-33091
-33107
-33113
-33119
-33149
-33151
-33161
-33179
-33181
-33191
-33199
-33203
-33211
-33223
-33247
-33287
-33289
-33301
-33311
-33317
-33329
-33331
-33343
-33347
-33349
-33353
-33359
-33377
-33391
-33403
-33409
-33413
-33427
-33457
-33461
-33469
-33479
-33487
-33493
-33503
-33521
-33529
-33533
-33547
-33563
-33569
-33577
-33581
-33587
-33589
-33599
-33601
-33613
-33617
-33619
-33623
-33629
-33637
-33641
-33647
-33679
-33703
-33713
-33721
-33739
-33749
-33751
-33757
-33767
-33769
-33773
-33791
-33797
-33809
-33811
-33827
-33829
-33851
-33857
-33863
-33871
-33889
-33893
-33911
-33923
-33931
-33937
-33941
-33961
-33967
-33997
-34019
-34031
-34033
-34039
-34057
-34061
-34123
-34127
-34129
-34141
-34147
-34157
-34159
-34171
-34183
-34211
-34213
-34217
-34231
-34253
-34259
-34261
-34267
-34273
-34283
-34297
-34301
-34303
-34313
-34319
-34327
-34337
-34351
-34361
-34367
-34369
-34381
-34403
-34421
-34429
-34439
-34457
-34469
-34471
-34483
-34487
-34499
-34501
-34511
-34513
-34519
-34537
-34543
-34549
-34583
-34589
-34591
-34603
-34607
-34613
-34631
-34649
-34651
-34667
-34673
-34679
-34687
-34693
-34703
-34721
-34729
-34739
-34747
-34757
-34759
-34763
-34781
-34807
-34819
-34841
-34843
-34847
-34849
-34871
-34877
-34883
-34897
-34913
-34919
-34939
-34949
-34961
-34963
-34981
-35023
-35027
-35051
-35053
-35059
-35069
-35081
-35083
-35089
-35099
-35107
-35111
-35117
-35129
-35141
-35149
-35153
-35159
-35171
-35201
-35221
-35227
-35251
-35257
-35267
-35279
-35281
-35291
-35311
-35317
-35323
-35327
-35339
-35353
-35363
-35381
-35393
-35401
-35407
-35419
-35423
-35437
-35447
-35449
-35461
-35491
-35507
-35509
-35521
-35527
-35531
-35533
-35537
-35543
-35569
-35573
-35591
-35593
-35597
-35603
-35617
-35671
-35677
-35729
-35731
-35747
-35753
-35759
-35771
-35797
-35801
-35803
-35809
-35831
-35837
-35839
-35851
-35863
-35869
-35879
-35897
-35899
-35911
-35923
-35933
-35951
-35963
-35969
-35977
-35983
-35993
-35999
-36007
-36011
-36013
-36017
-36037
-36061
-36067
-36073
-36083
-36097
-36107
-36109
-36131
-36137
-36151
-36161
-36187
-36191
-36209
-36217
-36229
-36241
-36251
-36263
-36269
-36277
-36293
-36299
-36307
-36313
-36319
-36341
-36343
-36353
-36373
-36383
-36389
-36433
-36451
-36457
-36467
-36469
-36473
-36479
-36493
-36497
-36523
-36527
-36529
-36541
-36551
-36559
-36563
-36571
-36583
-36587
-36599
-36607
-36629
-36637
-36643
-36653
-36671
-36677
-36683
-36691
-36697
-36709
-36713
-36721
-36739
-36749
-36761
-36767
-36779
-36781
-36787
-36791
-36793
-36809
-36821
-36833
-36847
-36857
-36871
-36877
-36887
-36899
-36901
-36913
-36919
-36923
-36929
-36931
-36943
-36947
-36973
-36979
-36997
-37003
-37013
-37019
-37021
-37039
-37049
-37057
-37061
-37087
-37097
-37117
-37123
-37139
-37159
-37171
-37181
-37189
-37199
-37201
-37217
-37223
-37243
-37253
-37273
-37277
-37307
-37309
-37313
-37321
-37337
-37339
-37357
-37361
-37363
-37369
-37379
-37397
-37409
-37423
-37441
-37447
-37463
-37483
-37489
-37493
-37501
-37507
-37511
-37517
-37529
-37537
-37547
-37549
-37561
-37567
-37571
-37573
-37579
-37589
-37591
-37607
-37619
-37633
-37643
-37649
-37657
-37663
-37691
-37693
-37699
-37717
-37747
-37781
-37783
-37799
-37811
-37813
-37831
-37847
-37853
-37861
-37871
-37879
-37889
-37897
-37907
-37951
-37957
-37963
-37967
-37987
-37991
-37993
-37997
-38011
-38039
-38047
-38053
-38069
-38083
-38113
-38119
-38149
-38153
-38167
-38177
-38183
-38189
-38197
-38201
-38219
-38231
-38237
-38239
-38261
-38273
-38281
-38287
-38299
-38303
-38317
-38321
-38327
-38329
-38333
-38351
-38371
-38377
-38393
-38431
-38447
-38449
-38453
-38459
-38461
-38501
-38543
-38557
-38561
-38567
-38569
-38593
-38603
-38609
-38611
-38629
-38639
-38651
-38653
-38669
-38671
-38677
-38693
-38699
-38707
-38711
-38713
-38723
-38729
-38737
-38747
-38749
-38767
-38783
-38791
-38803
-38821
-38833
-38839
-38851
-38861
-38867
-38873
-38891
-38903
-38917
-38921
-38923
-38933
-38953
-38959
-38971
-38977
-38993
-39019
-39023
-39041
-39043
-39047
-39079
-39089
-39097
-39103
-39107
-39113
-39119
-39133
-39139
-39157
-39161
-39163
-39181
-39191
-39199
-39209
-39217
-39227
-39229
-39233
-39239
-39241
-39251
-39293
-39301
-39313
-39317
-39323
-39341
-39343
-39359
-39367
-39371
-39373
-39383
-39397
-39409
-39419
-39439
-39443
-39451
-39461
-39499
-39503
-39509
-39511
-39521
-39541
-39551
-39563
-39569
-39581
-39607
-39619
-39623
-39631
-39659
-39667
-39671
-39679
-39703
-39709
-39719
-39727
-39733
-39749
-39761
-39769
-39779
-39791
-39799
-39821
-39827
-39829
-39839
-39841
-39847
-39857
-39863
-39869
-39877
-39883
-39887
-39901
-39929
-39937
-39953
-39971
-39979
-39983
-39989
-40009
-40013
-40031
-40037
-40039
-40063
-40087
-40093
-40099
-40111
-40123
-40127
-40129
-40151
-40153
-40163
-40169
-40177
-40189
-40193
-40213
-40231
-40237
-40241
-40253
-40277
-40283
-40289
-40343
-40351
-40357
-40361
-40387
-40423
-40427
-40429
-40433
-40459
-40471
-40483
-40487
-40493
-40499
-40507
-40519
-40529
-40531
-40543
-40559
-40577
-40583
-40591
-40597
-40609
-40627
-40637
-40639
-40693
-40697
-40699
-40709
-40739
-40751
-40759
-40763
-40771
-40787
-40801
-40813
-40819
-40823
-40829
-40841
-40847
-40849
-40853
-40867
-40879
-40883
-40897
-40903
-40927
-40933
-40939
-40949
-40961
-40973
-40993
-41011
-41017
-41023
-41039
-41047
-41051
-41057
-41077
-41081
-41113
-41117
-41131
-41141
-41143
-41149
-41161
-41177
-41179
-41183
-41189
-41201
-41203
-41213
-41221
-41227
-41231
-41233
-41243
-41257
-41263
-41269
-41281
-41299
-41333
-41341
-41351
-41357
-41381
-41387
-41389
-41399
-41411
-41413
-41443
-41453
-41467
-41479
-41491
-41507
-41513
-41519
-41521
-41539
-41543
-41549
-41579
-41593
-41597
-41603
-41609
-41611
-41617
-41621
-41627
-41641
-41647
-41651
-41659
-41669
-41681
-41687
-41719
-41729
-41737
-41759
-41761
-41771
-41777
-41801
-41809
-41813
-41843
-41849
-41851
-41863
-41879
-41887
-41893
-41897
-41903
-41911
-41927
-41941
-41947
-41953
-41957
-41959
-41969
-41981
-41983
-41999
-42013
-42017
-42019
-42023
-42043
-42061
-42071
-42073
-42083
-42089
-42101
-42131
-42139
-42157
-42169
-42179
-42181
-42187
-42193
-42197
-42209
-42221
-42223
-42227
-42239
-42257
-42281
-42283
-42293
-42299
-42307
-42323
-42331
-42337
-42349
-42359
-42373
-42379
-42391
-42397
-42403
-42407
-42409
-42433
-42437
-42443
-42451
-42457
-42461
-42463
-42467
-42473
-42487
-42491
-42499
-42509
-42533
-42557
-42569
-42571
-42577
-42589
-42611
-42641
-42643
-42649
-42667
-42677
-42683
-42689
-42697
-42701
-42703
-42709
-42719
-42727
-42737
-42743
-42751
-42767
-42773
-42787
-42793
-42797
-42821
-42829
-42839
-42841
-42853
-42859
-42863
-42899
-42901
-42923
-42929
-42937
-42943
-42953
-42961
-42967
-42979
-42989
-43003
-43013
-43019
-43037
-43049
-43051
-43063
-43067
-43093
-43103
-43117
-43133
-43151
-43159
-43177
-43189
-43201
-43207
-43223
-43237
-43261
-43271
-43283
-43291
-43313
-43319
-43321
-43331
-43391
-43397
-43399
-43403
-43411
-43427
-43441
-43451
-43457
-43481
-43487
-43499
-43517
-43541
-43543
-43573
-43577
-43579
-43591
-43597
-43607
-43609
-43613
-43627
-43633
-43649
-43651
-43661
-43669
-43691
-43711
-43717
-43721
-43753
-43759
-43777
-43781
-43783
-43787
-43789
-43793
-43801
-43853
-43867
-43889
-43891
-43913
-43933
-43943
-43951
-43961
-43963
-43969
-43973
-43987
-43991
-43997
-44017
-44021
-44027
-44029
-44041
-44053
-44059
-44071
-44087
-44089
-44101
-44111
-44119
-44123
-44129
-44131
-44159
-44171
-44179
-44189
-44201
-44203
-44207
-44221
-44249
-44257
-44263
-44267
-44269
-44273
-44279
-44281
-44293
-44351
-44357
-44371
-44381
-44383
-44389
-44417
-44449
-44453
-44483
-44491
-44497
-44501
-44507
-44519
-44531
-44533
-44537
-44543
-44549
-44563
-44579
-44587
-44617
-44621
-44623
-44633
-44641
-44647
-44651
-44657
-44683
-44687
-44699
-44701
-44711
-44729
-44741
-44753
-44771
-44773
-44777
-44789
-44797
-44809
-44819
-44839
-44843
-44851
-44867
-44879
-44887
-44893
-44909
-44917
-44927
-44939
-44953
-44959
-44963
-44971
-44983
-44987
-45007
-45013
-45053
-45061
-45077
-45083
-45119
-45121
-45127
-45131
-45137
-45139
-45161
-45179
-45181
-45191
-45197
-45233
-45247
-45259
-45263
-45281
-45289
-45293
-45307
-45317
-45319
-45329
-45337
-45341
-45343
-45361
-45377
-45389
-45403
-45413
-45427
-45433
-45439
-45481
-45491
-45497
-45503
-45523
-45533
-45541
-45553
-45557
-45569
-45587
-45589
-45599
-45613
-45631
-45641
-45659
-45667
-45673
-45677
-45691
-45697
-45707
-45737
-45751
-45757
-45763
-45767
-45779
-45817
-45821
-45823
-45827
-45833
-45841
-45853
-45863
-45869
-45887
-45893
-45943
-45949
-45953
-45959
-45971
-45979
-45989
-46021
-46027
-46049
-46051
-46061
-46073
-46091
-46093
-46099
-46103
-46133
-46141
-46147
-46153
-46171
-46181
-46183
-46187
-46199
-46219
-46229
-46237
-46261
-46271
-46273
-46279
-46301
-46307
-46309
-46327
-46337
-46349
-46351
-46381
-46399
-46411
-46439
-46441
-46447
-46451
-46457
-46471
-46477
-46489
-46499
-46507
-46511
-46523
-46549
-46559
-46567
-46573
-46589
-46591
-46601
-46619
-46633
-46639
-46643
-46649
-46663
-46679
-46681
-46687
-46691
-46703
-46723
-46727
-46747
-46751
-46757
-46769
-46771
-46807
-46811
-46817
-46819
-46829
-46831
-46853
-46861
-46867
-46877
-46889
-46901
-46919
-46933
-46957
-46993
-46997
-47017
-47041
-47051
-47057
-47059
-47087
-47093
-47111
-47119
-47123
-47129
-47137
-47143
-47147
-47149
-47161
-47189
-47207
-47221
-47237
-47251
-47269
-47279
-47287
-47293
-47297
-47303
-47309
-47317
-47339
-47351
-47353
-47363
-47381
-47387
-47389
-47407
-47417
-47419
-47431
-47441
-47459
-47491
-47497
-47501
-47507
-47513
-47521
-47527
-47533
-47543
-47563
-47569
-47581
-47591
-47599
-47609
-47623
-47629
-47639
-47653
-47657
-47659
-47681
-47699
-47701
-47711
-47713
-47717
-47737
-47741
-47743
-47777
-47779
-47791
-47797
-47807
-47809
-47819
-47837
-47843
-47857
-47869
-47881
-47903
-47911
-47917
-47933
-47939
-47947
-47951
-47963
-47969
-47977
-47981
-48017
-48023
-48029
-48049
-48073
-48079
-48091
-48109
-48119
-48121
-48131
-48157
-48163
-48179
-48187
-48193
-48197
-48221
-48239
-48247
-48259
-48271
-48281
-48299
-48311
-48313
-48337
-48341
-48353
-48371
-48383
-48397
-48407
-48409
-48413
-48437
-48449
-48463
-48473
-48479
-48481
-48487
-48491
-48497
-48523
-48527
-48533
-48539
-48541
-48563
-48571
-48589
-48593
-48611
-48619
-48623
-48647
-48649
-48661
-48673
-48677
-48679
-48731
-48733
-48751
-48757
-48761
-48767
-48779
-48781
-48787
-48799
-48809
-48817
-48821
-48823
-48847
-48857
-48859
-48869
-48871
-48883
-48889
-48907
-48947
-48953
-48973
-48989
-48991
-49003
-49009
-49019
-49031
-49033
-49037
-49043
-49057
-49069
-49081
-49103
-49109
-49117
-49121
-49123
-49139
-49157
-49169
-49171
-49177
-49193
-49199
-49201
-49207
-49211
-49223
-49253
-49261
-49277
-49279
-49297
-49307
-49331
-49333
-49339
-49363
-49367
-49369
-49391
-49393
-49409
-49411
-49417
-49429
-49433
-49451
-49459
-49463
-49477
-49481
-49499
-49523
-49529
-49531
-49537
-49547
-49549
-49559
-49597
-49603
-49613
-49627
-49633
-49639
-49663
-49667
-49669
-49681
-49697
-49711
-49727
-49739
-49741
-49747
-49757
-49783
-49787
-49789
-49801
-49807
-49811
-49823
-49831
-49843
-49853
-49871
-49877
-49891
-49919
-49921
-49927
-49937
-49939
-49943
-49957
-49991
-49993
-49999
-50021
-50023
-50033
-50047
-50051
-50053
-50069
-50077
-50087
-50093
-50101
-50111
-50119
-50123
-50129
-50131
-50147
-50153
-50159
-50177
-50207
-50221
-50227
-50231
-50261
-50263
-50273
-50287
-50291
-50311
-50321
-50329
-50333
-50341
-50359
-50363
-50377
-50383
-50387
-50411
-50417
-50423
-50441
-50459
-50461
-50497
-50503
-50513
-50527
-50539
-50543
-50549
-50551
-50581
-50587
-50591
-50593
-50599
-50627
-50647
-50651
-50671
-50683
-50707
-50723
-50741
-50753
-50767
-50773
-50777
-50789
-50821
-50833
-50839
-50849
-50857
-50867
-50873
-50891
-50893
-50909
-50923
-50929
-50951
-50957
-50969
-50971
-50989
-50993
-51001
-51031
-51043
-51047
-51059
-51061
-51071
-51109
-51131
-51133
-51137
-51151
-51157
-51169
-51193
-51197
-51199
-51203
-51217
-51229
-51239
-51241
-51257
-51263
-51283
-51287
-51307
-51329
-51341
-51343
-51347
-51349
-51361
-51383
-51407
-51413
-51419
-51421
-51427
-51431
-51437
-51439
-51449
-51461
-51473
-51479
-51481
-51487
-51503
-51511
-51517
-51521
-51539
-51551
-51563
-51577
-51581
-51593
-51599
-51607
-51613
-51631
-51637
-51647
-51659
-51673
-51679
-51683
-51691
-51713
-51719
-51721
-51749
-51767
-51769
-51787
-51797
-51803
-51817
-51827
-51829
-51839
-51853
-51859
-51869
-51871
-51893
-51899
-51907
-51913
-51929
-51941
-51949
-51971
-51973
-51977
-51991
-52009
-52021
-52027
-52051
-52057
-52067
-52069
-52081
-52103
-52121
-52127
-52147
-52153
-52163
-52177
-52181
-52183
-52189
-52201
-52223
-52237
-52249
-52253
-52259
-52267
-52289
-52291
-52301
-52313
-52321
-52361
-52363
-52369
-52379
-52387
-52391
-52433
-52453
-52457
-52489
-52501
-52511
-52517
-52529
-52541
-52543
-52553
-52561
-52567
-52571
-52579
-52583
-52609
-52627
-52631
-52639
-52667
-52673
-52691
-52697
-52709
-52711
-52721
-52727
-52733
-52747
-52757
-52769
-52783
-52807
-52813
-52817
-52837
-52859
-52861
-52879
-52883
-52889
-52901
-52903
-52919
-52937
-52951
-52957
-52963
-52967
-52973
-52981
-52999
-53003
-53017
-53047
-53051
-53069
-53077
-53087
-53089
-53093
-53101
-53113
-53117
-53129
-53147
-53149
-53161
-53171
-53173
-53189
-53197
-53201
-53231
-53233
-53239
-53267
-53269
-53279
-53281
-53299
-53309
-53323
-53327
-53353
-53359
-53377
-53381
-53401
-53407
-53411
-53419
-53437
-53441
-53453
-53479
-53503
-53507
-53527
-53549
-53551
-53569
-53591
-53593
-53597
-53609
-53611
-53617
-53623
-53629
-53633
-53639
-53653
-53657
-53681
-53693
-53699
-53717
-53719
-53731
-53759
-53773
-53777
-53783
-53791
-53813
-53819
-53831
-53849
-53857
-53861
-53881
-53887
-53891
-53897
-53899
-53917
-53923
-53927
-53939
-53951
-53959
-53987
-53993
-54001
-54011
-54013
-54037
-54049
-54059
-54083
-54091
-54101
-54121
-54133
-54139
-54151
-54163
-54167
-54181
-54193
-54217
-54251
-54269
-54277
-54287
-54293
-54311
-54319
-54323
-54331
-54347
-54361
-54367
-54371
-54377
-54401
-54403
-54409
-54413
-54419
-54421
-54437
-54443
-54449
-54469
-54493
-54497
-54499
-54503
-54517
-54521
-54539
-54541
-54547
-54559
-54563
-54577
-54581
-54583
-54601
-54617
-54623
-54629
-54631
-54647
-54667
-54673
-54679
-54709
-54713
-54721
-54727
-54751
-54767
-54773
-54779
-54787
-54799
-54829
-54833
-54851
-54869
-54877
-54881
-54907
-54917
-54919
-54941
-54949
-54959
-54973
-54979
-54983
-55001
-55009
-55021
-55049
-55051
-55057
-55061
-55073
-55079
-55103
-55109
-55117
-55127
-55147
-55163
-55171
-55201
-55207
-55213
-55217
-55219
-55229
-55243
-55249
-55259
-55291
-55313
-55331
-55333
-55337
-55339
-55343
-55351
-55373
-55381
-55399
-55411
-55439
-55441
-55457
-55469
-55487
-55501
-55511
-55529
-55541
-55547
-55579
-55589
-55603
-55609
-55619
-55621
-55631
-55633
-55639
-55661
-55663
-55667
-55673
-55681
-55691
-55697
-55711
-55717
-55721
-55733
-55763
-55787
-55793
-55799
-55807
-55813
-55817
-55819
-55823
-55829
-55837
-55843
-55849
-55871
-55889
-55897
-55901
-55903
-55921
-55927
-55931
-55933
-55949
-55967
-55987
-55997
-56003
-56009
-56039
-56041
-56053
-56081
-56087
-56093
-56099
-56101
-56113
-56123
-56131
-56149
-56167
-56171
-56179
-56197
-56207
-56209
-56237
-56239
-56249
-56263
-56267
-56269
-56299
-56311
-56333
-56359
-56369
-56377
-56383
-56393
-56401
-56417
-56431
-56437
-56443
-56453
-56467
-56473
-56477
-56479
-56489
-56501
-56503
-56509
-56519
-56527
-56531
-56533
-56543
-56569
-56591
-56597
-56599
-56611
-56629
-56633
-56659
-56663
-56671
-56681
-56687
-56701
-56711
-56713
-56731
-56737
-56747
-56767
-56773
-56779
-56783
-56807
-56809
-56813
-56821
-56827
-56843
-56857
-56873
-56891
-56893
-56897
-56909
-56911
-56921
-56923
-56929
-56941
-56951
-56957
-56963
-56983
-56989
-56993
-56999
-57037
-57041
-57047
-57059
-57073
-57077
-57089
-57097
-57107
-57119
-57131
-57139
-57143
-57149
-57163
-57173
-57179
-57191
-57193
-57203
-57221
-57223
-57241
-57251
-57259
-57269
-57271
-57283
-57287
-57301
-57329
-57331
-57347
-57349
-57367
-57373
-57383
-57389
-57397
-57413
-57427
-57457
-57467
-57487
-57493
-57503
-57527
-57529
-57557
-57559
-57571
-57587
-57593
-57601
-57637
-57641
-57649
-57653
-57667
-57679
-57689
-57697
-57709
-57713
-57719
-57727
-57731
-57737
-57751
-57773
-57781
-57787
-57791
-57793
-57803
-57809
-57829
-57839
-57847
-57853
-57859
-57881
-57899
-57901
-57917
-57923
-57943
-57947
-57973
-57977
-57991
-58013
-58027
-58031
-58043
-58049
-58057
-58061
-58067
-58073
-58099
-58109
-58111
-58129
-58147
-58151
-58153
-58169
-58171
-58189
-58193
-58199
-58207
-58211
-58217
-58229
-58231
-58237
-58243
-58271
-58309
-58313
-58321
-58337
-58363
-58367
-58369
-58379
-58391
-58393
-58403
-58411
-58417
-58427
-58439
-58441
-58451
-58453
-58477
-58481
-58511
-58537
-58543
-58549
-58567
-58573
-58579
-58601
-58603
-58613
-58631
-58657
-58661
-58679
-58687
-58693
-58699
-58711
-58727
-58733
-58741
-58757
-58763
-58771
-58787
-58789
-58831
-58889
-58897
-58901
-58907
-58909
-58913
-58921
-58937
-58943
-58963
-58967
-58979
-58991
-58997
-59009
-59011
-59021
-59023
-59029
-59051
-59053
-59063
-59069
-59077
-59083
-59093
-59107
-59113
-59119
-59123
-59141
-59149
-59159
-59167
-59183
-59197
-59207
-59209
-59219
-59221
-59233
-59239
-59243
-59263
-59273
-59281
-59333
-59341
-59351
-59357
-59359
-59369
-59377
-59387
-59393
-59399
-59407
-59417
-59419
-59441
-59443
-59447
-59453
-59467
-59471
-59473
-59497
-59509
-59513
-59539
-59557
-59561
-59567
-59581
-59611
-59617
-59621
-59627
-59629
-59651
-59659
-59663
-59669
-59671
-59693
-59699
-59707
-59723
-59729
-59743
-59747
-59753
-59771
-59779
-59791
-59797
-59809
-59833
-59863
-59879
-59887
-59921
-59929
-59951
-59957
-59971
-59981
-59999
-60013
-60017
-60029
-60037
-60041
-60077
-60083
-60089
-60091
-60101
-60103
-60107
-60127
-60133
-60139
-60149
-60161
-60167
-60169
-60209
-60217
-60223
-60251
-60257
-60259
-60271
-60289
-60293
-60317
-60331
-60337
-60343
-60353
-60373
-60383
-60397
-60413
-60427
-60443
-60449
-60457
-60493
-60497
-60509
-60521
-60527
-60539
-60589
-60601
-60607
-60611
-60617
-60623
-60631
-60637
-60647
-60649
-60659
-60661
-60679
-60689
-60703
-60719
-60727
-60733
-60737
-60757
-60761
-60763
-60773
-60779
-60793
-60811
-60821
-60859
-60869
-60887
-60889
-60899
-60901
-60913
-60917
-60919
-60923
-60937
-60943
-60953
-60961
-61001
-61007
-61027
-61031
-61043
-61051
-61057
-61091
-61099
-61121
-61129
-61141
-61151
-61153
-61169
-61211
-61223
-61231
-61253
-61261
-61283
-61291
-61297
-61331
-61333
-61339
-61343
-61357
-61363
-61379
-61381
-61403
-61409
-61417
-61441
-61463
-61469
-61471
-61483
-61487
-61493
-61507
-61511
-61519
-61543
-61547
-61553
-61559
-61561
-61583
-61603
-61609
-61613
-61627
-61631
-61637
-61643
-61651
-61657
-61667
-61673
-61681
-61687
-61703
-61717
-61723
-61729
-61751
-61757
-61781
-61813
-61819
-61837
-61843
-61861
-61871
-61879
-61909
-61927
-61933
-61949
-61961
-61967
-61979
-61981
-61987
-61991
-62003
-62011
-62017
-62039
-62047
-62053
-62057
-62071
-62081
-62099
-62119
-62129
-62131
-62137
-62141
-62143
-62171
-62189
-62191
-62201
-62207
-62213
-62219
-62233
-62273
-62297
-62299
-62303
-62311
-62323
-62327
-62347
-62351
-62383
-62401
-62417
-62423
-62459
-62467
-62473
-62477
-62483
-62497
-62501
-62507
-62533
-62539
-62549
-62563
-62581
-62591
-62597
-62603
-62617
-62627
-62633
-62639
-62653
-62659
-62683
-62687
-62701
-62723
-62731
-62743
-62753
-62761
-62773
-62791
-62801
-62819
-62827
-62851
-62861
-62869
-62873
-62897
-62903
-62921
-62927
-62929
-62939
-62969
-62971
-62981
-62983
-62987
-62989
-63029
-63031
-63059
-63067
-63073
-63079
-63097
-63103
-63113
-63127
-63131
-63149
-63179
-63197
-63199
-63211
-63241
-63247
-63277
-63281
-63299
-63311
-63313
-63317
-63331
-63337
-63347
-63353
-63361
-63367
-63377
-63389
-63391
-63397
-63409
-63419
-63421
-63439
-63443
-63463
-63467
-63473
-63487
-63493
-63499
-63521
-63527
-63533
-63541
-63559
-63577
-63587
-63589
-63599
-63601
-63607
-63611
-63617
-63629
-63647
-63649
-63659
-63667
-63671
-63689
-63691
-63697
-63703
-63709
-63719
-63727
-63737
-63743
-63761
-63773
-63781
-63793
-63799
-63803
-63809
-63823
-63839
-63841
-63853
-63857
-63863
-63901
-63907
-63913
-63929
-63949
-63977
-63997
-64007
-64013
-64019
-64033
-64037
-64063
-64067
-64081
-64091
-64109
-64123
-64151
-64153
-64157
-64171
-64187
-64189
-64217
-64223
-64231
-64237
-64271
-64279
-64283
-64301
-64303
-64319
-64327
-64333
-64373
-64381
-64399
-64403
-64433
-64439
-64451
-64453
-64483
-64489
-64499
-64513
-64553
-64567
-64577
-64579
-64591
-64601
-64609
-64613
-64621
-64627
-64633
-64661
-64663
-64667
-64679
-64693
-64709
-64717
-64747
-64763
-64781
-64783
-64793
-64811
-64817
-64849
-64853
-64871
-64877
-64879
-64891
-64901
-64919
-64921
-64927
-64937
-64951
-64969
-64997
-65003
-65011
-65027
-65029
-65033
-65053
-65063
-65071
-65089
-65099
-65101
-65111
-65119
-65123
-65129
-65141
-65147
-65167
-65171
-65173
-65179
-65183
-65203
-65213
-65239
-65257
-65267
-65269
-65287
-65293
-65309
-65323
-65327
-65353
-65357
-65371
-65381
-65393
-65407
-65413
-65419
-65423
-65437
-65447
-65449
-65479
-65497
-65519
-65521
diff --git a/security/nss/lib/freebl/mpi/doc/prng.pod b/security/nss/lib/freebl/mpi/doc/prng.pod
deleted file mode 100644
index 1ae75da82..000000000
--- a/security/nss/lib/freebl/mpi/doc/prng.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=head1 NAME
-
- prng - pseudo-random number generator
-
-=head1 SYNOPSIS
-
- prng [count]
-
-=head1 DESCRIPTION
-
-B<Prng> generates 32-bit pseudo-random integers using the
-Blum-Blum-Shub (BBS) quadratic residue generator. It is seeded using
-the standard C library's rand() function, which itself seeded from the
-system clock and the process ID number. Thus, the values generated
-are not particularly useful for cryptographic applications, but they
-are in general much better than the typical output of the usual
-multiplicative congruency generator used by most runtime libraries.
-
-You may optionally specify how many random values should be generated
-by giving a I<count> argument on the command line. If you do not
-specify a count, only one random value will be generated. The results
-are output to the standard output in decimal notation, one value per
-line.
-
-=head1 RESTRICTIONS
-
-As stated above, B<prng> uses the C library's rand() function to seed
-the generator, so it is not terribly suitable for cryptographic
-applications. Also note that each time you run the program, a new
-seed is generated, so it is better to run it once with a I<count>
-parameter than it is to run it multiple times to generate several
-values.
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved
- Thayer School of Engineering, Dartmouth College, Hanover, NH USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/redux.txt b/security/nss/lib/freebl/mpi/doc/redux.txt
deleted file mode 100644
index f6f8b6ad4..000000000
--- a/security/nss/lib/freebl/mpi/doc/redux.txt
+++ /dev/null
@@ -1,118 +0,0 @@
-Modular Reduction
-
-Usually, modular reduction is accomplished by long division, using the
-mp_div() or mp_mod() functions. However, when performing modular
-exponentiation, you spend a lot of time reducing by the same modulus
-again and again. For this purpose, doing a full division for each
-multiplication is quite inefficient.
-
-For this reason, the mp_exptmod() function does not perform modular
-reductions in the usual way, but instead takes advantage of an
-algorithm due to Barrett, as described by Menezes, Oorschot and
-VanStone in their book _Handbook of Applied Cryptography_, published
-by the CRC Press (see Chapter 14 for details). This method reduces
-most of the computation of reduction to efficient shifting and masking
-operations, and avoids the multiple-precision division entirely.
-
-Here is a brief synopsis of Barrett reduction, as it is implemented in
-this library.
-
-Let b denote the radix of the computation (one more than the maximum
-value that can be denoted by an mp_digit). Let m be the modulus, and
-let k be the number of significant digits of m. Let x be the value to
-be reduced modulo m. By the Division Theorem, there exist unique
-integers Q and R such that:
-
- x = Qm + R, 0 <= R < m
-
-Barrett reduction takes advantage of the fact that you can easily
-approximate Q to within two, given a value M such that:
-
- 2k
- b
- M = floor( ----- )
- m
-
-Computation of M requires a full-precision division step, so if you
-are only doing a single reduction by m, you gain no advantage.
-However, when multiple reductions by the same m are required, this
-division need only be done once, beforehand. Using this, we can use
-the following equation to compute Q', an approximation of Q:
-
- x
- floor( ------ ) M
- k-1
- b
-Q' = floor( ----------------- )
- k+1
- b
-
-The divisions by b^(k-1) and b^(k+1) and the floor() functions can be
-efficiently implemented with shifts and masks, leaving only a single
-multiplication to be performed to get this approximation. It can be
-shown that Q - 2 <= Q' <= Q, so in the worst case, we can get out with
-two additional subtractions to bring the value into line with the
-actual value of Q.
-
-Once we've got Q', we basically multiply that by m and subtract from
-x, yielding:
-
- x - Q'm = Qm + R - Q'm
-
-Since we know the constraint on Q', this is one of:
-
- R
- m + R
- 2m + R
-
-Since R < m by the Division Theorem, we can simply subtract off m
-until we get a value in the correct range, which will happen with no
-more than 2 subtractions:
-
- v = x - Q'm
-
- while(v >= m)
- v = v - m
- endwhile
-
-
-In random performance trials, modular exponentiation using this method
-of reduction gave around a 40% speedup over using the division for
-reduction.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/sqrt.txt b/security/nss/lib/freebl/mpi/doc/sqrt.txt
deleted file mode 100644
index e14157caa..000000000
--- a/security/nss/lib/freebl/mpi/doc/sqrt.txt
+++ /dev/null
@@ -1,82 +0,0 @@
-Square Root
-
-A simple iterative algorithm is used to compute the greatest integer
-less than or equal to the square root. Essentially, this is Newton's
-linear approximation, computed by finding successive values of the
-equation:
-
- x[k]^2 - V
-x[k+1] = x[k] - ------------
- 2 x[k]
-
-...where V is the value for which the square root is being sought. In
-essence, what is happening here is that we guess a value for the
-square root, then figure out how far off we were by squaring our guess
-and subtracting the target. Using this value, we compute a linear
-approximation for the error, and adjust the "guess". We keep doing
-this until the precision gets low enough that the above equation
-yields a quotient of zero. At this point, our last guess is one
-greater than the square root we're seeking.
-
-The initial guess is computed by dividing V by 4, which is a heuristic
-I have found to be fairly good on average. This also has the
-advantage of being very easy to compute efficiently, even for large
-values.
-
-So, the resulting algorithm works as follows:
-
- x = V / 4 /* compute initial guess */
-
- loop
- t = (x * x) - V /* Compute absolute error */
- u = 2 * x /* Adjust by tangent slope */
- t = t / u
-
- /* Loop is done if error is zero */
- if(t == 0)
- break
-
- /* Adjust guess by error term */
- x = x - t
- end
-
- x = x - 1
-
-The result of the computation is the value of x.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/square.txt b/security/nss/lib/freebl/mpi/doc/square.txt
deleted file mode 100644
index e0d28798a..000000000
--- a/security/nss/lib/freebl/mpi/doc/square.txt
+++ /dev/null
@@ -1,104 +0,0 @@
-Squaring Algorithm
-
-When you are squaring a value, you can take advantage of the fact that
-half the multiplications performed by the more general multiplication
-algorithm (see 'mul.txt' for a description) are redundant when the
-multiplicand equals the multiplier.
-
-In particular, the modified algorithm is:
-
-k = 0
-for j <- 0 to (#a - 1)
- w = c[2*j] + (a[j] ^ 2);
- k = w div R
-
- for i <- j+1 to (#a - 1)
- w = (2 * a[j] * a[i]) + k + c[i+j]
- c[i+j] = w mod R
- k = w div R
- endfor
- c[i+j] = k;
- k = 0;
-endfor
-
-On the surface, this looks identical to the multiplication algorithm;
-however, note the following differences:
-
- - precomputation of the leading term in the outer loop
-
- - i runs from j+1 instead of from zero
-
- - doubling of a[i] * a[j] in the inner product
-
-Unfortunately, the construction of the inner product is such that we
-need more than two digits to represent the inner product, in some
-cases. In a C implementation, this means that some gymnastics must be
-performed in order to handle overflow, for which C has no direct
-abstraction. We do this by observing the following:
-
-If we have multiplied a[i] and a[j], and the product is more than half
-the maximum value expressible in two digits, then doubling this result
-will overflow into a third digit. If this occurs, we take note of the
-overflow, and double it anyway -- C integer arithmetic ignores
-overflow, so the two digits we get back should still be valid, modulo
-the overflow.
-
-Having doubled this value, we now have to add in the remainders and
-the digits already computed by earlier steps. If we did not overflow
-in the previous step, we might still cause an overflow here. That
-will happen whenever the maximum value expressible in two digits, less
-the amount we have to add, is greater than the result of the previous
-step. Thus, the overflow computation is:
-
-
- u = 0
- w = a[i] * a[j]
-
- if(w > (R - 1)/ 2)
- u = 1;
-
- w = w * 2
- v = c[i + j] + k
-
- if(u == 0 && (R - 1 - v) < w)
- u = 1
-
-If there is an overflow, u will be 1, otherwise u will be 0. The rest
-of the parameters are the same as they are in the above description.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/timing.txt b/security/nss/lib/freebl/mpi/doc/timing.txt
deleted file mode 100644
index c1701063a..000000000
--- a/security/nss/lib/freebl/mpi/doc/timing.txt
+++ /dev/null
@@ -1,245 +0,0 @@
-MPI Library Timing Tests
-
-Hardware/OS
-(A) SGI O2 1 x MIPS R10000 250MHz IRIX 6.5.3
-(B) IBM RS/6000 43P-240 1 x PowerPC 603e 223MHz AIX 4.3
-(C) Dell GX1/L+ 1 x Pentium III 550MHz Linux 2.2.12-20
-(D) PowerBook G3 1 x PowerPC 750 266MHz LinuxPPC 2.2.6-15apmac
-(E) PowerBook G3 1 x PowerPC 750 266MHz MacOS 8.5.1
-(F) PowerBook G3 1 x PowerPC 750 400MHz MacOS 9.0.2
-
-Compiler
-(1) MIPSpro C 7.2.1 -O3 optimizations
-(2) GCC 2.95.1 -O3 optimizations
-(3) IBM AIX xlc -O3 optimizations (version unknown)
-(4) EGCS 2.91.66 -O3 optimizations
-(5) Metrowerks CodeWarrior 5.0 C, all optimizations
-(6) MIPSpro C 7.30 -O3 optimizations
-(7) same as (6), with optimized libmalloc.so
-
-Timings are given in seconds, computed using the C library's clock()
-function. The first column gives the hardware and compiler
-configuration used for the test. The second column indicates the
-number of tests that were aggregated to get the statistics for that
-size. These were compiled using 16 bit digits.
-
-Source data were generated randomly using a fixed seed, so they should
-be internally consistent, but may vary on different systems depending
-on the C library. Also, since the resolution of the timer accessed by
-clock() varies, there may be some variance in the precision of these
-measurements.
-
-Prime Generation (primegen)
-
-128 bits:
-A1 200 min=0.03, avg=0.19, max=0.72, sum=38.46
-A2 200 min=0.02, avg=0.16, max=0.62, sum=32.55
-B3 200 min=0.01, avg=0.07, max=0.22, sum=13.29
-C4 200 min=0.00, avg=0.03, max=0.20, sum=6.14
-D4 200 min=0.00, avg=0.05, max=0.33, sum=9.70
-A6 200 min=0.01, avg=0.09, max=0.36, sum=17.48
-A7 200 min=0.00, avg=0.05, max=0.24, sum=10.07
-
-192 bits:
-A1 200 min=0.05, avg=0.45, max=3.13, sum=89.96
-A2 200 min=0.04, avg=0.39, max=2.61, sum=77.55
-B3 200 min=0.02, avg=0.18, max=1.25, sum=36.97
-C4 200 min=0.01, avg=0.09, max=0.33, sum=18.24
-D4 200 min=0.02, avg=0.15, max=0.54, sum=29.63
-A6 200 min=0.02, avg=0.24, max=1.70, sum=47.84
-A7 200 min=0.01, avg=0.15, max=1.05, sum=30.88
-
-256 bits:
-A1 200 min=0.08, avg=0.92, max=6.13, sum=184.79
-A2 200 min=0.06, avg=0.76, max=5.03, sum=151.11
-B3 200 min=0.04, avg=0.41, max=2.68, sum=82.35
-C4 200 min=0.02, avg=0.19, max=0.69, sum=37.91
-D4 200 min=0.03, avg=0.31, max=1.15, sum=63.00
-A6 200 min=0.04, avg=0.48, max=3.13, sum=95.46
-A7 200 min=0.03, avg=0.37, max=2.36, sum=73.60
-
-320 bits:
-A1 200 min=0.11, avg=1.59, max=6.14, sum=318.81
-A2 200 min=0.09, avg=1.27, max=4.93, sum=254.03
-B3 200 min=0.07, avg=0.82, max=3.13, sum=163.80
-C4 200 min=0.04, avg=0.44, max=1.91, sum=87.59
-D4 200 min=0.06, avg=0.73, max=3.22, sum=146.73
-A6 200 min=0.07, avg=0.93, max=3.50, sum=185.01
-A7 200 min=0.05, avg=0.76, max=2.94, sum=151.78
-
-384 bits:
-A1 200 min=0.16, avg=2.69, max=11.41, sum=537.89
-A2 200 min=0.13, avg=2.15, max=9.03, sum=429.14
-B3 200 min=0.11, avg=1.54, max=6.49, sum=307.78
-C4 200 min=0.06, avg=0.81, max=4.84, sum=161.13
-D4 200 min=0.10, avg=1.38, max=8.31, sum=276.81
-A6 200 min=0.11, avg=1.73, max=7.36, sum=345.55
-A7 200 min=0.09, avg=1.46, max=6.12, sum=292.02
-
-448 bits:
-A1 200 min=0.23, avg=3.36, max=15.92, sum=672.63
-A2 200 min=0.17, avg=2.61, max=12.25, sum=522.86
-B3 200 min=0.16, avg=2.10, max=9.83, sum=420.86
-C4 200 min=0.09, avg=1.44, max=7.64, sum=288.36
-D4 200 min=0.16, avg=2.50, max=13.29, sum=500.17
-A6 200 min=0.15, avg=2.31, max=10.81, sum=461.58
-A7 200 min=0.14, avg=2.03, max=9.53, sum=405.16
-
-512 bits:
-A1 200 min=0.30, avg=6.12, max=22.18, sum=1223.35
-A2 200 min=0.25, avg=4.67, max=16.90, sum=933.18
-B3 200 min=0.23, avg=4.13, max=14.94, sum=825.45
-C4 200 min=0.13, avg=2.08, max=9.75, sum=415.22
-D4 200 min=0.24, avg=4.04, max=20.18, sum=808.11
-A6 200 min=0.22, avg=4.47, max=16.19, sum=893.83
-A7 200 min=0.20, avg=4.03, max=14.65, sum=806.02
-
-Modular Exponentation (metime)
-
-The following results are aggregated from 200 pseudo-randomly
-generated tests, based on a fixed seed.
-
- base, exponent, and modulus size (bits)
-P/C 128 192 256 320 384 448 512 640 768 896 1024
-------- -----------------------------------------------------------------
-A1 0.015 0.027 0.047 0.069 0.098 0.133 0.176 0.294 0.458 0.680 1.040
-A2 0.013 0.024 0.037 0.053 0.077 0.102 0.133 0.214 0.326 0.476 0.668
-B3 0.005 0.011 0.021 0.036 0.056 0.084 0.121 0.222 0.370 0.573 0.840
-C4 0.002 0.006 0.011 0.020 0.032 0.048 0.069 0.129 0.223 0.344 0.507
-D4 0.004 0.010 0.019 0.034 0.056 0.085 0.123 0.232 0.390 0.609 0.899
-E5 0.007 0.015 0.031 0.055 0.088 0.133 0.183 0.342 0.574 0.893 1.317
-A6 0.008 0.016 0.038 0.042 0.064 0.093 0.133 0.239 0.393 0.604 0.880
-A7 0.005 0.011 0.020 0.036 0.056 0.083 0.121 0.223 0.374 0.583 0.855
-
-Multiplication and Squaring tests, (mulsqr)
-
-The following results are aggregated from 500000 pseudo-randomly
-generated tests, based on a per-run wall-clock seed. Times are given
-in seconds, except where indicated in microseconds (us).
-
-(A1)
-
-bits multiply square ad percent time/mult time/square
-64 9.33 9.15 > 1.9 18.7us 18.3us
-128 10.88 10.44 > 4.0 21.8us 20.9us
-192 13.30 11.89 > 10.6 26.7us 23.8us
-256 14.88 12.64 > 15.1 29.8us 25.3us
-320 18.64 15.01 > 19.5 37.3us 30.0us
-384 23.11 17.70 > 23.4 46.2us 35.4us
-448 28.28 20.88 > 26.2 56.6us 41.8us
-512 34.09 24.51 > 28.1 68.2us 49.0us
-640 47.86 33.25 > 30.5 95.7us 66.5us
-768 64.91 43.54 > 32.9 129.8us 87.1us
-896 84.49 55.48 > 34.3 169.0us 111.0us
-1024 107.25 69.21 > 35.5 214.5us 138.4us
-1536 227.97 141.91 > 37.8 456.0us 283.8us
-2048 394.05 242.15 > 38.5 788.1us 484.3us
-
-(A2)
-
-bits multiply square ad percent time/mult time/square
-64 7.87 7.95 < 1.0 15.7us 15.9us
-128 9.40 9.19 > 2.2 18.8us 18.4us
-192 11.15 10.59 > 5.0 22.3us 21.2us
-256 12.02 11.16 > 7.2 24.0us 22.3us
-320 14.62 13.43 > 8.1 29.2us 26.9us
-384 17.72 15.80 > 10.8 35.4us 31.6us
-448 21.24 18.51 > 12.9 42.5us 37.0us
-512 25.36 21.78 > 14.1 50.7us 43.6us
-640 34.57 29.00 > 16.1 69.1us 58.0us
-768 46.10 37.60 > 18.4 92.2us 75.2us
-896 58.94 47.72 > 19.0 117.9us 95.4us
-1024 73.76 59.12 > 19.8 147.5us 118.2us
-1536 152.00 118.80 > 21.8 304.0us 237.6us
-2048 259.41 199.57 > 23.1 518.8us 399.1us
-
-(B3)
-
-bits multiply square ad percent time/mult time/square
-64 2.60 2.47 > 5.0 5.20us 4.94us
-128 4.43 4.06 > 8.4 8.86us 8.12us
-192 7.03 6.10 > 13.2 14.1us 12.2us
-256 10.44 8.59 > 17.7 20.9us 17.2us
-320 14.44 11.64 > 19.4 28.9us 23.3us
-384 19.12 15.08 > 21.1 38.2us 30.2us
-448 24.55 19.09 > 22.2 49.1us 38.2us
-512 31.03 23.53 > 24.2 62.1us 47.1us
-640 45.05 33.80 > 25.0 90.1us 67.6us
-768 63.02 46.05 > 26.9 126.0us 92.1us
-896 83.74 60.29 > 28.0 167.5us 120.6us
-1024 106.73 76.65 > 28.2 213.5us 153.3us
-1536 228.94 160.98 > 29.7 457.9us 322.0us
-2048 398.08 275.93 > 30.7 796.2us 551.9us
-
-(C4)
-
-bits multiply square ad percent time/mult time/square
-64 1.34 1.28 > 4.5 2.68us 2.56us
-128 2.76 2.59 > 6.2 5.52us 5.18us
-192 4.52 4.16 > 8.0 9.04us 8.32us
-256 6.64 5.99 > 9.8 13.3us 12.0us
-320 9.20 8.13 > 11.6 18.4us 16.3us
-384 12.01 10.58 > 11.9 24.0us 21.2us
-448 15.24 13.33 > 12.5 30.5us 26.7us
-512 19.02 16.46 > 13.5 38.0us 32.9us
-640 27.56 23.54 > 14.6 55.1us 47.1us
-768 37.89 31.78 > 16.1 75.8us 63.6us
-896 49.24 41.42 > 15.9 98.5us 82.8us
-1024 62.59 52.18 > 16.6 125.2us 104.3us
-1536 131.66 107.72 > 18.2 263.3us 215.4us
-2048 226.45 182.95 > 19.2 453.0us 365.9us
-
-(A7)
-
-bits multiply square ad percent time/mult time/square
-64 1.74 1.71 > 1.7 3.48us 3.42us
-128 3.48 2.96 > 14.9 6.96us 5.92us
-192 5.74 4.60 > 19.9 11.5us 9.20us
-256 8.75 6.61 > 24.5 17.5us 13.2us
-320 12.5 8.99 > 28.1 25.0us 18.0us
-384 16.9 11.9 > 29.6 33.8us 23.8us
-448 22.2 15.2 > 31.7 44.4us 30.4us
-512 28.3 19.0 > 32.7 56.6us 38.0us
-640 42.4 28.0 > 34.0 84.8us 56.0us
-768 59.4 38.5 > 35.2 118.8us 77.0us
-896 79.5 51.2 > 35.6 159.0us 102.4us
-1024 102.6 65.5 > 36.2 205.2us 131.0us
-1536 224.3 140.6 > 37.3 448.6us 281.2us
-2048 393.4 244.3 > 37.9 786.8us 488.6us
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/hpma512.s b/security/nss/lib/freebl/mpi/hpma512.s
deleted file mode 100644
index f8241ac3e..000000000
--- a/security/nss/lib/freebl/mpi/hpma512.s
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is multacc512 multiple-precision integer arithmetic.
- *
- * The Initial Developer of the Original Code is Hewlett-Packard Company.
- * Portions created by Hewlett-Packard Company are
- * Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved.
- *
- * Contributor(s):
- * coded by: Bill Worley, Hewlett-Packard labs
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * This PA-RISC 2.0 function computes the product of two unsigned integers,
- * and adds the result to a previously computed integer. The multiplicand
- * is a 512-bit (64-byte, eight doubleword) unsigned integer, stored in
- * memory in little-double-wordian order. The multiplier is an unsigned
- * 64-bit integer. The previously computed integer to which the product is
- * added is located in the result ("res") area, and is assumed to be a
- * 576-bit (72-byte, nine doubleword) unsigned integer, stored in memory
- * in little-double-wordian order. This value normally will be the result
- * of a previously computed nine doubleword result. It is not necessary
- * to pad the multiplicand with an additional 64-bit zero doubleword.
- *
- * Multiplicand, multiplier, and addend ideally should be aligned at
- * 16-byte boundaries for best performance. The code will function
- * correctly for alignment at eight-byte boundaries which are not 16-byte
- * boundaries, but the execution may be slightly slower due to even/odd
- * bank conflicts on PA-RISC 8000 processors.
- *
- * This function is designed to accept the same calling sequence as Bill
- * Ackerman's "maxpy_little" function. The carry from the ninth doubleword
- * of the result is written to the tenth word of the result, as is done by
- * Bill Ackerman's function. The final carry also is returned as an
- * integer, which may be ignored. The function prototype may be either
- * of the following:
- *
- * void multacc512( int l, chunk* m, const chunk* a, chunk* res );
- * or
- * int multacc512( int l, chunk* m, const chunk* a, chunk* res );
- *
- * where: "l" originally denoted vector lengths. This parameter is
- * ignored. This function always assumes a multiplicand length of
- * 512 bits (eight doublewords), and addend and result lengths of
- * 576 bits (nine doublewords).
- *
- * "m" is a pointer to the doubleword multiplier, ideally aligned
- * on a 16-byte boundary.
- *
- * "a" is a pointer to the eight-doubleword multiplicand, stored
- * in little-double-wordian order, and ideally aligned on a 16-byte
- * boundary.
- *
- * "res" is a pointer to the nine doubleword addend, and to the
- * nine-doubleword product computed by this function. The result
- * also is stored in little-double-wordian order, and ideally is
- * aligned on a 16-byte boundary. It is expected that the alignment
- * of the "res" area may alternate between even/odd doubleword
- * boundaries for successive calls for 512-bit x 512-bit
- * multiplications.
- *
- * The code for this function has been scheduled to use the parallelism
- * of the PA-RISC 8000 series microprocessors as well as the author was
- * able. Comments and/or suggestions for improvement are welcomed.
- *
- * The code is "64-bit safe". This means it may be called in either
- * the 32ILP context or the 64LP context. All 64-bits of registers are
- * saved and restored.
- *
- * This code is self-contained. It requires no other header files in order
- * to compile and to be linkable on a PA-RISC 2.0 machine. Symbolic
- * definitions for registers and stack offsets are included within this
- * one source file.
- *
- * This is a leaf routine. As such, minimal use is made of the stack area.
- * Of the 192 bytes allocated, 64 bytes are used for saving/restoring eight
- * general registers, and 128 bytes are used to move intermediate products
- * from the floating-point registers to the general registers. Stack
- * protocols assure proper alignment of these areas.
- *
- */
-
-
-/* ====================================================================*/
-/* symbolic definitions for PA-RISC registers */
-/* in the MIPS style, avoids lots of case shifts */
-/* assigments (except t4) preserve register number parity */
-/* ====================================================================*/
-
-#define zero %r0 /* permanent zero */
-#define t5 %r1 /* temp register, altered by addil */
-
-#define rp %r2 /* return pointer */
-
-#define s1 %r3 /* callee saves register*/
-#define s0 %r4 /* callee saves register*/
-#define s3 %r5 /* callee saves register*/
-#define s2 %r6 /* callee saves register*/
-#define s5 %r7 /* callee saves register*/
-#define s4 %r8 /* callee saves register*/
-#define s7 %r9 /* callee saves register*/
-#define s6 %r10 /* callee saves register*/
-
-#define t1 %r19 /* caller saves register*/
-#define t0 %r20 /* caller saves register*/
-#define t3 %r21 /* caller saves register*/
-#define t2 %r22 /* caller saves register*/
-
-#define a3 %r23 /* fourth argument register, high word */
-#define a2 %r24 /* third argument register, low word*/
-#define a1 %r25 /* second argument register, high word*/
-#define a0 %r26 /* first argument register, low word*/
-
-#define v0 %r28 /* high order return value*/
-#define v1 %r29 /* low order return value*/
-
-#define sp %r30 /* stack pointer*/
-#define t4 %r31 /* temporary register */
-
-#define fa0 %fr4 /* first argument register*/
-#define fa1 %fr5 /* second argument register*/
-#define fa2 %fr6 /* third argument register*/
-#define fa3 %fr7 /* fourth argument register*/
-
-#define fa0r %fr4R /* first argument register*/
-#define fa1r %fr5R /* second argument register*/
-#define fa2r %fr6R /* third argument register*/
-#define fa3r %fr7R /* fourth argument register*/
-
-#define ft0 %fr8 /* caller saves register*/
-#define ft1 %fr9 /* caller saves register*/
-#define ft2 %fr10 /* caller saves register*/
-#define ft3 %fr11 /* caller saves register*/
-
-#define ft0r %fr8R /* caller saves register*/
-#define ft1r %fr9R /* caller saves register*/
-#define ft2r %fr10R /* caller saves register*/
-#define ft3r %fr11R /* caller saves register*/
-
-#define ft4 %fr22 /* caller saves register*/
-#define ft5 %fr23 /* caller saves register*/
-#define ft6 %fr24 /* caller saves register*/
-#define ft7 %fr25 /* caller saves register*/
-#define ft8 %fr26 /* caller saves register*/
-#define ft9 %fr27 /* caller saves register*/
-#define ft10 %fr28 /* caller saves register*/
-#define ft11 %fr29 /* caller saves register*/
-#define ft12 %fr30 /* caller saves register*/
-#define ft13 %fr31 /* caller saves register*/
-
-#define ft4r %fr22R /* caller saves register*/
-#define ft5r %fr23R /* caller saves register*/
-#define ft6r %fr24R /* caller saves register*/
-#define ft7r %fr25R /* caller saves register*/
-#define ft8r %fr26R /* caller saves register*/
-#define ft9r %fr27R /* caller saves register*/
-#define ft10r %fr28R /* caller saves register*/
-#define ft11r %fr29R /* caller saves register*/
-#define ft12r %fr30R /* caller saves register*/
-#define ft13r %fr31R /* caller saves register*/
-
-
-
-/* ================================================================== */
-/* functional definitions for PA-RISC registers */
-/* ================================================================== */
-
-/* general registers */
-
-#define T1 a0 /* temp, (length parameter ignored) */
-
-#define pM a1 /* -> 64-bit multiplier */
-#define T2 a1 /* temp, (after fetching multiplier) */
-
-#define pA a2 /* -> multiplicand vector (8 64-bit words) */
-#define T3 a2 /* temp, (after fetching multiplicand) */
-
-#define pR a3 /* -> addend vector (8 64-bit doublewords,
- result vector (9 64-bit words) */
-
-#define S0 s0 /* callee saves summand registers */
-#define S1 s1
-#define S2 s2
-#define S3 s3
-#define S4 s4
-#define S5 s5
-#define S6 s6
-#define S7 s7
-
-#define S8 v0 /* caller saves summand registers */
-#define S9 v1
-#define S10 t0
-#define S11 t1
-#define S12 t2
-#define S13 t3
-#define S14 t4
-#define S15 t5
-
-
-
-/* floating-point registers */
-
-#define M fa0 /* multiplier double word */
-#define MR fa0r /* low order half of multiplier double word */
-#define ML fa0 /* high order half of multiplier double word */
-
-#define A0 fa2 /* multiplicand double word 0 */
-#define A0R fa2r /* low order half of multiplicand double word */
-#define A0L fa2 /* high order half of multiplicand double word */
-
-#define A1 fa3 /* multiplicand double word 1 */
-#define A1R fa3r /* low order half of multiplicand double word */
-#define A1L fa3 /* high order half of multiplicand double word */
-
-#define A2 ft0 /* multiplicand double word 2 */
-#define A2R ft0r /* low order half of multiplicand double word */
-#define A2L ft0 /* high order half of multiplicand double word */
-
-#define A3 ft1 /* multiplicand double word 3 */
-#define A3R ft1r /* low order half of multiplicand double word */
-#define A3L ft1 /* high order half of multiplicand double word */
-
-#define A4 ft2 /* multiplicand double word 4 */
-#define A4R ft2r /* low order half of multiplicand double word */
-#define A4L ft2 /* high order half of multiplicand double word */
-
-#define A5 ft3 /* multiplicand double word 5 */
-#define A5R ft3r /* low order half of multiplicand double word */
-#define A5L ft3 /* high order half of multiplicand double word */
-
-#define A6 ft4 /* multiplicand double word 6 */
-#define A6R ft4r /* low order half of multiplicand double word */
-#define A6L ft4 /* high order half of multiplicand double word */
-
-#define A7 ft5 /* multiplicand double word 7 */
-#define A7R ft5r /* low order half of multiplicand double word */
-#define A7L ft5 /* high order half of multiplicand double word */
-
-#define P0 ft6 /* product word 0 */
-#define P1 ft7 /* product word 0 */
-#define P2 ft8 /* product word 0 */
-#define P3 ft9 /* product word 0 */
-#define P4 ft10 /* product word 0 */
-#define P5 ft11 /* product word 0 */
-#define P6 ft12 /* product word 0 */
-#define P7 ft13 /* product word 0 */
-
-
-
-
-/* ====================================================================== */
-/* symbolic definitions for HP-UX stack offsets */
-/* symbolic definitions for memory NOPs */
-/* ====================================================================== */
-
-#define ST_SZ 192 /* stack area total size */
-
-#define SV0 -192(sp) /* general register save area */
-#define SV1 -184(sp)
-#define SV2 -176(sp)
-#define SV3 -168(sp)
-#define SV4 -160(sp)
-#define SV5 -152(sp)
-#define SV6 -144(sp)
-#define SV7 -136(sp)
-
-#define XF0 -128(sp) /* data transfer area */
-#define XF1 -120(sp) /* for floating-pt to integer regs */
-#define XF2 -112(sp)
-#define XF3 -104(sp)
-#define XF4 -96(sp)
-#define XF5 -88(sp)
-#define XF6 -80(sp)
-#define XF7 -72(sp)
-#define XF8 -64(sp)
-#define XF9 -56(sp)
-#define XF10 -48(sp)
-#define XF11 -40(sp)
-#define XF12 -32(sp)
-#define XF13 -24(sp)
-#define XF14 -16(sp)
-#define XF15 -8(sp)
-
-#define mnop proberi (sp),3,zero /* memory NOP */
-
-
-
-
-/* ====================================================================== */
-/* assembler formalities */
-/* ====================================================================== */
-
-#ifdef __LP64__
- .level 2.0W
-#else
- .level 2.0
-#endif
- .space $TEXT$
- .subspa $CODE$
- .align 16
-
-/* ====================================================================== */
-/* here to compute 64-bit x 512-bit product + 512-bit addend */
-/* ====================================================================== */
-
-multacc512
- .PROC
- .CALLINFO
- .ENTER
- fldd 0(pM),M ; multiplier double word
- ldo ST_SZ(sp),sp ; push stack
-
- fldd 0(pA),A0 ; multiplicand double word 0
- std S1,SV1 ; save s1
-
- fldd 16(pA),A2 ; multiplicand double word 2
- std S3,SV3 ; save s3
-
- fldd 32(pA),A4 ; multiplicand double word 4
- std S5,SV5 ; save s5
-
- fldd 48(pA),A6 ; multiplicand double word 6
- std S7,SV7 ; save s7
-
-
- std S0,SV0 ; save s0
- fldd 8(pA),A1 ; multiplicand double word 1
- xmpyu MR,A0L,P0 ; A0 cross 32-bit word products
- xmpyu ML,A0R,P2
-
- std S2,SV2 ; save s2
- fldd 24(pA),A3 ; multiplicand double word 3
- xmpyu MR,A2L,P4 ; A2 cross 32-bit word products
- xmpyu ML,A2R,P6
-
- std S4,SV4 ; save s4
- fldd 40(pA),A5 ; multiplicand double word 5
-
- std S6,SV6 ; save s6
- fldd 56(pA),A7 ; multiplicand double word 7
-
-
- fstd P0,XF0 ; MR * A0L
- xmpyu MR,A0R,P0 ; A0 right 32-bit word product
- xmpyu MR,A1L,P1 ; A1 cross 32-bit word product
-
- fstd P2,XF2 ; ML * A0R
- xmpyu ML,A0L,P2 ; A0 left 32-bit word product
- xmpyu ML,A1R,P3 ; A1 cross 32-bit word product
-
- fstd P4,XF4 ; MR * A2L
- xmpyu MR,A2R,P4 ; A2 right 32-bit word product
- xmpyu MR,A3L,P5 ; A3 cross 32-bit word product
-
- fstd P6,XF6 ; ML * A2R
- xmpyu ML,A2L,P6 ; A2 parallel 32-bit word product
- xmpyu ML,A3R,P7 ; A3 cross 32-bit word product
-
-
- ldd XF0,S0 ; MR * A0L
- fstd P1,XF1 ; MR * A1L
-
- ldd XF2,S2 ; ML * A0R
- fstd P3,XF3 ; ML * A1R
-
- ldd XF4,S4 ; MR * A2L
- fstd P5,XF5 ; MR * A3L
- xmpyu MR,A1R,P1 ; A1 parallel 32-bit word products
- xmpyu ML,A1L,P3
-
- ldd XF6,S6 ; ML * A2R
- fstd P7,XF7 ; ML * A3R
- xmpyu MR,A3R,P5 ; A3 parallel 32-bit word products
- xmpyu ML,A3L,P7
-
-
- fstd P0,XF0 ; MR * A0R
- ldd XF1,S1 ; MR * A1L
- nop
- add S0,S2,T1 ; A0 cross product sum
-
- fstd P2,XF2 ; ML * A0L
- ldd XF3,S3 ; ML * A1R
- add,dc zero,zero,S0 ; A0 cross product sum carry
- depd,z T1,31,32,S2 ; A0 cross product sum << 32
-
- fstd P4,XF4 ; MR * A2R
- ldd XF5,S5 ; MR * A3L
- shrpd S0,T1,32,S0 ; A0 carry | cross product sum >> 32
- add S4,S6,T3 ; A2 cross product sum
-
- fstd P6,XF6 ; ML * A2L
- ldd XF7,S7 ; ML * A3R
- add,dc zero,zero,S4 ; A2 cross product sum carry
- depd,z T3,31,32,S6 ; A2 cross product sum << 32
-
-
- ldd XF0,S8 ; MR * A0R
- fstd P1,XF1 ; MR * A1R
- xmpyu MR,A4L,P0 ; A4 cross 32-bit word product
- xmpyu MR,A5L,P1 ; A5 cross 32-bit word product
-
- ldd XF2,S10 ; ML * A0L
- fstd P3,XF3 ; ML * A1L
- xmpyu ML,A4R,P2 ; A4 cross 32-bit word product
- xmpyu ML,A5R,P3 ; A5 cross 32-bit word product
-
- ldd XF4,S12 ; MR * A2R
- fstd P5,XF5 ; MR * A3L
- xmpyu MR,A6L,P4 ; A6 cross 32-bit word product
- xmpyu MR,A7L,P5 ; A7 cross 32-bit word product
-
- ldd XF6,S14 ; ML * A2L
- fstd P7,XF7 ; ML * A3L
- xmpyu ML,A6R,P6 ; A6 cross 32-bit word product
- xmpyu ML,A7R,P7 ; A7 cross 32-bit word product
-
-
- fstd P0,XF0 ; MR * A4L
- ldd XF1,S9 ; MR * A1R
- shrpd S4,T3,32,S4 ; A2 carry | cross product sum >> 32
- add S1,S3,T1 ; A1 cross product sum
-
- fstd P2,XF2 ; ML * A4R
- ldd XF3,S11 ; ML * A1L
- add,dc zero,zero,S1 ; A1 cross product sum carry
- depd,z T1,31,32,S3 ; A1 cross product sum << 32
-
- fstd P4,XF4 ; MR * A6L
- ldd XF5,S13 ; MR * A3R
- shrpd S1,T1,32,S1 ; A1 carry | cross product sum >> 32
- add S5,S7,T3 ; A3 cross product sum
-
- fstd P6,XF6 ; ML * A6R
- ldd XF7,S15 ; ML * A3L
- add,dc zero,zero,S5 ; A3 cross product sum carry
- depd,z T3,31,32,S7 ; A3 cross product sum << 32
-
-
- shrpd S5,T3,32,S5 ; A3 carry | cross product sum >> 32
- add S2,S8,S8 ; M * A0 right doubleword, P0 doubleword
-
- add,dc S0,S10,S10 ; M * A0 left doubleword
- add S3,S9,S9 ; M * A1 right doubleword
-
- add,dc S1,S11,S11 ; M * A1 left doubleword
- add S6,S12,S12 ; M * A2 right doubleword
-
-
- ldd 24(pR),S3 ; Addend word 3
- fstd P1,XF1 ; MR * A5L
- add,dc S4,S14,S14 ; M * A2 left doubleword
- xmpyu MR,A5R,P1 ; A5 right 32-bit word product
-
- ldd 8(pR),S1 ; Addend word 1
- fstd P3,XF3 ; ML * A5R
- add S7,S13,S13 ; M * A3 right doubleword
- xmpyu ML,A5L,P3 ; A5 left 32-bit word product
-
- ldd 0(pR),S7 ; Addend word 0
- fstd P5,XF5 ; MR * A7L
- add,dc S5,S15,S15 ; M * A3 left doubleword
- xmpyu MR,A7R,P5 ; A7 right 32-bit word product
-
- ldd 16(pR),S5 ; Addend word 2
- fstd P7,XF7 ; ML * A7R
- add S10,S9,S9 ; P1 doubleword
- xmpyu ML,A7L,P7 ; A7 left 32-bit word products
-
-
- ldd XF0,S0 ; MR * A4L
- fstd P1,XF9 ; MR * A5R
- add,dc S11,S12,S12 ; P2 doubleword
- xmpyu MR,A4R,P0 ; A4 right 32-bit word product
-
- ldd XF2,S2 ; ML * A4R
- fstd P3,XF11 ; ML * A5L
- add,dc S14,S13,S13 ; P3 doubleword
- xmpyu ML,A4L,P2 ; A4 left 32-bit word product
-
- ldd XF6,S6 ; ML * A6R
- fstd P5,XF13 ; MR * A7R
- add,dc zero,S15,T2 ; P4 partial doubleword
- xmpyu MR,A6R,P4 ; A6 right 32-bit word product
-
- ldd XF4,S4 ; MR * A6L
- fstd P7,XF15 ; ML * A7L
- add S7,S8,S8 ; R0 + P0, new R0 doubleword
- xmpyu ML,A6L,P6 ; A6 left 32-bit word product
-
-
- fstd P0,XF0 ; MR * A4R
- ldd XF7,S7 ; ML * A7R
- add,dc S1,S9,S9 ; c + R1 + P1, new R1 doubleword
-
- fstd P2,XF2 ; ML * A4L
- ldd XF1,S1 ; MR * A5L
- add,dc S5,S12,S12 ; c + R2 + P2, new R2 doubleword
-
- fstd P4,XF4 ; MR * A6R
- ldd XF5,S5 ; MR * A7L
- add,dc S3,S13,S13 ; c + R3 + P3, new R3 doubleword
-
- fstd P6,XF6 ; ML * A6L
- ldd XF3,S3 ; ML * A5R
- add,dc zero,T2,T2 ; c + partial P4
- add S0,S2,T1 ; A4 cross product sum
-
-
- std S8,0(pR) ; save R0
- add,dc zero,zero,S0 ; A4 cross product sum carry
- depd,z T1,31,32,S2 ; A4 cross product sum << 32
-
- std S9,8(pR) ; save R1
- shrpd S0,T1,32,S0 ; A4 carry | cross product sum >> 32
- add S4,S6,T3 ; A6 cross product sum
-
- std S12,16(pR) ; save R2
- add,dc zero,zero,S4 ; A6 cross product sum carry
- depd,z T3,31,32,S6 ; A6 cross product sum << 32
-
-
- std S13,24(pR) ; save R3
- shrpd S4,T3,32,S4 ; A6 carry | cross product sum >> 32
- add S1,S3,T1 ; A5 cross product sum
-
- ldd XF0,S8 ; MR * A4R
- add,dc zero,zero,S1 ; A5 cross product sum carry
- depd,z T1,31,32,S3 ; A5 cross product sum << 32
-
- ldd XF2,S10 ; ML * A4L
- ldd XF9,S9 ; MR * A5R
- shrpd S1,T1,32,S1 ; A5 carry | cross product sum >> 32
- add S5,S7,T3 ; A7 cross product sum
-
- ldd XF4,S12 ; MR * A6R
- ldd XF11,S11 ; ML * A5L
- add,dc zero,zero,S5 ; A7 cross product sum carry
- depd,z T3,31,32,S7 ; A7 cross product sum << 32
-
- ldd XF6,S14 ; ML * A6L
- ldd XF13,S13 ; MR * A7R
- shrpd S5,T3,32,S5 ; A7 carry | cross product sum >> 32
- add S2,S8,S8 ; M * A4 right doubleword
-
-
- ldd XF15,S15 ; ML * A7L
- add,dc S0,S10,S10 ; M * A4 left doubleword
- add S3,S9,S9 ; M * A5 right doubleword
-
- add,dc S1,S11,S11 ; M * A5 left doubleword
- add S6,S12,S12 ; M * A6 right doubleword
-
- ldd 32(pR),S0 ; Addend word 4
- ldd 40(pR),S1 ; Addend word 5
- add,dc S4,S14,S14 ; M * A6 left doubleword
- add S7,S13,S13 ; M * A7 right doubleword
-
- ldd 48(pR),S2 ; Addend word 6
- ldd 56(pR),S3 ; Addend word 7
- add,dc S5,S15,S15 ; M * A7 left doubleword
- add S8,T2,S8 ; P4 doubleword
-
- ldd 64(pR),S4 ; Addend word 8
- ldd SV5,s5 ; restore s5
- add,dc S10,S9,S9 ; P5 doubleword
- add,dc S11,S12,S12 ; P6 doubleword
-
-
- ldd SV6,s6 ; restore s6
- ldd SV7,s7 ; restore s7
- add,dc S14,S13,S13 ; P7 doubleword
- add,dc zero,S15,S15 ; P8 doubleword
-
- add S0,S8,S8 ; new R4 doubleword
-
- ldd SV0,s0 ; restore s0
- std S8,32(pR) ; save R4
- add,dc S1,S9,S9 ; new R5 doubleword
-
- ldd SV1,s1 ; restore s1
- std S9,40(pR) ; save R5
- add,dc S2,S12,S12 ; new R6 doubleword
-
- ldd SV2,s2 ; restore s2
- std S12,48(pR) ; save R6
- add,dc S3,S13,S13 ; new R7 doubleword
-
- ldd SV3,s3 ; restore s3
- std S13,56(pR) ; save R7
- add,dc S4,S15,S15 ; new R8 doubleword
-
- ldd SV4,s4 ; restore s4
- std S15,64(pR) ; save result[8]
- add,dc zero,zero,v0 ; return carry from R8
-
- CMPIB,*= 0,v0,$L0 ; if no overflow, exit
- LDO 8(pR),pR
-
-$FINAL1 ; Final carry propagation
- LDD 64(pR),v0
- LDO 8(pR),pR
- ADDI 1,v0,v0
- CMPIB,*= 0,v0,$FINAL1 ; Keep looping if there is a carry.
- STD v0,56(pR)
-$L0
- bv zero(rp) ; -> caller
- ldo -ST_SZ(sp),sp ; pop stack
-
-/* ====================================================================== */
-/* end of module */
-/* ====================================================================== */
-
- .LEAVE
-
- .PROCEND
- .SPACE $TEXT$
- .SUBSPA $CODE$
- .EXPORT multacc512,ENTRY
-
- .end
diff --git a/security/nss/lib/freebl/mpi/hppa20.s b/security/nss/lib/freebl/mpi/hppa20.s
deleted file mode 100644
index f7579b805..000000000
--- a/security/nss/lib/freebl/mpi/hppa20.s
+++ /dev/null
@@ -1,929 +0,0 @@
-; The contents of this file are subject to the Mozilla Public
-; License Version 1.1 (the "License"); you may not use this file
-; except in compliance with the License. You may obtain a copy of
-; the License at http://www.mozilla.org/MPL/
-;
-; Software distributed under the License is distributed on an "AS
-; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-; implied. See the License for the specific language governing
-; rights and limitations under the License.
-;
-; The Original Code is MAXPY multiple-precision integer arithmetic.
-;
-; The Initial Developer of the Original Code is the Hewlett-Packard Company.
-; Portions created by Hewlett-Packard Company are
-; Copyright (C) 1997 Hewlett-Packard Company. All Rights Reserved.
-;
-; Contributor(s):
-; coded by: William B. Ackerman
-;
-; Alternatively, the contents of this file may be used under the
-; terms of the GNU General Public License Version 2 or later (the
-; "GPL"), in which case the provisions of the GPL are applicable
-; instead of those above. If you wish to allow use of your
-; version of this file only under the terms of the GPL and not to
-; allow others to use your version of this file under the MPL,
-; indicate your decision by deleting the provisions above and
-; replace them with the notice and other provisions required by
-; the GPL. If you do not delete the provisions above, a recipient
-; may use your version of this file under either the MPL or the
-; GPL.
-
-#ifdef __LP64__
- .LEVEL 2.0W
-#else
-; .LEVEL 1.1
-; .ALLOW 2.0N
- .LEVEL 2.0N
-#endif
- .SPACE $TEXT$,SORT=8
- .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
-
-; ***************************************************************
-;
-; maxpy_[little/big]
-;
-; ***************************************************************
-
-; There is no default -- you must specify one or the other.
-#define LITTLE_WORDIAN 1
-
-#ifdef LITTLE_WORDIAN
-#define EIGHT 8
-#define SIXTEEN 16
-#define THIRTY_TWO 32
-#define UN_EIGHT -8
-#define UN_SIXTEEN -16
-#define UN_TWENTY_FOUR -24
-#endif
-
-#ifdef BIG_WORDIAN
-#define EIGHT -8
-#define SIXTEEN -16
-#define THIRTY_TWO -32
-#define UN_EIGHT 8
-#define UN_SIXTEEN 16
-#define UN_TWENTY_FOUR 24
-#endif
-
-; This performs a multiple-precision integer version of "daxpy",
-; Using the selected addressing direction. "Little-wordian" means that
-; the least significant word of a number is stored at the lowest address.
-; "Big-wordian" means that the most significant word is at the lowest
-; address. Either way, the incoming address of the vector is that
-; of the least significant word. That means that, for little-wordian
-; addressing, we move the address upward as we propagate carries
-; from the least significant word to the most significant. For
-; big-wordian we move the address downward.
-
-; We use the following registers:
-;
-; r2 return PC, of course
-; r26 = arg1 = length
-; r25 = arg2 = address of scalar
-; r24 = arg3 = multiplicand vector
-; r23 = arg4 = result vector
-;
-; fr9 = scalar loaded once only from r25
-
-; The cycle counts shown in the bodies below are simply the result of a
-; scheduling by hand. The actual PCX-U hardware does it differently.
-; The intention is that the overall speed is the same.
-
-; The pipeline startup and shutdown code is constructed in the usual way,
-; by taking the loop bodies and removing unnecessary instructions.
-; We have left the comments describing cycle numbers in the code.
-; These are intended for reference when comparing with the main loop,
-; and have no particular relationship to actual cycle numbers.
-
-#ifdef LITTLE_WORDIAN
-maxpy_little
-#else
-maxpy_big
-#endif
- .PROC
- .CALLINFO FRAME=120,ENTRY_GR=%r4
- .ENTER
-
-; Of course, real men don't use the sissy "enter" and "leave" commands.
-; They write their own stack manipulation stuff. Unfortunately,
-; that doesn't generate complete unwind info, whereas "enter" and
-; "leave" (if the documentation is to be believed) do so. Therefore,
-; we use the sissy commands. We have verified (by real-man methods)
-; that the above command generates what we want:
-; STW,MA %r3,128(%sp)
-; STW %r4,-124(%sp)
-
- ADDIB,< -1,%r26,$L0 ; If N = 0, exit immediately.
- FLDD 0(%r25),%fr9 ; fr9 = scalar
-
-; First startup
-
- FLDD 0(%r24),%fr24 ; Cycle 1
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- CMPIB,> 3,%r26,$N_IS_SMALL ; Pick out cases N = 1, 2, or 3
- XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
- FLDD EIGHT(%r24),%fr28 ; Cycle 8
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- FSTD %fr24,-96(%sp)
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- FSTD %fr25,-80(%sp)
- LDO SIXTEEN(%r24),%r24 ; Cycle 12
- FSTD %fr31,-64(%sp)
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- FSTD %fr27,-48(%sp)
-
-; Second startup
-
- XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- FSTD %fr30,-56(%sp)
- FLDD 0(%r24),%fr24
-
- FSTD %fr26,-88(%sp) ; Cycle 2
-
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- FSTD %fr28,-104(%sp)
-
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- LDD -96(%sp),%r3
- FSTD %fr29,-72(%sp)
-
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
- LDD -56(%sp),%r20
- ADD %r21,%r3,%r3
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- LDD -88(%sp),%r4
- SHRPD %r3,%r0,32,%r21
- LDD -48(%sp),%r1
-
- FLDD EIGHT(%r24),%fr28 ; Cycle 8
- LDD -104(%sp),%r31
- ADD,DC %r0,%r0,%r20
- SHRPD %r19,%r3,32,%r3
-
- LDD -72(%sp),%r29 ; Cycle 9
- SHRPD %r20,%r19,32,%r20
- ADD %r21,%r1,%r1
-
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- ADD,DC %r3,%r4,%r4
- FSTD %fr24,-96(%sp)
-
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- ADD,DC %r0,%r20,%r20
- LDD 0(%r23),%r3
- FSTD %fr25,-80(%sp)
-
- LDO SIXTEEN(%r24),%r24 ; Cycle 12
- FSTD %fr31,-64(%sp)
-
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- ADD %r0,%r0,%r0 ; clear the carry bit
- ADDIB,<= -4,%r26,$ENDLOOP ; actually happens in cycle 12
- FSTD %fr27,-48(%sp)
-; MFCTL %cr16,%r21 ; for timing
-; STD %r21,-112(%sp)
-
-; Here is the loop.
-
-$LOOP XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- ADD,DC %r29,%r4,%r4
- FSTD %fr30,-56(%sp)
- FLDD 0(%r24),%fr24
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- ADD %r3,%r1,%r1
- FSTD %fr28,-104(%sp)
- LDD UN_EIGHT(%r23),%r21
-
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- ADD,DC %r21,%r4,%r28
- FSTD %fr29,-72(%sp)
- LDD -96(%sp),%r3
-
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- ADD,DC %r20,%r31,%r22
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
- ADD %r21,%r3,%r3
- LDD -56(%sp),%r20
- STD %r1,UN_SIXTEEN(%r23)
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- SHRPD %r3,%r0,32,%r21
- LDD -88(%sp),%r4
- LDD -48(%sp),%r1
-
- ADD,DC %r0,%r0,%r20 ; Cycle 8
- SHRPD %r19,%r3,32,%r3
- FLDD EIGHT(%r24),%fr28
- LDD -104(%sp),%r31
-
- SHRPD %r20,%r19,32,%r20 ; Cycle 9
- ADD %r21,%r1,%r1
- STD %r28,UN_EIGHT(%r23)
- LDD -72(%sp),%r29
-
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- ADD,DC %r3,%r4,%r4
- FSTD %fr24,-96(%sp)
-
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- ADD,DC %r0,%r20,%r20
- FSTD %fr25,-80(%sp)
- LDD 0(%r23),%r3
-
- LDO SIXTEEN(%r24),%r24 ; Cycle 12
- FSTD %fr31,-64(%sp)
-
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- ADD %r22,%r1,%r1
- ADDIB,> -2,%r26,$LOOP ; actually happens in cycle 12
- FSTD %fr27,-48(%sp)
-
-$ENDLOOP
-
-; Shutdown code, first stage.
-
-; MFCTL %cr16,%r21 ; for timing
-; STD %r21,UN_SIXTEEN(%r23)
-; LDD -112(%sp),%r21
-; STD %r21,UN_EIGHT(%r23)
-
- XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- ADD,DC %r29,%r4,%r4
- CMPIB,= 0,%r26,$ONEMORE
- FSTD %fr30,-56(%sp)
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- ADD %r3,%r1,%r1 ; Cycle 3
- FSTD %fr28,-104(%sp)
- LDD UN_EIGHT(%r23),%r21
-
- ADD,DC %r21,%r4,%r28 ; Cycle 4
- FSTD %fr29,-72(%sp)
- STD %r28,UN_EIGHT(%r23) ; moved up from cycle 9
- LDD -96(%sp),%r3
-
- ADD,DC %r20,%r31,%r22 ; Cycle 5
- STD %r1,UN_SIXTEEN(%r23)
-$JOIN4
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- ADD %r21,%r3,%r3 ; Cycle 6
- LDD -56(%sp),%r20
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- SHRPD %r3,%r0,32,%r21
- LDD -88(%sp),%r4
- LDD -48(%sp),%r1
-
- ADD,DC %r0,%r0,%r20 ; Cycle 8
- SHRPD %r19,%r3,32,%r3
- LDD -104(%sp),%r31
-
- SHRPD %r20,%r19,32,%r20 ; Cycle 9
- ADD %r21,%r1,%r1
- LDD -72(%sp),%r29
-
- ADD,DC %r3,%r4,%r4 ; Cycle 10
-
- ADD,DC %r0,%r20,%r20 ; Cycle 11
- LDD 0(%r23),%r3
-
- ADD %r22,%r1,%r1 ; Cycle 13
-
-; Shutdown code, second stage.
-
- ADD,DC %r29,%r4,%r4 ; Cycle 1
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
-
- LDD UN_EIGHT(%r23),%r21 ; Cycle 3
- ADD %r3,%r1,%r1
-
- ADD,DC %r21,%r4,%r28 ; Cycle 4
-
- ADD,DC %r20,%r31,%r22 ; Cycle 5
-
- STD %r1,UN_SIXTEEN(%r23); Cycle 6
-
- STD %r28,UN_EIGHT(%r23) ; Cycle 9
-
- LDD 0(%r23),%r3 ; Cycle 11
-
-; Shutdown code, third stage.
-
- LDO SIXTEEN(%r23),%r23
- ADD %r3,%r22,%r1
-$JOIN1 ADD,DC %r0,%r0,%r21
- CMPIB,*= 0,%r21,$L0 ; if no overflow, exit
- STD %r1,UN_SIXTEEN(%r23)
-
-; Final carry propagation
-
-$FINAL1 LDO EIGHT(%r23),%r23
- LDD UN_SIXTEEN(%r23),%r21
- ADDI 1,%r21,%r21
- CMPIB,*= 0,%r21,$FINAL1 ; Keep looping if there is a carry.
- STD %r21,UN_SIXTEEN(%r23)
- B $L0
- NOP
-
-; Here is the code that handles the difficult cases N=1, N=2, and N=3.
-; We do the usual trick -- branch out of the startup code at appropriate
-; points, and branch into the shutdown code.
-
-$N_IS_SMALL
- CMPIB,= 0,%r26,$N_IS_ONE
- FSTD %fr24,-96(%sp) ; Cycle 10
- FLDD EIGHT(%r24),%fr28 ; Cycle 8
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- FSTD %fr25,-80(%sp)
- FSTD %fr31,-64(%sp) ; Cycle 12
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- FSTD %fr27,-48(%sp)
- XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- CMPIB,= 2,%r26,$N_IS_THREE
- FSTD %fr30,-56(%sp)
-
-; N = 2
- FSTD %fr26,-88(%sp) ; Cycle 2
- FSTD %fr28,-104(%sp) ; Cycle 3
- LDD -96(%sp),%r3 ; Cycle 4
- FSTD %fr29,-72(%sp)
- B $JOIN4
- ADD %r0,%r0,%r22
-
-$N_IS_THREE
- FLDD SIXTEEN(%r24),%fr24
- FSTD %fr26,-88(%sp) ; Cycle 2
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- FSTD %fr28,-104(%sp)
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- LDD -96(%sp),%r3
- FSTD %fr29,-72(%sp)
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
- B $JOIN3
- ADD %r0,%r0,%r22
-
-$N_IS_ONE
- FSTD %fr25,-80(%sp)
- FSTD %fr27,-48(%sp)
- FSTD %fr26,-88(%sp) ; Cycle 2
- B $JOIN5
- ADD %r0,%r0,%r22
-
-; We came out of the unrolled loop with wrong parity. Do one more
-; single cycle. This is quite tricky, because of the way the
-; carry chains and SHRPD chains have been chopped up.
-
-$ONEMORE
-
- FLDD 0(%r24),%fr24
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- FSTD %fr28,-104(%sp)
- LDD UN_EIGHT(%r23),%r21
- ADD %r3,%r1,%r1
-
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- ADD,DC %r21,%r4,%r28
- STD %r28,UN_EIGHT(%r23) ; moved from cycle 9
- LDD -96(%sp),%r3
- FSTD %fr29,-72(%sp)
-
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- ADD,DC %r20,%r31,%r22
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- STD %r1,UN_SIXTEEN(%r23); Cycle 6
-$JOIN3
- XMPYU %fr9L,%fr24R,%fr24
- LDD -56(%sp),%r20
- ADD %r21,%r3,%r3
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- LDD -88(%sp),%r4
- SHRPD %r3,%r0,32,%r21
- LDD -48(%sp),%r1
-
- LDD -104(%sp),%r31 ; Cycle 8
- ADD,DC %r0,%r0,%r20
- SHRPD %r19,%r3,32,%r3
-
- LDD -72(%sp),%r29 ; Cycle 9
- SHRPD %r20,%r19,32,%r20
- ADD %r21,%r1,%r1
-
- ADD,DC %r3,%r4,%r4 ; Cycle 10
- FSTD %fr24,-96(%sp)
-
- ADD,DC %r0,%r20,%r20 ; Cycle 11
- LDD 0(%r23),%r3
- FSTD %fr25,-80(%sp)
-
- ADD %r22,%r1,%r1 ; Cycle 13
- FSTD %fr27,-48(%sp)
-
-; Shutdown code, stage 1-1/2.
-
- ADD,DC %r29,%r4,%r4 ; Cycle 1
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- LDD UN_EIGHT(%r23),%r21 ; Cycle 3
- ADD %r3,%r1,%r1
-
- ADD,DC %r21,%r4,%r28 ; Cycle 4
- STD %r28,UN_EIGHT(%r23) ; moved from cycle 9
-
- ADD,DC %r20,%r31,%r22 ; Cycle 5
- STD %r1,UN_SIXTEEN(%r23)
-$JOIN5
- LDD -96(%sp),%r3 ; moved from cycle 4
- LDD -80(%sp),%r21
- ADD %r21,%r3,%r3 ; Cycle 6
- ADD,DC %r0,%r0,%r19 ; Cycle 7
- LDD -88(%sp),%r4
- SHRPD %r3,%r0,32,%r21
- LDD -48(%sp),%r1
- SHRPD %r19,%r3,32,%r3 ; Cycle 8
- ADD %r21,%r1,%r1 ; Cycle 9
- ADD,DC %r3,%r4,%r4 ; Cycle 10
- LDD 0(%r23),%r3 ; Cycle 11
- ADD %r22,%r1,%r1 ; Cycle 13
-
-; Shutdown code, stage 2-1/2.
-
- ADD,DC %r0,%r4,%r4 ; Cycle 1
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- LDD UN_EIGHT(%r23),%r21 ; Cycle 3
- ADD %r3,%r1,%r1
- STD %r1,UN_SIXTEEN(%r23)
- ADD,DC %r21,%r4,%r1
- B $JOIN1
- LDO EIGHT(%r23),%r23
-
-; exit
-
-$L0
- .LEAVE
-
-; We have verified that the above command generates what we want:
-; LDW -124(%sp),%r4
-; BVE (%r2)
-; LDW,MB -128(%sp),%r3
-
- .PROCEND
-
-; ***************************************************************
-;
-; add_diag_[little/big]
-;
-; ***************************************************************
-
-; The arguments are as follows:
-; r2 return PC, of course
-; r26 = arg1 = length
-; r25 = arg2 = vector to square
-; r24 = arg3 = result vector
-
-#ifdef LITTLE_WORDIAN
-add_diag_little
-#else
-add_diag_big
-#endif
- .PROC
- .CALLINFO FRAME=120,ENTRY_GR=%r4
- .ENTER
-
- ADDIB,< -1,%r26,$Z0 ; If N=0, exit immediately.
- NOP
-
-; Startup code
-
- FLDD 0(%r25),%fr7 ; Cycle 2 (alternate body)
- XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4
- XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr30
- LDO SIXTEEN(%r25),%r25 ; Cycle 6
- FSTD %fr29,-88(%sp)
- FSTD %fr27,-72(%sp) ; Cycle 7
- CMPIB,= 0,%r26,$DIAG_N_IS_ONE ; Cycle 1 (main body)
- FSTD %fr30,-96(%sp)
- FLDD UN_EIGHT(%r25),%fr7 ; Cycle 2
- LDD -88(%sp),%r22 ; Cycle 3
- LDD -72(%sp),%r31 ; Cycle 4
- XMPYU %fr7R,%fr7R,%fr28
- XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr31
- LDD -96(%sp),%r20 ; Cycle 6
- FSTD %fr28,-80(%sp)
- ADD %r0,%r0,%r0 ; clear the carry bit
- ADDIB,<= -2,%r26,$ENDDIAGLOOP ; Cycle 7
- FSTD %fr24,-64(%sp)
-
-; Here is the loop. It is unrolled twice, modelled after the "alternate body" and then the "main body".
-
-$DIAGLOOP
- SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body)
- LDO SIXTEEN(%r25),%r25
- LDD 0(%r24),%r1
- FSTD %fr31,-104(%sp)
- SHRPD %r0,%r31,31,%r4 ; Cycle 2
- ADD,DC %r22,%r3,%r3
- FLDD UN_SIXTEEN(%r25),%fr7
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- ADD %r1,%r3,%r3
- XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4
- LDD -80(%sp),%r21
- STD %r3,0(%r24)
- XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr30
- LDD -64(%sp),%r29
- LDD EIGHT(%r24),%r1
- ADD,DC %r4,%r20,%r20 ; Cycle 6
- LDD -104(%sp),%r19
- FSTD %fr29,-88(%sp)
- ADD %r20,%r1,%r1 ; Cycle 7
- FSTD %fr27,-72(%sp)
- SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
- LDO THIRTY_TWO(%r24),%r24
- LDD UN_SIXTEEN(%r24),%r28
- FSTD %fr30,-96(%sp)
- SHRPD %r0,%r29,31,%r3 ; Cycle 2
- ADD,DC %r21,%r4,%r4
- FLDD UN_EIGHT(%r25),%fr7
- STD %r1,UN_TWENTY_FOUR(%r24)
- ADD,DC %r0,%r19,%r19 ; Cycle 3
- ADD %r28,%r4,%r4
- XMPYU %fr7R,%fr7R,%fr28 ; Cycle 4
- LDD -88(%sp),%r22
- STD %r4,UN_SIXTEEN(%r24)
- XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr31
- LDD -72(%sp),%r31
- LDD UN_EIGHT(%r24),%r28
- ADD,DC %r3,%r19,%r19 ; Cycle 6
- LDD -96(%sp),%r20
- FSTD %fr28,-80(%sp)
- ADD %r19,%r28,%r28 ; Cycle 7
- FSTD %fr24,-64(%sp)
- ADDIB,> -2,%r26,$DIAGLOOP ; Cycle 8
- STD %r28,UN_EIGHT(%r24)
-
-$ENDDIAGLOOP
-
- ADD,DC %r0,%r22,%r22
- CMPIB,= 0,%r26,$ONEMOREDIAG
- SHRPD %r31,%r0,31,%r3
-
-; Shutdown code, first stage.
-
- FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body)
- LDD 0(%r24),%r28
- SHRPD %r0,%r31,31,%r4 ; Cycle 2
- ADD %r3,%r22,%r3
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- LDD -80(%sp),%r21
- ADD %r3,%r28,%r3
- LDD -64(%sp),%r29 ; Cycle 4
- STD %r3,0(%r24)
- LDD EIGHT(%r24),%r1 ; Cycle 5
- LDO SIXTEEN(%r25),%r25 ; Cycle 6
- LDD -104(%sp),%r19
- ADD,DC %r4,%r20,%r20
- ADD %r20,%r1,%r1 ; Cycle 7
- ADD,DC %r0,%r21,%r21 ; Cycle 8
- STD %r1,EIGHT(%r24)
-
-; Shutdown code, second stage.
-
- SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
- LDO THIRTY_TWO(%r24),%r24
- LDD UN_SIXTEEN(%r24),%r1
- SHRPD %r0,%r29,31,%r3 ; Cycle 2
- ADD %r4,%r21,%r4
- ADD,DC %r0,%r19,%r19 ; Cycle 3
- ADD %r4,%r1,%r4
- STD %r4,UN_SIXTEEN(%r24); Cycle 4
- LDD UN_EIGHT(%r24),%r28 ; Cycle 5
- ADD,DC %r3,%r19,%r19 ; Cycle 6
- ADD %r19,%r28,%r28 ; Cycle 7
- ADD,DC %r0,%r0,%r22 ; Cycle 8
- CMPIB,*= 0,%r22,$Z0 ; if no overflow, exit
- STD %r28,UN_EIGHT(%r24)
-
-; Final carry propagation
-
-$FDIAG2
- LDO EIGHT(%r24),%r24
- LDD UN_EIGHT(%r24),%r26
- ADDI 1,%r26,%r26
- CMPIB,*= 0,%r26,$FDIAG2 ; Keep looping if there is a carry.
- STD %r26,UN_EIGHT(%r24)
-
- B $Z0
- NOP
-
-; Here is the code that handles the difficult case N=1.
-; We do the usual trick -- branch out of the startup code at appropriate
-; points, and branch into the shutdown code.
-
-$DIAG_N_IS_ONE
-
- LDD -88(%sp),%r22
- LDD -72(%sp),%r31
- B $JOINDIAG
- LDD -96(%sp),%r20
-
-; We came out of the unrolled loop with wrong parity. Do one more
-; single cycle. This is the "alternate body". It will, of course,
-; give us opposite registers from the other case, so we need
-; completely different shutdown code.
-
-$ONEMOREDIAG
- FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body)
- LDD 0(%r24),%r28
- FLDD 0(%r25),%fr7 ; Cycle 2
- SHRPD %r0,%r31,31,%r4
- ADD %r3,%r22,%r3
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- LDD -80(%sp),%r21
- ADD %r3,%r28,%r3
- LDD -64(%sp),%r29 ; Cycle 4
- STD %r3,0(%r24)
- XMPYU %fr7R,%fr7R,%fr29
- LDD EIGHT(%r24),%r1 ; Cycle 5
- XMPYU %fr7L,%fr7R,%fr27
- XMPYU %fr7L,%fr7L,%fr30
- LDD -104(%sp),%r19 ; Cycle 6
- FSTD %fr29,-88(%sp)
- ADD,DC %r4,%r20,%r20
- FSTD %fr27,-72(%sp) ; Cycle 7
- ADD %r20,%r1,%r1
- ADD,DC %r0,%r21,%r21 ; Cycle 8
- STD %r1,EIGHT(%r24)
-
-; Shutdown code, first stage.
-
- SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
- LDO THIRTY_TWO(%r24),%r24
- FSTD %fr30,-96(%sp)
- LDD UN_SIXTEEN(%r24),%r1
- SHRPD %r0,%r29,31,%r3 ; Cycle 2
- ADD %r4,%r21,%r4
- ADD,DC %r0,%r19,%r19 ; Cycle 3
- LDD -88(%sp),%r22
- ADD %r4,%r1,%r4
- LDD -72(%sp),%r31 ; Cycle 4
- STD %r4,UN_SIXTEEN(%r24)
- LDD UN_EIGHT(%r24),%r28 ; Cycle 5
- LDD -96(%sp),%r20 ; Cycle 6
- ADD,DC %r3,%r19,%r19
- ADD %r19,%r28,%r28 ; Cycle 7
- ADD,DC %r0,%r22,%r22 ; Cycle 8
- STD %r28,UN_EIGHT(%r24)
-
-; Shutdown code, second stage.
-
-$JOINDIAG
- SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body)
- LDD 0(%r24),%r28
- SHRPD %r0,%r31,31,%r4 ; Cycle 2
- ADD %r3,%r22,%r3
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- ADD %r3,%r28,%r3
- STD %r3,0(%r24) ; Cycle 4
- LDD EIGHT(%r24),%r1 ; Cycle 5
- ADD,DC %r4,%r20,%r20
- ADD %r20,%r1,%r1 ; Cycle 7
- ADD,DC %r0,%r0,%r21 ; Cycle 8
- CMPIB,*= 0,%r21,$Z0 ; if no overflow, exit
- STD %r1,EIGHT(%r24)
-
-; Final carry propagation
-
-$FDIAG1
- LDO EIGHT(%r24),%r24
- LDD EIGHT(%r24),%r26
- ADDI 1,%r26,%r26
- CMPIB,*= 0,%r26,$FDIAG1 ; Keep looping if there is a carry.
- STD %r26,EIGHT(%r24)
-
-$Z0
- .LEAVE
- .PROCEND
-; .ALLOW
-
- .SPACE $TEXT$
- .SUBSPA $CODE$
-#ifdef LITTLE_WORDIAN
- .EXPORT maxpy_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
- .EXPORT add_diag_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
-#else
- .EXPORT maxpy_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
- .EXPORT add_diag_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
-#endif
- .END
-
-
-; How to use "maxpy_PA20_little" and "maxpy_PA20_big"
-;
-; The routine "maxpy_PA20_little" or "maxpy_PA20_big"
-; performs a 64-bit x any-size multiply, and adds the
-; result to an area of memory. That is, it performs
-; something like
-;
-; A B C D
-; * Z
-; __________
-; P Q R S T
-;
-; and then adds the "PQRST" vector into an area of memory,
-; handling all carries.
-;
-; Digression on nomenclature and endian-ness:
-;
-; Each of the capital letters in the above represents a 64-bit
-; quantity. That is, you could think of the discussion as
-; being in terms of radix-16-quintillion arithmetic. The data
-; type being manipulated is "unsigned long long int". This
-; requires the 64-bit extension of the HP-UX C compiler,
-; available at release 10. You need these compiler flags to
-; enable these extensions:
-;
-; -Aa +e +DA2.0 +DS2.0
-;
-; (The first specifies ANSI C, the second enables the
-; extensions, which are beyond ANSI C, and the third and
-; fourth tell the compiler to use whatever features of the
-; PA2.0 architecture it wishes, in order to made the code more
-; efficient. Since the presence of the assembly code will
-; make the program unable to run on anything less than PA2.0,
-; you might as well gain the performance enhancements in the C
-; code as well.)
-;
-; Questions of "endian-ness" often come up, usually in the
-; context of byte ordering in a word. These routines have a
-; similar issue, that could be called "wordian-ness".
-; Independent of byte ordering (PA is always big-endian), one
-; can make two choices when representing extremely large
-; numbers as arrays of 64-bit doublewords in memory.
-;
-; "Little-wordian" layout means that the least significant
-; word of a number is stored at the lowest address.
-;
-; MSW LSW
-; | |
-; V V
-;
-; A B C D E
-;
-; ^ ^ ^
-; | | |____ address 0
-; | |
-; | |_______address 8
-; |
-; address 32
-;
-; "Big-wordian" means that the most significant word is at the
-; lowest address.
-;
-; MSW LSW
-; | |
-; V V
-;
-; A B C D E
-;
-; ^ ^ ^
-; | | |____ address 32
-; | |
-; | |_______address 24
-; |
-; address 0
-;
-; When you compile the file, you must specify one or the other, with
-; a switch "-DLITTLE_WORDIAN" or "-DBIG_WORDIAN".
-;
-; Incidentally, you assemble this file as part of your
-; project with the same C compiler as the rest of the program.
-; My "makefile" for a superprecision arithmetic package has
-; the following stuff:
-;
-; # definitions:
-; CC = cc -Aa +e -z +DA2.0 +DS2.0 +w1
-; CFLAGS = +O3
-; LDFLAGS = -L /usr/lib -Wl,-aarchive
-;
-; # general build rule for ".s" files:
-; .s.o:
-; $(CC) $(CFLAGS) -c $< -DBIG_WORDIAN
-;
-; # Now any bind step that calls for pa20.o will assemble pa20.s
-;
-; End of digression, back to arithmetic:
-;
-; The way we multiply two huge numbers is, of course, to multiply
-; the "ABCD" vector by each of the "WXYZ" doublewords, adding
-; the result vectors with increasing offsets, the way we learned
-; in school, back before we all used calculators:
-;
-; A B C D
-; * W X Y Z
-; __________
-; P Q R S T
-; E F G H I
-; M N O P Q
-; + R S T U V
-; _______________
-; F I N A L S U M
-;
-; So we call maxpy_PA20_big (in my case; my package is
-; big-wordian) repeatedly, giving the W, X, Y, and Z arguments
-; in turn as the "scalar", and giving the "ABCD" vector each
-; time. We direct it to add its result into an area of memory
-; that we have cleared at the start. We skew the exact
-; location into that area with each call.
-;
-; The prototype for the function is
-;
-; extern void maxpy_PA20_big(
-; int length, /* Number of doublewords in the multiplicand vector. */
-; const long long int *scalaraddr, /* Address to fetch the scalar. */
-; const long long int *multiplicand, /* The multiplicand vector. */
-; long long int *result); /* Where to accumulate the result. */
-;
-; (You should place a copy of this prototype in an include file
-; or in your C file.)
-;
-; Now, IN ALL CASES, the given address for the multiplicand or
-; the result is that of the LEAST SIGNIFICANT DOUBLEWORD.
-; That word is, of course, the word at which the routine
-; starts processing. "maxpy_PA20_little" then increases the
-; addresses as it computes. "maxpy_PA20_big" decreases them.
-;
-; In our example above, "length" would be 4 in each case.
-; "multiplicand" would be the "ABCD" vector. Specifically,
-; the address of the element "D". "scalaraddr" would be the
-; address of "W", "X", "Y", or "Z" on the four calls that we
-; would make. (The order doesn't matter, of course.)
-; "result" would be the appropriate address in the result
-; area. When multiplying by "Z", that would be the least
-; significant word. When multiplying by "Y", it would be the
-; next higher word (8 bytes higher if little-wordian; 8 bytes
-; lower if big-wordian), and so on. The size of the result
-; area must be the the sum of the sizes of the multiplicand
-; and multiplier vectors, and must be initialized to zero
-; before we start.
-;
-; Whenever the routine adds its partial product into the result
-; vector, it follows carry chains as far as they need to go.
-;
-; Here is the super-precision multiply routine that I use for
-; my package. The package is big-wordian. I have taken out
-; handling of exponents (it's a floating point package):
-;
-; static void mul_PA20(
-; int size,
-; const long long int *arg1,
-; const long long int *arg2,
-; long long int *result)
-; {
-; int i;
-;
-; for (i=0 ; i<2*size ; i++) result[i] = 0ULL;
-;
-; for (i=0 ; i<size ; i++) {
-; maxpy_PA20_big(size, &arg2[i], &arg1[size-1], &result[size+i]);
-; }
-; }
diff --git a/security/nss/lib/freebl/mpi/hppatch.adb b/security/nss/lib/freebl/mpi/hppatch.adb
deleted file mode 100644
index 7b7aaef76..000000000
--- a/security/nss/lib/freebl/mpi/hppatch.adb
+++ /dev/null
@@ -1,49 +0,0 @@
-#/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is script to change the system id in an object file
-# from PA-RISC 2.0 to 1.1.
-#
-# The Initial Developer of the Original Code is Hewlett-Packard Company.
-# Portions created by Hewlett-Packard Company are
-# Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved.
-#
-# Contributor(s):
-# wrapped by Dennis Handly on Tue Mar 23 15:23:43 1999
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-# script to change the system id in an object file from PA-RISC 2.0 to 1.1
-
-adb -w $1 << EOF
-?m 0 -1 0
-0x0?X
-0x0?W (@0x0&~0x40000)|(~@0x0&0x40000)
-
-0?"change checksum"
-0x7c?X
-0x7c?W (@0x7c&~0x40000)|(~@0x7c&0x40000)
-$q
-EOF
-
-exit 0
-
diff --git a/security/nss/lib/freebl/mpi/logtab.h b/security/nss/lib/freebl/mpi/logtab.h
deleted file mode 100644
index 6f28be96f..000000000
--- a/security/nss/lib/freebl/mpi/logtab.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * logtab.h
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-const float s_logv_2[] = {
- 0.000000000f, 0.000000000f, 1.000000000f, 0.630929754f, /* 0 1 2 3 */
- 0.500000000f, 0.430676558f, 0.386852807f, 0.356207187f, /* 4 5 6 7 */
- 0.333333333f, 0.315464877f, 0.301029996f, 0.289064826f, /* 8 9 10 11 */
- 0.278942946f, 0.270238154f, 0.262649535f, 0.255958025f, /* 12 13 14 15 */
- 0.250000000f, 0.244650542f, 0.239812467f, 0.235408913f, /* 16 17 18 19 */
- 0.231378213f, 0.227670249f, 0.224243824f, 0.221064729f, /* 20 21 22 23 */
- 0.218104292f, 0.215338279f, 0.212746054f, 0.210309918f, /* 24 25 26 27 */
- 0.208014598f, 0.205846832f, 0.203795047f, 0.201849087f, /* 28 29 30 31 */
- 0.200000000f, 0.198239863f, 0.196561632f, 0.194959022f, /* 32 33 34 35 */
- 0.193426404f, 0.191958720f, 0.190551412f, 0.189200360f, /* 36 37 38 39 */
- 0.187901825f, 0.186652411f, 0.185449023f, 0.184288833f, /* 40 41 42 43 */
- 0.183169251f, 0.182087900f, 0.181042597f, 0.180031327f, /* 44 45 46 47 */
- 0.179052232f, 0.178103594f, 0.177183820f, 0.176291434f, /* 48 49 50 51 */
- 0.175425064f, 0.174583430f, 0.173765343f, 0.172969690f, /* 52 53 54 55 */
- 0.172195434f, 0.171441601f, 0.170707280f, 0.169991616f, /* 56 57 58 59 */
- 0.169293808f, 0.168613099f, 0.167948779f, 0.167300179f, /* 60 61 62 63 */
- 0.166666667f
-};
-
diff --git a/security/nss/lib/freebl/mpi/make-logtab b/security/nss/lib/freebl/mpi/make-logtab
deleted file mode 100755
index 0ed950c70..000000000
--- a/security/nss/lib/freebl/mpi/make-logtab
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/linguist/bin/perl
-
-#
-# make-logtab
-#
-# Generate a table of logarithms of 2 in various bases, for use in
-# estimating the output sizes of various bases.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-#
-# $Id$
-
-$ARRAYNAME = $ENV{'ARRAYNAME'} || "s_logv_2";
-$ARRAYTYPE = $ENV{'ARRAYTYPE'} || "float";
-
-printf("const %s %s[] = {\n %0.9ff, %0.9ff, ",
- $ARRAYTYPE, $ARRAYNAME, 0, 0);
-$brk = 2;
-for($ix = 2; $ix < 64; $ix++) {
- printf("%0.9ff, ", (log(2)/log($ix)));
- $brk = ($brk + 1) & 3;
- if(!$brk) {
- printf(" /* %2d %2d %2d %2d */\n ",
- $ix - 3, $ix - 2, $ix - 1, $ix);
- }
-}
-printf("%0.9ff\n};\n\n", (log(2)/log($ix)));
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/make-test-arrays b/security/nss/lib/freebl/mpi/make-test-arrays
deleted file mode 100755
index a55bf3a1e..000000000
--- a/security/nss/lib/freebl/mpi/make-test-arrays
+++ /dev/null
@@ -1,129 +0,0 @@
-#!/usr/linguist/bin/perl
-
-#
-# make-test-arrays
-#
-# Given a test-arrays file, which specifies the test suite names, the
-# names of the functions which perform those test suites, and
-# descriptive comments, this script generates C structures for the
-# mpi-test program. The input consists of lines of the form:
-#
-# suite-name:function-name:comment
-#
-# The output is written to the standard output. Blank lines are
-# ignored, and comments beginning with '#' are stripped.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-# Read parameters from the environment, if available
-$NAMEVAR = $ENV{'NAMEVAR'} || "g_names";
-$COUNTVAR = $ENV{'COUNTVAR'} || "g_count";
-$FUNCVAR = $ENV{'FUNCVAR'} || "g_tests";
-$DESCVAR = $ENV{'DESCVAR'} || "g_descs";
-$FUNCLEN = 13;
-$NAMELEN = 18;
-$DESCLEN = 45;
-
-#------------------------------------------------------------------------
-# Suck in input from the files on the command line, or standard input
-while(<>) {
- chomp;
- s/\#.*$//;
- next if /^\s*$/;
-
- ($suite, $func, $desc) = split(/:/, $_);
-
- $tmp = { "suite" => $suite,
- "func" => $func,
- "desc" => $desc };
-
- push(@item, $tmp);
-}
-$count = scalar(@item);
-$last = pop(@item);
-
-#------------------------------------------------------------------------
-# Output the table of names
-print "/* Table mapping test suite names to index numbers */\n";
-printf("const int %s = %d;\n", $COUNTVAR, $count);
-printf("const char *%s[] = {\n", $NAMEVAR);
-
-foreach $elt (@item) {
- printf(" \"%s\",%s/* %s%s */\n", $elt->{"suite"},
- " " x ($NAMELEN - length($elt->{"suite"})),
- $elt->{"desc"},
- " " x ($DESCLEN - length($elt->{"desc"})));
-}
-printf(" \"%s\" %s/* %s%s */\n", $last->{"suite"},
- " " x ($NAMELEN - length($last->{"suite"})),
- $last->{"desc"},
- " " x ($DESCLEN - length($last->{"desc"})));
-print "};\n\n";
-
-#------------------------------------------------------------------------
-# Output the driver function prototypes
-print "/* Test function prototypes */\n";
-foreach $elt (@item, $last) {
- printf("int %s(void);\n", $elt->{"func"});
-}
-print "\n";
-
-#------------------------------------------------------------------------
-# Output the table of functions
-print "/* Table mapping index numbers to functions */\n";
-printf("int (*%s[])(void) = {\n ", $FUNCVAR);
-$brk = 0;
-
-foreach $elt (@item) {
- print($elt->{"func"}, ", ",
- " " x ($FUNCLEN - length($elt->{"func"})));
- $brk = ($brk + 1) & 3;
- print "\n " unless($brk);
-}
-print $last->{"func"}, "\n};\n\n";
-
-#------------------------------------------------------------------------
-# Output the table of descriptions
-print "/* Table mapping index numbers to descriptions */\n";
-printf("const char *%s[] = {\n", $DESCVAR);
-
-foreach $elt (@item) {
- printf(" \"%s\",\n", $elt->{"desc"});
-}
-printf(" \"%s\"\n};\n\n", $last->{"desc"});
-
-exit 0;
-
diff --git a/security/nss/lib/freebl/mpi/mdxptest.c b/security/nss/lib/freebl/mpi/mdxptest.c
deleted file mode 100644
index 61d02e9a9..000000000
--- a/security/nss/lib/freebl/mpi/mdxptest.c
+++ /dev/null
@@ -1,339 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <malloc.h>
-#include <time.h>
-#include "mpi.h"
-#include "mpi-priv.h"
-
-/* #define OLD_WAY 1 */
-
-/* This key is the 1024-bit test key used for speed testing of RSA private
-** key ops.
-*/
-
-#define CONST const
-
-static CONST unsigned char default_n[128] = {
-0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1,
-0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39,
-0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae,
-0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8,
-0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62,
-0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8,
-0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b,
-0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17
-};
-
-static CONST unsigned char default_d[128] = {
-0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80,
-0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e,
-0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94,
-0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d,
-0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0,
-0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20,
-0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee,
-0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01
-};
-
-
-#define DEFAULT_ITERS 50
-
-typedef clock_t timetype;
-#define gettime(x) *(x) = clock()
-#define subtime(a, b) a -= b
-#define msec(x) ((clock_t)((double)x * 1000.0 / CLOCKS_PER_SEC))
-#define sec(x) (x / CLOCKS_PER_SEC)
-
-struct TimingContextStr {
- timetype start;
- timetype end;
- timetype interval;
-
- int minutes;
- int seconds;
- int millisecs;
-};
-
-typedef struct TimingContextStr TimingContext;
-
-TimingContext *CreateTimingContext(void)
-{
- return (TimingContext *)malloc(sizeof(TimingContext));
-}
-
-void DestroyTimingContext(TimingContext *ctx)
-{
- free(ctx);
-}
-
-void TimingBegin(TimingContext *ctx)
-{
- gettime(&ctx->start);
-}
-
-static void timingUpdate(TimingContext *ctx)
-{
-
- ctx->millisecs = msec(ctx->interval) % 1000;
- ctx->seconds = sec(ctx->interval);
- ctx->minutes = ctx->seconds / 60;
- ctx->seconds %= 60;
-
-}
-
-void TimingEnd(TimingContext *ctx)
-{
- gettime(&ctx->end);
- ctx->interval = ctx->end;
- subtime(ctx->interval, ctx->start);
- timingUpdate(ctx);
-}
-
-char *TimingGenerateString(TimingContext *ctx)
-{
- static char sBuf[4096];
-
- sprintf(sBuf, "%d minutes, %d.%03d seconds", ctx->minutes,
- ctx->seconds, ctx->millisecs);
- return sBuf;
-}
-
-static void
-dumpBytes( unsigned char * b, int l)
-{
- int i;
- if (l <= 0)
- return;
- for (i = 0; i < l; ++i) {
- if (i % 16 == 0)
- printf("\t");
- printf(" %02x", b[i]);
- if (i % 16 == 15)
- printf("\n");
- }
- if ((i % 16) != 0)
- printf("\n");
- printf("\n");
-}
-
-static mp_err
-testNewFuncs(const unsigned char * modulusBytes, int modulus_len)
-{
- mp_err mperr = MP_OKAY;
- mp_int modulus;
- unsigned char buf[512];
-
- mperr = mp_init(&modulus);
- mperr = mp_read_unsigned_octets(&modulus, modulusBytes, modulus_len );
- mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len);
- mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+1);
- mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+4);
- mperr = mp_to_unsigned_octets(&modulus, buf, modulus_len);
- mperr = mp_to_signed_octets(&modulus, buf, modulus_len + 1);
- mp_clear(&modulus);
- return mperr;
-}
-
-int
-testModExp( const unsigned char * modulusBytes,
- const unsigned int expo,
- const unsigned char * input,
- unsigned char * output,
- int modulus_len)
-{
- mp_err mperr = MP_OKAY;
- mp_int modulus;
- mp_int base;
- mp_int exponent;
- mp_int result;
-
- mperr = mp_init(&modulus);
- mperr += mp_init(&base);
- mperr += mp_init(&exponent);
- mperr += mp_init(&result);
- /* we initialize all mp_ints unconditionally, even if some fail.
- ** This guarantees that the DIGITS pointer is valid (even if null).
- ** So, mp_clear will do the right thing below.
- */
- if (mperr == MP_OKAY) {
- mperr = mp_read_unsigned_octets(&modulus,
- modulusBytes + (sizeof default_n - modulus_len), modulus_len );
- mperr += mp_read_unsigned_octets(&base, input, modulus_len );
- mp_set(&exponent, expo);
- if (mperr == MP_OKAY) {
-#if OLD_WAY
- mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
-#else
- mperr = mp_exptmod(&base, &exponent, &modulus, &result);
-#endif
- if (mperr == MP_OKAY) {
- mperr = mp_to_fixlen_octets(&result, output, modulus_len);
- }
- }
- }
- mp_clear(&base);
- mp_clear(&result);
-
- mp_clear(&modulus);
- mp_clear(&exponent);
-
- return (int)mperr;
-}
-
-int
-doModExp( const unsigned char * modulusBytes,
- const unsigned char * exponentBytes,
- const unsigned char * input,
- unsigned char * output,
- int modulus_len)
-{
- mp_err mperr = MP_OKAY;
- mp_int modulus;
- mp_int base;
- mp_int exponent;
- mp_int result;
-
- mperr = mp_init(&modulus);
- mperr += mp_init(&base);
- mperr += mp_init(&exponent);
- mperr += mp_init(&result);
- /* we initialize all mp_ints unconditionally, even if some fail.
- ** This guarantees that the DIGITS pointer is valid (even if null).
- ** So, mp_clear will do the right thing below.
- */
- if (mperr == MP_OKAY) {
- mperr = mp_read_unsigned_octets(&modulus,
- modulusBytes + (sizeof default_n - modulus_len), modulus_len );
- mperr += mp_read_unsigned_octets(&exponent, exponentBytes, modulus_len );
- mperr += mp_read_unsigned_octets(&base, input, modulus_len );
- if (mperr == MP_OKAY) {
-#if OLD_WAY
- mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
-#else
- mperr = mp_exptmod(&base, &exponent, &modulus, &result);
-#endif
- if (mperr == MP_OKAY) {
- mperr = mp_to_fixlen_octets(&result, output, modulus_len);
- }
- }
- }
- mp_clear(&base);
- mp_clear(&result);
-
- mp_clear(&modulus);
- mp_clear(&exponent);
-
- return (int)mperr;
-}
-
-int
-main(int argc, char **argv)
-{
- TimingContext * timeCtx;
- char * progName;
- long iters = DEFAULT_ITERS;
- unsigned int modulus_len;
- int i;
- int rv;
- unsigned char buf [1024];
- unsigned char buf2[1024];
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- if (argc >= 2) {
- iters = atol(argv[1]);
- }
-
- if (argc >= 3) {
- modulus_len = atol(argv[2]);
- } else
- modulus_len = sizeof default_n;
-
- /* no library init function !? */
-
- memset(buf, 0x41, sizeof buf);
-
- if (iters < 2) {
- testNewFuncs( default_n, modulus_len);
- testNewFuncs( default_n+1, modulus_len - 1);
- testNewFuncs( default_n+2, modulus_len - 2);
- testNewFuncs( default_n+3, modulus_len - 3);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 0, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 1, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 2, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 3, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
- }
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
- if (rv != 0) {
- fprintf(stderr, "Error in modexp operation:\n");
- exit(1);
- }
- dumpBytes((unsigned char *)buf2, modulus_len);
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-
- timeCtx = CreateTimingContext();
- TimingBegin(timeCtx);
- i = iters;
- while (i--) {
- rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
- if (rv != 0) {
- fprintf(stderr, "Error in modexp operation\n");
- exit(1);
- }
- }
- TimingEnd(timeCtx);
- printf("%ld iterations in %s\n", iters, TimingGenerateString(timeCtx));
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/montmulf.c b/security/nss/lib/freebl/mpi/montmulf.c
deleted file mode 100644
index 2cf0825f8..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SPARC optimized Montgomery multiply functions.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifdef SOLARIS
-#define RF_INLINE_MACROS 1
-#endif
-
-static const double TwoTo16=65536.0;
-static const double TwoToMinus16=1.0/65536.0;
-static const double Zero=0.0;
-static const double TwoTo32=65536.0*65536.0;
-static const double TwoToMinus32=1.0/(65536.0*65536.0);
-
-#ifdef RF_INLINE_MACROS
-
-double upper32(double);
-double lower32(double, double);
-double mod(double, double, double);
-
-void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
- const double * /* 2^16*/,
- const double * /* 0 */,
- double * /*result16*/,
- double * /* result32 */,
- float * /*source - should be unsigned int*
- converted to float* */);
-
-#else
-#ifdef MP_USE_FLOOR
-#include <math.h>
-#else
-#define floor(d) ((double)((unsigned long long)(d)))
-#endif
-
-static double upper32(double x)
-{
- return floor(x*TwoToMinus32);
-}
-
-static double lower32(double x, double y)
-{
- return x-TwoTo32*floor(x*TwoToMinus32);
-}
-
-static double mod(double x, double oneoverm, double m)
-{
- return x-m*floor(x*oneoverm);
-}
-
-#endif
-
-
-static void cleanup(double *dt, int from, int tlen)
-{
- int i;
- double tmp,tmp1,x,x1;
-
- tmp=tmp1=Zero;
- /* original code **
- for(i=2*from;i<2*tlen-2;i++)
- {
- x=dt[i];
- dt[i]=lower32(x,Zero)+tmp1;
- tmp1=tmp;
- tmp=upper32(x);
- }
- dt[tlen-2]+=tmp1;
- dt[tlen-1]+=tmp;
- **end original code ***/
- /* new code ***/
- for(i=2*from;i<2*tlen;i+=2)
- {
- x=dt[i];
- x1=dt[i+1];
- dt[i]=lower32(x,Zero)+tmp;
- dt[i+1]=lower32(x1,Zero)+tmp1;
- tmp=upper32(x);
- tmp1=upper32(x1);
- }
- /** end new code **/
-}
-
-
-void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-{
-int i;
-long long t, t1, a, b, c, d;
-
- t1=0;
- a=(long long)d16[0];
- b=(long long)d16[1];
- for(i=0; i<ilen-1; i++)
- {
- c=(long long)d16[2*i+2];
- t1+=(unsigned int)a;
- t=(a>>32);
- d=(long long)d16[2*i+3];
- t1+=(b&0xffff)<<16;
- t+=(b>>16)+(t1>>32);
- i32[i]=(unsigned int)t1;
- t1=t;
- a=c;
- b=d;
- }
- t1+=(unsigned int)a;
- t=(a>>32);
- t1+=(b&0xffff)<<16;
- i32[i]=(unsigned int)t1;
-}
-
-void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-{
-int i;
-
-#pragma pipeloop(0)
- for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-}
-
-
-void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-{
-int i;
-unsigned int a;
-
-#pragma pipeloop(0)
- for(i=0;i<len;i++)
- {
- a=i32[i];
- d16[2*i]=(double)(a&0xffff);
- d16[2*i+1]=(double)(a>>16);
- }
-}
-
-
-void conv_i32_to_d32_and_d16(double *d32, double *d16,
- unsigned int *i32, int len)
-{
-int i = 0;
-unsigned int a;
-
-#pragma pipeloop(0)
-#ifdef RF_INLINE_MACROS
- for(;i<len-3;i+=4)
- {
- i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
- &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
- }
-#endif
- for(;i<len;i++)
- {
- a=i32[i];
- d32[i]=(double)(i32[i]);
- d16[2*i]=(double)(a&0xffff);
- d16[2*i+1]=(double)(a>>16);
- }
-}
-
-
-void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-{
-long long acc;
-int i;
-
- if(i32[len]>0) i=-1;
- else
- {
- for(i=len-1; i>=0; i--)
- {
- if(i32[i]!=nint[i]) break;
- }
- }
- if((i<0)||(i32[i]>nint[i]))
- {
- acc=0;
- for(i=0;i<len;i++)
- {
- acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
- i32[i]=(unsigned int)acc;
- acc=acc>>32;
- }
- }
-}
-
-
-
-
-/*
-** the lengths of the input arrays should be at least the following:
-** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-** all of them should be different from one another
-**
-*/
-void mont_mulf_noconv(unsigned int *result,
- double *dm1, double *dm2, double *dt,
- double *dn, unsigned int *nint,
- int nlen, double dn0)
-{
- int i, j, jj;
- int tmp;
- double digit, m2j, nextm2j, a, b;
- double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-
- pdm1=&(dm1[0]);
- pdm2=&(dm2[0]);
- pdn=&(dn[0]);
- pdm2[2*nlen]=Zero;
-
- if (nlen!=16)
- {
- for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-
- a=dt[0]=pdm1[0]*pdm2[0];
- digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
- pdtj=&(dt[0]);
- for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
- {
- m2j=pdm2[j];
- a=pdtj[0]+pdn[0]*digit;
- b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
- pdtj[1]=b;
-
-#pragma pipeloop(0)
- for(i=1;i<nlen;i++)
- {
- pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
- }
- if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-
- digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
- }
- }
- else
- {
- a=dt[0]=pdm1[0]*pdm2[0];
-
- dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
- dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
- dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
- dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
- dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
- dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
- dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
- dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
- dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
- dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
- dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-
- pdn_0=pdn[0];
- pdm1_0=pdm1[0];
-
- digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
- pdtj=&(dt[0]);
-
- for(j=0;j<32;j++,pdtj++)
- {
-
- m2j=pdm2[j];
- a=pdtj[0]+pdn_0*digit;
- b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
- pdtj[1]=b;
-
- /**** this loop will be fully unrolled:
- for(i=1;i<16;i++)
- {
- pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
- }
- *************************************/
- pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
- pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
- pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
- pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
- pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
- pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
- pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
- pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
- pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
- pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
- pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
- pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
- pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
- pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
- pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
- /* no need for cleenup, cannot overflow */
- digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
- }
- }
-
- conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
- adjust_montf_result(result,nint,nlen);
-
-}
-
diff --git a/security/nss/lib/freebl/mpi/montmulf.h b/security/nss/lib/freebl/mpi/montmulf.h
deleted file mode 100644
index 5fd5dd4e3..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is interface file for SPARC Montgomery multiply functions.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* The functions that are to be called from outside of the .s file have the
- * following interfaces and array size requirements:
- */
-
-
-void conv_i32_to_d32(double *d32, unsigned int *i32, int len);
-
-/* Converts an array of int's to an array of doubles, so that each double
- * corresponds to an int. len is the number of items converted.
- * Does not allocate the output array.
- * The pointers d32 and i32 should point to arrays of size at least len
- * (doubles and unsigned ints, respectively)
- */
-
-
-void conv_i32_to_d16(double *d16, unsigned int *i32, int len);
-
-/* Converts an array of int's to an array of doubles so that each element
- * of the int array is converted to a pair of doubles, the first one
- * corresponding to the lower (least significant) 16 bits of the int and
- * the second one corresponding to the upper (most significant) 16 bits of
- * the 32-bit int. len is the number of ints converted.
- * Does not allocate the output array.
- * The pointer d16 should point to an array of doubles of size at least
- * 2*len and i32 should point an array of ints of size at least len
- */
-
-
-void conv_i32_to_d32_and_d16(double *d32, double *d16,
- unsigned int *i32, int len);
-
-/* Does the above two conversions together, it is much faster than doing
- * both of those in succession
- */
-
-
-void mont_mulf_noconv(unsigned int *result,
- double *dm1, double *dm2, double *dt,
- double *dn, unsigned int *nint,
- int nlen, double dn0);
-
-/* Does the Montgomery multiplication of the numbers stored in the arrays
- * pointed to by dm1 and dm2, writing the result to the array pointed to by
- * result. It uses the array pointed to by dt as a temporary work area.
- * nint should point to the modulus in the array-of-integers representation,
- * dn should point to its array-of-doubles as obtained as a result of the
- * function call conv_i32_to_d32(dn, nint, nlen);
- * nlen is the length of the array containing the modulus.
- * The representation used for dm1 is the one that is a result of the function
- * call conv_i32_to_d32(dm1, m1, nlen), the representation for dm2 is the
- * result of the function call conv_i32_to_d16(dm2, m2, nlen).
- * Note that m1 and m2 should both be of length nlen, so they should be
- * padded with 0's if necessary before the conversion. The result comes in
- * this form (int representation, padded with 0's).
- * dn0 is the value of the 16 least significant bits of n0'.
- * The function does not allocate memory for any of the arrays, so the
- * pointers should point to arrays with the following minimal sizes:
- * result - nlen+1
- * dm1 - nlen
- * dm2 - 2*nlen+1 ( the +1 is necessary for technical reasons )
- * dt - 4*nlen+2
- * dn - nlen
- * nint - nlen
- * No two arrays should point to overlapping areas of memory.
- */
diff --git a/security/nss/lib/freebl/mpi/montmulf.il b/security/nss/lib/freebl/mpi/montmulf.il
deleted file mode 100644
index b3dd734b6..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.il
+++ /dev/null
@@ -1,137 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is inline macros for SPARC Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
-!
-! double upper32(double /*frs1*/);
-!
- .inline upper32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
-
- fdtox %f10,%f10
- fitod %f10,%f0
- .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
- .inline lower32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f12
-
- fdtox %f10,%f10
- fmovs %f12,%f10
- fxtod %f10,%f0
- .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
- .inline mod,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f2
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o4,[%sp+0x48]
- ldd [%sp+0x48],%f6
-
- fmuld %f2,%f4,%f4
- fdtox %f4,%f4
- fxtod %f4,%f4
- fmuld %f4,%f6,%f4
- fsubd %f2,%f4,%f0
- .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! double * /* 0 */,
-! double * /*result16*/, double * /* result32 */
-! float * /*source - should be unsigned int*
-! converted to float* */);
-!
- .inline i16_to_d16_and_d32x4,24
- ldd [%o0],%f2 ! 1/(2^16)
- ldd [%o1],%f4 ! 2^16
- ldd [%o2],%f22
-
- fmovd %f22,%f6
- ld [%o5],%f7
- fmovd %f22,%f10
- ld [%o5+4],%f11
- fmovd %f22,%f14
- ld [%o5+8],%f15
- fmovd %f22,%f18
- ld [%o5+12],%f19
- fxtod %f6,%f6
- std %f6,[%o4]
- fxtod %f10,%f10
- std %f10,[%o4+8]
- fxtod %f14,%f14
- std %f14,[%o4+16]
- fxtod %f18,%f18
- std %f18,[%o4+24]
- fmuld %f2,%f6,%f8
- fmuld %f2,%f10,%f12
- fmuld %f2,%f14,%f16
- fmuld %f2,%f18,%f20
- fdtox %f8,%f8
- fdtox %f12,%f12
- fdtox %f16,%f16
- fdtox %f20,%f20
- fxtod %f8,%f8
- std %f8,[%o3+8]
- fxtod %f12,%f12
- std %f12,[%o3+24]
- fxtod %f16,%f16
- std %f16,[%o3+40]
- fxtod %f20,%f20
- std %f20,[%o3+56]
- fmuld %f8,%f4,%f8
- fmuld %f12,%f4,%f12
- fmuld %f16,%f4,%f16
- fmuld %f20,%f4,%f20
- fsubd %f6,%f8,%f8
- std %f8,[%o3]
- fsubd %f10,%f12,%f12
- std %f12,[%o3+16]
- fsubd %f14,%f16,%f16
- std %f16,[%o3+32]
- fsubd %f18,%f20,%f20
- std %f20,[%o3+48]
- .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulf.s b/security/nss/lib/freebl/mpi/montmulf.s
deleted file mode 100644
index cdb5d376e..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.s
+++ /dev/null
@@ -1,1967 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
- .section ".text",#alloc,#execinstr
- .file "montmulf.c"
-
- .section ".data",#alloc,#write
- .align 8
-TwoTo16: /* frequency 1.0 confidence 0.0 */
- .word 1089470464
- .word 0
- .type TwoTo16,#object
- .size TwoTo16,8
-TwoToMinus16: /* frequency 1.0 confidence 0.0 */
- .word 1055916032
- .word 0
- .type TwoToMinus16,#object
- .size TwoToMinus16,8
-Zero: /* frequency 1.0 confidence 0.0 */
- .word 0
- .word 0
- .type Zero,#object
- .size Zero,8
-TwoTo32: /* frequency 1.0 confidence 0.0 */
- .word 1106247680
- .word 0
- .type TwoTo32,#object
- .size TwoTo32,8
-TwoToMinus32: /* frequency 1.0 confidence 0.0 */
- .word 1039138816
- .word 0
- .type TwoToMinus32,#object
- .size TwoToMinus32,8
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE cleanup
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global cleanup
- cleanup: /* frequency 1.0 confidence 0.0 */
-! FILE montmulf.c
-
-! 1 !#define RF_INLINE_MACROS
-! 3 !static double TwoTo16=65536.0;
-! 4 !static double TwoToMinus16=1.0/65536.0;
-! 5 !static double Zero=0.0;
-! 6 !static double TwoTo32=65536.0*65536.0;
-! 7 !static double TwoToMinus32=1.0/(65536.0*65536.0);
-! 9 !#ifdef RF_INLINE_MACROS
-! 11 !double upper32(double);
-! 12 !double lower32(double, double);
-! 13 !double mod(double, double, double);
-! 15 !#else
-! 17 !static double upper32(double x)
-! 18 !{
-! 19 ! return floor(x*TwoToMinus32);
-! 20 !}
-! 22 !static double lower32(double x, double y)
-! 23 !{
-! 24 ! return x-TwoTo32*floor(x*TwoToMinus32);
-! 25 !}
-! 27 !static double mod(double x, double oneoverm, double m)
-! 28 !{
-! 29 ! return x-m*floor(x*oneoverm);
-! 30 !}
-! 32 !#endif
-! 35 !void cleanup(double *dt, int from, int tlen)
-! 36 !{
-! 37 ! int i;
-! 38 ! double tmp,tmp1,x,x1;
-! 40 ! tmp=tmp1=Zero;
-
-/* 000000 40 ( 0 1) */ sethi %hi(Zero),%g2
-
-! 41 ! /* original code **
-! 42 ! for(i=2*from;i<2*tlen-2;i++)
-! 43 ! {
-! 44 ! x=dt[i];
-! 45 ! dt[i]=lower32(x,Zero)+tmp1;
-! 46 ! tmp1=tmp;
-! 47 ! tmp=upper32(x);
-! 48 ! }
-! 49 ! dt[tlen-2]+=tmp1;
-! 50 ! dt[tlen-1]+=tmp;
-! 51 ! **end original code ***/
-! 52 ! /* new code ***/
-! 53 ! for(i=2*from;i<2*tlen;i+=2)
-
-/* 0x0004 53 ( 1 2) */ sll %o2,1,%g3
-/* 0x0008 40 ( 1 4) */ ldd [%g2+%lo(Zero)],%f0
-/* 0x000c ( 1 2) */ add %g2,%lo(Zero),%g2
-/* 0x0010 53 ( 2 3) */ sll %o1,1,%g4
-/* 0x0014 36 ( 3 4) */ sll %o1,4,%g1
-/* 0x0018 40 ( 3 4) */ fmovd %f0,%f4
-/* 0x001c 53 ( 3 4) */ cmp %g4,%g3
-/* 0x0020 ( 3 4) */ bge,pt %icc,.L77000116 ! tprob=0.56
-/* 0x0024 ( 4 5) */ fmovd %f0,%f2
-/* 0x0028 36 ( 4 5) */ add %o0,%g1,%g1
-/* 0x002c ( 4 5) */ sub %g3,1,%g3
-
-! 54 ! {
-! 55 ! x=dt[i];
-
-/* 0x0030 55 ( 5 8) */ ldd [%g1],%f8
- .L900000114: /* frequency 6.4 confidence 0.0 */
-/* 0x0034 ( 0 3) */ fdtox %f8,%f6
-
-! 56 ! x1=dt[i+1];
-
-/* 0x0038 56 ( 0 3) */ ldd [%g1+8],%f10
-
-! 57 ! dt[i]=lower32(x,Zero)+tmp;
-! 58 ! dt[i+1]=lower32(x1,Zero)+tmp1;
-! 59 ! tmp=upper32(x);
-! 60 ! tmp1=upper32(x1);
-
-/* 0x003c 60 ( 0 1) */ add %g4,2,%g4
-/* 0x0040 ( 1 4) */ fdtox %f8,%f8
-/* 0x0044 ( 1 2) */ cmp %g4,%g3
-/* 0x0048 ( 5 6) */ fmovs %f0,%f6
-/* 0x004c ( 7 10) */ fxtod %f6,%f6
-/* 0x0050 ( 8 11) */ fdtox %f10,%f0
-/* 0x0054 57 (10 13) */ faddd %f6,%f2,%f2
-/* 0x0058 (10 11) */ std %f2,[%g1]
-/* 0x005c (12 15) */ ldd [%g2],%f2
-/* 0x0060 (14 15) */ fmovs %f2,%f0
-/* 0x0064 (16 19) */ fxtod %f0,%f6
-/* 0x0068 (17 20) */ fdtox %f10,%f0
-/* 0x006c (18 21) */ fitod %f8,%f2
-/* 0x0070 58 (19 22) */ faddd %f6,%f4,%f4
-/* 0x0074 (19 20) */ std %f4,[%g1+8]
-/* 0x0078 60 (19 20) */ add %g1,16,%g1
-/* 0x007c (20 23) */ fitod %f0,%f4
-/* 0x0080 (20 23) */ ldd [%g2],%f0
-/* 0x0084 (20 21) */ ble,a,pt %icc,.L900000114 ! tprob=0.86
-/* 0x0088 (21 24) */ ldd [%g1],%f8
- .L77000116: /* frequency 1.0 confidence 0.0 */
-/* 0x008c ( 0 2) */ retl ! Result =
-/* 0x0090 ( 1 2) */ nop
-/* 0x0094 0 ( 0 0) */ .type cleanup,2
-/* 0x0094 ( 0 0) */ .size cleanup,(.-cleanup)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_d16_to_i32
- conv_d16_to_i32: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-136,%sp
-
-! 61 ! }
-! 62 ! /** end new code **/
-! 63 !}
-! 66 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-! 67 !{
-! 68 !int i;
-! 69 !long long t, t1, a, b, c, d;
-! 71 ! t1=0;
-! 72 ! a=(long long)d16[0];
-
-/* 0x0004 72 ( 1 4) */ ldd [%i1],%f0
-
-! 73 ! b=(long long)d16[1];
-! 74 ! for(i=0; i<ilen-1; i++)
-
-/* 0x0008 74 ( 1 2) */ sub %i3,1,%g2
-/* 0x000c 67 ( 1 2) */ or %g0,%i0,%g5
-/* 0x0010 74 ( 2 3) */ cmp %g2,0
-/* 0x0014 71 ( 2 3) */ or %g0,0,%o4
-/* 0x0018 72 ( 3 6) */ fdtox %f0,%f0
-/* 0x001c ( 3 4) */ std %f0,[%sp+120]
-/* 0x0020 74 ( 3 4) */ or %g0,0,%o7
-/* 0x0024 67 ( 4 5) */ or %g0,%i3,%o0
-/* 0x0028 ( 4 5) */ sub %i3,2,%o2
-/* 0x002c 73 ( 5 8) */ ldd [%i1+8],%f0
-/* 0x0030 67 ( 5 6) */ sethi %hi(0xfc00),%o0
-/* 0x0034 ( 5 6) */ add %o2,1,%g3
-/* 0x0038 ( 6 7) */ add %o0,1023,%o1
-/* 0x003c ( 6 7) */ or %g0,%g5,%o5
-/* 0x0040 73 ( 7 10) */ fdtox %f0,%f0
-/* 0x0044 ( 7 8) */ std %f0,[%sp+112]
-/* 0x0048 72 (11 13) */ ldx [%sp+120],%g4
-/* 0x004c 73 (12 14) */ ldx [%sp+112],%g1
-/* 0x0050 74 (12 13) */ ble,pt %icc,.L900000214 ! tprob=0.56
-/* 0x0054 (12 13) */ sethi %hi(0xfc00),%g2
-/* 0x0058 67 (13 14) */ or %g0,-1,%g2
-/* 0x005c 74 (13 14) */ cmp %g3,3
-/* 0x0060 67 (14 15) */ srl %g2,0,%o3
-/* 0x0064 (14 15) */ or %g0,%i1,%g2
-/* 0x0068 74 (14 15) */ bl,pn %icc,.L77000134 ! tprob=0.44
-/* 0x006c (15 18) */ ldd [%g2+16],%f0
-
-! 75 ! {
-! 76 ! c=(long long)d16[2*i+2];
-! 77 ! t1+=a&0xffffffff;
-! 78 ! t=(a>>32);
-! 79 ! d=(long long)d16[2*i+3];
-! 80 ! t1+=(b&0xffff)<<16;
-
-/* 0x0070 80 (15 16) */ and %g1,%o1,%o0
-
-! 81 ! t+=(b>>16)+(t1>>32);
-! 82 ! i32[i]=t1&0xffffffff;
-! 83 ! t1=t;
-! 84 ! a=c;
-! 85 ! b=d;
-
-/* 0x0074 85 (15 16) */ add %g2,16,%g2
-/* 0x0078 80 (16 17) */ sllx %o0,16,%g3
-/* 0x007c 77 (16 17) */ and %g4,%o3,%o0
-/* 0x0080 76 (17 20) */ fdtox %f0,%f0
-/* 0x0084 (17 18) */ std %f0,[%sp+104]
-/* 0x0088 74 (17 18) */ add %o0,%g3,%o4
-/* 0x008c 79 (18 21) */ ldd [%g2+8],%f2
-/* 0x0090 81 (18 19) */ srax %g1,16,%o0
-/* 0x0094 82 (18 19) */ and %o4,%o3,%o7
-/* 0x0098 81 (19 20) */ stx %o0,[%sp+112]
-/* 0x009c (19 20) */ srax %o4,32,%o0
-/* 0x00a0 85 (19 20) */ add %g5,4,%o5
-/* 0x00a4 81 (20 21) */ stx %o0,[%sp+120]
-/* 0x00a8 78 (20 21) */ srax %g4,32,%o4
-/* 0x00ac 79 (20 23) */ fdtox %f2,%f0
-/* 0x00b0 (21 22) */ std %f0,[%sp+96]
-/* 0x00b4 81 (22 24) */ ldx [%sp+112],%o0
-/* 0x00b8 (23 25) */ ldx [%sp+120],%g4
-/* 0x00bc 76 (25 27) */ ldx [%sp+104],%g3
-/* 0x00c0 81 (25 26) */ add %o0,%g4,%g4
-/* 0x00c4 79 (26 28) */ ldx [%sp+96],%g1
-/* 0x00c8 81 (26 27) */ add %o4,%g4,%o4
-/* 0x00cc 82 (27 28) */ st %o7,[%g5]
-/* 0x00d0 (27 28) */ or %g0,1,%o7
-/* 0x00d4 84 (27 28) */ or %g0,%g3,%g4
- .L900000209: /* frequency 64.0 confidence 0.0 */
-/* 0x00d8 76 (17 19) */ ldd [%g2+16],%f0
-/* 0x00dc 85 (17 18) */ add %o7,1,%o7
-/* 0x00e0 (17 18) */ add %o5,4,%o5
-/* 0x00e4 (18 18) */ cmp %o7,%o2
-/* 0x00e8 (18 19) */ add %g2,16,%g2
-/* 0x00ec 76 (19 22) */ fdtox %f0,%f0
-/* 0x00f0 (20 21) */ std %f0,[%sp+104]
-/* 0x00f4 79 (21 23) */ ldd [%g2+8],%f0
-/* 0x00f8 (23 26) */ fdtox %f0,%f0
-/* 0x00fc (24 25) */ std %f0,[%sp+96]
-/* 0x0100 80 (25 26) */ and %g1,%o1,%g3
-/* 0x0104 (26 27) */ sllx %g3,16,%g3
-/* 0x0108 ( 0 0) */ stx %g3,[%sp+120]
-/* 0x010c 77 (26 27) */ and %g4,%o3,%g3
-/* 0x0110 74 ( 0 0) */ stx %o7,[%sp+128]
-/* 0x0114 ( 0 0) */ ldx [%sp+120],%o7
-/* 0x0118 (27 27) */ add %g3,%o7,%g3
-/* 0x011c ( 0 0) */ ldx [%sp+128],%o7
-/* 0x0120 81 (28 29) */ srax %g1,16,%g1
-/* 0x0124 74 (28 28) */ add %g3,%o4,%g3
-/* 0x0128 81 (29 30) */ srax %g3,32,%o4
-/* 0x012c ( 0 0) */ stx %o4,[%sp+112]
-/* 0x0130 78 (30 31) */ srax %g4,32,%o4
-/* 0x0134 81 ( 0 0) */ ldx [%sp+112],%g4
-/* 0x0138 (30 31) */ add %g1,%g4,%g4
-/* 0x013c 79 (31 33) */ ldx [%sp+96],%g1
-/* 0x0140 81 (31 32) */ add %o4,%g4,%o4
-/* 0x0144 82 (32 33) */ and %g3,%o3,%g3
-/* 0x0148 84 ( 0 0) */ ldx [%sp+104],%g4
-/* 0x014c 85 (33 34) */ ble,pt %icc,.L900000209 ! tprob=0.50
-/* 0x0150 (33 34) */ st %g3,[%o5-4]
- .L900000212: /* frequency 8.0 confidence 0.0 */
-/* 0x0154 85 ( 0 1) */ ba .L900000214 ! tprob=1.00
-/* 0x0158 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L77000134: /* frequency 0.7 confidence 0.0 */
- .L900000213: /* frequency 6.4 confidence 0.0 */
-/* 0x015c 77 ( 0 1) */ and %g4,%o3,%o0
-/* 0x0160 80 ( 0 1) */ and %g1,%o1,%g3
-/* 0x0164 76 ( 0 3) */ fdtox %f0,%f0
-/* 0x0168 77 ( 1 2) */ add %o4,%o0,%o0
-/* 0x016c 76 ( 1 2) */ std %f0,[%sp+104]
-/* 0x0170 85 ( 1 2) */ add %o7,1,%o7
-/* 0x0174 80 ( 2 3) */ sllx %g3,16,%o4
-/* 0x0178 79 ( 2 5) */ ldd [%g2+24],%f2
-/* 0x017c 85 ( 2 3) */ add %g2,16,%g2
-/* 0x0180 80 ( 3 4) */ add %o0,%o4,%o4
-/* 0x0184 81 ( 3 4) */ stx %o7,[%sp+128]
-/* 0x0188 ( 4 5) */ srax %g1,16,%o0
-/* 0x018c ( 4 5) */ stx %o0,[%sp+112]
-/* 0x0190 82 ( 4 5) */ and %o4,%o3,%g3
-/* 0x0194 81 ( 5 6) */ srax %o4,32,%o0
-/* 0x0198 ( 5 6) */ stx %o0,[%sp+120]
-/* 0x019c 79 ( 5 8) */ fdtox %f2,%f0
-/* 0x01a0 ( 6 7) */ std %f0,[%sp+96]
-/* 0x01a4 78 ( 6 7) */ srax %g4,32,%o4
-/* 0x01a8 81 ( 7 9) */ ldx [%sp+120],%o7
-/* 0x01ac ( 8 10) */ ldx [%sp+112],%g4
-/* 0x01b0 76 (10 12) */ ldx [%sp+104],%g1
-/* 0x01b4 81 (10 11) */ add %g4,%o7,%g4
-/* 0x01b8 (11 13) */ ldx [%sp+128],%o7
-/* 0x01bc (11 12) */ add %o4,%g4,%o4
-/* 0x01c0 79 (12 14) */ ldx [%sp+96],%o0
-/* 0x01c4 84 (12 13) */ or %g0,%g1,%g4
-/* 0x01c8 82 (13 14) */ st %g3,[%o5]
-/* 0x01cc 85 (13 14) */ add %o5,4,%o5
-/* 0x01d0 (13 14) */ cmp %o7,%o2
-/* 0x01d4 (14 15) */ or %g0,%o0,%g1
-/* 0x01d8 (14 15) */ ble,a,pt %icc,.L900000213 ! tprob=0.86
-/* 0x01dc (14 17) */ ldd [%g2+16],%f0
- .L77000127: /* frequency 1.0 confidence 0.0 */
-
-! 86 ! }
-! 87 ! t1+=a&0xffffffff;
-! 88 ! t=(a>>32);
-! 89 ! t1+=(b&0xffff)<<16;
-! 90 ! i32[i]=t1&0xffffffff;
-
-/* 0x01e0 90 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L900000214: /* frequency 1.0 confidence 0.0 */
-/* 0x01e4 90 ( 0 1) */ or %g0,-1,%g3
-/* 0x01e8 ( 0 1) */ add %g2,1023,%g2
-/* 0x01ec ( 1 2) */ srl %g3,0,%g3
-/* 0x01f0 ( 1 2) */ and %g1,%g2,%g2
-/* 0x01f4 ( 2 3) */ and %g4,%g3,%g4
-/* 0x01f8 ( 3 4) */ sllx %g2,16,%g2
-/* 0x01fc ( 3 4) */ add %o4,%g4,%g4
-/* 0x0200 ( 4 5) */ add %g4,%g2,%g2
-/* 0x0204 ( 5 6) */ sll %o7,2,%g4
-/* 0x0208 ( 5 6) */ and %g2,%g3,%g2
-/* 0x020c ( 6 7) */ st %g2,[%g5+%g4]
-/* 0x0210 ( 7 9) */ ret ! Result =
-/* 0x0214 ( 9 10) */ restore %g0,%g0,%g0
-/* 0x0218 0 ( 0 0) */ .type conv_d16_to_i32,2
-/* 0x0218 ( 0 0) */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000301: /* frequency 1.0 confidence 0.0 */
-/* 000000 0 ( 0 0) */ .word 1127219200,0
-/* 0x0008 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_i32_to_d32
- conv_i32_to_d32: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ orcc %g0,%o2,%g1
-
-! 92 !}
-! 94 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-! 95 !{
-! 96 !int i;
-! 98 !#pragma pipeloop(0)
-! 99 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004 99 ( 0 1) */ ble,pt %icc,.L77000140 ! tprob=0.56
-/* 0x0008 ( 0 1) */ nop
-/* 0x000c ( 1 2) */ sethi %hi(.L_const_seg_900000301),%g2
-/* 0x0010 95 ( 1 2) */ or %g0,%o1,%g4
-/* 0x0014 99 ( 2 3) */ add %g2,%lo(.L_const_seg_900000301),%g2
-/* 0x0018 ( 2 3) */ or %g0,0,%o5
-/* 0x001c 95 ( 3 4) */ or %g0,%o0,%g5
-/* 0x0020 99 ( 3 4) */ sub %o2,1,%g3
-/* 0x0024 ( 4 5) */ cmp %o2,9
-/* 0x0028 ( 4 5) */ bl,pn %icc,.L77000144 ! tprob=0.44
-/* 0x002c ( 4 7) */ ldd [%g2],%f8
-/* 0x0030 ( 5 8) */ ld [%o1],%f7
-/* 0x0034 ( 5 6) */ add %o1,16,%g4
-/* 0x0038 ( 5 6) */ sub %o2,5,%g1
-/* 0x003c ( 6 9) */ ld [%o1+4],%f5
-/* 0x0040 ( 6 7) */ or %g0,4,%o5
-/* 0x0044 ( 7 10) */ ld [%o1+8],%f3
-/* 0x0048 ( 7 8) */ fmovs %f8,%f6
-/* 0x004c ( 8 11) */ ld [%o1+12],%f1
- .L900000305: /* frequency 64.0 confidence 0.0 */
-/* 0x0050 ( 8 16) */ ld [%g4],%f11
-/* 0x0054 ( 8 9) */ add %o5,5,%o5
-/* 0x0058 ( 8 9) */ add %g4,20,%g4
-/* 0x005c ( 8 11) */ fsubd %f6,%f8,%f6
-/* 0x0060 ( 9 10) */ std %f6,[%g5]
-/* 0x0064 ( 9 9) */ cmp %o5,%g1
-/* 0x0068 ( 9 10) */ add %g5,40,%g5
-/* 0x006c ( 0 0) */ fmovs %f8,%f4
-/* 0x0070 (10 18) */ ld [%g4-16],%f7
-/* 0x0074 (10 13) */ fsubd %f4,%f8,%f12
-/* 0x0078 ( 0 0) */ fmovs %f8,%f2
-/* 0x007c (11 12) */ std %f12,[%g5-32]
-/* 0x0080 (12 20) */ ld [%g4-12],%f5
-/* 0x0084 (12 15) */ fsubd %f2,%f8,%f12
-/* 0x0088 ( 0 0) */ fmovs %f8,%f0
-/* 0x008c (13 14) */ std %f12,[%g5-24]
-/* 0x0090 (14 22) */ ld [%g4-8],%f3
-/* 0x0094 (14 17) */ fsubd %f0,%f8,%f12
-/* 0x0098 ( 0 0) */ fmovs %f8,%f10
-/* 0x009c (15 16) */ std %f12,[%g5-16]
-/* 0x00a0 (16 24) */ ld [%g4-4],%f1
-/* 0x00a4 (16 19) */ fsubd %f10,%f8,%f10
-/* 0x00a8 ( 0 0) */ fmovs %f8,%f6
-/* 0x00ac (17 18) */ ble,pt %icc,.L900000305 ! tprob=0.50
-/* 0x00b0 (17 18) */ std %f10,[%g5-8]
- .L900000308: /* frequency 8.0 confidence 0.0 */
-/* 0x00b4 ( 0 1) */ fmovs %f8,%f4
-/* 0x00b8 ( 0 1) */ add %g5,32,%g5
-/* 0x00bc ( 0 1) */ cmp %o5,%g3
-/* 0x00c0 ( 1 2) */ fmovs %f8,%f2
-/* 0x00c4 ( 2 3) */ fmovs %f8,%f0
-/* 0x00c8 ( 4 7) */ fsubd %f6,%f8,%f6
-/* 0x00cc ( 4 5) */ std %f6,[%g5-32]
-/* 0x00d0 ( 5 8) */ fsubd %f4,%f8,%f4
-/* 0x00d4 ( 5 6) */ std %f4,[%g5-24]
-/* 0x00d8 ( 6 9) */ fsubd %f2,%f8,%f2
-/* 0x00dc ( 6 7) */ std %f2,[%g5-16]
-/* 0x00e0 ( 7 10) */ fsubd %f0,%f8,%f0
-/* 0x00e4 ( 7 8) */ bg,pn %icc,.L77000140 ! tprob=0.14
-/* 0x00e8 ( 7 8) */ std %f0,[%g5-8]
- .L77000144: /* frequency 0.7 confidence 0.0 */
-/* 0x00ec ( 0 3) */ ld [%g4],%f1
- .L900000309: /* frequency 6.4 confidence 0.0 */
-/* 0x00f0 ( 0 3) */ ldd [%g2],%f8
-/* 0x00f4 ( 0 1) */ add %o5,1,%o5
-/* 0x00f8 ( 0 1) */ add %g4,4,%g4
-/* 0x00fc ( 1 2) */ cmp %o5,%g3
-/* 0x0100 ( 2 3) */ fmovs %f8,%f0
-/* 0x0104 ( 4 7) */ fsubd %f0,%f8,%f0
-/* 0x0108 ( 4 5) */ std %f0,[%g5]
-/* 0x010c ( 4 5) */ add %g5,8,%g5
-/* 0x0110 ( 4 5) */ ble,a,pt %icc,.L900000309 ! tprob=0.86
-/* 0x0114 ( 6 9) */ ld [%g4],%f1
- .L77000140: /* frequency 1.0 confidence 0.0 */
-/* 0x0118 ( 0 2) */ retl ! Result =
-/* 0x011c ( 1 2) */ nop
-/* 0x0120 0 ( 0 0) */ .type conv_i32_to_d32,2
-/* 0x0120 ( 0 0) */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000401: /* frequency 1.0 confidence 0.0 */
-/* 000000 0 ( 0 0) */ .word 1127219200,0
-/* 0x0008 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_i32_to_d16
- conv_i32_to_d16: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-104,%sp
-/* 0x0004 ( 1 2) */ orcc %g0,%i2,%o0
-
-! 100 !}
-! 103 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-! 104 !{
-! 105 !int i;
-! 106 !unsigned int a;
-! 108 !#pragma pipeloop(0)
-! 109 ! for(i=0;i<len;i++)
-
-/* 0x0008 109 ( 1 2) */ ble,pt %icc,.L77000150 ! tprob=0.56
-/* 0x000c ( 1 2) */ nop
-/* 0x0010 ( 2 3) */ sub %o0,1,%o5
-/* 0x0014 ( 2 3) */ sethi %hi(0xfc00),%g2
-
-! 110 ! {
-! 111 ! a=i32[i];
-! 112 ! d16[2*i]=(double)(a&0xffff);
-! 113 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0018 113 ( 3 4) */ sethi %hi(.L_const_seg_900000401),%o0
-/* 0x001c ( 3 4) */ add %o5,1,%g3
-/* 0x0020 ( 4 5) */ add %g2,1023,%o4
-/* 0x0024 109 ( 4 5) */ or %g0,0,%g1
-/* 0x0028 ( 5 6) */ cmp %g3,3
-/* 0x002c ( 5 6) */ or %g0,%i1,%o7
-/* 0x0030 ( 6 7) */ add %o0,%lo(.L_const_seg_900000401),%o3
-/* 0x0034 ( 6 7) */ or %g0,%i0,%g2
-/* 0x0038 ( 6 7) */ bl,pn %icc,.L77000154 ! tprob=0.44
-/* 0x003c ( 7 8) */ add %o7,4,%o0
-/* 0x0040 112 ( 7 10) */ ldd [%o3],%f0
-/* 0x0044 113 ( 7 8) */ or %g0,1,%g1
-/* 0x0048 111 ( 8 11) */ ld [%o0-4],%o1
-/* 0x004c 0 ( 8 9) */ or %g0,%o0,%o7
-/* 0x0050 112 (10 11) */ and %o1,%o4,%o0
- .L900000406: /* frequency 64.0 confidence 0.0 */
-/* 0x0054 112 (22 23) */ st %o0,[%sp+96]
-/* 0x0058 113 (22 23) */ add %g1,1,%g1
-/* 0x005c (22 23) */ add %g2,16,%g2
-/* 0x0060 (23 23) */ cmp %g1,%o5
-/* 0x0064 (23 24) */ add %o7,4,%o7
-/* 0x0068 112 (29 31) */ ld [%sp+96],%f3
-/* 0x006c ( 0 0) */ fmovs %f0,%f2
-/* 0x0070 (31 34) */ fsubd %f2,%f0,%f2
-/* 0x0074 113 (32 33) */ srl %o1,16,%o0
-/* 0x0078 112 (32 33) */ std %f2,[%g2-16]
-/* 0x007c 113 (33 34) */ st %o0,[%sp+92]
-/* 0x0080 (40 42) */ ld [%sp+92],%f3
-/* 0x0084 111 (41 43) */ ld [%o7-4],%o1
-/* 0x0088 113 ( 0 0) */ fmovs %f0,%f2
-/* 0x008c (42 45) */ fsubd %f2,%f0,%f2
-/* 0x0090 112 (43 44) */ and %o1,%o4,%o0
-/* 0x0094 113 (43 44) */ ble,pt %icc,.L900000406 ! tprob=0.50
-/* 0x0098 (43 44) */ std %f2,[%g2-8]
- .L900000409: /* frequency 8.0 confidence 0.0 */
-/* 0x009c 112 ( 0 1) */ st %o0,[%sp+96]
-/* 0x00a0 ( 0 1) */ fmovs %f0,%f2
-/* 0x00a4 113 ( 0 1) */ add %g2,16,%g2
-/* 0x00a8 ( 1 2) */ srl %o1,16,%o0
-/* 0x00ac 112 ( 4 7) */ ld [%sp+96],%f3
-/* 0x00b0 ( 6 9) */ fsubd %f2,%f0,%f2
-/* 0x00b4 ( 6 7) */ std %f2,[%g2-16]
-/* 0x00b8 113 ( 7 8) */ st %o0,[%sp+92]
-/* 0x00bc (10 11) */ fmovs %f0,%f2
-/* 0x00c0 (11 14) */ ld [%sp+92],%f3
-/* 0x00c4 (13 16) */ fsubd %f2,%f0,%f0
-/* 0x00c8 (13 14) */ std %f0,[%g2-8]
-/* 0x00cc (14 16) */ ret ! Result =
-/* 0x00d0 (16 17) */ restore %g0,%g0,%g0
- .L77000154: /* frequency 0.7 confidence 0.0 */
-/* 0x00d4 111 ( 0 3) */ ld [%o7],%o0
- .L900000410: /* frequency 6.4 confidence 0.0 */
-/* 0x00d8 112 ( 0 1) */ and %o0,%o4,%o1
-/* 0x00dc ( 0 1) */ st %o1,[%sp+96]
-/* 0x00e0 113 ( 0 1) */ add %g1,1,%g1
-/* 0x00e4 112 ( 1 4) */ ldd [%o3],%f0
-/* 0x00e8 113 ( 1 2) */ srl %o0,16,%o0
-/* 0x00ec ( 1 2) */ add %o7,4,%o7
-/* 0x00f0 ( 2 3) */ cmp %g1,%o5
-/* 0x00f4 112 ( 3 4) */ fmovs %f0,%f2
-/* 0x00f8 ( 4 7) */ ld [%sp+96],%f3
-/* 0x00fc ( 6 9) */ fsubd %f2,%f0,%f2
-/* 0x0100 ( 6 7) */ std %f2,[%g2]
-/* 0x0104 113 ( 7 8) */ st %o0,[%sp+92]
-/* 0x0108 (10 11) */ fmovs %f0,%f2
-/* 0x010c (11 14) */ ld [%sp+92],%f3
-/* 0x0110 (13 16) */ fsubd %f2,%f0,%f0
-/* 0x0114 (13 14) */ std %f0,[%g2+8]
-/* 0x0118 (13 14) */ add %g2,16,%g2
-/* 0x011c (13 14) */ ble,a,pt %icc,.L900000410 ! tprob=0.86
-/* 0x0120 (14 17) */ ld [%o7],%o0
- .L77000150: /* frequency 1.0 confidence 0.0 */
-/* 0x0124 ( 0 2) */ ret ! Result =
-/* 0x0128 ( 2 3) */ restore %g0,%g0,%g0
-/* 0x012c 0 ( 0 0) */ .type conv_i32_to_d16,2
-/* 0x012c ( 0 0) */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000501: /* frequency 1.0 confidence 0.0 */
-/* 000000 0 ( 0 0) */ .word 1127219200,0
-/* 0x0008 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_i32_to_d32_and_d16
- conv_i32_to_d32_and_d16: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-104,%sp
-/* 0x0004 ( 1 2) */ or %g0,%i3,%i4
-/* 0x0008 ( 1 2) */ or %g0,%i2,%g1
-
-! 114 ! }
-! 115 !}
-! 118 !void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! 119 ! double * /* 0 */,
-! 120 ! double * /*result16*/, double * /* result32 */,
-! 121 ! float * /*source - should be unsigned int*
-! 122 ! converted to float* */);
-! 126 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
-! 127 ! unsigned int *i32, int len)
-! 128 !{
-! 129 !int i;
-! 130 !unsigned int a;
-! 132 !#pragma pipeloop(0)
-! 133 ! for(i=0;i<len-3;i+=4)
-
-/* 0x000c 133 ( 2 3) */ sub %i4,3,%g2
-/* 0x0010 ( 2 3) */ or %g0,0,%o7
-/* 0x0014 ( 3 4) */ cmp %g2,0
-/* 0x0018 128 ( 3 4) */ or %g0,%i0,%i3
-/* 0x001c 133 ( 3 4) */ ble,pt %icc,.L900000515 ! tprob=0.56
-/* 0x0020 ( 4 5) */ cmp %o7,%i4
-
-! 134 ! {
-! 135 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-! 136 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x0024 136 ( 4 5) */ sethi %hi(Zero),%g2
-/* 0x0028 133 ( 5 6) */ or %g0,%g1,%o3
-/* 0x002c ( 5 6) */ sub %i4,4,%o2
-/* 0x0030 136 ( 6 7) */ add %g2,%lo(Zero),%o1
-/* 0x0034 133 ( 6 7) */ or %g0,0,%o5
-/* 0x0038 ( 7 8) */ or %g0,0,%o4
-/* 0x003c 136 ( 7 8) */ or %g0,%o3,%g4
- .L900000514: /* frequency 6.4 confidence 0.0 */
-/* 0x0040 ( 0 3) */ ldd [%o1],%f2
-/* 0x0044 136 ( 0 1) */ add %i3,%o5,%g2
-/* 0x0048 ( 0 1) */ add %i1,%o4,%g3
-/* 0x004c ( 1 4) */ ldd [%o1-8],%f0
-/* 0x0050 ( 1 2) */ add %o7,4,%o7
-/* 0x0054 ( 1 2) */ add %o3,16,%o3
-/* 0x0058 ( 2 3) */ fmovd %f2,%f14
-/* 0x005c ( 2 5) */ ld [%g4],%f15
-/* 0x0060 ( 2 3) */ cmp %o7,%o2
-/* 0x0064 ( 3 4) */ fmovd %f2,%f10
-/* 0x0068 ( 3 6) */ ld [%g4+4],%f11
-/* 0x006c ( 4 5) */ fmovd %f2,%f6
-/* 0x0070 ( 4 7) */ ld [%g4+8],%f7
-/* 0x0074 ( 5 8) */ ld [%g4+12],%f3
-/* 0x0078 ( 5 8) */ fxtod %f14,%f14
-/* 0x007c ( 6 9) */ fxtod %f10,%f10
-/* 0x0080 ( 6 9) */ ldd [%o1-16],%f16
-/* 0x0084 ( 7 10) */ fxtod %f6,%f6
-/* 0x0088 ( 7 8) */ std %f14,[%i3+%o5]
-/* 0x008c ( 7 8) */ add %o5,32,%o5
-/* 0x0090 ( 8 11) */ fxtod %f2,%f2
-/* 0x0094 ( 8 11) */ fmuld %f0,%f14,%f12
-/* 0x0098 ( 8 9) */ std %f10,[%g2+8]
-/* 0x009c ( 9 12) */ fmuld %f0,%f10,%f8
-/* 0x00a0 ( 9 10) */ std %f6,[%g2+16]
-/* 0x00a4 (10 13) */ fmuld %f0,%f6,%f4
-/* 0x00a8 (10 11) */ std %f2,[%g2+24]
-/* 0x00ac (11 14) */ fmuld %f0,%f2,%f0
-/* 0x00b0 (11 14) */ fdtox %f12,%f12
-/* 0x00b4 (12 15) */ fdtox %f8,%f8
-/* 0x00b8 (13 16) */ fdtox %f4,%f4
-/* 0x00bc (14 17) */ fdtox %f0,%f0
-/* 0x00c0 (15 18) */ fxtod %f12,%f12
-/* 0x00c4 (15 16) */ std %f12,[%g3+8]
-/* 0x00c8 (16 19) */ fxtod %f8,%f8
-/* 0x00cc (16 17) */ std %f8,[%g3+24]
-/* 0x00d0 (17 20) */ fxtod %f4,%f4
-/* 0x00d4 (17 18) */ std %f4,[%g3+40]
-/* 0x00d8 (18 21) */ fxtod %f0,%f0
-/* 0x00dc (18 21) */ fmuld %f12,%f16,%f12
-/* 0x00e0 (18 19) */ std %f0,[%g3+56]
-/* 0x00e4 (19 22) */ fmuld %f8,%f16,%f8
-/* 0x00e8 (20 23) */ fmuld %f4,%f16,%f4
-/* 0x00ec (21 24) */ fmuld %f0,%f16,%f0
-/* 0x00f0 (21 24) */ fsubd %f14,%f12,%f12
-/* 0x00f4 (21 22) */ std %f12,[%i1+%o4]
-/* 0x00f8 (22 25) */ fsubd %f10,%f8,%f8
-/* 0x00fc (22 23) */ std %f8,[%g3+16]
-/* 0x0100 (22 23) */ add %o4,64,%o4
-/* 0x0104 (23 26) */ fsubd %f6,%f4,%f4
-/* 0x0108 (23 24) */ std %f4,[%g3+32]
-/* 0x010c (24 27) */ fsubd %f2,%f0,%f0
-/* 0x0110 (24 25) */ std %f0,[%g3+48]
-/* 0x0114 (24 25) */ ble,pt %icc,.L900000514 ! tprob=0.86
-/* 0x0118 (25 26) */ or %g0,%o3,%g4
- .L77000159: /* frequency 1.0 confidence 0.0 */
-
-! 137 ! }
-! 138 ! for(;i<len;i++)
-
-/* 0x011c 138 ( 0 1) */ cmp %o7,%i4
- .L900000515: /* frequency 1.0 confidence 0.0 */
-/* 0x0120 138 ( 0 1) */ bge,pt %icc,.L77000164 ! tprob=0.56
-/* 0x0124 ( 0 1) */ nop
-
-! 139 ! {
-! 140 ! a=i32[i];
-! 141 ! d32[i]=(double)(i32[i]);
-! 142 ! d16[2*i]=(double)(a&0xffff);
-! 143 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0128 143 ( 0 1) */ sethi %hi(.L_const_seg_900000501),%o1
-/* 0x012c 138 ( 1 2) */ sethi %hi(0xfc00),%o0
-/* 0x0130 141 ( 1 4) */ ldd [%o1+%lo(.L_const_seg_900000501)],%f0
-/* 0x0134 138 ( 1 2) */ sub %i4,%o7,%g3
-/* 0x0138 ( 2 3) */ sll %o7,2,%g2
-/* 0x013c ( 2 3) */ add %o0,1023,%o3
-/* 0x0140 ( 3 4) */ sll %o7,3,%g4
-/* 0x0144 ( 3 4) */ cmp %g3,3
-/* 0x0148 ( 4 5) */ add %g1,%g2,%o0
-/* 0x014c ( 4 5) */ add %o1,%lo(.L_const_seg_900000501),%o2
-/* 0x0150 ( 5 6) */ add %i3,%g4,%o4
-/* 0x0154 ( 5 6) */ sub %i4,1,%o1
-/* 0x0158 ( 6 7) */ sll %o7,4,%g5
-/* 0x015c ( 6 7) */ bl,pn %icc,.L77000161 ! tprob=0.44
-/* 0x0160 ( 7 8) */ add %i1,%g5,%o5
-/* 0x0164 141 ( 7 10) */ ld [%g1+%g2],%f3
-/* 0x0168 143 ( 7 8) */ add %o4,8,%o4
-/* 0x016c 140 ( 8 11) */ ld [%g1+%g2],%g1
-/* 0x0170 143 ( 8 9) */ add %o5,16,%o5
-/* 0x0174 ( 8 9) */ add %o7,1,%o7
-/* 0x0178 141 ( 9 10) */ fmovs %f0,%f2
-/* 0x017c 143 ( 9 10) */ add %o0,4,%o0
-/* 0x0180 142 (10 11) */ and %g1,%o3,%g2
-/* 0x0184 141 (11 14) */ fsubd %f2,%f0,%f2
-/* 0x0188 (11 12) */ std %f2,[%o4-8]
-/* 0x018c 143 (11 12) */ srl %g1,16,%g1
-/* 0x0190 142 (12 13) */ st %g2,[%sp+96]
-/* 0x0194 (15 16) */ fmovs %f0,%f2
-/* 0x0198 (16 19) */ ld [%sp+96],%f3
-/* 0x019c (18 21) */ fsubd %f2,%f0,%f2
-/* 0x01a0 (18 19) */ std %f2,[%o5-16]
-/* 0x01a4 143 (19 20) */ st %g1,[%sp+92]
-/* 0x01a8 (22 23) */ fmovs %f0,%f2
-/* 0x01ac (23 26) */ ld [%sp+92],%f3
-/* 0x01b0 (25 28) */ fsubd %f2,%f0,%f2
-/* 0x01b4 (25 26) */ std %f2,[%o5-8]
- .L900000509: /* frequency 64.0 confidence 0.0 */
-/* 0x01b8 141 (26 28) */ ld [%o0],%f3
-/* 0x01bc 143 (26 27) */ add %o7,2,%o7
-/* 0x01c0 (26 27) */ add %o5,32,%o5
-/* 0x01c4 140 (27 29) */ ld [%o0],%g1
-/* 0x01c8 143 (27 27) */ cmp %o7,%o1
-/* 0x01cc (27 28) */ add %o4,16,%o4
-/* 0x01d0 141 ( 0 0) */ fmovs %f0,%f2
-/* 0x01d4 (28 31) */ fsubd %f2,%f0,%f2
-/* 0x01d8 (29 30) */ std %f2,[%o4-16]
-/* 0x01dc 142 (29 30) */ and %g1,%o3,%g2
-/* 0x01e0 (30 31) */ st %g2,[%sp+96]
-/* 0x01e4 (37 39) */ ld [%sp+96],%f3
-/* 0x01e8 ( 0 0) */ fmovs %f0,%f2
-/* 0x01ec (39 42) */ fsubd %f2,%f0,%f2
-/* 0x01f0 143 (40 41) */ srl %g1,16,%g1
-/* 0x01f4 142 (40 41) */ std %f2,[%o5-32]
-/* 0x01f8 143 (41 42) */ st %g1,[%sp+92]
-/* 0x01fc (48 50) */ ld [%sp+92],%f3
-/* 0x0200 ( 0 0) */ fmovs %f0,%f2
-/* 0x0204 (50 53) */ fsubd %f2,%f0,%f2
-/* 0x0208 (51 52) */ std %f2,[%o5-24]
-/* 0x020c (51 52) */ add %o0,4,%o0
-/* 0x0210 141 (52 54) */ ld [%o0],%f3
-/* 0x0214 140 (53 55) */ ld [%o0],%g1
-/* 0x0218 141 ( 0 0) */ fmovs %f0,%f2
-/* 0x021c (54 57) */ fsubd %f2,%f0,%f2
-/* 0x0220 (55 56) */ std %f2,[%o4-8]
-/* 0x0224 142 (55 56) */ and %g1,%o3,%g2
-/* 0x0228 (56 57) */ st %g2,[%sp+96]
-/* 0x022c (63 65) */ ld [%sp+96],%f3
-/* 0x0230 ( 0 0) */ fmovs %f0,%f2
-/* 0x0234 (65 68) */ fsubd %f2,%f0,%f2
-/* 0x0238 143 (66 67) */ srl %g1,16,%g1
-/* 0x023c 142 (66 67) */ std %f2,[%o5-16]
-/* 0x0240 143 (67 68) */ st %g1,[%sp+92]
-/* 0x0244 (74 76) */ ld [%sp+92],%f3
-/* 0x0248 ( 0 0) */ fmovs %f0,%f2
-/* 0x024c (76 79) */ fsubd %f2,%f0,%f2
-/* 0x0250 (77 78) */ std %f2,[%o5-8]
-/* 0x0254 (77 78) */ bl,pt %icc,.L900000509 ! tprob=0.50
-/* 0x0258 (77 78) */ add %o0,4,%o0
- .L900000512: /* frequency 8.0 confidence 0.0 */
-/* 0x025c 143 ( 0 1) */ cmp %o7,%i4
-/* 0x0260 ( 0 1) */ bge,pn %icc,.L77000164 ! tprob=0.14
-/* 0x0264 ( 0 1) */ nop
- .L77000161: /* frequency 0.7 confidence 0.0 */
-/* 0x0268 141 ( 0 3) */ ld [%o0],%f3
- .L900000513: /* frequency 6.4 confidence 0.0 */
-/* 0x026c 141 ( 0 3) */ ldd [%o2],%f0
-/* 0x0270 143 ( 0 1) */ add %o7,1,%o7
-/* 0x0274 140 ( 1 4) */ ld [%o0],%o1
-/* 0x0278 143 ( 1 2) */ add %o0,4,%o0
-/* 0x027c ( 1 2) */ cmp %o7,%i4
-/* 0x0280 141 ( 2 3) */ fmovs %f0,%f2
-/* 0x0284 142 ( 3 4) */ and %o1,%o3,%g1
-/* 0x0288 141 ( 4 7) */ fsubd %f2,%f0,%f2
-/* 0x028c ( 4 5) */ std %f2,[%o4]
-/* 0x0290 143 ( 4 5) */ srl %o1,16,%o1
-/* 0x0294 142 ( 5 6) */ st %g1,[%sp+96]
-/* 0x0298 143 ( 5 6) */ add %o4,8,%o4
-/* 0x029c 142 ( 8 9) */ fmovs %f0,%f2
-/* 0x02a0 ( 9 12) */ ld [%sp+96],%f3
-/* 0x02a4 (11 14) */ fsubd %f2,%f0,%f2
-/* 0x02a8 (11 12) */ std %f2,[%o5]
-/* 0x02ac 143 (12 13) */ st %o1,[%sp+92]
-/* 0x02b0 (15 16) */ fmovs %f0,%f2
-/* 0x02b4 (16 19) */ ld [%sp+92],%f3
-/* 0x02b8 (18 21) */ fsubd %f2,%f0,%f0
-/* 0x02bc (18 19) */ std %f0,[%o5+8]
-/* 0x02c0 (18 19) */ add %o5,16,%o5
-/* 0x02c4 (18 19) */ bl,a,pt %icc,.L900000513 ! tprob=0.86
-/* 0x02c8 (19 22) */ ld [%o0],%f3
- .L77000164: /* frequency 1.0 confidence 0.0 */
-/* 0x02cc ( 0 2) */ ret ! Result =
-/* 0x02d0 ( 2 3) */ restore %g0,%g0,%g0
-/* 0x02d4 0 ( 0 0) */ .type conv_i32_to_d32_and_d16,2
-/* 0x02d4 ( 0 0) */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global adjust_montf_result
- adjust_montf_result: /* frequency 1.0 confidence 0.0 */
-
-! 144 ! }
-! 145 !}
-! 148 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-! 149 !{
-! 150 !long long acc;
-! 151 !int i;
-! 153 ! if(i32[len]>0) i=-1;
-
-/* 000000 153 ( 0 1) */ sll %o2,2,%g1
-/* 0x0004 ( 0 1) */ or %g0,-1,%g3
-/* 0x0008 ( 1 4) */ ld [%o0+%g1],%g1
-/* 0x000c ( 3 4) */ cmp %g1,0
-/* 0x0010 ( 3 4) */ bleu,pn %icc,.L77000175 ! tprob=0.50
-/* 0x0014 ( 3 4) */ or %g0,%o1,%o3
-/* 0x0018 ( 4 5) */ ba .L900000611 ! tprob=1.00
-/* 0x001c ( 4 5) */ cmp %g3,0
- .L77000175: /* frequency 0.8 confidence 0.0 */
-
-! 154 ! else
-! 155 ! {
-! 156 ! for(i=len-1; i>=0; i++)
-
-/* 0x0020 156 ( 0 1) */ subcc %o2,1,%g3
-/* 0x0024 ( 0 1) */ bneg,pt %icc,.L900000611 ! tprob=0.60
-/* 0x0028 ( 1 2) */ cmp %g3,0
-/* 0x002c ( 1 2) */ sll %g3,2,%g1
-/* 0x0030 ( 2 3) */ add %o0,%g1,%g2
-/* 0x0034 ( 2 3) */ add %o1,%g1,%g1
-
-! 157 ! {
-! 158 ! if(i32[i]!=nint[i]) break;
-
-/* 0x0038 158 ( 3 6) */ ld [%g1],%g5
- .L900000610: /* frequency 5.3 confidence 0.0 */
-/* 0x003c 158 ( 0 3) */ ld [%g2],%o5
-/* 0x0040 ( 0 1) */ add %g1,4,%g1
-/* 0x0044 ( 0 1) */ add %g2,4,%g2
-/* 0x0048 ( 2 3) */ cmp %o5,%g5
-/* 0x004c ( 2 3) */ bne,pn %icc,.L77000182 ! tprob=0.16
-/* 0x0050 ( 2 3) */ nop
-/* 0x0054 ( 3 4) */ addcc %g3,1,%g3
-/* 0x0058 ( 3 4) */ bpos,a,pt %icc,.L900000610 ! tprob=0.84
-/* 0x005c ( 3 6) */ ld [%g1],%g5
- .L77000182: /* frequency 1.0 confidence 0.0 */
-
-! 159 ! }
-! 160 ! }
-! 161 ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x0060 161 ( 0 1) */ cmp %g3,0
- .L900000611: /* frequency 1.0 confidence 0.0 */
-/* 0x0064 161 ( 0 1) */ bl,pn %icc,.L77000198 ! tprob=0.50
-/* 0x0068 ( 0 1) */ sll %g3,2,%g2
-/* 0x006c ( 1 4) */ ld [%o1+%g2],%g1
-/* 0x0070 ( 2 5) */ ld [%o0+%g2],%g2
-/* 0x0074 ( 4 5) */ cmp %g2,%g1
-/* 0x0078 ( 4 5) */ bleu,pt %icc,.L77000191 ! tprob=0.56
-/* 0x007c ( 4 5) */ nop
- .L77000198: /* frequency 0.8 confidence 0.0 */
-
-! 162 ! {
-! 163 ! acc=0;
-! 164 ! for(i=0;i<len;i++)
-
-/* 0x0080 164 ( 0 1) */ cmp %o2,0
-/* 0x0084 ( 0 1) */ ble,pt %icc,.L77000191 ! tprob=0.60
-/* 0x0088 ( 0 1) */ nop
-/* 0x008c 161 ( 1 2) */ or %g0,-1,%g2
-/* 0x0090 ( 1 2) */ sub %o2,1,%g4
-/* 0x0094 ( 2 3) */ srl %g2,0,%g3
-/* 0x0098 163 ( 2 3) */ or %g0,0,%g5
-/* 0x009c 164 ( 3 4) */ or %g0,0,%o5
-/* 0x00a0 161 ( 3 4) */ or %g0,%o0,%o4
-/* 0x00a4 ( 4 5) */ cmp %o2,3
-/* 0x00a8 ( 4 5) */ add %o1,4,%g2
-/* 0x00ac 164 ( 4 5) */ bl,pn %icc,.L77000199 ! tprob=0.40
-/* 0x00b0 ( 5 6) */ add %o0,8,%g1
-
-! 165 ! {
-! 166 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00b4 166 ( 5 8) */ ld [%o0],%o2
-/* 0x00b8 0 ( 5 6) */ or %g0,%g2,%o3
-/* 0x00bc 166 ( 6 9) */ ld [%o1],%o1
-/* 0x00c0 0 ( 6 7) */ or %g0,%g1,%o4
-
-! 167 ! i32[i]=acc&0xffffffff;
-! 168 ! acc=acc>>32;
-
-/* 0x00c4 168 ( 6 7) */ or %g0,2,%o5
-/* 0x00c8 166 ( 7 10) */ ld [%o0+4],%g1
-/* 0x00cc 164 ( 8 9) */ sub %o2,%o1,%o2
-/* 0x00d0 ( 9 10) */ or %g0,%o2,%g5
-/* 0x00d4 167 ( 9 10) */ and %o2,%g3,%o2
-/* 0x00d8 ( 9 10) */ st %o2,[%o0]
-/* 0x00dc 168 (10 11) */ srax %g5,32,%g5
- .L900000605: /* frequency 64.0 confidence 0.0 */
-/* 0x00e0 166 (12 20) */ ld [%o3],%o2
-/* 0x00e4 168 (12 13) */ add %o5,1,%o5
-/* 0x00e8 (12 13) */ add %o3,4,%o3
-/* 0x00ec (13 13) */ cmp %o5,%g4
-/* 0x00f0 (13 14) */ add %o4,4,%o4
-/* 0x00f4 164 (14 14) */ sub %g1,%o2,%g1
-/* 0x00f8 (15 15) */ add %g1,%g5,%g5
-/* 0x00fc 167 (16 17) */ and %g5,%g3,%o2
-/* 0x0100 166 (16 24) */ ld [%o4-4],%g1
-/* 0x0104 167 (17 18) */ st %o2,[%o4-8]
-/* 0x0108 168 (17 18) */ ble,pt %icc,.L900000605 ! tprob=0.50
-/* 0x010c (17 18) */ srax %g5,32,%g5
- .L900000608: /* frequency 8.0 confidence 0.0 */
-/* 0x0110 166 ( 0 3) */ ld [%o3],%g2
-/* 0x0114 164 ( 2 3) */ sub %g1,%g2,%g1
-/* 0x0118 ( 3 4) */ add %g1,%g5,%g1
-/* 0x011c 167 ( 4 5) */ and %g1,%g3,%g2
-/* 0x0120 ( 5 7) */ retl ! Result =
-/* 0x0124 ( 6 7) */ st %g2,[%o4-4]
- .L77000199: /* frequency 0.6 confidence 0.0 */
-/* 0x0128 166 ( 0 3) */ ld [%o4],%g1
- .L900000609: /* frequency 5.3 confidence 0.0 */
-/* 0x012c 166 ( 0 3) */ ld [%o3],%g2
-/* 0x0130 ( 0 1) */ add %g5,%g1,%g1
-/* 0x0134 168 ( 0 1) */ add %o5,1,%o5
-/* 0x0138 ( 1 2) */ add %o3,4,%o3
-/* 0x013c ( 1 2) */ cmp %o5,%g4
-/* 0x0140 166 ( 2 3) */ sub %g1,%g2,%g1
-/* 0x0144 167 ( 3 4) */ and %g1,%g3,%g2
-/* 0x0148 ( 3 4) */ st %g2,[%o4]
-/* 0x014c 168 ( 3 4) */ add %o4,4,%o4
-/* 0x0150 ( 4 5) */ srax %g1,32,%g5
-/* 0x0154 ( 4 5) */ ble,a,pt %icc,.L900000609 ! tprob=0.84
-/* 0x0158 ( 4 7) */ ld [%o4],%g1
- .L77000191: /* frequency 1.0 confidence 0.0 */
-/* 0x015c ( 0 2) */ retl ! Result =
-/* 0x0160 ( 1 2) */ nop
-/* 0x0164 0 ( 0 0) */ .type adjust_montf_result,2
-/* 0x0164 ( 0 0) */ .size adjust_montf_result,(.-adjust_montf_result)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 32
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global mont_mulf_noconv
- mont_mulf_noconv: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-144,%sp
-/* 0x0004 ( 1 2) */ st %i0,[%fp+68]
-
-! 169 ! }
-! 170 ! }
-! 171 !}
-! 175 !void cleanup(double *dt, int from, int tlen);
-! 177 !/*
-! 178 !** the lengths of the input arrays should be at least the following:
-! 179 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-! 180 !** all of them should be different from one another
-! 181 !**
-! 182 !*/
-! 183 !void mont_mulf_noconv(unsigned int *result,
-! 184 ! double *dm1, double *dm2, double *dt,
-! 185 ! double *dn, unsigned int *nint,
-! 186 ! int nlen, double dn0)
-! 187 !{
-! 188 ! int i, j, jj;
-! 189 ! int tmp;
-! 190 ! double digit, m2j, nextm2j, a, b;
-! 191 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-! 193 ! pdm1=&(dm1[0]);
-! 194 ! pdm2=&(dm2[0]);
-! 195 ! pdn=&(dn[0]);
-! 196 ! pdm2[2*nlen]=Zero;
-
-/* 0x0008 196 ( 1 2) */ sethi %hi(Zero),%g2
-/* 0x000c 187 ( 1 2) */ or %g0,%i2,%o1
-/* 0x0010 ( 2 3) */ st %i5,[%fp+88]
-/* 0x0014 ( 2 3) */ or %g0,%i3,%o2
-/* 0x0018 196 ( 2 3) */ add %g2,%lo(Zero),%g4
-/* 0x001c ( 3 6) */ ldd [%g2+%lo(Zero)],%f2
-/* 0x0020 187 ( 3 4) */ or %g0,%o2,%g5
-/* 0x0024 196 ( 3 4) */ or %g0,%o1,%i0
-/* 0x0028 187 ( 4 5) */ or %g0,%i4,%i2
-
-! 198 ! if (nlen!=16)
-! 199 ! {
-! 200 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-! 202 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 203 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 205 ! pdtj=&(dt[0]);
-! 206 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-! 207 ! {
-! 208 ! m2j=pdm2[j];
-! 209 ! a=pdtj[0]+pdn[0]*digit;
-! 210 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-! 211 ! pdtj[1]=b;
-! 213 !#pragma pipeloop(0)
-! 214 ! for(i=1;i<nlen;i++)
-! 215 ! {
-! 216 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 217 ! }
-! 218 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-! 219 !
-! 220 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 221 ! }
-! 222 ! }
-! 223 ! else
-! 224 ! {
-! 225 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 227 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
-! 228 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
-! 229 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
-! 230 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
-! 231 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
-! 232 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
-! 233 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
-! 234 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
-! 235 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
-! 236 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
-! 237 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-! 239 ! pdn_0=pdn[0];
-! 240 ! pdm1_0=pdm1[0];
-! 242 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 243 ! pdtj=&(dt[0]);
-! 245 ! for(j=0;j<32;j++,pdtj++)
-! 246 ! {
-! 248 ! m2j=pdm2[j];
-! 249 ! a=pdtj[0]+pdn_0*digit;
-! 250 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-! 251 ! pdtj[1]=b;
-! 253 ! /**** this loop will be fully unrolled:
-! 254 ! for(i=1;i<16;i++)
-! 255 ! {
-! 256 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 257 ! }
-! 258 ! *************************************/
-! 259 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-! 260 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-! 261 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-! 262 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-! 263 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-! 264 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-! 265 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-! 266 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-! 267 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-! 268 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-! 269 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-! 270 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-! 271 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-! 272 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-! 273 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-! 274 ! /* no need for cleenup, cannot overflow */
-! 275 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 276 ! }
-! 277 ! }
-! 279 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-! 281 ! adjust_montf_result(result,nint,nlen);
-
-/* 0x002c 281 ( 4 5) */ or %g0,1,%o4
-/* 0x0030 187 ( 6 9) */ ldd [%fp+96],%f0
-/* 0x0034 196 ( 7 10) */ ld [%fp+92],%o0
-/* 0x0038 187 ( 8 9) */ fmovd %f0,%f16
-/* 0x003c 196 ( 9 10) */ sll %o0,4,%g2
-/* 0x0040 ( 9 10) */ or %g0,%o0,%g1
-/* 0x0044 198 (10 11) */ cmp %o0,16
-/* 0x0048 (10 11) */ be,pn %icc,.L77000289 ! tprob=0.50
-/* 0x004c (10 11) */ std %f2,[%o1+%g2]
-/* 0x0050 200 (11 12) */ sll %o0,2,%g2
-/* 0x0054 (11 14) */ ldd [%g4],%f2
-/* 0x0058 (12 13) */ add %g2,2,%o1
-/* 0x005c (12 13) */ add %g2,1,%o3
-/* 0x0060 196 (13 14) */ sll %o0,1,%o7
-/* 0x0064 200 (13 14) */ cmp %o1,0
-/* 0x0068 (13 14) */ ble,a,pt %icc,.L900000755 ! tprob=0.55
-/* 0x006c (14 17) */ ldd [%i1],%f0
-/* 0x0070 (14 15) */ cmp %o1,3
-/* 0x0074 281 (14 15) */ or %g0,1,%o1
-/* 0x0078 (14 15) */ bl,pn %icc,.L77000279 ! tprob=0.40
-/* 0x007c (15 16) */ add %o2,8,%o0
-/* 0x0080 (15 16) */ std %f2,[%g5]
-/* 0x0084 0 (16 17) */ or %g0,%o0,%o2
- .L900000726: /* frequency 64.0 confidence 0.0 */
-/* 0x0088 ( 3 5) */ ldd [%g4],%f0
-/* 0x008c ( 3 4) */ add %o4,1,%o4
-/* 0x0090 ( 3 4) */ add %o2,8,%o2
-/* 0x0094 ( 4 4) */ cmp %o4,%o3
-/* 0x0098 ( 5 6) */ ble,pt %icc,.L900000726 ! tprob=0.50
-/* 0x009c ( 5 6) */ std %f0,[%o2-8]
- .L900000729: /* frequency 8.0 confidence 0.0 */
-/* 0x00a0 ( 0 1) */ ba .L900000755 ! tprob=1.00
-/* 0x00a4 ( 0 3) */ ldd [%i1],%f0
- .L77000279: /* frequency 0.6 confidence 0.0 */
-/* 0x00a8 ( 0 1) */ std %f2,[%o2]
- .L900000754: /* frequency 5.3 confidence 0.0 */
-/* 0x00ac ( 0 3) */ ldd [%g4],%f2
-/* 0x00b0 ( 0 1) */ cmp %o1,%o3
-/* 0x00b4 ( 0 1) */ add %o2,8,%o2
-/* 0x00b8 ( 1 2) */ add %o1,1,%o1
-/* 0x00bc ( 1 2) */ ble,a,pt %icc,.L900000754 ! tprob=0.87
-/* 0x00c0 ( 3 4) */ std %f2,[%o2]
- .L77000284: /* frequency 0.8 confidence 0.0 */
-/* 0x00c4 202 ( 0 3) */ ldd [%i1],%f0
- .L900000755: /* frequency 0.8 confidence 0.0 */
-/* 0x00c8 202 ( 0 3) */ ldd [%i0],%f2
-/* 0x00cc ( 0 1) */ add %o7,1,%o2
-/* 0x00d0 206 ( 0 1) */ cmp %o7,0
-/* 0x00d4 ( 1 2) */ sll %o2,1,%o0
-/* 0x00d8 ( 1 2) */ sub %o7,1,%o1
-/* 0x00dc 202 ( 2 5) */ fmuld %f0,%f2,%f0
-/* 0x00e0 ( 2 3) */ std %f0,[%g5]
-/* 0x00e4 ( 2 3) */ sub %g1,1,%o7
-/* 0x00e8 ( 3 6) */ ldd [%g4],%f6
-/* 0x00ec 0 ( 3 4) */ or %g0,%o7,%g3
-/* 0x00f0 ( 3 4) */ or %g0,0,%l0
-/* 0x00f4 ( 4 7) */ ldd [%g4-8],%f2
-/* 0x00f8 ( 4 5) */ or %g0,0,%i5
-/* 0x00fc ( 4 5) */ or %g0,%o1,%o5
-/* 0x0100 ( 5 8) */ fdtox %f0,%f0
-/* 0x0104 ( 5 8) */ ldd [%g4-16],%f4
-/* 0x0108 ( 5 6) */ or %g0,%o0,%o3
-/* 0x010c 210 ( 6 7) */ add %i0,8,%o4
-/* 0x0110 ( 6 7) */ or %g0,0,%i4
-/* 0x0114 ( 9 10) */ fmovs %f6,%f0
-/* 0x0118 (11 14) */ fxtod %f0,%f0
-/* 0x011c 203 (14 17) */ fmuld %f0,%f16,%f0
-/* 0x0120 (17 20) */ fmuld %f0,%f2,%f2
-/* 0x0124 (20 23) */ fdtox %f2,%f2
-/* 0x0128 (23 26) */ fxtod %f2,%f2
-/* 0x012c (26 29) */ fmuld %f2,%f4,%f2
-/* 0x0130 (29 32) */ fsubd %f0,%f2,%f22
-/* 0x0134 206 (29 30) */ ble,pt %icc,.L900000748 ! tprob=0.60
-/* 0x0138 (29 30) */ sll %g1,4,%g2
-/* 0x013c 210 (30 33) */ ldd [%i2],%f0
- .L900000749: /* frequency 5.3 confidence 0.0 */
-/* 0x0140 210 ( 0 3) */ fmuld %f0,%f22,%f8
-/* 0x0144 ( 0 3) */ ldd [%i1],%f0
-/* 0x0148 214 ( 0 1) */ cmp %g1,1
-/* 0x014c 210 ( 1 4) */ ldd [%o4+%i4],%f6
-/* 0x0150 ( 1 2) */ add %i1,8,%o0
-/* 0x0154 214 ( 1 2) */ or %g0,1,%o1
-/* 0x0158 210 ( 2 5) */ ldd [%i3],%f2
-/* 0x015c ( 2 3) */ add %i3,16,%l1
-/* 0x0160 ( 3 6) */ fmuld %f0,%f6,%f6
-/* 0x0164 ( 3 6) */ ldd [%g4-8],%f4
-/* 0x0168 ( 4 7) */ faddd %f2,%f8,%f2
-/* 0x016c ( 4 7) */ ldd [%i3+8],%f0
-/* 0x0170 208 ( 5 8) */ ldd [%i0+%i4],%f20
-/* 0x0174 210 ( 6 9) */ faddd %f0,%f6,%f0
-/* 0x0178 ( 7 10) */ fmuld %f2,%f4,%f2
-/* 0x017c (10 13) */ faddd %f0,%f2,%f18
-/* 0x0180 211 (10 11) */ std %f18,[%i3+8]
-/* 0x0184 214 (10 11) */ ble,pt %icc,.L900000753 ! tprob=0.54
-/* 0x0188 (11 12) */ srl %i5,31,%g2
-/* 0x018c (11 12) */ cmp %g3,7
-/* 0x0190 210 (12 13) */ add %i2,8,%g2
-/* 0x0194 214 (12 13) */ bl,pn %icc,.L77000281 ! tprob=0.36
-/* 0x0198 (13 14) */ add %g2,24,%o2
-/* 0x019c 216 (13 16) */ ldd [%o0+16],%f14
-/* 0x01a0 (13 14) */ add %i3,48,%l1
-/* 0x01a4 (14 17) */ ldd [%o0+24],%f12
-/* 0x01a8 0 (14 15) */ or %g0,%o2,%g2
-/* 0x01ac 214 (14 15) */ sub %g1,3,%o2
-/* 0x01b0 216 (15 18) */ ldd [%o0],%f2
-/* 0x01b4 (15 16) */ or %g0,5,%o1
-/* 0x01b8 (16 19) */ ldd [%g2-24],%f0
-/* 0x01bc (17 20) */ ldd [%o0+8],%f6
-/* 0x01c0 (17 20) */ fmuld %f2,%f20,%f2
-/* 0x01c4 (17 18) */ add %o0,32,%o0
-/* 0x01c8 (18 21) */ ldd [%g2-16],%f8
-/* 0x01cc (18 21) */ fmuld %f0,%f22,%f4
-/* 0x01d0 (19 22) */ ldd [%i3+16],%f0
-/* 0x01d4 (19 22) */ fmuld %f6,%f20,%f10
-/* 0x01d8 (20 23) */ ldd [%g2-8],%f6
-/* 0x01dc (21 24) */ faddd %f2,%f4,%f4
-/* 0x01e0 (21 24) */ ldd [%i3+32],%f2
- .L900000738: /* frequency 512.0 confidence 0.0 */
-/* 0x01e4 216 (16 24) */ ldd [%g2],%f24
-/* 0x01e8 (16 17) */ add %o1,3,%o1
-/* 0x01ec (16 17) */ add %g2,24,%g2
-/* 0x01f0 (16 19) */ fmuld %f8,%f22,%f8
-/* 0x01f4 (17 25) */ ldd [%l1],%f28
-/* 0x01f8 (17 17) */ cmp %o1,%o2
-/* 0x01fc (17 18) */ add %o0,24,%o0
-/* 0x0200 (18 26) */ ldd [%o0-24],%f26
-/* 0x0204 (18 21) */ faddd %f0,%f4,%f0
-/* 0x0208 (18 19) */ add %l1,48,%l1
-/* 0x020c (19 22) */ faddd %f10,%f8,%f10
-/* 0x0210 (19 22) */ fmuld %f14,%f20,%f4
-/* 0x0214 (19 20) */ std %f0,[%l1-80]
-/* 0x0218 (20 28) */ ldd [%g2-16],%f8
-/* 0x021c (20 23) */ fmuld %f6,%f22,%f6
-/* 0x0220 (21 29) */ ldd [%l1-32],%f0
-/* 0x0224 (22 30) */ ldd [%o0-16],%f14
-/* 0x0228 (22 25) */ faddd %f2,%f10,%f2
-/* 0x022c (23 26) */ faddd %f4,%f6,%f10
-/* 0x0230 (23 26) */ fmuld %f12,%f20,%f4
-/* 0x0234 (23 24) */ std %f2,[%l1-64]
-/* 0x0238 (24 32) */ ldd [%g2-8],%f6
-/* 0x023c (24 27) */ fmuld %f24,%f22,%f24
-/* 0x0240 (25 33) */ ldd [%l1-16],%f2
-/* 0x0244 (26 34) */ ldd [%o0-8],%f12
-/* 0x0248 (26 29) */ faddd %f28,%f10,%f10
-/* 0x024c (27 28) */ std %f10,[%l1-48]
-/* 0x0250 (27 30) */ fmuld %f26,%f20,%f10
-/* 0x0254 (27 28) */ ble,pt %icc,.L900000738 ! tprob=0.50
-/* 0x0258 (27 30) */ faddd %f4,%f24,%f4
- .L900000741: /* frequency 64.0 confidence 0.0 */
-/* 0x025c 216 ( 0 3) */ fmuld %f8,%f22,%f28
-/* 0x0260 ( 0 3) */ ldd [%g2],%f24
-/* 0x0264 ( 0 3) */ faddd %f0,%f4,%f26
-/* 0x0268 ( 1 4) */ fmuld %f12,%f20,%f8
-/* 0x026c ( 1 2) */ add %l1,32,%l1
-/* 0x0270 ( 1 2) */ cmp %o1,%g3
-/* 0x0274 ( 2 5) */ fmuld %f14,%f20,%f14
-/* 0x0278 ( 2 5) */ ldd [%l1-32],%f4
-/* 0x027c ( 2 3) */ add %g2,8,%g2
-/* 0x0280 ( 3 6) */ faddd %f10,%f28,%f12
-/* 0x0284 ( 3 6) */ fmuld %f6,%f22,%f6
-/* 0x0288 ( 3 6) */ ldd [%l1-16],%f0
-/* 0x028c ( 4 7) */ fmuld %f24,%f22,%f10
-/* 0x0290 ( 4 5) */ std %f26,[%l1-64]
-/* 0x0294 ( 6 9) */ faddd %f2,%f12,%f2
-/* 0x0298 ( 6 7) */ std %f2,[%l1-48]
-/* 0x029c ( 7 10) */ faddd %f14,%f6,%f6
-/* 0x02a0 ( 8 11) */ faddd %f8,%f10,%f2
-/* 0x02a4 (10 13) */ faddd %f4,%f6,%f4
-/* 0x02a8 (10 11) */ std %f4,[%l1-32]
-/* 0x02ac (11 14) */ faddd %f0,%f2,%f0
-/* 0x02b0 (11 12) */ bg,pn %icc,.L77000213 ! tprob=0.13
-/* 0x02b4 (11 12) */ std %f0,[%l1-16]
- .L77000281: /* frequency 4.0 confidence 0.0 */
-/* 0x02b8 216 ( 0 3) */ ldd [%o0],%f0
- .L900000752: /* frequency 36.6 confidence 0.0 */
-/* 0x02bc 216 ( 0 3) */ ldd [%g2],%f4
-/* 0x02c0 ( 0 3) */ fmuld %f0,%f20,%f2
-/* 0x02c4 ( 0 1) */ add %o1,1,%o1
-/* 0x02c8 ( 1 4) */ ldd [%l1],%f0
-/* 0x02cc ( 1 2) */ add %o0,8,%o0
-/* 0x02d0 ( 1 2) */ add %g2,8,%g2
-/* 0x02d4 ( 2 5) */ fmuld %f4,%f22,%f4
-/* 0x02d8 ( 2 3) */ cmp %o1,%g3
-/* 0x02dc ( 5 8) */ faddd %f2,%f4,%f2
-/* 0x02e0 ( 8 11) */ faddd %f0,%f2,%f0
-/* 0x02e4 ( 8 9) */ std %f0,[%l1]
-/* 0x02e8 ( 8 9) */ add %l1,16,%l1
-/* 0x02ec ( 8 9) */ ble,a,pt %icc,.L900000752 ! tprob=0.87
-/* 0x02f0 (10 13) */ ldd [%o0],%f0
- .L77000213: /* frequency 5.3 confidence 0.0 */
-/* 0x02f4 ( 0 1) */ srl %i5,31,%g2
- .L900000753: /* frequency 5.3 confidence 0.0 */
-/* 0x02f8 218 ( 0 1) */ cmp %l0,30
-/* 0x02fc ( 0 1) */ bne,a,pt %icc,.L900000751 ! tprob=0.54
-/* 0x0300 ( 0 3) */ fdtox %f18,%f0
-/* 0x0304 ( 1 2) */ add %i5,%g2,%g2
-/* 0x0308 ( 1 2) */ sub %o3,1,%o2
-/* 0x030c ( 2 3) */ sra %g2,1,%o0
-/* 0x0310 216 ( 2 5) */ ldd [%g4],%f0
-/* 0x0314 ( 3 4) */ add %o0,1,%g2
-/* 0x0318 ( 4 5) */ sll %g2,1,%o0
-/* 0x031c ( 4 5) */ fmovd %f0,%f2
-/* 0x0320 ( 5 6) */ sll %g2,4,%o1
-/* 0x0324 ( 5 6) */ cmp %o0,%o3
-/* 0x0328 ( 5 6) */ bge,pt %icc,.L77000215 ! tprob=0.53
-/* 0x032c ( 6 7) */ or %g0,0,%l0
-/* 0x0330 218 ( 6 7) */ add %g5,%o1,%o1
-/* 0x0334 216 ( 7 10) */ ldd [%o1],%f8
- .L900000750: /* frequency 32.0 confidence 0.0 */
-/* 0x0338 ( 0 3) */ fdtox %f8,%f6
-/* 0x033c ( 0 3) */ ldd [%g4],%f10
-/* 0x0340 ( 0 1) */ add %o0,2,%o0
-/* 0x0344 ( 1 4) */ ldd [%o1+8],%f4
-/* 0x0348 ( 1 4) */ fdtox %f8,%f8
-/* 0x034c ( 1 2) */ cmp %o0,%o2
-/* 0x0350 ( 5 6) */ fmovs %f10,%f6
-/* 0x0354 ( 7 10) */ fxtod %f6,%f10
-/* 0x0358 ( 8 11) */ fdtox %f4,%f6
-/* 0x035c ( 9 12) */ fdtox %f4,%f4
-/* 0x0360 (10 13) */ faddd %f10,%f2,%f2
-/* 0x0364 (10 11) */ std %f2,[%o1]
-/* 0x0368 (12 15) */ ldd [%g4],%f2
-/* 0x036c (14 15) */ fmovs %f2,%f6
-/* 0x0370 (16 19) */ fxtod %f6,%f6
-/* 0x0374 (17 20) */ fitod %f8,%f2
-/* 0x0378 (19 22) */ faddd %f6,%f0,%f0
-/* 0x037c (19 20) */ std %f0,[%o1+8]
-/* 0x0380 (19 20) */ add %o1,16,%o1
-/* 0x0384 (20 23) */ fitod %f4,%f0
-/* 0x0388 (20 21) */ ble,a,pt %icc,.L900000750 ! tprob=0.87
-/* 0x038c (20 23) */ ldd [%o1],%f8
- .L77000233: /* frequency 4.6 confidence 0.0 */
-/* 0x0390 ( 0 0) */ or %g0,0,%l0
- .L77000215: /* frequency 5.3 confidence 0.0 */
-/* 0x0394 ( 0 3) */ fdtox %f18,%f0
- .L900000751: /* frequency 5.3 confidence 0.0 */
-/* 0x0398 ( 0 3) */ ldd [%g4],%f6
-/* 0x039c 220 ( 0 1) */ add %i5,1,%i5
-/* 0x03a0 ( 0 1) */ add %i4,8,%i4
-/* 0x03a4 ( 1 4) */ ldd [%g4-8],%f2
-/* 0x03a8 ( 1 2) */ add %l0,1,%l0
-/* 0x03ac ( 1 2) */ add %i3,8,%i3
-/* 0x03b0 ( 2 3) */ fmovs %f6,%f0
-/* 0x03b4 ( 2 5) */ ldd [%g4-16],%f4
-/* 0x03b8 ( 2 3) */ cmp %i5,%o5
-/* 0x03bc ( 4 7) */ fxtod %f0,%f0
-/* 0x03c0 ( 7 10) */ fmuld %f0,%f16,%f0
-/* 0x03c4 (10 13) */ fmuld %f0,%f2,%f2
-/* 0x03c8 (13 16) */ fdtox %f2,%f2
-/* 0x03cc (16 19) */ fxtod %f2,%f2
-/* 0x03d0 (19 22) */ fmuld %f2,%f4,%f2
-/* 0x03d4 (22 25) */ fsubd %f0,%f2,%f22
-/* 0x03d8 (22 23) */ ble,a,pt %icc,.L900000749 ! tprob=0.89
-/* 0x03dc (22 25) */ ldd [%i2],%f0
- .L900000725: /* frequency 0.7 confidence 0.0 */
-/* 0x03e0 220 ( 0 1) */ ba .L900000748 ! tprob=1.00
-/* 0x03e4 ( 0 1) */ sll %g1,4,%g2
-
-
- .L77000289: /* frequency 0.8 confidence 0.0 */
-/* 0x03e8 225 ( 0 3) */ ldd [%o1],%f6
-/* 0x03ec 242 ( 0 1) */ add %g4,-8,%g2
-/* 0x03f0 ( 0 1) */ add %g4,-16,%g3
-/* 0x03f4 225 ( 1 4) */ ldd [%i1],%f2
-/* 0x03f8 245 ( 1 2) */ or %g0,0,%o3
-/* 0x03fc ( 1 2) */ or %g0,0,%o0
-/* 0x0400 225 ( 3 6) */ fmuld %f2,%f6,%f2
-/* 0x0404 ( 3 4) */ std %f2,[%o2]
-/* 0x0408 ( 4 7) */ ldd [%g4],%f6
-/* 0x040c 237 ( 7 8) */ std %f6,[%o2+8]
-/* 0x0410 ( 8 9) */ std %f6,[%o2+16]
-/* 0x0414 ( 9 10) */ std %f6,[%o2+24]
-/* 0x0418 (10 11) */ std %f6,[%o2+32]
-/* 0x041c (11 12) */ std %f6,[%o2+40]
-/* 0x0420 (12 13) */ std %f6,[%o2+48]
-/* 0x0424 (13 14) */ std %f6,[%o2+56]
-/* 0x0428 (14 15) */ std %f6,[%o2+64]
-/* 0x042c (15 16) */ std %f6,[%o2+72]
-! prefetch [%i4],0
-! prefetch [%i4+32],0
-! prefetch [%i4+64],0
-! prefetch [%i4+96],0
-! prefetch [%i4+120],0
-! prefetch [%i1],0
-! prefetch [%i1+32],0
-! prefetch [%i1+64],0
-! prefetch [%i1+96],0
-! prefetch [%i1+120],0
-/* 0x0430 (16 17) */ std %f6,[%o2+80]
-/* 0x0434 (17 18) */ std %f6,[%o2+88]
-/* 0x0438 (18 19) */ std %f6,[%o2+96]
-/* 0x043c (19 20) */ std %f6,[%o2+104]
-/* 0x0440 (20 21) */ std %f6,[%o2+112]
-/* 0x0444 (21 22) */ std %f6,[%o2+120]
-/* 0x0448 (22 23) */ std %f6,[%o2+128]
-/* 0x044c (23 24) */ std %f6,[%o2+136]
-/* 0x0450 (24 25) */ std %f6,[%o2+144]
-/* 0x0454 (25 26) */ std %f6,[%o2+152]
-/* 0x0458 (26 27) */ std %f6,[%o2+160]
-/* 0x045c (27 28) */ std %f6,[%o2+168]
-/* 0x0460 (27 30) */ fdtox %f2,%f2
-/* 0x0464 (28 29) */ std %f6,[%o2+176]
-/* 0x0468 (29 30) */ std %f6,[%o2+184]
-/* 0x046c (30 31) */ std %f6,[%o2+192]
-/* 0x0470 (31 32) */ std %f6,[%o2+200]
-/* 0x0474 (32 33) */ std %f6,[%o2+208]
-/* 0x0478 (33 34) */ std %f6,[%o2+216]
-/* 0x047c (34 35) */ std %f6,[%o2+224]
-/* 0x0480 (35 36) */ std %f6,[%o2+232]
-/* 0x0484 (36 37) */ std %f6,[%o2+240]
-/* 0x0488 (37 38) */ std %f6,[%o2+248]
-/* 0x048c (38 39) */ std %f6,[%o2+256]
-/* 0x0490 (39 40) */ std %f6,[%o2+264]
-/* 0x0494 (40 41) */ std %f6,[%o2+272]
-/* 0x0498 (41 42) */ std %f6,[%o2+280]
-/* 0x049c (42 43) */ std %f6,[%o2+288]
-/* 0x04a0 (43 44) */ std %f6,[%o2+296]
-/* 0x04a4 (44 45) */ std %f6,[%o2+304]
-/* 0x04a8 (45 46) */ std %f6,[%o2+312]
-/* 0x04ac (46 47) */ std %f6,[%o2+320]
-/* 0x04b0 (47 48) */ std %f6,[%o2+328]
-/* 0x04b4 (48 49) */ std %f6,[%o2+336]
-/* 0x04b8 (49 50) */ std %f6,[%o2+344]
-/* 0x04bc (50 51) */ std %f6,[%o2+352]
-/* 0x04c0 (51 52) */ std %f6,[%o2+360]
-/* 0x04c4 (52 53) */ std %f6,[%o2+368]
-/* 0x04c8 (53 54) */ std %f6,[%o2+376]
-/* 0x04cc (54 55) */ std %f6,[%o2+384]
-/* 0x04d0 (55 56) */ std %f6,[%o2+392]
-/* 0x04d4 (56 57) */ std %f6,[%o2+400]
-/* 0x04d8 (57 58) */ std %f6,[%o2+408]
-/* 0x04dc (58 59) */ std %f6,[%o2+416]
-/* 0x04e0 (59 60) */ std %f6,[%o2+424]
-/* 0x04e4 (60 61) */ std %f6,[%o2+432]
-/* 0x04e8 (61 62) */ std %f6,[%o2+440]
-/* 0x04ec (62 63) */ std %f6,[%o2+448]
-/* 0x04f0 (63 64) */ std %f6,[%o2+456]
-/* 0x04f4 (64 65) */ std %f6,[%o2+464]
-/* 0x04f8 (65 66) */ std %f6,[%o2+472]
-/* 0x04fc (66 67) */ std %f6,[%o2+480]
-/* 0x0500 (67 68) */ std %f6,[%o2+488]
-/* 0x0504 (68 69) */ std %f6,[%o2+496]
-/* 0x0508 (69 70) */ std %f6,[%o2+504]
-/* 0x050c (70 71) */ std %f6,[%o2+512]
-/* 0x0510 (71 72) */ std %f6,[%o2+520]
-/* 0x0514 242 (72 75) */ ld [%g4],%f2 ! dalign
-/* 0x0518 (73 76) */ ld [%g2],%f6 ! dalign
-/* 0x051c (74 77) */ fxtod %f2,%f10
-/* 0x0520 (74 77) */ ld [%g2+4],%f7
-/* 0x0524 (75 78) */ ld [%g3],%f8 ! dalign
-/* 0x0528 (76 79) */ ld [%g3+4],%f9
-/* 0x052c (77 80) */ fmuld %f10,%f0,%f0
-/* 0x0530 239 (77 80) */ ldd [%i4],%f4
-/* 0x0534 240 (78 81) */ ldd [%i1],%f2
-/* 0x0538 (80 83) */ fmuld %f0,%f6,%f6
-/* 0x053c (83 86) */ fdtox %f6,%f6
-/* 0x0540 (86 89) */ fxtod %f6,%f6
-/* 0x0544 (89 92) */ fmuld %f6,%f8,%f6
-/* 0x0548 (92 95) */ fsubd %f0,%f6,%f0
-/* 0x054c 250 (95 98) */ fmuld %f4,%f0,%f10
- .L900000747: /* frequency 6.4 confidence 0.0 */
-
-
- fmovd %f0,%f0
- fmovd %f16,%f18
- ldd [%i4],%f2
- ldd [%o2],%f8
- ldd [%i1],%f10
- ldd [%g4-8],%f14
- ldd [%g4-16],%f16
- ldd [%o1],%f24
-
- ldd [%i1+8],%f26
- ldd [%i1+16],%f40
- ldd [%i1+48],%f46
- ldd [%i1+56],%f30
- ldd [%i1+64],%f54
- ldd [%i1+104],%f34
- ldd [%i1+112],%f58
-
- ldd [%i4+112],%f60
- ldd [%i4+8],%f28
- ldd [%i4+104],%f38
-
- nop
- nop
-!
- .L99999999:
-!1
-!!!
- ldd [%i1+24],%f32
- fmuld %f0,%f2,%f4
-!2
-!!!
- ldd [%i4+24],%f36
- fmuld %f26,%f24,%f20
-!3
-!!!
- ldd [%i1+40],%f42
- fmuld %f28,%f0,%f22
-!4
-!!!
- ldd [%i4+40],%f44
- fmuld %f32,%f24,%f32
-!5
-!!!
- ldd [%o1+8],%f6
- faddd %f4,%f8,%f4
- fmuld %f36,%f0,%f36
-!6
-!!!
- add %o1,8,%o1
- ldd [%i4+56],%f50
- fmuld %f42,%f24,%f42
-!7
-!!!
- ldd [%i1+72],%f52
- faddd %f20,%f22,%f20
- fmuld %f44,%f0,%f44
-!8
-!!!
- ldd [%o2+16],%f22
- fmuld %f10,%f6,%f12
-!9
-!!!
- ldd [%i4+72],%f56
- faddd %f32,%f36,%f32
- fmuld %f14,%f4,%f4
-!10
-!!!
- ldd [%o2+48],%f36
- fmuld %f30,%f24,%f48
-!11
-!!!
- ldd [%o2+8],%f8
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50
-!12
-!!!
- std %f20,[%o2+16]
- faddd %f42,%f44,%f42
- fmuld %f52,%f24,%f52
-!13
-!!!
- ldd [%o2+80],%f44
- faddd %f4,%f12,%f4
- fmuld %f56,%f0,%f56
-!14
-!!!
- ldd [%i1+88],%f20
- faddd %f32,%f36,%f32
-!15
-!!!
- ldd [%i4+88],%f22
- faddd %f48,%f50,%f48
-!16
-!!!
- ldd [%o2+112],%f50
- faddd %f52,%f56,%f52
-!17
-!!!
- ldd [%o2+144],%f56
- faddd %f4,%f8,%f8
- fmuld %f20,%f24,%f20
-!18
-!!!
- std %f32,[%o2+48]
- faddd %f42,%f44,%f42
- fmuld %f22,%f0,%f22
-!19
-!!!
- std %f42,[%o2+80]
- faddd %f48,%f50,%f48
- fmuld %f34,%f24,%f32
-!20
-!!!
- std %f48,[%o2+112]
- faddd %f52,%f56,%f52
- fmuld %f38,%f0,%f36
-!21
-!!!
- ldd [%i1+120],%f42
- fdtox %f8,%f4
-!22
-!!!
- std %f52,[%o2+144]
- faddd %f20,%f22,%f20
-!23
-!!!
- ldd [%i4+120],%f44
-!24
-!!!
- ldd [%o2+176],%f22
- faddd %f32,%f36,%f32
- fmuld %f42,%f24,%f42
-!25
-!!!
- ldd [%i4+16],%f50
- fmovs %f17,%f4
-!26
-!!!
- ldd [%i1+32],%f52
- fmuld %f44,%f0,%f44
-!27
-!!!
- ldd [%i4+32],%f56
- fmuld %f40,%f24,%f48
-!28
-!!!
- ldd [%o2+208],%f36
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50
-!29
-!!!
- std %f20,[%o2+176]
- fxtod %f4,%f4
- fmuld %f52,%f24,%f52
-!30
-!!!
- ldd [%i4+48],%f22
- faddd %f42,%f44,%f42
- fmuld %f56,%f0,%f56
-!31
-!!!
- ldd [%o2+240],%f44
- faddd %f32,%f36,%f32
-!32
-!!!
- std %f32,[%o2+208]
- faddd %f48,%f50,%f48
- fmuld %f46,%f24,%f20
-!33
-!!!
- ldd [%o2+32],%f50
- fmuld %f4,%f18,%f12
-!34
-!!!
- ldd [%i4+64],%f36
- faddd %f52,%f56,%f52
- fmuld %f22,%f0,%f22
-!35
-!!!
- ldd [%o2+64],%f56
- faddd %f42,%f44,%f42
-!36
-!!!
- std %f42,[%o2+240]
- faddd %f48,%f50,%f48
- fmuld %f54,%f24,%f32
-!37
-!!!
- std %f48,[%o2+32]
- fmuld %f12,%f14,%f4
-!38
-!!!
- ldd [%i1+80],%f42
- faddd %f52,%f56,%f56 ! yes, tmp52!
- fmuld %f36,%f0,%f36
-!39
-!!!
- ldd [%i4+80],%f44
- faddd %f20,%f22,%f20
-!40
-!!!
- ldd [%i1+96],%f48
- fmuld %f58,%f24,%f52
-!41
-!!!
- ldd [%i4+96],%f50
- fdtox %f4,%f4
- fmuld %f42,%f24,%f42
-!42
-!!!
- std %f56,[%o2+64] ! yes, tmp52!
- faddd %f32,%f36,%f32
- fmuld %f44,%f0,%f44
-!43
-!!!
- ldd [%o2+96],%f22
- fmuld %f48,%f24,%f48
-!44
-!!!
- ldd [%o2+128],%f36
- fmovd %f6,%f24
- fmuld %f50,%f0,%f50
-!45
-!!!
- fxtod %f4,%f4
- fmuld %f60,%f0,%f56
-!46
-!!!
- add %o2,8,%o2
- faddd %f42,%f44,%f42
-!47
-!!!
- ldd [%o2+160-8],%f44
- faddd %f20,%f22,%f20
-!48
-!!!
- std %f20,[%o2+96-8]
- faddd %f48,%f50,%f48
-!49
-!!!
- ldd [%o2+192-8],%f50
- faddd %f52,%f56,%f52
- fmuld %f4,%f16,%f4
-!50
-!!!
- ldd [%o2+224-8],%f56
- faddd %f32,%f36,%f32
-!51
-!!!
- std %f32,[%o2+128-8]
- faddd %f42,%f44,%f42
-!52
- add %o3,1,%o3
- std %f42,[%o2+160-8]
- faddd %f48,%f50,%f48
-!53
-!!!
- cmp %o3,31
- std %f48,[%o2+192-8]
- faddd %f52,%f56,%f52
-!54
- std %f52,[%o2+224-8]
- ble,pt %icc,.L99999999
- fsubd %f12,%f4,%f0
-
-
-
-!55
- std %f8,[%o2]
-
-
-
-
-
-
- .L77000285: /* frequency 1.0 confidence 0.0 */
-/* 0x07a8 279 ( 0 1) */ sll %g1,4,%g2
- .L900000748: /* frequency 1.0 confidence 0.0 */
-/* 0x07ac 279 ( 0 3) */ ldd [%g5+%g2],%f0
-/* 0x07b0 ( 0 1) */ add %g5,%g2,%i1
-/* 0x07b4 ( 0 1) */ or %g0,0,%o4
-/* 0x07b8 206 ( 1 4) */ ld [%fp+68],%o0
-/* 0x07bc 279 ( 1 2) */ or %g0,0,%i0
-/* 0x07c0 ( 1 2) */ cmp %g1,0
-/* 0x07c4 ( 2 5) */ fdtox %f0,%f0
-/* 0x07c8 ( 2 3) */ std %f0,[%sp+120]
-/* 0x07cc 275 ( 2 3) */ sethi %hi(0xfc00),%o1
-/* 0x07d0 206 ( 3 4) */ or %g0,%o0,%o3
-/* 0x07d4 275 ( 3 4) */ sub %g1,1,%g4
-/* 0x07d8 279 ( 4 7) */ ldd [%i1+8],%f0
-/* 0x07dc ( 4 5) */ or %g0,%o0,%g5
-/* 0x07e0 ( 4 5) */ add %o1,1023,%o1
-/* 0x07e4 ( 6 9) */ fdtox %f0,%f0
-/* 0x07e8 ( 6 7) */ std %f0,[%sp+112]
-/* 0x07ec (10 12) */ ldx [%sp+112],%o5
-/* 0x07f0 (11 13) */ ldx [%sp+120],%o7
-/* 0x07f4 (11 12) */ ble,pt %icc,.L900000746 ! tprob=0.56
-/* 0x07f8 (11 12) */ sethi %hi(0xfc00),%g2
-/* 0x07fc 275 (12 13) */ or %g0,-1,%g2
-/* 0x0800 279 (12 13) */ cmp %g1,3
-/* 0x0804 275 (13 14) */ srl %g2,0,%o2
-/* 0x0808 279 (13 14) */ bl,pn %icc,.L77000286 ! tprob=0.44
-/* 0x080c (13 14) */ or %g0,%i1,%g2
-/* 0x0810 (14 17) */ ldd [%i1+16],%f0
-/* 0x0814 (14 15) */ and %o5,%o1,%o0
-/* 0x0818 (14 15) */ add %i1,16,%g2
-/* 0x081c (15 16) */ sllx %o0,16,%g3
-/* 0x0820 (15 16) */ and %o7,%o2,%o0
-/* 0x0824 (16 19) */ fdtox %f0,%f0
-/* 0x0828 (16 17) */ std %f0,[%sp+104]
-/* 0x082c (16 17) */ add %o0,%g3,%o4
-/* 0x0830 (17 20) */ ldd [%i1+24],%f2
-/* 0x0834 (17 18) */ srax %o5,16,%o0
-/* 0x0838 (17 18) */ add %o3,4,%g5
-/* 0x083c (18 19) */ stx %o0,[%sp+128]
-/* 0x0840 (18 19) */ and %o4,%o2,%o0
-/* 0x0844 (18 19) */ or %g0,1,%i0
-/* 0x0848 (19 20) */ stx %o0,[%sp+112]
-/* 0x084c (19 20) */ srax %o4,32,%o0
-/* 0x0850 (19 22) */ fdtox %f2,%f0
-/* 0x0854 (20 21) */ stx %o0,[%sp+136]
-/* 0x0858 (20 21) */ srax %o7,32,%o4
-/* 0x085c (21 22) */ std %f0,[%sp+96]
-/* 0x0860 (22 24) */ ldx [%sp+136],%o7
-/* 0x0864 (23 25) */ ldx [%sp+128],%o0
-/* 0x0868 (25 27) */ ldx [%sp+104],%g3
-/* 0x086c (25 26) */ add %o0,%o7,%o0
-/* 0x0870 (26 28) */ ldx [%sp+112],%o7
-/* 0x0874 (26 27) */ add %o4,%o0,%o4
-/* 0x0878 (27 29) */ ldx [%sp+96],%o5
-/* 0x087c (28 29) */ st %o7,[%o3]
-/* 0x0880 (28 29) */ or %g0,%g3,%o7
- .L900000730: /* frequency 64.0 confidence 0.0 */
-/* 0x0884 (17 19) */ ldd [%g2+16],%f0
-/* 0x0888 (17 18) */ add %i0,1,%i0
-/* 0x088c (17 18) */ add %g5,4,%g5
-/* 0x0890 (18 18) */ cmp %i0,%g4
-/* 0x0894 (18 19) */ add %g2,16,%g2
-/* 0x0898 (19 22) */ fdtox %f0,%f0
-/* 0x089c (20 21) */ std %f0,[%sp+104]
-/* 0x08a0 (21 23) */ ldd [%g2+8],%f0
-/* 0x08a4 (23 26) */ fdtox %f0,%f0
-/* 0x08a8 (24 25) */ std %f0,[%sp+96]
-/* 0x08ac (25 26) */ and %o5,%o1,%g3
-/* 0x08b0 (26 27) */ sllx %g3,16,%g3
-/* 0x08b4 ( 0 0) */ stx %g3,[%sp+120]
-/* 0x08b8 (26 27) */ and %o7,%o2,%g3
-/* 0x08bc ( 0 0) */ stx %o7,[%sp+128]
-/* 0x08c0 ( 0 0) */ ldx [%sp+120],%o7
-/* 0x08c4 (27 27) */ add %g3,%o7,%g3
-/* 0x08c8 ( 0 0) */ ldx [%sp+128],%o7
-/* 0x08cc (28 29) */ srax %o5,16,%o5
-/* 0x08d0 (28 28) */ add %g3,%o4,%g3
-/* 0x08d4 (29 30) */ srax %g3,32,%o4
-/* 0x08d8 ( 0 0) */ stx %o4,[%sp+112]
-/* 0x08dc (30 31) */ srax %o7,32,%o4
-/* 0x08e0 ( 0 0) */ ldx [%sp+112],%o7
-/* 0x08e4 (30 31) */ add %o5,%o7,%o7
-/* 0x08e8 (31 33) */ ldx [%sp+96],%o5
-/* 0x08ec (31 32) */ add %o4,%o7,%o4
-/* 0x08f0 (32 33) */ and %g3,%o2,%g3
-/* 0x08f4 ( 0 0) */ ldx [%sp+104],%o7
-/* 0x08f8 (33 34) */ ble,pt %icc,.L900000730 ! tprob=0.50
-/* 0x08fc (33 34) */ st %g3,[%g5-4]
- .L900000733: /* frequency 8.0 confidence 0.0 */
-/* 0x0900 ( 0 1) */ ba .L900000746 ! tprob=1.00
-/* 0x0904 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L77000286: /* frequency 0.7 confidence 0.0 */
-/* 0x0908 ( 0 3) */ ldd [%g2+16],%f0
- .L900000745: /* frequency 6.4 confidence 0.0 */
-/* 0x090c ( 0 1) */ and %o7,%o2,%o0
-/* 0x0910 ( 0 1) */ and %o5,%o1,%g3
-/* 0x0914 ( 0 3) */ fdtox %f0,%f0
-/* 0x0918 ( 1 2) */ add %o4,%o0,%o0
-/* 0x091c ( 1 2) */ std %f0,[%sp+104]
-/* 0x0920 ( 1 2) */ add %i0,1,%i0
-/* 0x0924 ( 2 3) */ sllx %g3,16,%o4
-/* 0x0928 ( 2 5) */ ldd [%g2+24],%f2
-/* 0x092c ( 2 3) */ add %g2,16,%g2
-/* 0x0930 ( 3 4) */ add %o0,%o4,%o4
-/* 0x0934 ( 3 4) */ cmp %i0,%g4
-/* 0x0938 ( 4 5) */ srax %o5,16,%o0
-/* 0x093c ( 4 5) */ stx %o0,[%sp+112]
-/* 0x0940 ( 4 5) */ and %o4,%o2,%g3
-/* 0x0944 ( 5 6) */ srax %o4,32,%o5
-/* 0x0948 ( 5 8) */ fdtox %f2,%f0
-/* 0x094c ( 5 6) */ std %f0,[%sp+96]
-/* 0x0950 ( 6 7) */ srax %o7,32,%o4
-/* 0x0954 ( 6 8) */ ldx [%sp+112],%o7
-/* 0x0958 ( 8 9) */ add %o7,%o5,%o7
-/* 0x095c ( 9 11) */ ldx [%sp+104],%o5
-/* 0x0960 ( 9 10) */ add %o4,%o7,%o4
-/* 0x0964 (10 12) */ ldx [%sp+96],%o0
-/* 0x0968 (11 12) */ st %g3,[%g5]
-/* 0x096c (11 12) */ or %g0,%o5,%o7
-/* 0x0970 (11 12) */ add %g5,4,%g5
-/* 0x0974 (12 13) */ or %g0,%o0,%o5
-/* 0x0978 (12 13) */ ble,a,pt %icc,.L900000745 ! tprob=0.86
-/* 0x097c (12 15) */ ldd [%g2+16],%f0
- .L77000236: /* frequency 1.0 confidence 0.0 */
-/* 0x0980 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L900000746: /* frequency 1.0 confidence 0.0 */
-/* 0x0984 ( 0 1) */ or %g0,-1,%o0
-/* 0x0988 ( 0 1) */ add %g2,1023,%g2
-/* 0x098c ( 0 3) */ ld [%fp+88],%o1
-/* 0x0990 ( 1 2) */ srl %o0,0,%g3
-/* 0x0994 ( 1 2) */ and %o5,%g2,%g2
-/* 0x0998 ( 2 3) */ and %o7,%g3,%g4
-/* 0x099c 281 ( 2 3) */ or %g0,-1,%o5
-/* 0x09a0 275 ( 3 4) */ sllx %g2,16,%g2
-/* 0x09a4 ( 3 4) */ add %o4,%g4,%g4
-/* 0x09a8 ( 4 5) */ add %g4,%g2,%g2
-/* 0x09ac ( 5 6) */ sll %i0,2,%g4
-/* 0x09b0 ( 5 6) */ and %g2,%g3,%g2
-/* 0x09b4 ( 6 7) */ st %g2,[%o3+%g4]
-/* 0x09b8 281 ( 6 7) */ sll %g1,2,%g2
-/* 0x09bc ( 7 10) */ ld [%o3+%g2],%g2
-/* 0x09c0 ( 9 10) */ cmp %g2,0
-/* 0x09c4 ( 9 10) */ bleu,pn %icc,.L77000241 ! tprob=0.50
-/* 0x09c8 ( 9 10) */ or %g0,%o1,%o2
-/* 0x09cc (10 11) */ ba .L900000744 ! tprob=1.00
-/* 0x09d0 (10 11) */ cmp %o5,0
- .L77000241: /* frequency 0.8 confidence 0.0 */
-/* 0x09d4 ( 0 1) */ subcc %g1,1,%o5
-/* 0x09d8 ( 0 1) */ bneg,pt %icc,.L900000744 ! tprob=0.60
-/* 0x09dc ( 1 2) */ cmp %o5,0
-/* 0x09e0 ( 1 2) */ sll %o5,2,%g2
-/* 0x09e4 ( 2 3) */ add %o1,%g2,%o0
-/* 0x09e8 ( 2 3) */ add %o3,%g2,%o4
-/* 0x09ec ( 3 6) */ ld [%o0],%g2
- .L900000743: /* frequency 5.3 confidence 0.0 */
-/* 0x09f0 ( 0 3) */ ld [%o4],%g3
-/* 0x09f4 ( 0 1) */ add %o0,4,%o0
-/* 0x09f8 ( 0 1) */ add %o4,4,%o4
-/* 0x09fc ( 2 3) */ cmp %g3,%g2
-/* 0x0a00 ( 2 3) */ bne,pn %icc,.L77000244 ! tprob=0.16
-/* 0x0a04 ( 2 3) */ nop
-/* 0x0a08 ( 3 4) */ addcc %o5,1,%o5
-/* 0x0a0c ( 3 4) */ bpos,a,pt %icc,.L900000743 ! tprob=0.84
-/* 0x0a10 ( 3 6) */ ld [%o0],%g2
- .L77000244: /* frequency 1.0 confidence 0.0 */
-/* 0x0a14 ( 0 1) */ cmp %o5,0
- .L900000744: /* frequency 1.0 confidence 0.0 */
-/* 0x0a18 ( 0 1) */ bl,pn %icc,.L77000287 ! tprob=0.50
-/* 0x0a1c ( 0 1) */ sll %o5,2,%g2
-/* 0x0a20 ( 1 4) */ ld [%o2+%g2],%g3
-/* 0x0a24 ( 2 5) */ ld [%o3+%g2],%g2
-/* 0x0a28 ( 4 5) */ cmp %g2,%g3
-/* 0x0a2c ( 4 5) */ bleu,pt %icc,.L77000224 ! tprob=0.56
-/* 0x0a30 ( 4 5) */ nop
- .L77000287: /* frequency 0.8 confidence 0.0 */
-/* 0x0a34 ( 0 1) */ cmp %g1,0
-/* 0x0a38 ( 0 1) */ ble,pt %icc,.L77000224 ! tprob=0.60
-/* 0x0a3c ( 0 1) */ nop
-/* 0x0a40 281 ( 1 2) */ sub %g1,1,%o7
-/* 0x0a44 ( 1 2) */ or %g0,-1,%g2
-/* 0x0a48 ( 2 3) */ srl %g2,0,%o4
-/* 0x0a4c ( 2 3) */ add %o7,1,%o0
-/* 0x0a50 279 ( 3 4) */ or %g0,0,%o5
-/* 0x0a54 ( 3 4) */ or %g0,0,%g1
-/* 0x0a58 ( 4 5) */ cmp %o0,3
-/* 0x0a5c ( 4 5) */ bl,pn %icc,.L77000288 ! tprob=0.40
-/* 0x0a60 ( 4 5) */ add %o3,8,%o1
-/* 0x0a64 ( 5 6) */ add %o2,4,%o0
-/* 0x0a68 ( 5 8) */ ld [%o1-8],%g2
-/* 0x0a6c 0 ( 5 6) */ or %g0,%o1,%o3
-/* 0x0a70 279 ( 6 9) */ ld [%o0-4],%g3
-/* 0x0a74 0 ( 6 7) */ or %g0,%o0,%o2
-/* 0x0a78 279 ( 6 7) */ or %g0,2,%g1
-/* 0x0a7c ( 7 10) */ ld [%o3-4],%o0
-/* 0x0a80 ( 8 9) */ sub %g2,%g3,%g2
-/* 0x0a84 ( 9 10) */ or %g0,%g2,%o5
-/* 0x0a88 ( 9 10) */ and %g2,%o4,%g2
-/* 0x0a8c ( 9 10) */ st %g2,[%o3-8]
-/* 0x0a90 (10 11) */ srax %o5,32,%o5
- .L900000734: /* frequency 64.0 confidence 0.0 */
-/* 0x0a94 (12 20) */ ld [%o2],%g2
-/* 0x0a98 (12 13) */ add %g1,1,%g1
-/* 0x0a9c (12 13) */ add %o2,4,%o2
-/* 0x0aa0 (13 13) */ cmp %g1,%o7
-/* 0x0aa4 (13 14) */ add %o3,4,%o3
-/* 0x0aa8 (14 14) */ sub %o0,%g2,%o0
-/* 0x0aac (15 15) */ add %o0,%o5,%o5
-/* 0x0ab0 (16 17) */ and %o5,%o4,%g2
-/* 0x0ab4 (16 24) */ ld [%o3-4],%o0
-/* 0x0ab8 (17 18) */ st %g2,[%o3-8]
-/* 0x0abc (17 18) */ ble,pt %icc,.L900000734 ! tprob=0.50
-/* 0x0ac0 (17 18) */ srax %o5,32,%o5
- .L900000737: /* frequency 8.0 confidence 0.0 */
-/* 0x0ac4 ( 0 3) */ ld [%o2],%o1
-/* 0x0ac8 ( 2 3) */ sub %o0,%o1,%o0
-/* 0x0acc ( 3 4) */ add %o0,%o5,%o0
-/* 0x0ad0 ( 4 5) */ and %o0,%o4,%o1
-/* 0x0ad4 ( 4 5) */ st %o1,[%o3-4]
-/* 0x0ad8 ( 5 7) */ ret ! Result =
-/* 0x0adc ( 7 8) */ restore %g0,%g0,%g0
- .L77000288: /* frequency 0.6 confidence 0.0 */
-/* 0x0ae0 ( 0 3) */ ld [%o3],%o0
- .L900000742: /* frequency 5.3 confidence 0.0 */
-/* 0x0ae4 ( 0 3) */ ld [%o2],%o1
-/* 0x0ae8 ( 0 1) */ add %o5,%o0,%o0
-/* 0x0aec ( 0 1) */ add %g1,1,%g1
-/* 0x0af0 ( 1 2) */ add %o2,4,%o2
-/* 0x0af4 ( 1 2) */ cmp %g1,%o7
-/* 0x0af8 ( 2 3) */ sub %o0,%o1,%o0
-/* 0x0afc ( 3 4) */ and %o0,%o4,%o1
-/* 0x0b00 ( 3 4) */ st %o1,[%o3]
-/* 0x0b04 ( 3 4) */ add %o3,4,%o3
-/* 0x0b08 ( 4 5) */ srax %o0,32,%o5
-/* 0x0b0c ( 4 5) */ ble,a,pt %icc,.L900000742 ! tprob=0.84
-/* 0x0b10 ( 4 7) */ ld [%o3],%o0
- .L77000224: /* frequency 1.0 confidence 0.0 */
-/* 0x0b14 ( 0 2) */ ret ! Result =
-/* 0x0b18 ( 2 3) */ restore %g0,%g0,%g0
-/* 0x0b1c 0 ( 0 0) */ .type mont_mulf_noconv,2
-/* 0x0b1c ( 0 0) */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.il b/security/nss/lib/freebl/mpi/montmulfv8.il
deleted file mode 100644
index b3dd734b6..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv8.il
+++ /dev/null
@@ -1,137 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is inline macros for SPARC Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
-!
-! double upper32(double /*frs1*/);
-!
- .inline upper32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
-
- fdtox %f10,%f10
- fitod %f10,%f0
- .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
- .inline lower32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f12
-
- fdtox %f10,%f10
- fmovs %f12,%f10
- fxtod %f10,%f0
- .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
- .inline mod,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f2
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o4,[%sp+0x48]
- ldd [%sp+0x48],%f6
-
- fmuld %f2,%f4,%f4
- fdtox %f4,%f4
- fxtod %f4,%f4
- fmuld %f4,%f6,%f4
- fsubd %f2,%f4,%f0
- .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! double * /* 0 */,
-! double * /*result16*/, double * /* result32 */
-! float * /*source - should be unsigned int*
-! converted to float* */);
-!
- .inline i16_to_d16_and_d32x4,24
- ldd [%o0],%f2 ! 1/(2^16)
- ldd [%o1],%f4 ! 2^16
- ldd [%o2],%f22
-
- fmovd %f22,%f6
- ld [%o5],%f7
- fmovd %f22,%f10
- ld [%o5+4],%f11
- fmovd %f22,%f14
- ld [%o5+8],%f15
- fmovd %f22,%f18
- ld [%o5+12],%f19
- fxtod %f6,%f6
- std %f6,[%o4]
- fxtod %f10,%f10
- std %f10,[%o4+8]
- fxtod %f14,%f14
- std %f14,[%o4+16]
- fxtod %f18,%f18
- std %f18,[%o4+24]
- fmuld %f2,%f6,%f8
- fmuld %f2,%f10,%f12
- fmuld %f2,%f14,%f16
- fmuld %f2,%f18,%f20
- fdtox %f8,%f8
- fdtox %f12,%f12
- fdtox %f16,%f16
- fdtox %f20,%f20
- fxtod %f8,%f8
- std %f8,[%o3+8]
- fxtod %f12,%f12
- std %f12,[%o3+24]
- fxtod %f16,%f16
- std %f16,[%o3+40]
- fxtod %f20,%f20
- std %f20,[%o3+56]
- fmuld %f8,%f4,%f8
- fmuld %f12,%f4,%f12
- fmuld %f16,%f4,%f16
- fmuld %f20,%f4,%f20
- fsubd %f6,%f8,%f8
- std %f8,[%o3]
- fsubd %f10,%f12,%f12
- std %f12,[%o3+16]
- fsubd %f14,%f16,%f16
- std %f16,[%o3+32]
- fsubd %f18,%f20,%f20
- std %f20,[%o3+48]
- .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.s b/security/nss/lib/freebl/mpi/montmulfv8.s
deleted file mode 100644
index ac74a530d..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv8.s
+++ /dev/null
@@ -1,1847 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
- .section ".text",#alloc,#execinstr
- .file "montmulf.c"
-
- .section ".rodata",#alloc
- .global TwoTo16
- .align 8
-!
-! CONSTANT POOL
-!
- .global TwoTo16
-TwoTo16:
- .word 1089470464
- .word 0
- .type TwoTo16,#object
- .size TwoTo16,8
- .global TwoToMinus16
-!
-! CONSTANT POOL
-!
- .global TwoToMinus16
-TwoToMinus16:
- .word 1055916032
- .word 0
- .type TwoToMinus16,#object
- .size TwoToMinus16,8
- .global Zero
-!
-! CONSTANT POOL
-!
- .global Zero
-Zero:
- .word 0
- .word 0
- .type Zero,#object
- .size Zero,8
- .global TwoTo32
-!
-! CONSTANT POOL
-!
- .global TwoTo32
-TwoTo32:
- .word 1106247680
- .word 0
- .type TwoTo32,#object
- .size TwoTo32,8
- .global TwoToMinus32
-!
-! CONSTANT POOL
-!
- .global TwoToMinus32
-TwoToMinus32:
- .word 1039138816
- .word 0
- .type TwoToMinus32,#object
- .size TwoToMinus32,8
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 4
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_d16_to_i32
- conv_d16_to_i32:
-/* 000000 */ save %sp,-128,%sp
-! FILE montmulf.c
-
-! 36 !#define RF_INLINE_MACROS
-! 38 !static const double TwoTo16=65536.0;
-! 39 !static const double TwoToMinus16=1.0/65536.0;
-! 40 !static const double Zero=0.0;
-! 41 !static const double TwoTo32=65536.0*65536.0;
-! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0);
-! 44 !#ifdef RF_INLINE_MACROS
-! 46 !double upper32(double);
-! 47 !double lower32(double, double);
-! 48 !double mod(double, double, double);
-! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
-! 51 ! const double * /* 2^16*/,
-! 52 ! const double * /* 0 */,
-! 53 ! double * /*result16*/,
-! 54 ! double * /* result32 */,
-! 55 ! float * /*source - should be unsigned int*
-! 56 ! converted to float* */);
-! 58 !#else
-! 60 !static double upper32(double x)
-! 61 !{
-! 62 ! return floor(x*TwoToMinus32);
-! 63 !}
-! 65 !static double lower32(double x, double y)
-! 66 !{
-! 67 ! return x-TwoTo32*floor(x*TwoToMinus32);
-! 68 !}
-! 70 !static double mod(double x, double oneoverm, double m)
-! 71 !{
-! 72 ! return x-m*floor(x*oneoverm);
-! 73 !}
-! 75 !#endif
-! 78 !static void cleanup(double *dt, int from, int tlen)
-! 79 !{
-! 80 ! int i;
-! 81 ! double tmp,tmp1,x,x1;
-! 83 ! tmp=tmp1=Zero;
-! 84 ! /* original code **
-! 85 ! for(i=2*from;i<2*tlen-2;i++)
-! 86 ! {
-! 87 ! x=dt[i];
-! 88 ! dt[i]=lower32(x,Zero)+tmp1;
-! 89 ! tmp1=tmp;
-! 90 ! tmp=upper32(x);
-! 91 ! }
-! 92 ! dt[tlen-2]+=tmp1;
-! 93 ! dt[tlen-1]+=tmp;
-! 94 ! **end original code ***/
-! 95 ! /* new code ***/
-! 96 ! for(i=2*from;i<2*tlen;i+=2)
-! 97 ! {
-! 98 ! x=dt[i];
-! 99 ! x1=dt[i+1];
-! 100 ! dt[i]=lower32(x,Zero)+tmp;
-! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1;
-! 102 ! tmp=upper32(x);
-! 103 ! tmp1=upper32(x1);
-! 104 ! }
-! 105 ! /** end new code **/
-! 106 !}
-! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-! 110 !{
-! 111 !int i;
-! 112 !long long t, t1, a, b, c, d;
-! 114 ! t1=0;
-! 115 ! a=(long long)d16[0];
-
-/* 0x0004 115 */ ldd [%i1],%f0
-/* 0x0008 110 */ or %g0,%i1,%o0
-
-! 116 ! b=(long long)d16[1];
-! 117 ! for(i=0; i<ilen-1; i++)
-
-/* 0x000c 117 */ sub %i3,1,%g2
-/* 0x0010 */ cmp %g2,0
-/* 0x0014 114 */ or %g0,0,%o4
-/* 0x0018 115 */ fdtox %f0,%f0
-/* 0x001c */ std %f0,[%sp+120]
-/* 0x0020 117 */ or %g0,0,%o7
-/* 0x0024 110 */ or %g0,%i3,%o1
-/* 0x0028 */ sub %i3,2,%o2
-/* 0x002c 116 */ ldd [%o0+8],%f0
-/* 0x0030 110 */ sethi %hi(0xfc00),%o1
-/* 0x0034 */ add %o2,1,%g3
-/* 0x0038 */ add %o1,1023,%o1
-/* 0x003c */ or %g0,%i0,%o5
-/* 0x0040 116 */ fdtox %f0,%f0
-/* 0x0044 */ std %f0,[%sp+112]
-/* 0x0048 */ ldx [%sp+112],%g1
-/* 0x004c 115 */ ldx [%sp+120],%g4
-/* 0x0050 117 */ ble,pt %icc,.L900000117
-/* 0x0054 */ sethi %hi(0xfc00),%g2
-/* 0x0058 110 */ or %g0,-1,%g2
-/* 0x005c 117 */ cmp %g3,3
-/* 0x0060 110 */ srl %g2,0,%o3
-/* 0x0064 117 */ bl,pn %icc,.L77000134
-/* 0x0068 */ or %g0,%o0,%g2
-
-! 118 ! {
-! 119 ! c=(long long)d16[2*i+2];
-
-/* 0x006c 119 */ ldd [%o0+16],%f0
-
-! 120 ! t1+=a&0xffffffff;
-! 121 ! t=(a>>32);
-! 122 ! d=(long long)d16[2*i+3];
-! 123 ! t1+=(b&0xffff)<<16;
-! 124 ! t+=(b>>16)+(t1>>32);
-! 125 ! i32[i]=t1&0xffffffff;
-! 126 ! t1=t;
-! 127 ! a=c;
-! 128 ! b=d;
-
-/* 0x0070 128 */ add %o0,16,%g2
-/* 0x0074 123 */ and %g1,%o1,%o0
-/* 0x0078 */ sllx %o0,16,%g3
-/* 0x007c 120 */ and %g4,%o3,%o0
-/* 0x0080 117 */ add %o0,%g3,%o4
-/* 0x0084 119 */ fdtox %f0,%f0
-/* 0x0088 */ std %f0,[%sp+104]
-/* 0x008c 125 */ and %o4,%o3,%g5
-/* 0x0090 122 */ ldd [%g2+8],%f2
-/* 0x0094 128 */ add %o5,4,%o5
-/* 0x0098 124 */ srax %o4,32,%o4
-/* 0x009c */ stx %o4,[%sp+112]
-/* 0x00a0 122 */ fdtox %f2,%f0
-/* 0x00a4 */ std %f0,[%sp+96]
-/* 0x00a8 124 */ srax %g1,16,%o0
-/* 0x00ac */ ldx [%sp+112],%o7
-/* 0x00b0 121 */ srax %g4,32,%o4
-/* 0x00b4 124 */ add %o0,%o7,%g4
-/* 0x00b8 128 */ or %g0,1,%o7
-/* 0x00bc 119 */ ldx [%sp+104],%g3
-/* 0x00c0 124 */ add %o4,%g4,%o4
-/* 0x00c4 122 */ ldx [%sp+96],%g1
-/* 0x00c8 125 */ st %g5,[%o5-4]
-/* 0x00cc 127 */ or %g0,%g3,%g4
- .L900000112:
-/* 0x00d0 119 */ ldd [%g2+16],%f0
-/* 0x00d4 128 */ add %o7,1,%o7
-/* 0x00d8 */ add %o5,4,%o5
-/* 0x00dc */ cmp %o7,%o2
-/* 0x00e0 */ add %g2,16,%g2
-/* 0x00e4 119 */ fdtox %f0,%f0
-/* 0x00e8 */ std %f0,[%sp+104]
-/* 0x00ec 122 */ ldd [%g2+8],%f0
-/* 0x00f0 */ fdtox %f0,%f0
-/* 0x00f4 */ std %f0,[%sp+96]
-/* 0x00f8 123 */ and %g1,%o1,%g3
-/* 0x00fc */ sllx %g3,16,%g5
-/* 0x0100 120 */ and %g4,%o3,%g3
-/* 0x0104 117 */ add %g3,%g5,%g3
-/* 0x0108 124 */ srax %g1,16,%g1
-/* 0x010c 117 */ add %g3,%o4,%g3
-/* 0x0110 124 */ srax %g3,32,%o4
-/* 0x0114 */ stx %o4,[%sp+112]
-/* 0x0118 119 */ ldx [%sp+104],%g5
-/* 0x011c 121 */ srax %g4,32,%o4
-/* 0x0120 124 */ ldx [%sp+112],%g4
-/* 0x0124 */ add %g1,%g4,%g4
-/* 0x0128 122 */ ldx [%sp+96],%g1
-/* 0x012c 124 */ add %o4,%g4,%o4
-/* 0x0130 125 */ and %g3,%o3,%g3
-/* 0x0134 127 */ or %g0,%g5,%g4
-/* 0x0138 128 */ ble,pt %icc,.L900000112
-/* 0x013c */ st %g3,[%o5-4]
- .L900000115:
-/* 0x0140 128 */ ba .L900000117
-/* 0x0144 */ sethi %hi(0xfc00),%g2
- .L77000134:
-/* 0x0148 119 */ ldd [%g2+16],%f0
- .L900000116:
-/* 0x014c 120 */ and %g4,%o3,%o0
-/* 0x0150 123 */ and %g1,%o1,%g3
-/* 0x0154 119 */ fdtox %f0,%f0
-/* 0x0158 120 */ add %o4,%o0,%o0
-/* 0x015c 119 */ std %f0,[%sp+104]
-/* 0x0160 128 */ add %o7,1,%o7
-/* 0x0164 123 */ sllx %g3,16,%o4
-/* 0x0168 122 */ ldd [%g2+24],%f2
-/* 0x016c 128 */ add %g2,16,%g2
-/* 0x0170 123 */ add %o0,%o4,%o0
-/* 0x0174 128 */ cmp %o7,%o2
-/* 0x0178 125 */ and %o0,%o3,%g3
-/* 0x017c 122 */ fdtox %f2,%f0
-/* 0x0180 */ std %f0,[%sp+96]
-/* 0x0184 124 */ srax %o0,32,%o0
-/* 0x0188 */ stx %o0,[%sp+112]
-/* 0x018c 121 */ srax %g4,32,%o4
-/* 0x0190 122 */ ldx [%sp+96],%o0
-/* 0x0194 124 */ srax %g1,16,%g5
-/* 0x0198 */ ldx [%sp+112],%g4
-/* 0x019c 119 */ ldx [%sp+104],%g1
-/* 0x01a0 125 */ st %g3,[%o5]
-/* 0x01a4 124 */ add %g5,%g4,%g4
-/* 0x01a8 128 */ add %o5,4,%o5
-/* 0x01ac 124 */ add %o4,%g4,%o4
-/* 0x01b0 127 */ or %g0,%g1,%g4
-/* 0x01b4 128 */ or %g0,%o0,%g1
-/* 0x01b8 */ ble,a,pt %icc,.L900000116
-/* 0x01bc */ ldd [%g2+16],%f0
- .L77000127:
-
-! 129 ! }
-! 130 ! t1+=a&0xffffffff;
-! 131 ! t=(a>>32);
-! 132 ! t1+=(b&0xffff)<<16;
-! 133 ! i32[i]=t1&0xffffffff;
-
-/* 0x01c0 133 */ sethi %hi(0xfc00),%g2
- .L900000117:
-/* 0x01c4 133 */ or %g0,-1,%g3
-/* 0x01c8 */ add %g2,1023,%g2
-/* 0x01cc */ srl %g3,0,%g3
-/* 0x01d0 */ and %g1,%g2,%g2
-/* 0x01d4 */ and %g4,%g3,%g4
-/* 0x01d8 */ sllx %g2,16,%g2
-/* 0x01dc */ add %o4,%g4,%g4
-/* 0x01e0 */ add %g4,%g2,%g2
-/* 0x01e4 */ sll %o7,2,%g4
-/* 0x01e8 */ and %g2,%g3,%g2
-/* 0x01ec */ st %g2,[%i0+%g4]
-/* 0x01f0 */ ret ! Result =
-/* 0x01f4 */ restore %g0,%g0,%g0
-/* 0x01f8 0 */ .type conv_d16_to_i32,2
-/* 0x01f8 */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000201:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 4
-/* 0x0008 */ .skip 16
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32
- conv_i32_to_d32:
-/* 000000 */ or %g0,%o7,%g2
-
-! 135 !}
-! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-! 138 !{
-! 139 !int i;
-! 141 !#pragma pipeloop(0)
-! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004 142 */ cmp %o2,0
- .L900000210:
-/* 0x0008 */ call .+8
-/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0010 142 */ or %g0,0,%o5
-/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0018 */ or %g0,%o0,%g5
-/* 0x001c */ add %g4,%o7,%g1
-/* 0x0020 142 */ ble,pt %icc,.L77000140
-/* 0x0024 */ or %g0,%g2,%o7
-/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g2
-/* 0x002c 138 */ or %g0,%o1,%g4
-/* 0x0030 142 */ add %g2,%lo(.L_const_seg_900000201),%g2
-/* 0x0034 */ sub %o2,1,%g3
-/* 0x0038 */ ld [%g1+%g2],%g2
-/* 0x003c */ cmp %o2,9
-/* 0x0040 */ bl,pn %icc,.L77000144
-/* 0x0044 */ ldd [%g2],%f8
-/* 0x0048 */ add %o1,16,%g4
-/* 0x004c */ sub %o2,5,%g1
-/* 0x0050 */ ld [%o1],%f7
-/* 0x0054 */ or %g0,4,%o5
-/* 0x0058 */ ld [%o1+4],%f5
-/* 0x005c */ ld [%o1+8],%f3
-/* 0x0060 */ fmovs %f8,%f6
-/* 0x0064 */ ld [%o1+12],%f1
- .L900000205:
-/* 0x0068 */ ld [%g4],%f11
-/* 0x006c */ add %o5,5,%o5
-/* 0x0070 */ add %g4,20,%g4
-/* 0x0074 */ fsubd %f6,%f8,%f6
-/* 0x0078 */ std %f6,[%g5]
-/* 0x007c */ cmp %o5,%g1
-/* 0x0080 */ add %g5,40,%g5
-/* 0x0084 */ fmovs %f8,%f4
-/* 0x0088 */ ld [%g4-16],%f7
-/* 0x008c */ fsubd %f4,%f8,%f12
-/* 0x0090 */ fmovs %f8,%f2
-/* 0x0094 */ std %f12,[%g5-32]
-/* 0x0098 */ ld [%g4-12],%f5
-/* 0x009c */ fsubd %f2,%f8,%f12
-/* 0x00a0 */ fmovs %f8,%f0
-/* 0x00a4 */ std %f12,[%g5-24]
-/* 0x00a8 */ ld [%g4-8],%f3
-/* 0x00ac */ fsubd %f0,%f8,%f12
-/* 0x00b0 */ fmovs %f8,%f10
-/* 0x00b4 */ std %f12,[%g5-16]
-/* 0x00b8 */ ld [%g4-4],%f1
-/* 0x00bc */ fsubd %f10,%f8,%f10
-/* 0x00c0 */ fmovs %f8,%f6
-/* 0x00c4 */ ble,pt %icc,.L900000205
-/* 0x00c8 */ std %f10,[%g5-8]
- .L900000208:
-/* 0x00cc */ fmovs %f8,%f4
-/* 0x00d0 */ add %g5,32,%g5
-/* 0x00d4 */ cmp %o5,%g3
-/* 0x00d8 */ fmovs %f8,%f2
-/* 0x00dc */ fmovs %f8,%f0
-/* 0x00e0 */ fsubd %f6,%f8,%f6
-/* 0x00e4 */ std %f6,[%g5-32]
-/* 0x00e8 */ fsubd %f4,%f8,%f4
-/* 0x00ec */ std %f4,[%g5-24]
-/* 0x00f0 */ fsubd %f2,%f8,%f2
-/* 0x00f4 */ std %f2,[%g5-16]
-/* 0x00f8 */ fsubd %f0,%f8,%f0
-/* 0x00fc */ bg,pn %icc,.L77000140
-/* 0x0100 */ std %f0,[%g5-8]
- .L77000144:
-/* 0x0104 */ ld [%g4],%f1
- .L900000211:
-/* 0x0108 */ ldd [%g2],%f8
-/* 0x010c */ add %o5,1,%o5
-/* 0x0110 */ add %g4,4,%g4
-/* 0x0114 */ cmp %o5,%g3
-/* 0x0118 */ fmovs %f8,%f0
-/* 0x011c */ fsubd %f0,%f8,%f0
-/* 0x0120 */ std %f0,[%g5]
-/* 0x0124 */ add %g5,8,%g5
-/* 0x0128 */ ble,a,pt %icc,.L900000211
-/* 0x012c */ ld [%g4],%f1
- .L77000140:
-/* 0x0130 */ retl ! Result =
-/* 0x0134 */ nop
-/* 0x0138 0 */ .type conv_i32_to_d32,2
-/* 0x0138 */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000301:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 4
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d16
- conv_i32_to_d16:
-/* 000000 */ save %sp,-104,%sp
-/* 0x0004 */ or %g0,%i2,%o0
-
-! 143 !}
-! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-! 147 !{
-! 148 !int i;
-! 149 !unsigned int a;
-! 151 !#pragma pipeloop(0)
-! 152 ! for(i=0;i<len;i++)
-! 153 ! {
-! 154 ! a=i32[i];
-! 155 ! d16[2*i]=(double)(a&0xffff);
-! 156 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0008 156 */ sethi %hi(.L_const_seg_900000301),%g2
- .L900000310:
-/* 0x000c */ call .+8
-/* 0x0010 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x0014 152 */ cmp %o0,0
-/* 0x0018 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x001c 152 */ ble,pt %icc,.L77000150
-/* 0x0020 */ add %g3,%o7,%o2
-/* 0x0024 */ sub %i2,1,%o5
-/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%o1
-/* 0x002c 152 */ sethi %hi(0xfc00),%o0
-/* 0x0030 */ ld [%o2+%o1],%o3
-/* 0x0034 */ add %o5,1,%g2
-/* 0x0038 */ or %g0,0,%g1
-/* 0x003c */ cmp %g2,3
-/* 0x0040 */ or %g0,%i1,%o7
-/* 0x0044 */ add %o0,1023,%o4
-/* 0x0048 */ or %g0,%i0,%g3
-/* 0x004c */ bl,pn %icc,.L77000154
-/* 0x0050 */ add %o7,4,%o0
-/* 0x0054 155 */ ldd [%o3],%f0
-/* 0x0058 156 */ or %g0,1,%g1
-/* 0x005c 154 */ ld [%o0-4],%o1
-/* 0x0060 0 */ or %g0,%o0,%o7
-/* 0x0064 155 */ and %o1,%o4,%o0
- .L900000306:
-/* 0x0068 155 */ st %o0,[%sp+96]
-/* 0x006c 156 */ add %g1,1,%g1
-/* 0x0070 */ add %g3,16,%g3
-/* 0x0074 */ cmp %g1,%o5
-/* 0x0078 */ add %o7,4,%o7
-/* 0x007c 155 */ ld [%sp+96],%f3
-/* 0x0080 */ fmovs %f0,%f2
-/* 0x0084 */ fsubd %f2,%f0,%f2
-/* 0x0088 156 */ srl %o1,16,%o0
-/* 0x008c 155 */ std %f2,[%g3-16]
-/* 0x0090 156 */ st %o0,[%sp+92]
-/* 0x0094 */ ld [%sp+92],%f3
-/* 0x0098 154 */ ld [%o7-4],%o1
-/* 0x009c 156 */ fmovs %f0,%f2
-/* 0x00a0 */ fsubd %f2,%f0,%f2
-/* 0x00a4 155 */ and %o1,%o4,%o0
-/* 0x00a8 156 */ ble,pt %icc,.L900000306
-/* 0x00ac */ std %f2,[%g3-8]
- .L900000309:
-/* 0x00b0 155 */ st %o0,[%sp+96]
-/* 0x00b4 */ fmovs %f0,%f2
-/* 0x00b8 156 */ add %g3,16,%g3
-/* 0x00bc */ srl %o1,16,%o0
-/* 0x00c0 155 */ ld [%sp+96],%f3
-/* 0x00c4 */ fsubd %f2,%f0,%f2
-/* 0x00c8 */ std %f2,[%g3-16]
-/* 0x00cc 156 */ st %o0,[%sp+92]
-/* 0x00d0 */ fmovs %f0,%f2
-/* 0x00d4 */ ld [%sp+92],%f3
-/* 0x00d8 */ fsubd %f2,%f0,%f0
-/* 0x00dc */ std %f0,[%g3-8]
-/* 0x00e0 */ ret ! Result =
-/* 0x00e4 */ restore %g0,%g0,%g0
- .L77000154:
-/* 0x00e8 154 */ ld [%o7],%o0
- .L900000311:
-/* 0x00ec 155 */ and %o0,%o4,%o1
-/* 0x00f0 */ st %o1,[%sp+96]
-/* 0x00f4 156 */ add %g1,1,%g1
-/* 0x00f8 155 */ ldd [%o3],%f0
-/* 0x00fc 156 */ srl %o0,16,%o0
-/* 0x0100 */ add %o7,4,%o7
-/* 0x0104 */ cmp %g1,%o5
-/* 0x0108 155 */ fmovs %f0,%f2
-/* 0x010c */ ld [%sp+96],%f3
-/* 0x0110 */ fsubd %f2,%f0,%f2
-/* 0x0114 */ std %f2,[%g3]
-/* 0x0118 156 */ st %o0,[%sp+92]
-/* 0x011c */ fmovs %f0,%f2
-/* 0x0120 */ ld [%sp+92],%f3
-/* 0x0124 */ fsubd %f2,%f0,%f0
-/* 0x0128 */ std %f0,[%g3+8]
-/* 0x012c */ add %g3,16,%g3
-/* 0x0130 */ ble,a,pt %icc,.L900000311
-/* 0x0134 */ ld [%o7],%o0
- .L77000150:
-/* 0x0138 */ ret ! Result =
-/* 0x013c */ restore %g0,%g0,%g0
-/* 0x0140 0 */ .type conv_i32_to_d16,2
-/* 0x0140 */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000401:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 4
-/* 0x0008 */ .skip 16
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32_and_d16
- conv_i32_to_d32_and_d16:
-/* 000000 */ save %sp,-120,%sp
- .L900000415:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
-
-! 157 ! }
-! 158 !}
-! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
-! 162 ! unsigned int *i32, int len)
-! 163 !{
-! 164 !int i = 0;
-! 165 !unsigned int a;
-! 167 !#pragma pipeloop(0)
-! 168 !#ifdef RF_INLINE_MACROS
-! 169 ! for(;i<len-3;i+=4)
-
-/* 0x000c 169 */ sub %i3,3,%g2
-/* 0x0010 */ cmp %g2,0
-/* 0x0014 163 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
-
-! 170 ! {
-! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x0018 172 */ sethi %hi(Zero),%g2
-/* 0x001c 163 */ add %g4,%o7,%o4
-/* 0x0020 172 */ add %g2,%lo(Zero),%g2
-/* 0x0024 */ sethi %hi(TwoToMinus16),%g3
-/* 0x0028 */ ld [%o4+%g2],%o1
-/* 0x002c */ sethi %hi(TwoTo16),%g4
-/* 0x0030 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x0034 */ ld [%o4+%g2],%o3
-/* 0x0038 164 */ or %g0,0,%g5
-/* 0x003c 172 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0040 */ ld [%o4+%g3],%o2
-/* 0x0044 163 */ or %g0,%i0,%i4
-/* 0x0048 169 */ or %g0,%i2,%o7
-/* 0x004c */ ble,pt %icc,.L900000418
-/* 0x0050 */ cmp %g5,%i3
-/* 0x0054 172 */ stx %o7,[%sp+104]
-/* 0x0058 169 */ sub %i3,4,%o5
-/* 0x005c */ or %g0,0,%g4
-/* 0x0060 */ or %g0,0,%g1
- .L900000417:
-/* 0x0064 */ ldd [%o1],%f2
-/* 0x0068 172 */ add %i4,%g4,%g2
-/* 0x006c */ add %i1,%g1,%g3
-/* 0x0070 */ ldd [%o3],%f0
-/* 0x0074 */ add %g5,4,%g5
-/* 0x0078 */ fmovd %f2,%f14
-/* 0x007c */ ld [%o7],%f15
-/* 0x0080 */ cmp %g5,%o5
-/* 0x0084 */ fmovd %f2,%f10
-/* 0x0088 */ ld [%o7+4],%f11
-/* 0x008c */ add %o7,16,%o7
-/* 0x0090 */ ldx [%sp+104],%o0
-/* 0x0094 */ fmovd %f2,%f6
-/* 0x0098 */ stx %o7,[%sp+112]
-/* 0x009c */ fxtod %f14,%f14
-/* 0x00a0 */ ld [%o0+8],%f7
-/* 0x00a4 */ fxtod %f10,%f10
-/* 0x00a8 */ ld [%o0+12],%f3
-/* 0x00ac */ fxtod %f6,%f6
-/* 0x00b0 */ ldd [%o2],%f16
-/* 0x00b4 */ fmuld %f0,%f14,%f12
-/* 0x00b8 */ fxtod %f2,%f2
-/* 0x00bc */ fmuld %f0,%f10,%f8
-/* 0x00c0 */ std %f14,[%i4+%g4]
-/* 0x00c4 */ ldx [%sp+112],%o7
-/* 0x00c8 */ add %g4,32,%g4
-/* 0x00cc */ fmuld %f0,%f6,%f4
-/* 0x00d0 */ fdtox %f12,%f12
-/* 0x00d4 */ std %f10,[%g2+8]
-/* 0x00d8 */ fmuld %f0,%f2,%f0
-/* 0x00dc */ fdtox %f8,%f8
-/* 0x00e0 */ std %f6,[%g2+16]
-/* 0x00e4 */ std %f2,[%g2+24]
-/* 0x00e8 */ fdtox %f4,%f4
-/* 0x00ec */ fdtox %f0,%f0
-/* 0x00f0 */ fxtod %f12,%f12
-/* 0x00f4 */ std %f12,[%g3+8]
-/* 0x00f8 */ fxtod %f8,%f8
-/* 0x00fc */ std %f8,[%g3+24]
-/* 0x0100 */ fxtod %f4,%f4
-/* 0x0104 */ std %f4,[%g3+40]
-/* 0x0108 */ fxtod %f0,%f0
-/* 0x010c */ std %f0,[%g3+56]
-/* 0x0110 */ fmuld %f12,%f16,%f12
-/* 0x0114 */ fmuld %f8,%f16,%f8
-/* 0x0118 */ fmuld %f4,%f16,%f4
-/* 0x011c */ fsubd %f14,%f12,%f12
-/* 0x0120 */ std %f12,[%i1+%g1]
-/* 0x0124 */ fmuld %f0,%f16,%f0
-/* 0x0128 */ fsubd %f10,%f8,%f8
-/* 0x012c */ std %f8,[%g3+16]
-/* 0x0130 */ add %g1,64,%g1
-/* 0x0134 */ fsubd %f6,%f4,%f4
-/* 0x0138 */ std %f4,[%g3+32]
-/* 0x013c */ fsubd %f2,%f0,%f0
-/* 0x0140 */ std %f0,[%g3+48]
-/* 0x0144 */ ble,a,pt %icc,.L900000417
-/* 0x0148 */ stx %o7,[%sp+104]
- .L77000159:
-
-! 173 ! }
-! 174 !#endif
-! 175 ! for(;i<len;i++)
-
-/* 0x014c 175 */ cmp %g5,%i3
- .L900000418:
-/* 0x0150 175 */ bge,pt %icc,.L77000164
-/* 0x0154 */ nop
-
-! 176 ! {
-! 177 ! a=i32[i];
-! 178 ! d32[i]=(double)(i32[i]);
-! 179 ! d16[2*i]=(double)(a&0xffff);
-! 180 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2
-/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%o1
-/* 0x0160 175 */ sethi %hi(0xfc00),%o0
-/* 0x0164 */ ld [%o4+%o1],%o2
-/* 0x0168 */ sll %g5,2,%o3
-/* 0x016c */ sub %i3,%g5,%g3
-/* 0x0170 */ sll %g5,3,%g2
-/* 0x0174 */ add %o0,1023,%o4
-/* 0x0178 178 */ ldd [%o2],%f0
-/* 0x017c */ add %i2,%o3,%o0
-/* 0x0180 175 */ cmp %g3,3
-/* 0x0184 */ add %i4,%g2,%o3
-/* 0x0188 */ sub %i3,1,%o1
-/* 0x018c */ sll %g5,4,%g4
-/* 0x0190 */ bl,pn %icc,.L77000161
-/* 0x0194 */ add %i1,%g4,%o5
-/* 0x0198 178 */ ld [%o0],%f3
-/* 0x019c 180 */ add %o3,8,%o3
-/* 0x01a0 177 */ ld [%o0],%o7
-/* 0x01a4 180 */ add %o5,16,%o5
-/* 0x01a8 */ add %g5,1,%g5
-/* 0x01ac 178 */ fmovs %f0,%f2
-/* 0x01b0 180 */ add %o0,4,%o0
-/* 0x01b4 179 */ and %o7,%o4,%g1
-/* 0x01b8 178 */ fsubd %f2,%f0,%f2
-/* 0x01bc */ std %f2,[%o3-8]
-/* 0x01c0 180 */ srl %o7,16,%o7
-/* 0x01c4 179 */ st %g1,[%sp+96]
-/* 0x01c8 */ fmovs %f0,%f2
-/* 0x01cc */ ld [%sp+96],%f3
-/* 0x01d0 */ fsubd %f2,%f0,%f2
-/* 0x01d4 */ std %f2,[%o5-16]
-/* 0x01d8 180 */ st %o7,[%sp+92]
-/* 0x01dc */ fmovs %f0,%f2
-/* 0x01e0 */ ld [%sp+92],%f3
-/* 0x01e4 */ fsubd %f2,%f0,%f2
-/* 0x01e8 */ std %f2,[%o5-8]
- .L900000411:
-/* 0x01ec 178 */ ld [%o0],%f3
-/* 0x01f0 180 */ add %g5,2,%g5
-/* 0x01f4 */ add %o5,32,%o5
-/* 0x01f8 177 */ ld [%o0],%o7
-/* 0x01fc 180 */ cmp %g5,%o1
-/* 0x0200 */ add %o3,16,%o3
-/* 0x0204 178 */ fmovs %f0,%f2
-/* 0x0208 */ fsubd %f2,%f0,%f2
-/* 0x020c */ std %f2,[%o3-16]
-/* 0x0210 179 */ and %o7,%o4,%g1
-/* 0x0214 */ st %g1,[%sp+96]
-/* 0x0218 */ ld [%sp+96],%f3
-/* 0x021c */ fmovs %f0,%f2
-/* 0x0220 */ fsubd %f2,%f0,%f2
-/* 0x0224 180 */ srl %o7,16,%o7
-/* 0x0228 179 */ std %f2,[%o5-32]
-/* 0x022c 180 */ st %o7,[%sp+92]
-/* 0x0230 */ ld [%sp+92],%f3
-/* 0x0234 */ fmovs %f0,%f2
-/* 0x0238 */ fsubd %f2,%f0,%f2
-/* 0x023c */ std %f2,[%o5-24]
-/* 0x0240 */ add %o0,4,%o0
-/* 0x0244 178 */ ld [%o0],%f3
-/* 0x0248 177 */ ld [%o0],%o7
-/* 0x024c 178 */ fmovs %f0,%f2
-/* 0x0250 */ fsubd %f2,%f0,%f2
-/* 0x0254 */ std %f2,[%o3-8]
-/* 0x0258 179 */ and %o7,%o4,%g1
-/* 0x025c */ st %g1,[%sp+96]
-/* 0x0260 */ ld [%sp+96],%f3
-/* 0x0264 */ fmovs %f0,%f2
-/* 0x0268 */ fsubd %f2,%f0,%f2
-/* 0x026c 180 */ srl %o7,16,%o7
-/* 0x0270 179 */ std %f2,[%o5-16]
-/* 0x0274 180 */ st %o7,[%sp+92]
-/* 0x0278 */ ld [%sp+92],%f3
-/* 0x027c */ fmovs %f0,%f2
-/* 0x0280 */ fsubd %f2,%f0,%f2
-/* 0x0284 */ std %f2,[%o5-8]
-/* 0x0288 */ bl,pt %icc,.L900000411
-/* 0x028c */ add %o0,4,%o0
- .L900000414:
-/* 0x0290 180 */ cmp %g5,%i3
-/* 0x0294 */ bge,pn %icc,.L77000164
-/* 0x0298 */ nop
- .L77000161:
-/* 0x029c 178 */ ld [%o0],%f3
- .L900000416:
-/* 0x02a0 178 */ ldd [%o2],%f0
-/* 0x02a4 180 */ add %g5,1,%g5
-/* 0x02a8 177 */ ld [%o0],%o1
-/* 0x02ac 180 */ add %o0,4,%o0
-/* 0x02b0 */ cmp %g5,%i3
-/* 0x02b4 178 */ fmovs %f0,%f2
-/* 0x02b8 179 */ and %o1,%o4,%o7
-/* 0x02bc 178 */ fsubd %f2,%f0,%f2
-/* 0x02c0 */ std %f2,[%o3]
-/* 0x02c4 180 */ srl %o1,16,%o1
-/* 0x02c8 179 */ st %o7,[%sp+96]
-/* 0x02cc 180 */ add %o3,8,%o3
-/* 0x02d0 179 */ fmovs %f0,%f2
-/* 0x02d4 */ ld [%sp+96],%f3
-/* 0x02d8 */ fsubd %f2,%f0,%f2
-/* 0x02dc */ std %f2,[%o5]
-/* 0x02e0 180 */ st %o1,[%sp+92]
-/* 0x02e4 */ fmovs %f0,%f2
-/* 0x02e8 */ ld [%sp+92],%f3
-/* 0x02ec */ fsubd %f2,%f0,%f0
-/* 0x02f0 */ std %f0,[%o5+8]
-/* 0x02f4 */ add %o5,16,%o5
-/* 0x02f8 */ bl,a,pt %icc,.L900000416
-/* 0x02fc */ ld [%o0],%f3
- .L77000164:
-/* 0x0300 */ ret ! Result =
-/* 0x0304 */ restore %g0,%g0,%g0
-/* 0x0308 0 */ .type conv_i32_to_d32_and_d16,2
-/* 0x0308 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 4
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global adjust_montf_result
- adjust_montf_result:
-/* 000000 */ or %g0,%o2,%g5
-
-! 181 ! }
-! 182 !}
-! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-! 186 !{
-! 187 !long long acc;
-! 188 !int i;
-! 190 ! if(i32[len]>0) i=-1;
-
-/* 0x0004 190 */ or %g0,-1,%g4
-/* 0x0008 */ sll %o2,2,%g1
-/* 0x000c */ ld [%o0+%g1],%g1
-/* 0x0010 */ cmp %g1,0
-/* 0x0014 */ bleu,pn %icc,.L77000175
-/* 0x0018 */ or %g0,%o1,%o3
-/* 0x001c */ ba .L900000511
-/* 0x0020 */ cmp %g4,0
- .L77000175:
-
-! 191 ! else
-! 192 ! {
-! 193 ! for(i=len-1; i>=0; i--)
-
-/* 0x0024 193 */ sub %o2,1,%g4
-/* 0x0028 */ sll %g4,2,%g1
-/* 0x002c */ cmp %g4,0
-/* 0x0030 */ bl,pt %icc,.L900000511
-/* 0x0034 */ cmp %g4,0
-/* 0x0038 */ add %o1,%g1,%g2
-
-! 194 ! {
-! 195 ! if(i32[i]!=nint[i]) break;
-
-/* 0x003c 195 */ ld [%g2],%o5
-/* 0x0040 193 */ add %o0,%g1,%g3
- .L900000510:
-/* 0x0044 195 */ ld [%g3],%o2
-/* 0x0048 */ sub %g4,1,%g1
-/* 0x004c */ sub %g2,4,%g2
-/* 0x0050 */ sub %g3,4,%g3
-/* 0x0054 */ cmp %o2,%o5
-/* 0x0058 */ bne,pn %icc,.L77000182
-/* 0x005c */ nop
-/* 0x0060 0 */ or %g0,%g1,%g4
-/* 0x0064 195 */ cmp %g1,0
-/* 0x0068 */ bge,a,pt %icc,.L900000510
-/* 0x006c */ ld [%g2],%o5
- .L77000182:
-
-! 196 ! }
-! 197 ! }
-! 198 ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x0070 198 */ cmp %g4,0
- .L900000511:
-/* 0x0074 198 */ bl,pn %icc,.L77000198
-/* 0x0078 */ sll %g4,2,%g2
-/* 0x007c */ ld [%o1+%g2],%g1
-/* 0x0080 */ ld [%o0+%g2],%g2
-/* 0x0084 */ cmp %g2,%g1
-/* 0x0088 */ bleu,pt %icc,.L77000191
-/* 0x008c */ nop
- .L77000198:
-
-! 199 ! {
-! 200 ! acc=0;
-! 201 ! for(i=0;i<len;i++)
-
-/* 0x0090 201 */ cmp %g5,0
-/* 0x0094 */ ble,pt %icc,.L77000191
-/* 0x0098 */ nop
-/* 0x009c */ or %g0,%g5,%g1
-/* 0x00a0 198 */ or %g0,-1,%g2
-/* 0x00a4 */ srl %g2,0,%g3
-/* 0x00a8 */ sub %g5,1,%g4
-/* 0x00ac 200 */ or %g0,0,%g5
-/* 0x00b0 201 */ or %g0,0,%o5
-/* 0x00b4 198 */ or %g0,%o0,%o4
-/* 0x00b8 */ cmp %g1,3
-/* 0x00bc 201 */ bl,pn %icc,.L77000199
-/* 0x00c0 */ add %o0,8,%g1
-/* 0x00c4 */ add %o1,4,%g2
-
-! 202 ! {
-! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00c8 203 */ ld [%o0],%o2
-/* 0x00cc */ ld [%o1],%o1
-/* 0x00d0 0 */ or %g0,%g1,%o4
-/* 0x00d4 */ or %g0,%g2,%o3
-/* 0x00d8 203 */ ld [%o0+4],%g1
-
-! 204 ! i32[i]=acc&0xffffffff;
-! 205 ! acc=acc>>32;
-
-/* 0x00dc 205 */ or %g0,2,%o5
-/* 0x00e0 201 */ sub %o2,%o1,%o2
-/* 0x00e4 */ or %g0,%o2,%g5
-/* 0x00e8 204 */ and %o2,%g3,%o2
-/* 0x00ec */ st %o2,[%o0]
-/* 0x00f0 205 */ srax %g5,32,%g5
- .L900000505:
-/* 0x00f4 203 */ ld [%o3],%o2
-/* 0x00f8 205 */ add %o5,1,%o5
-/* 0x00fc */ add %o3,4,%o3
-/* 0x0100 */ cmp %o5,%g4
-/* 0x0104 */ add %o4,4,%o4
-/* 0x0108 201 */ sub %g1,%o2,%g1
-/* 0x010c */ add %g1,%g5,%g5
-/* 0x0110 204 */ and %g5,%g3,%o2
-/* 0x0114 203 */ ld [%o4-4],%g1
-/* 0x0118 204 */ st %o2,[%o4-8]
-/* 0x011c 205 */ ble,pt %icc,.L900000505
-/* 0x0120 */ srax %g5,32,%g5
- .L900000508:
-/* 0x0124 203 */ ld [%o3],%g2
-/* 0x0128 201 */ sub %g1,%g2,%g1
-/* 0x012c */ add %g1,%g5,%g1
-/* 0x0130 204 */ and %g1,%g3,%g2
-/* 0x0134 */ retl ! Result =
-/* 0x0138 */ st %g2,[%o4-4]
- .L77000199:
-/* 0x013c 203 */ ld [%o4],%g1
- .L900000509:
-/* 0x0140 203 */ ld [%o3],%g2
-/* 0x0144 */ add %g5,%g1,%g1
-/* 0x0148 205 */ add %o5,1,%o5
-/* 0x014c */ add %o3,4,%o3
-/* 0x0150 */ cmp %o5,%g4
-/* 0x0154 203 */ sub %g1,%g2,%g1
-/* 0x0158 204 */ and %g1,%g3,%g2
-/* 0x015c */ st %g2,[%o4]
-/* 0x0160 205 */ add %o4,4,%o4
-/* 0x0164 */ srax %g1,32,%g5
-/* 0x0168 */ ble,a,pt %icc,.L900000509
-/* 0x016c */ ld [%o4],%g1
- .L77000191:
-/* 0x0170 */ retl ! Result =
-/* 0x0174 */ nop
-/* 0x0178 0 */ .type adjust_montf_result,2
-/* 0x0178 */ .size adjust_montf_result,(.-adjust_montf_result)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 4
-/* 000000 */ .skip 16
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global mont_mulf_noconv
- mont_mulf_noconv:
-/* 000000 */ save %sp,-144,%sp
- .L900000646:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
-
-! 206 ! }
-! 207 ! }
-! 208 !}
-! 213 !/*
-! 214 !** the lengths of the input arrays should be at least the following:
-! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-! 216 !** all of them should be different from one another
-! 217 !**
-! 218 !*/
-! 219 !void mont_mulf_noconv(unsigned int *result,
-! 220 ! double *dm1, double *dm2, double *dt,
-! 221 ! double *dn, unsigned int *nint,
-! 222 ! int nlen, double dn0)
-! 223 !{
-! 224 ! int i, j, jj;
-! 225 ! int tmp;
-! 226 ! double digit, m2j, nextm2j, a, b;
-! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-! 229 ! pdm1=&(dm1[0]);
-! 230 ! pdm2=&(dm2[0]);
-! 231 ! pdn=&(dn[0]);
-! 232 ! pdm2[2*nlen]=Zero;
-
-/* 0x000c 232 */ ld [%fp+92],%o1
-/* 0x0010 */ sethi %hi(Zero),%g2
-/* 0x0014 223 */ ldd [%fp+96],%f2
-/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
-/* 0x001c 232 */ add %g2,%lo(Zero),%g2
-/* 0x0020 223 */ st %i0,[%fp+68]
-/* 0x0024 */ add %g5,%o7,%o3
-
-! 234 ! if (nlen!=16)
-! 235 ! {
-! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-! 238 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-/* 0x0028 239 */ sethi %hi(TwoToMinus16),%g3
-/* 0x002c 232 */ ld [%o3+%g2],%l0
-/* 0x0030 239 */ sethi %hi(TwoTo16),%g4
-/* 0x0034 223 */ or %g0,%i2,%o2
-/* 0x0038 */ fmovd %f2,%f16
-/* 0x003c */ st %i5,[%fp+88]
-/* 0x0040 239 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x0044 223 */ or %g0,%i1,%i2
-/* 0x0048 232 */ ldd [%l0],%f0
-/* 0x004c 239 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0050 223 */ or %g0,%i3,%o0
-/* 0x0054 232 */ sll %o1,4,%g4
-/* 0x0058 239 */ ld [%o3+%g2],%g5
-/* 0x005c 223 */ or %g0,%i3,%i1
-/* 0x0060 239 */ ld [%o3+%g3],%g1
-/* 0x0064 232 */ or %g0,%o1,%i0
-/* 0x0068 */ or %g0,%o2,%i3
-/* 0x006c 234 */ cmp %o1,16
-/* 0x0070 */ be,pn %icc,.L77000279
-/* 0x0074 */ std %f0,[%o2+%g4]
-/* 0x0078 236 */ sll %o1,2,%g2
-/* 0x007c */ or %g0,%o0,%o3
-/* 0x0080 232 */ sll %o1,1,%o1
-/* 0x0084 236 */ add %g2,2,%o2
-/* 0x0088 */ cmp %o2,0
-/* 0x008c */ ble,a,pt %icc,.L900000660
-/* 0x0090 */ ldd [%i2],%f0
-
-! 241 ! pdtj=&(dt[0]);
-! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-! 243 ! {
-! 244 ! m2j=pdm2[j];
-! 245 ! a=pdtj[0]+pdn[0]*digit;
-! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-! 247 ! pdtj[1]=b;
-! 249 !#pragma pipeloop(0)
-! 250 ! for(i=1;i<nlen;i++)
-! 251 ! {
-! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 253 ! }
-! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-! 255 !
-! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 257 ! }
-! 258 ! }
-! 259 ! else
-! 260 ! {
-! 261 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
-! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
-! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
-! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
-! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
-! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
-! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
-! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
-! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
-! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
-! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-! 275 ! pdn_0=pdn[0];
-! 276 ! pdm1_0=pdm1[0];
-! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 279 ! pdtj=&(dt[0]);
-! 281 ! for(j=0;j<32;j++,pdtj++)
-
-/* 0x0094 281 */ add %g2,2,%o0
-/* 0x0098 236 */ add %g2,1,%o2
-/* 0x009c 281 */ cmp %o0,3
-/* 0x00a0 */ bl,pn %icc,.L77000280
-/* 0x00a4 */ or %g0,1,%o0
-/* 0x00a8 */ add %o3,8,%o3
-/* 0x00ac */ or %g0,1,%o4
-/* 0x00b0 */ std %f0,[%o3-8]
- .L900000630:
-/* 0x00b4 */ std %f0,[%o3]
-/* 0x00b8 */ add %o4,2,%o4
-/* 0x00bc */ add %o3,16,%o3
-/* 0x00c0 */ cmp %o4,%g2
-/* 0x00c4 */ ble,pt %icc,.L900000630
-/* 0x00c8 */ std %f0,[%o3-8]
- .L900000633:
-/* 0x00cc */ cmp %o4,%o2
-/* 0x00d0 */ bg,pn %icc,.L77000285
-/* 0x00d4 */ add %o4,1,%o0
- .L77000280:
-/* 0x00d8 */ std %f0,[%o3]
- .L900000659:
-/* 0x00dc */ ldd [%l0],%f0
-/* 0x00e0 */ cmp %o0,%o2
-/* 0x00e4 */ add %o3,8,%o3
-/* 0x00e8 */ add %o0,1,%o0
-/* 0x00ec */ ble,a,pt %icc,.L900000659
-/* 0x00f0 */ std %f0,[%o3]
- .L77000285:
-/* 0x00f4 238 */ ldd [%i2],%f0
- .L900000660:
-/* 0x00f8 238 */ ldd [%i3],%f2
-/* 0x00fc */ add %o1,1,%o2
-/* 0x0100 242 */ cmp %o1,0
-/* 0x0104 */ sll %o2,1,%o0
-/* 0x0108 */ sub %o1,1,%o1
-/* 0x010c 238 */ fmuld %f0,%f2,%f0
-/* 0x0110 */ std %f0,[%i1]
-/* 0x0114 0 */ or %g0,0,%l1
-/* 0x0118 */ ldd [%l0],%f6
-/* 0x011c */ or %g0,0,%g4
-/* 0x0120 */ or %g0,%o2,%i5
-/* 0x0124 */ ldd [%g5],%f2
-/* 0x0128 */ or %g0,%o1,%g3
-/* 0x012c */ or %g0,%o0,%o3
-/* 0x0130 */ fdtox %f0,%f0
-/* 0x0134 */ ldd [%g1],%f4
-/* 0x0138 246 */ add %i3,8,%o4
-/* 0x013c */ or %g0,0,%l2
-/* 0x0140 */ or %g0,%i1,%o5
-/* 0x0144 */ sub %i0,1,%o7
-/* 0x0148 */ fmovs %f6,%f0
-/* 0x014c */ fxtod %f0,%f0
-/* 0x0150 239 */ fmuld %f0,%f16,%f0
-/* 0x0154 */ fmuld %f0,%f2,%f2
-/* 0x0158 */ fdtox %f2,%f2
-/* 0x015c */ fxtod %f2,%f2
-/* 0x0160 */ fmuld %f2,%f4,%f2
-/* 0x0164 */ fsubd %f0,%f2,%f22
-/* 0x0168 242 */ ble,pt %icc,.L900000653
-/* 0x016c */ sll %i0,4,%g2
-/* 0x0170 246 */ ldd [%i4],%f0
- .L900000654:
-/* 0x0174 246 */ fmuld %f0,%f22,%f8
-/* 0x0178 */ ldd [%i2],%f0
-/* 0x017c 250 */ cmp %i0,1
-/* 0x0180 246 */ ldd [%o4+%l2],%f6
-/* 0x0184 */ add %i2,8,%o0
-/* 0x0188 250 */ or %g0,1,%o1
-/* 0x018c 246 */ ldd [%o5],%f2
-/* 0x0190 */ add %o5,16,%l3
-/* 0x0194 */ fmuld %f0,%f6,%f6
-/* 0x0198 */ ldd [%g5],%f4
-/* 0x019c */ faddd %f2,%f8,%f2
-/* 0x01a0 */ ldd [%o5+8],%f0
-/* 0x01a4 244 */ ldd [%i3+%l2],%f20
-/* 0x01a8 246 */ faddd %f0,%f6,%f0
-/* 0x01ac */ fmuld %f2,%f4,%f2
-/* 0x01b0 */ faddd %f0,%f2,%f18
-/* 0x01b4 247 */ std %f18,[%o5+8]
-/* 0x01b8 250 */ ble,pt %icc,.L900000658
-/* 0x01bc */ srl %g4,31,%g2
-/* 0x01c0 */ cmp %o7,7
-/* 0x01c4 246 */ add %i4,8,%g2
-/* 0x01c8 250 */ bl,pn %icc,.L77000284
-/* 0x01cc */ add %g2,24,%o2
-/* 0x01d0 252 */ ldd [%o0+24],%f12
-/* 0x01d4 */ add %o5,48,%l3
-/* 0x01d8 */ ldd [%o0],%f2
-/* 0x01dc 0 */ or %g0,%o2,%g2
-/* 0x01e0 250 */ sub %o7,2,%o2
-/* 0x01e4 252 */ ldd [%g2-24],%f0
-/* 0x01e8 */ or %g0,5,%o1
-/* 0x01ec */ ldd [%o0+8],%f6
-/* 0x01f0 */ fmuld %f2,%f20,%f2
-/* 0x01f4 */ ldd [%o0+16],%f14
-/* 0x01f8 */ fmuld %f0,%f22,%f4
-/* 0x01fc */ add %o0,32,%o0
-/* 0x0200 */ ldd [%g2-16],%f8
-/* 0x0204 */ fmuld %f6,%f20,%f10
-/* 0x0208 */ ldd [%o5+16],%f0
-/* 0x020c */ ldd [%g2-8],%f6
-/* 0x0210 */ faddd %f2,%f4,%f4
-/* 0x0214 */ ldd [%o5+32],%f2
- .L900000642:
-/* 0x0218 252 */ ldd [%g2],%f24
-/* 0x021c */ add %o1,3,%o1
-/* 0x0220 */ add %g2,24,%g2
-/* 0x0224 */ fmuld %f8,%f22,%f8
-/* 0x0228 */ ldd [%l3],%f28
-/* 0x022c */ cmp %o1,%o2
-/* 0x0230 */ add %o0,24,%o0
-/* 0x0234 */ ldd [%o0-24],%f26
-/* 0x0238 */ faddd %f0,%f4,%f0
-/* 0x023c */ add %l3,48,%l3
-/* 0x0240 */ faddd %f10,%f8,%f10
-/* 0x0244 */ fmuld %f14,%f20,%f4
-/* 0x0248 */ std %f0,[%l3-80]
-/* 0x024c */ ldd [%g2-16],%f8
-/* 0x0250 */ fmuld %f6,%f22,%f6
-/* 0x0254 */ ldd [%l3-32],%f0
-/* 0x0258 */ ldd [%o0-16],%f14
-/* 0x025c */ faddd %f2,%f10,%f2
-/* 0x0260 */ faddd %f4,%f6,%f10
-/* 0x0264 */ fmuld %f12,%f20,%f4
-/* 0x0268 */ std %f2,[%l3-64]
-/* 0x026c */ ldd [%g2-8],%f6
-/* 0x0270 */ fmuld %f24,%f22,%f24
-/* 0x0274 */ ldd [%l3-16],%f2
-/* 0x0278 */ ldd [%o0-8],%f12
-/* 0x027c */ faddd %f28,%f10,%f10
-/* 0x0280 */ std %f10,[%l3-48]
-/* 0x0284 */ fmuld %f26,%f20,%f10
-/* 0x0288 */ ble,pt %icc,.L900000642
-/* 0x028c */ faddd %f4,%f24,%f4
- .L900000645:
-/* 0x0290 252 */ fmuld %f8,%f22,%f28
-/* 0x0294 */ ldd [%g2],%f24
-/* 0x0298 */ faddd %f0,%f4,%f26
-/* 0x029c */ fmuld %f12,%f20,%f8
-/* 0x02a0 */ add %l3,32,%l3
-/* 0x02a4 */ cmp %o1,%o7
-/* 0x02a8 */ fmuld %f14,%f20,%f14
-/* 0x02ac */ ldd [%l3-32],%f4
-/* 0x02b0 */ add %g2,8,%g2
-/* 0x02b4 */ faddd %f10,%f28,%f12
-/* 0x02b8 */ fmuld %f6,%f22,%f6
-/* 0x02bc */ ldd [%l3-16],%f0
-/* 0x02c0 */ fmuld %f24,%f22,%f10
-/* 0x02c4 */ std %f26,[%l3-64]
-/* 0x02c8 */ faddd %f2,%f12,%f2
-/* 0x02cc */ std %f2,[%l3-48]
-/* 0x02d0 */ faddd %f14,%f6,%f6
-/* 0x02d4 */ faddd %f8,%f10,%f2
-/* 0x02d8 */ faddd %f4,%f6,%f4
-/* 0x02dc */ std %f4,[%l3-32]
-/* 0x02e0 */ faddd %f0,%f2,%f0
-/* 0x02e4 */ bg,pn %icc,.L77000213
-/* 0x02e8 */ std %f0,[%l3-16]
- .L77000284:
-/* 0x02ec 252 */ ldd [%o0],%f0
- .L900000657:
-/* 0x02f0 252 */ ldd [%g2],%f4
-/* 0x02f4 */ fmuld %f0,%f20,%f2
-/* 0x02f8 */ add %o1,1,%o1
-/* 0x02fc */ ldd [%l3],%f0
-/* 0x0300 */ add %o0,8,%o0
-/* 0x0304 */ add %g2,8,%g2
-/* 0x0308 */ fmuld %f4,%f22,%f4
-/* 0x030c */ cmp %o1,%o7
-/* 0x0310 */ faddd %f2,%f4,%f2
-/* 0x0314 */ faddd %f0,%f2,%f0
-/* 0x0318 */ std %f0,[%l3]
-/* 0x031c */ add %l3,16,%l3
-/* 0x0320 */ ble,a,pt %icc,.L900000657
-/* 0x0324 */ ldd [%o0],%f0
- .L77000213:
-/* 0x0328 */ srl %g4,31,%g2
- .L900000658:
-/* 0x032c 254 */ cmp %l1,30
-/* 0x0330 */ bne,a,pt %icc,.L900000656
-/* 0x0334 */ fdtox %f18,%f0
-/* 0x0338 */ add %g4,%g2,%g2
-/* 0x033c */ sra %g2,1,%o0
-/* 0x0340 281 */ ldd [%l0],%f0
-/* 0x0344 */ sll %i5,1,%o2
-/* 0x0348 */ add %o0,1,%g2
-/* 0x034c */ sll %g2,1,%o0
-/* 0x0350 254 */ sub %o2,1,%o2
-/* 0x0354 281 */ fmovd %f0,%f2
-/* 0x0358 */ sll %g2,4,%o1
-/* 0x035c */ cmp %o0,%o3
-/* 0x0360 */ bge,pt %icc,.L77000215
-/* 0x0364 */ or %g0,0,%l1
-/* 0x0368 254 */ add %i1,%o1,%o1
-/* 0x036c 281 */ ldd [%o1],%f6
- .L900000655:
-/* 0x0370 */ fdtox %f6,%f10
-/* 0x0374 */ ldd [%o1+8],%f4
-/* 0x0378 */ add %o0,2,%o0
-/* 0x037c */ ldd [%l0],%f12
-/* 0x0380 */ fdtox %f6,%f6
-/* 0x0384 */ cmp %o0,%o2
-/* 0x0388 */ fdtox %f4,%f8
-/* 0x038c */ fdtox %f4,%f4
-/* 0x0390 */ fmovs %f12,%f10
-/* 0x0394 */ fmovs %f12,%f8
-/* 0x0398 */ fxtod %f10,%f10
-/* 0x039c */ fxtod %f8,%f8
-/* 0x03a0 */ faddd %f10,%f2,%f2
-/* 0x03a4 */ std %f2,[%o1]
-/* 0x03a8 */ faddd %f8,%f0,%f0
-/* 0x03ac */ std %f0,[%o1+8]
-/* 0x03b0 */ add %o1,16,%o1
-/* 0x03b4 */ fitod %f6,%f2
-/* 0x03b8 */ fitod %f4,%f0
-/* 0x03bc */ ble,a,pt %icc,.L900000655
-/* 0x03c0 */ ldd [%o1],%f6
- .L77000233:
-/* 0x03c4 */ or %g0,0,%l1
- .L77000215:
-/* 0x03c8 */ fdtox %f18,%f0
- .L900000656:
-/* 0x03cc */ ldd [%l0],%f6
-/* 0x03d0 256 */ add %g4,1,%g4
-/* 0x03d4 */ add %l2,8,%l2
-/* 0x03d8 */ ldd [%g5],%f2
-/* 0x03dc */ add %l1,1,%l1
-/* 0x03e0 */ add %o5,8,%o5
-/* 0x03e4 */ fmovs %f6,%f0
-/* 0x03e8 */ ldd [%g1],%f4
-/* 0x03ec */ cmp %g4,%g3
-/* 0x03f0 */ fxtod %f0,%f0
-/* 0x03f4 */ fmuld %f0,%f16,%f0
-/* 0x03f8 */ fmuld %f0,%f2,%f2
-/* 0x03fc */ fdtox %f2,%f2
-/* 0x0400 */ fxtod %f2,%f2
-/* 0x0404 */ fmuld %f2,%f4,%f2
-/* 0x0408 */ fsubd %f0,%f2,%f22
-/* 0x040c */ ble,a,pt %icc,.L900000654
-/* 0x0410 */ ldd [%i4],%f0
- .L900000629:
-/* 0x0414 256 */ ba .L900000653
-/* 0x0418 */ sll %i0,4,%g2
- .L77000279:
-/* 0x041c 261 */ ldd [%o2],%f6
-/* 0x0420 279 */ or %g0,%o0,%o4
-/* 0x0424 281 */ or %g0,0,%o3
-/* 0x0428 261 */ ldd [%i2],%f4
-/* 0x042c 273 */ std %f0,[%o0+8]
-/* 0x0430 */ std %f0,[%o0+16]
-/* 0x0434 261 */ fmuld %f4,%f6,%f4
-/* 0x0438 */ std %f4,[%o0]
-/* 0x043c 273 */ std %f0,[%o0+24]
-/* 0x0440 */ std %f0,[%o0+32]
-/* 0x0444 */ fdtox %f4,%f4
-/* 0x0448 */ std %f0,[%o0+40]
-/* 0x044c */ std %f0,[%o0+48]
-/* 0x0450 */ std %f0,[%o0+56]
-/* 0x0454 */ std %f0,[%o0+64]
-/* 0x0458 */ std %f0,[%o0+72]
-/* 0x045c */ std %f0,[%o0+80]
-/* 0x0460 */ std %f0,[%o0+88]
-/* 0x0464 */ std %f0,[%o0+96]
-/* 0x0468 */ std %f0,[%o0+104]
-/* 0x046c */ std %f0,[%o0+112]
-/* 0x0470 */ std %f0,[%o0+120]
-/* 0x0474 */ std %f0,[%o0+128]
-/* 0x0478 */ std %f0,[%o0+136]
-/* 0x047c */ std %f0,[%o0+144]
-/* 0x0480 */ std %f0,[%o0+152]
-/* 0x0484 */ std %f0,[%o0+160]
-/* 0x0488 */ std %f0,[%o0+168]
-/* 0x048c */ fmovs %f0,%f4
-/* 0x0490 */ std %f0,[%o0+176]
-/* 0x0494 281 */ or %g0,0,%o1
-/* 0x0498 273 */ std %f0,[%o0+184]
-/* 0x049c */ fxtod %f4,%f4
-/* 0x04a0 */ std %f0,[%o0+192]
-/* 0x04a4 */ std %f0,[%o0+200]
-/* 0x04a8 */ std %f0,[%o0+208]
-/* 0x04ac 278 */ fmuld %f4,%f2,%f2
-/* 0x04b0 273 */ std %f0,[%o0+216]
-/* 0x04b4 */ std %f0,[%o0+224]
-/* 0x04b8 */ std %f0,[%o0+232]
-/* 0x04bc */ std %f0,[%o0+240]
-/* 0x04c0 */ std %f0,[%o0+248]
-/* 0x04c4 */ std %f0,[%o0+256]
-/* 0x04c8 */ std %f0,[%o0+264]
-/* 0x04cc */ std %f0,[%o0+272]
-/* 0x04d0 */ std %f0,[%o0+280]
-/* 0x04d4 */ std %f0,[%o0+288]
-/* 0x04d8 */ std %f0,[%o0+296]
-/* 0x04dc */ std %f0,[%o0+304]
-/* 0x04e0 */ std %f0,[%o0+312]
-/* 0x04e4 */ std %f0,[%o0+320]
-/* 0x04e8 */ std %f0,[%o0+328]
-/* 0x04ec */ std %f0,[%o0+336]
-/* 0x04f0 */ std %f0,[%o0+344]
-/* 0x04f4 */ std %f0,[%o0+352]
-/* 0x04f8 */ std %f0,[%o0+360]
-/* 0x04fc */ std %f0,[%o0+368]
-/* 0x0500 */ std %f0,[%o0+376]
-/* 0x0504 */ std %f0,[%o0+384]
-/* 0x0508 */ std %f0,[%o0+392]
-/* 0x050c */ std %f0,[%o0+400]
-/* 0x0510 */ std %f0,[%o0+408]
-/* 0x0514 */ std %f0,[%o0+416]
-/* 0x0518 */ std %f0,[%o0+424]
-/* 0x051c */ std %f0,[%o0+432]
-/* 0x0520 */ std %f0,[%o0+440]
-/* 0x0524 */ std %f0,[%o0+448]
-/* 0x0528 */ std %f0,[%o0+456]
-/* 0x052c */ std %f0,[%o0+464]
-/* 0x0530 */ std %f0,[%o0+472]
-/* 0x0534 */ std %f0,[%o0+480]
-/* 0x0538 */ std %f0,[%o0+488]
-/* 0x053c */ std %f0,[%o0+496]
-/* 0x0540 */ std %f0,[%o0+504]
-/* 0x0544 */ std %f0,[%o0+512]
-/* 0x0548 */ std %f0,[%o0+520]
-/* 0x054c */ ldd [%g5],%f0
-/* 0x0550 */ ldd [%g1],%f8
-/* 0x0554 */ fmuld %f2,%f0,%f6
-/* 0x0558 275 */ ldd [%i4],%f4
-/* 0x055c 276 */ ldd [%i2],%f0
-/* 0x0560 */ fdtox %f6,%f6
-/* 0x0564 */ fxtod %f6,%f6
-/* 0x0568 */ fmuld %f6,%f8,%f6
-/* 0x056c */ fsubd %f2,%f6,%f2
-/* 0x0570 286 */ fmuld %f4,%f2,%f12
-
-! 282 ! {
-! 284 ! m2j=pdm2[j];
-! 285 ! a=pdtj[0]+pdn_0*digit;
-! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-
-! 287 ! pdtj[1]=b;
-! 289 ! /**** this loop will be fully unrolled:
-! 290 ! for(i=1;i<16;i++)
-! 291 ! {
-! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 293 ! }
-! 294 ! *************************************/
-! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-! 310 ! /* no need for cleenup, cannot overflow */
-! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-
- fmovd %f2,%f0 ! hand modified
- fmovd %f16,%f18 ! hand modified
- ldd [%i4],%f2
- ldd [%o4],%f8
- ldd [%i2],%f10
- ldd [%g5],%f14 ! hand modified
- ldd [%g1],%f16 ! hand modified
- ldd [%i3],%f24
-
- ldd [%i2+8],%f26
- ldd [%i2+16],%f40
- ldd [%i2+48],%f46
- ldd [%i2+56],%f30
- ldd [%i2+64],%f54
- ldd [%i2+104],%f34
- ldd [%i2+112],%f58
-
- ldd [%i4+8],%f28
- ldd [%i4+104],%f38
- ldd [%i4+112],%f60
-
- .L99999999: !1
- ldd [%i2+24],%f32
- fmuld %f0,%f2,%f4 !2
- ldd [%i4+24],%f36
- fmuld %f26,%f24,%f20 !3
- ldd [%i2+40],%f42
- fmuld %f28,%f0,%f22 !4
- ldd [%i4+40],%f44
- fmuld %f32,%f24,%f32 !5
- ldd [%i3+8],%f6
- faddd %f4,%f8,%f4
- fmuld %f36,%f0,%f36 !6
- add %i3,8,%i3
- ldd [%i4+56],%f50
- fmuld %f42,%f24,%f42 !7
- ldd [%i2+72],%f52
- faddd %f20,%f22,%f20
- fmuld %f44,%f0,%f44 !8
- ldd [%o4+16],%f22
- fmuld %f10,%f6,%f12 !9
- ldd [%i4+72],%f56
- faddd %f32,%f36,%f32
- fmuld %f14,%f4,%f4 !10
- ldd [%o4+48],%f36
- fmuld %f30,%f24,%f48 !11
- ldd [%o4+8],%f8
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !12
- std %f20,[%o4+16]
- faddd %f42,%f44,%f42
- fmuld %f52,%f24,%f52 !13
- ldd [%o4+80],%f44
- faddd %f4,%f12,%f4
- fmuld %f56,%f0,%f56 !14
- ldd [%i2+88],%f20
- faddd %f32,%f36,%f32 !15
- ldd [%i4+88],%f22
- faddd %f48,%f50,%f48 !16
- ldd [%o4+112],%f50
- faddd %f52,%f56,%f52 !17
- ldd [%o4+144],%f56
- faddd %f4,%f8,%f8
- fmuld %f20,%f24,%f20 !18
- std %f32,[%o4+48]
- faddd %f42,%f44,%f42
- fmuld %f22,%f0,%f22 !19
- std %f42,[%o4+80]
- faddd %f48,%f50,%f48
- fmuld %f34,%f24,%f32 !20
- std %f48,[%o4+112]
- faddd %f52,%f56,%f52
- fmuld %f38,%f0,%f36 !21
- ldd [%i2+120],%f42
- fdtox %f8,%f4 !22
- std %f52,[%o4+144]
- faddd %f20,%f22,%f20 !23
- ldd [%i4+120],%f44 !24
- ldd [%o4+176],%f22
- faddd %f32,%f36,%f32
- fmuld %f42,%f24,%f42 !25
- ldd [%i4+16],%f50
- fmovs %f17,%f4 !26
- ldd [%i2+32],%f52
- fmuld %f44,%f0,%f44 !27
- ldd [%i4+32],%f56
- fmuld %f40,%f24,%f48 !28
- ldd [%o4+208],%f36
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !29
- std %f20,[%o4+176]
- fxtod %f4,%f4
- fmuld %f52,%f24,%f52 !30
- ldd [%i4+48],%f22
- faddd %f42,%f44,%f42
- fmuld %f56,%f0,%f56 !31
- ldd [%o4+240],%f44
- faddd %f32,%f36,%f32 !32
- std %f32,[%o4+208]
- faddd %f48,%f50,%f48
- fmuld %f46,%f24,%f20 !33
- ldd [%o4+32],%f50
- fmuld %f4,%f18,%f12 !34
- ldd [%i4+64],%f36
- faddd %f52,%f56,%f52
- fmuld %f22,%f0,%f22 !35
- ldd [%o4+64],%f56
- faddd %f42,%f44,%f42 !36
- std %f42,[%o4+240]
- faddd %f48,%f50,%f48
- fmuld %f54,%f24,%f32 !37
- std %f48,[%o4+32]
- fmuld %f12,%f14,%f4 !38
- ldd [%i2+80],%f42
- faddd %f52,%f56,%f56 ! yes, tmp52!
- fmuld %f36,%f0,%f36 !39
- ldd [%i4+80],%f44
- faddd %f20,%f22,%f20 !40
- ldd [%i2+96],%f48
- fmuld %f58,%f24,%f52 !41
- ldd [%i4+96],%f50
- fdtox %f4,%f4
- fmuld %f42,%f24,%f42 !42
- std %f56,[%o4+64] ! yes, tmp52!
- faddd %f32,%f36,%f32
- fmuld %f44,%f0,%f44 !43
- ldd [%o4+96],%f22
- fmuld %f48,%f24,%f48 !44
- ldd [%o4+128],%f36
- fmovd %f6,%f24
- fmuld %f50,%f0,%f50 !45
- fxtod %f4,%f4
- fmuld %f60,%f0,%f56 !46
- add %o4,8,%o4
- faddd %f42,%f44,%f42 !47
- ldd [%o4+160-8],%f44
- faddd %f20,%f22,%f20 !48
- std %f20,[%o4+96-8]
- faddd %f48,%f50,%f48 !49
- ldd [%o4+192-8],%f50
- faddd %f52,%f56,%f52
- fmuld %f4,%f16,%f4 !50
- ldd [%o4+224-8],%f56
- faddd %f32,%f36,%f32 !51
- std %f32,[%o4+128-8]
- faddd %f42,%f44,%f42 !52
- add %o3,1,%o3
- std %f42,[%o4+160-8]
- faddd %f48,%f50,%f48 !53
- cmp %o3,31
- std %f48,[%o4+192-8]
- fsubd %f12,%f4,%f0 !54
- faddd %f52,%f56,%f52
- ble,pt %icc,.L99999999
- std %f52,[%o4+224-8] !55
- std %f8,[%o4]
-
-! 312 ! }
-! 313 ! }
-! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
-/* 0x07c8 315 */ sll %i0,4,%g2
- .L900000653:
-/* 0x07cc 315 */ add %i1,%g2,%i1
-/* 0x07d0 242 */ ld [%fp+68],%o0
-/* 0x07d4 315 */ or %g0,0,%o4
-/* 0x07d8 */ ldd [%i1],%f0
-/* 0x07dc */ or %g0,0,%g5
-/* 0x07e0 */ cmp %i0,0
-/* 0x07e4 242 */ or %g0,%o0,%o3
-/* 0x07e8 311 */ sub %i0,1,%g1
-/* 0x07ec 315 */ fdtox %f0,%f0
-/* 0x07f0 */ std %f0,[%sp+120]
-/* 0x07f4 311 */ sethi %hi(0xfc00),%o1
-/* 0x07f8 */ add %g1,1,%g3
-/* 0x07fc */ or %g0,%o0,%g4
-/* 0x0800 315 */ ldd [%i1+8],%f0
-/* 0x0804 */ add %o1,1023,%o1
-/* 0x0808 */ fdtox %f0,%f0
-/* 0x080c */ std %f0,[%sp+112]
-/* 0x0810 */ ldx [%sp+112],%o5
-/* 0x0814 */ ldx [%sp+120],%o7
-/* 0x0818 */ ble,pt %icc,.L900000651
-/* 0x081c */ sethi %hi(0xfc00),%g2
-/* 0x0820 311 */ or %g0,-1,%g2
-/* 0x0824 315 */ cmp %g3,3
-/* 0x0828 311 */ srl %g2,0,%o2
-/* 0x082c 315 */ bl,pn %icc,.L77000287
-/* 0x0830 */ or %g0,%i1,%g2
-/* 0x0834 */ ldd [%i1+16],%f0
-/* 0x0838 */ and %o5,%o1,%o0
-/* 0x083c */ add %i1,16,%g2
-/* 0x0840 */ sllx %o0,16,%g3
-/* 0x0844 */ and %o7,%o2,%o0
-/* 0x0848 */ fdtox %f0,%f0
-/* 0x084c */ std %f0,[%sp+104]
-/* 0x0850 */ add %o0,%g3,%o4
-/* 0x0854 */ ldd [%i1+24],%f2
-/* 0x0858 */ srax %o5,16,%o0
-/* 0x085c */ add %o3,4,%g4
-/* 0x0860 */ stx %o0,[%sp+128]
-/* 0x0864 */ and %o4,%o2,%o0
-/* 0x0868 */ stx %o0,[%sp+112]
-/* 0x086c */ srax %o4,32,%o0
-/* 0x0870 */ fdtox %f2,%f0
-/* 0x0874 */ stx %o0,[%sp+136]
-/* 0x0878 */ srax %o7,32,%o4
-/* 0x087c */ std %f0,[%sp+96]
-/* 0x0880 */ ldx [%sp+128],%g5
-/* 0x0884 */ ldx [%sp+136],%o7
-/* 0x0888 */ ldx [%sp+104],%g3
-/* 0x088c */ add %g5,%o7,%o0
-/* 0x0890 */ or %g0,1,%g5
-/* 0x0894 */ ldx [%sp+112],%o7
-/* 0x0898 */ add %o4,%o0,%o4
-/* 0x089c */ ldx [%sp+96],%o5
-/* 0x08a0 */ st %o7,[%o3]
-/* 0x08a4 */ or %g0,%g3,%o7
- .L900000634:
-/* 0x08a8 */ ldd [%g2+16],%f0
-/* 0x08ac */ add %g5,1,%g5
-/* 0x08b0 */ add %g4,4,%g4
-/* 0x08b4 */ cmp %g5,%g1
-/* 0x08b8 */ add %g2,16,%g2
-/* 0x08bc */ fdtox %f0,%f0
-/* 0x08c0 */ std %f0,[%sp+104]
-/* 0x08c4 */ ldd [%g2+8],%f0
-/* 0x08c8 */ fdtox %f0,%f0
-/* 0x08cc */ std %f0,[%sp+96]
-/* 0x08d0 */ and %o5,%o1,%g3
-/* 0x08d4 */ sllx %g3,16,%g3
-/* 0x08d8 */ stx %g3,[%sp+120]
-/* 0x08dc */ and %o7,%o2,%g3
-/* 0x08e0 */ stx %o7,[%sp+128]
-/* 0x08e4 */ ldx [%sp+120],%o7
-/* 0x08e8 */ add %g3,%o7,%g3
-/* 0x08ec */ ldx [%sp+128],%o7
-/* 0x08f0 */ srax %o5,16,%o5
-/* 0x08f4 */ add %g3,%o4,%g3
-/* 0x08f8 */ srax %g3,32,%o4
-/* 0x08fc */ stx %o4,[%sp+112]
-/* 0x0900 */ srax %o7,32,%o4
-/* 0x0904 */ ldx [%sp+112],%o7
-/* 0x0908 */ add %o5,%o7,%o7
-/* 0x090c */ ldx [%sp+96],%o5
-/* 0x0910 */ add %o4,%o7,%o4
-/* 0x0914 */ and %g3,%o2,%g3
-/* 0x0918 */ ldx [%sp+104],%o7
-/* 0x091c */ ble,pt %icc,.L900000634
-/* 0x0920 */ st %g3,[%g4-4]
- .L900000637:
-/* 0x0924 */ ba .L900000651
-/* 0x0928 */ sethi %hi(0xfc00),%g2
- .L77000287:
-/* 0x092c */ ldd [%g2+16],%f0
- .L900000650:
-/* 0x0930 */ and %o7,%o2,%o0
-/* 0x0934 */ and %o5,%o1,%g3
-/* 0x0938 */ fdtox %f0,%f0
-/* 0x093c */ add %o4,%o0,%o0
-/* 0x0940 */ std %f0,[%sp+104]
-/* 0x0944 */ add %g5,1,%g5
-/* 0x0948 */ sllx %g3,16,%o4
-/* 0x094c */ ldd [%g2+24],%f2
-/* 0x0950 */ add %g2,16,%g2
-/* 0x0954 */ add %o0,%o4,%o4
-/* 0x0958 */ cmp %g5,%g1
-/* 0x095c */ srax %o5,16,%o0
-/* 0x0960 */ stx %o0,[%sp+112]
-/* 0x0964 */ and %o4,%o2,%g3
-/* 0x0968 */ srax %o4,32,%o5
-/* 0x096c */ fdtox %f2,%f0
-/* 0x0970 */ std %f0,[%sp+96]
-/* 0x0974 */ srax %o7,32,%o4
-/* 0x0978 */ ldx [%sp+112],%o7
-/* 0x097c */ add %o7,%o5,%o7
-/* 0x0980 */ ldx [%sp+104],%o5
-/* 0x0984 */ add %o4,%o7,%o4
-/* 0x0988 */ ldx [%sp+96],%o0
-/* 0x098c */ st %g3,[%g4]
-/* 0x0990 */ or %g0,%o5,%o7
-/* 0x0994 */ add %g4,4,%g4
-/* 0x0998 */ or %g0,%o0,%o5
-/* 0x099c */ ble,a,pt %icc,.L900000650
-/* 0x09a0 */ ldd [%g2+16],%f0
- .L77000236:
-/* 0x09a4 */ sethi %hi(0xfc00),%g2
- .L900000651:
-/* 0x09a8 */ or %g0,-1,%o0
-/* 0x09ac */ add %g2,1023,%g2
-/* 0x09b0 */ ld [%fp+88],%o1
-/* 0x09b4 */ srl %o0,0,%g3
-/* 0x09b8 */ and %o5,%g2,%g2
-/* 0x09bc */ and %o7,%g3,%g4
-
-! 317 ! adjust_montf_result(result,nint,nlen);
-
-/* 0x09c0 317 */ or %g0,-1,%o5
-/* 0x09c4 311 */ sllx %g2,16,%g2
-/* 0x09c8 */ add %o4,%g4,%g4
-/* 0x09cc */ add %g4,%g2,%g2
-/* 0x09d0 */ sll %g5,2,%g4
-/* 0x09d4 */ and %g2,%g3,%g2
-/* 0x09d8 */ st %g2,[%o3+%g4]
-/* 0x09dc 317 */ sll %i0,2,%g2
-/* 0x09e0 */ ld [%o3+%g2],%g2
-/* 0x09e4 */ cmp %g2,0
-/* 0x09e8 */ bleu,pn %icc,.L77000241
-/* 0x09ec */ or %g0,%o1,%o2
-/* 0x09f0 */ ba .L900000649
-/* 0x09f4 */ cmp %o5,0
- .L77000241:
-/* 0x09f8 */ sub %i0,1,%o5
-/* 0x09fc */ sll %o5,2,%g2
-/* 0x0a00 */ cmp %o5,0
-/* 0x0a04 */ bl,pt %icc,.L900000649
-/* 0x0a08 */ cmp %o5,0
-/* 0x0a0c */ add %o1,%g2,%o1
-/* 0x0a10 */ add %o3,%g2,%o4
-/* 0x0a14 */ ld [%o1],%g2
- .L900000648:
-/* 0x0a18 */ ld [%o4],%g3
-/* 0x0a1c */ sub %o5,1,%o0
-/* 0x0a20 */ sub %o1,4,%o1
-/* 0x0a24 */ sub %o4,4,%o4
-/* 0x0a28 */ cmp %g3,%g2
-/* 0x0a2c */ bne,pn %icc,.L77000244
-/* 0x0a30 */ nop
-/* 0x0a34 0 */ or %g0,%o0,%o5
-/* 0x0a38 317 */ cmp %o0,0
-/* 0x0a3c */ bge,a,pt %icc,.L900000648
-/* 0x0a40 */ ld [%o1],%g2
- .L77000244:
-/* 0x0a44 */ cmp %o5,0
- .L900000649:
-/* 0x0a48 */ bl,pn %icc,.L77000288
-/* 0x0a4c */ sll %o5,2,%g2
-/* 0x0a50 */ ld [%o2+%g2],%g3
-/* 0x0a54 */ ld [%o3+%g2],%g2
-/* 0x0a58 */ cmp %g2,%g3
-/* 0x0a5c */ bleu,pt %icc,.L77000224
-/* 0x0a60 */ nop
- .L77000288:
-/* 0x0a64 */ cmp %i0,0
-/* 0x0a68 */ ble,pt %icc,.L77000224
-/* 0x0a6c */ nop
-/* 0x0a70 317 */ sub %i0,1,%o7
-/* 0x0a74 */ or %g0,-1,%g2
-/* 0x0a78 */ srl %g2,0,%o4
-/* 0x0a7c */ add %o7,1,%o0
-/* 0x0a80 315 */ or %g0,0,%o5
-/* 0x0a84 */ or %g0,0,%g1
-/* 0x0a88 */ cmp %o0,3
-/* 0x0a8c */ bl,pn %icc,.L77000289
-/* 0x0a90 */ add %o3,8,%o1
-/* 0x0a94 */ add %o2,4,%o0
-/* 0x0a98 */ ld [%o1-8],%g2
-/* 0x0a9c 0 */ or %g0,%o1,%o3
-/* 0x0aa0 315 */ ld [%o0-4],%g3
-/* 0x0aa4 0 */ or %g0,%o0,%o2
-/* 0x0aa8 315 */ or %g0,2,%g1
-/* 0x0aac */ ld [%o3-4],%o0
-/* 0x0ab0 */ sub %g2,%g3,%g2
-/* 0x0ab4 */ or %g0,%g2,%o5
-/* 0x0ab8 */ and %g2,%o4,%g2
-/* 0x0abc */ st %g2,[%o3-8]
-/* 0x0ac0 */ srax %o5,32,%o5
- .L900000638:
-/* 0x0ac4 */ ld [%o2],%g2
-/* 0x0ac8 */ add %g1,1,%g1
-/* 0x0acc */ add %o2,4,%o2
-/* 0x0ad0 */ cmp %g1,%o7
-/* 0x0ad4 */ add %o3,4,%o3
-/* 0x0ad8 */ sub %o0,%g2,%o0
-/* 0x0adc */ add %o0,%o5,%o5
-/* 0x0ae0 */ and %o5,%o4,%g2
-/* 0x0ae4 */ ld [%o3-4],%o0
-/* 0x0ae8 */ st %g2,[%o3-8]
-/* 0x0aec */ ble,pt %icc,.L900000638
-/* 0x0af0 */ srax %o5,32,%o5
- .L900000641:
-/* 0x0af4 */ ld [%o2],%o1
-/* 0x0af8 */ sub %o0,%o1,%o0
-/* 0x0afc */ add %o0,%o5,%o0
-/* 0x0b00 */ and %o0,%o4,%o1
-/* 0x0b04 */ st %o1,[%o3-4]
-/* 0x0b08 */ ret ! Result =
-/* 0x0b0c */ restore %g0,%g0,%g0
- .L77000289:
-/* 0x0b10 */ ld [%o3],%o0
- .L900000647:
-/* 0x0b14 */ ld [%o2],%o1
-/* 0x0b18 */ add %o5,%o0,%o0
-/* 0x0b1c */ add %g1,1,%g1
-/* 0x0b20 */ add %o2,4,%o2
-/* 0x0b24 */ cmp %g1,%o7
-/* 0x0b28 */ sub %o0,%o1,%o0
-/* 0x0b2c */ and %o0,%o4,%o1
-/* 0x0b30 */ st %o1,[%o3]
-/* 0x0b34 */ add %o3,4,%o3
-/* 0x0b38 */ srax %o0,32,%o5
-/* 0x0b3c */ ble,a,pt %icc,.L900000647
-/* 0x0b40 */ ld [%o3],%o0
- .L77000224:
-/* 0x0b44 */ ret ! Result =
-/* 0x0b48 */ restore %g0,%g0,%g0
-/* 0x0b4c 0 */ .type mont_mulf_noconv,2
-/* 0x0b4c */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.il b/security/nss/lib/freebl/mpi/montmulfv9.il
deleted file mode 100644
index 047785161..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv9.il
+++ /dev/null
@@ -1,122 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is inline macros for SPARC Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
-!
-! double upper32(double /*frs1*/);
-!
- .inline upper32,8
- fdtox %f0,%f10
- fitod %f10,%f0
- .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
- .inline lower32,8
- fdtox %f0,%f10
- fmovs %f2,%f10
- fxtod %f10,%f0
- .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
- .inline mod,12
- fmuld %f0,%f2,%f2
- fdtox %f2,%f2
- fxtod %f2,%f2
- fmuld %f2,%f4,%f2
- fsubd %f0,%f2,%f0
- .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! double * /* 0 */,
-! double * /*result16*/, double * /* result32 */
-! float * /*source - should be unsigned int*
-! converted to float* */);
-!
- .inline i16_to_d16_and_d32x4,24
- ldd [%o0],%f2 ! 1/(2^16)
- ldd [%o1],%f4 ! 2^16
- ldd [%o2],%f22
-
- fmovd %f22,%f6
- ld [%o5],%f7
- fmovd %f22,%f10
- ld [%o5+4],%f11
- fmovd %f22,%f14
- ld [%o5+8],%f15
- fmovd %f22,%f18
- ld [%o5+12],%f19
- fxtod %f6,%f6
- std %f6,[%o4]
- fxtod %f10,%f10
- std %f10,[%o4+8]
- fxtod %f14,%f14
- std %f14,[%o4+16]
- fxtod %f18,%f18
- std %f18,[%o4+24]
- fmuld %f2,%f6,%f8
- fmuld %f2,%f10,%f12
- fmuld %f2,%f14,%f16
- fmuld %f2,%f18,%f20
- fdtox %f8,%f8
- fdtox %f12,%f12
- fdtox %f16,%f16
- fdtox %f20,%f20
- fxtod %f8,%f8
- std %f8,[%o3+8]
- fxtod %f12,%f12
- std %f12,[%o3+24]
- fxtod %f16,%f16
- std %f16,[%o3+40]
- fxtod %f20,%f20
- std %f20,[%o3+56]
- fmuld %f8,%f4,%f8
- fmuld %f12,%f4,%f12
- fmuld %f16,%f4,%f16
- fmuld %f20,%f4,%f20
- fsubd %f6,%f8,%f8
- std %f8,[%o3]
- fsubd %f10,%f12,%f12
- std %f12,[%o3+16]
- fsubd %f14,%f16,%f16
- std %f16,[%o3+32]
- fsubd %f18,%f20,%f20
- std %f20,[%o3+48]
- .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.s b/security/nss/lib/freebl/mpi/montmulfv9.s
deleted file mode 100644
index 30fc4f645..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv9.s
+++ /dev/null
@@ -1,2377 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
- .section ".text",#alloc,#execinstr
- .file "montmulf.c"
-
- .section ".rodata",#alloc
- .global TwoTo16
- .align 8
-!
-! CONSTANT POOL
-!
- .global TwoTo16
-TwoTo16:
- .word 1089470464
- .word 0
- .type TwoTo16,#object
- .size TwoTo16,8
- .global TwoToMinus16
-!
-! CONSTANT POOL
-!
- .global TwoToMinus16
-TwoToMinus16:
- .word 1055916032
- .word 0
- .type TwoToMinus16,#object
- .size TwoToMinus16,8
- .global Zero
-!
-! CONSTANT POOL
-!
- .global Zero
-Zero:
- .word 0
- .word 0
- .type Zero,#object
- .size Zero,8
- .global TwoTo32
-!
-! CONSTANT POOL
-!
- .global TwoTo32
-TwoTo32:
- .word 1106247680
- .word 0
- .type TwoTo32,#object
- .size TwoTo32,8
- .global TwoToMinus32
-!
-! CONSTANT POOL
-!
- .global TwoToMinus32
-TwoToMinus32:
- .word 1039138816
- .word 0
- .type TwoToMinus32,#object
- .size TwoToMinus32,8
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .register %g3,#scratch
-/* 000000 */ .register %g2,#scratch
-/* 000000 0 */ .align 8
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_d16_to_i32
- conv_d16_to_i32:
-/* 000000 */ save %sp,-208,%sp
-! FILE montmulf.c
-
-! 1 !/*
-! 2 ! * The contents of this file are subject to the Mozilla Public
-! 3 ! * License Version 1.1 (the "License"); you may not use this file
-! 4 ! * except in compliance with the License. You may obtain a copy of
-! 5 ! * the License at http://www.mozilla.org/MPL/
-! 6 ! *
-! 7 ! * Software distributed under the License is distributed on an "AS
-! 8 ! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! 9 ! * implied. See the License for the specific language governing
-! 10 ! * rights and limitations under the License.
-! 11 ! *
-! 12 ! * The Original Code is SPARC optimized Montgomery multiply functions.
-! 13 ! *
-! 14 ! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! 15 ! * Portions created by Sun Microsystems Inc. are
-! 16 ! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-! 17 ! *
-! 18 ! * Contributor(s):
-! 19 ! * Netscape Communications Corporation
-! 20 ! *
-! 21 ! * Alternatively, the contents of this file may be used under the
-! 22 ! * terms of the GNU General Public License Version 2 or later (the
-! 23 ! * "GPL"), in which case the provisions of the GPL are applicable
-! 24 ! * instead of those above. If you wish to allow use of your
-! 25 ! * version of this file only under the terms of the GPL and not to
-! 26 ! * allow others to use your version of this file under the MPL,
-! 27 ! * indicate your decision by deleting the provisions above and
-! 28 ! * replace them with the notice and other provisions required by
-! 29 ! * the GPL. If you do not delete the provisions above, a recipient
-! 30 ! * may use your version of this file under either the MPL or the
-! 31 ! * GPL.
-! 32 ! *
-! 33 ! * $Id$
-! 34 ! */
-! 36 !#define RF_INLINE_MACROS
-! 38 !static const double TwoTo16=65536.0;
-! 39 !static const double TwoToMinus16=1.0/65536.0;
-! 40 !static const double Zero=0.0;
-! 41 !static const double TwoTo32=65536.0*65536.0;
-! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0);
-! 44 !#ifdef RF_INLINE_MACROS
-! 46 !double upper32(double);
-! 47 !double lower32(double, double);
-! 48 !double mod(double, double, double);
-! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
-! 51 ! const double * /* 2^16*/,
-! 52 ! const double * /* 0 */,
-! 53 ! double * /*result16*/,
-! 54 ! double * /* result32 */,
-! 55 ! float * /*source - should be unsigned int*
-! 56 ! converted to float* */);
-! 58 !#else
-! 60 !static double upper32(double x)
-! 61 !{
-! 62 ! return floor(x*TwoToMinus32);
-! 63 !}
-! 65 !static double lower32(double x, double y)
-! 66 !{
-! 67 ! return x-TwoTo32*floor(x*TwoToMinus32);
-! 68 !}
-! 70 !static double mod(double x, double oneoverm, double m)
-! 71 !{
-! 72 ! return x-m*floor(x*oneoverm);
-! 73 !}
-! 75 !#endif
-! 78 !static void cleanup(double *dt, int from, int tlen)
-! 79 !{
-! 80 ! int i;
-! 81 ! double tmp,tmp1,x,x1;
-! 83 ! tmp=tmp1=Zero;
-! 84 ! /* original code **
-! 85 ! for(i=2*from;i<2*tlen-2;i++)
-! 86 ! {
-! 87 ! x=dt[i];
-! 88 ! dt[i]=lower32(x,Zero)+tmp1;
-! 89 ! tmp1=tmp;
-! 90 ! tmp=upper32(x);
-! 91 ! }
-! 92 ! dt[tlen-2]+=tmp1;
-! 93 ! dt[tlen-1]+=tmp;
-! 94 ! **end original code ***/
-! 95 ! /* new code ***/
-! 96 ! for(i=2*from;i<2*tlen;i+=2)
-! 97 ! {
-! 98 ! x=dt[i];
-! 99 ! x1=dt[i+1];
-! 100 ! dt[i]=lower32(x,Zero)+tmp;
-! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1;
-! 102 ! tmp=upper32(x);
-! 103 ! tmp1=upper32(x1);
-! 104 ! }
-! 105 ! /** end new code **/
-! 106 !}
-! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-! 110 !{
-! 111 !int i;
-! 112 !long long t, t1, a, b, c, d;
-! 114 ! t1=0;
-! 115 ! a=(long long)d16[0];
-
-/* 0x0004 115 */ ldd [%i1],%f2
-
-! 116 ! b=(long long)d16[1];
-! 117 ! for(i=0; i<ilen-1; i++)
-
-/* 0x0008 117 */ sub %i3,1,%o1
-/* 0x000c 110 */ or %g0,%i0,%g1
-/* 0x0010 116 */ ldd [%i1+8],%f4
-/* 0x0014 117 */ cmp %o1,0
-/* 0x0018 114 */ or %g0,0,%g5
-/* 0x001c 115 */ fdtox %f2,%f2
-/* 0x0020 */ std %f2,[%sp+2247]
-/* 0x0024 117 */ or %g0,0,%o0
-/* 0x0028 116 */ fdtox %f4,%f2
-/* 0x002c */ std %f2,[%sp+2239]
-/* 0x0030 110 */ sub %o1,1,%o7
-/* 0x0034 */ or %g0,%i1,%o4
-/* 0x0038 */ sethi %hi(0xfc00),%o3
-/* 0x003c */ or %g0,-1,%o1
-/* 0x0040 */ or %g0,2,%i1
-/* 0x0044 */ srl %o1,0,%g3
-/* 0x0048 */ or %g0,%o4,%g4
-/* 0x004c 116 */ ldx [%sp+2239],%i2
-/* 0x0050 */ add %o3,1023,%o5
-/* 0x0054 117 */ sub %o7,1,%o2
-/* 0x0058 115 */ ldx [%sp+2247],%i3
-/* 0x005c 117 */ ble,pt %icc,.L900000113
-/* 0x0060 */ sethi %hi(0xfc00),%g2
-/* 0x0064 */ add %o7,1,%g2
-
-! 118 ! {
-! 119 ! c=(long long)d16[2*i+2];
-! 120 ! t1+=a&0xffffffff;
-! 121 ! t=(a>>32);
-! 122 ! d=(long long)d16[2*i+3];
-! 123 ! t1+=(b&0xffff)<<16;
-
-/* 0x0068 123 */ and %i2,%o5,%i4
-/* 0x006c */ sllx %i4,16,%o1
-/* 0x0070 117 */ cmp %g2,6
-/* 0x0074 */ bl,pn %icc,.L77000134
-/* 0x0078 */ or %g0,3,%i0
-/* 0x007c 119 */ ldd [%o4+16],%f0
-/* 0x0080 120 */ and %i3,%g3,%o3
-
-! 124 ! t+=(b>>16)+(t1>>32);
-
-/* 0x0084 124 */ srax %i2,16,%i5
-/* 0x0088 117 */ add %o3,%o1,%i4
-/* 0x008c 121 */ srax %i3,32,%i3
-/* 0x0090 119 */ fdtox %f0,%f0
-/* 0x0094 */ std %f0,[%sp+2231]
-
-! 125 ! i32[i]=t1&0xffffffff;
-
-/* 0x0098 125 */ and %i4,%g3,%l0
-/* 0x009c 117 */ or %g0,72,%o3
-/* 0x00a0 122 */ ldd [%g4+24],%f0
-/* 0x00a4 117 */ or %g0,64,%o4
-/* 0x00a8 */ or %g0,4,%o1
-
-! 126 ! t1=t;
-! 127 ! a=c;
-! 128 ! b=d;
-
-/* 0x00ac 128 */ or %g0,5,%i0
-/* 0x00b0 */ or %g0,4,%i1
-/* 0x00b4 119 */ ldx [%sp+2231],%g2
-/* 0x00b8 122 */ fdtox %f0,%f0
-/* 0x00bc 128 */ or %g0,4,%o0
-/* 0x00c0 122 */ std %f0,[%sp+2223]
-/* 0x00c4 */ ldd [%g4+40],%f2
-/* 0x00c8 120 */ and %g2,%g3,%i2
-/* 0x00cc 119 */ ldd [%g4+32],%f0
-/* 0x00d0 121 */ srax %g2,32,%g2
-/* 0x00d4 122 */ ldd [%g4+56],%f4
-/* 0x00d8 */ fdtox %f2,%f2
-/* 0x00dc */ ldx [%sp+2223],%g5
-/* 0x00e0 119 */ fdtox %f0,%f0
-/* 0x00e4 125 */ st %l0,[%g1]
-/* 0x00e8 124 */ srax %i4,32,%l0
-/* 0x00ec 122 */ fdtox %f4,%f4
-/* 0x00f0 */ std %f2,[%sp+2223]
-/* 0x00f4 123 */ and %g5,%o5,%i4
-/* 0x00f8 124 */ add %i5,%l0,%i5
-/* 0x00fc 119 */ std %f0,[%sp+2231]
-/* 0x0100 123 */ sllx %i4,16,%i4
-/* 0x0104 124 */ add %i3,%i5,%i3
-/* 0x0108 119 */ ldd [%g4+48],%f2
-/* 0x010c 124 */ srax %g5,16,%g5
-/* 0x0110 117 */ add %i2,%i4,%i2
-/* 0x0114 122 */ ldd [%g4+72],%f0
-/* 0x0118 117 */ add %i2,%i3,%i4
-/* 0x011c 124 */ srax %i4,32,%i5
-/* 0x0120 119 */ fdtox %f2,%f2
-/* 0x0124 125 */ and %i4,%g3,%i4
-/* 0x0128 122 */ ldx [%sp+2223],%i2
-/* 0x012c 124 */ add %g5,%i5,%g5
-/* 0x0130 119 */ ldx [%sp+2231],%i3
-/* 0x0134 124 */ add %g2,%g5,%g5
-/* 0x0138 119 */ std %f2,[%sp+2231]
-/* 0x013c 122 */ std %f4,[%sp+2223]
-/* 0x0140 119 */ ldd [%g4+64],%f2
-/* 0x0144 125 */ st %i4,[%g1+4]
- .L900000108:
-/* 0x0148 122 */ ldx [%sp+2223],%i4
-/* 0x014c 128 */ add %o0,2,%o0
-/* 0x0150 */ add %i0,4,%i0
-/* 0x0154 119 */ ldx [%sp+2231],%l0
-/* 0x0158 117 */ add %o3,16,%o3
-/* 0x015c 123 */ and %i2,%o5,%g2
-/* 0x0160 */ sllx %g2,16,%i5
-/* 0x0164 120 */ and %i3,%g3,%g2
-/* 0x0168 122 */ ldd [%g4+%o3],%f4
-/* 0x016c */ fdtox %f0,%f0
-/* 0x0170 */ std %f0,[%sp+2223]
-/* 0x0174 124 */ srax %i2,16,%i2
-/* 0x0178 117 */ add %g2,%i5,%g2
-/* 0x017c 119 */ fdtox %f2,%f0
-/* 0x0180 117 */ add %o4,16,%o4
-/* 0x0184 119 */ std %f0,[%sp+2231]
-/* 0x0188 117 */ add %g2,%g5,%g2
-/* 0x018c 119 */ ldd [%g4+%o4],%f2
-/* 0x0190 124 */ srax %g2,32,%i5
-/* 0x0194 128 */ cmp %o0,%o2
-/* 0x0198 121 */ srax %i3,32,%g5
-/* 0x019c 124 */ add %i2,%i5,%i2
-/* 0x01a0 */ add %g5,%i2,%i5
-/* 0x01a4 117 */ add %o1,4,%o1
-/* 0x01a8 125 */ and %g2,%g3,%g2
-/* 0x01ac 127 */ or %g0,%l0,%g5
-/* 0x01b0 125 */ st %g2,[%g1+%o1]
-/* 0x01b4 128 */ add %i1,4,%i1
-/* 0x01b8 122 */ ldx [%sp+2223],%i2
-/* 0x01bc 119 */ ldx [%sp+2231],%i3
-/* 0x01c0 117 */ add %o3,16,%o3
-/* 0x01c4 123 */ and %i4,%o5,%g2
-/* 0x01c8 */ sllx %g2,16,%l0
-/* 0x01cc 120 */ and %g5,%g3,%g2
-/* 0x01d0 122 */ ldd [%g4+%o3],%f0
-/* 0x01d4 */ fdtox %f4,%f4
-/* 0x01d8 */ std %f4,[%sp+2223]
-/* 0x01dc 124 */ srax %i4,16,%i4
-/* 0x01e0 117 */ add %g2,%l0,%g2
-/* 0x01e4 119 */ fdtox %f2,%f2
-/* 0x01e8 117 */ add %o4,16,%o4
-/* 0x01ec 119 */ std %f2,[%sp+2231]
-/* 0x01f0 117 */ add %g2,%i5,%g2
-/* 0x01f4 119 */ ldd [%g4+%o4],%f2
-/* 0x01f8 124 */ srax %g2,32,%i5
-/* 0x01fc 121 */ srax %g5,32,%g5
-/* 0x0200 124 */ add %i4,%i5,%i4
-/* 0x0204 */ add %g5,%i4,%g5
-/* 0x0208 117 */ add %o1,4,%o1
-/* 0x020c 125 */ and %g2,%g3,%g2
-/* 0x0210 128 */ ble,pt %icc,.L900000108
-/* 0x0214 */ st %g2,[%g1+%o1]
- .L900000111:
-/* 0x0218 122 */ ldx [%sp+2223],%o2
-/* 0x021c 123 */ and %i2,%o5,%i4
-/* 0x0220 120 */ and %i3,%g3,%g2
-/* 0x0224 123 */ sllx %i4,16,%i4
-/* 0x0228 119 */ ldx [%sp+2231],%i5
-/* 0x022c 128 */ cmp %o0,%o7
-/* 0x0230 124 */ srax %i2,16,%i2
-/* 0x0234 117 */ add %g2,%i4,%g2
-/* 0x0238 122 */ fdtox %f0,%f4
-/* 0x023c */ std %f4,[%sp+2223]
-/* 0x0240 117 */ add %g2,%g5,%g5
-/* 0x0244 123 */ and %o2,%o5,%l0
-/* 0x0248 124 */ srax %g5,32,%l1
-/* 0x024c 120 */ and %i5,%g3,%i4
-/* 0x0250 119 */ fdtox %f2,%f0
-/* 0x0254 121 */ srax %i3,32,%g2
-/* 0x0258 119 */ std %f0,[%sp+2231]
-/* 0x025c 124 */ add %i2,%l1,%i2
-/* 0x0260 123 */ sllx %l0,16,%i3
-/* 0x0264 124 */ add %g2,%i2,%i2
-/* 0x0268 */ srax %o2,16,%o2
-/* 0x026c 117 */ add %o1,4,%g2
-/* 0x0270 */ add %i4,%i3,%o1
-/* 0x0274 125 */ and %g5,%g3,%g5
-/* 0x0278 */ st %g5,[%g1+%g2]
-/* 0x027c 119 */ ldx [%sp+2231],%i3
-/* 0x0280 117 */ add %o1,%i2,%o1
-/* 0x0284 */ add %g2,4,%g2
-/* 0x0288 124 */ srax %o1,32,%i4
-/* 0x028c 122 */ ldx [%sp+2223],%i2
-/* 0x0290 125 */ and %o1,%g3,%g5
-/* 0x0294 121 */ srax %i5,32,%o1
-/* 0x0298 124 */ add %o2,%i4,%o2
-/* 0x029c 125 */ st %g5,[%g1+%g2]
-/* 0x02a0 128 */ bg,pn %icc,.L77000127
-/* 0x02a4 */ add %o1,%o2,%g5
-/* 0x02a8 */ add %i0,6,%i0
-/* 0x02ac */ add %i1,6,%i1
- .L77000134:
-/* 0x02b0 119 */ sra %i1,0,%o2
- .L900000112:
-/* 0x02b4 119 */ sllx %o2,3,%o3
-/* 0x02b8 120 */ and %i3,%g3,%o1
-/* 0x02bc 119 */ ldd [%g4+%o3],%f0
-/* 0x02c0 122 */ sra %i0,0,%o3
-/* 0x02c4 123 */ and %i2,%o5,%o2
-/* 0x02c8 122 */ sllx %o3,3,%o3
-/* 0x02cc 120 */ add %g5,%o1,%o1
-/* 0x02d0 119 */ fdtox %f0,%f0
-/* 0x02d4 */ std %f0,[%sp+2231]
-/* 0x02d8 123 */ sllx %o2,16,%o2
-/* 0x02dc */ add %o1,%o2,%o2
-/* 0x02e0 128 */ add %i1,2,%i1
-/* 0x02e4 122 */ ldd [%g4+%o3],%f0
-/* 0x02e8 124 */ srax %o2,32,%g2
-/* 0x02ec 125 */ and %o2,%g3,%o3
-/* 0x02f0 124 */ srax %i2,16,%o1
-/* 0x02f4 128 */ add %i0,2,%i0
-/* 0x02f8 122 */ fdtox %f0,%f0
-/* 0x02fc */ std %f0,[%sp+2223]
-/* 0x0300 125 */ sra %o0,0,%o2
-/* 0x0304 */ sllx %o2,2,%o2
-/* 0x0308 124 */ add %o1,%g2,%g5
-/* 0x030c 121 */ srax %i3,32,%g2
-/* 0x0310 128 */ add %o0,1,%o0
-/* 0x0314 124 */ add %g2,%g5,%g5
-/* 0x0318 128 */ cmp %o0,%o7
-/* 0x031c 119 */ ldx [%sp+2231],%o4
-/* 0x0320 122 */ ldx [%sp+2223],%i2
-/* 0x0324 125 */ st %o3,[%g1+%o2]
-/* 0x0328 127 */ or %g0,%o4,%i3
-/* 0x032c 128 */ ble,pt %icc,.L900000112
-/* 0x0330 */ sra %i1,0,%o2
- .L77000127:
-
-! 129 ! }
-! 130 ! t1+=a&0xffffffff;
-! 131 ! t=(a>>32);
-! 132 ! t1+=(b&0xffff)<<16;
-! 133 ! i32[i]=t1&0xffffffff;
-
-/* 0x0334 133 */ sethi %hi(0xfc00),%g2
- .L900000113:
-/* 0x0338 133 */ or %g0,-1,%g3
-/* 0x033c */ add %g2,1023,%g2
-/* 0x0340 */ srl %g3,0,%g3
-/* 0x0344 */ and %i2,%g2,%g2
-/* 0x0348 */ and %i3,%g3,%g4
-/* 0x034c */ sllx %g2,16,%g2
-/* 0x0350 */ add %g5,%g4,%g4
-/* 0x0354 */ sra %o0,0,%g5
-/* 0x0358 */ add %g4,%g2,%g4
-/* 0x035c */ sllx %g5,2,%g2
-/* 0x0360 */ and %g4,%g3,%g3
-/* 0x0364 */ st %g3,[%g1+%g2]
-/* 0x0368 */ ret ! Result =
-/* 0x036c */ restore %g0,%g0,%g0
-/* 0x0370 0 */ .type conv_d16_to_i32,2
-/* 0x0370 */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000201:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 8
-/* 0x0008 */ .skip 24
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32
- conv_i32_to_d32:
-/* 000000 */ or %g0,%o7,%g3
-
-! 135 !}
-! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-! 138 !{
-! 139 !int i;
-! 141 !#pragma pipeloop(0)
-! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004 142 */ cmp %o2,0
- .L900000210:
-/* 0x0008 */ call .+8
-/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0010 142 */ or %g0,0,%o3
-/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0018 142 */ sub %o2,1,%o4
-/* 0x001c 138 */ add %g4,%o7,%g1
-/* 0x0020 142 */ ble,pt %icc,.L77000140
-/* 0x0024 */ or %g0,%g3,%o7
-/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g3
-/* 0x002c */ cmp %o2,12
-/* 0x0030 */ add %g3,%lo(.L_const_seg_900000201),%g2
-/* 0x0034 */ or %g0,%o1,%g5
-/* 0x0038 */ ldx [%g1+%g2],%g4
-/* 0x003c */ or %g0,0,%g1
-/* 0x0040 */ or %g0,24,%g2
-/* 0x0044 */ bl,pn %icc,.L77000144
-/* 0x0048 */ or %g0,0,%g3
-/* 0x004c */ ld [%o1],%f13
-/* 0x0050 */ or %g0,7,%o3
-/* 0x0054 */ ldd [%g4],%f8
-/* 0x0058 */ sub %o2,5,%g3
-/* 0x005c */ or %g0,8,%g1
-/* 0x0060 */ ld [%o1+4],%f11
-/* 0x0064 */ ld [%o1+8],%f7
-/* 0x0068 */ fmovs %f8,%f12
-/* 0x006c */ ld [%o1+12],%f5
-/* 0x0070 */ fmovs %f8,%f10
-/* 0x0074 */ ld [%o1+16],%f3
-/* 0x0078 */ fmovs %f8,%f6
-/* 0x007c */ ld [%o1+20],%f1
-/* 0x0080 */ fsubd %f12,%f8,%f12
-/* 0x0084 */ std %f12,[%o0]
-/* 0x0088 */ fsubd %f10,%f8,%f10
-/* 0x008c */ std %f10,[%o0+8]
- .L900000205:
-/* 0x0090 */ ld [%o1+%g2],%f11
-/* 0x0094 */ add %g1,8,%g1
-/* 0x0098 */ add %o3,5,%o3
-/* 0x009c */ fsubd %f6,%f8,%f6
-/* 0x00a0 */ add %g2,4,%g2
-/* 0x00a4 */ std %f6,[%o0+%g1]
-/* 0x00a8 */ cmp %o3,%g3
-/* 0x00ac */ fmovs %f8,%f4
-/* 0x00b0 */ ld [%o1+%g2],%f7
-/* 0x00b4 */ fsubd %f4,%f8,%f12
-/* 0x00b8 */ add %g1,8,%g1
-/* 0x00bc */ add %g2,4,%g2
-/* 0x00c0 */ fmovs %f8,%f2
-/* 0x00c4 */ std %f12,[%o0+%g1]
-/* 0x00c8 */ ld [%o1+%g2],%f5
-/* 0x00cc */ fsubd %f2,%f8,%f12
-/* 0x00d0 */ add %g1,8,%g1
-/* 0x00d4 */ add %g2,4,%g2
-/* 0x00d8 */ fmovs %f8,%f0
-/* 0x00dc */ std %f12,[%o0+%g1]
-/* 0x00e0 */ ld [%o1+%g2],%f3
-/* 0x00e4 */ fsubd %f0,%f8,%f12
-/* 0x00e8 */ add %g1,8,%g1
-/* 0x00ec */ add %g2,4,%g2
-/* 0x00f0 */ fmovs %f8,%f10
-/* 0x00f4 */ std %f12,[%o0+%g1]
-/* 0x00f8 */ ld [%o1+%g2],%f1
-/* 0x00fc */ fsubd %f10,%f8,%f10
-/* 0x0100 */ add %g1,8,%g1
-/* 0x0104 */ add %g2,4,%g2
-/* 0x0108 */ std %f10,[%o0+%g1]
-/* 0x010c */ ble,pt %icc,.L900000205
-/* 0x0110 */ fmovs %f8,%f6
- .L900000208:
-/* 0x0114 */ fmovs %f8,%f4
-/* 0x0118 */ ld [%o1+%g2],%f11
-/* 0x011c */ add %g1,8,%g3
-/* 0x0120 */ fmovs %f8,%f2
-/* 0x0124 */ add %g1,16,%g1
-/* 0x0128 */ cmp %o3,%o4
-/* 0x012c */ fmovs %f8,%f0
-/* 0x0130 */ add %g1,8,%o1
-/* 0x0134 */ add %g1,16,%o2
-/* 0x0138 */ fmovs %f8,%f10
-/* 0x013c */ add %g1,24,%g2
-/* 0x0140 */ fsubd %f6,%f8,%f6
-/* 0x0144 */ std %f6,[%o0+%g3]
-/* 0x0148 */ fsubd %f4,%f8,%f4
-/* 0x014c */ std %f4,[%o0+%g1]
-/* 0x0150 */ sra %o3,0,%g1
-/* 0x0154 */ fsubd %f2,%f8,%f2
-/* 0x0158 */ std %f2,[%o0+%o1]
-/* 0x015c */ sllx %g1,2,%g3
-/* 0x0160 */ fsubd %f0,%f8,%f0
-/* 0x0164 */ std %f0,[%o0+%o2]
-/* 0x0168 */ fsubd %f10,%f8,%f0
-/* 0x016c */ bg,pn %icc,.L77000140
-/* 0x0170 */ std %f0,[%o0+%g2]
- .L77000144:
-/* 0x0174 */ ldd [%g4],%f8
- .L900000211:
-/* 0x0178 */ ld [%g5+%g3],%f13
-/* 0x017c */ sllx %g1,3,%g2
-/* 0x0180 */ add %o3,1,%o3
-/* 0x0184 */ sra %o3,0,%g1
-/* 0x0188 */ cmp %o3,%o4
-/* 0x018c */ fmovs %f8,%f12
-/* 0x0190 */ sllx %g1,2,%g3
-/* 0x0194 */ fsubd %f12,%f8,%f0
-/* 0x0198 */ std %f0,[%o0+%g2]
-/* 0x019c */ ble,a,pt %icc,.L900000211
-/* 0x01a0 */ ldd [%g4],%f8
- .L77000140:
-/* 0x01a4 */ retl ! Result =
-/* 0x01a8 */ nop
-/* 0x01ac 0 */ .type conv_i32_to_d32,2
-/* 0x01ac */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000301:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 8
-/* 0x0008 */ .skip 24
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d16
- conv_i32_to_d16:
-/* 000000 */ save %sp,-192,%sp
- .L900000310:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-
-! 143 !}
-! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-! 147 !{
-! 148 !int i;
-! 149 !unsigned int a;
-! 151 !#pragma pipeloop(0)
-! 152 ! for(i=0;i<len;i++)
-
-/* 0x000c 152 */ cmp %i2,0
-/* 0x0010 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x0014 152 */ ble,pt %icc,.L77000150
-/* 0x0018 */ add %g3,%o7,%o0
-
-! 153 ! {
-! 154 ! a=i32[i];
-! 155 ! d16[2*i]=(double)(a&0xffff);
-! 156 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x001c 156 */ sethi %hi(.L_const_seg_900000301),%g2
-/* 0x0020 147 */ or %g0,%i2,%o1
-/* 0x0024 152 */ sethi %hi(0xfc00),%g3
-/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%g2
-/* 0x002c 152 */ or %g0,%o1,%g4
-/* 0x0030 156 */ ldx [%o0+%g2],%o5
-/* 0x0034 152 */ add %g3,1023,%g1
-/* 0x0038 147 */ or %g0,%i1,%o7
-/* 0x003c 152 */ or %g0,0,%i2
-/* 0x0040 */ sub %o1,1,%g5
-/* 0x0044 */ or %g0,0,%g3
-/* 0x0048 */ or %g0,1,%g2
-/* 0x004c 154 */ or %g0,0,%o2
-/* 0x0050 */ cmp %g4,6
-/* 0x0054 152 */ bl,pn %icc,.L77000154
-/* 0x0058 */ ldd [%o5],%f0
-/* 0x005c */ sub %o1,2,%o3
-/* 0x0060 */ or %g0,16,%o2
-/* 0x0064 154 */ ld [%i1],%o4
-/* 0x0068 156 */ or %g0,3,%g2
-/* 0x006c */ or %g0,2,%g3
-/* 0x0070 155 */ fmovs %f0,%f2
-/* 0x0074 156 */ or %g0,4,%i2
-/* 0x0078 155 */ and %o4,%g1,%o0
-/* 0x007c */ st %o0,[%sp+2227]
-/* 0x0080 */ fmovs %f0,%f4
-/* 0x0084 156 */ srl %o4,16,%i4
-/* 0x0088 152 */ or %g0,12,%o4
-/* 0x008c */ or %g0,24,%o0
-/* 0x0090 155 */ ld [%sp+2227],%f3
-/* 0x0094 */ fsubd %f2,%f0,%f2
-/* 0x0098 */ std %f2,[%i0]
-/* 0x009c 156 */ st %i4,[%sp+2223]
-/* 0x00a0 154 */ ld [%o7+4],%o1
-/* 0x00a4 156 */ fmovs %f0,%f2
-/* 0x00a8 155 */ and %o1,%g1,%i1
-/* 0x00ac 156 */ ld [%sp+2223],%f3
-/* 0x00b0 */ srl %o1,16,%o1
-/* 0x00b4 */ fsubd %f2,%f0,%f2
-/* 0x00b8 */ std %f2,[%i0+8]
-/* 0x00bc */ st %o1,[%sp+2223]
-/* 0x00c0 155 */ st %i1,[%sp+2227]
-/* 0x00c4 154 */ ld [%o7+8],%o1
-/* 0x00c8 156 */ fmovs %f0,%f2
-/* 0x00cc 155 */ and %o1,%g1,%g4
-/* 0x00d0 */ ld [%sp+2227],%f5
-/* 0x00d4 156 */ srl %o1,16,%o1
-/* 0x00d8 */ ld [%sp+2223],%f3
-/* 0x00dc */ st %o1,[%sp+2223]
-/* 0x00e0 155 */ fsubd %f4,%f0,%f4
-/* 0x00e4 */ st %g4,[%sp+2227]
-/* 0x00e8 156 */ fsubd %f2,%f0,%f2
-/* 0x00ec 154 */ ld [%o7+12],%o1
-/* 0x00f0 155 */ std %f4,[%i0+16]
-/* 0x00f4 156 */ std %f2,[%i0+24]
- .L900000306:
-/* 0x00f8 155 */ ld [%sp+2227],%f5
-/* 0x00fc 156 */ add %i2,2,%i2
-/* 0x0100 */ add %g2,4,%g2
-/* 0x0104 */ ld [%sp+2223],%f3
-/* 0x0108 */ cmp %i2,%o3
-/* 0x010c */ add %g3,4,%g3
-/* 0x0110 155 */ and %o1,%g1,%g4
-/* 0x0114 156 */ srl %o1,16,%o1
-/* 0x0118 155 */ st %g4,[%sp+2227]
-/* 0x011c 156 */ st %o1,[%sp+2223]
-/* 0x0120 152 */ add %o4,4,%o1
-/* 0x0124 154 */ ld [%o7+%o1],%o4
-/* 0x0128 156 */ fmovs %f0,%f2
-/* 0x012c 155 */ fmovs %f0,%f4
-/* 0x0130 */ fsubd %f4,%f0,%f4
-/* 0x0134 152 */ add %o2,16,%o2
-/* 0x0138 156 */ fsubd %f2,%f0,%f2
-/* 0x013c 155 */ std %f4,[%i0+%o2]
-/* 0x0140 152 */ add %o0,16,%o0
-/* 0x0144 156 */ std %f2,[%i0+%o0]
-/* 0x0148 155 */ ld [%sp+2227],%f5
-/* 0x014c 156 */ ld [%sp+2223],%f3
-/* 0x0150 155 */ and %o4,%g1,%g4
-/* 0x0154 156 */ srl %o4,16,%o4
-/* 0x0158 155 */ st %g4,[%sp+2227]
-/* 0x015c 156 */ st %o4,[%sp+2223]
-/* 0x0160 152 */ add %o1,4,%o4
-/* 0x0164 154 */ ld [%o7+%o4],%o1
-/* 0x0168 156 */ fmovs %f0,%f2
-/* 0x016c 155 */ fmovs %f0,%f4
-/* 0x0170 */ fsubd %f4,%f0,%f4
-/* 0x0174 152 */ add %o2,16,%o2
-/* 0x0178 156 */ fsubd %f2,%f0,%f2
-/* 0x017c 155 */ std %f4,[%i0+%o2]
-/* 0x0180 152 */ add %o0,16,%o0
-/* 0x0184 156 */ ble,pt %icc,.L900000306
-/* 0x0188 */ std %f2,[%i0+%o0]
- .L900000309:
-/* 0x018c 155 */ ld [%sp+2227],%f5
-/* 0x0190 156 */ fmovs %f0,%f2
-/* 0x0194 */ srl %o1,16,%o3
-/* 0x0198 */ ld [%sp+2223],%f3
-/* 0x019c 155 */ and %o1,%g1,%i1
-/* 0x01a0 152 */ add %o2,16,%g4
-/* 0x01a4 155 */ fmovs %f0,%f4
-/* 0x01a8 */ st %i1,[%sp+2227]
-/* 0x01ac 152 */ add %o0,16,%o2
-/* 0x01b0 156 */ st %o3,[%sp+2223]
-/* 0x01b4 154 */ sra %i2,0,%o3
-/* 0x01b8 152 */ add %g4,16,%o1
-/* 0x01bc 155 */ fsubd %f4,%f0,%f4
-/* 0x01c0 */ std %f4,[%i0+%g4]
-/* 0x01c4 152 */ add %o0,32,%o0
-/* 0x01c8 156 */ fsubd %f2,%f0,%f2
-/* 0x01cc */ std %f2,[%i0+%o2]
-/* 0x01d0 */ sllx %o3,2,%o2
-/* 0x01d4 155 */ ld [%sp+2227],%f5
-/* 0x01d8 156 */ cmp %i2,%g5
-/* 0x01dc */ add %g2,6,%g2
-/* 0x01e0 */ ld [%sp+2223],%f3
-/* 0x01e4 */ add %g3,6,%g3
-/* 0x01e8 155 */ fmovs %f0,%f4
-/* 0x01ec 156 */ fmovs %f0,%f2
-/* 0x01f0 155 */ fsubd %f4,%f0,%f4
-/* 0x01f4 */ std %f4,[%i0+%o1]
-/* 0x01f8 156 */ fsubd %f2,%f0,%f0
-/* 0x01fc */ bg,pn %icc,.L77000150
-/* 0x0200 */ std %f0,[%i0+%o0]
- .L77000154:
-/* 0x0204 155 */ ldd [%o5],%f0
- .L900000311:
-/* 0x0208 154 */ ld [%o7+%o2],%o0
-/* 0x020c 155 */ sra %g3,0,%o1
-/* 0x0210 */ fmovs %f0,%f2
-/* 0x0214 */ sllx %o1,3,%o2
-/* 0x0218 156 */ add %i2,1,%i2
-/* 0x021c 155 */ and %o0,%g1,%o1
-/* 0x0220 */ st %o1,[%sp+2227]
-/* 0x0224 156 */ add %g3,2,%g3
-/* 0x0228 */ srl %o0,16,%o1
-/* 0x022c */ cmp %i2,%g5
-/* 0x0230 */ sra %g2,0,%o0
-/* 0x0234 */ add %g2,2,%g2
-/* 0x0238 */ sllx %o0,3,%o0
-/* 0x023c 155 */ ld [%sp+2227],%f3
-/* 0x0240 154 */ sra %i2,0,%o3
-/* 0x0244 155 */ fsubd %f2,%f0,%f2
-/* 0x0248 */ std %f2,[%i0+%o2]
-/* 0x024c */ sllx %o3,2,%o2
-/* 0x0250 156 */ st %o1,[%sp+2223]
-/* 0x0254 */ fmovs %f0,%f2
-/* 0x0258 */ ld [%sp+2223],%f3
-/* 0x025c */ fsubd %f2,%f0,%f0
-/* 0x0260 */ std %f0,[%i0+%o0]
-/* 0x0264 */ ble,a,pt %icc,.L900000311
-/* 0x0268 */ ldd [%o5],%f0
- .L77000150:
-/* 0x026c */ ret ! Result =
-/* 0x0270 */ restore %g0,%g0,%g0
-/* 0x0274 0 */ .type conv_i32_to_d16,2
-/* 0x0274 */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000401:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 8
-/* 0x0008 */ .skip 24
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32_and_d16
- conv_i32_to_d32_and_d16:
-/* 000000 */ save %sp,-192,%sp
- .L900000415:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
-
-! 157 ! }
-! 158 !}
-! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
-! 162 ! unsigned int *i32, int len)
-! 163 !{
-! 164 !int i = 0;
-! 165 !unsigned int a;
-! 167 !#pragma pipeloop(0)
-! 168 !#ifdef RF_INLINE_MACROS
-! 169 ! for(;i<len-3;i+=4)
-! 170 ! {
-! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x000c 172 */ sethi %hi(Zero),%g2
-/* 0x0010 163 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
-/* 0x0014 */ or %g0,%i3,%g5
-/* 0x0018 */ add %g3,%o7,%o3
-/* 0x001c 172 */ add %g2,%lo(Zero),%g2
-/* 0x0020 */ ldx [%o3+%g2],%o0
-/* 0x0024 */ sethi %hi(TwoToMinus16),%g3
-/* 0x0028 163 */ or %g0,%i0,%i3
-/* 0x002c 169 */ sub %g5,3,%o1
-/* 0x0030 172 */ sethi %hi(TwoTo16),%g4
-/* 0x0034 163 */ or %g0,%i2,%i0
-/* 0x0038 172 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x003c */ ldx [%o3+%g2],%o2
-/* 0x0040 169 */ cmp %o1,0
-/* 0x0044 164 */ or %g0,0,%i2
-/* 0x0048 169 */ ble,pt %icc,.L900000418
-/* 0x004c */ cmp %i2,%g5
-/* 0x0050 */ ldd [%o0],%f2
-/* 0x0054 172 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0058 */ ldx [%o3+%g3],%o1
-/* 0x005c 169 */ sub %g5,4,%o4
-/* 0x0060 */ or %g0,0,%o5
- .L900000417:
-/* 0x0064 172 */ sra %i2,0,%g2
-/* 0x0068 */ fmovd %f2,%f14
-/* 0x006c */ ldd [%o2],%f0
-/* 0x0070 */ sllx %g2,2,%g3
-/* 0x0074 */ fmovd %f2,%f10
-/* 0x0078 */ ldd [%o1],%f16
-/* 0x007c */ ld [%g3+%i0],%f15
-/* 0x0080 */ add %i0,%g3,%g3
-/* 0x0084 */ fmovd %f2,%f6
-/* 0x0088 */ ld [%g3+4],%f11
-/* 0x008c */ sra %o5,0,%g4
-/* 0x0090 */ add %i2,4,%i2
-/* 0x0094 */ ld [%g3+8],%f7
-/* 0x0098 */ fxtod %f14,%f14
-/* 0x009c */ sllx %g2,3,%g2
-/* 0x00a0 */ ld [%g3+12],%f3
-/* 0x00a4 */ fxtod %f10,%f10
-/* 0x00a8 */ sllx %g4,3,%g3
-/* 0x00ac */ fxtod %f6,%f6
-/* 0x00b0 */ std %f14,[%g2+%i3]
-/* 0x00b4 */ add %i3,%g2,%g4
-/* 0x00b8 */ fxtod %f2,%f2
-/* 0x00bc */ fmuld %f0,%f14,%f12
-/* 0x00c0 */ std %f2,[%g4+24]
-/* 0x00c4 */ fmuld %f0,%f10,%f8
-/* 0x00c8 */ std %f10,[%g4+8]
-/* 0x00cc */ add %i1,%g3,%g2
-/* 0x00d0 */ fmuld %f0,%f6,%f4
-/* 0x00d4 */ std %f6,[%g4+16]
-/* 0x00d8 */ cmp %i2,%o4
-/* 0x00dc */ fmuld %f0,%f2,%f0
-/* 0x00e0 */ fdtox %f12,%f12
-/* 0x00e4 */ add %o5,8,%o5
-/* 0x00e8 */ fdtox %f8,%f8
-/* 0x00ec */ fdtox %f4,%f4
-/* 0x00f0 */ fdtox %f0,%f0
-/* 0x00f4 */ fxtod %f12,%f12
-/* 0x00f8 */ std %f12,[%g2+8]
-/* 0x00fc */ fxtod %f8,%f8
-/* 0x0100 */ std %f8,[%g2+24]
-/* 0x0104 */ fxtod %f4,%f4
-/* 0x0108 */ std %f4,[%g2+40]
-/* 0x010c */ fxtod %f0,%f0
-/* 0x0110 */ std %f0,[%g2+56]
-/* 0x0114 */ fmuld %f12,%f16,%f12
-/* 0x0118 */ fmuld %f8,%f16,%f8
-/* 0x011c */ fmuld %f4,%f16,%f4
-/* 0x0120 */ fsubd %f14,%f12,%f12
-/* 0x0124 */ std %f12,[%g3+%i1]
-/* 0x0128 */ fmuld %f0,%f16,%f0
-/* 0x012c */ fsubd %f10,%f8,%f8
-/* 0x0130 */ std %f8,[%g2+16]
-/* 0x0134 */ fsubd %f6,%f4,%f4
-/* 0x0138 */ std %f4,[%g2+32]
-/* 0x013c */ fsubd %f2,%f0,%f0
-/* 0x0140 */ std %f0,[%g2+48]
-/* 0x0144 */ ble,a,pt %icc,.L900000417
-/* 0x0148 */ ldd [%o0],%f2
- .L77000159:
-
-! 173 ! }
-! 174 !#endif
-! 175 ! for(;i<len;i++)
-
-/* 0x014c 175 */ cmp %i2,%g5
- .L900000418:
-/* 0x0150 175 */ bge,pt %icc,.L77000164
-/* 0x0154 */ nop
-
-! 176 ! {
-! 177 ! a=i32[i];
-! 178 ! d32[i]=(double)(i32[i]);
-! 179 ! d16[2*i]=(double)(a&0xffff);
-! 180 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2
-/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%g2
-/* 0x0160 175 */ sethi %hi(0xfc00),%g3
-/* 0x0164 180 */ ldx [%o3+%g2],%g1
-/* 0x0168 175 */ sll %i2,1,%i4
-/* 0x016c */ sub %g5,%i2,%g4
-/* 0x0170 177 */ sra %i2,0,%o3
-/* 0x0174 175 */ add %g3,1023,%g3
-/* 0x0178 178 */ ldd [%g1],%f2
-/* 0x017c */ sllx %o3,2,%o2
-/* 0x0180 175 */ add %i4,1,%g2
-/* 0x0184 177 */ or %g0,%o3,%o1
-/* 0x0188 */ cmp %g4,6
-/* 0x018c 175 */ bl,pn %icc,.L77000161
-/* 0x0190 */ sra %i2,0,%o3
-/* 0x0194 177 */ or %g0,%o2,%o0
-/* 0x0198 178 */ ld [%i0+%o2],%f5
-/* 0x019c 179 */ fmovs %f2,%f8
-/* 0x01a0 175 */ add %o0,4,%o3
-/* 0x01a4 177 */ ld [%i0+%o0],%o7
-/* 0x01a8 180 */ fmovs %f2,%f6
-/* 0x01ac 178 */ fmovs %f2,%f4
-/* 0x01b0 */ sllx %o1,3,%o2
-/* 0x01b4 175 */ add %o3,4,%o5
-/* 0x01b8 179 */ sra %i4,0,%o0
-/* 0x01bc 175 */ add %o3,8,%o4
-/* 0x01c0 178 */ fsubd %f4,%f2,%f4
-/* 0x01c4 */ std %f4,[%i3+%o2]
-/* 0x01c8 179 */ sllx %o0,3,%i5
-/* 0x01cc */ and %o7,%g3,%o0
-/* 0x01d0 */ st %o0,[%sp+2227]
-/* 0x01d4 175 */ add %i5,16,%o1
-/* 0x01d8 180 */ srl %o7,16,%g4
-/* 0x01dc */ add %i2,1,%i2
-/* 0x01e0 */ sra %g2,0,%o0
-/* 0x01e4 175 */ add %o2,8,%o2
-/* 0x01e8 179 */ fmovs %f2,%f4
-/* 0x01ec 180 */ sllx %o0,3,%l0
-/* 0x01f0 */ add %i4,3,%g2
-/* 0x01f4 179 */ ld [%sp+2227],%f5
-/* 0x01f8 175 */ add %l0,16,%o0
-/* 0x01fc 180 */ add %i4,2,%i4
-/* 0x0200 175 */ sub %g5,1,%o7
-/* 0x0204 180 */ add %i2,3,%i2
-/* 0x0208 179 */ fsubd %f4,%f2,%f4
-/* 0x020c */ std %f4,[%i1+%i5]
-/* 0x0210 180 */ st %g4,[%sp+2223]
-/* 0x0214 177 */ ld [%i0+%o3],%i5
-/* 0x0218 180 */ fmovs %f2,%f4
-/* 0x021c */ srl %i5,16,%g4
-/* 0x0220 179 */ and %i5,%g3,%i5
-/* 0x0224 180 */ ld [%sp+2223],%f5
-/* 0x0228 */ fsubd %f4,%f2,%f4
-/* 0x022c */ std %f4,[%i1+%l0]
-/* 0x0230 */ st %g4,[%sp+2223]
-/* 0x0234 177 */ ld [%i0+%o5],%g4
-/* 0x0238 179 */ st %i5,[%sp+2227]
-/* 0x023c 178 */ fmovs %f2,%f4
-/* 0x0240 180 */ srl %g4,16,%i5
-/* 0x0244 179 */ and %g4,%g3,%g4
-/* 0x0248 180 */ ld [%sp+2223],%f7
-/* 0x024c */ st %i5,[%sp+2223]
-/* 0x0250 178 */ ld [%i0+%o3],%f5
-/* 0x0254 180 */ fsubd %f6,%f2,%f6
-/* 0x0258 177 */ ld [%i0+%o4],%o3
-/* 0x025c 178 */ fsubd %f4,%f2,%f4
-/* 0x0260 179 */ ld [%sp+2227],%f9
-/* 0x0264 180 */ ld [%sp+2223],%f1
-/* 0x0268 179 */ st %g4,[%sp+2227]
-/* 0x026c */ fsubd %f8,%f2,%f8
-/* 0x0270 */ std %f8,[%i1+%o1]
-/* 0x0274 180 */ std %f6,[%i1+%o0]
-/* 0x0278 178 */ std %f4,[%i3+%o2]
- .L900000411:
-/* 0x027c 179 */ ld [%sp+2227],%f13
-/* 0x0280 180 */ srl %o3,16,%g4
-/* 0x0284 */ add %i2,2,%i2
-/* 0x0288 */ st %g4,[%sp+2223]
-/* 0x028c */ cmp %i2,%o7
-/* 0x0290 */ add %g2,4,%g2
-/* 0x0294 178 */ ld [%i0+%o5],%f11
-/* 0x0298 180 */ add %i4,4,%i4
-/* 0x029c 175 */ add %o4,4,%o5
-/* 0x02a0 177 */ ld [%i0+%o5],%g4
-/* 0x02a4 179 */ and %o3,%g3,%o3
-/* 0x02a8 */ st %o3,[%sp+2227]
-/* 0x02ac 180 */ fmovs %f2,%f0
-/* 0x02b0 179 */ fmovs %f2,%f12
-/* 0x02b4 180 */ fsubd %f0,%f2,%f8
-/* 0x02b8 179 */ fsubd %f12,%f2,%f4
-/* 0x02bc 175 */ add %o1,16,%o1
-/* 0x02c0 180 */ ld [%sp+2223],%f7
-/* 0x02c4 178 */ fmovs %f2,%f10
-/* 0x02c8 179 */ std %f4,[%i1+%o1]
-/* 0x02cc 175 */ add %o0,16,%o0
-/* 0x02d0 178 */ fsubd %f10,%f2,%f4
-/* 0x02d4 175 */ add %o2,8,%o2
-/* 0x02d8 180 */ std %f8,[%i1+%o0]
-/* 0x02dc 178 */ std %f4,[%i3+%o2]
-/* 0x02e0 179 */ ld [%sp+2227],%f9
-/* 0x02e4 180 */ srl %g4,16,%o3
-/* 0x02e8 */ st %o3,[%sp+2223]
-/* 0x02ec 178 */ ld [%i0+%o4],%f5
-/* 0x02f0 175 */ add %o4,8,%o4
-/* 0x02f4 177 */ ld [%i0+%o4],%o3
-/* 0x02f8 179 */ and %g4,%g3,%g4
-/* 0x02fc */ st %g4,[%sp+2227]
-/* 0x0300 180 */ fmovs %f2,%f6
-/* 0x0304 179 */ fmovs %f2,%f8
-/* 0x0308 180 */ fsubd %f6,%f2,%f6
-/* 0x030c 179 */ fsubd %f8,%f2,%f8
-/* 0x0310 175 */ add %o1,16,%o1
-/* 0x0314 180 */ ld [%sp+2223],%f1
-/* 0x0318 178 */ fmovs %f2,%f4
-/* 0x031c 179 */ std %f8,[%i1+%o1]
-/* 0x0320 175 */ add %o0,16,%o0
-/* 0x0324 178 */ fsubd %f4,%f2,%f4
-/* 0x0328 175 */ add %o2,8,%o2
-/* 0x032c 180 */ std %f6,[%i1+%o0]
-/* 0x0330 */ bl,pt %icc,.L900000411
-/* 0x0334 */ std %f4,[%i3+%o2]
- .L900000414:
-/* 0x0338 180 */ srl %o3,16,%o7
-/* 0x033c */ st %o7,[%sp+2223]
-/* 0x0340 179 */ fmovs %f2,%f12
-/* 0x0344 178 */ ld [%i0+%o5],%f11
-/* 0x0348 180 */ fmovs %f2,%f0
-/* 0x034c 179 */ and %o3,%g3,%g4
-/* 0x0350 180 */ fmovs %f2,%f6
-/* 0x0354 175 */ add %o1,16,%o3
-/* 0x0358 */ add %o0,16,%o7
-/* 0x035c 178 */ fmovs %f2,%f10
-/* 0x0360 175 */ add %o2,8,%o2
-/* 0x0364 */ add %o1,32,%o5
-/* 0x0368 179 */ ld [%sp+2227],%f13
-/* 0x036c 178 */ fmovs %f2,%f4
-/* 0x0370 175 */ add %o0,32,%o1
-/* 0x0374 180 */ ld [%sp+2223],%f7
-/* 0x0378 175 */ add %o2,8,%o0
-/* 0x037c 180 */ cmp %i2,%g5
-/* 0x0380 179 */ st %g4,[%sp+2227]
-/* 0x0384 */ fsubd %f12,%f2,%f8
-/* 0x0388 180 */ add %g2,6,%g2
-/* 0x038c 179 */ std %f8,[%i1+%o3]
-/* 0x0390 180 */ fsubd %f0,%f2,%f0
-/* 0x0394 177 */ sra %i2,0,%o3
-/* 0x0398 180 */ std %f0,[%i1+%o7]
-/* 0x039c 178 */ fsubd %f10,%f2,%f0
-/* 0x03a0 180 */ add %i4,6,%i4
-/* 0x03a4 178 */ std %f0,[%i3+%o2]
-/* 0x03a8 */ sllx %o3,2,%o2
-/* 0x03ac 179 */ ld [%sp+2227],%f9
-/* 0x03b0 178 */ ld [%i0+%o4],%f5
-/* 0x03b4 179 */ fmovs %f2,%f8
-/* 0x03b8 */ fsubd %f8,%f2,%f0
-/* 0x03bc */ std %f0,[%i1+%o5]
-/* 0x03c0 180 */ fsubd %f6,%f2,%f0
-/* 0x03c4 */ std %f0,[%i1+%o1]
-/* 0x03c8 178 */ fsubd %f4,%f2,%f0
-/* 0x03cc 180 */ bge,pn %icc,.L77000164
-/* 0x03d0 */ std %f0,[%i3+%o0]
- .L77000161:
-/* 0x03d4 178 */ ldd [%g1],%f2
- .L900000416:
-/* 0x03d8 178 */ ld [%i0+%o2],%f5
-/* 0x03dc 179 */ sra %i4,0,%o0
-/* 0x03e0 180 */ add %i2,1,%i2
-/* 0x03e4 177 */ ld [%i0+%o2],%o1
-/* 0x03e8 178 */ sllx %o3,3,%o3
-/* 0x03ec 180 */ add %i4,2,%i4
-/* 0x03f0 178 */ fmovs %f2,%f4
-/* 0x03f4 179 */ sllx %o0,3,%o4
-/* 0x03f8 180 */ cmp %i2,%g5
-/* 0x03fc 179 */ and %o1,%g3,%o0
-/* 0x0400 178 */ fsubd %f4,%f2,%f0
-/* 0x0404 */ std %f0,[%i3+%o3]
-/* 0x0408 180 */ srl %o1,16,%o1
-/* 0x040c 179 */ st %o0,[%sp+2227]
-/* 0x0410 180 */ sra %g2,0,%o0
-/* 0x0414 */ add %g2,2,%g2
-/* 0x0418 177 */ sra %i2,0,%o3
-/* 0x041c 180 */ sllx %o0,3,%o0
-/* 0x0420 179 */ fmovs %f2,%f4
-/* 0x0424 */ sllx %o3,2,%o2
-/* 0x0428 */ ld [%sp+2227],%f5
-/* 0x042c */ fsubd %f4,%f2,%f0
-/* 0x0430 */ std %f0,[%i1+%o4]
-/* 0x0434 180 */ st %o1,[%sp+2223]
-/* 0x0438 */ fmovs %f2,%f4
-/* 0x043c */ ld [%sp+2223],%f5
-/* 0x0440 */ fsubd %f4,%f2,%f0
-/* 0x0444 */ std %f0,[%i1+%o0]
-/* 0x0448 */ bl,a,pt %icc,.L900000416
-/* 0x044c */ ldd [%g1],%f2
- .L77000164:
-/* 0x0450 */ ret ! Result =
-/* 0x0454 */ restore %g0,%g0,%g0
-/* 0x0458 0 */ .type conv_i32_to_d32_and_d16,2
-/* 0x0458 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global adjust_montf_result
- adjust_montf_result:
-/* 000000 */ save %sp,-176,%sp
-/* 0x0004 */ or %g0,%i2,%o1
-/* 0x0008 */ or %g0,%i0,%i2
-
-! 181 ! }
-! 182 !}
-! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-! 186 !{
-! 187 !long long acc;
-! 188 !int i;
-! 190 ! if(i32[len]>0) i=-1;
-
-/* 0x000c 190 */ sra %o1,0,%g2
-/* 0x0010 */ or %g0,-1,%o2
-/* 0x0014 */ sllx %g2,2,%g2
-/* 0x0018 */ ld [%i2+%g2],%g2
-/* 0x001c */ cmp %g2,0
-/* 0x0020 */ bleu,pn %icc,.L77000175
-/* 0x0024 */ or %g0,%i1,%i0
-/* 0x0028 */ ba .L900000511
-/* 0x002c */ cmp %o2,0
- .L77000175:
-
-! 191 ! else
-! 192 ! {
-! 193 ! for(i=len-1; i>=0; i--)
-
-/* 0x0030 193 */ sub %o1,1,%o2
-/* 0x0034 */ cmp %o2,0
-/* 0x0038 */ bl,pn %icc,.L77000182
-/* 0x003c */ sra %o2,0,%g2
- .L900000510:
-
-! 194 ! {
-! 195 ! if(i32[i]!=nint[i]) break;
-
-/* 0x0040 195 */ sllx %g2,2,%g2
-/* 0x0044 */ sub %o2,1,%o0
-/* 0x0048 */ ld [%i1+%g2],%g3
-/* 0x004c */ ld [%i2+%g2],%g2
-/* 0x0050 */ cmp %g2,%g3
-/* 0x0054 */ bne,pn %icc,.L77000182
-/* 0x0058 */ nop
-/* 0x005c 0 */ or %g0,%o0,%o2
-/* 0x0060 195 */ cmp %o0,0
-/* 0x0064 */ bge,pt %icc,.L900000510
-/* 0x0068 */ sra %o2,0,%g2
- .L77000182:
-
-! 196 ! }
-! 197 ! }
-! 198 ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x006c 198 */ cmp %o2,0
- .L900000511:
-/* 0x0070 198 */ bl,pn %icc,.L77000198
-/* 0x0074 */ sra %o2,0,%g2
-/* 0x0078 */ sllx %g2,2,%g2
-/* 0x007c */ ld [%i1+%g2],%g3
-/* 0x0080 */ ld [%i2+%g2],%g2
-/* 0x0084 */ cmp %g2,%g3
-/* 0x0088 */ bleu,pt %icc,.L77000191
-/* 0x008c */ nop
- .L77000198:
-
-! 199 ! {
-! 200 ! acc=0;
-! 201 ! for(i=0;i<len;i++)
-
-/* 0x0090 201 */ cmp %o1,0
-/* 0x0094 */ ble,pt %icc,.L77000191
-/* 0x0098 */ nop
-/* 0x009c 198 */ or %g0,-1,%g2
-/* 0x00a0 201 */ or %g0,%o1,%g3
-/* 0x00a4 198 */ srl %g2,0,%g2
-/* 0x00a8 */ sub %o1,1,%g4
-/* 0x00ac */ cmp %o1,9
-/* 0x00b0 201 */ or %g0,0,%i1
-/* 0x00b4 200 */ or %g0,0,%g5
-
-! 202 ! {
-! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00b8 203 */ or %g0,0,%o1
-/* 0x00bc 201 */ bl,pn %icc,.L77000199
-/* 0x00c0 */ sub %g3,4,%o7
-/* 0x00c4 203 */ ld [%i2],%o1
-
-! 204 ! i32[i]=acc&0xffffffff;
-! 205 ! acc=acc>>32;
-
-/* 0x00c8 205 */ or %g0,5,%i1
-/* 0x00cc 203 */ ld [%i0],%o2
-/* 0x00d0 201 */ or %g0,8,%o5
-/* 0x00d4 */ or %g0,12,%o4
-/* 0x00d8 203 */ ld [%i0+4],%o3
-/* 0x00dc 201 */ or %g0,16,%g1
-/* 0x00e0 203 */ ld [%i2+4],%o0
-/* 0x00e4 201 */ sub %o1,%o2,%o1
-/* 0x00e8 203 */ ld [%i0+8],%i3
-/* 0x00ec 204 */ and %o1,%g2,%g5
-/* 0x00f0 */ st %g5,[%i2]
-/* 0x00f4 205 */ srax %o1,32,%g5
-/* 0x00f8 201 */ sub %o0,%o3,%o0
-/* 0x00fc 203 */ ld [%i0+12],%o2
-/* 0x0100 201 */ add %o0,%g5,%o0
-/* 0x0104 204 */ and %o0,%g2,%g5
-/* 0x0108 */ st %g5,[%i2+4]
-/* 0x010c 205 */ srax %o0,32,%o0
-/* 0x0110 203 */ ld [%i2+8],%o1
-/* 0x0114 */ ld [%i2+12],%o3
-/* 0x0118 201 */ sub %o1,%i3,%o1
- .L900000505:
-/* 0x011c */ add %g1,4,%g3
-/* 0x0120 203 */ ld [%g1+%i2],%g5
-/* 0x0124 201 */ add %o1,%o0,%o0
-/* 0x0128 203 */ ld [%i0+%g1],%i3
-/* 0x012c 201 */ sub %o3,%o2,%o1
-/* 0x0130 204 */ and %o0,%g2,%o2
-/* 0x0134 */ st %o2,[%o5+%i2]
-/* 0x0138 205 */ srax %o0,32,%o2
-/* 0x013c */ add %i1,4,%i1
-/* 0x0140 201 */ add %g1,8,%o5
-/* 0x0144 203 */ ld [%g3+%i2],%o0
-/* 0x0148 201 */ add %o1,%o2,%o1
-/* 0x014c 203 */ ld [%i0+%g3],%o3
-/* 0x0150 201 */ sub %g5,%i3,%o2
-/* 0x0154 204 */ and %o1,%g2,%g5
-/* 0x0158 */ st %g5,[%o4+%i2]
-/* 0x015c 205 */ srax %o1,32,%g5
-/* 0x0160 */ cmp %i1,%o7
-/* 0x0164 201 */ add %g1,12,%o4
-/* 0x0168 203 */ ld [%o5+%i2],%o1
-/* 0x016c 201 */ add %o2,%g5,%o2
-/* 0x0170 203 */ ld [%i0+%o5],%i3
-/* 0x0174 201 */ sub %o0,%o3,%o0
-/* 0x0178 204 */ and %o2,%g2,%o3
-/* 0x017c */ st %o3,[%g1+%i2]
-/* 0x0180 205 */ srax %o2,32,%g5
-/* 0x0184 203 */ ld [%o4+%i2],%o3
-/* 0x0188 201 */ add %g1,16,%g1
-/* 0x018c */ add %o0,%g5,%o0
-/* 0x0190 203 */ ld [%i0+%o4],%o2
-/* 0x0194 201 */ sub %o1,%i3,%o1
-/* 0x0198 204 */ and %o0,%g2,%g5
-/* 0x019c */ st %g5,[%g3+%i2]
-/* 0x01a0 205 */ ble,pt %icc,.L900000505
-/* 0x01a4 */ srax %o0,32,%o0
- .L900000508:
-/* 0x01a8 */ add %o1,%o0,%g3
-/* 0x01ac */ sub %o3,%o2,%o1
-/* 0x01b0 203 */ ld [%g1+%i2],%o0
-/* 0x01b4 */ ld [%i0+%g1],%o2
-/* 0x01b8 205 */ srax %g3,32,%o7
-/* 0x01bc 204 */ and %g3,%g2,%o3
-/* 0x01c0 201 */ add %o1,%o7,%o1
-/* 0x01c4 204 */ st %o3,[%o5+%i2]
-/* 0x01c8 205 */ cmp %i1,%g4
-/* 0x01cc 201 */ sub %o0,%o2,%o0
-/* 0x01d0 204 */ and %o1,%g2,%o2
-/* 0x01d4 */ st %o2,[%o4+%i2]
-/* 0x01d8 205 */ srax %o1,32,%o1
-/* 0x01dc 203 */ sra %i1,0,%o2
-/* 0x01e0 201 */ add %o0,%o1,%o0
-/* 0x01e4 205 */ srax %o0,32,%g5
-/* 0x01e8 204 */ and %o0,%g2,%o1
-/* 0x01ec */ st %o1,[%g1+%i2]
-/* 0x01f0 205 */ bg,pn %icc,.L77000191
-/* 0x01f4 */ sllx %o2,2,%o1
- .L77000199:
-/* 0x01f8 0 */ or %g0,%o1,%g1
- .L900000509:
-/* 0x01fc 203 */ ld [%o1+%i2],%o0
-/* 0x0200 205 */ add %i1,1,%i1
-/* 0x0204 203 */ ld [%i0+%o1],%o1
-/* 0x0208 */ sra %i1,0,%o2
-/* 0x020c 205 */ cmp %i1,%g4
-/* 0x0210 203 */ add %g5,%o0,%o0
-/* 0x0214 */ sub %o0,%o1,%o0
-/* 0x0218 205 */ srax %o0,32,%g5
-/* 0x021c 204 */ and %o0,%g2,%o1
-/* 0x0220 */ st %o1,[%g1+%i2]
-/* 0x0224 */ sllx %o2,2,%o1
-/* 0x0228 205 */ ble,pt %icc,.L900000509
-/* 0x022c */ or %g0,%o1,%g1
- .L77000191:
-/* 0x0230 */ ret ! Result =
-/* 0x0234 */ restore %g0,%g0,%g0
-/* 0x0238 0 */ .type adjust_montf_result,2
-/* 0x0238 */ .size adjust_montf_result,(.-adjust_montf_result)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-/* 000000 */ .skip 24
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global mont_mulf_noconv
- mont_mulf_noconv:
-/* 000000 */ save %sp,-224,%sp
- .L900000643:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
-/* 0x000c */ ldx [%fp+2223],%l0
-
-! 206 ! }
-! 207 ! }
-! 208 !}
-! 213 !/*
-! 214 !** the lengths of the input arrays should be at least the following:
-! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-! 216 !** all of them should be different from one another
-! 217 !**
-! 218 !*/
-! 219 !void mont_mulf_noconv(unsigned int *result,
-! 220 ! double *dm1, double *dm2, double *dt,
-! 221 ! double *dn, unsigned int *nint,
-! 222 ! int nlen, double dn0)
-! 223 !{
-! 224 ! int i, j, jj;
-! 225 ! int tmp;
-! 226 ! double digit, m2j, nextm2j, a, b;
-! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-! 229 ! pdm1=&(dm1[0]);
-! 230 ! pdm2=&(dm2[0]);
-! 231 ! pdn=&(dn[0]);
-! 232 ! pdm2[2*nlen]=Zero;
-
-/* 0x0010 232 */ sethi %hi(Zero),%g2
-/* 0x0014 223 */ fmovd %f14,%f30
-/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
-/* 0x001c 232 */ add %g2,%lo(Zero),%g2
-/* 0x0020 */ sll %l0,1,%o3
-/* 0x0024 223 */ add %g5,%o7,%o4
-/* 0x0028 232 */ sra %o3,0,%g5
-/* 0x002c */ ldx [%o4+%g2],%o7
-
-! 234 ! if (nlen!=16)
-! 235 ! {
-! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-! 238 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-/* 0x0030 239 */ sethi %hi(TwoToMinus16),%g3
-/* 0x0034 */ sethi %hi(TwoTo16),%g4
-/* 0x0038 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x003c 232 */ ldd [%o7],%f0
-/* 0x0040 239 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0044 223 */ or %g0,%i4,%o0
-/* 0x0048 232 */ sllx %g5,3,%g4
-/* 0x004c 239 */ ldx [%o4+%g2],%o5
-/* 0x0050 223 */ or %g0,%i5,%l3
-/* 0x0054 */ or %g0,%i0,%l2
-/* 0x0058 239 */ ldx [%o4+%g3],%o4
-/* 0x005c 234 */ cmp %l0,16
-/* 0x0060 232 */ std %f0,[%i2+%g4]
-/* 0x0064 234 */ be,pn %icc,.L77000279
-/* 0x0068 */ or %g0,%i3,%l4
-/* 0x006c 236 */ sll %l0,2,%g2
-/* 0x0070 223 */ or %g0,%o0,%i5
-/* 0x0074 236 */ add %g2,2,%o0
-/* 0x0078 223 */ or %g0,%i1,%i4
-/* 0x007c 236 */ cmp %o0,0
-/* 0x0080 223 */ or %g0,%i2,%l1
-/* 0x0084 236 */ ble,a,pt %icc,.L900000657
-/* 0x0088 */ ldd [%i1],%f6
-
-! 241 ! pdtj=&(dt[0]);
-! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-! 243 ! {
-! 244 ! m2j=pdm2[j];
-! 245 ! a=pdtj[0]+pdn[0]*digit;
-! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-! 247 ! pdtj[1]=b;
-! 249 !#pragma pipeloop(0)
-! 250 ! for(i=1;i<nlen;i++)
-! 251 ! {
-! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 253 ! }
-! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-! 255 !
-! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 257 ! }
-! 258 ! }
-! 259 ! else
-! 260 ! {
-! 261 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
-! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
-! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
-! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
-! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
-! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
-! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
-! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
-! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
-! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
-! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-! 275 ! pdn_0=pdn[0];
-! 276 ! pdm1_0=pdm1[0];
-! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 279 ! pdtj=&(dt[0]);
-! 281 ! for(j=0;j<32;j++,pdtj++)
-
-/* 0x008c 281 */ or %g0,%o0,%o1
-/* 0x0090 236 */ sub %o0,1,%g1
-/* 0x0094 */ or %g0,0,%g2
-/* 0x0098 281 */ cmp %o1,5
-/* 0x009c */ bl,pn %icc,.L77000280
-/* 0x00a0 */ or %g0,8,%o0
-/* 0x00a4 */ std %f0,[%i3]
-/* 0x00a8 */ or %g0,2,%g2
-/* 0x00ac */ sub %g1,2,%o1
- .L900000627:
-/* 0x00b0 */ add %o0,8,%g3
-/* 0x00b4 */ std %f0,[%i3+%o0]
-/* 0x00b8 */ add %g2,3,%g2
-/* 0x00bc */ add %o0,16,%o2
-/* 0x00c0 */ std %f0,[%i3+%g3]
-/* 0x00c4 */ cmp %g2,%o1
-/* 0x00c8 */ add %o0,24,%o0
-/* 0x00cc */ ble,pt %icc,.L900000627
-/* 0x00d0 */ std %f0,[%i3+%o2]
- .L900000630:
-/* 0x00d4 */ cmp %g2,%g1
-/* 0x00d8 */ bg,pn %icc,.L77000285
-/* 0x00dc */ std %f0,[%i3+%o0]
- .L77000280:
-/* 0x00e0 */ ldd [%o7],%f0
- .L900000656:
-/* 0x00e4 */ sra %g2,0,%o0
-/* 0x00e8 */ add %g2,1,%g2
-/* 0x00ec */ sllx %o0,3,%o0
-/* 0x00f0 */ cmp %g2,%g1
-/* 0x00f4 */ std %f0,[%i3+%o0]
-/* 0x00f8 */ ble,a,pt %icc,.L900000656
-/* 0x00fc */ ldd [%o7],%f0
- .L77000285:
-/* 0x0100 238 */ ldd [%i1],%f6
- .L900000657:
-/* 0x0104 238 */ ldd [%i2],%f8
-/* 0x0108 242 */ cmp %o3,0
-/* 0x010c */ sub %o3,1,%o1
-/* 0x0110 239 */ ldd [%o7],%f10
-/* 0x0114 */ add %o3,1,%o2
-/* 0x0118 0 */ or %g0,0,%i2
-/* 0x011c 238 */ fmuld %f6,%f8,%f6
-/* 0x0120 */ std %f6,[%i3]
-/* 0x0124 0 */ or %g0,0,%g3
-/* 0x0128 239 */ ldd [%o5],%f8
-/* 0x012c 0 */ or %g0,%o2,%g1
-/* 0x0130 236 */ sub %l0,1,%i1
-/* 0x0134 239 */ ldd [%o4],%f12
-/* 0x0138 236 */ or %g0,1,%g4
-/* 0x013c */ fdtox %f6,%f0
-/* 0x0140 */ fmovs %f10,%f0
-/* 0x0144 */ fxtod %f0,%f6
-/* 0x0148 239 */ fmuld %f6,%f14,%f6
-/* 0x014c */ fmuld %f6,%f8,%f8
-/* 0x0150 */ fdtox %f8,%f8
-/* 0x0154 */ fxtod %f8,%f8
-/* 0x0158 */ fmuld %f8,%f12,%f8
-/* 0x015c */ fsubd %f6,%f8,%f20
-/* 0x0160 242 */ ble,pt %icc,.L900000650
-/* 0x0164 */ sllx %g5,3,%g2
-/* 0x0168 0 */ st %o1,[%sp+2223]
-/* 0x016c 246 */ ldd [%i5],%f6
- .L900000651:
-/* 0x0170 246 */ sra %g4,0,%g2
-/* 0x0174 */ fmuld %f6,%f20,%f6
-/* 0x0178 */ ldd [%i3],%f12
-/* 0x017c */ sllx %g2,3,%g2
-/* 0x0180 */ ldd [%i4],%f8
-/* 0x0184 250 */ cmp %l0,1
-/* 0x0188 246 */ ldd [%l1+%g2],%f10
-/* 0x018c 244 */ sra %i2,0,%g2
-/* 0x0190 */ add %i2,1,%i0
-/* 0x0194 246 */ faddd %f12,%f6,%f6
-/* 0x0198 */ ldd [%o5],%f12
-/* 0x019c 244 */ sllx %g2,3,%g2
-/* 0x01a0 246 */ fmuld %f8,%f10,%f8
-/* 0x01a4 */ ldd [%i3+8],%f10
-/* 0x01a8 */ srl %i2,31,%o3
-/* 0x01ac 244 */ ldd [%l1+%g2],%f18
-/* 0x01b0 0 */ or %g0,1,%l5
-/* 0x01b4 236 */ or %g0,2,%g2
-/* 0x01b8 246 */ fmuld %f6,%f12,%f6
-/* 0x01bc 250 */ or %g0,32,%o1
-/* 0x01c0 */ or %g0,48,%o2
-/* 0x01c4 246 */ faddd %f10,%f8,%f8
-/* 0x01c8 */ faddd %f8,%f6,%f16
-/* 0x01cc 250 */ ble,pn %icc,.L77000213
-/* 0x01d0 */ std %f16,[%i3+8]
-/* 0x01d4 */ cmp %i1,8
-/* 0x01d8 */ sub %l0,3,%o3
-/* 0x01dc */ bl,pn %icc,.L77000284
-/* 0x01e0 */ or %g0,8,%o0
-/* 0x01e4 252 */ ldd [%i5+8],%f0
-/* 0x01e8 */ or %g0,6,%l5
-/* 0x01ec */ ldd [%i4+8],%f2
-/* 0x01f0 */ or %g0,4,%g2
-/* 0x01f4 250 */ or %g0,40,%o0
-/* 0x01f8 252 */ ldd [%i5+16],%f8
-/* 0x01fc */ fmuld %f0,%f20,%f10
-/* 0x0200 */ ldd [%i4+16],%f4
-/* 0x0204 */ fmuld %f2,%f18,%f2
-/* 0x0208 */ ldd [%i3+16],%f0
-/* 0x020c */ fmuld %f8,%f20,%f12
-/* 0x0210 */ ldd [%i4+24],%f6
-/* 0x0214 */ fmuld %f4,%f18,%f4
-/* 0x0218 */ ldd [%i5+24],%f8
-/* 0x021c */ faddd %f2,%f10,%f2
-/* 0x0220 */ ldd [%i4+32],%f14
-/* 0x0224 */ fmuld %f6,%f18,%f10
-/* 0x0228 */ ldd [%i5+32],%f6
-/* 0x022c */ faddd %f4,%f12,%f4
-/* 0x0230 */ ldd [%i4+40],%f12
-/* 0x0234 */ faddd %f0,%f2,%f0
-/* 0x0238 */ std %f0,[%i3+16]
-/* 0x023c */ ldd [%i3+32],%f0
-/* 0x0240 */ ldd [%i3+48],%f2
- .L900000639:
-/* 0x0244 */ add %o2,16,%l6
-/* 0x0248 252 */ ldd [%i5+%o0],%f22
-/* 0x024c */ add %l5,3,%l5
-/* 0x0250 */ fmuld %f8,%f20,%f8
-/* 0x0254 250 */ add %o0,8,%o0
-/* 0x0258 252 */ ldd [%l6+%i3],%f26
-/* 0x025c */ cmp %l5,%o3
-/* 0x0260 */ ldd [%i4+%o0],%f24
-/* 0x0264 */ faddd %f0,%f4,%f0
-/* 0x0268 */ add %g2,6,%g2
-/* 0x026c */ faddd %f10,%f8,%f10
-/* 0x0270 */ fmuld %f14,%f18,%f4
-/* 0x0274 */ std %f0,[%o1+%i3]
-/* 0x0278 250 */ add %o2,32,%o1
-/* 0x027c 252 */ ldd [%i5+%o0],%f8
-/* 0x0280 */ fmuld %f6,%f20,%f6
-/* 0x0284 250 */ add %o0,8,%o0
-/* 0x0288 252 */ ldd [%o1+%i3],%f0
-/* 0x028c */ ldd [%i4+%o0],%f14
-/* 0x0290 */ faddd %f2,%f10,%f2
-/* 0x0294 */ faddd %f4,%f6,%f10
-/* 0x0298 */ fmuld %f12,%f18,%f4
-/* 0x029c */ std %f2,[%o2+%i3]
-/* 0x02a0 250 */ add %o2,48,%o2
-/* 0x02a4 252 */ ldd [%i5+%o0],%f6
-/* 0x02a8 */ fmuld %f22,%f20,%f22
-/* 0x02ac 250 */ add %o0,8,%o0
-/* 0x02b0 252 */ ldd [%o2+%i3],%f2
-/* 0x02b4 */ ldd [%i4+%o0],%f12
-/* 0x02b8 */ faddd %f26,%f10,%f10
-/* 0x02bc */ std %f10,[%l6+%i3]
-/* 0x02c0 */ fmuld %f24,%f18,%f10
-/* 0x02c4 */ ble,pt %icc,.L900000639
-/* 0x02c8 */ faddd %f4,%f22,%f4
- .L900000642:
-/* 0x02cc 252 */ fmuld %f8,%f20,%f24
-/* 0x02d0 */ faddd %f0,%f4,%f8
-/* 0x02d4 250 */ add %o2,16,%o3
-/* 0x02d8 252 */ ldd [%o3+%i3],%f4
-/* 0x02dc */ fmuld %f14,%f18,%f0
-/* 0x02e0 */ cmp %l5,%i1
-/* 0x02e4 */ std %f8,[%o1+%i3]
-/* 0x02e8 */ fmuld %f12,%f18,%f8
-/* 0x02ec 250 */ add %o2,32,%o1
-/* 0x02f0 252 */ faddd %f10,%f24,%f12
-/* 0x02f4 */ ldd [%i5+%o0],%f22
-/* 0x02f8 */ fmuld %f6,%f20,%f6
-/* 0x02fc */ add %g2,8,%g2
-/* 0x0300 */ fmuld %f22,%f20,%f10
-/* 0x0304 */ faddd %f2,%f12,%f2
-/* 0x0308 */ faddd %f0,%f6,%f6
-/* 0x030c */ ldd [%o1+%i3],%f0
-/* 0x0310 */ std %f2,[%o2+%i3]
-/* 0x0314 */ faddd %f8,%f10,%f2
-/* 0x0318 */ sra %l5,0,%o2
-/* 0x031c */ sllx %o2,3,%o0
-/* 0x0320 */ faddd %f4,%f6,%f4
-/* 0x0324 */ std %f4,[%o3+%i3]
-/* 0x0328 */ faddd %f0,%f2,%f0
-/* 0x032c */ std %f0,[%o1+%i3]
-/* 0x0330 */ bg,a,pn %icc,.L77000213
-/* 0x0334 */ srl %i2,31,%o3
- .L77000284:
-/* 0x0338 252 */ ldd [%i4+%o0],%f2
- .L900000655:
-/* 0x033c 252 */ ldd [%i5+%o0],%f0
-/* 0x0340 */ fmuld %f2,%f18,%f2
-/* 0x0344 */ sra %g2,0,%o0
-/* 0x0348 */ sllx %o0,3,%o1
-/* 0x034c */ add %l5,1,%l5
-/* 0x0350 */ fmuld %f0,%f20,%f4
-/* 0x0354 */ ldd [%o1+%i3],%f0
-/* 0x0358 */ sra %l5,0,%o2
-/* 0x035c */ sllx %o2,3,%o0
-/* 0x0360 */ add %g2,2,%g2
-/* 0x0364 */ cmp %l5,%i1
-/* 0x0368 */ faddd %f2,%f4,%f2
-/* 0x036c */ faddd %f0,%f2,%f0
-/* 0x0370 */ std %f0,[%o1+%i3]
-/* 0x0374 */ ble,a,pt %icc,.L900000655
-/* 0x0378 */ ldd [%i4+%o0],%f2
- .L900000626:
-/* 0x037c */ srl %i2,31,%o3
-/* 0x0380 252 */ ba .L900000654
-/* 0x0384 */ cmp %g3,30
- .L77000213:
-/* 0x0388 254 */ cmp %g3,30
- .L900000654:
-/* 0x038c */ add %i2,%o3,%o0
-/* 0x0390 254 */ bne,a,pt %icc,.L900000653
-/* 0x0394 */ fdtox %f16,%f0
-/* 0x0398 281 */ sra %o0,1,%g2
-/* 0x039c */ add %g2,1,%g2
-/* 0x03a0 */ ldd [%o7],%f0
-/* 0x03a4 */ sll %g2,1,%o1
-/* 0x03a8 */ sll %g1,1,%g2
-/* 0x03ac */ or %g0,%o1,%o2
-/* 0x03b0 */ fmovd %f0,%f2
-/* 0x03b4 */ or %g0,%g2,%o0
-/* 0x03b8 */ cmp %o1,%o0
-/* 0x03bc */ sub %g2,1,%o0
-/* 0x03c0 */ bge,pt %icc,.L77000215
-/* 0x03c4 */ or %g0,0,%g3
-/* 0x03c8 254 */ add %o1,1,%o1
-/* 0x03cc 281 */ sra %o2,0,%g2
- .L900000652:
-/* 0x03d0 */ sllx %g2,3,%g2
-/* 0x03d4 */ ldd [%o7],%f6
-/* 0x03d8 */ add %o2,2,%o2
-/* 0x03dc */ sra %o1,0,%g3
-/* 0x03e0 */ ldd [%g2+%l4],%f8
-/* 0x03e4 */ cmp %o2,%o0
-/* 0x03e8 */ sllx %g3,3,%g3
-/* 0x03ec */ add %o1,2,%o1
-/* 0x03f0 */ ldd [%l4+%g3],%f10
-/* 0x03f4 */ fdtox %f8,%f12
-/* 0x03f8 */ fdtox %f10,%f4
-/* 0x03fc */ fmovd %f12,%f8
-/* 0x0400 */ fmovs %f6,%f12
-/* 0x0404 */ fmovs %f6,%f4
-/* 0x0408 */ fxtod %f12,%f6
-/* 0x040c */ fxtod %f4,%f12
-/* 0x0410 */ fdtox %f10,%f4
-/* 0x0414 */ faddd %f6,%f2,%f6
-/* 0x0418 */ std %f6,[%g2+%l4]
-/* 0x041c */ faddd %f12,%f0,%f6
-/* 0x0420 */ std %f6,[%l4+%g3]
-/* 0x0424 */ fitod %f8,%f2
-/* 0x0428 */ fitod %f4,%f0
-/* 0x042c */ ble,pt %icc,.L900000652
-/* 0x0430 */ sra %o2,0,%g2
- .L77000233:
-/* 0x0434 */ or %g0,0,%g3
- .L77000215:
-/* 0x0438 */ fdtox %f16,%f0
- .L900000653:
-/* 0x043c 256 */ ldd [%o7],%f6
-/* 0x0440 */ add %g4,1,%g4
-/* 0x0444 */ or %g0,%i0,%i2
-/* 0x0448 */ ldd [%o5],%f8
-/* 0x044c */ add %g3,1,%g3
-/* 0x0450 */ add %i3,8,%i3
-/* 0x0454 */ fmovs %f6,%f0
-/* 0x0458 */ ldd [%o4],%f10
-/* 0x045c */ ld [%sp+2223],%o0
-/* 0x0460 */ fxtod %f0,%f6
-/* 0x0464 */ cmp %i0,%o0
-/* 0x0468 */ fmuld %f6,%f30,%f6
-/* 0x046c */ fmuld %f6,%f8,%f8
-/* 0x0470 */ fdtox %f8,%f8
-/* 0x0474 */ fxtod %f8,%f8
-/* 0x0478 */ fmuld %f8,%f10,%f8
-/* 0x047c */ fsubd %f6,%f8,%f20
-/* 0x0480 */ ble,a,pt %icc,.L900000651
-/* 0x0484 */ ldd [%i5],%f6
- .L900000625:
-/* 0x0488 256 */ ba .L900000650
-/* 0x048c */ sllx %g5,3,%g2
- .L77000279:
-/* 0x0490 261 */ ldd [%i1],%f4
-/* 0x0494 */ ldd [%i2],%f6
-/* 0x0498 273 */ std %f0,[%i3+8]
-/* 0x049c */ std %f0,[%i3+16]
-/* 0x04a0 261 */ fmuld %f4,%f6,%f6
-/* 0x04a4 */ std %f6,[%i3]
-/* 0x04a8 273 */ std %f0,[%i3+24]
-/* 0x04ac */ std %f0,[%i3+32]
-/* 0x04b0 */ fdtox %f6,%f2
-/* 0x04b4 */ std %f0,[%i3+40]
-/* 0x04b8 */ std %f0,[%i3+48]
-/* 0x04bc */ std %f0,[%i3+56]
-/* 0x04c0 */ std %f0,[%i3+64]
-/* 0x04c4 */ fmovs %f0,%f2
-/* 0x04c8 */ std %f0,[%i3+72]
-/* 0x04cc */ std %f0,[%i3+80]
-/* 0x04d0 */ std %f0,[%i3+88]
-/* 0x04d4 */ std %f0,[%i3+96]
-/* 0x04d8 */ std %f0,[%i3+104]
-/* 0x04dc */ std %f0,[%i3+112]
-/* 0x04e0 */ std %f0,[%i3+120]
-/* 0x04e4 */ std %f0,[%i3+128]
-/* 0x04e8 */ std %f0,[%i3+136]
-/* 0x04ec */ std %f0,[%i3+144]
-/* 0x04f0 */ std %f0,[%i3+152]
-/* 0x04f4 */ std %f0,[%i3+160]
-/* 0x04f8 */ std %f0,[%i3+168]
-/* 0x04fc */ fxtod %f2,%f6
-/* 0x0500 */ std %f0,[%i3+176]
-/* 0x0504 281 */ or %g0,1,%o2
-/* 0x0508 273 */ std %f0,[%i3+184]
-
-! 282 ! {
-! 284 ! m2j=pdm2[j];
-! 285 ! a=pdtj[0]+pdn_0*digit;
-! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-
-/* 0x050c 286 */ sra %o2,0,%g2
-/* 0x0510 279 */ or %g0,%i3,%o3
-/* 0x0514 273 */ std %f0,[%i3+192]
-/* 0x0518 278 */ fmuld %f6,%f14,%f6
-/* 0x051c 281 */ or %g0,0,%g1
-/* 0x0520 273 */ std %f0,[%i3+200]
-/* 0x0524 */ std %f0,[%i3+208]
-/* 0x0528 */ std %f0,[%i3+216]
-/* 0x052c */ std %f0,[%i3+224]
-/* 0x0530 */ std %f0,[%i3+232]
-/* 0x0534 */ std %f0,[%i3+240]
-/* 0x0538 */ std %f0,[%i3+248]
-/* 0x053c */ std %f0,[%i3+256]
-/* 0x0540 */ std %f0,[%i3+264]
-/* 0x0544 */ std %f0,[%i3+272]
-/* 0x0548 */ std %f0,[%i3+280]
-/* 0x054c */ std %f0,[%i3+288]
-/* 0x0550 */ std %f0,[%i3+296]
-/* 0x0554 */ std %f0,[%i3+304]
-/* 0x0558 */ std %f0,[%i3+312]
-/* 0x055c */ std %f0,[%i3+320]
-/* 0x0560 */ std %f0,[%i3+328]
-/* 0x0564 */ std %f0,[%i3+336]
-/* 0x0568 */ std %f0,[%i3+344]
-/* 0x056c */ std %f0,[%i3+352]
-/* 0x0570 */ std %f0,[%i3+360]
-/* 0x0574 */ std %f0,[%i3+368]
-/* 0x0578 */ std %f0,[%i3+376]
-/* 0x057c */ std %f0,[%i3+384]
-/* 0x0580 */ std %f0,[%i3+392]
-/* 0x0584 */ std %f0,[%i3+400]
-/* 0x0588 */ std %f0,[%i3+408]
-/* 0x058c */ std %f0,[%i3+416]
-/* 0x0590 */ std %f0,[%i3+424]
-/* 0x0594 */ std %f0,[%i3+432]
-/* 0x0598 */ std %f0,[%i3+440]
-/* 0x059c */ std %f0,[%i3+448]
-/* 0x05a0 */ std %f0,[%i3+456]
-/* 0x05a4 */ std %f0,[%i3+464]
-/* 0x05a8 */ std %f0,[%i3+472]
-/* 0x05ac */ std %f0,[%i3+480]
-/* 0x05b0 */ std %f0,[%i3+488]
-/* 0x05b4 */ std %f0,[%i3+496]
-/* 0x05b8 278 */ ldd [%o5],%f8
-/* 0x05bc */ ldd [%o4],%f10
-/* 0x05c0 */ fmuld %f6,%f8,%f8
-/* 0x05c4 273 */ std %f0,[%i3+504]
-/* 0x05c8 */ std %f0,[%i3+512]
-/* 0x05cc */ std %f0,[%i3+520]
-/* 0x05d0 */ fdtox %f8,%f8
-/* 0x05d4 275 */ ldd [%o0],%f0
-/* 0x05d8 */ fxtod %f8,%f8
-/* 0x05dc */ fmuld %f8,%f10,%f8
-/* 0x05e0 */ fsubd %f6,%f8,%f2
-
-! 287 ! pdtj[1]=b;
-! 289 ! /**** this loop will be fully unrolled:
-! 290 ! for(i=1;i<16;i++)
-! 291 ! {
-! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 293 ! }
-! 294 ! *************************************/
-! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-! 310 ! /* no need for cleenup, cannot overflow */
-! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-
- fmovd %f2,%f0 ! hand modified
- fmovd %f30,%f18 ! hand modified
- ldd [%o0],%f2
- ldd [%o3],%f8
- ldd [%i1],%f10
- ldd [%o5],%f14 ! hand modified
- ldd [%o4],%f16 ! hand modified
- ldd [%i2],%f24
-
- ldd [%i1+8],%f26
- ldd [%i1+16],%f40
- ldd [%i1+48],%f46
- ldd [%i1+56],%f30
- ldd [%i1+64],%f54
- ldd [%i1+104],%f34
- ldd [%i1+112],%f58
-
- ldd [%o0+8],%f28
- ldd [%o0+104],%f38
- ldd [%o0+112],%f60
-
- .L99999999: !1
- ldd [%i1+24],%f32
- fmuld %f0,%f2,%f4 !2
- ldd [%o0+24],%f36
- fmuld %f26,%f24,%f20 !3
- ldd [%i1+40],%f42
- fmuld %f28,%f0,%f22 !4
- ldd [%o0+40],%f44
- fmuld %f32,%f24,%f32 !5
- ldd [%i2+8],%f6
- faddd %f4,%f8,%f4
- fmuld %f36,%f0,%f36 !6
- add %i2,8,%i2
- ldd [%o0+56],%f50
- fmuld %f42,%f24,%f42 !7
- ldd [%i1+72],%f52
- faddd %f20,%f22,%f20
- fmuld %f44,%f0,%f44 !8
- ldd [%o3+16],%f22
- fmuld %f10,%f6,%f12 !9
- ldd [%o0+72],%f56
- faddd %f32,%f36,%f32
- fmuld %f14,%f4,%f4 !10
- ldd [%o3+48],%f36
- fmuld %f30,%f24,%f48 !11
- ldd [%o3+8],%f8
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !12
- std %f20,[%o3+16]
- faddd %f42,%f44,%f42
- fmuld %f52,%f24,%f52 !13
- ldd [%o3+80],%f44
- faddd %f4,%f12,%f4
- fmuld %f56,%f0,%f56 !14
- ldd [%i1+88],%f20
- faddd %f32,%f36,%f32 !15
- ldd [%o0+88],%f22
- faddd %f48,%f50,%f48 !16
- ldd [%o3+112],%f50
- faddd %f52,%f56,%f52 !17
- ldd [%o3+144],%f56
- faddd %f4,%f8,%f8
- fmuld %f20,%f24,%f20 !18
- std %f32,[%o3+48]
- faddd %f42,%f44,%f42
- fmuld %f22,%f0,%f22 !19
- std %f42,[%o3+80]
- faddd %f48,%f50,%f48
- fmuld %f34,%f24,%f32 !20
- std %f48,[%o3+112]
- faddd %f52,%f56,%f52
- fmuld %f38,%f0,%f36 !21
- ldd [%i1+120],%f42
- fdtox %f8,%f4 !22
- std %f52,[%o3+144]
- faddd %f20,%f22,%f20 !23
- ldd [%o0+120],%f44 !24
- ldd [%o3+176],%f22
- faddd %f32,%f36,%f32
- fmuld %f42,%f24,%f42 !25
- ldd [%o0+16],%f50
- fmovs %f17,%f4 !26
- ldd [%i1+32],%f52
- fmuld %f44,%f0,%f44 !27
- ldd [%o0+32],%f56
- fmuld %f40,%f24,%f48 !28
- ldd [%o3+208],%f36
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !29
- std %f20,[%o3+176]
- fxtod %f4,%f4
- fmuld %f52,%f24,%f52 !30
- ldd [%o0+48],%f22
- faddd %f42,%f44,%f42
- fmuld %f56,%f0,%f56 !31
- ldd [%o3+240],%f44
- faddd %f32,%f36,%f32 !32
- std %f32,[%o3+208]
- faddd %f48,%f50,%f48
- fmuld %f46,%f24,%f20 !33
- ldd [%o3+32],%f50
- fmuld %f4,%f18,%f12 !34
- ldd [%o0+64],%f36
- faddd %f52,%f56,%f52
- fmuld %f22,%f0,%f22 !35
- ldd [%o3+64],%f56
- faddd %f42,%f44,%f42 !36
- std %f42,[%o3+240]
- faddd %f48,%f50,%f48
- fmuld %f54,%f24,%f32 !37
- std %f48,[%o3+32]
- fmuld %f12,%f14,%f4 !38
- ldd [%i1+80],%f42
- faddd %f52,%f56,%f56 ! yes, tmp52!
- fmuld %f36,%f0,%f36 !39
- ldd [%o0+80],%f44
- faddd %f20,%f22,%f20 !40
- ldd [%i1+96],%f48
- fmuld %f58,%f24,%f52 !41
- ldd [%o0+96],%f50
- fdtox %f4,%f4
- fmuld %f42,%f24,%f42 !42
- std %f56,[%o3+64] ! yes, tmp52!
- faddd %f32,%f36,%f32
- fmuld %f44,%f0,%f44 !43
- ldd [%o3+96],%f22
- fmuld %f48,%f24,%f48 !44
- ldd [%o3+128],%f36
- fmovd %f6,%f24
- fmuld %f50,%f0,%f50 !45
- fxtod %f4,%f4
- fmuld %f60,%f0,%f56 !46
- add %o3,8,%o3
- faddd %f42,%f44,%f42 !47
- ldd [%o3+160-8],%f44
- faddd %f20,%f22,%f20 !48
- std %f20,[%o3+96-8]
- faddd %f48,%f50,%f48 !49
- ldd [%o3+192-8],%f50
- faddd %f52,%f56,%f52
- fmuld %f4,%f16,%f4 !50
- ldd [%o3+224-8],%f56
- faddd %f32,%f36,%f32 !51
- std %f32,[%o3+128-8]
- faddd %f42,%f44,%f42 !52
- add %g1,1,%g1
- std %f42,[%o3+160-8]
- faddd %f48,%f50,%f48 !53
- cmp %g1,31
- std %f48,[%o3+192-8]
- fsubd %f12,%f4,%f0 !54
- faddd %f52,%f56,%f52
- ble,pt %icc,.L99999999
- std %f52,[%o3+224-8] !55
- std %f8,[%o3]
-! 312 ! }
-! 313 ! }
-! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
-/* 0x0844 315 */ sllx %g5,3,%g2
- .L900000650:
-/* 0x0848 315 */ ldd [%g2+%l4],%f2
-/* 0x084c */ add %l4,%g2,%o0
-/* 0x0850 */ or %g0,0,%g1
-/* 0x0854 */ ldd [%o0+8],%f4
-/* 0x0858 */ or %g0,0,%i2
-/* 0x085c */ cmp %l0,0
-/* 0x0860 */ fdtox %f2,%f2
-/* 0x0864 */ std %f2,[%sp+2255]
-/* 0x0868 311 */ sethi %hi(0xfc00),%o3
-/* 0x086c 315 */ fdtox %f4,%f2
-/* 0x0870 */ std %f2,[%sp+2247]
-/* 0x0874 311 */ or %g0,-1,%o2
-/* 0x0878 */ srl %o2,0,%o5
-/* 0x087c */ or %g0,2,%g5
-/* 0x0880 */ sub %l0,1,%g3
-/* 0x0884 */ or %g0,%o0,%o7
-/* 0x0888 */ add %o3,1023,%o4
-/* 0x088c 315 */ or %g0,64,%o3
-/* 0x0890 */ ldx [%sp+2255],%i0
-/* 0x0894 */ sub %l0,2,%o1
-/* 0x0898 */ ldx [%sp+2247],%i1
-/* 0x089c */ ble,pt %icc,.L900000648
-/* 0x08a0 */ sethi %hi(0xfc00),%g2
-/* 0x08a4 */ cmp %l0,6
-/* 0x08a8 */ and %i0,%o5,%o2
-/* 0x08ac */ bl,pn %icc,.L77000287
-/* 0x08b0 */ or %g0,3,%g4
-/* 0x08b4 */ ldd [%o7+16],%f0
-/* 0x08b8 */ and %i1,%o4,%i3
-/* 0x08bc */ sllx %i3,16,%o0
-/* 0x08c0 */ or %g0,5,%g4
-/* 0x08c4 */ srax %i1,16,%i4
-/* 0x08c8 */ fdtox %f0,%f0
-/* 0x08cc */ std %f0,[%sp+2239]
-/* 0x08d0 */ srax %i0,32,%i1
-/* 0x08d4 */ add %o2,%o0,%i5
-/* 0x08d8 */ ldd [%o7+24],%f0
-/* 0x08dc */ and %i5,%o5,%l1
-/* 0x08e0 */ or %g0,72,%o2
-/* 0x08e4 */ or %g0,4,%o0
-/* 0x08e8 */ or %g0,4,%g5
-/* 0x08ec */ ldx [%sp+2239],%g1
-/* 0x08f0 */ fdtox %f0,%f0
-/* 0x08f4 */ or %g0,4,%i2
-/* 0x08f8 */ std %f0,[%sp+2231]
-/* 0x08fc */ ldd [%o7+40],%f2
-/* 0x0900 */ and %g1,%o5,%i3
-/* 0x0904 */ ldd [%o7+32],%f0
-/* 0x0908 */ srax %g1,32,%g1
-/* 0x090c */ ldd [%o7+56],%f4
-/* 0x0910 */ fdtox %f2,%f2
-/* 0x0914 */ ldx [%sp+2231],%g2
-/* 0x0918 */ fdtox %f0,%f0
-/* 0x091c */ st %l1,[%l2]
-/* 0x0920 */ srax %i5,32,%l1
-/* 0x0924 */ fdtox %f4,%f4
-/* 0x0928 */ std %f2,[%sp+2231]
-/* 0x092c */ and %g2,%o4,%i5
-/* 0x0930 */ add %i4,%l1,%i4
-/* 0x0934 */ std %f0,[%sp+2239]
-/* 0x0938 */ sllx %i5,16,%i0
-/* 0x093c */ add %i1,%i4,%i1
-/* 0x0940 */ ldd [%o7+48],%f2
-/* 0x0944 */ srax %g2,16,%g2
-/* 0x0948 */ add %i3,%i0,%i0
-/* 0x094c */ ldd [%o7+72],%f0
-/* 0x0950 */ add %i0,%i1,%i3
-/* 0x0954 */ srax %i3,32,%i4
-/* 0x0958 */ fdtox %f2,%f2
-/* 0x095c */ and %i3,%o5,%i3
-/* 0x0960 */ ldx [%sp+2231],%i1
-/* 0x0964 */ add %g2,%i4,%g2
-/* 0x0968 */ ldx [%sp+2239],%i0
-/* 0x096c */ add %g1,%g2,%g1
-/* 0x0970 */ std %f2,[%sp+2239]
-/* 0x0974 */ std %f4,[%sp+2231]
-/* 0x0978 */ ldd [%o7+64],%f2
-/* 0x097c */ st %i3,[%l2+4]
- .L900000631:
-/* 0x0980 */ ldx [%sp+2231],%i3
-/* 0x0984 */ add %i2,2,%i2
-/* 0x0988 */ add %g4,4,%g4
-/* 0x098c */ ldx [%sp+2239],%i5
-/* 0x0990 */ add %o2,16,%o2
-/* 0x0994 */ and %i1,%o4,%g2
-/* 0x0998 */ sllx %g2,16,%i4
-/* 0x099c */ and %i0,%o5,%g2
-/* 0x09a0 */ ldd [%o7+%o2],%f4
-/* 0x09a4 */ fdtox %f0,%f0
-/* 0x09a8 */ std %f0,[%sp+2231]
-/* 0x09ac */ srax %i1,16,%i1
-/* 0x09b0 */ add %g2,%i4,%g2
-/* 0x09b4 */ fdtox %f2,%f0
-/* 0x09b8 */ add %o3,16,%o3
-/* 0x09bc */ std %f0,[%sp+2239]
-/* 0x09c0 */ add %g2,%g1,%g1
-/* 0x09c4 */ ldd [%o7+%o3],%f2
-/* 0x09c8 */ srax %g1,32,%i4
-/* 0x09cc */ cmp %i2,%o1
-/* 0x09d0 */ srax %i0,32,%g2
-/* 0x09d4 */ add %i1,%i4,%i0
-/* 0x09d8 */ add %g2,%i0,%i4
-/* 0x09dc */ add %o0,4,%o0
-/* 0x09e0 */ and %g1,%o5,%g2
-/* 0x09e4 */ or %g0,%i5,%g1
-/* 0x09e8 */ st %g2,[%l2+%o0]
-/* 0x09ec */ add %g5,4,%g5
-/* 0x09f0 */ ldx [%sp+2231],%i1
-/* 0x09f4 */ ldx [%sp+2239],%i0
-/* 0x09f8 */ add %o2,16,%o2
-/* 0x09fc */ and %i3,%o4,%g2
-/* 0x0a00 */ sllx %g2,16,%i5
-/* 0x0a04 */ and %g1,%o5,%g2
-/* 0x0a08 */ ldd [%o7+%o2],%f0
-/* 0x0a0c */ fdtox %f4,%f4
-/* 0x0a10 */ std %f4,[%sp+2231]
-/* 0x0a14 */ srax %i3,16,%i3
-/* 0x0a18 */ add %g2,%i5,%g2
-/* 0x0a1c */ fdtox %f2,%f2
-/* 0x0a20 */ add %o3,16,%o3
-/* 0x0a24 */ std %f2,[%sp+2239]
-/* 0x0a28 */ add %g2,%i4,%g2
-/* 0x0a2c */ ldd [%o7+%o3],%f2
-/* 0x0a30 */ srax %g2,32,%i4
-/* 0x0a34 */ srax %g1,32,%g1
-/* 0x0a38 */ add %i3,%i4,%i3
-/* 0x0a3c */ add %g1,%i3,%g1
-/* 0x0a40 */ add %o0,4,%o0
-/* 0x0a44 */ and %g2,%o5,%g2
-/* 0x0a48 */ ble,pt %icc,.L900000631
-/* 0x0a4c */ st %g2,[%l2+%o0]
- .L900000634:
-/* 0x0a50 */ srax %i1,16,%i5
-/* 0x0a54 */ ldx [%sp+2231],%o1
-/* 0x0a58 */ and %i1,%o4,%i3
-/* 0x0a5c */ sllx %i3,16,%i3
-/* 0x0a60 */ ldx [%sp+2239],%i4
-/* 0x0a64 */ and %i0,%o5,%g2
-/* 0x0a68 */ add %g2,%i3,%g2
-/* 0x0a6c */ and %o1,%o4,%i3
-/* 0x0a70 */ fdtox %f0,%f4
-/* 0x0a74 */ sllx %i3,16,%i3
-/* 0x0a78 */ std %f4,[%sp+2231]
-/* 0x0a7c */ add %g2,%g1,%g2
-/* 0x0a80 */ srax %g2,32,%l1
-/* 0x0a84 */ and %i4,%o5,%i1
-/* 0x0a88 */ fdtox %f2,%f0
-/* 0x0a8c */ srax %i0,32,%g1
-/* 0x0a90 */ std %f0,[%sp+2239]
-/* 0x0a94 */ add %i5,%l1,%i0
-/* 0x0a98 */ srax %o1,16,%o1
-/* 0x0a9c */ add %g1,%i0,%i0
-/* 0x0aa0 */ add %o0,4,%g1
-/* 0x0aa4 */ add %i1,%i3,%o0
-/* 0x0aa8 */ and %g2,%o5,%g2
-/* 0x0aac */ st %g2,[%l2+%g1]
-/* 0x0ab0 */ add %o0,%i0,%o0
-/* 0x0ab4 */ srax %o0,32,%i3
-/* 0x0ab8 */ ldx [%sp+2231],%i1
-/* 0x0abc */ add %g1,4,%g1
-/* 0x0ac0 */ ldx [%sp+2239],%i0
-/* 0x0ac4 */ and %o0,%o5,%g2
-/* 0x0ac8 */ add %o1,%i3,%o1
-/* 0x0acc */ srax %i4,32,%o0
-/* 0x0ad0 */ cmp %i2,%g3
-/* 0x0ad4 */ st %g2,[%l2+%g1]
-/* 0x0ad8 */ bg,pn %icc,.L77000236
-/* 0x0adc */ add %o0,%o1,%g1
-/* 0x0ae0 */ add %g4,6,%g4
-/* 0x0ae4 */ add %g5,6,%g5
- .L77000287:
-/* 0x0ae8 */ sra %g5,0,%o1
- .L900000647:
-/* 0x0aec */ sllx %o1,3,%o2
-/* 0x0af0 */ and %i0,%o5,%o0
-/* 0x0af4 */ ldd [%o7+%o2],%f0
-/* 0x0af8 */ sra %g4,0,%o2
-/* 0x0afc */ and %i1,%o4,%o1
-/* 0x0b00 */ sllx %o2,3,%o2
-/* 0x0b04 */ add %g1,%o0,%o0
-/* 0x0b08 */ fdtox %f0,%f0
-/* 0x0b0c */ std %f0,[%sp+2239]
-/* 0x0b10 */ sllx %o1,16,%o1
-/* 0x0b14 */ add %o0,%o1,%o1
-/* 0x0b18 */ add %g5,2,%g5
-/* 0x0b1c */ ldd [%o7+%o2],%f0
-/* 0x0b20 */ srax %o1,32,%g1
-/* 0x0b24 */ and %o1,%o5,%o2
-/* 0x0b28 */ srax %i1,16,%o0
-/* 0x0b2c */ add %g4,2,%g4
-/* 0x0b30 */ fdtox %f0,%f0
-/* 0x0b34 */ std %f0,[%sp+2231]
-/* 0x0b38 */ sra %i2,0,%o1
-/* 0x0b3c */ sllx %o1,2,%o1
-/* 0x0b40 */ add %o0,%g1,%g2
-/* 0x0b44 */ srax %i0,32,%g1
-/* 0x0b48 */ add %i2,1,%i2
-/* 0x0b4c */ add %g1,%g2,%g1
-/* 0x0b50 */ cmp %i2,%g3
-/* 0x0b54 */ ldx [%sp+2239],%o3
-/* 0x0b58 */ ldx [%sp+2231],%i1
-/* 0x0b5c */ st %o2,[%l2+%o1]
-/* 0x0b60 */ or %g0,%o3,%i0
-/* 0x0b64 */ ble,pt %icc,.L900000647
-/* 0x0b68 */ sra %g5,0,%o1
- .L77000236:
-/* 0x0b6c */ sethi %hi(0xfc00),%g2
- .L900000648:
-/* 0x0b70 */ or %g0,-1,%o0
-/* 0x0b74 */ add %g2,1023,%g2
-/* 0x0b78 */ srl %o0,0,%g3
-/* 0x0b7c */ and %i1,%g2,%g2
-/* 0x0b80 */ and %i0,%g3,%g4
-/* 0x0b84 */ sllx %g2,16,%g2
-/* 0x0b88 */ add %g1,%g4,%g4
-/* 0x0b8c */ sra %i2,0,%g5
-/* 0x0b90 */ add %g4,%g2,%g4
-/* 0x0b94 */ sllx %g5,2,%g2
-/* 0x0b98 */ and %g4,%g3,%g3
-/* 0x0b9c */ st %g3,[%l2+%g2]
-
-! 317 ! adjust_montf_result(result,nint,nlen);
-
-/* 0x0ba0 317 */ sra %l0,0,%g4
-/* 0x0ba4 */ sllx %g4,2,%g2
-/* 0x0ba8 */ ld [%l2+%g2],%g2
-/* 0x0bac */ cmp %g2,0
-/* 0x0bb0 */ bleu,pn %icc,.L77000241
-/* 0x0bb4 */ or %g0,-1,%o1
-/* 0x0bb8 */ ba .L900000646
-/* 0x0bbc */ cmp %o1,0
- .L77000241:
-/* 0x0bc0 */ sub %l0,1,%o1
-/* 0x0bc4 */ cmp %o1,0
-/* 0x0bc8 */ bl,pn %icc,.L77000244
-/* 0x0bcc */ sra %o1,0,%g2
- .L900000645:
-/* 0x0bd0 */ sllx %g2,2,%g2
-/* 0x0bd4 */ sub %o1,1,%o0
-/* 0x0bd8 */ ld [%l3+%g2],%g3
-/* 0x0bdc */ ld [%l2+%g2],%g2
-/* 0x0be0 */ cmp %g2,%g3
-/* 0x0be4 */ bne,pn %icc,.L77000244
-/* 0x0be8 */ nop
-/* 0x0bec 0 */ or %g0,%o0,%o1
-/* 0x0bf0 317 */ cmp %o0,0
-/* 0x0bf4 */ bge,pt %icc,.L900000645
-/* 0x0bf8 */ sra %o1,0,%g2
- .L77000244:
-/* 0x0bfc */ cmp %o1,0
- .L900000646:
-/* 0x0c00 */ bl,pn %icc,.L77000288
-/* 0x0c04 */ sra %o1,0,%g2
-/* 0x0c08 */ sllx %g2,2,%g2
-/* 0x0c0c */ ld [%l3+%g2],%g3
-/* 0x0c10 */ ld [%l2+%g2],%g2
-/* 0x0c14 */ cmp %g2,%g3
-/* 0x0c18 */ bleu,pt %icc,.L77000224
-/* 0x0c1c */ nop
- .L77000288:
-/* 0x0c20 */ cmp %l0,0
-/* 0x0c24 */ ble,pt %icc,.L77000224
-/* 0x0c28 */ nop
-/* 0x0c2c 317 */ or %g0,-1,%g2
-/* 0x0c30 315 */ or %g0,0,%i0
-/* 0x0c34 317 */ srl %g2,0,%g2
-/* 0x0c38 315 */ or %g0,0,%g4
-/* 0x0c3c */ or %g0,0,%o1
-/* 0x0c40 317 */ sub %l0,1,%g5
-/* 0x0c44 */ cmp %l0,9
-/* 0x0c48 315 */ or %g0,8,%o5
-/* 0x0c4c */ bl,pn %icc,.L77000289
-/* 0x0c50 */ sub %l0,4,%o7
-/* 0x0c54 */ ld [%l2],%o1
-/* 0x0c58 */ or %g0,5,%i0
-/* 0x0c5c */ ld [%l3],%o2
-/* 0x0c60 */ or %g0,12,%o4
-/* 0x0c64 */ or %g0,16,%g1
-/* 0x0c68 */ ld [%l3+4],%o3
-/* 0x0c6c */ ld [%l2+4],%o0
-/* 0x0c70 */ sub %o1,%o2,%o1
-/* 0x0c74 */ ld [%l3+8],%i1
-/* 0x0c78 */ and %o1,%g2,%g4
-/* 0x0c7c */ st %g4,[%l2]
-/* 0x0c80 */ srax %o1,32,%g4
-/* 0x0c84 */ sub %o0,%o3,%o0
-/* 0x0c88 */ ld [%l3+12],%o2
-/* 0x0c8c */ add %o0,%g4,%o0
-/* 0x0c90 */ and %o0,%g2,%g4
-/* 0x0c94 */ st %g4,[%l2+4]
-/* 0x0c98 */ srax %o0,32,%o0
-/* 0x0c9c */ ld [%l2+8],%o1
-/* 0x0ca0 */ ld [%l2+12],%o3
-/* 0x0ca4 */ sub %o1,%i1,%o1
- .L900000635:
-/* 0x0ca8 */ add %g1,4,%g3
-/* 0x0cac */ ld [%g1+%l2],%g4
-/* 0x0cb0 */ add %o1,%o0,%o0
-/* 0x0cb4 */ ld [%l3+%g1],%i1
-/* 0x0cb8 */ sub %o3,%o2,%o1
-/* 0x0cbc */ and %o0,%g2,%o2
-/* 0x0cc0 */ st %o2,[%o5+%l2]
-/* 0x0cc4 */ srax %o0,32,%o2
-/* 0x0cc8 */ add %i0,4,%i0
-/* 0x0ccc */ add %g1,8,%o5
-/* 0x0cd0 */ ld [%g3+%l2],%o0
-/* 0x0cd4 */ add %o1,%o2,%o1
-/* 0x0cd8 */ ld [%l3+%g3],%o3
-/* 0x0cdc */ sub %g4,%i1,%o2
-/* 0x0ce0 */ and %o1,%g2,%g4
-/* 0x0ce4 */ st %g4,[%o4+%l2]
-/* 0x0ce8 */ srax %o1,32,%g4
-/* 0x0cec */ cmp %i0,%o7
-/* 0x0cf0 */ add %g1,12,%o4
-/* 0x0cf4 */ ld [%o5+%l2],%o1
-/* 0x0cf8 */ add %o2,%g4,%o2
-/* 0x0cfc */ ld [%l3+%o5],%i1
-/* 0x0d00 */ sub %o0,%o3,%o0
-/* 0x0d04 */ and %o2,%g2,%o3
-/* 0x0d08 */ st %o3,[%g1+%l2]
-/* 0x0d0c */ srax %o2,32,%g4
-/* 0x0d10 */ ld [%o4+%l2],%o3
-/* 0x0d14 */ add %g1,16,%g1
-/* 0x0d18 */ add %o0,%g4,%o0
-/* 0x0d1c */ ld [%l3+%o4],%o2
-/* 0x0d20 */ sub %o1,%i1,%o1
-/* 0x0d24 */ and %o0,%g2,%g4
-/* 0x0d28 */ st %g4,[%g3+%l2]
-/* 0x0d2c */ ble,pt %icc,.L900000635
-/* 0x0d30 */ srax %o0,32,%o0
- .L900000638:
-/* 0x0d34 */ add %o1,%o0,%g3
-/* 0x0d38 */ sub %o3,%o2,%o1
-/* 0x0d3c */ ld [%g1+%l2],%o0
-/* 0x0d40 */ ld [%l3+%g1],%o2
-/* 0x0d44 */ srax %g3,32,%o7
-/* 0x0d48 */ and %g3,%g2,%o3
-/* 0x0d4c */ add %o1,%o7,%o1
-/* 0x0d50 */ st %o3,[%o5+%l2]
-/* 0x0d54 */ cmp %i0,%g5
-/* 0x0d58 */ sub %o0,%o2,%o0
-/* 0x0d5c */ and %o1,%g2,%o2
-/* 0x0d60 */ st %o2,[%o4+%l2]
-/* 0x0d64 */ srax %o1,32,%o1
-/* 0x0d68 */ sra %i0,0,%o2
-/* 0x0d6c */ add %o0,%o1,%o0
-/* 0x0d70 */ srax %o0,32,%g4
-/* 0x0d74 */ and %o0,%g2,%o1
-/* 0x0d78 */ st %o1,[%g1+%l2]
-/* 0x0d7c */ bg,pn %icc,.L77000224
-/* 0x0d80 */ sllx %o2,2,%o1
- .L77000289:
-/* 0x0d84 0 */ or %g0,%o1,%g1
- .L900000644:
-/* 0x0d88 */ ld [%o1+%l2],%o0
-/* 0x0d8c */ add %i0,1,%i0
-/* 0x0d90 */ ld [%l3+%o1],%o1
-/* 0x0d94 */ sra %i0,0,%o2
-/* 0x0d98 */ cmp %i0,%g5
-/* 0x0d9c */ add %g4,%o0,%o0
-/* 0x0da0 */ sub %o0,%o1,%o0
-/* 0x0da4 */ srax %o0,32,%g4
-/* 0x0da8 */ and %o0,%g2,%o1
-/* 0x0dac */ st %o1,[%g1+%l2]
-/* 0x0db0 */ sllx %o2,2,%o1
-/* 0x0db4 */ ble,pt %icc,.L900000644
-/* 0x0db8 */ or %g0,%o1,%g1
- .L77000224:
-/* 0x0dbc */ ret ! Result =
-/* 0x0dc0 */ restore %g0,%g0,%g0
-/* 0x0dc4 0 */ .type mont_mulf_noconv,2
-/* 0x0dc4 */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
-
diff --git a/security/nss/lib/freebl/mpi/mp_gf2m.c b/security/nss/lib/freebl/mpi/mp_gf2m.c
deleted file mode 100644
index 93d419611..000000000
--- a/security/nss/lib/freebl/mpi/mp_gf2m.c
+++ /dev/null
@@ -1,570 +0,0 @@
-/*
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Multi-precision Binary Polynomial Arithmetic
- * Library.
- *
- * The Initial Developer of the Original Code is Sun Microsystems, Inc.
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Sheueling Chang Shantz <sheueling.chang@sun.com> and
- * Douglas Stebila <douglas@stebila.ca> of Sun Laboratories.
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- */
-
-#include "mp_gf2m.h"
-#include "mplogic.h"
-#include "mpi-priv.h"
-
-static const mp_digit SQR_tb[16] =
-{
- 0, 1, 4, 5, 16, 17, 20, 21,
- 64, 65, 68, 69, 80, 81, 84, 85
-};
-
-#if defined(MP_USE_UINT_DIGIT)
-#define MP_DIGIT_BITS 32
-
-/* Platform-specific macros for fast binary polynomial squaring. */
-
-#define gf2m_SQR1(w) \
- SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
- SQR_tb[(w) >> 20 & 0xF] << 8 | SQR_tb[(w) >> 16 & 0xF]
-#define gf2m_SQR0(w) \
- SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
- SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
-
-/* Multiply two binary polynomials mp_digits a, b.
- * Result is a polynomial with degree < 2 * MP_DIGIT_BITS - 1.
- * Output in two mp_digits rh, rl.
- */
-static void
-s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b)
-{
- register mp_digit h, l, s;
- mp_digit tab[8], top2b = a >> 30;
- register mp_digit a1, a2, a4;
-
- a1 = a & (0x3FFFFFFF); a2 = a1 << 1; a4 = a2 << 1;
-
- tab[0] = 0; tab[1] = a1; tab[2] = a2; tab[3] = a1^a2;
- tab[4] = a4; tab[5] = a1^a4; tab[6] = a2^a4; tab[7] = a1^a2^a4;
-
- s = tab[b & 0x7]; l = s;
- s = tab[b >> 3 & 0x7]; l ^= s << 3; h = s >> 29;
- s = tab[b >> 6 & 0x7]; l ^= s << 6; h ^= s >> 26;
- s = tab[b >> 9 & 0x7]; l ^= s << 9; h ^= s >> 23;
- s = tab[b >> 12 & 0x7]; l ^= s << 12; h ^= s >> 20;
- s = tab[b >> 15 & 0x7]; l ^= s << 15; h ^= s >> 17;
- s = tab[b >> 18 & 0x7]; l ^= s << 18; h ^= s >> 14;
- s = tab[b >> 21 & 0x7]; l ^= s << 21; h ^= s >> 11;
- s = tab[b >> 24 & 0x7]; l ^= s << 24; h ^= s >> 8;
- s = tab[b >> 27 & 0x7]; l ^= s << 27; h ^= s >> 5;
- s = tab[b >> 30 ]; l ^= s << 30; h ^= s >> 2;
-
- /* compensate for the top two bits of a */
-
- if (top2b & 01) { l ^= b << 30; h ^= b >> 2; }
- if (top2b & 02) { l ^= b << 31; h ^= b >> 1; }
-
- *rh = h; *rl = l;
-}
-#endif
-
-#if defined(MP_USE_LONG_DIGIT) || defined(MP_USE_LONG_LONG_DIGIT)
-#define MP_DIGIT_BITS 64
-#define MP_TOP_BIT
-
-/* Platform-specific fast binary polynomial squaring. */
-#define gf2m_SQR1(w) \
- SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
- SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
- SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
- SQR_tb[(w) >> 36 & 0xF] << 8 | SQR_tb[(w) >> 32 & 0xF]
-#define gf2m_SQR0(w) \
- SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
- SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
- SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
- SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
-
-/* Multiply two binary polynomials mp_digits a, b, output in rh, rl */
-static void
-s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b)
-{
- register mp_digit h, l, s;
- mp_digit tab[16], top3b = a >> 61;
- register mp_digit a1, a2, a4, a8;
-
- a1 = a & (0x1FFFFFFFFFFFFFFF); a2 = a1 << 1;
- a4 = a2 << 1; a8 = a4 << 1;
- tab[ 0] = 0; tab[ 1] = a1; tab[ 2] = a2; tab[ 3] = a1^a2;
- tab[ 4] = a4; tab[ 5] = a1^a4; tab[ 6] = a2^a4; tab[ 7] = a1^a2^a4;
- tab[ 8] = a8; tab[ 9] = a1^a8; tab[10] = a2^a8; tab[11] = a1^a2^a8;
- tab[12] = a4^a8; tab[13] = a1^a4^a8; tab[14] = a2^a4^a8; tab[15] = a1^a2^a4^a8;
-
- s = tab[b & 0xF]; l = s;
- s = tab[b >> 4 & 0xF]; l ^= s << 4; h = s >> 60;
- s = tab[b >> 8 & 0xF]; l ^= s << 8; h ^= s >> 56;
- s = tab[b >> 12 & 0xF]; l ^= s << 12; h ^= s >> 52;
- s = tab[b >> 16 & 0xF]; l ^= s << 16; h ^= s >> 48;
- s = tab[b >> 20 & 0xF]; l ^= s << 20; h ^= s >> 44;
- s = tab[b >> 24 & 0xF]; l ^= s << 24; h ^= s >> 40;
- s = tab[b >> 28 & 0xF]; l ^= s << 28; h ^= s >> 36;
- s = tab[b >> 32 & 0xF]; l ^= s << 32; h ^= s >> 32;
- s = tab[b >> 36 & 0xF]; l ^= s << 36; h ^= s >> 28;
- s = tab[b >> 40 & 0xF]; l ^= s << 40; h ^= s >> 24;
- s = tab[b >> 44 & 0xF]; l ^= s << 44; h ^= s >> 20;
- s = tab[b >> 48 & 0xF]; l ^= s << 48; h ^= s >> 16;
- s = tab[b >> 52 & 0xF]; l ^= s << 52; h ^= s >> 12;
- s = tab[b >> 56 & 0xF]; l ^= s << 56; h ^= s >> 8;
- s = tab[b >> 60 ]; l ^= s << 60; h ^= s >> 4;
-
- /* compensate for the top three bits of a */
-
- if (top3b & 01) { l ^= b << 61; h ^= b >> 3; }
- if (top3b & 02) { l ^= b << 62; h ^= b >> 2; }
- if (top3b & 04) { l ^= b << 63; h ^= b >> 1; }
-
- *rh = h; *rl = l;
-}
-#endif
-
-#if 0 /* to be used later */
-/* Compute xor-multiply of two binary polynomials (a1, a0) x (b1, b0)
- * result is a binary polynomial in 4 mp_digits r[4].
- * The caller MUST ensure that r has the right amount of space allocated.
- */
-static void
-s_bmul_2x2(mp_digit *r, const mp_digit a1, const mp_digit a0, const mp_digit b1,
- const mp_digit b0)
-{
- mp_digit m1, m0;
- /* r[3] = h1, r[2] = h0; r[1] = l1; r[0] = l0 */
- s_bmul_1x1(r+3, r+2, a1, b1);
- s_bmul_1x1(r+1, r, a0, b0);
- s_bmul_1x1(&m1, &m0, a0 ^ a1, b0 ^ b1);
- /* Correction on m1 ^= l1 ^ h1; m0 ^= l0 ^ h0; */
- r[2] ^= m1 ^ r[1] ^ r[3]; /* h0 ^= m1 ^ l1 ^ h1; */
- r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */
-}
-#endif /* 0 */
-
-/* Compute addition of two binary polynomials a and b,
- * store result in c; c could be a or b, a and b could be equal;
- * c is the bitwise XOR of a and b.
- */
-mp_err
-mp_badd(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_digit *pa, *pb, *pc;
- mp_size ix;
- mp_size used_pa, used_pb;
- mp_err res = MP_OKAY;
-
- /* Add all digits up to the precision of b. If b had more
- * precision than a initially, swap a, b first
- */
- if (MP_USED(a) >= MP_USED(b)) {
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- used_pa = MP_USED(a);
- used_pb = MP_USED(b);
- } else {
- pa = MP_DIGITS(b);
- pb = MP_DIGITS(a);
- used_pa = MP_USED(b);
- used_pb = MP_USED(a);
- }
-
- /* Make sure c has enough precision for the output value */
- MP_CHECKOK( s_mp_pad(c, used_pa) );
-
- /* Do word-by-word xor */
- pc = MP_DIGITS(c);
- for (ix = 0; ix < used_pb; ix++) {
- (*pc++) = (*pa++) ^ (*pb++);
- }
-
- /* Finish the rest of digits until we're actually done */
- for (; ix < used_pa; ++ix) {
- *pc++ = *pa++;
- }
-
- MP_USED(c) = used_pa;
- MP_SIGN(c) = ZPOS;
- s_mp_clamp(c);
-
-CLEANUP:
- return res;
-}
-
-#define s_mp_div2(a) MP_CHECKOK( mpl_rsh((a), (a), 1) );
-
-/* Compute binary polynomial multiply d = a * b */
-static void
-s_bmul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *d)
-{
- mp_digit a_i, a0b0, a1b1, carry = 0;
- while (a_len--) {
- a_i = *a++;
- s_bmul_1x1(&a1b1, &a0b0, a_i, b);
- *d++ = a0b0 ^ carry;
- carry = a1b1;
- }
- *d = carry;
-}
-
-/* Compute binary polynomial xor multiply accumulate d ^= a * b */
-static void
-s_bmul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *d)
-{
- mp_digit a_i, a0b0, a1b1, carry = 0;
- while (a_len--) {
- a_i = *a++;
- s_bmul_1x1(&a1b1, &a0b0, a_i, b);
- *d++ ^= a0b0 ^ carry;
- carry = a1b1;
- }
- *d ^= carry;
-}
-
-/* Compute binary polynomial xor multiply c = a * b.
- * All parameters may be identical.
- */
-mp_err
-mp_bmul(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_digit *pb, b_i;
- mp_int tmp;
- mp_size ib, a_used, b_used;
- mp_err res = MP_OKAY;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (a == c) {
- MP_CHECKOK( mp_init_copy(&tmp, a) );
- if (a == b)
- b = &tmp;
- a = &tmp;
- } else if (b == c) {
- MP_CHECKOK( mp_init_copy(&tmp, b) );
- b = &tmp;
- } else MP_DIGITS(&tmp) = 0;
-
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = b; /* switch a and b if b longer */
- b = a;
- a = xch;
- }
-
- MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
- MP_CHECKOK( s_mp_pad(c, USED(a) + USED(b)) );
-
- pb = MP_DIGITS(b);
- s_bmul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c));
-
- /* Outer loop: Digits of b */
- a_used = MP_USED(a);
- b_used = MP_USED(b);
- for (ib = 1; ib < b_used; ib++) {
- b_i = *pb++;
-
- /* Inner product: Digits of a */
- if (b_i)
- s_bmul_d_add(MP_DIGITS(a), a_used, b_i, MP_DIGITS(c) + ib);
- else
- MP_DIGIT(c, ib + a_used) = b_i;
- }
-
- s_mp_clamp(c);
-
- SIGN(c) = ZPOS;
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-}
-
-
-/* Compute modular reduction of a and store result in r.
- * r could be a.
- * For modular arithmetic, the irreducible polynomial f(t) is represented
- * as an array of int[], where f(t) is of the form:
- * f(t) = t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-int
-mp_bmod(const mp_int *a, const unsigned int p[], mp_int *r)
-{
- int j, k;
- int n, dN, d0, d1;
- mp_digit zz, *z, tmp;
- mp_size used;
- mp_err res = MP_OKAY;
-
- /* The algorithm does the reduction in place in r,
- * if a != r, copy a into r first so reduction can be done in r
- */
- if (a != r) {
- MP_CHECKOK( mp_copy(a, r) );
- }
- z = MP_DIGITS(r);
-
- /* start reduction */
- dN = p[0] / MP_DIGIT_BITS;
- used = MP_USED(r);
-
- for (j = used - 1; j > dN;) {
-
- zz = z[j];
- if (zz == 0) {
- j--; continue;
- }
- z[j] = 0;
-
- for (k = 1; p[k] > 0; k++) {
- /* reducing component t^p[k] */
- n = p[0] - p[k];
- d0 = n % MP_DIGIT_BITS;
- d1 = MP_DIGIT_BITS - d0;
- n /= MP_DIGIT_BITS;
- z[j-n] ^= (zz>>d0);
- if (d0)
- z[j-n-1] ^= (zz<<d1);
- }
-
- /* reducing component t^0 */
- n = dN;
- d0 = p[0] % MP_DIGIT_BITS;
- d1 = MP_DIGIT_BITS - d0;
- z[j-n] ^= (zz >> d0);
- if (d0)
- z[j-n-1] ^= (zz << d1);
-
- }
-
- /* final round of reduction */
- while (j == dN) {
-
- d0 = p[0] % MP_DIGIT_BITS;
- zz = z[dN] >> d0;
- if (zz == 0) break;
- d1 = MP_DIGIT_BITS - d0;
-
- /* clear up the top d1 bits */
- if (d0) z[dN] = (z[dN] << d1) >> d1;
- *z ^= zz; /* reduction t^0 component */
-
- for (k = 1; p[k] > 0; k++) {
- /* reducing component t^p[k]*/
- n = p[k] / MP_DIGIT_BITS;
- d0 = p[k] % MP_DIGIT_BITS;
- d1 = MP_DIGIT_BITS - d0;
- z[n] ^= (zz << d0);
- tmp = zz >> d1;
- if (d0 && tmp)
- z[n+1] ^= tmp;
- }
- }
-
- s_mp_clamp(r);
-CLEANUP:
- return res;
-}
-
-/* Compute the product of two polynomials a and b, reduce modulo p,
- * Store the result in r. r could be a or b; a could be b.
- */
-mp_err
-mp_bmulmod(const mp_int *a, const mp_int *b, const unsigned int p[], mp_int *r)
-{
- mp_err res;
-
- if (a == b) return mp_bsqrmod(a, p, r);
- if ((res = mp_bmul(a, b, r) ) != MP_OKAY)
- return res;
- return mp_bmod(r, p, r);
-}
-
-/* Compute binary polynomial squaring c = a*a mod p .
- * Parameter r and a can be identical.
- */
-
-mp_err
-mp_bsqrmod(const mp_int *a, const unsigned int p[], mp_int *r)
-{
- mp_digit *pa, *pr, a_i;
- mp_int tmp;
- mp_size ia, a_used;
- mp_err res;
-
- ARGCHK(a != NULL && r != NULL, MP_BADARG);
-
- if (a == r) {
- MP_CHECKOK( mp_init_copy(&tmp, a) );
- a = &tmp;
- } else MP_DIGITS(&tmp) = 0;
-
- MP_USED(r) = 1; MP_DIGIT(r, 0) = 0;
- MP_CHECKOK( s_mp_pad(r, 2*USED(a)) );
-
- pa = MP_DIGITS(a);
- pr = MP_DIGITS(r);
- a_used = MP_USED(a);
-
- for (ia = 0; ia < a_used; ia++) {
- a_i = *pa++;
- *pr++ = gf2m_SQR0(a_i);
- *pr++ = gf2m_SQR1(a_i);
- }
-
- MP_CHECKOK( mp_bmod(r, p, r) );
- s_mp_clamp(r);
- SIGN(r) = ZPOS;
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-}
-
-/* Compute binary polynomial y/x mod p, y divided by x, reduce modulo p.
- * Store the result in r. r could be x or y, and x could equal y.
- * Uses algorithm Modular_Division_GF(2^m) from
- * Chang-Shantz, S. "From Euclid's GCD to Montgomery Multiplication to
- * the Great Divide".
- */
-int
-mp_bdivmod(const mp_int *y, const mp_int *x, const mp_int *pp,
- const unsigned int p[], mp_int *r)
-{
- mp_int aa, bb, uu;
- mp_int *a, *b, *u, *v;
- mp_err res = MP_OKAY;
-
- MP_CHECKOK( mp_init_copy(&aa, x) );
- MP_CHECKOK( mp_init_copy(&uu, y) );
- MP_CHECKOK( mp_init_copy(&bb, pp) );
- MP_CHECKOK( s_mp_pad(r, USED(pp)) );
- MP_USED(r) = 1; MP_DIGIT(r, 0) = 0;
-
- a = &aa; b= &bb; u=&uu; v=r;
- /* reduce x and y mod p */
- MP_CHECKOK( mp_bmod(a, p, a) );
- MP_CHECKOK( mp_bmod(u, p, u) );
-
- while (!mp_isodd(a)) {
- s_mp_div2(a);
- if (mp_isodd(u)) {
- MP_CHECKOK( mp_badd(u, pp, u) );
- }
- s_mp_div_2(u);
- }
-
- do {
- if (mp_cmp_mag(b, a) > 0) {
- MP_CHECKOK( mp_badd(b, a, b) );
- MP_CHECKOK( mp_badd(v, u, v) );
- do {
- s_mp_div2(b);
- if (mp_isodd(v)) {
- MP_CHECKOK( mp_badd(v, pp, v) );
- }
- s_mp_div2(v);
- } while (!mp_isodd(b));
- }
- else if ((MP_DIGIT(a,0) == 1) && (MP_USED(a) == 1))
- break;
- else {
- MP_CHECKOK( mp_badd(a, b, a) );
- MP_CHECKOK( mp_badd(u, v, u) );
- do {
- s_mp_div2(a);
- if (mp_isodd(u)) {
- MP_CHECKOK( mp_badd(u, pp, u) );
- }
- s_mp_div2(u);
- } while (!mp_isodd(a));
- }
- } while (1);
-
- MP_CHECKOK( mp_copy(u, r) );
-
-CLEANUP:
- return res;
-
-}
-
-/* Convert the bit-string representation of a polynomial a into an array
- * of integers corresponding to the bits with non-zero coefficient.
- * Up to max elements of the array will be filled. Return value is total
- * number of coefficients that would be extracted if array was large enough.
- */
-int
-mp_bpoly2arr(const mp_int *a, unsigned int p[], int max)
-{
- int i, j, k;
- mp_digit top_bit, mask;
-
- top_bit = 1;
- top_bit <<= MP_DIGIT_BIT - 1;
-
- for (k = 0; k < max; k++) p[k] = 0;
- k = 0;
-
- for (i = MP_USED(a) - 1; i >= 0; i--) {
- mask = top_bit;
- for (j = MP_DIGIT_BIT - 1; j >= 0; j--) {
- if (MP_DIGITS(a)[i] & mask) {
- if (k < max) p[k] = MP_DIGIT_BIT * i + j;
- k++;
- }
- mask >>= 1;
- }
- }
-
- return k;
-}
-
-/* Convert the coefficient array representation of a polynomial to a
- * bit-string. The array must be terminated by 0.
- */
-mp_err
-mp_barr2poly(const unsigned int p[], mp_int *a)
-{
-
- mp_err res = MP_OKAY;
- int i;
-
- mp_zero(a);
- for (i = 0; p[i] > 0; i++) {
- MP_CHECKOK( mpl_set_bit(a, p[i], 1) );
- }
- MP_CHECKOK( mpl_set_bit(a, 0, 1) );
-
-CLEANUP:
- return MP_OKAY;
-}
diff --git a/security/nss/lib/freebl/mpi/mp_gf2m.h b/security/nss/lib/freebl/mpi/mp_gf2m.h
deleted file mode 100644
index c4268f142..000000000
--- a/security/nss/lib/freebl/mpi/mp_gf2m.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Multi-precision Binary Polynomial Arithmetic
- * Library.
- *
- * The Initial Developer of the Original Code is Sun Microsystems, Inc.
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Sheueling Chang Shantz <sheueling.chang@sun.com> and
- * Douglas Stebila <douglas@stebila.ca> of Sun Laboratories.
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- */
-
-#ifndef _MP_GF2M_H_
-#define _MP_GF2M_H_
-
-#include "mpi.h"
-
-mp_err mp_badd(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_bmul(const mp_int *a, const mp_int *b, mp_int *c);
-
-/* For modular arithmetic, the irreducible polynomial f(t) is represented
- * as an array of int[], where f(t) is of the form:
- * f(t) = t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-mp_err mp_bmod(const mp_int *a, const unsigned int p[], mp_int *r);
-mp_err mp_bmulmod(const mp_int *a, const mp_int *b, const unsigned int p[],
- mp_int *r);
-mp_err mp_bsqrmod(const mp_int *a, const unsigned int p[], mp_int *r);
-mp_err mp_bdivmod(const mp_int *y, const mp_int *x, const mp_int *pp,
- const unsigned int p[], mp_int *r);
-
-int mp_bpoly2arr(const mp_int *a, unsigned int p[], int max);
-mp_err mp_barr2poly(const unsigned int p[], mp_int *a);
-
-#endif /* _MP_GF2M_H_ */
diff --git a/security/nss/lib/freebl/mpi/mpi-config.h b/security/nss/lib/freebl/mpi/mpi-config.h
deleted file mode 100644
index bf573e254..000000000
--- a/security/nss/lib/freebl/mpi/mpi-config.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/* Default configuration for MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* $Id$ */
-
-#ifndef MPI_CONFIG_H_
-#define MPI_CONFIG_H_
-
-/*
- For boolean options,
- 0 = no
- 1 = yes
-
- Other options are documented individually.
-
- */
-
-#ifndef MP_IOFUNC
-#define MP_IOFUNC 0 /* include mp_print() ? */
-#endif
-
-#ifndef MP_MODARITH
-#define MP_MODARITH 1 /* include modular arithmetic ? */
-#endif
-
-#ifndef MP_NUMTH
-#define MP_NUMTH 1 /* include number theoretic functions? */
-#endif
-
-#ifndef MP_LOGTAB
-#define MP_LOGTAB 1 /* use table of logs instead of log()? */
-#endif
-
-#ifndef MP_MEMSET
-#define MP_MEMSET 1 /* use memset() to zero buffers? */
-#endif
-
-#ifndef MP_MEMCPY
-#define MP_MEMCPY 1 /* use memcpy() to copy buffers? */
-#endif
-
-#ifndef MP_CRYPTO
-#define MP_CRYPTO 1 /* erase memory on free? */
-#endif
-
-#ifndef MP_ARGCHK
-/*
- 0 = no parameter checks
- 1 = runtime checks, continue execution and return an error to caller
- 2 = assertions; dump core on parameter errors
- */
-#ifdef DEBUG
-#define MP_ARGCHK 2 /* how to check input arguments */
-#else
-#define MP_ARGCHK 1 /* how to check input arguments */
-#endif
-#endif
-
-#ifndef MP_DEBUG
-#define MP_DEBUG 0 /* print diagnostic output? */
-#endif
-
-#ifndef MP_DEFPREC
-#define MP_DEFPREC 64 /* default precision, in digits */
-#endif
-
-#ifndef MP_MACRO
-#define MP_MACRO 0 /* use macros for frequent calls? */
-#endif
-
-#ifndef MP_SQUARE
-#define MP_SQUARE 1 /* use separate squaring code? */
-#endif
-
-#endif /* ifndef MPI_CONFIG_H_ */
-
-
diff --git a/security/nss/lib/freebl/mpi/mpi-priv.h b/security/nss/lib/freebl/mpi/mpi-priv.h
deleted file mode 100644
index eaa683a77..000000000
--- a/security/nss/lib/freebl/mpi/mpi-priv.h
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * mpi-priv.h - Private header file for MPI
- * Arbitrary precision integer arithmetic library
- *
- * NOTE WELL: the content of this header file is NOT part of the "public"
- * API for the MPI library, and may change at any time.
- * Application programs that use libmpi should NOT include this header file.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-#ifndef _MPI_PRIV_H_
-#define _MPI_PRIV_H_ 1
-
-#include "mpi.h"
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-
-#if MP_DEBUG
-#include <stdio.h>
-
-#define DIAG(T,V) {fprintf(stderr,T);mp_print(V,stderr);fputc('\n',stderr);}
-#else
-#define DIAG(T,V)
-#endif
-
-/* If we aren't using a wired-in logarithm table, we need to include
- the math library to get the log() function
- */
-
-/* {{{ s_logv_2[] - log table for 2 in various bases */
-
-#if MP_LOGTAB
-/*
- A table of the logs of 2 for various bases (the 0 and 1 entries of
- this table are meaningless and should not be referenced).
-
- This table is used to compute output lengths for the mp_toradix()
- function. Since a number n in radix r takes up about log_r(n)
- digits, we estimate the output size by taking the least integer
- greater than log_r(n), where:
-
- log_r(n) = log_2(n) * log_r(2)
-
- This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
- which are the output bases supported.
- */
-
-extern const float s_logv_2[];
-#define LOG_V_2(R) s_logv_2[(R)]
-
-#else
-
-/*
- If MP_LOGTAB is not defined, use the math library to compute the
- logarithms on the fly. Otherwise, use the table.
- Pick which works best for your system.
- */
-
-#include <math.h>
-#define LOG_V_2(R) (log(2.0)/log(R))
-
-#endif /* if MP_LOGTAB */
-
-/* }}} */
-
-/* {{{ Digit arithmetic macros */
-
-/*
- When adding and multiplying digits, the results can be larger than
- can be contained in an mp_digit. Thus, an mp_word is used. These
- macros mask off the upper and lower digits of the mp_word (the
- mp_word may be more than 2 mp_digits wide, but we only concern
- ourselves with the low-order 2 mp_digits)
- */
-
-#define CARRYOUT(W) (mp_digit)((W)>>DIGIT_BIT)
-#define ACCUM(W) (mp_digit)(W)
-
-#define MP_MIN(a,b) (((a) < (b)) ? (a) : (b))
-#define MP_MAX(a,b) (((a) > (b)) ? (a) : (b))
-#define MP_HOWMANY(a,b) (((a) + (b) - 1)/(b))
-#define MP_ROUNDUP(a,b) (MP_HOWMANY(a,b) * (b))
-
-/* }}} */
-
-/* {{{ Comparison constants */
-
-#define MP_LT -1
-#define MP_EQ 0
-#define MP_GT 1
-
-/* }}} */
-
-/* {{{ private function declarations */
-
-/*
- If MP_MACRO is false, these will be defined as actual functions;
- otherwise, suitable macro definitions will be used. This works
- around the fact that ANSI C89 doesn't support an 'inline' keyword
- (although I hear C9x will ... about bloody time). At present, the
- macro definitions are identical to the function bodies, but they'll
- expand in place, instead of generating a function call.
-
- I chose these particular functions to be made into macros because
- some profiling showed they are called a lot on a typical workload,
- and yet they are primarily housekeeping.
- */
-#if MP_MACRO == 0
- void s_mp_setz(mp_digit *dp, mp_size count); /* zero digits */
- void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count); /* copy */
- void *s_mp_alloc(size_t nb, size_t ni); /* general allocator */
- void s_mp_free(void *ptr); /* general free function */
-extern unsigned long mp_allocs;
-extern unsigned long mp_frees;
-extern unsigned long mp_copies;
-#else
-
- /* Even if these are defined as macros, we need to respect the settings
- of the MP_MEMSET and MP_MEMCPY configuration options...
- */
- #if MP_MEMSET == 0
- #define s_mp_setz(dp, count) \
- {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=0;}
- #else
- #define s_mp_setz(dp, count) memset(dp, 0, (count) * sizeof(mp_digit))
- #endif /* MP_MEMSET */
-
- #if MP_MEMCPY == 0
- #define s_mp_copy(sp, dp, count) \
- {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=(sp)[ix];}
- #else
- #define s_mp_copy(sp, dp, count) memcpy(dp, sp, (count) * sizeof(mp_digit))
- #endif /* MP_MEMCPY */
-
- #define s_mp_alloc(nb, ni) calloc(nb, ni)
- #define s_mp_free(ptr) {if(ptr) free(ptr);}
-#endif /* MP_MACRO */
-
-mp_err s_mp_grow(mp_int *mp, mp_size min); /* increase allocated size */
-mp_err s_mp_pad(mp_int *mp, mp_size min); /* left pad with zeroes */
-
-#if MP_MACRO == 0
- void s_mp_clamp(mp_int *mp); /* clip leading zeroes */
-#else
- #define s_mp_clamp(mp)\
- { mp_size used = MP_USED(mp); \
- while (used > 1 && DIGIT(mp, used - 1) == 0) --used; \
- MP_USED(mp) = used; \
- }
-#endif /* MP_MACRO */
-
-void s_mp_exch(mp_int *a, mp_int *b); /* swap a and b in place */
-
-mp_err s_mp_lshd(mp_int *mp, mp_size p); /* left-shift by p digits */
-void s_mp_rshd(mp_int *mp, mp_size p); /* right-shift by p digits */
-mp_err s_mp_mul_2d(mp_int *mp, mp_digit d); /* multiply by 2^d in place */
-void s_mp_div_2d(mp_int *mp, mp_digit d); /* divide by 2^d in place */
-void s_mp_mod_2d(mp_int *mp, mp_digit d); /* modulo 2^d in place */
-void s_mp_div_2(mp_int *mp); /* divide by 2 in place */
-mp_err s_mp_mul_2(mp_int *mp); /* multiply by 2 in place */
-mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd);
- /* normalize for division */
-mp_err s_mp_add_d(mp_int *mp, mp_digit d); /* unsigned digit addition */
-mp_err s_mp_sub_d(mp_int *mp, mp_digit d); /* unsigned digit subtract */
-mp_err s_mp_mul_d(mp_int *mp, mp_digit d); /* unsigned digit multiply */
-mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r);
- /* unsigned digit divide */
-mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu);
- /* Barrett reduction */
-mp_err s_mp_add(mp_int *a, const mp_int *b); /* magnitude addition */
-mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err s_mp_sub(mp_int *a, const mp_int *b); /* magnitude subtract */
-mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset);
- /* a += b * RADIX^offset */
-mp_err s_mp_mul(mp_int *a, const mp_int *b); /* magnitude multiply */
-#if MP_SQUARE
-mp_err s_mp_sqr(mp_int *a); /* magnitude square */
-#else
-#define s_mp_sqr(a) s_mp_mul(a, a)
-#endif
-mp_err s_mp_div(mp_int *rem, mp_int *div, mp_int *quot); /* magnitude div */
-mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err s_mp_2expt(mp_int *a, mp_digit k); /* a = 2^k */
-int s_mp_cmp(const mp_int *a, const mp_int *b); /* magnitude comparison */
-int s_mp_cmp_d(const mp_int *a, mp_digit d); /* magnitude digit compare */
-int s_mp_ispow2(const mp_int *v); /* is v a power of 2? */
-int s_mp_ispow2d(mp_digit d); /* is d a power of 2? */
-
-int s_mp_tovalue(char ch, int r); /* convert ch to value */
-char s_mp_todigit(mp_digit val, int r, int low); /* convert val to digit */
-int s_mp_outlen(int bits, int r); /* output length in bytes */
-mp_digit s_mp_invmod_radix(mp_digit P); /* returns (P ** -1) mod RADIX */
-mp_err s_mp_invmod_odd_m( const mp_int *a, const mp_int *m, mp_int *c);
-mp_err s_mp_invmod_2d( const mp_int *a, mp_size k, mp_int *c);
-mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c);
-
-/* ------ mpv functions, operate on arrays of digits, not on mp_int's ------ */
-#if defined (__OS2__) && defined (__IBMC__)
-#define MPI_ASM_DECL __cdecl
-#else
-#define MPI_ASM_DECL
-#endif
-
-void MPI_ASM_DECL s_mpv_mul_d(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c);
-void MPI_ASM_DECL s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c);
-void MPI_ASM_DECL s_mpv_mul_d_add_prop(const mp_digit *a,
- mp_size a_len, mp_digit b,
- mp_digit *c);
-void MPI_ASM_DECL s_mpv_sqr_add_prop(const mp_digit *a,
- mp_size a_len,
- mp_digit *sqrs);
-
-mp_err MPI_ASM_DECL s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo,
- mp_digit divisor, mp_digit *quot, mp_digit *rem);
-
-/* c += a * b * (MP_RADIX ** offset); */
-#define s_mp_mul_d_add_offset(a, b, c, off) \
-(s_mpv_mul_d_add_prop(MP_DIGITS(a), MP_USED(a), b, MP_DIGITS(c) + off), MP_OKAY)
-
-/* }}} */
-#endif
-
diff --git a/security/nss/lib/freebl/mpi/mpi-test.c b/security/nss/lib/freebl/mpi/mpi-test.c
deleted file mode 100644
index ed3880631..000000000
--- a/security/nss/lib/freebl/mpi/mpi-test.c
+++ /dev/null
@@ -1,1973 +0,0 @@
-/*
- * mpi-test.c
- *
- * This is a general test suite for the MPI library, which tests
- * all the functions in the library with known values. The program
- * exits with a zero (successful) status if the tests pass, or a
- * nonzero status if the tests fail.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-#include "test-info.c"
-
-/* ZS means Zero Suppressed (no leading zeros) */
-#if MP_USE_LONG_DIGIT
-#define ZS_DIGIT_FMT "%lX"
-#elif MP_USE_LONG_LONG_DIGIT
-#define ZS_DIGIT_FMT "%llX"
-#elif MP_USE_UINT_DIGIT
-#define ZS_DIGIT_FMT "%X"
-#else
-#error "unknown type of digit"
-#endif
-
-/*
- Test vectors
-
- If you intend to change any of these values, you must also recompute
- the corresponding solutions below. Basically, these are just hex
- strings (for the big integers) or integer values (for the digits).
-
- The comparison tests think they know what relationships hold between
- these values. If you change that, you may have to adjust the code
- for the comparison tests accordingly. Most of the other tests
- should be fine as long as you re-compute the solutions, though.
- */
-const char *mp1 = "639A868CDA0C569861B";
-const char *mp2 = "AAFC0A3FE45E5E09DBE2C29";
-const char *mp3 = "B55AA8DF8A7E83241F38AC7A9E479CAEF2E4D7C5";
-const char *mp4 = "-63DBC2265B88268DC801C10EA68476B7BDE0090F";
-const char *mp5 = "F595CB42";
-const char *mp5a = "-4B597E";
-const char *mp6 = "0";
-const char *mp7 = "EBFA7121CD838CE6439CC59DDB4CBEF3";
-const char *mp8 = "5";
-const char *mp9 = "F74A2876A1432698923B0767DA19DCF3D71795EE";
-const char *mp10 = "9184E72A000";
-const char *mp11 = "54D79A3557E8";
-const char *mp12 = "10000000000000000";
-const char *mp13 =
-"34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342BDAB6163963C"
-"D5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45F2B050D226E6DA88";
-const char *mp14 =
-"AC3FA0EABAAC45724814D798942A1E28E14C81E0DE8055CED630E7689DA648683645DB6E"
-"458D9F5338CC3D4E33A5D1C9BF42780133599E60DEE0049AFA8F9489501AE5C9AA2B8C13"
-"FD21285A538B2CA87A626BB56E0A654C8707535E637FF4E39174157402BDE3AA30C9F134"
-"0C1307BAA864B075A9CC828B6A5E2B2BF1AE406D920CC5E7657D7C0E697DEE5375773AF9"
-"E200A1B8FAD7CD141F9EE47ABB55511FEB9A4D99EBA22F3A3FF6792FA7EE9E5DC0EE94F7"
-"7A631EDF3D7DD7C2DAAAFDF234D60302AB63D5234CEAE941B9AF0ADDD9E6E3A940A94EE5"
-"5DB45A7C66E61EDD0477419BBEFA44C325129601C4F45671C6A0E64665DF341D17FBC71F"
-"77418BD9F4375DDB3B9D56126526D8E5E0F35A121FD4F347013DA880020A752324F31DDD"
-"9BCDB13A3B86E207A2DE086825E6EEB87B3A64232CFD8205B799BC018634AAE193F19531"
-"D6EBC19A75F27CFFAA03EB5974898F53FD569AA5CE60F431B53B0CDE715A5F382405C9C4"
-"761A8E24888328F09F7BCE4E8D80C957DF177629C8421ACCD0C268C63C0DD47C3C0D954F"
-"D79F7D7297C6788DF4B3E51381759864D880ACA246DF09533739B8BB6085EAF7AE8DC2D9"
-"F224E6874926C8D24D34B457FD2C9A586C6B99582DC24F787A39E3942786CF1D494B6EB4"
-"A513498CDA0B217C4E80BCE7DA1C704C35E071AC21E0DA9F57C27C3533F46A8D20B04137"
-"C1B1384BE4B2EB46";
-const char *mp15 =
-"39849CF7FD65AF2E3C4D87FE5526221103D90BA26A6642FFE3C3ECC0887BBBC57E011BF1"
-"05D822A841653509C68F79EBE51C0099B8CBB04DEF31F36F5954208A3209AC122F0E11D8"
-"4AE67A494D78336A2066D394D42E27EF6B03DDAF6D69F5112C93E714D27C94F82FC7EF77"
-"445768C68EAE1C4A1407BE1B303243391D325090449764AE469CC53EC8012C4C02A72F37"
-"07ED7275D2CC8D0A14B5BCC6BF264941520EBA97E3E6BAE4EE8BC87EE0DDA1F5611A6ECB"
-"65F8AEF4F184E10CADBDFA5A2FEF828901D18C20785E5CC63473D638762DA80625003711"
-"9E984AC43E707915B133543AF9D5522C3E7180DC58E1E5381C1FB7DC6A5F4198F3E88FA6"
-"CBB6DFA8B2D1C763226B253E18BCCB79A29EE82D2DE735078C8AE3C3C86D476AAA08434C"
-"09C274BDD40A1D8FDE38D6536C22F44E807EB73DE4FB36C9F51E0BC835DDBE3A8EFCF2FE"
-"672B525769DC39230EE624D5EEDBD837C82A52E153F37378C3AD68A81A7ADBDF3345DBCE"
-"8FA18CA1DE618EF94DF72EAD928D4F45B9E51632ACF158CF8332C51891D1D12C2A7E6684"
-"360C4BF177C952579A9F442CFFEC8DAE4821A8E7A31C4861D8464CA9116C60866C5E72F7"
-"434ADBED36D54ACDFDFF70A4EFB46E285131FE725F1C637D1C62115EDAD01C4189716327"
-"BFAA79618B1656CBFA22C2C965687D0381CC2FE0245913C4D8D96108213680BD8E93E821"
-"822AD9DDBFE4BD04";
-const char *mp16 = "4A724340668DB150339A70";
-const char *mp17 = "8ADB90F58";
-const char *mp18 = "C64C230AB20E5";
-const char *mp19 =
-"F1C9DACDA287F2E3C88DCE2393B8F53DAAAC1196DC36510962B6B59454CFE64B";
-const char *mp20 =
-"D445662C8B6FE394107B867797750C326E0F4A967E135FC430F6CD7207913AC7";
-
-const mp_digit md1 = 0;
-const mp_digit md2 = 0x1;
-const mp_digit md3 = 0x80;
-const mp_digit md4 = 0x9C97;
-const mp_digit md5 = 0xF5BF;
-const mp_digit md6 = 0x14A0;
-const mp_digit md7 = 0x03E8;
-const mp_digit md8 = 0x0101;
-const mp_digit md9 = 0xA;
-
-/*
- Solutions of the form x_mpABC, where:
-
- x = (p)roduct, (s)um, (d)ifference, (q)uotient, (r)emainder, (g)cd,
- (i)nverse, (e)xponent, square roo(t), (g)cd, (l)cm. A
- leading 'm' indicates a modular operation, e.g. ms_mp12 is the
- modular sum of operands 1 and 2
-
- ABC are the operand numbers involved in the computation. If a 'd'
- precedes the number, it is a digit operand; if a 'c' precedes it,
- it is a constant; otherwise, it is a full integer.
- */
-
-const char *p_mp12 = "4286AD72E095C9FE009938750743174ADDD7FD1E53";
-const char *p_mp34 = "-46BDBD66CA108C94A8CF46C325F7B6E2F2BA82D35"
- "A1BFD6934C441EE369B60CA29BADC26845E918B";
-const char *p_mp57 = "E260C265A0A27C17AD5F4E59D6E0360217A2EBA6";
-const char *p_mp22 = "7233B5C1097FFC77CCF55928FDC3A5D31B712FDE7A1E91";
-const char *p_mp1d4 = "3CECEA2331F4220BEF68DED";
-const char *p_mp8d6 = "6720";
-const char *p_mp1113 =
-"11590FC3831C8C3C51813142C88E566408DB04F9E27642F6471A1822E0100B12F7F1"
-"5699A127C0FA9D26DCBFF458522661F30C6ADA4A07C8C90F9116893F6DBFBF24C3A2"
-"4340";
-const char *p_mp1415 =
-"26B36540DE8B3586699CCEAE218A2842C7D5A01590E70C4A26E789107FBCDB06AA2C"
-"6DDC39E6FA18B16FCB2E934C9A5F844DAD60EE3B1EA82199EC5E9608F67F860FB965"
-"736055DF0E8F2540EB28D07F47E309B5F5D7C94FF190AB9C83A6970160CA700B1081"
-"F60518132AF28C6CEE6B7C473E461ABAC52C39CED50A08DD4E7EA8BA18DAD545126D"
-"A388F6983C29B6BE3F9DCBC15766E8E6D626A92C5296A9C4653CAE5788350C0E2107"
-"F57E5E8B6994C4847D727FF1A63A66A6CEF42B9C9E6BD04C92550B85D5527DE8A132"
-"E6BE89341A9285C7CE7FB929D871BBCBD0ED2863B6B078B0DBB30FCA66D6C64284D6"
-"57F394A0271E15B6EC7A9D530EBAC6CA262EF6F97E1A29FCE7749240E4AECA591ECF"
-"272122BC587370F9371B67BB696B3CDC1BC8C5B64B6280994EBA00CDEB8EB0F5D06E"
-"18F401D65FDCECF23DD7B9BB5B4C5458AEF2CCC09BA7F70EACB844750ACFD027521E"
-"2E047DE8388B35F8512D3DA46FF1A12D4260213602BF7BFFDB6059439B1BD0676449"
-"8D98C74F48FB3F548948D5BA0C8ECFCD054465132DC43466D6BBD59FBAF8D6D4E157"
-"2D612B40A956C7D3E140F3B8562EF18568B24D335707D5BAC7495014DF2444172426"
-"FD099DED560D30D1F945386604AFC85C64BD1E5F531F5C7840475FC0CF0F79810012"
-"4572BAF5A9910CDBD02B27FFCC3C7E5E88EF59F3AE152476E33EDA696A4F751E0AE4"
-"A3D2792DEA78E25B9110E12A19EFD09EA47FF9D6594DA445478BEB6901EAF8A35B2D"
-"FD59BEE9BF7AA8535B7D326EFA5AA2121B5EBE04DD85827A3D43BD04F4AA6D7B62A2"
-"B6D7A3077286A511A431E1EF75FCEBA3FAE9D5843A8ED17AA02BBB1B571F904699C5"
-"A6073F87DDD012E2322AB3F41F2A61F428636FE86914148E19B8EF8314ED83332F2F"
-"8C2ADE95071E792C0A68B903E060DD322A75FD0C2B992059FCCBB58AFA06B50D1634"
-"BBD93F187FCE0566609FCC2BABB269C66CEB097598AA17957BB4FDA3E64A1B30402E"
-"851CF9208E33D52E459A92C63FBB66435BB018E155E2C7F055E0B7AB82CD58FC4889"
-"372ED9EEAC2A07E8E654AB445B9298D2830D6D4DFD117B9C8ABE3968927DC24B3633"
-"BAD6E6466DB45DDAE87A0AB00336AC2CCCE176704F7214FCAB55743AB76C2B6CA231"
-"7984610B27B5786DE55C184DDF556EDFEA79A3652831940DAD941E243F482DC17E50"
-"284BC2FB1AD712A92542C573E55678878F02DFD9E3A863C7DF863227AEDE14B47AD3"
-"957190124820ADC19F5353878EDB6BF7D0C77352A6E3BDB53EEB88F5AEF6226D6E68"
-"756776A8FB49B77564147A641664C2A54F7E5B680CCC6A4D22D894E464DF20537094"
-"548F1732452F9E7F810C0B4B430C073C0FBCE03F0D03F82630654BCE166AA772E1EE"
-"DD0C08D3E3EBDF0AF54203B43AFDFC40D8FC79C97A4B0A4E1BEB14D8FCEFDDED8758"
-"6ED65B18";
-
-const char *mp_mp345 = "B9B6D3A3";
-const char *mp_mp335 = "16609C2D";
-
-const char *s_mp13 = "B55AA8DF8A7E83241F38B2B446B06A4FB84E5DE0";
-const char *s_mp34 = "517EE6B92EF65C965736EB6BF7C325F73504CEB6";
-const char *s_mp46 = "-63DBC2265B88268DC801C10EA68476B7BDE0090F";
-const char *s_mp5d4 = "F59667D9";
-const char *s_mp2d5 = "AAFC0A3FE45E5E09DBF21E8";
-const char *s_mp1415 =
-"E5C43DE2B811F4A084625F96E9504039E5258D8348E698CEB9F4D4292622042DB446"
-"F75F4B65C1FB7A317257FA354BB5A45E789AEC254EAECE11F80A53E3B513822491DB"
-"D9399DEC4807A2A3A10360129AC93F4A42388D3BF20B310DD0E9E9F4BE07FC88D53A"
-"78A26091E0AB506A70813712CCBFBDD440A69A906E650EE090FDD6A42A95AC1A414D"
-"317F1A9F781E6A30E9EE142ECDA45A1E3454A1417A7B9A613DA90831CF88EA1F2E82"
-"41AE88CC4053220903C2E05BCDD42F02B8CF8868F84C64C5858BAD356143C5494607"
-"EE22E11650148BAF65A985F6FC4CA540A55697F2B5AA95D6B8CF96EF638416DE1DD6"
-"3BA9E2C09E22D03E75B60BE456C642F86B82A709253E5E087B507DE3A45F8392423F"
-"4DBC284E8DC88C43CA77BC8DCEFB6129A59025F80F90FF978116DEBB9209E306FBB9"
-"1B6111F8B8CFACB7C7C9BC12691C22EE88303E1713F1DFCEB622B8EA102F6365678B"
-"C580ED87225467AA78E875868BD53B17574BA59305BC1AC666E4B7E9ED72FCFC200E"
-"189D98FC8C5C7533739C53F52DDECDDFA5A8668BFBD40DABC9640F8FCAE58F532940"
-"8162261320A25589E9FB51B50F80056471F24B7E1AEC35D1356FC2747FFC13A04B34"
-"24FCECE10880BD9D97CA8CDEB2F5969BF4F30256EB5ED2BCD1DC64BDC2EE65217848"
-"48A37FB13F84ED4FB7ACA18C4639EE64309BDD3D552AEB4AAF44295943DC1229A497"
-"A84A";
-
-const char *ms_mp345 = "1E71E292";
-
-const char *d_mp12 = "-AAFBA6A55DD183FD854A60E";
-const char *d_mp34 = "119366B05E606A9B1E73A6D8944CC1366B0C4E0D4";
-const char *d_mp5d4 = "F5952EAB";
-const char *d_mp6d2 = "-1";
-const char *md_mp345 = "26596B86";
-
-const char *q_mp42 = "-95825A1FFA1A155D5";
-const char *r_mp42 = "-6312E99D7700A3DCB32ADF2";
-const char *q_mp45a = "15344CDA3D841F661D2B61B6EDF7828CE36";
-const char *r_mp45a = "-47C47B";
-const char *q_mp7c2 = "75FD3890E6C1C67321CE62CEEDA65F79";
-const char *q_mp3d6 = "8CAFD53C272BD6FE8B0847BDC3B539EFAB5C3";
-const char *r_mp3d6 = "1E5";
-const char *r_mp5d5 = "1257";
-const char *r_mp47 = "B3A9018D970281A90FB729A181D95CB8";
-const char *q_mp1404 =
-"-1B994D869142D3EF6123A3CBBC3C0114FA071CFCEEF4B7D231D65591D32501AD80F"
-"FF49AE4EC80514CC071EF6B42521C2508F4CB2FEAD69A2D2EF3934087DCAF88CC4C4"
-"659F1CA8A7F4D36817D802F778F1392337FE36302D6865BF0D4645625DF8BB044E19"
-"930635BE2609FAC8D99357D3A9F81F2578DE15A300964188292107DAC980E0A08CD7"
-"E938A2135FAD45D50CB1D8C2D4C4E60C27AB98B9FBD7E4DBF752C57D2674520E4BB2"
-"7E42324C0EFE84FB3E38CF6950E699E86FD45FE40D428400F2F94EDF7E94FAE10B45"
-"89329E1BF61E5A378C7B31C9C6A234F8254D4C24823B84D0BF8D671D8BC9154DFAC9"
-"49BD8ACABD6BD32DD4DC587F22C86153CB3954BDF7C2A890D623642492C482CF3E2C"
-"776FC019C3BBC61688B485E6FD35D6376089C1E33F880E84C4E51E8ABEACE1B3FB70"
-"3EAD0E28D2D44E7F1C0A859C840775E94F8C1369D985A3C5E8114B21D68B3CBB75D2"
-"791C586153C85B90CAA483E57A40E2D97950AAB84920A4396C950C87C7FFFE748358"
-"42A0BF65445B26D40F05BE164B822CA96321F41D85A289C5F5CD5F438A78704C9683"
-"422299D21899A22F853B0C93081CC9925E350132A0717A611DD932A68A0ACC6E4C7F"
-"7F685EF8C1F4910AEA5DC00BB5A36FCA07FFEAA490C547F6E14A08FE87041AB803E1"
-"BD9E23E4D367A2C35762F209073DFF48F3";
-const char *r_mp1404 = "12FF98621ABF63144BFFC3207AC8FC10D8D1A09";
-
-const char *q_mp13c =
- "34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342"
- "BDAB6163963CD5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45";
-const char *r_mp13c = "F2B050D226E6DA88";
-const char *q_mp9c16 = "F74A2876A1432698923B0767DA19DCF3D71795E";
-const char *r_mp9c16 = "E";
-
-const char *e_mp5d9 = "A8FD7145E727A20E52E73D22990D35D158090307A"
- "13A5215AAC4E9AB1E96BD34E531209E03310400";
-const char *e_mp78 = "AA5F72C737DFFD8CCD108008BFE7C79ADC01A819B"
- "32B75FB82EC0FB8CA83311DA36D4063F1E57857A2"
- "1AB226563D84A15BB63CE975FF1453BD6750C58D9"
- "D113175764F5D0B3C89B262D4702F4D9640A3";
-const char *me_mp817 = "E504493ACB02F7F802B327AB13BF25";
-const char *me_mp5d47 = "1D45ED0D78F2778157992C951DD2734C";
-const char *me_mp1512 = "FB5B2A28D902B9D9";
-const char *me_mp161718 = "423C6AC6DBD74";
-const char *me_mp5114 =
-"64F0F72807993578BBA3C7C36FFB184028F9EB9A810C92079E1498D8A80FC848E1F0"
-"25F1DE43B7F6AC063F5CC29D8A7C2D7A66269D72BF5CDC327AF88AF8EF9E601DCB0A"
-"3F35BFF3525FB1B61CE3A25182F17C0A0633B4089EA15BDC47664A43FEF639748AAC"
-"19CF58E83D8FA32CD10661D2D4210CC84792937E6F36CB601851356622E63ADD4BD5"
-"542412C2E0C4958E51FD2524AABDC7D60CFB5DB332EEC9DC84210F10FAE0BA2018F2"
-"14C9D6867C9D6E49CF28C18D06CE009FD4D04BFC8837C3FAAA773F5CCF6DED1C22DE"
-"181786AFE188540586F2D74BF312E595244E6936AE52E45742109BAA76C36F2692F5"
-"CEF97AD462B138BE92721194B163254CBAAEE9B9864B21CCDD5375BCAD0D24132724"
-"113D3374B4BCF9AA49BA5ACBC12288C0BCF46DCE6CB4A241A91BD559B130B6E9CD3D"
-"D7A2C8B280C2A278BA9BF5D93244D563015C9484B86D9FEB602501DC16EEBC3EFF19"
-"53D7999682BF1A1E3B2E7B21F4BDCA3C355039FEF55B9C0885F98DC355CA7A6D8ECF"
-"5F7F1A6E11A764F2343C823B879B44616B56BF6AE3FA2ACF5483660E618882018E3F"
-"C8459313BACFE1F93CECC37B2576A5C0B2714BD3EEDEEC22F0E7E3E77B11396B9B99"
-"D683F2447A4004BBD4A57F6A616CDDFEC595C4FC19884CC2FC21CF5BF5B0B81E0F83"
-"B9DDA0CF4DFF35BB8D31245912BF4497FD0BD95F0C604E26EA5A8EA4F5EAE870A5BD"
-"FE8C";
-
-const char *e_mpc2d3 = "100000000000000000000000000000000";
-
-const char *t_mp9 = "FB9B6E32FF0452A34746";
-const char *i_mp27 = "B6AD8DCCDAF92B6FE57D062FFEE3A99";
-const char *i_mp2019 =
-"BDF3D88DC373A63EED92903115B03FC8501910AF68297B4C41870AED3EA9F839";
-/* "15E3FE09E8AE5523AABA197BD2D16318D3CA148EDF4AE1C1C52FC96AFAF5680B"; */
-
-
-const char *t_mp15 =
-"795853094E59B0008093BCA8DECF68587C64BDCA2F3F7F8963DABC12F1CFFFA9B8C4"
-"365232FD4751870A0EF6CA619287C5D8B7F1747D95076AB19645EF309773E9EACEA0"
-"975FA4AE16251A8DA5865349C3A903E3B8A2C0DEA3C0720B6020C7FED69AFF62BB72"
-"10FAC443F9FFA2950776F949E819260C2AF8D94E8A1431A40F8C23C1973DE5D49AA2"
-"0B3FF5DA5C1D5324E712A78FF33A9B1748F83FA529905924A31DF38643B3F693EF9B"
-"58D846BB1AEAE4523ECC843FF551C1B300A130B65C1677402778F98C51C10813250E"
-"2496882877B069E877B59740DC1226F18A5C0F66F64A5F59A9FAFC5E9FC45AEC0E7A"
-"BEE244F7DD3AC268CF512A0E52E4F5BE5B94";
-
-const char *g_mp71 = "1";
-const char *g_mp25 = "7";
-const char *l_mp1011 = "C589E3D7D64A6942A000";
-
-/* mp9 in radices from 5 to 64 inclusive */
-#define LOW_RADIX 5
-#define HIGH_RADIX 64
-const char *v_mp9[] = {
- "404041130042310320100141302000203430214122130002340212132414134210033",
- "44515230120451152500101352430105520150025145320010504454125502",
- "644641136612541136016610100564613624243140151310023515322",
- "173512120732412062323044435407317550316717172705712756",
- "265785018434285762514442046172754680368422060744852",
- "1411774500397290569709059837552310354075408897518",
- "184064268501499311A17746095910428222A241708032A",
- "47706011B225950B02BB45602AA039893118A85950892",
- "1A188C826B982353CB58422563AC602B783101671A86",
- "105957B358B89B018958908A9114BC3DDC410B77982",
- "CB7B3387E23452178846C55DD9D70C7CA9AEA78E8",
- "F74A2876A1432698923B0767DA19DCF3D71795EE",
- "17BF7C3673B76D7G7A5GA836277296F806E7453A",
- "2EBG8HH3HFA6185D6H0596AH96G24C966DD3HG2",
- "6G3HGBFEG8I3F25EAF61B904EIA40CFDH2124F",
- "10AHC3D29EBHDF3HD97905CG0JA8061855C3FI",
- "3BA5A55J5K699B2D09C38A4B237CH51IHA132",
- "EDEA90DJ0B5CB3FGG1C8587FEB99D3C143CA",
- "31M26JI1BBD56K3I028MML4EEDMAJK60LGLE",
- "GGG5M3142FKKG82EJ28111D70EMHC241E4E",
- "4446F4D5H10982023N297BF0DKBBHLLJB0I",
- "12E9DEEOBMKAKEP0IM284MIP7FO1O521M46",
- "85NN0HD48NN2FDDB1F5BMMKIB8CK20MDPK",
- "2D882A7A0O0JPCJ4APDRIB77IABAKDGJP2",
- "MFMCI0R7S27AAA3O3L2S8K44HKA7O02CN",
- "7IGQS73FFSHC50NNH44B6PTTNLC3M6H78",
- "2KLUB3U9850CSN6ANIDNIF1LB29MJ43LH",
- "UT52GTL18CJ9H4HR0TJTK6ESUFBHF5FE",
- "BTVL87QQBMUGF8PFWU4W3VU7U922QTMW",
- "4OG10HW0MSWJBIDEE2PDH24GA7RIHIAA",
- "1W8W9AX2DRUX48GXOLMK0PE42H0FEUWN",
- "SVWI84VBH069WR15W1U2VTK06USY8Z2",
- "CPTPNPDa5TYCPPNLALENT9IMX2GL0W2",
- "5QU21UJMRaUYYYYYN6GHSMPOYOXEEUY",
- "2O2Q7C6RPPB1SXJ9bR4035SPaQQ3H2W",
- "18d994IbT4PHbD7cGIPCRP00bbQO0bc",
- "NcDUEEWRO7XT76260WGeBHPVa72RdA",
- "BbX2WCF9VfSB5LPdJAdeXKV1fd6LC2",
- "60QDKW67P4JSQaTdQg7JE9ISafLaVU",
- "33ba9XbDbRdNF4BeDB2XYMhAVDaBdA",
- "1RIPZJA8gT5L5H7fTcaRhQ39geMMTc",
- "d65j70fBATjcDiidPYXUGcaBVVLME",
- "LKA9jhPabDG612TXWkhfT2gMXNIP2",
- "BgNaYhjfT0G8PBcYRP8khJCR3C9QE",
- "6Wk8RhJTAgDh10fYAiUVB1aM0HacG",
- "3dOCjaf78kd5EQNViUZWj3AfFL90I",
- "290VWkL3aiJoW4MBbHk0Z0bDo22Ni",
- "1DbDZ1hpPZNUDBUp6UigcJllEdC26",
- "dFSOLBUM7UZX8Vnc6qokGIOiFo1h",
- "NcoUYJOg0HVmKI9fR2ag0S8R2hrK",
- "EOpiJ5Te7oDe2pn8ZhAUKkhFHlZh",
- "8nXK8rp8neV8LWta1WDgd1QnlWsU",
- "5T3d6bcSBtHgrH9bCbu84tblaa7r",
- "3PlUDIYUvMqOVCir7AtquK5dWanq",
- "2A70gDPX2AtiicvIGGk9poiMtgvu",
- "1MjiRxjk10J6SVAxFguv9kZiUnIc",
- "rpre2vIDeb4h3sp50r1YBbtEx9L",
- "ZHcoip0AglDAfibrsUcJ9M1C8fm",
- "NHP18+eoe6uU54W49Kc6ZK7+bT2",
- "FTAA7QXGoQOaZi7PzePtFFN5vNk"
-};
-
-const unsigned char b_mp4[] = {
- 0x01,
-#if MP_DIGIT_MAX > MP_32BIT_MAX
- 0x00, 0x00, 0x00, 0x00,
-#endif
- 0x63, 0xDB, 0xC2, 0x26,
- 0x5B, 0x88, 0x26, 0x8D,
- 0xC8, 0x01, 0xC1, 0x0E,
- 0xA6, 0x84, 0x76, 0xB7,
- 0xBD, 0xE0, 0x09, 0x0F
-};
-
-/* Search for a test suite name in the names table */
-int find_name(char *name);
-void reason(char *fmt, ...);
-
-/*------------------------------------------------------------------------*/
-/*------------------------------------------------------------------------*/
-
-char g_intbuf[4096]; /* buffer for integer comparison */
-char a_intbuf[4096]; /* buffer for integer comparison */
-int g_verbose = 1; /* print out reasons for failure? */
-int res;
-
-#define IFOK(x) { if (MP_OKAY > (res = (x))) { \
- reason("test %s failed: error %d\n", #x, res); return 1; }}
-
-int main(int argc, char *argv[])
-{
- int which, res;
-
- srand((unsigned int)time(NULL));
-
- if (argc < 2) {
- fprintf(stderr, "Usage: %s <test-suite> | list\n"
- "Type '%s help' for assistance\n", argv[0], argv[0]);
- return 2;
- } else if(argc > 2) {
- if(strcmp(argv[2], "quiet") == 0)
- g_verbose = 0;
- }
-
- if(strcmp(argv[1], "help") == 0) {
- fprintf(stderr, "Help for mpi-test\n\n"
- "This program is a test driver for the MPI library, which\n"
- "tests all the various functions in the library to make sure\n"
- "they are working correctly. The syntax is:\n"
- " %s <suite-name>\n"
- "...where <suite-name> is the name of the test you wish to\n"
- "run. To get a list of the tests, use '%s list'.\n\n"
- "The program exits with a status of zero if the test passes,\n"
- "or non-zero if it fails. Ordinarily, failure is accompanied\n"
- "by a diagnostic message to standard error. To suppress this\n"
- "add the keyword 'quiet' after the suite-name on the command\n"
- "line.\n\n", argv[0], argv[0]);
- return 0;
- }
-
- if ((which = find_name(argv[1])) < 0) {
- fprintf(stderr, "%s: test suite '%s' is not known\n", argv[0], argv[1]);
- return 2;
- }
-
- if((res = (g_tests[which])()) < 0) {
- fprintf(stderr, "%s: test suite not implemented yet\n", argv[0]);
- return 2;
- } else {
- return res;
- }
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int find_name(char *name)
-{
- int ix = 0;
-
- while(ix < g_count) {
- if (strcmp(name, g_names[ix]) == 0)
- return ix;
-
- ++ix;
- }
-
- return -1;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_list(void)
-{
- int ix;
-
- fprintf(stderr, "There are currently %d test suites available\n",
- g_count);
-
- for(ix = 1; ix < g_count; ix++)
- fprintf(stdout, "%-20s %s\n", g_names[ix], g_descs[ix]);
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_copy(void)
-{
- mp_int a, b;
- int ix;
-
- mp_init(&a); mp_init(&b);
-
- mp_read_radix(&a, mp3, 16);
- mp_copy(&a, &b);
-
- if(SIGN(&a) != SIGN(&b) || USED(&a) != USED(&b)) {
- if(SIGN(&a) != SIGN(&b)) {
- reason("error: sign of original is %d, sign of copy is %d\n",
- SIGN(&a), SIGN(&b));
- } else {
- reason("error: original precision is %d, copy precision is %d\n",
- USED(&a), USED(&b));
- }
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- for(ix = 0; ix < USED(&b); ix++) {
- if(DIGIT(&a, ix) != DIGIT(&b, ix)) {
- reason("error: digit %d " DIGIT_FMT " != " DIGIT_FMT "\n",
- ix, DIGIT(&a, ix), DIGIT(&b, ix));
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exch(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16);
-
- mp_exch(&a, &b);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, mp1) != 0) {
- mp_clear(&b);
- reason("error: exchange failed\n");
- return 1;
- }
-
- mp_toradix(&b, g_intbuf, 16);
-
- mp_clear(&b);
- if(strcmp(g_intbuf, mp7) != 0) {
- reason("error: exchange failed\n");
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_zero(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp7, 16);
- mp_zero(&a);
-
- if(USED(&a) != 1 || DIGIT(&a, 1) != 0) {
- mp_toradix(&a, g_intbuf, 16);
- reason("error: result is %s\n", g_intbuf);
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_set(void)
-{
- mp_int a;
-
- /* Test single digit set */
- mp_init(&a); mp_set(&a, 5);
- if(DIGIT(&a, 0) != 5) {
- mp_toradix(&a, g_intbuf, 16);
- reason("error: result is %s, expected 5\n", g_intbuf);
- mp_clear(&a);
- return 1;
- }
-
- /* Test integer set */
- mp_set_int(&a, -4938110);
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a);
- if(strcmp(g_intbuf, mp5a) != 0) {
- reason("error: result is %s, expected %s\n", g_intbuf, mp5a);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_abs(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp4, 16);
- mp_abs(&a, &a);
-
- if(SIGN(&a) != ZPOS) {
- reason("error: sign of result is negative\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_neg(void)
-{
- mp_int a;
- mp_sign s;
-
- mp_init(&a); mp_read_radix(&a, mp4, 16);
-
- s = SIGN(&a);
- mp_neg(&a, &a);
- if(SIGN(&a) == s) {
- reason("error: sign of result is same as sign of nonzero input\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_add_d(void)
-{
- mp_int a;
-
- mp_init(&a);
-
- mp_read_radix(&a, mp5, 16);
- mp_add_d(&a, md4, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp5d4) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp5d4);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp2, 16);
- mp_add_d(&a, md5, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp2d5) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp2d5);
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_add(void)
-{
- mp_int a, b;
- int res = 0;
-
- mp_init(&a); mp_init(&b);
-
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp3, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp13) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp13);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp4, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp34) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp34);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp6, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp46) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp46);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp1415) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp1415);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a); mp_clear(&b);
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sub_d(void)
-{
- mp_int a;
-
- mp_init(&a);
- mp_read_radix(&a, mp5, 16);
-
- mp_sub_d(&a, md4, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, d_mp5d4) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp5d4);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp6, 16);
-
- mp_sub_d(&a, md2, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, d_mp6d2) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp6d2);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sub(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
-
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16);
- mp_sub(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, d_mp12) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp12);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_sub(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, d_mp34) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp34);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mul_d(void)
-{
- mp_int a;
-
- mp_init(&a);
- mp_read_radix(&a, mp1, 16);
-
- IFOK( mp_mul_d(&a, md4, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp1d4) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp1d4);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp8, 16);
- IFOK( mp_mul_d(&a, md6, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, p_mp8d6) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp8d6);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mul(void)
-{
- mp_int a, b;
- int res = 0;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16);
-
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp12) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp12);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp34) !=0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp34);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp7, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp57) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp57);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp11, 16); mp_read_radix(&b, mp13, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp1113) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp1113);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp1415) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp1415);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a); mp_clear(&b);
- return res;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqr(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp2, 16);
-
- mp_sqr(&a, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, p_mp22) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp22);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_d(void)
-{
- mp_int a, q;
- mp_digit r;
- int err = 0;
-
- mp_init(&a); mp_init(&q);
- mp_read_radix(&a, mp3, 16);
-
- IFOK( mp_div_d(&a, md6, &q, &r) );
- mp_toradix(&q, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp3d6) != 0) {
- reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp3d6);
- ++err;
- }
-
- sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-
- if(strcmp(g_intbuf, r_mp3d6) != 0) {
- reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp3d6);
- ++err;
- }
-
- mp_read_radix(&a, mp9, 16);
- IFOK( mp_div_d(&a, 16, &q, &r) );
- mp_toradix(&q, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp9c16) != 0) {
- reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp9c16);
- ++err;
- }
-
- sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-
- if(strcmp(g_intbuf, r_mp9c16) != 0) {
- reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp9c16);
- ++err;
- }
-
- mp_clear(&a); mp_clear(&q);
- return err;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_2(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp7, 16);
- IFOK( mp_div_2(&a, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, q_mp7c2) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, q_mp7c2);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_2d(void)
-{
- mp_int a, q, r;
-
- mp_init(&q); mp_init(&r);
- mp_init(&a); mp_read_radix(&a, mp13, 16);
-
- IFOK( mp_div_2d(&a, 64, &q, &r) );
- mp_clear(&a);
-
- mp_toradix(&q, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp13c) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, q_mp13c);
- mp_clear(&q); mp_clear(&r);
- return 1;
- }
-
- mp_clear(&q);
-
- mp_toradix(&r, g_intbuf, 16);
- if(strcmp(g_intbuf, r_mp13c) != 0) {
- reason("error, computed %s, expected %s\n", g_intbuf, r_mp13c);
- mp_clear(&r);
- return 1;
- }
-
- mp_clear(&r);
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div(void)
-{
- mp_int a, b, r;
- int err = 0;
-
- mp_init(&a); mp_init(&b); mp_init(&r);
-
- mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp2, 16);
- IFOK( mp_div(&a, &b, &a, &r) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp42) != 0) {
- reason("error: test 1 computed quot %s, expected %s\n", g_intbuf, q_mp42);
- ++err;
- }
-
- mp_toradix(&r, g_intbuf, 16);
-
- if(strcmp(g_intbuf, r_mp42) != 0) {
- reason("error: test 1 computed rem %s, expected %s\n", g_intbuf, r_mp42);
- ++err;
- }
-
- mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp5a, 16);
- IFOK( mp_div(&a, &b, &a, &r) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp45a) != 0) {
- reason("error: test 2 computed quot %s, expected %s\n", g_intbuf, q_mp45a);
- ++err;
- }
-
- mp_toradix(&r, g_intbuf, 16);
-
- if(strcmp(g_intbuf, r_mp45a) != 0) {
- reason("error: test 2 computed rem %s, expected %s\n", g_intbuf, r_mp45a);
- ++err;
- }
-
- mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp4, 16);
- IFOK( mp_div(&a, &b, &a, &r) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp1404) != 0) {
- reason("error: test 3 computed quot %s, expected %s\n", g_intbuf, q_mp1404);
- ++err;
- }
-
- mp_toradix(&r, g_intbuf, 16);
-
- if(strcmp(g_intbuf, r_mp1404) != 0) {
- reason("error: test 3 computed rem %s, expected %s\n", g_intbuf, r_mp1404);
- ++err;
- }
-
- mp_clear(&a); mp_clear(&b); mp_clear(&r);
-
- return err;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_expt_d(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp5, 16);
- mp_expt_d(&a, md9, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, e_mp5d9) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, e_mp5d9);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_expt(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp8, 16);
-
- mp_expt(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b);
-
- if(strcmp(g_intbuf, e_mp78) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, e_mp78);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_2expt(void)
-{
- mp_int a;
-
- mp_init(&a);
- mp_2expt(&a, md3);
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a);
-
- if(strcmp(g_intbuf, e_mpc2d3) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, e_mpc2d3);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqrt(void)
-{
- mp_int a;
- int res = 0;
-
- mp_init(&a); mp_read_radix(&a, mp9, 16);
- mp_sqrt(&a, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, t_mp9) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, t_mp9);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp15, 16);
- mp_sqrt(&a, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, t_mp15) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, t_mp15);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a);
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mod_d(void)
-{
- mp_int a;
- mp_digit r;
-
- mp_init(&a); mp_read_radix(&a, mp5, 16);
- IFOK( mp_mod_d(&a, md5, &r) );
- sprintf(g_intbuf, ZS_DIGIT_FMT, r);
- mp_clear(&a);
-
- if(strcmp(g_intbuf, r_mp5d5) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, r_mp5d5);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mod(void)
-{
- mp_int a, m;
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp4, 16); mp_read_radix(&m, mp7, 16);
- IFOK( mp_mod(&a, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, r_mp47) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, r_mp47);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_addmod(void)
-{
- mp_int a, b, m;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_addmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- if(strcmp(g_intbuf, ms_mp345) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, ms_mp345);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_submod(void)
-{
- mp_int a, b, m;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_submod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- if(strcmp(g_intbuf, md_mp345) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, md_mp345);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mulmod(void)
-{
- mp_int a, b, m;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_mulmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- if(strcmp(g_intbuf, mp_mp345) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, mp_mp345);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqrmod(void)
-{
- mp_int a, m;
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_sqrmod(&a, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, mp_mp335) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, mp_mp335);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exptmod(void)
-{
- mp_int a, b, m;
- int res = 0;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp8, 16); mp_read_radix(&b, mp1, 16);
- mp_read_radix(&m, mp7, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp817) != 0) {
- reason("case 1: error: computed %s, expected %s\n", g_intbuf, me_mp817);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp5, 16);
- mp_read_radix(&m, mp12, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp1512) != 0) {
- reason("case 2: error: computed %s, expected %s\n", g_intbuf, me_mp1512);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp1, 16);
- mp_read_radix(&m, mp14, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp5114) != 0) {
- reason("case 3: error: computed %s, expected %s\n", g_intbuf, me_mp5114);
- res = 1;
- }
-
- mp_read_radix(&a, mp16, 16); mp_read_radix(&b, mp17, 16);
- mp_read_radix(&m, mp18, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp161718) != 0) {
- reason("case 4: error: computed %s, expected %s\n", g_intbuf, me_mp161718);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exptmod_d(void)
-{
- mp_int a, m;
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp5, 16); mp_read_radix(&m, mp7, 16);
-
- IFOK( mp_exptmod_d(&a, md4, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, me_mp5d47) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, me_mp5d47);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_invmod(void)
-{
- mp_int a, m, c;
- mp_int p1, p2, p3, p4, p5;
- mp_int t1, t2, t3, t4;
- mp_err res;
-
- /* 5 128-bit primes. */
- static const char ivp1[] = { "AAD8A5A2A2BEF644BAEE7DB0CA643719" };
- static const char ivp2[] = { "CB371AD2B79A90BCC88D0430663E40B9" };
- static const char ivp3[] = { "C6C818D4DF2618406CA09280C0400099" };
- static const char ivp4[] = { "CE949C04512E68918006B1F0D7E93F27" };
- static const char ivp5[] = { "F8EE999B6416645040687440E0B89F51" };
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp2, 16); mp_read_radix(&m, mp7, 16);
-
- IFOK( mp_invmod(&a, &m, &a) );
-
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, i_mp27) != 0) {
- reason("error: invmod test 1 computed %s, expected %s\n", g_intbuf, i_mp27);
- return 1;
- }
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp20, 16); mp_read_radix(&m, mp19, 16);
-
- IFOK( mp_invmod(&a, &m, &a) );
-
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, i_mp2019) != 0) {
- reason("error: invmod test 2 computed %s, expected %s\n", g_intbuf, i_mp2019);
- return 1;
- }
-
-/* Need the following test cases:
- Odd modulus
- - a is odd, relatively prime to m
- - a is odd, not relatively prime to m
- - a is even, relatively prime to m
- - a is even, not relatively prime to m
- Even modulus
- - a is even (should fail)
- - a is odd, not relatively prime to m
- - a is odd, relatively prime to m,
- m is not a power of 2
- - m has factor 2**k, k < 32
- - m has factor 2**k, k > 32
- m is a power of 2, 2**k
- - k < 32
- - k > 32
-*/
-
- mp_init(&a); mp_init(&m); mp_init(&c);
- mp_init(&p1); mp_init(&p2); mp_init(&p3); mp_init(&p4); mp_init(&p5);
- mp_init(&t1); mp_init(&t2); mp_init(&t3); mp_init(&t4);
-
- mp_read_radix(&p1, ivp1, 16);
- mp_read_radix(&p2, ivp2, 16);
- mp_read_radix(&p3, ivp3, 16);
- mp_read_radix(&p4, ivp4, 16);
- mp_read_radix(&p5, ivp5, 16);
-
- IFOK( mp_2expt(&t2, 68) ); /* t2 = 2**68 */
- IFOK( mp_2expt(&t3, 128) ); /* t3 = 2**128 */
- IFOK( mp_2expt(&t4, 31) ); /* t4 = 2**31 */
-
-/* test 3: Odd modulus - a is odd, relatively prime to m */
-
- IFOK( mp_mul(&p1, &p2, &a) );
- IFOK( mp_mul(&p3, &p4, &m) );
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 3 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&a); mp_clear(&t1); mp_clear(&c);
- mp_init(&a); mp_init(&t1); mp_init(&c);
-
-/* test 4: Odd modulus - a is odd, NOT relatively prime to m */
-
- IFOK( mp_mul(&p1, &p3, &a) );
- /* reuse same m as before */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP4;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP4:
- reason("error: invmod test 4 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&t1); mp_clear(&c);
- mp_init(&a); mp_init(&t1); mp_init(&c);
-
-/* test 5: Odd modulus - a is even, relatively prime to m */
-
- IFOK( mp_mul(&p1, &t2, &a) );
- /* reuse m */
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 5 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&a); mp_clear(&t1); mp_clear(&c);
- mp_init(&a); mp_init(&t1); mp_init(&c);
-
-/* test 6: Odd modulus - a is odd, NOT relatively prime to m */
-
- /* reuse t2 */
- IFOK( mp_mul(&t2, &p3, &a) );
- /* reuse same m as before */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP6;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP6:
- reason("error: invmod test 6 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&m); mp_clear(&c); mp_clear(&t1);
- mp_init(&a); mp_init(&m); mp_init(&c); mp_init(&t1);
-
-/* test 7: Even modulus, even a, should fail */
-
- IFOK( mp_mul(&p3, &t3, &m) ); /* even m */
- /* reuse t2 */
- IFOK( mp_mul(&p1, &t2, &a) ); /* even a */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP7;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP7:
- reason("error: invmod test 7 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&c); mp_clear(&t1);
- mp_init(&a); mp_init(&c); mp_init(&t1);
-
-/* test 8: Even modulus - a is odd, not relatively prime to m */
-
- /* reuse m */
- IFOK( mp_mul(&p3, &p1, &a) ); /* even a */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP8;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP8:
- reason("error: invmod test 8 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&m); mp_clear(&c); mp_clear(&t1);
- mp_init(&a); mp_init(&m); mp_init(&c); mp_init(&t1);
-
-/* test 9: Even modulus - m has factor 2**k, k < 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_mul(&p3, &t4, &m) ); /* even m */
- IFOK( mp_mul(&p1, &p2, &a) );
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 9 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&m); mp_clear(&t1); mp_clear(&c);
- mp_init(&m); mp_init(&t1); mp_init(&c);
-
-/* test 10: Even modulus - m has factor 2**k, k > 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_mul(&p3, &t3, &m) ); /* even m */
- /* reuse a */
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 10 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&t1); mp_clear(&c);
- mp_init(&t1); mp_init(&c);
-
-/* test 11: Even modulus - m is a power of 2, 2**k | k < 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_invmod(&a, &t4, &t1) );
- IFOK( mp_invmod_xgcd(&a, &t4, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 11 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&t1); mp_clear(&c);
- mp_init(&t1); mp_init(&c);
-
-/* test 12: Even modulus - m is a power of 2, 2**k | k > 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_invmod(&a, &t3, &t1) );
- IFOK( mp_invmod_xgcd(&a, &t3, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 12 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&m); mp_clear(&c);
- mp_clear(&t1); mp_clear(&t2); mp_clear(&t3); mp_clear(&t4);
- mp_clear(&p1); mp_clear(&p2); mp_clear(&p3); mp_clear(&p4); mp_clear(&p5);
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_d(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp8, 16);
-
- if(mp_cmp_d(&a, md8) >= 0) {
- reason("error: %s >= " DIGIT_FMT "\n", mp8, md8);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp5, 16);
-
- if(mp_cmp_d(&a, md8) <= 0) {
- reason("error: %s <= " DIGIT_FMT "\n", mp5, md8);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp6, 16);
-
- if(mp_cmp_d(&a, md1) != 0) {
- reason("error: %s != " DIGIT_FMT "\n", mp6, md1);
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_z(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp6, 16);
-
- if(mp_cmp_z(&a) != 0) {
- reason("error: someone thinks a zero value is non-zero\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp1, 16);
-
- if(mp_cmp_z(&a) <= 0) {
- reason("error: someone thinks a positive value is non-positive\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp4, 16);
-
- if(mp_cmp_z(&a) >= 0) {
- reason("error: someone thinks a negative value is non-negative\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-
- if(mp_cmp(&a, &b) <= 0) {
- reason("error: %s <= %s\n", mp3, mp4);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&b, mp3, 16);
- if(mp_cmp(&a, &b) != 0) {
- reason("error: %s != %s\n", mp3, mp3);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp5, 16);
- if(mp_cmp(&a, &b) >= 0) {
- reason("error: %s >= %s\n", mp5, mp3);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp5a, 16);
- if(mp_cmp_int(&a, 1000000) >= 0 ||
- (mp_cmp_int(&a, -5000000) <= 0) ||
- (mp_cmp_int(&a, -4938110) != 0)) {
- reason("error: long integer comparison failed (%s)", mp5a);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_mag(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp4, 16);
-
- if(mp_cmp_mag(&a, &b) >= 0) {
- reason("error: %s >= %s\n", mp5, mp4);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&b, mp5, 16);
- if(mp_cmp_mag(&a, &b) != 0) {
- reason("error: %s != %s\n", mp5, mp5);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp1, 16);
- if(mp_cmp_mag(&b, &a) >= 0) {
- reason("error: %s >= %s\n", mp5, mp1);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_parity(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp1, 16);
-
- if(!mp_isodd(&a)) {
- reason("error: expected operand to be odd, but it isn't\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp6, 16);
-
- if(!mp_iseven(&a)) {
- reason("error: expected operand to be even, but it isn't\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_gcd(void)
-{
- mp_int a, b;
- int out = 0;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16);
-
- mp_gcd(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, g_mp71) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, g_mp71);
- out = 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_lcm(void)
-{
- mp_int a, b;
- int out = 0;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp10, 16); mp_read_radix(&b, mp11, 16);
-
- mp_lcm(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, l_mp1011) != 0) {
- reason("error: computed %s, expected%s\n", g_intbuf, l_mp1011);
- out = 1;
- }
-
- mp_clear(&a); mp_clear(&b);
-
- return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_convert(void)
-{
- int ix;
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp9, 16);
-
- for(ix = LOW_RADIX; ix <= HIGH_RADIX; ix++) {
- mp_toradix(&a, g_intbuf, ix);
-
- if(strcmp(g_intbuf, v_mp9[ix - LOW_RADIX]) != 0) {
- reason("error: radix %d, computed %s, expected %s\n",
- ix, g_intbuf, v_mp9[ix - LOW_RADIX]);
- mp_clear(&a);
- return 1;
- }
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_raw(void)
-{
- int len, out = 0;
- mp_int a;
- char *buf;
-
- mp_init(&a); mp_read_radix(&a, mp4, 16);
-
- len = mp_raw_size(&a);
- if(len != sizeof(b_mp4)) {
- reason("error: test_raw: expected length %d, computed %d\n", sizeof(b_mp4),
- len);
- mp_clear(&a);
- return 1;
- }
-
- buf = calloc(len, sizeof(char));
- mp_toraw(&a, buf);
-
- if(memcmp(buf, b_mp4, sizeof(b_mp4)) != 0) {
- reason("error: test_raw: binary output does not match test vector\n");
- out = 1;
- }
-
- free(buf);
- mp_clear(&a);
-
- return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_pprime(void)
-{
- mp_int p;
- int err = 0;
- mp_err res;
-
- mp_init(&p);
- mp_read_radix(&p, mp7, 16);
-
- if(mpp_pprime(&p, 5) != MP_YES) {
- reason("error: %s failed Rabin-Miller test, but is prime\n", mp7);
- err = 1;
- }
-
- IFOK( mp_set_int(&p, 9) );
- res = mpp_pprime(&p, 50);
- if (res == MP_YES) {
- reason("error: 9 is composite but passed Rabin-Miller test\n");
- err = 1;
- } else if (res != MP_NO) {
- reason("test mpp_pprime(9, 50) failed: error %d\n", res);
- err = 1;
- }
-
- IFOK( mp_set_int(&p, 15) );
- res = mpp_pprime(&p, 50);
- if (res == MP_YES) {
- reason("error: 15 is composite but passed Rabin-Miller test\n");
- err = 1;
- } else if (res != MP_NO) {
- reason("test mpp_pprime(15, 50) failed: error %d\n", res);
- err = 1;
- }
-
- mp_clear(&p);
-
- return err;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_fermat(void)
-{
- mp_int p;
- mp_err res;
- int err = 0;
-
- mp_init(&p);
- mp_read_radix(&p, mp7, 16);
-
- if((res = mpp_fermat(&p, 2)) != MP_YES) {
- reason("error: %s failed Fermat test on 2: %s\n", mp7,
- mp_strerror(res));
- ++err;
- }
-
- if((res = mpp_fermat(&p, 3)) != MP_YES) {
- reason("error: %s failed Fermat test on 3: %s\n", mp7,
- mp_strerror(res));
- ++err;
- }
-
- mp_clear(&p);
-
- return err;
-
-}
-
-/*------------------------------------------------------------------------*/
-/* Like fprintf(), but only if we are behaving in a verbose manner */
-
-void reason(char *fmt, ...)
-{
- va_list ap;
-
- if(!g_verbose)
- return;
-
- va_start(ap, fmt);
- vfprintf(stderr, fmt, ap);
- va_end(ap);
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c
deleted file mode 100644
index 83bd86764..000000000
--- a/security/nss/lib/freebl/mpi/mpi.c
+++ /dev/null
@@ -1,4795 +0,0 @@
-/*
- * mpi.c
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include "mpi-priv.h"
-#if defined(OSF1)
-#include <c_asm.h>
-#endif
-
-#if MP_LOGTAB
-/*
- A table of the logs of 2 for various bases (the 0 and 1 entries of
- this table are meaningless and should not be referenced).
-
- This table is used to compute output lengths for the mp_toradix()
- function. Since a number n in radix r takes up about log_r(n)
- digits, we estimate the output size by taking the least integer
- greater than log_r(n), where:
-
- log_r(n) = log_2(n) * log_r(2)
-
- This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
- which are the output bases supported.
- */
-#include "logtab.h"
-#endif
-
-/* {{{ Constant strings */
-
-/* Constant strings returned by mp_strerror() */
-static const char *mp_err_string[] = {
- "unknown result code", /* say what? */
- "boolean true", /* MP_OKAY, MP_YES */
- "boolean false", /* MP_NO */
- "out of memory", /* MP_MEM */
- "argument out of range", /* MP_RANGE */
- "invalid input parameter", /* MP_BADARG */
- "result is undefined" /* MP_UNDEF */
-};
-
-/* Value to digit maps for radix conversion */
-
-/* s_dmap_1 - standard digits and letters */
-static const char *s_dmap_1 =
- "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
-
-/* }}} */
-
-unsigned long mp_allocs;
-unsigned long mp_frees;
-unsigned long mp_copies;
-
-/* {{{ Default precision manipulation */
-
-/* Default precision for newly created mp_int's */
-static mp_size s_mp_defprec = MP_DEFPREC;
-
-mp_size mp_get_prec(void)
-{
- return s_mp_defprec;
-
-} /* end mp_get_prec() */
-
-void mp_set_prec(mp_size prec)
-{
- if(prec == 0)
- s_mp_defprec = MP_DEFPREC;
- else
- s_mp_defprec = prec;
-
-} /* end mp_set_prec() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ mp_init(mp) */
-
-/*
- mp_init(mp)
-
- Initialize a new zero-valued mp_int. Returns MP_OKAY if successful,
- MP_MEM if memory could not be allocated for the structure.
- */
-
-mp_err mp_init(mp_int *mp)
-{
- return mp_init_size(mp, s_mp_defprec);
-
-} /* end mp_init() */
-
-/* }}} */
-
-/* {{{ mp_init_size(mp, prec) */
-
-/*
- mp_init_size(mp, prec)
-
- Initialize a new zero-valued mp_int with at least the given
- precision; returns MP_OKAY if successful, or MP_MEM if memory could
- not be allocated for the structure.
- */
-
-mp_err mp_init_size(mp_int *mp, mp_size prec)
-{
- ARGCHK(mp != NULL && prec > 0, MP_BADARG);
-
- prec = MP_ROUNDUP(prec, s_mp_defprec);
- if((DIGITS(mp) = s_mp_alloc(prec, sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- SIGN(mp) = ZPOS;
- USED(mp) = 1;
- ALLOC(mp) = prec;
-
- return MP_OKAY;
-
-} /* end mp_init_size() */
-
-/* }}} */
-
-/* {{{ mp_init_copy(mp, from) */
-
-/*
- mp_init_copy(mp, from)
-
- Initialize mp as an exact copy of from. Returns MP_OKAY if
- successful, MP_MEM if memory could not be allocated for the new
- structure.
- */
-
-mp_err mp_init_copy(mp_int *mp, const mp_int *from)
-{
- ARGCHK(mp != NULL && from != NULL, MP_BADARG);
-
- if(mp == from)
- return MP_OKAY;
-
- if((DIGITS(mp) = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- s_mp_copy(DIGITS(from), DIGITS(mp), USED(from));
- USED(mp) = USED(from);
- ALLOC(mp) = ALLOC(from);
- SIGN(mp) = SIGN(from);
-
- return MP_OKAY;
-
-} /* end mp_init_copy() */
-
-/* }}} */
-
-/* {{{ mp_copy(from, to) */
-
-/*
- mp_copy(from, to)
-
- Copies the mp_int 'from' to the mp_int 'to'. It is presumed that
- 'to' has already been initialized (if not, use mp_init_copy()
- instead). If 'from' and 'to' are identical, nothing happens.
- */
-
-mp_err mp_copy(const mp_int *from, mp_int *to)
-{
- ARGCHK(from != NULL && to != NULL, MP_BADARG);
-
- if(from == to)
- return MP_OKAY;
-
- ++mp_copies;
- { /* copy */
- mp_digit *tmp;
-
- /*
- If the allocated buffer in 'to' already has enough space to hold
- all the used digits of 'from', we'll re-use it to avoid hitting
- the memory allocater more than necessary; otherwise, we'd have
- to grow anyway, so we just allocate a hunk and make the copy as
- usual
- */
- if(ALLOC(to) >= USED(from)) {
- s_mp_setz(DIGITS(to) + USED(from), ALLOC(to) - USED(from));
- s_mp_copy(DIGITS(from), DIGITS(to), USED(from));
-
- } else {
- if((tmp = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- s_mp_copy(DIGITS(from), tmp, USED(from));
-
- if(DIGITS(to) != NULL) {
-#if MP_CRYPTO
- s_mp_setz(DIGITS(to), ALLOC(to));
-#endif
- s_mp_free(DIGITS(to));
- }
-
- DIGITS(to) = tmp;
- ALLOC(to) = ALLOC(from);
- }
-
- /* Copy the precision and sign from the original */
- USED(to) = USED(from);
- SIGN(to) = SIGN(from);
- } /* end copy */
-
- return MP_OKAY;
-
-} /* end mp_copy() */
-
-/* }}} */
-
-/* {{{ mp_exch(mp1, mp2) */
-
-/*
- mp_exch(mp1, mp2)
-
- Exchange mp1 and mp2 without allocating any intermediate memory
- (well, unless you count the stack space needed for this call and the
- locals it creates...). This cannot fail.
- */
-
-void mp_exch(mp_int *mp1, mp_int *mp2)
-{
-#if MP_ARGCHK == 2
- assert(mp1 != NULL && mp2 != NULL);
-#else
- if(mp1 == NULL || mp2 == NULL)
- return;
-#endif
-
- s_mp_exch(mp1, mp2);
-
-} /* end mp_exch() */
-
-/* }}} */
-
-/* {{{ mp_clear(mp) */
-
-/*
- mp_clear(mp)
-
- Release the storage used by an mp_int, and void its fields so that
- if someone calls mp_clear() again for the same int later, we won't
- get tollchocked.
- */
-
-void mp_clear(mp_int *mp)
-{
- if(mp == NULL)
- return;
-
- if(DIGITS(mp) != NULL) {
-#if MP_CRYPTO
- s_mp_setz(DIGITS(mp), ALLOC(mp));
-#endif
- s_mp_free(DIGITS(mp));
- DIGITS(mp) = NULL;
- }
-
- USED(mp) = 0;
- ALLOC(mp) = 0;
-
-} /* end mp_clear() */
-
-/* }}} */
-
-/* {{{ mp_zero(mp) */
-
-/*
- mp_zero(mp)
-
- Set mp to zero. Does not change the allocated size of the structure,
- and therefore cannot fail (except on a bad argument, which we ignore)
- */
-void mp_zero(mp_int *mp)
-{
- if(mp == NULL)
- return;
-
- s_mp_setz(DIGITS(mp), ALLOC(mp));
- USED(mp) = 1;
- SIGN(mp) = ZPOS;
-
-} /* end mp_zero() */
-
-/* }}} */
-
-/* {{{ mp_set(mp, d) */
-
-void mp_set(mp_int *mp, mp_digit d)
-{
- if(mp == NULL)
- return;
-
- mp_zero(mp);
- DIGIT(mp, 0) = d;
-
-} /* end mp_set() */
-
-/* }}} */
-
-/* {{{ mp_set_int(mp, z) */
-
-mp_err mp_set_int(mp_int *mp, long z)
-{
- int ix;
- unsigned long v = labs(z);
- mp_err res;
-
- ARGCHK(mp != NULL, MP_BADARG);
-
- mp_zero(mp);
- if(z == 0)
- return MP_OKAY; /* shortcut for zero */
-
- if (sizeof v <= sizeof(mp_digit)) {
- DIGIT(mp,0) = v;
- } else {
- for (ix = sizeof(long) - 1; ix >= 0; ix--) {
- if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
- return res;
-
- res = s_mp_add_d(mp, (mp_digit)((v >> (ix * CHAR_BIT)) & UCHAR_MAX));
- if (res != MP_OKAY)
- return res;
- }
- }
- if(z < 0)
- SIGN(mp) = NEG;
-
- return MP_OKAY;
-
-} /* end mp_set_int() */
-
-/* }}} */
-
-/* {{{ mp_set_ulong(mp, z) */
-
-mp_err mp_set_ulong(mp_int *mp, unsigned long z)
-{
- int ix;
- mp_err res;
-
- ARGCHK(mp != NULL, MP_BADARG);
-
- mp_zero(mp);
- if(z == 0)
- return MP_OKAY; /* shortcut for zero */
-
- if (sizeof z <= sizeof(mp_digit)) {
- DIGIT(mp,0) = z;
- } else {
- for (ix = sizeof(long) - 1; ix >= 0; ix--) {
- if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
- return res;
-
- res = s_mp_add_d(mp, (mp_digit)((z >> (ix * CHAR_BIT)) & UCHAR_MAX));
- if (res != MP_OKAY)
- return res;
- }
- }
- return MP_OKAY;
-} /* end mp_set_ulong() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Digit arithmetic */
-
-/* {{{ mp_add_d(a, d, b) */
-
-/*
- mp_add_d(a, d, b)
-
- Compute the sum b = a + d, for a single digit d. Respects the sign of
- its primary addend (single digits are unsigned anyway).
- */
-
-mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b)
-{
- mp_int tmp;
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
-
- if(SIGN(&tmp) == ZPOS) {
- if((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else if(s_mp_cmp_d(&tmp, d) >= 0) {
- if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else {
- mp_neg(&tmp, &tmp);
-
- DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
- }
-
- if(s_mp_cmp_d(&tmp, 0) == 0)
- SIGN(&tmp) = ZPOS;
-
- s_mp_exch(&tmp, b);
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-
-} /* end mp_add_d() */
-
-/* }}} */
-
-/* {{{ mp_sub_d(a, d, b) */
-
-/*
- mp_sub_d(a, d, b)
-
- Compute the difference b = a - d, for a single digit d. Respects the
- sign of its subtrahend (single digits are unsigned anyway).
- */
-
-mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b)
-{
- mp_int tmp;
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
-
- if(SIGN(&tmp) == NEG) {
- if((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else if(s_mp_cmp_d(&tmp, d) >= 0) {
- if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else {
- mp_neg(&tmp, &tmp);
-
- DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
- SIGN(&tmp) = NEG;
- }
-
- if(s_mp_cmp_d(&tmp, 0) == 0)
- SIGN(&tmp) = ZPOS;
-
- s_mp_exch(&tmp, b);
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-
-} /* end mp_sub_d() */
-
-/* }}} */
-
-/* {{{ mp_mul_d(a, d, b) */
-
-/*
- mp_mul_d(a, d, b)
-
- Compute the product b = a * d, for a single digit d. Respects the sign
- of its multiplicand (single digits are unsigned anyway)
- */
-
-mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if(d == 0) {
- mp_zero(b);
- return MP_OKAY;
- }
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- res = s_mp_mul_d(b, d);
-
- return res;
-
-} /* end mp_mul_d() */
-
-/* }}} */
-
-/* {{{ mp_mul_2(a, c) */
-
-mp_err mp_mul_2(const mp_int *a, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_copy(a, c)) != MP_OKAY)
- return res;
-
- return s_mp_mul_2(c);
-
-} /* end mp_mul_2() */
-
-/* }}} */
-
-/* {{{ mp_div_d(a, d, q, r) */
-
-/*
- mp_div_d(a, d, q, r)
-
- Compute the quotient q = a / d and remainder r = a mod d, for a
- single digit d. Respects the sign of its divisor (single digits are
- unsigned anyway).
- */
-
-mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r)
-{
- mp_err res;
- mp_int qp;
- mp_digit rem;
- int pow;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- if(d == 0)
- return MP_RANGE;
-
- /* Shortcut for powers of two ... */
- if((pow = s_mp_ispow2d(d)) >= 0) {
- mp_digit mask;
-
- mask = ((mp_digit)1 << pow) - 1;
- rem = DIGIT(a, 0) & mask;
-
- if(q) {
- mp_copy(a, q);
- s_mp_div_2d(q, pow);
- }
-
- if(r)
- *r = rem;
-
- return MP_OKAY;
- }
-
- if((res = mp_init_copy(&qp, a)) != MP_OKAY)
- return res;
-
- res = s_mp_div_d(&qp, d, &rem);
-
- if(s_mp_cmp_d(&qp, 0) == 0)
- SIGN(q) = ZPOS;
-
- if(r)
- *r = rem;
-
- if(q)
- s_mp_exch(&qp, q);
-
- mp_clear(&qp);
- return res;
-
-} /* end mp_div_d() */
-
-/* }}} */
-
-/* {{{ mp_div_2(a, c) */
-
-/*
- mp_div_2(a, c)
-
- Compute c = a / 2, disregarding the remainder.
- */
-
-mp_err mp_div_2(const mp_int *a, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_copy(a, c)) != MP_OKAY)
- return res;
-
- s_mp_div_2(c);
-
- return MP_OKAY;
-
-} /* end mp_div_2() */
-
-/* }}} */
-
-/* {{{ mp_expt_d(a, d, b) */
-
-mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c)
-{
- mp_int s, x;
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- DIGIT(&s, 0) = 1;
-
- while(d != 0) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d /= 2;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- s_mp_exch(&s, c);
-
-CLEANUP:
- mp_clear(&x);
-X:
- mp_clear(&s);
-
- return res;
-
-} /* end mp_expt_d() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Full arithmetic */
-
-/* {{{ mp_abs(a, b) */
-
-/*
- mp_abs(a, b)
-
- Compute b = |a|. 'a' and 'b' may be identical.
- */
-
-mp_err mp_abs(const mp_int *a, mp_int *b)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- SIGN(b) = ZPOS;
-
- return MP_OKAY;
-
-} /* end mp_abs() */
-
-/* }}} */
-
-/* {{{ mp_neg(a, b) */
-
-/*
- mp_neg(a, b)
-
- Compute b = -a. 'a' and 'b' may be identical.
- */
-
-mp_err mp_neg(const mp_int *a, mp_int *b)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- if(s_mp_cmp_d(b, 0) == MP_EQ)
- SIGN(b) = ZPOS;
- else
- SIGN(b) = (SIGN(b) == NEG) ? ZPOS : NEG;
-
- return MP_OKAY;
-
-} /* end mp_neg() */
-
-/* }}} */
-
-/* {{{ mp_add(a, b, c) */
-
-/*
- mp_add(a, b, c)
-
- Compute c = a + b. All parameters may be identical.
- */
-
-mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(SIGN(a) == SIGN(b)) { /* same sign: add values, keep sign */
- MP_CHECKOK( s_mp_add_3arg(a, b, c) );
- } else if(s_mp_cmp(a, b) >= 0) { /* different sign: |a| >= |b| */
- MP_CHECKOK( s_mp_sub_3arg(a, b, c) );
- } else { /* different sign: |a| < |b| */
- MP_CHECKOK( s_mp_sub_3arg(b, a, c) );
- }
-
- if (s_mp_cmp_d(c, 0) == MP_EQ)
- SIGN(c) = ZPOS;
-
-CLEANUP:
- return res;
-
-} /* end mp_add() */
-
-/* }}} */
-
-/* {{{ mp_sub(a, b, c) */
-
-/*
- mp_sub(a, b, c)
-
- Compute c = a - b. All parameters may be identical.
- */
-
-mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_err res;
- int magDiff;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (a == b) {
- mp_zero(c);
- return MP_OKAY;
- }
-
- if (MP_SIGN(a) != MP_SIGN(b)) {
- MP_CHECKOK( s_mp_add_3arg(a, b, c) );
- } else if (!(magDiff = s_mp_cmp(a, b))) {
- mp_zero(c);
- res = MP_OKAY;
- } else if (magDiff > 0) {
- MP_CHECKOK( s_mp_sub_3arg(a, b, c) );
- } else {
- MP_CHECKOK( s_mp_sub_3arg(b, a, c) );
- MP_SIGN(c) = !MP_SIGN(a);
- }
-
- if (s_mp_cmp_d(c, 0) == MP_EQ)
- MP_SIGN(c) = MP_ZPOS;
-
-CLEANUP:
- return res;
-
-} /* end mp_sub() */
-
-/* }}} */
-
-/* {{{ mp_mul(a, b, c) */
-
-/*
- mp_mul(a, b, c)
-
- Compute c = a * b. All parameters may be identical.
- */
-mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int * c)
-{
- mp_digit *pb;
- mp_int tmp;
- mp_err res;
- mp_size ib;
- mp_size useda, usedb;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (a == c) {
- if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
- if (a == b)
- b = &tmp;
- a = &tmp;
- } else if (b == c) {
- if ((res = mp_init_copy(&tmp, b)) != MP_OKAY)
- return res;
- b = &tmp;
- } else {
- MP_DIGITS(&tmp) = 0;
- }
-
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = b; /* switch a and b, to do fewer outer loops */
- b = a;
- a = xch;
- }
-
- MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
- if((res = s_mp_pad(c, USED(a) + USED(b))) != MP_OKAY)
- goto CLEANUP;
-
- pb = MP_DIGITS(b);
- s_mpv_mul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c));
-
- /* Outer loop: Digits of b */
- useda = MP_USED(a);
- usedb = MP_USED(b);
- for (ib = 1; ib < usedb; ib++) {
- mp_digit b_i = *pb++;
-
- /* Inner product: Digits of a */
- if (b_i)
- s_mpv_mul_d_add(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
- else
- MP_DIGIT(c, ib + useda) = b_i;
- }
-
- s_mp_clamp(c);
-
- if(SIGN(a) == SIGN(b) || s_mp_cmp_d(c, 0) == MP_EQ)
- SIGN(c) = ZPOS;
- else
- SIGN(c) = NEG;
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-} /* end mp_mul() */
-
-/* }}} */
-
-/* {{{ mp_sqr(a, sqr) */
-
-#if MP_SQUARE
-/*
- Computes the square of a. This can be done more
- efficiently than a general multiplication, because many of the
- computation steps are redundant when squaring. The inner product
- step is a bit more complicated, but we save a fair number of
- iterations of the multiplication loop.
- */
-
-/* sqr = a^2; Caller provides both a and tmp; */
-mp_err mp_sqr(const mp_int *a, mp_int *sqr)
-{
- mp_digit *pa;
- mp_digit d;
- mp_err res;
- mp_size ix;
- mp_int tmp;
- int count;
-
- ARGCHK(a != NULL && sqr != NULL, MP_BADARG);
-
- if (a == sqr) {
- if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
- a = &tmp;
- } else {
- DIGITS(&tmp) = 0;
- res = MP_OKAY;
- }
-
- ix = 2 * MP_USED(a);
- if (ix > MP_ALLOC(sqr)) {
- MP_USED(sqr) = 1;
- MP_CHECKOK( s_mp_grow(sqr, ix) );
- }
- MP_USED(sqr) = ix;
- MP_DIGIT(sqr, 0) = 0;
-
- pa = MP_DIGITS(a);
- count = MP_USED(a) - 1;
- if (count > 0) {
- d = *pa++;
- s_mpv_mul_d(pa, count, d, MP_DIGITS(sqr) + 1);
- for (ix = 3; --count > 0; ix += 2) {
- d = *pa++;
- s_mpv_mul_d_add(pa, count, d, MP_DIGITS(sqr) + ix);
- } /* for(ix ...) */
- MP_DIGIT(sqr, MP_USED(sqr)-1) = 0; /* above loop stopped short of this. */
-
- /* now sqr *= 2 */
- s_mp_mul_2(sqr);
- } else {
- MP_DIGIT(sqr, 1) = 0;
- }
-
- /* now add the squares of the digits of a to sqr. */
- s_mpv_sqr_add_prop(MP_DIGITS(a), MP_USED(a), MP_DIGITS(sqr));
-
- SIGN(sqr) = ZPOS;
- s_mp_clamp(sqr);
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-
-} /* end mp_sqr() */
-#endif
-
-/* }}} */
-
-/* {{{ mp_div(a, b, q, r) */
-
-/*
- mp_div(a, b, q, r)
-
- Compute q = a / b and r = a mod b. Input parameters may be re-used
- as output parameters. If q or r is NULL, that portion of the
- computation will be discarded (although it will still be computed)
- */
-mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r)
-{
- mp_err res;
- mp_int *pQ, *pR;
- mp_int qtmp, rtmp, btmp;
- int cmp;
- mp_sign signA = MP_SIGN(a);
- mp_sign signB = MP_SIGN(b);
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if(mp_cmp_z(b) == MP_EQ)
- return MP_RANGE;
-
- DIGITS(&qtmp) = 0;
- DIGITS(&rtmp) = 0;
- DIGITS(&btmp) = 0;
-
- /* Set up some temporaries... */
- if (!r || r == a || r == b) {
- MP_CHECKOK( mp_init_copy(&rtmp, a) );
- pR = &rtmp;
- } else {
- MP_CHECKOK( mp_copy(a, r) );
- pR = r;
- }
-
- if (!q || q == a || q == b) {
- MP_CHECKOK( mp_init_size(&qtmp, MP_USED(a)) );
- pQ = &qtmp;
- } else {
- MP_CHECKOK( s_mp_pad(q, MP_USED(a)) );
- pQ = q;
- mp_zero(pQ);
- }
-
- /*
- If |a| <= |b|, we can compute the solution without division;
- otherwise, we actually do the work required.
- */
- if ((cmp = s_mp_cmp(a, b)) <= 0) {
- if (cmp) {
- /* r was set to a above. */
- mp_zero(pQ);
- } else {
- mp_set(pQ, 1);
- mp_zero(pR);
- }
- } else {
- MP_CHECKOK( mp_init_copy(&btmp, b) );
- MP_CHECKOK( s_mp_div(pR, &btmp, pQ) );
- }
-
- /* Compute the signs for the output */
- MP_SIGN(pR) = signA; /* Sr = Sa */
- /* Sq = ZPOS if Sa == Sb */ /* Sq = NEG if Sa != Sb */
- MP_SIGN(pQ) = (signA == signB) ? ZPOS : NEG;
-
- if(s_mp_cmp_d(pQ, 0) == MP_EQ)
- SIGN(pQ) = ZPOS;
- if(s_mp_cmp_d(pR, 0) == MP_EQ)
- SIGN(pR) = ZPOS;
-
- /* Copy output, if it is needed */
- if(q && q != pQ)
- s_mp_exch(pQ, q);
-
- if(r && r != pR)
- s_mp_exch(pR, r);
-
-CLEANUP:
- mp_clear(&btmp);
- mp_clear(&rtmp);
- mp_clear(&qtmp);
-
- return res;
-
-} /* end mp_div() */
-
-/* }}} */
-
-/* {{{ mp_div_2d(a, d, q, r) */
-
-mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r)
-{
- mp_err res;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- if(q) {
- if((res = mp_copy(a, q)) != MP_OKAY)
- return res;
- }
- if(r) {
- if((res = mp_copy(a, r)) != MP_OKAY)
- return res;
- }
- if(q) {
- s_mp_div_2d(q, d);
- }
- if(r) {
- s_mp_mod_2d(r, d);
- }
-
- return MP_OKAY;
-
-} /* end mp_div_2d() */
-
-/* }}} */
-
-/* {{{ mp_expt(a, b, c) */
-
-/*
- mp_expt(a, b, c)
-
- Compute c = a ** b, that is, raise a to the b power. Uses a
- standard iterative square-and-multiply technique.
- */
-
-mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int s, x;
- mp_err res;
- mp_digit d;
- int dig, bit;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(mp_cmp_z(b) < 0)
- return MP_RANGE;
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
-
- mp_set(&s, 1);
-
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- /* Loop over low-order digits in ascending order */
- for(dig = 0; dig < (USED(b) - 1); dig++) {
- d = DIGIT(b, dig);
-
- /* Loop over bits of each non-maximal digit */
- for(bit = 0; bit < DIGIT_BIT; bit++) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- }
- }
-
- /* Consider now the last digit... */
- d = DIGIT(b, dig);
-
- while(d) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- if(mp_iseven(b))
- SIGN(&s) = SIGN(a);
-
- res = mp_copy(&s, c);
-
-CLEANUP:
- mp_clear(&x);
-X:
- mp_clear(&s);
-
- return res;
-
-} /* end mp_expt() */
-
-/* }}} */
-
-/* {{{ mp_2expt(a, k) */
-
-/* Compute a = 2^k */
-
-mp_err mp_2expt(mp_int *a, mp_digit k)
-{
- ARGCHK(a != NULL, MP_BADARG);
-
- return s_mp_2expt(a, k);
-
-} /* end mp_2expt() */
-
-/* }}} */
-
-/* {{{ mp_mod(a, m, c) */
-
-/*
- mp_mod(a, m, c)
-
- Compute c = a (mod m). Result will always be 0 <= c < m.
- */
-
-mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_err res;
- int mag;
-
- ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if(SIGN(m) == NEG)
- return MP_RANGE;
-
- /*
- If |a| > m, we need to divide to get the remainder and take the
- absolute value.
-
- If |a| < m, we don't need to do any division, just copy and adjust
- the sign (if a is negative).
-
- If |a| == m, we can simply set the result to zero.
-
- This order is intended to minimize the average path length of the
- comparison chain on common workloads -- the most frequent cases are
- that |a| != m, so we do those first.
- */
- if((mag = s_mp_cmp(a, m)) > 0) {
- if((res = mp_div(a, m, NULL, c)) != MP_OKAY)
- return res;
-
- if(SIGN(c) == NEG) {
- if((res = mp_add(c, m, c)) != MP_OKAY)
- return res;
- }
-
- } else if(mag < 0) {
- if((res = mp_copy(a, c)) != MP_OKAY)
- return res;
-
- if(mp_cmp_z(a) < 0) {
- if((res = mp_add(c, m, c)) != MP_OKAY)
- return res;
-
- }
-
- } else {
- mp_zero(c);
-
- }
-
- return MP_OKAY;
-
-} /* end mp_mod() */
-
-/* }}} */
-
-/* {{{ mp_mod_d(a, d, c) */
-
-/*
- mp_mod_d(a, d, c)
-
- Compute c = a (mod d). Result will always be 0 <= c < d
- */
-mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c)
-{
- mp_err res;
- mp_digit rem;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if(s_mp_cmp_d(a, d) > 0) {
- if((res = mp_div_d(a, d, NULL, &rem)) != MP_OKAY)
- return res;
-
- } else {
- if(SIGN(a) == NEG)
- rem = d - DIGIT(a, 0);
- else
- rem = DIGIT(a, 0);
- }
-
- if(c)
- *c = rem;
-
- return MP_OKAY;
-
-} /* end mp_mod_d() */
-
-/* }}} */
-
-/* {{{ mp_sqrt(a, b) */
-
-/*
- mp_sqrt(a, b)
-
- Compute the integer square root of a, and store the result in b.
- Uses an integer-arithmetic version of Newton's iterative linear
- approximation technique to determine this value; the result has the
- following two properties:
-
- b^2 <= a
- (b+1)^2 >= a
-
- It is a range error to pass a negative value.
- */
-mp_err mp_sqrt(const mp_int *a, mp_int *b)
-{
- mp_int x, t;
- mp_err res;
- mp_size used;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- /* Cannot take square root of a negative value */
- if(SIGN(a) == NEG)
- return MP_RANGE;
-
- /* Special cases for zero and one, trivial */
- if(mp_cmp_d(a, 1) <= 0)
- return mp_copy(a, b);
-
- /* Initialize the temporaries we'll use below */
- if((res = mp_init_size(&t, USED(a))) != MP_OKAY)
- return res;
-
- /* Compute an initial guess for the iteration as a itself */
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- used = MP_USED(&x);
- if (used > 1) {
- s_mp_rshd(&x, used / 2);
- }
-
- for(;;) {
- /* t = (x * x) - a */
- mp_copy(&x, &t); /* can't fail, t is big enough for original x */
- if((res = mp_sqr(&t, &t)) != MP_OKAY ||
- (res = mp_sub(&t, a, &t)) != MP_OKAY)
- goto CLEANUP;
-
- /* t = t / 2x */
- s_mp_mul_2(&x);
- if((res = mp_div(&t, &x, &t, NULL)) != MP_OKAY)
- goto CLEANUP;
- s_mp_div_2(&x);
-
- /* Terminate the loop, if the quotient is zero */
- if(mp_cmp_z(&t) == MP_EQ)
- break;
-
- /* x = x - t */
- if((res = mp_sub(&x, &t, &x)) != MP_OKAY)
- goto CLEANUP;
-
- }
-
- /* Copy result to output parameter */
- mp_sub_d(&x, 1, &x);
- s_mp_exch(&x, b);
-
- CLEANUP:
- mp_clear(&x);
- X:
- mp_clear(&t);
-
- return res;
-
-} /* end mp_sqrt() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Modular arithmetic */
-
-#if MP_MODARITH
-/* {{{ mp_addmod(a, b, m, c) */
-
-/*
- mp_addmod(a, b, m, c)
-
- Compute c = (a + b) mod m
- */
-
-mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_add(a, b, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_submod(a, b, m, c) */
-
-/*
- mp_submod(a, b, m, c)
-
- Compute c = (a - b) mod m
- */
-
-mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_sub(a, b, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_mulmod(a, b, m, c) */
-
-/*
- mp_mulmod(a, b, m, c)
-
- Compute c = (a * b) mod m
- */
-
-mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_mul(a, b, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_sqrmod(a, m, c) */
-
-#if MP_SQUARE
-mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_sqr(a, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-} /* end mp_sqrmod() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_exptmod(a, b, m, c) */
-
-/*
- s_mp_exptmod(a, b, m, c)
-
- Compute c = (a ** b) mod m. Uses a standard square-and-multiply
- method with modular reductions at each step. (This is basically the
- same code as mp_expt(), except for the addition of the reductions)
-
- The modular reductions are done using Barrett's algorithm (see
- s_mp_reduce() below for details)
- */
-
-mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_int s, x, mu;
- mp_err res;
- mp_digit d;
- int dig, bit;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(mp_cmp_z(b) < 0 || mp_cmp_z(m) <= 0)
- return MP_RANGE;
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&x, a)) != MP_OKAY ||
- (res = mp_mod(&x, m, &x)) != MP_OKAY)
- goto X;
- if((res = mp_init(&mu)) != MP_OKAY)
- goto MU;
-
- mp_set(&s, 1);
-
- /* mu = b^2k / m */
- s_mp_add_d(&mu, 1);
- s_mp_lshd(&mu, 2 * USED(m));
- if((res = mp_div(&mu, m, &mu, NULL)) != MP_OKAY)
- goto CLEANUP;
-
- /* Loop over digits of b in ascending order, except highest order */
- for(dig = 0; dig < (USED(b) - 1); dig++) {
- d = DIGIT(b, dig);
-
- /* Loop over the bits of the lower-order digits */
- for(bit = 0; bit < DIGIT_BIT; bit++) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
- }
-
- /* Now do the last digit... */
- d = DIGIT(b, dig);
-
- while(d) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
-
- s_mp_exch(&s, c);
-
- CLEANUP:
- mp_clear(&mu);
- MU:
- mp_clear(&x);
- X:
- mp_clear(&s);
-
- return res;
-
-} /* end s_mp_exptmod() */
-
-/* }}} */
-
-/* {{{ mp_exptmod_d(a, d, m, c) */
-
-mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c)
-{
- mp_int s, x;
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- mp_set(&s, 1);
-
- while(d != 0) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY ||
- (res = mp_mod(&s, m, &s)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d /= 2;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY ||
- (res = mp_mod(&x, m, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- s_mp_exch(&s, c);
-
-CLEANUP:
- mp_clear(&x);
-X:
- mp_clear(&s);
-
- return res;
-
-} /* end mp_exptmod_d() */
-
-/* }}} */
-#endif /* if MP_MODARITH */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Comparison functions */
-
-/* {{{ mp_cmp_z(a) */
-
-/*
- mp_cmp_z(a)
-
- Compare a <=> 0. Returns <0 if a<0, 0 if a=0, >0 if a>0.
- */
-
-int mp_cmp_z(const mp_int *a)
-{
- if(SIGN(a) == NEG)
- return MP_LT;
- else if(USED(a) == 1 && DIGIT(a, 0) == 0)
- return MP_EQ;
- else
- return MP_GT;
-
-} /* end mp_cmp_z() */
-
-/* }}} */
-
-/* {{{ mp_cmp_d(a, d) */
-
-/*
- mp_cmp_d(a, d)
-
- Compare a <=> d. Returns <0 if a<d, 0 if a=d, >0 if a>d
- */
-
-int mp_cmp_d(const mp_int *a, mp_digit d)
-{
- ARGCHK(a != NULL, MP_EQ);
-
- if(SIGN(a) == NEG)
- return MP_LT;
-
- return s_mp_cmp_d(a, d);
-
-} /* end mp_cmp_d() */
-
-/* }}} */
-
-/* {{{ mp_cmp(a, b) */
-
-int mp_cmp(const mp_int *a, const mp_int *b)
-{
- ARGCHK(a != NULL && b != NULL, MP_EQ);
-
- if(SIGN(a) == SIGN(b)) {
- int mag;
-
- if((mag = s_mp_cmp(a, b)) == MP_EQ)
- return MP_EQ;
-
- if(SIGN(a) == ZPOS)
- return mag;
- else
- return -mag;
-
- } else if(SIGN(a) == ZPOS) {
- return MP_GT;
- } else {
- return MP_LT;
- }
-
-} /* end mp_cmp() */
-
-/* }}} */
-
-/* {{{ mp_cmp_mag(a, b) */
-
-/*
- mp_cmp_mag(a, b)
-
- Compares |a| <=> |b|, and returns an appropriate comparison result
- */
-
-int mp_cmp_mag(mp_int *a, mp_int *b)
-{
- ARGCHK(a != NULL && b != NULL, MP_EQ);
-
- return s_mp_cmp(a, b);
-
-} /* end mp_cmp_mag() */
-
-/* }}} */
-
-/* {{{ mp_cmp_int(a, z) */
-
-/*
- This just converts z to an mp_int, and uses the existing comparison
- routines. This is sort of inefficient, but it's not clear to me how
- frequently this wil get used anyway. For small positive constants,
- you can always use mp_cmp_d(), and for zero, there is mp_cmp_z().
- */
-int mp_cmp_int(const mp_int *a, long z)
-{
- mp_int tmp;
- int out;
-
- ARGCHK(a != NULL, MP_EQ);
-
- mp_init(&tmp); mp_set_int(&tmp, z);
- out = mp_cmp(a, &tmp);
- mp_clear(&tmp);
-
- return out;
-
-} /* end mp_cmp_int() */
-
-/* }}} */
-
-/* {{{ mp_isodd(a) */
-
-/*
- mp_isodd(a)
-
- Returns a true (non-zero) value if a is odd, false (zero) otherwise.
- */
-int mp_isodd(const mp_int *a)
-{
- ARGCHK(a != NULL, 0);
-
- return (int)(DIGIT(a, 0) & 1);
-
-} /* end mp_isodd() */
-
-/* }}} */
-
-/* {{{ mp_iseven(a) */
-
-int mp_iseven(const mp_int *a)
-{
- return !mp_isodd(a);
-
-} /* end mp_iseven() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Number theoretic functions */
-
-#if MP_NUMTH
-/* {{{ mp_gcd(a, b, c) */
-
-/*
- Like the old mp_gcd() function, except computes the GCD using the
- binary algorithm due to Josef Stein in 1961 (via Knuth).
- */
-mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_err res;
- mp_int u, v, t;
- mp_size k = 0;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(mp_cmp_z(a) == MP_EQ && mp_cmp_z(b) == MP_EQ)
- return MP_RANGE;
- if(mp_cmp_z(a) == MP_EQ) {
- return mp_copy(b, c);
- } else if(mp_cmp_z(b) == MP_EQ) {
- return mp_copy(a, c);
- }
-
- if((res = mp_init(&t)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&u, a)) != MP_OKAY)
- goto U;
- if((res = mp_init_copy(&v, b)) != MP_OKAY)
- goto V;
-
- SIGN(&u) = ZPOS;
- SIGN(&v) = ZPOS;
-
- /* Divide out common factors of 2 until at least 1 of a, b is even */
- while(mp_iseven(&u) && mp_iseven(&v)) {
- s_mp_div_2(&u);
- s_mp_div_2(&v);
- ++k;
- }
-
- /* Initialize t */
- if(mp_isodd(&u)) {
- if((res = mp_copy(&v, &t)) != MP_OKAY)
- goto CLEANUP;
-
- /* t = -v */
- if(SIGN(&v) == ZPOS)
- SIGN(&t) = NEG;
- else
- SIGN(&t) = ZPOS;
-
- } else {
- if((res = mp_copy(&u, &t)) != MP_OKAY)
- goto CLEANUP;
-
- }
-
- for(;;) {
- while(mp_iseven(&t)) {
- s_mp_div_2(&t);
- }
-
- if(mp_cmp_z(&t) == MP_GT) {
- if((res = mp_copy(&t, &u)) != MP_OKAY)
- goto CLEANUP;
-
- } else {
- if((res = mp_copy(&t, &v)) != MP_OKAY)
- goto CLEANUP;
-
- /* v = -t */
- if(SIGN(&t) == ZPOS)
- SIGN(&v) = NEG;
- else
- SIGN(&v) = ZPOS;
- }
-
- if((res = mp_sub(&u, &v, &t)) != MP_OKAY)
- goto CLEANUP;
-
- if(s_mp_cmp_d(&t, 0) == MP_EQ)
- break;
- }
-
- s_mp_2expt(&v, k); /* v = 2^k */
- res = mp_mul(&u, &v, c); /* c = u * v */
-
- CLEANUP:
- mp_clear(&v);
- V:
- mp_clear(&u);
- U:
- mp_clear(&t);
-
- return res;
-
-} /* end mp_gcd() */
-
-/* }}} */
-
-/* {{{ mp_lcm(a, b, c) */
-
-/* We compute the least common multiple using the rule:
-
- ab = [a, b](a, b)
-
- ... by computing the product, and dividing out the gcd.
- */
-
-mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int gcd, prod;
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- /* Set up temporaries */
- if((res = mp_init(&gcd)) != MP_OKAY)
- return res;
- if((res = mp_init(&prod)) != MP_OKAY)
- goto GCD;
-
- if((res = mp_mul(a, b, &prod)) != MP_OKAY)
- goto CLEANUP;
- if((res = mp_gcd(a, b, &gcd)) != MP_OKAY)
- goto CLEANUP;
-
- res = mp_div(&prod, &gcd, c, NULL);
-
- CLEANUP:
- mp_clear(&prod);
- GCD:
- mp_clear(&gcd);
-
- return res;
-
-} /* end mp_lcm() */
-
-/* }}} */
-
-/* {{{ mp_xgcd(a, b, g, x, y) */
-
-/*
- mp_xgcd(a, b, g, x, y)
-
- Compute g = (a, b) and values x and y satisfying Bezout's identity
- (that is, ax + by = g). This uses the binary extended GCD algorithm
- based on the Stein algorithm used for mp_gcd()
- See algorithm 14.61 in Handbook of Applied Cryptogrpahy.
- */
-
-mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y)
-{
- mp_int gx, xc, yc, u, v, A, B, C, D;
- mp_int *clean[9];
- mp_err res;
- int last = -1;
-
- if(mp_cmp_z(b) == 0)
- return MP_RANGE;
-
- /* Initialize all these variables we need */
- MP_CHECKOK( mp_init(&u) );
- clean[++last] = &u;
- MP_CHECKOK( mp_init(&v) );
- clean[++last] = &v;
- MP_CHECKOK( mp_init(&gx) );
- clean[++last] = &gx;
- MP_CHECKOK( mp_init(&A) );
- clean[++last] = &A;
- MP_CHECKOK( mp_init(&B) );
- clean[++last] = &B;
- MP_CHECKOK( mp_init(&C) );
- clean[++last] = &C;
- MP_CHECKOK( mp_init(&D) );
- clean[++last] = &D;
- MP_CHECKOK( mp_init_copy(&xc, a) );
- clean[++last] = &xc;
- mp_abs(&xc, &xc);
- MP_CHECKOK( mp_init_copy(&yc, b) );
- clean[++last] = &yc;
- mp_abs(&yc, &yc);
-
- mp_set(&gx, 1);
-
- /* Divide by two until at least one of them is odd */
- while(mp_iseven(&xc) && mp_iseven(&yc)) {
- mp_size nx = mp_trailing_zeros(&xc);
- mp_size ny = mp_trailing_zeros(&yc);
- mp_size n = MP_MIN(nx, ny);
- s_mp_div_2d(&xc,n);
- s_mp_div_2d(&yc,n);
- MP_CHECKOK( s_mp_mul_2d(&gx,n) );
- }
-
- mp_copy(&xc, &u);
- mp_copy(&yc, &v);
- mp_set(&A, 1); mp_set(&D, 1);
-
- /* Loop through binary GCD algorithm */
- do {
- while(mp_iseven(&u)) {
- s_mp_div_2(&u);
-
- if(mp_iseven(&A) && mp_iseven(&B)) {
- s_mp_div_2(&A); s_mp_div_2(&B);
- } else {
- MP_CHECKOK( mp_add(&A, &yc, &A) );
- s_mp_div_2(&A);
- MP_CHECKOK( mp_sub(&B, &xc, &B) );
- s_mp_div_2(&B);
- }
- }
-
- while(mp_iseven(&v)) {
- s_mp_div_2(&v);
-
- if(mp_iseven(&C) && mp_iseven(&D)) {
- s_mp_div_2(&C); s_mp_div_2(&D);
- } else {
- MP_CHECKOK( mp_add(&C, &yc, &C) );
- s_mp_div_2(&C);
- MP_CHECKOK( mp_sub(&D, &xc, &D) );
- s_mp_div_2(&D);
- }
- }
-
- if(mp_cmp(&u, &v) >= 0) {
- MP_CHECKOK( mp_sub(&u, &v, &u) );
- MP_CHECKOK( mp_sub(&A, &C, &A) );
- MP_CHECKOK( mp_sub(&B, &D, &B) );
- } else {
- MP_CHECKOK( mp_sub(&v, &u, &v) );
- MP_CHECKOK( mp_sub(&C, &A, &C) );
- MP_CHECKOK( mp_sub(&D, &B, &D) );
- }
- } while (mp_cmp_z(&u) != 0);
-
- /* copy results to output */
- if(x)
- MP_CHECKOK( mp_copy(&C, x) );
-
- if(y)
- MP_CHECKOK( mp_copy(&D, y) );
-
- if(g)
- MP_CHECKOK( mp_mul(&gx, &v, g) );
-
- CLEANUP:
- while(last >= 0)
- mp_clear(clean[last--]);
-
- return res;
-
-} /* end mp_xgcd() */
-
-/* }}} */
-
-mp_size mp_trailing_zeros(const mp_int *mp)
-{
- mp_digit d;
- mp_size n = 0;
- int ix;
-
- if (!mp || !MP_DIGITS(mp) || !mp_cmp_z(mp))
- return n;
-
- for (ix = 0; !(d = MP_DIGIT(mp,ix)) && (ix < MP_USED(mp)); ++ix)
- n += MP_DIGIT_BIT;
- if (!d)
- return 0; /* shouldn't happen, but ... */
-#if !defined(MP_USE_UINT_DIGIT)
- if (!(d & 0xffffffffU)) {
- d >>= 32;
- n += 32;
- }
-#endif
- if (!(d & 0xffffU)) {
- d >>= 16;
- n += 16;
- }
- if (!(d & 0xffU)) {
- d >>= 8;
- n += 8;
- }
- if (!(d & 0xfU)) {
- d >>= 4;
- n += 4;
- }
- if (!(d & 0x3U)) {
- d >>= 2;
- n += 2;
- }
- if (!(d & 0x1U)) {
- d >>= 1;
- n += 1;
- }
-#if MP_ARGCHK == 2
- assert(0 != (d & 1));
-#endif
- return n;
-}
-
-/* Given a and prime p, computes c and k such that a*c == 2**k (mod p).
-** Returns k (positive) or error (negative).
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_err s_mp_almost_inverse(const mp_int *a, const mp_int *p, mp_int *c)
-{
- mp_err res;
- mp_err k = 0;
- mp_int d, f, g;
-
- ARGCHK(a && p && c, MP_BADARG);
-
- MP_DIGITS(&d) = 0;
- MP_DIGITS(&f) = 0;
- MP_DIGITS(&g) = 0;
- MP_CHECKOK( mp_init(&d) );
- MP_CHECKOK( mp_init_copy(&f, a) ); /* f = a */
- MP_CHECKOK( mp_init_copy(&g, p) ); /* g = p */
-
- mp_set(c, 1);
- mp_zero(&d);
-
- if (mp_cmp_z(&f) == 0) {
- res = MP_UNDEF;
- } else
- for (;;) {
- int diff_sign;
- while (mp_iseven(&f)) {
- mp_size n = mp_trailing_zeros(&f);
- if (!n) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
- s_mp_div_2d(&f, n);
- MP_CHECKOK( s_mp_mul_2d(&d, n) );
- k += n;
- }
- if (mp_cmp_d(&f, 1) == MP_EQ) { /* f == 1 */
- res = k;
- break;
- }
- diff_sign = mp_cmp(&f, &g);
- if (diff_sign < 0) { /* f < g */
- s_mp_exch(&f, &g);
- s_mp_exch(c, &d);
- } else if (diff_sign == 0) { /* f == g */
- res = MP_UNDEF; /* a and p are not relatively prime */
- break;
- }
- if ((MP_DIGIT(&f,0) % 4) == (MP_DIGIT(&g,0) % 4)) {
- MP_CHECKOK( mp_sub(&f, &g, &f) ); /* f = f - g */
- MP_CHECKOK( mp_sub(c, &d, c) ); /* c = c - d */
- } else {
- MP_CHECKOK( mp_add(&f, &g, &f) ); /* f = f + g */
- MP_CHECKOK( mp_add(c, &d, c) ); /* c = c + d */
- }
- }
- if (res >= 0) {
- while (MP_SIGN(c) != MP_ZPOS) {
- MP_CHECKOK( mp_add(c, p, c) );
- }
- res = k;
- }
-
-CLEANUP:
- mp_clear(&d);
- mp_clear(&f);
- mp_clear(&g);
- return res;
-}
-
-/* Compute T = (P ** -1) mod MP_RADIX. Also works for 16-bit mp_digits.
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_digit s_mp_invmod_radix(mp_digit P)
-{
- mp_digit T = P;
- T *= 2 - (P * T);
- T *= 2 - (P * T);
- T *= 2 - (P * T);
- T *= 2 - (P * T);
-#if !defined(MP_USE_UINT_DIGIT)
- T *= 2 - (P * T);
- T *= 2 - (P * T);
-#endif
- return T;
-}
-
-/* Given c, k, and prime p, where a*c == 2**k (mod p),
-** Compute x = (a ** -1) mod p. This is similar to Montgomery reduction.
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_err s_mp_fixup_reciprocal(const mp_int *c, const mp_int *p, int k, mp_int *x)
-{
- int k_orig = k;
- mp_digit r;
- mp_size ix;
- mp_err res;
-
- if (mp_cmp_z(c) < 0) { /* c < 0 */
- MP_CHECKOK( mp_add(c, p, x) ); /* x = c + p */
- } else {
- MP_CHECKOK( mp_copy(c, x) ); /* x = c */
- }
-
- /* make sure x is large enough */
- ix = MP_HOWMANY(k, MP_DIGIT_BIT) + MP_USED(p) + 1;
- ix = MP_MAX(ix, MP_USED(x));
- MP_CHECKOK( s_mp_pad(x, ix) );
-
- r = 0 - s_mp_invmod_radix(MP_DIGIT(p,0));
-
- for (ix = 0; k > 0; ix++) {
- int j = MP_MIN(k, MP_DIGIT_BIT);
- mp_digit v = r * MP_DIGIT(x, ix);
- if (j < MP_DIGIT_BIT) {
- v &= ((mp_digit)1 << j) - 1; /* v = v mod (2 ** j) */
- }
- s_mp_mul_d_add_offset(p, v, x, ix); /* x += p * v * (RADIX ** ix) */
- k -= j;
- }
- s_mp_clamp(x);
- s_mp_div_2d(x, k_orig);
- res = MP_OKAY;
-
-CLEANUP:
- return res;
-}
-
-/* compute mod inverse using Schroeppel's method, only if m is odd */
-mp_err s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c)
-{
- int k;
- mp_err res;
- mp_int x;
-
- ARGCHK(a && m && c, MP_BADARG);
-
- if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
- return MP_RANGE;
- if (mp_iseven(m))
- return MP_UNDEF;
-
- MP_DIGITS(&x) = 0;
-
- if (a == c) {
- if ((res = mp_init_copy(&x, a)) != MP_OKAY)
- return res;
- if (a == m)
- m = &x;
- a = &x;
- } else if (m == c) {
- if ((res = mp_init_copy(&x, m)) != MP_OKAY)
- return res;
- m = &x;
- } else {
- MP_DIGITS(&x) = 0;
- }
-
- MP_CHECKOK( s_mp_almost_inverse(a, m, c) );
- k = res;
- MP_CHECKOK( s_mp_fixup_reciprocal(c, m, k, c) );
-CLEANUP:
- mp_clear(&x);
- return res;
-}
-
-/* Known good algorithm for computing modular inverse. But slow. */
-mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_int g, x;
- mp_err res;
-
- ARGCHK(a && m && c, MP_BADARG);
-
- if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
- return MP_RANGE;
-
- MP_DIGITS(&g) = 0;
- MP_DIGITS(&x) = 0;
- MP_CHECKOK( mp_init(&x) );
- MP_CHECKOK( mp_init(&g) );
-
- MP_CHECKOK( mp_xgcd(a, m, &g, &x, NULL) );
-
- if (mp_cmp_d(&g, 1) != MP_EQ) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
-
- res = mp_mod(&x, m, c);
- SIGN(c) = SIGN(a);
-
-CLEANUP:
- mp_clear(&x);
- mp_clear(&g);
-
- return res;
-}
-
-/* modular inverse where modulus is 2**k. */
-/* c = a**-1 mod 2**k */
-mp_err s_mp_invmod_2d(const mp_int *a, mp_size k, mp_int *c)
-{
- mp_err res;
- mp_size ix = k + 4;
- mp_int t0, t1, val, tmp, two2k;
-
- static const mp_digit d2 = 2;
- static const mp_int two = { MP_ZPOS, 1, 1, (mp_digit *)&d2 };
-
- if (mp_iseven(a))
- return MP_UNDEF;
- if (k <= MP_DIGIT_BIT) {
- mp_digit i = s_mp_invmod_radix(MP_DIGIT(a,0));
- if (k < MP_DIGIT_BIT)
- i &= ((mp_digit)1 << k) - (mp_digit)1;
- mp_set(c, i);
- return MP_OKAY;
- }
- MP_DIGITS(&t0) = 0;
- MP_DIGITS(&t1) = 0;
- MP_DIGITS(&val) = 0;
- MP_DIGITS(&tmp) = 0;
- MP_DIGITS(&two2k) = 0;
- MP_CHECKOK( mp_init_copy(&val, a) );
- s_mp_mod_2d(&val, k);
- MP_CHECKOK( mp_init_copy(&t0, &val) );
- MP_CHECKOK( mp_init_copy(&t1, &t0) );
- MP_CHECKOK( mp_init(&tmp) );
- MP_CHECKOK( mp_init(&two2k) );
- MP_CHECKOK( s_mp_2expt(&two2k, k) );
- do {
- MP_CHECKOK( mp_mul(&val, &t1, &tmp) );
- MP_CHECKOK( mp_sub(&two, &tmp, &tmp) );
- MP_CHECKOK( mp_mul(&t1, &tmp, &t1) );
- s_mp_mod_2d(&t1, k);
- while (MP_SIGN(&t1) != MP_ZPOS) {
- MP_CHECKOK( mp_add(&t1, &two2k, &t1) );
- }
- if (mp_cmp(&t1, &t0) == MP_EQ)
- break;
- MP_CHECKOK( mp_copy(&t1, &t0) );
- } while (--ix > 0);
- if (!ix) {
- res = MP_UNDEF;
- } else {
- mp_exch(c, &t1);
- }
-
-CLEANUP:
- mp_clear(&t0);
- mp_clear(&t1);
- mp_clear(&val);
- mp_clear(&tmp);
- mp_clear(&two2k);
- return res;
-}
-
-mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_err res;
- mp_size k;
- mp_int oddFactor, evenFactor; /* factors of the modulus */
- mp_int oddPart, evenPart; /* parts to combine via CRT. */
- mp_int C2, tmp1, tmp2;
-
- /*static const mp_digit d1 = 1; */
- /*static const mp_int one = { MP_ZPOS, 1, 1, (mp_digit *)&d1 }; */
-
- if ((res = s_mp_ispow2(m)) >= 0) {
- k = res;
- return s_mp_invmod_2d(a, k, c);
- }
- MP_DIGITS(&oddFactor) = 0;
- MP_DIGITS(&evenFactor) = 0;
- MP_DIGITS(&oddPart) = 0;
- MP_DIGITS(&evenPart) = 0;
- MP_DIGITS(&C2) = 0;
- MP_DIGITS(&tmp1) = 0;
- MP_DIGITS(&tmp2) = 0;
-
- MP_CHECKOK( mp_init_copy(&oddFactor, m) ); /* oddFactor = m */
- MP_CHECKOK( mp_init(&evenFactor) );
- MP_CHECKOK( mp_init(&oddPart) );
- MP_CHECKOK( mp_init(&evenPart) );
- MP_CHECKOK( mp_init(&C2) );
- MP_CHECKOK( mp_init(&tmp1) );
- MP_CHECKOK( mp_init(&tmp2) );
-
- k = mp_trailing_zeros(m);
- s_mp_div_2d(&oddFactor, k);
- MP_CHECKOK( s_mp_2expt(&evenFactor, k) );
-
- /* compute a**-1 mod oddFactor. */
- MP_CHECKOK( s_mp_invmod_odd_m(a, &oddFactor, &oddPart) );
- /* compute a**-1 mod evenFactor, where evenFactor == 2**k. */
- MP_CHECKOK( s_mp_invmod_2d( a, k, &evenPart) );
-
- /* Use Chinese Remainer theorem to compute a**-1 mod m. */
- /* let m1 = oddFactor, v1 = oddPart,
- * let m2 = evenFactor, v2 = evenPart.
- */
-
- /* Compute C2 = m1**-1 mod m2. */
- MP_CHECKOK( s_mp_invmod_2d(&oddFactor, k, &C2) );
-
- /* compute u = (v2 - v1)*C2 mod m2 */
- MP_CHECKOK( mp_sub(&evenPart, &oddPart, &tmp1) );
- MP_CHECKOK( mp_mul(&tmp1, &C2, &tmp2) );
- s_mp_mod_2d(&tmp2, k);
- while (MP_SIGN(&tmp2) != MP_ZPOS) {
- MP_CHECKOK( mp_add(&tmp2, &evenFactor, &tmp2) );
- }
-
- /* compute answer = v1 + u*m1 */
- MP_CHECKOK( mp_mul(&tmp2, &oddFactor, c) );
- MP_CHECKOK( mp_add(&oddPart, c, c) );
- /* not sure this is necessary, but it's low cost if not. */
- MP_CHECKOK( mp_mod(c, m, c) );
-
-CLEANUP:
- mp_clear(&oddFactor);
- mp_clear(&evenFactor);
- mp_clear(&oddPart);
- mp_clear(&evenPart);
- mp_clear(&C2);
- mp_clear(&tmp1);
- mp_clear(&tmp2);
- return res;
-}
-
-
-/* {{{ mp_invmod(a, m, c) */
-
-/*
- mp_invmod(a, m, c)
-
- Compute c = a^-1 (mod m), if there is an inverse for a (mod m).
- This is equivalent to the question of whether (a, m) = 1. If not,
- MP_UNDEF is returned, and there is no inverse.
- */
-
-mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c)
-{
-
- ARGCHK(a && m && c, MP_BADARG);
-
- if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
- return MP_RANGE;
-
- if (mp_isodd(m)) {
- return s_mp_invmod_odd_m(a, m, c);
- }
- if (mp_iseven(a))
- return MP_UNDEF; /* not invertable */
-
- return s_mp_invmod_even_m(a, m, c);
-
-} /* end mp_invmod() */
-
-/* }}} */
-#endif /* if MP_NUMTH */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ mp_print(mp, ofp) */
-
-#if MP_IOFUNC
-/*
- mp_print(mp, ofp)
-
- Print a textual representation of the given mp_int on the output
- stream 'ofp'. Output is generated using the internal radix.
- */
-
-void mp_print(mp_int *mp, FILE *ofp)
-{
- int ix;
-
- if(mp == NULL || ofp == NULL)
- return;
-
- fputc((SIGN(mp) == NEG) ? '-' : '+', ofp);
-
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- fprintf(ofp, DIGIT_FMT, DIGIT(mp, ix));
- }
-
-} /* end mp_print() */
-
-#endif /* if MP_IOFUNC */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ More I/O Functions */
-
-/* {{{ mp_read_raw(mp, str, len) */
-
-/*
- mp_read_raw(mp, str, len)
-
- Read in a raw value (base 256) into the given mp_int
- */
-
-mp_err mp_read_raw(mp_int *mp, char *str, int len)
-{
- int ix;
- mp_err res;
- unsigned char *ustr = (unsigned char *)str;
-
- ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
-
- mp_zero(mp);
-
- /* Get sign from first byte */
- if(ustr[0])
- SIGN(mp) = NEG;
- else
- SIGN(mp) = ZPOS;
-
- /* Read the rest of the digits */
- for(ix = 1; ix < len; ix++) {
- if((res = mp_mul_d(mp, 256, mp)) != MP_OKAY)
- return res;
- if((res = mp_add_d(mp, ustr[ix], mp)) != MP_OKAY)
- return res;
- }
-
- return MP_OKAY;
-
-} /* end mp_read_raw() */
-
-/* }}} */
-
-/* {{{ mp_raw_size(mp) */
-
-int mp_raw_size(mp_int *mp)
-{
- ARGCHK(mp != NULL, 0);
-
- return (USED(mp) * sizeof(mp_digit)) + 1;
-
-} /* end mp_raw_size() */
-
-/* }}} */
-
-/* {{{ mp_toraw(mp, str) */
-
-mp_err mp_toraw(mp_int *mp, char *str)
-{
- int ix, jx, pos = 1;
-
- ARGCHK(mp != NULL && str != NULL, MP_BADARG);
-
- str[0] = (char)SIGN(mp);
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- str[pos++] = (char)(d >> (jx * CHAR_BIT));
- }
- }
-
- return MP_OKAY;
-
-} /* end mp_toraw() */
-
-/* }}} */
-
-/* {{{ mp_read_radix(mp, str, radix) */
-
-/*
- mp_read_radix(mp, str, radix)
-
- Read an integer from the given string, and set mp to the resulting
- value. The input is presumed to be in base 10. Leading non-digit
- characters are ignored, and the function reads until a non-digit
- character or the end of the string.
- */
-
-mp_err mp_read_radix(mp_int *mp, const char *str, int radix)
-{
- int ix = 0, val = 0;
- mp_err res;
- mp_sign sig = ZPOS;
-
- ARGCHK(mp != NULL && str != NULL && radix >= 2 && radix <= MAX_RADIX,
- MP_BADARG);
-
- mp_zero(mp);
-
- /* Skip leading non-digit characters until a digit or '-' or '+' */
- while(str[ix] &&
- (s_mp_tovalue(str[ix], radix) < 0) &&
- str[ix] != '-' &&
- str[ix] != '+') {
- ++ix;
- }
-
- if(str[ix] == '-') {
- sig = NEG;
- ++ix;
- } else if(str[ix] == '+') {
- sig = ZPOS; /* this is the default anyway... */
- ++ix;
- }
-
- while((val = s_mp_tovalue(str[ix], radix)) >= 0) {
- if((res = s_mp_mul_d(mp, radix)) != MP_OKAY)
- return res;
- if((res = s_mp_add_d(mp, val)) != MP_OKAY)
- return res;
- ++ix;
- }
-
- if(s_mp_cmp_d(mp, 0) == MP_EQ)
- SIGN(mp) = ZPOS;
- else
- SIGN(mp) = sig;
-
- return MP_OKAY;
-
-} /* end mp_read_radix() */
-
-mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix)
-{
- int radix = default_radix;
- int cx;
- mp_sign sig = ZPOS;
- mp_err res;
-
- /* Skip leading non-digit characters until a digit or '-' or '+' */
- while ((cx = *str) != 0 &&
- (s_mp_tovalue(cx, radix) < 0) &&
- cx != '-' &&
- cx != '+') {
- ++str;
- }
-
- if (cx == '-') {
- sig = NEG;
- ++str;
- } else if (cx == '+') {
- sig = ZPOS; /* this is the default anyway... */
- ++str;
- }
-
- if (str[0] == '0') {
- if ((str[1] | 0x20) == 'x') {
- radix = 16;
- str += 2;
- } else {
- radix = 8;
- str++;
- }
- }
- res = mp_read_radix(a, str, radix);
- if (res == MP_OKAY) {
- MP_SIGN(a) = (s_mp_cmp_d(a, 0) == MP_EQ) ? ZPOS : sig;
- }
- return res;
-}
-
-/* }}} */
-
-/* {{{ mp_radix_size(mp, radix) */
-
-int mp_radix_size(mp_int *mp, int radix)
-{
- int bits;
-
- if(!mp || radix < 2 || radix > MAX_RADIX)
- return 0;
-
- bits = USED(mp) * DIGIT_BIT - 1;
-
- return s_mp_outlen(bits, radix);
-
-} /* end mp_radix_size() */
-
-/* }}} */
-
-/* {{{ mp_toradix(mp, str, radix) */
-
-mp_err mp_toradix(mp_int *mp, char *str, int radix)
-{
- int ix, pos = 0;
-
- ARGCHK(mp != NULL && str != NULL, MP_BADARG);
- ARGCHK(radix > 1 && radix <= MAX_RADIX, MP_RANGE);
-
- if(mp_cmp_z(mp) == MP_EQ) {
- str[0] = '0';
- str[1] = '\0';
- } else {
- mp_err res;
- mp_int tmp;
- mp_sign sgn;
- mp_digit rem, rdx = (mp_digit)radix;
- char ch;
-
- if((res = mp_init_copy(&tmp, mp)) != MP_OKAY)
- return res;
-
- /* Save sign for later, and take absolute value */
- sgn = SIGN(&tmp); SIGN(&tmp) = ZPOS;
-
- /* Generate output digits in reverse order */
- while(mp_cmp_z(&tmp) != 0) {
- if((res = mp_div_d(&tmp, rdx, &tmp, &rem)) != MP_OKAY) {
- mp_clear(&tmp);
- return res;
- }
-
- /* Generate digits, use capital letters */
- ch = s_mp_todigit(rem, radix, 0);
-
- str[pos++] = ch;
- }
-
- /* Add - sign if original value was negative */
- if(sgn == NEG)
- str[pos++] = '-';
-
- /* Add trailing NUL to end the string */
- str[pos--] = '\0';
-
- /* Reverse the digits and sign indicator */
- ix = 0;
- while(ix < pos) {
- char tmp = str[ix];
-
- str[ix] = str[pos];
- str[pos] = tmp;
- ++ix;
- --pos;
- }
-
- mp_clear(&tmp);
- }
-
- return MP_OKAY;
-
-} /* end mp_toradix() */
-
-/* }}} */
-
-/* {{{ mp_tovalue(ch, r) */
-
-int mp_tovalue(char ch, int r)
-{
- return s_mp_tovalue(ch, r);
-
-} /* end mp_tovalue() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ mp_strerror(ec) */
-
-/*
- mp_strerror(ec)
-
- Return a string describing the meaning of error code 'ec'. The
- string returned is allocated in static memory, so the caller should
- not attempt to modify or free the memory associated with this
- string.
- */
-const char *mp_strerror(mp_err ec)
-{
- int aec = (ec < 0) ? -ec : ec;
-
- /* Code values are negative, so the senses of these comparisons
- are accurate */
- if(ec < MP_LAST_CODE || ec > MP_OKAY) {
- return mp_err_string[0]; /* unknown error code */
- } else {
- return mp_err_string[aec + 1];
- }
-
-} /* end mp_strerror() */
-
-/* }}} */
-
-/*========================================================================*/
-/*------------------------------------------------------------------------*/
-/* Static function definitions (internal use only) */
-
-/* {{{ Memory management */
-
-/* {{{ s_mp_grow(mp, min) */
-
-/* Make sure there are at least 'min' digits allocated to mp */
-mp_err s_mp_grow(mp_int *mp, mp_size min)
-{
- if(min > ALLOC(mp)) {
- mp_digit *tmp;
-
- /* Set min to next nearest default precision block size */
- min = MP_ROUNDUP(min, s_mp_defprec);
-
- if((tmp = s_mp_alloc(min, sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- s_mp_copy(DIGITS(mp), tmp, USED(mp));
-
-#if MP_CRYPTO
- s_mp_setz(DIGITS(mp), ALLOC(mp));
-#endif
- s_mp_free(DIGITS(mp));
- DIGITS(mp) = tmp;
- ALLOC(mp) = min;
- }
-
- return MP_OKAY;
-
-} /* end s_mp_grow() */
-
-/* }}} */
-
-/* {{{ s_mp_pad(mp, min) */
-
-/* Make sure the used size of mp is at least 'min', growing if needed */
-mp_err s_mp_pad(mp_int *mp, mp_size min)
-{
- if(min > USED(mp)) {
- mp_err res;
-
- /* Make sure there is room to increase precision */
- if (min > ALLOC(mp)) {
- if ((res = s_mp_grow(mp, min)) != MP_OKAY)
- return res;
- } else {
-/* s_mp_setz(DIGITS(mp) + USED(mp), min - USED(mp)); */
- }
-
- /* Increase precision; should already be 0-filled */
- USED(mp) = min;
- }
-
- return MP_OKAY;
-
-} /* end s_mp_pad() */
-
-/* }}} */
-
-/* {{{ s_mp_setz(dp, count) */
-
-#if MP_MACRO == 0
-/* Set 'count' digits pointed to by dp to be zeroes */
-void s_mp_setz(mp_digit *dp, mp_size count)
-{
-#if MP_MEMSET == 0
- int ix;
-
- for(ix = 0; ix < count; ix++)
- dp[ix] = 0;
-#else
- memset(dp, 0, count * sizeof(mp_digit));
-#endif
-
-} /* end s_mp_setz() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_copy(sp, dp, count) */
-
-#if MP_MACRO == 0
-/* Copy 'count' digits from sp to dp */
-void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count)
-{
-#if MP_MEMCPY == 0
- int ix;
-
- for(ix = 0; ix < count; ix++)
- dp[ix] = sp[ix];
-#else
- memcpy(dp, sp, count * sizeof(mp_digit));
-#endif
-
-} /* end s_mp_copy() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_alloc(nb, ni) */
-
-#if MP_MACRO == 0
-/* Allocate ni records of nb bytes each, and return a pointer to that */
-void *s_mp_alloc(size_t nb, size_t ni)
-{
- ++mp_allocs;
- return calloc(nb, ni);
-
-} /* end s_mp_alloc() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_free(ptr) */
-
-#if MP_MACRO == 0
-/* Free the memory pointed to by ptr */
-void s_mp_free(void *ptr)
-{
- if(ptr) {
- ++mp_frees;
- free(ptr);
- }
-} /* end s_mp_free() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_clamp(mp) */
-
-#if MP_MACRO == 0
-/* Remove leading zeroes from the given value */
-void s_mp_clamp(mp_int *mp)
-{
- mp_size used = MP_USED(mp);
- while (used > 1 && DIGIT(mp, used - 1) == 0)
- --used;
- MP_USED(mp) = used;
-} /* end s_mp_clamp() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_exch(a, b) */
-
-/* Exchange the data for a and b; (b, a) = (a, b) */
-void s_mp_exch(mp_int *a, mp_int *b)
-{
- mp_int tmp;
-
- tmp = *a;
- *a = *b;
- *b = tmp;
-
-} /* end s_mp_exch() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Arithmetic helpers */
-
-/* {{{ s_mp_lshd(mp, p) */
-
-/*
- Shift mp leftward by p digits, growing if needed, and zero-filling
- the in-shifted digits at the right end. This is a convenient
- alternative to multiplication by powers of the radix
- The value of USED(mp) must already have been set to the value for
- the shifted result.
- */
-
-mp_err s_mp_lshd(mp_int *mp, mp_size p)
-{
- mp_err res;
- mp_size pos;
- int ix;
-
- if(p == 0)
- return MP_OKAY;
-
- if (MP_USED(mp) == 1 && MP_DIGIT(mp, 0) == 0)
- return MP_OKAY;
-
- if((res = s_mp_pad(mp, USED(mp) + p)) != MP_OKAY)
- return res;
-
- pos = USED(mp) - 1;
-
- /* Shift all the significant figures over as needed */
- for(ix = pos - p; ix >= 0; ix--)
- DIGIT(mp, ix + p) = DIGIT(mp, ix);
-
- /* Fill the bottom digits with zeroes */
- for(ix = 0; ix < p; ix++)
- DIGIT(mp, ix) = 0;
-
- return MP_OKAY;
-
-} /* end s_mp_lshd() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_2d(mp, d) */
-
-/*
- Multiply the integer by 2^d, where d is a number of bits. This
- amounts to a bitwise shift of the value.
- */
-mp_err s_mp_mul_2d(mp_int *mp, mp_digit d)
-{
- mp_err res;
- mp_digit dshift, bshift;
- mp_digit mask;
-
- ARGCHK(mp != NULL, MP_BADARG);
-
- dshift = d / MP_DIGIT_BIT;
- bshift = d % MP_DIGIT_BIT;
- /* bits to be shifted out of the top word */
- mask = ((mp_digit)~0 << (MP_DIGIT_BIT - bshift));
- mask &= MP_DIGIT(mp, MP_USED(mp) - 1);
-
- if (MP_OKAY != (res = s_mp_pad(mp, MP_USED(mp) + dshift + (mask != 0) )))
- return res;
-
- if (dshift && MP_OKAY != (res = s_mp_lshd(mp, dshift)))
- return res;
-
- if (bshift) {
- mp_digit *pa = MP_DIGITS(mp);
- mp_digit *alim = pa + MP_USED(mp);
- mp_digit prev = 0;
-
- for (pa += dshift; pa < alim; ) {
- mp_digit x = *pa;
- *pa++ = (x << bshift) | prev;
- prev = x >> (DIGIT_BIT - bshift);
- }
- }
-
- s_mp_clamp(mp);
- return MP_OKAY;
-} /* end s_mp_mul_2d() */
-
-/* {{{ s_mp_rshd(mp, p) */
-
-/*
- Shift mp rightward by p digits. Maintains the invariant that
- digits above the precision are all zero. Digits shifted off the
- end are lost. Cannot fail.
- */
-
-void s_mp_rshd(mp_int *mp, mp_size p)
-{
- mp_size ix;
- mp_digit *src, *dst;
-
- if(p == 0)
- return;
-
- /* Shortcut when all digits are to be shifted off */
- if(p >= USED(mp)) {
- s_mp_setz(DIGITS(mp), ALLOC(mp));
- USED(mp) = 1;
- SIGN(mp) = ZPOS;
- return;
- }
-
- /* Shift all the significant figures over as needed */
- dst = MP_DIGITS(mp);
- src = dst + p;
- for (ix = USED(mp) - p; ix > 0; ix--)
- *dst++ = *src++;
-
- MP_USED(mp) -= p;
- /* Fill the top digits with zeroes */
- while (p-- > 0)
- *dst++ = 0;
-
-#if 0
- /* Strip off any leading zeroes */
- s_mp_clamp(mp);
-#endif
-
-} /* end s_mp_rshd() */
-
-/* }}} */
-
-/* {{{ s_mp_div_2(mp) */
-
-/* Divide by two -- take advantage of radix properties to do it fast */
-void s_mp_div_2(mp_int *mp)
-{
- s_mp_div_2d(mp, 1);
-
-} /* end s_mp_div_2() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_2(mp) */
-
-mp_err s_mp_mul_2(mp_int *mp)
-{
- mp_digit *pd;
- int ix, used;
- mp_digit kin = 0;
-
- /* Shift digits leftward by 1 bit */
- used = MP_USED(mp);
- pd = MP_DIGITS(mp);
- for (ix = 0; ix < used; ix++) {
- mp_digit d = *pd;
- *pd++ = (d << 1) | kin;
- kin = (d >> (DIGIT_BIT - 1));
- }
-
- /* Deal with rollover from last digit */
- if (kin) {
- if (ix >= ALLOC(mp)) {
- mp_err res;
- if((res = s_mp_grow(mp, ALLOC(mp) + 1)) != MP_OKAY)
- return res;
- }
-
- DIGIT(mp, ix) = kin;
- USED(mp) += 1;
- }
-
- return MP_OKAY;
-
-} /* end s_mp_mul_2() */
-
-/* }}} */
-
-/* {{{ s_mp_mod_2d(mp, d) */
-
-/*
- Remainder the integer by 2^d, where d is a number of bits. This
- amounts to a bitwise AND of the value, and does not require the full
- division code
- */
-void s_mp_mod_2d(mp_int *mp, mp_digit d)
-{
- mp_size ndig = (d / DIGIT_BIT), nbit = (d % DIGIT_BIT);
- mp_size ix;
- mp_digit dmask;
-
- if(ndig >= USED(mp))
- return;
-
- /* Flush all the bits above 2^d in its digit */
- dmask = ((mp_digit)1 << nbit) - 1;
- DIGIT(mp, ndig) &= dmask;
-
- /* Flush all digits above the one with 2^d in it */
- for(ix = ndig + 1; ix < USED(mp); ix++)
- DIGIT(mp, ix) = 0;
-
- s_mp_clamp(mp);
-
-} /* end s_mp_mod_2d() */
-
-/* }}} */
-
-/* {{{ s_mp_div_2d(mp, d) */
-
-/*
- Divide the integer by 2^d, where d is a number of bits. This
- amounts to a bitwise shift of the value, and does not require the
- full division code (used in Barrett reduction, see below)
- */
-void s_mp_div_2d(mp_int *mp, mp_digit d)
-{
- int ix;
- mp_digit save, next, mask;
-
- s_mp_rshd(mp, d / DIGIT_BIT);
- d %= DIGIT_BIT;
- if (d) {
- mask = ((mp_digit)1 << d) - 1;
- save = 0;
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- next = DIGIT(mp, ix) & mask;
- DIGIT(mp, ix) = (DIGIT(mp, ix) >> d) | (save << (DIGIT_BIT - d));
- save = next;
- }
- }
- s_mp_clamp(mp);
-
-} /* end s_mp_div_2d() */
-
-/* }}} */
-
-/* {{{ s_mp_norm(a, b, *d) */
-
-/*
- s_mp_norm(a, b, *d)
-
- Normalize a and b for division, where b is the divisor. In order
- that we might make good guesses for quotient digits, we want the
- leading digit of b to be at least half the radix, which we
- accomplish by multiplying a and b by a power of 2. The exponent
- (shift count) is placed in *pd, so that the remainder can be shifted
- back at the end of the division process.
- */
-
-mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd)
-{
- mp_digit d;
- mp_digit mask;
- mp_digit b_msd;
- mp_err res = MP_OKAY;
-
- d = 0;
- mask = DIGIT_MAX & ~(DIGIT_MAX >> 1); /* mask is msb of digit */
- b_msd = DIGIT(b, USED(b) - 1);
- while (!(b_msd & mask)) {
- b_msd <<= 1;
- ++d;
- }
-
- if (d) {
- MP_CHECKOK( s_mp_mul_2d(a, d) );
- MP_CHECKOK( s_mp_mul_2d(b, d) );
- }
-
- *pd = d;
-CLEANUP:
- return res;
-
-} /* end s_mp_norm() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive digit arithmetic */
-
-/* {{{ s_mp_add_d(mp, d) */
-
-/* Add d to |mp| in place */
-mp_err s_mp_add_d(mp_int *mp, mp_digit d) /* unsigned digit addition */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w, k = 0;
- mp_size ix = 1;
-
- w = (mp_word)DIGIT(mp, 0) + d;
- DIGIT(mp, 0) = ACCUM(w);
- k = CARRYOUT(w);
-
- while(ix < USED(mp) && k) {
- w = (mp_word)DIGIT(mp, ix) + k;
- DIGIT(mp, ix) = ACCUM(w);
- k = CARRYOUT(w);
- ++ix;
- }
-
- if(k != 0) {
- mp_err res;
-
- if((res = s_mp_pad(mp, USED(mp) + 1)) != MP_OKAY)
- return res;
-
- DIGIT(mp, ix) = (mp_digit)k;
- }
-
- return MP_OKAY;
-#else
- mp_digit * pmp = MP_DIGITS(mp);
- mp_digit sum, mp_i, carry = 0;
- mp_err res = MP_OKAY;
- int used = (int)MP_USED(mp);
-
- mp_i = *pmp;
- *pmp++ = sum = d + mp_i;
- carry = (sum < d);
- while (carry && --used > 0) {
- mp_i = *pmp;
- *pmp++ = sum = carry + mp_i;
- carry = !sum;
- }
- if (carry && !used) {
- /* mp is growing */
- used = MP_USED(mp);
- MP_CHECKOK( s_mp_pad(mp, used + 1) );
- MP_DIGIT(mp, used) = carry;
- }
-CLEANUP:
- return res;
-#endif
-} /* end s_mp_add_d() */
-
-/* }}} */
-
-/* {{{ s_mp_sub_d(mp, d) */
-
-/* Subtract d from |mp| in place, assumes |mp| > d */
-mp_err s_mp_sub_d(mp_int *mp, mp_digit d) /* unsigned digit subtract */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- mp_word w, b = 0;
- mp_size ix = 1;
-
- /* Compute initial subtraction */
- w = (RADIX + (mp_word)DIGIT(mp, 0)) - d;
- b = CARRYOUT(w) ? 0 : 1;
- DIGIT(mp, 0) = ACCUM(w);
-
- /* Propagate borrows leftward */
- while(b && ix < USED(mp)) {
- w = (RADIX + (mp_word)DIGIT(mp, ix)) - b;
- b = CARRYOUT(w) ? 0 : 1;
- DIGIT(mp, ix) = ACCUM(w);
- ++ix;
- }
-
- /* Remove leading zeroes */
- s_mp_clamp(mp);
-
- /* If we have a borrow out, it's a violation of the input invariant */
- if(b)
- return MP_RANGE;
- else
- return MP_OKAY;
-#else
- mp_digit *pmp = MP_DIGITS(mp);
- mp_digit mp_i, diff, borrow;
- mp_size used = MP_USED(mp);
-
- mp_i = *pmp;
- *pmp++ = diff = mp_i - d;
- borrow = (diff > mp_i);
- while (borrow && --used) {
- mp_i = *pmp;
- *pmp++ = diff = mp_i - borrow;
- borrow = (diff > mp_i);
- }
- s_mp_clamp(mp);
- return (borrow && !used) ? MP_RANGE : MP_OKAY;
-#endif
-} /* end s_mp_sub_d() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_d(a, d) */
-
-/* Compute a = a * d, single digit multiplication */
-mp_err s_mp_mul_d(mp_int *a, mp_digit d)
-{
- mp_err res;
- mp_size used;
- int pow;
-
- if (!d) {
- mp_zero(a);
- return MP_OKAY;
- }
- if (d == 1)
- return MP_OKAY;
- if (0 <= (pow = s_mp_ispow2d(d))) {
- return s_mp_mul_2d(a, (mp_digit)pow);
- }
-
- used = MP_USED(a);
- MP_CHECKOK( s_mp_pad(a, used + 1) );
-
- s_mpv_mul_d(MP_DIGITS(a), used, d, MP_DIGITS(a));
-
- s_mp_clamp(a);
-
-CLEANUP:
- return res;
-
-} /* end s_mp_mul_d() */
-
-/* }}} */
-
-/* {{{ s_mp_div_d(mp, d, r) */
-
-/*
- s_mp_div_d(mp, d, r)
-
- Compute the quotient mp = mp / d and remainder r = mp mod d, for a
- single digit d. If r is null, the remainder will be discarded.
- */
-
-mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- mp_word w = 0, q;
-#else
- mp_digit w, q;
-#endif
- int ix;
- mp_err res;
- mp_int quot;
- mp_int rem;
-
- if(d == 0)
- return MP_RANGE;
- if (d == 1) {
- if (r)
- *r = 0;
- return MP_OKAY;
- }
- /* could check for power of 2 here, but mp_div_d does that. */
- if (MP_USED(mp) == 1) {
- mp_digit n = MP_DIGIT(mp,0);
- mp_digit rem;
-
- q = n / d;
- rem = n % d;
- MP_DIGIT(mp,0) = q;
- if (r)
- *r = rem;
- return MP_OKAY;
- }
-
- MP_DIGITS(&rem) = 0;
- MP_DIGITS(&quot) = 0;
- /* Make room for the quotient */
- MP_CHECKOK( mp_init_size(&quot, USED(mp)) );
-
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- w = (w << DIGIT_BIT) | DIGIT(mp, ix);
-
- if(w >= d) {
- q = w / d;
- w = w % d;
- } else {
- q = 0;
- }
-
- s_mp_lshd(&quot, 1);
- DIGIT(&quot, 0) = (mp_digit)q;
- }
-#else
- {
- mp_digit p;
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
- mp_digit norm;
-#endif
-
- MP_CHECKOK( mp_init_copy(&rem, mp) );
-
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
- MP_DIGIT(&quot, 0) = d;
- MP_CHECKOK( s_mp_norm(&rem, &quot, &norm) );
- if (norm)
- d <<= norm;
- MP_DIGIT(&quot, 0) = 0;
-#endif
-
- p = 0;
- for (ix = USED(&rem) - 1; ix >= 0; ix--) {
- w = DIGIT(&rem, ix);
-
- if (p) {
- MP_CHECKOK( s_mpv_div_2dx1d(p, w, d, &q, &w) );
- } else if (w >= d) {
- q = w / d;
- w = w % d;
- } else {
- q = 0;
- }
-
- MP_CHECKOK( s_mp_lshd(&quot, 1) );
- DIGIT(&quot, 0) = q;
- p = w;
- }
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
- if (norm)
- w >>= norm;
-#endif
- }
-#endif
-
- /* Deliver the remainder, if desired */
- if(r)
- *r = (mp_digit)w;
-
- s_mp_clamp(&quot);
- mp_exch(&quot, mp);
-CLEANUP:
- mp_clear(&quot);
- mp_clear(&rem);
-
- return res;
-} /* end s_mp_div_d() */
-
-/* }}} */
-
-
-/* }}} */
-
-/* {{{ Primitive full arithmetic */
-
-/* {{{ s_mp_add(a, b) */
-
-/* Compute a = |a| + |b| */
-mp_err s_mp_add(mp_int *a, const mp_int *b) /* magnitude addition */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w = 0;
-#else
- mp_digit d, sum, carry = 0;
-#endif
- mp_digit *pa, *pb;
- mp_size ix;
- mp_size used;
- mp_err res;
-
- /* Make sure a has enough precision for the output value */
- if((USED(b) > USED(a)) && (res = s_mp_pad(a, USED(b))) != MP_OKAY)
- return res;
-
- /*
- Add up all digits up to the precision of b. If b had initially
- the same precision as a, or greater, we took care of it by the
- padding step above, so there is no problem. If b had initially
- less precision, we'll have to make sure the carry out is duly
- propagated upward among the higher-order digits of the sum.
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- used = MP_USED(b);
- for(ix = 0; ix < used; ix++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = w + *pa + *pb++;
- *pa++ = ACCUM(w);
- w = CARRYOUT(w);
-#else
- d = *pa;
- sum = d + *pb++;
- d = (sum < d); /* detect overflow */
- *pa++ = sum += carry;
- carry = d + (sum < carry); /* detect overflow */
-#endif
- }
-
- /* If we run out of 'b' digits before we're actually done, make
- sure the carries get propagated upward...
- */
- used = MP_USED(a);
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- while (w && ix < used) {
- w = w + *pa;
- *pa++ = ACCUM(w);
- w = CARRYOUT(w);
- ++ix;
- }
-#else
- while (carry && ix < used) {
- sum = carry + *pa;
- *pa++ = sum;
- carry = !sum;
- ++ix;
- }
-#endif
-
- /* If there's an overall carry out, increase precision and include
- it. We could have done this initially, but why touch the memory
- allocator unless we're sure we have to?
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- if (w) {
- if((res = s_mp_pad(a, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, ix) = (mp_digit)w;
- }
-#else
- if (carry) {
- if((res = s_mp_pad(a, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, used) = carry;
- }
-#endif
-
- return MP_OKAY;
-} /* end s_mp_add() */
-
-/* }}} */
-
-/* Compute c = |a| + |b| */ /* magnitude addition */
-mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_digit *pa, *pb, *pc;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w = 0;
-#else
- mp_digit sum, carry = 0, d;
-#endif
- mp_size ix;
- mp_size used;
- mp_err res;
-
- MP_SIGN(c) = MP_SIGN(a);
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = a;
- a = b;
- b = xch;
- }
-
- /* Make sure a has enough precision for the output value */
- if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
- return res;
-
- /*
- Add up all digits up to the precision of b. If b had initially
- the same precision as a, or greater, we took care of it by the
- exchange step above, so there is no problem. If b had initially
- less precision, we'll have to make sure the carry out is duly
- propagated upward among the higher-order digits of the sum.
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- pc = MP_DIGITS(c);
- used = MP_USED(b);
- for (ix = 0; ix < used; ix++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = w + *pa++ + *pb++;
- *pc++ = ACCUM(w);
- w = CARRYOUT(w);
-#else
- d = *pa++;
- sum = d + *pb++;
- d = (sum < d); /* detect overflow */
- *pc++ = sum += carry;
- carry = d + (sum < carry); /* detect overflow */
-#endif
- }
-
- /* If we run out of 'b' digits before we're actually done, make
- sure the carries get propagated upward...
- */
- for (used = MP_USED(a); ix < used; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = w + *pa++;
- *pc++ = ACCUM(w);
- w = CARRYOUT(w);
-#else
- *pc++ = sum = carry + *pa++;
- carry = (sum < carry);
-#endif
- }
-
- /* If there's an overall carry out, increase precision and include
- it. We could have done this initially, but why touch the memory
- allocator unless we're sure we have to?
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- if (w) {
- if((res = s_mp_pad(c, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(c, used) = (mp_digit)w;
- ++used;
- }
-#else
- if (carry) {
- if((res = s_mp_pad(c, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(c, used) = carry;
- ++used;
- }
-#endif
- MP_USED(c) = used;
- return MP_OKAY;
-}
-/* {{{ s_mp_add_offset(a, b, offset) */
-
-/* Compute a = |a| + ( |b| * (RADIX ** offset) ) */
-mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w, k = 0;
-#else
- mp_digit d, sum, carry = 0;
-#endif
- mp_size ib;
- mp_size ia;
- mp_size lim;
- mp_err res;
-
- /* Make sure a has enough precision for the output value */
- lim = MP_USED(b) + offset;
- if((lim > USED(a)) && (res = s_mp_pad(a, lim)) != MP_OKAY)
- return res;
-
- /*
- Add up all digits up to the precision of b. If b had initially
- the same precision as a, or greater, we took care of it by the
- padding step above, so there is no problem. If b had initially
- less precision, we'll have to make sure the carry out is duly
- propagated upward among the higher-order digits of the sum.
- */
- lim = USED(b);
- for(ib = 0, ia = offset; ib < lim; ib++, ia++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = (mp_word)DIGIT(a, ia) + DIGIT(b, ib) + k;
- DIGIT(a, ia) = ACCUM(w);
- k = CARRYOUT(w);
-#else
- d = MP_DIGIT(a, ia);
- sum = d + MP_DIGIT(b, ib);
- d = (sum < d);
- MP_DIGIT(a,ia) = sum += carry;
- carry = d + (sum < carry);
-#endif
- }
-
- /* If we run out of 'b' digits before we're actually done, make
- sure the carries get propagated upward...
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- for (lim = MP_USED(a); k && (ia < lim); ++ia) {
- w = (mp_word)DIGIT(a, ia) + k;
- DIGIT(a, ia) = ACCUM(w);
- k = CARRYOUT(w);
- }
-#else
- for (lim = MP_USED(a); carry && (ia < lim); ++ia) {
- d = MP_DIGIT(a, ia);
- MP_DIGIT(a,ia) = sum = d + carry;
- carry = (sum < d);
- }
-#endif
-
- /* If there's an overall carry out, increase precision and include
- it. We could have done this initially, but why touch the memory
- allocator unless we're sure we have to?
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- if(k) {
- if((res = s_mp_pad(a, USED(a) + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, ia) = (mp_digit)k;
- }
-#else
- if (carry) {
- if((res = s_mp_pad(a, lim + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, lim) = carry;
- }
-#endif
- s_mp_clamp(a);
-
- return MP_OKAY;
-
-} /* end s_mp_add_offset() */
-
-/* }}} */
-
-/* {{{ s_mp_sub(a, b) */
-
-/* Compute a = |a| - |b|, assumes |a| >= |b| */
-mp_err s_mp_sub(mp_int *a, const mp_int *b) /* magnitude subtract */
-{
- mp_digit *pa, *pb, *limit;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- mp_sword w = 0;
-#else
- mp_digit d, diff, borrow = 0;
-#endif
-
- /*
- Subtract and propagate borrow. Up to the precision of b, this
- accounts for the digits of b; after that, we just make sure the
- carries get to the right place. This saves having to pad b out to
- the precision of a just to make the loops work right...
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- limit = pb + MP_USED(b);
- while (pb < limit) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- w = w + *pa - *pb++;
- *pa++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
-#else
- d = *pa;
- diff = d - *pb++;
- d = (diff > d); /* detect borrow */
- if (borrow && --diff == MP_DIGIT_MAX)
- ++d;
- *pa++ = diff;
- borrow = d;
-#endif
- }
- limit = MP_DIGITS(a) + MP_USED(a);
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- while (w && pa < limit) {
- w = w + *pa;
- *pa++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
- }
-#else
- while (borrow && pa < limit) {
- d = *pa;
- *pa++ = diff = d - borrow;
- borrow = (diff > d);
- }
-#endif
-
- /* Clobber any leading zeroes we created */
- s_mp_clamp(a);
-
- /*
- If there was a borrow out, then |b| > |a| in violation
- of our input invariant. We've already done the work,
- but we'll at least complain about it...
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- return w ? MP_RANGE : MP_OKAY;
-#else
- return borrow ? MP_RANGE : MP_OKAY;
-#endif
-} /* end s_mp_sub() */
-
-/* }}} */
-
-/* Compute c = |a| - |b|, assumes |a| >= |b| */ /* magnitude subtract */
-mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_digit *pa, *pb, *pc;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- mp_sword w = 0;
-#else
- mp_digit d, diff, borrow = 0;
-#endif
- int ix, limit;
- mp_err res;
-
- MP_SIGN(c) = MP_SIGN(a);
-
- /* Make sure a has enough precision for the output value */
- if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
- return res;
-
- /*
- Subtract and propagate borrow. Up to the precision of b, this
- accounts for the digits of b; after that, we just make sure the
- carries get to the right place. This saves having to pad b out to
- the precision of a just to make the loops work right...
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- pc = MP_DIGITS(c);
- limit = MP_USED(b);
- for (ix = 0; ix < limit; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- w = w + *pa++ - *pb++;
- *pc++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
-#else
- d = *pa++;
- diff = d - *pb++;
- d = (diff > d);
- if (borrow && --diff == MP_DIGIT_MAX)
- ++d;
- *pc++ = diff;
- borrow = d;
-#endif
- }
- for (limit = MP_USED(a); ix < limit; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- w = w + *pa++;
- *pc++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
-#else
- d = *pa++;
- *pc++ = diff = d - borrow;
- borrow = (diff > d);
-#endif
- }
-
- /* Clobber any leading zeroes we created */
- MP_USED(c) = ix;
- s_mp_clamp(c);
-
- /*
- If there was a borrow out, then |b| > |a| in violation
- of our input invariant. We've already done the work,
- but we'll at least complain about it...
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- return w ? MP_RANGE : MP_OKAY;
-#else
- return borrow ? MP_RANGE : MP_OKAY;
-#endif
-}
-/* {{{ s_mp_mul(a, b) */
-
-/* Compute a = |a| * |b| */
-mp_err s_mp_mul(mp_int *a, const mp_int *b)
-{
- return mp_mul(a, b, a);
-} /* end s_mp_mul() */
-
-/* }}} */
-
-#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { unsigned long long product = (unsigned long long)a * b; \
- Plo = (mp_digit)product; \
- Phi = (mp_digit)(product >> MP_DIGIT_BIT); }
-#elif defined(OSF1)
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { Plo = asm ("mulq %a0, %a1, %v0", a, b);\
- Phi = asm ("umulh %a0, %a1, %v0", a, b); }
-#else
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { mp_digit a0b1, a1b0; \
- Plo = (a & MP_HALF_DIGIT_MAX) * (b & MP_HALF_DIGIT_MAX); \
- Phi = (a >> MP_HALF_DIGIT_BIT) * (b >> MP_HALF_DIGIT_BIT); \
- a0b1 = (a & MP_HALF_DIGIT_MAX) * (b >> MP_HALF_DIGIT_BIT); \
- a1b0 = (a >> MP_HALF_DIGIT_BIT) * (b & MP_HALF_DIGIT_MAX); \
- a1b0 += a0b1; \
- Phi += a1b0 >> MP_HALF_DIGIT_BIT; \
- if (a1b0 < a0b1) \
- Phi += MP_HALF_RADIX; \
- a1b0 <<= MP_HALF_DIGIT_BIT; \
- Plo += a1b0; \
- if (Plo < a1b0) \
- ++Phi; \
- }
-#endif
-
-#if !defined(MP_ASSEMBLY_MULTIPLY)
-/* c = a * b */
-void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* c += a * b */
-void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b,
- mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-
- while (d) {
- mp_word w = (mp_word)*c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
-
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
-
- *c++ = a0b0;
- carry = a1b1;
- }
- while (carry) {
- mp_digit c_i = *c;
- carry += c_i;
- *c++ = carry;
- carry = carry < c_i;
- }
-#endif
-}
-#endif
-
-#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_SQR_D(a, Phi, Plo) \
- { unsigned long long square = (unsigned long long)a * a; \
- Plo = (mp_digit)square; \
- Phi = (mp_digit)(square >> MP_DIGIT_BIT); }
-#elif defined(OSF1)
-#define MP_SQR_D(a, Phi, Plo) \
- { Plo = asm ("mulq %a0, %a0, %v0", a);\
- Phi = asm ("umulh %a0, %a0, %v0", a); }
-#else
-#define MP_SQR_D(a, Phi, Plo) \
- { mp_digit Pmid; \
- Plo = (a & MP_HALF_DIGIT_MAX) * (a & MP_HALF_DIGIT_MAX); \
- Phi = (a >> MP_HALF_DIGIT_BIT) * (a >> MP_HALF_DIGIT_BIT); \
- Pmid = (a & MP_HALF_DIGIT_MAX) * (a >> MP_HALF_DIGIT_BIT); \
- Phi += Pmid >> (MP_HALF_DIGIT_BIT - 1); \
- Pmid <<= (MP_HALF_DIGIT_BIT + 1); \
- Plo += Pmid; \
- if (Plo < Pmid) \
- ++Phi; \
- }
-#endif
-
-#if !defined(MP_ASSEMBLY_SQUARE)
-/* Add the squares of the digits of a to the digits of b. */
-void s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_word w;
- mp_digit d;
- mp_size ix;
-
- w = 0;
-#define ADD_SQUARE(n) \
- d = pa[n]; \
- w += (d * (mp_word)d) + ps[2*n]; \
- ps[2*n] = ACCUM(w); \
- w = (w >> DIGIT_BIT) + ps[2*n+1]; \
- ps[2*n+1] = ACCUM(w); \
- w = (w >> DIGIT_BIT)
-
- for (ix = a_len; ix >= 4; ix -= 4) {
- ADD_SQUARE(0);
- ADD_SQUARE(1);
- ADD_SQUARE(2);
- ADD_SQUARE(3);
- pa += 4;
- ps += 8;
- }
- if (ix) {
- ps += 2*ix;
- pa += ix;
- switch (ix) {
- case 3: ADD_SQUARE(-3); /* FALLTHRU */
- case 2: ADD_SQUARE(-2); /* FALLTHRU */
- case 1: ADD_SQUARE(-1); /* FALLTHRU */
- case 0: break;
- }
- }
- while (w) {
- w += *ps;
- *ps++ = ACCUM(w);
- w = (w >> DIGIT_BIT);
- }
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *pa++;
- mp_digit a0a0, a1a1;
-
- MP_SQR_D(a_i, a1a1, a0a0);
-
- /* here a1a1 and a0a0 constitute a_i ** 2 */
- a0a0 += carry;
- if (a0a0 < carry)
- ++a1a1;
-
- /* now add to ps */
- a0a0 += a_i = *ps;
- if (a0a0 < a_i)
- ++a1a1;
- *ps++ = a0a0;
- a1a1 += a_i = *ps;
- carry = (a1a1 < a_i);
- *ps++ = a1a1;
- }
- while (carry) {
- mp_digit s_i = *ps;
- carry += s_i;
- *ps++ = carry;
- carry = carry < s_i;
- }
-#endif
-}
-#endif
-
-#if (defined(MP_NO_MP_WORD) || defined(MP_NO_DIV_WORD)) \
-&& !defined(MP_ASSEMBLY_DIV_2DX1D)
-/*
-** Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
-** so its high bit is 1. This code is from NSPR.
-*/
-mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- mp_digit *qp, mp_digit *rp)
-{
- mp_digit d1, d0, q1, q0;
- mp_digit r1, r0, m;
-
- d1 = divisor >> MP_HALF_DIGIT_BIT;
- d0 = divisor & MP_HALF_DIGIT_MAX;
- r1 = Nhi % d1;
- q1 = Nhi / d1;
- m = q1 * d0;
- r1 = (r1 << MP_HALF_DIGIT_BIT) | (Nlo >> MP_HALF_DIGIT_BIT);
- if (r1 < m) {
- q1--, r1 += divisor;
- if (r1 >= divisor && r1 < m) {
- q1--, r1 += divisor;
- }
- }
- r1 -= m;
- r0 = r1 % d1;
- q0 = r1 / d1;
- m = q0 * d0;
- r0 = (r0 << MP_HALF_DIGIT_BIT) | (Nlo & MP_HALF_DIGIT_MAX);
- if (r0 < m) {
- q0--, r0 += divisor;
- if (r0 >= divisor && r0 < m) {
- q0--, r0 += divisor;
- }
- }
- if (qp)
- *qp = (q1 << MP_HALF_DIGIT_BIT) | q0;
- if (rp)
- *rp = r0 - m;
- return MP_OKAY;
-}
-#endif
-
-#if MP_SQUARE
-/* {{{ s_mp_sqr(a) */
-
-mp_err s_mp_sqr(mp_int *a)
-{
- mp_err res;
- mp_int tmp;
-
- if((res = mp_init_size(&tmp, 2 * USED(a))) != MP_OKAY)
- return res;
- res = mp_sqr(a, &tmp);
- if (res == MP_OKAY) {
- s_mp_exch(&tmp, a);
- }
- mp_clear(&tmp);
- return res;
-}
-
-/* }}} */
-#endif
-
-/* {{{ s_mp_div(a, b) */
-
-/*
- s_mp_div(a, b)
-
- Compute a = a / b and b = a mod b. Assumes b > a.
- */
-
-mp_err s_mp_div(mp_int *rem, /* i: dividend, o: remainder */
- mp_int *div, /* i: divisor */
- mp_int *quot) /* i: 0; o: quotient */
-{
- mp_int part, t;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- mp_word q_msd;
-#else
- mp_digit q_msd;
-#endif
- mp_err res;
- mp_digit d;
- mp_digit div_msd;
- int ix;
-
- if(mp_cmp_z(div) == 0)
- return MP_RANGE;
-
- /* Shortcut if divisor is power of two */
- if((ix = s_mp_ispow2(div)) >= 0) {
- MP_CHECKOK( mp_copy(rem, quot) );
- s_mp_div_2d(quot, (mp_digit)ix);
- s_mp_mod_2d(rem, (mp_digit)ix);
-
- return MP_OKAY;
- }
-
- DIGITS(&t) = 0;
- MP_SIGN(rem) = ZPOS;
- MP_SIGN(div) = ZPOS;
-
- /* A working temporary for division */
- MP_CHECKOK( mp_init_size(&t, MP_ALLOC(rem)));
-
- /* Normalize to optimize guessing */
- MP_CHECKOK( s_mp_norm(rem, div, &d) );
-
- part = *rem;
-
- /* Perform the division itself...woo! */
- MP_USED(quot) = MP_ALLOC(quot);
-
- /* Find a partial substring of rem which is at least div */
- /* If we didn't find one, we're finished dividing */
- while (MP_USED(rem) > MP_USED(div) || s_mp_cmp(rem, div) >= 0) {
- int i;
- int unusedRem;
-
- unusedRem = MP_USED(rem) - MP_USED(div);
- MP_DIGITS(&part) = MP_DIGITS(rem) + unusedRem;
- MP_ALLOC(&part) = MP_ALLOC(rem) - unusedRem;
- MP_USED(&part) = MP_USED(div);
- if (s_mp_cmp(&part, div) < 0) {
- -- unusedRem;
-#if MP_ARGCHK == 2
- assert(unusedRem >= 0);
-#endif
- -- MP_DIGITS(&part);
- ++ MP_USED(&part);
- ++ MP_ALLOC(&part);
- }
-
- /* Compute a guess for the next quotient digit */
- q_msd = MP_DIGIT(&part, MP_USED(&part) - 1);
- div_msd = MP_DIGIT(div, MP_USED(div) - 1);
- if (q_msd >= div_msd) {
- q_msd = 1;
- } else if (MP_USED(&part) > 1) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- q_msd = (q_msd << MP_DIGIT_BIT) | MP_DIGIT(&part, MP_USED(&part) - 2);
- q_msd /= div_msd;
- if (q_msd == RADIX)
- --q_msd;
-#else
- mp_digit r;
- MP_CHECKOK( s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2),
- div_msd, &q_msd, &r) );
-#endif
- } else {
- q_msd = 0;
- }
-#if MP_ARGCHK == 2
- assert(q_msd > 0); /* This case should never occur any more. */
-#endif
- if (q_msd <= 0)
- break;
-
- /* See what that multiplies out to */
- mp_copy(div, &t);
- MP_CHECKOK( s_mp_mul_d(&t, (mp_digit)q_msd) );
-
- /*
- If it's too big, back it off. We should not have to do this
- more than once, or, in rare cases, twice. Knuth describes a
- method by which this could be reduced to a maximum of once, but
- I didn't implement that here.
- * When using s_mpv_div_2dx1d, we may have to do this 3 times.
- */
- for (i = 4; s_mp_cmp(&t, &part) > 0 && i > 0; --i) {
- --q_msd;
- s_mp_sub(&t, div); /* t -= div */
- }
- if (i < 0) {
- res = MP_RANGE;
- goto CLEANUP;
- }
-
- /* At this point, q_msd should be the right next digit */
- MP_CHECKOK( s_mp_sub(&part, &t) ); /* part -= t */
- s_mp_clamp(rem);
-
- /*
- Include the digit in the quotient. We allocated enough memory
- for any quotient we could ever possibly get, so we should not
- have to check for failures here
- */
- MP_DIGIT(quot, unusedRem) = (mp_digit)q_msd;
- }
-
- /* Denormalize remainder */
- if (d) {
- s_mp_div_2d(rem, d);
- }
-
- s_mp_clamp(quot);
-
-CLEANUP:
- mp_clear(&t);
-
- return res;
-
-} /* end s_mp_div() */
-
-
-/* }}} */
-
-/* {{{ s_mp_2expt(a, k) */
-
-mp_err s_mp_2expt(mp_int *a, mp_digit k)
-{
- mp_err res;
- mp_size dig, bit;
-
- dig = k / DIGIT_BIT;
- bit = k % DIGIT_BIT;
-
- mp_zero(a);
- if((res = s_mp_pad(a, dig + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, dig) |= ((mp_digit)1 << bit);
-
- return MP_OKAY;
-
-} /* end s_mp_2expt() */
-
-/* }}} */
-
-/* {{{ s_mp_reduce(x, m, mu) */
-
-/*
- Compute Barrett reduction, x (mod m), given a precomputed value for
- mu = b^2k / m, where b = RADIX and k = #digits(m). This should be
- faster than straight division, when many reductions by the same
- value of m are required (such as in modular exponentiation). This
- can nearly halve the time required to do modular exponentiation,
- as compared to using the full integer divide to reduce.
-
- This algorithm was derived from the _Handbook of Applied
- Cryptography_ by Menezes, Oorschot and VanStone, Ch. 14,
- pp. 603-604.
- */
-
-mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu)
-{
- mp_int q;
- mp_err res;
-
- if((res = mp_init_copy(&q, x)) != MP_OKAY)
- return res;
-
- s_mp_rshd(&q, USED(m) - 1); /* q1 = x / b^(k-1) */
- s_mp_mul(&q, mu); /* q2 = q1 * mu */
- s_mp_rshd(&q, USED(m) + 1); /* q3 = q2 / b^(k+1) */
-
- /* x = x mod b^(k+1), quick (no division) */
- s_mp_mod_2d(x, DIGIT_BIT * (USED(m) + 1));
-
- /* q = q * m mod b^(k+1), quick (no division) */
- s_mp_mul(&q, m);
- s_mp_mod_2d(&q, DIGIT_BIT * (USED(m) + 1));
-
- /* x = x - q */
- if((res = mp_sub(x, &q, x)) != MP_OKAY)
- goto CLEANUP;
-
- /* If x < 0, add b^(k+1) to it */
- if(mp_cmp_z(x) < 0) {
- mp_set(&q, 1);
- if((res = s_mp_lshd(&q, USED(m) + 1)) != MP_OKAY)
- goto CLEANUP;
- if((res = mp_add(x, &q, x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- /* Back off if it's too big */
- while(mp_cmp(x, m) >= 0) {
- if((res = s_mp_sub(x, m)) != MP_OKAY)
- break;
- }
-
- CLEANUP:
- mp_clear(&q);
-
- return res;
-
-} /* end s_mp_reduce() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive comparisons */
-
-/* {{{ s_mp_cmp(a, b) */
-
-/* Compare |a| <=> |b|, return 0 if equal, <0 if a<b, >0 if a>b */
-int s_mp_cmp(const mp_int *a, const mp_int *b)
-{
- mp_size used_a = MP_USED(a);
- {
- mp_size used_b = MP_USED(b);
-
- if (used_a > used_b)
- goto IS_GT;
- if (used_a < used_b)
- goto IS_LT;
- }
- {
- mp_digit *pa, *pb;
- mp_digit da = 0, db = 0;
-
-#define CMP_AB(n) if ((da = pa[n]) != (db = pb[n])) goto done
-
- pa = MP_DIGITS(a) + used_a;
- pb = MP_DIGITS(b) + used_a;
- while (used_a >= 4) {
- pa -= 4;
- pb -= 4;
- used_a -= 4;
- CMP_AB(3);
- CMP_AB(2);
- CMP_AB(1);
- CMP_AB(0);
- }
- while (used_a-- > 0 && ((da = *--pa) == (db = *--pb)))
- /* do nothing */;
-done:
- if (da > db)
- goto IS_GT;
- if (da < db)
- goto IS_LT;
- }
- return MP_EQ;
-IS_LT:
- return MP_LT;
-IS_GT:
- return MP_GT;
-} /* end s_mp_cmp() */
-
-/* }}} */
-
-/* {{{ s_mp_cmp_d(a, d) */
-
-/* Compare |a| <=> d, return 0 if equal, <0 if a<d, >0 if a>d */
-int s_mp_cmp_d(const mp_int *a, mp_digit d)
-{
- if(USED(a) > 1)
- return MP_GT;
-
- if(DIGIT(a, 0) < d)
- return MP_LT;
- else if(DIGIT(a, 0) > d)
- return MP_GT;
- else
- return MP_EQ;
-
-} /* end s_mp_cmp_d() */
-
-/* }}} */
-
-/* {{{ s_mp_ispow2(v) */
-
-/*
- Returns -1 if the value is not a power of two; otherwise, it returns
- k such that v = 2^k, i.e. lg(v).
- */
-int s_mp_ispow2(const mp_int *v)
-{
- mp_digit d;
- int extra = 0, ix;
-
- ix = MP_USED(v) - 1;
- d = MP_DIGIT(v, ix); /* most significant digit of v */
-
- extra = s_mp_ispow2d(d);
- if (extra < 0 || ix == 0)
- return extra;
-
- while (--ix >= 0) {
- if (DIGIT(v, ix) != 0)
- return -1; /* not a power of two */
- extra += MP_DIGIT_BIT;
- }
-
- return extra;
-
-} /* end s_mp_ispow2() */
-
-/* }}} */
-
-/* {{{ s_mp_ispow2d(d) */
-
-int s_mp_ispow2d(mp_digit d)
-{
- if ((d != 0) && ((d & (d-1)) == 0)) { /* d is a power of 2 */
- int pow = 0;
-#if defined (MP_USE_UINT_DIGIT)
- if (d & 0xffff0000U)
- pow += 16;
- if (d & 0xff00ff00U)
- pow += 8;
- if (d & 0xf0f0f0f0U)
- pow += 4;
- if (d & 0xccccccccU)
- pow += 2;
- if (d & 0xaaaaaaaaU)
- pow += 1;
-#elif defined(MP_USE_LONG_LONG_DIGIT)
- if (d & 0xffffffff00000000ULL)
- pow += 32;
- if (d & 0xffff0000ffff0000ULL)
- pow += 16;
- if (d & 0xff00ff00ff00ff00ULL)
- pow += 8;
- if (d & 0xf0f0f0f0f0f0f0f0ULL)
- pow += 4;
- if (d & 0xccccccccccccccccULL)
- pow += 2;
- if (d & 0xaaaaaaaaaaaaaaaaULL)
- pow += 1;
-#elif defined(MP_USE_LONG_DIGIT)
- if (d & 0xffffffff00000000UL)
- pow += 32;
- if (d & 0xffff0000ffff0000UL)
- pow += 16;
- if (d & 0xff00ff00ff00ff00UL)
- pow += 8;
- if (d & 0xf0f0f0f0f0f0f0f0UL)
- pow += 4;
- if (d & 0xccccccccccccccccUL)
- pow += 2;
- if (d & 0xaaaaaaaaaaaaaaaaUL)
- pow += 1;
-#else
-#error "unknown type for mp_digit"
-#endif
- return pow;
- }
- return -1;
-
-} /* end s_mp_ispow2d() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive I/O helpers */
-
-/* {{{ s_mp_tovalue(ch, r) */
-
-/*
- Convert the given character to its digit value, in the given radix.
- If the given character is not understood in the given radix, -1 is
- returned. Otherwise the digit's numeric value is returned.
-
- The results will be odd if you use a radix < 2 or > 62, you are
- expected to know what you're up to.
- */
-int s_mp_tovalue(char ch, int r)
-{
- int val, xch;
-
- if(r > 36)
- xch = ch;
- else
- xch = toupper(ch);
-
- if(isdigit(xch))
- val = xch - '0';
- else if(isupper(xch))
- val = xch - 'A' + 10;
- else if(islower(xch))
- val = xch - 'a' + 36;
- else if(xch == '+')
- val = 62;
- else if(xch == '/')
- val = 63;
- else
- return -1;
-
- if(val < 0 || val >= r)
- return -1;
-
- return val;
-
-} /* end s_mp_tovalue() */
-
-/* }}} */
-
-/* {{{ s_mp_todigit(val, r, low) */
-
-/*
- Convert val to a radix-r digit, if possible. If val is out of range
- for r, returns zero. Otherwise, returns an ASCII character denoting
- the value in the given radix.
-
- The results may be odd if you use a radix < 2 or > 64, you are
- expected to know what you're doing.
- */
-
-char s_mp_todigit(mp_digit val, int r, int low)
-{
- char ch;
-
- if(val >= r)
- return 0;
-
- ch = s_dmap_1[val];
-
- if(r <= 36 && low)
- ch = tolower(ch);
-
- return ch;
-
-} /* end s_mp_todigit() */
-
-/* }}} */
-
-/* {{{ s_mp_outlen(bits, radix) */
-
-/*
- Return an estimate for how long a string is needed to hold a radix
- r representation of a number with 'bits' significant bits, plus an
- extra for a zero terminator (assuming C style strings here)
- */
-int s_mp_outlen(int bits, int r)
-{
- return (int)((double)bits * LOG_V_2(r) + 1.5) + 1;
-
-} /* end s_mp_outlen() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ mp_read_unsigned_octets(mp, str, len) */
-/* mp_read_unsigned_octets(mp, str, len)
- Read in a raw value (base 256) into the given mp_int
- No sign bit, number is positive. Leading zeros ignored.
- */
-
-mp_err
-mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len)
-{
- int count;
- mp_err res;
- mp_digit d;
-
- ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
-
- mp_zero(mp);
-
- count = len % sizeof(mp_digit);
- if (count) {
- for (d = 0; count-- > 0; --len) {
- d = (d << 8) | *str++;
- }
- MP_DIGIT(mp, 0) = d;
- }
-
- /* Read the rest of the digits */
- for(; len > 0; len -= sizeof(mp_digit)) {
- for (d = 0, count = sizeof(mp_digit); count > 0; --count) {
- d = (d << 8) | *str++;
- }
- if (MP_EQ == mp_cmp_z(mp)) {
- if (!d)
- continue;
- } else {
- if((res = s_mp_lshd(mp, 1)) != MP_OKAY)
- return res;
- }
- MP_DIGIT(mp, 0) = d;
- }
- return MP_OKAY;
-} /* end mp_read_unsigned_octets() */
-/* }}} */
-
-/* {{{ mp_unsigned_octet_size(mp) */
-int
-mp_unsigned_octet_size(const mp_int *mp)
-{
- int bytes;
- int ix;
- mp_digit d = 0;
-
- ARGCHK(mp != NULL, MP_BADARG);
- ARGCHK(MP_ZPOS == SIGN(mp), MP_BADARG);
-
- bytes = (USED(mp) * sizeof(mp_digit));
-
- /* subtract leading zeros. */
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- d = DIGIT(mp, ix);
- if (d)
- break;
- bytes -= sizeof(d);
- }
- if (!bytes)
- return 1;
-
- /* Have MSD, check digit bytes, high order first */
- for(ix = sizeof(mp_digit) - 1; ix >= 0; ix--) {
- unsigned char x = (unsigned char)(d >> (ix * CHAR_BIT));
- if (x)
- break;
- --bytes;
- }
- return bytes;
-} /* end mp_unsigned_octet_size() */
-/* }}} */
-
-/* {{{ mp_to_unsigned_octets(mp, str) */
-/* output a buffer of big endian octets no longer than specified. */
-mp_err
-mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
-{
- int ix, pos = 0;
- int bytes;
-
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= maxlen, MP_BADARG);
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
- int jx;
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos && !x) /* suppress leading zeros */
- continue;
- str[pos++] = x;
- }
- }
- return pos;
-} /* end mp_to_unsigned_octets() */
-/* }}} */
-
-/* {{{ mp_to_signed_octets(mp, str) */
-/* output a buffer of big endian octets no longer than specified. */
-mp_err
-mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
-{
- int ix, pos = 0;
- int bytes;
-
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= maxlen, MP_BADARG);
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
- int jx;
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos) {
- if (!x) /* suppress leading zeros */
- continue;
- if (x & 0x80) { /* add one leading zero to make output positive. */
- ARGCHK(bytes + 1 <= maxlen, MP_BADARG);
- if (bytes + 1 > maxlen)
- return MP_BADARG;
- str[pos++] = 0;
- }
- }
- str[pos++] = x;
- }
- }
- return pos;
-} /* end mp_to_signed_octets() */
-/* }}} */
-
-/* {{{ mp_to_fixlen_octets(mp, str) */
-/* output a buffer of big endian octets exactly as long as requested. */
-mp_err
-mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length)
-{
- int ix, pos = 0;
- int bytes;
-
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= length, MP_BADARG);
-
- /* place any needed leading zeros */
- for (;length > bytes; --length) {
- *str++ = 0;
- }
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
- int jx;
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos && !x) /* suppress leading zeros */
- continue;
- str[pos++] = x;
- }
- }
- return MP_OKAY;
-} /* end mp_to_fixlen_octets() */
-/* }}} */
-
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpi.h b/security/nss/lib/freebl/mpi/mpi.h
deleted file mode 100644
index a587c0a76..000000000
--- a/security/nss/lib/freebl/mpi/mpi.h
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * mpi.h
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _H_MPI_
-#define _H_MPI_
-
-#include "mpi-config.h"
-
-#if MP_DEBUG
-#undef MP_IOFUNC
-#define MP_IOFUNC 1
-#endif
-
-#if MP_IOFUNC
-#include <stdio.h>
-#include <ctype.h>
-#endif
-
-#include <limits.h>
-
-#if defined(BSDI)
-#undef ULLONG_MAX
-#endif
-
-#if defined( macintosh )
-#include <Types.h>
-#elif defined( _WIN32_WCE)
-/* #include <sys/types.h> What do we need here ?? */
-#else
-#include <sys/types.h>
-#endif
-
-#define MP_NEG 1
-#define MP_ZPOS 0
-
-#define MP_OKAY 0 /* no error, all is well */
-#define MP_YES 0 /* yes (boolean result) */
-#define MP_NO -1 /* no (boolean result) */
-#define MP_MEM -2 /* out of memory */
-#define MP_RANGE -3 /* argument out of range */
-#define MP_BADARG -4 /* invalid parameter */
-#define MP_UNDEF -5 /* answer is undefined */
-#define MP_LAST_CODE MP_UNDEF
-
-typedef unsigned int mp_sign;
-typedef unsigned int mp_size;
-typedef int mp_err;
-
-#define MP_32BIT_MAX 4294967295U
-
-#if !defined(ULONG_MAX)
-#error "ULONG_MAX not defined"
-#elif !defined(UINT_MAX)
-#error "UINT_MAX not defined"
-#elif !defined(USHRT_MAX)
-#error "USHRT_MAX not defined"
-#endif
-
-#if defined(ULONG_LONG_MAX) /* GCC, HPUX */
-#define MP_ULONG_LONG_MAX ULONG_LONG_MAX
-#elif defined(ULLONG_MAX) /* Solaris */
-#define MP_ULONG_LONG_MAX ULLONG_MAX
-/* MP_ULONG_LONG_MAX was defined to be ULLONG_MAX */
-#elif defined(ULONGLONG_MAX) /* IRIX, AIX */
-#define MP_ULONG_LONG_MAX ULONGLONG_MAX
-#endif
-
-/* We only use unsigned long for mp_digit iff long is more than 32 bits. */
-#if !defined(MP_USE_UINT_DIGIT) && ULONG_MAX > MP_32BIT_MAX
-typedef unsigned long mp_digit;
-#define MP_DIGIT_MAX ULONG_MAX
-#define MP_DIGIT_FMT "%016lX" /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX UINT_MAX
-#undef MP_NO_MP_WORD
-#define MP_NO_MP_WORD 1
-#undef MP_USE_LONG_DIGIT
-#define MP_USE_LONG_DIGIT 1
-#undef MP_USE_LONG_LONG_DIGIT
-
-#elif !defined(MP_USE_UINT_DIGIT) && defined(MP_ULONG_LONG_MAX)
-typedef unsigned long long mp_digit;
-#define MP_DIGIT_MAX MP_ULONG_LONG_MAX
-#define MP_DIGIT_FMT "%016llX" /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX UINT_MAX
-#undef MP_NO_MP_WORD
-#define MP_NO_MP_WORD 1
-#undef MP_USE_LONG_LONG_DIGIT
-#define MP_USE_LONG_LONG_DIGIT 1
-#undef MP_USE_LONG_DIGIT
-
-#else
-typedef unsigned int mp_digit;
-#define MP_DIGIT_MAX UINT_MAX
-#define MP_DIGIT_FMT "%08X" /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX USHRT_MAX
-#undef MP_USE_UINT_DIGIT
-#define MP_USE_UINT_DIGIT 1
-#undef MP_USE_LONG_LONG_DIGIT
-#undef MP_USE_LONG_DIGIT
-#endif
-
-#if !defined(MP_NO_MP_WORD)
-#if defined(MP_USE_UINT_DIGIT) && \
- (defined(MP_ULONG_LONG_MAX) || (ULONG_MAX > UINT_MAX))
-
-#if (ULONG_MAX > UINT_MAX)
-typedef unsigned long mp_word;
-typedef long mp_sword;
-#define MP_WORD_MAX ULONG_MAX
-
-#else
-typedef unsigned long long mp_word;
-typedef long long mp_sword;
-#define MP_WORD_MAX MP_ULONG_LONG_MAX
-#endif
-
-#else
-#define MP_NO_MP_WORD 1
-#endif
-#endif /* !defined(MP_NO_MP_WORD) */
-
-#if !defined(MP_WORD_MAX) && defined(MP_DEFINE_SMALL_WORD)
-typedef unsigned int mp_word;
-typedef int mp_sword;
-#define MP_WORD_MAX UINT_MAX
-#endif
-
-#define MP_DIGIT_BIT (CHAR_BIT*sizeof(mp_digit))
-#define MP_WORD_BIT (CHAR_BIT*sizeof(mp_word))
-#define MP_RADIX (1+(mp_word)MP_DIGIT_MAX)
-
-#define MP_HALF_DIGIT_BIT (MP_DIGIT_BIT/2)
-#define MP_HALF_RADIX (1+(mp_digit)MP_HALF_DIGIT_MAX)
-/* MP_HALF_RADIX really ought to be called MP_SQRT_RADIX, but it's named
-** MP_HALF_RADIX because it's the radix for MP_HALF_DIGITs, and it's
-** consistent with the other _HALF_ names.
-*/
-
-
-/* Macros for accessing the mp_int internals */
-#define MP_SIGN(MP) ((MP)->sign)
-#define MP_USED(MP) ((MP)->used)
-#define MP_ALLOC(MP) ((MP)->alloc)
-#define MP_DIGITS(MP) ((MP)->dp)
-#define MP_DIGIT(MP,N) (MP)->dp[(N)]
-
-/* This defines the maximum I/O base (minimum is 2) */
-#define MP_MAX_RADIX 64
-
-typedef struct {
- mp_sign sign; /* sign of this quantity */
- mp_size alloc; /* how many digits allocated */
- mp_size used; /* how many digits used */
- mp_digit *dp; /* the digits themselves */
-} mp_int;
-
-/* Default precision */
-mp_size mp_get_prec(void);
-void mp_set_prec(mp_size prec);
-
-/* Memory management */
-mp_err mp_init(mp_int *mp);
-mp_err mp_init_size(mp_int *mp, mp_size prec);
-mp_err mp_init_copy(mp_int *mp, const mp_int *from);
-mp_err mp_copy(const mp_int *from, mp_int *to);
-void mp_exch(mp_int *mp1, mp_int *mp2);
-void mp_clear(mp_int *mp);
-void mp_zero(mp_int *mp);
-void mp_set(mp_int *mp, mp_digit d);
-mp_err mp_set_int(mp_int *mp, long z);
-#define mp_set_long(mp,z) mp_set_int(mp,z)
-mp_err mp_set_ulong(mp_int *mp, unsigned long z);
-
-/* Single digit arithmetic */
-mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_mul_2(const mp_int *a, mp_int *c);
-mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r);
-mp_err mp_div_2(const mp_int *a, mp_int *c);
-mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c);
-
-/* Sign manipulations */
-mp_err mp_abs(const mp_int *a, mp_int *b);
-mp_err mp_neg(const mp_int *a, mp_int *b);
-
-/* Full arithmetic */
-mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int *c);
-#if MP_SQUARE
-mp_err mp_sqr(const mp_int *a, mp_int *b);
-#else
-#define mp_sqr(a, b) mp_mul(a, a, b)
-#endif
-mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r);
-mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r);
-mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_2expt(mp_int *a, mp_digit k);
-mp_err mp_sqrt(const mp_int *a, mp_int *b);
-
-/* Modular arithmetic */
-#if MP_MODARITH
-mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c);
-mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c);
-mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-#if MP_SQUARE
-mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c);
-#else
-#define mp_sqrmod(a, m, c) mp_mulmod(a, a, m, c)
-#endif
-mp_err mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c);
-#endif /* MP_MODARITH */
-
-/* Comparisons */
-int mp_cmp_z(const mp_int *a);
-int mp_cmp_d(const mp_int *a, mp_digit d);
-int mp_cmp(const mp_int *a, const mp_int *b);
-int mp_cmp_mag(mp_int *a, mp_int *b);
-int mp_cmp_int(const mp_int *a, long z);
-int mp_isodd(const mp_int *a);
-int mp_iseven(const mp_int *a);
-
-/* Number theoretic */
-#if MP_NUMTH
-mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y);
-mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c);
-mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c);
-#endif /* end MP_NUMTH */
-
-/* Input and output */
-#if MP_IOFUNC
-void mp_print(mp_int *mp, FILE *ofp);
-#endif /* end MP_IOFUNC */
-
-/* Base conversion */
-mp_err mp_read_raw(mp_int *mp, char *str, int len);
-int mp_raw_size(mp_int *mp);
-mp_err mp_toraw(mp_int *mp, char *str);
-mp_err mp_read_radix(mp_int *mp, const char *str, int radix);
-mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix);
-int mp_radix_size(mp_int *mp, int radix);
-mp_err mp_toradix(mp_int *mp, char *str, int radix);
-int mp_tovalue(char ch, int r);
-
-#define mp_tobinary(M, S) mp_toradix((M), (S), 2)
-#define mp_tooctal(M, S) mp_toradix((M), (S), 8)
-#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
-#define mp_tohex(M, S) mp_toradix((M), (S), 16)
-
-/* Error strings */
-const char *mp_strerror(mp_err ec);
-
-/* Octet string conversion functions */
-mp_err mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len);
-int mp_unsigned_octet_size(const mp_int *mp);
-mp_err mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
-mp_err mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
-mp_err mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size len);
-
-/* Miscellaneous */
-mp_size mp_trailing_zeros(const mp_int *mp);
-
-#define MP_CHECKOK(x) if (MP_OKAY > (res = (x))) goto CLEANUP
-#define MP_CHECKERR(x) if (MP_OKAY > (res = (x))) goto CLEANUP
-
-#if defined(MP_API_COMPATIBLE)
-#define NEG MP_NEG
-#define ZPOS MP_ZPOS
-#define DIGIT_MAX MP_DIGIT_MAX
-#define DIGIT_BIT MP_DIGIT_BIT
-#define DIGIT_FMT MP_DIGIT_FMT
-#define RADIX MP_RADIX
-#define MAX_RADIX MP_MAX_RADIX
-#define SIGN(MP) MP_SIGN(MP)
-#define USED(MP) MP_USED(MP)
-#define ALLOC(MP) MP_ALLOC(MP)
-#define DIGITS(MP) MP_DIGITS(MP)
-#define DIGIT(MP,N) MP_DIGIT(MP,N)
-
-#if MP_ARGCHK == 1
-#define ARGCHK(X,Y) {if(!(X)){return (Y);}}
-#elif MP_ARGCHK == 2
-#include <assert.h>
-#define ARGCHK(X,Y) assert(X)
-#else
-#define ARGCHK(X,Y) /* */
-#endif
-#endif /* defined MP_API_COMPATIBLE */
-
-#endif /* end _H_MPI_ */
diff --git a/security/nss/lib/freebl/mpi/mpi_hp.c b/security/nss/lib/freebl/mpi/mpi_hp.c
deleted file mode 100644
index e30630c19..000000000
--- a/security/nss/lib/freebl/mpi/mpi_hp.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/* This file contains routines that perform vector multiplication. */
-
-#include "mpi-priv.h"
-#include <unistd.h>
-
-#include <stddef.h>
-/* #include <sys/systeminfo.h> */
-#include <strings.h>
-
-extern void multacc512(
- int length, /* doublewords in multiplicand vector. */
- const mp_digit *scalaraddr, /* Address of scalar. */
- const mp_digit *multiplicand, /* The multiplicand vector. */
- mp_digit * result); /* Where to accumulate the result. */
-
-extern void maxpy_little(
- int length, /* doublewords in multiplicand vector. */
- const mp_digit *scalaraddr, /* Address of scalar. */
- const mp_digit *multiplicand, /* The multiplicand vector. */
- mp_digit * result); /* Where to accumulate the result. */
-
-extern void add_diag_little(
- int length, /* doublewords in input vector. */
- const mp_digit *root, /* The vector to square. */
- mp_digit * result); /* Where to accumulate the result. */
-
-void
-s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
-{
- add_diag_little(a_len, pa, ps);
-}
-
-#define MAX_STACK_DIGITS 258
-#define MULTACC512_LEN (512 / MP_DIGIT_BIT)
-#define HP_MPY_ADD_FN (a_len == MULTACC512_LEN ? multacc512 : maxpy_little)
-
-/* c = a * b */
-void
-s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- mp_digit x[MAX_STACK_DIGITS];
- mp_digit *px = x;
- size_t xSize = 0;
-
- if (a == c) {
- if (a_len > MAX_STACK_DIGITS) {
- xSize = sizeof(mp_digit) * (a_len + 2);
- px = malloc(xSize);
- if (!px)
- return;
- }
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- }
- s_mp_setz(c, a_len + 1);
- HP_MPY_ADD_FN(a_len, &b, a, c);
- if (px != x && px) {
- memset(px, 0, xSize);
- free(px);
- }
-}
-
-/* c += a * b, where a is a_len words long. */
-void
-s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- c[a_len] = 0; /* so carry propagation stops here. */
- HP_MPY_ADD_FN(a_len, &b, a, c);
-}
-
-/* c += a * b, where a is y words long. */
-void
-s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
- mp_digit *c)
-{
- HP_MPY_ADD_FN(a_len, &b, a, c);
-}
-
diff --git a/security/nss/lib/freebl/mpi/mpi_i86pc.s b/security/nss/lib/freebl/mpi/mpi_i86pc.s
deleted file mode 100644
index f6c167b1a..000000000
--- a/security/nss/lib/freebl/mpi/mpi_i86pc.s
+++ /dev/null
@@ -1,342 +0,0 @@
- /
- / The contents of this file are subject to the Mozilla Public
- / License Version 1.1 (the "License"); you may not use this file
- / except in compliance with the License. You may obtain a copy of
- / the License at http://www.mozilla.org/MPL/
- /
- / Software distributed under the License is distributed on an "AS
- / IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- / implied. See the License for the specific language governing
- / rights and limitations under the License.
- /
- / The Original Code is the Netscape security libraries.
- /
- / The Initial Developer of the Original Code is Netscape
- / Communications Corporation. Portions created by Netscape are
- / Copyright (C) 2001 Netscape Communications Corporation. All
- / Rights Reserved.
- /
- / Contributor(s):
- /
- / Alternatively, the contents of this file may be used under the
- / terms of the GNU General Public License Version 2 or later (the
- / "GPL"), in which case the provisions of the GPL are applicable
- / instead of those above. If you wish to allow use of your
- / version of this file only under the terms of the GPL and not to
- / allow others to use your version of this file under the MPL,
- / indicate your decision by deleting the provisions above and
- / replace them with the notice and other provisions required by
- / the GPL. If you do not delete the provisions above, a recipient
- / may use your version of this file under either the MPL or the
- / GPL.
- / $Id$
- /
-
-.text
-
- / ebp - 36: caller's esi
- / ebp - 32: caller's edi
- / ebp - 28:
- / ebp - 24:
- / ebp - 20:
- / ebp - 16:
- / ebp - 12:
- / ebp - 8:
- / ebp - 4:
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: a argument
- / ebp + 12: a_len argument
- / ebp + 16: b argument
- / ebp + 20: c argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-.globl s_mpv_mul_d
-.type s_mpv_mul_d,@function
-s_mpv_mul_d:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je L2 / jmp if a_len == 0
- mov 8(%ebp),%esi / esi = a
- cld
-L1:
- lodsl / eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx / edx = b
- mull %edx / edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax / add carry (%ebx) to edx:eax
- adc $0,%edx
- mov %edx,%ebx / high half of product becomes next carry
-
- stosl / [es:edi] = ax; edi += 4;
- dec %ecx / --a_len
- jnz L1 / jmp if a_len != 0
-L2:
- mov %ebx,0(%edi) / *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- / ebp - 36: caller's esi
- / ebp - 32: caller's edi
- / ebp - 28:
- / ebp - 24:
- / ebp - 20:
- / ebp - 16:
- / ebp - 12:
- / ebp - 8:
- / ebp - 4:
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: a argument
- / ebp + 12: a_len argument
- / ebp + 16: b argument
- / ebp + 20: c argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-.globl s_mpv_mul_d_add
-.type s_mpv_mul_d_add,@function
-s_mpv_mul_d_add:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je L4 / jmp if a_len == 0
- mov 8(%ebp),%esi / esi = a
- cld
-L3:
- lodsl / eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx / edx = b
- mull %edx / edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax / add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx / add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx / high half of product becomes next carry
-
- stosl / [es:edi] = ax; edi += 4;
- dec %ecx / --a_len
- jnz L3 / jmp if a_len != 0
-L4:
- mov %ebx,0(%edi) / *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- / ebp - 36: caller's esi
- / ebp - 32: caller's edi
- / ebp - 28:
- / ebp - 24:
- / ebp - 20:
- / ebp - 16:
- / ebp - 12:
- / ebp - 8:
- / ebp - 4:
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: a argument
- / ebp + 12: a_len argument
- / ebp + 16: b argument
- / ebp + 20: c argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-.globl s_mpv_mul_d_add_prop
-.type s_mpv_mul_d_add_prop,@function
-s_mpv_mul_d_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je L6 / jmp if a_len == 0
- cld
- mov 8(%ebp),%esi / esi = a
-L5:
- lodsl / eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx / edx = b
- mull %edx / edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax / add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx / add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx / high half of product becomes next carry
-
- stosl / [es:edi] = ax; edi += 4;
- dec %ecx / --a_len
- jnz L5 / jmp if a_len != 0
-L6:
- cmp $0,%ebx / is carry zero?
- jz L8
- mov 0(%edi),%eax / add in current word from *c
- add %ebx,%eax
- stosl / [es:edi] = ax; edi += 4;
- jnc L8
-L7:
- mov 0(%edi),%eax / add in current word from *c
- adc $0,%eax
- stosl / [es:edi] = ax; edi += 4;
- jc L7
-L8:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- / ebp - 20: caller's esi
- / ebp - 16: caller's edi
- / ebp - 12:
- / ebp - 8: carry
- / ebp - 4: a_len local
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: pa argument
- / ebp + 12: a_len argument
- / ebp + 16: ps argument
- / ebp + 20:
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-
-.globl s_mpv_sqr_add_prop
-.type s_mpv_sqr_add_prop,@function
-s_mpv_sqr_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $12,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / a_len
- mov 16(%ebp),%edi / edi = ps
- cmp $0,%ecx
- je L11 / jump if a_len == 0
- cld
- mov 8(%ebp),%esi / esi = pa
-L10:
- lodsl / %eax = [ds:si]; si += 4;
- mull %eax
-
- add %ebx,%eax / add "carry"
- adc $0,%edx
- mov 0(%edi),%ebx
- add %ebx,%eax / add low word from result
- mov 4(%edi),%ebx
- stosl / [es:di] = %eax; di += 4;
- adc %ebx,%edx / add high word from result
- movl $0,%ebx
- mov %edx,%eax
- adc $0,%ebx
- stosl / [es:di] = %eax; di += 4;
- dec %ecx / --a_len
- jnz L10 / jmp if a_len != 0
-L11:
- cmp $0,%ebx / is carry zero?
- jz L14
- mov 0(%edi),%eax / add in current word from *c
- add %ebx,%eax
- stosl / [es:edi] = ax; edi += 4;
- jnc L14
-L12:
- mov 0(%edi),%eax / add in current word from *c
- adc $0,%eax
- stosl / [es:edi] = ax; edi += 4;
- jc L12
-L14:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- /
- / Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
- / so its high bit is 1. This code is from NSPR.
- /
- / mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- / mp_digit *qp, mp_digit *rp)
-
- / esp + 0: Caller's ebx
- / esp + 4: return address
- / esp + 8: Nhi argument
- / esp + 12: Nlo argument
- / esp + 16: divisor argument
- / esp + 20: qp argument
- / esp + 24: rp argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
- /
-
-.globl s_mpv_div_2dx1d
-.type s_mpv_div_2dx1d,@function
-s_mpv_div_2dx1d:
- push %ebx
- mov 8(%esp),%edx
- mov 12(%esp),%eax
- mov 16(%esp),%ebx
- div %ebx
- mov 20(%esp),%ebx
- mov %eax,0(%ebx)
- mov 24(%esp),%ebx
- mov %edx,0(%ebx)
- xor %eax,%eax / return zero
- pop %ebx
- ret
- nop
-
diff --git a/security/nss/lib/freebl/mpi/mpi_mips.s b/security/nss/lib/freebl/mpi/mpi_mips.s
deleted file mode 100644
index bb846ee57..000000000
--- a/security/nss/lib/freebl/mpi/mpi_mips.s
+++ /dev/null
@@ -1,502 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-#include <regdef.h>
- .set noreorder
- .set noat
-
- .section .text, 1, 0x00000006, 4, 4
-.text:
- .section .text
-
- .ent s_mpv_mul_d_add
- .globl s_mpv_mul_d_add
-
-s_mpv_mul_d_add:
- #/* c += a * b */
- #void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b,
- # mp_digit *c)
- #{
- # mp_digit a0, a1; regs a4, a5
- # mp_digit c0, c1; regs a6, a7
- # mp_digit cy = 0; reg t2
- # mp_word w0, w1; regs t0, t1
- #
- # if (a_len) {
- beq a1,zero,.L.1
- move t2,zero # cy = 0
- dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
- dsrl32 a2,a2,0 # This clears the upper 32 bits.
- # a0 = a[0];
- lwu a4,0(a0)
- # w0 = ((mp_word)b * a0);
- dmultu a2,a4
- # if (--a_len) {
- addiu a1,a1,-1
- beq a1,zero,.L.2
- # while (a_len >= 2) {
- sltiu t3,a1,2
- bne t3,zero,.L.3
- # a1 = a[1];
- lwu a5,4(a0)
-.L.4:
- # a_len -= 2;
- addiu a1,a1,-2
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- mflo t0
- daddu t0,t0,t2
- # w0 += c0;
- daddu t0,t0,a6
- # w1 = (mp_word)b * a1;
- dmultu a2,a5 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # a0 = a[2];
- lwu a4,8(a0)
- # a += 2;
- addiu a0,a0,8
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # w0 = (mp_word)b * a0;
- dmultu a2,a4 #
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # c += 2;
- addiu a3,a3,8
- sltiu t3,a1,2
- beq t3,zero,.L.4
- # a1 = a[1];
- lwu a5,4(a0)
- # }
-.L.3:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- # if (a_len) {
- mflo t0
- beq a1,zero,.L.5
- daddu t0,t0,t2
- # w1 = (mp_word)b * a1;
- dmultu a2,a5
- # w0 += c0;
- daddu t0,t0,a6 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c += 1;
- b .L.6
- addiu a3,a3,4
- # } else {
-.L.5:
- # w0 += c0;
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- b .L.6
- dsrl32 t2,t0,0
- # }
- # } else {
-.L.2:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += c0;
- mflo t0
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # }
-.L.6:
- # c[1] = cy;
- jr ra
- sw t2,4(a3)
- # }
-.L.1:
- jr ra
- nop
- #}
- #
- .end s_mpv_mul_d_add
-
- .ent s_mpv_mul_d_add_prop
- .globl s_mpv_mul_d_add_prop
-
-s_mpv_mul_d_add_prop:
- #/* c += a * b */
- #void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
- # mp_digit *c)
- #{
- # mp_digit a0, a1; regs a4, a5
- # mp_digit c0, c1; regs a6, a7
- # mp_digit cy = 0; reg t2
- # mp_word w0, w1; regs t0, t1
- #
- # if (a_len) {
- beq a1,zero,.M.1
- move t2,zero # cy = 0
- dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
- dsrl32 a2,a2,0 # This clears the upper 32 bits.
- # a0 = a[0];
- lwu a4,0(a0)
- # w0 = ((mp_word)b * a0);
- dmultu a2,a4
- # if (--a_len) {
- addiu a1,a1,-1
- beq a1,zero,.M.2
- # while (a_len >= 2) {
- sltiu t3,a1,2
- bne t3,zero,.M.3
- # a1 = a[1];
- lwu a5,4(a0)
-.M.4:
- # a_len -= 2;
- addiu a1,a1,-2
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- mflo t0
- daddu t0,t0,t2
- # w0 += c0;
- daddu t0,t0,a6
- # w1 = (mp_word)b * a1;
- dmultu a2,a5 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # a0 = a[2];
- lwu a4,8(a0)
- # a += 2;
- addiu a0,a0,8
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # w0 = (mp_word)b * a0;
- dmultu a2,a4 #
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # c += 2;
- addiu a3,a3,8
- sltiu t3,a1,2
- beq t3,zero,.M.4
- # a1 = a[1];
- lwu a5,4(a0)
- # }
-.M.3:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- # if (a_len) {
- mflo t0
- beq a1,zero,.M.5
- daddu t0,t0,t2
- # w1 = (mp_word)b * a1;
- dmultu a2,a5
- # w0 += c0;
- daddu t0,t0,a6 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c += 1;
- b .M.6
- addiu a3,a3,8
- # } else {
-.M.5:
- # w0 += c0;
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- b .M.6
- addiu a3,a3,4
- # }
- # } else {
-.M.2:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += c0;
- mflo t0
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- addiu a3,a3,4
- # }
-.M.6:
-
- # while (cy) {
- beq t2,zero,.M.1
- nop
-.M.7:
- # mp_word w = (mp_word)*c + cy;
- lwu a6,0(a3)
- daddu t2,t2,a6
- # *c++ = ACCUM(w);
- sw t2,0(a3)
- # cy = CARRYOUT(w);
- dsrl32 t2,t2,0
- bne t2,zero,.M.7
- addiu a3,a3,4
-
- # }
-.M.1:
- jr ra
- nop
- #}
- #
- .end s_mpv_mul_d_add_prop
-
- .ent s_mpv_mul_d
- .globl s_mpv_mul_d
-
-s_mpv_mul_d:
- #/* c = a * b */
- #void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b,
- # mp_digit *c)
- #{
- # mp_digit a0, a1; regs a4, a5
- # mp_digit cy = 0; reg t2
- # mp_word w0, w1; regs t0, t1
- #
- # if (a_len) {
- beq a1,zero,.N.1
- move t2,zero # cy = 0
- dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
- dsrl32 a2,a2,0 # This clears the upper 32 bits.
- # a0 = a[0];
- lwu a4,0(a0)
- # w0 = ((mp_word)b * a0);
- dmultu a2,a4
- # if (--a_len) {
- addiu a1,a1,-1
- beq a1,zero,.N.2
- # while (a_len >= 2) {
- sltiu t3,a1,2
- bne t3,zero,.N.3
- # a1 = a[1];
- lwu a5,4(a0)
-.N.4:
- # a_len -= 2;
- addiu a1,a1,-2
- # w0 += cy;
- mflo t0
- daddu t0,t0,t2
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # w1 = (mp_word)b * a1;
- dmultu a2,a5
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # a0 = a[2];
- lwu a4,8(a0)
- # a += 2;
- addiu a0,a0,8
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # w0 = (mp_word)b * a0;
- dmultu a2,a4
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # c += 2;
- addiu a3,a3,8
- sltiu t3,a1,2
- beq t3,zero,.N.4
- # a1 = a[1];
- lwu a5,4(a0)
- # }
-.N.3:
- # w0 += cy;
- # if (a_len) {
- mflo t0
- beq a1,zero,.N.5
- daddu t0,t0,t2
- # w1 = (mp_word)b * a1;
- dmultu a2,a5 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c += 1;
- b .N.6
- addiu a3,a3,4
- # } else {
-.N.5:
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- b .N.6
- dsrl32 t2,t0,0
- # }
- # } else {
-.N.2:
- mflo t0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # }
-.N.6:
- # c[1] = cy;
- jr ra
- sw t2,4(a3)
- # }
-.N.1:
- jr ra
- nop
- #}
- #
- .end s_mpv_mul_d
-
-
- .ent s_mpv_sqr_add_prop
- .globl s_mpv_sqr_add_prop
- #void s_mpv_sqr_add_prop(const mp_digit *a, mp_size a_len, mp_digit *sqrs);
- # registers
- # a0 *a
- # a1 a_len
- # a2 *sqr
- # a3 digit from *a, a_i
- # a4 square of digit from a
- # a5,a6 next 2 digits in sqr
- # a7,t0 carry
-s_mpv_sqr_add_prop:
- move a7,zero
- move t0,zero
- lwu a3,0(a0)
- addiu a1,a1,-1 # --a_len
- dmultu a3,a3
- beq a1,zero,.P.3 # jump if we've already done the only sqr
- addiu a0,a0,4 # ++a
-.P.2:
- lwu a5,0(a2)
- lwu a6,4(a2)
- addiu a2,a2,8 # sqrs += 2;
- dsll32 a6,a6,0
- daddu a5,a5,a6
- lwu a3,0(a0)
- addiu a0,a0,4 # ++a
- mflo a4
- daddu a6,a5,a4
- sltu a7,a6,a5 # a7 = a6 < a5 detect overflow
- dmultu a3,a3
- daddu a4,a6,t0
- sltu t0,a4,a6
- add t0,t0,a7
- sw a4,-8(a2)
- addiu a1,a1,-1 # --a_len
- dsrl32 a4,a4,0
- bne a1,zero,.P.2 # loop if a_len > 0
- sw a4,-4(a2)
-.P.3:
- lwu a5,0(a2)
- lwu a6,4(a2)
- addiu a2,a2,8 # sqrs += 2;
- dsll32 a6,a6,0
- daddu a5,a5,a6
- mflo a4
- daddu a6,a5,a4
- sltu a7,a6,a5 # a7 = a6 < a5 detect overflow
- daddu a4,a6,t0
- sltu t0,a4,a6
- add t0,t0,a7
- sw a4,-8(a2)
- beq t0,zero,.P.9 # jump if no carry
- dsrl32 a4,a4,0
-.P.8:
- sw a4,-4(a2)
- /* propagate final carry */
- lwu a5,0(a2)
- daddu a6,a5,t0
- sltu t0,a6,a5
- bne t0,zero,.P.8 # loop if carry persists
- addiu a2,a2,4 # sqrs++
-.P.9:
- jr ra
- sw a4,-4(a2)
-
- .end s_mpv_sqr_add_prop
diff --git a/security/nss/lib/freebl/mpi/mpi_sparc.c b/security/nss/lib/freebl/mpi/mpi_sparc.c
deleted file mode 100644
index a7bf863fd..000000000
--- a/security/nss/lib/freebl/mpi/mpi_sparc.c
+++ /dev/null
@@ -1,358 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/* Multiplication performance enhancements for sparc v8+vis CPUs. */
-
-#include "mpi-priv.h"
-#include <stddef.h>
-#include <sys/systeminfo.h>
-#include <strings.h>
-
-/* In the functions below, */
-/* vector y must be 8-byte aligned, and n must be even */
-/* returns carry out of high order word of result */
-/* maximum n is 256 */
-
-/* vector x += vector y * scaler a; where y is of length n words. */
-extern mp_digit mul_add_inp(mp_digit *x, const mp_digit *y, int n, mp_digit a);
-
-/* vector z = vector x + vector y * scaler a; where y is of length n words. */
-extern mp_digit mul_add(mp_digit *z, const mp_digit *x, const mp_digit *y,
- int n, mp_digit a);
-
-/* v8 versions of these functions run on any Sparc v8 CPU. */
-
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { unsigned long long product = (unsigned long long)a * b; \
- Plo = (mp_digit)product; \
- Phi = (mp_digit)(product >> MP_DIGIT_BIT); }
-
-/* c = a * b */
-static void
-v8_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* c += a * b */
-static void
-v8_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-static void
-v8_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-
- while (d) {
- mp_word w = (mp_word)*c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
-
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
-
- *c++ = a0b0;
- carry = a1b1;
- }
- while (carry) {
- mp_digit c_i = *c;
- carry += c_i;
- *c++ = carry;
- carry = carry < c_i;
- }
-#endif
-}
-
-/* vis versions of these functions run only on v8+vis or v9+vis CPUs. */
-
-/* c = a * b */
-static void
-vis_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- mp_digit d;
- mp_digit x[258];
- if (a_len <= 256) {
- if (a == c || ((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
- mp_digit * px;
- px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- if (a_len & 1) {
- px[a_len] = 0;
- }
- }
- s_mp_setz(c, a_len + 1);
- d = mul_add_inp(c, a, a_len, b);
- c[a_len] = d;
- } else {
- v8_mpv_mul_d(a, a_len, b, c);
- }
-}
-
-/* c += a * b, where a is a_len words long. */
-static void
-vis_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- mp_digit d;
- mp_digit x[258];
- if (a_len <= 256) {
- if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
- mp_digit * px;
- px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- if (a_len & 1) {
- px[a_len] = 0;
- }
- }
- d = mul_add_inp(c, a, a_len, b);
- c[a_len] = d;
- } else {
- v8_mpv_mul_d_add(a, a_len, b, c);
- }
-}
-
-/* c += a * b, where a is y words long. */
-static void
-vis_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
- mp_digit *c)
-{
- mp_digit d;
- mp_digit x[258];
- if (a_len <= 256) {
- if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
- mp_digit * px;
- px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- if (a_len & 1) {
- px[a_len] = 0;
- }
- }
- d = mul_add_inp(c, a, a_len, b);
- if (d) {
- c += a_len;
- do {
- mp_digit sum = d + *c;
- *c++ = sum;
- d = sum < d;
- } while (d);
- }
- } else {
- v8_mpv_mul_d_add_prop(a, a_len, b, c);
- }
-}
-
-#if defined(SOLARIS2_5)
-static int
-isSparcV8PlusVis(void)
-{
- long buflen;
- int rv = 0; /* false */
- char buf[256];
- buflen = sysinfo(SI_MACHINE, buf, sizeof buf);
- if (buflen > 0) {
- rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1"));
- }
- return rv;
-}
-#else /* SunOS2.6or higher has SI_ISALIST */
-
-static int
-isSparcV8PlusVis(void)
-{
- long buflen;
- int rv = 0; /* false */
- char buf[256];
- buflen = sysinfo(SI_ISALIST, buf, sizeof buf);
- if (buflen > 0) {
-#if defined(MP_USE_LONG_DIGIT)
- char * found = strstr(buf, "sparcv9+vis");
-#else
- char * found = strstr(buf, "sparcv8plus+vis");
-#endif
- rv = (found != 0);
- }
- return rv;
-}
-#endif
-
-typedef void MPVmpy(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c);
-
-/* forward static function declarations */
-static MPVmpy sp_mpv_mul_d;
-static MPVmpy sp_mpv_mul_d_add;
-static MPVmpy sp_mpv_mul_d_add_prop;
-
-static MPVmpy *p_mpv_mul_d = &sp_mpv_mul_d;
-static MPVmpy *p_mpv_mul_d_add = &sp_mpv_mul_d_add;
-static MPVmpy *p_mpv_mul_d_add_prop = &sp_mpv_mul_d_add_prop;
-
-static void
-initPtrs(void)
-{
- if (isSparcV8PlusVis()) {
- p_mpv_mul_d = &vis_mpv_mul_d;
- p_mpv_mul_d_add = &vis_mpv_mul_d_add;
- p_mpv_mul_d_add_prop = &vis_mpv_mul_d_add_prop;
- } else {
- p_mpv_mul_d = &v8_mpv_mul_d;
- p_mpv_mul_d_add = &v8_mpv_mul_d_add;
- p_mpv_mul_d_add_prop = &v8_mpv_mul_d_add_prop;
- }
-}
-
-static void
-sp_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- initPtrs();
- (* p_mpv_mul_d)(a, a_len, b, c);
-}
-
-static void
-sp_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- initPtrs();
- (* p_mpv_mul_d_add)(a, a_len, b, c);
-}
-
-static void
-sp_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- initPtrs();
- (* p_mpv_mul_d_add_prop)(a, a_len, b, c);
-}
-
-
-/* This is the external interface */
-
-void
-s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- (* p_mpv_mul_d)(a, a_len, b, c);
-}
-
-void
-s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- (* p_mpv_mul_d_add)(a, a_len, b, c);
-}
-
-void
-s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- (* p_mpv_mul_d_add_prop)(a, a_len, b, c);
-}
-
-
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.asm b/security/nss/lib/freebl/mpi/mpi_x86.asm
deleted file mode 100644
index ed2fc5e58..000000000
--- a/security/nss/lib/freebl/mpi/mpi_x86.asm
+++ /dev/null
@@ -1,351 +0,0 @@
-;
-; mpi_x86.asm - assembly language implementation of s_mpv_ functions.
-;
-; The contents of this file are subject to the Mozilla Public
-; License Version 1.1 (the "License"); you may not use this file
-; except in compliance with the License. You may obtain a copy of
-; the License at http://www.mozilla.org/MPL/
-;
-; Software distributed under the License is distributed on an "AS
-; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-; implied. See the License for the specific language governing
-; rights and limitations under the License.
-;
-; The Original Code is the Netscape security libraries.
-;
-; The Initial Developer of the Original Code is Netscape
-; Communications Corporation. Portions created by Netscape are
-; Copyright (C) 2000 Netscape Communications Corporation. All
-; Rights Reserved.
-;
-; Contributor(s):
-;
-; Alternatively, the contents of this file may be used under the
-; terms of the GNU General Public License Version 2 or later (the
-; "GPL"), in which case the provisions of the GPL are applicable
-; instead of those above. If you wish to allow use of your
-; version of this file only under the terms of the GPL and not to
-; allow others to use your version of this file under the MPL,
-; indicate your decision by deleting the provisions above and
-; replace them with the notice and other provisions required by
-; the GPL. If you do not delete the provisions above, a recipient
-; may use your version of this file under either the MPL or the
-; GPL.
-; $Id$
-;
-
- .386p
- .MODEL FLAT
- ASSUME CS: FLAT, DS: FLAT, SS: FLAT
-_TEXT SEGMENT
-
-; ebp - 36: caller's esi
-; ebp - 32: caller's edi
-; ebp - 28:
-; ebp - 24:
-; ebp - 20:
-; ebp - 16:
-; ebp - 12:
-; ebp - 8:
-; ebp - 4:
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: a argument
-; ebp + 12: a_len argument
-; ebp + 16: b argument
-; ebp + 20: c argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-
-public _s_mpv_mul_d
-_s_mpv_mul_d PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,28
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; ecx = a_len
- mov edi,[ebp+20]
- cmp ecx,0
- je L_2 ; jmp if a_len == 0
- mov esi,[ebp+8] ; esi = a
- cld
-L_1:
- lodsd ; eax = [ds:esi]; esi += 4
- mov edx,[ebp+16] ; edx = b
- mul edx ; edx:eax = Phi:Plo = a_i * b
-
- add eax,ebx ; add carry (ebx) to edx:eax
- adc edx,0
- mov ebx,edx ; high half of product becomes next carry
-
- stosd ; [es:edi] = ax; edi += 4;
- dec ecx ; --a_len
- jnz L_1 ; jmp if a_len != 0
-L_2:
- mov [edi],ebx ; *c = carry
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_mul_d ENDP
-
-; ebp - 36: caller's esi
-; ebp - 32: caller's edi
-; ebp - 28:
-; ebp - 24:
-; ebp - 20:
-; ebp - 16:
-; ebp - 12:
-; ebp - 8:
-; ebp - 4:
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: a argument
-; ebp + 12: a_len argument
-; ebp + 16: b argument
-; ebp + 20: c argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-public _s_mpv_mul_d_add
-_s_mpv_mul_d_add PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,28
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; ecx = a_len
- mov edi,[ebp+20]
- cmp ecx,0
- je L_4 ; jmp if a_len == 0
- mov esi,[ebp+8] ; esi = a
- cld
-L_3:
- lodsd ; eax = [ds:esi]; esi += 4
- mov edx,[ebp+16] ; edx = b
- mul edx ; edx:eax = Phi:Plo = a_i * b
-
- add eax,ebx ; add carry (ebx) to edx:eax
- adc edx,0
- mov ebx,[edi] ; add in current word from *c
- add eax,ebx
- adc edx,0
- mov ebx,edx ; high half of product becomes next carry
-
- stosd ; [es:edi] = ax; edi += 4;
- dec ecx ; --a_len
- jnz L_3 ; jmp if a_len != 0
-L_4:
- mov [edi],ebx ; *c = carry
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_mul_d_add ENDP
-
-; ebp - 36: caller's esi
-; ebp - 32: caller's edi
-; ebp - 28:
-; ebp - 24:
-; ebp - 20:
-; ebp - 16:
-; ebp - 12:
-; ebp - 8:
-; ebp - 4:
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: a argument
-; ebp + 12: a_len argument
-; ebp + 16: b argument
-; ebp + 20: c argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-public _s_mpv_mul_d_add_prop
-_s_mpv_mul_d_add_prop PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,28
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; ecx = a_len
- mov edi,[ebp+20]
- cmp ecx,0
- je L_6 ; jmp if a_len == 0
- cld
- mov esi,[ebp+8] ; esi = a
-L_5:
- lodsd ; eax = [ds:esi]; esi += 4
- mov edx,[ebp+16] ; edx = b
- mul edx ; edx:eax = Phi:Plo = a_i * b
-
- add eax,ebx ; add carry (ebx) to edx:eax
- adc edx,0
- mov ebx,[edi] ; add in current word from *c
- add eax,ebx
- adc edx,0
- mov ebx,edx ; high half of product becomes next carry
-
- stosd ; [es:edi] = ax; edi += 4;
- dec ecx ; --a_len
- jnz L_5 ; jmp if a_len != 0
-L_6:
- cmp ebx,0 ; is carry zero?
- jz L_8
- mov eax,[edi] ; add in current word from *c
- add eax,ebx
- stosd ; [es:edi] = ax; edi += 4;
- jnc L_8
-L_7:
- mov eax,[edi] ; add in current word from *c
- adc eax,0
- stosd ; [es:edi] = ax; edi += 4;
- jc L_7
-L_8:
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_mul_d_add_prop ENDP
-
-; ebp - 20: caller's esi
-; ebp - 16: caller's edi
-; ebp - 12:
-; ebp - 8: carry
-; ebp - 4: a_len local
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: pa argument
-; ebp + 12: a_len argument
-; ebp + 16: ps argument
-; ebp + 20:
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-
-public _s_mpv_sqr_add_prop
-_s_mpv_sqr_add_prop PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,12
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; a_len
- mov edi,[ebp+16] ; edi = ps
- cmp ecx,0
- je L_11 ; jump if a_len == 0
- cld
- mov esi,[ebp+8] ; esi = pa
-L_10:
- lodsd ; eax = [ds:si]; si += 4;
- mul eax
-
- add eax,ebx ; add "carry"
- adc edx,0
- mov ebx,[edi]
- add eax,ebx ; add low word from result
- mov ebx,[edi+4]
- stosd ; [es:di] = eax; di += 4;
- adc edx,ebx ; add high word from result
- mov ebx,0
- mov eax,edx
- adc ebx,0
- stosd ; [es:di] = eax; di += 4;
- dec ecx ; --a_len
- jnz L_10 ; jmp if a_len != 0
-L_11:
- cmp ebx,0 ; is carry zero?
- jz L_14
- mov eax,[edi] ; add in current word from *c
- add eax,ebx
- stosd ; [es:edi] = ax; edi += 4;
- jnc L_14
-L_12:
- mov eax,[edi] ; add in current word from *c
- adc eax,0
- stosd ; [es:edi] = ax; edi += 4;
- jc L_12
-L_14:
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_sqr_add_prop ENDP
-
-;
-; Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
-; so its high bit is 1. This code is from NSPR.
-;
-; mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
-; mp_digit *qp, mp_digit *rp)
-
-; Dump of assembler code for function s_mpv_div_2dx1d:
-;
-; esp + 0: Caller's ebx
-; esp + 4: return address
-; esp + 8: Nhi argument
-; esp + 12: Nlo argument
-; esp + 16: divisor argument
-; esp + 20: qp argument
-; esp + 24: rp argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-;
-public _s_mpv_div_2dx1d
-_s_mpv_div_2dx1d PROC NEAR
- push ebx
- mov edx,[esp+8]
- mov eax,[esp+12]
- mov ebx,[esp+16]
- div ebx
- mov ebx,[esp+20]
- mov [ebx],eax
- mov ebx,[esp+24]
- mov [ebx],edx
- xor eax,eax ; return zero
- pop ebx
- ret
- nop
-_s_mpv_div_2dx1d ENDP
-
-_TEXT ENDS
-END
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.s b/security/nss/lib/freebl/mpi/mpi_x86.s
deleted file mode 100644
index 427b7e61e..000000000
--- a/security/nss/lib/freebl/mpi/mpi_x86.s
+++ /dev/null
@@ -1,342 +0,0 @@
- #
- # The contents of this file are subject to the Mozilla Public
- # License Version 1.1 (the "License"); you may not use this file
- # except in compliance with the License. You may obtain a copy of
- # the License at http://www.mozilla.org/MPL/
- #
- # Software distributed under the License is distributed on an "AS
- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- # implied. See the License for the specific language governing
- # rights and limitations under the License.
- #
- # The Original Code is the Netscape security libraries.
- #
- # The Initial Developer of the Original Code is Netscape
- # Communications Corporation. Portions created by Netscape are
- # Copyright (C) 2000 Netscape Communications Corporation. All
- # Rights Reserved.
- #
- # Contributor(s):
- #
- # Alternatively, the contents of this file may be used under the
- # terms of the GNU General Public License Version 2 or later (the
- # "GPL"), in which case the provisions of the GPL are applicable
- # instead of those above. If you wish to allow use of your
- # version of this file only under the terms of the GPL and not to
- # allow others to use your version of this file under the MPL,
- # indicate your decision by deleting the provisions above and
- # replace them with the notice and other provisions required by
- # the GPL. If you do not delete the provisions above, a recipient
- # may use your version of this file under either the MPL or the
- # GPL.
- # $Id$
- #
-
-.text
-
- # ebp - 36: caller's esi
- # ebp - 32: caller's edi
- # ebp - 28:
- # ebp - 24:
- # ebp - 20:
- # ebp - 16:
- # ebp - 12:
- # ebp - 8:
- # ebp - 4:
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: a argument
- # ebp + 12: a_len argument
- # ebp + 16: b argument
- # ebp + 20: c argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-.globl s_mpv_mul_d
-.type s_mpv_mul_d,@function
-s_mpv_mul_d:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je 2f # jmp if a_len == 0
- mov 8(%ebp),%esi # esi = a
- cld
-1:
- lodsl # eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx # edx = b
- mull %edx # edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax # add carry (%ebx) to edx:eax
- adc $0,%edx
- mov %edx,%ebx # high half of product becomes next carry
-
- stosl # [es:edi] = ax; edi += 4;
- dec %ecx # --a_len
- jnz 1b # jmp if a_len != 0
-2:
- mov %ebx,0(%edi) # *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- # ebp - 36: caller's esi
- # ebp - 32: caller's edi
- # ebp - 28:
- # ebp - 24:
- # ebp - 20:
- # ebp - 16:
- # ebp - 12:
- # ebp - 8:
- # ebp - 4:
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: a argument
- # ebp + 12: a_len argument
- # ebp + 16: b argument
- # ebp + 20: c argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-.globl s_mpv_mul_d_add
-.type s_mpv_mul_d_add,@function
-s_mpv_mul_d_add:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je 4f # jmp if a_len == 0
- mov 8(%ebp),%esi # esi = a
- cld
-3:
- lodsl # eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx # edx = b
- mull %edx # edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax # add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx # add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx # high half of product becomes next carry
-
- stosl # [es:edi] = ax; edi += 4;
- dec %ecx # --a_len
- jnz 3b # jmp if a_len != 0
-4:
- mov %ebx,0(%edi) # *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- # ebp - 36: caller's esi
- # ebp - 32: caller's edi
- # ebp - 28:
- # ebp - 24:
- # ebp - 20:
- # ebp - 16:
- # ebp - 12:
- # ebp - 8:
- # ebp - 4:
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: a argument
- # ebp + 12: a_len argument
- # ebp + 16: b argument
- # ebp + 20: c argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-.globl s_mpv_mul_d_add_prop
-.type s_mpv_mul_d_add_prop,@function
-s_mpv_mul_d_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je 6f # jmp if a_len == 0
- cld
- mov 8(%ebp),%esi # esi = a
-5:
- lodsl # eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx # edx = b
- mull %edx # edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax # add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx # add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx # high half of product becomes next carry
-
- stosl # [es:edi] = ax; edi += 4;
- dec %ecx # --a_len
- jnz 5b # jmp if a_len != 0
-6:
- cmp $0,%ebx # is carry zero?
- jz 8f
- mov 0(%edi),%eax # add in current word from *c
- add %ebx,%eax
- stosl # [es:edi] = ax; edi += 4;
- jnc 8f
-7:
- mov 0(%edi),%eax # add in current word from *c
- adc $0,%eax
- stosl # [es:edi] = ax; edi += 4;
- jc 7b
-8:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- # ebp - 20: caller's esi
- # ebp - 16: caller's edi
- # ebp - 12:
- # ebp - 8: carry
- # ebp - 4: a_len local
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: pa argument
- # ebp + 12: a_len argument
- # ebp + 16: ps argument
- # ebp + 20:
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-
-.globl s_mpv_sqr_add_prop
-.type s_mpv_sqr_add_prop,@function
-s_mpv_sqr_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $12,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # a_len
- mov 16(%ebp),%edi # edi = ps
- cmp $0,%ecx
- je 11f # jump if a_len == 0
- cld
- mov 8(%ebp),%esi # esi = pa
-10:
- lodsl # %eax = [ds:si]; si += 4;
- mull %eax
-
- add %ebx,%eax # add "carry"
- adc $0,%edx
- mov 0(%edi),%ebx
- add %ebx,%eax # add low word from result
- mov 4(%edi),%ebx
- stosl # [es:di] = %eax; di += 4;
- adc %ebx,%edx # add high word from result
- movl $0,%ebx
- mov %edx,%eax
- adc $0,%ebx
- stosl # [es:di] = %eax; di += 4;
- dec %ecx # --a_len
- jnz 10b # jmp if a_len != 0
-11:
- cmp $0,%ebx # is carry zero?
- jz 14f
- mov 0(%edi),%eax # add in current word from *c
- add %ebx,%eax
- stosl # [es:edi] = ax; edi += 4;
- jnc 14f
-12:
- mov 0(%edi),%eax # add in current word from *c
- adc $0,%eax
- stosl # [es:edi] = ax; edi += 4;
- jc 12b
-14:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- #
- # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
- # so its high bit is 1. This code is from NSPR.
- #
- # mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- # mp_digit *qp, mp_digit *rp)
-
- # esp + 0: Caller's ebx
- # esp + 4: return address
- # esp + 8: Nhi argument
- # esp + 12: Nlo argument
- # esp + 16: divisor argument
- # esp + 20: qp argument
- # esp + 24: rp argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
- #
-
-.globl s_mpv_div_2dx1d
-.type s_mpv_div_2dx1d,@function
-s_mpv_div_2dx1d:
- push %ebx
- mov 8(%esp),%edx
- mov 12(%esp),%eax
- mov 16(%esp),%ebx
- div %ebx
- mov 20(%esp),%ebx
- mov %eax,0(%ebx)
- mov 24(%esp),%ebx
- mov %edx,0(%ebx)
- xor %eax,%eax # return zero
- pop %ebx
- ret
- nop
-
diff --git a/security/nss/lib/freebl/mpi/mplogic.c b/security/nss/lib/freebl/mpi/mplogic.c
deleted file mode 100644
index 225bcf9d1..000000000
--- a/security/nss/lib/freebl/mpi/mplogic.c
+++ /dev/null
@@ -1,462 +0,0 @@
-/*
- * mplogic.c
- *
- * Bitwise logical operations on MPI values
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include "mpi-priv.h"
-#include "mplogic.h"
-
-/* {{{ Lookup table for population count */
-
-static unsigned char bitc[] = {
- 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8
-};
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_not(a, b) - compute b = ~a
- mpl_and(a, b, c) - compute c = a & b
- mpl_or(a, b, c) - compute c = a | b
- mpl_xor(a, b, c) - compute c = a ^ b
- */
-
-/* {{{ mpl_not(a, b) */
-
-mp_err mpl_not(mp_int *a, mp_int *b)
-{
- mp_err res;
- unsigned int ix;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- /* This relies on the fact that the digit type is unsigned */
- for(ix = 0; ix < USED(b); ix++)
- DIGIT(b, ix) = ~DIGIT(b, ix);
-
- s_mp_clamp(b);
-
- return MP_OKAY;
-
-} /* end mpl_not() */
-
-/* }}} */
-
-/* {{{ mpl_and(a, b, c) */
-
-mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int *which, *other;
- mp_err res;
- unsigned int ix;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(USED(a) <= USED(b)) {
- which = a;
- other = b;
- } else {
- which = b;
- other = a;
- }
-
- if((res = mp_copy(which, c)) != MP_OKAY)
- return res;
-
- for(ix = 0; ix < USED(which); ix++)
- DIGIT(c, ix) &= DIGIT(other, ix);
-
- s_mp_clamp(c);
-
- return MP_OKAY;
-
-} /* end mpl_and() */
-
-/* }}} */
-
-/* {{{ mpl_or(a, b, c) */
-
-mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int *which, *other;
- mp_err res;
- unsigned int ix;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(USED(a) >= USED(b)) {
- which = a;
- other = b;
- } else {
- which = b;
- other = a;
- }
-
- if((res = mp_copy(which, c)) != MP_OKAY)
- return res;
-
- for(ix = 0; ix < USED(which); ix++)
- DIGIT(c, ix) |= DIGIT(other, ix);
-
- return MP_OKAY;
-
-} /* end mpl_or() */
-
-/* }}} */
-
-/* {{{ mpl_xor(a, b, c) */
-
-mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int *which, *other;
- mp_err res;
- unsigned int ix;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(USED(a) >= USED(b)) {
- which = a;
- other = b;
- } else {
- which = b;
- other = a;
- }
-
- if((res = mp_copy(which, c)) != MP_OKAY)
- return res;
-
- for(ix = 0; ix < USED(which); ix++)
- DIGIT(c, ix) ^= DIGIT(other, ix);
-
- s_mp_clamp(c);
-
- return MP_OKAY;
-
-} /* end mpl_xor() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_rsh(a, b, d) - b = a >> d
- mpl_lsh(a, b, d) - b = a << d
- */
-
-/* {{{ mpl_rsh(a, b, d) */
-
-mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- s_mp_div_2d(b, d);
-
- return MP_OKAY;
-
-} /* end mpl_rsh() */
-
-/* }}} */
-
-/* {{{ mpl_lsh(a, b, d) */
-
-mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- return s_mp_mul_2d(b, d);
-
-} /* end mpl_lsh() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_num_set(a, num)
-
- Count the number of set bits in the binary representation of a.
- Returns MP_OKAY and sets 'num' to be the number of such bits, if
- possible. If num is NULL, the result is thrown away, but it is
- not considered an error.
-
- mpl_num_clear() does basically the same thing for clear bits.
- */
-
-/* {{{ mpl_num_set(a, num) */
-
-mp_err mpl_num_set(mp_int *a, int *num)
-{
- unsigned int ix;
- int db, nset = 0;
- mp_digit cur;
- unsigned char reg;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- cur = DIGIT(a, ix);
-
- for(db = 0; db < sizeof(mp_digit); db++) {
- reg = (unsigned char)(cur >> (CHAR_BIT * db));
-
- nset += bitc[reg];
- }
- }
-
- if(num)
- *num = nset;
-
- return MP_OKAY;
-
-} /* end mpl_num_set() */
-
-/* }}} */
-
-/* {{{ mpl_num_clear(a, num) */
-
-mp_err mpl_num_clear(mp_int *a, int *num)
-{
- unsigned int ix;
- int db, nset = 0;
- mp_digit cur;
- unsigned char reg;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- cur = DIGIT(a, ix);
-
- for(db = 0; db < sizeof(mp_digit); db++) {
- reg = (unsigned char)(cur >> (CHAR_BIT * db));
-
- nset += bitc[UCHAR_MAX - reg];
- }
- }
-
- if(num)
- *num = nset;
-
- return MP_OKAY;
-
-
-} /* end mpl_num_clear() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_parity(a)
-
- Determines the bitwise parity of the value given. Returns MP_EVEN
- if an even number of digits are set, MP_ODD if an odd number are
- set.
- */
-
-/* {{{ mpl_parity(a) */
-
-mp_err mpl_parity(mp_int *a)
-{
- unsigned int ix;
- int par = 0;
- mp_digit cur;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- int shft = (sizeof(mp_digit) * CHAR_BIT) / 2;
-
- cur = DIGIT(a, ix);
-
- /* Compute parity for current digit */
- while(shft != 0) {
- cur ^= (cur >> shft);
- shft >>= 1;
- }
- cur &= 1;
-
- /* XOR with running parity so far */
- par ^= cur;
- }
-
- if(par)
- return MP_ODD;
- else
- return MP_EVEN;
-
-} /* end mpl_parity() */
-
-/* }}} */
-
-/*
- mpl_set_bit
-
- Returns MP_OKAY or some error code.
- Grows a if needed to set a bit to 1.
- */
-mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value)
-{
- mp_size ix;
- mp_err rv;
- mp_digit mask;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- ix = bitNum / MP_DIGIT_BIT;
- if (ix + 1 > MP_USED(a)) {
- rv = s_mp_pad(a, ix + 1);
- if (rv != MP_OKAY)
- return rv;
- }
-
- bitNum = bitNum % MP_DIGIT_BIT;
- mask = (mp_digit)1 << bitNum;
- if (value)
- MP_DIGIT(a,ix) |= mask;
- else
- MP_DIGIT(a,ix) &= ~mask;
- s_mp_clamp(a);
- return MP_OKAY;
-}
-
-/*
- mpl_get_bit
-
- returns 0 or 1 or some (negative) error code.
- */
-mp_err mpl_get_bit(const mp_int *a, mp_size bitNum)
-{
- mp_size bit, ix;
- mp_err rv;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- ix = bitNum / MP_DIGIT_BIT;
- ARGCHK(ix <= MP_USED(a) - 1, MP_RANGE);
-
- bit = bitNum % MP_DIGIT_BIT;
- rv = (mp_err)(MP_DIGIT(a, ix) >> bit) & 1;
- return rv;
-}
-
-/*
- mpl_get_bits
- - Extracts numBits bits from a, where the least significant extracted bit
- is bit lsbNum. Returns a negative value if error occurs.
- - Because sign bit is used to indicate error, maximum number of bits to
- be returned is the lesser of (a) the number of bits in an mp_digit, or
- (b) one less than the number of bits in an mp_err.
- - lsbNum + numbits can be greater than the number of significant bits in
- integer a, as long as bit lsbNum is in the high order digit of a.
- */
-mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits)
-{
- mp_size rshift = (lsbNum % MP_DIGIT_BIT);
- mp_size lsWndx = (lsbNum / MP_DIGIT_BIT);
- mp_digit * digit = MP_DIGITS(a) + lsWndx;
- mp_digit mask = ((1 << numBits) - 1);
-
- ARGCHK(numBits < CHAR_BIT * sizeof mask, MP_BADARG);
- ARGCHK(MP_HOWMANY(lsbNum, MP_DIGIT_BIT) <= MP_USED(a), MP_RANGE);
-
- if ((numBits + lsbNum % MP_DIGIT_BIT <= MP_DIGIT_BIT) ||
- (lsWndx + 1 >= MP_USED(a))) {
- mask &= (digit[0] >> rshift);
- } else {
- mask &= ((digit[0] >> rshift) | (digit[1] << (MP_DIGIT_BIT - rshift)));
- }
- return (mp_err)mask;
-}
-
-/*
- mpl_significant_bits
- returns number of significnant bits in abs(a).
- returns 1 if value is zero.
- */
-mp_err mpl_significant_bits(const mp_int *a)
-{
- mp_err bits = 0;
- int ix;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- ix = MP_USED(a);
- for (ix = MP_USED(a); ix > 0; ) {
- mp_digit d;
- d = MP_DIGIT(a, --ix);
- if (d) {
- while (d) {
- ++bits;
- d >>= 1;
- }
- break;
- }
- }
- bits += ix * MP_DIGIT_BIT;
- if (!bits)
- bits = 1;
- return bits;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mplogic.h b/security/nss/lib/freebl/mpi/mplogic.h
deleted file mode 100644
index 8efa4327c..000000000
--- a/security/nss/lib/freebl/mpi/mplogic.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * mplogic.h
- *
- * Bitwise logical operations on MPI values
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#ifndef _H_MPLOGIC_
-#define _H_MPLOGIC_
-
-#include "mpi.h"
-
-/*
- The logical operations treat an mp_int as if it were a bit vector,
- without regard to its sign (an mp_int is represented in a signed
- magnitude format). Values are treated as if they had an infinite
- string of zeros left of the most-significant bit.
- */
-
-/* Parity results */
-
-#define MP_EVEN MP_YES
-#define MP_ODD MP_NO
-
-/* Bitwise functions */
-
-mp_err mpl_not(mp_int *a, mp_int *b); /* one's complement */
-mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c); /* bitwise AND */
-mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c); /* bitwise OR */
-mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c); /* bitwise XOR */
-
-/* Shift functions */
-
-mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d); /* right shift */
-mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d); /* left shift */
-
-/* Bit count and parity */
-
-mp_err mpl_num_set(mp_int *a, int *num); /* count set bits */
-mp_err mpl_num_clear(mp_int *a, int *num); /* count clear bits */
-mp_err mpl_parity(mp_int *a); /* determine parity */
-
-/* Get & Set the value of a bit */
-
-mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value);
-mp_err mpl_get_bit(const mp_int *a, mp_size bitNum);
-mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits);
-mp_err mpl_significant_bits(const mp_int *a);
-
-#endif /* end _H_MPLOGIC_ */
diff --git a/security/nss/lib/freebl/mpi/mpmontg.c b/security/nss/lib/freebl/mpi/mpmontg.c
deleted file mode 100644
index a4c5022ad..000000000
--- a/security/nss/lib/freebl/mpi/mpmontg.c
+++ /dev/null
@@ -1,567 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/* This file implements moduluar exponentiation using Montgomery's
- * method for modular reduction. This file implements the method
- * described as "Improvement 1" in the paper "A Cryptogrpahic Library for
- * the Motorola DSP56000" by Stephen R. Dusse' and Burton S. Kaliski Jr.
- * published in "Advances in Cryptology: Proceedings of EUROCRYPT '90"
- * "Lecture Notes in Computer Science" volume 473, 1991, pg 230-244,
- * published by Springer Verlag.
- */
-
-/* #define MP_USING_MONT_MULF 1 */
-#include <string.h>
-#include "mpi-priv.h"
-#include "mplogic.h"
-#include "mpprime.h"
-#ifdef MP_USING_MONT_MULF
-#include "montmulf.h"
-#endif
-
-#define STATIC
-/* #define DEBUG 1 */
-
-#define MAX_WINDOW_BITS 6
-#define MAX_ODD_INTS 32 /* 2 ** (WINDOW_BITS - 1) */
-
-#if defined(_WIN32_WCE)
-#define ABORT res = MP_UNDEF; goto CLEANUP
-#else
-#define ABORT abort()
-#endif
-
-typedef struct {
- mp_int N; /* modulus N */
- mp_digit n0prime; /* n0' = - (n0 ** -1) mod MP_RADIX */
- mp_size b; /* R == 2 ** b, also b = # significant bits in N */
-} mp_mont_modulus;
-
-mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c,
- mp_mont_modulus *mmm);
-
-/* computes T = REDC(T), 2^b == R */
-STATIC
-mp_err s_mp_redc(mp_int *T, mp_mont_modulus *mmm)
-{
- mp_err res;
- mp_size i;
-
- i = MP_USED(T) + MP_USED(&mmm->N) + 2;
- MP_CHECKOK( s_mp_pad(T, i) );
- for (i = 0; i < MP_USED(&mmm->N); ++i ) {
- mp_digit m_i = MP_DIGIT(T, i) * mmm->n0prime;
- /* T += N * m_i * (MP_RADIX ** i); */
- MP_CHECKOK( s_mp_mul_d_add_offset(&mmm->N, m_i, T, i) );
- }
- s_mp_clamp(T);
-
- /* T /= R */
- s_mp_div_2d(T, mmm->b);
-
- if ((res = s_mp_cmp(T, &mmm->N)) >= 0) {
- /* T = T - N */
- MP_CHECKOK( s_mp_sub(T, &mmm->N) );
-#ifdef DEBUG
- if ((res = mp_cmp(T, &mmm->N)) >= 0) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
-#endif
- }
- res = MP_OKAY;
-CLEANUP:
- return res;
-}
-
-#if !defined(MP_ASSEMBLY_MUL_MONT) && !defined(MP_MONT_USE_MP_MUL)
-mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c,
- mp_mont_modulus *mmm)
-{
- mp_digit *pb;
- mp_digit m_i;
- mp_err res;
- mp_size ib;
- mp_size useda, usedb;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = b; /* switch a and b, to do fewer outer loops */
- b = a;
- a = xch;
- }
-
- MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
- ib = MP_USED(a) + MP_MAX(MP_USED(b), MP_USED(&mmm->N)) + 2;
- if((res = s_mp_pad(c, ib)) != MP_OKAY)
- goto CLEANUP;
-
- useda = MP_USED(a);
- pb = MP_DIGITS(b);
- s_mpv_mul_d(MP_DIGITS(a), useda, *pb++, MP_DIGITS(c));
- s_mp_setz(MP_DIGITS(c) + useda + 1, ib - (useda + 1));
- m_i = MP_DIGIT(c, 0) * mmm->n0prime;
- s_mp_mul_d_add_offset(&mmm->N, m_i, c, 0);
-
- /* Outer loop: Digits of b */
- usedb = MP_USED(b);
- for (ib = 1; ib < usedb; ib++) {
- mp_digit b_i = *pb++;
-
- /* Inner product: Digits of a */
- if (b_i)
- s_mpv_mul_d_add_prop(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
- m_i = MP_DIGIT(c, ib) * mmm->n0prime;
- s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
- }
- if (usedb < MP_USED(&mmm->N)) {
- for (usedb = MP_USED(&mmm->N); ib < usedb; ++ib ) {
- m_i = MP_DIGIT(c, ib) * mmm->n0prime;
- s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
- }
- }
- s_mp_clamp(c);
- s_mp_div_2d(c, mmm->b);
- if (s_mp_cmp(c, &mmm->N) >= 0) {
- MP_CHECKOK( s_mp_sub(c, &mmm->N) );
- }
- res = MP_OKAY;
-
-CLEANUP:
- return res;
-}
-#endif
-
-STATIC
-mp_err s_mp_to_mont(const mp_int *x, mp_mont_modulus *mmm, mp_int *xMont)
-{
- mp_err res;
-
- /* xMont = x * R mod N where N is modulus */
- MP_CHECKOK( mpl_lsh(x, xMont, mmm->b) ); /* xMont = x << b */
- MP_CHECKOK( mp_div(xMont, &mmm->N, 0, xMont) ); /* mod N */
-CLEANUP:
- return res;
-}
-
-#ifdef MP_USING_MONT_MULF
-
-unsigned int mp_using_mont_mulf = 1;
-
-/* computes montgomery square of the integer in mResult */
-#define SQR \
- conv_i32_to_d32_and_d16(dm1, d16Tmp, mResult, nLen); \
- mont_mulf_noconv(mResult, dm1, d16Tmp, \
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
-
-/* computes montgomery product of x and the integer in mResult */
-#define MUL(x) \
- conv_i32_to_d32(dm1, mResult, nLen); \
- mont_mulf_noconv(mResult, dm1, oddPowers[x], \
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
-
-/* Do modular exponentiation using floating point multiply code. */
-mp_err mp_exptmod_f(const mp_int * montBase,
- const mp_int * exponent,
- const mp_int * modulus,
- mp_int * result,
- mp_mont_modulus *mmm,
- int nLen,
- mp_size bits_in_exponent,
- mp_size window_bits,
- mp_size odd_ints)
-{
- mp_digit *mResult;
- double *dBuf = 0, *dm1, *dn, *dSqr, *d16Tmp, *dTmp;
- double dn0;
- mp_size i;
- mp_err res;
- int expOff;
- int dSize = 0, oddPowSize, dTmpSize;
- mp_int accum1;
- double *oddPowers[MAX_ODD_INTS];
-
- /* function for computing n0prime only works if n0 is odd */
-
- MP_DIGITS(&accum1) = 0;
-
- for (i = 0; i < MAX_ODD_INTS; ++i)
- oddPowers[i] = 0;
-
- MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
-
- mp_set(&accum1, 1);
- MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) );
- MP_CHECKOK( s_mp_pad(&accum1, nLen) );
-
- oddPowSize = 2 * nLen + 1;
- dTmpSize = 2 * oddPowSize;
- dSize = sizeof(double) * (nLen * 4 + 1 +
- ((odd_ints + 1) * oddPowSize) + dTmpSize);
- dBuf = (double *)malloc(dSize);
- dm1 = dBuf; /* array of d32 */
- dn = dBuf + nLen; /* array of d32 */
- dSqr = dn + nLen; /* array of d32 */
- d16Tmp = dSqr + nLen; /* array of d16 */
- dTmp = d16Tmp + oddPowSize;
-
- for (i = 0; i < odd_ints; ++i) {
- oddPowers[i] = dTmp;
- dTmp += oddPowSize;
- }
- mResult = (mp_digit *)(dTmp + dTmpSize); /* size is nLen + 1 */
-
- /* Make dn and dn0 */
- conv_i32_to_d32(dn, MP_DIGITS(modulus), nLen);
- dn0 = (double)(mmm->n0prime & 0xffff);
-
- /* Make dSqr */
- conv_i32_to_d32_and_d16(dm1, oddPowers[0], MP_DIGITS(montBase), nLen);
- mont_mulf_noconv(mResult, dm1, oddPowers[0],
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
- conv_i32_to_d32(dSqr, mResult, nLen);
-
- for (i = 1; i < odd_ints; ++i) {
- mont_mulf_noconv(mResult, dSqr, oddPowers[i - 1],
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
- conv_i32_to_d16(oddPowers[i], mResult, nLen);
- }
-
- s_mp_copy(MP_DIGITS(&accum1), mResult, nLen); /* from, to, len */
-
- for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
- mp_size smallExp;
- MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
- smallExp = (mp_size)res;
-
- if (window_bits == 4) {
- if (!smallExp) {
- SQR; SQR; SQR; SQR;
- } else if (smallExp & 1) {
- SQR; SQR; SQR; SQR; MUL(smallExp/2);
- } else if (smallExp & 2) {
- SQR; SQR; SQR; MUL(smallExp/4); SQR;
- } else if (smallExp & 4) {
- SQR; SQR; MUL(smallExp/8); SQR; SQR;
- } else if (smallExp & 8) {
- SQR; MUL(smallExp/16); SQR; SQR; SQR;
- } else {
- ABORT;
- }
- } else if (window_bits == 5) {
- if (!smallExp) {
- SQR; SQR; SQR; SQR; SQR;
- } else if (smallExp & 1) {
- SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2);
- } else if (smallExp & 2) {
- SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR;
- } else if (smallExp & 4) {
- SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR;
- } else if (smallExp & 8) {
- SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR;
- } else if (smallExp & 0x10) {
- SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR;
- } else {
- ABORT;
- }
- } else if (window_bits == 6) {
- if (!smallExp) {
- SQR; SQR; SQR; SQR; SQR; SQR;
- } else if (smallExp & 1) {
- SQR; SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2);
- } else if (smallExp & 2) {
- SQR; SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR;
- } else if (smallExp & 4) {
- SQR; SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR;
- } else if (smallExp & 8) {
- SQR; SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR;
- } else if (smallExp & 0x10) {
- SQR; SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR;
- } else if (smallExp & 0x20) {
- SQR; MUL(smallExp/64); SQR; SQR; SQR; SQR; SQR;
- } else {
- ABORT;
- }
- } else {
- ABORT;
- }
- }
-
- s_mp_copy(mResult, MP_DIGITS(&accum1), nLen); /* from, to, len */
-
- res = s_mp_redc(&accum1, mmm);
- mp_exch(&accum1, result);
-
-CLEANUP:
- mp_clear(&accum1);
- if (dBuf) {
- if (dSize)
- memset(dBuf, 0, dSize);
- free(dBuf);
- }
-
- return res;
-}
-#undef SQR
-#undef MUL
-#endif
-
-#define SQR(a,b) \
- MP_CHECKOK( mp_sqr(a, b) );\
- MP_CHECKOK( s_mp_redc(b, mmm) )
-
-#if defined(MP_MONT_USE_MP_MUL)
-#define MUL(x,a,b) \
- MP_CHECKOK( mp_mul(a, oddPowers + (x), b) ); \
- MP_CHECKOK( s_mp_redc(b, mmm) )
-#else
-#define MUL(x,a,b) \
- MP_CHECKOK( s_mp_mul_mont(a, oddPowers + (x), b, mmm) )
-#endif
-
-#define SWAPPA ptmp = pa1; pa1 = pa2; pa2 = ptmp
-
-/* Do modular exponentiation using integer multiply code. */
-mp_err mp_exptmod_i(const mp_int * montBase,
- const mp_int * exponent,
- const mp_int * modulus,
- mp_int * result,
- mp_mont_modulus *mmm,
- int nLen,
- mp_size bits_in_exponent,
- mp_size window_bits,
- mp_size odd_ints)
-{
- mp_int *pa1, *pa2, *ptmp;
- mp_size i;
- mp_err res;
- int expOff;
- mp_int accum1, accum2, power2, oddPowers[MAX_ODD_INTS];
-
- /* power2 = base ** 2; oddPowers[i] = base ** (2*i + 1); */
- /* oddPowers[i] = base ** (2*i + 1); */
-
- MP_DIGITS(&accum1) = 0;
- MP_DIGITS(&accum2) = 0;
- MP_DIGITS(&power2) = 0;
- for (i = 0; i < MAX_ODD_INTS; ++i) {
- MP_DIGITS(oddPowers + i) = 0;
- }
-
- MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
- MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) );
-
- MP_CHECKOK( mp_init_copy(&oddPowers[0], montBase) );
-
- mp_init_size(&power2, nLen + 2 * MP_USED(montBase) + 2);
- MP_CHECKOK( mp_sqr(montBase, &power2) ); /* power2 = montBase ** 2 */
- MP_CHECKOK( s_mp_redc(&power2, mmm) );
-
- for (i = 1; i < odd_ints; ++i) {
- mp_init_size(oddPowers + i, nLen + 2 * MP_USED(&power2) + 2);
- MP_CHECKOK( mp_mul(oddPowers + (i - 1), &power2, oddPowers + i) );
- MP_CHECKOK( s_mp_redc(oddPowers + i, mmm) );
- }
-
- /* set accumulator to montgomery residue of 1 */
- mp_set(&accum1, 1);
- MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) );
- pa1 = &accum1;
- pa2 = &accum2;
-
- for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
- mp_size smallExp;
- MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
- smallExp = (mp_size)res;
-
- if (window_bits == 4) {
- if (!smallExp) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 1) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- MUL(smallExp/2, pa1,pa2); SWAPPA;
- } else if (smallExp & 2) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2);
- MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 4) {
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/8,pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 8) {
- SQR(pa1,pa2); MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else {
- ABORT;
- }
- } else if (window_bits == 5) {
- if (!smallExp) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 1) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); MUL(smallExp/2,pa2,pa1);
- } else if (smallExp & 2) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- MUL(smallExp/4,pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 4) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2);
- MUL(smallExp/8,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 8) {
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/16,pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 0x10) {
- SQR(pa1,pa2); MUL(smallExp/32,pa2,pa1); SQR(pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else {
- ABORT;
- }
- } else if (window_bits == 6) {
- if (!smallExp) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 1) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/2,pa1,pa2); SWAPPA;
- } else if (smallExp & 2) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 4) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- MUL(smallExp/8,pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 8) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2);
- MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 0x10) {
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/32,pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 0x20) {
- SQR(pa1,pa2); MUL(smallExp/64,pa2,pa1); SQR(pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else {
- ABORT;
- }
- } else {
- ABORT;
- }
- }
-
- res = s_mp_redc(pa1, mmm);
- mp_exch(pa1, result);
-
-CLEANUP:
- mp_clear(&accum1);
- mp_clear(&accum2);
- mp_clear(&power2);
- for (i = 0; i < odd_ints; ++i) {
- mp_clear(oddPowers + i);
- }
- return res;
-}
-#undef SQR
-#undef MUL
-
-
-mp_err mp_exptmod(const mp_int *inBase, const mp_int *exponent,
- const mp_int *modulus, mp_int *result)
-{
- const mp_int *base;
- mp_size bits_in_exponent, i, window_bits, odd_ints;
- mp_err res;
- int nLen;
- mp_int montBase, goodBase;
- mp_mont_modulus mmm;
-
- /* function for computing n0prime only works if n0 is odd */
- if (!mp_isodd(modulus))
- return s_mp_exptmod(inBase, exponent, modulus, result);
-
- MP_DIGITS(&montBase) = 0;
- MP_DIGITS(&goodBase) = 0;
-
- if (mp_cmp(inBase, modulus) < 0) {
- base = inBase;
- } else {
- MP_CHECKOK( mp_init(&goodBase) );
- base = &goodBase;
- MP_CHECKOK( mp_mod(inBase, modulus, &goodBase) );
- }
-
- nLen = MP_USED(modulus);
- MP_CHECKOK( mp_init_size(&montBase, 2 * nLen + 2) );
-
- mmm.N = *modulus; /* a copy of the mp_int struct */
- i = mpl_significant_bits(modulus);
- i += MP_DIGIT_BIT - 1;
- mmm.b = i - i % MP_DIGIT_BIT;
-
- /* compute n0', given n0, n0' = -(n0 ** -1) mod MP_RADIX
- ** where n0 = least significant mp_digit of N, the modulus.
- */
- mmm.n0prime = 0 - s_mp_invmod_radix( MP_DIGIT(modulus, 0) );
-
- MP_CHECKOK( s_mp_to_mont(base, &mmm, &montBase) );
-
- bits_in_exponent = mpl_significant_bits(exponent);
- if (bits_in_exponent > 480)
- window_bits = 6;
- else if (bits_in_exponent > 160)
- window_bits = 5;
- else
- window_bits = 4;
- odd_ints = 1 << (window_bits - 1);
- i = bits_in_exponent % window_bits;
- if (i != 0) {
- bits_in_exponent += window_bits - i;
- }
-
-#ifdef MP_USING_MONT_MULF
- if (mp_using_mont_mulf) {
- MP_CHECKOK( s_mp_pad(&montBase, nLen) );
- res = mp_exptmod_f(&montBase, exponent, modulus, result, &mmm, nLen,
- bits_in_exponent, window_bits, odd_ints);
- } else
-#endif
- res = mp_exptmod_i(&montBase, exponent, modulus, result, &mmm, nLen,
- bits_in_exponent, window_bits, odd_ints);
-
-CLEANUP:
- mp_clear(&montBase);
- mp_clear(&goodBase);
- /* Don't mp_clear mmm.N because it is merely a copy of modulus.
- ** Just zap it.
- */
- memset(&mmm, 0, sizeof mmm);
- return res;
-}
diff --git a/security/nss/lib/freebl/mpi/mpprime.c b/security/nss/lib/freebl/mpi/mpprime.c
deleted file mode 100644
index 636dbb188..000000000
--- a/security/nss/lib/freebl/mpi/mpprime.c
+++ /dev/null
@@ -1,622 +0,0 @@
-/*
- * mpprime.c
- *
- * Utilities for finding and working with prime and pseudo-prime
- * integers
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "mpi-priv.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include <stdlib.h>
-#include <string.h>
-
-#define SMALL_TABLE 0 /* determines size of hard-wired prime table */
-
-#define RANDOM() rand()
-
-#include "primes.c" /* pull in the prime digit table */
-
-/*
- Test if any of a given vector of digits divides a. If not, MP_NO
- is returned; otherwise, MP_YES is returned and 'which' is set to
- the index of the integer in the vector which divided a.
- */
-mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which);
-
-/* {{{ mpp_divis(a, b) */
-
-/*
- mpp_divis(a, b)
-
- Returns MP_YES if a is divisible by b, or MP_NO if it is not.
- */
-
-mp_err mpp_divis(mp_int *a, mp_int *b)
-{
- mp_err res;
- mp_int rem;
-
- if((res = mp_init(&rem)) != MP_OKAY)
- return res;
-
- if((res = mp_mod(a, b, &rem)) != MP_OKAY)
- goto CLEANUP;
-
- if(mp_cmp_z(&rem) == 0)
- res = MP_YES;
- else
- res = MP_NO;
-
-CLEANUP:
- mp_clear(&rem);
- return res;
-
-} /* end mpp_divis() */
-
-/* }}} */
-
-/* {{{ mpp_divis_d(a, d) */
-
-/*
- mpp_divis_d(a, d)
-
- Return MP_YES if a is divisible by d, or MP_NO if it is not.
- */
-
-mp_err mpp_divis_d(mp_int *a, mp_digit d)
-{
- mp_err res;
- mp_digit rem;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- if(d == 0)
- return MP_NO;
-
- if((res = mp_mod_d(a, d, &rem)) != MP_OKAY)
- return res;
-
- if(rem == 0)
- return MP_YES;
- else
- return MP_NO;
-
-} /* end mpp_divis_d() */
-
-/* }}} */
-
-/* {{{ mpp_random(a) */
-
-/*
- mpp_random(a)
-
- Assigns a random value to a. This value is generated using the
- standard C library's rand() function, so it should not be used for
- cryptographic purposes, but it should be fine for primality testing,
- since all we really care about there is good statistical properties.
-
- As many digits as a currently has are filled with random digits.
- */
-
-mp_err mpp_random(mp_int *a)
-
-{
- mp_digit next = 0;
- unsigned int ix, jx;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- for(jx = 0; jx < sizeof(mp_digit); jx++) {
- next = (next << CHAR_BIT) | (RANDOM() & UCHAR_MAX);
- }
- DIGIT(a, ix) = next;
- }
-
- return MP_OKAY;
-
-} /* end mpp_random() */
-
-/* }}} */
-
-/* {{{ mpp_random_size(a, prec) */
-
-mp_err mpp_random_size(mp_int *a, mp_size prec)
-{
- mp_err res;
-
- ARGCHK(a != NULL && prec > 0, MP_BADARG);
-
- if((res = s_mp_pad(a, prec)) != MP_OKAY)
- return res;
-
- return mpp_random(a);
-
-} /* end mpp_random_size() */
-
-/* }}} */
-
-/* {{{ mpp_divis_vector(a, vec, size, which) */
-
-/*
- mpp_divis_vector(a, vec, size, which)
-
- Determines if a is divisible by any of the 'size' digits in vec.
- Returns MP_YES and sets 'which' to the index of the offending digit,
- if it is; returns MP_NO if it is not.
- */
-
-mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which)
-{
- ARGCHK(a != NULL && vec != NULL && size > 0, MP_BADARG);
-
- return s_mpp_divp(a, vec, size, which);
-
-} /* end mpp_divis_vector() */
-
-/* }}} */
-
-/* {{{ mpp_divis_primes(a, np) */
-
-/*
- mpp_divis_primes(a, np)
-
- Test whether a is divisible by any of the first 'np' primes. If it
- is, returns MP_YES and sets *np to the value of the digit that did
- it. If not, returns MP_NO.
- */
-mp_err mpp_divis_primes(mp_int *a, mp_digit *np)
-{
- int size, which;
- mp_err res;
-
- ARGCHK(a != NULL && np != NULL, MP_BADARG);
-
- size = (int)*np;
- if(size > prime_tab_size)
- size = prime_tab_size;
-
- res = mpp_divis_vector(a, prime_tab, size, &which);
- if(res == MP_YES)
- *np = prime_tab[which];
-
- return res;
-
-} /* end mpp_divis_primes() */
-
-/* }}} */
-
-/* {{{ mpp_fermat(a, w) */
-
-/*
- Using w as a witness, try pseudo-primality testing based on Fermat's
- little theorem. If a is prime, and (w, a) = 1, then w^a == w (mod
- a). So, we compute z = w^a (mod a) and compare z to w; if they are
- equal, the test passes and we return MP_YES. Otherwise, we return
- MP_NO.
- */
-mp_err mpp_fermat(mp_int *a, mp_digit w)
-{
- mp_int base, test;
- mp_err res;
-
- if((res = mp_init(&base)) != MP_OKAY)
- return res;
-
- mp_set(&base, w);
-
- if((res = mp_init(&test)) != MP_OKAY)
- goto TEST;
-
- /* Compute test = base^a (mod a) */
- if((res = mp_exptmod(&base, a, a, &test)) != MP_OKAY)
- goto CLEANUP;
-
-
- if(mp_cmp(&base, &test) == 0)
- res = MP_YES;
- else
- res = MP_NO;
-
- CLEANUP:
- mp_clear(&test);
- TEST:
- mp_clear(&base);
-
- return res;
-
-} /* end mpp_fermat() */
-
-/* }}} */
-
-/*
- Perform the fermat test on each of the primes in a list until
- a) one of them shows a is not prime, or
- b) the list is exhausted.
- Returns: MP_YES if it passes tests.
- MP_NO if fermat test reveals it is composite
- Some MP error code if some other error occurs.
- */
-mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes)
-{
- mp_err rv = MP_YES;
-
- while (nPrimes-- > 0 && rv == MP_YES) {
- rv = mpp_fermat(a, *primes++);
- }
- return rv;
-}
-
-/* {{{ mpp_pprime(a, nt) */
-
-/*
- mpp_pprime(a, nt)
-
- Performs nt iteration of the Miller-Rabin probabilistic primality
- test on a. Returns MP_YES if the tests pass, MP_NO if one fails.
- If MP_NO is returned, the number is definitely composite. If MP_YES
- is returned, it is probably prime (but that is not guaranteed).
- */
-
-mp_err mpp_pprime(mp_int *a, int nt)
-{
- mp_err res;
- mp_int x, amo, m, z; /* "amo" = "a minus one" */
- int iter;
- unsigned int jx;
- mp_size b;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- MP_DIGITS(&x) = 0;
- MP_DIGITS(&amo) = 0;
- MP_DIGITS(&m) = 0;
- MP_DIGITS(&z) = 0;
-
- /* Initialize temporaries... */
- MP_CHECKOK( mp_init(&amo));
- /* Compute amo = a - 1 for what follows... */
- MP_CHECKOK( mp_sub_d(a, 1, &amo) );
-
- b = mp_trailing_zeros(&amo);
- if (!b) { /* a was even ? */
- res = MP_NO;
- goto CLEANUP;
- }
-
- MP_CHECKOK( mp_init_size(&x, MP_USED(a)) );
- MP_CHECKOK( mp_init(&z) );
- MP_CHECKOK( mp_init(&m) );
- MP_CHECKOK( mp_div_2d(&amo, b, &m, 0) );
-
- /* Do the test nt times... */
- for(iter = 0; iter < nt; iter++) {
-
- /* Choose a random value for x < a */
- s_mp_pad(&x, USED(a));
- mpp_random(&x);
- MP_CHECKOK( mp_mod(&x, a, &x) );
-
- /* Compute z = (x ** m) mod a */
- MP_CHECKOK( mp_exptmod(&x, &m, a, &z) );
-
- if(mp_cmp_d(&z, 1) == 0 || mp_cmp(&z, &amo) == 0) {
- res = MP_YES;
- continue;
- }
-
- res = MP_NO; /* just in case the following for loop never executes. */
- for (jx = 1; jx < b; jx++) {
- /* z = z^2 (mod a) */
- MP_CHECKOK( mp_sqrmod(&z, a, &z) );
- res = MP_NO; /* previous line set res to MP_YES */
-
- if(mp_cmp_d(&z, 1) == 0) {
- break;
- }
- if(mp_cmp(&z, &amo) == 0) {
- res = MP_YES;
- break;
- }
- } /* end testing loop */
-
- /* If the test passes, we will continue iterating, but a failed
- test means the candidate is definitely NOT prime, so we will
- immediately break out of this loop
- */
- if(res == MP_NO)
- break;
-
- } /* end iterations loop */
-
-CLEANUP:
- mp_clear(&m);
- mp_clear(&z);
- mp_clear(&x);
- mp_clear(&amo);
- return res;
-
-} /* end mpp_pprime() */
-
-/* }}} */
-
-/* Produce table of composites from list of primes and trial value.
-** trial must be odd. List of primes must not include 2.
-** sieve should have dimension >= MAXPRIME/2, where MAXPRIME is largest
-** prime in list of primes. After this function is finished,
-** if sieve[i] is non-zero, then (trial + 2*i) is composite.
-** Each prime used in the sieve costs one division of trial, and eliminates
-** one or more values from the search space. (3 eliminates 1/3 of the values
-** alone!) Each value left in the search space costs 1 or more modular
-** exponentations. So, these divisions are a bargain!
-*/
-mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
- unsigned char *sieve, mp_size nSieve)
-{
- mp_err res;
- mp_digit rem;
- mp_size ix;
- unsigned long offset;
-
- memset(sieve, 0, nSieve);
-
- for(ix = 0; ix < nPrimes; ix++) {
- mp_digit prime = primes[ix];
- mp_size i;
- if((res = mp_mod_d(trial, prime, &rem)) != MP_OKAY)
- return res;
-
- if (rem == 0) {
- offset = 0;
- } else {
- offset = prime - (rem / 2);
- }
- for (i = offset; i < nSieve ; i += prime) {
- sieve[i] = 1;
- }
- }
-
- return MP_OKAY;
-}
-
-#define SIEVE_SIZE 32*1024
-
-mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
- unsigned long * nTries)
-{
- mp_digit np;
- mp_err res;
- int i = 0;
- mp_int trial;
- mp_int q;
- mp_size num_tests;
- /*
- * Always make sieve the last variabale allocated so that
- * Mac builds don't break by adding an extra variable
- * on the stack. -javi
- */
-#if defined(macintosh) || defined (XP_OS2) \
- || (defined(HPUX) && defined(__ia64))
- unsigned char *sieve;
-
- sieve = malloc(SIEVE_SIZE);
- ARGCHK(sieve != NULL, MP_MEM);
-#else
- unsigned char sieve[SIEVE_SIZE];
-#endif
-
- ARGCHK(start != 0, MP_BADARG);
- ARGCHK(nBits > 16, MP_RANGE);
-
- MP_DIGITS(&trial) = 0;
- MP_DIGITS(&q) = 0;
- MP_CHECKOK( mp_init(&trial) );
- MP_CHECKOK( mp_init(&q) );
- /* values taken from table 4.4, HandBook of Applied Cryptography */
- if (nBits >= 1300) {
- num_tests = 2;
- } else if (nBits >= 850) {
- num_tests = 3;
- } else if (nBits >= 650) {
- num_tests = 4;
- } else if (nBits >= 550) {
- num_tests = 5;
- } else if (nBits >= 450) {
- num_tests = 6;
- } else if (nBits >= 400) {
- num_tests = 7;
- } else if (nBits >= 350) {
- num_tests = 8;
- } else if (nBits >= 300) {
- num_tests = 9;
- } else if (nBits >= 250) {
- num_tests = 12;
- } else if (nBits >= 200) {
- num_tests = 15;
- } else if (nBits >= 150) {
- num_tests = 18;
- } else if (nBits >= 100) {
- num_tests = 27;
- } else
- num_tests = 50;
-
- if (strong)
- --nBits;
- MP_CHECKOK( mpl_set_bit(start, nBits - 1, 1) );
- MP_CHECKOK( mpl_set_bit(start, 0, 1) );
- for (i = mpl_significant_bits(start) - 1; i >= nBits; --i) {
- MP_CHECKOK( mpl_set_bit(start, i, 0) );
- }
- /* start sieveing with prime value of 3. */
- MP_CHECKOK(mpp_sieve(start, prime_tab + 1, prime_tab_size - 1,
- sieve, SIEVE_SIZE) );
-
-#ifdef DEBUG_SIEVE
- res = 0;
- for (i = 0; i < SIEVE_SIZE; ++i) {
- if (!sieve[i])
- ++res;
- }
- fprintf(stderr,"sieve found %d potential primes.\n", res);
-#define FPUTC(x,y) fputc(x,y)
-#else
-#define FPUTC(x,y)
-#endif
-
- res = MP_NO;
- for(i = 0; i < SIEVE_SIZE; ++i) {
- if (sieve[i]) /* this number is composite */
- continue;
- MP_CHECKOK( mp_add_d(start, 2 * i, &trial) );
- FPUTC('.', stderr);
- /* run a Fermat test */
- res = mpp_fermat(&trial, 2);
- if (res != MP_OKAY) {
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
-
- FPUTC('+', stderr);
- /* If that passed, run some Miller-Rabin tests */
- res = mpp_pprime(&trial, num_tests);
- if (res != MP_OKAY) {
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
- FPUTC('!', stderr);
-
- if (!strong)
- break; /* success !! */
-
- /* At this point, we have strong evidence that our candidate
- is itself prime. If we want a strong prime, we need now
- to test q = 2p + 1 for primality...
- */
- MP_CHECKOK( mp_mul_2(&trial, &q) );
- MP_CHECKOK( mp_add_d(&q, 1, &q) );
-
- /* Test q for small prime divisors ... */
- np = prime_tab_size;
- res = mpp_divis_primes(&q, &np);
- if (res == MP_YES) { /* is composite */
- mp_clear(&q);
- continue;
- }
- if (res != MP_NO)
- goto CLEANUP;
-
- /* And test with Fermat, as with its parent ... */
- res = mpp_fermat(&q, 2);
- if (res != MP_YES) {
- mp_clear(&q);
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
-
- /* And test with Miller-Rabin, as with its parent ... */
- res = mpp_pprime(&q, num_tests);
- if (res != MP_YES) {
- mp_clear(&q);
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
-
- /* If it passed, we've got a winner */
- mp_exch(&q, &trial);
- mp_clear(&q);
- break;
-
- } /* end of loop through sieved values */
- if (res == MP_YES)
- mp_exch(&trial, start);
-CLEANUP:
- mp_clear(&trial);
- mp_clear(&q);
- if (nTries)
- *nTries += i;
-#if defined(macintosh) || defined(XP_OS2) \
- || (defined(HPUX) && defined(__ia64))
- if (sieve != NULL) {
- memset(sieve, 0, SIEVE_SIZE);
- free (sieve);
- }
-#endif
- return res;
-}
-
-/*========================================================================*/
-/*------------------------------------------------------------------------*/
-/* Static functions visible only to the library internally */
-
-/* {{{ s_mpp_divp(a, vec, size, which) */
-
-/*
- Test for divisibility by members of a vector of digits. Returns
- MP_NO if a is not divisible by any of them; returns MP_YES and sets
- 'which' to the index of the offender, if it is. Will stop on the
- first digit against which a is divisible.
- */
-
-mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which)
-{
- mp_err res;
- mp_digit rem;
-
- int ix;
-
- for(ix = 0; ix < size; ix++) {
- if((res = mp_mod_d(a, vec[ix], &rem)) != MP_OKAY)
- return res;
-
- if(rem == 0) {
- if(which)
- *which = ix;
- return MP_YES;
- }
- }
-
- return MP_NO;
-
-} /* end s_mpp_divp() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpprime.h b/security/nss/lib/freebl/mpi/mpprime.h
deleted file mode 100644
index 1204580f6..000000000
--- a/security/nss/lib/freebl/mpi/mpprime.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * mpprime.h
- *
- * Utilities for finding and working with prime and pseudo-prime
- * integers
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _H_MP_PRIME_
-#define _H_MP_PRIME_
-
-#include "mpi.h"
-
-extern const int prime_tab_size; /* number of primes available */
-extern const mp_digit prime_tab[];
-
-/* Tests for divisibility */
-mp_err mpp_divis(mp_int *a, mp_int *b);
-mp_err mpp_divis_d(mp_int *a, mp_digit d);
-
-/* Random selection */
-mp_err mpp_random(mp_int *a);
-mp_err mpp_random_size(mp_int *a, mp_size prec);
-
-/* Pseudo-primality testing */
-mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which);
-mp_err mpp_divis_primes(mp_int *a, mp_digit *np);
-mp_err mpp_fermat(mp_int *a, mp_digit w);
-mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes);
-mp_err mpp_pprime(mp_int *a, int nt);
-mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
- unsigned char *sieve, mp_size nSieve);
-mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
- unsigned long * nTries);
-
-#endif /* end _H_MP_PRIME_ */
diff --git a/security/nss/lib/freebl/mpi/mpv_sparc.c b/security/nss/lib/freebl/mpi/mpv_sparc.c
deleted file mode 100644
index a0a0b78fb..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparc.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a SPARC/VIS optimized multiply and add function
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-#include "vis_proto.h"
-
-/***************************************************************/
-
-typedef int t_s32;
-typedef unsigned int t_u32;
-#if defined(__sparcv9)
-typedef long t_s64;
-typedef unsigned long t_u64;
-#else
-typedef long long t_s64;
-typedef unsigned long long t_u64;
-#endif
-typedef double t_d64;
-
-/***************************************************************/
-
-typedef union {
- t_d64 d64;
- struct {
- t_s32 i0;
- t_s32 i1;
- } i32s;
-} d64_2_i32;
-
-/***************************************************************/
-
-#define BUFF_SIZE 256
-
-#define A_BITS 19
-#define A_MASK ((1 << A_BITS) - 1)
-
-/***************************************************************/
-
-static t_u64 mask_cnst[] = {
- 0x8000000080000000ull
-};
-
-/***************************************************************/
-
-#define DEF_VARS(N) \
- t_d64 *py = (t_d64*)y; \
- t_d64 mask = *((t_d64*)mask_cnst); \
- t_d64 ca = (1u << 31) - 1; \
- t_d64 da = (t_d64)a; \
- t_s64 buff[N], s; \
- d64_2_i32 dy
-
-/***************************************************************/
-
-#define MUL_U32_S64_2(i) \
- dy.d64 = vis_fxnor(mask, py[i]); \
- buff[2*(i) ] = (ca - (t_d64)dy.i32s.i0) * da; \
- buff[2*(i)+1] = (ca - (t_d64)dy.i32s.i1) * da
-
-#define MUL_U32_S64_2_D(i) \
- dy.d64 = vis_fxnor(mask, py[i]); \
- d0 = ca - (t_d64)dy.i32s.i0; \
- d1 = ca - (t_d64)dy.i32s.i1; \
- buff[4*(i) ] = (t_s64)(d0 * da); \
- buff[4*(i)+1] = (t_s64)(d0 * db); \
- buff[4*(i)+2] = (t_s64)(d1 * da); \
- buff[4*(i)+3] = (t_s64)(d1 * db)
-
-/***************************************************************/
-
-#define ADD_S64_U32(i) \
- s = buff[i] + x[i] + c; \
- z[i] = s; \
- c = (s >> 32)
-
-#define ADD_S64_U32_D(i) \
- s = buff[2*(i)] +(((t_s64)(buff[2*(i)+1]))<<A_BITS) + x[i] + uc; \
- z[i] = s; \
- uc = ((t_u64)s >> 32)
-
-/***************************************************************/
-
-#define MUL_U32_S64_8(i) \
- MUL_U32_S64_2(i); \
- MUL_U32_S64_2(i+1); \
- MUL_U32_S64_2(i+2); \
- MUL_U32_S64_2(i+3)
-
-#define MUL_U32_S64_D_8(i) \
- MUL_U32_S64_2_D(i); \
- MUL_U32_S64_2_D(i+1); \
- MUL_U32_S64_2_D(i+2); \
- MUL_U32_S64_2_D(i+3)
-
-/***************************************************************/
-
-#define ADD_S64_U32_8(i) \
- ADD_S64_U32(i); \
- ADD_S64_U32(i+1); \
- ADD_S64_U32(i+2); \
- ADD_S64_U32(i+3); \
- ADD_S64_U32(i+4); \
- ADD_S64_U32(i+5); \
- ADD_S64_U32(i+6); \
- ADD_S64_U32(i+7)
-
-#define ADD_S64_U32_D_8(i) \
- ADD_S64_U32_D(i); \
- ADD_S64_U32_D(i+1); \
- ADD_S64_U32_D(i+2); \
- ADD_S64_U32_D(i+3); \
- ADD_S64_U32_D(i+4); \
- ADD_S64_U32_D(i+5); \
- ADD_S64_U32_D(i+6); \
- ADD_S64_U32_D(i+7)
-
-/***************************************************************/
-
-t_u32 mul_add(t_u32 *z, t_u32 *x, t_u32 *y, int n, t_u32 a)
-{
- if (a < (1 << A_BITS)) {
-
- if (n == 8) {
- DEF_VARS(8);
- t_s32 c = 0;
-
- MUL_U32_S64_8(0);
- ADD_S64_U32_8(0);
-
- return c;
-
- } else if (n == 16) {
- DEF_VARS(16);
- t_s32 c = 0;
-
- MUL_U32_S64_8(0);
- MUL_U32_S64_8(4);
- ADD_S64_U32_8(0);
- ADD_S64_U32_8(8);
-
- return c;
-
- } else {
- DEF_VARS(BUFF_SIZE);
- t_s32 i, c = 0;
-
-#pragma pipeloop(0)
- for (i = 0; i < (n+1)/2; i ++) {
- MUL_U32_S64_2(i);
- }
-
-#pragma pipeloop(0)
- for (i = 0; i < n; i ++) {
- ADD_S64_U32(i);
- }
-
- return c;
-
- }
- } else {
-
- if (n == 8) {
- DEF_VARS(2*8);
- t_d64 d0, d1, db;
- t_u32 uc = 0;
-
- da = (t_d64)(a & A_MASK);
- db = (t_d64)(a >> A_BITS);
-
- MUL_U32_S64_D_8(0);
- ADD_S64_U32_D_8(0);
-
- return uc;
-
- } else if (n == 16) {
- DEF_VARS(2*16);
- t_d64 d0, d1, db;
- t_u32 uc = 0;
-
- da = (t_d64)(a & A_MASK);
- db = (t_d64)(a >> A_BITS);
-
- MUL_U32_S64_D_8(0);
- MUL_U32_S64_D_8(4);
- ADD_S64_U32_D_8(0);
- ADD_S64_U32_D_8(8);
-
- return uc;
-
- } else {
- DEF_VARS(2*BUFF_SIZE);
- t_d64 d0, d1, db;
- t_u32 i, uc = 0;
-
- da = (t_d64)(a & A_MASK);
- db = (t_d64)(a >> A_BITS);
-
-#pragma pipeloop(0)
- for (i = 0; i < (n+1)/2; i ++) {
- MUL_U32_S64_2_D(i);
- }
-
-#pragma pipeloop(0)
- for (i = 0; i < n; i ++) {
- ADD_S64_U32_D(i);
- }
-
- return uc;
- }
- }
-}
-
-/***************************************************************/
-
-t_u32 mul_add_inp(t_u32 *x, t_u32 *y, int n, t_u32 a)
-{
- return mul_add(x, x, y, n, a);
-}
-
-/***************************************************************/
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv8.s b/security/nss/lib/freebl/mpi/mpv_sparcv8.s
deleted file mode 100644
index 81fdd1b93..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparcv8.s
+++ /dev/null
@@ -1,1641 +0,0 @@
-!/*
-! * The contents of this file are subject to the Mozilla Public
-! * License Version 1.1 (the "License"); you may not use this file
-! * except in compliance with the License. You may obtain a copy of
-! * the License at http://www.mozilla.org/MPL/
-! *
-! * Software distributed under the License is distributed on an "AS
-! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! * implied. See the License for the specific language governing
-! * rights and limitations under the License.
-! *
-! * The Original Code is a SPARC/VIS optimized multiply and add function
-! *
-! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! * Portions created by Sun Microsystems Inc. are
-! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-! *
-! * Contributor(s):
-! *
-! * Alternatively, the contents of this file may be used under the
-! * terms of the GNU General Public License Version 2 or later (the
-! * "GPL"), in which case the provisions of the GPL are applicable
-! * instead of those above. If you wish to allow use of your
-! * version of this file only under the terms of the GPL and not to
-! * allow others to use your version of this file under the MPL,
-! * indicate your decision by deleting the provisions above and
-! * replace them with the notice and other provisions required by
-! * the GPL. If you do not delete the provisions above, a recipient
-! * may use your version of this file under either the MPL or the
-! * GPL.
-! * $Id$
-! */
-
-
- .section ".text",#alloc,#execinstr
-/* 000000 3 ( 0 0) */ .file "mpv_sparc.c"
-/* 000000 14 ( 0 0) */ .align 8
-!
-! SUBROUTINE .L_const_seg_900000106
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .L_const_seg_900000106: /* frequency 1.0 confidence 0.0 */
-/* 000000 19 ( 0 0) */ .word 1127219200,0
-/* 0x0008 20 ( 0 0) */ .word 1105199103,-4194304
-/* 0x0010 21 ( 0 0) */ .align 16
-/* 0x0010 27 ( 0 0) */ .global mul_add
-
-!
-! ENTRY mul_add
-!
-
- .global mul_add
- mul_add: /* frequency 1.0 confidence 0.0 */
-/* 0x0010 29 ( 0 1) */ sethi %hi(0x1800),%g1
-/* 0x0014 30 ( 0 1) */ sethi %hi(mask_cnst),%g2
-/* 0x0018 31 ( 1 2) */ xor %g1,-984,%g1
-/* 0x001c 32 ( 1 2) */ add %g2,%lo(mask_cnst),%g2
-/* 0x0020 33 ( 2 4) */ save %sp,%g1,%sp
-
-!
-! ENTRY .L900000154
-!
-
- .L900000154: /* frequency 1.0 confidence 0.0 */
-/* 0x0024 35 ( 0 2) */ call (.+0x8) ! params = ! Result =
-/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
-/* 0x002c 177 ( 2 3) */ sethi %hi(.L_const_seg_900000106),%g3
-/* 0x0030 178 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
-/* 0x0034 179 ( 3 4) */ or %g0,%i4,%o1
-/* 0x0038 180 ( 3 4) */ st %o1,[%fp+84]
-/* 0x003c 181 ( 3 4) */ add %g5,%o7,%o3
-/* 0x0040 182 ( 4 5) */ add %g3,%lo(.L_const_seg_900000106),%g3
-/* 0x0044 183 ( 4 6) */ ld [%o3+%g2],%g2
-/* 0x0048 184 ( 4 5) */ or %g0,%i3,%o2
-/* 0x004c 185 ( 5 6) */ sethi %hi(0x80000),%g4
-/* 0x0050 186 ( 5 7) */ ld [%o3+%g3],%o0
-/* 0x0054 187 ( 5 6) */ or %g0,%i2,%g5
-/* 0x0058 188 ( 6 7) */ or %g0,%o2,%o3
-/* 0x005c 189 ( 6 10) */ ldd [%g2],%f0
-/* 0x0060 190 ( 6 7) */ subcc %o1,%g4,%g0
-/* 0x0064 191 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50
-/* 0x0068 ( 7 8) */ subcc %o2,8,%g0
-/* 0x006c 193 ( 7 8) */ bne,pn %icc,.L77000037 ! tprob=0.50
-/* 0x0070 ( 8 12) */ ldd [%o0],%f8
-/* 0x0074 195 ( 9 13) */ ldd [%g5],%f4
-/* 0x0078 196 (10 14) */ ldd [%g5+8],%f6
-/* 0x007c 197 (11 15) */ ldd [%g5+16],%f10
-/* 0x0080 198 (11 14) */ fmovs %f8,%f12
-/* 0x0084 199 (12 16) */ fxnor %f0,%f4,%f4
-/* 0x0088 200 (12 14) */ ld [%fp+84],%f13
-/* 0x008c 201 (13 17) */ ldd [%o0+8],%f14
-/* 0x0090 202 (13 17) */ fxnor %f0,%f6,%f6
-/* 0x0094 203 (14 18) */ ldd [%g5+24],%f16
-/* 0x0098 204 (14 18) */ fxnor %f0,%f10,%f10
-/* 0x009c 208 (15 17) */ ld [%i1],%g2
-/* 0x00a0 209 (15 20) */ fsubd %f12,%f8,%f8
-/* 0x00a4 210 (16 21) */ fitod %f4,%f18
-/* 0x00a8 211 (16 18) */ ld [%i1+4],%g3
-/* 0x00ac 212 (17 22) */ fitod %f5,%f4
-/* 0x00b0 213 (17 19) */ ld [%i1+8],%g4
-/* 0x00b4 214 (18 23) */ fitod %f6,%f20
-/* 0x00b8 215 (18 20) */ ld [%i1+12],%g5
-/* 0x00bc 216 (19 21) */ ld [%i1+16],%o0
-/* 0x00c0 217 (19 24) */ fitod %f7,%f6
-/* 0x00c4 218 (20 22) */ ld [%i1+20],%o1
-/* 0x00c8 219 (20 24) */ fxnor %f0,%f16,%f16
-/* 0x00cc 220 (21 26) */ fsubd %f14,%f18,%f12
-/* 0x00d0 221 (21 23) */ ld [%i1+24],%o2
-/* 0x00d4 222 (22 27) */ fsubd %f14,%f4,%f4
-/* 0x00d8 223 (22 24) */ ld [%i1+28],%o3
-/* 0x00dc 224 (23 28) */ fitod %f10,%f18
-/* 0x00e0 225 (24 29) */ fsubd %f14,%f20,%f20
-/* 0x00e4 226 (25 30) */ fitod %f11,%f10
-/* 0x00e8 227 (26 31) */ fsubd %f14,%f6,%f6
-/* 0x00ec 228 (26 31) */ fmuld %f12,%f8,%f12
-/* 0x00f0 229 (27 32) */ fitod %f16,%f22
-/* 0x00f4 230 (27 32) */ fmuld %f4,%f8,%f4
-/* 0x00f8 231 (28 33) */ fsubd %f14,%f18,%f18
-/* 0x00fc 232 (29 34) */ fitod %f17,%f16
-/* 0x0100 233 (29 34) */ fmuld %f20,%f8,%f20
-/* 0x0104 234 (30 35) */ fsubd %f14,%f10,%f10
-/* 0x0108 235 (31 36) */ fdtox %f12,%f12
-/* 0x010c 236 (31 32) */ std %f12,[%sp+152]
-/* 0x0110 237 (31 36) */ fmuld %f6,%f8,%f6
-/* 0x0114 238 (32 37) */ fdtox %f4,%f4
-/* 0x0118 239 (32 33) */ std %f4,[%sp+144]
-/* 0x011c 240 (33 38) */ fsubd %f14,%f22,%f4
-/* 0x0120 241 (33 38) */ fmuld %f18,%f8,%f12
-/* 0x0124 242 (34 39) */ fdtox %f20,%f18
-/* 0x0128 243 (34 35) */ std %f18,[%sp+136]
-/* 0x012c 244 (35 37) */ ldx [%sp+152],%o4
-/* 0x0130 245 (35 40) */ fsubd %f14,%f16,%f14
-/* 0x0134 246 (35 40) */ fmuld %f10,%f8,%f10
-/* 0x0138 247 (36 41) */ fdtox %f6,%f6
-/* 0x013c 248 (36 37) */ std %f6,[%sp+128]
-/* 0x0140 249 (37 39) */ ldx [%sp+144],%o5
-/* 0x0144 250 (37 38) */ add %o4,%g2,%o4
-/* 0x0148 251 (38 39) */ st %o4,[%i0]
-/* 0x014c 252 (38 39) */ srax %o4,32,%g2
-/* 0x0150 253 (38 43) */ fdtox %f12,%f6
-/* 0x0154 254 (38 43) */ fmuld %f4,%f8,%f4
-/* 0x0158 255 (39 40) */ std %f6,[%sp+120]
-/* 0x015c 256 (39 40) */ add %o5,%g3,%g3
-/* 0x0160 257 (40 42) */ ldx [%sp+136],%o7
-/* 0x0164 258 (40 41) */ add %g3,%g2,%g2
-/* 0x0168 259 (40 45) */ fmuld %f14,%f8,%f6
-/* 0x016c 260 (40 45) */ fdtox %f10,%f8
-/* 0x0170 261 (41 42) */ std %f8,[%sp+112]
-/* 0x0174 262 (41 42) */ srax %g2,32,%o5
-/* 0x0178 263 (42 44) */ ldx [%sp+128],%g3
-/* 0x017c 264 (42 43) */ add %o7,%g4,%g4
-/* 0x0180 265 (43 44) */ st %g2,[%i0+4]
-/* 0x0184 266 (43 44) */ add %g4,%o5,%g4
-/* 0x0188 267 (43 48) */ fdtox %f4,%f4
-/* 0x018c 268 (44 46) */ ldx [%sp+120],%o5
-/* 0x0190 269 (44 45) */ add %g3,%g5,%g3
-/* 0x0194 270 (44 45) */ srax %g4,32,%g5
-/* 0x0198 271 (45 46) */ std %f4,[%sp+104]
-/* 0x019c 272 (45 46) */ add %g3,%g5,%g3
-/* 0x01a0 273 (45 50) */ fdtox %f6,%f4
-/* 0x01a4 274 (46 47) */ std %f4,[%sp+96]
-/* 0x01a8 275 (46 47) */ add %o5,%o0,%o0
-/* 0x01ac 276 (46 47) */ srax %g3,32,%o5
-/* 0x01b0 277 (47 49) */ ldx [%sp+112],%g5
-/* 0x01b4 278 (47 48) */ add %o0,%o5,%o0
-/* 0x01b8 279 (48 49) */ st %g4,[%i0+8]
-/* 0x01bc 280 (49 51) */ ldx [%sp+104],%o5
-/* 0x01c0 281 (49 50) */ add %g5,%o1,%o1
-/* 0x01c4 282 (49 50) */ srax %o0,32,%g5
-/* 0x01c8 283 (50 51) */ st %o0,[%i0+16]
-/* 0x01cc 284 (50 51) */ add %o1,%g5,%o1
-/* 0x01d0 285 (51 53) */ ldx [%sp+96],%g5
-/* 0x01d4 286 (51 52) */ add %o5,%o2,%o2
-/* 0x01d8 287 (51 52) */ srax %o1,32,%o5
-/* 0x01dc 288 (52 53) */ st %o1,[%i0+20]
-/* 0x01e0 289 (52 53) */ add %o2,%o5,%o2
-/* 0x01e4 290 (53 54) */ st %o2,[%i0+24]
-/* 0x01e8 291 (53 54) */ srax %o2,32,%g4
-/* 0x01ec 292 (53 54) */ add %g5,%o3,%g2
-/* 0x01f0 293 (54 55) */ st %g3,[%i0+12]
-/* 0x01f4 294 (54 55) */ add %g2,%g4,%g2
-/* 0x01f8 295 (55 56) */ st %g2,[%i0+28]
-/* 0x01fc 299 (55 56) */ srax %g2,32,%o7
-/* 0x0200 300 (56 57) */ or %g0,%o7,%i0
-/* 0x0204 (57 64) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0208 (59 61) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000037
-!
-
- .L77000037: /* frequency 1.0 confidence 0.0 */
-/* 0x020c 307 ( 0 1) */ subcc %o2,16,%g0
-/* 0x0210 308 ( 0 1) */ bne,pn %icc,.L77000076 ! tprob=0.50
-/* 0x0214 ( 1 5) */ ldd [%o0],%f8
-/* 0x0218 310 ( 2 6) */ ldd [%g5],%f4
-/* 0x021c 311 ( 3 7) */ ldd [%g5+8],%f6
-/* 0x0220 317 ( 4 8) */ ldd [%o0+8],%f14
-/* 0x0224 318 ( 4 7) */ fmovs %f8,%f12
-/* 0x0228 319 ( 5 7) */ ld [%fp+84],%f13
-/* 0x022c 320 ( 5 9) */ fxnor %f0,%f4,%f4
-/* 0x0230 321 ( 6 10) */ ldd [%g5+16],%f10
-/* 0x0234 322 ( 6 10) */ fxnor %f0,%f6,%f6
-/* 0x0238 323 ( 7 11) */ ldd [%g5+24],%f16
-/* 0x023c 324 ( 8 12) */ ldd [%g5+32],%f20
-/* 0x0240 325 ( 8 13) */ fsubd %f12,%f8,%f8
-/* 0x0244 331 ( 9 11) */ ld [%i1+40],%o7
-/* 0x0248 332 ( 9 14) */ fitod %f4,%f18
-/* 0x024c 333 (10 14) */ ldd [%g5+40],%f22
-/* 0x0250 334 (10 15) */ fitod %f5,%f4
-/* 0x0254 335 (11 12) */ stx %o7,[%sp+96]
-/* 0x0258 336 (11 16) */ fitod %f6,%f24
-/* 0x025c 337 (12 14) */ ld [%i1+44],%o7
-/* 0x0260 338 (12 16) */ fxnor %f0,%f10,%f10
-/* 0x0264 339 (13 17) */ ldd [%g5+48],%f26
-/* 0x0268 340 (13 18) */ fitod %f7,%f6
-/* 0x026c 341 (14 15) */ stx %o7,[%sp+104]
-/* 0x0270 342 (14 19) */ fsubd %f14,%f18,%f18
-/* 0x0274 343 (15 17) */ ld [%i1+48],%o7
-/* 0x0278 344 (15 20) */ fsubd %f14,%f4,%f4
-/* 0x027c 345 (16 18) */ ld [%i1+36],%o5
-/* 0x0280 346 (16 21) */ fitod %f10,%f28
-/* 0x0284 347 (17 18) */ stx %o7,[%sp+112]
-/* 0x0288 348 (17 21) */ fxnor %f0,%f16,%f16
-/* 0x028c 349 (18 20) */ ld [%i1],%g2
-/* 0x0290 350 (18 23) */ fsubd %f14,%f24,%f24
-/* 0x0294 351 (19 20) */ stx %o5,[%sp+120]
-/* 0x0298 352 (19 24) */ fitod %f11,%f10
-/* 0x029c 353 (19 24) */ fmuld %f18,%f8,%f18
-/* 0x02a0 354 (20 22) */ ld [%i1+52],%o5
-/* 0x02a4 355 (20 25) */ fsubd %f14,%f6,%f6
-/* 0x02a8 356 (20 25) */ fmuld %f4,%f8,%f4
-/* 0x02ac 357 (21 26) */ fitod %f16,%f30
-/* 0x02b0 358 (22 26) */ fxnor %f0,%f20,%f20
-/* 0x02b4 359 (22 24) */ ld [%i1+4],%g3
-/* 0x02b8 360 (23 27) */ ldd [%g5+56],%f2
-/* 0x02bc 361 (23 28) */ fsubd %f14,%f28,%f28
-/* 0x02c0 362 (23 28) */ fmuld %f24,%f8,%f24
-/* 0x02c4 363 (24 25) */ stx %o5,[%sp+128]
-/* 0x02c8 364 (24 29) */ fdtox %f18,%f18
-/* 0x02cc 365 (25 26) */ std %f18,[%sp+272]
-/* 0x02d0 366 (25 30) */ fitod %f17,%f16
-/* 0x02d4 367 (25 30) */ fmuld %f6,%f8,%f6
-/* 0x02d8 368 (26 31) */ fsubd %f14,%f10,%f10
-/* 0x02dc 369 (27 32) */ fitod %f20,%f18
-/* 0x02e0 370 (28 33) */ fdtox %f4,%f4
-/* 0x02e4 371 (28 29) */ std %f4,[%sp+264]
-/* 0x02e8 372 (28 33) */ fmuld %f28,%f8,%f28
-/* 0x02ec 373 (29 31) */ ld [%i1+8],%g4
-/* 0x02f0 374 (29 34) */ fsubd %f14,%f30,%f4
-/* 0x02f4 375 (30 34) */ fxnor %f0,%f22,%f22
-/* 0x02f8 376 (30 32) */ ld [%i1+12],%g5
-/* 0x02fc 377 (31 33) */ ld [%i1+16],%o0
-/* 0x0300 378 (31 36) */ fitod %f21,%f20
-/* 0x0304 379 (31 36) */ fmuld %f10,%f8,%f10
-/* 0x0308 380 (32 34) */ ld [%i1+20],%o1
-/* 0x030c 381 (32 37) */ fdtox %f24,%f24
-/* 0x0310 382 (33 34) */ std %f24,[%sp+256]
-/* 0x0314 383 (33 38) */ fsubd %f14,%f16,%f16
-/* 0x0318 384 (34 36) */ ldx [%sp+272],%o7
-/* 0x031c 385 (34 39) */ fdtox %f6,%f6
-/* 0x0320 386 (34 39) */ fmuld %f4,%f8,%f4
-/* 0x0324 387 (35 36) */ std %f6,[%sp+248]
-/* 0x0328 388 (35 40) */ fitod %f22,%f24
-/* 0x032c 389 (36 38) */ ld [%i1+32],%o4
-/* 0x0330 390 (36 41) */ fsubd %f14,%f18,%f6
-/* 0x0334 391 (36 37) */ add %o7,%g2,%g2
-/* 0x0338 392 (37 39) */ ldx [%sp+264],%o7
-/* 0x033c 393 (37 41) */ fxnor %f0,%f26,%f26
-/* 0x0340 394 (37 38) */ srax %g2,32,%o5
-/* 0x0344 395 (38 39) */ st %g2,[%i0]
-/* 0x0348 396 (38 43) */ fitod %f23,%f18
-/* 0x034c 397 (38 43) */ fmuld %f16,%f8,%f16
-/* 0x0350 398 (39 41) */ ldx [%sp+248],%g2
-/* 0x0354 399 (39 44) */ fdtox %f28,%f22
-/* 0x0358 400 (39 40) */ add %o7,%g3,%g3
-/* 0x035c 401 (40 42) */ ldx [%sp+256],%o7
-/* 0x0360 402 (40 45) */ fsubd %f14,%f20,%f20
-/* 0x0364 403 (40 41) */ add %g3,%o5,%g3
-/* 0x0368 404 (41 42) */ std %f22,[%sp+240]
-/* 0x036c 405 (41 46) */ fitod %f26,%f22
-/* 0x0370 406 (41 42) */ srax %g3,32,%o5
-/* 0x0374 407 (41 42) */ add %g2,%g5,%g2
-/* 0x0378 408 (42 43) */ st %g3,[%i0+4]
-/* 0x037c 409 (42 47) */ fdtox %f10,%f10
-/* 0x0380 410 (42 43) */ add %o7,%g4,%g4
-/* 0x0384 411 (42 47) */ fmuld %f6,%f8,%f6
-/* 0x0388 412 (43 44) */ std %f10,[%sp+232]
-/* 0x038c 413 (43 47) */ fxnor %f0,%f2,%f12
-/* 0x0390 414 (43 44) */ add %g4,%o5,%g4
-/* 0x0394 415 (44 45) */ st %g4,[%i0+8]
-/* 0x0398 416 (44 45) */ srax %g4,32,%o5
-/* 0x039c 417 (44 49) */ fsubd %f14,%f24,%f10
-/* 0x03a0 418 (45 47) */ ldx [%sp+240],%o7
-/* 0x03a4 419 (45 50) */ fdtox %f4,%f4
-/* 0x03a8 420 (45 46) */ add %g2,%o5,%g2
-/* 0x03ac 421 (45 50) */ fmuld %f20,%f8,%f20
-/* 0x03b0 422 (46 47) */ std %f4,[%sp+224]
-/* 0x03b4 423 (46 47) */ srax %g2,32,%g5
-/* 0x03b8 424 (46 51) */ fsubd %f14,%f18,%f4
-/* 0x03bc 425 (47 48) */ st %g2,[%i0+12]
-/* 0x03c0 426 (47 52) */ fitod %f27,%f24
-/* 0x03c4 427 (47 48) */ add %o7,%o0,%g3
-/* 0x03c8 428 (48 50) */ ldx [%sp+232],%o5
-/* 0x03cc 429 (48 53) */ fdtox %f16,%f16
-/* 0x03d0 430 (48 49) */ add %g3,%g5,%g2
-/* 0x03d4 431 (49 50) */ std %f16,[%sp+216]
-/* 0x03d8 432 (49 50) */ srax %g2,32,%g4
-/* 0x03dc 433 (49 54) */ fitod %f12,%f18
-/* 0x03e0 434 (49 54) */ fmuld %f10,%f8,%f10
-/* 0x03e4 435 (50 51) */ st %g2,[%i0+16]
-/* 0x03e8 436 (50 55) */ fsubd %f14,%f22,%f16
-/* 0x03ec 437 (50 51) */ add %o5,%o1,%g2
-/* 0x03f0 438 (51 53) */ ld [%i1+24],%o2
-/* 0x03f4 439 (51 56) */ fitod %f13,%f12
-/* 0x03f8 440 (51 52) */ add %g2,%g4,%g2
-/* 0x03fc 441 (51 56) */ fmuld %f4,%f8,%f22
-/* 0x0400 442 (52 54) */ ldx [%sp+224],%g3
-/* 0x0404 443 (52 53) */ srax %g2,32,%g4
-/* 0x0408 444 (52 57) */ fdtox %f6,%f6
-/* 0x040c 445 (53 54) */ std %f6,[%sp+208]
-/* 0x0410 446 (53 58) */ fdtox %f20,%f6
-/* 0x0414 447 (54 55) */ stx %o4,[%sp+136]
-/* 0x0418 448 (54 59) */ fsubd %f14,%f24,%f4
-/* 0x041c 449 (55 56) */ std %f6,[%sp+200]
-/* 0x0420 450 (55 60) */ fsubd %f14,%f18,%f6
-/* 0x0424 451 (55 60) */ fmuld %f16,%f8,%f16
-/* 0x0428 452 (56 57) */ st %g2,[%i0+20]
-/* 0x042c 453 (56 57) */ add %g3,%o2,%g2
-/* 0x0430 454 (56 61) */ fdtox %f10,%f10
-/* 0x0434 455 (57 59) */ ld [%i1+28],%o3
-/* 0x0438 456 (57 58) */ add %g2,%g4,%g2
-/* 0x043c 457 (58 60) */ ldx [%sp+216],%g5
-/* 0x0440 458 (58 59) */ srax %g2,32,%g4
-/* 0x0444 459 (59 60) */ std %f10,[%sp+192]
-/* 0x0448 460 (59 64) */ fsubd %f14,%f12,%f10
-/* 0x044c 461 (59 64) */ fmuld %f4,%f8,%f4
-/* 0x0450 462 (60 61) */ st %g2,[%i0+24]
-/* 0x0454 463 (60 61) */ add %g5,%o3,%g2
-/* 0x0458 464 (60 65) */ fdtox %f22,%f12
-/* 0x045c 465 (60 65) */ fmuld %f6,%f8,%f6
-/* 0x0460 466 (61 63) */ ldx [%sp+136],%o0
-/* 0x0464 467 (61 62) */ add %g2,%g4,%g2
-/* 0x0468 468 (62 64) */ ldx [%sp+208],%g3
-/* 0x046c 469 (62 63) */ srax %g2,32,%g4
-/* 0x0470 470 (63 65) */ ldx [%sp+120],%o1
-/* 0x0474 471 (64 66) */ ldx [%sp+200],%g5
-/* 0x0478 472 (64 65) */ add %g3,%o0,%g3
-/* 0x047c 473 (64 69) */ fdtox %f4,%f4
-/* 0x0480 474 (64 69) */ fmuld %f10,%f8,%f8
-/* 0x0484 475 (65 66) */ std %f12,[%sp+184]
-/* 0x0488 476 (65 66) */ add %g3,%g4,%g3
-/* 0x048c 477 (65 70) */ fdtox %f16,%f12
-/* 0x0490 478 (66 67) */ std %f12,[%sp+176]
-/* 0x0494 479 (66 67) */ srax %g3,32,%o0
-/* 0x0498 480 (66 67) */ add %g5,%o1,%g5
-/* 0x049c 481 (67 69) */ ldx [%sp+192],%o2
-/* 0x04a0 482 (67 68) */ add %g5,%o0,%g5
-/* 0x04a4 483 (68 70) */ ldx [%sp+96],%g4
-/* 0x04a8 484 (68 69) */ srax %g5,32,%o1
-/* 0x04ac 485 (69 71) */ ld [%i1+56],%o4
-/* 0x04b0 486 (70 72) */ ldx [%sp+104],%o0
-/* 0x04b4 487 (70 71) */ add %o2,%g4,%g4
-/* 0x04b8 488 (71 72) */ std %f4,[%sp+168]
-/* 0x04bc 489 (71 72) */ add %g4,%o1,%g4
-/* 0x04c0 490 (71 76) */ fdtox %f6,%f4
-/* 0x04c4 491 (72 74) */ ldx [%sp+184],%o3
-/* 0x04c8 492 (72 73) */ srax %g4,32,%o2
-/* 0x04cc 493 (73 75) */ ldx [%sp+112],%o1
-/* 0x04d0 494 (74 75) */ std %f4,[%sp+160]
-/* 0x04d4 495 (74 75) */ add %o3,%o0,%o0
-/* 0x04d8 496 (74 79) */ fdtox %f8,%f4
-/* 0x04dc 497 (75 77) */ ldx [%sp+176],%o5
-/* 0x04e0 498 (75 76) */ add %o0,%o2,%o0
-/* 0x04e4 499 (76 77) */ stx %o4,[%sp+144]
-/* 0x04e8 500 (77 78) */ st %g2,[%i0+28]
-/* 0x04ec 501 (77 78) */ add %o5,%o1,%g2
-/* 0x04f0 502 (77 78) */ srax %o0,32,%o1
-/* 0x04f4 503 (78 79) */ std %f4,[%sp+152]
-/* 0x04f8 504 (78 79) */ add %g2,%o1,%o1
-/* 0x04fc 505 (79 81) */ ldx [%sp+168],%o7
-/* 0x0500 506 (79 80) */ srax %o1,32,%o3
-/* 0x0504 507 (80 82) */ ldx [%sp+128],%o2
-/* 0x0508 508 (81 83) */ ld [%i1+60],%o4
-/* 0x050c 509 (82 83) */ add %o7,%o2,%o2
-/* 0x0510 510 (83 84) */ add %o2,%o3,%o2
-/* 0x0514 511 (83 85) */ ldx [%sp+144],%o5
-/* 0x0518 512 (84 86) */ ldx [%sp+160],%g2
-/* 0x051c 513 (85 87) */ ldx [%sp+152],%o3
-/* 0x0520 514 (86 87) */ st %g3,[%i0+32]
-/* 0x0524 515 (86 87) */ add %g2,%o5,%g2
-/* 0x0528 516 (86 87) */ srax %o2,32,%o5
-/* 0x052c 517 (87 88) */ st %g5,[%i0+36]
-/* 0x0530 518 (87 88) */ add %g2,%o5,%g2
-/* 0x0534 519 (87 88) */ add %o3,%o4,%g3
-/* 0x0538 520 (88 89) */ st %o0,[%i0+44]
-/* 0x053c 521 (88 89) */ srax %g2,32,%g5
-/* 0x0540 522 (89 90) */ st %o1,[%i0+48]
-/* 0x0544 523 (89 90) */ add %g3,%g5,%g3
-/* 0x0548 524 (90 91) */ st %o2,[%i0+52]
-/* 0x054c 528 (90 91) */ srax %g3,32,%o7
-/* 0x0550 529 (91 92) */ st %g4,[%i0+40]
-/* 0x0554 530 (92 93) */ st %g2,[%i0+56]
-/* 0x0558 531 (93 94) */ st %g3,[%i0+60]
-/* 0x055c 532 (93 94) */ or %g0,%o7,%i0
-/* 0x0560 (94 101) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0564 (96 98) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000076
-!
-
- .L77000076: /* frequency 1.0 confidence 0.0 */
-/* 0x0568 540 ( 0 4) */ ldd [%o0],%f6
-/* 0x056c 546 ( 0 1) */ add %o2,1,%g2
-/* 0x0570 547 ( 0 3) */ fmovd %f0,%f14
-/* 0x0574 548 ( 0 1) */ or %g0,0,%o7
-/* 0x0578 549 ( 1 3) */ ld [%fp+84],%f9
-/* 0x057c 550 ( 1 2) */ srl %g2,31,%g3
-/* 0x0580 551 ( 1 2) */ add %fp,-2264,%o5
-/* 0x0584 552 ( 2 3) */ add %g2,%g3,%g2
-/* 0x0588 553 ( 2 6) */ ldd [%o0+8],%f18
-/* 0x058c 554 ( 2 3) */ add %fp,-2256,%o4
-/* 0x0590 555 ( 3 6) */ fmovs %f6,%f8
-/* 0x0594 556 ( 3 4) */ sra %g2,1,%o1
-/* 0x0598 557 ( 3 4) */ or %g0,0,%g2
-/* 0x059c 558 ( 4 5) */ subcc %o1,0,%g0
-/* 0x05a0 559 ( 4 5) */ sub %o1,1,%o2
-/* 0x05a4 563 ( 5 6) */ add %g5,32,%o0
-/* 0x05a8 564 ( 6 11) */ fsubd %f8,%f6,%f16
-/* 0x05ac 565 ( 6 7) */ ble,pt %icc,.L900000161 ! tprob=0.50
-/* 0x05b0 ( 6 7) */ subcc %o3,0,%g0
-/* 0x05b4 567 ( 7 8) */ subcc %o1,7,%g0
-/* 0x05b8 568 ( 7 8) */ bl,pn %icc,.L77000077 ! tprob=0.50
-/* 0x05bc ( 7 8) */ sub %o1,2,%o1
-/* 0x05c0 570 ( 8 12) */ ldd [%g5],%f2
-/* 0x05c4 571 ( 9 13) */ ldd [%g5+8],%f4
-/* 0x05c8 572 ( 9 10) */ or %g0,5,%g2
-/* 0x05cc 573 (10 14) */ ldd [%g5+16],%f0
-/* 0x05d0 574 (11 15) */ fxnor %f14,%f2,%f2
-/* 0x05d4 575 (11 15) */ ldd [%g5+24],%f12
-/* 0x05d8 576 (12 16) */ fxnor %f14,%f4,%f6
-/* 0x05dc 577 (12 16) */ ldd [%g5+32],%f10
-/* 0x05e0 578 (13 17) */ fxnor %f14,%f0,%f8
-/* 0x05e4 579 (15 20) */ fitod %f3,%f0
-/* 0x05e8 580 (16 21) */ fitod %f2,%f4
-/* 0x05ec 581 (17 22) */ fitod %f7,%f2
-/* 0x05f0 582 (18 23) */ fitod %f6,%f6
-/* 0x05f4 583 (20 25) */ fsubd %f18,%f0,%f0
-/* 0x05f8 584 (21 26) */ fsubd %f18,%f4,%f4
-
-!
-! ENTRY .L900000149
-!
-
- .L900000149: /* frequency 1.0 confidence 0.0 */
-/* 0x05fc 586 ( 0 4) */ fxnor %f14,%f12,%f22
-/* 0x0600 587 ( 0 5) */ fmuld %f4,%f16,%f4
-/* 0x0604 588 ( 0 1) */ add %g2,2,%g2
-/* 0x0608 589 ( 0 1) */ add %o4,32,%o4
-/* 0x060c 590 ( 1 6) */ fitod %f9,%f24
-/* 0x0610 591 ( 1 6) */ fmuld %f0,%f16,%f20
-/* 0x0614 592 ( 1 2) */ add %o0,8,%o0
-/* 0x0618 593 ( 1 2) */ subcc %g2,%o1,%g0
-/* 0x061c 594 ( 2 6) */ ldd [%o0],%f12
-/* 0x0620 595 ( 2 7) */ fsubd %f18,%f2,%f0
-/* 0x0624 596 ( 2 3) */ add %o5,32,%o5
-/* 0x0628 597 ( 3 8) */ fsubd %f18,%f6,%f2
-/* 0x062c 598 ( 5 10) */ fdtox %f4,%f4
-/* 0x0630 599 ( 6 11) */ fdtox %f20,%f6
-/* 0x0634 600 ( 6 7) */ std %f4,[%o5-32]
-/* 0x0638 601 ( 7 12) */ fitod %f8,%f4
-/* 0x063c 602 ( 7 8) */ std %f6,[%o4-32]
-/* 0x0640 603 ( 8 12) */ fxnor %f14,%f10,%f8
-/* 0x0644 604 ( 8 13) */ fmuld %f2,%f16,%f6
-/* 0x0648 605 ( 9 14) */ fitod %f23,%f2
-/* 0x064c 606 ( 9 14) */ fmuld %f0,%f16,%f20
-/* 0x0650 607 ( 9 10) */ add %o0,8,%o0
-/* 0x0654 608 (10 14) */ ldd [%o0],%f10
-/* 0x0658 609 (10 15) */ fsubd %f18,%f24,%f0
-/* 0x065c 610 (12 17) */ fsubd %f18,%f4,%f4
-/* 0x0660 611 (13 18) */ fdtox %f6,%f6
-/* 0x0664 612 (14 19) */ fdtox %f20,%f20
-/* 0x0668 613 (14 15) */ std %f6,[%o5-16]
-/* 0x066c 614 (15 20) */ fitod %f22,%f6
-/* 0x0670 615 (15 16) */ ble,pt %icc,.L900000149 ! tprob=0.50
-/* 0x0674 (15 16) */ std %f20,[%o4-16]
-
-!
-! ENTRY .L900000152
-!
-
- .L900000152: /* frequency 1.0 confidence 0.0 */
-/* 0x0678 618 ( 0 4) */ fxnor %f14,%f12,%f12
-/* 0x067c 619 ( 0 5) */ fmuld %f0,%f16,%f22
-/* 0x0680 620 ( 0 1) */ add %o5,80,%o5
-/* 0x0684 621 ( 0 1) */ add %o4,80,%o4
-/* 0x0688 622 ( 1 5) */ fxnor %f14,%f10,%f0
-/* 0x068c 623 ( 1 6) */ fmuld %f4,%f16,%f24
-/* 0x0690 624 ( 1 2) */ subcc %g2,%o2,%g0
-/* 0x0694 625 ( 1 2) */ add %o0,8,%g5
-/* 0x0698 626 ( 2 7) */ fitod %f8,%f20
-/* 0x069c 627 ( 3 8) */ fitod %f9,%f8
-/* 0x06a0 628 ( 4 9) */ fsubd %f18,%f6,%f6
-/* 0x06a4 629 ( 5 10) */ fitod %f12,%f26
-/* 0x06a8 630 ( 6 11) */ fitod %f13,%f4
-/* 0x06ac 631 ( 7 12) */ fsubd %f18,%f2,%f12
-/* 0x06b0 632 ( 8 13) */ fitod %f0,%f2
-/* 0x06b4 633 ( 9 14) */ fitod %f1,%f0
-/* 0x06b8 634 (10 15) */ fsubd %f18,%f20,%f10
-/* 0x06bc 635 (10 15) */ fmuld %f6,%f16,%f20
-/* 0x06c0 636 (11 16) */ fsubd %f18,%f8,%f8
-/* 0x06c4 637 (12 17) */ fsubd %f18,%f26,%f6
-/* 0x06c8 638 (12 17) */ fmuld %f12,%f16,%f12
-/* 0x06cc 639 (13 18) */ fsubd %f18,%f4,%f4
-/* 0x06d0 640 (14 19) */ fsubd %f18,%f2,%f2
-/* 0x06d4 641 (15 20) */ fsubd %f18,%f0,%f0
-/* 0x06d8 642 (15 20) */ fmuld %f10,%f16,%f10
-/* 0x06dc 643 (16 21) */ fdtox %f24,%f24
-/* 0x06e0 644 (16 17) */ std %f24,[%o5-80]
-/* 0x06e4 645 (16 21) */ fmuld %f8,%f16,%f8
-/* 0x06e8 646 (17 22) */ fdtox %f22,%f22
-/* 0x06ec 647 (17 18) */ std %f22,[%o4-80]
-/* 0x06f0 648 (17 22) */ fmuld %f6,%f16,%f6
-/* 0x06f4 649 (18 23) */ fdtox %f20,%f20
-/* 0x06f8 650 (18 19) */ std %f20,[%o5-64]
-/* 0x06fc 651 (18 23) */ fmuld %f4,%f16,%f4
-/* 0x0700 652 (19 24) */ fdtox %f12,%f12
-/* 0x0704 653 (19 20) */ std %f12,[%o4-64]
-/* 0x0708 654 (19 24) */ fmuld %f2,%f16,%f2
-/* 0x070c 655 (20 25) */ fdtox %f10,%f10
-/* 0x0710 656 (20 21) */ std %f10,[%o5-48]
-/* 0x0714 657 (20 25) */ fmuld %f0,%f16,%f0
-/* 0x0718 658 (21 26) */ fdtox %f8,%f8
-/* 0x071c 659 (21 22) */ std %f8,[%o4-48]
-/* 0x0720 660 (22 27) */ fdtox %f6,%f6
-/* 0x0724 661 (22 23) */ std %f6,[%o5-32]
-/* 0x0728 662 (23 28) */ fdtox %f4,%f4
-/* 0x072c 663 (23 24) */ std %f4,[%o4-32]
-/* 0x0730 664 (24 29) */ fdtox %f2,%f2
-/* 0x0734 665 (24 25) */ std %f2,[%o5-16]
-/* 0x0738 666 (25 30) */ fdtox %f0,%f0
-/* 0x073c 667 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50
-/* 0x0740 (25 26) */ std %f0,[%o4-16]
-
-!
-! ENTRY .L77000077
-!
-
- .L77000077: /* frequency 1.0 confidence 0.0 */
-/* 0x0744 670 ( 0 4) */ ldd [%g5],%f0
-
-!
-! ENTRY .L900000160
-!
-
- .L900000160: /* frequency 1.0 confidence 0.0 */
-/* 0x0748 672 ( 0 4) */ fxnor %f14,%f0,%f0
-/* 0x074c 673 ( 0 1) */ add %g2,1,%g2
-/* 0x0750 674 ( 0 1) */ add %g5,8,%g5
-/* 0x0754 675 ( 1 2) */ subcc %g2,%o2,%g0
-/* 0x0758 676 ( 4 9) */ fitod %f0,%f2
-/* 0x075c 677 ( 5 10) */ fitod %f1,%f0
-/* 0x0760 678 ( 9 14) */ fsubd %f18,%f2,%f2
-/* 0x0764 679 (10 15) */ fsubd %f18,%f0,%f0
-/* 0x0768 680 (14 19) */ fmuld %f2,%f16,%f2
-/* 0x076c 681 (15 20) */ fmuld %f0,%f16,%f0
-/* 0x0770 682 (19 24) */ fdtox %f2,%f2
-/* 0x0774 683 (19 20) */ std %f2,[%o5]
-/* 0x0778 684 (19 20) */ add %o5,16,%o5
-/* 0x077c 685 (20 25) */ fdtox %f0,%f0
-/* 0x0780 686 (20 21) */ std %f0,[%o4]
-/* 0x0784 687 (20 21) */ add %o4,16,%o4
-/* 0x0788 688 (20 21) */ ble,a,pt %icc,.L900000160 ! tprob=0.50
-/* 0x078c (23 27) */ ldd [%g5],%f0
-
-!
-! ENTRY .L77000043
-!
-
- .L77000043: /* frequency 1.0 confidence 0.0 */
-/* 0x0790 696 ( 0 1) */ subcc %o3,0,%g0
-
-!
-! ENTRY .L900000161
-!
-
- .L900000161: /* frequency 1.0 confidence 0.0 */
-/* 0x0794 698 ( 0 1) */ ble,a,pt %icc,.L900000159 ! tprob=0.50
-/* 0x0798 ( 0 1) */ or %g0,%o7,%i0
-/* 0x079c 703 ( 0 2) */ ldx [%fp-2256],%o2
-/* 0x07a0 704 ( 0 1) */ or %g0,%i1,%g3
-/* 0x07a4 705 ( 1 2) */ sub %o3,1,%o5
-/* 0x07a8 706 ( 1 2) */ or %g0,0,%g4
-/* 0x07ac 707 ( 2 3) */ add %fp,-2264,%g5
-/* 0x07b0 708 ( 2 3) */ or %g0,%i0,%g2
-/* 0x07b4 709 ( 3 4) */ subcc %o3,6,%g0
-/* 0x07b8 710 ( 3 4) */ sub %o5,2,%o4
-/* 0x07bc 711 ( 3 4) */ bl,pn %icc,.L77000078 ! tprob=0.50
-/* 0x07c0 ( 3 5) */ ldx [%fp-2264],%o0
-/* 0x07c4 713 ( 4 6) */ ld [%g3],%o1
-/* 0x07c8 714 ( 4 5) */ add %g2,4,%g2
-/* 0x07cc 715 ( 4 5) */ or %g0,3,%g4
-/* 0x07d0 716 ( 5 7) */ ld [%g3+4],%o3
-/* 0x07d4 717 ( 5 6) */ add %g3,8,%g3
-/* 0x07d8 718 ( 5 6) */ add %fp,-2240,%g5
-/* 0x07dc 719 ( 6 7) */ add %o0,%o1,%o0
-/* 0x07e0 720 ( 6 8) */ ldx [%fp-2248],%o1
-/* 0x07e4 721 ( 7 8) */ st %o0,[%g2-4]
-/* 0x07e8 722 ( 7 8) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000145
-!
-
- .L900000145: /* frequency 1.0 confidence 0.0 */
-/* 0x07ec 724 ( 0 2) */ ld [%g3],%o7
-/* 0x07f0 725 ( 0 1) */ add %o2,%o3,%o2
-/* 0x07f4 726 ( 0 1) */ sra %o0,0,%o3
-/* 0x07f8 727 ( 1 3) */ ldx [%g5],%o0
-/* 0x07fc 728 ( 1 2) */ add %o2,%o3,%o2
-/* 0x0800 729 ( 1 2) */ add %g4,3,%g4
-/* 0x0804 730 ( 2 3) */ st %o2,[%g2]
-/* 0x0808 731 ( 2 3) */ srax %o2,32,%o3
-/* 0x080c 732 ( 2 3) */ subcc %g4,%o4,%g0
-/* 0x0810 733 ( 3 5) */ ld [%g3+4],%o2
-/* 0x0814 734 ( 4 5) */ stx %o2,[%sp+96]
-/* 0x0818 735 ( 4 5) */ add %o1,%o7,%o1
-/* 0x081c 736 ( 5 7) */ ldx [%g5+8],%o2
-/* 0x0820 737 ( 5 6) */ add %o1,%o3,%o1
-/* 0x0824 738 ( 5 6) */ add %g2,12,%g2
-/* 0x0828 739 ( 6 7) */ st %o1,[%g2-8]
-/* 0x082c 740 ( 6 7) */ srax %o1,32,%o7
-/* 0x0830 741 ( 6 7) */ add %g3,12,%g3
-/* 0x0834 742 ( 7 9) */ ld [%g3-4],%o3
-/* 0x0838 743 ( 8 10) */ ldx [%sp+96],%o1
-/* 0x083c 744 (10 11) */ add %o0,%o1,%o0
-/* 0x0840 745 (10 12) */ ldx [%g5+16],%o1
-/* 0x0844 746 (11 12) */ add %o0,%o7,%o0
-/* 0x0848 747 (11 12) */ add %g5,24,%g5
-/* 0x084c 748 (11 12) */ st %o0,[%g2-4]
-/* 0x0850 749 (11 12) */ ble,pt %icc,.L900000145 ! tprob=0.50
-/* 0x0854 (12 13) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000148
-!
-
- .L900000148: /* frequency 1.0 confidence 0.0 */
-/* 0x0858 752 ( 0 1) */ add %o2,%o3,%o2
-/* 0x085c 753 ( 0 1) */ sra %o0,0,%o3
-/* 0x0860 754 ( 0 2) */ ld [%g3],%o0
-/* 0x0864 755 ( 1 2) */ add %o2,%o3,%o3
-/* 0x0868 756 ( 1 2) */ add %g2,8,%g2
-/* 0x086c 757 ( 2 3) */ srax %o3,32,%o2
-/* 0x0870 758 ( 2 3) */ st %o3,[%g2-8]
-/* 0x0874 759 ( 2 3) */ add %o1,%o0,%o0
-/* 0x0878 760 ( 3 4) */ add %o0,%o2,%o0
-/* 0x087c 761 ( 3 4) */ st %o0,[%g2-4]
-/* 0x0880 762 ( 3 4) */ subcc %g4,%o5,%g0
-/* 0x0884 763 ( 3 4) */ bg,pn %icc,.L77000061 ! tprob=0.50
-/* 0x0888 ( 4 5) */ srax %o0,32,%o7
-/* 0x088c 765 ( 4 5) */ add %g3,4,%g3
-
-!
-! ENTRY .L77000078
-!
-
- .L77000078: /* frequency 1.0 confidence 0.0 */
-/* 0x0890 767 ( 0 2) */ ld [%g3],%o2
-
-!
-! ENTRY .L900000158
-!
-
- .L900000158: /* frequency 1.0 confidence 0.0 */
-/* 0x0894 769 ( 0 2) */ ldx [%g5],%o0
-/* 0x0898 770 ( 0 1) */ sra %o7,0,%o1
-/* 0x089c 771 ( 0 1) */ add %g4,1,%g4
-/* 0x08a0 772 ( 1 2) */ add %g3,4,%g3
-/* 0x08a4 773 ( 1 2) */ add %g5,8,%g5
-/* 0x08a8 774 ( 2 3) */ add %o0,%o2,%o0
-/* 0x08ac 775 ( 2 3) */ subcc %g4,%o5,%g0
-/* 0x08b0 776 ( 3 4) */ add %o0,%o1,%o0
-/* 0x08b4 777 ( 3 4) */ st %o0,[%g2]
-/* 0x08b8 778 ( 3 4) */ add %g2,4,%g2
-/* 0x08bc 779 ( 4 5) */ srax %o0,32,%o7
-/* 0x08c0 780 ( 4 5) */ ble,a,pt %icc,.L900000158 ! tprob=0.50
-/* 0x08c4 ( 4 6) */ ld [%g3],%o2
-
-!
-! ENTRY .L77000047
-!
-
- .L77000047: /* frequency 1.0 confidence 0.0 */
-/* 0x08c8 783 ( 0 1) */ or %g0,%o7,%i0
-/* 0x08cc ( 1 8) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x08d0 ( 3 5) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000048
-!
-
- .L77000048: /* frequency 1.0 confidence 0.0 */
-/* 0x08d4 794 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50
-/* 0x08d8 ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x08dc 796 ( 0 4) */ ldd [%g5],%f4
-/* 0x08e0 804 ( 0 1) */ srl %o1,19,%g3
-/* 0x08e4 805 ( 1 2) */ st %g3,[%sp+240]
-/* 0x08e8 806 ( 1 2) */ andn %o1,%g2,%g2
-/* 0x08ec 807 ( 2 6) */ ldd [%o0],%f8
-/* 0x08f0 808 ( 3 4) */ st %g2,[%sp+244]
-/* 0x08f4 809 ( 3 7) */ fxnor %f0,%f4,%f4
-/* 0x08f8 810 ( 4 8) */ ldd [%g5+8],%f6
-/* 0x08fc 814 ( 5 9) */ ldd [%o0+8],%f18
-/* 0x0900 815 ( 5 8) */ fmovs %f8,%f12
-/* 0x0904 816 ( 6 10) */ ldd [%g5+16],%f10
-/* 0x0908 817 ( 6 9) */ fmovs %f8,%f16
-/* 0x090c 818 ( 7 11) */ ldd [%g5+24],%f20
-/* 0x0910 819 ( 7 12) */ fitod %f4,%f14
-/* 0x0914 823 ( 8 10) */ ld [%i1],%g2
-/* 0x0918 824 ( 8 13) */ fitod %f5,%f4
-/* 0x091c 825 ( 9 11) */ ld [%sp+240],%f13
-/* 0x0920 826 ( 9 13) */ fxnor %f0,%f6,%f6
-/* 0x0924 827 (10 12) */ ld [%sp+244],%f17
-/* 0x0928 828 (10 14) */ fxnor %f0,%f10,%f10
-/* 0x092c 829 (11 13) */ ld [%i1+28],%o3
-/* 0x0930 830 (11 15) */ fxnor %f0,%f20,%f20
-/* 0x0934 831 (12 14) */ ld [%i1+4],%g3
-/* 0x0938 832 (12 17) */ fsubd %f12,%f8,%f12
-/* 0x093c 833 (13 14) */ stx %o3,[%sp+96]
-/* 0x0940 834 (13 18) */ fsubd %f18,%f14,%f14
-/* 0x0944 835 (14 16) */ ld [%i1+8],%g4
-/* 0x0948 836 (14 19) */ fsubd %f16,%f8,%f8
-/* 0x094c 837 (15 17) */ ld [%i1+12],%g5
-/* 0x0950 838 (15 20) */ fsubd %f18,%f4,%f4
-/* 0x0954 839 (16 18) */ ld [%i1+16],%o0
-/* 0x0958 840 (16 21) */ fitod %f6,%f22
-/* 0x095c 841 (17 19) */ ld [%i1+20],%o1
-/* 0x0960 842 (17 22) */ fitod %f7,%f6
-/* 0x0964 843 (18 20) */ ld [%i1+24],%o2
-/* 0x0968 844 (18 23) */ fitod %f10,%f16
-/* 0x096c 845 (18 23) */ fmuld %f14,%f12,%f24
-/* 0x0970 846 (19 24) */ fitod %f20,%f28
-/* 0x0974 847 (19 24) */ fmuld %f14,%f8,%f14
-/* 0x0978 848 (20 25) */ fitod %f11,%f10
-/* 0x097c 849 (20 25) */ fmuld %f4,%f12,%f26
-/* 0x0980 850 (21 26) */ fsubd %f18,%f22,%f22
-/* 0x0984 851 (21 26) */ fmuld %f4,%f8,%f4
-/* 0x0988 852 (22 27) */ fsubd %f18,%f6,%f6
-/* 0x098c 853 (23 28) */ fdtox %f24,%f24
-/* 0x0990 854 (23 24) */ std %f24,[%sp+224]
-/* 0x0994 855 (24 29) */ fdtox %f14,%f14
-/* 0x0998 856 (24 25) */ std %f14,[%sp+232]
-/* 0x099c 857 (25 30) */ fdtox %f26,%f14
-/* 0x09a0 858 (25 26) */ std %f14,[%sp+208]
-/* 0x09a4 859 (26 28) */ ldx [%sp+224],%o4
-/* 0x09a8 860 (26 31) */ fitod %f21,%f20
-/* 0x09ac 861 (26 31) */ fmuld %f22,%f12,%f30
-/* 0x09b0 862 (27 29) */ ldx [%sp+232],%o5
-/* 0x09b4 863 (27 32) */ fsubd %f18,%f16,%f16
-/* 0x09b8 864 (27 32) */ fmuld %f22,%f8,%f22
-/* 0x09bc 865 (28 29) */ sllx %o4,19,%o4
-/* 0x09c0 866 (28 33) */ fdtox %f4,%f4
-/* 0x09c4 867 (28 29) */ std %f4,[%sp+216]
-/* 0x09c8 868 (28 33) */ fmuld %f6,%f12,%f24
-/* 0x09cc 869 (29 34) */ fsubd %f18,%f28,%f26
-/* 0x09d0 870 (29 30) */ add %o5,%o4,%o4
-/* 0x09d4 871 (29 34) */ fmuld %f6,%f8,%f6
-/* 0x09d8 872 (30 35) */ fsubd %f18,%f10,%f10
-/* 0x09dc 873 (30 31) */ add %o4,%g2,%g2
-/* 0x09e0 874 (30 31) */ st %g2,[%i0]
-/* 0x09e4 875 (31 33) */ ldx [%sp+208],%o7
-/* 0x09e8 876 (31 32) */ srlx %g2,32,%o5
-/* 0x09ec 877 (31 36) */ fsubd %f18,%f20,%f18
-/* 0x09f0 878 (32 37) */ fdtox %f30,%f28
-/* 0x09f4 879 (32 33) */ std %f28,[%sp+192]
-/* 0x09f8 880 (32 37) */ fmuld %f16,%f12,%f14
-/* 0x09fc 881 (33 34) */ sllx %o7,19,%o4
-/* 0x0a00 882 (33 35) */ ldx [%sp+216],%o7
-/* 0x0a04 883 (33 38) */ fdtox %f22,%f20
-/* 0x0a08 884 (33 38) */ fmuld %f16,%f8,%f16
-/* 0x0a0c 885 (34 35) */ std %f20,[%sp+200]
-/* 0x0a10 886 (34 39) */ fdtox %f24,%f20
-/* 0x0a14 887 (34 39) */ fmuld %f26,%f12,%f22
-/* 0x0a18 888 (35 36) */ std %f20,[%sp+176]
-/* 0x0a1c 889 (35 36) */ add %o7,%o4,%o4
-/* 0x0a20 890 (35 40) */ fdtox %f6,%f6
-/* 0x0a24 891 (35 40) */ fmuld %f10,%f12,%f4
-/* 0x0a28 892 (36 38) */ ldx [%sp+192],%o3
-/* 0x0a2c 893 (36 37) */ add %o4,%g3,%g3
-/* 0x0a30 894 (36 41) */ fmuld %f10,%f8,%f10
-/* 0x0a34 895 (37 38) */ std %f6,[%sp+184]
-/* 0x0a38 896 (37 38) */ add %g3,%o5,%g3
-/* 0x0a3c 897 (37 42) */ fdtox %f14,%f6
-/* 0x0a40 898 (37 42) */ fmuld %f26,%f8,%f20
-/* 0x0a44 899 (38 40) */ ldx [%sp+200],%o4
-/* 0x0a48 900 (38 39) */ sllx %o3,19,%o3
-/* 0x0a4c 901 (38 39) */ srlx %g3,32,%o5
-/* 0x0a50 902 (38 43) */ fdtox %f16,%f14
-/* 0x0a54 903 (39 40) */ std %f6,[%sp+160]
-/* 0x0a58 904 (39 44) */ fmuld %f18,%f12,%f12
-/* 0x0a5c 905 (40 42) */ ldx [%sp+176],%o7
-/* 0x0a60 906 (40 41) */ add %o4,%o3,%o3
-/* 0x0a64 907 (40 45) */ fdtox %f4,%f16
-/* 0x0a68 908 (40 45) */ fmuld %f18,%f8,%f18
-/* 0x0a6c 909 (41 42) */ std %f14,[%sp+168]
-/* 0x0a70 910 (41 42) */ add %o3,%g4,%g4
-/* 0x0a74 911 (41 46) */ fdtox %f10,%f4
-/* 0x0a78 912 (42 44) */ ldx [%sp+184],%o3
-/* 0x0a7c 913 (42 43) */ sllx %o7,19,%o4
-/* 0x0a80 914 (42 43) */ add %g4,%o5,%g4
-/* 0x0a84 915 (42 47) */ fdtox %f22,%f14
-/* 0x0a88 916 (43 44) */ std %f16,[%sp+144]
-/* 0x0a8c 917 (43 44) */ srlx %g4,32,%o5
-/* 0x0a90 918 (43 48) */ fdtox %f20,%f6
-/* 0x0a94 919 (44 46) */ ldx [%sp+160],%o7
-/* 0x0a98 920 (44 45) */ add %o3,%o4,%o3
-/* 0x0a9c 921 (44 49) */ fdtox %f12,%f16
-/* 0x0aa0 922 (45 46) */ std %f4,[%sp+152]
-/* 0x0aa4 923 (45 46) */ add %o3,%g5,%g5
-/* 0x0aa8 924 (45 50) */ fdtox %f18,%f8
-/* 0x0aac 925 (46 48) */ ldx [%sp+168],%o3
-/* 0x0ab0 926 (46 47) */ sllx %o7,19,%o4
-/* 0x0ab4 927 (46 47) */ add %g5,%o5,%g5
-/* 0x0ab8 928 (47 48) */ std %f14,[%sp+128]
-/* 0x0abc 929 (47 48) */ srlx %g5,32,%o5
-/* 0x0ac0 930 (48 49) */ std %f6,[%sp+136]
-/* 0x0ac4 931 (48 49) */ add %o3,%o4,%o3
-/* 0x0ac8 932 (49 50) */ std %f16,[%sp+112]
-/* 0x0acc 933 (49 50) */ add %o3,%o0,%o0
-/* 0x0ad0 934 (50 52) */ ldx [%sp+144],%o7
-/* 0x0ad4 935 (50 51) */ add %o0,%o5,%o0
-/* 0x0ad8 936 (51 53) */ ldx [%sp+152],%o3
-/* 0x0adc 937 (52 53) */ std %f8,[%sp+120]
-/* 0x0ae0 938 (52 53) */ sllx %o7,19,%o4
-/* 0x0ae4 939 (52 53) */ srlx %o0,32,%o7
-/* 0x0ae8 940 (53 54) */ stx %o0,[%sp+104]
-/* 0x0aec 941 (53 54) */ add %o3,%o4,%o3
-/* 0x0af0 942 (54 56) */ ldx [%sp+128],%o5
-/* 0x0af4 943 (54 55) */ add %o3,%o1,%o1
-/* 0x0af8 944 (55 57) */ ldx [%sp+136],%o0
-/* 0x0afc 945 (55 56) */ add %o1,%o7,%o1
-/* 0x0b00 946 (56 57) */ st %g3,[%i0+4]
-/* 0x0b04 947 (56 57) */ sllx %o5,19,%o3
-/* 0x0b08 948 (57 59) */ ldx [%sp+112],%o4
-/* 0x0b0c 949 (57 58) */ add %o0,%o3,%o3
-/* 0x0b10 950 (58 60) */ ldx [%sp+120],%o0
-/* 0x0b14 951 (58 59) */ add %o3,%o2,%o2
-/* 0x0b18 952 (58 59) */ srlx %o1,32,%o3
-/* 0x0b1c 953 (59 60) */ st %o1,[%i0+20]
-/* 0x0b20 954 (59 60) */ sllx %o4,19,%g2
-/* 0x0b24 955 (59 60) */ add %o2,%o3,%o2
-/* 0x0b28 956 (60 62) */ ldx [%sp+96],%o4
-/* 0x0b2c 957 (60 61) */ srlx %o2,32,%g3
-/* 0x0b30 958 (60 61) */ add %o0,%g2,%g2
-/* 0x0b34 959 (61 63) */ ldx [%sp+104],%o0
-/* 0x0b38 960 (62 63) */ st %o2,[%i0+24]
-/* 0x0b3c 961 (62 63) */ add %g2,%o4,%g2
-/* 0x0b40 962 (63 64) */ st %o0,[%i0+16]
-/* 0x0b44 963 (63 64) */ add %g2,%g3,%g2
-/* 0x0b48 964 (64 65) */ st %g4,[%i0+8]
-/* 0x0b4c 968 (64 65) */ srlx %g2,32,%o7
-/* 0x0b50 969 (65 66) */ st %g5,[%i0+12]
-/* 0x0b54 970 (66 67) */ st %g2,[%i0+28]
-/* 0x0b58 971 (66 67) */ or %g0,%o7,%i0
-/* 0x0b5c (67 74) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0b60 (69 71) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000050
-!
-
- .L77000050: /* frequency 1.0 confidence 0.0 */
-/* 0x0b64 978 ( 0 1) */ subcc %o2,16,%g0
-/* 0x0b68 979 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50
-/* 0x0b6c ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x0b70 981 ( 1 5) */ ldd [%g5],%f4
-/* 0x0b74 982 ( 2 6) */ ldd [%g5+8],%f6
-/* 0x0b78 989 ( 2 3) */ andn %o1,%g2,%g2
-/* 0x0b7c 993 ( 2 3) */ srl %o1,19,%g3
-/* 0x0b80 994 ( 3 7) */ ldd [%g5+16],%f8
-/* 0x0b84 995 ( 4 8) */ fxnor %f0,%f4,%f4
-/* 0x0b88 996 ( 4 5) */ st %g2,[%sp+356]
-/* 0x0b8c 997 ( 5 9) */ ldd [%o0],%f20
-/* 0x0b90 998 ( 5 9) */ fxnor %f0,%f6,%f6
-/* 0x0b94 999 ( 6 7) */ st %g3,[%sp+352]
-/* 0x0b98 1000 ( 6 10) */ fxnor %f0,%f8,%f8
-/* 0x0b9c 1005 ( 7 11) */ ldd [%o0+8],%f30
-/* 0x0ba0 1006 ( 8 13) */ fitod %f4,%f22
-/* 0x0ba4 1007 ( 8 12) */ ldd [%g5+24],%f10
-/* 0x0ba8 1008 ( 9 12) */ fmovs %f20,%f24
-/* 0x0bac 1009 ( 9 13) */ ldd [%g5+32],%f12
-/* 0x0bb0 1010 (10 15) */ fitod %f5,%f4
-/* 0x0bb4 1011 (10 14) */ ldd [%g5+40],%f14
-/* 0x0bb8 1012 (11 14) */ fmovs %f20,%f26
-/* 0x0bbc 1013 (11 15) */ ldd [%g5+48],%f16
-/* 0x0bc0 1014 (12 14) */ ld [%sp+356],%f25
-/* 0x0bc4 1015 (12 17) */ fitod %f6,%f28
-/* 0x0bc8 1016 (13 15) */ ld [%sp+352],%f27
-/* 0x0bcc 1017 (13 18) */ fitod %f8,%f32
-/* 0x0bd0 1018 (14 19) */ fsubd %f30,%f22,%f22
-/* 0x0bd4 1019 (14 18) */ ldd [%g5+56],%f18
-/* 0x0bd8 1020 (15 20) */ fsubd %f24,%f20,%f24
-/* 0x0bdc 1021 (16 21) */ fsubd %f26,%f20,%f20
-/* 0x0be0 1022 (17 22) */ fsubd %f30,%f4,%f4
-/* 0x0be4 1023 (18 23) */ fsubd %f30,%f28,%f26
-/* 0x0be8 1024 (19 24) */ fitod %f7,%f6
-/* 0x0bec 1025 (20 25) */ fsubd %f30,%f32,%f28
-/* 0x0bf0 1026 (20 25) */ fmuld %f22,%f24,%f32
-/* 0x0bf4 1027 (21 26) */ fmuld %f22,%f20,%f22
-/* 0x0bf8 1028 (21 25) */ fxnor %f0,%f10,%f10
-/* 0x0bfc 1029 (22 27) */ fmuld %f4,%f24,%f44
-/* 0x0c00 1030 (22 27) */ fitod %f9,%f8
-/* 0x0c04 1031 (23 28) */ fmuld %f4,%f20,%f4
-/* 0x0c08 1032 (23 27) */ fxnor %f0,%f12,%f12
-/* 0x0c0c 1033 (24 29) */ fsubd %f30,%f6,%f6
-/* 0x0c10 1034 (24 29) */ fmuld %f26,%f24,%f46
-/* 0x0c14 1035 (25 30) */ fitod %f10,%f34
-/* 0x0c18 1036 (26 31) */ fdtox %f22,%f22
-/* 0x0c1c 1037 (26 27) */ std %f22,[%sp+336]
-/* 0x0c20 1038 (27 32) */ fmuld %f26,%f20,%f22
-/* 0x0c24 1039 (27 32) */ fdtox %f44,%f26
-/* 0x0c28 1040 (27 28) */ std %f26,[%sp+328]
-/* 0x0c2c 1041 (28 33) */ fdtox %f4,%f4
-/* 0x0c30 1042 (28 29) */ std %f4,[%sp+320]
-/* 0x0c34 1043 (29 34) */ fmuld %f6,%f24,%f26
-/* 0x0c38 1044 (29 34) */ fsubd %f30,%f8,%f8
-/* 0x0c3c 1045 (30 35) */ fdtox %f46,%f4
-/* 0x0c40 1046 (30 31) */ std %f4,[%sp+312]
-/* 0x0c44 1047 (31 36) */ fmuld %f28,%f24,%f4
-/* 0x0c48 1048 (31 36) */ fdtox %f32,%f32
-/* 0x0c4c 1049 (31 32) */ std %f32,[%sp+344]
-/* 0x0c50 1050 (32 37) */ fitod %f11,%f10
-/* 0x0c54 1051 (32 37) */ fmuld %f6,%f20,%f32
-/* 0x0c58 1052 (33 38) */ fsubd %f30,%f34,%f34
-/* 0x0c5c 1053 (34 39) */ fdtox %f22,%f6
-/* 0x0c60 1054 (34 35) */ std %f6,[%sp+304]
-/* 0x0c64 1058 (35 40) */ fitod %f12,%f36
-/* 0x0c68 1059 (35 40) */ fmuld %f28,%f20,%f6
-/* 0x0c6c 1060 (36 41) */ fdtox %f26,%f22
-/* 0x0c70 1061 (36 37) */ std %f22,[%sp+296]
-/* 0x0c74 1062 (37 42) */ fmuld %f8,%f24,%f22
-/* 0x0c78 1063 (37 42) */ fdtox %f4,%f4
-/* 0x0c7c 1064 (37 38) */ std %f4,[%sp+280]
-/* 0x0c80 1065 (38 43) */ fmuld %f8,%f20,%f8
-/* 0x0c84 1066 (38 43) */ fsubd %f30,%f10,%f10
-/* 0x0c88 1067 (39 44) */ fmuld %f34,%f24,%f4
-/* 0x0c8c 1068 (39 44) */ fitod %f13,%f12
-/* 0x0c90 1069 (40 45) */ fsubd %f30,%f36,%f36
-/* 0x0c94 1070 (41 46) */ fdtox %f6,%f6
-/* 0x0c98 1071 (41 42) */ std %f6,[%sp+272]
-/* 0x0c9c 1072 (42 46) */ fxnor %f0,%f14,%f14
-/* 0x0ca0 1073 (42 47) */ fmuld %f34,%f20,%f6
-/* 0x0ca4 1074 (43 48) */ fdtox %f22,%f22
-/* 0x0ca8 1075 (43 44) */ std %f22,[%sp+264]
-/* 0x0cac 1076 (44 49) */ fdtox %f8,%f8
-/* 0x0cb0 1077 (44 45) */ std %f8,[%sp+256]
-/* 0x0cb4 1078 (44 49) */ fmuld %f10,%f24,%f22
-/* 0x0cb8 1079 (45 50) */ fdtox %f4,%f4
-/* 0x0cbc 1080 (45 46) */ std %f4,[%sp+248]
-/* 0x0cc0 1081 (45 50) */ fmuld %f10,%f20,%f8
-/* 0x0cc4 1082 (46 51) */ fsubd %f30,%f12,%f4
-/* 0x0cc8 1083 (46 51) */ fmuld %f36,%f24,%f10
-/* 0x0ccc 1084 (47 52) */ fitod %f14,%f38
-/* 0x0cd0 1085 (48 53) */ fdtox %f6,%f6
-/* 0x0cd4 1086 (48 49) */ std %f6,[%sp+240]
-/* 0x0cd8 1087 (49 54) */ fdtox %f22,%f12
-/* 0x0cdc 1088 (49 50) */ std %f12,[%sp+232]
-/* 0x0ce0 1089 (49 54) */ fmuld %f36,%f20,%f6
-/* 0x0ce4 1090 (50 55) */ fdtox %f8,%f8
-/* 0x0ce8 1091 (50 51) */ std %f8,[%sp+224]
-/* 0x0cec 1092 (51 56) */ fdtox %f10,%f22
-/* 0x0cf0 1093 (51 52) */ std %f22,[%sp+216]
-/* 0x0cf4 1094 (51 56) */ fmuld %f4,%f24,%f8
-/* 0x0cf8 1095 (52 57) */ fitod %f15,%f14
-/* 0x0cfc 1096 (52 57) */ fmuld %f4,%f20,%f4
-/* 0x0d00 1097 (53 58) */ fsubd %f30,%f38,%f22
-/* 0x0d04 1098 (54 58) */ fxnor %f0,%f16,%f16
-/* 0x0d08 1099 (55 60) */ fdtox %f6,%f6
-/* 0x0d0c 1100 (55 56) */ std %f6,[%sp+208]
-/* 0x0d10 1101 (56 61) */ fdtox %f8,%f6
-/* 0x0d14 1102 (56 57) */ std %f6,[%sp+200]
-/* 0x0d18 1103 (57 62) */ fsubd %f30,%f14,%f10
-/* 0x0d1c 1104 (58 63) */ fitod %f16,%f40
-/* 0x0d20 1105 (58 63) */ fmuld %f22,%f24,%f6
-/* 0x0d24 1106 (59 64) */ fdtox %f4,%f4
-/* 0x0d28 1107 (59 60) */ std %f4,[%sp+192]
-/* 0x0d2c 1108 (60 65) */ fitod %f17,%f16
-/* 0x0d30 1109 (60 65) */ fmuld %f22,%f20,%f4
-/* 0x0d34 1110 (61 65) */ fxnor %f0,%f18,%f18
-/* 0x0d38 1111 (62 67) */ fdtox %f32,%f32
-/* 0x0d3c 1112 (62 63) */ std %f32,[%sp+288]
-/* 0x0d40 1113 (62 67) */ fmuld %f10,%f24,%f8
-/* 0x0d44 1114 (63 68) */ fdtox %f6,%f6
-/* 0x0d48 1115 (63 64) */ std %f6,[%sp+184]
-/* 0x0d4c 1116 (63 68) */ fmuld %f10,%f20,%f22
-/* 0x0d50 1117 (64 69) */ fsubd %f30,%f40,%f6
-/* 0x0d54 1118 (65 70) */ fdtox %f4,%f4
-/* 0x0d58 1119 (65 66) */ std %f4,[%sp+176]
-/* 0x0d5c 1120 (66 71) */ fsubd %f30,%f16,%f10
-/* 0x0d60 1121 (67 72) */ fdtox %f8,%f4
-/* 0x0d64 1122 (67 68) */ std %f4,[%sp+168]
-/* 0x0d68 1123 (68 73) */ fdtox %f22,%f4
-/* 0x0d6c 1124 (68 69) */ std %f4,[%sp+160]
-/* 0x0d70 1125 (69 74) */ fitod %f18,%f42
-/* 0x0d74 1126 (69 74) */ fmuld %f6,%f24,%f4
-/* 0x0d78 1127 (70 75) */ fmuld %f6,%f20,%f22
-/* 0x0d7c 1128 (71 76) */ fmuld %f10,%f24,%f6
-/* 0x0d80 1129 (72 77) */ fmuld %f10,%f20,%f8
-/* 0x0d84 1130 (74 79) */ fdtox %f4,%f4
-/* 0x0d88 1131 (74 75) */ std %f4,[%sp+152]
-/* 0x0d8c 1132 (75 80) */ fsubd %f30,%f42,%f4
-/* 0x0d90 1133 (76 81) */ fdtox %f6,%f6
-/* 0x0d94 1134 (76 77) */ std %f6,[%sp+136]
-/* 0x0d98 1135 (77 82) */ fdtox %f22,%f22
-/* 0x0d9c 1136 (77 78) */ std %f22,[%sp+144]
-/* 0x0da0 1137 (78 83) */ fdtox %f8,%f22
-/* 0x0da4 1138 (78 79) */ std %f22,[%sp+128]
-/* 0x0da8 1139 (79 84) */ fitod %f19,%f22
-/* 0x0dac 1140 (80 85) */ fmuld %f4,%f24,%f6
-/* 0x0db0 1141 (81 86) */ fmuld %f4,%f20,%f4
-/* 0x0db4 1142 (84 89) */ fsubd %f30,%f22,%f22
-/* 0x0db8 1143 (85 90) */ fdtox %f6,%f6
-/* 0x0dbc 1144 (85 86) */ std %f6,[%sp+120]
-/* 0x0dc0 1145 (86 91) */ fdtox %f4,%f4
-/* 0x0dc4 1146 (86 87) */ std %f4,[%sp+112]
-/* 0x0dc8 1150 (87 89) */ ldx [%sp+336],%g2
-/* 0x0dcc 1151 (88 90) */ ldx [%sp+344],%g3
-/* 0x0dd0 1152 (89 91) */ ld [%i1],%g4
-/* 0x0dd4 1153 (89 90) */ sllx %g2,19,%g2
-/* 0x0dd8 1154 (89 94) */ fmuld %f22,%f20,%f4
-/* 0x0ddc 1155 (90 92) */ ldx [%sp+328],%g5
-/* 0x0de0 1156 (90 91) */ add %g3,%g2,%g2
-/* 0x0de4 1157 (90 95) */ fmuld %f22,%f24,%f6
-/* 0x0de8 1158 (91 93) */ ldx [%sp+320],%g3
-/* 0x0dec 1159 (91 92) */ add %g2,%g4,%g4
-/* 0x0df0 1160 (92 94) */ ldx [%sp+304],%o0
-/* 0x0df4 1161 (93 94) */ st %g4,[%i0]
-/* 0x0df8 1162 (93 94) */ sllx %g3,19,%g2
-/* 0x0dfc 1163 (93 94) */ srlx %g4,32,%g4
-/* 0x0e00 1164 (94 96) */ ld [%i1+4],%g3
-/* 0x0e04 1165 (94 95) */ add %g5,%g2,%g2
-/* 0x0e08 1166 (94 99) */ fdtox %f4,%f4
-/* 0x0e0c 1167 (95 97) */ ldx [%sp+312],%g5
-/* 0x0e10 1168 (95 100) */ fdtox %f6,%f6
-/* 0x0e14 1169 (96 98) */ ldx [%sp+288],%o1
-/* 0x0e18 1170 (96 97) */ add %g2,%g3,%g2
-/* 0x0e1c 1171 (96 97) */ sllx %o0,19,%g3
-/* 0x0e20 1172 (97 99) */ ldx [%sp+272],%o2
-/* 0x0e24 1173 (97 98) */ add %g2,%g4,%g2
-/* 0x0e28 1174 (97 98) */ add %g5,%g3,%g3
-/* 0x0e2c 1175 (98 100) */ ld [%i1+8],%g4
-/* 0x0e30 1176 (98 99) */ srlx %g2,32,%o0
-/* 0x0e34 1177 (99 101) */ ldx [%sp+296],%g5
-/* 0x0e38 1178 (100 101) */ st %g2,[%i0+4]
-/* 0x0e3c 1179 (100 101) */ sllx %o2,19,%g2
-/* 0x0e40 1180 (100 101) */ add %g3,%g4,%g3
-/* 0x0e44 1181 (101 103) */ ldx [%sp+256],%o2
-/* 0x0e48 1182 (101 102) */ sllx %o1,19,%g4
-/* 0x0e4c 1183 (101 102) */ add %g3,%o0,%g3
-/* 0x0e50 1184 (102 104) */ ld [%i1+12],%o0
-/* 0x0e54 1185 (102 103) */ srlx %g3,32,%o1
-/* 0x0e58 1186 (102 103) */ add %g5,%g4,%g4
-/* 0x0e5c 1187 (103 105) */ ldx [%sp+280],%g5
-/* 0x0e60 1188 (104 105) */ st %g3,[%i0+8]
-/* 0x0e64 1189 (104 105) */ sllx %o2,19,%g3
-/* 0x0e68 1190 (104 105) */ add %g4,%o0,%g4
-/* 0x0e6c 1191 (105 107) */ ld [%i1+16],%o0
-/* 0x0e70 1192 (105 106) */ add %g5,%g2,%g2
-/* 0x0e74 1193 (105 106) */ add %g4,%o1,%g4
-/* 0x0e78 1194 (106 108) */ ldx [%sp+264],%g5
-/* 0x0e7c 1195 (106 107) */ srlx %g4,32,%o1
-/* 0x0e80 1196 (107 109) */ ldx [%sp+240],%o2
-/* 0x0e84 1197 (107 108) */ add %g2,%o0,%g2
-/* 0x0e88 1198 (108 110) */ ld [%i1+20],%o0
-/* 0x0e8c 1199 (108 109) */ add %g5,%g3,%g3
-/* 0x0e90 1200 (108 109) */ add %g2,%o1,%g2
-/* 0x0e94 1201 (109 111) */ ldx [%sp+248],%g5
-/* 0x0e98 1202 (109 110) */ srlx %g2,32,%o1
-/* 0x0e9c 1203 (110 111) */ st %g4,[%i0+12]
-/* 0x0ea0 1204 (110 111) */ sllx %o2,19,%g4
-/* 0x0ea4 1205 (110 111) */ add %g3,%o0,%g3
-/* 0x0ea8 1206 (111 113) */ ld [%i1+24],%o0
-/* 0x0eac 1207 (111 112) */ add %g5,%g4,%g4
-/* 0x0eb0 1208 (111 112) */ add %g3,%o1,%g3
-/* 0x0eb4 1209 (112 114) */ ldx [%sp+224],%o2
-/* 0x0eb8 1210 (112 113) */ srlx %g3,32,%o1
-/* 0x0ebc 1211 (113 115) */ ldx [%sp+232],%g5
-/* 0x0ec0 1212 (113 114) */ add %g4,%o0,%g4
-/* 0x0ec4 1213 (114 115) */ st %g2,[%i0+16]
-/* 0x0ec8 1214 (114 115) */ sllx %o2,19,%g2
-/* 0x0ecc 1215 (114 115) */ add %g4,%o1,%g4
-/* 0x0ed0 1216 (115 117) */ ld [%i1+28],%o0
-/* 0x0ed4 1217 (115 116) */ srlx %g4,32,%o1
-/* 0x0ed8 1218 (115 116) */ add %g5,%g2,%g2
-/* 0x0edc 1222 (116 118) */ ldx [%sp+208],%o2
-/* 0x0ee0 1223 (117 119) */ ldx [%sp+216],%g5
-/* 0x0ee4 1224 (117 118) */ add %g2,%o0,%g2
-/* 0x0ee8 1225 (118 119) */ st %g3,[%i0+20]
-/* 0x0eec 1226 (118 119) */ sllx %o2,19,%g3
-/* 0x0ef0 1227 (118 119) */ add %g2,%o1,%g2
-/* 0x0ef4 1228 (119 121) */ ld [%i1+32],%o0
-/* 0x0ef8 1229 (119 120) */ srlx %g2,32,%o1
-/* 0x0efc 1230 (119 120) */ add %g5,%g3,%g3
-/* 0x0f00 1231 (120 122) */ ldx [%sp+192],%o2
-/* 0x0f04 1232 (121 123) */ ldx [%sp+200],%g5
-/* 0x0f08 1233 (121 122) */ add %g3,%o0,%g3
-/* 0x0f0c 1234 (122 123) */ st %g4,[%i0+24]
-/* 0x0f10 1235 (122 123) */ sllx %o2,19,%g4
-/* 0x0f14 1236 (122 123) */ add %g3,%o1,%g3
-/* 0x0f18 1237 (123 125) */ ld [%i1+36],%o0
-/* 0x0f1c 1238 (123 124) */ srlx %g3,32,%o1
-/* 0x0f20 1239 (123 124) */ add %g5,%g4,%g4
-/* 0x0f24 1240 (124 126) */ ldx [%sp+176],%o2
-/* 0x0f28 1241 (125 127) */ ldx [%sp+184],%g5
-/* 0x0f2c 1242 (125 126) */ add %g4,%o0,%g4
-/* 0x0f30 1243 (126 127) */ st %g2,[%i0+28]
-/* 0x0f34 1244 (126 127) */ sllx %o2,19,%g2
-/* 0x0f38 1245 (126 127) */ add %g4,%o1,%g4
-/* 0x0f3c 1246 (127 129) */ ld [%i1+40],%o0
-/* 0x0f40 1247 (127 128) */ srlx %g4,32,%o1
-/* 0x0f44 1248 (127 128) */ add %g5,%g2,%g2
-/* 0x0f48 1249 (128 130) */ ldx [%sp+160],%o2
-/* 0x0f4c 1250 (129 131) */ ldx [%sp+168],%g5
-/* 0x0f50 1251 (129 130) */ add %g2,%o0,%g2
-/* 0x0f54 1252 (130 131) */ st %g3,[%i0+32]
-/* 0x0f58 1253 (130 131) */ sllx %o2,19,%g3
-/* 0x0f5c 1254 (130 131) */ add %g2,%o1,%g2
-/* 0x0f60 1255 (131 133) */ ld [%i1+44],%o0
-/* 0x0f64 1256 (131 132) */ srlx %g2,32,%o1
-/* 0x0f68 1257 (131 132) */ add %g5,%g3,%g3
-/* 0x0f6c 1258 (132 134) */ ldx [%sp+144],%o2
-/* 0x0f70 1259 (133 135) */ ldx [%sp+152],%g5
-/* 0x0f74 1260 (133 134) */ add %g3,%o0,%g3
-/* 0x0f78 1261 (134 135) */ st %g4,[%i0+36]
-/* 0x0f7c 1262 (134 135) */ sllx %o2,19,%g4
-/* 0x0f80 1263 (134 135) */ add %g3,%o1,%g3
-/* 0x0f84 1264 (135 137) */ ld [%i1+48],%o0
-/* 0x0f88 1265 (135 136) */ srlx %g3,32,%o1
-/* 0x0f8c 1266 (135 136) */ add %g5,%g4,%g4
-/* 0x0f90 1267 (136 138) */ ldx [%sp+128],%o2
-/* 0x0f94 1268 (137 139) */ ldx [%sp+136],%g5
-/* 0x0f98 1269 (137 138) */ add %g4,%o0,%g4
-/* 0x0f9c 1270 (138 139) */ std %f4,[%sp+96]
-/* 0x0fa0 1271 (138 139) */ add %g4,%o1,%g4
-/* 0x0fa4 1272 (139 140) */ st %g2,[%i0+40]
-/* 0x0fa8 1273 (139 140) */ sllx %o2,19,%g2
-/* 0x0fac 1274 (139 140) */ srlx %g4,32,%o1
-/* 0x0fb0 1275 (140 142) */ ld [%i1+52],%o0
-/* 0x0fb4 1276 (140 141) */ add %g5,%g2,%g2
-/* 0x0fb8 1277 (141 142) */ std %f6,[%sp+104]
-/* 0x0fbc 1278 (142 144) */ ldx [%sp+120],%g5
-/* 0x0fc0 1279 (142 143) */ add %g2,%o0,%g2
-/* 0x0fc4 1280 (143 144) */ st %g3,[%i0+44]
-/* 0x0fc8 1281 (143 144) */ add %g2,%o1,%g2
-/* 0x0fcc 1282 (144 146) */ ldx [%sp+112],%o2
-/* 0x0fd0 1283 (144 145) */ srlx %g2,32,%o1
-/* 0x0fd4 1284 (145 147) */ ld [%i1+56],%o0
-/* 0x0fd8 1285 (146 147) */ st %g4,[%i0+48]
-/* 0x0fdc 1286 (146 147) */ sllx %o2,19,%g3
-/* 0x0fe0 1287 (147 149) */ ldx [%sp+96],%o2
-/* 0x0fe4 1288 (147 148) */ add %g5,%g3,%g3
-/* 0x0fe8 1289 (148 150) */ ldx [%sp+104],%g5
-/* 0x0fec 1290 (148 149) */ add %g3,%o0,%g3
-/* 0x0ff0 1291 (149 151) */ ld [%i1+60],%o0
-/* 0x0ff4 1292 (149 150) */ sllx %o2,19,%g4
-/* 0x0ff8 1293 (149 150) */ add %g3,%o1,%g3
-/* 0x0ffc 1294 (150 151) */ st %g2,[%i0+52]
-/* 0x1000 1295 (150 151) */ srlx %g3,32,%o1
-/* 0x1004 1296 (150 151) */ add %g5,%g4,%g4
-/* 0x1008 1297 (151 152) */ st %g3,[%i0+56]
-/* 0x100c 1298 (151 152) */ add %g4,%o0,%g2
-/* 0x1010 1299 (152 153) */ add %g2,%o1,%g2
-/* 0x1014 1300 (152 153) */ st %g2,[%i0+60]
-/* 0x1018 1304 (153 154) */ srlx %g2,32,%o7
-
-!
-! ENTRY .L77000061
-!
-
- .L77000061: /* frequency 1.0 confidence 0.0 */
-/* 0x119c 1437 ( 0 1) */ or %g0,%o7,%i0
-
-!
-! ENTRY .L900000159
-!
-
- .L900000159: /* frequency 1.0 confidence 0.0 */
-/* 0x11a0 ( 0 7) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x11a4 ( 2 4) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000073
-!
-
- .L77000073: /* frequency 1.0 confidence 0.0 */
-
-
- or %g0, %i4, %o2
- or %g0, %o0, %o1
- or %g0, %i3, %o0
-
-!
-! ENTRY .L77000052
-!
-
- .L77000052: /* frequency 1.0 confidence 0.0 */
-/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2
-/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+96]
-/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3
-/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14
-/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2
-/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+92]
-/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5
-/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2
-/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6
-/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1800),%g1
-/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2
-/* 0x1054 1337 ( 3 4) */ xor %g1,-304,%g1
-/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20
-/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3
-/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8
-/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3
-/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10
-/* 0x106c 1343 ( 5 7) */ ld [%sp+96],%f9
-/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0
-/* 0x1074 1345 ( 6 8) */ ld [%sp+92],%f11
-/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1800),%g1
-/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1
-/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18
-/* 0x1084 1349 ( 7 8) */ xor %g1,-296,%g1
-/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4
-/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16
-/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50
-/* 0x1094 ( 8 9) */ subcc %o0,0,%g0
-/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2
-/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1800),%g1
-/* 0x10a0 1356 (10 11) */ xor %g1,-288,%g1
-/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0
-/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7
-/* 0x10ac 1359 (11 12) */ sethi %hi(0x1800),%g1
-/* 0x10b0 1360 (12 13) */ xor %g1,-280,%g1
-/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4
-/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50
-/* 0x10bc (13 14) */ sub %o3,2,%o2
-/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2
-/* 0x10c4 1365 (14 15) */ add %o1,16,%g5
-/* 0x10c8 1366 (14 15) */ or %g0,4,%g4
-/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0
-/* 0x10d0 1368 (15 16) */ add %o1,8,%o1
-/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6
-/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4
-/* 0x10dc 1371 (16 17) */ add %o1,16,%o1
-/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12
-/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0
-/* 0x10e8 1374 (17 18) */ add %o1,8,%o1
-/* 0x10ec 1375 (18 21) */ fitod %f7,%f2
-/* 0x10f0 1376 (19 22) */ fitod %f6,%f6
-/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10
-/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8
-/* 0x1100 1380 (23 26) */ fitod %f13,%f4
-/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6
-/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000154
-!
-
- .L990000154: /* frequency 1.0 confidence 0.0 */
-/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24
-/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4
-/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4
-/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22
-/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26
-/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0
-/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7
-/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28
-/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6
-/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2
-/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3
-/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0
-/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4
-/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2
-/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12
-/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6
-/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96]
-/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96]
-/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2
-/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6
-/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96]
-/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1
-/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12
-/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4
-/* 0x116c 1408 (10 11) */ std %f0,[%o4-96]
-/* 0x1170 1409 (11 14) */ ldd [%o1],%f0
-/* 0x1174 1410 (11 14) */ fitod %f9,%f2
-/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28
-/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24
-/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22
-/* 0x1184 1414 (13 16) */ fdtox %f4,%f4
-/* 0x1188 1415 (14 17) */ fitod %f10,%f6
-/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10
-/* 0x1190 1417 (15 18) */ fdtox %f24,%f24
-/* 0x1194 1418 (16 19) */ fdtox %f22,%f22
-/* 0x1198 1419 (16 17) */ std %f24,[%g3-64]
-/* 0x119c 1420 (17 18) */ std %f22,[%g2-64]
-/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10
-/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6
-/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64]
-/* 0x11ac 1424 (18 19) */ add %o1,8,%o1
-/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10
-/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0
-/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64]
-/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22
-/* 0x11c0 1429 (20 23) */ fitod %f13,%f4
-/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26
-/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24
-/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0
-/* 0x11d4 1434 (23 26) */ fitod %f8,%f6
-/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8
-/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26
-/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24
-/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32]
-/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32]
-/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8
-/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6
-/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32]
-/* 0x11f8 1443 (27 28) */ add %o1,8,%o1
-/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8
-/* 0x1200 1445 (28 29) */ std %f0,[%o4-32]
-/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50
-/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000157
-!
-
- .L990000157: /* frequency 1.0 confidence 0.0 */
-/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28
-/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24
-/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3
-/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12
-/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26
-/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2
-/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4
-/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22
-/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7
-/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6
-/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128]
-/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4
-/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2
-/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0
-/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6
-/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24
-/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10
-/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128]
-/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10
-/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128]
-/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26
-/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10
-/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2
-/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22
-/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12
-/* 0x1270 1474 (10 13) */ fdtox %f0,%f0
-/* 0x1274 1475 (10 11) */ std %f0,[%o4-128]
-/* 0x1278 1476 (11 14) */ fitod %f8,%f4
-/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6
-/* 0x1280 1478 (12 15) */ fdtox %f26,%f0
-/* 0x1284 1479 (12 13) */ std %f0,[%g3-96]
-/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10
-/* 0x128c 1481 (13 16) */ fdtox %f2,%f2
-/* 0x1290 1482 (13 14) */ std %f2,[%g2-96]
-/* 0x1294 1483 (14 17) */ fitod %f9,%f0
-/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2
-/* 0x129c 1485 (15 18) */ fdtox %f24,%f8
-/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96]
-/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4
-/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8
-/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12
-/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96]
-/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0
-/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6
-/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64]
-/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10
-/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64]
-/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6
-/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2
-/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64]
-/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4
-/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2
-/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8
-/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64]
-/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6
-/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32]
-/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0
-/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4
-/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32]
-/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2
-/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32]
-/* 0x1300 1510 (26 29) */ fdtox %f0,%f0
-/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50
-/* 0x1308 (26 27) */ std %f0,[%o4-32]
-
-!
-! ENTRY .L77000054
-!
-
- .L77000054: /* frequency 1.0 confidence 0.0 */
-/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0
-
-!
-! ENTRY .L990000161
-!
-
- .L990000161: /* frequency 1.0 confidence 0.0 */
-/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0
-/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4
-/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1
-/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0
-/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2
-/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0
-/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2
-/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0
-/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6
-/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4
-/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2
-/* 0x133c 1527 (11 14) */ fdtox %f6,%f6
-/* 0x1340 1528 (11 12) */ std %f6,[%g3]
-/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0
-/* 0x1348 1530 (12 15) */ fdtox %f4,%f4
-/* 0x134c 1531 (12 13) */ std %f4,[%g2]
-/* 0x1350 1532 (12 13) */ add %g2,32,%g2
-/* 0x1354 1533 (13 16) */ fdtox %f2,%f2
-/* 0x1358 1534 (13 14) */ std %f2,[%o7]
-/* 0x135c 1535 (13 14) */ add %o7,32,%o7
-/* 0x1360 1536 (14 17) */ fdtox %f0,%f0
-/* 0x1364 1537 (14 15) */ std %f0,[%o4]
-/* 0x1368 1538 (14 15) */ add %o4,32,%o4
-/* 0x136c 1539 (15 16) */ add %g3,32,%g3
-/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50
-/* 0x1374 (16 19) */ ldd [%o1],%f0
-
-!
-! ENTRY .L77000056
-!
-
- .L77000056: /* frequency 1.0 confidence 0.0 */
-/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0
-
-!
-! ENTRY .L990000162
-!
-
- .L990000162: /* frequency 1.0 confidence 0.0 */
-/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50
-/* 0x1380 ( 0 1) */ nop
-/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1800),%g1
-/* 0x1388 1556 ( 1 2) */ xor %g1,-304,%g1
-/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4
-/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5
-/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1800),%g1
-/* 0x1398 1560 ( 3 4) */ xor %g1,-296,%g1
-/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7
-/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2
-/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2
-/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3
-/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0
-/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50
-/* 0x13b4 ( 6 7) */ sethi %hi(0x1800),%g1
-/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2
-/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3
-/* 0x13c0 1570 ( 7 8) */ xor %g1,-264,%g1
-/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4
-/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2
-/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1800),%g1
-/* 0x13d0 1574 ( 9 10) */ xor %g1,-272,%g1
-/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2
-/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5
-/* 0x13dc 1577 (10 11) */ sethi %hi(0x1800),%g1
-/* 0x13e0 1578 (11 12) */ xor %g1,-296,%g1
-/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1
-/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1
-/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0
-/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1
-/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3
-/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0
-/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1
-/* 0x1400 1586 (16 17) */ add %g4,8,%g4
-/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3
-/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0
-/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2
-/* 0x1410 1590 (18 19) */ st %o0,[%g3-4]
-/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000142
-!
-
- .L990000142: /* frequency 1.0 confidence 0.0 */
-/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2
-/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2
-/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3
-/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5
-/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1
-/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0
-/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2
-/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0
-/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1
-/* 0x143c 1602 ( 4 5) */ st %o1,[%g3]
-/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5
-/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0
-/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1
-/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0
-/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3
-/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2
-/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0
-/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3
-/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1
-/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0
-/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12]
-/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5
-/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4
-/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0
-/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1
-/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2
-/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3
-/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2
-/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1
-/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0
-/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2
-/* 0x1494 1624 (12 13) */ st %o2,[%g3-8]
-/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5
-/* 0x149c 1626 (12 13) */ add %g5,64,%g5
-/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2
-/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0
-/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1
-/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0
-/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3
-/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2
-/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0
-/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4]
-/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50
-/* 0x14c4 (16 17) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000145
-!
-
- .L990000145: /* frequency 1.0 confidence 0.0 */
-/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3
-/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3
-/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2
-/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0
-/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0
-/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4]
-/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0
-/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50
-/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5
-
-!
-! ENTRY .L77000058
-!
-
- .L77000058: /* frequency 1.0 confidence 0.0 */
-/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2
-
-!
-! ENTRY .L990000160
-!
-
- .L990000160: /* frequency 1.0 confidence 0.0 */
-/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3
-/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0
-/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2
-/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1
-/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2
-/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2
-/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0
-/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5
-/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0
-/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4
-/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0
-/* 0x151c 1661 ( 4 5) */ st %o0,[%g3]
-/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0
-/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5
-/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3
-/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50
-/* 0x1530 ( 6 8) */ ldx [%g2],%o2
-
-!
-! ENTRY .L77770061
-!
-
- .L77770061: /* frequency 1.0 confidence 0.0 */
-/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0
-
-
-
-
-/* 0x11a8 1441 ( 0 0) */ .type mul_add,2
-/* 0x11a8 1442 ( 0 0) */ .size mul_add,(.-mul_add)
-/* 0x11a8 1445 ( 0 0) */ .align 16
-/* 0x11b0 1451 ( 0 0) */ .global mul_add_inp
-
-!
-! ENTRY mul_add_inp
-!
-
- .global mul_add_inp
- mul_add_inp: /* frequency 1.0 confidence 0.0 */
-/* 0x11b0 1453 ( 0 1) */ or %g0,%o2,%g1
-/* 0x11b4 1454 ( 0 1) */ or %g0,%o3,%o4
-/* 0x11b8 1455 ( 1 2) */ or %g0,%o0,%g3
-/* 0x11bc 1456 ( 1 2) */ or %g0,%o1,%g2
-/* 0x11c0 1466 ( 2 3) */ or %g0,%g1,%o3
-/* 0x11c4 1467 ( 2 3) */ or %g0,%g3,%o1
-/* 0x11c8 1468 ( 3 4) */ or %g0,%g2,%o2
-/* 0x11cc 1469 ( 3 4) */ or %g0,%o7,%g1
-/* 0x11d0 1470 ( 4 6) */ call mul_add ! params = ! Result =
-/* 0x11d4 ( 5 6) */ or %g0,%g1,%o7
-/* 0x11d8 1472 ( 0 0) */ .type mul_add_inp,2
-/* 0x11d8 1473 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp)
-
- .section ".data",#alloc,#write
-/* 0x11d8 6 ( 0 0) */ .align 8
-
-!
-! ENTRY mask_cnst
-!
-
- mask_cnst: /* frequency 1.0 confidence 0.0 */
-/* 0x11d8 8 ( 0 0) */ .word -2147483648
-/* 0x11dc 9 ( 0 0) */ .word -2147483648
-/* 0x11e0 10 ( 0 0) */ .type mask_cnst,#object
-/* 0x11e0 11 ( 0 0) */ .size mask_cnst,8
-
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv9.s b/security/nss/lib/freebl/mpi/mpv_sparcv9.s
deleted file mode 100644
index 1a7997e4a..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparcv9.s
+++ /dev/null
@@ -1,1673 +0,0 @@
-!/*
-! * The contents of this file are subject to the Mozilla Public
-! * License Version 1.1 (the "License"); you may not use this file
-! * except in compliance with the License. You may obtain a copy of
-! * the License at http://www.mozilla.org/MPL/
-! *
-! * Software distributed under the License is distributed on an "AS
-! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! * implied. See the License for the specific language governing
-! * rights and limitations under the License.
-! *
-! * The Original Code is a SPARC/VIS optimized multiply and add function
-! *
-! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! * Portions created by Sun Microsystems Inc. are
-! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-! *
-! * Contributor(s):
-! *
-! * Alternatively, the contents of this file may be used under the
-! * terms of the GNU General Public License Version 2 or later (the
-! * "GPL"), in which case the provisions of the GPL are applicable
-! * instead of those above. If you wish to allow use of your
-! * version of this file only under the terms of the GPL and not to
-! * allow others to use your version of this file under the MPL,
-! * indicate your decision by deleting the provisions above and
-! * replace them with the notice and other provisions required by
-! * the GPL. If you do not delete the provisions above, a recipient
-! * may use your version of this file under either the MPL or the
-! * GPL.
-! * $Id$
-! */
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .register %g2,#scratch
-/* 000000 ( 0 0) */ .register %g3,#scratch
-/* 000000 3 ( 0 0) */ .file "mpv_sparc.c"
-/* 000000 15 ( 0 0) */ .align 8
-!
-! SUBROUTINE .L_const_seg_900000101
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .L_const_seg_900000101: /* frequency 1.0 confidence 0.0 */
-/* 000000 20 ( 0 0) */ .word 1127219200,0
-/* 0x0008 21 ( 0 0) */ .word 1105199103,-4194304
-/* 0x0010 22 ( 0 0) */ .align 8
-/* 0x0010 28 ( 0 0) */ .global mul_add
-
-!
-! ENTRY mul_add
-!
-
- .global mul_add
- mul_add: /* frequency 1.0 confidence 0.0 */
-/* 0x0010 30 ( 0 1) */ sethi %hi(0x1c00),%g1
-/* 0x0014 31 ( 0 1) */ sethi %hi(mask_cnst),%g2
-/* 0x0018 32 ( 1 2) */ xor %g1,-48,%g1
-/* 0x001c 33 ( 1 2) */ add %g2,%lo(mask_cnst),%g2
-/* 0x0020 34 ( 2 3) */ save %sp,%g1,%sp
-
-!
-! ENTRY .L900000149
-!
-
- .L900000149: /* frequency 1.0 confidence 0.0 */
-/* 0x0024 36 ( 0 2) */ call (.+0x8) ! params = ! Result =
-/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
-/* 0x002c 178 ( 2 3) */ sethi %hi(.L_const_seg_900000101),%g3
-/* 0x0030 179 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
-/* 0x0034 180 ( 3 4) */ add %g3,%lo(.L_const_seg_900000101),%g3
-/* 0x0038 181 ( 3 4) */ add %g5,%o7,%o1
-/* 0x003c 182 ( 4 5) */ sethi %hi(0x80000),%g4
-/* 0x0040 183 ( 4 6) */ ldx [%o1+%g2],%g2
-/* 0x0044 184 ( 4 5) */ or %g0,%i2,%o2
-/* 0x0048 185 ( 5 6) */ subcc %i4,%g4,%g0
-/* 0x004c 186 ( 5 7) */ ldx [%o1+%g3],%o0
-/* 0x0050 187 ( 6 7) */ or %g0,%i0,%o7
-/* 0x0054 188 ( 6 7) */ or %g0,%i1,%o5
-/* 0x0058 189 ( 6 9) */ ldd [%g2],%f0
-/* 0x005c 190 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50
-/* 0x0060 ( 7 8) */ subcc %i3,8,%g0
-/* 0x0064 192 ( 7 8) */ bne,pn %icc,.L900000158 ! tprob=0.50
-/* 0x0068 ( 8 9) */ subcc %i3,16,%g0
-/* 0x006c 194 ( 9 12) */ ldd [%o2],%f4
-/* 0x0070 195 (10 11) */ st %i4,[%sp+2287]
-/* 0x0074 196 (11 14) */ ldd [%o0],%f8
-/* 0x0078 197 (11 13) */ fxnor %f0,%f4,%f4
-/* 0x007c 198 (12 15) */ ldd [%o2+8],%f10
-/* 0x0080 199 (13 16) */ fitod %f4,%f12
-/* 0x0084 200 (13 16) */ ldd [%o0+8],%f14
-/* 0x0088 201 (14 17) */ ld [%sp+2287],%f7
-/* 0x008c 202 (14 17) */ fitod %f5,%f4
-/* 0x0090 203 (15 17) */ fxnor %f0,%f10,%f10
-/* 0x0094 204 (15 18) */ ldd [%o2+16],%f16
-/* 0x0098 205 (16 19) */ ldd [%o2+24],%f18
-/* 0x009c 206 (17 20) */ fsubd %f14,%f4,%f4
-/* 0x00a0 210 (17 20) */ ld [%i1],%g2
-/* 0x00a4 211 (18 20) */ fxnor %f0,%f16,%f16
-/* 0x00a8 212 (18 21) */ ld [%i1+4],%g3
-/* 0x00ac 213 (19 22) */ ld [%i1+8],%g4
-/* 0x00b0 214 (20 23) */ fitod %f16,%f20
-/* 0x00b4 215 (20 23) */ ld [%i1+16],%o0
-/* 0x00b8 216 (21 24) */ ld [%i1+12],%g5
-/* 0x00bc 217 (22 25) */ ld [%i1+20],%o1
-/* 0x00c0 218 (23 26) */ ld [%i1+24],%o2
-/* 0x00c4 219 (24 25) */ fmovs %f8,%f6
-/* 0x00c8 220 (24 27) */ ld [%i1+28],%o3
-/* 0x00cc 221 (26 29) */ fsubd %f6,%f8,%f6
-/* 0x00d0 222 (27 30) */ fsubd %f14,%f12,%f8
-/* 0x00d4 223 (28 31) */ fitod %f10,%f12
-/* 0x00d8 224 (29 32) */ fmuld %f4,%f6,%f4
-/* 0x00dc 225 (29 32) */ fitod %f11,%f10
-/* 0x00e0 226 (30 33) */ fmuld %f8,%f6,%f8
-/* 0x00e4 227 (31 34) */ fsubd %f14,%f12,%f12
-/* 0x00e8 228 (32 35) */ fdtox %f4,%f4
-/* 0x00ec 229 (32 33) */ std %f4,[%sp+2271]
-/* 0x00f0 230 (33 36) */ fdtox %f8,%f8
-/* 0x00f4 231 (33 34) */ std %f8,[%sp+2279]
-/* 0x00f8 232 (34 37) */ fmuld %f12,%f6,%f12
-/* 0x00fc 233 (34 37) */ fsubd %f14,%f10,%f10
-/* 0x0100 234 (35 38) */ fsubd %f14,%f20,%f4
-/* 0x0104 235 (36 39) */ fitod %f17,%f8
-/* 0x0108 236 (37 39) */ fxnor %f0,%f18,%f16
-/* 0x010c 237 (37 39) */ ldx [%sp+2279],%o4
-/* 0x0110 238 (37 40) */ fmuld %f10,%f6,%f10
-/* 0x0114 239 (38 41) */ fdtox %f12,%f12
-/* 0x0118 240 (38 39) */ std %f12,[%sp+2263]
-/* 0x011c 241 (38 41) */ fmuld %f4,%f6,%f4
-/* 0x0120 242 (39 42) */ fitod %f16,%f18
-/* 0x0124 243 (39 40) */ add %o4,%g2,%g2
-/* 0x0128 244 (39 40) */ st %g2,[%i0]
-/* 0x012c 245 (40 42) */ ldx [%sp+2271],%o4
-/* 0x0130 246 (40 43) */ fsubd %f14,%f8,%f8
-/* 0x0134 247 (40 41) */ srax %g2,32,%o5
-/* 0x0138 248 (41 44) */ fdtox %f10,%f10
-/* 0x013c 249 (41 42) */ std %f10,[%sp+2255]
-/* 0x0140 250 (42 45) */ fdtox %f4,%f4
-/* 0x0144 251 (42 43) */ std %f4,[%sp+2247]
-/* 0x0148 252 (42 43) */ add %o4,%g3,%o4
-/* 0x014c 253 (43 46) */ fitod %f17,%f12
-/* 0x0150 254 (43 45) */ ldx [%sp+2263],%g2
-/* 0x0154 255 (43 44) */ add %o4,%o5,%g3
-/* 0x0158 256 (43 46) */ fmuld %f8,%f6,%f8
-/* 0x015c 257 (44 47) */ fsubd %f14,%f18,%f10
-/* 0x0160 258 (44 45) */ st %g3,[%i0+4]
-/* 0x0164 259 (44 45) */ srax %g3,32,%g3
-/* 0x0168 260 (45 46) */ add %g2,%g4,%g4
-/* 0x016c 261 (45 47) */ ldx [%sp+2255],%g2
-/* 0x0170 262 (46 49) */ fsubd %f14,%f12,%f4
-/* 0x0174 263 (46 47) */ add %g4,%g3,%g3
-/* 0x0178 264 (46 48) */ ldx [%sp+2247],%g4
-/* 0x017c 265 (47 50) */ fmuld %f10,%f6,%f10
-/* 0x0180 266 (47 50) */ fdtox %f8,%f8
-/* 0x0184 267 (47 48) */ std %f8,[%sp+2239]
-/* 0x0188 268 (48 49) */ add %g4,%o0,%g4
-/* 0x018c 269 (48 49) */ add %g2,%g5,%g2
-/* 0x0190 270 (48 49) */ st %g3,[%i0+8]
-/* 0x0194 271 (49 52) */ fmuld %f4,%f6,%f4
-/* 0x0198 272 (49 50) */ srax %g3,32,%o0
-/* 0x019c 273 (49 51) */ ldx [%sp+2239],%g5
-/* 0x01a0 274 (50 53) */ fdtox %f10,%f6
-/* 0x01a4 275 (50 51) */ std %f6,[%sp+2231]
-/* 0x01a8 276 (50 51) */ add %g2,%o0,%g2
-/* 0x01ac 277 (51 52) */ srax %g2,32,%g3
-/* 0x01b0 278 (51 52) */ add %g5,%o1,%o1
-/* 0x01b4 279 (51 52) */ st %g2,[%i0+12]
-/* 0x01b8 280 (52 55) */ fdtox %f4,%f4
-/* 0x01bc 281 (52 53) */ std %f4,[%sp+2223]
-/* 0x01c0 282 (52 53) */ add %g4,%g3,%g3
-/* 0x01c4 283 (53 54) */ srax %g3,32,%g4
-/* 0x01c8 284 (53 54) */ st %g3,[%i0+16]
-/* 0x01cc 285 (54 56) */ ldx [%sp+2231],%o0
-/* 0x01d0 286 (54 55) */ add %o1,%g4,%g4
-/* 0x01d4 287 (55 56) */ srax %g4,32,%g2
-/* 0x01d8 288 (55 57) */ ldx [%sp+2223],%g5
-/* 0x01dc 289 (56 57) */ add %o0,%o2,%o2
-/* 0x01e0 290 (56 57) */ st %g4,[%i0+20]
-/* 0x01e4 291 (57 58) */ add %o2,%g2,%g2
-/* 0x01e8 292 (57 58) */ add %g5,%o3,%g5
-/* 0x01ec 293 (57 58) */ st %g2,[%i0+24]
-/* 0x01f0 294 (58 59) */ srax %g2,32,%g3
-/* 0x01f4 295 (59 60) */ add %g5,%g3,%g2
-/* 0x01f8 296 (59 60) */ st %g2,[%i0+28]
-/* 0x01fc 300 (60 61) */ srax %g2,32,%o3
-/* 0x0200 301 (61 62) */ srl %o3,0,%i0
-/* 0x0204 (62 64) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0208 (64 65) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L900000158
-!
-
- .L900000158: /* frequency 1.0 confidence 0.0 */
-/* 0x020c 308 ( 0 1) */ bne,a,pn %icc,.L900000157 ! tprob=0.50
-/* 0x0210 ( 0 1) */ st %i4,[%sp+2223]
-/* 0x0214 315 ( 1 4) */ ldd [%o2],%f4
-/* 0x0218 316 ( 2 3) */ st %i4,[%sp+2351]
-/* 0x021c 317 ( 3 6) */ ldd [%o0],%f8
-/* 0x0220 318 ( 3 5) */ fxnor %f0,%f4,%f4
-/* 0x0224 319 ( 4 7) */ ldd [%o2+8],%f10
-/* 0x0228 320 ( 5 8) */ ldd [%o0+8],%f14
-/* 0x022c 321 ( 5 8) */ fitod %f4,%f12
-/* 0x0230 322 ( 6 9) */ ld [%sp+2351],%f7
-/* 0x0234 323 ( 6 8) */ fxnor %f0,%f10,%f10
-/* 0x0238 324 ( 7 10) */ ldd [%o2+16],%f16
-/* 0x023c 325 ( 7 10) */ fitod %f5,%f4
-/* 0x0240 326 ( 8 11) */ ldd [%o2+24],%f18
-/* 0x0244 330 ( 9 12) */ ldd [%o2+32],%f20
-/* 0x0248 331 ( 9 11) */ fxnor %f0,%f16,%f16
-/* 0x024c 335 (10 13) */ ld [%i1],%g2
-/* 0x0250 336 (10 13) */ fsubd %f14,%f4,%f4
-/* 0x0254 337 (11 14) */ ldd [%o2+40],%f22
-/* 0x0258 338 (11 14) */ fitod %f16,%f28
-/* 0x025c 339 (12 15) */ ld [%i1+4],%g3
-/* 0x0260 340 (13 16) */ ld [%i1+8],%g4
-/* 0x0264 341 (13 15) */ fxnor %f0,%f22,%f22
-/* 0x0268 342 (14 17) */ ld [%i1+12],%g5
-/* 0x026c 343 (15 18) */ ld [%i1+16],%o0
-/* 0x0270 344 (16 19) */ ldd [%o2+48],%f24
-/* 0x0274 345 (17 20) */ ld [%i1+20],%o1
-/* 0x0278 346 (17 18) */ fmovs %f8,%f6
-/* 0x027c 347 (18 21) */ ldd [%o2+56],%f26
-/* 0x0280 348 (19 22) */ ld [%i1+24],%o2
-/* 0x0284 349 (19 22) */ fsubd %f6,%f8,%f6
-/* 0x0288 350 (20 23) */ ld [%i1+28],%o3
-/* 0x028c 351 (20 23) */ fsubd %f14,%f12,%f8
-/* 0x0290 355 (21 24) */ ld [%i1+32],%o4
-/* 0x0294 356 (21 24) */ fitod %f10,%f12
-/* 0x0298 357 (22 25) */ ld [%i1+36],%o7
-/* 0x029c 358 (22 25) */ fitod %f11,%f10
-/* 0x02a0 359 (22 25) */ fmuld %f4,%f6,%f4
-/* 0x02a4 360 (23 26) */ ld [%i1+40],%l1
-/* 0x02a8 361 (23 26) */ fmuld %f8,%f6,%f8
-/* 0x02ac 362 (24 27) */ ld [%i1+56],%l5
-/* 0x02b0 363 (24 27) */ fsubd %f14,%f12,%f12
-/* 0x02b4 364 (25 28) */ fsubd %f14,%f10,%f10
-/* 0x02b8 365 (26 29) */ fdtox %f8,%f8
-/* 0x02bc 366 (26 27) */ std %f8,[%sp+2343]
-/* 0x02c0 367 (27 30) */ fitod %f17,%f8
-/* 0x02c4 368 (27 30) */ fmuld %f12,%f6,%f12
-/* 0x02c8 369 (28 31) */ fdtox %f4,%f4
-/* 0x02cc 370 (28 29) */ std %f4,[%sp+2335]
-/* 0x02d0 371 (28 31) */ fmuld %f10,%f6,%f10
-/* 0x02d4 372 (29 31) */ fxnor %f0,%f18,%f16
-/* 0x02d8 373 (30 33) */ fdtox %f12,%f12
-/* 0x02dc 374 (30 31) */ std %f12,[%sp+2327]
-/* 0x02e0 375 (31 33) */ ldx [%sp+2343],%o5
-/* 0x02e4 376 (31 34) */ fsubd %f14,%f8,%f8
-/* 0x02e8 377 (32 35) */ fsubd %f14,%f28,%f4
-/* 0x02ec 378 (33 36) */ fitod %f17,%f12
-/* 0x02f0 379 (33 34) */ add %o5,%g2,%g2
-/* 0x02f4 380 (33 34) */ st %g2,[%i0]
-/* 0x02f8 381 (34 36) */ ldx [%sp+2335],%o5
-/* 0x02fc 382 (34 37) */ fitod %f16,%f18
-/* 0x0300 383 (34 35) */ srax %g2,32,%l0
-/* 0x0304 384 (35 37) */ fxnor %f0,%f20,%f16
-/* 0x0308 385 (35 38) */ fmuld %f8,%f6,%f20
-/* 0x030c 386 (36 39) */ fdtox %f10,%f10
-/* 0x0310 387 (36 37) */ std %f10,[%sp+2319]
-/* 0x0314 388 (36 37) */ add %o5,%g3,%g3
-/* 0x0318 389 (36 39) */ fmuld %f4,%f6,%f4
-/* 0x031c 390 (37 40) */ fitod %f16,%f8
-/* 0x0320 391 (37 38) */ add %g3,%l0,%g3
-/* 0x0324 392 (37 38) */ st %g3,[%i0+4]
-/* 0x0328 393 (38 40) */ ldx [%sp+2327],%o5
-/* 0x032c 394 (38 41) */ fsubd %f14,%f18,%f18
-/* 0x0330 395 (38 39) */ srax %g3,32,%l3
-/* 0x0334 396 (39 41) */ ldx [%sp+2319],%l2
-/* 0x0338 397 (39 42) */ fdtox %f4,%f4
-/* 0x033c 398 (40 41) */ std %f4,[%sp+2311]
-/* 0x0340 399 (40 43) */ fdtox %f20,%f20
-/* 0x0344 400 (40 41) */ add %o5,%g4,%g4
-/* 0x0348 401 (41 42) */ std %f20,[%sp+2303]
-/* 0x034c 402 (41 44) */ fsubd %f14,%f12,%f4
-/* 0x0350 403 (41 42) */ add %g4,%l3,%g4
-/* 0x0354 404 (41 44) */ fmuld %f18,%f6,%f18
-/* 0x0358 405 (42 43) */ st %g4,[%i0+8]
-/* 0x035c 406 (42 45) */ fitod %f17,%f16
-/* 0x0360 407 (42 43) */ srax %g4,32,%l4
-/* 0x0364 408 (43 46) */ ld [%i1+44],%l0
-/* 0x0368 409 (43 46) */ fsubd %f14,%f8,%f20
-/* 0x036c 410 (43 44) */ add %l2,%g5,%l2
-/* 0x0370 411 (44 46) */ ldx [%sp+2311],%g5
-/* 0x0374 412 (44 47) */ fitod %f22,%f8
-/* 0x0378 413 (44 45) */ add %l2,%l4,%l2
-/* 0x037c 414 (44 47) */ fmuld %f4,%f6,%f4
-/* 0x0380 415 (45 46) */ st %l2,[%i0+12]
-/* 0x0384 416 (45 48) */ fsubd %f14,%f16,%f10
-/* 0x0388 417 (46 49) */ ld [%i1+52],%l3
-/* 0x038c 418 (46 49) */ fdtox %f18,%f18
-/* 0x0390 419 (46 47) */ add %g5,%o0,%l4
-/* 0x0394 420 (46 49) */ fmuld %f20,%f6,%f12
-/* 0x0398 421 (47 48) */ std %f18,[%sp+2295]
-/* 0x039c 422 (47 48) */ srax %l2,32,%o0
-/* 0x03a0 423 (47 50) */ fitod %f23,%f16
-/* 0x03a4 424 (48 51) */ ld [%i1+48],%o5
-/* 0x03a8 425 (48 51) */ fsubd %f14,%f8,%f8
-/* 0x03ac 426 (48 49) */ add %l4,%o0,%l4
-/* 0x03b0 427 (49 50) */ st %l4,[%i0+16]
-/* 0x03b4 428 (49 50) */ srax %l4,32,%o0
-/* 0x03b8 429 (49 51) */ fxnor %f0,%f24,%f18
-/* 0x03bc 430 (50 52) */ ldx [%sp+2303],%g5
-/* 0x03c0 431 (50 53) */ fdtox %f4,%f4
-/* 0x03c4 432 (51 52) */ std %f4,[%sp+2287]
-/* 0x03c8 433 (51 54) */ fdtox %f12,%f12
-/* 0x03cc 434 (51 54) */ fmuld %f10,%f6,%f4
-/* 0x03d0 435 (52 53) */ std %f12,[%sp+2279]
-/* 0x03d4 436 (52 55) */ fsubd %f14,%f16,%f12
-/* 0x03d8 437 (52 53) */ add %g5,%o1,%g2
-/* 0x03dc 438 (52 55) */ fmuld %f8,%f6,%f8
-/* 0x03e0 439 (53 55) */ ldx [%sp+2295],%g5
-/* 0x03e4 440 (53 56) */ fitod %f18,%f10
-/* 0x03e8 441 (53 54) */ add %g2,%o0,%g2
-/* 0x03ec 442 (54 55) */ st %g2,[%i0+20]
-/* 0x03f0 443 (54 57) */ fitod %f19,%f16
-/* 0x03f4 444 (54 55) */ srax %g2,32,%o0
-/* 0x03f8 445 (55 58) */ fdtox %f8,%f8
-/* 0x03fc 446 (55 56) */ std %f8,[%sp+2263]
-/* 0x0400 447 (55 56) */ add %g5,%o2,%g3
-/* 0x0404 448 (56 58) */ ldx [%sp+2287],%g5
-/* 0x0408 449 (56 59) */ fsubd %f14,%f10,%f10
-/* 0x040c 450 (56 57) */ add %g3,%o0,%g3
-/* 0x0410 451 (57 58) */ st %g3,[%i0+24]
-/* 0x0414 452 (57 60) */ fsubd %f14,%f16,%f8
-/* 0x0418 453 (57 58) */ srax %g3,32,%o0
-/* 0x041c 454 (58 61) */ fdtox %f4,%f4
-/* 0x0420 455 (58 59) */ std %f4,[%sp+2271]
-/* 0x0424 456 (58 59) */ add %g5,%o3,%g4
-/* 0x0428 457 (59 61) */ fxnor %f0,%f26,%f18
-/* 0x042c 458 (59 62) */ fmuld %f12,%f6,%f4
-/* 0x0430 459 (59 60) */ add %g4,%o0,%g4
-/* 0x0434 460 (60 61) */ st %g4,[%i0+28]
-/* 0x0438 461 (60 63) */ fmuld %f10,%f6,%f10
-/* 0x043c 462 (60 61) */ srax %g4,32,%o0
-/* 0x0440 463 (61 63) */ ldx [%sp+2279],%g5
-/* 0x0444 464 (61 64) */ fitod %f18,%f12
-/* 0x0448 465 (61 64) */ fmuld %f8,%f6,%f8
-/* 0x044c 466 (62 65) */ fdtox %f4,%f4
-/* 0x0450 467 (62 63) */ std %f4,[%sp+2255]
-/* 0x0454 468 (63 64) */ add %g5,%o4,%l2
-/* 0x0458 469 (63 65) */ ldx [%sp+2271],%g5
-/* 0x045c 470 (63 66) */ fdtox %f10,%f16
-/* 0x0460 471 (64 67) */ fsubd %f14,%f12,%f4
-/* 0x0464 472 (64 65) */ std %f16,[%sp+2247]
-/* 0x0468 473 (64 65) */ add %l2,%o0,%l2
-/* 0x046c 474 (65 68) */ fdtox %f8,%f8
-/* 0x0470 475 (65 66) */ std %f8,[%sp+2239]
-/* 0x0474 476 (65 66) */ add %g5,%o7,%l4
-/* 0x0478 477 (66 69) */ fitod %f19,%f10
-/* 0x047c 478 (66 68) */ ldx [%sp+2263],%g5
-/* 0x0480 479 (66 67) */ srax %l2,32,%o0
-/* 0x0484 480 (67 68) */ add %l4,%o0,%l4
-/* 0x0488 481 (67 70) */ fmuld %f4,%f6,%f4
-/* 0x048c 482 (67 69) */ ldx [%sp+2255],%o0
-/* 0x0490 483 (68 69) */ srax %l4,32,%o1
-/* 0x0494 484 (68 69) */ add %g5,%l1,%l1
-/* 0x0498 485 (68 69) */ st %l2,[%i0+32]
-/* 0x049c 486 (69 72) */ fsubd %f14,%f10,%f8
-/* 0x04a0 487 (69 71) */ ldx [%sp+2239],%o3
-/* 0x04a4 488 (69 70) */ add %l1,%o1,%o1
-/* 0x04a8 489 (70 72) */ ldx [%sp+2247],%g5
-/* 0x04ac 490 (70 71) */ srax %o1,32,%o2
-/* 0x04b0 491 (70 71) */ add %o0,%l0,%o0
-/* 0x04b4 492 (71 74) */ fdtox %f4,%f4
-/* 0x04b8 493 (71 72) */ std %f4,[%sp+2231]
-/* 0x04bc 494 (71 72) */ add %o0,%o2,%o2
-/* 0x04c0 495 (72 73) */ add %o3,%l3,%l3
-/* 0x04c4 496 (72 75) */ fmuld %f8,%f6,%f4
-/* 0x04c8 497 (72 73) */ add %g5,%o5,%g5
-/* 0x04cc 498 (73 74) */ srax %o2,32,%o3
-/* 0x04d0 499 (73 74) */ st %l4,[%i0+36]
-/* 0x04d4 500 (74 75) */ add %g5,%o3,%g2
-/* 0x04d8 501 (74 76) */ ldx [%sp+2231],%o0
-/* 0x04dc 502 (75 76) */ srax %g2,32,%g3
-/* 0x04e0 503 (75 78) */ fdtox %f4,%f4
-/* 0x04e4 504 (75 76) */ std %f4,[%sp+2223]
-/* 0x04e8 505 (76 77) */ st %o1,[%i0+40]
-/* 0x04ec 506 (76 77) */ add %l3,%g3,%g3
-/* 0x04f0 507 (76 77) */ add %o0,%l5,%g5
-/* 0x04f4 508 (77 78) */ st %o2,[%i0+44]
-/* 0x04f8 509 (77 78) */ srax %g3,32,%g4
-/* 0x04fc 510 (78 79) */ st %g2,[%i0+48]
-/* 0x0500 511 (78 79) */ add %g5,%g4,%g4
-/* 0x0504 512 (79 80) */ st %g3,[%i0+52]
-/* 0x0508 513 (79 80) */ srax %g4,32,%g5
-/* 0x050c 514 (80 83) */ ld [%i1+60],%g3
-/* 0x0510 515 (81 83) */ ldx [%sp+2223],%g2
-/* 0x0514 516 (82 83) */ st %g4,[%i0+56]
-/* 0x0518 517 (83 84) */ add %g2,%g3,%g2
-/* 0x051c 518 (84 85) */ add %g2,%g5,%g2
-/* 0x0520 519 (84 85) */ st %g2,[%i0+60]
-/* 0x0524 523 (85 86) */ srax %g2,32,%o3
-/* 0x0528 524 (86 87) */ srl %o3,0,%i0
-/* 0x052c (87 89) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0530 (89 90) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L900000157
-!
-
- .L900000157: /* frequency 1.0 confidence 0.0 */
-/* 0x0534 532 ( 0 1) */ fmovd %f0,%f14
-/* 0x0538 533 ( 0 3) */ ldd [%o0],%f8
-/* 0x053c 539 ( 0 1) */ add %i3,1,%g2
-/* 0x0540 540 ( 1 4) */ ld [%sp+2223],%f7
-/* 0x0544 541 ( 1 2) */ srl %g2,31,%g3
-/* 0x0548 545 ( 1 2) */ add %fp,-217,%g4
-/* 0x054c 546 ( 2 3) */ add %g2,%g3,%g2
-/* 0x0550 547 ( 2 3) */ or %g0,0,%g5
-/* 0x0554 548 ( 2 5) */ ldd [%o0+8],%f18
-/* 0x0558 549 ( 3 4) */ fmovs %f8,%f6
-/* 0x055c 550 ( 3 4) */ sra %g2,1,%o1
-/* 0x0560 551 ( 3 4) */ or %g0,0,%o0
-/* 0x0564 552 ( 4 5) */ subcc %o1,0,%g0
-/* 0x0568 553 ( 5 6) */ or %g0,%o1,%o3
-/* 0x056c 554 ( 5 8) */ fsubd %f6,%f8,%f16
-/* 0x0570 555 ( 5 6) */ ble,pt %icc,.L900000156 ! tprob=0.50
-/* 0x0574 ( 6 7) */ subcc %i3,0,%g0
-/* 0x0578 557 ( 6 7) */ sub %o1,1,%g2
-/* 0x057c 558 ( 7 8) */ or %g0,0,%i0
-/* 0x0580 559 ( 7 8) */ or %g0,1,%g3
-/* 0x0584 560 ( 8 9) */ subcc %o3,10,%g0
-/* 0x0588 561 ( 8 9) */ bl,pn %icc,.L77000077 ! tprob=0.50
-/* 0x058c ( 9 10) */ or %g0,0,%o1
-/* 0x0590 563 ( 9 12) */ ldd [%i2+8],%f0
-/* 0x0594 564 ( 9 10) */ sub %o3,3,%o3
-/* 0x0598 565 (10 13) */ ldd [%i2],%f2
-/* 0x059c 566 (10 11) */ or %g0,7,%o0
-/* 0x05a0 567 (10 11) */ or %g0,2,%i0
-/* 0x05a4 568 (11 13) */ fxnor %f14,%f0,%f8
-/* 0x05a8 569 (11 14) */ ldd [%i2+16],%f4
-/* 0x05ac 570 (11 12) */ or %g0,16,%o2
-/* 0x05b0 571 (12 14) */ fxnor %f14,%f2,%f2
-/* 0x05b4 572 (12 15) */ ldd [%i2+24],%f6
-/* 0x05b8 573 (12 13) */ or %g0,48,%o4
-/* 0x05bc 574 (13 16) */ fitod %f8,%f12
-/* 0x05c0 575 (13 14) */ or %g0,24,%o1
-/* 0x05c4 576 (13 14) */ or %g0,3,%g3
-/* 0x05c8 577 (14 17) */ fitod %f2,%f0
-/* 0x05cc 578 (15 18) */ fitod %f3,%f20
-/* 0x05d0 579 (15 18) */ ldd [%i2+32],%f2
-/* 0x05d4 580 (16 19) */ fitod %f9,%f10
-/* 0x05d8 581 (16 19) */ ldd [%i2+40],%f8
-/* 0x05dc 582 (17 20) */ fsubd %f18,%f0,%f0
-/* 0x05e0 583 (18 21) */ fsubd %f18,%f20,%f22
-/* 0x05e4 584 (19 22) */ fsubd %f18,%f12,%f20
-/* 0x05e8 585 (19 22) */ ldd [%i2+48],%f12
-/* 0x05ec 586 (20 23) */ fsubd %f18,%f10,%f10
-/* 0x05f0 587 (20 23) */ fmuld %f0,%f16,%f0
-/* 0x05f4 588 (21 23) */ fxnor %f14,%f4,%f4
-/* 0x05f8 589 (21 24) */ fmuld %f22,%f16,%f22
-/* 0x05fc 590 (22 24) */ fxnor %f14,%f6,%f6
-/* 0x0600 591 (22 25) */ fmuld %f20,%f16,%f20
-/* 0x0604 592 (23 26) */ fdtox %f0,%f0
-/* 0x0608 593 (23 24) */ std %f0,[%fp-217]
-/* 0x060c 594 (23 26) */ fmuld %f10,%f16,%f10
-/* 0x0610 595 (24 27) */ fdtox %f22,%f22
-/* 0x0614 596 (24 25) */ std %f22,[%fp-209]
-/* 0x0618 597 (25 28) */ fitod %f5,%f0
-/* 0x061c 598 (26 29) */ fdtox %f10,%f10
-/* 0x0620 599 (27 30) */ fdtox %f20,%f20
-/* 0x0624 600 (27 28) */ std %f20,[%fp-201]
-/* 0x0628 601 (28 31) */ fitod %f4,%f4
-/* 0x062c 602 (28 29) */ std %f10,[%fp-193]
-/* 0x0630 603 (29 31) */ fxnor %f14,%f2,%f10
-/* 0x0634 604 (30 33) */ fitod %f7,%f2
-/* 0x0638 605 (31 34) */ fsubd %f18,%f0,%f0
-/* 0x063c 606 (32 35) */ fsubd %f18,%f4,%f4
-/* 0x0640 607 (33 35) */ fxnor %f14,%f8,%f8
-
-!
-! ENTRY .L900000144
-!
-
- .L900000144: /* frequency 1.0 confidence 0.0 */
-/* 0x0644 609 ( 0 3) */ fitod %f11,%f22
-/* 0x0648 610 ( 0 1) */ add %o0,3,%o0
-/* 0x064c 611 ( 0 1) */ add %g3,6,%g3
-/* 0x0650 612 ( 0 3) */ fmuld %f0,%f16,%f0
-/* 0x0654 613 ( 1 4) */ fmuld %f4,%f16,%f24
-/* 0x0658 614 ( 1 2) */ subcc %o0,%o3,%g0
-/* 0x065c 615 ( 1 2) */ add %i0,6,%i0
-/* 0x0660 616 ( 1 4) */ fsubd %f18,%f2,%f2
-/* 0x0664 617 ( 2 5) */ fitod %f6,%f4
-/* 0x0668 618 ( 3 6) */ fdtox %f0,%f0
-/* 0x066c 619 ( 3 4) */ add %o4,8,%i1
-/* 0x0670 620 ( 4 7) */ ldd [%i2+%i1],%f20
-/* 0x0674 621 ( 4 7) */ fdtox %f24,%f6
-/* 0x0678 622 ( 4 5) */ add %o2,16,%o4
-/* 0x067c 623 ( 5 8) */ fsubd %f18,%f4,%f4
-/* 0x0680 624 ( 5 6) */ std %f6,[%o4+%g4]
-/* 0x0684 625 ( 5 6) */ add %o1,16,%o2
-/* 0x0688 626 ( 6 8) */ fxnor %f14,%f12,%f6
-/* 0x068c 627 ( 6 7) */ std %f0,[%o2+%g4]
-/* 0x0690 628 ( 7 10) */ fitod %f9,%f0
-/* 0x0694 629 ( 7 10) */ fmuld %f2,%f16,%f2
-/* 0x0698 630 ( 8 11) */ fmuld %f4,%f16,%f24
-/* 0x069c 631 ( 8 11) */ fsubd %f18,%f22,%f12
-/* 0x06a0 632 ( 9 12) */ fitod %f10,%f4
-/* 0x06a4 633 (10 13) */ fdtox %f2,%f2
-/* 0x06a8 634 (10 11) */ add %i1,8,%o1
-/* 0x06ac 635 (11 14) */ ldd [%i2+%o1],%f22
-/* 0x06b0 636 (11 14) */ fdtox %f24,%f10
-/* 0x06b4 637 (11 12) */ add %o4,16,%i4
-/* 0x06b8 638 (12 15) */ fsubd %f18,%f4,%f4
-/* 0x06bc 639 (12 13) */ std %f10,[%i4+%g4]
-/* 0x06c0 640 (12 13) */ add %o2,16,%i1
-/* 0x06c4 641 (13 15) */ fxnor %f14,%f20,%f10
-/* 0x06c8 642 (13 14) */ std %f2,[%i1+%g4]
-/* 0x06cc 643 (14 17) */ fitod %f7,%f2
-/* 0x06d0 644 (14 17) */ fmuld %f12,%f16,%f12
-/* 0x06d4 645 (15 18) */ fmuld %f4,%f16,%f24
-/* 0x06d8 646 (15 18) */ fsubd %f18,%f0,%f0
-/* 0x06dc 647 (16 19) */ fitod %f8,%f4
-/* 0x06e0 648 (17 20) */ fdtox %f12,%f20
-/* 0x06e4 649 (17 18) */ add %o1,8,%o4
-/* 0x06e8 650 (18 21) */ ldd [%i2+%o4],%f12
-/* 0x06ec 651 (18 21) */ fdtox %f24,%f8
-/* 0x06f0 652 (18 19) */ add %i4,16,%o2
-/* 0x06f4 653 (19 22) */ fsubd %f18,%f4,%f4
-/* 0x06f8 654 (19 20) */ std %f8,[%o2+%g4]
-/* 0x06fc 655 (19 20) */ add %i1,16,%o1
-/* 0x0700 656 (20 22) */ fxnor %f14,%f22,%f8
-/* 0x0704 657 (20 21) */ ble,pt %icc,.L900000144 ! tprob=0.50
-/* 0x0708 (20 21) */ std %f20,[%o1+%g4]
-
-!
-! ENTRY .L900000147
-!
-
- .L900000147: /* frequency 1.0 confidence 0.0 */
-/* 0x070c 660 ( 0 3) */ fitod %f6,%f6
-/* 0x0710 661 ( 0 3) */ fmuld %f4,%f16,%f24
-/* 0x0714 662 ( 0 1) */ add %i4,32,%l4
-/* 0x0718 663 ( 1 4) */ fsubd %f18,%f2,%f2
-/* 0x071c 664 ( 1 4) */ fmuld %f0,%f16,%f22
-/* 0x0720 665 ( 1 2) */ add %i1,32,%l3
-/* 0x0724 666 ( 2 5) */ fitod %f10,%f28
-/* 0x0728 667 ( 2 3) */ sra %o0,0,%o2
-/* 0x072c 668 ( 2 3) */ add %i4,48,%l2
-/* 0x0730 669 ( 3 6) */ fsubd %f18,%f6,%f4
-/* 0x0734 670 ( 3 4) */ add %i1,48,%l1
-/* 0x0738 671 ( 3 4) */ add %i4,64,%l0
-/* 0x073c 672 ( 4 7) */ fitod %f11,%f26
-/* 0x0740 673 ( 4 5) */ sllx %o2,3,%o1
-/* 0x0744 674 ( 4 5) */ add %i1,64,%i5
-/* 0x0748 675 ( 5 8) */ fitod %f8,%f6
-/* 0x074c 676 ( 5 6) */ add %i4,80,%i4
-/* 0x0750 677 ( 5 6) */ add %i1,80,%i1
-/* 0x0754 678 ( 6 8) */ fxnor %f14,%f12,%f0
-/* 0x0758 679 ( 6 9) */ fmuld %f4,%f16,%f20
-/* 0x075c 680 ( 6 7) */ add %i4,16,%o4
-/* 0x0760 681 ( 7 10) */ fitod %f9,%f4
-/* 0x0764 682 ( 7 10) */ fmuld %f2,%f16,%f12
-/* 0x0768 683 ( 7 8) */ add %i1,16,%o3
-/* 0x076c 684 ( 8 11) */ fsubd %f18,%f28,%f10
-/* 0x0770 685 ( 8 9) */ subcc %o0,%g2,%g0
-/* 0x0774 686 ( 8 9) */ add %g3,12,%g3
-/* 0x0778 687 ( 9 12) */ fitod %f0,%f2
-/* 0x077c 688 (10 13) */ fsubd %f18,%f26,%f8
-/* 0x0780 689 (11 14) */ fitod %f1,%f0
-/* 0x0784 690 (11 14) */ fmuld %f10,%f16,%f10
-/* 0x0788 691 (12 15) */ fdtox %f24,%f24
-/* 0x078c 692 (12 13) */ std %f24,[%l4+%g4]
-/* 0x0790 693 (12 13) */ add %i0,12,%i0
-/* 0x0794 694 (13 16) */ fsubd %f18,%f6,%f6
-/* 0x0798 695 (13 16) */ fmuld %f8,%f16,%f8
-/* 0x079c 696 (14 17) */ fdtox %f22,%f22
-/* 0x07a0 697 (14 15) */ std %f22,[%l3+%g4]
-/* 0x07a4 698 (15 18) */ fsubd %f18,%f4,%f4
-/* 0x07a8 699 (16 19) */ fdtox %f20,%f20
-/* 0x07ac 700 (16 17) */ std %f20,[%l2+%g4]
-/* 0x07b0 701 (16 19) */ fmuld %f6,%f16,%f6
-/* 0x07b4 702 (17 20) */ fsubd %f18,%f2,%f2
-/* 0x07b8 703 (18 21) */ fsubd %f18,%f0,%f0
-/* 0x07bc 704 (18 21) */ fmuld %f4,%f16,%f4
-/* 0x07c0 705 (19 22) */ fdtox %f12,%f12
-/* 0x07c4 706 (19 20) */ std %f12,[%l1+%g4]
-/* 0x07c8 707 (20 23) */ fdtox %f10,%f10
-/* 0x07cc 708 (20 21) */ std %f10,[%l0+%g4]
-/* 0x07d0 709 (20 23) */ fmuld %f2,%f16,%f2
-/* 0x07d4 710 (21 24) */ fdtox %f8,%f8
-/* 0x07d8 711 (21 22) */ std %f8,[%i5+%g4]
-/* 0x07dc 712 (21 24) */ fmuld %f0,%f16,%f0
-/* 0x07e0 713 (22 25) */ fdtox %f6,%f6
-/* 0x07e4 714 (22 23) */ std %f6,[%i4+%g4]
-/* 0x07e8 715 (23 26) */ fdtox %f4,%f4
-/* 0x07ec 716 (23 24) */ std %f4,[%i1+%g4]
-/* 0x07f0 717 (24 27) */ fdtox %f2,%f2
-/* 0x07f4 718 (24 25) */ std %f2,[%o4+%g4]
-/* 0x07f8 719 (25 28) */ fdtox %f0,%f0
-/* 0x07fc 720 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50
-/* 0x0800 (25 26) */ std %f0,[%o3+%g4]
-
-!
-! ENTRY .L77000077
-!
-
- .L77000077: /* frequency 1.0 confidence 0.0 */
-/* 0x0804 723 ( 0 3) */ ldd [%i2+%o1],%f0
-
-!
-! ENTRY .L900000155
-!
-
- .L900000155: /* frequency 1.0 confidence 0.0 */
-/* 0x0808 725 ( 0 2) */ fxnor %f14,%f0,%f0
-/* 0x080c 726 ( 0 1) */ sra %i0,0,%o1
-/* 0x0810 727 ( 0 1) */ add %o0,1,%o0
-/* 0x0814 728 ( 1 2) */ sllx %o1,3,%i4
-/* 0x0818 729 ( 1 2) */ add %i0,2,%i0
-/* 0x081c 730 ( 2 5) */ fitod %f0,%f2
-/* 0x0820 731 ( 2 3) */ sra %g3,0,%o1
-/* 0x0824 732 ( 2 3) */ add %g3,2,%g3
-/* 0x0828 733 ( 3 6) */ fitod %f1,%f0
-/* 0x082c 734 ( 3 4) */ sllx %o1,3,%i1
-/* 0x0830 735 ( 3 4) */ subcc %o0,%g2,%g0
-/* 0x0834 736 ( 4 5) */ sra %o0,0,%o2
-/* 0x0838 737 ( 5 8) */ fsubd %f18,%f2,%f2
-/* 0x083c 738 ( 5 6) */ sllx %o2,3,%o1
-/* 0x0840 739 ( 6 9) */ fsubd %f18,%f0,%f0
-/* 0x0844 740 ( 8 11) */ fmuld %f2,%f16,%f2
-/* 0x0848 741 ( 9 12) */ fmuld %f0,%f16,%f0
-/* 0x084c 742 (11 14) */ fdtox %f2,%f2
-/* 0x0850 743 (11 12) */ std %f2,[%i4+%g4]
-/* 0x0854 744 (12 15) */ fdtox %f0,%f0
-/* 0x0858 745 (12 13) */ std %f0,[%i1+%g4]
-/* 0x085c 746 (12 13) */ ble,a,pt %icc,.L900000155 ! tprob=0.50
-/* 0x0860 (14 17) */ ldd [%i2+%o1],%f0
-
-!
-! ENTRY .L77000043
-!
-
- .L77000043: /* frequency 1.0 confidence 0.0 */
-/* 0x0864 754 ( 0 1) */ subcc %i3,0,%g0
-
-!
-! ENTRY .L900000156
-!
-
- .L900000156: /* frequency 1.0 confidence 0.0 */
-/* 0x0868 756 ( 0 1) */ ble,a,pt %icc,.L77000061 ! tprob=0.50
-/* 0x086c ( 0 1) */ or %g0,%g5,%o3
-/* 0x0870 761 ( 0 2) */ ldx [%fp-209],%i1
-/* 0x0874 762 ( 1 2) */ sub %i3,1,%g3
-/* 0x0878 763 ( 1 2) */ or %g0,0,%i0
-/* 0x087c 764 ( 2 3) */ subcc %i3,5,%g0
-/* 0x0880 765 ( 2 3) */ bl,pn %icc,.L77000078 ! tprob=0.50
-/* 0x0884 ( 2 4) */ ldx [%fp-217],%i2
-/* 0x0888 767 ( 3 6) */ ld [%o5],%i3
-/* 0x088c 768 ( 3 4) */ or %g0,8,%g2
-/* 0x0890 769 ( 3 4) */ or %g0,16,%o4
-/* 0x0894 770 ( 4 5) */ sub %g3,1,%o3
-/* 0x0898 771 ( 4 5) */ or %g0,3,%i0
-/* 0x089c 772 ( 5 6) */ add %i2,%i3,%o1
-/* 0x08a0 773 ( 5 8) */ ld [%o5+4],%i2
-/* 0x08a4 774 ( 6 7) */ st %o1,[%o7]
-/* 0x08a8 775 ( 6 7) */ srax %o1,32,%o1
-/* 0x08ac 776 ( 7 9) */ ldx [%fp-201],%o2
-/* 0x08b0 777 ( 7 8) */ add %i1,%i2,%o0
-/* 0x08b4 778 ( 7 8) */ or %g0,%o1,%i1
-/* 0x08b8 779 ( 8 11) */ ld [%o5+8],%o1
-/* 0x08bc 780 ( 8 9) */ add %o0,%i1,%o0
-/* 0x08c0 781 ( 9 10) */ st %o0,[%o7+4]
-/* 0x08c4 782 ( 9 10) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000140
-!
-
- .L900000140: /* frequency 1.0 confidence 0.0 */
-/* 0x08c8 784 ( 0 1) */ add %g2,4,%i1
-/* 0x08cc 785 ( 0 1) */ add %o4,8,%o4
-/* 0x08d0 786 ( 1 3) */ ldx [%o4+%g4],%i2
-/* 0x08d4 787 ( 1 2) */ sra %o0,0,%g5
-/* 0x08d8 788 ( 1 2) */ add %o2,%o1,%o1
-/* 0x08dc 789 ( 2 5) */ ld [%o5+%i1],%o0
-/* 0x08e0 790 ( 2 3) */ add %o1,%g5,%o1
-/* 0x08e4 791 ( 2 3) */ add %i0,2,%i0
-/* 0x08e8 792 ( 3 4) */ st %o1,[%o7+%g2]
-/* 0x08ec 793 ( 3 4) */ srax %o1,32,%g5
-/* 0x08f0 794 ( 3 4) */ subcc %i0,%o3,%g0
-/* 0x08f4 795 ( 4 5) */ add %g2,8,%g2
-/* 0x08f8 796 ( 4 5) */ add %o4,8,%o4
-/* 0x08fc 797 ( 5 7) */ ldx [%o4+%g4],%o2
-/* 0x0900 798 ( 5 6) */ add %i2,%o0,%o0
-/* 0x0904 799 ( 6 9) */ ld [%o5+%g2],%o1
-/* 0x0908 800 ( 6 7) */ add %o0,%g5,%o0
-/* 0x090c 801 ( 7 8) */ st %o0,[%o7+%i1]
-/* 0x0910 802 ( 7 8) */ ble,pt %icc,.L900000140 ! tprob=0.50
-/* 0x0914 ( 7 8) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000143
-!
-
- .L900000143: /* frequency 1.0 confidence 0.0 */
-/* 0x0918 805 ( 0 1) */ sra %o0,0,%o3
-/* 0x091c 806 ( 0 1) */ add %o2,%o1,%o0
-/* 0x0920 807 ( 1 2) */ add %o0,%o3,%o0
-/* 0x0924 808 ( 1 2) */ st %o0,[%o7+%g2]
-/* 0x0928 809 ( 1 2) */ subcc %i0,%g3,%g0
-/* 0x092c 810 ( 2 3) */ srax %o0,32,%g5
-/* 0x0930 811 ( 2 3) */ bg,a,pn %icc,.L77000061 ! tprob=0.50
-/* 0x0934 ( 3 4) */ or %g0,%g5,%o3
-
-!
-! ENTRY .L77000078
-!
-
- .L77000078: /* frequency 1.0 confidence 0.0 */
-/* 0x0938 814 ( 0 1) */ sra %i0,0,%o0
-
-!
-! ENTRY .L900000154
-!
-
- .L900000154: /* frequency 1.0 confidence 0.0 */
-/* 0x093c 816 ( 0 1) */ sllx %o0,2,%g2
-/* 0x0940 817 ( 0 1) */ add %i0,1,%i0
-/* 0x0944 818 ( 1 2) */ sllx %o0,3,%o4
-/* 0x0948 819 ( 1 4) */ ld [%o5+%g2],%o2
-/* 0x094c 820 ( 1 2) */ subcc %i0,%g3,%g0
-/* 0x0950 821 ( 2 4) */ ldx [%o4+%g4],%o0
-/* 0x0954 822 ( 2 3) */ sra %g5,0,%o1
-/* 0x0958 823 ( 4 5) */ add %o0,%o2,%o0
-/* 0x095c 824 ( 5 6) */ add %o0,%o1,%o0
-/* 0x0960 825 ( 5 6) */ st %o0,[%o7+%g2]
-/* 0x0964 826 ( 6 7) */ srax %o0,32,%g5
-/* 0x0968 827 ( 6 7) */ ble,pt %icc,.L900000154 ! tprob=0.50
-/* 0x096c ( 7 8) */ sra %i0,0,%o0
-
-!
-! ENTRY .L77000047
-!
-
- .L77000047: /* frequency 1.0 confidence 0.0 */
-/* 0x0970 834 ( 0 1) */ or %g0,%g5,%o3
-
-!
-! ENTRY .L77000061
-!
-
- .L77000061: /* frequency 1.0 confidence 0.0 */
-
-/* 0x0974 835 ( 1 2) */ srl %o3,0,%i0
-/* 0x0978 ( 2 4) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x097c ( 4 5) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000048
-!
-
- .L77000048: /* frequency 1.0 confidence 0.0 */
-/* 0x0980 844 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50
-/* 0x0984 ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x0988 854 ( 0 3) */ ldd [%o2],%f4
-/* 0x098c 855 ( 1 4) */ ldd [%o0],%f6
-/* 0x0990 856 ( 1 2) */ srl %i4,19,%g3
-/* 0x0994 857 ( 1 2) */ andn %i4,%g2,%g2
-/* 0x0998 858 ( 2 3) */ st %g3,[%sp+2351]
-/* 0x099c 859 ( 2 4) */ fxnor %f0,%f4,%f4
-/* 0x09a0 860 ( 3 4) */ st %g2,[%sp+2355]
-/* 0x09a4 861 ( 4 7) */ ldd [%o2+8],%f12
-/* 0x09a8 862 ( 4 7) */ fitod %f4,%f10
-/* 0x09ac 863 ( 5 8) */ ldd [%o0+8],%f16
-/* 0x09b0 864 ( 5 8) */ fitod %f5,%f4
-/* 0x09b4 865 ( 6 9) */ ldd [%o2+16],%f18
-/* 0x09b8 866 ( 6 8) */ fxnor %f0,%f12,%f12
-/* 0x09bc 867 ( 7 10) */ ld [%sp+2351],%f9
-/* 0x09c0 868 ( 7 10) */ fsubd %f16,%f10,%f10
-/* 0x09c4 869 ( 8 11) */ ld [%sp+2355],%f15
-/* 0x09c8 870 ( 8 11) */ fitod %f12,%f22
-/* 0x09cc 871 ( 9 12) */ ldd [%o2+24],%f20
-/* 0x09d0 872 ( 9 12) */ fitod %f13,%f12
-/* 0x09d4 876 (10 13) */ ld [%i1],%g2
-/* 0x09d8 877 (10 13) */ fsubd %f16,%f4,%f4
-/* 0x09dc 878 (11 14) */ ld [%i1+4],%g3
-/* 0x09e0 879 (11 14) */ fsubd %f16,%f22,%f22
-/* 0x09e4 880 (12 15) */ ld [%i1+8],%g4
-/* 0x09e8 881 (12 14) */ fxnor %f0,%f18,%f18
-/* 0x09ec 882 (13 16) */ ld [%i1+12],%g5
-/* 0x09f0 883 (13 16) */ fsubd %f16,%f12,%f12
-/* 0x09f4 884 (14 17) */ ld [%i1+16],%o0
-/* 0x09f8 885 (14 17) */ fitod %f18,%f26
-/* 0x09fc 886 (15 18) */ ld [%i1+20],%o1
-/* 0x0a00 887 (15 17) */ fxnor %f0,%f20,%f20
-/* 0x0a04 888 (16 19) */ ld [%i1+24],%o2
-/* 0x0a08 889 (17 20) */ ld [%i1+28],%o3
-/* 0x0a0c 890 (19 20) */ fmovs %f6,%f8
-/* 0x0a10 891 (20 21) */ fmovs %f6,%f14
-/* 0x0a14 892 (22 25) */ fsubd %f8,%f6,%f8
-/* 0x0a18 893 (23 26) */ fsubd %f14,%f6,%f6
-/* 0x0a1c 894 (25 28) */ fmuld %f10,%f8,%f14
-/* 0x0a20 895 (26 29) */ fmuld %f10,%f6,%f10
-/* 0x0a24 896 (27 30) */ fmuld %f4,%f8,%f24
-/* 0x0a28 897 (28 31) */ fdtox %f14,%f14
-/* 0x0a2c 898 (28 29) */ std %f14,[%sp+2335]
-/* 0x0a30 899 (28 31) */ fmuld %f22,%f8,%f28
-/* 0x0a34 900 (29 32) */ fitod %f19,%f14
-/* 0x0a38 901 (29 32) */ fmuld %f22,%f6,%f18
-/* 0x0a3c 902 (30 33) */ fdtox %f10,%f10
-/* 0x0a40 903 (30 31) */ std %f10,[%sp+2343]
-/* 0x0a44 904 (30 33) */ fmuld %f4,%f6,%f4
-/* 0x0a48 905 (31 34) */ fmuld %f12,%f8,%f22
-/* 0x0a4c 906 (32 35) */ fdtox %f18,%f18
-/* 0x0a50 907 (32 33) */ std %f18,[%sp+2311]
-/* 0x0a54 908 (32 35) */ fmuld %f12,%f6,%f10
-/* 0x0a58 909 (33 35) */ ldx [%sp+2335],%o4
-/* 0x0a5c 910 (33 36) */ fdtox %f24,%f12
-/* 0x0a60 911 (34 35) */ std %f12,[%sp+2319]
-/* 0x0a64 912 (34 37) */ fsubd %f16,%f26,%f12
-/* 0x0a68 913 (35 37) */ ldx [%sp+2343],%o5
-/* 0x0a6c 914 (35 36) */ sllx %o4,19,%o4
-/* 0x0a70 915 (35 38) */ fdtox %f4,%f4
-/* 0x0a74 916 (36 37) */ std %f4,[%sp+2327]
-/* 0x0a78 917 (36 39) */ fdtox %f28,%f24
-/* 0x0a7c 918 (37 38) */ std %f24,[%sp+2303]
-/* 0x0a80 919 (37 40) */ fitod %f20,%f4
-/* 0x0a84 920 (37 38) */ add %o5,%o4,%o4
-/* 0x0a88 921 (37 40) */ fmuld %f12,%f8,%f24
-/* 0x0a8c 922 (38 40) */ ldx [%sp+2319],%o7
-/* 0x0a90 923 (38 41) */ fsubd %f16,%f14,%f14
-/* 0x0a94 924 (38 39) */ add %o4,%g2,%o4
-/* 0x0a98 925 (38 41) */ fmuld %f12,%f6,%f12
-/* 0x0a9c 926 (39 41) */ ldx [%sp+2327],%o5
-/* 0x0aa0 927 (39 42) */ fitod %f21,%f18
-/* 0x0aa4 928 (40 41) */ st %o4,[%i0]
-/* 0x0aa8 929 (40 41) */ sllx %o7,19,%o7
-/* 0x0aac 930 (40 43) */ fdtox %f22,%f20
-/* 0x0ab0 931 (41 42) */ std %f20,[%sp+2287]
-/* 0x0ab4 932 (41 44) */ fdtox %f10,%f10
-/* 0x0ab8 933 (41 42) */ add %o5,%o7,%o5
-/* 0x0abc 934 (41 44) */ fmuld %f14,%f8,%f20
-/* 0x0ac0 935 (42 43) */ std %f10,[%sp+2295]
-/* 0x0ac4 936 (42 43) */ srlx %o4,32,%o7
-/* 0x0ac8 937 (42 45) */ fsubd %f16,%f4,%f4
-/* 0x0acc 938 (42 45) */ fmuld %f14,%f6,%f14
-/* 0x0ad0 939 (43 45) */ ldx [%sp+2311],%g2
-/* 0x0ad4 940 (43 46) */ fdtox %f24,%f10
-/* 0x0ad8 941 (43 44) */ add %o5,%g3,%g3
-/* 0x0adc 942 (44 45) */ std %f10,[%sp+2271]
-/* 0x0ae0 943 (44 45) */ add %g3,%o7,%g3
-/* 0x0ae4 944 (44 47) */ fdtox %f12,%f12
-/* 0x0ae8 945 (45 47) */ ldx [%sp+2303],%l0
-/* 0x0aec 946 (45 48) */ fsubd %f16,%f18,%f10
-/* 0x0af0 947 (45 48) */ fmuld %f4,%f8,%f16
-/* 0x0af4 948 (46 47) */ std %f12,[%sp+2279]
-/* 0x0af8 949 (46 49) */ fdtox %f20,%f12
-/* 0x0afc 950 (46 49) */ fmuld %f4,%f6,%f4
-/* 0x0b00 951 (47 48) */ std %f12,[%sp+2255]
-/* 0x0b04 952 (47 48) */ sllx %l0,19,%l0
-/* 0x0b08 953 (47 50) */ fdtox %f14,%f12
-/* 0x0b0c 954 (48 50) */ ldx [%sp+2287],%o5
-/* 0x0b10 955 (48 49) */ add %g2,%l0,%g2
-/* 0x0b14 956 (48 51) */ fmuld %f10,%f8,%f8
-/* 0x0b18 957 (49 51) */ ldx [%sp+2295],%l1
-/* 0x0b1c 958 (49 50) */ srlx %g3,32,%l0
-/* 0x0b20 959 (49 50) */ add %g2,%g4,%g4
-/* 0x0b24 960 (49 52) */ fmuld %f10,%f6,%f6
-/* 0x0b28 961 (50 51) */ std %f12,[%sp+2263]
-/* 0x0b2c 962 (50 51) */ sllx %o5,19,%g2
-/* 0x0b30 963 (50 51) */ add %g4,%l0,%g4
-/* 0x0b34 964 (51 53) */ ldx [%sp+2279],%l0
-/* 0x0b38 965 (51 52) */ srlx %g4,32,%o5
-/* 0x0b3c 966 (51 52) */ add %l1,%g2,%g2
-/* 0x0b40 967 (52 53) */ st %g3,[%i0+4]
-/* 0x0b44 968 (52 53) */ add %g2,%g5,%g2
-/* 0x0b48 969 (52 55) */ fdtox %f16,%f10
-/* 0x0b4c 970 (53 55) */ ldx [%sp+2271],%o7
-/* 0x0b50 971 (53 54) */ add %g2,%o5,%g2
-/* 0x0b54 972 (53 56) */ fdtox %f4,%f4
-/* 0x0b58 973 (54 55) */ std %f10,[%sp+2239]
-/* 0x0b5c 974 (55 56) */ sllx %o7,19,%o7
-/* 0x0b60 975 (55 56) */ std %f4,[%sp+2247]
-/* 0x0b64 976 (55 58) */ fdtox %f8,%f4
-/* 0x0b68 977 (56 57) */ add %l0,%o7,%o7
-/* 0x0b6c 978 (56 58) */ ldx [%sp+2263],%o5
-/* 0x0b70 979 (57 58) */ add %o7,%o0,%o0
-/* 0x0b74 980 (57 58) */ std %f4,[%sp+2223]
-/* 0x0b78 981 (57 60) */ fdtox %f6,%f4
-/* 0x0b7c 982 (58 60) */ ldx [%sp+2255],%g5
-/* 0x0b80 983 (58 59) */ srlx %g2,32,%o7
-/* 0x0b84 984 (59 60) */ std %f4,[%sp+2231]
-/* 0x0b88 985 (59 60) */ add %o0,%o7,%o0
-/* 0x0b8c 986 (60 61) */ sllx %g5,19,%g5
-/* 0x0b90 987 (60 62) */ ldx [%sp+2247],%l1
-/* 0x0b94 988 (61 62) */ add %o5,%g5,%g5
-/* 0x0b98 989 (61 62) */ st %g2,[%i0+12]
-/* 0x0b9c 990 (62 64) */ ldx [%sp+2239],%l0
-/* 0x0ba0 991 (62 63) */ srlx %o0,32,%o4
-/* 0x0ba4 992 (62 63) */ add %g5,%o1,%o1
-/* 0x0ba8 993 (63 64) */ add %o1,%o4,%o1
-/* 0x0bac 994 (63 65) */ ldx [%sp+2223],%o7
-/* 0x0bb0 995 (64 65) */ sllx %l0,19,%g3
-/* 0x0bb4 996 (64 66) */ ldx [%sp+2231],%o5
-/* 0x0bb8 997 (65 66) */ add %l1,%g3,%o4
-/* 0x0bbc 998 (65 66) */ st %o0,[%i0+16]
-/* 0x0bc0 999 (66 67) */ add %o4,%o2,%o2
-/* 0x0bc4 1000 (66 67) */ st %o1,[%i0+20]
-/* 0x0bc8 1001 (67 68) */ srlx %o1,32,%o4
-/* 0x0bcc 1002 (67 68) */ st %g4,[%i0+8]
-/* 0x0bd0 1003 (68 69) */ sllx %o7,19,%g2
-/* 0x0bd4 1004 (68 69) */ add %o2,%o4,%o4
-/* 0x0bd8 1005 (68 69) */ st %o4,[%i0+24]
-/* 0x0bdc 1006 (69 70) */ add %o5,%g2,%g2
-/* 0x0be0 1007 (70 71) */ srlx %o4,32,%g3
-/* 0x0be4 1008 (70 71) */ add %g2,%o3,%g2
-/* 0x0be8 1009 (71 72) */ add %g2,%g3,%g2
-/* 0x0bec 1010 (71 72) */ st %g2,[%i0+28]
-/* 0x0bf0 1014 (72 73) */ srlx %g2,32,%o3
-/* 0x0bf4 1015 (73 74) */ srl %o3,0,%i0
-/* 0x0bf8 (74 76) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0bfc (76 77) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000050
-!
-
- .L77000050: /* frequency 1.0 confidence 0.0 */
-/* 0x0c00 1022 ( 0 1) */ subcc %i3,16,%g0
-/* 0x0c04 1023 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50
-/* 0x0c08 ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x0c0c 1034 ( 1 4) */ ldd [%o2],%f4
-/* 0x0c10 1035 ( 1 2) */ andn %i4,%g2,%g2
-/* 0x0c14 1036 ( 2 3) */ st %g2,[%sp+2483]
-/* 0x0c18 1037 ( 2 3) */ srl %i4,19,%g2
-/* 0x0c1c 1038 ( 3 4) */ st %g2,[%sp+2479]
-/* 0x0c20 1039 ( 3 5) */ fxnor %f0,%f4,%f4
-/* 0x0c24 1040 ( 4 7) */ ldd [%o0],%f8
-/* 0x0c28 1041 ( 5 8) */ fitod %f4,%f10
-/* 0x0c2c 1042 ( 5 8) */ ldd [%o0+8],%f16
-/* 0x0c30 1043 ( 6 9) */ ldd [%o2+8],%f14
-/* 0x0c34 1044 ( 6 9) */ fitod %f5,%f4
-/* 0x0c38 1045 ( 7 10) */ ld [%sp+2483],%f13
-/* 0x0c3c 1046 ( 8 11) */ ld [%sp+2479],%f7
-/* 0x0c40 1047 ( 8 11) */ fsubd %f16,%f10,%f10
-/* 0x0c44 1048 ( 9 11) */ fxnor %f0,%f14,%f14
-/* 0x0c48 1049 (10 13) */ fsubd %f16,%f4,%f4
-/* 0x0c4c 1050 (14 15) */ fmovs %f8,%f12
-/* 0x0c50 1051 (15 16) */ fmovs %f8,%f6
-/* 0x0c54 1052 (17 20) */ fsubd %f12,%f8,%f12
-/* 0x0c58 1053 (18 21) */ fsubd %f6,%f8,%f6
-/* 0x0c5c 1054 (19 22) */ fitod %f14,%f8
-/* 0x0c60 1055 (20 23) */ fmuld %f10,%f12,%f18
-/* 0x0c64 1056 (20 23) */ fitod %f15,%f14
-/* 0x0c68 1057 (21 24) */ fmuld %f10,%f6,%f10
-/* 0x0c6c 1058 (22 25) */ fsubd %f16,%f8,%f8
-/* 0x0c70 1059 (22 25) */ fmuld %f4,%f12,%f20
-/* 0x0c74 1060 (23 26) */ fmuld %f4,%f6,%f4
-/* 0x0c78 1061 (23 26) */ fsubd %f16,%f14,%f14
-/* 0x0c7c 1062 (24 27) */ fdtox %f10,%f10
-/* 0x0c80 1063 (24 25) */ std %f10,[%sp+2463]
-/* 0x0c84 1064 (25 28) */ fmuld %f8,%f12,%f10
-/* 0x0c88 1065 (25 28) */ fdtox %f18,%f18
-/* 0x0c8c 1066 (25 26) */ std %f18,[%sp+2471]
-/* 0x0c90 1067 (26 29) */ fmuld %f8,%f6,%f8
-/* 0x0c94 1068 (26 29) */ fdtox %f4,%f4
-/* 0x0c98 1069 (26 27) */ std %f4,[%sp+2447]
-/* 0x0c9c 1070 (27 30) */ fmuld %f14,%f12,%f4
-/* 0x0ca0 1071 (27 30) */ fdtox %f20,%f18
-/* 0x0ca4 1072 (27 28) */ std %f18,[%sp+2455]
-/* 0x0ca8 1073 (28 31) */ fdtox %f10,%f10
-/* 0x0cac 1074 (28 29) */ std %f10,[%sp+2439]
-/* 0x0cb0 1075 (28 31) */ fmuld %f14,%f6,%f14
-/* 0x0cb4 1076 (29 32) */ fdtox %f8,%f8
-/* 0x0cb8 1077 (29 30) */ std %f8,[%sp+2431]
-/* 0x0cbc 1078 (30 33) */ ldd [%o2+16],%f10
-/* 0x0cc0 1079 (30 33) */ fdtox %f4,%f4
-/* 0x0cc4 1080 (31 34) */ ldd [%o2+24],%f8
-/* 0x0cc8 1081 (31 34) */ fdtox %f14,%f14
-/* 0x0ccc 1082 (32 33) */ std %f4,[%sp+2423]
-/* 0x0cd0 1083 (32 34) */ fxnor %f0,%f10,%f10
-/* 0x0cd4 1084 (33 35) */ fxnor %f0,%f8,%f4
-/* 0x0cd8 1085 (33 34) */ std %f14,[%sp+2415]
-/* 0x0cdc 1086 (34 37) */ fitod %f10,%f8
-/* 0x0ce0 1087 (35 38) */ fitod %f11,%f10
-/* 0x0ce4 1088 (36 39) */ fitod %f4,%f14
-/* 0x0ce8 1089 (37 40) */ fsubd %f16,%f8,%f8
-/* 0x0cec 1090 (38 41) */ fsubd %f16,%f10,%f10
-/* 0x0cf0 1091 (39 42) */ fsubd %f16,%f14,%f14
-/* 0x0cf4 1092 (40 43) */ fmuld %f8,%f12,%f18
-/* 0x0cf8 1093 (40 43) */ fitod %f5,%f4
-/* 0x0cfc 1094 (41 44) */ fmuld %f8,%f6,%f8
-/* 0x0d00 1095 (42 45) */ fmuld %f10,%f12,%f20
-/* 0x0d04 1096 (43 46) */ fmuld %f10,%f6,%f10
-/* 0x0d08 1097 (43 46) */ fsubd %f16,%f4,%f4
-/* 0x0d0c 1098 (44 47) */ fdtox %f8,%f8
-/* 0x0d10 1099 (44 45) */ std %f8,[%sp+2399]
-/* 0x0d14 1100 (45 48) */ fmuld %f14,%f12,%f8
-/* 0x0d18 1101 (45 48) */ fdtox %f18,%f18
-/* 0x0d1c 1102 (45 46) */ std %f18,[%sp+2407]
-/* 0x0d20 1103 (46 49) */ fdtox %f10,%f10
-/* 0x0d24 1104 (46 47) */ std %f10,[%sp+2383]
-/* 0x0d28 1105 (46 49) */ fmuld %f14,%f6,%f14
-/* 0x0d2c 1106 (47 50) */ fmuld %f4,%f12,%f10
-/* 0x0d30 1107 (47 50) */ fdtox %f20,%f18
-/* 0x0d34 1108 (47 48) */ std %f18,[%sp+2391]
-/* 0x0d38 1109 (48 51) */ fdtox %f8,%f8
-/* 0x0d3c 1110 (48 49) */ std %f8,[%sp+2375]
-/* 0x0d40 1111 (48 51) */ fmuld %f4,%f6,%f4
-/* 0x0d44 1112 (49 52) */ fdtox %f14,%f14
-/* 0x0d48 1113 (49 50) */ std %f14,[%sp+2367]
-/* 0x0d4c 1117 (50 53) */ ldd [%o2+32],%f8
-/* 0x0d50 1118 (50 53) */ fdtox %f10,%f10
-/* 0x0d54 1119 (51 54) */ fdtox %f4,%f4
-/* 0x0d58 1120 (51 52) */ std %f4,[%sp+2351]
-/* 0x0d5c 1121 (52 54) */ fxnor %f0,%f8,%f8
-/* 0x0d60 1122 (52 55) */ ldd [%o2+40],%f14
-/* 0x0d64 1123 (53 54) */ std %f10,[%sp+2359]
-/* 0x0d68 1124 (54 57) */ fitod %f8,%f4
-/* 0x0d6c 1125 (55 57) */ fxnor %f0,%f14,%f10
-/* 0x0d70 1126 (56 59) */ fitod %f9,%f8
-/* 0x0d74 1127 (57 60) */ fsubd %f16,%f4,%f4
-/* 0x0d78 1128 (58 61) */ fitod %f10,%f14
-/* 0x0d7c 1129 (59 62) */ fsubd %f16,%f8,%f8
-/* 0x0d80 1130 (60 63) */ fmuld %f4,%f12,%f18
-/* 0x0d84 1131 (60 63) */ fitod %f11,%f10
-/* 0x0d88 1132 (61 64) */ fmuld %f4,%f6,%f4
-/* 0x0d8c 1133 (61 64) */ fsubd %f16,%f14,%f14
-/* 0x0d90 1134 (62 65) */ fmuld %f8,%f12,%f20
-/* 0x0d94 1135 (63 66) */ fmuld %f8,%f6,%f8
-/* 0x0d98 1136 (63 66) */ fsubd %f16,%f10,%f10
-/* 0x0d9c 1137 (64 67) */ fdtox %f4,%f4
-/* 0x0da0 1138 (64 65) */ std %f4,[%sp+2335]
-/* 0x0da4 1139 (65 68) */ fmuld %f14,%f12,%f4
-/* 0x0da8 1140 (65 68) */ fdtox %f18,%f18
-/* 0x0dac 1141 (65 66) */ std %f18,[%sp+2343]
-/* 0x0db0 1142 (66 69) */ fdtox %f8,%f8
-/* 0x0db4 1143 (66 67) */ std %f8,[%sp+2319]
-/* 0x0db8 1144 (66 69) */ fmuld %f14,%f6,%f14
-/* 0x0dbc 1145 (67 70) */ fmuld %f10,%f12,%f8
-/* 0x0dc0 1146 (67 70) */ fdtox %f20,%f18
-/* 0x0dc4 1147 (67 68) */ std %f18,[%sp+2327]
-/* 0x0dc8 1148 (68 71) */ fdtox %f4,%f4
-/* 0x0dcc 1149 (68 69) */ std %f4,[%sp+2311]
-/* 0x0dd0 1150 (68 71) */ fmuld %f10,%f6,%f10
-/* 0x0dd4 1151 (69 72) */ fdtox %f14,%f14
-/* 0x0dd8 1152 (69 70) */ std %f14,[%sp+2303]
-/* 0x0ddc 1153 (70 73) */ ldd [%o2+48],%f4
-/* 0x0de0 1154 (70 73) */ fdtox %f8,%f8
-/* 0x0de4 1155 (71 74) */ fdtox %f10,%f10
-/* 0x0de8 1156 (71 72) */ std %f10,[%sp+2287]
-/* 0x0dec 1157 (72 74) */ fxnor %f0,%f4,%f4
-/* 0x0df0 1158 (72 75) */ ldd [%o2+56],%f14
-/* 0x0df4 1159 (73 74) */ std %f8,[%sp+2295]
-/* 0x0df8 1160 (74 77) */ fitod %f4,%f10
-/* 0x0dfc 1161 (75 78) */ fitod %f5,%f4
-/* 0x0e00 1162 (76 78) */ fxnor %f0,%f14,%f8
-/* 0x0e04 1163 (77 80) */ fsubd %f16,%f10,%f10
-/* 0x0e08 1164 (78 81) */ fsubd %f16,%f4,%f4
-/* 0x0e0c 1165 (79 82) */ fitod %f8,%f14
-/* 0x0e10 1166 (80 83) */ fmuld %f10,%f12,%f18
-/* 0x0e14 1167 (80 83) */ fitod %f9,%f8
-/* 0x0e18 1168 (81 84) */ fmuld %f10,%f6,%f10
-/* 0x0e1c 1169 (82 85) */ fmuld %f4,%f12,%f20
-/* 0x0e20 1170 (82 85) */ fsubd %f16,%f14,%f14
-/* 0x0e24 1171 (83 86) */ fdtox %f18,%f18
-/* 0x0e28 1172 (83 84) */ std %f18,[%sp+2279]
-/* 0x0e2c 1173 (83 86) */ fmuld %f4,%f6,%f4
-/* 0x0e30 1174 (84 87) */ fdtox %f10,%f10
-/* 0x0e34 1175 (84 85) */ std %f10,[%sp+2271]
-/* 0x0e38 1176 (85 88) */ fdtox %f20,%f10
-/* 0x0e3c 1177 (85 86) */ std %f10,[%sp+2263]
-/* 0x0e40 1178 (86 89) */ fdtox %f4,%f4
-/* 0x0e44 1179 (86 87) */ std %f4,[%sp+2255]
-/* 0x0e48 1180 (86 89) */ fmuld %f14,%f12,%f10
-/* 0x0e4c 1181 (87 90) */ fmuld %f14,%f6,%f4
-/* 0x0e50 1182 (89 92) */ fdtox %f10,%f10
-/* 0x0e54 1183 (89 90) */ std %f10,[%sp+2247]
-/* 0x0e58 1184 (90 93) */ fdtox %f4,%f4
-/* 0x0e5c 1185 (90 91) */ std %f4,[%sp+2239]
-/* 0x0e60 1189 (91 93) */ ldx [%sp+2463],%g2
-/* 0x0e64 1190 (91 94) */ fsubd %f16,%f8,%f4
-/* 0x0e68 1191 (92 94) */ ldx [%sp+2471],%g3
-/* 0x0e6c 1192 (93 96) */ ld [%i1],%g4
-/* 0x0e70 1193 (93 94) */ sllx %g2,19,%g2
-/* 0x0e74 1194 (94 96) */ ldx [%sp+2455],%g5
-/* 0x0e78 1195 (94 95) */ add %g3,%g2,%g2
-/* 0x0e7c 1196 (94 97) */ fmuld %f4,%f6,%f6
-/* 0x0e80 1197 (95 97) */ ldx [%sp+2447],%g3
-/* 0x0e84 1198 (95 96) */ add %g2,%g4,%g4
-/* 0x0e88 1199 (95 98) */ fmuld %f4,%f12,%f4
-/* 0x0e8c 1200 (96 97) */ st %g4,[%i0]
-/* 0x0e90 1201 (96 97) */ srlx %g4,32,%g4
-/* 0x0e94 1202 (97 100) */ ld [%i1+8],%o0
-/* 0x0e98 1203 (97 98) */ sllx %g3,19,%g2
-/* 0x0e9c 1204 (97 100) */ fdtox %f6,%f6
-/* 0x0ea0 1205 (98 101) */ ld [%i1+4],%g3
-/* 0x0ea4 1206 (98 99) */ add %g5,%g2,%g2
-/* 0x0ea8 1207 (98 101) */ fdtox %f4,%f4
-/* 0x0eac 1208 (99 101) */ ldx [%sp+2439],%g5
-/* 0x0eb0 1209 (100 103) */ ld [%i1+12],%o1
-/* 0x0eb4 1210 (100 101) */ add %g2,%g3,%g2
-/* 0x0eb8 1211 (101 103) */ ldx [%sp+2431],%g3
-/* 0x0ebc 1212 (101 102) */ add %g2,%g4,%g4
-/* 0x0ec0 1213 (102 103) */ st %g4,[%i0+4]
-/* 0x0ec4 1214 (103 104) */ std %f6,[%sp+2223]
-/* 0x0ec8 1215 (103 104) */ sllx %g3,19,%g2
-/* 0x0ecc 1216 (104 106) */ ldx [%sp+2423],%g3
-/* 0x0ed0 1217 (104 105) */ add %g5,%g2,%g2
-/* 0x0ed4 1218 (105 107) */ ldx [%sp+2415],%g5
-/* 0x0ed8 1219 (105 106) */ add %g2,%o0,%g2
-/* 0x0edc 1220 (106 107) */ std %f4,[%sp+2231]
-/* 0x0ee0 1221 (106 107) */ srlx %g4,32,%o0
-/* 0x0ee4 1222 (107 109) */ ldx [%sp+2407],%g4
-/* 0x0ee8 1223 (107 108) */ sllx %g5,19,%g5
-/* 0x0eec 1224 (107 108) */ add %g2,%o0,%g2
-/* 0x0ef0 1225 (108 109) */ st %g2,[%i0+8]
-/* 0x0ef4 1226 (108 109) */ srlx %g2,32,%o0
-/* 0x0ef8 1227 (108 109) */ add %g3,%g5,%g3
-/* 0x0efc 1228 (109 111) */ ldx [%sp+2399],%g5
-/* 0x0f00 1229 (109 110) */ add %g3,%o1,%g3
-/* 0x0f04 1230 (110 113) */ ld [%i1+16],%o1
-/* 0x0f08 1231 (110 111) */ add %g3,%o0,%g3
-/* 0x0f0c 1232 (111 112) */ st %g3,[%i0+12]
-/* 0x0f10 1233 (111 112) */ sllx %g5,19,%g5
-/* 0x0f14 1234 (112 113) */ srlx %g3,32,%o0
-/* 0x0f18 1235 (112 113) */ add %g4,%g5,%g2
-/* 0x0f1c 1236 (112 114) */ ldx [%sp+2383],%g5
-/* 0x0f20 1237 (113 115) */ ldx [%sp+2391],%g4
-/* 0x0f24 1238 (113 114) */ add %g2,%o1,%g2
-/* 0x0f28 1239 (114 117) */ ld [%i1+20],%o1
-/* 0x0f2c 1240 (114 115) */ sllx %g5,19,%g5
-/* 0x0f30 1241 (114 115) */ add %g2,%o0,%g2
-/* 0x0f34 1242 (115 116) */ st %g2,[%i0+16]
-/* 0x0f38 1243 (115 116) */ srlx %g2,32,%o0
-/* 0x0f3c 1244 (115 116) */ add %g4,%g5,%g3
-/* 0x0f40 1245 (116 118) */ ldx [%sp+2367],%g5
-/* 0x0f44 1246 (116 117) */ add %g3,%o1,%g3
-/* 0x0f48 1247 (117 119) */ ldx [%sp+2375],%g4
-/* 0x0f4c 1248 (117 118) */ add %g3,%o0,%g3
-/* 0x0f50 1249 (118 121) */ ld [%i1+24],%o1
-/* 0x0f54 1250 (118 119) */ sllx %g5,19,%g5
-/* 0x0f58 1251 (119 120) */ st %g3,[%i0+20]
-/* 0x0f5c 1252 (119 120) */ add %g4,%g5,%g2
-/* 0x0f60 1253 (120 122) */ ldx [%sp+2351],%g5
-/* 0x0f64 1254 (120 121) */ srlx %g3,32,%o0
-/* 0x0f68 1255 (120 121) */ add %g2,%o1,%g2
-/* 0x0f6c 1256 (121 123) */ ldx [%sp+2359],%g4
-/* 0x0f70 1257 (121 122) */ add %g2,%o0,%g2
-/* 0x0f74 1258 (122 125) */ ld [%i1+28],%o1
-/* 0x0f78 1259 (122 123) */ sllx %g5,19,%g5
-/* 0x0f7c 1260 (123 124) */ st %g2,[%i0+24]
-/* 0x0f80 1261 (123 124) */ add %g4,%g5,%g3
-/* 0x0f84 1265 (124 126) */ ldx [%sp+2335],%g5
-/* 0x0f88 1266 (124 125) */ srlx %g2,32,%o0
-/* 0x0f8c 1267 (124 125) */ add %g3,%o1,%g3
-/* 0x0f90 1268 (125 127) */ ldx [%sp+2343],%g4
-/* 0x0f94 1269 (125 126) */ add %g3,%o0,%g3
-/* 0x0f98 1270 (126 127) */ sllx %g5,19,%g5
-/* 0x0f9c 1271 (126 129) */ ld [%i1+32],%o1
-/* 0x0fa0 1272 (127 128) */ add %g4,%g5,%g2
-/* 0x0fa4 1273 (127 129) */ ldx [%sp+2319],%g5
-/* 0x0fa8 1274 (128 130) */ ldx [%sp+2327],%g4
-/* 0x0fac 1275 (128 129) */ srlx %g3,32,%o0
-/* 0x0fb0 1276 (128 129) */ add %g2,%o1,%g2
-/* 0x0fb4 1277 (129 130) */ st %g3,[%i0+28]
-/* 0x0fb8 1278 (129 130) */ sllx %g5,19,%g5
-/* 0x0fbc 1279 (129 130) */ add %g2,%o0,%g2
-/* 0x0fc0 1280 (130 133) */ ld [%i1+36],%o1
-/* 0x0fc4 1281 (130 131) */ add %g4,%g5,%g3
-/* 0x0fc8 1282 (131 133) */ ldx [%sp+2303],%g5
-/* 0x0fcc 1283 (131 132) */ srlx %g2,32,%o0
-/* 0x0fd0 1284 (132 134) */ ldx [%sp+2311],%g4
-/* 0x0fd4 1285 (132 133) */ add %g3,%o1,%g3
-/* 0x0fd8 1286 (133 134) */ sllx %g5,19,%g5
-/* 0x0fdc 1287 (133 134) */ st %g2,[%i0+32]
-/* 0x0fe0 1288 (133 134) */ add %g3,%o0,%g3
-/* 0x0fe4 1289 (134 135) */ add %g4,%g5,%g2
-/* 0x0fe8 1290 (134 136) */ ldx [%sp+2287],%g5
-/* 0x0fec 1291 (135 137) */ ldx [%sp+2295],%g4
-/* 0x0ff0 1292 (135 136) */ srlx %g3,32,%o0
-/* 0x0ff4 1293 (136 139) */ ld [%i1+40],%o1
-/* 0x0ff8 1294 (136 137) */ sllx %g5,19,%g5
-/* 0x0ffc 1295 (137 138) */ st %g3,[%i0+36]
-/* 0x1000 1296 (137 138) */ add %g4,%g5,%g3
-/* 0x1004 1297 (138 140) */ ldx [%sp+2271],%g5
-/* 0x1008 1298 (138 139) */ add %g2,%o1,%g2
-/* 0x100c 1299 (139 141) */ ldx [%sp+2279],%g4
-/* 0x1010 1300 (139 140) */ add %g2,%o0,%g2
-/* 0x1014 1301 (140 143) */ ld [%i1+44],%o1
-/* 0x1018 1302 (140 141) */ sllx %g5,19,%g5
-/* 0x101c 1303 (141 142) */ st %g2,[%i0+40]
-/* 0x1020 1304 (141 142) */ srlx %g2,32,%o0
-/* 0x1024 1305 (141 142) */ add %g4,%g5,%g2
-/* 0x1028 1306 (142 144) */ ldx [%sp+2255],%g5
-/* 0x102c 1307 (142 143) */ add %g3,%o1,%g3
-/* 0x1030 1308 (143 145) */ ldx [%sp+2263],%g4
-/* 0x1034 1309 (143 144) */ add %g3,%o0,%g3
-/* 0x1038 1310 (144 147) */ ld [%i1+48],%o1
-/* 0x103c 1311 (144 145) */ sllx %g5,19,%g5
-/* 0x1040 1312 (145 146) */ srlx %g3,32,%o0
-/* 0x1044 1313 (145 146) */ st %g3,[%i0+44]
-/* 0x1048 1314 (145 146) */ add %g4,%g5,%g3
-/* 0x104c 1315 (146 148) */ ldx [%sp+2239],%g5
-/* 0x1050 1316 (146 147) */ add %g2,%o1,%g2
-/* 0x1054 1317 (147 150) */ ld [%i1+52],%o1
-/* 0x1058 1318 (147 148) */ add %g2,%o0,%g2
-/* 0x105c 1319 (148 150) */ ldx [%sp+2247],%g4
-/* 0x1060 1320 (148 149) */ sllx %g5,19,%g5
-/* 0x1064 1321 (149 150) */ srlx %g2,32,%o0
-/* 0x1068 1322 (149 150) */ st %g2,[%i0+48]
-/* 0x106c 1323 (149 150) */ add %g3,%o1,%g3
-/* 0x1070 1324 (150 153) */ ld [%i1+56],%o1
-/* 0x1074 1325 (150 151) */ add %g4,%g5,%g2
-/* 0x1078 1326 (150 151) */ add %g3,%o0,%g3
-/* 0x107c 1327 (151 153) */ ldx [%sp+2223],%g5
-/* 0x1080 1328 (151 152) */ srlx %g3,32,%o0
-/* 0x1084 1329 (152 154) */ ldx [%sp+2231],%g4
-/* 0x1088 1330 (152 153) */ add %g2,%o1,%g2
-/* 0x108c 1331 (153 154) */ sllx %g5,19,%g5
-/* 0x1090 1332 (153 156) */ ld [%i1+60],%o1
-/* 0x1094 1333 (153 154) */ add %g2,%o0,%g2
-/* 0x1098 1334 (154 155) */ st %g3,[%i0+52]
-/* 0x109c 1335 (154 155) */ add %g4,%g5,%g3
-/* 0x10a0 1336 (155 156) */ st %g2,[%i0+56]
-/* 0x10a4 1337 (155 156) */ srlx %g2,32,%g2
-/* 0x10a8 1338 (155 156) */ add %g3,%o1,%g3
-/* 0x10ac 1339 (156 157) */ add %g3,%g2,%g2
-/* 0x10b0 1340 (156 157) */ st %g2,[%i0+60]
-/* 0x10b4 1344 (157 158) */ srlx %g2,32,%o3
-/* 0x10b8 1345 (158 159) */ srl %o3,0,%i0
-/* 0x10bc (159 161) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x10c0 (161 162) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000073
-!
-
- .L77000073: /* frequency 1.0 confidence 0.0 */
-
-
- or %g0, %i4, %o2
- or %g0, %o0, %o1
- or %g0, %i3, %o0
-
-!
-! ENTRY .L77000052
-!
-
- .L77000052: /* frequency 1.0 confidence 0.0 */
-/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2
-/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+2227]
-/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3
-/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14
-/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2
-/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+2223]
-/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5
-/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2
-/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6
-/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1000),%g1
-/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2
-/* 0x1054 1337 ( 3 4) */ xor %g1,-625,%g1
-/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20
-/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3
-/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8
-/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3
-/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10
-/* 0x106c 1343 ( 5 7) */ ld [%sp+2227],%f9
-/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0
-/* 0x1074 1345 ( 6 8) */ ld [%sp+2223],%f11
-/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1000),%g1
-/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1
-/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18
-/* 0x1084 1349 ( 7 8) */ xor %g1,-617,%g1
-/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4
-/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16
-/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50
-/* 0x1094 ( 8 9) */ subcc %o0,0,%g0
-/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2
-/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1000),%g1
-/* 0x10a0 1356 (10 11) */ xor %g1,-609,%g1
-/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0
-/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7
-/* 0x10ac 1359 (11 12) */ sethi %hi(0x1000),%g1
-/* 0x10b0 1360 (12 13) */ xor %g1,-601,%g1
-/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4
-/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50
-/* 0x10bc (13 14) */ sub %o3,2,%o2
-/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2
-/* 0x10c4 1365 (14 15) */ add %o1,16,%g5
-/* 0x10c8 1366 (14 15) */ or %g0,4,%g4
-/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0
-/* 0x10d0 1368 (15 16) */ add %o1,8,%o1
-/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6
-/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4
-/* 0x10dc 1371 (16 17) */ add %o1,16,%o1
-/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12
-/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0
-/* 0x10e8 1374 (17 18) */ add %o1,8,%o1
-/* 0x10ec 1375 (18 21) */ fitod %f7,%f2
-/* 0x10f0 1376 (19 22) */ fitod %f6,%f6
-/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10
-/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8
-/* 0x1100 1380 (23 26) */ fitod %f13,%f4
-/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6
-/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000154
-!
-
- .L990000154: /* frequency 1.0 confidence 0.0 */
-/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24
-/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4
-/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4
-/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22
-/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26
-/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0
-/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7
-/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28
-/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6
-/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2
-/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3
-/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0
-/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4
-/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2
-/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12
-/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6
-/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96]
-/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96]
-/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2
-/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6
-/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96]
-/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1
-/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12
-/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4
-/* 0x116c 1408 (10 11) */ std %f0,[%o4-96]
-/* 0x1170 1409 (11 14) */ ldd [%o1],%f0
-/* 0x1174 1410 (11 14) */ fitod %f9,%f2
-/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28
-/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24
-/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22
-/* 0x1184 1414 (13 16) */ fdtox %f4,%f4
-/* 0x1188 1415 (14 17) */ fitod %f10,%f6
-/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10
-/* 0x1190 1417 (15 18) */ fdtox %f24,%f24
-/* 0x1194 1418 (16 19) */ fdtox %f22,%f22
-/* 0x1198 1419 (16 17) */ std %f24,[%g3-64]
-/* 0x119c 1420 (17 18) */ std %f22,[%g2-64]
-/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10
-/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6
-/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64]
-/* 0x11ac 1424 (18 19) */ add %o1,8,%o1
-/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10
-/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0
-/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64]
-/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22
-/* 0x11c0 1429 (20 23) */ fitod %f13,%f4
-/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26
-/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24
-/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0
-/* 0x11d4 1434 (23 26) */ fitod %f8,%f6
-/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8
-/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26
-/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24
-/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32]
-/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32]
-/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8
-/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6
-/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32]
-/* 0x11f8 1443 (27 28) */ add %o1,8,%o1
-/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8
-/* 0x1200 1445 (28 29) */ std %f0,[%o4-32]
-/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50
-/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000157
-!
-
- .L990000157: /* frequency 1.0 confidence 0.0 */
-/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28
-/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24
-/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3
-/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12
-/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26
-/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2
-/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4
-/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22
-/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7
-/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6
-/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128]
-/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4
-/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2
-/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0
-/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6
-/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24
-/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10
-/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128]
-/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10
-/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128]
-/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26
-/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10
-/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2
-/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22
-/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12
-/* 0x1270 1474 (10 13) */ fdtox %f0,%f0
-/* 0x1274 1475 (10 11) */ std %f0,[%o4-128]
-/* 0x1278 1476 (11 14) */ fitod %f8,%f4
-/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6
-/* 0x1280 1478 (12 15) */ fdtox %f26,%f0
-/* 0x1284 1479 (12 13) */ std %f0,[%g3-96]
-/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10
-/* 0x128c 1481 (13 16) */ fdtox %f2,%f2
-/* 0x1290 1482 (13 14) */ std %f2,[%g2-96]
-/* 0x1294 1483 (14 17) */ fitod %f9,%f0
-/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2
-/* 0x129c 1485 (15 18) */ fdtox %f24,%f8
-/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96]
-/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4
-/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8
-/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12
-/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96]
-/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0
-/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6
-/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64]
-/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10
-/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64]
-/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6
-/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2
-/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64]
-/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4
-/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2
-/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8
-/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64]
-/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6
-/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32]
-/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0
-/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4
-/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32]
-/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2
-/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32]
-/* 0x1300 1510 (26 29) */ fdtox %f0,%f0
-/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50
-/* 0x1308 (26 27) */ std %f0,[%o4-32]
-
-!
-! ENTRY .L77000054
-!
-
- .L77000054: /* frequency 1.0 confidence 0.0 */
-/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0
-
-!
-! ENTRY .L990000161
-!
-
- .L990000161: /* frequency 1.0 confidence 0.0 */
-/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0
-/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4
-/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1
-/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0
-/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2
-/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0
-/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2
-/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0
-/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6
-/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4
-/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2
-/* 0x133c 1527 (11 14) */ fdtox %f6,%f6
-/* 0x1340 1528 (11 12) */ std %f6,[%g3]
-/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0
-/* 0x1348 1530 (12 15) */ fdtox %f4,%f4
-/* 0x134c 1531 (12 13) */ std %f4,[%g2]
-/* 0x1350 1532 (12 13) */ add %g2,32,%g2
-/* 0x1354 1533 (13 16) */ fdtox %f2,%f2
-/* 0x1358 1534 (13 14) */ std %f2,[%o7]
-/* 0x135c 1535 (13 14) */ add %o7,32,%o7
-/* 0x1360 1536 (14 17) */ fdtox %f0,%f0
-/* 0x1364 1537 (14 15) */ std %f0,[%o4]
-/* 0x1368 1538 (14 15) */ add %o4,32,%o4
-/* 0x136c 1539 (15 16) */ add %g3,32,%g3
-/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50
-/* 0x1374 (16 19) */ ldd [%o1],%f0
-
-!
-! ENTRY .L77000056
-!
-
- .L77000056: /* frequency 1.0 confidence 0.0 */
-/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0
-
-!
-! ENTRY .L990000162
-!
-
- .L990000162: /* frequency 1.0 confidence 0.0 */
-/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50
-/* 0x1380 ( 0 1) */ nop
-/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1000),%g1
-/* 0x1388 1556 ( 1 2) */ xor %g1,-625,%g1
-/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4
-/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5
-/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1000),%g1
-/* 0x1398 1560 ( 3 4) */ xor %g1,-617,%g1
-/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7
-/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2
-/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2
-/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3
-/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0
-/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50
-/* 0x13b4 ( 6 7) */ sethi %hi(0x1000),%g1
-/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2
-/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3
-/* 0x13c0 1570 ( 7 8) */ xor %g1,-585,%g1
-/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4
-/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2
-/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1000),%g1
-/* 0x13d0 1574 ( 9 10) */ xor %g1,-593,%g1
-/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2
-/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5
-/* 0x13dc 1577 (10 11) */ sethi %hi(0x1000),%g1
-/* 0x13e0 1578 (11 12) */ xor %g1,-617,%g1
-/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1
-/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1
-/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0
-/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1
-/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3
-/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0
-/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1
-/* 0x1400 1586 (16 17) */ add %g4,8,%g4
-/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3
-/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0
-/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2
-/* 0x1410 1590 (18 19) */ st %o0,[%g3-4]
-/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000142
-!
-
- .L990000142: /* frequency 1.0 confidence 0.0 */
-/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2
-/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2
-/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3
-/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5
-/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1
-/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0
-/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2
-/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0
-/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1
-/* 0x143c 1602 ( 4 5) */ st %o1,[%g3]
-/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5
-/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0
-/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1
-/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0
-/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3
-/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2
-/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0
-/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3
-/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1
-/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0
-/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12]
-/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5
-/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4
-/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0
-/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1
-/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2
-/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3
-/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2
-/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1
-/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0
-/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2
-/* 0x1494 1624 (12 13) */ st %o2,[%g3-8]
-/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5
-/* 0x149c 1626 (12 13) */ add %g5,64,%g5
-/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2
-/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0
-/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1
-/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0
-/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3
-/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2
-/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0
-/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4]
-/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50
-/* 0x14c4 (16 17) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000145
-!
-
- .L990000145: /* frequency 1.0 confidence 0.0 */
-/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3
-/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3
-/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2
-/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0
-/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0
-/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4]
-/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0
-/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50
-/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5
-
-!
-! ENTRY .L77000058
-!
-
- .L77000058: /* frequency 1.0 confidence 0.0 */
-/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2
-
-!
-! ENTRY .L990000160
-!
-
- .L990000160: /* frequency 1.0 confidence 0.0 */
-/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3
-/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0
-/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2
-/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1
-/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2
-/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2
-/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0
-/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5
-/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0
-/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4
-/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0
-/* 0x151c 1661 ( 4 5) */ st %o0,[%g3]
-/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0
-/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5
-/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3
-/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50
-/* 0x1530 ( 6 8) */ ldx [%g2],%o2
-
-!
-! ENTRY .L77770061
-!
-
- .L77770061: /* frequency 1.0 confidence 0.0 */
-/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0
-
-
-/* 0x124c 1476 ( 0 0) */ .type mul_add,2
-/* 0x124c 1477 ( 0 0) */ .size mul_add,(.-mul_add)
-/* 0x124c 1480 ( 0 0) */ .align 8
-/* 0x1250 1486 ( 0 0) */ .global mul_add_inp
-
-!
-! ENTRY mul_add_inp
-!
-
- .global mul_add_inp
- mul_add_inp: /* frequency 1.0 confidence 0.0 */
-/* 0x1250 1488 ( 0 1) */ save %sp,-176,%sp
-/* 0x1254 1500 ( 1 2) */ sra %i2,0,%o3
-/* 0x1258 1501 ( 1 2) */ or %g0,%i1,%o2
-/* 0x125c 1502 ( 2 3) */ or %g0,%i0,%o0
-/* 0x1260 1503 ( 2 3) */ or %g0,%i0,%o1
-/* 0x1264 1504 ( 3 5) */ call mul_add ! params = ! Result =
-/* 0x1268 ( 4 5) */ srl %i3,0,%o4
-/* 0x126c 1506 ( 5 6) */ srl %o0,0,%i0
-/* 0x1270 ( 6 8) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x1274 ( 8 9) */ restore %g0,%g0,%g0
-/* 0x1278 1509 ( 0 0) */ .type mul_add_inp,2
-/* 0x1278 1510 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp)
-
- .section ".data",#alloc,#write
-/* 0x1278 6 ( 0 0) */ .align 8
-
-!
-! ENTRY mask_cnst
-!
-
- mask_cnst: /* frequency 1.0 confidence 0.0 */
-/* 0x1278 8 ( 0 0) */ .xword -9223372034707292160
-/* 0x1280 9 ( 0 0) */ .type mask_cnst,#object
-/* 0x1280 10 ( 0 0) */ .size mask_cnst,8
-
diff --git a/security/nss/lib/freebl/mpi/mpvalpha.c b/security/nss/lib/freebl/mpi/mpvalpha.c
deleted file mode 100644
index 5118e73c3..000000000
--- a/security/nss/lib/freebl/mpi/mpvalpha.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Multiple Precision Integer optimization code for
- * the Compaq Alpha processor.
- *
- * The Initial Developer of the Original Code is
- * Richard C. Swift.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s): Richard C. Swift (swift@netscape.com)
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "mpi-priv.h"
-#include <c_asm.h>
-
-
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { Plo = asm ("mulq %a0, %a1, %v0", a, b); \
- Phi = asm ("umulh %a0, %a1, %v0", a, b); } \
-
-/* This is empty for the loop in s_mpv_mul_d */
-#define CARRY_ADD
-
-#define ONE_MUL \
- a_i = *a++; \
- MP_MUL_DxD(a_i, b, a1b1, a0b0); \
- a0b0 += carry; \
- if (a0b0 < carry) \
- ++a1b1; \
- CARRY_ADD \
- *c++ = a0b0; \
- carry = a1b1; \
-
-#define FOUR_MUL \
- ONE_MUL \
- ONE_MUL \
- ONE_MUL \
- ONE_MUL \
-
-#define SIXTEEN_MUL \
- FOUR_MUL \
- FOUR_MUL \
- FOUR_MUL \
- FOUR_MUL \
-
-#define THIRTYTWO_MUL \
- SIXTEEN_MUL \
- SIXTEEN_MUL \
-
-#define ONETWENTYEIGHT_MUL \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
-
-
-#define EXPAND_256(CALL) \
- mp_digit carry = 0; \
- mp_digit a_i; \
- mp_digit a0b0, a1b1; \
- if (a_len &255) { \
- if (a_len &1) { \
- ONE_MUL \
- } \
- if (a_len &2) { \
- ONE_MUL \
- ONE_MUL \
- } \
- if (a_len &4) { \
- FOUR_MUL \
- } \
- if (a_len &8) { \
- FOUR_MUL \
- FOUR_MUL \
- } \
- if (a_len & 16 ) { \
- SIXTEEN_MUL \
- } \
- if (a_len & 32 ) { \
- THIRTYTWO_MUL \
- } \
- if (a_len & 64 ) { \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
- } \
- if (a_len & 128) { \
- ONETWENTYEIGHT_MUL \
- } \
- a_len = a_len & (-256); \
- } \
- if (a_len>=256 ) { \
- carry = CALL(a, a_len, b, c, carry); \
- c += a_len; \
- } \
-
-#define FUNC_NAME(NAME) \
-mp_digit NAME(const mp_digit *a, \
- mp_size a_len, \
- mp_digit b, mp_digit *c, \
- mp_digit carry) \
-
-#define DECLARE_MUL_256(FNAME) \
-FUNC_NAME(FNAME) \
-{ \
- mp_digit a_i; \
- mp_digit a0b0, a1b1; \
- while (a_len) { \
- ONETWENTYEIGHT_MUL \
- ONETWENTYEIGHT_MUL \
- a_len-= 256; \
- } \
- return carry; \
-} \
-
-/* Expanding the loop in s_mpv_mul_d appeared to slow down the
- (admittedly) small number of tests (i.e., timetest) used to
- measure performance, so this define disables that optimization. */
-#define DO_NOT_EXPAND 1
-
-/* Need forward declaration so it can be instantiated after
- the routine that uses it; this helps locality somewhat */
-#if !defined(DO_NOT_EXPAND)
-FUNC_NAME(s_mpv_mul_d_MUL256);
-#endif
-
-/* c = a * b */
-void s_mpv_mul_d(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c)
-{
-#if defined(DO_NOT_EXPAND)
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
-#else
- EXPAND_256(s_mpv_mul_d_MUL256)
-#endif
- *c = carry;
-}
-
-#if !defined(DO_NOT_EXPAND)
-DECLARE_MUL_256(s_mpv_mul_d_MUL256)
-#endif
-
-#undef CARRY_ADD
-/* This is redefined for the loop in s_mpv_mul_d_add */
-#define CARRY_ADD \
- a0b0 += a_i = *c; \
- if (a0b0 < a_i) \
- ++a1b1; \
-
-/* Need forward declaration so it can be instantiated between the
- two routines that use it; this helps locality somewhat */
-FUNC_NAME(s_mpv_mul_d_add_MUL256);
-
-/* c += a * b */
-void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c)
-{
- EXPAND_256(s_mpv_mul_d_add_MUL256)
- *c = carry;
-}
-
-/* Instantiate multiply 256 routine here */
-DECLARE_MUL_256(s_mpv_mul_d_add_MUL256)
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c)
-{
- EXPAND_256(s_mpv_mul_d_add_MUL256)
- while (carry) {
- mp_digit c_i = *c;
- carry += c_i;
- *c++ = carry;
- carry = carry < c_i;
- }
-}
-
diff --git a/security/nss/lib/freebl/mpi/mulsqr.c b/security/nss/lib/freebl/mpi/mulsqr.c
deleted file mode 100644
index db2b5ce8a..000000000
--- a/security/nss/lib/freebl/mpi/mulsqr.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Test whether to include squaring code given the current settings
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_SQUARE 1 /* make sure squaring code is included */
-
-#include "mpi.h"
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- int ntests, prec, ix;
- unsigned int seed;
- clock_t start, stop;
- double multime, sqrtime;
- mp_int a, c;
-
- seed = (unsigned int)time(NULL);
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <ntests> <nbits>\n", argv[0]);
- return 1;
- }
-
- if((ntests = abs(atoi(argv[1]))) == 0) {
- fprintf(stderr, "%s: must request at least 1 test.\n", argv[0]);
- return 1;
- }
- if((prec = abs(atoi(argv[2]))) < CHAR_BIT) {
- fprintf(stderr, "%s: must request at least %d bits.\n", argv[0],
- CHAR_BIT);
- return 1;
- }
-
- prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-
- mp_init_size(&a, prec);
- mp_init_size(&c, 2 * prec);
-
- /* Test multiplication by self */
- srand(seed);
- start = clock();
- for(ix = 0; ix < ntests; ix++) {
- mpp_random_size(&a, prec);
- mp_mul(&a, &a, &c);
- }
- stop = clock();
-
- multime = (double)(stop - start) / CLOCKS_PER_SEC;
-
- /* Test squaring */
- srand(seed);
- start = clock();
- for(ix = 0; ix < ntests; ix++) {
- mpp_random_size(&a, prec);
- mp_sqr(&a, &c);
- }
- stop = clock();
-
- sqrtime = (double)(stop - start) / CLOCKS_PER_SEC;
-
- printf("Multiply: %.4f\n", multime);
- printf("Square: %.4f\n", sqrtime);
- if(multime < sqrtime) {
- printf("Speedup: %.1f%%\n", 100.0 * (1.0 - multime / sqrtime));
- printf("Prefer: multiply\n");
- } else {
- printf("Speedup: %.1f%%\n", 100.0 * (1.0 - sqrtime / multime));
- printf("Prefer: square\n");
- }
-
- mp_clear(&a); mp_clear(&c);
- return 0;
-
-}
diff --git a/security/nss/lib/freebl/mpi/multest b/security/nss/lib/freebl/mpi/multest
deleted file mode 100755
index 08fec8388..000000000
--- a/security/nss/lib/freebl/mpi/multest
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/bin/sh
-#
-# multest
-#
-# Run multiply and square timing tests, to compute a chart for the
-# current processor and compiler combination.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-ECHO=/bin/echo
-MAKE=gmake
-
-$ECHO "\n** Running multiply and square timing tests\n"
-
-$ECHO "Bringing 'mulsqr' up to date ... "
-if $MAKE mulsqr ; then
- :
-else
- $ECHO "\nMake failed to build mulsqr.\n"
- exit 1
-fi
-
-if [ ! -x ./mulsqr ] ; then
- $ECHO "\nCannot find 'mulsqr' program, testing cannot continue.\n"
- exit 1
-fi
-
-sizes='64 128 192 256 320 384 448 512 640 768 896 1024 1536 2048'
-ntests=500000
-
-$ECHO "Running timing tests, please wait ... "
-
-trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
-
-touch tt$$.tmp
-$ECHO $ntests tests >> tt$$.tmp
-for size in $sizes ; do
- $ECHO "$size bits ... \c"
- set -A res `./mulsqr $ntests $size|head -3|tr -d '%'|awk '{print $2}'`
- $ECHO $size"\t"${res[0]}"\t"${res[1]}"\t"${res[2]} >> tt$$.tmp
- $ECHO "(done)"
-done
-mv tt$$.tmp mulsqr-results.txt
-rm -f tt$$.tmp
-
-$ECHO "\n** Running Karatsuba-Ofman multiplication tests\n"
-
-$ECHO "Brining 'karatsuba' up to date ... "
-if $MAKE karatsuba ; then
- :
-else
- $ECHO "\nMake failed to build karatsuba.\n"
- exit 1
-fi
-
-if [ ! -x ./karatsuba ] ; then
- $ECHO "\nCannot find 'karatsuba' program, testing cannot continue.\n"
- exit 1
-fi
-
-ntests=100000
-
-trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
-
-touch tt$$.tmp
-for size in $sizes ; do
- $ECHO "$size bits ... "
- ./karatsuba $ntests $size >> tt$$.tmp
- tail -2 tt$$.tmp
-done
-mv tt$$.tmp karatsuba-results.txt
-rm -f tt$$.tmp
-
-exit 0
diff --git a/security/nss/lib/freebl/mpi/primes.c b/security/nss/lib/freebl/mpi/primes.c
deleted file mode 100644
index 14f927b6c..000000000
--- a/security/nss/lib/freebl/mpi/primes.c
+++ /dev/null
@@ -1,871 +0,0 @@
-/*
- * These tables of primes wwere generated using the 'sieve' program
- * (sieve.c) and converted to this format with 'ptab.pl'.
- *
- * The 'small' table is just the first 128 primes. The 'large' table
- * is a table of all the prime values that will fit into a single
- * mp_digit (given the current size of an mp_digit, which is two bytes).
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#if SMALL_TABLE
-#define MP_PRIME_TAB_SIZE 128
-#else
-#define MP_PRIME_TAB_SIZE 6542
-#endif
-
-const int prime_tab_size = MP_PRIME_TAB_SIZE;
-const mp_digit prime_tab[] = {
- 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
- 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
- 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
- 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083,
- 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
- 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
- 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
- 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
- 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
- 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
- 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
- 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
- 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
- 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
- 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
- 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
-#if ! SMALL_TABLE
- 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
- 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
- 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
- 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
- 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
- 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
- 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
- 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
- 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
- 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
- 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
- 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
- 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
- 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
- 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
- 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653,
- 0x0655, 0x065B, 0x0665, 0x0679, 0x067F, 0x0683, 0x0685, 0x069D,
- 0x06A1, 0x06A3, 0x06AD, 0x06B9, 0x06BB, 0x06C5, 0x06CD, 0x06D3,
- 0x06D9, 0x06DF, 0x06F1, 0x06F7, 0x06FB, 0x06FD, 0x0709, 0x0713,
- 0x071F, 0x0727, 0x0737, 0x0745, 0x074B, 0x074F, 0x0751, 0x0755,
- 0x0757, 0x0761, 0x076D, 0x0773, 0x0779, 0x078B, 0x078D, 0x079D,
- 0x079F, 0x07B5, 0x07BB, 0x07C3, 0x07C9, 0x07CD, 0x07CF, 0x07D3,
- 0x07DB, 0x07E1, 0x07EB, 0x07ED, 0x07F7, 0x0805, 0x080F, 0x0815,
- 0x0821, 0x0823, 0x0827, 0x0829, 0x0833, 0x083F, 0x0841, 0x0851,
- 0x0853, 0x0859, 0x085D, 0x085F, 0x0869, 0x0871, 0x0883, 0x089B,
- 0x089F, 0x08A5, 0x08AD, 0x08BD, 0x08BF, 0x08C3, 0x08CB, 0x08DB,
- 0x08DD, 0x08E1, 0x08E9, 0x08EF, 0x08F5, 0x08F9, 0x0905, 0x0907,
- 0x091D, 0x0923, 0x0925, 0x092B, 0x092F, 0x0935, 0x0943, 0x0949,
- 0x094D, 0x094F, 0x0955, 0x0959, 0x095F, 0x096B, 0x0971, 0x0977,
- 0x0985, 0x0989, 0x098F, 0x099B, 0x09A3, 0x09A9, 0x09AD, 0x09C7,
- 0x09D9, 0x09E3, 0x09EB, 0x09EF, 0x09F5, 0x09F7, 0x09FD, 0x0A13,
- 0x0A1F, 0x0A21, 0x0A31, 0x0A39, 0x0A3D, 0x0A49, 0x0A57, 0x0A61,
- 0x0A63, 0x0A67, 0x0A6F, 0x0A75, 0x0A7B, 0x0A7F, 0x0A81, 0x0A85,
- 0x0A8B, 0x0A93, 0x0A97, 0x0A99, 0x0A9F, 0x0AA9, 0x0AAB, 0x0AB5,
- 0x0ABD, 0x0AC1, 0x0ACF, 0x0AD9, 0x0AE5, 0x0AE7, 0x0AED, 0x0AF1,
- 0x0AF3, 0x0B03, 0x0B11, 0x0B15, 0x0B1B, 0x0B23, 0x0B29, 0x0B2D,
- 0x0B3F, 0x0B47, 0x0B51, 0x0B57, 0x0B5D, 0x0B65, 0x0B6F, 0x0B7B,
- 0x0B89, 0x0B8D, 0x0B93, 0x0B99, 0x0B9B, 0x0BB7, 0x0BB9, 0x0BC3,
- 0x0BCB, 0x0BCF, 0x0BDD, 0x0BE1, 0x0BE9, 0x0BF5, 0x0BFB, 0x0C07,
- 0x0C0B, 0x0C11, 0x0C25, 0x0C2F, 0x0C31, 0x0C41, 0x0C5B, 0x0C5F,
- 0x0C61, 0x0C6D, 0x0C73, 0x0C77, 0x0C83, 0x0C89, 0x0C91, 0x0C95,
- 0x0C9D, 0x0CB3, 0x0CB5, 0x0CB9, 0x0CBB, 0x0CC7, 0x0CE3, 0x0CE5,
- 0x0CEB, 0x0CF1, 0x0CF7, 0x0CFB, 0x0D01, 0x0D03, 0x0D0F, 0x0D13,
- 0x0D1F, 0x0D21, 0x0D2B, 0x0D2D, 0x0D3D, 0x0D3F, 0x0D4F, 0x0D55,
- 0x0D69, 0x0D79, 0x0D81, 0x0D85, 0x0D87, 0x0D8B, 0x0D8D, 0x0DA3,
- 0x0DAB, 0x0DB7, 0x0DBD, 0x0DC7, 0x0DC9, 0x0DCD, 0x0DD3, 0x0DD5,
- 0x0DDB, 0x0DE5, 0x0DE7, 0x0DF3, 0x0DFD, 0x0DFF, 0x0E09, 0x0E17,
- 0x0E1D, 0x0E21, 0x0E27, 0x0E2F, 0x0E35, 0x0E3B, 0x0E4B, 0x0E57,
- 0x0E59, 0x0E5D, 0x0E6B, 0x0E71, 0x0E75, 0x0E7D, 0x0E87, 0x0E8F,
- 0x0E95, 0x0E9B, 0x0EB1, 0x0EB7, 0x0EB9, 0x0EC3, 0x0ED1, 0x0ED5,
- 0x0EDB, 0x0EED, 0x0EEF, 0x0EF9, 0x0F07, 0x0F0B, 0x0F0D, 0x0F17,
- 0x0F25, 0x0F29, 0x0F31, 0x0F43, 0x0F47, 0x0F4D, 0x0F4F, 0x0F53,
- 0x0F59, 0x0F5B, 0x0F67, 0x0F6B, 0x0F7F, 0x0F95, 0x0FA1, 0x0FA3,
- 0x0FA7, 0x0FAD, 0x0FB3, 0x0FB5, 0x0FBB, 0x0FD1, 0x0FD3, 0x0FD9,
- 0x0FE9, 0x0FEF, 0x0FFB, 0x0FFD, 0x1003, 0x100F, 0x101F, 0x1021,
- 0x1025, 0x102B, 0x1039, 0x103D, 0x103F, 0x1051, 0x1069, 0x1073,
- 0x1079, 0x107B, 0x1085, 0x1087, 0x1091, 0x1093, 0x109D, 0x10A3,
- 0x10A5, 0x10AF, 0x10B1, 0x10BB, 0x10C1, 0x10C9, 0x10E7, 0x10F1,
- 0x10F3, 0x10FD, 0x1105, 0x110B, 0x1115, 0x1127, 0x112D, 0x1139,
- 0x1145, 0x1147, 0x1159, 0x115F, 0x1163, 0x1169, 0x116F, 0x1181,
- 0x1183, 0x118D, 0x119B, 0x11A1, 0x11A5, 0x11A7, 0x11AB, 0x11C3,
- 0x11C5, 0x11D1, 0x11D7, 0x11E7, 0x11EF, 0x11F5, 0x11FB, 0x120D,
- 0x121D, 0x121F, 0x1223, 0x1229, 0x122B, 0x1231, 0x1237, 0x1241,
- 0x1247, 0x1253, 0x125F, 0x1271, 0x1273, 0x1279, 0x127D, 0x128F,
- 0x1297, 0x12AF, 0x12B3, 0x12B5, 0x12B9, 0x12BF, 0x12C1, 0x12CD,
- 0x12D1, 0x12DF, 0x12FD, 0x1307, 0x130D, 0x1319, 0x1327, 0x132D,
- 0x1337, 0x1343, 0x1345, 0x1349, 0x134F, 0x1357, 0x135D, 0x1367,
- 0x1369, 0x136D, 0x137B, 0x1381, 0x1387, 0x138B, 0x1391, 0x1393,
- 0x139D, 0x139F, 0x13AF, 0x13BB, 0x13C3, 0x13D5, 0x13D9, 0x13DF,
- 0x13EB, 0x13ED, 0x13F3, 0x13F9, 0x13FF, 0x141B, 0x1421, 0x142F,
- 0x1433, 0x143B, 0x1445, 0x144D, 0x1459, 0x146B, 0x146F, 0x1471,
- 0x1475, 0x148D, 0x1499, 0x149F, 0x14A1, 0x14B1, 0x14B7, 0x14BD,
- 0x14CB, 0x14D5, 0x14E3, 0x14E7, 0x1505, 0x150B, 0x1511, 0x1517,
- 0x151F, 0x1525, 0x1529, 0x152B, 0x1537, 0x153D, 0x1541, 0x1543,
- 0x1549, 0x155F, 0x1565, 0x1567, 0x156B, 0x157D, 0x157F, 0x1583,
- 0x158F, 0x1591, 0x1597, 0x159B, 0x15B5, 0x15BB, 0x15C1, 0x15C5,
- 0x15CD, 0x15D7, 0x15F7, 0x1607, 0x1609, 0x160F, 0x1613, 0x1615,
- 0x1619, 0x161B, 0x1625, 0x1633, 0x1639, 0x163D, 0x1645, 0x164F,
- 0x1655, 0x1669, 0x166D, 0x166F, 0x1675, 0x1693, 0x1697, 0x169F,
- 0x16A9, 0x16AF, 0x16B5, 0x16BD, 0x16C3, 0x16CF, 0x16D3, 0x16D9,
- 0x16DB, 0x16E1, 0x16E5, 0x16EB, 0x16ED, 0x16F7, 0x16F9, 0x1709,
- 0x170F, 0x1723, 0x1727, 0x1733, 0x1741, 0x175D, 0x1763, 0x1777,
- 0x177B, 0x178D, 0x1795, 0x179B, 0x179F, 0x17A5, 0x17B3, 0x17B9,
- 0x17BF, 0x17C9, 0x17CB, 0x17D5, 0x17E1, 0x17E9, 0x17F3, 0x17F5,
- 0x17FF, 0x1807, 0x1813, 0x181D, 0x1835, 0x1837, 0x183B, 0x1843,
- 0x1849, 0x184D, 0x1855, 0x1867, 0x1871, 0x1877, 0x187D, 0x187F,
- 0x1885, 0x188F, 0x189B, 0x189D, 0x18A7, 0x18AD, 0x18B3, 0x18B9,
- 0x18C1, 0x18C7, 0x18D1, 0x18D7, 0x18D9, 0x18DF, 0x18E5, 0x18EB,
- 0x18F5, 0x18FD, 0x1915, 0x191B, 0x1931, 0x1933, 0x1945, 0x1949,
- 0x1951, 0x195B, 0x1979, 0x1981, 0x1993, 0x1997, 0x1999, 0x19A3,
- 0x19A9, 0x19AB, 0x19B1, 0x19B5, 0x19C7, 0x19CF, 0x19DB, 0x19ED,
- 0x19FD, 0x1A03, 0x1A05, 0x1A11, 0x1A17, 0x1A21, 0x1A23, 0x1A2D,
- 0x1A2F, 0x1A35, 0x1A3F, 0x1A4D, 0x1A51, 0x1A69, 0x1A6B, 0x1A7B,
- 0x1A7D, 0x1A87, 0x1A89, 0x1A93, 0x1AA7, 0x1AAB, 0x1AAD, 0x1AB1,
- 0x1AB9, 0x1AC9, 0x1ACF, 0x1AD5, 0x1AD7, 0x1AE3, 0x1AF3, 0x1AFB,
- 0x1AFF, 0x1B05, 0x1B23, 0x1B25, 0x1B2F, 0x1B31, 0x1B37, 0x1B3B,
- 0x1B41, 0x1B47, 0x1B4F, 0x1B55, 0x1B59, 0x1B65, 0x1B6B, 0x1B73,
- 0x1B7F, 0x1B83, 0x1B91, 0x1B9D, 0x1BA7, 0x1BBF, 0x1BC5, 0x1BD1,
- 0x1BD7, 0x1BD9, 0x1BEF, 0x1BF7, 0x1C09, 0x1C13, 0x1C19, 0x1C27,
- 0x1C2B, 0x1C2D, 0x1C33, 0x1C3D, 0x1C45, 0x1C4B, 0x1C4F, 0x1C55,
- 0x1C73, 0x1C81, 0x1C8B, 0x1C8D, 0x1C99, 0x1CA3, 0x1CA5, 0x1CB5,
- 0x1CB7, 0x1CC9, 0x1CE1, 0x1CF3, 0x1CF9, 0x1D09, 0x1D1B, 0x1D21,
- 0x1D23, 0x1D35, 0x1D39, 0x1D3F, 0x1D41, 0x1D4B, 0x1D53, 0x1D5D,
- 0x1D63, 0x1D69, 0x1D71, 0x1D75, 0x1D7B, 0x1D7D, 0x1D87, 0x1D89,
- 0x1D95, 0x1D99, 0x1D9F, 0x1DA5, 0x1DA7, 0x1DB3, 0x1DB7, 0x1DC5,
- 0x1DD7, 0x1DDB, 0x1DE1, 0x1DF5, 0x1DF9, 0x1E01, 0x1E07, 0x1E0B,
- 0x1E13, 0x1E17, 0x1E25, 0x1E2B, 0x1E2F, 0x1E3D, 0x1E49, 0x1E4D,
- 0x1E4F, 0x1E6D, 0x1E71, 0x1E89, 0x1E8F, 0x1E95, 0x1EA1, 0x1EAD,
- 0x1EBB, 0x1EC1, 0x1EC5, 0x1EC7, 0x1ECB, 0x1EDD, 0x1EE3, 0x1EEF,
- 0x1EF7, 0x1EFD, 0x1F01, 0x1F0D, 0x1F0F, 0x1F1B, 0x1F39, 0x1F49,
- 0x1F4B, 0x1F51, 0x1F67, 0x1F75, 0x1F7B, 0x1F85, 0x1F91, 0x1F97,
- 0x1F99, 0x1F9D, 0x1FA5, 0x1FAF, 0x1FB5, 0x1FBB, 0x1FD3, 0x1FE1,
- 0x1FE7, 0x1FEB, 0x1FF3, 0x1FFF, 0x2011, 0x201B, 0x201D, 0x2027,
- 0x2029, 0x202D, 0x2033, 0x2047, 0x204D, 0x2051, 0x205F, 0x2063,
- 0x2065, 0x2069, 0x2077, 0x207D, 0x2089, 0x20A1, 0x20AB, 0x20B1,
- 0x20B9, 0x20C3, 0x20C5, 0x20E3, 0x20E7, 0x20ED, 0x20EF, 0x20FB,
- 0x20FF, 0x210D, 0x2113, 0x2135, 0x2141, 0x2149, 0x214F, 0x2159,
- 0x215B, 0x215F, 0x2173, 0x217D, 0x2185, 0x2195, 0x2197, 0x21A1,
- 0x21AF, 0x21B3, 0x21B5, 0x21C1, 0x21C7, 0x21D7, 0x21DD, 0x21E5,
- 0x21E9, 0x21F1, 0x21F5, 0x21FB, 0x2203, 0x2209, 0x220F, 0x221B,
- 0x2221, 0x2225, 0x222B, 0x2231, 0x2239, 0x224B, 0x224F, 0x2263,
- 0x2267, 0x2273, 0x2275, 0x227F, 0x2285, 0x2287, 0x2291, 0x229D,
- 0x229F, 0x22A3, 0x22B7, 0x22BD, 0x22DB, 0x22E1, 0x22E5, 0x22ED,
- 0x22F7, 0x2303, 0x2309, 0x230B, 0x2327, 0x2329, 0x232F, 0x2333,
- 0x2335, 0x2345, 0x2351, 0x2353, 0x2359, 0x2363, 0x236B, 0x2383,
- 0x238F, 0x2395, 0x23A7, 0x23AD, 0x23B1, 0x23BF, 0x23C5, 0x23C9,
- 0x23D5, 0x23DD, 0x23E3, 0x23EF, 0x23F3, 0x23F9, 0x2405, 0x240B,
- 0x2417, 0x2419, 0x2429, 0x243D, 0x2441, 0x2443, 0x244D, 0x245F,
- 0x2467, 0x246B, 0x2479, 0x247D, 0x247F, 0x2485, 0x249B, 0x24A1,
- 0x24AF, 0x24B5, 0x24BB, 0x24C5, 0x24CB, 0x24CD, 0x24D7, 0x24D9,
- 0x24DD, 0x24DF, 0x24F5, 0x24F7, 0x24FB, 0x2501, 0x2507, 0x2513,
- 0x2519, 0x2527, 0x2531, 0x253D, 0x2543, 0x254B, 0x254F, 0x2573,
- 0x2581, 0x258D, 0x2593, 0x2597, 0x259D, 0x259F, 0x25AB, 0x25B1,
- 0x25BD, 0x25CD, 0x25CF, 0x25D9, 0x25E1, 0x25F7, 0x25F9, 0x2605,
- 0x260B, 0x260F, 0x2615, 0x2627, 0x2629, 0x2635, 0x263B, 0x263F,
- 0x264B, 0x2653, 0x2659, 0x2665, 0x2669, 0x266F, 0x267B, 0x2681,
- 0x2683, 0x268F, 0x269B, 0x269F, 0x26AD, 0x26B3, 0x26C3, 0x26C9,
- 0x26CB, 0x26D5, 0x26DD, 0x26EF, 0x26F5, 0x2717, 0x2719, 0x2735,
- 0x2737, 0x274D, 0x2753, 0x2755, 0x275F, 0x276B, 0x276D, 0x2773,
- 0x2777, 0x277F, 0x2795, 0x279B, 0x279D, 0x27A7, 0x27AF, 0x27B3,
- 0x27B9, 0x27C1, 0x27C5, 0x27D1, 0x27E3, 0x27EF, 0x2803, 0x2807,
- 0x280D, 0x2813, 0x281B, 0x281F, 0x2821, 0x2831, 0x283D, 0x283F,
- 0x2849, 0x2851, 0x285B, 0x285D, 0x2861, 0x2867, 0x2875, 0x2881,
- 0x2897, 0x289F, 0x28BB, 0x28BD, 0x28C1, 0x28D5, 0x28D9, 0x28DB,
- 0x28DF, 0x28ED, 0x28F7, 0x2903, 0x2905, 0x2911, 0x2921, 0x2923,
- 0x293F, 0x2947, 0x295D, 0x2965, 0x2969, 0x296F, 0x2975, 0x2983,
- 0x2987, 0x298F, 0x299B, 0x29A1, 0x29A7, 0x29AB, 0x29BF, 0x29C3,
- 0x29D5, 0x29D7, 0x29E3, 0x29E9, 0x29ED, 0x29F3, 0x2A01, 0x2A13,
- 0x2A1D, 0x2A25, 0x2A2F, 0x2A4F, 0x2A55, 0x2A5F, 0x2A65, 0x2A6B,
- 0x2A6D, 0x2A73, 0x2A83, 0x2A89, 0x2A8B, 0x2A97, 0x2A9D, 0x2AB9,
- 0x2ABB, 0x2AC5, 0x2ACD, 0x2ADD, 0x2AE3, 0x2AEB, 0x2AF1, 0x2AFB,
- 0x2B13, 0x2B27, 0x2B31, 0x2B33, 0x2B3D, 0x2B3F, 0x2B4B, 0x2B4F,
- 0x2B55, 0x2B69, 0x2B6D, 0x2B6F, 0x2B7B, 0x2B8D, 0x2B97, 0x2B99,
- 0x2BA3, 0x2BA5, 0x2BA9, 0x2BBD, 0x2BCD, 0x2BE7, 0x2BEB, 0x2BF3,
- 0x2BF9, 0x2BFD, 0x2C09, 0x2C0F, 0x2C17, 0x2C23, 0x2C2F, 0x2C35,
- 0x2C39, 0x2C41, 0x2C57, 0x2C59, 0x2C69, 0x2C77, 0x2C81, 0x2C87,
- 0x2C93, 0x2C9F, 0x2CAD, 0x2CB3, 0x2CB7, 0x2CCB, 0x2CCF, 0x2CDB,
- 0x2CE1, 0x2CE3, 0x2CE9, 0x2CEF, 0x2CFF, 0x2D07, 0x2D1D, 0x2D1F,
- 0x2D3B, 0x2D43, 0x2D49, 0x2D4D, 0x2D61, 0x2D65, 0x2D71, 0x2D89,
- 0x2D9D, 0x2DA1, 0x2DA9, 0x2DB3, 0x2DB5, 0x2DC5, 0x2DC7, 0x2DD3,
- 0x2DDF, 0x2E01, 0x2E03, 0x2E07, 0x2E0D, 0x2E19, 0x2E1F, 0x2E25,
- 0x2E2D, 0x2E33, 0x2E37, 0x2E39, 0x2E3F, 0x2E57, 0x2E5B, 0x2E6F,
- 0x2E79, 0x2E7F, 0x2E85, 0x2E93, 0x2E97, 0x2E9D, 0x2EA3, 0x2EA5,
- 0x2EB1, 0x2EB7, 0x2EC1, 0x2EC3, 0x2ECD, 0x2ED3, 0x2EE7, 0x2EEB,
- 0x2F05, 0x2F09, 0x2F0B, 0x2F11, 0x2F27, 0x2F29, 0x2F41, 0x2F45,
- 0x2F4B, 0x2F4D, 0x2F51, 0x2F57, 0x2F6F, 0x2F75, 0x2F7D, 0x2F81,
- 0x2F83, 0x2FA5, 0x2FAB, 0x2FB3, 0x2FC3, 0x2FCF, 0x2FD1, 0x2FDB,
- 0x2FDD, 0x2FE7, 0x2FED, 0x2FF5, 0x2FF9, 0x3001, 0x300D, 0x3023,
- 0x3029, 0x3037, 0x303B, 0x3055, 0x3059, 0x305B, 0x3067, 0x3071,
- 0x3079, 0x307D, 0x3085, 0x3091, 0x3095, 0x30A3, 0x30A9, 0x30B9,
- 0x30BF, 0x30C7, 0x30CB, 0x30D1, 0x30D7, 0x30DF, 0x30E5, 0x30EF,
- 0x30FB, 0x30FD, 0x3103, 0x3109, 0x3119, 0x3121, 0x3127, 0x312D,
- 0x3139, 0x3143, 0x3145, 0x314B, 0x315D, 0x3161, 0x3167, 0x316D,
- 0x3173, 0x317F, 0x3191, 0x3199, 0x319F, 0x31A9, 0x31B1, 0x31C3,
- 0x31C7, 0x31D5, 0x31DB, 0x31ED, 0x31F7, 0x31FF, 0x3209, 0x3215,
- 0x3217, 0x321D, 0x3229, 0x3235, 0x3259, 0x325D, 0x3263, 0x326B,
- 0x326F, 0x3275, 0x3277, 0x327B, 0x328D, 0x3299, 0x329F, 0x32A7,
- 0x32AD, 0x32B3, 0x32B7, 0x32C9, 0x32CB, 0x32CF, 0x32D1, 0x32E9,
- 0x32ED, 0x32F3, 0x32F9, 0x3307, 0x3325, 0x332B, 0x332F, 0x3335,
- 0x3341, 0x3347, 0x335B, 0x335F, 0x3367, 0x336B, 0x3373, 0x3379,
- 0x337F, 0x3383, 0x33A1, 0x33A3, 0x33AD, 0x33B9, 0x33C1, 0x33CB,
- 0x33D3, 0x33EB, 0x33F1, 0x33FD, 0x3401, 0x340F, 0x3413, 0x3419,
- 0x341B, 0x3437, 0x3445, 0x3455, 0x3457, 0x3463, 0x3469, 0x346D,
- 0x3481, 0x348B, 0x3491, 0x3497, 0x349D, 0x34A5, 0x34AF, 0x34BB,
- 0x34C9, 0x34D3, 0x34E1, 0x34F1, 0x34FF, 0x3509, 0x3517, 0x351D,
- 0x352D, 0x3533, 0x353B, 0x3541, 0x3551, 0x3565, 0x356F, 0x3571,
- 0x3577, 0x357B, 0x357D, 0x3581, 0x358D, 0x358F, 0x3599, 0x359B,
- 0x35A1, 0x35B7, 0x35BD, 0x35BF, 0x35C3, 0x35D5, 0x35DD, 0x35E7,
- 0x35EF, 0x3605, 0x3607, 0x3611, 0x3623, 0x3631, 0x3635, 0x3637,
- 0x363B, 0x364D, 0x364F, 0x3653, 0x3659, 0x3661, 0x366B, 0x366D,
- 0x368B, 0x368F, 0x36AD, 0x36AF, 0x36B9, 0x36BB, 0x36CD, 0x36D1,
- 0x36E3, 0x36E9, 0x36F7, 0x3701, 0x3703, 0x3707, 0x371B, 0x373F,
- 0x3745, 0x3749, 0x374F, 0x375D, 0x3761, 0x3775, 0x377F, 0x378D,
- 0x37A3, 0x37A9, 0x37AB, 0x37C9, 0x37D5, 0x37DF, 0x37F1, 0x37F3,
- 0x37F7, 0x3805, 0x380B, 0x3821, 0x3833, 0x3835, 0x3841, 0x3847,
- 0x384B, 0x3853, 0x3857, 0x385F, 0x3865, 0x386F, 0x3871, 0x387D,
- 0x388F, 0x3899, 0x38A7, 0x38B7, 0x38C5, 0x38C9, 0x38CF, 0x38D5,
- 0x38D7, 0x38DD, 0x38E1, 0x38E3, 0x38FF, 0x3901, 0x391D, 0x3923,
- 0x3925, 0x3929, 0x392F, 0x393D, 0x3941, 0x394D, 0x395B, 0x396B,
- 0x3979, 0x397D, 0x3983, 0x398B, 0x3991, 0x3995, 0x399B, 0x39A1,
- 0x39A7, 0x39AF, 0x39B3, 0x39BB, 0x39BF, 0x39CD, 0x39DD, 0x39E5,
- 0x39EB, 0x39EF, 0x39FB, 0x3A03, 0x3A13, 0x3A15, 0x3A1F, 0x3A27,
- 0x3A2B, 0x3A31, 0x3A4B, 0x3A51, 0x3A5B, 0x3A63, 0x3A67, 0x3A6D,
- 0x3A79, 0x3A87, 0x3AA5, 0x3AA9, 0x3AB7, 0x3ACD, 0x3AD5, 0x3AE1,
- 0x3AE5, 0x3AEB, 0x3AF3, 0x3AFD, 0x3B03, 0x3B11, 0x3B1B, 0x3B21,
- 0x3B23, 0x3B2D, 0x3B39, 0x3B45, 0x3B53, 0x3B59, 0x3B5F, 0x3B71,
- 0x3B7B, 0x3B81, 0x3B89, 0x3B9B, 0x3B9F, 0x3BA5, 0x3BA7, 0x3BAD,
- 0x3BB7, 0x3BB9, 0x3BC3, 0x3BCB, 0x3BD1, 0x3BD7, 0x3BE1, 0x3BE3,
- 0x3BF5, 0x3BFF, 0x3C01, 0x3C0D, 0x3C11, 0x3C17, 0x3C1F, 0x3C29,
- 0x3C35, 0x3C43, 0x3C4F, 0x3C53, 0x3C5B, 0x3C65, 0x3C6B, 0x3C71,
- 0x3C85, 0x3C89, 0x3C97, 0x3CA7, 0x3CB5, 0x3CBF, 0x3CC7, 0x3CD1,
- 0x3CDD, 0x3CDF, 0x3CF1, 0x3CF7, 0x3D03, 0x3D0D, 0x3D19, 0x3D1B,
- 0x3D1F, 0x3D21, 0x3D2D, 0x3D33, 0x3D37, 0x3D3F, 0x3D43, 0x3D6F,
- 0x3D73, 0x3D75, 0x3D79, 0x3D7B, 0x3D85, 0x3D91, 0x3D97, 0x3D9D,
- 0x3DAB, 0x3DAF, 0x3DB5, 0x3DBB, 0x3DC1, 0x3DC9, 0x3DCF, 0x3DF3,
- 0x3E05, 0x3E09, 0x3E0F, 0x3E11, 0x3E1D, 0x3E23, 0x3E29, 0x3E2F,
- 0x3E33, 0x3E41, 0x3E57, 0x3E63, 0x3E65, 0x3E77, 0x3E81, 0x3E87,
- 0x3EA1, 0x3EB9, 0x3EBD, 0x3EBF, 0x3EC3, 0x3EC5, 0x3EC9, 0x3ED7,
- 0x3EDB, 0x3EE1, 0x3EE7, 0x3EEF, 0x3EFF, 0x3F0B, 0x3F0D, 0x3F37,
- 0x3F3B, 0x3F3D, 0x3F41, 0x3F59, 0x3F5F, 0x3F65, 0x3F67, 0x3F79,
- 0x3F7D, 0x3F8B, 0x3F91, 0x3FAD, 0x3FBF, 0x3FCD, 0x3FD3, 0x3FDD,
- 0x3FE9, 0x3FEB, 0x3FF1, 0x3FFD, 0x401B, 0x4021, 0x4025, 0x402B,
- 0x4031, 0x403F, 0x4043, 0x4045, 0x405D, 0x4061, 0x4067, 0x406D,
- 0x4087, 0x4091, 0x40A3, 0x40A9, 0x40B1, 0x40B7, 0x40BD, 0x40DB,
- 0x40DF, 0x40EB, 0x40F7, 0x40F9, 0x4109, 0x410B, 0x4111, 0x4115,
- 0x4121, 0x4133, 0x4135, 0x413B, 0x413F, 0x4159, 0x4165, 0x416B,
- 0x4177, 0x417B, 0x4193, 0x41AB, 0x41B7, 0x41BD, 0x41BF, 0x41CB,
- 0x41E7, 0x41EF, 0x41F3, 0x41F9, 0x4205, 0x4207, 0x4219, 0x421F,
- 0x4223, 0x4229, 0x422F, 0x4243, 0x4253, 0x4255, 0x425B, 0x4261,
- 0x4273, 0x427D, 0x4283, 0x4285, 0x4289, 0x4291, 0x4297, 0x429D,
- 0x42B5, 0x42C5, 0x42CB, 0x42D3, 0x42DD, 0x42E3, 0x42F1, 0x4307,
- 0x430F, 0x431F, 0x4325, 0x4327, 0x4333, 0x4337, 0x4339, 0x434F,
- 0x4357, 0x4369, 0x438B, 0x438D, 0x4393, 0x43A5, 0x43A9, 0x43AF,
- 0x43B5, 0x43BD, 0x43C7, 0x43CF, 0x43E1, 0x43E7, 0x43EB, 0x43ED,
- 0x43F1, 0x43F9, 0x4409, 0x440B, 0x4417, 0x4423, 0x4429, 0x443B,
- 0x443F, 0x4445, 0x444B, 0x4451, 0x4453, 0x4459, 0x4465, 0x446F,
- 0x4483, 0x448F, 0x44A1, 0x44A5, 0x44AB, 0x44AD, 0x44BD, 0x44BF,
- 0x44C9, 0x44D7, 0x44DB, 0x44F9, 0x44FB, 0x4505, 0x4511, 0x4513,
- 0x452B, 0x4531, 0x4541, 0x4549, 0x4553, 0x4555, 0x4561, 0x4577,
- 0x457D, 0x457F, 0x458F, 0x45A3, 0x45AD, 0x45AF, 0x45BB, 0x45C7,
- 0x45D9, 0x45E3, 0x45EF, 0x45F5, 0x45F7, 0x4601, 0x4603, 0x4609,
- 0x4613, 0x4625, 0x4627, 0x4633, 0x4639, 0x463D, 0x4643, 0x4645,
- 0x465D, 0x4679, 0x467B, 0x467F, 0x4681, 0x468B, 0x468D, 0x469D,
- 0x46A9, 0x46B1, 0x46C7, 0x46C9, 0x46CF, 0x46D3, 0x46D5, 0x46DF,
- 0x46E5, 0x46F9, 0x4705, 0x470F, 0x4717, 0x4723, 0x4729, 0x472F,
- 0x4735, 0x4739, 0x474B, 0x474D, 0x4751, 0x475D, 0x476F, 0x4771,
- 0x477D, 0x4783, 0x4787, 0x4789, 0x4799, 0x47A5, 0x47B1, 0x47BF,
- 0x47C3, 0x47CB, 0x47DD, 0x47E1, 0x47ED, 0x47FB, 0x4801, 0x4807,
- 0x480B, 0x4813, 0x4819, 0x481D, 0x4831, 0x483D, 0x4847, 0x4855,
- 0x4859, 0x485B, 0x486B, 0x486D, 0x4879, 0x4897, 0x489B, 0x48A1,
- 0x48B9, 0x48CD, 0x48E5, 0x48EF, 0x48F7, 0x4903, 0x490D, 0x4919,
- 0x491F, 0x492B, 0x4937, 0x493D, 0x4945, 0x4955, 0x4963, 0x4969,
- 0x496D, 0x4973, 0x4997, 0x49AB, 0x49B5, 0x49D3, 0x49DF, 0x49E1,
- 0x49E5, 0x49E7, 0x4A03, 0x4A0F, 0x4A1D, 0x4A23, 0x4A39, 0x4A41,
- 0x4A45, 0x4A57, 0x4A5D, 0x4A6B, 0x4A7D, 0x4A81, 0x4A87, 0x4A89,
- 0x4A8F, 0x4AB1, 0x4AC3, 0x4AC5, 0x4AD5, 0x4ADB, 0x4AED, 0x4AEF,
- 0x4B07, 0x4B0B, 0x4B0D, 0x4B13, 0x4B1F, 0x4B25, 0x4B31, 0x4B3B,
- 0x4B43, 0x4B49, 0x4B59, 0x4B65, 0x4B6D, 0x4B77, 0x4B85, 0x4BAD,
- 0x4BB3, 0x4BB5, 0x4BBB, 0x4BBF, 0x4BCB, 0x4BD9, 0x4BDD, 0x4BDF,
- 0x4BE3, 0x4BE5, 0x4BE9, 0x4BF1, 0x4BF7, 0x4C01, 0x4C07, 0x4C0D,
- 0x4C0F, 0x4C15, 0x4C1B, 0x4C21, 0x4C2D, 0x4C33, 0x4C4B, 0x4C55,
- 0x4C57, 0x4C61, 0x4C67, 0x4C73, 0x4C79, 0x4C7F, 0x4C8D, 0x4C93,
- 0x4C99, 0x4CCD, 0x4CE1, 0x4CE7, 0x4CF1, 0x4CF3, 0x4CFD, 0x4D05,
- 0x4D0F, 0x4D1B, 0x4D27, 0x4D29, 0x4D2F, 0x4D33, 0x4D41, 0x4D51,
- 0x4D59, 0x4D65, 0x4D6B, 0x4D81, 0x4D83, 0x4D8D, 0x4D95, 0x4D9B,
- 0x4DB1, 0x4DB3, 0x4DC9, 0x4DCF, 0x4DD7, 0x4DE1, 0x4DED, 0x4DF9,
- 0x4DFB, 0x4E05, 0x4E0B, 0x4E17, 0x4E19, 0x4E1D, 0x4E2B, 0x4E35,
- 0x4E37, 0x4E3D, 0x4E4F, 0x4E53, 0x4E5F, 0x4E67, 0x4E79, 0x4E85,
- 0x4E8B, 0x4E91, 0x4E95, 0x4E9B, 0x4EA1, 0x4EAF, 0x4EB3, 0x4EB5,
- 0x4EC1, 0x4ECD, 0x4ED1, 0x4ED7, 0x4EE9, 0x4EFB, 0x4F07, 0x4F09,
- 0x4F19, 0x4F25, 0x4F2D, 0x4F3F, 0x4F49, 0x4F63, 0x4F67, 0x4F6D,
- 0x4F75, 0x4F7B, 0x4F81, 0x4F85, 0x4F87, 0x4F91, 0x4FA5, 0x4FA9,
- 0x4FAF, 0x4FB7, 0x4FBB, 0x4FCF, 0x4FD9, 0x4FDB, 0x4FFD, 0x4FFF,
- 0x5003, 0x501B, 0x501D, 0x5029, 0x5035, 0x503F, 0x5045, 0x5047,
- 0x5053, 0x5071, 0x5077, 0x5083, 0x5093, 0x509F, 0x50A1, 0x50B7,
- 0x50C9, 0x50D5, 0x50E3, 0x50ED, 0x50EF, 0x50FB, 0x5107, 0x510B,
- 0x510D, 0x5111, 0x5117, 0x5123, 0x5125, 0x5135, 0x5147, 0x5149,
- 0x5171, 0x5179, 0x5189, 0x518F, 0x5197, 0x51A1, 0x51A3, 0x51A7,
- 0x51B9, 0x51C1, 0x51CB, 0x51D3, 0x51DF, 0x51E3, 0x51F5, 0x51F7,
- 0x5209, 0x5213, 0x5215, 0x5219, 0x521B, 0x521F, 0x5227, 0x5243,
- 0x5245, 0x524B, 0x5261, 0x526D, 0x5273, 0x5281, 0x5293, 0x5297,
- 0x529D, 0x52A5, 0x52AB, 0x52B1, 0x52BB, 0x52C3, 0x52C7, 0x52C9,
- 0x52DB, 0x52E5, 0x52EB, 0x52FF, 0x5315, 0x531D, 0x5323, 0x5341,
- 0x5345, 0x5347, 0x534B, 0x535D, 0x5363, 0x5381, 0x5383, 0x5387,
- 0x538F, 0x5395, 0x5399, 0x539F, 0x53AB, 0x53B9, 0x53DB, 0x53E9,
- 0x53EF, 0x53F3, 0x53F5, 0x53FB, 0x53FF, 0x540D, 0x5411, 0x5413,
- 0x5419, 0x5435, 0x5437, 0x543B, 0x5441, 0x5449, 0x5453, 0x5455,
- 0x545F, 0x5461, 0x546B, 0x546D, 0x5471, 0x548F, 0x5491, 0x549D,
- 0x54A9, 0x54B3, 0x54C5, 0x54D1, 0x54DF, 0x54E9, 0x54EB, 0x54F7,
- 0x54FD, 0x5507, 0x550D, 0x551B, 0x5527, 0x552B, 0x5539, 0x553D,
- 0x554F, 0x5551, 0x555B, 0x5563, 0x5567, 0x556F, 0x5579, 0x5585,
- 0x5597, 0x55A9, 0x55B1, 0x55B7, 0x55C9, 0x55D9, 0x55E7, 0x55ED,
- 0x55F3, 0x55FD, 0x560B, 0x560F, 0x5615, 0x5617, 0x5623, 0x562F,
- 0x5633, 0x5639, 0x563F, 0x564B, 0x564D, 0x565D, 0x565F, 0x566B,
- 0x5671, 0x5675, 0x5683, 0x5689, 0x568D, 0x568F, 0x569B, 0x56AD,
- 0x56B1, 0x56D5, 0x56E7, 0x56F3, 0x56FF, 0x5701, 0x5705, 0x5707,
- 0x570B, 0x5713, 0x571F, 0x5723, 0x5747, 0x574D, 0x575F, 0x5761,
- 0x576D, 0x5777, 0x577D, 0x5789, 0x57A1, 0x57A9, 0x57AF, 0x57B5,
- 0x57C5, 0x57D1, 0x57D3, 0x57E5, 0x57EF, 0x5803, 0x580D, 0x580F,
- 0x5815, 0x5827, 0x582B, 0x582D, 0x5855, 0x585B, 0x585D, 0x586D,
- 0x586F, 0x5873, 0x587B, 0x588D, 0x5897, 0x58A3, 0x58A9, 0x58AB,
- 0x58B5, 0x58BD, 0x58C1, 0x58C7, 0x58D3, 0x58D5, 0x58DF, 0x58F1,
- 0x58F9, 0x58FF, 0x5903, 0x5917, 0x591B, 0x5921, 0x5945, 0x594B,
- 0x594D, 0x5957, 0x595D, 0x5975, 0x597B, 0x5989, 0x5999, 0x599F,
- 0x59B1, 0x59B3, 0x59BD, 0x59D1, 0x59DB, 0x59E3, 0x59E9, 0x59ED,
- 0x59F3, 0x59F5, 0x59FF, 0x5A01, 0x5A0D, 0x5A11, 0x5A13, 0x5A17,
- 0x5A1F, 0x5A29, 0x5A2F, 0x5A3B, 0x5A4D, 0x5A5B, 0x5A67, 0x5A77,
- 0x5A7F, 0x5A85, 0x5A95, 0x5A9D, 0x5AA1, 0x5AA3, 0x5AA9, 0x5ABB,
- 0x5AD3, 0x5AE5, 0x5AEF, 0x5AFB, 0x5AFD, 0x5B01, 0x5B0F, 0x5B19,
- 0x5B1F, 0x5B25, 0x5B2B, 0x5B3D, 0x5B49, 0x5B4B, 0x5B67, 0x5B79,
- 0x5B87, 0x5B97, 0x5BA3, 0x5BB1, 0x5BC9, 0x5BD5, 0x5BEB, 0x5BF1,
- 0x5BF3, 0x5BFD, 0x5C05, 0x5C09, 0x5C0B, 0x5C0F, 0x5C1D, 0x5C29,
- 0x5C2F, 0x5C33, 0x5C39, 0x5C47, 0x5C4B, 0x5C4D, 0x5C51, 0x5C6F,
- 0x5C75, 0x5C77, 0x5C7D, 0x5C87, 0x5C89, 0x5CA7, 0x5CBD, 0x5CBF,
- 0x5CC3, 0x5CC9, 0x5CD1, 0x5CD7, 0x5CDD, 0x5CED, 0x5CF9, 0x5D05,
- 0x5D0B, 0x5D13, 0x5D17, 0x5D19, 0x5D31, 0x5D3D, 0x5D41, 0x5D47,
- 0x5D4F, 0x5D55, 0x5D5B, 0x5D65, 0x5D67, 0x5D6D, 0x5D79, 0x5D95,
- 0x5DA3, 0x5DA9, 0x5DAD, 0x5DB9, 0x5DC1, 0x5DC7, 0x5DD3, 0x5DD7,
- 0x5DDD, 0x5DEB, 0x5DF1, 0x5DFD, 0x5E07, 0x5E0D, 0x5E13, 0x5E1B,
- 0x5E21, 0x5E27, 0x5E2B, 0x5E2D, 0x5E31, 0x5E39, 0x5E45, 0x5E49,
- 0x5E57, 0x5E69, 0x5E73, 0x5E75, 0x5E85, 0x5E8B, 0x5E9F, 0x5EA5,
- 0x5EAF, 0x5EB7, 0x5EBB, 0x5ED9, 0x5EFD, 0x5F09, 0x5F11, 0x5F27,
- 0x5F33, 0x5F35, 0x5F3B, 0x5F47, 0x5F57, 0x5F5D, 0x5F63, 0x5F65,
- 0x5F77, 0x5F7B, 0x5F95, 0x5F99, 0x5FA1, 0x5FB3, 0x5FBD, 0x5FC5,
- 0x5FCF, 0x5FD5, 0x5FE3, 0x5FE7, 0x5FFB, 0x6011, 0x6023, 0x602F,
- 0x6037, 0x6053, 0x605F, 0x6065, 0x606B, 0x6073, 0x6079, 0x6085,
- 0x609D, 0x60AD, 0x60BB, 0x60BF, 0x60CD, 0x60D9, 0x60DF, 0x60E9,
- 0x60F5, 0x6109, 0x610F, 0x6113, 0x611B, 0x612D, 0x6139, 0x614B,
- 0x6155, 0x6157, 0x615B, 0x616F, 0x6179, 0x6187, 0x618B, 0x6191,
- 0x6193, 0x619D, 0x61B5, 0x61C7, 0x61C9, 0x61CD, 0x61E1, 0x61F1,
- 0x61FF, 0x6209, 0x6217, 0x621D, 0x6221, 0x6227, 0x623B, 0x6241,
- 0x624B, 0x6251, 0x6253, 0x625F, 0x6265, 0x6283, 0x628D, 0x6295,
- 0x629B, 0x629F, 0x62A5, 0x62AD, 0x62D5, 0x62D7, 0x62DB, 0x62DD,
- 0x62E9, 0x62FB, 0x62FF, 0x6305, 0x630D, 0x6317, 0x631D, 0x632F,
- 0x6341, 0x6343, 0x634F, 0x635F, 0x6367, 0x636D, 0x6371, 0x6377,
- 0x637D, 0x637F, 0x63B3, 0x63C1, 0x63C5, 0x63D9, 0x63E9, 0x63EB,
- 0x63EF, 0x63F5, 0x6401, 0x6403, 0x6409, 0x6415, 0x6421, 0x6427,
- 0x642B, 0x6439, 0x6443, 0x6449, 0x644F, 0x645D, 0x6467, 0x6475,
- 0x6485, 0x648D, 0x6493, 0x649F, 0x64A3, 0x64AB, 0x64C1, 0x64C7,
- 0x64C9, 0x64DB, 0x64F1, 0x64F7, 0x64F9, 0x650B, 0x6511, 0x6521,
- 0x652F, 0x6539, 0x653F, 0x654B, 0x654D, 0x6553, 0x6557, 0x655F,
- 0x6571, 0x657D, 0x658D, 0x658F, 0x6593, 0x65A1, 0x65A5, 0x65AD,
- 0x65B9, 0x65C5, 0x65E3, 0x65F3, 0x65FB, 0x65FF, 0x6601, 0x6607,
- 0x661D, 0x6629, 0x6631, 0x663B, 0x6641, 0x6647, 0x664D, 0x665B,
- 0x6661, 0x6673, 0x667D, 0x6689, 0x668B, 0x6695, 0x6697, 0x669B,
- 0x66B5, 0x66B9, 0x66C5, 0x66CD, 0x66D1, 0x66E3, 0x66EB, 0x66F5,
- 0x6703, 0x6713, 0x6719, 0x671F, 0x6727, 0x6731, 0x6737, 0x673F,
- 0x6745, 0x6751, 0x675B, 0x676F, 0x6779, 0x6781, 0x6785, 0x6791,
- 0x67AB, 0x67BD, 0x67C1, 0x67CD, 0x67DF, 0x67E5, 0x6803, 0x6809,
- 0x6811, 0x6817, 0x682D, 0x6839, 0x683B, 0x683F, 0x6845, 0x684B,
- 0x684D, 0x6857, 0x6859, 0x685D, 0x6863, 0x6869, 0x686B, 0x6871,
- 0x6887, 0x6899, 0x689F, 0x68B1, 0x68BD, 0x68C5, 0x68D1, 0x68D7,
- 0x68E1, 0x68ED, 0x68EF, 0x68FF, 0x6901, 0x690B, 0x690D, 0x6917,
- 0x6929, 0x692F, 0x6943, 0x6947, 0x6949, 0x694F, 0x6965, 0x696B,
- 0x6971, 0x6983, 0x6989, 0x6997, 0x69A3, 0x69B3, 0x69B5, 0x69BB,
- 0x69C1, 0x69C5, 0x69D3, 0x69DF, 0x69E3, 0x69E5, 0x69F7, 0x6A07,
- 0x6A2B, 0x6A37, 0x6A3D, 0x6A4B, 0x6A67, 0x6A69, 0x6A75, 0x6A7B,
- 0x6A87, 0x6A8D, 0x6A91, 0x6A93, 0x6AA3, 0x6AC1, 0x6AC9, 0x6AE1,
- 0x6AE7, 0x6B05, 0x6B0F, 0x6B11, 0x6B23, 0x6B27, 0x6B2D, 0x6B39,
- 0x6B41, 0x6B57, 0x6B59, 0x6B5F, 0x6B75, 0x6B87, 0x6B89, 0x6B93,
- 0x6B95, 0x6B9F, 0x6BBD, 0x6BBF, 0x6BDB, 0x6BE1, 0x6BEF, 0x6BFF,
- 0x6C05, 0x6C19, 0x6C29, 0x6C2B, 0x6C31, 0x6C35, 0x6C55, 0x6C59,
- 0x6C5B, 0x6C5F, 0x6C65, 0x6C67, 0x6C73, 0x6C77, 0x6C7D, 0x6C83,
- 0x6C8F, 0x6C91, 0x6C97, 0x6C9B, 0x6CA1, 0x6CA9, 0x6CAF, 0x6CB3,
- 0x6CC7, 0x6CCB, 0x6CEB, 0x6CF5, 0x6CFD, 0x6D0D, 0x6D0F, 0x6D25,
- 0x6D27, 0x6D2B, 0x6D31, 0x6D39, 0x6D3F, 0x6D4F, 0x6D5D, 0x6D61,
- 0x6D73, 0x6D7B, 0x6D7F, 0x6D93, 0x6D99, 0x6DA5, 0x6DB1, 0x6DB7,
- 0x6DC1, 0x6DC3, 0x6DCD, 0x6DCF, 0x6DDB, 0x6DF7, 0x6E03, 0x6E15,
- 0x6E17, 0x6E29, 0x6E33, 0x6E3B, 0x6E45, 0x6E75, 0x6E77, 0x6E7B,
- 0x6E81, 0x6E89, 0x6E93, 0x6E95, 0x6E9F, 0x6EBD, 0x6EBF, 0x6EE3,
- 0x6EE9, 0x6EF3, 0x6EF9, 0x6EFB, 0x6F0D, 0x6F11, 0x6F17, 0x6F1F,
- 0x6F2F, 0x6F3D, 0x6F4D, 0x6F53, 0x6F61, 0x6F65, 0x6F79, 0x6F7D,
- 0x6F83, 0x6F85, 0x6F8F, 0x6F9B, 0x6F9D, 0x6FA3, 0x6FAF, 0x6FB5,
- 0x6FBB, 0x6FBF, 0x6FCB, 0x6FCD, 0x6FD3, 0x6FD7, 0x6FE3, 0x6FE9,
- 0x6FF1, 0x6FF5, 0x6FF7, 0x6FFD, 0x700F, 0x7019, 0x701F, 0x7027,
- 0x7033, 0x7039, 0x704F, 0x7051, 0x7057, 0x7063, 0x7075, 0x7079,
- 0x7087, 0x708D, 0x7091, 0x70A5, 0x70AB, 0x70BB, 0x70C3, 0x70C7,
- 0x70CF, 0x70E5, 0x70ED, 0x70F9, 0x70FF, 0x7105, 0x7115, 0x7121,
- 0x7133, 0x7151, 0x7159, 0x715D, 0x715F, 0x7163, 0x7169, 0x7183,
- 0x7187, 0x7195, 0x71AD, 0x71C3, 0x71C9, 0x71CB, 0x71D1, 0x71DB,
- 0x71E1, 0x71EF, 0x71F5, 0x71FB, 0x7207, 0x7211, 0x7217, 0x7219,
- 0x7225, 0x722F, 0x723B, 0x7243, 0x7255, 0x7267, 0x7271, 0x7277,
- 0x727F, 0x728F, 0x7295, 0x729B, 0x72A3, 0x72B3, 0x72C7, 0x72CB,
- 0x72CD, 0x72D7, 0x72D9, 0x72E3, 0x72EF, 0x72F5, 0x72FD, 0x7303,
- 0x730D, 0x7321, 0x732B, 0x733D, 0x7357, 0x735B, 0x7361, 0x737F,
- 0x7381, 0x7385, 0x738D, 0x7393, 0x739F, 0x73AB, 0x73BD, 0x73C1,
- 0x73C9, 0x73DF, 0x73E5, 0x73E7, 0x73F3, 0x7415, 0x741B, 0x742D,
- 0x7439, 0x743F, 0x7441, 0x745D, 0x746B, 0x747B, 0x7489, 0x748D,
- 0x749B, 0x74A7, 0x74AB, 0x74B1, 0x74B7, 0x74B9, 0x74DD, 0x74E1,
- 0x74E7, 0x74FB, 0x7507, 0x751F, 0x7525, 0x753B, 0x753D, 0x754D,
- 0x755F, 0x756B, 0x7577, 0x7589, 0x758B, 0x7591, 0x7597, 0x759D,
- 0x75A1, 0x75A7, 0x75B5, 0x75B9, 0x75BB, 0x75D1, 0x75D9, 0x75E5,
- 0x75EB, 0x75F5, 0x75FB, 0x7603, 0x760F, 0x7621, 0x762D, 0x7633,
- 0x763D, 0x763F, 0x7655, 0x7663, 0x7669, 0x766F, 0x7673, 0x7685,
- 0x768B, 0x769F, 0x76B5, 0x76B7, 0x76C3, 0x76DB, 0x76DF, 0x76F1,
- 0x7703, 0x7705, 0x771B, 0x771D, 0x7721, 0x772D, 0x7735, 0x7741,
- 0x774B, 0x7759, 0x775D, 0x775F, 0x7771, 0x7781, 0x77A7, 0x77AD,
- 0x77B3, 0x77B9, 0x77C5, 0x77CF, 0x77D5, 0x77E1, 0x77E9, 0x77EF,
- 0x77F3, 0x77F9, 0x7807, 0x7825, 0x782B, 0x7835, 0x783D, 0x7853,
- 0x7859, 0x7861, 0x786D, 0x7877, 0x7879, 0x7883, 0x7885, 0x788B,
- 0x7895, 0x7897, 0x78A1, 0x78AD, 0x78BF, 0x78D3, 0x78D9, 0x78DD,
- 0x78E5, 0x78FB, 0x7901, 0x7907, 0x7925, 0x792B, 0x7939, 0x793F,
- 0x794B, 0x7957, 0x795D, 0x7967, 0x7969, 0x7973, 0x7991, 0x7993,
- 0x79A3, 0x79AB, 0x79AF, 0x79B1, 0x79B7, 0x79C9, 0x79CD, 0x79CF,
- 0x79D5, 0x79D9, 0x79F3, 0x79F7, 0x79FF, 0x7A05, 0x7A0F, 0x7A11,
- 0x7A15, 0x7A1B, 0x7A23, 0x7A27, 0x7A2D, 0x7A4B, 0x7A57, 0x7A59,
- 0x7A5F, 0x7A65, 0x7A69, 0x7A7D, 0x7A93, 0x7A9B, 0x7A9F, 0x7AA1,
- 0x7AA5, 0x7AED, 0x7AF5, 0x7AF9, 0x7B01, 0x7B17, 0x7B19, 0x7B1D,
- 0x7B2B, 0x7B35, 0x7B37, 0x7B3B, 0x7B4F, 0x7B55, 0x7B5F, 0x7B71,
- 0x7B77, 0x7B8B, 0x7B9B, 0x7BA1, 0x7BA9, 0x7BAF, 0x7BB3, 0x7BC7,
- 0x7BD3, 0x7BE9, 0x7BEB, 0x7BEF, 0x7BF1, 0x7BFD, 0x7C07, 0x7C19,
- 0x7C1B, 0x7C31, 0x7C37, 0x7C49, 0x7C67, 0x7C69, 0x7C73, 0x7C81,
- 0x7C8B, 0x7C93, 0x7CA3, 0x7CD5, 0x7CDB, 0x7CE5, 0x7CED, 0x7CF7,
- 0x7D03, 0x7D09, 0x7D1B, 0x7D1D, 0x7D33, 0x7D39, 0x7D3B, 0x7D3F,
- 0x7D45, 0x7D4D, 0x7D53, 0x7D59, 0x7D63, 0x7D75, 0x7D77, 0x7D8D,
- 0x7D8F, 0x7D9F, 0x7DAD, 0x7DB7, 0x7DBD, 0x7DBF, 0x7DCB, 0x7DD5,
- 0x7DE9, 0x7DED, 0x7DFB, 0x7E01, 0x7E05, 0x7E29, 0x7E2B, 0x7E2F,
- 0x7E35, 0x7E41, 0x7E43, 0x7E47, 0x7E55, 0x7E61, 0x7E67, 0x7E6B,
- 0x7E71, 0x7E73, 0x7E79, 0x7E7D, 0x7E91, 0x7E9B, 0x7E9D, 0x7EA7,
- 0x7EAD, 0x7EB9, 0x7EBB, 0x7ED3, 0x7EDF, 0x7EEB, 0x7EF1, 0x7EF7,
- 0x7EFB, 0x7F13, 0x7F15, 0x7F19, 0x7F31, 0x7F33, 0x7F39, 0x7F3D,
- 0x7F43, 0x7F4B, 0x7F5B, 0x7F61, 0x7F63, 0x7F6D, 0x7F79, 0x7F87,
- 0x7F8D, 0x7FAF, 0x7FB5, 0x7FC3, 0x7FC9, 0x7FCD, 0x7FCF, 0x7FED,
- 0x8003, 0x800B, 0x800F, 0x8015, 0x801D, 0x8021, 0x8023, 0x803F,
- 0x8041, 0x8047, 0x804B, 0x8065, 0x8077, 0x808D, 0x808F, 0x8095,
- 0x80A5, 0x80AB, 0x80AD, 0x80BD, 0x80C9, 0x80CB, 0x80D7, 0x80DB,
- 0x80E1, 0x80E7, 0x80F5, 0x80FF, 0x8105, 0x810D, 0x8119, 0x811D,
- 0x812F, 0x8131, 0x813B, 0x8143, 0x8153, 0x8159, 0x815F, 0x817D,
- 0x817F, 0x8189, 0x819B, 0x819D, 0x81A7, 0x81AF, 0x81B3, 0x81BB,
- 0x81C7, 0x81DF, 0x8207, 0x8209, 0x8215, 0x821F, 0x8225, 0x8231,
- 0x8233, 0x823F, 0x8243, 0x8245, 0x8249, 0x824F, 0x8261, 0x826F,
- 0x827B, 0x8281, 0x8285, 0x8293, 0x82B1, 0x82B5, 0x82BD, 0x82C7,
- 0x82CF, 0x82D5, 0x82DF, 0x82F1, 0x82F9, 0x82FD, 0x830B, 0x831B,
- 0x8321, 0x8329, 0x832D, 0x8333, 0x8335, 0x833F, 0x8341, 0x834D,
- 0x8351, 0x8353, 0x8357, 0x835D, 0x8365, 0x8369, 0x836F, 0x838F,
- 0x83A7, 0x83B1, 0x83B9, 0x83CB, 0x83D5, 0x83D7, 0x83DD, 0x83E7,
- 0x83E9, 0x83ED, 0x83FF, 0x8405, 0x8411, 0x8413, 0x8423, 0x8425,
- 0x843B, 0x8441, 0x8447, 0x844F, 0x8461, 0x8465, 0x8477, 0x8483,
- 0x848B, 0x8491, 0x8495, 0x84A9, 0x84AF, 0x84CD, 0x84E3, 0x84EF,
- 0x84F1, 0x84F7, 0x8509, 0x850D, 0x854B, 0x854F, 0x8551, 0x855D,
- 0x8563, 0x856D, 0x856F, 0x857B, 0x8587, 0x85A3, 0x85A5, 0x85A9,
- 0x85B7, 0x85CD, 0x85D3, 0x85D5, 0x85DB, 0x85E1, 0x85EB, 0x85F9,
- 0x85FD, 0x85FF, 0x8609, 0x860F, 0x8617, 0x8621, 0x862F, 0x8639,
- 0x863F, 0x8641, 0x864D, 0x8663, 0x8675, 0x867D, 0x8687, 0x8699,
- 0x86A5, 0x86A7, 0x86B3, 0x86B7, 0x86C3, 0x86C5, 0x86CF, 0x86D1,
- 0x86D7, 0x86E9, 0x86EF, 0x86F5, 0x8717, 0x871D, 0x871F, 0x872B,
- 0x872F, 0x8735, 0x8747, 0x8759, 0x875B, 0x876B, 0x8771, 0x8777,
- 0x877F, 0x8785, 0x878F, 0x87A1, 0x87A9, 0x87B3, 0x87BB, 0x87C5,
- 0x87C7, 0x87CB, 0x87DD, 0x87F7, 0x8803, 0x8819, 0x881B, 0x881F,
- 0x8821, 0x8837, 0x883D, 0x8843, 0x8851, 0x8861, 0x8867, 0x887B,
- 0x8885, 0x8891, 0x8893, 0x88A5, 0x88CF, 0x88D3, 0x88EB, 0x88ED,
- 0x88F3, 0x88FD, 0x8909, 0x890B, 0x8911, 0x891B, 0x8923, 0x8927,
- 0x892D, 0x8939, 0x8945, 0x894D, 0x8951, 0x8957, 0x8963, 0x8981,
- 0x8995, 0x899B, 0x89B3, 0x89B9, 0x89C3, 0x89CF, 0x89D1, 0x89DB,
- 0x89EF, 0x89F5, 0x89FB, 0x89FF, 0x8A0B, 0x8A19, 0x8A23, 0x8A35,
- 0x8A41, 0x8A49, 0x8A4F, 0x8A5B, 0x8A5F, 0x8A6D, 0x8A77, 0x8A79,
- 0x8A85, 0x8AA3, 0x8AB3, 0x8AB5, 0x8AC1, 0x8AC7, 0x8ACB, 0x8ACD,
- 0x8AD1, 0x8AD7, 0x8AF1, 0x8AF5, 0x8B07, 0x8B09, 0x8B0D, 0x8B13,
- 0x8B21, 0x8B57, 0x8B5D, 0x8B91, 0x8B93, 0x8BA3, 0x8BA9, 0x8BAF,
- 0x8BBB, 0x8BD5, 0x8BD9, 0x8BDB, 0x8BE1, 0x8BF7, 0x8BFD, 0x8BFF,
- 0x8C0B, 0x8C17, 0x8C1D, 0x8C27, 0x8C39, 0x8C3B, 0x8C47, 0x8C53,
- 0x8C5D, 0x8C6F, 0x8C7B, 0x8C81, 0x8C89, 0x8C8F, 0x8C99, 0x8C9F,
- 0x8CA7, 0x8CAB, 0x8CAD, 0x8CB1, 0x8CC5, 0x8CDD, 0x8CE3, 0x8CE9,
- 0x8CF3, 0x8D01, 0x8D0B, 0x8D0D, 0x8D23, 0x8D29, 0x8D37, 0x8D41,
- 0x8D5B, 0x8D5F, 0x8D71, 0x8D79, 0x8D85, 0x8D91, 0x8D9B, 0x8DA7,
- 0x8DAD, 0x8DB5, 0x8DC5, 0x8DCB, 0x8DD3, 0x8DD9, 0x8DDF, 0x8DF5,
- 0x8DF7, 0x8E01, 0x8E15, 0x8E1F, 0x8E25, 0x8E51, 0x8E63, 0x8E69,
- 0x8E73, 0x8E75, 0x8E79, 0x8E7F, 0x8E8D, 0x8E91, 0x8EAB, 0x8EAF,
- 0x8EB1, 0x8EBD, 0x8EC7, 0x8ECF, 0x8ED3, 0x8EDB, 0x8EE7, 0x8EEB,
- 0x8EF7, 0x8EFF, 0x8F15, 0x8F1D, 0x8F23, 0x8F2D, 0x8F3F, 0x8F45,
- 0x8F4B, 0x8F53, 0x8F59, 0x8F65, 0x8F69, 0x8F71, 0x8F83, 0x8F8D,
- 0x8F99, 0x8F9F, 0x8FAB, 0x8FAD, 0x8FB3, 0x8FB7, 0x8FB9, 0x8FC9,
- 0x8FD5, 0x8FE1, 0x8FEF, 0x8FF9, 0x9007, 0x900D, 0x9017, 0x9023,
- 0x9025, 0x9031, 0x9037, 0x903B, 0x9041, 0x9043, 0x904F, 0x9053,
- 0x906D, 0x9073, 0x9085, 0x908B, 0x9095, 0x909B, 0x909D, 0x90AF,
- 0x90B9, 0x90C1, 0x90C5, 0x90DF, 0x90E9, 0x90FD, 0x9103, 0x9113,
- 0x9127, 0x9133, 0x913D, 0x9145, 0x914F, 0x9151, 0x9161, 0x9167,
- 0x917B, 0x9185, 0x9199, 0x919D, 0x91BB, 0x91BD, 0x91C1, 0x91C9,
- 0x91D9, 0x91DB, 0x91ED, 0x91F1, 0x91F3, 0x91F9, 0x9203, 0x9215,
- 0x9221, 0x922F, 0x9241, 0x9247, 0x9257, 0x926B, 0x9271, 0x9275,
- 0x927D, 0x9283, 0x9287, 0x928D, 0x9299, 0x92A1, 0x92AB, 0x92AD,
- 0x92B9, 0x92BF, 0x92C3, 0x92C5, 0x92CB, 0x92D5, 0x92D7, 0x92E7,
- 0x92F3, 0x9301, 0x930B, 0x9311, 0x9319, 0x931F, 0x933B, 0x933D,
- 0x9343, 0x9355, 0x9373, 0x9395, 0x9397, 0x93A7, 0x93B3, 0x93B5,
- 0x93C7, 0x93D7, 0x93DD, 0x93E5, 0x93EF, 0x93F7, 0x9401, 0x9409,
- 0x9413, 0x943F, 0x9445, 0x944B, 0x944F, 0x9463, 0x9467, 0x9469,
- 0x946D, 0x947B, 0x9497, 0x949F, 0x94A5, 0x94B5, 0x94C3, 0x94E1,
- 0x94E7, 0x9505, 0x9509, 0x9517, 0x9521, 0x9527, 0x952D, 0x9535,
- 0x9539, 0x954B, 0x9557, 0x955D, 0x955F, 0x9575, 0x9581, 0x9589,
- 0x958F, 0x959B, 0x959F, 0x95AD, 0x95B1, 0x95B7, 0x95B9, 0x95BD,
- 0x95CF, 0x95E3, 0x95E9, 0x95F9, 0x961F, 0x962F, 0x9631, 0x9635,
- 0x963B, 0x963D, 0x9665, 0x968F, 0x969D, 0x96A1, 0x96A7, 0x96A9,
- 0x96C1, 0x96CB, 0x96D1, 0x96D3, 0x96E5, 0x96EF, 0x96FB, 0x96FD,
- 0x970D, 0x970F, 0x9715, 0x9725, 0x972B, 0x9733, 0x9737, 0x9739,
- 0x9743, 0x9749, 0x9751, 0x975B, 0x975D, 0x976F, 0x977F, 0x9787,
- 0x9793, 0x97A5, 0x97B1, 0x97B7, 0x97C3, 0x97CD, 0x97D3, 0x97D9,
- 0x97EB, 0x97F7, 0x9805, 0x9809, 0x980B, 0x9815, 0x9829, 0x982F,
- 0x983B, 0x9841, 0x9851, 0x986B, 0x986F, 0x9881, 0x9883, 0x9887,
- 0x98A7, 0x98B1, 0x98B9, 0x98BF, 0x98C3, 0x98C9, 0x98CF, 0x98DD,
- 0x98E3, 0x98F5, 0x98F9, 0x98FB, 0x990D, 0x9917, 0x991F, 0x9929,
- 0x9931, 0x993B, 0x993D, 0x9941, 0x9947, 0x9949, 0x9953, 0x997D,
- 0x9985, 0x9991, 0x9995, 0x999B, 0x99AD, 0x99AF, 0x99BF, 0x99C7,
- 0x99CB, 0x99CD, 0x99D7, 0x99E5, 0x99F1, 0x99FB, 0x9A0F, 0x9A13,
- 0x9A1B, 0x9A25, 0x9A4B, 0x9A4F, 0x9A55, 0x9A57, 0x9A61, 0x9A75,
- 0x9A7F, 0x9A8B, 0x9A91, 0x9A9D, 0x9AB7, 0x9AC3, 0x9AC7, 0x9ACF,
- 0x9AEB, 0x9AF3, 0x9AF7, 0x9AFF, 0x9B17, 0x9B1D, 0x9B27, 0x9B2F,
- 0x9B35, 0x9B45, 0x9B51, 0x9B59, 0x9B63, 0x9B6F, 0x9B77, 0x9B8D,
- 0x9B93, 0x9B95, 0x9B9F, 0x9BA1, 0x9BA7, 0x9BB1, 0x9BB7, 0x9BBD,
- 0x9BC5, 0x9BCB, 0x9BCF, 0x9BDD, 0x9BF9, 0x9C01, 0x9C11, 0x9C23,
- 0x9C2B, 0x9C2F, 0x9C35, 0x9C49, 0x9C4D, 0x9C5F, 0x9C65, 0x9C67,
- 0x9C7F, 0x9C97, 0x9C9D, 0x9CA3, 0x9CAF, 0x9CBB, 0x9CBF, 0x9CC1,
- 0x9CD7, 0x9CD9, 0x9CE3, 0x9CE9, 0x9CF1, 0x9CFD, 0x9D01, 0x9D15,
- 0x9D27, 0x9D2D, 0x9D31, 0x9D3D, 0x9D55, 0x9D5B, 0x9D61, 0x9D97,
- 0x9D9F, 0x9DA5, 0x9DA9, 0x9DC3, 0x9DE7, 0x9DEB, 0x9DED, 0x9DF1,
- 0x9E0B, 0x9E17, 0x9E23, 0x9E27, 0x9E2D, 0x9E33, 0x9E3B, 0x9E47,
- 0x9E51, 0x9E53, 0x9E5F, 0x9E6F, 0x9E81, 0x9E87, 0x9E8F, 0x9E95,
- 0x9EA1, 0x9EB3, 0x9EBD, 0x9EBF, 0x9EF5, 0x9EF9, 0x9EFB, 0x9F05,
- 0x9F23, 0x9F2F, 0x9F37, 0x9F3B, 0x9F43, 0x9F53, 0x9F61, 0x9F6D,
- 0x9F73, 0x9F77, 0x9F7D, 0x9F89, 0x9F8F, 0x9F91, 0x9F95, 0x9FA3,
- 0x9FAF, 0x9FB3, 0x9FC1, 0x9FC7, 0x9FDF, 0x9FE5, 0x9FEB, 0x9FF5,
- 0xA001, 0xA00D, 0xA021, 0xA033, 0xA039, 0xA03F, 0xA04F, 0xA057,
- 0xA05B, 0xA061, 0xA075, 0xA079, 0xA099, 0xA09D, 0xA0AB, 0xA0B5,
- 0xA0B7, 0xA0BD, 0xA0C9, 0xA0D9, 0xA0DB, 0xA0DF, 0xA0E5, 0xA0F1,
- 0xA0F3, 0xA0FD, 0xA105, 0xA10B, 0xA10F, 0xA111, 0xA11B, 0xA129,
- 0xA12F, 0xA135, 0xA141, 0xA153, 0xA175, 0xA17D, 0xA187, 0xA18D,
- 0xA1A5, 0xA1AB, 0xA1AD, 0xA1B7, 0xA1C3, 0xA1C5, 0xA1E3, 0xA1ED,
- 0xA1FB, 0xA207, 0xA213, 0xA223, 0xA229, 0xA22F, 0xA231, 0xA243,
- 0xA247, 0xA24D, 0xA26B, 0xA279, 0xA27D, 0xA283, 0xA289, 0xA28B,
- 0xA291, 0xA295, 0xA29B, 0xA2A9, 0xA2AF, 0xA2B3, 0xA2BB, 0xA2C5,
- 0xA2D1, 0xA2D7, 0xA2F7, 0xA301, 0xA309, 0xA31F, 0xA321, 0xA32B,
- 0xA331, 0xA349, 0xA351, 0xA355, 0xA373, 0xA379, 0xA37B, 0xA387,
- 0xA397, 0xA39F, 0xA3A5, 0xA3A9, 0xA3AF, 0xA3B7, 0xA3C7, 0xA3D5,
- 0xA3DB, 0xA3E1, 0xA3E5, 0xA3E7, 0xA3F1, 0xA3FD, 0xA3FF, 0xA40F,
- 0xA41D, 0xA421, 0xA423, 0xA427, 0xA43B, 0xA44D, 0xA457, 0xA459,
- 0xA463, 0xA469, 0xA475, 0xA493, 0xA49B, 0xA4AD, 0xA4B9, 0xA4C3,
- 0xA4C5, 0xA4CB, 0xA4D1, 0xA4D5, 0xA4E1, 0xA4ED, 0xA4EF, 0xA4F3,
- 0xA4FF, 0xA511, 0xA529, 0xA52B, 0xA535, 0xA53B, 0xA543, 0xA553,
- 0xA55B, 0xA561, 0xA56D, 0xA577, 0xA585, 0xA58B, 0xA597, 0xA59D,
- 0xA5A3, 0xA5A7, 0xA5A9, 0xA5C1, 0xA5C5, 0xA5CB, 0xA5D3, 0xA5D9,
- 0xA5DD, 0xA5DF, 0xA5E3, 0xA5E9, 0xA5F7, 0xA5FB, 0xA603, 0xA60D,
- 0xA625, 0xA63D, 0xA649, 0xA64B, 0xA651, 0xA65D, 0xA673, 0xA691,
- 0xA693, 0xA699, 0xA6AB, 0xA6B5, 0xA6BB, 0xA6C1, 0xA6C9, 0xA6CD,
- 0xA6CF, 0xA6D5, 0xA6DF, 0xA6E7, 0xA6F1, 0xA6F7, 0xA6FF, 0xA70F,
- 0xA715, 0xA723, 0xA729, 0xA72D, 0xA745, 0xA74D, 0xA757, 0xA759,
- 0xA765, 0xA76B, 0xA76F, 0xA793, 0xA795, 0xA7AB, 0xA7B1, 0xA7B9,
- 0xA7BF, 0xA7C9, 0xA7D1, 0xA7D7, 0xA7E3, 0xA7ED, 0xA7FB, 0xA805,
- 0xA80B, 0xA81D, 0xA829, 0xA82B, 0xA837, 0xA83B, 0xA855, 0xA85F,
- 0xA86D, 0xA87D, 0xA88F, 0xA897, 0xA8A9, 0xA8B5, 0xA8C1, 0xA8C7,
- 0xA8D7, 0xA8E5, 0xA8FD, 0xA907, 0xA913, 0xA91B, 0xA931, 0xA937,
- 0xA939, 0xA943, 0xA97F, 0xA985, 0xA987, 0xA98B, 0xA993, 0xA9A3,
- 0xA9B1, 0xA9BB, 0xA9C1, 0xA9D9, 0xA9DF, 0xA9EB, 0xA9FD, 0xAA15,
- 0xAA17, 0xAA35, 0xAA39, 0xAA3B, 0xAA47, 0xAA4D, 0xAA57, 0xAA59,
- 0xAA5D, 0xAA6B, 0xAA71, 0xAA81, 0xAA83, 0xAA8D, 0xAA95, 0xAAAB,
- 0xAABF, 0xAAC5, 0xAAC9, 0xAAE9, 0xAAEF, 0xAB01, 0xAB05, 0xAB07,
- 0xAB0B, 0xAB0D, 0xAB11, 0xAB19, 0xAB4D, 0xAB5B, 0xAB71, 0xAB73,
- 0xAB89, 0xAB9D, 0xABA7, 0xABAF, 0xABB9, 0xABBB, 0xABC1, 0xABC5,
- 0xABD3, 0xABD7, 0xABDD, 0xABF1, 0xABF5, 0xABFB, 0xABFD, 0xAC09,
- 0xAC15, 0xAC1B, 0xAC27, 0xAC37, 0xAC39, 0xAC45, 0xAC4F, 0xAC57,
- 0xAC5B, 0xAC61, 0xAC63, 0xAC7F, 0xAC8B, 0xAC93, 0xAC9D, 0xACA9,
- 0xACAB, 0xACAF, 0xACBD, 0xACD9, 0xACE1, 0xACE7, 0xACEB, 0xACED,
- 0xACF1, 0xACF7, 0xACF9, 0xAD05, 0xAD3F, 0xAD45, 0xAD53, 0xAD5D,
- 0xAD5F, 0xAD65, 0xAD81, 0xADA1, 0xADA5, 0xADC3, 0xADCB, 0xADD1,
- 0xADD5, 0xADDB, 0xADE7, 0xADF3, 0xADF5, 0xADF9, 0xADFF, 0xAE05,
- 0xAE13, 0xAE23, 0xAE2B, 0xAE49, 0xAE4D, 0xAE4F, 0xAE59, 0xAE61,
- 0xAE67, 0xAE6B, 0xAE71, 0xAE8B, 0xAE8F, 0xAE9B, 0xAE9D, 0xAEA7,
- 0xAEB9, 0xAEC5, 0xAED1, 0xAEE3, 0xAEE5, 0xAEE9, 0xAEF5, 0xAEFD,
- 0xAF09, 0xAF13, 0xAF27, 0xAF2B, 0xAF33, 0xAF43, 0xAF4F, 0xAF57,
- 0xAF5D, 0xAF6D, 0xAF75, 0xAF7F, 0xAF8B, 0xAF99, 0xAF9F, 0xAFA3,
- 0xAFAB, 0xAFB7, 0xAFBB, 0xAFCF, 0xAFD5, 0xAFFD, 0xB005, 0xB015,
- 0xB01B, 0xB03F, 0xB041, 0xB047, 0xB04B, 0xB051, 0xB053, 0xB069,
- 0xB07B, 0xB07D, 0xB087, 0xB08D, 0xB0B1, 0xB0BF, 0xB0CB, 0xB0CF,
- 0xB0E1, 0xB0E9, 0xB0ED, 0xB0FB, 0xB105, 0xB107, 0xB111, 0xB119,
- 0xB11D, 0xB11F, 0xB131, 0xB141, 0xB14D, 0xB15B, 0xB165, 0xB173,
- 0xB179, 0xB17F, 0xB1A9, 0xB1B3, 0xB1B9, 0xB1BF, 0xB1D3, 0xB1DD,
- 0xB1E5, 0xB1F1, 0xB1F5, 0xB201, 0xB213, 0xB215, 0xB21F, 0xB22D,
- 0xB23F, 0xB249, 0xB25B, 0xB263, 0xB269, 0xB26D, 0xB27B, 0xB281,
- 0xB28B, 0xB2A9, 0xB2B7, 0xB2BD, 0xB2C3, 0xB2C7, 0xB2D3, 0xB2F9,
- 0xB2FD, 0xB2FF, 0xB303, 0xB309, 0xB311, 0xB31D, 0xB327, 0xB32D,
- 0xB33F, 0xB345, 0xB377, 0xB37D, 0xB381, 0xB387, 0xB393, 0xB39B,
- 0xB3A5, 0xB3C5, 0xB3CB, 0xB3E1, 0xB3E3, 0xB3ED, 0xB3F9, 0xB40B,
- 0xB40D, 0xB413, 0xB417, 0xB435, 0xB43D, 0xB443, 0xB449, 0xB45B,
- 0xB465, 0xB467, 0xB46B, 0xB477, 0xB48B, 0xB495, 0xB49D, 0xB4B5,
- 0xB4BF, 0xB4C1, 0xB4C7, 0xB4DD, 0xB4E3, 0xB4E5, 0xB4F7, 0xB501,
- 0xB50D, 0xB50F, 0xB52D, 0xB53F, 0xB54B, 0xB567, 0xB569, 0xB56F,
- 0xB573, 0xB579, 0xB587, 0xB58D, 0xB599, 0xB5A3, 0xB5AB, 0xB5AF,
- 0xB5BB, 0xB5D5, 0xB5DF, 0xB5E7, 0xB5ED, 0xB5FD, 0xB5FF, 0xB609,
- 0xB61B, 0xB629, 0xB62F, 0xB633, 0xB639, 0xB647, 0xB657, 0xB659,
- 0xB65F, 0xB663, 0xB66F, 0xB683, 0xB687, 0xB69B, 0xB69F, 0xB6A5,
- 0xB6B1, 0xB6B3, 0xB6D7, 0xB6DB, 0xB6E1, 0xB6E3, 0xB6ED, 0xB6EF,
- 0xB705, 0xB70D, 0xB713, 0xB71D, 0xB729, 0xB735, 0xB747, 0xB755,
- 0xB76D, 0xB791, 0xB795, 0xB7A9, 0xB7C1, 0xB7CB, 0xB7D1, 0xB7D3,
- 0xB7EF, 0xB7F5, 0xB807, 0xB80F, 0xB813, 0xB819, 0xB821, 0xB827,
- 0xB82B, 0xB82D, 0xB839, 0xB855, 0xB867, 0xB875, 0xB885, 0xB893,
- 0xB8A5, 0xB8AF, 0xB8B7, 0xB8BD, 0xB8C1, 0xB8C7, 0xB8CD, 0xB8D5,
- 0xB8EB, 0xB8F7, 0xB8F9, 0xB903, 0xB915, 0xB91B, 0xB91D, 0xB92F,
- 0xB939, 0xB93B, 0xB947, 0xB951, 0xB963, 0xB983, 0xB989, 0xB98D,
- 0xB993, 0xB999, 0xB9A1, 0xB9A7, 0xB9AD, 0xB9B7, 0xB9CB, 0xB9D1,
- 0xB9DD, 0xB9E7, 0xB9EF, 0xB9F9, 0xBA07, 0xBA0D, 0xBA17, 0xBA25,
- 0xBA29, 0xBA2B, 0xBA41, 0xBA53, 0xBA55, 0xBA5F, 0xBA61, 0xBA65,
- 0xBA79, 0xBA7D, 0xBA7F, 0xBAA1, 0xBAA3, 0xBAAF, 0xBAB5, 0xBABF,
- 0xBAC1, 0xBACB, 0xBADD, 0xBAE3, 0xBAF1, 0xBAFD, 0xBB09, 0xBB1F,
- 0xBB27, 0xBB2D, 0xBB3D, 0xBB43, 0xBB4B, 0xBB4F, 0xBB5B, 0xBB61,
- 0xBB69, 0xBB6D, 0xBB91, 0xBB97, 0xBB9D, 0xBBB1, 0xBBC9, 0xBBCF,
- 0xBBDB, 0xBBED, 0xBBF7, 0xBBF9, 0xBC03, 0xBC1D, 0xBC23, 0xBC33,
- 0xBC3B, 0xBC41, 0xBC45, 0xBC5D, 0xBC6F, 0xBC77, 0xBC83, 0xBC8F,
- 0xBC99, 0xBCAB, 0xBCB7, 0xBCB9, 0xBCD1, 0xBCD5, 0xBCE1, 0xBCF3,
- 0xBCFF, 0xBD0D, 0xBD17, 0xBD19, 0xBD1D, 0xBD35, 0xBD41, 0xBD4F,
- 0xBD59, 0xBD5F, 0xBD61, 0xBD67, 0xBD6B, 0xBD71, 0xBD8B, 0xBD8F,
- 0xBD95, 0xBD9B, 0xBD9D, 0xBDB3, 0xBDBB, 0xBDCD, 0xBDD1, 0xBDE3,
- 0xBDEB, 0xBDEF, 0xBE07, 0xBE09, 0xBE15, 0xBE21, 0xBE25, 0xBE27,
- 0xBE5B, 0xBE5D, 0xBE6F, 0xBE75, 0xBE79, 0xBE7F, 0xBE8B, 0xBE8D,
- 0xBE93, 0xBE9F, 0xBEA9, 0xBEB1, 0xBEB5, 0xBEB7, 0xBECF, 0xBED9,
- 0xBEDB, 0xBEE5, 0xBEE7, 0xBEF3, 0xBEF9, 0xBF0B, 0xBF33, 0xBF39,
- 0xBF4D, 0xBF5D, 0xBF5F, 0xBF6B, 0xBF71, 0xBF7B, 0xBF87, 0xBF89,
- 0xBF8D, 0xBF93, 0xBFA1, 0xBFAD, 0xBFB9, 0xBFCF, 0xBFD5, 0xBFDD,
- 0xBFE1, 0xBFE3, 0xBFF3, 0xC005, 0xC011, 0xC013, 0xC019, 0xC029,
- 0xC02F, 0xC031, 0xC037, 0xC03B, 0xC047, 0xC065, 0xC06D, 0xC07D,
- 0xC07F, 0xC091, 0xC09B, 0xC0B3, 0xC0B5, 0xC0BB, 0xC0D3, 0xC0D7,
- 0xC0D9, 0xC0EF, 0xC0F1, 0xC101, 0xC103, 0xC109, 0xC115, 0xC119,
- 0xC12B, 0xC133, 0xC137, 0xC145, 0xC149, 0xC15B, 0xC173, 0xC179,
- 0xC17B, 0xC181, 0xC18B, 0xC18D, 0xC197, 0xC1BD, 0xC1C3, 0xC1CD,
- 0xC1DB, 0xC1E1, 0xC1E7, 0xC1FF, 0xC203, 0xC205, 0xC211, 0xC221,
- 0xC22F, 0xC23F, 0xC24B, 0xC24D, 0xC253, 0xC25D, 0xC277, 0xC27B,
- 0xC27D, 0xC289, 0xC28F, 0xC293, 0xC29F, 0xC2A7, 0xC2B3, 0xC2BD,
- 0xC2CF, 0xC2D5, 0xC2E3, 0xC2FF, 0xC301, 0xC307, 0xC311, 0xC313,
- 0xC317, 0xC325, 0xC347, 0xC349, 0xC34F, 0xC365, 0xC367, 0xC371,
- 0xC37F, 0xC383, 0xC385, 0xC395, 0xC39D, 0xC3A7, 0xC3AD, 0xC3B5,
- 0xC3BF, 0xC3C7, 0xC3CB, 0xC3D1, 0xC3D3, 0xC3E3, 0xC3E9, 0xC3EF,
- 0xC401, 0xC41F, 0xC42D, 0xC433, 0xC437, 0xC455, 0xC457, 0xC461,
- 0xC46F, 0xC473, 0xC487, 0xC491, 0xC499, 0xC49D, 0xC4A5, 0xC4B7,
- 0xC4BB, 0xC4C9, 0xC4CF, 0xC4D3, 0xC4EB, 0xC4F1, 0xC4F7, 0xC509,
- 0xC51B, 0xC51D, 0xC541, 0xC547, 0xC551, 0xC55F, 0xC56B, 0xC56F,
- 0xC575, 0xC577, 0xC595, 0xC59B, 0xC59F, 0xC5A1, 0xC5A7, 0xC5C3,
- 0xC5D7, 0xC5DB, 0xC5EF, 0xC5FB, 0xC613, 0xC623, 0xC635, 0xC641,
- 0xC64F, 0xC655, 0xC659, 0xC665, 0xC685, 0xC691, 0xC697, 0xC6A1,
- 0xC6A9, 0xC6B3, 0xC6B9, 0xC6CB, 0xC6CD, 0xC6DD, 0xC6EB, 0xC6F1,
- 0xC707, 0xC70D, 0xC719, 0xC71B, 0xC72D, 0xC731, 0xC739, 0xC757,
- 0xC763, 0xC767, 0xC773, 0xC775, 0xC77F, 0xC7A5, 0xC7BB, 0xC7BD,
- 0xC7C1, 0xC7CF, 0xC7D5, 0xC7E1, 0xC7F9, 0xC7FD, 0xC7FF, 0xC803,
- 0xC811, 0xC81D, 0xC827, 0xC829, 0xC839, 0xC83F, 0xC853, 0xC857,
- 0xC86B, 0xC881, 0xC88D, 0xC88F, 0xC893, 0xC895, 0xC8A1, 0xC8B7,
- 0xC8CF, 0xC8D5, 0xC8DB, 0xC8DD, 0xC8E3, 0xC8E7, 0xC8ED, 0xC8EF,
- 0xC8F9, 0xC905, 0xC911, 0xC917, 0xC919, 0xC91F, 0xC92F, 0xC937,
- 0xC93D, 0xC941, 0xC953, 0xC95F, 0xC96B, 0xC979, 0xC97D, 0xC989,
- 0xC98F, 0xC997, 0xC99D, 0xC9AF, 0xC9B5, 0xC9BF, 0xC9CB, 0xC9D9,
- 0xC9DF, 0xC9E3, 0xC9EB, 0xCA01, 0xCA07, 0xCA09, 0xCA25, 0xCA37,
- 0xCA39, 0xCA4B, 0xCA55, 0xCA5B, 0xCA69, 0xCA73, 0xCA75, 0xCA7F,
- 0xCA8D, 0xCA93, 0xCA9D, 0xCA9F, 0xCAB5, 0xCABB, 0xCAC3, 0xCAC9,
- 0xCAD9, 0xCAE5, 0xCAED, 0xCB03, 0xCB05, 0xCB09, 0xCB17, 0xCB29,
- 0xCB35, 0xCB3B, 0xCB53, 0xCB59, 0xCB63, 0xCB65, 0xCB71, 0xCB87,
- 0xCB99, 0xCB9F, 0xCBB3, 0xCBB9, 0xCBC3, 0xCBD1, 0xCBD5, 0xCBD7,
- 0xCBDD, 0xCBE9, 0xCBFF, 0xCC0D, 0xCC19, 0xCC1D, 0xCC23, 0xCC2B,
- 0xCC41, 0xCC43, 0xCC4D, 0xCC59, 0xCC61, 0xCC89, 0xCC8B, 0xCC91,
- 0xCC9B, 0xCCA3, 0xCCA7, 0xCCD1, 0xCCE5, 0xCCE9, 0xCD09, 0xCD15,
- 0xCD1F, 0xCD25, 0xCD31, 0xCD3D, 0xCD3F, 0xCD49, 0xCD51, 0xCD57,
- 0xCD5B, 0xCD63, 0xCD67, 0xCD81, 0xCD93, 0xCD97, 0xCD9F, 0xCDBB,
- 0xCDC1, 0xCDD3, 0xCDD9, 0xCDE5, 0xCDE7, 0xCDF1, 0xCDF7, 0xCDFD,
- 0xCE0B, 0xCE15, 0xCE21, 0xCE2F, 0xCE47, 0xCE4D, 0xCE51, 0xCE65,
- 0xCE7B, 0xCE7D, 0xCE8F, 0xCE93, 0xCE99, 0xCEA5, 0xCEA7, 0xCEB7,
- 0xCEC9, 0xCED7, 0xCEDD, 0xCEE3, 0xCEE7, 0xCEED, 0xCEF5, 0xCF07,
- 0xCF0B, 0xCF19, 0xCF37, 0xCF3B, 0xCF4D, 0xCF55, 0xCF5F, 0xCF61,
- 0xCF65, 0xCF6D, 0xCF79, 0xCF7D, 0xCF89, 0xCF9B, 0xCF9D, 0xCFA9,
- 0xCFB3, 0xCFB5, 0xCFC5, 0xCFCD, 0xCFD1, 0xCFEF, 0xCFF1, 0xCFF7,
- 0xD013, 0xD015, 0xD01F, 0xD021, 0xD033, 0xD03D, 0xD04B, 0xD04F,
- 0xD069, 0xD06F, 0xD081, 0xD085, 0xD099, 0xD09F, 0xD0A3, 0xD0AB,
- 0xD0BD, 0xD0C1, 0xD0CD, 0xD0E7, 0xD0FF, 0xD103, 0xD117, 0xD12D,
- 0xD12F, 0xD141, 0xD157, 0xD159, 0xD15D, 0xD169, 0xD16B, 0xD171,
- 0xD177, 0xD17D, 0xD181, 0xD187, 0xD195, 0xD199, 0xD1B1, 0xD1BD,
- 0xD1C3, 0xD1D5, 0xD1D7, 0xD1E3, 0xD1FF, 0xD20D, 0xD211, 0xD217,
- 0xD21F, 0xD235, 0xD23B, 0xD247, 0xD259, 0xD261, 0xD265, 0xD279,
- 0xD27F, 0xD283, 0xD289, 0xD28B, 0xD29D, 0xD2A3, 0xD2A7, 0xD2B3,
- 0xD2BF, 0xD2C7, 0xD2E3, 0xD2E9, 0xD2F1, 0xD2FB, 0xD2FD, 0xD315,
- 0xD321, 0xD32B, 0xD343, 0xD34B, 0xD355, 0xD369, 0xD375, 0xD37B,
- 0xD387, 0xD393, 0xD397, 0xD3A5, 0xD3B1, 0xD3C9, 0xD3EB, 0xD3FD,
- 0xD405, 0xD40F, 0xD415, 0xD427, 0xD42F, 0xD433, 0xD43B, 0xD44B,
- 0xD459, 0xD45F, 0xD463, 0xD469, 0xD481, 0xD483, 0xD489, 0xD48D,
- 0xD493, 0xD495, 0xD4A5, 0xD4AB, 0xD4B1, 0xD4C5, 0xD4DD, 0xD4E1,
- 0xD4E3, 0xD4E7, 0xD4F5, 0xD4F9, 0xD50B, 0xD50D, 0xD513, 0xD51F,
- 0xD523, 0xD531, 0xD535, 0xD537, 0xD549, 0xD559, 0xD55F, 0xD565,
- 0xD567, 0xD577, 0xD58B, 0xD591, 0xD597, 0xD5B5, 0xD5B9, 0xD5C1,
- 0xD5C7, 0xD5DF, 0xD5EF, 0xD5F5, 0xD5FB, 0xD603, 0xD60F, 0xD62D,
- 0xD631, 0xD643, 0xD655, 0xD65D, 0xD661, 0xD67B, 0xD685, 0xD687,
- 0xD69D, 0xD6A5, 0xD6AF, 0xD6BD, 0xD6C3, 0xD6C7, 0xD6D9, 0xD6E1,
- 0xD6ED, 0xD709, 0xD70B, 0xD711, 0xD715, 0xD721, 0xD727, 0xD73F,
- 0xD745, 0xD74D, 0xD757, 0xD76B, 0xD77B, 0xD783, 0xD7A1, 0xD7A7,
- 0xD7AD, 0xD7B1, 0xD7B3, 0xD7BD, 0xD7CB, 0xD7D1, 0xD7DB, 0xD7FB,
- 0xD811, 0xD823, 0xD825, 0xD829, 0xD82B, 0xD82F, 0xD837, 0xD84D,
- 0xD855, 0xD867, 0xD873, 0xD88F, 0xD891, 0xD8A1, 0xD8AD, 0xD8BF,
- 0xD8CD, 0xD8D7, 0xD8E9, 0xD8F5, 0xD8FB, 0xD91B, 0xD925, 0xD933,
- 0xD939, 0xD943, 0xD945, 0xD94F, 0xD951, 0xD957, 0xD96D, 0xD96F,
- 0xD973, 0xD979, 0xD981, 0xD98B, 0xD991, 0xD99F, 0xD9A5, 0xD9A9,
- 0xD9B5, 0xD9D3, 0xD9EB, 0xD9F1, 0xD9F7, 0xD9FF, 0xDA05, 0xDA09,
- 0xDA0B, 0xDA0F, 0xDA15, 0xDA1D, 0xDA23, 0xDA29, 0xDA3F, 0xDA51,
- 0xDA59, 0xDA5D, 0xDA5F, 0xDA71, 0xDA77, 0xDA7B, 0xDA7D, 0xDA8D,
- 0xDA9F, 0xDAB3, 0xDABD, 0xDAC3, 0xDAC9, 0xDAE7, 0xDAE9, 0xDAF5,
- 0xDB11, 0xDB17, 0xDB1D, 0xDB23, 0xDB25, 0xDB31, 0xDB3B, 0xDB43,
- 0xDB55, 0xDB67, 0xDB6B, 0xDB73, 0xDB85, 0xDB8F, 0xDB91, 0xDBAD,
- 0xDBAF, 0xDBB9, 0xDBC7, 0xDBCB, 0xDBCD, 0xDBEB, 0xDBF7, 0xDC0D,
- 0xDC27, 0xDC31, 0xDC39, 0xDC3F, 0xDC49, 0xDC51, 0xDC61, 0xDC6F,
- 0xDC75, 0xDC7B, 0xDC85, 0xDC93, 0xDC99, 0xDC9D, 0xDC9F, 0xDCA9,
- 0xDCB5, 0xDCB7, 0xDCBD, 0xDCC7, 0xDCCF, 0xDCD3, 0xDCD5, 0xDCDF,
- 0xDCF9, 0xDD0F, 0xDD15, 0xDD17, 0xDD23, 0xDD35, 0xDD39, 0xDD53,
- 0xDD57, 0xDD5F, 0xDD69, 0xDD6F, 0xDD7D, 0xDD87, 0xDD89, 0xDD9B,
- 0xDDA1, 0xDDAB, 0xDDBF, 0xDDC5, 0xDDCB, 0xDDCF, 0xDDE7, 0xDDE9,
- 0xDDED, 0xDDF5, 0xDDFB, 0xDE0B, 0xDE19, 0xDE29, 0xDE3B, 0xDE3D,
- 0xDE41, 0xDE4D, 0xDE4F, 0xDE59, 0xDE5B, 0xDE61, 0xDE6D, 0xDE77,
- 0xDE7D, 0xDE83, 0xDE97, 0xDE9D, 0xDEA1, 0xDEA7, 0xDECD, 0xDED1,
- 0xDED7, 0xDEE3, 0xDEF1, 0xDEF5, 0xDF01, 0xDF09, 0xDF13, 0xDF1F,
- 0xDF2B, 0xDF33, 0xDF37, 0xDF3D, 0xDF4B, 0xDF55, 0xDF5B, 0xDF67,
- 0xDF69, 0xDF73, 0xDF85, 0xDF87, 0xDF99, 0xDFA3, 0xDFAB, 0xDFB5,
- 0xDFB7, 0xDFC3, 0xDFC7, 0xDFD5, 0xDFF1, 0xDFF3, 0xE003, 0xE005,
- 0xE017, 0xE01D, 0xE027, 0xE02D, 0xE035, 0xE045, 0xE053, 0xE071,
- 0xE07B, 0xE08F, 0xE095, 0xE09F, 0xE0B7, 0xE0B9, 0xE0D5, 0xE0D7,
- 0xE0E3, 0xE0F3, 0xE0F9, 0xE101, 0xE125, 0xE129, 0xE131, 0xE135,
- 0xE143, 0xE14F, 0xE159, 0xE161, 0xE16D, 0xE171, 0xE177, 0xE17F,
- 0xE183, 0xE189, 0xE197, 0xE1AD, 0xE1B5, 0xE1BB, 0xE1BF, 0xE1C1,
- 0xE1CB, 0xE1D1, 0xE1E5, 0xE1EF, 0xE1F7, 0xE1FD, 0xE203, 0xE219,
- 0xE22B, 0xE22D, 0xE23D, 0xE243, 0xE257, 0xE25B, 0xE275, 0xE279,
- 0xE287, 0xE29D, 0xE2AB, 0xE2AF, 0xE2BB, 0xE2C1, 0xE2C9, 0xE2CD,
- 0xE2D3, 0xE2D9, 0xE2F3, 0xE2FD, 0xE2FF, 0xE311, 0xE323, 0xE327,
- 0xE329, 0xE339, 0xE33B, 0xE34D, 0xE351, 0xE357, 0xE35F, 0xE363,
- 0xE369, 0xE375, 0xE377, 0xE37D, 0xE383, 0xE39F, 0xE3C5, 0xE3C9,
- 0xE3D1, 0xE3E1, 0xE3FB, 0xE3FF, 0xE401, 0xE40B, 0xE417, 0xE419,
- 0xE423, 0xE42B, 0xE431, 0xE43B, 0xE447, 0xE449, 0xE453, 0xE455,
- 0xE46D, 0xE471, 0xE48F, 0xE4A9, 0xE4AF, 0xE4B5, 0xE4C7, 0xE4CD,
- 0xE4D3, 0xE4E9, 0xE4EB, 0xE4F5, 0xE507, 0xE521, 0xE525, 0xE537,
- 0xE53F, 0xE545, 0xE54B, 0xE557, 0xE567, 0xE56D, 0xE575, 0xE585,
- 0xE58B, 0xE593, 0xE5A3, 0xE5A5, 0xE5CF, 0xE609, 0xE611, 0xE615,
- 0xE61B, 0xE61D, 0xE621, 0xE629, 0xE639, 0xE63F, 0xE653, 0xE657,
- 0xE663, 0xE66F, 0xE675, 0xE681, 0xE683, 0xE68D, 0xE68F, 0xE695,
- 0xE6AB, 0xE6AD, 0xE6B7, 0xE6BD, 0xE6C5, 0xE6CB, 0xE6D5, 0xE6E3,
- 0xE6E9, 0xE6EF, 0xE6F3, 0xE705, 0xE70D, 0xE717, 0xE71F, 0xE72F,
- 0xE73D, 0xE747, 0xE749, 0xE753, 0xE755, 0xE761, 0xE767, 0xE76B,
- 0xE77F, 0xE789, 0xE791, 0xE7C5, 0xE7CD, 0xE7D7, 0xE7DD, 0xE7DF,
- 0xE7E9, 0xE7F1, 0xE7FB, 0xE801, 0xE807, 0xE80F, 0xE819, 0xE81B,
- 0xE831, 0xE833, 0xE837, 0xE83D, 0xE84B, 0xE84F, 0xE851, 0xE869,
- 0xE875, 0xE879, 0xE893, 0xE8A5, 0xE8A9, 0xE8AF, 0xE8BD, 0xE8DB,
- 0xE8E1, 0xE8E5, 0xE8EB, 0xE8ED, 0xE903, 0xE90B, 0xE90F, 0xE915,
- 0xE917, 0xE92D, 0xE933, 0xE93B, 0xE94B, 0xE951, 0xE95F, 0xE963,
- 0xE969, 0xE97B, 0xE983, 0xE98F, 0xE995, 0xE9A1, 0xE9B9, 0xE9D7,
- 0xE9E7, 0xE9EF, 0xEA11, 0xEA19, 0xEA2F, 0xEA35, 0xEA43, 0xEA4D,
- 0xEA5F, 0xEA6D, 0xEA71, 0xEA7D, 0xEA85, 0xEA89, 0xEAAD, 0xEAB3,
- 0xEAB9, 0xEABB, 0xEAC5, 0xEAC7, 0xEACB, 0xEADF, 0xEAE5, 0xEAEB,
- 0xEAF5, 0xEB01, 0xEB07, 0xEB09, 0xEB31, 0xEB39, 0xEB3F, 0xEB5B,
- 0xEB61, 0xEB63, 0xEB6F, 0xEB81, 0xEB85, 0xEB9D, 0xEBAB, 0xEBB1,
- 0xEBB7, 0xEBC1, 0xEBD5, 0xEBDF, 0xEBED, 0xEBFD, 0xEC0B, 0xEC1B,
- 0xEC21, 0xEC29, 0xEC4D, 0xEC51, 0xEC5D, 0xEC69, 0xEC6F, 0xEC7B,
- 0xECAD, 0xECB9, 0xECBF, 0xECC3, 0xECC9, 0xECCF, 0xECD7, 0xECDD,
- 0xECE7, 0xECE9, 0xECF3, 0xECF5, 0xED07, 0xED11, 0xED1F, 0xED2F,
- 0xED37, 0xED3D, 0xED41, 0xED55, 0xED59, 0xED5B, 0xED65, 0xED6B,
- 0xED79, 0xED8B, 0xED95, 0xEDBB, 0xEDC5, 0xEDD7, 0xEDD9, 0xEDE3,
- 0xEDE5, 0xEDF1, 0xEDF5, 0xEDF7, 0xEDFB, 0xEE09, 0xEE0F, 0xEE19,
- 0xEE21, 0xEE49, 0xEE4F, 0xEE63, 0xEE67, 0xEE73, 0xEE7B, 0xEE81,
- 0xEEA3, 0xEEAB, 0xEEC1, 0xEEC9, 0xEED5, 0xEEDF, 0xEEE1, 0xEEF1,
- 0xEF1B, 0xEF27, 0xEF2F, 0xEF45, 0xEF4D, 0xEF63, 0xEF6B, 0xEF71,
- 0xEF93, 0xEF95, 0xEF9B, 0xEF9F, 0xEFAD, 0xEFB3, 0xEFC3, 0xEFC5,
- 0xEFDB, 0xEFE1, 0xEFE9, 0xF001, 0xF017, 0xF01D, 0xF01F, 0xF02B,
- 0xF02F, 0xF035, 0xF043, 0xF047, 0xF04F, 0xF067, 0xF06B, 0xF071,
- 0xF077, 0xF079, 0xF08F, 0xF0A3, 0xF0A9, 0xF0AD, 0xF0BB, 0xF0BF,
- 0xF0C5, 0xF0CB, 0xF0D3, 0xF0D9, 0xF0E3, 0xF0E9, 0xF0F1, 0xF0F7,
- 0xF107, 0xF115, 0xF11B, 0xF121, 0xF137, 0xF13D, 0xF155, 0xF175,
- 0xF17B, 0xF18D, 0xF193, 0xF1A5, 0xF1AF, 0xF1B7, 0xF1D5, 0xF1E7,
- 0xF1ED, 0xF1FD, 0xF209, 0xF20F, 0xF21B, 0xF21D, 0xF223, 0xF227,
- 0xF233, 0xF23B, 0xF241, 0xF257, 0xF25F, 0xF265, 0xF269, 0xF277,
- 0xF281, 0xF293, 0xF2A7, 0xF2B1, 0xF2B3, 0xF2B9, 0xF2BD, 0xF2BF,
- 0xF2DB, 0xF2ED, 0xF2EF, 0xF2F9, 0xF2FF, 0xF305, 0xF30B, 0xF319,
- 0xF341, 0xF359, 0xF35B, 0xF35F, 0xF367, 0xF373, 0xF377, 0xF38B,
- 0xF38F, 0xF3AF, 0xF3C1, 0xF3D1, 0xF3D7, 0xF3FB, 0xF403, 0xF409,
- 0xF40D, 0xF413, 0xF421, 0xF425, 0xF42B, 0xF445, 0xF44B, 0xF455,
- 0xF463, 0xF475, 0xF47F, 0xF485, 0xF48B, 0xF499, 0xF4A3, 0xF4A9,
- 0xF4AF, 0xF4BD, 0xF4C3, 0xF4DB, 0xF4DF, 0xF4ED, 0xF503, 0xF50B,
- 0xF517, 0xF521, 0xF529, 0xF535, 0xF547, 0xF551, 0xF563, 0xF56B,
- 0xF583, 0xF58D, 0xF595, 0xF599, 0xF5B1, 0xF5B7, 0xF5C9, 0xF5CF,
- 0xF5D1, 0xF5DB, 0xF5F9, 0xF5FB, 0xF605, 0xF607, 0xF60B, 0xF60D,
- 0xF635, 0xF637, 0xF653, 0xF65B, 0xF661, 0xF667, 0xF679, 0xF67F,
- 0xF689, 0xF697, 0xF69B, 0xF6AD, 0xF6CB, 0xF6DD, 0xF6DF, 0xF6EB,
- 0xF709, 0xF70F, 0xF72D, 0xF731, 0xF743, 0xF74F, 0xF751, 0xF755,
- 0xF763, 0xF769, 0xF773, 0xF779, 0xF781, 0xF787, 0xF791, 0xF79D,
- 0xF79F, 0xF7A5, 0xF7B1, 0xF7BB, 0xF7BD, 0xF7CF, 0xF7D3, 0xF7E7,
- 0xF7EB, 0xF7F1, 0xF7FF, 0xF805, 0xF80B, 0xF821, 0xF827, 0xF82D,
- 0xF835, 0xF847, 0xF859, 0xF863, 0xF865, 0xF86F, 0xF871, 0xF877,
- 0xF87B, 0xF881, 0xF88D, 0xF89F, 0xF8A1, 0xF8AB, 0xF8B3, 0xF8B7,
- 0xF8C9, 0xF8CB, 0xF8D1, 0xF8D7, 0xF8DD, 0xF8E7, 0xF8EF, 0xF8F9,
- 0xF8FF, 0xF911, 0xF91D, 0xF925, 0xF931, 0xF937, 0xF93B, 0xF941,
- 0xF94F, 0xF95F, 0xF961, 0xF96D, 0xF971, 0xF977, 0xF99D, 0xF9A3,
- 0xF9A9, 0xF9B9, 0xF9CD, 0xF9E9, 0xF9FD, 0xFA07, 0xFA0D, 0xFA13,
- 0xFA21, 0xFA25, 0xFA3F, 0xFA43, 0xFA51, 0xFA5B, 0xFA6D, 0xFA7B,
- 0xFA97, 0xFA99, 0xFA9D, 0xFAAB, 0xFABB, 0xFABD, 0xFAD9, 0xFADF,
- 0xFAE7, 0xFAED, 0xFB0F, 0xFB17, 0xFB1B, 0xFB2D, 0xFB2F, 0xFB3F,
- 0xFB47, 0xFB4D, 0xFB75, 0xFB7D, 0xFB8F, 0xFB93, 0xFBB1, 0xFBB7,
- 0xFBC3, 0xFBC5, 0xFBE3, 0xFBE9, 0xFBF3, 0xFC01, 0xFC29, 0xFC37,
- 0xFC41, 0xFC43, 0xFC4F, 0xFC59, 0xFC61, 0xFC65, 0xFC6D, 0xFC73,
- 0xFC79, 0xFC95, 0xFC97, 0xFC9B, 0xFCA7, 0xFCB5, 0xFCC5, 0xFCCD,
- 0xFCEB, 0xFCFB, 0xFD0D, 0xFD0F, 0xFD19, 0xFD2B, 0xFD31, 0xFD51,
- 0xFD55, 0xFD67, 0xFD6D, 0xFD6F, 0xFD7B, 0xFD85, 0xFD97, 0xFD99,
- 0xFD9F, 0xFDA9, 0xFDB7, 0xFDC9, 0xFDE5, 0xFDEB, 0xFDF3, 0xFE03,
- 0xFE05, 0xFE09, 0xFE1D, 0xFE27, 0xFE2F, 0xFE41, 0xFE4B, 0xFE4D,
- 0xFE57, 0xFE5F, 0xFE63, 0xFE69, 0xFE75, 0xFE7B, 0xFE8F, 0xFE93,
- 0xFE95, 0xFE9B, 0xFE9F, 0xFEB3, 0xFEBD, 0xFED7, 0xFEE9, 0xFEF3,
- 0xFEF5, 0xFF07, 0xFF0D, 0xFF1D, 0xFF2B, 0xFF2F, 0xFF49, 0xFF4D,
- 0xFF5B, 0xFF65, 0xFF71, 0xFF7F, 0xFF85, 0xFF8B, 0xFF8F, 0xFF9D,
- 0xFFA7, 0xFFA9, 0xFFC7, 0xFFD9, 0xFFEF, 0xFFF1,
-#endif
-};
-
diff --git a/security/nss/lib/freebl/mpi/stats b/security/nss/lib/freebl/mpi/stats
deleted file mode 100755
index dd63ca0db..000000000
--- a/security/nss/lib/freebl/mpi/stats
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/usr/bin/perl
-
-#
-# Treat each line as a sequence of comma and/or space delimited
-# floating point numbers, and compute basic statistics on them.
-# These are written to standard output
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-$min = 1.7976931348623157E+308;
-$max = 2.2250738585072014E-308;
-$sum = $num = 0;
-
-while(<>) {
- chomp;
-
- @nums = split(/[\s,]+/, $_);
- next if($#nums < 0);
-
- $num += scalar @nums;
- foreach (@nums) {
- $min = $_ if($_ < $min);
- $max = $_ if($_ > $max);
- $sum += $_;
- }
-}
-
-if($num) {
- $avg = $sum / $num;
-} else {
- $min = $max = 0;
-}
-
-printf "%d\tmin=%.2f, avg=%.2f, max=%.2f, sum=%.2f\n",
- $num, $min, $avg, $max, $sum;
-
-# end
diff --git a/security/nss/lib/freebl/mpi/test-arrays.txt b/security/nss/lib/freebl/mpi/test-arrays.txt
deleted file mode 100644
index d247154be..000000000
--- a/security/nss/lib/freebl/mpi/test-arrays.txt
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# Test suite table for MPI library
-#
-# Format of entries:
-# suite-name:function-name:description
-#
-# suite-name The name used to identify this test in mpi-test
-# function-name The function called to perform this test in mpi-test.c
-# description A brief description of what the suite tests
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-list:test_list:print out a list of the available test suites
-copy:test_copy:test assignment of mp-int structures
-exchange:test_exch:test exchange of mp-int structures
-zero:test_zero:test zeroing of an mp-int
-set:test_set:test setting an mp-int to a small constant
-absolute-value:test_abs:test the absolute value function
-negate:test_neg:test the arithmetic negation function
-add-digit:test_add_d:test digit addition
-add:test_add:test full addition
-subtract-digit:test_sub_d:test digit subtraction
-subtract:test_sub:test full subtraction
-multiply-digit:test_mul_d:test digit multiplication
-multiply:test_mul:test full multiplication
-square:test_sqr:test full squaring function
-divide-digit:test_div_d:test digit division
-divide-2:test_div_2:test division by two
-divide-2d:test_div_2d:test division & remainder by 2^d
-divide:test_div:test full division
-expt-digit:test_expt_d:test digit exponentiation
-expt:test_expt:test full exponentiation
-expt-2:test_2expt:test power-of-two exponentiation
-square-root:test_sqrt:test integer square root function
-modulo-digit:test_mod_d:test digit modular reduction
-modulo:test_mod:test full modular reduction
-mod-add:test_addmod:test modular addition
-mod-subtract:test_submod:test modular subtraction
-mod-multiply:test_mulmod:test modular multiplication
-mod-square:test_sqrmod:test modular squaring function
-mod-expt:test_exptmod:test full modular exponentiation
-mod-expt-digit:test_exptmod_d:test digit modular exponentiation
-mod-inverse:test_invmod:test modular inverse function
-compare-digit:test_cmp_d:test digit comparison function
-compare-zero:test_cmp_z:test zero comparison function
-compare:test_cmp:test general signed comparison
-compare-magnitude:test_cmp_mag:test general magnitude comparison
-parity:test_parity:test parity comparison functions
-gcd:test_gcd:test greatest common divisor functions
-lcm:test_lcm:test least common multiple function
-conversion:test_convert:test general radix conversion facilities
-binary:test_raw:test raw output format
-pprime:test_pprime:test probabilistic primality tester
-fermat:test_fermat:test Fermat pseudoprimality tester
diff --git a/security/nss/lib/freebl/mpi/test-info.c b/security/nss/lib/freebl/mpi/test-info.c
deleted file mode 100644
index f84013e2e..000000000
--- a/security/nss/lib/freebl/mpi/test-info.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- * test-info.c
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-/* Table mapping test suite names to index numbers */
-const int g_count = 42;
-const char *g_names[] = {
- "list", /* print out a list of the available test suites */
- "copy", /* test assignment of mp-int structures */
- "exchange", /* test exchange of mp-int structures */
- "zero", /* test zeroing of an mp-int */
- "set", /* test setting an mp-int to a small constant */
- "absolute-value", /* test the absolute value function */
- "negate", /* test the arithmetic negation function */
- "add-digit", /* test digit addition */
- "add", /* test full addition */
- "subtract-digit", /* test digit subtraction */
- "subtract", /* test full subtraction */
- "multiply-digit", /* test digit multiplication */
- "multiply", /* test full multiplication */
- "square", /* test full squaring function */
- "divide-digit", /* test digit division */
- "divide-2", /* test division by two */
- "divide-2d", /* test division & remainder by 2^d */
- "divide", /* test full division */
- "expt-digit", /* test digit exponentiation */
- "expt", /* test full exponentiation */
- "expt-2", /* test power-of-two exponentiation */
- "square-root", /* test integer square root function */
- "modulo-digit", /* test digit modular reduction */
- "modulo", /* test full modular reduction */
- "mod-add", /* test modular addition */
- "mod-subtract", /* test modular subtraction */
- "mod-multiply", /* test modular multiplication */
- "mod-square", /* test modular squaring function */
- "mod-expt", /* test full modular exponentiation */
- "mod-expt-digit", /* test digit modular exponentiation */
- "mod-inverse", /* test modular inverse function */
- "compare-digit", /* test digit comparison function */
- "compare-zero", /* test zero comparison function */
- "compare", /* test general signed comparison */
- "compare-magnitude", /* test general magnitude comparison */
- "parity", /* test parity comparison functions */
- "gcd", /* test greatest common divisor functions */
- "lcm", /* test least common multiple function */
- "conversion", /* test general radix conversion facilities */
- "binary", /* test raw output format */
- "pprime", /* test probabilistic primality tester */
- "fermat" /* test Fermat pseudoprimality tester */
-};
-
-/* Test function prototypes */
-int test_list(void);
-int test_copy(void);
-int test_exch(void);
-int test_zero(void);
-int test_set(void);
-int test_abs(void);
-int test_neg(void);
-int test_add_d(void);
-int test_add(void);
-int test_sub_d(void);
-int test_sub(void);
-int test_mul_d(void);
-int test_mul(void);
-int test_sqr(void);
-int test_div_d(void);
-int test_div_2(void);
-int test_div_2d(void);
-int test_div(void);
-int test_expt_d(void);
-int test_expt(void);
-int test_2expt(void);
-int test_sqrt(void);
-int test_mod_d(void);
-int test_mod(void);
-int test_addmod(void);
-int test_submod(void);
-int test_mulmod(void);
-int test_sqrmod(void);
-int test_exptmod(void);
-int test_exptmod_d(void);
-int test_invmod(void);
-int test_cmp_d(void);
-int test_cmp_z(void);
-int test_cmp(void);
-int test_cmp_mag(void);
-int test_parity(void);
-int test_gcd(void);
-int test_lcm(void);
-int test_convert(void);
-int test_raw(void);
-int test_pprime(void);
-int test_fermat(void);
-
-/* Table mapping index numbers to functions */
-int (*g_tests[])(void) = {
- test_list, test_copy, test_exch, test_zero,
- test_set, test_abs, test_neg, test_add_d,
- test_add, test_sub_d, test_sub, test_mul_d,
- test_mul, test_sqr, test_div_d, test_div_2,
- test_div_2d, test_div, test_expt_d, test_expt,
- test_2expt, test_sqrt, test_mod_d, test_mod,
- test_addmod, test_submod, test_mulmod, test_sqrmod,
- test_exptmod, test_exptmod_d, test_invmod, test_cmp_d,
- test_cmp_z, test_cmp, test_cmp_mag, test_parity,
- test_gcd, test_lcm, test_convert, test_raw,
- test_pprime, test_fermat
-};
-
-/* Table mapping index numbers to descriptions */
-const char *g_descs[] = {
- "print out a list of the available test suites",
- "test assignment of mp-int structures",
- "test exchange of mp-int structures",
- "test zeroing of an mp-int",
- "test setting an mp-int to a small constant",
- "test the absolute value function",
- "test the arithmetic negation function",
- "test digit addition",
- "test full addition",
- "test digit subtraction",
- "test full subtraction",
- "test digit multiplication",
- "test full multiplication",
- "test full squaring function",
- "test digit division",
- "test division by two",
- "test division & remainder by 2^d",
- "test full division",
- "test digit exponentiation",
- "test full exponentiation",
- "test power-of-two exponentiation",
- "test integer square root function",
- "test digit modular reduction",
- "test full modular reduction",
- "test modular addition",
- "test modular subtraction",
- "test modular multiplication",
- "test modular squaring function",
- "test full modular exponentiation",
- "test digit modular exponentiation",
- "test modular inverse function",
- "test digit comparison function",
- "test zero comparison function",
- "test general signed comparison",
- "test general magnitude comparison",
- "test parity comparison functions",
- "test greatest common divisor functions",
- "test least common multiple function",
- "test general radix conversion facilities",
- "test raw output format",
- "test probabilistic primality tester",
- "test Fermat pseudoprimality tester"
-};
-
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE b/security/nss/lib/freebl/mpi/tests/LICENSE
deleted file mode 100644
index c2c5d0190..000000000
--- a/security/nss/lib/freebl/mpi/tests/LICENSE
+++ /dev/null
@@ -1,6 +0,0 @@
-Within this directory, each of the file listed below is licensed under
-the terms given in the file LICENSE-MPL, also in this directory.
-
-pi1k.txt
-pi2k.txt
-pi5k.txt
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-1.c b/security/nss/lib/freebl/mpi/tests/mptest-1.c
deleted file mode 100644
index 6861e616e..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-1.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 1: Simple input test (drives single-digit multiply and add,
- * as well as I/O routines)
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#ifdef MAC_CW_SIOUX
-#include <console.h>
-#endif
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int mp;
-
-#ifdef MAC_CW_SIOUX
- argc = ccommand(&argv);
-#endif
-
- mp_init(&mp);
-
- for(ix = 1; ix < argc; ix++) {
- mp_read_radix(&mp, argv[ix], 10);
- mp_print(&mp, stdout);
- fputc('\n', stdout);
- }
-
- mp_clear(&mp);
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-2.c b/security/nss/lib/freebl/mpi/tests/mptest-2.c
deleted file mode 100644
index d350d1d49..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-2.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 2: Basic addition and subtraction test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, c;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 2: Basic addition and subtraction\n\n");
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("c = a + b\n");
-
- mp_add(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("c = a - b\n");
-
- mp_sub(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3.c b/security/nss/lib/freebl/mpi/tests/mptest-3.c
deleted file mode 100644
index ac2dd2c6c..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-3.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 3: Multiplication, division, and exponentiation test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <time.h>
-
-#include "mpi.h"
-
-#define SQRT 1 /* define nonzero to get square-root test */
-#define EXPT 0 /* define nonzero to get exponentiate test */
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int a, b, c, d;
- mp_digit r;
- mp_err res;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 3: Multiplication and division\n\n");
- srand(time(NULL));
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_variable_radix(&a, argv[1], 10);
- mp_read_variable_radix(&b, argv[2], 10);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("\nc = a * b\n");
-
- mp_mul(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = b * 32523\n");
-
- mp_mul_d(&b, 32523, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mp_init(&d);
- printf("\nc = a / b, d = a mod b\n");
-
- mp_div(&a, &b, &c, &d);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
-
- ix = rand() % 256;
- printf("\nc = a / %d, r = a mod %d\n", ix, ix);
- mp_div_d(&a, (mp_digit)ix, &c, &r);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("r = %04X\n", r);
-
-#if EXPT
- printf("\nc = a ** b\n");
- mp_expt(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-#endif
-
- ix = rand() % 256;
- printf("\nc = 2^%d\n", ix);
- mp_2expt(&c, ix);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-#if SQRT
- printf("\nc = sqrt(a)\n");
- if((res = mp_sqrt(&a, &c)) != MP_OKAY) {
- printf("mp_sqrt: %s\n", mp_strerror(res));
- } else {
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- mp_sqr(&c, &c);
- printf("c^2 = "); mp_print(&c, stdout); fputc('\n', stdout);
- }
-#endif
-
- mp_clear(&d);
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3a.c b/security/nss/lib/freebl/mpi/tests/mptest-3a.c
deleted file mode 100644
index 014bd386c..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-3a.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 3a: Multiplication vs. squaring timing test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = 8;
- double d1, d2;
- clock_t start, finish;
- time_t seed;
- mp_int a, c, d;
-
- seed = time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(!num) {
- fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
- return 1;
- }
-
- if(argc > 2) {
- if((prec = atoi(argv[2])) <= 0)
- prec = 8;
- else
- prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
- }
-
- printf("Test 3a: Multiplication vs squaring timing test\n"
- "Precision: %d digits (%u bits)\n"
- "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
- mp_init_size(&a, prec);
-
- mp_init(&c); mp_init(&d);
-
- printf("Verifying accuracy ... \n");
- srand((unsigned int)seed);
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mp_mul(&a, &a, &c);
- mp_sqr(&a, &d);
-
- if(mp_cmp(&c, &d) != 0) {
- printf("Error! Results not accurate:\n");
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
- mp_sub(&c, &d, &d);
- printf("dif "); mp_print(&d, stdout); fputc('\n', stdout);
- mp_clear(&c); mp_clear(&d);
- mp_clear(&a);
- return 1;
- }
- }
- printf("Accuracy is confirmed for the %d test samples\n", num);
- mp_clear(&d);
-
- printf("Testing squaring ... \n");
- srand((unsigned int)seed);
- start = clock();
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mp_sqr(&a, &c);
- }
- finish = clock();
-
- d2 = (double)(finish - start) / CLOCKS_PER_SEC;
-
- printf("Testing multiplication ... \n");
- srand((unsigned int)seed);
- start = clock();
- for(ix = 0; ix < num; ix++) {
- mpp_random(&a);
- mp_mul(&a, &a, &c);
- }
- finish = clock();
-
- d1 = (double)(finish - start) / CLOCKS_PER_SEC;
-
- printf("Multiplication time: %.3f sec (%.3f each)\n", d1, d1 / num);
- printf("Squaring time: %.3f sec (%.3f each)\n", d2, d2 / num);
- printf("Improvement: %.2f%%\n", (1.0 - (d2 / d1)) * 100.0);
-
- mp_clear(&c);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4.c b/security/nss/lib/freebl/mpi/tests/mptest-4.c
deleted file mode 100644
index 6a9920cd8..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 4: Modular arithmetic tests
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int a, b, c, m;
- mp_digit r;
-
- if(argc < 4) {
- fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
- return 1;
- }
-
- printf("Test 4: Modular arithmetic\n\n");
-
- mp_init(&a);
- mp_init(&b);
- mp_init(&m);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
- mp_read_radix(&m, argv[3], 10);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("m = "); mp_print(&m, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("\nc = a (mod m)\n");
-
- mp_mod(&a, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = b (mod m)\n");
-
- mp_mod(&b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = b (mod 1853)\n");
-
- mp_mod_d(&b, 1853, &r);
- printf("c = %04X\n", r);
-
- printf("\nc = (a + b) mod m\n");
-
- mp_addmod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = (a - b) mod m\n");
-
- mp_submod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = (a * b) mod m\n");
-
- mp_mulmod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = (a ** b) mod m\n");
-
- mp_exptmod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nIn-place modular squaring test:\n");
- for(ix = 0; ix < 5; ix++) {
- printf("a = (a * a) mod m a = ");
- mp_sqrmod(&a, &m, &a);
- mp_print(&a, stdout);
- fputc('\n', stdout);
- }
-
-
- mp_clear(&c);
- mp_clear(&m);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4a.c b/security/nss/lib/freebl/mpi/tests/mptest-4a.c
deleted file mode 100644
index 22610b8a5..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4a.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * mptest4a - modular exponentiation speed test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-typedef struct {
- unsigned int sec;
- unsigned int usec;
-} instant_t;
-
-instant_t now(void)
-{
- struct timeval clk;
- instant_t res;
-
- res.sec = res.usec = 0;
-
- if(gettimeofday(&clk, NULL) != 0)
- return res;
-
- res.sec = clk.tv_sec;
- res.usec = clk.tv_usec;
-
- return res;
-}
-
-extern mp_err s_mp_pad();
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = 8;
- unsigned int d;
- instant_t start, finish;
- time_t seed;
- mp_int a, m, c;
-
- seed = time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(!num) {
- fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
- return 1;
- }
-
- if(argc > 2) {
- if((prec = atoi(argv[2])) <= 0)
- prec = 8;
- }
-
- printf("Test 3a: Modular exponentiation timing test\n"
- "Precision: %d digits (%d bits)\n"
- "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
- mp_init_size(&a, prec);
- mp_init_size(&m, prec);
- mp_init_size(&c, prec);
- s_mp_pad(&a, prec);
- s_mp_pad(&m, prec);
- s_mp_pad(&c, prec);
-
- printf("Testing modular exponentiation ... \n");
- srand((unsigned int)seed);
-
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random(&a);
- mpp_random(&c);
- mpp_random(&m);
- mp_exptmod(&a, &c, &m, &c);
- }
- finish = now();
-
- d = (finish.sec - start.sec) * 1000000;
- d -= start.usec; d += finish.usec;
-
- printf("Total time elapsed: %u usec\n", d);
- printf("Time per exponentiation: %u usec (%.3f sec)\n",
- (d / num), (double)(d / num) / 1000000);
-
- mp_clear(&c);
- mp_clear(&a);
- mp_clear(&m);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4b.c b/security/nss/lib/freebl/mpi/tests/mptest-4b.c
deleted file mode 100644
index 77a38eb8d..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4b.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * mptest-4b.c
- *
- * Test speed of a large modular exponentiation of a primitive element
- * modulo a prime.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-char *g_prime =
- "34BD53C07350E817CCD49721020F1754527959C421C1533244769D4CF060A8B1C3DA"
- "25094BE723FB1E2369B55FEEBBE0FAC16425161BF82684062B5EC5D7D47D1B23C117"
- "0FA19745E44A55E148314E582EB813AC9EE5126295E2E380CACC2F6D206B293E5ED9"
- "23B54EE961A8C69CD625CE4EC38B70C649D7F014432AEF3A1C93";
-char *g_gen = "5";
-
-typedef struct {
- unsigned int sec;
- unsigned int usec;
-} instant_t;
-
-instant_t now(void)
-{
- struct timeval clk;
- instant_t res;
-
- res.sec = res.usec = 0;
-
- if(gettimeofday(&clk, NULL) != 0)
- return res;
-
- res.sec = clk.tv_sec;
- res.usec = clk.tv_usec;
-
- return res;
-}
-
-extern mp_err s_mp_pad();
-
-int main(int argc, char *argv[])
-{
- instant_t start, finish;
- mp_int prime, gen, expt, res;
- unsigned int ix, diff;
- int num;
-
- srand(time(NULL));
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(num == 0)
- ++num;
-
- mp_init(&prime); mp_init(&gen); mp_init(&res);
- mp_read_radix(&prime, g_prime, 16);
- mp_read_radix(&gen, g_gen, 16);
-
- mp_init_size(&expt, USED(&prime) - 1);
- s_mp_pad(&expt, USED(&prime) - 1);
-
- printf("Testing %d modular exponentations ... \n", num);
-
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random(&expt);
- mp_exptmod(&gen, &expt, &prime, &res);
- }
- finish = now();
-
- diff = (finish.sec - start.sec) * 1000000;
- diff += finish.usec; diff -= start.usec;
-
- printf("%d operations took %u usec (%.3f sec)\n",
- num, diff, (double)diff / 1000000.0);
- printf("That is %.3f sec per operation.\n",
- ((double)diff / 1000000.0) / num);
-
- mp_clear(&expt);
- mp_clear(&res);
- mp_clear(&gen);
- mp_clear(&prime);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5.c b/security/nss/lib/freebl/mpi/tests/mptest-5.c
deleted file mode 100644
index 4b161d1b8..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-5.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 5: Other number theoretic functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, c, x, y;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 5: Number theoretic functions\n\n");
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("\nc = (a, b)\n");
-
- mp_gcd(&a, &b, &c);
- printf("Euclid: c = "); mp_print(&c, stdout); fputc('\n', stdout);
-/*
- mp_bgcd(&a, &b, &c);
- printf("Binary: c = "); mp_print(&c, stdout); fputc('\n', stdout);
-*/
- mp_init(&x);
- mp_init(&y);
- printf("\nc = (a, b) = ax + by\n");
-
- mp_xgcd(&a, &b, &c, &x, &y);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("x = "); mp_print(&x, stdout); fputc('\n', stdout);
- printf("y = "); mp_print(&y, stdout); fputc('\n', stdout);
-
- printf("\nc = a^-1 (mod b)\n");
- if(mp_invmod(&a, &b, &c) == MP_UNDEF) {
- printf("a has no inverse mod b\n");
- } else {
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- }
-
- mp_clear(&y);
- mp_clear(&x);
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5a.c b/security/nss/lib/freebl/mpi/tests/mptest-5a.c
deleted file mode 100644
index 82552b766..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-5a.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 5a: Greatest common divisor speed test, binary vs. Euclid
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-typedef struct {
- unsigned int sec;
- unsigned int usec;
-} instant_t;
-
-instant_t now(void)
-{
- struct timeval clk;
- instant_t res;
-
- res.sec = res.usec = 0;
-
- if(gettimeofday(&clk, NULL) != 0)
- return res;
-
- res.sec = clk.tv_sec;
- res.usec = clk.tv_usec;
-
- return res;
-}
-
-#define PRECISION 16
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = PRECISION;
- mp_int a, b, c, d;
- instant_t start, finish;
- time_t seed;
- unsigned int d1, d2;
-
- seed = time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- printf("Test 5a: Euclid vs. Binary, a GCD speed test\n\n"
- "Number of tests: %d\n"
- "Precision: %d digits\n\n", num, prec);
-
- mp_init_size(&a, prec);
- mp_init_size(&b, prec);
- mp_init(&c);
- mp_init(&d);
-
- printf("Verifying accuracy ... \n");
- srand((unsigned int)seed);
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mpp_random_size(&b, prec);
-
- mp_gcd(&a, &b, &c);
- mp_bgcd(&a, &b, &d);
-
- if(mp_cmp(&c, &d) != 0) {
- printf("Error! Results not accurate:\n");
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
-
- mp_clear(&a); mp_clear(&b); mp_clear(&c); mp_clear(&d);
- return 1;
- }
- }
- mp_clear(&d);
- printf("Accuracy confirmed for the %d test samples\n", num);
-
- printf("Testing Euclid ... \n");
- srand((unsigned int)seed);
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mpp_random_size(&b, prec);
- mp_gcd(&a, &b, &c);
-
- }
- finish = now();
-
- d1 = (finish.sec - start.sec) * 1000000;
- d1 -= start.usec; d1 += finish.usec;
-
- printf("Testing binary ... \n");
- srand((unsigned int)seed);
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mpp_random_size(&b, prec);
- mp_bgcd(&a, &b, &c);
- }
- finish = now();
-
- d2 = (finish.sec - start.sec) * 1000000;
- d2 -= start.usec; d2 += finish.usec;
-
- printf("Euclidean algorithm time: %u usec\n", d1);
- printf("Binary algorithm time: %u usec\n", d2);
- printf("Improvement: %.2f%%\n",
- (1.0 - ((double)d2 / (double)d1)) * 100.0);
-
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-6.c b/security/nss/lib/freebl/mpi/tests/mptest-6.c
deleted file mode 100644
index 5e91716de..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-6.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 6: Output functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-void print_buf(FILE *ofp, char *buf, int len)
-{
- int ix, brk = 0;
-
- for(ix = 0; ix < len; ix++) {
- fprintf(ofp, "%02X ", buf[ix]);
-
- brk = (brk + 1) & 0xF;
- if(!brk)
- fputc('\n', ofp);
- }
-
- if(brk)
- fputc('\n', ofp);
-
-}
-
-int main(int argc, char *argv[])
-{
- int ix, size;
- mp_int a;
- char *buf;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- printf("Test 6: Output functions\n\n");
-
- mp_init(&a);
-
- mp_read_radix(&a, argv[1], 10);
-
- printf("\nConverting to a string:\n");
-
- printf("Rx Size Representation\n");
- for(ix = 2; ix <= MAX_RADIX; ix++) {
- size = mp_radix_size(&a, ix);
-
- buf = calloc(size, sizeof(char));
- mp_toradix(&a, buf, ix);
- printf("%2d: %3d: %s\n", ix, size, buf);
- free(buf);
-
- }
-
- printf("\nRaw output:\n");
- size = mp_raw_size(&a);
- buf = calloc(size, sizeof(char));
-
- printf("Size: %d bytes\n", size);
-
- mp_toraw(&a, buf);
- print_buf(stdout, buf, size);
- free(buf);
-
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-7.c b/security/nss/lib/freebl/mpi/tests/mptest-7.c
deleted file mode 100644
index 4b41a1a4f..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-7.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 7: Random and divisibility tests
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_IOFUNC
-#include "mpi.h"
-
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- mp_digit num;
- mp_int a, b;
-
- srand(time(NULL));
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 7: Random & divisibility tests\n\n");
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- if(mpp_divis(&a, &b) == MP_YES)
- printf("a is divisible by b\n");
- else
- printf("a is not divisible by b\n");
-
- if(mpp_divis(&b, &a) == MP_YES)
- printf("b is divisible by a\n");
- else
- printf("b is not divisible by a\n");
-
- printf("\nb = mpp_random()\n");
- mpp_random(&b);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- mpp_random(&b);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- mpp_random(&b);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- printf("\nTesting a for divisibility by first 170 primes\n");
- num = 170;
- if(mpp_divis_primes(&a, &num) == MP_YES)
- printf("It is divisible by at least one of them\n");
- else
- printf("It is not divisible by any of them\n");
-
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-8.c b/security/nss/lib/freebl/mpi/tests/mptest-8.c
deleted file mode 100644
index e2ddc2c19..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-8.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 8: Probabilistic primality tester
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_IOFUNC
-#include "mpi.h"
-
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_digit num;
- mp_int a;
-
- srand(time(NULL));
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- printf("Test 8: Probabilistic primality testing\n\n");
-
- mp_init(&a);
-
- mp_read_radix(&a, argv[1], 10);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-
- printf("\nChecking for divisibility by small primes ... \n");
- num = 170;
- if(mpp_divis_primes(&a, &num) == MP_YES) {
- printf("it is not prime\n");
- goto CLEANUP;
- }
- printf("Passed that test (not divisible by any small primes).\n");
-
- for(ix = 0; ix < 10; ix++) {
- printf("\nPerforming Rabin-Miller test, iteration %d\n", ix + 1);
-
- if(mpp_pprime(&a, 5) == MP_NO) {
- printf("it is not prime\n");
- goto CLEANUP;
- }
- }
- printf("All tests passed; a is probably prime\n");
-
-CLEANUP:
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-9.c b/security/nss/lib/freebl/mpi/tests/mptest-9.c
deleted file mode 100644
index 07d6410c7..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-9.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * mptest-9.c
- *
- * Test logical functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mplogic.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, c;
- int pco;
- mp_err res;
-
- printf("Test 9: Logical functions\n\n");
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_init(&b); mp_init(&c);
- mp_read_radix(&a, argv[1], 16);
- mp_read_radix(&b, argv[2], 16);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mpl_not(&a, &c);
- printf("~a = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_and(&a, &b, &c);
- printf("a & b = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_or(&a, &b, &c);
- printf("a | b = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_xor(&a, &b, &c);
- printf("a ^ b = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_rsh(&a, &c, 1);
- printf("a >> 1 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_rsh(&a, &c, 5);
- printf("a >> 5 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_rsh(&a, &c, 16);
- printf("a >> 16 = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_lsh(&a, &c, 1);
- printf("a << 1 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_lsh(&a, &c, 5);
- printf("a << 5 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_lsh(&a, &c, 16);
- printf("a << 16 = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_num_set(&a, &pco);
- printf("population(a) = %d\n", pco);
- mpl_num_set(&b, &pco);
- printf("population(b) = %d\n", pco);
-
- res = mpl_parity(&a);
- if(res == MP_EVEN)
- printf("a has even parity\n");
- else
- printf("a has odd parity\n");
-
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
-
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-b.c b/security/nss/lib/freebl/mpi/tests/mptest-b.c
deleted file mode 100644
index da89cb3e0..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-b.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test GF2m: Binary Polynomial Arithmetic
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Multi-precision Binary Polynomial Arithmetic
- * Library.
- *
- * Contributor(s):
- * Sheueling Chang Shantz <sheueling.chang@sun.com> and
- * Douglas Stebila <douglas@stebila.ca> of Sun Laboratories.
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mp_gf2m.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int pp, a, b, x, y, order;
- mp_int c, d, e;
- mp_digit r;
- mp_err res;
- unsigned int p[] = {163,7,6,3,0};
- unsigned int ptemp[10];
-
- printf("Test b: Binary Polynomial Arithmetic\n\n");
-
- mp_init(&pp);
- mp_init(&a);
- mp_init(&b);
- mp_init(&x);
- mp_init(&y);
- mp_init(&order);
-
- mp_read_radix(&pp, "0800000000000000000000000000000000000000C9", 16);
- mp_read_radix(&a, "1", 16);
- mp_read_radix(&b, "020A601907B8C953CA1481EB10512F78744A3205FD", 16);
- mp_read_radix(&x, "03F0EBA16286A2D57EA0991168D4994637E8343E36", 16);
- mp_read_radix(&y, "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", 16);
- mp_read_radix(&order, "040000000000000000000292FE77E70C12A4234C33", 16);
- printf("pp = "); mp_print(&pp, stdout); fputc('\n', stdout);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("x = "); mp_print(&x, stdout); fputc('\n', stdout);
- printf("y = "); mp_print(&y, stdout); fputc('\n', stdout);
- printf("order = "); mp_print(&order, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- mp_init(&d);
- mp_init(&e);
-
- /* Test polynomial conversion */
- ix = mp_bpoly2arr(&pp, ptemp, 10);
- if (
- (ix != 5) ||
- (ptemp[0] != p[0]) ||
- (ptemp[1] != p[1]) ||
- (ptemp[2] != p[2]) ||
- (ptemp[3] != p[3]) ||
- (ptemp[4] != p[4])
- ) {
- printf("Polynomial to array conversion not correct\n");
- return -1;
- }
-
- printf("Polynomial conversion test #1 successful.\n");
- MP_CHECKOK( mp_barr2poly(p, &c) );
- if (mp_cmp(&pp, &c) != 0) {
- printf("Array to polynomial conversion not correct\n");
- return -1;
- }
- printf("Polynomial conversion test #2 successful.\n");
-
- /* Test addition */
- MP_CHECKOK( mp_badd(&a, &a, &c) );
- if (mp_cmp_z(&c) != 0) {
- printf("a+a should equal zero\n");
- return -1;
- }
- printf("Addition test #1 successful.\n");
- MP_CHECKOK( mp_badd(&a, &b, &c) );
- MP_CHECKOK( mp_badd(&b, &c, &c) );
- if (mp_cmp(&c, &a) != 0) {
- printf("c = (a + b) + b should equal a\n");
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Addition test #2 successful.\n");
-
- /* Test multiplication */
- mp_set(&c, 2);
- MP_CHECKOK( mp_bmul(&b, &c, &c) );
- MP_CHECKOK( mp_badd(&b, &c, &c) );
- mp_set(&d, 3);
- MP_CHECKOK( mp_bmul(&b, &d, &d) );
- if (mp_cmp(&c, &d) != 0) {
- printf("c = (2 * b) + b should equal c = 3 * b\n");
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Multiplication test #1 successful.\n");
-
- /* Test modular reduction */
- MP_CHECKOK( mp_bmod(&b, p, &c) );
- if (mp_cmp(&b, &c) != 0) {
- printf("c = b mod p should equal b\n");
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular reduction test #1 successful.\n");
- MP_CHECKOK( mp_badd(&b, &pp, &c) );
- MP_CHECKOK( mp_bmod(&c, p, &c) );
- if (mp_cmp(&b, &c) != 0) {
- printf("c = (b + p) mod p should equal b\n");
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular reduction test #2 successful.\n");
- MP_CHECKOK( mp_bmul(&b, &pp, &c) );
- MP_CHECKOK( mp_bmod(&c, p, &c) );
- if (mp_cmp_z(&c) != 0) {
- printf("c = (b * p) mod p should equal 0\n");
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular reduction test #3 successful.\n");
-
- /* Test modular multiplication */
- MP_CHECKOK( mp_bmulmod(&b, &pp, p, &c) );
- if (mp_cmp_z(&c) != 0) {
- printf("c = (b * p) mod p should equal 0\n");
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular multiplication test #1 successful.\n");
- mp_set(&c, 1);
- MP_CHECKOK( mp_badd(&pp, &c, &c) );
- MP_CHECKOK( mp_bmulmod(&b, &c, p, &c) );
- if (mp_cmp(&b, &c) != 0) {
- printf("c = (b * (p + 1)) mod p should equal b\n");
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular multiplication test #2 successful.\n");
-
- /* Test modular squaring */
- MP_CHECKOK( mp_copy(&b, &c) );
- MP_CHECKOK( mp_bmulmod(&b, &c, p, &c) );
- MP_CHECKOK( mp_bsqrmod(&b, p, &d) );
- if (mp_cmp(&c, &d) != 0) {
- printf("c = (b * b) mod p should equal d = b^2 mod p\n");
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular squaring test #1 successful.\n");
-
- /* Test modular division */
- MP_CHECKOK( mp_bdivmod(&b, &x, &pp, p, &c) );
- MP_CHECKOK( mp_bmulmod(&c, &x, p, &c) );
- if (mp_cmp(&b, &c) != 0) {
- printf("c = (b / x) * x mod p should equal b\n");
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- return -1;
- }
- printf("Modular division test #1 successful.\n");
-
-CLEANUP:
-
- mp_clear(&order);
- mp_clear(&y);
- mp_clear(&x);
- mp_clear(&b);
- mp_clear(&a);
- mp_clear(&pp);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/pi1k.txt b/security/nss/lib/freebl/mpi/tests/pi1k.txt
deleted file mode 100644
index 5ff6209ff..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi1k.txt
+++ /dev/null
@@ -1 +0,0 @@
-31415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989
diff --git a/security/nss/lib/freebl/mpi/tests/pi2k.txt b/security/nss/lib/freebl/mpi/tests/pi2k.txt
deleted file mode 100644
index 9ce82acd1..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi2k.txt
+++ /dev/null
@@ -1 +0,0 @@
-314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759010
diff --git a/security/nss/lib/freebl/mpi/tests/pi5k.txt b/security/nss/lib/freebl/mpi/tests/pi5k.txt
deleted file mode 100644
index 901fac2ea..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi5k.txt
+++ /dev/null
@@ -1 +0,0 @@
-314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759009946576407895126946839835259570982582262052248940772671947826848260147699090264013639443745530506820349625245174939965143142980919065925093722169646151570985838741059788595977297549893016175392846813826868386894277415599185592524595395943104997252468084598727364469584865383673622262609912460805124388439045124413654976278079771569143599770012961608944169486855584840635342207222582848864815845602850601684273945226746767889525213852254995466672782398645659611635488623057745649803559363456817432411251507606947945109659609402522887971089314566913686722874894056010150330861792868092087476091782493858900971490967598526136554978189312978482168299894872265880485756401427047755513237964145152374623436454285844479526586782105114135473573952311342716610213596953623144295248493718711014576540359027993440374200731057853906219838744780847848968332144571386875194350643021845319104848100537061468067491927819119793995206141966342875444064374512371819217999839101591956181467514269123974894090718649423196156794520809514655022523160388193014209376213785595663893778708303906979207734672218256259966150142150306803844773454920260541466592520149744285073251866600213243408819071048633173464965145390579626856100550810665879699816357473638405257145910289706414011097120628043903975951567715770042033786993600723055876317635942187312514712053292819182618612586732157919841484882916447060957527069572209175671167229109816909152801735067127485832228718352093539657251210835791513698820914442100675103346711031412671113699086585163983150197016515116851714376576183515565088490998985998238734552833163550764791853589322618548963213293308985706420467525907091548141654985946163718027098199430992448895757128289059232332609729971208443357326548938239119325974636673058360414281388303203824903758985243744170291327656180937734440307074692112019130203303801976211011004492932151608424448596376698389522868478312355265821314495768572624334418930396864262434107732269780280731891544110104468232527162010526522721116603966655730925471105578537634668206531098965269186205647693125705863566201855810072936065987648611791045334885034611365768675324944166803962657978771855608455296541266540853061434443185867697514566140680070023787765913440171274947042056223053899456131407112700040785473326993908145466464588079727082668306343285878569830523580893306575740679545716377525420211495576158140025012622859413021647155097925923099079654737612551765675135751782966645477917450112996148903046399471329621073404375189573596145890193897131117904297828564750320319869151402870808599048010941214722131794764777262241425485454033215718530614228813758504306332175182979866223717215916077166925474873898665494945011465406284336639379003976926567214638530673609657120918076383271664162748888007869256029022847210403172118608204190004229661711963779213375751149595015660496318629472654736425230817703675159067350235072835405670403867435136222247715891504953098444893330963408780769325993978054193414473774418426312986080998886874132604721
diff --git a/security/nss/lib/freebl/mpi/timetest b/security/nss/lib/freebl/mpi/timetest
deleted file mode 100755
index d78f3c56a..000000000
--- a/security/nss/lib/freebl/mpi/timetest
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/bin/sh
-
-#
-# Simple timing test for the MPI library. Basically, we use prime
-# generation as a timing test, since it exercises most of the pathways
-# of the library fairly heavily. The 'primegen' tool outputs a line
-# summarizing timing results. We gather these and process them for
-# statistical information, which is collected into a file.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-# Avoid using built-in shell echoes
-ECHO=/bin/echo
-MAKE=gmake
-
-# Use a fixed seed so timings will be more consistent
-# This one is the 11th-18th decimal digits of 'e'
-#export SEED=45904523
-SEED=45904523; export SEED
-
-#------------------------------------------------------------------------
-
-$ECHO "\n** Running timing tests for MPI library\n"
-
-$ECHO "Bringing 'metime' up to date ... "
-if $MAKE metime ; then
- :
-else
- $ECHO "\nMake failed to build metime.\n"
- exit 1
-fi
-
-if [ ! -x ./metime ] ; then
- $ECHO "\nCannot find 'metime' program, testing cannot continue.\n"
- exit 1
-fi
-
-#------------------------------------------------------------------------
-
-$ECHO "Bringing 'primegen' up to date ... "
-if $MAKE primegen ; then
- :
-else
- $ECHO "\nMake failed to build primegen.\n"
- exit 1
-fi
-
-if [ ! -x ./primegen ] ; then
- $ECHO "\nCannot find 'primegen' program, testing cannot continue.\n"
- exit 1
-fi
-
-#------------------------------------------------------------------------
-
-rm -f timing-results.txt
-touch timing-results.txt
-
-sizes="256 512 1024 2048"
-ntests=10
-
-trap 'echo "oop!";rm -f tt*.tmp timing-results.txt;exit 0' INT HUP
-
-$ECHO "\n-- Modular exponentiation\n"
-$ECHO "Modular exponentiation:" >> timing-results.txt
-
-$ECHO "Running $ntests modular exponentiations per test:"
-for size in $sizes ; do
- $ECHO "- Gathering statistics for $size bits ... "
- secs=`./metime $ntests $size | tail -1 | awk '{print $2}'`
- $ECHO "$size: " $secs " seconds per op" >> timing-results.txt
- tail -1 timing-results.txt
-done
-
-$ECHO "<done>";
-
-sizes="256 512 1024"
-ntests=1
-
-$ECHO "\n-- Prime generation\n"
-$ECHO "Prime generation:" >> timing-results.txt
-
-$ECHO "Generating $ntests prime values per test:"
-for size in $sizes ; do
- $ECHO "- Gathering statistics for $size bits ... "
- ./primegen $size $ntests | grep ticks | awk '{print $7}' | tr -d '(' > tt$$.tmp
- $ECHO "$size:" >> timing-results.txt
- perl stats tt$$.tmp >> timing-results.txt
- tail -1 timing-results.txt
- rm -f tt$$.tmp
-done
-
-$ECHO "<done>"
-
-trap 'rm -f tt*.tmp timing-results.txt' INT HUP
-
-exit 0
-
diff --git a/security/nss/lib/freebl/mpi/types.pl b/security/nss/lib/freebl/mpi/types.pl
deleted file mode 100755
index 5f2a2f4d1..000000000
--- a/security/nss/lib/freebl/mpi/types.pl
+++ /dev/null
@@ -1,158 +0,0 @@
-#!/usr/bin/perl
-
-#
-# types.pl - find recommended type definitions for digits and words
-#
-# This script scans the Makefile for the C compiler and compilation
-# flags currently in use, and using this combination, attempts to
-# compile a simple test program that outputs the sizes of the various
-# unsigned integer types, in bytes. Armed with these, it finds all
-# the "viable" type combinations for mp_digit and mp_word, where
-# viability is defined by the requirement that mp_word be at least two
-# times the precision of mp_digit.
-#
-# Of these, the one with the largest digit size is chosen, and
-# appropriate typedef statements are written to standard output.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-@_=split(/\//,$0);chomp($prog=pop(@_));
-
-# The array of integer types to be considered...
-@TYPES = (
- "unsigned char",
- "unsigned short",
- "unsigned int",
- "unsigned long"
-);
-
-# Macro names for the maximum unsigned value of each type
-%TMAX = (
- "unsigned char" => "UCHAR_MAX",
- "unsigned short" => "USHRT_MAX",
- "unsigned int" => "UINT_MAX",
- "unsigned long" => "ULONG_MAX"
-);
-
-# Read the Makefile to find out which C compiler to use
-open(MFP, "<Makefile") or die "$prog: Makefile: $!\n";
-while(<MFP>) {
- chomp;
- if(/^CC=(.*)$/) {
- $cc = $1;
- last if $cflags;
- } elsif(/^CFLAGS=(.*)$/) {
- $cflags = $1;
- last if $cc;
- }
-}
-close(MFP);
-
-# If we couldn't find that, use 'cc' by default
-$cc = "cc" unless $cc;
-
-printf STDERR "Using '%s' as the C compiler.\n", $cc;
-
-print STDERR "Determining type sizes ... \n";
-open(OFP, ">tc$$.c") or die "$prog: tc$$.c: $!\n";
-print OFP "#include <stdio.h>\n\nint main(void)\n{\n";
-foreach $type (@TYPES) {
- printf OFP "\tprintf(\"%%d\\n\", (int)sizeof(%s));\n", $type;
-}
-print OFP "\n\treturn 0;\n}\n";
-close(OFP);
-
-system("$cc $cflags -o tc$$ tc$$.c");
-
-die "$prog: unable to build test program\n" unless(-x "tc$$");
-
-open(IFP, "./tc$$|") or die "$prog: can't execute test program\n";
-$ix = 0;
-while(<IFP>) {
- chomp;
- $size{$TYPES[$ix++]} = $_;
-}
-close(IFP);
-
-unlink("tc$$");
-unlink("tc$$.c");
-
-print STDERR "Selecting viable combinations ... \n";
-while(($type, $size) = each(%size)) {
- push(@ts, [ $size, $type ]);
-}
-
-# Sort them ascending by size
-@ts = sort { $a->[0] <=> $b->[0] } @ts;
-
-# Try all possible combinations, finding pairs in which the word size
-# is twice the digit size. The number of possible pairs is too small
-# to bother doing this more efficiently than by brute force
-for($ix = 0; $ix <= $#ts; $ix++) {
- $w = $ts[$ix];
-
- for($jx = 0; $jx <= $#ts; $jx++) {
- $d = $ts[$jx];
-
- if($w->[0] == 2 * $d->[0]) {
- push(@valid, [ $d, $w ]);
- }
- }
-}
-
-# Sort descending by digit size
-@valid = sort { $b->[0]->[0] <=> $a->[0]->[0] } @valid;
-
-# Select the maximum as the recommended combination
-$rec = shift(@valid);
-
-printf("typedef %-18s mp_sign;\n", "char");
-printf("typedef %-18s mp_digit; /* %d byte type */\n",
- $rec->[0]->[1], $rec->[0]->[0]);
-printf("typedef %-18s mp_word; /* %d byte type */\n",
- $rec->[1]->[1], $rec->[1]->[0]);
-printf("typedef %-18s mp_size;\n", "unsigned int");
-printf("typedef %-18s mp_err;\n\n", "int");
-
-printf("#define %-18s (CHAR_BIT*sizeof(mp_digit))\n", "DIGIT_BIT");
-printf("#define %-18s %s\n", "DIGIT_MAX", $TMAX{$rec->[0]->[1]});
-printf("#define %-18s (CHAR_BIT*sizeof(mp_word))\n", "MP_WORD_BIT");
-printf("#define %-18s %s\n\n", "MP_WORD_MAX", $TMAX{$rec->[1]->[1]});
-printf("#define %-18s (DIGIT_MAX+1)\n\n", "RADIX");
-
-printf("#define %-18s \"%%0%dX\"\n", "DIGIT_FMT", (2 * $rec->[0]->[0]));
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE b/security/nss/lib/freebl/mpi/utils/LICENSE
deleted file mode 100644
index 5f96df7ab..000000000
--- a/security/nss/lib/freebl/mpi/utils/LICENSE
+++ /dev/null
@@ -1,4 +0,0 @@
-Within this directory, each of the file listed below is licensed under
-the terms given in the file LICENSE-MPL, also in this directory.
-
-PRIMES
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/utils/PRIMES b/security/nss/lib/freebl/mpi/utils/PRIMES
deleted file mode 100644
index ed65703ff..000000000
--- a/security/nss/lib/freebl/mpi/utils/PRIMES
+++ /dev/null
@@ -1,41 +0,0 @@
-Probable primes (sorted by number of significant bits)
-
- 128: 81386202757205669562183851789305348631
-
- 128: 180241813863264101444573802809858694397
-
- 128: 245274683055224433281596312431122059021
-
- 128: 187522309397665259809392608791686659539
-
- 256: 83252422946206411852330647237287722547866360773229941071371588246436\
- 513990159
-
- 256: 79132571131322331023736933767063051273085304521895229780914612117520\
- 058517909
-
- 256: 72081815425552909748220041100909735706208853818662000557743644603407\
- 965465527
-
- 256: 87504602391905701494845474079163412737334477797316409702279059573654\
- 274811271
-
- 512: 12233064210800062190450937494718705259777386009095453001870729392786\
- 63450255179083524798507997690270500580265258111668148238355016411719\
- 9168737693316468563
-
- 512: 12003639081420725322369909586347545220275253633035565716386136197501\
- 88208318984400479275215620499883521216480724155582768193682335576385\
- 2069481074929084063
-
-1024: 16467877625718912296741904171202513097057724053648819680815842057593\
- 20371835940722471475475803725455063836431454757000451907612224427007\
- 63984592414360595161051906727075047683803534852982766542661204179549\
- 77327573530800542562611753617736693359790119074768292178493884576587\
- 0230450429880021317876149636714743053
-
-1024: 16602953991090311275234291158294516471009930684624948451178742895360\
- 86073703307475884280944414508444679430090561246728195735962931545473\
- 40743240318558456247740186704660778277799687988031119436541068736925\
- 20563780233711166724859277827382391527748470939542560819625727876091\
- 5372193745283891895989104479029844957
diff --git a/security/nss/lib/freebl/mpi/utils/README b/security/nss/lib/freebl/mpi/utils/README
deleted file mode 100644
index 86887bf81..000000000
--- a/security/nss/lib/freebl/mpi/utils/README
+++ /dev/null
@@ -1,239 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
-
-Additional MPI utilities
-------------------------
-
-The files 'mpprime.h' and 'mpprime.c' define some useful extensions to
-the MPI library for dealing with prime numbers (in particular, testing
-for divisbility, and the Rabin-Miller probabilistic primality test).
-
-The files 'mplogic.h' and 'mplogic.c' define extensions to the MPI
-library for doing bitwise logical operations and shifting.
-
-This document assumes you have read the help file for the MPI library
-and understand its conventions.
-
-Divisibility (mpprime.h)
-------------
-
-To test a number for divisibility by another number:
-
-mpp_divis(a, b) - test if b|a
-mpp_divis_d(a, d) - test if d|a
-
-Each of these functions returns MP_YES if its initial argument is
-divisible by its second, or MP_NO if it is not. Other errors may be
-returned as appropriate (such as MP_RANGE if you try to test for
-divisibility by zero).
-
-Randomness (mpprime.h)
-----------
-
-To generate random data:
-
-mpp_random(a) - fill a with random data
-mpp_random_size(a, p) - fill a with p digits of random data
-
-The mpp_random_size() function increases the precision of a to at
-least p, then fills all those digits randomly. The mp_random()
-function fills a to its current precision (as determined by the number
-of significant digits, USED(a))
-
-Note that these functions simply use the C library's rand() function
-to fill a with random digits up to its precision. This should be
-adequate for primality testing, but should not be used for
-cryptographic applications where truly random values are required for
-security.
-
-You should call srand() in your driver program in order to seed the
-random generator; this function doesn't call it.
-
-Primality Testing (mpprime.h)
------------------
-
-mpp_divis_vector(a, v, s, w) - is a divisible by any of the s values
- in v, and if so, w = which.
-mpp_divis_primes(a, np) - is a divisible by any of the first np primes?
-mpp_fermat(a, w) - is a pseudoprime with respect to witness w?
-mpp_pprime(a, nt) - run nt iterations of Rabin-Miller on a.
-
-The mpp_divis_vector() function tests a for divisibility by each
-member of an array of digits. The array is v, the size of that array
-is s. Returns MP_YES if a is divisible, and stores the index of the
-offending digit in w. Returns MP_NO if a is not divisible by any of
-the digits in the array.
-
-A small table of primes is compiled into the library (typically the
-first 128 primes, although you can change this by editing the file
-'primes.c' before you build). The global variable prime_tab_size
-contains the number of primes in the table, and the values themselves
-are in the array prime_tab[], which is an array of mp_digit.
-
-The mpp_divis_primes() function is basically just a wrapper around
-mpp_divis_vector() that uses prime_tab[] as the test vector. The np
-parameter is a pointer to an mp_digit -- on input, it should specify
-the number of primes to be tested against. If a is divisible by any
-of the primes, MP_YES is returned and np is given the prime value that
-divided a (you can use this if you're factoring, for example).
-Otherwise, MP_NO is returned and np is untouched.
-
-The function mpp_fermat() performs Fermat's test, using w as a
-witness. This test basically relies on the fact that if a is prime,
-and w is relatively prime to a, then:
-
- w^a = w (mod a)
-
-That is,
-
- w^(a - 1) = 1 (mod a)
-
-The function returns MP_YES if the test passes, MP_NO if it fails. If
-w is relatively prime to a, and the test fails, a is definitely
-composite. If w is relatively prime to a and the test passes, then a
-is either prime, or w is a false witness (the probability of this
-happening depends on the choice of w and of a ... consult a number
-theory textbook for more information about this).
-
-Note: If (w, a) != 1, the output of this test is meaningless.
-----
-
-The function mpp_pprime() performs the Rabin-Miller probabilistic
-primality test for nt rounds. If all the tests pass, MP_YES is
-returned, and a is probably prime. The probability that an answer of
-MP_YES is incorrect is no greater than 1 in 4^nt, and in fact is
-usually much less than that (this is a pessimistic estimate). If any
-test fails, MP_NO is returned, and a is definitely composite.
-
-Bruce Schneier recommends at least 5 iterations of this test for most
-cryptographic applications; Knuth suggests that 25 are reasonable.
-Run it as many times as you feel are necessary.
-
-See the programs 'makeprime.c' and 'isprime.c' for reasonable examples
-of how to use these functions for primality testing.
-
-
-Bitwise Logic (mplogic.c)
--------------
-
-The four commonest logical operations are implemented as:
-
-mpl_not(a, b) - Compute bitwise (one's) complement, b = ~a
-
-mpl_and(a, b, c) - Compute bitwise AND, c = a & b
-
-mpl_or(a, b, c) - Compute bitwise OR, c = a | b
-
-mpl_xor(a, b, c) - Compute bitwise XOR, c = a ^ b
-
-Left and right shifts are available as well. These take a number to
-shift, a destination, and a shift amount. The shift amount must be a
-digit value between 0 and DIGIT_BIT inclusive; if it is not, MP_RANGE
-will be returned and the shift will not happen.
-
-mpl_rsh(a, b, d) - Compute logical right shift, b = a >> d
-
-mpl_lsh(a, b, d) - Compute logical left shift, b = a << d
-
-Since these are logical shifts, they fill with zeroes (the library
-uses a signed magnitude representation, so there are no sign bits to
-extend anyway).
-
-
-Command-line Utilities
-----------------------
-
-A handful of interesting command-line utilities are provided. These
-are:
-
-lap.c - Find the order of a mod m. Usage is 'lap <a> <m>'.
- This uses a dumb algorithm, so don't use it for
- a really big modulus.
-
-invmod.c - Find the inverse of a mod m, if it exists. Usage
- is 'invmod <a> <m>'
-
-sieve.c - A simple bitmap-based implementation of the Sieve
- of Eratosthenes. Used to generate the table of
- primes in primes.c. Usage is 'sieve <nbits>'
-
-prng.c - Uses the routines in bbs_rand.{h,c} to generate
- one or more 32-bit pseudo-random integers. This
- is mainly an example, not intended for use in a
- cryptographic application (the system time is
- the only source of entropy used)
-
-dec2hex.c - Convert decimal to hexadecimal
-
-hex2dec.c - Convert hexadecimal to decimal
-
-basecvt.c - General radix conversion tool (supports 2-64)
-
-isprime.c - Probabilistically test an integer for primality
- using the Rabin-Miller pseudoprime test combined
- with division by small primes.
-
-primegen.c - Generate primes at random.
-
-exptmod.c - Perform modular exponentiation
-
-ptab.pl - A Perl script to munge the output of the sieve
- program into a compilable C structure.
-
-
-Other Files
------------
-
-PRIMES - Some randomly generated numbers which are prime with
- extremely high probability.
-
-README - You're reading me already.
-
-
-About the Author
-----------------
-
-This software was written by Michael J. Fromberger. You can contact
-the author as follows:
-
-E-mail: <sting@linguist.dartmouth.edu>
-
-Postal: 8000 Cummings Hall, Thayer School of Engineering
- Dartmouth College, Hanover, New Hampshire, USA
-
-PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html
- 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907
-
-Last updated: $Id$
diff --git a/security/nss/lib/freebl/mpi/utils/basecvt.c b/security/nss/lib/freebl/mpi/utils/basecvt.c
deleted file mode 100644
index 90ed0f66b..000000000
--- a/security/nss/lib/freebl/mpi/utils/basecvt.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * basecvt.c
- *
- * Convert integer values specified on the command line from one input
- * base to another. Accepts input and output bases between 2 and 36
- * inclusive.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-#define IBASE 10
-#define OBASE 16
-#define USAGE "Usage: %s ibase obase [value]\n"
-#define MAXBASE 64
-#define MINBASE 2
-
-int main(int argc, char *argv[])
-{
- int ix, ibase = IBASE, obase = OBASE;
- mp_int val;
-
- ix = 1;
- if(ix < argc) {
- ibase = atoi(argv[ix++]);
-
- if(ibase < MINBASE || ibase > MAXBASE) {
- fprintf(stderr, "%s: input radix must be between %d and %d inclusive\n",
- argv[0], MINBASE, MAXBASE);
- return 1;
- }
- }
- if(ix < argc) {
- obase = atoi(argv[ix++]);
-
- if(obase < MINBASE || obase > MAXBASE) {
- fprintf(stderr, "%s: output radix must be between %d and %d inclusive\n",
- argv[0], MINBASE, MAXBASE);
- return 1;
- }
- }
-
- mp_init(&val);
- while(ix < argc) {
- char *out;
- int outlen;
-
- mp_read_radix(&val, argv[ix++], ibase);
-
- outlen = mp_radix_size(&val, obase);
- out = calloc(outlen, sizeof(char));
- mp_toradix(&val, out, obase);
-
- printf("%s\n", out);
- free(out);
- }
-
- mp_clear(&val);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.c b/security/nss/lib/freebl/mpi/utils/bbs_rand.c
deleted file mode 100644
index c3e8b869b..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbs_rand.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Blum, Blum & Shub PRNG using the MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include "bbs_rand.h"
-
-#define SEED 1
-#define MODULUS 2
-
-/* This modulus is the product of two randomly generated 512-bit
- prime integers, each of which is congruent to 3 (mod 4). */
-static char *bbs_modulus =
-"75A2A6E1D27393B86562B9CE7279A8403CB4258A637DAB5233465373E37837383EDC"
-"332282B8575927BC4172CE8C147B4894050EE9D2BDEED355C121037270CA2570D127"
-"7D2390CD1002263326635CC6B259148DE3A1A03201980A925E395E646A5E9164B0EC"
-"28559EBA58C87447245ADD0651EDA507056A1129E3A3E16E903D64B437";
-
-static int bbs_init = 0; /* flag set when library is initialized */
-static mp_int bbs_state; /* the current state of the generator */
-
-/* Suggested size of random seed data */
-int bbs_seed_size = (sizeof(bbs_modulus) / 2);
-
-void bbs_srand(unsigned char *data, int len)
-{
- if((bbs_init & SEED) == 0) {
- mp_init(&bbs_state);
- bbs_init |= SEED;
- }
-
- mp_read_raw(&bbs_state, (char *)data, len);
-
-} /* end bbs_srand() */
-
-unsigned int bbs_rand(void)
-{
- static mp_int modulus;
- unsigned int result = 0, ix;
-
- if((bbs_init & MODULUS) == 0) {
- mp_init(&modulus);
- mp_read_radix(&modulus, bbs_modulus, 16);
- bbs_init |= MODULUS;
- }
-
- for(ix = 0; ix < sizeof(unsigned int); ix++) {
- mp_digit d;
-
- mp_sqrmod(&bbs_state, &modulus, &bbs_state);
- d = DIGIT(&bbs_state, 0);
-
- result = (result << CHAR_BIT) | (d & UCHAR_MAX);
- }
-
- return result;
-
-} /* end bbs_rand() */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.h b/security/nss/lib/freebl/mpi/utils/bbs_rand.h
deleted file mode 100644
index de4587421..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbs_rand.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * bbs_rand.h
- *
- * Blum, Blum & Shub PRNG using the MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _H_BBSRAND_
-#define _H_BBSRAND_
-
-#include <limits.h>
-#include "mpi.h"
-
-#define BBS_RAND_MAX UINT_MAX
-
-/* Suggested length of seed data */
-extern int bbs_seed_size;
-
-void bbs_srand(unsigned char *data, int len);
-unsigned int bbs_rand(void);
-
-#endif /* end _H_BBSRAND_ */
diff --git a/security/nss/lib/freebl/mpi/utils/bbsrand.c b/security/nss/lib/freebl/mpi/utils/bbsrand.c
deleted file mode 100644
index 28600fabe..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbsrand.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * bbsrand.c
- *
- * Test driver for routines in bbs_rand.h
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <limits.h>
-
-#include "bbs_rand.h"
-
-#define NUM_TESTS 100
-
-int main(void)
-{
- unsigned int seed, result, ix;
-
- seed = time(NULL);
- bbs_srand((unsigned char *)&seed, sizeof(seed));
-
- for(ix = 0; ix < NUM_TESTS; ix++) {
- result = bbs_rand();
-
- printf("Test %3u: %08X\n", ix + 1, result);
- }
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/dec2hex.c b/security/nss/lib/freebl/mpi/utils/dec2hex.c
deleted file mode 100644
index 9bdcfa018..000000000
--- a/security/nss/lib/freebl/mpi/utils/dec2hex.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * dec2hex.c
- *
- * Convert decimal integers into hexadecimal
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- char *buf;
- int len;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_read_radix(&a, argv[1], 10);
- len = mp_radix_size(&a, 16);
- buf = malloc(len);
- mp_toradix(&a, buf, 16);
-
- printf("%s\n", buf);
-
- free(buf);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/exptmod.c b/security/nss/lib/freebl/mpi/utils/exptmod.c
deleted file mode 100644
index d5e66ac37..000000000
--- a/security/nss/lib/freebl/mpi/utils/exptmod.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * exptmod.c
- *
- * Command line tool to perform modular exponentiation on arbitrary
- * precision integers.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, m;
- mp_err res;
- char *str;
- int len, rval = 0;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
- mp_read_radix(&m, argv[3], 10);
-
- if((res = mp_exptmod(&a, &b, &m, &a)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
- rval = 1;
- } else {
- len = mp_radix_size(&a, 10);
- str = calloc(len, sizeof(char));
- mp_toradix(&a, str, 10);
-
- printf("%s\n", str);
-
- free(str);
- }
-
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- return rval;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/fact.c b/security/nss/lib/freebl/mpi/utils/fact.c
deleted file mode 100644
index 02b6711c9..000000000
--- a/security/nss/lib/freebl/mpi/utils/fact.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * fact.c
- *
- * Compute factorial of input integer
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-mp_err mp_fact(mp_int *a, mp_int *b);
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- mp_err res;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <number>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a);
- mp_read_radix(&a, argv[1], 10);
-
- if((res = mp_fact(&a, &a)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0],
- mp_strerror(res));
- mp_clear(&a);
- return 1;
- }
-
- {
- char *buf;
- int len;
-
- len = mp_radix_size(&a, 10);
- buf = malloc(len);
- mp_todecimal(&a, buf);
-
- puts(buf);
-
- free(buf);
- }
-
- mp_clear(&a);
- return 0;
-}
-
-mp_err mp_fact(mp_int *a, mp_int *b)
-{
- mp_int ix, s;
- mp_err res = MP_OKAY;
-
- if(mp_cmp_z(a) < 0)
- return MP_UNDEF;
-
- mp_init(&s);
- mp_add_d(&s, 1, &s); /* s = 1 */
- mp_init(&ix);
- mp_add_d(&ix, 1, &ix); /* ix = 1 */
-
- for(/* */; mp_cmp(&ix, a) <= 0; mp_add_d(&ix, 1, &ix)) {
- if((res = mp_mul(&s, &ix, &s)) != MP_OKAY)
- break;
- }
-
- mp_clear(&ix);
-
- /* Copy out results if we got them */
- if(res == MP_OKAY)
- mp_copy(&s, b);
-
- mp_clear(&s);
-
- return res;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/gcd.c b/security/nss/lib/freebl/mpi/utils/gcd.c
deleted file mode 100644
index b36c7f281..000000000
--- a/security/nss/lib/freebl/mpi/utils/gcd.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * gcd.c
- *
- * Greatest common divisor
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-char *g_prog = NULL;
-
-void print_mp_int(mp_int *mp, FILE *ofp);
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, x, y;
- mp_err res;
- int ext = 0;
-
- g_prog = argv[0];
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", g_prog);
- return 1;
- }
-
- mp_init(&a); mp_read_radix(&a, argv[1], 10);
- mp_init(&b); mp_read_radix(&b, argv[2], 10);
-
- /* If we were called 'xgcd', compute x, y so that g = ax + by */
- if(strcmp(g_prog, "xgcd") == 0) {
- ext = 1;
- mp_init(&x); mp_init(&y);
- }
-
- if(ext) {
- if((res = mp_xgcd(&a, &b, &a, &x, &y)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", g_prog, mp_strerror(res));
- mp_clear(&a); mp_clear(&b);
- mp_clear(&x); mp_clear(&y);
- return 1;
- }
- } else {
- if((res = mp_gcd(&a, &b, &a)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", g_prog,
- mp_strerror(res));
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
- }
-
- print_mp_int(&a, stdout);
- if(ext) {
- fputs("x = ", stdout); print_mp_int(&x, stdout);
- fputs("y = ", stdout); print_mp_int(&y, stdout);
- }
-
- mp_clear(&a); mp_clear(&b);
-
- if(ext) {
- mp_clear(&x);
- mp_clear(&y);
- }
-
- return 0;
-
-}
-
-void print_mp_int(mp_int *mp, FILE *ofp)
-{
- char *buf;
- int len;
-
- len = mp_radix_size(mp, 10);
- buf = calloc(len, sizeof(char));
- mp_todecimal(mp, buf);
- fprintf(ofp, "%s\n", buf);
- free(buf);
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/hex2dec.c b/security/nss/lib/freebl/mpi/utils/hex2dec.c
deleted file mode 100644
index 97aad55c9..000000000
--- a/security/nss/lib/freebl/mpi/utils/hex2dec.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * hex2dec.c
- *
- * Convert decimal integers into hexadecimal
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- char *buf;
- int len;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_read_radix(&a, argv[1], 16);
- len = mp_radix_size(&a, 10);
- buf = malloc(len);
- mp_toradix(&a, buf, 10);
-
- printf("%s\n", buf);
-
- free(buf);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/identest.c b/security/nss/lib/freebl/mpi/utils/identest.c
deleted file mode 100644
index a75d2b352..000000000
--- a/security/nss/lib/freebl/mpi/utils/identest.c
+++ /dev/null
@@ -1,79 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include "mpi.h"
-#include "mpprime.h"
-#include <sys/types.h>
-#include <time.h>
-
-#define MAX_PREC (4096 / MP_DIGIT_BIT)
-
-mp_err identity_test(void)
-{
- mp_size preca, precb;
- mp_err res;
- mp_int a, b;
- mp_int t1, t2, t3, t4, t5;
-
- preca = (rand() % MAX_PREC) + 1;
- precb = (rand() % MAX_PREC) + 1;
-
- MP_DIGITS(&a) = 0;
- MP_DIGITS(&b) = 0;
- MP_DIGITS(&t1) = 0;
- MP_DIGITS(&t2) = 0;
- MP_DIGITS(&t3) = 0;
- MP_DIGITS(&t4) = 0;
- MP_DIGITS(&t5) = 0;
-
- MP_CHECKOK( mp_init(&a) );
- MP_CHECKOK( mp_init(&b) );
- MP_CHECKOK( mp_init(&t1) );
- MP_CHECKOK( mp_init(&t2) );
- MP_CHECKOK( mp_init(&t3) );
- MP_CHECKOK( mp_init(&t4) );
- MP_CHECKOK( mp_init(&t5) );
-
- MP_CHECKOK( mpp_random_size(&a, preca) );
- MP_CHECKOK( mpp_random_size(&b, precb) );
-
- if (mp_cmp(&a, &b) < 0)
- mp_exch(&a, &b);
-
- MP_CHECKOK( mp_mod(&a, &b, &t1) ); /* t1 = a%b */
- MP_CHECKOK( mp_div(&a, &b, &t2, NULL) ); /* t2 = a/b */
- MP_CHECKOK( mp_mul(&b, &t2, &t3) ); /* t3 = (a/b)*b */
- MP_CHECKOK( mp_add(&t1, &t3, &t4) ); /* t4 = a%b + (a/b)*b */
- MP_CHECKOK( mp_sub(&t4, &a, &t5) ); /* t5 = a%b + (a/b)*b - a */
- if (mp_cmp_z(&t5) != 0) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
-
-CLEANUP:
- mp_clear(&t5);
- mp_clear(&t4);
- mp_clear(&t3);
- mp_clear(&t2);
- mp_clear(&t1);
- mp_clear(&b);
- mp_clear(&a);
- return res;
-}
-
-int
-main(void)
-{
- unsigned int seed = (unsigned int)time(NULL);
- unsigned long count = 0;
- mp_err res;
-
- srand(seed);
-
- while (MP_OKAY == (res = identity_test())) {
- if ((++count % 100) == 0)
- fputc('.', stderr);
- }
-
- fprintf(stderr, "\ntest failed, err %d\n", res);
- return res;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/invmod.c b/security/nss/lib/freebl/mpi/utils/invmod.c
deleted file mode 100644
index df58bb6d1..000000000
--- a/security/nss/lib/freebl/mpi/utils/invmod.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * invmod.c
- *
- * Compute modular inverses
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, m;
- mp_err res;
- char *buf;
- int len, out = 0;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&m, argv[2], 10);
-
- if(mp_cmp(&a, &m) > 0)
- mp_mod(&a, &m, &a);
-
- switch((res = mp_invmod(&a, &m, &a))) {
- case MP_OKAY:
- len = mp_radix_size(&a, 10);
- buf = malloc(len);
-
- mp_toradix(&a, buf, 10);
- printf("%s\n", buf);
- free(buf);
- break;
-
- case MP_UNDEF:
- printf("No inverse\n");
- out = 1;
- break;
-
- default:
- printf("error: %s (%d)\n", mp_strerror(res), res);
- out = 2;
- break;
- }
-
- mp_clear(&a);
- mp_clear(&m);
-
- return out;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/isprime.c b/security/nss/lib/freebl/mpi/utils/isprime.c
deleted file mode 100644
index f9cd9707b..000000000
--- a/security/nss/lib/freebl/mpi/utils/isprime.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * isprime.c
- *
- * Probabilistic primality tester command-line tool
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-#define RM_TESTS 15 /* how many iterations of Rabin-Miller? */
-#define MINIMUM 1024 /* don't bother us with a < this */
-
-int g_tests = RM_TESTS;
-char *g_prog = NULL;
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- mp_digit np = prime_tab_size; /* from mpprime.h */
- int res = 0;
-
- g_prog = argv[0];
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>, where <a> is a decimal integer\n"
- "Use '0x' prefix for a hexadecimal value\n", g_prog);
- return 1;
- }
-
- /* Read number of tests from environment, if present */
- {
- char *tmp;
-
- if((tmp = getenv("RM_TESTS")) != NULL) {
- if((g_tests = atoi(tmp)) <= 0)
- g_tests = RM_TESTS;
- }
- }
-
- mp_init(&a);
- if(argv[1][0] == '0' && argv[1][1] == 'x')
- mp_read_radix(&a, argv[1] + 2, 16);
- else
- mp_read_radix(&a, argv[1], 10);
-
- if(mp_cmp_d(&a, MINIMUM) <= 0) {
- fprintf(stderr, "%s: please use a value greater than %d\n",
- g_prog, MINIMUM);
- mp_clear(&a);
- return 1;
- }
-
- /* Test for divisibility by small primes */
- if(mpp_divis_primes(&a, &np) != MP_NO) {
- printf("Not prime (divisible by small prime %d)\n", np);
- res = 2;
- goto CLEANUP;
- }
-
- /* Test with Fermat's test, using 2 as a witness */
- if(mpp_fermat(&a, 2) != MP_YES) {
- printf("Not prime (failed Fermat test)\n");
- res = 2;
- goto CLEANUP;
- }
-
- /* Test with Rabin-Miller probabilistic test */
- if(mpp_pprime(&a, g_tests) == MP_NO) {
- printf("Not prime (failed pseudoprime test)\n");
- res = 2;
- goto CLEANUP;
- }
-
- printf("Probably prime, 1 in 4^%d chance of false positive\n", g_tests);
-
-CLEANUP:
- mp_clear(&a);
-
- return res;
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/lap.c b/security/nss/lib/freebl/mpi/utils/lap.c
deleted file mode 100644
index ababed7f3..000000000
--- a/security/nss/lib/freebl/mpi/utils/lap.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * lap.c
- *
- * Find least annihilating power of a mod m
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-
-#include "mpi.h"
-
-void sig_catch(int ign);
-
-int g_quit = 0;
-
-int main(int argc, char *argv[])
-{
- mp_int a, m, p, k;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a);
- mp_init(&m);
- mp_init(&p);
- mp_add_d(&p, 1, &p);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&m, argv[2], 10);
-
- mp_init_copy(&k, &a);
-
- signal(SIGINT, sig_catch);
-#ifndef __OS2__
- signal(SIGHUP, sig_catch);
-#endif
- signal(SIGTERM, sig_catch);
-
- while(mp_cmp(&p, &m) < 0) {
- if(g_quit) {
- int len;
- char *buf;
-
- len = mp_radix_size(&p, 10);
- buf = malloc(len);
- mp_toradix(&p, buf, 10);
-
- fprintf(stderr, "Terminated at: %s\n", buf);
- free(buf);
- return 1;
- }
- if(mp_cmp_d(&k, 1) == 0) {
- int len;
- char *buf;
-
- len = mp_radix_size(&p, 10);
- buf = malloc(len);
- mp_toradix(&p, buf, 10);
-
- printf("%s\n", buf);
-
- free(buf);
- break;
- }
-
- mp_mulmod(&k, &a, &m, &k);
- mp_add_d(&p, 1, &p);
- }
-
- if(mp_cmp(&p, &m) >= 0)
- printf("No annihilating power.\n");
-
- mp_clear(&p);
- mp_clear(&m);
- mp_clear(&a);
- return 0;
-}
-
-void sig_catch(int ign)
-{
- g_quit = 1;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/makeprime.c b/security/nss/lib/freebl/mpi/utils/makeprime.c
deleted file mode 100644
index c4deaa9f0..000000000
--- a/security/nss/lib/freebl/mpi/utils/makeprime.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * makeprime.c
- *
- * A simple prime generator function (and test driver). Prints out the
- * first prime it finds greater than or equal to the starting value.
- *
- * Usage: makeprime <start>
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-
-/* These two must be included for make_prime() to work */
-
-#include "mpi.h"
-#include "mpprime.h"
-
-/*
- make_prime(p, nr)
-
- Find the smallest prime integer greater than or equal to p, where
- primality is verified by 'nr' iterations of the Rabin-Miller
- probabilistic primality test. The caller is responsible for
- generating the initial value of p.
-
- Returns MP_OKAY if a prime has been generated, otherwise the error
- code indicates some other problem. The value of p is clobbered; the
- caller should keep a copy if the value is needed.
- */
-mp_err make_prime(mp_int *p, int nr);
-
-/* The main() is not required -- it's just a test driver */
-int main(int argc, char *argv[])
-{
- mp_int start;
- mp_err res;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <start-value>\n", argv[0]);
- return 1;
- }
-
- mp_init(&start);
- if(argv[1][0] == '0' && tolower(argv[1][1]) == 'x') {
- mp_read_radix(&start, argv[1] + 2, 16);
- } else {
- mp_read_radix(&start, argv[1], 10);
- }
- mp_abs(&start, &start);
-
- if((res = make_prime(&start, 5)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
- mp_clear(&start);
-
- return 1;
-
- } else {
- char *buf = malloc(mp_radix_size(&start, 10));
-
- mp_todecimal(&start, buf);
- printf("%s\n", buf);
- free(buf);
-
- mp_clear(&start);
-
- return 0;
- }
-
-} /* end main() */
-
-/*------------------------------------------------------------------------*/
-
-mp_err make_prime(mp_int *p, int nr)
-{
- mp_err res;
-
- if(mp_iseven(p)) {
- mp_add_d(p, 1, p);
- }
-
- do {
- mp_digit which = prime_tab_size;
-
- /* First test for divisibility by a few small primes */
- if((res = mpp_divis_primes(p, &which)) == MP_YES)
- continue;
- else if(res != MP_NO)
- goto CLEANUP;
-
- /* If that passes, try one iteration of Fermat's test */
- if((res = mpp_fermat(p, 2)) == MP_NO)
- continue;
- else if(res != MP_YES)
- goto CLEANUP;
-
- /* If that passes, run Rabin-Miller as often as requested */
- if((res = mpp_pprime(p, nr)) == MP_YES)
- break;
- else if(res != MP_NO)
- goto CLEANUP;
-
- } while((res = mp_add_d(p, 2, p)) == MP_OKAY);
-
- CLEANUP:
- return res;
-
-} /* end make_prime() */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/metime.c b/security/nss/lib/freebl/mpi/utils/metime.c
deleted file mode 100644
index 3f39b23a9..000000000
--- a/security/nss/lib/freebl/mpi/utils/metime.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * metime.c
- *
- * Modular exponentiation timing test
- *
- * $Id$
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-double clk_to_sec(clock_t start, clock_t stop);
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = 8;
- unsigned int seed;
- clock_t start, stop;
- double sec;
-
- mp_int a, m, c;
-
- if(getenv("SEED") != NULL)
- seed = abs(atoi(getenv("SEED")));
- else
- seed = (unsigned int)time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests> [<nbits>]\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(!num) {
- fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
- return 1;
- }
-
- if(argc > 2) {
- if((prec = atoi(argv[2])) <= 0)
- prec = 8;
- else
- prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-
- }
-
- printf("Modular exponentiation timing test\n"
- "Precision: %d digits (%d bits)\n"
- "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
- mp_init_size(&a, prec);
- mp_init_size(&m, prec);
- mp_init_size(&c, prec);
-
- srand(seed);
-
- start = clock();
- for(ix = 0; ix < num; ix++) {
-
- mpp_random_size(&a, prec);
- mpp_random_size(&c, prec);
- mpp_random_size(&m, prec);
- /* set msb and lsb of m */
- DIGIT(&m,0) |= 1;
- DIGIT(&m, USED(&m)-1) |= (mp_digit)1 << (DIGIT_BIT - 1);
- if (mp_cmp(&a, &m) > 0)
- mp_sub(&a, &m, &a);
-
- mp_exptmod(&a, &c, &m, &c);
- }
- stop = clock();
-
- sec = clk_to_sec(start, stop);
-
- printf("Total: %.3f seconds\n", sec);
- printf("Individual: %.3f seconds\n", sec / num);
-
- mp_clear(&c);
- mp_clear(&a);
- mp_clear(&m);
-
- return 0;
-}
-
-double clk_to_sec(clock_t start, clock_t stop)
-{
- return (double)(stop - start) / CLOCKS_PER_SEC;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/pi.c b/security/nss/lib/freebl/mpi/utils/pi.c
deleted file mode 100644
index 367118586..000000000
--- a/security/nss/lib/freebl/mpi/utils/pi.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/*
- * pi.c
- *
- * Compute pi to an arbitrary number of digits. Uses Machin's formula,
- * like everyone else on the planet:
- *
- * pi = 16 * arctan(1/5) - 4 * arctan(1/239)
- *
- * This is pretty effective for up to a few thousand digits, but it
- * gets pretty slow after that.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-
-mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum);
-
-int main(int argc, char *argv[])
-{
- mp_err res;
- mp_digit ndigits;
- mp_int sum1, sum2;
- clock_t start, stop;
- int out = 0;
-
- /* Make the user specify precision on the command line */
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-digits>\n", argv[0]);
- return 1;
- }
-
- if((ndigits = abs(atoi(argv[1]))) == 0) {
- fprintf(stderr, "%s: you must request at least 1 digit\n", argv[0]);
- return 1;
- }
-
- start = clock();
- mp_init(&sum1); mp_init(&sum2);
-
- /* sum1 = 16 * arctan(1/5) */
- if((res = arctan(16, 5, ndigits, &sum1)) != MP_OKAY) {
- fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
- out = 1; goto CLEANUP;
- }
-
- /* sum2 = 4 * arctan(1/239) */
- if((res = arctan(4, 239, ndigits, &sum2)) != MP_OKAY) {
- fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
- out = 1; goto CLEANUP;
- }
-
- /* pi = sum1 - sum2 */
- if((res = mp_sub(&sum1, &sum2, &sum1)) != MP_OKAY) {
- fprintf(stderr, "%s: mp_sub: %s\n", argv[0], mp_strerror(res));
- out = 1; goto CLEANUP;
- }
- stop = clock();
-
- /* Write the output in decimal */
- {
- char *buf = malloc(mp_radix_size(&sum1, 10));
-
- if(buf == NULL) {
- fprintf(stderr, "%s: out of memory\n", argv[0]);
- out = 1; goto CLEANUP;
- }
- mp_todecimal(&sum1, buf);
- printf("%s\n", buf);
- free(buf);
- }
-
- fprintf(stderr, "Computation took %.2f sec.\n",
- (double)(stop - start) / CLOCKS_PER_SEC);
-
- CLEANUP:
- mp_clear(&sum1);
- mp_clear(&sum2);
-
- return out;
-
-}
-
-/* Compute sum := mul * arctan(1/x), to 'prec' digits of precision */
-mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum)
-{
- mp_int t, v;
- mp_digit q = 1, rd;
- mp_err res;
- int sign = 1;
-
- prec += 3; /* push inaccuracies off the end */
-
- mp_init(&t); mp_set(&t, 10);
- mp_init(&v);
- if((res = mp_expt_d(&t, prec, &t)) != MP_OKAY || /* get 10^prec */
- (res = mp_mul_d(&t, mul, &t)) != MP_OKAY || /* ... times mul */
- (res = mp_mul_d(&t, x, &t)) != MP_OKAY) /* ... times x */
- goto CLEANUP;
-
- /*
- The extra multiplication by x in the above takes care of what
- would otherwise have to be a special case for 1 / x^1 during the
- first loop iteration. A little sneaky, but effective.
-
- We compute arctan(1/x) by the formula:
-
- 1 1 1 1
- - - ----- + ----- - ----- + ...
- x 3 x^3 5 x^5 7 x^7
-
- We multiply through by 'mul' beforehand, which gives us a couple
- more iterations and more precision
- */
-
- x *= x; /* works as long as x < sqrt(RADIX), which it is here */
-
- mp_zero(sum);
-
- do {
- if((res = mp_div_d(&t, x, &t, &rd)) != MP_OKAY)
- goto CLEANUP;
-
- if(sign < 0 && rd != 0)
- mp_add_d(&t, 1, &t);
-
- if((res = mp_div_d(&t, q, &v, &rd)) != MP_OKAY)
- goto CLEANUP;
-
- if(sign < 0 && rd != 0)
- mp_add_d(&v, 1, &v);
-
- if(sign > 0)
- res = mp_add(sum, &v, sum);
- else
- res = mp_sub(sum, &v, sum);
-
- if(res != MP_OKAY)
- goto CLEANUP;
-
- sign *= -1;
- q += 2;
-
- } while(mp_cmp_z(&t) != 0);
-
- /* Chop off inaccurate low-order digits */
- mp_div_d(sum, 1000, sum, NULL);
-
- CLEANUP:
- mp_clear(&v);
- mp_clear(&t);
-
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/primegen.c b/security/nss/lib/freebl/mpi/utils/primegen.c
deleted file mode 100644
index 1f7a593e1..000000000
--- a/security/nss/lib/freebl/mpi/utils/primegen.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * primegen.c
- *
- * Generates random integers which are prime with a high degree of
- * probability using the Miller-Rabin probabilistic primality testing
- * algorithm.
- *
- * Usage:
- * primegen <bits> [<num>]
- *
- * <bits> - number of significant bits each prime should have
- * <num> - number of primes to generate
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mplogic.h"
-#include "mpprime.h"
-
-#undef MACOS /* define if running on a Macintosh */
-
-#ifdef MACOS
-#include <console.h>
-#endif
-
-#define NUM_TESTS 5 /* Number of Rabin-Miller iterations to test with */
-
-#ifdef DEBUG
-#define FPUTC(x,y) fputc(x,y)
-#else
-#define FPUTC(x,y)
-#endif
-
-int main(int argc, char *argv[])
-{
- unsigned char *raw;
- char *out;
- unsigned long nTries;
- int rawlen, bits, outlen, ngen, ix, jx;
- int g_strong = 0;
- mp_int testval;
- mp_err res;
- clock_t start, end;
-
-#ifdef MACOS
- argc = ccommand(&argv);
-#endif
-
- /* We'll just use the C library's rand() for now, although this
- won't be good enough for cryptographic purposes */
- if((out = getenv("SEED")) == NULL) {
- srand((unsigned int)time(NULL));
- } else {
- srand((unsigned int)atoi(out));
- }
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <bits> [<count> [strong]]\n", argv[0]);
- return 1;
- }
-
- if((bits = abs(atoi(argv[1]))) < CHAR_BIT) {
- fprintf(stderr, "%s: please request at least %d bits.\n",
- argv[0], CHAR_BIT);
- return 1;
- }
-
- /* If optional third argument is given, use that as the number of
- primes to generate; otherwise generate one prime only.
- */
- if(argc < 3) {
- ngen = 1;
- } else {
- ngen = abs(atoi(argv[2]));
- }
-
- /* If fourth argument is given, and is the word "strong", we'll
- generate strong (Sophie Germain) primes.
- */
- if(argc > 3 && strcmp(argv[3], "strong") == 0)
- g_strong = 1;
-
- /* testval - candidate being tested; nTries - number tried so far */
- if ((res = mp_init(&testval)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
- return 1;
- }
-
- if(g_strong) {
- printf("Requested %d strong prime value(s) of %d bits.\n",
- ngen, bits);
- } else {
- printf("Requested %d prime value(s) of %d bits.\n", ngen, bits);
- }
-
- rawlen = (bits / CHAR_BIT) + ((bits % CHAR_BIT) ? 1 : 0) + 1;
-
- if((raw = calloc(rawlen, sizeof(unsigned char))) == NULL) {
- fprintf(stderr, "%s: out of memory, sorry.\n", argv[0]);
- return 1;
- }
-
- /* This loop is one for each prime we need to generate */
- for(jx = 0; jx < ngen; jx++) {
-
- raw[0] = 0; /* sign is positive */
-
- /* Pack the initializer with random bytes */
- for(ix = 1; ix < rawlen; ix++)
- raw[ix] = (rand() * rand()) & UCHAR_MAX;
-
- raw[1] |= 0x80; /* set high-order bit of test value */
- raw[rawlen - 1] |= 1; /* set low-order bit of test value */
-
- /* Make an mp_int out of the initializer */
- mp_read_raw(&testval, (char *)raw, rawlen);
-
- /* Initialize candidate counter */
- nTries = 0;
-
- start = clock(); /* time generation for this prime */
- do {
- res = mpp_make_prime(&testval, bits, g_strong, &nTries);
- if (res != MP_NO)
- break;
- /* This code works whether digits are 16 or 32 bits */
- res = mp_add_d(&testval, 32 * 1024, &testval);
- res = mp_add_d(&testval, 32 * 1024, &testval);
- FPUTC(',', stderr);
- } while (1);
- end = clock();
-
- if (res != MP_YES) {
- break;
- }
- FPUTC('\n', stderr);
- puts("The following value is probably prime:");
- outlen = mp_radix_size(&testval, 10);
- out = calloc(outlen, sizeof(unsigned char));
- mp_toradix(&testval, (char *)out, 10);
- printf("10: %s\n", out);
- mp_toradix(&testval, (char *)out, 16);
- printf("16: %s\n\n", out);
- free(out);
-
- printf("Number of candidates tried: %lu\n", nTries);
- printf("This computation took %ld clock ticks (%.2f seconds)\n",
- (end - start), ((double)(end - start) / CLOCKS_PER_SEC));
-
- FPUTC('\n', stderr);
- } /* end of loop to generate all requested primes */
-
- if(res != MP_OKAY)
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
-
- free(raw);
- mp_clear(&testval);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/prng.c b/security/nss/lib/freebl/mpi/utils/prng.c
deleted file mode 100644
index 9b8f7983a..000000000
--- a/security/nss/lib/freebl/mpi/utils/prng.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * prng.c
- *
- * Command-line pseudo-random number generator
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <time.h>
-
-#ifdef __OS2__
-#include <types.h>
-#include <process.h>
-#else
-#include <unistd.h>
-#endif
-
-#include "bbs_rand.h"
-
-int main(int argc, char *argv[])
-{
- unsigned char *seed;
- unsigned int ix, num = 1;
- pid_t pid;
-
- if(argc > 1) {
- num = atoi(argv[1]);
- if(num <= 0)
- num = 1;
- }
-
- pid = getpid();
- srand(time(NULL) * (unsigned int)pid);
-
- /* Not a perfect seed, but not bad */
- seed = malloc(bbs_seed_size);
- for(ix = 0; ix < bbs_seed_size; ix++) {
- seed[ix] = rand() % UCHAR_MAX;
- }
-
- bbs_srand(seed, bbs_seed_size);
- memset(seed, 0, bbs_seed_size);
- free(seed);
-
- while(num-- > 0) {
- ix = bbs_rand();
-
- printf("%u\n", ix);
- }
-
- return 0;
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/ptab.pl b/security/nss/lib/freebl/mpi/utils/ptab.pl
deleted file mode 100755
index f9c56b6c3..000000000
--- a/security/nss/lib/freebl/mpi/utils/ptab.pl
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/linguist/bin/perl
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-## $Id$
-##
-
-while(<>) {
- chomp;
- push(@primes, $_);
-}
-
-printf("mp_size prime_tab_size = %d;\n", ($#primes + 1));
-print "mp_digit prime_tab[] = {\n";
-
-print "\t";
-$last = pop(@primes);
-foreach $prime (sort {$a<=>$b} @primes) {
- printf("0x%04X, ", $prime);
- $brk = ($brk + 1) % 8;
- print "\n\t" if(!$brk);
-}
-printf("0x%04X", $last);
-print "\n" if($brk);
-print "};\n\n";
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/sieve.c b/security/nss/lib/freebl/mpi/utils/sieve.c
deleted file mode 100644
index 4dd20604c..000000000
--- a/security/nss/lib/freebl/mpi/utils/sieve.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/*
- * sieve.c
- *
- * Finds prime numbers using the Sieve of Eratosthenes
- *
- * This implementation uses a bitmap to represent all odd integers in a
- * given range. We iterate over this bitmap, crossing off the
- * multiples of each prime we find. At the end, all the remaining set
- * bits correspond to prime integers.
- *
- * Here, we make two passes -- once we have generated a sieve-ful of
- * primes, we copy them out, reset the sieve using the highest
- * generated prime from the first pass as a base. Then we cross out
- * all the multiples of all the primes we found the first time through,
- * and re-sieve. In this way, we get double use of the memory we
- * allocated for the sieve the first time though. Since we also
- * implicitly ignore multiples of 2, this amounts to 4 times the
- * values.
- *
- * This could (and probably will) be generalized to re-use the sieve a
- * few more times.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-
-typedef unsigned char byte;
-
-typedef struct {
- int size;
- byte *bits;
- long base;
- int next;
- int nbits;
-} sieve;
-
-void sieve_init(sieve *sp, long base, int nbits);
-void sieve_grow(sieve *sp, int nbits);
-long sieve_next(sieve *sp);
-void sieve_reset(sieve *sp, long base);
-void sieve_cross(sieve *sp, long val);
-void sieve_clear(sieve *sp);
-
-#define S_ISSET(S, B) (((S)->bits[(B)/CHAR_BIT]>>((B)%CHAR_BIT))&1)
-#define S_SET(S, B) ((S)->bits[(B)/CHAR_BIT]|=(1<<((B)%CHAR_BIT)))
-#define S_CLR(S, B) ((S)->bits[(B)/CHAR_BIT]&=~(1<<((B)%CHAR_BIT)))
-#define S_VAL(S, B) ((S)->base+(2*(B)))
-#define S_BIT(S, V) (((V)-((S)->base))/2)
-
-int main(int argc, char *argv[])
-{
- sieve s;
- long pr, *p;
- int c, ix, cur = 0;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <width>\n", argv[0]);
- return 1;
- }
-
- c = atoi(argv[1]);
- if(c < 0) c = -c;
-
- fprintf(stderr, "%s: sieving to %d positions\n", argv[0], c);
-
- sieve_init(&s, 3, c);
-
- c = 0;
- while((pr = sieve_next(&s)) > 0) {
- ++c;
- }
-
- p = calloc(c, sizeof(long));
- if(!p) {
- fprintf(stderr, "%s: out of memory after first half\n", argv[0]);
- sieve_clear(&s);
- exit(1);
- }
-
- fprintf(stderr, "%s: half done ... \n", argv[0]);
-
- for(ix = 0; ix < s.nbits; ix++) {
- if(S_ISSET(&s, ix)) {
- p[cur] = S_VAL(&s, ix);
- printf("%ld\n", p[cur]);
- ++cur;
- }
- }
-
- sieve_reset(&s, p[cur - 1]);
- fprintf(stderr, "%s: crossing off %d found primes ... \n", argv[0], cur);
- for(ix = 0; ix < cur; ix++) {
- sieve_cross(&s, p[ix]);
- if(!(ix % 1000))
- fputc('.', stderr);
- }
- fputc('\n', stderr);
-
- free(p);
-
- fprintf(stderr, "%s: sieving again from %ld ... \n", argv[0], p[cur - 1]);
- c = 0;
- while((pr = sieve_next(&s)) > 0) {
- ++c;
- }
-
- fprintf(stderr, "%s: done!\n", argv[0]);
- for(ix = 0; ix < s.nbits; ix++) {
- if(S_ISSET(&s, ix)) {
- printf("%ld\n", S_VAL(&s, ix));
- }
- }
-
- sieve_clear(&s);
-
- return 0;
-}
-
-void sieve_init(sieve *sp, long base, int nbits)
-{
- sp->size = (nbits / CHAR_BIT);
-
- if(nbits % CHAR_BIT)
- ++sp->size;
-
- sp->bits = calloc(sp->size, sizeof(byte));
- memset(sp->bits, UCHAR_MAX, sp->size);
- if(!(base & 1))
- ++base;
- sp->base = base;
-
- sp->next = 0;
- sp->nbits = sp->size * CHAR_BIT;
-}
-
-void sieve_grow(sieve *sp, int nbits)
-{
- int ns = (nbits / CHAR_BIT);
-
- if(nbits % CHAR_BIT)
- ++ns;
-
- if(ns > sp->size) {
- byte *tmp;
- int ix;
-
- tmp = calloc(ns, sizeof(byte));
- if(tmp == NULL) {
- fprintf(stderr, "Error: out of memory in sieve_grow\n");
- return;
- }
-
- memcpy(tmp, sp->bits, sp->size);
- for(ix = sp->size; ix < ns; ix++) {
- tmp[ix] = UCHAR_MAX;
- }
-
- free(sp->bits);
- sp->bits = tmp;
- sp->size = ns;
-
- sp->nbits = sp->size * CHAR_BIT;
- }
-}
-
-long sieve_next(sieve *sp)
-{
- long out;
- int ix = 0;
- long val;
-
- if(sp->next > sp->nbits)
- return -1;
-
- out = S_VAL(sp, sp->next);
-#ifdef DEBUG
- fprintf(stderr, "Sieving %ld\n", out);
-#endif
-
- /* Sieve out all multiples of the current prime */
- val = out;
- while(ix < sp->nbits) {
- val += out;
- ix = S_BIT(sp, val);
- if((val & 1) && ix < sp->nbits) { /* && S_ISSET(sp, ix)) { */
- S_CLR(sp, ix);
-#ifdef DEBUG
- fprintf(stderr, "Crossing out %ld (bit %d)\n", val, ix);
-#endif
- }
- }
-
- /* Scan ahead to the next prime */
- ++sp->next;
- while(sp->next < sp->nbits && !S_ISSET(sp, sp->next))
- ++sp->next;
-
- return out;
-}
-
-void sieve_cross(sieve *sp, long val)
-{
- int ix = 0;
- long cur = val;
-
- while(cur < sp->base)
- cur += val;
-
- ix = S_BIT(sp, cur);
- while(ix < sp->nbits) {
- if(cur & 1)
- S_CLR(sp, ix);
- cur += val;
- ix = S_BIT(sp, cur);
- }
-}
-
-void sieve_reset(sieve *sp, long base)
-{
- memset(sp->bits, UCHAR_MAX, sp->size);
- sp->base = base;
- sp->next = 0;
-}
-
-void sieve_clear(sieve *sp)
-{
- if(sp->bits)
- free(sp->bits);
-
- sp->bits = NULL;
-}
diff --git a/security/nss/lib/freebl/mpi/vis_32.il b/security/nss/lib/freebl/mpi/vis_32.il
deleted file mode 100644
index 443b6a00e..000000000
--- a/security/nss/lib/freebl/mpi/vis_32.il
+++ /dev/null
@@ -1,1320 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is vis inline macros (32 bit). (vis_32.il 3.3)
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1995-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-! $Id$
-!
-! @(#)vis_32.il 3.3 00/03/02 SMI
-
-! The interface to the VIS instructions as declared below (and in the VIS
-! User's Manual) will not change, but the macro implementation might change
-! in the future.
-
-!--------------------------------------------------------------------
-! Pure edge handling instructions
-!
-! int vis_edge8(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8,8
- edge8 %o0,%o1,%o0
- .end
-!
-! int vis_edge8l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8l,8
- edge8l %o0,%o1,%o0
- .end
-!
-! int vis_edge16(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16,8
- edge16 %o0,%o1,%o0
- .end
-!
-! int vis_edge16l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16l,8
- edge16l %o0,%o1,%o0
- .end
-!
-! int vis_edge32(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32,8
- edge32 %o0,%o1,%o0
- .end
-!
-! int vis_edge32l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32l,8
- edge32l %o0,%o1,%o0
- .end
-
-!--------------------------------------------------------------------
-! Edge handling instructions with negative return values if cc set
-!
-! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8cc,8
- edge8 %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8lcc,8
- edge8l %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16cc,8
- edge16 %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16lcc,8
- edge16l %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32cc,8
- edge32 %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32lcc,8
- edge32l %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-
-!--------------------------------------------------------------------
-! Alignment instructions
-!
-! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddr,8
- alignaddr %o0,%o1,%o0
- .end
-!
-! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddrl,8
- alignaddrl %o0,%o1,%o0
- .end
-!
-! double vis_faligndata(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_faligndata,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- faligndata %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned comparison instructions
-!
-! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmple16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpne16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmple32 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpne32 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpgt16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpeq16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpgt32 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpeq32 %f4,%f10,%o0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned arithmetic
-!
-! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8x16,12
- st %o0,[%sp+0x44]
- ld [%sp+0x44],%f4
- st %o1,[%sp+0x48]
- st %o2,[%sp+0x4c]
- ldd [%sp+0x48],%f10
- fmul8x16 %f4,%f10,%f0
- .end
-!
-! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-!
- .inline vis_fmul8x16_dummy,16
- st %o0,[%sp+0x44]
- ld [%sp+0x44],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fmul8x16 %f4,%f10,%f0
- .end
-!
-! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16au,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmul8x16au %f4,%f10,%f0
- .end
-!
-! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16al,8
- st %o0,[%sp+0x44]
- ld [%sp+0x44],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmul8x16al %f4,%f10,%f0
- .end
-!
-! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8sux16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fmul8sux16 %f4,%f10,%f0
- .end
-!
-! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8ulx16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fmul8ulx16 %f4,%f10,%f0
- .end
-!
-! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8sux16,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmuld8sux16 %f4,%f10,%f0
- .end
-!
-! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8ulx16,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmuld8ulx16 %f4,%f10,%f0
- .end
-!
-! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd16,16
- std %o0,[%sp+0x40]
- ldd [%sp+0x40],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpadd16 %f4,%f10,%f0
- .end
-!
-! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd16s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpadd16s %f4,%f10,%f0
- .end
-!
-! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpadd32 %f4,%f10,%f0
- .end
-!
-! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd32s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpadd32s %f4,%f10,%f0
- .end
-!
-! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpsub16 %f4,%f10,%f0
- .end
-!
-! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub16s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpsub16s %f4,%f10,%f0
- .end
-!
-! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpsub32 %f4,%f10,%f0
- .end
-!
-! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub32s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpsub32s %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel packing
-!
-! float vis_fpack16(double /*frs2*/);
-!
- .inline vis_fpack16,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpack16 %f4,%f0
- .end
-
-!
-! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpack16_pair,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack16 %f4,%f0
- fpack16 %f10,%f1
- .end
-!
-! void vis_st2_fpack16(double, double, double *)
-!
- .inline vis_st2_fpack16,20
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack16 %f4,%f0
- fpack16 %f10,%f1
- st %f0,[%o4+0]
- st %f1,[%o4+4]
- .end
-!
-! void vis_std_fpack16(double, double, double *)
-!
- .inline vis_std_fpack16,20
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack16 %f4,%f0
- fpack16 %f10,%f1
- std %f0,[%o4]
- .end
-!
-! void vis_st2_fpackfix(double, double, double *)
-!
- .inline vis_st2_fpackfix,20
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpackfix %f4,%f0
- fpackfix %f10,%f1
- st %f0,[%o4+0]
- st %f1,[%o4+4]
- .end
-!
-! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_hi,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpack16 %f4,%f0
- .end
-
-! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_lo,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpack16 %f4,%f3
- fmovs %f3,%f1 /* without this, optimizer goes wrong */
- .end
-
-!
-! double vis_fpack32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack32 %f4,%f10,%f0
- .end
-!
-! float vis_fpackfix(double /*frs2*/);
-!
- .inline vis_fpackfix,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpackfix %f4,%f0
- .end
-!
-! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpackfix_pair,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f6
- fpackfix %f4,%f0
- fpackfix %f6,%f1
- .end
-
-!--------------------------------------------------------------------
-! Motion estimation
-!
-! double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
-!
- .inline vis_pdist,24
- std %o4,[%sp+0x48]
- ldd [%sp+0x48],%f0
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- pdist %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Channel merging
-!
-! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpmerge,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpmerge %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel expansion
-!
-! double vis_fexpand(float /*frs2*/);
-!
- .inline vis_fexpand,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- fexpand %f4,%f0
- .end
-
-! double vis_fexpand_hi(double /*frs2*/);
-!
- .inline vis_fexpand_hi,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fexpand %f4,%f0
- .end
-
-! double vis_fexpand_lo(double /*frs2*/);
-!
- .inline vis_fexpand_lo,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fmovs %f5, %f2
- fexpand %f2,%f0
- .end
-
-!--------------------------------------------------------------------
-! Bitwise logical operations
-!
-! double vis_fnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnor,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fnor %f4,%f10,%f0
- .end
-!
-! float vis_fnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fnors %f4,%f10,%f0
- .end
-!
-! double vis_fandnot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fandnot,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fandnot1 %f4,%f10,%f0
- .end
-!
-! float vis_fandnots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fandnots,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fandnot1s %f4,%f10,%f0
- .end
-!
-! double vis_fnot(double /*frs1*/);
-!
- .inline vis_fnot,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fnot1 %f4,%f0
- .end
-!
-! float vis_fnots(float /*frs1*/);
-!
- .inline vis_fnots,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- fnot1s %f4,%f0
- .end
-!
-! double vis_fxor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxor,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fxor %f4,%f10,%f0
- .end
-!
-! float vis_fxors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fxors %f4,%f10,%f0
- .end
-!
-! double vis_fnand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnand,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fnand %f4,%f10,%f0
- .end
-!
-! float vis_fnands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnands,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fnands %f4,%f10,%f0
- .end
-!
-! double vis_fand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fand,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fand %f4,%f10,%f0
- .end
-!
-! float vis_fands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fands,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fands %f4,%f10,%f0
- .end
-!
-! double vis_fxnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxnor,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fxnor %f4,%f10,%f0
- .end
-!
-! float vis_fxnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxnors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fxnors %f4,%f10,%f0
- .end
-!
-! double vis_fsrc(double /*frs1*/);
-!
- .inline vis_fsrc,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fsrc1 %f4,%f0
- .end
-!
-! float vis_fsrcs(float /*frs1*/);
-!
- .inline vis_fsrcs,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- fsrc1s %f4,%f0
- .end
-!
-! double vis_fornot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fornot,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fornot1 %f4,%f10,%f0
- .end
-!
-! float vis_fornots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fornots,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fornot1s %f4,%f10,%f0
- .end
-!
-! double vis_for(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_for,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- for %f4,%f10,%f0
- .end
-!
-! float vis_fors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fors %f4,%f10,%f0
- .end
-!
-! double vis_fzero(/* void */)
-!
- .inline vis_fzero,0
- fzero %f0
- .end
-!
-! float vis_fzeros(/* void */)
-!
- .inline vis_fzeros,0
- fzeros %f0
- .end
-!
-! double vis_fone(/* void */)
-!
- .inline vis_fone,0
- fone %f0
- .end
-!
-! float vis_fones(/* void */)
-!
- .inline vis_fones,0
- fones %f0
- .end
-
-!--------------------------------------------------------------------
-! Partial store instructions
-!
-! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8P,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8PL,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc8 ! ASI_PST8_PL
- .end
-!
-! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
-!
- .inline vis_stdfa_ASI_PST8P_int_pair,16
- ld [%o0],%f4
- ld [%o1],%f5
- stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8S,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc1 ! ASI_PST8_S
- .end
-!
-! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16P,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc2 ! ASI_PST16_P
- .end
-!
-! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16S,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc3 ! ASI_PST16_S
- .end
-!
-! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32P,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc4 ! ASI_PST32_P
- .end
-!
-! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32S,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc5 ! ASI_PST32_S
- .end
-
-!--------------------------------------------------------------------
-! Short store instructions
-!
-! vis_stdfa_ASI_FL8P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8P,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL8P_index,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2+%o3]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8S,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd1 ! ASI_FL8_S
- .end
-!
-! vis_stdfa_ASI_FL16P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16P,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL16P_index,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2+%o3]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16S,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd3 ! ASI_FL16_S
- .end
-!
-! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8PL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd8 ! ASI_FL8_PL
- .end
-!
-! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8SL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd9 ! ASI_FL8_SL
- .end
-!
-! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16PL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xda ! ASI_FL16_PL
- .end
-!
-! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16SL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xdb ! ASI_FL16_SL
- .end
-
-!--------------------------------------------------------------------
-! Short load instructions
-!
-! double vis_lddfa_ASI_FL8P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8P,4
- ldda [%o0]0xd0,%f4 ! ASI_FL8_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8P_index,8
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_hi,8
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_lo,8
- sll %o1,16,%o1
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8S,4
- ldda [%o0]0xd1,%f4 ! ASI_FL8_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16P,4
- ldda [%o0]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16P_index,8
- ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16S,4
- ldda [%o0]0xd3,%f4 ! ASI_FL16_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8PL,4
- ldda [%o0]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8PL_index,8
- ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8SL,4
- ldda [%o0]0xd9,%f4 ! ASI_FL8_SL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16PL,4
- ldda [%o0]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16PL_index,8
- ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16SL,4
- ldda [%o0]0xdb,%f4 ! ASI_FL16_SL
- fmovd %f4,%f0
- .end
-
-!--------------------------------------------------------------------
-! Graphics status register
-!
-! unsigned int vis_read_gsr(void)
-!
- .inline vis_read_gsr,0
- rd %gsr,%o0
- .end
-!
-! void vis_write_gsr(unsigned int /* GSR */)
-!
- .inline vis_write_gsr,4
- wr %g0,%o0,%gsr
- .end
-
-!--------------------------------------------------------------------
-! Voxel texture mapping
-!
-! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
-!
- .inline vis_array8,12
- sllx %o0,32,%o0
- srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
- or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
- array8 %o3,%o2,%o0
- .end
-!
-! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array16,12
- sllx %o0,32,%o0
- srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
- or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
- array16 %o3,%o2,%o0
- .end
-!
-! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array32,12
- sllx %o0,32,%o0
- srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
- or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
- array32 %o3,%o2,%o0
- .end
-
-!--------------------------------------------------------------------
-! Register aliasing and type casts
-!
-! float vis_read_hi(double /* frs1 */);
-!
- .inline vis_read_hi,8
- std %o0,[%sp+0x48] ! store double frs1
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; return %f0;
- .end
-!
-! float vis_read_lo(double /* frs1 */);
-!
- .inline vis_read_lo,8
- std %o0,[%sp+0x48] ! store double frs1
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
- fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0;
- .end
-!
-! double vis_write_hi(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_hi,12
- std %o0,[%sp+0x48] ! store double frs1;
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
- st %o2,[%sp+0x44] ! store float frs2;
- ld [%sp+0x44],%f2 ! %f2 = float frs2;
- fmovs %f2,%f0 ! %f0 = float frs2; return %f0:f1;
- .end
-!
-! double vis_write_lo(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_lo,12
- std %o0,[%sp+0x48] ! store double frs1;
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
- st %o2,[%sp+0x44] ! store float frs2;
- ld [%sp+0x44],%f2 ! %f2 = float frs2;
- fmovs %f2,%f1 ! %f1 = float frs2; return %f0:f1;
- .end
-!
-! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
-!
- .inline vis_freg_pair,8
- st %o0,[%sp+0x48] ! store float frs1
- ld [%sp+0x48],%f0
- st %o1,[%sp+0x48] ! store float frs2
- ld [%sp+0x48],%f1
- .end
-!
-! float vis_to_float(unsigned int /*value*/);
-!
- .inline vis_to_float,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f0
- .end
-!
-! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-!
- .inline vis_to_double,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- .end
-!
-! double vis_to_double_dup(unsigned int /*value*/);
-!
- .inline vis_to_double_dup,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f1
- fmovs %f1,%f0 ! duplicate value
- .end
-!
-! double vis_ll_to_double(unsigned long long /*value*/);
-!
- .inline vis_ll_to_double,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- .end
-
-!--------------------------------------------------------------------
-! Address space identifier (ASI) register
-!
-! unsigned int vis_read_asi(void)
-!
- .inline vis_read_asi,0
- rd %asi,%o0
- .end
-!
-! void vis_write_asi(unsigned int /* ASI */)
-!
- .inline vis_write_asi,4
- wr %g0,%o0,%asi
- .end
-
-!--------------------------------------------------------------------
-! Load/store from/into alternate space
-!
-! float vis_ldfa_ASI_REG(void *rs1)
-!
- .inline vis_ldfa_ASI_REG,4
- lda [%o0+0]%asi,%f4
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_P(void *rs1)
-!
- .inline vis_ldfa_ASI_P,4
- lda [%o0]0x80,%f4 ! ASI_P
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_PL(void *rs1)
-!
- .inline vis_ldfa_ASI_PL,4
- lda [%o0]0x88,%f4 ! ASI_PL
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_REG(void *rs1)
-!
- .inline vis_lddfa_ASI_REG,4
- ldda [%o0+0]%asi,%f4
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_P(void *rs1)
-!
- .inline vis_lddfa_ASI_P,4
- ldda [%o0]0x80,%f4 ! ASI_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_PL(void *rs1)
-!
- .inline vis_lddfa_ASI_PL,4
- ldda [%o0]0x88,%f4 ! ASI_PL
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! vis_stfa_ASI_REG(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_REG,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- sta %f4,[%o1+0]%asi
- .end
-!
-! vis_stfa_ASI_P(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_P,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- sta %f4,[%o1]0x80 ! ASI_P
- .end
-!
-! vis_stfa_ASI_PL(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_PL,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- sta %f4,[%o1]0x88 ! ASI_PL
- .end
-!
-! vis_stdfa_ASI_REG(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_REG,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2+0]%asi
- .end
-!
-! vis_stdfa_ASI_P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_P,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0x80 ! ASI_P
- .end
-!
-! vis_stdfa_ASI_PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_PL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0x88 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_REG(void *rs1)
-!
- .inline vis_lduha_ASI_REG,4
- lduha [%o0+0]%asi,%o0
- .end
-!
-! unsigned short vis_lduha_ASI_P(void *rs1)
-!
- .inline vis_lduha_ASI_P,4
- lduha [%o0]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL(void *rs1)
-!
- .inline vis_lduha_ASI_PL,4
- lduha [%o0]0x88,%o0 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_P_index,8
- lduha [%o0+%o1]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_PL_index,8
- lduha [%o0+%o1]0x88,%o0 ! ASI_PL
- .end
-
-!--------------------------------------------------------------------
-! Prefetch
-!
-! void vis_prefetch_read(void * /*address*/);
-!
- .inline vis_prefetch_read,4
- prefetch [%o0+0],0
- .end
-!
-! void vis_prefetch_write(void * /*address*/);
-!
- .inline vis_prefetch_write,4
- prefetch [%o0+0],2
- .end
diff --git a/security/nss/lib/freebl/mpi/vis_64.il b/security/nss/lib/freebl/mpi/vis_64.il
deleted file mode 100644
index 7a57e9b79..000000000
--- a/security/nss/lib/freebl/mpi/vis_64.il
+++ /dev/null
@@ -1,1026 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is vis inline macros (64 bit). (vis_64.il 3.4)
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1998-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-! $Id$
-!
-! @(#)vis_64.il 3.4 00/03/02 SMI
-
-! This file is to be used in place of vis.il in 64-bit builds.
-
-!--------------------------------------------------------------------
-! Pure edge handling instructions
-!
-! int vis_edge8(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8,16
- edge8 %o0,%o1,%o0
- .end
-!
-! int vis_edge8l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8l,16
- edge8l %o0,%o1,%o0
- .end
-!
-! int vis_edge16(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16,16
- edge16 %o0,%o1,%o0
- .end
-!
-! int vis_edge16l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16l,16
- edge16l %o0,%o1,%o0
- .end
-!
-! int vis_edge32(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32,16
- edge32 %o0,%o1,%o0
- .end
-!
-! int vis_edge32l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32l,16
- edge32l %o0,%o1,%o0
- .end
-
-!--------------------------------------------------------------------
-! Edge handling instructions with negative return values if cc set
-!
-! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8cc,16
- edge8 %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8lcc,16
- edge8l %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16cc,16
- edge16 %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16lcc,16
- edge16l %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32cc,16
- edge32 %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32lcc,16
- edge32l %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-
-!--------------------------------------------------------------------
-! Alignment instructions
-!
-! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddr,12
- alignaddr %o0,%o1,%o0
- .end
-!
-! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddrl,12
- alignaddrl %o0,%o1,%o0
- .end
-!
-! double vis_faligndata(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_faligndata,16
- faligndata %f0,%f2,%f0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned comparison instructions
-!
-! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple16,16
- fcmple16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne16,16
- fcmpne16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple32,16
- fcmple32 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne32,16
- fcmpne32 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt16,16
- fcmpgt16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq16,16
- fcmpeq16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt32,16
- fcmpgt32 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq32,16
- fcmpeq32 %f0,%f2,%o0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned arithmetic
-!
-! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8x16,12
- fmul8x16 %f1,%f2,%f0
- .end
-!
-! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-!
- .inline vis_fmul8x16_dummy,16
- fmul8x16 %f1,%f4,%f0
- .end
-!
-! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16au,8
- fmul8x16au %f1,%f3,%f0
- .end
-!
-! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16al,8
- fmul8x16al %f1,%f3,%f0
- .end
-!
-! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8sux16,16
- fmul8sux16 %f0,%f2,%f0
- .end
-!
-! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8ulx16,16
- fmul8ulx16 %f0,%f2,%f0
- .end
-!
-! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8sux16,8
- fmuld8sux16 %f1,%f3,%f0
- .end
-!
-! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8ulx16,8
- fmuld8ulx16 %f1,%f3,%f0
- .end
-!
-! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd16,16
- fpadd16 %f0,%f2,%f0
- .end
-!
-! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd16s,8
- fpadd16s %f1,%f3,%f0
- .end
-!
-! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd32,16
- fpadd32 %f0,%f2,%f0
- .end
-!
-! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd32s,8
- fpadd32s %f1,%f3,%f0
- .end
-!
-! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub16,16
- fpsub16 %f0,%f2,%f0
- .end
-!
-! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub16s,8
- fpsub16s %f1,%f3,%f0
- .end
-!
-! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub32,16
- fpsub32 %f0,%f2,%f0
- .end
-!
-! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub32s,8
- fpsub32s %f1,%f3,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel packing
-!
-! float vis_fpack16(double /*frs2*/);
-!
- .inline vis_fpack16,8
- fpack16 %f0,%f0
- .end
-!
-! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpack16_pair,16
- fpack16 %f0,%f0
- fpack16 %f2,%f1
- .end
-!
-! void vis_st2_fpack16(double, double, double *)
-!
- .inline vis_st2_fpack16,24
- fpack16 %f0,%f0
- fpack16 %f2,%f1
- st %f0,[%o2+0]
- st %f1,[%o2+4]
- .end
-!
-! void vis_std_fpack16(double, double, double *)
-!
- .inline vis_std_fpack16,24
- fpack16 %f0,%f0
- fpack16 %f2,%f1
- std %f0,[%o2]
- .end
-!
-! void vis_st2_fpackfix(double, double, double *)
-!
- .inline vis_st2_fpackfix,24
- fpackfix %f0,%f0
- fpackfix %f2,%f1
- st %f0,[%o2+0]
- st %f1,[%o2+4]
- .end
-!
-! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_hi,16
- fpack16 %f2,%f0
- .end
-
-! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_lo,16
- fpack16 %f2,%f3
- fmovs %f3,%f1 /* without this, optimizer goes wrong */
- .end
-
-!
-! double vis_fpack32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack32,16
- fpack32 %f0,%f2,%f0
- .end
-!
-! float vis_fpackfix(double /*frs2*/);
-!
- .inline vis_fpackfix,8
- fpackfix %f0,%f0
- .end
-!
-! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpackfix_pair,16
- fpackfix %f0,%f0
- fpackfix %f2,%f1
- .end
-
-!--------------------------------------------------------------------
-! Motion estimation
-!
-! double vis_pxldist64(double accum /*frd*/, double pxls1 /*frs1*/,
-! double pxls2 /*frs2*/);
-!
- .inline vis_pxldist64,24
- pdist %f2,%f4,%f0
- .end
-
-!--------------------------------------------------------------------
-! Channel merging
-!
-! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpmerge,8
- fpmerge %f1,%f3,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel expansion
-!
-! double vis_fexpand(float /*frs2*/);
-!
- .inline vis_fexpand,4
- fexpand %f1,%f0
- .end
-
-! double vis_fexpand_hi(double /*frs2*/);
-!
- .inline vis_fexpand_hi,8
- fexpand %f0,%f0
- .end
-
-! double vis_fexpand_lo(double /*frs2*/);
-!
- .inline vis_fexpand_lo,8
- fexpand %f1,%f0
- .end
-
-!--------------------------------------------------------------------
-! Bitwise logical operations
-!
-! double vis_fnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnor,16
- fnor %f0,%f2,%f0
- .end
-!
-! float vis_fnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnors,8
- fnors %f1,%f3,%f0
- .end
-!
-! double vis_fandnot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fandnot,16
- fandnot1 %f0,%f2,%f0
- .end
-!
-! float vis_fandnots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fandnots,8
- fandnot1s %f1,%f3,%f0
- .end
-!
-! double vis_fnot(double /*frs1*/);
-!
- .inline vis_fnot,8
- fnot1 %f0,%f0
- .end
-!
-! float vis_fnots(float /*frs1*/);
-!
- .inline vis_fnots,4
- fnot1s %f1,%f0
- .end
-!
-! double vis_fxor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxor,16
- fxor %f0,%f2,%f0
- .end
-!
-! float vis_fxors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxors,8
- fxors %f1,%f3,%f0
- .end
-!
-! double vis_fnand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnand,16
- fnand %f0,%f2,%f0
- .end
-!
-! float vis_fnands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnands,8
- fnands %f1,%f3,%f0
- .end
-!
-! double vis_fand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fand,16
- fand %f0,%f2,%f0
- .end
-!
-! float vis_fands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fands,8
- fands %f1,%f3,%f0
- .end
-!
-! double vis_fxnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxnor,16
- fxnor %f0,%f2,%f0
- .end
-!
-! float vis_fxnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxnors,8
- fxnors %f1,%f3,%f0
- .end
-!
-! double vis_fsrc(double /*frs1*/);
-!
- .inline vis_fsrc,8
- fsrc1 %f0,%f0
- .end
-!
-! float vis_fsrcs(float /*frs1*/);
-!
- .inline vis_fsrcs,4
- fsrc1s %f1,%f0
- .end
-!
-! double vis_fornot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fornot,16
- fornot1 %f0,%f2,%f0
- .end
-!
-! float vis_fornots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fornots,8
- fornot1s %f1,%f3,%f0
- .end
-!
-! double vis_for(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_for,16
- for %f0,%f2,%f0
- .end
-!
-! float vis_fors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fors,8
- fors %f1,%f3,%f0
- .end
-!
-! double vis_fzero(/* void */)
-!
- .inline vis_fzero,0
- fzero %f0
- .end
-!
-! float vis_fzeros(/* void */)
-!
- .inline vis_fzeros,0
- fzeros %f0
- .end
-!
-! double vis_fone(/* void */)
-!
- .inline vis_fone,0
- fone %f0
- .end
-!
-! float vis_fones(/* void */)
-!
- .inline vis_fones,0
- fones %f0
- .end
-
-!--------------------------------------------------------------------
-! Partial store instructions
-!
-! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8P,20
- stda %f0,[%o1]%o2,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8PL,20
- stda %f0,[%o1]%o2,0xc8 ! ASI_PST8_PL
- .end
-!
-! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
-!
- .inline vis_stdfa_ASI_PST8P_int_pair,28
- ld [%o0],%f4
- ld [%o1],%f5
- stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8S,20
- stda %f0,[%o1]%o2,0xc1 ! ASI_PST8_S
- .end
-!
-! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16P,20
- stda %f0,[%o1]%o2,0xc2 ! ASI_PST16_P
- .end
-!
-! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16S,20
- stda %f0,[%o1]%o2,0xc3 ! ASI_PST16_S
- .end
-!
-! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32P,20
- stda %f0,[%o1]%o2,0xc4 ! ASI_PST32_P
- .end
-!
-! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32S,20
- stda %f0,[%o1]%o2,0xc5 ! ASI_PST32_S
- .end
-
-!--------------------------------------------------------------------
-! Short store instructions
-!
-! vis_stdfa_ASI_FL8P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8P,16
- stda %f0,[%o1]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL8P_index,24
- stda %f0,[%o1+%o2]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8S,16
- stda %f0,[%o1]0xd1 ! ASI_FL8_S
- .end
-!
-! vis_stdfa_ASI_FL16P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16P,16
- stda %f0,[%o1]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL16P_index,24
- stda %f0,[%o1+%o2]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16S,16
- stda %f0,[%o1]0xd3 ! ASI_FL16_S
- .end
-!
-! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8PL,16
- stda %f0,[%o1]0xd8 ! ASI_FL8_PL
- .end
-!
-! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8SL,16
- stda %f0,[%o1]0xd9 ! ASI_FL8_SL
- .end
-!
-! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16PL,16
- stda %f0,[%o1]0xda ! ASI_FL16_PL
- .end
-!
-! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16SL,16
- stda %f0,[%o1]0xdb ! ASI_FL16_SL
- .end
-
-!--------------------------------------------------------------------
-! Short load instructions
-!
-! double vis_lddfa_ASI_FL8P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8P,8
- ldda [%o0]0xd0,%f4 ! ASI_FL8_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8P_index,16
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_hi,12
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_lo,12
- sll %o1,16,%o1
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8S,8
- ldda [%o0]0xd1,%f4 ! ASI_FL8_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16P,8
- ldda [%o0]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16P_index,16
- ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16S,8
- ldda [%o0]0xd3,%f4 ! ASI_FL16_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8PL,8
- ldda [%o0]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8PL_index,16
- ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8SL,8
- ldda [%o0]0xd9,%f4 ! ASI_FL8_SL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16PL,8
- ldda [%o0]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16PL_index,16
- ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16SL,8
- ldda [%o0]0xdb,%f4 ! ASI_FL16_SL
- fmovd %f4,%f0
- .end
-
-!--------------------------------------------------------------------
-! Graphics status register
-!
-! unsigned int vis_read_gsr(void)
-!
- .inline vis_read_gsr,0
- rd %gsr,%o0
- .end
-!
-! void vis_write_gsr(unsigned int /* GSR */)
-!
- .inline vis_write_gsr,4
- wr %g0,%o0,%gsr
- .end
-
-!--------------------------------------------------------------------
-! Voxel texture mapping
-!
-! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
-!
- .inline vis_array8,12
- array8 %o0,%o1,%o0
- .end
-!
-! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array16,12
- array16 %o0,%o1,%o0
- .end
-!
-! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array32,12
- array32 %o0,%o1,%o0
- .end
-
-!--------------------------------------------------------------------
-! Register aliasing and type casts
-!
-! float vis_read_hi(double /* frs1 */);
-!
- .inline vis_read_hi,8
- fmovs %f0,%f0
- .end
-!
-! float vis_read_lo(double /* frs1 */);
-!
- .inline vis_read_lo,8
- fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0;
- .end
-!
-! double vis_write_hi(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_hi,12
- fmovs %f3,%f0 ! %f3 = float frs2; return %f0:f1;
- .end
-!
-! double vis_write_lo(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_lo,12
- fmovs %f3,%f1 ! %f3 = float frs2; return %f0:f1;
- .end
-!
-! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
-!
- .inline vis_freg_pair,8
- fmovs %f1,%f0 ! %f1 = float frs1; put in hi;
- fmovs %f3,%f1 ! %f3 = float frs2; put in lo; return %f0:f1;
- .end
-!
-! float vis_to_float(unsigned int /*value*/);
-!
- .inline vis_to_float,4
- st %o0,[%sp+2183]
- ld [%sp+2183],%f0
- .end
-!
-! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-!
- .inline vis_to_double,8
- st %o0,[%sp+2183]
- ld [%sp+2183],%f0
- st %o1,[%sp+2183]
- ld [%sp+2183],%f1
- .end
-!
-! double vis_to_double_dup(unsigned int /*value*/);
-!
- .inline vis_to_double_dup,4
- st %o0,[%sp+2183]
- ld [%sp+2183],%f1
- fmovs %f1,%f0 ! duplicate value
- .end
-!
-! double vis_ll_to_double(unsigned long long /*value*/);
-!
- .inline vis_ll_to_double,8
- stx %o0,[%sp+2183]
- ldd [%sp+2183],%f0
- .end
-
-!--------------------------------------------------------------------
-! Address space identifier (ASI) register
-!
-! unsigned int vis_read_asi(void)
-!
- .inline vis_read_asi,0
- rd %asi,%o0
- .end
-!
-! void vis_write_asi(unsigned int /* ASI */)
-!
- .inline vis_write_asi,4
- wr %g0,%o0,%asi
- .end
-
-!--------------------------------------------------------------------
-! Load/store from/into alternate space
-!
-! float vis_ldfa_ASI_REG(void *rs1)
-!
- .inline vis_ldfa_ASI_REG,8
- lda [%o0+0]%asi,%f4
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_P(void *rs1)
-!
- .inline vis_ldfa_ASI_P,8
- lda [%o0]0x80,%f4 ! ASI_P
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_PL(void *rs1)
-!
- .inline vis_ldfa_ASI_PL,8
- lda [%o0]0x88,%f4 ! ASI_PL
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_REG(void *rs1)
-!
- .inline vis_lddfa_ASI_REG,8
- ldda [%o0+0]%asi,%f4
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_P(void *rs1)
-!
- .inline vis_lddfa_ASI_P,8
- ldda [%o0]0x80,%f4 ! ASI_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_PL(void *rs1)
-!
- .inline vis_lddfa_ASI_PL,8
- ldda [%o0]0x88,%f4 ! ASI_PL
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! vis_stfa_ASI_REG(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_REG,12
- sta %f1,[%o1+0]%asi
- .end
-!
-! vis_stfa_ASI_P(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_P,12
- sta %f1,[%o1]0x80 ! ASI_P
- .end
-!
-! vis_stfa_ASI_PL(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_PL,12
- sta %f1,[%o1]0x88 ! ASI_PL
- .end
-!
-! vis_stdfa_ASI_REG(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_REG,16
- stda %f0,[%o1+0]%asi
- .end
-!
-! vis_stdfa_ASI_P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_P,16
- stda %f0,[%o1]0x80 ! ASI_P
- .end
-!
-! vis_stdfa_ASI_PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_PL,16
- stda %f0,[%o1]0x88 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_REG(void *rs1)
-!
- .inline vis_lduha_ASI_REG,8
- lduha [%o0+0]%asi,%o0
- .end
-!
-! unsigned short vis_lduha_ASI_P(void *rs1)
-!
- .inline vis_lduha_ASI_P,8
- lduha [%o0]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL(void *rs1)
-!
- .inline vis_lduha_ASI_PL,8
- lduha [%o0]0x88,%o0 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_P_index,16
- lduha [%o0+%o1]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_PL_index,16
- lduha [%o0+%o1]0x88,%o0 ! ASI_PL
- .end
-
-!--------------------------------------------------------------------
-! Prefetch
-!
-! void vis_prefetch_read(void * /*address*/);
-!
- .inline vis_prefetch_read,8
- prefetch [%o0+0],0
- .end
-!
-! void vis_prefetch_write(void * /*address*/);
-!
- .inline vis_prefetch_write,8
- prefetch [%o0+0],2
- .end
diff --git a/security/nss/lib/freebl/mpi/vis_proto.h b/security/nss/lib/freebl/mpi/vis_proto.h
deleted file mode 100644
index 44192ad53..000000000
--- a/security/nss/lib/freebl/mpi/vis_proto.h
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is prototypes for vis.il (vis_proto.h 1.3)
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1995, 1997 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/*
- * Prototypes for the inline templates in vis.il
- */
-
-#ifndef VIS_PROTO_H
-#define VIS_PROTO_H
-
-#pragma ident "@(#)vis_proto.h 1.3 97/03/30 SMI"
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-/* Pure edge handling instructions */
-int vis_edge8(void * /*frs1*/, void * /*frs2*/);
-int vis_edge8l(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16l(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32l(void * /*frs1*/, void * /*frs2*/);
-
-/* Edge handling instructions with negative return values if cc set. */
-int vis_edge8cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge8lcc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16lcc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32lcc(void * /*frs1*/, void * /*frs2*/);
-
-/* Alignment instructions. */
-void *vis_alignaddr(void * /*rs1*/, int /*rs2*/);
-void *vis_alignaddrl(void * /*rs1*/, int /*rs2*/);
-double vis_faligndata(double /*frs1*/, double /*frs2*/);
-
-/* Partitioned comparison instructions. */
-int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-
-/* Partitioned multiplication. */
-#if 0
-double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-#endif
-double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-
-/* Partitioned addition & subtraction. */
-double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-
-/* Pixel packing & clamping. */
-float vis_fpack16(double /*frs2*/);
-double vis_fpack32(double /*frs1*/, double /*frs2*/);
-float vis_fpackfix(double /*frs2*/);
-
-/* Combined pack ops. */
-double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-void vis_st2_fpack16(double, double, double *);
-void vis_std_fpack16(double, double, double *);
-void vis_st2_fpackfix(double, double, double *);
-
-double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-
-/* Motion estimation. */
-double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
-
-/* Channel merging. */
-double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-
-/* Pixel expansion. */
-double vis_fexpand(float /*frs2*/);
-double vis_fexpand_hi(double /*frs2*/);
-double vis_fexpand_lo(double /*frs2*/);
-
-/* Bitwise logical operators. */
-double vis_fnor(double /*frs1*/, double /*frs2*/);
-float vis_fnors(float /*frs1*/, float /*frs2*/);
-double vis_fandnot(double /*frs1*/, double /*frs2*/);
-float vis_fandnots(float /*frs1*/, float /*frs2*/);
-double vis_fnot(double /*frs1*/);
-float vis_fnots(float /*frs1*/);
-double vis_fxor(double /*frs1*/, double /*frs2*/);
-float vis_fxors(float /*frs1*/, float /*frs2*/);
-double vis_fnand(double /*frs1*/, double /*frs2*/);
-float vis_fnands(float /*frs1*/, float /*frs2*/);
-double vis_fand(double /*frs1*/, double /*frs2*/);
-float vis_fands(float /*frs1*/, float /*frs2*/);
-double vis_fxnor(double /*frs1*/, double /*frs2*/);
-float vis_fxnors(float /*frs1*/, float /*frs2*/);
-double vis_fsrc(double /*frs1*/);
-float vis_fsrcs(float /*frs1*/);
-double vis_fornot(double /*frs1*/, double /*frs2*/);
-float vis_fornots(float /*frs1*/, float /*frs2*/);
-double vis_for(double /*frs1*/, double /*frs2*/);
-float vis_fors(float /*frs1*/, float /*frs2*/);
-double vis_fzero(void);
-float vis_fzeros(void);
-double vis_fone(void);
-float vis_fones(void);
-
-/* Partial stores. */
-void vis_stdfa_ASI_PST8P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8PL(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8P_int_pair(void * /*rs1*/, void * /*rs2*/,
- void * /*rs3*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST16P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST16S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST32P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST32S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-
-/* Byte & short stores. */
-void vis_stdfa_ASI_FL8P(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
-void vis_stdfa_ASI_FL8S(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16P(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
-void vis_stdfa_ASI_FL16S(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8PL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8SL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16PL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16SL(double /*frd*/, void * /*rs1*/);
-
-/* Byte & short loads. */
-double vis_lddfa_ASI_FL8P(void * /*rs1*/);
-double vis_lddfa_ASI_FL8P_index(void * /*rs1*/, long /*index*/);
-double vis_lddfa_ASI_FL8P_hi(void * /*rs1*/, unsigned int /*index*/);
-double vis_lddfa_ASI_FL8P_lo(void * /*rs1*/, unsigned int /*index*/);
-double vis_lddfa_ASI_FL8S(void * /*rs1*/);
-double vis_lddfa_ASI_FL16P(void * /*rs1*/);
-double vis_lddfa_ASI_FL16P_index(void * /*rs1*/, long /*index*/);
-double vis_lddfa_ASI_FL16S(void * /*rs1*/);
-double vis_lddfa_ASI_FL8PL(void * /*rs1*/);
-double vis_lddfa_ASI_FL8SL(void * /*rs1*/);
-double vis_lddfa_ASI_FL16PL(void * /*rs1*/);
-double vis_lddfa_ASI_FL16SL(void * /*rs1*/);
-
-/* Direct write to GSR, read from GSR */
-void vis_write_gsr(unsigned int /*GSR*/);
-unsigned int vis_read_gsr(void);
-
-/* Voxel texture mapping. */
-#if !defined(_NO_LONGLONG)
-unsigned long vis_array8(unsigned long long /*rs1*/, int /*rs2*/);
-unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/);
-unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/);
-#endif /* !defined(_NO_LONGLONG) */
-
-/* Register aliasing and type casts. */
-float vis_read_hi(double /*frs1*/);
-float vis_read_lo(double /*frs1*/);
-double vis_write_hi(double /*frs1*/, float /*frs2*/);
-double vis_write_lo(double /*frs1*/, float /*frs2*/);
-double vis_freg_pair(float /*frs1*/, float /*frs2*/);
-float vis_to_float(unsigned int /*value*/);
-double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-double vis_to_double_dup(unsigned int /*value*/);
-#if !defined(_NO_LONGLONG)
-double vis_ll_to_double(unsigned long long /*value*/);
-#endif /* !defined(_NO_LONGLONG) */
-
-/* Miscellany (no inlines) */
-void vis_error(char * /*fmt*/, int /*a0*/);
-void vis_sim_init(void);
-
-/* For better performance */
-#define vis_fmul8x16(farg,darg) vis_fmul8x16_dummy((farg),0,(darg))
-
-/* Nicknames for explicit ASI loads and stores. */
-#define vis_st_u8 vis_stdfa_ASI_FL8P
-#define vis_st_u8_i vis_stdfa_ASI_FL8P_index
-#define vis_st_u8_le vis_stdfa_ASI_FL8PL
-#define vis_st_u16 vis_stdfa_ASI_FL16P
-#define vis_st_u16_i vis_stdfa_ASI_FL16P_index
-#define vis_st_u16_le vis_stdfa_ASI_FL16PL
-
-#define vis_ld_u8 vis_lddfa_ASI_FL8P
-#define vis_ld_u8_i vis_lddfa_ASI_FL8P_index
-#define vis_ld_u8_le vis_lddfa_ASI_FL8PL
-#define vis_ld_u16 vis_lddfa_ASI_FL16P
-#define vis_ld_u16_i vis_lddfa_ASI_FL16P_index
-#define vis_ld_u16_le vis_lddfa_ASI_FL16PL
-
-#define vis_pst_8 vis_stdfa_ASI_PST8P
-#define vis_pst_16 vis_stdfa_ASI_PST16P
-#define vis_pst_32 vis_stdfa_ASI_PST32P
-
-#define vis_st_u8s vis_stdfa_ASI_FL8S
-#define vis_st_u8s_le vis_stdfa_ASI_FL8SL
-#define vis_st_u16s vis_stdfa_ASI_FL16S
-#define vis_st_u16s_le vis_stdfa_ASI_FL16SL
-
-#define vis_ld_u8s vis_lddfa_ASI_FL8S
-#define vis_ld_u8s_le vis_lddfa_ASI_FL8SL
-#define vis_ld_u16s vis_lddfa_ASI_FL16S
-#define vis_ld_u16s_le vis_lddfa_ASI_FL16SL
-
-#define vis_pst_8s vis_stdfa_ASI_PST8S
-#define vis_pst_16s vis_stdfa_ASI_PST16S
-#define vis_pst_32s vis_stdfa_ASI_PST32S
-
-/* "<" and ">=" may be implemented in terms of ">" and "<=". */
-#define vis_fcmplt16(a,b) vis_fcmpgt16((b),(a))
-#define vis_fcmplt32(a,b) vis_fcmpgt32((b),(a))
-#define vis_fcmpge16(a,b) vis_fcmple16((b),(a))
-#define vis_fcmpge32(a,b) vis_fcmple32((b),(a))
-
-#ifdef __cplusplus
-} // End of extern "C"
-#endif /* __cplusplus */
-
-#endif /* VIS_PROTO_H */
diff --git a/security/nss/lib/freebl/os2_rand.c b/security/nss/lib/freebl/os2_rand.c
deleted file mode 100644
index ee1703d57..000000000
--- a/security/nss/lib/freebl/os2_rand.c
+++ /dev/null
@@ -1,330 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define INCL_DOS
-#define INCL_DOSERRORS
-#include <os2.h>
-#include <secrng.h>
-#include <stdlib.h>
-#include <time.h>
-#include <stdio.h>
-#include <sys/stat.h>
-
-static BOOL clockTickTime(unsigned long *phigh, unsigned long *plow)
-{
- APIRET rc = NO_ERROR;
- QWORD qword = {0,0};
-
- rc = DosTmrQueryTime(&qword);
- if (rc != NO_ERROR)
- return FALSE;
-
- *phigh = qword.ulHi;
- *plow = qword.ulLo;
-
- return TRUE;
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbuf)
-{
- unsigned long high = 0;
- unsigned long low = 0;
- clock_t val = 0;
- int n = 0;
- int nBytes = 0;
- time_t sTime;
-
- if (maxbuf <= 0)
- return 0;
-
- clockTickTime(&high, &low);
-
- /* get the maximally changing bits first */
- nBytes = sizeof(low) > maxbuf ? maxbuf : sizeof(low);
- memcpy(buf, &low, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- nBytes = sizeof(high) > maxbuf ? maxbuf : sizeof(high);
- memcpy(((char *)buf) + n, &high, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- /* get the number of milliseconds that have elapsed since application started */
- val = clock();
-
- nBytes = sizeof(val) > maxbuf ? maxbuf : sizeof(val);
- memcpy(((char *)buf) + n, &val, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- /* get the time in seconds since midnight Jan 1, 1970 */
- time(&sTime);
- nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
- memcpy(((char *)buf) + n, &sTime, nBytes);
- n += nBytes;
-
- return n;
-}
-
-static BOOL
-EnumSystemFiles(void (*func)(const char *))
-{
- APIRET rc;
- ULONG sysInfo = 0;
- char bootLetter[2];
- char sysDir[_MAX_PATH] = "";
- char filename[_MAX_PATH];
- HDIR hdir = HDIR_CREATE;
- ULONG numFiles = 1;
- FILEFINDBUF3 fileBuf = {0};
- ULONG buflen = sizeof(FILEFINDBUF3);
-
- if (DosQuerySysInfo(QSV_BOOT_DRIVE, QSV_BOOT_DRIVE, (PVOID)&sysInfo,
- sizeof(ULONG)) == NO_ERROR)
- {
- bootLetter[0] = sysInfo + 'A' -1;
- bootLetter[1] = '\0';
- strcpy(sysDir, bootLetter);
- strcpy(sysDir+1, ":\\OS2\\");
-
- strcpy( filename, sysDir );
- strcat( filename, "*.*" );
- }
-
- rc =DosFindFirst( filename, &hdir, FILE_NORMAL, &fileBuf, buflen,
- &numFiles, FIL_STANDARD );
- if( rc == NO_ERROR )
- {
- do {
- // pass the full pathname to the callback
- sprintf( filename, "%s\\%s", sysDir, fileBuf.achName );
- (*func)(filename);
-
- numFiles = 1;
- rc = DosFindNext( hdir, &fileBuf, buflen, &numFiles );
- if( rc != NO_ERROR && rc != ERROR_NO_MORE_FILES )
- printf( "DosFindNext errod code = %d\n", rc );
- } while ( rc == NO_ERROR );
-
- rc = DosFindClose(hdir);
- if( rc != NO_ERROR )
- printf( "DosFindClose error code = %d", rc );
- }
- else
- printf( "DosFindFirst error code = %d", rc );
-
- return TRUE;
-}
-
-static int dwNumFiles, dwReadEvery;
-
-static void
-CountFiles(const char *file)
-{
- dwNumFiles++;
-}
-
-static void
-ReadFiles(const char *file)
-{
- if ((dwNumFiles % dwReadEvery) == 0)
- RNG_FileForRNG(file);
-
- dwNumFiles++;
-}
-
-static void
-ReadSystemFiles(void)
-{
- // first count the number of files
- dwNumFiles = 0;
- if (!EnumSystemFiles(CountFiles))
- return;
-
- RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
-
- // now read 10 files
- if (dwNumFiles == 0)
- return;
-
- dwReadEvery = dwNumFiles / 10;
- if (dwReadEvery == 0)
- dwReadEvery = 1; // less than 10 files
-
- dwNumFiles = 0;
- EnumSystemFiles(ReadFiles);
-}
-
-void RNG_SystemInfoForRNG(void)
-{
- unsigned long *plong = 0;
- PTIB ptib;
- PPIB ppib;
- APIRET rc = NO_ERROR;
- DATETIME dt;
- COUNTRYCODE cc = {0};
- COUNTRYINFO ci = {0};
- unsigned long actual = 0;
- char path[_MAX_PATH]="";
- char fullpath[_MAX_PATH]="";
- unsigned long pathlength = sizeof(path);
- FSALLOCATE fsallocate;
- FILESTATUS3 fstatus;
- unsigned long defaultdrive = 0;
- unsigned long logicaldrives = 0;
- unsigned long sysInfo[QSV_MAX] = {0};
- char buffer[20];
- int nBytes = 0;
-
- nBytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, nBytes);
-
- /* allocate memory and use address and memory */
- plong = (unsigned long *)malloc(sizeof(*plong));
- RNG_RandomUpdate(&plong, sizeof(plong));
- RNG_RandomUpdate(plong, sizeof(*plong));
- free(plong);
-
- /* process info */
- rc = DosGetInfoBlocks(&ptib, &ppib);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(ptib, sizeof(*ptib));
- RNG_RandomUpdate(ppib, sizeof(*ppib));
- }
-
- /* time */
- rc = DosGetDateTime(&dt);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&dt, sizeof(dt));
- }
-
- /* country */
- rc = DosQueryCtryInfo(sizeof(ci), &cc, &ci, &actual);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&cc, sizeof(cc));
- RNG_RandomUpdate(&ci, sizeof(ci));
- RNG_RandomUpdate(&actual, sizeof(actual));
- }
-
- /* current directory */
- rc = DosQueryCurrentDir(0, path, &pathlength);
- strcat(fullpath, "\\");
- strcat(fullpath, path);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(fullpath, strlen(fullpath));
- // path info
- rc = DosQueryPathInfo(fullpath, FIL_STANDARD, &fstatus, sizeof(fstatus));
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&fstatus, sizeof(fstatus));
- }
- }
-
- /* file system info */
- rc = DosQueryFSInfo(0, FSIL_ALLOC, &fsallocate, sizeof(fsallocate));
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&fsallocate, sizeof(fsallocate));
- }
-
- /* drive info */
- rc = DosQueryCurrentDisk(&defaultdrive, &logicaldrives);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&defaultdrive, sizeof(defaultdrive));
- RNG_RandomUpdate(&logicaldrives, sizeof(logicaldrives));
- }
-
- /* system info */
- rc = DosQuerySysInfo(1L, QSV_MAX, (PVOID)&sysInfo, sizeof(ULONG)*QSV_MAX);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&sysInfo, sizeof(sysInfo));
- }
-
- // now let's do some files
- ReadSystemFiles();
-
- /* more noise */
- nBytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-void RNG_FileForRNG(const char *filename)
-{
- struct stat stat_buf;
- unsigned char buffer[1024];
- FILE *file = 0;
- int nBytes = 0;
- static int totalFileBytes = 0;
-
- if (stat((char *)filename, &stat_buf) < 0)
- return;
-
- RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
-
- file = fopen((char *)filename, "r");
- if (file != NULL)
- {
- for (;;)
- {
- size_t bytes = fread(buffer, 1, sizeof(buffer), file);
-
- if (bytes == 0)
- break;
-
- RNG_RandomUpdate(buffer, bytes);
- totalFileBytes += bytes;
- if (totalFileBytes > 250000)
- break;
- }
- fclose(file);
- }
-
- nBytes = RNG_GetNoise(buffer, 20);
- RNG_RandomUpdate(buffer, nBytes);
-}
diff --git a/security/nss/lib/freebl/pqg.c b/security/nss/lib/freebl/pqg.c
deleted file mode 100644
index dca53e93d..000000000
--- a/security/nss/lib/freebl/pqg.c
+++ /dev/null
@@ -1,667 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PQG parameter generation/verification. Based on FIPS 186-1.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-#include "secitem.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include "secmpi.h"
-
-#define MAX_ITERATIONS 600 /* Maximum number of iterations of primegen */
-#define PQG_Q_PRIMALITY_TESTS 18 /* from HAC table 4.4 */
-#define PQG_P_PRIMALITY_TESTS 5 /* from HAC table 4.4 */
-
- /* XXX to be replaced by define in blapit.h */
-#define BITS_IN_Q 160
-
-/* For FIPS-compliance testing.
-** The following array holds the seed defined in FIPS 186-1 appendix 5.
-** This seed is used to generate P and Q according to appendix 2; use of
-** this seed will exactly generate the PQG specified in appendix 2.
-*/
-#ifdef FIPS_186_1_A5_TEST
-static const unsigned char fips_186_1_a5_pqseed[] = {
- 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8,
- 0xb6, 0x21, 0x1b, 0x40, 0x62, 0xba, 0x32, 0x24,
- 0xe0, 0x42, 0x7d, 0xd3
-};
-#endif
-
-/* Get a seed for generating P and Q. If in testing mode, copy in the
-** seed from FIPS 186-1 appendix 5. Otherwise, obtain bytes from the
-** global random number generator.
-*/
-static SECStatus
-getPQseed(SECItem *seed)
-{
- if (seed->data) {
- PORT_Free(seed->data);
- seed->data = NULL;
- }
- seed->data = (unsigned char*)PORT_ZAlloc(seed->len);
- if (!seed->data) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-#ifdef FIPS_186_1_A5_TEST
- memcpy(seed->data, fips_186_1_a5_pqseed, seed->len);
- return SECSuccess;
-#else
- return RNG_GenerateGlobalRandomBytes(seed->data, seed->len);
-#endif
-}
-
-/* Generate a candidate h value. If in testing mode, use the h value
-** specified in FIPS 186-1 appendix 5, h = 2. Otherwise, obtain bytes
-** from the global random number generator.
-*/
-static SECStatus
-generate_h_candidate(SECItem *hit, mp_int *H)
-{
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
-#ifdef FIPS_186_1_A5_TEST
- memset(hit->data, 0, hit->len);
- hit->data[hit->len-1] = 0x02;
-#else
- rv = RNG_GenerateGlobalRandomBytes(hit->data, hit->len);
-#endif
- if (rv)
- return SECFailure;
- err = mp_read_unsigned_octets(H, hit->data, hit->len);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* Compute SHA[(SEED + addend) mod 2**g]
-** Result is placed in shaOutBuf.
-** This computation is used in steps 2 and 7 of FIPS 186 Appendix 2.2 .
-*/
-static SECStatus
-addToSeedThenSHA(const SECItem * seed,
- unsigned long addend,
- int g,
- unsigned char * shaOutBuf)
-{
- SECItem str = { 0, 0, 0 };
- mp_int s, sum, modulus, tmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&s) = 0;
- MP_DIGITS(&sum) = 0;
- MP_DIGITS(&modulus) = 0;
- MP_DIGITS(&tmp) = 0;
- CHECK_MPI_OK( mp_init(&s) );
- CHECK_MPI_OK( mp_init(&sum) );
- CHECK_MPI_OK( mp_init(&modulus) );
- SECITEM_TO_MPINT(*seed, &s); /* s = seed */
- /* seed += addend */
- if (addend < MP_DIGIT_MAX) {
- CHECK_MPI_OK( mp_add_d(&s, (mp_digit)addend, &s) );
- } else {
- CHECK_MPI_OK( mp_init(&tmp) );
- CHECK_MPI_OK( mp_set_ulong(&tmp, addend) );
- CHECK_MPI_OK( mp_add(&s, &tmp, &s) );
- }
- CHECK_MPI_OK( mp_div_2d(&s, (mp_digit)g, NULL, &sum) );/*sum = s mod 2**g */
- MPINT_TO_SECITEM(&sum, &str, NULL);
- rv = SHA1_HashBuf(shaOutBuf, str.data, str.len); /* SHA1 hash result */
-cleanup:
- mp_clear(&s);
- mp_clear(&sum);
- mp_clear(&modulus);
- mp_clear(&tmp);
- if (str.data)
- SECITEM_ZfreeItem(&str, PR_FALSE);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return rv;
-}
-
-/*
-** Perform steps 2 and 3 of FIPS 186, appendix 2.2.
-** Generate Q from seed.
-*/
-static SECStatus
-makeQfromSeed(
- unsigned int g, /* input. Length of seed in bits. */
-const SECItem * seed, /* input. */
- mp_int * Q) /* output. */
-{
- unsigned char sha1[SHA1_LENGTH];
- unsigned char sha2[SHA1_LENGTH];
- unsigned char U[SHA1_LENGTH];
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
- int i;
- /* ******************************************************************
- ** Step 2.
- ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
- **/
- CHECK_SEC_OK( SHA1_HashBuf(sha1, seed->data, seed->len) );
- CHECK_SEC_OK( addToSeedThenSHA(seed, 1, g, sha2) );
- for (i=0; i<SHA1_LENGTH; ++i)
- U[i] = sha1[i] ^ sha2[i];
- /* ******************************************************************
- ** Step 3.
- ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
- ** and the least signficant bit to 1. In terms of boolean operations,
- ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160."
- */
- U[0] |= 0x80; /* U is MSB first */
- U[SHA1_LENGTH-1] |= 0x01;
- err = mp_read_unsigned_octets(Q, U, SHA1_LENGTH);
-cleanup:
- memset(U, 0, SHA1_LENGTH);
- memset(sha1, 0, SHA1_LENGTH);
- memset(sha2, 0, SHA1_LENGTH);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return rv;
-}
-
-/* Perform steps 7, 8 and 9 of FIPS 186, appendix 2.2.
-** Generate P from Q, seed, L, and offset.
-*/
-static SECStatus
-makePfromQandSeed(
- unsigned int L, /* Length of P in bits. Per FIPS 186. */
- unsigned int offset, /* Per FIPS 186, appendix 2.2. */
- unsigned int g, /* input. Length of seed in bits. */
-const SECItem * seed, /* input. */
-const mp_int * Q, /* input. */
- mp_int * P) /* output. */
-{
- unsigned int k; /* Per FIPS 186, appendix 2.2. */
- unsigned int n; /* Per FIPS 186, appendix 2.2. */
- mp_digit b; /* Per FIPS 186, appendix 2.2. */
- unsigned char V_k[SHA1_LENGTH];
- mp_int W, X, c, twoQ, V_n, tmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- /* Initialize bignums */
- MP_DIGITS(&W) = 0;
- MP_DIGITS(&X) = 0;
- MP_DIGITS(&c) = 0;
- MP_DIGITS(&twoQ) = 0;
- MP_DIGITS(&V_n) = 0;
- MP_DIGITS(&tmp) = 0;
- CHECK_MPI_OK( mp_init(&W) );
- CHECK_MPI_OK( mp_init(&X) );
- CHECK_MPI_OK( mp_init(&c) );
- CHECK_MPI_OK( mp_init(&twoQ) );
- CHECK_MPI_OK( mp_init(&tmp) );
- CHECK_MPI_OK( mp_init(&V_n) );
- /* L - 1 = n*160 + b */
- n = (L - 1) / BITS_IN_Q;
- b = (L - 1) % BITS_IN_Q;
- /* ******************************************************************
- ** Step 7.
- ** "for k = 0 ... n let
- ** V_k = SHA[(SEED + offset + k) mod 2**g]."
- **
- ** Step 8.
- ** "Let W be the integer
- ** W = V_0 + (V_1 * 2**160) + ... + (V_n-1 * 2**((n-1)*160))
- ** + ((V_n mod 2**b) * 2**(n*160))
- */
- for (k=0; k<n; ++k) { /* Do the first n terms of V_k */
- /* Do step 7 for iteration k.
- ** V_k = SHA[(seed + offset + k) mod 2**g]
- */
- CHECK_SEC_OK( addToSeedThenSHA(seed, offset + k, g, V_k) );
- /* Do step 8 for iteration k.
- ** W += V_k * 2**(k*160)
- */
- OCTETS_TO_MPINT(V_k, &tmp, SHA1_LENGTH); /* get bignum V_k */
- CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, k*160) ); /* tmp = V_k << k*160 */
- CHECK_MPI_OK( mp_add(&W, &tmp, &W) ); /* W += tmp */
- }
- /* Step 8, continued.
- ** [W += ((V_n mod 2**b) * 2**(n*160))]
- */
- CHECK_SEC_OK( addToSeedThenSHA(seed, offset + n, g, V_k) );
- OCTETS_TO_MPINT(V_k, &V_n, SHA1_LENGTH); /* get bignum V_n */
- CHECK_MPI_OK( mp_div_2d(&V_n, b, NULL, &tmp) ); /* tmp = V_n mod 2**b */
- CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, n*160) ); /* tmp = tmp << n*160 */
- CHECK_MPI_OK( mp_add(&W, &tmp, &W) ); /* W += tmp */
- /* Step 8, continued.
- ** "and let X = W + 2**(L-1).
- ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
- */
- CHECK_MPI_OK( mpl_set_bit(&X, (mp_size)(L-1), 1) ); /* X = 2**(L-1) */
- CHECK_MPI_OK( mp_add(&X, &W, &X) ); /* X += W */
- /*************************************************************
- ** Step 9.
- ** "Let c = X mod 2q and set p = X - (c - 1).
- ** Note that p is congruent to 1 mod 2q."
- */
- CHECK_MPI_OK( mp_mul_2(Q, &twoQ) ); /* 2q */
- CHECK_MPI_OK( mp_mod(&X, &twoQ, &c) ); /* c = X mod 2q */
- CHECK_MPI_OK( mp_sub_d(&c, 1, &c) ); /* c -= 1 */
- CHECK_MPI_OK( mp_sub(&X, &c, P) ); /* P = X - c */
-cleanup:
- mp_clear(&W);
- mp_clear(&X);
- mp_clear(&c);
- mp_clear(&twoQ);
- mp_clear(&V_n);
- mp_clear(&tmp);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return rv;
-}
-
-/*
-** Generate G from h, P, and Q.
-*/
-static SECStatus
-makeGfromH(const mp_int *P, /* input. */
- const mp_int *Q, /* input. */
- mp_int *H, /* input and output. */
- mp_int *G, /* output. */
- PRBool *passed)
-{
- mp_int exp, pm1;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- *passed = PR_FALSE;
- MP_DIGITS(&exp) = 0;
- MP_DIGITS(&pm1) = 0;
- CHECK_MPI_OK( mp_init(&exp) );
- CHECK_MPI_OK( mp_init(&pm1) );
- CHECK_MPI_OK( mp_sub_d(P, 1, &pm1) ); /* P - 1 */
- if ( mp_cmp(H, &pm1) > 0) /* H = H mod (P-1) */
- CHECK_MPI_OK( mp_sub(H, &pm1, H) );
- /* Let b = 2**n (smallest power of 2 greater than P).
- ** Since P-1 >= b/2, and H < b, quotient(H/(P-1)) = 0 or 1
- ** so the above operation safely computes H mod (P-1)
- */
- /* Check for H = to 0 or 1. Regen H if so. (Regen means return error). */
- if (mp_cmp_d(H, 1) <= 0) {
- rv = SECFailure;
- goto cleanup;
- }
- /* Compute G, according to the equation G = (H ** ((P-1)/Q)) mod P */
- CHECK_MPI_OK( mp_div(&pm1, Q, &exp, NULL) ); /* exp = (P-1)/Q */
- CHECK_MPI_OK( mp_exptmod(H, &exp, P, G) ); /* G = H ** exp mod P */
- /* Check for G == 0 or G == 1, return error if so. */
- if (mp_cmp_d(G, 1) <= 0) {
- rv = SECFailure;
- goto cleanup;
- }
- *passed = PR_TRUE;
-cleanup:
- mp_clear(&exp);
- mp_clear(&pm1);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
- unsigned int L; /* Length of P in bits. Per FIPS 186. */
- unsigned int seedBytes;
-
- if (j > 8 || !pParams || !pVfy) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- L = 512 + (j * 64); /* bits in P */
- seedBytes = L/8;
- return PQG_ParamGenSeedLen(j, seedBytes, pParams, pVfy);
-}
-
-/* This code uses labels and gotos, so that it can follow the numbered
-** steps in the algorithms from FIPS 186 appendix 2.2 very closely,
-** and so that the correctness of this code can be easily verified.
-** So, please forgive the ugly c code.
-**/
-SECStatus
-PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes,
- PQGParams **pParams, PQGVerify **pVfy)
-{
- unsigned int L; /* Length of P in bits. Per FIPS 186. */
- unsigned int n; /* Per FIPS 186, appendix 2.2. */
- unsigned int b; /* Per FIPS 186, appendix 2.2. */
- unsigned int g; /* Per FIPS 186, appendix 2.2. */
- unsigned int counter; /* Per FIPS 186, appendix 2.2. */
- unsigned int offset; /* Per FIPS 186, appendix 2.2. */
- SECItem *seed; /* Per FIPS 186, appendix 2.2. */
- PRArenaPool *arena = NULL;
- PQGParams *params = NULL;
- PQGVerify *verify = NULL;
- PRBool passed;
- SECItem hit = { 0, 0, 0 };
- mp_int P, Q, G, H, l;
- mp_err err = MP_OKAY;
- SECStatus rv = SECFailure;
- int iterations = 0;
- if (j > 8 || !pParams || !pVfy) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* Initialize an arena for the params. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- if (!params) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
- params->arena = arena;
- /* Initialize an arena for the verify. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(params->arena, PR_TRUE);
- return SECFailure;
- }
- verify = (PQGVerify *)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
- if (!verify) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- PORT_FreeArena(params->arena, PR_TRUE);
- return SECFailure;
- }
- verify->arena = arena;
- seed = &verify->seed;
- arena = NULL;
- /* Initialize bignums */
- MP_DIGITS(&P) = 0;
- MP_DIGITS(&Q) = 0;
- MP_DIGITS(&G) = 0;
- MP_DIGITS(&H) = 0;
- MP_DIGITS(&l) = 0;
- CHECK_MPI_OK( mp_init(&P) );
- CHECK_MPI_OK( mp_init(&Q) );
- CHECK_MPI_OK( mp_init(&G) );
- CHECK_MPI_OK( mp_init(&H) );
- CHECK_MPI_OK( mp_init(&l) );
- /* Compute lengths. */
- L = 512 + (j * 64); /* bits in P */
- n = (L - 1) / BITS_IN_Q; /* BITS_IN_Q is 160 */
- b = (L - 1) % BITS_IN_Q;
- g = seedBytes * BITS_PER_BYTE; /* bits in seed, NOT G of PQG. */
-step_1:
- /* ******************************************************************
- ** Step 1.
- ** "Choose an abitrary sequence of at least 160 bits and call it SEED.
- ** Let g be the length of SEED in bits."
- */
- if (++iterations > MAX_ITERATIONS) { /* give up after a while */
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- goto cleanup;
- }
- seed->len = seedBytes;
- CHECK_SEC_OK( getPQseed(seed) );
- /* ******************************************************************
- ** Step 2.
- ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
- **
- ** Step 3.
- ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
- ** and the least signficant bit to 1. In terms of boolean operations,
- ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160."
- */
- CHECK_SEC_OK( makeQfromSeed(g, seed, &Q) );
- /* ******************************************************************
- ** Step 4.
- ** "Use a robust primality testing algorithm to test whether q is prime."
- **
- ** Appendix 2.1 states that a Rabin test with at least 50 iterations
- ** "will give an acceptable probability of error."
- */
- /*CHECK_SEC_OK( prm_RabinTest(&Q, &passed) );*/
- err = mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS);
- passed = (err == MP_YES) ? SECSuccess : SECFailure;
- /* ******************************************************************
- ** Step 5. "If q is not prime, goto step 1."
- */
- if (passed != SECSuccess)
- goto step_1;
- /* ******************************************************************
- ** Step 6. "Let counter = 0 and offset = 2."
- */
- counter = 0;
- offset = 2;
-step_7:
- /* ******************************************************************
- ** Step 7.
- ** "for k = 0 ... n let
- ** V_k = SHA[(SEED + offset + k) mod 2**g]."
- **
- ** Step 8.
- ** "Let W be the sum of (V_k * 2**(k*160)) for k = 0 ... n
- ** and let X = W + 2**(L-1).
- ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
- **
- ** Step 9.
- ** "Let c = X mod 2q and set p = X - (c - 1).
- ** Note that p is congruent to 1 mod 2q."
- */
- CHECK_SEC_OK( makePfromQandSeed(L, offset, g, seed, &Q, &P) );
- /*************************************************************
- ** Step 10.
- ** "if p < 2**(L-1), then goto step 13."
- */
- CHECK_MPI_OK( mpl_set_bit(&l, (mp_size)(L-1), 1) ); /* l = 2**(L-1) */
- if (mp_cmp(&P, &l) < 0)
- goto step_13;
- /************************************************************
- ** Step 11.
- ** "Perform a robust primality test on p."
- */
- /*CHECK_SEC_OK( prm_RabinTest(&P, &passed) );*/
- err = mpp_pprime(&P, PQG_P_PRIMALITY_TESTS);
- passed = (err == MP_YES) ? SECSuccess : SECFailure;
- /* ******************************************************************
- ** Step 12. "If p passes the test performed in step 11, go to step 15."
- */
- if (passed == SECSuccess)
- goto step_15;
-step_13:
- /* ******************************************************************
- ** Step 13. "Let counter = counter + 1 and offset = offset + n + 1."
- */
- counter++;
- offset += n + 1;
- /* ******************************************************************
- ** Step 14. "If counter >= 4096 goto step 1, otherwise go to step 7."
- */
- if (counter >= 4096)
- goto step_1;
- goto step_7;
-step_15:
- /* ******************************************************************
- ** Step 15.
- ** "Save the value of SEED and the value of counter for use
- ** in certifying the proper generation of p and q."
- */
- /* Generate h. */
- SECITEM_AllocItem(NULL, &hit, seedBytes); /* h is no longer than p */
- if (!hit.data) goto cleanup;
- do {
- /* loop generate h until 1<h<p-1 and (h**[(p-1)/q])mod p > 1 */
- CHECK_SEC_OK( generate_h_candidate(&hit, &H) );
- CHECK_SEC_OK( makeGfromH(&P, &Q, &H, &G, &passed) );
- } while (passed != PR_TRUE);
- /* All generation is done. Now, save the PQG params. */
- MPINT_TO_SECITEM(&P, &params->prime, params->arena);
- MPINT_TO_SECITEM(&Q, &params->subPrime, params->arena);
- MPINT_TO_SECITEM(&G, &params->base, params->arena);
- MPINT_TO_SECITEM(&H, &verify->h, verify->arena);
- verify->counter = counter;
- *pParams = params;
- *pVfy = verify;
-cleanup:
- mp_clear(&P);
- mp_clear(&Q);
- mp_clear(&G);
- mp_clear(&H);
- mp_clear(&l);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- if (rv) {
- PORT_FreeArena(params->arena, PR_TRUE);
- PORT_FreeArena(verify->arena, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result)
-{
- SECStatus rv = SECSuccess;
- int passed;
- unsigned int g, n, L, offset;
- mp_int P, Q, G, P_, Q_, G_, r, h;
- mp_err err = MP_OKAY;
- int j;
-#define CHECKPARAM(cond) \
- if (!(cond)) { \
- *result = SECFailure; \
- goto cleanup; \
- }
- if (!params || !vfy || !result) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&P) = 0;
- MP_DIGITS(&Q) = 0;
- MP_DIGITS(&G) = 0;
- MP_DIGITS(&P_) = 0;
- MP_DIGITS(&Q_) = 0;
- MP_DIGITS(&G_) = 0;
- MP_DIGITS(&r) = 0;
- MP_DIGITS(&h) = 0;
- CHECK_MPI_OK( mp_init(&P) );
- CHECK_MPI_OK( mp_init(&Q) );
- CHECK_MPI_OK( mp_init(&G) );
- CHECK_MPI_OK( mp_init(&P_) );
- CHECK_MPI_OK( mp_init(&Q_) );
- CHECK_MPI_OK( mp_init(&G_) );
- CHECK_MPI_OK( mp_init(&r) );
- CHECK_MPI_OK( mp_init(&h) );
- *result = SECSuccess;
- SECITEM_TO_MPINT(params->prime, &P);
- SECITEM_TO_MPINT(params->subPrime, &Q);
- SECITEM_TO_MPINT(params->base, &G);
- /* 1. Q is 160 bits long. */
- CHECKPARAM( mpl_significant_bits(&Q) == 160 );
- /* 2. P is one of the 9 valid lengths. */
- L = mpl_significant_bits(&P);
- j = PQG_PBITS_TO_INDEX(L);
- CHECKPARAM( j >= 0 && j <= 8 );
- /* 3. G < P */
- CHECKPARAM( mp_cmp(&G, &P) < 0 );
- /* 4. P % Q == 1 */
- CHECK_MPI_OK( mp_mod(&P, &Q, &r) );
- CHECKPARAM( mp_cmp_d(&r, 1) == 0 );
- /* 5. Q is prime */
- CHECKPARAM( mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS) == MP_YES );
- /* 6. P is prime */
- CHECKPARAM( mpp_pprime(&P, PQG_P_PRIMALITY_TESTS) == MP_YES );
- /* Steps 7-12 are done only if the optional PQGVerify is supplied. */
- if (!vfy) goto cleanup;
- /* 7. counter < 4096 */
- CHECKPARAM( vfy->counter < 4096 );
- /* 8. g >= 160 and g < 2048 (g is length of seed in bits) */
- g = vfy->seed.len * 8;
- CHECKPARAM( g >= 160 && g < 2048 );
- /* 9. Q generated from SEED matches Q in PQGParams. */
- CHECK_SEC_OK( makeQfromSeed(g, &vfy->seed, &Q_) );
- CHECKPARAM( mp_cmp(&Q, &Q_) == 0 );
- /* 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams. */
- n = (L - 1) / BITS_IN_Q;
- offset = vfy->counter * (n + 1) + 2;
- CHECK_SEC_OK( makePfromQandSeed(L, offset, g, &vfy->seed, &Q, &P_) );
- CHECKPARAM( mp_cmp(&P, &P_) == 0 );
- /* Next two are optional: if h == 0 ignore */
- if (vfy->h.len == 0) goto cleanup;
- /* 11. 1 < h < P-1 */
- SECITEM_TO_MPINT(vfy->h, &h);
- CHECK_MPI_OK( mpl_set_bit(&P, 0, 0) ); /* P is prime, p-1 == zero 1st bit */
- CHECKPARAM( mp_cmp_d(&h, 1) > 0 && mp_cmp(&h, &P) );
- CHECK_MPI_OK( mpl_set_bit(&P, 0, 1) ); /* set it back */
- /* 12. G generated from h matches G in PQGParams. */
- CHECK_SEC_OK( makeGfromH(&P, &Q, &h, &G_, &passed) );
- CHECKPARAM( passed && mp_cmp(&G, &G_) == 0 );
-cleanup:
- mp_clear(&P);
- mp_clear(&Q);
- mp_clear(&G);
- mp_clear(&P_);
- mp_clear(&Q_);
- mp_clear(&G_);
- mp_clear(&r);
- mp_clear(&h);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-
diff --git a/security/nss/lib/freebl/prng_fips1861.c b/security/nss/lib/freebl/prng_fips1861.c
deleted file mode 100644
index 3c34ca83b..000000000
--- a/security/nss/lib/freebl/prng_fips1861.c
+++ /dev/null
@@ -1,511 +0,0 @@
-/*
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "nssilock.h"
-#include "secitem.h"
-#include "sha_fast.h"
-#include "secrng.h" /* for RNG_GetNoise() */
-
-/*
- * The minimum amount of seed data required before the generator will
- * provide data.
- * Note that this is a measure of the number of bytes sent to
- * RNG_RandomUpdate, not the actual amount of entropy present in the
- * generator. Naturally, it is impossible to know (at this level) just
- * how much entropy is present in the provided seed data. A bare minimum
- * of entropy would be 20 bytes, so by requiring 1K this code is making
- * the tacit assumption that at least 1 byte of pure entropy is provided
- * with every 8 bytes supplied to RNG_RandomUpdate. The reality of this
- * assumption is left up to the caller.
- */
-#define MIN_SEED_COUNT 1024
-
-/*
- * Steps taken from FIPS 186-1 Appendix 3.1
- */
-
-/*
- * According to FIPS 186-1, 160 <= b <= 512
- * For our purposes, we will assume b == 160
- */
-#define FIPS_B 160
-#define BSIZE FIPS_B / BITS_PER_BYTE
-
-/*
- * Add two 160-bit numbers represented as arrays of 20 bytes.
- * The numbers are big-endian, MSB first, so addition is done
- * from the end of the buffer to the beginning.
- */
-#define ADD_160BIT_PLUS_CARRY(dest, add1, add2, cy) \
- carry = cy; \
- for (i=BSIZE-1; i>=0; --i) { \
- carry += add1[i] + add2[i]; \
- dest[i] = (PRUint8)carry; \
- carry >>= 8; \
- }
-
-#define ADD_160BIT_2(dest, add1, add2) \
- ADD_160BIT_PLUS_CARRY(dest, add1, add2, 0)
-
-
-/*
- * FIPS requires result from Step 3c to be reduced mod q when generating
- * random numbers for DSA.
- * by definition q >= 2^159 + 1, thus xj < 2q
- * thus reducing mod q is simple subtraction when xj > q
- */
-#define dsa_reduce_mod_q(xj, q) \
- PORT_Assert(q[0] >= 0x80); \
- if (memcmp(xj,q,BSIZE) > 0) { \
- carry = 0; \
- for (i=BSIZE-1; i>=0; --i) { \
- carry += (signed int)xj[i] - (signed int)q[i]; \
- xj[i] = (PRUint8)carry; \
- carry >>= 8; \
- } \
- }
-
-/*
- * Specialized SHA1-like function. This function appends zeroes to a
- * single input block and runs a single instance of the compression function,
- * as specified in FIPS 186-1 appendix 3.3.
- */
-void
-RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx,
- unsigned char *input, unsigned int inputLen,
- unsigned char *hashout, unsigned int *pDigestLen,
- unsigned int maxDigestLen);
-
-/*
- * Global RNG context
- */
-struct RNGContextStr {
- PRUint8 XKEY[BSIZE]; /* Seed for next SHA iteration */
- PRUint8 Xj[BSIZE]; /* Output from previous operation */
- PZLock *lock; /* Lock to serialize access to global rng */
- PRUint8 avail; /* # bytes of output available, [0...20] */
- PRUint32 seedCount; /* number of seed bytes given to generator */
- PRBool isValid; /* false if RNG reaches an invalid state */
-};
-typedef struct RNGContextStr RNGContext;
-static RNGContext *globalrng = NULL;
-
-/*
- * Free the global RNG context
- */
-static void
-freeRNGContext()
-{
- PZ_DestroyLock(globalrng->lock);
- PORT_ZFree(globalrng, sizeof *globalrng);
- globalrng = NULL;
-}
-
-/*
- * Implementation of the algorithm in FIPS 186-1 appendix 3.1, heretofore
- * called alg3_1(). It is assumed a lock for the global rng context has
- * already been acquired.
- * Calling this function with XSEEDj == NULL is equivalent to saying there
- * is no optional user input, which is further equivalent to saying that
- * the optional user input is 0.
- */
-static SECStatus
-alg_fips186_1_x3_1(RNGContext *rng,
- const unsigned char *XSEEDj, unsigned char *q)
-{
- /* SHA1 context for G(t, XVAL) function */
- SHA1Context sha1cx;
- /* input to hash function */
- PRUint8 XVAL[BSIZE];
- /* store a copy of the output to compare with the previous output */
- PRUint8 x_j[BSIZE];
- /* used by ADD_160BIT macros */
- int i, carry;
- unsigned int len;
- if (!rng->isValid) {
- /* RNG has alread entered an invalid state. */
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /*
- * <Step 2> Initialize t, taken care of in SHA-1 (same initial values)
- */
- SHA1_Begin(&sha1cx);
- /*
- * <Step 3a> XSEEDj is optional user input
- *
- * <Step 3b> XVAL = (XKEY + XSEEDj) mod 2^b
- * :always reduced mod 2^b, since storing as 160-bit value
- */
- if (XSEEDj) {
- /* XSEEDj > 0 */
- ADD_160BIT_2(XVAL, rng->XKEY, XSEEDj);
- } else {
- /* XSEEDj == 0 */
- memcpy(XVAL, rng->XKEY, BSIZE);
- }
- /*
- * <Step 3c> Xj = G(t, XVAL) mod q
- * :In this code, (mod q) is only understood for DSA ops,
- * :not general RNG (what would q be in non-DSA uses?).
- * :If a q is specified, use it.
- * :FIPS 186-1 specifies a different padding than the SHA1 180-1
- * :specification, this function is implemented below.
- */
- RNG_UpdateAndEnd_FIPS186_1(&sha1cx, XVAL, BSIZE, x_j, &len, BSIZE);
- if (q != NULL) {
- dsa_reduce_mod_q(x_j, q);
- }
- /* [FIPS 140-1] verify output does not match previous output */
- if (memcmp(x_j, rng->Xj, BSIZE) == 0) {
- /* failed FIPS 140-1 continuous RNG condition. RNG now invalid. */
- rng->isValid = PR_FALSE;
- return SECFailure;
- }
- /* Xj is the output */
- memcpy(rng->Xj, x_j, BSIZE);
- /*
- * <Step 3d> XKEY = (1 + XKEY + Xj) mod 2^b
- * :always reduced mod 2^b, since storing as 160-bit value
- */
- ADD_160BIT_PLUS_CARRY(rng->XKEY, rng->XKEY, x_j, 1);
- /* Always have a full buffer after executing alg3_1() */
- rng->avail = BSIZE;
- /* housekeeping */
- memset(x_j, 0, BSIZE);
- memset(XVAL, 0, BSIZE);
- return SECSuccess;
-}
-
-/* Use NSPR to prevent RNG_RNGInit from being called from separate
- * threads, creating a race condition.
- */
-static PRCallOnceType coRNGInit = { 0, 0, 0 };
-static PRStatus rng_init(void)
-{
- unsigned char bytes[120];
- unsigned int numBytes;
- if (globalrng == NULL) {
- /* create a new global RNG context */
- globalrng = (RNGContext *)PORT_ZAlloc(sizeof(RNGContext));
- if (globalrng == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return PR_FAILURE;
- }
- /* create a lock for it */
- globalrng->lock = PZ_NewLock(nssILockOther);
- if (globalrng->lock == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return PR_FAILURE;
- }
- /* the RNG is in a valid state */
- globalrng->isValid = PR_TRUE;
- /* Try to get some seed data for the RNG */
- numBytes = RNG_GetNoise(bytes, sizeof bytes);
- RNG_RandomUpdate(bytes, numBytes);
- }
- return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE;
-}
-
-/*
- * Initialize the global RNG context and give it some seed input taken
- * from the system. This function is thread-safe and will only allow
- * the global context to be initialized once. The seed input is likely
- * small, so it is imperative that RNG_RandomUpdate() be called with
- * additional seed data before the generator is used. A good way to
- * provide the generator with additional entropy is to call
- * RNG_SystemInfoForRNG(). Note that NSS_Init() does exactly that.
- */
-SECStatus
-RNG_RNGInit(void)
-{
- /* Allow only one call to initialize the context */
- PR_CallOnce(&coRNGInit, rng_init);
- /* Make sure there is a context */
- return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE;
-}
-
-/*
-** Update the global random number generator with more seeding
-** material
-*/
-SECStatus
-prng_RandomUpdate(RNGContext *rng, const void *data, size_t bytes,
- unsigned char *q)
-{
- SECStatus rv = SECSuccess;
- unsigned char inputhash[BSIZE];
- /* check for a valid global RNG context */
- PORT_Assert(rng != NULL);
- if (rng == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* RNG_SystemInfoForRNG() sometimes does this, not really an error */
- if (bytes == 0)
- return SECSuccess;
- /* If received 20 bytes of input, use it, else hash the input before
- * locking.
- */
- if (bytes == BSIZE)
- memcpy(inputhash, data, BSIZE);
- else
- rv = SHA1_HashBuf(inputhash, data, bytes);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* --- LOCKED --- */
- PZ_Lock(rng->lock);
- /*
- * Random information is initially supplied by a call to
- * RNG_SystemInfoForRNG(). That function collects entropy from
- * the system and calls RNG_RandomUpdate() to seed the generator.
- * FIPS 186-1 3.1 step 1 specifies that a secret value for the
- * seed-key must be chosen before the generator can begin. The
- * size of XKEY is b-bytes, so fill it with the first b-bytes
- * sent to RNG_RandomUpdate().
- */
- if (rng->seedCount == 0) {
- /* This is the first call to RandomUpdate(). Use a SHA1 hash
- * of the input to set the seed, XKEY.
- *
- * <Step 1> copy seed bytes into context's XKEY
- */
- memcpy(rng->XKEY, inputhash, BSIZE);
- /*
- * Now continue with algorithm. Since the input was used to
- * initialize XKEY, the "optional user input" at this stage
- * will be a pad of zeros, XSEEDj = 0.
- */
- rv = alg_fips186_1_x3_1(rng, NULL, q);
- /* As per FIPS 140-1 continuous RNG requirement, the first
- * iteration of output is discarded. So here there is really
- * no output available. This forces another execution of alg3_1()
- * before any bytes can be extracted from the generator.
- */
- rng->avail = 0;
- } else {
- /* Execute the algorithm from FIPS 186-1 appendix 3.1 */
- rv = alg_fips186_1_x3_1(rng, inputhash, q);
- }
- /* If got this far, have added bytes of seed data. */
- rng->seedCount += bytes;
- PZ_Unlock(rng->lock);
- /* --- UNLOCKED --- */
- /* housekeeping */
- memset(inputhash, 0, BSIZE);
- return rv;
-}
-
-/*
-** Update the global random number generator with more seeding
-** material. Not DSA, so no q.
-*/
-SECStatus
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
- return prng_RandomUpdate(globalrng, data, bytes, NULL);
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.
-*/
-SECStatus
-prng_GenerateGlobalRandomBytes(RNGContext *rng,
- void *dest, size_t len, unsigned char *q)
-{
- PRUint8 num;
- SECStatus rv = SECSuccess;
- unsigned char *output = dest;
- /* check for a valid global RNG context */
- PORT_Assert(rng != NULL);
- if (rng == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* --- LOCKED --- */
- PZ_Lock(rng->lock);
- /* Check the amount of seed data in the generator. If not enough,
- * don't produce any data.
- */
- if (rng->seedCount < MIN_SEED_COUNT) {
- PZ_Unlock(rng->lock);
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- return SECFailure;
- }
- /*
- * If there are enough bytes of random data, send back Xj,
- * else call alg3_1() with 0's to generate more random data.
- */
- while (len > 0) {
- if (rng->avail == 0)
- /* All available bytes are used, so generate more. */
- rv = alg_fips186_1_x3_1(rng, NULL, q);
- /* number of bytes to obtain on this iteration (max of 20) */
- num = PR_MIN(rng->avail, len);
- /* if avail < BSIZE, the first avail bytes have already been used. */
- memcpy(output, rng->Xj + (BSIZE - rng->avail), num);
- rng->avail -= num;
- len -= num;
- output += num;
- }
- PZ_Unlock(rng->lock);
- /* --- UNLOCKED --- */
- return rv;
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object. Not DSA, so no q.
-*/
-SECStatus
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
- return prng_GenerateGlobalRandomBytes(globalrng, dest, len, NULL);
-}
-
-void
-RNG_RNGShutdown(void)
-{
- /* check for a valid global RNG context */
- PORT_Assert(globalrng != NULL);
- if (globalrng == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- /* clear */
- freeRNGContext();
- /* zero the callonce struct to allow a new call to RNG_RNGInit() */
- memset(&coRNGInit, 0, sizeof coRNGInit);
-}
-
-/*
- * SHA: Generate hash value from context
- * Specialized function for PRNG
- * The PRNG specified in FIPS 186-1 3.3 uses a function, G,
- * which has the same initialization and compression functions
- * as SHA1 180-1, but uses different padding. FIPS 186-1 3.3
- * specifies that the message be padded with 0's until the size
- * reaches 512 bits.
- */
-void
-RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx,
- unsigned char *input, unsigned int inputLen,
- unsigned char *hashout, unsigned int *pDigestLen,
- unsigned int maxDigestLen)
-{
- register PRUint32 A;
- static const unsigned char bulk_pad0[64] = { 0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
-
- PORT_Assert(maxDigestLen >= SHA1_LENGTH);
- PORT_Assert(inputLen <= SHA1_INPUT_LEN);
-
- /*
- * Add the input
- */
- SHA1_Update(ctx, input, inputLen);
- /*
- * Pad with zeroes
- * This will fill the input block and cause the compression function
- * to be called.
- */
- SHA1_Update(ctx, bulk_pad0, SHA1_INPUT_LEN - inputLen);
-
- /*
- * Output hash
- */
-#if defined(IS_LITTLE_ENDIAN)
- SHA_BYTESWAP(ctx->H[0]);
- SHA_BYTESWAP(ctx->H[1]);
- SHA_BYTESWAP(ctx->H[2]);
- SHA_BYTESWAP(ctx->H[3]);
- SHA_BYTESWAP(ctx->H[4]);
-#endif
- memcpy(hashout, ctx->H, SHA1_LENGTH);
- *pDigestLen = SHA1_LENGTH;
-
- /*
- * Re-initialize the context (also zeroizes contents)
- */
- SHA1_Begin(ctx);
-}
-
-/*
- * Specialized RNG for DSA
- *
- * As per FIPS 186-1 appendix 3.1, in step 5 the value Xj should
- * be reduced mod q, a 160-bit prime number. Since this parameter is
- * only meaningful in the context of DSA, the above RNG functions
- * were implemented without it. They are re-implemented below for use
- * with DSA.
- *
- */
-
-/*
-** Update the global random number generator with more seeding
-** material. DSA needs a q parameter.
-*/
-SECStatus
-DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q)
-{
- if( q && (*q == 0) ) {
- ++q;
- }
- return prng_RandomUpdate(globalrng, data, bytes, q);
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object. In DSA mode, so there is a q.
-*/
-SECStatus
-DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q)
-{
- if( q && (*q == 0) ) {
- ++q;
- }
- return prng_GenerateGlobalRandomBytes(globalrng, dest, len, q);
-}
diff --git a/security/nss/lib/freebl/rijndael.c b/security/nss/lib/freebl/rijndael.c
deleted file mode 100644
index 261a91a48..000000000
--- a/security/nss/lib/freebl/rijndael.c
+++ /dev/null
@@ -1,1137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prinit.h"
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-#include "rijndael.h"
-
-/*
- * There are currently five ways to build this code, varying in performance
- * and code size.
- *
- * RIJNDAEL_INCLUDE_TABLES Include all tables from rijndael32.tab
- * RIJNDAEL_GENERATE_TABLES Generate tables on first
- * encryption/decryption, then store them;
- * use the function gfm
- * RIJNDAEL_GENERATE_TABLES_MACRO Same as above, but use macros to do
- * the generation
- * RIJNDAEL_GENERATE_VALUES Do not store tables, generate the table
- * values "on-the-fly", using gfm
- * RIJNDAEL_GENERATE_VALUES_MACRO Same as above, but use macros
- *
- * The default is RIJNDAEL_INCLUDE_TABLES.
- */
-
-/*
- * When building RIJNDAEL_INCLUDE_TABLES, includes S**-1, Rcon, T[0..4],
- * T**-1[0..4], IMXC[0..4]
- * When building anything else, includes S, S**-1, Rcon
- */
-#include "rijndael32.tab"
-
-#if defined(RIJNDAEL_INCLUDE_TABLES)
-/*
- * RIJNDAEL_INCLUDE_TABLES
- */
-#define T0(i) _T0[i]
-#define T1(i) _T1[i]
-#define T2(i) _T2[i]
-#define T3(i) _T3[i]
-#define TInv0(i) _TInv0[i]
-#define TInv1(i) _TInv1[i]
-#define TInv2(i) _TInv2[i]
-#define TInv3(i) _TInv3[i]
-#define IMXC0(b) _IMXC0[b]
-#define IMXC1(b) _IMXC1[b]
-#define IMXC2(b) _IMXC2[b]
-#define IMXC3(b) _IMXC3[b]
-/* The S-box can be recovered from the T-tables */
-#ifdef IS_LITTLE_ENDIAN
-#define SBOX(b) ((PRUint8)_T3[b])
-#else
-#define SBOX(b) ((PRUint8)_T1[b])
-#endif
-#define SINV(b) (_SInv[b])
-
-#else /* not RIJNDAEL_INCLUDE_TABLES */
-
-/*
- * Code for generating T-table values.
- */
-
-#ifdef IS_LITTLE_ENDIAN
-#define WORD4(b0, b1, b2, b3) \
- (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | (b0))
-#else
-#define WORD4(b0, b1, b2, b3) \
- (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | (b3))
-#endif
-
-/*
- * Define the S and S**-1 tables (both have been stored)
- */
-#define SBOX(b) (_S[b])
-#define SINV(b) (_SInv[b])
-
-/*
- * The function xtime, used for Galois field multiplication
- */
-#define XTIME(a) \
- ((a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1))
-
-/* Choose GFM method (macros or function) */
-#if defined(RIJNDAEL_GENERATE_TABLES_MACRO) || \
- defined(RIJNDAEL_GENERATE_VALUES_MACRO)
-
-/*
- * Galois field GF(2**8) multipliers, in macro form
- */
-#define GFM01(a) \
- (a) /* a * 01 = a, the identity */
-#define GFM02(a) \
- (XTIME(a) & 0xff) /* a * 02 = xtime(a) */
-#define GFM04(a) \
- (GFM02(GFM02(a))) /* a * 04 = xtime**2(a) */
-#define GFM08(a) \
- (GFM02(GFM04(a))) /* a * 08 = xtime**3(a) */
-#define GFM03(a) \
- (GFM01(a) ^ GFM02(a)) /* a * 03 = a * (01 + 02) */
-#define GFM09(a) \
- (GFM01(a) ^ GFM08(a)) /* a * 09 = a * (01 + 08) */
-#define GFM0B(a) \
- (GFM01(a) ^ GFM02(a) ^ GFM08(a)) /* a * 0B = a * (01 + 02 + 08) */
-#define GFM0D(a) \
- (GFM01(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0D = a * (01 + 04 + 08) */
-#define GFM0E(a) \
- (GFM02(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0E = a * (02 + 04 + 08) */
-
-#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_VALUES */
-
-/* GF_MULTIPLY
- *
- * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
- */
-PRUint8 gfm(PRUint8 a, PRUint8 b)
-{
- PRUint8 res = 0;
- while (b > 0) {
- res = (b & 0x01) ? res ^ a : res;
- a = XTIME(a);
- b >>= 1;
- }
- return res;
-}
-
-#define GFM01(a) \
- (a) /* a * 01 = a, the identity */
-#define GFM02(a) \
- (XTIME(a) & 0xff) /* a * 02 = xtime(a) */
-#define GFM03(a) \
- (gfm(a, 0x03)) /* a * 03 */
-#define GFM09(a) \
- (gfm(a, 0x09)) /* a * 09 */
-#define GFM0B(a) \
- (gfm(a, 0x0B)) /* a * 0B */
-#define GFM0D(a) \
- (gfm(a, 0x0D)) /* a * 0D */
-#define GFM0E(a) \
- (gfm(a, 0x0E)) /* a * 0E */
-
-#endif /* choosing GFM function */
-
-/*
- * The T-tables
- */
-#define G_T0(i) \
- ( WORD4( GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)) ) )
-#define G_T1(i) \
- ( WORD4( GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)) ) )
-#define G_T2(i) \
- ( WORD4( GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)) ) )
-#define G_T3(i) \
- ( WORD4( GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)) ) )
-
-/*
- * The inverse T-tables
- */
-#define G_TInv0(i) \
- ( WORD4( GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)) ) )
-#define G_TInv1(i) \
- ( WORD4( GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)) ) )
-#define G_TInv2(i) \
- ( WORD4( GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)) ) )
-#define G_TInv3(i) \
- ( WORD4( GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)) ) )
-
-/*
- * The inverse mix column tables
- */
-#define G_IMXC0(i) \
- ( WORD4( GFM0E(i), GFM09(i), GFM0D(i), GFM0B(i) ) )
-#define G_IMXC1(i) \
- ( WORD4( GFM0B(i), GFM0E(i), GFM09(i), GFM0D(i) ) )
-#define G_IMXC2(i) \
- ( WORD4( GFM0D(i), GFM0B(i), GFM0E(i), GFM09(i) ) )
-#define G_IMXC3(i) \
- ( WORD4( GFM09(i), GFM0D(i), GFM0B(i), GFM0E(i) ) )
-
-/* Now choose the T-table indexing method */
-#if defined(RIJNDAEL_GENERATE_VALUES)
-/* generate values for the tables with a function*/
-static PRUint32 gen_TInvXi(PRUint8 tx, PRUint8 i)
-{
- PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
- si01 = SINV(i);
- si02 = XTIME(si01);
- si04 = XTIME(si02);
- si08 = XTIME(si04);
- si03 = si02 ^ si01;
- si09 = si08 ^ si01;
- si0B = si08 ^ si03;
- si0D = si09 ^ si04;
- si0E = si08 ^ si04 ^ si02;
- switch (tx) {
- case 0:
- return WORD4(si0E, si09, si0D, si0B);
- case 1:
- return WORD4(si0B, si0E, si09, si0D);
- case 2:
- return WORD4(si0D, si0B, si0E, si09);
- case 3:
- return WORD4(si09, si0D, si0B, si0E);
- }
- return -1;
-}
-#define T0(i) G_T0(i)
-#define T1(i) G_T1(i)
-#define T2(i) G_T2(i)
-#define T3(i) G_T3(i)
-#define TInv0(i) gen_TInvXi(0, i)
-#define TInv1(i) gen_TInvXi(1, i)
-#define TInv2(i) gen_TInvXi(2, i)
-#define TInv3(i) gen_TInvXi(3, i)
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#elif defined(RIJNDAEL_GENERATE_VALUES_MACRO)
-/* generate values for the tables with macros */
-#define T0(i) G_T0(i)
-#define T1(i) G_T1(i)
-#define T2(i) G_T2(i)
-#define T3(i) G_T3(i)
-#define TInv0(i) G_TInv0(i)
-#define TInv1(i) G_TInv1(i)
-#define TInv2(i) G_TInv2(i)
-#define TInv3(i) G_TInv3(i)
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_TABLES_MACRO */
-/* Generate T and T**-1 table values and store, then index */
-/* The inverse mix column tables are still generated */
-#define T0(i) rijndaelTables->T0[i]
-#define T1(i) rijndaelTables->T1[i]
-#define T2(i) rijndaelTables->T2[i]
-#define T3(i) rijndaelTables->T3[i]
-#define TInv0(i) rijndaelTables->TInv0[i]
-#define TInv1(i) rijndaelTables->TInv1[i]
-#define TInv2(i) rijndaelTables->TInv2[i]
-#define TInv3(i) rijndaelTables->TInv3[i]
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#endif /* choose T-table indexing method */
-
-#endif /* not RIJNDAEL_INCLUDE_TABLES */
-
-#if defined(RIJNDAEL_GENERATE_TABLES) || \
- defined(RIJNDAEL_GENERATE_TABLES_MACRO)
-
-/* Code to generate and store the tables */
-
-struct rijndael_tables_str {
- PRUint32 T0[256];
- PRUint32 T1[256];
- PRUint32 T2[256];
- PRUint32 T3[256];
- PRUint32 TInv0[256];
- PRUint32 TInv1[256];
- PRUint32 TInv2[256];
- PRUint32 TInv3[256];
-};
-
-static struct rijndael_tables_str *rijndaelTables = NULL;
-static PRCallOnceType coRTInit = { 0, 0, 0 };
-static PRStatus
-init_rijndael_tables(void)
-{
- PRUint32 i;
- PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
- struct rijndael_tables_str *rts;
- rts = (struct rijndael_tables_str *)
- PORT_Alloc(sizeof(struct rijndael_tables_str));
- if (!rts) return PR_FAILURE;
- for (i=0; i<256; i++) {
- /* The forward values */
- si01 = SBOX(i);
- si02 = XTIME(si01);
- si03 = si02 ^ si01;
- rts->T0[i] = WORD4(si02, si01, si01, si03);
- rts->T1[i] = WORD4(si03, si02, si01, si01);
- rts->T2[i] = WORD4(si01, si03, si02, si01);
- rts->T3[i] = WORD4(si01, si01, si03, si02);
- /* The inverse values */
- si01 = SINV(i);
- si02 = XTIME(si01);
- si04 = XTIME(si02);
- si08 = XTIME(si04);
- si03 = si02 ^ si01;
- si09 = si08 ^ si01;
- si0B = si08 ^ si03;
- si0D = si09 ^ si04;
- si0E = si08 ^ si04 ^ si02;
- rts->TInv0[i] = WORD4(si0E, si09, si0D, si0B);
- rts->TInv1[i] = WORD4(si0B, si0E, si09, si0D);
- rts->TInv2[i] = WORD4(si0D, si0B, si0E, si09);
- rts->TInv3[i] = WORD4(si09, si0D, si0B, si0E);
- }
- /* wait until all the values are in to set */
- rijndaelTables = rts;
- return PR_SUCCESS;
-}
-
-#endif /* code to generate tables */
-
-/**************************************************************************
- *
- * Stuff related to the Rijndael key schedule
- *
- *************************************************************************/
-
-#define SUBBYTE(w) \
- ((SBOX((w >> 24) & 0xff) << 24) | \
- (SBOX((w >> 16) & 0xff) << 16) | \
- (SBOX((w >> 8) & 0xff) << 8) | \
- (SBOX((w ) & 0xff) ))
-
-#ifdef IS_LITTLE_ENDIAN
-#define ROTBYTE(b) \
- ((b >> 8) | (b << 24))
-#else
-#define ROTBYTE(b) \
- ((b << 8) | (b >> 24))
-#endif
-
-/* rijndael_key_expansion7
- *
- * Generate the expanded key from the key input by the user.
- * XXX
- * Nk == 7 (224 key bits) is a weird case. Since Nk > 6, an added SubByte
- * transformation is done periodically. The period is every 4 bytes, and
- * since 7%4 != 0 this happens at different times for each key word (unlike
- * Nk == 8 where it happens twice in every key word, in the same positions).
- * For now, I'm implementing this case "dumbly", w/o any unrolling.
- */
-static SECStatus
-rijndael_key_expansion7(AESContext *cx, const unsigned char *key, unsigned int Nk)
-{
- unsigned int i;
- PRUint32 *W;
- PRUint32 *pW;
- PRUint32 tmp;
- W = cx->expandedKey;
- /* 1. the first Nk words contain the cipher key */
- memcpy(W, key, Nk * 4);
- i = Nk;
- /* 2. loop until full expanded key is obtained */
- pW = W + i - 1;
- for (; i < cx->Nb * (cx->Nr + 1); ++i) {
- tmp = *pW++;
- if (i % Nk == 0)
- tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
- else if (i % Nk == 4)
- tmp = SUBBYTE(tmp);
- *pW = W[i - Nk] ^ tmp;
- }
- return SECSuccess;
-}
-
-/* rijndael_key_expansion
- *
- * Generate the expanded key from the key input by the user.
- */
-static SECStatus
-rijndael_key_expansion(AESContext *cx, const unsigned char *key, unsigned int Nk)
-{
- unsigned int i;
- PRUint32 *W;
- PRUint32 *pW;
- PRUint32 tmp;
- unsigned int round_key_words = cx->Nb * (cx->Nr + 1);
- if (Nk == 7)
- return rijndael_key_expansion7(cx, key, Nk);
- W = cx->expandedKey;
- /* The first Nk words contain the input cipher key */
- memcpy(W, key, Nk * 4);
- i = Nk;
- pW = W + i - 1;
- /* Loop over all sets of Nk words, except the last */
- while (i < round_key_words - Nk) {
- tmp = *pW++;
- tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
- *pW = W[i++ - Nk] ^ tmp;
- tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- if (Nk == 4)
- continue;
- switch (Nk) {
- case 8: tmp = *pW++; tmp = SUBBYTE(tmp); *pW = W[i++ - Nk] ^ tmp;
- case 7: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- case 6: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- case 5: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- }
- }
- /* Generate the last word */
- tmp = *pW++;
- tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
- *pW = W[i++ - Nk] ^ tmp;
- /* There may be overflow here, if Nk % (Nb * (Nr + 1)) > 0. However,
- * since the above loop generated all but the last Nk key words, there
- * is no more need for the SubByte transformation.
- */
- if (Nk < 8) {
- for (; i < round_key_words; ++i) {
- tmp = *pW++;
- *pW = W[i - Nk] ^ tmp;
- }
- } else {
- /* except in the case when Nk == 8. Then one more SubByte may have
- * to be performed, at i % Nk == 4.
- */
- for (; i < round_key_words; ++i) {
- tmp = *pW++;
- if (i % Nk == 4)
- tmp = SUBBYTE(tmp);
- *pW = W[i - Nk] ^ tmp;
- }
- }
- return SECSuccess;
-}
-
-/* rijndael_invkey_expansion
- *
- * Generate the expanded key for the inverse cipher from the key input by
- * the user.
- */
-static SECStatus
-rijndael_invkey_expansion(AESContext *cx, const unsigned char *key, unsigned int Nk)
-{
- unsigned int r;
- PRUint32 *roundkeyw;
- PRUint8 *b;
- int Nb = cx->Nb;
- /* begins like usual key expansion ... */
- if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
- return SECFailure;
- /* ... but has the additional step of InvMixColumn,
- * excepting the first and last round keys.
- */
- roundkeyw = cx->expandedKey + cx->Nb;
- for (r=1; r<cx->Nr; ++r) {
- /* each key word, roundkeyw, represents a column in the key
- * matrix. Each column is multiplied by the InvMixColumn matrix.
- * [ 0E 0B 0D 09 ] [ b0 ]
- * [ 09 0E 0B 0D ] * [ b1 ]
- * [ 0D 09 0E 0B ] [ b2 ]
- * [ 0B 0D 09 0E ] [ b3 ]
- */
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- if (Nb <= 4)
- continue;
- switch (Nb) {
- case 8: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- case 7: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- case 6: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- case 5: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- }
- }
- return SECSuccess;
-}
-/**************************************************************************
- *
- * Stuff related to Rijndael encryption/decryption, optimized for
- * a 128-bit blocksize.
- *
- *************************************************************************/
-
-#ifdef IS_LITTLE_ENDIAN
-#define BYTE0WORD(w) ((w) & 0x000000ff)
-#define BYTE1WORD(w) ((w) & 0x0000ff00)
-#define BYTE2WORD(w) ((w) & 0x00ff0000)
-#define BYTE3WORD(w) ((w) & 0xff000000)
-#else
-#define BYTE0WORD(w) ((w) & 0xff000000)
-#define BYTE1WORD(w) ((w) & 0x00ff0000)
-#define BYTE2WORD(w) ((w) & 0x0000ff00)
-#define BYTE3WORD(w) ((w) & 0x000000ff)
-#endif
-
-typedef union {
- PRUint32 w[4];
- PRUint8 b[16];
-} rijndael_state;
-
-#define COLUMN_0(state) state.w[0]
-#define COLUMN_1(state) state.w[1]
-#define COLUMN_2(state) state.w[2]
-#define COLUMN_3(state) state.w[3]
-
-#define STATE_BYTE(i) state.b[i]
-
-static SECStatus
-rijndael_encryptBlock128(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- unsigned int r;
- PRUint32 *roundkeyw;
- rijndael_state state;
- PRUint32 C0, C1, C2, C3;
-#if defined(_X86_)
-#define pIn input
-#define pOut output
-#else
- unsigned char *pIn, *pOut;
- PRUint32 inBuf[4], outBuf[4];
-
- if ((ptrdiff_t)input & 0x3) {
- memcpy(inBuf, input, sizeof inBuf);
- pIn = (unsigned char *)inBuf;
- } else {
- pIn = (unsigned char *)input;
- }
- if ((ptrdiff_t)output & 0x3) {
- pOut = (unsigned char *)outBuf;
- } else {
- pOut = (unsigned char *)output;
- }
-#endif
- roundkeyw = cx->expandedKey;
- /* Step 1: Add Round Key 0 to initial state */
- COLUMN_0(state) = *((PRUint32 *)(pIn )) ^ *roundkeyw++;
- COLUMN_1(state) = *((PRUint32 *)(pIn + 4 )) ^ *roundkeyw++;
- COLUMN_2(state) = *((PRUint32 *)(pIn + 8 )) ^ *roundkeyw++;
- COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw++;
- /* Step 2: Loop over rounds [1..NR-1] */
- for (r=1; r<cx->Nr; ++r) {
- /* Do ShiftRow, ByteSub, and MixColumn all at once */
- C0 = T0(STATE_BYTE(0)) ^
- T1(STATE_BYTE(5)) ^
- T2(STATE_BYTE(10)) ^
- T3(STATE_BYTE(15));
- C1 = T0(STATE_BYTE(4)) ^
- T1(STATE_BYTE(9)) ^
- T2(STATE_BYTE(14)) ^
- T3(STATE_BYTE(3));
- C2 = T0(STATE_BYTE(8)) ^
- T1(STATE_BYTE(13)) ^
- T2(STATE_BYTE(2)) ^
- T3(STATE_BYTE(7));
- C3 = T0(STATE_BYTE(12)) ^
- T1(STATE_BYTE(1)) ^
- T2(STATE_BYTE(6)) ^
- T3(STATE_BYTE(11));
- /* Round key addition */
- COLUMN_0(state) = C0 ^ *roundkeyw++;
- COLUMN_1(state) = C1 ^ *roundkeyw++;
- COLUMN_2(state) = C2 ^ *roundkeyw++;
- COLUMN_3(state) = C3 ^ *roundkeyw++;
- }
- /* Step 3: Do the last round */
- /* Final round does not employ MixColumn */
- C0 = ((BYTE0WORD(T2(STATE_BYTE(0)))) |
- (BYTE1WORD(T3(STATE_BYTE(5)))) |
- (BYTE2WORD(T0(STATE_BYTE(10)))) |
- (BYTE3WORD(T1(STATE_BYTE(15))))) ^
- *roundkeyw++;
- C1 = ((BYTE0WORD(T2(STATE_BYTE(4)))) |
- (BYTE1WORD(T3(STATE_BYTE(9)))) |
- (BYTE2WORD(T0(STATE_BYTE(14)))) |
- (BYTE3WORD(T1(STATE_BYTE(3))))) ^
- *roundkeyw++;
- C2 = ((BYTE0WORD(T2(STATE_BYTE(8)))) |
- (BYTE1WORD(T3(STATE_BYTE(13)))) |
- (BYTE2WORD(T0(STATE_BYTE(2)))) |
- (BYTE3WORD(T1(STATE_BYTE(7))))) ^
- *roundkeyw++;
- C3 = ((BYTE0WORD(T2(STATE_BYTE(12)))) |
- (BYTE1WORD(T3(STATE_BYTE(1)))) |
- (BYTE2WORD(T0(STATE_BYTE(6)))) |
- (BYTE3WORD(T1(STATE_BYTE(11))))) ^
- *roundkeyw++;
- *((PRUint32 *) pOut ) = C0;
- *((PRUint32 *)(pOut + 4)) = C1;
- *((PRUint32 *)(pOut + 8)) = C2;
- *((PRUint32 *)(pOut + 12)) = C3;
-#if defined(_X86_)
-#undef pIn
-#undef pOut
-#else
- if ((ptrdiff_t)output & 0x3) {
- memcpy(output, outBuf, sizeof outBuf);
- }
-#endif
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_decryptBlock128(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- int r;
- PRUint32 *roundkeyw;
- rijndael_state state;
- PRUint32 C0, C1, C2, C3;
-#if defined(_X86_)
-#define pIn input
-#define pOut output
-#else
- unsigned char *pIn, *pOut;
- PRUint32 inBuf[4], outBuf[4];
-
- if ((ptrdiff_t)input & 0x3) {
- memcpy(inBuf, input, sizeof inBuf);
- pIn = (unsigned char *)inBuf;
- } else {
- pIn = (unsigned char *)input;
- }
- if ((ptrdiff_t)output & 0x3) {
- pOut = (unsigned char *)outBuf;
- } else {
- pOut = (unsigned char *)output;
- }
-#endif
- roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
- /* reverse the final key addition */
- COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw--;
- COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw--;
- COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw--;
- COLUMN_0(state) = *((PRUint32 *)(pIn )) ^ *roundkeyw--;
- /* Loop over rounds in reverse [NR..1] */
- for (r=cx->Nr; r>1; --r) {
- /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
- C0 = TInv0(STATE_BYTE(0)) ^
- TInv1(STATE_BYTE(13)) ^
- TInv2(STATE_BYTE(10)) ^
- TInv3(STATE_BYTE(7));
- C1 = TInv0(STATE_BYTE(4)) ^
- TInv1(STATE_BYTE(1)) ^
- TInv2(STATE_BYTE(14)) ^
- TInv3(STATE_BYTE(11));
- C2 = TInv0(STATE_BYTE(8)) ^
- TInv1(STATE_BYTE(5)) ^
- TInv2(STATE_BYTE(2)) ^
- TInv3(STATE_BYTE(15));
- C3 = TInv0(STATE_BYTE(12)) ^
- TInv1(STATE_BYTE(9)) ^
- TInv2(STATE_BYTE(6)) ^
- TInv3(STATE_BYTE(3));
- /* Invert the key addition step */
- COLUMN_3(state) = C3 ^ *roundkeyw--;
- COLUMN_2(state) = C2 ^ *roundkeyw--;
- COLUMN_1(state) = C1 ^ *roundkeyw--;
- COLUMN_0(state) = C0 ^ *roundkeyw--;
- }
- /* inverse sub */
- pOut[ 0] = SINV(STATE_BYTE( 0));
- pOut[ 1] = SINV(STATE_BYTE(13));
- pOut[ 2] = SINV(STATE_BYTE(10));
- pOut[ 3] = SINV(STATE_BYTE( 7));
- pOut[ 4] = SINV(STATE_BYTE( 4));
- pOut[ 5] = SINV(STATE_BYTE( 1));
- pOut[ 6] = SINV(STATE_BYTE(14));
- pOut[ 7] = SINV(STATE_BYTE(11));
- pOut[ 8] = SINV(STATE_BYTE( 8));
- pOut[ 9] = SINV(STATE_BYTE( 5));
- pOut[10] = SINV(STATE_BYTE( 2));
- pOut[11] = SINV(STATE_BYTE(15));
- pOut[12] = SINV(STATE_BYTE(12));
- pOut[13] = SINV(STATE_BYTE( 9));
- pOut[14] = SINV(STATE_BYTE( 6));
- pOut[15] = SINV(STATE_BYTE( 3));
- /* final key addition */
- *((PRUint32 *)(pOut + 12)) ^= *roundkeyw--;
- *((PRUint32 *)(pOut + 8)) ^= *roundkeyw--;
- *((PRUint32 *)(pOut + 4)) ^= *roundkeyw--;
- *((PRUint32 *) pOut ) ^= *roundkeyw--;
-#if defined(_X86_)
-#undef pIn
-#undef pOut
-#else
- if ((ptrdiff_t)output & 0x3) {
- memcpy(output, outBuf, sizeof outBuf);
- }
-#endif
- return SECSuccess;
-}
-
-/**************************************************************************
- *
- * Stuff related to general Rijndael encryption/decryption, for blocksizes
- * greater than 128 bits.
- *
- * XXX This code is currently untested! So far, AES specs have only been
- * released for 128 bit blocksizes. This will be tested, but for now
- * only the code above has been tested using known values.
- *
- *************************************************************************/
-
-#define COLUMN(array, j) *((PRUint32 *)(array + j))
-
-SECStatus
-rijndael_encryptBlock(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- return SECFailure;
-#ifdef rijndael_large_blocks_fixed
- unsigned int j, r, Nb;
- unsigned int c2=0, c3=0;
- PRUint32 *roundkeyw;
- PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
- Nb = cx->Nb;
- roundkeyw = cx->expandedKey;
- /* Step 1: Add Round Key 0 to initial state */
- for (j=0; j<4*Nb; j+=4) {
- COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw++;
- }
- /* Step 2: Loop over rounds [1..NR-1] */
- for (r=1; r<cx->Nr; ++r) {
- for (j=0; j<Nb; ++j) {
- COLUMN(output, j) = T0(STATE_BYTE(4* j )) ^
- T1(STATE_BYTE(4*((j+ 1)%Nb)+1)) ^
- T2(STATE_BYTE(4*((j+c2)%Nb)+2)) ^
- T3(STATE_BYTE(4*((j+c3)%Nb)+3));
- }
- for (j=0; j<4*Nb; j+=4) {
- COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw++;
- }
- }
- /* Step 3: Do the last round */
- /* Final round does not employ MixColumn */
- for (j=0; j<Nb; ++j) {
- COLUMN(output, j) = ((BYTE0WORD(T2(STATE_BYTE(4* j )))) |
- (BYTE1WORD(T3(STATE_BYTE(4*(j+ 1)%Nb)+1))) |
- (BYTE2WORD(T0(STATE_BYTE(4*(j+c2)%Nb)+2))) |
- (BYTE3WORD(T1(STATE_BYTE(4*(j+c3)%Nb)+3)))) ^
- *roundkeyw++;
- }
- return SECSuccess;
-#endif
-}
-
-SECStatus
-rijndael_decryptBlock(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- return SECFailure;
-#ifdef rijndael_large_blocks_fixed
- int j, r, Nb;
- int c2=0, c3=0;
- PRUint32 *roundkeyw;
- PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
- Nb = cx->Nb;
- roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
- /* reverse key addition */
- for (j=4*Nb; j>=0; j-=4) {
- COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw--;
- }
- /* Loop over rounds in reverse [NR..1] */
- for (r=cx->Nr; r>1; --r) {
- /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
- for (j=0; j<Nb; ++j) {
- COLUMN(output, 4*j) = TInv0(STATE_BYTE(4* j )) ^
- TInv1(STATE_BYTE(4*(j+Nb- 1)%Nb)+1) ^
- TInv2(STATE_BYTE(4*(j+Nb-c2)%Nb)+2) ^
- TInv3(STATE_BYTE(4*(j+Nb-c3)%Nb)+3);
- }
- /* Invert the key addition step */
- for (j=4*Nb; j>=0; j-=4) {
- COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw--;
- }
- }
- /* inverse sub */
- for (j=0; j<4*Nb; ++j) {
- output[j] = SINV(clone[j]);
- }
- /* final key addition */
- for (j=4*Nb; j>=0; j-=4) {
- COLUMN(output, j) ^= *roundkeyw--;
- }
- return SECSuccess;
-#endif
-}
-
-/**************************************************************************
- *
- * Rijndael modes of operation (ECB and CBC)
- *
- *************************************************************************/
-
-static SECStatus
-rijndael_encryptECB(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- unsigned int blocksize)
-{
- SECStatus rv;
- AESBlockFunc *encryptor;
- encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_encryptBlock128
- : &rijndael_encryptBlock;
- while (inputLen > 0) {
- rv = (*encryptor)(cx, output, input);
- if (rv != SECSuccess)
- return rv;
- output += blocksize;
- input += blocksize;
- inputLen -= blocksize;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_encryptCBC(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- unsigned int blocksize)
-{
- unsigned int j;
- SECStatus rv;
- AESBlockFunc *encryptor;
- unsigned char *lastblock;
- unsigned char inblock[RIJNDAEL_MAX_STATE_SIZE * 8];
-
- if (!inputLen)
- return SECSuccess;
- lastblock = cx->iv;
- encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_encryptBlock128
- : &rijndael_encryptBlock;
- while (inputLen > 0) {
- /* XOR with the last block (IV if first block) */
- for (j=0; j<blocksize; ++j)
- inblock[j] = input[j] ^ lastblock[j];
- /* encrypt */
- rv = (*encryptor)(cx, output, inblock);
- if (rv != SECSuccess)
- return rv;
- /* move to the next block */
- lastblock = output;
- output += blocksize;
- input += blocksize;
- inputLen -= blocksize;
- }
- memcpy(cx->iv, lastblock, blocksize);
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_decryptECB(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- unsigned int blocksize)
-{
- SECStatus rv;
- AESBlockFunc *decryptor;
- decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_decryptBlock128
- : &rijndael_decryptBlock;
- while (inputLen > 0) {
- rv = (*decryptor)(cx, output, input);
- if (rv != SECSuccess)
- return rv;
- output += blocksize;
- input += blocksize;
- inputLen -= blocksize;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_decryptCBC(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- unsigned int blocksize)
-{
- SECStatus rv;
- AESBlockFunc *decryptor;
- const unsigned char *in;
- unsigned char *out;
- unsigned int j;
- unsigned char newIV[RIJNDAEL_MAX_BLOCKSIZE];
-
- if (!inputLen)
- return SECSuccess;
- PORT_Assert(output - input >= 0 || input - output >= (int)inputLen );
- decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_decryptBlock128
- : &rijndael_decryptBlock;
- in = input + (inputLen - blocksize);
- memcpy(newIV, in, blocksize);
- out = output + (inputLen - blocksize);
- while (inputLen > blocksize) {
- rv = (*decryptor)(cx, out, in);
- if (rv != SECSuccess)
- return rv;
- for (j=0; j<blocksize; ++j)
- out[j] ^= in[(int)(j - blocksize)];
- out -= blocksize;
- in -= blocksize;
- inputLen -= blocksize;
- }
- if (in == input) {
- rv = (*decryptor)(cx, out, in);
- if (rv != SECSuccess)
- return rv;
- for (j=0; j<blocksize; ++j)
- out[j] ^= cx->iv[j];
- }
- memcpy(cx->iv, newIV, blocksize);
- return SECSuccess;
-}
-
-/************************************************************************
- *
- * BLAPI Interface functions
- *
- * The following functions implement the encryption routines defined in
- * BLAPI for the AES cipher, Rijndael.
- *
- ***********************************************************************/
-
-/* AES_CreateContext
- *
- * create a new context for Rijndael operations
- */
-AESContext *
-AES_CreateContext(const unsigned char *key, const unsigned char *iv,
- int mode, int encrypt,
- unsigned int keysize, unsigned int blocksize)
-{
- AESContext *cx;
- unsigned int Nk;
- /* According to Rijndael AES Proposal, section 12.1, block and key
- * lengths between 128 and 256 bits are supported, as long as the
- * length in bytes is divisible by 4.
- */
- if (key == NULL ||
- keysize < RIJNDAEL_MIN_BLOCKSIZE ||
- keysize > RIJNDAEL_MAX_BLOCKSIZE ||
- keysize % 4 != 0 ||
- blocksize < RIJNDAEL_MIN_BLOCKSIZE ||
- blocksize > RIJNDAEL_MAX_BLOCKSIZE ||
- blocksize % 4 != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- if (mode != NSS_AES && mode != NSS_AES_CBC) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- if (mode == NSS_AES_CBC && iv == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- cx = PORT_ZNew(AESContext);
- if (!cx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- /* Nb = (block size in bits) / 32 */
- cx->Nb = blocksize / 4;
- /* Nk = (key size in bits) / 32 */
- Nk = keysize / 4;
- /* Obtain number of rounds from "table" */
- cx->Nr = RIJNDAEL_NUM_ROUNDS(Nk, cx->Nb);
- /* copy in the iv, if neccessary */
- if (mode == NSS_AES_CBC) {
- memcpy(cx->iv, iv, blocksize);
- cx->worker = (encrypt) ? &rijndael_encryptCBC : &rijndael_decryptCBC;
- } else {
- cx->worker = (encrypt) ? &rijndael_encryptECB : &rijndael_decryptECB;
- }
- /* Allocate memory for the expanded key */
- cx->expandedKey = PORT_ZNewArray(PRUint32, cx->Nb * (cx->Nr + 1));
- if (!cx->expandedKey) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- /* Generate expanded key */
- if (encrypt) {
- if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
- goto cleanup;
- } else {
- if (rijndael_invkey_expansion(cx, key, Nk) != SECSuccess)
- goto cleanup;
- }
- return cx;
-cleanup:
- if (cx->expandedKey)
- PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1));
- PORT_ZFree(cx, sizeof *cx);
- return NULL;
-}
-
-/*
- * AES_DestroyContext
- *
- * Zero an AES cipher context. If freeit is true, also free the pointer
- * to the context.
- */
-void
-AES_DestroyContext(AESContext *cx, PRBool freeit)
-{
- PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1));
- memset(cx, 0, sizeof *cx);
- if (freeit)
- PORT_Free(cx);
-}
-
-/*
- * AES_Encrypt
- *
- * Encrypt an arbitrary-length buffer. The output buffer must already be
- * allocated to at least inputLen.
- */
-SECStatus
-AES_Encrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- int blocksize;
- /* Check args */
- if (cx == NULL || output == NULL || input == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- blocksize = 4 * cx->Nb;
- if (inputLen % blocksize != 0) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- return SECFailure;
- }
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- *outputLen = inputLen;
-#if defined(RIJNDAEL_GENERATE_TABLES) || \
- defined(RIJNDAEL_GENERATE_TABLES_MACRO)
- if (rijndaelTables == NULL) {
- if (PR_CallOnce(&coRTInit, init_rijndael_tables)
- != PR_SUCCESS) {
- return PR_FAILURE;
- }
- }
-#endif
- return (*cx->worker)(cx, output, outputLen, maxOutputLen,
- input, inputLen, blocksize);
-}
-
-/*
- * AES_Decrypt
- *
- * Decrypt and arbitrary-length buffer. The output buffer must already be
- * allocated to at least inputLen.
- */
-SECStatus
-AES_Decrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- int blocksize;
- /* Check args */
- if (cx == NULL || output == NULL || input == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- blocksize = 4 * cx->Nb;
- if (inputLen % blocksize != 0) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- return SECFailure;
- }
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- *outputLen = inputLen;
-#if defined(RIJNDAEL_GENERATE_TABLES) || \
- defined(RIJNDAEL_GENERATE_TABLES_MACRO)
- if (rijndaelTables == NULL) {
- if (PR_CallOnce(&coRTInit, init_rijndael_tables)
- != PR_SUCCESS) {
- return PR_FAILURE;
- }
- }
-#endif
- return (*cx->worker)(cx, output, outputLen, maxOutputLen,
- input, inputLen, blocksize);
-}
-
diff --git a/security/nss/lib/freebl/rijndael.h b/security/nss/lib/freebl/rijndael.h
deleted file mode 100644
index facd1b6db..000000000
--- a/security/nss/lib/freebl/rijndael.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _RIJNDAEL_H_
-#define _RIJNDAEL_H_ 1
-
-#define RIJNDAEL_MIN_BLOCKSIZE 16 /* bytes */
-#define RIJNDAEL_MAX_BLOCKSIZE 32 /* bytes */
-
-typedef SECStatus AESFunc(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- unsigned int blocksize);
-
-typedef SECStatus AESBlockFunc(AESContext *cx,
- unsigned char *output,
- const unsigned char *input);
-
-/* AESContextStr
- *
- * Values which maintain the state for Rijndael encryption/decryption.
- *
- * iv - initialization vector for CBC mode
- * Nb - the number of bytes in a block, specified by user
- * Nr - the number of rounds, specified by a table
- * expandedKey - the round keys in 4-byte words, the length is Nr * Nb
- * worker - the encryption/decryption function to use with this context
- */
-struct AESContextStr
-{
- unsigned int Nb;
- unsigned int Nr;
- PRUint32 *expandedKey;
- AESFunc *worker;
- unsigned char iv[RIJNDAEL_MAX_BLOCKSIZE];
-};
-
-/* RIJNDAEL_NUM_ROUNDS
- *
- * Number of rounds per execution
- * Nk - number of key bytes
- * Nb - blocksize (in bytes)
- */
-#define RIJNDAEL_NUM_ROUNDS(Nk, Nb) \
- (PR_MAX(Nk, Nb) + 6)
-
-/* RIJNDAEL_NUM_ROUNDS
- *
- * Maximum number of bytes in the state (spec includes up to 256-bit block
- * size)
- */
-#define RIJNDAEL_MAX_STATE_SIZE 32
-
-#endif /* _RIJNDAEL_H_ */
diff --git a/security/nss/lib/freebl/rijndael32.tab b/security/nss/lib/freebl/rijndael32.tab
deleted file mode 100644
index 6b78e2e8b..000000000
--- a/security/nss/lib/freebl/rijndael32.tab
+++ /dev/null
@@ -1,1215 +0,0 @@
-#ifndef RIJNDAEL_INCLUDE_TABLES
-static const PRUint8 _S[256] =
-{
- 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
-202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
-183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
- 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
- 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
- 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
-208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
- 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
-205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
- 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
-224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
-231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
-186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
-112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
-225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
-140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22
-};
-#endif /* not RIJNDAEL_INCLUDE_TABLES */
-
-static const PRUint8 _SInv[256] =
-{
- 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
-124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
- 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
- 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
-114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
-108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
-144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
-208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
- 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
-150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
- 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
-252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
- 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
- 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
-160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
- 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125
-};
-
-#ifdef RIJNDAEL_INCLUDE_TABLES
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T0[256] =
-{
-0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 0xbd6b6bd6,
-0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56,
-0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, 0x45caca8f, 0x9d82821f,
-0x40c9c989, 0x877d7dfa, 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb,
-0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
-0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
-0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 0x5c343468, 0xf4a5a551,
-0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
-0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637,
-0x0f05050a, 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
-0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 0x9e83831d,
-0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
-0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, 0x7b292952, 0x3ee3e3dd,
-0x712f2f5e, 0x97848413, 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1,
-0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
-0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
-0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 0xc5434386, 0xd74d4d9a,
-0x55333366, 0x94858511, 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe,
-0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d,
-0xc0404080, 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
-0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 0x1affffe5,
-0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
-0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, 0x57c4c493, 0xf2a7a755,
-0x827e7efc, 0x473d3d7a, 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
-0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
-0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
-0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 0x3be0e0db, 0x56323264,
-0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8,
-0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531,
-0x37e4e4d3, 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
-0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 0xfa5656ac,
-0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
-0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, 0x241c1c38, 0xf1a6a657,
-0xc7b4b473, 0x51c6c697, 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
-0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
-0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c,
-0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 0x91868617, 0x58c1c199,
-0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
-0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c,
-0x92878715, 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
-0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 0x31e6e6d7,
-0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
-0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c
-};
-#else
-static const PRUint32 _T0[256] =
-{
-0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
-0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
-0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
-0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
-0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
-0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
-0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
-0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
-0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
-0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
-0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
-0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
-0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
-0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
-0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
-0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
-0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
-0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
-0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
-0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
-0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
-0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
-0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
-0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
-0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
-0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
-0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
-0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
-0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
-0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
-0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
-0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
-0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
-0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
-0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
-0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
-0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
-0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
-0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
-0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
-0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
-0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
-0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T1[256] =
-{
-0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 0x6b6bd6bd,
-0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d,
-0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a, 0xcaca8f45, 0x82821f9d,
-0xc9c98940, 0x7d7dfa87, 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
-0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7,
-0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
-0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, 0x3434685c, 0xa5a551f4,
-0xe5e5d134, 0xf1f1f908, 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
-0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1,
-0x05050a0f, 0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
-0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, 0x83831d9e,
-0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
-0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce, 0x2929527b, 0xe3e3dd3e,
-0x2f2f5e71, 0x84841397, 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c,
-0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46,
-0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
-0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, 0x434386c5, 0x4d4d9ad7,
-0x33336655, 0x85851194, 0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81,
-0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe,
-0x404080c0, 0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
-0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, 0xffffe51a,
-0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f,
-0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39, 0xc4c49357, 0xa7a755f2,
-0x7e7efc82, 0x3d3d7a47, 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
-0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e,
-0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
-0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, 0xe0e0db3b, 0x32326456,
-0x3a3a744e, 0x0a0a141e, 0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4,
-0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4,
-0xe4e4d337, 0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
-0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, 0x5656acfa,
-0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018,
-0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72, 0x1c1c3824, 0xa6a657f1,
-0xb4b473c7, 0xc6c69751, 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
-0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42,
-0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12,
-0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, 0x86861791, 0xc1c19958,
-0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
-0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22,
-0x87871592, 0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
-0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, 0xe6e6d731,
-0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11,
-0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a
-};
-#else
-static const PRUint32 _T1[256] =
-{
-0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, 0x0dfff2f2, 0xbdd66b6b,
-0xb1de6f6f, 0x5491c5c5, 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
-0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, 0x458fcaca, 0x9d1f8282,
-0x4089c9c9, 0x87fa7d7d, 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
-0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, 0xbf239c9c, 0xf753a4a4,
-0x96e47272, 0x5b9bc0c0, 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
-0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, 0x5c683434, 0xf451a5a5,
-0x34d1e5e5, 0x08f9f1f1, 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
-0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, 0x28301818, 0xa1379696,
-0x0f0a0505, 0xb52f9a9a, 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
-0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, 0x1b120909, 0x9e1d8383,
-0x74582c2c, 0x2e341a1a, 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
-0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, 0x7b522929, 0x3edde3e3,
-0x715e2f2f, 0x97138484, 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
-0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, 0xbed46a6a, 0x468dcbcb,
-0xd967bebe, 0x4b723939, 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
-0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, 0xc5864343, 0xd79a4d4d,
-0x55663333, 0x94118585, 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
-0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, 0xf3a25151, 0xfe5da3a3,
-0xc0804040, 0x8a058f8f, 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
-0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, 0x30201010, 0x1ae5ffff,
-0x0efdf3f3, 0x6dbfd2d2, 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
-0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, 0x5793c4c4, 0xf255a7a7,
-0x82fc7e7e, 0x477a3d3d, 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
-0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, 0x66442222, 0x7e542a2a,
-0xab3b9090, 0x830b8888, 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
-0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, 0x3bdbe0e0, 0x56643232,
-0x4e743a3a, 0x1e140a0a, 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
-0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, 0xa8399191, 0xa4319595,
-0x37d3e4e4, 0x8bf27979, 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
-0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, 0xb4d86c6c, 0xfaac5656,
-0x07f3f4f4, 0x25cfeaea, 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
-0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, 0x24381c1c, 0xf157a6a6,
-0xc773b4b4, 0x5197c6c6, 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
-0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, 0x90e07070, 0x427c3e3e,
-0xc471b5b5, 0xaacc6666, 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
-0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, 0x91178686, 0x5899c1c1,
-0x273a1d1d, 0xb9279e9e, 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
-0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, 0xb62d9b9b, 0x223c1e1e,
-0x92158787, 0x20c9e9e9, 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
-0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, 0xda65bfbf, 0x31d7e6e6,
-0xc6844242, 0xb8d06868, 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
-0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T2[256] =
-{
-0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 0x6bd6bd6b,
-0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b,
-0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76, 0xca8f45ca, 0x821f9d82,
-0xc98940c9, 0x7dfa877d, 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
-0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4,
-0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
-0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, 0x34685c34, 0xa551f4a5,
-0xe5d134e5, 0xf1f908f1, 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
-0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196,
-0x050a0f05, 0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
-0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, 0x831d9e83,
-0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
-0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3, 0x29527b29, 0xe3dd3ee3,
-0x2f5e712f, 0x84139784, 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced,
-0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb,
-0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
-0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, 0x4386c543, 0x4d9ad74d,
-0x33665533, 0x85119485, 0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f,
-0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3,
-0x4080c040, 0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
-0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, 0xffe51aff,
-0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec,
-0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917, 0xc49357c4, 0xa755f2a7,
-0x7efc827e, 0x3d7a473d, 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
-0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a,
-0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
-0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, 0xe0db3be0, 0x32645632,
-0x3a744e3a, 0x0a141e0a, 0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c,
-0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495,
-0xe4d337e4, 0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
-0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, 0x56acfa56,
-0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808,
-0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e, 0x1c38241c, 0xa657f1a6,
-0xb473c7b4, 0xc69751c6, 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
-0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e,
-0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e,
-0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, 0x86179186, 0xc19958c1,
-0x1d3a271d, 0x9e27b99e, 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
-0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e,
-0x87159287, 0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
-0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, 0xe6d731e6,
-0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f,
-0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16
-};
-#else
-static const PRUint32 _T2[256] =
-{
-0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, 0xf20dfff2, 0x6bbdd66b,
-0x6fb1de6f, 0xc55491c5, 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b,
-0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, 0xca458fca, 0x829d1f82,
-0xc94089c9, 0x7d87fa7d, 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0,
-0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, 0x9cbf239c, 0xa4f753a4,
-0x7296e472, 0xc05b9bc0, 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26,
-0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, 0x345c6834, 0xa5f451a5,
-0xe534d1e5, 0xf108f9f1, 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15,
-0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, 0x18283018, 0x96a13796,
-0x050f0a05, 0x9ab52f9a, 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2,
-0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, 0x091b1209, 0x839e1d83,
-0x2c74582c, 0x1a2e341a, 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0,
-0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, 0x297b5229, 0xe33edde3,
-0x2f715e2f, 0x84971384, 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed,
-0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, 0x6abed46a, 0xcb468dcb,
-0xbed967be, 0x394b7239, 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf,
-0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, 0x43c58643, 0x4dd79a4d,
-0x33556633, 0x85941185, 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f,
-0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, 0x51f3a251, 0xa3fe5da3,
-0x40c08040, 0x8f8a058f, 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5,
-0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, 0x10302010, 0xff1ae5ff,
-0xf30efdf3, 0xd26dbfd2, 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec,
-0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, 0xc45793c4, 0xa7f255a7,
-0x7e82fc7e, 0x3d477a3d, 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673,
-0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, 0x22664422, 0x2a7e542a,
-0x90ab3b90, 0x88830b88, 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814,
-0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, 0xe03bdbe0, 0x32566432,
-0x3a4e743a, 0x0a1e140a, 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c,
-0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, 0x91a83991, 0x95a43195,
-0xe437d3e4, 0x798bf279, 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d,
-0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, 0x6cb4d86c, 0x56faac56,
-0xf407f3f4, 0xea25cfea, 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008,
-0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, 0x1c24381c, 0xa6f157a6,
-0xb4c773b4, 0xc65197c6, 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f,
-0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, 0x7090e070, 0x3e427c3e,
-0xb5c471b5, 0x66aacc66, 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e,
-0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, 0x86911786, 0xc15899c1,
-0x1d273a1d, 0x9eb9279e, 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211,
-0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, 0x9bb62d9b, 0x1e223c1e,
-0x87921587, 0xe920c9e9, 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df,
-0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, 0xbfda65bf, 0xe631d7e6,
-0x42c68442, 0x68b8d068, 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f,
-0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T3[256] =
-{
-0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 0xd6bd6b6b,
-0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b,
-0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676, 0x8f45caca, 0x1f9d8282,
-0x8940c9c9, 0xfa877d7d, 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
-0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4,
-0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
-0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, 0x685c3434, 0x51f4a5a5,
-0xd134e5e5, 0xf908f1f1, 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
-0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696,
-0x0a0f0505, 0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
-0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, 0x1d9e8383,
-0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
-0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3, 0x527b2929, 0xdd3ee3e3,
-0x5e712f2f, 0x13978484, 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded,
-0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb,
-0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
-0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, 0x86c54343, 0x9ad74d4d,
-0x66553333, 0x11948585, 0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f,
-0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3,
-0x80c04040, 0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
-0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, 0xe51affff,
-0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
-0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717, 0x9357c4c4, 0x55f2a7a7,
-0xfc827e7e, 0x7a473d3d, 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
-0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a,
-0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
-0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, 0xdb3be0e0, 0x64563232,
-0x744e3a3a, 0x141e0a0a, 0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c,
-0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595,
-0xd337e4e4, 0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
-0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, 0xacfa5656,
-0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
-0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e, 0x38241c1c, 0x57f1a6a6,
-0x73c7b4b4, 0x9751c6c6, 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
-0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e,
-0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e,
-0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, 0x17918686, 0x9958c1c1,
-0x3a271d1d, 0x27b99e9e, 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
-0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e,
-0x15928787, 0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
-0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, 0xd731e6e6,
-0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
-0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616
-};
-#else
-static const PRUint32 _T3[256] =
-{
-0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, 0xf2f20dff, 0x6b6bbdd6,
-0x6f6fb1de, 0xc5c55491, 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56,
-0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, 0xcaca458f, 0x82829d1f,
-0xc9c94089, 0x7d7d87fa, 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb,
-0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, 0x9c9cbf23, 0xa4a4f753,
-0x727296e4, 0xc0c05b9b, 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c,
-0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, 0x34345c68, 0xa5a5f451,
-0xe5e534d1, 0xf1f108f9, 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a,
-0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, 0x18182830, 0x9696a137,
-0x05050f0a, 0x9a9ab52f, 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf,
-0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, 0x09091b12, 0x83839e1d,
-0x2c2c7458, 0x1a1a2e34, 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b,
-0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, 0x29297b52, 0xe3e33edd,
-0x2f2f715e, 0x84849713, 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1,
-0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, 0x6a6abed4, 0xcbcb468d,
-0xbebed967, 0x39394b72, 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85,
-0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, 0x4343c586, 0x4d4dd79a,
-0x33335566, 0x85859411, 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe,
-0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, 0x5151f3a2, 0xa3a3fe5d,
-0x4040c080, 0x8f8f8a05, 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1,
-0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, 0x10103020, 0xffff1ae5,
-0xf3f30efd, 0xd2d26dbf, 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3,
-0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, 0xc4c45793, 0xa7a7f255,
-0x7e7e82fc, 0x3d3d477a, 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6,
-0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, 0x22226644, 0x2a2a7e54,
-0x9090ab3b, 0x8888830b, 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28,
-0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, 0xe0e03bdb, 0x32325664,
-0x3a3a4e74, 0x0a0a1e14, 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8,
-0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, 0x9191a839, 0x9595a431,
-0xe4e437d3, 0x79798bf2, 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da,
-0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, 0x6c6cb4d8, 0x5656faac,
-0xf4f407f3, 0xeaea25cf, 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810,
-0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, 0x1c1c2438, 0xa6a6f157,
-0xb4b4c773, 0xc6c65197, 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e,
-0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, 0x707090e0, 0x3e3e427c,
-0xb5b5c471, 0x6666aacc, 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c,
-0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, 0x86869117, 0xc1c15899,
-0x1d1d273a, 0x9e9eb927, 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322,
-0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, 0x9b9bb62d, 0x1e1e223c,
-0x87879215, 0xe9e920c9, 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5,
-0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, 0xbfbfda65, 0xe6e631d7,
-0x4242c684, 0x6868b8d0, 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e,
-0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv0[256] =
-{
-0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f,
-0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
-0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, 0x495ab1de, 0x671bba25,
-0x980eea45, 0xe1c0fe5d, 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
-0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
-0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
-0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 0x184adf63, 0x82311ae5,
-0x60335197, 0x457f5362, 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
-0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72,
-0x578f1fe3, 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
-0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 0x92b479a7,
-0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
-0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, 0x39ec830b, 0xaaef6040,
-0x069f715e, 0x51106ebd, 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
-0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
-0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
-0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 0x83868009, 0x48ed2b32,
-0xac70111e, 0x4e725a6c, 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
-0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793,
-0xd296eeb4, 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
-0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 0xadc78bf2,
-0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
-0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, 0x7629438b, 0xdcc623cb,
-0x68fcedb6, 0x63f1e4b8, 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
-0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
-0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
-0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 0xc74e4987, 0xc1d138d9,
-0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
-0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890,
-0x5ef7392e, 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
-0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 0xf418596e,
-0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef,
-0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, 0xafb2a431, 0x31233f2a,
-0x3094a5c6, 0xc066a235, 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
-0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
-0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
-0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 0x5a1d67b3, 0x52d2db92,
-0x335610e9, 0x1347d66d, 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
-0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255,
-0x79ce1418, 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
-0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 0x0c25e2bc,
-0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
-0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0
-};
-#else
-static const PRUint32 _TInv0[256] =
-{
-0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1,
-0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
-0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67,
-0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
-0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3,
-0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
-0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182,
-0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
-0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2,
-0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
-0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0xa779b492,
-0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
-0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa,
-0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
-0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997,
-0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
-0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48,
-0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
-0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f,
-0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
-0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad,
-0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
-0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc,
-0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
-0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3,
-0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
-0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1,
-0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
-0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8,
-0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
-0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4,
-0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
-0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331,
-0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
-0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, 0x764dd68d, 0x43efb04d,
-0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
-0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252,
-0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
-0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f,
-0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
-0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c,
-0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
-0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv1[256] =
-{
-0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 0x459d1ff1,
-0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525,
-0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f, 0x5ab1de49, 0x1bba2567,
-0x0eea4598, 0xc0fe5de1, 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6,
-0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3,
-0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd,
-0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, 0x4adf6318, 0x311ae582,
-0x33519760, 0x7f536245, 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994,
-0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2,
-0x8f1fe357, 0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5,
-0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, 0xb479a792,
-0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a,
-0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475, 0xec830b39, 0xef6040aa,
-0x9f715e06, 0x106ebd51, 0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46,
-0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697,
-0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db,
-0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, 0x86800983, 0xed2b3248,
-0x70111eac, 0x725a6c4e, 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627,
-0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f,
-0x96eeb4d2, 0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
-0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, 0xc78bf2ad,
-0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd,
-0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34, 0x29438b76, 0xc623cbdc,
-0xfcedb668, 0xf1e4b863, 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420,
-0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3,
-0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722,
-0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, 0x4e4987c7, 0xd138d9c1,
-0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4,
-0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8,
-0xf7392e5e, 0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
-0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, 0x18596ef4,
-0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6,
-0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6, 0xb2a431af, 0x233f2a31,
-0x94a5c630, 0x66a235c0, 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315,
-0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d,
-0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f,
-0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, 0x1d67b35a, 0xd2db9252,
-0x5610e933, 0x47d66d13, 0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89,
-0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f,
-0xce141879, 0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
-0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, 0x25e2bc0c,
-0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490,
-0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042
-};
-#else
-static const PRUint32 _TInv1[256] =
-{
-0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, 0xcb3bab6b, 0xf11f9d45,
-0xabacfa58, 0x934be303, 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
-0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, 0x49deb15a, 0x6725ba1b,
-0x9845ea0e, 0xe15dfec0, 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
-0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, 0x2dd4be83, 0xd3587421,
-0x2949e069, 0x448ec9c8, 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
-0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, 0x1863df4a, 0x82e51a31,
-0x60975133, 0x4562537f, 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
-0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, 0x23ab73d3, 0xe2724b02,
-0x57e31f8f, 0x2a6655ab, 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
-0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, 0x2b8acf1c, 0x92a779b4,
-0xf0f307f2, 0xa14e69e2, 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
-0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, 0x390b83ec, 0xaa4060ef,
-0x065e719f, 0x51bd6e10, 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
-0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, 0x241998fb, 0x97d6bde9,
-0xcc894043, 0x7767d99e, 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
-0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, 0x83098086, 0x48322bed,
-0xac1e1170, 0x4e6c5a72, 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
-0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, 0xb10c0a67, 0x0f9357e7,
-0xd2b4ee96, 0x9e1b9b91, 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
-0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, 0x0b0e090d, 0xadf28bc7,
-0xb92db6a8, 0xc8141ea9, 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
-0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, 0x768b4329, 0xdccb23c6,
-0x68b6edfc, 0x63b8e4f1, 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
-0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, 0x4b1d9e2f, 0xf3dcb230,
-0xec0d8652, 0xd077c1e3, 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
-0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, 0xc787494e, 0xc1d938d1,
-0xfe8ccaa2, 0x3698d40b, 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
-0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, 0xc2f68d13, 0xe890d8b8,
-0x5e2e39f7, 0xf582c3af, 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
-0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, 0x09cd2678, 0xf46e5918,
-0x01ec9ab7, 0xa8834f9a, 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
-0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, 0xaf31a4b2, 0x312a3f23,
-0x30c6a594, 0xc035a266, 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
-0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, 0x8d764dd6, 0x4d43efb0,
-0x54ccaa4d, 0xdfe49604, 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
-0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, 0x5ab3671d, 0x5292dbd2,
-0x33e91056, 0x136dd647, 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
-0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, 0x599cd2df, 0x3f55f273,
-0x791814ce, 0xbf73c737, 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
-0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, 0x72161dc3, 0x0cbce225,
-0x8b283c49, 0x41ff0d95, 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
-0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv2[256] =
-{
-0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 0x9d1ff145,
-0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c,
-0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3, 0xb1de495a, 0xba25671b,
-0xea45980e, 0xfe5de1c0, 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9,
-0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321,
-0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71,
-0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, 0xdf63184a, 0x1ae58231,
-0x51976033, 0x5362457f, 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b,
-0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202,
-0x1fe3578f, 0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
-0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, 0x79a792b4,
-0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe,
-0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb, 0x830b39ec, 0x6040aaef,
-0x715e069f, 0x6ebd5110, 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd,
-0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9,
-0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee,
-0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, 0x80098386, 0x2b3248ed,
-0x111eac70, 0x5a6c4e72, 0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739,
-0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7,
-0xeeb4d296, 0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
-0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, 0x8bf2adc7,
-0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60,
-0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e, 0x438b7629, 0x23cbdcc6,
-0xedb668fc, 0xe4b863f1, 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011,
-0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330,
-0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264,
-0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, 0x4987c74e, 0x38d9c1d1,
-0xca8cfea2, 0xd498360b, 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf,
-0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8,
-0x392e5ef7, 0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
-0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, 0x596ef418,
-0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8,
-0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c, 0xa431afb2, 0x3f2a3123,
-0xa5c63094, 0xa235c066, 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8,
-0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0,
-0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51,
-0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, 0x67b35a1d, 0xdb9252d2,
-0x10e93356, 0xd66d1347, 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c,
-0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73,
-0x141879ce, 0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
-0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, 0xe2bc0c25,
-0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1,
-0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257
-};
-#else
-static const PRUint32 _TInv2[256] =
-{
-0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, 0x6bcb3bab, 0x45f11f9d,
-0x58abacfa, 0x03934be3, 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502,
-0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, 0x5a49deb1, 0x1b6725ba,
-0x0e9845ea, 0xc0e15dfe, 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3,
-0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, 0x832dd4be, 0x21d35874,
-0x692949e0, 0xc8448ec9, 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9,
-0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, 0x4a1863df, 0x3182e51a,
-0x33609751, 0x7f456253, 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908,
-0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, 0xd323ab73, 0x02e2724b,
-0x8f57e31f, 0xab2a6655, 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337,
-0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, 0x1c2b8acf, 0xb492a779,
-0xf2f0f307, 0xe2a14e69, 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6,
-0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, 0xec390b83, 0xefaa4060,
-0x9f065e71, 0x1051bd6e, 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6,
-0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, 0xfb241998, 0xe997d6bd,
-0x43cc8940, 0x9e7767d9, 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8,
-0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, 0x86830980, 0xed48322b,
-0x70ac1e11, 0x724e6c5a, 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d,
-0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, 0x67b10c0a, 0xe70f9357,
-0x96d2b4ee, 0x919e1b9b, 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12,
-0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, 0x0d0b0e09, 0xc7adf28b,
-0xa8b92db6, 0xa9c8141e, 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f,
-0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, 0x29768b43, 0xc6dccb23,
-0xfc68b6ed, 0xf163b8e4, 0xdccad731, 0x85104263, 0x22401397, 0x112084c6,
-0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, 0x2f4b1d9e, 0x30f3dcb2,
-0x52ec0d86, 0xe3d077c1, 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9,
-0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, 0x4ec78749, 0xd1c1d938,
-0xa2fe8cca, 0x0b3698d4, 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad,
-0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, 0x13c2f68d, 0xb8e890d8,
-0xf75e2e39, 0xaff582c3, 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25,
-0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, 0x7809cd26, 0x18f46e59,
-0xb701ec9a, 0x9aa8834f, 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15,
-0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, 0xb2af31a4, 0x23312a3f,
-0x9430c6a5, 0x66c035a2, 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7,
-0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, 0xd68d764d, 0xb04d43ef,
-0x4d54ccaa, 0x04dfe496, 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665,
-0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, 0x1d5ab367, 0xd25292db,
-0x5633e910, 0x47136dd6, 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13,
-0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, 0xdf599cd2, 0x733f55f2,
-0xce791814, 0x37bf73c7, 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844,
-0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, 0xc372161d, 0x250cbce2,
-0x498b283c, 0x9541ff0d, 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456,
-0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv3[256] =
-{
-0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 0x1ff1459d,
-0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02,
-0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362, 0xde495ab1, 0x25671bba,
-0x45980eea, 0x5de1c0fe, 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3,
-0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174,
-0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9,
-0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, 0x63184adf, 0xe582311a,
-0x97603351, 0x62457f53, 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08,
-0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b,
-0xe3578f1f, 0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
-0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, 0xa792b479,
-0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6,
-0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6, 0x0b39ec83, 0x40aaef60,
-0x5e069f71, 0xbd51106e, 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6,
-0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd,
-0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8,
-0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, 0x09838680, 0x3248ed2b,
-0x1eac7011, 0x6c4e725a, 0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d,
-0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757,
-0xb4d296ee, 0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
-0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, 0xf2adc78b,
-0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f,
-0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb, 0x8b762943, 0xcbdcc623,
-0xb668fced, 0xb863f1e4, 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6,
-0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2,
-0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9,
-0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, 0x87c74e49, 0xd9c1d138,
-0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad,
-0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8,
-0x2e5ef739, 0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
-0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, 0x6ef41859,
-0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815,
-0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0, 0x31afb2a4, 0x2a31233f,
-0xc63094a5, 0x35c066a2, 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7,
-0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef,
-0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165,
-0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, 0xb35a1d67, 0x9252d2db,
-0xe9335610, 0x6d1347d6, 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13,
-0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2,
-0x1879ce14, 0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
-0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, 0xbc0c25e2,
-0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156,
-0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8
-};
-#else
-static const PRUint32 _TInv3[256] =
-{
-0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f,
-0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5,
-0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725,
-0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b,
-0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358,
-0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27,
-0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5,
-0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9,
-0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272,
-0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3,
-0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7,
-0x07f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4,
-0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40,
-0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d,
-0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6,
-0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79,
-0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, 0x80868309, 0x2bed4832,
-0x1170ac1e, 0x5a724e6c, 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736,
-0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0x0a67b10c, 0x57e70f93,
-0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c,
-0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x090d0b0e, 0x8bc7adf2,
-0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3,
-0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb,
-0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084,
-0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc,
-0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247,
-0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9,
-0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f,
-0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890,
-0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf,
-0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e,
-0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef,
-0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a,
-0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533,
-0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43,
-0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46,
-0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, 0x671d5ab3, 0xdbd25292,
-0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb,
-0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55,
-0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678,
-0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc,
-0x3c498b28, 0x0d9541ff, 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064,
-0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC0[256] =
-{
-0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, 0x2c342438, 0x27392d36,
-0x3a2e3624, 0x31233f2a, 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362,
-0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, 0xb0d090e0, 0xbbdd99ee,
-0xa6ca82fc, 0xadc78bf2, 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca,
-0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, 0xc48cfca8, 0xcf81f5a6,
-0xd296eeb4, 0xd99be7ba, 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9,
-0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, 0x23d373ab, 0x28de7aa5,
-0x35c961b7, 0x3ec468b9, 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81,
-0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, 0xe75f8f03, 0xec52860d,
-0xf1459d1f, 0xfa489411, 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859,
-0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, 0xf66d76ad, 0xfd607fa3,
-0xe07764b1, 0xeb7a6dbf, 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987,
-0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, 0x82311ae5, 0x893c13eb,
-0x942b08f9, 0x9f2601f7, 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f,
-0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, 0x1ed5ae3d, 0x15d8a733,
-0x08cfbc21, 0x03c2b52f, 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117,
-0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, 0xa1e2694e, 0xaaef6040,
-0xb7f87b52, 0xbcf5725c, 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14,
-0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, 0x3d06dd96, 0x360bd498,
-0x2b1ccf8a, 0x2011c684, 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc,
-0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, 0x495ab1de, 0x4257b8d0,
-0x5f40a3c2, 0x544daacc, 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753,
-0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, 0xafb2a431, 0xa4bfad3f,
-0xb9a8b62d, 0xb2a5bf23, 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b,
-0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, 0x6b3e5899, 0x60335197,
-0x7d244a85, 0x7629438b, 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3,
-0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, 0x8c61d79a, 0x876cde94,
-0x9a7bc586, 0x9176cc88, 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0,
-0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, 0xf83dbbd2, 0xf330b2dc,
-0xee27a9ce, 0xe52aa0c0, 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68,
-0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, 0x64d90f0a, 0x6fd40604,
-0x72c31d16, 0x79ce1418, 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020,
-0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, 0x2d83bed4, 0x268eb7da,
-0x3b99acc8, 0x3094a5c6, 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e,
-0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, 0xb1670a0c, 0xba6a0302,
-0xa77d1810, 0xac70111e, 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526,
-0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, 0xc53b6644, 0xce366f4a,
-0xd3217458, 0xd82c7d56, 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25,
-0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, 0x2264e947, 0x2969e049,
-0x347efb5b, 0x3f73f255, 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d,
-0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, 0xe6e815ef, 0xede51ce1,
-0xf0f207f3, 0xfbff0efd, 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5,
-0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d
-};
-#else
-static const PRUint32 _IMXC0[256] =
-{
-0x00000000, 0x0e090d0b, 0x1c121a16, 0x121b171d, 0x3824342c, 0x362d3927,
-0x24362e3a, 0x2a3f2331, 0x70486858, 0x7e416553, 0x6c5a724e, 0x62537f45,
-0x486c5c74, 0x4665517f, 0x547e4662, 0x5a774b69, 0xe090d0b0, 0xee99ddbb,
-0xfc82caa6, 0xf28bc7ad, 0xd8b4e49c, 0xd6bde997, 0xc4a6fe8a, 0xcaaff381,
-0x90d8b8e8, 0x9ed1b5e3, 0x8ccaa2fe, 0x82c3aff5, 0xa8fc8cc4, 0xa6f581cf,
-0xb4ee96d2, 0xbae79bd9, 0xdb3bbb7b, 0xd532b670, 0xc729a16d, 0xc920ac66,
-0xe31f8f57, 0xed16825c, 0xff0d9541, 0xf104984a, 0xab73d323, 0xa57ade28,
-0xb761c935, 0xb968c43e, 0x9357e70f, 0x9d5eea04, 0x8f45fd19, 0x814cf012,
-0x3bab6bcb, 0x35a266c0, 0x27b971dd, 0x29b07cd6, 0x038f5fe7, 0x0d8652ec,
-0x1f9d45f1, 0x119448fa, 0x4be30393, 0x45ea0e98, 0x57f11985, 0x59f8148e,
-0x73c737bf, 0x7dce3ab4, 0x6fd52da9, 0x61dc20a2, 0xad766df6, 0xa37f60fd,
-0xb16477e0, 0xbf6d7aeb, 0x955259da, 0x9b5b54d1, 0x894043cc, 0x87494ec7,
-0xdd3e05ae, 0xd33708a5, 0xc12c1fb8, 0xcf2512b3, 0xe51a3182, 0xeb133c89,
-0xf9082b94, 0xf701269f, 0x4de6bd46, 0x43efb04d, 0x51f4a750, 0x5ffdaa5b,
-0x75c2896a, 0x7bcb8461, 0x69d0937c, 0x67d99e77, 0x3daed51e, 0x33a7d815,
-0x21bccf08, 0x2fb5c203, 0x058ae132, 0x0b83ec39, 0x1998fb24, 0x1791f62f,
-0x764dd68d, 0x7844db86, 0x6a5fcc9b, 0x6456c190, 0x4e69e2a1, 0x4060efaa,
-0x527bf8b7, 0x5c72f5bc, 0x0605bed5, 0x080cb3de, 0x1a17a4c3, 0x141ea9c8,
-0x3e218af9, 0x302887f2, 0x223390ef, 0x2c3a9de4, 0x96dd063d, 0x98d40b36,
-0x8acf1c2b, 0x84c61120, 0xaef93211, 0xa0f03f1a, 0xb2eb2807, 0xbce2250c,
-0xe6956e65, 0xe89c636e, 0xfa877473, 0xf48e7978, 0xdeb15a49, 0xd0b85742,
-0xc2a3405f, 0xccaa4d54, 0x41ecdaf7, 0x4fe5d7fc, 0x5dfec0e1, 0x53f7cdea,
-0x79c8eedb, 0x77c1e3d0, 0x65daf4cd, 0x6bd3f9c6, 0x31a4b2af, 0x3fadbfa4,
-0x2db6a8b9, 0x23bfa5b2, 0x09808683, 0x07898b88, 0x15929c95, 0x1b9b919e,
-0xa17c0a47, 0xaf75074c, 0xbd6e1051, 0xb3671d5a, 0x99583e6b, 0x97513360,
-0x854a247d, 0x8b432976, 0xd134621f, 0xdf3d6f14, 0xcd267809, 0xc32f7502,
-0xe9105633, 0xe7195b38, 0xf5024c25, 0xfb0b412e, 0x9ad7618c, 0x94de6c87,
-0x86c57b9a, 0x88cc7691, 0xa2f355a0, 0xacfa58ab, 0xbee14fb6, 0xb0e842bd,
-0xea9f09d4, 0xe49604df, 0xf68d13c2, 0xf8841ec9, 0xd2bb3df8, 0xdcb230f3,
-0xcea927ee, 0xc0a02ae5, 0x7a47b13c, 0x744ebc37, 0x6655ab2a, 0x685ca621,
-0x42638510, 0x4c6a881b, 0x5e719f06, 0x5078920d, 0x0a0fd964, 0x0406d46f,
-0x161dc372, 0x1814ce79, 0x322bed48, 0x3c22e043, 0x2e39f75e, 0x2030fa55,
-0xec9ab701, 0xe293ba0a, 0xf088ad17, 0xfe81a01c, 0xd4be832d, 0xdab78e26,
-0xc8ac993b, 0xc6a59430, 0x9cd2df59, 0x92dbd252, 0x80c0c54f, 0x8ec9c844,
-0xa4f6eb75, 0xaaffe67e, 0xb8e4f163, 0xb6edfc68, 0x0c0a67b1, 0x02036aba,
-0x10187da7, 0x1e1170ac, 0x342e539d, 0x3a275e96, 0x283c498b, 0x26354480,
-0x7c420fe9, 0x724b02e2, 0x605015ff, 0x6e5918f4, 0x44663bc5, 0x4a6f36ce,
-0x587421d3, 0x567d2cd8, 0x37a10c7a, 0x39a80171, 0x2bb3166c, 0x25ba1b67,
-0x0f853856, 0x018c355d, 0x13972240, 0x1d9e2f4b, 0x47e96422, 0x49e06929,
-0x5bfb7e34, 0x55f2733f, 0x7fcd500e, 0x71c45d05, 0x63df4a18, 0x6dd64713,
-0xd731dcca, 0xd938d1c1, 0xcb23c6dc, 0xc52acbd7, 0xef15e8e6, 0xe11ce5ed,
-0xf307f2f0, 0xfd0efffb, 0xa779b492, 0xa970b999, 0xbb6bae84, 0xb562a38f,
-0x9f5d80be, 0x91548db5, 0x834f9aa8, 0x8d4697a3
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC1[256] =
-{
-0x00000000, 0x0d090e0b, 0x1a121c16, 0x171b121d, 0x3424382c, 0x392d3627,
-0x2e36243a, 0x233f2a31, 0x68487058, 0x65417e53, 0x725a6c4e, 0x7f536245,
-0x5c6c4874, 0x5165467f, 0x467e5462, 0x4b775a69, 0xd090e0b0, 0xdd99eebb,
-0xca82fca6, 0xc78bf2ad, 0xe4b4d89c, 0xe9bdd697, 0xfea6c48a, 0xf3afca81,
-0xb8d890e8, 0xb5d19ee3, 0xa2ca8cfe, 0xafc382f5, 0x8cfca8c4, 0x81f5a6cf,
-0x96eeb4d2, 0x9be7bad9, 0xbb3bdb7b, 0xb632d570, 0xa129c76d, 0xac20c966,
-0x8f1fe357, 0x8216ed5c, 0x950dff41, 0x9804f14a, 0xd373ab23, 0xde7aa528,
-0xc961b735, 0xc468b93e, 0xe757930f, 0xea5e9d04, 0xfd458f19, 0xf04c8112,
-0x6bab3bcb, 0x66a235c0, 0x71b927dd, 0x7cb029d6, 0x5f8f03e7, 0x52860dec,
-0x459d1ff1, 0x489411fa, 0x03e34b93, 0x0eea4598, 0x19f15785, 0x14f8598e,
-0x37c773bf, 0x3ace7db4, 0x2dd56fa9, 0x20dc61a2, 0x6d76adf6, 0x607fa3fd,
-0x7764b1e0, 0x7a6dbfeb, 0x595295da, 0x545b9bd1, 0x434089cc, 0x4e4987c7,
-0x053eddae, 0x0837d3a5, 0x1f2cc1b8, 0x1225cfb3, 0x311ae582, 0x3c13eb89,
-0x2b08f994, 0x2601f79f, 0xbde64d46, 0xb0ef434d, 0xa7f45150, 0xaafd5f5b,
-0x89c2756a, 0x84cb7b61, 0x93d0697c, 0x9ed96777, 0xd5ae3d1e, 0xd8a73315,
-0xcfbc2108, 0xc2b52f03, 0xe18a0532, 0xec830b39, 0xfb981924, 0xf691172f,
-0xd64d768d, 0xdb447886, 0xcc5f6a9b, 0xc1566490, 0xe2694ea1, 0xef6040aa,
-0xf87b52b7, 0xf5725cbc, 0xbe0506d5, 0xb30c08de, 0xa4171ac3, 0xa91e14c8,
-0x8a213ef9, 0x872830f2, 0x903322ef, 0x9d3a2ce4, 0x06dd963d, 0x0bd49836,
-0x1ccf8a2b, 0x11c68420, 0x32f9ae11, 0x3ff0a01a, 0x28ebb207, 0x25e2bc0c,
-0x6e95e665, 0x639ce86e, 0x7487fa73, 0x798ef478, 0x5ab1de49, 0x57b8d042,
-0x40a3c25f, 0x4daacc54, 0xdaec41f7, 0xd7e54ffc, 0xc0fe5de1, 0xcdf753ea,
-0xeec879db, 0xe3c177d0, 0xf4da65cd, 0xf9d36bc6, 0xb2a431af, 0xbfad3fa4,
-0xa8b62db9, 0xa5bf23b2, 0x86800983, 0x8b890788, 0x9c921595, 0x919b1b9e,
-0x0a7ca147, 0x0775af4c, 0x106ebd51, 0x1d67b35a, 0x3e58996b, 0x33519760,
-0x244a857d, 0x29438b76, 0x6234d11f, 0x6f3ddf14, 0x7826cd09, 0x752fc302,
-0x5610e933, 0x5b19e738, 0x4c02f525, 0x410bfb2e, 0x61d79a8c, 0x6cde9487,
-0x7bc5869a, 0x76cc8891, 0x55f3a2a0, 0x58faacab, 0x4fe1beb6, 0x42e8b0bd,
-0x099fead4, 0x0496e4df, 0x138df6c2, 0x1e84f8c9, 0x3dbbd2f8, 0x30b2dcf3,
-0x27a9ceee, 0x2aa0c0e5, 0xb1477a3c, 0xbc4e7437, 0xab55662a, 0xa65c6821,
-0x85634210, 0x886a4c1b, 0x9f715e06, 0x9278500d, 0xd90f0a64, 0xd406046f,
-0xc31d1672, 0xce141879, 0xed2b3248, 0xe0223c43, 0xf7392e5e, 0xfa302055,
-0xb79aec01, 0xba93e20a, 0xad88f017, 0xa081fe1c, 0x83bed42d, 0x8eb7da26,
-0x99acc83b, 0x94a5c630, 0xdfd29c59, 0xd2db9252, 0xc5c0804f, 0xc8c98e44,
-0xebf6a475, 0xe6ffaa7e, 0xf1e4b863, 0xfcedb668, 0x670a0cb1, 0x6a0302ba,
-0x7d1810a7, 0x70111eac, 0x532e349d, 0x5e273a96, 0x493c288b, 0x44352680,
-0x0f427ce9, 0x024b72e2, 0x155060ff, 0x18596ef4, 0x3b6644c5, 0x366f4ace,
-0x217458d3, 0x2c7d56d8, 0x0ca1377a, 0x01a83971, 0x16b32b6c, 0x1bba2567,
-0x38850f56, 0x358c015d, 0x22971340, 0x2f9e1d4b, 0x64e94722, 0x69e04929,
-0x7efb5b34, 0x73f2553f, 0x50cd7f0e, 0x5dc47105, 0x4adf6318, 0x47d66d13,
-0xdc31d7ca, 0xd138d9c1, 0xc623cbdc, 0xcb2ac5d7, 0xe815efe6, 0xe51ce1ed,
-0xf207f3f0, 0xff0efdfb, 0xb479a792, 0xb970a999, 0xae6bbb84, 0xa362b58f,
-0x805d9fbe, 0x8d5491b5, 0x9a4f83a8, 0x97468da3
-};
-#else
-static const PRUint32 _IMXC1[256] =
-{
-0x00000000, 0x0b0e090d, 0x161c121a, 0x1d121b17, 0x2c382434, 0x27362d39,
-0x3a24362e, 0x312a3f23, 0x58704868, 0x537e4165, 0x4e6c5a72, 0x4562537f,
-0x74486c5c, 0x7f466551, 0x62547e46, 0x695a774b, 0xb0e090d0, 0xbbee99dd,
-0xa6fc82ca, 0xadf28bc7, 0x9cd8b4e4, 0x97d6bde9, 0x8ac4a6fe, 0x81caaff3,
-0xe890d8b8, 0xe39ed1b5, 0xfe8ccaa2, 0xf582c3af, 0xc4a8fc8c, 0xcfa6f581,
-0xd2b4ee96, 0xd9bae79b, 0x7bdb3bbb, 0x70d532b6, 0x6dc729a1, 0x66c920ac,
-0x57e31f8f, 0x5ced1682, 0x41ff0d95, 0x4af10498, 0x23ab73d3, 0x28a57ade,
-0x35b761c9, 0x3eb968c4, 0x0f9357e7, 0x049d5eea, 0x198f45fd, 0x12814cf0,
-0xcb3bab6b, 0xc035a266, 0xdd27b971, 0xd629b07c, 0xe7038f5f, 0xec0d8652,
-0xf11f9d45, 0xfa119448, 0x934be303, 0x9845ea0e, 0x8557f119, 0x8e59f814,
-0xbf73c737, 0xb47dce3a, 0xa96fd52d, 0xa261dc20, 0xf6ad766d, 0xfda37f60,
-0xe0b16477, 0xebbf6d7a, 0xda955259, 0xd19b5b54, 0xcc894043, 0xc787494e,
-0xaedd3e05, 0xa5d33708, 0xb8c12c1f, 0xb3cf2512, 0x82e51a31, 0x89eb133c,
-0x94f9082b, 0x9ff70126, 0x464de6bd, 0x4d43efb0, 0x5051f4a7, 0x5b5ffdaa,
-0x6a75c289, 0x617bcb84, 0x7c69d093, 0x7767d99e, 0x1e3daed5, 0x1533a7d8,
-0x0821bccf, 0x032fb5c2, 0x32058ae1, 0x390b83ec, 0x241998fb, 0x2f1791f6,
-0x8d764dd6, 0x867844db, 0x9b6a5fcc, 0x906456c1, 0xa14e69e2, 0xaa4060ef,
-0xb7527bf8, 0xbc5c72f5, 0xd50605be, 0xde080cb3, 0xc31a17a4, 0xc8141ea9,
-0xf93e218a, 0xf2302887, 0xef223390, 0xe42c3a9d, 0x3d96dd06, 0x3698d40b,
-0x2b8acf1c, 0x2084c611, 0x11aef932, 0x1aa0f03f, 0x07b2eb28, 0x0cbce225,
-0x65e6956e, 0x6ee89c63, 0x73fa8774, 0x78f48e79, 0x49deb15a, 0x42d0b857,
-0x5fc2a340, 0x54ccaa4d, 0xf741ecda, 0xfc4fe5d7, 0xe15dfec0, 0xea53f7cd,
-0xdb79c8ee, 0xd077c1e3, 0xcd65daf4, 0xc66bd3f9, 0xaf31a4b2, 0xa43fadbf,
-0xb92db6a8, 0xb223bfa5, 0x83098086, 0x8807898b, 0x9515929c, 0x9e1b9b91,
-0x47a17c0a, 0x4caf7507, 0x51bd6e10, 0x5ab3671d, 0x6b99583e, 0x60975133,
-0x7d854a24, 0x768b4329, 0x1fd13462, 0x14df3d6f, 0x09cd2678, 0x02c32f75,
-0x33e91056, 0x38e7195b, 0x25f5024c, 0x2efb0b41, 0x8c9ad761, 0x8794de6c,
-0x9a86c57b, 0x9188cc76, 0xa0a2f355, 0xabacfa58, 0xb6bee14f, 0xbdb0e842,
-0xd4ea9f09, 0xdfe49604, 0xc2f68d13, 0xc9f8841e, 0xf8d2bb3d, 0xf3dcb230,
-0xeecea927, 0xe5c0a02a, 0x3c7a47b1, 0x37744ebc, 0x2a6655ab, 0x21685ca6,
-0x10426385, 0x1b4c6a88, 0x065e719f, 0x0d507892, 0x640a0fd9, 0x6f0406d4,
-0x72161dc3, 0x791814ce, 0x48322bed, 0x433c22e0, 0x5e2e39f7, 0x552030fa,
-0x01ec9ab7, 0x0ae293ba, 0x17f088ad, 0x1cfe81a0, 0x2dd4be83, 0x26dab78e,
-0x3bc8ac99, 0x30c6a594, 0x599cd2df, 0x5292dbd2, 0x4f80c0c5, 0x448ec9c8,
-0x75a4f6eb, 0x7eaaffe6, 0x63b8e4f1, 0x68b6edfc, 0xb10c0a67, 0xba02036a,
-0xa710187d, 0xac1e1170, 0x9d342e53, 0x963a275e, 0x8b283c49, 0x80263544,
-0xe97c420f, 0xe2724b02, 0xff605015, 0xf46e5918, 0xc544663b, 0xce4a6f36,
-0xd3587421, 0xd8567d2c, 0x7a37a10c, 0x7139a801, 0x6c2bb316, 0x6725ba1b,
-0x560f8538, 0x5d018c35, 0x40139722, 0x4b1d9e2f, 0x2247e964, 0x2949e069,
-0x345bfb7e, 0x3f55f273, 0x0e7fcd50, 0x0571c45d, 0x1863df4a, 0x136dd647,
-0xcad731dc, 0xc1d938d1, 0xdccb23c6, 0xd7c52acb, 0xe6ef15e8, 0xede11ce5,
-0xf0f307f2, 0xfbfd0eff, 0x92a779b4, 0x99a970b9, 0x84bb6bae, 0x8fb562a3,
-0xbe9f5d80, 0xb591548d, 0xa8834f9a, 0xa38d4697
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC2[256] =
-{
-0x00000000, 0x090e0b0d, 0x121c161a, 0x1b121d17, 0x24382c34, 0x2d362739,
-0x36243a2e, 0x3f2a3123, 0x48705868, 0x417e5365, 0x5a6c4e72, 0x5362457f,
-0x6c48745c, 0x65467f51, 0x7e546246, 0x775a694b, 0x90e0b0d0, 0x99eebbdd,
-0x82fca6ca, 0x8bf2adc7, 0xb4d89ce4, 0xbdd697e9, 0xa6c48afe, 0xafca81f3,
-0xd890e8b8, 0xd19ee3b5, 0xca8cfea2, 0xc382f5af, 0xfca8c48c, 0xf5a6cf81,
-0xeeb4d296, 0xe7bad99b, 0x3bdb7bbb, 0x32d570b6, 0x29c76da1, 0x20c966ac,
-0x1fe3578f, 0x16ed5c82, 0x0dff4195, 0x04f14a98, 0x73ab23d3, 0x7aa528de,
-0x61b735c9, 0x68b93ec4, 0x57930fe7, 0x5e9d04ea, 0x458f19fd, 0x4c8112f0,
-0xab3bcb6b, 0xa235c066, 0xb927dd71, 0xb029d67c, 0x8f03e75f, 0x860dec52,
-0x9d1ff145, 0x9411fa48, 0xe34b9303, 0xea45980e, 0xf1578519, 0xf8598e14,
-0xc773bf37, 0xce7db43a, 0xd56fa92d, 0xdc61a220, 0x76adf66d, 0x7fa3fd60,
-0x64b1e077, 0x6dbfeb7a, 0x5295da59, 0x5b9bd154, 0x4089cc43, 0x4987c74e,
-0x3eddae05, 0x37d3a508, 0x2cc1b81f, 0x25cfb312, 0x1ae58231, 0x13eb893c,
-0x08f9942b, 0x01f79f26, 0xe64d46bd, 0xef434db0, 0xf45150a7, 0xfd5f5baa,
-0xc2756a89, 0xcb7b6184, 0xd0697c93, 0xd967779e, 0xae3d1ed5, 0xa73315d8,
-0xbc2108cf, 0xb52f03c2, 0x8a0532e1, 0x830b39ec, 0x981924fb, 0x91172ff6,
-0x4d768dd6, 0x447886db, 0x5f6a9bcc, 0x566490c1, 0x694ea1e2, 0x6040aaef,
-0x7b52b7f8, 0x725cbcf5, 0x0506d5be, 0x0c08deb3, 0x171ac3a4, 0x1e14c8a9,
-0x213ef98a, 0x2830f287, 0x3322ef90, 0x3a2ce49d, 0xdd963d06, 0xd498360b,
-0xcf8a2b1c, 0xc6842011, 0xf9ae1132, 0xf0a01a3f, 0xebb20728, 0xe2bc0c25,
-0x95e6656e, 0x9ce86e63, 0x87fa7374, 0x8ef47879, 0xb1de495a, 0xb8d04257,
-0xa3c25f40, 0xaacc544d, 0xec41f7da, 0xe54ffcd7, 0xfe5de1c0, 0xf753eacd,
-0xc879dbee, 0xc177d0e3, 0xda65cdf4, 0xd36bc6f9, 0xa431afb2, 0xad3fa4bf,
-0xb62db9a8, 0xbf23b2a5, 0x80098386, 0x8907888b, 0x9215959c, 0x9b1b9e91,
-0x7ca1470a, 0x75af4c07, 0x6ebd5110, 0x67b35a1d, 0x58996b3e, 0x51976033,
-0x4a857d24, 0x438b7629, 0x34d11f62, 0x3ddf146f, 0x26cd0978, 0x2fc30275,
-0x10e93356, 0x19e7385b, 0x02f5254c, 0x0bfb2e41, 0xd79a8c61, 0xde94876c,
-0xc5869a7b, 0xcc889176, 0xf3a2a055, 0xfaacab58, 0xe1beb64f, 0xe8b0bd42,
-0x9fead409, 0x96e4df04, 0x8df6c213, 0x84f8c91e, 0xbbd2f83d, 0xb2dcf330,
-0xa9ceee27, 0xa0c0e52a, 0x477a3cb1, 0x4e7437bc, 0x55662aab, 0x5c6821a6,
-0x63421085, 0x6a4c1b88, 0x715e069f, 0x78500d92, 0x0f0a64d9, 0x06046fd4,
-0x1d1672c3, 0x141879ce, 0x2b3248ed, 0x223c43e0, 0x392e5ef7, 0x302055fa,
-0x9aec01b7, 0x93e20aba, 0x88f017ad, 0x81fe1ca0, 0xbed42d83, 0xb7da268e,
-0xacc83b99, 0xa5c63094, 0xd29c59df, 0xdb9252d2, 0xc0804fc5, 0xc98e44c8,
-0xf6a475eb, 0xffaa7ee6, 0xe4b863f1, 0xedb668fc, 0x0a0cb167, 0x0302ba6a,
-0x1810a77d, 0x111eac70, 0x2e349d53, 0x273a965e, 0x3c288b49, 0x35268044,
-0x427ce90f, 0x4b72e202, 0x5060ff15, 0x596ef418, 0x6644c53b, 0x6f4ace36,
-0x7458d321, 0x7d56d82c, 0xa1377a0c, 0xa8397101, 0xb32b6c16, 0xba25671b,
-0x850f5638, 0x8c015d35, 0x97134022, 0x9e1d4b2f, 0xe9472264, 0xe0492969,
-0xfb5b347e, 0xf2553f73, 0xcd7f0e50, 0xc471055d, 0xdf63184a, 0xd66d1347,
-0x31d7cadc, 0x38d9c1d1, 0x23cbdcc6, 0x2ac5d7cb, 0x15efe6e8, 0x1ce1ede5,
-0x07f3f0f2, 0x0efdfbff, 0x79a792b4, 0x70a999b9, 0x6bbb84ae, 0x62b58fa3,
-0x5d9fbe80, 0x5491b58d, 0x4f83a89a, 0x468da397
-};
-#else
-static const PRUint32 _IMXC2[256] =
-{
-0x00000000, 0x0d0b0e09, 0x1a161c12, 0x171d121b, 0x342c3824, 0x3927362d,
-0x2e3a2436, 0x23312a3f, 0x68587048, 0x65537e41, 0x724e6c5a, 0x7f456253,
-0x5c74486c, 0x517f4665, 0x4662547e, 0x4b695a77, 0xd0b0e090, 0xddbbee99,
-0xcaa6fc82, 0xc7adf28b, 0xe49cd8b4, 0xe997d6bd, 0xfe8ac4a6, 0xf381caaf,
-0xb8e890d8, 0xb5e39ed1, 0xa2fe8cca, 0xaff582c3, 0x8cc4a8fc, 0x81cfa6f5,
-0x96d2b4ee, 0x9bd9bae7, 0xbb7bdb3b, 0xb670d532, 0xa16dc729, 0xac66c920,
-0x8f57e31f, 0x825ced16, 0x9541ff0d, 0x984af104, 0xd323ab73, 0xde28a57a,
-0xc935b761, 0xc43eb968, 0xe70f9357, 0xea049d5e, 0xfd198f45, 0xf012814c,
-0x6bcb3bab, 0x66c035a2, 0x71dd27b9, 0x7cd629b0, 0x5fe7038f, 0x52ec0d86,
-0x45f11f9d, 0x48fa1194, 0x03934be3, 0x0e9845ea, 0x198557f1, 0x148e59f8,
-0x37bf73c7, 0x3ab47dce, 0x2da96fd5, 0x20a261dc, 0x6df6ad76, 0x60fda37f,
-0x77e0b164, 0x7aebbf6d, 0x59da9552, 0x54d19b5b, 0x43cc8940, 0x4ec78749,
-0x05aedd3e, 0x08a5d337, 0x1fb8c12c, 0x12b3cf25, 0x3182e51a, 0x3c89eb13,
-0x2b94f908, 0x269ff701, 0xbd464de6, 0xb04d43ef, 0xa75051f4, 0xaa5b5ffd,
-0x896a75c2, 0x84617bcb, 0x937c69d0, 0x9e7767d9, 0xd51e3dae, 0xd81533a7,
-0xcf0821bc, 0xc2032fb5, 0xe132058a, 0xec390b83, 0xfb241998, 0xf62f1791,
-0xd68d764d, 0xdb867844, 0xcc9b6a5f, 0xc1906456, 0xe2a14e69, 0xefaa4060,
-0xf8b7527b, 0xf5bc5c72, 0xbed50605, 0xb3de080c, 0xa4c31a17, 0xa9c8141e,
-0x8af93e21, 0x87f23028, 0x90ef2233, 0x9de42c3a, 0x063d96dd, 0x0b3698d4,
-0x1c2b8acf, 0x112084c6, 0x3211aef9, 0x3f1aa0f0, 0x2807b2eb, 0x250cbce2,
-0x6e65e695, 0x636ee89c, 0x7473fa87, 0x7978f48e, 0x5a49deb1, 0x5742d0b8,
-0x405fc2a3, 0x4d54ccaa, 0xdaf741ec, 0xd7fc4fe5, 0xc0e15dfe, 0xcdea53f7,
-0xeedb79c8, 0xe3d077c1, 0xf4cd65da, 0xf9c66bd3, 0xb2af31a4, 0xbfa43fad,
-0xa8b92db6, 0xa5b223bf, 0x86830980, 0x8b880789, 0x9c951592, 0x919e1b9b,
-0x0a47a17c, 0x074caf75, 0x1051bd6e, 0x1d5ab367, 0x3e6b9958, 0x33609751,
-0x247d854a, 0x29768b43, 0x621fd134, 0x6f14df3d, 0x7809cd26, 0x7502c32f,
-0x5633e910, 0x5b38e719, 0x4c25f502, 0x412efb0b, 0x618c9ad7, 0x6c8794de,
-0x7b9a86c5, 0x769188cc, 0x55a0a2f3, 0x58abacfa, 0x4fb6bee1, 0x42bdb0e8,
-0x09d4ea9f, 0x04dfe496, 0x13c2f68d, 0x1ec9f884, 0x3df8d2bb, 0x30f3dcb2,
-0x27eecea9, 0x2ae5c0a0, 0xb13c7a47, 0xbc37744e, 0xab2a6655, 0xa621685c,
-0x85104263, 0x881b4c6a, 0x9f065e71, 0x920d5078, 0xd9640a0f, 0xd46f0406,
-0xc372161d, 0xce791814, 0xed48322b, 0xe0433c22, 0xf75e2e39, 0xfa552030,
-0xb701ec9a, 0xba0ae293, 0xad17f088, 0xa01cfe81, 0x832dd4be, 0x8e26dab7,
-0x993bc8ac, 0x9430c6a5, 0xdf599cd2, 0xd25292db, 0xc54f80c0, 0xc8448ec9,
-0xeb75a4f6, 0xe67eaaff, 0xf163b8e4, 0xfc68b6ed, 0x67b10c0a, 0x6aba0203,
-0x7da71018, 0x70ac1e11, 0x539d342e, 0x5e963a27, 0x498b283c, 0x44802635,
-0x0fe97c42, 0x02e2724b, 0x15ff6050, 0x18f46e59, 0x3bc54466, 0x36ce4a6f,
-0x21d35874, 0x2cd8567d, 0x0c7a37a1, 0x017139a8, 0x166c2bb3, 0x1b6725ba,
-0x38560f85, 0x355d018c, 0x22401397, 0x2f4b1d9e, 0x642247e9, 0x692949e0,
-0x7e345bfb, 0x733f55f2, 0x500e7fcd, 0x5d0571c4, 0x4a1863df, 0x47136dd6,
-0xdccad731, 0xd1c1d938, 0xc6dccb23, 0xcbd7c52a, 0xe8e6ef15, 0xe5ede11c,
-0xf2f0f307, 0xfffbfd0e, 0xb492a779, 0xb999a970, 0xae84bb6b, 0xa38fb562,
-0x80be9f5d, 0x8db59154, 0x9aa8834f, 0x97a38d46
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC3[256] =
-{
-0x00000000, 0x0e0b0d09, 0x1c161a12, 0x121d171b, 0x382c3424, 0x3627392d,
-0x243a2e36, 0x2a31233f, 0x70586848, 0x7e536541, 0x6c4e725a, 0x62457f53,
-0x48745c6c, 0x467f5165, 0x5462467e, 0x5a694b77, 0xe0b0d090, 0xeebbdd99,
-0xfca6ca82, 0xf2adc78b, 0xd89ce4b4, 0xd697e9bd, 0xc48afea6, 0xca81f3af,
-0x90e8b8d8, 0x9ee3b5d1, 0x8cfea2ca, 0x82f5afc3, 0xa8c48cfc, 0xa6cf81f5,
-0xb4d296ee, 0xbad99be7, 0xdb7bbb3b, 0xd570b632, 0xc76da129, 0xc966ac20,
-0xe3578f1f, 0xed5c8216, 0xff41950d, 0xf14a9804, 0xab23d373, 0xa528de7a,
-0xb735c961, 0xb93ec468, 0x930fe757, 0x9d04ea5e, 0x8f19fd45, 0x8112f04c,
-0x3bcb6bab, 0x35c066a2, 0x27dd71b9, 0x29d67cb0, 0x03e75f8f, 0x0dec5286,
-0x1ff1459d, 0x11fa4894, 0x4b9303e3, 0x45980eea, 0x578519f1, 0x598e14f8,
-0x73bf37c7, 0x7db43ace, 0x6fa92dd5, 0x61a220dc, 0xadf66d76, 0xa3fd607f,
-0xb1e07764, 0xbfeb7a6d, 0x95da5952, 0x9bd1545b, 0x89cc4340, 0x87c74e49,
-0xddae053e, 0xd3a50837, 0xc1b81f2c, 0xcfb31225, 0xe582311a, 0xeb893c13,
-0xf9942b08, 0xf79f2601, 0x4d46bde6, 0x434db0ef, 0x5150a7f4, 0x5f5baafd,
-0x756a89c2, 0x7b6184cb, 0x697c93d0, 0x67779ed9, 0x3d1ed5ae, 0x3315d8a7,
-0x2108cfbc, 0x2f03c2b5, 0x0532e18a, 0x0b39ec83, 0x1924fb98, 0x172ff691,
-0x768dd64d, 0x7886db44, 0x6a9bcc5f, 0x6490c156, 0x4ea1e269, 0x40aaef60,
-0x52b7f87b, 0x5cbcf572, 0x06d5be05, 0x08deb30c, 0x1ac3a417, 0x14c8a91e,
-0x3ef98a21, 0x30f28728, 0x22ef9033, 0x2ce49d3a, 0x963d06dd, 0x98360bd4,
-0x8a2b1ccf, 0x842011c6, 0xae1132f9, 0xa01a3ff0, 0xb20728eb, 0xbc0c25e2,
-0xe6656e95, 0xe86e639c, 0xfa737487, 0xf478798e, 0xde495ab1, 0xd04257b8,
-0xc25f40a3, 0xcc544daa, 0x41f7daec, 0x4ffcd7e5, 0x5de1c0fe, 0x53eacdf7,
-0x79dbeec8, 0x77d0e3c1, 0x65cdf4da, 0x6bc6f9d3, 0x31afb2a4, 0x3fa4bfad,
-0x2db9a8b6, 0x23b2a5bf, 0x09838680, 0x07888b89, 0x15959c92, 0x1b9e919b,
-0xa1470a7c, 0xaf4c0775, 0xbd51106e, 0xb35a1d67, 0x996b3e58, 0x97603351,
-0x857d244a, 0x8b762943, 0xd11f6234, 0xdf146f3d, 0xcd097826, 0xc302752f,
-0xe9335610, 0xe7385b19, 0xf5254c02, 0xfb2e410b, 0x9a8c61d7, 0x94876cde,
-0x869a7bc5, 0x889176cc, 0xa2a055f3, 0xacab58fa, 0xbeb64fe1, 0xb0bd42e8,
-0xead4099f, 0xe4df0496, 0xf6c2138d, 0xf8c91e84, 0xd2f83dbb, 0xdcf330b2,
-0xceee27a9, 0xc0e52aa0, 0x7a3cb147, 0x7437bc4e, 0x662aab55, 0x6821a65c,
-0x42108563, 0x4c1b886a, 0x5e069f71, 0x500d9278, 0x0a64d90f, 0x046fd406,
-0x1672c31d, 0x1879ce14, 0x3248ed2b, 0x3c43e022, 0x2e5ef739, 0x2055fa30,
-0xec01b79a, 0xe20aba93, 0xf017ad88, 0xfe1ca081, 0xd42d83be, 0xda268eb7,
-0xc83b99ac, 0xc63094a5, 0x9c59dfd2, 0x9252d2db, 0x804fc5c0, 0x8e44c8c9,
-0xa475ebf6, 0xaa7ee6ff, 0xb863f1e4, 0xb668fced, 0x0cb1670a, 0x02ba6a03,
-0x10a77d18, 0x1eac7011, 0x349d532e, 0x3a965e27, 0x288b493c, 0x26804435,
-0x7ce90f42, 0x72e2024b, 0x60ff1550, 0x6ef41859, 0x44c53b66, 0x4ace366f,
-0x58d32174, 0x56d82c7d, 0x377a0ca1, 0x397101a8, 0x2b6c16b3, 0x25671bba,
-0x0f563885, 0x015d358c, 0x13402297, 0x1d4b2f9e, 0x472264e9, 0x492969e0,
-0x5b347efb, 0x553f73f2, 0x7f0e50cd, 0x71055dc4, 0x63184adf, 0x6d1347d6,
-0xd7cadc31, 0xd9c1d138, 0xcbdcc623, 0xc5d7cb2a, 0xefe6e815, 0xe1ede51c,
-0xf3f0f207, 0xfdfbff0e, 0xa792b479, 0xa999b970, 0xbb84ae6b, 0xb58fa362,
-0x9fbe805d, 0x91b58d54, 0x83a89a4f, 0x8da39746
-};
-#else
-static const PRUint32 _IMXC3[256] =
-{
-0x00000000, 0x090d0b0e, 0x121a161c, 0x1b171d12, 0x24342c38, 0x2d392736,
-0x362e3a24, 0x3f23312a, 0x48685870, 0x4165537e, 0x5a724e6c, 0x537f4562,
-0x6c5c7448, 0x65517f46, 0x7e466254, 0x774b695a, 0x90d0b0e0, 0x99ddbbee,
-0x82caa6fc, 0x8bc7adf2, 0xb4e49cd8, 0xbde997d6, 0xa6fe8ac4, 0xaff381ca,
-0xd8b8e890, 0xd1b5e39e, 0xcaa2fe8c, 0xc3aff582, 0xfc8cc4a8, 0xf581cfa6,
-0xee96d2b4, 0xe79bd9ba, 0x3bbb7bdb, 0x32b670d5, 0x29a16dc7, 0x20ac66c9,
-0x1f8f57e3, 0x16825ced, 0x0d9541ff, 0x04984af1, 0x73d323ab, 0x7ade28a5,
-0x61c935b7, 0x68c43eb9, 0x57e70f93, 0x5eea049d, 0x45fd198f, 0x4cf01281,
-0xab6bcb3b, 0xa266c035, 0xb971dd27, 0xb07cd629, 0x8f5fe703, 0x8652ec0d,
-0x9d45f11f, 0x9448fa11, 0xe303934b, 0xea0e9845, 0xf1198557, 0xf8148e59,
-0xc737bf73, 0xce3ab47d, 0xd52da96f, 0xdc20a261, 0x766df6ad, 0x7f60fda3,
-0x6477e0b1, 0x6d7aebbf, 0x5259da95, 0x5b54d19b, 0x4043cc89, 0x494ec787,
-0x3e05aedd, 0x3708a5d3, 0x2c1fb8c1, 0x2512b3cf, 0x1a3182e5, 0x133c89eb,
-0x082b94f9, 0x01269ff7, 0xe6bd464d, 0xefb04d43, 0xf4a75051, 0xfdaa5b5f,
-0xc2896a75, 0xcb84617b, 0xd0937c69, 0xd99e7767, 0xaed51e3d, 0xa7d81533,
-0xbccf0821, 0xb5c2032f, 0x8ae13205, 0x83ec390b, 0x98fb2419, 0x91f62f17,
-0x4dd68d76, 0x44db8678, 0x5fcc9b6a, 0x56c19064, 0x69e2a14e, 0x60efaa40,
-0x7bf8b752, 0x72f5bc5c, 0x05bed506, 0x0cb3de08, 0x17a4c31a, 0x1ea9c814,
-0x218af93e, 0x2887f230, 0x3390ef22, 0x3a9de42c, 0xdd063d96, 0xd40b3698,
-0xcf1c2b8a, 0xc6112084, 0xf93211ae, 0xf03f1aa0, 0xeb2807b2, 0xe2250cbc,
-0x956e65e6, 0x9c636ee8, 0x877473fa, 0x8e7978f4, 0xb15a49de, 0xb85742d0,
-0xa3405fc2, 0xaa4d54cc, 0xecdaf741, 0xe5d7fc4f, 0xfec0e15d, 0xf7cdea53,
-0xc8eedb79, 0xc1e3d077, 0xdaf4cd65, 0xd3f9c66b, 0xa4b2af31, 0xadbfa43f,
-0xb6a8b92d, 0xbfa5b223, 0x80868309, 0x898b8807, 0x929c9515, 0x9b919e1b,
-0x7c0a47a1, 0x75074caf, 0x6e1051bd, 0x671d5ab3, 0x583e6b99, 0x51336097,
-0x4a247d85, 0x4329768b, 0x34621fd1, 0x3d6f14df, 0x267809cd, 0x2f7502c3,
-0x105633e9, 0x195b38e7, 0x024c25f5, 0x0b412efb, 0xd7618c9a, 0xde6c8794,
-0xc57b9a86, 0xcc769188, 0xf355a0a2, 0xfa58abac, 0xe14fb6be, 0xe842bdb0,
-0x9f09d4ea, 0x9604dfe4, 0x8d13c2f6, 0x841ec9f8, 0xbb3df8d2, 0xb230f3dc,
-0xa927eece, 0xa02ae5c0, 0x47b13c7a, 0x4ebc3774, 0x55ab2a66, 0x5ca62168,
-0x63851042, 0x6a881b4c, 0x719f065e, 0x78920d50, 0x0fd9640a, 0x06d46f04,
-0x1dc37216, 0x14ce7918, 0x2bed4832, 0x22e0433c, 0x39f75e2e, 0x30fa5520,
-0x9ab701ec, 0x93ba0ae2, 0x88ad17f0, 0x81a01cfe, 0xbe832dd4, 0xb78e26da,
-0xac993bc8, 0xa59430c6, 0xd2df599c, 0xdbd25292, 0xc0c54f80, 0xc9c8448e,
-0xf6eb75a4, 0xffe67eaa, 0xe4f163b8, 0xedfc68b6, 0x0a67b10c, 0x036aba02,
-0x187da710, 0x1170ac1e, 0x2e539d34, 0x275e963a, 0x3c498b28, 0x35448026,
-0x420fe97c, 0x4b02e272, 0x5015ff60, 0x5918f46e, 0x663bc544, 0x6f36ce4a,
-0x7421d358, 0x7d2cd856, 0xa10c7a37, 0xa8017139, 0xb3166c2b, 0xba1b6725,
-0x8538560f, 0x8c355d01, 0x97224013, 0x9e2f4b1d, 0xe9642247, 0xe0692949,
-0xfb7e345b, 0xf2733f55, 0xcd500e7f, 0xc45d0571, 0xdf4a1863, 0xd647136d,
-0x31dccad7, 0x38d1c1d9, 0x23c6dccb, 0x2acbd7c5, 0x15e8e6ef, 0x1ce5ede1,
-0x07f2f0f3, 0x0efffbfd, 0x79b492a7, 0x70b999a9, 0x6bae84bb, 0x62a38fb5,
-0x5d80be9f, 0x548db591, 0x4f9aa883, 0x4697a38d
-};
-#endif
-
-#endif /* RIJNDAEL_INCLUDE_TABLES */
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 Rcon[30] = {
-0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020,
-0x00000040, 0x00000080, 0x0000001b, 0x00000036, 0x0000006c, 0x000000d8,
-0x000000ab, 0x0000004d, 0x0000009a, 0x0000002f, 0x0000005e, 0x000000bc,
-0x00000063, 0x000000c6, 0x00000097, 0x00000035, 0x0000006a, 0x000000d4,
-0x000000b3, 0x0000007d, 0x000000fa, 0x000000ef, 0x000000c5, 0x00000091
-};
-#else
-static const PRUint32 Rcon[30] = {
-0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
-0x40000000, 0x80000000, 0x1b000000, 0x36000000, 0x6c000000, 0xd8000000,
-0xab000000, 0x4d000000, 0x9a000000, 0x2f000000, 0x5e000000, 0xbc000000,
-0x63000000, 0xc6000000, 0x97000000, 0x35000000, 0x6a000000, 0xd4000000,
-0xb3000000, 0x7d000000, 0xfa000000, 0xef000000, 0xc5000000, 0x91000000
-};
-#endif
-
diff --git a/security/nss/lib/freebl/rijndael_tables.c b/security/nss/lib/freebl/rijndael_tables.c
deleted file mode 100644
index 6f1957468..000000000
--- a/security/nss/lib/freebl/rijndael_tables.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "stdio.h"
-#include "prtypes.h"
-#include "blapi.h"
-
-/*
- * what follows is code thrown together to generate the myriad of tables
- * used by Rijndael, the AES cipher.
- */
-
-
-#define WORD_LE(b0, b1, b2, b3) \
- (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | b0)
-
-#define WORD_BE(b0, b1, b2, b3) \
- (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | b3)
-
-static const PRUint8 __S[256] =
-{
- 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
-202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
-183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
- 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
- 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
- 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
-208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
- 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
-205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
- 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
-224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
-231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
-186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
-112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
-225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
-140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22,
-};
-
-static const PRUint8 __SInv[256] =
-{
- 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
-124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
- 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
- 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
-114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
-108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
-144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
-208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
- 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
-150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
- 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
-252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
- 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
- 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
-160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
- 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125
-};
-
-/* GF_MULTIPLY
- *
- * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
- */
-PRUint8 gf_multiply(PRUint8 a, PRUint8 b)
-{
- PRUint8 res = 0;
- while (b > 0) {
- res = (b & 0x01) ? res ^ a : res;
- a = (a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1);
- b >>= 1;
- }
- return res;
-}
-
-void
-make_T_Table(char *table, const PRUint8 Sx[256], FILE *file,
- unsigned char m0, unsigned char m1,
- unsigned char m2, unsigned char m3)
-{
- PRUint32 Ti;
- int i;
- fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
- fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
- for (i=0; i<256; i++) {
- Ti = WORD_LE( gf_multiply(Sx[i], m0),
- gf_multiply(Sx[i], m1),
- gf_multiply(Sx[i], m2),
- gf_multiply(Sx[i], m3) );
- if (Ti == 0)
- fprintf(file, "0x00000000%c%c", (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- else
- fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#else\n");
- fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
- for (i=0; i<256; i++) {
- Ti = WORD_BE( gf_multiply(Sx[i], m0),
- gf_multiply(Sx[i], m1),
- gf_multiply(Sx[i], m2),
- gf_multiply(Sx[i], m3) );
- if (Ti == 0)
- fprintf(file, "0x00000000%c%c", (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- else
- fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#endif\n\n");
-}
-
-void make_InvMixCol_Table(int num, FILE *file, PRUint8 m0, PRUint8 m1, PRUint8 m2, PRUint8 m3)
-{
- PRUint16 i;
- PRUint8 b0, b1, b2, b3;
- fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
- fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
- for (i=0; i<256; i++) {
- b0 = gf_multiply(i, m0);
- b1 = gf_multiply(i, m1);
- b2 = gf_multiply(i, m2);
- b3 = gf_multiply(i, m3);
- fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b3, b2, b1, b0, (i==255)?' ':',', (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#else\n");
- fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
- for (i=0; i<256; i++) {
- b0 = gf_multiply(i, m0);
- b1 = gf_multiply(i, m1);
- b2 = gf_multiply(i, m2);
- b3 = gf_multiply(i, m3);
- fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b0, b1, b2, b3, (i==255)?' ':',', (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#endif\n\n");
-}
-
-int main()
-{
- int i, j;
- PRUint8 cur, last;
- PRUint32 tmp;
- FILE *optfile;
- optfile = fopen("rijndael32.tab", "w");
- /* output S, if there are no T tables */
- fprintf(optfile, "#ifndef RIJNDAEL_INCLUDE_TABLES\n");
- fprintf(optfile, "static const PRUint8 _S[256] = \n{\n");
- for (i=0; i<256; i++) {
- fprintf(optfile, "%3d%c%c", __S[i],(i==255)?' ':',',
- (i%16==15)?'\n':' ');
- }
- fprintf(optfile, "};\n#endif /* not RIJNDAEL_INCLUDE_TABLES */\n\n");
- /* output S**-1 */
- fprintf(optfile, "static const PRUint8 _SInv[256] = \n{\n");
- for (i=0; i<256; i++) {
- fprintf(optfile, "%3d%c%c", __SInv[i],(i==255)?' ':',',
- (i%16==15)?'\n':' ');
- }
- fprintf(optfile, "};\n\n");
- fprintf(optfile, "#ifdef RIJNDAEL_INCLUDE_TABLES\n");
- /* The 32-bit word tables for optimized implementation */
- /* T0 = [ S[a] * 02, S[a], S[a], S[a] * 03 ] */
- make_T_Table("0", __S, optfile, 0x02, 0x01, 0x01, 0x03);
- /* T1 = [ S[a] * 03, S[a] * 02, S[a], S[a] ] */
- make_T_Table("1", __S, optfile, 0x03, 0x02, 0x01, 0x01);
- /* T2 = [ S[a], S[a] * 03, S[a] * 02, S[a] ] */
- make_T_Table("2", __S, optfile, 0x01, 0x03, 0x02, 0x01);
- /* T3 = [ S[a], S[a], S[a] * 03, S[a] * 02 ] */
- make_T_Table("3", __S, optfile, 0x01, 0x01, 0x03, 0x02);
- /* TInv0 = [ Si[a] * 0E, Si[a] * 09, Si[a] * 0D, Si[a] * 0B ] */
- make_T_Table("Inv0", __SInv, optfile, 0x0e, 0x09, 0x0d, 0x0b);
- /* TInv1 = [ Si[a] * 0B, Si[a] * 0E, Si[a] * 09, Si[a] * 0D ] */
- make_T_Table("Inv1", __SInv, optfile, 0x0b, 0x0e, 0x09, 0x0d);
- /* TInv2 = [ Si[a] * 0D, Si[a] * 0B, Si[a] * 0E, Si[a] * 09 ] */
- make_T_Table("Inv2", __SInv, optfile, 0x0d, 0x0b, 0x0e, 0x09);
- /* TInv3 = [ Si[a] * 09, Si[a] * 0D, Si[a] * 0B, Si[a] * 0E ] */
- make_T_Table("Inv3", __SInv, optfile, 0x09, 0x0d, 0x0b, 0x0e);
- /* byte multiply tables for inverse key expansion (mimics InvMixColumn) */
- make_InvMixCol_Table(0, optfile, 0x0e, 0x09, 0x0d, 0x0b);
- make_InvMixCol_Table(1, optfile, 0x0b, 0x0E, 0x09, 0x0d);
- make_InvMixCol_Table(2, optfile, 0x0d, 0x0b, 0x0e, 0x09);
- make_InvMixCol_Table(3, optfile, 0x09, 0x0d, 0x0b, 0x0e);
- fprintf(optfile, "#endif /* RIJNDAEL_INCLUDE_TABLES */\n\n");
- /* round constants for key expansion */
- fprintf(optfile, "#ifdef IS_LITTLE_ENDIAN\n");
- fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
- cur = 0x01;
- for (i=0; i<30; i++) {
- fprintf(optfile, "%#.8x%c%c", WORD_LE(cur, 0, 0, 0),
- (i==29)?' ':',', (i%6==5)?'\n':' ');
- last = cur;
- cur = gf_multiply(last, 0x02);
- }
- fprintf(optfile, "};\n");
- fprintf(optfile, "#else\n");
- fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
- cur = 0x01;
- for (i=0; i<30; i++) {
- fprintf(optfile, "%#.8x%c%c", WORD_BE(cur, 0, 0, 0),
- (i==29)?' ':',', (i%6==5)?'\n':' ');
- last = cur;
- cur = gf_multiply(last, 0x02);
- }
- fprintf(optfile, "};\n");
- fprintf(optfile, "#endif\n\n");
- fclose(optfile);
- return 0;
-}
diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c
deleted file mode 100644
index e1d973fdb..000000000
--- a/security/nss/lib/freebl/rsa.c
+++ /dev/null
@@ -1,930 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- */
-
-/*
- * RSA key generation, public key op, private key op.
- *
- * $Id$
- */
-
-#include "secerr.h"
-
-#include "prclist.h"
-#include "nssilock.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include "secmpi.h"
-#include "secitem.h"
-
-/*
-** Number of times to attempt to generate a prime (p or q) from a random
-** seed (the seed changes for each iteration).
-*/
-#define MAX_PRIME_GEN_ATTEMPTS 10
-/*
-** Number of times to attempt to generate a key. The primes p and q change
-** for each attempt.
-*/
-#define MAX_KEY_GEN_ATTEMPTS 10
-
-/*
-** RSABlindingParamsStr
-**
-** For discussion of Paul Kocher's timing attack against an RSA private key
-** operation, see http://www.cryptography.com/timingattack/paper.html. The
-** countermeasure to this attack, known as blinding, is also discussed in
-** the Handbook of Applied Cryptography, 11.118-11.119.
-*/
-struct RSABlindingParamsStr
-{
- /* Blinding-specific parameters */
- PRCList link; /* link to list of structs */
- SECItem modulus; /* list element "key" */
- mp_int f, g; /* Blinding parameters */
- int counter; /* number of remaining uses of (f, g) */
-};
-
-/*
-** RSABlindingParamsListStr
-**
-** List of key-specific blinding params. The arena holds the volatile pool
-** of memory for each entry and the list itself. The lock is for list
-** operations, in this case insertions and iterations, as well as control
-** of the counter for each set of blinding parameters.
-*/
-struct RSABlindingParamsListStr
-{
- PZLock *lock; /* Lock for the list */
- PRCList head; /* Pointer to the list */
-};
-
-/*
-** The master blinding params list.
-*/
-static struct RSABlindingParamsListStr blindingParamsList = { 0 };
-
-/* Number of times to reuse (f, g). Suggested by Paul Kocher */
-#define RSA_BLINDING_PARAMS_MAX_REUSE 50
-
-/* Global, allows optional use of blinding. On by default. */
-/* Cannot be changed at the moment, due to thread-safety issues. */
-static PRBool nssRSAUseBlinding = PR_TRUE;
-
-static SECStatus
-rsa_keygen_from_primes(mp_int *p, mp_int *q, mp_int *e, RSAPrivateKey *key,
- unsigned int keySizeInBits)
-{
- mp_int n, d, phi;
- mp_int psub1, qsub1, tmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&d) = 0;
- MP_DIGITS(&phi) = 0;
- MP_DIGITS(&psub1) = 0;
- MP_DIGITS(&qsub1) = 0;
- MP_DIGITS(&tmp) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&d) );
- CHECK_MPI_OK( mp_init(&phi) );
- CHECK_MPI_OK( mp_init(&psub1) );
- CHECK_MPI_OK( mp_init(&qsub1) );
- CHECK_MPI_OK( mp_init(&tmp) );
- /* 1. Compute n = p*q */
- CHECK_MPI_OK( mp_mul(p, q, &n) );
- /* verify that the modulus has the desired number of bits */
- if ((unsigned)mpl_significant_bits(&n) != keySizeInBits) {
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- rv = SECFailure;
- goto cleanup;
- }
- /* 2. Compute phi = (p-1)*(q-1) */
- CHECK_MPI_OK( mp_sub_d(p, 1, &psub1) );
- CHECK_MPI_OK( mp_sub_d(q, 1, &qsub1) );
- CHECK_MPI_OK( mp_mul(&psub1, &qsub1, &phi) );
- /* 3. Compute d = e**-1 mod(phi) */
- err = mp_invmod(e, &phi, &d);
- /* Verify that phi(n) and e have no common divisors */
- if (err != MP_OKAY) {
- if (err == MP_UNDEF) {
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- err = MP_OKAY; /* to keep PORT_SetError from being called again */
- rv = SECFailure;
- }
- goto cleanup;
- }
- MPINT_TO_SECITEM(&n, &key->modulus, key->arena);
- MPINT_TO_SECITEM(&d, &key->privateExponent, key->arena);
- /* 4. Compute exponent1 = d mod (p-1) */
- CHECK_MPI_OK( mp_mod(&d, &psub1, &tmp) );
- MPINT_TO_SECITEM(&tmp, &key->exponent1, key->arena);
- /* 5. Compute exponent2 = d mod (q-1) */
- CHECK_MPI_OK( mp_mod(&d, &qsub1, &tmp) );
- MPINT_TO_SECITEM(&tmp, &key->exponent2, key->arena);
- /* 6. Compute coefficient = q**-1 mod p */
- CHECK_MPI_OK( mp_invmod(q, p, &tmp) );
- MPINT_TO_SECITEM(&tmp, &key->coefficient, key->arena);
-cleanup:
- mp_clear(&n);
- mp_clear(&d);
- mp_clear(&phi);
- mp_clear(&psub1);
- mp_clear(&qsub1);
- mp_clear(&tmp);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-static SECStatus
-generate_prime(mp_int *prime, int primeLen)
-{
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- unsigned long counter = 0;
- int piter;
- unsigned char *pb = NULL;
- pb = PORT_Alloc(primeLen);
- if (!pb) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- for (piter = 0; piter < MAX_PRIME_GEN_ATTEMPTS; piter++) {
- CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) );
- pb[0] |= 0xC0; /* set two high-order bits */
- pb[primeLen-1] |= 0x01; /* set low-order bit */
- CHECK_MPI_OK( mp_read_unsigned_octets(prime, pb, primeLen) );
- err = mpp_make_prime(prime, primeLen * 8, PR_FALSE, &counter);
- if (err != MP_NO)
- goto cleanup;
- /* keep going while err == MP_NO */
- }
-cleanup:
- if (pb)
- PORT_ZFree(pb, primeLen);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** Generate and return a new RSA public and private key.
-** Both keys are encoded in a single RSAPrivateKey structure.
-** "cx" is the random number generator context
-** "keySizeInBits" is the size of the key to be generated, in bits.
-** 512, 1024, etc.
-** "publicExponent" when not NULL is a pointer to some data that
-** represents the public exponent to use. The data is a byte
-** encoded integer, in "big endian" order.
-*/
-RSAPrivateKey *
-RSA_NewKey(int keySizeInBits, SECItem *publicExponent)
-{
- unsigned int primeLen;
- mp_int p, q, e;
- int kiter;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- int prerr = 0;
- RSAPrivateKey *key = NULL;
- PRArenaPool *arena = NULL;
- /* Require key size to be a multiple of 16 bits. */
- if (!publicExponent || keySizeInBits % 16 != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* 1. Allocate arena & key */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
- if (!key) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
- }
- key->arena = arena;
- /* length of primes p and q (in bytes) */
- primeLen = keySizeInBits / (2 * BITS_PER_BYTE);
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&e) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&e) );
- /* 2. Set the version number (PKCS1 v1.5 says it should be zero) */
- SECITEM_AllocItem(arena, &key->version, 1);
- key->version.data[0] = 0;
- /* 3. Set the public exponent */
- SECITEM_CopyItem(arena, &key->publicExponent, publicExponent);
- SECITEM_TO_MPINT(*publicExponent, &e);
- kiter = 0;
- do {
- prerr = 0;
- PORT_SetError(0);
- CHECK_SEC_OK( generate_prime(&p, primeLen) );
- CHECK_SEC_OK( generate_prime(&q, primeLen) );
- /* Assure q < p */
- if (mp_cmp(&p, &q) < 0)
- mp_exch(&p, &q);
- /* Attempt to use these primes to generate a key */
- rv = rsa_keygen_from_primes(&p, &q, &e, key, keySizeInBits);
- if (rv == SECSuccess)
- break; /* generated two good primes */
- prerr = PORT_GetError();
- kiter++;
- /* loop until have primes */
- } while (prerr == SEC_ERROR_NEED_RANDOM && kiter < MAX_KEY_GEN_ATTEMPTS);
- if (prerr)
- goto cleanup;
- MPINT_TO_SECITEM(&p, &key->prime1, arena);
- MPINT_TO_SECITEM(&q, &key->prime2, arena);
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&e);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- if (rv && arena) {
- PORT_FreeArena(arena, PR_TRUE);
- key = NULL;
- }
- return key;
-}
-
-static unsigned int
-rsa_modulusLen(SECItem *modulus)
-{
- unsigned char byteZero = modulus->data[0];
- unsigned int modLen = modulus->len - !byteZero;
- return modLen;
-}
-
-/*
-** Perform a raw public-key operation
-** Length of input and output buffers are equal to key's modulus len.
-*/
-SECStatus
-RSA_PublicKeyOp(RSAPublicKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- unsigned int modLen;
- mp_int n, e, m, c;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- if (!key || !output || !input) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&m) = 0;
- MP_DIGITS(&c) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&m) );
- CHECK_MPI_OK( mp_init(&c) );
- modLen = rsa_modulusLen(&key->modulus);
- /* 1. Obtain public key (n, e) */
- SECITEM_TO_MPINT(key->modulus, &n);
- SECITEM_TO_MPINT(key->publicExponent, &e);
- /* 2. Represent message as integer in range [0..n-1] */
- CHECK_MPI_OK( mp_read_unsigned_octets(&m, input, modLen) );
- /* 3. Compute c = m**e mod n */
-#ifdef USE_MPI_EXPT_D
- /* XXX see which is faster */
- if (MP_USED(&e) == 1) {
- CHECK_MPI_OK( mp_exptmod_d(&m, MP_DIGIT(&e, 0), &n, &c) );
- } else
-#endif
- CHECK_MPI_OK( mp_exptmod(&m, &e, &n, &c) );
- /* 4. result c is ciphertext */
- err = mp_to_fixlen_octets(&c, output, modLen);
- if (err >= 0) err = MP_OKAY;
-cleanup:
- mp_clear(&n);
- mp_clear(&e);
- mp_clear(&m);
- mp_clear(&c);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** RSA Private key operation (no CRT).
-*/
-static SECStatus
-rsa_PrivateKeyOpNoCRT(RSAPrivateKey *key, mp_int *m, mp_int *c, mp_int *n,
- unsigned int modLen)
-{
- mp_int d;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&d) = 0;
- CHECK_MPI_OK( mp_init(&d) );
- SECITEM_TO_MPINT(key->privateExponent, &d);
- /* 1. m = c**d mod n */
- CHECK_MPI_OK( mp_exptmod(c, &d, n, m) );
-cleanup:
- mp_clear(&d);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** RSA Private key operation using CRT.
-*/
-static SECStatus
-rsa_PrivateKeyOpCRTNoCheck(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
- mp_int p, q, d_p, d_q, qInv;
- mp_int m1, m2, h, ctmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&d_p) = 0;
- MP_DIGITS(&d_q) = 0;
- MP_DIGITS(&qInv) = 0;
- MP_DIGITS(&m1) = 0;
- MP_DIGITS(&m2) = 0;
- MP_DIGITS(&h) = 0;
- MP_DIGITS(&ctmp) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&d_p) );
- CHECK_MPI_OK( mp_init(&d_q) );
- CHECK_MPI_OK( mp_init(&qInv) );
- CHECK_MPI_OK( mp_init(&m1) );
- CHECK_MPI_OK( mp_init(&m2) );
- CHECK_MPI_OK( mp_init(&h) );
- CHECK_MPI_OK( mp_init(&ctmp) );
- /* copy private key parameters into mp integers */
- SECITEM_TO_MPINT(key->prime1, &p); /* p */
- SECITEM_TO_MPINT(key->prime2, &q); /* q */
- SECITEM_TO_MPINT(key->exponent1, &d_p); /* d_p = d mod (p-1) */
- SECITEM_TO_MPINT(key->exponent2, &d_q); /* d_q = d mod (q-1) */
- SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
- /* 1. m1 = c**d_p mod p */
- CHECK_MPI_OK( mp_mod(c, &p, &ctmp) );
- CHECK_MPI_OK( mp_exptmod(&ctmp, &d_p, &p, &m1) );
- /* 2. m2 = c**d_q mod q */
- CHECK_MPI_OK( mp_mod(c, &q, &ctmp) );
- CHECK_MPI_OK( mp_exptmod(&ctmp, &d_q, &q, &m2) );
- /* 3. h = (m1 - m2) * qInv mod p */
- CHECK_MPI_OK( mp_submod(&m1, &m2, &p, &h) );
- CHECK_MPI_OK( mp_mulmod(&h, &qInv, &p, &h) );
- /* 4. m = m2 + h * q */
- CHECK_MPI_OK( mp_mul(&h, &q, m) );
- CHECK_MPI_OK( mp_add(m, &m2, m) );
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&d_p);
- mp_clear(&d_q);
- mp_clear(&qInv);
- mp_clear(&m1);
- mp_clear(&m2);
- mp_clear(&h);
- mp_clear(&ctmp);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** An attack against RSA CRT was described by Boneh, DeMillo, and Lipton in:
-** "On the Importance of Eliminating Errors in Cryptographic Computations",
-** http://theory.stanford.edu/~dabo/papers/faults.ps.gz
-**
-** As a defense against the attack, carry out the private key operation,
-** followed up with a public key operation to invert the result.
-** Verify that result against the input.
-*/
-static SECStatus
-rsa_PrivateKeyOpCRTCheckedPubKey(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
- mp_int n, e, v;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&v) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&v) );
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, m, c) );
- SECITEM_TO_MPINT(key->modulus, &n);
- SECITEM_TO_MPINT(key->publicExponent, &e);
- /* Perform a public key operation v = m ** e mod n */
- CHECK_MPI_OK( mp_exptmod(m, &e, &n, &v) );
- if (mp_cmp(&v, c) != 0) {
- rv = SECFailure;
- }
-cleanup:
- mp_clear(&n);
- mp_clear(&e);
- mp_clear(&v);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-static PRCallOnceType coBPInit = { 0, 0, 0 };
-static PRStatus
-init_blinding_params_list(void)
-{
- blindingParamsList.lock = PZ_NewLock(nssILockOther);
- if (!blindingParamsList.lock) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return PR_FAILURE;
- }
- PR_INIT_CLIST(&blindingParamsList.head);
- return PR_SUCCESS;
-}
-
-static SECStatus
-generate_blinding_params(struct RSABlindingParamsStr *rsabp,
- RSAPrivateKey *key, mp_int *n, unsigned int modLen)
-{
- SECStatus rv = SECSuccess;
- mp_int e, k;
- mp_err err = MP_OKAY;
- unsigned char *kb = NULL;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&k) = 0;
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&k) );
- SECITEM_TO_MPINT(key->publicExponent, &e);
- /* generate random k < n */
- kb = PORT_Alloc(modLen);
- if (!kb) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(kb, modLen) );
- CHECK_MPI_OK( mp_read_unsigned_octets(&k, kb, modLen) );
- /* k < n */
- CHECK_MPI_OK( mp_mod(&k, n, &k) );
- /* f = k**e mod n */
- CHECK_MPI_OK( mp_exptmod(&k, &e, n, &rsabp->f) );
- /* g = k**-1 mod n */
- CHECK_MPI_OK( mp_invmod(&k, n, &rsabp->g) );
- /* Initialize the counter for this (f, g) */
- rsabp->counter = RSA_BLINDING_PARAMS_MAX_REUSE;
-cleanup:
- if (kb)
- PORT_ZFree(kb, modLen);
- mp_clear(&k);
- mp_clear(&e);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus
-init_blinding_params(struct RSABlindingParamsStr *rsabp, RSAPrivateKey *key,
- mp_int *n, unsigned int modLen)
-{
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
- MP_DIGITS(&rsabp->f) = 0;
- MP_DIGITS(&rsabp->g) = 0;
- /* initialize blinding parameters */
- CHECK_MPI_OK( mp_init(&rsabp->f) );
- CHECK_MPI_OK( mp_init(&rsabp->g) );
- /* List elements are keyed using the modulus */
- SECITEM_CopyItem(NULL, &rsabp->modulus, &key->modulus);
- CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) );
- return SECSuccess;
-cleanup:
- mp_clear(&rsabp->f);
- mp_clear(&rsabp->g);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus
-get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen,
- mp_int *f, mp_int *g)
-{
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
- int cmp;
- PRCList *el;
- struct RSABlindingParamsStr *rsabp = NULL;
- /* Init the list if neccessary (the init function is only called once!) */
- if (blindingParamsList.lock == NULL) {
- if (PR_CallOnce(&coBPInit, init_blinding_params_list) != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
- }
- /* Acquire the list lock */
- PZ_Lock(blindingParamsList.lock);
- /* Walk the list looking for the private key */
- for (el = PR_NEXT_LINK(&blindingParamsList.head);
- el != &blindingParamsList.head;
- el = PR_NEXT_LINK(el)) {
- rsabp = (struct RSABlindingParamsStr *)el;
- cmp = SECITEM_CompareItem(&rsabp->modulus, &key->modulus);
- if (cmp == 0) {
- /* Check the usage counter for the parameters */
- if (--rsabp->counter <= 0) {
- /* Regenerate the blinding parameters */
- CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) );
- }
- /* Return the parameters */
- CHECK_MPI_OK( mp_copy(&rsabp->f, f) );
- CHECK_MPI_OK( mp_copy(&rsabp->g, g) );
- /* Now that the params are located, release the list lock. */
- PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */
- return SECSuccess;
- } else if (cmp > 0) {
- /* The key is not in the list. Break to param creation. */
- break;
- }
- }
- /* At this point, the key is not in the list. el should point to the
- ** list element that this key should be inserted before. NOTE: the list
- ** lock is still held, so there cannot be a race condition here.
- */
- rsabp = (struct RSABlindingParamsStr *)
- PORT_ZAlloc(sizeof(struct RSABlindingParamsStr));
- if (!rsabp) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- /* Initialize the list pointer for the element */
- PR_INIT_CLIST(&rsabp->link);
- /* Initialize the blinding parameters
- ** This ties up the list lock while doing some heavy, element-specific
- ** operations, but we don't want to insert the element until it is valid,
- ** which requires computing the blinding params. If this proves costly,
- ** it could be done after the list lock is released, and then if it fails
- ** the lock would have to be reobtained and the invalid element removed.
- */
- rv = init_blinding_params(rsabp, key, n, modLen);
- if (rv != SECSuccess) {
- PORT_ZFree(rsabp, sizeof(struct RSABlindingParamsStr));
- goto cleanup;
- }
- /* Insert the new element into the list
- ** If inserting in the middle of the list, el points to the link
- ** to insert before. Otherwise, the link needs to be appended to
- ** the end of the list, which is the same as inserting before the
- ** head (since el would have looped back to the head).
- */
- PR_INSERT_BEFORE(&rsabp->link, el);
- /* Return the parameters */
- CHECK_MPI_OK( mp_copy(&rsabp->f, f) );
- CHECK_MPI_OK( mp_copy(&rsabp->g, g) );
- /* Release the list lock */
- PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */
- return SECSuccess;
-cleanup:
- /* It is possible to reach this after the lock is already released.
- ** Ignore the error in that case.
- */
- PZ_Unlock(blindingParamsList.lock);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return SECFailure;
-}
-
-/*
-** Perform a raw private-key operation
-** Length of input and output buffers are equal to key's modulus len.
-*/
-static SECStatus
-rsa_PrivateKeyOp(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input,
- PRBool check)
-{
- unsigned int modLen;
- unsigned int offset;
- SECStatus rv = SECSuccess;
- mp_err err;
- mp_int n, c, m;
- mp_int f, g;
- if (!key || !output || !input) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* check input out of range (needs to be in range [0..n-1]) */
- modLen = rsa_modulusLen(&key->modulus);
- offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */
- if (memcmp(input, key->modulus.data + offset, modLen) >= 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&c) = 0;
- MP_DIGITS(&m) = 0;
- MP_DIGITS(&f) = 0;
- MP_DIGITS(&g) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&c) );
- CHECK_MPI_OK( mp_init(&m) );
- CHECK_MPI_OK( mp_init(&f) );
- CHECK_MPI_OK( mp_init(&g) );
- SECITEM_TO_MPINT(key->modulus, &n);
- OCTETS_TO_MPINT(input, &c, modLen);
- /* If blinding, compute pre-image of ciphertext by multiplying by
- ** blinding factor
- */
- if (nssRSAUseBlinding) {
- CHECK_SEC_OK( get_blinding_params(key, &n, modLen, &f, &g) );
- /* c' = c*f mod n */
- CHECK_MPI_OK( mp_mulmod(&c, &f, &n, &c) );
- }
- /* Do the private key operation m = c**d mod n */
- if ( key->prime1.len == 0 ||
- key->prime2.len == 0 ||
- key->exponent1.len == 0 ||
- key->exponent2.len == 0 ||
- key->coefficient.len == 0) {
- CHECK_SEC_OK( rsa_PrivateKeyOpNoCRT(key, &m, &c, &n, modLen) );
- } else if (check) {
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTCheckedPubKey(key, &m, &c) );
- } else {
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, &m, &c) );
- }
- /* If blinding, compute post-image of plaintext by multiplying by
- ** blinding factor
- */
- if (nssRSAUseBlinding) {
- /* m = m'*g mod n */
- CHECK_MPI_OK( mp_mulmod(&m, &g, &n, &m) );
- }
- err = mp_to_fixlen_octets(&m, output, modLen);
- if (err >= 0) err = MP_OKAY;
-cleanup:
- mp_clear(&n);
- mp_clear(&c);
- mp_clear(&m);
- mp_clear(&f);
- mp_clear(&g);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-RSA_PrivateKeyOp(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- return rsa_PrivateKeyOp(key, output, input, PR_FALSE);
-}
-
-SECStatus
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- return rsa_PrivateKeyOp(key, output, input, PR_TRUE);
-}
-
-static SECStatus
-swap_in_key_value(PRArenaPool *arena, mp_int *mpval, SECItem *buffer)
-{
- int len;
- mp_err err = MP_OKAY;
- memset(buffer->data, 0, buffer->len);
- len = mp_unsigned_octet_size(mpval);
- if (len <= 0) return SECFailure;
- if ((unsigned int)len <= buffer->len) {
- /* The new value is no longer than the old buffer, so use it */
- err = mp_to_unsigned_octets(mpval, buffer->data, len);
- if (err >= 0) err = MP_OKAY;
- buffer->len = len;
- } else if (arena) {
- /* The new value is longer, but working within an arena */
- (void)SECITEM_AllocItem(arena, buffer, len);
- err = mp_to_unsigned_octets(mpval, buffer->data, len);
- if (err >= 0) err = MP_OKAY;
- } else {
- /* The new value is longer, no arena, can't handle this key */
- return SECFailure;
- }
- return (err == MP_OKAY) ? SECSuccess : SECFailure;
-}
-
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
- mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&psub1)= 0;
- MP_DIGITS(&qsub1)= 0;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&d) = 0;
- MP_DIGITS(&d_p) = 0;
- MP_DIGITS(&d_q) = 0;
- MP_DIGITS(&qInv) = 0;
- MP_DIGITS(&res) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&psub1));
- CHECK_MPI_OK( mp_init(&qsub1));
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&d) );
- CHECK_MPI_OK( mp_init(&d_p) );
- CHECK_MPI_OK( mp_init(&d_q) );
- CHECK_MPI_OK( mp_init(&qInv) );
- CHECK_MPI_OK( mp_init(&res) );
- SECITEM_TO_MPINT(key->modulus, &n);
- SECITEM_TO_MPINT(key->prime1, &p);
- SECITEM_TO_MPINT(key->prime2, &q);
- SECITEM_TO_MPINT(key->publicExponent, &e);
- SECITEM_TO_MPINT(key->privateExponent, &d);
- SECITEM_TO_MPINT(key->exponent1, &d_p);
- SECITEM_TO_MPINT(key->exponent2, &d_q);
- SECITEM_TO_MPINT(key->coefficient, &qInv);
- /* p > q */
- if (mp_cmp(&p, &q) <= 0) {
- /* mind the p's and q's (and d_p's and d_q's) */
- SECItem tmp;
- mp_exch(&p, &q);
- mp_exch(&d_p,&d_q);
- tmp = key->prime1;
- key->prime1 = key->prime2;
- key->prime2 = tmp;
- tmp = key->exponent1;
- key->exponent1 = key->exponent2;
- key->exponent2 = tmp;
- }
-#define VERIFY_MPI_EQUAL(m1, m2) \
- if (mp_cmp(m1, m2) != 0) { \
- rv = SECFailure; \
- goto cleanup; \
- }
-#define VERIFY_MPI_EQUAL_1(m) \
- if (mp_cmp_d(m, 1) != 0) { \
- rv = SECFailure; \
- goto cleanup; \
- }
- /*
- * The following errors cannot be recovered from.
- */
- /* n == p * q */
- CHECK_MPI_OK( mp_mul(&p, &q, &res) );
- VERIFY_MPI_EQUAL(&res, &n);
- /* gcd(e, p-1) == 1 */
- CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) );
- CHECK_MPI_OK( mp_gcd(&e, &psub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /* gcd(e, q-1) == 1 */
- CHECK_MPI_OK( mp_sub_d(&q, 1, &qsub1) );
- CHECK_MPI_OK( mp_gcd(&e, &qsub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /* d*e == 1 mod p-1 */
- CHECK_MPI_OK( mp_mulmod(&d, &e, &psub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /* d*e == 1 mod q-1 */
- CHECK_MPI_OK( mp_mulmod(&d, &e, &qsub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /*
- * The following errors can be recovered from.
- */
- /* d_p == d mod p-1 */
- CHECK_MPI_OK( mp_mod(&d, &psub1, &res) );
- if (mp_cmp(&d_p, &res) != 0) {
- /* swap in the correct value */
- CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent1) );
- }
- /* d_q == d mod q-1 */
- CHECK_MPI_OK( mp_mod(&d, &qsub1, &res) );
- if (mp_cmp(&d_q, &res) != 0) {
- /* swap in the correct value */
- CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent2) );
- }
- /* q * q**-1 == 1 mod p */
- CHECK_MPI_OK( mp_mulmod(&q, &qInv, &p, &res) );
- if (mp_cmp_d(&res, 1) != 0) {
- /* compute the correct value */
- CHECK_MPI_OK( mp_invmod(&q, &p, &qInv) );
- CHECK_SEC_OK( swap_in_key_value(key->arena, &qInv, &key->coefficient) );
- }
-cleanup:
- mp_clear(&n);
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&psub1);
- mp_clear(&qsub1);
- mp_clear(&e);
- mp_clear(&d);
- mp_clear(&d_p);
- mp_clear(&d_q);
- mp_clear(&qInv);
- mp_clear(&res);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/* cleanup at shutdown */
-void RSA_Cleanup(void)
-{
- if (!coBPInit.initialized)
- return;
-
- while (!PR_CLIST_IS_EMPTY(&blindingParamsList.head))
- {
- struct RSABlindingParamsStr * rsabp = (struct RSABlindingParamsStr *)
- PR_LIST_HEAD(&blindingParamsList.head);
- PR_REMOVE_LINK(&rsabp->link);
- mp_clear(&rsabp->f);
- mp_clear(&rsabp->g);
- SECITEM_FreeItem(&rsabp->modulus,PR_FALSE);
- PORT_Free(rsabp);
- }
-
- if (blindingParamsList.lock)
- {
- PZ_DestroyLock(blindingParamsList.lock);
- blindingParamsList.lock = NULL;
- }
-
- coBPInit.initialized = 0;
- coBPInit.inProgress = 0;
- coBPInit.status = 0;
-}
-
-/*
- * need a central place for this function to free up all the memory that
- * free_bl may have allocated along the way. Currently only RSA does this,
- * so I've put it here for now.
- */
-void BL_Cleanup(void)
-{
- RSA_Cleanup();
-}
diff --git a/security/nss/lib/freebl/secmpi.h b/security/nss/lib/freebl/secmpi.h
deleted file mode 100644
index cddcbb03d..000000000
--- a/security/nss/lib/freebl/secmpi.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "mpi.h"
-
-#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup
-
-#define CHECK_MPI_OK(func) if (MP_OKAY > (err = func)) goto cleanup
-
-#define OCTETS_TO_MPINT(oc, mp, len) \
- CHECK_MPI_OK(mp_read_unsigned_octets((mp), oc, len))
-
-#define SECITEM_TO_MPINT(it, mp) \
- CHECK_MPI_OK(mp_read_unsigned_octets((mp), (it).data, (it).len))
-
-#define MPINT_TO_SECITEM(mp, it, arena) \
- SECITEM_AllocItem(arena, (it), mp_unsigned_octet_size(mp)); \
- err = mp_to_unsigned_octets(mp, (it)->data, (it)->len); \
- if (err < 0) goto cleanup; else err = MP_OKAY;
-
-#define MP_TO_SEC_ERROR(err) \
- switch (err) { \
- case MP_MEM: PORT_SetError(SEC_ERROR_NO_MEMORY); break; \
- case MP_RANGE: PORT_SetError(SEC_ERROR_BAD_DATA); break; \
- case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS); break; \
- default: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break; \
- }
diff --git a/security/nss/lib/freebl/secrng.h b/security/nss/lib/freebl/secrng.h
deleted file mode 100644
index cddc7b000..000000000
--- a/security/nss/lib/freebl/secrng.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECRNG_H_
-#define _SECRNG_H_
-/*
- * secrng.h - public data structures and prototypes for the secure random
- * number generator
- *
- * $Id$
- */
-
-/******************************************/
-/*
-** Random number generation. A cryptographically strong random number
-** generator.
-*/
-
-#include "blapi.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** The following 3 functions are provided by the security library
-** but are differently implemented for the UNIX, Mac and Win
-** versions
-*/
-
-/*
-** Get the "noisiest" information available on the system.
-** The amount of data returned depends on the system implementation.
-** It will not exceed maxbytes, but may be (much) less.
-** Returns number of noise bytes copied into buf, or zero if error.
-*/
-extern size_t RNG_GetNoise(void *buf, size_t maxbytes);
-
-/*
-** RNG_SystemInfoForRNG should be called before any use of SSL. It
-** gathers up the system specific information to help seed the
-** state of the global random number generator.
-*/
-extern void RNG_SystemInfoForRNG(void);
-
-/*
-** Use the contents (and stat) of a file to help seed the
-** global random number generator.
-*/
-extern void RNG_FileForRNG(const char *filename);
-
-SEC_END_PROTOS
-
-#endif /* _SECUTIL_H_ */
diff --git a/security/nss/lib/freebl/sha.c b/security/nss/lib/freebl/sha.c
deleted file mode 100644
index c8480c72c..000000000
--- a/security/nss/lib/freebl/sha.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Reference Implementation (Compact version)
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sha.h"
-
-static void shaHashBlock(SHA_CTX *ctx);
-
-void shaInit(SHA_CTX *ctx) {
- int i;
-
- ctx->lenW = 0;
- ctx->sizeHi = ctx->sizeLo = 0;
-
- /* Initialize H with the magic constants (see FIPS180 for constants)
- */
- ctx->H[0] = 0x67452301L;
- ctx->H[1] = 0xefcdab89L;
- ctx->H[2] = 0x98badcfeL;
- ctx->H[3] = 0x10325476L;
- ctx->H[4] = 0xc3d2e1f0L;
-
- for (i = 0; i < 80; i++)
- ctx->W[i] = 0;
-}
-
-
-void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len) {
- int i;
-
- /* Read the data into W and process blocks as they get full
- */
- for (i = 0; i < len; i++) {
- ctx->W[ctx->lenW / 4] <<= 8;
- ctx->W[ctx->lenW / 4] |= (unsigned long)dataIn[i];
- if ((++ctx->lenW) % 64 == 0) {
- shaHashBlock(ctx);
- ctx->lenW = 0;
- }
- ctx->sizeLo += 8;
- ctx->sizeHi += (ctx->sizeLo < 8);
- }
-}
-
-
-void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]) {
- unsigned char pad0x80 = 0x80;
- unsigned char pad0x00 = 0x00;
- unsigned char padlen[8];
- int i;
-
- /* Pad with a binary 1 (e.g. 0x80), then zeroes, then length
- */
- padlen[0] = (unsigned char)((ctx->sizeHi >> 24) & 255);
- padlen[1] = (unsigned char)((ctx->sizeHi >> 16) & 255);
- padlen[2] = (unsigned char)((ctx->sizeHi >> 8) & 255);
- padlen[3] = (unsigned char)((ctx->sizeHi >> 0) & 255);
- padlen[4] = (unsigned char)((ctx->sizeLo >> 24) & 255);
- padlen[5] = (unsigned char)((ctx->sizeLo >> 16) & 255);
- padlen[6] = (unsigned char)((ctx->sizeLo >> 8) & 255);
- padlen[7] = (unsigned char)((ctx->sizeLo >> 0) & 255);
- shaUpdate(ctx, &pad0x80, 1);
- while (ctx->lenW != 56)
- shaUpdate(ctx, &pad0x00, 1);
- shaUpdate(ctx, padlen, 8);
-
- /* Output hash
- */
- for (i = 0; i < 20; i++) {
- hashout[i] = (unsigned char)(ctx->H[i / 4] >> 24);
- ctx->H[i / 4] <<= 8;
- }
-
- /*
- * Re-initialize the context (also zeroizes contents)
- */
- shaInit(ctx);
-}
-
-
-void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]) {
- SHA_CTX ctx;
-
- shaInit(&ctx);
- shaUpdate(&ctx, dataIn, len);
- shaFinal(&ctx, hashout);
-}
-
-
-#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n))))
-
-static void shaHashBlock(SHA_CTX *ctx) {
- int t;
- unsigned long A,B,C,D,E,TEMP;
-
- for (t = 16; t <= 79; t++)
- ctx->W[t] =
- SHA_ROTL(ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], 1);
-
- A = ctx->H[0];
- B = ctx->H[1];
- C = ctx->H[2];
- D = ctx->H[3];
- E = ctx->H[4];
-
- for (t = 0; t <= 19; t++) {
- TEMP = SHA_ROTL(A,5) + (((C^D)&B)^D) + E + ctx->W[t] + 0x5a827999L;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
- for (t = 20; t <= 39; t++) {
- TEMP = SHA_ROTL(A,5) + (B^C^D) + E + ctx->W[t] + 0x6ed9eba1L;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
- for (t = 40; t <= 59; t++) {
- TEMP = SHA_ROTL(A,5) + ((B&C)|(D&(B|C))) + E + ctx->W[t] + 0x8f1bbcdcL;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
- for (t = 60; t <= 79; t++) {
- TEMP = SHA_ROTL(A,5) + (B^C^D) + E + ctx->W[t] + 0xca62c1d6L;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
-
- ctx->H[0] += A;
- ctx->H[1] += B;
- ctx->H[2] += C;
- ctx->H[3] += D;
- ctx->H[4] += E;
-}
-
diff --git a/security/nss/lib/freebl/sha.h b/security/nss/lib/freebl/sha.h
deleted file mode 100644
index 0522a00b2..000000000
--- a/security/nss/lib/freebl/sha.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Header File
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-typedef struct {
- unsigned long H[5];
- unsigned long W[80];
- int lenW;
- unsigned long sizeHi,sizeLo;
-} SHA_CTX;
-
-
-void shaInit(SHA_CTX *ctx);
-void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len);
-void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]);
-void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]);
-
diff --git a/security/nss/lib/freebl/sha512.c b/security/nss/lib/freebl/sha512.c
deleted file mode 100644
index e52652284..000000000
--- a/security/nss/lib/freebl/sha512.c
+++ /dev/null
@@ -1,1371 +0,0 @@
-/*
- * sha512.c - implementation of SHA256, SHA384 and SHA512
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2002 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "prcpucfg.h"
-#if defined(_X86_) || defined(SHA_NO_LONG_LONG)
-#define NOUNROLL512 1
-#undef HAVE_LONG_LONG
-#endif
-#include "prtypes.h" /* for PRUintXX */
-#include "secport.h" /* for PORT_XXX */
-#include "blapi.h"
-
-/* ============= Common constants and defines ======================= */
-
-#define W ctx->u.w
-#define B ctx->u.b
-#define H ctx->h
-
-#define SHR(x,n) (x >> n)
-#define SHL(x,n) (x << n)
-#define Ch(x,y,z) ((x & y) ^ (~x & z))
-#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
-
-/* Padding used with all flavors of SHA */
-static const PRUint8 pad[240] = {
-0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
- /* compiler will fill the rest in with zeros */
-};
-
-/* ============= SHA256 implemenmtation ================================== */
-
-/* SHA-256 constants, K256. */
-static const PRUint32 K256[64] = {
- 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
- 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
- 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
- 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
- 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
- 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
- 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
- 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
- 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
- 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
- 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
- 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
- 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
- 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
- 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
- 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
-};
-
-/* SHA-256 initial hash values */
-static const PRUint32 H256[8] = {
- 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
- 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
-};
-
-struct SHA256ContextStr {
- union {
- PRUint32 w[64]; /* message schedule, input buffer, plus 48 words */
- PRUint8 b[256];
- } u;
- PRUint32 h[8]; /* 8 state variables */
- PRUint32 sizeHi,sizeLo; /* 64-bit count of hashed bytes. */
-};
-
-#if defined(_MSC_VER) && defined(_X86_)
-#ifndef FORCEINLINE
-#if (MSC_VER >= 1200)
-#define FORCEINLINE __forceinline
-#else
-#define FORCEINLINE __inline
-#endif
-#endif
-#define FASTCALL __fastcall
-
-static FORCEINLINE PRUint32 FASTCALL
-swap4b(PRUint32 dwd)
-{
- __asm {
- mov eax,dwd
- bswap eax
- }
-}
-
-#define SHA_HTONL(x) swap4b(x)
-#define BYTESWAP4(x) x = SHA_HTONL(x)
-
-#elif defined(LINUX) && defined(_X86_)
-#undef __OPTIMIZE__
-#define __OPTIMIZE__ 1
-#undef __pentium__
-#define __pentium__ 1
-#include <byteswap.h>
-#define SHA_HTONL(x) bswap_32(x)
-#define BYTESWAP4(x) x = SHA_HTONL(x)
-
-#else /* neither windows nor Linux PC */
-#define SWAP4MASK 0x00FF00FF
-#define SHA_HTONL(x) (t1 = (x), t1 = (t1 << 16) | (t1 >> 16), \
- ((t1 & SWAP4MASK) << 8) | ((t1 >> 8) & SWAP4MASK))
-#define BYTESWAP4(x) x = SHA_HTONL(x)
-#endif
-
-#if defined(_MSC_VER) && defined(_X86_)
-#pragma intrinsic (_lrotr, _lrotl)
-#define ROTR32(x,n) _lrotr(x,n)
-#define ROTL32(x,n) _lrotl(x,n)
-#else
-#define ROTR32(x,n) ((x >> n) | (x << ((8 * sizeof x) - n)))
-#define ROTL32(x,n) ((x << n) | (x >> ((8 * sizeof x) - n)))
-#endif
-
-/* Capitol Sigma and lower case sigma functions */
-#define S0(x) (ROTR32(x, 2) ^ ROTR32(x,13) ^ ROTR32(x,22))
-#define S1(x) (ROTR32(x, 6) ^ ROTR32(x,11) ^ ROTR32(x,25))
-#define s0(x) (t1 = x, ROTR32(t1, 7) ^ ROTR32(t1,18) ^ SHR(t1, 3))
-#define s1(x) (t2 = x, ROTR32(t2,17) ^ ROTR32(t2,19) ^ SHR(t2,10))
-
-SHA256Context *
-SHA256_NewContext(void)
-{
- SHA256Context *ctx = PORT_New(SHA256Context);
- return ctx;
-}
-
-void
-SHA256_DestroyContext(SHA256Context *ctx, PRBool freeit)
-{
- if (freeit) {
- PORT_ZFree(ctx, sizeof *ctx);
- }
-}
-
-void
-SHA256_Begin(SHA256Context *ctx)
-{
- memset(ctx, 0, sizeof *ctx);
- memcpy(H, H256, sizeof H256);
-}
-
-static void
-SHA256_Compress(SHA256Context *ctx)
-{
- {
- register PRUint32 t1, t2;
-
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP4(W[0]);
- BYTESWAP4(W[1]);
- BYTESWAP4(W[2]);
- BYTESWAP4(W[3]);
- BYTESWAP4(W[4]);
- BYTESWAP4(W[5]);
- BYTESWAP4(W[6]);
- BYTESWAP4(W[7]);
- BYTESWAP4(W[8]);
- BYTESWAP4(W[9]);
- BYTESWAP4(W[10]);
- BYTESWAP4(W[11]);
- BYTESWAP4(W[12]);
- BYTESWAP4(W[13]);
- BYTESWAP4(W[14]);
- BYTESWAP4(W[15]);
-#endif
-
-#define INITW(t) W[t] = (s1(W[t-2]) + W[t-7] + s0(W[t-15]) + W[t-16])
-
- /* prepare the "message schedule" */
-#ifdef NOUNROLL256
- {
- int t;
- for (t = 16; t < 64; ++t) {
- INITW(t);
- }
- }
-#else
- INITW(16);
- INITW(17);
- INITW(18);
- INITW(19);
-
- INITW(20);
- INITW(21);
- INITW(22);
- INITW(23);
- INITW(24);
- INITW(25);
- INITW(26);
- INITW(27);
- INITW(28);
- INITW(29);
-
- INITW(30);
- INITW(31);
- INITW(32);
- INITW(33);
- INITW(34);
- INITW(35);
- INITW(36);
- INITW(37);
- INITW(38);
- INITW(39);
-
- INITW(40);
- INITW(41);
- INITW(42);
- INITW(43);
- INITW(44);
- INITW(45);
- INITW(46);
- INITW(47);
- INITW(48);
- INITW(49);
-
- INITW(50);
- INITW(51);
- INITW(52);
- INITW(53);
- INITW(54);
- INITW(55);
- INITW(56);
- INITW(57);
- INITW(58);
- INITW(59);
-
- INITW(60);
- INITW(61);
- INITW(62);
- INITW(63);
-
-#endif
-#undef INITW
- }
- {
- PRUint32 a, b, c, d, e, f, g, h;
-
- a = H[0];
- b = H[1];
- c = H[2];
- d = H[3];
- e = H[4];
- f = H[5];
- g = H[6];
- h = H[7];
-
-#define ROUND(n,a,b,c,d,e,f,g,h) \
- h += S1(e) + Ch(e,f,g) + K256[n] + W[n]; \
- d += h; \
- h += S0(a) + Maj(a,b,c);
-
-#ifdef NOUNROLL256
- {
- int t;
- for (t = 0; t < 64; t+= 8) {
- ROUND(t+0,a,b,c,d,e,f,g,h)
- ROUND(t+1,h,a,b,c,d,e,f,g)
- ROUND(t+2,g,h,a,b,c,d,e,f)
- ROUND(t+3,f,g,h,a,b,c,d,e)
- ROUND(t+4,e,f,g,h,a,b,c,d)
- ROUND(t+5,d,e,f,g,h,a,b,c)
- ROUND(t+6,c,d,e,f,g,h,a,b)
- ROUND(t+7,b,c,d,e,f,g,h,a)
- }
- }
-#else
- ROUND( 0,a,b,c,d,e,f,g,h)
- ROUND( 1,h,a,b,c,d,e,f,g)
- ROUND( 2,g,h,a,b,c,d,e,f)
- ROUND( 3,f,g,h,a,b,c,d,e)
- ROUND( 4,e,f,g,h,a,b,c,d)
- ROUND( 5,d,e,f,g,h,a,b,c)
- ROUND( 6,c,d,e,f,g,h,a,b)
- ROUND( 7,b,c,d,e,f,g,h,a)
-
- ROUND( 8,a,b,c,d,e,f,g,h)
- ROUND( 9,h,a,b,c,d,e,f,g)
- ROUND(10,g,h,a,b,c,d,e,f)
- ROUND(11,f,g,h,a,b,c,d,e)
- ROUND(12,e,f,g,h,a,b,c,d)
- ROUND(13,d,e,f,g,h,a,b,c)
- ROUND(14,c,d,e,f,g,h,a,b)
- ROUND(15,b,c,d,e,f,g,h,a)
-
- ROUND(16,a,b,c,d,e,f,g,h)
- ROUND(17,h,a,b,c,d,e,f,g)
- ROUND(18,g,h,a,b,c,d,e,f)
- ROUND(19,f,g,h,a,b,c,d,e)
- ROUND(20,e,f,g,h,a,b,c,d)
- ROUND(21,d,e,f,g,h,a,b,c)
- ROUND(22,c,d,e,f,g,h,a,b)
- ROUND(23,b,c,d,e,f,g,h,a)
-
- ROUND(24,a,b,c,d,e,f,g,h)
- ROUND(25,h,a,b,c,d,e,f,g)
- ROUND(26,g,h,a,b,c,d,e,f)
- ROUND(27,f,g,h,a,b,c,d,e)
- ROUND(28,e,f,g,h,a,b,c,d)
- ROUND(29,d,e,f,g,h,a,b,c)
- ROUND(30,c,d,e,f,g,h,a,b)
- ROUND(31,b,c,d,e,f,g,h,a)
-
- ROUND(32,a,b,c,d,e,f,g,h)
- ROUND(33,h,a,b,c,d,e,f,g)
- ROUND(34,g,h,a,b,c,d,e,f)
- ROUND(35,f,g,h,a,b,c,d,e)
- ROUND(36,e,f,g,h,a,b,c,d)
- ROUND(37,d,e,f,g,h,a,b,c)
- ROUND(38,c,d,e,f,g,h,a,b)
- ROUND(39,b,c,d,e,f,g,h,a)
-
- ROUND(40,a,b,c,d,e,f,g,h)
- ROUND(41,h,a,b,c,d,e,f,g)
- ROUND(42,g,h,a,b,c,d,e,f)
- ROUND(43,f,g,h,a,b,c,d,e)
- ROUND(44,e,f,g,h,a,b,c,d)
- ROUND(45,d,e,f,g,h,a,b,c)
- ROUND(46,c,d,e,f,g,h,a,b)
- ROUND(47,b,c,d,e,f,g,h,a)
-
- ROUND(48,a,b,c,d,e,f,g,h)
- ROUND(49,h,a,b,c,d,e,f,g)
- ROUND(50,g,h,a,b,c,d,e,f)
- ROUND(51,f,g,h,a,b,c,d,e)
- ROUND(52,e,f,g,h,a,b,c,d)
- ROUND(53,d,e,f,g,h,a,b,c)
- ROUND(54,c,d,e,f,g,h,a,b)
- ROUND(55,b,c,d,e,f,g,h,a)
-
- ROUND(56,a,b,c,d,e,f,g,h)
- ROUND(57,h,a,b,c,d,e,f,g)
- ROUND(58,g,h,a,b,c,d,e,f)
- ROUND(59,f,g,h,a,b,c,d,e)
- ROUND(60,e,f,g,h,a,b,c,d)
- ROUND(61,d,e,f,g,h,a,b,c)
- ROUND(62,c,d,e,f,g,h,a,b)
- ROUND(63,b,c,d,e,f,g,h,a)
-#endif
-
- H[0] += a;
- H[1] += b;
- H[2] += c;
- H[3] += d;
- H[4] += e;
- H[5] += f;
- H[6] += g;
- H[7] += h;
- }
-#undef ROUND
-}
-
-#undef s0
-#undef s1
-#undef S0
-#undef S1
-
-void
-SHA256_Update(SHA256Context *ctx, const unsigned char *input,
- unsigned int inputLen)
-{
- unsigned int inBuf = ctx->sizeLo & 0x3f;
- if (!inputLen)
- return;
-
- /* Add inputLen into the count of bytes processed, before processing */
- if ((ctx->sizeLo += inputLen) < inputLen)
- ctx->sizeHi++;
-
- /* if data already in buffer, attemp to fill rest of buffer */
- if (inBuf) {
- unsigned int todo = SHA256_BLOCK_LENGTH - inBuf;
- if (inputLen < todo)
- todo = inputLen;
- memcpy(B + inBuf, input, todo);
- input += todo;
- inputLen -= todo;
- if (inBuf + todo == SHA256_BLOCK_LENGTH)
- SHA256_Compress(ctx);
- }
-
- /* if enough data to fill one or more whole buffers, process them. */
- while (inputLen >= SHA256_BLOCK_LENGTH) {
- memcpy(B, input, SHA256_BLOCK_LENGTH);
- input += SHA256_BLOCK_LENGTH;
- inputLen -= SHA256_BLOCK_LENGTH;
- SHA256_Compress(ctx);
- }
- /* if data left over, fill it into buffer */
- if (inputLen)
- memcpy(B, input, inputLen);
-}
-
-void
-SHA256_End(SHA256Context *ctx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
- unsigned int inBuf = ctx->sizeLo & 0x3f;
- unsigned int padLen = (inBuf < 56) ? (56 - inBuf) : (56 + 64 - inBuf);
- PRUint32 hi, lo;
-#ifdef SWAP4MASK
- PRUint32 t1;
-#endif
-
- hi = (ctx->sizeHi << 3) | (ctx->sizeLo >> 29);
- lo = (ctx->sizeLo << 3);
-
- SHA256_Update(ctx, pad, padLen);
-
-#if defined(IS_LITTLE_ENDIAN)
- W[14] = SHA_HTONL(hi);
- W[15] = SHA_HTONL(lo);
-#else
- W[14] = hi;
- W[15] = lo;
-#endif
- SHA256_Compress(ctx);
-
- /* now output the answer */
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP4(H[0]);
- BYTESWAP4(H[1]);
- BYTESWAP4(H[2]);
- BYTESWAP4(H[3]);
- BYTESWAP4(H[4]);
- BYTESWAP4(H[5]);
- BYTESWAP4(H[6]);
- BYTESWAP4(H[7]);
-#endif
- padLen = PR_MIN(SHA256_LENGTH, maxDigestLen);
- memcpy(digest, H, padLen);
- if (digestLen)
- *digestLen = padLen;
-}
-
-SECStatus
-SHA256_HashBuf(unsigned char *dest, const unsigned char *src,
- uint32 src_length)
-{
- SHA256Context ctx;
- unsigned int outLen;
-
- SHA256_Begin(&ctx);
- SHA256_Update(&ctx, src, src_length);
- SHA256_End(&ctx, dest, &outLen, SHA256_LENGTH);
-
- return SECSuccess;
-}
-
-
-SECStatus
-SHA256_Hash(unsigned char *dest, const char *src)
-{
- return SHA256_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
-}
-
-
-void SHA256_TraceState(SHA256Context *ctx) { }
-
-unsigned int
-SHA256_FlattenSize(SHA256Context *ctx)
-{
- return sizeof *ctx;
-}
-
-SECStatus
-SHA256_Flatten(SHA256Context *ctx,unsigned char *space)
-{
- PORT_Memcpy(space, ctx, sizeof *ctx);
- return SECSuccess;
-}
-
-SHA256Context *
-SHA256_Resurrect(unsigned char *space, void *arg)
-{
- SHA256Context *ctx = SHA256_NewContext();
- if (ctx)
- PORT_Memcpy(ctx, space, sizeof *ctx);
- return ctx;
-}
-
-
-/* ======= SHA512 and SHA384 common constants and defines ================= */
-
-/* common #defines for SHA512 and SHA384 */
-#if defined(HAVE_LONG_LONG)
-#define ROTR64(x,n) ((x >> n) | (x << (64 - n)))
-#define ROTL64(x,n) ((x << n) | (x >> (64 - n)))
-
-#define S0(x) (ROTR64(x,28) ^ ROTR64(x,34) ^ ROTR64(x,39))
-#define S1(x) (ROTR64(x,14) ^ ROTR64(x,18) ^ ROTR64(x,41))
-#define s0(x) (t1 = x, ROTR64(t1, 1) ^ ROTR64(t1, 8) ^ SHR(t1,7))
-#define s1(x) (t2 = x, ROTR64(t2,19) ^ ROTR64(t2,61) ^ SHR(t2,6))
-
-#if PR_BYTES_PER_LONG == 8
-#define ULLC(hi,lo) 0x ## hi ## lo ## UL
-#elif defined(_MSC_VER)
-#define ULLC(hi,lo) 0x ## hi ## lo ## ui64
-#else
-#define ULLC(hi,lo) 0x ## hi ## lo ## ULL
-#endif
-
-#define SHA_MASK16 ULLC(0000FFFF,0000FFFF)
-#define SHA_MASK8 ULLC(00FF00FF,00FF00FF)
-#define SHA_HTONLL(x) (t1 = x, \
- t1 = ((t1 & SHA_MASK8 ) << 8) | ((t1 >> 8) & SHA_MASK8 ), \
- t1 = ((t1 & SHA_MASK16) << 16) | ((t1 >> 16) & SHA_MASK16), \
- (t1 >> 32) | (t1 << 32))
-#define BYTESWAP8(x) x = SHA_HTONLL(x)
-
-#else /* no long long */
-
-#if defined(IS_LITTLE_ENDIAN)
-#define ULLC(hi,lo) { 0x ## lo ## U, 0x ## hi ## U }
-#else
-#define ULLC(hi,lo) { 0x ## hi ## U, 0x ## lo ## U }
-#endif
-
-#define SHA_HTONLL(x) ( BYTESWAP4(x.lo), BYTESWAP4(x.hi), \
- x.hi ^= x.lo ^= x.hi ^= x.lo, x)
-#define BYTESWAP8(x) do { PRUint32 tmp; BYTESWAP4(x.lo); BYTESWAP4(x.hi); \
- tmp = x.lo; x.lo = x.hi; x.hi = tmp; } while (0)
-#endif
-
-/* SHA-384 and SHA-512 constants, K512. */
-static const PRUint64 K512[80] = {
-#if PR_BYTES_PER_LONG == 8
- 0x428a2f98d728ae22UL , 0x7137449123ef65cdUL ,
- 0xb5c0fbcfec4d3b2fUL , 0xe9b5dba58189dbbcUL ,
- 0x3956c25bf348b538UL , 0x59f111f1b605d019UL ,
- 0x923f82a4af194f9bUL , 0xab1c5ed5da6d8118UL ,
- 0xd807aa98a3030242UL , 0x12835b0145706fbeUL ,
- 0x243185be4ee4b28cUL , 0x550c7dc3d5ffb4e2UL ,
- 0x72be5d74f27b896fUL , 0x80deb1fe3b1696b1UL ,
- 0x9bdc06a725c71235UL , 0xc19bf174cf692694UL ,
- 0xe49b69c19ef14ad2UL , 0xefbe4786384f25e3UL ,
- 0x0fc19dc68b8cd5b5UL , 0x240ca1cc77ac9c65UL ,
- 0x2de92c6f592b0275UL , 0x4a7484aa6ea6e483UL ,
- 0x5cb0a9dcbd41fbd4UL , 0x76f988da831153b5UL ,
- 0x983e5152ee66dfabUL , 0xa831c66d2db43210UL ,
- 0xb00327c898fb213fUL , 0xbf597fc7beef0ee4UL ,
- 0xc6e00bf33da88fc2UL , 0xd5a79147930aa725UL ,
- 0x06ca6351e003826fUL , 0x142929670a0e6e70UL ,
- 0x27b70a8546d22ffcUL , 0x2e1b21385c26c926UL ,
- 0x4d2c6dfc5ac42aedUL , 0x53380d139d95b3dfUL ,
- 0x650a73548baf63deUL , 0x766a0abb3c77b2a8UL ,
- 0x81c2c92e47edaee6UL , 0x92722c851482353bUL ,
- 0xa2bfe8a14cf10364UL , 0xa81a664bbc423001UL ,
- 0xc24b8b70d0f89791UL , 0xc76c51a30654be30UL ,
- 0xd192e819d6ef5218UL , 0xd69906245565a910UL ,
- 0xf40e35855771202aUL , 0x106aa07032bbd1b8UL ,
- 0x19a4c116b8d2d0c8UL , 0x1e376c085141ab53UL ,
- 0x2748774cdf8eeb99UL , 0x34b0bcb5e19b48a8UL ,
- 0x391c0cb3c5c95a63UL , 0x4ed8aa4ae3418acbUL ,
- 0x5b9cca4f7763e373UL , 0x682e6ff3d6b2b8a3UL ,
- 0x748f82ee5defb2fcUL , 0x78a5636f43172f60UL ,
- 0x84c87814a1f0ab72UL , 0x8cc702081a6439ecUL ,
- 0x90befffa23631e28UL , 0xa4506cebde82bde9UL ,
- 0xbef9a3f7b2c67915UL , 0xc67178f2e372532bUL ,
- 0xca273eceea26619cUL , 0xd186b8c721c0c207UL ,
- 0xeada7dd6cde0eb1eUL , 0xf57d4f7fee6ed178UL ,
- 0x06f067aa72176fbaUL , 0x0a637dc5a2c898a6UL ,
- 0x113f9804bef90daeUL , 0x1b710b35131c471bUL ,
- 0x28db77f523047d84UL , 0x32caab7b40c72493UL ,
- 0x3c9ebe0a15c9bebcUL , 0x431d67c49c100d4cUL ,
- 0x4cc5d4becb3e42b6UL , 0x597f299cfc657e2aUL ,
- 0x5fcb6fab3ad6faecUL , 0x6c44198c4a475817UL
-#else
- ULLC(428a2f98,d728ae22), ULLC(71374491,23ef65cd),
- ULLC(b5c0fbcf,ec4d3b2f), ULLC(e9b5dba5,8189dbbc),
- ULLC(3956c25b,f348b538), ULLC(59f111f1,b605d019),
- ULLC(923f82a4,af194f9b), ULLC(ab1c5ed5,da6d8118),
- ULLC(d807aa98,a3030242), ULLC(12835b01,45706fbe),
- ULLC(243185be,4ee4b28c), ULLC(550c7dc3,d5ffb4e2),
- ULLC(72be5d74,f27b896f), ULLC(80deb1fe,3b1696b1),
- ULLC(9bdc06a7,25c71235), ULLC(c19bf174,cf692694),
- ULLC(e49b69c1,9ef14ad2), ULLC(efbe4786,384f25e3),
- ULLC(0fc19dc6,8b8cd5b5), ULLC(240ca1cc,77ac9c65),
- ULLC(2de92c6f,592b0275), ULLC(4a7484aa,6ea6e483),
- ULLC(5cb0a9dc,bd41fbd4), ULLC(76f988da,831153b5),
- ULLC(983e5152,ee66dfab), ULLC(a831c66d,2db43210),
- ULLC(b00327c8,98fb213f), ULLC(bf597fc7,beef0ee4),
- ULLC(c6e00bf3,3da88fc2), ULLC(d5a79147,930aa725),
- ULLC(06ca6351,e003826f), ULLC(14292967,0a0e6e70),
- ULLC(27b70a85,46d22ffc), ULLC(2e1b2138,5c26c926),
- ULLC(4d2c6dfc,5ac42aed), ULLC(53380d13,9d95b3df),
- ULLC(650a7354,8baf63de), ULLC(766a0abb,3c77b2a8),
- ULLC(81c2c92e,47edaee6), ULLC(92722c85,1482353b),
- ULLC(a2bfe8a1,4cf10364), ULLC(a81a664b,bc423001),
- ULLC(c24b8b70,d0f89791), ULLC(c76c51a3,0654be30),
- ULLC(d192e819,d6ef5218), ULLC(d6990624,5565a910),
- ULLC(f40e3585,5771202a), ULLC(106aa070,32bbd1b8),
- ULLC(19a4c116,b8d2d0c8), ULLC(1e376c08,5141ab53),
- ULLC(2748774c,df8eeb99), ULLC(34b0bcb5,e19b48a8),
- ULLC(391c0cb3,c5c95a63), ULLC(4ed8aa4a,e3418acb),
- ULLC(5b9cca4f,7763e373), ULLC(682e6ff3,d6b2b8a3),
- ULLC(748f82ee,5defb2fc), ULLC(78a5636f,43172f60),
- ULLC(84c87814,a1f0ab72), ULLC(8cc70208,1a6439ec),
- ULLC(90befffa,23631e28), ULLC(a4506ceb,de82bde9),
- ULLC(bef9a3f7,b2c67915), ULLC(c67178f2,e372532b),
- ULLC(ca273ece,ea26619c), ULLC(d186b8c7,21c0c207),
- ULLC(eada7dd6,cde0eb1e), ULLC(f57d4f7f,ee6ed178),
- ULLC(06f067aa,72176fba), ULLC(0a637dc5,a2c898a6),
- ULLC(113f9804,bef90dae), ULLC(1b710b35,131c471b),
- ULLC(28db77f5,23047d84), ULLC(32caab7b,40c72493),
- ULLC(3c9ebe0a,15c9bebc), ULLC(431d67c4,9c100d4c),
- ULLC(4cc5d4be,cb3e42b6), ULLC(597f299c,fc657e2a),
- ULLC(5fcb6fab,3ad6faec), ULLC(6c44198c,4a475817)
-#endif
-};
-
-struct SHA512ContextStr {
- union {
- PRUint64 w[80]; /* message schedule, input buffer, plus 64 words */
- PRUint32 l[160];
- PRUint8 b[640];
- } u;
- PRUint64 h[8]; /* 8 state variables */
- PRUint64 sizeLo; /* 64-bit count of hashed bytes. */
-};
-
-/* =========== SHA512 implementation ===================================== */
-
-/* SHA-512 initial hash values */
-static const PRUint64 H512[8] = {
-#if PR_BYTES_PER_LONG == 8
- 0x6a09e667f3bcc908UL , 0xbb67ae8584caa73bUL ,
- 0x3c6ef372fe94f82bUL , 0xa54ff53a5f1d36f1UL ,
- 0x510e527fade682d1UL , 0x9b05688c2b3e6c1fUL ,
- 0x1f83d9abfb41bd6bUL , 0x5be0cd19137e2179UL
-#else
- ULLC(6a09e667,f3bcc908), ULLC(bb67ae85,84caa73b),
- ULLC(3c6ef372,fe94f82b), ULLC(a54ff53a,5f1d36f1),
- ULLC(510e527f,ade682d1), ULLC(9b05688c,2b3e6c1f),
- ULLC(1f83d9ab,fb41bd6b), ULLC(5be0cd19,137e2179)
-#endif
-};
-
-
-SHA512Context *
-SHA512_NewContext(void)
-{
- SHA512Context *ctx = PORT_New(SHA512Context);
- return ctx;
-}
-
-void
-SHA512_DestroyContext(SHA512Context *ctx, PRBool freeit)
-{
- if (freeit) {
- PORT_ZFree(ctx, sizeof *ctx);
- }
-}
-
-void
-SHA512_Begin(SHA512Context *ctx)
-{
- memset(ctx, 0, sizeof *ctx);
- memcpy(H, H512, sizeof H512);
-}
-
-#if defined(SHA512_TRACE)
-#if defined(HAVE_LONG_LONG)
-#define DUMP(n,a,d,e,h) printf(" t = %2d, %s = %016lx, %s = %016lx\n", \
- n, #e, d, #a, h);
-#else
-#define DUMP(n,a,d,e,h) printf(" t = %2d, %s = %08x%08x, %s = %08x%08x\n", \
- n, #e, d.hi, d.lo, #a, h.hi, h.lo);
-#endif
-#else
-#define DUMP(n,a,d,e,h)
-#endif
-
-#if defined(HAVE_LONG_LONG)
-
-#define ADDTO(x,y) y += x
-
-#define INITW(t) W[t] = (s1(W[t-2]) + W[t-7] + s0(W[t-15]) + W[t-16])
-
-#define ROUND(n,a,b,c,d,e,f,g,h) \
- h += S1(e) + Ch(e,f,g) + K512[n] + W[n]; \
- d += h; \
- h += S0(a) + Maj(a,b,c); \
- DUMP(n,a,d,e,h)
-
-#else /* use only 32-bit variables, and don't unroll loops */
-
-#undef NOUNROLL512
-#define NOUNROLL512 1
-
-#define ADDTO(x,y) y.lo += x.lo; y.hi += x.hi + (x.lo > y.lo)
-
-#define ROTR64a(x,n,lo,hi) (x.lo >> n | x.hi << (32-n))
-#define ROTR64A(x,n,lo,hi) (x.lo << (64-n) | x.hi >> (n-32))
-#define SHR64a(x,n,lo,hi) (x.lo >> n | x.hi << (32-n))
-
-/* Capitol Sigma and lower case sigma functions */
-#define s0lo(x) (ROTR64a(x,1,lo,hi) ^ ROTR64a(x,8,lo,hi) ^ SHR64a(x,7,lo,hi))
-#define s0hi(x) (ROTR64a(x,1,hi,lo) ^ ROTR64a(x,8,hi,lo) ^ (x.hi >> 7))
-
-#define s1lo(x) (ROTR64a(x,19,lo,hi) ^ ROTR64A(x,61,lo,hi) ^ SHR64a(x,6,lo,hi))
-#define s1hi(x) (ROTR64a(x,19,hi,lo) ^ ROTR64A(x,61,hi,lo) ^ (x.hi >> 6))
-
-#define S0lo(x)(ROTR64a(x,28,lo,hi) ^ ROTR64A(x,34,lo,hi) ^ ROTR64A(x,39,lo,hi))
-#define S0hi(x)(ROTR64a(x,28,hi,lo) ^ ROTR64A(x,34,hi,lo) ^ ROTR64A(x,39,hi,lo))
-
-#define S1lo(x)(ROTR64a(x,14,lo,hi) ^ ROTR64a(x,18,lo,hi) ^ ROTR64A(x,41,lo,hi))
-#define S1hi(x)(ROTR64a(x,14,hi,lo) ^ ROTR64a(x,18,hi,lo) ^ ROTR64A(x,41,hi,lo))
-
-/* 32-bit versions of Ch and Maj */
-#define Chxx(x,y,z,lo) ((x.lo & y.lo) ^ (~x.lo & z.lo))
-#define Majx(x,y,z,lo) ((x.lo & y.lo) ^ (x.lo & z.lo) ^ (y.lo & z.lo))
-
-#define INITW(t) \
- do { \
- PRUint32 lo, tm; \
- PRUint32 cy = 0; \
- lo = s1lo(W[t-2]); \
- lo += (tm = W[t-7].lo); if (lo < tm) cy++; \
- lo += (tm = s0lo(W[t-15])); if (lo < tm) cy++; \
- lo += (tm = W[t-16].lo); if (lo < tm) cy++; \
- W[t].lo = lo; \
- W[t].hi = cy + s1hi(W[t-2]) + W[t-7].hi + s0hi(W[t-15]) + W[t-16].hi; \
- } while (0)
-
-#define ROUND(n,a,b,c,d,e,f,g,h) \
- { \
- PRUint32 lo, tm, cy; \
- lo = S1lo(e); \
- lo += (tm = Chxx(e,f,g,lo)); cy = (lo < tm); \
- lo += (tm = K512[n].lo); if (lo < tm) cy++; \
- lo += (tm = W[n].lo); if (lo < tm) cy++; \
- h.lo += lo; if (h.lo < lo) cy++; \
- h.hi += cy + S1hi(e) + Chxx(e,f,g,hi) + K512[n].hi + W[n].hi; \
- d.lo += h.lo; \
- d.hi += h.hi + (d.lo < h.lo); \
- lo = S0lo(a); \
- lo += (tm = Majx(a,b,c,lo)); cy = (lo < tm); \
- h.lo += lo; if (h.lo < lo) cy++; \
- h.hi += cy + S0hi(a) + Majx(a,b,c,hi); \
- DUMP(n,a,d,e,h) \
- }
-#endif
-
-static void
-SHA512_Compress(SHA512Context *ctx)
-{
-#if defined(IS_LITTLE_ENDIAN)
- {
-#if defined(HAVE_LONG_LONG)
- PRUint64 t1;
-#else
- PRUint32 t1;
-#endif
- BYTESWAP8(W[0]);
- BYTESWAP8(W[1]);
- BYTESWAP8(W[2]);
- BYTESWAP8(W[3]);
- BYTESWAP8(W[4]);
- BYTESWAP8(W[5]);
- BYTESWAP8(W[6]);
- BYTESWAP8(W[7]);
- BYTESWAP8(W[8]);
- BYTESWAP8(W[9]);
- BYTESWAP8(W[10]);
- BYTESWAP8(W[11]);
- BYTESWAP8(W[12]);
- BYTESWAP8(W[13]);
- BYTESWAP8(W[14]);
- BYTESWAP8(W[15]);
- }
-#endif
-
- {
- PRUint64 t1, t2;
-#ifdef NOUNROLL512
- {
- /* prepare the "message schedule" */
- int t;
- for (t = 16; t < 80; ++t) {
- INITW(t);
- }
- }
-#else
- INITW(16);
- INITW(17);
- INITW(18);
- INITW(19);
-
- INITW(20);
- INITW(21);
- INITW(22);
- INITW(23);
- INITW(24);
- INITW(25);
- INITW(26);
- INITW(27);
- INITW(28);
- INITW(29);
-
- INITW(30);
- INITW(31);
- INITW(32);
- INITW(33);
- INITW(34);
- INITW(35);
- INITW(36);
- INITW(37);
- INITW(38);
- INITW(39);
-
- INITW(40);
- INITW(41);
- INITW(42);
- INITW(43);
- INITW(44);
- INITW(45);
- INITW(46);
- INITW(47);
- INITW(48);
- INITW(49);
-
- INITW(50);
- INITW(51);
- INITW(52);
- INITW(53);
- INITW(54);
- INITW(55);
- INITW(56);
- INITW(57);
- INITW(58);
- INITW(59);
-
- INITW(60);
- INITW(61);
- INITW(62);
- INITW(63);
- INITW(64);
- INITW(65);
- INITW(66);
- INITW(67);
- INITW(68);
- INITW(69);
-
- INITW(70);
- INITW(71);
- INITW(72);
- INITW(73);
- INITW(74);
- INITW(75);
- INITW(76);
- INITW(77);
- INITW(78);
- INITW(79);
-#endif
- }
-#ifdef SHA512_TRACE
- {
- int i;
- for (i = 0; i < 80; ++i) {
-#ifdef HAVE_LONG_LONG
- printf("W[%2d] = %016lx\n", i, W[i]);
-#else
- printf("W[%2d] = %08x%08x\n", i, W[i].hi, W[i].lo);
-#endif
- }
- }
-#endif
- {
- PRUint64 a, b, c, d, e, f, g, h;
-
- a = H[0];
- b = H[1];
- c = H[2];
- d = H[3];
- e = H[4];
- f = H[5];
- g = H[6];
- h = H[7];
-
-#ifdef NOUNROLL512
- {
- int t;
- for (t = 0; t < 80; t+= 8) {
- ROUND(t+0,a,b,c,d,e,f,g,h)
- ROUND(t+1,h,a,b,c,d,e,f,g)
- ROUND(t+2,g,h,a,b,c,d,e,f)
- ROUND(t+3,f,g,h,a,b,c,d,e)
- ROUND(t+4,e,f,g,h,a,b,c,d)
- ROUND(t+5,d,e,f,g,h,a,b,c)
- ROUND(t+6,c,d,e,f,g,h,a,b)
- ROUND(t+7,b,c,d,e,f,g,h,a)
- }
- }
-#else
- ROUND( 0,a,b,c,d,e,f,g,h)
- ROUND( 1,h,a,b,c,d,e,f,g)
- ROUND( 2,g,h,a,b,c,d,e,f)
- ROUND( 3,f,g,h,a,b,c,d,e)
- ROUND( 4,e,f,g,h,a,b,c,d)
- ROUND( 5,d,e,f,g,h,a,b,c)
- ROUND( 6,c,d,e,f,g,h,a,b)
- ROUND( 7,b,c,d,e,f,g,h,a)
-
- ROUND( 8,a,b,c,d,e,f,g,h)
- ROUND( 9,h,a,b,c,d,e,f,g)
- ROUND(10,g,h,a,b,c,d,e,f)
- ROUND(11,f,g,h,a,b,c,d,e)
- ROUND(12,e,f,g,h,a,b,c,d)
- ROUND(13,d,e,f,g,h,a,b,c)
- ROUND(14,c,d,e,f,g,h,a,b)
- ROUND(15,b,c,d,e,f,g,h,a)
-
- ROUND(16,a,b,c,d,e,f,g,h)
- ROUND(17,h,a,b,c,d,e,f,g)
- ROUND(18,g,h,a,b,c,d,e,f)
- ROUND(19,f,g,h,a,b,c,d,e)
- ROUND(20,e,f,g,h,a,b,c,d)
- ROUND(21,d,e,f,g,h,a,b,c)
- ROUND(22,c,d,e,f,g,h,a,b)
- ROUND(23,b,c,d,e,f,g,h,a)
-
- ROUND(24,a,b,c,d,e,f,g,h)
- ROUND(25,h,a,b,c,d,e,f,g)
- ROUND(26,g,h,a,b,c,d,e,f)
- ROUND(27,f,g,h,a,b,c,d,e)
- ROUND(28,e,f,g,h,a,b,c,d)
- ROUND(29,d,e,f,g,h,a,b,c)
- ROUND(30,c,d,e,f,g,h,a,b)
- ROUND(31,b,c,d,e,f,g,h,a)
-
- ROUND(32,a,b,c,d,e,f,g,h)
- ROUND(33,h,a,b,c,d,e,f,g)
- ROUND(34,g,h,a,b,c,d,e,f)
- ROUND(35,f,g,h,a,b,c,d,e)
- ROUND(36,e,f,g,h,a,b,c,d)
- ROUND(37,d,e,f,g,h,a,b,c)
- ROUND(38,c,d,e,f,g,h,a,b)
- ROUND(39,b,c,d,e,f,g,h,a)
-
- ROUND(40,a,b,c,d,e,f,g,h)
- ROUND(41,h,a,b,c,d,e,f,g)
- ROUND(42,g,h,a,b,c,d,e,f)
- ROUND(43,f,g,h,a,b,c,d,e)
- ROUND(44,e,f,g,h,a,b,c,d)
- ROUND(45,d,e,f,g,h,a,b,c)
- ROUND(46,c,d,e,f,g,h,a,b)
- ROUND(47,b,c,d,e,f,g,h,a)
-
- ROUND(48,a,b,c,d,e,f,g,h)
- ROUND(49,h,a,b,c,d,e,f,g)
- ROUND(50,g,h,a,b,c,d,e,f)
- ROUND(51,f,g,h,a,b,c,d,e)
- ROUND(52,e,f,g,h,a,b,c,d)
- ROUND(53,d,e,f,g,h,a,b,c)
- ROUND(54,c,d,e,f,g,h,a,b)
- ROUND(55,b,c,d,e,f,g,h,a)
-
- ROUND(56,a,b,c,d,e,f,g,h)
- ROUND(57,h,a,b,c,d,e,f,g)
- ROUND(58,g,h,a,b,c,d,e,f)
- ROUND(59,f,g,h,a,b,c,d,e)
- ROUND(60,e,f,g,h,a,b,c,d)
- ROUND(61,d,e,f,g,h,a,b,c)
- ROUND(62,c,d,e,f,g,h,a,b)
- ROUND(63,b,c,d,e,f,g,h,a)
-
- ROUND(64,a,b,c,d,e,f,g,h)
- ROUND(65,h,a,b,c,d,e,f,g)
- ROUND(66,g,h,a,b,c,d,e,f)
- ROUND(67,f,g,h,a,b,c,d,e)
- ROUND(68,e,f,g,h,a,b,c,d)
- ROUND(69,d,e,f,g,h,a,b,c)
- ROUND(70,c,d,e,f,g,h,a,b)
- ROUND(71,b,c,d,e,f,g,h,a)
-
- ROUND(72,a,b,c,d,e,f,g,h)
- ROUND(73,h,a,b,c,d,e,f,g)
- ROUND(74,g,h,a,b,c,d,e,f)
- ROUND(75,f,g,h,a,b,c,d,e)
- ROUND(76,e,f,g,h,a,b,c,d)
- ROUND(77,d,e,f,g,h,a,b,c)
- ROUND(78,c,d,e,f,g,h,a,b)
- ROUND(79,b,c,d,e,f,g,h,a)
-#endif
-
- ADDTO(a,H[0]);
- ADDTO(b,H[1]);
- ADDTO(c,H[2]);
- ADDTO(d,H[3]);
- ADDTO(e,H[4]);
- ADDTO(f,H[5]);
- ADDTO(g,H[6]);
- ADDTO(h,H[7]);
- }
-}
-
-void
-SHA512_Update(SHA512Context *ctx, const unsigned char *input,
- unsigned int inputLen)
-{
- unsigned int inBuf;
- if (!inputLen)
- return;
-
-#if defined(HAVE_LONG_LONG)
- inBuf = (unsigned int)ctx->sizeLo & 0x7f;
- /* Add inputLen into the count of bytes processed, before processing */
- ctx->sizeLo += inputLen;
-#else
- inBuf = (unsigned int)ctx->sizeLo.lo & 0x7f;
- ctx->sizeLo.lo += inputLen;
- if (ctx->sizeLo.lo < inputLen) ctx->sizeLo.hi++;
-#endif
-
- /* if data already in buffer, attemp to fill rest of buffer */
- if (inBuf) {
- unsigned int todo = SHA512_BLOCK_LENGTH - inBuf;
- if (inputLen < todo)
- todo = inputLen;
- memcpy(B + inBuf, input, todo);
- input += todo;
- inputLen -= todo;
- if (inBuf + todo == SHA512_BLOCK_LENGTH)
- SHA512_Compress(ctx);
- }
-
- /* if enough data to fill one or more whole buffers, process them. */
- while (inputLen >= SHA512_BLOCK_LENGTH) {
- memcpy(B, input, SHA512_BLOCK_LENGTH);
- input += SHA512_BLOCK_LENGTH;
- inputLen -= SHA512_BLOCK_LENGTH;
- SHA512_Compress(ctx);
- }
- /* if data left over, fill it into buffer */
- if (inputLen)
- memcpy(B, input, inputLen);
-}
-
-void
-SHA512_End(SHA512Context *ctx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
-#if defined(HAVE_LONG_LONG)
- unsigned int inBuf = (unsigned int)ctx->sizeLo & 0x7f;
- unsigned int padLen = (inBuf < 112) ? (112 - inBuf) : (112 + 128 - inBuf);
- PRUint64 lo, t1;
- lo = (ctx->sizeLo << 3);
-#else
- unsigned int inBuf = (unsigned int)ctx->sizeLo.lo & 0x7f;
- unsigned int padLen = (inBuf < 112) ? (112 - inBuf) : (112 + 128 - inBuf);
- PRUint64 lo = ctx->sizeLo;
- PRUint32 t1;
- lo.lo <<= 3;
-#endif
-
- SHA512_Update(ctx, pad, padLen);
-
-#if defined(HAVE_LONG_LONG)
- W[14] = 0;
-#else
- W[14].lo = 0;
- W[14].hi = 0;
-#endif
-
- W[15] = lo;
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP8(W[15]);
-#endif
- SHA512_Compress(ctx);
-
- /* now output the answer */
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP8(H[0]);
- BYTESWAP8(H[1]);
- BYTESWAP8(H[2]);
- BYTESWAP8(H[3]);
- BYTESWAP8(H[4]);
- BYTESWAP8(H[5]);
- BYTESWAP8(H[6]);
- BYTESWAP8(H[7]);
-#endif
- padLen = PR_MIN(SHA512_LENGTH, maxDigestLen);
- memcpy(digest, H, padLen);
- if (digestLen)
- *digestLen = padLen;
-}
-
-SECStatus
-SHA512_HashBuf(unsigned char *dest, const unsigned char *src,
- uint32 src_length)
-{
- SHA512Context ctx;
- unsigned int outLen;
-
- SHA512_Begin(&ctx);
- SHA512_Update(&ctx, src, src_length);
- SHA512_End(&ctx, dest, &outLen, SHA512_LENGTH);
-
- return SECSuccess;
-}
-
-
-SECStatus
-SHA512_Hash(unsigned char *dest, const char *src)
-{
- return SHA512_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
-}
-
-
-void SHA512_TraceState(SHA512Context *ctx) { }
-
-unsigned int
-SHA512_FlattenSize(SHA512Context *ctx)
-{
- return sizeof *ctx;
-}
-
-SECStatus
-SHA512_Flatten(SHA512Context *ctx,unsigned char *space)
-{
- PORT_Memcpy(space, ctx, sizeof *ctx);
- return SECSuccess;
-}
-
-SHA512Context *
-SHA512_Resurrect(unsigned char *space, void *arg)
-{
- SHA512Context *ctx = SHA512_NewContext();
- if (ctx)
- PORT_Memcpy(ctx, space, sizeof *ctx);
- return ctx;
-}
-
-/* ======================================================================= */
-/* SHA384 uses a SHA512Context as the real context.
-** The only differences between SHA384 an SHA512 are:
-** a) the intialization values for the context, and
-** b) the number of bytes of data produced as output.
-*/
-
-/* SHA-384 initial hash values */
-static const PRUint64 H384[8] = {
-#if PR_BYTES_PER_LONG == 8
- 0xcbbb9d5dc1059ed8UL , 0x629a292a367cd507UL ,
- 0x9159015a3070dd17UL , 0x152fecd8f70e5939UL ,
- 0x67332667ffc00b31UL , 0x8eb44a8768581511UL ,
- 0xdb0c2e0d64f98fa7UL , 0x47b5481dbefa4fa4UL
-#else
- ULLC(cbbb9d5d,c1059ed8), ULLC(629a292a,367cd507),
- ULLC(9159015a,3070dd17), ULLC(152fecd8,f70e5939),
- ULLC(67332667,ffc00b31), ULLC(8eb44a87,68581511),
- ULLC(db0c2e0d,64f98fa7), ULLC(47b5481d,befa4fa4)
-#endif
-};
-
-SHA384Context *
-SHA384_NewContext(void)
-{
- return SHA512_NewContext();
-}
-
-void
-SHA384_DestroyContext(SHA384Context *ctx, PRBool freeit)
-{
- SHA512_DestroyContext(ctx, freeit);
-}
-
-void
-SHA384_Begin(SHA384Context *ctx)
-{
- memset(ctx, 0, sizeof *ctx);
- memcpy(H, H384, sizeof H384);
-}
-
-void
-SHA384_Update(SHA384Context *ctx, const unsigned char *input,
- unsigned int inputLen)
-{
- SHA512_Update(ctx, input, inputLen);
-}
-
-void
-SHA384_End(SHA384Context *ctx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
-#define SHA_MIN(a,b) (a < b ? a : b)
- unsigned int maxLen = SHA_MIN(maxDigestLen, SHA384_LENGTH);
- SHA512_End(ctx, digest, digestLen, maxLen);
-}
-
-SECStatus
-SHA384_HashBuf(unsigned char *dest, const unsigned char *src,
- uint32 src_length)
-{
- SHA512Context ctx;
- unsigned int outLen;
-
- SHA384_Begin(&ctx);
- SHA512_Update(&ctx, src, src_length);
- SHA512_End(&ctx, dest, &outLen, SHA384_LENGTH);
-
- return SECSuccess;
-}
-
-SECStatus
-SHA384_Hash(unsigned char *dest, const char *src)
-{
- return SHA384_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
-}
-
-void SHA384_TraceState(SHA384Context *ctx) { }
-
-unsigned int
-SHA384_FlattenSize(SHA384Context *ctx)
-{
- return sizeof(SHA384Context);
-}
-
-SECStatus
-SHA384_Flatten(SHA384Context *ctx,unsigned char *space)
-{
- return SHA512_Flatten(ctx, space);
-}
-
-SHA384Context *
-SHA384_Resurrect(unsigned char *space, void *arg)
-{
- return SHA512_Resurrect(space, arg);
-}
-
-/* ======================================================================= */
-#ifdef SELFTEST
-#include <stdio.h>
-
-static const char abc[] = { "abc" };
-static const char abcdbc[] = {
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-};
-static const char abcdef[] = {
- "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
- "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-};
-
-void
-dumpHash32(const unsigned char *buf, unsigned int bufLen)
-{
- unsigned int i;
- for (i = 0; i < bufLen; i += 4) {
- printf(" %02x%02x%02x%02x", buf[i], buf[i+1], buf[i+2], buf[i+3]);
- }
- printf("\n");
-}
-
-void test256(void)
-{
- unsigned char outBuf[SHA256_LENGTH];
-
- printf("SHA256, input = %s\n", abc);
- SHA256_Hash(outBuf, abc);
- dumpHash32(outBuf, sizeof outBuf);
-
- printf("SHA256, input = %s\n", abcdbc);
- SHA256_Hash(outBuf, abcdbc);
- dumpHash32(outBuf, sizeof outBuf);
-}
-
-void
-dumpHash64(const unsigned char *buf, unsigned int bufLen)
-{
- unsigned int i;
- for (i = 0; i < bufLen; i += 8) {
- if (i % 32 == 0)
- printf("\n");
- printf(" %02x%02x%02x%02x%02x%02x%02x%02x",
- buf[i ], buf[i+1], buf[i+2], buf[i+3],
- buf[i+4], buf[i+5], buf[i+6], buf[i+7]);
- }
- printf("\n");
-}
-
-void test512(void)
-{
- unsigned char outBuf[SHA512_LENGTH];
-
- printf("SHA512, input = %s\n", abc);
- SHA512_Hash(outBuf, abc);
- dumpHash64(outBuf, sizeof outBuf);
-
- printf("SHA512, input = %s\n", abcdef);
- SHA512_Hash(outBuf, abcdef);
- dumpHash64(outBuf, sizeof outBuf);
-}
-
-void time512(void)
-{
- unsigned char outBuf[SHA512_LENGTH];
-
- SHA512_Hash(outBuf, abc);
- SHA512_Hash(outBuf, abcdef);
-}
-
-void test384(void)
-{
- unsigned char outBuf[SHA384_LENGTH];
-
- printf("SHA384, input = %s\n", abc);
- SHA384_Hash(outBuf, abc);
- dumpHash64(outBuf, sizeof outBuf);
-
- printf("SHA384, input = %s\n", abcdef);
- SHA384_Hash(outBuf, abcdef);
- dumpHash64(outBuf, sizeof outBuf);
-}
-
-int main (int argc, char *argv[], char *envp[])
-{
- int i = 1;
- if (argc > 1) {
- i = atoi(argv[1]);
- }
- if (i < 2) {
- test256();
- test512();
- test384();
- } else {
- while (i-- > 0) {
- time512();
- }
- printf("done\n");
- }
- return 0;
-}
-
-void *PORT_Alloc(size_t len) { return malloc(len); }
-void PORT_Free(void *ptr) { free(ptr); }
-void PORT_ZFree(void *ptr, size_t len) { memset(ptr, 0, len); free(ptr); }
-#endif
diff --git a/security/nss/lib/freebl/sha_fast.c b/security/nss/lib/freebl/sha_fast.c
deleted file mode 100644
index 5057d287a..000000000
--- a/security/nss/lib/freebl/sha_fast.c
+++ /dev/null
@@ -1,449 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Reference Implementation (Optimized)
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <memory.h>
-#include "blapi.h"
-#include "sha_fast.h"
-#include "prerror.h"
-
-#ifdef TRACING_SSL
-#include "ssl.h"
-#include "ssltrace.h"
-#endif
-
-#if defined(IS_LITTLE_ENDIAN) && defined(_MSC_VER) && defined(_X86_)
-#undef SHA_HTONL
-#ifndef FORCEINLINE
-#if (MSC_VER >= 1200)
-#define FORCEINLINE __forceinline
-#else
-#define FORCEINLINE __inline
-#endif
-#endif
-#define FASTCALL __fastcall
-
-static FORCEINLINE PRUint32 FASTCALL
-swap4b(PRUint32 dwd)
-{
- __asm {
- mov eax,dwd
- bswap eax
- }
-}
-
-#define SHA_HTONL(x) swap4b(x)
-#endif
-
-static void shaCompress(SHA1Context *ctx);
-
-#define W u.w
-#define B u.b
-
-#if defined(_MSC_VER) && defined(_X86_)
-#pragma intrinsic (_lrotr, _lrotl)
-#define SHA_ROTL(x,n) _lrotl(x,n)
-#else
-#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n))))
-#endif
-#define SHA_F1(X,Y,Z) ((((Y)^(Z))&(X))^(Z))
-#define SHA_F2(X,Y,Z) ((X)^(Y)^(Z))
-#define SHA_F3(X,Y,Z) (((X)&(Y))|((Z)&((X)|(Y))))
-#define SHA_F4(X,Y,Z) ((X)^(Y)^(Z))
-#define SHA_MIX(t) ctx->W[t] = \
- (A = ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], SHA_ROTL(A, 1))
-
-
-/*
- * SHA: Zeroize and initialize context
- */
-void
-SHA1_Begin(SHA1Context *ctx)
-{
- memset(ctx, 0, sizeof(SHA1Context));
-
- /*
- * Initialize H with constants from FIPS180-1.
- */
- ctx->H[0] = 0x67452301L;
- ctx->H[1] = 0xefcdab89L;
- ctx->H[2] = 0x98badcfeL;
- ctx->H[3] = 0x10325476L;
- ctx->H[4] = 0xc3d2e1f0L;
-}
-
-
-/*
- * SHA: Add data to context.
- */
-void
-SHA1_Update(SHA1Context *ctx, const unsigned char *dataIn, unsigned int len)
-{
- register unsigned int lenB = ctx->sizeLo & 63;
- register unsigned int togo;
-
- if (!len)
- return;
-
- /* accumulate the byte count. */
- ctx->sizeLo += len;
- ctx->sizeHi += (ctx->sizeLo < len);
-
- /*
- * Read the data into W and process blocks as they get full
- */
- if (lenB > 0) {
- togo = 64 - lenB;
- if (len < togo)
- togo = len;
- memcpy(ctx->B + lenB, dataIn, togo);
- len -= togo;
- dataIn += togo;
- lenB = (lenB + togo) & 63;
- if (!lenB) {
- shaCompress(ctx);
- }
- }
- while (len >= 64) {
- memcpy(ctx->B, dataIn, 64);
- dataIn += 64;
- len -= 64;
- shaCompress(ctx);
- }
- if (len) {
- memcpy(ctx->B, dataIn, len);
- }
-}
-
-
-/*
- * SHA: Generate hash value from context
- */
-void
-SHA1_End(SHA1Context *ctx, unsigned char *hashout,
- unsigned int *pDigestLen, unsigned int maxDigestLen)
-{
- register PRUint32 sizeHi, sizeLo, lenB;
- static const unsigned char bulk_pad[64] = { 0x80,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
-#define A lenB
-
- PORT_Assert (maxDigestLen >= SHA1_LENGTH);
-
- /*
- * Pad with a binary 1 (e.g. 0x80), then zeroes, then length in bits
- */
- sizeHi = ctx->sizeHi;
- sizeLo = ctx->sizeLo;
- lenB = sizeLo & 63;
- SHA1_Update(ctx, bulk_pad, (((55+64) - lenB) & 63) + 1);
- PORT_Assert((ctx->sizeLo & 63) == 56);
-
- /* Convert size{Hi,Lo} from bytes to bits. */
- sizeHi = (sizeHi << 3) | (sizeLo >> 29);
- sizeLo <<= 3;
-
- ctx->W[14] = SHA_HTONL(sizeHi);
- ctx->W[15] = SHA_HTONL(sizeLo);
- shaCompress(ctx);
-
- /*
- * Output hash
- */
-#if defined(IS_LITTLE_ENDIAN)
- SHA_BYTESWAP(ctx->H[0]);
- SHA_BYTESWAP(ctx->H[1]);
- SHA_BYTESWAP(ctx->H[2]);
- SHA_BYTESWAP(ctx->H[3]);
- SHA_BYTESWAP(ctx->H[4]);
-#endif
- memcpy(hashout, ctx->H, SHA1_LENGTH);
- *pDigestLen = SHA1_LENGTH;
-
- /*
- * Re-initialize the context (also zeroizes contents)
- */
- SHA1_Begin(ctx);
-}
-
-#undef A
-#undef B
-/*
- * SHA: Compression function, unrolled.
- */
-static void
-shaCompress(SHA1Context *ctx)
-{
- register PRUint32 A, B, C, D, E;
-
-#if defined(IS_LITTLE_ENDIAN)
- SHA_BYTESWAP(ctx->W[0]);
- SHA_BYTESWAP(ctx->W[1]);
- SHA_BYTESWAP(ctx->W[2]);
- SHA_BYTESWAP(ctx->W[3]);
- SHA_BYTESWAP(ctx->W[4]);
- SHA_BYTESWAP(ctx->W[5]);
- SHA_BYTESWAP(ctx->W[6]);
- SHA_BYTESWAP(ctx->W[7]);
- SHA_BYTESWAP(ctx->W[8]);
- SHA_BYTESWAP(ctx->W[9]);
- SHA_BYTESWAP(ctx->W[10]);
- SHA_BYTESWAP(ctx->W[11]);
- SHA_BYTESWAP(ctx->W[12]);
- SHA_BYTESWAP(ctx->W[13]);
- SHA_BYTESWAP(ctx->W[14]);
- SHA_BYTESWAP(ctx->W[15]);
-#endif
-
- /*
- * This can be moved into the main code block below, but doing
- * so can cause some compilers to run out of registers and resort
- * to storing intermediates in RAM.
- */
-
- SHA_MIX(16); SHA_MIX(17); SHA_MIX(18); SHA_MIX(19);
- SHA_MIX(20); SHA_MIX(21); SHA_MIX(22); SHA_MIX(23); SHA_MIX(24);
- SHA_MIX(25); SHA_MIX(26); SHA_MIX(27); SHA_MIX(28); SHA_MIX(29);
- SHA_MIX(30); SHA_MIX(31); SHA_MIX(32); SHA_MIX(33); SHA_MIX(34);
- SHA_MIX(35); SHA_MIX(36); SHA_MIX(37); SHA_MIX(38); SHA_MIX(39);
- SHA_MIX(40); SHA_MIX(41); SHA_MIX(42); SHA_MIX(43); SHA_MIX(44);
- SHA_MIX(45); SHA_MIX(46); SHA_MIX(47); SHA_MIX(48); SHA_MIX(49);
- SHA_MIX(50); SHA_MIX(51); SHA_MIX(52); SHA_MIX(53); SHA_MIX(54);
- SHA_MIX(55); SHA_MIX(56); SHA_MIX(57); SHA_MIX(58); SHA_MIX(59);
- SHA_MIX(60); SHA_MIX(61); SHA_MIX(62); SHA_MIX(63); SHA_MIX(64);
- SHA_MIX(65); SHA_MIX(66); SHA_MIX(67); SHA_MIX(68); SHA_MIX(69);
- SHA_MIX(70); SHA_MIX(71); SHA_MIX(72); SHA_MIX(73); SHA_MIX(74);
- SHA_MIX(75); SHA_MIX(76); SHA_MIX(77); SHA_MIX(78); SHA_MIX(79);
-
- A = ctx->H[0];
- B = ctx->H[1];
- C = ctx->H[2];
- D = ctx->H[3];
- E = ctx->H[4];
-
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 0]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 1]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 2]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 3]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 4]+0x5a827999L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 5]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 6]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 7]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 8]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 9]+0x5a827999L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[10]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[11]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[12]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[13]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[14]+0x5a827999L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[15]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[16]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[17]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[18]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[19]+0x5a827999L; C=SHA_ROTL(C,30);
-
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[20]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[21]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[22]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[23]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[24]+0x6ed9eba1L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[25]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[26]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[27]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[28]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[29]+0x6ed9eba1L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[30]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[31]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[32]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[33]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[34]+0x6ed9eba1L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[35]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[36]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[37]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[38]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[39]+0x6ed9eba1L; C=SHA_ROTL(C,30);
-
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[40]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[41]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[42]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[43]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[44]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[45]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[46]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[47]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[48]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[49]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[50]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[51]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[52]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[53]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[54]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[55]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[56]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[57]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[58]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[59]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
-
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[60]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[61]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[62]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[63]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[64]+0xca62c1d6L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[65]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[66]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[67]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[68]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[69]+0xca62c1d6L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[70]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[71]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[72]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[73]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[74]+0xca62c1d6L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[75]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[76]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[77]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[78]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[79]+0xca62c1d6L; C=SHA_ROTL(C,30);
-
- ctx->H[0] += A;
- ctx->H[1] += B;
- ctx->H[2] += C;
- ctx->H[3] += D;
- ctx->H[4] += E;
-}
-
-/*************************************************************************
-** Code below this line added to make SHA code support BLAPI interface
-*/
-
-SHA1Context *
-SHA1_NewContext(void)
-{
- SHA1Context *cx;
-
- /* no need to ZNew, SHA1_Begin will init the context */
- cx = PORT_New(SHA1Context);
- return cx;
-}
-
-void
-SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_ZFree(cx, sizeof(SHA1Context));
- }
-}
-
-SECStatus
-SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SHA1Context ctx;
- unsigned int outLen;
-
- SHA1_Begin(&ctx);
- SHA1_Update(&ctx, src, src_length);
- SHA1_End(&ctx, dest, &outLen, SHA1_LENGTH);
-
- return SECSuccess;
-}
-
-/* Hash a null-terminated character string. */
-SECStatus
-SHA1_Hash(unsigned char *dest, const char *src)
-{
- return SHA1_HashBuf(dest, (const unsigned char *)src, PORT_Strlen (src));
-}
-
-/*
- * need to support save/restore state in pkcs11. Stores all the info necessary
- * for a structure into just a stream of bytes.
- */
-unsigned int
-SHA1_FlattenSize(SHA1Context *cx)
-{
- return sizeof(SHA1Context);
-}
-
-SECStatus
-SHA1_Flatten(SHA1Context *cx,unsigned char *space)
-{
- PORT_Memcpy(space,cx, sizeof(SHA1Context));
- return SECSuccess;
-}
-
-SHA1Context *
-SHA1_Resurrect(unsigned char *space,void *arg)
-{
- SHA1Context *cx = SHA1_NewContext();
- if (cx == NULL) return NULL;
-
- PORT_Memcpy(cx,space, sizeof(SHA1Context));
- return cx;
-}
-
-void
-SHA1_TraceState(SHA1Context *ctx)
-{
-#ifdef TRACING_SSL
- uint32 W;
- int i;
- int len;
- int fixWord = -1;
- int remainder; /* bytes in last word */
- unsigned char buf[64 * 4];
-
- SSL_TRC(99, ("%d: SSL: SHA1 state: %08x %08x %08x %08x %08x", SSL_GETPID(),
- ctx->H[0], ctx->H[1], ctx->H[2], ctx->H[3], ctx->H[4]));
-
- len = (int)(ctx->sizeLo & 63);
- remainder = len % 4;
- if (remainder)
- fixWord = len - remainder;
- for (i = 0; i < len; i++) {
- if (0 == (i % 4)) {
- W = ctx->W[i / 4];
- if (i == fixWord) {
- W <<= 8 * (4 - remainder);
- }
- }
- buf[i] = (unsigned char)(W >> 24);
- W <<= 8;
- }
-
- PRINT_BUF(99, (0, "SHA1_TraceState: buffered input", buf, len));
-
-#else
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-#endif
-}
diff --git a/security/nss/lib/freebl/sha_fast.h b/security/nss/lib/freebl/sha_fast.h
deleted file mode 100644
index d371f9332..000000000
--- a/security/nss/lib/freebl/sha_fast.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Reference Implementation (Optimized)
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SHA_FAST_H_
-#define _SHA_FAST_H_
-
-#define SHA1_INPUT_LEN 64
-
-struct SHA1ContextStr {
- union {
- PRUint32 w[80]; /* input buffer, plus 64 words */
- PRUint8 b[320];
- } u;
- PRUint32 H[5]; /* 5 state variables */
- PRUint32 sizeHi,sizeLo; /* 64-bit count of hashed bytes. */
-};
-
-#define SHA_MASK 0x00FF00FF
-#if defined(IS_LITTLE_ENDIAN)
-#define SHA_HTONL(x) (A = (x), A = (A << 16) | (A >> 16), \
- ((A & SHA_MASK) << 8) | ((A >> 8) & SHA_MASK))
-#else
-#define SHA_HTONL(x) (x)
-#endif
-#define SHA_BYTESWAP(x) x = SHA_HTONL(x)
-
-#endif /* _SHA_FAST_H_ */
diff --git a/security/nss/lib/freebl/shsign.h b/security/nss/lib/freebl/shsign.h
deleted file mode 100644
index b38af1add..000000000
--- a/security/nss/lib/freebl/shsign.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2003 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * shsign.h - header to build softoken signature files.
- *
- * $Id$
- */
-
-#ifndef _SHSIGN_H_
-#define _SHSIGN_H_
-
-#define SGN_SUFFIX ".chk"
-#define NSS_SIGN_CHK_MAGIC1 0xf1
-#define NSS_SIGN_CHK_MAGIC2 0xc5
-#define NSS_SIGN_CHK_MAJOR_VERSION 0x01
-#define NSS_SIGN_CHK_MINOR_VERSION 0x02
-
-#endif /* _SHSIGN_H_ */
diff --git a/security/nss/lib/freebl/shvfy.c b/security/nss/lib/freebl/shvfy.c
deleted file mode 100644
index 084ba0161..000000000
--- a/security/nss/lib/freebl/shvfy.c
+++ /dev/null
@@ -1,294 +0,0 @@
-
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2003 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * shvfy.c - routines to verify signature on a shared library.
- *
- * $Id$
- */
-
-#include "shsign.h"
-#include "prlink.h"
-#include "prio.h"
-#include "blapi.h"
-#include "seccomon.h"
-#include "stdio.h"
-
-/* #define DEBUG_SHVERIFY 1 */
-
-static char *
-mkCheckFileName(const char *libName)
-{
- int ln_len = PORT_Strlen(libName);
- char *output = PORT_Alloc(ln_len+sizeof(SGN_SUFFIX));
- int index = ln_len + 1 - sizeof("."SHLIB_SUFFIX);
-
- if ((index > 0) &&
- (PORT_Strncmp(&libName[index],
- "."SHLIB_SUFFIX,sizeof("."SHLIB_SUFFIX)) == 0)) {
- ln_len = index;
- }
- PORT_Memcpy(output,libName,ln_len);
- PORT_Memcpy(&output[ln_len],SGN_SUFFIX,sizeof(SGN_SUFFIX));
- return output;
-}
-
-static int
-decodeInt(unsigned char *buf)
-{
- return (buf[3]) | (buf[2] << 8) | (buf[1] << 16) | (buf[0] << 24);
-}
-
-static SECStatus
-readItem(PRFileDesc *fd, SECItem *item)
-{
- unsigned char buf[4];
- int bytesRead;
-
-
- bytesRead = PR_Read(fd, buf, 4);
- if (bytesRead != 4) {
- return SECFailure;
- }
- item->len = decodeInt(buf);
-
- item->data = PORT_Alloc(item->len);
- if (item->data == NULL) {
- item->len = 0;
- return SECFailure;
- }
- bytesRead = PR_Read(fd, item->data, item->len);
- if (bytesRead != item->len) {
- PORT_Free(item->data);
- item->data = NULL;
- item->len = 0;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-PRBool
-BLAPI_SHVerify(const char *name, PRFuncPtr addr)
-{
- /* find our shared library name */
- char *shName = PR_GetLibraryFilePathname(name, addr);
- char *checkName = NULL;
- PRFileDesc *checkFD = NULL;
- PRFileDesc *shFD = NULL;
- SHA1Context *hashcx = NULL;
- SECItem signature = { 0, NULL, 0 };
- SECItem hash;
- int bytesRead, offset;
- SECStatus rv;
- DSAPublicKey key;
- int count;
-
- PRBool result = PR_FALSE; /* if anything goes wrong,
- * the signature does not verify */
- unsigned char buf[512];
- unsigned char hashBuf[SHA1_LENGTH];
-
- PORT_Memset(&key,0,sizeof(key));
- hash.data = hashBuf;
- hash.len = sizeof(hashBuf);
-
- if (!shName) {
- goto loser;
- }
-
- /* figure out the name of our check file */
- checkName = mkCheckFileName(shName);
- if (!checkName) {
- goto loser;
- }
-
- /* open the check File */
- checkFD = PR_Open(checkName, PR_RDONLY, 0);
- if (checkFD == NULL) {
-#ifdef DEBUG_SHVERIFY
- fprintf(stderr, "Failed to open the check file %s: (%d, %d)\n",
- checkName, (int)PR_GetError(), (int)PR_GetOSError());
-#endif /* DEBUG_SHVERIFY */
- goto loser;
- }
-
- /* read and Verify the headerthe header */
- bytesRead = PR_Read(checkFD, buf, 12);
- if (bytesRead != 12) {
- goto loser;
- }
- if ((buf[0] != NSS_SIGN_CHK_MAGIC1) || (buf[1] != NSS_SIGN_CHK_MAGIC2)) {
- goto loser;
- }
- if ((buf[2] != NSS_SIGN_CHK_MAJOR_VERSION) ||
- (buf[3] < NSS_SIGN_CHK_MINOR_VERSION)) {
- goto loser;
- }
-#ifdef notdef
- if (decodeInt(&buf[8]) != CKK_DSA) {
- goto loser;
- }
-#endif
-
- /* seek past any future header extensions */
- offset = decodeInt(&buf[4]);
- PR_Seek(checkFD, offset, PR_SEEK_SET);
-
- /* read the key */
- rv = readItem(checkFD,&key.params.prime);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = readItem(checkFD,&key.params.subPrime);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = readItem(checkFD,&key.params.base);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = readItem(checkFD,&key.publicValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* read the siganture */
- rv = readItem(checkFD,&signature);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* done with the check file */
- PR_Close(checkFD);
- checkFD = NULL;
-
- /* open our library file */
- shFD = PR_Open(shName, PR_RDONLY, 0);
- if (shFD == NULL) {
-#ifdef DEBUG_SHVERIFY
- fprintf(stderr, "Failed to open the library file %s: (%d, %d)\n",
- shName, (int)PR_GetError(), (int)PR_GetOSError());
-#endif /* DEBUG_SHVERIFY */
- goto loser;
- }
-
- /* hash our library file with SHA1 */
- hashcx = SHA1_NewContext();
- if (hashcx == NULL) {
- goto loser;
- }
- SHA1_Begin(hashcx);
-
- count = 0;
- while ((bytesRead = PR_Read(shFD, buf, sizeof(buf))) > 0) {
- SHA1_Update(hashcx, buf, bytesRead);
- count += bytesRead;
- }
- PR_Close(shFD);
- shFD = NULL;
-
- SHA1_End(hashcx, hash.data, &hash.len, hash.len);
-
-
- /* verify the hash against the check file */
- if (DSA_VerifyDigest(&key, &signature, &hash) == SECSuccess) {
- result = PR_TRUE;
- }
-#ifdef DEBUG_SHVERIFY
- {
- int i,j;
- fprintf(stderr,"File %s: %d bytes\n",shName, count);
- fprintf(stderr," hash: %d bytes\n", hash.len);
-#define STEP 10
- for (i=0; i < hash.len; i += STEP) {
- fprintf(stderr," ");
- for (j=0; j < STEP && (i+j) < hash.len; j++) {
- fprintf(stderr," %02x", hash.data[i+j]);
- }
- fprintf(stderr,"\n");
- }
- fprintf(stderr," signature: %d bytes\n", signature.len);
- for (i=0; i < signature.len; i += STEP) {
- fprintf(stderr," ");
- for (j=0; j < STEP && (i+j) < signature.len; j++) {
- fprintf(stderr," %02x", signature.data[i+j]);
- }
- fprintf(stderr,"\n");
- }
- fprintf(stderr,"Verified : %s\n",result?"TRUE": "FALSE");
- }
-#endif /* DEBUG_SHVERIFY */
-
-
-loser:
- if (shName != NULL) {
- PR_Free(shName);
- }
- if (checkName != NULL) {
- PORT_Free(checkName);
- }
- if (checkFD != NULL) {
- PR_Close(checkFD);
- }
- if (shFD != NULL) {
- PR_Close(shFD);
- }
- if (hashcx != NULL) {
- SHA1_DestroyContext(hashcx,PR_TRUE);
- }
- if (signature.data != NULL) {
- PORT_Free(signature.data);
- }
- if (key.params.prime.data != NULL) {
- PORT_Free(key.params.prime.data);
- }
- if (key.params.subPrime.data != NULL) {
- PORT_Free(key.params.subPrime.data);
- }
- if (key.params.base.data != NULL) {
- PORT_Free(key.params.base.data);
- }
- if (key.publicValue.data != NULL) {
- PORT_Free(key.publicValue.data);
- }
-
- return result;
-}
-
-PRBool
-BLAPI_VerifySelf(const char *name)
-{
- /* to separate shlib to verify if name is NULL */
- if (name == NULL) {
- return PR_TRUE;
- }
- return BLAPI_SHVerify(name, (PRFuncPtr) decodeInt);
-}
diff --git a/security/nss/lib/freebl/sparcfix.c b/security/nss/lib/freebl/sparcfix.c
deleted file mode 100644
index 6ebc41cf0..000000000
--- a/security/nss/lib/freebl/sparcfix.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a program to modify v8+vis objects for linking.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#if defined(SOLARIS2_6) || defined(SOLARIS2_7) || defined(SOLARIS2_8)
-#define NEW_SYSV_SPARC 1
-#include <gelf.h>
-#endif
-#include <libelf.h>
-#include <sys/elf_SPARC.h>
-
-int
-main(int argc, char *argv[])
-{
- Elf * elf;
- off_t size;
- int fd;
- int count;
-#if defined(NEW_SYSV_SPARC)
- GElf_Ehdr hdr;
- GElf_Ehdr *ehdr = &hdr;
-#else
- Elf32_Ehdr *ehdr;
-#endif
-
-
- elf_version(EV_CURRENT);
- fd = open(argv[1], O_RDWR);
- if (fd < 0)
- goto loser;
- elf = elf_begin(fd, ELF_C_RDWR, (Elf *)0);
- if (!elf)
- goto loser;
-
-#if defined(NEW_SYSV_SPARC)
- gelf_getehdr(elf, ehdr);
-#else
- ehdr = elf32_getehdr(elf);
- if (!ehdr)
- goto loser;
-#endif
-
- if (ehdr->e_machine == EM_SPARC32PLUS) {
- ehdr->e_machine = EM_SPARC;
- ehdr->e_flags &= ~(EF_SPARC_32PLUS | EF_SPARC_SUN_US1);
-#if defined(NEW_SYSV_SPARC)
- count = gelf_update_ehdr(elf, ehdr);
- if (count < 0)
- goto loser;
-#endif
- size = elf_update(elf, ELF_C_WRITE);
- if (size < 0)
- goto loser;
- }
-
- do {
- count = elf_end(elf);
- } while (count > 0);
- return count;
-
-loser:
- return 1;
-}
diff --git a/security/nss/lib/freebl/sysrand.c b/security/nss/lib/freebl/sysrand.c
deleted file mode 100644
index 410ab9cc7..000000000
--- a/security/nss/lib/freebl/sysrand.c
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include "unix_rand.c"
-#endif
-#ifdef XP_WIN
-#include "win_rand.c"
-#endif
-#ifdef XP_MAC
-#include "mac_rand.c"
-#endif
-#ifdef XP_OS2
-#include "os2_rand.c"
-#endif
diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c
deleted file mode 100644
index cd6726530..000000000
--- a/security/nss/lib/freebl/unix_rand.c
+++ /dev/null
@@ -1,991 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-#include <unistd.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <sys/stat.h>
-#include <assert.h>
-#include "secrng.h"
-
-size_t RNG_FileUpdate(const char *fileName, size_t limit);
-
-/*
- * When copying data to the buffer we want the least signicant bytes
- * from the input since those bits are changing the fastest. The address
- * of least significant byte depends upon whether we are running on
- * a big-endian or little-endian machine.
- *
- * Does this mean the least signicant bytes are the most significant
- * to us? :-)
- */
-
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen)
-{
- union endianness {
- int32 i;
- char c[4];
- } u;
-
- if (srclen <= dstlen) {
- memcpy(dst, src, srclen);
- return srclen;
- }
- u.i = 0x01020304;
- if (u.c[0] == 0x01) {
- /* big-endian case */
- memcpy(dst, (char*)src + (srclen - dstlen), dstlen);
- } else {
- /* little-endian case */
- memcpy(dst, src, dstlen);
- }
- return dstlen;
-}
-
-#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) \
- || defined(NETBSD) || defined(NTO) || defined(DARWIN) || defined(OPENBSD)
-#include <sys/times.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- int ticks;
- struct tms buffer;
-
- ticks=times(&buffer);
- return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
-}
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /*
- * Is this really necessary? Why not use rand48 or something?
- */
- si = sysconf(_SC_CHILD_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_STREAM_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_OPEN_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif
-
-#if defined(__sun)
-#if defined(__svr4) || defined(SVR4)
-#include <sys/systeminfo.h>
-#include <sys/times.h>
-#include <wait.h>
-
-int gettimeofday(struct timeval *);
-int gethostname(char *, int);
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- hrtime_t t;
- t = gethrtime();
- if (t) {
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
- }
- return 0;
-}
-#else /* SunOS (Sun, but not SVR4) */
-
-extern long sysconf(int name);
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /* This is not very good */
- si = sysconf(_SC_CHILD_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif
-#endif /* Sun */
-
-#if defined(__hpux)
-#include <sys/unistd.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-#if defined(__ia64)
-#include <ia64/sys/inline.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- PRUint64 t;
-
- t = _Asm_mov_from_ar(_AREG44);
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-#else
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- extern int ret_cr16();
- int cr16val;
-
- cr16val = ret_cr16();
- return CopyLowBits(buf, maxbytes, &cr16val, sizeof(cr16val));
-}
-#endif
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /* This is not very good */
- si = sysconf(_AES_OS_VERSION);
- RNG_RandomUpdate(&si, sizeof(si));
- si = sysconf(_SC_CPU_VERSION);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif /* HPUX */
-
-#if defined(OSF1)
-#include <sys/types.h>
-#include <sys/sysinfo.h>
-#include <sys/systeminfo.h>
-#include <c_asm.h>
-
-static void
-GiveSystemInfo(void)
-{
- char buf[BUFSIZ];
- int rv;
- int off = 0;
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-/*
- * Use the "get the cycle counter" instruction on the alpha.
- * The low 32 bits completely turn over in less than a minute.
- * The high 32 bits are some non-counter gunk that changes sometimes.
- */
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- unsigned long t;
-
- t = asm("rpcc %v0");
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-
-#endif /* Alpha */
-
-#if defined(_IBMR2)
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- /* XXX haven't found any yet! */
-}
-#endif /* IBM R2 */
-
-#if defined(LINUX)
-#include <linux/kernel.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- /* XXX sysinfo() does not seem be implemented anywhwere */
-#if 0
- struct sysinfo si;
- char hn[2000];
- if (sysinfo(&si) == 0) {
- RNG_RandomUpdate(&si, sizeof(si));
- }
-#endif
-}
-#endif /* LINUX */
-
-#if defined(NCR)
-
-#include <sys/utsname.h>
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-#endif /* NCR */
-
-
-#if defined(sgi)
-#include <fcntl.h>
-#undef PRIVATE
-#include <sys/mman.h>
-#include <sys/syssgi.h>
-#include <sys/immu.h>
-#include <sys/systeminfo.h>
-#include <sys/utsname.h>
-#include <wait.h>
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[4096];
-
- rv = syssgi(SGI_SYSID, &buf[0]);
- if (rv > 0) {
- RNG_RandomUpdate(buf, MAXSYSIDSIZE);
- }
-#ifdef SGI_RDUBLK
- rv = syssgi(SGI_RDUBLK, getpid(), &buf[0], sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, sizeof(buf));
- }
-#endif /* SGI_RDUBLK */
- rv = syssgi(SGI_INVENT, SGI_INV_READ, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, sizeof(buf));
- }
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-static size_t GetHighResClock(void *buf, size_t maxbuf)
-{
- unsigned phys_addr, raddr, cycleval;
- static volatile unsigned *iotimer_addr = NULL;
- static int tries = 0;
- static int cntr_size;
- int mfd;
- long s0[2];
- struct timeval tv;
-
-#ifndef SGI_CYCLECNTR_SIZE
-#define SGI_CYCLECNTR_SIZE 165 /* Size user needs to use to read CC */
-#endif
-
- if (iotimer_addr == NULL) {
- if (tries++ > 1) {
- /* Don't keep trying if it didn't work */
- return 0;
- }
-
- /*
- ** For SGI machines we can use the cycle counter, if it has one,
- ** to generate some truly random numbers
- */
- phys_addr = syssgi(SGI_QUERY_CYCLECNTR, &cycleval);
- if (phys_addr) {
- int pgsz = getpagesize();
- int pgoffmask = pgsz - 1;
-
- raddr = phys_addr & ~pgoffmask;
- mfd = open("/dev/mmem", O_RDONLY);
- if (mfd < 0) {
- return 0;
- }
- iotimer_addr = (unsigned *)
- mmap(0, pgoffmask, PROT_READ, MAP_PRIVATE, mfd, (int)raddr);
- if (iotimer_addr == (void*)-1) {
- close(mfd);
- iotimer_addr = NULL;
- return 0;
- }
- iotimer_addr = (unsigned*)
- ((__psint_t)iotimer_addr | (phys_addr & pgoffmask));
- /*
- * The file 'mfd' is purposefully not closed.
- */
- cntr_size = syssgi(SGI_CYCLECNTR_SIZE);
- if (cntr_size < 0) {
- struct utsname utsinfo;
-
- /*
- * We must be executing on a 6.0 or earlier system, since the
- * SGI_CYCLECNTR_SIZE call is not supported.
- *
- * The only pre-6.1 platforms with 64-bit counters are
- * IP19 and IP21 (Challenge, PowerChallenge, Onyx).
- */
- uname(&utsinfo);
- if (!strncmp(utsinfo.machine, "IP19", 4) ||
- !strncmp(utsinfo.machine, "IP21", 4))
- cntr_size = 64;
- else
- cntr_size = 32;
- }
- cntr_size /= 8; /* Convert from bits to bytes */
- }
- }
-
- s0[0] = *iotimer_addr;
- if (cntr_size > 4)
- s0[1] = *(iotimer_addr + 1);
- memcpy(buf, (char *)&s0[0], cntr_size);
- return CopyLowBits(buf, maxbuf, &s0, cntr_size);
-}
-#endif
-
-#if defined(sony)
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-#endif /* sony */
-
-#if defined(sinix)
-#include <sys/systeminfo.h>
-#include <sys/times.h>
-
-int gettimeofday(struct timeval *, struct timezone *);
-int gethostname(char *, int);
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- int ticks;
- struct tms buffer;
-
- ticks=times(&buffer);
- return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-#endif /* sinix */
-
-#if defined(VMS)
-#include <c_asm.h>
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /*
- * This is copied from the SCO/UNIXWARE etc section. And like the comment
- * there says, what's the point? This isn't random, it generates the same
- * stuff every time its run!
- */
- si = sysconf(_SC_CHILD_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_STREAM_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_OPEN_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-
-/*
- * Use the "get the cycle counter" instruction on the alpha.
- * The low 32 bits completely turn over in less than a minute.
- * The high 32 bits are some non-counter gunk that changes sometimes.
- */
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- unsigned long t;
-
- t = asm("rpcc %v0");
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-
-#endif /* VMS */
-
-#ifdef BEOS
-#include <be/kernel/OS.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- bigtime_t bigtime; /* Actually an int64 */
-
- bigtime = real_time_clock_usecs();
- return CopyLowBits(buf, maxbytes, &bigtime, sizeof(bigtime));
-}
-
-static void
-GiveSystemInfo(void)
-{
- system_info *info = NULL;
- int32 val;
- get_system_info(info);
- if (info) {
- val = info->boot_time;
- RNG_RandomUpdate(&val, sizeof(val));
- val = info->used_pages;
- RNG_RandomUpdate(&val, sizeof(val));
- val = info->used_ports;
- RNG_RandomUpdate(&val, sizeof(val));
- val = info->used_threads;
- RNG_RandomUpdate(&val, sizeof(val));
- val = info->used_teams;
- RNG_RandomUpdate(&val, sizeof(val));
- }
-}
-#endif /* BEOS */
-
-#if defined(nec_ews)
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-#endif /* nec_ews */
-
-size_t RNG_GetNoise(void *buf, size_t maxbytes)
-{
- struct timeval tv;
- int n = 0;
- int c;
-
- n = GetHighResClock(buf, maxbytes);
- maxbytes -= n;
-
-#if defined(__sun) && (defined(_svr4) || defined(SVR4)) || defined(sony)
- (void)gettimeofday(&tv);
-#else
- (void)gettimeofday(&tv, 0);
-#endif
- c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_usec, sizeof(tv.tv_usec));
- n += c;
- maxbytes -= c;
- c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_sec, sizeof(tv.tv_sec));
- n += c;
- return n;
-}
-
-#define SAFE_POPEN_MAXARGS 10 /* must be at least 2 */
-
-/*
- * safe_popen is static to this module and we know what arguments it is
- * called with. Note that this version only supports a single open child
- * process at any time.
- */
-static pid_t safe_popen_pid;
-static struct sigaction oldact;
-
-static FILE *
-safe_popen(char *cmd)
-{
- int p[2], fd, argc;
- pid_t pid;
- char *argv[SAFE_POPEN_MAXARGS + 1];
- FILE *fp;
- static char blank[] = " \t";
- static struct sigaction newact;
-
- if (pipe(p) < 0)
- return 0;
-
- /* Setup signals so that SIGCHLD is ignored as we want to do waitpid */
- newact.sa_handler = SIG_DFL;
- newact.sa_flags = 0;
- sigfillset(&newact.sa_mask);
- sigaction (SIGCHLD, &newact, &oldact);
-
- pid = fork();
- switch (pid) {
- case -1:
- close(p[0]);
- close(p[1]);
- sigaction (SIGCHLD, &oldact, NULL);
- return 0;
-
- case 0:
- /* dup write-side of pipe to stderr and stdout */
- if (p[1] != 1) dup2(p[1], 1);
- if (p[1] != 2) dup2(p[1], 2);
- close(0);
- for (fd = getdtablesize(); --fd > 2; close(fd))
- ;
-
- /* clean up environment in the child process */
- putenv("PATH=/bin:/usr/bin:/sbin:/usr/sbin:/etc:/usr/etc");
- putenv("SHELL=/bin/sh");
- putenv("IFS= \t");
-
- /*
- * The caller may have passed us a string that is in text
- * space. It may be illegal to modify the string
- */
- cmd = strdup(cmd);
- /* format argv */
- argv[0] = strtok(cmd, blank);
- argc = 1;
- while ((argv[argc] = strtok(0, blank)) != 0) {
- if (++argc == SAFE_POPEN_MAXARGS) {
- argv[argc] = 0;
- break;
- }
- }
-
- /* and away we go */
- execvp(argv[0], argv);
- exit(127);
- break;
-
- default:
- close(p[1]);
- fp = fdopen(p[0], "r");
- if (fp == 0) {
- close(p[0]);
- sigaction (SIGCHLD, &oldact, NULL);
- return 0;
- }
- break;
- }
-
- /* non-zero means there's a cmd running */
- safe_popen_pid = pid;
- return fp;
-}
-
-static int
-safe_pclose(FILE *fp)
-{
- pid_t pid;
- int count, status;
-
- if ((pid = safe_popen_pid) == 0)
- return -1;
- safe_popen_pid = 0;
-
- /* if the child hasn't exited, kill it -- we're done with its output */
- count = 0;
- while (waitpid(pid, &status, WNOHANG) == 0) {
- if (kill(pid, SIGKILL) < 0 && errno == ESRCH)
- break;
- if (++count == 1000)
- break;
- }
-
- /* Reset SIGCHLD signal hander before returning */
- sigaction(SIGCHLD, &oldact, NULL);
-
- fclose(fp);
- return status;
-}
-
-
-#if !defined(VMS)
-
-#ifdef DARWIN
-#include <crt_externs.h>
-#endif
-
-void RNG_SystemInfoForRNG(void)
-{
- FILE *fp;
- char buf[BUFSIZ];
- size_t bytes;
- const char * const *cp;
- char *randfile;
-#ifdef DARWIN
- char **environ = *_NSGetEnviron();
-#else
- extern char **environ;
-#endif
-#ifdef BEOS
- static const char * const files[] = {
- "/boot/var/swap",
- "/boot/var/log/syslog",
- "/boot/var/tmp",
- "/boot/home/config/settings",
- "/boot/home",
- 0
- };
-#else
- static const char * const files[] = {
- "/etc/passwd",
- "/etc/utmp",
- "/tmp",
- "/var/tmp",
- "/usr/tmp",
- 0
- };
-#endif
-
-#ifdef DO_PS
-For now it is considered that it is too expensive to run the ps command
-for the small amount of entropy it provides.
-#if defined(__sun) && (!defined(__svr4) && !defined(SVR4)) || defined(bsdi) || defined(LINUX)
- static char ps_cmd[] = "ps aux";
-#else
- static char ps_cmd[] = "ps -el";
-#endif
-#endif /* DO_PS */
-#if defined(BSDI)
- static char netstat_ni_cmd[] = "netstat -nis";
-#else
- static char netstat_ni_cmd[] = "netstat -ni";
-#endif
-
- GiveSystemInfo();
-
- bytes = RNG_GetNoise(buf, sizeof(buf));
- RNG_RandomUpdate(buf, bytes);
-
- /*
- * Pass the C environment and the addresses of the pointers to the
- * hash function. This makes the random number function depend on the
- * execution environment of the user and on the platform the program
- * is running on.
- */
- if (environ != NULL) {
- cp = environ;
- while (*cp) {
- RNG_RandomUpdate(*cp, strlen(*cp));
- cp++;
- }
- RNG_RandomUpdate(environ, (char*)cp - (char*)environ);
- }
-
- /* Give in system information */
- if (gethostname(buf, sizeof(buf)) > 0) {
- RNG_RandomUpdate(buf, strlen(buf));
- }
- GiveSystemInfo();
-
- /* grab some data from system's PRNG before any other files. */
- bytes = RNG_FileUpdate("/dev/urandom", 1024);
-
- /* If the user points us to a random file, pass it through the rng */
- randfile = getenv("NSRANDFILE");
- if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) {
- RNG_FileForRNG(randfile);
- }
-
- /* pass other files through */
- for (cp = files; *cp; cp++)
- RNG_FileForRNG(*cp);
-
-/*
- * Bug 100447: On BSD/OS 4.2 and 4.3, we have problem calling safe_popen
- * in a pthreads environment. Therefore, we call safe_popen last and on
- * BSD/OS we do not call safe_popen when we succeeded in getting data
- * from /dev/urandom.
- */
-
-#ifdef BSDI
- if (bytes)
- return;
-#endif
-
-#ifdef DO_PS
- fp = safe_popen(ps_cmd);
- if (fp != NULL) {
- while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
- RNG_RandomUpdate(buf, bytes);
- safe_pclose(fp);
- }
-#endif
- fp = safe_popen(netstat_ni_cmd);
- if (fp != NULL) {
- while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
- RNG_RandomUpdate(buf, bytes);
- safe_pclose(fp);
- }
-
-}
-#else
-void RNG_SystemInfoForRNG(void)
-{
- FILE *fp;
- char buf[BUFSIZ];
- size_t bytes;
- int extra;
- char **cp;
- extern char **environ;
- char *randfile;
-
- GiveSystemInfo();
-
- bytes = RNG_GetNoise(buf, sizeof(buf));
- RNG_RandomUpdate(buf, bytes);
-
- /*
- * Pass the C environment and the addresses of the pointers to the
- * hash function. This makes the random number function depend on the
- * execution environment of the user and on the platform the program
- * is running on.
- */
- cp = environ;
- while (*cp) {
- RNG_RandomUpdate(*cp, strlen(*cp));
- cp++;
- }
- RNG_RandomUpdate(environ, (char*)cp - (char*)environ);
-
- /* Give in system information */
- if (gethostname(buf, sizeof(buf)) > 0) {
- RNG_RandomUpdate(buf, strlen(buf));
- }
- GiveSystemInfo();
-
- /* If the user points us to a random file, pass it through the rng */
- randfile = getenv("NSRANDFILE");
- if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) {
- RNG_FileForRNG(randfile);
- }
-
- /*
- ** We need to generate at least 1024 bytes of seed data. Since we don't
- ** do the file stuff for VMS, and because the environ list is so short
- ** on VMS, we need to make sure we generate enough. So do another 1000
- ** bytes to be sure.
- */
- extra = 1000;
- while (extra > 0) {
- cp = environ;
- while (*cp) {
- int n = strlen(*cp);
- RNG_RandomUpdate(*cp, n);
- extra -= n;
- cp++;
- }
- }
-}
-#endif
-
-#define TOTAL_FILE_LIMIT 1000000 /* one million */
-
-size_t RNG_FileUpdate(const char *fileName, size_t limit)
-{
- FILE * file;
- size_t bytes;
- size_t fileBytes = 0;
- struct stat stat_buf;
- unsigned char buffer[BUFSIZ];
- static size_t totalFileBytes = 0;
-
- if (stat((char *)fileName, &stat_buf) < 0)
- return fileBytes;
- RNG_RandomUpdate(&stat_buf, sizeof(stat_buf));
-
- file = fopen((char *)fileName, "r");
- if (file != NULL) {
- while (limit > fileBytes) {
- bytes = PR_MIN(sizeof buffer, limit - fileBytes);
- bytes = fread(buffer, 1, bytes, file);
- if (bytes == 0)
- break;
- RNG_RandomUpdate(buffer, bytes);
- fileBytes += bytes;
- totalFileBytes += bytes;
- /* after TOTAL_FILE_LIMIT has been reached, only read in first
- ** buffer of data from each subsequent file.
- */
- if (totalFileBytes > TOTAL_FILE_LIMIT)
- break;
- }
- fclose(file);
- }
- /*
- * Pass yet another snapshot of our highest resolution clock into
- * the hash function.
- */
- bytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, bytes);
- return fileBytes;
-}
-
-void RNG_FileForRNG(const char *fileName)
-{
- RNG_FileUpdate(fileName, TOTAL_FILE_LIMIT);
-}
diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c
deleted file mode 100644
index bad0365cd..000000000
--- a/security/nss/lib/freebl/win_rand.c
+++ /dev/null
@@ -1,545 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secrng.h"
-#ifdef XP_WIN
-#include <windows.h>
-
-#if defined(_WIN32_WCE)
-#include <stdlib.h> /* Win CE puts lots of stuff here. */
-#include "prprf.h" /* for PR_snprintf */
-#else
-#include <time.h>
-#include <io.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-#include <stdio.h>
-
-#ifndef _WIN32
-#define VTD_Device_ID 5
-#define OP_OVERRIDE _asm _emit 0x66
-#include <dos.h>
-#endif
-
-#include "prio.h"
-
-static PRInt32 filesToRead;
-static DWORD totalFileBytes;
-static DWORD maxFileBytes = 250000; /* 250 thousand */
-static DWORD dwNumFiles, dwReadEvery;
-
-static BOOL
-CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow)
-{
-#ifdef _WIN32
- LARGE_INTEGER liCount;
-
- if (!QueryPerformanceCounter(&liCount))
- return FALSE;
-
- *lpdwHigh = liCount.u.HighPart;
- *lpdwLow = liCount.u.LowPart;
- return TRUE;
-
-#else /* is WIN16 */
- BOOL bRetVal;
- FARPROC lpAPI;
- WORD w1, w2, w3, w4;
-
- // Get direct access to the VTD and query the current clock tick time
- _asm {
- xor di, di
- mov es, di
- mov ax, 1684h
- mov bx, VTD_Device_ID
- int 2fh
- mov ax, es
- or ax, di
- jz EnumerateFailed
-
- ; VTD API is available. First store the API address (the address actually
- ; contains an instruction that causes a fault, the fault handler then
- ; makes the ring transition and calls the API in the VxD)
- mov word ptr lpAPI, di
- mov word ptr lpAPI+2, es
- mov ax, 100h ; API function to VTD_Get_Real_Time
-; call dword ptr [lpAPI]
- call [lpAPI]
-
- ; Result is in EDX:EAX which we will get 16-bits at a time
- mov w2, dx
- OP_OVERRIDE
- shr dx,10h ; really "shr edx, 16"
- mov w1, dx
-
- mov w4, ax
- OP_OVERRIDE
- shr ax,10h ; really "shr eax, 16"
- mov w3, ax
-
- mov bRetVal, 1 ; return TRUE
- jmp EnumerateExit
-
- EnumerateFailed:
- mov bRetVal, 0 ; return FALSE
-
- EnumerateExit:
- }
-
- *lpdwHigh = MAKELONG(w2, w1);
- *lpdwLow = MAKELONG(w4, w3);
-
- return bRetVal;
-#endif /* is WIN16 */
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbuf)
-{
- DWORD dwHigh, dwLow, dwVal;
- int n = 0;
- int nBytes;
-
- if (maxbuf <= 0)
- return 0;
-
- CurrentClockTickTime(&dwHigh, &dwLow);
-
- // get the maximally changing bits first
- nBytes = sizeof(dwLow) > maxbuf ? maxbuf : sizeof(dwLow);
- memcpy((char *)buf, &dwLow, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- nBytes = sizeof(dwHigh) > maxbuf ? maxbuf : sizeof(dwHigh);
- memcpy(((char *)buf) + n, &dwHigh, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- // get the number of milliseconds that have elapsed since Windows started
- dwVal = GetTickCount();
-
- nBytes = sizeof(dwVal) > maxbuf ? maxbuf : sizeof(dwVal);
- memcpy(((char *)buf) + n, &dwVal, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
-#if defined(_WIN32_WCE)
- {
- // get the number of milliseconds elapsed since Windows CE was started.
- DWORD tickCount = GetTickCount();
- nBytes = (sizeof tickCount) > maxbuf ? maxbuf : (sizeof tickCount);
- memcpy(((char *)buf) + n, &tickCount, nBytes);
- n += nBytes;
- }
-#else
- {
- time_t sTime;
- // get the time in seconds since midnight Jan 1, 1970
- time(&sTime);
- nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
- memcpy(((char *)buf) + n, &sTime, nBytes);
- n += nBytes;
- }
-#endif
-
- return n;
-}
-
-#if defined(_WIN32_WCE)
-static BOOL
-EnumSystemFilesWithNSPR(const char * dirName,
- BOOL recursive,
- PRInt32 (*func)(const char *))
-{
- PRDir * pDir;
- PRDirEntry * pEntry;
- BOOL rv = FALSE;
-
- pDir = PR_OpenDir(dirName);
- if (!pDir)
- return rv;
- while ((pEntry = PR_ReadDir(pDir, PR_SKIP_BOTH|PR_SKIP_HIDDEN)) != NULL) {
- PRStatus status;
- PRInt32 count;
- PRInt32 stop;
- PRFileInfo fileInfo;
- char szFileName[_MAX_PATH];
-
- count = (PRInt32)PR_snprintf(szFileName, sizeof szFileName, "%s\\%s",
- dirName, PR_DirName(pEntry));
- if (count < 1)
- continue;
- status = PR_GetFileInfo(szFileName, &fileInfo);
- if (status != PR_SUCCESS)
- continue;
- if (fileInfo.type == PR_FILE_FILE) {
- stop = (*func)(szFileName);
- rv = TRUE;
- if (stop)
- break;
- continue;
- }
- if (recursive && fileInfo.type == PR_FILE_DIRECTORY) {
- rv |= EnumSystemFilesWithNSPR(szFileName, recursive, func);
- }
- }
- PR_CloseDir(pDir);
- return rv;
-}
-#endif
-
-static BOOL
-EnumSystemFiles(PRInt32 (*func)(const char *))
-{
-#if defined(_WIN32_WCE)
- BOOL rv = FALSE;
- rv |= EnumSystemFilesWithNSPR("\\Windows\\Temporary Internet Files", TRUE, func);
- rv |= EnumSystemFilesWithNSPR("\\Temp", FALSE, func);
- rv |= EnumSystemFilesWithNSPR("\\Windows", FALSE, func);
- return rv;
-#else
- int iStatus;
- char szSysDir[_MAX_PATH];
- char szFileName[_MAX_PATH];
-#ifdef _WIN32
- struct _finddata_t fdData;
- long lFindHandle;
-#else
- struct _find_t fdData;
-#endif
-
- if (!GetSystemDirectory(szSysDir, sizeof(szSysDir)))
- return FALSE;
-
- // tack *.* on the end so we actually look for files. this will
- // not overflow
- strcpy(szFileName, szSysDir);
- strcat(szFileName, "\\*.*");
-
-#ifdef _WIN32
- lFindHandle = _findfirst(szFileName, &fdData);
- if (lFindHandle == -1)
- return FALSE;
-#else
- if (_dos_findfirst(szFileName, _A_NORMAL | _A_RDONLY | _A_ARCH | _A_SUBDIR, &fdData) != 0)
- return FALSE;
-#endif
-
- do {
- // pass the full pathname to the callback
- sprintf(szFileName, "%s\\%s", szSysDir, fdData.name);
- (*func)(szFileName);
-
-#ifdef _WIN32
- iStatus = _findnext(lFindHandle, &fdData);
-#else
- iStatus = _dos_findnext(&fdData);
-#endif
- } while (iStatus == 0);
-
-#ifdef _WIN32
- _findclose(lFindHandle);
-#endif
-
- return TRUE;
-#endif
-}
-
-static PRInt32
-CountFiles(const char *file)
-{
- dwNumFiles++;
- return 0;
-}
-
-static PRInt32
-ReadFiles(const char *file)
-{
- if ((dwNumFiles % dwReadEvery) == 0) {
- ++filesToRead;
- }
- if (filesToRead) {
- DWORD prevFileBytes = totalFileBytes;
- RNG_FileForRNG(file);
- if (prevFileBytes < totalFileBytes) {
- --filesToRead;
- }
- }
- dwNumFiles++;
- return (totalFileBytes >= maxFileBytes);
-}
-
-static void
-ReadSystemFiles()
-{
- // first count the number of files
- dwNumFiles = 0;
- if (!EnumSystemFiles(CountFiles))
- return;
-
- RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
-
- // now read 10 files
- filesToRead = 10;
- if (dwNumFiles == 0)
- return;
-
- dwReadEvery = dwNumFiles / 10;
- if (dwReadEvery == 0)
- dwReadEvery = 1; // less than 10 files
-
- dwNumFiles = 0;
- EnumSystemFiles(ReadFiles);
-}
-
-void RNG_SystemInfoForRNG(void)
-{
- DWORD dwVal;
- char buffer[256];
- int nBytes;
-#ifdef _WIN32
- MEMORYSTATUS sMem;
- HANDLE hVal;
-#if !defined(_WIN32_WCE)
- DWORD dwSerialNum;
- DWORD dwComponentLen;
- DWORD dwSysFlags;
- char volName[128];
- DWORD dwSectors, dwBytes, dwFreeClusters, dwNumClusters;
-#endif
-#else
- int iVal;
- HTASK hTask;
- WORD wDS, wCS;
- LPSTR lpszEnv;
-#endif
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-
-#ifdef _WIN32
- sMem.dwLength = sizeof(sMem);
- GlobalMemoryStatus(&sMem); // assorted memory stats
- RNG_RandomUpdate(&sMem, sizeof(sMem));
-#if !defined(_WIN32_WCE)
- dwVal = GetLogicalDrives();
- RNG_RandomUpdate(&dwVal, sizeof(dwVal)); // bitfields in bits 0-25
-#endif
-#else
- dwVal = GetFreeSpace(0);
- RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
- _asm mov wDS, ds;
- _asm mov wCS, cs;
- RNG_RandomUpdate(&wDS, sizeof(wDS));
- RNG_RandomUpdate(&wCS, sizeof(wCS));
-#endif
-
-#ifdef _WIN32
-#if !defined(_WIN32_WCE)
- dwVal = sizeof(buffer);
- if (GetComputerName(buffer, &dwVal))
- RNG_RandomUpdate(buffer, dwVal);
-#endif
-/* XXX This is code that got yanked because of NSPR20. We should put it
- * back someday.
- */
-#ifdef notdef
- {
- POINT ptVal;
- GetCursorPos(&ptVal);
- RNG_RandomUpdate(&ptVal, sizeof(ptVal));
- }
-
- dwVal = GetQueueStatus(QS_ALLINPUT); // high and low significant
- RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
- {
- HWND hWnd;
- hWnd = GetClipboardOwner(); // 2 or 4 bytes
- RNG_RandomUpdate((void *)&hWnd, sizeof(hWnd));
- }
-
- {
- UUID sUuid;
- UuidCreate(&sUuid); // this will fail on machines with no ethernet
- RNG_RandomUpdate(&sUuid, sizeof(sUuid)); // boards. shove the bits in regardless
- }
-#endif
-
- hVal = GetCurrentProcess(); // 4 byte handle of current task
- RNG_RandomUpdate(&hVal, sizeof(hVal));
-
- dwVal = GetCurrentProcessId(); // process ID (4 bytes)
- RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
-#if !defined(_WIN32_WCE)
- volName[0] = '\0';
- buffer[0] = '\0';
- GetVolumeInformation(NULL,
- volName,
- sizeof(volName),
- &dwSerialNum,
- &dwComponentLen,
- &dwSysFlags,
- buffer,
- sizeof(buffer));
-
- RNG_RandomUpdate(volName, strlen(volName));
- RNG_RandomUpdate(&dwSerialNum, sizeof(dwSerialNum));
- RNG_RandomUpdate(&dwComponentLen, sizeof(dwComponentLen));
- RNG_RandomUpdate(&dwSysFlags, sizeof(dwSysFlags));
- RNG_RandomUpdate(buffer, strlen(buffer));
-
- if (GetDiskFreeSpace(NULL, &dwSectors, &dwBytes, &dwFreeClusters, &dwNumClusters)) {
- RNG_RandomUpdate(&dwSectors, sizeof(dwSectors));
- RNG_RandomUpdate(&dwBytes, sizeof(dwBytes));
- RNG_RandomUpdate(&dwFreeClusters, sizeof(dwFreeClusters));
- RNG_RandomUpdate(&dwNumClusters, sizeof(dwNumClusters));
- }
-#endif
-#else /* is WIN16 */
- hTask = GetCurrentTask();
- RNG_RandomUpdate((void *)&hTask, sizeof(hTask));
-
- iVal = GetNumTasks();
- RNG_RandomUpdate(&iVal, sizeof(iVal)); // number of running tasks
-
- lpszEnv = GetDOSEnvironment();
- while (*lpszEnv != '\0') {
- RNG_RandomUpdate(lpszEnv, strlen(lpszEnv));
-
- lpszEnv += strlen(lpszEnv) + 1;
- }
-#endif /* is WIN16 */
-
- // now let's do some files
- ReadSystemFiles();
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-#if defined(_WIN32_WCE)
-void RNG_FileForRNG(const char *filename)
-{
- PRFileDesc * file;
- int nBytes;
- PRFileInfo infoBuf;
- unsigned char buffer[1024];
-
- /* windows doesn't initialize all the bytes in the stat buf,
- * so initialize them all here to avoid UMRs.
- */
- memset(&infoBuf, 0, sizeof infoBuf);
-
- if (PR_GetFileInfo(filename, &infoBuf) < 0)
- return;
-
- RNG_RandomUpdate((unsigned char*)&infoBuf, sizeof(infoBuf));
-
- file = PR_Open(filename, PR_RDONLY, 0);
- if (file != NULL) {
- for (;;) {
- PRInt32 bytes = PR_Read(file, buffer, sizeof buffer);
-
- if (bytes <= 0)
- break;
-
- RNG_RandomUpdate(buffer, bytes);
- totalFileBytes += bytes;
- if (totalFileBytes > maxFileBytes)
- break;
- }
-
- PR_Close(file);
- }
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-#else /* not WinCE */
-
-void RNG_FileForRNG(const char *filename)
-{
- FILE* file;
- int nBytes;
- struct stat stat_buf;
- unsigned char buffer[1024];
-
- /* static DWORD totalFileBytes = 0; */
-
- /* windows doesn't initialize all the bytes in the stat buf,
- * so initialize them all here to avoid UMRs.
- */
- memset(&stat_buf, 0, sizeof stat_buf);
-
- if (stat((char *)filename, &stat_buf) < 0)
- return;
-
- RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
-
- file = fopen((char *)filename, "r");
- if (file != NULL) {
- for (;;) {
- size_t bytes = fread(buffer, 1, sizeof(buffer), file);
-
- if (bytes == 0)
- break;
-
- RNG_RandomUpdate(buffer, bytes);
- totalFileBytes += bytes;
- if (totalFileBytes > maxFileBytes)
- break;
- }
-
- fclose(file);
- }
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-#endif /* not WinCE */
-#endif /* is XP_WIN */
diff --git a/security/nss/lib/jar/Makefile b/security/nss/lib/jar/Makefile
deleted file mode 100644
index 063e5daf7..000000000
--- a/security/nss/lib/jar/Makefile
+++ /dev/null
@@ -1,39 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
diff --git a/security/nss/lib/jar/config.mk b/security/nss/lib/jar/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/jar/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/jar/jar-ds.c b/security/nss/lib/jar/jar-ds.c
deleted file mode 100644
index f5a40cad5..000000000
--- a/security/nss/lib/jar/jar-ds.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "jar.h"
-
-/* These are old DS_* routines renamed to ZZ_* */
-
-ZZList *ZZ_NewList()
- {
- ZZList *list;
-
- list = (ZZList *) PORT_ZAlloc (sizeof (ZZList));
-
- if (list)
- ZZ_InitList (list);
-
- return list;
- }
-
-ZZLink *ZZ_NewLink (JAR_Item *thing)
- {
- ZZLink *link;
-
- link = (ZZLink *) PORT_ZAlloc (sizeof (ZZLink));
-
- if (link)
- link->thing = thing;
-
- return link;
- }
-
-void ZZ_DestroyLink (ZZLink *link)
- {
- PORT_Free (link);
- }
-
-void ZZ_DestroyList (ZZList *list)
- {
- PORT_Free (list);
- }
diff --git a/security/nss/lib/jar/jar-ds.h b/security/nss/lib/jar/jar-ds.h
deleted file mode 100644
index 36716d97c..000000000
--- a/security/nss/lib/jar/jar-ds.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __JAR_DS_h_
-#define __JAR_DS_h_
-
-/* Typedefs */
-typedef struct ZZLinkStr ZZLink;
-typedef struct ZZListStr ZZList;
-
-/*
-** Circular linked list. Each link contains a pointer to the object that
-** is actually in the list.
-*/
-struct ZZLinkStr
-{
- ZZLink *next;
- ZZLink *prev;
- JAR_Item *thing;
-};
-
-struct ZZListStr
-{
- ZZLink link;
-};
-
-#define ZZ_InitList(lst) \
-{ \
- (lst)->link.next = &(lst)->link; \
- (lst)->link.prev = &(lst)->link; \
- (lst)->link.thing = 0; \
-}
-
-#define ZZ_ListEmpty(lst) \
- ((lst)->link.next == &(lst)->link)
-
-#define ZZ_ListHead(lst) \
- ((lst)->link.next)
-
-#define ZZ_ListTail(lst) \
- ((lst)->link.prev)
-
-#define ZZ_ListIterDone(lst,lnk) \
- ((lnk) == &(lst)->link)
-
-#define ZZ_AppendLink(lst,lnk) \
-{ \
- (lnk)->next = &(lst)->link; \
- (lnk)->prev = (lst)->link.prev; \
- (lst)->link.prev->next = (lnk); \
- (lst)->link.prev = (lnk); \
-}
-
-#define ZZ_InsertLink(lst,lnk) \
-{ \
- (lnk)->next = (lst)->link.next; \
- (lnk)->prev = &(lst)->link; \
- (lst)->link.next->prev = (lnk); \
- (lst)->link.next = (lnk); \
-}
-
-#define ZZ_RemoveLink(lnk) \
-{ \
- (lnk)->next->prev = (lnk)->prev; \
- (lnk)->prev->next = (lnk)->next; \
- (lnk)->next = 0; \
- (lnk)->prev = 0; \
-}
-
-extern ZZLink *ZZ_NewLink (JAR_Item *thing);
-extern void ZZ_DestroyLink (ZZLink *link);
-extern ZZList *ZZ_NewList (void);
-extern void ZZ_DestroyList (ZZList *list);
-
-
-#endif /* __JAR_DS_h_ */
diff --git a/security/nss/lib/jar/jar.c b/security/nss/lib/jar/jar.c
deleted file mode 100644
index cfd46b195..000000000
--- a/security/nss/lib/jar/jar.c
+++ /dev/null
@@ -1,831 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JAR.C
- *
- * Jarnature.
- * Routines common to signing and validating.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-static void jar_destroy_list (ZZList *list);
-
-static int jar_find_first_cert
- (JAR_Signer *signer, int type, JAR_Item **it);
-
-/*
- * J A R _ n e w
- *
- * Create a new instantiation of a manifest representation.
- * Use this as a token to any calls to this API.
- *
- */
-
-JAR *JAR_new (void)
- {
- JAR *jar;
-
- if ((jar = (JAR*)PORT_ZAlloc (sizeof (JAR))) == NULL)
- goto loser;
-
- if ((jar->manifest = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->hashes = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->phy = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->metainfo = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->signers = ZZ_NewList()) == NULL)
- goto loser;
-
- return jar;
-
-loser:
-
- if (jar)
- {
- if (jar->manifest)
- ZZ_DestroyList (jar->manifest);
-
- if (jar->hashes)
- ZZ_DestroyList (jar->hashes);
-
- if (jar->phy)
- ZZ_DestroyList (jar->phy);
-
- if (jar->metainfo)
- ZZ_DestroyList (jar->metainfo);
-
- if (jar->signers)
- ZZ_DestroyList (jar->signers);
-
- PORT_Free (jar);
- }
-
- return NULL;
- }
-
-/*
- * J A R _ d e s t r o y
- *
- * Godzilla.
- *
- */
-
-void PR_CALLBACK JAR_destroy (JAR *jar)
- {
- PORT_Assert( jar != NULL );
-
- if (jar == NULL)
- return;
-
- if (jar->fp) JAR_FCLOSE ((PRFileDesc*)jar->fp);
-
- if (jar->url) PORT_Free (jar->url);
- if (jar->filename) PORT_Free (jar->filename);
-
- /* Free the linked list elements */
-
- jar_destroy_list (jar->manifest);
- ZZ_DestroyList (jar->manifest);
-
- jar_destroy_list (jar->hashes);
- ZZ_DestroyList (jar->hashes);
-
- jar_destroy_list (jar->phy);
- ZZ_DestroyList (jar->phy);
-
- jar_destroy_list (jar->metainfo);
- ZZ_DestroyList (jar->metainfo);
-
- jar_destroy_list (jar->signers);
- ZZ_DestroyList (jar->signers);
-
- PORT_Free (jar);
- }
-
-static void jar_destroy_list (ZZList *list)
- {
- ZZLink *link, *oldlink;
-
- JAR_Item *it;
-
- JAR_Physical *phy;
- JAR_Digest *dig;
- JAR_Cert *fing;
- JAR_Metainfo *met;
- JAR_Signer *signer;
-
- if (list && !ZZ_ListEmpty (list))
- {
- link = ZZ_ListHead (list);
-
- while (!ZZ_ListIterDone (list, link))
- {
- it = link->thing;
- if (!it) goto next;
-
- if (it->pathname) PORT_Free (it->pathname);
-
- switch (it->type)
- {
- case jarTypeMeta:
-
- met = (JAR_Metainfo *) it->data;
- if (met)
- {
- if (met->header) PORT_Free (met->header);
- if (met->info) PORT_Free (met->info);
- PORT_Free (met);
- }
- break;
-
- case jarTypePhy:
-
- phy = (JAR_Physical *) it->data;
- if (phy)
- PORT_Free (phy);
- break;
-
- case jarTypeSign:
-
- fing = (JAR_Cert *) it->data;
- if (fing)
- {
- if (fing->cert)
- CERT_DestroyCertificate (fing->cert);
- if (fing->key)
- PORT_Free (fing->key);
- PORT_Free (fing);
- }
- break;
-
- case jarTypeSect:
- case jarTypeMF:
- case jarTypeSF:
-
- dig = (JAR_Digest *) it->data;
- if (dig)
- {
- PORT_Free (dig);
- }
- break;
-
- case jarTypeOwner:
-
- signer = (JAR_Signer *) it->data;
-
- if (signer)
- JAR_destroy_signer (signer);
-
- break;
-
- default:
-
- /* PORT_Assert( 1 != 2 ); */
- break;
- }
-
- PORT_Free (it);
-
- next:
-
- oldlink = link;
- link = link->next;
-
- ZZ_DestroyLink (oldlink);
- }
- }
- }
-
-/*
- * J A R _ g e t _ m e t a i n f o
- *
- * Retrieve meta information from the manifest file.
- * It doesn't matter whether it's from .MF or .SF, does it?
- *
- */
-
-int JAR_get_metainfo
- (JAR *jar, char *name, char *header, void **info, unsigned long *length)
- {
- JAR_Item *it;
-
- ZZLink *link;
- ZZList *list;
-
- JAR_Metainfo *met;
-
- PORT_Assert( jar != NULL && header != NULL );
-
- if (jar == NULL || header == NULL)
- return JAR_ERR_PNF;
-
- list = jar->metainfo;
-
- if (ZZ_ListEmpty (list))
- return JAR_ERR_PNF;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypeMeta)
- {
- if ((name && !it->pathname) || (!name && it->pathname))
- continue;
-
- if (name && it->pathname && strcmp (it->pathname, name))
- continue;
-
- met = (JAR_Metainfo *) it->data;
-
- if (!PORT_Strcasecmp (met->header, header))
- {
- *info = PORT_Strdup (met->info);
- *length = PORT_Strlen (met->info);
- return 0;
- }
- }
- }
-
- return JAR_ERR_PNF;
- }
-
-/*
- * J A R _ f i n d
- *
- * Establish the search pattern for use
- * by JAR_find_next, to traverse the filenames
- * or certificates in the JAR structure.
- *
- * See jar.h for a description on how to use.
- *
- */
-
-JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type)
- {
- JAR_Context *ctx;
-
- PORT_Assert( jar != NULL );
-
- if (!jar)
- return NULL;
-
- ctx = (JAR_Context *) PORT_ZAlloc (sizeof (JAR_Context));
-
- if (ctx == NULL)
- return NULL;
-
- ctx->jar = jar;
-
- if (pattern)
- {
- if ((ctx->pattern = PORT_Strdup (pattern)) == NULL)
- {
- PORT_Free (ctx);
- return NULL;
- }
- }
-
- ctx->finding = type;
-
- switch (type)
- {
- case jarTypeMF: ctx->next = ZZ_ListHead (jar->hashes);
- break;
-
- case jarTypeSF:
- case jarTypeSign: ctx->next = NULL;
- ctx->nextsign = ZZ_ListHead (jar->signers);
- break;
-
- case jarTypeSect: ctx->next = ZZ_ListHead (jar->manifest);
- break;
-
- case jarTypePhy: ctx->next = ZZ_ListHead (jar->phy);
- break;
-
- case jarTypeOwner: if (jar->signers)
- ctx->next = ZZ_ListHead (jar->signers);
- else
- ctx->next = NULL;
- break;
-
- case jarTypeMeta: ctx->next = ZZ_ListHead (jar->metainfo);
- break;
-
- default: PORT_Assert( 1 != 2);
- break;
- }
-
- return ctx;
- }
-
-/*
- * J A R _ f i n d _ e n d
- *
- * Destroy the find iterator context.
- *
- */
-
-void JAR_find_end (JAR_Context *ctx)
- {
- PORT_Assert( ctx != NULL );
-
- if (ctx)
- {
- if (ctx->pattern)
- PORT_Free (ctx->pattern);
- PORT_Free (ctx);
- }
- }
-
-/*
- * J A R _ f i n d _ n e x t
- *
- * Return the next item of the given type
- * from one of the JAR linked lists.
- *
- */
-
-int JAR_find_next (JAR_Context *ctx, JAR_Item **it)
- {
- JAR *jar;
- ZZList *list = NULL;
-
- int finding;
-
- JAR_Signer *signer = NULL;
-
- PORT_Assert( ctx != NULL );
- PORT_Assert( ctx->jar != NULL );
-
- jar = ctx->jar;
-
- /* Internally, convert jarTypeSign to jarTypeSF, and return
- the actual attached certificate later */
-
- finding = (ctx->finding == jarTypeSign) ? jarTypeSF : ctx->finding;
-
- if (ctx->nextsign)
- {
- if (ZZ_ListIterDone (jar->signers, ctx->nextsign))
- {
- *it = NULL;
- return -1;
- }
- PORT_Assert (ctx->nextsign->thing != NULL);
- signer = (JAR_Signer*)ctx->nextsign->thing->data;
- }
-
-
- /* Find out which linked list to traverse. Then if
- necessary, advance to the next linked list. */
-
- while (1)
- {
- switch (finding)
- {
- case jarTypeSign: /* not any more */
- PORT_Assert( finding != jarTypeSign );
- list = signer->certs;
- break;
-
- case jarTypeSect: list = jar->manifest;
- break;
-
- case jarTypePhy: list = jar->phy;
- break;
-
- case jarTypeSF: /* signer, not jar */
- PORT_Assert( signer != NULL );
- list = signer->sf;
- break;
-
- case jarTypeMF: list = jar->hashes;
- break;
-
- case jarTypeOwner: list = jar->signers;
- break;
-
- case jarTypeMeta: list = jar->metainfo;
- break;
-
- default: PORT_Assert( 1 != 2 );
- break;
- }
-
- if (list == NULL)
- {
- *it = NULL;
- return -1;
- }
-
- /* When looping over lists of lists, advance
- to the next signer. This is done when multiple
- signers are possible. */
-
- if (ZZ_ListIterDone (list, ctx->next))
- {
- if (ctx->nextsign && jar->signers)
- {
- ctx->nextsign = ctx->nextsign->next;
- if (!ZZ_ListIterDone (jar->signers, ctx->nextsign))
- {
- PORT_Assert (ctx->nextsign->thing != NULL);
-
- signer = (JAR_Signer*)ctx->nextsign->thing->data;
- PORT_Assert( signer != NULL );
-
- ctx->next = NULL;
- continue;
- }
- }
- *it = NULL;
- return -1;
- }
-
- /* if the signer changed, still need to fill
- in the "next" link */
-
- if (ctx->nextsign && ctx->next == NULL)
- {
- switch (finding)
- {
- case jarTypeSF:
-
- ctx->next = ZZ_ListHead (signer->sf);
- break;
-
- case jarTypeSign:
-
- ctx->next = ZZ_ListHead (signer->certs);
- break;
- }
- }
-
- PORT_Assert( ctx->next != NULL );
-
-
- while (!ZZ_ListIterDone (list, ctx->next))
- {
- *it = ctx->next->thing;
- ctx->next = ctx->next->next;
-
- if (!it || !*it || (*it)->type != finding)
- continue;
-
- if (ctx->pattern && *ctx->pattern)
- {
- if (PORT_Strcmp ((*it)->pathname, ctx->pattern))
- continue;
- }
-
- /* We have a valid match. If this is a jarTypeSign
- return the certificate instead.. */
-
- if (ctx->finding == jarTypeSign)
- {
- JAR_Item *itt;
-
- /* just the first one for now */
- if (jar_find_first_cert (signer, jarTypeSign, &itt) >= 0)
- {
- *it = itt;
- return 0;
- }
-
- continue;
- }
-
- return 0;
- }
-
- } /* end while */
- }
-
-static int jar_find_first_cert
- (JAR_Signer *signer, int type, JAR_Item **it)
- {
- ZZLink *link;
- ZZList *list;
-
- int status = JAR_ERR_PNF;
-
- list = signer->certs;
-
- *it = NULL;
-
- if (ZZ_ListEmpty (list))
- {
- /* empty list */
- return JAR_ERR_PNF;
- }
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- if (link->thing->type == type)
- {
- *it = link->thing;
- status = 0;
- break;
- }
- }
-
- return status;
- }
-
-JAR_Signer *JAR_new_signer (void)
- {
- JAR_Signer *signer;
-
- signer = (JAR_Signer *) PORT_ZAlloc (sizeof (JAR_Signer));
-
- if (signer == NULL)
- goto loser;
-
-
- /* certs */
- signer->certs = ZZ_NewList();
-
- if (signer->certs == NULL)
- goto loser;
-
-
- /* sf */
- signer->sf = ZZ_NewList();
-
- if (signer->sf == NULL)
- goto loser;
-
-
- return signer;
-
-
-loser:
-
- if (signer)
- {
- if (signer->certs)
- ZZ_DestroyList (signer->certs);
-
- if (signer->sf)
- ZZ_DestroyList (signer->sf);
-
- PORT_Free (signer);
- }
-
- return NULL;
- }
-
-void JAR_destroy_signer (JAR_Signer *signer)
- {
- if (signer)
- {
- if (signer->owner) PORT_Free (signer->owner);
- if (signer->digest) PORT_Free (signer->digest);
-
- jar_destroy_list (signer->sf);
- ZZ_DestroyList (signer->sf);
-
- jar_destroy_list (signer->certs);
- ZZ_DestroyList (signer->certs);
-
- PORT_Free (signer);
- }
- }
-
-JAR_Signer *jar_get_signer (JAR *jar, char *basename)
- {
- JAR_Item *it;
- JAR_Context *ctx;
-
- JAR_Signer *candidate;
- JAR_Signer *signer = NULL;
-
- ctx = JAR_find (jar, NULL, jarTypeOwner);
-
- if (ctx == NULL)
- return NULL;
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- candidate = (JAR_Signer *) it->data;
- if (*basename == '*' || !PORT_Strcmp (candidate->owner, basename))
- {
- signer = candidate;
- break;
- }
- }
-
- JAR_find_end (ctx);
-
- return signer;
- }
-
-/*
- * J A R _ g e t _ f i l e n a m e
- *
- * Returns the filename associated with
- * a JAR structure.
- *
- */
-
-char *JAR_get_filename (JAR *jar)
- {
- return jar->filename;
- }
-
-/*
- * J A R _ g e t _ u r l
- *
- * Returns the URL associated with
- * a JAR structure. Nobody really uses this now.
- *
- */
-
-char *JAR_get_url (JAR *jar)
- {
- return jar->url;
- }
-
-/*
- * J A R _ s e t _ c a l l b a c k
- *
- * Register some manner of callback function for this jar.
- *
- */
-
-int JAR_set_callback (int type, JAR *jar,
- int (*fn) (int status, JAR *jar,
- const char *metafile, char *pathname, char *errortext))
- {
- if (type == JAR_CB_SIGNAL)
- {
- jar->signal = fn;
- return 0;
- }
- else
- return -1;
- }
-
-/*
- * Callbacks
- *
- */
-
-/* To return an error string */
-char *(*jar_fn_GetString) (int) = NULL;
-
-/* To return an MWContext for Java */
-void *(*jar_fn_FindSomeContext) (void) = NULL;
-
-/* To fabricate an MWContext for FE_GetPassword */
-void *(*jar_fn_GetInitContext) (void) = NULL;
-
-void
-JAR_init_callbacks
- (
- char *(*string_cb)(int),
- void *(*find_cx)(void),
- void *(*init_cx)(void)
- )
- {
- jar_fn_GetString = string_cb;
- jar_fn_FindSomeContext = find_cx;
- jar_fn_GetInitContext = init_cx;
- }
-
-/*
- * J A R _ g e t _ e r r o r
- *
- * This is provided to map internal JAR errors to strings for
- * the Java console. Also, a DLL may call this function if it does
- * not have access to the XP_GetString function.
- *
- * These strings aren't UI, since they are Java console only.
- *
- */
-
-char *JAR_get_error (int status)
- {
- char *errstring = NULL;
-
- switch (status)
- {
- case JAR_ERR_GENERAL:
- errstring = "General JAR file error";
- break;
-
- case JAR_ERR_FNF:
- errstring = "JAR file not found";
- break;
-
- case JAR_ERR_CORRUPT:
- errstring = "Corrupt JAR file";
- break;
-
- case JAR_ERR_MEMORY:
- errstring = "Out of memory";
- break;
-
- case JAR_ERR_DISK:
- errstring = "Disk error (perhaps out of space)";
- break;
-
- case JAR_ERR_ORDER:
- errstring = "Inconsistent files in META-INF directory";
- break;
-
- case JAR_ERR_SIG:
- errstring = "Invalid digital signature file";
- break;
-
- case JAR_ERR_METADATA:
- errstring = "JAR metadata failed verification";
- break;
-
- case JAR_ERR_ENTRY:
- errstring = "No Manifest entry for this JAR entry";
- break;
-
- case JAR_ERR_HASH:
- errstring = "Invalid Hash of this JAR entry";
- break;
-
- case JAR_ERR_PK7:
- errstring = "Strange PKCS7 or RSA failure";
- break;
-
- case JAR_ERR_PNF:
- errstring = "Path not found inside JAR file";
- break;
-
- default:
- if (jar_fn_GetString)
- {
- errstring = jar_fn_GetString (status);
- }
- else
- {
- /* this is not a normal situation, and would only be
- called in cases of improper initialization */
-
- char *err;
-
- err = (char*)PORT_Alloc (40);
- if (err)
- PR_snprintf (err, 39, "Error %d\n", status);
- else
- err = "Error! Bad! Out of memory!";
-
- return err;
- }
- break;
- }
-
- return errstring;
- }
diff --git a/security/nss/lib/jar/jar.h b/security/nss/lib/jar/jar.h
deleted file mode 100644
index d132f2579..000000000
--- a/security/nss/lib/jar/jar.h
+++ /dev/null
@@ -1,478 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __JAR_h_
-#define __JAR_h_
-
-/*
- * In general, any functions that return pointers
- * have memory owned by the caller.
- *
- */
-
-/* security includes */
-#include "cert.h"
-#include "hasht.h"
-
-/* nspr 2.0 includes */
-#include "prio.h"
-
-#ifndef ZHUGEP
-#ifdef XP_WIN16
-#define ZHUGEP __huge
-#else
-#define ZHUGEP
-#endif
-#endif
-
-#include <stdio.h>
-
-/* various types */
-
-typedef enum
- {
- jarTypeMF = 2,
- jarTypeSF = 3,
- jarTypeMeta = 6,
- jarTypePhy = 7,
- jarTypeSign = 10,
- jarTypeSect = 11,
- jarTypeOwner = 13
- }
-jarType;
-
-/* void data in ZZList's contain JAR_Item type */
-
-typedef struct JAR_Item_
- {
- char *pathname; /* relative. inside zip file */
- jarType type; /* various types */
- size_t size; /* size of data below */
- void *data; /* totally opaque */
- }
-JAR_Item;
-
-
-/* hashes */
-
-typedef enum
- {
- jarHashNone = 0,
- jarHashBad = 1,
- jarHashPresent = 2
- }
-jarHash;
-
-typedef struct JAR_Digest_
- {
- jarHash md5_status;
- unsigned char md5 [MD5_LENGTH];
- jarHash sha1_status;
- unsigned char sha1 [SHA1_LENGTH];
- }
-JAR_Digest;
-
-
-/* physical archive formats */
-
-typedef enum
- {
- jarArchGuess = 0,
- jarArchNone = 1,
- jarArchZip = 2,
- jarArchTar = 3
- }
-jarArch;
-
-
-#include "jar-ds.h"
-
-/* jar object */
-
-typedef struct JAR_
- {
- jarArch format; /* physical archive format */
- char *url; /* Where it came from */
- char *filename; /* Disk location */
- FILE *fp; /* For multiple extractions */ /* JAR_FILE */
-
- /* various linked lists */
-
- ZZList *manifest; /* Digests of MF sections */
- ZZList *hashes; /* Digests of actual signed files */
- ZZList *phy; /* Physical layout of JAR file */
- ZZList *metainfo; /* Global metainfo */
-
- JAR_Digest *globalmeta; /* digest of .MF global portion */
-
- /* Below will change to a linked list to support multiple sigs */
-
- int pkcs7; /* Enforced opaqueness */
- int valid; /* PKCS7 signature validated */
-
- ZZList *signers; /* the above, per signer */
-
- /* Window context, very necessary for PKCS11 now */
-
- void *mw; /* MWContext window context */
-
- /* Signal callback function */
-
- int (*signal) (int status, struct JAR_ *jar,
- const char *metafile, char *pathname, char *errorstring);
- }
-JAR;
-
-
-/*
- * Iterator
- *
- * Context for iterative operations. Certain operations
- * require iterating multiple linked lists because of
- * multiple signers. "nextsign" is used for this purpose.
- *
- */
-
-typedef struct JAR_Context_
- {
- JAR *jar; /* Jar we are searching */
- char *pattern; /* Regular expression */
- jarType finding; /* Type of item to find */
- ZZLink *next; /* Next item in find */
- ZZLink *nextsign; /* Next signer, sometimes */
- }
-JAR_Context;
-
-typedef struct JAR_Signer_
- {
- int pkcs7; /* Enforced opaqueness */
- int valid; /* PKCS7 signature validated */
- char *owner; /* name of .RSA file */
- JAR_Digest *digest; /* of .SF file */
- ZZList *sf; /* Linked list of .SF file contents */
- ZZList *certs; /* Signing information */
- }
-JAR_Signer;
-
-
-/* Meta informaton, or "policy", from the manifest file.
- Right now just one tuple per JAR_Item. */
-
-typedef struct JAR_Metainfo_
- {
- char *header;
- char *info;
- }
-JAR_Metainfo;
-
-/* This should not be global */
-
-typedef struct JAR_Physical_
- {
- unsigned char compression;
- unsigned long offset;
- unsigned long length;
- unsigned long uncompressed_length;
-#if defined(XP_UNIX) || defined(XP_BEOS)
- uint16 mode;
-#endif
- }
-JAR_Physical;
-
-typedef struct JAR_Cert_
- {
- size_t length;
- void *key;
- CERTCertificate *cert;
- }
-JAR_Cert;
-
-
-/* certificate stuff */
-
-typedef enum
- {
- jarCertCompany = 1,
- jarCertCA = 2,
- jarCertSerial = 3,
- jarCertExpires = 4,
- jarCertNickname = 5,
- jarCertFinger = 6,
- jarCertJavaHack = 100
- }
-jarCert;
-
-/* callback types */
-
-#define JAR_CB_SIGNAL 1
-
-
-/*
- * This is the base for the JAR error codes. It will
- * change when these are incorporated into allxpstr.c,
- * but right now they won't let me put them there.
- *
- */
-
-#ifndef SEC_ERR_BASE
-#define SEC_ERR_BASE (-0x2000)
-#endif
-
-#define JAR_BASE SEC_ERR_BASE + 300
-
-/* Jar specific error definitions */
-
-#define JAR_ERR_GENERAL (JAR_BASE + 1)
-#define JAR_ERR_FNF (JAR_BASE + 2)
-#define JAR_ERR_CORRUPT (JAR_BASE + 3)
-#define JAR_ERR_MEMORY (JAR_BASE + 4)
-#define JAR_ERR_DISK (JAR_BASE + 5)
-#define JAR_ERR_ORDER (JAR_BASE + 6)
-#define JAR_ERR_SIG (JAR_BASE + 7)
-#define JAR_ERR_METADATA (JAR_BASE + 8)
-#define JAR_ERR_ENTRY (JAR_BASE + 9)
-#define JAR_ERR_HASH (JAR_BASE + 10)
-#define JAR_ERR_PK7 (JAR_BASE + 11)
-#define JAR_ERR_PNF (JAR_BASE + 12)
-
-
-/*
- * Birth and death
- *
- */
-
-extern JAR *JAR_new (void);
-
-extern void PR_CALLBACK JAR_destroy (JAR *jar);
-
-extern char *JAR_get_error (int status);
-
-extern int JAR_set_callback (int type, JAR *jar,
- int (*fn) (int status, JAR *jar,
- const char *metafile, char *pathname, char *errortext));
-
-extern void JAR_init_callbacks
- ( char *(*string_cb)(int), void *(*find_cx)(void), void *(*init_cx)(void) );
-
-/*
- * JAR_set_context
- *
- * PKCS11 may require a password to be entered by the user
- * before any crypto routines may be called. This will require
- * a window context if used from inside Mozilla.
- *
- * Call this routine with your context before calling
- * verifying or signing. If you have no context, call with NULL
- * and one will be chosen for you.
- *
- */
-
-int JAR_set_context (JAR *jar, void /*MWContext*/ *mw);
-
-/*
- * Iterative operations
- *
- * JAR_find sets up for repeated calls with JAR_find_next.
- * I never liked findfirst and findnext, this is nicer.
- *
- * Pattern contains a relative pathname to match inside the
- * archive. It is currently assumed to be "*".
- *
- * To use:
- *
- * JAR_Item *item;
- * JAR_find (jar, "*.class", jarTypeMF);
- * while (JAR_find_next (jar, &item) >= 0)
- * { do stuff }
- *
- */
-
-
-/* Replacement functions with an external context */
-
-extern JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type);
-
-extern int JAR_find_next (JAR_Context *ctx, JAR_Item **it);
-
-extern void JAR_find_end (JAR_Context *ctx);
-
-
-/*
- * Function to parse manifest file:
- *
- * Many signatures may be attached to a single filename located
- * inside the zip file. We only support one.
- *
- * Several manifests may be included in the zip file.
- *
- * You must pass the MANIFEST.MF file before any .SF files.
- *
- * Right now this returns a big ole list, privately in the jar structure.
- * If you need to traverse it, use JAR_find if possible.
- *
- * The path is needed to determine what type of binary signature is
- * being passed, though it is technically not needed for manifest files.
- *
- * When parsing an ASCII file, null terminate the ASCII raw_manifest
- * prior to sending it, and indicate a length of 0. For binary digital
- * signatures only, indicate the true length of the signature.
- * (This is legacy behavior.)
- *
- * You may free the manifest after parsing it.
- *
- */
-
-extern int JAR_parse_manifest
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-/*
- * Verify data (nonstreaming). The signature is actually
- * checked by JAR_parse_manifest or JAR_pass_archive.
- *
- */
-
-extern JAR_Digest * PR_CALLBACK JAR_calculate_digest
- (void ZHUGEP *data, long length);
-
-extern int PR_CALLBACK JAR_verify_digest
- (JAR *jar, const char *name, JAR_Digest *dig);
-
-extern int JAR_digest_file (char *filename, JAR_Digest *dig);
-
-/*
- * Get attribute from certificate:
- *
- * Returns any special signed attribute associated with this cert
- * or signature (passed in "data"). Attributes jarCert*. Most of the time
- * this will return a zero terminated string.
- *
- */
-
-extern int PR_CALLBACK JAR_cert_attribute
- (JAR *jar, jarCert attrib, long keylen, void *key,
- void **result, unsigned long *length);
-
-/*
- * Meta information
- *
- * Currently, since this call does not support passing of an owner
- * (certificate, or physical name of the .sf file), it is restricted to
- * returning information located in the manifest.mf file.
- *
- * Meta information is a name/value pair inside the archive file. Here,
- * the name is passed in *header and value returned in **info.
- *
- * Pass a NULL as the name to retrieve metainfo from the global section.
- *
- * Data is returned in **info, of size *length. The return value
- * will indicate if no data was found.
- *
- */
-
-extern int JAR_get_metainfo
- (JAR *jar, char *name, char *header, void **info, unsigned long *length);
-
-extern char *JAR_get_filename (JAR *jar);
-
-extern char *JAR_get_url (JAR *jar);
-
-/*
- * Return an HTML mockup of a certificate or signature.
- *
- * Returns a zero terminated ascii string
- * in raw HTML format.
- *
- */
-
-extern char *JAR_cert_html
- (JAR *jar, int style, long keylen, void *key, int *result);
-
-/* save the certificate with this fingerprint in persistent
- storage, somewhere, for retrieval in a future session when there
- is no corresponding JAR structure. */
-
-extern int PR_CALLBACK JAR_stash_cert
- (JAR *jar, long keylen, void *key);
-
-/* retrieve a certificate presumably stashed with the above
- function, but may be any certificate. Type is &CERTCertificate */
-
-void *JAR_fetch_cert (long length, void *key);
-
-/*
- * New functions to handle archives alone
- * (call JAR_new beforehand)
- *
- * JAR_pass_archive acts much like parse_manifest. Certificates
- * are returned in the JAR structure but as opaque data. When calling
- * JAR_verified_extract you still need to decide which of these
- * certificates to honor.
- *
- * Code to examine a JAR structure is in jarbert.c. You can obtain both
- * a list of filenames and certificates from traversing the linked list.
- *
- */
-
-extern int JAR_pass_archive
- (JAR *jar, jarArch format, char *filename, const char *url);
-
-/*
- * Same thing, but don't check signatures
- */
-extern int JAR_pass_archive_unverified
- (JAR *jar, jarArch format, char *filename, const char *url);
-
-/*
- * Extracts a relative pathname from the archive and places it
- * in the filename specified.
- *
- * Call JAR_set_nailed if you want to keep the file descriptors
- * open between multiple calls to JAR_verify_extract.
- *
- */
-
-extern int JAR_verified_extract
- (JAR *jar, char *path, char *outpath);
-
-/*
- * JAR_extract does no crypto checking. This can be used if you
- * need to extract a manifest file or signature, etc.
- *
- */
-
-extern int JAR_extract
- (JAR *jar, char *path, char *outpath);
-
-
-#endif /* __JAR_h_ */
diff --git a/security/nss/lib/jar/jarevil.c b/security/nss/lib/jar/jarevil.c
deleted file mode 100644
index 7b2dbfebe..000000000
--- a/security/nss/lib/jar/jarevil.c
+++ /dev/null
@@ -1,573 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JAREVIL
- *
- * Wrappers to callback in the mozilla thread
- *
- * Certificate code is unsafe when called outside the
- * mozilla thread. These functions push an event on the
- * queue to cause the cert function to run in that thread.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-#include "jarevil.h"
-#include "certdb.h"
-
-/* from libevent.h */
-#ifdef MOZILLA_CLIENT_OLD
-typedef void (*ETVoidPtrFunc) (void * data);
-extern void ET_moz_CallFunction (ETVoidPtrFunc fn, void *data);
-
-extern void *mozilla_event_queue;
-#endif
-
-
-/* Special macros facilitate running on Win 16 */
-#if defined(XP_WIN16)
-
- /*
- * Allocate the data passed to the callback functions from the heap...
- *
- * This inter-thread structure cannot reside on a thread stack since the
- * thread's stack is swapped away with the thread under Win16...
- */
-
- #define ALLOC_OR_DEFINE(type, pointer_var_name, out_of_memory_return_value) \
- type * pointer_var_name = PORT_ZAlloc (sizeof(type)); \
- do { \
- if (!pointer_var_name) \
- return (out_of_memory_return_value); \
- } while (0) /* and now a semicolon can follow :-) */
-
- #define FREE_IF_ALLOC_IS_USED(pointer_var_name) PORT_Free(pointer_var_name)
-
-#else /* not win 16... so we can alloc via auto variables */
-
- #define ALLOC_OR_DEFINE(type, pointer_var_name, out_of_memory_return_value) \
- type actual_structure_allocated_in_macro; \
- type * pointer_var_name = &actual_structure_allocated_in_macro; \
- PORT_Memset (pointer_var_name, 0, sizeof (*pointer_var_name)); \
- ((void) 0) /* and now a semicolon can follow */
-
- #define FREE_IF_ALLOC_IS_USED(pointer_var_name) ((void) 0)
-
-#endif /* not Win 16 */
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_encode
- *
- * Call SEC_PKCS7Encode inside
- * the mozilla thread
- *
- */
-
-struct EVIL_encode
- {
- int error;
- SECStatus status;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7EncoderOutputCallback outputfn;
- void *outputarg;
- PK11SymKey *bulkkey;
- SECKEYGetPasswordKey pwfn;
- void *pwfnarg;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_encode_fn (void *data)
- {
- SECStatus status;
- struct EVIL_encode *encode_data = (struct EVIL_encode *)data;
-
- PORT_SetError (encode_data->error);
-
- status = SEC_PKCS7Encode (encode_data->cinfo, encode_data->outputfn,
- encode_data->outputarg, encode_data->bulkkey,
- encode_data->pwfn, encode_data->pwfnarg);
-
- encode_data->status = status;
- encode_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-SECStatus jar_moz_encode
- (
- SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg
- )
- {
- SECStatus ret;
- ALLOC_OR_DEFINE(struct EVIL_encode, encode_data, SECFailure);
-
- encode_data->error = PORT_GetError();
- encode_data->cinfo = cinfo;
- encode_data->outputfn = outputfn;
- encode_data->outputarg = outputarg;
- encode_data->bulkkey = bulkkey;
- encode_data->pwfn = pwfn;
- encode_data->pwfnarg = pwfnarg;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_encode_fn, encode_data);
- else
- jar_moz_encode_fn (encode_data);
-#else
- jar_moz_encode_fn (encode_data);
-#endif
-
- PORT_SetError (encode_data->error);
- ret = encode_data->status;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(encode_data);
- return ret;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_verify
- *
- * Call SEC_PKCS7VerifyDetachedSignature inside
- * the mozilla thread
- *
- */
-
-struct EVIL_verify
- {
- int error;
- SECStatus status;
- SEC_PKCS7ContentInfo *cinfo;
- SECCertUsage certusage;
- SECItem *detached_digest;
- HASH_HashType digest_type;
- PRBool keepcerts;
- };
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_verify_fn (void *data)
- {
- PRBool result;
- struct EVIL_verify *verify_data = (struct EVIL_verify *)data;
-
- PORT_SetError (verify_data->error);
-
- result = SEC_PKCS7VerifyDetachedSignature
- (verify_data->cinfo, verify_data->certusage, verify_data->detached_digest,
- verify_data->digest_type, verify_data->keepcerts);
-
-
- verify_data->status = result==PR_TRUE ? SECSuccess : SECFailure;
- verify_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-SECStatus jar_moz_verify
- (
- SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts
- )
- {
- SECStatus ret;
- ALLOC_OR_DEFINE(struct EVIL_verify, verify_data, SECFailure);
-
- verify_data->error = PORT_GetError();
- verify_data->cinfo = cinfo;
- verify_data->certusage = certusage;
- verify_data->detached_digest = detached_digest;
- verify_data->digest_type = digest_type;
- verify_data->keepcerts = keepcerts;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_verify_fn, verify_data);
- else
- jar_moz_verify_fn (verify_data);
-#else
- jar_moz_verify_fn (verify_data);
-#endif
-
- PORT_SetError (verify_data->error);
- ret = verify_data->status;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(verify_data);
- return ret;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_nickname
- *
- * Call CERT_FindCertByNickname inside
- * the mozilla thread
- *
- */
-
-struct EVIL_nickname
- {
- int error;
- CERTCertDBHandle *certdb;
- char *nickname;
- CERTCertificate *cert;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_nickname_fn (void *data)
- {
- CERTCertificate *cert;
- struct EVIL_nickname *nickname_data = (struct EVIL_nickname *)data;
-
- PORT_SetError (nickname_data->error);
-
- cert = CERT_FindCertByNickname (nickname_data->certdb, nickname_data->nickname);
-
- nickname_data->cert = cert;
- nickname_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_nickname (CERTCertDBHandle *certdb, char *nickname)
- {
- CERTCertificate *cert;
- ALLOC_OR_DEFINE(struct EVIL_nickname, nickname_data, NULL );
-
- nickname_data->error = PORT_GetError();
- nickname_data->certdb = certdb;
- nickname_data->nickname = nickname;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_nickname_fn, nickname_data);
- else
- jar_moz_nickname_fn (nickname_data);
-#else
- jar_moz_nickname_fn (nickname_data);
-#endif
-
- PORT_SetError (nickname_data->error);
- cert = nickname_data->cert;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(nickname_data);
- return cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_perm
- *
- * Call CERT_AddTempCertToPerm inside
- * the mozilla thread
- *
- */
-
-struct EVIL_perm
- {
- int error;
- SECStatus status;
- CERTCertificate *cert;
- char *nickname;
- CERTCertTrust *trust;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_perm_fn (void *data)
- {
- SECStatus status;
- struct EVIL_perm *perm_data = (struct EVIL_perm *)data;
-
- PORT_SetError (perm_data->error);
-
- status = __CERT_AddTempCertToPerm (perm_data->cert, perm_data->nickname, perm_data->trust);
-
- perm_data->status = status;
- perm_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-SECStatus jar_moz_perm
- (CERTCertificate *cert, char *nickname, CERTCertTrust *trust)
- {
- SECStatus ret;
- ALLOC_OR_DEFINE(struct EVIL_perm, perm_data, SECFailure);
-
- perm_data->error = PORT_GetError();
- perm_data->cert = cert;
- perm_data->nickname = nickname;
- perm_data->trust = trust;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_perm_fn, perm_data);
- else
- jar_moz_perm_fn (perm_data);
-#else
- jar_moz_perm_fn (perm_data);
-#endif
-
- PORT_SetError (perm_data->error);
- ret = perm_data->status;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(perm_data);
- return ret;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_certkey
- *
- * Call CERT_FindCertByKey inside
- * the mozilla thread
- *
- */
-
-struct EVIL_certkey
- {
- int error;
- CERTCertificate *cert;
- CERTCertDBHandle *certdb;
- CERTIssuerAndSN *seckey;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_certkey_fn (void *data)
- {
- CERTCertificate *cert;
- struct EVIL_certkey *certkey_data = (struct EVIL_certkey *)data;
-
- PORT_SetError (certkey_data->error);
-
- cert=CERT_FindCertByIssuerAndSN(certkey_data->certdb, certkey_data->seckey);
-
- certkey_data->cert = cert;
- certkey_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_certkey (CERTCertDBHandle *certdb,
- CERTIssuerAndSN *seckey)
- {
- CERTCertificate *cert;
- ALLOC_OR_DEFINE(struct EVIL_certkey, certkey_data, NULL);
-
- certkey_data->error = PORT_GetError();
- certkey_data->certdb = certdb;
- certkey_data->seckey = seckey;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_certkey_fn, certkey_data);
- else
- jar_moz_certkey_fn (certkey_data);
-#else
- jar_moz_certkey_fn (certkey_data);
-#endif
-
- PORT_SetError (certkey_data->error);
- cert = certkey_data->cert;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(certkey_data);
- return cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_issuer
- *
- * Call CERT_FindCertIssuer inside
- * the mozilla thread
- *
- */
-
-struct EVIL_issuer
- {
- int error;
- CERTCertificate *cert;
- CERTCertificate *issuer;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_issuer_fn (void *data)
- {
- CERTCertificate *issuer;
- struct EVIL_issuer *issuer_data = (struct EVIL_issuer *)data;
-
- PORT_SetError (issuer_data->error);
-
- issuer = CERT_FindCertIssuer (issuer_data->cert, PR_Now(),
- certUsageObjectSigner);
-
- issuer_data->issuer = issuer;
- issuer_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_issuer (CERTCertificate *cert)
- {
- CERTCertificate *issuer_cert;
- ALLOC_OR_DEFINE(struct EVIL_issuer, issuer_data, NULL);
-
- issuer_data->error = PORT_GetError();
- issuer_data->cert = cert;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_issuer_fn, issuer_data);
- else
- jar_moz_issuer_fn (issuer_data);
-#else
- jar_moz_issuer_fn (issuer_data);
-#endif
-
- PORT_SetError (issuer_data->error);
- issuer_cert = issuer_data->issuer;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(issuer_data);
- return issuer_cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_dup
- *
- * Call CERT_DupCertificate inside
- * the mozilla thread
- *
- */
-
-struct EVIL_dup
- {
- int error;
- CERTCertificate *cert;
- CERTCertificate *return_cert;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_dup_fn (void *data)
- {
- CERTCertificate *return_cert;
- struct EVIL_dup *dup_data = (struct EVIL_dup *)data;
-
- PORT_SetError (dup_data->error);
-
- return_cert = CERT_DupCertificate (dup_data->cert);
-
- dup_data->return_cert = return_cert;
- dup_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_dup (CERTCertificate *cert)
- {
- CERTCertificate *dup_cert;
- ALLOC_OR_DEFINE(struct EVIL_dup, dup_data, NULL);
-
- dup_data->error = PORT_GetError();
- dup_data->cert = cert;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_dup_fn, dup_data);
- else
- jar_moz_dup_fn (dup_data);
-#else
- jar_moz_dup_fn (dup_data);
-#endif
-
- PORT_SetError (dup_data->error);
- dup_cert = dup_data->return_cert;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(dup_data);
- return dup_cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
diff --git a/security/nss/lib/jar/jarevil.h b/security/nss/lib/jar/jarevil.h
deleted file mode 100644
index 95b4f6883..000000000
--- a/security/nss/lib/jar/jarevil.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * jarevil.h
- *
- * dot H file for calls to mozilla thread
- * from within jarver.c
- *
- */
-
-#include "certt.h"
-#include "secpkcs7.h"
-
-extern SECStatus jar_moz_encode
- (
- SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg
- );
-
-extern SECStatus jar_moz_verify
- (
- SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts
- );
-
-extern CERTCertificate *jar_moz_nickname
- (CERTCertDBHandle *certdb, char *nickname);
-
-extern SECStatus jar_moz_perm
- (CERTCertificate *cert, char *nickname, CERTCertTrust *trust);
-
-extern CERTCertificate *jar_moz_certkey
- (CERTCertDBHandle *certdb, CERTIssuerAndSN *seckey);
-
-extern CERTCertificate *jar_moz_issuer (CERTCertificate *cert);
-
-extern CERTCertificate *jar_moz_dup (CERTCertificate *cert);
-
diff --git a/security/nss/lib/jar/jarfile.c b/security/nss/lib/jar/jarfile.c
deleted file mode 100644
index 19a3eaa02..000000000
--- a/security/nss/lib/jar/jarfile.c
+++ /dev/null
@@ -1,1151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARFILE
- *
- * Parsing of a Jar file
- */
-
-#define JAR_SIZE 256
-
-#include "jar.h"
-
-#include "jarint.h"
-#include "jarfile.h"
-
-/* commercial compression */
-#include "jzlib.h"
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include "sys/stat.h"
-#endif
-
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-/* extracting */
-
-static int jar_guess_jar (char *filename, JAR_FILE fp);
-
-static int jar_inflate_memory
- (unsigned int method, long *length, long expected_out_len, char ZHUGEP **data);
-
-static int jar_physical_extraction
- (JAR_FILE fp, char *outpath, long offset, long length);
-
-static int jar_physical_inflate
- (JAR_FILE fp, char *outpath, long offset,
- long length, unsigned int method);
-
-static int jar_verify_extract
- (JAR *jar, char *path, char *physical_path);
-
-static JAR_Physical *jar_get_physical (JAR *jar, char *pathname);
-
-static int jar_extract_manifests (JAR *jar, jarArch format, JAR_FILE fp);
-
-static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext);
-
-
-/* indexing */
-
-static int jar_gen_index (JAR *jar, jarArch format, JAR_FILE fp);
-
-static int jar_listtar (JAR *jar, JAR_FILE fp);
-
-static int jar_listzip (JAR *jar, JAR_FILE fp);
-
-
-/* conversions */
-
-static int dosdate (char *date, char *s);
-
-static int dostime (char *time, char *s);
-
-static unsigned int xtoint (unsigned char *ii);
-
-static unsigned long xtolong (unsigned char *ll);
-
-static long atoo (char *s);
-
-/*
- * J A R _ p a s s _ a r c h i v e
- *
- * For use by naive clients. Slam an entire archive file
- * into this function. We extract manifests, parse, index
- * the archive file, and do whatever nastiness.
- *
- */
-
-int JAR_pass_archive
- (JAR *jar, jarArch format, char *filename, const char *url)
- {
- JAR_FILE fp;
- int status = 0;
-
- if (filename == NULL)
- return JAR_ERR_GENERAL;
-
- if ((fp = JAR_FOPEN (filename, "rb")) != NULL)
- {
- if (format == jarArchGuess)
- format = (jarArch)jar_guess_jar (filename, fp);
-
- jar->format = format;
- jar->url = url ? PORT_Strdup (url) : NULL;
- jar->filename = PORT_Strdup (filename);
-
- status = jar_gen_index (jar, format, fp);
-
- if (status == 0)
- status = jar_extract_manifests (jar, format, fp);
-
- JAR_FCLOSE (fp);
-
- if (status < 0)
- return status;
-
- /* people were expecting it this way */
- return jar->valid;
- }
- else
- {
- /* file not found */
- return JAR_ERR_FNF;
- }
- }
-
-/*
- * J A R _ p a s s _ a r c h i v e _ u n v e r i f i e d
- *
- * Same as JAR_pass_archive, but doesn't parse signatures.
- *
- */
-int JAR_pass_archive_unverified
- (JAR *jar, jarArch format, char *filename, const char *url)
-{
- JAR_FILE fp;
- int status = 0;
-
- if (filename == NULL) {
- return JAR_ERR_GENERAL;
- }
-
- if ((fp = JAR_FOPEN (filename, "rb")) != NULL) {
- if (format == jarArchGuess) {
- format = (jarArch)jar_guess_jar (filename, fp);
- }
-
- jar->format = format;
- jar->url = url ? PORT_Strdup (url) : NULL;
- jar->filename = PORT_Strdup (filename);
-
- status = jar_gen_index (jar, format, fp);
-
- if (status == 0) {
- status = jar_extract_mf(jar, format, fp, "mf");
- }
-
- JAR_FCLOSE (fp);
-
- if (status < 0) {
- return status;
- }
-
- /* people were expecting it this way */
- return jar->valid;
- } else {
- /* file not found */
- return JAR_ERR_FNF;
- }
-}
-
-/*
- * J A R _ v e r i f i e d _ e x t r a c t
- *
- * Optimization: keep a file descriptor open
- * inside the JAR structure, so we don't have to
- * open the file 25 times to run java.
- *
- */
-
-int JAR_verified_extract
- (JAR *jar, char *path, char *outpath)
- {
- int status;
-
- status = JAR_extract (jar, path, outpath);
-
- if (status >= 0)
- return jar_verify_extract (jar, path, outpath);
- else
- return status;
- }
-
-int JAR_extract
- (JAR *jar, char *path, char *outpath)
- {
- int result;
-
- JAR_Physical *phy;
-
- if (jar->fp == NULL && jar->filename)
- {
- jar->fp = (FILE*)JAR_FOPEN (jar->filename, "rb");
- }
-
- if (jar->fp == NULL)
- {
- /* file not found */
- return JAR_ERR_FNF;
- }
-
- phy = jar_get_physical (jar, path);
-
- if (phy)
- {
- if (phy->compression != 0 && phy->compression != 8)
- {
- /* unsupported compression method */
- result = JAR_ERR_CORRUPT;
- }
-
- if (phy->compression == 0)
- {
- result = jar_physical_extraction
- ((PRFileDesc*)jar->fp, outpath, phy->offset, phy->length);
- }
- else
- {
- result = jar_physical_inflate
- ((PRFileDesc*)jar->fp, outpath, phy->offset, phy->length,
- (unsigned int) phy->compression);
- }
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
- if (phy->mode)
- chmod (outpath, 0400 | (mode_t) phy->mode);
-#endif
- }
- else
- {
- /* pathname not found in archive */
- result = JAR_ERR_PNF;
- }
-
- return result;
- }
-
-/*
- * p h y s i c a l _ e x t r a c t i o n
- *
- * This needs to be done in chunks of say 32k, instead of
- * in one bulk calloc. (Necessary under Win16 platform.)
- * This is done for uncompressed entries only.
- *
- */
-
-#define CHUNK 32768
-
-static int jar_physical_extraction
- (JAR_FILE fp, char *outpath, long offset, long length)
- {
- JAR_FILE out;
-
- char *buffer;
- long at, chunk;
-
- int status = 0;
-
- buffer = (char *) PORT_ZAlloc (CHUNK);
-
- if (buffer == NULL)
- return JAR_ERR_MEMORY;
-
- if ((out = JAR_FOPEN (outpath, "wb")) != NULL)
- {
- at = 0;
-
- JAR_FSEEK (fp, offset, (PRSeekWhence)0);
-
- while (at < length)
- {
- chunk = (at + CHUNK <= length) ? CHUNK : length - at;
-
- if (JAR_FREAD (fp, buffer, chunk) != chunk)
- {
- status = JAR_ERR_DISK;
- break;
- }
-
- at += chunk;
-
- if (JAR_FWRITE (out, buffer, chunk) < chunk)
- {
- /* most likely a disk full error */
- status = JAR_ERR_DISK;
- break;
- }
- }
- JAR_FCLOSE (out);
- }
- else
- {
- /* error opening output file */
- status = JAR_ERR_DISK;
- }
-
- PORT_Free (buffer);
- return status;
- }
-
-/*
- * j a r _ p h y s i c a l _ i n f l a t e
- *
- * Inflate a range of bytes in a file, writing the inflated
- * result to "outpath". Chunk based.
- *
- */
-
-/* input and output chunks differ, assume 4x compression */
-
-#define ICHUNK 8192
-#define OCHUNK 32768
-
-static int jar_physical_inflate
- (JAR_FILE fp, char *outpath, long offset,
- long length, unsigned int method)
- {
- z_stream zs;
-
- JAR_FILE out;
-
- long at, chunk;
- char *inbuf, *outbuf;
-
- int status = 0;
-
- unsigned long prev_total, ochunk, tin;
-
- if ((inbuf = (char *) PORT_ZAlloc (ICHUNK)) == NULL)
- return JAR_ERR_MEMORY;
-
- if ((outbuf = (char *) PORT_ZAlloc (OCHUNK)) == NULL)
- {
- PORT_Free (inbuf);
- return JAR_ERR_MEMORY;
- }
-
- PORT_Memset (&zs, 0, sizeof (zs));
- status = inflateInit2 (&zs, -MAX_WBITS);
-
- if (status != Z_OK)
- return JAR_ERR_GENERAL;
-
- if ((out = JAR_FOPEN (outpath, "wb")) != NULL)
- {
- at = 0;
-
- JAR_FSEEK (fp, offset, (PRSeekWhence)0);
-
- while (at < length)
- {
- chunk = (at + ICHUNK <= length) ? ICHUNK : length - at;
-
- if (JAR_FREAD (fp, inbuf, chunk) != chunk)
- {
- /* incomplete read */
- return JAR_ERR_CORRUPT;
- }
-
- at += chunk;
-
- zs.next_in = (Bytef *) inbuf;
- zs.avail_in = chunk;
- zs.avail_out = OCHUNK;
-
- tin = zs.total_in;
-
- while ((zs.total_in - tin < chunk) || (zs.avail_out == 0))
- {
- prev_total = zs.total_out;
-
- zs.next_out = (Bytef *) outbuf;
- zs.avail_out = OCHUNK;
-
- status = inflate (&zs, Z_NO_FLUSH);
-
- if (status != Z_OK && status != Z_STREAM_END)
- {
- /* error during decompression */
- return JAR_ERR_CORRUPT;
- }
-
- ochunk = zs.total_out - prev_total;
-
- if (JAR_FWRITE (out, outbuf, ochunk) < ochunk)
- {
- /* most likely a disk full error */
- status = JAR_ERR_DISK;
- break;
- }
-
- if (status == Z_STREAM_END)
- break;
- }
- }
-
- JAR_FCLOSE (out);
- status = inflateEnd (&zs);
- }
- else
- {
- /* error opening output file */
- status = JAR_ERR_DISK;
- }
-
- PORT_Free (inbuf);
- PORT_Free (outbuf);
-
- return status;
- }
-
-/*
- * j a r _ i n f l a t e _ m e m o r y
- *
- * Call zlib to inflate the given memory chunk. It is re-XP_ALLOC'd,
- * and thus appears to operate inplace to the caller.
- *
- */
-
-static int jar_inflate_memory
- (unsigned int method, long *length, long expected_out_len, char ZHUGEP **data)
- {
- int status;
- z_stream zs;
-
- long insz, outsz;
-
- char *inbuf, *outbuf;
-
- inbuf = *data;
- insz = *length;
-
- outsz = expected_out_len;
- outbuf = (char*)PORT_ZAlloc (outsz);
-
- if (outbuf == NULL)
- return JAR_ERR_MEMORY;
-
- PORT_Memset (&zs, 0, sizeof (zs));
-
- status = inflateInit2 (&zs, -MAX_WBITS);
-
- if (status < 0)
- {
- /* error initializing zlib stream */
- return JAR_ERR_GENERAL;
- }
-
- zs.next_in = (Bytef *) inbuf;
- zs.next_out = (Bytef *) outbuf;
-
- zs.avail_in = insz;
- zs.avail_out = outsz;
-
- status = inflate (&zs, Z_FINISH);
-
- if (status != Z_OK && status != Z_STREAM_END)
- {
- /* error during deflation */
- return JAR_ERR_GENERAL;
- }
-
- status = inflateEnd (&zs);
-
- if (status != Z_OK)
- {
- /* error during deflation */
- return JAR_ERR_GENERAL;
- }
-
- PORT_Free (*data);
-
- *data = outbuf;
- *length = zs.total_out;
-
- return 0;
- }
-
-/*
- * v e r i f y _ e x t r a c t
- *
- * Validate signature on the freshly extracted file.
- *
- */
-
-static int jar_verify_extract (JAR *jar, char *path, char *physical_path)
- {
- int status;
- JAR_Digest dig;
-
- PORT_Memset (&dig, 0, sizeof (JAR_Digest));
- status = JAR_digest_file (physical_path, &dig);
-
- if (!status)
- status = JAR_verify_digest (jar, path, &dig);
-
- return status;
- }
-
-/*
- * g e t _ p h y s i c a l
- *
- * Let's get physical.
- * Obtains the offset and length of this file in the jar file.
- *
- */
-
-static JAR_Physical *jar_get_physical (JAR *jar, char *pathname)
- {
- JAR_Item *it;
-
- JAR_Physical *phy;
-
- ZZLink *link;
- ZZList *list;
-
- list = jar->phy;
-
- if (ZZ_ListEmpty (list))
- return NULL;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypePhy
- && it->pathname && !PORT_Strcmp (it->pathname, pathname))
- {
- phy = (JAR_Physical *) it->data;
- return phy;
- }
- }
-
- return NULL;
- }
-
-/*
- * j a r _ e x t r a c t _ m a n i f e s t s
- *
- * Extract the manifest files and parse them,
- * from an open archive file whose contents are known.
- *
- */
-
-static int jar_extract_manifests (JAR *jar, jarArch format, JAR_FILE fp)
- {
- int status;
-
- if (format != jarArchZip && format != jarArchTar)
- return JAR_ERR_CORRUPT;
-
- if ((status = jar_extract_mf (jar, format, fp, "mf")) < 0)
- return status;
-
- if ((status = jar_extract_mf (jar, format, fp, "sf")) < 0)
- return status;
-
- if ((status = jar_extract_mf (jar, format, fp, "rsa")) < 0)
- return status;
-
- if ((status = jar_extract_mf (jar, format, fp, "dsa")) < 0)
- return status;
-
- return 0;
- }
-
-/*
- * j a r _ e x t r a c t _ m f
- *
- * Extracts manifest files based on an extension, which
- * should be .MF, .SF, .RSA, etc. Order of the files is now no
- * longer important when zipping jar files.
- *
- */
-
-static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext)
- {
- JAR_Item *it;
-
- JAR_Physical *phy;
-
- ZZLink *link;
- ZZList *list;
-
- char *fn, *e;
- char ZHUGEP *manifest;
-
- long length;
- int status, ret = 0, num;
-
- list = jar->phy;
-
- if (ZZ_ListEmpty (list))
- return JAR_ERR_PNF;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypePhy
- && !PORT_Strncmp (it->pathname, "META-INF", 8))
- {
- phy = (JAR_Physical *) it->data;
-
- if (PORT_Strlen (it->pathname) < 8)
- continue;
-
- fn = it->pathname + 8;
- if (*fn == '/' || *fn == '\\') fn++;
-
- if (*fn == 0)
- {
- /* just a directory entry */
- continue;
- }
-
- /* skip to extension */
- for (e = fn; *e && *e != '.'; e++)
- /* yip */ ;
-
- /* and skip dot */
- if (*e == '.') e++;
-
- if (PORT_Strcasecmp (ext, e))
- {
- /* not the right extension */
- continue;
- }
-
- if (phy->length == 0)
- {
- /* manifest files cannot be zero length! */
- return JAR_ERR_CORRUPT;
- }
-
- /* Read in the manifest and parse it */
- /* FIX? Does this break on win16 for very very large manifest files? */
-
-#ifdef XP_WIN16
- PORT_Assert( phy->length+1 < 0xFFFF );
-#endif
-
- manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1);
- if (manifest)
- {
- JAR_FSEEK (fp, phy->offset, (PRSeekWhence)0);
- num = JAR_FREAD (fp, manifest, phy->length);
-
- if (num != phy->length)
- {
- /* corrupt archive file */
- return JAR_ERR_CORRUPT;
- }
-
- if (phy->compression == 8)
- {
- length = phy->length;
-
- status = jar_inflate_memory ((unsigned int) phy->compression, &length, phy->uncompressed_length, &manifest);
-
- if (status < 0)
- return status;
- }
- else if (phy->compression)
- {
- /* unsupported compression method */
- return JAR_ERR_CORRUPT;
- }
- else
- length = phy->length;
-
- status = JAR_parse_manifest
- (jar, manifest, length, it->pathname, "url");
-
- PORT_Free (manifest);
-
- if (status < 0 && ret == 0) ret = status;
- }
- else
- return JAR_ERR_MEMORY;
- }
- else if (it->type == jarTypePhy)
- {
- /* ordinary file */
- }
- }
-
- return ret;
- }
-
-/*
- * j a r _ g e n _ i n d e x
- *
- * Generate an index for the various types of
- * known archive files. Right now .ZIP and .TAR
- *
- */
-
-static int jar_gen_index (JAR *jar, jarArch format, JAR_FILE fp)
- {
- int result = JAR_ERR_CORRUPT;
- JAR_FSEEK (fp, 0, (PRSeekWhence)0);
-
- switch (format)
- {
- case jarArchZip:
- result = jar_listzip (jar, fp);
- break;
-
- case jarArchTar:
- result = jar_listtar (jar, fp);
- break;
-
- case jarArchGuess:
- case jarArchNone:
- return JAR_ERR_GENERAL;
- }
-
- JAR_FSEEK (fp, 0, (PRSeekWhence)0);
- return result;
- }
-
-
-/*
- * j a r _ l i s t z i p
- *
- * List the physical contents of a Phil Katz
- * style .ZIP file into the JAR linked list.
- *
- */
-
-static int jar_listzip (JAR *jar, JAR_FILE fp)
- {
- int err = 0;
-
- long pos = 0L;
- char filename [JAR_SIZE];
-
- char date [9], time [9];
- char sig [4];
-
- unsigned int compression;
- unsigned int filename_len, extra_len;
-
- struct ZipLocal *Local;
- struct ZipCentral *Central;
- struct ZipEnd *End;
-
- /* phy things */
-
- ZZLink *ent;
- JAR_Item *it;
- JAR_Physical *phy;
-
- Local = (struct ZipLocal *) PORT_ZAlloc (30);
- Central = (struct ZipCentral *) PORT_ZAlloc (46);
- End = (struct ZipEnd *) PORT_ZAlloc (22);
-
- if (!Local || !Central || !End)
- {
- /* out of memory */
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- while (1)
- {
- JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
- if (JAR_FREAD (fp, (char *) sig, 4) != 4)
- {
- /* zip file ends prematurely */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
- if (xtolong ((unsigned char *)sig) == LSIG)
- {
- JAR_FREAD (fp, (char *) Local, 30);
-
- filename_len = xtoint ((unsigned char *) Local->filename_len);
- extra_len = xtoint ((unsigned char *) Local->extrafield_len);
-
- if (filename_len >= JAR_SIZE)
- {
- /* corrupt zip file */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- if (JAR_FREAD (fp, filename, filename_len) != filename_len)
- {
- /* truncated archive file */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- filename [filename_len] = 0;
-
- /* Add this to our jar chain */
-
- phy = (JAR_Physical *) PORT_ZAlloc (sizeof (JAR_Physical));
-
- if (phy == NULL)
- {
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- /* We will index any file that comes our way, but when it comes
- to actually extraction, compression must be 0 or 8 */
-
- compression = xtoint ((unsigned char *) Local->method);
- phy->compression = compression >= 0 &&
- compression <= 255 ? compression : 222;
-
- phy->offset = pos + 30 + filename_len + extra_len;
- phy->length = xtolong ((unsigned char *) Local->size);
- phy->uncompressed_length = xtolong((unsigned char *) Local->orglen);
-
- dosdate (date, Local->date);
- dostime (time, Local->time);
-
- it = (JAR_Item*)PORT_ZAlloc (sizeof (JAR_Item));
- if (it == NULL)
- {
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- it->pathname = PORT_Strdup (filename);
-
- it->type = jarTypePhy;
-
- it->data = (unsigned char *) phy;
- it->size = sizeof (JAR_Physical);
-
- ent = ZZ_NewLink (it);
-
- if (ent == NULL)
- {
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- ZZ_AppendLink (jar->phy, ent);
-
- pos = phy->offset + phy->length;
- }
- else if (xtolong ( (unsigned char *)sig) == CSIG)
- {
- if (JAR_FREAD (fp, (char *) Central, 46) != 46)
- {
- /* apparently truncated archive */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
- /* with unix we need to locate any bits from
- the protection mask in the external attributes. */
- {
- unsigned int attr;
-
- /* determined empirically */
- attr = Central->external_attributes [2];
-
- if (attr)
- {
- /* we have to read the filename, again */
-
- filename_len = xtoint ((unsigned char *) Central->filename_len);
-
- if (filename_len >= JAR_SIZE)
- {
- /* corrupt in central directory */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- if (JAR_FREAD (fp, filename, filename_len) != filename_len)
- {
- /* truncated in central directory */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- filename [filename_len] = 0;
-
- /* look up this name again */
- phy = jar_get_physical (jar, filename);
-
- if (phy)
- {
- /* always allow access by self */
- phy->mode = 0400 | attr;
- }
- }
- }
-#endif
-
- pos += 46 + xtoint ( (unsigned char *)Central->filename_len)
- + xtoint ( (unsigned char *)Central->commentfield_len)
- + xtoint ( (unsigned char *)Central->extrafield_len);
- }
- else if (xtolong ( (unsigned char *)sig) == ESIG)
- {
- if (JAR_FREAD (fp, (char *) End, 22) != 22)
- {
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
- else
- break;
- }
- else
- {
- /* garbage in archive */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
- }
-
-loser:
-
- if (Local) PORT_Free (Local);
- if (Central) PORT_Free (Central);
- if (End) PORT_Free (End);
-
- return err;
- }
-
-/*
- * j a r _ l i s t t a r
- *
- * List the physical contents of a Unix
- * .tar file into the JAR linked list.
- *
- */
-
-static int jar_listtar (JAR *jar, JAR_FILE fp)
- {
- long pos = 0L;
-
- long sz, mode;
- time_t when;
- union TarEntry tarball;
-
- char *s;
-
- /* phy things */
-
- JAR_Physical *phy;
-
- while (1)
- {
- JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
- if (JAR_FREAD (fp, (char *) &tarball, 512) < 512)
- break;
-
- if (!*tarball.val.filename)
- break;
-
- when = atoo (tarball.val.time);
- sz = atoo (tarball.val.size);
- mode = atoo (tarball.val.mode);
-
-
- /* Tag the end of filename */
-
- s = tarball.val.filename;
- while (*s && *s != ' ') s++;
- *s = 0;
-
-
- /* Add to our linked list */
-
- phy = (JAR_Physical *) PORT_ZAlloc (sizeof (JAR_Physical));
-
- if (phy == NULL)
- return JAR_ERR_MEMORY;
-
- phy->compression = 0;
- phy->offset = pos + 512;
- phy->length = sz;
-
- ADDITEM (jar->phy, jarTypePhy,
- tarball.val.filename, phy, sizeof (JAR_Physical));
-
-
- /* Advance to next file entry */
-
- sz += 511;
- sz = (sz / 512) * 512;
-
- pos += sz + 512;
- }
-
- return 0;
- }
-
-/*
- * d o s d a t e
- *
- * Not used right now, but keep it in here because
- * it will be needed.
- *
- */
-
-static int dosdate (char *date, char *s)
- {
- int num = xtoint ( (unsigned char *)s);
-
- PR_snprintf (date, 9, "%02d-%02d-%02d",
- ((num >> 5) & 0x0F), (num & 0x1F), ((num >> 9) + 80));
-
- return 0;
- }
-
-/*
- * d o s t i m e
- *
- * Not used right now, but keep it in here because
- * it will be needed.
- *
- */
-
-static int dostime (char *time, char *s)
- {
- int num = xtoint ( (unsigned char *)s);
-
- PR_snprintf (time, 6, "%02d:%02d",
- ((num >> 11) & 0x1F), ((num >> 5) & 0x3F));
-
- return 0;
- }
-
-/*
- * x t o i n t
- *
- * Converts a two byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static unsigned int xtoint (unsigned char *ii)
- {
- return (int) (ii [0]) | ((int) ii [1] << 8);
- }
-
-/*
- * x t o l o n g
- *
- * Converts a four byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static unsigned long xtolong (unsigned char *ll)
- {
- unsigned long ret;
-
- ret = (
- (((unsigned long) ll [0]) << 0) |
- (((unsigned long) ll [1]) << 8) |
- (((unsigned long) ll [2]) << 16) |
- (((unsigned long) ll [3]) << 24)
- );
-
- return ret;
- }
-
-/*
- * a t o o
- *
- * Ascii octal to decimal.
- * Used for integer encoding inside tar files.
- *
- */
-
-static long atoo (char *s)
- {
- long num = 0L;
-
- while (*s == ' ') s++;
-
- while (*s >= '0' && *s <= '7')
- {
- num <<= 3;
- num += *s++ - '0';
- }
-
- return num;
- }
-
-/*
- * g u e s s _ j a r
- *
- * Try to guess what kind of JAR file this is.
- * Maybe tar, maybe zip. Look in the file for magic
- * or at its filename.
- *
- */
-
-static int jar_guess_jar (char *filename, JAR_FILE fp)
- {
- char *ext;
-
- ext = filename + PORT_Strlen (filename) - 4;
-
- if (!PORT_Strcmp (ext, ".tar"))
- return jarArchTar;
-
- return jarArchZip;
- }
diff --git a/security/nss/lib/jar/jarfile.h b/security/nss/lib/jar/jarfile.h
deleted file mode 100644
index d28b090fa..000000000
--- a/security/nss/lib/jar/jarfile.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARFILE.H
- *
- * Certain constants and structures for the archive format.
- *
- */
-
-/* ZIP */
-
-struct ZipLocal
- {
- char signature [4];
- char word [2];
- char bitflag [2];
- char method [2];
- char time [2];
- char date [2];
- char crc32 [4];
- char size [4];
- char orglen [4];
- char filename_len [2];
- char extrafield_len [2];
- };
-
-struct ZipCentral
- {
- char signature [4];
- char version_made_by [2];
- char version [2];
- char bitflag [2];
- char method [2];
- char time [2];
- char date [2];
- char crc32 [4];
- char size [4];
- char orglen [4];
- char filename_len [2];
- char extrafield_len [2];
- char commentfield_len [2];
- char diskstart_number [2];
- char internal_attributes [2];
- char external_attributes [4];
- char localhdr_offset [4];
- };
-
-struct ZipEnd
- {
- char signature [4];
- char disk_nr [2];
- char start_central_dir [2];
- char total_entries_disk [2];
- char total_entries_archive [2];
- char central_dir_size [4];
- char offset_central_dir [4];
- char commentfield_len [2];
- };
-
-#define LSIG 0x04034B50l
-#define CSIG 0x02014B50l
-#define ESIG 0x06054B50l
-
-/* TAR */
-
-union TarEntry
- {
- struct header
- {
- char filename [100];
- char mode [8];
- char uid [8];
- char gid [8];
- char size [12];
- char time [12];
- char checksum [8];
- char linkflag;
- char linkname [100];
- }
- val;
-
- char buffer [512];
- };
diff --git a/security/nss/lib/jar/jarint.c b/security/nss/lib/jar/jarint.c
deleted file mode 100644
index 4c8da5986..000000000
--- a/security/nss/lib/jar/jarint.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Internal libjar routines.
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-/*-----------------------------------------------------------------------
- * JAR_FOPEN_to_PR_Open
- * Translate JAR_FOPEN arguments to PR_Open arguments
- */
-PRFileDesc*
-JAR_FOPEN_to_PR_Open(const char* name, const char *mode)
-{
-
- PRIntn prflags=0, prmode=0;
-
- /* Get read/write flags */
- if(strchr(mode, 'r') && !strchr(mode, '+')) {
- prflags |= PR_RDONLY;
- } else if( (strchr(mode, 'w') || strchr(mode, 'a')) &&
- !strchr(mode,'+') ) {
- prflags |= PR_WRONLY;
- } else {
- prflags |= PR_RDWR;
- }
-
- /* Create a new file? */
- if(strchr(mode, 'w') || strchr(mode, 'a')) {
- prflags |= PR_CREATE_FILE;
- }
-
- /* Append? */
- if(strchr(mode, 'a')) {
- prflags |= PR_APPEND;
- }
-
- /* Truncate? */
- if(strchr(mode, 'w')) {
- prflags |= PR_TRUNCATE;
- }
-
- /* We can't do umask because it isn't XP. Choose some default
- mode for created files */
- prmode = 0755;
-
- return PR_Open(name, prflags, prmode);
-}
diff --git a/security/nss/lib/jar/jarint.h b/security/nss/lib/jar/jarint.h
deleted file mode 100644
index 7baa4f3f1..000000000
--- a/security/nss/lib/jar/jarint.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* JAR internal routines */
-
-#include "nspr.h"
-
-/* definitely required */
-/*#include "certdb.h" */
-#include "key.h"
-#include "base64.h"
-
-extern CERTCertDBHandle *JAR_open_database (void);
-
-extern int JAR_close_database (CERTCertDBHandle *certdb);
-
-extern int jar_close_key_database (void *keydb);
-
-extern void *jar_open_key_database (void);
-
-extern JAR_Signer *JAR_new_signer (void);
-
-extern void JAR_destroy_signer (JAR_Signer *signer);
-
-extern JAR_Signer *jar_get_signer (JAR *jar, char *basename);
-
-extern int jar_append (ZZList *list, int type,
- char *pathname, void *data, size_t size);
-
-/* Translate fopen mode arg to PR_Open flags and mode */
-PRFileDesc*
-JAR_FOPEN_to_PR_Open(const char *name, const char *mode);
-
-
-#define ADDITEM(list,type,pathname,data,size) \
- { int err; err = jar_append (list, type, pathname, data, size); \
- if (err < 0) return err; }
-
-/* Here is some ugliness in the event it is necessary to link
- with NSPR 1.0 libraries, which do not include an FSEEK. It is
- difficult to fudge an FSEEK into 1.0 so we use stdio. */
-
-/* stdio */
-#if 0
-#define JAR_FILE FILE *
-#define JAR_FOPEN(fn,mode) fopen(fn,mode)
-#define JAR_FCLOSE fclose
-#define JAR_FSEEK fseek
-#define JAR_FREAD(fp,buf,siz) fread(buf,1,siz,fp)
-#define JAR_FWRITE(fp,buf,siz) fwrite(buf,1,siz,fp)
-#endif
-
-#if 0
-/* nspr 1.0 suite */
-#define JAR_FILE PRFileHandle
-#define JAR_FOPEN(fn,mode) PR_OpenFile(fn,0,mode)
-#define JAR_FCLOSE PR_CLOSE
-#define JAR_FSEEK (no-equivalent)
-#define JAR_FREAD PR_READ
-#define JAR_FWRITE PR_WRITE
-#endif
-
-/* nspr 2.0 suite */
-#define JAR_FILE PRFileDesc *
-/* #define JAR_FOPEN(fn,mode) PR_Open(fn,0,0) */
-#define JAR_FOPEN(fn,mode) JAR_FOPEN_to_PR_Open(fn,mode)
-#define JAR_FCLOSE PR_Close
-#define JAR_FSEEK PR_Seek
-#define JAR_FREAD PR_Read
-#define JAR_FWRITE PR_Write
-
-#if 0
-/* nav XP suite, note argument order */
-#define JAR_FILE XP_File
-#define JAR_FOPEN(fn,mode) XP_FileOpen(fn,xpURL,mode)
-#define JAR_FCLOSE XP_FileClose
-#define JAR_FSEEK XP_FileSeek
-#define JAR_FREAD(fp,buf,siz) XP_FileRead(buf,siz,fp)
-#define JAR_FWRITE(fp,buf,siz) XP_FileWrite(buf,siz,fp)
-#endif
-
-int jar_create_pk7
- (CERTCertDBHandle *certdb, void *keydb,
- CERTCertificate *cert, char *password, JAR_FILE infp,
- JAR_FILE outfp);
-
diff --git a/security/nss/lib/jar/jarjart.c b/security/nss/lib/jar/jarjart.c
deleted file mode 100644
index 8cb4730f0..000000000
--- a/security/nss/lib/jar/jarjart.c
+++ /dev/null
@@ -1,357 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARJART
- *
- * JAR functions used by Jartool
- */
-
-/* This allows manifest files above 64k to be
- processed on non-win16 platforms */
-
-#include "jar.h"
-#include "jarint.h"
-#include "jarjart.h"
-#include "blapi.h" /* JAR is supposed to be above the line!! */
-#include "pk11func.h" /* PK11 wrapper funcs are all above the line. */
-#include "certdb.h"
-
-/* from certdb.h */
-#define CERTDB_USER (1<<6)
-
-/*
- * S O B _ l i s t _ c e r t s
- *
- * Return a list of newline separated certificate nicknames
- * (this function used by the Jartool)
- *
- */
-
-static SECStatus jar_list_cert_callback
- (CERTCertificate *cert, SECItem *k, void *data)
- {
- char *name;
- char **ugly_list;
-
- int trusted;
-
- ugly_list = (char **) data;
-
- if (cert)
- {
- name = cert->nickname;
-
- trusted = cert->trust->objectSigningFlags & CERTDB_USER;
-
- /* Add this name or email to list */
-
- if (name && trusted)
- {
- *ugly_list = (char*)PORT_Realloc
- (*ugly_list, PORT_Strlen (*ugly_list) + PORT_Strlen (name) + 2);
-
- if (*ugly_list)
- {
- if (**ugly_list)
- PORT_Strcat (*ugly_list, "\n");
-
- PORT_Strcat (*ugly_list, name);
- }
- }
- }
-
- return (SECSuccess);
- }
-
-/*
- * S O B _ J A R _ l i s t _ c e r t s
- *
- * Return a linfeed separated ascii list of certificate
- * nicknames for the Jartool.
- *
- */
-
-char *JAR_JAR_list_certs (void)
- {
- SECStatus status = SECFailure;
- CERTCertDBHandle *certdb;
- CERTCertList *certs;
- CERTCertListNode *node;
-
- char *ugly_list;
-
- certdb = JAR_open_database();
-
- /* a little something */
- ugly_list = (char*)PORT_ZAlloc (16);
-
- if (ugly_list)
- {
- *ugly_list = 0;
-
- certs = PK11_ListCerts(PK11CertListUnique, NULL/* pwarg*/);
- if (certs)
- {
- for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs);
- node = CERT_LIST_NEXT(node))
- {
- jar_list_cert_callback(node->cert, NULL, (void *)&ugly_list);
- }
- CERT_DestroyCertList(certs);
- status = SECSuccess;
- }
- }
-
- JAR_close_database (certdb);
-
- return (status != SECSuccess) ? NULL : ugly_list;
- }
-
-int JAR_JAR_validate_archive (char *filename)
- {
- JAR *jar;
- int status = -1;
-
- jar = JAR_new();
-
- if (jar)
- {
- status = JAR_pass_archive (jar, jarArchGuess, filename, "");
-
- if (status == 0)
- status = jar->valid;
-
- JAR_destroy (jar);
- }
-
- return status;
- }
-
-char *JAR_JAR_get_error (int status)
- {
- return JAR_get_error (status);
- }
-
-/*
- * S O B _ J A R _ h a s h
- *
- * Hash algorithm interface for use by the Jartool. Since we really
- * don't know the private sizes of the context, and Java does need to
- * know this number, allocate 512 bytes for it.
- *
- * In april 1997 hashes in this file were changed to call PKCS11,
- * as FIPS requires that when a smartcard has failed validation,
- * hashes are not to be performed. But because of the difficulty of
- * preserving pointer context between calls to the JAR_JAR hashing
- * functions, the hash routines are called directly, though after
- * checking to see if hashing is allowed.
- *
- */
-
-void *JAR_JAR_new_hash (int alg)
- {
- void *context;
-
- MD5Context *md5;
- SHA1Context *sha1;
-
- /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
- if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
- return NULL;
-
- context = PORT_ZAlloc (512);
-
- if (context)
- {
- switch (alg)
- {
- case 1: /* MD5 */
- md5 = (MD5Context *) context;
- MD5_Begin (md5);
- break;
-
- case 2: /* SHA1 */
- sha1 = (SHA1Context *) context;
- SHA1_Begin (sha1);
- break;
- }
- }
-
- return context;
- }
-
-void *JAR_JAR_hash (int alg, void *cookie, int length, void *data)
- {
- MD5Context *md5;
- SHA1Context *sha1;
-
- /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
- if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
- return NULL;
-
- if (length > 0)
- {
- switch (alg)
- {
- case 1: /* MD5 */
- md5 = (MD5Context *) cookie;
- MD5_Update (md5, (unsigned char*)data, length);
- break;
-
- case 2: /* SHA1 */
- sha1 = (SHA1Context *) cookie;
- SHA1_Update (sha1, (unsigned char*)data, length);
- break;
- }
- }
-
- return cookie;
- }
-
-void *JAR_JAR_end_hash (int alg, void *cookie)
- {
- int length;
- unsigned char *data;
- char *ascii;
-
- MD5Context *md5;
- SHA1Context *sha1;
-
- unsigned int md5_length;
- unsigned char md5_digest [MD5_LENGTH];
-
- unsigned int sha1_length;
- unsigned char sha1_digest [SHA1_LENGTH];
-
- /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
- if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
- return NULL;
-
- switch (alg)
- {
- case 1: /* MD5 */
-
- md5 = (MD5Context *) cookie;
-
- MD5_End (md5, md5_digest, &md5_length, MD5_LENGTH);
- /* MD5_DestroyContext (md5, PR_TRUE); */
-
- data = md5_digest;
- length = md5_length;
-
- break;
-
- case 2: /* SHA1 */
-
- sha1 = (SHA1Context *) cookie;
-
- SHA1_End (sha1, sha1_digest, &sha1_length, SHA1_LENGTH);
- /* SHA1_DestroyContext (sha1, PR_TRUE); */
-
- data = sha1_digest;
- length = sha1_length;
-
- break;
-
- default: return NULL;
- }
-
- /* Instead of destroy context, since we created it */
- /* PORT_Free (cookie); */
-
- ascii = BTOA_DataToAscii(data, length);
-
- return ascii ? PORT_Strdup (ascii) : NULL;
- }
-
-/*
- * S O B _ J A R _ s i g n _ a r c h i v e
- *
- * A simple API to sign a JAR archive.
- *
- */
-
-int JAR_JAR_sign_archive
- (char *nickname, char *password, char *sf, char *outsig)
- {
- char *out_fn;
-
- int status = JAR_ERR_GENERAL;
- JAR_FILE sf_fp;
- JAR_FILE out_fp;
-
- CERTCertDBHandle *certdb;
- void *keydb;
-
- CERTCertificate *cert;
-
- /* open cert and key databases */
-
- certdb = JAR_open_database();
- if (certdb == NULL)
- return JAR_ERR_GENERAL;
-
- keydb = jar_open_key_database();
- if (keydb == NULL)
- return JAR_ERR_GENERAL;
-
- out_fn = PORT_Strdup (sf);
-
- if (out_fn == NULL || PORT_Strlen (sf) < 5)
- return JAR_ERR_GENERAL;
-
- sf_fp = JAR_FOPEN (sf, "rb");
- out_fp = JAR_FOPEN (outsig, "wb");
-
- cert = CERT_FindCertByNickname (certdb, nickname);
-
- if (cert && sf_fp && out_fp)
- {
- status = jar_create_pk7 (certdb, keydb, cert, password, sf_fp, out_fp);
- }
-
- /* remove password from prying eyes */
- PORT_Memset (password, 0, PORT_Strlen (password));
-
- JAR_FCLOSE (sf_fp);
- JAR_FCLOSE (out_fp);
-
- JAR_close_database (certdb);
- jar_close_key_database (keydb);
-
- return status;
- }
diff --git a/security/nss/lib/jar/jarjart.h b/security/nss/lib/jar/jarjart.h
deleted file mode 100644
index bb4596e90..000000000
--- a/security/nss/lib/jar/jarjart.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * jarjart.h
- *
- * Functions for the Jartool, which is written in Java and
- * requires wrappers located elsewhere in the client.
- *
- * Do not call these unless you are the Jartool, no matter
- * how convenient they may appear.
- *
- */
-
-#ifndef _JARJART_H_
-#define _JARJART_H_
-
-/* return a list of certificate nicknames, separated by \n's */
-extern char *JAR_JAR_list_certs (void);
-
-/* validate archive, simple api */
-extern int JAR_JAR_validate_archive (char *filename);
-
-/* begin hash */
-extern void *JAR_JAR_new_hash (int alg);
-
-/* hash a streaming pile */
-extern void *JAR_JAR_hash (int alg, void *cookie, int length, void *data);
-
-/* end hash */
-extern void *JAR_JAR_end_hash (int alg, void *cookie);
-
-/* sign the archive (given an .SF file) with the given cert.
- The password argument is a relic, PKCS11 now handles that. */
-
-extern int JAR_JAR_sign_archive
- (char *nickname, char *password, char *sf, char *outsig);
-
-/* convert status to text */
-extern char *JAR_JAR_get_error (int status);
-
-#endif
diff --git a/security/nss/lib/jar/jarnav.c b/security/nss/lib/jar/jarnav.c
deleted file mode 100644
index 865ded5da..000000000
--- a/security/nss/lib/jar/jarnav.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARNAV.C
- *
- * JAR stuff needed for client only.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-/* from proto.h */
-#ifdef MOZILLA_CLIENT_OLD
-extern MWContext *XP_FindSomeContext(void);
-#endif
-
-/* sigh */
-extern MWContext *FE_GetInitContext(void);
-
-/* To return an MWContext for Java */
-static MWContext *(*jar_fn_FindSomeContext) (void) = NULL;
-
-/* To fabricate an MWContext for FE_GetPassword */
-static MWContext *(*jar_fn_GetInitContext) (void) = NULL;
-
-/*
- * J A R _ i n i t
- *
- * Initialize the JAR functions.
- *
- */
-
-void JAR_init (void)
- {
-#ifdef MOZILLA_CLIENT_OLD
- JAR_init_callbacks (XP_GetString, XP_FindSomeContext, FE_GetInitContext);
-#else
- JAR_init_callbacks (XP_GetString, NULL, NULL);
-#endif
- }
-
-/*
- * J A R _ s e t _ c o n t e x t
- *
- * Set the jar window context for use by PKCS11, since
- * it may be needed to prompt the user for a password.
- *
- */
-
-int JAR_set_context (JAR *jar, MWContext *mw)
- {
- if (mw)
- {
- jar->mw = mw;
- }
- else
- {
- /* jar->mw = XP_FindSomeContext(); */
- jar->mw = NULL;
-
- /*
- * We can't find a context because we're in startup state and none
- * exist yet. go get an FE_InitContext that only works at initialization
- * time.
- */
-
- /* Turn on the mac when we get the FE_ function */
- if (jar->mw == NULL)
- {
- jar->mw = jar_fn_GetInitContext();
- }
- }
-
- return 0;
- }
diff --git a/security/nss/lib/jar/jarsign.c b/security/nss/lib/jar/jarsign.c
deleted file mode 100644
index 5ff7d55de..000000000
--- a/security/nss/lib/jar/jarsign.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARSIGN
- *
- * Routines used in signing archives.
- */
-
-
-#define USE_MOZ_THREAD
-
-#include "jar.h"
-#include "jarint.h"
-
-#ifdef USE_MOZ_THREAD
-#include "jarevil.h"
-#endif
-
-#include "pk11func.h"
-#include "sechash.h"
-
-/* from libevent.h */
-typedef void (*ETVoidPtrFunc) (void * data);
-
-#ifdef MOZILLA_CLIENT_OLD
-
-extern void ET_moz_CallFunction (ETVoidPtrFunc fn, void *data);
-
-/* from proto.h */
-/* extern MWContext *XP_FindSomeContext(void); */
-extern void *XP_FindSomeContext(void);
-
-#endif
-
-/* key database wrapper */
-
-/* static SECKEYKeyDBHandle *jar_open_key_database (void); */
-
-/* CHUNQ is our bite size */
-
-#define CHUNQ 64000
-#define FILECHUNQ 32768
-
-/*
- * J A R _ c a l c u l a t e _ d i g e s t
- *
- * Quick calculation of a digest for
- * the specified block of memory. Will calculate
- * for all supported algorithms, now MD5.
- *
- * This version supports huge pointers for WIN16.
- *
- */
-
-JAR_Digest * PR_CALLBACK JAR_calculate_digest (void ZHUGEP *data, long length)
- {
- long chunq;
- JAR_Digest *dig;
-
- unsigned int md5_length, sha1_length;
-
- PK11Context *md5 = 0;
- PK11Context *sha1 = 0;
-
- dig = (JAR_Digest *) PORT_ZAlloc (sizeof (JAR_Digest));
-
- if (dig == NULL)
- {
- /* out of memory allocating digest */
- return NULL;
- }
-
-#if defined(XP_WIN16)
- PORT_Assert ( !IsBadHugeReadPtr(data, length) );
-#endif
-
- md5 = PK11_CreateDigestContext (SEC_OID_MD5);
- sha1 = PK11_CreateDigestContext (SEC_OID_SHA1);
-
- if (length >= 0)
- {
- PK11_DigestBegin (md5);
- PK11_DigestBegin (sha1);
-
- do {
- chunq = length;
-
-#ifdef XP_WIN16
- if (length > CHUNQ) chunq = CHUNQ;
-
- /*
- * If the block of data crosses one or more segment
- * boundaries then only pass the chunk of data in the
- * first segment.
- *
- * This allows the data to be treated as FAR by the
- * PK11_DigestOp(...) routine.
- *
- */
-
- if (OFFSETOF(data) + chunq >= 0x10000)
- chunq = 0x10000 - OFFSETOF(data);
-#endif
-
- PK11_DigestOp (md5, (unsigned char*)data, chunq);
- PK11_DigestOp (sha1, (unsigned char*)data, chunq);
-
- length -= chunq;
- data = ((char ZHUGEP *) data + chunq);
- }
- while (length > 0);
-
- PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH);
- PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
- PK11_DestroyContext (md5, PR_TRUE);
- PK11_DestroyContext (sha1, PR_TRUE);
- }
-
- return dig;
- }
-
-/*
- * J A R _ d i g e s t _ f i l e
- *
- * Calculates the MD5 and SHA1 digests for a file
- * present on disk, and returns these in JAR_Digest struct.
- *
- */
-
-int JAR_digest_file (char *filename, JAR_Digest *dig)
- {
- JAR_FILE fp;
-
- int num;
- unsigned char *buf;
-
- PK11Context *md5 = 0;
- PK11Context *sha1 = 0;
-
- unsigned int md5_length, sha1_length;
-
- buf = (unsigned char *) PORT_ZAlloc (FILECHUNQ);
- if (buf == NULL)
- {
- /* out of memory */
- return JAR_ERR_MEMORY;
- }
-
- if ((fp = JAR_FOPEN (filename, "rb")) == 0)
- {
- /* perror (filename); FIX XXX XXX XXX XXX XXX XXX */
- PORT_Free (buf);
- return JAR_ERR_FNF;
- }
-
- md5 = PK11_CreateDigestContext (SEC_OID_MD5);
- sha1 = PK11_CreateDigestContext (SEC_OID_SHA1);
-
- if (md5 == NULL || sha1 == NULL)
- {
- /* can't generate digest contexts */
- PORT_Free (buf);
- JAR_FCLOSE (fp);
- return JAR_ERR_GENERAL;
- }
-
- PK11_DigestBegin (md5);
- PK11_DigestBegin (sha1);
-
- while (1)
- {
- if ((num = JAR_FREAD (fp, buf, FILECHUNQ)) == 0)
- break;
-
- PK11_DigestOp (md5, buf, num);
- PK11_DigestOp (sha1, buf, num);
- }
-
- PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH);
- PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
- PK11_DestroyContext (md5, PR_TRUE);
- PK11_DestroyContext (sha1, PR_TRUE);
-
- PORT_Free (buf);
- JAR_FCLOSE (fp);
-
- return 0;
- }
-
-/*
- * J A R _ o p e n _ k e y _ d a t a b a s e
- *
- */
-
-void* jar_open_key_database (void)
- {
- return NULL;
- }
-
-int jar_close_key_database (void *keydb)
- {
- /* We never do close it */
- return 0;
- }
-
-
-/*
- * j a r _ c r e a t e _ p k 7
- *
- */
-
-static void jar_pk7_out (void *arg, const char *buf, unsigned long len)
- {
- JAR_FWRITE ((JAR_FILE) arg, buf, len);
- }
-
-int jar_create_pk7
- (CERTCertDBHandle *certdb, void *keydb,
- CERTCertificate *cert, char *password, JAR_FILE infp, JAR_FILE outfp)
- {
- int nb;
- unsigned char buffer [4096], digestdata[32];
- const SECHashObject *hashObj;
- void *hashcx;
- unsigned int len;
-
- int status = 0;
- char *errstring;
-
- SECItem digest;
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- void /*MWContext*/ *mw;
-
- if (outfp == NULL || infp == NULL || cert == NULL)
- return JAR_ERR_GENERAL;
-
- /* we sign with SHA */
- hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return JAR_ERR_GENERAL;
-
- (* hashObj->begin)(hashcx);
-
- while (1)
- {
- /* nspr2.0 doesn't support feof
- if (feof (infp)) break; */
-
- nb = JAR_FREAD (infp, buffer, sizeof (buffer));
- if (nb == 0)
- {
-#if 0
- if (ferror(infp))
- {
- /* PORT_SetError(SEC_ERROR_IO); */ /* FIX */
- (* hashObj->destroy) (hashcx, PR_TRUE);
- return JAR_ERR_GENERAL;
- }
-#endif
- /* eof */
- break;
- }
- (* hashObj->update) (hashcx, buffer, nb);
- }
-
- (* hashObj->end) (hashcx, digestdata, &len, 32);
- (* hashObj->destroy) (hashcx, PR_TRUE);
-
- digest.data = digestdata;
- digest.len = len;
-
- /* signtool must use any old context it can find since it's
- calling from inside javaland. */
-
-#ifdef MOZILLA_CLIENT_OLD
- mw = XP_FindSomeContext();
-#else
- mw = NULL;
-#endif
-
- PORT_SetError (0);
-
- cinfo = SEC_PKCS7CreateSignedData
- (cert, certUsageObjectSigner, NULL,
- SEC_OID_SHA1, &digest, NULL, (void *) mw);
-
- if (cinfo == NULL)
- return JAR_ERR_PK7;
-
- rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
- if (rv != SECSuccess)
- {
- status = PORT_GetError();
- SEC_PKCS7DestroyContentInfo (cinfo);
- return status;
- }
-
- /* Having this here forces signtool to always include
- signing time. */
-
- rv = SEC_PKCS7AddSigningTime (cinfo);
- if (rv != SECSuccess)
- {
- /* don't check error */
- }
-
- PORT_SetError (0);
-
-#ifdef USE_MOZ_THREAD
- /* if calling from mozilla */
- rv = jar_moz_encode
- (cinfo, jar_pk7_out, outfp,
- NULL, /* pwfn */ NULL, /* pwarg */ (void *) mw);
-#else
- /* if calling from mozilla thread*/
- rv = SEC_PKCS7Encode
- (cinfo, jar_pk7_out, outfp,
- NULL, /* pwfn */ NULL, /* pwarg */ (void *) mw):
-#endif
-
- if (rv != SECSuccess)
- status = PORT_GetError();
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- {
- errstring = JAR_get_error (status);
- /*XP_TRACE (("Jar signing failed (reason %d = %s)", status, errstring));*/
- return status < 0 ? status : JAR_ERR_GENERAL;
- }
-
- return 0;
- }
diff --git a/security/nss/lib/jar/jarver.c b/security/nss/lib/jar/jarver.c
deleted file mode 100644
index a6e13d9f5..000000000
--- a/security/nss/lib/jar/jarver.c
+++ /dev/null
@@ -1,2018 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARVER
- *
- * Jarnature Parsing & Verification
- */
-
-#define USE_MOZ_THREAD
-
-#include "jar.h"
-#include "jarint.h"
-
-#ifdef USE_MOZ_THREAD
-#include "jarevil.h"
-#endif
-/*#include "cdbhdl.h" */
-#include "secder.h"
-
-/* to use huge pointers in win16 */
-
-#if !defined(XP_WIN16)
-#define xp_HUGE_MEMCPY PORT_Memcpy
-#define xp_HUGE_STRCPY PORT_Strcpy
-#define xp_HUGE_STRLEN PORT_Strlen
-#define xp_HUGE_STRNCASECMP PORT_Strncasecmp
-#else
-#define xp_HUGE_MEMCPY hmemcpy
-int xp_HUGE_STRNCASECMP (char ZHUGEP *buf, char *key, int len);
-size_t xp_HUGE_STRLEN (char ZHUGEP *s);
-char *xp_HUGE_STRCPY (char *to, char ZHUGEP *from);
-#endif
-
-/* from certdb.h */
-#define CERTDB_USER (1<<6)
-
-#define SZ 512
-
-static int jar_validate_pkcs7
- (JAR *jar, JAR_Signer *signer, char *data, long length);
-
-static void jar_catch_bytes
- (void *arg, const char *buf, unsigned long len);
-
-static int jar_gather_signers
- (JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo);
-
-static char ZHUGEP *jar_eat_line
- (int lines, int eating, char ZHUGEP *data, long *len);
-
-static JAR_Digest *jar_digest_section
- (char ZHUGEP *manifest, long length);
-
-static JAR_Digest *jar_get_mf_digest (JAR *jar, char *path);
-
-static int jar_parse_digital_signature
- (char *raw_manifest, JAR_Signer *signer, long length, JAR *jar);
-
-static int jar_add_cert
- (JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert);
-
-static CERTCertificate *jar_get_certificate
- (JAR *jar, long keylen, void *key, int *result);
-
-static char *jar_cert_element (char *name, char *tag, int occ);
-
-static char *jar_choose_nickname (CERTCertificate *cert);
-
-static char *jar_basename (const char *path);
-
-static int jar_signal
- (int status, JAR *jar, const char *metafile, char *pathname);
-
-#ifdef DEBUG
-static int jar_insanity_check (char ZHUGEP *data, long length);
-#endif
-
-int jar_parse_mf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-int jar_parse_sf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-int jar_parse_sig
- (JAR *jar, const char *path, char ZHUGEP *raw_manifest, long length);
-
-int jar_parse_any
- (JAR *jar, int type, JAR_Signer *signer, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-static int jar_internal_digest
- (JAR *jar, const char *path, char *x_name, JAR_Digest *dig);
-
-/*
- * J A R _ p a r s e _ m a n i f e s t
- *
- * Pass manifest files to this function. They are
- * decoded and placed into internal representations.
- *
- * Accepts both signature and manifest files. Use
- * the same "jar" for both.
- *
- */
-
-int JAR_parse_manifest
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
-
-#if defined(XP_WIN16)
- PORT_Assert( !IsBadHugeReadPtr(raw_manifest, length) );
-#endif
-
- /* fill in the path, if supplied. This is a the location
- of the jar file on disk, if known */
-
- if (jar->filename == NULL && path)
- {
- jar->filename = PORT_Strdup (path);
- if (jar->filename == NULL)
- return JAR_ERR_MEMORY;
- }
-
- /* fill in the URL, if supplied. This is the place
- from which the jar file was retrieved. */
-
- if (jar->url == NULL && url)
- {
- jar->url = PORT_Strdup (url);
- if (jar->url == NULL)
- return JAR_ERR_MEMORY;
- }
-
- /* Determine what kind of file this is from the META-INF
- directory. It could be MF, SF, or a binary RSA/DSA file */
-
- if (!xp_HUGE_STRNCASECMP (raw_manifest, "Manifest-Version:", 17))
- {
- return jar_parse_mf (jar, raw_manifest, length, path, url);
- }
- else if (!xp_HUGE_STRNCASECMP (raw_manifest, "Signature-Version:", 18))
- {
- return jar_parse_sf (jar, raw_manifest, length, path, url);
- }
- else
- {
- /* This is probably a binary signature */
- return jar_parse_sig (jar, path, raw_manifest, length);
- }
- }
-
-/*
- * j a r _ p a r s e _ s i g
- *
- * Pass some manner of RSA or DSA digital signature
- * on, after checking to see if it comes at an appropriate state.
- *
- */
-
-int jar_parse_sig
- (JAR *jar, const char *path, char ZHUGEP *raw_manifest, long length)
- {
- JAR_Signer *signer;
- int status = JAR_ERR_ORDER;
-
- if (length <= 128)
- {
- /* signature is way too small */
- return JAR_ERR_SIG;
- }
-
- /* make sure that MF and SF have already been processed */
-
- if (jar->globalmeta == NULL)
- return JAR_ERR_ORDER;
-
-#if 0
- /* XXX Turn this on to disable multiple signers */
- if (jar->digest == NULL)
- return JAR_ERR_ORDER;
-#endif
-
- /* Determine whether or not this RSA file has
- has an associated SF file */
-
- if (path)
- {
- char *owner;
- owner = jar_basename (path);
-
- if (owner == NULL)
- return JAR_ERR_MEMORY;
-
- signer = jar_get_signer (jar, owner);
-
- PORT_Free (owner);
- }
- else
- signer = jar_get_signer (jar, "*");
-
- if (signer == NULL)
- return JAR_ERR_ORDER;
-
-
- /* Do not pass a huge pointer to this function,
- since the underlying security code is unaware. We will
- never pass >64k through here. */
-
- if (length > 64000)
- {
- /* this digital signature is way too big */
- return JAR_ERR_SIG;
- }
-
-#ifdef XP_WIN16
- /*
- * For Win16, copy the portion of the raw_buffer containing the digital
- * signature into another buffer... This insures that the data will
- * NOT cross a segment boundary. Therefore,
- * jar_parse_digital_signature(...) does NOT need to deal with HUGE
- * pointers...
- */
-
- {
- unsigned char *manifest_copy;
-
- manifest_copy = (unsigned char *) PORT_ZAlloc (length);
- if (manifest_copy)
- {
- xp_HUGE_MEMCPY (manifest_copy, raw_manifest, length);
-
- status = jar_parse_digital_signature
- (manifest_copy, signer, length, jar);
-
- PORT_Free (manifest_copy);
- }
- else
- {
- /* out of memory */
- return JAR_ERR_MEMORY;
- }
- }
-#else
- /* don't expense unneeded calloc overhead on non-win16 */
- status = jar_parse_digital_signature
- (raw_manifest, signer, length, jar);
-#endif
-
- return status;
- }
-
-/*
- * j a r _ p a r s e _ m f
- *
- * Parse the META-INF/manifest.mf file, whose
- * information applies to all signers.
- *
- */
-
-int jar_parse_mf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
- if (jar->globalmeta)
- {
- /* refuse a second manifest file, if passed for some reason */
- return JAR_ERR_ORDER;
- }
-
-
- /* remember a digest for the global section */
-
- jar->globalmeta = jar_digest_section (raw_manifest, length);
-
- if (jar->globalmeta == NULL)
- return JAR_ERR_MEMORY;
-
-
- return jar_parse_any
- (jar, jarTypeMF, NULL, raw_manifest, length, path, url);
- }
-
-/*
- * j a r _ p a r s e _ s f
- *
- * Parse META-INF/xxx.sf, a digitally signed file
- * pointing to a subset of MF sections.
- *
- */
-
-int jar_parse_sf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
- JAR_Signer *signer = NULL;
- int status = JAR_ERR_MEMORY;
-
- if (jar->globalmeta == NULL)
- {
- /* It is a requirement that the MF file be passed before the SF file */
- return JAR_ERR_ORDER;
- }
-
- signer = JAR_new_signer();
-
- if (signer == NULL)
- goto loser;
-
- if (path)
- {
- signer->owner = jar_basename (path);
- if (signer->owner == NULL)
- goto loser;
- }
-
-
- /* check for priors. When someone doctors a jar file
- to contain identical path entries, prevent the second
- one from affecting JAR functions */
-
- if (jar_get_signer (jar, signer->owner))
- {
- /* someone is trying to spoof us */
- status = JAR_ERR_ORDER;
- goto loser;
- }
-
-
- /* remember its digest */
-
- signer->digest = JAR_calculate_digest (raw_manifest, length);
-
- if (signer->digest == NULL)
- goto loser;
-
- /* Add this signer to the jar */
-
- ADDITEM (jar->signers, jarTypeOwner,
- signer->owner, signer, sizeof (JAR_Signer));
-
-
- return jar_parse_any
- (jar, jarTypeSF, signer, raw_manifest, length, path, url);
-
-loser:
-
- if (signer)
- JAR_destroy_signer (signer);
-
- return status;
- }
-
-/*
- * j a r _ p a r s e _ a n y
- *
- * Parse a MF or SF manifest file.
- *
- */
-
-int jar_parse_any
- (JAR *jar, int type, JAR_Signer *signer, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
- int status;
-
- long raw_len;
-
- JAR_Digest *dig, *mfdig = NULL;
-
- char line [SZ];
- char x_name [SZ], x_md5 [SZ], x_sha [SZ];
-
- char *x_info;
-
- char *sf_md5 = NULL, *sf_sha1 = NULL;
-
- *x_name = 0;
- *x_md5 = 0;
- *x_sha = 0;
-
- PORT_Assert( length > 0 );
- raw_len = length;
-
-#ifdef DEBUG
- if ((status = jar_insanity_check (raw_manifest, raw_len)) < 0)
- return status;
-#endif
-
-
- /* null terminate the first line */
- raw_manifest = jar_eat_line (0, PR_TRUE, raw_manifest, &raw_len);
-
-
- /* skip over the preliminary section */
- /* This is one section at the top of the file with global metainfo */
-
- while (raw_len)
- {
- JAR_Metainfo *met;
-
- raw_manifest = jar_eat_line (1, PR_TRUE, raw_manifest, &raw_len);
- if (!*raw_manifest) break;
-
- met = (JAR_Metainfo*)PORT_ZAlloc (sizeof (JAR_Metainfo));
- if (met == NULL)
- return JAR_ERR_MEMORY;
-
- /* Parse out the header & info */
-
- if (xp_HUGE_STRLEN (raw_manifest) >= SZ)
- {
- /* almost certainly nonsense */
- continue;
- }
-
- xp_HUGE_STRCPY (line, raw_manifest);
- x_info = line;
-
- while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
- x_info++;
-
- if (*x_info) *x_info++ = 0;
-
- while (*x_info == ' ' || *x_info == '\t')
- x_info++;
-
- /* metainfo (name, value) pair is now (line, x_info) */
-
- met->header = PORT_Strdup (line);
- met->info = PORT_Strdup (x_info);
-
- if (type == jarTypeMF)
- {
- ADDITEM (jar->metainfo, jarTypeMeta,
- /* pathname */ NULL, met, sizeof (JAR_Metainfo));
- }
-
- /* For SF files, this metadata may be the digests
- of the MF file, still in the "met" structure. */
-
- if (type == jarTypeSF)
- {
- if (!PORT_Strcasecmp (line, "MD5-Digest"))
- sf_md5 = (char *) met->info;
-
- if (!PORT_Strcasecmp (line, "SHA1-Digest") || !PORT_Strcasecmp (line, "SHA-Digest"))
- sf_sha1 = (char *) met->info;
- }
- }
-
- if (type == jarTypeSF && jar->globalmeta)
- {
- /* this is a SF file which may contain a digest of the manifest.mf's
- global metainfo. */
-
- int match = 0;
- JAR_Digest *glob = jar->globalmeta;
-
- if (sf_md5)
- {
- unsigned int md5_length;
- unsigned char *md5_digest;
-
- md5_digest = ATOB_AsciiToData (sf_md5, &md5_length);
- PORT_Assert( md5_length == MD5_LENGTH );
-
- if (md5_length != MD5_LENGTH)
- return JAR_ERR_CORRUPT;
-
- match = PORT_Memcmp (md5_digest, glob->md5, MD5_LENGTH);
- }
-
- if (sf_sha1 && match == 0)
- {
- unsigned int sha1_length;
- unsigned char *sha1_digest;
-
- sha1_digest = ATOB_AsciiToData (sf_sha1, &sha1_length);
- PORT_Assert( sha1_length == SHA1_LENGTH );
-
- if (sha1_length != SHA1_LENGTH)
- return JAR_ERR_CORRUPT;
-
- match = PORT_Memcmp (sha1_digest, glob->sha1, SHA1_LENGTH);
- }
-
- if (match != 0)
- {
- /* global digest doesn't match, SF file therefore invalid */
- jar->valid = JAR_ERR_METADATA;
- return JAR_ERR_METADATA;
- }
- }
-
- /* done with top section of global data */
-
-
- while (raw_len)
- {
- *x_md5 = 0;
- *x_sha = 0;
- *x_name = 0;
-
-
- /* If this is a manifest file, attempt to get a digest of the following section,
- without damaging it. This digest will be saved later. */
-
- if (type == jarTypeMF)
- {
- char ZHUGEP *sec;
- long sec_len = raw_len;
-
- if (!*raw_manifest || *raw_manifest == '\n')
- {
- /* skip the blank line */
- sec = jar_eat_line (1, PR_FALSE, raw_manifest, &sec_len);
- }
- else
- sec = raw_manifest;
-
- if (!xp_HUGE_STRNCASECMP (sec, "Name:", 5))
- {
- if (type == jarTypeMF)
- mfdig = jar_digest_section (sec, sec_len);
- else
- mfdig = NULL;
- }
- }
-
-
- while (raw_len)
- {
- raw_manifest = jar_eat_line (1, PR_TRUE, raw_manifest, &raw_len);
- if (!*raw_manifest) break; /* blank line, done with this entry */
-
- if (xp_HUGE_STRLEN (raw_manifest) >= SZ)
- {
- /* almost certainly nonsense */
- continue;
- }
-
-
- /* Parse out the name/value pair */
-
- xp_HUGE_STRCPY (line, raw_manifest);
- x_info = line;
-
- while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
- x_info++;
-
- if (*x_info) *x_info++ = 0;
-
- while (*x_info == ' ' || *x_info == '\t')
- x_info++;
-
-
- if (!PORT_Strcasecmp (line, "Name"))
- PORT_Strcpy (x_name, x_info);
-
- else if (!PORT_Strcasecmp (line, "MD5-Digest"))
- PORT_Strcpy (x_md5, x_info);
-
- else if (!PORT_Strcasecmp (line, "SHA1-Digest")
- || !PORT_Strcasecmp (line, "SHA-Digest"))
- {
- PORT_Strcpy (x_sha, x_info);
- }
-
- /* Algorithm list is meta info we don't care about; keeping it out
- of metadata saves significant space for large jar files */
-
- else if (!PORT_Strcasecmp (line, "Digest-Algorithms")
- || !PORT_Strcasecmp (line, "Hash-Algorithms"))
- {
- continue;
- }
-
- /* Meta info is only collected for the manifest.mf file,
- since the JAR_get_metainfo call does not support identity */
-
- else if (type == jarTypeMF)
- {
- JAR_Metainfo *met;
-
- /* this is meta-data */
-
- met = (JAR_Metainfo*)PORT_ZAlloc (sizeof (JAR_Metainfo));
-
- if (met == NULL)
- return JAR_ERR_MEMORY;
-
- /* metainfo (name, value) pair is now (line, x_info) */
-
- if ((met->header = PORT_Strdup (line)) == NULL)
- return JAR_ERR_MEMORY;
-
- if ((met->info = PORT_Strdup (x_info)) == NULL)
- return JAR_ERR_MEMORY;
-
- ADDITEM (jar->metainfo, jarTypeMeta,
- x_name, met, sizeof (JAR_Metainfo));
- }
- }
-
- if(!x_name || !*x_name) {
- /* Whatever that was, it wasn't an entry, because we didn't get a name.
- * We don't really have anything, so don't record this. */
- continue;
- }
-
- dig = (JAR_Digest*)PORT_ZAlloc (sizeof (JAR_Digest));
- if (dig == NULL)
- return JAR_ERR_MEMORY;
-
- if (*x_md5 )
- {
- unsigned int binary_length;
- unsigned char *binary_digest;
-
- binary_digest = ATOB_AsciiToData (x_md5, &binary_length);
- PORT_Assert( binary_length == MD5_LENGTH );
-
- if (binary_length != MD5_LENGTH)
- return JAR_ERR_CORRUPT;
-
- memcpy (dig->md5, binary_digest, MD5_LENGTH);
- dig->md5_status = jarHashPresent;
- }
-
- if (*x_sha )
- {
- unsigned int binary_length;
- unsigned char *binary_digest;
-
- binary_digest = ATOB_AsciiToData (x_sha, &binary_length);
- PORT_Assert( binary_length == SHA1_LENGTH );
-
- if (binary_length != SHA1_LENGTH)
- return JAR_ERR_CORRUPT;
-
- memcpy (dig->sha1, binary_digest, SHA1_LENGTH);
- dig->sha1_status = jarHashPresent;
- }
-
- PORT_Assert( type == jarTypeMF || type == jarTypeSF );
-
-
- if (type == jarTypeMF)
- {
- ADDITEM (jar->hashes, jarTypeMF, x_name, dig, sizeof (JAR_Digest));
- }
- else if (type == jarTypeSF)
- {
- ADDITEM (signer->sf, jarTypeSF, x_name, dig, sizeof (JAR_Digest));
- }
- else
- return JAR_ERR_ORDER;
-
- /* we're placing these calculated digests of manifest.mf
- sections in a list where they can subsequently be forgotten */
-
- if (type == jarTypeMF && mfdig)
- {
- ADDITEM (jar->manifest, jarTypeSect,
- x_name, mfdig, sizeof (JAR_Digest));
-
- mfdig = NULL;
- }
-
-
- /* Retrieve our saved SHA1 digest from saved copy and check digests.
- This is just comparing the digest of the MF section as indicated in
- the SF file with the one we remembered from parsing the MF file */
-
- if (type == jarTypeSF)
- {
- if ((status = jar_internal_digest (jar, path, x_name, dig)) < 0)
- return status;
- }
- }
-
- return 0;
- }
-
-static int jar_internal_digest
- (JAR *jar, const char *path, char *x_name, JAR_Digest *dig)
- {
- int cv;
- int status;
-
- JAR_Digest *savdig;
-
- savdig = jar_get_mf_digest (jar, x_name);
-
- if (savdig == NULL)
- {
- /* no .mf digest for this pathname */
- status = jar_signal (JAR_ERR_ENTRY, jar, path, x_name);
- if (status < 0)
- return 0; /* was continue; */
- else
- return status;
- }
-
- /* check for md5 consistency */
- if (dig->md5_status)
- {
- cv = PORT_Memcmp (savdig->md5, dig->md5, MD5_LENGTH);
- /* md5 hash of .mf file is not what expected */
- if (cv)
- {
- status = jar_signal (JAR_ERR_HASH, jar, path, x_name);
-
- /* bad hash, man */
-
- dig->md5_status = jarHashBad;
- savdig->md5_status = jarHashBad;
-
- if (status < 0)
- return 0; /* was continue; */
- else
- return status;
- }
- }
-
- /* check for sha1 consistency */
- if (dig->sha1_status)
- {
- cv = PORT_Memcmp (savdig->sha1, dig->sha1, SHA1_LENGTH);
- /* sha1 hash of .mf file is not what expected */
- if (cv)
- {
- status = jar_signal (JAR_ERR_HASH, jar, path, x_name);
-
- /* bad hash, man */
-
- dig->sha1_status = jarHashBad;
- savdig->sha1_status = jarHashBad;
-
- if (status < 0)
- return 0; /* was continue; */
- else
- return status;
- }
- }
- return 0;
- }
-
-#ifdef DEBUG
-/*
- * j a r _ i n s a n i t y _ c h e c k
- *
- * Check for illegal characters (or possibly so)
- * in the manifest files, to detect potential memory
- * corruption by our neighbors. Debug only, since
- * not I18N safe.
- *
- */
-
-static int jar_insanity_check (char ZHUGEP *data, long length)
- {
- int c;
- long off;
-
- for (off = 0; off < length; off++)
- {
- c = data [off];
-
- if (c == '\n' || c == '\r' || (c >= ' ' && c <= 128))
- continue;
-
- return JAR_ERR_CORRUPT;
- }
-
- return 0;
- }
-#endif
-
-/*
- * j a r _ p a r s e _ d i g i t a l _ s i g n a t u r e
- *
- * Parse an RSA or DSA (or perhaps other) digital signature.
- * Right now everything is PKCS7.
- *
- */
-
-static int jar_parse_digital_signature
- (char *raw_manifest, JAR_Signer *signer, long length, JAR *jar)
- {
-#if defined(XP_WIN16)
- PORT_Assert( LOWORD(raw_manifest) + length < 0xFFFF );
-#endif
- return jar_validate_pkcs7 (jar, signer, raw_manifest, length);
- }
-
-/*
- * j a r _ a d d _ c e r t
- *
- * Add information for the given certificate
- * (or whatever) to the JAR linked list. A pointer
- * is passed for some relevant reference, say
- * for example the original certificate.
- *
- */
-
-static int jar_add_cert
- (JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert)
- {
- JAR_Cert *fing;
- unsigned char *keyData;
-
- if (cert == NULL)
- return JAR_ERR_ORDER;
-
- fing = (JAR_Cert*)PORT_ZAlloc (sizeof (JAR_Cert));
-
- if (fing == NULL)
- goto loser;
-
-#ifdef USE_MOZ_THREAD
- fing->cert = jar_moz_dup (cert);
-#else
- fing->cert = CERT_DupCertificate (cert);
-#endif
-
- /* get the certkey */
-
- fing->length = cert->derIssuer.len + 2 + cert->serialNumber.len;
-
- keyData = (unsigned char *) PORT_ZAlloc (fing->length);
- fing->key = keyData;
-
- if (fing->key == NULL)
- goto loser;
- keyData[0] = ((cert->derIssuer.len) >> 8) & 0xff;
- keyData[1] = ((cert->derIssuer.len) & 0xff);
- PORT_Memcpy (&keyData[2], cert->derIssuer.data, cert->derIssuer.len);
- PORT_Memcpy (&keyData[2+cert->derIssuer.len], cert->serialNumber.data,
- cert->serialNumber.len);
-
- ADDITEM (signer->certs, type,
- /* pathname */ NULL, fing, sizeof (JAR_Cert));
-
- return 0;
-
-loser:
-
- if (fing)
- {
- if (fing->cert)
- CERT_DestroyCertificate (fing->cert);
-
- PORT_Free (fing);
- }
-
- return JAR_ERR_MEMORY;
- }
-
-/*
- * e a t _ l i n e
- *
- * Consume an ascii line from the top of a file kept
- * in memory. This destroys the file in place. This function
- * handles PC, Mac, and Unix style text files.
- *
- */
-
-static char ZHUGEP *jar_eat_line
- (int lines, int eating, char ZHUGEP *data, long *len)
- {
- char ZHUGEP *ret;
-
- ret = data;
- if (!*len) return ret;
-
- /* Eat the requisite number of lines, if any;
- prior to terminating the current line with a 0. */
-
- for (/* yip */ ; lines; lines--)
- {
- while (*data && *data != '\n')
- data++;
-
- /* After the CR, ok to eat one LF */
-
- if (*data == '\n')
- data++;
-
- /* If there are zeros, we put them there */
-
- while (*data == 0 && data - ret < *len)
- data++;
- }
-
- *len -= data - ret;
- ret = data;
-
- if (eating)
- {
- /* Terminate this line with a 0 */
-
- while (*data && *data != '\n' && *data != '\r')
- data++;
-
- /* In any case we are allowed to eat CR */
-
- if (*data == '\r')
- *data++ = 0;
-
- /* After the CR, ok to eat one LF */
-
- if (*data == '\n')
- *data++ = 0;
- }
-
- return ret;
- }
-
-/*
- * j a r _ d i g e s t _ s e c t i o n
- *
- * Return the digests of the next section of the manifest file.
- * Does not damage the manifest file, unlike parse_manifest.
- *
- */
-
-static JAR_Digest *jar_digest_section
- (char ZHUGEP *manifest, long length)
- {
- long global_len;
- char ZHUGEP *global_end;
-
- global_end = manifest;
- global_len = length;
-
- while (global_len)
- {
- global_end = jar_eat_line (1, PR_FALSE, global_end, &global_len);
- if (*global_end == 0 || *global_end == '\n')
- break;
- }
-
- return JAR_calculate_digest (manifest, global_end - manifest);
- }
-
-/*
- * J A R _ v e r i f y _ d i g e s t
- *
- * Verifies that a precalculated digest matches the
- * expected value in the manifest.
- *
- */
-
-int PR_CALLBACK JAR_verify_digest
- (JAR *jar, const char *name, JAR_Digest *dig)
- {
- JAR_Item *it;
-
- JAR_Digest *shindig;
-
- ZZLink *link;
- ZZList *list;
-
- int result1, result2;
-
- list = jar->hashes;
-
- result1 = result2 = 0;
-
- if (jar->valid < 0)
- {
- /* signature not valid */
- return JAR_ERR_SIG;
- }
-
- if (ZZ_ListEmpty (list))
- {
- /* empty list */
- return JAR_ERR_PNF;
- }
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypeMF
- && it->pathname && !PORT_Strcmp (it->pathname, name))
- {
- shindig = (JAR_Digest *) it->data;
-
- if (shindig->md5_status)
- {
- if (shindig->md5_status == jarHashBad)
- return JAR_ERR_HASH;
- else
- result1 = memcmp (dig->md5, shindig->md5, MD5_LENGTH);
- }
-
- if (shindig->sha1_status)
- {
- if (shindig->sha1_status == jarHashBad)
- return JAR_ERR_HASH;
- else
- result2 = memcmp (dig->sha1, shindig->sha1, SHA1_LENGTH);
- }
-
- return (result1 == 0 && result2 == 0) ? 0 : JAR_ERR_HASH;
- }
- }
-
- return JAR_ERR_PNF;
- }
-
-/*
- * J A R _ c e r t _ a t t r i b u t e
- *
- * Return the named certificate attribute from the
- * certificate specified by the given key.
- *
- */
-
-int PR_CALLBACK JAR_cert_attribute
- (JAR *jar, jarCert attrib, long keylen, void *key,
- void **result, unsigned long *length)
- {
- int status = 0;
- char *ret = NULL;
-
- CERTCertificate *cert;
-
- CERTCertDBHandle *certdb;
-
- JAR_Digest *dig;
- SECItem hexme;
-
- *length = 0;
-
- if (attrib == 0 || key == 0)
- return JAR_ERR_GENERAL;
-
- if (attrib == jarCertJavaHack)
- {
- cert = (CERTCertificate *) NULL;
- certdb = JAR_open_database();
-
- if (certdb)
- {
-#ifdef USE_MOZ_THREAD
- cert = jar_moz_nickname (certdb, (char*)key);
-#else
- cert = CERT_FindCertByNickname (certdb, key);
-#endif
-
- if (cert)
- {
- *length = cert->certKey.len;
-
- *result = (void *) PORT_ZAlloc (*length);
-
- if (*result)
- PORT_Memcpy (*result, cert->certKey.data, *length);
- else
- return JAR_ERR_MEMORY;
- }
- JAR_close_database (certdb);
- }
-
- return cert ? 0 : JAR_ERR_GENERAL;
- }
-
- if (jar && jar->pkcs7 == 0)
- return JAR_ERR_GENERAL;
-
- cert = jar_get_certificate (jar, keylen, key, &status);
-
- if (cert == NULL || status < 0)
- return JAR_ERR_GENERAL;
-
-#define SEP " <br> "
-#define SEPLEN (PORT_Strlen(SEP))
-
- switch (attrib)
- {
- case jarCertCompany:
-
- ret = cert->subjectName;
-
- /* This is pretty ugly looking but only used
- here for this one purpose. */
-
- if (ret)
- {
- int retlen = 0;
-
- char *cer_ou1, *cer_ou2, *cer_ou3;
- char *cer_cn, *cer_e, *cer_o, *cer_l;
-
- cer_cn = CERT_GetCommonName (&cert->subject);
- cer_e = CERT_GetCertEmailAddress (&cert->subject);
- cer_ou3 = jar_cert_element (ret, "OU=", 3);
- cer_ou2 = jar_cert_element (ret, "OU=", 2);
- cer_ou1 = jar_cert_element (ret, "OU=", 1);
- cer_o = CERT_GetOrgName (&cert->subject);
- cer_l = CERT_GetCountryName (&cert->subject);
-
- if (cer_cn) retlen += SEPLEN + PORT_Strlen (cer_cn);
- if (cer_e) retlen += SEPLEN + PORT_Strlen (cer_e);
- if (cer_ou1) retlen += SEPLEN + PORT_Strlen (cer_ou1);
- if (cer_ou2) retlen += SEPLEN + PORT_Strlen (cer_ou2);
- if (cer_ou3) retlen += SEPLEN + PORT_Strlen (cer_ou3);
- if (cer_o) retlen += SEPLEN + PORT_Strlen (cer_o);
- if (cer_l) retlen += SEPLEN + PORT_Strlen (cer_l);
-
- ret = (char *) PORT_ZAlloc (1 + retlen);
-
- if (cer_cn) { PORT_Strcpy (ret, cer_cn); PORT_Strcat (ret, SEP); }
- if (cer_e) { PORT_Strcat (ret, cer_e); PORT_Strcat (ret, SEP); }
- if (cer_ou1) { PORT_Strcat (ret, cer_ou1); PORT_Strcat (ret, SEP); }
- if (cer_ou2) { PORT_Strcat (ret, cer_ou2); PORT_Strcat (ret, SEP); }
- if (cer_ou3) { PORT_Strcat (ret, cer_ou3); PORT_Strcat (ret, SEP); }
- if (cer_o) { PORT_Strcat (ret, cer_o); PORT_Strcat (ret, SEP); }
- if (cer_l) PORT_Strcat (ret, cer_l);
-
- /* return here to avoid unsightly memory leak */
-
- *result = ret;
- *length = PORT_Strlen (ret);
-
- return 0;
- }
- break;
-
- case jarCertCA:
-
- ret = cert->issuerName;
-
- if (ret)
- {
- int retlen = 0;
-
- char *cer_ou1, *cer_ou2, *cer_ou3;
- char *cer_cn, *cer_e, *cer_o, *cer_l;
-
- /* This is pretty ugly looking but only used
- here for this one purpose. */
-
- cer_cn = CERT_GetCommonName (&cert->issuer);
- cer_e = CERT_GetCertEmailAddress (&cert->issuer);
- cer_ou3 = jar_cert_element (ret, "OU=", 3);
- cer_ou2 = jar_cert_element (ret, "OU=", 2);
- cer_ou1 = jar_cert_element (ret, "OU=", 1);
- cer_o = CERT_GetOrgName (&cert->issuer);
- cer_l = CERT_GetCountryName (&cert->issuer);
-
- if (cer_cn) retlen += SEPLEN + PORT_Strlen (cer_cn);
- if (cer_e) retlen += SEPLEN + PORT_Strlen (cer_e);
- if (cer_ou1) retlen += SEPLEN + PORT_Strlen (cer_ou1);
- if (cer_ou2) retlen += SEPLEN + PORT_Strlen (cer_ou2);
- if (cer_ou3) retlen += SEPLEN + PORT_Strlen (cer_ou3);
- if (cer_o) retlen += SEPLEN + PORT_Strlen (cer_o);
- if (cer_l) retlen += SEPLEN + PORT_Strlen (cer_l);
-
- ret = (char *) PORT_ZAlloc (1 + retlen);
-
- if (cer_cn) { PORT_Strcpy (ret, cer_cn); PORT_Strcat (ret, SEP); }
- if (cer_e) { PORT_Strcat (ret, cer_e); PORT_Strcat (ret, SEP); }
- if (cer_ou1) { PORT_Strcat (ret, cer_ou1); PORT_Strcat (ret, SEP); }
- if (cer_ou2) { PORT_Strcat (ret, cer_ou2); PORT_Strcat (ret, SEP); }
- if (cer_ou3) { PORT_Strcat (ret, cer_ou3); PORT_Strcat (ret, SEP); }
- if (cer_o) { PORT_Strcat (ret, cer_o); PORT_Strcat (ret, SEP); }
- if (cer_l) PORT_Strcat (ret, cer_l);
-
- /* return here to avoid unsightly memory leak */
-
- *result = ret;
- *length = PORT_Strlen (ret);
-
- return 0;
- }
-
- break;
-
- case jarCertSerial:
-
- ret = CERT_Hexify (&cert->serialNumber, 1);
- break;
-
- case jarCertExpires:
-
- ret = DER_UTCDayToAscii (&cert->validity.notAfter);
- break;
-
- case jarCertNickname:
-
- ret = jar_choose_nickname (cert);
- break;
-
- case jarCertFinger:
-
- dig = JAR_calculate_digest
- ((char *) cert->derCert.data, cert->derCert.len);
-
- if (dig)
- {
- hexme.len = sizeof (dig->md5);
- hexme.data = dig->md5;
- ret = CERT_Hexify (&hexme, 1);
- }
- break;
-
- default:
-
- return JAR_ERR_GENERAL;
- }
-
- *result = ret ? PORT_Strdup (ret) : NULL;
- *length = ret ? PORT_Strlen (ret) : 0;
-
- return 0;
- }
-
-/*
- * j a r _ c e r t _ e l e m e n t
- *
- * Retrieve an element from an x400ish ascii
- * designator, in a hackish sort of way. The right
- * thing would probably be to sort AVATags.
- *
- */
-
-static char *jar_cert_element (char *name, char *tag, int occ)
- {
- if (name && tag)
- {
- char *s;
- int found = 0;
-
- while (occ--)
- {
- if (PORT_Strstr (name, tag))
- {
- name = PORT_Strstr (name, tag) + PORT_Strlen (tag);
- found = 1;
- }
- else
- {
- name = PORT_Strstr (name, "=");
- if (name == NULL) return NULL;
- found = 0;
- }
- }
-
- if (!found) return NULL;
-
- /* must mangle only the copy */
- name = PORT_Strdup (name);
-
- /* advance to next equal */
- for (s = name; *s && *s != '='; s++)
- /* yip */ ;
-
- /* back up to previous comma */
- while (s > name && *s != ',') s--;
-
- /* zap the whitespace and return */
- *s = 0;
- }
-
- return name;
- }
-
-/*
- * j a r _ c h o o s e _ n i c k n a m e
- *
- * Attempt to determine a suitable nickname for
- * a certificate with a computer-generated "tmpcertxxx"
- * nickname. It needs to be something a user can
- * understand, so try a few things.
- *
- */
-
-static char *jar_choose_nickname (CERTCertificate *cert)
- {
- char *cert_cn;
- char *cert_o;
- char *cert_cn_o;
-
- int cn_o_length;
-
- /* is the existing name ok */
-
- if (cert->nickname && PORT_Strncmp (cert->nickname, "tmpcert", 7))
- return PORT_Strdup (cert->nickname);
-
- /* we have an ugly name here people */
-
- /* Try the CN */
- cert_cn = CERT_GetCommonName (&cert->subject);
-
- if (cert_cn)
- {
- /* check for duplicate nickname */
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_nickname (CERT_GetDefaultCertDB(), cert_cn) == NULL)
-#else
- if (CERT_FindCertByNickname (CERT_GetDefaultCertDB(), cert_cn) == NULL)
-#endif
- return cert_cn;
-
- /* Try the CN plus O */
- cert_o = CERT_GetOrgName (&cert->subject);
-
- cn_o_length = PORT_Strlen (cert_cn) + 3 + PORT_Strlen (cert_o) + 20;
- cert_cn_o = (char*)PORT_ZAlloc (cn_o_length);
-
- PR_snprintf (cert_cn_o, cn_o_length,
- "%s's %s Certificate", cert_cn, cert_o);
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_nickname (CERT_GetDefaultCertDB(), cert_cn_o) == NULL)
-#else
- if (CERT_FindCertByNickname (CERT_GetDefaultCertDB(), cert_cn_o) == NULL)
-#endif
- return cert_cn;
- }
-
- /* If all that failed, use the ugly nickname */
- return cert->nickname ? PORT_Strdup (cert->nickname) : NULL;
- }
-
-/*
- * J A R _ c e r t _ h t m l
- *
- * Return an HTML representation of the certificate
- * designated by the given fingerprint, in specified style.
- *
- * JAR is optional, but supply it if you can in order
- * to optimize.
- *
- */
-
-char *JAR_cert_html
- (JAR *jar, int style, long keylen, void *key, int *result)
- {
- char *html;
- CERTCertificate *cert;
-
- *result = -1;
-
- if (style != 0)
- return NULL;
-
- cert = jar_get_certificate (jar, keylen, key, result);
-
- if (cert == NULL || *result < 0)
- return NULL;
-
- *result = -1;
-
- return NULL;
-
-#ifdef notdef
- html = CERT_HTMLCertInfo (cert, /* show images */ PR_TRUE,
- /*show issuer*/PR_TRUE);
-
- if (html == NULL)
- *result = -1;
-
- return html;
-#endif
- }
-
-/*
- * J A R _ s t a s h _ c e r t
- *
- * Stash the certificate pointed to by this
- * fingerprint, in persistent storage somewhere.
- *
- */
-
-extern int PR_CALLBACK JAR_stash_cert
- (JAR *jar, long keylen, void *key)
- {
- int result = 0;
-
- char *nickname;
- CERTCertTrust trust;
-
- CERTCertDBHandle *certdb;
- CERTCertificate *cert, *newcert;
-
- cert = jar_get_certificate (jar, keylen, key, &result);
-
- if (result < 0)
- return result;
-
- if (cert == NULL)
- return JAR_ERR_GENERAL;
-
- if ((certdb = JAR_open_database()) == NULL)
- return JAR_ERR_GENERAL;
-
- /* Attempt to give a name to the newish certificate */
- nickname = jar_choose_nickname (cert);
-
-#ifdef USE_MOZ_THREAD
- newcert = jar_moz_nickname (certdb, nickname);
-#else
- newcert = CERT_FindCertByNickname (certdb, nickname);
-#endif
-
- if (newcert && newcert->isperm)
- {
- /* already in permanant database */
- return 0;
- }
-
- if (newcert) cert = newcert;
-
- /* FIX, since FindCert returns a bogus dbhandle
- set it ourselves */
-
- cert->dbhandle = certdb;
-
-#if 0
- nickname = cert->subjectName;
- if (nickname)
- {
- /* Not checking for a conflict here. But this should
- be a new cert or it would have been found earlier. */
-
- nickname = jar_cert_element (nickname, "CN=", 1);
-
- if (SEC_CertNicknameConflict (nickname, cert->dbhandle))
- {
- /* conflict */
- nickname = PORT_Realloc (&nickname, PORT_Strlen (nickname) + 3);
-
- /* Beyond one copy, there are probably serious problems
- so we will stop at two rather than counting.. */
-
- PORT_Strcat (nickname, " #2");
- }
- }
-#endif
-
- if (nickname != NULL)
- {
- PORT_Memset ((void *) &trust, 0, sizeof(trust));
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_perm (cert, nickname, &trust) != SECSuccess)
-#else
- if (CERT_AddTempCertToPerm (cert, nickname, &trust) != SECSuccess)
-#endif
- {
- /* XXX might want to call PORT_GetError here */
- result = JAR_ERR_GENERAL;
- }
- }
-
- JAR_close_database (certdb);
-
- return result;
- }
-
-/*
- * J A R _ f e t c h _ c e r t
- *
- * Given an opaque identifier of a certificate,
- * return the full certificate.
- *
- * The new function, which retrieves by key.
- *
- */
-
-void *JAR_fetch_cert (long length, void *key)
- {
- CERTIssuerAndSN issuerSN;
- CERTCertificate *cert = NULL;
-
- CERTCertDBHandle *certdb;
-
- certdb = JAR_open_database();
-
- if (certdb)
- {
- unsigned char *keyData = (unsigned char *)key;
- issuerSN.derIssuer.len = (keyData[0] << 8) + keyData[0];
- issuerSN.derIssuer.data = &keyData[2];
- issuerSN.serialNumber.len = length - (2 + issuerSN.derIssuer.len);
- issuerSN.serialNumber.data = &keyData[2+issuerSN.derIssuer.len];
-
-#ifdef USE_MOZ_THREAD
- cert = jar_moz_certkey (certdb, &issuerSN);
-#else
- cert = CERT_FindCertByIssuerAndSN (certdb, &issuerSN);
-#endif
-
- JAR_close_database (certdb);
- }
-
- return (void *) cert;
- }
-
-/*
- * j a r _ g e t _ m f _ d i g e s t
- *
- * Retrieve a corresponding saved digest over a section
- * of the main manifest file.
- *
- */
-
-static JAR_Digest *jar_get_mf_digest (JAR *jar, char *pathname)
- {
- JAR_Item *it;
-
- JAR_Digest *dig;
-
- ZZLink *link;
- ZZList *list;
-
- list = jar->manifest;
-
- if (ZZ_ListEmpty (list))
- return NULL;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypeSect
- && it->pathname && !PORT_Strcmp (it->pathname, pathname))
- {
- dig = (JAR_Digest *) it->data;
- return dig;
- }
- }
-
- return NULL;
- }
-
-/*
- * j a r _ b a s e n a m e
- *
- * Return the basename -- leading components of path stripped off,
- * extension ripped off -- of a path.
- *
- */
-
-static char *jar_basename (const char *path)
- {
- char *pith, *e, *basename, *ext;
-
- if (path == NULL)
- return PORT_Strdup ("");
-
- pith = PORT_Strdup (path);
-
- basename = pith;
-
- while (1)
- {
- for (e = basename; *e && *e != '/' && *e != '\\'; e++)
- /* yip */ ;
- if (*e)
- basename = ++e;
- else
- break;
- }
-
- if ((ext = PORT_Strrchr (basename, '.')) != NULL)
- *ext = 0;
-
- /* We already have the space allocated */
- PORT_Strcpy (pith, basename);
-
- return pith;
- }
-
-/*
- * + + + + + + + + + + + + + + +
- *
- * CRYPTO ROUTINES FOR JAR
- *
- * The following functions are the cryptographic
- * interface to PKCS7 for Jarnatures.
- *
- * + + + + + + + + + + + + + + +
- *
- */
-
-/*
- * j a r _ c a t c h _ b y t e s
- *
- * In the event signatures contain enveloped data, it will show up here.
- * But note that the lib/pkcs7 routines aren't ready for it.
- *
- */
-
-static void jar_catch_bytes
- (void *arg, const char *buf, unsigned long len)
- {
- /* Actually this should never be called, since there is
- presumably no data in the signature itself. */
- }
-
-/*
- * j a r _ v a l i d a t e _ p k c s 7
- *
- * Validate (and decode, if necessary) a binary pkcs7
- * signature in DER format.
- *
- */
-
-static int jar_validate_pkcs7
- (JAR *jar, JAR_Signer *signer, char *data, long length)
- {
- SECItem detdig;
-
- SEC_PKCS7ContentInfo *cinfo = NULL;
- SEC_PKCS7DecoderContext *dcx;
-
- int status = 0;
- char *errstring = NULL;
-
- PORT_Assert( jar != NULL && signer != NULL );
-
- if (jar == NULL || signer == NULL)
- return JAR_ERR_ORDER;
-
- signer->valid = JAR_ERR_SIG;
-
- /* We need a context if we can get one */
-
-#ifdef MOZILLA_CLIENT_OLD
- if (jar->mw == NULL) {
- JAR_set_context (jar, NULL);
- }
-#endif
-
-
- dcx = SEC_PKCS7DecoderStart
- (jar_catch_bytes, NULL /*cb_arg*/, NULL /*getpassword*/, jar->mw,
- NULL, NULL, NULL);
-
- if (dcx == NULL)
- {
- /* strange pkcs7 failure */
- return JAR_ERR_PK7;
- }
-
- SEC_PKCS7DecoderUpdate (dcx, data, length);
- cinfo = SEC_PKCS7DecoderFinish (dcx);
-
- if (cinfo == NULL)
- {
- /* strange pkcs7 failure */
- return JAR_ERR_PK7;
- }
-
- if (SEC_PKCS7ContentIsEncrypted (cinfo))
- {
- /* content was encrypted, fail */
- return JAR_ERR_PK7;
- }
-
- if (SEC_PKCS7ContentIsSigned (cinfo) == PR_FALSE)
- {
- /* content was not signed, fail */
- return JAR_ERR_PK7;
- }
-
- PORT_SetError (0);
-
- /* use SHA1 only */
-
- detdig.len = SHA1_LENGTH;
- detdig.data = signer->digest->sha1;
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_verify
- (cinfo, certUsageObjectSigner, &detdig, HASH_AlgSHA1, PR_FALSE)==
- SECSuccess)
-#else
- if (SEC_PKCS7VerifyDetachedSignature
- (cinfo, certUsageObjectSigner, &detdig, HASH_AlgSHA1, PR_FALSE)==
- PR_TRUE)
-#endif
- {
- /* signature is valid */
- signer->valid = 0;
- jar_gather_signers (jar, signer, cinfo);
- }
- else
- {
- status = PORT_GetError();
-
- PORT_Assert( status < 0 );
- if (status >= 0) status = JAR_ERR_SIG;
-
- jar->valid = status;
- signer->valid = status;
-
- errstring = JAR_get_error (status);
- /*XP_TRACE(("JAR signature invalid (reason %d = %s)", status, errstring));*/
- }
-
- jar->pkcs7 = PR_TRUE;
- signer->pkcs7 = PR_TRUE;
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- return status;
- }
-
-/*
- * j a r _ g a t h e r _ s i g n e r s
- *
- * Add the single signer of this signature to the
- * certificate linked list.
- *
- */
-
-static int jar_gather_signers
- (JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo)
- {
- int result;
-
- CERTCertificate *cert;
- CERTCertDBHandle *certdb;
-
- SEC_PKCS7SignedData *sdp;
- SEC_PKCS7SignerInfo **pksigners, *pksigner;
-
- sdp = cinfo->content.signedData;
-
- if (sdp == NULL)
- return JAR_ERR_PK7;
-
- pksigners = sdp->signerInfos;
-
- /* permit exactly one signer */
-
- if (pksigners == NULL || pksigners [0] == NULL || pksigners [1] != NULL)
- return JAR_ERR_PK7;
-
- pksigner = *pksigners;
- cert = pksigner->cert;
-
- if (cert == NULL)
- return JAR_ERR_PK7;
-
- certdb = JAR_open_database();
-
- if (certdb == NULL)
- return JAR_ERR_GENERAL;
-
- result = jar_add_cert (jar, signer, jarTypeSign, cert);
-
- JAR_close_database (certdb);
-
- return result;
- }
-
-/*
- * j a r _ o p e n _ d a t a b a s e
- *
- * Open the certificate database,
- * for use by JAR functions.
- *
- */
-
-CERTCertDBHandle *JAR_open_database (void)
- {
- CERTCertDBHandle *certdb;
-
- certdb = CERT_GetDefaultCertDB();
-
- return certdb;
- }
-
-/*
- * j a r _ c l o s e _ d a t a b a s e
- *
- * Close the certificate database.
- * For use by JAR functions.
- *
- */
-
-int JAR_close_database (CERTCertDBHandle *certdb)
- {
-#ifdef notdef
- CERTCertDBHandle *defaultdb;
-
- /* This really just retrieves the handle, nothing more */
- defaultdb = CERT_GetDefaultCertDB();
-
- /* If there is no default db, it means we opened
- the permanent database for some reason */
-
- if (defaultdb == NULL && certdb != NULL)
- CERT_ClosePermCertDB (certdb);
-#endif
-
- return 0;
- }
-
-/*
- * j a r _ g e t _ c e r t i f i c a t e
- *
- * Return the certificate referenced
- * by a given fingerprint, or NULL if not found.
- * Error code is returned in result.
- *
- */
-
-static CERTCertificate *jar_get_certificate
- (JAR *jar, long keylen, void *key, int *result)
- {
- int found = 0;
-
- JAR_Item *it;
- JAR_Cert *fing = NULL;
-
- JAR_Context *ctx;
-
- if (jar == NULL)
- {
- void *cert;
- cert = JAR_fetch_cert (keylen, key);
- *result = (cert == NULL) ? JAR_ERR_GENERAL : 0;
- return (CERTCertificate *) cert;
- }
-
- ctx = JAR_find (jar, NULL, jarTypeSign);
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- fing = (JAR_Cert *) it->data;
-
- if (keylen != fing->length)
- continue;
-
- PORT_Assert( keylen < 0xFFFF );
- if (!PORT_Memcmp (fing->key, key, keylen))
- {
- found = 1;
- break;
- }
- }
-
- JAR_find_end (ctx);
-
- if (found == 0)
- {
- *result = JAR_ERR_GENERAL;
- return NULL;
- }
-
- PORT_Assert(fing != NULL);
- *result = 0;
- return fing->cert;
- }
-
-/*
- * j a r _ s i g n a l
- *
- * Nonfatal errors come here to callback Java.
- *
- */
-
-static int jar_signal
- (int status, JAR *jar, const char *metafile, char *pathname)
- {
- char *errstring;
-
- errstring = JAR_get_error (status);
-
- if (jar->signal)
- {
- (*jar->signal) (status, jar, metafile, pathname, errstring);
- return 0;
- }
-
- return status;
- }
-
-/*
- * j a r _ a p p e n d
- *
- * Tack on an element to one of a JAR's linked
- * lists, with rudimentary error handling.
- *
- */
-
-int jar_append (ZZList *list, int type,
- char *pathname, void *data, size_t size)
- {
- JAR_Item *it;
- ZZLink *entity;
-
- it = (JAR_Item*)PORT_ZAlloc (sizeof (JAR_Item));
-
- if (it == NULL)
- goto loser;
-
- if (pathname)
- {
- it->pathname = PORT_Strdup (pathname);
- if (it->pathname == NULL)
- goto loser;
- }
-
- it->type = (jarType)type;
- it->data = (unsigned char *) data;
- it->size = size;
-
- entity = ZZ_NewLink (it);
-
- if (entity)
- {
- ZZ_AppendLink (list, entity);
- return 0;
- }
-
-loser:
-
- if (it)
- {
- if (it->pathname) PORT_Free (it->pathname);
- PORT_Free (it);
- }
-
- return JAR_ERR_MEMORY;
- }
-
-/*
- * W I N 1 6 s t u f f
- *
- * These functions possibly belong in xp_mem.c, they operate
- * on huge string pointers for win16.
- *
- */
-
-#if defined(XP_WIN16)
-int xp_HUGE_STRNCASECMP (char ZHUGEP *buf, char *key, int len)
- {
- while (len--)
- {
- char c1, c2;
-
- c1 = *buf++;
- c2 = *key++;
-
- if (c1 >= 'a' && c1 <= 'z') c1 -= ('a' - 'A');
- if (c2 >= 'a' && c2 <= 'z') c2 -= ('a' - 'A');
-
- if (c1 != c2)
- return (c1 < c2) ? -1 : 1;
- }
- return 0;
- }
-
-size_t xp_HUGE_STRLEN (char ZHUGEP *s)
- {
- size_t len = 0L;
- while (*s++) len++;
- return len;
- }
-
-char *xp_HUGE_STRCPY (char *to, char ZHUGEP *from)
- {
- char *ret = to;
-
- while (*from)
- *to++ = *from++;
- *to = 0;
-
- return ret;
- }
-#endif
diff --git a/security/nss/lib/jar/jzconf.h b/security/nss/lib/jar/jzconf.h
deleted file mode 100644
index 278aaa5d5..000000000
--- a/security/nss/lib/jar/jzconf.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#ifndef _ZCONF_H
-#define _ZCONF_H
-
-/*
- * If you *really* need a unique prefix for all types and library functions,
- * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
- */
-#ifdef Z_PREFIX
-# define deflateInit_ z_deflateInit_
-# define deflate z_deflate
-# define deflateEnd z_deflateEnd
-# define inflateInit_ z_inflateInit_
-# define inflate z_inflate
-# define inflateEnd z_inflateEnd
-# define deflateInit2_ z_deflateInit2_
-# define deflateSetDictionary z_deflateSetDictionary
-# define deflateCopy z_deflateCopy
-# define deflateReset z_deflateReset
-# define deflateParams z_deflateParams
-# define inflateInit2_ z_inflateInit2_
-# define inflateSetDictionary z_inflateSetDictionary
-# define inflateSync z_inflateSync
-# define inflateReset z_inflateReset
-# define compress z_compress
-# define uncompress z_uncompress
-# define adler32 z_adler32
-# define crc32 z_crc32
-# define get_crc_table z_get_crc_table
-
-# define Byte z_Byte
-# define uInt z_uInt
-# define uLong z_uLong
-# define Bytef z_Bytef
-# define charf z_charf
-# define intf z_intf
-# define uIntf z_uIntf
-# define uLongf z_uLongf
-# define voidpf z_voidpf
-# define voidp z_voidp
-#endif
-
-#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-# define WIN32
-#endif
-#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-# ifndef __32BIT__
-# define __32BIT__
-# endif
-#endif
-#if defined(__MSDOS__) && !defined(MSDOS)
-# define MSDOS
-#endif
-
-/*
- * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
- * than 64k bytes at a time (needed on systems with 16-bit int).
- */
-#if defined(MSDOS) && !defined(__32BIT__)
-# define MAXSEG_64K
-#endif
-#ifdef MSDOS
-# define UNALIGNED_OK
-#endif
-
-#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2)) && !defined(STDC)
-# define STDC
-#endif
-#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
-# define STDC
-#endif
-
-#ifndef STDC
-# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-# define const
-# endif
-#endif
-
-/* Some Mac compilers merge all .h files incorrectly: */
-#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-# define NO_DUMMY_DECL
-#endif
-
-/* Maximum value for memLevel in deflateInit2 */
-#ifndef MAX_MEM_LEVEL
-# ifdef MAXSEG_64K
-# define MAX_MEM_LEVEL 8
-# else
-# define MAX_MEM_LEVEL 9
-# endif
-#endif
-
-/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
-#ifndef MAX_WBITS
-# define MAX_WBITS 15 /* 32K LZ77 window */
-#endif
-
-/* The memory requirements for deflate are (in bytes):
- 1 << (windowBits+2) + 1 << (memLevel+9)
- that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
- plus a few kilobytes for small objects. For example, if you want to reduce
- the default memory requirements from 256K to 128K, compile with
- make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
- Of course this will generally degrade compression (there's no free lunch).
-
- The memory requirements for inflate are (in bytes) 1 << windowBits
- that is, 32K for windowBits=15 (default value) plus a few kilobytes
- for small objects.
-*/
-
- /* Type declarations */
-
-#ifndef OF /* function prototypes */
-# ifdef STDC
-# define OF(args) args
-# else
-# define OF(args) ()
-# endif
-#endif
-
-/* The following definitions for FAR are needed only for MSDOS mixed
- * model programming (small or medium model with some far allocations).
- * This was tested only with MSC; for other MSDOS compilers you may have
- * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
- * just define FAR to be empty.
- */
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
- /* MSC small or medium model */
-# define SMALL_MEDIUM
-# ifdef _MSC_VER
-# define FAR __far
-# else
-# define FAR far
-# endif
-#endif
-#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-# ifndef __32BIT__
-# define SMALL_MEDIUM
-# define FAR __far
-# endif
-#endif
-#ifndef FAR
-# define FAR
-#endif
-
-typedef unsigned char Byte; /* 8 bits */
-typedef unsigned int uInt; /* 16 bits or more */
-typedef unsigned long uLong; /* 32 bits or more */
-
-#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
- /* Borland C/C++ ignores FAR inside typedef */
-# define Bytef Byte FAR
-#else
- typedef Byte FAR Bytef;
-#endif
-typedef char FAR charf;
-typedef int FAR intf;
-typedef uInt FAR uIntf;
-typedef uLong FAR uLongf;
-
-#ifdef STDC
- typedef void FAR *voidpf;
- typedef void *voidp;
-#else
- typedef Byte FAR *voidpf;
- typedef Byte *voidp;
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#else
-/* Compile with -DZLIB_DLL for Windows DLL support */
-#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
-# include <windows.h>
-# define EXPORT WINAPI
-#else
-# define EXPORT
-#endif
-
-#define PR_PUBLIC_API(type) type
-
-#endif /* MOZILLA_CLIENT */
-
-#endif /* _ZCONF_H */
diff --git a/security/nss/lib/jar/jzlib.h b/security/nss/lib/jar/jzlib.h
deleted file mode 100644
index dd5b4d8e9..000000000
--- a/security/nss/lib/jar/jzlib.h
+++ /dev/null
@@ -1,896 +0,0 @@
-/* zlib.h -- interface of the 'zlib' general purpose compression library
- version 1.0.4, Jul 24th, 1996.
-
- Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
- This software is provided 'as-is', without any express or implied
- warranty. In no event will the authors be held liable for any damages
- arising from the use of this software.
-
- Permission is granted to anyone to use this software for any purpose,
- including commercial applications, and to alter it and redistribute it
- freely, subject to the following restrictions:
-
- 1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
- 2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
- 3. This notice may not be removed or altered from any source distribution.
-
- Jean-loup Gailly Mark Adler
- gzip@prep.ai.mit.edu madler@alumni.caltech.edu
-
-
- The data format used by the zlib library is described by RFCs (Request for
- Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
- (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-*/
-/* This file was modified since it was taken from the zlib distribution */
-
-#ifndef _ZLIB_H
-#define _ZLIB_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "jzconf.h"
-#else
-#include "zconf.h"
-#endif
-
-#define ZLIB_VERSION "1.0.4"
-
-/*
- The 'zlib' compression library provides in-memory compression and
- decompression functions, including integrity checks of the uncompressed
- data. This version of the library supports only one compression method
- (deflation) but other algorithms may be added later and will have the same
- stream interface.
-
- For compression the application must provide the output buffer and
- may optionally provide the input buffer for optimization. For decompression,
- the application must provide the input buffer and may optionally provide
- the output buffer for optimization.
-
- Compression can be done in a single step if the buffers are large
- enough (for example if an input file is mmap'ed), or can be done by
- repeated calls of the compression function. In the latter case, the
- application must provide more input and/or consume the output
- (providing more output space) before each call.
-
- The library does not install any signal handler. It is recommended to
- add at least a handler for SIGSEGV when decompressing; the library checks
- the consistency of the input data whenever possible but may go nuts
- for some forms of corrupted input.
-*/
-
-typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-typedef void (*free_func) OF((voidpf opaque, voidpf address));
-
-struct internal_state;
-
-typedef struct z_stream_s {
- Bytef *next_in; /* next input byte */
- uInt avail_in; /* number of bytes available at next_in */
- uLong total_in; /* total nb of input bytes read so far */
-
- Bytef *next_out; /* next output byte should be put there */
- uInt avail_out; /* remaining free space at next_out */
- uLong total_out; /* total nb of bytes output so far */
-
- char *msg; /* last error message, NULL if no error */
- struct internal_state FAR *state; /* not visible by applications */
-
- alloc_func zalloc; /* used to allocate the internal state */
- free_func zfree; /* used to free the internal state */
- voidpf opaque; /* private data object passed to zalloc and zfree */
-
- int data_type; /* best guess about the data type: ascii or binary */
- uLong adler; /* adler32 value of the uncompressed data */
- uLong reserved; /* reserved for future use */
-} z_stream;
-
-typedef z_stream FAR *z_streamp;
-
-/*
- The application must update next_in and avail_in when avail_in has
- dropped to zero. It must update next_out and avail_out when avail_out
- has dropped to zero. The application must initialize zalloc, zfree and
- opaque before calling the init function. All other fields are set by the
- compression library and must not be updated by the application.
-
- The opaque value provided by the application will be passed as the first
- parameter for calls of zalloc and zfree. This can be useful for custom
- memory management. The compression library attaches no meaning to the
- opaque value.
-
- zalloc must return Z_NULL if there is not enough memory for the object.
- On 16-bit systems, the functions zalloc and zfree must be able to allocate
- exactly 65536 bytes, but will not be required to allocate more than this
- if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
- pointers returned by zalloc for objects of exactly 65536 bytes *must*
- have their offset normalized to zero. The default allocation function
- provided by this library ensures this (see zutil.c). To reduce memory
- requirements and avoid any allocation of 64K objects, at the expense of
- compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-
- The fields total_in and total_out can be used for statistics or
- progress reports. After compression, total_in holds the total size of
- the uncompressed data and may be saved for use in the decompressor
- (particularly if the decompressor wants to decompress everything in
- a single step).
-*/
-
- /* constants */
-
-#define Z_NO_FLUSH 0
-#define Z_PARTIAL_FLUSH 1
-#define Z_SYNC_FLUSH 2
-#define Z_FULL_FLUSH 3
-#define Z_FINISH 4
-/* Allowed flush values; see deflate() below for details */
-
-#define Z_OK 0
-#define Z_STREAM_END 1
-#define Z_NEED_DICT 2
-#define Z_ERRNO (-1)
-#define Z_STREAM_ERROR (-2)
-#define Z_DATA_ERROR (-3)
-#define Z_MEM_ERROR (-4)
-#define Z_BUF_ERROR (-5)
-#define Z_VERSION_ERROR (-6)
-/* Return codes for the compression/decompression functions. Negative
- * values are errors, positive values are used for special but normal events.
- */
-
-#define Z_NO_COMPRESSION 0
-#define Z_BEST_SPEED 1
-#define Z_BEST_COMPRESSION 9
-#define Z_DEFAULT_COMPRESSION (-1)
-/* compression levels */
-
-#define Z_FILTERED 1
-#define Z_HUFFMAN_ONLY 2
-#define Z_DEFAULT_STRATEGY 0
-/* compression strategy; see deflateInit2() below for details */
-
-#define Z_BINARY 0
-#define Z_ASCII 1
-#define Z_UNKNOWN 2
-/* Possible values of the data_type field */
-
-#define Z_DEFLATED 8
-/* The deflate compression method (the only one supported in this version) */
-
-#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
-
-#define zlib_version zlibVersion()
-/* for compatibility with versions < 1.0.2 */
-
- /* basic functions */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) zlibVersion (void);
-#else
-extern const char * EXPORT zlibVersion OF((void));
-#endif
-/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
- If the first character differs, the library code actually used is
- not compatible with the zlib.h header file used by the application.
- This check is automatically made by deflateInit and inflateInit.
- */
-
-/*
-extern int EXPORT deflateInit OF((z_streamp strm, int level));
-
- Initializes the internal stream state for compression. The fields
- zalloc, zfree and opaque must be initialized before by the caller.
- If zalloc and zfree are set to Z_NULL, deflateInit updates them to
- use default allocation functions.
-
- The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
- 1 gives best speed, 9 gives best compression, 0 gives no compression at
- all (the input data is simply copied a block at a time).
- Z_DEFAULT_COMPRESSION requests a default compromise between speed and
- compression (currently equivalent to level 6).
-
- deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if level is not a valid compression level,
- Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
- with the version assumed by the caller (ZLIB_VERSION).
- msg is set to null if there is no error message. deflateInit does not
- perform any compression: this will be done by deflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflate (z_streamp strm, int flush);
-#else
-extern int EXPORT deflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Compress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in and avail_in are updated and
- processing will resume at this point for the next call of deflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. This action is forced if the parameter flush is non zero.
- Forcing flush frequently degrades the compression ratio, so this parameter
- should be set only when necessary (in interactive applications).
- Some output may be provided even if flush is not set.
-
- Before the call of deflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating avail_in or avail_out accordingly; avail_out
- should never be zero before the call. The application can consume the
- compressed output when it wants, for example when the output buffer is full
- (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
- and with zero avail_out, it must be called again after making room in the
- output buffer because there might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
- block is terminated and flushed to the output buffer so that the
- decompressor can get all input data available so far. For method 9, a future
- variant on method 8, the current block will be flushed but not terminated.
- Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
- output is byte aligned (the compressor can clear its internal bit buffer)
- and the current block is always terminated; this can be useful if the
- compressor has to be restarted from scratch after an interruption (in which
- case the internal state of the compressor may be lost).
- If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
- special marker is output and the compression dictionary is discarded; this
- is useful to allow the decompressor to synchronize if one compressed block
- has been damaged (see inflateSync below). Flushing degrades compression and
- so should be used only when necessary. Using Z_FULL_FLUSH too often can
- seriously degrade the compression. If deflate returns with avail_out == 0,
- this function must be called again with the same value of the flush
- parameter and more output space (updated avail_out), until the flush is
- complete (deflate returns with non-zero avail_out).
-
- If the parameter flush is set to Z_FINISH, pending input is processed,
- pending output is flushed and deflate returns with Z_STREAM_END if there
- was enough output space; if deflate returns with Z_OK, this function must be
- called again with Z_FINISH and more output space (updated avail_out) but no
- more input data, until it returns with Z_STREAM_END or an error. After
- deflate has returned Z_STREAM_END, the only possible operations on the
- stream are deflateReset or deflateEnd.
-
- Z_FINISH can be used immediately after deflateInit if all the compression
- is to be done in a single step. In this case, avail_out must be at least
- 0.1% larger than avail_in plus 12 bytes. If deflate does not return
- Z_STREAM_END, then it must be called again as described above.
-
- deflate() may update data_type if it can make a good guess about
- the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
- binary. This field is only for information purposes and does not affect
- the compression algorithm in any manner.
-
- deflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if all input has been
- consumed and all output has been produced (only when flush is set to
- Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
- if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateEnd (z_streamp strm);
-#else
-extern int EXPORT deflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
- stream state was inconsistent, Z_DATA_ERROR if the stream was freed
- prematurely (some input or output was discarded). In the error case,
- msg may be set but then points to a static string (which must not be
- deallocated).
-*/
-
-
-/*
-extern int EXPORT inflateInit OF((z_streamp strm));
-
- Initializes the internal stream state for decompression. The fields
- zalloc, zfree and opaque must be initialized before by the caller. If
- zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
- allocation functions.
-
- inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
- with the version assumed by the caller. msg is set to null if there is no
- error message. inflateInit does not perform any decompression: this will be
- done by inflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflate (z_streamp strm, int flush);
-#else
-extern int EXPORT inflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Decompress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in is updated and processing
- will resume at this point for the next call of inflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. inflate() provides as much output as possible, until there
- is no more input data or no more space in the output buffer (see below
- about the flush parameter).
-
- Before the call of inflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating the next_* and avail_* values accordingly.
- The application can consume the uncompressed output when it wants, for
- example when the output buffer is full (avail_out == 0), or after each
- call of inflate(). If inflate returns Z_OK and with zero avail_out, it
- must be called again after making room in the output buffer because there
- might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
- output as possible to the output buffer. The flushing behavior of inflate is
- not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
- and Z_FINISH, but the current implementation actually flushes as much output
- as possible anyway.
-
- inflate() should normally be called until it returns Z_STREAM_END or an
- error. However if all decompression is to be performed in a single step
- (a single call of inflate), the parameter flush should be set to
- Z_FINISH. In this case all pending input is processed and all pending
- output is flushed; avail_out must be large enough to hold all the
- uncompressed data. (The size of the uncompressed data may have been saved
- by the compressor for this purpose.) The next operation on this stream must
- be inflateEnd to deallocate the decompression state. The use of Z_FINISH
- is never required, but can be used to inform inflate that a faster routine
- may be used for the single inflate() call.
-
- inflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if the end of the
- compressed data has been reached and all uncompressed output has been
- produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
- inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
- Z_STREAM_ERROR if the stream structure was inconsistent (for example if
- next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
- Z_BUF_ERROR if no progress is possible or if there was not enough room in
- the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
- application may then call inflateSync to look for a good compression block.
- In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
- dictionary chosen by the compressor.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateEnd (z_streamp strm);
-#else
-extern int EXPORT inflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
- was inconsistent. In the error case, msg may be set but then points to a
- static string (which must not be deallocated).
-*/
-
- /* Advanced functions */
-
-/*
- The following functions are needed only in some special applications.
-*/
-
-/*
-extern int EXPORT deflateInit2 OF((z_streamp strm,
- int level,
- int method,
- int windowBits,
- int memLevel,
- int strategy));
-
- This is another version of deflateInit with more compression options. The
- fields next_in, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The method parameter is the compression method. It must be Z_DEFLATED in
- this version of the library. (Method 9 will allow a 64K history buffer and
- partial block flushes.)
-
- The windowBits parameter is the base two logarithm of the window size
- (the size of the history buffer). It should be in the range 8..15 for this
- version of the library (the value 16 will be allowed for method 9). Larger
- values of this parameter result in better compression at the expense of
- memory usage. The default value is 15 if deflateInit is used instead.
-
- The memLevel parameter specifies how much memory should be allocated
- for the internal compression state. memLevel=1 uses minimum memory but
- is slow and reduces compression ratio; memLevel=9 uses maximum memory
- for optimal speed. The default value is 8. See zconf.h for total memory
- usage as a function of windowBits and memLevel.
-
- The strategy parameter is used to tune the compression algorithm. Use the
- value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
- filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
- string match). Filtered data consists mostly of small values with a
- somewhat random distribution. In this case, the compression algorithm is
- tuned to compress them better. The effect of Z_FILTERED is to force more
- Huffman coding and less string matching; it is somewhat intermediate
- between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
- the compression ratio but not the correctness of the compressed output even
- if it is not set appropriately.
-
- If next_in is not null, the library will use this buffer to hold also
- some history information; the buffer must either hold the entire input
- data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
- is null, the library will allocate its own history buffer (and leave next_in
- null). next_out need not be provided here but must be provided by the
- application for the next call of deflate().
-
- If the history buffer is provided by the application, next_in must
- must never be changed by the application since the compressor maintains
- information inside this buffer from call to call; the application
- must provide more input only by increasing avail_in. next_in is always
- reset by the library in this case.
-
- deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- an invalid method). msg is set to null if there is no error message.
- deflateInit2 does not perform any compression: this will be done by
- deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT deflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the compression dictionary (history buffer) from the given
- byte sequence without producing any compressed output. This function must
- be called immediately after deflateInit or deflateInit2, before any call
- of deflate. The compressor and decompressor must use exactly the same
- dictionary (see inflateSetDictionary).
- The dictionary should consist of strings (byte sequences) that are likely
- to be encountered later in the data to be compressed, with the most commonly
- used strings preferably put towards the end of the dictionary. Using a
- dictionary is most useful when the data to be compressed is short and
- can be predicted with good accuracy; the data can then be compressed better
- than with the default empty dictionary. In this version of the library,
- only the last 32K bytes of the dictionary are used.
- Upon return of this function, strm->adler is set to the Adler32 value
- of the dictionary; the decompressor may later use this value to determine
- which dictionary has been used by the compressor. (The Adler32 value
- applies to the whole dictionary even if only a subset of the dictionary is
- actually used by the compressor.)
-
- deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state
- is inconsistent (for example if deflate has already been called for this
- stream). deflateSetDictionary does not perform any compression: this will
- be done by deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateCopy (z_streamp dest, z_streamp source);
-#else
-extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
-#endif
-/*
- Sets the destination stream as a complete copy of the source stream. If
- the source stream is using an application-supplied history buffer, a new
- buffer is allocated for the destination stream. The compressed output
- buffer is always application-supplied. It's the responsibility of the
- application to provide the correct values of next_out and avail_out for the
- next call of deflate.
-
- This function can be useful when several compression strategies will be
- tried, for example when there are several ways of pre-processing the input
- data with a filter. The streams that will be discarded should then be freed
- by calling deflateEnd. Note that deflateCopy duplicates the internal
- compression state which can be quite large, so this strategy is slow and
- can consume lots of memory.
-
- deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
- (such as zalloc being NULL). msg is left unchanged in both source and
- destination.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateReset (z_streamp strm);
-#else
-extern int EXPORT deflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to deflateEnd followed by deflateInit,
- but does not free and reallocate all the internal compression state.
- The stream will keep the same compression level and any other attributes
- that may have been set by deflateInit2.
-
- deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateParams (z_streamp strm, int level, int strategy);
-#else
-extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
-#endif
-/*
- Dynamically update the compression level and compression strategy.
- This can be used to switch between compression and straight copy of
- the input data, or to switch to a different kind of input data requiring
- a different strategy. If the compression level is changed, the input
- available so far is compressed with the old level (and may be flushed);
- the new level will take effect only at the next call of deflate().
-
- Before the call of deflateParams, the stream state must be set as for
- a call of deflate(), since the currently available input may have to
- be compressed and flushed. In particular, strm->avail_out must be non-zero.
-
- deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
- stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
- if strm->avail_out was zero.
-*/
-
-/*
-extern int EXPORT inflateInit2 OF((z_streamp strm,
- int windowBits));
-
- This is another version of inflateInit with more compression options. The
- fields next_out, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The windowBits parameter is the base two logarithm of the maximum window
- size (the size of the history buffer). It should be in the range 8..15 for
- this version of the library (the value 16 will be allowed soon). The
- default value is 15 if inflateInit is used instead. If a compressed stream
- with a larger window size is given as input, inflate() will return with
- the error code Z_DATA_ERROR instead of trying to allocate a larger window.
-
- If next_out is not null, the library will use this buffer for the history
- buffer; the buffer must either be large enough to hold the entire output
- data, or have at least 1<<windowBits bytes. If next_out is null, the
- library will allocate its own buffer (and leave next_out null). next_in
- need not be provided here but must be provided by the application for the
- next call of inflate().
-
- If the history buffer is provided by the application, next_out must
- never be changed by the application since the decompressor maintains
- history information inside this buffer from call to call; the application
- can only reset next_out to the beginning of the history buffer when
- avail_out is zero and all output has been consumed.
-
- inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- windowBits < 8). msg is set to null if there is no error message.
- inflateInit2 does not perform any decompression: this will be done by
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT inflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the decompression dictionary (history buffer) from the given
- uncompressed byte sequence. This function must be called immediately after
- a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
- by the compressor can be determined from the Adler32 value returned by this
- call of inflate. The compressor and decompressor must use exactly the same
- dictionary (see deflateSetDictionary).
-
- inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state is
- inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
- expected one (incorrect Adler32 value). inflateSetDictionary does not
- perform any decompression: this will be done by subsequent calls of
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSync (z_streamp strm);
-#else
-extern int EXPORT inflateSync OF((z_streamp strm));
-#endif
-/*
- Skips invalid compressed data until the special marker (see deflate()
- above) can be found, or until all available input is skipped. No output
- is provided.
-
- inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
- if no more input was provided, Z_DATA_ERROR if no marker has been found,
- or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
- case, the application may save the current current value of total_in which
- indicates where valid compressed data was found. In the error case, the
- application may repeatedly call inflateSync, providing more input each time,
- until success or end of the input data.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateReset (z_streamp strm);
-#else
-extern int EXPORT inflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to inflateEnd followed by inflateInit,
- but does not free and reallocate all the internal decompression state.
- The stream will keep attributes that may have been set by inflateInit2.
-
- inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-
- /* utility functions */
-
-/*
- The following utility functions are implemented on top of the
- basic stream-oriented functions. To simplify the interface, some
- default options are assumed (compression level, window size,
- standard memory allocation functions). The source code of these
- utility functions can easily be modified if you need special options.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) compress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT compress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Compresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be at least 0.1% larger than
- sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
- compressed buffer.
- This function can be used to compress a whole file at once if the
- input file is mmap'ed.
- compress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) uncompress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT uncompress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Decompresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be large enough to hold the
- entire uncompressed data. (The size of the uncompressed data must have
- been saved previously by the compressor and transmitted to the decompressor
- by some mechanism outside the scope of this compression library.)
- Upon exit, destLen is the actual size of the compressed buffer.
- This function can be used to decompress a whole file at once if the
- input file is mmap'ed.
-
- uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-
-
-typedef voidp gzFile;
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen (const char *path, const char *mode);
-#else
-extern gzFile EXPORT gzopen OF((const char *path, const char *mode));
-#endif
-/*
- Opens a gzip (.gz) file for reading or writing. The mode parameter
- is as in fopen ("rb" or "wb") but can also include a compression level
- ("wb9"). gzopen can be used to read a file which is not in gzip format;
- in this case gzread will directly read from the file without decompression.
- gzopen returns NULL if the file could not be opened or if there was
- insufficient memory to allocate the (de)compression state; errno
- can be checked to distinguish the two cases (if errno is zero, the
- zlib error is Z_MEM_ERROR).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen (int fd, const char *mode);
-#else
-extern gzFile EXPORT gzdopen OF((int fd, const char *mode));
-#endif
-/*
- gzdopen() associates a gzFile with the file descriptor fd. File
- descriptors are obtained from calls like open, dup, creat, pipe or
- fileno (in the file has been previously opened with fopen).
- The mode parameter is as in gzopen.
- The next call of gzclose on the returned gzFile will also close the
- file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
- descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
- gzdopen returns NULL if there was insufficient memory to allocate
- the (de)compression state.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzread (gzFile file, voidp buf, unsigned len);
-#else
-extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len));
-#endif
-/*
- Reads the given number of uncompressed bytes from the compressed file.
- If the input file was not in gzip format, gzread copies the given number
- of bytes into the buffer.
- gzread returns the number of uncompressed bytes actually read (0 for
- end of file, -1 for error). */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzwrite (gzFile file, const voidp buf, unsigned len);
-#else
-extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len));
-#endif
-/*
- Writes the given number of uncompressed bytes into the compressed file.
- gzwrite returns the number of uncompressed bytes actually written
- (0 in case of error).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzflush (gzFile file, int flush);
-#else
-extern int EXPORT gzflush OF((gzFile file, int flush));
-#endif
-/*
- Flushes all pending output into the compressed file. The parameter
- flush is as in the deflate() function. The return value is the zlib
- error number (see function gzerror below). gzflush returns Z_OK if
- the flush parameter is Z_FINISH and all output could be flushed.
- gzflush should be called only when strictly necessary because it can
- degrade compression.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzclose (gzFile file);
-#else
-extern int EXPORT gzclose OF((gzFile file));
-#endif
-/*
- Flushes all pending output if necessary, closes the compressed file
- and deallocates all the (de)compression state. The return value is the zlib
- error number (see function gzerror below).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum);
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum));
-#endif
-/*
- Returns the error message for the last error which occurred on the
- given compressed file. errnum is set to zlib error number. If an
- error occurred in the file system and not in the compression library,
- errnum is set to Z_ERRNO and the application may consult errno
- to get the exact error code.
-*/
-
- /* checksum functions */
-
-/*
- These functions are not related to compression but are exported
- anyway because they might be useful in applications using the
- compression library.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) adler32 (uLong adler, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-#endif
-
-/*
- Update a running Adler-32 checksum with the bytes buf[0..len-1] and
- return the updated checksum. If buf is NULL, this function returns
- the required initial value for the checksum.
- An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
- much faster. Usage example:
-
- uLong adler = adler32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- adler = adler32(adler, buffer, length);
- }
- if (adler != original_adler) error();
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) crc32 (uLong crc, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
-#endif
-/*
- Update a running crc with the bytes buf[0..len-1] and return the updated
- crc. If buf is NULL, this function returns the required initial value
- for the crc. Pre- and post-conditioning (one's complement) is performed
- within this function so it shouldn't be done by the application.
- Usage example:
-
- uLong crc = crc32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- crc = crc32(crc, buffer, length);
- }
- if (crc != original_crc) error();
-*/
-
-
- /* various hacks, don't look :) */
-
-/* deflateInit and inflateInit are macros to allow checking the zlib version
- * and the compiler's view of z_stream:
- */
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateInit_ (z_streamp strm, int level, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) inflateInit_ (z_streamp strm, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) deflateInit2_ (z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size);
-PR_PUBLIC_API(extern int) inflateInit2_ (z_streamp strm, int windowBits,
- const char *version, int stream_size);
-#else
-extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version,
- int stream_size));
-extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version,
- int stream_size));
-extern int EXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size));
-extern int EXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
- const char *version, int stream_size));
-#endif /* MOZILLA_CLIENT */
-
-
-#define deflateInit(strm, level) \
- deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit(strm) \
- inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
-#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
- deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
- (strategy), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit2(strm, windowBits) \
- inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-
-#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
- struct internal_state {int dummy;}; /* hack for buggy compilers */
-#endif
-
-uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _ZLIB_H */
diff --git a/security/nss/lib/jar/manifest.mn b/security/nss/lib/jar/manifest.mn
deleted file mode 100644
index 3ab975b84..000000000
--- a/security/nss/lib/jar/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-MODULE = nss
-
-LIBRARY_NAME = jar
-
-CORE_DEPTH = ../../..
-
-CSRCS = \
- jarver.c \
- jarsign.c \
- jar.c \
- jar-ds.c \
- jarfile.c \
- jarevil.c \
- jarjart.c \
- jarint.c \
- $(NULL)
-
-REQUIRES = dbm
-
-EXPORTS = jar.h jar-ds.h jarfile.h
-
-DEFINES = -DMOZILLA_CLIENT=1
diff --git a/security/nss/lib/macbuild/NSS/NSS/NSS.mcp b/security/nss/lib/macbuild/NSS/NSS/NSS.mcp
deleted file mode 100644
index 99a1dd3de..000000000
--- a/security/nss/lib/macbuild/NSS/NSS/NSS.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/lib/macbuild/SecurityLib.mcp b/security/nss/lib/macbuild/SecurityLib.mcp
deleted file mode 100644
index 3efcf8c2d..000000000
--- a/security/nss/lib/macbuild/SecurityLib.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/lib/manifest.mn b/security/nss/lib/manifest.mn
deleted file mode 100644
index 2738cf722..000000000
--- a/security/nss/lib/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-#
-# organized by DLL
-#
-# softoken and prereqs.
-# stan (not a separate dll yet)
-# nss base (traditional)
-# ssl
-# smime
-# ckfw (builtins module)
-# crmf jar (not dll's)
-# fortcrypt
-DIRS = util freebl softoken \
- base asn1 dev pki pki1 \
- certdb certhigh pk11wrap cryptohi crypto nss \
- ssl \
- pkcs12 pkcs7 smime \
- crmf jar \
- ckfw \
- fortcrypt \
- $(NULL)
-
-# NSS 4.0 build - pure stan libraries
-ifdef PURE_STAN_BUILD
-DIRS = base asn1 dev pki pki1
-endif
-
-#
-# these dirs are not built at the moment
-#
-#NOBUILD_DIRS = jar
diff --git a/security/nss/lib/nss/Makefile b/security/nss/lib/nss/Makefile
deleted file mode 100644
index cb58ef545..000000000
--- a/security/nss/lib/nss/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include config.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/nss/config.mk b/security/nss/lib/nss/config.mk
deleted file mode 100644
index 4ca5480f3..000000000
--- a/security/nss/lib/nss/config.mk
+++ /dev/null
@@ -1,118 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-ifdef NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib \
- -lsoftokn3 \
- -lplc4 \
- -lplds4 \
- -lnspr4\
- $(NULL)
-else # ! NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/softokn3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-endif # NS_USE_GCC
-
-else
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lsoftokn3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-
-endif
-
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../certhigh \
- ../cryptohi \
- ../pk11wrap \
- ../certdb \
- ../util \
- ../pki \
- ../dev \
- ../base \
- $(NULL)
-
-
-ifeq ($(OS_TARGET),SunOS)
-# The -R '$ORIGIN' linker option instructs libnss3.so to search for its
-# dependencies (libsoftokn3.so) in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-endif
-
-ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))
-ifndef NS_USE_GCC
-# Export 'mktemp' to be backward compatible with NSS 3.2.x and 3.3.x
-# but do not put it in the import library. See bug 142575.
-DEFINES += -DWIN32_NSS3_DLL_COMPAT
-DLLFLAGS += -EXPORT:mktemp=nss_mktemp,PRIVATE
-endif
-endif
diff --git a/security/nss/lib/nss/manifest.mn b/security/nss/lib/nss/manifest.mn
deleted file mode 100644
index fe80ef67a..000000000
--- a/security/nss/lib/nss/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- nssrenam.h \
- $(NULL)
-
-EXPORTS = \
- nss.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- nssinit.c \
- nssver.c \
- $(NULL)
-
-REQUIRES = dbm
-
-MAPFILE = $(OBJDIR)/nss.def
-
-LIBRARY_NAME = nss
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
deleted file mode 100644
index 142e0c59a..000000000
--- a/security/nss/lib/nss/nss.def
+++ /dev/null
@@ -1,758 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
-;+# Sun Microsystems, Inc. All Rights Reserved.
-;+#
-;+# Contributor(s):
-;+# Dr Stephen Henson <stephen.henson@gemplus.com>
-;+# Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+NSS_3.2 { # NSS 3.2 release
-;+ global:
-LIBRARY nss3 ;-
-EXPORTS ;-
-ATOB_AsciiToData;
-BTOA_ConvertItemToAscii;
-BTOA_DataToAscii;
-CERT_AsciiToName;
-CERT_CertTimesValid;
-CERT_CheckCertValidTimes;
-CERT_CreateCertificateRequest;
-CERT_ChangeCertTrust;
-CERT_DecodeDERCrl;
-CERT_DestroyCertificateRequest;
-CERT_DestroyCertList;
-CERT_DestroyName;
-CERT_EnableOCSPChecking;
-CERT_FormatName;
-CERT_DestroyCertificate;
-CERT_DupCertificate;
-CERT_FreeDistNames;
-CERT_FreeNicknames;
-CERT_GetAVATag;
-CERT_GetCertEmailAddress;
-CERT_GetCertNicknames;
-CERT_GetCertIssuerAndSN;
-CERT_GetCertTrust;
-CERT_GetCertUid;
-CERT_GetCommonName;
-CERT_GetCountryName;
-CERT_GetDBContentVersion;
-CERT_GetDefaultCertDB;
-CERT_GetDomainComponentName;
-CERT_GetLocalityName;
-CERT_GetOrgName;
-CERT_GetOrgUnitName;
-CERT_GetSSLCACerts;
-CERT_GetSlopTime;
-CERT_GetStateName;
-CERT_ImportCAChain;
-CERT_NameToAscii;
-CERT_RFC1485_EscapeAndQuote;
-CERT_SetSlopTime;
-CERT_VerifyCertName;
-CERT_VerifyCertNow;
-DER_UTCDayToAscii;
-DER_UTCTimeToAscii;
-DER_GeneralizedTimeToTime;
-NSS_Init;
-NSS_Initialize;
-NSS_InitReadWrite;
-NSS_NoDB_Init;
-NSS_Shutdown;
-NSS_VersionCheck;
-PK11_Authenticate;
-PK11_ChangePW;
-PK11_CheckUserPassword;
-PK11_CipherOp;
-PK11_CloneContext;
-PK11_ConfigurePKCS11;
-PK11_CreateContextBySymKey;
-PK11_CreateDigestContext;
-PK11_DestroyContext;
-PK11_DestroyTokenObject;
-PK11_DigestBegin;
-PK11_DigestOp;
-PK11_DigestFinal;
-PK11_DoesMechanism;
-PK11_FindCertFromNickname;
-PK11_FindCertFromDERCert;
-PK11_FindCertByIssuerAndSN;
-PK11_FindKeyByAnyCert;
-PK11_FindKeyByDERCert;
-PK11_FindSlotByName;
-PK11_Finalize;
-PK11_FortezzaHasKEA;
-PK11_FreeSlot;
-PK11_FreeSlotList;
-PK11_FreeSymKey;
-PK11_GenerateKeyPair;
-PK11_GenerateRandom;
-PK11_GenerateNewParam;
-PK11_GetAllTokens;
-PK11_GetBlockSize;
-PK11_GetFirstSafe;
-PK11_GetInternalKeySlot;
-PK11_GetInternalSlot;
-PK11_GetSlotName;
-PK11_GetTokenName;
-PK11_HashBuf;
-PK11_IsFIPS;
-PK11_IsFriendly;
-PK11_IsInternal;
-PK11_IsHW;
-PK11_IsPresent;
-PK11_IsReadOnly;
-PK11_KeyGen;
-PK11_ListCerts;
-PK11_NeedLogin;
-PK11_RandomUpdate;
-PK11_SetPasswordFunc;
-PK11_SetSlotPWValues;
-PORT_Alloc;
-PORT_Free;
-PORT_GetError;
-PORT_SetError;
-PORT_SetUCS4_UTF8ConversionFunction;
-PORT_SetUCS2_UTF8ConversionFunction;
-PORT_SetUCS2_ASCIIConversionFunction;
-SECITEM_CopyItem;
-SECITEM_DupItem;
-SECITEM_FreeItem;
-SECITEM_ZfreeItem;
-SECKEY_ConvertToPublicKey;
-SECKEY_CopyPrivateKey;
-SECKEY_CreateSubjectPublicKeyInfo;
-SECKEY_DestroyPrivateKey;
-SECKEY_DestroySubjectPublicKeyInfo;
-SECMOD_IsModulePresent;
-SECOID_FindOIDTagDescription;
-SECOID_GetAlgorithmTag;
-SEC_DeletePermCertificate;
-SEC_DeletePermCRL;
-SEC_DerSignData;
-SEC_DestroyCrl;
-SEC_FindCrlByDERCert;
-SEC_FindCrlByName;
-SEC_LookupCrls;
-SEC_NewCrl;
-;+#
-;+# The following symbols are exported only to make libssl3.so work.
-;+# These are still private!!!
-;+#
-__CERT_NewTempCertificate;
-__PK11_CreateContextByRawKey;
-__PK11_GetKeyData;
-__nss_InitLock;
-CERT_CertChainFromCert;
-CERT_DestroyCertificateList;
-CERT_DupCertList;
-CERT_ExtractPublicKey;
-CERT_FindCertByName;
-DER_Lengths;
-DSAU_DecodeDerSig;
-DSAU_EncodeDerSig;
-HASH_GetHashObject;
-NSSRWLock_Destroy;
-NSSRWLock_HaveWriteLock;
-NSSRWLock_LockRead;
-NSSRWLock_LockWrite;
-NSSRWLock_New;
-NSSRWLock_UnlockRead;
-NSSRWLock_UnlockWrite;
-NSS_PutEnv;
-PK11_Derive;
-PK11_DeriveWithFlags;
-PK11_DigestKey;
-PK11_FindBestKEAMatch;
-PK11_FindFixedKey;
-PK11_GenerateFortezzaIV;
-PK11_GetBestKeyLength;
-PK11_GetBestSlot;
-PK11_GetBestSlotMultiple;
-PK11_GetBestWrapMechanism;
-PK11_GetCurrentWrapIndex;
-PK11_GetMechanism;
-PK11_GetModuleID;
-PK11_GetPrivateModulusLen;
-PK11_GetSlotFromKey;
-PK11_GetSlotFromPrivateKey;
-PK11_GetSlotID;
-PK11_GetSlotSeries;
-PK11_GetTokenInfo;
-PK11_GetWindow;
-PK11_GetWrapKey;
-PK11_IVFromParam;
-PK11_MakeKEAPubKey;
-PK11_ParamFromIV;
-PK11_PubDecryptRaw;
-PK11_PubDerive;
-PK11_PubEncryptRaw;
-PK11_PubUnwrapSymKey;
-PK11_PubWrapSymKey;
-PK11_ReferenceSymKey;
-PK11_RestoreContext;
-PK11_SaveContext;
-PK11_SetFortezzaHack;
-PK11_SetWrapKey;
-PK11_Sign;
-PK11_SignatureLen;
-PK11_SymKeyFromHandle;
-PK11_TokenExists;
-PK11_UnwrapSymKey;
-PK11_UnwrapSymKeyWithFlags;
-PK11_Verify;
-PK11_VerifyKeyOK;
-PK11_WrapSymKey;
-PORT_ArenaAlloc;
-PORT_ArenaZAlloc;
-PORT_FreeArena;
-PORT_NewArena;
-PORT_Realloc;
-PORT_ZAlloc;
-PORT_ZFree;
-RSA_FormatBlock;
-SECITEM_CompareItem;
-SECKEY_CreateRSAPrivateKey;
-SECKEY_DestroyPublicKey;
-SECKEY_PublicKeyStrength;
-SECKEY_UpdateCertPQG;
-SECMOD_LookupSlot;
-SGN_Begin;
-SGN_DestroyContext;
-SGN_End;
-SGN_NewContext;
-SGN_Update;
-VFY_Begin;
-VFY_CreateContext;
-VFY_DestroyContext;
-VFY_End;
-VFY_Update;
-;+#
-;+# The following symbols are exported only to make libsmime3.so work.
-;+# These are still private!!!
-;+#
-__CERT_ClosePermCertDB;
-__CERT_DecodeDERCertificate;
-__CERT_TraversePermCertsForNickname;
-__CERT_TraversePermCertsForSubject;
-__PBE_CreateContext;
-__PBE_DestroyContext;
-__PBE_GenerateBits;
-ATOB_ConvertAsciiToItem;
-CERT_AddCertToListTail;
-CERT_CertListFromCert;
-CERT_DestroyCertArray;
-CERT_FindCertByDERCert;
-CERT_FindCertByIssuerAndSN;
-CERT_FindSMimeProfile;
-CERT_ImportCerts;
-CERT_NewCertList;
-CERT_OpenCertDBFilename;
-CERT_SaveSMimeProfile;
-CERT_VerifyCert;
-DER_GetInteger;
-DER_TimeToUTCTime;
-DER_UTCTimeToTime;
-PK11_AlgtagToMechanism;
-PK11_BlockData;
-PK11_CreatePBEAlgorithmID;
-PK11_DestroyObject;
-PK11_ExportEncryptedPrivateKeyInfo;
-PK11_ExportPrivateKeyInfo;
-PK11_FindCertAndKeyByRecipientList;
-PK11_FindCertAndKeyByRecipientListNew;
-PK11_FindCertInSlot;
-PK11_FindPrivateKeyFromCert;
-PK11_FortezzaMapSig;
-PK11_GetKeyLength;
-PK11_GetKeyStrength;
-PK11_ImportCertForKeyToSlot;
-PK11_ImportEncryptedPrivateKeyInfo;
-PK11_ImportPrivateKeyInfo;
-PK11_MapPBEMechanismToCryptoMechanism;
-PK11_PBEKeyGen;
-PK11_ParamFromAlgid;
-PK11_ParamToAlgid;
-PK11_TraverseCertsForNicknameInSlot;
-PK11_TraverseCertsForSubjectInSlot;
-PORT_ArenaGrow;
-PORT_ArenaMark;
-PORT_ArenaRelease;
-PORT_ArenaStrdup;
-PORT_ArenaUnmark;
-PORT_UCS2_ASCIIConversion;
-PORT_UCS2_UTF8Conversion;
-SECITEM_AllocItem;
-SECKEY_CopyEncryptedPrivateKeyInfo;
-SECKEY_CopyPrivateKeyInfo;
-SECKEY_DestroyEncryptedPrivateKeyInfo;
-SECKEY_DestroyPrivateKeyInfo;
-SECOID_CompareAlgorithmID;
-SECOID_CopyAlgorithmID;
-SECOID_DestroyAlgorithmID;
-SECOID_FindOID;
-SECOID_FindOIDByTag;
-SECOID_FindOIDTag;
-SECOID_SetAlgorithmID;
-SEC_ASN1DecodeInteger;
-SEC_ASN1DecodeItem;
-SEC_ASN1DecoderClearFilterProc;
-SEC_ASN1DecoderClearNotifyProc;
-SEC_ASN1DecoderFinish;
-SEC_ASN1DecoderSetFilterProc;
-SEC_ASN1DecoderSetNotifyProc;
-SEC_ASN1DecoderStart;
-SEC_ASN1DecoderUpdate;
-SEC_ASN1Encode;
-SEC_ASN1EncodeInteger;
-SEC_ASN1EncodeItem;
-SEC_ASN1EncoderClearNotifyProc;
-SEC_ASN1EncoderClearStreaming;
-SEC_ASN1EncoderClearTakeFromBuf;
-SEC_ASN1EncoderFinish;
-SEC_ASN1EncoderSetNotifyProc;
-SEC_ASN1EncoderSetStreaming;
-SEC_ASN1EncoderSetTakeFromBuf;
-SEC_ASN1EncoderStart;
-SEC_ASN1EncoderUpdate;
-SEC_ASN1LengthLength;
-SEC_PKCS5GetCryptoAlgorithm;
-SEC_PKCS5GetKeyLength;
-SEC_PKCS5GetPBEAlgorithm;
-SEC_PKCS5IsAlgorithmPBEAlg;
-SEC_SignData;
-SGN_CompareDigestInfo;
-SGN_CopyDigestInfo;
-SGN_CreateDigestInfo;
-SGN_DestroyDigestInfo;
-SGN_Digest;
-VFY_VerifyData;
-VFY_VerifyDigest;
-;+#
-;+# Data objects
-;+#
-;+# Don't export these DATA symbols on Windows because they don't work right.
-;;CERT_CrlTemplate DATA ;
-;;CERT_SignedDataTemplate DATA ;
-;;CERT_CertificateTemplate DATA ;
-;;CERT_CertificateRequestTemplate DATA ;
-;;CERT_IssuerAndSNTemplate DATA ;
-;;CERT_SetOfSignedCrlTemplate DATA ;
-;;SECKEY_DSAPublicKeyTemplate DATA ;
-;;SECKEY_EncryptedPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PointerToEncryptedPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PointerToPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PrivateKeyInfoTemplate DATA ;
-;;SECKEY_RSAPublicKeyTemplate DATA ;
-;;SECOID_AlgorithmIDTemplate DATA ;
-;;SEC_AnyTemplate DATA ;
-;;SEC_BMPStringTemplate DATA ;
-;;SEC_BitStringTemplate DATA ;
-;;SEC_GeneralizedTimeTemplate DATA ;
-;;SEC_IA5StringTemplate DATA ;
-;;SEC_IntegerTemplate DATA ;
-;;SEC_ObjectIDTemplate DATA ;
-;;SEC_OctetStringTemplate DATA ;
-;;SEC_PointerToAnyTemplate DATA ;
-;;SEC_PointerToOctetStringTemplate DATA ;
-;;SEC_SetOfAnyTemplate DATA ;
-;;SEC_UTCTimeTemplate DATA ;
-;;sgn_DigestInfoTemplate DATA ;
-NSS_Get_CERT_CrlTemplate;
-NSS_Get_CERT_SignedDataTemplate;
-NSS_Get_CERT_CertificateTemplate;
-NSS_Get_CERT_CertificateRequestTemplate;
-NSS_Get_CERT_IssuerAndSNTemplate;
-NSS_Get_CERT_SetOfSignedCrlTemplate;
-NSS_Get_SECKEY_DSAPublicKeyTemplate;
-NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PrivateKeyInfoTemplate;
-NSS_Get_SECKEY_RSAPublicKeyTemplate;
-NSS_Get_SECOID_AlgorithmIDTemplate;
-NSS_Get_SEC_AnyTemplate;
-NSS_Get_SEC_BMPStringTemplate;
-NSS_Get_SEC_BitStringTemplate;
-NSS_Get_SEC_GeneralizedTimeTemplate;
-NSS_Get_SEC_IA5StringTemplate;
-NSS_Get_SEC_IntegerTemplate;
-NSS_Get_SEC_ObjectIDTemplate;
-NSS_Get_SEC_OctetStringTemplate;
-NSS_Get_SEC_PointerToAnyTemplate;
-NSS_Get_SEC_PointerToOctetStringTemplate;
-NSS_Get_SEC_SetOfAnyTemplate;
-NSS_Get_SEC_UTCTimeTemplate;
-NSS_Get_sgn_DigestInfoTemplate;
-;+# commands
-CERT_DecodeBasicConstraintValue;
-CERT_DecodeOidSequence;
-CERT_DecodeUserNotice;
-CERT_DecodeCertificatePoliciesExtension;
-CERT_DestroyCertificatePoliciesExtension;
-CERT_FindCertByNicknameOrEmailAddr;
-CERT_FindCertByNickname;
-CERT_GenTime2FormattedAscii;
-CERT_Hexify;
-CERT_CompareName;
-PK11SDR_Encrypt;
-PK11SDR_Decrypt;
-NSSBase64Decoder_Create;
-NSSBase64Decoder_Destroy;
-NSSBase64Decoder_Update;
-NSSBase64Encoder_Create;
-NSSBase64Encoder_Destroy;
-NSSBase64Encoder_Update;
-;+#PK11_DoPassword;
-;+#PK11_FindKeyByKeyID;
-PK11_InitPin;
-PK11_NeedUserInit;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.2.1 { # NSS 3.2.1 release
-;+ global:
-CERT_AddRDN;
-CERT_CreateRDN;
-CERT_CreateAVA;
-CERT_CreateName;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.3 { # NSS 3.3. release
-;+ global:
-CERT_CheckCertUsage;
-CERT_FindCertIssuer;
-PK11_GetModule;
-SECKEY_CreateDHPrivateKey;
-SECKEY_GetPublicKeyType;
-SECMOD_AddNewModule;
-;+#
-;+# The following symbols are exported only to make JSS work.
-;+# These are still private!!!
-;+#
-CERT_DisableOCSPChecking;
-CERT_DisableOCSPDefaultResponder;
-CERT_EnableOCSPDefaultResponder;
-CERT_GetCertTimes;
-CERT_ImportCAChainTrusted;
-CERT_ImportCRL;
-CERT_IsCACert;
-CERT_IsCADERCert;
-CERT_SetOCSPDefaultResponder;
-PBE_CreateContext;
-PBE_DestroyContext;
-PBE_GenerateBits;
-PK11_CheckSSOPassword;
-PK11_CopySymKeyForSigning;
-PK11_DeleteTokenCertAndKey;
-PK11_DEREncodePublicKey;
-PK11_ExtractKeyValue;
-PK11_FindCertsFromNickname;
-PK11_FindKeyByKeyID;
-PK11_GetIVLength;
-PK11_GetKeyData;
-PK11_GetKeyType;
-PK11_GetLowLevelKeyIDForCert;
-PK11_GetLowLevelKeyIDForPrivateKey;
-PK11_GetSlotPWValues;
-PK11_ImportCertForKey;
-PK11_ImportDERCertForKey;
-PK11_ImportDERPrivateKeyInfo;
-PK11_ImportSymKey;
-PK11_IsLoggedIn;
-PK11_KeyForDERCertExists;
-PK11_KeyForCertExists;
-PK11_ListPrivateKeysInSlot;
-PK11_ListCertsInSlot;
-PK11_Logout;
-PK11_NeedPWInit;
-PK11_MakeIDFromPubKey;
-PK11_PQG_DestroyParams;
-PK11_PQG_DestroyVerify;
-PK11_PQG_GetBaseFromParams;
-PK11_PQG_GetCounterFromVerify;
-PK11_PQG_GetHFromVerify;
-PK11_PQG_GetPrimeFromParams;
-PK11_PQG_GetSeedFromVerify;
-PK11_PQG_GetSubPrimeFromParams;
-PK11_PQG_NewParams;
-PK11_PQG_NewVerify;
-PK11_PQG_ParamGen;
-PK11_PQG_ParamGenSeedLen;
-PK11_PQG_VerifyParams;
-PK11_ReferenceSlot;
-PK11_SeedRandom;
-PK11_UnwrapPrivKey;
-PK11_VerifyRecover;
-PK11_WrapPrivKey;
-SEC_CertNicknameConflict;
-SEC_PKCS5GetIV;
-SECMOD_DeleteInternalModule;
-SECMOD_DestroyModule;
-SECMOD_GetDefaultModuleList;
-SECMOD_GetDefaultModuleListLock;
-SECMOD_GetInternalModule;
-SECMOD_GetReadLock;
-SECMOD_ReferenceModule;
-SECMOD_ReleaseReadLock;
-SECKEY_AddPrivateKeyToListTail;
-SECKEY_EncodeDERSubjectPublicKeyInfo;
-SECKEY_ExtractPublicKey;
-SECKEY_DestroyPrivateKeyList;
-SECKEY_GetPrivateKeyType;
-SECKEY_HashPassword;
-SECKEY_ImportDERPublicKey;
-SECKEY_NewPrivateKeyList;
-SECKEY_RemovePrivateKeyListNode;
-VFY_EndWithSignature;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.3.1 { # NSS 3.3.1 release
-;+ global:
-;+#
-;+# The following symbols are exported only to make libsmime3.so work.
-;+# These are still private!!!
-;+#
-PK11_CreatePBEParams;
-PK11_DestroyPBEParams;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-SECMOD_AddNewModuleEx;
-SECMOD_DeleteModule;
-SECMOD_FreeModuleSpecList;
-SECMOD_GetModuleSpecList;
-SECMOD_LoadModule;
-SECMOD_LoadUserModule;
-SECMOD_UnloadUserModule;
-SECMOD_UpdateModule;
-;+# for PKCS #12
-PK11_RawPBEKeyGen;
-;+# for PSM
-__CERT_AddTempCertToPerm;
-CERT_AddOKDomainName;
-CERT_CopyName;
-CERT_CreateSubjectCertList;
-CERT_DecodeAVAValue;
-;+#CERT_DecodeCertFromPackage;
-CERT_DecodeGeneralName;
-CERT_DecodeTrustString;
-CERT_DerNameToAscii;
-CERT_EncodeGeneralName;
-CERT_FilterCertListByCANames;
-CERT_FilterCertListByUsage;
-CERT_FindCertExtension;
-CERT_FindKeyUsageExtension;
-CERT_FindUserCertByUsage;
-CERT_FindUserCertsByUsage;
-CERT_GetCertChainFromCert;
-CERT_GetOCSPAuthorityInfoAccessLocation;
-CERT_KeyFromDERCrl;
-CERT_MakeCANickname;
-CERT_NicknameStringsFromCertList;
-CERT_VerifySignedData;
-DER_Encode;
-HASH_Begin;
-HASH_Create;
-HASH_Destroy;
-HASH_End;
-HASH_ResultLen;
-HASH_Update;
-NSSBase64_DecodeBuffer; # from Stan
-NSSBase64_EncodeItem; # from Stan
-PK11_GetKeyGen;
-PK11_GetMinimumPwdLength;
-PK11_GetNextSafe;
-PK11_GetPadMechanism;
-PK11_GetSlotInfo;
-PK11_HasRootCerts;
-PK11_IsDisabled;
-PK11_LoadPrivKey;
-PK11_LogoutAll;
-PK11_MechanismToAlgtag;
-PK11_ResetToken;
-PK11_TraverseSlotCerts;
-SEC_ASN1Decode;
-SECKEY_CopySubjectPublicKeyInfo;
-SECMOD_CreateModule;
-SECMOD_FindModule;
-SECMOD_FindSlot;
-SECMOD_PubCipherFlagstoInternal;
-SECMOD_PubMechFlagstoInternal;
-;;CERT_NameTemplate DATA ;
-;;CERT_SubjectPublicKeyInfoTemplate DATA ;
-;;SEC_BooleanTemplate DATA ;
-;;SEC_NullTemplate DATA ;
-;;SEC_SignedCertificateTemplate DATA ;
-;;SEC_UTF8StringTemplate DATA ;
-NSS_Get_CERT_NameTemplate;
-NSS_Get_CERT_SubjectPublicKeyInfoTemplate;
-NSS_Get_SEC_BooleanTemplate;
-NSS_Get_SEC_NullTemplate;
-NSS_Get_SEC_SignedCertificateTemplate;
-NSS_Get_SEC_UTF8StringTemplate;
-;+# for JSS
-PK11_DeleteTokenPrivateKey;
-PK11_DeleteTokenPublicKey;
-PK11_DeleteTokenSymKey;
-PK11_GetNextSymKey;
-PK11_GetPQGParamsFromPrivateKey;
-PK11_GetPrivateKeyNickname;
-PK11_GetPublicKeyNickname;
-PK11_GetSymKeyNickname;
-PK11_ImportDERPrivateKeyInfoAndReturnKey;
-PK11_ImportPrivateKeyInfoAndReturnKey;
-PK11_ImportPublicKey;
-PK11_ImportSymKeyWithFlags;
-PK11_ListFixedKeysInSlot;
-PK11_ListPrivKeysInSlot;
-PK11_ListPublicKeysInSlot;
-PK11_ProtectedAuthenticationPath;
-PK11_SetPrivateKeyNickname;
-PK11_SetPublicKeyNickname;
-PK11_SetSymKeyNickname;
-SECKEY_DecodeDERSubjectPublicKeyInfo;
-SECKEY_DestroyPublicKeyList;
-;+# for debugging
-nss_DumpCertificateCacheInfo;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.5 { # cert creation APIs used by certutil
-;+ global:
-CERT_AddExtension;
-CERT_CopyRDN;
-CERT_CreateCertificate;
-CERT_CreateValidity;
-CERT_DestroyValidity;
-CERT_EncodeAndAddBitStrExtension;
-CERT_EncodeAuthKeyID;
-CERT_EncodeBasicConstraintValue;
-CERT_EncodeCRLDistributionPoints;
-CERT_FinishExtensions;
-CERT_StartCertExtensions;
-DER_AsciiToTime;
-PK11_ImportCert;
-PORT_Strdup;
-SECMOD_CanDeleteInternalModule;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.6 { # NSS 3.6 release
-;+ global:
-CERT_AddOCSPAcceptableResponses;
-CERT_CompleteCRLDecodeEntries;
-CERT_CreateOCSPCertID;
-CERT_CreateOCSPRequest;
-CERT_DecodeDERCrlWithFlags;
-CERT_DecodeOCSPResponse;
-CERT_DestroyOCSPCertID;
-CERT_DestroyOCSPRequest;
-CERT_EncodeOCSPRequest;
-CERT_FilterCertListForUserCerts;
-CERT_GetOCSPResponseStatus;
-CERT_GetOCSPStatusForCertID;
-CERT_IsUserCert;
-CERT_RemoveCertListNode;
-CERT_VerifyCACertForUsage;
-CERT_VerifyCertificate;
-CERT_VerifyCertificateNow;
-CERT_VerifyOCSPResponseSignature;
-PK11_ConvertSessionPrivKeyToTokenPrivKey;
-PK11_ConvertSessionSymKeyToTokenSymKey;
-PK11_GetModInfo;
-PK11_GetPBEIV;
-PK11_ImportCRL;
-PK11_ImportDERCert;
-PK11_PubUnwrapSymKeyWithFlags;
-PK11_SaveContextAlloc;
-PK11_TokenKeyGen;
-SEC_QuickDERDecodeItem;
-SECKEY_CopyPublicKey;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.7 { # NSS 3.7 release
-;+ global:
-CERT_CRLCacheRefreshIssuer;
-CERT_DestroyOCSPResponse;
-CERT_EncodeAltNameExtension;
-CERT_FindCertBySubjectKeyID;
-CERT_FindSubjectKeyIDExtension;
-CERT_GetFirstEmailAddress;
-CERT_GetNextEmailAddress;
-CERT_VerifySignedDataWithPublicKey;
-CERT_VerifySignedDataWithPublicKeyInfo;
-PK11_WaitForTokenEvent;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.7.1 { # NSS 3.7.1 release
-;+ global:
-PK11_TokenRefresh;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.8 { # NSS 3.8 release
-;+ global:
-CERT_IsRootDERCert;
-HASH_GetHashObjectByOidTag;
-HASH_GetHashTypeByOidTag;
-PK11_GetDefaultArray;
-PK11_GetDefaultFlags;
-PK11_GetDisabledReason;
-PK11_UpdateSlotAttribute;
-PK11_UserEnableSlot;
-PK11_UserDisableSlot;
-SECITEM_ItemsAreEqual;
-SECKEY_CreateECPrivateKey;
-SECKEY_PublicKeyStrengthInBits;
-;+ local:
-;+ *;
-;+};
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
deleted file mode 100644
index e6baca71c..000000000
--- a/security/nss/lib/nss/nss.h
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __nss_h_
-#define __nss_h_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * NSS's major version, minor version, patch level, and whether
- * this is a beta release.
- *
- * The format of the version string should be
- * "<major version>.<minor version>[.<patch level>] [<Beta>]"
- */
-#define NSS_VERSION "3.8.1 Beta"
-#define NSS_VMAJOR 3
-#define NSS_VMINOR 8
-#define NSS_VPATCH 1
-#define NSS_BETA PR_TRUE
-
-
-/*
- * Return a boolean that indicates whether the underlying library
- * will perform as the caller expects.
- *
- * The only argument is a string, which should be the verson
- * identifier of the NSS library. That string will be compared
- * against a string that represents the actual build version of
- * the NSS library. It also invokes the version checking functions
- * of the dependent libraries such as NSPR.
- */
-extern PRBool NSS_VersionCheck(const char *importedVersion);
-
-/*
- * Open the Cert, Key, and Security Module databases, read only.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- */
-extern SECStatus NSS_Init(const char *configdir);
-
-/*
- * Open the Cert, Key, and Security Module databases, read/write.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- */
-extern SECStatus NSS_InitReadWrite(const char *configdir);
-
-/*
- * Open the Cert, Key, and Security Module databases, read/write.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- *
- * This allows using application defined prefixes for the cert and key db's
- * and an alternate name for the secmod database. NOTE: In future releases,
- * the database prefixes my not necessarily map to database names.
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * flags - change the open options of NSS_Initialize as follows:
- * NSS_INIT_READONLY - Open the databases read only.
- * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just
- * initialize the volatile certdb.
- * NSS_INIT_NOMODDB - Don't open the security module DB, just
- * initialize the PKCS #11 module.
- * NSS_INIT_FORCEOPEN - Continue to force initializations even if the
- * databases cannot be opened.
- * NSS_INIT_NOROOTINIT - Don't try to look for the root certs module
- * automatically.
- * NSS_INIT_OPTIMIZESPACE - Use smaller tables and caches.
- *
- * Also NOTE: This is not the recommended method for initializing NSS.
- * The prefered method is NSS_init().
- */
-#define NSS_INIT_READONLY 0x1
-#define NSS_INIT_NOCERTDB 0x2
-#define NSS_INIT_NOMODDB 0x4
-#define NSS_INIT_FORCEOPEN 0x8
-#define NSS_INIT_NOROOTINIT 0x10
-#define NSS_INIT_OPTIMIZESPACE 0x20
-
-extern SECStatus NSS_Initialize(const char *configdir,
- const char *certPrefix, const char *keyPrefix,
- const char *secmodName, PRUint32 flags);
-
-/*
- * initialize NSS without a creating cert db's, key db's, or secmod db's.
- */
-SECStatus NSS_NoDB_Init(const char *configdir);
-
-/*
- * Close the Cert, Key databases.
- */
-extern SECStatus NSS_Shutdown(void);
-
-/*
- * set the PKCS #11 strings for the internal token.
- */
-void PK11_ConfigurePKCS11(const char *man, const char *libdes,
- const char *tokdes, const char *ptokdes, const char *slotdes,
- const char *pslotdes, const char *fslotdes, const char *fpslotdes,
- int minPwd, int pwRequired);
-
-/*
- * Dump the contents of the certificate cache and the temporary cert store.
- * Use to detect leaked references of certs at shutdown time.
- */
-void nss_DumpCertificateCacheInfo(void);
-
-SEC_END_PROTOS
-
-#endif /* __nss_h_ */
diff --git a/security/nss/lib/nss/nss.rc b/security/nss/lib/nss/nss.rc
deleted file mode 100644
index 7eb93b8bb..000000000
--- a/security/nss/lib/nss/nss.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "nss"
-#define MY_FILEDESCRIPTION "NSS Base Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
deleted file mode 100644
index b98259859..000000000
--- a/security/nss/lib/nss/nssinit.c
+++ /dev/null
@@ -1,632 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include <ctype.h>
-#include "seccomon.h"
-#include "prinit.h"
-#include "prprf.h"
-#include "prmem.h"
-#include "cert.h"
-#include "key.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "secmod.h"
-#include "secoid.h"
-#include "nss.h"
-#include "secrng.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "nssbase.h"
-
-#include "pki3hack.h"
-#include "certi.h"
-#include "secmodi.h"
-
-/*
- * On Windows nss3.dll needs to export the symbol 'mktemp' to be
- * fully backward compatible with the nss3.dll in NSS 3.2.x and
- * 3.3.x. This symbol was unintentionally exported and its
- * definition (in DBM) was moved from nss3.dll to softokn3.dll
- * in NSS 3.4. See bug 142575.
- */
-#ifdef WIN32_NSS3_DLL_COMPAT
-#include <io.h>
-
-/* exported as 'mktemp' */
-char *
-nss_mktemp(char *path)
-{
- return _mktemp(path);
-}
-#endif
-
-#define NSS_MAX_FLAG_SIZE sizeof("readOnly")+sizeof("noCertDB")+ \
- sizeof("noModDB")+sizeof("forceOpen")+sizeof("passwordRequired")+ \
- sizeof ("optimizeSpace")
-#define NSS_DEFAULT_MOD_NAME "NSS Internal Module"
-#ifdef macintosh
-#define SECMOD_DB "Security Modules"
-#else
-#define SECMOD_DB "secmod.db"
-#endif
-
-static char *
-nss_makeFlags(PRBool readOnly, PRBool noCertDB,
- PRBool noModDB, PRBool forceOpen,
- PRBool passwordRequired, PRBool optimizeSpace)
-{
- char *flags = (char *)PORT_Alloc(NSS_MAX_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,NSS_MAX_FLAG_SIZE);
- if (readOnly) {
- PORT_Strcat(flags,"readOnly");
- first = PR_FALSE;
- }
- if (noCertDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"noCertDB");
- first = PR_FALSE;
- }
- if (noModDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"noModDB");
- first = PR_FALSE;
- }
- if (forceOpen) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"forceOpen");
- first = PR_FALSE;
- }
- if (passwordRequired) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"passwordRequired");
- first = PR_FALSE;
- }
- if (optimizeSpace) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"optimizeSpace");
- first = PR_FALSE;
- }
- return flags;
-}
-
-/*
- * statics to remember the PKCS11_ConfigurePKCS11()
- * info.
- */
-static char * pk11_config_strings = NULL;
-static char * pk11_config_name = NULL;
-static PRBool pk11_password_required = PR_FALSE;
-
-/*
- * this is a legacy configuration function which used to be part of
- * the PKCS #11 internal token.
- */
-void
-PK11_ConfigurePKCS11(const char *man, const char *libdes, const char *tokdes,
- const char *ptokdes, const char *slotdes, const char *pslotdes,
- const char *fslotdes, const char *fpslotdes, int minPwd, int pwRequired)
-{
- char *strings = NULL;
- char *newStrings;
-
- /* make sure the internationalization was done correctly... */
- strings = PR_smprintf("");
- if (strings == NULL) return;
-
- if (man) {
- newStrings = PR_smprintf("%s manufacturerID='%s'",strings,man);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (libdes) {
- newStrings = PR_smprintf("%s libraryDescription='%s'",strings,libdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- if (pk11_config_name != NULL) {
- PORT_Free(pk11_config_name);
- }
- pk11_config_name = PORT_Strdup(libdes);
- }
- if (strings == NULL) return;
-
- if (tokdes) {
- newStrings = PR_smprintf("%s cryptoTokenDescription='%s'",strings,
- tokdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (ptokdes) {
- newStrings = PR_smprintf("%s dbTokenDescription='%s'",strings,ptokdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (slotdes) {
- newStrings = PR_smprintf("%s cryptoSlotDescription='%s'",strings,
- slotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (pslotdes) {
- newStrings = PR_smprintf("%s dbSlotDescription='%s'",strings,pslotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (fslotdes) {
- newStrings = PR_smprintf("%s FIPSSlotDescription='%s'",
- strings,fslotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (fpslotdes) {
- newStrings = PR_smprintf("%s FIPSTokenDescription='%s'",
- strings,fpslotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- newStrings = PR_smprintf("%s minPS=%d", strings, minPwd);
- PR_smprintf_free(strings);
- strings = newStrings;
- if (strings == NULL) return;
-
- if (pk11_config_strings != NULL) {
- PR_smprintf_free(pk11_config_strings);
- }
- pk11_config_strings = strings;
- pk11_password_required = pwRequired;
-
- return;
-}
-
-static char *
-nss_addEscape(const char *string, char quote)
-{
- char *newString = 0;
- int escapes = 0, size = 0;
- const char *src;
- char *dest;
-
- for (src=string; *src ; src++) {
- if ((*src == quote) || (*src == '\\')) escapes++;
- size++;
- }
-
- newString = PORT_ZAlloc(escapes+size+1);
- if (newString == NULL) {
- return NULL;
- }
-
- for (src=string, dest=newString; *src; src++,dest++) {
- if ((*src == '\\') || (*src == quote)) {
- *dest++ = '\\';
- }
- *dest = *src;
- }
-
- return newString;
-}
-
-static char *
-nss_doubleEscape(const char *string)
-{
- char *round1 = NULL;
- char *retValue = NULL;
- if (string == NULL) {
- goto done;
- }
- round1 = nss_addEscape(string,'\'');
- if (round1) {
- retValue = nss_addEscape(round1,'"');
- PORT_Free(round1);
- }
-
-done:
- if (retValue == NULL) {
- retValue = PORT_Strdup("");
- }
- return retValue;
-}
-
-
-#ifndef XP_MAC
-/*
- * The following code is an attempt to automagically find the external root
- * module. NOTE: This code should be checked out on the MAC! There must be
- * some cross platform support out there to help out with this?
- * Note: Keep the #if-defined chunks in order. HPUX must select before UNIX.
- */
-
-static const char *dllname =
-#if defined(XP_WIN32) || defined(XP_OS2)
- "nssckbi.dll";
-#elif defined(HPUX)
- "libnssckbi.sl";
-#elif defined(DARWIN)
- "libnssckbi.dylib";
-#elif defined(XP_UNIX) || defined(XP_BEOS)
- "libnssckbi.so";
-#elif defined(XP_MAC)
- "NSS Builtin Root Certs";
-#else
- #error "Uh! Oh! I don't know about this platform."
-#endif
-
-/* Should we have platform ifdefs here??? */
-#define FILE_SEP '/'
-
-static void nss_FindExternalRootPaths(const char *dbpath, const char* secmodprefix,
- char** retoldpath, char** retnewpath)
-{
- char *path, *oldpath = NULL, *lastsep;
- int len, path_len, secmod_len, dll_len;
-
- path_len = PORT_Strlen(dbpath);
- secmod_len = PORT_Strlen(secmodprefix);
- dll_len = PORT_Strlen(dllname);
- len = path_len + secmod_len + dll_len + 2; /* FILE_SEP + NULL */
-
- path = PORT_Alloc(len);
- if (path == NULL) return;
-
- /* back up to the top of the directory */
- PORT_Memcpy(path,dbpath,path_len);
- if (path[path_len-1] != FILE_SEP) {
- path[path_len++] = FILE_SEP;
- }
- PORT_Strcpy(&path[path_len],dllname);
- if (secmodprefix) {
- lastsep = PORT_Strrchr(secmodprefix, FILE_SEP);
- if (lastsep) {
- int secmoddir_len = lastsep-secmodprefix+1; /* FILE_SEP */
- oldpath = PORT_Alloc(len);
- if (oldpath == NULL) {
- PORT_Free(path);
- return;
- }
- PORT_Memcpy(oldpath,path,path_len);
- PORT_Memcpy(&oldpath[path_len],secmodprefix,secmoddir_len);
- PORT_Strcpy(&oldpath[path_len+secmoddir_len],dllname);
- }
- }
- *retoldpath = oldpath;
- *retnewpath = path;
- return;
-}
-
-static void nss_FreeExternalRootPaths(char* oldpath, char* path)
-{
- if (path) {
- PORT_Free(path);
- }
- if (oldpath) {
- PORT_Free(oldpath);
- }
-}
-
-static void
-nss_FindExternalRoot(const char *dbpath, const char* secmodprefix)
-{
- char *path = NULL;
- char *oldpath = NULL;
- PRBool hasrootcerts = PR_FALSE;
-
- /*
- * 'oldpath' is the external root path in NSS 3.3.x or older.
- * For backward compatibility we try to load the root certs
- * module with the old path first.
- */
- nss_FindExternalRootPaths(dbpath, secmodprefix, &oldpath, &path);
- if (oldpath) {
- (void) SECMOD_AddNewModule("Root Certs",oldpath, 0, 0);
- hasrootcerts = SECMOD_HasRootCerts();
- }
- if (path && !hasrootcerts) {
- (void) SECMOD_AddNewModule("Root Certs",path, 0, 0);
- }
- nss_FreeExternalRootPaths(oldpath, path);
- return;
-}
-#endif
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- * Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- * PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * be opened.
- */
-
-static PRBool nss_IsInitted = PR_FALSE;
-
-extern SECStatus secoid_Init(void);
-
-static SECStatus
-nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
- const char *secmodName, PRBool readOnly, PRBool noCertDB,
- PRBool noModDB, PRBool forceOpen, PRBool noRootInit,
- PRBool optimizeSpace)
-{
- char *moduleSpec = NULL;
- char *flags = NULL;
- SECStatus rv = SECFailure;
- char *lconfigdir = NULL;
- char *lcertPrefix = NULL;
- char *lkeyPrefix = NULL;
- char *lsecmodName = NULL;
-
- if (nss_IsInitted) {
- return SECSuccess;
- }
-
- if (SECSuccess != InitCRLCache()) {
- return SECFailure;
- }
-
- flags = nss_makeFlags(readOnly,noCertDB,noModDB,forceOpen,
- pk11_password_required, optimizeSpace);
- if (flags == NULL) return rv;
-
- /*
- * configdir is double nested, and Windows uses the same character
- * for file seps as we use for escapes! (sigh).
- */
- lconfigdir = nss_doubleEscape(configdir);
- if (lconfigdir == NULL) {
- goto loser;
- }
- lcertPrefix = nss_doubleEscape(certPrefix);
- if (lcertPrefix == NULL) {
- goto loser;
- }
- lkeyPrefix = nss_doubleEscape(keyPrefix);
- if (lkeyPrefix == NULL) {
- goto loser;
- }
- lsecmodName = nss_doubleEscape(secmodName);
- if (lsecmodName == NULL) {
- goto loser;
- }
-
- moduleSpec = PR_smprintf("name=\"%s\" parameters=\"configdir='%s' certPrefix='%s' keyPrefix='%s' secmod='%s' flags=%s %s\" NSS=\"flags=internal,moduleDB,moduleDBOnly,critical\"",
- pk11_config_name ? pk11_config_name : NSS_DEFAULT_MOD_NAME,
- lconfigdir,lcertPrefix,lkeyPrefix,lsecmodName,flags,
- pk11_config_strings ? pk11_config_strings : "");
-
-loser:
- PORT_Free(flags);
- if (lconfigdir) PORT_Free(lconfigdir);
- if (lcertPrefix) PORT_Free(lcertPrefix);
- if (lkeyPrefix) PORT_Free(lkeyPrefix);
- if (lsecmodName) PORT_Free(lsecmodName);
-
- if (moduleSpec) {
- SECMODModule *module = SECMOD_LoadModule(moduleSpec,NULL,PR_TRUE);
- PR_smprintf_free(moduleSpec);
- if (module) {
- if (module->loaded) rv=SECSuccess;
- SECMOD_DestroyModule(module);
- }
- }
-
- if (rv == SECSuccess) {
- if (secoid_Init() != SECSuccess) {
- return SECFailure;
- }
- if (STAN_LoadDefaultNSS3TrustDomain() != PR_SUCCESS) {
- return SECFailure;
- }
- CERT_SetDefaultCertDB((CERTCertDBHandle *)
- STAN_GetDefaultTrustDomain());
-#ifndef XP_MAC
- /* only servers need this. We currently do not have a mac server */
- if ((!noModDB) && (!noCertDB) && (!noRootInit)) {
- if (!SECMOD_HasRootCerts()) {
- nss_FindExternalRoot(configdir, secmodName);
- }
- }
-#endif
- pk11sdr_Init();
- cert_CreateSubjectKeyIDHashTable();
- nss_IsInitted = PR_TRUE;
- }
- return rv;
-}
-
-
-SECStatus
-NSS_Init(const char *configdir)
-{
- return nss_Init(configdir, "", "", SECMOD_DB, PR_TRUE,
- PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE, PR_TRUE);
-}
-
-SECStatus
-NSS_InitReadWrite(const char *configdir)
-{
- return nss_Init(configdir, "", "", SECMOD_DB, PR_FALSE,
- PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE, PR_TRUE);
-}
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * flags - change the open options of NSS_Initialize as follows:
- * NSS_INIT_READONLY - Open the databases read only.
- * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just
- * initialize the volatile certdb.
- * NSS_INIT_NOMODDB - Don't open the security module DB, just
- * initialize the PKCS #11 module.
- * NSS_INIT_FORCEOPEN - Continue to force initializations even if the
- * databases cannot be opened.
- */
-SECStatus
-NSS_Initialize(const char *configdir, const char *certPrefix,
- const char *keyPrefix, const char *secmodName, PRUint32 flags)
-{
- return nss_Init(configdir, certPrefix, keyPrefix, secmodName,
- ((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
- ((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
- ((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
- ((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN),
- ((flags & NSS_INIT_NOROOTINIT) == NSS_INIT_NOROOTINIT),
- ((flags & NSS_INIT_OPTIMIZESPACE) == NSS_INIT_OPTIMIZESPACE));
-}
-
-/*
- * initialize NSS without a creating cert db's, key db's, or secmod db's.
- */
-SECStatus
-NSS_NoDB_Init(const char * configdir)
-{
- return nss_Init("","","","",
- PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE);
-}
-
-extern const NSSError NSS_ERROR_BUSY;
-
-SECStatus
-NSS_Shutdown(void)
-{
- SECStatus rv;
- PRStatus status;
-
- ShutdownCRLCache();
- SECOID_Shutdown();
- status = STAN_Shutdown();
- cert_DestroySubjectKeyIDHashTable();
- rv = SECMOD_Shutdown();
- pk11sdr_Shutdown();
- if (status == PR_FAILURE) {
- if (NSS_GetError() == NSS_ERROR_BUSY) {
- PORT_SetError(SEC_ERROR_BUSY);
- }
- rv = SECFailure;
- }
- nss_IsInitted = PR_FALSE;
- return rv;
-}
-
-
-
-extern const char __nss_base_rcsid[];
-extern const char __nss_base_sccsid[];
-
-PRBool
-NSS_VersionCheck(const char *importedVersion)
-{
- /*
- * This is the secret handshake algorithm.
- *
- * This release has a simple version compatibility
- * check algorithm. This release is not backward
- * compatible with previous major releases. It is
- * not compatible with future major, minor, or
- * patch releases.
- */
- int vmajor = 0, vminor = 0, vpatch = 0;
- const char *ptr = importedVersion;
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_base_rcsid[0] + __nss_base_sccsid[0];
-
- while (isdigit(*ptr)) {
- vmajor = 10 * vmajor + *ptr - '0';
- ptr++;
- }
- if (*ptr == '.') {
- ptr++;
- while (isdigit(*ptr)) {
- vminor = 10 * vminor + *ptr - '0';
- ptr++;
- }
- if (*ptr == '.') {
- ptr++;
- while (isdigit(*ptr)) {
- vpatch = 10 * vpatch + *ptr - '0';
- ptr++;
- }
- }
- }
-
- if (vmajor != NSS_VMAJOR) {
- return PR_FALSE;
- }
- if (vmajor == NSS_VMAJOR && vminor > NSS_VMINOR) {
- return PR_FALSE;
- }
- if (vmajor == NSS_VMAJOR && vminor == NSS_VMINOR && vpatch > NSS_VPATCH) {
- return PR_FALSE;
- }
- /* Check dependent libraries */
- if (PR_VersionCheck(PR_VERSION) == PR_FALSE) {
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-
diff --git a/security/nss/lib/nss/nssrenam.h b/security/nss/lib/nss/nssrenam.h
deleted file mode 100644
index 7791173f5..000000000
--- a/security/nss/lib/nss/nssrenam.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __nssrenam_h_
-#define __nssrenam_h_
-
-#define CERT_NewTempCertificate __CERT_NewTempCertificate
-#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey
-#define PK11_GetKeyData __PK11_GetKeyData
-#define nss_InitLock __nss_InitLock
-#define CERT_ClosePermCertDB __CERT_ClosePermCertDB
-#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate
-#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname
-#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject
-#define PBE_CreateContext __PBE_CreateContext
-#define PBE_DestroyContext __PBE_DestroyContext
-#define PBE_GenerateBits __PBE_GenerateBits
-
-#endif /* __nssrenam_h_ */
diff --git a/security/nss/lib/nss/nssver.c b/security/nss/lib/nss/nssver.c
deleted file mode 100644
index 463a77b6b..000000000
--- a/security/nss/lib/nss/nssver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_base_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_base_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/pk11wrap/Makefile b/security/nss/lib/pk11wrap/Makefile
deleted file mode 100644
index a84456e7d..000000000
--- a/security/nss/lib/pk11wrap/Makefile
+++ /dev/null
@@ -1,88 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pk11slot.c in 64-bit mode for unknown reasons. A workaround is
-# to compile it with optimizations turned on. (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pk11slot.o: pk11slot.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
diff --git a/security/nss/lib/pk11wrap/config.mk b/security/nss/lib/pk11wrap/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/pk11wrap/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/pk11wrap/debug_module.c b/security/nss/lib/pk11wrap/debug_module.c
deleted file mode 100644
index 34cd54384..000000000
--- a/security/nss/lib/pk11wrap/debug_module.c
+++ /dev/null
@@ -1,2209 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "prlog.h"
-#include <stdio.h>
-
-static PRLogModuleInfo *modlog = NULL;
-
-static CK_FUNCTION_LIST_PTR module_functions;
-
-static CK_FUNCTION_LIST debug_functions;
-
-static void print_final_statistics(void);
-
-/* The AIX 64-bit compiler chokes on large switch statements (see
- * bug #63815). I tried the trick recommended there, using -O2 in
- * debug builds, and it didn't work. Instead, I'll suppress some of
- * the verbose output and just dump values.
- */
-
-static void get_attr_type_str(CK_ATTRIBUTE_TYPE atype, char *str, int len)
-{
-#define SETA(attr) \
- PR_snprintf(str, len, "%s", attr); break;
- switch (atype) {
-#ifndef AIX_64BIT
- case CKA_CLASS: SETA("CKA_CLASS");
- case CKA_TOKEN: SETA("CKA_TOKEN");
- case CKA_PRIVATE: SETA("CKA_PRIVATE");
- case CKA_LABEL: SETA("CKA_LABEL");
- case CKA_APPLICATION: SETA("CKA_APPLICATION");
- case CKA_VALUE: SETA("CKA_VALUE");
- case CKA_OBJECT_ID: SETA("CKA_OBJECT_ID");
- case CKA_CERTIFICATE_TYPE: SETA("CKA_CERTIFICATE_TYPE");
- case CKA_ISSUER: SETA("CKA_ISSUER");
- case CKA_SERIAL_NUMBER: SETA("CKA_SERIAL_NUMBER");
- case CKA_AC_ISSUER: SETA("CKA_AC_ISSUER");
- case CKA_OWNER: SETA("CKA_OWNER");
- case CKA_ATTR_TYPES: SETA("CKA_ATTR_TYPES");
- case CKA_TRUSTED: SETA("CKA_TRUSTED");
- case CKA_KEY_TYPE: SETA("CKA_KEY_TYPE");
- case CKA_SUBJECT: SETA("CKA_SUBJECT");
- case CKA_ID: SETA("CKA_ID");
- case CKA_SENSITIVE: SETA("CKA_SENSITIVE");
- case CKA_ENCRYPT: SETA("CKA_ENCRYPT");
- case CKA_DECRYPT: SETA("CKA_DECRYPT");
- case CKA_WRAP: SETA("CKA_WRAP");
- case CKA_UNWRAP: SETA("CKA_UNWRAP");
- case CKA_SIGN: SETA("CKA_SIGN");
- case CKA_SIGN_RECOVER: SETA("CKA_SIGN_RECOVER");
- case CKA_VERIFY: SETA("CKA_VERIFY");
- case CKA_VERIFY_RECOVER: SETA("CKA_VERIFY_RECOVER");
- case CKA_DERIVE: SETA("CKA_DERIVE");
- case CKA_START_DATE: SETA("CKA_START_DATE");
- case CKA_END_DATE: SETA("CKA_END_DATE");
- case CKA_MODULUS: SETA("CKA_MODULUS");
- case CKA_MODULUS_BITS: SETA("CKA_MODULUS_BITS");
- case CKA_PUBLIC_EXPONENT: SETA("CKA_PUBLIC_EXPONENT");
- case CKA_PRIVATE_EXPONENT: SETA("CKA_PRIVATE_EXPONENT");
- case CKA_PRIME_1: SETA("CKA_PRIME_1");
- case CKA_PRIME_2: SETA("CKA_PRIME_2");
- case CKA_EXPONENT_1: SETA("CKA_EXPONENT_1");
- case CKA_EXPONENT_2: SETA("CKA_EXPONENT_2");
- case CKA_COEFFICIENT: SETA("CKA_COEFFICIENT");
- case CKA_PRIME: SETA("CKA_PRIME");
- case CKA_SUBPRIME: SETA("CKA_SUBPRIME");
- case CKA_BASE: SETA("CKA_BASE");
- case CKA_PRIME_BITS: SETA("CKA_PRIME_BITS");
- case CKA_SUB_PRIME_BITS: SETA("CKA_SUB_PRIME_BITS");
- case CKA_VALUE_BITS: SETA("CKA_VALUE_BITS");
- case CKA_VALUE_LEN: SETA("CKA_VALUE_LEN");
- case CKA_EXTRACTABLE: SETA("CKA_EXTRACTABLE");
- case CKA_LOCAL: SETA("CKA_LOCAL");
- case CKA_NEVER_EXTRACTABLE: SETA("CKA_NEVER_EXTRACTABLE");
- case CKA_ALWAYS_SENSITIVE: SETA("CKA_ALWAYS_SENSITIVE");
- case CKA_KEY_GEN_MECHANISM: SETA("CKA_KEY_GEN_MECHANISM");
- case CKA_MODIFIABLE: SETA("CKA_MODIFIABLE");
- case CKA_ECDSA_PARAMS: SETA("CKA_ECDSA_PARAMS");
- case CKA_EC_POINT: SETA("CKA_EC_POINT");
- case CKA_SECONDARY_AUTH: SETA("CKA_SECONDARY_AUTH");
- case CKA_AUTH_PIN_FLAGS: SETA("CKA_AUTH_PIN_FLAGS");
- case CKA_HW_FEATURE_TYPE: SETA("CKA_HW_FEATURE_TYPE");
- case CKA_RESET_ON_INIT: SETA("CKA_RESET_ON_INIT");
- case CKA_HAS_RESET: SETA("CKA_HAS_RESET");
- case CKA_VENDOR_DEFINED: SETA("CKA_VENDOR_DEFINED");
- case CKA_NETSCAPE_URL: SETA("CKA_NETSCAPE_URL");
- case CKA_NETSCAPE_EMAIL: SETA("CKA_NETSCAPE_EMAIL");
- case CKA_NETSCAPE_SMIME_INFO: SETA("CKA_NETSCAPE_SMIME_INFO");
- case CKA_NETSCAPE_SMIME_TIMESTAMP: SETA("CKA_NETSCAPE_SMIME_TIMESTAMP");
- case CKA_NETSCAPE_PKCS8_SALT: SETA("CKA_NETSCAPE_PKCS8_SALT");
- case CKA_NETSCAPE_PASSWORD_CHECK: SETA("CKA_NETSCAPE_PASSWORD_CHECK");
- case CKA_NETSCAPE_EXPIRES: SETA("CKA_NETSCAPE_EXPIRES");
- case CKA_NETSCAPE_KRL: SETA("CKA_NETSCAPE_KRL");
- case CKA_NETSCAPE_PQG_COUNTER: SETA("CKA_NETSCAPE_PQG_COUNTER");
- case CKA_NETSCAPE_PQG_SEED: SETA("CKA_NETSCAPE_PQG_SEED");
- case CKA_NETSCAPE_PQG_H: SETA("CKA_NETSCAPE_PQG_H");
- case CKA_NETSCAPE_PQG_SEED_BITS: SETA("CKA_NETSCAPE_PQG_SEED_BITS");
- case CKA_TRUST: SETA("CKA_TRUST");
- case CKA_TRUST_DIGITAL_SIGNATURE: SETA("CKA_TRUST_DIGITAL_SIGNATURE");
- case CKA_TRUST_NON_REPUDIATION: SETA("CKA_TRUST_NON_REPUDIATION");
- case CKA_TRUST_KEY_ENCIPHERMENT: SETA("CKA_TRUST_KEY_ENCIPHERMENT");
- case CKA_TRUST_DATA_ENCIPHERMENT: SETA("CKA_TRUST_DATA_ENCIPHERMENT");
- case CKA_TRUST_KEY_AGREEMENT: SETA("CKA_TRUST_KEY_AGREEMENT");
- case CKA_TRUST_KEY_CERT_SIGN: SETA("CKA_TRUST_KEY_CERT_SIGN");
- case CKA_TRUST_CRL_SIGN: SETA("CKA_TRUST_CRL_SIGN");
- case CKA_TRUST_SERVER_AUTH: SETA("CKA_TRUST_SERVER_AUTH");
- case CKA_TRUST_CLIENT_AUTH: SETA("CKA_TRUST_CLIENT_AUTH");
- case CKA_TRUST_CODE_SIGNING: SETA("CKA_TRUST_CODE_SIGNING");
- case CKA_TRUST_EMAIL_PROTECTION: SETA("CKA_TRUST_EMAIL_PROTECTION");
- case CKA_TRUST_IPSEC_END_SYSTEM: SETA("CKA_TRUST_IPSEC_END_SYSTEM");
- case CKA_TRUST_IPSEC_TUNNEL: SETA("CKA_TRUST_IPSEC_TUNNEL");
- case CKA_TRUST_IPSEC_USER: SETA("CKA_TRUST_IPSEC_USER");
- case CKA_TRUST_TIME_STAMPING: SETA("CKA_TRUST_TIME_STAMPING");
- case CKA_CERT_SHA1_HASH: SETA("CKA_CERT_SHA1_HASH");
- case CKA_CERT_MD5_HASH: SETA("CKA_CERT_MD5_HASH");
- case CKA_NETSCAPE_DB: SETA("CKA_NETSCAPE_DB");
- case CKA_NETSCAPE_TRUST: SETA("CKA_NETSCAPE_TRUST");
-#endif
- default: PR_snprintf(str, len, "0x%p", atype); break;
- }
-}
-
-static void get_obj_class(CK_OBJECT_CLASS class, char *str, int len)
-{
-#define SETO(objc) \
- PR_snprintf(str, len, "%s", objc); break;
- switch (class) {
-#ifndef AIX_64BIT
- case CKO_DATA: SETO("CKO_DATA");
- case CKO_CERTIFICATE: SETO("CKO_CERTIFICATE");
- case CKO_PUBLIC_KEY: SETO("CKO_PUBLIC_KEY");
- case CKO_PRIVATE_KEY: SETO("CKO_PRIVATE_KEY");
- case CKO_SECRET_KEY: SETO("CKO_SECRET_KEY");
- case CKO_HW_FEATURE: SETO("CKO_HW_FEATURE");
- case CKO_DOMAIN_PARAMETERS: SETO("CKO_DOMAIN_PARAMETERS");
- case CKO_NETSCAPE_CRL: SETO("CKO_NETSCAPE_CRL");
- case CKO_NETSCAPE_SMIME: SETO("CKO_NETSCAPE_SMIME");
- case CKO_NETSCAPE_TRUST: SETO("CKO_NETSCAPE_TRUST");
- case CKO_NETSCAPE_BUILTIN_ROOT_LIST: SETO("CKO_NETSCAPE_BUILTIN_ROOT_LIST");
-#endif
- default: PR_snprintf(str, len, "0x%p", class); break;
- }
-}
-
-static void get_trust_val(CK_TRUST trust, char *str, int len)
-{
-#define SETT(objc) \
- PR_snprintf(str, len, "%s", objc); break;
- switch (trust) {
-#ifndef AIX_64BIT
- case CKT_NETSCAPE_TRUSTED: SETT("CKT_NETSCAPE_TRUSTED");
- case CKT_NETSCAPE_TRUSTED_DELEGATOR: SETT("CKT_NETSCAPE_TRUSTED_DELEGATOR");
- case CKT_NETSCAPE_UNTRUSTED: SETT("CKT_NETSCAPE_UNTRUSTED");
- case CKT_NETSCAPE_MUST_VERIFY: SETT("CKT_NETSCAPE_MUST_VERIFY");
- case CKT_NETSCAPE_TRUST_UNKNOWN: SETT("CKT_NETSCAPE_TRUST_UNKNOWN");
- case CKT_NETSCAPE_VALID: SETT("CKT_NETSCAPE_VALID");
- case CKT_NETSCAPE_VALID_DELEGATOR: SETT("CKT_NETSCAPE_VALID_DELEGATOR");
-#endif
- default: PR_snprintf(str, len, "0x%p", trust); break;
- }
-}
-
-static void print_attr_value(CK_ATTRIBUTE_PTR attr)
-{
- char atype[48];
- char valstr[48];
- int len;
- get_attr_type_str(attr->type, atype, sizeof atype);
- switch (attr->type) {
- case CKA_TOKEN:
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_WRAP:
- case CKA_UNWRAP:
- case CKA_SIGN:
- case CKA_SIGN_RECOVER:
- case CKA_VERIFY:
- case CKA_VERIFY_RECOVER:
- case CKA_DERIVE:
- case CKA_EXTRACTABLE:
- case CKA_LOCAL:
- case CKA_NEVER_EXTRACTABLE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_MODIFIABLE:
- if (attr->ulValueLen > 0 && attr->pValue) {
- CK_BBOOL tf = *((CK_BBOOL *)attr->pValue);
- len = sizeof(valstr);
- PR_snprintf(valstr, len, "%s", tf ? "CK_TRUE" : "CK_FALSE");
- PR_LOG(modlog, 4, (" %s = %s [%d]",
- atype, valstr, attr->ulValueLen));
- break;
- }
- case CKA_CLASS:
- if (attr->ulValueLen > 0 && attr->pValue) {
- CK_OBJECT_CLASS class = *((CK_OBJECT_CLASS *)attr->pValue);
- get_obj_class(class, valstr, sizeof valstr);
- PR_LOG(modlog, 4, (" %s = %s [%d]",
- atype, valstr, attr->ulValueLen));
- break;
- }
- case CKA_TRUST_SERVER_AUTH:
- case CKA_TRUST_CLIENT_AUTH:
- case CKA_TRUST_CODE_SIGNING:
- case CKA_TRUST_EMAIL_PROTECTION:
- if (attr->ulValueLen > 0 && attr->pValue) {
- CK_TRUST trust = *((CK_TRUST *)attr->pValue);
- get_trust_val(trust, valstr, sizeof valstr);
- PR_LOG(modlog, 4, (" %s = %s [%d]",
- atype, valstr, attr->ulValueLen));
- break;
- }
- case CKA_LABEL:
- case CKA_NETSCAPE_EMAIL:
- case CKA_NETSCAPE_URL:
- if (attr->ulValueLen > 0 && attr->pValue) {
- len = PR_MIN(attr->ulValueLen + 1, sizeof valstr);
- PR_snprintf(valstr, len, "%s", attr->pValue);
- PR_LOG(modlog, 4, (" %s = %s [%d]",
- atype, valstr, attr->ulValueLen));
- break;
- }
- default:
- PR_LOG(modlog, 4, (" %s = 0x%p [%d]",
- atype, attr->pValue, attr->ulValueLen));
- break;
- }
-}
-
-static void print_template(CK_ATTRIBUTE_PTR templ, CK_ULONG tlen)
-{
- CK_ULONG i;
- for (i=0; i<tlen; i++) {
- print_attr_value(&templ[i]);
- }
-}
-
-static void print_mechanism(CK_MECHANISM_PTR m)
-{
- PR_LOG(modlog, 4, (" mechanism = 0x%p", m->mechanism));
-}
-
-struct nssdbg_prof_str {
- PRUint32 time;
- PRUint32 calls;
- char *function;
-};
-
-#define NSSDBG_DEFINE(func) { 0, 0, #func }
-
-struct nssdbg_prof_str nssdbg_prof_data[] = {
-#define FUNC_C_INITIALIZE 0
- NSSDBG_DEFINE(C_Initialize),
-#define FUNC_C_FINALIZE 1
- NSSDBG_DEFINE(C_Finalize),
-#define FUNC_C_GETINFO 2
- NSSDBG_DEFINE(C_GetInfo),
-#define FUNC_C_GETFUNCITONLIST 3
- NSSDBG_DEFINE(C_GetFunctionList),
-#define FUNC_C_GETSLOTLIST 4
- NSSDBG_DEFINE(C_GetSlotList),
-#define FUNC_C_GETSLOTINFO 5
- NSSDBG_DEFINE(C_GetSlotInfo),
-#define FUNC_C_GETTOKENINFO 6
- NSSDBG_DEFINE(C_GetTokenInfo),
-#define FUNC_C_GETMECHANISMLIST 7
- NSSDBG_DEFINE(C_GetMechanismList),
-#define FUNC_C_GETMECHANISMINFO 8
- NSSDBG_DEFINE(C_GetMechanismInfo),
-#define FUNC_C_INITTOKEN 9
- NSSDBG_DEFINE(C_InitToken),
-#define FUNC_C_INITPIN 10
- NSSDBG_DEFINE(C_InitPIN),
-#define FUNC_C_SETPIN 11
- NSSDBG_DEFINE(C_SetPIN),
-#define FUNC_C_OPENSESSION 12
- NSSDBG_DEFINE(C_OpenSession),
-#define FUNC_C_CLOSESESSION 13
- NSSDBG_DEFINE(C_CloseSession),
-#define FUNC_C_CLOSEALLSESSIONS 14
- NSSDBG_DEFINE(C_CloseAllSessions),
-#define FUNC_C_GETSESSIONINFO 15
- NSSDBG_DEFINE(C_GetSessionInfo),
-#define FUNC_C_GETOPERATIONSTATE 16
- NSSDBG_DEFINE(C_GetOperationState),
-#define FUNC_C_SETOPERATIONSTATE 17
- NSSDBG_DEFINE(C_SetOperationState),
-#define FUNC_C_LOGIN 18
- NSSDBG_DEFINE(C_Login),
-#define FUNC_C_LOGOUT 19
- NSSDBG_DEFINE(C_Logout),
-#define FUNC_C_CREATEOBJECT 20
- NSSDBG_DEFINE(C_CreateObject),
-#define FUNC_C_COPYOBJECT 21
- NSSDBG_DEFINE(C_CopyObject),
-#define FUNC_C_DESTROYOBJECT 22
- NSSDBG_DEFINE(C_DestroyObject),
-#define FUNC_C_GETOBJECTSIZE 23
- NSSDBG_DEFINE(C_GetObjectSize),
-#define FUNC_C_GETATTRIBUTEVALUE 24
- NSSDBG_DEFINE(C_GetAttributeValue),
-#define FUNC_C_SETATTRIBUTEVALUE 25
- NSSDBG_DEFINE(C_SetAttributeValue),
-#define FUNC_C_FINDOBJECTSINIT 26
- NSSDBG_DEFINE(C_FindObjectsInit),
-#define FUNC_C_FINDOBJECTS 27
- NSSDBG_DEFINE(C_FindObjects),
-#define FUNC_C_FINDOBJECTSFINAL 28
- NSSDBG_DEFINE(C_FindObjectsFinal),
-#define FUNC_C_ENCRYPTINIT 29
- NSSDBG_DEFINE(C_EncryptInit),
-#define FUNC_C_ENCRYPT 30
- NSSDBG_DEFINE(C_Encrypt),
-#define FUNC_C_ENCRYPTUPDATE 31
- NSSDBG_DEFINE(C_EncryptUpdate),
-#define FUNC_C_ENCRYPTFINAL 32
- NSSDBG_DEFINE(C_EncryptFinal),
-#define FUNC_C_DECRYPTINIT 33
- NSSDBG_DEFINE(C_DecryptInit),
-#define FUNC_C_DECRYPT 34
- NSSDBG_DEFINE(C_Decrypt),
-#define FUNC_C_DECRYPTUPDATE 35
- NSSDBG_DEFINE(C_DecryptUpdate),
-#define FUNC_C_DECRYPTFINAL 36
- NSSDBG_DEFINE(C_DecryptFinal),
-#define FUNC_C_DIGESTINIT 37
- NSSDBG_DEFINE(C_DigestInit),
-#define FUNC_C_DIGEST 38
- NSSDBG_DEFINE(C_Digest),
-#define FUNC_C_DIGESTUPDATE 39
- NSSDBG_DEFINE(C_DigestUpdate),
-#define FUNC_C_DIGESTKEY 40
- NSSDBG_DEFINE(C_DigestKey),
-#define FUNC_C_DIGESTFINAL 41
- NSSDBG_DEFINE(C_DigestFinal),
-#define FUNC_C_SIGNINIT 42
- NSSDBG_DEFINE(C_SignInit),
-#define FUNC_C_SIGN 43
- NSSDBG_DEFINE(C_Sign),
-#define FUNC_C_SIGNUPDATE 44
- NSSDBG_DEFINE(C_SignUpdate),
-#define FUNC_C_SIGNFINAL 45
- NSSDBG_DEFINE(C_SignFinal),
-#define FUNC_C_SIGNRECOVERINIT 46
- NSSDBG_DEFINE(C_SignRecoverInit),
-#define FUNC_C_SIGNRECOVER 47
- NSSDBG_DEFINE(C_SignRecover),
-#define FUNC_C_VERIFYINIT 48
- NSSDBG_DEFINE(C_VerifyInit),
-#define FUNC_C_VERIFY 49
- NSSDBG_DEFINE(C_Verify),
-#define FUNC_C_VERIFYUPDATE 50
- NSSDBG_DEFINE(C_VerifyUpdate),
-#define FUNC_C_VERIFYFINAL 51
- NSSDBG_DEFINE(C_VerifyFinal),
-#define FUNC_C_VERIFYRECOVERINIT 52
- NSSDBG_DEFINE(C_VerifyRecoverInit),
-#define FUNC_C_VERIFYRECOVER 53
- NSSDBG_DEFINE(C_VerifyRecover),
-#define FUNC_C_DIGESTENCRYPTUPDATE 54
- NSSDBG_DEFINE(C_DigestEncryptUpdate),
-#define FUNC_C_DECRYPTDIGESTUPDATE 55
- NSSDBG_DEFINE(C_DecryptDigestUpdate),
-#define FUNC_C_SIGNENCRYPTUPDATE 56
- NSSDBG_DEFINE(C_SignEncryptUpdate),
-#define FUNC_C_DECRYPTVERIFYUPDATE 57
- NSSDBG_DEFINE(C_DecryptVerifyUpdate),
-#define FUNC_C_GENERATEKEY 58
- NSSDBG_DEFINE(C_GenerateKey),
-#define FUNC_C_GENERATEKEYPAIR 59
- NSSDBG_DEFINE(C_GenerateKeyPair),
-#define FUNC_C_WRAPKEY 60
- NSSDBG_DEFINE(C_WrapKey),
-#define FUNC_C_UNWRAPKEY 61
- NSSDBG_DEFINE(C_UnWrapKey),
-#define FUNC_C_DERIVEKEY 62
- NSSDBG_DEFINE(C_DeriveKey),
-#define FUNC_C_SEEDRANDOM 63
- NSSDBG_DEFINE(C_SeedRandom),
-#define FUNC_C_GENERATERANDOM 64
- NSSDBG_DEFINE(C_GenerateRandom),
-#define FUNC_C_GETFUNCTIONSTATUS 65
- NSSDBG_DEFINE(C_GetFunctionStatus),
-#define FUNC_C_CANCELFUNCTION 66
- NSSDBG_DEFINE(C_CancelFunction),
-#define FUNC_C_WAITFORSLOTEVENT 67
- NSSDBG_DEFINE(C_WaitForSlotEvent)
-};
-
-int nssdbg_prof_size = sizeof(nssdbg_prof_data)/sizeof(nssdbg_prof_data[0]);
-
-
-static void nssdbg_finish_time(PRInt32 fun_number, PRIntervalTime start)
-{
- PRIntervalTime ival;
- PRIntervalTime end = PR_IntervalNow();
-
- ival = end-start;
- /* sigh, lie to PRAtomic add and say we are using signed values */
- PR_AtomicAdd((PRInt32 *)&nssdbg_prof_data[fun_number].time, (PRInt32)ival);
-}
-
-static void nssdbg_start_time(PRInt32 fun_number, PRIntervalTime *start)
-{
- PR_AtomicIncrement((PRInt32 *)&nssdbg_prof_data[fun_number].calls);
- *start = PR_IntervalNow();
-}
-
-CK_RV NSSDBGC_Initialize(
- CK_VOID_PTR pInitArgs
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Initialize"));
- PR_LOG(modlog, 3, (" pInitArgs = 0x%p", pInitArgs));
- nssdbg_start_time(FUNC_C_INITIALIZE,&start);
- rv = module_functions->C_Initialize(pInitArgs);
- nssdbg_finish_time(FUNC_C_INITIALIZE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Finalize(
- CK_VOID_PTR pReserved
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Finalize"));
- PR_LOG(modlog, 3, (" pReserved = 0x%p", pReserved));
- nssdbg_start_time(FUNC_C_FINALIZE,&start);
- rv = module_functions->C_Finalize(pReserved);
- nssdbg_finish_time(FUNC_C_FINALIZE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetInfo(
- CK_INFO_PTR pInfo
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetInfo"));
- PR_LOG(modlog, 3, (" pInfo = 0x%p", pInfo));
- nssdbg_start_time(FUNC_C_GETINFO,&start);
- rv = module_functions->C_GetInfo(pInfo);
- nssdbg_finish_time(FUNC_C_GETINFO,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetFunctionList(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetFunctionList"));
- PR_LOG(modlog, 3, (" ppFunctionList = 0x%p", ppFunctionList));
- nssdbg_start_time(FUNC_C_GETFUNCITONLIST,&start);
- rv = module_functions->C_GetFunctionList(ppFunctionList);
- nssdbg_finish_time(FUNC_C_GETFUNCITONLIST,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetSlotList(
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- CK_ULONG i;
- PR_LOG(modlog, 1, ("C_GetSlotList"));
- PR_LOG(modlog, 3, (" tokenPresent = 0x%x", tokenPresent));
- PR_LOG(modlog, 3, (" pSlotList = 0x%p", pSlotList));
- PR_LOG(modlog, 3, (" pulCount = 0x%p", pulCount));
- nssdbg_start_time(FUNC_C_GETSLOTLIST,&start);
- rv = module_functions->C_GetSlotList(tokenPresent,
- pSlotList,
- pulCount);
- nssdbg_finish_time(FUNC_C_GETSLOTLIST,start);
- PR_LOG(modlog, 4, (" *pulCount = 0x%x", *pulCount));
- if (pSlotList) {
- for (i=0; i<*pulCount; i++) {
- PR_LOG(modlog, 4, (" slotID[%d] = %x", i, pSlotList[i]));
- }
- }
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetSlotInfo(
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetSlotInfo"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- PR_LOG(modlog, 3, (" pInfo = 0x%p", pInfo));
- nssdbg_start_time(FUNC_C_GETSLOTINFO,&start);
- rv = module_functions->C_GetSlotInfo(slotID,
- pInfo);
- nssdbg_finish_time(FUNC_C_GETSLOTINFO,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetTokenInfo(
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetTokenInfo"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- PR_LOG(modlog, 3, (" pInfo = 0x%p", pInfo));
- nssdbg_start_time(FUNC_C_GETTOKENINFO,&start);
- rv = module_functions->C_GetTokenInfo(slotID,
- pInfo);
- nssdbg_finish_time(FUNC_C_GETTOKENINFO,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetMechanismList(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetMechanismList"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- PR_LOG(modlog, 3, (" pMechanismList = 0x%p", pMechanismList));
- PR_LOG(modlog, 3, (" pulCount = 0x%p", pulCount));
- nssdbg_start_time(FUNC_C_GETMECHANISMLIST,&start);
- rv = module_functions->C_GetMechanismList(slotID,
- pMechanismList,
- pulCount);
- nssdbg_finish_time(FUNC_C_GETMECHANISMLIST,start);
- PR_LOG(modlog, 4, (" *pulCount = 0x%x", *pulCount));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetMechanismInfo(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetMechanismInfo"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- PR_LOG(modlog, 3, (" type = 0x%x", type));
- PR_LOG(modlog, 3, (" pInfo = 0x%p", pInfo));
- nssdbg_start_time(FUNC_C_GETMECHANISMINFO,&start);
- rv = module_functions->C_GetMechanismInfo(slotID,
- type,
- pInfo);
- nssdbg_finish_time(FUNC_C_GETMECHANISMINFO,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_InitToken(
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_InitToken"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- PR_LOG(modlog, 3, (" pPin = 0x%p", pPin));
- PR_LOG(modlog, 3, (" ulPinLen = %d", ulPinLen));
- PR_LOG(modlog, 3, (" pLabel = 0x%p", pLabel));
- nssdbg_start_time(FUNC_C_INITTOKEN,&start);
- rv = module_functions->C_InitToken(slotID,
- pPin,
- ulPinLen,
- pLabel);
- nssdbg_finish_time(FUNC_C_INITTOKEN,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_InitPIN(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_InitPIN"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPin = 0x%p", pPin));
- PR_LOG(modlog, 3, (" ulPinLen = %d", ulPinLen));
- nssdbg_start_time(FUNC_C_INITPIN,&start);
- rv = module_functions->C_InitPIN(hSession,
- pPin,
- ulPinLen);
- nssdbg_finish_time(FUNC_C_INITPIN,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SetPIN(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SetPIN"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pOldPin = 0x%p", pOldPin));
- PR_LOG(modlog, 3, (" ulOldLen = %d", ulOldLen));
- PR_LOG(modlog, 3, (" pNewPin = 0x%p", pNewPin));
- PR_LOG(modlog, 3, (" ulNewLen = %d", ulNewLen));
- nssdbg_start_time(FUNC_C_SETPIN,&start);
- rv = module_functions->C_SetPIN(hSession,
- pOldPin,
- ulOldLen,
- pNewPin,
- ulNewLen);
- nssdbg_finish_time(FUNC_C_SETPIN,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-static PRUint32 numOpenSessions = 0;
-static PRUint32 maxOpenSessions = 0;
-CK_RV NSSDBGC_OpenSession(
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_AtomicIncrement((PRInt32 *)&numOpenSessions);
- maxOpenSessions = PR_MAX(numOpenSessions, maxOpenSessions);
- PR_LOG(modlog, 1, ("C_OpenSession"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- PR_LOG(modlog, 3, (" flags = 0x%x", flags));
- PR_LOG(modlog, 3, (" pApplication = 0x%p", pApplication));
- PR_LOG(modlog, 3, (" Notify = 0x%x", Notify));
- PR_LOG(modlog, 3, (" phSession = 0x%p", phSession));
- nssdbg_start_time(FUNC_C_OPENSESSION,&start);
- rv = module_functions->C_OpenSession(slotID,
- flags,
- pApplication,
- Notify,
- phSession);
- nssdbg_finish_time(FUNC_C_OPENSESSION,start);
- PR_LOG(modlog, 4, (" *phSession = 0x%x", *phSession));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_CloseSession(
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_AtomicDecrement((PRInt32 *)&numOpenSessions);
- PR_LOG(modlog, 1, ("C_CloseSession"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- nssdbg_start_time(FUNC_C_CLOSESESSION,&start);
- rv = module_functions->C_CloseSession(hSession);
- nssdbg_finish_time(FUNC_C_CLOSESESSION,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_CloseAllSessions(
- CK_SLOT_ID slotID
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_CloseAllSessions"));
- PR_LOG(modlog, 3, (" slotID = 0x%x", slotID));
- nssdbg_start_time(FUNC_C_CLOSEALLSESSIONS,&start);
- rv = module_functions->C_CloseAllSessions(slotID);
- nssdbg_finish_time(FUNC_C_CLOSEALLSESSIONS,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetSessionInfo(
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetSessionInfo"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pInfo = 0x%p", pInfo));
- nssdbg_start_time(FUNC_C_GETSESSIONINFO,&start);
- rv = module_functions->C_GetSessionInfo(hSession,
- pInfo);
- nssdbg_finish_time(FUNC_C_GETSESSIONINFO,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetOperationState(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetOperationState"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pOperationState = 0x%p", pOperationState));
- PR_LOG(modlog, 3, (" pulOperationStateLen = 0x%p", pulOperationStateLen));
- nssdbg_start_time(FUNC_C_GETOPERATIONSTATE,&start);
- rv = module_functions->C_GetOperationState(hSession,
- pOperationState,
- pulOperationStateLen);
- nssdbg_finish_time(FUNC_C_GETOPERATIONSTATE,start);
- PR_LOG(modlog, 4, (" *pulOperationStateLen = 0x%x", *pulOperationStateLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SetOperationState(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SetOperationState"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pOperationState = 0x%p", pOperationState));
- PR_LOG(modlog, 3, (" ulOperationStateLen = %d", ulOperationStateLen));
- PR_LOG(modlog, 3, (" hEncryptionKey = 0x%x", hEncryptionKey));
- PR_LOG(modlog, 3, (" hAuthenticationKey = 0x%x", hAuthenticationKey));
- nssdbg_start_time(FUNC_C_SETOPERATIONSTATE,&start);
- rv = module_functions->C_SetOperationState(hSession,
- pOperationState,
- ulOperationStateLen,
- hEncryptionKey,
- hAuthenticationKey);
- nssdbg_finish_time(FUNC_C_SETOPERATIONSTATE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Login(
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Login"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" userType = 0x%x", userType));
- PR_LOG(modlog, 3, (" pPin = 0x%p", pPin));
- PR_LOG(modlog, 3, (" ulPinLen = %d", ulPinLen));
- nssdbg_start_time(FUNC_C_LOGIN,&start);
- rv = module_functions->C_Login(hSession,
- userType,
- pPin,
- ulPinLen);
- nssdbg_finish_time(FUNC_C_LOGIN,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Logout(
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Logout"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- nssdbg_start_time(FUNC_C_LOGOUT,&start);
- rv = module_functions->C_Logout(hSession);
- nssdbg_finish_time(FUNC_C_LOGOUT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_CreateObject(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_CreateObject"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulCount = %d", ulCount));
- PR_LOG(modlog, 3, (" phObject = 0x%p", phObject));
- print_template(pTemplate, ulCount);
- nssdbg_start_time(FUNC_C_CREATEOBJECT,&start);
- rv = module_functions->C_CreateObject(hSession,
- pTemplate,
- ulCount,
- phObject);
- nssdbg_finish_time(FUNC_C_CREATEOBJECT,start);
- PR_LOG(modlog, 4, (" *phObject = 0x%x", *phObject));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_CopyObject(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_CopyObject"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" hObject = 0x%x", hObject));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulCount = %d", ulCount));
- PR_LOG(modlog, 3, (" phNewObject = 0x%p", phNewObject));
- print_template(pTemplate, ulCount);
- nssdbg_start_time(FUNC_C_COPYOBJECT,&start);
- rv = module_functions->C_CopyObject(hSession,
- hObject,
- pTemplate,
- ulCount,
- phNewObject);
- nssdbg_finish_time(FUNC_C_COPYOBJECT,start);
- PR_LOG(modlog, 4, (" *phNewObject = 0x%x", *phNewObject));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DestroyObject(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DestroyObject"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" hObject = 0x%x", hObject));
- nssdbg_start_time(FUNC_C_DESTROYOBJECT,&start);
- rv = module_functions->C_DestroyObject(hSession,
- hObject);
- nssdbg_finish_time(FUNC_C_DESTROYOBJECT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetObjectSize(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetObjectSize"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" hObject = 0x%x", hObject));
- PR_LOG(modlog, 3, (" pulSize = 0x%p", pulSize));
- nssdbg_start_time(FUNC_C_GETOBJECTSIZE,&start);
- rv = module_functions->C_GetObjectSize(hSession,
- hObject,
- pulSize);
- nssdbg_finish_time(FUNC_C_GETOBJECTSIZE,start);
- PR_LOG(modlog, 4, (" *pulSize = 0x%x", *pulSize));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetAttributeValue(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetAttributeValue"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" hObject = 0x%x", hObject));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulCount = %d", ulCount));
- nssdbg_start_time(FUNC_C_GETATTRIBUTEVALUE,&start);
- rv = module_functions->C_GetAttributeValue(hSession,
- hObject,
- pTemplate,
- ulCount);
- nssdbg_finish_time(FUNC_C_GETATTRIBUTEVALUE,start);
- print_template(pTemplate, ulCount);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SetAttributeValue(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SetAttributeValue"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" hObject = 0x%x", hObject));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulCount = %d", ulCount));
- print_template(pTemplate, ulCount);
- nssdbg_start_time(FUNC_C_SETATTRIBUTEVALUE,&start);
- rv = module_functions->C_SetAttributeValue(hSession,
- hObject,
- pTemplate,
- ulCount);
- nssdbg_finish_time(FUNC_C_SETATTRIBUTEVALUE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_FindObjectsInit(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_FindObjectsInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulCount = %d", ulCount));
- print_template(pTemplate, ulCount);
- nssdbg_start_time(FUNC_C_FINDOBJECTSINIT,&start);
- rv = module_functions->C_FindObjectsInit(hSession,
- pTemplate,
- ulCount);
- nssdbg_finish_time(FUNC_C_FINDOBJECTSINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_FindObjects(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- CK_RV rv;
- CK_ULONG i;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_FindObjects"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" phObject = 0x%p", phObject));
- PR_LOG(modlog, 3, (" ulMaxObjectCount = %d", ulMaxObjectCount));
- PR_LOG(modlog, 3, (" pulObjectCount = 0x%p", pulObjectCount));
- nssdbg_start_time(FUNC_C_FINDOBJECTS,&start);
- rv = module_functions->C_FindObjects(hSession,
- phObject,
- ulMaxObjectCount,
- pulObjectCount);
- nssdbg_finish_time(FUNC_C_FINDOBJECTS,start);
- PR_LOG(modlog, 4, (" *pulObjectCount = 0x%x", *pulObjectCount));
- for (i=0; i<*pulObjectCount; i++) {
- PR_LOG(modlog, 4, (" phObject[%d] = 0x%x", i, phObject[i]));
- }
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_FindObjectsFinal(
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_FindObjectsFinal"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- nssdbg_start_time(FUNC_C_FINDOBJECTSFINAL,&start);
- rv = module_functions->C_FindObjectsFinal(hSession);
- nssdbg_finish_time(FUNC_C_FINDOBJECTSFINAL,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_EncryptInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_EncryptInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_ENCRYPTINIT,&start);
- rv = module_functions->C_EncryptInit(hSession,
- pMechanism,
- hKey);
- nssdbg_finish_time(FUNC_C_ENCRYPTINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Encrypt(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Encrypt"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" ulDataLen = %d", ulDataLen));
- PR_LOG(modlog, 3, (" pEncryptedData = 0x%p", pEncryptedData));
- PR_LOG(modlog, 3, (" pulEncryptedDataLen = 0x%p", pulEncryptedDataLen));
- nssdbg_start_time(FUNC_C_ENCRYPT,&start);
- rv = module_functions->C_Encrypt(hSession,
- pData,
- ulDataLen,
- pEncryptedData,
- pulEncryptedDataLen);
- nssdbg_finish_time(FUNC_C_ENCRYPT,start);
- PR_LOG(modlog, 4, (" *pulEncryptedDataLen = 0x%x", *pulEncryptedDataLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_EncryptUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_EncryptUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" ulPartLen = %d", ulPartLen));
- PR_LOG(modlog, 3, (" pEncryptedPart = 0x%p", pEncryptedPart));
- PR_LOG(modlog, 3, (" pulEncryptedPartLen = 0x%p", pulEncryptedPartLen));
- nssdbg_start_time(FUNC_C_ENCRYPTUPDATE,&start);
- rv = module_functions->C_EncryptUpdate(hSession,
- pPart,
- ulPartLen,
- pEncryptedPart,
- pulEncryptedPartLen);
- nssdbg_finish_time(FUNC_C_ENCRYPTUPDATE,start);
- PR_LOG(modlog, 4, (" *pulEncryptedPartLen = 0x%x", *pulEncryptedPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_EncryptFinal(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_EncryptFinal"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pLastEncryptedPart = 0x%p", pLastEncryptedPart));
- PR_LOG(modlog, 3, (" pulLastEncryptedPartLen = 0x%p", pulLastEncryptedPartLen));
- nssdbg_start_time(FUNC_C_ENCRYPTFINAL,&start);
- rv = module_functions->C_EncryptFinal(hSession,
- pLastEncryptedPart,
- pulLastEncryptedPartLen);
- nssdbg_finish_time(FUNC_C_ENCRYPTFINAL,start);
- PR_LOG(modlog, 4, (" *pulLastEncryptedPartLen = 0x%x", *pulLastEncryptedPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DecryptInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DecryptInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_DECRYPTINIT,&start);
- rv = module_functions->C_DecryptInit(hSession,
- pMechanism,
- hKey);
- nssdbg_finish_time(FUNC_C_DECRYPTINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Decrypt(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Decrypt"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pEncryptedData = 0x%p", pEncryptedData));
- PR_LOG(modlog, 3, (" ulEncryptedDataLen = %d", ulEncryptedDataLen));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" pulDataLen = 0x%p", pulDataLen));
- nssdbg_start_time(FUNC_C_DECRYPT,&start);
- rv = module_functions->C_Decrypt(hSession,
- pEncryptedData,
- ulEncryptedDataLen,
- pData,
- pulDataLen);
- nssdbg_finish_time(FUNC_C_DECRYPT,start);
- PR_LOG(modlog, 4, (" *pulDataLen = 0x%x", *pulDataLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DecryptUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DecryptUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pEncryptedPart = 0x%p", pEncryptedPart));
- PR_LOG(modlog, 3, (" ulEncryptedPartLen = %d", ulEncryptedPartLen));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" pulPartLen = 0x%p", pulPartLen));
- nssdbg_start_time(FUNC_C_DECRYPTUPDATE,&start);
- rv = module_functions->C_DecryptUpdate(hSession,
- pEncryptedPart,
- ulEncryptedPartLen,
- pPart,
- pulPartLen);
- nssdbg_finish_time(FUNC_C_DECRYPTUPDATE,start);
- PR_LOG(modlog, 4, (" *pulPartLen = 0x%x", *pulPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DecryptFinal(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DecryptFinal"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pLastPart = 0x%p", pLastPart));
- PR_LOG(modlog, 3, (" pulLastPartLen = 0x%p", pulLastPartLen));
- nssdbg_start_time(FUNC_C_DECRYPTFINAL,&start);
- rv = module_functions->C_DecryptFinal(hSession,
- pLastPart,
- pulLastPartLen);
- nssdbg_finish_time(FUNC_C_DECRYPTFINAL,start);
- PR_LOG(modlog, 4, (" *pulLastPartLen = 0x%x", *pulLastPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DigestInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DigestInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_DIGESTINIT,&start);
- rv = module_functions->C_DigestInit(hSession,
- pMechanism);
- nssdbg_finish_time(FUNC_C_DIGESTINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Digest(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Digest"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" ulDataLen = %d", ulDataLen));
- PR_LOG(modlog, 3, (" pDigest = 0x%p", pDigest));
- PR_LOG(modlog, 3, (" pulDigestLen = 0x%p", pulDigestLen));
- nssdbg_start_time(FUNC_C_DIGEST,&start);
- rv = module_functions->C_Digest(hSession,
- pData,
- ulDataLen,
- pDigest,
- pulDigestLen);
- nssdbg_finish_time(FUNC_C_DIGEST,start);
- PR_LOG(modlog, 4, (" *pulDigestLen = 0x%x", *pulDigestLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DigestUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DigestUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" ulPartLen = %d", ulPartLen));
- nssdbg_start_time(FUNC_C_DIGESTUPDATE,&start);
- rv = module_functions->C_DigestUpdate(hSession,
- pPart,
- ulPartLen);
- nssdbg_finish_time(FUNC_C_DIGESTUPDATE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DigestKey(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DigestKey"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- nssdbg_start_time(FUNC_C_DIGESTKEY,&start);
- rv = module_functions->C_DigestKey(hSession,
- hKey);
- nssdbg_finish_time(FUNC_C_DIGESTKEY,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DigestFinal(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DigestFinal"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pDigest = 0x%p", pDigest));
- PR_LOG(modlog, 3, (" pulDigestLen = 0x%p", pulDigestLen));
- nssdbg_start_time(FUNC_C_DIGESTFINAL,&start);
- rv = module_functions->C_DigestFinal(hSession,
- pDigest,
- pulDigestLen);
- nssdbg_finish_time(FUNC_C_DIGESTFINAL,start);
- PR_LOG(modlog, 4, (" *pulDigestLen = 0x%x", *pulDigestLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SignInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SignInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_SIGNINIT,&start);
- rv = module_functions->C_SignInit(hSession,
- pMechanism,
- hKey);
- nssdbg_finish_time(FUNC_C_SIGNINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Sign(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Sign"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" ulDataLen = %d", ulDataLen));
- PR_LOG(modlog, 3, (" pSignature = 0x%p", pSignature));
- PR_LOG(modlog, 3, (" pulSignatureLen = 0x%p", pulSignatureLen));
- nssdbg_start_time(FUNC_C_SIGN,&start);
- rv = module_functions->C_Sign(hSession,
- pData,
- ulDataLen,
- pSignature,
- pulSignatureLen);
- nssdbg_finish_time(FUNC_C_SIGN,start);
- PR_LOG(modlog, 4, (" *pulSignatureLen = 0x%x", *pulSignatureLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SignUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SignUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" ulPartLen = %d", ulPartLen));
- nssdbg_start_time(FUNC_C_SIGNUPDATE,&start);
- rv = module_functions->C_SignUpdate(hSession,
- pPart,
- ulPartLen);
- nssdbg_finish_time(FUNC_C_SIGNUPDATE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SignFinal(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SignFinal"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pSignature = 0x%p", pSignature));
- PR_LOG(modlog, 3, (" pulSignatureLen = 0x%p", pulSignatureLen));
- nssdbg_start_time(FUNC_C_SIGNFINAL,&start);
- rv = module_functions->C_SignFinal(hSession,
- pSignature,
- pulSignatureLen);
- nssdbg_finish_time(FUNC_C_SIGNFINAL,start);
- PR_LOG(modlog, 4, (" *pulSignatureLen = 0x%x", *pulSignatureLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SignRecoverInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SignRecoverInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_SIGNRECOVERINIT,&start);
- rv = module_functions->C_SignRecoverInit(hSession,
- pMechanism,
- hKey);
- nssdbg_finish_time(FUNC_C_SIGNRECOVERINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SignRecover(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SignRecover"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" ulDataLen = %d", ulDataLen));
- PR_LOG(modlog, 3, (" pSignature = 0x%p", pSignature));
- PR_LOG(modlog, 3, (" pulSignatureLen = 0x%p", pulSignatureLen));
- nssdbg_start_time(FUNC_C_SIGNRECOVER,&start);
- rv = module_functions->C_SignRecover(hSession,
- pData,
- ulDataLen,
- pSignature,
- pulSignatureLen);
- nssdbg_finish_time(FUNC_C_SIGNRECOVER,start);
- PR_LOG(modlog, 4, (" *pulSignatureLen = 0x%x", *pulSignatureLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_VerifyInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_VerifyInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_VERIFYINIT,&start);
- rv = module_functions->C_VerifyInit(hSession,
- pMechanism,
- hKey);
- nssdbg_finish_time(FUNC_C_VERIFYINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_Verify(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_Verify"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" ulDataLen = %d", ulDataLen));
- PR_LOG(modlog, 3, (" pSignature = 0x%p", pSignature));
- PR_LOG(modlog, 3, (" ulSignatureLen = %d", ulSignatureLen));
- nssdbg_start_time(FUNC_C_VERIFY,&start);
- rv = module_functions->C_Verify(hSession,
- pData,
- ulDataLen,
- pSignature,
- ulSignatureLen);
- nssdbg_finish_time(FUNC_C_VERIFY,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_VerifyUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_VerifyUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" ulPartLen = %d", ulPartLen));
- nssdbg_start_time(FUNC_C_VERIFYUPDATE,&start);
- rv = module_functions->C_VerifyUpdate(hSession,
- pPart,
- ulPartLen);
- nssdbg_finish_time(FUNC_C_VERIFYUPDATE,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_VerifyFinal(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_VerifyFinal"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pSignature = 0x%p", pSignature));
- PR_LOG(modlog, 3, (" ulSignatureLen = %d", ulSignatureLen));
- nssdbg_start_time(FUNC_C_VERIFYFINAL,&start);
- rv = module_functions->C_VerifyFinal(hSession,
- pSignature,
- ulSignatureLen);
- nssdbg_finish_time(FUNC_C_VERIFYFINAL,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_VerifyRecoverInit(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_VerifyRecoverInit"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_VERIFYRECOVERINIT,&start);
- rv = module_functions->C_VerifyRecoverInit(hSession,
- pMechanism,
- hKey);
- nssdbg_finish_time(FUNC_C_VERIFYRECOVERINIT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_VerifyRecover(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_VerifyRecover"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pSignature = 0x%p", pSignature));
- PR_LOG(modlog, 3, (" ulSignatureLen = %d", ulSignatureLen));
- PR_LOG(modlog, 3, (" pData = 0x%p", pData));
- PR_LOG(modlog, 3, (" pulDataLen = 0x%p", pulDataLen));
- nssdbg_start_time(FUNC_C_VERIFYRECOVER,&start);
- rv = module_functions->C_VerifyRecover(hSession,
- pSignature,
- ulSignatureLen,
- pData,
- pulDataLen);
- nssdbg_finish_time(FUNC_C_VERIFYRECOVER,start);
- PR_LOG(modlog, 4, (" *pulDataLen = 0x%x", *pulDataLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DigestEncryptUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DigestEncryptUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" ulPartLen = %d", ulPartLen));
- PR_LOG(modlog, 3, (" pEncryptedPart = 0x%p", pEncryptedPart));
- PR_LOG(modlog, 3, (" pulEncryptedPartLen = 0x%p", pulEncryptedPartLen));
- nssdbg_start_time(FUNC_C_DIGESTENCRYPTUPDATE,&start);
- rv = module_functions->C_DigestEncryptUpdate(hSession,
- pPart,
- ulPartLen,
- pEncryptedPart,
- pulEncryptedPartLen);
- nssdbg_finish_time(FUNC_C_DIGESTENCRYPTUPDATE,start);
- PR_LOG(modlog, 4, (" *pulEncryptedPartLen = 0x%x", *pulEncryptedPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DecryptDigestUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DecryptDigestUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pEncryptedPart = 0x%p", pEncryptedPart));
- PR_LOG(modlog, 3, (" ulEncryptedPartLen = %d", ulEncryptedPartLen));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" pulPartLen = 0x%p", pulPartLen));
- nssdbg_start_time(FUNC_C_DECRYPTDIGESTUPDATE,&start);
- rv = module_functions->C_DecryptDigestUpdate(hSession,
- pEncryptedPart,
- ulEncryptedPartLen,
- pPart,
- pulPartLen);
- nssdbg_finish_time(FUNC_C_DECRYPTDIGESTUPDATE,start);
- PR_LOG(modlog, 4, (" *pulPartLen = 0x%x", *pulPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SignEncryptUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SignEncryptUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" ulPartLen = %d", ulPartLen));
- PR_LOG(modlog, 3, (" pEncryptedPart = 0x%p", pEncryptedPart));
- PR_LOG(modlog, 3, (" pulEncryptedPartLen = 0x%p", pulEncryptedPartLen));
- nssdbg_start_time(FUNC_C_SIGNENCRYPTUPDATE,&start);
- rv = module_functions->C_SignEncryptUpdate(hSession,
- pPart,
- ulPartLen,
- pEncryptedPart,
- pulEncryptedPartLen);
- nssdbg_finish_time(FUNC_C_SIGNENCRYPTUPDATE,start);
- PR_LOG(modlog, 4, (" *pulEncryptedPartLen = 0x%x", *pulEncryptedPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DecryptVerifyUpdate(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DecryptVerifyUpdate"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pEncryptedPart = 0x%p", pEncryptedPart));
- PR_LOG(modlog, 3, (" ulEncryptedPartLen = %d", ulEncryptedPartLen));
- PR_LOG(modlog, 3, (" pPart = 0x%p", pPart));
- PR_LOG(modlog, 3, (" pulPartLen = 0x%p", pulPartLen));
- nssdbg_start_time(FUNC_C_DECRYPTVERIFYUPDATE,&start);
- rv = module_functions->C_DecryptVerifyUpdate(hSession,
- pEncryptedPart,
- ulEncryptedPartLen,
- pPart,
- pulPartLen);
- nssdbg_finish_time(FUNC_C_DECRYPTVERIFYUPDATE,start);
- PR_LOG(modlog, 4, (" *pulPartLen = 0x%x", *pulPartLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GenerateKey(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GenerateKey"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulCount = %d", ulCount));
- PR_LOG(modlog, 3, (" phKey = 0x%p", phKey));
- print_template(pTemplate, ulCount);
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_GENERATEKEY,&start);
- rv = module_functions->C_GenerateKey(hSession,
- pMechanism,
- pTemplate,
- ulCount,
- phKey);
- nssdbg_finish_time(FUNC_C_GENERATEKEY,start);
- PR_LOG(modlog, 4, (" *phKey = 0x%x", *phKey));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GenerateKeyPair(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GenerateKeyPair"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" pPublicKeyTemplate = 0x%p", pPublicKeyTemplate));
- PR_LOG(modlog, 3, (" ulPublicKeyAttributeCount = %d", ulPublicKeyAttributeCount));
- PR_LOG(modlog, 3, (" pPrivateKeyTemplate = 0x%p", pPrivateKeyTemplate));
- PR_LOG(modlog, 3, (" ulPrivateKeyAttributeCount = %d", ulPrivateKeyAttributeCount));
- PR_LOG(modlog, 3, (" phPublicKey = 0x%p", phPublicKey));
- PR_LOG(modlog, 3, (" phPrivateKey = 0x%p", phPrivateKey));
- print_template(pPublicKeyTemplate, ulPublicKeyAttributeCount);
- print_template(pPrivateKeyTemplate, ulPrivateKeyAttributeCount);
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_GENERATEKEYPAIR,&start);
- rv = module_functions->C_GenerateKeyPair(hSession,
- pMechanism,
- pPublicKeyTemplate,
- ulPublicKeyAttributeCount,
- pPrivateKeyTemplate,
- ulPrivateKeyAttributeCount,
- phPublicKey,
- phPrivateKey);
- nssdbg_finish_time(FUNC_C_GENERATEKEYPAIR,start);
- PR_LOG(modlog, 4, (" *phPublicKey = 0x%x", *phPublicKey));
- PR_LOG(modlog, 4, (" *phPrivateKey = 0x%x", *phPrivateKey));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_WrapKey(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_WrapKey"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hWrappingKey = 0x%x", hWrappingKey));
- PR_LOG(modlog, 3, (" hKey = 0x%x", hKey));
- PR_LOG(modlog, 3, (" pWrappedKey = 0x%p", pWrappedKey));
- PR_LOG(modlog, 3, (" pulWrappedKeyLen = 0x%p", pulWrappedKeyLen));
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_WRAPKEY,&start);
- rv = module_functions->C_WrapKey(hSession,
- pMechanism,
- hWrappingKey,
- hKey,
- pWrappedKey,
- pulWrappedKeyLen);
- nssdbg_finish_time(FUNC_C_WRAPKEY,start);
- PR_LOG(modlog, 4, (" *pulWrappedKeyLen = 0x%x", *pulWrappedKeyLen));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_UnwrapKey(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_UnwrapKey"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hUnwrappingKey = 0x%x", hUnwrappingKey));
- PR_LOG(modlog, 3, (" pWrappedKey = 0x%p", pWrappedKey));
- PR_LOG(modlog, 3, (" ulWrappedKeyLen = %d", ulWrappedKeyLen));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulAttributeCount = %d", ulAttributeCount));
- PR_LOG(modlog, 3, (" phKey = 0x%p", phKey));
- print_template(pTemplate, ulAttributeCount);
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_UNWRAPKEY,&start);
- rv = module_functions->C_UnwrapKey(hSession,
- pMechanism,
- hUnwrappingKey,
- pWrappedKey,
- ulWrappedKeyLen,
- pTemplate,
- ulAttributeCount,
- phKey);
- nssdbg_finish_time(FUNC_C_UNWRAPKEY,start);
- PR_LOG(modlog, 4, (" *phKey = 0x%x", *phKey));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_DeriveKey(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_DeriveKey"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pMechanism = 0x%p", pMechanism));
- PR_LOG(modlog, 3, (" hBaseKey = 0x%x", hBaseKey));
- PR_LOG(modlog, 3, (" pTemplate = 0x%p", pTemplate));
- PR_LOG(modlog, 3, (" ulAttributeCount = %d", ulAttributeCount));
- PR_LOG(modlog, 3, (" phKey = 0x%p", phKey));
- print_template(pTemplate, ulAttributeCount);
- print_mechanism(pMechanism);
- nssdbg_start_time(FUNC_C_DERIVEKEY,&start);
- rv = module_functions->C_DeriveKey(hSession,
- pMechanism,
- hBaseKey,
- pTemplate,
- ulAttributeCount,
- phKey);
- nssdbg_finish_time(FUNC_C_DERIVEKEY,start);
- PR_LOG(modlog, 4, (" *phKey = 0x%x", *phKey));
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_SeedRandom(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_SeedRandom"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" pSeed = 0x%p", pSeed));
- PR_LOG(modlog, 3, (" ulSeedLen = %d", ulSeedLen));
- nssdbg_start_time(FUNC_C_SEEDRANDOM,&start);
- rv = module_functions->C_SeedRandom(hSession,
- pSeed,
- ulSeedLen);
- nssdbg_finish_time(FUNC_C_SEEDRANDOM,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GenerateRandom(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR RandomData,
- CK_ULONG ulRandomLen
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GenerateRandom"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- PR_LOG(modlog, 3, (" RandomData = 0x%p", RandomData));
- PR_LOG(modlog, 3, (" ulRandomLen = %d", ulRandomLen));
- nssdbg_start_time(FUNC_C_GENERATERANDOM,&start);
- rv = module_functions->C_GenerateRandom(hSession,
- RandomData,
- ulRandomLen);
- nssdbg_finish_time(FUNC_C_GENERATERANDOM,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_GetFunctionStatus(
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_GetFunctionStatus"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- nssdbg_start_time(FUNC_C_GETFUNCTIONSTATUS,&start);
- rv = module_functions->C_GetFunctionStatus(hSession);
- nssdbg_finish_time(FUNC_C_GETFUNCTIONSTATUS,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_CancelFunction(
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_CancelFunction"));
- PR_LOG(modlog, 3, (" hSession = 0x%x", hSession));
- nssdbg_start_time(FUNC_C_CANCELFUNCTION,&start);
- rv = module_functions->C_CancelFunction(hSession);
- nssdbg_finish_time(FUNC_C_CANCELFUNCTION,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_RV NSSDBGC_WaitForSlotEvent(
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved
-)
-{
- CK_RV rv;
- PRIntervalTime start;
- PR_LOG(modlog, 1, ("C_WaitForSlotEvent"));
- PR_LOG(modlog, 3, (" flags = 0x%x", flags));
- PR_LOG(modlog, 3, (" pSlot = 0x%p", pSlot));
- PR_LOG(modlog, 3, (" pRserved = 0x%p", pRserved));
- nssdbg_start_time(FUNC_C_WAITFORSLOTEVENT,&start);
- rv = module_functions->C_WaitForSlotEvent(flags,
- pSlot,
- pRserved);
- nssdbg_finish_time(FUNC_C_WAITFORSLOTEVENT,start);
- PR_LOG(modlog, 1, (" rv = 0x%x\n", rv));
- return rv;
-}
-
-CK_FUNCTION_LIST_PTR nss_InsertDeviceLog(
- CK_FUNCTION_LIST_PTR devEPV
-)
-{
- module_functions = devEPV;
- modlog = PR_NewLogModule("nss_mod_log");
- debug_functions.C_Initialize = NSSDBGC_Initialize;
- debug_functions.C_Finalize = NSSDBGC_Finalize;
- debug_functions.C_GetInfo = NSSDBGC_GetInfo;
- debug_functions.C_GetFunctionList = NSSDBGC_GetFunctionList;
- debug_functions.C_GetSlotList = NSSDBGC_GetSlotList;
- debug_functions.C_GetSlotInfo = NSSDBGC_GetSlotInfo;
- debug_functions.C_GetTokenInfo = NSSDBGC_GetTokenInfo;
- debug_functions.C_GetMechanismList = NSSDBGC_GetMechanismList;
- debug_functions.C_GetMechanismInfo = NSSDBGC_GetMechanismInfo;
- debug_functions.C_InitToken = NSSDBGC_InitToken;
- debug_functions.C_InitPIN = NSSDBGC_InitPIN;
- debug_functions.C_SetPIN = NSSDBGC_SetPIN;
- debug_functions.C_OpenSession = NSSDBGC_OpenSession;
- debug_functions.C_CloseSession = NSSDBGC_CloseSession;
- debug_functions.C_CloseAllSessions = NSSDBGC_CloseAllSessions;
- debug_functions.C_GetSessionInfo = NSSDBGC_GetSessionInfo;
- debug_functions.C_GetOperationState = NSSDBGC_GetOperationState;
- debug_functions.C_SetOperationState = NSSDBGC_SetOperationState;
- debug_functions.C_Login = NSSDBGC_Login;
- debug_functions.C_Logout = NSSDBGC_Logout;
- debug_functions.C_CreateObject = NSSDBGC_CreateObject;
- debug_functions.C_CopyObject = NSSDBGC_CopyObject;
- debug_functions.C_DestroyObject = NSSDBGC_DestroyObject;
- debug_functions.C_GetObjectSize = NSSDBGC_GetObjectSize;
- debug_functions.C_GetAttributeValue = NSSDBGC_GetAttributeValue;
- debug_functions.C_SetAttributeValue = NSSDBGC_SetAttributeValue;
- debug_functions.C_FindObjectsInit = NSSDBGC_FindObjectsInit;
- debug_functions.C_FindObjects = NSSDBGC_FindObjects;
- debug_functions.C_FindObjectsFinal = NSSDBGC_FindObjectsFinal;
- debug_functions.C_EncryptInit = NSSDBGC_EncryptInit;
- debug_functions.C_Encrypt = NSSDBGC_Encrypt;
- debug_functions.C_EncryptUpdate = NSSDBGC_EncryptUpdate;
- debug_functions.C_EncryptFinal = NSSDBGC_EncryptFinal;
- debug_functions.C_DecryptInit = NSSDBGC_DecryptInit;
- debug_functions.C_Decrypt = NSSDBGC_Decrypt;
- debug_functions.C_DecryptUpdate = NSSDBGC_DecryptUpdate;
- debug_functions.C_DecryptFinal = NSSDBGC_DecryptFinal;
- debug_functions.C_DigestInit = NSSDBGC_DigestInit;
- debug_functions.C_Digest = NSSDBGC_Digest;
- debug_functions.C_DigestUpdate = NSSDBGC_DigestUpdate;
- debug_functions.C_DigestKey = NSSDBGC_DigestKey;
- debug_functions.C_DigestFinal = NSSDBGC_DigestFinal;
- debug_functions.C_SignInit = NSSDBGC_SignInit;
- debug_functions.C_Sign = NSSDBGC_Sign;
- debug_functions.C_SignUpdate = NSSDBGC_SignUpdate;
- debug_functions.C_SignFinal = NSSDBGC_SignFinal;
- debug_functions.C_SignRecoverInit = NSSDBGC_SignRecoverInit;
- debug_functions.C_SignRecover = NSSDBGC_SignRecover;
- debug_functions.C_VerifyInit = NSSDBGC_VerifyInit;
- debug_functions.C_Verify = NSSDBGC_Verify;
- debug_functions.C_VerifyUpdate = NSSDBGC_VerifyUpdate;
- debug_functions.C_VerifyFinal = NSSDBGC_VerifyFinal;
- debug_functions.C_VerifyRecoverInit = NSSDBGC_VerifyRecoverInit;
- debug_functions.C_VerifyRecover = NSSDBGC_VerifyRecover;
- debug_functions.C_DigestEncryptUpdate = NSSDBGC_DigestEncryptUpdate;
- debug_functions.C_DecryptDigestUpdate = NSSDBGC_DecryptDigestUpdate;
- debug_functions.C_SignEncryptUpdate = NSSDBGC_SignEncryptUpdate;
- debug_functions.C_DecryptVerifyUpdate = NSSDBGC_DecryptVerifyUpdate;
- debug_functions.C_GenerateKey = NSSDBGC_GenerateKey;
- debug_functions.C_GenerateKeyPair = NSSDBGC_GenerateKeyPair;
- debug_functions.C_WrapKey = NSSDBGC_WrapKey;
- debug_functions.C_UnwrapKey = NSSDBGC_UnwrapKey;
- debug_functions.C_DeriveKey = NSSDBGC_DeriveKey;
- debug_functions.C_SeedRandom = NSSDBGC_SeedRandom;
- debug_functions.C_GenerateRandom = NSSDBGC_GenerateRandom;
- debug_functions.C_GetFunctionStatus = NSSDBGC_GetFunctionStatus;
- debug_functions.C_CancelFunction = NSSDBGC_CancelFunction;
- debug_functions.C_WaitForSlotEvent = NSSDBGC_WaitForSlotEvent;
- return &debug_functions;
-}
-
-/*
- * scale the time factor up accordingly.
- * This routine tries to keep at least 2 significant figures on output.
- * If the time is 0, then indicate that with a 'z' for units.
- * If the time is greater than 10 minutes, output the time in minutes.
- * If the time is less than 10 minutes but greater than 10 seconds output
- * the time in second.
- * If the time is less than 10 seconds but greater than 10 milliseconds
- * output * the time in millisecond.
- * If the time is less than 10 milliseconds but greater than 0 ticks output
- * the time in microsecond.
- *
- */
-static PRUint32 getPrintTime(PRIntervalTime time ,char **type)
-{
- PRUint32 prTime;
-
- /* detect a programming error by outputting 'bu' to the output stream
- * rather than crashing */
- *type = "bug";
- if (time == 0) {
- *type = "z";
- return 0;
- }
-
- prTime = PR_IntervalToSeconds(time);
-
- if (prTime >= 600) {
- *type="m";
- return prTime/60;
- }
- if (prTime >= 10) {
- *type="s";
- return prTime;
- }
- prTime = PR_IntervalToMilliseconds(time);
- if (prTime >= 10) {
- *type="ms";
- return prTime;
- }
- *type = "us";
- return PR_IntervalToMicroseconds(time);
-}
-
-static void print_final_statistics(void)
-{
- int total_calls = 0;
- PRIntervalTime total_time = 0;
- PRUint32 pr_total_time;
- char *type;
- char *fname;
- FILE *outfile = NULL;
- int i;
-
- fname = PR_GetEnv("NSS_OUTPUT_FILE");
- if (fname) {
- /* need to add an optional process id to the filename */
- outfile = fopen(fname,"w+");
- }
- if (!outfile) {
- outfile = stdout;
- }
-
-
- fprintf(outfile,"%-25s %10s %12s %12s %10s\n", "Function", "# Calls",
- "Time", "Avg.", "% Time");
- fprintf(outfile,"\n");
- for (i=0; i < nssdbg_prof_size; i++) {
- total_calls += nssdbg_prof_data[i].calls;
- total_time += nssdbg_prof_data[i].time;
- }
- for (i=0; i < nssdbg_prof_size; i++) {
- PRIntervalTime time = nssdbg_prof_data[i].time;
- PRUint32 usTime = PR_IntervalToMicroseconds(time);
- PRUint32 prTime = 0;
- PRUint32 calls = nssdbg_prof_data[i].calls;
- /* don't print out functions that weren't even called */
- if (calls == 0) {
- continue;
- }
-
- prTime = getPrintTime(time,&type);
-
- fprintf(outfile,"%-25s %10d %10d%2s ", nssdbg_prof_data[i].function,
- calls, prTime, type);
- /* for now always output the average in microseconds */
- fprintf(outfile,"%10.2f%2s", (float)usTime / (float)calls, "us" );
- fprintf(outfile,"%10.2f%%", ((float)time / (float)total_time) * 100);
- fprintf(outfile,"\n");
- }
- fprintf(outfile,"\n");
-
- pr_total_time = getPrintTime(total_time,&type);
-
- fprintf(outfile,"%25s %10d %10d%2s\n", "Totals", total_calls,
- pr_total_time, type);
- fprintf(outfile,"\n\nMaximum number of concurrent open sessions: %d\n\n",
- maxOpenSessions);
- fflush (outfile);
- if (outfile != stdout) {
- fclose(outfile);
- }
-}
-
diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c
deleted file mode 100644
index 3f704436d..000000000
--- a/security/nss/lib/pk11wrap/dev3hack.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#include "pki3hack.h"
-#include "dev3hack.h"
-#include "pkim.h"
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include "pk11func.h"
-#include "secmodti.h"
-
-NSS_IMPLEMENT nssSession *
-nssSession_ImportNSS3Session(NSSArena *arenaOpt,
- CK_SESSION_HANDLE session,
- PZLock *lock, PRBool rw)
-{
- nssSession *rvSession;
- rvSession = nss_ZNEW(arenaOpt, nssSession);
- rvSession->handle = session;
- rvSession->lock = lock;
- rvSession->isRW = rw;
- return rvSession;
-}
-
-NSS_IMPLEMENT nssSession *
-nssSlot_CreateSession
-(
- NSSSlot *slot,
- NSSArena *arenaOpt,
- PRBool readWrite
-)
-{
- nssSession *rvSession;
- rvSession = nss_ZNEW(arenaOpt, nssSession);
- if (!rvSession) {
- return (nssSession *)NULL;
- }
- if (readWrite) {
- rvSession->handle = PK11_GetRWSession(slot->pk11slot);
- if (rvSession->handle == CK_INVALID_HANDLE) {
- nss_ZFreeIf(rvSession);
- return NULL;
- }
- rvSession->isRW = PR_TRUE;
- rvSession->slot = slot;
- return rvSession;
- } else {
- return NULL;
- }
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_Destroy
-(
- nssSession *s
-)
-{
- CK_RV ckrv = CKR_OK;
- if (s) {
- if (s->isRW) {
- PK11_RestoreROSession(s->slot->pk11slot, s->handle);
- }
- nss_ZFreeIf(s);
- }
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-static NSSSlot *
-nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
-{
- NSSSlot *rvSlot;
- NSSArena *arena;
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- rvSlot = nss_ZNEW(arena, NSSSlot);
- if (!rvSlot) {
- nssArena_Destroy(arena);
- return NULL;
- }
- rvSlot->base.refCount = 1;
- rvSlot->base.lock = PZ_NewLock(nssILockOther);
- rvSlot->base.arena = arena;
- rvSlot->pk11slot = nss3slot;
- rvSlot->epv = nss3slot->functionList;
- rvSlot->slotID = nss3slot->slotID;
- /* Grab the slot name from the PKCS#11 fixed-length buffer */
- rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name,td->arena);
- return rvSlot;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
-{
- NSSToken *rvToken;
- NSSArena *arena;
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- rvToken = nss_ZNEW(arena, NSSToken);
- if (!rvToken) {
- nssArena_Destroy(arena);
- return NULL;
- }
- rvToken->base.refCount = 1;
- rvToken->base.lock = PZ_NewLock(nssILockOther);
- rvToken->base.arena = arena;
- rvToken->pk11slot = nss3slot;
- rvToken->epv = nss3slot->functionList;
- rvToken->defaultSession = nssSession_ImportNSS3Session(td->arena,
- nss3slot->session,
- nss3slot->sessionLock,
- nss3slot->defRWSession);
- /* The above test was used in 3.4, for this cache have it always on */
- if (!PK11_IsInternal(nss3slot) && PK11_IsHW(nss3slot)) {
- rvToken->cache = nssTokenObjectCache_Create(rvToken,
- PR_TRUE, PR_TRUE, PR_TRUE);
- if (!rvToken->cache) {
- nssArena_Destroy(arena);
- return (NSSToken *)NULL;
- }
- }
- rvToken->trustDomain = td;
- /* Grab the token name from the PKCS#11 fixed-length buffer */
- rvToken->base.name = nssUTF8_Duplicate(nss3slot->token_name,td->arena);
- rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot);
- rvToken->slot->token = rvToken;
- rvToken->defaultSession->slot = rvToken->slot;
- return rvToken;
-}
-
-NSS_IMPLEMENT void
-nssToken_UpdateName(NSSToken *token)
-{
- if (!token) {
- return;
- }
- token->base.name = nssUTF8_Duplicate(token->pk11slot->token_name,token->base.arena);
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsPermanent
-(
- NSSSlot *slot
-)
-{
- return slot->pk11slot->isPerm;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsFriendly
-(
- NSSSlot *slot
-)
-{
- return PK11_IsFriendly(slot->pk11slot);
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_Refresh(NSSToken *token)
-{
- PK11SlotInfo *nss3slot;
-
- if (!token) {
- return PR_SUCCESS;
- }
- nss3slot = token->pk11slot;
- token->defaultSession = nssSession_ImportNSS3Session(token->slot->base.arena,
- nss3slot->session,
- nss3slot->sessionLock,
- nss3slot->defRWSession);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Refresh
-(
- NSSSlot *slot
-)
-{
- PK11SlotInfo *nss3slot = slot->pk11slot;
- PRBool doit = PR_FALSE;
- if (slot->token->base.name[0] == 0) {
- doit = PR_TRUE;
- }
- if (PK11_InitToken(nss3slot, PR_FALSE) != SECSuccess) {
- return PR_FAILURE;
- }
- if (doit) {
- nssTrustDomain_UpdateCachedTokenCerts(slot->token->trustDomain,
- slot->token);
- }
- return nssToken_Refresh(slot->token);
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_GetTrustOrder
-(
- NSSToken *tok
-)
-{
- PK11SlotInfo *slot;
- SECMODModule *module;
- slot = tok->pk11slot;
- module = PK11_GetModule(slot);
- return module->trustOrder;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsLoggedIn
-(
- NSSSlot *slot
-)
-{
- if (!slot->pk11slot->needLogin) {
- return PR_TRUE;
- }
- return PK11_IsLoggedIn(slot->pk11slot, NULL);
-}
-
-
-NSSTrustDomain *
-nssToken_GetTrustDomain(NSSToken *token)
-{
- return token->trustDomain;
-}
-
-NSS_EXTERN PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
- NSSTrustDomain *td,
- NSSToken *token
-);
-
-NSS_IMPLEMENT PRStatus
-nssToken_NotifyCertsNotVisible
-(
- NSSToken *tok
-)
-{
- return nssTrustDomain_RemoveTokenCertsFromCache(tok->trustDomain, tok);
-}
-
diff --git a/security/nss/lib/pk11wrap/dev3hack.h b/security/nss/lib/pk11wrap/dev3hack.h
deleted file mode 100644
index d2e3ab4e1..000000000
--- a/security/nss/lib/pk11wrap/dev3hack.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVNSS3HACK_H
-#define DEVNSS3HACK_H
-
-#ifdef DEBUG
-static const char DEVNSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "cert.h"
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSToken *
-nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot);
-
-NSS_EXTERN void
-nssToken_UpdateName(NSSToken *);
-
-NSS_EXTERN PRStatus
-nssToken_Refresh(NSSToken *);
-
-NSSTrustDomain *
-nssToken_GetTrustDomain(NSSToken *token);
-
-void PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst);
-
-NSSToken * PK11Slot_GetNSSToken(PK11SlotInfo *sl);
-
-PR_END_EXTERN_C
-
-#endif /* DEVNSS3HACK_H */
diff --git a/security/nss/lib/pk11wrap/manifest.mn b/security/nss/lib/pk11wrap/manifest.mn
deleted file mode 100644
index d4abd9917..000000000
--- a/security/nss/lib/pk11wrap/manifest.mn
+++ /dev/null
@@ -1,78 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- secmod.h \
- secmodt.h \
- secpkcs5.h \
- pk11func.h \
- pk11sdr.h \
- pk11pqg.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- secmodi.h \
- secmodti.h \
- pk11init.h \
- dev3hack.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- dev3hack.c \
- pk11cert.c \
- pk11err.c \
- pk11load.c \
- pk11pars.c \
- pk11slot.c \
- pk11list.c \
- pk11skey.c \
- pk11kea.c \
- pk11util.c \
- pk11sdr.c \
- pk11pqg.c \
- pk11pk12.c \
- pk11pbe.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = pk11wrap
-
-# only add module debugging in opt builds if DEBUG_PKCS11 is set
-ifdef DEBUG_PKCS11
- DEFINES += -DDEBUG_MODULE
-endif
-
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
deleted file mode 100644
index 449fe17c8..000000000
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ /dev/null
@@ -1,4158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "secport.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "certi.h"
-#include "secitem.h"
-#include "key.h"
-#include "hasht.h"
-#include "secoid.h"
-#include "pkcs7t.h"
-#include "cmsreclist.h"
-
-#include "certdb.h"
-#include "secerr.h"
-#include "sslerr.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "pki3hack.h"
-#include "dev3hack.h"
-
-#include "devm.h"
-#include "nsspki.h"
-#include "pki.h"
-#include "pkim.h"
-#include "pkitm.h"
-#include "pkistore.h" /* to remove temp cert */
-#include "devt.h"
-
-#define PK11_SEARCH_CHUNKSIZE 10
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-CK_OBJECT_HANDLE
-pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx);
-
-struct nss3_cert_cbstr {
- SECStatus(* callback)(CERTCertificate*, void *);
- nssList *cached;
- void *arg;
-};
-
-/* Translate from NSSCertificate to CERTCertificate, then pass the latter
- * to a callback.
- */
-static PRStatus convert_cert(NSSCertificate *c, void *arg)
-{
- CERTCertificate *nss3cert;
- SECStatus secrv;
- struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
- nss3cert = STAN_GetCERTCertificate(c);
- if (!nss3cert) return PR_FAILURE;
- secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
- return (secrv) ? PR_FAILURE : PR_SUCCESS;
-}
-
-void
-PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst)
-{
- sl->nssToken = nsst;
-}
-
-NSSToken *
-PK11Slot_GetNSSToken(PK11SlotInfo *sl)
-{
- return sl->nssToken;
-}
-
-/*
- * build a cert nickname based on the token name and the label of the
- * certificate If the label in NULL, build a label based on the ID.
- */
-static int toHex(int x) { return (x < 10) ? (x+'0') : (x+'a'-10); }
-#define MAX_CERT_ID 4
-#define DEFAULT_STRING "Cert ID "
-static char *
-pk11_buildNickname(PK11SlotInfo *slot,CK_ATTRIBUTE *cert_label,
- CK_ATTRIBUTE *key_label, CK_ATTRIBUTE *cert_id)
-{
- int prefixLen = PORT_Strlen(slot->token_name);
- int suffixLen = 0;
- char *suffix = NULL;
- char buildNew[sizeof(DEFAULT_STRING)+MAX_CERT_ID*2];
- char *next,*nickname;
-
- if (cert_label && (cert_label->ulValueLen)) {
- suffixLen = cert_label->ulValueLen;
- suffix = (char*)cert_label->pValue;
- } else if (key_label && (key_label->ulValueLen)) {
- suffixLen = key_label->ulValueLen;
- suffix = (char*)key_label->pValue;
- } else if (cert_id && cert_id->ulValueLen > 0) {
- int i,first = cert_id->ulValueLen - MAX_CERT_ID;
- int offset = sizeof(DEFAULT_STRING);
- char *idValue = (char *)cert_id->pValue;
-
- PORT_Memcpy(buildNew,DEFAULT_STRING,sizeof(DEFAULT_STRING)-1);
- next = buildNew + offset;
- if (first < 0) first = 0;
- for (i=first; i < (int) cert_id->ulValueLen; i++) {
- *next++ = toHex((idValue[i] >> 4) & 0xf);
- *next++ = toHex(idValue[i] & 0xf);
- }
- *next++ = 0;
- suffix = buildNew;
- suffixLen = PORT_Strlen(buildNew);
- } else {
- PORT_SetError( SEC_ERROR_LIBRARY_FAILURE );
- return NULL;
- }
-
- /* if is internal key slot, add code to skip the prefix!! */
- next = nickname = (char *)PORT_Alloc(prefixLen+1+suffixLen+1);
- if (nickname == NULL) return NULL;
-
- PORT_Memcpy(next,slot->token_name,prefixLen);
- next += prefixLen;
- *next++ = ':';
- PORT_Memcpy(next,suffix,suffixLen);
- next += suffixLen;
- *next++ = 0;
- return nickname;
-}
-
-/*
- * return the object handle that matches the template
- */
-CK_OBJECT_HANDLE
-pk11_FindObjectByTemplate(PK11SlotInfo *slot,CK_ATTRIBUTE *theTemplate,int tsize)
-{
- CK_OBJECT_HANDLE object;
- CK_RV crv;
- CK_ULONG objectCount;
-
- /*
- * issue the find
- */
- PK11_EnterSlotMonitor(slot);
- crv=PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, theTemplate, tsize);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- return CK_INVALID_HANDLE;
- }
-
- crv=PK11_GETTAB(slot)->C_FindObjects(slot->session,&object,1,&objectCount);
- PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
- PK11_ExitSlotMonitor(slot);
- if ((crv != CKR_OK) || (objectCount < 1)) {
- /* shouldn't use SSL_ERROR... here */
- PORT_SetError( crv != CKR_OK ? PK11_MapError(crv) :
- SSL_ERROR_NO_CERTIFICATE);
- return CK_INVALID_HANDLE;
- }
-
- /* blow up if the PKCS #11 module returns us and invalid object handle */
- PORT_Assert(object != CK_INVALID_HANDLE);
- return object;
-}
-
-/*
- * return all the object handles that matches the template
- */
-CK_OBJECT_HANDLE *
-pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
- CK_ATTRIBUTE *findTemplate,int findCount,int *object_count) {
- CK_OBJECT_HANDLE *objID = NULL;
- CK_ULONG returned_count = 0;
- CK_RV crv;
-
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, findTemplate,
- findCount);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- *object_count = -1;
- return NULL;
- }
-
-
- /*
- * collect all the Matching Objects
- */
- do {
- CK_OBJECT_HANDLE *oldObjID = objID;
-
- if (objID == NULL) {
- objID = (CK_OBJECT_HANDLE *) PORT_Alloc(sizeof(CK_OBJECT_HANDLE)*
- (*object_count+ PK11_SEARCH_CHUNKSIZE));
- } else {
- objID = (CK_OBJECT_HANDLE *) PORT_Realloc(objID,
- sizeof(CK_OBJECT_HANDLE)*(*object_count+PK11_SEARCH_CHUNKSIZE));
- }
-
- if (objID == NULL) {
- if (oldObjID) PORT_Free(oldObjID);
- break;
- }
- crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
- &objID[*object_count],PK11_SEARCH_CHUNKSIZE,&returned_count);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- PORT_Free(objID);
- objID = NULL;
- break;
- }
- *object_count += returned_count;
- } while (returned_count == PK11_SEARCH_CHUNKSIZE);
-
- PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
- PK11_ExitSlotMonitor(slot);
-
- if (objID && (*object_count == 0)) {
- PORT_Free(objID);
- return NULL;
- }
- if (objID == NULL) *object_count = -1;
- return objID;
-}
-/*
- * given a PKCS #11 object, match it's peer based on the KeyID. searchID
- * is typically a privateKey or a certificate while the peer is the opposite
- */
-CK_OBJECT_HANDLE
-PK11_MatchItem(PK11SlotInfo *slot, CK_OBJECT_HANDLE searchID,
- CK_OBJECT_CLASS matchclass)
-{
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- CK_ATTRIBUTE *keyclass = &theTemplate[1];
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- /* if you change the array, change the variable below as well */
- CK_OBJECT_HANDLE peerID;
- CK_OBJECT_HANDLE parent;
- PRArenaPool *arena;
- CK_RV crv;
-
- /* now we need to create space for the public key */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return CK_INVALID_HANDLE;
-
- crv = PK11_GetAttributes(arena,slot,searchID,theTemplate,tsize);
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- PORT_SetError( PK11_MapError(crv) );
- return CK_INVALID_HANDLE;
- }
-
- if ((theTemplate[0].ulValueLen == 0) || (theTemplate[0].ulValueLen == -1)) {
- PORT_FreeArena(arena,PR_FALSE);
- PORT_SetError(SEC_ERROR_BAD_KEY);
- return CK_INVALID_HANDLE;
- }
-
-
-
- /*
- * issue the find
- */
- parent = *(CK_OBJECT_CLASS *)(keyclass->pValue);
- *(CK_OBJECT_CLASS *)(keyclass->pValue) = matchclass;
-
- peerID = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
- PORT_FreeArena(arena,PR_FALSE);
-
- return peerID;
-}
-
-PRBool
-PK11_IsUserCert(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_OBJECT_HANDLE certID)
-{
- CK_OBJECT_CLASS theClass;
-
- if (slot == NULL) return PR_FALSE;
- if (cert == NULL) return PR_FALSE;
-
- theClass = CKO_PRIVATE_KEY;
- if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
- theClass = CKO_PUBLIC_KEY;
- }
- if (PK11_MatchItem(slot, certID , theClass) != CK_INVALID_HANDLE) {
- return PR_TRUE;
- }
-
- if (theClass == CKO_PUBLIC_KEY) {
- SECKEYPublicKey *pubKey= CERT_ExtractPublicKey(cert);
- CK_ATTRIBUTE theTemplate;
-
- if (pubKey == NULL) {
- return PR_FALSE;
- }
-
- PK11_SETATTRS(&theTemplate,0,NULL,0);
- switch (pubKey->keyType) {
- case rsaKey:
- PK11_SETATTRS(&theTemplate,CKA_MODULUS, pubKey->u.rsa.modulus.data,
- pubKey->u.rsa.modulus.len);
- break;
- case dsaKey:
- PK11_SETATTRS(&theTemplate,CKA_VALUE, pubKey->u.dsa.publicValue.data,
- pubKey->u.dsa.publicValue.len);
- break;
- case dhKey:
- PK11_SETATTRS(&theTemplate,CKA_VALUE, pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len);
- break;
- case keaKey:
- case fortezzaKey:
- case nullKey:
- /* fall through and return false */
- break;
- }
-
- if (theTemplate.ulValueLen == 0) {
- SECKEY_DestroyPublicKey(pubKey);
- return PR_FALSE;
- }
- pk11_SignedToUnsigned(&theTemplate);
- if (pk11_FindObjectByTemplate(slot,&theTemplate,1) != CK_INVALID_HANDLE) {
- SECKEY_DestroyPublicKey(pubKey);
- return PR_TRUE;
- }
- SECKEY_DestroyPublicKey(pubKey);
- }
- return PR_FALSE;
-}
-
-/*
- * Check out if a cert has ID of zero. This is a magic ID that tells
- * NSS that this cert may be an automagically trusted cert.
- * The Cert has to be self signed as well. That check is done elsewhere.
- *
- */
-PRBool
-pk11_isID0(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID)
-{
- CK_ATTRIBUTE keyID = {CKA_ID, NULL, 0};
- PRBool isZero = PR_FALSE;
- int i;
- CK_RV crv;
-
-
- crv = PK11_GetAttributes(NULL,slot,certID,&keyID,1);
- if (crv != CKR_OK) {
- return isZero;
- }
-
- if (keyID.ulValueLen != 0) {
- char *value = (char *)keyID.pValue;
- isZero = PR_TRUE; /* ID exists, may be zero */
- for (i=0; i < (int) keyID.ulValueLen; i++) {
- if (value[i] != 0) {
- isZero = PR_FALSE; /* nope */
- break;
- }
- }
- }
- PORT_Free(keyID.pValue);
- return isZero;
-
-}
-
-/*
- * Create an NSSCertificate from a slot/certID pair, return it as a
- * CERTCertificate.
- */
-static CERTCertificate
-*pk11_fastCert(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID,
- CK_ATTRIBUTE *privateLabel, char **nickptr)
-{
- NSSCertificate *c;
- nssCryptokiObject *co;
- nssPKIObject *pkio;
- NSSToken *token;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-
- /* Get the cryptoki object from the handle */
- token = PK11Slot_GetNSSToken(slot);
- co = nssCryptokiObject_Create(token, token->defaultSession, certID);
- if (!co) {
- return NULL;
- }
-
- /* Create a PKI object from the cryptoki instance */
- pkio = nssPKIObject_Create(NULL, co, td, NULL);
- if (!pkio) {
- nssCryptokiObject_Destroy(co);
- return NULL;
- }
-
- /* Create a certificate */
- c = nssCertificate_Create(pkio);
- if (!c) {
- nssPKIObject_Destroy(pkio);
- return NULL;
- }
-
- nssTrustDomain_AddCertsToCache(td, &c, 1);
-
- /* Build the old-fashioned nickname */
- if ((nickptr) && (co->label)) {
- CK_ATTRIBUTE label, id;
- label.type = CKA_LABEL;
- label.pValue = co->label;
- label.ulValueLen = PORT_Strlen(co->label);
- id.type = CKA_ID;
- id.pValue = c->id.data;
- id.ulValueLen = c->id.size;
- *nickptr = pk11_buildNickname(slot, &label, privateLabel, &id);
- }
- return STAN_GetCERTCertificate(c);
-}
-
-CK_TRUST
-pk11_GetTrustField(PK11SlotInfo *slot, PRArenaPool *arena,
- CK_OBJECT_HANDLE id, CK_ATTRIBUTE_TYPE type)
-{
- CK_TRUST rv = 0;
- SECItem item;
-
- item.data = NULL;
- item.len = 0;
-
- if( SECSuccess == PK11_ReadAttribute(slot, id, type, arena, &item) ) {
- PORT_Assert(item.len == sizeof(CK_TRUST));
- PORT_Memcpy(&rv, item.data, sizeof(CK_TRUST));
- /* Damn, is there an endian problem here? */
- return rv;
- }
-
- return 0;
-}
-
-PRBool
-pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert, CERTCertTrust *trust)
-{
- PRArenaPool *arena;
-
- CK_ATTRIBUTE tobjTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_CERT_SHA1_HASH, NULL, 0 },
- };
-
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_OBJECT_HANDLE tobjID;
- unsigned char sha1_hash[SHA1_LENGTH];
-
- CK_TRUST serverAuth, codeSigning, emailProtection, clientAuth;
-
- PK11_HashBuf(SEC_OID_SHA1, sha1_hash, cert->derCert.data, cert->derCert.len);
-
- PK11_SETATTRS(&tobjTemplate[0], CKA_CLASS, &tobjc, sizeof(tobjc));
- PK11_SETATTRS(&tobjTemplate[1], CKA_CERT_SHA1_HASH, sha1_hash,
- SHA1_LENGTH);
-
- tobjID = pk11_FindObjectByTemplate(slot, tobjTemplate,
- sizeof(tobjTemplate)/sizeof(tobjTemplate[0]));
- if( CK_INVALID_HANDLE == tobjID ) {
- return PR_FALSE;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( NULL == arena ) return PR_FALSE;
-
- /* Unfortunately, it seems that PK11_GetAttributes doesn't deal
- * well with nonexistant attributes. I guess we have to check
- * the trust info fields one at a time.
- */
-
- /* We could verify CKA_CERT_HASH here */
-
- /* We could verify CKA_EXPIRES here */
-
-
- /* "Purpose" trust information */
- serverAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_SERVER_AUTH);
- clientAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CLIENT_AUTH);
- codeSigning = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CODE_SIGNING);
- emailProtection = pk11_GetTrustField(slot, arena, tobjID,
- CKA_TRUST_EMAIL_PROTECTION);
- /* Here's where the fun logic happens. We have to map back from the
- * key usage, extended key usage, purpose, and possibly other trust values
- * into the old trust-flags bits. */
-
- /* First implementation: keep it simple for testing. We can study what other
- * mappings would be appropriate and add them later.. fgmr 20000724 */
-
- if ( serverAuth == CKT_NETSCAPE_TRUSTED ) {
- trust->sslFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
-
- if ( serverAuth == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->sslFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA |
- CERTDB_NS_TRUSTED_CA;
- }
- if ( clientAuth == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA ;
- }
-
- if ( emailProtection == CKT_NETSCAPE_TRUSTED ) {
- trust->emailFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
-
- if ( emailProtection == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->emailFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
- }
-
- if( codeSigning == CKT_NETSCAPE_TRUSTED ) {
- trust->objectSigningFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
-
- if( codeSigning == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->objectSigningFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
- }
-
- /* There's certainly a lot more logic that can go here.. */
-
- PORT_FreeArena(arena, PR_FALSE);
-
- return PR_TRUE;
-}
-
-/*
- * Build an CERTCertificate structure from a PKCS#11 object ID.... certID
- * Must be a CertObject. This code does not explicitly checks that.
- */
-CERTCertificate *
-PK11_MakeCertFromHandle(PK11SlotInfo *slot,CK_OBJECT_HANDLE certID,
- CK_ATTRIBUTE *privateLabel)
-{
- char * nickname = NULL;
- CERTCertificate *cert = NULL;
- CERTCertTrust *trust;
- PRBool isFortezzaRootCA = PR_FALSE;
- PRBool swapNickname = PR_FALSE;
-
- cert = pk11_fastCert(slot,certID,privateLabel, &nickname);
- if (cert == NULL) goto loser;
-
- if (nickname) {
- if (cert->nickname != NULL) {
- cert->dbnickname = cert->nickname;
- }
- cert->nickname = PORT_ArenaStrdup(cert->arena,nickname);
- PORT_Free(nickname);
- nickname = NULL;
- swapNickname = PR_TRUE;
- }
-
- /* remember where this cert came from.... If we have just looked
- * it up from the database and it already has a slot, don't add a new
- * one. */
- if (cert->slot == NULL) {
- cert->slot = PK11_ReferenceSlot(slot);
- cert->pkcs11ID = certID;
- cert->ownSlot = PR_TRUE;
- cert->series = slot->series;
- }
-
- trust = (CERTCertTrust*)PORT_ArenaAlloc(cert->arena, sizeof(CERTCertTrust));
- if (trust == NULL) goto loser;
- PORT_Memset(trust,0, sizeof(CERTCertTrust));
- cert->trust = trust;
-
-
-
- if(! pk11_HandleTrustObject(slot, cert, trust) ) {
- unsigned int type;
-
- /* build some cert trust flags */
- if (CERT_IsCACert(cert, &type)) {
- unsigned int trustflags = CERTDB_VALID_CA;
-
- /* Allow PKCS #11 modules to give us trusted CA's. We only accept
- * valid CA's which are self-signed here. They must have an object
- * ID of '0'. */
- if (pk11_isID0(slot,certID) &&
- SECITEM_CompareItem(&cert->derSubject,&cert->derIssuer)
- == SECEqual) {
- trustflags |= CERTDB_TRUSTED_CA;
- /* is the slot a fortezza card? allow the user or
- * admin to turn on objectSigning, but don't turn
- * full trust on explicitly */
- if (PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
- trust->objectSigningFlags |= CERTDB_VALID_CA;
- isFortezzaRootCA = PR_TRUE;
- }
- }
- if ((type & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
- trust->sslFlags |= trustflags;
- }
- if ((type & NS_CERT_TYPE_EMAIL_CA) == NS_CERT_TYPE_EMAIL_CA) {
- trust->emailFlags |= trustflags;
- }
- if ((type & NS_CERT_TYPE_OBJECT_SIGNING_CA)
- == NS_CERT_TYPE_OBJECT_SIGNING_CA) {
- trust->objectSigningFlags |= trustflags;
- }
- }
- }
-
- if (PK11_IsUserCert(slot,cert,certID)) {
- trust->sslFlags |= CERTDB_USER;
- trust->emailFlags |= CERTDB_USER;
- /* trust->objectSigningFlags |= CERTDB_USER; */
- }
-
- return cert;
-
-loser:
- if (nickname) PORT_Free(nickname);
- if (cert) CERT_DestroyCertificate(cert);
- return NULL;
-}
-
-
-/*
- * Build get a certificate from a private key
- */
-CERTCertificate *
-PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey)
-{
- PK11SlotInfo *slot = privKey->pkcs11Slot;
- CK_OBJECT_HANDLE handle = privKey->pkcs11ID;
- CK_OBJECT_HANDLE certID =
- PK11_MatchItem(slot,handle,CKO_CERTIFICATE);
- CERTCertificate *cert;
-
- if (certID == CK_INVALID_HANDLE) {
- PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
- return NULL;
- }
- cert = PK11_MakeCertFromHandle(slot,certID,NULL);
- return (cert);
-
-}
-
-/*
- * destroy a private key if there are no matching certs.
- * this function also frees the privKey structure.
- */
-SECStatus
-PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey, PRBool force)
-{
- CERTCertificate *cert=PK11_GetCertFromPrivateKey(privKey);
-
- /* found a cert matching the private key?. */
- if (!force && cert != NULL) {
- /* yes, don't delete the key */
- CERT_DestroyCertificate(cert);
- SECKEY_DestroyPrivateKey(privKey);
- return SECWouldBlock;
- }
- /* now, then it's safe for the key to go away */
- PK11_DestroyTokenObject(privKey->pkcs11Slot,privKey->pkcs11ID);
- SECKEY_DestroyPrivateKey(privKey);
- return SECSuccess;
-}
-
-/*
- * destroy a private key if there are no matching certs.
- * this function also frees the privKey structure.
- */
-SECStatus
-PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey)
-{
- /* now, then it's safe for the key to go away */
- if (pubKey->pkcs11Slot == NULL) {
- return SECFailure;
- }
- PK11_DestroyTokenObject(pubKey->pkcs11Slot,pubKey->pkcs11ID);
- SECKEY_DestroyPublicKey(pubKey);
- return SECSuccess;
-}
-
-
-/*
- * delete a cert and it's private key (if no other certs are pointing to the
- * private key.
- */
-SECStatus
-PK11_DeleteTokenCertAndKey(CERTCertificate *cert,void *wincx)
-{
- SECKEYPrivateKey *privKey = PK11_FindKeyByAnyCert(cert,wincx);
- CK_OBJECT_HANDLE pubKey;
- PK11SlotInfo *slot = NULL;
-
- pubKey = pk11_FindPubKeyByAnyCert(cert, &slot, wincx);
- if (privKey) {
-#ifdef NSS_CLASSIC
- PK11_DestroyTokenObject(cert->slot,cert->pkcs11ID);
-#else
- /* For 3.4, utilize the generic cert delete function */
- SEC_DeletePermCertificate(cert);
-#endif
- PK11_DeleteTokenPrivateKey(privKey, PR_FALSE);
- }
- if ((pubKey != CK_INVALID_HANDLE) && (slot != NULL)) {
- PK11_DestroyTokenObject(slot,pubKey);
- PK11_FreeSlot(slot);
- }
- return SECSuccess;
-}
-
-/*
- * count the number of objects that match the template.
- */
-int
-PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate,
- int templateCount)
-{
- CK_OBJECT_HANDLE objID[PK11_SEARCH_CHUNKSIZE];
- int object_count = 0;
- CK_ULONG returned_count = 0;
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session,
- findTemplate, templateCount);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- return 0;
- }
-
- /*
- * collect all the Matching Objects
- */
- do {
- crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
- objID,PK11_SEARCH_CHUNKSIZE,&returned_count);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- break;
- }
- object_count += returned_count;
- } while (returned_count == PK11_SEARCH_CHUNKSIZE);
-
- PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
- PK11_ExitSlotMonitor(slot);
- return object_count;
-}
-
-/*
- * cert callback structure
- */
-typedef struct pk11DoCertCallbackStr {
- SECStatus(* callback)(PK11SlotInfo *slot, CERTCertificate*, void *);
- SECStatus(* noslotcallback)(CERTCertificate*, void *);
- SECStatus(* itemcallback)(CERTCertificate*, SECItem *, void *);
- void *callbackArg;
-} pk11DoCertCallback;
-
-#ifdef NSS_CLASSIC
-/*
- * callback to map object handles to certificate structures.
- */
-static SECStatus
-pk11_DoCerts(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID, void *arg)
-{
- CERTCertificate *cert;
- pk11DoCertCallback *certcb = (pk11DoCertCallback *) arg;
-
- cert = PK11_MakeCertFromHandle(slot, certID, NULL);
-
- if (cert == NULL) {
- return SECFailure;
- }
-
- if (certcb ) {
- if (certcb->callback) {
- (*certcb->callback)(slot, cert, certcb->callbackArg);
- }
- if (certcb->noslotcallback) {
- (*certcb->noslotcallback)(cert, certcb->callbackArg);
- }
- if (certcb->itemcallback) {
- (*certcb->itemcallback)(cert, NULL, certcb->callbackArg);
- }
- }
-
- CERT_DestroyCertificate(cert);
-
- return SECSuccess;
-}
-#endif
-
-static SECStatus
-pk11_CollectCrls(PK11SlotInfo *slot, CK_OBJECT_HANDLE crlID, void *arg)
-{
- SECItem derCrl;
- CERTCrlHeadNode *head = (CERTCrlHeadNode *) arg;
- CERTCrlNode *new_node = NULL;
- CK_ATTRIBUTE fetchCrl[3] = {
- { CKA_VALUE, NULL, 0},
- { CKA_NETSCAPE_KRL, NULL, 0},
- { CKA_NETSCAPE_URL, NULL, 0},
- };
- const int fetchCrlSize = sizeof(fetchCrl)/sizeof(fetchCrl[2]);
- CK_RV crv;
- SECStatus rv = SECFailure;
-
- crv = PK11_GetAttributes(head->arena,slot,crlID,fetchCrl,fetchCrlSize);
- if (CKR_OK != crv) {
- PORT_SetError(PK11_MapError(crv));
- goto loser;
- }
-
- if (!fetchCrl[1].pValue) {
- PORT_SetError(SEC_ERROR_CRL_INVALID);
- goto loser;
- }
-
- new_node = (CERTCrlNode *)PORT_ArenaAlloc(head->arena, sizeof(CERTCrlNode));
- if (new_node == NULL) {
- goto loser;
- }
-
- if (*((CK_BBOOL *)fetchCrl[1].pValue))
- new_node->type = SEC_KRL_TYPE;
- else
- new_node->type = SEC_CRL_TYPE;
-
- derCrl.type = siBuffer;
- derCrl.data = (unsigned char *)fetchCrl[0].pValue;
- derCrl.len = fetchCrl[0].ulValueLen;
- new_node->crl=CERT_DecodeDERCrl(head->arena,&derCrl,new_node->type);
- if (new_node->crl == NULL) {
- goto loser;
- }
-
- if (fetchCrl[2].pValue) {
- int nnlen = fetchCrl[2].ulValueLen;
- new_node->crl->url = (char *)PORT_ArenaAlloc(head->arena, nnlen+1);
- if ( !new_node->crl->url ) {
- goto loser;
- }
- PORT_Memcpy(new_node->crl->url, fetchCrl[2].pValue, nnlen);
- new_node->crl->url[nnlen] = 0;
- } else {
- new_node->crl->url = NULL;
- }
-
-
- new_node->next = NULL;
- if (head->last) {
- head->last->next = new_node;
- head->last = new_node;
- } else {
- head->first = head->last = new_node;
- }
- rv = SECSuccess;
-
-loser:
- return(rv);
-}
-
-
-/*
- * key call back structure.
- */
-typedef struct pk11KeyCallbackStr {
- SECStatus (* callback)(SECKEYPrivateKey *,void *);
- void *callbackArg;
- void *wincx;
-} pk11KeyCallback;
-
-/*
- * callback to map Object Handles to Private Keys;
- */
-SECStatus
-pk11_DoKeys(PK11SlotInfo *slot, CK_OBJECT_HANDLE keyHandle, void *arg)
-{
- SECStatus rv = SECSuccess;
- SECKEYPrivateKey *privKey;
- pk11KeyCallback *keycb = (pk11KeyCallback *) arg;
-
- privKey = PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,keycb->wincx);
-
- if (privKey == NULL) {
- return SECFailure;
- }
-
- if (keycb && (keycb->callback)) {
- rv = (*keycb->callback)(privKey,keycb->callbackArg);
- }
-
- SECKEY_DestroyPrivateKey(privKey);
- return rv;
-}
-
-/* Traverse slots callback */
-typedef struct pk11TraverseSlotStr {
- SECStatus (*callback)(PK11SlotInfo *,CK_OBJECT_HANDLE, void *);
- void *callbackArg;
- CK_ATTRIBUTE *findTemplate;
- int templateCount;
-} pk11TraverseSlot;
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_TraverseSlot(PK11SlotInfo *slot, void *arg)
-{
- int i;
- CK_OBJECT_HANDLE *objID = NULL;
- int object_count = 0;
- pk11TraverseSlot *slotcb = (pk11TraverseSlot*) arg;
-
- objID = pk11_FindObjectsByTemplate(slot,slotcb->findTemplate,
- slotcb->templateCount,&object_count);
-
- /*Actually this isn't a failure... there just were no objs to be found*/
- if (object_count == 0) {
- return SECSuccess;
- }
-
- if (objID == NULL) {
- return SECFailure;
- }
-
- for (i=0; i < object_count; i++) {
- (*slotcb->callback)(slot,objID[i],slotcb->callbackArg);
- }
- PORT_Free(objID);
- return SECSuccess;
-}
-
-typedef struct pk11CertCallbackStr {
- SECStatus(* callback)(CERTCertificate*,SECItem *,void *);
- void *callbackArg;
-} pk11CertCallback;
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-pk11_TraverseAllSlots( SECStatus (*callback)(PK11SlotInfo *,void *),
- void *arg,void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- SECStatus rv;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,wincx);
- if (list == NULL) return SECFailure;
-
- /* look at each slot and authenticate as necessary */
- for (le = list->head ; le; le = le->next) {
- if (!PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_FALSE, wincx);
- if (rv != SECSuccess) continue;
- }
- if (callback) {
- (*callback)(le->slot,arg);
- }
- }
-
- PK11_FreeSlotList(list);
-
- return SECSuccess;
-}
-
-struct fake_der_cb_argstr
-{
- SECStatus(* callback)(CERTCertificate*, SECItem *, void *);
- void *arg;
-};
-
-static SECStatus fake_der_cb(CERTCertificate *c, void *a)
-{
- struct fake_der_cb_argstr *fda = (struct fake_der_cb_argstr *)a;
- return (*fda->callback)(c, &c->derCert, fda->arg);
-}
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_TraverseSlotCerts(SECStatus(* callback)(CERTCertificate*,SECItem *,void *),
- void *arg, void *wincx) {
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot creater;
- CK_ATTRIBUTE theTemplate;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-
- PK11_SETATTRS(&theTemplate, CKA_CLASS, &certClass, sizeof(certClass));
-
- caller.callback = NULL;
- caller.noslotcallback = NULL;
- caller.itemcallback = callback;
- caller.callbackArg = arg;
- creater.callback = pk11_DoCerts;
- creater.callbackArg = (void *) & caller;
- creater.findTemplate = &theTemplate;
- creater.templateCount = 1;
-
- return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, wincx);
-#else
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- struct fake_der_cb_argstr fda;
- struct nss3_cert_cbstr pk11cb;
-
- /* authenticate to the tokens first */
- (void) pk11_TraverseAllSlots( NULL, NULL, wincx);
-
- fda.callback = callback;
- fda.arg = arg;
- pk11cb.callback = fake_der_cb;
- pk11cb.arg = &fda;
- NSSTrustDomain_TraverseCertificates(defaultTD, convert_cert, &pk11cb);
- return SECSuccess;
-#endif
-}
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx) {
- pk11TraverseSlot creater;
- CK_ATTRIBUTE theTemplate[2];
- CK_ATTRIBUTE *attrs;
- CK_OBJECT_CLASS certClass = CKO_NETSCAPE_CRL;
-
- attrs = theTemplate;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); attrs++;
- if (type != -1) {
- CK_BBOOL isKrl = (CK_BBOOL) (type == SEC_KRL_TYPE);
- PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, &isKrl, sizeof(isKrl)); attrs++;
- }
-
- creater.callback = pk11_CollectCrls;
- creater.callbackArg = (void *) nodes;
- creater.findTemplate = theTemplate;
- creater.templateCount = (attrs - theTemplate);
-
- return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, wincx);
-}
-
-/***********************************************************************
- * PK11_TraversePrivateKeysInSlot
- *
- * Traverses all the private keys on a slot.
- *
- * INPUTS
- * slot
- * The PKCS #11 slot whose private keys you want to traverse.
- * callback
- * A callback function that will be called for each key.
- * arg
- * An argument that will be passed to the callback function.
- */
-SECStatus
-PK11_TraversePrivateKeysInSlot( PK11SlotInfo *slot,
- SECStatus(* callback)(SECKEYPrivateKey*, void*), void *arg)
-{
- pk11KeyCallback perKeyCB;
- pk11TraverseSlot perObjectCB;
- CK_OBJECT_CLASS privkClass = CKO_PRIVATE_KEY;
- CK_BBOOL ckTrue = CK_TRUE;
- CK_ATTRIBUTE theTemplate[2];
- int templateSize = 2;
-
- theTemplate[0].type = CKA_CLASS;
- theTemplate[0].pValue = &privkClass;
- theTemplate[0].ulValueLen = sizeof(privkClass);
- theTemplate[1].type = CKA_TOKEN;
- theTemplate[1].pValue = &ckTrue;
- theTemplate[1].ulValueLen = sizeof(ckTrue);
-
- if(slot==NULL) {
- return SECSuccess;
- }
-
- perObjectCB.callback = pk11_DoKeys;
- perObjectCB.callbackArg = &perKeyCB;
- perObjectCB.findTemplate = theTemplate;
- perObjectCB.templateCount = templateSize;
- perKeyCB.callback = callback;
- perKeyCB.callbackArg = arg;
- perKeyCB.wincx = NULL;
-
- return PK11_TraverseSlot(slot, &perObjectCB);
-}
-
-CK_OBJECT_HANDLE *
-PK11_FindObjectsFromNickname(char *nickname,PK11SlotInfo **slotptr,
- CK_OBJECT_CLASS objclass, int *returnCount, void *wincx)
-{
- char *tokenName;
- char *delimit;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE *objID;
- CK_ATTRIBUTE findTemplate[] = {
- { CKA_LABEL, NULL, 0},
- { CKA_CLASS, NULL, 0},
- };
- int findCount = sizeof(findTemplate)/sizeof(findTemplate[0]);
- SECStatus rv;
- PK11_SETATTRS(&findTemplate[1], CKA_CLASS, &objclass, sizeof(objclass));
-
- *slotptr = slot = NULL;
- *returnCount = 0;
- /* first find the slot associated with this nickname */
- if ((delimit = PORT_Strchr(nickname,':')) != NULL) {
- int len = delimit - nickname;
- tokenName = (char*)PORT_Alloc(len+1);
- PORT_Memcpy(tokenName,nickname,len);
- tokenName[len] = 0;
-
- slot = *slotptr = PK11_FindSlotByName(tokenName);
- PORT_Free(tokenName);
- /* if we couldn't find a slot, assume the nickname is an internal cert
- * with no proceding slot name */
- if (slot == NULL) {
- slot = *slotptr = PK11_GetInternalKeySlot();
- } else {
- nickname = delimit+1;
- }
- } else {
- *slotptr = slot = PK11_GetInternalKeySlot();
- }
- if (slot == NULL) {
- return CK_INVALID_HANDLE;
- }
-
- if (!PK11_IsFriendly(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- PK11_FreeSlot(slot);
- *slotptr = NULL;
- return CK_INVALID_HANDLE;
- }
- }
-
- findTemplate[0].pValue = nickname;
- findTemplate[0].ulValueLen = PORT_Strlen(nickname);
- objID = pk11_FindObjectsByTemplate(slot,findTemplate,findCount,returnCount);
- if (objID == NULL) {
- /* PKCS #11 isn't clear on whether or not the NULL is
- * stored in the template.... try the find again with the
- * full null terminated string. */
- findTemplate[0].ulValueLen += 1;
- objID = pk11_FindObjectsByTemplate(slot,findTemplate,findCount,
- returnCount);
- if (objID == NULL) {
- /* Well that's the best we can do. It's just not here */
- /* what about faked nicknames? */
- PK11_FreeSlot(slot);
- *slotptr = NULL;
- *returnCount = 0;
- }
- }
-
- return objID;
-}
-
-static void
-transfer_token_certs_to_collection(nssList *certList, NSSToken *token,
- nssPKIObjectCollection *collection)
-{
- NSSCertificate **certs;
- PRUint32 i, count;
- NSSToken **tokens, **tp;
- count = nssList_Count(certList);
- if (count == 0) {
- return;
- }
- certs = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
- if (!certs) {
- return;
- }
- nssList_GetArray(certList, (void **)certs, count);
- for (i=0; i<count; i++) {
- tokens = nssPKIObject_GetTokens(&certs[i]->object, NULL);
- if (tokens) {
- for (tp = tokens; *tp; tp++) {
- if (*tp == token) {
- nssPKIObjectCollection_AddObject(collection,
- (nssPKIObject *)certs[i]);
- }
- }
- nssTokenArray_Destroy(tokens);
- }
- /* *must* be a valid CERTCertificate, came from cache */
- CERT_DestroyCertificate(STAN_GetCERTCertificate(certs[i]));
- }
- nss_ZFreeIf(certs);
-}
-
-CERTCertificate *
-PK11_FindCertFromNickname(char *nickname, void *wincx) {
-#ifdef NSS_CLASSIC
- PK11SlotInfo *slot;
- int count=0;
- CK_OBJECT_HANDLE *certID = PK11_FindObjectsFromNickname(nickname,&slot,
- CKO_CERTIFICATE, &count, wincx);
- CERTCertificate *cert;
-
- if (certID == CK_INVALID_HANDLE) return NULL;
- cert = PK11_MakeCertFromHandle(slot,certID[0],NULL);
- PK11_FreeSlot(slot);
- PORT_Free(certID);
- return cert;
-#else
- PRStatus status;
- CERTCertificate *rvCert = NULL;
- NSSCertificate *cert = NULL;
- NSSCertificate **certs = NULL;
- NSSUsage usage;
- NSSToken *token;
- PK11SlotInfo *slot = NULL;
- char *nickCopy;
- char *delimit = NULL;
- char *tokenName;
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- usage.anyUsage = PR_TRUE;
- nickCopy = PORT_Strdup(nickname);
- if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) {
- tokenName = nickCopy;
- nickname = delimit + 1;
- *delimit = '\0';
- /* find token by name */
- token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
- if (token) {
- slot = PK11_ReferenceSlot(token->pk11slot);
- }
- *delimit = ':';
- } else {
- slot = PK11_GetInternalKeySlot();
- token = PK11Slot_GetNSSToken(slot);
- }
- if (token) {
- nssList *certList;
- nssCryptokiObject **instances;
- nssPKIObjectCollection *collection;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- if (!PK11_IsPresent(slot)) {
- goto loser;
- }
- if (!PK11_IsFriendly(slot)) {
- if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) {
- goto loser;
- }
- }
- collection = nssCertificateCollection_Create(defaultTD, NULL);
- if (!collection) {
- goto loser;
- }
- certList = nssList_Create(NULL, PR_FALSE);
- if (!certList) {
- nssPKIObjectCollection_Destroy(collection);
- goto loser;
- }
- (void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
- nickname,
- certList);
- transfer_token_certs_to_collection(certList, token, collection);
- instances = nssToken_FindCertificatesByNickname(token,
- NULL,
- nickname,
- tokenOnly,
- 0,
- &status);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- /* if it wasn't found, repeat the process for email address */
- if (nssPKIObjectCollection_Count(collection) == 0 &&
- PORT_Strchr(nickname, '@') != NULL)
- {
- (void)nssTrustDomain_GetCertsForEmailAddressFromCache(defaultTD,
- nickname,
- certList);
- transfer_token_certs_to_collection(certList, token, collection);
- instances = nssToken_FindCertificatesByEmail(token,
- NULL,
- nickname,
- tokenOnly,
- 0,
- &status);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- }
- certs = nssPKIObjectCollection_GetCertificates(collection,
- NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- if (certs) {
- cert = nssCertificateArray_FindBestCertificate(certs, NULL,
- &usage, NULL);
- if (cert) {
- rvCert = STAN_GetCERTCertificate(cert);
- }
- nssCertificateArray_Destroy(certs);
- }
- nssList_Destroy(certList);
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if (nickCopy) PORT_Free(nickCopy);
- return rvCert;
-loser:
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if (nickCopy) PORT_Free(nickCopy);
- return NULL;
-#endif
-}
-
-CERTCertList *
-PK11_FindCertsFromNickname(char *nickname, void *wincx) {
-#ifdef NSS_CLASSIC
- PK11SlotInfo *slot;
- int i,count = 0;
- CK_OBJECT_HANDLE *certID = PK11_FindObjectsFromNickname(nickname,&slot,
- CKO_CERTIFICATE, &count, wincx);
- CERTCertList *certList = NULL;
-
- if (certID == NULL) return NULL;
-
- certList= CERT_NewCertList();
-
- for (i=0; i < count; i++) {
- CERTCertificate *cert = PK11_MakeCertFromHandle(slot,certID[i],NULL);
-
- if (cert) CERT_AddCertToListTail(certList,cert);
- }
-
- if (CERT_LIST_HEAD(certList) == NULL) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
- PK11_FreeSlot(slot);
- PORT_Free(certID);
- return certList;
-#else
- char *nickCopy;
- char *delimit = NULL;
- char *tokenName;
- int i;
- CERTCertList *certList = NULL;
- nssPKIObjectCollection *collection = NULL;
- NSSCertificate **foundCerts = NULL;
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- NSSCertificate *c;
- NSSToken *token;
- PK11SlotInfo *slot;
- nickCopy = PORT_Strdup(nickname);
- if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) {
- tokenName = nickCopy;
- nickname = delimit + 1;
- *delimit = '\0';
- /* find token by name */
- token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
- if (token) {
- slot = PK11_ReferenceSlot(token->pk11slot);
- } else {
- slot = NULL;
- }
- *delimit = ':';
- } else {
- slot = PK11_GetInternalKeySlot();
- token = PK11Slot_GetNSSToken(slot);
- }
- if (token) {
- PRStatus status;
- nssList *nameList;
- nssCryptokiObject **instances;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- if (!PK11_IsFriendly(slot)) {
- if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) {
- PK11_FreeSlot(slot);
- if (nickCopy) PORT_Free(nickCopy);
- return NULL;
- }
- }
- collection = nssCertificateCollection_Create(defaultTD, NULL);
- if (!collection) {
- PK11_FreeSlot(slot);
- if (nickCopy) PORT_Free(nickCopy);
- return NULL;
- }
- nameList = nssList_Create(NULL, PR_FALSE);
- if (!nameList) {
- PK11_FreeSlot(slot);
- if (nickCopy) PORT_Free(nickCopy);
- return NULL;
- }
- (void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
- nickname,
- nameList);
- transfer_token_certs_to_collection(nameList, token, collection);
- instances = nssToken_FindCertificatesByNickname(token,
- NULL,
- nickname,
- tokenOnly,
- 0,
- &status);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- nssList_Destroy(nameList);
- foundCerts = nssPKIObjectCollection_GetCertificates(collection,
- NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if (nickCopy) PORT_Free(nickCopy);
- if (foundCerts) {
- PRTime now = PR_Now();
- certList = CERT_NewCertList();
- for (i=0, c = *foundCerts; c; c = foundCerts[++i]) {
- CERTCertificate *certCert = STAN_GetCERTCertificate(c);
- if (certCert) {
- CERT_AddCertToListSorted(certList, certCert,
- CERT_SortCBValidity, &now);
- }
- }
- if (CERT_LIST_HEAD(certList) == NULL) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
- nss_ZFreeIf(foundCerts);
- }
- return certList;
-#endif
-}
-
-/*
- * extract a key ID for a certificate...
- * NOTE: We call this function from PKCS11.c If we ever use
- * pkcs11 to extract the public key (we currently do not), this will break.
- */
-SECItem *
-PK11_GetPubIndexKeyID(CERTCertificate *cert) {
- SECKEYPublicKey *pubk;
- SECItem *newItem = NULL;
-
- pubk = CERT_ExtractPublicKey(cert);
- if (pubk == NULL) return NULL;
-
- switch (pubk->keyType) {
- case rsaKey:
- newItem = SECITEM_DupItem(&pubk->u.rsa.modulus);
- break;
- case dsaKey:
- newItem = SECITEM_DupItem(&pubk->u.dsa.publicValue);
- break;
- case dhKey:
- newItem = SECITEM_DupItem(&pubk->u.dh.publicValue);
- break;
- case fortezzaKey:
- default:
- newItem = NULL; /* Fortezza Fix later... */
- }
- SECKEY_DestroyPublicKey(pubk);
- /* make hash of it */
- return newItem;
-}
-
-/*
- * generate a CKA_ID from a certificate.
- */
-SECItem *
-pk11_mkcertKeyID(CERTCertificate *cert) {
- SECItem *pubKeyData = PK11_GetPubIndexKeyID(cert) ;
- SECItem *certCKA_ID;
-
- if (pubKeyData == NULL) return NULL;
-
- certCKA_ID = PK11_MakeIDFromPubKey(pubKeyData);
- SECITEM_FreeItem(pubKeyData,PR_TRUE);
- return certCKA_ID;
-}
-
-
-/*
- * Generate a CKA_ID from the relevant public key data. The CKA_ID is generated
- * from the pubKeyData by SHA1_Hashing it to produce a smaller CKA_ID (to make
- * smart cards happy.
- */
-SECItem *
-PK11_MakeIDFromPubKey(SECItem *pubKeyData) {
- PK11Context *context;
- SECItem *certCKA_ID;
- SECStatus rv;
-
- context = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (context == NULL) {
- return NULL;
- }
-
- rv = PK11_DigestBegin(context);
- if (rv == SECSuccess) {
- rv = PK11_DigestOp(context,pubKeyData->data,pubKeyData->len);
- }
- if (rv != SECSuccess) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- certCKA_ID = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (certCKA_ID == NULL) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- certCKA_ID->len = SHA1_LENGTH;
- certCKA_ID->data = (unsigned char*)PORT_Alloc(certCKA_ID->len);
- if (certCKA_ID->data == NULL) {
- PORT_Free(certCKA_ID);
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- rv = PK11_DigestFinal(context,certCKA_ID->data,&certCKA_ID->len,
- SHA1_LENGTH);
- PK11_DestroyContext(context,PR_TRUE);
- if (rv != SECSuccess) {
- SECITEM_FreeItem(certCKA_ID,PR_TRUE);
- return NULL;
- }
-
- return certCKA_ID;
-}
-
-extern const NSSError NSS_ERROR_INVALID_CERTIFICATE;
-
-/*
- * Write the cert into the token.
- */
-SECStatus
-PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust) {
-#ifdef NSS_CLASSIC
- int len = 0;
- SECItem *keyID = pk11_mkcertKeyID(cert);
- CK_ATTRIBUTE keyAttrs[] = {
- { CKA_LABEL, NULL, 0},
- { CKA_SUBJECT, NULL, 0},
- };
- CK_OBJECT_CLASS certc = CKO_CERTIFICATE;
- CK_CERTIFICATE_TYPE certType = CKC_X_509;
- CK_OBJECT_HANDLE certID;
- CK_SESSION_HANDLE rwsession;
- CK_BBOOL cktrue = CK_TRUE;
- SECStatus rv = SECFailure;
- CK_ATTRIBUTE certAttrs[] = {
- { CKA_ID, NULL, 0 },
- { CKA_LABEL, NULL, 0},
- { CKA_CLASS, NULL, 0},
- { CKA_TOKEN, NULL, 0},
- { CKA_CERTIFICATE_TYPE, NULL, 0},
- { CKA_SUBJECT, NULL, 0},
- { CKA_ISSUER, NULL, 0},
- { CKA_SERIAL_NUMBER, NULL, 0},
- { CKA_VALUE, NULL, 0},
- { CKA_NETSCAPE_TRUST, NULL, 0},
- { CKA_NETSCAPE_EMAIL, NULL, 0},
- };
- int certCount = sizeof(certAttrs)/sizeof(certAttrs[0]), keyCount = 2;
- int realCount = 0;
- CK_ATTRIBUTE *attrs;
- CK_RV crv;
- SECCertUsage *certUsage = NULL;
- SECItem derSerial = { 0 };
- NSSToken *token;
-
- if (keyID == NULL) {
- PORT_SetError(SEC_ERROR_ADDING_CERT);
- return rv;
- }
-
- len = ((nickname) ? PORT_Strlen(nickname) : 0);
-
- attrs = certAttrs;
- PK11_SETATTRS(attrs,CKA_ID, keyID->data, keyID->len); attrs++;
- if (nickname) {
- PK11_SETATTRS(attrs,CKA_LABEL, nickname, len ); attrs++;
- }
- PK11_SETATTRS(attrs,CKA_CLASS, &certc, sizeof(certc) ); attrs++;
- PK11_SETATTRS(attrs,CKA_TOKEN, &cktrue, sizeof(cktrue) ); attrs++;
- PK11_SETATTRS(attrs,CKA_CERTIFICATE_TYPE, &certType,
- sizeof(certType)); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBJECT, cert->derSubject.data,
- cert->derSubject.len ); attrs++;
- PK11_SETATTRS(attrs,CKA_ISSUER, cert->derIssuer.data,
- cert->derIssuer.len ); attrs++;
- if (PR_TRUE) {
- /* CERTCertificate stores serial numbers decoded. I need the DER
- * here. sigh.
- */
- CERT_SerialNumberFromDERCert(&cert->derCert, &derSerial);
- PK11_SETATTRS(attrs,CKA_SERIAL_NUMBER, derSerial.data, derSerial.len);
- attrs++;
- }
- PK11_SETATTRS(attrs,CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- if (includeTrust && PK11_IsInternal(slot)) {
- certUsage = (SECCertUsage*)PORT_Alloc(sizeof(SECCertUsage));
- if(!certUsage) {
- SECITEM_FreeItem(keyID,PR_TRUE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return rv;
- }
- *certUsage = certUsageUserCertImport;
- PK11_SETATTRS(attrs,CKA_NETSCAPE_TRUST, certUsage,
- sizeof(SECCertUsage));
- attrs++;
- if (cert->emailAddr) {
- PK11_SETATTRS(attrs,CKA_NETSCAPE_EMAIL, cert->emailAddr,
- PORT_Strlen(cert->emailAddr);
- attrs++;
- }
- }
- realCount = attrs - certAttrs;
- PORT_Assert(realCount <= certCount);
-
- attrs = keyAttrs;
- if(nickname) {
- PK11_SETATTRS(attrs,CKA_LABEL, nickname, len ); attrs++;
- }
- PK11_SETATTRS(attrs,CKA_SUBJECT, cert->derSubject.data,
- cert->derSubject.len );
-
- if(!nickname) {
- certCount--;
- keyCount--;
- }
-
- rwsession = PK11_GetRWSession(slot);
- if (key != CK_INVALID_HANDLE) {
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession,key,keyAttrs,
- keyCount);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto done;
- }
- }
-
- crv = PK11_GETTAB(slot)->
- C_CreateObject(rwsession,certAttrs,realCount,&certID);
- if (crv == CKR_OK) {
- rv = SECSuccess;
- } else {
- PORT_SetError( PK11_MapError(crv) );
- }
-
- if (!cert->nickname && nickname) {
- cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
- }
-
- cert->pkcs11ID = certID;
- cert->dbhandle = STAN_GetDefaultTrustDomain();
- if (cert->slot == NULL) {
- cert->slot = PK11_ReferenceSlot(slot);
- cert->series = slot->series;
- cert->ownSlot = PR_TRUE;
- if (cert->nssCertificate) {
- nssCryptokiInstance *instance;
- NSSCertificate *c = cert->nssCertificate;
- instance = nss_ZNEW(c->object.arena, nssCryptokiInstance);
- instance->token = slot->nssToken;
- instance->handle = cert->pkcs11ID;
- instance->isTokenObject = PR_TRUE;
- nssPKIObject_AddInstance(&c->object, instance);
- } else {
- cert->nssCertificate = STAN_GetNSSCertificate(cert);
- }
- }
- cert->trust = nssTrust_GetCERTCertTrustForCert(cert->nssCertificate, cert);
- token = PK11Slot_GetNSSToken(slot);
-
-done:
- if (derSerial.data) PORT_Free(derSerial.data);
- SECITEM_FreeItem(keyID,PR_TRUE);
- PK11_RestoreROSession(slot,rwsession);
- if(certUsage) {
- PORT_Free(certUsage);
- }
- return rv;
-#else
- PRStatus status;
- NSSCertificate *c;
- nssCryptokiObject *keyobj, *certobj;
- NSSToken *token = PK11Slot_GetNSSToken(slot);
- SECItem *keyID = pk11_mkcertKeyID(cert);
- char *emailAddr = NULL;
-
- if (keyID == NULL) {
- goto loser;
- }
-
- if (PK11_IsInternal(slot) && cert->emailAddr) {
- emailAddr = cert->emailAddr;
- }
-
- /* need to get the cert as a stan cert */
- if (cert->nssCertificate) {
- c = cert->nssCertificate;
- } else {
- c = STAN_GetNSSCertificate(cert);
- }
-
- if (c->object.cryptoContext) {
- /* Delete the temp instance */
- NSSCryptoContext *cc = c->object.cryptoContext;
- nssCertificateStore_Lock(cc->certStore);
- nssCertificateStore_RemoveCertLOCKED(cc->certStore, c);
- nssCertificateStore_Unlock(cc->certStore);
- c->object.cryptoContext = NULL;
- cert->istemp = PR_FALSE;
- cert->isperm = PR_TRUE;
- }
-
- /* set the id for the cert */
- nssItem_Create(c->object.arena, &c->id, keyID->len, keyID->data);
- if (!c->id.data) {
- goto loser;
- }
-
- if (key != CK_INVALID_HANDLE) {
- /* create an object for the key, ... */
- keyobj = nss_ZNEW(NULL, nssCryptokiObject);
- if (!keyobj) {
- goto loser;
- }
- keyobj->token = nssToken_AddRef(token);
- keyobj->handle = key;
- keyobj->isTokenObject = PR_TRUE;
-
- /* ... in order to set matching attributes for the key */
- status = nssCryptokiPrivateKey_SetCertificate(keyobj, NULL, nickname,
- &c->id, &c->subject);
- nssCryptokiObject_Destroy(keyobj);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- }
-
- /* do the token import */
- certobj = nssToken_ImportCertificate(token, NULL,
- NSSCertificateType_PKIX,
- &c->id,
- nickname,
- &c->encoding,
- &c->issuer,
- &c->subject,
- &c->serial,
- emailAddr,
- PR_TRUE);
- if (!certobj) {
- if (NSS_GetError() == NSS_ERROR_INVALID_CERTIFICATE) {
- PORT_SetError(SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
- SECITEM_FreeItem(keyID,PR_TRUE);
- return SECFailure;
- }
- goto loser;
- }
- /* add the new instance to the cert, force an update of the
- * CERTCertificate, and finish
- */
- nssPKIObject_AddInstance(&c->object, certobj);
- nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
- (void)STAN_ForceCERTCertificateUpdate(c);
- SECITEM_FreeItem(keyID,PR_TRUE);
- return SECSuccess;
-loser:
- SECITEM_FreeItem(keyID,PR_TRUE);
- PORT_SetError(SEC_ERROR_ADDING_CERT);
- return SECFailure;
-#endif
-}
-
-SECStatus
-PK11_ImportDERCert(PK11SlotInfo *slot, SECItem *derCert,
- CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust) {
- CERTCertificate *cert;
- SECStatus rv;
-
- cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- derCert, NULL, PR_FALSE, PR_TRUE);
- if (cert == NULL) return SECFailure;
-
- rv = PK11_ImportCert(slot, cert, key, nickname, includeTrust);
- CERT_DestroyCertificate (cert);
- return rv;
-}
-
-/*
- * get a certificate handle, look at the cached handle first..
- */
-CK_OBJECT_HANDLE
-pk11_getcerthandle(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_ATTRIBUTE *theTemplate,int tsize)
-{
- CK_OBJECT_HANDLE certh;
-
- if (cert->slot == slot) {
- certh = cert->pkcs11ID;
- if ((certh == CK_INVALID_HANDLE) ||
- (cert->series != slot->series)) {
- certh = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
- cert->pkcs11ID = certh;
- cert->series = slot->series;
- }
- } else {
- certh = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
- }
- return certh;
-}
-
-/*
- * return the private key From a given Cert
- */
-SECKEYPrivateKey *
-PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx) {
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certh;
- CK_OBJECT_HANDLE keyh;
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- if (certh == CK_INVALID_HANDLE) {
- return NULL;
- }
- keyh = PK11_MatchItem(slot,certh,CKO_PRIVATE_KEY);
- if (keyh == CK_INVALID_HANDLE) { return NULL; }
- return PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyh, wincx);
-}
-
-
-/*
- * return the private key with the given ID
- */
-static CK_OBJECT_HANDLE
-pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot, SECItem *keyID) {
- CK_OBJECT_CLASS privKey = CKO_PRIVATE_KEY;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_ATTRIBUTE *attrs = theTemplate;
-
- PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len ); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &privKey, sizeof(privKey));
-
- return pk11_FindObjectByTemplate(slot,theTemplate,tsize);
-}
-
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname. This is for the Key Gen, orphaned key case.
- */
-PK11SlotInfo *
-PK11_KeyForCertExists(CERTCertificate *cert, CK_OBJECT_HANDLE *keyPtr,
- void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- SECItem *keyID;
- CK_OBJECT_HANDLE key;
- PK11SlotInfo *slot = NULL;
- SECStatus rv;
-
- keyID = pk11_mkcertKeyID(cert);
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if ((keyID == NULL) || (list == NULL)) {
- if (keyID) SECITEM_FreeItem(keyID,PR_TRUE);
- if (list) PK11_FreeSlotList(list);
- return NULL;
- }
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
-
- key = pk11_FindPrivateKeyFromCertID(le->slot,keyID);
- if (key != CK_INVALID_HANDLE) {
- slot = PK11_ReferenceSlot(le->slot);
- if (keyPtr) *keyPtr = key;
- break;
- }
- }
-
- SECITEM_FreeItem(keyID,PR_TRUE);
- PK11_FreeSlotList(list);
- return slot;
-
-}
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname. This is for the Key Gen, orphaned key case.
- */
-PK11SlotInfo *
-PK11_KeyForDERCertExists(SECItem *derCert, CK_OBJECT_HANDLE *keyPtr,
- void *wincx) {
- CERTCertificate *cert;
- PK11SlotInfo *slot = NULL;
-
- /* letting this use go -- the only thing that the cert is used for is
- * to get the ID attribute.
- */
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if (cert == NULL) return NULL;
-
- slot = PK11_KeyForCertExists(cert, keyPtr, wincx);
- CERT_DestroyCertificate (cert);
- return slot;
-}
-
-PK11SlotInfo *
-PK11_ImportCertForKey(CERTCertificate *cert, char *nickname,void *wincx) {
- PK11SlotInfo *slot = NULL;
- CK_OBJECT_HANDLE key;
-
- slot = PK11_KeyForCertExists(cert,&key,wincx);
-
- if (slot) {
- if (PK11_ImportCert(slot,cert,key,nickname,PR_FALSE) != SECSuccess) {
- PK11_FreeSlot(slot);
- slot = NULL;
- }
- } else {
- PORT_SetError(SEC_ERROR_ADDING_CERT);
- }
-
- return slot;
-}
-
-PK11SlotInfo *
-PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,void *wincx) {
- CERTCertificate *cert;
- PK11SlotInfo *slot = NULL;
-
- cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- derCert, NULL, PR_FALSE, PR_TRUE);
- if (cert == NULL) return NULL;
-
- slot = PK11_ImportCertForKey(cert, nickname, wincx);
- CERT_DestroyCertificate (cert);
- return slot;
-}
-
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByTemplate(PK11SlotInfo **slotPtr,
- CK_ATTRIBUTE *searchTemplate, int count, void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
- PK11SlotInfo *slot = NULL;
- SECStatus rv;
-
- *slotPtr = NULL;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if (list == NULL) {
- if (list) PK11_FreeSlotList(list);
- return CK_INVALID_HANDLE;
- }
-
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- if (!PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- }
-
- certHandle = pk11_FindObjectByTemplate(le->slot,searchTemplate,count);
- if (certHandle != CK_INVALID_HANDLE) {
- slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
-
- PK11_FreeSlotList(list);
-
- if (slot == NULL) {
- return CK_INVALID_HANDLE;
- }
- *slotPtr = slot;
- return certHandle;
-}
-
-CERTCertificate *
-PK11_FindCertByIssuerAndSNOnToken(PK11SlotInfo *slot,
- CERTIssuerAndSN *issuerSN, void *wincx)
-{
- CERTCertificate *rvCert = NULL;
- NSSCertificate *cert = NULL;
- NSSDER issuer, serial;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSToken *token = slot->nssToken;
- nssSession *session;
- nssCryptokiObject *instance = NULL;
- nssPKIObject *object = NULL;
- SECItem *derSerial;
- PRStatus status;
-
- /* Paranoia */
- if (token == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- return NULL;
- }
-
-
- /* PKCS#11 needs to use DER-encoded serial numbers. Create a
- * CERTIssuerAndSN that actually has the encoded value and pass that
- * to PKCS#11 (and the crypto context).
- */
- derSerial = SEC_ASN1EncodeItem(NULL, NULL,
- &issuerSN->serialNumber,
- SEC_IntegerTemplate);
- if (!derSerial) {
- return NULL;
- }
-
- NSSITEM_FROM_SECITEM(&issuer, &issuerSN->derIssuer);
- NSSITEM_FROM_SECITEM(&serial, derSerial);
-
- session = nssToken_GetDefaultSession(token);
- if (!session) {
- goto loser;
- }
-
- instance = nssToken_FindCertificateByIssuerAndSerialNumber(token,session,
- &issuer, &serial, nssTokenSearchType_TokenForced, &status);
-
- SECITEM_FreeItem(derSerial, PR_TRUE);
-
- if (!instance) {
- goto loser;
- }
- object = nssPKIObject_Create(NULL, instance, td, NULL);
- if (!object) {
- goto loser;
- }
- instance = NULL; /* adopted by the previous call */
- cert = nssCertificate_Create(object);
- if (!cert) {
- goto loser;
- }
- object = NULL; /* adopted by the previous call */
- nssTrustDomain_AddCertsToCache(td, &cert,1);
- rvCert = STAN_GetCERTCertificate(cert);
- if (!rvCert) {
- goto loser;
- }
- return rvCert;
-
-loser:
- if (instance) {
- nssCryptokiObject_Destroy(instance);
- }
- if (object) {
- nssPKIObject_Destroy(object);
- }
- if (cert) {
- nssCertificate_Destroy(cert);
- }
- return NULL;
-}
-
-/*
- * We're looking for a cert which we have the private key for that's on the
- * list of recipients. This searches one slot.
- * this is the new version for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-static CERTCertificate *
-pk11_FindCertObjectByRecipientNew(PK11SlotInfo *slot, NSSCMSRecipient **recipientlist, int *rlIndex, void *pwarg)
-{
- NSSCMSRecipient *ri = NULL;
- int i;
-
- for (i=0; (ri = recipientlist[i]) != NULL; i++) {
- CERTCertificate *cert = NULL;
- if (ri->kind == RLSubjKeyID) {
- SECItem *derCert = cert_FindDERCertBySubjectKeyID(ri->id.subjectKeyID);
- if (derCert) {
- cert = PK11_FindCertFromDERCertItem(slot, derCert, pwarg);
- SECITEM_FreeItem(derCert, PR_TRUE);
- }
- } else {
- cert = PK11_FindCertByIssuerAndSNOnToken(slot, ri->id.issuerAndSN,
- pwarg);
- }
- if (cert) {
- /* this isn't our cert */
- if ((cert->trust == NULL) ||
- ((cert->trust->emailFlags & CERTDB_USER) != CERTDB_USER)) {
- CERT_DestroyCertificate(cert);
- continue;
- }
- ri->slot = PK11_ReferenceSlot(slot);
- *rlIndex = i;
- return cert;
- }
- }
- *rlIndex = -1;
- return NULL;
-}
-
-/*
- * This function is the same as above, but it searches all the slots.
- * this is the new version for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-static CERTCertificate *
-pk11_AllFindCertObjectByRecipientNew(NSSCMSRecipient **recipientlist, void *wincx, int *rlIndex)
-{
- PK11SlotList *list;
- PK11SlotListElement *le;
- CERTCertificate *cert = NULL;
- SECStatus rv;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if (list == NULL) {
- if (list) PK11_FreeSlotList(list);
- return CK_INVALID_HANDLE;
- }
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- if ( !PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- }
-
- cert = pk11_FindCertObjectByRecipientNew(le->slot,
- recipientlist, rlIndex, wincx);
- if (cert)
- break;
- }
-
- PK11_FreeSlotList(list);
-
- return cert;
-}
-
-/*
- * We're looking for a cert which we have the private key for that's on the
- * list of recipients. This searches one slot.
- */
-static CERTCertificate *
-pk11_FindCertObjectByRecipient(PK11SlotInfo *slot,
- SEC_PKCS7RecipientInfo **recipientArray,
- SEC_PKCS7RecipientInfo **rip, void *pwarg)
-{
- SEC_PKCS7RecipientInfo *ri = NULL;
- int i;
-
- for (i=0; (ri = recipientArray[i]) != NULL; i++) {
- CERTCertificate *cert;
-
- cert = PK11_FindCertByIssuerAndSNOnToken(slot, ri->issuerAndSN,
- pwarg);
- if (cert) {
- /* this isn't our cert */
- if ((cert->trust == NULL) ||
- ((cert->trust->emailFlags & CERTDB_USER) != CERTDB_USER)) {
- CERT_DestroyCertificate(cert);
- continue;
- }
- *rip = ri;
- return cert;
- }
-
- }
- *rip = NULL;
- return NULL;
-}
-
-/*
- * This function is the same as above, but it searches all the slots.
- */
-static CERTCertificate *
-pk11_AllFindCertObjectByRecipient(PK11SlotInfo **slotPtr,
- SEC_PKCS7RecipientInfo **recipientArray,SEC_PKCS7RecipientInfo **rip,
- void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- CERTCertificate * cert = NULL;
- PK11SlotInfo *slot = NULL;
- SECStatus rv;
-
- *slotPtr = NULL;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if (list == NULL) {
- if (list) PK11_FreeSlotList(list);
- return CK_INVALID_HANDLE;
- }
-
- *rip = NULL;
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- if ( !PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- }
-
- cert = pk11_FindCertObjectByRecipient(le->slot, recipientArray,
- rip, wincx);
- if (cert) {
- slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
-
- PK11_FreeSlotList(list);
-
- if (slot == NULL) {
- return NULL;
- }
- *slotPtr = slot;
- PORT_Assert(cert != NULL);
- return cert;
-}
-
-/*
- * We need to invert the search logic for PKCS 7 because if we search for
- * each cert on the list over all the slots, we wind up with lots of spurious
- * password prompts. This way we get only one password prompt per slot, at
- * the max, and most of the time we can find the cert, and only prompt for
- * the key...
- */
-CERTCertificate *
-PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slotPtr,
- SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
- SECKEYPrivateKey**privKey, void *wincx)
-{
- CERTCertificate *cert = NULL;
- SECStatus rv;
-
- *privKey = NULL;
- *slotPtr = NULL;
- cert = pk11_AllFindCertObjectByRecipient(slotPtr,array,rip,wincx);
- if (!cert) {
- return NULL;
- }
-
- rv = PK11_Authenticate(*slotPtr,PR_TRUE,wincx);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- *privKey = PK11_FindKeyByAnyCert(cert, wincx);
- if (*privKey == NULL) {
- goto loser;
- }
-
- return cert;
-loser:
- if (cert) CERT_DestroyCertificate(cert);
- if (*slotPtr) PK11_FreeSlot(*slotPtr);
- *slotPtr = NULL;
- return NULL;
-}
-
-static PRCallOnceType keyIDHashCallOnce;
-
-static PRStatus PR_CALLBACK
-pk11_keyIDHash_populate(void *wincx)
-{
- CERTCertList *certList;
- CERTCertListNode *node = NULL;
- SECItem subjKeyID = {siBuffer, NULL, 0};
-
- certList = PK11_ListCerts(PK11CertListUser, wincx);
- if (!certList) {
- return PR_FAILURE;
- }
-
- for (node = CERT_LIST_HEAD(certList);
- !CERT_LIST_END(node, certList);
- node = CERT_LIST_NEXT(node)) {
- if (CERT_FindSubjectKeyIDExtension(node->cert,
- &subjKeyID) == SECSuccess &&
- subjKeyID.data != NULL) {
- cert_AddSubjectKeyIDMapping(&subjKeyID, node->cert);
- SECITEM_FreeItem(&subjKeyID, PR_FALSE);
- }
- }
- CERT_DestroyCertList(certList);
- return PR_SUCCESS;
-}
-
-/*
- * This is the new version of the above function for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-int
-PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist, void *wincx)
-{
- CERTCertificate *cert;
- NSSCMSRecipient *rl;
- PRStatus rv;
- int rlIndex;
-
- rv = PR_CallOnceWithArg(&keyIDHashCallOnce, pk11_keyIDHash_populate, wincx);
- if (rv != PR_SUCCESS)
- return -1;
-
- cert = pk11_AllFindCertObjectByRecipientNew(recipientlist, wincx, &rlIndex);
- if (!cert) {
- return -1;
- }
-
- rl = recipientlist[rlIndex];
-
- /* at this point, rl->slot is set */
-
- /* authenticate to the token */
- if (PK11_Authenticate(rl->slot, PR_TRUE, wincx) != SECSuccess) {
- goto loser;
- }
-
- rl->privkey = PK11_FindKeyByAnyCert(cert, wincx);
- if (rl->privkey == NULL) {
- goto loser;
- }
-
- /* make a cert from the cert handle */
- rl->cert = cert;
- return rlIndex;
-
-loser:
- if (cert) CERT_DestroyCertificate(cert);
- if (rl->slot) PK11_FreeSlot(rl->slot);
- rl->slot = NULL;
- return -1;
-}
-
-CERTCertificate *
-PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN,
- void *wincx)
-{
-#ifdef NSS_CLASSIC
- CK_OBJECT_HANDLE certHandle;
- CERTCertificate *cert = NULL;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE searchTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0}
- };
- int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
- CK_ATTRIBUTE *attrs = searchTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_ISSUER, issuerSN->derIssuer.data,
- issuerSN->derIssuer.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER, issuerSN->serialNumber.data,
- issuerSN->serialNumber.len);
-
- certHandle = pk11_FindCertObjectByTemplate
- (slotPtr,searchTemplate,count,wincx);
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
- cert = PK11_MakeCertFromHandle(*slotPtr,certHandle,NULL);
- if (cert == NULL) {
- PK11_FreeSlot(*slotPtr);
- return NULL;
- }
- return cert;
-#else
- CERTCertificate *rvCert = NULL;
- NSSCertificate *cert;
- NSSDER issuer, serial;
- NSSCryptoContext *cc;
- SECItem *derSerial;
-
- if (slotPtr) *slotPtr = NULL;
-
- /* PKCS#11 needs to use DER-encoded serial numbers. Create a
- * CERTIssuerAndSN that actually has the encoded value and pass that
- * to PKCS#11 (and the crypto context).
- */
- derSerial = SEC_ASN1EncodeItem(NULL, NULL,
- &issuerSN->serialNumber,
- SEC_IntegerTemplate);
- if (!derSerial) {
- return NULL;
- }
-
- NSSITEM_FROM_SECITEM(&issuer, &issuerSN->derIssuer);
- NSSITEM_FROM_SECITEM(&serial, derSerial);
-
- cc = STAN_GetDefaultCryptoContext();
- cert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(cc,
- &issuer,
- &serial);
- if (cert) {
- SECITEM_FreeItem(derSerial, PR_TRUE);
- return STAN_GetCERTCertificate(cert);
- }
-retry:
- cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
- STAN_GetDefaultTrustDomain(),
- &issuer,
- &serial);
- if (cert) {
- rvCert = STAN_GetCERTCertificate(cert);
- /* Check to see if the cert's token is still there */
- if (!PK11_IsPresent(rvCert->slot)) {
- CERT_DestroyCertificate(rvCert);
- goto retry;
- }
- if (slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
- }
- SECITEM_FreeItem(derSerial, PR_TRUE);
- return rvCert;
-#endif
-}
-
-CK_OBJECT_HANDLE
-PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_ATTRIBUTE searchTemplate = { CKA_VALUE, NULL, 0 };
-
- PK11_SETATTRS(&searchTemplate, CKA_VALUE, cert->derCert.data,
- cert->derCert.len);
-
- if (cert->slot) {
- certHandle = pk11_getcerthandle(cert->slot,cert,&searchTemplate,1);
- if (certHandle != CK_INVALID_HANDLE) {
- *pSlot = PK11_ReferenceSlot(cert->slot);
- return certHandle;
- }
- }
-
- certHandle = pk11_FindCertObjectByTemplate(pSlot,&searchTemplate,1,wincx);
- if (certHandle != CK_INVALID_HANDLE) {
- if (cert->slot == NULL) {
- cert->slot = PK11_ReferenceSlot(*pSlot);
- cert->pkcs11ID = certHandle;
- cert->ownSlot = PR_TRUE;
- cert->series = cert->slot->series;
- }
- }
-
- return(certHandle);
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_OBJECT_HANDLE keyHandle;
- PK11SlotInfo *slot = NULL;
- SECKEYPrivateKey *privKey;
- SECStatus rv;
-
- certHandle = PK11_FindObjectForCert(cert, wincx, &slot);
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- PK11_FreeSlot(slot);
- return NULL;
- }
- keyHandle = PK11_MatchItem(slot,certHandle,CKO_PRIVATE_KEY);
- if (keyHandle == CK_INVALID_HANDLE) {
- PK11_FreeSlot(slot);
- return NULL;
- }
- privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
- PK11_FreeSlot(slot);
- return privKey;
-}
-
-CK_OBJECT_HANDLE
-pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_OBJECT_HANDLE keyHandle;
-
- certHandle = PK11_FindObjectForCert(cert, wincx, slot);
- if (certHandle == CK_INVALID_HANDLE) {
- return CK_INVALID_HANDLE;
- }
- keyHandle = PK11_MatchItem(*slot,certHandle,CKO_PUBLIC_KEY);
- if (keyHandle == CK_INVALID_HANDLE) {
- PK11_FreeSlot(*slot);
- return CK_INVALID_HANDLE;
- }
- return keyHandle;
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID, void *wincx)
-{
- CK_OBJECT_HANDLE keyHandle;
- SECKEYPrivateKey *privKey;
-
- keyHandle = pk11_FindPrivateKeyFromCertID(slot, keyID);
- if (keyHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
- privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
- return privKey;
-}
-
-/*
- * find the number of certs in the slot with the same subject name
- */
-int
-PK11_NumberCertsForCertSubject(CERTCertificate *cert)
-{
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
- PK11_SETATTRS(attr,CKA_SUBJECT,cert->derSubject.data,cert->derSubject.len);
-
- if (cert->slot == NULL) {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
- int count = 0;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- count += PK11_NumberObjectsFor(le->slot,theTemplate,templateSize);
- }
- PK11_FreeSlotList(list);
- return count;
- }
-
- return PK11_NumberObjectsFor(cert->slot,theTemplate,templateSize);
-}
-
-/*
- * Walk all the certs with the same subject
- */
-SECStatus
-PK11_TraverseCertsForSubject(CERTCertificate *cert,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
- if(!cert) {
- return SECFailure;
- }
- if (cert->slot == NULL) {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg);
- }
- PK11_FreeSlotList(list);
- return SECSuccess;
-
- }
-
- return PK11_TraverseCertsForSubjectInSlot(cert, cert->slot, callback, arg);
-}
-
-SECStatus
-PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot callarg;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
- PK11_SETATTRS(attr,CKA_SUBJECT,cert->derSubject.data,cert->derSubject.len);
-
- if (slot == NULL) {
- return SECSuccess;
- }
- caller.noslotcallback = callback;
- caller.callback = NULL;
- caller.itemcallback = NULL;
- caller.callbackArg = arg;
- callarg.callback = pk11_DoCerts;
- callarg.callbackArg = (void *) & caller;
- callarg.findTemplate = theTemplate;
- callarg.templateCount = templateSize;
-
- return PK11_TraverseSlot(slot, &callarg);
-#else
- PRStatus nssrv = PR_SUCCESS;
- NSSToken *token;
- NSSDER subject;
- NSSTrustDomain *td;
- nssList *subjectList;
- nssPKIObjectCollection *collection;
- nssCryptokiObject **instances;
- NSSCertificate **certs;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- td = STAN_GetDefaultTrustDomain();
- NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
- token = PK11Slot_GetNSSToken(slot);
- if (!nssToken_IsPresent(token)) {
- return SECSuccess;
- }
- collection = nssCertificateCollection_Create(td, NULL);
- if (!collection) {
- return SECFailure;
- }
- subjectList = nssList_Create(NULL, PR_FALSE);
- if (!subjectList) {
- nssPKIObjectCollection_Destroy(collection);
- return SECFailure;
- }
- (void)nssTrustDomain_GetCertsForSubjectFromCache(td, &subject,
- subjectList);
- transfer_token_certs_to_collection(subjectList, token, collection);
- instances = nssToken_FindCertificatesBySubject(token, NULL,
- &subject,
- tokenOnly, 0, &nssrv);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- nssList_Destroy(subjectList);
- certs = nssPKIObjectCollection_GetCertificates(collection,
- NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- if (certs) {
- CERTCertificate *oldie;
- NSSCertificate **cp;
- for (cp = certs; *cp; cp++) {
- oldie = STAN_GetCERTCertificate(*cp);
- if ((*callback)(oldie, arg) != SECSuccess) {
- nssrv = PR_FAILURE;
- break;
- }
- }
- nssCertificateArray_Destroy(certs);
- }
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-SECStatus
-PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot callarg;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- if(!nickname) {
- return SECSuccess;
- }
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
- PK11_SETATTRS(attr,CKA_LABEL,nickname->data,nickname->len);
-
- if (slot == NULL) {
- return SECSuccess;
- }
-
- caller.noslotcallback = callback;
- caller.callback = NULL;
- caller.itemcallback = NULL;
- caller.callbackArg = arg;
- callarg.callback = pk11_DoCerts;
- callarg.callbackArg = (void *) & caller;
- callarg.findTemplate = theTemplate;
- callarg.templateCount = templateSize;
-
- return PK11_TraverseSlot(slot, &callarg);
-#else
- struct nss3_cert_cbstr pk11cb;
- PRStatus nssrv = PR_SUCCESS;
- NSSToken *token;
- NSSTrustDomain *td;
- NSSUTF8 *nick;
- PRBool created = PR_FALSE;
- nssCryptokiObject **instances;
- nssPKIObjectCollection *collection = NULL;
- NSSCertificate **certs;
- nssList *nameList = NULL;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- pk11cb.callback = callback;
- pk11cb.arg = arg;
- token = PK11Slot_GetNSSToken(slot);
- if (!nssToken_IsPresent(token)) {
- return SECSuccess;
- }
- if (nickname->data[nickname->len-1] != '\0') {
- nick = nssUTF8_Create(NULL, nssStringType_UTF8String,
- nickname->data, nickname->len);
- created = PR_TRUE;
- } else {
- nick = (NSSUTF8 *)nickname->data;
- }
- td = STAN_GetDefaultTrustDomain();
- collection = nssCertificateCollection_Create(td, NULL);
- if (!collection) {
- goto loser;
- }
- nameList = nssList_Create(NULL, PR_FALSE);
- if (!nameList) {
- goto loser;
- }
- (void)nssTrustDomain_GetCertsForNicknameFromCache(td, nick, nameList);
- transfer_token_certs_to_collection(nameList, token, collection);
- instances = nssToken_FindCertificatesByNickname(token, NULL,
- nick,
- tokenOnly, 0, &nssrv);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- nssList_Destroy(nameList);
- certs = nssPKIObjectCollection_GetCertificates(collection,
- NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- if (certs) {
- CERTCertificate *oldie;
- NSSCertificate **cp;
- for (cp = certs; *cp; cp++) {
- oldie = STAN_GetCERTCertificate(*cp);
- if ((*callback)(oldie, arg) != SECSuccess) {
- nssrv = PR_FAILURE;
- break;
- }
- }
- nssCertificateArray_Destroy(certs);
- }
- if (created) nss_ZFreeIf(nick);
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-loser:
- if (created) {
- nss_ZFreeIf(nick);
- }
- if (collection) {
- nssPKIObjectCollection_Destroy(collection);
- }
- if (nameList) {
- nssList_Destroy(nameList);
- }
- return SECFailure;
-#endif
-}
-
-SECStatus
-PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot callarg;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
-
- if (slot == NULL) {
- return SECSuccess;
- }
-
- caller.noslotcallback = callback;
- caller.callback = NULL;
- caller.itemcallback = NULL;
- caller.callbackArg = arg;
- callarg.callback = pk11_DoCerts;
- callarg.callbackArg = (void *) & caller;
- callarg.findTemplate = theTemplate;
- callarg.templateCount = templateSize;
- return PK11_TraverseSlot(slot, &callarg);
-#else
- PRStatus nssrv;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSToken *tok;
- nssList *certList = NULL;
- nssCryptokiObject **instances;
- nssPKIObjectCollection *collection;
- NSSCertificate **certs;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- tok = PK11Slot_GetNSSToken(slot);
- if (!nssToken_IsPresent(tok)) {
- return SECSuccess;
- }
- collection = nssCertificateCollection_Create(td, NULL);
- if (!collection) {
- return SECFailure;
- }
- certList = nssList_Create(NULL, PR_FALSE);
- if (!certList) {
- nssPKIObjectCollection_Destroy(collection);
- return SECFailure;
- }
- (void *)nssTrustDomain_GetCertsFromCache(td, certList);
- transfer_token_certs_to_collection(certList, tok, collection);
- instances = nssToken_FindCertificates(tok, NULL,
- tokenOnly, 0, &nssrv);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- nssList_Destroy(certList);
- certs = nssPKIObjectCollection_GetCertificates(collection,
- NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- if (certs) {
- CERTCertificate *oldie;
- NSSCertificate **cp;
- for (cp = certs; *cp; cp++) {
- oldie = STAN_GetCERTCertificate(*cp);
- if ((*callback)(oldie, arg) != SECSuccess) {
- nssrv = PR_FAILURE;
- break;
- }
- }
- nssCertificateArray_Destroy(certs);
- }
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-/*
- * return the certificate associated with a derCert
- */
-CERTCertificate *
-PK11_FindCertFromDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx)
-{
- return PK11_FindCertFromDERCertItem(slot, &cert->derCert, wincx);
-}
-
-CERTCertificate *
-PK11_FindCertFromDERCertItem(PK11SlotInfo *slot, SECItem *inDerCert,
- void *wincx)
-
-{
- CERTCertificate *rvCert = NULL;
- NSSCertificate *c;
- NSSDER derCert;
- NSSToken *tok;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- tok = PK11Slot_GetNSSToken(slot);
- NSSITEM_FROM_SECITEM(&derCert, inDerCert);
- if (!PK11_IsFriendly(slot)) {
- if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) {
- PK11_FreeSlot(slot);
- return NULL;
- }
- }
- c = NSSTrustDomain_FindCertificateByEncodedCertificate(td, &derCert);
- if (c) {
- PRBool isToken = PR_FALSE;
- NSSToken **tp;
- NSSToken **tokens = nssPKIObject_GetTokens(&c->object, NULL);
- if (tokens) {
- for (tp = tokens; *tp; tp++) {
- if (*tp == tok) {
- isToken = PR_TRUE;
- break;
- }
- }
- if (!isToken) {
- NSSCertificate_Destroy(c);
- c = NULL;
- }
- nssTokenArray_Destroy(tokens);
- }
- }
- if (c) {
- rvCert = STAN_GetCERTCertificate(c);
- }
- return rvCert;
-}
-
-/* mcgreer 3.4 -- nobody uses this, ignoring */
-/*
- * return the certificate associated with a derCert
- */
-CERTCertificate *
-PK11_FindCertFromDERSubjectAndNickname(PK11SlotInfo *slot,
- CERTCertificate *cert,
- char *nickname, void *wincx)
-{
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certh;
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, cert->derSubject.data,
- cert->derSubject.len); attrs++;
- PK11_SETATTRS(attrs, CKA_LABEL, nickname, PORT_Strlen(nickname));
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- if ( !PK11_IsFriendly(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) return NULL;
- }
-
- certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- if (certh == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- return PK11_MakeCertFromHandle(slot, certh, NULL);
-}
-
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname.
- */
-static CK_OBJECT_HANDLE
-pk11_findKeyObjectByDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx)
-{
- SECItem *keyID;
- CK_OBJECT_HANDLE key;
- SECStatus rv;
-
- if((slot == NULL) || (cert == NULL)) {
- return CK_INVALID_HANDLE;
- }
-
- keyID = pk11_mkcertKeyID(cert);
- if(keyID == NULL) {
- return CK_INVALID_HANDLE;
- }
-
- key = CK_INVALID_HANDLE;
-
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) goto loser;
-
- key = pk11_FindPrivateKeyFromCertID(slot, keyID);
-
-loser:
- SECITEM_ZfreeItem(keyID, PR_TRUE);
- return key;
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx)
-{
- CK_OBJECT_HANDLE keyHandle;
-
- if((slot == NULL) || (cert == NULL)) {
- return NULL;
- }
-
- keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
- if (keyHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- return PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,wincx);
-}
-
-SECStatus
-PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
- char *nickname,
- PRBool addCertUsage,void *wincx)
-{
- CK_OBJECT_HANDLE keyHandle;
-
- if((slot == NULL) || (cert == NULL) || (nickname == NULL)) {
- return SECFailure;
- }
-
- keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
- if (keyHandle == CK_INVALID_HANDLE) {
- return SECFailure;
- }
-
- return PK11_ImportCert(slot, cert, keyHandle, nickname, addCertUsage);
-}
-
-
-/* remove when the real version comes out */
-#define SEC_OID_MISSI_KEA 300 /* until we have v3 stuff merged */
-PRBool
-KEAPQGCompare(CERTCertificate *server,CERTCertificate *cert) {
-
- if ( SECKEY_KEAParamCompare(server,cert) == SECEqual ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-PRBool
-PK11_FortezzaHasKEA(CERTCertificate *cert) {
- /* look at the subject and see if it is a KEA for MISSI key */
- SECOidData *oid;
-
- if ((cert->trust == NULL) ||
- ((cert->trust->sslFlags & CERTDB_USER) != CERTDB_USER)) {
- return PR_FALSE;
- }
-
- oid = SECOID_FindOID(&cert->subjectPublicKeyInfo.algorithm.algorithm);
-
-
- return (PRBool)((oid->offset == SEC_OID_MISSI_KEA_DSS_OLD) ||
- (oid->offset == SEC_OID_MISSI_KEA_DSS) ||
- (oid->offset == SEC_OID_MISSI_KEA)) ;
-}
-
-/*
- * Find a kea cert on this slot that matches the domain of it's peer
- */
-static CERTCertificate
-*pk11_GetKEAMate(PK11SlotInfo *slot,CERTCertificate *peer)
-{
- int i;
- CERTCertificate *returnedCert = NULL;
-
- for (i=0; i < slot->cert_count; i++) {
- CERTCertificate *cert = slot->cert_array[i];
-
- if (PK11_FortezzaHasKEA(cert) && KEAPQGCompare(peer,cert)) {
- returnedCert = CERT_DupCertificate(cert);
- break;
- }
- }
- return returnedCert;
-}
-
-/*
- * The following is a FORTEZZA only Certificate request. We call this when we
- * are doing a non-client auth SSL connection. We are only interested in the
- * fortezza slots, and we are only interested in certs that share the same root
- * key as the server.
- */
-CERTCertificate *
-PK11_FindBestKEAMatch(CERTCertificate *server, void *wincx)
-{
- PK11SlotList *keaList = PK11_GetAllTokens(CKM_KEA_KEY_DERIVE,
- PR_FALSE,PR_TRUE,wincx);
- PK11SlotListElement *le;
- CERTCertificate *returnedCert = NULL;
- SECStatus rv;
-
- /* loop through all the fortezza tokens */
- for (le = keaList->head; le; le = le->next) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- if (le->slot->session == CK_INVALID_SESSION) {
- continue;
- }
- returnedCert = pk11_GetKEAMate(le->slot,server);
- if (returnedCert) break;
- }
- PK11_FreeSlotList(keaList);
-
- return returnedCert;
-}
-
-/*
- * find a matched pair of kea certs to key exchange parameters from one
- * fortezza card to another as necessary.
- */
-SECStatus
-PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1, PK11SlotInfo *slot2,
- CERTCertificate **cert1, CERTCertificate **cert2)
-{
- CERTCertificate *returnedCert = NULL;
- int i;
-
- for (i=0; i < slot1->cert_count; i++) {
- CERTCertificate *cert = slot1->cert_array[i];
-
- if (PK11_FortezzaHasKEA(cert)) {
- returnedCert = pk11_GetKEAMate(slot2,cert);
- if (returnedCert != NULL) {
- *cert2 = returnedCert;
- *cert1 = CERT_DupCertificate(cert);
- return SECSuccess;
- }
- }
- }
- return SECFailure;
-}
-
-SECOidTag
-PK11_FortezzaMapSig(SECOidTag algTag)
-{
- switch (algTag) {
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- return SEC_OID_ANSIX9_DSA_SIGNATURE;
- default:
- break;
- }
- return algTag;
-}
-
-/*
- * return the private key From a given Cert
- */
-CK_OBJECT_HANDLE
-PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert, void *wincx)
-{
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- return CK_INVALID_HANDLE;
- }
-
- return pk11_getcerthandle(slot,cert,theTemplate,tsize);
-}
-
-SECItem *
-PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx)
-{
- CK_OBJECT_HANDLE handle;
- PK11SlotInfo *slot = NULL;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- };
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- SECItem *item = NULL;
- CK_RV crv;
-
- handle = PK11_FindObjectForCert(cert,wincx,&slot);
- if (handle == CK_INVALID_HANDLE) {
- goto loser;
- }
-
-
- crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
- item = PORT_ZNew(SECItem);
- if (item) {
- item->data = (unsigned char*) theTemplate[0].pValue;
- item->len = theTemplate[0].ulValueLen;
- }
-
-
-loser:
- PK11_FreeSlot(slot);
- return item;
-}
-
-SECItem *
-PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx)
-{
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- };
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- SECItem *item = NULL;
- CK_RV crv;
-
- crv = PK11_GetAttributes(NULL,key->pkcs11Slot,key->pkcs11ID,
- theTemplate,tsize);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
- item = PORT_ZNew(SECItem);
- if (item) {
- item->data = (unsigned char*) theTemplate[0].pValue;
- item->len = theTemplate[0].ulValueLen;
- }
-
-
-loser:
- return item;
-}
-
-struct listCertsStr {
- PK11CertListType type;
- CERTCertList *certList;
-};
-
-static PRBool
-isOnList(CERTCertList *certList,NSSCertificate *c)
-{
- CERTCertListNode *cln;
-
- for (cln = CERT_LIST_HEAD(certList); !CERT_LIST_END(cln,certList);
- cln = CERT_LIST_NEXT(cln)) {
- if (cln->cert->nssCertificate == c) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-static PRStatus
-pk11ListCertCallback(NSSCertificate *c, void *arg)
-{
- struct listCertsStr *listCertP = (struct listCertsStr *)arg;
- CERTCertificate *newCert = NULL;
- PK11CertListType type = listCertP->type;
- CERTCertList *certList = listCertP->certList;
- PRBool isUnique = PR_FALSE;
- PRBool isCA = PR_FALSE;
- char *nickname = NULL;
- unsigned int certType;
-
- if ((type == PK11CertListUnique) || (type == PK11CertListRootUnique)) {
- isUnique = PR_TRUE;
- }
- if ((type == PK11CertListCA) || (type == PK11CertListRootUnique)) {
- isCA = PR_TRUE;
- }
-
-
- /* if we want user certs and we don't have one skip this cert */
- if ((type == PK11CertListUser) &&
- !NSSCertificate_IsPrivateKeyAvailable(c, NULL,NULL)) {
- return PR_SUCCESS;
- }
-
- /* if we want root certs, skip the user certs */
- if ((type == PK11CertListRootUnique) &&
- NSSCertificate_IsPrivateKeyAvailable(c, NULL,NULL)) {
- return PR_SUCCESS;
- }
-
- /* if we want Unique certs and we already have it on our list, skip it */
- if ( isUnique && isOnList(certList,c) ) {
- return PR_SUCCESS;
- }
-
-
- newCert = STAN_GetCERTCertificate(c);
- if (!newCert) {
- return PR_SUCCESS;
- }
- /* if we want CA certs and it ain't one, skip it */
- if( isCA && (!CERT_IsCACert(newCert, &certType)) ) {
- return PR_SUCCESS;
- }
- CERT_DupCertificate(newCert);
-
- nickname = STAN_GetCERTCertificateName(c);
-
- /* put slot certs at the end */
- if (newCert->slot && !PK11_IsInternal(newCert->slot)) {
- CERT_AddCertToListTailWithData(certList,newCert,nickname);
- } else {
- CERT_AddCertToListHeadWithData(certList,newCert,nickname);
- }
- return PR_SUCCESS;
-}
-
-
-CERTCertList *
-PK11_ListCerts(PK11CertListType type, void *pwarg)
-{
-#ifdef NSS_CLASSIC
- CERTCertList *certList = NULL;
- struct listCertsStr listCerts;
-
- certList= CERT_NewCertList();
- listCerts.type = type;
- listCerts.certList = certList;
-
- PK11_TraverseSlotCerts(pk11ListCertCallback,&listCerts,pwarg);
-
- if (CERT_LIST_HEAD(certList) == NULL) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
- return certList;
-#else
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- CERTCertList *certList = NULL;
- struct listCertsStr listCerts;
- certList = CERT_NewCertList();
- listCerts.type = type;
- listCerts.certList = certList;
-
- /* authenticate to the slots */
- (void) pk11_TraverseAllSlots( NULL, NULL, pwarg);
- NSSTrustDomain_TraverseCertificates(defaultTD, pk11ListCertCallback,
- &listCerts);
- return certList;
-#endif
-}
-
-static SECItem *
-pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle) {
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- };
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_RV crv;
- SECItem *item;
-
- item = SECITEM_AllocItem(NULL, NULL, 0);
-
- if (item == NULL) {
- return NULL;
- }
-
- crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize);
- if (crv != CKR_OK) {
- SECITEM_FreeItem(item,PR_TRUE);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- item->data = (unsigned char*) theTemplate[0].pValue;
- item->len =theTemplate[0].ulValueLen;
-
- return item;
-}
-
-SECItem *
-PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx)
-{
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certHandle;
- CK_ATTRIBUTE *attrs = theTemplate;
- PK11SlotInfo *slotRef = NULL;
- SECItem *item;
- SECStatus rv;
-
- if (slot) {
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
-
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- return NULL;
- }
- certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- } else {
- certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef);
- if (certHandle == CK_INVALID_HANDLE) {
- return pk11_mkcertKeyID(cert);
- }
- slot = slotRef;
- }
-
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- item = pk11_GetLowLevelKeyFromHandle(slot,certHandle);
- if (slotRef) PK11_FreeSlot(slotRef);
- return item;
-}
-
-SECItem *
-PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *privKey)
-{
- return pk11_GetLowLevelKeyFromHandle(privKey->pkcs11Slot,privKey->pkcs11ID);
-}
-
-static SECStatus
-listCertsCallback(CERTCertificate* cert, void*arg)
-{
- CERTCertList *list = (CERTCertList*)arg;
- char *nickname = NULL;
-
- if (cert->nickname) {
- nickname = PORT_ArenaStrdup(list->arena,cert->nickname);
- }
-
- return CERT_AddCertToListTailWithData(list,
- CERT_DupCertificate(cert),nickname);
-}
-
-CERTCertList *
-PK11_ListCertsInSlot(PK11SlotInfo *slot)
-{
- SECStatus status;
- CERTCertList *certs;
-
- certs = CERT_NewCertList();
- if(certs == NULL) return NULL;
-
- status = PK11_TraverseCertsInSlot(slot, listCertsCallback,
- (void*)certs);
-
- if( status != SECSuccess ) {
- CERT_DestroyCertList(certs);
- certs = NULL;
- }
-
- return certs;
-}
-
-static SECStatus
-privateKeyListCallback(SECKEYPrivateKey *key, void *arg)
-{
- SECKEYPrivateKeyList *list = (SECKEYPrivateKeyList*)arg;
- return SECKEY_AddPrivateKeyToListTail(list, SECKEY_CopyPrivateKey(key));
-}
-
-SECKEYPrivateKeyList*
-PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot)
-{
- SECStatus status;
- SECKEYPrivateKeyList *keys;
-
- keys = SECKEY_NewPrivateKeyList();
- if(keys == NULL) return NULL;
-
- status = PK11_TraversePrivateKeysInSlot(slot, privateKeyListCallback,
- (void*)keys);
-
- if( status != SECSuccess ) {
- SECKEY_DestroyPrivateKeyList(keys);
- keys = NULL;
- }
-
- return keys;
-}
-
-SECKEYPublicKeyList*
-PK11_ListPublicKeysInSlot(PK11SlotInfo *slot, char *nickname)
-{
- CK_ATTRIBUTE findTemp[4];
- CK_ATTRIBUTE *attrs;
- CK_BBOOL ckTrue = CK_TRUE;
- CK_OBJECT_CLASS keyclass = CKO_PUBLIC_KEY;
- int tsize = 0;
- int objCount = 0;
- CK_OBJECT_HANDLE *key_ids;
- SECKEYPublicKeyList *keys;
- int i,len;
-
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
- if (nickname) {
- len = PORT_Strlen(nickname)-1;
- PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
- }
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
- if (key_ids == NULL) {
- return NULL;
- }
- keys = SECKEY_NewPublicKeyList();
- if (keys == NULL) {
- PORT_Free(key_ids);
- }
-
- for (i=0; i < objCount ; i++) {
- SECKEYPublicKey *pubKey =
- PK11_ExtractPublicKey(slot,nullKey,key_ids[i]);
- if (pubKey) {
- SECKEY_AddPublicKeyToListTail(keys, pubKey);
- }
- }
-
- PORT_Free(key_ids);
- return keys;
-}
-
-SECKEYPrivateKeyList*
-PK11_ListPrivKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
-{
- CK_ATTRIBUTE findTemp[4];
- CK_ATTRIBUTE *attrs;
- CK_BBOOL ckTrue = CK_TRUE;
- CK_OBJECT_CLASS keyclass = CKO_PRIVATE_KEY;
- int tsize = 0;
- int objCount = 0;
- CK_OBJECT_HANDLE *key_ids;
- SECKEYPrivateKeyList *keys;
- int i,len;
-
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
- if (nickname) {
- len = PORT_Strlen(nickname)-1;
- PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
- }
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
- if (key_ids == NULL) {
- return NULL;
- }
- keys = SECKEY_NewPrivateKeyList();
- if (keys == NULL) {
- PORT_Free(key_ids);
- }
-
- for (i=0; i < objCount ; i++) {
- SECKEYPrivateKey *privKey =
- PK11_MakePrivKey(slot,nullKey,PR_TRUE,key_ids[i],wincx);
- SECKEY_AddPrivateKeyToListTail(keys, privKey);
- }
-
- PORT_Free(key_ids);
- return keys;
-}
-
-/*
- * return the certificate associated with a derCert
- */
-SECItem *
-PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *crlHandle,
- SECItem *name, int type, char **url)
-{
-#ifdef NSS_CLASSIC
- CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_KRL, NULL, 0 },
- };
- CK_ATTRIBUTE crlData[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_NETSCAPE_URL, NULL, 0 },
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_BBOOL ck_true = CK_TRUE;
- CK_BBOOL ck_false = CK_FALSE;
- CK_OBJECT_HANDLE crlh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_RV crv;
- SECItem *derCrl = NULL;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, (type == SEC_CRL_TYPE) ?
- &ck_false : &ck_true, sizeof (CK_BBOOL)); attrs++;
-
- if (*slot) {
- crlh = pk11_FindObjectByTemplate(*slot,theTemplate,tsize);
- } else {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- crlh = pk11_FindObjectByTemplate(le->slot,theTemplate,tsize);
- if (crlh != CK_INVALID_HANDLE) {
- *slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
- PK11_FreeSlotList(list);
- }
-
- if (crlh == CK_INVALID_HANDLE) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- return NULL;
- }
- crv = PK11_GetAttributes(NULL,*slot,crlh,crlData,2);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError (crv));
- goto loser;
- }
-
- derCrl = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if (derCrl == NULL) {
- goto loser;
- }
-
- derCrl->data = crlData[0].pValue;
- derCrl->len = crlData[0].ulValueLen;
-
- if (crlHandle) {
- *crlHandle = crlh;
- }
-
- if ((url) && crlData[1].ulValueLen != 0) {
- /* make sure it's a null terminated string */
- *url = PORT_ZAlloc (crlData[1].ulValueLen+1);
- if (*url) {
- PORT_Memcpy(*url,crlData[1].pValue,crlData[1].ulValueLen);
- }
- }
-
-
-loser:
- if (!derCrl) {
- if (crlData[0].pValue) PORT_Free(crlData[0].pValue);
- }
- if (crlData[1].pValue) PORT_Free(crlData[1].pValue);
- return derCrl;
-#else
- NSSCRL **crls, **crlp, *crl;
- NSSDER subject;
- SECItem *rvItem;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSITEM_FROM_SECITEM(&subject, name);
- if (*slot) {
- nssCryptokiObject **instances;
- nssPKIObjectCollection *collection;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- NSSToken *token = PK11Slot_GetNSSToken(*slot);
- collection = nssCRLCollection_Create(td, NULL);
- if (!collection) {
- return NULL;
- }
- instances = nssToken_FindCRLsBySubject(token, NULL, &subject,
- tokenOnly, 0, NULL);
- nssPKIObjectCollection_AddInstances(collection, instances, 0);
- nss_ZFreeIf(instances);
- crls = nssPKIObjectCollection_GetCRLs(collection, NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- } else {
- crls = nssTrustDomain_FindCRLsBySubject(td, &subject);
- }
- if ((!crls) || (*crls == NULL)) {
- if (crls) {
- nssCRLArray_Destroy(crls);
- }
- if (NSS_GetError() == NSS_ERROR_NOT_FOUND) {
- PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
- }
- return NULL;
- }
- crl = NULL;
- for (crlp = crls; *crlp; crlp++) {
- if ((!(*crlp)->isKRL && type == SEC_CRL_TYPE) ||
- ((*crlp)->isKRL && type != SEC_CRL_TYPE))
- {
- crl = nssCRL_AddRef(*crlp);
- break;
- }
- }
- nssCRLArray_Destroy(crls);
- if (!crl) {
- /* CRL collection was found, but no interesting CRL's were on it.
- * Not an error */
- PORT_SetError(SEC_ERROR_CRL_NOT_FOUND);
- return NULL;
- }
- *slot = PK11_ReferenceSlot(crl->object.instances[0]->token->pk11slot);
- *crlHandle = crl->object.instances[0]->handle;
- if (crl->url) {
- *url = PORT_Strdup(crl->url);
- }
- rvItem = SECITEM_AllocItem(NULL, NULL, crl->encoding.size);
- if (!rvItem) {
- PORT_Free(*url);
- nssCRL_Destroy(crl);
- return NULL;
- }
- memcpy(rvItem->data, crl->encoding.data, crl->encoding.size);
- nssCRL_Destroy(crl);
- return rvItem;
-#endif
-}
-
-CK_OBJECT_HANDLE
-PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl, SECItem *name,
- char *url, int type)
-{
-#ifdef NSS_CLASSIC
- CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_KRL, NULL, 0 },
- { CKA_NETSCAPE_URL, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- { CKA_TOKEN, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize;
- CK_BBOOL ck_true = CK_TRUE;
- CK_BBOOL ck_false = CK_FALSE;
- CK_OBJECT_HANDLE crlh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, (type == SEC_CRL_TYPE) ?
- &ck_false : &ck_true, sizeof (CK_BBOOL)); attrs++;
- if (url) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_URL, url, PORT_Strlen(url)+1); attrs++;
- }
- PK11_SETATTRS(attrs, CKA_VALUE,crl->data,crl->len); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ck_true,sizeof(CK_BBOOL)); attrs++;
-
- tsize = attrs - &theTemplate[0];
- PORT_Assert(tsize <= sizeof(theTemplate)/sizeof(theTemplate[0]));
-
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) {
- PORT_SetError(SEC_ERROR_READ_ONLY);
- return crlh;
- }
-
- crv = PK11_GETTAB(slot)->
- C_CreateObject(rwsession,theTemplate,tsize,&crlh);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- }
-
- PK11_RestoreROSession(slot,rwsession);
-
- return crlh;
-#else
- NSSItem derCRL, derSubject;
- NSSToken *token = PK11Slot_GetNSSToken(slot);
- nssCryptokiObject *object;
- PRBool isKRL = (type == SEC_CRL_TYPE) ? PR_FALSE : PR_TRUE;
- CK_OBJECT_HANDLE rvH;
-
- NSSITEM_FROM_SECITEM(&derSubject, name);
- NSSITEM_FROM_SECITEM(&derCRL, crl);
-
- object = nssToken_ImportCRL(token, NULL,
- &derSubject, &derCRL, isKRL, url, PR_TRUE);
-
- if (object) {
- rvH = object->handle;
- nssCryptokiObject_Destroy(object);
- } else {
- rvH = CK_INVALID_HANDLE;
- }
- return rvH;
-#endif
-}
-
-
-/*
- * delete a crl.
- */
-SECStatus
-SEC_DeletePermCRL(CERTSignedCrl *crl)
-{
-#ifdef NSS_CLASSIC
- PK11SlotInfo *slot = crl->slot;
- CK_RV crv;
-
- if (slot == NULL) {
- /* shouldn't happen */
- PORT_SetError( SEC_ERROR_CRL_INVALID);
- return SECFailure;
- }
-
- crv = PK11_DestroyTokenObject(slot,crl->pkcs11ID);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crl->slot = NULL;
- PK11_FreeSlot(slot);
- return SECSuccess;
-#else
- PRStatus status;
- NSSToken *token;
- nssCryptokiObject *object;
- PK11SlotInfo *slot = crl->slot;
-
- if (slot == NULL) {
- PORT_Assert(slot);
- /* shouldn't happen */
- PORT_SetError( SEC_ERROR_CRL_INVALID);
- return SECFailure;
- }
- token = PK11Slot_GetNSSToken(slot);
-
- object = nss_ZNEW(NULL, nssCryptokiObject);
- object->token = nssToken_AddRef(token);
- object->handle = crl->pkcs11ID;
- object->isTokenObject = PR_TRUE;
-
- status = nssToken_DeleteStoredObject(object);
-
- nssCryptokiObject_Destroy(object);
- return (status == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-/*
- * return the certificate associated with a derCert
- */
-SECItem *
-PK11_FindSMimeProfile(PK11SlotInfo **slot, char *emailAddr,
- SECItem *name, SECItem **profileTime)
-{
- CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_EMAIL, NULL, 0 },
- };
- CK_ATTRIBUTE smimeData[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_RV crv;
- SECItem *emailProfile = NULL;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL, emailAddr, strlen(emailAddr));
- attrs++;
-
- if (*slot) {
- smimeh = pk11_FindObjectByTemplate(*slot,theTemplate,tsize);
- } else {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- smimeh = pk11_FindObjectByTemplate(le->slot,theTemplate,tsize);
- if (smimeh != CK_INVALID_HANDLE) {
- *slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
- PK11_FreeSlotList(list);
- }
-
- if (smimeh == CK_INVALID_HANDLE) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- return NULL;
- }
-
- if (profileTime) {
- PK11_SETATTRS(smimeData, CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0);
- }
-
- crv = PK11_GetAttributes(NULL,*slot,smimeh,smimeData,2);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError (crv));
- goto loser;
- }
-
- if (!profileTime) {
- SECItem profileSubject;
-
- profileSubject.data = (unsigned char*) smimeData[0].pValue;
- profileSubject.len = smimeData[0].ulValueLen;
- if (!SECITEM_ItemsAreEqual(&profileSubject,name)) {
- goto loser;
- }
- }
-
- emailProfile = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if (emailProfile == NULL) {
- goto loser;
- }
-
- emailProfile->data = (unsigned char*) smimeData[1].pValue;
- emailProfile->len = smimeData[1].ulValueLen;
-
- if (profileTime) {
- *profileTime = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if (*profileTime) {
- (*profileTime)->data = (unsigned char*) smimeData[0].pValue;
- (*profileTime)->len = smimeData[0].ulValueLen;
- }
- }
-
-loser:
- if (emailProfile == NULL) {
- if (smimeData[1].pValue) {
- PORT_Free(smimeData[1].pValue);
- }
- }
- if (profileTime == NULL || *profileTime == NULL) {
- if (smimeData[0].pValue) {
- PORT_Free(smimeData[0].pValue);
- }
- }
- return emailProfile;
-}
-
-
-SECStatus
-PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
- SECItem *emailProfile, SECItem *profileTime)
-{
- CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
- CK_BBOOL ck_true = CK_TRUE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_TOKEN, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- { CKA_NETSCAPE_EMAIL, NULL, 0 },
- { CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0 },
- { CKA_VALUE, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int realSize = 0;
- CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_SESSION_HANDLE rwsession;
- PK11SlotInfo *free_slot = NULL;
- CK_RV crv;
-#ifdef DEBUG
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-#endif
-
- PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ck_true, sizeof(ck_true)); attrs++;
- PK11_SETATTRS(attrs, CKA_SUBJECT, derSubj->data, derSubj->len); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL,
- emailAddr, PORT_Strlen(emailAddr)+1); attrs++;
- if (profileTime) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_SMIME_TIMESTAMP, profileTime->data,
- profileTime->len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE,emailProfile->data,
- emailProfile->len); attrs++;
- }
- realSize = attrs - theTemplate;
- PORT_Assert (realSize <= tsize);
-
- if (slot == NULL) {
- free_slot = slot = PK11_GetInternalKeySlot();
- /* we need to free the key slot in the end!!! */
- }
-
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) {
- PORT_SetError(SEC_ERROR_READ_ONLY);
- if (free_slot) {
- PK11_FreeSlot(free_slot);
- }
- return SECFailure;
- }
-
- crv = PK11_GETTAB(slot)->
- C_CreateObject(rwsession,theTemplate,realSize,&smimeh);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- }
-
- PK11_RestoreROSession(slot,rwsession);
-
- if (free_slot) {
- PK11_FreeSlot(free_slot);
- }
- return SECSuccess;
-}
-
-
-CERTSignedCrl * crl_storeCRL (PK11SlotInfo *slot,char *url,
- CERTSignedCrl *newCrl, SECItem *derCrl, int type);
-
-/* import the CRL into the token */
-
-CERTSignedCrl* PK11_ImportCRL(PK11SlotInfo * slot, SECItem *derCRL, char *url,
- int type, void *wincx, PRInt32 importOptions, PRArenaPool* arena,
- PRInt32 decodeoptions)
-{
- CERTSignedCrl *newCrl, *crl;
- SECStatus rv;
-
- newCrl = crl = NULL;
-
- do {
- newCrl = CERT_DecodeDERCrlWithFlags(arena, derCRL, type,
- decodeoptions);
- if (newCrl == NULL) {
- if (type == SEC_CRL_TYPE) {
- /* only promote error when the error code is too generic */
- if (PORT_GetError () == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_CRL_INVALID);
- } else {
- PORT_SetError(SEC_ERROR_KRL_INVALID);
- }
- break;
- }
-
- if (0 == (importOptions & CRL_IMPORT_BYPASS_CHECKS)){
- CERTCertificate *caCert;
- CERTCertDBHandle* handle = CERT_GetDefaultCertDB();
- PR_ASSERT(handle != NULL);
- caCert = CERT_FindCertByName (handle,
- &newCrl->crl.derName);
- if (caCert == NULL) {
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- break;
- }
-
- /* If caCert is a v3 certificate, make sure that it can be used for
- crl signing purpose */
- rv = CERT_CheckCertUsage (caCert, KU_CRL_SIGN);
- if (rv != SECSuccess) {
- break;
- }
-
- rv = CERT_VerifySignedData(&newCrl->signatureWrap, caCert,
- PR_Now(), wincx);
- if (rv != SECSuccess) {
- if (type == SEC_CRL_TYPE) {
- PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
- } else {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- }
- break;
- }
- }
-
- crl = crl_storeCRL(slot, url, newCrl, derCRL, type);
-
- } while (0);
-
- if (crl == NULL) {
- SEC_DestroyCrl (newCrl);
- }
- return (crl);
-}
diff --git a/security/nss/lib/pk11wrap/pk11err.c b/security/nss/lib/pk11wrap/pk11err.c
deleted file mode 100644
index b6846af84..000000000
--- a/security/nss/lib/pk11wrap/pk11err.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * this file maps PKCS11 Errors into SECErrors
- * This is an information reducing process, since most errors are reflected
- * back to the user (the user doesn't care about invalid flags, or active
- * operations). If any of these errors need more detail in the upper layers
- * which call PK11 library functions, we can add more SEC_ERROR_XXX functions
- * and change there mappings here.
- */
-#include "pkcs11t.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-#ifdef PK11_ERROR_USE_ARRAY
-
-/*
- * build a static array of entries...
- */
-static struct {
- CK_RV pk11_error;
- int sec_error;
-} pk11_error_map = {
-#define MAPERROR(x,y) {x, y},
-
-#else
-
-/* the default is to use a big switch statement */
-int
-PK11_MapError(CK_RV rv) {
-
- switch (rv) {
-#define MAPERROR(x,y) case x: return y;
-
-#endif
-
-/* the guts mapping */
- MAPERROR(CKR_OK, 0)
- MAPERROR(CKR_CANCEL, SEC_ERROR_IO)
- MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY)
- MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY)
- MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */
- MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_IO)
- MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY)
- MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN)
- MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_OPERATION_NOT_INITIALIZED,SEC_ERROR_LIBRARY_FAILURE )
- MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD)
- MAPERROR(CKR_PIN_INVALID, SEC_ERROR_BAD_PASSWORD)
- MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_BAD_PASSWORD)
- MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */
- MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE)
- MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE)
- MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN)
- MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO)
- MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY)
- MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0)
- MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_LIBRARY_FAILURE) /* XXXX */
- MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN)
- MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE)
-
-
-#ifdef PK11_ERROR_USE_ARRAY
-
-int
-PK11_MapError(CK_RV rv) {
- int size = sizeof(pk11_error_map)/sizeof(pk11_error_map[0]);
-
- for (i=0; i < size; i++) {
- if (pk11_error_map[i].pk11_error == rv) {
- return pk11_error_map[i].sec_error;
- }
- }
- return SEC_ERROR_IO;
- }
-
-
-#else
-
- default:
- break;
- }
- return SEC_ERROR_IO;
-}
-
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
deleted file mode 100644
index 4747fe6ea..000000000
--- a/security/nss/lib/pk11wrap/pk11func.h
+++ /dev/null
@@ -1,624 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-#ifndef _PK11FUNC_H_
-#define _PK11FUNC_H_
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "keyt.h"
-#include "certt.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "seccomon.h"
-#include "pkcs7t.h"
-#include "cmsreclist.h"
-
-SEC_BEGIN_PROTOS
-
-/************************************************************
- * Generic Slot Lists Management
- ************************************************************/
-PK11SlotList * PK11_NewSlotList(void);
-void PK11_FreeSlotList(PK11SlotList *list);
-SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot);
-SECStatus PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le);
-PK11SlotListElement * PK11_GetFirstSafe(PK11SlotList *list);
-PK11SlotListElement *PK11_GetNextSafe(PK11SlotList *list,
- PK11SlotListElement *le, PRBool restart);
-PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
- PK11SlotInfo *slot);
-
-/************************************************************
- * Generic Slot Management
- ************************************************************/
-PK11SlotInfo *PK11_ReferenceSlot(PK11SlotInfo *slot);
-void PK11_FreeSlot(PK11SlotInfo *slot);
-SECStatus PK11_DestroyObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object);
-SECStatus PK11_DestroyTokenObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object);
-CK_OBJECT_HANDLE PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject);
-SECStatus PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type, PRArenaPool *arena, SECItem *result);
-CK_ULONG PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type);
-PK11SlotInfo *PK11_GetInternalKeySlot(void);
-PK11SlotInfo *PK11_GetInternalSlot(void);
-char * PK11_MakeString(PRArenaPool *arena,char *space,char *staticSring,
- int stringLen);
-int PK11_MapError(CK_RV error);
-CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot);
-void PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession);
-PRBool PK11_RWSessionHasLock(PK11SlotInfo *slot,
- CK_SESSION_HANDLE session_handle);
-PK11SlotInfo *PK11_NewSlotInfo(void);
-SECStatus PK11_Logout(PK11SlotInfo *slot);
-void PK11_LogoutAll(void);
-void PK11_EnterSlotMonitor(PK11SlotInfo *);
-void PK11_ExitSlotMonitor(PK11SlotInfo *);
-void PK11_CleanKeyList(PK11SlotInfo *slot);
-
-
-/************************************************************
- * Slot Password Management
- ************************************************************/
-void PK11_SetSlotPWValues(PK11SlotInfo *slot,int askpw, int timeout);
-void PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout);
-SECStatus PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw);
-SECStatus PK11_CheckUserPassword(PK11SlotInfo *slot,char *pw);
-SECStatus PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
-PRBool PK11_IsLoggedIn(PK11SlotInfo *slot, void *wincx);
-SECStatus PK11_VerifyPW(PK11SlotInfo *slot,char *pw);
-SECStatus PK11_InitPin(PK11SlotInfo *slot,char *ssopw, char *pk11_userpwd);
-SECStatus PK11_ChangePW(PK11SlotInfo *slot,char *oldpw, char *newpw);
-void PK11_HandlePasswordCheck(PK11SlotInfo *slot,void *wincx);
-void PK11_SetPasswordFunc(PK11PasswordFunc func);
-void PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func);
-void PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func);
-int PK11_GetMinimumPwdLength(PK11SlotInfo *slot);
-SECStatus PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd);
-
-/************************************************************
- * Manage the built-In Slot Lists
- ************************************************************/
-SECStatus PK11_InitSlotLists(void);
-void PK11_DestroySlotLists(void);
-PK11SlotList *PK11_GetSlotList(CK_MECHANISM_TYPE type);
-void PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count);
-void PK11_ClearSlotList(PK11SlotInfo *slot);
-
-
-/******************************************************************
- * Slot initialization
- ******************************************************************/
-PRBool PK11_VerifyMechanism(PK11SlotInfo *slot,PK11SlotInfo *intern,
- CK_MECHANISM_TYPE mech, SECItem *data, SECItem *iv);
-PRBool PK11_VerifySlotMechanisms(PK11SlotInfo *slot);
-SECStatus pk11_CheckVerifyTest(PK11SlotInfo *slot);
-SECStatus PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts);
-SECStatus PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
-void PK11_InitSlot(SECMODModule *mod,CK_SLOT_ID slotID,PK11SlotInfo *slot);
-SECStatus PK11_TokenRefresh(PK11SlotInfo *slot);
-
-
-/******************************************************************
- * Slot info functions
- ******************************************************************/
-PK11SlotInfo *PK11_FindSlotByName(char *name);
-PK11SlotInfo *PK11_FindSlotBySerial(char *serial);
-PRBool PK11_IsReadOnly(PK11SlotInfo *slot);
-PRBool PK11_IsInternal(PK11SlotInfo *slot);
-char * PK11_GetTokenName(PK11SlotInfo *slot);
-char * PK11_GetSlotName(PK11SlotInfo *slot);
-PRBool PK11_NeedLogin(PK11SlotInfo *slot);
-PRBool PK11_IsFriendly(PK11SlotInfo *slot);
-PRBool PK11_IsHW(PK11SlotInfo *slot);
-PRBool PK11_NeedUserInit(PK11SlotInfo *slot);
-PRBool PK11_ProtectedAuthenticationPath(PK11SlotInfo *slot);
-int PK11_GetSlotSeries(PK11SlotInfo *slot);
-int PK11_GetCurrentWrapIndex(PK11SlotInfo *slot);
-unsigned long PK11_GetDefaultFlags(PK11SlotInfo *slot);
-CK_SLOT_ID PK11_GetSlotID(PK11SlotInfo *slot);
-SECMODModuleID PK11_GetModuleID(PK11SlotInfo *slot);
-SECStatus PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info);
-SECStatus PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info);
-PRBool PK11_IsDisabled(PK11SlotInfo *slot);
-PRBool PK11_HasRootCerts(PK11SlotInfo *slot);
-PK11DisableReasons PK11_GetDisabledReason(PK11SlotInfo *slot);
-/* Prevents the slot from being used, and set disable reason to user-disable */
-/* NOTE: Mechanisms that were ON continue to stay ON */
-/* Therefore, when the slot is enabled, it will remember */
-/* what mechanisms needs to be turned on */
-PRBool PK11_UserDisableSlot(PK11SlotInfo *slot);
-/* Allow all mechanisms that are ON before UserDisableSlot() */
-/* was called to be available again */
-PRBool PK11_UserEnableSlot(PK11SlotInfo *slot);
-/*
- * wait for a specific slot event.
- * event is a specific event to wait for. Currently only
- * PK11TokenChangeOrRemovalEvent and PK11TokenPresentEvents are defined.
- * timeout can be an interval time to wait, PR_INTERVAL_NO_WAIT (meaning only
- * poll once), or PR_INTERVAL_NO_TIMEOUT (meaning block until a change).
- * pollInterval is a suggested pulling interval value. '0' means use the
- * default. Future implementations that don't poll may ignore this value.
- * series is the current series for the last slot. This should be the series
- * value for the slot the last time you read persistant information from the
- * slot. For instance, if you publish a cert from the slot, you should obtain
- * the slot series at that time. Then PK11_WaitForTokenEvent can detect a
- * a change in the slot between the time you publish and the time
- * PK11_WaitForTokenEvent is called, elliminating potential race conditions.
- *
- * The current status that is returned is:
- * PK11TokenNotRemovable - always returned for any non-removable token.
- * PK11TokenPresent - returned when the token is present and we are waiting
- * on a PK11TokenPresentEvent. Then next event to look for is a
- * PK11TokenChangeOrRemovalEvent.
- * PK11TokenChanged - returned when the old token has been removed and a new
- * token ad been inserted, and we are waiting for a
- * PK11TokenChangeOrRemovalEvent. The next event to look for is another
- * PK11TokenChangeOrRemovalEvent.
- * PK11TokenRemoved - returned when the token is not present and we are
- * waiting for a PK11TokenChangeOrRemovalEvent. The next event to look for
- * is a PK11TokenPresentEvent.
- */
-PK11TokenStatus PK11_WaitForTokenEvent(PK11SlotInfo *slot, PK11TokenEvent event,
- PRIntervalTime timeout, PRIntervalTime pollInterval, int series);
-
-PRBool PK11_NeedPWInit(void);
-PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot);
-PRBool PK11_TokenExists(CK_MECHANISM_TYPE);
-SECStatus PK11_GetModInfo(SECMODModule *mod, CK_INFO *info);
-PRBool PK11_IsFIPS(void);
-SECMODModule *PK11_GetModule(PK11SlotInfo *slot);
-
-/*********************************************************************
- * Slot mapping utility functions.
- *********************************************************************/
-PRBool PK11_IsPresent(PK11SlotInfo *slot);
-PRBool PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
-PK11SlotList * PK11_GetAllTokens(CK_MECHANISM_TYPE type,PRBool needRW,
- PRBool loadCerts, void *wincx);
-PK11SlotList * PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
- PRBool needRW,void *wincx);
-PK11SlotInfo *PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int count,
- void *wincx);
-PK11SlotInfo *PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx);
-CK_MECHANISM_TYPE PK11_GetBestWrapMechanism(PK11SlotInfo *slot);
-int PK11_GetBestKeyLength(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
-
-/*********************************************************************
- * Mechanism Mapping functions
- *********************************************************************/
-void PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
- CK_MECHANISM_TYPE keygen, int ivLen, int blocksize);
-CK_MECHANISM_TYPE PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len);
-CK_MECHANISM_TYPE PK11_GetKeyGen(CK_MECHANISM_TYPE type);
-int PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params);
-int PK11_GetIVLength(CK_MECHANISM_TYPE type);
-SECItem *PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv);
-unsigned char *PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len);
-SECItem * PK11_BlockData(SECItem *data,unsigned long size);
-
-/* PKCS #11 to DER mapping functions */
-SECItem *PK11_ParamFromAlgid(SECAlgorithmID *algid);
-SECItem *PK11_GenerateNewParam(CK_MECHANISM_TYPE, PK11SymKey *);
-CK_MECHANISM_TYPE PK11_AlgtagToMechanism(SECOidTag algTag);
-SECOidTag PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type);
-SECOidTag PK11_FortezzaMapSig(SECOidTag algTag);
-SECStatus PK11_ParamToAlgid(SECOidTag algtag, SECItem *param,
- PRArenaPool *arena, SECAlgorithmID *algid);
-SECStatus PK11_SeedRandom(PK11SlotInfo *,unsigned char *data,int len);
-SECStatus PK11_RandomUpdate(void *data, size_t bytes);
-SECStatus PK11_GenerateRandom(unsigned char *data,int len);
-CK_RV PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
- CK_MECHANISM_PTR pCryptoMechanism,
- SECItem *pbe_pwd, PRBool bad3DES);
-CK_MECHANISM_TYPE PK11_GetPadMechanism(CK_MECHANISM_TYPE);
-
-/**********************************************************************
- * Symetric, Public, and Private Keys
- **********************************************************************/
-PK11SymKey *PK11_CreateSymKey(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, void *wincx);
-void PK11_FreeSymKey(PK11SymKey *key);
-PK11SymKey *PK11_ReferenceSymKey(PK11SymKey *symKey);
-PK11SymKey *PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, void *wincx);
-PK11SymKey *PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation,
- SECItem *key, CK_FLAGS flags, PRBool isPerm, void *wincx);
-PK11SymKey *PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent,
- PK11Origin origin, CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID,
- PRBool owner, void *wincx);
-PK11SymKey *PK11_GetWrapKey(PK11SlotInfo *slot, int wrap,
- CK_MECHANISM_TYPE type,int series, void *wincx);
-void PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey);
-CK_MECHANISM_TYPE PK11_GetMechanism(PK11SymKey *symKey);
-CK_OBJECT_HANDLE PK11_ImportPublicKey(PK11SlotInfo *slot,
- SECKEYPublicKey *pubKey, PRBool isToken);
-PK11SymKey *PK11_KeyGen(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- SECItem *param, int keySize,void *wincx);
-PK11SymKey *PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- SECItem *param, int keySize, SECItem *keyid,
- PRBool isToken, void *wincx);
-PK11SymKey * PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname,
- void *wincx);
-PK11SymKey *PK11_GetNextSymKey(PK11SymKey *symKey);
-
-/* Key Generation specialized for SDR (fixed DES3 key) */
-PK11SymKey *PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx);
-
-SECStatus PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
- PK11SymKey *symKey, SECItem *wrappedKey);
-SECStatus PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *params,
- PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey);
-PK11SymKey *PK11_Derive(PK11SymKey *baseKey, CK_MECHANISM_TYPE mechanism,
- SECItem *param, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_DeriveWithFlags( PK11SymKey *baseKey,
- CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags);
-PK11SymKey *PK11_PubDerive( SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, PRBool isSender, SECItem *randomA, SECItem *randomB,
- CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx) ;
-PK11SymKey *PK11_UnwrapSymKey(PK11SymKey *key,
- CK_MECHANISM_TYPE wraptype, SECItem *param, SECItem *wrapppedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey,
- CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
- CK_FLAGS flags);
-PK11SymKey *PK11_PubUnwrapSymKey(SECKEYPrivateKey *key, SECItem *wrapppedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- SECItem *keyID, void *wincx);
-SECStatus PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey,PRBool force);
-SECStatus PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey);
-SECStatus PK11_DeleteTokenSymKey(PK11SymKey *symKey);
-SECStatus PK11_DeleteTokenCertAndKey(CERTCertificate *cert,void *wincx);
-SECKEYPrivateKey * PK11_LoadPrivKey(PK11SlotInfo *slot,
- SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
- PRBool token, PRBool sensitive);
-SECKEYPublicKey *PK11_ExtractPublicKey(PK11SlotInfo *slot, KeyType keyType,
- CK_OBJECT_HANDLE id);
-char * PK11_GetSymKeyNickname(PK11SymKey *symKey);
-char * PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey);
-char * PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey);
-SECStatus PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname);
-SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey,
- const char *nickname);
-SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey,
- const char *nickname);
-
-/* size to hold key in bytes */
-unsigned int PK11_GetKeyLength(PK11SymKey *key);
-/* size of actual secret parts of key in bits */
-/* algid is because RC4 strength is determined by the effective bits as well
- * as the key bits */
-unsigned int PK11_GetKeyStrength(PK11SymKey *key,SECAlgorithmID *algid);
-SECStatus PK11_ExtractKeyValue(PK11SymKey *symKey);
-SECItem * PK11_GetKeyData(PK11SymKey *symKey);
-PK11SlotInfo * PK11_GetSlotFromKey(PK11SymKey *symKey);
-void *PK11_GetWindow(PK11SymKey *symKey);
-SECKEYPrivateKey *PK11_GenerateKeyPair(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, void *param, SECKEYPublicKey **pubk,
- PRBool isPerm, PRBool isSensitive, void *wincx);
-SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
- PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx);
-SECKEYPrivateKey * PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx);
-SECKEYPrivateKey * PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx);
-SECKEYPrivateKey * PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID,
- void *wincx);
-CK_OBJECT_HANDLE PK11_FindObjectForCert(CERTCertificate *cert,
- void *wincx, PK11SlotInfo **pSlot);
-int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key);
-SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
- unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen);
-/* The encrypt version of the above function */
-SECStatus PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc,
- unsigned char *data, unsigned dataLen, void *wincx);
-SECStatus PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot,
- SECKEYPrivateKeyInfo *pki, SECItem *nickname,
- SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
- unsigned int usage, void *wincx);
-SECStatus PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
- SECKEYPrivateKeyInfo *pki, SECItem *nickname,
- SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
- unsigned int usage, SECKEYPrivateKey** privk, void *wincx);
-SECStatus PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot,
- SECItem *derPKI, SECItem *nickname,
- SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
- unsigned int usage, void *wincx);
-SECStatus PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
- SECItem *derPKI, SECItem *nickname,
- SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
- unsigned int usage, SECKEYPrivateKey** privk, void *wincx);
-SECStatus PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
- SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, KeyType type,
- unsigned int usage, void *wincx);
-SECKEYPrivateKeyInfo *PK11_ExportPrivateKeyInfo(
- CERTCertificate *cert, void *wincx);
-SECKEYEncryptedPrivateKeyInfo *PK11_ExportEncryptedPrivateKeyInfo(
- PK11SlotInfo *slot, SECOidTag algTag, SECItem *pwitem,
- CERTCertificate *cert, int iteration, void *wincx);
-SECKEYPrivateKey *PK11_FindKeyByDERCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx);
-SECKEYPublicKey *PK11_MakeKEAPubKey(unsigned char *data, int length);
-SECStatus PK11_DigestKey(PK11Context *context, PK11SymKey *key);
-PRBool PK11_VerifyKeyOK(PK11SymKey *key);
-SECKEYPrivateKey *PK11_UnwrapPrivKey(PK11SlotInfo *slot,
- PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey, SECItem *label,
- SECItem *publicValue, PRBool token, PRBool sensitive,
- CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
- void *wincx);
-SECStatus PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
- SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey, void *wincx);
-PK11SymKey * pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
-SECItem *PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx);
-SECItem * PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx);
-SECItem* PK11_DEREncodePublicKey(SECKEYPublicKey *pubk);
-PK11SymKey* PK11_CopySymKeyForSigning(PK11SymKey *originalKey,
- CK_MECHANISM_TYPE mech);
-SECKEYPrivateKeyList* PK11_ListPrivKeysInSlot(PK11SlotInfo *slot,
- char *nickname, void *wincx);
-SECKEYPublicKeyList* PK11_ListPublicKeysInSlot(PK11SlotInfo *slot,
- char *nickname);
-SECKEYPQGParams *PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey);
-/* depricated */
-SECKEYPrivateKeyList* PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot);
-
-PK11SymKey *PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk,
- void *wincx);
-SECKEYPrivateKey *PK11_ConvertSessionPrivKeyToTokenPrivKey(
- SECKEYPrivateKey *privk, void* wincx);
-
-/**********************************************************************
- * Certs
- **********************************************************************/
-SECItem *PK11_MakeIDFromPubKey(SECItem *pubKeyData);
-CERTCertificate *PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey);
-SECStatus PK11_TraverseSlotCerts(
- SECStatus(* callback)(CERTCertificate*,SECItem *,void *),
- void *arg, void *wincx);
-SECStatus PK11_TraversePrivateKeysInSlot( PK11SlotInfo *slot,
- SECStatus(* callback)(SECKEYPrivateKey*, void*), void *arg);
-CERTCertificate * PK11_FindCertFromNickname(char *nickname, void *wincx);
-CERTCertList * PK11_FindCertsFromNickname(char *nickname, void *wincx);
-SECKEYPrivateKey * PK11_FindPrivateKeyFromNickname(char *nickname, void *wincx);
-SECStatus PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust);
-SECStatus PK11_ImportDERCert(PK11SlotInfo *slot, SECItem *derCert,
- CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust);
-PK11SlotInfo *PK11_ImportCertForKey(CERTCertificate *cert, char *nickname,
- void *wincx);
-PK11SlotInfo *PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,
- void *wincx);
-CK_OBJECT_HANDLE * PK11_FindObjectsFromNickname(char *nickname,
- PK11SlotInfo **slotptr, CK_OBJECT_CLASS objclass, int *returnCount,
- void *wincx);
-PK11SlotInfo *PK11_KeyForCertExists(CERTCertificate *cert,
- CK_OBJECT_HANDLE *keyPtr, void *wincx);
-PK11SlotInfo *PK11_KeyForDERCertExists(SECItem *derCert,
- CK_OBJECT_HANDLE *keyPtr, void *wincx);
-CK_OBJECT_HANDLE PK11_MatchItem(PK11SlotInfo *slot,CK_OBJECT_HANDLE peer,
- CK_OBJECT_CLASS o_class);
-CERTCertificate * PK11_FindCertByIssuerAndSN(PK11SlotInfo **slot,
- CERTIssuerAndSN *sn, void *wincx);
-CERTCertificate * PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slot,
- SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
- SECKEYPrivateKey**privKey, void *wincx);
-int PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist,
- void *wincx);
-CK_BBOOL PK11_HasAttributeSet( PK11SlotInfo *slot,
- CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type );
-CK_RV PK11_GetAttributes(PRArenaPool *arena,PK11SlotInfo *slot,
- CK_OBJECT_HANDLE obj,CK_ATTRIBUTE *attr, int count);
-int PK11_NumberCertsForCertSubject(CERTCertificate *cert);
-SECStatus PK11_TraverseCertsForSubject(CERTCertificate *cert,
- SECStatus(*callback)(CERTCertificate *, void *), void *arg);
-SECStatus PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert,
- PK11SlotInfo *slot, SECStatus(*callback)(CERTCertificate *, void *),
- void *arg);
-CERTCertificate *PK11_FindCertFromDERCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx);
-CERTCertificate *PK11_FindCertFromDERCertItem(PK11SlotInfo *slot,
- SECItem *derCert, void *wincx);
-CERTCertificate *PK11_FindCertFromDERSubjectAndNickname(
- PK11SlotInfo *slot,
- CERTCertificate *cert, char *nickname,
- void *wincx);
-SECStatus PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
- char *nickname, PRBool addUsage,
- void *wincx);
-CERTCertificate *PK11_FindBestKEAMatch(CERTCertificate *serverCert,void *wincx);
-SECStatus PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1,
- PK11SlotInfo *slot2, CERTCertificate **cert1, CERTCertificate **cert2);
-PRBool PK11_FortezzaHasKEA(CERTCertificate *cert);
-CK_OBJECT_HANDLE PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx);
-SECStatus PK11_TraverseCertsForNicknameInSlot(SECItem *nickname,
- PK11SlotInfo *slot, SECStatus(*callback)(CERTCertificate *, void *),
- void *arg);
-SECStatus PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg);
-CERTCertList * PK11_ListCerts(PK11CertListType type, void *pwarg);
-CERTCertList * PK11_ListCertsInSlot(PK11SlotInfo *slot);
-SECStatus PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx);
-CERTSignedCrl* PK11_ImportCRL(PK11SlotInfo * slot, SECItem *derCRL, char *url,
- int type, void *wincx, PRInt32 importOptions, PRArenaPool* arena, PRInt32 decodeOptions);
-/* import options */
-#define CRL_IMPORT_DEFAULT_OPTIONS 0x00000000
-#define CRL_IMPORT_BYPASS_CHECKS 0x00000001
-
-/**********************************************************************
- * Sign/Verify
- **********************************************************************/
-int PK11_SignatureLen(SECKEYPrivateKey *key);
-PK11SlotInfo * PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key);
-SECStatus PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash);
-SECStatus PK11_VerifyRecover(SECKEYPublicKey *key, SECItem *sig,
- SECItem *dsig, void * wincx);
-SECStatus PK11_Verify(SECKEYPublicKey *key, SECItem *sig,
- SECItem *hash, void *wincx);
-
-
-
-/**********************************************************************
- * Crypto Contexts
- **********************************************************************/
-void PK11_DestroyContext(PK11Context *context, PRBool freeit);
-PK11Context * PK11_CreateContextByRawKey(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation,
- SECItem *key, SECItem *param, void *wincx);
-PK11Context *PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey, SECItem *param);
-PK11Context *PK11_CreateDigestContext(SECOidTag hashAlg);
-PK11Context *PK11_CloneContext(PK11Context *old);
-SECStatus PK11_DigestBegin(PK11Context *cx);
-SECStatus PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in,
- int32 len);
-SECStatus PK11_DigestOp(PK11Context *context, const unsigned char *in,
- unsigned len);
-SECStatus PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen,
- int maxout, unsigned char *in, int inlen);
-SECStatus PK11_Finalize(PK11Context *context);
-SECStatus PK11_DigestFinal(PK11Context *context, unsigned char *data,
- unsigned int *outLen, unsigned int length);
-PRBool PK11_HashOK(SECOidTag hashAlg);
-SECStatus PK11_SaveContext(PK11Context *cx,unsigned char *save,
- int *len, int saveLength);
-
-/* Save the context's state, with possible allocation.
- * The caller may supply an already allocated buffer in preAllocBuf,
- * with length pabLen. If the buffer is large enough for the context's
- * state, it will receive the state.
- * If the buffer is not large enough (or NULL), then a new buffer will
- * be allocated with PORT_Alloc.
- * In either case, the state will be returned as a buffer, and the length
- * of the state will be given in *stateLen.
- */
-unsigned char *
-PK11_SaveContextAlloc(PK11Context *cx,
- unsigned char *preAllocBuf, unsigned int pabLen,
- unsigned int *stateLen);
-
-SECStatus PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len);
-SECStatus PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len);
-SECStatus PK11_ReadSlotCerts(PK11SlotInfo *slot);
-void PK11_FreeSlotCerts(PK11SlotInfo *slot);
-void PK11_SetFortezzaHack(PK11SymKey *symKey) ;
-
-
-/**********************************************************************
- * PBE functions
- **********************************************************************/
-
-/* This function creates PBE parameters from the given inputs. The result
- * can be used to create a password integrity key for PKCS#12, by sending
- * the return value to PK11_KeyGen along with the appropriate mechanism.
- */
-SECItem *
-PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations);
-
-/* free params created above (can be called after keygen is done */
-void PK11_DestroyPBEParams(SECItem *params);
-
-SECAlgorithmID *
-PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt);
-PK11SymKey *
-PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
- PRBool faulty3DES, void *wincx);
-PK11SymKey *
-PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *params,
- SECItem *pwitem, PRBool faulty3DES, void *wincx);
-SECItem *
-PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem);
-
-/**********************************************************************
- * Functions to manage secmod flags
- **********************************************************************/
-PK11DefaultArrayEntry * PK11_GetDefaultArray(int *);
-SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo *, PK11DefaultArrayEntry *,
- PRBool );
-
-
-/**********************************************************************
- * New fucntions which are already depricated....
- **********************************************************************/
-SECItem *
-PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *pwarg);
-SECItem *
-PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);
-
-SECItem *
-PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *handle,
- SECItem *derName, int type, char **url);
-
-CK_OBJECT_HANDLE
-PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl,
- SECItem *name, char *url, int type);
-
-SECItem *
-PK11_FindSMimeProfile(PK11SlotInfo **slotp, char *emailAddr, SECItem *derSubj,
- SECItem **profileTime);
-SECStatus
-PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
- SECItem *emailProfile, SECItem *profileTime);
-
-PRBool SECMOD_HasRootCerts(void);
-
-PRBool PK11_IsPermObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle);
-
-char * PK11_GetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id) ;
-SECStatus PK11_SetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- const char *nickname) ;
-
-
-/* private */
-SECStatus pk11_TraverseAllSlots( SECStatus (*callback)(PK11SlotInfo *,void *),
- void *cbArg, void *pwArg);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11init.h b/security/nss/lib/pk11wrap/pk11init.h
deleted file mode 100644
index ec25cf8ba..000000000
--- a/security/nss/lib/pk11wrap/pk11init.h
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included in pk11wrap dir, or in softoken
- */
-#ifndef _PK11_INIT_H_
-#define _PK11_INIT_H_ 1
-
-/* hold slot default flags until we initialize a slot. This structure is only
- * useful between the time we define a module (either by hand or from the
- * database) and the time the module is loaded. Not reference counted */
-struct PK11PreSlotInfoStr {
- CK_SLOT_ID slotID; /* slot these flags are for */
- unsigned long defaultFlags; /* bit mask of default implementation this slot
- * provides */
- int askpw; /* slot specific password bits */
- long timeout; /* slot specific timeout value */
- char hasRootCerts; /* is this the root cert PKCS #11 module? */
- char hasRootTrust; /* is this the root cert PKCS #11 module? */
-};
-
-#endif /* _PK11_INIT_H_ 1 */
diff --git a/security/nss/lib/pk11wrap/pk11kea.c b/security/nss/lib/pk11wrap/pk11kea.c
deleted file mode 100644
index d6046bd99..000000000
--- a/security/nss/lib/pk11wrap/pk11kea.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-
-/*
- * find an RSA public key on a card
- */
-static CK_OBJECT_HANDLE
-pk11_FindRSAPubKey(PK11SlotInfo *slot)
-{
- CK_KEY_TYPE key_type = CKK_RSA;
- CK_OBJECT_CLASS class_type = CKO_PUBLIC_KEY;
- CK_ATTRIBUTE theTemplate[2];
- int template_count = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_ATTRIBUTE *attrs = theTemplate;
-
- PK11_SETATTRS(attrs,CKA_CLASS,&class_type,sizeof(class_type)); attrs++;
- PK11_SETATTRS(attrs,CKA_KEY_TYPE,&key_type,sizeof(key_type)); attrs++;
- template_count = attrs - theTemplate;
- PR_ASSERT(template_count <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
-
- return pk11_FindObjectByTemplate(slot,theTemplate,template_count);
-}
-
-PK11SymKey *
-pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
-{
- PK11SymKey *newSymKey = NULL;
- SECStatus rv;
- /* performance improvement can go here --- use a generated key to as a
- * per startup wrapping key. If it exists, use it, otherwise do a full
- * key exchange. */
-
- /* find a common Key Exchange algorithm */
- /* RSA */
- if (PK11_DoesMechanism(symKey->slot, CKM_RSA_PKCS) &&
- PK11_DoesMechanism(slot,CKM_RSA_PKCS)) {
- CK_OBJECT_HANDLE pubKeyHandle = CK_INVALID_HANDLE;
- CK_OBJECT_HANDLE privKeyHandle = CK_INVALID_HANDLE;
- SECKEYPublicKey *pubKey = NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECItem wrapData;
-
- wrapData.data = NULL;
-
- /* find RSA Public Key on target */
- pubKeyHandle = pk11_FindRSAPubKey(slot);
- if (pubKeyHandle != CK_INVALID_HANDLE) {
- privKeyHandle = PK11_MatchItem(slot,pubKeyHandle,CKO_PRIVATE_KEY);
- }
-
- /* if no key exists, generate a key pair */
- if (privKeyHandle == CK_INVALID_HANDLE) {
- unsigned int symKeyLength = PK11_GetKeyLength(symKey);
- PK11RSAGenParams rsaParams;
-
- if (symKeyLength > 60) /* bytes */ {
- /* we'd have to generate an RSA key pair > 512 bits long,
- ** and that's too costly. Don't even try.
- */
- PORT_SetError( SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY );
- goto rsa_failed;
- }
- rsaParams.keySizeInBits =
- (symKeyLength > 28 || symKeyLength == 0) ? 512 : 256;
- rsaParams.pe = 0x10001;
- privKey = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN,
- &rsaParams, &pubKey,PR_FALSE,PR_TRUE,symKey->cx);
- } else {
- /* if keys exist, build SECKEY data structures for them */
- privKey = PK11_MakePrivKey(slot,nullKey, PR_TRUE, privKeyHandle,
- symKey->cx);
- if (privKey != NULL) {
- pubKey = PK11_ExtractPublicKey(slot, rsaKey, pubKeyHandle);
- if (pubKey && pubKey->pkcs11Slot) {
- PK11_FreeSlot(pubKey->pkcs11Slot);
- pubKey->pkcs11Slot = NULL;
- pubKey->pkcs11ID = CK_INVALID_HANDLE;
- }
- }
- }
- if (privKey == NULL) goto rsa_failed;
- if (pubKey == NULL) goto rsa_failed;
-
- wrapData.len = SECKEY_PublicKeyStrength(pubKey);
- if (!wrapData.len) goto rsa_failed;
- wrapData.data = PORT_Alloc(wrapData.len);
- if (wrapData.data == NULL) goto rsa_failed;
-
- /* now wrap the keys in and out */
- rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, pubKey, symKey, &wrapData);
- if (rv == SECSuccess) {
- newSymKey = PK11_PubUnwrapSymKey(privKey,&wrapData,type,operation,
- symKey->size);
- }
-rsa_failed:
- if (wrapData.data != NULL) PORT_Free(wrapData.data);
- if (privKey != NULL) SECKEY_DestroyPrivateKey(privKey);
- if (pubKey != NULL) SECKEY_DestroyPublicKey(pubKey);
-
- return newSymKey;
- }
- /* KEA */
- if (PK11_DoesMechanism(symKey->slot, CKM_KEA_KEY_DERIVE) &&
- PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
- CERTCertificate *certSource = NULL;
- CERTCertificate *certTarget = NULL;
- SECKEYPublicKey *pubKeySource = NULL;
- SECKEYPublicKey *pubKeyTarget = NULL;
- SECKEYPrivateKey *privKeySource = NULL;
- SECKEYPrivateKey *privKeyTarget = NULL;
- PK11SymKey *tekSource = NULL;
- PK11SymKey *tekTarget = NULL;
- SECItem Ra,wrap;
-
- /* can only exchange skipjack keys */
- if (type != CKM_SKIPJACK_CBC64) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- goto kea_failed;
- }
-
- /* find a pair of certs we can use */
- rv = PK11_GetKEAMatchedCerts(symKey->slot,slot,&certSource,&certTarget);
- if (rv != SECSuccess) goto kea_failed;
-
- /* get all the key pairs */
- pubKeyTarget = CERT_ExtractPublicKey(certSource);
- pubKeySource = CERT_ExtractPublicKey(certTarget);
- privKeySource =
- PK11_FindKeyByDERCert(symKey->slot,certSource,symKey->cx);
- privKeyTarget =
- PK11_FindKeyByDERCert(slot,certTarget,symKey->cx);
-
- if ((pubKeySource == NULL) || (pubKeyTarget == NULL) ||
- (privKeySource == NULL) || (privKeyTarget == NULL)) goto kea_failed;
-
- /* generate the wrapping TEK's */
- Ra.data = (unsigned char*)PORT_Alloc(128 /* FORTEZZA RA MAGIC */);
- Ra.len = 128;
- if (Ra.data == NULL) goto kea_failed;
-
- tekSource = PK11_PubDerive(privKeySource,pubKeyTarget,PR_TRUE,&Ra,NULL,
- CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
- tekTarget = PK11_PubDerive(privKeyTarget,pubKeySource,PR_FALSE,&Ra,NULL,
- CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
- PORT_Free(Ra.data);
-
- if ((tekSource == NULL) || (tekTarget == NULL)) { goto kea_failed; }
-
- /* wrap the key out of Source into target */
- wrap.data = (unsigned char*)PORT_Alloc(12); /* MAGIC SKIPJACK LEN */
- wrap.len = 12;
-
- /* paranoia to prevent infinite recursion on bugs */
- PORT_Assert(tekSource->slot == symKey->slot);
- if (tekSource->slot != symKey->slot) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- goto kea_failed;
- }
-
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP,NULL,tekSource,symKey,&wrap);
- if (rv == SECSuccess) {
- newSymKey = PK11_UnwrapSymKey(tekTarget, CKM_SKIPJACK_WRAP, NULL,
- &wrap, type, operation, symKey->size);
- }
- PORT_Free(wrap.data);
-kea_failed:
- if (certSource == NULL) CERT_DestroyCertificate(certSource);
- if (certTarget == NULL) CERT_DestroyCertificate(certTarget);
- if (pubKeySource == NULL) SECKEY_DestroyPublicKey(pubKeySource);
- if (pubKeyTarget == NULL) SECKEY_DestroyPublicKey(pubKeyTarget);
- if (privKeySource == NULL) SECKEY_DestroyPrivateKey(privKeySource);
- if (privKeyTarget == NULL) SECKEY_DestroyPrivateKey(privKeyTarget);
- if (tekSource == NULL) PK11_FreeSymKey(tekSource);
- if (tekTarget == NULL) PK11_FreeSymKey(tekTarget);
- return newSymKey;
- }
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11list.c b/security/nss/lib/pk11wrap/pk11list.c
deleted file mode 100644
index 67bef9573..000000000
--- a/security/nss/lib/pk11wrap/pk11list.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Locking and queue management primatives
- *
- */
-
-#include "seccomon.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "prlong.h"
-
-#define ISREADING 1
-#define ISWRITING 2
-#define WANTWRITE 4
-#define ISLOCKED 3
-
-/*
- * create a new lock for a Module List
- */
-SECMODListLock *SECMOD_NewListLock() {
- SECMODListLock *modLock;
-
- modLock = (SECMODListLock*)PORT_Alloc(sizeof(SECMODListLock));
-#ifdef PKCS11_USE_THREADS
- modLock->mutex = NULL;
- modLock->monitor = PZ_NewMonitor(nssILockList);
-#else
- modLock->mutex = NULL;
- modLock->monitor = NULL;
-#endif
- modLock->state = 0;
- modLock->count = 0;
- return modLock;
-}
-
-/*
- * destroy the lock
- */
-void SECMOD_DestroyListLock(SECMODListLock *lock) {
- PK11_USE_THREADS(PZ_DestroyMonitor(lock->monitor);)
- PORT_Free(lock);
-}
-
-
-/*
- * Lock the List for Read: NOTE: this assumes the reading isn't so common
- * the writing will be starved.
- */
-void SECMOD_GetReadLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- while (modLock->state & ISWRITING) {
- PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */
- }
- modLock->state |= ISREADING;
- modLock->count++;
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-/*
- * Release the Read lock
- */
-void SECMOD_ReleaseReadLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- modLock->count--;
- if (modLock->count == 0) {
- modLock->state &= ~ISREADING;
- if (modLock->state & WANTWRITE) {
- PZ_Notify(modLock->monitor); /* only one writer at a time */
- }
- }
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * lock the list for Write
- */
-void SECMOD_GetWriteLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- while (modLock->state & ISLOCKED) {
- modLock->state |= WANTWRITE;
- PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */
- }
- modLock->state = ISWRITING;
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * Release the Write Lock: NOTE, this code is pretty inefficient if you have
- * lots of write collisions.
- */
-void SECMOD_ReleaseWriteLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- modLock->state = 0;
- PR_NotifyAll(modLock->monitor); /* enable all the readers */
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * must Hold the Write lock
- */
-void
-SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child) {
- *parent = child->next;
- child->next = NULL;
-}
-
-/*
- * if lock is not specified, it must already be held
- */
-void
-SECMOD_AddList(SECMODModuleList *parent, SECMODModuleList *child,
- SECMODListLock *lock) {
- if (lock) { SECMOD_GetWriteLock(lock); }
-
- child->next = parent->next;
- parent->next = child;
-
- if (lock) { SECMOD_ReleaseWriteLock(lock); }
-}
-
-
diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c
deleted file mode 100644
index f9ff7d506..000000000
--- a/security/nss/lib/pk11wrap/pk11load.c
+++ /dev/null
@@ -1,333 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-#include "seccomon.h"
-#include "pkcs11.h"
-#include "secmod.h"
-#include "prlink.h"
-#include "pk11func.h"
-#include "secmodi.h"
-#include "nssilock.h"
-
-extern void FC_GetFunctionList(void);
-extern void NSC_GetFunctionList(void);
-extern void NSC_ModuleDBFunc(void);
-
-#ifdef DEBUG
-#define DEBUG_MODULE 1
-#endif
-
-#ifdef DEBUG_MODULE
-static char *modToDBG = NULL;
-
-#include "debug_module.c"
-#endif
-
-/* build the PKCS #11 2.01 lock files */
-CK_RV PR_CALLBACK secmodCreateMutext(CK_VOID_PTR_PTR pmutex) {
- *pmutex = (CK_VOID_PTR) PZ_NewLock(nssILockOther);
- if ( *pmutex ) return CKR_OK;
- return CKR_HOST_MEMORY;
-}
-
-CK_RV PR_CALLBACK secmodDestroyMutext(CK_VOID_PTR mutext) {
- PZ_DestroyLock((PZLock *)mutext);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK secmodLockMutext(CK_VOID_PTR mutext) {
- PZ_Lock((PZLock *)mutext);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK secmodUnlockMutext(CK_VOID_PTR mutext) {
- PZ_Unlock((PZLock *)mutext);
- return CKR_OK;
-}
-
-static SECMODModuleID nextModuleID = 1;
-static CK_C_INITIALIZE_ARGS secmodLockFunctions = {
- secmodCreateMutext, secmodDestroyMutext, secmodLockMutext,
- secmodUnlockMutext, CKF_LIBRARY_CANT_CREATE_OS_THREADS|
- CKF_OS_LOCKING_OK
- ,NULL
-};
-
-/*
- * set the hasRootCerts flags in the module so it can be stored back
- * into the database.
- */
-void
-SECMOD_SetRootCerts(PK11SlotInfo *slot, SECMODModule *mod) {
- PK11PreSlotInfo *psi = NULL;
- int i;
-
- if (slot->hasRootCerts) {
- for (i=0; i < mod->slotInfoCount; i++) {
- if (slot->slotID == mod->slotInfo[i].slotID) {
- psi = &mod->slotInfo[i];
- break;
- }
- }
- if (psi == NULL) {
- /* allocate more slots */
- PK11PreSlotInfo *psi_list = (PK11PreSlotInfo *)
- PORT_ArenaAlloc(mod->arena,
- (mod->slotInfoCount+1)* sizeof(PK11PreSlotInfo));
- /* copy the old ones */
- if (mod->slotInfoCount > 0) {
- PORT_Memcpy(psi_list,mod->slotInfo,
- (mod->slotInfoCount)*sizeof(PK11PreSlotInfo));
- }
- /* assign psi to the last new slot */
- psi = &psi_list[mod->slotInfoCount];
- psi->slotID = slot->slotID;
- psi->askpw = 0;
- psi->timeout = 0;
- psi ->defaultFlags = 0;
-
- /* increment module count & store new list */
- mod->slotInfo = psi_list;
- mod->slotInfoCount++;
-
- }
- psi->hasRootCerts = 1;
- }
-}
-
-/*
- * load a new module into our address space and initialize it.
- */
-SECStatus
-SECMOD_LoadPKCS11Module(SECMODModule *mod) {
- PRLibrary *library = NULL;
- CK_C_GetFunctionList entry = NULL;
- char * full_name;
- CK_INFO info;
- CK_ULONG slotCount = 0;
-
-
- if (mod->loaded) return SECSuccess;
-
- /* intenal modules get loaded from their internal list */
- if (mod->internal) {
- /* internal, statically get the C_GetFunctionList function */
- if (mod->isFIPS) {
- entry = (CK_C_GetFunctionList) FC_GetFunctionList;
- } else {
- entry = (CK_C_GetFunctionList) NSC_GetFunctionList;
- }
- if (mod->isModuleDB) {
- mod->moduleDBFunc = (void *) NSC_ModuleDBFunc;
- }
- if (mod->moduleDBOnly) {
- mod->loaded = PR_TRUE;
- return SECSuccess;
- }
- } else {
- /* Not internal, load the DLL and look up C_GetFunctionList */
- if (mod->dllName == NULL) {
- return SECFailure;
- }
-
-#ifdef notdef
- /* look up the library name */
- full_name = PR_GetLibraryName(PR_GetLibraryPath(),mod->dllName);
- if (full_name == NULL) {
- return SECFailure;
- }
-#else
- full_name = PORT_Strdup(mod->dllName);
-#endif
-
- /* load the library. If this succeeds, then we have to remember to
- * unload the library if anything goes wrong from here on out...
- */
- library = PR_LoadLibrary(full_name);
- mod->library = (void *)library;
- PORT_Free(full_name);
- if (library == NULL) {
- return SECFailure;
- }
-
- /*
- * now we need to get the entry point to find the function pointers
- */
- if (!mod->moduleDBOnly) {
- entry = (CK_C_GetFunctionList)
- PR_FindSymbol(library, "C_GetFunctionList");
- }
- if (mod->isModuleDB) {
- mod->moduleDBFunc = (void *)
- PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
- }
- if (mod->moduleDBFunc == NULL) mod->isModuleDB = PR_FALSE;
- if (entry == NULL) {
- if (mod->isModuleDB) {
- mod->loaded = PR_TRUE;
- mod->moduleDBOnly = PR_TRUE;
- return SECSuccess;
- }
- PR_UnloadLibrary(library);
- return SECFailure;
- }
- }
-
- /*
- * We need to get the function list
- */
- if ((*entry)((CK_FUNCTION_LIST_PTR *)&mod->functionList) != CKR_OK)
- goto fail;
-
-#ifdef DEBUG_MODULE
- if (PR_TRUE) {
- modToDBG = PR_GetEnv("NSS_DEBUG_PKCS11_MODULE");
- if (modToDBG && strcmp(mod->commonName, modToDBG) == 0) {
- mod->functionList = (void *)nss_InsertDeviceLog(
- (CK_FUNCTION_LIST_PTR)mod->functionList);
- }
- }
-#endif
-
- mod->isThreadSafe = PR_TRUE;
- /* Now we initialize the module */
- if (mod->libraryParams) {
- secmodLockFunctions.LibraryParameters = (void *) mod->libraryParams;
- } else {
- secmodLockFunctions.LibraryParameters = NULL;
- }
- if (PK11_GETTAB(mod)->C_Initialize(&secmodLockFunctions) != CKR_OK) {
- mod->isThreadSafe = PR_FALSE;
- if (PK11_GETTAB(mod)->C_Initialize(NULL) != CKR_OK) goto fail;
- }
-
- /* check the version number */
- if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK) goto fail2;
- if (info.cryptokiVersion.major != 2) goto fail2;
- /* all 2.0 are a priori *not* thread safe */
- if (info.cryptokiVersion.minor < 1) mod->isThreadSafe = PR_FALSE;
-
-
- /* If we don't have a common name, get it from the PKCS 11 module */
- if ((mod->commonName == NULL) || (mod->commonName[0] == 0)) {
- mod->commonName = PK11_MakeString(mod->arena,NULL,
- (char *)info.libraryDescription, sizeof(info.libraryDescription));
- if (mod->commonName == NULL) goto fail2;
- }
-
-
- /* initialize the Slots */
- if (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &slotCount) == CKR_OK) {
- CK_SLOT_ID *slotIDs;
- int i;
- CK_RV rv;
-
- mod->slots = (PK11SlotInfo **)PORT_ArenaAlloc(mod->arena,
- sizeof(PK11SlotInfo *) * slotCount);
- if (mod->slots == NULL) goto fail2;
-
- slotIDs = (CK_SLOT_ID *) PORT_Alloc(sizeof(CK_SLOT_ID)*slotCount);
- if (slotIDs == NULL) {
- goto fail2;
- }
- rv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount);
- if (rv != CKR_OK) {
- PORT_Free(slotIDs);
- goto fail2;
- }
-
- /* Initialize each slot */
- for (i=0; i < (int)slotCount; i++) {
- mod->slots[i] = PK11_NewSlotInfo();
- PK11_InitSlot(mod,slotIDs[i],mod->slots[i]);
- /* look down the slot info table */
- PK11_LoadSlotList(mod->slots[i],mod->slotInfo,mod->slotInfoCount);
- SECMOD_SetRootCerts(mod->slots[i],mod);
- }
- mod->slotCount = slotCount;
- mod->slotInfoCount = 0;
- PORT_Free(slotIDs);
- }
-
- mod->loaded = PR_TRUE;
- mod->moduleID = nextModuleID++;
- return SECSuccess;
-fail2:
- PK11_GETTAB(mod)->C_Finalize(NULL);
-fail:
- mod->functionList = NULL;
- if (library) PR_UnloadLibrary(library);
- return SECFailure;
-}
-
-SECStatus
-SECMOD_UnloadModule(SECMODModule *mod) {
- PRLibrary *library;
-
- if (!mod->loaded) {
- return SECFailure;
- }
-
- if (!mod->moduleDBOnly) PK11_GETTAB(mod)->C_Finalize(NULL);
- mod->moduleID = 0;
- mod->loaded = PR_FALSE;
-
- /* do we want the semantics to allow unloading the internal library?
- * if not, we should change this to SECFailure and move it above the
- * mod->loaded = PR_FALSE; */
- if (mod->internal) {
- return SECSuccess;
- }
-
- library = (PRLibrary *)mod->library;
- /* paranoia */
- if (library == NULL) {
- return SECFailure;
- }
-
- PR_UnloadLibrary(library);
- return SECSuccess;
-}
-
-void
-nss_DumpModuleLog(void)
-{
-#ifdef DEBUG_MODULE
- if (modToDBG) {
- print_final_statistics();
- }
-#endif
-}
diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c
deleted file mode 100644
index b1602f1c8..000000000
--- a/security/nss/lib/pk11wrap/pk11pars.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pki3hack.h"
-
-#include "pk11pars.h"
-
-/* create a new module */
-static SECMODModule *
-secmod_NewModule(void)
-{
- SECMODModule *newMod;
- PRArenaPool *arena;
-
-
- /* create an arena in which dllName and commonName can be
- * allocated.
- */
- arena = PORT_NewArena(512);
- if (arena == NULL) {
- return NULL;
- }
-
- newMod = (SECMODModule *)PORT_ArenaAlloc(arena,sizeof (SECMODModule));
- if (newMod == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-
- /*
- * initialize of the fields of the module
- */
- newMod->arena = arena;
- newMod->internal = PR_FALSE;
- newMod->loaded = PR_FALSE;
- newMod->isFIPS = PR_FALSE;
- newMod->dllName = NULL;
- newMod->commonName = NULL;
- newMod->library = NULL;
- newMod->functionList = NULL;
- newMod->slotCount = 0;
- newMod->slots = NULL;
- newMod->slotInfo = NULL;
- newMod->slotInfoCount = 0;
- newMod->refCount = 1;
- newMod->ssl[0] = 0;
- newMod->ssl[1] = 0;
- newMod->libraryParams = NULL;
- newMod->moduleDBFunc = NULL;
- newMod->parent = NULL;
- newMod->isCritical = PR_FALSE;
- newMod->isModuleDB = PR_FALSE;
- newMod->moduleDBOnly = PR_FALSE;
- newMod->trustOrder = 0;
- newMod->cipherOrder = 0;
-#ifdef PKCS11_USE_THREADS
- newMod->refLock = (void *)PZ_NewLock(nssILockRefLock);
- if (newMod->refLock == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-#else
- newMod->refLock = NULL;
-#endif
- return newMod;
-
-}
-
-/*
- * for 3.4 we continue to use the old SECMODModule structure
- */
-SECMODModule *
-SECMOD_CreateModule(char *library, char *moduleName, char *parameters, char *nss)
-{
- SECMODModule *mod = secmod_NewModule();
- char *slotParams,*ciphers;
- if (mod == NULL) return NULL;
-
- mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : "");
- if (library) {
- mod->dllName = PORT_ArenaStrdup(mod->arena,library);
- }
- /* new field */
- if (parameters) {
- mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
- }
- mod->internal = pk11_argHasFlag("flags","internal",nss);
- mod->isFIPS = pk11_argHasFlag("flags","FIPS",nss);
- mod->isCritical = pk11_argHasFlag("flags","critical",nss);
- slotParams = pk11_argGetParamValue("slotParams",nss);
- mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams,
- &mod->slotInfoCount);
- if (slotParams) PORT_Free(slotParams);
- /* new field */
- mod->trustOrder = pk11_argReadLong("trustOrder",nss,
- PK11_DEFAULT_TRUST_ORDER,NULL);
- /* new field */
- mod->cipherOrder = pk11_argReadLong("cipherOrder",nss,
- PK11_DEFAULT_CIPHER_ORDER,NULL);
- /* new field */
- mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nss);
- mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nss);
- if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
-
- ciphers = pk11_argGetParamValue("ciphers",nss);
- pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers);
- if (ciphers) PORT_Free(ciphers);
-
- secmod_PrivateModuleCount++;
-
- return mod;
-}
-
-static char *
-pk11_mkModuleSpec(SECMODModule * module)
-{
- char *nss = NULL, *modSpec = NULL, **slotStrings = NULL;
- int slotCount, i, si;
-
- /* allocate target slot info strings */
- slotCount = 0;
- if (module->slotCount) {
- for (i=0; i < module->slotCount; i++) {
- if (module->slots[i]->defaultFlags !=0) {
- slotCount++;
- }
- }
- } else {
- slotCount = module->slotInfoCount;
- }
-
- slotStrings = (char **)PORT_ZAlloc(slotCount*sizeof(char *));
- if (slotStrings == NULL) {
- goto loser;
- }
-
-
- /* build the slot info strings */
- if (module->slotCount) {
- for (i=0, si= 0; i < module->slotCount; i++) {
- if (module->slots[i]->defaultFlags) {
- PORT_Assert(si < slotCount);
- if (si >= slotCount) break;
- slotStrings[si] = pk11_mkSlotString(module->slots[i]->slotID,
- module->slots[i]->defaultFlags,
- module->slots[i]->timeout,
- module->slots[i]->askpw,
- module->slots[i]->hasRootCerts,
- module->slots[i]->hasRootTrust);
- si++;
- }
- }
- } else {
- for (i=0; i < slotCount; i++) {
- slotStrings[i] = pk11_mkSlotString(module->slotInfo[i].slotID,
- module->slotInfo[i].defaultFlags,
- module->slotInfo[i].timeout,
- module->slotInfo[i].askpw,
- module->slotInfo[i].hasRootCerts,
- module->slotInfo[i].hasRootTrust);
- }
- }
-
- nss = pk11_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS,
- module->isModuleDB, module->moduleDBOnly, module->isCritical,
- module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]);
- modSpec= pk11_mkNewModuleSpec(module->dllName,module->commonName,
- module->libraryParams,nss);
- PORT_Free(slotStrings);
- PR_smprintf_free(nss);
-loser:
- return (modSpec);
-}
-
-
-char **
-SECMOD_GetModuleSpecList(SECMODModule *module)
-{
- SECMODModuleDBFunc func = (SECMODModuleDBFunc) module->moduleDBFunc;
- if (func) {
- return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
- module->libraryParams,NULL);
- }
- return NULL;
-}
-
-SECStatus
-SECMOD_AddPermDB(SECMODModule *module)
-{
- SECMODModuleDBFunc func;
- char *moduleSpec;
- char **retString;
-
- if (module->parent == NULL) return SECFailure;
-
- func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
- if (func) {
- moduleSpec = pk11_mkModuleSpec(module);
- retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD,
- module->parent->libraryParams,moduleSpec);
- PORT_Free(moduleSpec);
- if (retString != NULL) return SECSuccess;
- }
- return SECFailure;
-}
-
-SECStatus
-SECMOD_DeletePermDB(SECMODModule *module)
-{
- SECMODModuleDBFunc func;
- char *moduleSpec;
- char **retString;
-
- if (module->parent == NULL) return SECFailure;
-
- func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
- if (func) {
- moduleSpec = pk11_mkModuleSpec(module);
- retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL,
- module->parent->libraryParams,moduleSpec);
- PORT_Free(moduleSpec);
- if (retString != NULL) return SECSuccess;
- }
- return SECFailure;
-}
-
-SECStatus
-SECMOD_FreeModuleSpecList(SECMODModule *module, char **moduleSpecList)
-{
- SECMODModuleDBFunc func = (SECMODModuleDBFunc) module->moduleDBFunc;
- char **retString;
- if (func) {
- retString = (*func)(SECMOD_MODULE_DB_FUNCTION_RELEASE,
- module->libraryParams,moduleSpecList);
- if (retString != NULL) return SECSuccess;
- }
- return SECFailure;
-}
-
-/*
- * load a PKCS#11 module but do not add it to the default NSS trust domain
- */
-SECMODModule *
-SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
-{
- char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL;
- SECStatus status;
- SECMODModule *module = NULL;
- SECStatus rv;
-
- /* initialize the underlying module structures */
- SECMOD_Init();
-
- status = pk11_argParseModuleSpec(modulespec, &library, &moduleName,
- &parameters, &nss);
- if (status != SECSuccess) {
- goto loser;
- }
-
- module = SECMOD_CreateModule(library, moduleName, parameters, nss);
- if (library) PORT_Free(library);
- if (moduleName) PORT_Free(moduleName);
- if (parameters) PORT_Free(parameters);
- if (nss) PORT_Free(nss);
-
- /* load it */
- rv = SECMOD_LoadPKCS11Module(module);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (recurse && module->isModuleDB) {
- char ** moduleSpecList;
- char **index;
-
- moduleSpecList = SECMOD_GetModuleSpecList(module);
-
- for (index = moduleSpecList; index && *index; index++) {
- SECMODModule *child;
- child = SECMOD_LoadModule(*index,module,PR_TRUE);
- if (!child) break;
- if (child->isCritical && !child->loaded) {
- rv = SECFailure;
- SECMOD_DestroyModule(child);
- break;
- }
- SECMOD_DestroyModule(child);
- }
-
- SECMOD_FreeModuleSpecList(module,moduleSpecList);
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (parent) {
- module->parent = SECMOD_ReferenceModule(parent);
- }
-
- /* inherit the reference */
- if (!module->moduleDBOnly) {
- SECMOD_AddModuleToList(module);
- } else {
- SECMOD_AddModuleToDBOnlyList(module);
- }
-
- /* handle any additional work here */
- return module;
-
-loser:
- if (module) {
- if (module->loaded) {
- SECMOD_UnloadModule(module);
- }
- SECMOD_AddModuleToUnloadList(module);
- }
- return module;
-}
-
-/*
- * load a PKCS#11 module and add it to the default NSS trust domain
- */
-SECMODModule *
-SECMOD_LoadUserModule(char *modulespec,SECMODModule *parent, PRBool recurse)
-{
- SECStatus rv = SECSuccess;
- SECMODModule * newmod = SECMOD_LoadModule(modulespec, parent, recurse);
- if (newmod) {
- rv = STAN_AddModuleToDefaultTrustDomain(newmod);
- if (SECSuccess != rv) {
- SECMOD_DestroyModule(newmod);
- return NULL;
- }
- }
- return newmod;
-}
-
-/*
- * remove the PKCS#11 module from the default NSS trust domain, call
- * C_Finalize, and destroy the module structure
- */
-SECStatus SECMOD_UnloadUserModule(SECMODModule *mod)
-{
- SECStatus rv = SECSuccess;
- int atype = 0;
- if (!mod) {
- return SECFailure;
- }
- rv = STAN_RemoveModuleFromDefaultTrustDomain(mod);
- if (SECSuccess != rv) {
- return SECFailure;
- }
- return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE);
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pbe.c b/security/nss/lib/pk11wrap/pk11pbe.c
deleted file mode 100644
index ae574d731..000000000
--- a/security/nss/lib/pk11wrap/pk11pbe.c
+++ /dev/null
@@ -1,687 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "hasht.h"
-#include "pkcs11t.h"
-#include "sechash.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "secerr.h"
-#include "secmod.h"
-#include "pk11func.h"
-#include "secpkcs5.h"
-
-typedef struct SEC_PKCS5PBEParameterStr SEC_PKCS5PBEParameter;
-struct SEC_PKCS5PBEParameterStr {
- PRArenaPool *poolp;
- SECItem salt; /* octet string */
- SECItem iteration; /* integer */
-};
-
-
-/* template for PKCS 5 PBE Parameter. This template has been expanded
- * based upon the additions in PKCS 12. This should eventually be moved
- * if RSA updates PKCS 5.
- */
-const SEC_ASN1Template SEC_PKCS5PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_V2PKCS12PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER, offsetof(SEC_PKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-/* maps crypto algorithm from PBE algorithm.
- */
-SECOidTag
-SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid)
-{
-
- SECOidTag algorithm;
-
- if(algid == NULL)
- return SEC_OID_UNKNOWN;
-
- algorithm = SECOID_GetAlgorithmTag(algid);
- switch(algorithm)
- {
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
- return SEC_OID_DES_EDE3_CBC;
- case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
- return SEC_OID_DES_CBC;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- return SEC_OID_RC2_CBC;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- return SEC_OID_RC4;
- default:
- break;
- }
-
- return SEC_OID_UNKNOWN;
-}
-
-/* check to see if an oid is a pbe algorithm
- */
-PRBool
-SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid)
-{
- return (PRBool)(SEC_PKCS5GetCryptoAlgorithm(algid) != SEC_OID_UNKNOWN);
-}
-
-/* maps PBE algorithm from crypto algorithm, assumes SHA1 hashing.
- */
-SECOidTag
-SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen)
-{
- switch(algTag)
- {
- case SEC_OID_DES_EDE3_CBC:
- switch(keyLen) {
- case 168:
- case 192:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
- case 128:
- case 92:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC;
- default:
- break;
- }
- break;
- case SEC_OID_DES_CBC:
- return SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
- case SEC_OID_RC2_CBC:
- switch(keyLen) {
- case 40:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
- case 128:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
- default:
- break;
- }
- break;
- case SEC_OID_RC4:
- switch(keyLen) {
- case 40:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4;
- case 128:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4;
- default:
- break;
- }
- break;
- default:
- break;
- }
-
- return SEC_OID_UNKNOWN;
-}
-
-
-/* get the key length needed for the PBE algorithm
- */
-
-int
-SEC_PKCS5GetKeyLength(SECAlgorithmID *algid)
-{
-
- SECOidTag algorithm;
-
- if(algid == NULL)
- return SEC_OID_UNKNOWN;
-
- algorithm = SECOID_GetAlgorithmTag(algid);
-
- switch(algorithm)
- {
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- return 24;
- case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
- return 8;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- return 5;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- return 16;
- default:
- break;
- }
- return -1;
-}
-
-
-/* the V2 algorithms only encode the salt, there is no iteration
- * count so we need a check for V2 algorithm parameters.
- */
-static PRBool
-sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(SECOidTag algorithm)
-{
- switch(algorithm)
- {
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- return PR_TRUE;
- default:
- break;
- }
-
- return PR_FALSE;
-}
-/* destroy a pbe parameter. it assumes that the parameter was
- * generated using the appropriate create function and therefor
- * contains an arena pool.
- */
-static void
-sec_pkcs5_destroy_pbe_param(SEC_PKCS5PBEParameter *pbe_param)
-{
- if(pbe_param != NULL)
- PORT_FreeArena(pbe_param->poolp, PR_TRUE);
-}
-
-/* creates a PBE parameter based on the PBE algorithm. the only required
- * parameters are algorithm and interation. the return is a PBE parameter
- * which conforms to PKCS 5 parameter unless an extended parameter is needed.
- * this is primarily if keyLen and a variable key length algorithm are
- * specified.
- * salt - if null, a salt will be generated from random bytes.
- * iteration - number of iterations to perform hashing.
- * keyLen - only used in variable key length algorithms
- * iv - if null, the IV will be generated based on PKCS 5 when needed.
- * params - optional, currently unsupported additional parameters.
- * once a parameter is allocated, it should be destroyed calling
- * sec_pkcs5_destroy_pbe_parameter or SEC_PKCS5DestroyPBEParameter.
- */
-#define DEFAULT_SALT_LENGTH 16
-static SEC_PKCS5PBEParameter *
-sec_pkcs5_create_pbe_parameter(SECOidTag algorithm,
- SECItem *salt,
- int iteration)
-{
- PRArenaPool *poolp = NULL;
- SEC_PKCS5PBEParameter *pbe_param = NULL;
- SECStatus rv= SECSuccess;
- void *dummy = NULL;
-
- if(iteration < 0) {
- return NULL;
- }
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(poolp == NULL)
- return NULL;
-
- pbe_param = (SEC_PKCS5PBEParameter *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS5PBEParameter));
- if(!pbe_param) {
- PORT_FreeArena(poolp, PR_TRUE);
- return NULL;
- }
-
- pbe_param->poolp = poolp;
-
- rv = SECFailure;
- if (salt && salt->data) {
- rv = SECITEM_CopyItem(poolp, &pbe_param->salt, salt);
- } else {
- /* sigh, the old interface generated salt on the fly, so we have to
- * preserve the semantics */
- pbe_param->salt.len = DEFAULT_SALT_LENGTH;
- pbe_param->salt.data = PORT_ArenaZAlloc(poolp,DEFAULT_SALT_LENGTH);
- if (pbe_param->salt.data) {
- rv = PK11_GenerateRandom(pbe_param->salt.data,DEFAULT_SALT_LENGTH);
- }
- }
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_TRUE);
- return NULL;
- }
-
- /* encode the integer */
- dummy = SEC_ASN1EncodeInteger(poolp, &pbe_param->iteration,
- iteration);
- rv = (dummy) ? SECSuccess : SECFailure;
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
-
- return pbe_param;
-}
-
-/* creates a algorithm ID containing the PBE algorithm and appropriate
- * parameters. the required parameter is the algorithm. if salt is
- * not specified, it is generated randomly. if IV is specified, it overrides
- * the PKCS 5 generation of the IV.
- *
- * the returned SECAlgorithmID should be destroyed using
- * SECOID_DestroyAlgorithmID
- */
-SECAlgorithmID *
-SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm,
- SECItem *salt,
- int iteration)
-{
- PRArenaPool *poolp = NULL;
- SECAlgorithmID *algid, *ret_algid;
- SECItem der_param;
- SECStatus rv = SECFailure;
- SEC_PKCS5PBEParameter *pbe_param;
-
- if(iteration <= 0) {
- return NULL;
- }
-
- der_param.data = NULL;
- der_param.len = 0;
-
- /* generate the parameter */
- pbe_param = sec_pkcs5_create_pbe_parameter(algorithm, salt, iteration);
- if(!pbe_param) {
- return NULL;
- }
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(!poolp) {
- sec_pkcs5_destroy_pbe_param(pbe_param);
- return NULL;
- }
-
- /* generate the algorithm id */
- algid = (SECAlgorithmID *)PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
- if(algid != NULL) {
- void *dummy;
- if(!sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
- dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
- SEC_PKCS5PBEParameterTemplate);
- } else {
- dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
- SEC_V2PKCS12PBEParameterTemplate);
- }
-
- if(dummy) {
- rv = SECOID_SetAlgorithmID(poolp, algid, algorithm, &der_param);
- }
- }
-
- ret_algid = NULL;
- if(algid != NULL) {
- ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
- if(ret_algid != NULL) {
- rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
- if(rv != SECSuccess) {
- SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
- ret_algid = NULL;
- }
- }
- }
-
- if(poolp != NULL) {
- PORT_FreeArena(poolp, PR_TRUE);
- algid = NULL;
- }
-
- sec_pkcs5_destroy_pbe_param(pbe_param);
-
- return ret_algid;
-}
-
-SECStatus
-pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech)
-{
- CK_PBE_PARAMS *pbe_params = NULL;
- SEC_PKCS5PBEParameter p5_param;
- SECItem *salt = NULL;
- SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
- PRArenaPool *arena = NULL;
- SECStatus rv = SECFailure;
- int iv_len;
-
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) {
- goto loser;
- }
- iv_len = PK11_GetIVLength(PK11_AlgtagToMechanism(algorithm));
- if (iv_len < 0) {
- goto loser;
- }
-
- if (sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
- rv = SEC_ASN1DecodeItem(arena, &p5_param,
- SEC_V2PKCS12PBEParameterTemplate, &algid->parameters);
- } else {
- rv = SEC_ASN1DecodeItem(arena,&p5_param,SEC_PKCS5PBEParameterTemplate,
- &algid->parameters);
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- salt = &p5_param.salt;
-
- pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS)+
- salt->len+iv_len);
- if (pbe_params == NULL) {
- goto loser;
- }
-
- /* get salt */
- pbe_params->pSalt = ((CK_CHAR_PTR) pbe_params)+sizeof(CK_PBE_PARAMS);
- if (iv_len) {
- pbe_params->pInitVector = ((CK_CHAR_PTR) pbe_params)+
- sizeof(CK_PBE_PARAMS)+salt->len;
- }
- PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
- pbe_params->ulSaltLen = (CK_ULONG) salt->len;
-
- /* get iteration count */
- pbe_params->ulIteration = (CK_ULONG) DER_GetInteger(&p5_param.iteration);
-
- /* copy into the mechanism sec item */
- mech->data = (unsigned char *)pbe_params;
- mech->len = sizeof(*pbe_params);
- if (arena) {
- PORT_FreeArena(arena,PR_TRUE);
- }
- return SECSuccess;
-
-loser:
- if (pbe_params) {
- PORT_Free(pbe_params);
- }
- if (arena) {
- PORT_FreeArena(arena,PR_TRUE);
- }
- return SECFailure;
-}
-
-SECStatus
-PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, PRArenaPool *arena,
- SECAlgorithmID *algId)
-{
- CK_PBE_PARAMS *pbe_param;
- SECItem pbeSalt;
- SECAlgorithmID *pbeAlgID = NULL;
- SECStatus rv;
-
- if(!param || !algId) {
- return SECFailure;
- }
-
- pbe_param = (CK_PBE_PARAMS *)param->data;
- pbeSalt.data = (unsigned char *)pbe_param->pSalt;
- pbeSalt.len = pbe_param->ulSaltLen;
- pbeAlgID = SEC_PKCS5CreateAlgorithmID(algTag, &pbeSalt,
- (int)pbe_param->ulIteration);
- if(!pbeAlgID) {
- return SECFailure;
- }
-
- rv = SECOID_CopyAlgorithmID(arena, algId, pbeAlgID);
- SECOID_DestroyAlgorithmID(pbeAlgID, PR_TRUE);
- return rv;
-}
-
-PBEBitGenContext *
-PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
- SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
- unsigned int iterations)
-{
- SECItem *context = NULL;
- SECItem mechItem;
- CK_PBE_PARAMS pbe_params;
- CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;
- PK11SlotInfo *slot;
- PK11SymKey *symKey = NULL;
- unsigned char ivData[8];
-
-
- /* use the purpose to select the low level keygen algorithm */
- switch (bitGenPurpose) {
- case pbeBitGenIntegrityKey:
- switch (hashAlgorithm) {
- case SEC_OID_SHA1:
- mechanism = CKM_PBA_SHA1_WITH_SHA1_HMAC;
- break;
- case SEC_OID_MD2:
- mechanism = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
- break;
- case SEC_OID_MD5:
- mechanism = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
- break;
- default:
- break;
- }
- break;
- case pbeBitGenCipherIV:
- if (bitsNeeded > 64) {
- break;
- }
- if (hashAlgorithm != SEC_OID_SHA1) {
- break;
- }
- mechanism = CKM_PBE_SHA1_DES3_EDE_CBC;
- break;
- case pbeBitGenCipherKey:
- if (hashAlgorithm != SEC_OID_SHA1) {
- break;
- }
- switch (bitsNeeded) {
- case 40:
- mechanism = CKM_PBE_SHA1_RC4_40;
- break;
- case 128:
- mechanism = CKM_PBE_SHA1_RC4_128;
- break;
- default:
- break;
- }
- case pbeBitGenIDNull:
- break;
- }
-
- if (mechanism == CKM_INVALID_MECHANISM) {
- /* we should set an error, but this is a depricated function, and
- * we are keeping bug for bug compatibility;)... */
- return NULL;
- }
-
- pbe_params.pInitVector = ivData;
- pbe_params.pPassword = pwitem->data;
- pbe_params.ulPasswordLen = pwitem->len;
- pbe_params.pSalt = salt->data;
- pbe_params.ulSaltLen = salt->len;
- pbe_params.ulIteration = iterations;
- mechItem.data = (unsigned char *) &pbe_params;
- mechItem.len = sizeof(pbe_params);
-
-
- slot = PK11_GetInternalSlot();
- symKey = PK11_RawPBEKeyGen(slot,mechanism,
- &mechItem, pwitem, PR_FALSE, NULL);
- PK11_FreeSlot(slot);
- if (symKey != NULL) {
- if (bitGenPurpose == pbeBitGenCipherIV) {
- /* NOTE: this assumes that bitsNeeded is a multiple of 8! */
- SECItem ivItem;
-
- ivItem.data = ivData;
- ivItem.len = bitsNeeded/8;
- context = SECITEM_DupItem(&ivItem);
- } else {
- SECItem *keyData;
- PK11_ExtractKeyValue(symKey);
- keyData = PK11_GetKeyData(symKey);
-
- /* assert bitsNeeded with length? */
- if (keyData) {
- context = SECITEM_DupItem(keyData);
- }
- }
- PK11_FreeSymKey(symKey);
- }
-
- return (PBEBitGenContext *)context;
-}
-
-SECItem *
-PBE_GenerateBits(PBEBitGenContext *context)
-{
- return (SECItem *)context;
-}
-
-void
-PBE_DestroyContext(PBEBitGenContext *context)
-{
- SECITEM_FreeItem((SECItem *)context,PR_TRUE);
-}
-
-SECItem *
-SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES)
-{
- SECItem mechItem;
- SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
- CK_PBE_PARAMS *pbe_params;
- CK_MECHANISM_TYPE mechanism;
- SECItem *iv = NULL;
- SECStatus rv;
- int iv_len;
- PK11SlotInfo *slot;
- PK11SymKey *symKey;
-
- rv = pbe_PK11AlgidToParam(algid,&mechItem);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- mechanism = PK11_AlgtagToMechanism(algorithm);
- iv_len = PK11_GetIVLength(mechanism);
- pbe_params = (CK_PBE_PARAMS_PTR)mechItem.data;
-
- slot = PK11_GetInternalSlot();
- symKey = PK11_RawPBEKeyGen(slot,mechanism,
- &mechItem, pwitem, faulty3DES,NULL);
- PK11_FreeSlot(slot);
-
- if (symKey) {
- SECItem tmp;
-
- tmp.data = pbe_params->pInitVector;
- tmp.len = iv_len;
- iv = SECITEM_DupItem(&tmp);
- PK11_FreeSymKey(symKey);
- }
-
- if (mechItem.data) {
- PORT_ZFree(mechItem.data,mechItem.len);
- }
-
- return iv;
-}
-
-/*
- * Subs from nss 3.x that are depricated
- */
-PBEBitGenContext *
-__PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
- SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
- unsigned int iterations)
-{
- PORT_Assert("__PBE_CreateContext is Depricated" == NULL);
- return NULL;
-}
-
-SECItem *
-__PBE_GenerateBits(PBEBitGenContext *context)
-{
- PORT_Assert("__PBE_GenerateBits is Depricated" == NULL);
- return NULL;
-}
-
-void
-__PBE_DestroyContext(PBEBitGenContext *context)
-{
- PORT_Assert("__PBE_DestroyContext is Depricated" == NULL);
-}
-
-SECStatus
-RSA_FormatBlock(SECItem *result, unsigned modulusLen,
- int blockType, SECItem *data)
-{
- PORT_Assert("RSA_FormatBlock is Depricated" == NULL);
- return SECFailure;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pk12.c b/security/nss/lib/pk11wrap/pk11pk12.c
deleted file mode 100644
index d133d0b99..000000000
--- a/security/nss/lib/pk11wrap/pk11pk12.c
+++ /dev/null
@@ -1,553 +0,0 @@
-
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file PKCS #12 fuctions that should really be moved to the
- * PKCS #12 directory, however we can't do that in a point release
- * because that will break binary compatibility, so we keep them here for now.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-
-
-/* These data structures should move to a common .h file shared between the
- * wrappers and the pkcs 12 code. */
-
-/*
-** RSA Raw Private Key structures
-*/
-
-/* member names from PKCS#1, section 7.2 */
-struct SECKEYRSAPrivateKeyStr {
- PRArenaPool * arena;
- SECItem version;
- SECItem modulus;
- SECItem publicExponent;
- SECItem privateExponent;
- SECItem prime1;
- SECItem prime2;
- SECItem exponent1;
- SECItem exponent2;
- SECItem coefficient;
-};
-typedef struct SECKEYRSAPrivateKeyStr SECKEYRSAPrivateKey;
-
-
-/*
-** DSA Raw Private Key structures
-*/
-
-struct SECKEYDSAPrivateKeyStr {
- SECKEYPQGParams params;
- SECItem privateValue;
-};
-typedef struct SECKEYDSAPrivateKeyStr SECKEYDSAPrivateKey;
-
-/*
-** Diffie-Hellman Raw Private Key structures
-** Structure member names suggested by PKCS#3.
-*/
-struct SECKEYDHPrivateKeyStr {
- PRArenaPool * arena;
- SECItem prime;
- SECItem base;
- SECItem privateValue;
-};
-typedef struct SECKEYDHPrivateKeyStr SECKEYDHPrivateKey;
-
-/*
-** raw private key object
-*/
-struct SECKEYRawPrivateKeyStr {
- PLArenaPool *arena;
- KeyType keyType;
- union {
- SECKEYRSAPrivateKey rsa;
- SECKEYDSAPrivateKey dsa;
- SECKEYDHPrivateKey dh;
- } u;
-};
-typedef struct SECKEYRawPrivateKeyStr SECKEYRawPrivateKey;
-
-
-/* ASN1 Templates for new decoder/encoder */
-/*
- * Attribute value for PKCS8 entries (static?)
- */
-const SEC_ASN1Template SECKEY_AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECKEYAttribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(SECKEYAttribute, attrType) },
- { SEC_ASN1_SET_OF, offsetof(SECKEYAttribute, attrValue),
- SEC_AnyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_SetOfAttributeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SECKEY_AttributeTemplate },
-};
-
-const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPrivateKeyInfo) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPrivateKeyInfo,version) },
- { SEC_ASN1_INLINE, offsetof(SECKEYPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPrivateKeyInfo,privateKey) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SECKEYPrivateKeyInfo,attributes),
- SECKEY_SetOfAttributeTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, SECKEY_PrivateKeyInfoTemplate }
-};
-
-const SEC_ASN1Template SECKEY_RSAPrivateKeyExportTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRawPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.version) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.modulus) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.publicExponent) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.privateExponent) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.prime1) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.prime2) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.exponent1) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.exponent2) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.coefficient) },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template SECKEY_DHPrivateKeyExportTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.privateValue) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.base) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.prime) },
-};
-
-const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECKEYEncryptedPrivateKeyInfo) },
- { SEC_ASN1_INLINE,
- offsetof(SECKEYEncryptedPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SECKEYEncryptedPrivateKeyInfo,encryptedData) },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, SECKEY_EncryptedPrivateKeyInfoTemplate }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_EncryptedPrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToPrivateKeyInfoTemplate)
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type. This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-static void
-prepare_rsa_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
-{
- key->u.rsa.modulus.type = siUnsignedInteger;
- key->u.rsa.publicExponent.type = siUnsignedInteger;
- key->u.rsa.privateExponent.type = siUnsignedInteger;
- key->u.rsa.prime1.type = siUnsignedInteger;
- key->u.rsa.prime2.type = siUnsignedInteger;
- key->u.rsa.exponent1.type = siUnsignedInteger;
- key->u.rsa.exponent2.type = siUnsignedInteger;
- key->u.rsa.coefficient.type = siUnsignedInteger;
-}
-
-static void
-prepare_dsa_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
-{
- key->u.dsa.privateValue.type = siUnsignedInteger;
- key->u.dsa.params.prime.type = siUnsignedInteger;
- key->u.dsa.params.subPrime.type = siUnsignedInteger;
- key->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-static void
-prepare_dh_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
-{
- key->u.dh.privateValue.type = siUnsignedInteger;
- key->u.dh.prime.type = siUnsignedInteger;
- key->u.dh.base.type = siUnsignedInteger;
-}
-
-
-SECStatus
-PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot, SECItem *derPKI,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, void *wincx)
-{
- return PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, derPKI,
- nickname, publicValue, isPerm, isPrivate, keyUsage, NULL, wincx);
-}
-
-SECStatus
-PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey** privk,
- void *wincx)
-{
- SECKEYPrivateKeyInfo *pki = NULL;
- PRArenaPool *temparena = NULL;
- SECStatus rv = SECFailure;
-
- temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo);
- pki->arena = temparena;
-
- rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
- derPKI);
- if( rv != SECSuccess ) {
- goto finish;
- }
-
- rv = PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
- publicValue, isPerm, isPrivate, keyUsage, privk, wincx);
-
-finish:
- if( pki != NULL ) {
- /* this zeroes the key and frees the arena */
- SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
- }
- return rv;
-}
-
-SECStatus
-PK11_ImportAndReturnPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey **privk,
- void *wincx)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keyType = CKK_RSA;
- CK_OBJECT_HANDLE objectID;
- CK_ATTRIBUTE theTemplate[20];
- int templateCount = 0;
- SECStatus rv = SECFailure;
- PRArenaPool *arena;
- CK_ATTRIBUTE *attrs;
- CK_ATTRIBUTE *signedattr = NULL;
- int signedcount = 0;
- CK_ATTRIBUTE *ap;
- SECItem *ck_id = NULL;
-
- arena = PORT_NewArena(2048);
- if(!arena) {
- return SECFailure;
- }
-
- attrs = theTemplate;
-
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, isPerm ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_SENSITIVE, isPrivate ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE, isPrivate ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
-
- switch (lpk->keyType) {
- case rsaKey:
- keyType = CKK_RSA;
- PK11_SETATTRS(attrs, CKA_UNWRAP, (keyUsage & KU_KEY_ENCIPHERMENT) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_DECRYPT, (keyUsage & KU_DATA_ENCIPHERMENT) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_SIGN, (keyUsage & KU_DIGITAL_SIGNATURE) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_SIGN_RECOVER,
- (keyUsage & KU_DIGITAL_SIGNATURE) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- ck_id = PK11_MakeIDFromPubKey(&lpk->u.rsa.modulus);
- if (ck_id == NULL) {
- goto loser;
- }
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
- if (nickname) {
- PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len); attrs++;
- }
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_MODULUS, lpk->u.rsa.modulus.data,
- lpk->u.rsa.modulus.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
- lpk->u.rsa.publicExponent.data,
- lpk->u.rsa.publicExponent.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE_EXPONENT,
- lpk->u.rsa.privateExponent.data,
- lpk->u.rsa.privateExponent.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIME_1,
- lpk->u.rsa.prime1.data,
- lpk->u.rsa.prime1.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIME_2,
- lpk->u.rsa.prime2.data,
- lpk->u.rsa.prime2.len); attrs++;
- PK11_SETATTRS(attrs, CKA_EXPONENT_1,
- lpk->u.rsa.exponent1.data,
- lpk->u.rsa.exponent1.len); attrs++;
- PK11_SETATTRS(attrs, CKA_EXPONENT_2,
- lpk->u.rsa.exponent2.data,
- lpk->u.rsa.exponent2.len); attrs++;
- PK11_SETATTRS(attrs, CKA_COEFFICIENT,
- lpk->u.rsa.coefficient.data,
- lpk->u.rsa.coefficient.len); attrs++;
- break;
- case dsaKey:
- keyType = CKK_DSA;
- /* To make our intenal PKCS #11 module work correctly with
- * our database, we need to pass in the public key value for
- * this dsa key. We have a netscape only CKA_ value to do this.
- * Only send it to internal slots */
- if( publicValue == NULL ) {
- goto loser;
- }
- if (PK11_IsInternal(slot)) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
- publicValue->data, publicValue->len); attrs++;
- }
- PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_SIGN_RECOVER, &cktrue, sizeof(CK_BBOOL)); attrs++;
- if(nickname) {
- PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
- attrs++;
- }
- ck_id = PK11_MakeIDFromPubKey(publicValue);
- if (ck_id == NULL) {
- goto loser;
- }
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, lpk->u.dsa.params.prime.data,
- lpk->u.dsa.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,lpk->u.dsa.params.subPrime.data,
- lpk->u.dsa.params.subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, lpk->u.dsa.params.base.data,
- lpk->u.dsa.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, lpk->u.dsa.privateValue.data,
- lpk->u.dsa.privateValue.len); attrs++;
- break;
- case dhKey:
- keyType = CKK_DH;
- /* To make our intenal PKCS #11 module work correctly with
- * our database, we need to pass in the public key value for
- * this dh key. We have a netscape only CKA_ value to do this.
- * Only send it to internal slots */
- if (PK11_IsInternal(slot)) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
- publicValue->data, publicValue->len); attrs++;
- }
- PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL)); attrs++;
- if(nickname) {
- PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
- attrs++;
- }
- ck_id = PK11_MakeIDFromPubKey(publicValue);
- if (ck_id == NULL) {
- goto loser;
- }
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, lpk->u.dh.prime.data,
- lpk->u.dh.prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, lpk->u.dh.base.data,
- lpk->u.dh.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, lpk->u.dh.privateValue.data,
- lpk->u.dh.privateValue.len); attrs++;
- break;
- /* what about fortezza??? */
- default:
- PORT_SetError(SEC_ERROR_BAD_KEY);
- goto loser;
- }
- templateCount = attrs - theTemplate;
- PORT_Assert(templateCount <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
- PORT_Assert(signedattr != NULL);
- signedcount = attrs - signedattr;
-
- for (ap=signedattr; signedcount; ap++, signedcount--) {
- pk11_SignedToUnsigned(ap);
- }
-
- rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION,
- theTemplate, templateCount, isPerm, &objectID);
-
- /* create and return a SECKEYPrivateKey */
- if( rv == SECSuccess && privk != NULL) {
- *privk = PK11_MakePrivKey(slot, lpk->keyType, !isPerm, objectID, wincx);
- if( *privk == NULL ) {
- rv = SECFailure;
- }
- }
-loser:
- if (ck_id) {
- SECITEM_ZfreeItem(ck_id, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-PK11_ImportPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, void *wincx)
-{
- return PK11_ImportAndReturnPrivateKey(slot, lpk, nickname, publicValue,
- isPerm, isPrivate, keyUsage, NULL, wincx);
-}
-
-SECStatus
-PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
- SECKEYPrivateKeyInfo *pki, SECItem *nickname, SECItem *publicValue,
- PRBool isPerm, PRBool isPrivate, unsigned int keyUsage,
- SECKEYPrivateKey **privk, void *wincx)
-{
- CK_KEY_TYPE keyType = CKK_RSA;
- SECStatus rv = SECFailure;
- SECKEYRawPrivateKey *lpk = NULL;
- const SEC_ASN1Template *keyTemplate, *paramTemplate;
- void *paramDest = NULL;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048);
- if(!arena) {
- return SECFailure;
- }
-
- /* need to change this to use RSA/DSA keys */
- lpk = (SECKEYRawPrivateKey *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYRawPrivateKey));
- if(lpk == NULL) {
- goto loser;
- }
- lpk->arena = arena;
-
- switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- prepare_rsa_priv_key_export_for_asn1(lpk);
- keyTemplate = SECKEY_RSAPrivateKeyExportTemplate;
- paramTemplate = NULL;
- paramDest = NULL;
- lpk->keyType = rsaKey;
- keyType = CKK_RSA;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- prepare_dsa_priv_key_export_for_asn1(lpk);
- keyTemplate = SECKEY_DSAPrivateKeyExportTemplate;
- paramTemplate = SECKEY_PQGParamsTemplate;
- paramDest = &(lpk->u.dsa.params);
- lpk->keyType = dsaKey;
- keyType = CKK_DSA;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- if(!publicValue) {
- goto loser;
- }
- prepare_dh_priv_key_export_for_asn1(lpk);
- keyTemplate = SECKEY_DHPrivateKeyExportTemplate;
- paramTemplate = NULL;
- paramDest = NULL;
- lpk->keyType = dhKey;
- keyType = CKK_DH;
- break;
-
- default:
- keyTemplate = NULL;
- paramTemplate = NULL;
- paramDest = NULL;
- break;
- }
-
- if(!keyTemplate) {
- goto loser;
- }
-
- /* decode the private key and any algorithm parameters */
- rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
- if(rv != SECSuccess) {
- goto loser;
- }
- if(paramDest && paramTemplate) {
- rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate,
- &(pki->algorithm.parameters));
- if(rv != SECSuccess) {
- goto loser;
- }
- }
-
- rv = PK11_ImportAndReturnPrivateKey(slot,lpk,nickname,publicValue, isPerm,
- isPrivate, keyUsage, privk, wincx);
-
-
-loser:
- if (lpk!= NULL) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- return rv;
-}
-
-SECStatus
-PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot, SECKEYPrivateKeyInfo *pki,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, void *wincx)
-{
- return PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
- publicValue, isPerm, isPrivate, keyUsage, NULL, wincx);
-
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pqg.c b/security/nss/lib/pk11wrap/pk11pqg.c
deleted file mode 100644
index a779d6c74..000000000
--- a/security/nss/lib/pk11wrap/pk11pqg.c
+++ /dev/null
@@ -1,373 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* Thse functions are stub functions which will get replaced with calls through
- * PKCS #11.
- */
-
-#include "pk11func.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pkcs11t.h"
-#include "pk11pqg.h"
-#include "secerr.h"
-
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j. Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus
-PK11_PQG_ParamGenSeedLen( unsigned int j, unsigned int seedBytes,
- PQGParams **pParams, PQGVerify **pVfy)
-{
- PK11SlotInfo *slot = NULL;
- CK_ATTRIBUTE genTemplate[5];
- CK_ATTRIBUTE *attrs = genTemplate;
- int count = sizeof(genTemplate)/sizeof(genTemplate[0]);
- CK_MECHANISM mechanism;
- CK_OBJECT_HANDLE objectID = CK_INVALID_HANDLE;
- CK_RV crv;
- CK_ATTRIBUTE pTemplate[] = {
- { CKA_PRIME, NULL, 0 },
- { CKA_SUBPRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- };
- CK_ATTRIBUTE vTemplate[] = {
- { CKA_NETSCAPE_PQG_COUNTER, NULL, 0 },
- { CKA_NETSCAPE_PQG_SEED, NULL, 0 },
- { CKA_NETSCAPE_PQG_H, NULL, 0 },
- };
- int pTemplateCount = sizeof(pTemplate)/sizeof(pTemplate[0]);
- int vTemplateCount = sizeof(vTemplate)/sizeof(vTemplate[0]);
- PRArenaPool *parena = NULL;
- PRArenaPool *varena = NULL;
- PQGParams *params = NULL;
- PQGVerify *verify = NULL;
- CK_ULONG primeBits = j;
- CK_ULONG seedBits = seedBytes*8;
-
- *pParams = NULL;
- *pVfy = NULL;
-
- PK11_SETATTRS(attrs, CKA_PRIME_BITS,&primeBits,sizeof(primeBits)); attrs++;
- if (seedBits != 0) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_SEED_BITS,
- &seedBits, sizeof(seedBits)); attrs++;
- }
- count = attrs - genTemplate;
- PR_ASSERT(count <= sizeof(genTemplate)/sizeof(CK_ATTRIBUTE));
-
- slot = PK11_GetInternalSlot();
- if (slot == NULL) {
- /* set error */
- goto loser;
- }
-
- /* Initialize the Key Gen Mechanism */
- mechanism.mechanism = CKM_DSA_PARAMETER_GEN;
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GenerateKey(slot->session,
- &mechanism, genTemplate, count, &objectID);
- PK11_ExitSlotMonitor(slot);
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
- parena = PORT_NewArena(60);
- crv = PK11_GetAttributes(parena, slot, objectID, pTemplate, pTemplateCount);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
-
- params = (PQGParams *)PORT_ArenaAlloc(parena,sizeof(PQGParams));
- if (params == NULL) {
- goto loser;
- }
-
- /* fill in Params */
- params->arena = parena;
- params->prime.data = pTemplate[0].pValue;
- params->prime.len = pTemplate[0].ulValueLen;
- params->subPrime.data = pTemplate[1].pValue;
- params->subPrime.len = pTemplate[1].ulValueLen;
- params->base.data = pTemplate[2].pValue;
- params->base.len = pTemplate[2].ulValueLen;
-
-
- varena = PORT_NewArena(60);
- crv = PK11_GetAttributes(varena, slot, objectID, vTemplate, vTemplateCount);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
-
- verify = (PQGVerify *)PORT_ArenaAlloc(varena,sizeof(PQGVerify));
- if (verify == NULL) {
- goto loser;
- }
- /* fill in Params */
- verify->arena = varena;
- verify->counter = (unsigned int)(*(CK_ULONG*)vTemplate[0].pValue);
- verify->seed.data = vTemplate[1].pValue;
- verify->seed.len = vTemplate[1].ulValueLen;
- verify->h.data = vTemplate[2].pValue;
- verify->h.len = vTemplate[2].ulValueLen;
-
- PK11_DestroyObject(slot,objectID);
- PK11_FreeSlot(slot);
-
- *pParams = params;
- *pVfy = verify;
-
- return SECSuccess;
-
-loser:
- if (objectID != CK_INVALID_HANDLE) {
- PK11_DestroyObject(slot,objectID);
- }
- if (parena != NULL) {
- PORT_FreeArena(parena,PR_FALSE);
- }
- if (varena != NULL) {
- PORT_FreeArena(varena,PR_FALSE);
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
- return SECFailure;
-}
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P.
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus
-PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
- return PK11_PQG_ParamGenSeedLen(j, 0, pParams, pVfy);
-}
-
-/* Test PQGParams for validity as DSS PQG values.
- * If vfy is non-NULL, test PQGParams to make sure they were generated
- * using the specified seed, counter, and h values.
- *
- * Return value indicates whether Verification operation ran succesfully
- * to completion, but does not indicate if PQGParams are valid or not.
- * If return value is SECSuccess, then *pResult has these meanings:
- * SECSuccess: PQGParams are valid.
- * SECFailure: PQGParams are invalid.
- */
-
-extern SECStatus
-PK11_PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy,
- SECStatus *result)
-{
- CK_ATTRIBUTE keyTempl[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_KEY_TYPE, NULL, 0 },
- { CKA_PRIME, NULL, 0 },
- { CKA_SUBPRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- { CKA_TOKEN, NULL, 0 },
- { CKA_NETSCAPE_PQG_COUNTER, NULL, 0 },
- { CKA_NETSCAPE_PQG_SEED, NULL, 0 },
- { CKA_NETSCAPE_PQG_H, NULL, 0 },
- };
- CK_ATTRIBUTE *attrs;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS class = CKO_KG_PARAMETERS;
- CK_KEY_TYPE keyType = CKK_DSA;
- SECStatus rv = SECSuccess;
- PK11SlotInfo *slot;
- int keyCount;
- CK_OBJECT_HANDLE objectID;
- CK_ULONG counter;
- CK_RV crv;
-
- attrs = keyTempl;
- PK11_SETATTRS(attrs, CKA_CLASS, &class, sizeof(class)); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType)); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIME, params->prime.data,
- params->prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SUBPRIME, params->subPrime.data,
- params->subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE,params->base.data,params->base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ckfalse, sizeof(ckfalse)); attrs++;
- if (vfy) {
- counter = vfy->counter;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_COUNTER,
- &counter, sizeof(counter)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_SEED,
- vfy->seed.data, vfy->seed.len); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_H,
- vfy->h.data, vfy->h.len); attrs++;
- }
-
- keyCount = attrs - keyTempl;
- PORT_Assert(keyCount <= sizeof(keyTempl)/sizeof(keyTempl[0]));
-
-
- slot = PK11_GetInternalSlot();
- if (slot == NULL) {
- return SECFailure;
- }
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_CreateObject(slot->session, keyTempl, keyCount,
- &objectID);
- PK11_ExitSlotMonitor(slot);
-
- /* throw away the keys, we only wanted the return code */
- PK11_DestroyObject(slot,objectID);
- PK11_FreeSlot(slot);
-
- *result = SECSuccess;
- if (crv == CKR_ATTRIBUTE_VALUE_INVALID) {
- *result = SECFailure;
- } else if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
- return rv;
-
-}
-
-
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-extern void
-PK11_PQG_DestroyParams(PQGParams *params) {
- PQG_DestroyParams(params);
- return;
-}
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-extern void
-PK11_PQG_DestroyVerify(PQGVerify *vfy) {
- PQG_DestroyVerify(vfy);
- return;
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGParams *
-PK11_PQG_NewParams(const SECItem * prime, const SECItem * subPrime,
- const SECItem * base) {
- return PQG_NewParams(prime, subPrime, base);
-}
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime) {
- return PQG_GetPrimeFromParams(params, prime);
-}
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime) {
- return PQG_GetSubPrimeFromParams(params, subPrime);
-}
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetBaseFromParams(const PQGParams *params, SECItem *base) {
- return PQG_GetBaseFromParams(params, base);
-}
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGVerify *
-PK11_PQG_NewVerify(unsigned int counter, const SECItem * seed,
- const SECItem * h) {
- return PQG_NewVerify(counter, seed, h);
-}
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int
-PK11_PQG_GetCounterFromVerify(const PQGVerify *verify) {
- return PQG_GetCounterFromVerify(verify);
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed) {
- return PQG_GetSeedFromVerify(verify, seed);
-}
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h) {
- return PQG_GetHFromVerify(verify, h);
-}
diff --git a/security/nss/lib/pk11wrap/pk11pqg.h b/security/nss/lib/pk11wrap/pk11pqg.h
deleted file mode 100644
index 20becf821..000000000
--- a/security/nss/lib/pk11wrap/pk11pqg.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* Thse functions are stub functions which will get replaced with calls through
- * PKCS #11.
- */
-
-#ifndef _PK11PQG_H_
-#define _PK11PQG_H_ 1
-
-#include "blapit.h"
-#include "pqgutil.h"
-
-SEC_BEGIN_PROTOS
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P.
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams,
- PQGVerify **pVfy);
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j. Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus PK11_PQG_ParamGenSeedLen( unsigned int j,
- unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy);
-
-/* Test PQGParams for validity as DSS PQG values.
- * If vfy is non-NULL, test PQGParams to make sure they were generated
- * using the specified seed, counter, and h values.
- *
- * Return value indicates whether Verification operation ran succesfully
- * to completion, but does not indicate if PQGParams are valid or not.
- * If return value is SECSuccess, then *pResult has these meanings:
- * SECSuccess: PQGParams are valid.
- * SECFailure: PQGParams are invalid.
- *
- * Verify the following 12 facts about PQG counter SEED g and h
- * 1. Q is 160 bits long.
- * 2. P is one of the 9 valid lengths.
- * 3. G < P
- * 4. P % Q == 1
- * 5. Q is prime
- * 6. P is prime
- * Steps 7-12 are done only if the optional PQGVerify is supplied.
- * 7. counter < 4096
- * 8. g >= 160 and g < 2048 (g is length of seed in bits)
- * 9. Q generated from SEED matches Q in PQGParams.
- * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
- * 11. 1 < h < P-1
- * 12. G generated from h matches G in PQGParams.
- */
-
-extern SECStatus PK11_PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result);
-extern void PK11_PQG_DestroyParams(PQGParams *params);
-extern void PK11_PQG_DestroyVerify(PQGVerify *vfy);
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGParams * PK11_PQG_NewParams(const SECItem * prime, const
- SECItem * subPrime, const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetPrimeFromParams(const PQGParams *params,
- SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetSubPrimeFromParams(const PQGParams *params,
- SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetBaseFromParams(const PQGParams *params,
- SECItem *base);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGVerify * PK11_PQG_NewVerify(unsigned int counter,
- const SECItem * seed, const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PK11_PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetSeedFromVerify(const PQGVerify *verify,
- SECItem *seed);
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11sdr.c b/security/nss/lib/pk11wrap/pk11sdr.c
deleted file mode 100644
index 613000ecf..000000000
--- a/security/nss/lib/pk11wrap/pk11sdr.c
+++ /dev/null
@@ -1,322 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * thayes@netscape.com
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-
-#include "seccomon.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "pk11sdr.h"
-
-/*
- * Data structure and template for encoding the result of an SDR operation
- * This is temporary. It should include the algorithm ID of the encryption mechanism
- */
-struct SDRResult
-{
- SECItem keyid;
- SECAlgorithmID alg;
- SECItem data;
-};
-typedef struct SDRResult SDRResult;
-
-static SEC_ASN1Template template[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (SDRResult) },
- { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, keyid) },
- { SEC_ASN1_INLINE, offsetof(SDRResult, alg), SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, data) },
- { 0 }
-};
-
-static unsigned char keyID[] = {
- 0xF8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-};
-
-static SECItem keyIDItem = {
- 0,
- keyID,
- sizeof keyID
-};
-
-/* local utility function for padding an incoming data block
- * to the mechanism block size.
- */
-static SECStatus
-padBlock(SECItem *data, int blockSize, SECItem *result)
-{
- SECStatus rv = SECSuccess;
- int padLength;
- unsigned int i;
-
- result->data = 0;
- result->len = 0;
-
- /* This algorithm always adds to the block (to indicate the number
- * of pad bytes). So allocate a block large enough.
- */
- padLength = blockSize - (data->len % blockSize);
- result->len = data->len + padLength;
- result->data = (unsigned char *)PORT_Alloc(result->len);
-
- /* Copy the data */
- PORT_Memcpy(result->data, data->data, data->len);
-
- /* Add the pad values */
- for(i = data->len; i < result->len; i++)
- result->data[i] = (unsigned char)padLength;
-
- return rv;
-}
-
-static SECStatus
-unpadBlock(SECItem *data, int blockSize, SECItem *result)
-{
- SECStatus rv = SECSuccess;
- int padLength;
-
- result->data = 0;
- result->len = 0;
-
- /* Remove the padding from the end if the input data */
- if (data->len == 0 || data->len % blockSize != 0) { rv = SECFailure; goto loser; }
-
- padLength = data->data[data->len-1];
- if (padLength > blockSize) { rv = SECFailure; goto loser; }
-
- result->len = data->len - padLength;
- result->data = (unsigned char *)PORT_Alloc(result->len);
- if (!result->data) { rv = SECFailure; goto loser; }
-
- PORT_Memcpy(result->data, data->data, result->len);
-
-loser:
- return rv;
-}
-
-static PRLock *pk11sdrLock = NULL;
-
-void
-pk11sdr_Init (void)
-{
- pk11sdrLock = PR_NewLock();
-}
-
-void
-pk11sdr_Shutdown(void)
-{
- if (pk11sdrLock) {
- PR_DestroyLock(pk11sdrLock);
- pk11sdrLock = NULL;
- }
-}
-
-/*
- * PK11SDR_Encrypt
- * Encrypt a block of data using the symmetric key identified. The result
- * is an ASN.1 (DER) encoded block of keyid, params and data.
- */
-SECStatus
-PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx)
-{
- SECStatus rv = SECSuccess;
- PK11SlotInfo *slot = 0;
- PK11SymKey *key = 0;
- SECItem *params = 0;
- PK11Context *ctx = 0;
- CK_MECHANISM_TYPE type;
- SDRResult sdrResult;
- SECItem paddedData;
- SECItem *pKeyID;
- PLArenaPool *arena = 0;
-
- /* Initialize */
- paddedData.len = 0;
- paddedData.data = 0;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (!arena) { rv = SECFailure; goto loser; }
-
- /* 1. Locate the requested keyid, or the default key (which has a keyid)
- * 2. Create an encryption context
- * 3. Encrypt
- * 4. Encode the results (using ASN.1)
- */
-
- slot = PK11_GetInternalKeySlot();
- if (!slot) { rv = SECFailure; goto loser; }
-
- /* Use triple-DES */
- type = CKM_DES3_CBC;
-
- /*
- * Login to the internal token before we look for the key, otherwise we
- * won't find it.
- */
- rv = PK11_Authenticate(slot, PR_TRUE, cx);
- if (rv != SECSuccess) goto loser;
-
- /* Find the key to use */
- pKeyID = keyid;
- if (pKeyID->len == 0) {
- pKeyID = &keyIDItem; /* Use default value */
-
- /* put in a course lock to prevent a race between not finding the
- * key and creating one.
- */
-
- if (pk11sdrLock) PR_Lock(pk11sdrLock);
-
- /* Try to find the key */
- key = PK11_FindFixedKey(slot, type, pKeyID, cx);
-
- /* If the default key doesn't exist yet, try to create it */
- if (!key) key = PK11_GenDES3TokenKey(slot, pKeyID, cx);
- if (pk11sdrLock) PR_Unlock(pk11sdrLock);
- } else {
- key = PK11_FindFixedKey(slot, type, pKeyID, cx);
- }
-
- if (!key) { rv = SECFailure; goto loser; }
-
- params = PK11_GenerateNewParam(type, key);
- if (!params) { rv = SECFailure; goto loser; }
-
- ctx = PK11_CreateContextBySymKey(type, CKA_ENCRYPT, key, params);
- if (!ctx) { rv = SECFailure; goto loser; }
-
- rv = padBlock(data, PK11_GetBlockSize(type, 0), &paddedData);
- if (rv != SECSuccess) goto loser;
-
- sdrResult.data.len = paddedData.len;
- sdrResult.data.data = (unsigned char *)PORT_ArenaAlloc(arena, sdrResult.data.len);
-
- rv = PK11_CipherOp(ctx, sdrResult.data.data, (int*)&sdrResult.data.len, sdrResult.data.len,
- paddedData.data, paddedData.len);
- if (rv != SECSuccess) goto loser;
-
- PK11_Finalize(ctx);
-
- sdrResult.keyid = *pKeyID;
-
- rv = PK11_ParamToAlgid(SEC_OID_DES_EDE3_CBC, params, arena, &sdrResult.alg);
- if (rv != SECSuccess) goto loser;
-
- if (!SEC_ASN1EncodeItem(0, result, &sdrResult, template)) { rv = SECFailure; goto loser; }
-
-loser:
- SECITEM_ZfreeItem(&paddedData, PR_FALSE);
- if (arena) PORT_FreeArena(arena, PR_TRUE);
- if (ctx) PK11_DestroyContext(ctx, PR_TRUE);
- if (params) SECITEM_ZfreeItem(params, PR_TRUE);
- if (key) PK11_FreeSymKey(key);
- if (slot) PK11_FreeSlot(slot);
-
- return rv;
-}
-
-/*
- * PK11SDR_Decrypt
- * Decrypt a block of data produced by PK11SDR_Encrypt. The key used is identified
- * by the keyid field within the input.
- */
-SECStatus
-PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx)
-{
- SECStatus rv = SECSuccess;
- PK11SlotInfo *slot = 0;
- PK11SymKey *key = 0;
- PK11Context *ctx = 0;
- CK_MECHANISM_TYPE type;
- SDRResult sdrResult;
- SECItem *params = 0;
- SECItem paddedResult;
- PLArenaPool *arena = 0;
-
- paddedResult.len = 0;
- paddedResult.data = 0;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (!arena) { rv = SECFailure; goto loser; }
-
- /* Decode the incoming data */
- memset(&sdrResult, 0, sizeof sdrResult);
- rv = SEC_ASN1DecodeItem(arena, &sdrResult, template, data);
- if (rv != SECSuccess) goto loser; /* Invalid format */
-
- /* Find the slot and key for the given keyid */
- slot = PK11_GetInternalKeySlot();
- if (!slot) { rv = SECFailure; goto loser; }
-
- rv = PK11_Authenticate(slot, PR_TRUE, cx);
- if (rv != SECSuccess) goto loser;
-
- /* Use triple-DES (Should look up the algorithm) */
- type = CKM_DES3_CBC;
- key = PK11_FindFixedKey(slot, type, &sdrResult.keyid, cx);
- if (!key) { rv = SECFailure; goto loser; }
-
- /* Get the parameter values from the data */
- params = PK11_ParamFromAlgid(&sdrResult.alg);
- if (!params) { rv = SECFailure; goto loser; }
-
- ctx = PK11_CreateContextBySymKey(type, CKA_DECRYPT, key, params);
- if (!ctx) { rv = SECFailure; goto loser; }
-
- paddedResult.len = sdrResult.data.len;
- paddedResult.data = PORT_ArenaAlloc(arena, paddedResult.len);
-
- rv = PK11_CipherOp(ctx, paddedResult.data, (int*)&paddedResult.len, paddedResult.len,
- sdrResult.data.data, sdrResult.data.len);
- if (rv != SECSuccess) goto loser;
-
- PK11_Finalize(ctx);
-
- /* Remove the padding */
- rv = unpadBlock(&paddedResult, PK11_GetBlockSize(type, 0), result);
- if (rv) goto loser;
-
-loser:
- /* SECITEM_ZfreeItem(&paddedResult, PR_FALSE); */
- if (arena) PORT_FreeArena(arena, PR_TRUE);
- if (ctx) PK11_DestroyContext(ctx, PR_TRUE);
- if (key) PK11_FreeSymKey(key);
- if (params) SECITEM_ZfreeItem(params, PR_TRUE);
- if (slot) PK11_FreeSlot(slot);
-
- return rv;
-}
diff --git a/security/nss/lib/pk11wrap/pk11sdr.h b/security/nss/lib/pk11wrap/pk11sdr.h
deleted file mode 100644
index 652098cad..000000000
--- a/security/nss/lib/pk11wrap/pk11sdr.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-
-#ifndef _PK11SDR_H_
-#define _PK11SDR_H_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * PK11SDR_Encrypt - encrypt data using the specified key id or SDR default
- *
- */
-SECStatus
-PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx);
-
-/*
- * PK11SDR_Decrypt - decrypt data previously encrypted with PK11SDR_Encrypt
- */
-SECStatus
-PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c
deleted file mode 100644
index 430b40f3e..000000000
--- a/security/nss/lib/pk11wrap/pk11skey.c
+++ /dev/null
@@ -1,5350 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-#include "ec.h"
-
-#define PAIRWISE_SECITEM_TYPE siBuffer
-#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
-#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
-
-/* forward static declarations. */
-static PK11SymKey *pk11_DeriveWithTemplate(PK11SymKey *baseKey,
- CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize, CK_ATTRIBUTE *userAttr,
- unsigned int numAttrs);
-
-
-/*
- * strip leading zero's from key material
- */
-void
-pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib) {
- char *ptr = (char *)attrib->pValue;
- unsigned long len = attrib->ulValueLen;
-
- while (len && (*ptr == 0)) {
- len--;
- ptr++;
- }
- attrib->pValue = ptr;
- attrib->ulValueLen = len;
-}
-
-/*
- * get a new session on a slot. If we run out of session, use the slot's
- * 'exclusive' session. In this case owner becomes false.
- */
-static CK_SESSION_HANDLE
-pk11_GetNewSession(PK11SlotInfo *slot,PRBool *owner)
-{
- CK_SESSION_HANDLE session;
- *owner = PR_TRUE;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- if ( PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
- slot,pk11_notify,&session) != CKR_OK) {
- *owner = PR_FALSE;
- session = slot->session;
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-
- return session;
-}
-
-static void
-pk11_CloseSession(PK11SlotInfo *slot,CK_SESSION_HANDLE session,PRBool owner)
-{
- if (!owner) return;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- (void) PK11_GETTAB(slot)->C_CloseSession(session);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-}
-
-
-SECStatus
-PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
- CK_ATTRIBUTE *theTemplate, int count,
- PRBool token, CK_OBJECT_HANDLE *objectID)
-{
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- rwsession = session;
- if (rwsession == CK_INVALID_SESSION) {
- if (token) {
- rwsession = PK11_GetRWSession(slot);
- } else {
- rwsession = slot->session;
- PK11_EnterSlotMonitor(slot);
- }
- }
- crv = PK11_GETTAB(slot)->C_CreateObject(rwsession, theTemplate,
- count,objectID);
- if(crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
-
- if (session == CK_INVALID_SESSION) {
- if (token) {
- PK11_RestoreROSession(slot, rwsession);
- } else {
- PK11_ExitSlotMonitor(slot);
- }
- }
-
- return rv;
-}
-
-static void
-pk11_EnterKeyMonitor(PK11SymKey *symKey) {
- if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
- PK11_EnterSlotMonitor(symKey->slot);
-}
-
-static void
-pk11_ExitKeyMonitor(PK11SymKey *symKey) {
- if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
- PK11_ExitSlotMonitor(symKey->slot);
-}
-
-
-static PK11SymKey *
-pk11_getKeyFromList(PK11SlotInfo *slot) {
- PK11SymKey *symKey = NULL;
-
- PK11_USE_THREADS(PZ_Lock(slot->freeListLock);)
- if (slot->freeSymKeysHead) {
- symKey = slot->freeSymKeysHead;
- slot->freeSymKeysHead = symKey->next;
- slot->keyCount--;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->freeListLock);)
- if (symKey) {
- symKey->next = NULL;
- if ((symKey->series != slot->series) || (!symKey->sessionOwner))
- symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
- return symKey;
- }
-
- symKey = (PK11SymKey *)PORT_ZAlloc(sizeof(PK11SymKey));
- if (symKey == NULL) {
- return NULL;
- }
- symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
- symKey->next = NULL;
- return symKey;
-}
-
-void
-PK11_CleanKeyList(PK11SlotInfo *slot)
-{
- PK11SymKey *symKey = NULL;
-
- while (slot->freeSymKeysHead) {
- symKey = slot->freeSymKeysHead;
- slot->freeSymKeysHead = symKey->next;
- pk11_CloseSession(slot, symKey->session,symKey->sessionOwner);
- PORT_Free(symKey);
- };
- return;
-}
-
-/*
- * create a symetric key:
- * Slot is the slot to create the key in.
- * type is the mechainism type
- */
-PK11SymKey *
-PK11_CreateSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, void *wincx)
-{
-
- PK11SymKey *symKey = pk11_getKeyFromList(slot);
-
-
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->type = type;
- symKey->data.data = NULL;
- symKey->data.len = 0;
- symKey->owner = PR_TRUE;
- symKey->objectID = CK_INVALID_HANDLE;
- symKey->slot = slot;
- symKey->series = slot->series;
- symKey->cx = wincx;
- symKey->size = 0;
- symKey->refCount = 1;
- symKey->origin = PK11_OriginNULL;
- symKey->origin = PK11_OriginNULL;
- PK11_ReferenceSlot(slot);
- return symKey;
-}
-
-/*
- * destroy a symetric key
- */
-void
-PK11_FreeSymKey(PK11SymKey *symKey)
-{
- PK11SlotInfo *slot;
- PRBool freeit = PR_TRUE;
-
- if (PR_AtomicDecrement(&symKey->refCount) == 0) {
- if ((symKey->owner) && symKey->objectID != CK_INVALID_HANDLE) {
- pk11_EnterKeyMonitor(symKey);
- (void) PK11_GETTAB(symKey->slot)->
- C_DestroyObject(symKey->session, symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- }
- if (symKey->data.data) {
- PORT_Memset(symKey->data.data, 0, symKey->data.len);
- PORT_Free(symKey->data.data);
- }
- slot = symKey->slot;
- PK11_USE_THREADS(PZ_Lock(slot->freeListLock);)
- if (slot->keyCount < slot->maxKeyCount) {
- symKey->next = slot->freeSymKeysHead;
- slot->freeSymKeysHead = symKey;
- slot->keyCount++;
- symKey->slot = NULL;
- freeit = PR_FALSE;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->freeListLock);)
- if (freeit) {
- pk11_CloseSession(symKey->slot, symKey->session,
- symKey->sessionOwner);
- PORT_Free(symKey);
- }
- PK11_FreeSlot(slot);
- }
-}
-
-PK11SymKey *
-PK11_ReferenceSymKey(PK11SymKey *symKey)
-{
- PR_AtomicIncrement(&symKey->refCount);
- return symKey;
-}
-
-/*
- * turn key handle into an appropriate key object
- */
-PK11SymKey *
-PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent, PK11Origin origin,
- CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID, PRBool owner, void *wincx)
-{
- PK11SymKey *symKey;
-
- if (keyID == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- symKey = PK11_CreateSymKey(slot,type,wincx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->objectID = keyID;
- symKey->origin = origin;
- symKey->owner = owner;
-
- return symKey;
-}
-
-/*
- * turn key handle into an appropriate key object
- */
-PK11SymKey *
-PK11_GetWrapKey(PK11SlotInfo *slot, int wrap, CK_MECHANISM_TYPE type,
- int series, void *wincx)
-{
- PK11SymKey *symKey = NULL;
-
- if (slot->series != series) return NULL;
- if (slot->refKeys[wrap] == CK_INVALID_HANDLE) return NULL;
- if (type == CKM_INVALID_MECHANISM) type = slot->wrapMechanism;
-
- symKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
- slot->wrapMechanism, slot->refKeys[wrap], PR_FALSE, wincx);
- return symKey;
-}
-
-void
-PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey)
-{
- /* save the handle and mechanism for the wrapping key */
- /* mark the key and session as not owned by us to they don't get freed
- * when the key goes way... that lets us reuse the key later */
- slot->refKeys[wrap] = wrapKey->objectID;
- wrapKey->owner = PR_FALSE;
- wrapKey->sessionOwner = PR_FALSE;
- slot->wrapMechanism = wrapKey->type;
-}
-
-CK_MECHANISM_TYPE
-PK11_GetMechanism(PK11SymKey *symKey)
-{
- return symKey->type;
-}
-
-/*
- * figure out if a key is still valid or if it is stale.
- */
-PRBool
-PK11_VerifyKeyOK(PK11SymKey *key) {
- if (!PK11_IsPresent(key->slot)) {
- return PR_FALSE;
- }
- return (PRBool)(key->series == key->slot->series);
-}
-
-#define MAX_TEMPL_ATTRS 16 /* maximum attributes in template */
-
-/* This mask includes all CK_FLAGs with an equivalent CKA_ attribute. */
-#define CKF_KEY_OPERATION_FLAGS 0x000e7b00UL
-
-static unsigned int
-pk11_FlagsToAttributes(CK_FLAGS flags, CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue)
-{
-
- const static CK_ATTRIBUTE_TYPE attrTypes[12] = {
- CKA_ENCRYPT, CKA_DECRYPT, 0 /* DIGEST */, CKA_SIGN,
- CKA_SIGN_RECOVER, CKA_VERIFY, CKA_VERIFY_RECOVER, 0 /* GEN */,
- 0 /* GEN PAIR */, CKA_WRAP, CKA_UNWRAP, CKA_DERIVE
- };
-
- const CK_ATTRIBUTE_TYPE *pType = attrTypes;
- CK_ATTRIBUTE *attr = attrs;
- CK_FLAGS test = CKF_ENCRYPT;
-
-
- PR_ASSERT(!(flags & ~CKF_KEY_OPERATION_FLAGS));
- flags &= CKF_KEY_OPERATION_FLAGS;
-
- for (; flags && test <= CKF_DERIVE; test <<= 1, ++pType) {
- if (test & flags) {
- flags ^= test;
- PK11_SETATTRS(attr, *pType, ckTrue, sizeof *ckTrue);
- ++attr;
- }
- }
- return (attr - attrs);
-}
-
-static PK11SymKey *
-pk11_ImportSymKeyWithTempl(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE *keyTemplate,
- unsigned int templateCount, SECItem *key, void *wincx)
-{
- PK11SymKey * symKey;
- SECStatus rv;
-
- symKey = PK11_CreateSymKey(slot,type,wincx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->size = key->len;
-
- PK11_SETATTRS(&keyTemplate[templateCount], CKA_VALUE, key->data, key->len);
- templateCount++;
-
- if (SECITEM_CopyItem(NULL,&symKey->data,key) != SECSuccess) {
- PK11_FreeSymKey(symKey);
- return NULL;
- }
-
- symKey->origin = origin;
-
- /* import the keys */
- rv = PK11_CreateNewObject(slot, symKey->session, keyTemplate,
- templateCount, PR_FALSE, &symKey->objectID);
- if ( rv != SECSuccess) {
- PK11_FreeSymKey(symKey);
- return NULL;
- }
-
- return symKey;
-}
-
-/*
- * turn key bits into an appropriate key object
- */
-PK11SymKey *
-PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,void *wincx)
-{
- PK11SymKey * symKey;
- unsigned int templateCount = 0;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_BBOOL cktrue = CK_TRUE; /* sigh */
- CK_ATTRIBUTE keyTemplate[5];
- CK_ATTRIBUTE * attrs = keyTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount+1 <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
- keyType = PK11_GetKeyType(type,key->len);
- symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, keyTemplate,
- templateCount, key, wincx);
- return symKey;
-}
-
-
-/*
- * turn key bits into an appropriate key object
- */
-PK11SymKey *
-PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
- CK_FLAGS flags, PRBool isPerm, void *wincx)
-{
- PK11SymKey * symKey;
- unsigned int templateCount = 0;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_BBOOL cktrue = CK_TRUE; /* sigh */
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- CK_ATTRIBUTE * attrs = keyTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- if (isPerm) {
- PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(keyType) ); attrs++;
- }
- templateCount = attrs - keyTemplate;
- templateCount += pk11_FlagsToAttributes(flags, attrs, &cktrue);
- PR_ASSERT(templateCount+1 <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
- keyType = PK11_GetKeyType(type,key->len);
- symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, keyTemplate,
- templateCount, key, wincx);
- if (isPerm) {
- symKey->owner = PR_FALSE;
- }
- return symKey;
-}
-
-/*
- * import a public key into the desired slot
- */
-CK_OBJECT_HANDLE
-PK11_ImportPublicKey(PK11SlotInfo *slot, SECKEYPublicKey *pubKey,
- PRBool isToken)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_OBJECT_HANDLE objectID;
- CK_ATTRIBUTE theTemplate[10];
- CK_ATTRIBUTE *signedattr = NULL;
- CK_ATTRIBUTE *attrs = theTemplate;
- int signedcount = 0;
- int templateCount = 0;
- SECStatus rv;
-
- /* if we already have an object in the desired slot, use it */
- if (!isToken && pubKey->pkcs11Slot == slot) {
- return pubKey->pkcs11ID;
- }
-
- /* free the existing key */
- if (pubKey->pkcs11Slot != NULL) {
- PK11SlotInfo *oSlot = pubKey->pkcs11Slot;
- PK11_EnterSlotMonitor(oSlot);
- (void) PK11_GETTAB(oSlot)->C_DestroyObject(oSlot->session,
- pubKey->pkcs11ID);
- PK11_ExitSlotMonitor(oSlot);
- PK11_FreeSlot(oSlot);
- pubKey->pkcs11Slot = NULL;
- }
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, isToken ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
-
- /* now import the key */
- {
- switch (pubKey->keyType) {
- case rsaKey:
- keyType = CKK_RSA;
- PK11_SETATTRS(attrs, CKA_WRAP, &cktrue, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_ENCRYPT, &cktrue,
- sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL)); attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_MODULUS, pubKey->u.rsa.modulus.data,
- pubKey->u.rsa.modulus.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
- pubKey->u.rsa.publicExponent.data,
- pubKey->u.rsa.publicExponent.len); attrs++;
- break;
- case dsaKey:
- keyType = CKK_DSA;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.dsa.params.prime.data,
- pubKey->u.dsa.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,pubKey->u.dsa.params.subPrime.data,
- pubKey->u.dsa.params.subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.dsa.params.base.data,
- pubKey->u.dsa.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dsa.publicValue.data,
- pubKey->u.dsa.publicValue.len); attrs++;
- break;
- case fortezzaKey:
- keyType = CKK_DSA;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME,pubKey->u.fortezza.params.prime.data,
- pubKey->u.fortezza.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,
- pubKey->u.fortezza.params.subPrime.data,
- pubKey->u.fortezza.params.subPrime.len);attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.fortezza.params.base.data,
- pubKey->u.fortezza.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.fortezza.DSSKey.data,
- pubKey->u.fortezza.DSSKey.len); attrs++;
- break;
- case dhKey:
- keyType = CKK_DH;
- PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.dh.prime.data,
- pubKey->u.dh.prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.dh.base.data,
- pubKey->u.dh.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len); attrs++;
- break;
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- keyType = CKK_EC;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_EC_PARAMS,
- pubKey->u.ec.DEREncodedParams.data,
- pubKey->u.ec.DEREncodedParams.len); attrs++;
- PK11_SETATTRS(attrs, CKA_EC_POINT, pubKey->u.ec.publicValue.data,
- pubKey->u.ec.publicValue.len); attrs++;
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return CK_INVALID_HANDLE;
- }
-
- templateCount = attrs - theTemplate;
- signedcount = attrs - signedattr;
- PORT_Assert(templateCount <= (sizeof(theTemplate)/sizeof(CK_ATTRIBUTE)));
- for (attrs=signedattr; signedcount; attrs++, signedcount--) {
- pk11_SignedToUnsigned(attrs);
- }
- rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, theTemplate,
- templateCount, isToken, &objectID);
- if ( rv != SECSuccess) {
- return CK_INVALID_HANDLE;
- }
- }
-
- pubKey->pkcs11ID = objectID;
- pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
-
- return objectID;
-}
-
-
-/*
- * return the slot associated with a symetric key
- */
-PK11SlotInfo *
-PK11_GetSlotFromKey(PK11SymKey *symKey)
-{
- return PK11_ReferenceSlot(symKey->slot);
-}
-
-PK11SymKey *
-PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *keyID,
- void *wincx)
-{
- CK_ATTRIBUTE findTemp[4];
- CK_ATTRIBUTE *attrs;
- CK_BBOOL ckTrue = CK_TRUE;
- CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
- int tsize = 0;
- CK_OBJECT_HANDLE key_id;
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
- if (keyID) {
- PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len); attrs++;
- }
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- key_id = pk11_FindObjectByTemplate(slot,findTemp,tsize);
- if (key_id == CK_INVALID_HANDLE) {
- return NULL;
- }
- return PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive, type, key_id,
- PR_FALSE, wincx);
-}
-
-PK11SymKey *
-PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
-{
- CK_ATTRIBUTE findTemp[4];
- CK_ATTRIBUTE *attrs;
- CK_BBOOL ckTrue = CK_TRUE;
- CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
- int tsize = 0;
- int objCount = 0;
- CK_OBJECT_HANDLE *key_ids;
- PK11SymKey *nextKey = NULL;
- PK11SymKey *topKey = NULL;
- int i,len;
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
- if (nickname) {
- len = PORT_Strlen(nickname)-1;
- PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
- }
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
- if (key_ids == NULL) {
- return NULL;
- }
-
- for (i=0; i < objCount ; i++) {
- nextKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
- CKM_INVALID_MECHANISM, key_ids[i], PR_FALSE, wincx);
- if (nextKey) {
- nextKey->next = topKey;
- topKey = nextKey;
- }
- }
- PORT_Free(key_ids);
- return topKey;
-}
-
-void *
-PK11_GetWindow(PK11SymKey *key)
-{
- return key->cx;
-}
-
-
-/*
- * extract a symetric key value. NOTE: if the key is sensitive, we will
- * not be able to do this operation. This function is used to move
- * keys from one token to another */
-SECStatus
-PK11_ExtractKeyValue(PK11SymKey *symKey)
-{
- SECStatus rv;
-
- if (symKey->data.data != NULL) {
- if (symKey->size == 0) {
- symKey->size = symKey->data.len;
- }
- return SECSuccess;
- }
-
- if (symKey->slot == NULL) {
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return SECFailure;
- }
-
- rv = PK11_ReadAttribute(symKey->slot,symKey->objectID,CKA_VALUE,NULL,
- &symKey->data);
- if (rv == SECSuccess) {
- symKey->size = symKey->data.len;
- }
- return rv;
-}
-
-SECStatus
-PK11_DeleteTokenSymKey(PK11SymKey *symKey)
-{
- if (!PK11_IsPermObject(symKey->slot, symKey->objectID)) {
- return SECFailure;
- }
- PK11_DestroyTokenObject(symKey->slot,symKey->objectID);
- symKey->objectID = CK_INVALID_HANDLE;
- return SECSuccess;
-}
-
-SECItem *
-__PK11_GetKeyData(PK11SymKey *symKey)
-{
- return &symKey->data;
-}
-
-SECItem *
-PK11_GetKeyData(PK11SymKey *symKey)
-{
- return __PK11_GetKeyData(symKey);
-}
-
-/*
- * take an attribute and copy it into a secitem
- */
-static CK_RV
-pk11_Attr2SecItem(PRArenaPool *arena, CK_ATTRIBUTE *attr, SECItem *item)
-{
- item->data = NULL;
-
- (void)SECITEM_AllocItem(arena, item, attr->ulValueLen);
- if (item->data == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy(item->data, attr->pValue, item->len);
- return CKR_OK;
-}
-
-/*
- * extract a public key from a slot and id
- */
-SECKEYPublicKey *
-PK11_ExtractPublicKey(PK11SlotInfo *slot,KeyType keyType,CK_OBJECT_HANDLE id)
-{
- CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
- PRArenaPool *arena;
- PRArenaPool *tmp_arena;
- SECKEYPublicKey *pubKey;
- int templateCount = 0;
- CK_KEY_TYPE pk11KeyType;
- CK_RV crv;
- CK_ATTRIBUTE template[8];
- CK_ATTRIBUTE *attrs= template;
- CK_ATTRIBUTE *modulus,*exponent,*base,*prime,*subprime,*value;
-#ifdef NSS_ENABLE_ECC
- CK_ATTRIBUTE *ecparams;
-#endif /* NSS_ENABLE_ECC */
-
- /* if we didn't know the key type, get it */
- if (keyType== nullKey) {
-
- pk11KeyType = PK11_ReadULongAttribute(slot,id,CKA_KEY_TYPE);
- if (pk11KeyType == CK_UNAVAILABLE_INFORMATION) {
- return NULL;
- }
- switch (pk11KeyType) {
- case CKK_RSA:
- keyType = rsaKey;
- break;
- case CKK_DSA:
- keyType = dsaKey;
- break;
- case CKK_DH:
- keyType = dhKey;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKK_EC:
- keyType = ecKey;
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return NULL;
- }
- }
-
-
- /* now we need to create space for the public key */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
- tmp_arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (tmp_arena == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
-
- pubKey = (SECKEYPublicKey *)
- PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if (pubKey == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- PORT_FreeArena (tmp_arena, PR_FALSE);
- return NULL;
- }
-
- pubKey->arena = arena;
- pubKey->keyType = keyType;
- pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
- pubKey->pkcs11ID = id;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass,
- sizeof(keyClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &pk11KeyType,
- sizeof(pk11KeyType) ); attrs++;
- switch (pubKey->keyType) {
- case rsaKey:
- modulus = attrs;
- PK11_SETATTRS(attrs, CKA_MODULUS, NULL, 0); attrs++;
- exponent = attrs;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, NULL, 0); attrs++;
-
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_RSA)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
- crv = pk11_Attr2SecItem(arena,modulus,&pubKey->u.rsa.modulus);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,exponent,&pubKey->u.rsa.publicExponent);
- if (crv != CKR_OK) break;
- break;
- case dsaKey:
- prime = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0); attrs++;
- subprime = attrs;
- PK11_SETATTRS(attrs, CKA_SUBPRIME, NULL, 0); attrs++;
- base = attrs;
- PK11_SETATTRS(attrs, CKA_BASE, NULL, 0); attrs++;
- value = attrs;
- PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0); attrs++;
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DSA)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
- crv = pk11_Attr2SecItem(arena,prime,&pubKey->u.dsa.params.prime);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,subprime,&pubKey->u.dsa.params.subPrime);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,base,&pubKey->u.dsa.params.base);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,value,&pubKey->u.dsa.publicValue);
- if (crv != CKR_OK) break;
- break;
- case dhKey:
- prime = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0); attrs++;
- base = attrs;
- PK11_SETATTRS(attrs, CKA_BASE, NULL, 0); attrs++;
- value =attrs;
- PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0); attrs++;
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DH)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
- crv = pk11_Attr2SecItem(arena,prime,&pubKey->u.dh.prime);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,base,&pubKey->u.dh.base);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,value,&pubKey->u.dh.publicValue);
- if (crv != CKR_OK) break;
- break;
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- pubKey->u.ec.size = 0;
- ecparams = attrs;
- PK11_SETATTRS(attrs, CKA_EC_PARAMS, NULL, 0); attrs++;
- value =attrs;
- PK11_SETATTRS(attrs, CKA_EC_POINT, NULL, 0); attrs++;
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_EC)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
-
- crv = pk11_Attr2SecItem(arena,ecparams,
- &pubKey->u.ec.DEREncodedParams);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,value,&pubKey->u.ec.publicValue);
- if (crv != CKR_OK) break;
- break;
-#endif /* NSS_ENABLE_ECC */
- case fortezzaKey:
- case nullKey:
- default:
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
-
- PORT_FreeArena(tmp_arena,PR_FALSE);
-
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- PK11_FreeSlot(slot);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- return pubKey;
-}
-
-/*
- * Build a Private Key structure from raw PKCS #11 information.
- */
-SECKEYPrivateKey *
-PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
- PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx)
-{
- PRArenaPool *arena;
- SECKEYPrivateKey *privKey;
-
- /* don't know? look it up */
- if (keyType == nullKey) {
- CK_KEY_TYPE pk11Type = CKK_RSA;
-
- pk11Type = PK11_ReadULongAttribute(slot,privID,CKA_KEY_TYPE);
- isTemp = (PRBool)!PK11_HasAttributeSet(slot,privID,CKA_TOKEN);
- switch (pk11Type) {
- case CKK_RSA: keyType = rsaKey; break;
- case CKK_DSA: keyType = dsaKey; break;
- case CKK_DH: keyType = dhKey; break;
- case CKK_KEA: keyType = fortezzaKey; break;
-#ifdef NSS_ENABLE_ECC
- case CKK_EC: keyType = ecKey; break;
-#endif /* NSS_ENABLE_ECC */
- default:
- break;
- }
- }
-
- /* now we need to create space for the private key */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
-
- privKey = (SECKEYPrivateKey *)
- PORT_ArenaZAlloc(arena, sizeof(SECKEYPrivateKey));
- if (privKey == NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
- }
-
- privKey->arena = arena;
- privKey->keyType = keyType;
- privKey->pkcs11Slot = PK11_ReferenceSlot(slot);
- privKey->pkcs11ID = privID;
- privKey->pkcs11IsTemp = isTemp;
- privKey->wincx = wincx;
-
- return privKey;
-}
-
-/* return the keylength if possible. '0' if not */
-unsigned int
-PK11_GetKeyLength(PK11SymKey *key)
-{
- CK_KEY_TYPE keyType;
-
- if (key->size != 0) return key->size;
-
- /* First try to figure out the key length from its type */
- keyType = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_KEY_TYPE);
- switch (keyType) {
- case CKK_DES: key->size = 8; break;
- case CKK_DES2: key->size = 16; break;
- case CKK_DES3: key->size = 24; break;
- case CKK_SKIPJACK: key->size = 10; break;
- case CKK_BATON: key->size = 20; break;
- case CKK_JUNIPER: key->size = 20; break;
- case CKK_GENERIC_SECRET:
- if (key->type == CKM_SSL3_PRE_MASTER_KEY_GEN) {
- key->size=48;
- }
- break;
- default: break;
- }
- if( key->size != 0 ) return key->size;
-
- if (key->data.data == NULL) {
- PK11_ExtractKeyValue(key);
- }
- /* key is probably secret. Look up its length */
- /* this is new PKCS #11 version 2.0 functionality. */
- if (key->size == 0) {
- CK_ULONG keyLength;
-
- keyLength = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_VALUE_LEN);
- if (keyLength != CK_UNAVAILABLE_INFORMATION) {
- key->size = (unsigned int)keyLength;
- }
- }
-
- return key->size;
-}
-
-/* return the strength of a key. This is different from length in that
- * 1) it returns the size in bits, and 2) it returns only the secret portions
- * of the key minus any checksums or parity.
- */
-unsigned int
-PK11_GetKeyStrength(PK11SymKey *key, SECAlgorithmID *algid)
-{
- int size=0;
- CK_MECHANISM_TYPE mechanism= CKM_INVALID_MECHANISM; /* RC2 only */
- SECItem *param = NULL; /* RC2 only */
- CK_RC2_CBC_PARAMS *rc2_params = NULL; /* RC2 ONLY */
- unsigned int effectiveBits = 0; /* RC2 ONLY */
-
- switch (PK11_GetKeyType(key->type,0)) {
- case CKK_CDMF:
- return 40;
- case CKK_DES:
- return 56;
- case CKK_DES3:
- case CKK_DES2:
- size = PK11_GetKeyLength(key);
- if (size == 16) {
- /* double des */
- return 112; /* 16*7 */
- }
- return 168;
- /*
- * RC2 has is different than other ciphers in that it allows the user
- * to deprecating keysize while still requiring all the bits for the
- * original key. The info
- * on what the effective key strength is in the parameter for the key.
- * In S/MIME this parameter is stored in the DER encoded algid. In Our
- * other uses of RC2, effectiveBits == keyBits, so this code functions
- * correctly without an algid.
- */
- case CKK_RC2:
- /* if no algid was provided, fall through to default */
- if (!algid) {
- break;
- }
- /* verify that the algid is for RC2 */
- mechanism = PK11_AlgtagToMechanism(SECOID_GetAlgorithmTag(algid));
- if ((mechanism != CKM_RC2_CBC) && (mechanism != CKM_RC2_ECB)) {
- break;
- }
-
- /* now get effective bits from the algorithm ID. */
- param = PK11_ParamFromAlgid(algid);
- /* if we couldn't get memory just use key length */
- if (param == NULL) {
- break;
- }
-
- rc2_params = (CK_RC2_CBC_PARAMS *) param->data;
- /* paranoia... shouldn't happen */
- PORT_Assert(param->data != NULL);
- if (param->data == NULL) {
- SECITEM_FreeItem(param,PR_TRUE);
- break;
- }
- effectiveBits = (unsigned int)rc2_params->ulEffectiveBits;
- SECITEM_FreeItem(param,PR_TRUE);
- param = NULL; rc2_params=NULL; /* paranoia */
-
- /* we have effective bits, is and allocated memory is free, now
- * we need to return the smaller of effective bits and keysize */
- size = PK11_GetKeyLength(key);
- if ((unsigned int)size*8 > effectiveBits) {
- return effectiveBits;
- }
-
- return size*8; /* the actual key is smaller, the strength can't be
- * greater than the actual key size */
-
- default:
- break;
- }
- return PK11_GetKeyLength(key) * 8;
-}
-
-/* Make a Key type to an appropriate signing/verification mechanism */
-static CK_MECHANISM_TYPE
-pk11_mapSignKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- case fortezzaKey:
- case dsaKey:
- return CKM_DSA;
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- return CKM_ECDSA;
-#endif /* NSS_ENABLE_ECC */
- case dhKey:
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-static CK_MECHANISM_TYPE
-pk11_mapWrapKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- /* Add fortezza?? */
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-/*
- * Some non-compliant PKCS #11 vendors do not give us the modulus, so actually
- * set up a signature to get the signaure length.
- */
-static int
-pk11_backupGetSignLength(SECKEYPrivateKey *key)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_ULONG len;
- CK_RV crv;
- unsigned char h_data[20] = { 0 };
- unsigned char buf[20]; /* obviously to small */
- CK_ULONG smallLen = sizeof(buf);
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
- len = 0;
- crv = PK11_GETTAB(slot)->C_Sign(session,h_data,sizeof(h_data),
- NULL, &len);
- /* now call C_Sign with too small a buffer to clear the session state */
- (void) PK11_GETTAB(slot)->
- C_Sign(session,h_data,sizeof(h_data),buf,&smallLen);
-
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
- return len;
-}
-/*
- * get the length of a signature object based on the key
- */
-int
-PK11_SignatureLen(SECKEYPrivateKey *key)
-{
- int val;
-
- switch (key->keyType) {
- case rsaKey:
- val = PK11_GetPrivateModulusLen(key);
- if (val == -1) {
- return pk11_backupGetSignLength(key);
- }
- return (unsigned long) val;
-
- case fortezzaKey:
- case dsaKey:
- return 40;
-
- default:
- break;
- }
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return 0;
-}
-
-PK11SlotInfo *
-PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- slot = PK11_ReferenceSlot(slot);
- return slot;
-}
-
-/*
- * Get the modulus length for raw parsing
- */
-int
-PK11_GetPrivateModulusLen(SECKEYPrivateKey *key)
-{
- CK_ATTRIBUTE theTemplate = { CKA_MODULUS, NULL, 0 };
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_RV crv;
- int length;
-
- switch (key->keyType) {
- case rsaKey:
- crv = PK11_GetAttributes(NULL, slot, key->pkcs11ID, &theTemplate, 1);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
- length = theTemplate.ulValueLen;
- if ( *(unsigned char *)theTemplate.pValue == 0) {
- length--;
- }
- if (theTemplate.pValue != NULL)
- PORT_Free(theTemplate.pValue);
- return (int) length;
-
- case fortezzaKey:
- case dsaKey:
- case dhKey:
- default:
- break;
- }
- if (theTemplate.pValue != NULL)
- PORT_Free(theTemplate.pValue);
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return -1;
-}
-
-/*
- * copy a key (or any other object) on a token
- */
-CK_OBJECT_HANDLE
-PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject)
-{
- CK_OBJECT_HANDLE destObject;
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_CopyObject(slot->session,srcObject,NULL,0,
- &destObject);
- PK11_ExitSlotMonitor(slot);
- if (crv == CKR_OK) return destObject;
- PORT_SetError( PK11_MapError(crv) );
- return CK_INVALID_HANDLE;
-}
-
-
-PK11SymKey *
-pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
-
-/*
- * The next two utilities are to deal with the fact that a given operation
- * may be a multi-slot affair. This creates a new key object that is copied
- * into the new slot.
- */
-PK11SymKey *
-pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
-{
- SECStatus rv;
- PK11SymKey *newKey = NULL;
-
- /* Extract the raw key data if possible */
- if (symKey->data.data == NULL) {
- rv = PK11_ExtractKeyValue(symKey);
- /* KEY is sensitive, we're try key exchanging it. */
- if (rv != SECSuccess) {
- return pk11_KeyExchange(slot, type, operation, symKey);
- }
- }
- newKey = PK11_ImportSymKey(slot, type, symKey->origin, operation,
- &symKey->data, symKey->cx);
- if (newKey == NULL) newKey = pk11_KeyExchange(slot,type,operation,symKey);
- return newKey;
-}
-
-/*
- * Make sure the slot we are in the correct slot for the operation
- */
-static PK11SymKey *
-pk11_ForceSlot(PK11SymKey *symKey,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation)
-{
- PK11SlotInfo *slot = symKey->slot;
- PK11SymKey *newKey = NULL;
-
- if ((slot== NULL) || !PK11_DoesMechanism(slot,type)) {
- slot = PK11_GetBestSlot(type,symKey->cx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- newKey = pk11_CopyToSlot(slot, type, operation, symKey);
- PK11_FreeSlot(slot);
- }
- return newKey;
-}
-
-/*
- * Use the token to Generate a key. keySize must be 'zero' for fixed key
- * length algorithms. NOTE: this means we can never generate a DES2 key
- * from this interface!
- */
-PK11SymKey *
-PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
- int keySize, SECItem *keyid, PRBool isToken, void *wincx)
-{
- PK11SymKey *symKey;
- CK_ATTRIBUTE genTemplate[6];
- CK_ATTRIBUTE *attrs = genTemplate;
- int count = sizeof(genTemplate)/sizeof(genTemplate[0]);
- CK_SESSION_HANDLE session;
- CK_MECHANISM mechanism;
- CK_RV crv;
- PRBool weird = PR_FALSE; /* hack for fortezza */
- CK_BBOOL cktrue = CK_TRUE;
- CK_ULONG ck_key_size; /* only used for variable-length keys */
-
- if ((keySize == -1) && (type == CKM_SKIPJACK_CBC64)) {
- weird = PR_TRUE;
- keySize = 0;
- }
-
- /* TNH: Isn't this redundant, since "handleKey" will set defaults? */
- PK11_SETATTRS(attrs, (!weird)
- ? CKA_ENCRYPT : CKA_DECRYPT, &cktrue, sizeof(CK_BBOOL)); attrs++;
-
- if (keySize != 0) {
- ck_key_size = keySize; /* Convert to PK11 type */
-
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &ck_key_size, sizeof(ck_key_size));
- attrs++;
- }
-
- /* Include key id value if provided */
- if (keyid) {
- PK11_SETATTRS(attrs, CKA_ID, keyid->data, keyid->len); attrs++;
- }
-
- if (isToken) {
- PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE, &cktrue, sizeof(cktrue)); attrs++;
- }
-
- PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(cktrue)); attrs++;
-
- count = attrs - genTemplate;
- PR_ASSERT(count <= sizeof(genTemplate)/sizeof(CK_ATTRIBUTE));
-
- /* find a slot to generate the key into */
- /* Only do slot management if this is not a token key */
- if (!isToken && (slot == NULL || !PK11_DoesMechanism(slot,type))) {
- PK11SlotInfo *bestSlot;
-
- bestSlot = PK11_GetBestSlot(type,wincx); /* TNH: references the slot? */
- if (bestSlot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- symKey = PK11_CreateSymKey(bestSlot,type,wincx);
-
- PK11_FreeSlot(bestSlot);
- } else {
- symKey = PK11_CreateSymKey(slot, type, wincx);
- }
- if (symKey == NULL) return NULL;
-
- symKey->size = keySize;
- symKey->origin = (!weird) ? PK11_OriginGenerated : PK11_OriginFortezzaHack;
-
- /* Initialize the Key Gen Mechanism */
- mechanism.mechanism = PK11_GetKeyGen(type);
- if (mechanism.mechanism == CKM_FAKE_RANDOM) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- /* Set the parameters for the key gen if provided */
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- }
-
- /* Get session and perform locking */
- if (isToken) {
- PK11_Authenticate(symKey->slot,PR_TRUE,wincx);
- session = PK11_GetRWSession(symKey->slot); /* Should always be original slot */
- symKey->owner = PR_FALSE;
- } else {
- session = symKey->session;
- pk11_EnterKeyMonitor(symKey);
- }
-
- crv = PK11_GETTAB(symKey->slot)->C_GenerateKey(session,
- &mechanism, genTemplate, count, &symKey->objectID);
-
- /* Release lock and session */
- if (isToken) {
- PK11_RestoreROSession(symKey->slot, session);
- } else {
- pk11_ExitKeyMonitor(symKey);
- }
-
- if (crv != CKR_OK) {
- PK11_FreeSymKey(symKey);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- return symKey;
-}
-
-PK11SymKey *
-PK11_KeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
- int keySize, void *wincx)
-{
- return PK11_TokenKeyGen(slot, type, param, keySize, 0, PR_FALSE, wincx);
-}
-
-/* --- */
-PK11SymKey *
-PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx)
-{
- return PK11_TokenKeyGen(slot, CKM_DES3_CBC, 0, 0, keyid, PR_TRUE, cx);
-}
-
-/*
- * PKCS #11 pairwise consistency check utilized to validate key pair.
- */
-static SECStatus
-pk11_PairwiseConsistencyCheck(SECKEYPublicKey *pubKey,
- SECKEYPrivateKey *privKey, CK_MECHANISM *mech, void* wincx )
-{
- /* Variables used for Encrypt/Decrypt functions. */
- unsigned char *known_message = (unsigned char *)"Known Crypto Message";
- CK_BBOOL isEncryptable = CK_FALSE;
- CK_BBOOL canSignVerify = CK_FALSE;
- CK_BBOOL isDerivable = CK_FALSE;
- unsigned char plaintext[PAIRWISE_MESSAGE_LENGTH];
- CK_ULONG bytes_decrypted;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE id;
- unsigned char *ciphertext;
- unsigned char *text_compared;
- CK_ULONG max_bytes_encrypted;
- CK_ULONG bytes_encrypted;
- CK_ULONG bytes_compared;
- CK_RV crv;
-
- /* Variables used for Signature/Verification functions. */
- unsigned char *known_digest = (unsigned char *)"Mozilla Rules World!";
- SECItem signature;
- SECItem digest; /* always uses SHA-1 digest */
- int signature_length;
- SECStatus rv;
-
- /**************************************************/
- /* Pairwise Consistency Check of Encrypt/Decrypt. */
- /**************************************************/
-
- isEncryptable = PK11_HasAttributeSet( privKey->pkcs11Slot,
- privKey->pkcs11ID, CKA_DECRYPT );
-
- /* If the encryption attribute is set; attempt to encrypt */
- /* with the public key and decrypt with the private key. */
- if( isEncryptable ) {
- /* Find a module to encrypt against */
- slot = PK11_GetBestSlot(pk11_mapWrapKeyType(privKey->keyType),wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
-
- id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
- if (id == CK_INVALID_HANDLE) {
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Compute max bytes encrypted from modulus length of private key. */
- max_bytes_encrypted = PK11_GetPrivateModulusLen( privKey );
-
-
- /* Prepare for encryption using the public key. */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB( slot )->C_EncryptInit( slot->session,
- mech, id );
- if( crv != CKR_OK ) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError( crv ) );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Allocate space for ciphertext. */
- ciphertext = (unsigned char *) PORT_Alloc( max_bytes_encrypted );
- if( ciphertext == NULL ) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Initialize bytes encrypted to max bytes encrypted. */
- bytes_encrypted = max_bytes_encrypted;
-
- /* Encrypt using the public key. */
- crv = PK11_GETTAB( slot )->C_Encrypt( slot->session,
- known_message,
- PAIRWISE_MESSAGE_LENGTH,
- ciphertext,
- &bytes_encrypted );
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- if( crv != CKR_OK ) {
- PORT_SetError( PK11_MapError( crv ) );
- PORT_Free( ciphertext );
- return SECFailure;
- }
-
- /* Always use the smaller of these two values . . . */
- bytes_compared = ( bytes_encrypted > PAIRWISE_MESSAGE_LENGTH )
- ? PAIRWISE_MESSAGE_LENGTH
- : bytes_encrypted;
-
- /* If there was a failure, the plaintext */
- /* goes at the end, therefore . . . */
- text_compared = ( bytes_encrypted > PAIRWISE_MESSAGE_LENGTH )
- ? (ciphertext + bytes_encrypted -
- PAIRWISE_MESSAGE_LENGTH )
- : ciphertext;
-
- /* Check to ensure that ciphertext does */
- /* NOT EQUAL known input message text */
- /* per FIPS PUB 140-1 directive. */
- if( ( bytes_encrypted != max_bytes_encrypted ) ||
- ( PORT_Memcmp( text_compared, known_message,
- bytes_compared ) == 0 ) ) {
- /* Set error to Invalid PRIVATE Key. */
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- PORT_Free( ciphertext );
- return SECFailure;
- }
-
- slot = privKey->pkcs11Slot;
- /* Prepare for decryption using the private key. */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB( slot )->C_DecryptInit( slot->session,
- mech,
- privKey->pkcs11ID );
- if( crv != CKR_OK ) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- PORT_Free( ciphertext );
- return SECFailure;
- }
-
- /* Initialize bytes decrypted to be the */
- /* expected PAIRWISE_MESSAGE_LENGTH. */
- bytes_decrypted = PAIRWISE_MESSAGE_LENGTH;
-
- /* Decrypt using the private key. */
- /* NOTE: No need to reset the */
- /* value of bytes_encrypted. */
- crv = PK11_GETTAB( slot )->C_Decrypt( slot->session,
- ciphertext,
- bytes_encrypted,
- plaintext,
- &bytes_decrypted );
- PK11_ExitSlotMonitor(slot);
-
- /* Finished with ciphertext; free it. */
- PORT_Free( ciphertext );
-
- if( crv != CKR_OK ) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- /* Check to ensure that the output plaintext */
- /* does EQUAL known input message text. */
- if( ( bytes_decrypted != PAIRWISE_MESSAGE_LENGTH ) ||
- ( PORT_Memcmp( plaintext, known_message,
- PAIRWISE_MESSAGE_LENGTH ) != 0 ) ) {
- /* Set error to Bad PUBLIC Key. */
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return SECFailure;
- }
- }
-
- /**********************************************/
- /* Pairwise Consistency Check of Sign/Verify. */
- /**********************************************/
-
- canSignVerify = PK11_HasAttributeSet ( privKey->pkcs11Slot,
- privKey->pkcs11ID, CKA_SIGN);
-
- if (canSignVerify)
- {
- /* Initialize signature and digest data. */
- signature.data = NULL;
- digest.data = NULL;
-
- /* Determine length of signature. */
- signature_length = PK11_SignatureLen( privKey );
- if( signature_length == 0 )
- goto failure;
-
- /* Allocate space for signature data. */
- signature.data = (unsigned char *) PORT_Alloc( signature_length );
- if( signature.data == NULL ) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- goto failure;
- }
-
- /* Allocate space for known digest data. */
- digest.data = (unsigned char *) PORT_Alloc( PAIRWISE_DIGEST_LENGTH );
- if( digest.data == NULL ) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- goto failure;
- }
-
- /* "Fill" signature type and length. */
- signature.type = PAIRWISE_SECITEM_TYPE;
- signature.len = signature_length;
-
- /* "Fill" digest with known SHA-1 digest parameters. */
- digest.type = PAIRWISE_SECITEM_TYPE;
- PORT_Memcpy( digest.data, known_digest, PAIRWISE_DIGEST_LENGTH );
- digest.len = PAIRWISE_DIGEST_LENGTH;
-
- /* Sign the known hash using the private key. */
- rv = PK11_Sign( privKey, &signature, &digest );
- if( rv != SECSuccess )
- goto failure;
-
- /* Verify the known hash using the public key. */
- rv = PK11_Verify( pubKey, &signature, &digest, wincx );
- if( rv != SECSuccess )
- goto failure;
-
- /* Free signature and digest data. */
- PORT_Free( signature.data );
- PORT_Free( digest.data );
- }
-
-
-
- /**********************************************/
- /* Pairwise Consistency Check for Derivation */
- /**********************************************/
-
- isDerivable = PK11_HasAttributeSet ( privKey->pkcs11Slot,
- privKey->pkcs11ID, CKA_DERIVE);
-
- if (isDerivable)
- {
- /*
- * We are not doing consistency check for Diffie-Hellman Key -
- * otherwise it would be here
- * This is also true for Elliptic Curve Diffie-Hellman keys
- */
-
- }
-
- return SECSuccess;
-
-failure:
- if( signature.data != NULL )
- PORT_Free( signature.data );
- if( digest.data != NULL )
- PORT_Free( digest.data );
-
- return SECFailure;
-}
-
-
-
-/*
- * take a private key in one pkcs11 module and load it into another:
- * NOTE: the source private key is a rare animal... it can't be sensitive.
- * This is used to do a key gen using one pkcs11 module and storing the
- * result into another.
- */
-SECKEYPrivateKey *
-pk11_loadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive)
-{
- CK_ATTRIBUTE privTemplate[] = {
- /* class must be first */
- { CKA_CLASS, NULL, 0 },
- { CKA_KEY_TYPE, NULL, 0 },
- /* these three must be next */
- { CKA_TOKEN, NULL, 0 },
- { CKA_PRIVATE, NULL, 0 },
- { CKA_SENSITIVE, NULL, 0 },
- { CKA_ID, NULL, 0 },
-#ifdef notdef
- { CKA_LABEL, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
-#endif
- /* RSA */
- { CKA_MODULUS, NULL, 0 },
- { CKA_PRIVATE_EXPONENT, NULL, 0 },
- { CKA_PUBLIC_EXPONENT, NULL, 0 },
- { CKA_PRIME_1, NULL, 0 },
- { CKA_PRIME_2, NULL, 0 },
- { CKA_EXPONENT_1, NULL, 0 },
- { CKA_EXPONENT_2, NULL, 0 },
- { CKA_COEFFICIENT, NULL, 0 },
- };
- CK_ATTRIBUTE *attrs = NULL, *ap;
- int templateSize = sizeof(privTemplate)/sizeof(privTemplate[0]);
- PRArenaPool *arena;
- CK_OBJECT_HANDLE objectID;
- int i, count = 0;
- int extra_count = 0;
- CK_RV crv;
- SECStatus rv;
-
- for (i=0; i < templateSize; i++) {
- if (privTemplate[i].type == CKA_MODULUS) {
- attrs= &privTemplate[i];
- count = i;
- break;
- }
- }
- PORT_Assert(attrs != NULL);
- if (attrs == NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
-
- ap = attrs;
-
- switch (privKey->keyType) {
- case rsaKey:
- count = templateSize;
- extra_count = templateSize - (attrs - privTemplate);
- break;
- case dsaKey:
- ap->type = CKA_PRIME; ap++; count++; extra_count++;
- ap->type = CKA_SUBPRIME; ap++; count++; extra_count++;
- ap->type = CKA_BASE; ap++; count++; extra_count++;
- ap->type = CKA_VALUE; ap++; count++; extra_count++;
- break;
- case dhKey:
- ap->type = CKA_PRIME; ap++; count++; extra_count++;
- ap->type = CKA_BASE; ap++; count++; extra_count++;
- ap->type = CKA_VALUE; ap++; count++; extra_count++;
- break;
- default:
- count = 0;
- extra_count = 0;
- break;
- }
-
- if (count == 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
- /*
- * read out the old attributes.
- */
- crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID,
- privTemplate,count);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
- }
-
- /* Reset sensitive, token, and private */
- *(CK_BBOOL *)(privTemplate[2].pValue) = token ? CK_TRUE : CK_FALSE;
- *(CK_BBOOL *)(privTemplate[3].pValue) = token ? CK_TRUE : CK_FALSE;
- *(CK_BBOOL *)(privTemplate[4].pValue) = sensitive ? CK_TRUE : CK_FALSE;
-
- /* Not everyone can handle zero padded key values, give
- * them the raw data as unsigned */
- for (ap=attrs; extra_count; ap++, extra_count--) {
- pk11_SignedToUnsigned(ap);
- }
-
- /* now Store the puppies */
- rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, privTemplate,
- count, token, &objectID);
- PORT_FreeArena(arena, PR_TRUE);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- /* try loading the public key as a token object */
- if (pubKey) {
- PK11_ImportPublicKey(slot, pubKey, PR_TRUE);
- if (pubKey->pkcs11Slot) {
- PK11_FreeSlot(pubKey->pkcs11Slot);
- pubKey->pkcs11Slot = NULL;
- pubKey->pkcs11ID = CK_INVALID_HANDLE;
- }
- }
-
- /* build new key structure */
- return PK11_MakePrivKey(slot, privKey->keyType, (PRBool)!token,
- objectID, privKey->wincx);
-}
-
-/*
- * export this for PSM
- */
-SECKEYPrivateKey *
-PK11_LoadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive)
-{
- return pk11_loadPrivKey(slot,privKey,pubKey,token,sensitive);
-}
-
-
-/*
- * Use the token to Generate a key. keySize must be 'zero' for fixed key
- * length algorithms. NOTE: this means we can never generate a DES2 key
- * from this interface!
- */
-SECKEYPrivateKey *
-PK11_GenerateKeyPair(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- void *param, SECKEYPublicKey **pubKey, PRBool token,
- PRBool sensitive, void *wincx)
-{
- /* we have to use these native types because when we call PKCS 11 modules
- * we have to make sure that we are using the correct sizes for all the
- * parameters. */
- CK_BBOOL ckfalse = CK_FALSE;
- CK_BBOOL cktrue = CK_TRUE;
- CK_ULONG modulusBits;
- CK_BYTE publicExponent[4];
- CK_ATTRIBUTE privTemplate[] = {
- { CKA_SENSITIVE, NULL, 0},
- { CKA_TOKEN, NULL, 0},
- { CKA_PRIVATE, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_UNWRAP, NULL, 0},
- { CKA_SIGN, NULL, 0},
- { CKA_DECRYPT, NULL, 0},
- };
- CK_ATTRIBUTE rsaPubTemplate[] = {
- { CKA_MODULUS_BITS, NULL, 0},
- { CKA_PUBLIC_EXPONENT, NULL, 0},
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
- CK_ATTRIBUTE dsaPubTemplate[] = {
- { CKA_PRIME, NULL, 0 },
- { CKA_SUBPRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
- CK_ATTRIBUTE dhPubTemplate[] = {
- { CKA_PRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
-#ifdef NSS_ENABLE_ECC
- CK_ATTRIBUTE ecPubTemplate[] = {
- { CKA_EC_PARAMS, NULL, 0 },
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
- int ecPubCount = sizeof(ecPubTemplate)/sizeof(ecPubTemplate[0]);
- SECKEYECParams * ecParams;
-#endif /* NSS_ENABLE_ECC */
-
- int dsaPubCount = sizeof(dsaPubTemplate)/sizeof(dsaPubTemplate[0]);
- /*CK_ULONG key_size = 0;*/
- CK_ATTRIBUTE *pubTemplate;
- int privCount = sizeof(privTemplate)/sizeof(privTemplate[0]);
- int rsaPubCount = sizeof(rsaPubTemplate)/sizeof(rsaPubTemplate[0]);
- int dhPubCount = sizeof(dhPubTemplate)/sizeof(dhPubTemplate[0]);
- int pubCount = 0;
- PK11RSAGenParams *rsaParams;
- SECKEYPQGParams *dsaParams;
- SECKEYDHParams * dhParams;
- CK_MECHANISM mechanism;
- CK_MECHANISM test_mech;
- CK_SESSION_HANDLE session_handle;
- CK_RV crv;
- CK_OBJECT_HANDLE privID,pubID;
- SECKEYPrivateKey *privKey;
- KeyType keyType;
- PRBool restore;
- int peCount,i;
- CK_ATTRIBUTE *attrs;
- CK_ATTRIBUTE *privattrs;
- SECItem *pubKeyIndex;
- CK_ATTRIBUTE setTemplate;
- SECStatus rv;
- CK_MECHANISM_INFO mechanism_info;
- CK_OBJECT_CLASS keyClass;
- SECItem *cka_id;
- PRBool haslock = PR_FALSE;
- PRBool pubIsToken = PR_FALSE;
-
- PORT_Assert(slot != NULL);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE);
- return NULL;
- }
-
- /* if our slot really doesn't do this mechanism, Generate the key
- * in our internal token and write it out */
- if (!PK11_DoesMechanism(slot,type)) {
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- /* don't loop forever looking for a slot */
- if (slot == int_slot) {
- PK11_FreeSlot(int_slot);
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
-
- /* if there isn't a suitable slot, then we can't do the keygen */
- if (int_slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- /* generate the temporary key to load */
- privKey = PK11_GenerateKeyPair(int_slot,type, param, pubKey, PR_FALSE,
- PR_FALSE, wincx);
- PK11_FreeSlot(int_slot);
-
- /* if successful, load the temp key into the new token */
- if (privKey != NULL) {
- SECKEYPrivateKey *newPrivKey = pk11_loadPrivKey(slot,privKey,
- *pubKey,token,sensitive);
- SECKEY_DestroyPrivateKey(privKey);
- if (newPrivKey == NULL) {
- SECKEY_DestroyPublicKey(*pubKey);
- *pubKey = NULL;
- }
- return newPrivKey;
- }
- return NULL;
- }
-
-
- mechanism.mechanism = type;
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- test_mech.pParameter = NULL;
- test_mech.ulParameterLen = 0;
-
- /* set up the private key template */
- privattrs = privTemplate;
- PK11_SETATTRS(privattrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_TOKEN, token ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
-
- /* set up the mechanism specific info */
- switch (type) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- rsaParams = (PK11RSAGenParams *)param;
- modulusBits = rsaParams->keySizeInBits;
- peCount = 0;
-
- /* convert pe to a PKCS #11 string */
- for (i=0; i < 4; i++) {
- if (peCount || (rsaParams->pe &
- ((unsigned long)0xff000000L >> (i*8)))) {
- publicExponent[peCount] =
- (CK_BYTE)((rsaParams->pe >> (3-i)*8) & 0xff);
- peCount++;
- }
- }
- PORT_Assert(peCount != 0);
- attrs = rsaPubTemplate;
- PK11_SETATTRS(attrs, CKA_MODULUS_BITS,
- &modulusBits, sizeof(modulusBits)); attrs++;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
- publicExponent, peCount);attrs++;
- pubTemplate = rsaPubTemplate;
- pubCount = rsaPubCount;
- keyType = rsaKey;
- test_mech.mechanism = CKM_RSA_PKCS;
- break;
- case CKM_DSA_KEY_PAIR_GEN:
- dsaParams = (SECKEYPQGParams *)param;
- attrs = dsaPubTemplate;
- PK11_SETATTRS(attrs, CKA_PRIME, dsaParams->prime.data,
- dsaParams->prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SUBPRIME, dsaParams->subPrime.data,
- dsaParams->subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, dsaParams->base.data,
- dsaParams->base.len); attrs++;
- pubTemplate = dsaPubTemplate;
- pubCount = dsaPubCount;
- keyType = dsaKey;
- test_mech.mechanism = CKM_DSA;
- break;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- dhParams = (SECKEYDHParams *)param;
- attrs = dhPubTemplate;
- PK11_SETATTRS(attrs, CKA_PRIME, dhParams->prime.data,
- dhParams->prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, dhParams->base.data,
- dhParams->base.len); attrs++;
- pubTemplate = dhPubTemplate;
- pubCount = dhPubCount;
- keyType = dhKey;
- test_mech.mechanism = CKM_DH_PKCS_DERIVE;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKM_EC_KEY_PAIR_GEN:
- ecParams = (SECKEYECParams *)param;
- attrs = ecPubTemplate;
- PK11_SETATTRS(attrs, CKA_EC_PARAMS, ecParams->data,
- ecParams->len); attrs++;
- pubTemplate = ecPubTemplate;
- pubCount = ecPubCount;
- keyType = ecKey;
- /* XXX An EC key can be used for other mechanisms too such
- * as CKM_ECDSA and CKM_ECDSA_SHA1. How can we reflect
- * that in test_mech.mechanism so the CKA_SIGN, CKA_VERIFY
- * attributes are set correctly?
- */
- test_mech.mechanism = CKM_ECDH1_DERIVE;
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return NULL;
- }
-
- /* now query the slot to find out how "good" a key we can generate */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
- test_mech.mechanism,&mechanism_info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if ((crv != CKR_OK) || (mechanism_info.flags == 0)) {
- /* must be old module... guess what it should be... */
- switch (test_mech.mechanism) {
- case CKM_RSA_PKCS:
- mechanism_info.flags = (CKF_SIGN | CKF_DECRYPT |
- CKF_WRAP | CKF_VERIFY_RECOVER | CKF_ENCRYPT | CKF_WRAP);;
- break;
- case CKM_DSA:
- mechanism_info.flags = CKF_SIGN | CKF_VERIFY;
- break;
- case CKM_DH_PKCS_DERIVE:
- mechanism_info.flags = CKF_DERIVE;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKM_ECDH1_DERIVE:
- mechanism_info.flags = CKF_DERIVE;
- break;
- case CKM_ECDSA:
- case CKM_ECDSA_SHA1:
- mechanism_info.flags = CKF_SIGN | CKF_VERIFY;
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- break;
- }
- }
- /* set the public key objects */
- PK11_SETATTRS(attrs, CKA_TOKEN, token ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_DERIVE,
- mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_WRAP,
- mechanism_info.flags & CKF_WRAP ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_VERIFY,
- mechanism_info.flags & CKF_VERIFY ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_VERIFY_RECOVER,
- mechanism_info.flags & CKF_VERIFY_RECOVER ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_ENCRYPT,
- mechanism_info.flags & CKF_ENCRYPT? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(privattrs, CKA_DERIVE,
- mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_UNWRAP,
- mechanism_info.flags & CKF_UNWRAP ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_SIGN,
- mechanism_info.flags & CKF_SIGN ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_DECRYPT,
- mechanism_info.flags & CKF_DECRYPT ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
-
- if (token) {
- session_handle = PK11_GetRWSession(slot);
- haslock = PK11_RWSessionHasLock(slot,session_handle);
- restore = PR_TRUE;
- } else {
- PK11_EnterSlotMonitor(slot); /* gross!! */
- session_handle = slot->session;
- restore = PR_FALSE;
- haslock = PR_TRUE;
- }
-
- crv = PK11_GETTAB(slot)->C_GenerateKeyPair(session_handle, &mechanism,
- pubTemplate,pubCount,privTemplate,privCount,&pubID,&privID);
-
-
- if (crv != CKR_OK) {
- if (restore) {
- PK11_RestoreROSession(slot,session_handle);
- } else PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
- /* This locking code is dangerous and needs to be more thought
- * out... the real problem is that we're holding the mutex open this long
- */
- if (haslock) { PK11_ExitSlotMonitor(slot); }
-
- /* swap around the ID's for older PKCS #11 modules */
- keyClass = PK11_ReadULongAttribute(slot,pubID,CKA_CLASS);
- if (keyClass != CKO_PUBLIC_KEY) {
- CK_OBJECT_HANDLE tmp = pubID;
- pubID = privID;
- privID = tmp;
- }
-
- *pubKey = PK11_ExtractPublicKey(slot, keyType, pubID);
- if (*pubKey == NULL) {
- if (restore) {
- /* we may have to restore the mutex so it get's exited properly
- * in RestoreROSession */
- if (haslock) PK11_EnterSlotMonitor(slot);
- PK11_RestoreROSession(slot,session_handle);
- }
- PK11_DestroyObject(slot,pubID);
- PK11_DestroyObject(slot,privID);
- return NULL;
- }
-
- /* set the ID to the public key so we can find it again */
- pubKeyIndex = NULL;
- switch (type) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.rsa.modulus;
- break;
- case CKM_DSA_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.dsa.publicValue;
- break;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.dh.publicValue;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKM_EC_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.ec.publicValue;
- break;
-#endif /* NSS_ENABLE_ECC */
- }
- PORT_Assert(pubKeyIndex != NULL);
-
- cka_id = PK11_MakeIDFromPubKey(pubKeyIndex);
- pubIsToken = (PRBool)PK11_HasAttributeSet(slot,pubID, CKA_TOKEN);
-
- PK11_SETATTRS(&setTemplate, CKA_ID, cka_id->data, cka_id->len);
-
- if (haslock) { PK11_EnterSlotMonitor(slot); }
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, privID,
- &setTemplate, 1);
-
- if (crv == CKR_OK && pubIsToken) {
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, pubID,
- &setTemplate, 1);
- }
-
-
- if (restore) {
- PK11_RestoreROSession(slot,session_handle);
- } else {
- PK11_ExitSlotMonitor(slot);
- }
- SECITEM_FreeItem(cka_id,PR_TRUE);
-
-
- if (crv != CKR_OK) {
- PK11_DestroyObject(slot,pubID);
- PK11_DestroyObject(slot,privID);
- PORT_SetError( PK11_MapError(crv) );
- *pubKey = NULL;
- return NULL;
- }
-
- privKey = PK11_MakePrivKey(slot,keyType,(PRBool)!token,privID,wincx);
- if (privKey == NULL) {
- SECKEY_DestroyPublicKey(*pubKey);
- PK11_DestroyObject(slot,privID);
- *pubKey = NULL;
- return NULL; /* due to pairwise consistency check */
- }
-
- /* Perform PKCS #11 pairwise consistency check. */
- rv = pk11_PairwiseConsistencyCheck( *pubKey, privKey, &test_mech, wincx );
- if( rv != SECSuccess ) {
- SECKEY_DestroyPublicKey( *pubKey );
- SECKEY_DestroyPrivateKey( privKey );
- *pubKey = NULL;
- privKey = NULL;
- return NULL;
- }
-
- return privKey;
-}
-
-/*
- * This function does a straight public key wrap (which only RSA can do).
- * Use PK11_PubGenKey and PK11_WrapSymKey to implement the FORTEZZA and
- * Diffie-Hellman Ciphers. */
-SECStatus
-PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
- PK11SymKey *symKey, SECItem *wrappedKey)
-{
- PK11SlotInfo *slot;
- CK_ULONG len = wrappedKey->len;
- PK11SymKey *newKey = NULL;
- CK_OBJECT_HANDLE id;
- CK_MECHANISM mechanism;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- /* if this slot doesn't support the mechanism, go to a slot that does */
- newKey = pk11_ForceSlot(symKey,type,CKA_ENCRYPT);
- if (newKey != NULL) {
- symKey = newKey;
- }
-
- if ((symKey == NULL) || (symKey->slot == NULL)) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
-
- slot = symKey->slot;
- mechanism.mechanism = pk11_mapWrapKeyType(pubKey->keyType);
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
-
- id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_WrapKey(session,&mechanism,
- id,symKey->objectID,wrappedKey->data,&len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (newKey) {
- PK11_FreeSymKey(newKey);
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- wrappedKey->len = len;
- return SECSuccess;
-}
-
-/*
- * this little function uses the Encrypt function to wrap a key, just in
- * case we have problems with the wrap implementation for a token.
- */
-static SECStatus
-pk11_HandWrap(PK11SymKey *wrappingKey, SECItem *param, CK_MECHANISM_TYPE type,
- SECItem *inKey, SECItem *outKey)
-{
- PK11SlotInfo *slot;
- CK_ULONG len;
- SECItem *data;
- CK_MECHANISM mech;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- slot = wrappingKey->slot;
- /* use NULL IV's for wrapping */
- mech.mechanism = type;
- if (param) {
- mech.pParameter = param->data;
- mech.ulParameterLen = param->len;
- } else {
- mech.pParameter = NULL;
- mech.ulParameterLen = 0;
- }
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,
- wrappingKey->objectID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- /* keys are almost always aligned, but if we get this far,
- * we've gone above and beyond anyway... */
- data = PK11_BlockData(inKey,PK11_GetBlockSize(type,param));
- if (data == NULL) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- len = outKey->len;
- crv = PK11_GETTAB(slot)->C_Encrypt(session,data->data,data->len,
- outKey->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- SECITEM_FreeItem(data,PR_TRUE);
- outKey->len = len;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * This function does a symetric based wrap.
- */
-SECStatus
-PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *param,
- PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey)
-{
- PK11SlotInfo *slot;
- CK_ULONG len = wrappedKey->len;
- PK11SymKey *newKey = NULL;
- SECItem *param_save = NULL;
- CK_MECHANISM mechanism;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
- SECStatus rv;
-
- /* if this slot doesn't support the mechanism, go to a slot that does */
- /* Force symKey and wrappingKey into the same slot */
- if ((wrappingKey->slot == NULL) || (symKey->slot != wrappingKey->slot)) {
- /* first try copying the wrapping Key to the symKey slot */
- if (symKey->slot && PK11_DoesMechanism(symKey->slot,type)) {
- newKey = pk11_CopyToSlot(symKey->slot,type,CKA_WRAP,wrappingKey);
- }
- /* Nope, try it the other way */
- if (newKey == NULL) {
- if (wrappingKey->slot) {
- newKey = pk11_CopyToSlot(wrappingKey->slot,
- symKey->type, CKA_ENCRYPT, symKey);
- }
- /* just not playing... one last thing, can we get symKey's data?
- * If it's possible, we it should already be in the
- * symKey->data.data pointer because pk11_CopyToSlot would have
- * tried to put it there. */
- if (newKey == NULL) {
- /* Can't get symKey's data: Game Over */
- if (symKey->data.data == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
- if (param == NULL) {
- param_save = param = PK11_ParamFromIV(type,NULL);
- }
- rv = pk11_HandWrap(wrappingKey, param, type,
- &symKey->data,wrappedKey);
- if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
- return rv;
- }
- /* we successfully moved the sym Key */
- symKey = newKey;
- } else {
- /* we successfully moved the wrapping Key */
- wrappingKey = newKey;
- }
- }
-
- /* at this point both keys are in the same token */
- slot = wrappingKey->slot;
- mechanism.mechanism = type;
- /* use NULL IV's for wrapping */
- if (param == NULL) {
- param_save = param = PK11_ParamFromIV(type,NULL);
- }
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
-
- len = wrappedKey->len;
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_WrapKey(session, &mechanism,
- wrappingKey->objectID, symKey->objectID,
- wrappedKey->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- rv = SECSuccess;
- if (crv != CKR_OK) {
- /* can't wrap it? try hand wrapping it... */
- do {
- if (symKey->data.data == NULL) {
- rv = PK11_ExtractKeyValue(symKey);
- if (rv != SECSuccess) break;
- }
- rv = pk11_HandWrap(wrappingKey, param, type, &symKey->data,
- wrappedKey);
- } while (PR_FALSE);
- } else {
- wrappedKey->len = len;
- }
- if (newKey) PK11_FreeSymKey(newKey);
- if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
- return rv;
-}
-
-/*
- * This Generates a new key based on a symetricKey
- */
-PK11SymKey *
-PK11_Derive( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, SECItem *param,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize)
-{
- return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
- keySize, NULL, 0);
-}
-
-
-PK11SymKey *
-PK11_DeriveWithFlags( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
- SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize, CK_FLAGS flags)
-{
- CK_BBOOL ckTrue = CK_TRUE;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- unsigned int templateCount;
-
- templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
- return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
- keySize, keyTemplate, templateCount);
-}
-
-static PRBool
-pk11_FindAttrInTemplate(CK_ATTRIBUTE * attr,
- unsigned int numAttrs,
- CK_ATTRIBUTE_TYPE target)
-{
- for (; numAttrs > 0; ++attr, --numAttrs) {
- if (attr->type == target)
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PK11SymKey *
-pk11_DeriveWithTemplate( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
- SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize, CK_ATTRIBUTE *userAttr, unsigned int numAttrs)
-{
- PK11SlotInfo * slot = baseKey->slot;
- PK11SymKey * symKey;
- PK11SymKey * newBaseKey = NULL;
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG valueLen = 0;
- CK_MECHANISM mechanism;
- CK_RV crv;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- CK_ATTRIBUTE * attrs = keyTemplate;
- unsigned int templateCount;
-
- if (numAttrs > MAX_TEMPL_ATTRS) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* first copy caller attributes in. */
- for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
- *attrs++ = *userAttr++;
- }
-
- /* We only add the following attributes to the template if the caller
- ** didn't already supply them.
- */
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
- keyType = PK11_GetKeyType(target, keySize);
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType );
- attrs++;
- }
- if (keySize > 0 &&
- !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
- valueLen = (CK_ULONG)keySize;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
- PK11_SETATTRS(attrs, operation, &cktrue, sizeof cktrue); attrs++;
- }
-
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= MAX_TEMPL_ATTRS);
-
- /* move the key to a slot that can do the function */
- if (!PK11_DoesMechanism(slot,derive)) {
- /* get a new base key & slot */
- PK11SlotInfo *newSlot = PK11_GetBestSlot(derive, baseKey->cx);
-
- if (newSlot == NULL) return NULL;
-
- newBaseKey = pk11_CopyToSlot (newSlot, derive, CKA_DERIVE,
- baseKey);
- PK11_FreeSlot(newSlot);
- if (newBaseKey == NULL) return NULL;
- baseKey = newBaseKey;
- slot = baseKey->slot;
- }
-
-
- /* get our key Structure */
- symKey = PK11_CreateSymKey(slot,target,baseKey->cx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->size = keySize;
-
- mechanism.mechanism = derive;
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
- symKey->origin=PK11_OriginDerive;
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
- baseKey->objectID, keyTemplate, templateCount, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
-
- if (newBaseKey) PK11_FreeSymKey(newBaseKey);
- if (crv != CKR_OK) {
- PK11_FreeSymKey(symKey);
- return NULL;
- }
- return symKey;
-}
-
-/* build a public KEA key from the public value */
-SECKEYPublicKey *
-PK11_MakeKEAPubKey(unsigned char *keyData,int length)
-{
- SECKEYPublicKey *pubk;
- SECItem pkData;
- SECStatus rv;
- PRArenaPool *arena;
-
- pkData.data = keyData;
- pkData.len = length;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- pubk->arena = arena;
- pubk->pkcs11Slot = 0;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
- pubk->keyType = fortezzaKey;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.KEAKey, &pkData);
- if (rv != SECSuccess) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
- return pubk;
-}
-
-
-/*
- * This Generates a wrapping key based on a privateKey, publicKey, and two
- * random numbers. For Mail usage RandomB should be NULL. In the Sender's
- * case RandomA is generate, outherwize it is passed.
- */
-static unsigned char *rb_email = NULL;
-
-PK11SymKey *
-PK11_PubDerive(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
- PRBool isSender, SECItem *randomA, SECItem *randomB,
- CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx)
-{
- PK11SlotInfo *slot = privKey->pkcs11Slot;
- CK_MECHANISM mechanism;
- PK11SymKey *symKey;
- CK_RV crv;
-
-
- if (rb_email == NULL) {
- rb_email = PORT_ZAlloc(128);
- if (rb_email == NULL) {
- return NULL;
- }
- rb_email[127] = 1;
- }
-
- /* get our key Structure */
- symKey = PK11_CreateSymKey(slot,target,wincx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->origin = PK11_OriginDerive;
-
- switch (privKey->keyType) {
- case rsaKey:
- case nullKey:
- PORT_SetError(SEC_ERROR_BAD_KEY);
- break;
- case dsaKey:
- case keaKey:
- case fortezzaKey:
- {
- CK_KEA_DERIVE_PARAMS param;
- param.isSender = (CK_BBOOL) isSender;
- param.ulRandomLen = randomA->len;
- param.pRandomA = randomA->data;
- param.pRandomB = rb_email;
- if (randomB)
- param.pRandomB = randomB->data;
- if (pubKey->keyType == fortezzaKey) {
- param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
- param.pPublicData = pubKey->u.fortezza.KEAKey.data;
- } else {
- /* assert type == keaKey */
- /* XXX change to match key key types */
- param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
- param.pPublicData = pubKey->u.fortezza.KEAKey.data;
- }
-
- mechanism.mechanism = derive;
- mechanism.pParameter = &param;
- mechanism.ulParameterLen = sizeof(param);
-
- /* get a new symKey structure */
- pk11_EnterKeyMonitor(symKey);
- crv=PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
- privKey->pkcs11ID, NULL, 0, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- if (crv == CKR_OK) return symKey;
- PORT_SetError( PK11_MapError(crv) );
- }
- break;
- case dhKey:
- {
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG key_size = 0;
- CK_ATTRIBUTE keyTemplate[4];
- int templateCount;
- CK_ATTRIBUTE *attrs = keyTemplate;
-
- if (pubKey->keyType != dhKey) {
- PORT_SetError(SEC_ERROR_BAD_KEY);
- break;
- }
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
- attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
- attrs++;
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
- attrs++;
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
- keyType = PK11_GetKeyType(target,keySize);
- key_size = keySize;
- symKey->size = keySize;
- if (key_size == 0) templateCount--;
-
- mechanism.mechanism = derive;
-
- /* we can undefine these when we define diffie-helman keys */
- mechanism.pParameter = pubKey->u.dh.publicValue.data;
- mechanism.ulParameterLen = pubKey->u.dh.publicValue.len;
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
- privKey->pkcs11ID, keyTemplate, templateCount, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- if (crv == CKR_OK) return symKey;
- PORT_SetError( PK11_MapError(crv) );
- }
- break;
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- {
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG key_size = 0;
- CK_ATTRIBUTE keyTemplate[4];
- int templateCount;
- CK_ATTRIBUTE *attrs = keyTemplate;
- CK_ECDH1_DERIVE_PARAMS *mechParams = NULL;
-
- if (pubKey->keyType != ecKey) {
- PORT_SetError(SEC_ERROR_BAD_KEY);
- break;
- }
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
- attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
- attrs++;
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
- attrs++;
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
- keyType = PK11_GetKeyType(target,keySize);
- key_size = keySize;
- symKey->size = keySize;
- if (key_size == 0) templateCount--;
-
- mechParams = (CK_ECDH1_DERIVE_PARAMS *)
- PORT_ZAlloc(sizeof(CK_ECDH1_DERIVE_PARAMS));
- mechParams->kdf = CKD_SHA1_KDF;
- mechParams->ulSharedDataLen = 0;
- mechParams->pSharedData = NULL;
- mechParams->ulPublicDataLen = pubKey->u.ec.publicValue.len;
- mechParams->pPublicData = pubKey->u.ec.publicValue.data;
-
- mechanism.mechanism = derive;
- mechanism.pParameter = mechParams;
- mechanism.ulParameterLen = sizeof(CK_ECDH1_DERIVE_PARAMS);
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session,
- &mechanism, privKey->pkcs11ID, keyTemplate,
- templateCount, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
-
- PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
-
- if (crv == CKR_OK) return symKey;
- PORT_SetError( PK11_MapError(crv) );
- }
-#endif /* NSS_ENABLE_ECC */
- }
-
- PK11_FreeSymKey(symKey);
- return NULL;
-}
-
-/*
- * this little function uses the Decrypt function to unwrap a key, just in
- * case we are having problem with unwrap. NOTE: The key size may
- * not be preserved properly for some algorithms!
- */
-static PK11SymKey *
-pk11_HandUnwrap(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
- CK_MECHANISM *mech, SECItem *inKey, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE *keyTemplate, unsigned int templateCount,
- int key_size, void * wincx, CK_RV *crvp)
-{
- CK_ULONG len;
- SECItem outKey;
- PK11SymKey *symKey;
- CK_RV crv;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
-
- /* remove any VALUE_LEN parameters */
- if (keyTemplate[templateCount-1].type == CKA_VALUE_LEN) {
- templateCount--;
- }
-
- /* keys are almost always aligned, but if we get this far,
- * we've gone above and beyond anyway... */
- outKey.data = (unsigned char*)PORT_Alloc(inKey->len);
- if (outKey.data == NULL) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- if (crvp) *crvp = CKR_HOST_MEMORY;
- return NULL;
- }
- len = inKey->len;
-
- /* use NULL IV's for wrapping */
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_DecryptInit(session,mech,wrappingKey);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_Free(outKey.data);
- PORT_SetError( PK11_MapError(crv) );
- if (crvp) *crvp =crv;
- return NULL;
- }
- crv = PK11_GETTAB(slot)->C_Decrypt(session,inKey->data,inKey->len,
- outKey.data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (crv != CKR_OK) {
- PORT_Free(outKey.data);
- PORT_SetError( PK11_MapError(crv) );
- if (crvp) *crvp =crv;
- return NULL;
- }
-
- outKey.len = (key_size == 0) ? len : key_size;
- outKey.type = siBuffer;
-
- if (PK11_DoesMechanism(slot,target)) {
- symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
- keyTemplate, templateCount,
- &outKey, wincx);
- } else {
- slot = PK11_GetBestSlot(target,wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- PORT_Free(outKey.data);
- if (crvp) *crvp = CKR_DEVICE_ERROR;
- return NULL;
- }
- symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
- keyTemplate, templateCount,
- &outKey, wincx);
- PK11_FreeSlot(slot);
- }
- PORT_Free(outKey.data);
-
- if (crvp) *crvp = symKey? CKR_OK : CKR_DEVICE_ERROR;
- return symKey;
-}
-
-/*
- * The wrap/unwrap function is pretty much the same for private and
- * public keys. It's just getting the Object ID and slot right. This is
- * the combined unwrap function.
- */
-static PK11SymKey *
-pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
- CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
- void *wincx, CK_ATTRIBUTE *userAttr, unsigned int numAttrs)
-{
- PK11SymKey * symKey;
- SECItem * param_free = NULL;
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG valueLen = 0;
- CK_MECHANISM mechanism;
- CK_RV crv;
- CK_MECHANISM_INFO mechanism_info;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- CK_ATTRIBUTE * attrs = keyTemplate;
- unsigned int templateCount;
-
- if (numAttrs > MAX_TEMPL_ATTRS) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* first copy caller attributes in. */
- for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
- *attrs++ = *userAttr++;
- }
-
- /* We only add the following attributes to the template if the caller
- ** didn't already supply them.
- */
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
- keyType = PK11_GetKeyType(target, keySize);
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType );
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- }
-
- /*
- * must be last in case we need to use this template to import the key
- */
- if (keySize > 0 &&
- !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
- valueLen = (CK_ULONG)keySize;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
- attrs++;
- }
-
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
-
- /* find out if we can do wrap directly. Because the RSA case if *very*
- * common, cache the results for it. */
- if ((wrapType == CKM_RSA_PKCS) && (slot->hasRSAInfo)) {
- mechanism_info.flags = slot->RSAInfoFlags;
- } else {
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,wrapType,
- &mechanism_info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- mechanism_info.flags = 0;
- }
- if (wrapType == CKM_RSA_PKCS) {
- slot->RSAInfoFlags = mechanism_info.flags;
- slot->hasRSAInfo = PR_TRUE;
- }
- }
-
- /* initialize the mechanism structure */
- mechanism.mechanism = wrapType;
- /* use NULL IV's for wrapping */
- if (param == NULL) param = param_free = PK11_ParamFromIV(wrapType,NULL);
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
-
- if ((mechanism_info.flags & CKF_DECRYPT)
- && !PK11_DoesMechanism(slot,target)) {
- symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
- target, keyTemplate, templateCount, keySize,
- wincx, &crv);
- if (symKey) {
- if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
- return symKey;
- }
- /*
- * if the RSA OP simply failed, don't try to unwrap again
- * with this module.
- */
- if (crv == CKR_DEVICE_ERROR){
- return NULL;
- }
- /* fall through, maybe they incorrectly set CKF_DECRYPT */
- }
-
- /* get our key Structure */
- symKey = PK11_CreateSymKey(slot,target,wincx);
- if (symKey == NULL) {
- if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
- return NULL;
- }
-
- symKey->size = keySize;
- symKey->origin = PK11_OriginUnwrap;
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_UnwrapKey(symKey->session,&mechanism,wrappingKey,
- wrappedKey->data, wrappedKey->len, keyTemplate, templateCount,
- &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
- if ((crv != CKR_OK) && (crv != CKR_DEVICE_ERROR)) {
- /* try hand Unwrapping */
- PK11_FreeSymKey(symKey);
- symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
- target, keyTemplate, templateCount, keySize,
- wincx, NULL);
- }
-
- return symKey;
-}
-
-/* use a symetric key to unwrap another symetric key */
-PK11SymKey *
-PK11_UnwrapSymKey( PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize)
-{
- return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
- wrapType, param, wrappedKey, target, operation, keySize,
- wrappingKey->cx, NULL, 0);
-}
-
-/* use a symetric key to unwrap another symetric key */
-PK11SymKey *
-PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize, CK_FLAGS flags)
-{
- CK_BBOOL ckTrue = CK_TRUE;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- unsigned int templateCount;
-
- templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
- return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
- wrapType, param, wrappedKey, target, operation, keySize,
- wrappingKey->cx, keyTemplate, templateCount);
-}
-
-
-/* unwrap a symetric key with a private key. */
-PK11SymKey *
-PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize)
-{
- CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
-
- PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx);
-
- return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID,
- wrapType, NULL, wrappedKey, target, operation, keySize,
- wrappingKey->wincx, NULL, 0);
-}
-
-/* unwrap a symetric key with a private key. */
-PK11SymKey *
-PK11_PubUnwrapSymKeyWithFlags(SECKEYPrivateKey *wrappingKey,
- SECItem *wrappedKey, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags)
-{
- CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
- CK_BBOOL ckTrue = CK_TRUE;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- unsigned int templateCount;
-
- templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
-
- PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx);
-
- return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID,
- wrapType, NULL, wrappedKey, target, operation, keySize,
- wrappingKey->wincx, keyTemplate, templateCount);
-}
-
-/*
- * Recover the Signed data. We need this because our old verify can't
- * figure out which hash algorithm to use until we decryptted this.
- */
-SECStatus
-PK11_VerifyRecover(SECKEYPublicKey *key,
- SECItem *sig, SECItem *dsig, void *wincx)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_OBJECT_HANDLE id = key->pkcs11ID;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_ULONG len;
- CK_RV crv;
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- if (slot == NULL) {
- slot = PK11_GetBestSlot(mech.mechanism,wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
- id = PK11_ImportPublicKey(slot,key,PR_FALSE);
- } else {
- PK11_ReferenceSlot(slot);
- }
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_VerifyRecoverInit(session,&mech,id);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
- len = dsig->len;
- crv = PK11_GETTAB(slot)->C_VerifyRecover(session,sig->data,
- sig->len, dsig->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- dsig->len = len;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
- PK11_FreeSlot(slot);
- return SECSuccess;
-}
-
-/*
- * verify a signature from its hash.
- */
-SECStatus
-PK11_Verify(SECKEYPublicKey *key, SECItem *sig, SECItem *hash, void *wincx)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_OBJECT_HANDLE id = key->pkcs11ID;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- if (slot == NULL) {
- slot = PK11_GetBestSlot(mech.mechanism,wincx);
-
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
- id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-
- } else {
- PK11_ReferenceSlot(slot);
- }
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_VerifyInit(session,&mech,id);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PK11_FreeSlot(slot);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_Verify(session,hash->data,
- hash->len, sig->data, sig->len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PK11_FreeSlot(slot);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * sign a hash. The algorithm is determined by the key.
- */
-SECStatus
-PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_ULONG len;
- CK_RV crv;
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- PK11_HandlePasswordCheck(slot, key->wincx);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- len = sig->len;
- crv = PK11_GETTAB(slot)->C_Sign(session,hash->data,
- hash->len, sig->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- sig->len = len;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use
- * RSA keys, or they'll fail. We do the checks up front. If anyone comes
- * up with a meaning for rawdecrypt for any other public key operation,
- * then we need to move this check into some of PK11_PubDecrypt callers,
- * (namely SSL 2.0).
- */
-SECStatus
-PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
- unsigned *outLen, unsigned int maxLen, unsigned char *enc,
- unsigned encLen)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 };
- CK_ULONG out = maxLen;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- if (key->keyType != rsaKey) {
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return SECFailure;
- }
-
- /* Why do we do a PK11_handle check here? for simple
- * decryption? .. because the user may have asked for 'ask always'
- * and this is a private key operation. In practice, thought, it's mute
- * since only servers wind up using this function */
- PK11_HandlePasswordCheck(slot, key->wincx);
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_DecryptInit(session,&mech,key->pkcs11ID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_Decrypt(session,enc, encLen,
- data, &out);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- *outLen = out;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* The encrypt version of the above function */
-SECStatus
-PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc,
- unsigned char *data, unsigned dataLen, void *wincx)
-{
- PK11SlotInfo *slot;
- CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 };
- CK_OBJECT_HANDLE id;
- CK_ULONG out = dataLen;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- if (key->keyType != rsaKey) {
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return SECFailure;
- }
-
- slot = PK11_GetBestSlot(mech.mechanism, wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
-
- id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,id);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PK11_FreeSlot(slot);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_Encrypt(session,data,dataLen,enc,&out);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PK11_FreeSlot(slot);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-/**********************************************************************
- *
- * Now Deal with Crypto Contexts
- *
- **********************************************************************/
-
-/*
- * the monitors...
- */
-void
-PK11_EnterContextMonitor(PK11Context *cx) {
- /* if we own the session and our slot is ThreadSafe, only monitor
- * the Context */
- if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
- /* Should this use monitors instead? */
- PZ_Lock(cx->sessionLock);
- } else {
- PK11_EnterSlotMonitor(cx->slot);
- }
-}
-
-void
-PK11_ExitContextMonitor(PK11Context *cx) {
- /* if we own the session and our slot is ThreadSafe, only monitor
- * the Context */
- if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
- /* Should this use monitors instead? */
- PZ_Unlock(cx->sessionLock);
- } else {
- PK11_ExitSlotMonitor(cx->slot);
- }
-}
-
-/*
- * Free up a Cipher Context
- */
-void
-PK11_DestroyContext(PK11Context *context, PRBool freeit)
-{
- SECStatus rv = SECFailure;
- if (context->ownSession && context->key && /* context owns session & key */
- context->key->session == context->session && /* sharing session */
- !context->key->sessionOwner) /* sanity check */
- {
- /* session still valid, let the key free it as necessary */
- rv = PK11_Finalize(context); /* end any ongoing activity */
- if (rv == SECSuccess) {
- context->key->sessionOwner = PR_TRUE;
- } /* else couldn't finalize the session, close it */
- }
- if (rv == SECFailure) {
- pk11_CloseSession(context->slot,context->session,context->ownSession);
- }
- /* initialize the critical fields of the context */
- if (context->savedData != NULL ) PORT_Free(context->savedData);
- if (context->key) PK11_FreeSymKey(context->key);
- if (context->param) SECITEM_FreeItem(context->param, PR_TRUE);
- if (context->sessionLock) PZ_DestroyLock(context->sessionLock);
- PK11_FreeSlot(context->slot);
- if (freeit) PORT_Free(context);
-}
-
-/*
- * save the current context. Allocate Space if necessary.
- */
-static unsigned char *
-pk11_saveContextHelper(PK11Context *context, unsigned char *buffer,
- unsigned long *savedLength)
-{
- CK_RV crv;
-
- /* If buffer is NULL, this will get the length */
- crv = PK11_GETTAB(context->slot)->C_GetOperationState(context->session,
- (CK_BYTE_PTR)buffer,
- savedLength);
- if (!buffer || (crv == CKR_BUFFER_TOO_SMALL)) {
- /* the given buffer wasn't big enough (or was NULL), but we
- * have the length, so try again with a new buffer and the
- * correct length
- */
- unsigned long bufLen = *savedLength;
- buffer = PORT_Alloc(bufLen);
- if (buffer == NULL) {
- return (unsigned char *)NULL;
- }
- crv = PK11_GETTAB(context->slot)->C_GetOperationState(
- context->session,
- (CK_BYTE_PTR)buffer,
- savedLength);
- if (crv != CKR_OK) {
- PORT_ZFree(buffer, bufLen);
- }
- }
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return (unsigned char *)NULL;
- }
- return buffer;
-}
-
-void *
-pk11_saveContext(PK11Context *context, void *space, unsigned long *savedLength)
-{
- return pk11_saveContextHelper(context,
- (unsigned char *)space, savedLength);
-}
-
-/*
- * restore the current context
- */
-SECStatus
-pk11_restoreContext(PK11Context *context,void *space, unsigned long savedLength)
-{
- CK_RV crv;
- CK_OBJECT_HANDLE objectID = (context->key) ? context->key->objectID:
- CK_INVALID_HANDLE;
-
- PORT_Assert(space != NULL);
- if (space == NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
- crv = PK11_GETTAB(context->slot)->C_SetOperationState(context->session,
- (CK_BYTE_PTR)space, savedLength, objectID, 0);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus pk11_Finalize(PK11Context *context);
-
-/*
- * Context initialization. Used by all flavors of CreateContext
- */
-static SECStatus
-pk11_context_init(PK11Context *context, CK_MECHANISM *mech_info)
-{
- CK_RV crv;
- PK11SymKey *symKey = context->key;
- SECStatus rv = SECSuccess;
-
- switch (context->operation) {
- case CKA_ENCRYPT:
- crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_DECRYPT:
- if (context->fortezzaHack) {
- CK_ULONG count = 0;;
- /* generate the IV for fortezza */
- crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session,
- mech_info, symKey->objectID);
- if (crv != CKR_OK) break;
- PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
- NULL, &count);
- }
- crv=PK11_GETTAB(context->slot)->C_DecryptInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_SignInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestInit(context->session,
- mech_info);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- return rv;
-}
-
-
-/*
- * Common Helper Function do come up with a new context.
- */
-static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type,
- PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey,
- SECItem *param)
-{
- CK_MECHANISM mech_info;
- PK11Context *context;
- SECStatus rv;
-
- PORT_Assert(slot != NULL);
- if (!slot) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- context = (PK11Context *) PORT_Alloc(sizeof(PK11Context));
- if (context == NULL) {
- return NULL;
- }
-
- /* now deal with the fortezza hack... the fortezza hack is an attempt
- * to get around the issue of the card not allowing you to do a FORTEZZA
- * LoadIV/Encrypt, which was added because such a combination could be
- * use to circumvent the key escrow system. Unfortunately SSL needs to
- * do this kind of operation, so in SSL we do a loadIV (to verify it),
- * Then GenerateIV, and through away the first 8 bytes on either side
- * of the connection.*/
- context->fortezzaHack = PR_FALSE;
- if (type == CKM_SKIPJACK_CBC64) {
- if (symKey->origin == PK11_OriginFortezzaHack) {
- context->fortezzaHack = PR_TRUE;
- }
- }
-
- /* initialize the critical fields of the context */
- context->operation = operation;
- context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL;
- context->slot = PK11_ReferenceSlot(slot);
- if (symKey && symKey->sessionOwner) {
- /* The symkey owns a session. Adopt that session. */
- context->session = symKey->session;
- context->ownSession = symKey->sessionOwner;
- symKey->sessionOwner = PR_FALSE;
- } else {
- context->session = pk11_GetNewSession(slot, &context->ownSession);
- }
- context->cx = symKey ? symKey->cx : NULL;
- /* get our session */
- context->savedData = NULL;
-
- /* save the parameters so that some digesting stuff can do multiple
- * begins on a single context */
- context->type = type;
- context->param = SECITEM_DupItem(param);
- context->init = PR_FALSE;
- context->sessionLock = PZ_NewLock(nssILockPK11cxt);
- if ((context->param == NULL) || (context->sessionLock == NULL)) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- mech_info.mechanism = type;
- mech_info.pParameter = param->data;
- mech_info.ulParameterLen = param->len;
- PK11_EnterContextMonitor(context);
- rv = pk11_context_init(context,&mech_info);
- PK11_ExitContextMonitor(context);
-
- if (rv != SECSuccess) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
- context->init = PR_TRUE;
- return context;
-}
-
-
-/*
- * put together the various PK11_Create_Context calls used by different
- * parts of libsec.
- */
-PK11Context *
-__PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
- SECItem *param, void *wincx)
-{
- PK11SymKey *symKey;
- PK11Context *context;
-
- /* first get a slot */
- if (slot == NULL) {
- slot = PK11_GetBestSlot(type,wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- } else {
- PK11_ReferenceSlot(slot);
- }
-
- /* now import the key */
- symKey = PK11_ImportSymKey(slot, type, origin, operation, key, wincx);
- if (symKey == NULL) return NULL;
-
- context = PK11_CreateContextBySymKey(type, operation, symKey, param);
-
- PK11_FreeSymKey(symKey);
- PK11_FreeSlot(slot);
-
- return context;
-}
-
-PK11Context *
-PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
- SECItem *param, void *wincx)
-{
- return __PK11_CreateContextByRawKey(slot, type, origin, operation,
- key, param, wincx);
-}
-
-
-/*
- * Create a context from a key. We really should make sure we aren't using
- * the same key in multiple session!
- */
-PK11Context *
-PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,CK_ATTRIBUTE_TYPE operation,
- PK11SymKey *symKey, SECItem *param)
-{
- PK11SymKey *newKey;
- PK11Context *context;
-
- /* if this slot doesn't support the mechanism, go to a slot that does */
- newKey = pk11_ForceSlot(symKey,type,operation);
- if (newKey == NULL) {
- PK11_ReferenceSymKey(symKey);
- } else {
- symKey = newKey;
- }
-
-
- /* Context Adopts the symKey.... */
- context = pk11_CreateNewContextInSlot(type, symKey->slot, operation, symKey,
- param);
- PK11_FreeSymKey(symKey);
- return context;
-}
-
-/*
- * Digest contexts don't need keys, but the do need to find a slot.
- * Macing should use PK11_CreateContextBySymKey.
- */
-PK11Context *
-PK11_CreateDigestContext(SECOidTag hashAlg)
-{
- /* digesting has to work without authentication to the slot */
- CK_MECHANISM_TYPE type;
- PK11SlotInfo *slot;
- PK11Context *context;
- SECItem param;
-
- type = PK11_AlgtagToMechanism(hashAlg);
- slot = PK11_GetBestSlot(type, NULL);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- /* maybe should really be PK11_GenerateNewParam?? */
- param.data = NULL;
- param.len = 0;
- param.type = 0;
-
- context = pk11_CreateNewContextInSlot(type, slot, CKA_DIGEST, NULL, &param);
- PK11_FreeSlot(slot);
- return context;
-}
-
-/*
- * create a new context which is the clone of the state of old context.
- */
-PK11Context * PK11_CloneContext(PK11Context *old)
-{
- PK11Context *newcx;
- PRBool needFree = PR_FALSE;
- SECStatus rv = SECSuccess;
- void *data;
- unsigned long len;
-
- newcx = pk11_CreateNewContextInSlot(old->type, old->slot, old->operation,
- old->key, old->param);
- if (newcx == NULL) return NULL;
-
- /* now clone the save state. First we need to find the save state
- * of the old session. If the old context owns it's session,
- * the state needs to be saved, otherwise the state is in saveData. */
- if (old->ownSession) {
- PK11_EnterContextMonitor(old);
- data=pk11_saveContext(old,NULL,&len);
- PK11_ExitContextMonitor(old);
- needFree = PR_TRUE;
- } else {
- data = old->savedData;
- len = old->savedLength;
- }
-
- if (data == NULL) {
- PK11_DestroyContext(newcx,PR_TRUE);
- return NULL;
- }
-
- /* now copy that state into our new context. Again we have different
- * work if the new context owns it's own session. If it does, we
- * restore the state gathered above. If it doesn't, we copy the
- * saveData pointer... */
- if (newcx->ownSession) {
- PK11_EnterContextMonitor(newcx);
- rv = pk11_restoreContext(newcx,data,len);
- PK11_ExitContextMonitor(newcx);
- } else {
- PORT_Assert(newcx->savedData != NULL);
- if ((newcx->savedData == NULL) || (newcx->savedLength < len)) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- rv = SECFailure;
- } else {
- PORT_Memcpy(newcx->savedData,data,len);
- newcx->savedLength = len;
- }
- }
-
- if (needFree) PORT_Free(data);
-
- if (rv != SECSuccess) {
- PK11_DestroyContext(newcx,PR_TRUE);
- return NULL;
- }
- return newcx;
-}
-
-/*
- * save the current context state into a variable. Required to make FORTEZZA
- * work.
- */
-SECStatus
-PK11_SaveContext(PK11Context *cx,unsigned char *save,int *len, int saveLength)
-{
- unsigned char * data = NULL;
- CK_ULONG length = saveLength;
-
- if (cx->ownSession) {
- PK11_EnterContextMonitor(cx);
- data = pk11_saveContextHelper(cx, save, &length);
- PK11_ExitContextMonitor(cx);
- if (data) *len = length;
- } else if ((unsigned) saveLength >= cx->savedLength) {
- data = (unsigned char*)cx->savedData;
- if (cx->savedData) {
- PORT_Memcpy(save,cx->savedData,cx->savedLength);
- }
- *len = cx->savedLength;
- }
- if (data != NULL) {
- if (cx->ownSession) {
- PORT_ZFree(data, length);
- }
- return SECSuccess;
- } else {
- return SECFailure;
- }
-}
-
-/* same as above, but may allocate the return buffer. */
-unsigned char *
-PK11_SaveContextAlloc(PK11Context *cx,
- unsigned char *preAllocBuf, unsigned int pabLen,
- unsigned int *stateLen)
-{
- unsigned char *stateBuf = NULL;
- unsigned long length = (unsigned long)pabLen;
-
- if (cx->ownSession) {
- PK11_EnterContextMonitor(cx);
- stateBuf = pk11_saveContextHelper(cx, preAllocBuf, &length);
- PK11_ExitContextMonitor(cx);
- *stateLen = (stateBuf != NULL) ? length : 0;
- } else {
- if (pabLen < cx->savedLength) {
- stateBuf = (unsigned char *)PORT_Alloc(cx->savedLength);
- if (!stateBuf) {
- return (unsigned char *)NULL;
- }
- } else {
- stateBuf = preAllocBuf;
- }
- if (cx->savedData) {
- PORT_Memcpy(stateBuf, cx->savedData, cx->savedLength);
- }
- *stateLen = cx->savedLength;
- }
- return stateBuf;
-}
-
-/*
- * restore the context state into a new running context. Also required for
- * FORTEZZA .
- */
-SECStatus
-PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len)
-{
- SECStatus rv = SECSuccess;
- if (cx->ownSession) {
- PK11_EnterContextMonitor(cx);
- pk11_Finalize(cx);
- rv = pk11_restoreContext(cx,save,len);
- PK11_ExitContextMonitor(cx);
- } else {
- PORT_Assert(cx->savedData != NULL);
- if ((cx->savedData == NULL) || (cx->savedLength < (unsigned) len)) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- rv = SECFailure;
- } else {
- PORT_Memcpy(cx->savedData,save,len);
- cx->savedLength = len;
- }
- }
- return rv;
-}
-
-/*
- * This is to get FIPS compliance until we can convert
- * libjar to use PK11_ hashing functions. It returns PR_FALSE
- * if we can't get a PK11 Context.
- */
-PRBool
-PK11_HashOK(SECOidTag algID) {
- PK11Context *cx;
-
- cx = PK11_CreateDigestContext(algID);
- if (cx == NULL) return PR_FALSE;
- PK11_DestroyContext(cx, PR_TRUE);
- return PR_TRUE;
-}
-
-
-
-/*
- * start a new digesting or Mac'ing operation on this context
- */
-SECStatus PK11_DigestBegin(PK11Context *cx)
-{
- CK_MECHANISM mech_info;
- SECStatus rv;
-
- if (cx->init == PR_TRUE) {
- return SECSuccess;
- }
-
- /*
- * make sure the old context is clear first
- */
- PK11_EnterContextMonitor(cx);
- pk11_Finalize(cx);
-
- mech_info.mechanism = cx->type;
- mech_info.pParameter = cx->param->data;
- mech_info.ulParameterLen = cx->param->len;
- rv = pk11_context_init(cx,&mech_info);
- PK11_ExitContextMonitor(cx);
-
- if (rv != SECSuccess) {
- return SECFailure;
- }
- cx->init = PR_TRUE;
- return SECSuccess;
-}
-
-SECStatus
-PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in,
- int32 len) {
- PK11Context *context;
- unsigned int max_length;
- unsigned int out_length;
- SECStatus rv;
-
- context = PK11_CreateDigestContext(hashAlg);
- if (context == NULL) return SECFailure;
-
- rv = PK11_DigestBegin(context);
- if (rv != SECSuccess) {
- PK11_DestroyContext(context, PR_TRUE);
- return rv;
- }
-
- rv = PK11_DigestOp(context, in, len);
- if (rv != SECSuccess) {
- PK11_DestroyContext(context, PR_TRUE);
- return rv;
- }
-
- /* XXX This really should have been an argument to this function! */
- max_length = HASH_ResultLenByOidTag(hashAlg);
- PORT_Assert(max_length);
- if (!max_length)
- max_length = HASH_LENGTH_MAX;
-
- rv = PK11_DigestFinal(context,out,&out_length,max_length);
- PK11_DestroyContext(context, PR_TRUE);
- return rv;
-}
-
-
-/*
- * execute a bulk encryption operation
- */
-SECStatus
-PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen,
- int maxout, unsigned char *in, int inlen)
-{
- CK_RV crv = CKR_OK;
- CK_ULONG length = maxout;
- CK_ULONG offset =0;
- SECStatus rv = SECSuccess;
- unsigned char *saveOut = out;
- unsigned char *allocOut = NULL;
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- return rv;
- }
- }
-
- /*
- * The fortezza hack is to send 8 extra bytes on the first encrypted and
- * loose them on the first decrypt.
- */
- if (context->fortezzaHack) {
- unsigned char random[8];
- if (context->operation == CKA_ENCRYPT) {
- PK11_ExitContextMonitor(context);
- rv = PK11_GenerateRandom(random,sizeof(random));
- PK11_EnterContextMonitor(context);
-
- /* since we are offseting the output, we can't encrypt back into
- * the same buffer... allocate a temporary buffer just for this
- * call. */
- allocOut = out = (unsigned char*)PORT_Alloc(maxout);
- if (out == NULL) {
- PK11_ExitContextMonitor(context);
- return SECFailure;
- }
- crv = PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session,
- random,sizeof(random),out,&length);
-
- out += length;
- maxout -= length;
- offset = length;
- } else if (context->operation == CKA_DECRYPT) {
- length = sizeof(random);
- crv = PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session,
- in,sizeof(random),random,&length);
- inlen -= length;
- in += length;
- context->fortezzaHack = PR_FALSE;
- }
- }
-
- switch (context->operation) {
- case CKA_ENCRYPT:
- length = maxout;
- crv=PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session,
- in, inlen, out, &length);
- length += offset;
- break;
- case CKA_DECRYPT:
- length = maxout;
- crv=PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session,
- in, inlen, out, &length);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- *outlen = 0;
- rv = SECFailure;
- } else {
- *outlen = length;
- }
-
- if (context->fortezzaHack) {
- if (context->operation == CKA_ENCRYPT) {
- PORT_Assert(allocOut);
- PORT_Memcpy(saveOut, allocOut, length);
- PORT_Free(allocOut);
- }
- context->fortezzaHack = PR_FALSE;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
-
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- PK11_ExitContextMonitor(context);
- return rv;
-}
-
-/*
- * execute a digest/signature operation
- */
-SECStatus
-PK11_DigestOp(PK11Context *context, const unsigned char * in, unsigned inLen)
-{
- CK_RV crv = CKR_OK;
- SECStatus rv = SECSuccess;
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- context->init = PR_FALSE;
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- return rv;
- }
- }
-
- switch (context->operation) {
- /* also for MAC'ing */
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignUpdate(context->session,
- (unsigned char *)in,
- inLen);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_VerifyUpdate(context->session,
- (unsigned char *)in,
- inLen);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session,
- (unsigned char *)in,
- inLen);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
-
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- PK11_ExitContextMonitor(context);
- return rv;
-}
-
-/*
- * Digest a key if possible./
- */
-SECStatus
-PK11_DigestKey(PK11Context *context, PK11SymKey *key)
-{
- CK_RV crv = CKR_OK;
- SECStatus rv = SECSuccess;
- PK11SymKey *newKey = NULL;
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- if (context->slot != key->slot) {
- newKey = pk11_CopyToSlot(context->slot,CKM_SSL3_SHA1_MAC,CKA_SIGN,key);
- } else {
- newKey = PK11_ReferenceSymKey(key);
- }
-
- context->init = PR_FALSE;
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- PK11_FreeSymKey(newKey);
- return rv;
- }
- }
-
-
- if (newKey == NULL) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- if (key->data.data) {
- crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session,
- key->data.data,key->data.len);
- }
- } else {
- crv=PK11_GETTAB(context->slot)->C_DigestKey(context->session,
- newKey->objectID);
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
-
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- PK11_ExitContextMonitor(context);
- if (newKey) PK11_FreeSymKey(newKey);
- return rv;
-}
-
-/*
- * externally callable version of the lowercase pk11_finalize().
- */
-SECStatus
-PK11_Finalize(PK11Context *context) {
- SECStatus rv;
-
- PK11_EnterContextMonitor(context);
- rv = pk11_Finalize(context);
- PK11_ExitContextMonitor(context);
- return rv;
-}
-
-/*
- * clean up a cipher operation, so the session can be used by
- * someone new.
- */
-SECStatus
-pk11_Finalize(PK11Context *context)
-{
- CK_ULONG count = 0;
- CK_RV crv;
- unsigned char stackBuf[256];
- unsigned char *buffer = NULL;
-
- if (!context->ownSession) {
- return SECSuccess;
- }
-
-finalize:
- switch (context->operation) {
- case CKA_ENCRYPT:
- crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
- buffer, &count);
- break;
- case CKA_DECRYPT:
- crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session,
- buffer, &count);
- break;
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session,
- buffer, &count);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session,
- buffer, count);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session,
- buffer, &count);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- if (buffer != stackBuf) {
- PORT_Free(buffer);
- }
- if (crv == CKR_OPERATION_NOT_INITIALIZED) {
- /* if there's no operation, it is finalized */
- return SECSuccess;
- }
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- /* try to finalize the session with a buffer */
- if (buffer == NULL) {
- if (count <= sizeof stackBuf) {
- buffer = stackBuf;
- } else {
- buffer = PORT_Alloc(count);
- if (buffer == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
- goto finalize;
- }
- if (buffer != stackBuf) {
- PORT_Free(buffer);
- }
- return SECSuccess;
-}
-
-/*
- * Return the final digested or signed data...
- * this routine can either take pre initialized data, or allocate data
- * either out of an arena or out of the standard heap.
- */
-SECStatus
-PK11_DigestFinal(PK11Context *context,unsigned char *data,
- unsigned int *outLen, unsigned int length)
-{
- CK_ULONG len;
- CK_RV crv;
- SECStatus rv;
-
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- return rv;
- }
- }
-
- len = length;
- switch (context->operation) {
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session,
- data,&len);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session,
- data,len);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session,
- data,&len);
- break;
- case CKA_ENCRYPT:
- crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
- data, &len);
- break;
- case CKA_DECRYPT:
- crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session,
- data, &len);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
- PK11_ExitContextMonitor(context);
-
- *outLen = (unsigned int) len;
- context->init = PR_FALSE; /* allow Begin to start up again */
-
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/****************************************************************************
- *
- * Now Do The PBE Functions Here...
- *
- ****************************************************************************/
-
-static void
-pk11_destroy_ck_pbe_params(CK_PBE_PARAMS *pbe_params)
-{
- if (pbe_params) {
- if (pbe_params->pPassword)
- PORT_ZFree(pbe_params->pPassword, PR_FALSE);
- if (pbe_params->pSalt)
- PORT_ZFree(pbe_params->pSalt, PR_FALSE);
- PORT_ZFree(pbe_params, PR_TRUE);
- }
-}
-
-SECItem *
-PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations)
-{
- CK_PBE_PARAMS *pbe_params = NULL;
- SECItem *paramRV = NULL;
- pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS));
- pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwd->len);
- if (pbe_params->pPassword != NULL) {
- PORT_Memcpy(pbe_params->pPassword, pwd->data, pwd->len);
- pbe_params->ulPasswordLen = pwd->len;
- } else goto loser;
- pbe_params->pSalt = (CK_CHAR_PTR)PORT_ZAlloc(salt->len);
- if (pbe_params->pSalt != NULL) {
- PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
- pbe_params->ulSaltLen = salt->len;
- } else goto loser;
- pbe_params->ulIteration = (CK_ULONG)iterations;
- paramRV = SECITEM_AllocItem(NULL, NULL, sizeof(CK_PBE_PARAMS));
- paramRV->data = (unsigned char *)pbe_params;
- return paramRV;
-loser:
- pk11_destroy_ck_pbe_params(pbe_params);
- return NULL;
-}
-
-void
-PK11_DestroyPBEParams(SECItem *params)
-{
- pk11_destroy_ck_pbe_params((CK_PBE_PARAMS *)params->data);
-}
-
-SECAlgorithmID *
-PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt)
-{
- SECAlgorithmID *algid = NULL;
- algid = SEC_PKCS5CreateAlgorithmID(algorithm, salt, iteration);
- return algid;
-}
-
-PK11SymKey *
-PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *mech,
- SECItem *pwitem, PRBool faulty3DES, void *wincx)
-{
- /* pbe stuff */
- CK_PBE_PARAMS *pbe_params;
- PK11SymKey *symKey;
-
- if(faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
- type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
- }
- if(mech == NULL) {
- return NULL;
- }
-
- pbe_params = (CK_PBE_PARAMS *)mech->data;
- pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwitem->len);
- if(pbe_params->pPassword != NULL) {
- PORT_Memcpy(pbe_params->pPassword, pwitem->data, pwitem->len);
- pbe_params->ulPasswordLen = pwitem->len;
- } else {
- SECITEM_ZfreeItem(mech, PR_TRUE);
- return NULL;
- }
-
- symKey = PK11_KeyGen(slot, type, mech, 0, wincx);
-
- PORT_ZFree(pbe_params->pPassword, pwitem->len);
- pbe_params->pPassword = NULL;
- pbe_params->ulPasswordLen = 0;
- return symKey;
-}
-
-PK11SymKey *
-PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
- PRBool faulty3DES, void *wincx)
-{
- /* pbe stuff */
- CK_MECHANISM_TYPE type;
- SECItem *mech;
- PK11SymKey *symKey;
-
- mech = PK11_ParamFromAlgid(algid);
- type = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
- if(faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
- type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
- }
- if(mech == NULL) {
- return NULL;
- }
- symKey = PK11_RawPBEKeyGen(slot, type, mech, pwitem, faulty3DES, wincx);
-
- SECITEM_ZfreeItem(mech, PR_TRUE);
- return symKey;
-}
-
-SECItem *
-PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem)
-{
- /* pbe stuff */
- CK_MECHANISM_TYPE type;
- SECItem *mech;
- PK11SymKey *symKey;
- PK11SlotInfo *slot = PK11_GetInternalSlot();
- int iv_len = 0;
- CK_PBE_PARAMS_PTR pPBEparams;
- SECItem src;
- SECItem *iv;
-
-
- mech = PK11_ParamFromAlgid(algid);
- type = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
- if(mech == NULL) {
- return NULL;
- }
- symKey = PK11_RawPBEKeyGen(slot, type, mech, pwitem, PR_FALSE, NULL);
- PK11_FreeSlot(slot);
- if (symKey == NULL) {
- SECITEM_ZfreeItem(mech, PR_TRUE);
- return NULL;
- }
- PK11_FreeSymKey(symKey);
- pPBEparams = (CK_PBE_PARAMS_PTR)mech->data;
- iv_len = PK11_GetIVLength(type);
-
- src.data = (unsigned char *)pPBEparams->pInitVector;
- src.len = iv_len;
- iv = SECITEM_DupItem(&src);
-
- SECITEM_ZfreeItem(mech, PR_TRUE);
- return iv;
-}
-
-
-SECStatus
-PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
- SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, KeyType keyType,
- unsigned int keyUsage, void *wincx)
-{
- CK_MECHANISM_TYPE mechanism;
- SECItem *pbe_param, crypto_param;
- PK11SymKey *key = NULL;
- SECStatus rv = SECSuccess;
- CK_MECHANISM cryptoMech, pbeMech;
- CK_RV crv;
- SECKEYPrivateKey *privKey = NULL;
- PRBool faulty3DES = PR_FALSE;
- int usageCount = 0;
- CK_KEY_TYPE key_type;
- CK_ATTRIBUTE_TYPE *usage = NULL;
- CK_ATTRIBUTE_TYPE rsaUsage[] = {
- CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER };
- CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
- CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
-
- if((epki == NULL) || (pwitem == NULL))
- return SECFailure;
-
- crypto_param.data = NULL;
-
- mechanism = PK11_AlgtagToMechanism(SECOID_FindOIDTag(
- &epki->algorithm.algorithm));
-
- switch (keyType) {
- default:
- case rsaKey:
- key_type = CKK_RSA;
- switch (keyUsage & (KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE)) {
- case KU_KEY_ENCIPHERMENT:
- usage = rsaUsage;
- usageCount = 2;
- break;
- case KU_DIGITAL_SIGNATURE:
- usage = &rsaUsage[2];
- usageCount = 2;
- break;
- case KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE:
- case 0: /* default to everything */
- usage = rsaUsage;
- usageCount = 4;
- break;
- }
- break;
- case dhKey:
- key_type = CKK_DH;
- usage = dhUsage;
- usageCount = sizeof(dhUsage)/sizeof(dhUsage[0]);
- break;
- case dsaKey:
- key_type = CKK_DSA;
- usage = dsaUsage;
- usageCount = sizeof(dsaUsage)/sizeof(dsaUsage[0]);
- break;
- }
-
-try_faulty_3des:
- pbe_param = PK11_ParamFromAlgid(&epki->algorithm);
-
- key = PK11_RawPBEKeyGen(slot, mechanism, pbe_param, pwitem,
- faulty3DES, wincx);
- if((key == NULL) || (pbe_param == NULL)) {
- rv = SECFailure;
- goto done;
- }
-
- pbeMech.mechanism = mechanism;
- pbeMech.pParameter = pbe_param->data;
- pbeMech.ulParameterLen = pbe_param->len;
-
- crv = PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech,
- pwitem, faulty3DES);
- if(crv != CKR_OK) {
- rv = SECFailure;
- goto done;
- }
-
- cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMech.mechanism);
- crypto_param.data = (unsigned char*)cryptoMech.pParameter;
- crypto_param.len = cryptoMech.ulParameterLen;
-
- PORT_Assert(usage != NULL);
- PORT_Assert(usageCount != 0);
- privKey = PK11_UnwrapPrivKey(slot, key, cryptoMech.mechanism,
- &crypto_param, &epki->encryptedData,
- nickname, publicValue, isPerm, isPrivate,
- key_type, usage, usageCount, wincx);
- if(privKey) {
- SECKEY_DestroyPrivateKey(privKey);
- privKey = NULL;
- rv = SECSuccess;
- goto done;
- }
-
- /* if we are unable to import the key and the mechanism is
- * CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, then it is possible that
- * the encrypted blob was created with a buggy key generation method
- * which is described in the PKCS 12 implementation notes. So we
- * need to try importing via that method.
- */
- if((mechanism == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC) && (!faulty3DES)) {
- /* clean up after ourselves before redoing the key generation. */
-
- PK11_FreeSymKey(key);
- key = NULL;
-
- if(pbe_param) {
- SECITEM_ZfreeItem(pbe_param, PR_TRUE);
- pbe_param = NULL;
- }
-
- if(crypto_param.data) {
- SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
- crypto_param.data = NULL;
- cryptoMech.pParameter = NULL;
- crypto_param.len = cryptoMech.ulParameterLen = 0;
- }
-
- faulty3DES = PR_TRUE;
- goto try_faulty_3des;
- }
-
- /* key import really did fail */
- rv = SECFailure;
-
-done:
- if(pbe_param != NULL) {
- SECITEM_ZfreeItem(pbe_param, PR_TRUE);
- pbe_param = NULL;
- }
-
- if(crypto_param.data != NULL) {
- SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
- }
-
- if(key != NULL) {
- PK11_FreeSymKey(key);
- }
-
- return rv;
-}
-
-SECKEYPrivateKeyInfo *
-PK11_ExportPrivateKeyInfo(CERTCertificate *cert, void *wincx)
-{
- return NULL;
-}
-
-static int
-pk11_private_key_encrypt_buffer_length(SECKEYPrivateKey *key)
-
-{
- CK_ATTRIBUTE rsaTemplate = { CKA_MODULUS, NULL, 0 };
- CK_ATTRIBUTE dsaTemplate = { CKA_PRIME, NULL, 0 };
- CK_ATTRIBUTE_PTR pTemplate;
- CK_RV crv;
- int length;
-
- if(!key) {
- return -1;
- }
-
- switch (key->keyType) {
- case rsaKey:
- pTemplate = &rsaTemplate;
- break;
- case dsaKey:
- case dhKey:
- pTemplate = &dsaTemplate;
- break;
- case fortezzaKey:
- default:
- pTemplate = NULL;
- }
-
- if(!pTemplate) {
- return -1;
- }
-
- crv = PK11_GetAttributes(NULL, key->pkcs11Slot, key->pkcs11ID,
- pTemplate, 1);
- if(crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
-
- length = pTemplate->ulValueLen;
- length *= 10;
-
- if(pTemplate->pValue != NULL) {
- PORT_Free(pTemplate->pValue);
- }
-
- return length;
-}
-
-SECKEYEncryptedPrivateKeyInfo *
-PK11_ExportEncryptedPrivateKeyInfo(PK11SlotInfo *slot, SECOidTag algTag,
- SECItem *pwitem, CERTCertificate *cert, int iteration, void *wincx)
-{
- SECKEYEncryptedPrivateKeyInfo *epki = NULL;
- SECKEYPrivateKey *pk = NULL;
- PRArenaPool *arena = NULL;
- SECAlgorithmID *algid;
- CK_MECHANISM_TYPE mechanism;
- SECItem *pbe_param = NULL, crypto_param;
- PK11SymKey *key = NULL;
- SECStatus rv = SECSuccess;
- CK_MECHANISM pbeMech, cryptoMech;
- CK_ULONG encBufLenPtr;
- CK_RV crv;
- SECItem encryptedKey = {siBuffer,NULL,0};
- int encryptBufLen;
-
- if(!pwitem)
- return NULL;
-
- crypto_param.data = NULL;
-
- arena = PORT_NewArena(2048);
- epki = (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if(epki == NULL) {
- rv = SECFailure;
- goto loser;
- }
- epki->arena = arena;
-
- pk = PK11_FindKeyByAnyCert(cert, wincx);
- if(pk == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- /* if we didn't specify a slot, use the slot the private key was in */
- if (!slot) {
- slot = pk->pkcs11Slot;
- }
-
- algid = SEC_PKCS5CreateAlgorithmID(algTag, NULL, iteration);
- if(algid == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- mechanism = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
- pbe_param = PK11_ParamFromAlgid(algid);
- pbeMech.mechanism = mechanism;
- pbeMech.pParameter = pbe_param->data;
- pbeMech.ulParameterLen = pbe_param->len;
-
- /* if we specified a different slot, and the private key slot can do the
- * pbe key gen, generate the key in the private key slot so we don't have
- * to move it later */
- if (slot != pk->pkcs11Slot) {
- if (PK11_DoesMechanism(pk->pkcs11Slot,mechanism)) {
- slot = pk->pkcs11Slot;
- }
- }
- key = PK11_RawPBEKeyGen(slot, mechanism, pbe_param, pwitem,
- PR_FALSE, wincx);
-
- if((key == NULL) || (pbe_param == NULL)) {
- rv = SECFailure;
- goto loser;
- }
-
- crv = PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech,
- pwitem, PR_FALSE);
- if(crv != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
- cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMech.mechanism);
- crypto_param.data = (unsigned char *)cryptoMech.pParameter;
- crypto_param.len = cryptoMech.ulParameterLen;
-
-
- encryptBufLen = pk11_private_key_encrypt_buffer_length(pk);
- if(encryptBufLen == -1) {
- rv = SECFailure;
- goto loser;
- }
- encryptedKey.len = (unsigned int)encryptBufLen;
- encBufLenPtr = (CK_ULONG) encryptBufLen;
- encryptedKey.data = (unsigned char *)PORT_ZAlloc(encryptedKey.len);
- if(!encryptedKey.data) {
- rv = SECFailure;
- goto loser;
- }
-
- /* If the key isn't in the private key slot, move it */
- if (key->slot != pk->pkcs11Slot) {
- PK11SymKey *newkey = pk11_CopyToSlot(pk->pkcs11Slot,
- key->type, CKA_WRAP, key);
- if (newkey == NULL) {
- rv= SECFailure;
- goto loser;
- }
-
- /* free the old key and use the new key */
- PK11_FreeSymKey(key);
- key = newkey;
- }
-
- /* we are extracting an encrypted privateKey structure.
- * which needs to be freed along with the buffer into which it is
- * returned. eventually, we should retrieve an encrypted key using
- * pkcs8/pkcs5.
- */
- PK11_EnterSlotMonitor(pk->pkcs11Slot);
- crv = PK11_GETTAB(pk->pkcs11Slot)->C_WrapKey(pk->pkcs11Slot->session,
- &cryptoMech, key->objectID, pk->pkcs11ID, encryptedKey.data,
- &encBufLenPtr);
- PK11_ExitSlotMonitor(pk->pkcs11Slot);
- encryptedKey.len = (unsigned int) encBufLenPtr;
- if(crv != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
-
- if(!encryptedKey.len) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &epki->encryptedData, &encryptedKey);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- rv = SECOID_CopyAlgorithmID(arena, &epki->algorithm, algid);
-
-loser:
- if(pbe_param != NULL) {
- SECITEM_ZfreeItem(pbe_param, PR_TRUE);
- pbe_param = NULL;
- }
-
- if(crypto_param.data != NULL) {
- SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
- crypto_param.data = NULL;
- }
-
- if(key != NULL) {
- PK11_FreeSymKey(key);
- }
-
- if (pk != NULL) {
- SECKEY_DestroyPrivateKey(pk);
- }
-
- if(rv == SECFailure) {
- if(arena != NULL) {
- PORT_FreeArena(arena, PR_TRUE);
- }
- epki = NULL;
- }
-
- return epki;
-}
-
-
-/*
- * This is required to allow FORTEZZA_NULL and FORTEZZA_RC4
- * working. This function simply gets a valid IV for the keys.
- */
-SECStatus
-PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len)
-{
- CK_MECHANISM mech_info;
- CK_ULONG count = 0;
- CK_RV crv;
- SECStatus rv = SECFailure;
-
- mech_info.mechanism = CKM_SKIPJACK_CBC64;
- mech_info.pParameter = iv;
- mech_info.ulParameterLen = len;
-
- /* generate the IV for fortezza */
- PK11_EnterSlotMonitor(symKey->slot);
- crv=PK11_GETTAB(symKey->slot)->C_EncryptInit(symKey->slot->session,
- &mech_info, symKey->objectID);
- if (crv == CKR_OK) {
- PK11_GETTAB(symKey->slot)->C_EncryptFinal(symKey->slot->session,
- NULL, &count);
- rv = SECSuccess;
- }
- PK11_ExitSlotMonitor(symKey->slot);
- return rv;
-}
-
-SECKEYPrivateKey *
-PK11_UnwrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
- CK_MECHANISM_TYPE wrapType, SECItem *param,
- SECItem *wrappedKey, SECItem *label,
- SECItem *idValue, PRBool perm, PRBool sensitive,
- CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
- void *wincx)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
- CK_ATTRIBUTE keyTemplate[15] ;
- int templateCount = 0;
- CK_OBJECT_HANDLE privKeyID;
- CK_MECHANISM mechanism;
- CK_ATTRIBUTE *attrs = keyTemplate;
- SECItem *param_free = NULL, *ck_id;
- CK_RV crv;
- CK_SESSION_HANDLE rwsession;
- PK11SymKey *newKey = NULL;
- int i;
-
- if(!slot || !wrappedKey || !idValue) {
- /* SET AN ERROR!!! */
- return NULL;
- }
-
- ck_id = PK11_MakeIDFromPubKey(idValue);
- if(!ck_id) {
- return NULL;
- }
-
- PK11_SETATTRS(attrs, CKA_TOKEN, perm ? &cktrue : &ckfalse,
- sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType)); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
- sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse,
- sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_LABEL, label->data, label->len); attrs++;
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len); attrs++;
- for (i=0; i < usageCount; i++) {
- PK11_SETATTRS(attrs, usage[i], &cktrue, sizeof(cktrue)); attrs++;
- }
-
- if (PK11_IsInternal(slot)) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_DB, idValue->data,
- idValue->len); attrs++;
- }
-
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= (sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE)) );
-
- mechanism.mechanism = wrapType;
- if(!param) param = param_free= PK11_ParamFromIV(wrapType, NULL);
- if(param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
-
- if (wrappingKey->slot != slot) {
- newKey = pk11_CopyToSlot(slot,wrapType,CKA_WRAP,wrappingKey);
- } else {
- newKey = PK11_ReferenceSymKey(wrappingKey);
- }
-
- if (newKey) {
- if (perm) {
- rwsession = PK11_GetRWSession(slot);
- } else {
- rwsession = slot->session;
- }
- crv = PK11_GETTAB(slot)->C_UnwrapKey(rwsession, &mechanism,
- newKey->objectID,
- wrappedKey->data,
- wrappedKey->len, keyTemplate,
- templateCount, &privKeyID);
-
- if (perm) PK11_RestoreROSession(slot, rwsession);
- PK11_FreeSymKey(newKey);
- } else {
- crv = CKR_FUNCTION_NOT_SUPPORTED;
- }
-
- if(ck_id) {
- SECITEM_FreeItem(ck_id, PR_TRUE);
- ck_id = NULL;
- }
-
- if (crv != CKR_OK) {
- /* we couldn't unwrap the key, use the internal module to do the
- * unwrap, then load the new key into the token */
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- if (int_slot && (slot != int_slot)) {
- SECKEYPrivateKey *privKey = PK11_UnwrapPrivKey(int_slot,
- wrappingKey, wrapType, param, wrappedKey, label,
- idValue, PR_FALSE, PR_FALSE,
- keyType, usage, usageCount, wincx);
- if (privKey) {
- SECKEYPrivateKey *newPrivKey = pk11_loadPrivKey(slot,privKey,
- NULL,perm,sensitive);
- SECKEY_DestroyPrivateKey(privKey);
- PK11_FreeSlot(int_slot);
- return newPrivKey;
- }
- }
- if (int_slot) PK11_FreeSlot(int_slot);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
- return PK11_MakePrivKey(slot, nullKey, PR_FALSE, privKeyID, wincx);
-}
-
-#define ALLOC_BLOCK 10
-
-/*
- * Now we're going to wrap a SECKEYPrivateKey with a PK11SymKey
- * The strategy is to get both keys to reside in the same slot,
- * one that can perform the desired crypto mechanism and then
- * call C_WrapKey after all the setup has taken place.
- */
-SECStatus
-PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
- SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey, void *wincx)
-{
- PK11SlotInfo *privSlot = privKey->pkcs11Slot; /* The slot where
- * the private key
- * we are going to
- * wrap lives.
- */
- PK11SymKey *newSymKey = NULL;
- SECKEYPrivateKey *newPrivKey = NULL;
- SECItem *param_free = NULL;
- CK_ULONG len = wrappedKey->len;
- CK_MECHANISM mech;
- CK_RV crv;
-
- if (!privSlot || !PK11_DoesMechanism(privSlot, wrapType)) {
- /* Figure out a slot that does the mechanism and try to import
- * the private key onto that slot.
- */
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- privSlot = int_slot; /* The private key has a new home */
- newPrivKey = pk11_loadPrivKey(privSlot,privKey,NULL,PR_FALSE,PR_FALSE);
- /* newPrivKey has allocated its own reference to the slot, so it's
- * safe until we destroy newPrivkey.
- */
- PK11_FreeSlot(int_slot);
- if (newPrivKey == NULL) {
- return SECFailure;
- }
- privKey = newPrivKey;
- }
-
- if (privSlot != wrappingKey->slot) {
- newSymKey = pk11_CopyToSlot (privSlot, wrapType, CKA_WRAP,
- wrappingKey);
- wrappingKey = newSymKey;
- }
-
- if (wrappingKey == NULL) {
- if (newPrivKey) {
- SECKEY_DestroyPrivateKey(newPrivKey);
- }
- return SECFailure;
- }
- mech.mechanism = wrapType;
- if (!param) {
- param = param_free = PK11_ParamFromIV(wrapType, NULL);
- }
- if (param) {
- mech.pParameter = param->data;
- mech.ulParameterLen = param->len;
- } else {
- mech.pParameter = NULL;
- mech.ulParameterLen = 0;
- }
-
- PK11_EnterSlotMonitor(privSlot);
- crv = PK11_GETTAB(privSlot)->C_WrapKey(privSlot->session, &mech,
- wrappingKey->objectID,
- privKey->pkcs11ID,
- wrappedKey->data, &len);
- PK11_ExitSlotMonitor(privSlot);
-
- if (newSymKey) {
- PK11_FreeSymKey(newSymKey);
- }
- if (newPrivKey) {
- SECKEY_DestroyPrivateKey(newPrivKey);
- }
- if (param_free) {
- SECITEM_FreeItem(param_free,PR_TRUE);
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- wrappedKey->len = len;
- return SECSuccess;
-}
-
-void
-PK11_SetFortezzaHack(PK11SymKey *symKey) {
- symKey->origin = PK11_OriginFortezzaHack;
-}
-
-SECItem*
-PK11_DEREncodePublicKey(SECKEYPublicKey *pubk)
-{
- CERTSubjectPublicKeyInfo *spki=NULL;
- SECItem *spkiDER = NULL;
-
- if( pubk == NULL ) {
- return NULL;
- }
-
- /* get the subjectpublickeyinfo */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if( spki == NULL ) {
- goto finish;
- }
-
- /* DER-encode the subjectpublickeyinfo */
- spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL/*dest*/, spki,
- CERT_SubjectPublicKeyInfoTemplate);
-
-finish:
- return spkiDER;
-}
-
-PK11SymKey*
-PK11_CopySymKeyForSigning(PK11SymKey *originalKey, CK_MECHANISM_TYPE mech)
-{
- CK_RV crv;
- CK_ATTRIBUTE setTemplate;
- CK_BBOOL ckTrue = CK_TRUE;
- PK11SlotInfo *slot = originalKey->slot;
-
- /* first just try to set this key up for signing */
- PK11_SETATTRS(&setTemplate, CKA_SIGN, &ckTrue, sizeof(ckTrue));
- pk11_EnterKeyMonitor(originalKey);
- crv = PK11_GETTAB(slot)-> C_SetAttributeValue(originalKey->session,
- originalKey->objectID, &setTemplate, 1);
- pk11_ExitKeyMonitor(originalKey);
- if (crv == CKR_OK) {
- return PK11_ReferenceSymKey(originalKey);
- }
-
- /* nope, doesn't like it, use the pk11 copy object command */
- return pk11_CopyToSlot(slot, mech, CKA_SIGN, originalKey);
-}
-
-char *
-PK11_GetSymKeyNickname(PK11SymKey *symKey)
-{
- return PK11_GetObjectNickname(symKey->slot,symKey->objectID);
-}
-
-char *
-PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey)
-{
- return PK11_GetObjectNickname(privKey->pkcs11Slot,privKey->pkcs11ID);
-}
-
-char *
-PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey)
-{
- return PK11_GetObjectNickname(pubKey->pkcs11Slot,pubKey->pkcs11ID);
-}
-
-SECStatus
-PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname)
-{
- return PK11_SetObjectNickname(symKey->slot,symKey->objectID,nickname);
-}
-
-SECStatus
-PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, const char *nickname)
-{
- return PK11_SetObjectNickname(privKey->pkcs11Slot,
- privKey->pkcs11ID,nickname);
-}
-
-SECStatus
-PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey, const char *nickname)
-{
- return PK11_SetObjectNickname(pubKey->pkcs11Slot,
- pubKey->pkcs11ID,nickname);
-}
-
-SECKEYPQGParams *
-PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey)
-{
- CK_ATTRIBUTE pTemplate[] = {
- { CKA_PRIME, NULL, 0 },
- { CKA_SUBPRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- };
- int pTemplateLen = sizeof(pTemplate)/sizeof(pTemplate[0]);
- PRArenaPool *arena = NULL;
- SECKEYPQGParams *params;
- CK_RV crv;
-
-
- arena = PORT_NewArena(2048);
- if (arena == NULL) {
- goto loser;
- }
- params=(SECKEYPQGParams *)PORT_ArenaZAlloc(arena,sizeof(SECKEYPQGParams));
- if (params == NULL) {
- goto loser;
- }
-
- crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID,
- pTemplate, pTemplateLen);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
- params->arena = arena;
- params->prime.data = pTemplate[0].pValue;
- params->prime.len = pTemplate[0].ulValueLen;
- params->subPrime.data = pTemplate[1].pValue;
- params->subPrime.len = pTemplate[1].ulValueLen;
- params->base.data = pTemplate[2].pValue;
- params->base.len = pTemplate[2].ulValueLen;
-
- return params;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- }
- return NULL;
-}
-
-PK11SymKey *
-PK11_GetNextSymKey(PK11SymKey *symKey)
-{
- return symKey ? symKey->next : NULL;
-}
-
-
-SECKEYPrivateKey*
-PK11_ConvertSessionPrivKeyToTokenPrivKey(SECKEYPrivateKey *privk, void* wincx)
-{
- PK11SlotInfo* slot = privk->pkcs11Slot;
- CK_ATTRIBUTE template[1];
- CK_ATTRIBUTE *attrs = template;
- CK_BBOOL cktrue = CK_TRUE;
- CK_RV crv;
- CK_OBJECT_HANDLE newKeyID;
- SECKEYPrivateKey *newKey=NULL;
- CK_SESSION_HANDLE rwsession;
-
- PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++;
-
- PK11_Authenticate(slot, PR_TRUE, wincx);
- rwsession = PK11_GetRWSession(slot);
- crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, privk->pkcs11ID,
- template, 1, &newKeyID);
- PK11_RestoreROSession(slot, rwsession);
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- return PK11_MakePrivKey(slot, nullKey /*KeyType*/, PR_FALSE /*isTemp*/,
- newKeyID, NULL /*wincx*/);
-}
-
-PK11SymKey*
-PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk, void *wincx)
-{
- PK11SlotInfo* slot = symk->slot;
- CK_ATTRIBUTE template[1];
- CK_ATTRIBUTE *attrs = template;
- CK_BBOOL cktrue = CK_TRUE;
- CK_RV crv;
- CK_OBJECT_HANDLE newKeyID;
- PK11SymKey *newKey=NULL;
- CK_SESSION_HANDLE rwsession;
-
- PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++;
-
- PK11_Authenticate(slot, PR_TRUE, wincx);
- rwsession = PK11_GetRWSession(slot);
- crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, symk->objectID,
- template, 1, &newKeyID);
- PK11_RestoreROSession(slot, rwsession);
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- return PK11_SymKeyFromHandle(slot, NULL /*parent*/, symk->origin,
- symk->type, newKeyID, PR_FALSE /*owner*/, NULL /*wincx*/);
-}
diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
deleted file mode 100644
index 74816b485..000000000
--- a/security/nss/lib/pk11wrap/pk11slot.c
+++ /dev/null
@@ -1,4776 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Deal with PKCS #11 Slots.
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11t.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "key.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "secerr.h"
-/*#include "secpkcs5.h" */
-
-#include "dev.h"
-#include "dev3hack.h"
-#include "pki3hack.h"
-#include "pkim.h"
-
-
-/*************************************************************
- * local static and global data
- *************************************************************/
-
-/*
- * This array helps parsing between names, mechanisms, and flags.
- * to make the config files understand more entries, add them
- * to this table. (NOTE: we need function to export this table and it's size)
- */
-PK11DefaultArrayEntry PK11_DefaultArray[] = {
- { "RSA", SECMOD_RSA_FLAG, CKM_RSA_PKCS },
- { "DSA", SECMOD_DSA_FLAG, CKM_DSA },
- { "DH", SECMOD_DH_FLAG, CKM_DH_PKCS_DERIVE },
- { "RC2", SECMOD_RC2_FLAG, CKM_RC2_CBC },
- { "RC4", SECMOD_RC4_FLAG, CKM_RC4 },
- { "DES", SECMOD_DES_FLAG, CKM_DES_CBC },
- { "AES", SECMOD_AES_FLAG, CKM_AES_CBC },
- { "RC5", SECMOD_RC5_FLAG, CKM_RC5_CBC },
- { "SHA-1", SECMOD_SHA1_FLAG, CKM_SHA_1 },
- { "SHA256", SECMOD_SHA256_FLAG, CKM_SHA256 },
-/* { "SHA384", SECMOD_SHA512_FLAG, CKM_SHA384 }, */
- { "SHA512", SECMOD_SHA512_FLAG, CKM_SHA512 },
- { "MD5", SECMOD_MD5_FLAG, CKM_MD5 },
- { "MD2", SECMOD_MD2_FLAG, CKM_MD2 },
- { "SSL", SECMOD_SSL_FLAG, CKM_SSL3_PRE_MASTER_KEY_GEN },
- { "TLS", SECMOD_TLS_FLAG, CKM_TLS_MASTER_KEY_DERIVE },
- { "SKIPJACK", SECMOD_FORTEZZA_FLAG, CKM_SKIPJACK_CBC64 },
- { "Publicly-readable certs", SECMOD_FRIENDLY_FLAG, CKM_INVALID_MECHANISM },
- { "Random Num Generator", SECMOD_RANDOM_FLAG, CKM_FAKE_RANDOM },
-};
-const int num_pk11_default_mechanisms =
- sizeof(PK11_DefaultArray) / sizeof(PK11_DefaultArray[0]);
-
-PK11DefaultArrayEntry *
-PK11_GetDefaultArray(int *size)
-{
- if (size) {
- *size = num_pk11_default_mechanisms;
- }
- return PK11_DefaultArray;
-}
-
-/*
- * These slotlists are lists of modules which provide default support for
- * a given algorithm or mechanism.
- */
-static PK11SlotList pk11_aesSlotList,
- pk11_desSlotList,
- pk11_rc4SlotList,
- pk11_rc2SlotList,
- pk11_rc5SlotList,
- pk11_sha1SlotList,
- pk11_md5SlotList,
- pk11_md2SlotList,
- pk11_rsaSlotList,
- pk11_dsaSlotList,
- pk11_dhSlotList,
- pk11_ecSlotList,
- pk11_ideaSlotList,
- pk11_sslSlotList,
- pk11_tlsSlotList,
- pk11_randomSlotList,
- pk11_sha256SlotList,
- pk11_sha512SlotList; /* slots do SHA512 and SHA384 */
-
-/*
- * Tables used for Extended mechanism mapping (currently not used)
- */
-typedef struct {
- CK_MECHANISM_TYPE keyGen;
- CK_KEY_TYPE keyType;
- CK_MECHANISM_TYPE type;
- int blockSize;
- int iv;
-} pk11MechanismData;
-
-static pk11MechanismData pk11_default =
- { CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET, CKM_FAKE_RANDOM, 8, 8 };
-static pk11MechanismData *pk11_MechanismTable = NULL;
-static int pk11_MechTableSize = 0;
-static int pk11_MechEntrySize = 0;
-
-/*
- * list of mechanisms we're willing to wrap secret keys with.
- * This list is ordered by preference.
- */
-CK_MECHANISM_TYPE wrapMechanismList[] = {
- CKM_DES3_ECB,
- CKM_CAST5_ECB,
- CKM_AES_ECB,
- CKM_CAST5_ECB,
- CKM_DES_ECB,
- CKM_KEY_WRAP_LYNKS,
- CKM_IDEA_ECB,
- CKM_CAST3_ECB,
- CKM_CAST_ECB,
- CKM_RC5_ECB,
- CKM_RC2_ECB,
- CKM_CDMF_ECB,
- CKM_SKIPJACK_WRAP,
-};
-
-int wrapMechanismCount = sizeof(wrapMechanismList)/sizeof(wrapMechanismList[0]);
-
-/*
- * This structure keeps track of status that spans all the Slots.
- * NOTE: This is a global data structure. It semantics expect thread crosstalk
- * be very careful when you see it used.
- * It's major purpose in life is to allow the user to log in one PER
- * Tranaction, even if a transaction spans threads. The problem is the user
- * may have to enter a password one just to be able to look at the
- * personalities/certificates (s)he can use. Then if Auth every is one, they
- * may have to enter the password again to use the card. See PK11_StartTransac
- * and PK11_EndTransaction.
- */
-static struct PK11GlobalStruct {
- int transaction;
- PRBool inTransaction;
- char *(PR_CALLBACK *getPass)(PK11SlotInfo *,PRBool,void *);
- PRBool (PR_CALLBACK *verifyPass)(PK11SlotInfo *,void *);
- PRBool (PR_CALLBACK *isLoggedIn)(PK11SlotInfo *,void *);
-} PK11_Global = { 1, PR_FALSE, NULL, NULL, NULL };
-
-/************************************************************
- * Generic Slot List and Slot List element manipulations
- ************************************************************/
-
-/*
- * allocate a new list
- */
-PK11SlotList *
-PK11_NewSlotList(void)
-{
- PK11SlotList *list;
-
- list = (PK11SlotList *)PORT_Alloc(sizeof(PK11SlotList));
- if (list == NULL) return NULL;
- list->head = NULL;
- list->tail = NULL;
-#ifdef PKCS11_USE_THREADS
- list->lock = PZ_NewLock(nssILockList);
- if (list->lock == NULL) {
- PORT_Free(list);
- return NULL;
- }
-#else
- list->lock = NULL;
-#endif
-
- return list;
-}
-
-/*
- * free a list element when all the references go away.
- */
-static void
-pk11_FreeListElement(PK11SlotList *list, PK11SlotListElement *le)
-{
- PRBool freeit = PR_FALSE;
-
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- if (le->refCount-- == 1) {
- freeit = PR_TRUE;
- }
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- if (freeit) {
- PK11_FreeSlot(le->slot);
- PORT_Free(le);
- }
-}
-
-/*
- * if we are freeing the list, we must be the only ones with a pointer
- * to the list.
- */
-void
-PK11_FreeSlotList(PK11SlotList *list)
-{
- PK11SlotListElement *le, *next ;
- if (list == NULL) return;
-
- for (le = list->head ; le; le = next) {
- next = le->next;
- pk11_FreeListElement(list,le);
- }
- PK11_USE_THREADS(PZ_DestroyLock((PZLock *)(list->lock));)
- PORT_Free(list);
-}
-
-/*
- * add a slot to a list
- */
-SECStatus
-PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
-{
- PK11SlotListElement *le;
-
- le = (PK11SlotListElement *) PORT_Alloc(sizeof(PK11SlotListElement));
- if (le == NULL) return SECFailure;
-
- le->slot = PK11_ReferenceSlot(slot);
- le->prev = NULL;
- le->refCount = 1;
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- if (list->head) list->head->prev = le; else list->tail = le;
- le->next = list->head;
- list->head = le;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-
- return SECSuccess;
-}
-
-/*
- * remove a slot entry from the list
- */
-SECStatus
-PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le)
-{
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- if (le->prev) le->prev->next = le->next; else list->head = le->next;
- if (le->next) le->next->prev = le->prev; else list->tail = le->prev;
- le->next = le->prev = NULL;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- pk11_FreeListElement(list,le);
- return SECSuccess;
-}
-
-/*
- * Move a list to the end of the target list. NOTE: There is no locking
- * here... This assumes BOTH lists are private copy lists.
- */
-SECStatus
-PK11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
-{
- if (src->head == NULL) return SECSuccess;
-
- if (target->tail == NULL) {
- target->head = src->head;
- } else {
- target->tail->next = src->head;
- }
- src->head->prev = target->tail;
- target->tail = src->tail;
- src->head = src->tail = NULL;
- return SECSuccess;
-}
-
-/*
- * get an element from the list with a reference. You must own the list.
- */
-PK11SlotListElement *
-PK11_GetFirstRef(PK11SlotList *list)
-{
- PK11SlotListElement *le;
-
- le = list->head;
- if (le != NULL) (le)->refCount++;
- return le;
-}
-
-/*
- * get the next element from the list with a reference. You must own the list.
- */
-PK11SlotListElement *
-PK11_GetNextRef(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
-{
- PK11SlotListElement *new_le;
- new_le = le->next;
- if (new_le) new_le->refCount++;
- pk11_FreeListElement(list,le);
- return new_le;
-}
-
-/*
- * get an element safely from the list. This just makes sure that if
- * this element is not deleted while we deal with it.
- */
-PK11SlotListElement *
-PK11_GetFirstSafe(PK11SlotList *list)
-{
- PK11SlotListElement *le;
-
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- le = list->head;
- if (le != NULL) (le)->refCount++;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- return le;
-}
-
-/*
- * NOTE: if this element gets deleted, we can no longer safely traverse using
- * it's pointers. We can either terminate the loop, or restart from the
- * beginning. This is controlled by the restart option.
- */
-PK11SlotListElement *
-PK11_GetNextSafe(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
-{
- PK11SlotListElement *new_le;
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- new_le = le->next;
- if (le->next == NULL) {
- /* if the prev and next fields are NULL then either this element
- * has been removed and we need to walk the list again (if restart
- * is true) or this was the only element on the list */
- if ((le->prev == NULL) && restart && (list->head != le)) {
- new_le = list->head;
- }
- }
- if (new_le) new_le->refCount++;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- pk11_FreeListElement(list,le);
- return new_le;
-}
-
-
-/*
- * Find the element that holds this slot
- */
-PK11SlotListElement *
-PK11_FindSlotElement(PK11SlotList *list,PK11SlotInfo *slot)
-{
- PK11SlotListElement *le;
-
- for (le = PK11_GetFirstSafe(list); le;
- le = PK11_GetNextSafe(list,le,PR_TRUE)) {
- if (le->slot == slot) return le;
- }
- return NULL;
-}
-
-/************************************************************
- * Generic Slot Utilities
- ************************************************************/
-/*
- * Create a new slot structure
- */
-PK11SlotInfo *
-PK11_NewSlotInfo(void)
-{
- PK11SlotInfo *slot;
-
- slot = (PK11SlotInfo *)PORT_Alloc(sizeof(PK11SlotInfo));
- if (slot == NULL) return slot;
-
-#ifdef PKCS11_USE_THREADS
- slot->refLock = PZ_NewLock(nssILockSlot);
- if (slot->refLock == NULL) {
- PORT_Free(slot);
- return slot;
- }
- slot->sessionLock = PZ_NewLock(nssILockSession);
- if (slot->sessionLock == NULL) {
- PZ_DestroyLock(slot->refLock);
- PORT_Free(slot);
- return slot;
- }
- slot->freeListLock = PZ_NewLock(nssILockFreelist);
- if (slot->freeListLock == NULL) {
- PZ_DestroyLock(slot->sessionLock);
- PZ_DestroyLock(slot->refLock);
- PORT_Free(slot);
- return slot;
- }
-#else
- slot->sessionLock = NULL;
- slot->refLock = NULL;
- slot->freeListLock = NULL;
-#endif
- slot->freeSymKeysHead = NULL;
- slot->keyCount = 0;
- slot->maxKeyCount = 0;
- slot->functionList = NULL;
- slot->needTest = PR_TRUE;
- slot->isPerm = PR_FALSE;
- slot->isHW = PR_FALSE;
- slot->isInternal = PR_FALSE;
- slot->isThreadSafe = PR_FALSE;
- slot->disabled = PR_FALSE;
- slot->series = 1;
- slot->wrapKey = 0;
- slot->wrapMechanism = CKM_INVALID_MECHANISM;
- slot->refKeys[0] = CK_INVALID_HANDLE;
- slot->reason = PK11_DIS_NONE;
- slot->readOnly = PR_TRUE;
- slot->needLogin = PR_FALSE;
- slot->hasRandom = PR_FALSE;
- slot->defRWSession = PR_FALSE;
- slot->protectedAuthPath = PR_FALSE;
- slot->flags = 0;
- slot->session = CK_INVALID_SESSION;
- slot->slotID = 0;
- slot->defaultFlags = 0;
- slot->refCount = 1;
- slot->askpw = 0;
- slot->timeout = 0;
- slot->mechanismList = NULL;
- slot->mechanismCount = 0;
- slot->cert_array = NULL;
- slot->cert_count = 0;
- slot->slot_name[0] = 0;
- slot->token_name[0] = 0;
- PORT_Memset(slot->serial,' ',sizeof(slot->serial));
- slot->module = NULL;
- slot->authTransact = 0;
- slot->authTime = LL_ZERO;
- slot->minPassword = 0;
- slot->maxPassword = 0;
- slot->hasRootCerts = PR_FALSE;
- slot->nssToken = NULL;
- return slot;
-}
-
-/* create a new reference to a slot so it doesn't go away */
-PK11SlotInfo *
-PK11_ReferenceSlot(PK11SlotInfo *slot)
-{
- PK11_USE_THREADS(PZ_Lock(slot->refLock);)
- slot->refCount++;
- PK11_USE_THREADS(PZ_Unlock(slot->refLock);)
- return slot;
-}
-
-/* Destroy all info on a slot we have built up */
-void
-PK11_DestroySlot(PK11SlotInfo *slot)
-{
- /* first free up all the sessions on this slot */
- if (slot->functionList) {
- PK11_GETTAB(slot)->C_CloseAllSessions(slot->slotID);
- }
-
- /* free up the cached keys and sessions */
- PK11_CleanKeyList(slot);
-
- if (slot->mechanismList) {
- PORT_Free(slot->mechanismList);
- }
-
- /* finally Tell our parent module that we've gone away so it can unload */
- if (slot->module) {
- SECMOD_SlotDestroyModule(slot->module,PR_TRUE);
- }
-#ifdef PKCS11_USE_THREADS
- if (slot->refLock) {
- PZ_DestroyLock(slot->refLock);
- slot->refLock = NULL;
- }
- if (slot->sessionLock) {
- PZ_DestroyLock(slot->sessionLock);
- slot->sessionLock = NULL;
- }
- if (slot->freeListLock) {
- PZ_DestroyLock(slot->freeListLock);
- slot->freeListLock = NULL;
- }
-#endif
-
- /* ok, well not quit finally... now we free the memory */
- PORT_Free(slot);
-}
-
-
-/* We're all done with the slot, free it */
-void
-PK11_FreeSlot(PK11SlotInfo *slot)
-{
- PRBool freeit = PR_FALSE;
-
- PK11_USE_THREADS(PZ_Lock(slot->refLock);)
- if (slot->refCount-- == 1) freeit = PR_TRUE;
- PK11_USE_THREADS(PZ_Unlock(slot->refLock);)
-
- if (freeit) PK11_DestroySlot(slot);
-}
-
-void
-PK11_EnterSlotMonitor(PK11SlotInfo *slot) {
- PZ_Lock(slot->sessionLock);
-}
-
-void
-PK11_ExitSlotMonitor(PK11SlotInfo *slot) {
- PZ_Unlock(slot->sessionLock);
-}
-
-/***********************************************************
- * Functions to find specific slots.
- ***********************************************************/
-PRBool
-SECMOD_HasRootCerts(void)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
- PRBool found = PR_FALSE;
-
- /* work through all the slots */
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *tmpSlot = mlp->module->slots[i];
- if (PK11_IsPresent(tmpSlot)) {
- if (tmpSlot->hasRootCerts) {
- found = PR_TRUE;
- break;
- }
- }
- }
- if (found) break;
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- return found;
-}
-
-/***********************************************************
- * Functions to find specific slots.
- ***********************************************************/
-PK11SlotInfo *
-PK11_FindSlotByName(char *name)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
- PK11SlotInfo *slot = NULL;
-
- if ((name == NULL) || (*name == 0)) {
- return PK11_GetInternalKeySlot();
- }
-
- /* work through all the slots */
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *tmpSlot = mlp->module->slots[i];
- if (PK11_IsPresent(tmpSlot)) {
- if (PORT_Strcmp(tmpSlot->token_name,name) == 0) {
- slot = PK11_ReferenceSlot(tmpSlot);
- break;
- }
- }
- }
- if (slot != NULL) break;
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- if (slot == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- }
-
- return slot;
-}
-
-
-PK11SlotInfo *
-PK11_FindSlotBySerial(char *serial)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
- PK11SlotInfo *slot = NULL;
-
- /* work through all the slots */
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *tmpSlot = mlp->module->slots[i];
- if (PK11_IsPresent(tmpSlot)) {
- if (PORT_Memcmp(tmpSlot->serial,serial,
- sizeof(tmpSlot->serial)) == 0) {
- slot = PK11_ReferenceSlot(tmpSlot);
- break;
- }
- }
- }
- if (slot != NULL) break;
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- if (slot == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- }
-
- return slot;
-}
-
-
-
-
-/***********************************************************
- * Password Utilities
- ***********************************************************/
-/*
- * Check the user's password. Log into the card if it's correct.
- * succeed if the user is already logged in.
- */
-SECStatus
-pk11_CheckPassword(PK11SlotInfo *slot,char *pw)
-{
- int len = PORT_Strlen(pw);
- CK_RV crv;
- SECStatus rv;
- int64 currtime = PR_Now();
-
- if (slot->protectedAuthPath) {
- len = 0;
- pw = NULL;
- }
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
- (unsigned char *)pw,len);
- slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
- switch (crv) {
- /* if we're already logged in, we're good to go */
- case CKR_OK:
- slot->authTransact = PK11_Global.transaction;
- case CKR_USER_ALREADY_LOGGED_IN:
- slot->authTime = currtime;
- rv = SECSuccess;
- break;
- case CKR_PIN_INCORRECT:
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
- break;
- default:
- PORT_SetError(PK11_MapError(crv));
- rv = SECFailure; /* some failure we can't fix by retrying */
- }
- return rv;
-}
-
-/*
- * Check the user's password. Logout before hand to make sure that
- * we are really checking the password.
- */
-SECStatus
-PK11_CheckUserPassword(PK11SlotInfo *slot,char *pw)
-{
- int len = PORT_Strlen(pw);
- CK_RV crv;
- SECStatus rv;
- int64 currtime = PR_Now();
-
- if (slot->protectedAuthPath) {
- len = 0;
- pw = NULL;
- }
-
- /* force a logout */
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Logout(slot->session);
-
- crv = PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
- (unsigned char *)pw,len);
- slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
- switch (crv) {
- /* if we're already logged in, we're good to go */
- case CKR_OK:
- slot->authTransact = PK11_Global.transaction;
- slot->authTime = currtime;
- rv = SECSuccess;
- break;
- case CKR_PIN_INCORRECT:
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
- break;
- default:
- PORT_SetError(PK11_MapError(crv));
- rv = SECFailure; /* some failure we can't fix by retrying */
- }
- return rv;
-}
-
-SECStatus
-PK11_Logout(PK11SlotInfo *slot)
-{
- CK_RV crv;
-
- /* force a logout */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_Logout(slot->session);
- slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * transaction stuff is for when we test for the need to do every
- * time auth to see if we already did it for this slot/transaction
- */
-void PK11_StartAuthTransaction(void)
-{
-PK11_Global.transaction++;
-PK11_Global.inTransaction = PR_TRUE;
-}
-
-void PK11_EndAuthTransaction(void)
-{
-PK11_Global.transaction++;
-PK11_Global.inTransaction = PR_FALSE;
-}
-
-/*
- * before we do a private key op, we check to see if we
- * need to reauthenticate.
- */
-void
-PK11_HandlePasswordCheck(PK11SlotInfo *slot,void *wincx)
-{
- int askpw = slot->askpw;
- PRBool NeedAuth = PR_FALSE;
-
- if (!slot->needLogin) return;
-
- if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
- PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
- if (def_slot) {
- askpw = def_slot->askpw;
- PK11_FreeSlot(def_slot);
- }
- }
-
- /* timeouts are handled by isLoggedIn */
- if (!PK11_IsLoggedIn(slot,wincx)) {
- NeedAuth = PR_TRUE;
- } else if (askpw == -1) {
- if (!PK11_Global.inTransaction ||
- (PK11_Global.transaction != slot->authTransact)) {
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Logout(slot->session);
- slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
- NeedAuth = PR_TRUE;
- }
- }
- if (NeedAuth) PK11_DoPassword(slot,PR_TRUE,wincx);
-}
-
-void
-PK11_SlotDBUpdate(PK11SlotInfo *slot)
-{
- SECMOD_UpdateModule(slot->module);
-}
-
-/*
- * set new askpw and timeout values
- */
-void
-PK11_SetSlotPWValues(PK11SlotInfo *slot,int askpw, int timeout)
-{
- slot->askpw = askpw;
- slot->timeout = timeout;
- slot->defaultFlags |= PK11_OWN_PW_DEFAULTS;
- PK11_SlotDBUpdate(slot);
-}
-
-/*
- * Get the askpw and timeout values for this slot
- */
-void
-PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout)
-{
- *askpw = slot->askpw;
- *timeout = slot->timeout;
-
- if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
- PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
- if (def_slot) {
- *askpw = def_slot->askpw;
- *timeout = def_slot->timeout;
- PK11_FreeSlot(def_slot);
- }
- }
-}
-
-/*
- * make sure a slot is authenticated...
- */
-SECStatus
-PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx) {
- if (slot->needLogin && !PK11_IsLoggedIn(slot,wincx)) {
- return PK11_DoPassword(slot,loadCerts,wincx);
- }
- return SECSuccess;
-}
-
-/*
- * notification stub. If we ever get interested in any events that
- * the pkcs11 functions may pass back to use, we can catch them here...
- * currently pdata is a slotinfo structure.
- */
-CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
- CK_VOID_PTR pdata)
-{
- return CKR_OK;
-}
-
-
-/*
- * grab a new RW session
- * !!! has a side effect of grabbing the Monitor if either the slot's default
- * session is RW or the slot is not thread safe. Monitor is release in function
- * below
- */
-CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot)
-{
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
-
- if (!slot->isThreadSafe || slot->defRWSession) PK11_EnterSlotMonitor(slot);
- if (slot->defRWSession) return slot->session;
-
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- CKF_RW_SESSION|CKF_SERIAL_SESSION,
- slot, pk11_notify,&rwsession);
- if (crv == CKR_SESSION_COUNT) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- CKF_RW_SESSION|CKF_SERIAL_SESSION,
- slot,pk11_notify,&rwsession);
- }
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- if (slot->session == CK_INVALID_SESSION) {
- PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return CK_INVALID_SESSION;
- }
-
- return rwsession;
-}
-
-PRBool
-PK11_RWSessionHasLock(PK11SlotInfo *slot,CK_SESSION_HANDLE session_handle) {
- return (PRBool)(!slot->isThreadSafe || slot->defRWSession);
-}
-
-/*
- * close the rwsession and restore our readonly session
- * !!! has a side effect of releasing the Monitor if either the slot's default
- * session is RW or the slot is not thread safe.
- */
-void
-PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession)
-{
- if (slot->defRWSession) {
- PK11_ExitSlotMonitor(slot);
- return;
- }
- PK11_GETTAB(slot)->C_CloseSession(rwsession);
- if (slot->session == CK_INVALID_SESSION) {
- PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-}
-
-/*
- * NOTE: this assumes that we are logged out of the card before hand
- */
-SECStatus
-PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw)
-{
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
- SECStatus rv = SECFailure;
- int len = PORT_Strlen(ssopw);
-
- /* get a rwsession */
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) return rv;
-
- if (slot->protectedAuthPath) {
- len = 0;
- ssopw = NULL;
- }
-
- /* check the password */
- crv = PK11_GETTAB(slot)->C_Login(rwsession,CKU_SO,
- (unsigned char *)ssopw,len);
- slot->lastLoginCheck = 0;
- switch (crv) {
- /* if we're already logged in, we're good to go */
- case CKR_OK:
- rv = SECSuccess;
- break;
- case CKR_PIN_INCORRECT:
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
- break;
- default:
- PORT_SetError(PK11_MapError(crv));
- rv = SECFailure; /* some failure we can't fix by retrying */
- }
- PK11_GETTAB(slot)->C_Logout(rwsession);
- slot->lastLoginCheck = 0;
-
- /* release rwsession */
- PK11_RestoreROSession(slot,rwsession);
- return rv;
-}
-
-/*
- * make sure the password conforms to your token's requirements.
- */
-SECStatus
-PK11_VerifyPW(PK11SlotInfo *slot,char *pw)
-{
- int len = PORT_Strlen(pw);
-
- if ((slot->minPassword > len) || (slot->maxPassword < len)) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * initialize a user PIN Value
- */
-SECStatus
-PK11_InitPin(PK11SlotInfo *slot,char *ssopw, char *userpw)
-{
- CK_SESSION_HANDLE rwsession = CK_INVALID_SESSION;
- CK_RV crv;
- SECStatus rv = SECFailure;
- int len;
- int ssolen;
-
- if (userpw == NULL) userpw = "";
- if (ssopw == NULL) ssopw = "";
-
- len = PORT_Strlen(userpw);
- ssolen = PORT_Strlen(ssopw);
-
- /* get a rwsession */
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) goto done;
-
- if (slot->protectedAuthPath) {
- len = 0;
- ssolen = 0;
- ssopw = NULL;
- userpw = NULL;
- }
-
- /* check the password */
- crv = PK11_GETTAB(slot)->C_Login(rwsession,CKU_SO,
- (unsigned char *)ssopw,ssolen);
- slot->lastLoginCheck = 0;
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- goto done;
- }
-
- crv = PK11_GETTAB(slot)->C_InitPIN(rwsession,(unsigned char *)userpw,len);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- } else {
- rv = SECSuccess;
- }
-
-done:
- PK11_GETTAB(slot)->C_Logout(rwsession);
- slot->lastLoginCheck = 0;
- PK11_RestoreROSession(slot,rwsession);
- if (rv == SECSuccess) {
- /* update our view of the world */
- PK11_InitToken(slot,PR_TRUE);
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
- (unsigned char *)userpw,len);
- slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
- }
- return rv;
-}
-
-/*
- * Change an existing user password
- */
-SECStatus
-PK11_ChangePW(PK11SlotInfo *slot,char *oldpw, char *newpw)
-{
- CK_RV crv;
- SECStatus rv = SECFailure;
- int newLen;
- int oldLen;
- CK_SESSION_HANDLE rwsession;
-
- if (newpw == NULL) newpw = "";
- if (oldpw == NULL) oldpw = "";
- newLen = PORT_Strlen(newpw);
- oldLen = PORT_Strlen(oldpw);
-
- /* get a rwsession */
- rwsession = PK11_GetRWSession(slot);
-
- crv = PK11_GETTAB(slot)->C_SetPIN(rwsession,
- (unsigned char *)oldpw,oldLen,(unsigned char *)newpw,newLen);
- if (crv == CKR_OK) {
- rv = SECSuccess;
- } else {
- PORT_SetError(PK11_MapError(crv));
- }
-
- PK11_RestoreROSession(slot,rwsession);
-
- /* update our view of the world */
- PK11_InitToken(slot,PR_TRUE);
- return rv;
-}
-
-static char *
-pk11_GetPassword(PK11SlotInfo *slot, PRBool retry, void * wincx)
-{
- if (PK11_Global.getPass == NULL) return NULL;
- return (*PK11_Global.getPass)(slot, retry, wincx);
-}
-
-void
-PK11_SetPasswordFunc(PK11PasswordFunc func)
-{
- PK11_Global.getPass = func;
-}
-
-void
-PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func)
-{
- PK11_Global.verifyPass = func;
-}
-
-void
-PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func)
-{
- PK11_Global.isLoggedIn = func;
-}
-
-
-/*
- * authenticate to a slot. This loops until we can't recover, the user
- * gives up, or we succeed. If we're already logged in and this function
- * is called we will still prompt for a password, but we will probably
- * succeed no matter what the password was (depending on the implementation
- * of the PKCS 11 module.
- */
-SECStatus
-PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
-{
- SECStatus rv = SECFailure;
- char * password;
- PRBool attempt = PR_FALSE;
-
- if (PK11_NeedUserInit(slot)) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
-
- /*
- * Central server type applications which control access to multiple
- * slave applications to single crypto devices need to virtuallize the
- * login state. This is done by a callback out of PK11_IsLoggedIn and
- * here. If we are actually logged in, then we got here because the
- * higher level code told us that the particular client application may
- * still need to be logged in. If that is the case, we simply tell the
- * server code that it should now verify the clients password and tell us
- * the results.
- */
- if (PK11_IsLoggedIn(slot,NULL) &&
- (PK11_Global.verifyPass != NULL)) {
- if (!PK11_Global.verifyPass(slot,wincx)) {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- return SECFailure;
- }
- return SECSuccess;
- }
-
- /* get the password. This can drop out of the while loop
- * for the following reasons:
- * (1) the user refused to enter a password.
- * (return error to caller)
- * (2) the token user password is disabled [usually due to
- * too many failed authentication attempts].
- * (return error to caller)
- * (3) the password was successful.
- */
- while ((password = pk11_GetPassword(slot, attempt, wincx)) != NULL) {
- attempt = PR_TRUE;
- rv = pk11_CheckPassword(slot,password);
- PORT_Memset(password, 0, PORT_Strlen(password));
- PORT_Free(password);
- if (rv != SECWouldBlock) break;
- }
- if (rv == SECSuccess) {
- rv = pk11_CheckVerifyTest(slot);
- if (!PK11_IsFriendly(slot)) {
- nssTrustDomain_UpdateCachedTokenCerts(slot->nssToken->trustDomain,
- slot->nssToken);
- }
- } else if (!attempt) PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- return rv;
-}
-
-void PK11_LogoutAll(void)
-{
- SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
- SECMODModuleList *modList = SECMOD_GetDefaultModuleList();
- SECMODModuleList *mlp = NULL;
- int i;
-
- SECMOD_GetReadLock(lock);
- /* find the number of entries */
- for (mlp = modList; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11_Logout(mlp->module->slots[i]);
- }
- }
-
- SECMOD_ReleaseReadLock(lock);
-}
-
-int
-PK11_GetMinimumPwdLength(PK11SlotInfo *slot)
-{
- return ((int)slot->minPassword);
-}
-
-/************************************************************
- * Manage the built-In Slot Lists
- ************************************************************/
-
-/* Init the static built int slot list (should actually integrate
- * with PK11_NewSlotList */
-static void
-pk11_initSlotList(PK11SlotList *list)
-{
-#ifdef PKCS11_USE_THREADS
- list->lock = PZ_NewLock(nssILockList);
-#else
- list->lock = NULL;
-#endif
- list->head = NULL;
-}
-
-static void
-pk11_freeSlotList(PK11SlotList *list)
-{
- PK11SlotListElement *le, *next ;
- if (list == NULL) return;
-
- for (le = list->head ; le; le = next) {
- next = le->next;
- pk11_FreeListElement(list,le);
- }
-#ifdef PK11_USE_THREADS
- if (list->lock) {
- PZ_DestroyLock((PZLock *)(list->lock));
- }
-#endif
- list->lock = NULL;
- list->head = NULL;
-}
-
-/* initialize the system slotlists */
-SECStatus
-PK11_InitSlotLists(void)
-{
- pk11_initSlotList(&pk11_aesSlotList);
- pk11_initSlotList(&pk11_desSlotList);
- pk11_initSlotList(&pk11_rc4SlotList);
- pk11_initSlotList(&pk11_rc2SlotList);
- pk11_initSlotList(&pk11_rc5SlotList);
- pk11_initSlotList(&pk11_md5SlotList);
- pk11_initSlotList(&pk11_md2SlotList);
- pk11_initSlotList(&pk11_sha1SlotList);
- pk11_initSlotList(&pk11_rsaSlotList);
- pk11_initSlotList(&pk11_dsaSlotList);
- pk11_initSlotList(&pk11_dhSlotList);
- pk11_initSlotList(&pk11_ecSlotList);
- pk11_initSlotList(&pk11_ideaSlotList);
- pk11_initSlotList(&pk11_sslSlotList);
- pk11_initSlotList(&pk11_tlsSlotList);
- pk11_initSlotList(&pk11_randomSlotList);
- pk11_initSlotList(&pk11_sha256SlotList);
- pk11_initSlotList(&pk11_sha512SlotList);
- return SECSuccess;
-}
-
-void
-PK11_DestroySlotLists(void)
-{
- pk11_freeSlotList(&pk11_aesSlotList);
- pk11_freeSlotList(&pk11_desSlotList);
- pk11_freeSlotList(&pk11_rc4SlotList);
- pk11_freeSlotList(&pk11_rc2SlotList);
- pk11_freeSlotList(&pk11_rc5SlotList);
- pk11_freeSlotList(&pk11_md5SlotList);
- pk11_freeSlotList(&pk11_md2SlotList);
- pk11_freeSlotList(&pk11_sha1SlotList);
- pk11_freeSlotList(&pk11_rsaSlotList);
- pk11_freeSlotList(&pk11_dsaSlotList);
- pk11_freeSlotList(&pk11_dhSlotList);
- pk11_freeSlotList(&pk11_ecSlotList);
- pk11_freeSlotList(&pk11_ideaSlotList);
- pk11_freeSlotList(&pk11_sslSlotList);
- pk11_freeSlotList(&pk11_tlsSlotList);
- pk11_freeSlotList(&pk11_randomSlotList);
- pk11_freeSlotList(&pk11_sha256SlotList);
- pk11_freeSlotList(&pk11_sha512SlotList);
- return;
-}
-
-/* return a system slot list based on mechanism */
-PK11SlotList *
-PK11_GetSlotList(CK_MECHANISM_TYPE type)
-{
-/* XXX a workaround for Bugzilla bug #55267 */
-#if defined(HPUX) && defined(__LP64__)
- if (CKM_INVALID_MECHANISM == type)
- return NULL;
-#endif
- switch (type) {
- case CKM_AES_CBC:
- case CKM_AES_ECB:
- return &pk11_aesSlotList;
- case CKM_DES_CBC:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- return &pk11_desSlotList;
- case CKM_RC4:
- return &pk11_rc4SlotList;
- case CKM_RC5_CBC:
- return &pk11_rc5SlotList;
- case CKM_SHA_1:
- return &pk11_sha1SlotList;
- case CKM_SHA256:
- return &pk11_sha256SlotList;
- case CKM_SHA384:
- case CKM_SHA512:
- return &pk11_sha512SlotList;
- case CKM_MD5:
- return &pk11_md5SlotList;
- case CKM_MD2:
- return &pk11_md2SlotList;
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- return &pk11_rc2SlotList;
- case CKM_RSA_PKCS:
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- case CKM_RSA_X_509:
- return &pk11_rsaSlotList;
- case CKM_DSA:
- return &pk11_dsaSlotList;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- case CKM_DH_PKCS_DERIVE:
- return &pk11_dhSlotList;
- case CKM_ECDSA:
- case CKM_ECDSA_SHA1:
- case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
- case CKM_ECDH1_DERIVE:
- return &pk11_ecSlotList;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_SHA1_MAC:
- case CKM_SSL3_MD5_MAC:
- return &pk11_sslSlotList;
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- return &pk11_tlsSlotList;
- case CKM_IDEA_CBC:
- case CKM_IDEA_ECB:
- return &pk11_ideaSlotList;
- case CKM_FAKE_RANDOM:
- return &pk11_randomSlotList;
- }
- return NULL;
-}
-
-/*
- * load the static SlotInfo structures used to select a PKCS11 slot.
- * preSlotInfo has a list of all the default flags for the slots on this
- * module.
- */
-void
-PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count)
-{
- int i;
-
- for (i=0; i < count; i++) {
- if (psi[i].slotID == slot->slotID)
- break;
- }
-
- if (i == count) return;
-
- slot->defaultFlags = psi[i].defaultFlags;
- slot->askpw = psi[i].askpw;
- slot->timeout = psi[i].timeout;
- slot->hasRootCerts = psi[i].hasRootCerts;
-
- /* if the slot is already disabled, don't load them into the
- * default slot lists. We get here so we can save the default
- * list value. */
- if (slot->disabled) return;
-
- /* if the user has disabled us, don't load us in */
- if (slot->defaultFlags & PK11_DISABLE_FLAG) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_USER_SELECTED;
- /* free up sessions and things?? */
- return;
- }
-
- for (i=0; i < num_pk11_default_mechanisms; i++) {
- if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
- CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
- PK11SlotList *slotList = PK11_GetSlotList(mechanism);
-
- if (slotList) PK11_AddSlotToList(slotList,slot);
- }
- }
-
- return;
-}
-
-
-/*
- * update a slot to its new attribute according to the slot list
- * returns: SECSuccess if nothing to do or add/delete is successful
- */
-SECStatus
-PK11_UpdateSlotAttribute(PK11SlotInfo *slot, PK11DefaultArrayEntry *entry,
- PRBool add)
- /* add: PR_TRUE if want to turn on */
-{
- SECStatus result = SECSuccess;
- PK11SlotList *slotList = PK11_GetSlotList(entry->mechanism);
-
- if (add) { /* trying to turn on a mechanism */
-
- /* turn on the default flag in the slot */
- slot->defaultFlags |= entry->flag;
-
- /* add this slot to the list */
- if (slotList!=NULL)
- result = PK11_AddSlotToList(slotList, slot);
-
- } else { /* trying to turn off */
-
- /* turn OFF the flag in the slot */
- slot->defaultFlags &= ~entry->flag;
-
- if (slotList) {
- /* find the element in the list & delete it */
- PK11SlotListElement *le = PK11_FindSlotElement(slotList, slot);
-
- /* remove the slot from the list */
- if (le)
- result = PK11_DeleteSlotFromList(slotList, le);
- }
- }
- return result;
-}
-
-/*
- * clear a slot off of all of it's default list
- */
-void
-PK11_ClearSlotList(PK11SlotInfo *slot)
-{
- int i;
-
- if (slot->disabled) return;
- if (slot->defaultFlags == 0) return;
-
- for (i=0; i < num_pk11_default_mechanisms; i++) {
- if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
- CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
- PK11SlotList *slotList = PK11_GetSlotList(mechanism);
- PK11SlotListElement *le = NULL;
-
- if (slotList) le = PK11_FindSlotElement(slotList,slot);
-
- if (le) {
- PK11_DeleteSlotFromList(slotList,le);
- pk11_FreeListElement(slotList,le);
- }
- }
- }
-}
-
-
-/******************************************************************
- * Slot initialization
- ******************************************************************/
-/*
- * turn a PKCS11 Static Label into a string
- */
-char *
-PK11_MakeString(PRArenaPool *arena,char *space,
- char *staticString,int stringLen)
-{
- int i;
- char *newString;
- for(i=(stringLen-1); i >= 0; i--) {
- if (staticString[i] != ' ') break;
- }
- /* move i to point to the last space */
- i++;
- if (arena) {
- newString = (char*)PORT_ArenaAlloc(arena,i+1 /* space for NULL */);
- } else if (space) {
- newString = space;
- } else {
- newString = (char*)PORT_Alloc(i+1 /* space for NULL */);
- }
- if (newString == NULL) return NULL;
-
- if (i) PORT_Memcpy(newString,staticString, i);
- newString[i] = 0;
-
- return newString;
-}
-
-/*
- * verify that slot implements Mechanism mech properly by checking against
- * our internal implementation
- */
-PRBool
-PK11_VerifyMechanism(PK11SlotInfo *slot,PK11SlotInfo *intern,
- CK_MECHANISM_TYPE mech, SECItem *data, SECItem *iv)
-{
- PK11Context *test = NULL, *reference = NULL;
- PK11SymKey *symKey = NULL, *testKey = NULL;
- SECItem *param = NULL;
- unsigned char encTest[8];
- unsigned char encRef[8];
- int outLenTest,outLenRef;
- int key_size = 0;
- PRBool verify = PR_FALSE;
- SECStatus rv;
-
- if ((mech == CKM_RC2_CBC) || (mech == CKM_RC2_ECB) || (mech == CKM_RC4)) {
- key_size = 16;
- }
-
- /* initialize the mechanism parameter */
- param = PK11_ParamFromIV(mech,iv);
- if (param == NULL) goto loser;
-
- /* load the keys and contexts */
- symKey = PK11_KeyGen(intern,mech,NULL, key_size, NULL);
- if (symKey == NULL) goto loser;
-
- reference = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, symKey, param);
- if (reference == NULL) goto loser;
-
- testKey = pk11_CopyToSlot(slot, mech, CKA_ENCRYPT, symKey);
- if (testKey == NULL) goto loser;
-
- test = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, testKey, param);
- if (test == NULL) goto loser;
- SECITEM_FreeItem(param,PR_TRUE); param = NULL;
-
- /* encrypt the test data */
- rv = PK11_CipherOp(test,encTest,&outLenTest,sizeof(encTest),
- data->data,data->len);
- if (rv != SECSuccess) goto loser;
- rv = PK11_CipherOp(reference,encRef,&outLenRef,sizeof(encRef),
- data->data,data->len);
- if (rv != SECSuccess) goto loser;
-
- PK11_DestroyContext(reference,PR_TRUE); reference = NULL;
- PK11_DestroyContext(test,PR_TRUE); test = NULL;
-
- if (outLenTest != outLenRef) goto loser;
- if (PORT_Memcmp(encTest, encRef, outLenTest) != 0) goto loser;
-
- verify = PR_TRUE;
-
-loser:
- if (test) PK11_DestroyContext(test,PR_TRUE);
- if (symKey) PK11_FreeSymKey(symKey);
- if (testKey) PK11_FreeSymKey(testKey);
- if (reference) PK11_DestroyContext(reference,PR_TRUE);
- if (param) SECITEM_FreeItem(param,PR_TRUE);
-
- return verify;
-}
-
-/*
- * this code verifies that the advertised mechanisms are what they
- * seem to be.
- */
-#define MAX_MECH_LIST_SIZE 30 /* we only know of about 30 odd mechanisms */
-PRBool
-PK11_VerifySlotMechanisms(PK11SlotInfo *slot)
-{
- CK_MECHANISM_TYPE mechListArray[MAX_MECH_LIST_SIZE];
- CK_MECHANISM_TYPE *mechList = mechListArray;
- static SECItem data;
- static SECItem iv;
- static unsigned char dataV[8];
- static unsigned char ivV[8];
- static PRBool generated = PR_FALSE;
- CK_ULONG count;
- int i;
- CK_RV crv;
-
- PRBool alloced = PR_FALSE;
- PK11SlotInfo *intern = PK11_GetInternalSlot();
-
- /* if we couldn't initialize an internal module,
- * we can't check external ones */
- if (intern == NULL) return PR_FALSE;
-
- /* first get the count of mechanisms */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
-
-
- /* don't blow up just because the card supports more mechanisms than
- * we know about, just alloc space for them */
- if (count > MAX_MECH_LIST_SIZE) {
- mechList = (CK_MECHANISM_TYPE *)
- PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
- alloced = PR_TRUE;
- if (mechList == NULL) {
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
- }
- /* get the list */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv =PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID, mechList, &count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- if (alloced) PORT_Free(mechList);
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
-
- if (!generated) {
- data.data = dataV;
- data.len = sizeof(dataV);
- iv.data = ivV;
- iv.len = sizeof(ivV);
- /* ok, this is a cheat, we know our internal random number generater
- * is thread safe */
- PK11_GETTAB(intern)->C_GenerateRandom(intern->session,
- data.data, data.len);
- PK11_GETTAB(intern)->C_GenerateRandom(intern->session,
- iv.data, iv.len);
- }
- for (i=0; i < (int) count; i++) {
- switch (mechList[i]) {
- case CKM_DES_CBC:
- case CKM_DES_ECB:
- case CKM_RC4:
- case CKM_RC2_CBC:
- case CKM_RC2_ECB:
- if (!PK11_VerifyMechanism(slot,intern,mechList[i],&data,&iv)){
- if (alloced) PORT_Free(mechList);
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
- }
- }
- if (alloced) PORT_Free(mechList);
- PK11_FreeSlot(intern);
- return PR_TRUE;
-}
-
-/*
- * See if we need to run the verify test, do so if necessary. If we fail,
- * disable the slot.
- */
-SECStatus
-pk11_CheckVerifyTest(PK11SlotInfo *slot)
-{
- PK11_EnterSlotMonitor(slot);
- if (slot->needTest) {
- slot->needTest = PR_FALSE;
- PK11_ExitSlotMonitor(slot);
- if (!PK11_VerifySlotMechanisms(slot)) {
- (void)PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- PK11_ClearSlotList(slot);
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_TOKEN_VERIFY_FAILED;
- slot->needTest = PR_TRUE;
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
- } else {
- PK11_ExitSlotMonitor(slot);
- }
- return SECSuccess;
-}
-
-/*
- * Reads in the slots mechanism list for later use
- */
-SECStatus
-PK11_ReadMechanismList(PK11SlotInfo *slot)
-{
- CK_ULONG count;
- CK_RV crv;
- int i;
-
- if (slot->mechanismList) {
- PORT_Free(slot->mechanismList);
- slot->mechanismList = NULL;
- }
- slot->mechanismCount = 0;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
- if (crv != CKR_OK) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
-
- slot->mechanismList = (CK_MECHANISM_TYPE *)
- PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
- if (slot->mechanismList == NULL) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,
- slot->mechanismList, &count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_Free(slot->mechanismList);
- slot->mechanismList = NULL;
- PORT_SetError(PK11_MapError(crv));
- return SECSuccess;
- }
- slot->mechanismCount = count;
- PORT_Memset(slot->mechanismBits, 0, sizeof(slot->mechanismBits));
-
- for (i=0; i < count; i++) {
- CK_MECHANISM_TYPE mech = slot->mechanismList[i];
- if (mech < 0x7ff) {
- slot->mechanismBits[mech & 0xff] |= 1 << (mech >> 8);
- }
- }
- return SECSuccess;
-}
-
-/*
- * initialize a new token
- * unlike initialize slot, this can be called multiple times in the lifetime
- * of NSS. It reads the information associated with a card or token,
- * that is not going to change unless the card or token changes.
- */
-SECStatus
-PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
-{
- CK_TOKEN_INFO tokenInfo;
- CK_RV crv;
- char *tmp;
- SECStatus rv;
-
- /* set the slot flags to the current token values */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,&tokenInfo);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
-
- /* set the slot flags to the current token values */
- slot->series++; /* allow other objects to detect that the
- * slot is different */
- slot->flags = tokenInfo.flags;
- slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ?
- PR_TRUE : PR_FALSE);
- slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ?
- PR_TRUE : PR_FALSE);
- slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
- slot->protectedAuthPath =
- ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
- ? PR_TRUE : PR_FALSE);
- slot->lastLoginCheck = 0;
- slot->lastState = 0;
- /* on some platforms Active Card incorrectly sets the
- * CKF_PROTECTED_AUTHENTICATION_PATH bit when it doesn't mean to. */
- if (slot->isActiveCard) {
- slot->protectedAuthPath = PR_FALSE;
- }
- tmp = PK11_MakeString(NULL,slot->token_name,
- (char *)tokenInfo.label, sizeof(tokenInfo.label));
- slot->minPassword = tokenInfo.ulMinPinLen;
- slot->maxPassword = tokenInfo.ulMaxPinLen;
- PORT_Memcpy(slot->serial,tokenInfo.serialNumber,sizeof(slot->serial));
-
- nssToken_UpdateName(slot->nssToken);
-
- slot->defRWSession = (PRBool)((!slot->readOnly) &&
- (tokenInfo.ulMaxSessionCount == 1));
- rv = PK11_ReadMechanismList(slot);
- if (rv != SECSuccess) return rv;
-
- slot->hasRSAInfo = PR_FALSE;
- slot->RSAInfoFlags = 0;
-
- /* initialize the maxKeyCount value */
- if (tokenInfo.ulMaxSessionCount == 0) {
- slot->maxKeyCount = 800; /* should be #define or a config param */
- } else if (tokenInfo.ulMaxSessionCount < 20) {
- /* don't have enough sessions to keep that many keys around */
- slot->maxKeyCount = 0;
- } else {
- slot->maxKeyCount = tokenInfo.ulMaxSessionCount/2;
- }
-
- /* Make sure our session handle is valid */
- if (slot->session == CK_INVALID_SESSION) {
- /* we know we don't have a valid session, go get one */
- CK_SESSION_HANDLE session;
-
- /* session should be Readonly, serial */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
- slot,pk11_notify,&session);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- slot->session = session;
- } else {
- /* The session we have may be defunct (the token associated with it)
- * has been removed */
- CK_SESSION_INFO sessionInfo;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
- if (crv == CKR_DEVICE_ERROR) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- crv = CKR_SESSION_CLOSED;
- }
- if ((crv==CKR_SESSION_CLOSED) || (crv==CKR_SESSION_HANDLE_INVALID)) {
- crv =PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- slot->session = CK_INVALID_SESSION;
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return SECFailure;
- }
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- }
-
- nssToken_Refresh(slot->nssToken);
-
- if (!(slot->needLogin)) {
- return pk11_CheckVerifyTest(slot);
- }
-
-
- if (!(slot->isInternal) && (slot->hasRandom)) {
- /* if this slot has a random number generater, use it to add entropy
- * to the internal slot. */
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- if (int_slot) {
- unsigned char random_bytes[32];
-
- /* if this slot can issue random numbers, get some entropy from
- * that random number generater and give it to our internal token.
- */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GenerateRandom
- (slot->session,random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(slot);
- if (crv == CKR_OK) {
- PK11_EnterSlotMonitor(int_slot);
- PK11_GETTAB(int_slot)->C_SeedRandom(int_slot->session,
- random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(int_slot);
- }
-
- /* Now return the favor and send entropy to the token's random
- * number generater */
- PK11_EnterSlotMonitor(int_slot);
- crv = PK11_GETTAB(int_slot)->C_GenerateRandom(int_slot->session,
- random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(int_slot);
- if (crv == CKR_OK) {
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_SeedRandom(slot->session,
- random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(slot);
- }
- PK11_FreeSlot(int_slot);
- }
- }
-
-
- return SECSuccess;
-}
-
-/*
- * initialize a new token
- * unlike initialize slot, this can be called multiple times in the lifetime
- * of NSS. It reads the information associated with a card or token,
- * that is not going to change unless the card or token changes.
- */
-SECStatus
-PK11_TokenRefresh(PK11SlotInfo *slot)
-{
- CK_TOKEN_INFO tokenInfo;
- CK_RV crv;
- SECStatus rv;
-
- /* set the slot flags to the current token values */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,&tokenInfo);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
-
- slot->flags = tokenInfo.flags;
- slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ?
- PR_TRUE : PR_FALSE);
- slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ?
- PR_TRUE : PR_FALSE);
- slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
- slot->protectedAuthPath =
- ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
- ? PR_TRUE : PR_FALSE);
- /* on some platforms Active Card incorrectly sets the
- * CKF_PROTECTED_AUTHENTICATION_PATH bit when it doesn't mean to. */
- if (slot->isActiveCard) {
- slot->protectedAuthPath = PR_FALSE;
- }
- return SECSuccess;
-}
-
-static PRBool
-pk11_isRootSlot(PK11SlotInfo *slot)
-{
- CK_ATTRIBUTE findTemp[1];
- CK_ATTRIBUTE *attrs;
- CK_OBJECT_CLASS oclass = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
- int tsize;
- CK_OBJECT_HANDLE handle;
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &oclass, sizeof(oclass)); attrs++;
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- handle = pk11_FindObjectByTemplate(slot,findTemp,tsize);
- if (handle == CK_INVALID_HANDLE) {
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-/*
- * Initialize the slot :
- * This initialization code is called on each slot a module supports when
- * it is loaded. It does the bringup initialization. The difference between
- * this and InitToken is Init slot does those one time initialization stuff,
- * usually associated with the reader, while InitToken may get called multiple
- * times as tokens are removed and re-inserted.
- */
-void
-PK11_InitSlot(SECMODModule *mod,CK_SLOT_ID slotID,PK11SlotInfo *slot)
-{
- SECStatus rv;
- char *tmp;
- CK_SLOT_INFO slotInfo;
-
- slot->functionList = mod->functionList;
- slot->isInternal = mod->internal;
- slot->slotID = slotID;
- slot->isThreadSafe = mod->isThreadSafe;
- slot->hasRSAInfo = PR_FALSE;
-
- if (PK11_GETTAB(slot)->C_GetSlotInfo(slotID,&slotInfo) != CKR_OK) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
- return;
- }
-
- /* test to make sure claimed mechanism work */
- slot->needTest = mod->internal ? PR_FALSE : PR_TRUE;
- slot->module = mod; /* NOTE: we don't make a reference here because
- * modules have references to their slots. This
- * works because modules keep implicit references
- * from their slots, and won't unload and disappear
- * until all their slots have been freed */
- tmp = PK11_MakeString(NULL,slot->slot_name,
- (char *)slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
- slot->isHW = (PRBool)((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT);
-#define ACTIVE_CARD "ActivCard SA"
- slot->isActiveCard = (PRBool)(PORT_Strncmp((char *)slotInfo.manufacturerID,
- ACTIVE_CARD, sizeof(ACTIVE_CARD)-1) == 0);
- if ((slotInfo.flags & CKF_REMOVABLE_DEVICE) == 0) {
- slot->isPerm = PR_TRUE;
- /* permanment slots must have the token present always */
- if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_TOKEN_NOT_PRESENT;
- return; /* nothing else to do */
- }
- }
- /* if the token is present, initialize it */
- if ((slotInfo.flags & CKF_TOKEN_PRESENT) != 0) {
- rv = PK11_InitToken(slot,PR_TRUE);
- /* the only hard failures are on permanent devices, or function
- * verify failures... function verify failures are already handled
- * by tokenInit */
- if ((rv != SECSuccess) && (slot->isPerm) && (!slot->disabled)) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
- }
- }
- if (pk11_isRootSlot(slot)) {
- if (!slot->hasRootCerts) {
- slot->module->trustOrder = 100;
- }
- slot->hasRootCerts= PR_TRUE;
- }
-}
-
-
-
-/*********************************************************************
- * Slot mapping utility functions.
- *********************************************************************/
-
-/*
- * determine if the token is present. If the token is present, make sure
- * we have a valid session handle. Also set the value of needLogin
- * appropriately.
- */
-static PRBool
-pk11_IsPresentCertLoad(PK11SlotInfo *slot, PRBool loadCerts)
-{
- CK_SLOT_INFO slotInfo;
- CK_SESSION_INFO sessionInfo;
- CK_RV crv;
-
- /* disabled slots are never present */
- if (slot->disabled) {
- return PR_FALSE;
- }
-
- /* permanent slots are always present */
- if (slot->isPerm && (slot->session != CK_INVALID_SESSION)) {
- return PR_TRUE;
- }
-
- if (slot->nssToken) {
- return nssToken_IsPresent(slot->nssToken);
- }
-
- /* removable slots have a flag that says they are present */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- if (PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID,&slotInfo) != CKR_OK) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return PR_FALSE;
- }
- if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
- /* if the slot is no longer present, close the session */
- if (slot->session != CK_INVALID_SESSION) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- /* force certs to be freed */
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return PR_FALSE;
- }
-
- /* use the session Info to determine if the card has been removed and then
- * re-inserted */
- if (slot->session != CK_INVALID_SESSION) {
- if (slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session, &sessionInfo);
- if (crv != CKR_OK) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- }
- if (slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-
- /* card has not been removed, current token info is correct */
- if (slot->session != CK_INVALID_SESSION) return PR_TRUE;
-
- /* initialize the token info state */
- if (PK11_InitToken(slot,loadCerts) != SECSuccess) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/*
- * old version of the routine
- */
-PRBool
-PK11_IsPresent(PK11SlotInfo *slot) {
- return pk11_IsPresentCertLoad(slot,PR_TRUE);
-}
-
-/* is the slot disabled? */
-PRBool
-PK11_IsDisabled(PK11SlotInfo *slot)
-{
- return slot->disabled;
-}
-
-/* and why? */
-PK11DisableReasons
-PK11_GetDisabledReason(PK11SlotInfo *slot)
-{
- return slot->reason;
-}
-
-/* returns PR_TRUE if successfully disable the slot */
-/* returns PR_FALSE otherwise */
-PRBool PK11_UserDisableSlot(PK11SlotInfo *slot) {
-
- slot->defaultFlags |= PK11_DISABLE_FLAG;
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_USER_SELECTED;
-
- return PR_TRUE;
-}
-
-PRBool PK11_UserEnableSlot(PK11SlotInfo *slot) {
-
- slot->defaultFlags &= ~PK11_DISABLE_FLAG;
- slot->disabled = PR_FALSE;
- slot->reason = PK11_DIS_NONE;
- return PR_TRUE;
-}
-
-PRBool PK11_HasRootCerts(PK11SlotInfo *slot) {
- return slot->hasRootCerts;
-}
-
-/* Get the module this slot is attatched to */
-SECMODModule *
-PK11_GetModule(PK11SlotInfo *slot)
-{
- return slot->module;
-}
-
-/* return the default flags of a slot */
-unsigned long
-PK11_GetDefaultFlags(PK11SlotInfo *slot)
-{
- return slot->defaultFlags;
-}
-
-/* Does this slot have a protected pin path? */
-PRBool
-PK11_ProtectedAuthenticationPath(PK11SlotInfo *slot)
-{
- return slot->protectedAuthPath;
-}
-
-/*
- * we can initialize the password if 1) The toke is not inited
- * (need login == true and see need UserInit) or 2) the token has
- * a NULL password. (slot->needLogin = false & need user Init = false).
- */
-PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot)
-{
- if (slot->needLogin && PK11_NeedUserInit(slot)) {
- return PR_TRUE;
- }
- if (!slot->needLogin && !PK11_NeedUserInit(slot)) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-PRBool PK11_NeedPWInit()
-{
- PK11SlotInfo *slot = PK11_GetInternalKeySlot();
- PRBool ret = PK11_NeedPWInitForSlot(slot);
-
- PK11_FreeSlot(slot);
- return ret;
-}
-
-/*
- * The following wrapper functions allow us to export an opaque slot
- * function to the rest of libsec and the world... */
-PRBool
-PK11_IsReadOnly(PK11SlotInfo *slot)
-{
- return slot->readOnly;
-}
-
-PRBool
-PK11_IsHW(PK11SlotInfo *slot)
-{
- return slot->isHW;
-}
-
-PRBool
-PK11_IsInternal(PK11SlotInfo *slot)
-{
- return slot->isInternal;
-}
-
-PRBool
-PK11_NeedLogin(PK11SlotInfo *slot)
-{
- return slot->needLogin;
-}
-
-PRBool
-PK11_IsFriendly(PK11SlotInfo *slot)
-{
- /* internal slot always has public readable certs */
- return (PRBool)(slot->isInternal ||
- ((slot->defaultFlags & SECMOD_FRIENDLY_FLAG) ==
- SECMOD_FRIENDLY_FLAG));
-}
-
-char *
-PK11_GetTokenName(PK11SlotInfo *slot)
-{
- return slot->token_name;
-}
-
-char *
-PK11_GetSlotName(PK11SlotInfo *slot)
-{
- return slot->slot_name;
-}
-
-int
-PK11_GetSlotSeries(PK11SlotInfo *slot)
-{
- return slot->series;
-}
-
-int
-PK11_GetCurrentWrapIndex(PK11SlotInfo *slot)
-{
- return slot->wrapKey;
-}
-
-CK_SLOT_ID
-PK11_GetSlotID(PK11SlotInfo *slot)
-{
- return slot->slotID;
-}
-
-SECMODModuleID
-PK11_GetModuleID(PK11SlotInfo *slot)
-{
- return slot->module->moduleID;
-}
-
-static void
-pk11_zeroTerminatedToBlankPadded(CK_CHAR *buffer, size_t buffer_size)
-{
- CK_CHAR *walk = buffer;
- CK_CHAR *end = buffer + buffer_size;
-
- /* find the NULL */
- while (walk < end && *walk != '\0') {
- walk++;
- }
-
- /* clear out the buffer */
- while (walk < end) {
- *walk++ = ' ';
- }
-}
-
-/* return the slot info structure */
-SECStatus
-PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info)
-{
- CK_RV crv;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- /*
- * some buggy drivers do not fill the buffer completely,
- * erase the buffer first
- */
- PORT_Memset(info->slotDescription,' ',sizeof(info->slotDescription));
- PORT_Memset(info->manufacturerID,' ',sizeof(info->manufacturerID));
- crv = PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID,info);
- pk11_zeroTerminatedToBlankPadded(info->slotDescription,
- sizeof(info->slotDescription));
- pk11_zeroTerminatedToBlankPadded(info->manufacturerID,
- sizeof(info->manufacturerID));
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* return the token info structure */
-SECStatus
-PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info)
-{
- CK_RV crv;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- /*
- * some buggy drivers do not fill the buffer completely,
- * erase the buffer first
- */
- PORT_Memset(info->label,' ',sizeof(info->label));
- PORT_Memset(info->manufacturerID,' ',sizeof(info->manufacturerID));
- PORT_Memset(info->model,' ',sizeof(info->model));
- PORT_Memset(info->serialNumber,' ',sizeof(info->serialNumber));
- crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,info);
- pk11_zeroTerminatedToBlankPadded(info->label,sizeof(info->label));
- pk11_zeroTerminatedToBlankPadded(info->manufacturerID,
- sizeof(info->manufacturerID));
- pk11_zeroTerminatedToBlankPadded(info->model,sizeof(info->model));
- pk11_zeroTerminatedToBlankPadded(info->serialNumber,
- sizeof(info->serialNumber));
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* Find out if we need to initialize the user's pin */
-PRBool
-PK11_NeedUserInit(PK11SlotInfo *slot)
-{
- PRBool needUserInit = (PRBool) ((slot->flags & CKF_USER_PIN_INITIALIZED)
- == 0);
-
- if (needUserInit) {
- CK_TOKEN_INFO info;
- SECStatus rv;
-
- /* see if token has been initialized off line */
- rv = PK11_GetTokenInfo(slot, &info);
- if (rv == SECSuccess) {
- slot->flags = info.flags;
- }
- }
- return (PRBool)((slot->flags & CKF_USER_PIN_INITIALIZED) == 0);
-}
-
-/* get the internal key slot. FIPS has only one slot for both key slots and
- * default slots */
-PK11SlotInfo *
-PK11_GetInternalKeySlot(void)
-{
- SECMODModule *mod = SECMOD_GetInternalModule();
- PORT_Assert(mod != NULL);
- if (!mod) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- return PK11_ReferenceSlot(mod->isFIPS ? mod->slots[0] : mod->slots[1]);
-}
-
-/* get the internal default slot */
-PK11SlotInfo *
-PK11_GetInternalSlot(void)
-{
- SECMODModule * mod = SECMOD_GetInternalModule();
- PORT_Assert(mod != NULL);
- if (!mod) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- return PK11_ReferenceSlot(mod->slots[0]);
-}
-
-PRBool
-pk11_InDelayPeriod(PRIntervalTime lastTime, PRIntervalTime delayTime,
- PRIntervalTime *retTime)
-{
- PRIntervalTime time;
-
- *retTime = time = PR_IntervalNow();
- return (PRBool) (lastTime) && ((time-lastTime) < delayTime);
-}
-
-/*
- * Determine if the token is logged in. We have to actually query the token,
- * because it's state can change without intervention from us.
- */
-PRBool
-PK11_IsLoggedIn(PK11SlotInfo *slot,void *wincx)
-{
- CK_SESSION_INFO sessionInfo;
- int askpw = slot->askpw;
- int timeout = slot->timeout;
- CK_RV crv;
- PRIntervalTime curTime;
- static PRIntervalTime login_delay_time = 0;
-
- if (login_delay_time == 0) {
- login_delay_time = PR_SecondsToInterval(1);
- }
-
- /* If we don't have our own password default values, use the system
- * ones */
- if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
- PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
- if (def_slot) {
- askpw = def_slot->askpw;
- timeout = def_slot->timeout;
- PK11_FreeSlot(def_slot);
- }
- }
-
- if ((wincx != NULL) && (PK11_Global.isLoggedIn != NULL) &&
- (*PK11_Global.isLoggedIn)(slot, wincx) == PR_FALSE) { return PR_FALSE; }
-
-
- /* forget the password if we've been inactive too long */
- if (askpw == 1) {
- int64 currtime = PR_Now();
- int64 result;
- int64 mult;
-
- LL_I2L(result, timeout);
- LL_I2L(mult, 60*1000*1000);
- LL_MUL(result,result,mult);
- LL_ADD(result, result, slot->authTime);
- if (LL_CMP(result, <, currtime) ) {
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Logout(slot->session);
- slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
- } else {
- slot->authTime = currtime;
- }
- }
-
- PK11_EnterSlotMonitor(slot);
- if (pk11_InDelayPeriod(slot->lastLoginCheck,login_delay_time, &curTime)) {
- sessionInfo.state = slot->lastState;
- crv = CKR_OK;
- } else {
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
- if (crv == CKR_OK) {
- slot->lastState = sessionInfo.state;
- slot->lastLoginCheck = curTime;
- }
- }
- PK11_ExitSlotMonitor(slot);
- /* if we can't get session info, something is really wrong */
- if (crv != CKR_OK) {
- slot->session = CK_INVALID_SESSION;
- return PR_FALSE;
- }
-
- switch (sessionInfo.state) {
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RO_PUBLIC_SESSION:
- default:
- break; /* fail */
- case CKS_RW_USER_FUNCTIONS:
- case CKS_RW_SO_FUNCTIONS:
- case CKS_RO_USER_FUNCTIONS:
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-
-/*
- * check if a given slot supports the requested mechanism
- */
-PRBool
-PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type)
-{
- int i;
-
- /* CKM_FAKE_RANDOM is not a real PKCS mechanism. It's a marker to
- * tell us we're looking form someone that has implemented get
- * random bits */
- if (type == CKM_FAKE_RANDOM) {
- return slot->hasRandom;
- }
-
- /* for most mechanism, bypass the linear lookup */
- if (type < 0x7ff) {
- return (slot->mechanismBits[type & 0xff] & (1 << (type >> 8))) ?
- PR_TRUE : PR_FALSE;
- }
-
- for (i=0; i < (int) slot->mechanismCount; i++) {
- if (slot->mechanismList[i] == type) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/*
- * Return true if a token that can do the desired mechanism exists.
- * This allows us to have hardware tokens that can do function XYZ magically
- * allow SSL Ciphers to appear if they are plugged in.
- */
-PRBool
-PK11_TokenExists(CK_MECHANISM_TYPE type)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- PK11SlotInfo *slot;
- PRBool found = PR_FALSE;
- int i;
-
- /* we only need to know if there is a token that does this mechanism.
- * check the internal module first because it's fast, and supports
- * almost everything. */
- slot = PK11_GetInternalSlot();
- if (slot) {
- found = PK11_DoesMechanism(slot,type);
- PK11_FreeSlot(slot);
- }
- if (found) return PR_TRUE; /* bypass getting module locks */
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL && (!found); mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- slot = mlp->module->slots[i];
- if (PK11_IsPresent(slot)) {
- if (PK11_DoesMechanism(slot,type)) {
- found = PR_TRUE;
- break;
- }
- }
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
- return found;
-}
-
-/*
- * get all the currently available tokens in a list.
- * that can perform the given mechanism. If mechanism is CKM_INVALID_MECHANISM,
- * get all the tokens. Make sure tokens that need authentication are put at
- * the end of this list.
- */
-PK11SlotList *
-PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
- void *wincx)
-{
- PK11SlotList * list = PK11_NewSlotList();
- PK11SlotList * loginList = PK11_NewSlotList();
- PK11SlotList * friendlyList = PK11_NewSlotList();
- SECMODModuleList * mlp;
- SECMODModuleList * modules = SECMOD_GetDefaultModuleList();
- SECMODListLock * moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
-#if defined( XP_WIN32 )
- int j = 0;
- PRInt32 waste[16];
-#endif
-
- if ((list == NULL) || (loginList == NULL) || (friendlyList == NULL)) {
- if (list) PK11_FreeSlotList(list);
- if (loginList) PK11_FreeSlotList(loginList);
- if (friendlyList) PK11_FreeSlotList(friendlyList);
- return NULL;
- }
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-
-#if defined( XP_WIN32 )
- /* This is works around some horrible cache/page thrashing problems
- ** on Win32. Without this, this loop can take up to 6 seconds at
- ** 100% CPU on a Pentium-Pro 200. The thing this changes is to
- ** increase the size of the stack frame and modify it.
- ** Moving the loop code itself seems to have no effect.
- ** Dunno why this combination makes a difference, but it does.
- */
- waste[ j & 0xf] = j++;
-#endif
-
- for (i = 0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *slot = mlp->module->slots[i];
-
- if (pk11_IsPresentCertLoad(slot, loadCerts)) {
- if (needRW && slot->readOnly) continue;
- if ((type == CKM_INVALID_MECHANISM)
- || PK11_DoesMechanism(slot, type)) {
- if (slot->needLogin && !PK11_IsLoggedIn(slot, wincx)) {
- if (PK11_IsFriendly(slot)) {
- PK11_AddSlotToList(friendlyList, slot);
- } else {
- PK11_AddSlotToList(loginList, slot);
- }
- } else {
- PK11_AddSlotToList(list, slot);
- }
- }
- }
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- PK11_MoveListToList(list,friendlyList);
- PK11_FreeSlotList(friendlyList);
- PK11_MoveListToList(list,loginList);
- PK11_FreeSlotList(loginList);
-
- return list;
-}
-
-/*
- * NOTE: This routine is working from a private List generated by
- * PK11_GetAllTokens. That is why it does not need to lock.
- */
-PK11SlotList *
-PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,PRBool needRW,void *wincx)
-{
- PK11SlotList *list = PK11_GetAllTokens(type,needRW,PR_TRUE,wincx);
- PK11SlotListElement *le, *next ;
- SECStatus rv;
-
- if (list == NULL) return list;
-
- for (le = list->head ; le; le = next) {
- next = le->next; /* save the pointer here in case we have to
- * free the element later */
- rv = PK11_Authenticate(le->slot,PR_TRUE,wincx);
- if (rv != SECSuccess) {
- PK11_DeleteSlotFromList(list,le);
- continue;
- }
- }
- return list;
-}
-
-
-/*
- * find the best slot which supports the given
- * Mechanism. In normal cases this should grab the first slot on the list
- * with no fuss.
- */
-PK11SlotInfo *
-PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int mech_count, void *wincx)
-{
- PK11SlotList *list = NULL;
- PK11SlotListElement *le ;
- PK11SlotInfo *slot = NULL;
- PRBool freeit = PR_FALSE;
- PRBool listNeedLogin = PR_FALSE;
- int i;
- SECStatus rv;
-
- list = PK11_GetSlotList(type[0]);
-
- if ((list == NULL) || (list->head == NULL)) {
- /* We need to look up all the tokens for the mechanism */
- list = PK11_GetAllTokens(type[0],PR_FALSE,PR_TRUE,wincx);
- freeit = PR_TRUE;
- }
-
- /* no one can do it! */
- if (list == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- return NULL;
- }
-
- PORT_SetError(0);
-
-
- listNeedLogin = PR_FALSE;
- for (i=0; i < mech_count; i++) {
- if ((type[i] != CKM_FAKE_RANDOM) &&
- (type[i] != CKM_SHA_1) &&
- (type[i] != CKM_SHA256) &&
- (type[i] != CKM_SHA384) &&
- (type[i] != CKM_SHA512) &&
- (type[i] != CKM_MD5) &&
- (type[i] != CKM_MD2)) {
- listNeedLogin = PR_TRUE;
- break;
- }
- }
-
- for (le = PK11_GetFirstSafe(list); le;
- le = PK11_GetNextSafe(list,le,PR_TRUE)) {
- if (PK11_IsPresent(le->slot)) {
- PRBool doExit = PR_FALSE;
- for (i=0; i < mech_count; i++) {
- if (!PK11_DoesMechanism(le->slot,type[i])) {
- doExit = PR_TRUE;
- break;
- }
- }
- if (doExit) continue;
-
- if (listNeedLogin && le->slot->needLogin) {
- rv = PK11_Authenticate(le->slot,PR_TRUE,wincx);
- if (rv != SECSuccess) continue;
- }
- slot = le->slot;
- PK11_ReferenceSlot(slot);
- pk11_FreeListElement(list,le);
- if (freeit) { PK11_FreeSlotList(list); }
- return slot;
- }
- }
- if (freeit) { PK11_FreeSlotList(list); }
- if (PORT_GetError() == 0) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- }
- return NULL;
-}
-
-/* original get best slot now calls the multiple version with only one type */
-PK11SlotInfo *
-PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx)
-{
- return PK11_GetBestSlotMultiple(&type, 1, wincx);
-}
-
-/*
- * find the best key wrap mechanism for this slot.
- */
-CK_MECHANISM_TYPE
-PK11_GetBestWrapMechanism(PK11SlotInfo *slot)
-{
- int i;
- for (i=0; i < wrapMechanismCount; i++) {
- if (PK11_DoesMechanism(slot,wrapMechanismList[i])) {
- return wrapMechanismList[i];
- }
- }
- return CKM_INVALID_MECHANISM;
-}
-
-int
-PK11_GetBestKeyLength(PK11SlotInfo *slot,CK_MECHANISM_TYPE mechanism)
-{
- CK_MECHANISM_INFO mechanism_info;
- CK_RV crv;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
- mechanism,&mechanism_info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) return 0;
-
- if (mechanism_info.ulMinKeySize == mechanism_info.ulMaxKeySize)
- return 0;
- return mechanism_info.ulMaxKeySize;
-}
-
-
-/*********************************************************************
- * Mechanism Mapping functions
- *********************************************************************/
-
-/*
- * lookup an entry in the mechanism table. If none found, return the
- * default structure.
- */
-static pk11MechanismData *
-pk11_lookup(CK_MECHANISM_TYPE type)
-{
- int i;
- for (i=0; i < pk11_MechEntrySize; i++) {
- if (pk11_MechanismTable[i].type == type) {
- return (&pk11_MechanismTable[i]);
- }
- }
- return &pk11_default;
-}
-
-/*
- * NOTE: This is not thread safe. Called at init time, and when loading
- * a new Entry. It is reasonably safe as long as it is not re-entered
- * (readers will always see a consistant table)
- *
- * This routine is called to add entries to the mechanism table, once there,
- * they can not be removed.
- */
-void
-PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
- CK_MECHANISM_TYPE keyGen, int ivLen, int blockSize)
-{
- int tableSize = pk11_MechTableSize;
- int size = pk11_MechEntrySize;
- int entry = size++;
- pk11MechanismData *old = pk11_MechanismTable;
- pk11MechanismData *newt = pk11_MechanismTable;
-
-
- if (size > tableSize) {
- int oldTableSize = tableSize;
- tableSize += 10;
- newt = (pk11MechanismData *)
- PORT_Alloc(tableSize*sizeof(pk11MechanismData));
- if (newt == NULL) return;
-
- if (old) PORT_Memcpy(newt,old,oldTableSize*sizeof(pk11MechanismData));
- } else old = NULL;
-
- newt[entry].type = type;
- newt[entry].keyType = key;
- newt[entry].keyGen = keyGen;
- newt[entry].iv = ivLen;
- newt[entry].blockSize = blockSize;
-
- pk11_MechanismTable = newt;
- pk11_MechTableSize = tableSize;
- pk11_MechEntrySize = size;
- if (old) PORT_Free(old);
-}
-
-/*
- * Get the key type needed for the given mechanism
- */
-CK_MECHANISM_TYPE
-PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len)
-{
- switch (type) {
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- case CKM_AES_MAC:
- case CKM_AES_MAC_GENERAL:
- case CKM_AES_CBC_PAD:
- case CKM_AES_KEY_GEN:
- return CKK_AES;
- case CKM_DES_ECB:
- case CKM_DES_CBC:
- case CKM_DES_MAC:
- case CKM_DES_MAC_GENERAL:
- case CKM_DES_CBC_PAD:
- case CKM_DES_KEY_GEN:
- case CKM_KEY_WRAP_LYNKS:
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- return CKK_DES;
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- case CKM_DES3_MAC:
- case CKM_DES3_MAC_GENERAL:
- case CKM_DES3_CBC_PAD:
- return (len == 128) ? CKK_DES2 : CKK_DES3;
- case CKM_DES2_KEY_GEN:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- return CKK_DES2;
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_DES3_KEY_GEN:
- return CKK_DES3;
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- case CKM_CDMF_MAC:
- case CKM_CDMF_MAC_GENERAL:
- case CKM_CDMF_CBC_PAD:
- case CKM_CDMF_KEY_GEN:
- return CKK_CDMF;
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- case CKM_RC2_MAC:
- case CKM_RC2_MAC_GENERAL:
- case CKM_RC2_CBC_PAD:
- case CKM_RC2_KEY_GEN:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- return CKK_RC2;
- case CKM_RC4:
- case CKM_RC4_KEY_GEN:
- return CKK_RC4;
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- case CKM_RC5_MAC:
- case CKM_RC5_MAC_GENERAL:
- case CKM_RC5_CBC_PAD:
- case CKM_RC5_KEY_GEN:
- return CKK_RC5;
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_SKIPJACK_KEY_GEN:
- case CKM_SKIPJACK_WRAP:
- case CKM_SKIPJACK_PRIVATE_WRAP:
- return CKK_SKIPJACK;
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_BATON_WRAP:
- case CKM_BATON_KEY_GEN:
- return CKK_BATON;
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- case CKM_JUNIPER_WRAP:
- case CKM_JUNIPER_KEY_GEN:
- return CKK_JUNIPER;
- case CKM_IDEA_CBC:
- case CKM_IDEA_ECB:
- case CKM_IDEA_MAC:
- case CKM_IDEA_MAC_GENERAL:
- case CKM_IDEA_CBC_PAD:
- case CKM_IDEA_KEY_GEN:
- return CKK_IDEA;
- case CKM_CAST_ECB:
- case CKM_CAST_CBC:
- case CKM_CAST_MAC:
- case CKM_CAST_MAC_GENERAL:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST_KEY_GEN:
- case CKM_PBE_MD5_CAST_CBC:
- return CKK_CAST;
- case CKM_CAST3_ECB:
- case CKM_CAST3_CBC:
- case CKM_CAST3_MAC:
- case CKM_CAST3_MAC_GENERAL:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST3_KEY_GEN:
- case CKM_PBE_MD5_CAST3_CBC:
- return CKK_CAST3;
- case CKM_CAST5_ECB:
- case CKM_CAST5_CBC:
- case CKM_CAST5_MAC:
- case CKM_CAST5_MAC_GENERAL:
- case CKM_CAST5_CBC_PAD:
- case CKM_CAST5_KEY_GEN:
- case CKM_PBE_MD5_CAST5_CBC:
- return CKK_CAST5;
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- case CKM_MD2_RSA_PKCS:
- case CKM_MD5_RSA_PKCS:
- case CKM_SHA1_RSA_PKCS:
- case CKM_SHA256_RSA_PKCS:
- case CKM_SHA384_RSA_PKCS:
- case CKM_SHA512_RSA_PKCS:
- case CKM_KEY_WRAP_SET_OAEP:
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- return CKK_RSA;
- case CKM_DSA:
- case CKM_DSA_SHA1:
- case CKM_DSA_KEY_PAIR_GEN:
- return CKK_DSA;
- case CKM_DH_PKCS_DERIVE:
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- return CKK_DH;
- case CKM_KEA_KEY_DERIVE:
- case CKM_KEA_KEY_PAIR_GEN:
- return CKK_KEA;
- case CKM_ECDSA:
- case CKM_ECDSA_SHA1:
- case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
- case CKM_ECDH1_DERIVE:
- return CKK_EC; /* CKK_ECDSA is deprecated */
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- case CKM_GENERIC_SECRET_KEY_GEN:
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_MASTER_KEY_DERIVE_DH:
- case CKM_SSL3_KEY_AND_MAC_DERIVE:
- case CKM_SSL3_SHA1_MAC:
- case CKM_SSL3_MD5_MAC:
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_MASTER_KEY_DERIVE_DH:
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- case CKM_SHA_1_HMAC:
- case CKM_SHA_1_HMAC_GENERAL:
- case CKM_SHA256_HMAC:
- case CKM_SHA256_HMAC_GENERAL:
- case CKM_SHA384_HMAC:
- case CKM_SHA384_HMAC_GENERAL:
- case CKM_SHA512_HMAC:
- case CKM_SHA512_HMAC_GENERAL:
- case CKM_MD2_HMAC:
- case CKM_MD2_HMAC_GENERAL:
- case CKM_MD5_HMAC:
- case CKM_MD5_HMAC_GENERAL:
- case CKM_TLS_PRF_GENERAL:
- return CKK_GENERIC_SECRET;
- default:
- return pk11_lookup(type)->keyType;
- }
-}
-
-/*
- * Get the Key Gen Mechanism needed for the given
- * crypto mechanism
- */
-CK_MECHANISM_TYPE
-PK11_GetKeyGen(CK_MECHANISM_TYPE type)
-{
- switch (type) {
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- case CKM_AES_MAC:
- case CKM_AES_MAC_GENERAL:
- case CKM_AES_CBC_PAD:
- case CKM_AES_KEY_GEN:
- return CKM_AES_KEY_GEN;
- case CKM_DES_ECB:
- case CKM_DES_CBC:
- case CKM_DES_MAC:
- case CKM_DES_MAC_GENERAL:
- case CKM_KEY_WRAP_LYNKS:
- case CKM_DES_CBC_PAD:
- case CKM_DES_KEY_GEN:
- return CKM_DES_KEY_GEN;
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- case CKM_DES3_MAC:
- case CKM_DES3_MAC_GENERAL:
- case CKM_DES3_CBC_PAD:
- case CKM_DES3_KEY_GEN:
- return CKM_DES3_KEY_GEN;
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- case CKM_CDMF_MAC:
- case CKM_CDMF_MAC_GENERAL:
- case CKM_CDMF_CBC_PAD:
- case CKM_CDMF_KEY_GEN:
- return CKM_CDMF_KEY_GEN;
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- case CKM_RC2_MAC:
- case CKM_RC2_MAC_GENERAL:
- case CKM_RC2_CBC_PAD:
- case CKM_RC2_KEY_GEN:
- return CKM_RC2_KEY_GEN;
- case CKM_RC4:
- case CKM_RC4_KEY_GEN:
- return CKM_RC4_KEY_GEN;
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- case CKM_RC5_MAC:
- case CKM_RC5_MAC_GENERAL:
- case CKM_RC5_CBC_PAD:
- case CKM_RC5_KEY_GEN:
- return CKM_RC5_KEY_GEN;
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_SKIPJACK_WRAP:
- case CKM_SKIPJACK_KEY_GEN:
- return CKM_SKIPJACK_KEY_GEN;
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_BATON_WRAP:
- case CKM_BATON_KEY_GEN:
- return CKM_BATON_KEY_GEN;
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- case CKM_JUNIPER_WRAP:
- case CKM_JUNIPER_KEY_GEN:
- return CKM_JUNIPER_KEY_GEN;
- case CKM_IDEA_CBC:
- case CKM_IDEA_ECB:
- case CKM_IDEA_MAC:
- case CKM_IDEA_MAC_GENERAL:
- case CKM_IDEA_CBC_PAD:
- case CKM_IDEA_KEY_GEN:
- return CKM_IDEA_KEY_GEN;
- case CKM_CAST_ECB:
- case CKM_CAST_CBC:
- case CKM_CAST_MAC:
- case CKM_CAST_MAC_GENERAL:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST_KEY_GEN:
- return CKM_CAST_KEY_GEN;
- case CKM_CAST3_ECB:
- case CKM_CAST3_CBC:
- case CKM_CAST3_MAC:
- case CKM_CAST3_MAC_GENERAL:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST3_KEY_GEN:
- return CKM_CAST3_KEY_GEN;
- case CKM_CAST5_ECB:
- case CKM_CAST5_CBC:
- case CKM_CAST5_MAC:
- case CKM_CAST5_MAC_GENERAL:
- case CKM_CAST5_CBC_PAD:
- case CKM_CAST5_KEY_GEN:
- return CKM_CAST5_KEY_GEN;
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- case CKM_MD2_RSA_PKCS:
- case CKM_MD5_RSA_PKCS:
- case CKM_SHA1_RSA_PKCS:
- case CKM_SHA256_RSA_PKCS:
- case CKM_SHA384_RSA_PKCS:
- case CKM_SHA512_RSA_PKCS:
- case CKM_KEY_WRAP_SET_OAEP:
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- return CKM_RSA_PKCS_KEY_PAIR_GEN;
- case CKM_DSA:
- case CKM_DSA_SHA1:
- case CKM_DSA_KEY_PAIR_GEN:
- return CKM_DSA_KEY_PAIR_GEN;
- case CKM_DH_PKCS_DERIVE:
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- return CKM_DH_PKCS_KEY_PAIR_GEN;
- case CKM_KEA_KEY_DERIVE:
- case CKM_KEA_KEY_PAIR_GEN:
- return CKM_KEA_KEY_PAIR_GEN;
- case CKM_ECDSA:
- case CKM_ECDSA_SHA1:
- case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
- case CKM_ECDH1_DERIVE:
- return CKM_EC_KEY_PAIR_GEN;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_KEY_AND_MAC_DERIVE:
- case CKM_SSL3_SHA1_MAC:
- case CKM_SSL3_MD5_MAC:
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- return CKM_SSL3_PRE_MASTER_KEY_GEN;
- case CKM_SHA_1_HMAC:
- case CKM_SHA_1_HMAC_GENERAL:
- case CKM_SHA256_HMAC:
- case CKM_SHA256_HMAC_GENERAL:
- case CKM_SHA384_HMAC:
- case CKM_SHA384_HMAC_GENERAL:
- case CKM_SHA512_HMAC:
- case CKM_SHA512_HMAC_GENERAL:
- case CKM_MD2_HMAC:
- case CKM_MD2_HMAC_GENERAL:
- case CKM_MD5_HMAC:
- case CKM_MD5_HMAC_GENERAL:
- case CKM_TLS_PRF_GENERAL:
- case CKM_GENERIC_SECRET_KEY_GEN:
- return CKM_GENERIC_SECRET_KEY_GEN;
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_PBA_SHA1_WITH_SHA1_HMAC:
- case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- return type;
- default:
- return pk11_lookup(type)->keyGen;
- }
-}
-
-/*
- * get the mechanism block size
- */
-int
-PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params)
-{
- CK_RC5_PARAMS *rc5_params;
- CK_RC5_CBC_PARAMS *rc5_cbc_params;
- switch (type) {
- case CKM_RC5_ECB:
- if ((params) && (params->data)) {
- rc5_params = (CK_RC5_PARAMS *) params->data;
- return (rc5_params->ulWordsize)*2;
- }
- return 8;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- if ((params) && (params->data)) {
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *) params->data;
- return (rc5_cbc_params->ulWordsize)*2;
- }
- return 8;
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RC2_ECB:
- case CKM_IDEA_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- case CKM_RC2_CBC:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_RC2_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- return 8;
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- return 4;
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- case CKM_AES_CBC_PAD:
- case CKM_BATON_ECB128:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- return 16;
- case CKM_BATON_ECB96:
- return 12;
- case CKM_RC4:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- return 0;
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- /*actually it's the modulus length of the key!*/
- return -1; /* failure */
- default:
- return pk11_lookup(type)->blockSize;
- }
-}
-
-/*
- * get the iv length
- */
-int
-PK11_GetIVLength(CK_MECHANISM_TYPE type)
-{
- switch (type) {
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RC2_ECB:
- case CKM_IDEA_ECB:
- case CKM_SKIPJACK_WRAP:
- case CKM_BATON_WRAP:
- case CKM_RC5_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- return 0;
- case CKM_RC2_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_RC5_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_RC2_CBC_PAD:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_RC5_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- return 8;
- case CKM_AES_CBC:
- case CKM_AES_CBC_PAD:
- return 16;
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- return 24;
- case CKM_RC4:
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- return 0;
- default:
- return pk11_lookup(type)->iv;
- }
-}
-
-
-/* These next two utilities are here to help facilitate future
- * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
- * like SSL and S-MIME to automatically add them.
- */
-SECItem *
-PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv)
-{
- CK_RC2_CBC_PARAMS *rc2_params = NULL;
- CK_RC2_PARAMS *rc2_ecb_params = NULL;
- CK_RC5_PARAMS *rc5_params = NULL;
- CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
- SECItem *param;
-
- param = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (param == NULL) return NULL;
- param->data = NULL;
- param->len = 0;
- param->type = 0;
- switch (type) {
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- case CKM_RSA_9796:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- case CKM_RC4:
- break;
- case CKM_RC2_ECB:
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) break;
- /* Maybe we should pass the key size in too to get this value? */
- *rc2_ecb_params = 128;
- param->data = (unsigned char *) rc2_ecb_params;
- param->len = sizeof(CK_RC2_PARAMS);
- break;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) break;
- /* Maybe we should pass the key size in too to get this value? */
- rc2_params->ulEffectiveBits = 128;
- if (iv && iv->data)
- PORT_Memcpy(rc2_params->iv,iv->data,sizeof(rc2_params->iv));
- param->data = (unsigned char *) rc2_params;
- param->len = sizeof(CK_RC2_CBC_PARAMS);
- break;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
- PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0));
- if (rc5_cbc_params == NULL) break;
- if (iv && iv->data) {
- rc5_cbc_params->pIv = ((CK_BYTE_PTR) rc5_cbc_params)
- + sizeof(CK_RC5_CBC_PARAMS);
- PORT_Memcpy(rc5_cbc_params->pIv,iv->data,iv->len);
- rc5_cbc_params->ulIvLen = iv->len;
- rc5_cbc_params->ulWordsize = iv->len/2;
- } else {
- rc5_cbc_params->ulWordsize = 4;
- rc5_cbc_params->pIv = NULL;
- rc5_cbc_params->ulIvLen = iv->len;
- }
- rc5_cbc_params->ulRounds = 16;
- param->data = (unsigned char *) rc5_cbc_params;
- param->len = sizeof(CK_RC5_CBC_PARAMS);
- break;
- case CKM_RC5_ECB:
- rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
- if (rc5_params == NULL) break;
- if (iv && iv->data && iv->len) {
- rc5_params->ulWordsize = iv->len/2;
- } else {
- rc5_params->ulWordsize = 4;
- }
- rc5_params->ulRounds = 16;
- param->data = (unsigned char *) rc5_params;
- param->len = sizeof(CK_RC5_PARAMS);
- break;
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_AES_CBC_PAD:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- if ((iv == NULL) || (iv->data == NULL)) break;
- param->data = (unsigned char*)PORT_Alloc(iv->len);
- if (param->data != NULL) {
- PORT_Memcpy(param->data,iv->data,iv->len);
- param->len = iv->len;
- }
- break;
- /* unknown mechanism, pass IV in if it's there */
- default:
- if (pk11_lookup(type)->iv == 0) {
- break;
- }
- if ((iv == NULL) || (iv->data == NULL)) {
- break;
- }
- param->data = (unsigned char*)PORT_Alloc(iv->len);
- if (param->data != NULL) {
- PORT_Memcpy(param->data,iv->data,iv->len);
- param->len = iv->len;
- }
- break;
- }
- return param;
-}
-
-unsigned char *
-PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len)
-{
- CK_RC2_CBC_PARAMS *rc2_params;
- CK_RC5_CBC_PARAMS *rc5_cbc_params;
-
- *len = 0;
- switch (type) {
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- case CKM_RSA_9796:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- case CKM_RC4:
- return NULL;
- case CKM_RC2_ECB:
- return NULL;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
- *len = sizeof(rc2_params->iv);
- return &rc2_params->iv[0];
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *) param->data;
- *len = rc5_cbc_params->ulIvLen;
- return rc5_cbc_params->pIv;
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- break;
- /* unknown mechanism, pass IV in if it's there */
- default:
- break;
- }
- if (param->data) {
- *len = param->len;
- }
- return param->data;
-}
-
-typedef struct sec_rc5cbcParameterStr {
- SECItem version;
- SECItem rounds;
- SECItem blockSizeInBits;
- SECItem iv;
-} sec_rc5cbcParameter;
-
-static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc5cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,version) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,rounds) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,blockSizeInBits) },
- { 0 }
-};
-
-static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc5cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,version) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,rounds) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,blockSizeInBits) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(sec_rc5cbcParameter,iv) },
- { 0 }
-};
-
-typedef struct sec_rc2cbcParameterStr {
- SECItem rc2ParameterVersion;
- SECItem iv;
-} sec_rc2cbcParameter;
-
-static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc2cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(sec_rc2cbcParameter,iv) },
- { 0 }
-};
-
-static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc2cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
- { 0 }
-};
-
-/* S/MIME picked id values to represent differnt keysizes */
-/* I do have a formula, but it ain't pretty, and it only works because you
- * can always match three points to a parabola:) */
-static unsigned char rc2_map(SECItem *version)
-{
- long x;
-
- x = DER_GetInteger(version);
-
- switch (x) {
- case 58: return 128;
- case 120: return 64;
- case 160: return 40;
- }
- return 128;
-}
-
-static unsigned long rc2_unmap(unsigned long x)
-{
- switch (x) {
- case 128: return 58;
- case 64: return 120;
- case 40: return 160;
- }
- return 58;
-}
-
-
-
-/* Generate a mechaism param from a type, and iv. */
-SECItem *
-PK11_ParamFromAlgid(SECAlgorithmID *algid)
-{
- CK_RC2_CBC_PARAMS *rc2_params = NULL;
- CK_RC2_PARAMS *rc2_ecb_params = NULL;
- CK_RC5_CBC_PARAMS *rc5_params_cbc;
- CK_RC5_PARAMS *rc5_params_ecb;
- SECItem iv;
- sec_rc2cbcParameter rc2;
- sec_rc5cbcParameter rc5;
- SECItem *mech;
- CK_MECHANISM_TYPE type;
- SECOidTag algtag;
- SECStatus rv;
-
- algtag = SECOID_GetAlgorithmTag(algid);
- type = PK11_AlgtagToMechanism(algtag);
-
- mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
- if (mech == NULL) return NULL;
- mech->type = siBuffer;
-
-
- /* handle the complicated cases */
- switch (type) {
- case CKM_RC2_ECB:
- rv = SEC_ASN1DecodeItem(NULL, &rc2 ,sec_rc2ecb_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) {
- PORT_Free(rc2.rc2ParameterVersion.data);
- PORT_Free(mech);
- return NULL;
- }
- *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
- PORT_Free(rc2.rc2ParameterVersion.data);
- mech->data = (unsigned char *) rc2_ecb_params;
- mech->len = sizeof(CK_RC2_PARAMS);
- return mech;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rv = SEC_ASN1DecodeItem(NULL, &rc2 ,sec_rc2cbc_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) {
- PORT_Free(rc2.iv.data);
- PORT_Free(rc2.rc2ParameterVersion.data);
- PORT_Free(mech);
- return NULL;
- }
- rc2_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
- PORT_Free(rc2.rc2ParameterVersion.data);
- PORT_Memcpy(rc2_params->iv,rc2.iv.data,sizeof(rc2_params->iv));
- PORT_Free(rc2.iv.data);
- mech->data = (unsigned char *) rc2_params;
- mech->len = sizeof(CK_RC2_CBC_PARAMS);
- return mech;
- case CKM_RC5_ECB:
- rv = SEC_ASN1DecodeItem(NULL, &rc5 ,sec_rc5ecb_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_ecb=(CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
- PORT_Free(rc5.version.data);
- if (rc5_params_ecb == NULL) {
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_ecb->ulRounds = DER_GetInteger(&rc5.rounds);
- rc5_params_ecb->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- mech->data = (unsigned char *) rc5_params_ecb;
- mech->len = sizeof(CK_RC5_PARAMS);
- return mech;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rv = SEC_ASN1DecodeItem(NULL, &rc5 ,sec_rc5cbc_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_cbc = (CK_RC5_CBC_PARAMS *)
- PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
- PORT_Free(rc5.version.data);
- if (rc2_params == NULL) {
- PORT_Free(rc5.iv.data);
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_cbc->ulRounds = DER_GetInteger(&rc5.rounds);
- rc5_params_cbc->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- rc5_params_cbc->pIv = ((CK_BYTE_PTR)rc5_params_cbc)
- + sizeof(CK_RC5_CBC_PARAMS);
- PORT_Memcpy(rc5_params_cbc->pIv,rc5.iv.data,rc5.iv.len);
- rc5_params_cbc->ulIvLen = rc5.iv.len;
- PORT_Free(rc5.iv.data);
- mech->data = (unsigned char *) rc5_params_cbc;
- mech->len = sizeof(CK_RC5_CBC_PARAMS);
- return mech;
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- rv = pbe_PK11AlgidToParam(algid,mech);
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- return mech;
- default:
- /* must be a simple case */
- break;
- }
-
- /* simple cases are simpley Octect encoded IV's */
- rv = SEC_ASN1DecodeItem(NULL, &iv, SEC_OctetStringTemplate,
- &(algid->parameters));
- if (rv != SECSuccess) {
- iv.data = NULL;
- iv.len = 0;
- }
-
- rv = SECSuccess;
- switch (type) {
- case CKM_RC4:
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- mech->data = NULL;
- mech->len = 0;
- break;
- default:
- if (pk11_lookup(type)->iv == 0) {
- mech->data = NULL;
- mech->len = 0;
- break;
- }
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_AES_CBC_PAD:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- if (iv.data == NULL) {
- rv = SECFailure;
- break;
- }
- mech->data = (unsigned char*)PORT_Alloc(iv.len);
- if (mech->data == NULL) {
- rv = SECFailure;
- break;
- }
- PORT_Memcpy(mech->data,iv.data,iv.len);
- mech->len = iv.len;
- break;
- }
- if (iv.data) PORT_Free(iv.data);
- if (rv != SECSuccess) {
- SECITEM_FreeItem(mech,PR_TRUE);
- return NULL;
- }
- return mech;
-}
-
-SECStatus
-PK11_SeedRandom(PK11SlotInfo *slot, unsigned char *data, int len) {
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_SeedRandom(slot->session,data, (CK_ULONG)len);
- PK11_ExitSlotMonitor(slot);
- return (crv != CKR_OK) ? SECFailure : SECSuccess;
-}
-
-/* Attempts to update the Best Slot for "FAKE RANDOM" generation.
-** If that's not the internal slot, then it also attempts to update the
-** internal slot.
-** The return value indicates if the INTERNAL slot was updated OK.
-*/
-SECStatus
-PK11_RandomUpdate(void *data, size_t bytes)
-{
- PK11SlotInfo *slot;
- PRBool bestIsInternal;
- SECStatus status;
-
- slot = PK11_GetBestSlot(CKM_FAKE_RANDOM, NULL);
- if (slot == NULL) {
- slot = PK11_GetInternalSlot();
- if (!slot)
- return SECFailure;
- }
-
- bestIsInternal = PK11_IsInternal(slot);
- status = PK11_SeedRandom(slot, data, bytes);
- PK11_FreeSlot(slot);
-
- if (!bestIsInternal) {
- /* do internal slot, too. */
- slot = PK11_GetInternalSlot(); /* can't fail */
- status = PK11_SeedRandom(slot, data, bytes);
- PK11_FreeSlot(slot);
- }
- return status;
-}
-
-
-SECStatus
-PK11_GenerateRandom(unsigned char *data,int len) {
- PK11SlotInfo *slot;
- CK_RV crv;
-
- slot = PK11_GetBestSlot(CKM_FAKE_RANDOM,NULL);
- if (slot == NULL) return SECFailure;
-
- if (!slot->isInternal) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GenerateRandom(slot->session,data,
- (CK_ULONG)len);
- if (!slot->isInternal) PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- return (crv != CKR_OK) ? SECFailure : SECSuccess;
-}
-
-/*
- * Generate an IV for the given mechanism
- */
-static SECStatus
-pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) {
- int iv_size = PK11_GetIVLength(type);
- SECStatus rv;
-
- iv->len = iv_size;
- if (iv_size == 0) {
- iv->data = NULL;
- return SECSuccess;
- }
-
- iv->data = (unsigned char *) PORT_Alloc(iv_size);
- if (iv->data == NULL) {
- iv->len = 0;
- return SECFailure;
- }
-
- rv = PK11_GenerateRandom(iv->data,iv->len);
- if (rv != SECSuccess) {
- PORT_Free(iv->data);
- iv->data = NULL; iv->len = 0;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-/*
- * create a new paramter block from the passed in MECHANISM and the
- * key. Use Netscape's S/MIME Rules for the New param block.
- */
-SECItem *
-PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key) {
- CK_RC2_CBC_PARAMS *rc2_params;
- CK_RC2_PARAMS *rc2_ecb_params;
- SECItem *mech;
- SECItem iv;
- SECStatus rv;
-
-
- mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
- if (mech == NULL) return NULL;
-
- rv = SECSuccess;
- mech->type = siBuffer;
- switch (type) {
- case CKM_RC4:
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- mech->data = NULL;
- mech->len = 0;
- break;
- case CKM_RC2_ECB:
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) {
- rv = SECFailure;
- break;
- }
- /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
- * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
- *rc2_ecb_params = PK11_GetKeyLength(key)*8;
- mech->data = (unsigned char *) rc2_ecb_params;
- mech->len = sizeof(CK_RC2_PARAMS);
- break;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) {
- PORT_Free(iv.data);
- rv = SECFailure;
- break;
- }
- /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
- * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
- rc2_params->ulEffectiveBits = PK11_GetKeyLength(key)*8;
- if (iv.data)
- PORT_Memcpy(rc2_params->iv,iv.data,sizeof(rc2_params->iv));
- mech->data = (unsigned char *) rc2_params;
- mech->len = sizeof(CK_RC2_CBC_PARAMS);
- PORT_Free(iv.data);
- break;
- case CKM_RC5_ECB:
- PORT_Free(mech);
- return PK11_ParamFromIV(type,NULL);
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- PORT_Free(mech);
- return PK11_ParamFromIV(type,&iv);
- default:
- if (pk11_lookup(type)->iv == 0) {
- mech->data = NULL;
- mech->len = 0;
- break;
- }
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- mech->data = (unsigned char*)PORT_Alloc(iv.len);
- if (mech->data == NULL) {
- PORT_Free(iv.data);
- rv = SECFailure;
- break;
- }
- PORT_Memcpy(mech->data,iv.data,iv.len);
- mech->len = iv.len;
- PORT_Free(iv.data);
- break;
- }
- if (rv != SECSuccess) {
- SECITEM_FreeItem(mech,PR_TRUE);
- return NULL;
- }
- return mech;
-
-}
-
-#define RC5_V10 0x10
-
-/* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */
-SECStatus
-PK11_ParamToAlgid(SECOidTag algTag, SECItem *param,
- PRArenaPool *arena, SECAlgorithmID *algid) {
- CK_RC2_CBC_PARAMS *rc2_params;
- sec_rc2cbcParameter rc2;
- CK_RC5_CBC_PARAMS *rc5_params;
- sec_rc5cbcParameter rc5;
- CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag);
- SECItem *newParams = NULL;
- SECStatus rv = SECFailure;
- unsigned long rc2version;
-
- rv = SECSuccess;
- switch (type) {
- case CKM_RC4:
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- newParams = NULL;
- rv = SECSuccess;
- break;
- case CKM_RC2_ECB:
- break;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
- rc2version = rc2_unmap(rc2_params->ulEffectiveBits);
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &(rc2.rc2ParameterVersion),
- rc2version) == NULL)
- break;
- rc2.iv.data = rc2_params->iv;
- rc2.iv.len = sizeof(rc2_params->iv);
- newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc2,
- sec_rc2cbc_parameter_template);
- PORT_Free(rc2.rc2ParameterVersion.data);
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
-
- case CKM_RC5_ECB: /* well not really... */
- break;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rc5_params = (CK_RC5_CBC_PARAMS *)param->data;
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.version, RC5_V10) == NULL)
- break;
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.blockSizeInBits,
- rc5_params->ulWordsize*8) == NULL) {
- PORT_Free(rc5.version.data);
- break;
- }
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.rounds,
- rc5_params->ulWordsize*8) == NULL) {
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(rc5.version.data);
- break;
- }
- rc5.iv.data = rc5_params->pIv;
- rc5.iv.len = rc5_params->ulIvLen;
- newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc5,
- sec_rc5cbc_parameter_template);
- PORT_Free(rc5.version.data);
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(rc5.rounds.data);
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- return PBE_PK11ParamToAlgid(algTag, param, arena, algid);
- default:
- if (pk11_lookup(type)->iv == 0) {
- rv = SECSuccess;
- newParams = NULL;
- break;
- }
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- newParams = SEC_ASN1EncodeItem(NULL,NULL,param,
- SEC_OctetStringTemplate);
- rv = SECSuccess;
- break;
- }
-
- if (rv != SECSuccess) {
- if (newParams) SECITEM_FreeItem(newParams,PR_TRUE);
- return rv;
- }
-
- rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams);
- SECITEM_FreeItem(newParams,PR_TRUE);
- return rv;
-}
-
-/* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to
- * map OID's directly into the PKCS #11 mechanism we want to call. We find
- * this mapping in our standard OID table */
-CK_MECHANISM_TYPE
-PK11_AlgtagToMechanism(SECOidTag algTag) {
- SECOidData *oid = SECOID_FindOIDByTag(algTag);
-
- if (oid) return (CK_MECHANISM_TYPE) oid->mechanism;
- return CKM_INVALID_MECHANISM;
-}
-
-/* turn a mechanism into an oid. */
-SECOidTag
-PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) {
- SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type);
-
- if (oid) return oid->offset;
- return SEC_OID_UNKNOWN;
-}
-
-/* Determine appropriate blocking mechanism, used when wrapping private keys
- * which require PKCS padding. If the mechanism does not map to a padding
- * mechanism, we simply return the mechanism.
- */
-CK_MECHANISM_TYPE
-PK11_GetPadMechanism(CK_MECHANISM_TYPE type) {
- switch(type) {
- case CKM_AES_CBC:
- return CKM_AES_CBC_PAD;
- case CKM_DES_CBC:
- return CKM_DES_CBC_PAD;
- case CKM_DES3_CBC:
- return CKM_DES3_CBC_PAD;
- case CKM_RC2_CBC:
- return CKM_RC2_CBC_PAD;
- case CKM_CDMF_CBC:
- return CKM_CDMF_CBC_PAD;
- case CKM_CAST_CBC:
- return CKM_CAST_CBC_PAD;
- case CKM_CAST3_CBC:
- return CKM_CAST3_CBC_PAD;
- case CKM_CAST5_CBC:
- return CKM_CAST5_CBC_PAD;
- case CKM_RC5_CBC:
- return CKM_RC5_CBC_PAD;
- case CKM_IDEA_CBC:
- return CKM_IDEA_CBC_PAD;
- default:
- break;
- }
-
- return type;
-}
-
-/*
- * Build a block big enough to hold the data
- */
-SECItem *
-PK11_BlockData(SECItem *data,unsigned long size) {
- SECItem *newData;
-
- newData = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (newData == NULL) return NULL;
-
- newData->len = (data->len + (size-1))/size;
- newData->len *= size;
-
- newData->data = (unsigned char *) PORT_ZAlloc(newData->len);
- if (newData->data == NULL) {
- PORT_Free(newData);
- return NULL;
- }
- PORT_Memset(newData->data,newData->len-data->len,newData->len);
- PORT_Memcpy(newData->data,data->data,data->len);
- return newData;
-}
-
-
-SECStatus
-PK11_DestroyObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object) {
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_DestroyObject(slot->session,object);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-PK11_DestroyTokenObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object) {
- CK_RV crv;
- SECStatus rv = SECSuccess;
- CK_SESSION_HANDLE rwsession;
-
-
- rwsession = PK11_GetRWSession(slot);
-
- crv = PK11_GETTAB(slot)->C_DestroyObject(rwsession,object);
- if (crv != CKR_OK) {
- rv = SECFailure;
- PORT_SetError(PK11_MapError(crv));
- }
- PK11_RestoreROSession(slot,rwsession);
- return rv;
-}
-
-/*
- * Read in a single attribute into a SECItem. Allocate space for it with
- * PORT_Alloc unless an arena is supplied. In the latter case use the arena
- * to allocate the space.
- */
-SECStatus
-PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type, PRArenaPool *arena, SECItem *result) {
- CK_ATTRIBUTE attr = { 0, NULL, 0 };
- CK_RV crv;
-
- attr.type = type;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- if (arena) {
- attr.pValue = PORT_ArenaAlloc(arena,attr.ulValueLen);
- } else {
- attr.pValue = PORT_Alloc(attr.ulValueLen);
- }
- if (attr.pValue == NULL) {
- PK11_ExitSlotMonitor(slot);
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- if (!arena) PORT_Free(attr.pValue);
- return SECFailure;
- }
-
- result->data = (unsigned char*)attr.pValue;
- result->len = attr.ulValueLen;
-
- return SECSuccess;
-}
-
-/*
- * Read in a single attribute into As a Ulong.
- */
-CK_ULONG
-PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type) {
- CK_ATTRIBUTE attr;
- CK_ULONG value = CK_UNAVAILABLE_INFORMATION;
- CK_RV crv;
-
- PK11_SETATTRS(&attr,type,&value,sizeof(value));
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- }
- return value;
-}
-
-/*
- * check to see if a bool has been set.
- */
-CK_BBOOL
-PK11_HasAttributeSet( PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type )
-{
- CK_BBOOL ckvalue = CK_FALSE;
- CK_ATTRIBUTE theTemplate;
- CK_RV crv;
-
- /* Prepare to retrieve the attribute. */
- PK11_SETATTRS( &theTemplate, type, &ckvalue, sizeof( CK_BBOOL ) );
-
- /* Retrieve attribute value. */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB( slot )->C_GetAttributeValue( slot->session, id,
- &theTemplate, 1 );
- PK11_ExitSlotMonitor(slot);
- if( crv != CKR_OK ) {
- PORT_SetError( PK11_MapError( crv ) );
- return CK_FALSE;
- }
-
- return ckvalue;
-}
-
-/*
- * returns a full list of attributes. Allocate space for them. If an arena is
- * provided, allocate space out of the arena.
- */
-CK_RV
-PK11_GetAttributes(PRArenaPool *arena,PK11SlotInfo *slot,
- CK_OBJECT_HANDLE obj,CK_ATTRIBUTE *attr, int count)
-{
- int i;
- /* make pedantic happy... note that it's only used arena != NULL */
- void *mark = NULL;
- CK_RV crv;
-
- /*
- * first get all the lengths of the parameters.
- */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,obj,attr,count);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- return crv;
- }
-
- if (arena) {
- mark = PORT_ArenaMark(arena);
- if (mark == NULL) return CKR_HOST_MEMORY;
- }
-
- /*
- * now allocate space to store the results.
- */
- for (i=0; i < count; i++) {
- if (arena) {
- attr[i].pValue = PORT_ArenaAlloc(arena,attr[i].ulValueLen);
- if (attr[i].pValue == NULL) {
- /* arena failures, just release the mark */
- PORT_ArenaRelease(arena,mark);
- PK11_ExitSlotMonitor(slot);
- return CKR_HOST_MEMORY;
- }
- } else {
- attr[i].pValue = PORT_Alloc(attr[i].ulValueLen);
- if (attr[i].pValue == NULL) {
- /* Separate malloc failures, loop to release what we have
- * so far */
- int j;
- for (j= 0; j < i; j++) {
- PORT_Free(attr[j].pValue);
- /* don't give the caller pointers to freed memory */
- attr[j].pValue = NULL;
- }
- PK11_ExitSlotMonitor(slot);
- return CKR_HOST_MEMORY;
- }
- }
- }
-
- /*
- * finally get the results.
- */
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,obj,attr,count);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- if (arena) {
- PORT_ArenaRelease(arena,mark);
- } else {
- for (i= 0; i < count; i++) {
- PORT_Free(attr[i].pValue);
- /* don't give the caller pointers to freed memory */
- attr[i].pValue = NULL;
- }
- }
- } else if (arena && mark) {
- PORT_ArenaUnmark(arena,mark);
- }
- return crv;
-}
-
-/*
- * Reset the token to it's initial state. For the internal module, this will
- * Purge your keydb, and reset your cert db certs to USER_INIT.
- */
-SECStatus
-PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd)
-{
- unsigned char tokenName[32];
- int tokenNameLen;
- CK_RV crv;
-
- /* reconstruct the token name */
- tokenNameLen = PORT_Strlen(slot->token_name);
- if (tokenNameLen > sizeof(tokenName)) {
- tokenNameLen = sizeof(tokenName);
- }
-
- PORT_Memcpy(tokenName,slot->token_name,tokenNameLen);
- if (tokenNameLen < sizeof(tokenName)) {
- PORT_Memset(&tokenName[tokenNameLen],' ',
- sizeof(tokenName)-tokenNameLen);
- }
-
- /* initialize the token */
- PK11_EnterSlotMonitor(slot);
-
- /* first shutdown the token. Existing sessions will get closed here */
- PK11_GETTAB(slot)->C_CloseAllSessions(slot->slotID);
- slot->session = CK_INVALID_SESSION;
-
- /* now re-init the token */
- crv = PK11_GETTAB(slot)->C_InitToken(slot->slotID,
- (unsigned char *)sso_pwd, sso_pwd ? PORT_Strlen(sso_pwd): 0, tokenName);
-
- /* finally bring the token back up */
- PK11_InitToken(slot,PR_TRUE);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- nssTrustDomain_UpdateCachedTokenCerts(slot->nssToken->trustDomain,
- slot->nssToken);
- return SECSuccess;
-}
-
-static PRBool
-pk11_isAllZero(unsigned char *data,int len) {
- while (len--) {
- if (*data++) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-CK_RV
-PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
- CK_MECHANISM_PTR pCryptoMechanism,
- SECItem *pbe_pwd, PRBool faulty3DES)
-{
- int iv_len = 0;
- CK_PBE_PARAMS_PTR pPBEparams;
- CK_RC2_CBC_PARAMS_PTR rc2_params;
- CK_ULONG rc2_key_len;
-
- if((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) {
- return CKR_HOST_MEMORY;
- }
-
- pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter;
- iv_len = PK11_GetIVLength(pPBEMechanism->mechanism);
-
- if (iv_len) {
- if (pk11_isAllZero(pPBEparams->pInitVector,iv_len)) {
- SECItem param;
- PK11SymKey *symKey;
- PK11SlotInfo *intSlot = PK11_GetInternalSlot();
-
- if (intSlot == NULL) {
- return CKR_DEVICE_ERROR;
- }
-
- param.data = pPBEMechanism->pParameter;
- param.len = pPBEMechanism->ulParameterLen;
-
- symKey = PK11_RawPBEKeyGen(intSlot,
- pPBEMechanism->mechanism, &param, pbe_pwd, faulty3DES, NULL);
- PK11_FreeSlot(intSlot);
- if (symKey== NULL) {
- return CKR_DEVICE_ERROR; /* sigh */
- }
- PK11_FreeSymKey(symKey);
- }
- }
-
- switch(pPBEMechanism->mechanism) {
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- pCryptoMechanism->mechanism = CKM_DES_CBC;
- goto have_crypto_mechanism;
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- pCryptoMechanism->mechanism = CKM_DES3_CBC;
-have_crypto_mechanism:
- pCryptoMechanism->pParameter = PORT_Alloc(iv_len);
- pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len;
- if(pCryptoMechanism->pParameter == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter),
- (unsigned char *)(pPBEparams->pInitVector),
- iv_len);
- break;
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- pCryptoMechanism->mechanism = CKM_RC4;
- pCryptoMechanism->ulParameterLen = 0;
- pCryptoMechanism->pParameter = CK_NULL_PTR;
- break;
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- rc2_key_len = 40;
- goto have_key_len;
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- rc2_key_len = 128;
-have_key_len:
- pCryptoMechanism->mechanism = CKM_RC2_CBC;
- pCryptoMechanism->ulParameterLen = (CK_ULONG)
- sizeof(CK_RC2_CBC_PARAMS);
- pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR)
- PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS));
- if(pCryptoMechanism->pParameter == NULL) {
- return CKR_HOST_MEMORY;
- }
- rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter;
- PORT_Memcpy((unsigned char *)rc2_params->iv,
- (unsigned char *)pPBEparams->pInitVector,
- iv_len);
- rc2_params->ulEffectiveBits = rc2_key_len;
- break;
- default:
- return CKR_MECHANISM_INVALID;
- }
-
- return CKR_OK;
-}
-
-PRBool
-PK11_IsPermObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle)
-{
- return (PRBool) PK11_HasAttributeSet(slot, handle, CKA_TOKEN);
-}
-
-char *
-PK11_GetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id)
-{
- char *nickname = NULL;
- SECItem result;
- SECStatus rv;
-
- rv = PK11_ReadAttribute(slot,id,CKA_LABEL,NULL,&result);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- nickname = PORT_ZAlloc(result.len+1);
- if (nickname == NULL) {
- PORT_Free(result.data);
- return NULL;
- }
- PORT_Memcpy(nickname, result.data, result.len);
- PORT_Free(result.data);
- return nickname;
-}
-
-SECStatus
-PK11_SetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- const char *nickname)
-{
- int len = PORT_Strlen(nickname);
- CK_ATTRIBUTE setTemplate;
- CK_RV crv;
- CK_SESSION_HANDLE rwsession;
-
- if (len < 0) {
- return SECFailure;
- }
-
- PK11_SETATTRS(&setTemplate, CKA_LABEL, (CK_CHAR *) nickname, len);
- rwsession = PK11_GetRWSession(slot);
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, id,
- &setTemplate, 1);
- PK11_RestoreROSession(slot, rwsession);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * wait for a token to change it's state. The application passes in the expected
- * new state in event.
- */
-PK11TokenStatus
-PK11_WaitForTokenEvent(PK11SlotInfo *slot, PK11TokenEvent event,
- PRIntervalTime timeout, PRIntervalTime latency, int series)
-{
- PRIntervalTime first_time = 0;
- PRBool first_time_set = PR_FALSE;
- PRBool waitForRemoval;
-
- if (slot->isPerm) {
- return PK11TokenNotRemovable;
- }
- if (latency == 0) {
- latency = PR_SecondsToInterval(5);
- }
- waitForRemoval = (PRBool) (event == PK11TokenRemovedOrChangedEvent);
-
- if (series == 0) {
- series = PK11_GetSlotSeries(slot);
- }
- while (PK11_IsPresent(slot) == waitForRemoval ) {
- PRIntervalTime interval;
-
- if (waitForRemoval && series != PK11_GetSlotSeries(slot)) {
- return PK11TokenChanged;
- }
- if (timeout != PR_INTERVAL_NO_WAIT) {
- return waitForRemoval ? PK11TokenPresent : PK11TokenRemoved;
- }
- if (timeout != PR_INTERVAL_NO_TIMEOUT ) {
- interval = PR_IntervalNow();
- if (!first_time_set) {
- first_time = interval;
- first_time_set = PR_TRUE;
- }
- if ((interval-first_time) > timeout) {
- return waitForRemoval ? PK11TokenPresent : PK11TokenRemoved;
- }
- }
- PR_Sleep(latency);
- }
- return waitForRemoval ? PK11TokenRemoved : PK11TokenPresent;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11util.c b/security/nss/lib/pk11wrap/pk11util.c
deleted file mode 100644
index 1a32d04b9..000000000
--- a/security/nss/lib/pk11wrap/pk11util.c
+++ /dev/null
@@ -1,726 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Initialize the PCKS 11 subsystem
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pk11func.h"
-#include "pki3hack.h"
-#include "secerr.h"
-
-/* these are for displaying error messages */
-
-static SECMODModuleList *modules = NULL;
-static SECMODModuleList *modulesDB = NULL;
-static SECMODModuleList *modulesUnload = NULL;
-static SECMODModule *internalModule = NULL;
-static SECMODModule *defaultDBModule = NULL;
-static SECMODModule *pendingModule = NULL;
-static SECMODListLock *moduleLock = NULL;
-
-int secmod_PrivateModuleCount = 0;
-
-extern PK11DefaultArrayEntry PK11_DefaultArray[];
-extern int num_pk11_default_mechanisms;
-
-
-void
-SECMOD_Init() {
- /* don't initialize twice */
- if (moduleLock) return;
-
- moduleLock = SECMOD_NewListLock();
- PK11_InitSlotLists();
-}
-
-
-SECStatus
-SECMOD_Shutdown() {
- /* destroy the lock */
- if (moduleLock) {
- SECMOD_DestroyListLock(moduleLock);
- moduleLock = NULL;
- }
- /* free the internal module */
- if (internalModule) {
- SECMOD_DestroyModule(internalModule);
- internalModule = NULL;
- }
-
- /* free the default database module */
- if (defaultDBModule) {
- SECMOD_DestroyModule(defaultDBModule);
- defaultDBModule = NULL;
- }
-
- /* destroy the list */
- if (modules) {
- SECMOD_DestroyModuleList(modules);
- modules = NULL;
- }
-
- if (modulesDB) {
- SECMOD_DestroyModuleList(modulesDB);
- modulesDB = NULL;
- }
-
- if (modulesUnload) {
- SECMOD_DestroyModuleList(modulesUnload);
- modulesUnload = NULL;
- }
-
- /* make all the slots and the lists go away */
- PK11_DestroySlotLists();
-
- nss_DumpModuleLog();
-
-#ifdef DEBUG
- if (PR_GetEnv("NSS_STRICT_SHUTDOWN")) {
- PORT_Assert(secmod_PrivateModuleCount == 0);
- }
-#endif
- if (secmod_PrivateModuleCount) {
- PORT_SetError(SEC_ERROR_BUSY);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-/*
- * retrieve the internal module
- */
-SECMODModule *
-SECMOD_GetInternalModule(void) {
- return internalModule;
-}
-
-
-SECStatus
-secmod_AddModuleToList(SECMODModuleList **moduleList,SECMODModule *newModule) {
- SECMODModuleList *mlp, *newListElement, *last = NULL;
-
- newListElement = SECMOD_NewModuleListElement();
- if (newListElement == NULL) {
- return SECFailure;
- }
-
- newListElement->module = SECMOD_ReferenceModule(newModule);
-
- SECMOD_GetWriteLock(moduleLock);
- /* Added it to the end (This is very inefficient, but Adding a module
- * on the fly should happen maybe 2-3 times through the life this program
- * on a given computer, and this list should be *SHORT*. */
- for(mlp = *moduleList; mlp != NULL; mlp = mlp->next) {
- last = mlp;
- }
-
- if (last == NULL) {
- *moduleList = newListElement;
- } else {
- SECMOD_AddList(last,newListElement,NULL);
- }
- SECMOD_ReleaseWriteLock(moduleLock);
- return SECSuccess;
-}
-
-SECStatus
-SECMOD_AddModuleToList(SECMODModule *newModule) {
- if (newModule->internal && !internalModule) {
- internalModule = SECMOD_ReferenceModule(newModule);
- }
- return secmod_AddModuleToList(&modules,newModule);
-}
-
-SECStatus
-SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule) {
- if (defaultDBModule == NULL) {
- defaultDBModule = SECMOD_ReferenceModule(newModule);
- }
- return secmod_AddModuleToList(&modulesDB,newModule);
-}
-
-SECStatus
-SECMOD_AddModuleToUnloadList(SECMODModule *newModule) {
- return secmod_AddModuleToList(&modulesUnload,newModule);
-}
-
-/*
- * get the list of PKCS11 modules that are available.
- */
-SECMODModuleList *SECMOD_GetDefaultModuleList() { return modules; }
-SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; }
-
-
-
-/*
- * find a module by name, and add a reference to it.
- * return that module.
- */
-SECMODModule *SECMOD_FindModule(char *name) {
- SECMODModuleList *mlp;
- SECMODModule *module = NULL;
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
- module = mlp->module;
- SECMOD_ReferenceModule(module);
- break;
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- return module;
-}
-
-/*
- * find a module by ID, and add a reference to it.
- * return that module.
- */
-SECMODModule *SECMOD_FindModuleByID(SECMODModuleID id) {
- SECMODModuleList *mlp;
- SECMODModule *module = NULL;
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- if (id == mlp->module->moduleID) {
- module = mlp->module;
- SECMOD_ReferenceModule(module);
- break;
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- return module;
-}
-
-/*
- * lookup the Slot module based on it's module ID and slot ID.
- */
-PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) {
- int i;
- SECMODModule *module;
-
- module = SECMOD_FindModuleByID(moduleID);
- if (module == NULL) return NULL;
-
- for (i=0; i < module->slotCount; i++) {
- PK11SlotInfo *slot = module->slots[i];
-
- if (slot->slotID == slotID) {
- SECMOD_DestroyModule(module);
- return PK11_ReferenceSlot(slot);
- }
- }
- SECMOD_DestroyModule(module);
- return NULL;
-}
-
-
-/*
- * find a module by name or module pointer and delete it off the module list.
- * optionally remove it from secmod.db.
- */
-SECStatus
-SECMOD_DeleteModuleEx(char *name, SECMODModule *mod, int *type, PRBool permdb) {
- SECMODModuleList *mlp;
- SECMODModuleList **mlpp;
- SECStatus rv = SECFailure;
-
-
- *type = SECMOD_EXTERNAL;
-
- SECMOD_GetWriteLock(moduleLock);
- for(mlpp = &modules,mlp = modules;
- mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
- if ((name && (PORT_Strcmp(name,mlp->module->commonName) == 0)) ||
- mod == mlp->module) {
- /* don't delete the internal module */
- if (!mlp->module->internal) {
- SECMOD_RemoveList(mlpp,mlp);
- /* delete it after we release the lock */
- rv = STAN_RemoveModuleFromDefaultTrustDomain(mlp->module);
- } else if (mlp->module->isFIPS) {
- *type = SECMOD_FIPS;
- } else {
- *type = SECMOD_INTERNAL;
- }
- break;
- }
- }
- SECMOD_ReleaseWriteLock(moduleLock);
-
-
- if (rv == SECSuccess) {
- if (permdb) {
- SECMOD_DeletePermDB(mlp->module);
- }
- SECMOD_DestroyModuleListElement(mlp);
- }
- return rv;
-}
-
-/*
- * find a module by name and delete it off the module list
- */
-SECStatus
-SECMOD_DeleteModule(char *name, int *type) {
- return SECMOD_DeleteModuleEx(name, NULL, type, PR_TRUE);
-}
-
-/*
- * find a module by name and delete it off the module list
- */
-SECStatus
-SECMOD_DeleteInternalModule(char *name) {
- SECMODModuleList *mlp;
- SECMODModuleList **mlpp;
- SECStatus rv = SECFailure;
-
- if (pendingModule) {
- PORT_SetError(SEC_ERROR_MODULE_STUCK);
- return rv;
- }
-
- SECMOD_GetWriteLock(moduleLock);
- for(mlpp = &modules,mlp = modules;
- mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
- if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
- /* don't delete the internal module */
- if (mlp->module->internal) {
- SECMOD_RemoveList(mlpp,mlp);
- rv = STAN_RemoveModuleFromDefaultTrustDomain(mlp->module);
- }
- break;
- }
- }
- SECMOD_ReleaseWriteLock(moduleLock);
-
- if (rv == SECSuccess) {
- SECMODModule *newModule,*oldModule;
-
- if (mlp->module->isFIPS) {
- newModule = SECMOD_CreateModule(NULL, SECMOD_INT_NAME,
- NULL, SECMOD_INT_FLAGS);
- } else {
- newModule = SECMOD_CreateModule(NULL, SECMOD_FIPS_NAME,
- NULL, SECMOD_FIPS_FLAGS);
- }
- if (newModule) {
- newModule->libraryParams =
- PORT_ArenaStrdup(newModule->arena,mlp->module->libraryParams);
- rv = SECMOD_AddModule(newModule);
- if (rv != SECSuccess) {
- SECMOD_DestroyModule(newModule);
- newModule = NULL;
- }
- }
- if (newModule == NULL) {
- SECMODModuleList *last = NULL,*mlp2;
- /* we're in pretty deep trouble if this happens...Security
- * not going to work well... try to put the old module back on
- * the list */
- SECMOD_GetWriteLock(moduleLock);
- for(mlp2 = modules; mlp2 != NULL; mlp2 = mlp->next) {
- last = mlp2;
- }
-
- if (last == NULL) {
- modules = mlp;
- } else {
- SECMOD_AddList(last,mlp,NULL);
- }
- SECMOD_ReleaseWriteLock(moduleLock);
- return SECFailure;
- }
- pendingModule = oldModule = internalModule;
- internalModule = NULL;
- SECMOD_DestroyModule(oldModule);
- SECMOD_DeletePermDB(mlp->module);
- SECMOD_DestroyModuleListElement(mlp);
- internalModule = newModule; /* adopt the module */
- }
- return rv;
-}
-
-SECStatus
-SECMOD_AddModule(SECMODModule *newModule) {
- SECStatus rv;
- SECMODModule *oldModule;
-
- /* Test if a module w/ the same name already exists */
- /* and return SECWouldBlock if so. */
- /* We should probably add a new return value such as */
- /* SECDublicateModule, but to minimize ripples, I'll */
- /* give SECWouldBlock a new meaning */
- if ((oldModule = SECMOD_FindModule(newModule->commonName)) != NULL) {
- SECMOD_DestroyModule(oldModule);
- return SECWouldBlock;
- /* module already exists. */
- }
-
- rv = SECMOD_LoadPKCS11Module(newModule);
- if (rv != SECSuccess) {
- return rv;
- }
-
- if (newModule->parent == NULL) {
- newModule->parent = SECMOD_ReferenceModule(defaultDBModule);
- }
-
- SECMOD_AddPermDB(newModule);
- SECMOD_AddModuleToList(newModule);
-
- rv = STAN_AddModuleToDefaultTrustDomain(newModule);
-
- return rv;
-}
-
-PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name) {
- int i;
- char *string;
-
- for (i=0; i < module->slotCount; i++) {
- PK11SlotInfo *slot = module->slots[i];
-
- if (PK11_IsPresent(slot)) {
- string = PK11_GetTokenName(slot);
- } else {
- string = PK11_GetSlotName(slot);
- }
- if (PORT_Strcmp(name,string) == 0) {
- return PK11_ReferenceSlot(slot);
- }
- }
- return NULL;
-}
-
-SECStatus
-PK11_GetModInfo(SECMODModule *mod,CK_INFO *info)
-{
- CK_RV crv;
-
- if (mod->functionList == NULL) return SECFailure;
- crv = PK11_GETTAB(mod)->C_GetInfo(info);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- }
- return (crv == CKR_OK) ? SECSuccess : SECFailure;
-}
-
-/* Determine if we have the FIP's module loaded as the default
- * module to trigger other bogus FIPS requirements in PKCS #12 and
- * SSL
- */
-PRBool
-PK11_IsFIPS(void)
-{
- SECMODModule *mod = SECMOD_GetInternalModule();
-
- if (mod && mod->internal) {
- return mod->isFIPS;
- }
-
- return PR_FALSE;
-}
-
-/* combines NewModule() & AddModule */
-/* give a string for the module name & the full-path for the dll, */
-/* installs the PKCS11 module & update registry */
-SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags,
- char* modparms,
- char* nssparms) {
- SECMODModule *module;
- SECStatus result = SECFailure;
- int s,i;
- PK11SlotInfo* slot;
-
- PR_SetErrorText(0, NULL);
-
- module = SECMOD_CreateModule(dllPath,moduleName, modparms, nssparms);
-
- if (module == NULL) {
- return result;
- }
-
- if (module->dllName != NULL) {
- if (module->dllName[0] != 0) {
- result = SECMOD_AddModule(module);
- if (result == SECSuccess) {
- /* turn on SSL cipher enable flags */
- module->ssl[0] = cipherEnableFlags;
-
- /* check each slot to turn on appropriate mechanisms */
- for (s = 0; s < module->slotCount; s++) {
- slot = (module->slots)[s];
- /* for each possible mechanism */
- for (i=0; i < num_pk11_default_mechanisms; i++) {
- /* we are told to turn it on by default ? */
- if (PK11_DefaultArray[i].flag & defaultMechanismFlags) {
- /* it ignores if slot attribute update failes */
- result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_TRUE);
- } else { /* turn this mechanism of the slot off by default */
- result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_FALSE);
- }
- } /* for each mechanism */
- /* disable each slot if the defaultFlags say so */
- if (defaultMechanismFlags & PK11_DISABLE_FLAG) {
- PK11_UserDisableSlot(slot);
- }
- } /* for each slot of this module */
-
- /* delete and re-add module in order to save changes to the module */
- result = SECMOD_UpdateModule(module);
- }
- }
- }
- SECMOD_DestroyModule(module);
- return result;
-}
-
-SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags)
-{
- return SECMOD_AddNewModuleEx(moduleName, dllPath, defaultMechanismFlags,
- cipherEnableFlags,
- NULL, NULL); /* don't pass module or nss params */
-}
-
-SECStatus SECMOD_UpdateModule(SECMODModule *module)
-{
- SECStatus result;
-
- result = SECMOD_DeletePermDB(module);
-
- if (result == SECSuccess) {
- result = SECMOD_AddPermDB(module);
- }
- return result;
-}
-
-/* Public & Internal(Security Library) representation of
- * encryption mechanism flags conversion */
-
-/* Currently, the only difference is that internal representation
- * puts RANDOM_FLAG at bit 31 (Most-significant bit), but
- * public representation puts this bit at bit 28
- */
-unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags) {
- unsigned long internalFlags = publicFlags;
-
- if (publicFlags & PUBLIC_MECH_RANDOM_FLAG) {
- internalFlags &= ~PUBLIC_MECH_RANDOM_FLAG;
- internalFlags |= SECMOD_RANDOM_FLAG;
- }
- return internalFlags;
-}
-
-unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags) {
- unsigned long publicFlags = internalFlags;
-
- if (internalFlags & SECMOD_RANDOM_FLAG) {
- publicFlags &= ~SECMOD_RANDOM_FLAG;
- publicFlags |= PUBLIC_MECH_RANDOM_FLAG;
- }
- return publicFlags;
-}
-
-
-/* Public & Internal(Security Library) representation of */
-/* cipher flags conversion */
-/* Note: currently they are just stubs */
-unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags) {
- return publicFlags;
-}
-
-unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags) {
- return internalFlags;
-}
-
-/* Funtion reports true if module of modType is installed/configured */
-PRBool
-SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags )
-{
- PRBool result = PR_FALSE;
- SECMODModuleList *mods = SECMOD_GetDefaultModuleList();
- SECMOD_GetReadLock(moduleLock);
-
-
- for ( ; mods != NULL; mods = mods->next) {
- if (mods->module->ssl[0] & SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) {
- result = PR_TRUE;
- }
- }
-
- SECMOD_ReleaseReadLock(moduleLock);
- return result;
-}
-
-/* create a new ModuleListElement */
-SECMODModuleList *SECMOD_NewModuleListElement(void) {
- SECMODModuleList *newModList;
-
- newModList= (SECMODModuleList *) PORT_Alloc(sizeof(SECMODModuleList));
- if (newModList) {
- newModList->next = NULL;
- newModList->module = NULL;
- }
- return newModList;
-}
-/*
- * make a new reference to a module so It doesn't go away on us
- */
-SECMODModule *
-SECMOD_ReferenceModule(SECMODModule *module) {
- PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
- PORT_Assert(module->refCount > 0);
-
- module->refCount++;
- PK11_USE_THREADS(PZ_Unlock((PZLock*)module->refLock);)
- return module;
-}
-
-
-/* destroy an existing module */
-void
-SECMOD_DestroyModule(SECMODModule *module) {
- PRBool willfree = PR_FALSE;
- int slotCount;
- int i;
-
- PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
- if (module->refCount-- == 1) {
- willfree = PR_TRUE;
- }
- PORT_Assert(willfree || (module->refCount > 0));
- PK11_USE_THREADS(PZ_Unlock((PZLock *)module->refLock);)
-
- if (!willfree) {
- return;
- }
-
- if (module->parent != NULL) {
- SECMODModule *parent = module->parent;
- /* paranoia, don't loop forever if the modules are looped */
- module->parent = NULL;
- SECMOD_DestroyModule(parent);
- }
-
- /* slots can't really disappear until our module starts freeing them,
- * so this check is safe */
- slotCount = module->slotCount;
- if (slotCount == 0) {
- SECMOD_SlotDestroyModule(module,PR_FALSE);
- return;
- }
-
- /* now free all out slots, when they are done, they will cause the
- * module to disappear altogether */
- for (i=0 ; i < slotCount; i++) {
- if (!module->slots[i]->disabled) {
- PK11_ClearSlotList(module->slots[i]);
- }
- PK11_FreeSlot(module->slots[i]);
- }
- /* WARNING: once the last slot has been freed is it possible (even likely)
- * that module is no more... touching it now is a good way to go south */
-}
-
-
-/* we can only get here if we've destroyed the module, or some one has
- * erroneously freed a slot that wasn't referenced. */
-void
-SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot) {
- PRBool willfree = PR_FALSE;
- if (fromSlot) {
- PORT_Assert(module->refCount == 0);
- PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
- if (module->slotCount-- == 1) {
- willfree = PR_TRUE;
- }
- PORT_Assert(willfree || (module->slotCount > 0));
- PK11_USE_THREADS(PZ_Unlock((PZLock *)module->refLock);)
- if (!willfree) return;
- }
-
- if (module == pendingModule) {
- pendingModule = NULL;
- }
-
- if (module->loaded) {
- SECMOD_UnloadModule(module);
- }
- PK11_USE_THREADS(PZ_DestroyLock((PZLock *)module->refLock);)
- PORT_FreeArena(module->arena,PR_FALSE);
- secmod_PrivateModuleCount--;
-}
-
-/* destroy a list element
- * this destroys a single element, and returns the next element
- * on the chain. It makes it easy to implement for loops to delete
- * the chain. It also make deleting a single element easy */
-SECMODModuleList *
-SECMOD_DestroyModuleListElement(SECMODModuleList *element) {
- SECMODModuleList *next = element->next;
-
- if (element->module) {
- SECMOD_DestroyModule(element->module);
- element->module = NULL;
- }
- PORT_Free(element);
- return next;
-}
-
-
-/*
- * Destroy an entire module list
- */
-void
-SECMOD_DestroyModuleList(SECMODModuleList *list) {
- SECMODModuleList *lp;
-
- for ( lp = list; lp != NULL; lp = SECMOD_DestroyModuleListElement(lp)) ;
-}
-
-PRBool
-SECMOD_CanDeleteInternalModule(void)
-{
- return (PRBool) (pendingModule == NULL);
-}
diff --git a/security/nss/lib/pk11wrap/secmod.h b/security/nss/lib/pk11wrap/secmod.h
deleted file mode 100644
index fd8037e65..000000000
--- a/security/nss/lib/pk11wrap/secmod.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Definition of Security Module Data Structure. There is a separate data
- * structure for each loaded PKCS #11 module.
- */
-#ifndef _SECMOD_H_
-#define _SEDMOD_H_
-#include "seccomon.h"
-#include "secmodt.h"
-
-#define PKCS11_USE_THREADS
-
-/* These mechanisms flags are visible to all other libraries. */
-/* They must be converted to internal SECMOD_*_FLAG */
-/* if used inside the functions of the security library */
-#define PUBLIC_MECH_RSA_FLAG 0x00000001ul
-#define PUBLIC_MECH_DSA_FLAG 0x00000002ul
-#define PUBLIC_MECH_RC2_FLAG 0x00000004ul
-#define PUBLIC_MECH_RC4_FLAG 0x00000008ul
-#define PUBLIC_MECH_DES_FLAG 0x00000010ul
-#define PUBLIC_MECH_DH_FLAG 0x00000020ul
-#define PUBLIC_MECH_FORTEZZA_FLAG 0x00000040ul
-#define PUBLIC_MECH_RC5_FLAG 0x00000080ul
-#define PUBLIC_MECH_SHA1_FLAG 0x00000100ul
-#define PUBLIC_MECH_MD5_FLAG 0x00000200ul
-#define PUBLIC_MECH_MD2_FLAG 0x00000400ul
-#define PUBLIC_MECH_SSL_FLAG 0x00000800ul
-#define PUBLIC_MECH_TLS_FLAG 0x00001000ul
-
-#define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul
-#define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul
-#define PUBLIC_OWN_PW_DEFAULTS 0X20000000ul
-#define PUBLIC_DISABLE_FLAG 0x40000000ul
-
-/* warning: reserved means reserved */
-#define PUBLIC_MECH_RESERVED_FLAGS 0x87FFE000ul
-
-/* These cipher flags are visible to all other libraries, */
-/* But they must be converted before used in functions */
-/* withing the security module */
-#define PUBLIC_CIPHER_FORTEZZA_FLAG 0x00000001ul
-
-/* warning: reserved means reserved */
-#define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul
-
-SEC_BEGIN_PROTOS
-
-/*
- * the following functions are going to be depricated in NSS 4.0 in
- * favor of the new stan functions.
- */
-
-/* Initialization */
-extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
- PRBool recurse);
-
-extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent,
- PRBool recurse);
-
-SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
-
-SECMODModule * SECMOD_CreateModule(char *lib, char *name, char *param,
- char *nss);
-extern SECStatus SECMOD_Shutdown(void);
-void nss_DumpModuleLog(void);
-
-
-/* Module Management */
-char **SECMOD_GetModuleSpecList(SECMODModule *module);
-SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
-
-
-/* protoypes */
-extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
-extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
-
-extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
-
-/* lock management */
-extern SECMODListLock *SECMOD_NewListLock(void);
-extern void SECMOD_DestroyListLock(SECMODListLock *);
-extern void SECMOD_GetReadLock(SECMODListLock *);
-extern void SECMOD_ReleaseReadLock(SECMODListLock *);
-extern void SECMOD_GetWriteLock(SECMODListLock *);
-extern void SECMOD_ReleaseWriteLock(SECMODListLock *);
-
-/* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModule(char *name);
-extern SECStatus SECMOD_DeleteModule(char *name, int *type);
-extern SECStatus SECMOD_DeleteInternalModule(char *name);
-extern PRBool SECMOD_CanDeleteInternalModule(void);
-extern SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags);
-extern SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags,
- char* modparms,
- char* nssparms);
-
-/* database/memory management */
-extern SECMODModule *SECMOD_GetInternalModule(void);
-extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
-extern void SECMOD_DestroyModule(SECMODModule *module);
-extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
- unsigned long slotID);
-extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name);
-
-/* Funtion reports true if at least one of the modules */
-/* of modType has been installed */
-PRBool SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags );
-
-/* Functions used to convert between internal & public representation
- * of Mechanism Flags and Cipher Enable Flags */
-extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags);
-
-extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h
deleted file mode 100644
index f7854a250..000000000
--- a/security/nss/lib/pk11wrap/secmodi.h
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included only by files in pkcs11 dir, or in
- * pkcs11 specific client and server files.
- */
-#ifndef _SECMODI_H_
-#define _SECMODI_H_ 1
-#include "pkcs11.h"
-#include "nssilock.h"
-#include "mcom_db.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "certt.h"
-#include "secmodt.h"
-#include "secmodti.h"
-
-#ifdef PKCS11_USE_THREADS
-#define PK11_USE_THREADS(x) x
-#else
-#define PK11_USE_THREADS(x)
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* proto-types */
-extern SECStatus SECMOD_DeletePermDB(SECMODModule *module);
-extern SECStatus SECMOD_AddPermDB(SECMODModule *module);
-
-extern int secmod_PrivateModuleCount;
-
-extern void SECMOD_Init(void);
-
-/* list managment */
-extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule);
-extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule);
-extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule);
-extern void SECMOD_RemoveList(SECMODModuleList **,SECMODModuleList *);
-extern void SECMOD_AddList(SECMODModuleList *,SECMODModuleList *,SECMODListLock *);
-
-/* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID);
-
-/* database/memory management */
-extern SECMODModuleList *SECMOD_NewModuleListElement(void);
-extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
-extern void SECMOD_DestroyModuleList(SECMODModuleList *);
-extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
-SECStatus SECMOD_DeleteModuleEx(char * name, SECMODModule *mod, int *type, PRBool permdb);
-
-extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
-
-/* Library functions */
-SECStatus SECMOD_LoadPKCS11Module(SECMODModule *);
-SECStatus SECMOD_UnloadModule(SECMODModule *);
-void SECMOD_SetInternalModule(SECMODModule *);
-
-void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot);
-CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
- CK_VOID_PTR pdata);
-void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib);
-CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot,
- CK_ATTRIBUTE *inTemplate,int tsize);
-CK_OBJECT_HANDLE *pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
- CK_ATTRIBUTE *inTemplate,int tsize, int *objCount);
-SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo *slot,
- PK11DefaultArrayEntry *entry, PRBool add);
-
-#define PK11_GETTAB(x) ((CK_FUNCTION_LIST_PTR)((x)->functionList))
-#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
- (x)->pValue=(v); (x)->ulValueLen = (l);
-SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
- CK_ATTRIBUTE *theTemplate, int count,
- PRBool token, CK_OBJECT_HANDLE *objectID);
-
-SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech);
-SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param,
- PRArenaPool *arena, SECAlgorithmID *algId);
-
-extern void pk11sdr_Init(void);
-extern void pk11sdr_Shutdown(void);
-
-SEC_END_PROTOS
-
-#endif
-
diff --git a/security/nss/lib/pk11wrap/secmodt.h b/security/nss/lib/pk11wrap/secmodt.h
deleted file mode 100644
index 32ba89eb9..000000000
--- a/security/nss/lib/pk11wrap/secmodt.h
+++ /dev/null
@@ -1,264 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Definition of Security Module Data Structure. There is a separate data
- * structure for each loaded PKCS #11 module.
- */
-#ifndef _SECMODT_H_
-#define _SECMODT_H_ 1
-
-#include "secoid.h"
-#include "secasn1.h"
-
-/* find a better home for these... */
-extern const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
-extern const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PrivateKeyInfoTemplate;
-extern const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
-
-/* PKCS11 needs to be included */
-typedef struct SECMODModuleStr SECMODModule;
-typedef struct SECMODModuleListStr SECMODModuleList;
-typedef struct SECMODListLockStr SECMODListLock; /* defined in secmodi.h */
-typedef struct PK11SlotInfoStr PK11SlotInfo; /* defined in secmodti.h */
-typedef struct PK11PreSlotInfoStr PK11PreSlotInfo; /* defined in secmodti.h */
-typedef struct PK11SymKeyStr PK11SymKey; /* defined in secmodti.h */
-typedef struct PK11ContextStr PK11Context; /* defined in secmodti.h */
-typedef struct PK11SlotListStr PK11SlotList;
-typedef struct PK11SlotListElementStr PK11SlotListElement;
-typedef struct PK11RSAGenParamsStr PK11RSAGenParams;
-typedef unsigned long SECMODModuleID;
-typedef struct PK11DefaultArrayEntryStr PK11DefaultArrayEntry;
-
-struct SECMODModuleStr {
- PRArenaPool *arena;
- PRBool internal; /* true of internally linked modules, false
- * for the loaded modules */
- PRBool loaded; /* Set to true if module has been loaded */
- PRBool isFIPS; /* Set to true if module is finst internal */
- char *dllName; /* name of the shared library which implements
- * this module */
- char *commonName; /* name of the module to display to the user */
- void *library; /* pointer to the library. opaque. used only by
- * pk11load.c */
- void *functionList; /* The PKCS #11 function table */
- void *refLock; /* only used pk11db.c */
- int refCount; /* Module reference count */
- PK11SlotInfo **slots; /* array of slot points attatched to this mod*/
- int slotCount; /* count of slot in above array */
- PK11PreSlotInfo *slotInfo; /* special info about slots default settings */
- int slotInfoCount; /* count */
- SECMODModuleID moduleID; /* ID so we can find this module again */
- PRBool isThreadSafe;
- unsigned long ssl[2]; /* SSL cipher enable flags */
- char *libraryParams; /* Module specific parameters */
- void *moduleDBFunc; /* function to return module configuration data*/
- SECMODModule *parent; /* module that loaded us */
- PRBool isCritical; /* This module must load successfully */
- PRBool isModuleDB; /* this module has lists of PKCS #11 modules */
- PRBool moduleDBOnly; /* this module only has lists of PKCS #11 modules */
- int trustOrder; /* order for this module's certificate trust rollup */
- int cipherOrder; /* order for cipher operations */
-};
-
-struct SECMODModuleListStr {
- SECMODModuleList *next;
- SECMODModule *module;
-};
-
-struct PK11SlotListStr {
- PK11SlotListElement *head;
- PK11SlotListElement *tail;
- void *lock;
-};
-
-struct PK11SlotListElementStr {
- PK11SlotListElement *next;
- PK11SlotListElement *prev;
- PK11SlotInfo *slot;
- int refCount;
-};
-
-struct PK11RSAGenParamsStr {
- int keySizeInBits;
- unsigned long pe;
-};
-
-typedef enum {
- PK11CertListUnique = 0,
- PK11CertListUser = 1,
- PK11CertListRootUnique = 2,
- PK11CertListCA = 3
-} PK11CertListType;
-
-/*
- * Entry into the Array which lists all the legal bits for the default flags
- * in the slot, their definition, and the PKCS #11 mechanism the represent
- * Always Statically allocated.
- */
-struct PK11DefaultArrayEntryStr {
- char *name;
- unsigned long flag;
- unsigned long mechanism; /* this is a long so we don't include the
- * whole pkcs 11 world to use this header */
-};
-
-
-#define SECMOD_RSA_FLAG 0x00000001L
-#define SECMOD_DSA_FLAG 0x00000002L
-#define SECMOD_RC2_FLAG 0x00000004L
-#define SECMOD_RC4_FLAG 0x00000008L
-#define SECMOD_DES_FLAG 0x00000010L
-#define SECMOD_DH_FLAG 0x00000020L
-#define SECMOD_FORTEZZA_FLAG 0x00000040L
-#define SECMOD_RC5_FLAG 0x00000080L
-#define SECMOD_SHA1_FLAG 0x00000100L
-#define SECMOD_MD5_FLAG 0x00000200L
-#define SECMOD_MD2_FLAG 0x00000400L
-#define SECMOD_SSL_FLAG 0x00000800L
-#define SECMOD_TLS_FLAG 0x00001000L
-#define SECMOD_AES_FLAG 0x00002000L
-#define SECMOD_SHA256_FLAG 0x00004000L
-#define SECMOD_SHA512_FLAG 0x00008000L /* also for SHA384 */
-/* reserved bit for future, do not use */
-#define SECMOD_RESERVED_FLAG 0X08000000L
-#define SECMOD_FRIENDLY_FLAG 0x10000000L
-#define SECMOD_RANDOM_FLAG 0x80000000L
-
-/* need to make SECMOD and PK11 prefixes consistant. */
-#define PK11_OWN_PW_DEFAULTS 0x20000000L
-#define PK11_DISABLE_FLAG 0x40000000L
-
-/* FAKE PKCS #11 defines */
-#define CKM_FAKE_RANDOM 0x80000efeL
-#define CKM_INVALID_MECHANISM 0xffffffffL
-#define CKA_DIGEST 0x81000000L
-
-/* Cryptographic module types */
-#define SECMOD_EXTERNAL 0 /* external module */
-#define SECMOD_INTERNAL 1 /* internal default module */
-#define SECMOD_FIPS 2 /* internal fips module */
-
-/* default module configuration strings */
-#define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,SHA256,SHA512]"
-
-#define SECMOD_MAKE_NSS_FLAGS(fips,slot) \
-"Flags=internal,critical"fips" slotparams=("#slot"={"SECMOD_SLOT_FLAGS"})"
-
-#define SECMOD_INT_NAME "NSS Internal PKCS #11 Module"
-#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1)
-#define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module"
-#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips",3)
-
-/*
- * What is the origin of a given Key. Normally this doesn't matter, but
- * the fortezza code needs to know if it needs to invoke the SSL3 fortezza
- * hack.
- */
-typedef enum {
- PK11_OriginNULL = 0, /* There is not key, it's a null SymKey */
- PK11_OriginDerive = 1, /* Key was derived from some other key */
- PK11_OriginGenerated = 2, /* Key was generated (also PBE keys) */
- PK11_OriginFortezzaHack = 3,/* Key was marked for fortezza hack */
- PK11_OriginUnwrap = 4 /* Key was unwrapped or decrypted */
-} PK11Origin;
-
-/* PKCS #11 disable reasons */
-typedef enum {
- PK11_DIS_NONE = 0,
- PK11_DIS_USER_SELECTED = 1,
- PK11_DIS_COULD_NOT_INIT_TOKEN = 2,
- PK11_DIS_TOKEN_VERIFY_FAILED = 3,
- PK11_DIS_TOKEN_NOT_PRESENT = 4
-} PK11DisableReasons;
-
-/* function pointer type for password callback function.
- * This type is passed in to PK11_SetPasswordFunc()
- */
-typedef char *(PR_CALLBACK *PK11PasswordFunc)(PK11SlotInfo *slot, PRBool retry, void *arg);
-typedef PRBool (PR_CALLBACK *PK11VerifyPasswordFunc)(PK11SlotInfo *slot, void *arg);
-typedef PRBool (PR_CALLBACK *PK11IsLoggedInFunc)(PK11SlotInfo *slot, void *arg);
-
-/*
- * PKCS #11 key structures
- */
-
-/*
-** Attributes
-*/
-struct SECKEYAttributeStr {
- SECItem attrType;
- SECItem **attrValue;
-};
-typedef struct SECKEYAttributeStr SECKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct SECKEYPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECItem version;
- SECAlgorithmID algorithm;
- SECItem privateKey;
- SECKEYAttribute **attributes;
-};
-typedef struct SECKEYPrivateKeyInfoStr SECKEYPrivateKeyInfo;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct SECKEYEncryptedPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem encryptedData;
-};
-typedef struct SECKEYEncryptedPrivateKeyInfoStr SECKEYEncryptedPrivateKeyInfo;
-
-/*
- * token removal detection
- */
-typedef enum {
- PK11TokenNotRemovable = 0,
- PK11TokenPresent = 1,
- PK11TokenChanged = 2,
- PK11TokenRemoved = 3
-} PK11TokenStatus;
-
-typedef enum {
- PK11TokenRemovedOrChangedEvent = 0,
- PK11TokenPresentEvent = 1
-} PK11TokenEvent;
-
-#endif /*_SECMODT_H_ */
diff --git a/security/nss/lib/pk11wrap/secmodti.h b/security/nss/lib/pk11wrap/secmodti.h
deleted file mode 100644
index 9973b3796..000000000
--- a/security/nss/lib/pk11wrap/secmodti.h
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included only by files in pkcs11 dir, or in
- * pkcs11 specific client and server files.
- */
-
-#ifndef _SECMODTI_H_
-#define _SECMODTI_H_ 1
-#include "prmon.h"
-#include "prtypes.h"
-#include "nssilckt.h"
-#include "pk11init.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nssdevt.h"
-
-/* internal data structures */
-
-/* structure to allow us to implement the read/write locks for our
- * module lists */
-struct SECMODListLockStr {
- PZLock *mutex; /*general mutex to protect this data structure*/
- PZMonitor *monitor; /* monitor to allow us to signal */
- int state; /* read/write/waiting state */
- int count; /* how many waiters on this lock */
-};
-
-/* represent a pkcs#11 slot reference counted. */
-struct PK11SlotInfoStr {
- /* the PKCS11 function list for this slot */
- void *functionList;
- SECMODModule *module; /* our parent module */
- /* Boolean to indicate the current state of this slot */
- PRBool needTest; /* Has this slot been tested for Export complience */
- PRBool isPerm; /* is this slot a permanment device */
- PRBool isHW; /* is this slot a hardware device */
- PRBool isInternal; /* is this slot one of our internal PKCS #11 devices */
- PRBool disabled; /* is this slot disabled... */
- PK11DisableReasons reason; /* Why this slot is disabled */
- PRBool readOnly; /* is the token in this slot read-only */
- PRBool needLogin; /* does the token of the type that needs
- * authentication (still true even if token is logged
- * in) */
- PRBool hasRandom; /* can this token generated random numbers */
- PRBool defRWSession; /* is the default session RW (we open our default
- * session rw if the token can only handle one session
- * at a time. */
- PRBool isThreadSafe; /* copied from the module */
- /* The actual flags (many of which are distilled into the above PRBools) */
- CK_FLAGS flags; /* flags from PKCS #11 token Info */
- /* a default session handle to do quick and dirty functions */
- CK_SESSION_HANDLE session;
- PZLock *sessionLock; /* lock for this session */
- /* our ID */
- CK_SLOT_ID slotID;
- /* persistant flags saved from startup to startup */
- unsigned long defaultFlags;
- /* keep track of who is using us so we don't accidently get freed while
- * still in use */
- int refCount;
- PZLock *refLock;
- PZLock *freeListLock;
- PK11SymKey *freeSymKeysHead;
- int keyCount;
- int maxKeyCount;
- /* Password control functions for this slot. many of these are only
- * active if the appropriate flag is on in defaultFlags */
- int askpw; /* what our password options are */
- int timeout; /* If we're ask_timeout, what is our timeout time is
- * seconds */
- int authTransact; /* allow multiple authentications off one password if
- * they are all part of the same transaction */
- int64 authTime; /* when were we last authenticated */
- int minPassword; /* smallest legal password */
- int maxPassword; /* largest legal password */
- uint16 series; /* break up the slot info into various groups of
- * inserted tokens so that keys and certs can be
- * invalidated */
- uint16 wrapKey; /* current wrapping key for SSL master secrets */
- CK_MECHANISM_TYPE wrapMechanism;
- /* current wrapping mechanism for current wrapKey */
- CK_OBJECT_HANDLE refKeys[1]; /* array of existing wrapping keys for */
- CK_MECHANISM_TYPE *mechanismList; /* list of mechanism supported by this
- * token */
- int mechanismCount;
- /* cache the certificates stored on the token of this slot */
- CERTCertificate **cert_array;
- int array_size;
- int cert_count;
- char serial[16];
- /* since these are odd sizes, keep them last. They are odd sizes to
- * allow them to become null terminated strings */
- char slot_name[65];
- char token_name[33];
- PRBool hasRootCerts;
- PRBool hasRootTrust;
- PRBool hasRSAInfo;
- CK_FLAGS RSAInfoFlags;
- PRBool protectedAuthPath;
- PRBool isActiveCard;
- PRIntervalTime lastLoginCheck;
- unsigned int lastState;
- /* for Stan */
- NSSToken *nssToken;
- /* fast mechanism lookup */
- char mechanismBits[256];
-};
-
-/* Symetric Key structure. Reference Counted */
-struct PK11SymKeyStr {
- CK_MECHANISM_TYPE type; /* type of operation this key was created for*/
- CK_OBJECT_HANDLE objectID; /* object id of this key in the slot */
- PK11SlotInfo *slot; /* Slot this key is loaded into */
- void *cx; /* window context in case we need to loggin */
- PK11SymKey *next;
- PRBool owner;
- SECItem data; /* raw key data if available */
- CK_SESSION_HANDLE session;
- PRBool sessionOwner;
- PRInt32 refCount; /* number of references to this key */
- int size; /* key size in bytes */
- PK11Origin origin; /* where this key came from
- (see def in secmodt.h) */
- uint16 series; /* break up the slot info into various groups of
- * inserted tokens so that keys and certs can be
- * invalidated */
-};
-
-
-/*
- * hold a hash, encryption or signing context for multi-part operations.
- * hold enough information so that multiple contexts can be interleaved
- * if necessary. ... Not RefCounted.
- */
-struct PK11ContextStr {
- CK_ATTRIBUTE_TYPE operation; /* type of operation this context is doing
- * (CKA_ENCRYPT, CKA_SIGN, CKA_HASH, etc. */
- PK11SymKey *key; /* symetric key used in this context */
- PK11SlotInfo *slot; /* slot this context is operationing on */
- CK_SESSION_HANDLE session; /* session this context is using */
- PZLock *sessionLock; /* lock before accessing a PKCS #11
- * session */
- PRBool ownSession;/* do we own the session? */
- void *cx; /* window context in case we need to loggin*/
- void *savedData;/* save data when we are multiplexing on a
- * single context */
- unsigned long savedLength; /* length of the saved context */
- SECItem *param; /* mechanism parameters used to build this
- context */
- PRBool init; /* has this contexted been initialized */
- CK_MECHANISM_TYPE type; /* what is the PKCS #11 this context is
- * representing (usually what algorithm is
- * being used (CKM_RSA_PKCS, CKM_DES,
- * CKM_SHA, etc.*/
- PRBool fortezzaHack; /*Fortezza SSL has some special
- * non-standard semantics*/
-};
-
-#endif /* _SECMODTI_H_ */
diff --git a/security/nss/lib/pk11wrap/secpkcs5.h b/security/nss/lib/pk11wrap/secpkcs5.h
deleted file mode 100644
index f9f3d740f..000000000
--- a/security/nss/lib/pk11wrap/secpkcs5.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- */
-#ifndef _SECPKCS5_H_
-#define _SECPKCS5_H_
-#include "seccomon.h"
-#include "secmodt.h"
-
-/* used for V2 PKCS 12 Draft Spec */
-typedef enum {
- pbeBitGenIDNull = 0,
- pbeBitGenCipherKey = 0x01,
- pbeBitGenCipherIV = 0x02,
- pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef struct PBEBitGenContextStr PBEBitGenContext;
-
-SEC_BEGIN_PROTOS
-
-SECAlgorithmID *
-SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm, SECItem *salt, int iteration);
-
-/* Get the initialization vector. The password is passed in, hashing
- * is performed, and the initialization vector is returned.
- * algid is a pointer to a PBE algorithm ID
- * pwitem is the password
- * If an error occurs or the algorithm id is not a PBE algrithm,
- * NULL is returned. Otherwise, the iv is returned in a secitem.
- */
-SECItem *
-SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES);
-
-SECOidTag SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid);
-PRBool SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid);
-SECOidTag SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen);
-int SEC_PKCS5GetKeyLength(SECAlgorithmID *algid);
-
-/**********************************************************************
- * Deprecated PBE fucntions. Use the PBE functions in pk11func.h
- * instead.
- **********************************************************************/
-
-PBEBitGenContext *
-PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
- SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
- unsigned int iterations);
-
-void
-PBE_DestroyContext(PBEBitGenContext *context);
-
-
-SECItem *
-PBE_GenerateBits(PBEBitGenContext *context);
-
-SEC_END_PROTOS
-
-#endif /* _SECPKS5_H_ */
diff --git a/security/nss/lib/pkcs12/Makefile b/security/nss/lib/pkcs12/Makefile
deleted file mode 100644
index 5742208b5..000000000
--- a/security/nss/lib/pkcs12/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/pkcs12/config.mk b/security/nss/lib/pkcs12/config.mk
deleted file mode 100644
index 3b647d954..000000000
--- a/security/nss/lib/pkcs12/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/pkcs12/manifest.mn b/security/nss/lib/pkcs12/manifest.mn
deleted file mode 100644
index e40f8620f..000000000
--- a/security/nss/lib/pkcs12/manifest.mn
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- pkcs12t.h \
- pkcs12.h \
- p12plcy.h \
- p12.h \
- p12t.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- p12local.c \
- p12creat.c \
- p12dec.c \
- p12plcy.c \
- p12tmpl.c \
- p12e.c \
- p12d.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = pkcs12
diff --git a/security/nss/lib/pkcs12/p12.h b/security/nss/lib/pkcs12/p12.h
deleted file mode 100644
index 3e27ecf80..000000000
--- a/security/nss/lib/pkcs12/p12.h
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _P12_H_
-#define _P12_H_
-
-#include "secoid.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "p12t.h"
-
-typedef int (PR_CALLBACK * PKCS12OpenFunction)(void *arg);
-typedef int (PR_CALLBACK * PKCS12ReadFunction)(void *arg,
- unsigned char *buffer,
- unsigned int *lenRead,
- unsigned int maxLen);
-typedef int (PR_CALLBACK * PKCS12WriteFunction)(void *arg,
- unsigned char *buffer,
- unsigned int *bufLen,
- unsigned int *lenWritten);
-typedef int (PR_CALLBACK * PKCS12CloseFunction)(void *arg);
-typedef SECStatus (PR_CALLBACK * PKCS12UnicodeConvertFunction)(
- PRArenaPool *arena,
- SECItem *dest, SECItem *src,
- PRBool toUnicode,
- PRBool swapBytes);
-typedef void (PR_CALLBACK * SEC_PKCS12EncoderOutputCallback)(
- void *arg, const char *buf,
- unsigned long len);
-typedef void (PR_CALLBACK * SEC_PKCS12DecoderOutputCallback)(
- void *arg, const char *buf,
- unsigned long len);
-typedef SECItem * (PR_CALLBACK * SEC_PKCS12NicknameCollisionCallback)(
- SECItem *old_nickname,
- PRBool *cancel,
- void *arg);
-
-
-
-
-typedef SECStatus (PR_CALLBACK *digestOpenFn)(void *arg, PRBool readData);
-typedef SECStatus (PR_CALLBACK *digestCloseFn)(void *arg, PRBool removeFile);
-typedef int (PR_CALLBACK *digestIOFn)(void *arg, unsigned char *buf,
- unsigned long len);
-
-typedef struct SEC_PKCS12ExportContextStr SEC_PKCS12ExportContext;
-typedef struct SEC_PKCS12SafeInfoStr SEC_PKCS12SafeInfo;
-typedef struct SEC_PKCS12DecoderContextStr SEC_PKCS12DecoderContext;
-
-struct sec_PKCS12PasswordModeInfo {
- SECItem *password;
- SECOidTag algorithm;
-};
-
-struct sec_PKCS12PublicKeyModeInfo {
- CERTCertificate *cert;
- CERTCertDBHandle *certDb;
- SECOidTag algorithm;
- int keySize;
-};
-
-SEC_BEGIN_PROTOS
-
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertDBHandle *certDb,
- CERTCertificate *signer,
- CERTCertificate **recipients,
- SECOidTag algorithm, int keysize);
-
-extern SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag privAlg);
-
-extern SEC_PKCS12SafeInfo *
-SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt);
-
-extern SECStatus
-SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag integAlg);
-extern SECStatus
-SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- SECOidTag algorithm, int keySize);
-
-extern SEC_PKCS12ExportContext *
-SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
- PK11SlotInfo *slot, void *wincx);
-
-extern SECStatus
-SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt,
- SEC_PKCS12SafeInfo *safe, void *nestedDest,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- SECItem *keyId, PRBool includeCertChain);
-
-extern SECStatus
-SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt,
- SEC_PKCS12SafeInfo *safe,
- void *nestedDest, CERTCertificate *cert,
- PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
- SECItem *keyId, SECItem *nickName);
-
-extern SECStatus
-SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- void *keySafe, void *keyNestedDest,
- PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm);
-
-extern SECStatus
-SEC_PKCS12AddDERCertAndEncryptedKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest, SECItem *derCert,
- void *keySafe, void *keyNestedDest,
- SECKEYEncryptedPrivateKeyInfo *epki, char *nickname);
-
-extern void *
-SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
- void *baseSafe, void *nestedDest);
-
-extern SECStatus
-SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
- SEC_PKCS12EncoderOutputCallback output, void *outputarg);
-
-extern void
-SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12exp);
-
-extern SEC_PKCS12DecoderContext *
-SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
- digestOpenFn dOpen, digestCloseFn dClose,
- digestIOFn dRead, digestIOFn dWrite, void *dArg);
-
-extern SECStatus
-SEC_PKCS12DecoderSetTargetTokenCAs(SEC_PKCS12DecoderContext *p12dcx,
- SECPKCS12TargetTokenCAs tokenCAs);
-
-extern SECStatus
-SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx, unsigned char *data,
- unsigned long len);
-
-extern void
-SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx);
-
-extern SECStatus
-SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx);
-
-extern SECStatus
-SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12NicknameCollisionCallback nicknameCb);
-
-extern SECStatus
-SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx);
-
-CERTCertList *
-SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12creat.c b/security/nss/lib/pkcs12/p12creat.c
deleted file mode 100644
index 65678b299..000000000
--- a/security/nss/lib/pkcs12/p12creat.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs12.h"
-#include "secitem.h"
-#include "secport.h"
-#include "secder.h"
-#include "secoid.h"
-#include "p12local.h"
-#include "secerr.h"
-
-
-/* allocate space for a PFX structure and set up initial
- * arena pool. pfx structure is cleared and a pointer to
- * the new structure is returned.
- */
-SEC_PKCS12PFXItem *
-sec_pkcs12_new_pfx(void)
-{
- SEC_PKCS12PFXItem *pfx = NULL;
- PRArenaPool *poolp = NULL;
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); /* XXX Different size? */
- if(poolp == NULL)
- goto loser;
-
- pfx = (SEC_PKCS12PFXItem *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12PFXItem));
- if(pfx == NULL)
- goto loser;
- pfx->poolp = poolp;
-
- return pfx;
-
-loser:
- PORT_FreeArena(poolp, PR_TRUE);
- return NULL;
-}
-
-/* allocate space for a PFX structure and set up initial
- * arena pool. pfx structure is cleared and a pointer to
- * the new structure is returned.
- */
-SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_new_asafe(PRArenaPool *poolp)
-{
- SEC_PKCS12AuthenticatedSafe *asafe = NULL;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
- asafe = (SEC_PKCS12AuthenticatedSafe *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12AuthenticatedSafe));
- if(asafe == NULL)
- goto loser;
- asafe->poolp = poolp;
- PORT_Memset(&asafe->old_baggage, 0, sizeof(SEC_PKCS7ContentInfo));
-
- PORT_ArenaUnmark(poolp, mark);
- return asafe;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/* create a safe contents structure with a list of
- * length 0 with the first element being NULL
- */
-SEC_PKCS12SafeContents *
-sec_pkcs12_create_safe_contents(PRArenaPool *poolp)
-{
- SEC_PKCS12SafeContents *safe;
- void *mark;
-
- if(poolp == NULL)
- return NULL;
-
- /* allocate structure */
- mark = PORT_ArenaMark(poolp);
- safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12SafeContents));
- if(safe == NULL)
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- /* init list */
- safe->contents = (SEC_PKCS12SafeBag**)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12SafeBag *));
- if(safe->contents == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
- safe->contents[0] = NULL;
- safe->poolp = poolp;
- safe->safe_size = 0;
- PORT_ArenaUnmark(poolp, mark);
- return safe;
-}
-
-/* create a new external bag which is appended onto the list
- * of bags in baggage. the bag is created in the same arena
- * as baggage
- */
-SEC_PKCS12BaggageItem *
-sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage)
-{
- void *dummy, *mark;
- SEC_PKCS12BaggageItem *bag;
-
- if(luggage == NULL) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(luggage->poolp);
-
- /* allocate space for null terminated bag list */
- if(luggage->bags == NULL) {
- luggage->bags=(SEC_PKCS12BaggageItem**)PORT_ArenaZAlloc(luggage->poolp,
- sizeof(SEC_PKCS12BaggageItem *));
- if(luggage->bags == NULL) {
- goto loser;
- }
- luggage->luggage_size = 0;
- }
-
- /* grow the list */
- dummy = PORT_ArenaGrow(luggage->poolp, luggage->bags,
- sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 1),
- sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 2));
- if(dummy == NULL) {
- goto loser;
- }
- luggage->bags = (SEC_PKCS12BaggageItem**)dummy;
-
- luggage->bags[luggage->luggage_size] =
- (SEC_PKCS12BaggageItem *)PORT_ArenaZAlloc(luggage->poolp,
- sizeof(SEC_PKCS12BaggageItem));
- if(luggage->bags[luggage->luggage_size] == NULL) {
- goto loser;
- }
-
- /* create new bag and append it to the end */
- bag = luggage->bags[luggage->luggage_size];
- bag->espvks = (SEC_PKCS12ESPVKItem **)PORT_ArenaZAlloc(
- luggage->poolp,
- sizeof(SEC_PKCS12ESPVKItem *));
- bag->unencSecrets = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(
- luggage->poolp,
- sizeof(SEC_PKCS12SafeBag *));
- if((bag->espvks == NULL) || (bag->unencSecrets == NULL)) {
- goto loser;
- }
-
- bag->poolp = luggage->poolp;
- luggage->luggage_size++;
- luggage->bags[luggage->luggage_size] = NULL;
- bag->espvks[0] = NULL;
- bag->unencSecrets[0] = NULL;
- bag->nEspvks = bag->nSecrets = 0;
-
- PORT_ArenaUnmark(luggage->poolp, mark);
- return bag;
-
-loser:
- PORT_ArenaRelease(luggage->poolp, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
-}
-
-/* creates a baggage witha NULL terminated 0 length list */
-SEC_PKCS12Baggage *
-sec_pkcs12_create_baggage(PRArenaPool *poolp)
-{
- SEC_PKCS12Baggage *luggage;
- void *mark;
-
- if(poolp == NULL)
- return NULL;
-
- mark = PORT_ArenaMark(poolp);
-
- /* allocate bag */
- luggage = (SEC_PKCS12Baggage *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12Baggage));
- if(luggage == NULL)
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- /* init list */
- luggage->bags = (SEC_PKCS12BaggageItem **)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12BaggageItem *));
- if(luggage->bags == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- luggage->bags[0] = NULL;
- luggage->luggage_size = 0;
- luggage->poolp = poolp;
-
- PORT_ArenaUnmark(poolp, mark);
- return luggage;
-}
-
-/* free pfx structure and associated items in the arena */
-void
-SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx)
-{
- if (pfx != NULL && pfx->poolp != NULL)
- {
- PORT_FreeArena(pfx->poolp, PR_TRUE);
- }
-}
diff --git a/security/nss/lib/pkcs12/p12d.c b/security/nss/lib/pkcs12/p12d.c
deleted file mode 100644
index dade3417b..000000000
--- a/security/nss/lib/pkcs12/p12d.c
+++ /dev/null
@@ -1,3297 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "nssrenam.h"
-#include "p12t.h"
-#include "p12.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12plcy.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "secder.h"
-#include "secport.h"
-
-#include "certdb.h"
-
-#include "prcpucfg.h"
-
-typedef struct sec_PKCS12SafeContentsContextStr sec_PKCS12SafeContentsContext;
-
-/* Opaque structure for decoding SafeContents. These are used
- * for each authenticated safe as well as any nested safe contents.
- */
-struct sec_PKCS12SafeContentsContextStr {
- /* the parent decoder context */
- SEC_PKCS12DecoderContext *p12dcx;
-
- /* memory arena to allocate space from */
- PRArenaPool *arena;
-
- /* decoder context and destination for decoding safe contents */
- SEC_ASN1DecoderContext *safeContentsDcx;
- sec_PKCS12SafeContents safeContents;
-
- /* information for decoding safe bags within the safe contents.
- * these variables are updated for each safe bag decoded.
- */
- SEC_ASN1DecoderContext *currentSafeBagDcx;
- sec_PKCS12SafeBag *currentSafeBag;
- PRBool skipCurrentSafeBag;
-
- /* if the safe contents is nested, the parent is pointed to here. */
- sec_PKCS12SafeContentsContext *nestedCtx;
-};
-
-/* opaque decoder context structure. information for decoding a pkcs 12
- * PDU are stored here as well as decoding pointers for intermediary
- * structures which are part of the PKCS 12 PDU. Upon a successful
- * decode, the safe bags containing certificates and keys encountered.
- */
-struct SEC_PKCS12DecoderContextStr {
- PRArenaPool *arena;
- PK11SlotInfo *slot;
- void *wincx;
- PRBool error;
- int errorValue;
-
- /* password */
- SECItem *pwitem;
-
- /* used for decoding the PFX structure */
- SEC_ASN1DecoderContext *pfxDcx;
- sec_PKCS12PFXItem pfx;
-
- /* safe bags found during decoding */
- sec_PKCS12SafeBag **safeBags;
- unsigned int safeBagCount;
-
- /* state variables for decoding authenticated safes. */
- SEC_PKCS7DecoderContext *currentASafeP7Dcx;
- SEC_PKCS5KeyAndPassword *currentASafeKeyPwd;
- SEC_ASN1DecoderContext *aSafeDcx;
- SEC_PKCS7DecoderContext *aSafeP7Dcx;
- sec_PKCS12AuthenticatedSafe authSafe;
- SEC_PKCS7ContentInfo *aSafeCinfo;
- sec_PKCS12SafeContents safeContents;
-
- /* safe contents info */
- unsigned int safeContentsCnt;
- sec_PKCS12SafeContentsContext **safeContentsList;
-
- /* HMAC info */
- sec_PKCS12MacData macData;
- SEC_ASN1DecoderContext *hmacDcx;
-
- /* routines for reading back the data to be hmac'd */
- digestOpenFn dOpen;
- digestCloseFn dClose;
- digestIOFn dRead, dWrite;
- void *dArg;
-
- /* helper functions */
- SECKEYGetPasswordKey pwfn;
- void *pwfnarg;
- PRBool swapUnicodeBytes;
-
- /* import information */
- PRBool bagsVerified;
-
- /* buffer management for the default callbacks implementation */
- void *buffer; /* storage area */
- PRInt32 filesize; /* actual data size */
- PRInt32 allocated; /* total buffer size allocated */
- PRInt32 currentpos; /* position counter */
- SECPKCS12TargetTokenCAs tokenCAs;
-};
-
-
-/* make sure that the PFX version being decoded is a version
- * which we support.
- */
-static PRBool
-sec_pkcs12_proper_version(sec_PKCS12PFXItem *pfx)
-{
- /* if no version, assume it is not supported */
- if(pfx->version.len == 0) {
- return PR_FALSE;
- }
-
- if(DER_GetInteger(&pfx->version) > SEC_PKCS12_VERSION) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/* retrieve the key for decrypting the safe contents */
-static PK11SymKey *
-sec_pkcs12_decoder_get_decrypt_key(void *arg, SECAlgorithmID *algid)
-{
- SEC_PKCS5KeyAndPassword *keyPwd =
- (SEC_PKCS5KeyAndPassword *)arg;
-
- if(!keyPwd) {
- return NULL;
- }
-
- /* if no slot specified, use the internal key slot */
- if(!keyPwd->slot) {
- keyPwd->slot = PK11_GetInternalKeySlot();
- }
-
- /* retrieve the key */
- if(!keyPwd->key) {
- keyPwd->key = PK11_PBEKeyGen(keyPwd->slot, algid,
- keyPwd->pwitem, PR_FALSE, keyPwd->wincx);
- }
-
- return (PK11SymKey *)keyPwd;
-}
-
-/* XXX this needs to be modified to handle enveloped data. most
- * likely, it should mirror the routines for SMIME in that regard.
- */
-static PRBool
-sec_pkcs12_decoder_decryption_allowed(SECAlgorithmID *algid,
- PK11SymKey *bulkkey)
-{
- PRBool decryptionAllowed = SEC_PKCS12DecryptionAllowed(algid);
-
- if(!decryptionAllowed) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/* when we encounter a new safe bag during the decoding, we need
- * to allocate space for the bag to be decoded to and set the
- * state variables appropriately. all of the safe bags are allocated
- * in a buffer in the outer SEC_PKCS12DecoderContext, however,
- * a pointer to the safeBag is also used in the sec_PKCS12SafeContentsContext
- * for the current bag.
- */
-static SECStatus
-sec_pkcs12_decoder_init_new_safe_bag(sec_PKCS12SafeContentsContext
- *safeContentsCtx)
-{
- void *mark = NULL;
- SEC_PKCS12DecoderContext *p12dcx;
-
- /* make sure that the structures are defined, and there has
- * not been an error in the decoding
- */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return SECFailure;
- }
-
- p12dcx = safeContentsCtx->p12dcx;
- mark = PORT_ArenaMark(p12dcx->arena);
-
- /* allocate a new safe bag, if bags already exist, grow the
- * list of bags, otherwise allocate a new list. the list is
- * NULL terminated.
- */
- if(p12dcx->safeBagCount) {
- p12dcx->safeBags =
- (sec_PKCS12SafeBag**)PORT_ArenaGrow(p12dcx->arena,p12dcx->safeBags,
- (p12dcx->safeBagCount + 1) * sizeof(sec_PKCS12SafeBag *),
- (p12dcx->safeBagCount + 2) * sizeof(sec_PKCS12SafeBag *));
- } else {
- p12dcx->safeBags = (sec_PKCS12SafeBag**)PORT_ArenaZAlloc(p12dcx->arena,
- 2 * sizeof(sec_PKCS12SafeBag *));
- }
- if(!p12dcx->safeBags) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* append the bag to the end of the list and update the reference
- * in the safeContentsCtx.
- */
- p12dcx->safeBags[p12dcx->safeBagCount] =
- (sec_PKCS12SafeBag*)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag));
- safeContentsCtx->currentSafeBag = p12dcx->safeBags[p12dcx->safeBagCount];
- p12dcx->safeBags[++p12dcx->safeBagCount] = NULL;
- if(!safeContentsCtx->currentSafeBag) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- safeContentsCtx->currentSafeBag->slot = safeContentsCtx->p12dcx->slot;
- safeContentsCtx->currentSafeBag->pwitem = safeContentsCtx->p12dcx->pwitem;
- safeContentsCtx->currentSafeBag->swapUnicodeBytes =
- safeContentsCtx->p12dcx->swapUnicodeBytes;
- safeContentsCtx->currentSafeBag->arena = safeContentsCtx->p12dcx->arena;
- safeContentsCtx->currentSafeBag->tokenCAs =
- safeContentsCtx->p12dcx->tokenCAs;
-
- PORT_ArenaUnmark(p12dcx->arena, mark);
- return SECSuccess;
-
-loser:
-
- /* if an error occurred, release the memory and set the error flag
- * the only possible errors triggered by this function are memory
- * related.
- */
- if(mark) {
- PORT_ArenaRelease(p12dcx->arena, mark);
- }
-
- p12dcx->error = PR_TRUE;
- return SECFailure;
-}
-
-/* A wrapper for updating the ASN1 context in which a safeBag is
- * being decoded. This function is called as a callback from
- * secasn1d when decoding SafeContents structures.
- */
-static void
-sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- /* make sure that we are not skipping the current safeBag,
- * and that there are no errors. If so, just return rather
- * than continuing to process.
- */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error
- || safeContentsCtx->skipCurrentSafeBag) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- rv = SEC_ASN1DecoderUpdate(safeContentsCtx->currentSafeBagDcx, data, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- return;
-
-loser:
- /* set the error, and finish the decoder context. because there
- * is not a way of returning an error message, it may be worth
- * while to do a check higher up and finish any decoding contexts
- * that are still open.
- */
- p12dcx->error = PR_TRUE;
- SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
- safeContentsCtx->currentSafeBagDcx = NULL;
- return;
-}
-
-/* forward declarations of functions that are used when decoding
- * safeContents bags which are nested and when decoding the
- * authenticatedSafes.
- */
-static SECStatus
-sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx);
-static SECStatus
-sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx);
-static void
-sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind);
-
-/* notify function for decoding safeBags. This function is
- * used to filter safeBag types which are not supported,
- * initiate the decoding of nested safe contents, and decode
- * safeBags in general. this function is set when the decoder
- * context for the safeBag is first created.
- */
-static void
-sec_pkcs12_decoder_safe_bag_notify(void *arg, PRBool before,
- void *dest, int real_depth)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- sec_PKCS12SafeBag *bag;
- PRBool after;
-
- /* if an error is encountered, return */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx ||
- safeContentsCtx->p12dcx->error) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- /* to make things more readable */
- if(before)
- after = PR_FALSE;
- else
- after = PR_TRUE;
-
- /* have we determined the safeBagType yet? */
- bag = safeContentsCtx->currentSafeBag;
- if(bag->bagTypeTag == NULL) {
- if(after && (dest == &(bag->safeBagType))) {
- bag->bagTypeTag = SECOID_FindOID(&(bag->safeBagType));
- if(bag->bagTypeTag == NULL) {
- p12dcx->error = PR_TRUE;
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- }
- }
- return;
- }
-
- /* process the safeBag depending on it's type. those
- * which we do not support, are ignored. we start a decoding
- * context for a nested safeContents.
- */
- switch(bag->bagTypeTag->offset) {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- break;
- case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
- /* if we are just starting to decode the safeContents, initialize
- * a new safeContentsCtx to process it.
- */
- if(before && (dest == &(bag->safeBagContent))) {
- sec_pkcs12_decoder_begin_nested_safe_contents(safeContentsCtx);
- } else if(after && (dest == &(bag->safeBagContent))) {
- /* clean up the nested decoding */
- sec_pkcs12_decoder_finish_nested_safe_contents(safeContentsCtx);
- }
- break;
- case SEC_OID_PKCS12_V1_CRL_BAG_ID:
- case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
- default:
- /* skip any safe bag types we don't understand or handle */
- safeContentsCtx->skipCurrentSafeBag = PR_TRUE;
- break;
- }
-
- return;
-}
-
-/* notify function for decoding safe contents. each entry in the
- * safe contents is a safeBag which needs to be allocated and
- * the decoding context initialized at the beginning and then
- * the context needs to be closed and finished at the end.
- *
- * this function is set when the safeContents decode context is
- * initialized.
- */
-static void
-sec_pkcs12_decoder_safe_contents_notify(void *arg, PRBool before,
- void *dest, int real_depth)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext*)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- /* if there is an error we don't want to continue processing,
- * just return and keep going.
- */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- /* if we are done with the current safeBag, then we need to
- * finish the context and set the state variables appropriately.
- */
- if(!before) {
- SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsDcx);
- SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
- safeContentsCtx->currentSafeBagDcx = NULL;
- safeContentsCtx->skipCurrentSafeBag = PR_FALSE;
- } else {
- /* we are starting a new safe bag. we need to allocate space
- * for the bag and initialize the decoding context.
- */
- rv = sec_pkcs12_decoder_init_new_safe_bag(safeContentsCtx);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* set up the decoder context */
- safeContentsCtx->currentSafeBagDcx = SEC_ASN1DecoderStart(p12dcx->arena,
- safeContentsCtx->currentSafeBag,
- sec_PKCS12SafeBagTemplate);
- if(!safeContentsCtx->currentSafeBagDcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set the notify and filter procs so that the safe bag
- * data gets sent to the proper location when decoding.
- */
- SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->currentSafeBagDcx,
- sec_pkcs12_decoder_safe_bag_notify,
- safeContentsCtx);
- SEC_ASN1DecoderSetFilterProc(safeContentsCtx->safeContentsDcx,
- sec_pkcs12_decoder_safe_bag_update,
- safeContentsCtx, PR_TRUE);
- }
-
- return;
-
-loser:
- /* in the event of an error, we want to close the decoding
- * context and clear the filter and notify procedures.
- */
- p12dcx->error = PR_TRUE;
-
- if(safeContentsCtx->currentSafeBagDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
- safeContentsCtx->currentSafeBagDcx = NULL;
- }
-
- SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->safeContentsDcx);
- SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsDcx);
-
- return;
-}
-
-/* initialize the safeContents for decoding. this routine
- * is used for authenticatedSafes as well as nested safeContents.
- */
-static sec_PKCS12SafeContentsContext *
-sec_pkcs12_decoder_safe_contents_init_decode(SEC_PKCS12DecoderContext *p12dcx,
- PRBool nestedSafe)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx = NULL;
- const SEC_ASN1Template *theTemplate;
-
- if(!p12dcx || p12dcx->error) {
- return NULL;
- }
-
- /* allocate a new safeContents list or grow the existing list and
- * append the new safeContents onto the end.
- */
- if(!p12dcx->safeContentsCnt) {
- p12dcx->safeContentsList =
- (sec_PKCS12SafeContentsContext**)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeContentsContext *));
- } else {
- p12dcx->safeContentsList =
- (sec_PKCS12SafeContentsContext **) PORT_ArenaGrow(p12dcx->arena,
- p12dcx->safeContentsList,
- (p12dcx->safeContentsCnt *
- sizeof(sec_PKCS12SafeContentsContext *)),
- (1 + p12dcx->safeContentsCnt *
- sizeof(sec_PKCS12SafeContentsContext *)));
- }
- if(!p12dcx->safeContentsList) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- p12dcx->safeContentsList[p12dcx->safeContentsCnt] =
- (sec_PKCS12SafeContentsContext*)PORT_ArenaZAlloc(
- p12dcx->arena,
- sizeof(sec_PKCS12SafeContentsContext));
- p12dcx->safeContentsList[p12dcx->safeContentsCnt+1] = NULL;
- if(!p12dcx->safeContentsList[p12dcx->safeContentsCnt]) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set up the state variables */
- safeContentsCtx = p12dcx->safeContentsList[p12dcx->safeContentsCnt];
- p12dcx->safeContentsCnt++;
- safeContentsCtx->p12dcx = p12dcx;
- safeContentsCtx->arena = p12dcx->arena;
-
- /* begin the decoding -- the template is based on whether we are
- * decoding a nested safeContents or not.
- */
- if(nestedSafe == PR_TRUE) {
- theTemplate = sec_PKCS12NestedSafeContentsDecodeTemplate;
- } else {
- theTemplate = sec_PKCS12SafeContentsDecodeTemplate;
- }
-
- /* start the decoder context */
- safeContentsCtx->safeContentsDcx = SEC_ASN1DecoderStart(p12dcx->arena,
- &safeContentsCtx->safeContents,
- theTemplate);
-
- if(!safeContentsCtx->safeContentsDcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set the safeContents notify procedure to look for
- * and start the decode of safeBags.
- */
- SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->safeContentsDcx,
- sec_pkcs12_decoder_safe_contents_notify,
- safeContentsCtx);
-
- return safeContentsCtx;
-
-loser:
- /* in the case of an error, we want to finish the decoder
- * context and set the error flag.
- */
- if(safeContentsCtx && safeContentsCtx->safeContentsDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
- safeContentsCtx->safeContentsDcx = NULL;
- }
-
- p12dcx->error = PR_TRUE;
-
- return NULL;
-}
-
-/* wrapper for updating safeContents. this is set as the filter of
- * safeBag when there is a nested safeContents.
- */
-static void
-sec_pkcs12_decoder_nested_safe_contents_update(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- /* check for an error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return;
- }
-
- /* no need to update if no data sent in */
- if(!len || !buf) {
- return;
- }
-
- /* update the decoding context */
- p12dcx = safeContentsCtx->p12dcx;
- rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsDcx, buf, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- return;
-
-loser:
- /* handle any errors. If a decoding context is open, close it. */
- p12dcx->error = PR_TRUE;
- if(safeContentsCtx->safeContentsDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
- safeContentsCtx->safeContentsDcx = NULL;
- }
-}
-
-/* whenever a new safeContentsSafeBag is encountered, we need
- * to init a safeContentsContext.
- */
-static SECStatus
-sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx)
-{
- /* check for an error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx ||
- safeContentsCtx->p12dcx->error) {
- return SECFailure;
- }
-
- safeContentsCtx->nestedCtx = sec_pkcs12_decoder_safe_contents_init_decode(
- safeContentsCtx->p12dcx,
- PR_TRUE);
- if(!safeContentsCtx->nestedCtx) {
- return SECFailure;
- }
-
- /* set up new filter proc */
- SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->nestedCtx->safeContentsDcx,
- sec_pkcs12_decoder_safe_contents_notify,
- safeContentsCtx->nestedCtx);
- SEC_ASN1DecoderSetFilterProc(safeContentsCtx->currentSafeBagDcx,
- sec_pkcs12_decoder_nested_safe_contents_update,
- safeContentsCtx->nestedCtx, PR_TRUE);
-
- return SECSuccess;
-}
-
-/* when the safeContents is done decoding, we need to reset the
- * proper filter and notify procs and close the decoding context
- */
-static SECStatus
-sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx)
-{
- /* check for error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx ||
- safeContentsCtx->p12dcx->error) {
- return SECFailure;
- }
-
- /* clean up */
- SEC_ASN1DecoderClearFilterProc(safeContentsCtx->currentSafeBagDcx);
- SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->nestedCtx->safeContentsDcx);
- SEC_ASN1DecoderFinish(safeContentsCtx->nestedCtx->safeContentsDcx);
- safeContentsCtx->nestedCtx->safeContentsDcx = NULL;
- safeContentsCtx->nestedCtx = NULL;
-
- return SECSuccess;
-}
-
-/* wrapper for updating safeContents. This is used when decoding
- * the nested safeContents and any authenticatedSafes.
- */
-static void
-sec_pkcs12_decoder_safe_contents_callback(void *arg, const char *buf,
- unsigned long len)
-{
- SECStatus rv;
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
-
- /* check for error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- /* update the decoder */
- rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsDcx, buf, len);
- if(rv != SECSuccess) {
- /* if we fail while trying to decode a 'safe', it's probably because
- * we didn't have the correct password. */
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- goto loser;
- }
-
- return;
-
-loser:
- /* set the error and finish the context */
- p12dcx->error = PR_TRUE;
- if(safeContentsCtx->safeContentsDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
- safeContentsCtx->safeContentsDcx = NULL;
- }
-
- return;
-}
-
-/* this is a wrapper for the ASN1 decoder to call SEC_PKCS7DecoderUpdate
- */
-static void
-sec_pkcs12_decoder_wrap_p7_update(void *arg, const char *data,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS7DecoderContext *p7dcx = (SEC_PKCS7DecoderContext *)arg;
-
- SEC_PKCS7DecoderUpdate(p7dcx, data, len);
-}
-
-/* notify function for decoding aSafes. at the beginning,
- * of an authenticatedSafe, we start a decode of a safeContents.
- * at the end, we clean up the safeContents decoder context and
- * reset state variables
- */
-static void
-sec_pkcs12_decoder_asafes_notify(void *arg, PRBool before, void *dest,
- int real_depth)
-{
- SEC_PKCS12DecoderContext *p12dcx;
- sec_PKCS12SafeContentsContext *safeContentsCtx;
-
- /* make sure no error occurred. */
- p12dcx = (SEC_PKCS12DecoderContext *)arg;
- if(!p12dcx || p12dcx->error) {
- return;
- }
-
- if(before) {
-
- /* init a new safeContentsContext */
- safeContentsCtx = sec_pkcs12_decoder_safe_contents_init_decode(p12dcx,
- PR_FALSE);
- if(!safeContentsCtx) {
- goto loser;
- }
-
- /* set up password and encryption key information */
- p12dcx->currentASafeKeyPwd =
- (SEC_PKCS5KeyAndPassword*)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(SEC_PKCS5KeyAndPassword));
- if(!p12dcx->currentASafeKeyPwd) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
- p12dcx->currentASafeKeyPwd->pwitem = p12dcx->pwitem;
- p12dcx->currentASafeKeyPwd->slot = p12dcx->slot;
- p12dcx->currentASafeKeyPwd->wincx = p12dcx->wincx;
-
- /* initiate the PKCS7ContentInfo decode */
- p12dcx->currentASafeP7Dcx = SEC_PKCS7DecoderStart(
- sec_pkcs12_decoder_safe_contents_callback,
- safeContentsCtx,
- p12dcx->pwfn, p12dcx->pwfnarg,
- sec_pkcs12_decoder_get_decrypt_key,
- p12dcx->currentASafeKeyPwd,
- sec_pkcs12_decoder_decryption_allowed);
- if(!p12dcx->currentASafeP7Dcx) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- SEC_ASN1DecoderSetFilterProc(p12dcx->aSafeDcx,
- sec_pkcs12_decoder_wrap_p7_update,
- p12dcx->currentASafeP7Dcx, PR_TRUE);
- }
-
- if(!before) {
- /* if one is being decoded, finish the decode */
- if(p12dcx->currentASafeP7Dcx != NULL) {
- if(!SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx)) {
- p12dcx->currentASafeP7Dcx = NULL;
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- p12dcx->currentASafeP7Dcx = NULL;
- }
- p12dcx->currentASafeP7Dcx = NULL;
- if(p12dcx->currentASafeKeyPwd->key != NULL) {
- p12dcx->currentASafeKeyPwd->key = NULL;
- }
- }
-
-
- return;
-
-loser:
- /* set the error flag */
- p12dcx->error = PR_TRUE;
- return;
-}
-
-/* wrapper for updating asafes decoding context. this function
- * writes data being decoded to disk, so that a mac can be computed
- * later.
- */
-static void
-sec_pkcs12_decoder_asafes_callback(void *arg, const char *buf,
- unsigned long len)
-{
- SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext *)arg;
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error) {
- return;
- }
-
- /* update the context */
- rv = SEC_ASN1DecoderUpdate(p12dcx->aSafeDcx, buf, len);
- if(rv != SECSuccess) {
- p12dcx->error = (PRBool)SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* if we are writing to a file, write out the new information */
- if(p12dcx->dWrite) {
- unsigned long writeLen = (*p12dcx->dWrite)(p12dcx->dArg,
- (unsigned char *)buf, len);
- if(writeLen != len) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- }
-
- return;
-
-loser:
- /* set the error flag */
- p12dcx->error = PR_TRUE;
- SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
- p12dcx->aSafeDcx = NULL;
-
- return;
-}
-
-/* start the decode of an authenticatedSafe contentInfo.
- */
-static SECStatus
-sec_pkcs12_decode_start_asafes_cinfo(SEC_PKCS12DecoderContext *p12dcx)
-{
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* start the decode context */
- p12dcx->aSafeDcx = SEC_ASN1DecoderStart(p12dcx->arena,
- &p12dcx->authSafe,
- sec_PKCS12AuthenticatedSafeTemplate);
- if(!p12dcx->aSafeDcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set the notify function */
- SEC_ASN1DecoderSetNotifyProc(p12dcx->aSafeDcx,
- sec_pkcs12_decoder_asafes_notify, p12dcx);
-
- /* begin the authSafe decoder context */
- p12dcx->aSafeP7Dcx = SEC_PKCS7DecoderStart(
- sec_pkcs12_decoder_asafes_callback, p12dcx,
- p12dcx->pwfn, p12dcx->pwfnarg, NULL, NULL, NULL);
- if(!p12dcx->aSafeP7Dcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* open the temp file for writing, if the filter functions were set */
- if(p12dcx->dOpen && (*p12dcx->dOpen)(p12dcx->dArg, PR_FALSE)
- != SECSuccess) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
- p12dcx->error = PR_TRUE;
-
- if(p12dcx->aSafeDcx) {
- SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
- p12dcx->aSafeDcx = NULL;
- }
-
- if(p12dcx->aSafeP7Dcx) {
- SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- p12dcx->aSafeP7Dcx = NULL;
- }
-
- return SECFailure;
-}
-
-/* wrapper for updating the safeContents. this function is used as
- * a filter for the pfx when decoding the authenticated safes
- */
-static void
-sec_pkcs12_decode_asafes_cinfo_update(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- p12dcx = (SEC_PKCS12DecoderContext*)arg;
- if(!p12dcx || p12dcx->error) {
- return;
- }
-
- /* update the safeContents decoder */
- rv = SEC_PKCS7DecoderUpdate(p12dcx->aSafeP7Dcx, buf, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- goto loser;
- }
-
- return;
-
-loser:
-
- /* did we find an error? if so, close the context and set the
- * error flag.
- */
- SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- p12dcx->aSafeP7Dcx = NULL;
- p12dcx->error = PR_TRUE;
-}
-
-/* notify procedure used while decoding the pfx. When we encounter
- * the authSafes, we want to trigger the decoding of authSafes as well
- * as when we encounter the macData, trigger the decoding of it. we do
- * this because we we are streaming the decoder and not decoding in place.
- * the pfx which is the destination, only has the version decoded into it.
- */
-static void
-sec_pkcs12_decoder_pfx_notify_proc(void *arg, PRBool before, void *dest,
- int real_depth)
-{
- SECStatus rv;
- SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext*)arg;
-
- /* if an error occurrs, clear the notifyProc and the filterProc
- * and continue.
- */
- if(p12dcx->error) {
- SEC_ASN1DecoderClearNotifyProc(p12dcx->pfxDcx);
- SEC_ASN1DecoderClearFilterProc(p12dcx->pfxDcx);
- return;
- }
-
- if(before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
-
- /* we want to make sure this is a version we support */
- if(!sec_pkcs12_proper_version(&p12dcx->pfx)) {
- p12dcx->errorValue = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
- goto loser;
- }
-
- /* start the decode of the aSafes cinfo... */
- rv = sec_pkcs12_decode_start_asafes_cinfo(p12dcx);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* set the filter proc to update the authenticated safes. */
- SEC_ASN1DecoderSetFilterProc(p12dcx->pfxDcx,
- sec_pkcs12_decode_asafes_cinfo_update,
- p12dcx, PR_TRUE);
- }
-
- if(!before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
-
- /* we are done decoding the authenticatedSafes, so we need to
- * finish the decoderContext and clear the filter proc
- * and close the hmac callback, if present
- */
- p12dcx->aSafeCinfo = SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- p12dcx->aSafeP7Dcx = NULL;
- if(!p12dcx->aSafeCinfo) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- SEC_ASN1DecoderClearFilterProc(p12dcx->pfxDcx);
- if(p12dcx->dClose && ((*p12dcx->dClose)(p12dcx->dArg, PR_FALSE)
- != SECSuccess)) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
-
- }
-
- return;
-
-loser:
- p12dcx->error = PR_TRUE;
-}
-
-/* default implementations of the open/close/read/write functions for
- SEC_PKCS12DecoderStart
-*/
-
-#define DEFAULT_TEMP_SIZE 4096
-
-static SECStatus
-p12u_DigestOpen(void *arg, PRBool readData)
-{
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- p12cxt->currentpos = 0;
-
- if (PR_FALSE == readData) {
- /* allocate an initial buffer */
- p12cxt->filesize = 0;
- p12cxt->allocated = DEFAULT_TEMP_SIZE;
- p12cxt->buffer = PORT_Alloc(DEFAULT_TEMP_SIZE);
- PR_ASSERT(p12cxt->buffer);
- }
- else
- {
- PR_ASSERT(p12cxt->buffer);
- if (!p12cxt->buffer) {
- return SECFailure; /* no data to read */
- }
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-p12u_DigestClose(void *arg, PRBool removeFile)
-{
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- PR_ASSERT(p12cxt);
- if (!p12cxt) {
- return SECFailure;
- }
- p12cxt->currentpos = 0;
-
- if (PR_TRUE == removeFile) {
- PR_ASSERT(p12cxt->buffer);
- if (!p12cxt->buffer) {
- return SECFailure;
- }
- if (p12cxt->buffer) {
- PORT_Free(p12cxt->buffer);
- p12cxt->buffer = NULL;
- p12cxt->allocated = 0;
- p12cxt->filesize = 0;
- }
- }
-
- return SECSuccess;
-}
-
-static int
-p12u_DigestRead(void *arg, unsigned char *buf, unsigned long len)
-{
- int toread = len;
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- if(!buf || len == 0) {
- return -1;
- }
-
- if (!p12cxt->buffer || ((p12cxt->filesize-p12cxt->currentpos)<(long)len) ) {
- /* trying to read past the end of the buffer */
- toread = p12cxt->filesize-p12cxt->currentpos;
- }
- memcpy(buf, (void*)((char*)p12cxt->buffer+p12cxt->currentpos), toread);
- p12cxt->currentpos += toread;
- return toread;
-}
-
-static int
-p12u_DigestWrite(void *arg, unsigned char *buf, unsigned long len)
-{
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- if(!buf || len == 0) {
- return -1;
- }
-
- if (p12cxt->currentpos+(long)len > p12cxt->filesize) {
- p12cxt->filesize = p12cxt->currentpos + len;
- }
- else {
- p12cxt->filesize += len;
- }
- if (p12cxt->filesize > p12cxt->allocated) {
- void* newbuffer;
- size_t newsize = p12cxt->filesize + DEFAULT_TEMP_SIZE;
- newbuffer = PORT_Realloc(p12cxt->buffer, newsize);
- if (NULL == newbuffer) {
- return -1; /* can't extend the buffer */
- }
- p12cxt->buffer = newbuffer;
- p12cxt->allocated = newsize;
- }
- PR_ASSERT(p12cxt->buffer);
- memcpy((void*)((char*)p12cxt->buffer+p12cxt->currentpos), buf, len);
- p12cxt->currentpos += len;
- return len;
-}
-
-/* SEC_PKCS12DecoderStart
- * Creates a decoder context for decoding a PKCS 12 PDU objct.
- * This function sets up the initial decoding context for the
- * PFX and sets the needed state variables.
- *
- * pwitem - the password for the hMac and any encoded safes.
- * this should be changed to take a callback which retrieves
- * the password. it may be possible for different safes to
- * have different passwords. also, the password is already
- * in unicode. it should probably be converted down below via
- * a unicode conversion callback.
- * slot - the slot to import the dataa into should multiple slots
- * be supported based on key type and cert type?
- * dOpen, dClose, dRead, dWrite - digest routines for writing data
- * to a file so it could be read back and the hmack recomputed
- * and verified. doesn't seem to be away for both encoding
- * and decoding to be single pass, thus the need for these
- * routines.
- * dArg - the argument for dOpen, etc.
- *
- * if NULL == dOpen == dClose == dRead == dWrite == dArg, then default
- * implementations using a memory buffer are used
- *
- * This function returns the decoder context, if it was successful.
- * Otherwise, null is returned.
- */
-SEC_PKCS12DecoderContext *
-SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
- digestOpenFn dOpen, digestCloseFn dClose,
- digestIOFn dRead, digestIOFn dWrite, void *dArg)
-{
- SEC_PKCS12DecoderContext *p12dcx;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048); /* different size? */
- if(!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* allocate the decoder context and set the state variables */
- p12dcx = (SEC_PKCS12DecoderContext*)PORT_ArenaZAlloc(arena, sizeof(SEC_PKCS12DecoderContext));
- if(!p12dcx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- if (!dOpen && !dClose && !dRead && !dWrite && !dArg) {
- /* use default implementations */
- dOpen = p12u_DigestOpen;
- dClose = p12u_DigestClose;
- dRead = p12u_DigestRead;
- dWrite = p12u_DigestWrite;
- dArg = (void*)p12dcx;
- }
-
- p12dcx->arena = arena;
- p12dcx->pwitem = pwitem;
- p12dcx->slot = (slot ? PK11_ReferenceSlot(slot)
- : PK11_GetInternalKeySlot());
- p12dcx->wincx = wincx;
- p12dcx->tokenCAs = SECPKCS12TargetTokenNoCAs;
-#ifdef IS_LITTLE_ENDIAN
- p12dcx->swapUnicodeBytes = PR_TRUE;
-#else
- p12dcx->swapUnicodeBytes = PR_FALSE;
-#endif
- p12dcx->errorValue = 0;
- p12dcx->error = PR_FALSE;
-
- /* start the decoding of the PFX and set the notify proc
- * for the PFX item.
- */
- p12dcx->pfxDcx = SEC_ASN1DecoderStart(p12dcx->arena, &p12dcx->pfx,
- sec_PKCS12PFXItemTemplate);
- if(!p12dcx->pfxDcx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PK11_FreeSlot(p12dcx->slot);
- goto loser;
- }
-
- SEC_ASN1DecoderSetNotifyProc(p12dcx->pfxDcx,
- sec_pkcs12_decoder_pfx_notify_proc,
- p12dcx);
-
- /* set up digest functions */
- p12dcx->dOpen = dOpen;
- p12dcx->dWrite = dWrite;
- p12dcx->dClose = dClose;
- p12dcx->dRead = dRead;
- p12dcx->dArg = dArg;
-
- return p12dcx;
-
-loser:
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
-}
-
-SECStatus
-SEC_PKCS12DecoderSetTargetTokenCAs(SEC_PKCS12DecoderContext *p12dcx,
- SECPKCS12TargetTokenCAs tokenCAs)
-{
- if (!p12dcx || p12dcx->error) {
- return SECFailure;
- }
- p12dcx->tokenCAs = tokenCAs;
- return SECSuccess;
-}
-
-
-/* SEC_PKCS12DecoderUpdate
- * Streaming update sending more data to the decoder. If
- * an error occurs, SECFailure is returned.
- *
- * p12dcx - the decoder context
- * data, len - the data buffer and length of data to send to
- * the update functions.
- */
-SECStatus
-SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx,
- unsigned char *data, unsigned long len)
-{
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* update the PFX decoder context */
- rv = SEC_ASN1DecoderUpdate(p12dcx->pfxDcx, (const char *)data, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
-
- p12dcx->error = PR_TRUE;
- return SECFailure;
-}
-
-#define IN_BUF_LEN HASH_LENGTH_MAX
-
-/* verify the hmac by reading the data from the temporary file
- * using the routines specified when the decodingContext was
- * created and return SECSuccess if the hmac matches.
- */
-static SECStatus
-sec_pkcs12_decoder_verify_mac(SEC_PKCS12DecoderContext *p12dcx)
-{
- SECStatus rv = SECFailure;
- SECStatus lrv;
- SECItem hmacRes;
- unsigned char buf[IN_BUF_LEN];
- unsigned int bufLen;
- int iteration;
- PK11Context *pk11cx = NULL;
- PK11SymKey *symKey = NULL;
- SECItem *params = NULL;
- SECItem ignore = {0};
- SECOidTag algtag;
- CK_MECHANISM_TYPE integrityMech;
-
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* generate hmac key */
- if(p12dcx->macData.iter.data) {
- iteration = (int)DER_GetInteger(&p12dcx->macData.iter);
- } else {
- iteration = 1;
- }
-
- params = PK11_CreatePBEParams(&p12dcx->macData.macSalt, p12dcx->pwitem,
- iteration);
-
- algtag = SECOID_GetAlgorithmTag(&p12dcx->macData.safeMac.digestAlgorithm);
- switch (algtag) {
- case SEC_OID_SHA1:
- integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN; break;
- case SEC_OID_MD5:
- integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN; break;
- case SEC_OID_MD2:
- integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break;
- default:
- goto loser;
- }
-
- symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
- PK11_DestroyPBEParams(params);
- params = NULL;
- if (!symKey) goto loser;
- /* init hmac */
- pk11cx = PK11_CreateContextBySymKey(sec_pkcs12_algtag_to_mech(algtag),
- CKA_SIGN, symKey, &ignore);
- if(!pk11cx) {
- goto loser;
- }
- lrv = PK11_DigestBegin(pk11cx);
- if (lrv == SECFailure ) {
- goto loser;
- }
-
- /* try to open the data for readback */
- if(p12dcx->dOpen && ((*p12dcx->dOpen)(p12dcx->dArg, PR_TRUE)
- != SECSuccess)) {
- goto loser;
- }
-
- /* read the data back IN_BUF_LEN bytes at a time and recompute
- * the hmac. if fewer bytes are read than are requested, it is
- * assumed that the end of file has been reached. if bytesRead
- * is returned as -1, then an error occured reading from the
- * file.
- */
- while(1) {
- int bytesRead = (*p12dcx->dRead)(p12dcx->dArg, buf, IN_BUF_LEN);
- if(bytesRead == -1) {
- goto loser;
- }
-
- lrv = PK11_DigestOp(pk11cx, buf, bytesRead);
- if (lrv == SECFailure) {
- goto loser;
- }
- if(bytesRead < IN_BUF_LEN) {
- break;
- }
- }
-
- /* finish the hmac context */
- lrv = PK11_DigestFinal(pk11cx, buf, &bufLen, IN_BUF_LEN);
- if (lrv == SECFailure ) {
- goto loser;
- }
-
- hmacRes.data = buf;
- hmacRes.len = bufLen;
-
- /* is the hmac computed the same as the hmac which was decoded? */
- rv = SECSuccess;
- if(SECITEM_CompareItem(&hmacRes, &p12dcx->macData.safeMac.digest)
- != SECEqual) {
- PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
- rv = SECFailure;
- }
-
-loser:
- /* close the file and remove it */
- if(p12dcx->dClose) {
- (*p12dcx->dClose)(p12dcx->dArg, PR_TRUE);
- }
-
- if(pk11cx) {
- PK11_DestroyContext(pk11cx, PR_TRUE);
- }
- if (params) {
- PK11_DestroyPBEParams(params);
- }
- if (symKey) {
- PK11_FreeSymKey(symKey);
- }
-
- return rv;
-}
-
-/* SEC_PKCS12DecoderVerify
- * Verify the macData or the signature of the decoded PKCS 12 PDU.
- * If the signature or the macData do not match, SECFailure is
- * returned.
- *
- * p12dcx - the decoder context
- */
-SECStatus
-SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx)
-{
- SECStatus rv = SECSuccess;
-
- /* make sure that no errors have occured... */
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- rv = SEC_ASN1DecoderFinish(p12dcx->pfxDcx);
- p12dcx->pfxDcx = NULL;
- if(rv != SECSuccess) {
- return rv;
- }
-
- /* check the signature or the mac depending on the type of
- * integrity used.
- */
- if(p12dcx->pfx.encodedMacData.len) {
- rv = SEC_ASN1DecodeItem(p12dcx->arena, &p12dcx->macData,
- sec_PKCS12MacDataTemplate,
- &p12dcx->pfx.encodedMacData);
- if(rv == SECSuccess) {
- return sec_pkcs12_decoder_verify_mac(p12dcx);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- if(SEC_PKCS7VerifySignature(p12dcx->aSafeCinfo, certUsageEmailSigner,
- PR_FALSE)) {
- return SECSuccess;
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
- }
- }
-
- return SECFailure;
-}
-
-/* SEC_PKCS12DecoderFinish
- * Free any open ASN1 or PKCS7 decoder contexts and then
- * free the arena pool which everything should be allocated
- * from. This function should be called upon completion of
- * decoding and installing of a pfx pdu. This should be
- * called even if an error occurs.
- *
- * p12dcx - the decoder context
- */
-void
-SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx)
-{
- if(!p12dcx) {
- return;
- }
-
- if(p12dcx->pfxDcx) {
- SEC_ASN1DecoderFinish(p12dcx->pfxDcx);
- p12dcx->pfxDcx = NULL;
- }
-
- if(p12dcx->aSafeDcx) {
- SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
- p12dcx->aSafeDcx = NULL;
- }
-
- if(p12dcx->currentASafeP7Dcx) {
- SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx);
- p12dcx->currentASafeP7Dcx = NULL;
- }
-
- if(p12dcx->aSafeP7Dcx) {
- SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- }
-
- if(p12dcx->hmacDcx) {
- SEC_ASN1DecoderFinish(p12dcx->hmacDcx);
- p12dcx->hmacDcx = NULL;
- }
-
- if(p12dcx->slot) {
- PK11_FreeSlot(p12dcx->slot);
- p12dcx->slot = NULL;
- }
-
- if(p12dcx->arena) {
- PORT_FreeArena(p12dcx->arena, PR_TRUE);
- }
-}
-
-static SECStatus
-sec_pkcs12_decoder_set_attribute_value(sec_PKCS12SafeBag *bag,
- SECOidTag attributeType,
- SECItem *attrValue)
-{
- int i = 0;
- SECOidData *oid;
-
- if(!bag || !attrValue) {
- return SECFailure;
- }
-
- oid = SECOID_FindOIDByTag(attributeType);
- if(!oid) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- if(!bag->attribs) {
- bag->attribs = (sec_PKCS12Attribute**)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute *) * 2);
- } else {
- while(bag->attribs[i]) i++;
- bag->attribs = (sec_PKCS12Attribute **)PORT_ArenaGrow(bag->arena,
- bag->attribs,
- (i + 1) * sizeof(sec_PKCS12Attribute *),
- (i + 2) * sizeof(sec_PKCS12Attribute *));
- }
-
- if(!bag->attribs) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- bag->attribs[i] = (sec_PKCS12Attribute*)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!bag->attribs) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- bag->attribs[i]->attrValue = (SECItem**)PORT_ArenaZAlloc(bag->arena,
- sizeof(SECItem *) * 2);
- if(!bag->attribs[i]->attrValue) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- bag->attribs[i+1] = NULL;
- bag->attribs[i]->attrValue[0] = attrValue;
- bag->attribs[i]->attrValue[1] = NULL;
-
- if(SECITEM_CopyItem(bag->arena, &bag->attribs[i]->attrType, &oid->oid)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-static SECItem *
-sec_pkcs12_get_attribute_value(sec_PKCS12SafeBag *bag,
- SECOidTag attributeType)
-{
- int i = 0;
-
- if(!bag->attribs) {
- return NULL;
- }
-
- while(bag->attribs[i] != NULL) {
- if(SECOID_FindOIDTag(&bag->attribs[i]->attrType)
- == attributeType) {
- return bag->attribs[i]->attrValue[0];
- }
- i++;
- }
-
- return NULL;
-}
-
-/* For now, this function will merely remove any ":"
- * in the nickname which the PK11 functions may have
- * placed there. This will keep dual certs from appearing
- * twice under "Your" certificates when imported onto smart
- * cards. Once with the name "Slot:Cert" and another with
- * the nickname "Slot:Slot:Cert"
- */
-static void
-sec_pkcs12_sanitize_nickname(PK11SlotInfo *slot, SECItem *nick)
-{
- char *nickname;
- char *delimit;
- int delimitlen;
-
- nickname = (char*)nick->data; /*Mac breaks without this type cast*/
- if ((delimit = PORT_Strchr(nickname, ':')) != NULL) {
- char *slotName;
- int slotNameLen;
-
- slotNameLen = delimit-nickname;
- slotName = PORT_NewArray(char, (slotNameLen+1));
- PORT_Assert(slotName);
- if (slotName == NULL) {
- /* What else can we do?*/
- return;
- }
- PORT_Memcpy(slotName, nickname, slotNameLen);
- slotName[slotNameLen] = '\0';
- if (PORT_Strcmp(PK11_GetTokenName(slot), slotName) == 0) {
- delimitlen = PORT_Strlen(delimit+1);
- PORT_Memmove(nickname, delimit+1, delimitlen+1);
- nick->len = delimitlen;
- }
- PORT_Free(slotName);
- }
-
-}
-
-static SECItem *
-sec_pkcs12_get_nickname(sec_PKCS12SafeBag *bag)
-{
- SECItem *src, *dest;
-
- if(!bag) {
- bag->problem = PR_TRUE;
- bag->error = SEC_ERROR_NO_MEMORY;
- return NULL;
- }
-
- src = sec_pkcs12_get_attribute_value(bag, SEC_OID_PKCS9_FRIENDLY_NAME);
- if(!src) {
- return NULL;
- }
-
- dest = (SECItem*)PORT_ZAlloc(sizeof(SECItem));
- if(!dest) {
- goto loser;
- }
- if(!sec_pkcs12_convert_item_to_unicode(NULL, dest, src, PR_FALSE,
- PR_FALSE, PR_FALSE)) {
- goto loser;
- }
-
- sec_pkcs12_sanitize_nickname(bag->slot, dest);
-
- return dest;
-
-loser:
- if(dest) {
- SECITEM_ZfreeItem(dest, PR_TRUE);
- }
-
- bag->problem = PR_TRUE;
- bag->error = PORT_GetError();
- return NULL;
-}
-
-static SECStatus
-sec_pkcs12_set_nickname(sec_PKCS12SafeBag *bag, SECItem *name)
-{
- int i = 0;
- sec_PKCS12Attribute *attr = NULL;
- SECOidData *oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_FRIENDLY_NAME);
-
- if(!bag || !bag->arena || !name) {
- return SECFailure;
- }
-
- if(!bag->attribs) {
- if(!oid) {
- goto loser;
- }
-
- bag->attribs = (sec_PKCS12Attribute**)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute *)*2);
- if(!bag->attribs) {
- goto loser;
- }
- bag->attribs[0] = (sec_PKCS12Attribute*)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!bag->attribs[0]) {
- goto loser;
- }
- bag->attribs[1] = NULL;
-
- attr = bag->attribs[0];
- if(SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid)
- != SECSuccess) {
- goto loser;
- }
- } else {
- while(bag->attribs[i]) {
- if(SECOID_FindOIDTag(&bag->attribs[i]->attrType)
- == SEC_OID_PKCS9_FRIENDLY_NAME) {
- attr = bag->attribs[i];
- goto have_attrib;
-
- }
- i++;
- }
- if(!attr) {
- bag->attribs = (sec_PKCS12Attribute **)PORT_ArenaGrow(bag->arena,
- bag->attribs,
- (i+1) * sizeof(sec_PKCS12Attribute *),
- (i+2) * sizeof(sec_PKCS12Attribute *));
- if(!bag->attribs) {
- goto loser;
- }
- bag->attribs[i] =
- (sec_PKCS12Attribute *)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!bag->attribs[i]) {
- goto loser;
- }
- bag->attribs[i+1] = NULL;
- attr = bag->attribs[i];
- if(SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid)
- != SECSuccess) {
- goto loser;
- }
- }
- }
-have_attrib:
- PORT_Assert(attr);
- if(!attr->attrValue) {
- attr->attrValue = (SECItem **)PORT_ArenaZAlloc(bag->arena,
- sizeof(SECItem *) * 2);
- if(!attr->attrValue) {
- goto loser;
- }
- attr->attrValue[0] = (SECItem*)PORT_ArenaZAlloc(bag->arena,
- sizeof(SECItem));
- if(!attr->attrValue[0]) {
- goto loser;
- }
- attr->attrValue[1] = NULL;
- }
-
- name->len = PORT_Strlen((char *)name->data);
- if(!sec_pkcs12_convert_item_to_unicode(bag->arena, attr->attrValue[0],
- name, PR_FALSE, PR_FALSE, PR_TRUE)) {
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
- bag->problem = PR_TRUE;
- bag->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
-}
-
-static SECStatus
-sec_pkcs12_get_key_info(sec_PKCS12SafeBag *key)
-{
- int i = 0;
- SECKEYPrivateKeyInfo *pki = NULL;
-
- if(!key) {
- return SECFailure;
- }
-
- /* if the bag does *not* contain an unencrypted PrivateKeyInfo
- * then we cannot convert the attributes. We are propagating
- * attributes within the PrivateKeyInfo to the SafeBag level.
- */
- if(SECOID_FindOIDTag(&(key->safeBagType)) !=
- SEC_OID_PKCS12_V1_KEY_BAG_ID) {
- return SECSuccess;
- }
-
- pki = key->safeBagContent.pkcs8KeyBag;
-
- if(!pki || !pki->attributes) {
- return SECSuccess;
- }
-
- while(pki->attributes[i]) {
- SECItem *attrValue = NULL;
-
- if(SECOID_FindOIDTag(&pki->attributes[i]->attrType) ==
- SEC_OID_PKCS9_LOCAL_KEY_ID) {
- attrValue = sec_pkcs12_get_attribute_value(key,
- SEC_OID_PKCS9_LOCAL_KEY_ID);
- if(!attrValue) {
- if(sec_pkcs12_decoder_set_attribute_value(key,
- SEC_OID_PKCS9_LOCAL_KEY_ID,
- pki->attributes[i]->attrValue[0])
- != SECSuccess) {
- key->problem = PR_TRUE;
- key->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
- }
- }
-
- if(SECOID_FindOIDTag(&pki->attributes[i]->attrType) ==
- SEC_OID_PKCS9_FRIENDLY_NAME) {
- attrValue = sec_pkcs12_get_attribute_value(key,
- SEC_OID_PKCS9_FRIENDLY_NAME);
- if(!attrValue) {
- if(sec_pkcs12_decoder_set_attribute_value(key,
- SEC_OID_PKCS9_FRIENDLY_NAME,
- pki->attributes[i]->attrValue[0])
- != SECSuccess) {
- key->problem = PR_TRUE;
- key->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
- }
- }
-
- i++;
- }
-
- return SECSuccess;
-}
-
-/* retrieve the nickname for the certificate bag. first look
- * in the cert bag, otherwise get it from the key.
- */
-static SECItem *
-sec_pkcs12_get_nickname_for_cert(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- void *wincx)
-{
- SECItem *nickname;
-
- if(!cert) {
- return NULL;
- }
-
- nickname = sec_pkcs12_get_nickname(cert);
- if(nickname) {
- return nickname;
- }
-
- if(key) {
- nickname = sec_pkcs12_get_nickname(key);
-
- if(nickname && sec_pkcs12_set_nickname(cert, nickname)
- != SECSuccess) {
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- if(nickname) {
- SECITEM_ZfreeItem(nickname, PR_TRUE);
- }
- return NULL;
- }
- }
-
- return nickname;
-}
-
-/* set the nickname for the certificate */
-static SECStatus
-sec_pkcs12_set_nickname_for_cert(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- SECItem *nickname,
- void *wincx)
-{
- if(!nickname || !cert) {
- return SECFailure;
- }
-
- if(sec_pkcs12_set_nickname(cert, nickname) != SECSuccess) {
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- return SECFailure;
- }
-
- if(key) {
- if(sec_pkcs12_set_nickname(key, nickname) != SECSuccess) {
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- return SECFailure;
- }
- }
-
- return SECSuccess;
-}
-
-/* retrieve the DER cert from the cert bag */
-static SECItem *
-sec_pkcs12_get_der_cert(sec_PKCS12SafeBag *cert)
-{
- if(!cert) {
- return NULL;
- }
-
- if(SECOID_FindOIDTag(&cert->safeBagType) != SEC_OID_PKCS12_V1_CERT_BAG_ID) {
- return NULL;
- }
-
- /* only support X509 certs not SDSI */
- if(SECOID_FindOIDTag(&cert->safeBagContent.certBag->bagID)
- != SEC_OID_PKCS9_X509_CERT) {
- return NULL;
- }
-
- return SECITEM_DupItem(&(cert->safeBagContent.certBag->value.x509Cert));
-}
-
-struct certNickInfo {
- PRArenaPool *arena;
- unsigned int nNicks;
- SECItem **nickList;
- unsigned int error;
-};
-
-/* callback for traversing certificates to gather the nicknames
- * used in a particular traversal. for instance, when using
- * CERT_TraversePermCertsForSubject, gather the nicknames and
- * store them in the certNickInfo for a particular DN.
- *
- * this handles the case where multiple nicknames are allowed
- * for the same dn, which is not currently allowed, but may be
- * in the future.
- */
-static SECStatus
-gatherNicknames(CERTCertificate *cert, void *arg)
-{
- struct certNickInfo *nickArg = (struct certNickInfo *)arg;
- SECItem tempNick;
- unsigned int i;
-
- if(!cert || !nickArg || nickArg->error) {
- return SECFailure;
- }
-
- if(!cert->nickname) {
- return SECSuccess;
- }
-
- tempNick.data = (unsigned char *)cert->nickname;
- tempNick.len = PORT_Strlen(cert->nickname) + 1;
-
- /* do we already have the nickname in the list? */
- if(nickArg->nNicks > 0) {
-
- /* nicknames have been encountered, but there is no list -- bad */
- if(!nickArg->nickList) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- for(i = 0; i < nickArg->nNicks; i++) {
- if(SECITEM_CompareItem(nickArg->nickList[i], &tempNick)
- == SECEqual) {
- return SECSuccess;
- }
- }
- }
-
- /* add the nickname to the list */
- if(nickArg->nNicks == 0) {
- nickArg->nickList = (SECItem **)PORT_ArenaZAlloc(nickArg->arena,
- 2 * sizeof(SECItem *));
- } else {
- nickArg->nickList = (SECItem **)PORT_ArenaGrow(nickArg->arena,
- nickArg->nickList,
- (nickArg->nNicks + 1) * sizeof(SECItem *),
- (nickArg->nNicks + 2) * sizeof(SECItem *));
- }
- if(!nickArg->nickList) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- nickArg->nickList[nickArg->nNicks] =
- (SECItem *)PORT_ArenaZAlloc(nickArg->arena, sizeof(SECItem));
- if(!nickArg->nickList[nickArg->nNicks]) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
-
- if(SECITEM_CopyItem(nickArg->arena, nickArg->nickList[nickArg->nNicks],
- &tempNick) != SECSuccess) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- nickArg->nNicks++;
-
- return SECSuccess;
-}
-
-/* traverses the certs in the data base or in the token for the
- * DN to see if any certs currently have a nickname set.
- * If so, return it.
- */
-static SECItem *
-sec_pkcs12_get_existing_nick_for_dn(sec_PKCS12SafeBag *cert, void *wincx)
-{
- struct certNickInfo *nickArg = NULL;
- SECItem *derCert, *returnDn = NULL;
- PRArenaPool *arena = NULL;
- CERTCertificate *tempCert;
-
- if(!cert) {
- return NULL;
- }
-
- derCert = sec_pkcs12_get_der_cert(cert);
- if(!derCert) {
- return NULL;
- }
-
- tempCert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if(!tempCert) {
- returnDn = NULL;
- goto loser;
- }
-
- arena = PORT_NewArena(1024);
- if(!arena) {
- returnDn = NULL;
- goto loser;
- }
- nickArg = (struct certNickInfo *)PORT_ArenaZAlloc(arena,
- sizeof(struct certNickInfo));
- if(!nickArg) {
- returnDn = NULL;
- goto loser;
- }
- nickArg->error = 0;
- nickArg->nNicks = 0;
- nickArg->nickList = NULL;
- nickArg->arena = arena;
-
- /* if the token is local, first traverse the cert database
- * then traverse the token.
- */
- if(PK11_TraverseCertsForSubjectInSlot(tempCert, cert->slot, gatherNicknames,
- (void *)nickArg) != SECSuccess) {
- returnDn = NULL;
- goto loser;
- }
-
- if(nickArg->error) {
- /* XXX do we want to set the error? */
- returnDn = NULL;
- goto loser;
- }
-
- if(nickArg->nNicks == 0) {
- returnDn = NULL;
- goto loser;
- }
-
- /* set it to the first name, for now. handle multiple names? */
- returnDn = SECITEM_DupItem(nickArg->nickList[0]);
-
-loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- if(tempCert) {
- CERT_DestroyCertificate(tempCert);
- }
-
- if(derCert) {
- SECITEM_FreeItem(derCert, PR_TRUE);
- }
-
- return (returnDn);
-}
-
-/* counts certificates found for a given traversal function */
-static SECStatus
-countCertificate(CERTCertificate *cert, void *arg)
-{
- unsigned int *nCerts = (unsigned int *)arg;
-
- if(!cert || !arg) {
- return SECFailure;
- }
-
- (*nCerts)++;
- return SECSuccess;
-}
-
-static PRBool
-sec_pkcs12_certs_for_nickname_exist(SECItem *nickname, PK11SlotInfo *slot)
-{
- unsigned int nCerts = 0;
-
- if(!nickname || !slot) {
- return PR_TRUE;
- }
-
- /* we want to check the local database first if we are importing to it */
- PK11_TraverseCertsForNicknameInSlot(nickname, slot, countCertificate,
- (void *)&nCerts);
- if(nCerts) return PR_TRUE;
-
- return PR_FALSE;
-}
-
-/* validate cert nickname such that there is a one-to-one relation
- * between nicknames and dn's. we want to enforce the case that the
- * nickname is non-NULL and that there is only one nickname per DN.
- *
- * if there is a problem with a nickname or the nickname is not present,
- * the user will be prompted for it.
- */
-static void
-sec_pkcs12_validate_cert_nickname(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- SEC_PKCS12NicknameCollisionCallback nicknameCb,
- void *wincx)
-{
- SECItem *certNickname, *existingDNNick;
- PRBool setNickname = PR_FALSE, cancel = PR_FALSE;
- SECItem *newNickname = NULL;
-
- if(!cert || !cert->hasKey) {
- return;
- }
-
- if(!nicknameCb) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- if(cert->hasKey && !key) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- certNickname = sec_pkcs12_get_nickname_for_cert(cert, key, wincx);
- existingDNNick = sec_pkcs12_get_existing_nick_for_dn(cert, wincx);
-
- /* nickname is already used w/ this dn, so it is safe to return */
- if(certNickname && existingDNNick &&
- SECITEM_CompareItem(certNickname, existingDNNick) == SECEqual) {
- goto loser;
- }
-
- /* nickname not set in pkcs 12 bags, but a nick is already used for
- * this dn. set the nicks in the p12 bags and finish.
- */
- if(existingDNNick) {
- if(sec_pkcs12_set_nickname_for_cert(cert, key, existingDNNick, wincx)
- != SECSuccess) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- }
- goto loser;
- }
-
- /* at this point, we have a certificate for which the DN is not located
- * on the token. the nickname specified may or may not be NULL. if it
- * is not null, we need to make sure that there are no other certificates
- * with this nickname in the token for it to be valid. this imposes a
- * one to one relationship between DN and nickname.
- *
- * if the nickname is null, we need the user to enter a nickname for
- * the certificate.
- *
- * once we have a nickname, we make sure that the nickname is unique
- * for the DN. if it is not, the user is reprompted to enter a new
- * nickname.
- *
- * in order to exit this loop, the nickname entered is either unique
- * or the user hits cancel and the certificate is not imported.
- */
- setNickname = PR_FALSE;
- while(1) {
- if(certNickname && certNickname->data) {
- /* we will use the nickname so long as no other certs have the
- * same nickname. and the nickname is not NULL.
- */
- if(!sec_pkcs12_certs_for_nickname_exist(certNickname, cert->slot)) {
- if(setNickname) {
- if(sec_pkcs12_set_nickname_for_cert(cert, key, certNickname,
- wincx) != SECSuccess) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- }
- }
- goto loser;
- }
- }
-
- setNickname = PR_FALSE;
- newNickname = (*nicknameCb)(certNickname, &cancel, wincx);
- if(cancel) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_USER_CANCELLED;
- goto loser;
- }
-
- if(!newNickname) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* at this point we have a new nickname, if we have an existing
- * certNickname, we need to free it and assign the new nickname
- * to it to avoid a memory leak. happy?
- */
- if(certNickname) {
- SECITEM_ZfreeItem(certNickname, PR_TRUE);
- certNickname = NULL;
- }
-
- certNickname = newNickname;
- setNickname = PR_TRUE;
- /* go back and recheck the new nickname */
- }
-
-loser:
- if(certNickname) {
- SECITEM_ZfreeItem(certNickname, PR_TRUE);
- }
-
- if(existingDNNick) {
- SECITEM_ZfreeItem(existingDNNick, PR_TRUE);
- }
-}
-
-static void
-sec_pkcs12_validate_cert(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- SEC_PKCS12NicknameCollisionCallback nicknameCb,
- void *wincx)
-{
- CERTCertificate *leafCert;
-
- if(!cert) {
- return;
- }
-
- cert->validated = PR_TRUE;
-
- if(!nicknameCb) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->noInstall = PR_TRUE;
- return;
- }
-
- if(!cert->safeBagContent.certBag) {
- cert->noInstall = PR_TRUE;
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- return;
- }
-
- cert->noInstall = PR_FALSE;
- cert->unused = PR_FALSE;
- cert->problem = PR_FALSE;
- cert->error = 0;
-
- leafCert = CERT_DecodeDERCertificate(
- &cert->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
- if(!leafCert) {
- cert->noInstall = PR_TRUE;
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- CERT_DestroyCertificate(leafCert);
-
- sec_pkcs12_validate_cert_nickname(cert, key, nicknameCb, wincx);
-}
-
-static void
-sec_pkcs12_validate_key_by_cert(sec_PKCS12SafeBag *cert, sec_PKCS12SafeBag *key,
- void *wincx)
-{
- CERTCertificate *leafCert;
- SECKEYPrivateKey *privk;
-
- if(!key) {
- return;
- }
-
- key->validated = PR_TRUE;
-
- if(!cert) {
- key->problem = PR_TRUE;
- key->noInstall = PR_TRUE;
- key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- return;
- }
-
- leafCert = CERT_DecodeDERCertificate(
- &(cert->safeBagContent.certBag->value.x509Cert), PR_FALSE, NULL);
- if(!leafCert) {
- key->problem = PR_TRUE;
- key->noInstall = PR_TRUE;
- key->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- privk = PK11_FindPrivateKeyFromCert(key->slot, leafCert, wincx);
- if(!privk) {
- privk = PK11_FindKeyByDERCert(key->slot, leafCert, wincx);
- }
-
- if(privk) {
- SECKEY_DestroyPrivateKey(privk);
- key->noInstall = PR_TRUE;
- }
-
- CERT_DestroyCertificate(leafCert);
-}
-
-static SECStatus
-sec_pkcs12_add_cert(sec_PKCS12SafeBag *cert, PRBool keyExists, void *wincx)
-{
- SECItem *derCert, *nickName;
- char *nickData = NULL;
- PRBool isIntermediateCA;
- SECStatus rv;
-
- if(!cert) {
- return SECFailure;
- }
-
- if(cert->problem || cert->noInstall || cert->installed) {
- return SECSuccess;
- }
-
- derCert = &cert->safeBagContent.certBag->value.x509Cert;
-
- PORT_Assert(!cert->problem && !cert->noInstall);
-
- nickName = sec_pkcs12_get_nickname(cert);
- if(nickName) {
- nickData = (char *)nickName->data;
- }
-
- isIntermediateCA = CERT_IsCADERCert(derCert, NULL) &&
- !CERT_IsRootDERCert(derCert);
-
- if(keyExists) {
- CERTCertificate *newCert;
-
- newCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- derCert, NULL, PR_FALSE, PR_FALSE);
- if(!newCert) {
- if(nickName) SECITEM_ZfreeItem(nickName, PR_TRUE);
- cert->error = PORT_GetError();
- cert->problem = PR_TRUE;
- return SECFailure;
- }
-
- rv = PK11_ImportCertForKeyToSlot(cert->slot, newCert, nickData,
- PR_TRUE, wincx);
- CERT_DestroyCertificate(newCert);
- } else if ((cert->tokenCAs == SECPKCS12TargetTokenNoCAs) ||
- ((cert->tokenCAs == SECPKCS12TargetTokenIntermediateCAs) &&
- !isIntermediateCA)) {
- SECItem *certList[2];
- certList[0] = derCert;
- certList[1] = NULL;
-
- rv = CERT_ImportCerts(CERT_GetDefaultCertDB(), certUsageUserCertImport,
- 1, certList, NULL, PR_TRUE, PR_FALSE, nickData);
- } else {
- rv = PK11_ImportDERCert(cert->slot, derCert, CK_INVALID_HANDLE,
- nickData, PR_FALSE);
- }
-
- cert->installed = PR_TRUE;
- if(nickName) SECITEM_ZfreeItem(nickName, PR_TRUE);
- return rv;
-}
-
-static SECStatus
-sec_pkcs12_add_key(sec_PKCS12SafeBag *key, SECItem *publicValue,
- KeyType keyType, unsigned int keyUsage, void *wincx)
-{
- SECStatus rv;
- SECItem *nickName;
-
- if(!key) {
- return SECFailure;
- }
-
- if(key->problem || key->noInstall) {
- return SECSuccess;
- }
-
- nickName = sec_pkcs12_get_nickname(key);
-
- switch(SECOID_FindOIDTag(&key->safeBagType))
- {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- rv = PK11_ImportPrivateKeyInfo(key->slot,
- key->safeBagContent.pkcs8KeyBag,
- nickName, publicValue, PR_TRUE, PR_TRUE,
- keyUsage, wincx);
- break;
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- rv = PK11_ImportEncryptedPrivateKeyInfo(key->slot,
- key->safeBagContent.pkcs8ShroudedKeyBag,
- key->pwitem, nickName, publicValue,
- PR_TRUE, PR_TRUE, keyType, keyUsage,
- wincx);
- break;
- default:
- key->error = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
- key->problem = PR_TRUE;
- if(nickName) {
- SECITEM_ZfreeItem(nickName, PR_TRUE);
- }
- return SECFailure;
- }
-
- key->installed = PR_TRUE;
-
- if(nickName) {
- SECITEM_ZfreeItem(nickName, PR_TRUE);
- }
-
- if(rv != SECSuccess) {
- key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- key->problem = PR_TRUE;
- } else {
- key->installed = PR_TRUE;
- }
-
- return rv;
-}
-
-static SECStatus
-sec_pkcs12_add_item_to_bag_list(sec_PKCS12SafeBag ***bagList,
- sec_PKCS12SafeBag *bag)
-{
- int i = 0;
-
- if(!bagList || !bag) {
- return SECFailure;
- }
-
- if(!(*bagList)) {
- (*bagList) = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12SafeBag *) * 2);
- } else {
- while((*bagList)[i]) i++;
- (*bagList) = (sec_PKCS12SafeBag **)PORT_ArenaGrow(bag->arena, *bagList,
- sizeof(sec_PKCS12SafeBag *) * (i + 1),
- sizeof(sec_PKCS12SafeBag *) * (i + 2));
- }
-
- if(!(*bagList)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- (*bagList)[i] = bag;
- (*bagList)[i+1] = NULL;
-
- return SECSuccess;
-}
-
-static sec_PKCS12SafeBag **
-sec_pkcs12_find_certs_for_key(sec_PKCS12SafeBag **safeBags, sec_PKCS12SafeBag *key )
-{
- sec_PKCS12SafeBag **certList = NULL;
- SECItem *keyId;
- int i;
-
- if(!safeBags || !safeBags[0]) {
- return NULL;
- }
-
- keyId = sec_pkcs12_get_attribute_value(key, SEC_OID_PKCS9_LOCAL_KEY_ID);
- if(!keyId) {
- return NULL;
- }
-
- i = 0;
- certList = NULL;
- while(safeBags[i]) {
- if(SECOID_FindOIDTag(&(safeBags[i]->safeBagType))
- == SEC_OID_PKCS12_V1_CERT_BAG_ID) {
- SECItem *certKeyId = sec_pkcs12_get_attribute_value(safeBags[i],
- SEC_OID_PKCS9_LOCAL_KEY_ID);
-
- if(certKeyId && (SECITEM_CompareItem(certKeyId, keyId)
- == SECEqual)) {
- if(sec_pkcs12_add_item_to_bag_list(&certList, safeBags[i])
- != SECSuccess) {
- return NULL;
- }
- }
- }
- i++;
- }
-
- return certList;
-}
-
-CERTCertList *
-SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx)
-{
- CERTCertList *certList = NULL;
- sec_PKCS12SafeBag **safeBags = p12dcx->safeBags;
- int i;
-
- if (!p12dcx || !p12dcx->safeBags || !p12dcx->safeBags[0]) {
- return NULL;
- }
-
- safeBags = p12dcx->safeBags;
- i = 0;
- certList = CERT_NewCertList();
-
- if (certList == NULL) {
- return NULL;
- }
-
- while(safeBags[i]) {
- if (SECOID_FindOIDTag(&(safeBags[i]->safeBagType))
- == SEC_OID_PKCS12_V1_CERT_BAG_ID) {
- SECItem *derCert = sec_pkcs12_get_der_cert(safeBags[i]) ;
- CERTCertificate *tempCert = NULL;
-
- if (derCert == NULL) continue;
- tempCert=CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- derCert, NULL,
- PR_FALSE, PR_TRUE);
-
- if (tempCert) {
- CERT_AddCertToListTail(certList,tempCert);
- }
- SECITEM_FreeItem(derCert,PR_TRUE);
- }
- i++;
- }
-
- return certList;
-}
-static sec_PKCS12SafeBag **
-sec_pkcs12_get_key_bags(sec_PKCS12SafeBag **safeBags)
-{
- int i;
- sec_PKCS12SafeBag **keyList = NULL;
- SECOidTag bagType;
-
- if(!safeBags || !safeBags[0]) {
- return NULL;
- }
-
- i = 0;
- while(safeBags[i]) {
- bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
- switch(bagType) {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- if(sec_pkcs12_add_item_to_bag_list(&keyList, safeBags[i])
- != SECSuccess) {
- return NULL;
- }
- break;
- default:
- break;
- }
- i++;
- }
-
- return keyList;
-}
-
-static SECStatus
-sec_pkcs12_validate_bags(sec_PKCS12SafeBag **safeBags,
- SEC_PKCS12NicknameCollisionCallback nicknameCb,
- void *wincx)
-{
- sec_PKCS12SafeBag **keyList;
- int i;
-
- if(!safeBags || !nicknameCb) {
- return SECFailure;
- }
-
- if(!safeBags[0]) {
- return SECSuccess;
- }
-
- keyList = sec_pkcs12_get_key_bags(safeBags);
- if(keyList) {
- i = 0;
-
- while(keyList[i]) {
- sec_PKCS12SafeBag **certList = sec_pkcs12_find_certs_for_key(
- safeBags, keyList[i]);
- if(certList) {
- int j = 0;
-
- if(SECOID_FindOIDTag(&(keyList[i]->safeBagType)) ==
- SEC_OID_PKCS12_V1_KEY_BAG_ID) {
- /* if it is an unencrypted private key then make sure
- * the attributes are propageted to the appropriate
- * level
- */
- if(sec_pkcs12_get_key_info(keyList[i]) != SECSuccess) {
- keyList[i]->problem = PR_TRUE;
- keyList[i]->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
- }
-
- sec_pkcs12_validate_key_by_cert(certList[0], keyList[i], wincx);
- while(certList[j]) {
- certList[j]->hasKey = PR_TRUE;
- if(keyList[i]->problem) {
- certList[j]->problem = PR_TRUE;
- certList[j]->error = keyList[i]->error;
- } else {
- sec_pkcs12_validate_cert(certList[j], keyList[i],
- nicknameCb, wincx);
- if(certList[j]->problem) {
- keyList[i]->problem = certList[j]->problem;
- keyList[i]->error = certList[j]->error;
- }
- }
- j++;
- }
- }
-
- i++;
- }
- }
-
- i = 0;
- while(safeBags[i]) {
- if(!safeBags[i]->validated) {
- SECOidTag bagType = SECOID_FindOIDTag(&safeBags[i]->safeBagType);
-
- switch(bagType) {
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- sec_pkcs12_validate_cert(safeBags[i], NULL, nicknameCb,
- wincx);
- break;
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- safeBags[i]->noInstall = PR_TRUE;
- safeBags[i]->problem = PR_TRUE;
- safeBags[i]->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- break;
- default:
- safeBags[i]->noInstall = PR_TRUE;
- }
- }
- i++;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12NicknameCollisionCallback nicknameCb)
-{
- SECStatus rv;
- int i, noInstallCnt, probCnt, bagCnt, errorVal = 0;
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- rv = sec_pkcs12_validate_bags(p12dcx->safeBags, nicknameCb, p12dcx->wincx);
- if(rv == SECSuccess) {
- p12dcx->bagsVerified = PR_TRUE;
- }
-
- noInstallCnt = probCnt = bagCnt = 0;
- i = 0;
- while(p12dcx->safeBags[i]) {
- bagCnt++;
- if(p12dcx->safeBags[i]->noInstall) noInstallCnt++;
- if(p12dcx->safeBags[i]->problem) {
- probCnt++;
- errorVal = p12dcx->safeBags[i]->error;
- }
- i++;
- }
-
- if(bagCnt == noInstallCnt) {
- PORT_SetError(SEC_ERROR_PKCS12_DUPLICATE_DATA);
- return SECFailure;
- }
-
- if(probCnt) {
- PORT_SetError(errorVal);
- return SECFailure;
- }
-
- return rv;
-}
-
-static SECItem *
-sec_pkcs12_get_public_value_and_type(sec_PKCS12SafeBag *certBag,
- KeyType *type, unsigned int *usage)
-{
- SECKEYPublicKey *pubKey = NULL;
- CERTCertificate *cert = NULL;
- SECItem *pubValue;
-
- *type = nullKey;
- *usage = 0;
-
- if(!certBag) {
- return NULL;
- }
-
- cert = CERT_DecodeDERCertificate(
- &certBag->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
- if(!cert) {
- return NULL;
- }
-
- *usage = cert->keyUsage;
- pubKey = CERT_ExtractPublicKey(cert);
- CERT_DestroyCertificate(cert);
- if(!pubKey) {
- return NULL;
- }
-
- *type = pubKey->keyType;
- switch(pubKey->keyType) {
- case dsaKey:
- pubValue = SECITEM_DupItem(&pubKey->u.dsa.publicValue);
- break;
- case dhKey:
- pubValue = SECITEM_DupItem(&pubKey->u.dh.publicValue);
- break;
- case rsaKey:
- pubValue = SECITEM_DupItem(&pubKey->u.rsa.modulus);
- break;
- default:
- pubValue = NULL;
- }
-
- SECKEY_DestroyPublicKey(pubKey);
-
- return pubValue;
-}
-
-static SECStatus
-sec_pkcs12_install_bags(sec_PKCS12SafeBag **safeBags,
- void *wincx)
-{
- sec_PKCS12SafeBag **keyList, **certList;
- int i;
-
- if(!safeBags) {
- return SECFailure;
- }
-
- if(!safeBags[0]) {
- return SECSuccess;
- }
-
- keyList = sec_pkcs12_get_key_bags(safeBags);
- if(keyList) {
- i = 0;
-
- while(keyList[i]) {
- SECStatus rv;
- SECItem *publicValue = NULL;
- KeyType keyType;
- unsigned int keyUsage;
-
- if(keyList[i]->problem) {
- goto next_key_bag;
- }
-
- certList = sec_pkcs12_find_certs_for_key(safeBags,
- keyList[i]);
- if(certList) {
- publicValue = sec_pkcs12_get_public_value_and_type(certList[0],
- &keyType, &keyUsage);
- }
- rv = sec_pkcs12_add_key(keyList[i], publicValue, keyType, keyUsage,
- wincx);
- if(publicValue) {
- SECITEM_FreeItem(publicValue, PR_TRUE);
- }
- if(rv != SECSuccess) {
- PORT_SetError(keyList[i]->error);
- return SECFailure;
- }
-
- if(certList) {
- int j = 0;
-
- while(certList[j]) {
- SECStatus certRv;
-
- if(rv != SECSuccess) {
- certList[j]->problem = keyList[i]->problem;
- certList[j]->error = keyList[i]->error;
- certList[j]->noInstall = PR_TRUE;
- goto next_cert_bag;
- }
-
- certRv = sec_pkcs12_add_cert(certList[j],
- certList[j]->hasKey, wincx);
- if(certRv != SECSuccess) {
- keyList[i]->problem = certList[j]->problem;
- keyList[i]->error = certList[j]->error;
- PORT_SetError(certList[j]->error);
- return SECFailure;
- }
-next_cert_bag:
- j++;
- }
- }
-
-next_key_bag:
- i++;
- }
- }
-
- i = 0;
- while(safeBags[i]) {
- if(!safeBags[i]->installed) {
- SECStatus rv;
- SECOidTag bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
-
- switch(bagType) {
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- rv = sec_pkcs12_add_cert(safeBags[i], safeBags[i]->hasKey,
- wincx);
- if(rv != SECSuccess) {
- PORT_SetError(safeBags[i]->error);
- return SECFailure;
- }
- break;
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- default:
- break;
- }
- }
- i++;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx)
-{
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- if(!p12dcx->bagsVerified) {
- return SECFailure;
- }
-
- return sec_pkcs12_install_bags(p12dcx->safeBags, p12dcx->wincx);
-}
-
-static SECStatus
-sec_pkcs12_decoder_append_bag_to_context(SEC_PKCS12DecoderContext *p12dcx,
- sec_PKCS12SafeBag *bag)
-{
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- if(!p12dcx->safeBagCount) {
- p12dcx->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag *) * 2);
- } else {
- p12dcx->safeBags =
- (sec_PKCS12SafeBag **)PORT_ArenaGrow(p12dcx->arena, p12dcx->safeBags,
- (p12dcx->safeBagCount + 1) * sizeof(sec_PKCS12SafeBag *),
- (p12dcx->safeBagCount + 2) * sizeof(sec_PKCS12SafeBag *));
- }
-
- if(!p12dcx->safeBags) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- p12dcx->safeBags[p12dcx->safeBagCount] = bag;
- p12dcx->safeBags[p12dcx->safeBagCount+1] = NULL;
- p12dcx->safeBagCount++;
-
- return SECSuccess;
-}
-
-static sec_PKCS12SafeBag *
-sec_pkcs12_decoder_convert_old_key(SEC_PKCS12DecoderContext *p12dcx,
- void *key, PRBool isEspvk)
-{
- sec_PKCS12SafeBag *keyBag;
- SECOidData *oid;
- SECOidTag keyTag;
- SECItem *keyID, *nickName, *newNickName;
-
- if(!p12dcx || p12dcx->error || !key) {
- return NULL;
- }
-
- newNickName =(SECItem *)PORT_ArenaZAlloc(p12dcx->arena, sizeof(SECItem));
- keyBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag));
- if(!keyBag || !newNickName) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- keyBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
- keyBag->slot = p12dcx->slot;
- keyBag->arena = p12dcx->arena;
- keyBag->pwitem = p12dcx->pwitem;
- keyBag->tokenCAs = p12dcx->tokenCAs;
- keyBag->oldBagType = PR_TRUE;
-
- keyTag = (isEspvk) ? SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID :
- SEC_OID_PKCS12_V1_KEY_BAG_ID;
- oid = SECOID_FindOIDByTag(keyTag);
- if(!oid) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(SECITEM_CopyItem(p12dcx->arena, &keyBag->safeBagType, &oid->oid)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(isEspvk) {
- SEC_PKCS12ESPVKItem *espvk = (SEC_PKCS12ESPVKItem *)key;
- keyBag->safeBagContent.pkcs8ShroudedKeyBag =
- espvk->espvkCipherText.pkcs8KeyShroud;
- nickName = &(espvk->espvkData.uniNickName);
- if(!espvk->espvkData.assocCerts || !espvk->espvkData.assocCerts[0]) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return NULL;
- }
- keyID = &espvk->espvkData.assocCerts[0]->digest;
- } else {
- SEC_PKCS12PrivateKey *pk = (SEC_PKCS12PrivateKey *)key;
- keyBag->safeBagContent.pkcs8KeyBag = &pk->pkcs8data;
- nickName= &(pk->pvkData.uniNickName);
- if(!pk->pvkData.assocCerts || !pk->pvkData.assocCerts[0]) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return NULL;
- }
- keyID = &pk->pvkData.assocCerts[0]->digest;
- }
-
- if(nickName->len) {
- if(nickName->len >= 2) {
- if(nickName->data[0] && nickName->data[1]) {
- if(!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName,
- nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- nickName = newNickName;
- } else if(nickName->data[0] && !nickName->data[1]) {
- unsigned int j = 0;
- unsigned char t;
- for(j = 0; j < nickName->len; j+=2) {
- t = nickName->data[j+1];
- nickName->data[j+1] = nickName->data[j];
- nickName->data[j] = t;
- }
- }
- } else {
- if(!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName,
- nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- nickName = newNickName;
- }
- }
-
- if(sec_pkcs12_decoder_set_attribute_value(keyBag,
- SEC_OID_PKCS9_FRIENDLY_NAME,
- nickName) != SECSuccess) {
- return NULL;
- }
-
- if(sec_pkcs12_decoder_set_attribute_value(keyBag,SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyID) != SECSuccess) {
- return NULL;
- }
-
- return keyBag;
-}
-
-static sec_PKCS12SafeBag *
-sec_pkcs12_decoder_create_cert(SEC_PKCS12DecoderContext *p12dcx,
- SECItem *derCert)
-{
- sec_PKCS12SafeBag *certBag;
- SECOidData *oid;
- SGNDigestInfo *digest;
- SECItem *keyId;
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error || !derCert) {
- return NULL;
- }
-
- keyId = (SECItem *)PORT_ArenaZAlloc(p12dcx->arena, sizeof(SECItem));
- if(!keyId) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- digest = sec_pkcs12_compute_thumbprint(derCert);
- if(!digest) {
- return NULL;
- }
-
- rv = SECITEM_CopyItem(p12dcx->arena, keyId, &digest->digest);
- SGN_DestroyDigestInfo(digest);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- oid = SECOID_FindOIDByTag(SEC_OID_PKCS12_V1_CERT_BAG_ID);
- certBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag));
- if(!certBag || !oid || (SECITEM_CopyItem(p12dcx->arena,
- &certBag->safeBagType, &oid->oid) != SECSuccess)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- certBag->slot = p12dcx->slot;
- certBag->pwitem = p12dcx->pwitem;
- certBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
- certBag->arena = p12dcx->arena;
- certBag->tokenCAs = p12dcx->tokenCAs;
-
- oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_X509_CERT);
- certBag->safeBagContent.certBag =
- (sec_PKCS12CertBag *)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12CertBag));
- if(!certBag->safeBagContent.certBag || !oid ||
- (SECITEM_CopyItem(p12dcx->arena,
- &certBag->safeBagContent.certBag->bagID,
- &oid->oid) != SECSuccess)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(SECITEM_CopyItem(p12dcx->arena,
- &(certBag->safeBagContent.certBag->value.x509Cert),
- derCert) != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(sec_pkcs12_decoder_set_attribute_value(certBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- return NULL;
- }
-
- return certBag;
-}
-
-static sec_PKCS12SafeBag **
-sec_pkcs12_decoder_convert_old_cert(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12CertAndCRL *oldCert)
-{
- sec_PKCS12SafeBag **certList;
- SECItem **derCertList;
- int i, j;
-
- if(!p12dcx || p12dcx->error || !oldCert) {
- return NULL;
- }
-
- derCertList = SEC_PKCS7GetCertificateList(&oldCert->value.x509->certOrCRL);
- if(!derCertList) {
- return NULL;
- }
-
- i = 0;
- while(derCertList[i]) i++;
-
- certList = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(p12dcx->arena,
- (i + 1) * sizeof(sec_PKCS12SafeBag *));
- if(!certList) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- for(j = 0; j < i; j++) {
- certList[j] = sec_pkcs12_decoder_create_cert(p12dcx, derCertList[j]);
- if(!certList[j]) {
- return NULL;
- }
- }
-
- return certList;
-}
-
-static SECStatus
-sec_pkcs12_decoder_convert_old_key_and_certs(SEC_PKCS12DecoderContext *p12dcx,
- void *oldKey, PRBool isEspvk,
- SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- sec_PKCS12SafeBag *key, **certList;
- SEC_PKCS12CertAndCRL *oldCert;
- SEC_PKCS12PVKSupportingData *pvkData;
- int i;
- SECItem *keyName;
-
- if(!p12dcx || !oldKey) {
- return SECFailure;
- }
-
- if(isEspvk) {
- pvkData = &((SEC_PKCS12ESPVKItem *)(oldKey))->espvkData;
- } else {
- pvkData = &((SEC_PKCS12PrivateKey *)(oldKey))->pvkData;
- }
-
- if(!pvkData->assocCerts || !pvkData->assocCerts[0]) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return SECFailure;
- }
-
- oldCert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID, NULL,
- pvkData->assocCerts[0]);
- if(!oldCert) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return SECFailure;
- }
-
- key = sec_pkcs12_decoder_convert_old_key(p12dcx,oldKey, isEspvk);
- certList = sec_pkcs12_decoder_convert_old_cert(p12dcx, oldCert);
- if(!key || !certList) {
- return SECFailure;
- }
-
- if(sec_pkcs12_decoder_append_bag_to_context(p12dcx, key) != SECSuccess) {
- return SECFailure;
- }
-
- keyName = sec_pkcs12_get_nickname(key);
- if(!keyName) {
- return SECFailure;
- }
-
- i = 0;
- while(certList[i]) {
- if(sec_pkcs12_decoder_append_bag_to_context(p12dcx, certList[i])
- != SECSuccess) {
- return SECFailure;
- }
- i++;
- }
-
- certList = sec_pkcs12_find_certs_for_key(p12dcx->safeBags, key);
- if(!certList) {
- return SECFailure;
- }
-
- i = 0;
- while(certList[i] != 0) {
- if(sec_pkcs12_set_nickname(certList[i], keyName) != SECSuccess) {
- return SECFailure;
- }
- i++;
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-sec_pkcs12_decoder_convert_old_safe_to_bags(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- if(safe && safe->contents) {
- int i = 0;
- while(safe->contents[i] != NULL) {
- if(SECOID_FindOIDTag(&safe->contents[i]->safeBagType)
- == SEC_OID_PKCS12_KEY_BAG_ID) {
- int j = 0;
- SEC_PKCS12PrivateKeyBag *privBag =
- safe->contents[i]->safeContent.keyBag;
-
- while(privBag->privateKeys[j] != NULL) {
- SEC_PKCS12PrivateKey *pk = privBag->privateKeys[j];
- rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx,pk,
- PR_FALSE, safe, baggage);
- if(rv != SECSuccess) {
- goto loser;
- }
- j++;
- }
- }
- i++;
- }
- }
-
- if(baggage && baggage->bags) {
- int i = 0;
- while(baggage->bags[i] != NULL) {
- SEC_PKCS12BaggageItem *bag = baggage->bags[i];
- int j = 0;
-
- if(!bag->espvks) {
- i++;
- continue;
- }
-
- while(bag->espvks[j] != NULL) {
- SEC_PKCS12ESPVKItem *espvk = bag->espvks[j];
- rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx, espvk,
- PR_TRUE, safe, baggage);
- if(rv != SECSuccess) {
- goto loser;
- }
- j++;
- }
- i++;
- }
- }
-
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-SEC_PKCS12DecoderContext *
-sec_PKCS12ConvertOldSafeToNew(PRArenaPool *arena, PK11SlotInfo *slot,
- PRBool swapUnicode, SECItem *pwitem,
- void *wincx, SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- SEC_PKCS12DecoderContext *p12dcx;
-
- if(!arena || !slot || !pwitem) {
- return NULL;
- }
-
- if(!safe && !baggage) {
- return NULL;
- }
-
- p12dcx = (SEC_PKCS12DecoderContext *)PORT_ArenaZAlloc(arena,
- sizeof(SEC_PKCS12DecoderContext));
- if(!p12dcx) {
- return NULL;
- }
-
- p12dcx->arena = arena;
- p12dcx->slot = PK11_ReferenceSlot(slot);
- p12dcx->wincx = wincx;
- p12dcx->error = PR_FALSE;
- p12dcx->swapUnicodeBytes = swapUnicode;
- p12dcx->pwitem = pwitem;
- p12dcx->tokenCAs = SECPKCS12TargetTokenNoCAs;
-
- if(sec_pkcs12_decoder_convert_old_safe_to_bags(p12dcx, safe, baggage)
- != SECSuccess) {
- p12dcx->error = PR_TRUE;
- return NULL;
- }
-
- return p12dcx;
-}
diff --git a/security/nss/lib/pkcs12/p12dec.c b/security/nss/lib/pkcs12/p12dec.c
deleted file mode 100644
index abce05885..000000000
--- a/security/nss/lib/pkcs12/p12dec.c
+++ /dev/null
@@ -1,693 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs12.h"
-#include "plarena.h"
-#include "secpkcs7.h"
-#include "p12local.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secport.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secerr.h"
-#include "cert.h"
-#include "certdb.h"
-#include "p12plcy.h"
-#include "p12.h"
-#include "secpkcs5.h"
-
-/* PFX extraction and validation routines */
-
-/* decode the DER encoded PFX item. if unable to decode, check to see if it
- * is an older PFX item. If that fails, assume the file was not a valid
- * pfx file.
- * the returned pfx structure should be destroyed using SEC_PKCS12DestroyPFX
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_decode_pfx(SECItem *der_pfx)
-{
- SEC_PKCS12PFXItem *pfx;
- SECStatus rv;
-
- if(der_pfx == NULL) {
- return NULL;
- }
-
- /* allocate the space for a new PFX item */
- pfx = sec_pkcs12_new_pfx();
- if(pfx == NULL) {
- return NULL;
- }
-
- rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate,
- der_pfx);
-
- /* if a failure occurred, check for older version...
- * we also get rid of the old pfx structure, because we don't
- * know where it failed and what data in may contain
- */
- if(rv != SECSuccess) {
- SEC_PKCS12DestroyPFX(pfx);
- pfx = sec_pkcs12_new_pfx();
- if(pfx == NULL) {
- return NULL;
- }
- rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate_OLD,
- der_pfx);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_PKCS12_DECODING_PFX);
- PORT_FreeArena(pfx->poolp, PR_TRUE);
- return NULL;
- }
- pfx->old = PR_TRUE;
- SGN_CopyDigestInfo(pfx->poolp, &pfx->macData.safeMac, &pfx->old_safeMac);
- SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, &pfx->old_macSalt);
- } else {
- pfx->old = PR_FALSE;
- }
-
- /* convert bit string from bits to bytes */
- pfx->macData.macSalt.len /= 8;
-
- return pfx;
-}
-
-/* validate the integrity MAC used in the PFX. The MAC is generated
- * per the PKCS 12 document. If the MAC is incorrect, it is most likely
- * due to an invalid password.
- * pwitem is the integrity password
- * pfx is the decoded pfx item
- */
-static PRBool
-sec_pkcs12_check_pfx_mac(SEC_PKCS12PFXItem *pfx,
- SECItem *pwitem)
-{
- SECItem *key = NULL, *mac = NULL, *data = NULL;
- SECItem *vpwd = NULL;
- SECOidTag algorithm;
- PRBool ret = PR_FALSE;
-
- if(pfx == NULL) {
- return PR_FALSE;
- }
-
- algorithm = SECOID_GetAlgorithmTag(&pfx->macData.safeMac.digestAlgorithm);
- switch(algorithm) {
- /* only SHA1 hashing supported as a MACing algorithm */
- case SEC_OID_SHA1:
- if(pfx->old == PR_FALSE) {
- pfx->swapUnicode = PR_FALSE;
- }
-
-recheckUnicodePassword:
- vpwd = sec_pkcs12_create_virtual_password(pwitem,
- &pfx->macData.macSalt,
- pfx->swapUnicode);
- if(vpwd == NULL) {
- return PR_FALSE;
- }
-
- key = sec_pkcs12_generate_key_from_password(algorithm,
- &pfx->macData.macSalt,
- (pfx->old ? pwitem : vpwd));
- /* free vpwd only for newer PFX */
- if(vpwd) {
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- }
- if(key == NULL) {
- return PR_FALSE;
- }
-
- data = SEC_PKCS7GetContent(&pfx->authSafe);
- if(data == NULL) {
- break;
- }
-
- /* check MAC */
- mac = sec_pkcs12_generate_mac(key, data, pfx->old);
- ret = PR_TRUE;
- if(mac) {
- SECItem *safeMac = &pfx->macData.safeMac.digest;
- if(SECITEM_CompareItem(mac, safeMac) != SECEqual) {
-
- /* if we encounter an invalid mac, lets invert the
- * password in case of unicode changes
- */
- if(((!pfx->old) && pfx->swapUnicode) || (pfx->old)){
- PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
- ret = PR_FALSE;
- } else {
- SECITEM_ZfreeItem(mac, PR_TRUE);
- pfx->swapUnicode = PR_TRUE;
- goto recheckUnicodePassword;
- }
- }
- SECITEM_ZfreeItem(mac, PR_TRUE);
- } else {
- ret = PR_FALSE;
- }
- break;
- default:
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM);
- ret = PR_FALSE;
- break;
- }
-
- /* let success fall through */
- if(key != NULL)
- SECITEM_ZfreeItem(key, PR_TRUE);
-
- return ret;
-}
-
-/* check the validity of the pfx structure. we currently only support
- * password integrity mode, so we check the MAC.
- */
-static PRBool
-sec_pkcs12_validate_pfx(SEC_PKCS12PFXItem *pfx,
- SECItem *pwitem)
-{
- SECOidTag contentType;
-
- contentType = SEC_PKCS7ContentType(&pfx->authSafe);
- switch(contentType)
- {
- case SEC_OID_PKCS7_DATA:
- return sec_pkcs12_check_pfx_mac(pfx, pwitem);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- default:
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
- break;
- }
-
- return PR_FALSE;
-}
-
-/* decode and return the valid PFX. if the PFX item is not valid,
- * NULL is returned.
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_get_pfx(SECItem *pfx_data,
- SECItem *pwitem)
-{
- SEC_PKCS12PFXItem *pfx;
- PRBool valid_pfx;
-
- if((pfx_data == NULL) || (pwitem == NULL)) {
- return NULL;
- }
-
- pfx = sec_pkcs12_decode_pfx(pfx_data);
- if(pfx == NULL) {
- return NULL;
- }
-
- valid_pfx = sec_pkcs12_validate_pfx(pfx, pwitem);
- if(valid_pfx != PR_TRUE) {
- SEC_PKCS12DestroyPFX(pfx);
- pfx = NULL;
- }
-
- return pfx;
-}
-
-/* authenticated safe decoding, validation, and access routines
- */
-
-/* convert dogbert beta 3 authenticated safe structure to a post
- * beta three structure, so that we don't have to change more routines.
- */
-static SECStatus
-sec_pkcs12_convert_old_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- SEC_PKCS12Baggage *baggage;
- SEC_PKCS12BaggageItem *bag;
- SECStatus rv = SECSuccess;
-
- if(asafe->old_baggage.espvks == NULL) {
- /* XXX should the ASN1 engine produce a single NULL element list
- * rather than setting the pointer to NULL?
- * There is no need to return an error -- assume that the list
- * was empty.
- */
- return SECSuccess;
- }
-
- baggage = sec_pkcs12_create_baggage(asafe->poolp);
- if(!baggage) {
- return SECFailure;
- }
- bag = sec_pkcs12_create_external_bag(baggage);
- if(!bag) {
- return SECFailure;
- }
-
- PORT_Memcpy(&asafe->baggage, baggage, sizeof(SEC_PKCS12Baggage));
-
- /* if there are shrouded keys, append them to the bag */
- rv = SECSuccess;
- if(asafe->old_baggage.espvks[0] != NULL) {
- int nEspvk = 0;
- rv = SECSuccess;
- while((asafe->old_baggage.espvks[nEspvk] != NULL) &&
- (rv == SECSuccess)) {
- rv = sec_pkcs12_append_shrouded_key(bag,
- asafe->old_baggage.espvks[nEspvk]);
- nEspvk++;
- }
- }
-
- return rv;
-}
-
-/* decodes the authenticated safe item. a return of NULL indicates
- * an error. however, the error will have occured either in memory
- * allocation or in decoding the authenticated safe.
- *
- * if an old PFX item has been found, we want to convert the
- * old authenticated safe to the new one.
- */
-static SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_decode_authenticated_safe(SEC_PKCS12PFXItem *pfx)
-{
- SECItem *der_asafe = NULL;
- SEC_PKCS12AuthenticatedSafe *asafe = NULL;
- SECStatus rv;
-
- if(pfx == NULL) {
- return NULL;
- }
-
- der_asafe = SEC_PKCS7GetContent(&pfx->authSafe);
- if(der_asafe == NULL) {
- /* XXX set error ? */
- goto loser;
- }
-
- asafe = sec_pkcs12_new_asafe(pfx->poolp);
- if(asafe == NULL) {
- goto loser;
- }
-
- if(pfx->old == PR_FALSE) {
- rv = SEC_ASN1DecodeItem(pfx->poolp, asafe,
- SEC_PKCS12AuthenticatedSafeTemplate,
- der_asafe);
- asafe->old = PR_FALSE;
- asafe->swapUnicode = pfx->swapUnicode;
- } else {
- /* handle beta exported files */
- rv = SEC_ASN1DecodeItem(pfx->poolp, asafe,
- SEC_PKCS12AuthenticatedSafeTemplate_OLD,
- der_asafe);
- asafe->safe = &(asafe->old_safe);
- rv = sec_pkcs12_convert_old_auth_safe(asafe);
- asafe->old = PR_TRUE;
- }
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- asafe->poolp = pfx->poolp;
-
- return asafe;
-
-loser:
- return NULL;
-}
-
-/* validates the safe within the authenticated safe item.
- * in order to be valid:
- * 1. the privacy salt must be present
- * 2. the encryption algorithm must be supported (including
- * export policy)
- * PR_FALSE indicates an error, PR_TRUE indicates a valid safe
- */
-static PRBool
-sec_pkcs12_validate_encrypted_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- PRBool valid = PR_FALSE;
- SECAlgorithmID *algid;
-
- if(asafe == NULL) {
- return PR_FALSE;
- }
-
- /* if mode is password privacy, then privacySalt is assumed
- * to be non-zero.
- */
- if(asafe->privacySalt.len != 0) {
- valid = PR_TRUE;
- asafe->privacySalt.len /= 8;
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return PR_FALSE;
- }
-
- /* until spec changes, content will have between 2 and 8 bytes depending
- * upon the algorithm used if certs are unencrypted...
- * also want to support case where content is empty -- which we produce
- */
- if(SEC_PKCS7IsContentEmpty(asafe->safe, 8) == PR_TRUE) {
- asafe->emptySafe = PR_TRUE;
- return PR_TRUE;
- }
-
- asafe->emptySafe = PR_FALSE;
-
- /* make sure that a pbe algorithm is being used */
- algid = SEC_PKCS7GetEncryptionAlgorithm(asafe->safe);
- if(algid != NULL) {
- if(SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- valid = SEC_PKCS12DecryptionAllowed(algid);
-
- if(valid == PR_FALSE) {
- PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
- }
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
- valid = PR_FALSE;
- }
- } else {
- valid = PR_FALSE;
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
- }
-
- return valid;
-}
-
-/* validates authenticates safe:
- * 1. checks that the version is supported
- * 2. checks that only password privacy mode is used (currently)
- * 3. further, makes sure safe has appropriate policies per above function
- * PR_FALSE indicates failure.
- */
-static PRBool
-sec_pkcs12_validate_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- PRBool valid = PR_TRUE;
- SECOidTag safe_type;
- int version;
-
- if(asafe == NULL) {
- return PR_FALSE;
- }
-
- /* check version, since it is default it may not be present.
- * therefore, assume ok
- */
- if((asafe->version.len > 0) && (asafe->old == PR_FALSE)) {
- version = DER_GetInteger(&asafe->version);
- if(version > SEC_PKCS12_PFX_VERSION) {
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION);
- return PR_FALSE;
- }
- }
-
- /* validate password mode is being used */
- safe_type = SEC_PKCS7ContentType(asafe->safe);
- switch(safe_type)
- {
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- valid = sec_pkcs12_validate_encrypted_safe(asafe);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- default:
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
- valid = PR_FALSE;
- break;
- }
-
- return valid;
-}
-
-/* retrieves the authenticated safe item from the PFX item
- * before returning the authenticated safe, the validity of the
- * authenticated safe is checked and if valid, returned.
- * a return of NULL indicates that an error occured.
- */
-static SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_get_auth_safe(SEC_PKCS12PFXItem *pfx)
-{
- SEC_PKCS12AuthenticatedSafe *asafe;
- PRBool valid_safe;
-
- if(pfx == NULL) {
- return NULL;
- }
-
- asafe = sec_pkcs12_decode_authenticated_safe(pfx);
- if(asafe == NULL) {
- return NULL;
- }
-
- valid_safe = sec_pkcs12_validate_auth_safe(asafe);
- if(valid_safe != PR_TRUE) {
- asafe = NULL;
- } else if(asafe) {
- asafe->baggage.poolp = asafe->poolp;
- }
-
- return asafe;
-}
-
-/* decrypts the authenticated safe.
- * a return of anything but SECSuccess indicates an error. the
- * password is not known to be valid until the call to the
- * function sec_pkcs12_get_safe_contents. If decoding the safe
- * fails, it is assumed the password was incorrect and the error
- * is set then. any failure here is assumed to be due to
- * internal problems in SEC_PKCS7DecryptContents or below.
- */
-static SECStatus
-sec_pkcs12_decrypt_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe,
- SECItem *pwitem,
- void *wincx)
-{
- SECStatus rv = SECFailure;
- SECItem *vpwd = NULL;
-
- if((asafe == NULL) || (pwitem == NULL)) {
- return SECFailure;
- }
-
- if(asafe->old == PR_FALSE) {
- vpwd = sec_pkcs12_create_virtual_password(pwitem, &asafe->privacySalt,
- asafe->swapUnicode);
- if(vpwd == NULL) {
- return SECFailure;
- }
- }
-
- rv = SEC_PKCS7DecryptContents(asafe->poolp, asafe->safe,
- (asafe->old ? pwitem : vpwd), wincx);
-
- if(asafe->old == PR_FALSE) {
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- }
-
- return rv;
-}
-
-/* extract the safe from the authenticated safe.
- * if we are unable to decode the safe, then it is likely that the
- * safe has not been decrypted or the password used to decrypt
- * the safe was invalid. we assume that the password was invalid and
- * set an error accordingly.
- * a return of NULL indicates that an error occurred.
- */
-static SEC_PKCS12SafeContents *
-sec_pkcs12_get_safe_contents(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- SECItem *src = NULL;
- SEC_PKCS12SafeContents *safe = NULL;
- SECStatus rv = SECFailure;
-
- if(asafe == NULL) {
- return NULL;
- }
-
- safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(asafe->poolp,
- sizeof(SEC_PKCS12SafeContents));
- if(safe == NULL) {
- return NULL;
- }
- safe->poolp = asafe->poolp;
- safe->old = asafe->old;
- safe->swapUnicode = asafe->swapUnicode;
-
- src = SEC_PKCS7GetContent(asafe->safe);
- if(src != NULL) {
- const SEC_ASN1Template *theTemplate;
- if(asafe->old != PR_TRUE) {
- theTemplate = SEC_PKCS12SafeContentsTemplate;
- } else {
- theTemplate = SEC_PKCS12SafeContentsTemplate_OLD;
- }
-
- rv = SEC_ASN1DecodeItem(asafe->poolp, safe, theTemplate, src);
-
- /* if we could not decode the item, password was probably invalid */
- if(rv != SECSuccess) {
- safe = NULL;
- PORT_SetError(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT);
- }
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- rv = SECFailure;
- }
-
- return safe;
-}
-
-/* import PFX item
- * der_pfx is the der encoded pfx structure
- * pbef and pbearg are the integrity/encryption password call back
- * ncCall is the nickname collision calllback
- * slot is the destination token
- * wincx window handler
- *
- * on error, error code set and SECFailure returned
- */
-SECStatus
-SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
- SEC_PKCS12NicknameCollisionCallback ncCall,
- PK11SlotInfo *slot,
- void *wincx)
-{
- SEC_PKCS12PFXItem *pfx;
- SEC_PKCS12AuthenticatedSafe *asafe;
- SEC_PKCS12SafeContents *safe_contents = NULL;
- SECStatus rv;
-
- if(!der_pfx || !pwitem || !slot) {
- return SECFailure;
- }
-
- /* decode and validate each section */
- rv = SECFailure;
-
- pfx = sec_pkcs12_get_pfx(der_pfx, pwitem);
- if(pfx != NULL) {
- asafe = sec_pkcs12_get_auth_safe(pfx);
- if(asafe != NULL) {
-
- /* decrypt safe -- only if not empty */
- if(asafe->emptySafe != PR_TRUE) {
- rv = sec_pkcs12_decrypt_auth_safe(asafe, pwitem, wincx);
- if(rv == SECSuccess) {
- safe_contents = sec_pkcs12_get_safe_contents(asafe);
- if(safe_contents == NULL) {
- rv = SECFailure;
- }
- }
- } else {
- safe_contents = sec_pkcs12_create_safe_contents(asafe->poolp);
- safe_contents->swapUnicode = pfx->swapUnicode;
- if(safe_contents == NULL) {
- rv = SECFailure;
- } else {
- rv = SECSuccess;
- }
- }
-
- /* get safe contents and begin import */
- if(rv == SECSuccess) {
- SEC_PKCS12DecoderContext *p12dcx;
-
- p12dcx = sec_PKCS12ConvertOldSafeToNew(pfx->poolp, slot,
- pfx->swapUnicode,
- pwitem, wincx, safe_contents,
- &asafe->baggage);
- if(!p12dcx) {
- rv = SECFailure;
- goto loser;
- }
-
- if(SEC_PKCS12DecoderValidateBags(p12dcx, ncCall)
- != SECSuccess) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SEC_PKCS12DecoderImportBags(p12dcx);
- }
-
- }
- }
-
-loser:
-
- if(pfx) {
- SEC_PKCS12DestroyPFX(pfx);
- }
-
- return rv;
-}
-
-PRBool
-SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength)
-{
- int lengthLength;
-
- PRBool valid = PR_FALSE;
-
- if(buf == NULL) {
- return PR_FALSE;
- }
-
- /* check for constructed sequence identifier tag */
- if(*buf == (SEC_ASN1_CONSTRUCTED | SEC_ASN1_SEQUENCE)) {
- totalLength--; /* header byte taken care of */
- buf++;
-
- lengthLength = (long int)SEC_ASN1LengthLength(totalLength - 1);
- if(totalLength > 0x7f) {
- lengthLength--;
- *buf &= 0x7f; /* remove bit 8 indicator */
- if((*buf - (char)lengthLength) == 0) {
- valid = PR_TRUE;
- }
- } else {
- lengthLength--;
- if((*buf - (char)lengthLength) == 0) {
- valid = PR_TRUE;
- }
- }
- }
-
- return valid;
-}
diff --git a/security/nss/lib/pkcs12/p12e.c b/security/nss/lib/pkcs12/p12e.c
deleted file mode 100644
index 1b86a49ac..000000000
--- a/security/nss/lib/pkcs12/p12e.c
+++ /dev/null
@@ -1,2294 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "p12t.h"
-#include "p12.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12plcy.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "prcpucfg.h"
-
-/*********************************
- * Structures used in exporting the PKCS 12 blob
- *********************************/
-
-/* A SafeInfo is used for each ContentInfo which makes up the
- * sequence of safes in the AuthenticatedSafe portion of the
- * PFX structure.
- */
-struct SEC_PKCS12SafeInfoStr {
- PRArenaPool *arena;
-
- /* information for setting up password encryption */
- SECItem pwitem;
- SECOidTag algorithm;
- PK11SymKey *encryptionKey;
-
- /* how many items have been stored in this safe,
- * we will skip any safe which does not contain any
- * items
- */
- unsigned int itemCount;
-
- /* the content info for the safe */
- SEC_PKCS7ContentInfo *cinfo;
-
- sec_PKCS12SafeContents *safe;
-};
-
-/* An opaque structure which contains information needed for exporting
- * certificates and keys through PKCS 12.
- */
-struct SEC_PKCS12ExportContextStr {
- PRArenaPool *arena;
- PK11SlotInfo *slot;
- void *wincx;
-
- /* integrity information */
- PRBool integrityEnabled;
- PRBool pwdIntegrity;
- union {
- struct sec_PKCS12PasswordModeInfo pwdInfo;
- struct sec_PKCS12PublicKeyModeInfo pubkeyInfo;
- } integrityInfo;
-
- /* helper functions */
- /* retrieve the password call back */
- SECKEYGetPasswordKey pwfn;
- void *pwfnarg;
-
- /* safe contents bags */
- SEC_PKCS12SafeInfo **safeInfos;
- unsigned int safeInfoCount;
-
- /* the sequence of safes */
- sec_PKCS12AuthenticatedSafe authSafe;
-
- /* information needing deletion */
- CERTCertificate **certList;
-};
-
-/* structures for passing information to encoder callbacks when processing
- * data through the ASN1 engine.
- */
-struct sec_pkcs12_encoder_output {
- SEC_PKCS12EncoderOutputCallback outputfn;
- void *outputarg;
-};
-
-struct sec_pkcs12_hmac_and_output_info {
- void *arg;
- struct sec_pkcs12_encoder_output output;
-};
-
-/* An encoder context which is used for the actual encoding
- * portion of PKCS 12.
- */
-typedef struct sec_PKCS12EncoderContextStr {
- PRArenaPool *arena;
- SEC_PKCS12ExportContext *p12exp;
- PK11SymKey *encryptionKey;
-
- /* encoder information - this is set up based on whether
- * password based or public key pased privacy is being used
- */
- SEC_ASN1EncoderContext *ecx;
- union {
- struct sec_pkcs12_hmac_and_output_info hmacAndOutputInfo;
- struct sec_pkcs12_encoder_output encOutput;
- } output;
-
- /* structures for encoding of PFX and MAC */
- sec_PKCS12PFXItem pfx;
- sec_PKCS12MacData mac;
-
- /* authenticated safe encoding tracking information */
- SEC_PKCS7ContentInfo *aSafeCinfo;
- SEC_PKCS7EncoderContext *aSafeP7Ecx;
- SEC_ASN1EncoderContext *aSafeEcx;
- unsigned int currentSafe;
-
- /* hmac context */
- PK11Context *hmacCx;
-} sec_PKCS12EncoderContext;
-
-
-/*********************************
- * Export setup routines
- *********************************/
-
-/* SEC_PKCS12CreateExportContext
- * Creates an export context and sets the unicode and password retrieval
- * callbacks. This is the first call which must be made when exporting
- * a PKCS 12 blob.
- *
- * pwfn, pwfnarg - password retrieval callback and argument. these are
- * required for password-authentication mode.
- */
-SEC_PKCS12ExportContext *
-SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
- PK11SlotInfo *slot, void *wincx)
-{
- PRArenaPool *arena = NULL;
- SEC_PKCS12ExportContext *p12ctxt = NULL;
-
- /* allocate the arena and create the context */
- arena = PORT_NewArena(4096);
- if(!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- p12ctxt = (SEC_PKCS12ExportContext *)PORT_ArenaZAlloc(arena,
- sizeof(SEC_PKCS12ExportContext));
- if(!p12ctxt) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* password callback for key retrieval */
- p12ctxt->pwfn = pwfn;
- p12ctxt->pwfnarg = pwfnarg;
-
- p12ctxt->integrityEnabled = PR_FALSE;
- p12ctxt->arena = arena;
- p12ctxt->wincx = wincx;
- p12ctxt->slot = (slot) ? PK11_ReferenceSlot(slot) : PK11_GetInternalSlot();
-
- return p12ctxt;
-
-loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- return NULL;
-}
-
-/*
- * Adding integrity mode
- */
-
-/* SEC_PKCS12AddPasswordIntegrity
- * Add password integrity to the exported data. If an integrity method
- * has already been set, then return an error.
- *
- * p12ctxt - the export context
- * pwitem - the password for integrity mode
- * integAlg - the integrity algorithm to use for authentication.
- */
-SECStatus
-SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag integAlg)
-{
- if(!p12ctxt || p12ctxt->integrityEnabled) {
- return SECFailure;
- }
-
- /* set up integrity information */
- p12ctxt->pwdIntegrity = PR_TRUE;
- p12ctxt->integrityInfo.pwdInfo.password =
- (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
- if(!p12ctxt->integrityInfo.pwdInfo.password) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- if(SECITEM_CopyItem(p12ctxt->arena,
- p12ctxt->integrityInfo.pwdInfo.password, pwitem)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- p12ctxt->integrityInfo.pwdInfo.algorithm = integAlg;
- p12ctxt->integrityEnabled = PR_TRUE;
-
- return SECSuccess;
-}
-
-/* SEC_PKCS12AddPublicKeyIntegrity
- * Add public key integrity to the exported data. If an integrity method
- * has already been set, then return an error. The certificate must be
- * allowed to be used as a signing cert.
- *
- * p12ctxt - the export context
- * cert - signer certificate
- * certDb - the certificate database
- * algorithm - signing algorithm
- * keySize - size of the signing key (?)
- */
-SECStatus
-SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- SECOidTag algorithm, int keySize)
-{
- if(!p12ctxt) {
- return SECFailure;
- }
-
- p12ctxt->integrityInfo.pubkeyInfo.cert = cert;
- p12ctxt->integrityInfo.pubkeyInfo.certDb = certDb;
- p12ctxt->integrityInfo.pubkeyInfo.algorithm = algorithm;
- p12ctxt->integrityInfo.pubkeyInfo.keySize = keySize;
- p12ctxt->integrityEnabled = PR_TRUE;
-
- return SECSuccess;
-}
-
-
-/*
- * Adding safes - encrypted (password/public key) or unencrypted
- * Each of the safe creation routines return an opaque pointer which
- * are later passed into the routines for exporting certificates and
- * keys.
- */
-
-/* append the newly created safeInfo to list of safeInfos in the export
- * context.
- */
-static SECStatus
-sec_pkcs12_append_safe_info(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *info)
-{
- void *mark = NULL, *dummy1 = NULL, *dummy2 = NULL;
-
- if(!p12ctxt || !info) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* if no safeInfos have been set, create the list, otherwise expand it. */
- if(!p12ctxt->safeInfoCount) {
- p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)PORT_ArenaZAlloc(p12ctxt->arena,
- 2 * sizeof(SEC_PKCS12SafeInfo *));
- dummy1 = p12ctxt->safeInfos;
- p12ctxt->authSafe.encodedSafes = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
- 2 * sizeof(SECItem *));
- dummy2 = p12ctxt->authSafe.encodedSafes;
- } else {
- dummy1 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->safeInfos,
- (p12ctxt->safeInfoCount + 1) * sizeof(SEC_PKCS12SafeInfo *),
- (p12ctxt->safeInfoCount + 2) * sizeof(SEC_PKCS12SafeInfo *));
- p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)dummy1;
- dummy2 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->authSafe.encodedSafes,
- (p12ctxt->authSafe.safeCount + 1) * sizeof(SECItem *),
- (p12ctxt->authSafe.safeCount + 2) * sizeof(SECItem *));
- p12ctxt->authSafe.encodedSafes = (SECItem**)dummy2;
- }
- if(!dummy1 || !dummy2) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* append the new safeInfo and null terminate the list */
- p12ctxt->safeInfos[p12ctxt->safeInfoCount] = info;
- p12ctxt->safeInfos[++p12ctxt->safeInfoCount] = NULL;
- p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount] =
- (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
- if(!p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount]) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- p12ctxt->authSafe.encodedSafes[++p12ctxt->authSafe.safeCount] = NULL;
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return SECFailure;
-}
-
-/* SEC_PKCS12CreatePasswordPrivSafe
- * Create a password privacy safe to store exported information in.
- *
- * p12ctxt - export context
- * pwitem - password for encryption
- * privAlg - pbe algorithm through which encryption is done.
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag privAlg)
-{
- SEC_PKCS12SafeInfo *safeInfo = NULL;
- void *mark = NULL;
- PK11SlotInfo *slot = NULL;
- SECAlgorithmID *algId;
- SECItem uniPwitem = {siBuffer, NULL, 0};
-
- if(!p12ctxt) {
- return NULL;
- }
-
- /* allocate the safe info */
- mark = PORT_ArenaMark(p12ctxt->arena);
- safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SEC_PKCS12SafeInfo));
- if(!safeInfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
- }
-
- safeInfo->itemCount = 0;
-
- /* create the encrypted safe */
- safeInfo->cinfo = SEC_PKCS7CreateEncryptedData(privAlg, 0, p12ctxt->pwfn,
- p12ctxt->pwfnarg);
- if(!safeInfo->cinfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- safeInfo->arena = p12ctxt->arena;
-
- /* convert the password to unicode */
- if(!sec_pkcs12_convert_item_to_unicode(NULL, &uniPwitem, pwitem,
- PR_TRUE, PR_TRUE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(SECITEM_CopyItem(p12ctxt->arena, &safeInfo->pwitem, &uniPwitem) != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* generate the encryption key */
- slot = PK11_ReferenceSlot(p12ctxt->slot);
- if(!slot) {
- slot = PK11_GetInternalKeySlot();
- if(!slot) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- }
-
- algId = SEC_PKCS7GetEncryptionAlgorithm(safeInfo->cinfo);
- safeInfo->encryptionKey = PK11_PBEKeyGen(slot, algId, &uniPwitem,
- PR_FALSE, p12ctxt->wincx);
- if(!safeInfo->encryptionKey) {
- goto loser;
- }
-
- safeInfo->arena = p12ctxt->arena;
- safeInfo->safe = NULL;
- if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
- goto loser;
- }
-
- if(uniPwitem.data) {
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- }
- PORT_ArenaUnmark(p12ctxt->arena, mark);
-
- if (slot) {
- PK11_FreeSlot(slot);
- }
- return safeInfo;
-
-loser:
- if (slot) {
- PK11_FreeSlot(slot);
- }
- if(safeInfo->cinfo) {
- SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
- }
-
- if(uniPwitem.data) {
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- }
-
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/* SEC_PKCS12CreateUnencryptedSafe
- * Creates an unencrypted safe within the export context.
- *
- * p12ctxt - the export context
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt)
-{
- SEC_PKCS12SafeInfo *safeInfo = NULL;
- void *mark = NULL;
-
- if(!p12ctxt) {
- return NULL;
- }
-
- /* create the safe info */
- mark = PORT_ArenaMark(p12ctxt->arena);
- safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SEC_PKCS12SafeInfo));
- if(!safeInfo) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- safeInfo->itemCount = 0;
-
- /* create the safe content */
- safeInfo->cinfo = SEC_PKCS7CreateData();
- if(!safeInfo->cinfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return safeInfo;
-
-loser:
- if(safeInfo->cinfo) {
- SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
- }
-
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/* SEC_PKCS12CreatePubKeyEncryptedSafe
- * Creates a safe which is protected by public key encryption.
- *
- * p12ctxt - the export context
- * certDb - the certificate database
- * signer - the signer's certificate
- * recipients - the list of recipient certificates.
- * algorithm - the encryption algorithm to use
- * keysize - the algorithms key size (?)
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertDBHandle *certDb,
- CERTCertificate *signer,
- CERTCertificate **recipients,
- SECOidTag algorithm, int keysize)
-{
- SEC_PKCS12SafeInfo *safeInfo = NULL;
- void *mark = NULL;
-
- if(!p12ctxt || !signer || !recipients || !(*recipients)) {
- return NULL;
- }
-
- /* allocate the safeInfo */
- mark = PORT_ArenaMark(p12ctxt->arena);
- safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SEC_PKCS12SafeInfo));
- if(!safeInfo) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- safeInfo->itemCount = 0;
- safeInfo->arena = p12ctxt->arena;
-
- /* create the enveloped content info using certUsageEmailSigner currently.
- * XXX We need to eventually use something other than certUsageEmailSigner
- */
- safeInfo->cinfo = SEC_PKCS7CreateEnvelopedData(signer, certUsageEmailSigner,
- certDb, algorithm, keysize,
- p12ctxt->pwfn, p12ctxt->pwfnarg);
- if(!safeInfo->cinfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* add recipients */
- if(recipients) {
- unsigned int i = 0;
- while(recipients[i] != NULL) {
- SECStatus rv = SEC_PKCS7AddRecipient(safeInfo->cinfo, recipients[i],
- certUsageEmailRecipient, certDb);
- if(rv != SECSuccess) {
- goto loser;
- }
- i++;
- }
- }
-
- if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return safeInfo;
-
-loser:
- if(safeInfo->cinfo) {
- SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
- safeInfo->cinfo = NULL;
- }
-
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/*********************************
- * Routines to handle the exporting of the keys and certificates
- *********************************/
-
-/* creates a safe contents which safeBags will be appended to */
-sec_PKCS12SafeContents *
-sec_PKCS12CreateSafeContents(PRArenaPool *arena)
-{
- sec_PKCS12SafeContents *safeContents;
-
- if(arena == NULL) {
- return NULL;
- }
-
- /* create the safe contents */
- safeContents = (sec_PKCS12SafeContents *)PORT_ArenaZAlloc(arena,
- sizeof(sec_PKCS12SafeContents));
- if(!safeContents) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* set up the internal contents info */
- safeContents->safeBags = NULL;
- safeContents->arena = arena;
- safeContents->bagCount = 0;
-
- return safeContents;
-
-loser:
- return NULL;
-}
-
-/* appends a safe bag to a safeContents using the specified arena.
- */
-SECStatus
-sec_pkcs12_append_bag_to_safe_contents(PRArenaPool *arena,
- sec_PKCS12SafeContents *safeContents,
- sec_PKCS12SafeBag *safeBag)
-{
- void *mark = NULL, *dummy = NULL;
-
- if(!arena || !safeBag || !safeContents) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(arena);
- if(!mark) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* allocate space for the list, or reallocate to increase space */
- if(!safeContents->safeBags) {
- safeContents->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(arena,
- (2 * sizeof(sec_PKCS12SafeBag *)));
- dummy = safeContents->safeBags;
- safeContents->bagCount = 0;
- } else {
- dummy = PORT_ArenaGrow(arena, safeContents->safeBags,
- (safeContents->bagCount + 1) * sizeof(sec_PKCS12SafeBag *),
- (safeContents->bagCount + 2) * sizeof(sec_PKCS12SafeBag *));
- safeContents->safeBags = (sec_PKCS12SafeBag **)dummy;
- }
-
- if(!dummy) {
- PORT_ArenaRelease(arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* append the bag at the end and null terminate the list */
- safeContents->safeBags[safeContents->bagCount++] = safeBag;
- safeContents->safeBags[safeContents->bagCount] = NULL;
-
- PORT_ArenaUnmark(arena, mark);
-
- return SECSuccess;
-}
-
-/* appends a safeBag to a specific safeInfo.
- */
-SECStatus
-sec_pkcs12_append_bag(SEC_PKCS12ExportContext *p12ctxt,
- SEC_PKCS12SafeInfo *safeInfo, sec_PKCS12SafeBag *safeBag)
-{
- sec_PKCS12SafeContents *dest;
- SECStatus rv = SECFailure;
-
- if(!p12ctxt || !safeBag || !safeInfo) {
- return SECFailure;
- }
-
- if(!safeInfo->safe) {
- safeInfo->safe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
- if(!safeInfo->safe) {
- return SECFailure;
- }
- }
-
- dest = safeInfo->safe;
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, dest, safeBag);
- if(rv == SECSuccess) {
- safeInfo->itemCount++;
- }
-
- return rv;
-}
-
-/* Creates a safeBag of the specified type, and if bagData is specified,
- * the contents are set. The contents could be set later by the calling
- * routine.
- */
-sec_PKCS12SafeBag *
-sec_PKCS12CreateSafeBag(SEC_PKCS12ExportContext *p12ctxt, SECOidTag bagType,
- void *bagData)
-{
- sec_PKCS12SafeBag *safeBag;
- PRBool setName = PR_TRUE;
- void *mark = NULL;
- SECStatus rv = SECSuccess;
- SECOidData *oidData = NULL;
-
- if(!p12ctxt) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
- if(!mark) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- safeBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(sec_PKCS12SafeBag));
- if(!safeBag) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* set the bags content based upon bag type */
- switch(bagType) {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- safeBag->safeBagContent.pkcs8KeyBag =
- (SECKEYPrivateKeyInfo *)bagData;
- break;
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- safeBag->safeBagContent.certBag = (sec_PKCS12CertBag *)bagData;
- break;
- case SEC_OID_PKCS12_V1_CRL_BAG_ID:
- safeBag->safeBagContent.crlBag = (sec_PKCS12CRLBag *)bagData;
- break;
- case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
- safeBag->safeBagContent.secretBag = (sec_PKCS12SecretBag *)bagData;
- break;
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- safeBag->safeBagContent.pkcs8ShroudedKeyBag =
- (SECKEYEncryptedPrivateKeyInfo *)bagData;
- break;
- case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
- safeBag->safeBagContent.safeContents =
- (sec_PKCS12SafeContents *)bagData;
- setName = PR_FALSE;
- break;
- default:
- goto loser;
- }
-
- oidData = SECOID_FindOIDByTag(bagType);
- if(oidData) {
- rv = SECITEM_CopyItem(p12ctxt->arena, &safeBag->safeBagType, &oidData->oid);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- } else {
- goto loser;
- }
-
- safeBag->arena = p12ctxt->arena;
- PORT_ArenaUnmark(p12ctxt->arena, mark);
-
- return safeBag;
-
-loser:
- if(mark) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- }
-
- return NULL;
-}
-
-/* Creates a new certificate bag and returns a pointer to it. If an error
- * occurs NULL is returned.
- */
-sec_PKCS12CertBag *
-sec_PKCS12NewCertBag(PRArenaPool *arena, SECOidTag certType)
-{
- sec_PKCS12CertBag *certBag = NULL;
- SECOidData *bagType = NULL;
- SECStatus rv;
- void *mark = NULL;
-
- if(!arena) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(arena);
- certBag = (sec_PKCS12CertBag *)PORT_ArenaZAlloc(arena,
- sizeof(sec_PKCS12CertBag));
- if(!certBag) {
- PORT_ArenaRelease(arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- bagType = SECOID_FindOIDByTag(certType);
- if(!bagType) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &certBag->bagID, &bagType->oid);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return certBag;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-/* Creates a new CRL bag and returns a pointer to it. If an error
- * occurs NULL is returned.
- */
-sec_PKCS12CRLBag *
-sec_PKCS12NewCRLBag(PRArenaPool *arena, SECOidTag crlType)
-{
- sec_PKCS12CRLBag *crlBag = NULL;
- SECOidData *bagType = NULL;
- SECStatus rv;
- void *mark = NULL;
-
- if(!arena) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(arena);
- crlBag = (sec_PKCS12CRLBag *)PORT_ArenaZAlloc(arena,
- sizeof(sec_PKCS12CRLBag));
- if(!crlBag) {
- PORT_ArenaRelease(arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- bagType = SECOID_FindOIDByTag(crlType);
- if(!bagType) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &crlBag->bagID, &bagType->oid);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return crlBag;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-/* sec_PKCS12AddAttributeToBag
- * adds an attribute to a safeBag. currently, the only attributes supported
- * are those which are specified within PKCS 12.
- *
- * p12ctxt - the export context
- * safeBag - the safeBag to which attributes are appended
- * attrType - the attribute type
- * attrData - the attribute data
- */
-SECStatus
-sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt,
- sec_PKCS12SafeBag *safeBag, SECOidTag attrType,
- SECItem *attrData)
-{
- sec_PKCS12Attribute *attribute;
- void *mark = NULL, *dummy = NULL;
- SECOidData *oiddata = NULL;
- SECItem unicodeName = { siBuffer, NULL, 0};
- void *src = NULL;
- unsigned int nItems = 0;
- SECStatus rv;
-
- if(!safeBag || !p12ctxt) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(safeBag->arena);
-
- /* allocate the attribute */
- attribute = (sec_PKCS12Attribute *)PORT_ArenaZAlloc(safeBag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!attribute) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* set up the attribute */
- oiddata = SECOID_FindOIDByTag(attrType);
- if(!oiddata) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(SECITEM_CopyItem(p12ctxt->arena, &attribute->attrType, &oiddata->oid) !=
- SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- nItems = 1;
- switch(attrType) {
- case SEC_OID_PKCS9_LOCAL_KEY_ID:
- {
- src = attrData;
- break;
- }
- case SEC_OID_PKCS9_FRIENDLY_NAME:
- {
- if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena,
- &unicodeName, attrData, PR_FALSE,
- PR_FALSE, PR_TRUE)) {
- goto loser;
- }
- src = &unicodeName;
- break;
- }
- default:
- goto loser;
- }
-
- /* append the attribute to the attribute value list */
- attribute->attrValue = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
- ((nItems + 1) * sizeof(SECItem *)));
- if(!attribute->attrValue) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* XXX this will need to be changed if attributes requiring more than
- * one element are ever used.
- */
- attribute->attrValue[0] = (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SECItem));
- if(!attribute->attrValue[0]) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- attribute->attrValue[1] = NULL;
-
- rv = SECITEM_CopyItem(p12ctxt->arena, attribute->attrValue[0],
- (SECItem*)src);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* append the attribute to the safeBag attributes */
- if(safeBag->nAttribs) {
- dummy = PORT_ArenaGrow(p12ctxt->arena, safeBag->attribs,
- ((safeBag->nAttribs + 1) * sizeof(sec_PKCS12Attribute *)),
- ((safeBag->nAttribs + 2) * sizeof(sec_PKCS12Attribute *)));
- safeBag->attribs = (sec_PKCS12Attribute **)dummy;
- } else {
- safeBag->attribs = (sec_PKCS12Attribute **)PORT_ArenaZAlloc(p12ctxt->arena,
- 2 * sizeof(sec_PKCS12Attribute *));
- dummy = safeBag->attribs;
- }
- if(!dummy) {
- goto loser;
- }
-
- safeBag->attribs[safeBag->nAttribs] = attribute;
- safeBag->attribs[++safeBag->nAttribs] = NULL;
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- if(mark) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- }
-
- return SECFailure;
-}
-
-/* SEC_PKCS12AddCert
- * Adds a certificate to the data being exported.
- *
- * p12ctxt - the export context
- * safe - the safeInfo to which the certificate is placed
- * nestedDest - if the cert is to be placed within a nested safeContents then,
- * this value is to be specified with the destination
- * cert - the cert to export
- * certDb - the certificate database handle
- * keyId - a unique identifier to associate a certificate/key pair
- * includeCertChain - PR_TRUE if the certificate chain is to be included.
- */
-SECStatus
-SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
- void *nestedDest, CERTCertificate *cert,
- CERTCertDBHandle *certDb, SECItem *keyId,
- PRBool includeCertChain)
-{
- sec_PKCS12CertBag *certBag;
- sec_PKCS12SafeBag *safeBag;
- void *mark;
- SECStatus rv;
- SECItem nick = {siBuffer, NULL,0};
-
- if(!p12ctxt || !cert) {
- return SECFailure;
- }
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* allocate the cert bag */
- certBag = sec_PKCS12NewCertBag(p12ctxt->arena,
- SEC_OID_PKCS9_X509_CERT);
- if(!certBag) {
- goto loser;
- }
-
- if(SECITEM_CopyItem(p12ctxt->arena, &certBag->value.x509Cert,
- &cert->derCert) != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* if the cert chain is to be included, we should only be exporting
- * the cert from our internal database.
- */
- if(includeCertChain) {
- CERTCertificateList *certList = CERT_CertChainFromCert(cert,
- certUsageSSLClient,
- PR_TRUE);
- unsigned int count = 0;
- if(!certList) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* add cert chain */
- for(count = 0; count < (unsigned int)certList->len; count++) {
- if(SECITEM_CompareItem(&certList->certs[count], &cert->derCert)
- != SECEqual) {
- CERTCertificate *tempCert;
-
- /* decode the certificate */
- /* XXX
- * This was rather silly. The chain is constructed above
- * by finding all of the CERTCertificate's in the database.
- * Then the chain is put into a CERTCertificateList, which only
- * contains the DER. Finally, the DER was decoded, and the
- * decoded cert was sent recursively back to this function.
- * Beyond being inefficent, this causes data loss (specifically,
- * the nickname). Instead, for 3.4, we'll do a lookup by the
- * DER, which should return the cached entry.
- */
- tempCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),
- &certList->certs[count]);
- if(!tempCert) {
- CERT_DestroyCertificateList(certList);
- goto loser;
- }
-
- /* add the certificate */
- if(SEC_PKCS12AddCert(p12ctxt, safe, nestedDest, tempCert,
- certDb, NULL, PR_FALSE) != SECSuccess) {
- CERT_DestroyCertificate(tempCert);
- CERT_DestroyCertificateList(certList);
- goto loser;
- }
- CERT_DestroyCertificate(tempCert);
- }
- }
- CERT_DestroyCertificateList(certList);
- }
-
- /* if the certificate has a nickname, we will set the friendly name
- * to that.
- */
- if(cert->nickname) {
- if (cert->slot && !PK11_IsInternal(cert->slot)) {
- /*
- * The cert is coming off of an external token,
- * let's strip the token name from the nickname
- * and only add what comes after the colon as the
- * nickname. -javi
- */
- char *delimit;
-
- delimit = PORT_Strchr(cert->nickname,':');
- if (delimit == NULL) {
- nick.data = (unsigned char *)cert->nickname;
- nick.len = PORT_Strlen(cert->nickname);
- } else {
- delimit++;
- nick.data = (unsigned char *)PORT_ArenaStrdup(p12ctxt->arena,
- delimit);
- nick.len = PORT_Strlen(delimit);
- }
- } else {
- nick.data = (unsigned char *)cert->nickname;
- nick.len = PORT_Strlen(cert->nickname);
- }
- }
-
- safeBag = sec_PKCS12CreateSafeBag(p12ctxt, SEC_OID_PKCS12_V1_CERT_BAG_ID,
- certBag);
- if(!safeBag) {
- goto loser;
- }
-
- /* add the friendly name and keyId attributes, if necessary */
- if(nick.data) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag,
- SEC_OID_PKCS9_FRIENDLY_NAME, &nick)
- != SECSuccess) {
- goto loser;
- }
- }
-
- if(keyId) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- goto loser;
- }
- }
-
- /* append the cert safeBag */
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- safeBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, safe, safeBag);
- }
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- if(mark) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- }
-
- return SECFailure;
-}
-
-/* SEC_PKCS12AddEncryptedKey
- * Extracts the key associated with a particular certificate and exports
- * it.
- *
- * p12ctxt - the export context
- * safe - the safeInfo to place the key in
- * nestedDest - the nested safeContents to place a key
- * cert - the certificate which the key belongs to
- * shroudKey - encrypt the private key for export. This value should
- * always be true. lower level code will not allow the export
- * of unencrypted private keys.
- * algorithm - the algorithm with which to encrypt the private key
- * pwitem - the password to encrypted the private key with
- * keyId - the keyID attribute
- * nickName - the nickname attribute
- */
-static SECStatus
-SEC_PKCS12AddEncryptedKey(SEC_PKCS12ExportContext *p12ctxt,
- SECKEYEncryptedPrivateKeyInfo *epki, SEC_PKCS12SafeInfo *safe,
- void *nestedDest, SECItem *keyId, SECItem *nickName)
-{
- void *mark;
- void *keyItem;
- SECOidTag keyType;
- SECStatus rv = SECFailure;
- sec_PKCS12SafeBag *returnBag;
-
- if(!p12ctxt || !safe || !epki) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- keyItem = PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if(!keyItem) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena,
- (SECKEYEncryptedPrivateKeyInfo *)keyItem,
- epki);
- keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* create the safe bag and set any attributes */
- returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
- if(!returnBag) {
- rv = SECFailure;
- goto loser;
- }
-
- if(nickName) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag,
- SEC_OID_PKCS9_FRIENDLY_NAME, nickName)
- != SECSuccess) {
- goto loser;
- }
- }
-
- if(keyId) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- goto loser;
- }
- }
-
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- returnBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
- }
-
-loser:
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- } else {
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- }
-
- return rv;
-}
-
-/* SEC_PKCS12AddKeyForCert
- * Extracts the key associated with a particular certificate and exports
- * it.
- *
- * p12ctxt - the export context
- * safe - the safeInfo to place the key in
- * nestedDest - the nested safeContents to place a key
- * cert - the certificate which the key belongs to
- * shroudKey - encrypt the private key for export. This value should
- * always be true. lower level code will not allow the export
- * of unencrypted private keys.
- * algorithm - the algorithm with which to encrypt the private key
- * pwitem - the password to encrypt the private key with
- * keyId - the keyID attribute
- * nickName - the nickname attribute
- */
-SECStatus
-SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
- void *nestedDest, CERTCertificate *cert,
- PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
- SECItem *keyId, SECItem *nickName)
-{
- void *mark;
- void *keyItem;
- SECOidTag keyType;
- SECStatus rv = SECFailure;
- SECItem nickname = {siBuffer,NULL,0}, uniPwitem = {siBuffer, NULL, 0};
- sec_PKCS12SafeBag *returnBag;
-
- if(!p12ctxt || !cert || !safe) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* retrieve the key based upon the type that it is and
- * specify the type of safeBag to store the key in
- */
- if(!shroudKey) {
-
- /* extract the key unencrypted. this will most likely go away */
- SECKEYPrivateKeyInfo *pki = PK11_ExportPrivateKeyInfo(cert,
- p12ctxt->wincx);
- if(!pki) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- return SECFailure;
- }
- keyItem = PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECKEYPrivateKeyInfo));
- if(!keyItem) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- rv = SECKEY_CopyPrivateKeyInfo(p12ctxt->arena,
- (SECKEYPrivateKeyInfo *)keyItem, pki);
- keyType = SEC_OID_PKCS12_V1_KEY_BAG_ID;
- SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
- } else {
-
- /* extract the key encrypted */
- SECKEYEncryptedPrivateKeyInfo *epki = NULL;
- PK11SlotInfo *slot = NULL;
-
- if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena, &uniPwitem,
- pwitem, PR_TRUE, PR_TRUE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* we want to make sure to take the key out of the key slot */
- if(PK11_IsInternal(p12ctxt->slot)) {
- slot = PK11_GetInternalKeySlot();
- } else {
- slot = PK11_ReferenceSlot(p12ctxt->slot);
- }
-
- epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm,
- &uniPwitem, cert, 1,
- p12ctxt->wincx);
- PK11_FreeSlot(slot);
-
- keyItem = PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if(!keyItem) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(!epki) {
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- return SECFailure;
- }
- rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena,
- (SECKEYEncryptedPrivateKeyInfo *)keyItem,
- epki);
- keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
- SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
- }
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* if no nickname specified, let's see if the certificate has a
- * nickname.
- */
- if(!nickName) {
- if(cert->nickname) {
- nickname.data = (unsigned char *)cert->nickname;
- nickname.len = PORT_Strlen(cert->nickname);
- nickName = &nickname;
- }
- }
-
- /* create the safe bag and set any attributes */
- returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
- if(!returnBag) {
- rv = SECFailure;
- goto loser;
- }
-
- if(nickName) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag,
- SEC_OID_PKCS9_FRIENDLY_NAME, nickName)
- != SECSuccess) {
- goto loser;
- }
- }
-
- if(keyId) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- goto loser;
- }
- }
-
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- returnBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
- }
-
-loser:
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- } else {
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- }
-
- return rv;
-}
-
-/* SEC_PKCS12AddCertAndEncryptedKey
- * Add a certificate and key pair to be exported.
- *
- * p12ctxt - the export context
- * certSafe - the safeInfo where the cert is stored
- * certNestedDest - the nested safeContents to store the cert
- * keySafe - the safeInfo where the key is stored
- * keyNestedDest - the nested safeContents to store the key
- * shroudKey - extract the private key encrypted?
- * pwitem - the password with which the key is encrypted
- * algorithm - the algorithm with which the key is encrypted
- */
-SECStatus
-SEC_PKCS12AddDERCertAndEncryptedKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest,
- SECItem *derCert, void *keySafe,
- void *keyNestedDest, SECKEYEncryptedPrivateKeyInfo *epki,
- char *nickname)
-{
- SECStatus rv = SECFailure;
- SGNDigestInfo *digest = NULL;
- void *mark = NULL;
- CERTCertificate *cert;
- SECItem nick = {siBuffer, NULL,0}, *nickPtr = NULL;
-
- if(!p12ctxt || !certSafe || !keySafe || !derCert) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- derCert, NULL, PR_FALSE, PR_FALSE);
- if(!cert) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- cert->nickname = nickname;
-
- /* generate the thumbprint of the cert to use as a keyId */
- digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
- if(!digest) {
- CERT_DestroyCertificate(cert);
- return SECFailure;
- }
-
- /* add the certificate */
- rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe,
- certNestedDest, cert, NULL,
- &digest->digest, PR_FALSE);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- if(nickname) {
- nick.data = (unsigned char *)nickname;
- nick.len = PORT_Strlen(nickname);
- nickPtr = &nick;
- } else {
- nickPtr = NULL;
- }
-
- /* add the key */
- rv = SEC_PKCS12AddEncryptedKey(p12ctxt, epki, (SEC_PKCS12SafeInfo*)keySafe,
- keyNestedDest, &digest->digest, nickPtr );
- if(rv != SECSuccess) {
- goto loser;
- }
-
- SGN_DestroyDigestInfo(digest);
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- SGN_DestroyDigestInfo(digest);
- CERT_DestroyCertificate(cert);
- PORT_ArenaRelease(p12ctxt->arena, mark);
-
- return SECFailure;
-}
-
-/* SEC_PKCS12AddCertAndKey
- * Add a certificate and key pair to be exported.
- *
- * p12ctxt - the export context
- * certSafe - the safeInfo where the cert is stored
- * certNestedDest - the nested safeContents to store the cert
- * keySafe - the safeInfo where the key is stored
- * keyNestedDest - the nested safeContents to store the key
- * shroudKey - extract the private key encrypted?
- * pwitem - the password with which the key is encrypted
- * algorithm - the algorithm with which the key is encrypted
- */
-SECStatus
-SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- void *keySafe, void *keyNestedDest,
- PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm)
-{
- SECStatus rv = SECFailure;
- SGNDigestInfo *digest = NULL;
- void *mark = NULL;
-
- if(!p12ctxt || !certSafe || !keySafe || !cert) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* generate the thumbprint of the cert to use as a keyId */
- digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
- if(!digest) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return SECFailure;
- }
-
- /* add the certificate */
- rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe,
- (SEC_PKCS12SafeInfo*)certNestedDest, cert, certDb,
- &digest->digest, PR_TRUE);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* add the key */
- rv = SEC_PKCS12AddKeyForCert(p12ctxt, (SEC_PKCS12SafeInfo*)keySafe,
- keyNestedDest, cert,
- shroudKey, algorithm, pwitem,
- &digest->digest, NULL );
- if(rv != SECSuccess) {
- goto loser;
- }
-
- SGN_DestroyDigestInfo(digest);
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- SGN_DestroyDigestInfo(digest);
- PORT_ArenaRelease(p12ctxt->arena, mark);
-
- return SECFailure;
-}
-
-/* SEC_PKCS12CreateNestedSafeContents
- * Allows nesting of safe contents to be implemented. No limit imposed on
- * depth.
- *
- * p12ctxt - the export context
- * baseSafe - the base safeInfo
- * nestedDest - a parent safeContents (?)
- */
-void *
-SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
- void *baseSafe, void *nestedDest)
-{
- sec_PKCS12SafeContents *newSafe;
- sec_PKCS12SafeBag *safeContentsBag;
- void *mark;
- SECStatus rv;
-
- if(!p12ctxt || !baseSafe) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- newSafe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
- if(!newSafe) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* create the safeContents safeBag */
- safeContentsBag = sec_PKCS12CreateSafeBag(p12ctxt,
- SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
- newSafe);
- if(!safeContentsBag) {
- goto loser;
- }
-
- /* append the safeContents to the appropriate area */
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- safeContentsBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, (SEC_PKCS12SafeInfo*)baseSafe,
- safeContentsBag);
- }
- if(rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return newSafe;
-
-loser:
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/*********************************
- * Encoding routines
- *********************************/
-
-/* set up the encoder context based on information in the export context
- * and return the newly allocated enocoder context. A return of NULL
- * indicates an error occurred.
- */
-sec_PKCS12EncoderContext *
-sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp)
-{
- sec_PKCS12EncoderContext *p12enc = NULL;
- unsigned int i, nonEmptyCnt;
- SECStatus rv;
- SECItem ignore = {0};
- void *mark;
-
- if(!p12exp || !p12exp->safeInfos) {
- return NULL;
- }
-
- /* check for any empty safes and skip them */
- i = nonEmptyCnt = 0;
- while(p12exp->safeInfos[i]) {
- if(p12exp->safeInfos[i]->itemCount) {
- nonEmptyCnt++;
- }
- i++;
- }
- if(nonEmptyCnt == 0) {
- return NULL;
- }
- p12exp->authSafe.encodedSafes[nonEmptyCnt] = NULL;
-
- /* allocate the encoder context */
- mark = PORT_ArenaMark(p12exp->arena);
- p12enc = (sec_PKCS12EncoderContext*)PORT_ArenaZAlloc(p12exp->arena,
- sizeof(sec_PKCS12EncoderContext));
- if(!p12enc) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- p12enc->arena = p12exp->arena;
- p12enc->p12exp = p12exp;
-
- /* set up the PFX version and information */
- PORT_Memset(&p12enc->pfx, 0, sizeof(sec_PKCS12PFXItem));
- if(!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->pfx.version),
- SEC_PKCS12_VERSION) ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* set up the authenticated safe content info based on the
- * type of integrity being used. this should be changed to
- * enforce integrity mode, but will not be implemented until
- * it is confirmed that integrity must be in place
- */
- if(p12exp->integrityEnabled && !p12exp->pwdIntegrity) {
- SECStatus rv;
-
- /* create public key integrity mode */
- p12enc->aSafeCinfo = SEC_PKCS7CreateSignedData(
- p12exp->integrityInfo.pubkeyInfo.cert,
- certUsageEmailSigner,
- p12exp->integrityInfo.pubkeyInfo.certDb,
- p12exp->integrityInfo.pubkeyInfo.algorithm,
- NULL,
- p12exp->pwfn,
- p12exp->pwfnarg);
- if(!p12enc->aSafeCinfo) {
- goto loser;
- }
- if(SEC_PKCS7IncludeCertChain(p12enc->aSafeCinfo,NULL) != SECSuccess) {
- goto loser;
- }
- rv = SEC_PKCS7AddSigningTime(p12enc->aSafeCinfo);
- PORT_Assert(rv == SECSuccess);
- } else {
- p12enc->aSafeCinfo = SEC_PKCS7CreateData();
-
- /* init password pased integrity mode */
- if(p12exp->integrityEnabled) {
- SECItem pwd = {siBuffer,NULL, 0};
- SECItem *salt = sec_pkcs12_generate_salt();
- PK11SymKey *symKey;
- SECItem *params;
- CK_MECHANISM_TYPE integrityMech;
-
- /* zero out macData and set values */
- PORT_Memset(&p12enc->mac, 0, sizeof(sec_PKCS12MacData));
-
- if(!salt) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(SECITEM_CopyItem(p12exp->arena, &(p12enc->mac.macSalt), salt)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* generate HMAC key */
- if(!sec_pkcs12_convert_item_to_unicode(NULL, &pwd,
- p12exp->integrityInfo.pwdInfo.password, PR_TRUE,
- PR_TRUE, PR_TRUE)) {
- goto loser;
- }
-
- params = PK11_CreatePBEParams(salt, &pwd, 1);
- SECITEM_ZfreeItem(salt, PR_TRUE);
- SECITEM_ZfreeItem(&pwd, PR_FALSE);
-
- switch (p12exp->integrityInfo.pwdInfo.algorithm) {
- case SEC_OID_SHA1:
- integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN; break;
- case SEC_OID_MD5:
- integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN; break;
- case SEC_OID_MD2:
- integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break;
- default:
- goto loser;
- }
-
- symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
- PK11_DestroyPBEParams(params);
- if(!symKey) {
- goto loser;
- }
-
- /* initialize hmac */
- p12enc->hmacCx = PK11_CreateContextBySymKey(
- sec_pkcs12_algtag_to_mech(p12exp->integrityInfo.pwdInfo.algorithm),
- CKA_SIGN, symKey, &ignore);
-
- PK11_FreeSymKey(symKey);
- if(!p12enc->hmacCx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- rv = PK11_DigestBegin(p12enc->hmacCx);
- if (rv != SECSuccess)
- goto loser;
- }
- }
-
- if(!p12enc->aSafeCinfo) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12exp->arena, mark);
-
- return p12enc;
-
-loser:
- if(p12enc) {
- if(p12enc->aSafeCinfo) {
- SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);
- }
- if(p12enc->hmacCx) {
- PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);
- }
- }
- if (p12exp->arena != NULL)
- PORT_ArenaRelease(p12exp->arena, mark);
-
- return NULL;
-}
-
-/* callback wrapper to allow the ASN1 engine to call the PKCS 12
- * output routines.
- */
-static void
-sec_pkcs12_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct sec_pkcs12_encoder_output *output;
-
- output = (struct sec_pkcs12_encoder_output*)arg;
- (* output->outputfn)(output->outputarg, buf, len);
-}
-
-/* callback wrapper to wrap SEC_PKCS7EncoderUpdate for ASN1 encoder
- */
-static void
-sec_pkcs12_wrap_pkcs7_encoder_update(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS7EncoderContext *ecx;
- if(!buf || !len) {
- return;
- }
-
- ecx = (SEC_PKCS7EncoderContext*)arg;
- SEC_PKCS7EncoderUpdate(ecx, buf, len);
-}
-
-/* callback wrapper to wrap SEC_ASN1EncoderUpdate for PKCS 7 encoding
- */
-static void
-sec_pkcs12_wrap_asn1_update_for_p7_update(void *arg, const char *buf,
- unsigned long len)
-{
- if(!buf && !len) return;
-
- SEC_ASN1EncoderUpdate((SEC_ASN1EncoderContext*)arg, buf, len);
-}
-
-/* callback wrapper which updates the HMAC and passes on bytes to the
- * appropriate output function.
- */
-static void
-sec_pkcs12_asafe_update_hmac_and_encode_bits(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- sec_PKCS12EncoderContext *p12ecx;
-
- p12ecx = (sec_PKCS12EncoderContext*)arg;
- PK11_DigestOp(p12ecx->hmacCx, (unsigned char *)buf, len);
- sec_pkcs12_wrap_pkcs7_encoder_update(p12ecx->aSafeP7Ecx, buf, len,
- depth, data_kind);
-}
-
-/* this function encodes content infos which are part of the
- * sequence of content infos labeled AuthenticatedSafes
- */
-static SECStatus
-sec_pkcs12_encoder_asafe_process(sec_PKCS12EncoderContext *p12ecx)
-{
- SECStatus rv = SECSuccess;
- SEC_PKCS5KeyAndPassword keyPwd;
- SEC_PKCS7EncoderContext *p7ecx;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_ASN1EncoderContext *ecx = NULL;
-
- void *arg = NULL;
-
- if(p12ecx->currentSafe < p12ecx->p12exp->authSafe.safeCount) {
- SEC_PKCS12SafeInfo *safeInfo;
- SECOidTag cinfoType;
-
- safeInfo = p12ecx->p12exp->safeInfos[p12ecx->currentSafe];
-
- /* skip empty safes */
- if(safeInfo->itemCount == 0) {
- return SECSuccess;
- }
-
- cinfo = safeInfo->cinfo;
- cinfoType = SEC_PKCS7ContentType(cinfo);
-
- /* determine the safe type and set the appropriate argument */
- switch(cinfoType) {
- case SEC_OID_PKCS7_DATA:
- arg = NULL;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- keyPwd.pwitem = &safeInfo->pwitem;
- keyPwd.key = safeInfo->encryptionKey;
- arg = &keyPwd;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- arg = NULL;
- break;
- default:
- return SECFailure;
-
- }
-
- /* start the PKCS7 encoder */
- p7ecx = SEC_PKCS7EncoderStart(cinfo,
- sec_pkcs12_wrap_asn1_update_for_p7_update,
- p12ecx->aSafeEcx, (PK11SymKey *)arg);
- if(!p7ecx) {
- goto loser;
- }
-
- /* encode safe contents */
- ecx = SEC_ASN1EncoderStart(safeInfo->safe, sec_PKCS12SafeContentsTemplate,
- sec_pkcs12_wrap_pkcs7_encoder_update, p7ecx);
- if(!ecx) {
- goto loser;
- }
- rv = SEC_ASN1EncoderUpdate(ecx, NULL, 0);
- SEC_ASN1EncoderFinish(ecx);
- ecx = NULL;
- if(rv != SECSuccess) {
- goto loser;
- }
-
-
- /* finish up safe content info */
- rv = SEC_PKCS7EncoderFinish(p7ecx, p12ecx->p12exp->pwfn,
- p12ecx->p12exp->pwfnarg);
- }
-
- return SECSuccess;
-
-loser:
- if(p7ecx) {
- SEC_PKCS7EncoderFinish(p7ecx, p12ecx->p12exp->pwfn,
- p12ecx->p12exp->pwfnarg);
- }
-
- if(ecx) {
- SEC_ASN1EncoderFinish(ecx);
- }
-
- return SECFailure;
-}
-
-/* finish the HMAC and encode the macData so that it can be
- * encoded.
- */
-static SECStatus
-sec_pkcs12_update_mac(sec_PKCS12EncoderContext *p12ecx)
-{
- SECItem hmac = { siBuffer, NULL, 0 };
- SECStatus rv;
- SGNDigestInfo *di = NULL;
- void *dummy;
-
- if(!p12ecx) {
- return SECFailure;
- }
-
- /* make sure we are using password integrity mode */
- if(!p12ecx->p12exp->integrityEnabled) {
- return SECSuccess;
- }
-
- if(!p12ecx->p12exp->pwdIntegrity) {
- return SECSuccess;
- }
-
- /* finish the hmac */
- hmac.data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
- if(!hmac.data) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- rv = PK11_DigestFinal(p12ecx->hmacCx, hmac.data, &hmac.len, SHA1_LENGTH);
-
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* create the digest info */
- di = SGN_CreateDigestInfo(p12ecx->p12exp->integrityInfo.pwdInfo.algorithm,
- hmac.data, hmac.len);
- if(!di) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- rv = SGN_CopyDigestInfo(p12ecx->arena, &p12ecx->mac.safeMac, di);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* encode the mac data */
- dummy = SEC_ASN1EncodeItem(p12ecx->arena, &p12ecx->pfx.encodedMacData,
- &p12ecx->mac, sec_PKCS12MacDataTemplate);
- if(!dummy) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
-
-loser:
- if(di) {
- SGN_DestroyDigestInfo(di);
- }
- if(hmac.data) {
- SECITEM_ZfreeItem(&hmac, PR_FALSE);
- }
- PK11_DestroyContext(p12ecx->hmacCx, PR_TRUE);
- p12ecx->hmacCx = NULL;
-
- return rv;
-}
-
-/* wraps the ASN1 encoder update for PKCS 7 encoder */
-static void
-sec_pkcs12_wrap_asn1_encoder_update(void *arg, const char *buf,
- unsigned long len)
-{
- SEC_ASN1EncoderContext *cx;
-
- cx = (SEC_ASN1EncoderContext*)arg;
- SEC_ASN1EncoderUpdate(cx, buf, len);
-}
-
-/* pfx notify function for ASN1 encoder. we want to stop encoding, once we reach
- * the authenticated safe. at that point, the encoder will be updated via streaming
- * as the authenticated safe is encoded.
- */
-static void
-sec_pkcs12_encoder_pfx_notify(void *arg, PRBool before, void *dest, int real_depth)
-{
- sec_PKCS12EncoderContext *p12ecx;
-
- if(!before) {
- return;
- }
-
- /* look for authenticated safe */
- p12ecx = (sec_PKCS12EncoderContext*)arg;
- if(dest != &p12ecx->pfx.encodedAuthSafe) {
- return;
- }
-
- SEC_ASN1EncoderSetTakeFromBuf(p12ecx->ecx);
- SEC_ASN1EncoderSetStreaming(p12ecx->ecx);
- SEC_ASN1EncoderClearNotifyProc(p12ecx->ecx);
-}
-
-/* SEC_PKCS12Encode
- * Encodes the PFX item and returns it to the output function, via
- * callback. the output function must be capable of multiple updates.
- *
- * p12exp - the export context
- * output - the output function callback, will be called more than once,
- * must be able to accept streaming data.
- * outputarg - argument for the output callback.
- */
-SECStatus
-SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
- SEC_PKCS12EncoderOutputCallback output, void *outputarg)
-{
- sec_PKCS12EncoderContext *p12enc;
- struct sec_pkcs12_encoder_output outInfo;
- SECStatus rv;
-
- if(!p12exp || !output) {
- return SECFailure;
- }
-
- /* get the encoder context */
- p12enc = sec_pkcs12_encoder_start_context(p12exp);
- if(!p12enc) {
- return SECFailure;
- }
-
- outInfo.outputfn = output;
- outInfo.outputarg = outputarg;
-
- /* set up PFX encoder. Set it for streaming */
- p12enc->ecx = SEC_ASN1EncoderStart(&p12enc->pfx, sec_PKCS12PFXItemTemplate,
- sec_pkcs12_encoder_out,
- &outInfo);
- if(!p12enc->ecx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
- SEC_ASN1EncoderSetStreaming(p12enc->ecx);
- SEC_ASN1EncoderSetNotifyProc(p12enc->ecx, sec_pkcs12_encoder_pfx_notify, p12enc);
- rv = SEC_ASN1EncoderUpdate(p12enc->ecx, NULL, 0);
- if(rv != SECSuccess) {
- rv = SECFailure;
- goto loser;
- }
-
- /* set up asafe cinfo - the output of the encoder feeds the PFX encoder */
- p12enc->aSafeP7Ecx = SEC_PKCS7EncoderStart(p12enc->aSafeCinfo,
- sec_pkcs12_wrap_asn1_encoder_update,
- p12enc->ecx, NULL);
- if(!p12enc->aSafeP7Ecx) {
- rv = SECFailure;
- goto loser;
- }
-
- /* encode asafe */
- if(p12enc->p12exp->integrityEnabled && p12enc->p12exp->pwdIntegrity) {
- p12enc->aSafeEcx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
- sec_PKCS12AuthenticatedSafeTemplate,
- sec_pkcs12_asafe_update_hmac_and_encode_bits,
- p12enc);
- } else {
- p12enc->aSafeEcx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
- sec_PKCS12AuthenticatedSafeTemplate,
- sec_pkcs12_wrap_pkcs7_encoder_update,
- p12enc->aSafeP7Ecx);
- }
- if(!p12enc->aSafeEcx) {
- rv = SECFailure;
- goto loser;
- }
- SEC_ASN1EncoderSetStreaming(p12enc->aSafeEcx);
- SEC_ASN1EncoderSetTakeFromBuf(p12enc->aSafeEcx);
-
- /* encode each of the safes */
- while(p12enc->currentSafe != p12enc->p12exp->safeInfoCount) {
- sec_pkcs12_encoder_asafe_process(p12enc);
- p12enc->currentSafe++;
- }
- SEC_ASN1EncoderClearTakeFromBuf(p12enc->aSafeEcx);
- SEC_ASN1EncoderClearStreaming(p12enc->aSafeEcx);
- SEC_ASN1EncoderUpdate(p12enc->aSafeEcx, NULL, 0);
- SEC_ASN1EncoderFinish(p12enc->aSafeEcx);
-
- /* finish the encoding of the authenticated safes */
- rv = SEC_PKCS7EncoderFinish(p12enc->aSafeP7Ecx, p12exp->pwfn,
- p12exp->pwfnarg);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- SEC_ASN1EncoderClearTakeFromBuf(p12enc->ecx);
- SEC_ASN1EncoderClearStreaming(p12enc->ecx);
-
- /* update the mac, if necessary */
- rv = sec_pkcs12_update_mac(p12enc);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* finish encoding the pfx */
- rv = SEC_ASN1EncoderUpdate(p12enc->ecx, NULL, 0);
-
- SEC_ASN1EncoderFinish(p12enc->ecx);
-
-loser:
- return rv;
-}
-
-void
-SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12ecx)
-{
- int i = 0;
-
- if(!p12ecx) {
- return;
- }
-
- if(p12ecx->safeInfos) {
- i = 0;
- while(p12ecx->safeInfos[i] != NULL) {
- if(p12ecx->safeInfos[i]->encryptionKey) {
- PK11_FreeSymKey(p12ecx->safeInfos[i]->encryptionKey);
- }
- if(p12ecx->safeInfos[i]->cinfo) {
- SEC_PKCS7DestroyContentInfo(p12ecx->safeInfos[i]->cinfo);
- }
- i++;
- }
- }
-
- PK11_FreeSlot(p12ecx->slot);
-
- PORT_FreeArena(p12ecx->arena, PR_TRUE);
-}
-
-
-/*********************************
- * All-in-one routines for exporting certificates
- *********************************/
-struct inPlaceEncodeInfo {
- PRBool error;
- SECItem outItem;
-};
-
-static void
-sec_pkcs12_in_place_encoder_output(void *arg, const char *buf, unsigned long len)
-{
- struct inPlaceEncodeInfo *outInfo = (struct inPlaceEncodeInfo*)arg;
-
- if(!outInfo || !len || outInfo->error) {
- return;
- }
-
- if(!outInfo->outItem.data) {
- outInfo->outItem.data = (unsigned char*)PORT_ZAlloc(len);
- outInfo->outItem.len = 0;
- } else {
- if(!PORT_Realloc(&(outInfo->outItem.data), (outInfo->outItem.len + len))) {
- SECITEM_ZfreeItem(&(outInfo->outItem), PR_FALSE);
- outInfo->outItem.data = NULL;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- outInfo->error = PR_TRUE;
- return;
- }
- }
-
- PORT_Memcpy(&(outInfo->outItem.data[outInfo->outItem.len]), buf, len);
- outInfo->outItem.len += len;
-
- return;
-}
-
-/*
- * SEC_PKCS12ExportCertifcateAndKeyUsingPassword
- * Exports a certificate/key pair using password-based encryption and
- * authentication.
- *
- * pwfn, pwfnarg - password function and argument for the key database
- * cert - the certificate to export
- * certDb - certificate database
- * pwitem - the password to use
- * shroudKey - encrypt the key externally,
- * keyShroudAlg - encryption algorithm for key
- * encryptionAlg - the algorithm with which data is encrypted
- * integrityAlg - the algorithm for integrity
- */
-SECItem *
-SEC_PKCS12ExportCertificateAndKeyUsingPassword(
- SECKEYGetPasswordKey pwfn, void *pwfnarg,
- CERTCertificate *cert, PK11SlotInfo *slot,
- CERTCertDBHandle *certDb, SECItem *pwitem,
- PRBool shroudKey, SECOidTag shroudAlg,
- PRBool encryptCert, SECOidTag certEncAlg,
- SECOidTag integrityAlg, void *wincx)
-{
- struct inPlaceEncodeInfo outInfo;
- SEC_PKCS12ExportContext *p12ecx = NULL;
- SEC_PKCS12SafeInfo *keySafe, *certSafe;
- SECItem *returnItem = NULL;
-
- if(!cert || !pwitem || !slot) {
- return NULL;
- }
-
- outInfo.error = PR_FALSE;
- outInfo.outItem.data = NULL;
- outInfo.outItem.len = 0;
-
- p12ecx = SEC_PKCS12CreateExportContext(pwfn, pwfnarg, slot, wincx);
- if(!p12ecx) {
- return NULL;
- }
-
- /* set up cert safe */
- if(encryptCert) {
- certSafe = SEC_PKCS12CreatePasswordPrivSafe(p12ecx, pwitem, certEncAlg);
- } else {
- certSafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
- }
- if(!certSafe) {
- goto loser;
- }
-
- /* set up key safe */
- if(shroudKey) {
- keySafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
- } else {
- keySafe = certSafe;
- }
- if(!keySafe) {
- goto loser;
- }
-
- /* add integrity mode */
- if(SEC_PKCS12AddPasswordIntegrity(p12ecx, pwitem, integrityAlg)
- != SECSuccess) {
- goto loser;
- }
-
- /* add cert and key pair */
- if(SEC_PKCS12AddCertAndKey(p12ecx, certSafe, NULL, cert, certDb,
- keySafe, NULL, shroudKey, pwitem, shroudAlg)
- != SECSuccess) {
- goto loser;
- }
-
- /* encode the puppy */
- if(SEC_PKCS12Encode(p12ecx, sec_pkcs12_in_place_encoder_output, &outInfo)
- != SECSuccess) {
- goto loser;
- }
- if(outInfo.error) {
- goto loser;
- }
-
- SEC_PKCS12DestroyExportContext(p12ecx);
-
- returnItem = SECITEM_DupItem(&outInfo.outItem);
- SECITEM_ZfreeItem(&outInfo.outItem, PR_FALSE);
-
- return returnItem;
-
-loser:
- if(outInfo.outItem.data) {
- SECITEM_ZfreeItem(&(outInfo.outItem), PR_TRUE);
- }
-
- if(p12ecx) {
- SEC_PKCS12DestroyExportContext(p12ecx);
- }
-
- return NULL;
-}
-
-
diff --git a/security/nss/lib/pkcs12/p12exp.c b/security/nss/lib/pkcs12/p12exp.c
deleted file mode 100644
index 242d98288..000000000
--- a/security/nss/lib/pkcs12/p12exp.c
+++ /dev/null
@@ -1,1407 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "pkcs12.h"
-#include "p12local.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "p12plcy.h"
-
-/* release the memory taken up by the list of nicknames */
-static void
-sec_pkcs12_destroy_nickname_list(SECItem **nicknames)
-{
- int i = 0;
-
- if(nicknames == NULL) {
- return;
- }
-
- while(nicknames[i] != NULL) {
- SECITEM_FreeItem(nicknames[i], PR_FALSE);
- i++;
- }
-
- PORT_Free(nicknames);
-}
-
-/* release the memory taken up by the list of certificates */
-static void
-sec_pkcs12_destroy_certificate_list(CERTCertificate **ref_certs)
-{
- int i = 0;
-
- if(ref_certs == NULL) {
- return;
- }
-
- while(ref_certs[i] != NULL) {
- CERT_DestroyCertificate(ref_certs[i]);
- i++;
- }
-}
-
-static void
-sec_pkcs12_destroy_cinfos_for_cert_bags(SEC_PKCS12CertAndCRLBag *certBag)
-{
- int j = 0;
- j = 0;
- while(certBag->certAndCRLs[j] != NULL) {
- SECOidTag certType = SECOID_FindOIDTag(&certBag->certAndCRLs[j]->BagID);
- if(certType == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
- SEC_PKCS12X509CertCRL *x509;
- x509 = certBag->certAndCRLs[j]->value.x509;
- SEC_PKCS7DestroyContentInfo(&x509->certOrCRL);
- }
- j++;
- }
-}
-
-/* destroy all content infos since they were not allocated in common
- * pool
- */
-static void
-sec_pkcs12_destroy_cert_content_infos(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- int i, j;
-
- if((safe != NULL) && (safe->contents != NULL)) {
- i = 0;
- while(safe->contents[i] != NULL) {
- SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
- if(bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
- SEC_PKCS12CertAndCRLBag *certBag;
- certBag = safe->contents[i]->safeContent.certAndCRLBag;
- sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
- }
- i++;
- }
- }
-
- if((baggage != NULL) && (baggage->bags != NULL)) {
- i = 0;
- while(baggage->bags[i] != NULL) {
- if(baggage->bags[i]->unencSecrets != NULL) {
- j = 0;
- while(baggage->bags[i]->unencSecrets[j] != NULL) {
- SECOidTag bagType;
- bagType = SECOID_FindOIDTag(&baggage->bags[i]->unencSecrets[j]->safeBagType);
- if(bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
- SEC_PKCS12CertAndCRLBag *certBag;
- certBag = baggage->bags[i]->unencSecrets[j]->safeContent.certAndCRLBag;
- sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
- }
- j++;
- }
- }
- i++;
- }
- }
-}
-
-/* convert the nickname list from a NULL termincated Char list
- * to a NULL terminated SECItem list
- */
-static SECItem **
-sec_pkcs12_convert_nickname_list(char **nicknames)
-{
- SECItem **nicks;
- int i, j;
- PRBool error = PR_FALSE;
-
- if(nicknames == NULL) {
- return NULL;
- }
-
- i = j = 0;
- while(nicknames[i] != NULL) {
- i++;
- }
-
- /* allocate the space and copy the data */
- nicks = (SECItem **)PORT_ZAlloc(sizeof(SECItem *) * (i + 1));
- if(nicks != NULL) {
- for(j = 0; ((j < i) && (error == PR_FALSE)); j++) {
- nicks[j] = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(nicks[j] != NULL) {
- nicks[j]->data =
- (unsigned char *)PORT_ZAlloc(PORT_Strlen(nicknames[j])+1);
- if(nicks[j]->data != NULL) {
- nicks[j]->len = PORT_Strlen(nicknames[j]);
- PORT_Memcpy(nicks[j]->data, nicknames[j], nicks[j]->len);
- nicks[j]->data[nicks[j]->len] = 0;
- } else {
- error = PR_TRUE;
- }
- } else {
- error = PR_TRUE;
- }
- }
- }
-
- if(error == PR_TRUE) {
- for(i = 0; i < j; i++) {
- SECITEM_FreeItem(nicks[i], PR_TRUE);
- }
- PORT_Free(nicks);
- nicks = NULL;
- }
-
- return nicks;
-}
-
-/* package the certificate add_cert into PKCS12 structures,
- * retrieve the certificate chain for the cert and return
- * the packaged contents.
- * poolp -- common memory pool;
- * add_cert -- certificate to package up
- * nickname for the certificate
- * a return of NULL indicates an error
- */
-static SEC_PKCS12CertAndCRL *
-sec_pkcs12_get_cert(PRArenaPool *poolp,
- CERTCertificate *add_cert,
- SECItem *nickname)
-{
- SEC_PKCS12CertAndCRL *cert;
- SEC_PKCS7ContentInfo *cinfo;
- SGNDigestInfo *t_di;
- void *mark;
- SECStatus rv;
-
- if((poolp == NULL) || (add_cert == NULL) || (nickname == NULL)) {
- return NULL;
- }
- mark = PORT_ArenaMark(poolp);
-
- cert = sec_pkcs12_new_cert_crl(poolp, SEC_OID_PKCS12_X509_CERT_CRL_BAG);
- if(cert != NULL) {
-
- /* copy the nickname */
- rv = SECITEM_CopyItem(poolp, &cert->nickname, nickname);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- cert = NULL;
- } else {
-
- /* package the certificate and cert chain into a NULL signer
- * PKCS 7 SignedData content Info and prepare it for encoding
- * since we cannot use DER_ANY_TEMPLATE
- */
- cinfo = SEC_PKCS7CreateCertsOnly(add_cert, PR_TRUE, NULL);
- rv = SEC_PKCS7PrepareForEncode(cinfo, NULL, NULL, NULL);
-
- /* thumbprint the certificate */
- if((cinfo != NULL) && (rv == SECSuccess))
- {
- PORT_Memcpy(&cert->value.x509->certOrCRL, cinfo, sizeof(*cinfo));
- t_di = sec_pkcs12_compute_thumbprint(&add_cert->derCert);
- if(t_di != NULL)
- {
- /* test */
- rv = SGN_CopyDigestInfo(poolp, &cert->value.x509->thumbprint,
- t_di);
- if(rv != SECSuccess) {
- cert = NULL;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- SGN_DestroyDigestInfo(t_di);
- }
- else
- cert = NULL;
- }
- }
- }
-
- if (cert == NULL) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return cert;
-}
-
-/* package the private key associated with the certificate and
- * return the appropriate PKCS 12 structure
- * poolp common memory pool
- * nickname key nickname
- * cert -- cert to look up
- * wincx -- window handle
- * an error is indicated by a return of NULL
- */
-static SEC_PKCS12PrivateKey *
-sec_pkcs12_get_private_key(PRArenaPool *poolp,
- SECItem *nickname,
- CERTCertificate *cert,
- void *wincx)
-{
- SECKEYPrivateKeyInfo *pki;
- SEC_PKCS12PrivateKey *pk;
- SECStatus rv;
- void *mark;
-
- if((poolp == NULL) || (nickname == NULL)) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(poolp);
-
- /* retrieve key from the data base */
- pki = PK11_ExportPrivateKeyInfo(nickname, cert, wincx);
- if(pki == NULL) {
- PORT_ArenaRelease(poolp, mark);
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- return NULL;
- }
-
- pk = (SEC_PKCS12PrivateKey *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12PrivateKey));
- if(pk != NULL) {
- rv = sec_pkcs12_init_pvk_data(poolp, &pk->pvkData);
-
- if(rv == SECSuccess) {
- /* copy the key into poolp memory space */
- rv = SECKEY_CopyPrivateKeyInfo(poolp, &pk->pkcs8data, pki);
- if(rv == SECSuccess) {
- rv = SECITEM_CopyItem(poolp, &pk->pvkData.nickname, nickname);
- }
- }
-
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- pk = NULL;
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- /* destroy private key, zeroing out data */
- SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
- if (pk == NULL) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return pk;
-}
-
-/* get a shrouded key item associated with a certificate
- * return the appropriate PKCS 12 structure
- * poolp common memory pool
- * nickname key nickname
- * cert -- cert to look up
- * wincx -- window handle
- * an error is indicated by a return of NULL
- */
-static SEC_PKCS12ESPVKItem *
-sec_pkcs12_get_shrouded_key(PRArenaPool *poolp,
- SECItem *nickname,
- CERTCertificate *cert,
- SECOidTag algorithm,
- SECItem *pwitem,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- SECKEYEncryptedPrivateKeyInfo *epki;
- SEC_PKCS12ESPVKItem *pk;
- void *mark;
- SECStatus rv;
- PK11SlotInfo *slot = NULL;
- PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicodeBytes = PR_TRUE;
-#endif
-
- if((poolp == NULL) || (nickname == NULL))
- return NULL;
-
- mark = PORT_ArenaMark(poolp);
-
- /* use internal key slot */
- slot = PK11_GetInternalKeySlot();
-
- /* retrieve encrypted prviate key */
- epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm, pwitem,
- nickname, cert, 1, 0, NULL);
- PK11_FreeSlot(slot);
- if(epki == NULL) {
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- /* create a private key and store the data into the poolp memory space */
- pk = sec_pkcs12_create_espvk(poolp, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING);
- if(pk != NULL) {
- rv = sec_pkcs12_init_pvk_data(poolp, &pk->espvkData);
- rv = SECITEM_CopyItem(poolp, &pk->espvkData.nickname, nickname);
- pk->espvkCipherText.pkcs8KeyShroud =
- (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if((pk->espvkCipherText.pkcs8KeyShroud != NULL) && (rv == SECSuccess)) {
- rv = SECKEY_CopyEncryptedPrivateKeyInfo(poolp,
- pk->espvkCipherText.pkcs8KeyShroud, epki);
- if(rv == SECSuccess) {
- rv = (*unicodeFn)(poolp, &pk->espvkData.uniNickName, nickname,
- PR_TRUE, swapUnicodeBytes);
- }
- }
-
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- pk = NULL;
- }
- }
-
- SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
- if(pk == NULL) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return pk;
-}
-
-/* add a thumbprint to a private key associated certs list
- * pvk is the area where the list is stored
- * thumb is the thumbprint to copy
- * a return of SECFailure indicates an error
- */
-static SECStatus
-sec_pkcs12_add_thumbprint(SEC_PKCS12PVKSupportingData *pvk,
- SGNDigestInfo *thumb)
-{
- SGNDigestInfo **thumb_list = NULL;
- int nthumbs, size;
- void *mark, *dummy;
- SECStatus rv = SECFailure;
-
- if((pvk == NULL) || (thumb == NULL)) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(pvk->poolp);
-
- thumb_list = pvk->assocCerts;
- nthumbs = pvk->nThumbs;
-
- /* allocate list space needed -- either growing or allocating
- * list must be NULL terminated
- */
- size = sizeof(SGNDigestInfo *);
- dummy = PORT_ArenaGrow(pvk->poolp, thumb_list, (size * (nthumbs + 1)),
- (size * (nthumbs + 2)));
- thumb_list = dummy;
- if(dummy != NULL) {
- thumb_list[nthumbs] = (SGNDigestInfo *)PORT_ArenaZAlloc(pvk->poolp,
- sizeof(SGNDigestInfo));
- if(thumb_list[nthumbs] != NULL) {
- SGN_CopyDigestInfo(pvk->poolp, thumb_list[nthumbs], thumb);
- nthumbs += 1;
- thumb_list[nthumbs] = 0;
- } else {
- dummy = NULL;
- }
- }
-
- if(dummy == NULL) {
- PORT_ArenaRelease(pvk->poolp, mark);
- return SECFailure;
- }
-
- pvk->assocCerts = thumb_list;
- pvk->nThumbs = nthumbs;
-
- PORT_ArenaUnmark(pvk->poolp, mark);
- return SECSuccess;
-}
-
-/* search the list of shrouded keys in the baggage for the desired
- * name. return a pointer to the item. a return of NULL indicates
- * that no match was present or that an error occurred.
- */
-static SEC_PKCS12ESPVKItem *
-sec_pkcs12_get_espvk_by_name(SEC_PKCS12Baggage *luggage,
- SECItem *name)
-{
- PRBool found = PR_FALSE;
- SEC_PKCS12ESPVKItem *espvk = NULL;
- int i, j;
- SECComparison rv = SECEqual;
- SECItem *t_name;
- SEC_PKCS12BaggageItem *bag;
-
- if((luggage == NULL) || (name == NULL)) {
- return NULL;
- }
-
- i = 0;
- while((found == PR_FALSE) && (i < luggage->luggage_size)) {
- j = 0;
- bag = luggage->bags[i];
- while((found == PR_FALSE) && (j < bag->nEspvks)) {
- espvk = bag->espvks[j];
- if(espvk->poolp == NULL) {
- espvk->poolp = luggage->poolp;
- }
- t_name = SECITEM_DupItem(&espvk->espvkData.nickname);
- if(t_name != NULL) {
- rv = SECITEM_CompareItem(name, t_name);
- if(rv == SECEqual) {
- found = PR_TRUE;
- }
- SECITEM_FreeItem(t_name, PR_TRUE);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- j++;
- }
- i++;
- }
-
- if(found != PR_TRUE) {
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
- return NULL;
- }
-
- return espvk;
-}
-
-/* locates a certificate and copies the thumbprint to the
- * appropriate private key
- */
-static SECStatus
-sec_pkcs12_propagate_thumbprints(SECItem **nicknames,
- CERTCertificate **ref_certs,
- SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- SEC_PKCS12CertAndCRL *cert;
- SEC_PKCS12PrivateKey *key;
- SEC_PKCS12ESPVKItem *espvk;
- int i;
- PRBool error = PR_FALSE;
- SECStatus rv = SECFailure;
-
- if((nicknames == NULL) || (safe == NULL)) {
- return SECFailure;
- }
-
- i = 0;
- while((nicknames[i] != NULL) && (error == PR_FALSE)) {
- /* process all certs */
- cert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
- nicknames[i], NULL);
- if(cert != NULL) {
- /* locate key and copy thumbprint */
- key = (SEC_PKCS12PrivateKey *)sec_pkcs12_find_object(safe, baggage,
- SEC_OID_PKCS12_KEY_BAG_ID,
- nicknames[i], NULL);
- if(key != NULL) {
- key->pvkData.poolp = key->poolp;
- rv = sec_pkcs12_add_thumbprint(&key->pvkData,
- &cert->value.x509->thumbprint);
- if(rv == SECFailure)
- error = PR_TRUE; /* XXX Set error? */
- }
-
- /* look in the baggage as well...*/
- if((baggage != NULL) && (error == PR_FALSE)) {
- espvk = sec_pkcs12_get_espvk_by_name(baggage, nicknames[i]);
- if(espvk != NULL) {
- espvk->espvkData.poolp = espvk->poolp;
- rv = sec_pkcs12_add_thumbprint(&espvk->espvkData,
- &cert->value.x509->thumbprint);
- if(rv == SECFailure)
- error = PR_TRUE; /* XXX Set error? */
- }
- }
- }
- i++;
- }
-
- if(error == PR_TRUE) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* append a safe bag to the end of the safe contents list */
-SECStatus
-sec_pkcs12_append_safe_bag(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12SafeBag *bag)
-{
- int size;
- void *mark = NULL, *dummy = NULL;
-
- if((bag == NULL) || (safe == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(safe->poolp);
-
- size = (safe->safe_size * sizeof(SEC_PKCS12SafeBag *));
-
- if(safe->safe_size > 0) {
- dummy = (SEC_PKCS12SafeBag **)PORT_ArenaGrow(safe->poolp,
- safe->contents,
- size,
- (size + sizeof(SEC_PKCS12SafeBag *)));
- safe->contents = dummy;
- } else {
- safe->contents = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(safe->poolp,
- (2 * sizeof(SEC_PKCS12SafeBag *)));
- dummy = safe->contents;
- }
-
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- safe->contents[safe->safe_size] = bag;
- safe->safe_size++;
- safe->contents[safe->safe_size] = NULL;
-
- PORT_ArenaUnmark(safe->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(safe->poolp, mark);
- return SECFailure;
-}
-
-/* append a certificate onto the end of a cert bag */
-static SECStatus
-sec_pkcs12_append_cert_to_bag(PRArenaPool *arena,
- SEC_PKCS12SafeBag *safebag,
- CERTCertificate *cert,
- SECItem *nickname)
-{
- int size;
- void *dummy = NULL, *mark = NULL;
- SEC_PKCS12CertAndCRL *p12cert;
- SEC_PKCS12CertAndCRLBag *bag;
-
- if((arena == NULL) || (safebag == NULL) ||
- (cert == NULL) || (nickname == NULL)) {
- return SECFailure;
- }
-
- bag = safebag->safeContent.certAndCRLBag;
- if(bag == NULL) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(arena);
-
- p12cert = sec_pkcs12_get_cert(arena, cert, nickname);
- if(p12cert == NULL) {
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
- }
-
- size = bag->bag_size * sizeof(SEC_PKCS12CertAndCRL *);
- if(bag->bag_size > 0) {
- dummy = (SEC_PKCS12CertAndCRL **)PORT_ArenaGrow(bag->poolp,
- bag->certAndCRLs, size, size + sizeof(SEC_PKCS12CertAndCRL *));
- bag->certAndCRLs = dummy;
- } else {
- bag->certAndCRLs = (SEC_PKCS12CertAndCRL **)PORT_ArenaZAlloc(bag->poolp,
- (2 * sizeof(SEC_PKCS12CertAndCRL *)));
- dummy = bag->certAndCRLs;
- }
-
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->certAndCRLs[bag->bag_size] = p12cert;
- bag->bag_size++;
- bag->certAndCRLs[bag->bag_size] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* append a key onto the end of a list of keys in a key bag */
-SECStatus
-sec_pkcs12_append_key_to_bag(SEC_PKCS12SafeBag *safebag,
- SEC_PKCS12PrivateKey *pk)
-{
- void *mark, *dummy;
- SEC_PKCS12PrivateKeyBag *bag;
- int size;
-
- if((safebag == NULL) || (pk == NULL))
- return SECFailure;
-
- bag = safebag->safeContent.keyBag;
- if(bag == NULL) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(bag->poolp);
-
- size = (bag->bag_size * sizeof(SEC_PKCS12PrivateKey *));
-
- if(bag->bag_size > 0) {
- dummy = (SEC_PKCS12PrivateKey **)PORT_ArenaGrow(bag->poolp,
- bag->privateKeys,
- size,
- size + sizeof(SEC_PKCS12PrivateKey *));
- bag->privateKeys = dummy;
- } else {
- bag->privateKeys = (SEC_PKCS12PrivateKey **)PORT_ArenaZAlloc(bag->poolp,
- (2 * sizeof(SEC_PKCS12PrivateKey *)));
- dummy = bag->privateKeys;
- }
-
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->privateKeys[bag->bag_size] = pk;
- bag->bag_size++;
- bag->privateKeys[bag->bag_size] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- /* XXX Free memory? */
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* append a safe bag to the baggage area */
-static SECStatus
-sec_pkcs12_append_unshrouded_bag(SEC_PKCS12BaggageItem *bag,
- SEC_PKCS12SafeBag *u_bag)
-{
- int size;
- void *mark = NULL, *dummy = NULL;
-
- if((bag == NULL) || (u_bag == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(bag->poolp);
-
- /* dump things into the first bag */
- size = (bag->nSecrets + 1) * sizeof(SEC_PKCS12SafeBag *);
- dummy = PORT_ArenaGrow(bag->poolp,
- bag->unencSecrets, size,
- size + sizeof(SEC_PKCS12SafeBag *));
- bag->unencSecrets = dummy;
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->unencSecrets[bag->nSecrets] = u_bag;
- bag->nSecrets++;
- bag->unencSecrets[bag->nSecrets] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* gather up all certificates and keys and package them up
- * in the safe, baggage, or both.
- * nicknames is the list of nicknames and corresponding certs in ref_certs
- * ref_certs a null terminated list of certificates
- * rSafe, rBaggage -- return areas for safe and baggage
- * shroud_keys -- store keys externally
- * pwitem -- password for computing integrity mac and encrypting contents
- * wincx -- window handle
- *
- * if a failure occurs, an error is set and SECFailure returned.
- */
-static SECStatus
-sec_pkcs12_package_certs_and_keys(SECItem **nicknames,
- CERTCertificate **ref_certs,
- PRBool unencryptedCerts,
- SEC_PKCS12SafeContents **rSafe,
- SEC_PKCS12Baggage **rBaggage,
- PRBool shroud_keys,
- SECOidTag shroud_alg,
- SECItem *pwitem,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- PRArenaPool *permArena;
- SEC_PKCS12SafeContents *safe = NULL;
- SEC_PKCS12Baggage *baggage = NULL;
-
- SECStatus rv = SECFailure;
- PRBool problem = PR_FALSE;
-
- SEC_PKCS12ESPVKItem *espvk = NULL;
- SEC_PKCS12PrivateKey *pk = NULL;
- CERTCertificate *add_cert = NULL;
- SEC_PKCS12SafeBag *certbag = NULL, *keybag = NULL;
- SEC_PKCS12BaggageItem *external_bag = NULL;
- int ncerts = 0, nkeys = 0;
- int i;
-
- if((nicknames == NULL) || (rSafe == NULL) || (rBaggage == NULL)) {
- return SECFailure;
- }
-
- *rBaggage = baggage;
- *rSafe = safe;
-
- permArena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(permArena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* allocate structures */
- safe = sec_pkcs12_create_safe_contents(permArena);
- if(safe == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- certbag = sec_pkcs12_create_safe_bag(permArena,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID);
- if(certbag == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- if(shroud_keys != PR_TRUE) {
- keybag = sec_pkcs12_create_safe_bag(permArena,
- SEC_OID_PKCS12_KEY_BAG_ID);
- if(keybag == NULL) {
- rv = SECFailure;
- goto loser;
- }
- }
-
- if((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
- baggage = sec_pkcs12_create_baggage(permArena);
- if(baggage == NULL) {
- rv = SECFailure;
- goto loser;
- }
- external_bag = sec_pkcs12_create_external_bag(baggage);
- }
-
- /* package keys and certs */
- i = 0;
- while((nicknames[i] != NULL) && (problem == PR_FALSE)) {
- if(ref_certs[i] != NULL) {
- /* append cert to bag o certs */
- rv = sec_pkcs12_append_cert_to_bag(permArena, certbag,
- ref_certs[i],
- nicknames[i]);
- if(rv == SECFailure) {
- problem = PR_FALSE;
- } else {
- ncerts++;
- }
-
- if(rv == SECSuccess) {
- /* package up them keys */
- if(shroud_keys == PR_TRUE) {
- espvk = sec_pkcs12_get_shrouded_key(permArena,
- nicknames[i],
- ref_certs[i],
- shroud_alg,
- pwitem, unicodeFn,
- wincx);
- if(espvk != NULL) {
- rv = sec_pkcs12_append_shrouded_key(external_bag, espvk);
- SECITEM_CopyItem(permArena, &espvk->derCert,
- &ref_certs[i]->derCert);
- } else {
- rv = SECFailure;
- }
- } else {
- pk = sec_pkcs12_get_private_key(permArena, nicknames[i],
- ref_certs[i], wincx);
- if(pk != NULL) {
- rv = sec_pkcs12_append_key_to_bag(keybag, pk);
- SECITEM_CopyItem(permArena, &espvk->derCert,
- &ref_certs[i]->derCert);
- } else {
- rv = SECFailure;
- }
- }
-
- if(rv == SECFailure) {
- problem = PR_TRUE;
- } else {
- nkeys++;
- }
- }
- } else {
- /* handle only keys here ? */
- problem = PR_TRUE;
- }
- i++;
- }
-
- /* let success fall through */
-loser:
- if(problem == PR_FALSE) {
- /* if we have certs, we want to append the cert bag to the
- * appropriate area
- */
- if(ncerts > 0) {
- if(unencryptedCerts != PR_TRUE) {
- rv = sec_pkcs12_append_safe_bag(safe, certbag);
- } else {
- rv = sec_pkcs12_append_unshrouded_bag(external_bag, certbag);
- }
- } else {
- rv = SECSuccess;
- }
-
- /* append key bag, if they are stored in safe contents */
- if((rv == SECSuccess) && (shroud_keys == PR_FALSE) && (nkeys > 0)) {
- rv = sec_pkcs12_append_safe_bag(safe, keybag);
- }
- } else {
- rv = SECFailure;
- }
-
- /* if baggage not used, NULLify it */
- if((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
- if(((unencryptedCerts == PR_TRUE) && (ncerts == 0)) &&
- ((shroud_keys == PR_TRUE) && (nkeys == 0)))
- baggage = NULL;
- } else {
- baggage = NULL;
- }
-
- if((problem == PR_TRUE) || (rv == SECFailure)) {
- PORT_FreeArena(permArena, PR_TRUE);
- rv = SECFailure;
- baggage = NULL;
- safe = NULL;
- }
-
- *rBaggage = baggage;
- *rSafe = safe;
-
- return rv;
-}
-
-/* DER encode the safe contents and return a SECItem. if an error
- * occurs, NULL is returned.
- */
-static SECItem *
-sec_pkcs12_encode_safe_contents(SEC_PKCS12SafeContents *safe)
-{
- SECItem *dsafe = NULL, *tsafe;
- void *dummy = NULL;
- PRArenaPool *arena;
-
- if(safe == NULL) {
- return NULL;
- }
-
-/* rv = sec_pkcs12_prepare_for_der_code_safe(safe, PR_TRUE);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }*/
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(arena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- tsafe = (SECItem *)PORT_ArenaZAlloc(arena, sizeof(SECItem));
- if(tsafe != NULL) {
- dummy = SEC_ASN1EncodeItem(arena, tsafe, safe,
- SEC_PKCS12SafeContentsTemplate);
- if(dummy != NULL) {
- dsafe = SECITEM_DupItem(tsafe);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(arena, PR_TRUE);
-
- return dsafe;
-}
-
-/* prepare the authenicated safe for encoding and encode it.
- * baggage is copied to the appropriate area, safe is encoded and
- * encrypted. the version and transport mode are set on the asafe.
- * the whole ball of wax is then der encoded and packaged up into
- * data content info
- * safe -- container of certs and keys, is encrypted.
- * baggage -- container of certs and keys, keys assumed to be encrypted by
- * another method, certs are in the clear
- * algorithm -- algorithm by which to encrypt safe
- * pwitem -- password for encryption
- * wincx - window handle
- *
- * return of NULL is an error condition.
- */
-static SEC_PKCS7ContentInfo *
-sec_pkcs12_get_auth_safe(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage,
- SECOidTag algorithm,
- SECItem *pwitem,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- SECItem *src = NULL, *dest = NULL, *psalt = NULL;
- PRArenaPool *poolp;
- SEC_PKCS12AuthenticatedSafe *asafe;
- SEC_PKCS7ContentInfo *safe_cinfo = NULL;
- SEC_PKCS7ContentInfo *asafe_cinfo = NULL;
- void *dummy;
- SECStatus rv = SECSuccess;
- PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicodeBytes = PR_TRUE;
-#endif
-
- if(((safe != NULL) && (pwitem == NULL)) && (baggage == NULL))
- return NULL;
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(poolp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* prepare authenticated safe for encode */
- asafe = sec_pkcs12_new_asafe(poolp);
- if(asafe != NULL) {
-
- /* set version */
- dummy = SEC_ASN1EncodeInteger(asafe->poolp, &asafe->version,
- SEC_PKCS12_PFX_VERSION);
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- /* generate the privacy salt used to create virtual pwd */
- psalt = sec_pkcs12_generate_salt();
- if(psalt != NULL) {
- rv = SECITEM_CopyItem(asafe->poolp, &asafe->privacySalt,
- psalt);
- if(rv == SECSuccess) {
- asafe->privacySalt.len *= 8;
- }
- else {
- SECITEM_ZfreeItem(psalt, PR_TRUE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- }
-
- if((psalt == NULL) || (rv == SECFailure)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- /* package up safe contents */
- if(safe != NULL)
- {
- safe_cinfo = SEC_PKCS7CreateEncryptedData(algorithm, NULL, wincx);
- if((safe_cinfo != NULL) && (safe->safe_size > 0)) {
- /* encode the safe and encrypt the contents of the
- * content info
- */
- src = sec_pkcs12_encode_safe_contents(safe);
-
- if(src != NULL) {
- rv = SEC_PKCS7SetContent(safe_cinfo, (char *)src->data, src->len);
- SECITEM_ZfreeItem(src, PR_TRUE);
- if(rv == SECSuccess) {
- SECItem *vpwd;
- vpwd = sec_pkcs12_create_virtual_password(pwitem, psalt,
- unicodeFn, swapUnicodeBytes);
- if(vpwd != NULL) {
- rv = SEC_PKCS7EncryptContents(NULL, safe_cinfo,
- vpwd, wincx);
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- } else {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- rv = SECFailure;
- }
- } else if(safe->safe_size > 0) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- } else {
- /* case where there is NULL content in the safe contents */
- rv = SEC_PKCS7SetContent(safe_cinfo, NULL, 0);
- if(rv != SECFailure) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- }
-
- if(rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo(safe_cinfo);
- safe_cinfo = NULL;
- goto loser;
- }
-
- asafe->safe = safe_cinfo;
- /*
- PORT_Memcpy(&asafe->safe, safe_cinfo, sizeof(*safe_cinfo));
- */
- }
-
- /* copy the baggage to the authenticated safe baggage if present */
- if(baggage != NULL) {
- PORT_Memcpy(&asafe->baggage, baggage, sizeof(*baggage));
- }
-
- /* encode authenticated safe and store it in a Data content info */
- dest = (SECItem *)PORT_ArenaZAlloc(poolp, sizeof(SECItem));
- if(dest != NULL) {
- dummy = SEC_ASN1EncodeItem(poolp, dest, asafe,
- SEC_PKCS12AuthenticatedSafeTemplate);
- if(dummy != NULL) {
- asafe_cinfo = SEC_PKCS7CreateData();
- if(asafe_cinfo != NULL) {
- rv = SEC_PKCS7SetContent(asafe_cinfo,
- (char *)dest->data,
- dest->len);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SEC_PKCS7DestroyContentInfo(asafe_cinfo);
- asafe_cinfo = NULL;
- }
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
- }
- }
-
-loser:
- PORT_FreeArena(poolp, PR_TRUE);
- if(safe_cinfo != NULL) {
- SEC_PKCS7DestroyContentInfo(safe_cinfo);
- }
- if(psalt != NULL) {
- SECITEM_ZfreeItem(psalt, PR_TRUE);
- }
-
- if(rv == SECFailure) {
- return NULL;
- }
-
- return asafe_cinfo;
-}
-
-/* generates the PFX and computes the mac on the authenticated safe
- * NULL implies an error
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_get_pfx(SEC_PKCS7ContentInfo *cinfo,
- PRBool do_mac,
- SECItem *pwitem, PKCS12UnicodeConvertFunction unicodeFn)
-{
- SECItem *dest = NULL, *mac = NULL, *salt = NULL, *key = NULL;
- SEC_PKCS12PFXItem *pfx;
- SECStatus rv = SECFailure;
- SGNDigestInfo *di;
- SECItem *vpwd;
- PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicodeBytes = PR_TRUE;
-#endif
-
- if((cinfo == NULL) || ((do_mac == PR_TRUE) && (pwitem == NULL))) {
- return NULL;
- }
-
- /* allocate new pfx structure */
- pfx = sec_pkcs12_new_pfx();
- if(pfx == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- PORT_Memcpy(&pfx->authSafe, cinfo, sizeof(*cinfo));
- if(do_mac == PR_TRUE) {
-
- /* salt for computing mac */
- salt = sec_pkcs12_generate_salt();
- if(salt != NULL) {
- rv = SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, salt);
- pfx->macData.macSalt.len *= 8;
-
- vpwd = sec_pkcs12_create_virtual_password(pwitem, salt,
- unicodeFn, swapUnicodeBytes);
- if(vpwd == NULL) {
- rv = SECFailure;
- key = NULL;
- } else {
- key = sec_pkcs12_generate_key_from_password(SEC_OID_SHA1,
- salt, vpwd);
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- }
-
- if((key != NULL) && (rv == SECSuccess)) {
- dest = SEC_PKCS7GetContent(cinfo);
- if(dest != NULL) {
-
- /* compute mac on data -- for password integrity mode */
- mac = sec_pkcs12_generate_mac(key, dest, PR_FALSE);
- if(mac != NULL) {
- di = SGN_CreateDigestInfo(SEC_OID_SHA1,
- mac->data, mac->len);
- if(di != NULL) {
- rv = SGN_CopyDigestInfo(pfx->poolp,
- &pfx->macData.safeMac, di);
- SGN_DestroyDigestInfo(di);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- SECITEM_ZfreeItem(mac, PR_TRUE);
- }
- } else {
- rv = SECFailure;
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
-
- if(key != NULL) {
- SECITEM_ZfreeItem(key, PR_TRUE);
- }
- SECITEM_ZfreeItem(salt, PR_TRUE);
- }
- }
-
- if(rv == SECFailure) {
- SEC_PKCS12DestroyPFX(pfx);
- pfx = NULL;
- }
-
- return pfx;
-}
-
-/* der encode the pfx */
-static SECItem *
-sec_pkcs12_encode_pfx(SEC_PKCS12PFXItem *pfx)
-{
- SECItem *dest;
- void *dummy;
-
- if(pfx == NULL) {
- return NULL;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- dummy = SEC_ASN1EncodeItem(NULL, dest, pfx, SEC_PKCS12PFXItemTemplate);
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SECITEM_ZfreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- return dest;
-}
-
-SECItem *
-SEC_PKCS12GetPFX(char **nicknames,
- CERTCertificate **ref_certs,
- PRBool shroud_keys,
- SEC_PKCS5GetPBEPassword pbef,
- void *pbearg,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- SECItem **nicks = NULL;
- SEC_PKCS12PFXItem *pfx = NULL;
- SEC_PKCS12Baggage *baggage = NULL;
- SEC_PKCS12SafeContents *safe = NULL;
- SEC_PKCS7ContentInfo *cinfo = NULL;
- SECStatus rv = SECFailure;
- SECItem *dest = NULL, *pwitem = NULL;
- PRBool problem = PR_FALSE;
- PRBool unencryptedCerts;
- SECOidTag shroud_alg, safe_alg;
-
- /* how should we encrypt certs ? */
- unencryptedCerts = !SEC_PKCS12IsEncryptionAllowed();
- if(!unencryptedCerts) {
- safe_alg = SEC_PKCS12GetPreferredEncryptionAlgorithm();
- if(safe_alg == SEC_OID_UNKNOWN) {
- safe_alg = SEC_PKCS12GetStrongestAllowedAlgorithm();
- }
- if(safe_alg == SEC_OID_UNKNOWN) {
- unencryptedCerts = PR_TRUE;
- /* for export where no encryption is allowed, we still need
- * to encrypt the NULL contents per the spec. encrypted info
- * is known plaintext, so it shouldn't be a problem.
- */
- safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
- }
- } else {
- /* for export where no encryption is allowed, we still need
- * to encrypt the NULL contents per the spec. encrypted info
- * is known plaintext, so it shouldn't be a problem.
- */
- safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
- }
-
- /* keys are always stored with triple DES */
- shroud_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
-
- /* check for FIPS, if so, do not encrypt certs */
- if(PK11_IsFIPS() && !unencryptedCerts) {
- unencryptedCerts = PR_TRUE;
- }
-
- if((nicknames == NULL) || (pbef == NULL) || (ref_certs == NULL)) {
- problem = PR_TRUE;
- goto loser;
- }
-
-
- /* get password */
- pwitem = (*pbef)(pbearg);
- if(pwitem == NULL) {
- problem = PR_TRUE;
- goto loser;
- }
- nicks = sec_pkcs12_convert_nickname_list(nicknames);
-
- /* get safe and baggage */
- rv = sec_pkcs12_package_certs_and_keys(nicks, ref_certs, unencryptedCerts,
- &safe, &baggage, shroud_keys,
- shroud_alg, pwitem, unicodeFn, wincx);
- if(rv == SECFailure) {
- problem = PR_TRUE;
- }
-
- if((safe != NULL) && (problem == PR_FALSE)) {
- /* copy thumbprints */
- rv = sec_pkcs12_propagate_thumbprints(nicks, ref_certs, safe, baggage);
-
- /* package everything up into AuthenticatedSafe */
- cinfo = sec_pkcs12_get_auth_safe(safe, baggage,
- safe_alg, pwitem, unicodeFn, wincx);
-
- sec_pkcs12_destroy_cert_content_infos(safe, baggage);
-
- /* get the pfx and mac it */
- if(cinfo != NULL) {
- pfx = sec_pkcs12_get_pfx(cinfo, PR_TRUE, pwitem, unicodeFn);
- if(pfx != NULL) {
- dest = sec_pkcs12_encode_pfx(pfx);
- SEC_PKCS12DestroyPFX(pfx);
- }
- SEC_PKCS7DestroyContentInfo(cinfo);
- }
-
- if(safe != NULL) {
- PORT_FreeArena(safe->poolp, PR_TRUE);
- }
- } else {
- if(safe != NULL) {
- PORT_FreeArena(safe->poolp, PR_TRUE);
- }
- }
-
-loser:
- if(nicks != NULL) {
- sec_pkcs12_destroy_nickname_list(nicks);
- }
-
- if(ref_certs != NULL) {
- sec_pkcs12_destroy_certificate_list(ref_certs);
- }
-
- if(pwitem != NULL) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- }
-
- if(problem == PR_TRUE) {
- dest = NULL;
- }
-
- return dest;
-}
diff --git a/security/nss/lib/pkcs12/p12local.c b/security/nss/lib/pkcs12/p12local.c
deleted file mode 100644
index 1fbd9906a..000000000
--- a/security/nss/lib/pkcs12/p12local.c
+++ /dev/null
@@ -1,1369 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "pkcs12.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "seccomon.h"
-#include "secoid.h"
-#include "sechash.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "p12.h"
-
-#define SALT_LENGTH 16
-
-SEC_ASN1_MKSUB(SECKEY_PrivateKeyInfoTemplate)
-SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
-
-CK_MECHANISM_TYPE
-sec_pkcs12_algtag_to_mech(SECOidTag algtag)
-{
- switch (algtag) {
- case SEC_OID_MD2:
- return CKM_MD2_HMAC;
- case SEC_OID_MD5:
- return CKM_MD5_HMAC;
- case SEC_OID_SHA1:
- return CKM_SHA_1_HMAC;
- case SEC_OID_SHA256:
- return CKM_SHA256_HMAC;
- case SEC_OID_SHA384:
- return CKM_SHA384_HMAC;
- case SEC_OID_SHA512:
- return CKM_SHA512_HMAC;
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-/* helper functions */
-/* returns proper bag type template based upon object type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type_old(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12SafeBag *safebag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- safebag = (SEC_PKCS12SafeBag*)src_or_dest;
-
- oiddata = safebag->safeBagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&safebag->safeBagType);
- safebag->safeBagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_KEY_BAG_ID:
- theTemplate = SEC_PointerToPKCS12KeyBagTemplate;
- break;
- case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
- theTemplate = SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD;
- break;
- case SEC_OID_PKCS12_SECRET_BAG_ID:
- theTemplate = SEC_PointerToPKCS12SecretBagTemplate;
- break;
- }
- return theTemplate;
-}
-
-const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12SafeBag *safebag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- safebag = (SEC_PKCS12SafeBag*)src_or_dest;
-
- oiddata = safebag->safeBagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&safebag->safeBagType);
- safebag->safeBagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS12_KEY_BAG_ID:
- theTemplate = SEC_PKCS12PrivateKeyBagTemplate;
- break;
- case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
- theTemplate = SEC_PKCS12CertAndCRLBagTemplate;
- break;
- case SEC_OID_PKCS12_SECRET_BAG_ID:
- theTemplate = SEC_PKCS12SecretBagTemplate;
- break;
- }
- return theTemplate;
-}
-
-/* returns proper cert crl template based upon type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type_old(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12CertAndCRL *certbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- certbag = (SEC_PKCS12CertAndCRL*)src_or_dest;
- oiddata = certbag->BagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&certbag->BagID);
- certbag->BagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
- theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate_OLD;
- break;
- case SEC_OID_PKCS12_SDSI_CERT_BAG:
- theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
- break;
- }
- return theTemplate;
-}
-
-const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12CertAndCRL *certbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- certbag = (SEC_PKCS12CertAndCRL*)src_or_dest;
- oiddata = certbag->BagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&certbag->BagID);
- certbag->BagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
- theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate;
- break;
- case SEC_OID_PKCS12_SDSI_CERT_BAG:
- theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
- break;
- }
- return theTemplate;
-}
-
-/* returns appropriate shroud template based on object type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12ESPVKItem *espvk;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- espvk = (SEC_PKCS12ESPVKItem*)src_or_dest;
- oiddata = espvk->espvkTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&espvk->espvkOID);
- espvk->espvkTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_PKCS8_KEY_SHROUDING:
- theTemplate =
- SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
- break;
- }
- return theTemplate;
-}
-
-/* generate SALT placing it into the character array passed in.
- * it is assumed that salt_dest is an array of appropriate size
- * XXX We might want to generate our own random context
- */
-SECItem *
-sec_pkcs12_generate_salt(void)
-{
- SECItem *salt;
-
- salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(salt == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- SALT_LENGTH);
- salt->len = SALT_LENGTH;
- if(salt->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SECITEM_ZfreeItem(salt, PR_TRUE);
- return NULL;
- }
-
- PK11_GenerateRandom(salt->data, salt->len);
-
- return salt;
-}
-
-/* generate KEYS -- as per PKCS12 section 7.
- * only used for MAC
- */
-SECItem *
-sec_pkcs12_generate_key_from_password(SECOidTag algorithm,
- SECItem *salt,
- SECItem *password)
-{
- unsigned char *pre_hash=NULL;
- unsigned char *hash_dest=NULL;
- SECStatus res;
- PRArenaPool *poolp;
- SECItem *key = NULL;
- int key_len = 0;
-
- if((salt == NULL) || (password == NULL)) {
- return NULL;
- }
-
- poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(poolp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- pre_hash = (unsigned char *)PORT_ArenaZAlloc(poolp, sizeof(char) *
- (salt->len+password->len));
- if(pre_hash == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- hash_dest = (unsigned char *)PORT_ArenaZAlloc(poolp,
- sizeof(unsigned char) * SHA1_LENGTH);
- if(hash_dest == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_Memcpy(pre_hash, salt->data, salt->len);
- /* handle password of 0 length case */
- if(password->len > 0) {
- PORT_Memcpy(&(pre_hash[salt->len]), password->data, password->len);
- }
-
- res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, pre_hash,
- (salt->len+password->len));
- if(res == SECFailure) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- switch(algorithm) {
- case SEC_OID_SHA1:
- if(key_len == 0)
- key_len = 16;
- key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(key == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char)
- * key_len);
- if(key->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- key->len = key_len;
- PORT_Memcpy(key->data, &hash_dest[SHA1_LENGTH-key->len], key->len);
- break;
- default:
- goto loser;
- break;
- }
-
- PORT_FreeArena(poolp, PR_TRUE);
- return key;
-
-loser:
- PORT_FreeArena(poolp, PR_TRUE);
- if(key != NULL) {
- SECITEM_ZfreeItem(key, PR_TRUE);
- }
- return NULL;
-}
-
-/* MAC is generated per PKCS 12 section 6. It is expected that key, msg
- * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in
- * because it is not known how long the message actually is. String
- * manipulation routines will not necessarily work because msg may have
- * imbedded NULLs
- */
-static SECItem *
-sec_pkcs12_generate_old_mac(SECItem *key,
- SECItem *msg)
-{
- SECStatus res;
- PRArenaPool *temparena = NULL;
- unsigned char *hash_dest=NULL, *hash_src1=NULL, *hash_src2 = NULL;
- int i;
- SECItem *mac = NULL;
-
- if((key == NULL) || (msg == NULL))
- goto loser;
-
- /* allocate return item */
- mac = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(mac == NULL)
- return NULL;
- mac->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char)
- * SHA1_LENGTH);
- mac->len = SHA1_LENGTH;
- if(mac->data == NULL)
- goto loser;
-
- /* allocate temporary items */
- temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(temparena == NULL)
- goto loser;
-
- hash_src1 = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) * (16+msg->len));
- if(hash_src1 == NULL)
- goto loser;
-
- hash_src2 = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) * (SHA1_LENGTH+16));
- if(hash_src2 == NULL)
- goto loser;
-
- hash_dest = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) * SHA1_LENGTH);
- if(hash_dest == NULL)
- goto loser;
-
- /* perform mac'ing as per PKCS 12 */
-
- /* first round of hashing */
- for(i = 0; i < 16; i++)
- hash_src1[i] = key->data[i] ^ 0x36;
- PORT_Memcpy(&(hash_src1[16]), msg->data, msg->len);
- res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, hash_src1, (16+msg->len));
- if(res == SECFailure)
- goto loser;
-
- /* second round of hashing */
- for(i = 0; i < 16; i++)
- hash_src2[i] = key->data[i] ^ 0x5c;
- PORT_Memcpy(&(hash_src2[16]), hash_dest, SHA1_LENGTH);
- res = PK11_HashBuf(SEC_OID_SHA1, mac->data, hash_src2, SHA1_LENGTH+16);
- if(res == SECFailure)
- goto loser;
-
- PORT_FreeArena(temparena, PR_TRUE);
- return mac;
-
-loser:
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
- if(mac != NULL)
- SECITEM_ZfreeItem(mac, PR_TRUE);
- return NULL;
-}
-
-/* MAC is generated per PKCS 12 section 6. It is expected that key, msg
- * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in
- * because it is not known how long the message actually is. String
- * manipulation routines will not necessarily work because msg may have
- * imbedded NULLs
- */
-SECItem *
-sec_pkcs12_generate_mac(SECItem *key,
- SECItem *msg,
- PRBool old_method)
-{
- SECStatus res = SECFailure;
- SECItem *mac = NULL;
- PK11Context *pk11cx = NULL;
- SECItem ignore = {0};
-
- if((key == NULL) || (msg == NULL)) {
- return NULL;
- }
-
- if(old_method == PR_TRUE) {
- return sec_pkcs12_generate_old_mac(key, msg);
- }
-
- /* allocate return item */
- mac = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
- if (mac == NULL) {
- return NULL;
- }
-
- pk11cx = PK11_CreateContextByRawKey(NULL, CKM_SHA_1_HMAC, PK11_OriginDerive,
- CKA_SIGN, key, &ignore, NULL);
- if (pk11cx == NULL) {
- goto loser;
- }
-
- res = PK11_DigestBegin(pk11cx);
- if (res == SECFailure) {
- goto loser;
- }
-
- res = PK11_DigestOp(pk11cx, msg->data, msg->len);
- if (res == SECFailure) {
- goto loser;
- }
-
- res = PK11_DigestFinal(pk11cx, mac->data, &mac->len, SHA1_LENGTH);
- if (res == SECFailure) {
- goto loser;
- }
-
- PK11_DestroyContext(pk11cx, PR_TRUE);
- pk11cx = NULL;
-
-loser:
-
- if(res != SECSuccess) {
- SECITEM_ZfreeItem(mac, PR_TRUE);
- mac = NULL;
- if (pk11cx) {
- PK11_DestroyContext(pk11cx, PR_TRUE);
- }
- }
-
- return mac;
-}
-
-/* compute the thumbprint of the DER cert and create a digest info
- * to store it in and return the digest info.
- * a return of NULL indicates an error.
- */
-SGNDigestInfo *
-sec_pkcs12_compute_thumbprint(SECItem *der_cert)
-{
- SGNDigestInfo *thumb = NULL;
- SECItem digest;
- PRArenaPool *temparena = NULL;
- SECStatus rv = SECFailure;
-
- if(der_cert == NULL)
- return NULL;
-
- temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(temparena == NULL) {
- return NULL;
- }
-
- digest.data = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) *
- SHA1_LENGTH);
- /* digest data and create digest info */
- if(digest.data != NULL) {
- digest.len = SHA1_LENGTH;
- rv = PK11_HashBuf(SEC_OID_SHA1, digest.data, der_cert->data,
- der_cert->len);
- if(rv == SECSuccess) {
- thumb = SGN_CreateDigestInfo(SEC_OID_SHA1,
- digest.data,
- digest.len);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(temparena, PR_TRUE);
-
- return thumb;
-}
-
-/* create a virtual password per PKCS 12, the password is converted
- * to unicode, the salt is prepended to it, and then the whole thing
- * is returned */
-SECItem *
-sec_pkcs12_create_virtual_password(SECItem *password, SECItem *salt,
- PRBool swap)
-{
- SECItem uniPwd = {siBuffer, NULL,0}, *retPwd = NULL;
-
- if((password == NULL) || (salt == NULL)) {
- return NULL;
- }
-
- if(password->len == 0) {
- uniPwd.data = (unsigned char*)PORT_ZAlloc(2);
- uniPwd.len = 2;
- if(!uniPwd.data) {
- return NULL;
- }
- } else {
- uniPwd.data = (unsigned char*)PORT_ZAlloc(password->len * 3);
- uniPwd.len = password->len * 3;
- if(!PORT_UCS2_ASCIIConversion(PR_TRUE, password->data, password->len,
- uniPwd.data, uniPwd.len, &uniPwd.len, swap)) {
- SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
- return NULL;
- }
- }
-
- retPwd = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(retPwd == NULL) {
- goto loser;
- }
-
- /* allocate space and copy proper data */
- retPwd->len = uniPwd.len + salt->len;
- retPwd->data = (unsigned char *)PORT_Alloc(retPwd->len);
- if(retPwd->data == NULL) {
- PORT_Free(retPwd);
- goto loser;
- }
-
- PORT_Memcpy(retPwd->data, salt->data, salt->len);
- PORT_Memcpy((retPwd->data + salt->len), uniPwd.data, uniPwd.len);
-
- SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
-
- return retPwd;
-
-loser:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
- return NULL;
-}
-
-/* appends a shrouded key to a key bag. this is used for exporting
- * to store externally wrapped keys. it is used when importing to convert
- * old items to new
- */
-SECStatus
-sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
- SEC_PKCS12ESPVKItem *espvk)
-{
- int size;
- void *mark = NULL, *dummy = NULL;
-
- if((bag == NULL) || (espvk == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(bag->poolp);
-
- /* grow the list */
- size = (bag->nEspvks + 1) * sizeof(SEC_PKCS12ESPVKItem *);
- dummy = (SEC_PKCS12ESPVKItem **)PORT_ArenaGrow(bag->poolp,
- bag->espvks, size,
- size + sizeof(SEC_PKCS12ESPVKItem *));
- bag->espvks = (SEC_PKCS12ESPVKItem**)dummy;
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->espvks[bag->nEspvks] = espvk;
- bag->nEspvks++;
- bag->espvks[bag->nEspvks] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* search a certificate list for a nickname, a thumbprint, or both
- * within a certificate bag. if the certificate could not be
- * found or an error occurs, NULL is returned;
- */
-static SEC_PKCS12CertAndCRL *
-sec_pkcs12_find_cert_in_certbag(SEC_PKCS12CertAndCRLBag *certbag,
- SECItem *nickname, SGNDigestInfo *thumbprint)
-{
- PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
- int i, j;
-
- if((certbag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
- return NULL;
- }
-
- if(thumbprint && nickname) {
- search_both = PR_TRUE;
- }
-
- if(nickname) {
- search_nickname = PR_TRUE;
- }
-
-search_again:
- i = 0;
- while(certbag->certAndCRLs[i] != NULL) {
- SEC_PKCS12CertAndCRL *cert = certbag->certAndCRLs[i];
-
- if(SECOID_FindOIDTag(&cert->BagID) == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
-
- /* check nicknames */
- if(search_nickname) {
- if(SECITEM_CompareItem(nickname, &cert->nickname) == SECEqual) {
- return cert;
- }
- } else {
- /* check thumbprints */
- SECItem **derCertList;
-
- /* get pointer to certificate list, does not need to
- * be freed since it is within the arena which will
- * be freed later.
- */
- derCertList = SEC_PKCS7GetCertificateList(&cert->value.x509->certOrCRL);
- j = 0;
- if(derCertList != NULL) {
- while(derCertList[j] != NULL) {
- SECComparison eq;
- SGNDigestInfo *di;
- di = sec_pkcs12_compute_thumbprint(derCertList[j]);
- if(di) {
- eq = SGN_CompareDigestInfo(thumbprint, di);
- SGN_DestroyDigestInfo(di);
- if(eq == SECEqual) {
- /* copy the derCert for later reference */
- cert->value.x509->derLeafCert = derCertList[j];
- return cert;
- }
- } else {
- /* an error occurred */
- return NULL;
- }
- j++;
- }
- }
- }
- }
-
- i++;
- }
-
- if(search_both) {
- search_both = PR_FALSE;
- search_nickname = PR_FALSE;
- goto search_again;
- }
-
- return NULL;
-}
-
-/* search a key list for a nickname, a thumbprint, or both
- * within a key bag. if the key could not be
- * found or an error occurs, NULL is returned;
- */
-static SEC_PKCS12PrivateKey *
-sec_pkcs12_find_key_in_keybag(SEC_PKCS12PrivateKeyBag *keybag,
- SECItem *nickname, SGNDigestInfo *thumbprint)
-{
- PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
- int i, j;
-
- if((keybag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
- return NULL;
- }
-
- if(keybag->privateKeys == NULL) {
- return NULL;
- }
-
- if(thumbprint && nickname) {
- search_both = PR_TRUE;
- }
-
- if(nickname) {
- search_nickname = PR_TRUE;
- }
-
-search_again:
- i = 0;
- while(keybag->privateKeys[i] != NULL) {
- SEC_PKCS12PrivateKey *key = keybag->privateKeys[i];
-
- /* check nicknames */
- if(search_nickname) {
- if(SECITEM_CompareItem(nickname, &key->pvkData.nickname) == SECEqual) {
- return key;
- }
- } else {
- /* check digests */
- SGNDigestInfo **assocCerts = key->pvkData.assocCerts;
- if((assocCerts == NULL) || (assocCerts[0] == NULL)) {
- return NULL;
- }
-
- j = 0;
- while(assocCerts[j] != NULL) {
- SECComparison eq;
- eq = SGN_CompareDigestInfo(thumbprint, assocCerts[j]);
- if(eq == SECEqual) {
- return key;
- }
- j++;
- }
- }
- i++;
- }
-
- if(search_both) {
- search_both = PR_FALSE;
- search_nickname = PR_FALSE;
- goto search_again;
- }
-
- return NULL;
-}
-
-/* seach the safe first then try the baggage bag
- * safe and bag contain certs and keys to search
- * objType is the object type to look for
- * bagType is the type of bag that was found by sec_pkcs12_find_object
- * index is the entity in safe->safeContents or bag->unencSecrets which
- * is being searched
- * nickname and thumbprint are the search criteria
- *
- * a return of null indicates no match
- */
-static void *
-sec_pkcs12_try_find(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12BaggageItem *bag,
- SECOidTag objType, SECOidTag bagType, int index,
- SECItem *nickname, SGNDigestInfo *thumbprint)
-{
- PRBool searchSafe;
- int i = index;
-
- if((safe == NULL) && (bag == NULL)) {
- return NULL;
- }
-
- searchSafe = (safe == NULL ? PR_FALSE : PR_TRUE);
- switch(objType) {
- case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
- if(objType == bagType) {
- SEC_PKCS12CertAndCRLBag *certBag;
-
- if(searchSafe) {
- certBag = safe->contents[i]->safeContent.certAndCRLBag;
- } else {
- certBag = bag->unencSecrets[i]->safeContent.certAndCRLBag;
- }
- return sec_pkcs12_find_cert_in_certbag(certBag, nickname,
- thumbprint);
- }
- break;
- case SEC_OID_PKCS12_KEY_BAG_ID:
- if(objType == bagType) {
- SEC_PKCS12PrivateKeyBag *keyBag;
-
- if(searchSafe) {
- keyBag = safe->contents[i]->safeContent.keyBag;
- } else {
- keyBag = bag->unencSecrets[i]->safeContent.keyBag;
- }
- return sec_pkcs12_find_key_in_keybag(keyBag, nickname,
- thumbprint);
- }
- break;
- default:
- break;
- }
-
- return NULL;
-}
-
-/* searches both the baggage and the safe areas looking for
- * object of specified type matching either the nickname or the
- * thumbprint specified.
- *
- * safe and baggage store certs and keys
- * objType is the OID for the bag type to be searched:
- * SEC_OID_PKCS12_KEY_BAG_ID, or
- * SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
- * nickname and thumbprint are the search criteria
- *
- * if no match found, NULL returned and error set
- */
-void *
-sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage,
- SECOidTag objType,
- SECItem *nickname,
- SGNDigestInfo *thumbprint)
-{
- int i, j;
- void *retItem;
-
- if(((safe == NULL) && (thumbprint == NULL)) ||
- ((nickname == NULL) && (thumbprint == NULL))) {
- return NULL;
- }
-
- i = 0;
- if((safe != NULL) && (safe->contents != NULL)) {
- while(safe->contents[i] != NULL) {
- SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
- retItem = sec_pkcs12_try_find(safe, NULL, objType, bagType, i,
- nickname, thumbprint);
- if(retItem != NULL) {
- return retItem;
- }
- i++;
- }
- }
-
- if((baggage != NULL) && (baggage->bags != NULL)) {
- i = 0;
- while(baggage->bags[i] != NULL) {
- SEC_PKCS12BaggageItem *xbag = baggage->bags[i];
- j = 0;
- if(xbag->unencSecrets != NULL) {
- while(xbag->unencSecrets[j] != NULL) {
- SECOidTag bagType;
- bagType = SECOID_FindOIDTag(&xbag->unencSecrets[j]->safeBagType);
- retItem = sec_pkcs12_try_find(NULL, xbag, objType, bagType,
- j, nickname, thumbprint);
- if(retItem != NULL) {
- return retItem;
- }
- j++;
- }
- }
- i++;
- }
- }
-
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
- return NULL;
-}
-
-/* this function converts a password to unicode and encures that the
- * required double 0 byte be placed at the end of the string
- */
-PRBool
-sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest,
- SECItem *src, PRBool zeroTerm,
- PRBool asciiConvert, PRBool toUnicode)
-{
- PRBool success = PR_FALSE;
- if(!src || !dest) {
- return PR_FALSE;
- }
-
- dest->len = src->len * 3 + 2;
- if(arena) {
- dest->data = (unsigned char*)PORT_ArenaZAlloc(arena, dest->len);
- } else {
- dest->data = (unsigned char*)PORT_ZAlloc(dest->len);
- }
-
- if(!dest->data) {
- dest->len = 0;
- return PR_FALSE;
- }
-
- if(!asciiConvert) {
- success = PORT_UCS2_UTF8Conversion(toUnicode, src->data, src->len, dest->data,
- dest->len, &dest->len);
- } else {
-#ifndef IS_LITTLE_ENDIAN
- PRBool swapUnicode = PR_FALSE;
-#else
- PRBool swapUnicode = PR_TRUE;
-#endif
- success = PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len, dest->data,
- dest->len, &dest->len, swapUnicode);
- }
-
- if(!success) {
- if(!arena) {
- PORT_Free(dest->data);
- dest->data = NULL;
- dest->len = 0;
- }
- return PR_FALSE;
- }
-
- if((dest->data[dest->len-1] || dest->data[dest->len-2]) && zeroTerm) {
- if(dest->len + 2 > 3 * src->len) {
- if(arena) {
- dest->data = (unsigned char*)PORT_ArenaGrow(arena,
- dest->data, dest->len,
- dest->len + 2);
- } else {
- dest->data = (unsigned char*)PORT_Realloc(dest->data,
- dest->len + 2);
- }
-
- if(!dest->data) {
- return PR_FALSE;
- }
- }
- dest->len += 2;
- dest->data[dest->len-1] = dest->data[dest->len-2] = 0;
- }
-
- return PR_TRUE;
-}
-
-/* pkcs 12 templates */
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_shroud_chooser =
- sec_pkcs12_choose_shroud_type;
-
-const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_ANY, offsetof(SEC_PKCS12SafeBag, derSafeContent) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
- { SEC_ASN1_ANY, offsetof(SEC_PKCS12CertAndCRL, derValue) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
- SEC_PKCS12CodedCertBagTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
- SEC_PKCS12PVKSupportingDataTemplate_OLD },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_DYNAMIC | 0, offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
- &sec_pkcs12_shroud_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
- SEC_PKCS12PVKSupportingDataTemplate },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_DYNAMIC | 0, offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
- &sec_pkcs12_shroud_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKAdditionalDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKAdditionalData) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalType) },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalContent) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN ,
- offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
- offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
- { SEC_ASN1_PRINTABLE_STRING,
- offsetof(SEC_PKCS12PVKSupportingData, nickname) },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN ,
- offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
- offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
- { SEC_ASN1_BMP_STRING,
- offsetof(SEC_PKCS12PVKSupportingData, uniNickName) },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12BaggageItem) },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, espvks),
- SEC_PKCS12ESPVKItemTemplate },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
- SEC_PKCS12SafeBagTemplate },
- /*{ SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
- SEC_PKCS12CodedSafeBagTemplate }, */
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage, bags),
- SEC_PKCS12BaggageItemTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage_OLD, espvks),
- SEC_PKCS12ESPVKItemTemplate_OLD },
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser =
- sec_pkcs12_choose_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser_old =
- sec_pkcs12_choose_bag_type_old;
-
-const SEC_ASN1Template SEC_PKCS12SafeBagTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12SafeBag, safeContent),
- &sec_pkcs12_bag_chooser_old },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
- offsetof(SEC_PKCS12SafeBag, safeContent),
- &sec_pkcs12_bag_chooser },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BMP_STRING,
- offsetof(SEC_PKCS12SafeBag, uniSafeBagName) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[] =
-{
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS12SafeContents, contents),
- SEC_PKCS12SafeBagTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[] =
-{
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS12SafeContents, contents),
- SEC_PKCS12SafeBagTemplate } /* here */
-};
-
-const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKey) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12PrivateKey, pvkData),
- SEC_PKCS12PVKSupportingDataTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS12PrivateKey, pkcs8data),
- SEC_ASN1_SUB(SECKEY_PrivateKeyInfoTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKeyBag) },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12PrivateKeyBag, privateKeys),
- SEC_PKCS12PrivateKeyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
- sec_PKCS7ContentInfoTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN ,
- offsetof(SEC_PKCS12X509CertCRL, thumbprint),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
- { SEC_ASN1_IA5_STRING, offsetof(SEC_PKCS12SDSICert, value) },
- { 0 }
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser_old =
- sec_pkcs12_choose_cert_crl_type_old;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser =
- sec_pkcs12_choose_cert_crl_type;
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT |
- SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | 0,
- offsetof(SEC_PKCS12CertAndCRL, value),
- &sec_pkcs12_cert_crl_chooser_old },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12CertAndCRL, value),
- &sec_pkcs12_cert_crl_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
- SEC_PKCS12CertAndCRLTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRLBag) },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
- SEC_PKCS12CertAndCRLTemplate_OLD },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SecretAdditional) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS12SecretAdditional, secretAdditionalType) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT,
- offsetof(SEC_PKCS12SecretAdditional, secretAdditionalContent) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
- { SEC_ASN1_BMP_STRING, offsetof(SEC_PKCS12Secret, uniSecretName) },
- { SEC_ASN1_ANY, offsetof(SEC_PKCS12Secret, value) },
- { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12Secret, secretAdditional),
- SEC_PKCS12SecretAdditionalTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
- { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12SecretItem, secret), SEC_PKCS12SecretTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12SecretItem, subFolder), SEC_PKCS12SafeBagTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12SecretBag, secrets),
- SEC_PKCS12SecretItemTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12MacDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(SEC_PKCS12MacData, safeMac),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_BIT_STRING, offsetof(SEC_PKCS12MacData, macSalt) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
- { SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12PFXItem, macData), SEC_PKCS12MacDataTemplate },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12PFXItem, authSafe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
- { SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS12PFXItem, old_safeMac),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
- offsetof(SEC_PKCS12PFXItem, old_macSalt) },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12PFXItem, authSafe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS12AuthenticatedSafe, version) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
- { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS12AuthenticatedSafe, baggage.bags),
- SEC_PKCS12BaggageItemTemplate },
- { SEC_ASN1_POINTER,
- offsetof(SEC_PKCS12AuthenticatedSafe, safe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS12AuthenticatedSafe, version) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
- { SEC_ASN1_BIT_STRING,
- offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12AuthenticatedSafe, old_baggage),
- SEC_PKCS12BaggageTemplate_OLD },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12AuthenticatedSafe, old_safe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12PrivateKeyBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12SecretBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12SDSICertTemplate }
-};
-
-
diff --git a/security/nss/lib/pkcs12/p12local.h b/security/nss/lib/pkcs12/p12local.h
deleted file mode 100644
index e0333e2c3..000000000
--- a/security/nss/lib/pkcs12/p12local.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _P12LOCAL_H_
-#define _P12LOCAL_H_
-
-#include "plarena.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-#include "secpkcs7.h"
-#include "pkcs12.h"
-#include "p12.h"
-
-/* helper functions */
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding);
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding);
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding);
-extern SECItem *sec_pkcs12_generate_salt(void);
-extern SECItem *sec_pkcs12_generate_key_from_password(SECOidTag algorithm,
- SECItem *salt, SECItem *password);
-extern SECItem *sec_pkcs12_generate_mac(SECItem *key, SECItem *msg,
- PRBool old_method);
-extern SGNDigestInfo *sec_pkcs12_compute_thumbprint(SECItem *der_cert);
-extern SECItem *sec_pkcs12_create_virtual_password(SECItem *password,
- SECItem *salt, PRBool swapUnicodeBytes);
-extern SECStatus sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
- SEC_PKCS12ESPVKItem *espvk);
-extern void *sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage, SECOidTag objType,
- SECItem *nickname, SGNDigestInfo *thumbprint);
-extern PRBool sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest,
- SECItem *src, PRBool zeroTerm,
- PRBool asciiConvert, PRBool toUnicode);
-extern CK_MECHANISM_TYPE sec_pkcs12_algtag_to_mech(SECOidTag algtag);
-
-/* create functions */
-extern SEC_PKCS12PFXItem *sec_pkcs12_new_pfx(void);
-extern SEC_PKCS12SafeContents *sec_pkcs12_create_safe_contents(
- PRArenaPool *poolp);
-extern SEC_PKCS12Baggage *sec_pkcs12_create_baggage(PRArenaPool *poolp);
-extern SEC_PKCS12BaggageItem *sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage);
-extern void SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx);
-extern SEC_PKCS12AuthenticatedSafe *sec_pkcs12_new_asafe(PRArenaPool *poolp);
-
-/* conversion from old to new */
-extern SEC_PKCS12DecoderContext *
-sec_PKCS12ConvertOldSafeToNew(PRArenaPool *arena, PK11SlotInfo *slot,
- PRBool swapUnicode, SECItem *pwitem,
- void *wincx, SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage);
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12plcy.c b/security/nss/lib/pkcs12/p12plcy.c
deleted file mode 100644
index a62be5fe7..000000000
--- a/security/nss/lib/pkcs12/p12plcy.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "p12plcy.h"
-#include "secoid.h"
-#include "secport.h"
-#include "secpkcs5.h"
-
-#define PKCS12_NULL 0x0000
-
-typedef struct pkcs12SuiteMapStr {
- SECOidTag algTag;
- unsigned int keyLengthBits; /* in bits */
- unsigned long suite;
- PRBool allowed;
- PRBool preferred;
-} pkcs12SuiteMap;
-
-static pkcs12SuiteMap pkcs12SuiteMaps[] = {
- { SEC_OID_RC4, 40, PKCS12_RC4_40, PR_FALSE, PR_FALSE},
- { SEC_OID_RC4, 128, PKCS12_RC4_128, PR_FALSE, PR_FALSE},
- { SEC_OID_RC2_CBC, 40, PKCS12_RC2_CBC_40, PR_FALSE, PR_TRUE},
- { SEC_OID_RC2_CBC, 128, PKCS12_RC2_CBC_128, PR_FALSE, PR_FALSE},
- { SEC_OID_DES_CBC, 64, PKCS12_DES_56, PR_FALSE, PR_FALSE},
- { SEC_OID_DES_EDE3_CBC, 192, PKCS12_DES_EDE3_168, PR_FALSE, PR_FALSE},
- { SEC_OID_UNKNOWN, 0, PKCS12_NULL, PR_FALSE, PR_FALSE},
- { SEC_OID_UNKNOWN, 0, 0L, PR_FALSE, PR_FALSE}
-};
-
-/* determine if algid is an algorithm which is allowed */
-PRBool
-SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid)
-{
- unsigned int keyLengthBits;
- SECOidTag algId;
- int i;
-
- algId = SEC_PKCS5GetCryptoAlgorithm(algid);
- if(algId == SEC_OID_UNKNOWN) {
- return PR_FALSE;
- }
-
- keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8);
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if((pkcs12SuiteMaps[i].algTag == algId) &&
- (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) {
-
- return pkcs12SuiteMaps[i].allowed;
- }
- i++;
- }
-
- return PR_FALSE;
-}
-
-/* is any encryption allowed? */
-PRBool
-SEC_PKCS12IsEncryptionAllowed(void)
-{
- int i;
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if(pkcs12SuiteMaps[i].allowed == PR_TRUE) {
- return PR_TRUE;
- }
- i++;
- }
-
- return PR_FALSE;
-}
-
-/* get the preferred algorithm.
- */
-SECOidTag
-SEC_PKCS12GetPreferredEncryptionAlgorithm(void)
-{
- int i;
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if((pkcs12SuiteMaps[i].preferred == PR_TRUE) &&
- (pkcs12SuiteMaps[i].allowed == PR_TRUE)) {
- return SEC_PKCS5GetPBEAlgorithm(pkcs12SuiteMaps[i].algTag,
- pkcs12SuiteMaps[i].keyLengthBits);
- }
- i++;
- }
-
- return SEC_OID_UNKNOWN;
-}
-
-/* return the strongest algorithm allowed */
-SECOidTag
-SEC_PKCS12GetStrongestAllowedAlgorithm(void)
-{
- int i, keyLengthBits = 0;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if((pkcs12SuiteMaps[i].allowed == PR_TRUE) &&
- (pkcs12SuiteMaps[i].keyLengthBits > (unsigned int)keyLengthBits) &&
- (pkcs12SuiteMaps[i].algTag != SEC_OID_RC4)) {
- algorithm = pkcs12SuiteMaps[i].algTag;
- keyLengthBits = pkcs12SuiteMaps[i].keyLengthBits;
- }
- i++;
- }
-
- if(algorithm == SEC_OID_UNKNOWN) {
- return SEC_OID_UNKNOWN;
- }
-
- return SEC_PKCS5GetPBEAlgorithm(algorithm, keyLengthBits);
-}
-
-SECStatus
-SEC_PKCS12EnableCipher(long which, int on)
-{
- int i;
-
- i = 0;
- while(pkcs12SuiteMaps[i].suite != 0L) {
- if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
- if(on) {
- pkcs12SuiteMaps[i].allowed = PR_TRUE;
- } else {
- pkcs12SuiteMaps[i].allowed = PR_FALSE;
- }
- return SECSuccess;
- }
- i++;
- }
-
- return SECFailure;
-}
-
-SECStatus
-SEC_PKCS12SetPreferredCipher(long which, int on)
-{
- int i;
- PRBool turnedOff = PR_FALSE;
- PRBool turnedOn = PR_FALSE;
-
- i = 0;
- while(pkcs12SuiteMaps[i].suite != 0L) {
- if(pkcs12SuiteMaps[i].preferred == PR_TRUE) {
- pkcs12SuiteMaps[i].preferred = PR_FALSE;
- turnedOff = PR_TRUE;
- }
- if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
- pkcs12SuiteMaps[i].preferred = PR_TRUE;
- turnedOn = PR_TRUE;
- }
- i++;
- }
-
- if((turnedOn) && (turnedOff)) {
- return SECSuccess;
- }
-
- return SECFailure;
-}
-
diff --git a/security/nss/lib/pkcs12/p12plcy.h b/security/nss/lib/pkcs12/p12plcy.h
deleted file mode 100644
index 4e99608cb..000000000
--- a/security/nss/lib/pkcs12/p12plcy.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _P12PLCY_H_
-#define _P12PLCY_H_
-
-#include "secoid.h"
-#include "ciferfam.h"
-
-SEC_BEGIN_PROTOS
-
-/* for the algid specified, can we decrypt it ? */
-extern PRBool SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid);
-
-/* is encryption allowed? */
-extern PRBool SEC_PKCS12IsEncryptionAllowed(void);
-
-/* get the preferred encryption algorithm */
-extern SECOidTag SEC_PKCS12GetPreferredEncryptionAlgorithm(void);
-
-/* get the stronget crypto allowed (based on order in the table */
-extern SECOidTag SEC_PKCS12GetStrongestAllowedAlgorithm(void);
-
-/* enable a cipher for encryption/decryption */
-extern SECStatus SEC_PKCS12EnableCipher(long which, int on);
-
-/* return the preferred cipher for encryption */
-extern SECStatus SEC_PKCS12SetPreferredCipher(long which, int on);
-
-SEC_END_PROTOS
-#endif
diff --git a/security/nss/lib/pkcs12/p12t.h b/security/nss/lib/pkcs12/p12t.h
deleted file mode 100644
index 9e5e5eb39..000000000
--- a/security/nss/lib/pkcs12/p12t.h
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _P12T_H_
-#define _P12T_H_
-
-#include "secoid.h"
-#include "key.h"
-#include "pkcs11.h"
-#include "secpkcs7.h"
-#include "secdig.h" /* for SGNDigestInfo */
-#include "pkcs12t.h"
-
-#define SEC_PKCS12_VERSION 3
-
-/* structure declarations */
-typedef struct sec_PKCS12PFXItemStr sec_PKCS12PFXItem;
-typedef struct sec_PKCS12MacDataStr sec_PKCS12MacData;
-typedef struct sec_PKCS12AuthenticatedSafeStr sec_PKCS12AuthenticatedSafe;
-typedef struct sec_PKCS12SafeContentsStr sec_PKCS12SafeContents;
-typedef struct sec_PKCS12SafeBagStr sec_PKCS12SafeBag;
-typedef struct sec_PKCS12PKCS8ShroudedKeyBagStr sec_PKCS12PKCS8ShroudedKeyBag;
-typedef struct sec_PKCS12CertBagStr sec_PKCS12CertBag;
-typedef struct sec_PKCS12CRLBagStr sec_PKCS12CRLBag;
-typedef struct sec_PKCS12SecretBag sec_PKCS12SecretBag;
-typedef struct sec_PKCS12AttributeStr sec_PKCS12Attribute;
-
-struct sec_PKCS12CertBagStr {
- /* what type of cert is stored? */
- SECItem bagID;
-
- /* certificate information */
- union {
- SECItem x509Cert;
- SECItem SDSICert;
- } value;
-};
-
-struct sec_PKCS12CRLBagStr {
- /* what type of cert is stored? */
- SECItem bagID;
-
- /* certificate information */
- union {
- SECItem x509CRL;
- } value;
-};
-
-struct sec_PKCS12SecretBag {
- /* what type of secret? */
- SECItem secretType;
-
- /* secret information. ssshhhh be vewy vewy quiet. */
- SECItem secretContent;
-};
-
-struct sec_PKCS12AttributeStr {
- SECItem attrType;
- SECItem **attrValue;
-};
-
-struct sec_PKCS12SafeBagStr {
-
- /* What type of bag are we using? */
- SECItem safeBagType;
-
- /* Dependent upon the type of bag being used. */
- union {
- SECKEYPrivateKeyInfo *pkcs8KeyBag;
- SECKEYEncryptedPrivateKeyInfo *pkcs8ShroudedKeyBag;
- sec_PKCS12CertBag *certBag;
- sec_PKCS12CRLBag *crlBag;
- sec_PKCS12SecretBag *secretBag;
- sec_PKCS12SafeContents *safeContents;
- } safeBagContent;
-
- sec_PKCS12Attribute **attribs;
-
- /* used locally */
- SECOidData *bagTypeTag;
- PRArenaPool *arena;
- unsigned int nAttribs;
-
- /* used for validation/importing */
- PRBool problem, noInstall, validated, hasKey, unused, installed;
- int error;
-
- PRBool swapUnicodeBytes;
- PK11SlotInfo *slot;
- SECItem *pwitem;
- PRBool oldBagType;
- SECPKCS12TargetTokenCAs tokenCAs;
-};
-
-struct sec_PKCS12SafeContentsStr {
- sec_PKCS12SafeBag **safeBags;
- SECItem **encodedSafeBags;
-
- /* used locally */
- PRArenaPool *arena;
- unsigned int bagCount;
-};
-
-struct sec_PKCS12MacDataStr {
- SGNDigestInfo safeMac;
- SECItem macSalt;
- SECItem iter;
-};
-
-struct sec_PKCS12PFXItemStr {
-
- SECItem version;
-
- /* Content type will either be Data (password integrity mode)
- * or signedData (public-key integrity mode)
- */
- SEC_PKCS7ContentInfo *authSafe;
- SECItem encodedAuthSafe;
-
- /* Only present in password integrity mode */
- sec_PKCS12MacData macData;
- SECItem encodedMacData;
-};
-
-struct sec_PKCS12AuthenticatedSafeStr {
- /* Content type will either be encryptedData (password privacy mode)
- * or envelopedData (public-key privacy mode)
- */
- SEC_PKCS7ContentInfo **safes;
- SECItem **encodedSafes;
-
- /* used locally */
- unsigned int safeCount;
- SECItem dummySafe;
-};
-
-extern const SEC_ASN1Template sec_PKCS12PFXItemTemplate[];
-extern const SEC_ASN1Template sec_PKCS12MacDataTemplate[];
-extern const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12CertBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12CRLBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[];
-extern const SEC_ASN1Template sec_PKCS12AttributeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeBagTemplate[];
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12tmpl.c b/security/nss/lib/pkcs12/p12tmpl.c
deleted file mode 100644
index e58816386..000000000
--- a/security/nss/lib/pkcs12/p12tmpl.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "p12t.h"
-
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12SafeBag *safeBag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- safeBag = (sec_PKCS12SafeBag*)src_or_dest;
-
- oiddata = SECOID_FindOID(&safeBag->safeBagType);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate);
- break;
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- theTemplate = sec_PKCS12PointerToCertBagTemplate;
- break;
- case SEC_OID_PKCS12_V1_CRL_BAG_ID:
- theTemplate = sec_PKCS12PointerToCRLBagTemplate;
- break;
- case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
- theTemplate = sec_PKCS12PointerToSecretBagTemplate;
- break;
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- theTemplate =
- SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
- break;
- case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
- if(encoding) {
- theTemplate = sec_PKCS12PointerToSafeContentsTemplate;
- } else {
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- }
- break;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_crl_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12CRLBag *crlbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- crlbag = (sec_PKCS12CRLBag*)src_or_dest;
-
- oiddata = SECOID_FindOID(&crlbag->bagID);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_X509_CRL:
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_cert_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12CertBag *certbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- certbag = (sec_PKCS12CertBag*)src_or_dest;
-
- oiddata = SECOID_FindOID(&certbag->bagID);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_X509_CERT:
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS9_SDSI_CERT:
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_attr_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12Attribute *attr;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- attr = (sec_PKCS12Attribute*)src_or_dest;
-
- oiddata = SECOID_FindOID(&attr->attrType);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_FRIENDLY_NAME:
- theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
- break;
- case SEC_OID_PKCS9_LOCAL_KEY_ID:
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS12_KEY_USAGE:
- theTemplate = SEC_ASN1_GET(SEC_BitStringTemplate);
- break;
- }
-
- return theTemplate;
-}
-
-
-const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, sec_PKCS7ContentInfoTemplate }
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_crl_bag_chooser =
- sec_pkcs12_choose_crl_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_bag_chooser =
- sec_pkcs12_choose_cert_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_safe_bag_chooser =
- sec_pkcs12_choose_safe_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_attr_chooser =
- sec_pkcs12_choose_attr_type;
-
-const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12CertBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12CRLBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12SecretBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12SafeContentsTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PFXItemTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
- sizeof(sec_PKCS12PFXItem) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(sec_PKCS12PFXItem, version) },
- { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
- offsetof(sec_PKCS12PFXItem, encodedAuthSafe) },
- { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
- offsetof(sec_PKCS12PFXItem, encodedMacData) },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12MacDataTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12MacData) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(sec_PKCS12MacData, safeMac),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OCTET_STRING, offsetof(sec_PKCS12MacData, macSalt) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, offsetof(sec_PKCS12MacData, iter) },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN ,
- offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes),
- SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeBagTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
- sizeof(sec_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(sec_PKCS12SafeBag, safeBagContent),
- &sec_pkcs12_safe_bag_chooser },
- { SEC_ASN1_SET_OF | SEC_ASN1_OPTIONAL, offsetof(sec_PKCS12SafeBag, attribs),
- sec_PKCS12AttributeTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM,
- offsetof(sec_PKCS12SafeContents, safeBags),
- sec_PKCS12SafeBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12SequenceOfAnyTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , 0,
- SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
- offsetof(sec_PKCS12SafeContents, encodedSafeBags),
- sec_PKCS12SequenceOfAnyTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN ,
- offsetof(sec_PKCS12SafeContents, encodedSafeBags),
- SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12CRLBagTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CRLBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CRLBag, bagID) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
- offsetof(sec_PKCS12CRLBag, value), &sec_pkcs12_crl_bag_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12CertBagTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CertBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CertBag, bagID) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(sec_PKCS12CertBag, value), &sec_pkcs12_cert_bag_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12SecretBagTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12SecretBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SecretBag, secretType) },
- { SEC_ASN1_ANY, offsetof(sec_PKCS12SecretBag, secretContent) },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12Attribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12Attribute, attrType) },
- { SEC_ASN1_SET_OF | SEC_ASN1_DYNAMIC,
- offsetof(sec_PKCS12Attribute, attrValue),
- &sec_pkcs12_attr_chooser },
- { 0 }
-};
diff --git a/security/nss/lib/pkcs12/pkcs12.h b/security/nss/lib/pkcs12/pkcs12.h
deleted file mode 100644
index 8aab159b6..000000000
--- a/security/nss/lib/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _PKCS12_H_
-#define _PKCS12_H_
-
-#include "pkcs12t.h"
-#include "p12.h"
-
-SEC_BEGIN_PROTOS
-
-typedef SECItem * (* SEC_PKCS12GetPassword)(void *arg);
-
-/* Decode functions */
-/* Import a PFX item.
- * der_pfx is the der-encoded pfx item to import.
- * pbef, and pbefarg are used to retrieve passwords for the HMAC,
- * and any passwords needed for passing to PKCS5 encryption
- * routines.
- * algorithm is the algorithm by which private keys are stored in
- * the key database. this could be a specific algorithm or could
- * be based on a global setting.
- * slot is the slot to where the certificates will be placed. if NULL,
- * the internal key slot is used.
- * If the process is successful, a SECSuccess is returned, otherwise
- * a failure occurred.
- */
-SECStatus
-SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
- SEC_PKCS12NicknameCollisionCallback ncCall,
- PK11SlotInfo *slot, void *wincx);
-
-/* check the first two bytes of a file to make sure that it matches
- * the desired header for a PKCS 12 file
- */
-PRBool SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pkcs12/pkcs12t.h b/security/nss/lib/pkcs12/pkcs12t.h
deleted file mode 100644
index 7181fc8f9..000000000
--- a/security/nss/lib/pkcs12/pkcs12t.h
+++ /dev/null
@@ -1,395 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PKCS12T_H_
-#define _PKCS12T_H_
-
-#include "seccomon.h"
-#include "secoid.h"
-#include "cert.h"
-#include "key.h"
-#include "plarena.h"
-#include "secpkcs7.h"
-#include "secdig.h" /* for SGNDigestInfo */
-
-typedef enum {
- SECPKCS12TargetTokenNoCAs, /* CA get loaded intothe fixed token,
- * User certs go to target token */
- SECPKCS12TargetTokenIntermediateCAs, /* User certs and intermediates go to
- * target token, root certs got to
- * fixed token */
- SECPKCS12TargetTokenAllCAs /* All certs go to target token */
-} SECPKCS12TargetTokenCAs;
-
-/* PKCS12 Structures */
-typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;
-typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;
-typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;
-typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;
-typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;
-typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;
-typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;
-typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;
-typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;
-typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;
-typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;
-typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;
-typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;
-typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;
-typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;
-typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;
-typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;
-typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;
-typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;
-typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;
-typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;
-
-typedef SECItem *(* SEC_PKCS12PasswordFunc)(SECItem *args);
-
-/* PKCS12 types */
-
-/* stores shrouded keys */
-struct SEC_PKCS12BaggageStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12BaggageItem **bags;
-
- int luggage_size; /* used locally */
-};
-
-/* additional data to be associated with keys. currently there
- * is nothing defined to be stored here. allows future expansion.
- */
-struct SEC_PKCS12PVKAdditionalDataStr
-{
- PRArenaPool *poolp;
- SECOidData *pvkAdditionalTypeTag; /* used locally */
- SECItem pvkAdditionalType;
- SECItem pvkAdditionalContent;
-};
-
-/* cert and other supporting data for private keys. used
- * for both shrouded and non-shrouded keys.
- */
-struct SEC_PKCS12PVKSupportingDataStr
-{
- PRArenaPool *poolp;
- SGNDigestInfo **assocCerts;
- SECItem regenerable;
- SECItem nickname;
- SEC_PKCS12PVKAdditionalData pvkAdditional;
- SECItem pvkAdditionalDER;
-
- SECItem uniNickName;
- /* used locally */
- int nThumbs;
-};
-
-/* shrouded key structure. supports only pkcs8 shrouding
- * currently.
- */
-struct SEC_PKCS12ESPVKItemStr
-{
- PRArenaPool *poolp; /* used locally */
- SECOidData *espvkTag; /* used locally */
- SECItem espvkOID;
- SEC_PKCS12PVKSupportingData espvkData;
- union
- {
- SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;
- } espvkCipherText;
-
- PRBool duplicate; /* used locally */
- PRBool problem_cert; /* used locally */
- PRBool single_cert; /* used locally */
- int nCerts; /* used locally */
- SECItem derCert; /* used locally */
-};
-
-/* generic bag store for the safe. safeBagType identifies
- * the type of bag stored.
- */
-struct SEC_PKCS12SafeBagStr
-{
- PRArenaPool *poolp;
- SECOidData *safeBagTypeTag; /* used locally */
- SECItem safeBagType;
- union
- {
- SEC_PKCS12PrivateKeyBag *keyBag;
- SEC_PKCS12CertAndCRLBag *certAndCRLBag;
- SEC_PKCS12SecretBag *secretBag;
- } safeContent;
-
- SECItem derSafeContent;
- SECItem safeBagName;
-
- SECItem uniSafeBagName;
-};
-
-/* stores private keys and certificates in a list. each safebag
- * has an ID identifying the type of content stored.
- */
-struct SEC_PKCS12SafeContentsStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12SafeBag **contents;
-
- /* used for tracking purposes */
- int safe_size;
- PRBool old;
- PRBool swapUnicode;
- PRBool possibleSwapUnicode;
-};
-
-/* private key structure which holds encrypted private key and
- * supporting data including nickname and certificate thumbprint.
- */
-struct SEC_PKCS12PrivateKeyStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12PVKSupportingData pvkData;
- SECKEYPrivateKeyInfo pkcs8data; /* borrowed from PKCS 8 */
-
- PRBool duplicate; /* used locally */
- PRBool problem_cert;/* used locally */
- PRBool single_cert; /* used locally */
- int nCerts; /* used locally */
- SECItem derCert; /* used locally */
-};
-
-/* private key bag, holds a (null terminated) list of private key
- * structures.
- */
-struct SEC_PKCS12PrivateKeyBagStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12PrivateKey **privateKeys;
-
- int bag_size; /* used locally */
-};
-
-/* container to hold certificates. currently supports x509
- * and sdsi certificates
- */
-struct SEC_PKCS12CertAndCRLStr
-{
- PRArenaPool *poolp;
- SECOidData *BagTypeTag; /* used locally */
- SECItem BagID;
- union
- {
- SEC_PKCS12X509CertCRL *x509;
- SEC_PKCS12SDSICert *sdsi;
- } value;
-
- SECItem derValue;
- SECItem nickname; /* used locally */
- PRBool duplicate; /* used locally */
-};
-
-/* x509 certificate structure. typically holds the der encoding
- * of the x509 certificate. thumbprint contains a digest of the
- * certificate
- */
-struct SEC_PKCS12X509CertCRLStr
-{
- PRArenaPool *poolp;
- SEC_PKCS7ContentInfo certOrCRL;
- SGNDigestInfo thumbprint;
-
- SECItem *derLeafCert; /* used locally */
-};
-
-/* sdsi certificate structure. typically holds the der encoding
- * of the sdsi certificate. thumbprint contains a digest of the
- * certificate
- */
-struct SEC_PKCS12SDSICertStr
-{
- PRArenaPool *poolp;
- SECItem value;
- SGNDigestInfo thumbprint;
-};
-
-/* contains a null terminated list of certs and crls */
-struct SEC_PKCS12CertAndCRLBagStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12CertAndCRL **certAndCRLs;
-
- int bag_size; /* used locally */
-};
-
-/* additional secret information. currently no information
- * stored in this structure.
- */
-struct SEC_PKCS12SecretAdditionalStr
-{
- PRArenaPool *poolp;
- SECOidData *secretTypeTag; /* used locally */
- SECItem secretAdditionalType;
- SECItem secretAdditionalContent;
-};
-
-/* secrets container. this will be used to contain currently
- * unspecified secrets. (it's a secret)
- */
-struct SEC_PKCS12SecretStr
-{
- PRArenaPool *poolp;
- SECItem secretName;
- SECItem value;
- SEC_PKCS12SecretAdditional secretAdditional;
-
- SECItem uniSecretName;
-};
-
-struct SEC_PKCS12SecretItemStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12Secret secret;
- SEC_PKCS12SafeBag subFolder;
-};
-
-/* a bag of secrets. holds a null terminated list of secrets.
- */
-struct SEC_PKCS12SecretBagStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12SecretItem **secrets;
-
- int bag_size; /* used locally */
-};
-
-struct SEC_PKCS12MacDataStr
-{
- SGNDigestInfo safeMac;
- SECItem macSalt;
-};
-
-/* outer transfer unit */
-struct SEC_PKCS12PFXItemStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12MacData macData;
- SEC_PKCS7ContentInfo authSafe;
-
- /* for compatibility with beta */
- PRBool old;
- SGNDigestInfo old_safeMac;
- SECItem old_macSalt;
-
- /* compatibility between platforms for unicode swapping */
- PRBool swapUnicode;
-};
-
-struct SEC_PKCS12BaggageItemStr {
- PRArenaPool *poolp;
- SEC_PKCS12ESPVKItem **espvks;
- SEC_PKCS12SafeBag **unencSecrets;
-
- int nEspvks;
- int nSecrets;
-};
-
-/* stores shrouded keys */
-struct SEC_PKCS12Baggage_OLDStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12ESPVKItem **espvks;
-
- int luggage_size; /* used locally */
-};
-
-/* authenticated safe, stores certs, keys, and shrouded keys */
-struct SEC_PKCS12AuthenticatedSafeStr
-{
- PRArenaPool *poolp;
- SECItem version;
- SECOidData *transportTypeTag; /* local not part of encoding*/
- SECItem transportMode;
- SECItem privacySalt;
- SEC_PKCS12Baggage baggage;
- SEC_PKCS7ContentInfo *safe;
-
- /* used for beta compatibility */
- PRBool old;
- PRBool emptySafe;
- SEC_PKCS12Baggage_OLD old_baggage;
- SEC_PKCS7ContentInfo old_safe;
- PRBool swapUnicode;
-};
-#define SEC_PKCS12_PFX_VERSION 1 /* what we create */
-
-
-
-/* PKCS 12 Templates */
-extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];
-extern const SEC_ASN1Template SGN_DigestInfoTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];
-#endif
diff --git a/security/nss/lib/pkcs7/Makefile b/security/nss/lib/pkcs7/Makefile
deleted file mode 100644
index cb85677bc..000000000
--- a/security/nss/lib/pkcs7/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c
deleted file mode 100644
index af5504f94..000000000
--- a/security/nss/lib/pkcs7/certread.c
+++ /dev/null
@@ -1,540 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "base64.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-
-SECStatus
-SEC_ReadPKCS7Certs(SECItem *pkcs7Item, CERTImportCertificateFunc f, void *arg)
-{
- SEC_PKCS7ContentInfo *contentInfo = NULL;
- SECStatus rv;
- SECItem **certs;
- int count;
-
- contentInfo = SEC_PKCS7DecodeItem(pkcs7Item, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL);
- if ( contentInfo == NULL ) {
- goto loser;
- }
-
- if ( SEC_PKCS7ContentType (contentInfo) != SEC_OID_PKCS7_SIGNED_DATA ) {
- goto loser;
- }
-
- certs = contentInfo->content.signedData->rawCerts;
- if ( certs ) {
- count = 0;
-
- while ( *certs ) {
- count++;
- certs++;
- }
- rv = (* f)(arg, contentInfo->content.signedData->rawCerts, count);
- }
-
- rv = SECSuccess;
-
- goto done;
-loser:
- rv = SECFailure;
-
-done:
- if ( contentInfo ) {
- SEC_PKCS7DestroyContentInfo(contentInfo);
- }
-
- return(rv);
-}
-
-const SEC_ASN1Template SEC_CertSequenceTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-SECStatus
-SEC_ReadCertSequence(SECItem *certsItem, CERTImportCertificateFunc f, void *arg)
-{
- SECStatus rv;
- SECItem **certs;
- int count;
- SECItem **rawCerts = NULL;
- PRArenaPool *arena;
- SEC_PKCS7ContentInfo *contentInfo = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return SECFailure;
- }
-
- contentInfo = SEC_PKCS7DecodeItem(certsItem, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL);
- if ( contentInfo == NULL ) {
- goto loser;
- }
-
- if ( SEC_PKCS7ContentType (contentInfo) != SEC_OID_NS_TYPE_CERT_SEQUENCE ) {
- goto loser;
- }
-
-
- rv = SEC_ASN1DecodeItem(arena, &rawCerts, SEC_CertSequenceTemplate,
- contentInfo->content.data);
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- certs = rawCerts;
- if ( certs ) {
- count = 0;
-
- while ( *certs ) {
- count++;
- certs++;
- }
- rv = (* f)(arg, rawCerts, count);
- }
-
- rv = SECSuccess;
-
- goto done;
-loser:
- rv = SECFailure;
-
-done:
- if ( contentInfo ) {
- SEC_PKCS7DestroyContentInfo(contentInfo);
- }
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-CERTCertificate *
-CERT_ConvertAndDecodeCertificate(char *certstr)
-{
- CERTCertificate *cert;
- SECStatus rv;
- SECItem der;
-
- rv = ATOB_ConvertAsciiToItem(&der, certstr);
- if (rv != SECSuccess)
- return NULL;
-
- cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- &der, NULL, PR_FALSE, PR_TRUE);
-
- PORT_Free(der.data);
- return cert;
-}
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-#define CERTIFICATE_TYPE_STRING "certificate"
-#define CERTIFICATE_TYPE_LEN (sizeof(CERTIFICATE_TYPE_STRING)-1)
-
-CERTPackageType
-CERT_CertPackageType(SECItem *package, SECItem *certitem)
-{
- unsigned char *cp;
- unsigned int seqLen, seqLenLen;
- SECItem oiditem;
- SECOidData *oiddata;
- CERTPackageType type = certPackageNone;
-
- cp = package->data;
-
- /* is a DER encoded certificate of some type? */
- if ( ( *cp & 0x1f ) == SEC_ASN1_SEQUENCE ) {
- cp++;
-
- if ( *cp & 0x80) {
- /* Multibyte length */
- seqLenLen = cp[0] & 0x7f;
-
- switch (seqLenLen) {
- case 4:
- seqLen = ((unsigned long)cp[1]<<24) |
- ((unsigned long)cp[2]<<16) | (cp[3]<<8) | cp[4];
- break;
- case 3:
- seqLen = ((unsigned long)cp[1]<<16) | (cp[2]<<8) | cp[3];
- break;
- case 2:
- seqLen = (cp[1]<<8) | cp[2];
- break;
- case 1:
- seqLen = cp[1];
- break;
- default:
- /* indefinite length */
- seqLen = 0;
- }
- cp += ( seqLenLen + 1 );
-
- } else {
- seqLenLen = 0;
- seqLen = *cp;
- cp++;
- }
-
- /* check entire length if definite length */
- if ( seqLen || seqLenLen ) {
- if ( package->len != ( seqLen + seqLenLen + 2 ) ) {
- /* not a DER package */
- return(type);
- }
- }
-
- /* check the type string */
- /* netscape wrapped DER cert */
- if ( ( cp[0] == SEC_ASN1_OCTET_STRING ) &&
- ( cp[1] == CERTIFICATE_TYPE_LEN ) &&
- ( PORT_Strcmp((char *)&cp[2], CERTIFICATE_TYPE_STRING) ) ) {
-
- cp += ( CERTIFICATE_TYPE_LEN + 2 );
-
- /* it had better be a certificate by now!! */
- if ( certitem ) {
- certitem->data = cp;
- certitem->len = package->len -
- ( cp - (unsigned char *)package->data );
- }
- type = certPackageNSCertWrap;
-
- } else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
- /* XXX - assume DER encoding of OID len!! */
- oiditem.len = cp[1];
- oiditem.data = (unsigned char *)&cp[2];
- oiddata = SECOID_FindOID(&oiditem);
- if ( oiddata == NULL ) {
- /* failure */
- return(type);
- }
-
- if ( certitem ) {
- certitem->data = package->data;
- certitem->len = package->len;
- }
-
- switch ( oiddata->offset ) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- type = certPackagePKCS7;
- break;
- case SEC_OID_NS_TYPE_CERT_SEQUENCE:
- type = certPackageNSCertSeq;
- break;
- default:
- break;
- }
-
- } else {
- /* it had better be a certificate by now!! */
- if ( certitem ) {
- certitem->data = package->data;
- certitem->len = package->len;
- }
-
- type = certPackageCert;
- }
- }
-
- return(type);
-}
-
-/*
- * read an old style ascii or binary certificate chain
- */
-SECStatus
-CERT_DecodeCertPackage(char *certbuf,
- int certlen,
- CERTImportCertificateFunc f,
- void *arg)
-{
- unsigned char *cp;
- int seqLen, seqLenLen;
- int cl;
- unsigned char *bincert = NULL, *certbegin = NULL, *certend = NULL;
- unsigned int binLen;
- char *ascCert = NULL;
- int asciilen;
- CERTCertificate *cert;
- SECItem certitem, oiditem;
- SECStatus rv;
- SECOidData *oiddata;
- SECItem *pcertitem = &certitem;
-
- if ( certbuf == NULL ) {
- return(SECFailure);
- }
-
- cert = 0;
- cp = (unsigned char *)certbuf;
-
- /* is a DER encoded certificate of some type? */
- if ( ( *cp & 0x1f ) == SEC_ASN1_SEQUENCE ) {
- cp++;
-
- if ( *cp & 0x80) {
- /* Multibyte length */
- seqLenLen = cp[0] & 0x7f;
-
- switch (seqLenLen) {
- case 4:
- seqLen = ((unsigned long)cp[1]<<24) |
- ((unsigned long)cp[2]<<16) | (cp[3]<<8) | cp[4];
- break;
- case 3:
- seqLen = ((unsigned long)cp[1]<<16) | (cp[2]<<8) | cp[3];
- break;
- case 2:
- seqLen = (cp[1]<<8) | cp[2];
- break;
- case 1:
- seqLen = cp[1];
- break;
- default:
- /* indefinite length */
- seqLen = 0;
- }
- cp += ( seqLenLen + 1 );
-
- } else {
- seqLenLen = 0;
- seqLen = *cp;
- cp++;
- }
-
- /* check entire length if definite length */
- if ( seqLen || seqLenLen ) {
- if ( certlen != ( seqLen + seqLenLen + 2 ) ) {
- goto notder;
- }
- }
-
- /* check the type string */
- /* netscape wrapped DER cert */
- if ( ( cp[0] == SEC_ASN1_OCTET_STRING ) &&
- ( cp[1] == CERTIFICATE_TYPE_LEN ) &&
- ( PORT_Strcmp((char *)&cp[2], CERTIFICATE_TYPE_STRING) ) ) {
-
- cp += ( CERTIFICATE_TYPE_LEN + 2 );
-
- /* it had better be a certificate by now!! */
- certitem.data = cp;
- certitem.len = certlen - ( cp - (unsigned char *)certbuf );
-
- rv = (* f)(arg, &pcertitem, 1);
-
- return(rv);
- } else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
- /* XXX - assume DER encoding of OID len!! */
- oiditem.len = cp[1];
- oiditem.data = (unsigned char *)&cp[2];
- oiddata = SECOID_FindOID(&oiditem);
- if ( oiddata == NULL ) {
- return(SECFailure);
- }
-
- certitem.data = (unsigned char*)certbuf;
- certitem.len = certlen;
-
- switch ( oiddata->offset ) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- return(SEC_ReadPKCS7Certs(&certitem, f, arg));
- break;
- case SEC_OID_NS_TYPE_CERT_SEQUENCE:
- return(SEC_ReadCertSequence(&certitem, f, arg));
- break;
- default:
- break;
- }
-
- } else {
- /* it had better be a certificate by now!! */
- certitem.data = (unsigned char*)certbuf;
- certitem.len = certlen;
-
- rv = (* f)(arg, &pcertitem, 1);
- return(rv);
- }
- }
-
- /* now look for a netscape base64 ascii encoded cert */
-notder:
- cp = (unsigned char *)certbuf;
- cl = certlen;
- certbegin = 0;
- certend = 0;
-
- /* find the beginning marker */
- while ( cl > sizeof(NS_CERT_HEADER) ) {
- if ( !PORT_Strncasecmp((char *)cp, NS_CERT_HEADER,
- sizeof(NS_CERT_HEADER)-1) ) {
- cp = cp + sizeof(NS_CERT_HEADER);
- certbegin = cp;
- break;
- }
-
- /* skip to next eol */
- do {
- cp++;
- cl--;
- } while ( ( *cp != '\n') && cl );
-
- /* skip all blank lines */
- while ( ( *cp == '\n') && cl ) {
- cp++;
- cl--;
- }
- }
-
- if ( certbegin ) {
-
- /* find the ending marker */
- while ( cl > sizeof(NS_CERT_TRAILER) ) {
- if ( !PORT_Strncasecmp((char *)cp, NS_CERT_TRAILER,
- sizeof(NS_CERT_TRAILER)-1) ) {
- certend = (unsigned char *)cp;
- break;
- }
-
- /* skip to next eol */
- do {
- cp++;
- cl--;
- } while ( ( *cp != '\n') && cl );
-
- /* skip all blank lines */
- while ( ( *cp == '\n') && cl ) {
- cp++;
- cl--;
- }
- }
- }
-
- if ( certbegin && certend ) {
-
- /* Convert the ASCII data into a nul-terminated string */
- asciilen = certend - certbegin;
- ascCert = (char *)PORT_Alloc(asciilen+1);
- if (!ascCert) {
- rv = SECFailure;
- goto loser;
- }
-
- PORT_Memcpy(ascCert, certbegin, asciilen);
- ascCert[asciilen] = '\0';
-
- /* convert to binary */
- bincert = ATOB_AsciiToData(ascCert, &binLen);
- if (!bincert) {
- rv = SECFailure;
- goto loser;
- }
-
- /* now recurse to decode the binary */
- rv = CERT_DecodeCertPackage((char *)bincert, binLen, f, arg);
-
- } else {
- rv = SECFailure;
- }
-
-loser:
-
- if ( bincert ) {
- PORT_Free(bincert);
- }
-
- if ( ascCert ) {
- PORT_Free(ascCert);
- }
-
- return(rv);
-}
-
-typedef struct {
- PRArenaPool *arena;
- SECItem cert;
-} collect_args;
-
-static SECStatus
-collect_certs(void *arg, SECItem **certs, int numcerts)
-{
- SECStatus rv;
- collect_args *collectArgs;
-
- collectArgs = (collect_args *)arg;
-
- rv = SECITEM_CopyItem(collectArgs->arena, &collectArgs->cert, *certs);
-
- return(rv);
-}
-
-
-/*
- * read an old style ascii or binary certificate
- */
-CERTCertificate *
-CERT_DecodeCertFromPackage(char *certbuf, int certlen)
-{
- collect_args collectArgs;
- SECStatus rv;
- CERTCertificate *cert = NULL;
-
- collectArgs.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- rv = CERT_DecodeCertPackage(certbuf, certlen, collect_certs,
- (void *)&collectArgs);
- if ( rv == SECSuccess ) {
- cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- &collectArgs.cert, NULL,
- PR_FALSE, PR_TRUE);
- }
-
- PORT_FreeArena(collectArgs.arena, PR_FALSE);
-
- return(cert);
-}
diff --git a/security/nss/lib/pkcs7/config.mk b/security/nss/lib/pkcs7/config.mk
deleted file mode 100644
index ec34728f9..000000000
--- a/security/nss/lib/pkcs7/config.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
diff --git a/security/nss/lib/pkcs7/manifest.mn b/security/nss/lib/pkcs7/manifest.mn
deleted file mode 100644
index 7f4c0ff81..000000000
--- a/security/nss/lib/pkcs7/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- secmime.h \
- secpkcs7.h \
- pkcs7t.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- p7local.h \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- certread.c \
- p7common.c \
- p7create.c \
- p7decode.c \
- p7encode.c \
- p7local.c \
- secmime.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = pkcs7
diff --git a/security/nss/lib/pkcs7/p7common.c b/security/nss/lib/pkcs7/p7common.c
deleted file mode 100644
index 329b078ed..000000000
--- a/security/nss/lib/pkcs7/p7common.c
+++ /dev/null
@@ -1,747 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 implementation -- the exported parts that are used whether
- * creating or decoding.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-
-/*
- * Find out (saving pointer to lookup result for future reference)
- * and return the inner content type.
- */
-SECOidTag
-SEC_PKCS7ContentType (SEC_PKCS7ContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag == NULL)
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
- if (cinfo->contentTypeTag == NULL)
- return SEC_OID_UNKNOWN;
-
- return cinfo->contentTypeTag->offset;
-}
-
-
-/*
- * Destroy a PKCS7 contentInfo and all of its sub-pieces.
- */
-void
-SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
- CERTCertificate **certs;
- CERTCertificateList **certlists;
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7RecipientInfo **recipientinfos;
-
- PORT_Assert (cinfo->refCount > 0);
- if (cinfo->refCount <= 0)
- return;
-
- cinfo->refCount--;
- if (cinfo->refCount > 0)
- return;
-
- certs = NULL;
- certlists = NULL;
- recipientinfos = NULL;
- signerinfos = NULL;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *edp;
-
- edp = cinfo->content.envelopedData;
- if (edp != NULL) {
- recipientinfos = edp->recipientInfos;
- }
- }
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- if (sdp != NULL) {
- certs = sdp->certs;
- certlists = sdp->certLists;
- signerinfos = sdp->signerInfos;
- }
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- if (saedp != NULL) {
- certs = saedp->certs;
- certlists = saedp->certLists;
- recipientinfos = saedp->recipientInfos;
- signerinfos = saedp->signerInfos;
- if (saedp->sigKey != NULL)
- PK11_FreeSymKey (saedp->sigKey);
- }
- }
- break;
- default:
- /* XXX Anything else that needs to be "manually" freed/destroyed? */
- break;
- }
-
- if (certs != NULL) {
- CERTCertificate *cert;
-
- while ((cert = *certs++) != NULL) {
- CERT_DestroyCertificate (cert);
- }
- }
-
- if (certlists != NULL) {
- CERTCertificateList *certlist;
-
- while ((certlist = *certlists++) != NULL) {
- CERT_DestroyCertificateList (certlist);
- }
- }
-
- if (recipientinfos != NULL) {
- SEC_PKCS7RecipientInfo *ri;
-
- while ((ri = *recipientinfos++) != NULL) {
- if (ri->cert != NULL)
- CERT_DestroyCertificate (ri->cert);
- }
- }
-
- if (signerinfos != NULL) {
- SEC_PKCS7SignerInfo *si;
-
- while ((si = *signerinfos++) != NULL) {
- if (si->cert != NULL)
- CERT_DestroyCertificate (si->cert);
- if (si->certList != NULL)
- CERT_DestroyCertificateList (si->certList);
- }
- }
-
- if (cinfo->poolp != NULL) {
- PORT_FreeArena (cinfo->poolp, PR_FALSE); /* XXX clear it? */
- }
-}
-
-
-/*
- * Return a copy of the given contentInfo. The copy may be virtual
- * or may be real -- either way, the result needs to be passed to
- * SEC_PKCS7DestroyContentInfo later (as does the original).
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *cinfo)
-{
- if (cinfo == NULL)
- return NULL;
-
- PORT_Assert (cinfo->refCount > 0);
-
- if (cinfo->created) {
- /*
- * Want to do a real copy of these; otherwise subsequent
- * changes made to either copy are likely to be a surprise.
- * XXX I suspect that this will not actually be called for yet,
- * which is why the assert, so to notice if it is...
- */
- PORT_Assert (0);
- /*
- * XXX Create a new pool here, and copy everything from
- * within. For cert stuff, need to call the appropriate
- * copy functions, etc.
- */
- }
-
- cinfo->refCount++;
- return cinfo;
-}
-
-
-/*
- * Return a pointer to the actual content. In the case of those types
- * which are encrypted, this returns the *plain* content.
- * XXX Needs revisiting if/when we handle nested encrypted types.
- */
-SECItem *
-SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_DATA:
- return cinfo->content.data;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- {
- SEC_PKCS7DigestedData *digd;
-
- digd = cinfo->content.digestedData;
- if (digd == NULL)
- break;
- return SEC_PKCS7GetContent (&(digd->contentInfo));
- }
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- {
- SEC_PKCS7EncryptedData *encd;
-
- encd = cinfo->content.encryptedData;
- if (encd == NULL)
- break;
- return &(encd->encContentInfo.plainContent);
- }
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *envd;
-
- envd = cinfo->content.envelopedData;
- if (envd == NULL)
- break;
- return &(envd->encContentInfo.plainContent);
- }
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sigd;
-
- sigd = cinfo->content.signedData;
- if (sigd == NULL)
- break;
- return SEC_PKCS7GetContent (&(sigd->contentInfo));
- }
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saed;
-
- saed = cinfo->content.signedAndEnvelopedData;
- if (saed == NULL)
- break;
- return &(saed->encContentInfo.plainContent);
- }
- default:
- PORT_Assert(0);
- break;
- }
-
- return NULL;
-}
-
-
-/*
- * XXX Fix the placement and formatting of the
- * following routines (i.e. make them consistent with the rest of
- * the pkcs7 code -- I think some/many belong in other files and
- * they all need a formatting/style rehaul)
- */
-
-/* retrieve the algorithm identifier for encrypted data.
- * the identifier returned is a copy of the algorithm identifier
- * in the content info and needs to be freed after being used.
- *
- * cinfo is the content info for which to retrieve the
- * encryption algorithm.
- *
- * if the content info is not encrypted data or an error
- * occurs NULL is returned.
- */
-SECAlgorithmID *
-SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo)
-{
- SECAlgorithmID *alg = 0;
- switch (SEC_PKCS7ContentType(cinfo))
- {
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- alg = &cinfo->content.encryptedData->encContentInfo.contentEncAlg;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- alg = &cinfo->content.envelopedData->encContentInfo.contentEncAlg;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- alg = &cinfo->content.signedAndEnvelopedData
- ->encContentInfo.contentEncAlg;
- break;
- default:
- alg = 0;
- break;
- }
-
- return alg;
-}
-
-/* set the content of the content info. For data content infos,
- * the data is set. For encrytped content infos, the plainContent
- * is set, and is expected to be encrypted later.
- *
- * cinfo is the content info where the data will be set
- *
- * buf is a buffer of the data to set
- *
- * len is the length of the data being set.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates the content was successfully set.
- */
-SECStatus
-SEC_PKCS7SetContent(SEC_PKCS7ContentInfo *cinfo,
- const char *buf,
- unsigned long len)
-{
- SECOidTag cinfo_type;
- SECStatus rv;
- SECItem content;
- SECOidData *contentTypeTag = NULL;
-
- content.data = (unsigned char *)buf;
- content.len = len;
-
- cinfo_type = SEC_PKCS7ContentType(cinfo);
-
- /* set inner content */
- switch(cinfo_type)
- {
- case SEC_OID_PKCS7_SIGNED_DATA:
- if(content.len > 0) {
- /* we "leak" the old content here, but as it's all in the pool */
- /* it does not really matter */
-
- /* create content item if necessary */
- if (cinfo->content.signedData->contentInfo.content.data == NULL)
- cinfo->content.signedData->contentInfo.content.data = SECITEM_AllocItem(cinfo->poolp, NULL, 0);
- rv = SECITEM_CopyItem(cinfo->poolp,
- cinfo->content.signedData->contentInfo.content.data,
- &content);
- } else {
- cinfo->content.signedData->contentInfo.content.data->data = NULL;
- cinfo->content.signedData->contentInfo.content.data->len = 0;
- rv = SECSuccess;
- }
- if(rv == SECFailure)
- goto loser;
-
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- /* XXX this forces the inner content type to be "data" */
- /* do we really want to override without asking or reason? */
- contentTypeTag = SECOID_FindOIDByTag(SEC_OID_PKCS7_DATA);
- if(contentTypeTag == NULL)
- goto loser;
- rv = SECITEM_CopyItem(cinfo->poolp,
- &(cinfo->content.encryptedData->encContentInfo.contentType),
- &(contentTypeTag->oid));
- if(rv == SECFailure)
- goto loser;
- if(content.len > 0) {
- rv = SECITEM_CopyItem(cinfo->poolp,
- &(cinfo->content.encryptedData->encContentInfo.plainContent),
- &content);
- } else {
- cinfo->content.encryptedData->encContentInfo.plainContent.data = NULL;
- cinfo->content.encryptedData->encContentInfo.encContent.data = NULL;
- cinfo->content.encryptedData->encContentInfo.plainContent.len = 0;
- cinfo->content.encryptedData->encContentInfo.encContent.len = 0;
- rv = SECSuccess;
- }
- if(rv == SECFailure)
- goto loser;
- break;
- case SEC_OID_PKCS7_DATA:
- cinfo->content.data = (SECItem *)PORT_ArenaZAlloc(cinfo->poolp,
- sizeof(SECItem));
- if(cinfo->content.data == NULL)
- goto loser;
- if(content.len > 0) {
- rv = SECITEM_CopyItem(cinfo->poolp,
- cinfo->content.data, &content);
- } else {
- /* handle case with NULL content */
- rv = SECSuccess;
- }
- if(rv == SECFailure)
- goto loser;
- break;
- default:
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
-
- return SECFailure;
-}
-
-/* the content of an encrypted data content info is encrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "plainContent" field of the content info.
- *
- * cinfo is the content info to encrypt
- *
- * key is the key with which to perform the encryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-SECStatus
-SEC_PKCS7EncryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx)
-{
- SECAlgorithmID *algid = NULL;
- SECItem * result = NULL;
- SECItem * src;
- SECItem * dest;
- SECItem * blocked_data = NULL;
- void * mark;
- void * cx;
- PK11SymKey * eKey = NULL;
- PK11SlotInfo * slot = NULL;
-
- CK_MECHANISM pbeMech;
- CK_MECHANISM cryptoMech;
- int bs;
- SECOidTag algtag;
- SECStatus rv = SECFailure;
- SECItem c_param;
-
- if((cinfo == NULL) || (key == NULL))
- return SECFailure;
-
- if(SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
- return SECFailure;
-
- algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
- if(algid == NULL)
- return SECFailure;
-
- if(poolp == NULL)
- poolp = cinfo->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- src = &cinfo->content.encryptedData->encContentInfo.plainContent;
- dest = &cinfo->content.encryptedData->encContentInfo.encContent;
- algtag = SECOID_GetAlgorithmTag(algid);
- c_param.data = NULL;
- dest->data = (unsigned char*)PORT_ArenaZAlloc(poolp, (src->len + 64));
- dest->len = (src->len + 64);
- if(dest->data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- slot = PK11_GetInternalKeySlot();
- if(slot == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- result = PK11_ParamFromAlgid(algid);
- if (result == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.pParameter = result->data;
- pbeMech.ulParameterLen = result->len;
-
- eKey = PK11_RawPBEKeyGen(slot, pbeMech.mechanism, result, key, PR_FALSE,
- wincx);
- if(eKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, key,
- PR_FALSE) != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
- c_param.data = (unsigned char *)cryptoMech.pParameter;
- c_param.len = cryptoMech.ulParameterLen;
-
- /* block according to PKCS 8 */
- bs = PK11_GetBlockSize(cryptoMech.mechanism, &c_param);
- rv = SECSuccess;
- if(bs) {
- char pad_char;
- pad_char = (char)(bs - (src->len % bs));
- if(src->len % bs) {
- rv = SECSuccess;
- blocked_data = PK11_BlockData(src, bs);
- if(blocked_data) {
- PORT_Memset((blocked_data->data + blocked_data->len - (int)pad_char),
- pad_char, (int)pad_char);
- } else {
- rv = SECFailure;
- goto loser;
- }
- } else {
- blocked_data = SECITEM_DupItem(src);
- if(blocked_data) {
- blocked_data->data = (unsigned char*)PORT_Realloc(
- blocked_data->data,
- blocked_data->len + bs);
- if(blocked_data->data) {
- blocked_data->len += bs;
- PORT_Memset((blocked_data->data + src->len), (char)bs, bs);
- } else {
- rv = SECFailure;
- goto loser;
- }
- } else {
- rv = SECFailure;
- goto loser;
- }
- }
- } else {
- blocked_data = SECITEM_DupItem(src);
- if(!blocked_data) {
- rv = SECFailure;
- goto loser;
- }
- }
-
- cx = PK11_CreateContextBySymKey(cryptoMech.mechanism, CKA_ENCRYPT,
- eKey, &c_param);
- if(cx == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_CipherOp((PK11Context*)cx, dest->data, (int *)(&dest->len),
- (int)(src->len + 64), blocked_data->data,
- (int)blocked_data->len);
- PK11_DestroyContext((PK11Context*)cx, PR_TRUE);
-
-loser:
- /* let success fall through */
- if(blocked_data != NULL)
- SECITEM_ZfreeItem(blocked_data, PR_TRUE);
-
- if(result != NULL)
- SECITEM_ZfreeItem(result, PR_TRUE);
-
- if(rv == SECFailure)
- PORT_ArenaRelease(poolp, mark);
- else
- PORT_ArenaUnmark(poolp, mark);
-
- if(eKey != NULL)
- PK11_FreeSymKey(eKey);
-
- if(slot != NULL)
- PK11_FreeSlot(slot);
-
- if(c_param.data != NULL)
- SECITEM_ZfreeItem(&c_param, PR_FALSE);
-
- return rv;
-}
-
-/* the content of an encrypted data content info is decrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "encContent" field of the content info.
- *
- * cinfo is the content info to decrypt
- *
- * key is the key with which to perform the decryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-SECStatus
-SEC_PKCS7DecryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx)
-{
- SECAlgorithmID *algid = NULL;
- SECOidTag algtag;
- SECStatus rv = SECFailure;
- SECItem *result = NULL, *dest, *src;
- void *mark;
-
- PK11SymKey *eKey = NULL;
- PK11SlotInfo *slot = NULL;
- CK_MECHANISM pbeMech, cryptoMech;
- void *cx;
- SECItem c_param;
- int bs;
-
- if((cinfo == NULL) || (key == NULL))
- return SECFailure;
-
- if(SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
- return SECFailure;
-
- algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
- if(algid == NULL)
- return SECFailure;
-
- if(poolp == NULL)
- poolp = cinfo->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- src = &cinfo->content.encryptedData->encContentInfo.encContent;
- dest = &cinfo->content.encryptedData->encContentInfo.plainContent;
- algtag = SECOID_GetAlgorithmTag(algid);
- c_param.data = NULL;
- dest->data = (unsigned char*)PORT_ArenaZAlloc(poolp, (src->len + 64));
- dest->len = (src->len + 64);
- if(dest->data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- slot = PK11_GetInternalKeySlot();
- if(slot == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- result = PK11_ParamFromAlgid(algid);
- if (result == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.pParameter = result->data;
- pbeMech.ulParameterLen = result->len;
- eKey = PK11_RawPBEKeyGen(slot,pbeMech.mechanism,result,key,PR_FALSE,wincx);
- if(eKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, key,
- PR_FALSE) != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
- c_param.data = (unsigned char *)cryptoMech.pParameter;
- c_param.len = cryptoMech.ulParameterLen;
-
- cx = PK11_CreateContextBySymKey(cryptoMech.mechanism, CKA_DECRYPT,
- eKey, &c_param);
- if(cx == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_CipherOp((PK11Context*)cx, dest->data, (int *)(&dest->len),
- (int)(src->len + 64), src->data, (int)src->len);
- PK11_DestroyContext((PK11Context *)cx, PR_TRUE);
-
- bs = PK11_GetBlockSize(cryptoMech.mechanism, &c_param);
- if(bs) {
- /* check for proper badding in block algorithms. this assumes
- * RC2 cbc or a DES cbc variant. and the padding is thus defined
- */
- if(((int)dest->data[dest->len-1] <= bs) &&
- ((int)dest->data[dest->len-1] > 0)) {
- dest->len -= (int)dest->data[dest->len-1];
- } else {
- rv = SECFailure;
- /* set an error ? */
- }
- }
-
-loser:
- /* let success fall through */
- if(result != NULL)
- SECITEM_ZfreeItem(result, PR_TRUE);
-
- if(rv == SECFailure)
- PORT_ArenaRelease(poolp, mark);
- else
- PORT_ArenaUnmark(poolp, mark);
-
- if(eKey != NULL)
- PK11_FreeSymKey(eKey);
-
- if(slot != NULL)
- PK11_FreeSlot(slot);
-
- if(c_param.data != NULL)
- SECITEM_ZfreeItem(&c_param, PR_FALSE);
-
- return rv;
-}
-
-SECItem **
-SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo)
-{
- switch(SEC_PKCS7ContentType(cinfo))
- {
- case SEC_OID_PKCS7_SIGNED_DATA:
- return cinfo->content.signedData->rawCerts;
- break;
- default:
- return NULL;
- break;
- }
-}
-
-
-int
-SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag->offset == SEC_OID_PKCS7_ENVELOPED_DATA)
- return cinfo->content.envelopedData->encContentInfo.keysize;
- else
- return 0;
-}
-
diff --git a/security/nss/lib/pkcs7/p7create.c b/security/nss/lib/pkcs7/p7create.c
deleted file mode 100644
index 47bdee60c..000000000
--- a/security/nss/lib/pkcs7/p7create.c
+++ /dev/null
@@ -1,1320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 creation.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secder.h"
-
-static SECStatus
-sec_pkcs7_init_content_info (SEC_PKCS7ContentInfo *cinfo, PRArenaPool *poolp,
- SECOidTag kind, PRBool detached)
-{
- void *thing;
- int version;
- SECItem *versionp;
- SECStatus rv;
-
- PORT_Assert (cinfo != NULL && poolp != NULL);
- if (cinfo == NULL || poolp == NULL)
- return SECFailure;
-
- cinfo->contentTypeTag = SECOID_FindOIDByTag (kind);
- PORT_Assert (cinfo->contentTypeTag
- && cinfo->contentTypeTag->offset == kind);
-
- rv = SECITEM_CopyItem (poolp, &(cinfo->contentType),
- &(cinfo->contentTypeTag->oid));
- if (rv != SECSuccess)
- return rv;
-
- if (detached)
- return SECSuccess;
-
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SECItem));
- cinfo->content.data = (SECItem*)thing;
- versionp = NULL;
- version = -1;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7DigestedData));
- cinfo->content.digestedData = (SEC_PKCS7DigestedData*)thing;
- versionp = &(cinfo->content.digestedData->version);
- version = SEC_PKCS7_DIGESTED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7EncryptedData));
- cinfo->content.encryptedData = (SEC_PKCS7EncryptedData*)thing;
- versionp = &(cinfo->content.encryptedData->version);
- version = SEC_PKCS7_ENCRYPTED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7EnvelopedData));
- cinfo->content.envelopedData =
- (SEC_PKCS7EnvelopedData*)thing;
- versionp = &(cinfo->content.envelopedData->version);
- version = SEC_PKCS7_ENVELOPED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7SignedData));
- cinfo->content.signedData =
- (SEC_PKCS7SignedData*)thing;
- versionp = &(cinfo->content.signedData->version);
- version = SEC_PKCS7_SIGNED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- thing = PORT_ArenaZAlloc(poolp,sizeof(SEC_PKCS7SignedAndEnvelopedData));
- cinfo->content.signedAndEnvelopedData =
- (SEC_PKCS7SignedAndEnvelopedData*)thing;
- versionp = &(cinfo->content.signedAndEnvelopedData->version);
- version = SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION;
- break;
- }
-
- if (thing == NULL)
- return SECFailure;
-
- if (versionp != NULL) {
- SECItem *dummy;
-
- PORT_Assert (version >= 0);
- dummy = SEC_ASN1EncodeInteger (poolp, versionp, version);
- if (dummy == NULL)
- return SECFailure;
- PORT_Assert (dummy == versionp);
- }
-
- return SECSuccess;
-}
-
-
-static SEC_PKCS7ContentInfo *
-sec_pkcs7_create_content_info (SECOidTag kind, PRBool detached,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- PRArenaPool *poolp;
- SECStatus rv;
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return NULL;
-
- cinfo = (SEC_PKCS7ContentInfo*)PORT_ArenaZAlloc (poolp, sizeof(*cinfo));
- if (cinfo == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- cinfo->poolp = poolp;
- cinfo->pwfn = pwfn;
- cinfo->pwfn_arg = pwfn_arg;
- cinfo->created = PR_TRUE;
- cinfo->refCount = 1;
-
- rv = sec_pkcs7_init_content_info (cinfo, poolp, kind, detached);
- if (rv != SECSuccess) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-/*
- * Add a signer to a PKCS7 thing, verifying the signature cert first.
- * Any error returns SECFailure.
- *
- * XXX Right now this only adds the *first* signer. It fails if you try
- * to add a second one -- this needs to be fixed.
- */
-static SECStatus
-sec_pkcs7_add_signer (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate * cert,
- SECCertUsage certusage,
- CERTCertDBHandle * certdb,
- SECOidTag digestalgtag,
- SECItem * digestdata)
-{
- SEC_PKCS7SignerInfo *signerinfo, **signerinfos, ***signerinfosp;
- SECAlgorithmID *digestalg, **digestalgs, ***digestalgsp;
- SECItem *digest, **digests, ***digestsp;
- SECItem * dummy;
- void * mark;
- SECStatus rv;
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- digestalgsp = &(sdp->digestAlgorithms);
- digestsp = &(sdp->digests);
- signerinfosp = &(sdp->signerInfos);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- digestalgsp = &(saedp->digestAlgorithms);
- digestsp = &(saedp->digests);
- signerinfosp = &(saedp->signerInfos);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- /*
- * XXX I think that CERT_VerifyCert should do this if *it* is passed
- * a NULL database.
- */
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL)
- return SECFailure; /* XXX set an error? */
- }
-
- if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage, PR_Now(),
- cinfo->pwfn_arg, NULL) != SECSuccess)
- {
- /* XXX Did CERT_VerifyCert set an error? */
- return SECFailure;
- }
-
- /*
- * XXX This is the check that we do not already have a signer.
- * This is not what we really want -- we want to allow this
- * and *add* the new signer.
- */
- PORT_Assert (*signerinfosp == NULL
- && *digestalgsp == NULL && *digestsp == NULL);
- if (*signerinfosp != NULL || *digestalgsp != NULL || *digestsp != NULL)
- return SECFailure;
-
- mark = PORT_ArenaMark (cinfo->poolp);
-
- signerinfo = (SEC_PKCS7SignerInfo*)PORT_ArenaZAlloc (cinfo->poolp,
- sizeof(SEC_PKCS7SignerInfo));
- if (signerinfo == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- dummy = SEC_ASN1EncodeInteger (cinfo->poolp, &signerinfo->version,
- SEC_PKCS7_SIGNER_INFO_VERSION);
- if (dummy == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- PORT_Assert (dummy == &signerinfo->version);
-
- signerinfo->cert = CERT_DupCertificate (cert);
- if (signerinfo->cert == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- signerinfo->issuerAndSN = CERT_GetCertIssuerAndSN (cinfo->poolp, cert);
- if (signerinfo->issuerAndSN == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- rv = SECOID_SetAlgorithmID (cinfo->poolp, &signerinfo->digestAlg,
- digestalgtag, NULL);
- if (rv != SECSuccess) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- /*
- * Okay, now signerinfo is all set. We just need to put it and its
- * companions (another copy of the digest algorithm, and the digest
- * itself if given) into the main structure.
- *
- * XXX If we are handling more than one signer, the following code
- * needs to look through the digest algorithms already specified
- * and see if the same one is there already. If it is, it does not
- * need to be added again. Also, if it is there *and* the digest
- * is not null, then the digest given should match the digest already
- * specified -- if not, that is an error. Finally, the new signerinfo
- * should be *added* to the set already found.
- */
-
- signerinfos = (SEC_PKCS7SignerInfo**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(SEC_PKCS7SignerInfo *));
- if (signerinfos == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- signerinfos[0] = signerinfo;
- signerinfos[1] = NULL;
-
- digestalg = PORT_ArenaZAlloc (cinfo->poolp, sizeof(SECAlgorithmID));
- digestalgs = PORT_ArenaAlloc (cinfo->poolp, 2 * sizeof(SECAlgorithmID *));
- if (digestalg == NULL || digestalgs == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- rv = SECOID_SetAlgorithmID (cinfo->poolp, digestalg, digestalgtag, NULL);
- if (rv != SECSuccess) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- digestalgs[0] = digestalg;
- digestalgs[1] = NULL;
-
- if (digestdata != NULL) {
- digest = (SECItem*)PORT_ArenaAlloc (cinfo->poolp, sizeof(SECItem));
- digests = (SECItem**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(SECItem *));
- if (digest == NULL || digests == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- rv = SECITEM_CopyItem (cinfo->poolp, digest, digestdata);
- if (rv != SECSuccess) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- digests[0] = digest;
- digests[1] = NULL;
- } else {
- digests = NULL;
- }
-
- *signerinfosp = signerinfos;
- *digestalgsp = digestalgs;
- *digestsp = digests;
-
- PORT_ArenaUnmark(cinfo->poolp, mark);
- return SECSuccess;
-}
-
-
-/*
- * Helper function for creating an empty signedData.
- */
-static SEC_PKCS7ContentInfo *
-sec_pkcs7_create_signed_data (SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7SignedData *sigd;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_SIGNED_DATA, PR_FALSE,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- sigd = cinfo->content.signedData;
- PORT_Assert (sigd != NULL);
-
- /*
- * XXX Might we want to allow content types other than data?
- * If so, via what interface?
- */
- rv = sec_pkcs7_init_content_info (&(sigd->contentInfo), cinfo->poolp,
- SEC_OID_PKCS7_DATA, PR_TRUE);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-/*
- * Start a PKCS7 signing context.
- *
- * "cert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "signing" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * The return value can be passed to functions which add things to
- * it like attributes, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateSignedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_signed_data (pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- rv = sec_pkcs7_add_signer (cinfo, cert, certusage, certdb,
- digestalg, digest);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-static SEC_PKCS7Attribute *
-sec_pkcs7_create_attribute (PRArenaPool *poolp, SECOidTag oidtag,
- SECItem *value, PRBool encoded)
-{
- SEC_PKCS7Attribute *attr;
- SECItem **values;
- void *mark;
-
- PORT_Assert (poolp != NULL);
- mark = PORT_ArenaMark (poolp);
-
- attr = (SEC_PKCS7Attribute*)PORT_ArenaAlloc (poolp,
- sizeof(SEC_PKCS7Attribute));
- if (attr == NULL)
- goto loser;
-
- attr->typeTag = SECOID_FindOIDByTag (oidtag);
- if (attr->typeTag == NULL)
- goto loser;
-
- if (SECITEM_CopyItem (poolp, &(attr->type),
- &(attr->typeTag->oid)) != SECSuccess)
- goto loser;
-
- values = (SECItem**)PORT_ArenaAlloc (poolp, 2 * sizeof(SECItem *));
- if (values == NULL)
- goto loser;
-
- if (value != NULL) {
- SECItem *copy;
-
- copy = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
- if (copy == NULL)
- goto loser;
-
- if (SECITEM_CopyItem (poolp, copy, value) != SECSuccess)
- goto loser;
-
- value = copy;
- }
-
- values[0] = value;
- values[1] = NULL;
- attr->values = values;
- attr->encoded = encoded;
-
- PORT_ArenaUnmark (poolp, mark);
- return attr;
-
-loser:
- PORT_Assert (mark != NULL);
- PORT_ArenaRelease (poolp, mark);
- return NULL;
-}
-
-
-static SECStatus
-sec_pkcs7_add_attribute (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7Attribute ***attrsp,
- SEC_PKCS7Attribute *attr)
-{
- SEC_PKCS7Attribute **attrs;
- SECItem *ct_value;
- void *mark;
-
- PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return SECFailure;
-
- attrs = *attrsp;
- if (attrs != NULL) {
- int count;
-
- /*
- * We already have some attributes, and just need to add this
- * new one.
- */
-
- /*
- * We should already have the *required* attributes, which were
- * created/added at the same time the first attribute was added.
- */
- PORT_Assert (sec_PKCS7FindAttribute (attrs,
- SEC_OID_PKCS9_CONTENT_TYPE,
- PR_FALSE) != NULL);
- PORT_Assert (sec_PKCS7FindAttribute (attrs,
- SEC_OID_PKCS9_MESSAGE_DIGEST,
- PR_FALSE) != NULL);
-
- for (count = 0; attrs[count] != NULL; count++)
- ;
- attrs = (SEC_PKCS7Attribute**)PORT_ArenaGrow (cinfo->poolp, attrs,
- (count + 1) * sizeof(SEC_PKCS7Attribute *),
- (count + 2) * sizeof(SEC_PKCS7Attribute *));
- if (attrs == NULL)
- return SECFailure;
-
- attrs[count] = attr;
- attrs[count+1] = NULL;
- *attrsp = attrs;
-
- return SECSuccess;
- }
-
- /*
- * This is the first time an attribute is going in.
- * We need to create and add the required attributes, and then
- * we will also add in the one our caller gave us.
- */
-
- /*
- * There are 2 required attributes, plus the one our caller wants
- * to add, plus we always end with a NULL one. Thus, four slots.
- */
- attrs = (SEC_PKCS7Attribute**)PORT_ArenaAlloc (cinfo->poolp,
- 4 * sizeof(SEC_PKCS7Attribute *));
- if (attrs == NULL)
- return SECFailure;
-
- mark = PORT_ArenaMark (cinfo->poolp);
-
- /*
- * First required attribute is the content type of the data
- * being signed.
- */
- ct_value = &(cinfo->content.signedData->contentInfo.contentType);
- attrs[0] = sec_pkcs7_create_attribute (cinfo->poolp,
- SEC_OID_PKCS9_CONTENT_TYPE,
- ct_value, PR_FALSE);
- /*
- * Second required attribute is the message digest of the data
- * being signed; we leave the value NULL for now (just create
- * the place for it to go), and the encoder will fill it in later.
- */
- attrs[1] = sec_pkcs7_create_attribute (cinfo->poolp,
- SEC_OID_PKCS9_MESSAGE_DIGEST,
- NULL, PR_FALSE);
- if (attrs[0] == NULL || attrs[1] == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- attrs[2] = attr;
- attrs[3] = NULL;
- *attrsp = attrs;
-
- PORT_ArenaUnmark (cinfo->poolp, mark);
- return SECSuccess;
-}
-
-
-/*
- * Add the signing time to the authenticated (i.e. signed) attributes
- * of "cinfo". This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will either do
- * nothing or replace an old signing time with a newer one.
- *
- * XXX This will probably just shove the current time into "cinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-SECStatus
-SEC_PKCS7AddSigningTime (SEC_PKCS7ContentInfo *cinfo)
-{
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7Attribute *attr;
- SECItem stime;
- SECStatus rv;
- int si;
-
- PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return SECFailure;
-
- signerinfos = cinfo->content.signedData->signerInfos;
-
- /* There has to be a signer, or it makes no sense. */
- if (signerinfos == NULL || signerinfos[0] == NULL)
- return SECFailure;
-
- rv = DER_TimeToUTCTime (&stime, PR_Now());
- if (rv != SECSuccess)
- return rv;
-
- attr = sec_pkcs7_create_attribute (cinfo->poolp,
- SEC_OID_PKCS9_SIGNING_TIME,
- &stime, PR_FALSE);
- SECITEM_FreeItem (&stime, PR_FALSE);
-
- if (attr == NULL)
- return SECFailure;
-
- rv = SECSuccess;
- for (si = 0; signerinfos[si] != NULL; si++) {
- SEC_PKCS7Attribute *oattr;
-
- oattr = sec_PKCS7FindAttribute (signerinfos[si]->authAttr,
- SEC_OID_PKCS9_SIGNING_TIME, PR_FALSE);
- PORT_Assert (oattr == NULL);
- if (oattr != NULL)
- continue; /* XXX or would it be better to replace it? */
-
- rv = sec_pkcs7_add_attribute (cinfo, &(signerinfos[si]->authAttr),
- attr);
- if (rv != SECSuccess)
- break; /* could try to continue, but may as well give up now */
- }
-
- return rv;
-}
-
-
-/*
- * Add the specified attribute to the authenticated (i.e. signed) attributes
- * of "cinfo" -- "oidtag" describes the attribute and "value" is the
- * value to be associated with it. NOTE! "value" must already be encoded;
- * no interpretation of "oidtag" is done. Also, it is assumed that this
- * signedData has only one signer -- if we ever need to add attributes
- * when there is more than one signature, we need a way to specify *which*
- * signature should get the attribute.
- *
- * XXX Technically, a signed attribute can have multiple values; if/when
- * we ever need to support an attribute which takes multiple values, we
- * either need to change this interface or create an AddSignedAttributeValue
- * which can be called subsequently, and would then append a value.
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-SECStatus
-SEC_PKCS7AddSignedAttribute (SEC_PKCS7ContentInfo *cinfo,
- SECOidTag oidtag,
- SECItem *value)
-{
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7Attribute *attr;
-
- PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return SECFailure;
-
- signerinfos = cinfo->content.signedData->signerInfos;
-
- /*
- * No signature or more than one means no deal.
- */
- if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
- return SECFailure;
-
- attr = sec_pkcs7_create_attribute (cinfo->poolp, oidtag, value, PR_TRUE);
- if (attr == NULL)
- return SECFailure;
-
- return sec_pkcs7_add_attribute (cinfo, &(signerinfos[0]->authAttr), attr);
-}
-
-
-/*
- * Mark that the signer certificates and their issuing chain should
- * be included in the encoded data. This is expected to be used
- * in outgoing signed messages for email (S/MIME).
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7IncludeCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
- SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- signerinfos = cinfo->content.signedData->signerInfos;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- if (signerinfos == NULL) /* no signer, no certs? */
- return SECFailure; /* XXX set an error? */
-
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL) {
- PORT_SetError (SEC_ERROR_BAD_DATABASE);
- return SECFailure;
- }
- }
-
- /* XXX Should it be an error if we find no signerinfo or no certs? */
- while ((signerinfo = *signerinfos++) != NULL) {
- if (signerinfo->cert != NULL)
- /* get the cert chain. don't send the root to avoid contamination
- * of old clients with a new root that they don't trust
- */
- signerinfo->certList = CERT_CertChainFromCert (signerinfo->cert,
- certUsageEmailSigner,
- PR_FALSE);
- }
-
- return SECSuccess;
-}
-
-
-/*
- * Helper function to add a certificate chain for inclusion in the
- * bag of certificates in a signedData.
- */
-static SECStatus
-sec_pkcs7_add_cert_chain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
- CERTCertificateList *certlist, **certlists, ***certlistsp;
- int count;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- certlistsp = &(sdp->certLists);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- certlistsp = &(saedp->certLists);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL) {
- PORT_SetError (SEC_ERROR_BAD_DATABASE);
- return SECFailure;
- }
- }
-
- certlist = CERT_CertChainFromCert (cert, certUsageEmailSigner, PR_FALSE);
- if (certlist == NULL)
- return SECFailure;
-
- certlists = *certlistsp;
- if (certlists == NULL) {
- count = 0;
- certlists = (CERTCertificateList**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(CERTCertificateList *));
- } else {
- for (count = 0; certlists[count] != NULL; count++)
- ;
- PORT_Assert (count); /* should be at least one already */
- certlists = (CERTCertificateList**)PORT_ArenaGrow (cinfo->poolp,
- certlists,
- (count + 1) * sizeof(CERTCertificateList *),
- (count + 2) * sizeof(CERTCertificateList *));
- }
-
- if (certlists == NULL) {
- CERT_DestroyCertificateList (certlist);
- return SECFailure;
- }
-
- certlists[count] = certlist;
- certlists[count + 1] = NULL;
-
- *certlistsp = certlists;
-
- return SECSuccess;
-}
-
-
-/*
- * Helper function to add a certificate for inclusion in the bag of
- * certificates in a signedData.
- */
-static SECStatus
-sec_pkcs7_add_certificate (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert)
-{
- SECOidTag kind;
- CERTCertificate **certs, ***certsp;
- int count;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- certsp = &(sdp->certs);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- certsp = &(saedp->certs);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- cert = CERT_DupCertificate (cert);
- if (cert == NULL)
- return SECFailure;
-
- certs = *certsp;
- if (certs == NULL) {
- count = 0;
- certs = (CERTCertificate**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(CERTCertificate *));
- } else {
- for (count = 0; certs[count] != NULL; count++)
- ;
- PORT_Assert (count); /* should be at least one already */
- certs = (CERTCertificate**)PORT_ArenaGrow (cinfo->poolp, certs,
- (count + 1) * sizeof(CERTCertificate *),
- (count + 2) * sizeof(CERTCertificate *));
- }
-
- if (certs == NULL) {
- CERT_DestroyCertificate (cert);
- return SECFailure;
- }
-
- certs[count] = cert;
- certs[count + 1] = NULL;
-
- *certsp = certs;
-
- return SECSuccess;
-}
-
-
-/*
- * Create a PKCS7 certs-only container.
- *
- * "cert" is the (first) cert that will be included.
- *
- * "include_chain" specifies whether the entire chain for "cert" should
- * be included.
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL in when "include_chain" is false, or when meaning
- * use the default database.
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateCertsOnly (CERTCertificate *cert,
- PRBool include_chain,
- CERTCertDBHandle *certdb)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_signed_data (NULL, NULL);
- if (cinfo == NULL)
- return NULL;
-
- if (include_chain)
- rv = sec_pkcs7_add_cert_chain (cinfo, cert, certdb);
- else
- rv = sec_pkcs7_add_certificate (cinfo, cert);
-
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-/*
- * Add "cert" and its entire chain to the set of certs included in "cinfo".
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7AddCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- if (kind != SEC_OID_PKCS7_SIGNED_DATA
- && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
- return SECFailure; /* XXX set an error? */
-
- return sec_pkcs7_add_cert_chain (cinfo, cert, certdb);
-}
-
-
-/*
- * Add "cert" to the set of certs included in "cinfo".
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7AddCertificate (SEC_PKCS7ContentInfo *cinfo, CERTCertificate *cert)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- if (kind != SEC_OID_PKCS7_SIGNED_DATA
- && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
- return SECFailure; /* XXX set an error? */
-
- return sec_pkcs7_add_certificate (cinfo, cert);
-}
-
-
-static SECStatus
-sec_pkcs7_init_encrypted_content_info (SEC_PKCS7EncryptedContentInfo *enccinfo,
- PRArenaPool *poolp,
- SECOidTag kind, PRBool detached,
- SECOidTag encalg, int keysize)
-{
- SECStatus rv;
-
- PORT_Assert (enccinfo != NULL && poolp != NULL);
- if (enccinfo == NULL || poolp == NULL)
- return SECFailure;
-
- /*
- * XXX Some day we may want to allow for other kinds. That needs
- * more work and modifications to the creation interface, etc.
- * For now, allow but notice callers who pass in other kinds.
- * They are responsible for creating the inner type and encoding,
- * if it is other than DATA.
- */
- PORT_Assert (kind == SEC_OID_PKCS7_DATA);
-
- enccinfo->contentTypeTag = SECOID_FindOIDByTag (kind);
- PORT_Assert (enccinfo->contentTypeTag
- && enccinfo->contentTypeTag->offset == kind);
-
- rv = SECITEM_CopyItem (poolp, &(enccinfo->contentType),
- &(enccinfo->contentTypeTag->oid));
- if (rv != SECSuccess)
- return rv;
-
- /* Save keysize and algorithm for later. */
- enccinfo->keysize = keysize;
- enccinfo->encalg = encalg;
-
- return SECSuccess;
-}
-
-
-/*
- * Add a recipient to a PKCS7 thing, verifying their cert first.
- * Any error returns SECFailure.
- */
-static SECStatus
-sec_pkcs7_add_recipient (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
- SEC_PKCS7RecipientInfo *recipientinfo, **recipientinfos, ***recipientinfosp;
- SECItem *dummy;
- void *mark;
- int count;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *edp;
-
- edp = cinfo->content.envelopedData;
- recipientinfosp = &(edp->recipientInfos);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- recipientinfosp = &(saedp->recipientInfos);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- /*
- * XXX I think that CERT_VerifyCert should do this if *it* is passed
- * a NULL database.
- */
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL)
- return SECFailure; /* XXX set an error? */
- }
-
- if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage, PR_Now(),
- cinfo->pwfn_arg, NULL) != SECSuccess)
- {
- /* XXX Did CERT_VerifyCert set an error? */
- return SECFailure;
- }
-
- mark = PORT_ArenaMark (cinfo->poolp);
-
- recipientinfo = (SEC_PKCS7RecipientInfo*)PORT_ArenaZAlloc (cinfo->poolp,
- sizeof(SEC_PKCS7RecipientInfo));
- if (recipientinfo == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- dummy = SEC_ASN1EncodeInteger (cinfo->poolp, &recipientinfo->version,
- SEC_PKCS7_RECIPIENT_INFO_VERSION);
- if (dummy == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- PORT_Assert (dummy == &recipientinfo->version);
-
- recipientinfo->cert = CERT_DupCertificate (cert);
- if (recipientinfo->cert == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- recipientinfo->issuerAndSN = CERT_GetCertIssuerAndSN (cinfo->poolp, cert);
- if (recipientinfo->issuerAndSN == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- /*
- * Okay, now recipientinfo is all set. We just need to put it into
- * the main structure.
- *
- * If this is the first recipient, allocate a new recipientinfos array;
- * otherwise, reallocate the array, making room for the new entry.
- */
- recipientinfos = *recipientinfosp;
- if (recipientinfos == NULL) {
- count = 0;
- recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaAlloc (
- cinfo->poolp,
- 2 * sizeof(SEC_PKCS7RecipientInfo *));
- } else {
- for (count = 0; recipientinfos[count] != NULL; count++)
- ;
- PORT_Assert (count); /* should be at least one already */
- recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaGrow (
- cinfo->poolp, recipientinfos,
- (count + 1) * sizeof(SEC_PKCS7RecipientInfo *),
- (count + 2) * sizeof(SEC_PKCS7RecipientInfo *));
- }
-
- if (recipientinfos == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- recipientinfos[count] = recipientinfo;
- recipientinfos[count + 1] = NULL;
-
- *recipientinfosp = recipientinfos;
-
- PORT_ArenaUnmark (cinfo->poolp, mark);
- return SECSuccess;
-}
-
-
-/*
- * Start a PKCS7 enveloping context.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
- *
- * "keysize" specifies the bulk encryption key size, in bits.
- *
- * The return value can be passed to functions which add things to
- * it like more recipients, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEnvelopedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag encalg,
- int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7EnvelopedData *envd;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_ENVELOPED_DATA,
- PR_FALSE, pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- rv = sec_pkcs7_add_recipient (cinfo, cert, certusage, certdb);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- envd = cinfo->content.envelopedData;
- PORT_Assert (envd != NULL);
-
- /*
- * XXX Might we want to allow content types other than data?
- * If so, via what interface?
- */
- rv = sec_pkcs7_init_encrypted_content_info (&(envd->encContentInfo),
- cinfo->poolp,
- SEC_OID_PKCS7_DATA, PR_FALSE,
- encalg, keysize);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- /* XXX Anything more to do here? */
-
- return cinfo;
-}
-
-
-/*
- * Add another recipient to an encrypted message.
- *
- * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- */
-SECStatus
-SEC_PKCS7AddRecipient (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb)
-{
- return sec_pkcs7_add_recipient (cinfo, cert, certusage, certdb);
-}
-
-
-/*
- * Create an empty PKCS7 data content info.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateData (void)
-{
- return sec_pkcs7_create_content_info (SEC_OID_PKCS7_DATA, PR_FALSE,
- NULL, NULL);
-}
-
-
-/*
- * Create an empty PKCS7 encrypted content info.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEncryptedData (SECOidTag algorithm, int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECAlgorithmID *algid;
- SEC_PKCS7EncryptedData *enc_data;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_ENCRYPTED_DATA,
- PR_FALSE, pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- enc_data = cinfo->content.encryptedData;
- algid = &(enc_data->encContentInfo.contentEncAlg);
-
- switch (algorithm) {
- case SEC_OID_RC2_CBC:
- case SEC_OID_DES_EDE3_CBC:
- case SEC_OID_DES_CBC:
- rv = SECOID_SetAlgorithmID (cinfo->poolp, algid, algorithm, NULL);
- break;
- default:
- {
- /*
- * Assume password-based-encryption. At least, try that.
- */
- SECAlgorithmID *pbe_algid;
- pbe_algid = PK11_CreatePBEAlgorithmID (algorithm, 1, NULL);
- if (pbe_algid == NULL) {
- rv = SECFailure;
- } else {
- rv = SECOID_CopyAlgorithmID (cinfo->poolp, algid, pbe_algid);
- SECOID_DestroyAlgorithmID (pbe_algid, PR_TRUE);
- }
- }
- break;
- }
-
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- rv = sec_pkcs7_init_encrypted_content_info (&(enc_data->encContentInfo),
- cinfo->poolp,
- SEC_OID_PKCS7_DATA, PR_FALSE,
- algorithm, keysize);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c
deleted file mode 100644
index 54c279ca4..000000000
--- a/security/nss/lib/pkcs7/p7decode.c
+++ /dev/null
@@ -1,2052 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 decoding, verification.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "p7local.h"
-
-#include "cert.h"
- /* XXX do not want to have to include */
-#include "certdb.h" /* certdb.h -- the trust stuff needed by */
- /* the add certificate code needs to get */
- /* rewritten/abstracted and then this */
- /* include should be removed! */
-/*#include "cdbhdl.h" */
-#include "cryptohi.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-#include "secder.h"
-#include "secpkcs5.h"
-
-struct sec_pkcs7_decoder_worker {
- int depth;
- int digcnt;
- void **digcxs;
- const SECHashObject **digobjs;
- sec_PKCS7CipherObject *decryptobj;
- PRBool saw_contents;
-};
-
-struct SEC_PKCS7DecoderContextStr {
- SEC_ASN1DecoderContext *dcx;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7DecoderContentCallback cb;
- void *cb_arg;
- SECKEYGetPasswordKey pwfn;
- void *pwfn_arg;
- struct sec_pkcs7_decoder_worker worker;
- PRArenaPool *tmp_poolp;
- int error;
- SEC_PKCS7GetDecryptKeyCallback dkcb;
- void *dkcb_arg;
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb;
-};
-
-/*
- * Handle one worker, decrypting and digesting the data as necessary.
- *
- * XXX If/when we support nested contents, this probably needs to be
- * revised somewhat to get passed the content-info (which unfortunately
- * can be two different types depending on whether it is encrypted or not)
- * corresponding to the given worker.
- */
-static void
-sec_pkcs7_decoder_work_data (SEC_PKCS7DecoderContext *p7dcx,
- struct sec_pkcs7_decoder_worker *worker,
- const unsigned char *data, unsigned long len,
- PRBool final)
-{
- unsigned char *buf = NULL;
- SECStatus rv;
- int i;
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- /*
- * Decrypt this chunk.
- *
- * XXX If we get an error, we do not want to do the digest or callback,
- * but we want to keep decoding. Or maybe we want to stop decoding
- * altogether if there is a callback, because obviously we are not
- * sending the data back and they want to know that.
- */
- if (worker->decryptobj != NULL) {
- /* XXX the following lengths should all be longs? */
- unsigned int inlen; /* length of data being decrypted */
- unsigned int outlen; /* length of decrypted data */
- unsigned int buflen; /* length available for decrypted data */
- SECItem *plain;
-
- inlen = len;
- buflen = sec_PKCS7DecryptLength (worker->decryptobj, inlen, final);
- if (buflen == 0) {
- if (inlen == 0) /* no input and no output */
- return;
- /*
- * No output is expected, but the input data may be buffered
- * so we still have to call Decrypt.
- */
- rv = sec_PKCS7Decrypt (worker->decryptobj, NULL, NULL, 0,
- data, inlen, final);
- if (rv != SECSuccess) {
- p7dcx->error = PORT_GetError();
- return; /* XXX indicate error? */
- }
- return;
- }
-
- if (p7dcx->cb != NULL) {
- buf = (unsigned char *) PORT_Alloc (buflen);
- plain = NULL;
- } else {
- unsigned long oldlen;
-
- /*
- * XXX This assumes one level of content only.
- * See comment above about nested content types.
- * XXX Also, it should work for signedAndEnvelopedData, too!
- */
- plain = &(p7dcx->cinfo->
- content.envelopedData->encContentInfo.plainContent);
-
- oldlen = plain->len;
- if (oldlen == 0) {
- buf = (unsigned char*)PORT_ArenaAlloc (p7dcx->cinfo->poolp,
- buflen);
- } else {
- buf = (unsigned char*)PORT_ArenaGrow (p7dcx->cinfo->poolp,
- plain->data,
- oldlen, oldlen + buflen);
- if (buf != NULL)
- buf += oldlen;
- }
- plain->data = buf;
- }
- if (buf == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- return; /* XXX indicate error? */
- }
- rv = sec_PKCS7Decrypt (worker->decryptobj, buf, &outlen, buflen,
- data, inlen, final);
- if (rv != SECSuccess) {
- p7dcx->error = PORT_GetError();
- return; /* XXX indicate error? */
- }
- if (plain != NULL) {
- PORT_Assert (final || outlen == buflen);
- plain->len += outlen;
- }
- data = buf;
- len = outlen;
- }
-
- /*
- * Update the running digests.
- */
- if (len) {
- for (i = 0; i < worker->digcnt; i++) {
- (* worker->digobjs[i]->update) (worker->digcxs[i], data, len);
- }
- }
-
- /*
- * Pass back the contents bytes, and free the temporary buffer.
- */
- if (p7dcx->cb != NULL) {
- if (len)
- (* p7dcx->cb) (p7dcx->cb_arg, (const char *)data, len);
- if (worker->decryptobj != NULL) {
- PORT_Assert (buf != NULL);
- PORT_Free (buf);
- }
- }
-}
-
-static void
-sec_pkcs7_decoder_filter (void *arg, const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS7DecoderContext *p7dcx;
- struct sec_pkcs7_decoder_worker *worker;
-
- /*
- * Since we do not handle any nested contents, the only bytes we
- * are really interested in are the actual contents bytes (not
- * the identifier, length, or end-of-contents bytes). If we were
- * handling nested types we would probably need to do something
- * smarter based on depth and data_kind.
- */
- if (data_kind != SEC_ASN1_Contents)
- return;
-
- /*
- * The ASN.1 decoder should not even call us with a length of 0.
- * Just being paranoid.
- */
- PORT_Assert (len);
- if (len == 0)
- return;
-
- p7dcx = (SEC_PKCS7DecoderContext*)arg;
-
- /*
- * Handling nested contents would mean that there is a chain
- * of workers -- one per each level of content. The following
- * would start with the first worker and loop over them.
- */
- worker = &(p7dcx->worker);
-
- worker->saw_contents = PR_TRUE;
-
- sec_pkcs7_decoder_work_data (p7dcx, worker,
- (const unsigned char *) data, len, PR_FALSE);
-}
-
-
-/*
- * Create digest contexts for each algorithm in "digestalgs".
- * No algorithms is not an error, we just do not do anything.
- * An error (like trouble allocating memory), marks the error
- * in "p7dcx" and returns SECFailure, which means that our caller
- * should just give up altogether.
- */
-static SECStatus
-sec_pkcs7_decoder_start_digests (SEC_PKCS7DecoderContext *p7dcx, int depth,
- SECAlgorithmID **digestalgs)
-{
- int i, digcnt;
-
- if (digestalgs == NULL)
- return SECSuccess;
-
- /*
- * Count the algorithms.
- */
- digcnt = 0;
- while (digestalgs[digcnt] != NULL)
- digcnt++;
-
- /*
- * No algorithms means no work to do.
- * This is not expected, so cause an assert.
- * But if it does happen, just act as if there were
- * no algorithms specified.
- */
- PORT_Assert (digcnt != 0);
- if (digcnt == 0)
- return SECSuccess;
-
- p7dcx->worker.digcxs = (void**)PORT_ArenaAlloc (p7dcx->tmp_poolp,
- digcnt * sizeof (void *));
- p7dcx->worker.digobjs = (const SECHashObject**)PORT_ArenaAlloc (p7dcx->tmp_poolp,
- digcnt * sizeof (SECHashObject *));
- if (p7dcx->worker.digcxs == NULL || p7dcx->worker.digobjs == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- p7dcx->worker.depth = depth;
- p7dcx->worker.digcnt = 0;
-
- /*
- * Create a digest context for each algorithm.
- */
- for (i = 0; i < digcnt; i++) {
- SECAlgorithmID * algid = digestalgs[i];
- SECOidTag oidTag = SECOID_FindOIDTag(&(algid->algorithm));
- const SECHashObject *digobj = HASH_GetHashObjectByOidTag(oidTag);
- void *digcx;
-
- /*
- * Skip any algorithm we do not even recognize; obviously,
- * this could be a problem, but if it is critical then the
- * result will just be that the signature does not verify.
- * We do not necessarily want to error out here, because
- * the particular algorithm may not actually be important,
- * but we cannot know that until later.
- */
- if (digobj == NULL) {
- p7dcx->worker.digcnt--;
- continue;
- }
-
- digcx = (* digobj->create)();
- if (digcx != NULL) {
- (* digobj->begin) (digcx);
- p7dcx->worker.digobjs[p7dcx->worker.digcnt] = digobj;
- p7dcx->worker.digcxs[p7dcx->worker.digcnt] = digcx;
- p7dcx->worker.digcnt++;
- }
- }
-
- if (p7dcx->worker.digcnt != 0)
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
- sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- return SECSuccess;
-}
-
-
-/*
- * Close out all of the digest contexts, storing the results in "digestsp".
- */
-static SECStatus
-sec_pkcs7_decoder_finish_digests (SEC_PKCS7DecoderContext *p7dcx,
- PRArenaPool *poolp,
- SECItem ***digestsp)
-{
- struct sec_pkcs7_decoder_worker *worker;
- const SECHashObject *digobj;
- void *digcx;
- SECItem **digests, *digest;
- int i;
- void *mark;
-
- /*
- * XXX Handling nested contents would mean that there is a chain
- * of workers -- one per each level of content. The following
- * would want to find the last worker in the chain.
- */
- worker = &(p7dcx->worker);
-
- /*
- * If no digests, then we have nothing to do.
- */
- if (worker->digcnt == 0)
- return SECSuccess;
-
- /*
- * No matter what happens after this, we want to stop filtering.
- * XXX If we handle nested contents, we only want to stop filtering
- * if we are finishing off the *last* worker.
- */
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-
- /*
- * If we ended up with no contents, just destroy each
- * digest context -- they are meaningless and potentially
- * confusing, because their presence would imply some content
- * was digested.
- */
- if (! worker->saw_contents) {
- for (i = 0; i < worker->digcnt; i++) {
- digcx = worker->digcxs[i];
- digobj = worker->digobjs[i];
- (* digobj->destroy) (digcx, PR_TRUE);
- }
- return SECSuccess;
- }
-
- mark = PORT_ArenaMark (poolp);
-
- /*
- * Close out each digest context, saving digest away.
- */
- digests =
- (SECItem**)PORT_ArenaAlloc (poolp,(worker->digcnt+1)*sizeof(SECItem *));
- digest = (SECItem*)PORT_ArenaAlloc (poolp, worker->digcnt*sizeof(SECItem));
- if (digests == NULL || digest == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
- }
-
- for (i = 0; i < worker->digcnt; i++, digest++) {
- digcx = worker->digcxs[i];
- digobj = worker->digobjs[i];
-
- digest->data = (unsigned char*)PORT_ArenaAlloc (poolp, digobj->length);
- if (digest->data == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
- }
-
- digest->len = digobj->length;
- (* digobj->end) (digcx, digest->data, &(digest->len), digest->len);
- (* digobj->destroy) (digcx, PR_TRUE);
-
- digests[i] = digest;
- }
- digests[i] = NULL;
- *digestsp = digests;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-}
-
-/*
- * XXX Need comment explaining following helper function (which is used
- * by sec_pkcs7_decoder_start_decrypt).
- */
-extern const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[];
-
-static PK11SymKey *
-sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx,
- SEC_PKCS7RecipientInfo **recipientinfos,
- SEC_PKCS7EncryptedContentInfo *enccinfo)
-{
- SEC_PKCS7RecipientInfo *ri;
- CERTCertificate *cert = NULL;
- SECKEYPrivateKey *privkey = NULL;
- PK11SymKey *bulkkey;
- SECOidTag keyalgtag, bulkalgtag, encalgtag;
- PK11SlotInfo *slot;
- int bulkLength = 0;
-
- if (recipientinfos == NULL || recipientinfos[0] == NULL) {
- p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
- goto no_key_found;
- }
-
- cert = PK11_FindCertAndKeyByRecipientList(&slot,recipientinfos,&ri,
- &privkey, p7dcx->pwfn_arg);
- if (cert == NULL) {
- p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
- goto no_key_found;
- }
-
- ri->cert = cert; /* so we can find it later */
- PORT_Assert(privkey != NULL);
-
- keyalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- encalgtag = SECOID_GetAlgorithmTag (&(ri->keyEncAlg));
- if ((encalgtag != SEC_OID_NETSCAPE_SMIME_KEA) && (keyalgtag != encalgtag)) {
- p7dcx->error = SEC_ERROR_PKCS7_KEYALG_MISMATCH;
- goto no_key_found;
- }
- bulkalgtag = SECOID_GetAlgorithmTag (&(enccinfo->contentEncAlg));
-
- switch (encalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- bulkkey = PK11_PubUnwrapSymKey (privkey, &ri->encKey,
- PK11_AlgtagToMechanism (bulkalgtag),
- CKA_DECRYPT, 0);
- if (bulkkey == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
- break;
- /* ### mwelch -- KEA */
- case SEC_OID_NETSCAPE_SMIME_KEA:
- {
- SECStatus err;
- CK_MECHANISM_TYPE bulkType;
- PK11SymKey *tek;
- SECKEYPublicKey *senderPubKey;
- SEC_PKCS7SMIMEKEAParameters keaParams;
-
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- /* Decode the KEA algorithm parameters. */
- err = SEC_ASN1DecodeItem(NULL,
- &keaParams,
- SEC_SMIMEKEAParamTemplateAllParams,
- &(ri->keyEncAlg.parameters));
- if (err != SECSuccess)
- {
- p7dcx->error = err;
- PORT_SetError(0);
- goto no_key_found;
- }
-
-
- /* We just got key data, no key structure. So, we
- create one. */
- senderPubKey =
- PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
- keaParams.originatorKEAKey.len);
- if (senderPubKey == NULL)
- {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
-
- /* Generate the TEK (token exchange key) which we use
- to unwrap the bulk encryption key. */
- tek = PK11_PubDerive(privkey, senderPubKey,
- PR_FALSE,
- &keaParams.originatorRA,
- NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, p7dcx->pwfn_arg);
- SECKEY_DestroyPublicKey(senderPubKey);
-
- if (tek == NULL)
- {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
-
- /* Now that we have the TEK, unwrap the bulk key
- with which to decrypt the message. We have to
- do one of two different things depending on
- whether Skipjack was used for bulk encryption
- of the message. */
- bulkType = PK11_AlgtagToMechanism (bulkalgtag);
- switch(bulkType)
- {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* Skipjack is being used as the bulk encryption algorithm.*/
- /* Unwrap the bulk key. */
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP,
- NULL, &ri->encKey,
- CKM_SKIPJACK_CBC64,
- CKA_DECRYPT, 0);
- break;
- default:
- /* Skipjack was not used for bulk encryption of this
- message. Use Skipjack CBC64, with the nonSkipjackIV
- part of the KEA key parameters, to decrypt
- the bulk key. If we got a parameter indicating that the
- bulk key size is different than the encrypted key size,
- pass in the real key size. */
-
- /* Check for specified bulk key length (unspecified implies
- that the bulk key length is the same as encrypted length) */
- if (keaParams.bulkKeySize.len > 0)
- {
- p7dcx->error = SEC_ASN1DecodeItem(NULL, &bulkLength,
- SEC_ASN1_GET(SEC_IntegerTemplate),
- &keaParams.bulkKeySize);
- }
-
- if (p7dcx->error != SECSuccess)
- goto no_key_found;
-
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64,
- &keaParams.nonSkipjackIV,
- &ri->encKey,
- bulkType,
- CKA_DECRYPT, bulkLength);
- }
-
-
- if (bulkkey == NULL)
- {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
- break;
- }
- default:
- p7dcx->error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto no_key_found;
- }
-
- return bulkkey;
-
-no_key_found:
- if (privkey != NULL)
- SECKEY_DestroyPrivateKey (privkey);
-
- return NULL;
-}
-
-/*
- * XXX The following comment is old -- the function used to only handle
- * EnvelopedData or SignedAndEnvelopedData but now handles EncryptedData
- * as well (and it had all of the code of the helper function above
- * built into it), though the comment was left as is. Fix it...
- *
- * We are just about to decode the content of an EnvelopedData.
- * Set up a decryption context so we can decrypt as we go.
- * Presumably we are one of the recipients listed in "recipientinfos".
- * (XXX And if we are not, or if we have trouble, what should we do?
- * It would be nice to let the decoding still work. Maybe it should
- * be an error if there is a content callback, but not an error otherwise?)
- * The encryption key and related information can be found in "enccinfo".
- */
-static SECStatus
-sec_pkcs7_decoder_start_decrypt (SEC_PKCS7DecoderContext *p7dcx, int depth,
- SEC_PKCS7RecipientInfo **recipientinfos,
- SEC_PKCS7EncryptedContentInfo *enccinfo,
- PK11SymKey **copy_key_for_signature)
-{
- PK11SymKey *bulkkey = NULL;
- sec_PKCS7CipherObject *decryptobj;
-
- /*
- * If a callback is supplied to retrieve the encryption key,
- * for instance, for Encrypted Content infos, then retrieve
- * the bulkkey from the callback. Otherwise, assume that
- * we are processing Enveloped or SignedAndEnveloped data
- * content infos.
- *
- * XXX Put an assert here?
- */
- if (SEC_PKCS7ContentType(p7dcx->cinfo) == SEC_OID_PKCS7_ENCRYPTED_DATA) {
- if (p7dcx->dkcb != NULL) {
- bulkkey = (*p7dcx->dkcb)(p7dcx->dkcb_arg,
- &(enccinfo->contentEncAlg));
- }
- enccinfo->keysize = 0;
- } else {
- bulkkey = sec_pkcs7_decoder_get_recipient_key (p7dcx, recipientinfos,
- enccinfo);
- if (bulkkey == NULL) goto no_decryption;
- enccinfo->keysize = PK11_GetKeyStrength(bulkkey,
- &(enccinfo->contentEncAlg));
-
- }
-
- /*
- * XXX I think following should set error in p7dcx and clear set error
- * (as used to be done here, or as is done in get_receipient_key above.
- */
- if(bulkkey == NULL) {
- goto no_decryption;
- }
-
- /*
- * We want to make sure decryption is allowed. This is done via
- * a callback specified in SEC_PKCS7DecoderStart().
- */
- if (p7dcx->decrypt_allowed_cb) {
- if ((*p7dcx->decrypt_allowed_cb) (&(enccinfo->contentEncAlg),
- bulkkey) == PR_FALSE) {
- p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
- goto no_decryption;
- }
- } else {
- p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
- goto no_decryption;
- }
-
- /*
- * When decrypting a signedAndEnvelopedData, the signature also has
- * to be decrypted with the bulk encryption key; to avoid having to
- * get it all over again later (and do another potentially expensive
- * RSA operation), copy it for later signature verification to use.
- */
- if (copy_key_for_signature != NULL)
- *copy_key_for_signature = PK11_ReferenceSymKey (bulkkey);
-
- /*
- * Now we have the bulk encryption key (in bulkkey) and the
- * the algorithm (in enccinfo->contentEncAlg). Using those,
- * create a decryption context.
- */
- decryptobj = sec_PKCS7CreateDecryptObject (bulkkey,
- &(enccinfo->contentEncAlg));
-
- /*
- * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
- * structure. Therefore, we need to set the bulkkey to the actual key
- * prior to freeing it.
- */
- if ( SEC_PKCS5IsAlgorithmPBEAlg(&(enccinfo->contentEncAlg)) && bulkkey ) {
- SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
- bulkkey = keyPwd->key;
- }
-
- /*
- * We are done with (this) bulkkey now.
- */
- PK11_FreeSymKey (bulkkey);
-
- if (decryptobj == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_decryption;
- }
-
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
- sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
-
- p7dcx->worker.depth = depth;
- p7dcx->worker.decryptobj = decryptobj;
-
- return SECSuccess;
-
-no_decryption:
- /*
- * For some reason (error set already, if appropriate), we cannot
- * decrypt the content. I am not sure what exactly is the right
- * thing to do here; in some cases we want to just stop, and in
- * others we want to let the decoding finish even though we cannot
- * decrypt the content. My current thinking is that if the caller
- * set up a content callback, then they are really interested in
- * getting (decrypted) content, and if they cannot they will want
- * to know about it. However, if no callback was specified, then
- * maybe it is not important that the decryption failed.
- */
- if (p7dcx->cb != NULL)
- return SECFailure;
- else
- return SECSuccess; /* Let the decoding continue. */
-}
-
-
-static SECStatus
-sec_pkcs7_decoder_finish_decrypt (SEC_PKCS7DecoderContext *p7dcx,
- PRArenaPool *poolp,
- SEC_PKCS7EncryptedContentInfo *enccinfo)
-{
- struct sec_pkcs7_decoder_worker *worker;
-
- /*
- * XXX Handling nested contents would mean that there is a chain
- * of workers -- one per each level of content. The following
- * would want to find the last worker in the chain.
- */
- worker = &(p7dcx->worker);
-
- /*
- * If no decryption context, then we have nothing to do.
- */
- if (worker->decryptobj == NULL)
- return SECSuccess;
-
- /*
- * No matter what happens after this, we want to stop filtering.
- * XXX If we handle nested contents, we only want to stop filtering
- * if we are finishing off the *last* worker.
- */
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-
- /*
- * Handle the last block.
- */
- sec_pkcs7_decoder_work_data (p7dcx, worker, NULL, 0, PR_TRUE);
-
- /*
- * All done, destroy it.
- */
- sec_PKCS7DestroyDecryptObject (worker->decryptobj);
- worker->decryptobj = NULL;
-
- return SECSuccess;
-}
-
-
-static void
-sec_pkcs7_decoder_notify (void *arg, PRBool before, void *dest, int depth)
-{
- SEC_PKCS7DecoderContext *p7dcx;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7SignedData *sigd;
- SEC_PKCS7EnvelopedData *envd;
- SEC_PKCS7SignedAndEnvelopedData *saed;
- SEC_PKCS7EncryptedData *encd;
- SEC_PKCS7DigestedData *digd;
- PRBool after;
- SECStatus rv;
-
- /*
- * Just to make the code easier to read, create an "after" variable
- * that is equivalent to "not before".
- * (This used to be just the statement "after = !before", but that
- * causes a warning on the mac; to avoid that, we do it the long way.)
- */
- if (before)
- after = PR_FALSE;
- else
- after = PR_TRUE;
-
- p7dcx = (SEC_PKCS7DecoderContext*)arg;
- cinfo = p7dcx->cinfo;
-
- if (cinfo->contentTypeTag == NULL) {
- if (after && dest == &(cinfo->contentType))
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
- return;
- }
-
- switch (cinfo->contentTypeTag->offset) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- sigd = cinfo->content.signedData;
- if (sigd == NULL)
- break;
-
- if (sigd->contentInfo.contentTypeTag == NULL) {
- if (after && dest == &(sigd->contentInfo.contentType))
- sigd->contentInfo.contentTypeTag =
- SECOID_FindOID(&(sigd->contentInfo.contentType));
- break;
- }
-
- /*
- * We only set up a filtering digest if the content is
- * plain DATA; anything else needs more work because a
- * second pass is required to produce a DER encoding from
- * an input that can be BER encoded. (This is a requirement
- * of PKCS7 that is unfortunate, but there you have it.)
- *
- * XXX Also, since we stop here if this is not DATA, the
- * inner content is not getting processed at all. Someday
- * we may want to fix that.
- */
- if (sigd->contentInfo.contentTypeTag->offset != SEC_OID_PKCS7_DATA) {
- /* XXX Set an error in p7dcx->error */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- break;
- }
-
- /*
- * Just before the content, we want to set up a digest context
- * for each digest algorithm listed, and start a filter which
- * will run all of the contents bytes through that digest.
- */
- if (before && dest == &(sigd->contentInfo.content)) {
- rv = sec_pkcs7_decoder_start_digests (p7dcx, depth,
- sigd->digestAlgorithms);
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * XXX To handle nested types, here is where we would want
- * to check for inner boundaries that need handling.
- */
-
- /*
- * Are we done?
- */
- if (after && dest == &(sigd->contentInfo.content)) {
- /*
- * Close out the digest contexts. We ignore any error
- * because we are stopping anyway; the error status left
- * behind in p7dcx will be seen by outer functions.
- */
- (void) sec_pkcs7_decoder_finish_digests (p7dcx, cinfo->poolp,
- &(sigd->digests));
-
- /*
- * XXX To handle nested contents, we would need to remove
- * the worker from the chain (and free it).
- */
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- envd = cinfo->content.envelopedData;
- if (envd == NULL)
- break;
-
- if (envd->encContentInfo.contentTypeTag == NULL) {
- if (after && dest == &(envd->encContentInfo.contentType))
- envd->encContentInfo.contentTypeTag =
- SECOID_FindOID(&(envd->encContentInfo.contentType));
- break;
- }
-
- /*
- * Just before the content, we want to set up a decryption
- * context, and start a filter which will run all of the
- * contents bytes through it to determine the plain content.
- */
- if (before && dest == &(envd->encContentInfo.encContent)) {
- rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth,
- envd->recipientInfos,
- &(envd->encContentInfo),
- NULL);
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(envd->encContentInfo.encContent)) {
- /*
- * Close out the decryption context. We ignore any error
- * because we are stopping anyway; the error status left
- * behind in p7dcx will be seen by outer functions.
- */
- (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
- &(envd->encContentInfo));
-
- /*
- * XXX To handle nested contents, we would need to remove
- * the worker from the chain (and free it).
- */
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- saed = cinfo->content.signedAndEnvelopedData;
- if (saed == NULL)
- break;
-
- if (saed->encContentInfo.contentTypeTag == NULL) {
- if (after && dest == &(saed->encContentInfo.contentType))
- saed->encContentInfo.contentTypeTag =
- SECOID_FindOID(&(saed->encContentInfo.contentType));
- break;
- }
-
- /*
- * Just before the content, we want to set up a decryption
- * context *and* digest contexts, and start a filter which
- * will run all of the contents bytes through both.
- */
- if (before && dest == &(saed->encContentInfo.encContent)) {
- rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth,
- saed->recipientInfos,
- &(saed->encContentInfo),
- &(saed->sigKey));
- if (rv == SECSuccess)
- rv = sec_pkcs7_decoder_start_digests (p7dcx, depth,
- saed->digestAlgorithms);
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(saed->encContentInfo.encContent)) {
- /*
- * Close out the decryption and digests contexts.
- * We ignore any errors because we are stopping anyway;
- * the error status left behind in p7dcx will be seen by
- * outer functions.
- *
- * Note that the decrypt stuff must be called first;
- * it may have a last buffer to do which in turn has
- * to be added to the digest.
- */
- (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
- &(saed->encContentInfo));
- (void) sec_pkcs7_decoder_finish_digests (p7dcx, cinfo->poolp,
- &(saed->digests));
-
- /*
- * XXX To handle nested contents, we would need to remove
- * the worker from the chain (and free it).
- */
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA:
- digd = cinfo->content.digestedData;
-
- /*
- * XXX Want to do the digest or not? Maybe future enhancement...
- */
- if (before && dest == &(digd->contentInfo.content.data)) {
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx, sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(digd->contentInfo.content.data)) {
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- encd = cinfo->content.encryptedData;
-
- /*
- * XXX If the decryption key callback is set, we want to start
- * the decryption. If the callback is not set, we will treat the
- * content as plain data, since we do not have the key.
- *
- * Is this the proper thing to do?
- */
- if (before && dest == &(encd->encContentInfo.encContent)) {
- /*
- * Start the encryption process if the decryption key callback
- * is present. Otherwise, treat the content like plain data.
- */
- rv = SECSuccess;
- if (p7dcx->dkcb != NULL) {
- rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth, NULL,
- &(encd->encContentInfo),
- NULL);
- }
-
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(encd->encContentInfo.encContent)) {
- /*
- * Close out the decryption context. We ignore any error
- * because we are stopping anyway; the error status left
- * behind in p7dcx will be seen by outer functions.
- */
- (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
- &(encd->encContentInfo));
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_DATA:
- /*
- * If a output callback has been specified, we want to set the filter
- * to call the callback. This is taken care of in
- * sec_pkcs7_decoder_start_decrypt() or
- * sec_pkcs7_decoder_start_digests() for the other content types.
- */
-
- if (before && dest == &(cinfo->content.data)) {
-
- /*
- * Set the filter proc up.
- */
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
- sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- break;
- }
-
- if (after && dest == &(cinfo->content.data)) {
- /*
- * Time to clean up after ourself, stop the Notify and Filter
- * procedures.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
- }
- break;
-
- default:
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- break;
- }
-}
-
-
-SEC_PKCS7DecoderContext *
-SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
-{
- SEC_PKCS7DecoderContext *p7dcx;
- SEC_ASN1DecoderContext *dcx;
- SEC_PKCS7ContentInfo *cinfo;
- PRArenaPool *poolp;
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return NULL;
-
- cinfo = (SEC_PKCS7ContentInfo*)PORT_ArenaZAlloc (poolp, sizeof(*cinfo));
- if (cinfo == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- cinfo->poolp = poolp;
- cinfo->pwfn = pwfn;
- cinfo->pwfn_arg = pwfn_arg;
- cinfo->created = PR_FALSE;
- cinfo->refCount = 1;
-
- p7dcx =
- (SEC_PKCS7DecoderContext*)PORT_ZAlloc (sizeof(SEC_PKCS7DecoderContext));
- if (p7dcx == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- p7dcx->tmp_poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (p7dcx->tmp_poolp == NULL) {
- PORT_Free (p7dcx);
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- dcx = SEC_ASN1DecoderStart (poolp, cinfo, sec_PKCS7ContentInfoTemplate);
- if (dcx == NULL) {
- PORT_FreeArena (p7dcx->tmp_poolp, PR_FALSE);
- PORT_Free (p7dcx);
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- SEC_ASN1DecoderSetNotifyProc (dcx, sec_pkcs7_decoder_notify, p7dcx);
-
- p7dcx->dcx = dcx;
- p7dcx->cinfo = cinfo;
- p7dcx->cb = cb;
- p7dcx->cb_arg = cb_arg;
- p7dcx->pwfn = pwfn;
- p7dcx->pwfn_arg = pwfn_arg;
- p7dcx->dkcb = decrypt_key_cb;
- p7dcx->dkcb_arg = decrypt_key_cb_arg;
- p7dcx->decrypt_allowed_cb = decrypt_allowed_cb;
-
- return p7dcx;
-}
-
-
-/*
- * Do the next chunk of PKCS7 decoding. If there is a problem, set
- * an error and return a failure status. Note that in the case of
- * an error, this routine is still prepared to be called again and
- * again in case that is the easiest route for our caller to take.
- * We simply detect it and do not do anything except keep setting
- * that error in case our caller has not noticed it yet...
- */
-SECStatus
-SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
- const char *buf, unsigned long len)
-{
- if (p7dcx->cinfo != NULL && p7dcx->dcx != NULL) {
- PORT_Assert (p7dcx->error == 0);
- if (p7dcx->error == 0) {
- if (SEC_ASN1DecoderUpdate (p7dcx->dcx, buf, len) != SECSuccess) {
- p7dcx->error = PORT_GetError();
- PORT_Assert (p7dcx->error);
- if (p7dcx->error == 0)
- p7dcx->error = -1;
- }
- }
- }
-
- if (p7dcx->error) {
- if (p7dcx->dcx != NULL) {
- (void) SEC_ASN1DecoderFinish (p7dcx->dcx);
- p7dcx->dcx = NULL;
- }
- if (p7dcx->cinfo != NULL) {
- SEC_PKCS7DestroyContentInfo (p7dcx->cinfo);
- p7dcx->cinfo = NULL;
- }
- PORT_SetError (p7dcx->error);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-SEC_PKCS7ContentInfo *
-SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx)
-{
- SEC_PKCS7ContentInfo *cinfo;
-
- cinfo = p7dcx->cinfo;
- if (p7dcx->dcx != NULL) {
- if (SEC_ASN1DecoderFinish (p7dcx->dcx) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- cinfo = NULL;
- }
- }
- /* free any NSS data structures */
- if (p7dcx->worker.decryptobj) {
- sec_PKCS7DestroyDecryptObject (p7dcx->worker.decryptobj);
- }
- PORT_FreeArena (p7dcx->tmp_poolp, PR_FALSE);
- PORT_Free (p7dcx);
- return cinfo;
-}
-
-
-SEC_PKCS7ContentInfo *
-SEC_PKCS7DecodeItem(SECItem *p7item,
- SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
-{
- SEC_PKCS7DecoderContext *p7dcx;
-
- p7dcx = SEC_PKCS7DecoderStart(cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb,
- decrypt_key_cb_arg, decrypt_allowed_cb);
- (void) SEC_PKCS7DecoderUpdate(p7dcx, (char *) p7item->data, p7item->len);
- return SEC_PKCS7DecoderFinish(p7dcx);
-}
-
-
-/*
- * If the thing contains any certs or crls return true; false otherwise.
- */
-PRBool
-SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
- SECItem **certs;
- CERTSignedCrl **crls;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return PR_FALSE;
- case SEC_OID_PKCS7_SIGNED_DATA:
- certs = cinfo->content.signedData->rawCerts;
- crls = cinfo->content.signedData->crls;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- certs = cinfo->content.signedAndEnvelopedData->rawCerts;
- crls = cinfo->content.signedAndEnvelopedData->crls;
- break;
- }
-
- /*
- * I know this could be collapsed, but I was in a mood to be explicit.
- */
- if (certs != NULL && certs[0] != NULL)
- return PR_TRUE;
- else if (crls != NULL && crls[0] != NULL)
- return PR_TRUE;
- else
- return PR_FALSE;
-}
-
-/* return the content length...could use GetContent, however we
- * need the encrypted content length
- */
-PRBool
-SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen)
-{
- SECItem *item = NULL;
-
- if(cinfo == NULL) {
- return PR_TRUE;
- }
-
- switch(SEC_PKCS7ContentType(cinfo))
- {
- case SEC_OID_PKCS7_DATA:
- item = cinfo->content.data;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- item = &cinfo->content.encryptedData->encContentInfo.encContent;
- break;
- default:
- /* add other types */
- return PR_FALSE;
- }
-
- if(!item) {
- return PR_TRUE;
- } else if(item->len <= minLen) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-
-PRBool
-SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- return PR_FALSE;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- return PR_TRUE;
- }
-}
-
-
-/*
- * If the PKCS7 content has a signature (not just *could* have a signature)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-PRBool
-SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
- SEC_PKCS7SignerInfo **signerinfos;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return PR_FALSE;
- case SEC_OID_PKCS7_SIGNED_DATA:
- signerinfos = cinfo->content.signedData->signerInfos;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
- break;
- }
-
- /*
- * I know this could be collapsed; but I kind of think it will get
- * more complicated before I am finished, so...
- */
- if (signerinfos != NULL && signerinfos[0] != NULL)
- return PR_TRUE;
- else
- return PR_FALSE;
-}
-
-
-/*
- * SEC_PKCS7ContentVerifySignature
- * Look at a PKCS7 contentInfo and check if the signature is good.
- * The digest was either calculated earlier (and is stored in the
- * contentInfo itself) or is passed in via "detached_digest".
- *
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- *
- * XXX Each place which returns PR_FALSE should be sure to have a good
- * error set for inspection by the caller. Alternatively, we could create
- * an enumeration of success and each type of failure and return that
- * instead of a boolean. For now, the default in a bad situation is to
- * set the error to SEC_ERROR_PKCS7_BAD_SIGNATURE. But this should be
- * reviewed; better (more specific) errors should be possible (to distinguish
- * a signature failure from a badly-formed pkcs7 signedData, for example).
- * Some of the errors should probably just be SEC_ERROR_BAD_SIGNATURE,
- * but that has a less helpful error string associated with it right now;
- * if/when that changes, review and change these as needed.
- *
- * XXX This is broken wrt signedAndEnvelopedData. In that case, the
- * message digest is doubly encrypted -- first encrypted with the signer
- * private key but then again encrypted with the bulk encryption key used
- * to encrypt the content. So before we can pass the digest to VerifyDigest,
- * we need to decrypt it with the bulk encryption key. Also, in this case,
- * there should be NO authenticatedAttributes (signerinfo->authAttr should
- * be NULL).
- */
-static PRBool
-sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts)
-{
- SECAlgorithmID **digestalgs, *bulkid;
- SECItem *digest;
- SECItem **digests;
- SECItem **rawcerts;
- CERTSignedCrl **crls;
- SEC_PKCS7SignerInfo **signerinfos, *signerinfo;
- CERTCertificate *cert, **certs;
- PRBool goodsig;
- CERTCertDBHandle *certdb, *defaultdb;
- SECOidData *algiddata;
- int i, certcount;
- SECKEYPublicKey *publickey;
- SECItem *content_type;
- PK11SymKey *sigkey;
- SECItem *utc_stime;
- int64 stime;
- SECStatus rv;
-
- /*
- * Everything needed in order to "goto done" safely.
- */
- goodsig = PR_FALSE;
- certcount = 0;
- cert = NULL;
- certs = NULL;
- certdb = NULL;
- defaultdb = CERT_GetDefaultCertDB();
- publickey = NULL;
-
- if (! SEC_PKCS7ContentIsSigned(cinfo)) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- PORT_Assert (cinfo->contentTypeTag != NULL);
-
- switch (cinfo->contentTypeTag->offset) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- /* Could only get here if SEC_PKCS7ContentIsSigned is broken. */
- PORT_Assert (0);
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- digestalgs = sdp->digestAlgorithms;
- digests = sdp->digests;
- rawcerts = sdp->rawCerts;
- crls = sdp->crls;
- signerinfos = sdp->signerInfos;
- content_type = &(sdp->contentInfo.contentType);
- sigkey = NULL;
- bulkid = NULL;
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- digestalgs = saedp->digestAlgorithms;
- digests = saedp->digests;
- rawcerts = saedp->rawCerts;
- crls = saedp->crls;
- signerinfos = saedp->signerInfos;
- content_type = &(saedp->encContentInfo.contentType);
- sigkey = saedp->sigKey;
- bulkid = &(saedp->encContentInfo.contentEncAlg);
- }
- break;
- }
-
- if ((signerinfos == NULL) || (signerinfos[0] == NULL)) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * XXX Need to handle multiple signatures; checking them is easy,
- * but what should be the semantics here (like, return value)?
- */
- if (signerinfos[1] != NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- signerinfo = signerinfos[0];
-
- /*
- * XXX I would like to just pass the issuerAndSN, along with the rawcerts
- * and crls, to some function that did all of this certificate stuff
- * (open/close the database if necessary, verifying the certs, etc.)
- * and gave me back a cert pointer if all was good.
- */
- certdb = defaultdb;
- if (certdb == NULL) {
- goto done;
- }
-
- certcount = 0;
- if (rawcerts != NULL) {
- for (; rawcerts[certcount] != NULL; certcount++) {
- /* just counting */
- }
- }
-
- /*
- * Note that the result of this is that each cert in "certs"
- * needs to be destroyed.
- */
- rv = CERT_ImportCerts(certdb, certusage, certcount, rawcerts, &certs,
- keepcerts, PR_FALSE, NULL);
- if ( rv != SECSuccess ) {
- goto done;
- }
-
- /*
- * This cert will also need to be freed, but since we save it
- * in signerinfo for later, we do not want to destroy it when
- * we leave this function -- we let the clean-up of the entire
- * cinfo structure later do the destroy of this cert.
- */
- cert = CERT_FindCertByIssuerAndSN(certdb, signerinfo->issuerAndSN);
- if (cert == NULL) {
- goto done;
- }
-
- signerinfo->cert = cert;
-
- /*
- * Get and convert the signing time; if available, it will be used
- * both on the cert verification and for importing the sender
- * email profile.
- */
- utc_stime = SEC_PKCS7GetSigningTime (cinfo);
- if (utc_stime != NULL) {
- if (DER_UTCTimeToTime (&stime, utc_stime) != SECSuccess)
- utc_stime = NULL; /* conversion failed, so pretend none */
- }
-
- /*
- * XXX This uses the signing time, if available. Additionally, we
- * might want to, if there is no signing time, get the message time
- * from the mail header itself, and use that. That would require
- * a change to our interface though, and for S/MIME callers to pass
- * in a time (and for non-S/MIME callers to pass in nothing, or
- * maybe make them pass in the current time, always?).
- */
- if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage,
- utc_stime != NULL ? stime : PR_Now(),
- cinfo->pwfn_arg, NULL) != SECSuccess)
- {
- /*
- * XXX Give the user an option to check the signature anyway?
- * If we want to do this, need to give a way to leave and display
- * some dialog and get the answer and come back through (or do
- * the rest of what we do below elsewhere, maybe by putting it
- * in a function that we call below and could call from a dialog
- * finish handler).
- */
- goto savecert;
- }
-
- publickey = CERT_ExtractPublicKey (cert);
- if (publickey == NULL)
- goto done;
-
- /*
- * XXX No! If digests is empty, see if we can create it now by
- * digesting the contents. This is necessary if we want to allow
- * somebody to do a simple decode (without filtering, etc.) and
- * then later call us here to do the verification.
- * OR, we can just specify that the interface to this routine
- * *requires* that the digest(s) be done before calling and either
- * stashed in the struct itself or passed in explicitly (as would
- * be done for detached contents).
- */
- if ((digests == NULL || digests[0] == NULL)
- && (detached_digest == NULL || detached_digest->data == NULL))
- goto done;
-
- /*
- * Find and confirm digest algorithm.
- */
- algiddata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-
- if (detached_digest != NULL) {
- HASH_HashType found_type = HASH_GetHashTypeByOidTag(algiddata->offset);
- unsigned int hashLen = HASH_ResultLen(digest_type);
-
- if (digest_type != found_type ||
- digest_type == HASH_AlgNULL ||
- detached_digest->len != hashLen) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- digest = detached_digest;
- } else {
- PORT_Assert (digestalgs != NULL && digestalgs[0] != NULL);
- if (digestalgs == NULL || digestalgs[0] == NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * pick digest matching signerinfo->digestAlg from digests
- */
- if (algiddata == NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- for (i = 0; digestalgs[i] != NULL; i++) {
- if (SECOID_FindOID (&(digestalgs[i]->algorithm)) == algiddata)
- break;
- }
- if (digestalgs[i] == NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- digest = digests[i];
- }
-
- /*
- * XXX This may not be the right set of algorithms to check.
- * I'd prefer to trust that just calling VFY_Verify{Data,Digest}
- * would do the right thing (and set an error if it could not);
- * then additional algorithms could be handled by that code
- * and we would Just Work. So this check should just be removed,
- * but not until the VFY code is better at setting errors.
- */
- algiddata = SECOID_FindOID (&(signerinfo->digestEncAlg.algorithm));
- if (algiddata == NULL ||
- ((algiddata->offset != SEC_OID_PKCS1_RSA_ENCRYPTION) &&
- (algiddata->offset != SEC_OID_ANSIX9_DSA_SIGNATURE))) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- if (signerinfo->authAttr != NULL) {
- SEC_PKCS7Attribute *attr;
- SECItem *value;
- SECItem encoded_attrs;
-
- /*
- * We have a sigkey only for signedAndEnvelopedData, which is
- * not supposed to have any authenticated attributes.
- */
- if (sigkey != NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * PKCS #7 says that if there are any authenticated attributes,
- * then there must be one for content type which matches the
- * content type of the content being signed, and there must
- * be one for message digest which matches our message digest.
- * So check these things first.
- * XXX Might be nice to have a compare-attribute-value function
- * which could collapse the following nicely.
- */
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE);
- value = sec_PKCS7AttributeValue (attr);
- if (value == NULL || value->len != content_type->len) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- if (PORT_Memcmp (value->data, content_type->data, value->len) != 0) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE);
- value = sec_PKCS7AttributeValue (attr);
- if (value == NULL || value->len != digest->len) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- if (PORT_Memcmp (value->data, digest->data, value->len) != 0) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * Okay, we met the constraints of the basic attributes.
- * Now check the signature, which is based on a digest of
- * the DER-encoded authenticated attributes. So, first we
- * encode and then we digest/verify.
- */
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
- if (sec_PKCS7EncodeAttributes (NULL, &encoded_attrs,
- &(signerinfo->authAttr)) == NULL)
- goto done;
-
- if (encoded_attrs.data == NULL || encoded_attrs.len == 0) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- goodsig = (PRBool)(VFY_VerifyData (encoded_attrs.data,
- encoded_attrs.len,
- publickey, &(signerinfo->encDigest),
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- cinfo->pwfn_arg) == SECSuccess);
- PORT_Free (encoded_attrs.data);
- } else {
- SECItem *sig;
- SECItem holder;
- SECStatus rv;
-
- /*
- * No authenticated attributes.
- * The signature is based on the plain message digest.
- */
-
- sig = &(signerinfo->encDigest);
- if (sig->len == 0) { /* bad signature */
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- if (sigkey != NULL) {
- sec_PKCS7CipherObject *decryptobj;
- unsigned int buflen;
-
- /*
- * For signedAndEnvelopedData, we first must decrypt the encrypted
- * digest with the bulk encryption key. The result is the normal
- * encrypted digest (aka the signature).
- */
- decryptobj = sec_PKCS7CreateDecryptObject (sigkey, bulkid);
- if (decryptobj == NULL)
- goto done;
-
- buflen = sec_PKCS7DecryptLength (decryptobj, sig->len, PR_TRUE);
- PORT_Assert (buflen);
- if (buflen == 0) { /* something is wrong */
- sec_PKCS7DestroyDecryptObject (decryptobj);
- goto done;
- }
-
- holder.data = (unsigned char*)PORT_Alloc (buflen);
- if (holder.data == NULL) {
- sec_PKCS7DestroyDecryptObject (decryptobj);
- goto done;
- }
-
- rv = sec_PKCS7Decrypt (decryptobj, holder.data, &holder.len, buflen,
- sig->data, sig->len, PR_TRUE);
- sec_PKCS7DestroyDecryptObject (decryptobj);
- if (rv != SECSuccess) {
- goto done;
- }
-
- sig = &holder;
- }
-
- goodsig = (PRBool)(VFY_VerifyDigest (digest, publickey, sig,
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- cinfo->pwfn_arg)
- == SECSuccess);
-
- if (sigkey != NULL) {
- PORT_Assert (sig == &holder);
- PORT_ZFree (holder.data, holder.len);
- }
- }
-
- if (! goodsig) {
- /*
- * XXX Change the generic error into our specific one, because
- * in that case we get a better explanation out of the Security
- * Advisor. This is really a bug in our error strings (the
- * "generic" error has a lousy/wrong message associated with it
- * which assumes the signature verification was done for the
- * purposes of checking the issuer signature on a certificate)
- * but this is at least an easy workaround and/or in the
- * Security Advisor, which specifically checks for the error
- * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
- * in that case but does not similarly check for
- * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
- * probably say the wrong thing in the case that it *was* the
- * certificate signature check that failed during the cert
- * verification done above. Our error handling is really a mess.
- */
- if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- }
-
-savecert:
- /*
- * Only save the smime profile if we are checking an email message and
- * the cert has an email address in it.
- */
- if ( ( cert->emailAddr != NULL ) &&
- ( ( certusage == certUsageEmailSigner ) ||
- ( certusage == certUsageEmailRecipient ) ) ) {
- SECItem *profile = NULL;
- int save_error;
-
- /*
- * Remember the current error set because we do not care about
- * anything set by the functions we are about to call.
- */
- save_error = PORT_GetError();
-
- if (goodsig && (signerinfo->authAttr != NULL)) {
- /*
- * If the signature is good, then we can save the S/MIME profile,
- * if we have one.
- */
- SEC_PKCS7Attribute *attr;
-
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_SMIME_CAPABILITIES,
- PR_TRUE);
- profile = sec_PKCS7AttributeValue (attr);
- }
-
- rv = CERT_SaveSMimeProfile (cert, profile, utc_stime);
-
- /*
- * Restore the saved error in case the calls above set a new
- * one that we do not actually care about.
- */
- PORT_SetError (save_error);
-
- /*
- * XXX Failure is not indicated anywhere -- the signature
- * verification itself is unaffected by whether or not the
- * profile was successfully saved.
- */
- }
-
-
-done:
-
- /*
- * See comment above about why we do not want to destroy cert
- * itself here.
- */
-
- if (certs != NULL)
- CERT_DestroyCertArray (certs, certcount);
-
- if (publickey != NULL)
- SECKEY_DestroyPublicKey (publickey);
-
- return goodsig;
-}
-
-/*
- * SEC_PKCS7VerifySignature
- * Look at a PKCS7 contentInfo and check if the signature is good.
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-PRBool
-SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- PRBool keepcerts)
-{
- return sec_pkcs7_verify_signature (cinfo, certusage,
- NULL, HASH_AlgNULL, keepcerts);
-}
-
-/*
- * SEC_PKCS7VerifyDetachedSignature
- * Look at a PKCS7 contentInfo and check if the signature matches
- * a passed-in digest (calculated, supposedly, from detached contents).
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-PRBool
-SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts)
-{
- return sec_pkcs7_verify_signature (cinfo, certusage,
- detached_digest, digest_type,
- keepcerts);
-}
-
-
-/*
- * Return the asked-for portion of the name of the signer of a PKCS7
- * signed object.
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A NULL return value is an error.
- */
-
-#define sec_common_name 1
-#define sec_email_address 2
-
-static char *
-sec_pkcs7_get_signer_cert_info(SEC_PKCS7ContentInfo *cinfo, int selector)
-{
- SECOidTag kind;
- SEC_PKCS7SignerInfo **signerinfos;
- CERTCertificate *signercert;
- char *container;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- PORT_Assert (0);
- return NULL;
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- signerinfos = sdp->signerInfos;
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- signerinfos = saedp->signerInfos;
- }
- break;
- }
-
- if (signerinfos == NULL || signerinfos[0] == NULL)
- return NULL;
-
- signercert = signerinfos[0]->cert;
-
- /*
- * No cert there; see if we can find one by calling verify ourselves.
- */
- if (signercert == NULL) {
- /*
- * The cert usage does not matter in this case, because we do not
- * actually care about the verification itself, but we have to pick
- * some valid usage to pass in.
- */
- (void) sec_pkcs7_verify_signature (cinfo, certUsageEmailSigner,
- NULL, HASH_AlgNULL, PR_FALSE);
- signercert = signerinfos[0]->cert;
- if (signercert == NULL)
- return NULL;
- }
-
- switch (selector) {
- case sec_common_name:
- container = CERT_GetCommonName (&signercert->subject);
- break;
- case sec_email_address:
- if(signercert->emailAddr) {
- container = PORT_Strdup(signercert->emailAddr);
- } else {
- container = NULL;
- }
- break;
- default:
- PORT_Assert (0);
- container = NULL;
- break;
- }
-
- return container;
-}
-
-char *
-SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo)
-{
- return sec_pkcs7_get_signer_cert_info(cinfo, sec_common_name);
-}
-
-char *
-SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo)
-{
- return sec_pkcs7_get_signer_cert_info(cinfo, sec_email_address);
-}
-
-
-/*
- * Return the signing time, in UTCTime format, of a PKCS7 contentInfo.
- */
-SECItem *
-SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo)
-{
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7Attribute *attr;
-
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return NULL;
-
- signerinfos = cinfo->content.signedData->signerInfos;
-
- /*
- * No signature, or more than one, means no deal.
- */
- if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
- return NULL;
-
- attr = sec_PKCS7FindAttribute (signerinfos[0]->authAttr,
- SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
- return sec_PKCS7AttributeValue (attr);
-}
diff --git a/security/nss/lib/pkcs7/p7encode.c b/security/nss/lib/pkcs7/p7encode.c
deleted file mode 100644
index 662772427..000000000
--- a/security/nss/lib/pkcs7/p7encode.c
+++ /dev/null
@@ -1,1322 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 encoding.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-struct sec_pkcs7_encoder_output {
- SEC_PKCS7EncoderOutputCallback outputfn;
- void *outputarg;
-};
-
-struct SEC_PKCS7EncoderContextStr {
- SEC_ASN1EncoderContext *ecx;
- SEC_PKCS7ContentInfo *cinfo;
- struct sec_pkcs7_encoder_output output;
- sec_PKCS7CipherObject *encryptobj;
- const SECHashObject *digestobj;
- void *digestcx;
-};
-
-
-/*
- * The little output function that the ASN.1 encoder calls to hand
- * us bytes which we in turn hand back to our caller (via the callback
- * they gave us).
- */
-static void
-sec_pkcs7_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct sec_pkcs7_encoder_output *output;
-
- output = (struct sec_pkcs7_encoder_output*)arg;
- output->outputfn (output->outputarg, buf, len);
-}
-
-static sec_PKCS7CipherObject *
-sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *orig_bulkkey)
-{
- SECOidTag kind;
- sec_PKCS7CipherObject *encryptobj;
- SEC_PKCS7RecipientInfo **recipientinfos, *ri;
- SEC_PKCS7EncryptedContentInfo *enccinfo;
- SEC_PKCS7SMIMEKEAParameters keaParams;
- SECKEYPublicKey *publickey = NULL;
- SECKEYPrivateKey *ourPrivKey = NULL;
- PK11SymKey *bulkkey;
- void *mark, *wincx;
- int i;
- PRArenaPool *arena = NULL;
-
- /* Get the context in case we need it below. */
- wincx = cinfo->pwfn_arg;
-
- /* Clear keaParams, since cleanup code checks the lengths */
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- recipientinfos = NULL;
- enccinfo = NULL;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- {
- SEC_PKCS7EncryptedData *encdp;
-
- /* To do EncryptedData we *must* be given a bulk key. */
- PORT_Assert (orig_bulkkey != NULL);
- if (orig_bulkkey == NULL) {
- /* XXX error? */
- return NULL;
- }
-
- encdp = cinfo->content.encryptedData;
- recipientinfos = NULL;
- enccinfo = &(encdp->encContentInfo);
- }
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *envdp;
-
- envdp = cinfo->content.envelopedData;
- recipientinfos = envdp->recipientInfos;
- enccinfo = &(envdp->encContentInfo);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- recipientinfos = saedp->recipientInfos;
- enccinfo = &(saedp->encContentInfo);
- }
- break;
- }
-
- if (enccinfo == NULL)
- return NULL;
-
- bulkkey = orig_bulkkey;
- if (bulkkey == NULL) {
- CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(enccinfo->encalg);
- PK11SlotInfo *slot;
-
-
- slot = PK11_GetBestSlot(type,cinfo->pwfn_arg);
- if (slot == NULL) {
- return NULL;
- }
- bulkkey = PK11_KeyGen(slot,type,NULL, enccinfo->keysize/8,
- cinfo->pwfn_arg);
- PK11_FreeSlot(slot);
- if (bulkkey == NULL) {
- return NULL;
- }
- }
-
- encryptobj = NULL;
- mark = PORT_ArenaMark (cinfo->poolp);
-
- /*
- * Encrypt the bulk key with the public key of each recipient.
- */
- for (i = 0; recipientinfos && (ri = recipientinfos[i]) != NULL; i++) {
- CERTCertificate *cert;
- SECOidTag certalgtag, encalgtag;
- SECStatus rv;
- int data_len;
- SECItem *params = NULL;
-
- cert = ri->cert;
- PORT_Assert (cert != NULL);
- if (cert == NULL)
- continue;
-
- /*
- * XXX Want an interface that takes a cert and some data and
- * fills in an algorithmID and encrypts the data with the public
- * key from the cert. Or, give me two interfaces -- one which
- * gets the algorithm tag from a cert (I should not have to go
- * down into the subjectPublicKeyInfo myself) and another which
- * takes a public key and algorithm tag and data and encrypts
- * the data. Or something like that. The point is that all
- * of the following hardwired RSA and KEA stuff should be done
- * elsewhere.
- */
-
- certalgtag=SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (certalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- encalgtag = certalgtag;
- publickey = CERT_ExtractPublicKey (cert);
- if (publickey == NULL) goto loser;
-
- data_len = SECKEY_PublicKeyStrength(publickey);
- ri->encKey.data =
- (unsigned char*)PORT_ArenaAlloc(cinfo->poolp ,data_len);
- ri->encKey.len = data_len;
- if (ri->encKey.data == NULL) goto loser;
-
- rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(certalgtag),publickey,
- bulkkey,&ri->encKey);
-
- SECKEY_DestroyPublicKey(publickey);
- publickey = NULL;
- if (rv != SECSuccess) goto loser;
- params = NULL; /* paranoia */
- break;
- /* ### mwelch -- KEA */
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA:
- {
-#define SMIME_FORTEZZA_RA_LENGTH 128
-#define SMIME_FORTEZZA_IV_LENGTH 24
-#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
- SECStatus err;
- PK11SymKey *tek;
- CERTCertificate *ourCert;
- SECKEYPublicKey *ourPubKey;
- SECKEATemplateSelector whichKEA = SECKEAInvalid;
-
- /* We really want to show our KEA tag as the
- key exchange algorithm tag. */
- encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
-
- /* Get the public key of the recipient. */
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL) goto loser;
-
- /* Find our own cert, and extract its keys. */
- ourCert = PK11_FindBestKEAMatch(cert,wincx);
- if (ourCert == NULL) goto loser;
-
- arena = PORT_NewArena(1024);
- if (arena == NULL) goto loser;
-
- ourPubKey = CERT_ExtractPublicKey(ourCert);
- if (ourPubKey == NULL)
- {
- CERT_DestroyCertificate(ourCert);
- goto loser;
- }
-
- /* While we're here, copy the public key into the outgoing
- * KEA parameters. */
- SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey),
- &(ourPubKey->u.fortezza.KEAKey));
- SECKEY_DestroyPublicKey(ourPubKey);
- ourPubKey = NULL;
-
- /* Extract our private key in order to derive the
- * KEA key. */
- ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
- CERT_DestroyCertificate(ourCert); /* we're done with this */
- if (!ourPrivKey) goto loser;
-
- /* Prepare raItem with 128 bytes (filled with zeros). */
- keaParams.originatorRA.data =
- (unsigned char*)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
- keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
-
-
- /* Generate the TEK (token exchange key) which we use
- * to wrap the bulk encryption key. (raItem) will be
- * filled with a random seed which we need to send to
- * the recipient. */
- tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, wincx);
-
- SECKEY_DestroyPublicKey(publickey);
- SECKEY_DestroyPrivateKey(ourPrivKey);
- publickey = NULL;
- ourPrivKey = NULL;
-
- if (!tek)
- goto loser;
-
- ri->encKey.data = (unsigned char*)PORT_ArenaAlloc(cinfo->poolp,
- SMIME_FORTEZZA_MAX_KEY_SIZE);
- ri->encKey.len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
- if (ri->encKey.data == NULL)
- {
- PK11_FreeSymKey(tek);
- goto loser;
- }
-
- /* Wrap the bulk key. What we do with the resulting data
- depends on whether we're using Skipjack to wrap the key. */
- switch(PK11_AlgtagToMechanism(enccinfo->encalg))
- {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* do SKIPJACK, we use the wrap mechanism */
- err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL,
- tek, bulkkey, &ri->encKey);
- whichKEA = SECKEAUsesSkipjack;
- break;
- default:
- /* Not SKIPJACK, we encrypt the raw key data */
- keaParams.nonSkipjackIV .data =
- (unsigned char*)PORT_ArenaAlloc(arena,
- SMIME_FORTEZZA_IV_LENGTH);
- keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
- err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64,
- &keaParams.nonSkipjackIV,
- tek, bulkkey, &ri->encKey);
- if (err != SECSuccess)
- goto loser;
-
- if (ri->encKey.len != PK11_GetKeyLength(bulkkey))
- {
- /* The size of the encrypted key is not the same as
- that of the original bulk key, presumably due to
- padding. Encode and store the real size of the
- bulk key. */
- if (SEC_ASN1EncodeInteger(arena,
- &keaParams.bulkKeySize,
- PK11_GetKeyLength(bulkkey))
- == NULL)
- err = (SECStatus)PORT_GetError();
- else
- /* use full template for encoding */
- whichKEA = SECKEAUsesNonSkipjackWithPaddedEncKey;
- }
- else
- /* enc key length == bulk key length */
- whichKEA = SECKEAUsesNonSkipjack;
- break;
- }
-
- PK11_FreeSymKey(tek);
- if (err != SECSuccess)
- goto loser;
-
- PORT_Assert( whichKEA != SECKEAInvalid);
-
- /* Encode the KEA parameters into the recipient info. */
- params = SEC_ASN1EncodeItem(arena,NULL, &keaParams,
- sec_pkcs7_get_kea_template(whichKEA));
- if (params == NULL) goto loser;
- break;
- }
- default:
- PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(cinfo->poolp, &ri->keyEncAlg, encalgtag,
- params);
- if (rv != SECSuccess)
- goto loser;
- if (arena) PORT_FreeArena(arena,PR_FALSE);
- arena = NULL;
- }
-
- encryptobj = sec_PKCS7CreateEncryptObject (cinfo->poolp, bulkkey,
- enccinfo->encalg,
- &(enccinfo->contentEncAlg));
- if (encryptobj != NULL) {
- PORT_ArenaUnmark (cinfo->poolp, mark);
- mark = NULL; /* good one; do not want to release */
- }
- /* fallthru */
-
-loser:
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (publickey) {
- SECKEY_DestroyPublicKey(publickey);
- }
- if (ourPrivKey) {
- SECKEY_DestroyPrivateKey(ourPrivKey);
- }
- if (mark != NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- }
- if (orig_bulkkey == NULL) {
- if (bulkkey) PK11_FreeSymKey(bulkkey);
- }
-
- return encryptobj;
-}
-
-
-static void
-sec_pkcs7_encoder_notify (void *arg, PRBool before, void *dest, int depth)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SEC_PKCS7ContentInfo *cinfo;
- SECOidTag kind;
- PRBool before_content;
-
- /*
- * We want to notice just before the content field. After fields are
- * not interesting to us.
- */
- if (!before)
- return;
-
- p7ecx = (SEC_PKCS7EncoderContext*)arg;
- cinfo = p7ecx->cinfo;
-
- before_content = PR_FALSE;
-
- /*
- * Watch for the content field, at which point we want to instruct
- * the ASN.1 encoder to start taking bytes from the buffer.
- *
- * XXX The following assumes the inner content type is data;
- * if/when we want to handle fully nested types, this will have
- * to recurse until reaching the innermost data content.
- */
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- if (dest == &(cinfo->content.data))
- before_content = PR_TRUE;
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA:
- {
- SEC_PKCS7DigestedData *digd;
-
- digd = cinfo->content.digestedData;
- if (digd == NULL)
- break;
-
- if (dest == &(digd->contentInfo.content))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- {
- SEC_PKCS7EncryptedData *encd;
-
- encd = cinfo->content.encryptedData;
- if (encd == NULL)
- break;
-
- if (dest == &(encd->encContentInfo.encContent))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *envd;
-
- envd = cinfo->content.envelopedData;
- if (envd == NULL)
- break;
-
- if (dest == &(envd->encContentInfo.encContent))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sigd;
-
- sigd = cinfo->content.signedData;
- if (sigd == NULL)
- break;
-
- if (dest == &(sigd->contentInfo.content))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saed;
-
- saed = cinfo->content.signedAndEnvelopedData;
- if (saed == NULL)
- break;
-
- if (dest == &(saed->encContentInfo.encContent))
- before_content = PR_TRUE;
- }
- break;
- }
-
- if (before_content) {
- /*
- * This will cause the next SEC_ASN1EncoderUpdate to take the
- * contents bytes from the passed-in buffer.
- */
- SEC_ASN1EncoderSetTakeFromBuf (p7ecx->ecx);
- /*
- * And that is all we needed this notify function for.
- */
- SEC_ASN1EncoderClearNotifyProc (p7ecx->ecx);
- }
-}
-
-
-static SEC_PKCS7EncoderContext *
-sec_pkcs7_encoder_start_contexts (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SECOidTag kind;
- PRBool encrypt;
- SECItem **digests;
- SECAlgorithmID *digestalg, **digestalgs;
-
- p7ecx =
- (SEC_PKCS7EncoderContext*)PORT_ZAlloc (sizeof(SEC_PKCS7EncoderContext));
- if (p7ecx == NULL)
- return NULL;
-
- digests = NULL;
- digestalg = NULL;
- digestalgs = NULL;
- encrypt = PR_FALSE;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- digestalg = &(cinfo->content.digestedData->digestAlg);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- digests = cinfo->content.signedData->digests;
- digestalgs = cinfo->content.signedData->digestAlgorithms;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- encrypt = PR_TRUE;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- digests = cinfo->content.signedAndEnvelopedData->digests;
- digestalgs = cinfo->content.signedAndEnvelopedData->digestAlgorithms;
- encrypt = PR_TRUE;
- break;
- }
-
- if (encrypt) {
- p7ecx->encryptobj = sec_pkcs7_encoder_start_encrypt (cinfo, bulkkey);
- if (p7ecx->encryptobj == NULL) {
- PORT_Free (p7ecx);
- return NULL;
- }
- }
-
- if (digestalgs != NULL) {
- if (digests != NULL) {
- /* digests already created (probably for detached data) */
- digestalg = NULL;
- } else {
- /*
- * XXX Some day we should handle multiple digests; for now,
- * assume only one will be done.
- */
- PORT_Assert (digestalgs[0] != NULL && digestalgs[1] == NULL);
- digestalg = digestalgs[0];
- }
- }
-
- if (digestalg != NULL) {
- SECOidTag oidTag = SECOID_FindOIDTag(&(digestalg->algorithm));
-
- p7ecx->digestobj = HASH_GetHashObjectByOidTag(oidTag);
- if (p7ecx->digestobj != NULL) {
- p7ecx->digestcx = (* p7ecx->digestobj->create) ();
- if (p7ecx->digestcx == NULL)
- p7ecx->digestobj = NULL;
- else
- (* p7ecx->digestobj->begin) (p7ecx->digestcx);
- }
- if (p7ecx->digestobj == NULL) {
- if (p7ecx->encryptobj != NULL)
- sec_PKCS7DestroyEncryptObject (p7ecx->encryptobj);
- PORT_Free (p7ecx);
- return NULL;
- }
- }
-
- p7ecx->cinfo = cinfo;
- return p7ecx;
-}
-
-
-SEC_PKCS7EncoderContext *
-SEC_PKCS7EncoderStart (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SECStatus rv;
-
- p7ecx = sec_pkcs7_encoder_start_contexts (cinfo, bulkkey);
- if (p7ecx == NULL)
- return NULL;
-
- p7ecx->output.outputfn = outputfn;
- p7ecx->output.outputarg = outputarg;
-
- /*
- * Initialize the BER encoder.
- */
- p7ecx->ecx = SEC_ASN1EncoderStart (cinfo, sec_PKCS7ContentInfoTemplate,
- sec_pkcs7_encoder_out, &(p7ecx->output));
- if (p7ecx->ecx == NULL) {
- PORT_Free (p7ecx);
- return NULL;
- }
-
- /*
- * Indicate that we are streaming. We will be streaming until we
- * get past the contents bytes.
- */
- SEC_ASN1EncoderSetStreaming (p7ecx->ecx);
-
- /*
- * The notify function will watch for the contents field.
- */
- SEC_ASN1EncoderSetNotifyProc (p7ecx->ecx, sec_pkcs7_encoder_notify, p7ecx);
-
- /*
- * This will encode everything up to the content bytes. (The notify
- * function will then cause the encoding to stop there.) Then our
- * caller can start passing contents bytes to our Update, which we
- * will pass along.
- */
- rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, NULL, 0);
- if (rv != SECSuccess) {
- PORT_Free (p7ecx);
- return NULL;
- }
-
- return p7ecx;
-}
-
-
-/*
- * XXX If/when we support nested contents, this needs to be revised.
- */
-static SECStatus
-sec_pkcs7_encoder_work_data (SEC_PKCS7EncoderContext *p7ecx, SECItem *dest,
- const unsigned char *data, unsigned long len,
- PRBool final)
-{
- unsigned char *buf = NULL;
- SECStatus rv;
-
-
- rv = SECSuccess; /* may as well be optimistic */
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- /*
- * Update the running digest.
- * XXX This needs modification if/when we handle multiple digests.
- */
- if (len && p7ecx->digestobj != NULL) {
- (* p7ecx->digestobj->update) (p7ecx->digestcx, data, len);
- }
-
- /*
- * Encrypt this chunk.
- */
- if (p7ecx->encryptobj != NULL) {
- /* XXX the following lengths should all be longs? */
- unsigned int inlen; /* length of data being encrypted */
- unsigned int outlen; /* length of encrypted data */
- unsigned int buflen; /* length available for encrypted data */
-
- inlen = len;
- buflen = sec_PKCS7EncryptLength (p7ecx->encryptobj, inlen, final);
- if (buflen == 0) {
- /*
- * No output is expected, but the input data may be buffered
- * so we still have to call Encrypt.
- */
- rv = sec_PKCS7Encrypt (p7ecx->encryptobj, NULL, NULL, 0,
- data, inlen, final);
- if (final) {
- len = 0;
- goto done;
- }
- return rv;
- }
-
- if (dest != NULL)
- buf = (unsigned char*)PORT_ArenaAlloc(p7ecx->cinfo->poolp, buflen);
- else
- buf = (unsigned char*)PORT_Alloc (buflen);
-
- if (buf == NULL) {
- rv = SECFailure;
- } else {
- rv = sec_PKCS7Encrypt (p7ecx->encryptobj, buf, &outlen, buflen,
- data, inlen, final);
- data = buf;
- len = outlen;
- }
- if (rv != SECSuccess) {
- if (final)
- goto done;
- return rv;
- }
- }
-
- if (p7ecx->ecx != NULL) {
- /*
- * Encode the contents bytes.
- */
- if(len) {
- rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, (const char *)data, len);
- }
- }
-
-done:
- if (p7ecx->encryptobj != NULL) {
- if (final)
- sec_PKCS7DestroyEncryptObject (p7ecx->encryptobj);
- if (dest != NULL) {
- dest->data = buf;
- dest->len = len;
- } else if (buf != NULL) {
- PORT_Free (buf);
- }
- }
-
- if (final && p7ecx->digestobj != NULL) {
- SECItem *digest, **digests, ***digestsp;
- unsigned char *digdata;
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (p7ecx->cinfo);
- switch (kind) {
- default:
- PORT_Assert (0);
- return SECFailure;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- digest = &(p7ecx->cinfo->content.digestedData->digest);
- digestsp = NULL;
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- digest = NULL;
- digestsp = &(p7ecx->cinfo->content.signedData->digests);
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- digest = NULL;
- digestsp = &(p7ecx->cinfo->content.signedAndEnvelopedData->digests);
- break;
- }
-
- digdata = (unsigned char*)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
- p7ecx->digestobj->length);
- if (digdata == NULL)
- return SECFailure;
-
- if (digestsp != NULL) {
- PORT_Assert (digest == NULL);
-
- digest = (SECItem*)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
- sizeof(SECItem));
- digests = (SECItem**)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
- 2 * sizeof(SECItem *));
- if (digests == NULL || digest == NULL)
- return SECFailure;
-
- digests[0] = digest;
- digests[1] = NULL;
-
- *digestsp = digests;
- }
-
- PORT_Assert (digest != NULL);
-
- digest->data = digdata;
- digest->len = p7ecx->digestobj->length;
-
- (* p7ecx->digestobj->end) (p7ecx->digestcx, digest->data,
- &(digest->len), digest->len);
- (* p7ecx->digestobj->destroy) (p7ecx->digestcx, PR_TRUE);
- }
-
- return rv;
-}
-
-
-SECStatus
-SEC_PKCS7EncoderUpdate (SEC_PKCS7EncoderContext *p7ecx,
- const char *data, unsigned long len)
-{
- /* XXX Error handling needs help. Return what? Do "Finish" on failure? */
- return sec_pkcs7_encoder_work_data (p7ecx, NULL,
- (const unsigned char *)data, len,
- PR_FALSE);
-}
-
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-static SECOidTag
-sec_pkcs7_pick_sign_alg (SECOidTag hashalg, SECOidTag encalg)
-{
- switch (encalg) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- switch (hashalg) {
- case SEC_OID_MD2:
- return SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
- case SEC_OID_MD5:
- return SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA1:
- return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA256:
- return SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA384:
- return SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA512:
- return SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
- default:
- return SEC_OID_UNKNOWN;
- }
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- switch (hashalg) {
- case SEC_OID_SHA1:
- return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- default:
- return SEC_OID_UNKNOWN;
- }
- default:
- break;
- }
-
- return encalg; /* maybe it is already the right algid */
-}
-
-
-static SECStatus
-sec_pkcs7_encoder_sig_and_certs (SEC_PKCS7ContentInfo *cinfo,
- SECKEYGetPasswordKey pwfn, void *pwfnarg)
-{
- SECOidTag kind;
- CERTCertificate **certs;
- CERTCertificateList **certlists;
- SECAlgorithmID **digestalgs;
- SECItem **digests;
- SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
- SECItem **rawcerts, ***rawcertsp;
- PRArenaPool *poolp;
- int certcount;
- int ci, cli, rci, si;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- certs = NULL;
- certlists = NULL;
- digestalgs = NULL;
- digests = NULL;
- signerinfos = NULL;
- rawcertsp = NULL;
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- certs = sdp->certs;
- certlists = sdp->certLists;
- digestalgs = sdp->digestAlgorithms;
- digests = sdp->digests;
- signerinfos = sdp->signerInfos;
- rawcertsp = &(sdp->rawCerts);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- certs = saedp->certs;
- certlists = saedp->certLists;
- digestalgs = saedp->digestAlgorithms;
- digests = saedp->digests;
- signerinfos = saedp->signerInfos;
- rawcertsp = &(saedp->rawCerts);
- }
- break;
- }
-
- if (certs == NULL && certlists == NULL && signerinfos == NULL)
- return SECSuccess; /* nothing for us to do! */
-
- poolp = cinfo->poolp;
- certcount = 0;
-
- if (signerinfos != NULL) {
- SECOidTag digestalgtag;
- int di;
- SECStatus rv;
- CERTCertificate *cert;
- SECKEYPrivateKey *privkey;
- SECItem signature;
- SECOidTag signalgtag;
-
- PORT_Assert (digestalgs != NULL && digests != NULL);
-
- /*
- * If one fails, we bail right then. If we want to continue and
- * try to do subsequent signatures, this loop, and the departures
- * from it, will need to be reworked.
- */
- for (si = 0; signerinfos[si] != NULL; si++) {
-
- signerinfo = signerinfos[si];
-
- /* find right digest */
- digestalgtag = SECOID_GetAlgorithmTag (&(signerinfo->digestAlg));
- for (di = 0; digestalgs[di] != NULL; di++) {
- /* XXX Should I be comparing more than the tag? */
- if (digestalgtag == SECOID_GetAlgorithmTag (digestalgs[di]))
- break;
- }
- if (digestalgs[di] == NULL) {
- /* XXX oops; do what? set an error? */
- return SECFailure;
- }
- PORT_Assert (digests[di] != NULL);
-
- cert = signerinfo->cert;
- privkey = PK11_FindKeyByAnyCert (cert, pwfnarg);
- if (privkey == NULL)
- return SECFailure;
-
- /*
- * XXX I think there should be a cert-level interface for this,
- * so that I do not have to know about subjectPublicKeyInfo...
- */
- signalgtag = SECOID_GetAlgorithmTag (&(cert->subjectPublicKeyInfo.algorithm));
-
- /* Fortezza MISSI have weird signature formats. Map them
- * to standard DSA formats */
- signalgtag = PK11_FortezzaMapSig(signalgtag);
-
- if (signerinfo->authAttr != NULL) {
- SEC_PKCS7Attribute *attr;
- SECItem encoded_attrs;
- SECItem *dummy;
-
- /*
- * First, find and fill in the message digest attribute.
- */
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_MESSAGE_DIGEST,
- PR_TRUE);
- PORT_Assert (attr != NULL);
- if (attr == NULL) {
- SECKEY_DestroyPrivateKey (privkey);
- return SECFailure;
- }
-
- /*
- * XXX The second half of the following assertion prevents
- * the encoder from being called twice on the same content.
- * Either just remove the second half the assertion, or
- * change the code to check if the value already there is
- * the same as digests[di], whichever seems more right.
- */
- PORT_Assert (attr->values != NULL && attr->values[0] == NULL);
- attr->values[0] = digests[di];
-
- /*
- * Before encoding, reorder the attributes so that when they
- * are encoded, they will be conforming DER, which is required
- * to have a specific order and that is what must be used for
- * the hash/signature. We do this here, rather than building
- * it into EncodeAttributes, because we do not want to do
- * such reordering on incoming messages (which also uses
- * EncodeAttributes) or our old signatures (and other "broken"
- * implementations) will not verify. So, we want to guarantee
- * that we send out good DER encodings of attributes, but not
- * to expect to receive them.
- */
- rv = sec_PKCS7ReorderAttributes (signerinfo->authAttr);
- if (rv != SECSuccess) {
- SECKEY_DestroyPrivateKey (privkey);
- return SECFailure;
- }
-
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
- dummy = sec_PKCS7EncodeAttributes (NULL, &encoded_attrs,
- &(signerinfo->authAttr));
- if (dummy == NULL) {
- SECKEY_DestroyPrivateKey (privkey);
- return SECFailure;
- }
-
- rv = SEC_SignData (&signature,
- encoded_attrs.data, encoded_attrs.len,
- privkey,
- sec_pkcs7_pick_sign_alg (digestalgtag,
- signalgtag));
- SECITEM_FreeItem (&encoded_attrs, PR_FALSE);
- } else {
- rv = SGN_Digest (privkey, digestalgtag, &signature,
- digests[di]);
- }
-
- SECKEY_DestroyPrivateKey (privkey);
-
- if (rv != SECSuccess)
- return rv;
-
- rv = SECITEM_CopyItem (poolp, &(signerinfo->encDigest), &signature);
- if (rv != SECSuccess)
- return rv;
-
- SECITEM_FreeItem (&signature, PR_FALSE);
-
- rv = SECOID_SetAlgorithmID (poolp, &(signerinfo->digestEncAlg),
- signalgtag, NULL);
- if (rv != SECSuccess)
- return SECFailure;
-
- /*
- * Count the cert chain for this signer.
- */
- if (signerinfo->certList != NULL)
- certcount += signerinfo->certList->len;
- }
- }
-
- if (certs != NULL) {
- for (ci = 0; certs[ci] != NULL; ci++)
- certcount++;
- }
-
- if (certlists != NULL) {
- for (cli = 0; certlists[cli] != NULL; cli++)
- certcount += certlists[cli]->len;
- }
-
- if (certcount == 0)
- return SECSuccess; /* signing done; no certs */
-
- /*
- * Combine all of the certs and cert chains into rawcerts.
- * Note: certcount is an upper bound; we may not need that many slots
- * but we will allocate anyway to avoid having to do another pass.
- * (The temporary space saving is not worth it.)
- */
- rawcerts = (SECItem**)PORT_ArenaAlloc (poolp,
- (certcount + 1) * sizeof(SECItem *));
- if (rawcerts == NULL)
- return SECFailure;
-
- /*
- * XXX Want to check for duplicates and not add *any* cert that is
- * already in the set. This will be more important when we start
- * dealing with larger sets of certs, dual-key certs (signing and
- * encryption), etc. For the time being we can slide by...
- */
- rci = 0;
- if (signerinfos != NULL) {
- for (si = 0; signerinfos[si] != NULL; si++) {
- signerinfo = signerinfos[si];
- for (ci = 0; ci < signerinfo->certList->len; ci++)
- rawcerts[rci++] = &(signerinfo->certList->certs[ci]);
- }
-
- }
-
- if (certs != NULL) {
- for (ci = 0; certs[ci] != NULL; ci++)
- rawcerts[rci++] = &(certs[ci]->derCert);
- }
-
- if (certlists != NULL) {
- for (cli = 0; certlists[cli] != NULL; cli++) {
- for (ci = 0; ci < certlists[cli]->len; ci++)
- rawcerts[rci++] = &(certlists[cli]->certs[ci]);
- }
- }
-
- rawcerts[rci] = NULL;
- *rawcertsp = rawcerts;
-
- return SECSuccess;
-}
-
-
-SECStatus
-SEC_PKCS7EncoderFinish (SEC_PKCS7EncoderContext *p7ecx,
- SECKEYGetPasswordKey pwfn, void *pwfnarg)
-{
- SECStatus rv;
-
- /*
- * Flush out any remaining data.
- */
- rv = sec_pkcs7_encoder_work_data (p7ecx, NULL, NULL, 0, PR_TRUE);
-
- /*
- * Turn off streaming stuff.
- */
- SEC_ASN1EncoderClearTakeFromBuf (p7ecx->ecx);
- SEC_ASN1EncoderClearStreaming (p7ecx->ecx);
-
- if (rv != SECSuccess)
- goto loser;
-
- rv = sec_pkcs7_encoder_sig_and_certs (p7ecx->cinfo, pwfn, pwfnarg);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, NULL, 0);
-
-loser:
- SEC_ASN1EncoderFinish (p7ecx->ecx);
- PORT_Free (p7ecx);
- return rv;
-}
-
-
-/*
- * After this routine is called, the entire PKCS7 contentInfo is ready
- * to be encoded. This is used internally, but can also be called from
- * elsewhere for those who want to be able to just have pointers to
- * the ASN1 template for pkcs7 contentInfo built into their own encodings.
- */
-SECStatus
-SEC_PKCS7PrepareForEncode (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SECItem *content, *enc_content;
- SECStatus rv;
-
- p7ecx = sec_pkcs7_encoder_start_contexts (cinfo, bulkkey);
- if (p7ecx == NULL)
- return SECFailure;
-
- content = SEC_PKCS7GetContent (cinfo);
-
- if (p7ecx->encryptobj != NULL) {
- SECOidTag kind;
- SEC_PKCS7EncryptedContentInfo *enccinfo;
-
- kind = SEC_PKCS7ContentType (p7ecx->cinfo);
- switch (kind) {
- default:
- PORT_Assert (0);
- rv = SECFailure;
- goto loser;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- enccinfo = &(p7ecx->cinfo->content.encryptedData->encContentInfo);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- enccinfo = &(p7ecx->cinfo->content.envelopedData->encContentInfo);
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- enccinfo = &(p7ecx->cinfo->content.signedAndEnvelopedData->encContentInfo);
- break;
- }
- enc_content = &(enccinfo->encContent);
- } else {
- enc_content = NULL;
- }
-
- if (content != NULL && content->data != NULL && content->len) {
- rv = sec_pkcs7_encoder_work_data (p7ecx, enc_content,
- content->data, content->len, PR_TRUE);
- if (rv != SECSuccess)
- goto loser;
- }
-
- rv = sec_pkcs7_encoder_sig_and_certs (cinfo, pwfn, pwfnarg);
-
-loser:
- PORT_Free (p7ecx);
- return rv;
-}
-
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-SECStatus
-SEC_PKCS7Encode (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg)
-{
- SECStatus rv;
-
- rv = SEC_PKCS7PrepareForEncode (cinfo, bulkkey, pwfn, pwfnarg);
- if (rv == SECSuccess) {
- struct sec_pkcs7_encoder_output outputcx;
-
- outputcx.outputfn = outputfn;
- outputcx.outputarg = outputarg;
-
- rv = SEC_ASN1Encode (cinfo, sec_PKCS7ContentInfoTemplate,
- sec_pkcs7_encoder_out, &outputcx);
- }
-
- return rv;
-}
-
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only). The output, rather than
- * being passed to an output function as is done above, is all put
- * into a SECItem.
- *
- * "pool" specifies a pool from which to allocate the result.
- * It can be NULL, in which case memory is allocated generically.
- *
- * "dest" specifies a SECItem in which to put the result data.
- * It can be NULL, in which case the entire item is allocated, too.
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-SECItem *
-SEC_PKCS7EncodeItem (PRArenaPool *pool,
- SECItem *dest,
- SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg)
-{
- SECStatus rv;
-
- rv = SEC_PKCS7PrepareForEncode (cinfo, bulkkey, pwfn, pwfnarg);
- if (rv != SECSuccess)
- return NULL;
-
- return SEC_ASN1EncodeItem (pool, dest, cinfo, sec_PKCS7ContentInfoTemplate);
-}
-
diff --git a/security/nss/lib/pkcs7/p7local.c b/security/nss/lib/pkcs7/p7local.c
deleted file mode 100644
index c0671ae4f..000000000
--- a/security/nss/lib/pkcs7/p7local.c
+++ /dev/null
@@ -1,1443 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for PKCS7 implementation, none of which are exported.
- * This file should only contain things that are needed by both the
- * encoding/creation side *and* the decoding/decryption side. Anything
- * else should be static routines in the appropriate file.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cryptohi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secpkcs5.h"
-#include "secerr.h"
-
-/*
- * -------------------------------------------------------------------
- * Cipher stuff.
- */
-
-typedef SECStatus (*sec_pkcs7_cipher_function) (void *,
- unsigned char *,
- unsigned *,
- unsigned int,
- const unsigned char *,
- unsigned int);
-typedef SECStatus (*sec_pkcs7_cipher_destroy) (void *, PRBool);
-
-#define BLOCK_SIZE 4096
-
-struct sec_pkcs7_cipher_object {
- void *cx;
- sec_pkcs7_cipher_function doit;
- sec_pkcs7_cipher_destroy destroy;
- PRBool encrypt;
- int block_size;
- int pad_size;
- int pending_count;
- unsigned char pending_buf[BLOCK_SIZE];
-};
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
-
-/*
- * Create a cipher object to do decryption, based on the given bulk
- * encryption key and algorithm identifier (which may include an iv).
- *
- * XXX This interface, or one similar, would be really nice available
- * in general... I tried to keep the pkcs7-specific stuff (mostly
- * having to do with padding) out of here.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function below (for starting up encryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-sec_PKCS7CipherObject *
-sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid)
-{
- sec_PKCS7CipherObject *result;
- SECOidTag algtag;
- void *ciphercx;
- CK_MECHANISM_TYPE mechanism;
- SECItem *param;
- PK11SlotInfo *slot;
-
- result = (struct sec_pkcs7_cipher_object*)
- PORT_ZAlloc (sizeof(struct sec_pkcs7_cipher_object));
- if (result == NULL)
- return NULL;
-
- ciphercx = NULL;
- algtag = SECOID_GetAlgorithmTag (algid);
-
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams, *pwitem;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
- pwitem = keyPwd->pwitem;
-
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if (!pbeParams) {
- PORT_Free(result);
- return NULL;
- }
-
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
- if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, pwitem,
- PR_FALSE) != CKR_OK) {
- PORT_Free(result);
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- param = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(!param) {
- PORT_Free(result);
- return NULL;
- }
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- param = PK11_ParamFromAlgid(algid);
- if (param == NULL) {
- PORT_Free(result);
- return NULL;
- }
- }
-
- result->pad_size = PK11_GetBlockSize(mechanism,param);
- slot = PK11_GetSlotFromKey(key);
- result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
- PK11_FreeSlot(slot);
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_DECRYPT, key, param);
- SECITEM_FreeItem(param,PR_TRUE);
- if (ciphercx == NULL) {
- PORT_Free (result);
- return NULL;
- }
-
- result->cx = ciphercx;
- result->doit = (sec_pkcs7_cipher_function) PK11_CipherOp;
- result->destroy = (sec_pkcs7_cipher_destroy) PK11_DestroyContext;
- result->encrypt = PR_FALSE;
- result->pending_count = 0;
-
- return result;
-}
-
-/*
- * Create a cipher object to do encryption, based on the given bulk
- * encryption key and algorithm tag. Fill in the algorithm identifier
- * (which may include an iv) appropriately.
- *
- * XXX This interface, or one similar, would be really nice available
- * in general... I tried to keep the pkcs7-specific stuff (mostly
- * having to do with padding) out of here.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function above (for starting up decryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-sec_PKCS7CipherObject *
-sec_PKCS7CreateEncryptObject (PRArenaPool *poolp, PK11SymKey *key,
- SECOidTag algtag, SECAlgorithmID *algid)
-{
- sec_PKCS7CipherObject *result;
- void *ciphercx;
- SECItem *param;
- SECStatus rv;
- CK_MECHANISM_TYPE mechanism;
- PRBool needToEncodeAlgid = PR_FALSE;
- PK11SlotInfo *slot;
-
- result = (struct sec_pkcs7_cipher_object*)
- PORT_ZAlloc (sizeof(struct sec_pkcs7_cipher_object));
- if (result == NULL)
- return NULL;
-
- ciphercx = NULL;
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
- PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if(!pbeParams) {
- PORT_Free(result);
- return NULL;
- }
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
-
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
- if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech,
- keyPwd->pwitem, PR_FALSE) != CKR_OK) {
- PORT_Free(result);
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- param = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(!param) {
- PORT_Free(result);
- return NULL;
- }
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- param = PK11_GenerateNewParam(mechanism,key);
- if (param == NULL) {
- PORT_Free(result);
- return NULL;
- }
- needToEncodeAlgid = PR_TRUE;
- }
-
- result->pad_size = PK11_GetBlockSize(mechanism,param);
- slot = PK11_GetSlotFromKey(key);
- result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
- PK11_FreeSlot(slot);
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT,
- key, param);
- if (ciphercx == NULL) {
- PORT_Free (result);
- SECITEM_FreeItem(param,PR_TRUE);
- return NULL;
- }
-
- /*
- * These are placed after the CreateContextBySymKey() because some
- * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
- * Don't move it from here.
- */
- if (needToEncodeAlgid) {
- rv = PK11_ParamToAlgid(algtag,param,poolp,algid);
- if(rv != SECSuccess) {
- return NULL;
- }
- }
- SECITEM_FreeItem(param,PR_TRUE);
-
- result->cx = ciphercx;
- result->doit = (sec_pkcs7_cipher_function) PK11_CipherOp;
- result->destroy = (sec_pkcs7_cipher_destroy) PK11_DestroyContext;
- result->encrypt = PR_TRUE;
- result->pending_count = 0;
-
- return result;
-}
-
-
-/*
- * Destroy the cipher object.
- */
-static void
-sec_pkcs7_destroy_cipher (sec_PKCS7CipherObject *obj)
-{
- (* obj->destroy) (obj->cx, PR_TRUE);
- PORT_Free (obj);
-}
-
-void
-sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj)
-{
- PORT_Assert (obj != NULL);
- if (obj == NULL)
- return;
- PORT_Assert (! obj->encrypt);
- sec_pkcs7_destroy_cipher (obj);
-}
-
-void
-sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj)
-{
- PORT_Assert (obj != NULL);
- if (obj == NULL)
- return;
- PORT_Assert (obj->encrypt);
- sec_pkcs7_destroy_cipher (obj);
-}
-
-
-/*
- * XXX I think all of the following lengths should be longs instead
- * of ints, but our current crypto interface uses ints, so I did too.
- */
-
-
-/*
- * What will be the output length of the next call to decrypt?
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- *
- * Note that this can return zero, which does not mean that the decrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent decrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj, unsigned int input_len,
- PRBool final)
-{
- int blocks, block_size;
-
- PORT_Assert (! obj->encrypt);
-
- block_size = obj->block_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we will always use up all of the pending
- * bytes plus all of the input bytes, *but*, there will be padding
- * at the end and we cannot predict how many bytes of padding we
- * will end up removing. The amount given here is actually known
- * to be at least 1 byte too long (because we know we will have
- * at least 1 byte of padding), but seemed clearer/better to me.
- */
- if (final)
- return obj->pending_count + input_len;
-
- /*
- * Okay, this amount is exactly what we will output on the
- * next cipher operation. We will always hang onto the last
- * 1 - block_size bytes for non-final operations. That is,
- * we will do as many complete blocks as we can *except* the
- * last block (complete or partial). (This is because until
- * we know we are at the end, we cannot know when to interpret
- * and removing the padding byte(s), which are guaranteed to
- * be there.)
- */
- blocks = (obj->pending_count + input_len - 1) / block_size;
- return blocks * block_size;
-}
-
-/*
- * What will be the output length of the next call to encrypt?
- * Result can be used to perform memory allocations.
- *
- * Note that this can return zero, which does not mean that the encrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent encrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj, unsigned int input_len,
- PRBool final)
-{
- int blocks, block_size;
- int pad_size;
-
- PORT_Assert (obj->encrypt);
-
- block_size = obj->block_size;
- pad_size = obj->pad_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we only send out what we need for
- * remaining bytes plus the padding. (There is always padding,
- * so even if we have an exact number of blocks as input, we
- * will add another full block that is just padding.)
- */
- if (final) {
- if (pad_size == 0) {
- return obj->pending_count + input_len;
- } else {
- blocks = (obj->pending_count + input_len) / pad_size;
- blocks++;
- return blocks*pad_size;
- }
- }
-
- /*
- * Now, count the number of complete blocks of data we have.
- */
- blocks = (obj->pending_count + input_len) / block_size;
-
-
- return blocks * block_size;
-}
-
-
-/*
- * Decrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateDecryptObject.
- * When "final" is true, this is the last of the data to be decrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the decryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "obj".
- * We also need to determine which bytes are padding, and remove
- * them from the output. We can only do this step when we know we
- * have the final block of data. PKCS #7 specifies that the padding
- * used for a block cipher is a string of bytes, each of whose value is
- * the same as the length of the padding, and that all data is padded.
- * (Even data that starts out with an exact multiple of blocks gets
- * added to it another block, all of which is padding.)
- */
-SECStatus
-sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (! obj->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = sec_PKCS7DecryptLength (obj, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- /*
- * hardware encryption does not like small decryption sizes here, so we
- * allow both blocking and padding.
- */
- bsize = obj->block_size;
- padsize = obj->pad_size;
-
- /*
- * When no blocking or padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (* obj->doit) (obj->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = obj->pending_count;
- pbuf = obj->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we have at most a whole block and this is not our last call,
- * then we are done for now. (We do not try to decrypt a lone
- * single block because we cannot interpret the padding bytes
- * until we know we are handling the very last block of all input.)
- */
- if (input_len == 0 && !final) {
- obj->pending_count = pcount;
- if (output_len_p)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * Given the logic above, we expect to have a full block by now.
- * If we do not, there is something wrong, either with our own
- * logic or with (length of) the data given to us.
- */
- PORT_Assert ((padsize == 0) || (pcount % padsize) == 0);
- if ((padsize != 0) && (pcount % padsize) != 0) {
- PORT_Assert (final);
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- /*
- * Decrypt the block.
- */
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7DecryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- /*
- * If this is our last call, we expect to have an exact number of
- * blocks left to be decrypted; we will decrypt them all.
- *
- * If not our last call, we always save between 1 and bsize bytes
- * until next time. (We must do this because we cannot be sure
- * that none of the decrypted bytes are padding bytes until we
- * have at least another whole block of data. You cannot tell by
- * looking -- the data could be anything -- you can only tell by
- * context, knowing you are looking at the last block.) We could
- * decrypt a whole block now but it is easier if we just treat it
- * the same way we treat partial block bytes.
- */
- if (final) {
- if (padsize) {
- blocks = input_len / padsize;
- ifraglen = blocks * padsize;
- } else ifraglen = input_len;
- PORT_Assert (ifraglen == input_len);
-
- if (ifraglen != input_len) {
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- } else {
- blocks = (input_len - 1) / bsize;
- ifraglen = blocks * bsize;
- PORT_Assert (ifraglen < input_len);
-
- pcount = input_len - ifraglen;
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- obj->pending_count = pcount;
- }
-
- if (ifraglen) {
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7DecryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
- if (ifraglen != ofraglen) {
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
-
- output_len += ofraglen;
- } else {
- ofraglen = 0;
- }
-
- /*
- * If we just did our very last block, "remove" the padding by
- * adjusting the output length.
- */
- if (final && (padsize != 0)) {
- unsigned int padlen = *(output + ofraglen - 1);
- PORT_Assert (padlen > 0 && padlen <= padsize);
- if (padlen == 0 || padlen > padsize) {
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- output_len -= padlen;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
-
-/*
- * Encrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateEncryptObject.
- * When "final" is true, this is the last of the data to be encrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the encryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "obj".
- * We also need to add padding bytes at the end. PKCS #7 specifies
- * that the padding used for a block cipher is a string of bytes,
- * each of whose value is the same as the length of the padding,
- * and that all data is padded. (Even data that starts out with
- * an exact multiple of blocks gets added to it another block,
- * all of which is padding.)
- *
- * XXX I would kind of like to combine this with the function above
- * which does decryption, since they have a lot in common. But the
- * tricky parts about padding and filling blocks would be much
- * harder to read that way, so I left them separate. At least for
- * now until it is clear that they are right.
- */
-SECStatus
-sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, padlen, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (obj->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = sec_PKCS7EncryptLength (obj, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- bsize = obj->block_size;
- padsize = obj->pad_size;
-
- /*
- * When no blocking and padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (* obj->doit) (obj->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = obj->pending_count;
- pbuf = obj->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we do not have a full block and we know we will be
- * called again, then we are done for now.
- */
- if (pcount < bsize && !final) {
- obj->pending_count = pcount;
- if (output_len_p != NULL)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * If we have a whole block available, encrypt it.
- */
- if ((padsize == 0) || (pcount % padsize) == 0) {
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
-
- pcount = 0;
- }
- }
-
- if (input_len) {
- PORT_Assert (pcount == 0);
-
- blocks = input_len / bsize;
- ifraglen = blocks * bsize;
-
- if (ifraglen) {
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
-
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- pcount = input_len - ifraglen;
- PORT_Assert (pcount < bsize);
- if (pcount)
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- }
-
- if (final) {
- padlen = padsize - (pcount % padsize);
- PORT_Memset (pbuf + pcount, padlen, padlen);
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- pbuf, pcount+padlen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == (pcount+padlen));
- output_len += ofraglen;
- } else {
- obj->pending_count = pcount;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
-
-/*
- * End of cipher stuff.
- * -------------------------------------------------------------------
- */
-
-
-/*
- * -------------------------------------------------------------------
- * XXX The following Attribute stuff really belongs elsewhere.
- * The Attribute type is *not* part of pkcs7 but rather X.501.
- * But for now, since PKCS7 is the only customer of attributes,
- * we define them here. Once there is a use outside of PKCS7,
- * then change the attribute types and functions from internal
- * to external naming convention, and move them elsewhere!
- */
-
-/*
- * Look through a set of attributes and find one that matches the
- * specified object ID. If "only" is true, then make sure that
- * there is not more than one attribute of the same type. Otherwise,
- * just return the first one found. (XXX Does anybody really want
- * that first-found behavior? It was like that when I found it...)
- */
-SEC_PKCS7Attribute *
-sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs, SECOidTag oidtag,
- PRBool only)
-{
- SECOidData *oid;
- SEC_PKCS7Attribute *attr1, *attr2;
-
- if (attrs == NULL)
- return NULL;
-
- oid = SECOID_FindOIDByTag(oidtag);
- if (oid == NULL)
- return NULL;
-
- while ((attr1 = *attrs++) != NULL) {
- if (attr1->type.len == oid->oid.len && PORT_Memcmp (attr1->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr1 == NULL)
- return NULL;
-
- if (!only)
- return attr1;
-
- while ((attr2 = *attrs++) != NULL) {
- if (attr2->type.len == oid->oid.len && PORT_Memcmp (attr2->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr2 != NULL)
- return NULL;
-
- return attr1;
-}
-
-
-/*
- * Return the single attribute value, doing some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-SECItem *
-sec_PKCS7AttributeValue(SEC_PKCS7Attribute *attr)
-{
- SECItem *value;
-
- if (attr == NULL)
- return NULL;
-
- value = attr->values[0];
-
- if (value == NULL || value->data == NULL || value->len == 0)
- return NULL;
-
- if (attr->values[1] != NULL)
- return NULL;
-
- return value;
-}
-
-static const SEC_ASN1Template *
-sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS7Attribute *attribute;
- SECOidData *oiddata;
- PRBool encoded;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- attribute = (SEC_PKCS7Attribute*)src_or_dest;
-
- if (encoding && attribute->encoded)
- return SEC_ASN1_GET(SEC_AnyTemplate);
-
- oiddata = attribute->typeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&attribute->type);
- attribute->typeTag = oiddata;
- }
-
- if (oiddata == NULL) {
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- } else {
- switch (oiddata->offset) {
- default:
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- case SEC_OID_RFC1274_MAIL:
- case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
- break;
- case SEC_OID_PKCS9_MESSAGE_DIGEST:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate);
- break;
- /* XXX Want other types here, too */
- }
- }
-
- if (encoding) {
- /*
- * If we are encoding and we think we have an already-encoded value,
- * then the code which initialized this attribute should have set
- * the "encoded" property to true (and we would have returned early,
- * up above). No devastating error, but that code should be fixed.
- * (It could indicate that the resulting encoded bytes are wrong.)
- */
- PORT_Assert (!encoded);
- } else {
- /*
- * We are decoding; record whether the resulting value is
- * still encoded or not.
- */
- attribute->encoded = encoded;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1TemplateChooserPtr sec_attr_chooser
- = sec_attr_choose_attr_value_template;
-
-static const SEC_ASN1Template sec_pkcs7_attribute_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7Attribute) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS7Attribute,type) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7Attribute,values),
- &sec_attr_chooser },
- { 0 }
-};
-
-static const SEC_ASN1Template sec_pkcs7_set_of_attribute_template[] = {
- { SEC_ASN1_SET_OF, 0, sec_pkcs7_attribute_template },
-};
-
-/*
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in p7encode.c. (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-SECItem *
-sec_PKCS7EncodeAttributes (PRArenaPool *poolp, SECItem *dest, void *src)
-{
- return SEC_ASN1EncodeItem (poolp, dest, src,
- sec_pkcs7_set_of_attribute_template);
-}
-
-/*
- * Make sure that the order of the attributes guarantees valid DER
- * (which must be in lexigraphically ascending order for a SET OF);
- * if reordering is necessary it will be done in place (in attrs).
- */
-SECStatus
-sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs)
-{
- PRArenaPool *poolp;
- int num_attrs, i, pass, besti;
- unsigned int j;
- SECItem **enc_attrs;
- SEC_PKCS7Attribute **new_attrs;
-
- /*
- * I think we should not be called with NULL. But if we are,
- * call it a success anyway, because the order *is* okay.
- */
- PORT_Assert (attrs != NULL);
- if (attrs == NULL)
- return SECSuccess;
-
- /*
- * Count how many attributes we are dealing with here.
- */
- num_attrs = 0;
- while (attrs[num_attrs] != NULL)
- num_attrs++;
-
- /*
- * Again, I think we should have some attributes here.
- * But if we do not, or if there is only one, then call it
- * a success because it also already has a fine order.
- */
- PORT_Assert (num_attrs);
- if (num_attrs == 0 || num_attrs == 1)
- return SECSuccess;
-
- /*
- * Allocate an arena for us to work with, so it is easy to
- * clean up all of the memory (fairly small pieces, really).
- */
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return SECFailure; /* no memory; nothing we can do... */
-
- /*
- * Allocate arrays to hold the individual encodings which we will use
- * for comparisons and the reordered attributes as they are sorted.
- */
- enc_attrs=(SECItem**)PORT_ArenaZAlloc(poolp, num_attrs*sizeof(SECItem *));
- new_attrs = (SEC_PKCS7Attribute**)PORT_ArenaZAlloc (poolp,
- num_attrs * sizeof(SEC_PKCS7Attribute *));
- if (enc_attrs == NULL || new_attrs == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return SECFailure;
- }
-
- /*
- * DER encode each individual attribute.
- */
- for (i = 0; i < num_attrs; i++) {
- enc_attrs[i] = SEC_ASN1EncodeItem (poolp, NULL, attrs[i],
- sec_pkcs7_attribute_template);
- if (enc_attrs[i] == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return SECFailure;
- }
- }
-
- /*
- * Now compare and sort them; this is not the most efficient sorting
- * method, but it is just fine for the problem at hand, because the
- * number of attributes is (always) going to be small.
- */
- for (pass = 0; pass < num_attrs; pass++) {
- /*
- * Find the first not-yet-accepted attribute. (Once one is
- * sorted into the other array, it is cleared from enc_attrs.)
- */
- for (i = 0; i < num_attrs; i++) {
- if (enc_attrs[i] != NULL)
- break;
- }
- PORT_Assert (i < num_attrs);
- besti = i;
-
- /*
- * Find the lowest (lexigraphically) encoding. One that is
- * shorter than all the rest is known to be "less" because each
- * attribute is of the same type (a SEQUENCE) and so thus the
- * first octet of each is the same, and the second octet is
- * the length (or the length of the length with the high bit
- * set, followed by the length, which also works out to always
- * order the shorter first). Two (or more) that have the
- * same length need to be compared byte by byte until a mismatch
- * is found.
- */
- for (i = besti + 1; i < num_attrs; i++) {
- if (enc_attrs[i] == NULL) /* slot already handled */
- continue;
-
- if (enc_attrs[i]->len != enc_attrs[besti]->len) {
- if (enc_attrs[i]->len < enc_attrs[besti]->len)
- besti = i;
- continue;
- }
-
- for (j = 0; j < enc_attrs[i]->len; j++) {
- if (enc_attrs[i]->data[j] < enc_attrs[besti]->data[j]) {
- besti = i;
- break;
- }
- }
-
- /*
- * For this not to be true, we would have to have encountered
- * two *identical* attributes, which I think we should not see.
- * So assert if it happens, but even if it does, let it go
- * through; the ordering of the two does not matter.
- */
- PORT_Assert (j < enc_attrs[i]->len);
- }
-
- /*
- * Now we have found the next-lowest one; copy it over and
- * remove it from enc_attrs.
- */
- new_attrs[pass] = attrs[besti];
- enc_attrs[besti] = NULL;
- }
-
- /*
- * Now new_attrs has the attributes in the order we want;
- * copy them back into the attrs array we started with.
- */
- for (i = 0; i < num_attrs; i++)
- attrs[i] = new_attrs[i];
-
- PORT_FreeArena (poolp, PR_FALSE);
- return SECSuccess;
-}
-
-/*
- * End of attribute stuff.
- * -------------------------------------------------------------------
- */
-
-
-/*
- * Templates and stuff. Keep these at the end of the file.
- */
-
-/* forward declaration */
-static const SEC_ASN1Template *
-sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding);
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs7_chooser
- = sec_pkcs7_choose_content_template;
-
-const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7ContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS7ContentInfo,contentType) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS7ContentInfo,content),
- &sec_pkcs7_chooser },
- { 0 }
-};
-
-/* XXX These names should change from external to internal convention. */
-
-static const SEC_ASN1Template SEC_PKCS7SignerInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SignerInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7SignerInfo,version) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignerInfo,issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignerInfo,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS7SignerInfo,authAttr),
- sec_pkcs7_set_of_attribute_template },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignerInfo,digestEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SignerInfo,encDigest) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS7SignerInfo,unAuthAttr),
- sec_pkcs7_set_of_attribute_template },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7SignedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7SignedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7SignedData,version) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignedData,digestAlgorithms),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7SignedData,contentInfo),
- sec_PKCS7ContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS7SignedData,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(SEC_PKCS7SignedData,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7SignedData,signerInfos),
- SEC_PKCS7SignerInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7SignedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7RecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7RecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7RecipientInfo,version) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7RecipientInfo,issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7RecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7RecipientInfo,encKey) },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EncryptedContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7EncryptedContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS7EncryptedContentInfo,contentType) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7EncryptedContentInfo,contentEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS7EncryptedContentInfo,encContent),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EnvelopedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7EnvelopedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7EnvelopedData,version) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7EnvelopedData,recipientInfos),
- SEC_PKCS7RecipientInfoTemplate },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7EnvelopedData,encContentInfo),
- SEC_PKCS7EncryptedContentInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7EnvelopedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7EnvelopedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7SignedAndEnvelopedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7SignedAndEnvelopedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,version) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,recipientInfos),
- SEC_PKCS7RecipientInfoTemplate },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,digestAlgorithms),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,encContentInfo),
- SEC_PKCS7EncryptedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,signerInfos),
- SEC_PKCS7SignerInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template
-SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedAndEnvelopedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7DigestedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7DigestedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7DigestedData,version) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7DigestedData,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7DigestedData,contentInfo),
- sec_PKCS7ContentInfoTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7DigestedData,digest) },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7DigestedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7DigestedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EncryptedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7EncryptedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7EncryptedData,version) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7EncryptedData,encContentInfo),
- SEC_PKCS7EncryptedContentInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7EncryptedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7EncryptedDataTemplate }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateNoSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(SEC_PKCS7SMIMEKEAParameters,bulkKeySize) },
- { 0 }
-};
-
-const SEC_ASN1Template*
-sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate)
-{
- const SEC_ASN1Template *returnVal = NULL;
-
- switch(whichTemplate)
- {
- case SECKEAUsesNonSkipjack:
- returnVal = SEC_SMIMEKEAParamTemplateNoSkipjack;
- break;
- case SECKEAUsesSkipjack:
- returnVal = SEC_SMIMEKEAParamTemplateSkipjack;
- break;
- case SECKEAUsesNonSkipjackWithPaddedEncKey:
- default:
- returnVal = SEC_SMIMEKEAParamTemplateAllParams;
- break;
- }
- return returnVal;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS7ContentInfo *cinfo;
- SECOidTag kind;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- cinfo = (SEC_PKCS7ContentInfo*)src_or_dest;
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS7_DATA:
- theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- theTemplate = SEC_PointerToPKCS7SignedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- theTemplate = SEC_PointerToPKCS7EnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- theTemplate = SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- theTemplate = SEC_PointerToPKCS7DigestedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- theTemplate = SEC_PointerToPKCS7EncryptedDataTemplate;
- break;
- }
- return theTemplate;
-}
-
-/*
- * End of templates. Do not add stuff after this; put new code
- * up above the start of the template definitions.
- */
diff --git a/security/nss/lib/pkcs7/p7local.h b/security/nss/lib/pkcs7/p7local.h
deleted file mode 100644
index 80640c930..000000000
--- a/security/nss/lib/pkcs7/p7local.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for PKCS7 implementation, none of which are exported.
- * This file should only contain things that are needed by both the
- * encoding/creation side *and* the decoding/decryption side. Anything
- * else should just be static routines in the appropriate file.
- *
- * Do not export this file! If something in here is really needed outside
- * of pkcs7 code, first try to add a PKCS7 interface which will do it for
- * you. If that has a problem, then just move out what you need, changing
- * its name as appropriate!
- *
- * $Id$
- */
-
-#ifndef _P7LOCAL_H_
-#define _P7LOCAL_H_
-
-#include "secpkcs7.h"
-#include "secasn1t.h"
-
-extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
-
-/* opaque objects */
-typedef struct sec_pkcs7_cipher_object sec_PKCS7CipherObject;
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Look through a set of attributes and find one that matches the
- * specified object ID. If "only" is true, then make sure that
- * there is not more than one attribute of the same type. Otherwise,
- * just return the first one found. (XXX Does anybody really want
- * that first-found behavior? It was like that when I found it...)
- */
-extern SEC_PKCS7Attribute *sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs,
- SECOidTag oidtag,
- PRBool only);
-/*
- * Return the single attribute value, doing some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-extern SECItem *sec_PKCS7AttributeValue (SEC_PKCS7Attribute *attr);
-
-/*
- * Encode a set of attributes (found in "src").
- */
-extern SECItem *sec_PKCS7EncodeAttributes (PRArenaPool *poolp,
- SECItem *dest, void *src);
-
-/*
- * Make sure that the order of the attributes guarantees valid DER
- * (which must be in lexigraphically ascending order for a SET OF);
- * if reordering is necessary it will be done in place (in attrs).
- */
-extern SECStatus sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs);
-
-
-/*
- * Create a context for decrypting, based on the given key and algorithm.
- */
-extern sec_PKCS7CipherObject *
-sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid);
-
-/*
- * Create a context for encrypting, based on the given key and algorithm,
- * and fill in the algorithm id.
- */
-extern sec_PKCS7CipherObject *
-sec_PKCS7CreateEncryptObject (PRArenaPool *poolp, PK11SymKey *key,
- SECOidTag algtag, SECAlgorithmID *algid);
-
-/*
- * Destroy the given decryption or encryption object.
- */
-extern void sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj);
-extern void sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj);
-
-/*
- * What will be the output length of the next call to encrypt/decrypt?
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and the cipher block size).
- *
- * Note that this can return zero, which does not mean that the cipher
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent cipher operation, as no output bytes
- * will be stored.
- */
-extern unsigned int sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj,
- unsigned int input_len,
- PRBool final);
-extern unsigned int sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj,
- unsigned int input_len,
- PRBool final);
-
-/*
- * Decrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateDecryptObject.
- * When "final" is true, this is the last of the data to be decrypted.
- */
-extern SECStatus sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj,
- unsigned char *output,
- unsigned int *output_len_p,
- unsigned int max_output_len,
- const unsigned char *input,
- unsigned int input_len,
- PRBool final);
-
-/*
- * Encrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateEncryptObject.
- * When "final" is true, this is the last of the data to be encrypted.
- */
-extern SECStatus sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj,
- unsigned char *output,
- unsigned int *output_len_p,
- unsigned int max_output_len,
- const unsigned char *input,
- unsigned int input_len,
- PRBool final);
-
-/* return the correct kea template based on the template selector. skipjack
- * does not have the extra IV.
- */
-const SEC_ASN1Template *
-sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _P7LOCAL_H_ */
diff --git a/security/nss/lib/pkcs7/pkcs7t.h b/security/nss/lib/pkcs7/pkcs7t.h
deleted file mode 100644
index d36c5e41a..000000000
--- a/security/nss/lib/pkcs7/pkcs7t.h
+++ /dev/null
@@ -1,296 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header for pkcs7 types.
- *
- * $Id$
- */
-
-#ifndef _PKCS7T_H_
-#define _PKCS7T_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "certt.h"
-#include "secmodt.h"
-
-/* Opaque objects */
-typedef struct SEC_PKCS7DecoderContextStr SEC_PKCS7DecoderContext;
-typedef struct SEC_PKCS7EncoderContextStr SEC_PKCS7EncoderContext;
-
-/* legacy defines that haven't been active for years */
-typedef void *(*SECKEYGetPasswordKey)(void *arg, void *handle);
-
-
-/* Non-opaque objects. NOTE, though: I want them to be treated as
- * opaque as much as possible. If I could hide them completely,
- * I would. (I tried, but ran into trouble that was taking me too
- * much time to get out of.) I still intend to try to do so.
- * In fact, the only type that "outsiders" should even *name* is
- * SEC_PKCS7ContentInfo, and they should not reference its fields.
- */
-/* rjr: PKCS #11 cert handling (pk11cert.c) does use SEC_PKCS7RecipientInfo's.
- * This is because when we search the recipient list for the cert and key we
- * want, we need to invert the order of the loops we used to have. The old
- * loops were:
- *
- * For each recipient {
- * find_cert = PK11_Find_AllCert(recipient->issuerSN);
- * [which unrolls to... ]
- * For each slot {
- * Log into slot;
- * search slot for cert;
- * }
- * }
- *
- * the new loop searchs all the recipients at once on a slot. this allows
- * PKCS #11 to order slots in such a way that logout slots don't get checked
- * if we can find the cert on a logged in slot. This eliminates lots of
- * spurious password prompts when smart cards are installed... so why this
- * comment? If you make SEC_PKCS7RecipientInfo completely opaque, you need
- * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
- * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
- * function.
- */
-typedef struct SEC_PKCS7ContentInfoStr SEC_PKCS7ContentInfo;
-typedef struct SEC_PKCS7SignedDataStr SEC_PKCS7SignedData;
-typedef struct SEC_PKCS7EncryptedContentInfoStr SEC_PKCS7EncryptedContentInfo;
-typedef struct SEC_PKCS7EnvelopedDataStr SEC_PKCS7EnvelopedData;
-typedef struct SEC_PKCS7SignedAndEnvelopedDataStr
- SEC_PKCS7SignedAndEnvelopedData;
-typedef struct SEC_PKCS7SignerInfoStr SEC_PKCS7SignerInfo;
-typedef struct SEC_PKCS7RecipientInfoStr SEC_PKCS7RecipientInfo;
-typedef struct SEC_PKCS7DigestedDataStr SEC_PKCS7DigestedData;
-typedef struct SEC_PKCS7EncryptedDataStr SEC_PKCS7EncryptedData;
-typedef struct SEC_PKCS7SMIMEKEAParametersStr SEC_PKCS7SMIMEKEAParameters;
-/*
- * The following is not actually a PKCS7 type, but for now it is only
- * used by PKCS7, so we have adopted it. If someone else *ever* needs
- * it, its name should be changed and it should be moved out of here.
- * Do not dare to use it without doing so!
- */
-typedef struct SEC_PKCS7AttributeStr SEC_PKCS7Attribute;
-
-struct SEC_PKCS7ContentInfoStr {
- PRArenaPool *poolp; /* local; not part of encoding */
- PRBool created; /* local; not part of encoding */
- int refCount; /* local; not part of encoding */
- SECOidData *contentTypeTag; /* local; not part of encoding */
- SECKEYGetPasswordKey pwfn; /* local; not part of encoding */
- void *pwfn_arg; /* local; not part of encoding */
- SECItem contentType;
- union {
- SECItem *data;
- SEC_PKCS7DigestedData *digestedData;
- SEC_PKCS7EncryptedData *encryptedData;
- SEC_PKCS7EnvelopedData *envelopedData;
- SEC_PKCS7SignedData *signedData;
- SEC_PKCS7SignedAndEnvelopedData *signedAndEnvelopedData;
- } content;
-};
-
-struct SEC_PKCS7SignedDataStr {
- SECItem version;
- SECAlgorithmID **digestAlgorithms;
- SEC_PKCS7ContentInfo contentInfo;
- SECItem **rawCerts;
- CERTSignedCrl **crls;
- SEC_PKCS7SignerInfo **signerInfos;
- SECItem **digests; /* local; not part of encoding */
- CERTCertificate **certs; /* local; not part of encoding */
- CERTCertificateList **certLists; /* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNED_DATA_VERSION 1 /* what we *create* */
-
-struct SEC_PKCS7EncryptedContentInfoStr {
- SECOidData *contentTypeTag; /* local; not part of encoding */
- SECItem contentType;
- SECAlgorithmID contentEncAlg;
- SECItem encContent;
- SECItem plainContent; /* local; not part of encoding */
- /* bytes not encrypted, but encoded */
- int keysize; /* local; not part of encoding */
- /* size of bulk encryption key
- * (only used by creation code) */
- SECOidTag encalg; /* local; not part of encoding */
- /* oid tag of encryption algorithm
- * (only used by creation code) */
-};
-
-struct SEC_PKCS7EnvelopedDataStr {
- SECItem version;
- SEC_PKCS7RecipientInfo **recipientInfos;
- SEC_PKCS7EncryptedContentInfo encContentInfo;
-};
-#define SEC_PKCS7_ENVELOPED_DATA_VERSION 0 /* what we *create* */
-
-struct SEC_PKCS7SignedAndEnvelopedDataStr {
- SECItem version;
- SEC_PKCS7RecipientInfo **recipientInfos;
- SECAlgorithmID **digestAlgorithms;
- SEC_PKCS7EncryptedContentInfo encContentInfo;
- SECItem **rawCerts;
- CERTSignedCrl **crls;
- SEC_PKCS7SignerInfo **signerInfos;
- SECItem **digests; /* local; not part of encoding */
- CERTCertificate **certs; /* local; not part of encoding */
- CERTCertificateList **certLists; /* local; not part of encoding */
- PK11SymKey *sigKey; /* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION 1 /* what we *create* */
-
-struct SEC_PKCS7SignerInfoStr {
- SECItem version;
- CERTIssuerAndSN *issuerAndSN;
- SECAlgorithmID digestAlg;
- SEC_PKCS7Attribute **authAttr;
- SECAlgorithmID digestEncAlg;
- SECItem encDigest;
- SEC_PKCS7Attribute **unAuthAttr;
- CERTCertificate *cert; /* local; not part of encoding */
- CERTCertificateList *certList; /* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNER_INFO_VERSION 1 /* what we *create* */
-
-struct SEC_PKCS7RecipientInfoStr {
- SECItem version;
- CERTIssuerAndSN *issuerAndSN;
- SECAlgorithmID keyEncAlg;
- SECItem encKey;
- CERTCertificate *cert; /* local; not part of encoding */
-};
-#define SEC_PKCS7_RECIPIENT_INFO_VERSION 0 /* what we *create* */
-
-struct SEC_PKCS7DigestedDataStr {
- SECItem version;
- SECAlgorithmID digestAlg;
- SEC_PKCS7ContentInfo contentInfo;
- SECItem digest;
-};
-#define SEC_PKCS7_DIGESTED_DATA_VERSION 0 /* what we *create* */
-
-struct SEC_PKCS7EncryptedDataStr {
- SECItem version;
- SEC_PKCS7EncryptedContentInfo encContentInfo;
-};
-#define SEC_PKCS7_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
-
-/*
- * See comment above about this type not really belonging to PKCS7.
- */
-struct SEC_PKCS7AttributeStr {
- /* The following fields make up an encoded Attribute: */
- SECItem type;
- SECItem **values; /* data may or may not be encoded */
- /* The following fields are not part of an encoded Attribute: */
- SECOidData *typeTag;
- PRBool encoded; /* when true, values are encoded */
-};
-
-/* An enumerated type used to select templates based on the encryption
- scenario and data specifics. */
-typedef enum
-{
- SECKEAInvalid = -1,
- SECKEAUsesSkipjack = 0,
- SECKEAUsesNonSkipjack = 1,
- SECKEAUsesNonSkipjackWithPaddedEncKey = 2
-} SECKEATemplateSelector;
-
-/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
- but I cannot think of a more appropriate place at this time. */
-struct SEC_PKCS7SMIMEKEAParametersStr {
- SECItem originatorKEAKey; /* sender KEA key (encrypted?) */
- SECItem originatorRA; /* random number generated by sender */
- SECItem nonSkipjackIV; /* init'n vector for SkipjackCBC64
- decryption of KEA key if Skipjack
- is not the bulk algorithm used on
- the message */
- SECItem bulkKeySize; /* if Skipjack is not the bulk
- algorithm used on the message,
- and the size of the bulk encryption
- key is not the same as that of
- originatorKEAKey (due to padding
- perhaps), this field will contain
- the real size of the bulk encryption
- key. */
-};
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
- * If specified, this is where the content bytes (only) will be "sent"
- * as they are recovered during the decoding.
- *
- * XXX Should just combine this with SEC_PKCS7EncoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (* SEC_PKCS7DecoderContentCallback)(void *arg,
- const char *buf,
- unsigned long len);
-
-/*
- * Type of function passed to SEC_PKCS7Encode or SEC_PKCS7EncoderStart.
- * This is where the encoded bytes will be "sent".
- *
- * XXX Should just combine this with SEC_PKCS7DecoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (* SEC_PKCS7EncoderOutputCallback)(void *arg,
- const char *buf,
- unsigned long len);
-
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart
- * to retrieve the decryption key. This function is inteded to be
- * used for EncryptedData content info's which do not have a key available
- * in a certificate, etc.
- */
-typedef PK11SymKey * (* SEC_PKCS7GetDecryptKeyCallback)(void *arg,
- SECAlgorithmID *algid);
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
- * This function in intended to be used to verify that decrypting a
- * particular crypto algorithm is allowed. Content types which do not
- * require decryption will not need the callback. If the callback
- * is not specified for content types which require decryption, the
- * decryption will be disallowed.
- */
-typedef PRBool (* SEC_PKCS7DecryptionAllowedCallback)(SECAlgorithmID *algid,
- PK11SymKey *bulkkey);
-
-#endif /* _PKCS7T_H_ */
diff --git a/security/nss/lib/pkcs7/secmime.c b/security/nss/lib/pkcs7/secmime.c
deleted file mode 100644
index 11e0bb6c3..000000000
--- a/security/nss/lib/pkcs7/secmime.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Stuff specific to S/MIME policy and interoperability.
- * Depends on PKCS7, but there should be no dependency the other way around.
- *
- * $Id$
- */
-
-#include "secmime.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "ciferfam.h" /* for CIPHER_FAMILY symbols */
-#include "secasn1.h"
-#include "secitem.h"
-#include "cert.h"
-#include "key.h"
-#include "secerr.h"
-
-typedef struct smime_cipher_map_struct {
- unsigned long cipher;
- SECOidTag algtag;
- SECItem *parms;
-} smime_cipher_map;
-
-/*
- * These are macros because I think some subsequent parameters,
- * like those for RC5, will want to use them, too, separately.
- */
-#define SMIME_DER_INTVAL_16 SEC_ASN1_INTEGER, 0x01, 0x10
-#define SMIME_DER_INTVAL_40 SEC_ASN1_INTEGER, 0x01, 0x28
-#define SMIME_DER_INTVAL_64 SEC_ASN1_INTEGER, 0x01, 0x40
-#define SMIME_DER_INTVAL_128 SEC_ASN1_INTEGER, 0x02, 0x00, 0x80
-
-#ifdef SMIME_DOES_RC5 /* will be needed; quiet unused warning for now */
-static unsigned char smime_int16[] = { SMIME_DER_INTVAL_16 };
-#endif
-static unsigned char smime_int40[] = { SMIME_DER_INTVAL_40 };
-static unsigned char smime_int64[] = { SMIME_DER_INTVAL_64 };
-static unsigned char smime_int128[] = { SMIME_DER_INTVAL_128 };
-
-static SECItem smime_rc2p40 = { siBuffer, smime_int40, sizeof(smime_int40) };
-static SECItem smime_rc2p64 = { siBuffer, smime_int64, sizeof(smime_int64) };
-static SECItem smime_rc2p128 = { siBuffer, smime_int128, sizeof(smime_int128) };
-
-static smime_cipher_map smime_cipher_maps[] = {
- { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &smime_rc2p40 },
- { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &smime_rc2p64 },
- { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &smime_rc2p128 },
-#ifdef SMIME_DOES_RC5
- { SMIME_RC5PAD_64_16_40, SEC_OID_RC5_CBC_PAD, &smime_rc5p40 },
- { SMIME_RC5PAD_64_16_64, SEC_OID_RC5_CBC_PAD, &smime_rc5p64 },
- { SMIME_RC5PAD_64_16_128, SEC_OID_RC5_CBC_PAD, &smime_rc5p128 },
-#endif
- { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL },
- { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL },
- { SMIME_FORTEZZA, SEC_OID_FORTEZZA_SKIPJACK, NULL}
-};
-
-/*
- * Note, the following value really just needs to be an upper bound
- * on the ciphers.
- */
-static const int smime_symmetric_count = sizeof(smime_cipher_maps)
- / sizeof(smime_cipher_map);
-
-static unsigned long *smime_prefs, *smime_newprefs;
-static int smime_current_pref_index = 0;
-static PRBool smime_prefs_complete = PR_FALSE;
-static PRBool smime_prefs_changed = PR_TRUE;
-
-static unsigned long smime_policy_bits = 0;
-
-
-static int
-smime_mapi_by_cipher (unsigned long cipher)
-{
- int i;
-
- for (i = 0; i < smime_symmetric_count; i++) {
- if (smime_cipher_maps[i].cipher == cipher)
- break;
- }
-
- if (i == smime_symmetric_count)
- return -1;
-
- return i;
-}
-
-
-/*
- * this function locally records the user's preference
- */
-SECStatus
-SECMIME_EnableCipher(long which, int on)
-{
- unsigned long mask;
-
- if (smime_newprefs == NULL || smime_prefs_complete) {
- /*
- * This is either the very first time, or we are starting over.
- */
- smime_newprefs = (unsigned long*)PORT_ZAlloc (smime_symmetric_count
- * sizeof(*smime_newprefs));
- if (smime_newprefs == NULL)
- return SECFailure;
- smime_current_pref_index = 0;
- smime_prefs_complete = PR_FALSE;
- }
-
- mask = which & CIPHER_FAMILYID_MASK;
- if (mask == CIPHER_FAMILYID_MASK) {
- /*
- * This call signifies that all preferences have been set.
- * Move "newprefs" over, after checking first whether or
- * not the new ones are different from the old ones.
- */
- if (smime_prefs != NULL) {
- if (PORT_Memcmp (smime_prefs, smime_newprefs,
- smime_symmetric_count * sizeof(*smime_prefs)) == 0)
- smime_prefs_changed = PR_FALSE;
- else
- smime_prefs_changed = PR_TRUE;
- PORT_Free (smime_prefs);
- }
-
- smime_prefs = smime_newprefs;
- smime_prefs_complete = PR_TRUE;
- return SECSuccess;
- }
-
- PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
- if (mask != CIPHER_FAMILYID_SMIME) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- if (on) {
- PORT_Assert (smime_current_pref_index < smime_symmetric_count);
- if (smime_current_pref_index >= smime_symmetric_count) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- smime_newprefs[smime_current_pref_index++] = which;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * this function locally records the export policy
- */
-SECStatus
-SECMIME_SetPolicy(long which, int on)
-{
- unsigned long mask;
-
- PORT_Assert ((which & CIPHER_FAMILYID_MASK) == CIPHER_FAMILYID_SMIME);
- if ((which & CIPHER_FAMILYID_MASK) != CIPHER_FAMILYID_SMIME) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- which &= ~CIPHER_FAMILYID_MASK;
-
- PORT_Assert (which < 32); /* bits in the long */
- if (which >= 32) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- mask = 1UL << which;
-
- if (on) {
- smime_policy_bits |= mask;
- } else {
- smime_policy_bits &= ~mask;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * Based on the given algorithm (including its parameters, in some cases!)
- * and the given key (may or may not be inspected, depending on the
- * algorithm), find the appropriate policy algorithm specification
- * and return it. If no match can be made, -1 is returned.
- */
-static long
-smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key)
-{
- SECOidTag algtag;
-
- algtag = SECOID_GetAlgorithmTag (algid);
- switch (algtag) {
- case SEC_OID_RC2_CBC:
- {
- unsigned int keylen_bits;
-
- keylen_bits = PK11_GetKeyStrength (key, algid);
- switch (keylen_bits) {
- case 40:
- return SMIME_RC2_CBC_40;
- case 64:
- return SMIME_RC2_CBC_64;
- case 128:
- return SMIME_RC2_CBC_128;
- default:
- break;
- }
- }
- break;
- case SEC_OID_DES_CBC:
- return SMIME_DES_CBC_56;
- case SEC_OID_DES_EDE3_CBC:
- return SMIME_DES_EDE3_168;
- case SEC_OID_FORTEZZA_SKIPJACK:
- return SMIME_FORTEZZA;
-#ifdef SMIME_DOES_RC5
- case SEC_OID_RC5_CBC_PAD:
- PORT_Assert (0); /* XXX need to pull out parameters and match */
- break;
-#endif
- default:
- break;
- }
-
- return -1;
-}
-
-
-static PRBool
-smime_cipher_allowed (unsigned long which)
-{
- unsigned long mask;
-
- which &= ~CIPHER_FAMILYID_MASK;
- PORT_Assert (which < 32); /* bits per long (min) */
- if (which >= 32)
- return PR_FALSE;
-
- mask = 1UL << which;
- if ((mask & smime_policy_bits) == 0)
- return PR_FALSE;
-
- return PR_TRUE;
-}
-
-
-PRBool
-SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
- long which;
-
- which = smime_policy_algorithm (algid, key);
- if (which < 0)
- return PR_FALSE;
-
- return smime_cipher_allowed ((unsigned long)which);
-}
-
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-PRBool
-SECMIME_EncryptionPossible (void)
-{
- if (smime_policy_bits != 0)
- return PR_TRUE;
-
- return PR_FALSE;
-}
-
-
-/*
- * XXX Would like the "parameters" field to be a SECItem *, but the
- * encoder is having trouble with optional pointers to an ANY. Maybe
- * once that is fixed, can change this back...
- */
-typedef struct smime_capability_struct {
- unsigned long cipher; /* local; not part of encoding */
- SECOidTag capIDTag; /* local; not part of encoding */
- SECItem capabilityID;
- SECItem parameters;
-} smime_capability;
-
-static const SEC_ASN1Template smime_capability_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(smime_capability) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(smime_capability,capabilityID), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(smime_capability,parameters), },
- { 0, }
-};
-
-static const SEC_ASN1Template smime_capabilities_template[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, smime_capability_template }
-};
-
-
-
-static void
-smime_fill_capability (smime_capability *cap)
-{
- unsigned long cipher;
- SECOidTag algtag;
- int i;
-
- algtag = SECOID_FindOIDTag (&(cap->capabilityID));
-
- for (i = 0; i < smime_symmetric_count; i++) {
- if (smime_cipher_maps[i].algtag != algtag)
- continue;
- /*
- * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
- * 2 NULLs as equal and NULL and non-NULL as not equal), we could
- * use that here instead of all of the following comparison code.
- */
- if (cap->parameters.data != NULL) {
- if (smime_cipher_maps[i].parms == NULL)
- continue;
- if (cap->parameters.len != smime_cipher_maps[i].parms->len)
- continue;
- if (PORT_Memcmp (cap->parameters.data,
- smime_cipher_maps[i].parms->data,
- cap->parameters.len) == 0)
- break;
- } else if (smime_cipher_maps[i].parms == NULL) {
- break;
- }
- }
-
- if (i == smime_symmetric_count)
- cipher = 0;
- else
- cipher = smime_cipher_maps[i].cipher;
-
- cap->cipher = cipher;
- cap->capIDTag = algtag;
-}
-
-
-static long
-smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts)
-{
- PRArenaPool *poolp;
- long chosen_cipher;
- int *cipher_abilities;
- int *cipher_votes;
- int strong_mapi;
- int rcount, mapi, max, i;
- PRBool isFortezza = PK11_FortezzaHasKEA(scert);
-
- if (smime_policy_bits == 0) {
- PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
- return -1;
- }
-
- chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- goto done;
-
- cipher_abilities = (int*)PORT_ArenaZAlloc (poolp,
- smime_symmetric_count * sizeof(int));
- if (cipher_abilities == NULL)
- goto done;
-
- cipher_votes = (int*)PORT_ArenaZAlloc (poolp,
- smime_symmetric_count * sizeof(int));
- if (cipher_votes == NULL)
- goto done;
-
- /*
- * XXX Should have a #define somewhere which specifies default
- * strong cipher. (Or better, a way to configure, which would
- * take Fortezza into account as well.)
- */
-
- /* If the user has the Fortezza preference turned on, make
- * that the strong cipher. Otherwise, use triple-DES. */
- strong_mapi = -1;
- if (isFortezza) {
- for(i=0;i < smime_current_pref_index && strong_mapi < 0;i++)
- {
- if (smime_prefs[i] == SMIME_FORTEZZA)
- strong_mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
- }
- }
-
- if (strong_mapi == -1)
- strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
-
- PORT_Assert (strong_mapi >= 0);
-
- for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
- SECItem *profile;
- smime_capability **caps;
- int capi, pref;
- SECStatus dstat;
-
- pref = smime_symmetric_count;
- profile = CERT_FindSMimeProfile (rcerts[rcount]);
- if (profile != NULL && profile->data != NULL && profile->len > 0) {
- caps = NULL;
- dstat = SEC_ASN1DecodeItem (poolp, &caps,
- smime_capabilities_template,
- profile);
- if (dstat == SECSuccess && caps != NULL) {
- for (capi = 0; caps[capi] != NULL; capi++) {
- smime_fill_capability (caps[capi]);
- mapi = smime_mapi_by_cipher (caps[capi]->cipher);
- if (mapi >= 0) {
- cipher_abilities[mapi]++;
- cipher_votes[mapi] += pref;
- --pref;
- }
- }
- }
- } else {
- SECKEYPublicKey *key;
- unsigned int pklen_bits;
-
- /*
- * XXX This is probably only good for RSA keys. What I would
- * really like is a function to just say; Is the public key in
- * this cert an export-length key? Then I would not have to
- * know things like the value 512, or the kind of key, or what
- * a subjectPublicKeyInfo is, etc.
- */
- key = CERT_ExtractPublicKey (rcerts[rcount]);
- if (key != NULL) {
- pklen_bits = SECKEY_PublicKeyStrength (key) * 8;
- SECKEY_DestroyPublicKey (key);
-
- if (pklen_bits > 512) {
- cipher_abilities[strong_mapi]++;
- cipher_votes[strong_mapi] += pref;
- }
- }
- }
- if (profile != NULL)
- SECITEM_FreeItem (profile, PR_TRUE);
- }
-
- max = 0;
- for (mapi = 0; mapi < smime_symmetric_count; mapi++) {
- if (cipher_abilities[mapi] != rcount)
- continue;
- if (! smime_cipher_allowed (smime_cipher_maps[mapi].cipher))
- continue;
- if (!isFortezza && (smime_cipher_maps[mapi].cipher == SMIME_FORTEZZA))
- continue;
- if (cipher_votes[mapi] > max) {
- chosen_cipher = smime_cipher_maps[mapi].cipher;
- max = cipher_votes[mapi];
- } /* XXX else if a tie, let scert break it? */
- }
-
-done:
- if (poolp != NULL)
- PORT_FreeArena (poolp, PR_FALSE);
-
- return chosen_cipher;
-}
-
-
-/*
- * XXX This is a hack for now to satisfy our current interface.
- * Eventually, with more parameters needing to be specified, just
- * looking up the keysize is not going to be sufficient.
- */
-static int
-smime_keysize_by_cipher (unsigned long which)
-{
- int keysize;
-
- switch (which) {
- case SMIME_RC2_CBC_40:
- keysize = 40;
- break;
- case SMIME_RC2_CBC_64:
- keysize = 64;
- break;
- case SMIME_RC2_CBC_128:
- keysize = 128;
- break;
-#ifdef SMIME_DOES_RC5
- case SMIME_RC5PAD_64_16_40:
- case SMIME_RC5PAD_64_16_64:
- case SMIME_RC5PAD_64_16_128:
- /* XXX See comment above; keysize is not enough... */
- PORT_Assert (0);
- PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
- keysize = -1;
- break;
-#endif
- case SMIME_DES_CBC_56:
- case SMIME_DES_EDE3_168:
- case SMIME_FORTEZZA:
- /*
- * These are special; since the key size is fixed, we actually
- * want to *avoid* specifying a key size.
- */
- keysize = 0;
- break;
- default:
- keysize = -1;
- break;
- }
-
- return keysize;
-}
-
-
-/*
- * Start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender. It will be checked for validity.
- * "rcerts" are the certs for the recipients. They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SECMIME_CreateEncrypted(CERTCertificate *scert,
- CERTCertificate **rcerts,
- CERTCertDBHandle *certdb,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- long cipher;
- SECOidTag encalg;
- int keysize;
- int mapi, rci;
-
- cipher = smime_choose_cipher (scert, rcerts);
- if (cipher < 0)
- return NULL;
-
- mapi = smime_mapi_by_cipher (cipher);
- if (mapi < 0)
- return NULL;
-
- /*
- * XXX This is stretching it -- CreateEnvelopedData should probably
- * take a cipher itself of some sort, because we cannot know what the
- * future will bring in terms of parameters for each type of algorithm.
- * For example, just an algorithm and keysize is *not* sufficient to
- * fully specify the usage of RC5 (which also needs to know rounds and
- * block size). Work this out into a better API!
- */
- encalg = smime_cipher_maps[mapi].algtag;
- keysize = smime_keysize_by_cipher (cipher);
- if (keysize < 0)
- return NULL;
-
- cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
- certdb, encalg, keysize,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- for (rci = 0; rcerts[rci] != NULL; rci++) {
- if (rcerts[rci] == scert)
- continue;
- if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
- NULL) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
- }
-
- return cinfo;
-}
-
-
-static smime_capability **smime_capabilities;
-static SECItem *smime_encoded_caps;
-static PRBool lastUsedFortezza;
-
-
-static SECStatus
-smime_init_caps (PRBool isFortezza)
-{
- smime_capability *cap;
- smime_cipher_map *map;
- SECOidData *oiddata;
- SECStatus rv;
- int i, capIndex;
-
- if (smime_encoded_caps != NULL
- && (! smime_prefs_changed)
- && lastUsedFortezza == isFortezza)
- return SECSuccess;
-
- if (smime_encoded_caps != NULL) {
- SECITEM_FreeItem (smime_encoded_caps, PR_TRUE);
- smime_encoded_caps = NULL;
- }
-
- if (smime_capabilities == NULL) {
- smime_capabilities = (smime_capability**)PORT_ZAlloc (
- (smime_symmetric_count + 1)
- * sizeof(smime_capability *));
- if (smime_capabilities == NULL)
- return SECFailure;
- }
-
- rv = SECFailure;
-
- /*
- The process of creating the encoded PKCS7 cipher capability list
- involves two basic steps:
-
- (a) Convert our internal representation of cipher preferences
- (smime_prefs) into an array containing cipher OIDs and
- parameter data (smime_capabilities). This step is
- performed here.
-
- (b) Encode, using ASN.1, the cipher information in
- smime_capabilities, leaving the encoded result in
- smime_encoded_caps.
-
- (In the process of performing (a), Lisa put in some optimizations
- which allow us to avoid needlessly re-populating elements in
- smime_capabilities as we walk through smime_prefs.)
-
- We want to use separate loop variables for smime_prefs and
- smime_capabilities because in the case where the Skipjack cipher
- is turned on in the prefs, but where we don't want to include
- Skipjack in the encoded capabilities (presumably due to using a
- non-fortezza cert when sending a message), we want to avoid creating
- an empty element in smime_capabilities. This would otherwise cause
- the encoding step to produce an empty set, since Skipjack happens
- to be the first cipher in smime_prefs, if it is turned on.
- */
- for (i = 0, capIndex = 0; i < smime_current_pref_index; i++, capIndex++) {
- int mapi;
-
- /* Get the next cipher preference in smime_prefs. */
- mapi = smime_mapi_by_cipher (smime_prefs[i]);
- if (mapi < 0)
- break;
-
- /* Find the corresponding entry in the cipher map. */
- PORT_Assert (mapi < smime_symmetric_count);
- map = &(smime_cipher_maps[mapi]);
-
- /* If we're using a non-Fortezza cert, only advertise non-Fortezza
- capabilities. (We advertise all capabilities if we have a
- Fortezza cert.) */
- if ((!isFortezza) && (map->cipher == SMIME_FORTEZZA))
- {
- capIndex--; /* we want to visit the same caps index entry next time */
- continue;
- }
-
- /*
- * Convert the next preference found in smime_prefs into an
- * smime_capability.
- */
-
- cap = smime_capabilities[capIndex];
- if (cap == NULL) {
- cap = (smime_capability*)PORT_ZAlloc (sizeof(smime_capability));
- if (cap == NULL)
- break;
- smime_capabilities[capIndex] = cap;
- } else if (cap->cipher == smime_prefs[i]) {
- continue; /* no change to this one */
- }
-
- cap->capIDTag = map->algtag;
- oiddata = SECOID_FindOIDByTag (map->algtag);
- if (oiddata == NULL)
- break;
-
- if (cap->capabilityID.data != NULL) {
- SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
- cap->capabilityID.data = NULL;
- cap->capabilityID.len = 0;
- }
-
- rv = SECITEM_CopyItem (NULL, &(cap->capabilityID), &(oiddata->oid));
- if (rv != SECSuccess)
- break;
-
- if (map->parms == NULL) {
- cap->parameters.data = NULL;
- cap->parameters.len = 0;
- } else {
- cap->parameters.data = map->parms->data;
- cap->parameters.len = map->parms->len;
- }
-
- cap->cipher = smime_prefs[i];
- }
-
- if (i != smime_current_pref_index)
- return rv;
-
- while (capIndex < smime_symmetric_count) {
- cap = smime_capabilities[capIndex];
- if (cap != NULL) {
- SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
- PORT_Free (cap);
- }
- smime_capabilities[capIndex] = NULL;
- capIndex++;
- }
- smime_capabilities[capIndex] = NULL;
-
- smime_encoded_caps = SEC_ASN1EncodeItem (NULL, NULL, &smime_capabilities,
- smime_capabilities_template);
- if (smime_encoded_caps == NULL)
- return SECFailure;
-
- lastUsedFortezza = isFortezza;
-
- return SECSuccess;
-}
-
-
-static SECStatus
-smime_add_profile (CERTCertificate *cert, SEC_PKCS7ContentInfo *cinfo)
-{
- PRBool isFortezza = PR_FALSE;
-
- PORT_Assert (smime_prefs_complete);
- if (! smime_prefs_complete)
- return SECFailure;
-
- /* See if the sender's cert specifies Fortezza key exchange. */
- if (cert != NULL)
- isFortezza = PK11_FortezzaHasKEA(cert);
-
- /* For that matter, if capabilities haven't been initialized yet,
- do so now. */
- if (isFortezza != lastUsedFortezza || smime_encoded_caps == NULL || smime_prefs_changed) {
- SECStatus rv;
-
- rv = smime_init_caps(isFortezza);
- if (rv != SECSuccess)
- return rv;
-
- PORT_Assert (smime_encoded_caps != NULL);
- }
-
- return SEC_PKCS7AddSignedAttribute (cinfo, SEC_OID_PKCS9_SMIME_CAPABILITIES,
- smime_encoded_caps);
-}
-
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "ecert" is the signer's encryption cert. If it is different from
- * scert, then it will be included in the signed message so that the
- * recipient can save it for future encryptions.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-
-SEC_PKCS7ContentInfo *
-SECMIME_CreateSigned (CERTCertificate *scert,
- CERTCertificate *ecert,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- /* See note in header comment above about digestalg. */
- /* Doesn't explain this. PORT_Assert (digestalg == SEC_OID_SHA1); */
-
- cinfo = SEC_PKCS7CreateSignedData (scert, certUsageEmailSigner,
- certdb, digestalg, digest,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- if (SEC_PKCS7IncludeCertChain (cinfo, NULL) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- /* if the encryption cert and the signing cert differ, then include
- * the encryption cert too.
- */
- /* it is ok to compare the pointers since we ref count, and the same
- * cert will always have the same pointer
- */
- if ( ( ecert != NULL ) && ( ecert != scert ) ) {
- rv = SEC_PKCS7AddCertificate(cinfo, ecert);
- if ( rv != SECSuccess ) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
- }
- /*
- * Add the signing time. But if it fails for some reason,
- * may as well not give up altogether -- just assert.
- */
- rv = SEC_PKCS7AddSigningTime (cinfo);
- PORT_Assert (rv == SECSuccess);
-
- /*
- * Add the email profile. Again, if it fails for some reason,
- * may as well not give up altogether -- just assert.
- */
- rv = smime_add_profile (ecert, cinfo);
- PORT_Assert (rv == SECSuccess);
-
- return cinfo;
-}
diff --git a/security/nss/lib/pkcs7/secmime.h b/security/nss/lib/pkcs7/secmime.h
deleted file mode 100644
index 6950e416f..000000000
--- a/security/nss/lib/pkcs7/secmime.h
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header file for routines specific to S/MIME. Keep things that are pure
- * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
- *
- * $Id$
- */
-
-#ifndef _SECMIME_H_
-#define _SECMIME_H_ 1
-
-#include "secpkcs7.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Initialize the local recording of the user S/MIME cipher preferences.
- * This function is called once for each cipher, the order being
- * important (first call records greatest preference, and so on).
- * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
- * If the function is called again after that, it is assumed that
- * the preferences are being reset, and the old preferences are
- * discarded.
- *
- * XXX This is for a particular user, and right now the storage is
- * XXX local, static. The preference should be stored elsewhere to allow
- * XXX for multiple uses of one library? How does SSL handle this;
- * XXX it has something similar?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled. (It is not necessary to call the function for
- * ciphers that are disabled, however, as that is the default.)
- *
- * If the cipher preference is successfully recorded, SECSuccess
- * is returned. Otherwise SECFailure is returned. The only errors
- * are due to failure allocating memory or bad parameters/calls:
- * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- * SEC_ERROR_XXX (function is being called more times than there
- * are known/expected ciphers)
- */
-extern SECStatus SECMIME_EnableCipher(long which, int on);
-
-/*
- * Initialize the local recording of the S/MIME policy.
- * This function is called to enable/disable a particular cipher.
- * (S/MIME encryption or decryption using a particular cipher is only
- * allowed if that cipher is currently enabled.) At startup, all S/MIME
- * ciphers are disabled. From that point, this function can be called
- * to enable a cipher -- it is not necessary to call this to disable
- * a cipher unless that cipher was previously, explicitly enabled via
- * this function.
- *
- * XXX This is for a the current module, I think, so local, static storage
- * XXX is okay. Is that correct, or could multiple uses of the same
- * XXX library expect to operate under different policies?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled.
- *
- * If the cipher is successfully enabled/disabled, SECSuccess is
- * returned. Otherwise SECFailure is returned. The only errors
- * are due to bad parameters:
- * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- * SEC_ERROR_XXX ("which" exceeds expected maximum cipher; this is
- * really an internal error)
- */
-extern SECStatus SECMIME_SetPolicy(long which, int on);
-
-/*
- * Does the current policy allow S/MIME decryption of this particular
- * algorithm and keysize?
- */
-extern PRBool SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-extern PRBool SECMIME_EncryptionPossible(void);
-
-/*
- * Start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender. It will be checked for validity.
- * "rcerts" are the certs for the recipients. They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SECMIME_CreateEncrypted(CERTCertificate *scert,
- CERTCertificate **rcerts,
- CERTCertDBHandle *certdb,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg);
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm. (It should be SEC_OID_SHA1;
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SECMIME_CreateSigned(CERTCertificate *scert,
- CERTCertificate *ecert,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/pkcs7/secpkcs7.h b/security/nss/lib/pkcs7/secpkcs7.h
deleted file mode 100644
index 8c210225b..000000000
--- a/security/nss/lib/pkcs7/secpkcs7.h
+++ /dev/null
@@ -1,616 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interface to the PKCS7 implementation.
- *
- * $Id$
- */
-
-#ifndef _SECPKCS7_H_
-#define _SECPKCS7_H_
-
-#include "seccomon.h"
-
-#include "secoidt.h"
-#include "certt.h"
-#include "keyt.h"
-#include "hasht.h"
-#include "pkcs7t.h"
-
-extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/************************************************************************
- * Miscellaneous
- ************************************************************************/
-
-/*
- * Returns the content type of the given contentInfo.
- */
-extern SECOidTag SEC_PKCS7ContentType (SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Destroy a PKCS7 contentInfo and all of its sub-pieces.
- */
-extern void SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
-
-/*
- * Copy a PKCS7 contentInfo. A Destroy is needed on *each* copy.
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
-
-/*
- * Return a pointer to the actual content. In the case of those types
- * which are encrypted, this returns the *plain* content.
- */
-extern SECItem *SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo);
-
-/************************************************************************
- * PKCS7 Decoding, Verification, etc..
- ************************************************************************/
-
-extern SEC_PKCS7DecoderContext *
-SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback callback,
- void *callback_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
-
-extern SECStatus
-SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
- const char *buf, unsigned long len);
-
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx);
-
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7DecodeItem(SECItem *p7item,
- SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
-
-extern PRBool SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo);
-
-/* checks to see if the contents of the content info is
- * empty. it so, PR_TRUE is returned. PR_FALSE, otherwise.
- *
- * minLen is used to specify a minimum size. if content size <= minLen,
- * content is assumed empty.
- */
-extern PRBool
-SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen);
-
-extern PRBool SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * If the PKCS7 content has a signature (not just *could* have a signature)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-extern PRBool SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * SEC_PKCS7VerifySignature
- * Look at a PKCS7 contentInfo and check if the signature is good.
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-extern PRBool SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- PRBool keepcerts);
-
-/*
- * SEC_PKCS7VerifyDetachedSignature
- * Look at a PKCS7 contentInfo and check if the signature matches
- * a passed-in digest (calculated, supposedly, from detached contents).
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-extern PRBool SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts);
-
-/*
- * SEC_PKCS7GetSignerCommonName, SEC_PKCS7GetSignerEmailAddress
- * The passed-in contentInfo is espected to be Signed, and these
- * functions return the specified portion of the full signer name.
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A NULL return value is an error.
- */
-extern char *SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo);
-extern char *SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Return the the signing time, in UTCTime format, of a PKCS7 contentInfo.
- */
-extern SECItem *SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo);
-
-
-/************************************************************************
- * PKCS7 Creation and Encoding.
- ************************************************************************/
-
-/*
- * Start a PKCS7 signing context.
- *
- * "cert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "signing" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * The return value can be passed to functions which add things to
- * it like attributes, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateSignedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * Create a PKCS7 certs-only container.
- *
- * "cert" is the (first) cert that will be included.
- *
- * "include_chain" specifies whether the entire chain for "cert" should
- * be included.
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL in when "include_chain" is false, or when meaning
- * use the default database.
- *
- * More certs and chains can be added via AddCertficate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateCertsOnly (CERTCertificate *cert,
- PRBool include_chain,
- CERTCertDBHandle *certdb);
-
-/*
- * Start a PKCS7 enveloping context.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
- *
- * "keysize" specifies the bulk encryption key size, in bits.
- *
- * The return value can be passed to functions which add things to
- * it like more recipients, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEnvelopedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag encalg,
- int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * XXX There will be a similar routine for creating signedAndEnvelopedData.
- * But its parameters will be different and I have no plans to implement
- * it any time soon because we have no current need for it.
- */
-
-/*
- * Create an empty PKCS7 data content info.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SEC_PKCS7CreateData (void);
-
-/*
- * Create an empty PKCS7 encrypted content info.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEncryptedData (SECOidTag algorithm, int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * All of the following things return SECStatus to signal success or failure.
- * Failure should have a more specific error status available via
- * PORT_GetError()/XP_GetError().
- */
-
-/*
- * Add the specified attribute to the authenticated (i.e. signed) attributes
- * of "cinfo" -- "oidtag" describes the attribute and "value" is the
- * value to be associated with it. NOTE! "value" must already be encoded;
- * no interpretation of "oidtag" is done. Also, it is assumed that this
- * signedData has only one signer -- if we ever need to add attributes
- * when there is more than one signature, we need a way to specify *which*
- * signature should get the attribute.
- *
- * XXX Technically, a signed attribute can have multiple values; if/when
- * we ever need to support an attribute which takes multiple values, we
- * either need to change this interface or create an AddSignedAttributeValue
- * which can be called subsequently, and would then append a value.
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-extern SECStatus SEC_PKCS7AddSignedAttribute (SEC_PKCS7ContentInfo *cinfo,
- SECOidTag oidtag,
- SECItem *value);
-
-/*
- * Add "cert" and its entire chain to the set of certs included in "cinfo".
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- CERTCertDBHandle *certdb);
-
-/*
- * Add "cert" to the set of certs included in "cinfo".
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddCertificate (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert);
-
-/*
- * Add another recipient to an encrypted message.
- *
- * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- */
-extern SECStatus SEC_PKCS7AddRecipient (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb);
-
-/*
- * Add the signing time to the authenticated (i.e. signed) attributes
- * of "cinfo". This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will either do
- * nothing or replace an old signing time with a newer one.
- *
- * XXX This will probably just shove the current time into "cinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-extern SECStatus SEC_PKCS7AddSigningTime (SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Add the signer's symmetric capabilities to the authenticated
- * (i.e. signed) attributes of "cinfo". This is expected to be
- * included in outgoing signed messages for email (S/MIME).
- *
- * This can only be added once; a second call will return SECFailure.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddSymmetricCapabilities(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Mark that the signer's certificate and its issuing chain should
- * be included in the encoded data. This is expected to be used
- * in outgoing signed messages for email (S/MIME).
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7IncludeCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertDBHandle *certdb);
-
-
-/*
- * Set the content; it will be included and also hashed and/or encrypted
- * as appropriate. This is for in-memory content (expected to be "small")
- * that will be included in the PKCS7 object. All others should stream the
- * content through when encoding (see SEC_PKCS7Encoder{Start,Update,Finish}).
- *
- * "buf" points to data of length "len"; it will be copied.
- */
-extern SECStatus SEC_PKCS7SetContent (SEC_PKCS7ContentInfo *cinfo,
- const char *buf, unsigned long len);
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECStatus SEC_PKCS7Encode (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only). The output, rather than
- * being passed to an output function as is done above, is all put
- * into a SECItem.
- *
- * "pool" specifies a pool from which to allocate the result.
- * It can be NULL, in which case memory is allocated generically.
- *
- * "dest" specifies a SECItem in which to put the result data.
- * It can be NULL, in which case the entire item is allocated, too.
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECItem *SEC_PKCS7EncodeItem (PRArenaPool *pool,
- SECItem *dest,
- SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/*
- * For those who want to simply point to the pkcs7 contentInfo ASN.1
- * template, and *not* call the encoding functions directly, the
- * following function can be used -- after it is called, the entire
- * PKCS7 contentInfo is ready to be encoded.
- */
-extern SECStatus SEC_PKCS7PrepareForEncode (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/*
- * Start the process of encoding a PKCS7 object. The first part of
- * the encoded object will be passed to the output function right away;
- * after that it is expected that SEC_PKCS7EncoderUpdate will be called,
- * streaming in the actual content that is getting included as well as
- * signed or encrypted (or both).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * Returns an object to be passed to EncoderUpdate and EncoderFinish.
- */
-extern SEC_PKCS7EncoderContext *
-SEC_PKCS7EncoderStart (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey);
-
-/*
- * Encode more contents, hashing and/or encrypting along the way.
- */
-extern SECStatus SEC_PKCS7EncoderUpdate (SEC_PKCS7EncoderContext *p7ecx,
- const char *buf,
- unsigned long len);
-
-/*
- * No more contents; finish the signature creation, if appropriate,
- * and then the encoding.
- *
- * "pwfn" is a callback for getting the password which protects the
- * signer's private key. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECStatus SEC_PKCS7EncoderFinish (SEC_PKCS7EncoderContext *p7ecx,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/* retrieve the algorithm ID used to encrypt the content info
- * for encrypted and enveloped data. The SECAlgorithmID pointer
- * returned needs to be freed as it is a copy of the algorithm
- * id in the content info.
- */
-extern SECAlgorithmID *
-SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo);
-
-/* the content of an encrypted data content info is encrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "plainContent" field of the content info.
- *
- * cinfo is the content info to encrypt
- *
- * key is the key with which to perform the encryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-extern SECStatus
-SEC_PKCS7EncryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx);
-
-/* the content of an encrypted data content info is decrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "encContent" field of the content info.
- *
- * cinfo is the content info to decrypt
- *
- * key is the key with which to perform the decryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-extern SECStatus
-SEC_PKCS7DecryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx);
-
-/* retrieve the certificate list from the content info. the list
- * is a pointer to the list in the content info. this should not
- * be deleted or freed in any way short of calling
- * SEC_PKCS7DestroyContentInfo
- */
-extern SECItem **
-SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo);
-
-/* Returns the key length (in bits) of the algorithm used to encrypt
- this object. Returns 0 if it's not encrypted, or the key length is
- irrelevant. */
-extern int
-SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo);
-
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECPKCS7_H_ */
diff --git a/security/nss/lib/pki/Makefile b/security/nss/lib/pki/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/pki/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/pki/asymmkey.c b/security/nss/lib/pki/asymmkey.c
deleted file mode 100644
index 89bff0f10..000000000
--- a/security/nss/lib/pki/asymmkey.c
+++ /dev/null
@@ -1,431 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSPrivateKey_Destroy (
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPrivateKey_DeleteStoredObject (
- NSSPrivateKey *vk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSPrivateKey_GetSignatureLength (
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSPrivateKey_GetPrivateModulusLength (
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRBool
-NSSPrivateKey_IsStillPresent (
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Encode (
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *ap,
- NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSPrivateKey_GetTrustDomain (
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSPrivateKey_GetToken (
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSPrivateKey_GetSlot (
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSPrivateKey_GetModule (
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Decrypt (
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Sign (
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_SignRecover (
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey (
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey (
- NSSPrivateKey *vk,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSPrivateKey_FindPublicKey (
- NSSPrivateKey *vk
- /* { don't need the callback here, right? } */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSPrivateKey_CreateCryptoContext (
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSPrivateKey_FindCertificates (
- NSSPrivateKey *vk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSPrivateKey_FindBestCertificate (
- NSSPrivateKey *vk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_Destroy (
- NSSPublicKey *bk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_DeleteStoredObject (
- NSSPublicKey *bk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_Encode (
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *ap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSPublicKey_GetTrustDomain (
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSPublicKey_GetToken (
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSPublicKey_GetSlot (
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSPublicKey_GetModule (
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_Encrypt (
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_Verify (
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_VerifyRecover (
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_WrapSymmetricKey (
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSPublicKey_CreateCryptoContext (
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSPublicKey_FindCertificates (
- NSSPublicKey *bk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSPublicKey_FindBestCertificate (
- NSSPublicKey *bk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSPublicKey_FindPrivateKey (
- NSSPublicKey *bk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/certdecode.c b/security/nss/lib/pki/certdecode.c
deleted file mode 100644
index ccbffd842..000000000
--- a/security/nss/lib/pki/certdecode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifdef NSS_3_4_CODE
-/* This is defined in nss3hack.c */
-NSS_EXTERN nssDecodedCert *
-nssDecodedPKIXCertificate_Create (
- NSSArena *arenaOpt,
- NSSDER *encoding
-);
-
-NSS_IMPLEMENT PRStatus
-nssDecodedPKIXCertificate_Destroy (
- nssDecodedCert *dc
-);
-#else /* NSS_4_0_CODE */
-/* This is where 4.0 PKIX code will handle the decoding */
-static nssDecodedCert *
-nssDecodedPKIXCertificate_Create (
- NSSArena *arenaOpt,
- NSSDER *encoding
-)
-{
- return (nssDecodedCert *)NULL;
-}
-
-static PRStatus
-nssDecodedPKIXCertificate_Destroy (
- nssDecodedCert *dc
-)
-{
- return PR_FAILURE;
-}
-#endif /* not NSS_3_4_CODE */
-
-NSS_IMPLEMENT nssDecodedCert *
-nssDecodedCert_Create (
- NSSArena *arenaOpt,
- NSSDER *encoding,
- NSSCertificateType type
-)
-{
- nssDecodedCert *rvDC = NULL;
- switch(type) {
- case NSSCertificateType_PKIX:
- rvDC = nssDecodedPKIXCertificate_Create(arenaOpt, encoding);
- break;
- default:
-#if 0
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-#endif
- return (nssDecodedCert *)NULL;
- }
- return rvDC;
-}
-
-NSS_IMPLEMENT PRStatus
-nssDecodedCert_Destroy (
- nssDecodedCert *dc
-)
-{
- if (!dc) {
- return PR_FAILURE;
- }
- switch(dc->type) {
- case NSSCertificateType_PKIX:
- return nssDecodedPKIXCertificate_Destroy(dc);
- default:
-#if 0
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-#endif
- break;
- }
- return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c
deleted file mode 100644
index f2707f959..000000000
--- a/security/nss/lib/pki/certificate.c
+++ /dev/null
@@ -1,1183 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#include "pkistore.h"
-
-#ifdef NSS_3_4_CODE
-#include "pki3hack.h"
-#include "pk11func.h"
-#include "hasht.h"
-#endif
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-/* Creates a certificate from a base object */
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_Create (
- nssPKIObject *object
-)
-{
- PRStatus status;
- NSSCertificate *rvCert;
- /* mark? */
- NSSArena *arena = object->arena;
- PR_ASSERT(object->instances != NULL && object->numInstances > 0);
- rvCert = nss_ZNEW(arena, NSSCertificate);
- if (!rvCert) {
- return (NSSCertificate *)NULL;
- }
- rvCert->object = *object;
- /* XXX should choose instance based on some criteria */
- status = nssCryptokiCertificate_GetAttributes(object->instances[0],
- NULL, /* XXX sessionOpt */
- arena,
- &rvCert->type,
- &rvCert->id,
- &rvCert->encoding,
- &rvCert->issuer,
- &rvCert->serial,
- &rvCert->subject);
- if (status != PR_SUCCESS) {
- return (NSSCertificate *)NULL;
- }
- /* all certs need an encoding value */
- if (rvCert->encoding.data == NULL) {
- return (NSSCertificate *)NULL;
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_AddRef (
- NSSCertificate *c
-)
-{
- if (c) {
- nssPKIObject_AddRef(&c->object);
- }
- return c;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCertificate_Destroy (
- NSSCertificate *c
-)
-{
- if (c) {
- PRUint32 i;
- nssDecodedCert *dc = c->decoding;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSCryptoContext *cc = c->object.cryptoContext;
-
- PR_ASSERT(c->object.refCount > 0);
-
- /* --- LOCK storage --- */
- if (cc) {
- nssCertificateStore_Lock(cc->certStore);
- } else {
- nssTrustDomain_LockCertCache(td);
- }
- PR_AtomicDecrement(&c->object.refCount);
- if (c->object.refCount == 0) {
- /* --- remove cert and UNLOCK storage --- */
- if (cc) {
- nssCertificateStore_RemoveCertLOCKED(cc->certStore, c);
- nssCertificateStore_Unlock(cc->certStore);
- } else {
- nssTrustDomain_RemoveCertFromCacheLOCKED(td, c);
- nssTrustDomain_UnlockCertCache(td);
- }
- /* free cert data */
- for (i=0; i<c->object.numInstances; i++) {
- nssCryptokiObject_Destroy(c->object.instances[i]);
- }
- PZ_DestroyLock(c->object.lock);
- nssArena_Destroy(c->object.arena);
- nssDecodedCert_Destroy(dc);
- } else {
- /* --- UNLOCK storage --- */
- if (cc) {
- nssCertificateStore_Unlock(cc->certStore);
- } else {
- nssTrustDomain_UnlockCertCache(td);
- }
- }
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Destroy (
- NSSCertificate *c
-)
-{
- return nssCertificate_Destroy(c);
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetEncoding (
- NSSCertificate *c
-)
-{
- if (c->encoding.size > 0 && c->encoding.data) {
- return &c->encoding;
- } else {
- return (NSSDER *)NULL;
- }
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetIssuer (
- NSSCertificate *c
-)
-{
- if (c->issuer.size > 0 && c->issuer.data) {
- return &c->issuer;
- } else {
- return (NSSDER *)NULL;
- }
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetSerialNumber (
- NSSCertificate *c
-)
-{
- if (c->serial.size > 0 && c->serial.data) {
- return &c->serial;
- } else {
- return (NSSDER *)NULL;
- }
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetSubject (
- NSSCertificate *c
-)
-{
- if (c->subject.size > 0 && c->subject.data) {
- return &c->subject;
- } else {
- return (NSSDER *)NULL;
- }
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssCertificate_GetNickname (
- NSSCertificate *c,
- NSSToken *tokenOpt
-)
-{
- return nssPKIObject_GetNicknameForToken(&c->object, tokenOpt);
-}
-
-NSS_IMPLEMENT NSSASCII7 *
-nssCertificate_GetEmailAddress (
- NSSCertificate *c
-)
-{
- return c->email;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_DeleteStoredObject (
- NSSCertificate *c,
- NSSCallback *uhh
-)
-{
- return nssPKIObject_DeleteStoredObject(&c->object, uhh, PR_TRUE);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Validate (
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT void ** /* void *[] */
-NSSCertificate_ValidateCompletely (
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt, /* NULL for none */
- void **rvOpt, /* NULL for allocate */
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt /* NULL for heap */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies (
- NSSCertificate *c,
- NSSTime **notBeforeOutOpt,
- NSSTime **notAfterOutOpt,
- void *allowedUsages,
- void *disallowedUsages,
- void *allowedPolicies,
- void *disallowedPolicies,
- /* more args.. work on this fgmr */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSDER *
-NSSCertificate_Encode (
- NSSCertificate *c,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- /* Item, DER, BER are all typedefs now... */
- return nssItem_Duplicate((NSSItem *)&c->encoding, arenaOpt, rvOpt);
-}
-
-NSS_IMPLEMENT nssDecodedCert *
-nssCertificate_GetDecoding (
- NSSCertificate *c
-)
-{
- if (!c->decoding) {
- c->decoding = nssDecodedCert_Create(NULL, &c->encoding, c->type);
- }
- return c->decoding;
-}
-
-static NSSCertificate **
-filter_subject_certs_for_id (
- NSSCertificate **subjectCerts,
- void *id
-)
-{
- NSSCertificate **si;
- nssDecodedCert *dcp;
- int nextOpenSlot = 0;
- int i;
- nssCertIDMatch matchLevel = nssCertIDMatch_Unknown;
- nssCertIDMatch match;
-
- /* walk the subject certs */
- for (si = subjectCerts; *si; si++) {
- dcp = nssCertificate_GetDecoding(*si);
- if (!dcp) {
- NSSCertificate_Destroy(*si);
- continue;
- }
- match = dcp->matchIdentifier(dcp, id);
- switch (match) {
- case nssCertIDMatch_Yes:
- if (matchLevel == nssCertIDMatch_Unknown) {
- /* we have non-definitive matches, forget them */
- for (i = 0; i < nextOpenSlot; i++) {
- NSSCertificate_Destroy(subjectCerts[i]);
- subjectCerts[i] = NULL;
- }
- nextOpenSlot = 0;
- /* only keep definitive matches from now on */
- matchLevel = nssCertIDMatch_Yes;
- }
- /* keep the cert */
- subjectCerts[nextOpenSlot++] = *si;
- break;
- case nssCertIDMatch_Unknown:
- if (matchLevel == nssCertIDMatch_Unknown) {
- /* only have non-definitive matches so far, keep it */
- subjectCerts[nextOpenSlot++] = *si;
- break;
- }
- /* else fall through, we have a definitive match already */
- case nssCertIDMatch_No:
- default:
- NSSCertificate_Destroy(*si);
- *si = NULL;
- }
- }
- subjectCerts[nextOpenSlot] = NULL;
- return subjectCerts;
-}
-
-static NSSCertificate **
-filter_certs_for_valid_issuers (
- NSSCertificate **certs
-)
-{
- NSSCertificate **cp;
- nssDecodedCert *dcp;
- int nextOpenSlot = 0;
- int i;
-
- for (cp = certs; *cp; cp++) {
- dcp = nssCertificate_GetDecoding(*cp);
- if (dcp && dcp->isValidIssuer(dcp)) {
- certs[nextOpenSlot++] = *cp;
- } else {
- NSSCertificate_Destroy(*cp);
- }
- }
- certs[nextOpenSlot] = NULL;
- return certs;
-}
-
-static NSSCertificate *
-find_cert_issuer (
- NSSCertificate *c,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- NSSArena *arena;
- NSSCertificate **certs = NULL;
- NSSCertificate **ccIssuers = NULL;
- NSSCertificate **tdIssuers = NULL;
- NSSCertificate *issuer = NULL;
- NSSTrustDomain *td;
- NSSCryptoContext *cc;
- cc = c->object.cryptoContext; /* NSSCertificate_GetCryptoContext(c); */
- td = NSSCertificate_GetTrustDomain(c);
-#ifdef NSS_3_4_CODE
- if (!td) {
- td = STAN_GetDefaultTrustDomain();
- }
-#endif
- arena = nssArena_Create();
- if (!arena) {
- return (NSSCertificate *)NULL;
- }
- if (cc) {
- ccIssuers = nssCryptoContext_FindCertificatesBySubject(cc,
- &c->issuer,
- NULL,
- 0,
- arena);
- }
- tdIssuers = nssTrustDomain_FindCertificatesBySubject(td,
- &c->issuer,
- NULL,
- 0,
- arena);
- certs = nssCertificateArray_Join(ccIssuers, tdIssuers);
- if (certs) {
- nssDecodedCert *dc = NULL;
- void *issuerID = NULL;
- dc = nssCertificate_GetDecoding(c);
- if (dc) {
- issuerID = dc->getIssuerIdentifier(dc);
- }
- if (issuerID) {
- certs = filter_subject_certs_for_id(certs, issuerID);
- }
- certs = filter_certs_for_valid_issuers(certs);
- issuer = nssCertificateArray_FindBestCertificate(certs,
- timeOpt,
- usage,
- policiesOpt);
- nssCertificateArray_Destroy(certs);
- }
- nssArena_Destroy(arena);
- return issuer;
-}
-
-/* XXX review based on CERT_FindCertIssuer
- * this function is not using the authCertIssuer field as a fallback
- * if authority key id does not exist
- */
-NSS_IMPLEMENT NSSCertificate **
-nssCertificate_BuildChain (
- NSSCertificate *c,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit,
- NSSArena *arenaOpt,
- PRStatus *statusOpt
-)
-{
- NSSCertificate **rvChain;
-#ifdef NSS_3_4_CODE
- NSSCertificate *cp;
- CERTCertificate *cCert;
-#endif
- NSSUsage issuerUsage = *usage;
- NSSTrustDomain *td;
- nssPKIObjectCollection *collection;
-
- td = NSSCertificate_GetTrustDomain(c);
-#ifdef NSS_3_4_CODE
- if (!td) {
- td = STAN_GetDefaultTrustDomain();
- }
- /* bump the usage up to CA level */
- issuerUsage.nss3lookingForCA = PR_TRUE;
-#endif
- if (statusOpt) *statusOpt = PR_SUCCESS;
- collection = nssCertificateCollection_Create(td, NULL);
- if (!collection) {
- if (statusOpt) *statusOpt = PR_FAILURE;
- return (NSSCertificate **)NULL;
- }
- nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
- if (rvLimit == 1) {
- goto finish;
- }
- /* XXX This breaks code for which NSS_3_4_CODE is not defined (pure
- * 4.0 builds). That won't affect the tip. But be careful
- * when merging 4.0!!!
- */
- while (c != (NSSCertificate *)NULL) {
-#ifdef NSS_3_4_CODE
- cCert = STAN_GetCERTCertificate(c);
- if (cCert->isRoot) {
- /* not including the issuer of the self-signed cert, which is,
- * of course, itself
- */
- break;
- }
- cp = c;
-#endif
- c = find_cert_issuer(c, timeOpt, &issuerUsage, policiesOpt);
- if (c) {
- nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
- nssCertificate_Destroy(c); /* collection has it */
- if (rvLimit > 0 &&
- nssPKIObjectCollection_Count(collection) == rvLimit)
- {
- break;
- }
- } else {
- nss_SetError(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND);
- if (statusOpt) *statusOpt = PR_FAILURE;
- break;
- }
- }
-finish:
- rvChain = nssPKIObjectCollection_GetCertificates(collection,
- rvOpt,
- rvLimit,
- arenaOpt);
- nssPKIObjectCollection_Destroy(collection);
- return rvChain;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCertificate_BuildChain (
- NSSCertificate *c,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt,
- PRStatus *statusOpt
-)
-{
- return nssCertificate_BuildChain(c, timeOpt, usage, policiesOpt,
- rvOpt, rvLimit, arenaOpt, statusOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-nssCertificate_GetCryptoContext (
- NSSCertificate *c
-)
-{
- return c->object.cryptoContext;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-nssCertificate_GetTrustDomain (
- NSSCertificate *c
-)
-{
- return c->object.trustDomain;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSCertificate_GetTrustDomain (
- NSSCertificate *c
-)
-{
- return nssCertificate_GetTrustDomain(c);
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSCertificate_GetToken (
- NSSCertificate *c,
- PRStatus *statusOpt
-)
-{
- return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSCertificate_GetSlot (
- NSSCertificate *c,
- PRStatus *statusOpt
-)
-{
- return (NSSSlot *)NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSCertificate_GetModule (
- NSSCertificate *c,
- PRStatus *statusOpt
-)
-{
- return (NSSModule *)NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_Encrypt (
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Verify (
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_VerifyRecover (
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_WrapSymmetricKey (
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSCertificate_CreateCryptoContext (
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSCertificate_GetPublicKey (
- NSSCertificate *c
-)
-{
-#if 0
- CK_ATTRIBUTE pubktemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ID, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 }
- };
- PRStatus nssrv;
- CK_ULONG count = sizeof(pubktemplate) / sizeof(pubktemplate[0]);
- NSS_CK_SET_ATTRIBUTE_ITEM(pubktemplate, 0, &g_ck_class_pubkey);
- if (c->id.size > 0) {
- /* CKA_ID */
- NSS_CK_ITEM_TO_ATTRIBUTE(&c->id, &pubktemplate[1]);
- } else {
- /* failure, yes? */
- return (NSSPublicKey *)NULL;
- }
- if (c->subject.size > 0) {
- /* CKA_SUBJECT */
- NSS_CK_ITEM_TO_ATTRIBUTE(&c->subject, &pubktemplate[2]);
- } else {
- /* failure, yes? */
- return (NSSPublicKey *)NULL;
- }
- /* Try the cert's token first */
- if (c->token) {
- nssrv = nssToken_FindObjectByTemplate(c->token, pubktemplate, count);
- }
-#endif
- /* Try all other key tokens */
- return (NSSPublicKey *)NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSCertificate_FindPrivateKey (
- NSSCertificate *c,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRBool
-NSSCertificate_IsPrivateKeyAvailable (
- NSSCertificate *c,
- NSSCallback *uhh,
- PRStatus *statusOpt
-)
-{
- PRBool isUser = PR_FALSE;
- nssCryptokiObject **ip;
- nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
- if (!instances) {
- return PR_FALSE;
- }
- for (ip = instances; *ip; ip++) {
- nssCryptokiObject *instance = *ip;
- if (nssToken_IsPrivateKeyAvailable(instance->token, c, instance)) {
- isUser = PR_TRUE;
- }
- }
- nssCryptokiObjectArray_Destroy(instances);
- return isUser;
-}
-
-NSS_IMPLEMENT PRBool
-NSSUserCertificate_IsStillPresent (
- NSSUserCertificate *uc,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Decrypt (
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Sign (
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_SignRecover (
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey (
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey (
- NSSUserCertificate *uc, /* provides private key */
- NSSCertificate *c, /* provides public key */
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT void
-nssBestCertificate_SetArgs (
- nssBestCertificateCB *best,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policies
-)
-{
- if (timeOpt) {
- best->time = timeOpt;
- } else {
- NSSTime_Now(&best->sTime);
- best->time = &best->sTime;
- }
- best->usage = usage;
- best->policies = policies;
- best->cert = NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssBestCertificate_Callback (
- NSSCertificate *c,
- void *arg
-)
-{
- nssBestCertificateCB *best = (nssBestCertificateCB *)arg;
- nssDecodedCert *dc, *bestdc;
- dc = nssCertificate_GetDecoding(c);
- if (!best->cert) {
- /* usage */
- if (best->usage->anyUsage) {
- best->cert = nssCertificate_AddRef(c);
- } else {
-#ifdef NSS_3_4_CODE
- /* For this to work in NSS 3.4, we have to go out and fill in
- * all of the CERTCertificate fields. Why? Because the
- * matchUsage function calls CERT_IsCACert, which needs to know
- * what the trust values are for the cert.
- * Ignore the returned pointer, the refcount is in c anyway.
- */
- if (STAN_GetCERTCertificate(c) == NULL) {
- return PR_FAILURE;
- }
-#endif
- if (dc->matchUsage(dc, best->usage)) {
- best->cert = nssCertificate_AddRef(c);
- }
- }
- return PR_SUCCESS;
- }
- bestdc = nssCertificate_GetDecoding(best->cert);
- /* time */
- if (bestdc->isValidAtTime(bestdc, best->time)) {
- /* The current best cert is valid at time */
- if (!dc->isValidAtTime(dc, best->time)) {
- /* If the new cert isn't valid at time, it's not better */
- return PR_SUCCESS;
- }
- } else {
- /* The current best cert is not valid at time */
- if (dc->isValidAtTime(dc, best->time)) {
- /* If the new cert is valid at time, it's better */
- NSSCertificate_Destroy(best->cert);
- best->cert = nssCertificate_AddRef(c);
- return PR_SUCCESS;
- }
- }
- /* either they are both valid at time, or neither valid; take the newer */
- /* XXX later -- defer to policies */
- if (!bestdc->isNewerThan(bestdc, dc)) {
- NSSCertificate_Destroy(best->cert);
- best->cert = nssCertificate_AddRef(c);
- }
- /* policies */
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssSMIMEProfile_Create (
- NSSCertificate *cert,
- NSSItem *profileTime,
- NSSItem *profileData
-)
-{
- NSSArena *arena;
- nssSMIMEProfile *rvProfile;
- nssPKIObject *object;
- NSSTrustDomain *td = nssCertificate_GetTrustDomain(cert);
- NSSCryptoContext *cc = nssCertificate_GetCryptoContext(cert);
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- object = nssPKIObject_Create(arena, NULL, td, cc);
- if (!object) {
- goto loser;
- }
- rvProfile = nss_ZNEW(arena, nssSMIMEProfile);
- if (!rvProfile) {
- goto loser;
- }
- rvProfile->object = *object;
- rvProfile->certificate = cert;
- rvProfile->email = nssUTF8_Duplicate(cert->email, arena);
- rvProfile->subject = nssItem_Duplicate(&cert->subject, arena, NULL);
- if (profileTime) {
- rvProfile->profileTime = nssItem_Duplicate(profileTime, arena, NULL);
- }
- if (profileData) {
- rvProfile->profileData = nssItem_Duplicate(profileData, arena, NULL);
- }
- return rvProfile;
-loser:
- nssPKIObject_Destroy(object);
- return (nssSMIMEProfile *)NULL;
-}
-
-/* execute a callback function on all members of a cert list */
-NSS_EXTERN PRStatus
-nssCertificateList_DoCallback (
- nssList *certList,
- PRStatus (* callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- nssListIterator *certs;
- NSSCertificate *cert;
- PRStatus nssrv;
- certs = nssList_CreateIterator(certList);
- for (cert = (NSSCertificate *)nssListIterator_Start(certs);
- cert != (NSSCertificate *)NULL;
- cert = (NSSCertificate *)nssListIterator_Next(certs))
- {
- nssrv = (*callback)(cert, arg);
- }
- nssListIterator_Finish(certs);
- nssListIterator_Destroy(certs);
- return PR_SUCCESS;
-}
-
-static PRStatus add_ref_callback(NSSCertificate *c, void *a)
-{
- nssCertificate_AddRef(c);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssCertificateList_AddReferences (
- nssList *certList
-)
-{
- (void)nssCertificateList_DoCallback(certList, add_ref_callback, NULL);
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssTrust_Create (
- nssPKIObject *object,
- NSSItem *certData
-)
-{
- PRStatus status;
- PRUint32 i;
- PRUint32 lastTrustOrder, myTrustOrder;
- unsigned char sha1_hashcmp[SHA1_LENGTH];
- unsigned char sha1_hashin[SHA1_LENGTH];
- NSSItem sha1_hash;
- NSSTrust *rvt;
- nssCryptokiObject *instance;
- nssTrustLevel serverAuth, clientAuth, codeSigning, emailProtection;
- SECStatus rv; /* Should be stan flavor */
- lastTrustOrder = 1<<16; /* just make it big */
- PR_ASSERT(object->instances != NULL && object->numInstances > 0);
- rvt = nss_ZNEW(object->arena, NSSTrust);
- if (!rvt) {
- return (NSSTrust *)NULL;
- }
- rvt->object = *object;
-
- /* should be stan flavor of Hashbuf */
- rv = PK11_HashBuf(SEC_OID_SHA1,sha1_hashcmp,certData->data,certData->size);
- if (rv != SECSuccess) {
- return (NSSTrust *)NULL;
- }
- sha1_hash.data = sha1_hashin;
- sha1_hash.size = sizeof (sha1_hashin);
- /* trust has to peek into the base object members */
- PZ_Lock(object->lock);
- for (i=0; i<object->numInstances; i++) {
- instance = object->instances[i];
- myTrustOrder = nssToken_GetTrustOrder(instance->token);
- status = nssCryptokiTrust_GetAttributes(instance, NULL,
- &sha1_hash,
- &serverAuth,
- &clientAuth,
- &codeSigning,
- &emailProtection);
- if (status != PR_SUCCESS) {
- PZ_Unlock(object->lock);
- return (NSSTrust *)NULL;
- }
- if (PORT_Memcmp(sha1_hashin,sha1_hashcmp,SHA1_LENGTH) != 0) {
- PZ_Unlock(object->lock);
- return (NSSTrust *)NULL;
- }
- if (rvt->serverAuth == nssTrustLevel_Unknown ||
- myTrustOrder < lastTrustOrder)
- {
- rvt->serverAuth = serverAuth;
- }
- if (rvt->clientAuth == nssTrustLevel_Unknown ||
- myTrustOrder < lastTrustOrder)
- {
- rvt->clientAuth = clientAuth;
- }
- if (rvt->emailProtection == nssTrustLevel_Unknown ||
- myTrustOrder < lastTrustOrder)
- {
- rvt->emailProtection = emailProtection;
- }
- if (rvt->codeSigning == nssTrustLevel_Unknown ||
- myTrustOrder < lastTrustOrder)
- {
- rvt->codeSigning = codeSigning;
- }
- lastTrustOrder = myTrustOrder;
- }
- PZ_Unlock(object->lock);
- return rvt;
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssTrust_AddRef (
- NSSTrust *trust
-)
-{
- if (trust) {
- nssPKIObject_AddRef(&trust->object);
- }
- return trust;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrust_Destroy (
- NSSTrust *trust
-)
-{
- if (trust) {
- (void)nssPKIObject_Destroy(&trust->object);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssSMIMEProfile_AddRef (
- nssSMIMEProfile *profile
-)
-{
- if (profile) {
- nssPKIObject_AddRef(&profile->object);
- }
- return profile;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSMIMEProfile_Destroy (
- nssSMIMEProfile *profile
-)
-{
- if (profile) {
- (void)nssPKIObject_Destroy(&profile->object);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSCRL *
-nssCRL_Create (
- nssPKIObject *object
-)
-{
- PRStatus status;
- NSSCRL *rvCRL;
- NSSArena *arena = object->arena;
- PR_ASSERT(object->instances != NULL && object->numInstances > 0);
- rvCRL = nss_ZNEW(arena, NSSCRL);
- if (!rvCRL) {
- return (NSSCRL *)NULL;
- }
- rvCRL->object = *object;
- /* XXX should choose instance based on some criteria */
- status = nssCryptokiCRL_GetAttributes(object->instances[0],
- NULL, /* XXX sessionOpt */
- arena,
- &rvCRL->encoding,
- NULL, /* subject */
- NULL, /* class */
- &rvCRL->url,
- &rvCRL->isKRL);
- if (status != PR_SUCCESS) {
- return (NSSCRL *)NULL;
- }
- return rvCRL;
-}
-
-NSS_IMPLEMENT NSSCRL *
-nssCRL_AddRef (
- NSSCRL *crl
-)
-{
- if (crl) {
- nssPKIObject_AddRef(&crl->object);
- }
- return crl;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCRL_Destroy (
- NSSCRL *crl
-)
-{
- if (crl) {
- (void)nssPKIObject_Destroy(&crl->object);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCRL_DeleteStoredObject (
- NSSCRL *crl,
- NSSCallback *uhh
-)
-{
- return nssPKIObject_DeleteStoredObject(&crl->object, uhh, PR_TRUE);
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCRL_GetEncoding (
- NSSCRL *crl
-)
-{
- if (crl->encoding.data != NULL && crl->encoding.size > 0) {
- return &crl->encoding;
- } else {
- return (NSSDER *)NULL;
- }
-}
diff --git a/security/nss/lib/pki/config.mk b/security/nss/lib/pki/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/pki/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/pki/cryptocontext.c b/security/nss/lib/pki/cryptocontext.c
deleted file mode 100644
index f1cac0d87..000000000
--- a/security/nss/lib/pki/cryptocontext.c
+++ /dev/null
@@ -1,1003 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKISTORE_H
-#include "pkistore.h"
-#endif /* PKISTORE_H */
-
-#include "pki1t.h"
-
-#ifdef PURE_STAN_BUILD
-struct NSSCryptoContextStr
-{
- PRInt32 refCount;
- NSSArena *arena;
- NSSTrustDomain *td;
- NSSToken *token;
- nssSession *session;
- nssCertificateStore *certStore;
-};
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT NSSCryptoContext *
-nssCryptoContext_Create (
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-)
-{
- NSSArena *arena;
- NSSCryptoContext *rvCC;
- arena = NSSArena_Create();
- if (!arena) {
- return NULL;
- }
- rvCC = nss_ZNEW(arena, NSSCryptoContext);
- if (!rvCC) {
- return NULL;
- }
- rvCC->td = td;
- rvCC->arena = arena;
- return rvCC;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_Destroy (
- NSSCryptoContext *cc
-)
-{
- PRStatus status = PR_SUCCESS;
- if (cc->certStore) {
- status = nssCertificateStore_Destroy(cc->certStore);
- if (status == PR_FAILURE) {
- return status;
- }
- }
- nssArena_Destroy(cc->arena);
- return status;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_SetDefaultCallback (
- NSSCryptoContext *td,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCallback *
-NSSCryptoContext_GetDefaultCallback (
- NSSCryptoContext *td,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSCryptoContext_GetTrustDomain (
- NSSCryptoContext *td
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ImportCertificate (
- NSSCryptoContext *cc,
- NSSCertificate *c
-)
-{
- PRStatus nssrv;
- if (!cc->certStore) {
- cc->certStore = nssCertificateStore_Create(cc->arena);
- if (!cc->certStore) {
- return PR_FAILURE;
- }
- }
- nssrv = nssCertificateStore_Add(cc->certStore, c);
- if (nssrv == PR_SUCCESS) {
- c->object.cryptoContext = cc;
- }
- return nssrv;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_ImportPKIXCertificate (
- NSSCryptoContext *cc,
- struct NSSPKIXCertificateStr *pc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_ImportEncodedCertificate (
- NSSCryptoContext *cc,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ImportEncodedPKIXCertificateChain (
- NSSCryptoContext *cc,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptoContext_ImportTrust (
- NSSCryptoContext *cc,
- NSSTrust *trust
-)
-{
- PRStatus nssrv;
- if (!cc->certStore) {
- cc->certStore = nssCertificateStore_Create(cc->arena);
- if (!cc->certStore) {
- return PR_FAILURE;
- }
- }
- nssrv = nssCertificateStore_AddTrust(cc->certStore, trust);
-#if 0
- if (nssrv == PR_SUCCESS) {
- trust->object.cryptoContext = cc;
- }
-#endif
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptoContext_ImportSMIMEProfile (
- NSSCryptoContext *cc,
- nssSMIMEProfile *profile
-)
-{
- PRStatus nssrv;
- if (!cc->certStore) {
- cc->certStore = nssCertificateStore_Create(cc->arena);
- if (!cc->certStore) {
- return PR_FAILURE;
- }
- }
- nssrv = nssCertificateStore_AddSMIMEProfile(cc->certStore, profile);
-#if 0
- if (nssrv == PR_SUCCESS) {
- profile->object.cryptoContext = cc;
- }
-#endif
- return nssrv;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNickname (
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-)
-{
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
- if (!cc->certStore) {
- return NULL;
- }
- certs = nssCertificateStore_FindCertificatesByNickname(cc->certStore,
- name,
- NULL, 0, NULL);
- if (certs) {
- rvCert = nssCertificateArray_FindBestCertificate(certs,
- timeOpt,
- usage,
- policiesOpt);
- nssCertificateArray_Destroy(certs);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByNickname (
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvCerts;
- if (!cc->certStore) {
- return NULL;
- }
- rvCerts = nssCertificateStore_FindCertificatesByNickname(cc->certStore,
- name,
- rvOpt,
- maximumOpt,
- arenaOpt);
- return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByIssuerAndSerialNumber (
- NSSCryptoContext *cc,
- NSSDER *issuer,
- NSSDER *serialNumber
-)
-{
- if (!cc->certStore) {
- return NULL;
- }
- return nssCertificateStore_FindCertificateByIssuerAndSerialNumber(
- cc->certStore,
- issuer,
- serialNumber);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateBySubject (
- NSSCryptoContext *cc,
- NSSDER *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
- if (!cc->certStore) {
- return NULL;
- }
- certs = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
- subject,
- NULL, 0, NULL);
- if (certs) {
- rvCert = nssCertificateArray_FindBestCertificate(certs,
- timeOpt,
- usage,
- policiesOpt);
- nssCertificateArray_Destroy(certs);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssCryptoContext_FindCertificatesBySubject (
- NSSCryptoContext *cc,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvCerts;
- if (!cc->certStore) {
- return NULL;
- }
- rvCerts = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
- subject,
- rvOpt,
- maximumOpt,
- arenaOpt);
- return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesBySubject (
- NSSCryptoContext *cc,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- return nssCryptoContext_FindCertificatesBySubject(cc, subject,
- rvOpt, maximumOpt,
- arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNameComponents (
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByNameComponents (
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByEncodedCertificate (
- NSSCryptoContext *cc,
- NSSBER *encodedCertificate
-)
-{
- if (!cc->certStore) {
- return NULL;
- }
- return nssCertificateStore_FindCertificateByEncodedCertificate(
- cc->certStore,
- encodedCertificate);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByEmail (
- NSSCryptoContext *cc,
- NSSASCII7 *email,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
- if (!cc->certStore) {
- return NULL;
- }
- certs = nssCertificateStore_FindCertificatesByEmail(cc->certStore,
- email,
- NULL, 0, NULL);
- if (certs) {
- rvCert = nssCertificateArray_FindBestCertificate(certs,
- timeOpt,
- usage,
- policiesOpt);
- nssCertificateArray_Destroy(certs);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByEmail (
- NSSCryptoContext *cc,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvCerts;
- if (!cc->certStore) {
- return NULL;
- }
- rvCerts = nssCertificateStore_FindCertificatesByEmail(cc->certStore,
- email,
- rvOpt,
- maximumOpt,
- arenaOpt);
- return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByOCSPHash (
- NSSCryptoContext *cc,
- NSSItem *hash
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificate (
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindUserCertificates (
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForSSLClientAuth (
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindUserCertificatesForSSLClientAuth (
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForEmailSigning (
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindUserCertificatesForEmailSigning (
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt, /* fgmr or a more general name? */
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssCryptoContext_FindTrustForCertificate (
- NSSCryptoContext *cc,
- NSSCertificate *cert
-)
-{
- if (!cc->certStore) {
- return NULL;
- }
- return nssCertificateStore_FindTrustForCertificate(cc->certStore, cert);
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssCryptoContext_FindSMIMEProfileForCertificate (
- NSSCryptoContext *cc,
- NSSCertificate *cert
-)
-{
- if (!cc->certStore) {
- return NULL;
- }
- return nssCertificateStore_FindSMIMEProfileForCertificate(cc->certStore,
- cert);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_GenerateKeyPair (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKey (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKeyFromPassword (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID (
- NSSCryptoContext *cc,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-struct token_session_str {
- NSSToken *token;
- nssSession *session;
-};
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Decrypt (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginDecrypt (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueDecrypt (
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishDecrypt (
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Sign (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginSign (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueSign (
- NSSCryptoContext *cc,
- NSSItem *data
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishSign (
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_SignRecover (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginSignRecover (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueSignRecover (
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishSignRecover (
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_DeriveSymmetricKey (
- NSSCryptoContext *cc,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Encrypt (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginEncrypt (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueEncrypt (
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishEncrypt (
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_Verify (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginVerify (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueVerify (
- NSSCryptoContext *cc,
- NSSItem *data
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_FinishVerify (
- NSSCryptoContext *cc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_VerifyRecover (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginVerifyRecover (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueVerifyRecover (
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishVerifyRecover (
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_WrapSymmetricKey (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Digest (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- return nssToken_Digest(cc->token, cc->session, apOpt,
- data, rvOpt, arenaOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginDigest (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- return nssToken_BeginDigest(cc->token, cc->session, apOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueDigest (
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *item
-)
-{
- /*
- NSSAlgorithmAndParameters *ap;
- ap = (apOpt) ? apOpt : cc->ap;
- */
- /* why apOpt? can't change it at this point... */
- return nssToken_ContinueDigest(cc->token, cc->session, item);
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishDigest (
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- return nssToken_FinishDigest(cc->token, cc->session, rvOpt, arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSCryptoContext_Clone (
- NSSCryptoContext *cc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/doc/standiag.png b/security/nss/lib/pki/doc/standiag.png
deleted file mode 100644
index fe1aca389..000000000
--- a/security/nss/lib/pki/doc/standiag.png
+++ /dev/null
Binary files differ
diff --git a/security/nss/lib/pki/doc/standoc.html b/security/nss/lib/pki/doc/standoc.html
deleted file mode 100644
index 43eb3a3cf..000000000
--- a/security/nss/lib/pki/doc/standoc.html
+++ /dev/null
@@ -1,471 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
- <!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
-
- <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
- <title>Stan Design - Work In Progress</title>
-</head>
- <body>
- <br>
- This is a working document for progress on Stan design/development.<br>
- <br>
- Current <a href="#build">build</a>
- and <a href="#test">test</a>
- instructions.<br>
- <br>
- The current set of Stan libraries.<br>
- <a href="#asn1">asn1</a>
- <br>
- <a href="#base">base</a>
- <br>
- <a href="#ckfw">ckfw</a>
- <br>
- <a href="#dev">dev</a>
- <br>
- <a href="#pki">pki</a>
- <br>
- <a href="#pki1">pki1</a>
- <br>
- <a href="#pkix">pkix</a>
- <br>
- <br>
- "Public" types below (those available to consumers of
- NSS) begin with "NSS". &nbsp;"Protected" types (those only available
- within NSS) begin with "nss".<br>
- <br>
- Open issues appears as numbered indents.<br>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="asn1"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/asn1/">
- ASN.1</a>
- </h3>
- ASN.1 encoder/decoder wrapping around the current
- ASN.1 implementation.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASN1EncodingType"> NSSASN1EncodingType</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Item">nssASN1Item</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Template">nssASN1Template</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1ChooseTemplateFunction">
- nssASN1ChooseTemplateFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Encoder">nssASN1Encoder</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Decoder">nssASN1Decoder</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncodingPart"> nssASN1EncodingPart</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1NotifyFunction">
- nssASN1NotifyFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncoderWriteFunction">
- nssASN1EncoderWriteFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1DecoderFilterFunction">
- nssASN1DecoderFilterFunction</a>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left">
-<h3><a name="base"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/base/">
- Base</a>
- </h3>
- Set of base utilities for Stan implementation.
-&nbsp;These are all fairly straightforward, except for nssPointerTracker.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSError">NSSError</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSArena">NSSArena</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSItem">NSSItem</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBER">NSSBER</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSDER">NSSDER</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBitString">NSSBitString</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUTF8">NSSUTF8</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASCII7">NSSASCII7</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssArenaMark">nssArenaMark</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssPointerTracker">nssPointerTracker</a>
- <br>
- This is intended for debug builds only.<br>
-
-<ol>
- <li>Ignored for now.<br>
- </li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssStringType">nssStringType</a>
- <br>
- <br>
- Suggested additions:<br>
-
-<ol>
- <li>nssList - A list that optionally uses a lock. &nbsp;This list would
- manage the currently loaded modules in a trust domain, etc.</li>
-
- <ul>
- <li>SECMODListLock kept track of the number of waiting threads. &nbsp;Will
- this be needed in the trust domain?</li>
-
- </ul>
-
-</ol>
- <br>
-
-<hr width="100%" size="2" align="Left">
-<h3><a name="ckfw"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/">
- CKFW</a>
- </h3>
- The cryptoki framework, used for building cryptoki tokens.
- &nbsp;This needs to be described in a separate document showing how
- to set up a token using CKFW. &nbsp;This code only relates to tokens,
- so it is not relevant here.<br>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left">
-<h3><a name="dev"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/dev/">
- Device</a>
- </h3>
- Defines cryptoki devices used in NSS. &nbsp;This
- is not part of the exposed API. &nbsp;It is a low-level API allowing
-NSS to manage cryptoki devices.<br>
- <br>
- The relationship is like this:<br>
- <br>
- libpki --&gt; libdev --&gt; cryptoki<br>
- <br>
- As an example,<br>
- <br>
- NSSTrustDomain_FindCertificate --&gt; NSSToken_FindCertificate --&gt;
- C_FindObjects<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSModule">NSSModule</a>
- <br>
- Replaces the SECMOD API. &nbsp;The module manages a
-PRLibrary that holds a cryptoki implementation via a number of slots.
-&nbsp;The API should provide the ability to Load and Unload a module,
-Login and Logout to the module (through its slots), and to locate a
-particular slot/token.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSlot">NSSSlot</a>
- <br>
- This and NSSToken combine to replace the PK11 API parts
- that relate to slot and token management. &nbsp;The slot API should
- provide the ability to Login/Logout to a slot, check the login status,
- determine basic configuration information about the slot, and modify
- the password settings.<br>
-
-<ol>
- <li>Should slots also maintain a default session? &nbsp;This session would
- be used for slot management calls (sections 9.5 and9.6 of PKCS#11). &nbsp;Or
- is the token session sufficient (this would not work if C_GetTokenInfo and
- C_InitToken need to be wrapped in a threadsafe session).<br>
- </li>
-
-</ol>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSToken">NSSToken</a>
- <br>
- Fills in the gaps left by NSSSlot. &nbsp;Much of the
-cryptoki API is directed towards slots. &nbsp;However, some functionality
- clearly belongs with a token type. &nbsp;For example, a certificate
- lives on a token, not a slot, so one would expect a function NSSToken_FindCertificate.
- &nbsp;Thus functions that deal with importing/exporting an object
-and performing actual cryptographic operations belong here.<br>
-
-<ol>
- <li>The distinction between a slot and a token is not clear. &nbsp;Most
- functions take a slotID as an argument, even though it is obvious that
- the event is intended to occur on a token. &nbsp;That leaves various
- possibilities:</li>
-
- <ol>
- <li>Implement the API entirely as NSSToken. &nbsp;If the token is not
- present, some calls will simply fail.</li>
- <li>Divide the API between NSSToken and NSSSlot, as described above.
-&nbsp;NSSSlot would handle cryptoki calls specified as "slot management",
- while NSSToken handles actual token operations.</li>
- <li>Others?</li>
-
- </ol>
- <li>Session management. &nbsp;Tokens needs a threadsafe session handle
- to perform operations. &nbsp;CryptoContexts are meant to provide such sessions,
- but other objects will need access to token functions as well (examples:
-the TrustDomain_Find functions, _Login, _Logout, and others that do not exist
- such as NSSToken_ChangePassword). &nbsp;For those functions, the token could
- maintain a default session. &nbsp;Thus all NSSToken API functions would take
- sessionOpt as an argument. &nbsp;If the caller is going to provide a session,
- it sends an NSSSession there, otherwise it sends NULL and the default session
- is utilized.<br>
- </li>
-
-</ol>
- Proposed:<br>
- NSSSession<br>
- Wraps a Cryptoki session. &nbsp;Created from a slot. &nbsp;Used to manage
- sessions for crypto contexts. &nbsp;Has a lock field, which locks the session
- if the slot is not threadsafe.<br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="pki"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/">
- PKI</a>
- </h3>
- The NSS PKI library.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">NSS</a>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">Certificate</a>
- <br>
-
-<ol>
- <li>The API leaves open the possibility of NSSCertificate meaning various
- certificate types, not just X.509. &nbsp;The way to keep open this possibility
- is to keep only generally useful information in the NSSCertificate type.
-&nbsp;Examples would be the certificate encoding, label, trust (obtained
- from cryptoki calls), an email address, etc. &nbsp;Some type of generic
-reference should be kept to the decoded certificate, which would then be
-accessed by a type-specific API (e.g., NSSX509_GetSubjectName).</li>
-
-</ol>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUserCertificate">NSSUserCertificate</a>
- <br>
-
-<ol>
- <li>Should this be a typedef of NSSCertificate?&nbsp; This implies that
- any function that requires an NSSUserCertificate would fail when called
- with a certificate lacking a private key. </li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPrivateKey">NSSPrivateKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPublicKey">NSSPublicKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSymmetricKey">NSSSymmetricKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTrustDomain">NSSTrustDomain</a>
- <br>
- A trust domain is "the field in which certificates may
- be validated." &nbsp;It is a collection of modules capable of performing
- cryptographic operations and storing certs and keys. &nbsp;This collection
- is managed by NSS in a manner opaque to the consumer. &nbsp;The slots
- will have various orderings determining which has preference for a
-given operation. &nbsp;For example, the trust domain may order the storage
- of user certificates one way, and the storage of email certificates in
- another way [is that a good example?].<br>
- <br>
-
-<ol>
- <li> How will ordering work? &nbsp;We already have the suggestion
- that there be two kinds of ordering: storage and search. &nbsp;How
-will they be constructed/managed? &nbsp;Do we want to expose access
-to a token that overrides this ordering (i.e., the download of updated
-root certs may need to override storage order)</li>
- <li>How are certs cached? &nbsp;Nelson wonders what it means to Stan
- when a cert does not live on a token yet. &nbsp;Bob, Terry, and I discussed
- this. &nbsp;My conclusion is that there should be a type, separate
-from NSSCertificate, that holds the decoded cert parts (e.g., NSSX509Certificate,
- or to avoid confusion, NSSX509DecodedParts). &nbsp;NSSCertificate would
- keep a handle to this type, so that it only needs to decode the cert
-once. &nbsp;The NSSTrustDomain would keep a hash table of cached certs,
-some of which may not live on a token yet (i.e., they are only NSSX509DecodedParts).
- &nbsp;This cache could be accessed in the same way the temp db was,
-and when the cert is ready to be moved onto a token a call to NSSTrustDomain_ImportCertificate
- is made. &nbsp;Note that this is essentially the same as CERT_TempCertToPerm.</li>
-
- <ul>
- <li>The hashtable in lib/base (copied from ckfw/hash.c) uses the identity
-hash. &nbsp;Therefore, in a hash of certificates, the key is the certificate
-pointer itself. &nbsp;One possibility is to store the decoded cert (NSSX509DecodedParts
-above) as the value in the {key, value} pair. &nbsp;When a cert is decoded,
-the cert pointer and decoding pointer are added to the hash. &nbsp;Subsequent
-lookups have access to one or both of these pointers. &nbsp;This keeps NSSCertificate
-separate from its decoding, while providing a way to locate it.</li>
-
- </ul>
- <li>The API is designed to keep token details hidden from the user. &nbsp;However,
- it has already been realized that PSM and CMS may need special access to
-tokens. &nbsp;Is this part of the TrustDomain API, or should PSM and CMS
-be allowed to use "friend" headers from the Token API?</li>
- <li>Do we want to allow traversal via NSSTrustDomain_TraverseXXXX?<br>
- </li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCryptoContext"><br>
- NSSCryptoContext</a>
- <br>
- Analgous to a Cryptoki session. &nbsp;Manages session objects only.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTime">NSSTime</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUsage">NSSUsage</a>
- <br>
-
-<ol>
- <li> See Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#187">
- comments</a>
- .</li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPolicies">NSSPolicies</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSAlgorithmAndParameters">
- NSSAlgorithmAndParameters</a>
- <br>
-
-<ol>
- <li> Again, Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#215">
- comments</a>
- . &nbsp;The old NSS code had various types related to algorithms
- running around in it. &nbsp;We had SECOidTag, SECAlgorithmID, SECItem's
- for parameters, CK_MECHANISM for cryptoki, etc. &nbsp;This type should
- be able to encapsulate all of those.</li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCallback">NSSCallback</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOperations">NSSOperations</a>
- <br>
- <br>
- <br>
-
-<hr width="100%" size="2"><br>
- <br>
- A diagram to suggest a possible TrustDomain architecture.<br>
- <br>
- <img src="./standiag.png" alt="Trust Domain Diagram" width="748" height="367">
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="pki1"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki1/">
- PKI1</a>
- </h3>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOID">NSSOID</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSATAV">NSSATAV</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDN">NSSRDN</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDNSeq">NSSRDNSeq</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSName">NSSName</a>
- <br>
- NSSNameChoice<br>
- NSSGeneralName<br>
- NSSGeneralNameChoice<br>
- NSSOtherName<br>
- NSSRFC822Name<br>
- NSSDNSName<br>
- NSSX400Address<br>
- NSSEdiParityAddress<br>
- NSSURI<br>
- NSSIPAddress<br>
- NSSRegisteredID<br>
- NSSGeneralNameSeq<br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssAttributeTypeAliasTable">
- nssAttributeTypeAliasTable</a>
- <br>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="pkix"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pkix/">
- PKIX&nbsp;</a>
- </h3>
- There is a plethora of PKIX related types here.<br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="build"></a>
- Building Stan</h3>
- <br>
- From nss/lib, run "make BUILD_STAN=1"<br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="test"></a>
- Testing Stan</h3>
- A&nbsp;new command line tool, pkiutil, has been created to use only
- the Stan API. &nbsp;It depends on a new library, cmdlib, meant to replace
- the old secutil library. &nbsp;The old library had code used by products
- that needed to be integrated into the main library codebase somehow. &nbsp;The
- goal of the new cmdlib is to have functionality needed strictly for NSS
- tools.<br>
- <br>
- How to build:<br>
-
-<ol>
- <li>cd nss/cmd/cmdlib; make</li>
- <li>cd ../pkiutil; make</li>
-
-</ol>
- pkiutil will give detailed help with either "pkiutil -?" or "pkiutil
- --help".<br>
- <br>
- So far, the only available test is to list certs on the builtins token.
- &nbsp;Copy "libnssckbi.so" (or whatever it is) to cmd/pkiutil. &nbsp;Then
- run "pkiutil -L" or "pkiutil --list". &nbsp;The list of certificate nicknames
- should be displayed.<br>
- <br>
- <br>
-
-</body>
-</html>
diff --git a/security/nss/lib/pki/manifest.mn b/security/nss/lib/pki/manifest.mn
deleted file mode 100644
index 835049c2a..000000000
--- a/security/nss/lib/pki/manifest.mn
+++ /dev/null
@@ -1,71 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- pki.h \
- pkit.h \
- nsspkit.h \
- nsspki.h \
- $(NULL)
-
-EXPORTS = \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = \
- asymmkey.c \
- certificate.c \
- cryptocontext.c \
- symmkey.c \
- trustdomain.c \
- tdcache.c \
- certdecode.c \
- pkistore.c \
- pkibase.c \
- $(NULL)
-
-ifndef PURE_STAN_BUILD
-CSRCS += pki3hack.c
-PRIVATE_EXPORTS += pkistore.h pki3hack.h pkitm.h pkim.h
-#DEFINES = -DNSS_3_4_CODE -DDEBUG_CACHE
-DEFINES = -DNSS_3_4_CODE
-endif
-
-REQUIRES = nspr
-
-LIBRARY_NAME = nsspki
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/pki/nsspki.h b/security/nss/lib/pki/nsspki.h
deleted file mode 100644
index f8bb731e2..000000000
--- a/security/nss/lib/pki/nsspki.h
+++ /dev/null
@@ -1,3190 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI_H
-#define NSSPKI_H
-
-#ifdef DEBUG
-static const char NSSPKI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki.h
- *
- * This file prototypes the methods of the top-level PKI objects.
- */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSPKI1_H
-#include "nsspki1.h"
-#endif /* NSSPKI1_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A note about interfaces
- *
- * Although these APIs are specified in C, a language which does
- * not have fancy support for abstract interfaces, this library
- * was designed from an object-oriented perspective. It may be
- * useful to consider the standard interfaces which went into
- * the writing of these APIs.
- *
- * Basic operations on all objects:
- * Destroy -- free a pointer to an object
- * DeleteStoredObject -- delete an object permanently
- *
- * Public Key cryptographic operations:
- * Encrypt
- * Verify
- * VerifyRecover
- * Wrap
- * Derive
- *
- * Private Key cryptographic operations:
- * IsStillPresent
- * Decrypt
- * Sign
- * SignRecover
- * Unwrap
- * Derive
- *
- * Symmetric Key cryptographic operations:
- * IsStillPresent
- * Encrypt
- * Decrypt
- * Sign
- * SignRecover
- * Verify
- * VerifyRecover
- * Wrap
- * Unwrap
- * Derive
- *
- */
-
-/*
- * NSSCertificate
- *
- * These things can do crypto ops like public keys, except that the trust,
- * usage, and other constraints are checked. These objects are "high-level,"
- * so trust, usages, etc. are in the form we throw around (client auth,
- * email signing, etc.). Remember that theoretically another implementation
- * (think PGP) could be beneath this object.
- */
-
-/*
- * NSSCertificate_Destroy
- *
- * Free a pointer to a certificate object.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Destroy
-(
- NSSCertificate *c
-);
-
-/*
- * NSSCertificate_DeleteStoredObject
- *
- * Permanently remove this certificate from storage. If this is the
- * only (remaining) certificate corresponding to a private key,
- * public key, and/or other object; then that object (those objects)
- * are deleted too.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_DeleteStoredObject
-(
- NSSCertificate *c,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_Validate
- *
- * Verify that this certificate is trusted, for the specified usage(s),
- * at the specified time, {word word} the specified policies.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Validate
-(
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSCertificate_ValidateCompletely
- *
- * Verify that this certificate is trusted. The difference between
- * this and the previous call is that NSSCertificate_Validate merely
- * returns success or failure with an appropriate error stack.
- * However, there may be (and often are) multiple problems with a
- * certificate. This routine returns an array of errors, specifying
- * every problem.
- */
-
-/*
- * Return value must be an array of objects, each of which has
- * an NSSError, and any corresponding certificate (in the chain)
- * and/or policy.
- */
-
-NSS_EXTERN void ** /* void *[] */
-NSSCertificate_ValidateCompletely
-(
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt, /* NULL for none */
- void **rvOpt, /* NULL for allocate */
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt /* NULL for heap */
-);
-
-/*
- * NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
- *
- * Returns PR_SUCCESS if the certificate is valid for at least something.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
-(
- NSSCertificate *c,
- NSSTime **notBeforeOutOpt,
- NSSTime **notAfterOutOpt,
- void *allowedUsages,
- void *disallowedUsages,
- void *allowedPolicies,
- void *disallowedPolicies,
- /* more args.. work on this fgmr */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_Encode
- *
- */
-
-NSS_EXTERN NSSDER *
-NSSCertificate_Encode
-(
- NSSCertificate *c,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_BuildChain
- *
- * This routine returns NSSCertificate *'s for each certificate
- * in the "chain" starting from the specified one up to and
- * including the root. The zeroth element in the array is the
- * specified ("leaf") certificate.
- *
- * If statusOpt is supplied, and is returned as PR_FAILURE, possible
- * error values are:
- *
- * NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND - the chain is incomplete
- *
- */
-
-extern const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND;
-
-NSS_EXTERN NSSCertificate **
-NSSCertificate_BuildChain
-(
- NSSCertificate *c,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetTrustDomain
- *
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSCertificate_GetTrustDomain
-(
- NSSCertificate *c
-);
-
-/*
- * NSSCertificate_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSCertificate_GetToken
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSCertificate_GetSlot
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSCertificate_GetModule
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_Encrypt
- *
- * Encrypt a single chunk of data with the public key corresponding to
- * this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_Encrypt
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Verify
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_VerifyRecover
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_WrapSymmetricKey
- *
- * This method tries very hard to to succeed, even in situations
- * involving sensitive keys and multiple modules.
- * { relyea: want to add verbiage? }
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_WrapSymmetricKey
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_CreateCryptoContext
- *
- * Create a crypto context, in this certificate's trust domain, with this
- * as the distinguished certificate.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSCertificate_CreateCryptoContext
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_GetPublicKey
- *
- * Returns the public key corresponding to this certificate.
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSCertificate_GetPublicKey
-(
- NSSCertificate *c
-);
-
-/*
- * NSSCertificate_FindPrivateKey
- *
- * Finds and returns the private key corresponding to this certificate,
- * if it is available.
- *
- * { Should this hang off of NSSUserCertificate? }
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSCertificate_FindPrivateKey
-(
- NSSCertificate *c,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_IsPrivateKeyAvailable
- *
- * Returns success if the private key corresponding to this certificate
- * is available to be used.
- *
- * { Should *this* hang off of NSSUserCertificate?? }
- */
-
-NSS_EXTERN PRBool
-NSSCertificate_IsPrivateKeyAvailable
-(
- NSSCertificate *c,
- NSSCallback *uhh,
- PRStatus *statusOpt
-);
-
-/*
- * If we make NSSUserCertificate not a typedef of NSSCertificate,
- * then we'll need implementations of the following:
- *
- * NSSUserCertificate_Destroy
- * NSSUserCertificate_DeleteStoredObject
- * NSSUserCertificate_Validate
- * NSSUserCertificate_ValidateCompletely
- * NSSUserCertificate_ValidateAndDiscoverUsagesAndPolicies
- * NSSUserCertificate_Encode
- * NSSUserCertificate_BuildChain
- * NSSUserCertificate_GetTrustDomain
- * NSSUserCertificate_GetToken
- * NSSUserCertificate_GetSlot
- * NSSUserCertificate_GetModule
- * NSSUserCertificate_GetCryptoContext
- * NSSUserCertificate_GetPublicKey
- */
-
-/*
- * NSSUserCertificate_IsStillPresent
- *
- * Verify that if this certificate lives on a token, that the token
- * is still present and the certificate still exists. This is a
- * lightweight call which should be used whenever it should be
- * verified that the user hasn't perhaps popped out his or her
- * token and strolled away.
- */
-
-NSS_EXTERN PRBool
-NSSUserCertificate_IsStillPresent
-(
- NSSUserCertificate *uc,
- PRStatus *statusOpt
-);
-
-/*
- * NSSUserCertificate_Decrypt
- *
- * Decrypt a single chunk of data with the private key corresponding
- * to this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_Decrypt
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_Sign
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_SignRecover
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey
-(
- NSSUserCertificate *uc, /* provides private key */
- NSSCertificate *c, /* provides public key */
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/* filter-certs function(s) */
-
-/**
- ** fgmr -- trust objects
- **/
-
-/*
- * NSSPrivateKey
- *
- */
-
-/*
- * NSSPrivateKey_Destroy
- *
- * Free a pointer to a private key object.
- */
-
-NSS_EXTERN PRStatus
-NSSPrivateKey_Destroy
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_DeleteStoredObject
- *
- * Permanently remove this object, and any related objects (such as the
- * certificates corresponding to this key).
- */
-
-NSS_EXTERN PRStatus
-NSSPrivateKey_DeleteStoredObject
-(
- NSSPrivateKey *vk,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_GetSignatureLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSPrivateKey_GetSignatureLength
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetPrivateModulusLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSPrivateKey_GetPrivateModulusLength
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_IsStillPresent
- *
- */
-
-NSS_EXTERN PRBool
-NSSPrivateKey_IsStillPresent
-(
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPrivateKey_Encode
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Encode
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *ap,
- NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSPrivateKey_GetTrustDomain
-(
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPrivateKey_GetToken
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSPrivateKey_GetToken
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetSlot
- *
- */
-
-NSS_EXTERN NSSSlot *
-NSSPrivateKey_GetSlot
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetModule
- *
- */
-
-NSS_EXTERN NSSModule *
-NSSPrivateKey_GetModule
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Decrypt
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Sign
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_SignRecover
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey
-(
- NSSPrivateKey *vk,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_FindPublicKey
- *
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSPrivateKey_FindPublicKey
-(
- NSSPrivateKey *vk
- /* { don't need the callback here, right? } */
-);
-
-/*
- * NSSPrivateKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain,
- * with this as the distinguished private key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSPrivateKey_CreateCryptoContext
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_FindCertificates
- *
- * Note that there may be more than one certificate for this
- * private key. { FilterCertificates function to further
- * reduce the list. }
- */
-
-NSS_EXTERN NSSCertificate **
-NSSPrivateKey_FindCertificates
-(
- NSSPrivateKey *vk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_FindBestCertificate
- *
- * The parameters for this function will depend on what the users
- * need. This is just a starting point.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSPrivateKey_FindBestCertificate
-(
- NSSPrivateKey *vk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSPublicKey
- *
- * Once you generate, find, or derive one of these, you can use it
- * to perform (simple) cryptographic operations. Though there may
- * be certificates associated with these public keys, they are not
- * verified.
- */
-
-/*
- * NSSPublicKey_Destroy
- *
- * Free a pointer to a public key object.
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_Destroy
-(
- NSSPublicKey *bk
-);
-
-/*
- * NSSPublicKey_DeleteStoredObject
- *
- * Permanently remove this object, and any related objects (such as the
- * corresponding private keys and certificates).
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_DeleteStoredObject
-(
- NSSPublicKey *bk,
- NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_Encode
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_Encode
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *ap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSPublicKey_GetTrustDomain
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSPublicKey_GetToken
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSPublicKey_GetSlot
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSPublicKey_GetModule
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_Encrypt
- *
- * Encrypt a single chunk of data with the public key corresponding to
- * this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_Encrypt
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_Verify
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_VerifyRecover
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_WrapSymmetricKey
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain, with this
- * as the distinguished public key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSPublicKey_CreateCryptoContext
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_FindCertificates
- *
- * Note that there may be more than one certificate for this
- * public key. The current implementation may not find every
- * last certificate available for this public key: that would
- * involve trolling e.g. huge ldap databases, which will be
- * grossly inefficient and not generally useful.
- * { FilterCertificates function to further reduce the list }
- */
-
-NSS_EXTERN NSSCertificate **
-NSSPublicKey_FindCertificates
-(
- NSSPublicKey *bk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_FindBestCertificate
- *
- * The parameters for this function will depend on what the users
- * need. This is just a starting point.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSPublicKey_FindBestCertificate
-(
- NSSPublicKey *bk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSPublicKey_FindPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSPublicKey_FindPrivateKey
-(
- NSSPublicKey *bk,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey
- *
- */
-
-/*
- * NSSSymmetricKey_Destroy
- *
- * Free a pointer to a symmetric key object.
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_Destroy
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_DeleteStoredObject
- *
- * Permanently remove this object.
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_DeleteStoredObject
-(
- NSSSymmetricKey *mk,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_GetKeyLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyLength
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_GetKeyStrength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyStrength
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_IsStillPresent
- *
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_IsStillPresent
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSSymmetricKey_GetToken
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSSymmetricKey_GetSlot
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSSymmetricKey_GetModule
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_Encrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Encrypt
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Decrypt
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Sign
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_SignRecover
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_Verify
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_VerifyRecover
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapSymmetricKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_WrapPrivateKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapPrivateKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSPrivateKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_UnwrapPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSUTF8 *labelOpt,
- NSSItem *keyIDOpt,
- PRBool persistant,
- PRBool sensitive,
- NSSToken *destinationOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey
-(
- NSSSymmetricKey *originalKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain,
- * with this as the distinguished symmetric key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSTrustDomain
- *
- */
-
-/*
- * NSSTrustDomain_Create
- *
- * This creates a trust domain, optionally with an initial cryptoki
- * module. If the module name is not null, the module is loaded if
- * needed (using the uriOpt argument), and initialized with the
- * opaqueOpt argument. If mumble mumble priority settings, then
- * module-specification objects in the module can cause the loading
- * and initialization of further modules.
- *
- * The uriOpt is defined to take a URI. At present, we only
- * support file: URLs pointing to platform-native shared libraries.
- * However, by specifying this as a URI, this keeps open the
- * possibility of supporting other, possibly remote, resources.
- *
- * The "reserved" arguments is held for when we figure out the
- * module priority stuff.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSTrustDomain_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-);
-
-/*
- * NSSTrustDomain_Destroy
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Destroy
-(
- NSSTrustDomain *td
-);
-
-/*
- * NSSTrustDomain_SetDefaultCallback
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_SetDefaultCallback
-(
- NSSTrustDomain *td,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-);
-
-/*
- * NSSTrustDomain_GetDefaultCallback
- *
- */
-
-NSS_EXTERN NSSCallback *
-NSSTrustDomain_GetDefaultCallback
-(
- NSSTrustDomain *td,
- PRStatus *statusOpt
-);
-
-/*
- * Default policies?
- * Default usage?
- * Default time, for completeness?
- */
-
-/*
- * NSSTrustDomain_LoadModule
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_LoadModule
-(
- NSSTrustDomain *td,
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-);
-
-/*
- * NSSTrustDomain_AddModule
- * NSSTrustDomain_AddSlot
- * NSSTrustDomain_UnloadModule
- * Managing modules, slots, tokens; priorities;
- * Traversing all of the above
- * this needs more work
- */
-
-/*
- * NSSTrustDomain_DisableToken
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_DisableToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError why
-);
-
-/*
- * NSSTrustDomain_EnableToken
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_EnableToken
-(
- NSSTrustDomain *td,
- NSSToken *token
-);
-
-/*
- * NSSTrustDomain_IsTokenEnabled
- *
- * If disabled, "why" is always on the error stack.
- * The optional argument is just for convenience.
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_IsTokenEnabled
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError *whyOpt
-);
-
-/*
- * NSSTrustDomain_FindSlotByName
- *
- */
-
-NSS_EXTERN NSSSlot *
-NSSTrustDomain_FindSlotByName
-(
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-);
-
-/*
- * NSSTrustDomain_FindTokenByName
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenByName
-(
- NSSTrustDomain *td,
- NSSUTF8 *tokenName
-);
-
-/*
- * NSSTrustDomain_FindTokenBySlotName
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenBySlotName
-(
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-);
-
-/*
- * NSSTrustDomain_FindBestTokenForAlgorithm
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenForAlgorithm
-(
- NSSTrustDomain *td,
- NSSOID *algorithm
-);
-
-/*
- * NSSTrustDomain_FindBestTokenForAlgorithms
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindBestTokenForAlgorithms
-(
- NSSTrustDomain *td,
- NSSOID *algorithms[], /* may be null-terminated */
- PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
-);
-
-/*
- * NSSTrustDomain_Login
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Login
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_Logout
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Logout
-(
- NSSTrustDomain *td
-);
-
-/* Importing things */
-
-/*
- * NSSTrustDomain_ImportCertificate
- *
- * The implementation will pull some data out of the certificate
- * (e.g. e-mail address) for use in pkcs#11 object attributes.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportCertificate
-(
- NSSTrustDomain *td,
- NSSCertificate *c
-);
-
-/*
- * NSSTrustDomain_ImportPKIXCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate
-(
- NSSTrustDomain *td,
- /* declared as a struct until these "data types" are defined */
- struct NSSPKIXCertificateStr *pc
-);
-
-/*
- * NSSTrustDomain_ImportEncodedCertificate
- *
- * Imports any type of certificate we support.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate
-(
- NSSTrustDomain *td,
- NSSBER *ber
-);
-
-/*
- * NSSTrustDomain_ImportEncodedCertificateChain
- *
- * If you just want the leaf, pass in a maximum of one.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain
-(
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_ImportEncodedPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSTrustDomain_ImportEncodedPrivateKey
-(
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSItem *passwordOpt, /* NULL will cause a callback */
- NSSCallback *uhhOpt,
- NSSToken *destination
-);
-
-/*
- * NSSTrustDomain_ImportEncodedPublicKey
- *
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSTrustDomain_ImportEncodedPublicKey
-(
- NSSTrustDomain *td,
- NSSBER *ber
-);
-
-/* Other importations: S/MIME capabilities */
-
-/*
- * NSSTrustDomain_FindBestCertificateByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
-(
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serialNumber
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByIssuerAndSerialNumber
- *
- * Theoretically, this should never happen. However, some companies
- * we know have issued duplicate certificates with the same issuer
- * and serial number. Do we just ignore them? I'm thinking yes.
- */
-
-/*
- * NSSTrustDomain_FindBestCertificateBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject
-(
- NSSTrustDomain *td,
- NSSDER /*NSSUTF8*/ *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER /*NSSUTF8*/ *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestCertificateByNameComponents
- *
- * This call does try several tricks, including a pseudo pkcs#11
- * attribute for the ldap module to try as a query. Eventually
- * this call falls back to a traversal if that's what's required.
- * It will search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents
-(
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByNameComponents
- *
- * This call, too, tries several tricks. It will stop on the first
- * attempt that generates results, so it won't e.g. traverse the
- * entire ldap database.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents
-(
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate
-(
- NSSTrustDomain *td,
- NSSBER *encodedCertificate
-);
-
-/*
- * NSSTrustDomain_FindBestCertificateByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEmail
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByOCSPHash
- *
- * There can be only one.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash
-(
- NSSTrustDomain *td,
- NSSItem *hash
-);
-
-/*
- * NSSTrustDomain_TraverseCertificates
- *
- * This function descends from one in older versions of NSS which
- * traverses the certs in the permanent database. That function
- * was used to implement selection routines, but was directly
- * available too. Trust domains are going to contain a lot more
- * certs now (e.g., an ldap server), so we'd really like to
- * discourage traversal. Thus for now, this is commented out.
- * If it's needed, let's look at the situation more closely to
- * find out what the actual requirements are.
- */
-
-/* For now, adding this function. This may only be for debugging
- * purposes.
- * Perhaps some equivalent function, on a specified token, will be
- * needed in a "friend" header file?
- */
-NSS_EXTERN PRStatus *
-NSSTrustDomain_TraverseCertificates
-(
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate
-(
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificates
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificates
-(
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
-(
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificatesForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth
-(
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificateForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning
-(
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificatesForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning
-(
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * Here is where we'd add more Find[Best]UserCertificate[s]For<usage>
- * routines.
- */
-
-/* Private Keys */
-
-/*
- * NSSTrustDomain_GenerateKeyPair
- *
- * Creates persistant objects. If you want session objects, use
- * NSSCryptoContext_GenerateKeyPair. The destination token is where
- * the keys are stored. If that token can do the required math, then
- * that's where the keys are generated too. Otherwise, the keys are
- * generated elsewhere and moved to that token.
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_GenerateKeyPair
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_TraversePrivateKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraversePrivateKeys
- * (
- * NSSTrustDomain *td,
- * PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
- * void *arg
- * );
- */
-
-/* Symmetric Keys */
-
-/*
- * NSSTrustDomain_GenerateSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_GenerateSymmetricKeyFromPassword
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
- *
- * Is this still needed?
- *
- * NSS_EXTERN NSSSymmetricKey *
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
- * (
- * NSSTrustDomain *td,
- * NSSOID *algorithm,
- * NSSCallback *uhhOpt
- * );
- */
-
-/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
-(
- NSSTrustDomain *td,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_TraverseSymmetricKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraverseSymmetricKeys
- * (
- * NSSTrustDomain *td,
- * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
- * void *arg
- * );
- */
-
-/*
- * NSSTrustDomain_CreateCryptoContext
- *
- * If a callback object is specified, it becomes the for the crypto
- * context; otherwise, this trust domain's default (if any) is
- * inherited.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContext
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_CreateCryptoContextForAlgorithm
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithm
-(
- NSSTrustDomain *td,
- NSSOID *algorithm
-);
-
-/*
- * NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap
-);
-
-/* find/traverse other objects, e.g. s/mime profiles */
-
-/*
- * NSSCryptoContext
- *
- * A crypto context is sort of a short-term snapshot of a trust domain,
- * used for the life of "one crypto operation." You can also think of
- * it as a "temporary database."
- *
- * Just about all of the things you can do with a trust domain -- importing
- * or creating certs, keys, etc. -- can be done with a crypto context.
- * The difference is that the objects will be temporary ("session") objects.
- *
- * Also, if the context was created for a key, cert, and/or algorithm; or
- * if such objects have been "associated" with the context, then the context
- * can do everything the keys can, like crypto operations.
- *
- * And finally, because it keeps the state of the crypto operations, it
- * can do streaming crypto ops.
- */
-
-/*
- * NSSTrustDomain_Destroy
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_Destroy
-(
- NSSCryptoContext *cc
-);
-
-/* establishing a default callback */
-
-/*
- * NSSCryptoContext_SetDefaultCallback
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_SetDefaultCallback
-(
- NSSCryptoContext *cc,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-);
-
-/*
- * NSSCryptoContext_GetDefaultCallback
- *
- */
-
-NSS_EXTERN NSSCallback *
-NSSCryptoContext_GetDefaultCallback
-(
- NSSCryptoContext *cc,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCryptoContext_GetTrustDomain
- *
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSCryptoContext_GetTrustDomain
-(
- NSSCryptoContext *cc
-);
-
-/* AddModule, etc: should we allow "temporary" changes here? */
-/* DisableToken, etc: ditto */
-/* Ordering of tokens? */
-/* Finding slots+token etc. */
-/* login+logout */
-
-/* Importing things */
-
-/*
- * NSSCryptoContext_ImportCertificate
- *
- * If there's not a "distinguished certificate" for this context, this
- * sets the specified one to be it.
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ImportCertificate
-(
- NSSCryptoContext *cc,
- NSSCertificate *c
-);
-
-/*
- * NSSCryptoContext_ImportPKIXCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_ImportPKIXCertificate
-(
- NSSCryptoContext *cc,
- struct NSSPKIXCertificateStr *pc
-);
-
-/*
- * NSSCryptoContext_ImportEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_ImportEncodedCertificate
-(
- NSSCryptoContext *cc,
- NSSBER *ber
-);
-
-/*
- * NSSCryptoContext_ImportEncodedPKIXCertificateChain
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ImportEncodedPKIXCertificateChain
-(
- NSSCryptoContext *cc,
- NSSBER *ber
-);
-
-/* Other importations: S/MIME capabilities
- */
-
-/*
- * NSSCryptoContext_FindBestCertificateByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNickname
-(
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByNickname
-(
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
-(
- NSSCryptoContext *cc,
- NSSDER *issuer,
- NSSDER *serialNumber
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateBySubject
-(
- NSSCryptoContext *cc,
- NSSDER /*NSSUTF8*/ *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesBySubject
-(
- NSSCryptoContext *cc,
- NSSDER /*NSSUTF8*/ *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateByNameComponents
- *
- * This call does try several tricks, including a pseudo pkcs#11
- * attribute for the ldap module to try as a query. Eventually
- * this call falls back to a traversal if that's what's required.
- * It will search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNameComponents
-(
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByNameComponents
- *
- * This call, too, tries several tricks. It will stop on the first
- * attempt that generates results, so it won't e.g. traverse the
- * entire ldap database.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByNameComponents
-(
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByEncodedCertificate
-(
- NSSCryptoContext *cc,
- NSSBER *encodedCertificate
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByEmail
-(
- NSSCryptoContext *cc,
- NSSASCII7 *email,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByEmail
-(
- NSSCryptoContext *cc,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByOCSPHash
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByOCSPHash
-(
- NSSCryptoContext *cc,
- NSSItem *hash
-);
-
-/*
- * NSSCryptoContext_TraverseCertificates
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraverseCertificates
- * (
- * NSSCryptoContext *cc,
- * PRStatus (*callback)(NSSCertificate *c, void *arg),
- * void *arg
- * );
- */
-
-/*
- * NSSCryptoContext_FindBestUserCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificate
-(
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificates
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindUserCertificates
-(
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
-(
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificatesForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindUserCertificatesForSSLClientAuth
-(
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestUserCertificateForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForEmailSigning
-(
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificatesForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindUserCertificatesForEmailSigning
-(
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt, /* fgmr or a more general name? */
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/* Private Keys */
-
-/*
- * NSSCryptoContext_GenerateKeyPair
- *
- * Creates session objects. If you want persistant objects, use
- * NSSTrustDomain_GenerateKeyPair. The destination token is where
- * the keys are stored. If that token can do the required math, then
- * that's where the keys are generated too. Otherwise, the keys are
- * generated elsewhere and moved to that token.
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_GenerateKeyPair
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_TraversePrivateKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraversePrivateKeys
- * (
- * NSSCryptoContext *cc,
- * PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
- * void *arg
- * );
- */
-
-/* Symmetric Keys */
-
-/*
- * NSSCryptoContext_GenerateSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_GenerateSymmetricKeyFromPassword
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKeyFromPassword
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_FindSymmetricKeyByAlgorithm
- *
- *
- * NSS_EXTERN NSSSymmetricKey *
- * NSSCryptoContext_FindSymmetricKeyByType
- * (
- * NSSCryptoContext *cc,
- * NSSOID *type,
- * NSSCallback *uhhOpt
- * );
- */
-
-/*
- * NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
-(
- NSSCryptoContext *cc,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_TraverseSymmetricKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraverseSymmetricKeys
- * (
- * NSSCryptoContext *cc,
- * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
- * void *arg
- * );
- */
-
-/* Crypto ops on distinguished keys */
-
-/*
- * NSSCryptoContext_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Decrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginDecrypt
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginDecrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueDecrypt
- *
- */
-
-/*
- * NSSItem semantics:
- *
- * If rvOpt is NULL, a new NSSItem and buffer are allocated.
- * If rvOpt is not null, but the buffer pointer is null,
- * then rvOpt is returned but a new buffer is allocated.
- * In this case, if the length value is not zero, then
- * no more than that much space will be allocated.
- * If rvOpt is not null and the buffer pointer is not null,
- * then that buffer is re-used. No more than the buffer
- * length value will be used; if it's not enough, an
- * error is returned. If less is used, the number is
- * adjusted downwards.
- *
- * Note that although this is short of some ideal "Item"
- * definition, we can usually tell how big these buffers
- * have to be.
- *
- * Feedback is requested; and earlier is better than later.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueDecrypt
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishDecrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishDecrypt
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Sign
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginSign
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginSign
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueSign
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueSign
-(
- NSSCryptoContext *cc,
- NSSItem *data
-);
-
-/*
- * NSSCryptoContext_FinishSign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishSign
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_SignRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginSignRecover
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginSignRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueSignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueSignRecover
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishSignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishSignRecover
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_DeriveSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_Encrypt
- *
- * Encrypt a single chunk of data with the distinguished public key
- * of this crypto context.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Encrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginEncrypt
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginEncrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueEncrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueEncrypt
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishEncrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishEncrypt
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_Verify
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_BeginVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginVerify
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueVerify
-(
- NSSCryptoContext *cc,
- NSSItem *data
-);
-
-/*
- * NSSCryptoContext_FinishVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_FinishVerify
-(
- NSSCryptoContext *cc
-);
-
-/*
- * NSSCryptoContext_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_VerifyRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginVerifyRecover
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueVerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishVerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_WrapSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Digest
- *
- * Digest a single chunk of data with the distinguished digest key
- * of this crypto context.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Digest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginDigest
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginDigest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueDigest
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueDigest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *item
-);
-
-/*
- * NSSCryptoContext_FinishDigest
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishDigest
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * tbd: Combination ops
- */
-
-/*
- * NSSCryptoContext_Clone
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSCryptoContext_Clone
-(
- NSSCryptoContext *cc
-);
-
-/*
- * NSSCryptoContext_Save
- * NSSCryptoContext_Restore
- *
- * We need to be able to save and restore the state of contexts.
- * Perhaps a mark-and-release mechanism would be better?
- */
-
-/*
- * ..._SignTBSCertificate
- *
- * This requires feedback from the cert server team.
- */
-
-/*
- * PRBool NSSCertificate_GetIsTrustedFor{xxx}(NSSCertificate *c);
- * PRStatus NSSCertificate_SetIsTrustedFor{xxx}(NSSCertificate *c, PRBool trusted);
- *
- * These will be helper functions which get the trust object for a cert,
- * and then call the corresponding function(s) on it.
- *
- * PKIX trust objects will have methods to manipulate the low-level trust
- * bits (which are based on key usage and extended key usage), and also the
- * conceptual high-level usages (e.g. ssl client auth, email encryption, etc.)
- *
- * Other types of trust objects (if any) might have different low-level
- * representations, but hopefully high-level concepts would map.
- *
- * Only these high-level general routines would be promoted to the
- * general certificate level here. Hence the {xxx} above would be things
- * like "EmailSigning."
- *
- *
- * NSSPKIXTrust *NSSCertificate_GetPKIXTrustObject(NSSCertificate *c);
- * PRStatus NSSCertificate_SetPKIXTrustObject(NSSCertificate *c, NSPKIXTrust *t);
- *
- * I want to hold off on any general trust object until we've investigated
- * other models more thoroughly.
- */
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKI_H */
diff --git a/security/nss/lib/pki/nsspkit.h b/security/nss/lib/pki/nsspkit.h
deleted file mode 100644
index 6083ac0f8..000000000
--- a/security/nss/lib/pki/nsspkit.h
+++ /dev/null
@@ -1,271 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIT_H
-#define NSSPKIT_H
-
-#ifdef DEBUG
-static const char NSSPKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkit.h
- *
- * This file defines the types of the top-level PKI objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSCertificate
- *
- * This is the public representation of a Certificate. The certificate
- * may be one found on a smartcard or other token, one decoded from data
- * received as part of a protocol, one constructed from constituent
- * parts, etc. Usually it is associated with ("in") a trust domain; as
- * it can be verified only within a trust domain. The underlying type
- * of certificate may be of any supported standard, e.g. PKIX, PGP, etc.
- *
- * People speak of "verifying (with) the server's, or correspondant's,
- * certificate"; for simple operations we support that simplification
- * by implementing public-key crypto operations as methods on this type.
- */
-
-struct NSSCertificateStr;
-typedef struct NSSCertificateStr NSSCertificate;
-
-/*
- * NSSUserCertificate
- *
- * A ``User'' certificate is one for which the private key is available.
- * People speak of "using my certificate to sign my email" and "using
- * my certificate to authenticate to (or login to) the server"; for
- * simple operations, we support that simplification by implementing
- * private-key crypto operations as methods on this type.
- *
- * The current design only weakly distinguishes between certificates
- * and user certificates: as far as the compiler goes they're
- * interchangable; debug libraries only have one common pointer-tracker;
- * etc. However, attempts to do private-key operations on a certificate
- * for which the private key is not available will fail.
- *
- * Open design question: should these types be more firmly separated?
- */
-
-typedef NSSCertificate NSSUserCertificate;
-
-/*
- * NSSPrivateKey
- *
- * This is the public representation of a Private Key. In general,
- * the actual value of the key is not available, but operations may
- * be performed with it.
- */
-
-struct NSSPrivateKeyStr;
-typedef struct NSSPrivateKeyStr NSSPrivateKey;
-
-/*
- * NSSPublicKey
- *
- */
-
-struct NSSPublicKeyStr;
-typedef struct NSSPublicKeyStr NSSPublicKey;
-
-/*
- * NSSSymmetricKey
- *
- */
-
-struct NSSSymmetricKeyStr;
-typedef struct NSSSymmetricKeyStr NSSSymmetricKey;
-
-/*
- * NSSTrustDomain
- *
- * A Trust Domain is the field in which certificates may be validated.
- * A trust domain will generally have one or more cryptographic modules
- * open; these modules perform the cryptographic operations, and
- * provide the basic "root" trust information from which the trust in
- * a specific certificate or key depends.
- *
- * A client program, or a simple server, would typically have one
- * trust domain. A server supporting multiple "virtual servers" might
- * have a separate trust domain for each virtual server. The separate
- * trust domains might share some modules (e.g., a hardware crypto
- * accelerator) but not others (e.g., the tokens storing the different
- * servers' private keys, or the databases with each server's trusted
- * root certificates).
- *
- * This object descends from the "permananet database" in the old code.
- */
-
-struct NSSTrustDomainStr;
-typedef struct NSSTrustDomainStr NSSTrustDomain;
-
-/*
- * NSSCryptoContext
- *
- * A Crypto Context is a short-term, "helper" object which is used
- * for the lifetime of one ongoing "crypto operation." Such an
- * operation may be the creation of a signed message, the use of an
- * TLS socket connection, etc. Each crypto context is "in" a
- * specific trust domain, and it may have associated with it a
- * distinguished certificate, public key, private key, and/or
- * symmetric key. It can also temporarily hold and use temporary
- * data (e.g. intermediate certificates) which is not stored
- * permanently in the trust domain.
- *
- * In OO terms, this interface inherits interfaces from the trust
- * domain, the certificates, and the keys. It also provides
- * streaming crypto operations.
- *
- * This object descends from the "temporary database" concept in the
- * old code, but it has changed a lot as a result of what we've
- * learned.
- */
-
-typedef struct NSSCryptoContextStr NSSCryptoContext;
-
-/*
- * fgmr others
- */
-
-/*
- * NSSTime
- *
- * Unfortunately, we need an "exceptional" value to indicate
- * an error upon return, or "no value" on input. Note that zero
- * is a perfectly valid value for both time_t and PRTime.
- *
- * If we were to create a "range" object, with two times for
- * Not Before and Not After, we would have an obvious place for
- * the somewhat arbitrary logic involved in comparing them.
- *
- * Failing that, let's have an NSSTime_CompareRanges function.
- */
-
-struct NSSTimeStr;
-typedef struct NSSTimeStr NSSTime;
-
-struct NSSTrustStr;
-typedef struct NSSTrustStr NSSTrust;
-
-/*
- * NSSUsage
- *
- * This is trickier than originally planned; I'll write up a
- * doc on it.
- *
- * We'd still like nsspki.h to have a list of common usages,
- * e.g.:
- *
- * extern const NSSUsage *NSSUsage_ClientAuth;
- * extern const NSSUsage *NSSUsage_ServerAuth;
- * extern const NSSUsage *NSSUsage_SignEmail;
- * extern const NSSUsage *NSSUsage_EncryptEmail;
- * etc.
- */
-
-struct NSSUsageStr;
-typedef struct NSSUsageStr NSSUsage;
-
-/*
- * NSSPolicies
- *
- * Placeholder, for now.
- */
-
-struct NSSPoliciesStr;
-typedef struct NSSPoliciesStr NSSPolicies;
-
-/*
- * NSSAlgorithmAndParameters
- *
- * Algorithm is an OID
- * Parameters depend on the algorithm
- */
-
-struct NSSAlgorithmAndParametersStr;
-typedef struct NSSAlgorithmAndParametersStr NSSAlgorithmAndParameters;
-
-/*
- * NSSCallback
- *
- * At minimum, a "challenge" method and a closure argument.
- * Usually the challenge will just be prompting for a password.
- * How OO do we want to make it?
- */
-
-typedef struct NSSCallbackStr NSSCallback;
-
-struct NSSCallbackStr {
- /* Prompt for a password to initialize a slot. */
- PRStatus (* getInitPW)(NSSUTF8 *slotName, void *arg,
- NSSUTF8 **ssoPW, NSSUTF8 **userPW);
- /* Prompt for oldPW and newPW in order to change the
- * password on a slot.
- */
- PRStatus (* getNewPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
- NSSUTF8 **oldPW, NSSUTF8 **newPW);
- /* Prompt for slot password. */
- PRStatus (* getPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
- NSSUTF8 **password);
- void *arg;
-};
-
-/* set errors - user cancelled, ... */
-
-typedef PRUint32 NSSOperations;
-/* 1) Do we want these to be preprocessor definitions or constants? */
-/* 2) What is the correct and complete list? */
-
-#define NSSOperations_ENCRYPT 0x0001
-#define NSSOperations_DECRYPT 0x0002
-#define NSSOperations_WRAP 0x0004
-#define NSSOperations_UNWRAP 0x0008
-#define NSSOperations_SIGN 0x0010
-#define NSSOperations_SIGN_RECOVER 0x0020
-#define NSSOperations_VERIFY 0x0040
-#define NSSOperations_VERIFY_RECOVER 0x0080
-
-struct NSSPKIXCertificateStr;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIT_H */
diff --git a/security/nss/lib/pki/pki.h b/security/nss/lib/pki/pki.h
deleted file mode 100644
index d9af582b0..000000000
--- a/security/nss/lib/pki/pki.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI_H
-#define PKI_H
-
-#ifdef DEBUG
-static const char PKI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSCallback *
-nssTrustDomain_GetDefaultCallback
-(
- NSSTrustDomain *td,
- PRStatus *statusOpt
-);
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSTrust *
-nssTrustDomain_FindTrustForCertificate
-(
- NSSTrustDomain *td,
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSCertificate *
-nssCertificate_AddRef
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN PRStatus
-nssCertificate_Destroy
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetEncoding
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetIssuer
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetSerialNumber
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetSubject
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSUTF8 *
-nssCertificate_GetNickname
-(
- NSSCertificate *c,
- NSSToken *tokenOpt
-);
-
-NSS_EXTERN NSSASCII7 *
-nssCertificate_GetEmailAddress
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN PRBool
-nssCertificate_IssuerAndSerialEqual
-(
- NSSCertificate *c1,
- NSSCertificate *c2
-);
-
-NSS_EXTERN NSSPrivateKey *
-nssPrivateKey_AddRef
-(
- NSSPrivateKey *vk
-);
-
-NSS_EXTERN PRStatus
-nssPrivateKey_Destroy
-(
- NSSPrivateKey *vk
-);
-
-NSS_EXTERN NSSItem *
-nssPrivateKey_GetID
-(
- NSSPrivateKey *vk
-);
-
-NSS_EXTERN NSSUTF8 *
-nssPrivateKey_GetNickname
-(
- NSSPrivateKey *vk,
- NSSToken *tokenOpt
-);
-
-NSS_EXTERN PRStatus
-nssPublicKey_Destroy
-(
- NSSPublicKey *bk
-);
-
-NSS_EXTERN NSSItem *
-nssPublicKey_GetID
-(
- NSSPublicKey *vk
-);
-
-NSS_EXTERN NSSCertificate **
-nssCryptoContext_FindCertificatesBySubject
-(
- NSSCryptoContext *cc,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/* putting here for now, needs more thought */
-NSS_EXTERN PRStatus
-nssCryptoContext_ImportTrust
-(
- NSSCryptoContext *cc,
- NSSTrust *trust
-);
-
-NSS_EXTERN NSSTrust *
-nssCryptoContext_FindTrustForCertificate
-(
- NSSCryptoContext *cc,
- NSSCertificate *cert
-);
-
-NSS_EXTERN PRStatus
-nssCryptoContext_ImportSMIMEProfile
-(
- NSSCryptoContext *cc,
- nssSMIMEProfile *profile
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssCryptoContext_FindSMIMEProfileForCertificate
-(
- NSSCryptoContext *cc,
- NSSCertificate *cert
-);
-
-NSS_EXTERN NSSTrust *
-nssTrust_AddRef
-(
- NSSTrust *trust
-);
-
-NSS_EXTERN PRStatus
-nssTrust_Destroy
-(
- NSSTrust *trust
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssSMIMEProfile_AddRef
-(
- nssSMIMEProfile *profile
-);
-
-NSS_EXTERN PRStatus
-nssSMIMEProfile_Destroy
-(
- nssSMIMEProfile *profile
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssSMIMEProfile_Create
-(
- NSSCertificate *cert,
- NSSItem *profileTime,
- NSSItem *profileData
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKI_H */
diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c
deleted file mode 100644
index ef378970a..000000000
--- a/security/nss/lib/pki/pki3hack.c
+++ /dev/null
@@ -1,1109 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * Hacks to integrate NSS 3.4 and NSS 4.0 certificates.
- */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVNSS3HACK_H
-#include "dev3hack.h"
-#endif /* DEVNSS3HACK_H */
-
-#ifndef PKINSS3HACK_H
-#include "pki3hack.h"
-#endif /* PKINSS3HACK_H */
-
-#include "secitem.h"
-#include "certdb.h"
-#include "certt.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "pkistore.h"
-#include "secmod.h"
-
-NSSTrustDomain *g_default_trust_domain = NULL;
-
-NSSCryptoContext *g_default_crypto_context = NULL;
-
-NSSTrustDomain *
-STAN_GetDefaultTrustDomain()
-{
- return g_default_trust_domain;
-}
-
-NSSCryptoContext *
-STAN_GetDefaultCryptoContext()
-{
- return g_default_crypto_context;
-}
-
-extern const NSSError NSS_ERROR_ALREADY_INITIALIZED;
-
-NSS_IMPLEMENT PRStatus
-STAN_LoadDefaultNSS3TrustDomain (
- void
-)
-{
- NSSTrustDomain *td;
- NSSToken *token;
- SECMODModuleList *mlp;
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
-
- if (g_default_trust_domain || g_default_crypto_context) {
- /* Stan is already initialized or a previous shutdown failed. */
- nss_SetError(NSS_ERROR_ALREADY_INITIALIZED);
- return PR_FAILURE;
- }
- td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
- if (!td) {
- return PR_FAILURE;
- }
- td->tokenList = nssList_Create(td->arena, PR_TRUE);
- SECMOD_GetReadLock(moduleLock);
- for (mlp = SECMOD_GetDefaultModuleList(); mlp != NULL; mlp=mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- token = nssToken_CreateFromPK11SlotInfo(td, mlp->module->slots[i]);
- PK11Slot_SetNSSToken(mlp->module->slots[i], token);
- nssList_Add(td->tokenList, token);
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
- td->tokens = nssList_CreateIterator(td->tokenList);
- g_default_trust_domain = td;
- g_default_crypto_context = NSSTrustDomain_CreateCryptoContext(td, NULL);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT SECStatus
-STAN_AddModuleToDefaultTrustDomain (
- SECMODModule *module
-)
-{
- NSSToken *token;
- NSSTrustDomain *td;
- int i;
- td = STAN_GetDefaultTrustDomain();
- for (i=0; i<module->slotCount; i++) {
- token = nssToken_CreateFromPK11SlotInfo(td, module->slots[i]);
- PK11Slot_SetNSSToken(module->slots[i], token);
- nssList_Add(td->tokenList, token);
- }
- nssListIterator_Destroy(td->tokens);
- td->tokens = nssList_CreateIterator(td->tokenList);
- return SECSuccess;
-}
-
-NSS_IMPLEMENT SECStatus
-STAN_RemoveModuleFromDefaultTrustDomain (
- SECMODModule *module
-)
-{
- NSSToken *token;
- NSSTrustDomain *td;
- int i;
- td = STAN_GetDefaultTrustDomain();
- for (i=0; i<module->slotCount; i++) {
- token = PK11Slot_GetNSSToken(module->slots[i]);
- if (token) {
- nssToken_NotifyCertsNotVisible(token);
- nssList_Remove(td->tokenList, token);
- PK11Slot_SetNSSToken(module->slots[i], NULL);
- nssToken_Destroy(token);
- }
- }
- nssListIterator_Destroy(td->tokens);
- td->tokens = nssList_CreateIterator(td->tokenList);
- return SECSuccess;
-}
-
-NSS_IMPLEMENT PRStatus
-STAN_Shutdown()
-{
- PRStatus status = PR_SUCCESS;
- if (g_default_trust_domain) {
- if (NSSTrustDomain_Destroy(g_default_trust_domain) == PR_SUCCESS) {
- g_default_trust_domain = NULL;
- } else {
- status = PR_FAILURE;
- }
- }
- if (g_default_crypto_context) {
- if (NSSCryptoContext_Destroy(g_default_crypto_context) == PR_SUCCESS) {
- g_default_crypto_context = NULL;
- } else {
- status = PR_FAILURE;
- }
- }
- return status;
-}
-
-/* this function should not be a hack; it will be needed in 4.0 (rename) */
-NSS_IMPLEMENT NSSItem *
-STAN_GetCertIdentifierFromDER(NSSArena *arenaOpt, NSSDER *der)
-{
- NSSItem *rvKey;
- SECItem secDER;
- SECItem secKey = { 0 };
- SECStatus secrv;
- PRArenaPool *arena;
-
- SECITEM_FROM_NSSITEM(&secDER, der);
-
- /* nss3 call uses nss3 arena's */
- arena = PORT_NewArena(256);
- if (!arena) {
- return NULL;
- }
- secrv = CERT_KeyFromDERCert(arena, &secDER, &secKey);
- if (secrv != SECSuccess) {
- return NULL;
- }
- rvKey = nssItem_Create(arenaOpt, NULL, secKey.len, (void *)secKey.data);
- PORT_FreeArena(arena,PR_FALSE);
- return rvKey;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena,
- NSSDER *issuer, NSSDER *serial)
-{
- SECStatus secrv;
- SECItem derCert;
- SECItem derIssuer = { 0 };
- SECItem derSerial = { 0 };
- SECITEM_FROM_NSSITEM(&derCert, der);
- secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
- if (secrv != SECSuccess) {
- return PR_FAILURE;
- }
- (void)nssItem_Create(arena, serial, derSerial.len, derSerial.data);
- secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
- if (secrv != SECSuccess) {
- PORT_Free(derSerial.data);
- return PR_FAILURE;
- }
- (void)nssItem_Create(arena, issuer, derIssuer.len, derIssuer.data);
- PORT_Free(derSerial.data);
- PORT_Free(derIssuer.data);
- return PR_SUCCESS;
-}
-
-static NSSItem *
-nss3certificate_getIdentifier(nssDecodedCert *dc)
-{
- NSSItem *rvID;
- CERTCertificate *c = (CERTCertificate *)dc->data;
- rvID = nssItem_Create(NULL, NULL, c->certKey.len, c->certKey.data);
- return rvID;
-}
-
-static void *
-nss3certificate_getIssuerIdentifier(nssDecodedCert *dc)
-{
- CERTCertificate *c = (CERTCertificate *)dc->data;
- return (void *)c->authKeyID;
-}
-
-static nssCertIDMatch
-nss3certificate_matchIdentifier(nssDecodedCert *dc, void *id)
-{
- CERTCertificate *c = (CERTCertificate *)dc->data;
- CERTAuthKeyID *authKeyID = (CERTAuthKeyID *)id;
- SECItem skid;
- nssCertIDMatch match = nssCertIDMatch_Unknown;
-
- /* keyIdentifier */
- if (authKeyID->keyID.len > 0) {
- if (CERT_FindSubjectKeyIDExtension(c, &skid) == SECSuccess) {
- PRBool skiEqual;
- skiEqual = SECITEM_ItemsAreEqual(&authKeyID->keyID, &skid);
- PORT_Free(skid.data);
- if (skiEqual) {
- /* change the state to positive match, but keep going */
- match = nssCertIDMatch_Yes;
- } else {
- /* exit immediately on failure */
- return nssCertIDMatch_No;
- }
- } /* else fall through */
- }
-
- /* issuer/serial (treated as pair) */
- if (authKeyID->authCertIssuer) {
- SECItem *caName = NULL;
- SECItem *caSN = &authKeyID->authCertSerialNumber;
-
- caName = (SECItem *)CERT_GetGeneralNameByType(
- authKeyID->authCertIssuer,
- certDirectoryName, PR_TRUE);
- if (caName == NULL) {
- /* this is some kind of error, so treat it as unknown */
- return nssCertIDMatch_Unknown;
- }
- if (SECITEM_ItemsAreEqual(&c->derIssuer, caName) &&
- SECITEM_ItemsAreEqual(&c->serialNumber, caSN))
- {
- /* change the state to positive match, but keep going */
- match = nssCertIDMatch_Yes;
- } else {
- /* exit immediately on failure */
- return nssCertIDMatch_No;
- }
- }
-
- /* If the issued cert has a keyIdentifier field with a value, but
- * this issuer cert does not have a subjectKeyID extension, and
- * the issuer/serial number fields of the authKeyID extension
- * are empty, the state will be Unknown. Otherwise it should have
- * been set to Yes.
- */
- return match;
-}
-
-static PRBool
-nss3certificate_isValidIssuer(nssDecodedCert *dc)
-{
- CERTCertificate *c = (CERTCertificate *)dc->data;
- unsigned int ignore;
- return CERT_IsCACert(c, &ignore);
-}
-
-static NSSUsage *
-nss3certificate_getUsage(nssDecodedCert *dc)
-{
- /* CERTCertificate *c = (CERTCertificate *)dc->data; */
- return NULL;
-}
-
-static PRBool
-nss3certificate_isValidAtTime(nssDecodedCert *dc, NSSTime *time)
-{
- SECCertTimeValidity validity;
- CERTCertificate *c = (CERTCertificate *)dc->data;
- validity = CERT_CheckCertValidTimes(c, NSSTime_GetPRTime(time), PR_TRUE);
- if (validity == secCertTimeValid) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PRBool
-nss3certificate_isNewerThan(nssDecodedCert *dc, nssDecodedCert *cmpdc)
-{
- /* I know this isn't right, but this is glue code anyway */
- if (cmpdc->type == dc->type) {
- CERTCertificate *certa = (CERTCertificate *)dc->data;
- CERTCertificate *certb = (CERTCertificate *)cmpdc->data;
- return CERT_IsNewer(certa, certb);
- }
- return PR_FALSE;
-}
-
-/* CERT_FilterCertListByUsage */
-static PRBool
-nss3certificate_matchUsage(nssDecodedCert *dc, NSSUsage *usage)
-{
- SECStatus secrv;
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- unsigned int certType;
- PRBool match;
- CERTCertificate *cc = (CERTCertificate *)dc->data;
- SECCertUsage secUsage = usage->nss3usage;
- PRBool ca = usage->nss3lookingForCA;
-
- /* This is for NSS 3.3 functions that do not specify a usage */
- if (usage->anyUsage) {
- return PR_TRUE;
- }
- secrv = CERT_KeyUsageAndTypeForCertUsage(secUsage, ca,
- &requiredKeyUsage,
- &requiredCertType);
- if (secrv != SECSuccess) {
- return PR_FALSE;
- }
- match = PR_TRUE;
- secrv = CERT_CheckKeyUsage(cc, requiredKeyUsage);
- if (secrv != SECSuccess) {
- match = PR_FALSE;
- }
- if (ca) {
- (void)CERT_IsCACert(cc, &certType);
- } else {
- certType = cc->nsCertType;
- }
- if (!(certType & requiredCertType)) {
- match = PR_FALSE;
- }
- return match;
-}
-
-static NSSASCII7 *
-nss3certificate_getEmailAddress(nssDecodedCert *dc)
-{
- CERTCertificate *cc = (CERTCertificate *)dc->data;
- return cc ? (NSSASCII7 *)cc->emailAddr : NULL;
-}
-
-static PRStatus
-nss3certificate_getDERSerialNumber(nssDecodedCert *dc,
- NSSDER *serial, NSSArena *arena)
-{
- CERTCertificate *cc = (CERTCertificate *)dc->data;
- SECItem derSerial = { 0 };
- SECStatus secrv;
- secrv = CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
- if (secrv == SECSuccess) {
- (void)nssItem_Create(arena, serial, derSerial.len, derSerial.data);
- PORT_Free(derSerial.data);
- return PR_SUCCESS;
- }
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT nssDecodedCert *
-nssDecodedPKIXCertificate_Create (
- NSSArena *arenaOpt,
- NSSDER *encoding
-)
-{
- nssDecodedCert *rvDC;
- SECItem secDER;
- rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
- rvDC->type = NSSCertificateType_PKIX;
- SECITEM_FROM_NSSITEM(&secDER, encoding);
- rvDC->data = (void *)CERT_DecodeDERCertificate(&secDER, PR_TRUE, NULL);
- rvDC->getIdentifier = nss3certificate_getIdentifier;
- rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
- rvDC->matchIdentifier = nss3certificate_matchIdentifier;
- rvDC->isValidIssuer = nss3certificate_isValidIssuer;
- rvDC->getUsage = nss3certificate_getUsage;
- rvDC->isValidAtTime = nss3certificate_isValidAtTime;
- rvDC->isNewerThan = nss3certificate_isNewerThan;
- rvDC->matchUsage = nss3certificate_matchUsage;
- rvDC->getEmailAddress = nss3certificate_getEmailAddress;
- rvDC->getDERSerialNumber = nss3certificate_getDERSerialNumber;
- return rvDC;
-}
-
-static nssDecodedCert *
-create_decoded_pkix_cert_from_nss3cert (
- NSSArena *arenaOpt,
- CERTCertificate *cc
-)
-{
- nssDecodedCert *rvDC;
- rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
- rvDC->type = NSSCertificateType_PKIX;
- rvDC->data = (void *)cc;
- rvDC->getIdentifier = nss3certificate_getIdentifier;
- rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
- rvDC->matchIdentifier = nss3certificate_matchIdentifier;
- rvDC->isValidIssuer = nss3certificate_isValidIssuer;
- rvDC->getUsage = nss3certificate_getUsage;
- rvDC->isValidAtTime = nss3certificate_isValidAtTime;
- rvDC->isNewerThan = nss3certificate_isNewerThan;
- rvDC->matchUsage = nss3certificate_matchUsage;
- rvDC->getEmailAddress = nss3certificate_getEmailAddress;
- return rvDC;
-}
-
-NSS_IMPLEMENT PRStatus
-nssDecodedPKIXCertificate_Destroy (
- nssDecodedCert *dc
-)
-{
- CERTCertificate *cert = (CERTCertificate *)dc->data;
-
- /* The decoder may only be half initialized (the case where we find we
- * could not decode the certificate). In this case, there is not cert to
- * free, just free the dc structure. */
- if (cert) {
- PRBool freeSlot = cert->ownSlot;
- PK11SlotInfo *slot = cert->slot;
- PRArenaPool *arena = cert->arena;
- /* zero cert before freeing. Any stale references to this cert
- * after this point will probably cause an exception. */
- PORT_Memset(cert, 0, sizeof *cert);
- /* free the arena that contains the cert. */
- PORT_FreeArena(arena, PR_FALSE);
- if (slot && freeSlot) {
- PK11_FreeSlot(slot);
- }
- }
- nss_ZFreeIf(dc);
- return PR_SUCCESS;
-}
-
-/* see pk11cert.c:pk11_HandleTrustObject */
-static unsigned int
-get_nss3trust_from_nss4trust(CK_TRUST t)
-{
- unsigned int rt = 0;
- if (t == nssTrustLevel_Trusted) {
- rt |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
- if (t == nssTrustLevel_TrustedDelegator) {
- rt |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA /*| CERTDB_NS_TRUSTED_CA*/;
- }
- if (t == nssTrustLevel_Valid) {
- rt |= CERTDB_VALID_PEER;
- }
- if (t == nssTrustLevel_ValidDelegator) {
- rt |= CERTDB_VALID_CA;
- }
- return rt;
-}
-
-static CERTCertTrust *
-cert_trust_from_stan_trust(NSSTrust *t, PRArenaPool *arena)
-{
- CERTCertTrust *rvTrust;
- unsigned int client;
- if (!t) {
- return NULL;
- }
- rvTrust = PORT_ArenaAlloc(arena, sizeof(CERTCertTrust));
- if (!rvTrust) return NULL;
- rvTrust->sslFlags = get_nss3trust_from_nss4trust(t->serverAuth);
- client = get_nss3trust_from_nss4trust(t->clientAuth);
- if (client & (CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA)) {
- client &= ~(CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA);
- rvTrust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
- }
- rvTrust->sslFlags |= client;
- rvTrust->emailFlags = get_nss3trust_from_nss4trust(t->emailProtection);
- rvTrust->objectSigningFlags = get_nss3trust_from_nss4trust(t->codeSigning);
- return rvTrust;
-}
-
-CERTCertTrust *
-nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, CERTCertificate *cc)
-{
- CERTCertTrust *rvTrust = NULL;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSTrust *t;
- t = nssTrustDomain_FindTrustForCertificate(td, c);
- if (t) {
- rvTrust = cert_trust_from_stan_trust(t, cc->arena);
- if (!rvTrust) {
- nssTrust_Destroy(t);
- return NULL;
- }
- nssTrust_Destroy(t);
- } else {
- rvTrust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
- if (!rvTrust) {
- return NULL;
- }
- memset(rvTrust, 0, sizeof(*rvTrust));
- }
- if (NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL)) {
- rvTrust->sslFlags |= CERTDB_USER;
- rvTrust->emailFlags |= CERTDB_USER;
- rvTrust->objectSigningFlags |= CERTDB_USER;
- }
- return rvTrust;
-}
-
-static nssCryptokiInstance *
-get_cert_instance(NSSCertificate *c)
-{
- nssCryptokiObject *instance, **ci;
- nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
- if (!instances) {
- return NULL;
- }
- instance = NULL;
- for (ci = instances; *ci; ci++) {
- if (!instance) {
- instance = nssCryptokiObject_Clone(*ci);
- } else {
- /* This only really works for two instances... But 3.4 can't
- * handle more anyway. The logic is, if there are multiple
- * instances, prefer the one that is not internal (e.g., on
- * a hardware device.
- */
- if (PK11_IsInternal(instance->token->pk11slot)) {
- nssCryptokiObject_Destroy(instance);
- instance = nssCryptokiObject_Clone(*ci);
- }
- }
- }
- nssCryptokiObjectArray_Destroy(instances);
- return instance;
-}
-
-char *
-STAN_GetCERTCertificateName(NSSCertificate *c)
-{
- nssCryptokiInstance *instance = get_cert_instance(c);
- NSSCryptoContext *context = c->object.cryptoContext;
- PRStatus nssrv;
- int nicklen, tokenlen, len;
- NSSUTF8 *tokenName = NULL;
- NSSUTF8 *stanNick = NULL;
- char *nickname = NULL;
- char *nick;
-
- if (instance) {
- stanNick = instance->label;
- } else if (context) {
- stanNick = c->object.tempName;
- }
- if (stanNick) {
- /* fill other fields needed by NSS3 functions using CERTCertificate */
- if (instance && !PK11_IsInternal(instance->token->pk11slot)) {
- tokenName = nssToken_GetName(instance->token);
- tokenlen = nssUTF8_Size(tokenName, &nssrv);
- } else {
- /* don't use token name for internal slot; 3.3 didn't */
- tokenlen = 0;
- }
- nicklen = nssUTF8_Size(stanNick, &nssrv);
- len = tokenlen + nicklen;
- nickname = PORT_Alloc(len);
- nick = nickname;
- if (tokenName) {
- memcpy(nick, tokenName, tokenlen-1);
- nick += tokenlen-1;
- *nick++ = ':';
- }
- memcpy(nick, stanNick, nicklen-1);
- nickname[len-1] = '\0';
- }
- return nickname;
-}
-
-
-static void
-fill_CERTCertificateFields(NSSCertificate *c, CERTCertificate *cc, PRBool forced)
-{
- NSSTrust *nssTrust;
- NSSCryptoContext *context = c->object.cryptoContext;
- nssCryptokiInstance *instance = get_cert_instance(c);
- NSSUTF8 *stanNick = NULL;
- if (instance) {
- stanNick = instance->label;
- } else if (context) {
- stanNick = c->object.tempName;
- }
- /* fill other fields needed by NSS3 functions using CERTCertificate */
- if ((!cc->nickname && stanNick) || forced) {
- PRStatus nssrv;
- int nicklen, tokenlen, len;
- NSSUTF8 *tokenName = NULL;
- char *nick;
- if (instance && !PK11_IsInternal(instance->token->pk11slot)) {
- tokenName = nssToken_GetName(instance->token);
- tokenlen = nssUTF8_Size(tokenName, &nssrv);
- } else {
- /* don't use token name for internal slot; 3.3 didn't */
- tokenlen = 0;
- }
- if (stanNick) {
- nicklen = nssUTF8_Size(stanNick, &nssrv);
- len = tokenlen + nicklen;
- cc->nickname = PORT_ArenaAlloc(cc->arena, len);
- nick = cc->nickname;
- if (tokenName) {
- memcpy(nick, tokenName, tokenlen-1);
- nick += tokenlen-1;
- *nick++ = ':';
- }
- memcpy(nick, stanNick, nicklen-1);
- cc->nickname[len-1] = '\0';
- } else {
- cc->nickname = NULL;
- }
- }
- if (context) {
- /* trust */
- nssTrust = nssCryptoContext_FindTrustForCertificate(context, c);
- if (nssTrust) {
- cc->trust = cert_trust_from_stan_trust(nssTrust, cc->arena);
- nssTrust_Destroy(nssTrust);
- }
- } else if (instance) {
- /* slot */
- if (cc->slot != instance->token->pk11slot) {
- if (cc->slot) {
- PK11_FreeSlot(cc->slot);
- }
- cc->slot = PK11_ReferenceSlot(instance->token->pk11slot);
- }
- cc->ownSlot = PR_TRUE;
- /* pkcs11ID */
- cc->pkcs11ID = instance->handle;
- /* trust */
- cc->trust = nssTrust_GetCERTCertTrustForCert(c, cc);
- nssCryptokiObject_Destroy(instance);
- }
- /* database handle is now the trust domain */
- cc->dbhandle = c->object.trustDomain;
- /* subjectList ? */
- /* istemp and isperm are supported in NSS 3.4 */
- cc->istemp = PR_FALSE; /* CERT_NewTemp will override this */
- cc->isperm = PR_TRUE; /* by default */
- /* pointer back */
- cc->nssCertificate = c;
-}
-
-static CERTCertificate *
-stan_GetCERTCertificate(NSSCertificate *c, PRBool forceUpdate)
-{
- nssDecodedCert *dc;
- CERTCertificate *cc;
- if (!c->decoding) {
- dc = nssDecodedPKIXCertificate_Create(NULL, &c->encoding);
- if (!dc) return NULL;
- c->decoding = dc;
- } else {
- dc = c->decoding;
- }
- cc = (CERTCertificate *)dc->data;
- if (cc) {
- if (!cc->nssCertificate || forceUpdate) {
- fill_CERTCertificateFields(c, cc, forceUpdate);
- } else if (!cc->trust && !c->object.cryptoContext) {
- /* if it's a perm cert, it might have been stored before the
- * trust, so look for the trust again. But a temp cert can be
- * ignored.
- */
- cc->trust = nssTrust_GetCERTCertTrustForCert(c, cc);
- }
- }
- return cc;
-}
-
-NSS_IMPLEMENT CERTCertificate *
-STAN_ForceCERTCertificateUpdate(NSSCertificate *c)
-{
- if (c->decoding) {
- return stan_GetCERTCertificate(c, PR_TRUE);
- }
- return NULL;
-}
-
-NSS_IMPLEMENT CERTCertificate *
-STAN_GetCERTCertificate(NSSCertificate *c)
-{
- return stan_GetCERTCertificate(c, PR_FALSE);
-}
-
-static nssTrustLevel
-get_stan_trust(unsigned int t, PRBool isClientAuth)
-{
- if (isClientAuth) {
- if (t & CERTDB_TRUSTED_CLIENT_CA) {
- return nssTrustLevel_TrustedDelegator;
- }
- } else {
- if (t & CERTDB_TRUSTED_CA || t & CERTDB_NS_TRUSTED_CA) {
- return nssTrustLevel_TrustedDelegator;
- }
- }
- if (t & CERTDB_TRUSTED) {
- return nssTrustLevel_Trusted;
- }
- if (t & CERTDB_VALID_CA) {
- return nssTrustLevel_ValidDelegator;
- }
- if (t & CERTDB_VALID_PEER) {
- return nssTrustLevel_Valid;
- }
- return nssTrustLevel_NotTrusted;
-}
-
-NSS_EXTERN NSSCertificate *
-STAN_GetNSSCertificate(CERTCertificate *cc)
-{
- NSSCertificate *c;
- nssCryptokiInstance *instance;
- nssPKIObject *pkiob;
- NSSArena *arena;
- c = cc->nssCertificate;
- if (c) {
- return c;
- }
- /* i don't think this should happen. but if it can, need to create
- * NSSCertificate from CERTCertificate values here. */
- /* Yup, it can happen. */
- arena = NSSArena_Create();
- if (!arena) {
- return NULL;
- }
- c = nss_ZNEW(arena, NSSCertificate);
- if (!c) {
- nssArena_Destroy(arena);
- return NULL;
- }
- NSSITEM_FROM_SECITEM(&c->encoding, &cc->derCert);
- c->type = NSSCertificateType_PKIX;
- pkiob = nssPKIObject_Create(arena, NULL, cc->dbhandle, NULL);
- if (!pkiob) {
- nssArena_Destroy(arena);
- return NULL;
- }
- c->object = *pkiob;
- nssItem_Create(arena,
- &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
- nssItem_Create(arena,
- &c->subject, cc->derSubject.len, cc->derSubject.data);
- if (PR_TRUE) {
- /* CERTCertificate stores serial numbers decoded. I need the DER
- * here. sigh.
- */
- SECItem derSerial;
- SECStatus secrv;
- secrv = CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
- if (secrv == SECFailure) {
- nssArena_Destroy(arena);
- return NULL;
- }
- nssItem_Create(arena, &c->serial, derSerial.len, derSerial.data);
- PORT_Free(derSerial.data);
- }
- if (cc->emailAddr) {
- c->email = nssUTF8_Create(arena,
- nssStringType_PrintableString,
- (NSSUTF8 *)cc->emailAddr,
- PORT_Strlen(cc->emailAddr));
- }
- if (cc->slot) {
- instance = nss_ZNEW(arena, nssCryptokiInstance);
- instance->token = nssToken_AddRef(PK11Slot_GetNSSToken(cc->slot));
- instance->handle = cc->pkcs11ID;
- instance->isTokenObject = PR_TRUE;
- if (cc->nickname) {
- instance->label = nssUTF8_Create(arena,
- nssStringType_UTF8String,
- (NSSUTF8 *)cc->nickname,
- PORT_Strlen(cc->nickname));
- }
- nssPKIObject_AddInstance(&c->object, instance);
- }
- c->decoding = create_decoded_pkix_cert_from_nss3cert(NULL, cc);
- cc->nssCertificate = c;
- return c;
-}
-
-static NSSToken*
-stan_GetTrustToken (
- NSSCertificate *c
-)
-{
- NSSToken *ttok = NULL;
- NSSToken *rtok = NULL;
- NSSToken *tok = NULL;
- nssCryptokiObject **ip;
- nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
- if (!instances) {
- return PR_FALSE;
- }
- for (ip = instances; *ip; ip++) {
- nssCryptokiObject *instance = *ip;
- nssCryptokiObject *to =
- nssToken_FindTrustForCertificate(instance->token, NULL,
- &c->encoding, &c->issuer, &c->serial,
- nssTokenSearchType_TokenOnly);
- NSSToken *ctok = instance->token;
- PRBool ro = PK11_IsReadOnly(ctok->pk11slot);
-
- if (to) {
- nssCryptokiObject_Destroy(to);
- ttok = ctok;
- if (!ro) {
- break;
- }
- } else {
- if (!rtok && ro) {
- rtok = ctok;
- }
- if (!tok && !ro) {
- tok = ctok;
- }
- }
- }
- nssCryptokiObjectArray_Destroy(instances);
- return ttok ? ttok : (tok ? tok : rtok);
-}
-
-NSS_EXTERN PRStatus
-STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust)
-{
- PRStatus nssrv;
- NSSCertificate *c = STAN_GetNSSCertificate(cc);
- NSSToken *tok;
- NSSTrustDomain *td;
- NSSTrust *nssTrust;
- NSSArena *arena;
- CERTCertTrust *oldTrust;
- nssListIterator *tokens;
- PRBool moving_object;
- nssCryptokiObject *newInstance;
- nssPKIObject *pkiob;
- oldTrust = nssTrust_GetCERTCertTrustForCert(c, cc);
- if (oldTrust) {
- if (memcmp(oldTrust, trust, sizeof (CERTCertTrust)) == 0) {
- /* ... and the new trust is no different, done) */
- return PR_SUCCESS;
- } else {
- /* take over memory already allocated in cc's arena */
- cc->trust = oldTrust;
- }
- } else {
- cc->trust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
- }
- memcpy(cc->trust, trust, sizeof(CERTCertTrust));
- /* Set the NSSCerticate's trust */
- arena = nssArena_Create();
- if (!arena) return PR_FAILURE;
- nssTrust = nss_ZNEW(arena, NSSTrust);
- pkiob = nssPKIObject_Create(arena, NULL, cc->dbhandle, NULL);
- if (!pkiob) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- nssTrust->object = *pkiob;
- nssTrust->certificate = c;
- nssTrust->serverAuth = get_stan_trust(trust->sslFlags, PR_FALSE);
- nssTrust->clientAuth = get_stan_trust(trust->sslFlags, PR_TRUE);
- nssTrust->emailProtection = get_stan_trust(trust->emailFlags, PR_FALSE);
- nssTrust->codeSigning = get_stan_trust(trust->objectSigningFlags, PR_FALSE);
- if (c->object.cryptoContext != NULL) {
- /* The cert is in a context, set the trust there */
- NSSCryptoContext *cc = c->object.cryptoContext;
- nssrv = nssCryptoContext_ImportTrust(cc, nssTrust);
- if (nssrv != PR_SUCCESS) {
- goto done;
- }
- if (c->object.numInstances == 0) {
- /* The context is the only instance, finished */
- goto done;
- }
- }
- td = STAN_GetDefaultTrustDomain();
- tok = stan_GetTrustToken(c);
- moving_object = PR_FALSE;
- if (tok && PK11_IsReadOnly(tok->pk11slot)) {
- tokens = nssList_CreateIterator(td->tokenList);
- if (!tokens) {
- nssrv = PR_FAILURE;
- goto done;
- }
- for (tok = (NSSToken *)nssListIterator_Start(tokens);
- tok != (NSSToken *)NULL;
- tok = (NSSToken *)nssListIterator_Next(tokens))
- {
- if (!PK11_IsReadOnly(tok->pk11slot)) break;
- }
- nssListIterator_Finish(tokens);
- nssListIterator_Destroy(tokens);
- moving_object = PR_TRUE;
- }
- if (tok) {
- if (moving_object) {
- /* this is kind of hacky. the softoken needs the cert
- * object in order to store trust. forcing it to be perm
- */
- NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
- NSSASCII7 *email = NULL;
-
- if (PK11_IsInternal(tok->pk11slot)) {
- email = c->email;
- }
- newInstance = nssToken_ImportCertificate(tok, NULL,
- NSSCertificateType_PKIX,
- &c->id,
- nickname,
- &c->encoding,
- &c->issuer,
- &c->subject,
- &c->serial,
- email,
- PR_TRUE);
- if (!newInstance) {
- nssrv = PR_FAILURE;
- goto done;
- }
- nssPKIObject_AddInstance(&c->object, newInstance);
- }
- newInstance = nssToken_ImportTrust(tok, NULL, &c->encoding,
- &c->issuer, &c->serial,
- nssTrust->serverAuth,
- nssTrust->clientAuth,
- nssTrust->codeSigning,
- nssTrust->emailProtection, PR_TRUE);
- /* If the selected token can't handle trust, dump the trust on
- * the internal token */
- if (!newInstance && !PK11_IsInternal(tok->pk11slot)) {
- PK11SlotInfo *slot = PK11_GetInternalKeySlot();
- NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
- NSSASCII7 *email = c->email;
- tok = PK11Slot_GetNSSToken(slot);
- PK11_FreeSlot(slot);
-
- newInstance = nssToken_ImportCertificate(tok, NULL,
- NSSCertificateType_PKIX,
- &c->id,
- nickname,
- &c->encoding,
- &c->issuer,
- &c->subject,
- &c->serial,
- email,
- PR_TRUE);
- if (!newInstance) {
- nssrv = PR_FAILURE;
- goto done;
- }
- nssPKIObject_AddInstance(&c->object, newInstance);
- newInstance = nssToken_ImportTrust(tok, NULL, &c->encoding,
- &c->issuer, &c->serial,
- nssTrust->serverAuth,
- nssTrust->clientAuth,
- nssTrust->codeSigning,
- nssTrust->emailProtection, PR_TRUE);
- }
- if (newInstance) {
- nssCryptokiObject_Destroy(newInstance);
- nssrv = PR_SUCCESS;
- } else {
- nssrv = PR_FAILURE;
- }
- } else {
- nssrv = PR_FAILURE;
- }
-done:
- (void)nssTrust_Destroy(nssTrust);
- return nssrv;
-}
-
-/* CERT_TraversePermCertsForSubject */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificatesBySubject (
- NSSTrustDomain *td,
- NSSDER *subject,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- NSSArena *tmpArena;
- NSSCertificate **subjectCerts;
- NSSCertificate *c;
- PRIntn i;
- tmpArena = NSSArena_Create();
- subjectCerts = NSSTrustDomain_FindCertificatesBySubject(td, subject, NULL,
- 0, tmpArena);
- if (subjectCerts) {
- for (i=0, c = subjectCerts[i]; c; i++) {
- nssrv = callback(c, arg);
- if (nssrv != PR_SUCCESS) break;
- }
- }
- nssArena_Destroy(tmpArena);
- return nssrv;
-}
-
-/* CERT_TraversePermCertsForNickname */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificatesByNickname (
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- NSSArena *tmpArena;
- NSSCertificate **nickCerts;
- NSSCertificate *c;
- PRIntn i;
- tmpArena = NSSArena_Create();
- nickCerts = NSSTrustDomain_FindCertificatesByNickname(td, nickname, NULL,
- 0, tmpArena);
- if (nickCerts) {
- for (i=0, c = nickCerts[i]; c; i++) {
- nssrv = callback(c, arg);
- if (nssrv != PR_SUCCESS) break;
- }
- }
- nssArena_Destroy(tmpArena);
- return nssrv;
-}
-
-static void cert_dump_iter(const void *k, void *v, void *a)
-{
- NSSCertificate *c = (NSSCertificate *)k;
- CERTCertificate *cert = STAN_GetCERTCertificate(c);
- printf("[%2d] \"%s\"\n", c->object.refCount, cert->subjectName);
-}
-
-void
-nss_DumpCertificateCacheInfo()
-{
- NSSTrustDomain *td;
- NSSCryptoContext *cc;
- td = STAN_GetDefaultTrustDomain();
- cc = STAN_GetDefaultCryptoContext();
- printf("\n\nCertificates in the cache:\n");
- nssTrustDomain_DumpCacheInfo(td, cert_dump_iter, NULL);
- printf("\n\nCertificates in the temporary store:\n");
- if (cc->certStore) {
- nssCertificateStore_DumpStoreInfo(cc->certStore, cert_dump_iter, NULL);
- }
-}
-
diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h
deleted file mode 100644
index da68269c3..000000000
--- a/security/nss/lib/pki/pki3hack.h
+++ /dev/null
@@ -1,185 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKINSS3HACK_H
-#define PKINSS3HACK_H
-
-#ifdef DEBUG
-static const char PKINSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#include "base.h"
-
-#include "cert.h"
-
-PR_BEGIN_EXTERN_C
-
-#define NSSITEM_FROM_SECITEM(nssit, secit) \
- (nssit)->data = (void *)(secit)->data; \
- (nssit)->size = (PRUint32)(secit)->len;
-
-#define SECITEM_FROM_NSSITEM(secit, nssit) \
- (secit)->data = (unsigned char *)(nssit)->data; \
- (secit)->len = (unsigned int)(nssit)->size;
-
-NSS_EXTERN NSSTrustDomain *
-STAN_GetDefaultTrustDomain();
-
-NSS_EXTERN NSSCryptoContext *
-STAN_GetDefaultCryptoContext();
-
-NSS_EXTERN PRStatus
-STAN_LoadDefaultNSS3TrustDomain
-(
- void
-);
-
-NSS_EXTERN PRStatus
-STAN_Shutdown();
-
-NSS_EXTERN SECStatus
-STAN_AddModuleToDefaultTrustDomain
-(
- SECMODModule *module
-);
-
-NSS_EXTERN SECStatus
-STAN_RemoveModuleFromDefaultTrustDomain
-(
- SECMODModule *module
-);
-
-NSS_EXTERN CERTCertificate *
-STAN_ForceCERTCertificateUpdate(NSSCertificate *c);
-
-NSS_EXTERN CERTCertificate *
-STAN_GetCERTCertificate(NSSCertificate *c);
-
-NSS_EXTERN NSSCertificate *
-STAN_GetNSSCertificate(CERTCertificate *c);
-
-NSS_EXTERN CERTCertTrust *
-nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, CERTCertificate *cc);
-
-NSS_EXTERN PRStatus
-STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust);
-
-NSS_EXTERN PRStatus
-nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena,
- NSSDER *issuer, NSSDER *serial);
-
-NSS_EXTERN char *
-STAN_GetCERTCertificateName(NSSCertificate *c);
-
-/* exposing this */
-NSS_EXTERN NSSCertificate *
-NSSCertificate_Create
-(
- NSSArena *arenaOpt
-);
-
-/* This function is being put here because it is a hack for
- * PK11_FindCertFromNickname.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_FindBestCertificateByNicknameForToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/* This function is being put here because it is a hack for
- * PK11_FindCertsFromNickname.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByNicknameForToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/* CERT_TraversePermCertsForSubject */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/* CERT_TraversePermCertsForNickname */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificatesByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/* SEC_TraversePermCerts */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificates
-(
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/* CERT_AddTempCertToPerm */
-NSS_EXTERN PRStatus
-nssTrustDomain_AddTempCertToPerm
-(
- NSSCertificate *c
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKINSS3HACK_H */
diff --git a/security/nss/lib/pki/pkibase.c b/security/nss/lib/pki/pkibase.c
deleted file mode 100644
index 8dafc422a..000000000
--- a/security/nss/lib/pki/pkibase.c
+++ /dev/null
@@ -1,1452 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifdef NSS_3_4_CODE
-#include "pki3hack.h"
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT nssPKIObject *
-nssPKIObject_Create (
- NSSArena *arenaOpt,
- nssCryptokiObject *instanceOpt,
- NSSTrustDomain *td,
- NSSCryptoContext *cc
-)
-{
- NSSArena *arena;
- nssArenaMark *mark = NULL;
- nssPKIObject *object;
- if (arenaOpt) {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- } else {
- arena = nssArena_Create();
- if (!arena) {
- return (nssPKIObject *)NULL;
- }
- }
- object = nss_ZNEW(arena, nssPKIObject);
- if (!object) {
- goto loser;
- }
- object->arena = arena;
- object->trustDomain = td; /* XXX */
- object->cryptoContext = cc;
- object->lock = PZ_NewLock(nssILockOther);
- if (!object->lock) {
- goto loser;
- }
- if (instanceOpt) {
- if (nssPKIObject_AddInstance(object, instanceOpt) != PR_SUCCESS) {
- goto loser;
- }
- }
- PR_AtomicIncrement(&object->refCount);
- if (mark) {
- nssArena_Unmark(arena, mark);
- }
- return object;
-loser:
- if (mark) {
- nssArena_Release(arena, mark);
- } else {
- nssArena_Destroy(arena);
- }
- return (nssPKIObject *)NULL;
-}
-
-NSS_IMPLEMENT PRBool
-nssPKIObject_Destroy (
- nssPKIObject *object
-)
-{
- PRUint32 i;
- PR_ASSERT(object->refCount > 0);
- PR_AtomicDecrement(&object->refCount);
- if (object->refCount == 0) {
- for (i=0; i<object->numInstances; i++) {
- nssCryptokiObject_Destroy(object->instances[i]);
- }
- PZ_DestroyLock(object->lock);
- nssArena_Destroy(object->arena);
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT nssPKIObject *
-nssPKIObject_AddRef (
- nssPKIObject *object
-)
-{
- PR_AtomicIncrement(&object->refCount);
- return object;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObject_AddInstance (
- nssPKIObject *object,
- nssCryptokiObject *instance
-)
-{
- PZ_Lock(object->lock);
- if (object->numInstances == 0) {
- object->instances = nss_ZNEWARRAY(object->arena,
- nssCryptokiObject *,
- object->numInstances + 1);
- } else {
- PRUint32 i;
- for (i=0; i<object->numInstances; i++) {
- if (nssCryptokiObject_Equal(object->instances[i], instance)) {
- PZ_Unlock(object->lock);
- if (instance->label) {
- if (!object->instances[i]->label ||
- !nssUTF8_Equal(instance->label,
- object->instances[i]->label, NULL))
- {
- /* Either the old instance did not have a label,
- * or the label has changed.
- */
- nss_ZFreeIf(object->instances[i]->label);
- object->instances[i]->label = instance->label;
- instance->label = NULL;
- }
- } else if (object->instances[i]->label) {
- /* The old label was removed */
- nss_ZFreeIf(object->instances[i]->label);
- object->instances[i]->label = NULL;
- }
- nssCryptokiObject_Destroy(instance);
- return PR_SUCCESS;
- }
- }
- object->instances = nss_ZREALLOCARRAY(object->instances,
- nssCryptokiObject *,
- object->numInstances + 1);
- }
- if (!object->instances) {
- PZ_Unlock(object->lock);
- return PR_FAILURE;
- }
- object->instances[object->numInstances++] = instance;
- PZ_Unlock(object->lock);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRBool
-nssPKIObject_HasInstance (
- nssPKIObject *object,
- nssCryptokiObject *instance
-)
-{
- PRUint32 i;
- PRBool hasIt = PR_FALSE;;
- PZ_Lock(object->lock);
- for (i=0; i<object->numInstances; i++) {
- if (nssCryptokiObject_Equal(object->instances[i], instance)) {
- hasIt = PR_TRUE;
- break;
- }
- }
- PZ_Unlock(object->lock);
- return hasIt;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObject_RemoveInstanceForToken (
- nssPKIObject *object,
- NSSToken *token
-)
-{
- PRUint32 i;
- nssCryptokiObject *instanceToRemove = NULL;
- PZ_Lock(object->lock);
- if (object->numInstances == 0) {
- PZ_Unlock(object->lock);
- return PR_SUCCESS;
- }
- for (i=0; i<object->numInstances; i++) {
- if (object->instances[i]->token == token) {
- instanceToRemove = object->instances[i];
- object->instances[i] = object->instances[object->numInstances-1];
- object->instances[object->numInstances-1] = NULL;
- break;
- }
- }
- if (--object->numInstances > 0) {
- object->instances = nss_ZREALLOCARRAY(object->instances,
- nssCryptokiObject *,
- object->numInstances);
- if (!object->instances) {
- PZ_Unlock(object->lock);
- return PR_FAILURE;
- }
- } else {
- nss_ZFreeIf(object->instances);
- }
- nssCryptokiObject_Destroy(instanceToRemove);
- PZ_Unlock(object->lock);
- return PR_SUCCESS;
-}
-
-/* this needs more thought on what will happen when there are multiple
- * instances
- */
-NSS_IMPLEMENT PRStatus
-nssPKIObject_DeleteStoredObject (
- nssPKIObject *object,
- NSSCallback *uhh,
- PRBool isFriendly
-)
-{
- PRUint32 i, numNotDestroyed;
- PRStatus status = PR_SUCCESS;
- NSSTrustDomain *td = object->trustDomain;
- NSSCallback *pwcb = uhh ? /* is this optional? */
- uhh :
- nssTrustDomain_GetDefaultCallback(td, NULL);
- numNotDestroyed = 0;
- PZ_Lock(object->lock);
- for (i=0; i<object->numInstances; i++) {
- nssCryptokiObject *instance = object->instances[i];
-#ifndef NSS_3_4_CODE
- NSSSlot *slot = nssToken_GetSlot(instance->token);
- /* If both the operation and the slot are friendly, login is
- * not required. If either or both are not friendly, it is
- * required.
- */
- if (!(isFriendly && nssSlot_IsFriendly(slot))) {
- status = nssSlot_Login(slot, pwcb);
- nssSlot_Destroy(slot);
- if (status == PR_SUCCESS) {
- /* XXX this should be fixed to understand read-only tokens,
- * for now, to handle the builtins, just make the attempt.
- */
- status = nssToken_DeleteStoredObject(instance);
- }
- }
-#else
- status = nssToken_DeleteStoredObject(instance);
-#endif
- object->instances[i] = NULL;
- if (status == PR_SUCCESS) {
- nssCryptokiObject_Destroy(instance);
- } else {
- object->instances[numNotDestroyed++] = instance;
- }
- }
- if (numNotDestroyed == 0) {
- nss_ZFreeIf(object->instances);
- object->numInstances = 0;
- } else {
- object->numInstances = numNotDestroyed;
- }
- PZ_Unlock(object->lock);
- return status;
-}
-
-NSS_IMPLEMENT NSSToken **
-nssPKIObject_GetTokens (
- nssPKIObject *object,
- PRStatus *statusOpt
-)
-{
- NSSToken **tokens = NULL;
- PZ_Lock(object->lock);
- if (object->numInstances > 0) {
- tokens = nss_ZNEWARRAY(NULL, NSSToken *, object->numInstances + 1);
- if (tokens) {
- PRUint32 i;
- for (i=0; i<object->numInstances; i++) {
- tokens[i] = nssToken_AddRef(object->instances[i]->token);
- }
- }
- }
- PZ_Unlock(object->lock);
- if (statusOpt) *statusOpt = PR_SUCCESS; /* until more logic here */
- return tokens;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIObject_GetNicknameForToken (
- nssPKIObject *object,
- NSSToken *tokenOpt
-)
-{
- PRUint32 i;
- NSSUTF8 *nickname = NULL;
- PZ_Lock(object->lock);
- for (i=0; i<object->numInstances; i++) {
- if ((!tokenOpt && object->instances[i]->label) ||
- (object->instances[i]->token == tokenOpt))
- {
- /* XXX should be copy? safe as long as caller has reference */
- nickname = object->instances[i]->label;
- break;
- }
- }
- PZ_Unlock(object->lock);
- return nickname;
-}
-
-#ifdef NSS_3_4_CODE
-NSS_IMPLEMENT nssCryptokiObject **
-nssPKIObject_GetInstances (
- nssPKIObject *object
-)
-{
- nssCryptokiObject **instances = NULL;
- PRUint32 i;
- if (object->numInstances == 0) {
- return (nssCryptokiObject **)NULL;
- }
- PZ_Lock(object->lock);
- instances = nss_ZNEWARRAY(NULL, nssCryptokiObject *,
- object->numInstances + 1);
- if (instances) {
- for (i=0; i<object->numInstances; i++) {
- instances[i] = nssCryptokiObject_Clone(object->instances[i]);
- }
- }
- PZ_Unlock(object->lock);
- return instances;
-}
-#endif
-
-NSS_IMPLEMENT void
-nssCertificateArray_Destroy (
- NSSCertificate **certs
-)
-{
- if (certs) {
- NSSCertificate **certp;
- for (certp = certs; *certp; certp++) {
-#ifdef NSS_3_4_CODE
- if ((*certp)->decoding) {
- CERTCertificate *cc = STAN_GetCERTCertificate(*certp);
- if (cc) {
- CERT_DestroyCertificate(cc);
- }
- continue;
- }
-#endif
- nssCertificate_Destroy(*certp);
- }
- nss_ZFreeIf(certs);
- }
-}
-
-NSS_IMPLEMENT void
-NSSCertificateArray_Destroy (
- NSSCertificate **certs
-)
-{
- nssCertificateArray_Destroy(certs);
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateArray_Join (
- NSSCertificate **certs1,
- NSSCertificate **certs2
-)
-{
- if (certs1 && certs2) {
- NSSCertificate **certs, **cp;
- PRUint32 count = 0;
- PRUint32 count1 = 0;
- cp = certs1;
- while (*cp++) count1++;
- count = count1;
- cp = certs2;
- while (*cp++) count++;
- certs = nss_ZREALLOCARRAY(certs1, NSSCertificate *, count + 1);
- if (!certs) {
- nss_ZFreeIf(certs1);
- nss_ZFreeIf(certs2);
- return (NSSCertificate **)NULL;
- }
- for (cp = certs2; *cp; cp++, count1++) {
- certs[count1] = *cp;
- }
- nss_ZFreeIf(certs2);
- return certs;
- } else if (certs1) {
- return certs1;
- } else {
- return certs2;
- }
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateArray_FindBestCertificate (
- NSSCertificate **certs,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- NSSCertificate *bestCert = NULL;
- NSSTime *time, sTime;
- PRBool haveUsageMatch = PR_FALSE;
- PRBool thisCertMatches;
-
- if (timeOpt) {
- time = timeOpt;
- } else {
- NSSTime_Now(&sTime);
- time = &sTime;
- }
- if (!certs) {
- return (NSSCertificate *)NULL;
- }
- for (; *certs; certs++) {
- nssDecodedCert *dc, *bestdc;
- NSSCertificate *c = *certs;
- dc = nssCertificate_GetDecoding(c);
- if (!dc) continue;
- thisCertMatches = dc->matchUsage(dc, usage);
- if (!bestCert) {
- /* always take the first cert, but remember whether or not
- * the usage matched
- */
- bestCert = nssCertificate_AddRef(c);
- haveUsageMatch = thisCertMatches;
- continue;
- } else {
- if (haveUsageMatch && !thisCertMatches) {
- /* if already have a cert for this usage, and if this cert
- * doesn't have the correct usage, continue
- */
- continue;
- } else if (!haveUsageMatch && thisCertMatches) {
- /* this one does match usage, replace the other */
- nssCertificate_Destroy(bestCert);
- bestCert = nssCertificate_AddRef(c);
- haveUsageMatch = PR_TRUE;
- continue;
- }
- /* this cert match as well as any cert we've found so far,
- * defer to time/policies
- * */
- }
- bestdc = nssCertificate_GetDecoding(bestCert);
- /* time */
- if (bestdc->isValidAtTime(bestdc, time)) {
- /* The current best cert is valid at time */
- if (!dc->isValidAtTime(dc, time)) {
- /* If the new cert isn't valid at time, it's not better */
- continue;
- }
- } else {
- /* The current best cert is not valid at time */
- if (dc->isValidAtTime(dc, time)) {
- /* If the new cert is valid at time, it's better */
- nssCertificate_Destroy(bestCert);
- bestCert = nssCertificate_AddRef(c);
- }
- }
- /* either they are both valid at time, or neither valid;
- * take the newer one
- */
- if (!bestdc->isNewerThan(bestdc, dc)) {
- nssCertificate_Destroy(bestCert);
- bestCert = nssCertificate_AddRef(c);
- }
- /* policies */
- /* XXX later -- defer to policies */
- }
- return bestCert;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCertificateArray_Traverse (
- NSSCertificate **certs,
- PRStatus (* callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus status = PR_SUCCESS;
- if (certs) {
- NSSCertificate **certp;
- for (certp = certs; *certp; certp++) {
- status = (*callback)(*certp, arg);
- if (status != PR_SUCCESS) {
- break;
- }
- }
- }
- return status;
-}
-
-
-NSS_IMPLEMENT void
-nssCRLArray_Destroy (
- NSSCRL **crls
-)
-{
- if (crls) {
- NSSCRL **crlp;
- for (crlp = crls; *crlp; crlp++) {
- nssCRL_Destroy(*crlp);
- }
- nss_ZFreeIf(crls);
- }
-}
-
-/*
- * Object collections
- */
-
-typedef enum
-{
- pkiObjectType_Certificate = 0,
- pkiObjectType_CRL = 1,
- pkiObjectType_PrivateKey = 2,
- pkiObjectType_PublicKey = 3
-} pkiObjectType;
-
-/* Each object is defined by a set of items that uniquely identify it.
- * Here are the uid sets:
- *
- * NSSCertificate ==> { issuer, serial }
- * NSSPrivateKey
- * (RSA) ==> { modulus, public exponent }
- *
- */
-#define MAX_ITEMS_FOR_UID 2
-
-/* pkiObjectCollectionNode
- *
- * A node in the collection is the set of unique identifiers for a single
- * object, along with either the actual object or a proto-object.
- */
-typedef struct
-{
- PRCList link;
- PRBool haveObject;
- nssPKIObject *object;
- NSSItem uid[MAX_ITEMS_FOR_UID];
-}
-pkiObjectCollectionNode;
-
-/* nssPKIObjectCollection
- *
- * The collection is the set of all objects, plus the interfaces needed
- * to manage the objects.
- *
- */
-struct nssPKIObjectCollectionStr
-{
- NSSArena *arena;
- NSSTrustDomain *td;
- NSSCryptoContext *cc;
- PRCList head; /* list of pkiObjectCollectionNode's */
- PRUint32 size;
- pkiObjectType objectType;
- void (* destroyObject)(nssPKIObject *o);
- PRStatus (* getUIDFromObject)(nssPKIObject *o, NSSItem *uid);
- PRStatus (* getUIDFromInstance)(nssCryptokiObject *co, NSSItem *uid,
- NSSArena *arena);
- nssPKIObject * (* createObject)(nssPKIObject *o);
-};
-
-static nssPKIObjectCollection *
-nssPKIObjectCollection_Create (
- NSSTrustDomain *td,
- NSSCryptoContext *ccOpt
-)
-{
- NSSArena *arena;
- nssPKIObjectCollection *rvCollection = NULL;
- arena = nssArena_Create();
- if (!arena) {
- return (nssPKIObjectCollection *)NULL;
- }
- rvCollection = nss_ZNEW(arena, nssPKIObjectCollection);
- if (!rvCollection) {
- goto loser;
- }
- PR_INIT_CLIST(&rvCollection->head);
- rvCollection->arena = arena;
- rvCollection->td = td; /* XXX */
- rvCollection->cc = ccOpt;
- return rvCollection;
-loser:
- nssArena_Destroy(arena);
- return (nssPKIObjectCollection *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssPKIObjectCollection_Destroy (
- nssPKIObjectCollection *collection
-)
-{
- if (collection) {
- PRCList *link;
- pkiObjectCollectionNode *node;
- /* first destroy any objects in the collection */
- link = PR_NEXT_LINK(&collection->head);
- while (link != &collection->head) {
- node = (pkiObjectCollectionNode *)link;
- if (node->haveObject) {
- (*collection->destroyObject)(node->object);
- } else {
- nssPKIObject_Destroy(node->object);
- }
- link = PR_NEXT_LINK(link);
- }
- /* then destroy it */
- nssArena_Destroy(collection->arena);
- }
-}
-
-NSS_IMPLEMENT PRUint32
-nssPKIObjectCollection_Count (
- nssPKIObjectCollection *collection
-)
-{
- return collection->size;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_AddObject (
- nssPKIObjectCollection *collection,
- nssPKIObject *object
-)
-{
- pkiObjectCollectionNode *node;
- node = nss_ZNEW(collection->arena, pkiObjectCollectionNode);
- if (!node) {
- return PR_FAILURE;
- }
- node->haveObject = PR_TRUE;
- node->object = nssPKIObject_AddRef(object);
- (*collection->getUIDFromObject)(object, node->uid);
- PR_INIT_CLIST(&node->link);
- PR_INSERT_BEFORE(&node->link, &collection->head);
- collection->size++;
- return PR_SUCCESS;
-}
-
-static pkiObjectCollectionNode *
-find_instance_in_collection (
- nssPKIObjectCollection *collection,
- nssCryptokiObject *instance
-)
-{
- PRCList *link;
- pkiObjectCollectionNode *node;
- link = PR_NEXT_LINK(&collection->head);
- while (link != &collection->head) {
- node = (pkiObjectCollectionNode *)link;
- if (nssPKIObject_HasInstance(node->object, instance)) {
- return node;
- }
- link = PR_NEXT_LINK(link);
- }
- return (pkiObjectCollectionNode *)NULL;
-}
-
-static pkiObjectCollectionNode *
-find_object_in_collection (
- nssPKIObjectCollection *collection,
- NSSItem *uid
-)
-{
- PRUint32 i;
- PRStatus status;
- PRCList *link;
- pkiObjectCollectionNode *node;
- link = PR_NEXT_LINK(&collection->head);
- while (link != &collection->head) {
- node = (pkiObjectCollectionNode *)link;
- for (i=0; i<MAX_ITEMS_FOR_UID; i++) {
- if (!nssItem_Equal(&node->uid[i], &uid[i], &status)) {
- break;
- }
- }
- if (i == MAX_ITEMS_FOR_UID) {
- return node;
- }
- link = PR_NEXT_LINK(link);
- }
- return (pkiObjectCollectionNode *)NULL;
-}
-
-static pkiObjectCollectionNode *
-add_object_instance (
- nssPKIObjectCollection *collection,
- nssCryptokiObject *instance,
- PRBool *foundIt
-)
-{
- PRUint32 i;
- PRStatus status;
- pkiObjectCollectionNode *node;
- nssArenaMark *mark = NULL;
- NSSItem uid[MAX_ITEMS_FOR_UID];
- nsslibc_memset(uid, 0, sizeof uid);
- /* The list is traversed twice, first (here) looking to match the
- * { token, handle } tuple, and if that is not found, below a search
- * for unique identifier is done. Here, a match means this exact object
- * instance is already in the collection, and we have nothing to do.
- */
- *foundIt = PR_FALSE;
- node = find_instance_in_collection(collection, instance);
- if (node) {
- /* The collection is assumed to take over the instance. Since we
- * are not using it, it must be destroyed.
- */
- nssCryptokiObject_Destroy(instance);
- *foundIt = PR_TRUE;
- return node;
- }
- mark = nssArena_Mark(collection->arena);
- if (!mark) {
- goto loser;
- }
- status = (*collection->getUIDFromInstance)(instance, uid,
- collection->arena);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- /* Search for unique identifier. A match here means the object exists
- * in the collection, but does not have this instance, so the instance
- * needs to be added.
- */
- node = find_object_in_collection(collection, uid);
- if (node) {
- /* This is a object with multiple instances */
- status = nssPKIObject_AddInstance(node->object, instance);
- } else {
- /* This is a completely new object. Create a node for it. */
- node = nss_ZNEW(collection->arena, pkiObjectCollectionNode);
- if (!node) {
- goto loser;
- }
- node->object = nssPKIObject_Create(NULL, instance,
- collection->td, collection->cc);
- if (!node->object) {
- goto loser;
- }
- for (i=0; i<MAX_ITEMS_FOR_UID; i++) {
- node->uid[i] = uid[i];
- }
- node->haveObject = PR_FALSE;
- PR_INIT_CLIST(&node->link);
- PR_INSERT_BEFORE(&node->link, &collection->head);
- collection->size++;
- status = PR_SUCCESS;
- }
- nssArena_Unmark(collection->arena, mark);
- return node;
-loser:
- if (mark) {
- nssArena_Release(collection->arena, mark);
- }
- nssCryptokiObject_Destroy(instance);
- return (pkiObjectCollectionNode *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_AddInstances (
- nssPKIObjectCollection *collection,
- nssCryptokiObject **instances,
- PRUint32 numInstances
-)
-{
- PRStatus status = PR_SUCCESS;
- PRUint32 i = 0;
- PRBool foundIt;
- pkiObjectCollectionNode *node;
- if (instances) {
- for (; *instances; instances++, i++) {
- if (numInstances > 0 && i == numInstances) {
- break;
- }
- node = add_object_instance(collection, *instances, &foundIt);
- if (node == NULL) {
- goto loser;
- }
- }
- }
- return status;
-loser:
- /* free the remaining instances */
- for (; *instances; instances++, i++) {
- if (numInstances > 0 && i == numInstances) {
- break;
- }
- nssCryptokiObject_Destroy(*instances);
- }
- return PR_FAILURE;
-}
-
-static void
-nssPKIObjectCollection_RemoveNode (
- nssPKIObjectCollection *collection,
- pkiObjectCollectionNode *node
-)
-{
- PR_REMOVE_LINK(&node->link);
- collection->size--;
-}
-
-static PRStatus
-nssPKIObjectCollection_GetObjects (
- nssPKIObjectCollection *collection,
- nssPKIObject **rvObjects,
- PRUint32 rvSize
-)
-{
- PRUint32 i = 0;
- PRCList *link = PR_NEXT_LINK(&collection->head);
- pkiObjectCollectionNode *node;
- int error=0;
- while ((i < rvSize) && (link != &collection->head)) {
- node = (pkiObjectCollectionNode *)link;
- if (!node->haveObject) {
- /* Convert the proto-object to an object */
- node->object = (*collection->createObject)(node->object);
- if (!node->object) {
- link = PR_NEXT_LINK(link);
- /*remove bogus object from list*/
- nssPKIObjectCollection_RemoveNode(collection,node);
- error++;
- continue;
- }
- node->haveObject = PR_TRUE;
- }
- rvObjects[i++] = nssPKIObject_AddRef(node->object);
- link = PR_NEXT_LINK(link);
- }
- if (!error && *rvObjects == NULL) {
- nss_SetError(NSS_ERROR_NOT_FOUND);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_Traverse (
- nssPKIObjectCollection *collection,
- nssPKIObjectCallback *callback
-)
-{
- PRStatus status;
- PRCList *link = PR_NEXT_LINK(&collection->head);
- pkiObjectCollectionNode *node;
- while (link != &collection->head) {
- node = (pkiObjectCollectionNode *)link;
- if (!node->haveObject) {
- node->object = (*collection->createObject)(node->object);
- if (!node->object) {
- link = PR_NEXT_LINK(link);
- /*remove bogus object from list*/
- nssPKIObjectCollection_RemoveNode(collection,node);
- continue;
- }
- node->haveObject = PR_TRUE;
- }
- switch (collection->objectType) {
- case pkiObjectType_Certificate:
- status = (*callback->func.cert)((NSSCertificate *)node->object,
- callback->arg);
- break;
- case pkiObjectType_CRL:
- status = (*callback->func.crl)((NSSCRL *)node->object,
- callback->arg);
- break;
- case pkiObjectType_PrivateKey:
- status = (*callback->func.pvkey)((NSSPrivateKey *)node->object,
- callback->arg);
- break;
- case pkiObjectType_PublicKey:
- status = (*callback->func.pbkey)((NSSPublicKey *)node->object,
- callback->arg);
- break;
- }
- link = PR_NEXT_LINK(link);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_AddInstanceAsObject (
- nssPKIObjectCollection *collection,
- nssCryptokiObject *instance
-)
-{
- pkiObjectCollectionNode *node;
- PRBool foundIt;
- node = add_object_instance(collection, instance, &foundIt);
- if (node == NULL) {
- return PR_FAILURE;
- }
- if (!node->haveObject) {
- node->object = (*collection->createObject)(node->object);
- if (!node->object) {
- /*remove bogus object from list*/
- nssPKIObjectCollection_RemoveNode(collection,node);
- return PR_FAILURE;
- }
- node->haveObject = PR_TRUE;
- }
-#ifdef NSS_3_4_CODE
- else if (!foundIt) {
- /* The instance was added to a pre-existing node. This
- * function is *only* being used for certificates, and having
- * multiple instances of certs in 3.X requires updating the
- * CERTCertificate.
- * But only do it if it was a new instance!!! If the same instance
- * is encountered, we set *foundIt to true. Detect that here and
- * ignore it.
- */
- STAN_ForceCERTCertificateUpdate((NSSCertificate *)node->object);
- }
-#endif
- return PR_SUCCESS;
-}
-
-/*
- * Certificate collections
- */
-
-static void
-cert_destroyObject(nssPKIObject *o)
-{
- NSSCertificate *c = (NSSCertificate *)o;
-#ifdef NSS_3_4_CODE
- if (c->decoding) {
- CERTCertificate *cc = STAN_GetCERTCertificate(c);
- if (cc) {
- CERT_DestroyCertificate(cc);
- return;
- } /* else destroy it as NSSCertificate below */
- }
-#endif
- nssCertificate_Destroy(c);
-}
-
-static PRStatus
-cert_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
- NSSCertificate *c = (NSSCertificate *)o;
-#ifdef NSS_3_4_CODE
- /* The builtins are still returning decoded serial numbers. Until
- * this compatibility issue is resolved, use the full DER of the
- * cert to uniquely identify it.
- */
- NSSDER *derCert;
- derCert = nssCertificate_GetEncoding(c);
- uid[0].data = NULL; uid[0].size = 0;
- uid[1].data = NULL; uid[1].size = 0;
- if (derCert != NULL) {
- uid[0] = *derCert;
- }
-#else
- NSSDER *issuer, *serial;
- issuer = nssCertificate_GetIssuer(c);
- serial = nssCertificate_GetSerialNumber(c);
- uid[0] = *issuer;
- uid[1] = *serial;
-#endif /* NSS_3_4_CODE */
- return PR_SUCCESS;
-}
-
-static PRStatus
-cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
- NSSArena *arena)
-{
-#ifdef NSS_3_4_CODE
- /* The builtins are still returning decoded serial numbers. Until
- * this compatibility issue is resolved, use the full DER of the
- * cert to uniquely identify it.
- */
- uid[1].data = NULL; uid[1].size = 0;
- return nssCryptokiCertificate_GetAttributes(instance,
- NULL, /* XXX sessionOpt */
- arena, /* arena */
- NULL, /* type */
- NULL, /* id */
- &uid[0], /* encoding */
- NULL, /* issuer */
- NULL, /* serial */
- NULL); /* subject */
-#else
- return nssCryptokiCertificate_GetAttributes(instance,
- NULL, /* XXX sessionOpt */
- arena, /* arena */
- NULL, /* type */
- NULL, /* id */
- NULL, /* encoding */
- &uid[0], /* issuer */
- &uid[1], /* serial */
- NULL); /* subject */
-#endif /* NSS_3_4_CODE */
-}
-
-static nssPKIObject *
-cert_createObject(nssPKIObject *o)
-{
- NSSCertificate *cert;
- cert = nssCertificate_Create(o);
-#ifdef NSS_3_4_CODE
-/* if (STAN_GetCERTCertificate(cert) == NULL) {
- nssCertificate_Destroy(cert);
- return (nssPKIObject *)NULL;
- } */
- /* In 3.4, have to maintain uniqueness of cert pointers by caching all
- * certs. Cache the cert here, before returning. If it is already
- * cached, take the cached entry.
- */
- {
- NSSTrustDomain *td = o->trustDomain;
- nssTrustDomain_AddCertsToCache(td, &cert, 1);
- }
-#endif
- return (nssPKIObject *)cert;
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssCertificateCollection_Create (
- NSSTrustDomain *td,
- NSSCertificate **certsOpt
-)
-{
- PRStatus status;
- nssPKIObjectCollection *collection;
- collection = nssPKIObjectCollection_Create(td, NULL);
- collection->objectType = pkiObjectType_Certificate;
- collection->destroyObject = cert_destroyObject;
- collection->getUIDFromObject = cert_getUIDFromObject;
- collection->getUIDFromInstance = cert_getUIDFromInstance;
- collection->createObject = cert_createObject;
- if (certsOpt) {
- for (; *certsOpt; certsOpt++) {
- nssPKIObject *object = (nssPKIObject *)(*certsOpt);
- status = nssPKIObjectCollection_AddObject(collection, object);
- }
- }
- return collection;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssPKIObjectCollection_GetCertificates (
- nssPKIObjectCollection *collection,
- NSSCertificate **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- PRStatus status;
- PRUint32 rvSize;
- PRBool allocated = PR_FALSE;
- if (collection->size == 0) {
- return (NSSCertificate **)NULL;
- }
- if (maximumOpt == 0) {
- rvSize = collection->size;
- } else {
- rvSize = PR_MIN(collection->size, maximumOpt);
- }
- if (!rvOpt) {
- rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, rvSize + 1);
- if (!rvOpt) {
- return (NSSCertificate **)NULL;
- }
- allocated = PR_TRUE;
- }
- status = nssPKIObjectCollection_GetObjects(collection,
- (nssPKIObject **)rvOpt,
- rvSize);
- if (status != PR_SUCCESS) {
- if (allocated) {
- nss_ZFreeIf(rvOpt);
- }
- return (NSSCertificate **)NULL;
- }
- return rvOpt;
-}
-
-/*
- * CRL/KRL collections
- */
-
-static void
-crl_destroyObject(nssPKIObject *o)
-{
- NSSCRL *crl = (NSSCRL *)o;
- nssCRL_Destroy(crl);
-}
-
-static PRStatus
-crl_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
- NSSCRL *crl = (NSSCRL *)o;
- NSSDER *encoding;
- encoding = nssCRL_GetEncoding(crl);
- uid[0] = *encoding;
- uid[1].data = NULL; uid[1].size = 0;
- return PR_SUCCESS;
-}
-
-static PRStatus
-crl_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
- NSSArena *arena)
-{
- return nssCryptokiCRL_GetAttributes(instance,
- NULL, /* XXX sessionOpt */
- arena, /* arena */
- &uid[0], /* encoding */
- NULL, /* subject */
- NULL, /* class */
- NULL, /* url */
- NULL); /* isKRL */
-}
-
-static nssPKIObject *
-crl_createObject(nssPKIObject *o)
-{
- return (nssPKIObject *)nssCRL_Create(o);
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssCRLCollection_Create (
- NSSTrustDomain *td,
- NSSCRL **crlsOpt
-)
-{
- PRStatus status;
- nssPKIObjectCollection *collection;
- collection = nssPKIObjectCollection_Create(td, NULL);
- collection->objectType = pkiObjectType_CRL;
- collection->destroyObject = crl_destroyObject;
- collection->getUIDFromObject = crl_getUIDFromObject;
- collection->getUIDFromInstance = crl_getUIDFromInstance;
- collection->createObject = crl_createObject;
- if (crlsOpt) {
- for (; *crlsOpt; crlsOpt++) {
- nssPKIObject *object = (nssPKIObject *)(*crlsOpt);
- status = nssPKIObjectCollection_AddObject(collection, object);
- }
- }
- return collection;
-}
-
-NSS_IMPLEMENT NSSCRL **
-nssPKIObjectCollection_GetCRLs (
- nssPKIObjectCollection *collection,
- NSSCRL **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- PRStatus status;
- PRUint32 rvSize;
- PRBool allocated = PR_FALSE;
- if (collection->size == 0) {
- return (NSSCRL **)NULL;
- }
- if (maximumOpt == 0) {
- rvSize = collection->size;
- } else {
- rvSize = PR_MIN(collection->size, maximumOpt);
- }
- if (!rvOpt) {
- rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCRL *, rvSize + 1);
- if (!rvOpt) {
- return (NSSCRL **)NULL;
- }
- allocated = PR_TRUE;
- }
- status = nssPKIObjectCollection_GetObjects(collection,
- (nssPKIObject **)rvOpt,
- rvSize);
- if (status != PR_SUCCESS) {
- if (allocated) {
- nss_ZFreeIf(rvOpt);
- }
- return (NSSCRL **)NULL;
- }
- return rvOpt;
-}
-
-#ifdef PURE_STAN_BUILD
-/*
- * PrivateKey collections
- */
-
-static void
-privkey_destroyObject(nssPKIObject *o)
-{
- NSSPrivateKey *pvk = (NSSPrivateKey *)o;
- nssPrivateKey_Destroy(pvk);
-}
-
-static PRStatus
-privkey_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
- NSSPrivateKey *pvk = (NSSPrivateKey *)o;
- NSSItem *id;
- id = nssPrivateKey_GetID(pvk);
- uid[0] = *id;
- return PR_SUCCESS;
-}
-
-static PRStatus
-privkey_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
- NSSArena *arena)
-{
- return nssCryptokiPrivateKey_GetAttributes(instance,
- NULL, /* XXX sessionOpt */
- arena,
- NULL, /* type */
- &uid[0]);
-}
-
-static nssPKIObject *
-privkey_createObject(nssPKIObject *o)
-{
- NSSPrivateKey *pvk;
- pvk = nssPrivateKey_Create(o);
- return (nssPKIObject *)pvk;
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssPrivateKeyCollection_Create (
- NSSTrustDomain *td,
- NSSPrivateKey **pvkOpt
-)
-{
- PRStatus status;
- nssPKIObjectCollection *collection;
- collection = nssPKIObjectCollection_Create(td, NULL);
- collection->objectType = pkiObjectType_PrivateKey;
- collection->destroyObject = privkey_destroyObject;
- collection->getUIDFromObject = privkey_getUIDFromObject;
- collection->getUIDFromInstance = privkey_getUIDFromInstance;
- collection->createObject = privkey_createObject;
- if (pvkOpt) {
- for (; *pvkOpt; pvkOpt++) {
- nssPKIObject *o = (nssPKIObject *)(*pvkOpt);
- status = nssPKIObjectCollection_AddObject(collection, o);
- }
- }
- return collection;
-}
-
-NSS_IMPLEMENT NSSPrivateKey **
-nssPKIObjectCollection_GetPrivateKeys (
- nssPKIObjectCollection *collection,
- NSSPrivateKey **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- PRStatus status;
- PRUint32 rvSize;
- PRBool allocated = PR_FALSE;
- if (collection->size == 0) {
- return (NSSPrivateKey **)NULL;
- }
- if (maximumOpt == 0) {
- rvSize = collection->size;
- } else {
- rvSize = PR_MIN(collection->size, maximumOpt);
- }
- if (!rvOpt) {
- rvOpt = nss_ZNEWARRAY(arenaOpt, NSSPrivateKey *, rvSize + 1);
- if (!rvOpt) {
- return (NSSPrivateKey **)NULL;
- }
- allocated = PR_TRUE;
- }
- status = nssPKIObjectCollection_GetObjects(collection,
- (nssPKIObject **)rvOpt,
- rvSize);
- if (status != PR_SUCCESS) {
- if (allocated) {
- nss_ZFreeIf(rvOpt);
- }
- return (NSSPrivateKey **)NULL;
- }
- return rvOpt;
-}
-
-/*
- * PublicKey collections
- */
-
-static void
-pubkey_destroyObject(nssPKIObject *o)
-{
- NSSPublicKey *pubk = (NSSPublicKey *)o;
- nssPublicKey_Destroy(pubk);
-}
-
-static PRStatus
-pubkey_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
- NSSPublicKey *pubk = (NSSPublicKey *)o;
- NSSItem *id;
- id = nssPublicKey_GetID(pubk);
- uid[0] = *id;
- return PR_SUCCESS;
-}
-
-static PRStatus
-pubkey_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
- NSSArena *arena)
-{
- return nssCryptokiPublicKey_GetAttributes(instance,
- NULL, /* XXX sessionOpt */
- arena,
- NULL, /* type */
- &uid[0]);
-}
-
-static nssPKIObject *
-pubkey_createObject(nssPKIObject *o)
-{
- NSSPublicKey *pubk;
- pubk = nssPublicKey_Create(o);
- return (nssPKIObject *)pubk;
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssPublicKeyCollection_Create (
- NSSTrustDomain *td,
- NSSPublicKey **pubkOpt
-)
-{
- PRStatus status;
- nssPKIObjectCollection *collection;
- collection = nssPKIObjectCollection_Create(td, NULL);
- collection->objectType = pkiObjectType_PublicKey;
- collection->destroyObject = pubkey_destroyObject;
- collection->getUIDFromObject = pubkey_getUIDFromObject;
- collection->getUIDFromInstance = pubkey_getUIDFromInstance;
- collection->createObject = pubkey_createObject;
- if (pubkOpt) {
- for (; *pubkOpt; pubkOpt++) {
- nssPKIObject *o = (nssPKIObject *)(*pubkOpt);
- status = nssPKIObjectCollection_AddObject(collection, o);
- }
- }
- return collection;
-}
-
-NSS_IMPLEMENT NSSPublicKey **
-nssPKIObjectCollection_GetPublicKeys (
- nssPKIObjectCollection *collection,
- NSSPublicKey **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- PRStatus status;
- PRUint32 rvSize;
- PRBool allocated = PR_FALSE;
- if (collection->size == 0) {
- return (NSSPublicKey **)NULL;
- }
- if (maximumOpt == 0) {
- rvSize = collection->size;
- } else {
- rvSize = PR_MIN(collection->size, maximumOpt);
- }
- if (!rvOpt) {
- rvOpt = nss_ZNEWARRAY(arenaOpt, NSSPublicKey *, rvSize + 1);
- if (!rvOpt) {
- return (NSSPublicKey **)NULL;
- }
- allocated = PR_TRUE;
- }
- status = nssPKIObjectCollection_GetObjects(collection,
- (nssPKIObject **)rvOpt,
- rvSize);
- if (status != PR_SUCCESS) {
- if (allocated) {
- nss_ZFreeIf(rvOpt);
- }
- return (NSSPublicKey **)NULL;
- }
- return rvOpt;
-}
-#endif /* PURE_STAN_BUILD */
-
-/* how bad would it be to have a static now sitting around, updated whenever
- * this was called? would avoid repeated allocs...
- */
-NSS_IMPLEMENT NSSTime *
-NSSTime_Now (
- NSSTime *timeOpt
-)
-{
- return NSSTime_SetPRTime(timeOpt, PR_Now());
-}
-
-NSS_IMPLEMENT NSSTime *
-NSSTime_SetPRTime (
- NSSTime *timeOpt,
- PRTime prTime
-)
-{
- NSSTime *rvTime;
- rvTime = (timeOpt) ? timeOpt : nss_ZNEW(NULL, NSSTime);
- rvTime->prTime = prTime;
- return rvTime;
-}
-
-NSS_IMPLEMENT PRTime
-NSSTime_GetPRTime (
- NSSTime *time
-)
-{
- return time->prTime;
-}
-
diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h
deleted file mode 100644
index 9f6ad74c2..000000000
--- a/security/nss/lib/pki/pkim.h
+++ /dev/null
@@ -1,716 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIM_H
-#define PKIM_H
-
-#ifdef DEBUG
-static const char PKIM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef PKITM_H
-#include "pkitm.h"
-#endif /* PKITM_H */
-
-PR_BEGIN_EXTERN_C
-
-/* nssPKIObject
- *
- * This is the base object class, common to all PKI objects defined in
- * in this module. Each object can be safely 'casted' to an nssPKIObject,
- * then passed to these methods.
- *
- * nssPKIObject_Create
- * nssPKIObject_Destroy
- * nssPKIObject_AddRef
- * nssPKIObject_AddInstance
- * nssPKIObject_HasInstance
- * nssPKIObject_GetTokens
- * nssPKIObject_GetNicknameForToken
- * nssPKIObject_RemoveInstanceForToken
- * nssPKIObject_DeleteStoredObject
- */
-
-/* nssPKIObject_Create
- *
- * A generic PKI object. It must live in a trust domain. It may be
- * initialized with a token instance, or alternatively in a crypto context.
- */
-NSS_EXTERN nssPKIObject *
-nssPKIObject_Create
-(
- NSSArena *arenaOpt,
- nssCryptokiObject *instanceOpt,
- NSSTrustDomain *td,
- NSSCryptoContext *ccOpt
-);
-
-/* nssPKIObject_AddRef
- */
-NSS_EXTERN nssPKIObject *
-nssPKIObject_AddRef
-(
- nssPKIObject *object
-);
-
-/* nssPKIObject_Destroy
- *
- * Returns true if object was destroyed. This notifies the subclass that
- * all references are gone and it should delete any members it owns.
- */
-NSS_EXTERN PRBool
-nssPKIObject_Destroy
-(
- nssPKIObject *object
-);
-
-/* nssPKIObject_AddInstance
- *
- * Add a token instance to the object, if it does not have it already.
- */
-NSS_EXTERN PRStatus
-nssPKIObject_AddInstance
-(
- nssPKIObject *object,
- nssCryptokiObject *instance
-);
-
-/* nssPKIObject_HasInstance
- *
- * Query the object for a token instance.
- */
-NSS_EXTERN PRBool
-nssPKIObject_HasInstance
-(
- nssPKIObject *object,
- nssCryptokiObject *instance
-);
-
-/* nssPKIObject_GetTokens
- *
- * Get all tokens which have an instance of the object.
- */
-NSS_EXTERN NSSToken **
-nssPKIObject_GetTokens
-(
- nssPKIObject *object,
- PRStatus *statusOpt
-);
-
-/* nssPKIObject_GetNicknameForToken
- *
- * tokenOpt == NULL means take the first available, otherwise return the
- * nickname for the specified token.
- */
-NSS_EXTERN NSSUTF8 *
-nssPKIObject_GetNicknameForToken
-(
- nssPKIObject *object,
- NSSToken *tokenOpt
-);
-
-/* nssPKIObject_RemoveInstanceForToken
- *
- * Remove the instance of the object on the specified token.
- */
-NSS_EXTERN PRStatus
-nssPKIObject_RemoveInstanceForToken
-(
- nssPKIObject *object,
- NSSToken *token
-);
-
-/* nssPKIObject_DeleteStoredObject
- *
- * Delete all token instances of the object, as well as any crypto context
- * instances (TODO). If any of the instances are read-only, or if the
- * removal fails, the object will keep those instances. 'isFriendly' refers
- * to the object -- can this object be removed from a friendly token without
- * login? For example, certificates are friendly, private keys are not.
- * Note that if the token is not friendly, authentication will be required
- * regardless of the value of 'isFriendly'.
- */
-NSS_EXTERN PRStatus
-nssPKIObject_DeleteStoredObject
-(
- nssPKIObject *object,
- NSSCallback *uhh,
- PRBool isFriendly
-);
-
-#ifdef NSS_3_4_CODE
-NSS_EXTERN nssCryptokiObject **
-nssPKIObject_GetInstances
-(
- nssPKIObject *object
-);
-#endif
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByID
-(
- NSSTrustDomain *td,
- NSSItem *id,
- NSSCertificate **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCRL **
-nssTrustDomain_FindCRLsBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject
-);
-
-/* module-private nsspki methods */
-
-NSS_EXTERN NSSCryptoContext *
-nssCryptoContext_Create
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-);
-
-/* XXX for the collection */
-NSS_EXTERN NSSCertificate *
-nssCertificate_Create
-(
- nssPKIObject *object
-);
-
-NSS_EXTERN PRStatus
-nssCertificate_SetCertTrust
-(
- NSSCertificate *c,
- NSSTrust *trust
-);
-
-NSS_EXTERN nssDecodedCert *
-nssCertificate_GetDecoding
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN nssDecodedCert *
-nssDecodedCert_Create
-(
- NSSArena *arenaOpt,
- NSSDER *encoding,
- NSSCertificateType type
-);
-
-NSS_EXTERN PRStatus
-nssDecodedCert_Destroy
-(
- nssDecodedCert *dc
-);
-
-NSS_EXTERN NSSTrust *
-nssTrust_Create
-(
- nssPKIObject *object,
- NSSItem *certData
-);
-
-NSS_EXTERN NSSCRL *
-nssCRL_Create
-(
- nssPKIObject *object
-);
-
-NSS_EXTERN NSSCRL *
-nssCRL_AddRef
-(
- NSSCRL *crl
-);
-
-NSS_EXTERN PRStatus
-nssCRL_Destroy
-(
- NSSCRL *crl
-);
-
-NSS_EXTERN PRStatus
-nssCRL_DeleteStoredObject
-(
- NSSCRL *crl,
- NSSCallback *uhh
-);
-
-NSS_EXTERN NSSPrivateKey *
-nssPrivateKey_Create
-(
- nssPKIObject *o
-);
-
-NSS_EXTERN NSSDER *
-nssCRL_GetEncoding
-(
- NSSCRL *crl
-);
-
-NSS_EXTERN NSSPublicKey *
-nssPublicKey_Create
-(
- nssPKIObject *object
-);
-
-/* nssCertificateArray
- *
- * These are being thrown around a lot, might as well group together some
- * functionality.
- *
- * nssCertificateArray_Destroy
- * nssCertificateArray_Join
- * nssCertificateArray_FindBestCertificate
- * nssCertificateArray_Traverse
- */
-
-/* nssCertificateArray_Destroy
- *
- * Will destroy the array and the certs within it. If the array was created
- * in an arena, will *not* (of course) destroy the arena. However, is safe
- * to call this method on an arena-allocated array.
- */
-NSS_EXTERN void
-nssCertificateArray_Destroy
-(
- NSSCertificate **certs
-);
-
-/* nssCertificateArray_Join
- *
- * Join two arrays into one. The two arrays, certs1 and certs2, should
- * be considered invalid after a call to this function (they may be destroyed
- * as part of the join). certs1 and/or certs2 may be NULL. Safe to
- * call with arrays allocated in an arena, the result will also be in the
- * arena.
- */
-NSS_EXTERN NSSCertificate **
-nssCertificateArray_Join
-(
- NSSCertificate **certs1,
- NSSCertificate **certs2
-);
-
-/* nssCertificateArray_FindBestCertificate
- *
- * Use the usual { time, usage, policies } to find the best cert in the
- * array.
- */
-NSS_EXTERN NSSCertificate *
-nssCertificateArray_FindBestCertificate
-(
- NSSCertificate **certs,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/* nssCertificateArray_Traverse
- *
- * Do the callback for each cert, terminate the traversal if the callback
- * fails.
- */
-NSS_EXTERN PRStatus
-nssCertificateArray_Traverse
-(
- NSSCertificate **certs,
- PRStatus (* callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-NSS_EXTERN void
-nssCRLArray_Destroy
-(
- NSSCRL **crls
-);
-
-/* nssPKIObjectCollection
- *
- * This is a handy way to group objects together and perform operations
- * on them. It can also handle "proto-objects"-- references to
- * objects instances on tokens, where the actual object hasn't
- * been formed yet.
- *
- * nssCertificateCollection_Create
- * nssPrivateKeyCollection_Create
- * nssPublicKeyCollection_Create
- *
- * If this was a language that provided for inheritance, each type would
- * inherit all of the following methods. Instead, there is only one
- * type (nssPKIObjectCollection), shared among all. This may cause
- * confusion; an alternative would be to define all of the methods
- * for each subtype (nssCertificateCollection_Destroy, ...), but that doesn't
- * seem worth the code bloat.. It is left up to the caller to remember
- * what type of collection he/she is dealing with.
- *
- * nssPKIObjectCollection_Destroy
- * nssPKIObjectCollection_Count
- * nssPKIObjectCollection_AddObject
- * nssPKIObjectCollection_AddInstances
- * nssPKIObjectCollection_Traverse
- *
- * Back to type-specific methods.
- *
- * nssPKIObjectCollection_GetCertificates
- * nssPKIObjectCollection_GetCRLs
- * nssPKIObjectCollection_GetPrivateKeys
- * nssPKIObjectCollection_GetPublicKeys
- */
-
-/* nssCertificateCollection_Create
- *
- * Create a collection of certificates in the specified trust domain.
- * Optionally provide a starting set of certs.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssCertificateCollection_Create
-(
- NSSTrustDomain *td,
- NSSCertificate **certsOpt
-);
-
-/* nssCRLCollection_Create
- *
- * Create a collection of CRLs/KRLs in the specified trust domain.
- * Optionally provide a starting set of CRLs.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssCRLCollection_Create
-(
- NSSTrustDomain *td,
- NSSCRL **crlsOpt
-);
-
-/* nssPrivateKeyCollection_Create
- *
- * Create a collection of private keys in the specified trust domain.
- * Optionally provide a starting set of keys.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssPrivateKeyCollection_Create
-(
- NSSTrustDomain *td,
- NSSPrivateKey **pvkOpt
-);
-
-/* nssPublicKeyCollection_Create
- *
- * Create a collection of public keys in the specified trust domain.
- * Optionally provide a starting set of keys.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssPublicKeyCollection_Create
-(
- NSSTrustDomain *td,
- NSSPublicKey **pvkOpt
-);
-
-/* nssPKIObjectCollection_Destroy
- */
-NSS_EXTERN void
-nssPKIObjectCollection_Destroy
-(
- nssPKIObjectCollection *collection
-);
-
-/* nssPKIObjectCollection_Count
- */
-NSS_EXTERN PRUint32
-nssPKIObjectCollection_Count
-(
- nssPKIObjectCollection *collection
-);
-
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_AddObject
-(
- nssPKIObjectCollection *collection,
- nssPKIObject *object
-);
-
-/* nssPKIObjectCollection_AddInstances
- *
- * Add a set of object instances to the collection. The instances
- * will be sorted into any existing certs/proto-certs that may be in
- * the collection. The instances will be absorbed by the collection,
- * the array should not be used after this call (except to free it).
- *
- * Failure means the collection is in an invalid state.
- *
- * numInstances = 0 means the array is NULL-terminated
- */
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_AddInstances
-(
- nssPKIObjectCollection *collection,
- nssCryptokiObject **instances,
- PRUint32 numInstances
-);
-
-/* nssPKIObjectCollection_Traverse
- */
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_Traverse
-(
- nssPKIObjectCollection *collection,
- nssPKIObjectCallback *callback
-);
-
-/* This function is being added for NSS 3.5. It corresponds to the function
- * nssToken_TraverseCertificates. The idea is to use the collection during
- * a traversal, creating certs each time a new instance is added for which
- * a cert does not already exist.
- */
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_AddInstanceAsObject
-(
- nssPKIObjectCollection *collection,
- nssCryptokiObject *instance
-);
-
-/* nssPKIObjectCollection_GetCertificates
- *
- * Get all of the certificates in the collection.
- */
-NSS_EXTERN NSSCertificate **
-nssPKIObjectCollection_GetCertificates
-(
- nssPKIObjectCollection *collection,
- NSSCertificate **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCRL **
-nssPKIObjectCollection_GetCRLs
-(
- nssPKIObjectCollection *collection,
- NSSCRL **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSPrivateKey **
-nssPKIObjectCollection_GetPrivateKeys
-(
- nssPKIObjectCollection *collection,
- NSSPrivateKey **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSPublicKey **
-nssPKIObjectCollection_GetPublicKeys
-(
- nssPKIObjectCollection *collection,
- NSSPublicKey **rvOpt,
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSTime *
-NSSTime_Now
-(
- NSSTime *timeOpt
-);
-
-NSS_EXTERN NSSTime *
-NSSTime_SetPRTime
-(
- NSSTime *timeOpt,
- PRTime prTime
-);
-
-NSS_EXTERN PRTime
-NSSTime_GetPRTime
-(
- NSSTime *time
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateCertificate
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-/* 3.4 Certificate cache routines */
-
-NSS_EXTERN PRStatus
-nssTrustDomain_InitializeCache
-(
- NSSTrustDomain *td,
- PRUint32 cacheSize
-);
-
-NSS_EXTERN PRStatus
-nssTrustDomain_AddCertsToCache
-(
- NSSTrustDomain *td,
- NSSCertificate **certs,
- PRUint32 numCerts
-);
-
-NSS_EXTERN void
-nssTrustDomain_RemoveCertFromCacheLOCKED (
- NSSTrustDomain *td,
- NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssTrustDomain_LockCertCache (
- NSSTrustDomain *td
-);
-
-NSS_EXTERN void
-nssTrustDomain_UnlockCertCache (
- NSSTrustDomain *td
-);
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_DestroyCache
-(
- NSSTrustDomain *td
-);
-
-/*
- * Remove all certs for the given token from the cache. This is
- * needed if the token is removed.
- */
-NSS_EXTERN PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
- NSSTrustDomain *td,
- NSSToken *token
-);
-
-NSS_EXTERN PRStatus
-nssTrustDomain_UpdateCachedTokenCerts
-(
- NSSTrustDomain *td,
- NSSToken *token
-);
-
-/*
- * Find all cached certs with this nickname (label).
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForNicknameFromCache
-(
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- nssList *certListOpt
-);
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForEmailAddressFromCache
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- nssList *certListOpt
-);
-
-/*
- * Find all cached certs with this subject.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForSubjectFromCache
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- nssList *certListOpt
-);
-
-/*
- * Look for a specific cert in the cache.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_GetCertForIssuerAndSNFromCache
-(
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serialNum
-);
-
-/*
- * Look for a specific cert in the cache.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_GetCertByDERFromCache
-(
- NSSTrustDomain *td,
- NSSDER *der
-);
-
-/* Get all certs from the cache */
-/* XXX this is being included to make some old-style calls word, not to
- * say we should keep it
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsFromCache
-(
- NSSTrustDomain *td,
- nssList *certListOpt
-);
-
-NSS_EXTERN void
-nssTrustDomain_DumpCacheInfo
-(
- NSSTrustDomain *td,
- void (* cert_dump_iter)(const void *, void *, void *),
- void *arg
-);
-
-NSS_EXTERN void
-nssCertificateList_AddReferences
-(
- nssList *certList
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKIM_H */
diff --git a/security/nss/lib/pki/pkistore.c b/security/nss/lib/pki/pkistore.c
deleted file mode 100644
index 08250db63..000000000
--- a/security/nss/lib/pki/pkistore.c
+++ /dev/null
@@ -1,720 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKISTORE_H
-#include "pkistore.h"
-#endif /* PKISTORE_H */
-
-#ifdef NSS_3_4_CODE
-#include "cert.h"
-#endif
-
-/*
- * Certificate Store
- *
- * This differs from the cache in that it is a true storage facility. Items
- * stay in until they are explicitly removed. It is only used by crypto
- * contexts at this time, but may be more generally useful...
- *
- */
-
-struct nssCertificateStoreStr
-{
- PRBool i_alloced_arena;
- NSSArena *arena;
- PZLock *lock;
- nssHash *subject;
- nssHash *issuer_and_serial;
-};
-
-typedef struct certificate_hash_entry_str certificate_hash_entry;
-
-struct certificate_hash_entry_str
-{
- NSSCertificate *cert;
- NSSTrust *trust;
- nssSMIMEProfile *profile;
-};
-
-/* XXX This a common function that should be moved out, possibly an
- * nssSubjectCertificateList should be created?
- */
-/* sort the subject list from newest to oldest */
-static PRIntn subject_list_sort(void *v1, void *v2)
-{
- NSSCertificate *c1 = (NSSCertificate *)v1;
- NSSCertificate *c2 = (NSSCertificate *)v2;
- nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
- nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
- if (dc1->isNewerThan(dc1, dc2)) {
- return -1;
- } else {
- return 1;
- }
-}
-
-NSS_IMPLEMENT nssCertificateStore *
-nssCertificateStore_Create (
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- nssCertificateStore *store;
- PRBool i_alloced_arena;
- if (arenaOpt) {
- arena = arenaOpt;
- i_alloced_arena = PR_FALSE;
- } else {
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- i_alloced_arena = PR_TRUE;
- }
- store = nss_ZNEW(arena, nssCertificateStore);
- if (!store) {
- goto loser;
- }
- store->lock = PZ_NewLock(nssILockOther);
- if (!store->lock) {
- goto loser;
- }
- /* Create the issuer/serial --> {cert, trust, S/MIME profile } hash */
- store->issuer_and_serial = nssHash_CreateCertificate(arena, 0);
- if (!store->issuer_and_serial) {
- goto loser;
- }
- /* Create the subject DER --> subject list hash */
- store->subject = nssHash_CreateItem(arena, 0);
- if (!store->subject) {
- goto loser;
- }
- store->arena = arena;
- store->i_alloced_arena = i_alloced_arena;
- return store;
-loser:
- if (store) {
- if (store->lock) {
- PZ_DestroyLock(store->lock);
- }
- if (store->issuer_and_serial) {
- nssHash_Destroy(store->issuer_and_serial);
- }
- if (store->subject) {
- nssHash_Destroy(store->subject);
- }
- }
- if (i_alloced_arena) {
- nssArena_Destroy(arena);
- }
- return NULL;
-}
-
-extern const NSSError NSS_ERROR_BUSY;
-
-NSS_IMPLEMENT PRStatus
-nssCertificateStore_Destroy (
- nssCertificateStore *store
-)
-{
- if (nssHash_Count(store->issuer_and_serial) > 0) {
- nss_SetError(NSS_ERROR_BUSY);
- return PR_FAILURE;
- }
- PZ_DestroyLock(store->lock);
- nssHash_Destroy(store->issuer_and_serial);
- nssHash_Destroy(store->subject);
- if (store->i_alloced_arena) {
- nssArena_Destroy(store->arena);
- } else {
- nss_ZFreeIf(store);
- }
- return PR_SUCCESS;
-}
-
-static PRStatus
-add_certificate_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- PRStatus nssrv;
- certificate_hash_entry *entry;
- entry = nss_ZNEW(cert->object.arena, certificate_hash_entry);
- if (!entry) {
- return PR_FAILURE;
- }
- entry->cert = cert;
- nssrv = nssHash_Add(store->issuer_and_serial, cert, entry);
- if (nssrv != PR_SUCCESS) {
- nss_ZFreeIf(entry);
- }
- return nssrv;
-}
-
-static PRStatus
-add_subject_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- PRStatus nssrv;
- nssList *subjectList;
- subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
- if (subjectList) {
- /* The subject is already in, add this cert to the list */
- nssrv = nssList_AddUnique(subjectList, cert);
- } else {
- /* Create a new subject list for the subject */
- subjectList = nssList_Create(NULL, PR_FALSE);
- if (!subjectList) {
- return PR_FAILURE;
- }
- nssList_SetSortFunction(subjectList, subject_list_sort);
- /* Add the cert entry to this list of subjects */
- nssrv = nssList_Add(subjectList, cert);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- /* Add the subject list to the cache */
- nssrv = nssHash_Add(store->subject, &cert->subject, subjectList);
- }
- return nssrv;
-}
-
-/* declared below */
-static void
-remove_certificate_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
-);
-
-NSS_IMPLEMENT PRStatus
-nssCertificateStore_Add (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- PRStatus nssrv;
- PZ_Lock(store->lock);
- if (nssHash_Exists(store->issuer_and_serial, cert)) {
- PZ_Unlock(store->lock);
- return PR_SUCCESS;
- }
- nssrv = add_certificate_entry(store, cert);
- if (nssrv == PR_SUCCESS) {
- nssrv = add_subject_entry(store, cert);
- if (nssrv == PR_FAILURE) {
- remove_certificate_entry(store, cert);
- }
- }
- PZ_Unlock(store->lock);
- return nssrv;
-}
-
-static void
-remove_certificate_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- certificate_hash_entry *entry;
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, cert);
- if (entry) {
- nssHash_Remove(store->issuer_and_serial, cert);
- if (entry->trust) {
- nssTrust_Destroy(entry->trust);
- }
- if (entry->profile) {
- nssSMIMEProfile_Destroy(entry->profile);
- }
- nss_ZFreeIf(entry);
- }
-}
-
-static void
-remove_subject_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- nssList *subjectList;
- /* Get the subject list for the cert's subject */
- subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
- if (subjectList) {
- /* Remove the cert from the subject hash */
- nssList_Remove(subjectList, cert);
- nssHash_Remove(store->subject, &cert->subject);
- if (nssList_Count(subjectList) == 0) {
- nssList_Destroy(subjectList);
- } else {
- /* The cert being released may have keyed the subject entry.
- * Since there are still subject certs around, get another and
- * rekey the entry just in case.
- */
- NSSCertificate *subjectCert;
- (void)nssList_GetArray(subjectList, (void **)&subjectCert, 1);
- nssHash_Add(store->subject, &subjectCert->subject, subjectList);
- }
- }
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_RemoveCertLOCKED (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- certificate_hash_entry *entry;
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, cert);
- if (entry && entry->cert == cert) {
- remove_certificate_entry(store, cert);
- remove_subject_entry(store, cert);
- }
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_Lock (
- nssCertificateStore *store
-)
-{
- PZ_Lock(store->lock);
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_Unlock (
- nssCertificateStore *store
-)
-{
- PZ_Unlock(store->lock);
-}
-
-static NSSCertificate **
-get_array_from_list (
- nssList *certList,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- PRUint32 count;
- NSSCertificate **rvArray = NULL;
- count = nssList_Count(certList);
- if (count == 0) {
- return NULL;
- }
- if (maximumOpt > 0) {
- count = PR_MIN(maximumOpt, count);
- }
- if (rvOpt) {
- nssList_GetArray(certList, (void **)rvOpt, count);
- } else {
- rvArray = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1);
- if (rvArray) {
- nssList_GetArray(certList, (void **)rvArray, count);
- }
- }
- return rvArray;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesBySubject (
- nssCertificateStore *store,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- nssList *subjectList;
- PZ_Lock(store->lock);
- subjectList = (nssList *)nssHash_Lookup(store->subject, subject);
- if (subjectList) {
- nssCertificateList_AddReferences(subjectList);
- rvArray = get_array_from_list(subjectList,
- rvOpt, maximumOpt, arenaOpt);
- }
- PZ_Unlock(store->lock);
- return rvArray;
-}
-
-/* Because only subject indexing is implemented, all other lookups require
- * full traversal (unfortunately, PLHashTable doesn't allow you to exit
- * early from the enumeration). The assumptions are that 1) lookups by
- * fields other than subject will be rare, and 2) the hash will not have
- * a large number of entries. These assumptions will be tested.
- *
- * XXX
- * For NSS 3.4, it is worth consideration to do all forms of indexing,
- * because the only crypto context is global and persistent.
- */
-
-struct nickname_template_str
-{
- NSSUTF8 *nickname;
- nssList *subjectList;
-};
-
-static void match_nickname(const void *k, void *v, void *a)
-{
- PRStatus nssrv;
- NSSCertificate *c;
- NSSUTF8 *nickname;
- nssList *subjectList = (nssList *)v;
- struct nickname_template_str *nt = (struct nickname_template_str *)a;
- nssrv = nssList_GetArray(subjectList, (void **)&c, 1);
- nickname = nssCertificate_GetNickname(c, NULL);
- if (nssrv == PR_SUCCESS && nickname &&
- nssUTF8_Equal(nickname, nt->nickname, &nssrv))
- {
- nt->subjectList = subjectList;
- }
-}
-
-/*
- * Find all cached certs with this label.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesByNickname (
- nssCertificateStore *store,
- NSSUTF8 *nickname,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- struct nickname_template_str nt;
- nt.nickname = nickname;
- nt.subjectList = NULL;
- PZ_Lock(store->lock);
- nssHash_Iterate(store->subject, match_nickname, &nt);
- if (nt.subjectList) {
- nssCertificateList_AddReferences(nt.subjectList);
- rvArray = get_array_from_list(nt.subjectList,
- rvOpt, maximumOpt, arenaOpt);
- }
- PZ_Unlock(store->lock);
- return rvArray;
-}
-
-struct email_template_str
-{
- NSSASCII7 *email;
- nssList *emailList;
-};
-
-static void match_email(const void *k, void *v, void *a)
-{
- PRStatus nssrv;
- NSSCertificate *c;
- nssList *subjectList = (nssList *)v;
- struct email_template_str *et = (struct email_template_str *)a;
- nssrv = nssList_GetArray(subjectList, (void **)&c, 1);
- if (nssrv == PR_SUCCESS &&
- nssUTF8_Equal(c->email, et->email, &nssrv))
- {
- nssListIterator *iter = nssList_CreateIterator(subjectList);
- if (iter) {
- for (c = (NSSCertificate *)nssListIterator_Start(iter);
- c != (NSSCertificate *)NULL;
- c = (NSSCertificate *)nssListIterator_Next(iter))
- {
- nssList_Add(et->emailList, c);
- }
- nssListIterator_Finish(iter);
- nssListIterator_Destroy(iter);
- }
- }
-}
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesByEmail (
- nssCertificateStore *store,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- struct email_template_str et;
- et.email = email;
- et.emailList = nssList_Create(NULL, PR_FALSE);
- if (!et.emailList) {
- return NULL;
- }
- PZ_Lock(store->lock);
- nssHash_Iterate(store->subject, match_email, &et);
- if (et.emailList) {
- /* get references before leaving the store's lock protection */
- nssCertificateList_AddReferences(et.emailList);
- }
- PZ_Unlock(store->lock);
- if (et.emailList) {
- rvArray = get_array_from_list(et.emailList,
- rvOpt, maximumOpt, arenaOpt);
- nssList_Destroy(et.emailList);
- }
- return rvArray;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateStore_FindCertificateByIssuerAndSerialNumber (
- nssCertificateStore *store,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- certificate_hash_entry *entry;
- NSSCertificate index;
- NSSCertificate *rvCert = NULL;
- index.issuer = *issuer;
- index.serial = *serial;
- PZ_Lock(store->lock);
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, &index);
- if (entry) {
- rvCert = nssCertificate_AddRef(entry->cert);
- }
- PZ_Unlock(store->lock);
- return rvCert;
-}
-
-#ifdef NSS_3_4_CODE
-static PRStatus
-issuer_and_serial_from_encoding (
- NSSBER *encoding,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- SECItem derCert, derIssuer, derSerial;
- SECStatus secrv;
- derCert.data = (unsigned char *)encoding->data;
- derCert.len = encoding->size;
- secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
- if (secrv != SECSuccess) {
- return PR_FAILURE;
- }
- secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
- if (secrv != SECSuccess) {
- PORT_Free(derIssuer.data);
- return PR_FAILURE;
- }
- issuer->data = derIssuer.data;
- issuer->size = derIssuer.len;
- serial->data = derSerial.data;
- serial->size = derSerial.len;
- return PR_SUCCESS;
-}
-#endif
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateStore_FindCertificateByEncodedCertificate (
- nssCertificateStore *store,
- NSSDER *encoding
-)
-{
- PRStatus nssrv = PR_FAILURE;
- NSSDER issuer, serial;
- NSSCertificate *rvCert = NULL;
-#ifdef NSS_3_4_CODE
- nssrv = issuer_and_serial_from_encoding(encoding, &issuer, &serial);
-#endif
- if (nssrv != PR_SUCCESS) {
- return NULL;
- }
- rvCert = nssCertificateStore_FindCertificateByIssuerAndSerialNumber(store,
- &issuer,
- &serial);
-#ifdef NSS_3_4_CODE
- PORT_Free(issuer.data);
- PORT_Free(serial.data);
-#endif
- return rvCert;
-}
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddTrust (
- nssCertificateStore *store,
- NSSTrust *trust
-)
-{
- NSSCertificate *cert;
- certificate_hash_entry *entry;
- cert = trust->certificate;
- PZ_Lock(store->lock);
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, cert);
- if (entry) {
- entry->trust = nssTrust_AddRef(trust);
- }
- PZ_Unlock(store->lock);
- return (entry) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssCertificateStore_FindTrustForCertificate (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- certificate_hash_entry *entry;
- NSSTrust *rvTrust = NULL;
- PZ_Lock(store->lock);
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, cert);
- if (entry && entry->trust) {
- rvTrust = nssTrust_AddRef(entry->trust);
- }
- PZ_Unlock(store->lock);
- return rvTrust;
-}
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddSMIMEProfile (
- nssCertificateStore *store,
- nssSMIMEProfile *profile
-)
-{
- NSSCertificate *cert;
- certificate_hash_entry *entry;
- cert = profile->certificate;
- PZ_Lock(store->lock);
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, cert);
- if (entry) {
- entry->profile = nssSMIMEProfile_AddRef(profile);
- }
- PZ_Unlock(store->lock);
- return (entry) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssCertificateStore_FindSMIMEProfileForCertificate (
- nssCertificateStore *store,
- NSSCertificate *cert
-)
-{
- certificate_hash_entry *entry;
- nssSMIMEProfile *rvProfile = NULL;
- PZ_Lock(store->lock);
- entry = (certificate_hash_entry *)
- nssHash_Lookup(store->issuer_and_serial, cert);
- if (entry && entry->profile) {
- rvProfile = nssSMIMEProfile_AddRef(entry->profile);
- }
- PZ_Unlock(store->lock);
- return rvProfile;
-}
-
-/* XXX this is also used by cache and should be somewhere else */
-
-static PLHashNumber
-nss_certificate_hash (
- const void *key
-)
-{
- unsigned int i;
- PLHashNumber h;
- NSSCertificate *c = (NSSCertificate *)key;
- h = 0;
- for (i=0; i<c->issuer.size; i++)
- h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)c->issuer.data)[i];
- for (i=0; i<c->serial.size; i++)
- h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)c->serial.data)[i];
- return h;
-}
-
-static int
-nss_compare_certs(const void *v1, const void *v2)
-{
- PRStatus ignore;
- NSSCertificate *c1 = (NSSCertificate *)v1;
- NSSCertificate *c2 = (NSSCertificate *)v2;
- return (int)(nssItem_Equal(&c1->issuer, &c2->issuer, &ignore) &&
- nssItem_Equal(&c1->serial, &c2->serial, &ignore));
-}
-
-NSS_IMPLEMENT nssHash *
-nssHash_CreateCertificate (
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt,
- numBuckets,
- nss_certificate_hash,
- nss_compare_certs,
- PL_CompareValues);
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_DumpStoreInfo (
- nssCertificateStore *store,
- void (* cert_dump_iter)(const void *, void *, void *),
- void *arg
-)
-{
- PZ_Lock(store->lock);
- nssHash_Iterate(store->issuer_and_serial, cert_dump_iter, arg);
- PZ_Unlock(store->lock);
-}
-
diff --git a/security/nss/lib/pki/pkistore.h b/security/nss/lib/pki/pkistore.h
deleted file mode 100644
index 0fd9e679d..000000000
--- a/security/nss/lib/pki/pkistore.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKISTORE_H
-#define PKISTORE_H
-
-#ifdef DEBUG
-static const char PKISTORE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * PKI Stores
- *
- * This is a set of routines for managing local stores of PKI objects.
- * Currently, the only application is in crypto contexts, where the
- * certificate store is used. In the future, methods should be added
- * here for storing local references to keys.
- */
-
-/*
- * nssCertificateStore
- *
- * Manages local store of certificate, trust, and S/MIME profile objects.
- * Within a crypto context, mappings of cert to trust and cert to S/MIME
- * profile are always 1-1. Therefore, it is reasonable to store all objects
- * in a single collection, indexed by the certificate.
- */
-
-NSS_EXTERN nssCertificateStore *
-nssCertificateStore_Create
-(
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_Destroy
-(
- nssCertificateStore *store
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_Add
-(
- nssCertificateStore *store,
- NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssCertificateStore_RemoveCertLOCKED
-(
- nssCertificateStore *store,
- NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssCertificateStore_Lock (
- nssCertificateStore *store
-);
-
-NSS_EXTERN void
-nssCertificateStore_Unlock (
- nssCertificateStore *store
-);
-
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesBySubject
-(
- nssCertificateStore *store,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesByNickname
-(
- nssCertificateStore *store,
- NSSUTF8 *nickname,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesByEmail
-(
- nssCertificateStore *store,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCertificate *
-nssCertificateStore_FindCertificateByIssuerAndSerialNumber
-(
- nssCertificateStore *store,
- NSSDER *issuer,
- NSSDER *serial
-);
-
-NSS_EXTERN NSSCertificate *
-nssCertificateStore_FindCertificateByEncodedCertificate
-(
- nssCertificateStore *store,
- NSSDER *encoding
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddTrust
-(
- nssCertificateStore *store,
- NSSTrust *trust
-);
-
-NSS_EXTERN NSSTrust *
-nssCertificateStore_FindTrustForCertificate
-(
- nssCertificateStore *store,
- NSSCertificate *cert
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddSMIMEProfile
-(
- nssCertificateStore *store,
- nssSMIMEProfile *profile
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssCertificateStore_FindSMIMEProfileForCertificate
-(
- nssCertificateStore *store,
- NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssCertificateStore_DumpStoreInfo
-(
- nssCertificateStore *store,
- void (* cert_dump_iter)(const void *, void *, void *),
- void *arg
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKISTORE_H */
diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h
deleted file mode 100644
index f8bd067b9..000000000
--- a/security/nss/lib/pki/pkit.h
+++ /dev/null
@@ -1,210 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIT_H
-#define PKIT_H
-
-#ifdef DEBUG
-static const char PKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkit.h
- *
- * This file contains definitions for the types of the top-level PKI objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifdef NSS_3_4_CODE
-#include "certt.h"
-#include "pkcs11t.h"
-#endif /* NSS_3_4_CODE */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A note on ephemeral certs
- *
- * The key objects defined here can only be created on tokens, and can only
- * exist on tokens. Therefore, any instance of a key object must have
- * a corresponding cryptoki instance. OTOH, certificates created in
- * crypto contexts need not be stored as session objects on the token.
- * There are good performance reasons for not doing so. The certificate
- * and trust objects have been defined with a cryptoContext field to
- * allow for ephemeral certs, which may have a single instance in a crypto
- * context along with any number (including zero) of cryptoki instances.
- * Since contexts may not share objects, there can be only one context
- * for each object.
- */
-
-/* nssPKIObject
- *
- * This is the base object class, common to all PKI objects defined in
- * nsspkit.h
- */
-struct nssPKIObjectStr
-{
- /* The arena for all object memory */
- NSSArena *arena;
- /* Atomically incremented/decremented reference counting */
- PRInt32 refCount;
- /* lock protects the array of nssCryptokiInstance's of the object */
- PZLock *lock;
- /* XXX with LRU cache, this cannot be guaranteed up-to-date. It cannot
- * be compared against the update level of the trust domain, since it is
- * also affected by import/export. Where is this array needed?
- */
- nssCryptokiObject **instances;
- PRUint32 numInstances;
- /* The object must live in a trust domain */
- NSSTrustDomain *trustDomain;
- /* The object may live in a crypto context */
- NSSCryptoContext *cryptoContext;
- /* XXX added so temp certs can have nickname, think more ... */
- NSSUTF8 *tempName;
-};
-
-typedef struct nssDecodedCertStr nssDecodedCert;
-
-typedef struct nssCertificateStoreStr nssCertificateStore;
-
-/* How wide is the scope of this? */
-typedef struct nssSMIMEProfileStr nssSMIMEProfile;
-
-typedef struct nssPKIObjectStr nssPKIObject;
-
-struct NSSTrustStr
-{
- nssPKIObject object;
- NSSCertificate *certificate;
- nssTrustLevel serverAuth;
- nssTrustLevel clientAuth;
- nssTrustLevel emailProtection;
- nssTrustLevel codeSigning;
-};
-
-struct nssSMIMEProfileStr
-{
- nssPKIObject object;
- NSSCertificate *certificate;
- NSSASCII7 *email;
- NSSDER *subject;
- NSSItem *profileTime;
- NSSItem *profileData;
-};
-
-struct NSSCertificateStr
-{
- nssPKIObject object;
- NSSCertificateType type;
- NSSItem id;
- NSSBER encoding;
- NSSDER issuer;
- NSSDER subject;
- NSSDER serial;
- NSSASCII7 *email;
- nssDecodedCert *decoding;
-};
-
-struct NSSPrivateKeyStr;
-
-struct NSSPublicKeyStr;
-
-struct NSSSymmetricKeyStr;
-
-typedef struct nssTDCertificateCacheStr nssTDCertificateCache;
-
-struct NSSTrustDomainStr {
- PRInt32 refCount;
- NSSArena *arena;
- NSSCallback *defaultCallback;
- nssList *tokenList;
- nssListIterator *tokens;
- nssTDCertificateCache *cache;
-#ifdef NSS_3_4_CODE
- void *spkDigestInfo;
- CERTStatusConfig *statusConfig;
-#endif
-};
-
-struct NSSCryptoContextStr
-{
- PRInt32 refCount;
- NSSArena *arena;
- NSSTrustDomain *td;
- NSSToken *token;
- nssSession *session;
- nssCertificateStore *certStore;
-};
-
-struct NSSTimeStr {
- PRTime prTime;
-};
-
-struct NSSCRLStr {
- nssPKIObject object;
- NSSDER encoding;
- NSSUTF8 *url;
- PRBool isKRL;
-};
-
-typedef struct NSSCRLStr NSSCRL;
-
-struct NSSPoliciesStr;
-
-struct NSSAlgorithmAndParametersStr;
-
-struct NSSPKIXCertificateStr;
-
-PR_END_EXTERN_C
-
-#endif /* PKIT_H */
diff --git a/security/nss/lib/pki/pkitm.h b/security/nss/lib/pki/pkitm.h
deleted file mode 100644
index e41879050..000000000
--- a/security/nss/lib/pki/pkitm.h
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKITM_H
-#define PKITM_H
-
-#ifdef DEBUG
-static const char PKITM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkitm.h
- *
- * This file contains PKI-module specific types.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-typedef enum nssCertIDMatchEnum {
- nssCertIDMatch_Yes = 0,
- nssCertIDMatch_No = 1,
- nssCertIDMatch_Unknown = 2
-} nssCertIDMatch;
-
-/*
- * nssDecodedCert
- *
- * This is an interface to allow the PKI module access to certificate
- * information that can only be found by decoding. The interface is
- * generic, allowing each certificate type its own way of providing
- * the information
- */
-struct nssDecodedCertStr {
- NSSCertificateType type;
- void *data;
- /* returns the unique identifier for the cert */
- NSSItem * (*getIdentifier)(nssDecodedCert *dc);
- /* returns the unique identifier for this cert's issuer */
- void * (*getIssuerIdentifier)(nssDecodedCert *dc);
- /* is id the identifier for this cert? */
- nssCertIDMatch (*matchIdentifier)(nssDecodedCert *dc, void *id);
- /* is this cert a valid CA cert? */
- PRBool (*isValidIssuer)(nssDecodedCert *dc);
- /* returns the cert usage */
- NSSUsage * (*getUsage)(nssDecodedCert *dc);
- /* is time within the validity period of the cert? */
- PRBool (*isValidAtTime)(nssDecodedCert *dc, NSSTime *time);
- /* is the validity period of this cert newer than cmpdc? */
- PRBool (*isNewerThan)(nssDecodedCert *dc, nssDecodedCert *cmpdc);
- /* does the usage for this cert match the requested usage? */
- PRBool (*matchUsage)(nssDecodedCert *dc, NSSUsage *usage);
- /* extract the email address */
- NSSASCII7 *(*getEmailAddress)(nssDecodedCert *dc);
- /* extract the DER-encoded serial number */
- PRStatus (*getDERSerialNumber)(nssDecodedCert *dc,
- NSSDER *derSerial, NSSArena *arena);
-};
-
-struct NSSUsageStr {
- PRBool anyUsage;
-#ifdef NSS_3_4_CODE
- SECCertUsage nss3usage;
- PRBool nss3lookingForCA;
-#endif
-};
-
-typedef struct nssBestCertificateCBStr nssBestCertificateCB;
-
-struct nssBestCertificateCBStr {
- NSSCertificate *cert;
- NSSTime *time;
- NSSTime sTime; /* to avoid allocating when unnecessary */
- NSSUsage *usage;
- NSSPolicies *policies;
-};
-
-typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection;
-
-typedef struct
-{
- union {
- PRStatus (* cert)(NSSCertificate *c, void *arg);
- PRStatus (* crl)(NSSCRL *crl, void *arg);
- PRStatus (* pvkey)(NSSPrivateKey *vk, void *arg);
- PRStatus (* pbkey)(NSSPublicKey *bk, void *arg);
- } func;
- void *arg;
-} nssPKIObjectCallback;
-
-PR_END_EXTERN_C
-
-#endif /* PKITM_H */
diff --git a/security/nss/lib/pki/symmkey.c b/security/nss/lib/pki/symmkey.c
deleted file mode 100644
index abf7f659a..000000000
--- a/security/nss/lib/pki/symmkey.c
+++ /dev/null
@@ -1,297 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Destroy (
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_DeleteStoredObject (
- NSSSymmetricKey *mk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyLength (
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyStrength (
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_IsStillPresent (
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain (
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSSymmetricKey_GetToken (
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSSymmetricKey_GetSlot (
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSSymmetricKey_GetModule (
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Encrypt (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Decrypt (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Sign (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_SignRecover (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Verify (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_VerifyRecover (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapSymmetricKey (
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapPrivateKey (
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSPrivateKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey (
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey (
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSUTF8 *labelOpt,
- NSSItem *keyIDOpt,
- PRBool persistant,
- PRBool sensitive,
- NSSToken *destinationOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey (
- NSSSymmetricKey *originalKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext (
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/tdcache.c b/security/nss/lib/pki/tdcache.c
deleted file mode 100644
index 1f1d3fa97..000000000
--- a/security/nss/lib/pki/tdcache.c
+++ /dev/null
@@ -1,1133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef NSS_3_4_CODE
-#include "cert.h"
-#include "dev.h"
-#include "pki3hack.h"
-#endif
-
-#ifdef DEBUG_CACHE
-static PRLogModuleInfo *s_log = NULL;
-#endif
-
-#ifdef DEBUG_CACHE
-static void log_item_dump(const char *msg, NSSItem *it)
-{
- char buf[33];
- int i, j;
- for (i=0; i<10 && i<it->size; i++) {
- sprintf(&buf[2*i], "%02X", ((PRUint8 *)it->data)[i]);
- }
- if (it->size>10) {
- sprintf(&buf[2*i], "..");
- i += 1;
- for (j=it->size-1; i<=16 && j>10; i++, j--) {
- sprintf(&buf[2*i], "%02X", ((PRUint8 *)it->data)[j]);
- }
- }
- PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg, buf));
-}
-#endif
-
-#ifdef DEBUG_CACHE
-static void log_cert_ref(const char *msg, NSSCertificate *c)
-{
- PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg,
- (c->nickname) ? c->nickname : c->email));
- log_item_dump("\tserial", &c->serial);
- log_item_dump("\tsubject", &c->subject);
-}
-#endif
-
-/* Certificate cache routines */
-
-/* XXX
- * Locking is not handled well at all. A single, global lock with sub-locks
- * in the collection types. Cleanup needed.
- */
-
-/* should it live in its own arena? */
-struct nssTDCertificateCacheStr
-{
- PZLock *lock;
- NSSArena *arena;
- nssHash *issuerAndSN;
- nssHash *subject;
- nssHash *nickname;
- nssHash *email;
-};
-
-struct cache_entry_str
-{
- union {
- NSSCertificate *cert;
- nssList *list;
- void *value;
- } entry;
- PRUint32 hits;
- PRTime lastHit;
- NSSArena *arena;
- NSSUTF8 *nickname;
-};
-
-typedef struct cache_entry_str cache_entry;
-
-static cache_entry *
-new_cache_entry(NSSArena *arena, void *value, PRBool ownArena)
-{
- cache_entry *ce = nss_ZNEW(arena, cache_entry);
- if (ce) {
- ce->entry.value = value;
- ce->hits = 1;
- ce->lastHit = PR_Now();
- if (ownArena) {
- ce->arena = arena;
- }
- ce->nickname = NULL;
- }
- return ce;
-}
-
-/* sort the subject list from newest to oldest */
-static PRIntn subject_list_sort(void *v1, void *v2)
-{
- NSSCertificate *c1 = (NSSCertificate *)v1;
- NSSCertificate *c2 = (NSSCertificate *)v2;
- nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
- nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
- if (dc1->isNewerThan(dc1, dc2)) {
- return -1;
- } else {
- return 1;
- }
-}
-
-/* this should not be exposed in a header, but is here to keep the above
- * types/functions static
- */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_InitializeCache (
- NSSTrustDomain *td,
- PRUint32 cacheSize
-)
-{
- NSSArena *arena;
- nssTDCertificateCache *cache = td->cache;
-#ifdef DEBUG_CACHE
- s_log = PR_NewLogModule("nss_cache");
- PR_ASSERT(s_log);
-#endif
- PR_ASSERT(!cache);
- arena = nssArena_Create();
- if (!arena) {
- return PR_FAILURE;
- }
- cache = nss_ZNEW(arena, nssTDCertificateCache);
- if (!cache) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- cache->lock = PZ_NewLock(nssILockCache);
- if (!cache->lock) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- /* Create the issuer and serial DER --> certificate hash */
- cache->issuerAndSN = nssHash_CreateCertificate(arena, cacheSize);
- if (!cache->issuerAndSN) {
- goto loser;
- }
- /* Create the subject DER --> subject list hash */
- cache->subject = nssHash_CreateItem(arena, cacheSize);
- if (!cache->subject) {
- goto loser;
- }
- /* Create the nickname --> subject list hash */
- cache->nickname = nssHash_CreateString(arena, cacheSize);
- if (!cache->nickname) {
- goto loser;
- }
- /* Create the email --> list of subject lists hash */
- cache->email = nssHash_CreateString(arena, cacheSize);
- if (!cache->email) {
- goto loser;
- }
- cache->arena = arena;
- td->cache = cache;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialized."));
-#endif
- return PR_SUCCESS;
-loser:
- PZ_DestroyLock(cache->lock);
- nssArena_Destroy(arena);
- td->cache = NULL;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialization failed."));
-#endif
- return PR_FAILURE;
-}
-
-/* The entries of the hashtable are currently dependent on the certificate(s)
- * that produced them. That is, the entries will be freed when the cert is
- * released from the cache. If there are certs in the cache at any time,
- * including shutdown, the hash table entries will hold memory. In order for
- * clean shutdown, it is necessary for there to be no certs in the cache.
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-extern const NSSError NSS_ERROR_BUSY;
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_DestroyCache (
- NSSTrustDomain *td
-)
-{
- if (!td->cache) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
- if (nssHash_Count(td->cache->issuerAndSN) > 0) {
- nss_SetError(NSS_ERROR_BUSY);
- return PR_FAILURE;
- }
- PZ_DestroyLock(td->cache->lock);
- nssHash_Destroy(td->cache->issuerAndSN);
- nssHash_Destroy(td->cache->subject);
- nssHash_Destroy(td->cache->nickname);
- nssHash_Destroy(td->cache->email);
- nssArena_Destroy(td->cache->arena);
- td->cache = NULL;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("Cache destroyed."));
-#endif
- return PR_SUCCESS;
-}
-
-static PRStatus
-remove_issuer_and_serial_entry (
- nssTDCertificateCache *cache,
- NSSCertificate *cert
-)
-{
- /* Remove the cert from the issuer/serial hash */
- nssHash_Remove(cache->issuerAndSN, cert);
-#ifdef DEBUG_CACHE
- log_cert_ref("removed issuer/sn", cert);
-#endif
- return PR_SUCCESS;
-}
-
-static PRStatus
-remove_subject_entry (
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList **subjectList,
- NSSUTF8 **nickname,
- NSSArena **arena
-)
-{
- PRStatus nssrv;
- cache_entry *ce;
- *subjectList = NULL;
- *arena = NULL;
- /* Get the subject list for the cert's subject */
- ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
- if (ce) {
- /* Remove the cert from the subject hash */
- nssList_Remove(ce->entry.list, cert);
- *subjectList = ce->entry.list;
- *nickname = ce->nickname;
- *arena = ce->arena;
- nssrv = PR_SUCCESS;
-#ifdef DEBUG_CACHE
- log_cert_ref("removed cert", cert);
- log_item_dump("from subject list", &cert->subject);
-#endif
- } else {
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-static PRStatus
-remove_nickname_entry (
- nssTDCertificateCache *cache,
- NSSUTF8 *nickname,
- nssList *subjectList
-)
-{
- PRStatus nssrv;
- if (nickname) {
- nssHash_Remove(cache->nickname, nickname);
- nssrv = PR_SUCCESS;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("removed nickname %s", nickname));
-#endif
- } else {
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-static PRStatus
-remove_email_entry (
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList *subjectList
-)
-{
- PRStatus nssrv = PR_FAILURE;
- cache_entry *ce;
- /* Find the subject list in the email hash */
- if (cert->email) {
- ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
- if (ce) {
- nssList *subjects = ce->entry.list;
- /* Remove the subject list from the email hash */
- nssList_Remove(subjects, subjectList);
-#ifdef DEBUG_CACHE
- log_item_dump("removed subject list", &cert->subject);
- PR_LOG(s_log, PR_LOG_DEBUG, ("for email %s", cert->email));
-#endif
- if (nssList_Count(subjects) == 0) {
- /* No more subject lists for email, delete list and
- * remove hash entry
- */
- (void)nssList_Destroy(subjects);
- nssHash_Remove(cache->email, cert->email);
- /* there are no entries left for this address, free space
- * used for email entries
- */
- nssArena_Destroy(ce->arena);
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("removed email %s", cert->email));
-#endif
- }
- nssrv = PR_SUCCESS;
- }
- }
- return nssrv;
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_RemoveCertFromCacheLOCKED (
- NSSTrustDomain *td,
- NSSCertificate *cert
-)
-{
- nssList *subjectList;
- cache_entry *ce;
- NSSArena *arena;
- NSSUTF8 *nickname;
-
-#ifdef DEBUG_CACHE
- log_cert_ref("attempt to remove cert", cert);
-#endif
- ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert);
- if (!ce || ce->entry.cert != cert) {
- /* If it's not in the cache, or a different cert is (this is really
- * for safety reasons, though it shouldn't happen), do nothing
- */
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("but it wasn't in the cache"));
-#endif
- return;
- }
- (void)remove_issuer_and_serial_entry(td->cache, cert);
- (void)remove_subject_entry(td->cache, cert, &subjectList,
- &nickname, &arena);
- if (nssList_Count(subjectList) == 0) {
- (void)remove_nickname_entry(td->cache, nickname, subjectList);
- (void)remove_email_entry(td->cache, cert, subjectList);
- (void)nssList_Destroy(subjectList);
- nssHash_Remove(td->cache->subject, &cert->subject);
- /* there are no entries left for this subject, free the space used
- * for both the nickname and subject entries
- */
- if (arena) {
- nssArena_Destroy(arena);
- }
- }
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_LockCertCache (
- NSSTrustDomain *td
-)
-{
- PZ_Lock(td->cache->lock);
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_UnlockCertCache (
- NSSTrustDomain *td
-)
-{
- PZ_Unlock(td->cache->lock);
-}
-
-struct token_cert_dtor {
- NSSToken *token;
- nssTDCertificateCache *cache;
- NSSCertificate **certs;
- PRUint32 numCerts, arrSize;
-};
-
-static void
-remove_token_certs(const void *k, void *v, void *a)
-{
- NSSCertificate *c = (NSSCertificate *)k;
- nssPKIObject *object = &c->object;
- struct token_cert_dtor *dtor = a;
- PRUint32 i;
- PZ_Lock(object->lock);
- for (i=0; i<object->numInstances; i++) {
- if (object->instances[i]->token == dtor->token) {
- nssCryptokiObject_Destroy(object->instances[i]);
- object->instances[i] = object->instances[object->numInstances-1];
- object->instances[object->numInstances-1] = NULL;
- object->numInstances--;
- dtor->certs[dtor->numCerts++] = c;
- if (dtor->numCerts == dtor->arrSize) {
- dtor->arrSize *= 2;
- dtor->certs = nss_ZREALLOCARRAY(dtor->certs,
- NSSCertificate *,
- dtor->arrSize);
- }
- break;
- }
- }
- PZ_Unlock(object->lock);
- return;
-}
-
-/*
- * Remove all certs for the given token from the cache. This is
- * needed if the token is removed.
- */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache (
- NSSTrustDomain *td,
- NSSToken *token
-)
-{
- NSSCertificate **certs;
- PRUint32 i, arrSize = 10;
- struct token_cert_dtor dtor;
- certs = nss_ZNEWARRAY(NULL, NSSCertificate *, arrSize);
- if (!certs) {
- return PR_FAILURE;
- }
- dtor.cache = td->cache;
- dtor.token = token;
- dtor.certs = certs;
- dtor.numCerts = 0;
- dtor.arrSize = arrSize;
- PZ_Lock(td->cache->lock);
- nssHash_Iterate(td->cache->issuerAndSN, remove_token_certs, (void *)&dtor);
- for (i=0; i<dtor.numCerts; i++) {
- if (dtor.certs[i]->object.numInstances == 0) {
- nssTrustDomain_RemoveCertFromCacheLOCKED(td, dtor.certs[i]);
- } else {
- STAN_ForceCERTCertificateUpdate(dtor.certs[i]);
- }
- }
- PZ_Unlock(td->cache->lock);
- nss_ZFreeIf(dtor.certs);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_UpdateCachedTokenCerts (
- NSSTrustDomain *td,
- NSSToken *token
-)
-{
- NSSCertificate **cp, **cached = NULL;
- nssList *certList;
- PRUint32 count;
- certList = nssList_Create(NULL, PR_FALSE);
- if (!certList) return PR_FAILURE;
- (void *)nssTrustDomain_GetCertsFromCache(td, certList);
- count = nssList_Count(certList);
- if (count > 0) {
- cached = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
- if (!cached) {
- return PR_FAILURE;
- }
- nssList_GetArray(certList, (void **)cached, count);
- nssList_Destroy(certList);
- for (cp = cached; *cp; cp++) {
- nssCryptokiObject *instance;
- NSSCertificate *c = *cp;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- instance = nssToken_FindCertificateByIssuerAndSerialNumber(
- token,
- NULL,
- &c->issuer,
- &c->serial,
- tokenOnly,
- NULL);
- if (instance) {
- nssPKIObject_AddInstance(&c->object, instance);
- STAN_ForceCERTCertificateUpdate(c);
- }
- }
- nssCertificateArray_Destroy(cached);
- }
- return PR_SUCCESS;
-}
-
-static PRStatus
-add_issuer_and_serial_entry (
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSCertificate *cert
-)
-{
- cache_entry *ce;
- ce = new_cache_entry(arena, (void *)cert, PR_FALSE);
-#ifdef DEBUG_CACHE
- log_cert_ref("added to issuer/sn", cert);
-#endif
- return nssHash_Add(cache->issuerAndSN, cert, (void *)ce);
-}
-
-static PRStatus
-add_subject_entry (
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- NSSUTF8 *nickname,
- nssList **subjectList
-)
-{
- PRStatus nssrv;
- nssList *list;
- cache_entry *ce;
- *subjectList = NULL; /* this is only set if a new one is created */
- ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
- /* The subject is already in, add this cert to the list */
- nssrv = nssList_AddUnique(ce->entry.list, cert);
-#ifdef DEBUG_CACHE
- log_cert_ref("added to existing subject list", cert);
-#endif
- } else {
- NSSDER *subject;
- /* Create a new subject list for the subject */
- list = nssList_Create(arena, PR_FALSE);
- if (!list) {
- return PR_FAILURE;
- }
- ce = new_cache_entry(arena, (void *)list, PR_TRUE);
- if (!ce) {
- return PR_FAILURE;
- }
- if (nickname) {
- ce->nickname = nssUTF8_Duplicate(nickname, arena);
- }
- nssList_SetSortFunction(list, subject_list_sort);
- /* Add the cert entry to this list of subjects */
- nssrv = nssList_AddUnique(list, cert);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- /* Add the subject list to the cache */
- subject = nssItem_Duplicate(&cert->subject, arena, NULL);
- if (!subject) {
- return PR_FAILURE;
- }
- nssrv = nssHash_Add(cache->subject, subject, ce);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- *subjectList = list;
-#ifdef DEBUG_CACHE
- log_cert_ref("created subject list", cert);
-#endif
- }
- return nssrv;
-}
-
-static PRStatus
-add_nickname_entry (
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSUTF8 *certNickname,
- nssList *subjectList
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- cache_entry *ce;
- ce = (cache_entry *)nssHash_Lookup(cache->nickname, certNickname);
- if (ce) {
- /* This is a collision. A nickname entry already exists for this
- * subject, but a subject entry didn't. This would imply there are
- * two subjects using the same nickname, which is not allowed.
- */
- return PR_FAILURE;
- } else {
- NSSUTF8 *nickname;
- ce = new_cache_entry(arena, subjectList, PR_FALSE);
- if (!ce) {
- return PR_FAILURE;
- }
- nickname = nssUTF8_Duplicate(certNickname, arena);
- if (!nickname) {
- return PR_FAILURE;
- }
- nssrv = nssHash_Add(cache->nickname, nickname, ce);
-#ifdef DEBUG_CACHE
- log_cert_ref("created nickname for", cert);
-#endif
- }
- return nssrv;
-}
-
-static PRStatus
-add_email_entry (
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList *subjectList
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- nssList *subjects;
- cache_entry *ce;
- ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
- if (ce) {
- /* Already have an entry for this email address, but not subject */
- subjects = ce->entry.list;
- nssrv = nssList_AddUnique(subjects, subjectList);
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- log_cert_ref("added subject to email for", cert);
-#endif
- } else {
- NSSASCII7 *email;
- NSSArena *arena;
- arena = nssArena_Create();
- if (!arena) {
- return PR_FAILURE;
- }
- /* Create a new list of subject lists, add this subject */
- subjects = nssList_Create(arena, PR_TRUE);
- if (!subjects) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- /* Add the new subject to the list */
- nssrv = nssList_AddUnique(subjects, subjectList);
- if (nssrv != PR_SUCCESS) {
- nssArena_Destroy(arena);
- return nssrv;
- }
- /* Add the new entry to the cache */
- ce = new_cache_entry(arena, (void *)subjects, PR_TRUE);
- if (!ce) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- email = nssUTF8_Duplicate(cert->email, arena);
- if (!email) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- nssrv = nssHash_Add(cache->email, email, ce);
- if (nssrv != PR_SUCCESS) {
- nssArena_Destroy(arena);
- return nssrv;
- }
-#ifdef DEBUG_CACHE
- log_cert_ref("created email for", cert);
-#endif
- }
- return nssrv;
-}
-
-extern const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE;
-
-static NSSCertificate *
-add_cert_to_cache (
- NSSTrustDomain *td,
- NSSCertificate *cert
-)
-{
- NSSArena *arena = NULL;
- nssList *subjectList = NULL;
- PRStatus nssrv;
- PRUint32 added = 0;
- cache_entry *ce;
- NSSCertificate *rvCert = NULL;
- NSSUTF8 *certNickname = nssCertificate_GetNickname(cert, NULL);
-
- PZ_Lock(td->cache->lock);
- /* If it exists in the issuer/serial hash, it's already in all */
- ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
- rvCert = nssCertificate_AddRef(ce->entry.cert);
-#ifdef DEBUG_CACHE
- log_cert_ref("attempted to add cert already in cache", cert);
-#endif
- PZ_Unlock(td->cache->lock);
- /* collision - somebody else already added the cert
- * to the cache before this thread got around to it.
- */
- nssCertificate_Destroy(cert);
- return rvCert;
- }
- /* create a new cache entry for this cert within the cert's arena*/
- nssrv = add_issuer_and_serial_entry(cert->object.arena, td->cache, cert);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- added++;
- /* create an arena for the nickname and subject entries */
- arena = nssArena_Create();
- if (!arena) {
- goto loser;
- }
- /* create a new subject list for this cert, or add to existing */
- nssrv = add_subject_entry(arena, td->cache, cert,
- certNickname, &subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- added++;
- /* If a new subject entry was created, also need nickname and/or email */
- if (subjectList != NULL) {
- PRBool handle = PR_FALSE;
- if (certNickname) {
- nssrv = add_nickname_entry(arena, td->cache,
- certNickname, subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- handle = PR_TRUE;
- added++;
- }
- if (cert->email) {
- nssrv = add_email_entry(td->cache, cert, subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- handle = PR_TRUE;
- added += 2;
- }
-#ifdef nodef
- /* I think either a nickname or email address must be associated
- * with the cert. However, certs are passed to NewTemp without
- * either. This worked in the old code, so it must work now.
- */
- if (!handle) {
- /* Require either nickname or email handle */
- nssrv = PR_FAILURE;
- goto loser;
- }
-#endif
- }
- rvCert = cert;
- PZ_Unlock(td->cache->lock);
- return rvCert;
-loser:
- /* Remove any handles that have been created */
- subjectList = NULL;
- if (added >= 1) {
- (void)remove_issuer_and_serial_entry(td->cache, cert);
- }
- if (added >= 2) {
- (void)remove_subject_entry(td->cache, cert, &subjectList,
- &certNickname, &arena);
- }
- if (added == 3 || added == 5) {
- (void)remove_nickname_entry(td->cache, certNickname, subjectList);
- }
- if (added >= 4) {
- (void)remove_email_entry(td->cache, cert, subjectList);
- }
- if (subjectList) {
- nssHash_Remove(td->cache->subject, &cert->subject);
- nssList_Destroy(subjectList);
- }
- if (arena) {
- nssArena_Destroy(arena);
- }
- PZ_Unlock(td->cache->lock);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_AddCertsToCache (
- NSSTrustDomain *td,
- NSSCertificate **certs,
- PRUint32 numCerts
-)
-{
- PRUint32 i;
- NSSCertificate *c;
- for (i=0; i<numCerts && certs[i]; i++) {
- c = add_cert_to_cache(td, certs[i]);
- if (c == NULL) {
- return PR_FAILURE;
- } else {
- certs[i] = c;
- }
- }
- return PR_SUCCESS;
-}
-
-static NSSCertificate **
-collect_subject_certs (
- nssList *subjectList,
- nssList *rvCertListOpt
-)
-{
- NSSCertificate *c;
- NSSCertificate **rvArray = NULL;
- PRUint32 count;
- nssCertificateList_AddReferences(subjectList);
- if (rvCertListOpt) {
- nssListIterator *iter = nssList_CreateIterator(subjectList);
- for (c = (NSSCertificate *)nssListIterator_Start(iter);
- c != (NSSCertificate *)NULL;
- c = (NSSCertificate *)nssListIterator_Next(iter)) {
- nssList_Add(rvCertListOpt, c);
- }
- nssListIterator_Finish(iter);
- nssListIterator_Destroy(iter);
- } else {
- count = nssList_Count(subjectList);
- rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
- if (!rvArray) {
- return (NSSCertificate **)NULL;
- }
- nssList_GetArray(subjectList, (void **)rvArray, count);
- }
- return rvArray;
-}
-
-/*
- * Find all cached certs with this subject.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForSubjectFromCache (
- NSSTrustDomain *td,
- NSSDER *subject,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- cache_entry *ce;
-#ifdef DEBUG_CACHE
- log_item_dump("looking for cert by subject", subject);
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->subject, subject);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- rvArray = collect_subject_certs(ce->entry.list, certListOpt);
- }
- PZ_Unlock(td->cache->lock);
- return rvArray;
-}
-
-/*
- * Find all cached certs with this label.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForNicknameFromCache (
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- cache_entry *ce;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by nick %s", nickname));
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->nickname, nickname);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- rvArray = collect_subject_certs(ce->entry.list, certListOpt);
- }
- PZ_Unlock(td->cache->lock);
- return rvArray;
-}
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForEmailAddressFromCache (
- NSSTrustDomain *td,
- NSSASCII7 *email,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- cache_entry *ce;
- nssList *collectList = NULL;
- nssListIterator *iter = NULL;
- nssList *subjectList;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by email %s", email));
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->email, email);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- /* loop over subject lists and get refs for certs */
- if (certListOpt) {
- collectList = certListOpt;
- } else {
- collectList = nssList_Create(NULL, PR_FALSE);
- if (!collectList) {
- PZ_Unlock(td->cache->lock);
- return NULL;
- }
- }
- iter = nssList_CreateIterator(ce->entry.list);
- if (!iter) {
- PZ_Unlock(td->cache->lock);
- if (!certListOpt) {
- nssList_Destroy(collectList);
- }
- return NULL;
- }
- for (subjectList = (nssList *)nssListIterator_Start(iter);
- subjectList != (nssList *)NULL;
- subjectList = (nssList *)nssListIterator_Next(iter)) {
- (void)collect_subject_certs(subjectList, collectList);
- }
- nssListIterator_Finish(iter);
- nssListIterator_Destroy(iter);
- }
- PZ_Unlock(td->cache->lock);
- if (!certListOpt && collectList) {
- PRUint32 count = nssList_Count(collectList);
- rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
- if (rvArray) {
- nssList_GetArray(collectList, (void **)rvArray, count);
- }
- nssList_Destroy(collectList);
- }
- return rvArray;
-}
-
-/*
- * Look for a specific cert in the cache
- */
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_GetCertForIssuerAndSNFromCache (
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- NSSCertificate certkey;
- NSSCertificate *rvCert = NULL;
- cache_entry *ce;
- certkey.issuer.data = issuer->data;
- certkey.issuer.size = issuer->size;
- certkey.serial.data = serial->data;
- certkey.serial.size = serial->size;
-#ifdef DEBUG_CACHE
- log_item_dump("looking for cert by issuer/sn, issuer", issuer);
- log_item_dump(" serial", serial);
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, &certkey);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
- rvCert = nssCertificate_AddRef(ce->entry.cert);
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- }
- PZ_Unlock(td->cache->lock);
- return rvCert;
-}
-
-#ifdef NSS_3_4_CODE
-static PRStatus
-issuer_and_serial_from_encoding (
- NSSBER *encoding,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- SECItem derCert, derIssuer, derSerial;
- SECStatus secrv;
- derCert.data = (unsigned char *)encoding->data;
- derCert.len = encoding->size;
- secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
- if (secrv != SECSuccess) {
- return PR_FAILURE;
- }
- secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
- if (secrv != SECSuccess) {
- return PR_FAILURE;
- }
- issuer->data = derIssuer.data;
- issuer->size = derIssuer.len;
- serial->data = derSerial.data;
- serial->size = derSerial.len;
- return PR_SUCCESS;
-}
-#endif
-
-/*
- * Look for a specific cert in the cache
- */
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_GetCertByDERFromCache (
- NSSTrustDomain *td,
- NSSDER *der
-)
-{
- PRStatus nssrv = PR_FAILURE;
- NSSDER issuer, serial;
- NSSCertificate *rvCert;
-#ifdef NSS_3_4_CODE
- nssrv = issuer_and_serial_from_encoding(der, &issuer, &serial);
-#endif
- if (nssrv != PR_SUCCESS) {
- return NULL;
- }
-#ifdef DEBUG_CACHE
- log_item_dump("looking for cert by DER", der);
-#endif
- rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
- &issuer, &serial);
-#ifdef NSS_3_4_CODE
- PORT_Free(issuer.data);
- PORT_Free(serial.data);
-#endif
- return rvCert;
-}
-
-static void cert_iter(const void *k, void *v, void *a)
-{
- nssList *certList = (nssList *)a;
- NSSCertificate *c = (NSSCertificate *)k;
- nssList_Add(certList, nssCertificate_AddRef(c));
-}
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsFromCache (
- NSSTrustDomain *td,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- nssList *certList;
- if (certListOpt) {
- certList = certListOpt;
- } else {
- certList = nssList_Create(NULL, PR_FALSE);
- }
- PZ_Lock(td->cache->lock);
- nssHash_Iterate(td->cache->issuerAndSN, cert_iter, (void *)certList);
- PZ_Unlock(td->cache->lock);
- if (!certListOpt) {
- PRUint32 count = nssList_Count(certList);
- rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
- nssList_GetArray(certList, (void **)rvArray, count);
- /* array takes the references */
- nssList_Destroy(certList);
- }
- return rvArray;
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_DumpCacheInfo (
- NSSTrustDomain *td,
- void (* cert_dump_iter)(const void *, void *, void *),
- void *arg
-)
-{
- PZ_Lock(td->cache->lock);
- nssHash_Iterate(td->cache->issuerAndSN, cert_dump_iter, arg);
- PZ_Unlock(td->cache->lock);
-}
diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c
deleted file mode 100644
index 24e249264..000000000
--- a/security/nss/lib/pki/trustdomain.c
+++ /dev/null
@@ -1,1383 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-#ifdef NSS_3_4_CODE
-#include "cert.h"
-#include "pki3hack.h"
-#endif
-
-#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
-
-#ifdef PURE_STAN_BUILD
-struct NSSTrustDomainStr {
- PRInt32 refCount;
- NSSArena *arena;
- NSSCallback *defaultCallback;
- struct {
- nssSlotList *forCerts;
- nssSlotList *forCiphers;
- nssSlotList *forTrust;
- } slots;
- nssCertificateCache *cache;
-};
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-typedef PRUint32 nssUpdateLevel;
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSTrustDomain_Create (
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-)
-{
- NSSArena *arena;
- NSSTrustDomain *rvTD;
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSTrustDomain *)NULL;
- }
- rvTD = nss_ZNEW(arena, NSSTrustDomain);
- if (!rvTD) {
- goto loser;
- }
- nssTrustDomain_InitializeCache(rvTD, NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE);
- rvTD->arena = arena;
- rvTD->refCount = 1;
-#ifdef NSS_3_4_CODE
- rvTD->statusConfig = NULL;
-#endif
- return rvTD;
-loser:
- nssArena_Destroy(arena);
- return (NSSTrustDomain *)NULL;
-}
-
-static void
-token_destructor(void *t)
-{
- NSSToken *tok = (NSSToken *)t;
- /* in 3.4, also destroy the slot (managed separately) */
- (void)nssSlot_Destroy(tok->slot);
- nssToken_Destroy(tok);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Destroy (
- NSSTrustDomain *td
-)
-{
- PRStatus status = PR_SUCCESS;
- if (--td->refCount == 0) {
- /* Destroy each token in the list of tokens */
- if (td->tokens) {
- nssListIterator_Destroy(td->tokens);
- nssList_Clear(td->tokenList, token_destructor);
- nssList_Destroy(td->tokenList);
- }
- status = nssTrustDomain_DestroyCache(td);
- if (status == PR_FAILURE) {
- return status;
- }
- /* Destroy the trust domain */
- nssArena_Destroy(td->arena);
- }
- return status;
-}
-
-/* XXX uses tokens until slot list is in place */
-static NSSSlot **
-nssTrustDomain_GetActiveSlots (
- NSSTrustDomain *td,
- nssUpdateLevel *updateLevel
-)
-{
- PRUint32 count;
- NSSSlot **slots = NULL;
- NSSToken **tp, **tokens;
- *updateLevel = 1;
- count = nssList_Count(td->tokenList);
- tokens = nss_ZNEWARRAY(NULL, NSSToken *, count + 1);
- if (!tokens) {
- return NULL;
- }
- slots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1);
- if (!slots) {
- nss_ZFreeIf(tokens);
- return NULL;
- }
- nssList_GetArray(td->tokenList, (void **)tokens, count);
- count = 0;
- for (tp = tokens; *tp; tp++) {
- slots[count++] = nssToken_GetSlot(*tp);
- }
- nss_ZFreeIf(tokens);
- return slots;
-}
-
-/* XXX */
-static nssSession *
-nssTrustDomain_GetSessionForToken (
- NSSTrustDomain *td,
- NSSToken *token
-)
-{
- return nssToken_GetDefaultSession(token);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_SetDefaultCallback (
- NSSTrustDomain *td,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-)
-{
- if (oldCallbackOpt) {
- *oldCallbackOpt = td->defaultCallback;
- }
- td->defaultCallback = newCallback;
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSCallback *
-nssTrustDomain_GetDefaultCallback (
- NSSTrustDomain *td,
- PRStatus *statusOpt
-)
-{
- if (statusOpt) {
- *statusOpt = PR_SUCCESS;
- }
- return td->defaultCallback;
-}
-
-NSS_IMPLEMENT NSSCallback *
-NSSTrustDomain_GetDefaultCallback (
- NSSTrustDomain *td,
- PRStatus *statusOpt
-)
-{
- return nssTrustDomain_GetDefaultCallback(td, statusOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_LoadModule (
- NSSTrustDomain *td,
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-)
-{
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_DisableToken (
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError why
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_EnableToken (
- NSSTrustDomain *td,
- NSSToken *token
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_IsTokenEnabled (
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError *whyOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSTrustDomain_FindSlotByName (
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenByName (
- NSSTrustDomain *td,
- NSSUTF8 *tokenName
-)
-{
- PRStatus nssrv;
- NSSUTF8 *myName;
- NSSToken *tok = NULL;
- for (tok = (NSSToken *)nssListIterator_Start(td->tokens);
- tok != (NSSToken *)NULL;
- tok = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- if (nssToken_IsPresent(tok)) {
- myName = nssToken_GetName(tok);
- if (nssUTF8_Equal(tokenName, myName, &nssrv)) break;
- }
- }
- nssListIterator_Finish(td->tokens);
- return tok;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenBySlotName (
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenForAlgorithm (
- NSSTrustDomain *td,
- NSSOID *algorithm
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindBestTokenForAlgorithms (
- NSSTrustDomain *td,
- NSSOID *algorithms[], /* may be null-terminated */
- PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Login (
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Logout (
- NSSTrustDomain *td
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportCertificate (
- NSSTrustDomain *td,
- NSSCertificate *c
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate (
- NSSTrustDomain *td,
- /* declared as a struct until these "data types" are defined */
- struct NSSPKIXCertificateStr *pc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate (
- NSSTrustDomain *td,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain (
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSTrustDomain_ImportEncodedPrivateKey (
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSItem *passwordOpt, /* NULL will cause a callback */
- NSSCallback *uhhOpt,
- NSSToken *destination
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSTrustDomain_ImportEncodedPublicKey (
- NSSTrustDomain *td,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-static NSSCertificate **
-get_certs_from_list(nssList *list)
-{
- PRUint32 count = nssList_Count(list);
- NSSCertificate **certs = NULL;
- if (count > 0) {
- certs = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
- if (certs) {
- nssList_GetArray(list, (void **)certs, count);
- }
- }
- return certs;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesByNickname (
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- PRStatus status;
- PRUint32 numRemaining;
- NSSToken *token = NULL;
- NSSSlot **slots = NULL;
- NSSSlot **slotp;
- NSSCertificate **rvCerts = NULL;
- nssPKIObjectCollection *collection = NULL;
- nssUpdateLevel updateLevel;
- nssList *nameList;
- /* First, grab from the cache */
- nameList = nssList_Create(NULL, PR_FALSE);
- if (!nameList) {
- return NULL;
- }
- (void)nssTrustDomain_GetCertsForNicknameFromCache(td, name, nameList);
- rvCerts = get_certs_from_list(nameList);
- /* initialize the collection of token certificates with the set of
- * cached certs (if any).
- */
- collection = nssCertificateCollection_Create(td, rvCerts);
- nssCertificateArray_Destroy(rvCerts);
- nssList_Destroy(nameList);
- if (!collection) {
- return (NSSCertificate **)NULL;
- }
- /* obtain the current set of active slots in the trust domain */
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- goto loser;
- }
- /* iterate over the slots */
- numRemaining = maximumOpt;
- for (slotp = slots; *slotp; slotp++) {
- token = nssSlot_GetToken(*slotp);
- if (token) {
- nssSession *session;
- nssCryptokiObject **instances;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- session = nssTrustDomain_GetSessionForToken(td, token);
- if (!session) {
- nssToken_Destroy(token);
- goto loser;
- }
- instances = nssToken_FindCertificatesByNickname(token,
- session,
- name,
- tokenOnly,
- numRemaining,
- &status);
- nssToken_Destroy(token);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- if (instances) {
- status = nssPKIObjectCollection_AddInstances(collection,
- instances, 0);
- nss_ZFreeIf(instances);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- if (maximumOpt > 0) {
- PRUint32 count;
- count = nssPKIObjectCollection_Count(collection);
- numRemaining = maximumOpt - count;
- if (numRemaining == 0) break;
- }
- }
- }
- }
- /* Grab the certs collected in the search. */
- rvCerts = nssPKIObjectCollection_GetCertificates(collection,
- rvOpt, maximumOpt,
- arenaOpt);
- /* clean up */
- nssPKIObjectCollection_Destroy(collection);
- nssSlotArray_Destroy(slots);
- return rvCerts;
-loser:
- if (slots) {
- nssSlotArray_Destroy(slots);
- }
- if (collection) {
- nssPKIObjectCollection_Destroy(collection);
- }
- return (NSSCertificate **)NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname (
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- return nssTrustDomain_FindCertificatesByNickname(td,
- name,
- rvOpt,
- maximumOpt,
- arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindBestCertificateByNickname (
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- NSSCertificate **nicknameCerts;
- NSSCertificate *rvCert = NULL;
- nicknameCerts = nssTrustDomain_FindCertificatesByNickname(td, name,
- NULL,
- 0,
- NULL);
- if (nicknameCerts) {
- rvCert = nssCertificateArray_FindBestCertificate(nicknameCerts,
- timeOpt,
- usage,
- policiesOpt);
- nssCertificateArray_Destroy(nicknameCerts);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname (
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- return nssTrustDomain_FindBestCertificateByNickname(td,
- name,
- timeOpt,
- usage,
- policiesOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesBySubject (
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- PRStatus status;
- PRUint32 numRemaining;
- NSSToken *token = NULL;
- NSSSlot **slots = NULL;
- NSSSlot **slotp;
- NSSCertificate **rvCerts = NULL;
- nssPKIObjectCollection *collection = NULL;
- nssUpdateLevel updateLevel;
- nssList *subjectList;
- /* look in cache */
- subjectList = nssList_Create(NULL, PR_FALSE);
- if (!subjectList) {
- return NULL;
- }
- (void)nssTrustDomain_GetCertsForSubjectFromCache(td, subject, subjectList);
- rvCerts = get_certs_from_list(subjectList);
- collection = nssCertificateCollection_Create(td, rvCerts);
- nssCertificateArray_Destroy(rvCerts);
- nssList_Destroy(subjectList);
- if (!collection) {
- return (NSSCertificate **)NULL;
- }
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- goto loser;
- }
- numRemaining = maximumOpt;
- for (slotp = slots; *slotp; slotp++) {
- token = nssSlot_GetToken(*slotp);
- if (token) {
- nssSession *session;
- nssCryptokiObject **instances;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- session = nssTrustDomain_GetSessionForToken(td, token);
- if (!session) {
- nssToken_Destroy(token);
- goto loser;
- }
- instances = nssToken_FindCertificatesBySubject(token,
- session,
- subject,
- tokenOnly,
- numRemaining,
- &status);
- nssToken_Destroy(token);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- if (instances) {
- status = nssPKIObjectCollection_AddInstances(collection,
- instances, 0);
- nss_ZFreeIf(instances);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- if (maximumOpt > 0) {
- PRUint32 count;
- count = nssPKIObjectCollection_Count(collection);
- numRemaining = maximumOpt - count;
- if (numRemaining == 0) break;
- }
- }
- }
- }
- rvCerts = nssPKIObjectCollection_GetCertificates(collection,
- rvOpt, maximumOpt,
- arenaOpt);
- nssPKIObjectCollection_Destroy(collection);
- nssSlotArray_Destroy(slots);
- return rvCerts;
-loser:
- if (slots) {
- nssSlotArray_Destroy(slots);
- }
- if (collection) {
- nssPKIObjectCollection_Destroy(collection);
- }
- return (NSSCertificate **)NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject (
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt,
- NSSArena *arenaOpt
-)
-{
- return nssTrustDomain_FindCertificatesBySubject(td,
- subject,
- rvOpt,
- maximumOpt,
- arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindBestCertificateBySubject (
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- NSSCertificate **subjectCerts;
- NSSCertificate *rvCert = NULL;
- subjectCerts = nssTrustDomain_FindCertificatesBySubject(td, subject,
- NULL,
- 0,
- NULL);
- if (subjectCerts) {
- rvCert = nssCertificateArray_FindBestCertificate(subjectCerts,
- timeOpt,
- usage,
- policiesOpt);
- nssCertificateArray_Destroy(subjectCerts);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject (
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- return nssTrustDomain_FindBestCertificateBySubject(td,
- subject,
- timeOpt,
- usage,
- policiesOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents (
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents (
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- PRStatus status;
- NSSToken *token = NULL;
- NSSSlot **slots = NULL;
- NSSSlot **slotp;
- NSSCertificate *rvCert = NULL;
- nssPKIObjectCollection *collection = NULL;
- nssUpdateLevel updateLevel;
- /* see if this search is already cached */
- rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
- issuer,
- serial);
- if (rvCert) {
- return rvCert;
- }
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- goto loser;
- }
- for (slotp = slots; *slotp; slotp++) {
- token = nssSlot_GetToken(*slotp);
- if (token) {
- nssSession *session;
- nssCryptokiObject *instance;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- session = nssTrustDomain_GetSessionForToken(td, token);
- if (!session) {
- nssToken_Destroy(token);
- goto loser;
- }
- instance = nssToken_FindCertificateByIssuerAndSerialNumber(
- token,
- session,
- issuer,
- serial,
- tokenOnly,
- &status);
- nssToken_Destroy(token);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- if (instance) {
- if (!collection) {
- collection = nssCertificateCollection_Create(td, NULL);
- if (!collection) {
- goto loser;
- }
- }
- nssPKIObjectCollection_AddInstances(collection,
- &instance, 1);
- }
- }
- }
- if (collection) {
- (void)nssPKIObjectCollection_GetCertificates(collection,
- &rvCert, 1, NULL);
- if (!rvCert) {
- goto loser;
- }
- nssPKIObjectCollection_Destroy(collection);
- }
- nssSlotArray_Destroy(slots);
- return rvCert;
-loser:
- if (collection) {
- nssPKIObjectCollection_Destroy(collection);
- }
- if (slots) {
- nssSlotArray_Destroy(slots);
- }
- return (NSSCertificate *)NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber (
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- return nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
- issuer,
- serial);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindCertificateByEncodedCertificate (
- NSSTrustDomain *td,
- NSSBER *ber
-)
-{
- PRStatus status;
- NSSCertificate *rvCert = NULL;
- NSSDER issuer = { 0 };
- NSSDER serial = { 0 };
- NSSArena *arena = nssArena_Create();
- if (!arena) {
- return (NSSCertificate *)NULL;
- }
- /* XXX this is not generic... will any cert crack into issuer/serial? */
- status = nssPKIX509_GetIssuerAndSerialFromDER(ber, arena, &issuer, &serial);
- if (status != PR_SUCCESS) {
- goto finish;
- }
- rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
- &issuer,
- &serial);
-finish:
- nssArena_Destroy(arena);
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate (
- NSSTrustDomain *td,
- NSSBER *ber
-)
-{
- return nssTrustDomain_FindCertificateByEncodedCertificate(td, ber);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByEmail (
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- return 0;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail (
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash (
- NSSTrustDomain *td,
- NSSItem *hash
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate (
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificates (
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth (
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth (
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning (
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning (
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-static PRStatus
-collector(nssCryptokiObject *instance, void *arg)
-{
- nssPKIObjectCollection *collection = (nssPKIObjectCollection *)arg;
- return nssPKIObjectCollection_AddInstanceAsObject(collection, instance);
-}
-
-NSS_IMPLEMENT PRStatus *
-NSSTrustDomain_TraverseCertificates (
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus status;
- NSSToken *token = NULL;
- NSSSlot **slots = NULL;
- NSSSlot **slotp;
- nssPKIObjectCollection *collection = NULL;
- nssPKIObjectCallback pkiCallback;
- nssUpdateLevel updateLevel;
- NSSCertificate **cached = NULL;
- nssList *certList;
-
- certList = nssList_Create(NULL, PR_FALSE);
- if (!certList) return NULL;
- (void *)nssTrustDomain_GetCertsFromCache(td, certList);
- cached = get_certs_from_list(certList);
- collection = nssCertificateCollection_Create(td, cached);
- nssCertificateArray_Destroy(cached);
- nssList_Destroy(certList);
- if (!collection) {
- return (PRStatus *)NULL;
- }
- /* obtain the current set of active slots in the trust domain */
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- goto loser;
- }
- /* iterate over the slots */
- for (slotp = slots; *slotp; slotp++) {
- /* get the token for the slot, if present */
- token = nssSlot_GetToken(*slotp);
- if (token) {
- nssSession *session;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- /* get a session for the token */
- session = nssTrustDomain_GetSessionForToken(td, token);
- if (!session) {
- nssToken_Destroy(token);
- goto loser;
- }
- /* perform the traversal */
- status = nssToken_TraverseCertificates(token,
- session,
- tokenOnly,
- collector,
- collection);
- nssToken_Destroy(token);
- }
- }
-
- /* Traverse the collection */
- pkiCallback.func.cert = callback;
- pkiCallback.arg = arg;
- status = nssPKIObjectCollection_Traverse(collection, &pkiCallback);
- /* clean up */
- nssPKIObjectCollection_Destroy(collection);
- nssSlotArray_Destroy(slots);
- return NULL;
-loser:
- if (slots) {
- nssSlotArray_Destroy(slots);
- }
- if (collection) {
- nssPKIObjectCollection_Destroy(collection);
- }
- return NULL;
-}
-
-#ifdef notdef
-/*
- * search for Public and Private keys first
- */
-NSS_IMPLEMENT PRStatus *
-NSSTrustDomain_TraverseUserCertificates (
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus status;
- NSSToken *token = NULL;
- NSSSlot **slots = NULL;
- NSSSlot **slotp;
- nssPKIObjectCollection *collection = NULL;
- nssPKIObjectCallback pkiCallback;
- nssUpdateLevel updateLevel;
- NSSCertificate **cached = NULL;
- nssList *certList;
- certList = nssList_Create(NULL, PR_FALSE);
- if (!certList) return NULL;
- (void *)nssTrustDomain_GetCertsFromCache(td, certList);
- cached = get_certs_from_list(certList);
- collection = nssCertificateCollection_Create(td, cached);
- nssCertificateArray_Destroy(cached);
- nssList_Destroy(certList);
- if (!collection) {
- return (PRStatus *)NULL;
- }
- /* obtain the current set of active slots in the trust domain */
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- goto loser;
- }
- /* iterate over the slots */
- for (slotp = slots; *slotp; slotp++) {
- /* get the token for the slot, if present */
- token = nssSlot_GetToken(*slotp);
- if (token) {
- nssSession *session;
- nssCryptokiObject **instances;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- /* get a session for the token */
- session = nssTrustDomain_GetSessionForToken(td, token);
- if (!session) {
- nssToken_Destroy(token);
- goto loser;
- }
- /* perform the traversal */
- if (!isLoggedIn(tok)) {
- instances = nssToken_FindPublicKeys(token,
- session,
- tokenOnly,
- 0, &status);
- } else {
- instances = nssToken_FindPrivateKeys(token,
- session,
- tokenOnly,
- 0, &status);
- }
- nssToken_Destroy(token);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- /* add the found certificates to the collection */
- status = nssPKIObjectCollection_AddInstances(collection,
- instances, 0);
- nss_ZFreeIf(instances);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- }
- }
- status = nssPKIObjectCollection_MatchCerts(collection);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- /* Traverse the collection */
- pkiCallback.func.cert = callback;
- pkiCallback.arg = arg;
- status = nssPKIObjectCollection_Traverse(collection, &pkiCallback);
- /* clean up */
- nssPKIObjectCollection_Destroy(collection);
- nssSlotArray_Destroy(slots);
- return NULL;
-loser:
- if (slots) {
- nssSlotArray_Destroy(slots);
- }
- if (collection) {
- nssPKIObjectCollection_Destroy(collection);
- }
- return NULL;
-}
-#endif
-
-NSS_IMPLEMENT NSSTrust *
-nssTrustDomain_FindTrustForCertificate (
- NSSTrustDomain *td,
- NSSCertificate *c
-)
-{
- PRStatus status;
- NSSSlot **slots;
- NSSSlot **slotp;
- NSSToken *token;
- nssCryptokiObject *to = NULL;
- nssPKIObject *pkio = NULL;
- NSSTrust *rvt = NULL;
- nssUpdateLevel updateLevel;
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- return (NSSTrust *)NULL;
- }
- for (slotp = slots; *slotp; slotp++) {
- token = nssSlot_GetToken(*slotp);
- if (token) {
- to = nssToken_FindTrustForCertificate(token, NULL,
- &c->encoding,
- &c->issuer,
- &c->serial,
- nssTokenSearchType_TokenOnly);
- if (to) {
- if (!pkio) {
- pkio = nssPKIObject_Create(NULL, to, td, NULL);
- if (!pkio) {
- nssToken_Destroy(token);
- nssCryptokiObject_Destroy(to);
- goto loser;
- }
- } else {
- status = nssPKIObject_AddInstance(pkio, to);
- if (status != PR_SUCCESS) {
- nssToken_Destroy(token);
- nssCryptokiObject_Destroy(to);
- goto loser;
- }
- }
- }
- nssToken_Destroy(token);
- }
- }
- if (pkio) {
- rvt = nssTrust_Create(pkio, &c->encoding);
- if (!rvt) {
- goto loser;
- }
- }
- nssSlotArray_Destroy(slots);
- return rvt;
-loser:
- nssSlotArray_Destroy(slots);
- if (pkio) {
- nssPKIObject_Destroy(pkio);
- }
- return (NSSTrust *)NULL;
-}
-
-NSS_IMPLEMENT NSSCRL **
-nssTrustDomain_FindCRLsBySubject (
- NSSTrustDomain *td,
- NSSDER *subject
-)
-{
- PRStatus status;
- NSSSlot **slots;
- NSSSlot **slotp;
- NSSToken *token;
- nssUpdateLevel updateLevel;
- nssPKIObjectCollection *collection;
- NSSCRL **rvCRLs = NULL;
- collection = nssCRLCollection_Create(td, NULL);
- if (!collection) {
- return (NSSCRL **)NULL;
- }
- slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
- if (!slots) {
- goto loser;
- }
- for (slotp = slots; *slotp; slotp++) {
- token = nssSlot_GetToken(*slotp);
- if (token) {
- nssSession *session;
- nssCryptokiObject **instances;
- nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
- /* get a session for the token */
- session = nssTrustDomain_GetSessionForToken(td, token);
- if (!session) {
- nssToken_Destroy(token);
- goto loser;
- }
- /* perform the traversal */
- instances = nssToken_FindCRLsBySubject(token, session, subject,
- tokenOnly, 0, &status);
- nssToken_Destroy(token);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- /* add the found CRL's to the collection */
- status = nssPKIObjectCollection_AddInstances(collection,
- instances, 0);
- nss_ZFreeIf(instances);
- if (status != PR_SUCCESS) {
- goto loser;
- }
- }
- }
- rvCRLs = nssPKIObjectCollection_GetCRLs(collection, NULL, 0, NULL);
- nssPKIObjectCollection_Destroy(collection);
- nssSlotArray_Destroy(slots);
- return rvCRLs;
-loser:
- nssPKIObjectCollection_Destroy(collection);
- nssSlotArray_Destroy(slots);
- return (NSSCRL **)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_GenerateKeyPair (
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey (
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword (
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID (
- NSSTrustDomain *td,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-nssTrustDomain_CreateCryptoContext (
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-)
-{
- return nssCryptoContext_Create(td, uhhOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContext (
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-)
-{
- return nssTrustDomain_CreateCryptoContext(td, uhhOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithm (
- NSSTrustDomain *td,
- NSSOID *algorithm
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters (
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki1/.cvsignore b/security/nss/lib/pki1/.cvsignore
deleted file mode 100644
index 12bfbfc7c..000000000
--- a/security/nss/lib/pki1/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-oiddata.c
-oiddata.h
-
diff --git a/security/nss/lib/pki1/Makefile b/security/nss/lib/pki1/Makefile
deleted file mode 100644
index 9dad761c1..000000000
--- a/security/nss/lib/pki1/Makefile
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# Generate oiddata.h and oiddata.c.
-oidgen: oidgen.perl oids.txt
- rm -f oiddata.c oiddata.h
- perl oidgen.perl oiddata.c oiddata.h oids.txt
-
-export:: private_export
-
diff --git a/security/nss/lib/pki1/atav.c b/security/nss/lib/pki1/atav.c
deleted file mode 100644
index cdf311a37..000000000
--- a/security/nss/lib/pki1/atav.c
+++ /dev/null
@@ -1,1821 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * atav.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * AttributeTypeAndValue.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * AttributeTypeAndValue
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type ATTRIBUTE.&id ({SupportedAttributes}),
- * value ATTRIBUTE.&Type ({SupportedAttributes}{@type})}
- *
- * -- ATTRIBUTE information object class specification
- * -- Note: This has been greatly simplified for PKIX !!
- *
- * ATTRIBUTE ::= CLASS {
- * &Type,
- * &id OBJECT IDENTIFIER UNIQUE }
- * WITH SYNTAX {
- * WITH SYNTAX &Type ID &id }
- *
- * What this means is that the "type" of the value is determined by
- * the value of the oid. If we hide the structure, our accessors
- * can (at least in debug builds) assert value semantics beyond what
- * the compiler can provide. Since these things are only used in
- * RelativeDistinguishedNames, and since RDNs always contain a SET
- * of these things, we don't lose anything by hiding the structure
- * (and its size).
- */
-
-struct NSSATAVStr {
- NSSBER ber;
- const NSSOID *oid;
- NSSUTF8 *value;
- nssStringType stringForm;
-};
-
-/*
- * NSSATAV
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSATAV_CreateFromBER -- constructor
- * NSSATAV_CreateFromUTF8 -- constructor
- * NSSATAV_Create -- constructor
- *
- * NSSATAV_Destroy
- * NSSATAV_GetDEREncoding
- * NSSATAV_GetUTF8Encoding
- * NSSATAV_GetType
- * NSSATAV_GetValue
- * NSSATAV_Compare
- * NSSATAV_Duplicate
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssATAV_CreateFromBER -- constructor
- * nssATAV_CreateFromUTF8 -- constructor
- * nssATAV_Create -- constructor
- *
- * nssATAV_Destroy
- * nssATAV_GetDEREncoding
- * nssATAV_GetUTF8Encoding
- * nssATAV_GetType
- * nssATAV_GetValue
- * nssATAV_Compare
- * nssATAV_Duplicate
- *
- * In debug builds, the following non-public call is also available:
- *
- * nssATAV_verifyPointer
- */
-
-/*
- * NSSATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berATAV
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- /*
- * NSSBERs can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSBER *)NULL == berATAV ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-
- if( (void *)NULL == berATAV->data ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_CreateFromBER(arenaOpt, berATAV);
-}
-
-/*
- * NSSATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringATAV
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- /*
- * NSSUTF8s can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSUTF8 *)NULL == stringATAV ) {
- nss_SetError(NSS_ERROR_INVALID_UTF8);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_CreateFromUTF8(arenaOpt, stringATAV);
-}
-
-/*
- * NSSATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (const void *)NULL == data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_Create(arenaOpt, oid, data, length);
-}
-
-/*
- * NSSATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-NSSATAV_Destroy
-(
- NSSATAV *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssATAV_Destroy(atav);
-}
-
-/*
- * NSSATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_IMPLEMENT NSSDER *
-NSSATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_GetDEREncoding(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_GetUTF8Encoding(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An element of enum NSSOIDenum upon success
- */
-
-NSS_IMPLEMENT const NSSOID *
-NSSATAV_GetType
-(
- NSSATAV *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_GetType(atav);
-}
-
-/*
- * NSSATAV_GetValue
- *
- * This routine returns a string containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_GetValue(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_IMPLEMENT PRStatus
-NSSATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav1) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssATAV_verifyPointer(atav2) ) {
- return PR_FAILURE;
- }
-
- if( (PRBool *)NULL == equalp ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssATAV_Compare(atav1, atav2, equalp);
-}
-
-/*
- * NSSATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_Duplicate(atav, arenaOpt);
-}
-
-/*
- * The pointer-tracking code
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker atav_pointer_tracker;
-
-static PRStatus
-atav_add_pointer
-(
- const NSSATAV *atav
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&atav_pointer_tracker, atav);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-atav_remove_pointer
-(
- const NSSATAV *atav
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&atav_pointer_tracker, atav);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSATAV object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILRUE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_verifyPointer
-(
- NSSATAV *atav
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&atav_pointer_tracker, atav);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ATAV);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-typedef struct {
- NSSBER oid;
- NSSBER value;
-} atav_holder;
-
-static const nssASN1Template nss_atav_template[] = {
- { nssASN1_SEQUENCE, 0, NULL, sizeof(atav_holder) },
- { nssASN1_OBJECT_ID, nsslibc_offsetof(atav_holder, oid), NULL, 0 },
- { nssASN1_ANY, nsslibc_offsetof(atav_holder, value), NULL, 0 },
- { 0, 0, NULL, 0 }
-};
-
-/*
- * There are several common attributes, with well-known type aliases
- * and value semantics. This table lists the ones we recognize.
- */
-
-struct nss_attribute_data_str {
- const NSSOID **oid;
- nssStringType stringType;
- PRUint32 minStringLength;
- PRUint32 maxStringLength; /* zero for no limit */
-};
-
-static const struct nss_attribute_data_str nss_attribute_data[] = {
- { &NSS_OID_X520_NAME,
- nssStringType_DirectoryString, 1, 32768 },
- { &NSS_OID_X520_COMMON_NAME,
- nssStringType_DirectoryString, 1, 64 },
- { &NSS_OID_X520_SURNAME,
- nssStringType_DirectoryString, 1, 40 },
- { &NSS_OID_X520_GIVEN_NAME,
- nssStringType_DirectoryString, 1, 16 },
- { &NSS_OID_X520_INITIALS,
- nssStringType_DirectoryString, 1, 5 },
- { &NSS_OID_X520_GENERATION_QUALIFIER,
- nssStringType_DirectoryString, 1, 3 },
- { &NSS_OID_X520_DN_QUALIFIER,
- nssStringType_PrintableString, 1, 0 },
- { &NSS_OID_X520_COUNTRY_NAME,
- nssStringType_PrintableString, 2, 2 },
- { &NSS_OID_X520_LOCALITY_NAME,
- nssStringType_DirectoryString, 1, 128 },
- { &NSS_OID_X520_STATE_OR_PROVINCE_NAME,
- nssStringType_DirectoryString, 1, 128 },
- { &NSS_OID_X520_ORGANIZATION_NAME,
- nssStringType_DirectoryString, 1, 64 },
- { &NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
- nssStringType_DirectoryString, 1,
- /*
- * Note, draft #11 defines both "32" and "64" for this maximum,
- * in two separate places. Until it's settled, "conservative
- * in what you send." We're always liberal in what we accept.
- */
- 32 },
- { &NSS_OID_X520_TITLE,
- nssStringType_DirectoryString, 1, 64 },
- { &NSS_OID_RFC1274_EMAIL,
- nssStringType_PHGString, 1, 128 }
-};
-
-PRUint32 nss_attribute_data_quantity =
- (sizeof(nss_attribute_data)/sizeof(nss_attribute_data[0]));
-
-static nssStringType
-nss_attr_underlying_string_form
-(
- nssStringType type,
- void *data
-)
-{
- if( nssStringType_DirectoryString == type ) {
- PRUint8 tag = *(PRUint8 *)data;
- switch( tag & nssASN1_TAGNUM_MASK ) {
- case 20:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- return nssStringType_TeletexString;
- case 19:
- return nssStringType_PrintableString;
- case 28:
- return nssStringType_UniversalString;
- case 30:
- return nssStringType_BMPString;
- case 12:
- return nssStringType_UTF8String;
- default:
- return nssStringType_Unknown;
- }
- }
-
- return type;
-}
-
-
-/*
- * This routine decodes the attribute value, in a type-specific way.
- *
- */
-
-static NSSUTF8 *
-nss_attr_to_utf8
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- NSSItem *item,
- nssStringType *stringForm
-)
-{
- NSSUTF8 *rv = (NSSUTF8 *)NULL;
- PRUint32 i;
- const struct nss_attribute_data_str *which =
- (struct nss_attribute_data_str *)NULL;
- PRUint32 len = 0;
-
- for( i = 0; i < nss_attribute_data_quantity; i++ ) {
- if( *(nss_attribute_data[ i ].oid) == oid ) {
- which = &nss_attribute_data[i];
- break;
- }
- }
-
- if( (struct nss_attribute_data_str *)NULL == which ) {
- /* Unknown OID. Encode it as hex. */
- PRUint8 *c;
- PRUint8 *d = (PRUint8 *)item->data;
- PRUint32 amt = item->size;
-
- if( item->size >= 0x7FFFFFFF ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSUTF8 *)NULL;
- }
-
- len = 1 + (item->size * 2) + 1; /* '#' + hex + '\0' */
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len);
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- c = (PRUint8 *)rv;
- *c++ = '#'; /* XXX fgmr check this */
- while( amt > 0 ) {
- static char hex[16] = "0123456789ABCDEF";
- *c++ = hex[ ((*d) & 0xf0) >> 4 ];
- *c++ = hex[ ((*d) & 0x0f) ];
- }
-
- /* *c = '\0'; nss_ZAlloc, remember */
-
- *stringForm = nssStringType_Unknown; /* force exact comparison */
- } else {
- PRStatus status;
- rv = nssUTF8_CreateFromBER(arenaOpt, which->stringType,
- (NSSBER *)item);
-
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- len = nssUTF8_Length(rv, &status);
- if( PR_SUCCESS != status || len == 0 ) {
- nss_ZFreeIf(rv);
- return (NSSUTF8 *)NULL;
- }
-
- *stringForm = nss_attr_underlying_string_form(which->stringType,
- item->data);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- const NSSBER *berATAV
-)
-{
- atav_holder holder;
- PRStatus status;
- NSSATAV *rv;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- /*
- * NSSBERs can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSBER *)NULL == berATAV ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-
- if( (void *)NULL == berATAV->data ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-#endif /* NSSDEBUG */
-
- status = nssASN1_DecodeBER(arenaOpt, &holder,
- nss_atav_template, berATAV);
- if( PR_SUCCESS != status ) {
- return (NSSATAV *)NULL;
- }
-
- rv = nss_ZNEW(arenaOpt, NSSATAV);
- if( (NSSATAV *)NULL == rv ) {
- nss_ZFreeIf(holder.oid.data);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- rv->oid = nssOID_CreateFromBER(&holder.oid);
- if( (NSSOID *)NULL == rv->oid ) {
- nss_ZFreeIf(rv);
- nss_ZFreeIf(holder.oid.data);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- nss_ZFreeIf(holder.oid.data);
-
- rv->ber.data = nss_ZAlloc(arenaOpt, berATAV->size);
- if( (void *)NULL == rv->ber.data ) {
- nss_ZFreeIf(rv);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- rv->ber.size = berATAV->size;
- (void)nsslibc_memcpy(rv->ber.data, berATAV->data, berATAV->size);
-
- rv->value = nss_attr_to_utf8(arenaOpt, rv->oid, &holder.value,
- &rv->stringForm);
- if( (NSSUTF8 *)NULL == rv->value ) {
- nss_ZFreeIf(rv->ber.data);
- nss_ZFreeIf(rv);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- nss_ZFreeIf(holder.value.data);
-
-#ifdef DEBUG
- if( PR_SUCCESS != atav_add_pointer(rv) ) {
- nss_ZFreeIf(rv->ber.data);
- nss_ZFreeIf(rv->value);
- nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-static PRBool
-nss_atav_utf8_string_is_hex
-(
- const NSSUTF8 *s
-)
-{
- /* All hex digits are ASCII, so this works */
- PRUint8 *p = (PRUint8 *)s;
-
- for( ; (PRUint8)0 != *p; p++ ) {
- if( (('0' <= *p) && (*p <= '9')) ||
- (('A' <= *p) && (*p <= 'F')) ||
- (('a' <= *p) && (*p <= 'f')) ) {
- continue;
- } else {
- return PR_FALSE;
- }
- }
-
- return PR_TRUE;
-}
-
-static NSSUTF8
-nss_atav_fromhex
-(
- NSSUTF8 *d
-)
-{
- NSSUTF8 rv;
-
- if( d[0] <= '9' ) {
- rv = (d[0] - '0') * 16;
- } else if( d[0] >= 'a' ) {
- rv = (d[0] - 'a' + 10) * 16;
- } else {
- rv = (d[0] - 'A' + 10);
- }
-
- if( d[1] <= '9' ) {
- rv += (d[1] - '0');
- } else if( d[1] >= 'a' ) {
- rv += (d[1] - 'a' + 10);
- } else {
- rv += (d[1] - 'A' + 10);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- const NSSUTF8 *stringATAV
-)
-{
- char *c;
- NSSUTF8 *type;
- NSSUTF8 *value;
- PRUint32 i;
- const NSSOID *oid = (NSSOID *)NULL;
- NSSATAV *rv;
- NSSItem xitem;
-
- xitem.data = (void *)NULL;
-
- for( c = (char *)stringATAV; '\0' != *c; c++ ) {
- if( '=' == *c ) {
-#ifdef PEDANTIC
- /*
- * Theoretically, one could have an '=' in an
- * attribute string alias. We don't, yet, though.
- */
- if( (char *)stringATAV == c ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- } else {
- if( '\\' == c[-1] ) {
- continue;
- }
- }
-#endif /* PEDANTIC */
- break;
- }
- }
-
- if( '\0' == *c ) {
- nss_SetError(NSS_ERROR_INVALID_UTF8);
- return (NSSATAV *)NULL;
- } else {
- c++;
- value = (NSSUTF8 *)c;
- }
-
- i = ((NSSUTF8 *)c - stringATAV);
- type = (NSSUTF8 *)nss_ZAlloc((NSSArena *)NULL, i);
- if( (NSSUTF8 *)NULL == type ) {
- return (NSSATAV *)NULL;
- }
-
- (void)nsslibc_memcpy(type, stringATAV, i-1);
-
- c = (char *)stringATAV;
- if( (('0' <= *c) && (*c <= '9')) || ('#' == *c) ) {
- oid = nssOID_CreateFromUTF8(type);
- if( (NSSOID *)NULL == oid ) {
- nss_ZFreeIf(type);
- return (NSSATAV *)NULL;
- }
- } else {
- for( i = 0; i < nss_attribute_type_alias_count; i++ ) {
- PRStatus status;
- const nssAttributeTypeAliasTable *e = &nss_attribute_type_aliases[i];
- PRBool match = nssUTF8_CaseIgnoreMatch(type, e->alias, &status);
- if( PR_SUCCESS != status ) {
- nss_ZFreeIf(type);
- return (NSSATAV *)NULL;
- }
- if( PR_TRUE == match ) {
- oid = *(e->oid);
- break;
- }
- }
-
- if( (NSSOID *)NULL == oid ) {
- nss_ZFreeIf(type);
- nss_SetError(NSS_ERROR_UNKNOWN_ATTRIBUTE);
- return (NSSATAV *)NULL;
- }
- }
-
- nss_ZFreeIf(type);
- type = (NSSUTF8 *)NULL;
-
- rv = nss_ZNEW(arenaOpt, NSSATAV);
- if( (NSSATAV *)NULL == rv ) {
- return (NSSATAV *)NULL;
- }
-
- rv->oid = oid;
-
- if( '#' == *value ) { /* XXX fgmr.. was it '#'? or backslash? */
- PRUint32 size;
- PRUint32 len;
- NSSUTF8 *c;
- NSSUTF8 *d;
- PRStatus status;
- /* It's in hex */
-
- value++;
- if( PR_TRUE != nss_atav_utf8_string_is_hex(value) ) {
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- }
-
- size = nssUTF8_Size(value, &status);
- if( PR_SUCCESS != status ) {
- /*
- * Only returns an error on bad pointer (nope) or string
- * too long. The defined limits for known attributes are
- * small enough to fit in PRUint32, and when undefined we
- * get to apply our own practical limits. Ergo, I say the
- * string is invalid.
- */
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- }
-
- if( ((size-1) & 1) ) {
- /* odd length */
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- }
-
- len = (size-1)/2;
-
- rv->value = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len+1);
- if( (NSSUTF8 *)NULL == rv->value ) {
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- xitem.size = len;
- xitem.data = (void *)rv->value;
-
- for( c = rv->value, d = value; len--; c++, d += 2 ) {
- *c = nss_atav_fromhex(d);
- }
-
- *c = 0;
- } else {
- PRStatus status;
- PRUint32 i, len;
- PRUint8 *s;
-
- /*
- * XXX fgmr-- okay, this is a little wasteful, and should
- * probably be abstracted out a bit. Later.
- */
-
- rv->value = nssUTF8_Duplicate(value, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->value ) {
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- len = nssUTF8_Size(rv->value, &status);
- if( PR_SUCCESS != status ) {
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- s = (PRUint8 *)rv->value;
- for( i = 0; i < len; i++ ) {
- if( '\\' == s[i] ) {
- (void)nsslibc_memcpy(&s[i], &s[i+1], len-i-1);
- }
- }
- }
-
- /* Now just BER-encode the baby and we're through.. */
- {
- const struct nss_attribute_data_str *which =
- (struct nss_attribute_data_str *)NULL;
- PRUint32 i;
- NSSArena *a;
- NSSDER *oidder;
- NSSItem *vitem;
- atav_holder ah;
- NSSDER *status;
-
- for( i = 0; i < nss_attribute_data_quantity; i++ ) {
- if( *(nss_attribute_data[ i ].oid) == rv->oid ) {
- which = &nss_attribute_data[i];
- break;
- }
- }
-
- a = NSSArena_Create();
- if( (NSSArena *)NULL == a ) {
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- oidder = nssOID_GetDEREncoding(rv->oid, (NSSDER *)NULL, a);
- if( (NSSDER *)NULL == oidder ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- if( (struct nss_attribute_data_str *)NULL == which ) {
- /*
- * We'll just have to take the user data as an octet stream.
- */
- if( (void *)NULL == xitem.data ) {
- /*
- * This means that an ATTR entry has been added to oids.txt,
- * but no corresponding entry has been added to the array
- * ns_attribute_data[] above.
- */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- vitem = nssASN1_EncodeItem(a, (NSSDER *)NULL, &xitem,
- nssASN1Template_OctetString, NSSASN1DER);
- if( (NSSItem *)NULL == vitem ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- rv->stringForm = nssStringType_Unknown;
- } else {
- PRUint32 length = 0;
- PRStatus stat;
-
- length = nssUTF8_Length(rv->value, &stat);
- if( PR_SUCCESS != stat ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- if( ((0 != which->minStringLength) &&
- (length < which->minStringLength)) ||
- ((0 != which->maxStringLength) &&
- (length > which->maxStringLength)) ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- vitem = nssUTF8_GetDEREncoding(a, which->stringType, rv->value);
- if( (NSSItem *)NULL == vitem ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- if( nssStringType_DirectoryString == which->stringType ) {
- rv->stringForm = nssStringType_UTF8String;
- } else {
- rv->stringForm = which->stringType;
- }
- }
-
- ah.oid = *oidder;
- ah.value = *vitem;
-
- status = nssASN1_EncodeItem(arenaOpt, &rv->ber, &ah,
- nss_atav_template, NSSASN1DER);
-
- if( (NSSDER *)NULL == status ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- (void)NSSArena_Destroy(a);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-)
-{
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (const void *)NULL == data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSATAV *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /* XXX fgmr-- oops, forgot this one */
- return (NSSATAV *)NULL;
-}
-
-/*
- * nssATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_Destroy
-(
- NSSATAV *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- (void)nss_ZFreeIf(atav->ber.data);
- (void)nss_ZFreeIf(atav->value);
-
-#ifdef DEBUG
- if( PR_SUCCESS != atav_remove_pointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_IMPLEMENT NSSDER *
-nssATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- NSSDER *rv;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSDER *)NULL;
- }
-#endif /* NSSDEBUG */
-
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
-
- rv->data = nss_ZAlloc(arenaOpt, atav->ber.size);
- if( (void *)NULL == rv->data ) {
- (void)nss_ZFreeIf(rv);
- return (NSSDER *)NULL;
- }
-
- rv->size = atav->ber.size;
- if( NULL == nsslibc_memcpy(rv->data, atav->ber.data, rv->size) ) {
- (void)nss_ZFreeIf(rv->data);
- (void)nss_ZFreeIf(rv);
- return (NSSDER *)NULL;
- }
-
- return rv;
-}
-
-/*
- * nssATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- PRUint32 i;
- const NSSUTF8 *alias = (NSSUTF8 *)NULL;
- NSSUTF8 *oid;
- NSSUTF8 *value;
- PRUint32 oidlen;
- PRUint32 valuelen;
- PRUint32 totallen;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- for( i = 0; i < nss_attribute_type_alias_count; i++ ) {
- if( *(nss_attribute_type_aliases[i].oid) == atav->oid ) {
- alias = nss_attribute_type_aliases[i].alias;
- break;
- }
- }
-
- if( (NSSUTF8 *)NULL == alias ) {
- oid = nssOID_GetUTF8Encoding(atav->oid, (NSSArena *)NULL);
- if( (NSSUTF8 *)NULL == oid ) {
- return (NSSUTF8 *)NULL;
- }
-
- oidlen = nssUTF8_Size(oid, &status);
- if( PR_SUCCESS != status ) {
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
- } else {
- oidlen = nssUTF8_Size(alias, &status);
- if( PR_SUCCESS != status ) {
- return (NSSUTF8 *)NULL;
- }
- oid = (NSSUTF8 *)NULL;
- }
-
- value = nssATAV_GetValue(atav, (NSSArena *)NULL);
- if( (NSSUTF8 *)NULL == value ) {
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- valuelen = nssUTF8_Size(value, &status);
- if( PR_SUCCESS != status ) {
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- totallen = oidlen + valuelen - 1 + 1;
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, totallen);
- if( (NSSUTF8 *)NULL == rv ) {
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSUTF8 *)NULL == alias ) {
- if( (void *)NULL == nsslibc_memcpy(rv, oid, oidlen-1) ) {
- (void)nss_ZFreeIf(rv);
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
- } else {
- if( (void *)NULL == nsslibc_memcpy(rv, alias, oidlen-1) ) {
- (void)nss_ZFreeIf(rv);
- (void)nss_ZFreeIf(value);
- return (NSSUTF8 *)NULL;
- }
- }
-
- rv[ oidlen-1 ] = '=';
-
- if( (void *)NULL == nsslibc_memcpy(&rv[oidlen], value, valuelen) ) {
- (void)nss_ZFreeIf(rv);
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- return rv;
-}
-
-/*
- * nssATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * A valid NSSOID pointer upon success
- */
-
-NSS_IMPLEMENT const NSSOID *
-nssATAV_GetType
-(
- NSSATAV *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSOID *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return atav->oid;
-}
-
-/*
- * nssATAV_GetValue
- *
- * This routine returns a NSSUTF8 string containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error upon the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return nssUTF8_Duplicate(atav->value, arenaOpt);
-}
-
-/*
- * nssATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have set an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-)
-{
- nssStringType comparison;
- PRUint32 len1;
- PRUint32 len2;
- PRStatus status;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav1) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssATAV_verifyPointer(atav2) ) {
- return PR_FAILURE;
- }
-
- if( (PRBool *)NULL == equalp ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( atav1->oid != atav2->oid ) {
- *equalp = PR_FALSE;
- return PR_SUCCESS;
- }
-
- if( atav1->stringForm != atav2->stringForm ) {
- if( (nssStringType_PrintableString == atav1->stringForm) ||
- (nssStringType_PrintableString == atav2->stringForm) ) {
- comparison = nssStringType_PrintableString;
- } else if( (nssStringType_PHGString == atav1->stringForm) ||
- (nssStringType_PHGString == atav2->stringForm) ) {
- comparison = nssStringType_PHGString;
- } else {
- comparison = atav1->stringForm;
- }
- } else {
- comparison = atav1->stringForm;
- }
-
- switch( comparison ) {
- case nssStringType_DirectoryString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- case nssStringType_TeletexString:
- break;
- case nssStringType_PrintableString:
- *equalp = nssUTF8_PrintableMatch(atav1->value, atav2->value, &status);
- return status;
- /* Case-insensitive, with whitespace reduction */
- break;
- case nssStringType_UniversalString:
- break;
- case nssStringType_BMPString:
- break;
- case nssStringType_GeneralString:
- /* what to do here? */
- break;
- case nssStringType_UTF8String:
- break;
- case nssStringType_PHGString:
- /* Case-insensitive (XXX fgmr, actually see draft-11 pg. 21) */
- *equalp = nssUTF8_CaseIgnoreMatch(atav1->value, atav2->value, &status);
- return status;
- case nssStringType_Unknown:
- break;
- }
-
- len1 = nssUTF8_Size(atav1->value, &status);
- if( PR_SUCCESS != status ) {
- return PR_FAILURE;
- }
-
- len2 = nssUTF8_Size(atav2->value, &status);
- if( PR_SUCCESS != status ) {
- return PR_FAILURE;
- }
-
- if( len1 != len2 ) {
- *equalp = PR_FALSE;
- return PR_SUCCESS;
- }
-
- *equalp = nsslibc_memequal(atav1->value, atav2->value, len1, &status);
- return status;
-}
-
-
-/*
- * nssATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- NSSATAV *rv;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- rv = nss_ZNEW(arenaOpt, NSSATAV);
- if( (NSSATAV *)NULL == rv ) {
- return (NSSATAV *)NULL;
- }
-
- rv->oid = atav->oid;
- rv->stringForm = atav->stringForm;
- rv->value = nssUTF8_Duplicate(atav->value, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->value ) {
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- rv->ber.data = nss_ZAlloc(arenaOpt, atav->ber.size);
- if( (void *)NULL == rv->ber.data ) {
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- rv->ber.size = atav->ber.size;
- if( NULL == nsslibc_memcpy(rv->ber.data, atav->ber.data,
- atav->ber.size) ) {
- (void)nss_ZFreeIf(rv->ber.data);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- return rv;
-}
diff --git a/security/nss/lib/pki1/config.mk b/security/nss/lib/pki1/config.mk
deleted file mode 100644
index d4162dee3..000000000
--- a/security/nss/lib/pki1/config.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS =
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
diff --git a/security/nss/lib/pki1/genname.c b/security/nss/lib/pki1/genname.c
deleted file mode 100644
index e7b12806a..000000000
--- a/security/nss/lib/pki1/genname.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * genname.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * GeneralName.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * GeneralName
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] INSTANCE OF OTHER-NAME,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- * OTHER-NAME ::= TYPE-IDENTIFIER
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString {ub-name} OPTIONAL,
- * partyName [1] DirectoryString {ub-name} }
- *
- */
-
-struct nssGeneralNameStr {
- NSSGeneralNameChoice choice;
- union {
- /* OTHER-NAME otherName */
- NSSUTF8 *rfc822Name;
- NSSUTF8 *dNSName;
- /* ORAddress x400Address */
- NSSName *directoryName;
- /* EDIPartyName ediPartyName */
- NSSUTF8 *uniformResourceIdentifier;
- NSSItem *iPAddress;
- NSSOID *registeredID;
- } u;
-};
diff --git a/security/nss/lib/pki1/gnseq.c b/security/nss/lib/pki1/gnseq.c
deleted file mode 100644
index e56ec93b9..000000000
--- a/security/nss/lib/pki1/gnseq.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * gnseq.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * GeneralNames (note the ending 's').
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * GeneralNames (or, as we call it, GeneralNameSeq)
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * A GeneralNames is simply an (ordered) sequence of General Names.
- * The seqSize variable is "helper" kept for simplicity.
- */
-
-struct nssGeneralNameSeqStr {
- PRUint32 seqSize;
- NSSGeneralName **generalNames;
-};
diff --git a/security/nss/lib/pki1/manifest.mn b/security/nss/lib/pki1/manifest.mn
deleted file mode 100644
index 23f9cfc52..000000000
--- a/security/nss/lib/pki1/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-# In 4.0, move nss*.h back to EXPORTS
-PRIVATE_EXPORTS = \
- oiddata.h \
- pki1.h \
- pki1t.h \
- nsspki1.h \
- nsspki1t.h \
- $(NULL)
-
-EXPORTS = \
- $(NULL)
-
-MODULE = nss
-
-CSRCS = $(NULL)
-xCSRCS = \
- atav.c \
- genname.c \
- gnseq.c \
- name.c \
- oid.c \
- oiddata.c \
- rdn.c \
- rdnseq.c \
- $(NULL)
-
-REQUIRES = nspr
-
-#LIBRARY_NAME = pki1
diff --git a/security/nss/lib/pki1/name.c b/security/nss/lib/pki1/name.c
deleted file mode 100644
index 558e1142f..000000000
--- a/security/nss/lib/pki1/name.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * name.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * Name.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * Name
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * -- naming data types --
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- * A name is basically a union of the possible names. At the moment,
- * there is only one type of name: an RDNSequence.
- */
-
-struct nssNameStr {
- PRUint32 tagPlaceHolder;
- union {
- NSSRDNSeq *rdnSequence;
- } n;
-};
-
diff --git a/security/nss/lib/pki1/nsspki1.h b/security/nss/lib/pki1/nsspki1.h
deleted file mode 100644
index 3498ab520..000000000
--- a/security/nss/lib/pki1/nsspki1.h
+++ /dev/null
@@ -1,2869 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI1_H
-#define NSSPKI1_H
-
-#ifdef DEBUG
-static const char NSSPKI1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki1.h
- *
- * This file contains the prototypes of the public NSS routines
- * dealing with the PKIX part-1 definitions.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-#ifndef OIDDATA_H
-#include "oiddata.h"
-#endif /* OIDDATA_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSOID
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSOID_CreateFromBER -- constructor
- * NSSOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * NSSOID_GetDEREncoding
- * NSSOID_GetUTF8Encoding
- */
-
-extern const NSSOID *NSS_OID_UNKNOWN;
-
-/*
- * NSSOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NSS_OID_UNKNOWN upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromBER
-(
- NSSBER *berOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_STRING;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-NSSOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSATAV_CreateFromBER -- constructor
- * NSSATAV_CreateFromUTF8 -- constructor
- * NSSATAV_Create -- constructor
- *
- * NSSATAV_Destroy
- * NSSATAV_GetDEREncoding
- * NSSATAV_GetUTF8Encoding
- * NSSATAV_GetType
- * NSSATAV_GetValue
- * NSSATAV_Compare
- * NSSATAV_Duplicate
- */
-
-/*
- * NSSATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *derATAV
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringATAV
-);
-
-extern const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE;
-extern const NSSError NSS_ERROR_INVALID_STRING;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSATAV_Destroy
-(
- NSSATAV *atav
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-
-/*
- * NSSATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_EXTERN NSSDER *
-NSSATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An element of enum NSSOIDenum upon success
- */
-
-NSS_EXTERN const NSSOID *
-NSSATAV_GetType
-(
- NSSATAV *atav
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-
-/*
- * NSSATAV_GetValue
- *
- * This routine returns an NSSItem containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
-
-/*
- * NSSATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSRDN
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSRDN_CreateFromBER -- constructor
- * NSSRDN_CreateFromUTF8 -- constructor
- * NSSRDN_Create -- constructor
- * NSSRDN_CreateSimple -- constructor
- *
- * NSSRDN_Destroy
- * NSSRDN_GetDEREncoding
- * NSSRDN_GetUTF8Encoding
- * NSSRDN_AddATAV
- * NSSRDN_GetATAVCount
- * NSSRDN_GetATAV
- * NSSRDN_GetSimpleATAV
- * NSSRDN_Compare
- * NSSRDN_Duplicate
- */
-
-/*
- * NSSRDN_CreateFromBER
- *
- * This routine creates an NSSRDN by decoding a BER- or DER-encoded
- * RDN. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDN
-);
-
-/*
- * NSSRDN_CreateFromUTF8
- *
- * This routine creates an NSSRDN by decoding an UTF8 string
- * consisting of either a single ATAV in the "equals" format, e.g.,
- * "uid=smith," or one or more such ATAVs in parentheses, e.g.,
- * "(sn=Smith,ou=Sales)." If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDN
-);
-
-/*
- * NSSRDN_Create
- *
- * This routine creates an NSSRDN from one or more NSSATAVs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_Create
-(
- NSSArena *arenaOpt,
- NSSATAV *atav1,
- ...
-);
-
-/*
- * NSSRDN_CreateSimple
- *
- * This routine creates a simple NSSRDN from a single NSSATAV. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateSimple
-(
- NSSArena *arenaOpt,
- NSSATAV *atav
-);
-
-/*
- * NSSRDN_Destroy
- *
- * This routine will destroy an RDN object. It should eventually be
- * called on all RDNs created without an arena. While it is not
- * necessary to call it on RDNs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_Destroy
-(
- NSSRDN *rdn
-);
-
-/*
- * NSSRDN_GetDEREncoding
- *
- * This routine will DER-encode an RDN object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDN
- */
-
-NSS_EXTERN NSSDER *
-NSSRDN_GetDEREncoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDN. A simple (one-ATAV) RDN will be simply
- * the string representation of that ATAV; a non-simple RDN will be in
- * parenthesised form. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * null upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSRDN_GetUTF8Encoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_AddATAV
- *
- * This routine adds an ATAV to the set of ATAVs in the specified RDN.
- * Remember that RDNs consist of an unordered set of ATAVs. If the
- * RDN was created with a non-null arena argument, that same arena
- * will be used for any additional required memory. If the RDN was
- * created with a NULL arena argument, any additional memory will
- * be obtained from the heap. This routine returns a PRStatus value;
- * it will return PR_SUCCESS upon success, and upon failure it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_AddATAV
-(
- NSSRDN *rdn,
- NSSATAV *atav
-);
-
-/*
- * NSSRDN_GetATAVCount
- *
- * This routine returns the cardinality of the set of ATAVs within
- * the specified RDN. This routine may return 0 upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSRDN_GetATAVCount
-(
- NSSRDN *rdn
-);
-
-/*
- * NSSRDN_GetATAV
- *
- * This routine returns a pointer to an ATAV that is a member of
- * the set of ATAVs within the specified RDN. While the set of
- * ATAVs within an RDN is unordered, this routine will return
- * distinct values for distinct values of 'i' as long as the RDN
- * is not changed in any way. The RDN may be changed by calling
- * NSSRDN_AddATAV. The value of the variable 'i' is on the range
- * [0,c) where c is the cardinality returned from NSSRDN_GetATAVCount.
- * The caller owns the ATAV the pointer to which is returned. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSRDN_GetATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * NSSRDN_GetSimpleATAV
- *
- * Most RDNs are actually very simple, with a single ATAV. This
- * routine will return the single ATAV from such an RDN. The caller
- * owns the ATAV the pointer to which is returned. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, including the case where
- * the set of ATAVs in the RDN is nonsingular. Upon error, this
- * routine will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_RDN_NOT_SIMPLE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSRDN_GetSimpleATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_Compare
- *
- * This routine compares two RDNs for equality. For two RDNs to be
- * equal, they must have the same number of ATAVs, and every ATAV in
- * one must be equal to an ATAV in the other. (Note that the sets
- * of ATAVs are unordered.) The result of the comparison will be
- * stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_Compare
-(
- NSSRDN *rdn1,
- NSSRDN *rdn2,
- PRBool *equalp
-);
-
-/*
- * NSSRDN_Duplicate
- *
- * This routine duplicates the specified RDN. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new RDN
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_Duplicate
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSRDNSeq_CreateFromBER -- constructor
- * NSSRDNSeq_CreateFromUTF8 -- constructor
- * NSSRDNSeq_Create -- constructor
- *
- * NSSRDNSeq_Destroy
- * NSSRDNSeq_GetDEREncoding
- * NSSRDNSeq_GetUTF8Encoding
- * NSSRDNSeq_AppendRDN
- * NSSRDNSeq_GetRDNCount
- * NSSRDNSeq_GetRDN
- * NSSRDNSeq_Compare
- * NSSRDNSeq_Duplicate
- */
-
-/*
- * NSSRDNSeq_CreateFromBER
- *
- * This routine creates an NSSRDNSeq by decoding a BER- or DER-encoded
- * sequence of RDNs. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDNSeq
-);
-
-/*
- * NSSRDNSeq_CreateFromUTF8
- *
- * This routine creates an NSSRDNSeq by decoding a UTF8 string
- * consisting of a comma-separated sequence of RDNs, such as
- * "(sn=Smith,ou=Sales),o=Acme,c=US." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDNSeq
-);
-
-/*
- * NSSRDNSeq_Create
- *
- * This routine creates an NSSRDNSeq from one or more NSSRDNs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * NULL upon error
- * A pointero to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_Create
-(
- NSSArena *arenaOpt,
- NSSRDN *rdn1,
- ...
-);
-
-/*
- * NSSRDNSeq_Destroy
- *
- * This routine will destroy an RDNSeq object. It should eventually
- * be called on all RDNSeqs created without an arena. While it is not
- * necessary to call it on RDNSeqs created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_Destroy
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * NSSRDNSeq_GetDEREncoding
- *
- * This routine will DER-encode an RDNSeq object. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDNSeq
- */
-
-NSS_EXTERN NSSDER *
-NSSRDNSeq_GetDEREncoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDNSeq as a comma-separated sequence of RDNs.
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSRDNSeq_GetUTF8Encoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq_AppendRDN
- *
- * This routine appends an RDN to the end of the existing RDN
- * sequence. If the RDNSeq was created with a non-null arena
- * argument, that same arena will be used for any additional required
- * memory. If the RDNSeq was created with a NULL arena argument, any
- * additional memory will be obtained from the heap. This routine
- * returns a PRStatus value; it will return PR_SUCCESS upon success,
- * and upon failure it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_AppendRDN
-(
- NSSRDNSeq *rdnseq,
- NSSRDN *rdn
-);
-
-/*
- * NSSRDNSeq_GetRDNCount
- *
- * This routine returns the cardinality of the sequence of RDNs within
- * the specified RDNSeq. This routine may return 0 upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSRDNSeq_GetRDNCount
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * NSSRDNSeq_GetRDN
- *
- * This routine returns a pointer to the i'th RDN in the sequence of
- * RDNs that make up the specified RDNSeq. The sequence begins with
- * the top-level (e.g., "c=US") RDN. The value of the variable 'i'
- * is on the range [0,c) where c is the cardinality returned from
- * NSSRDNSeq_GetRDNCount. The caller owns the RDN the pointer to which
- * is returned. If the optional arena argument is non-null, the memory
- * used will be obtained from that areana; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack. Note that the
- * usual string representation of RDN Sequences is from last to first.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDN
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDNSeq_GetRDN
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * NSSRDNSeq_Compare
- *
- * This routine compares two RDNSeqs for equality. For two RDNSeqs to
- * be equal, they must have the same number of RDNs, and each RDN in
- * one sequence must be equal to the corresponding RDN in the other
- * sequence. The result of the comparison will be stored at the
- * location pointed to by the "equalp" variable, which must point to a
- * valid PRBool. This routine may return PR_FAILURE upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_Compare
-(
- NSSRDNSeq *rdnseq1,
- NSSRDNSeq *rdnseq2,
- PRBool *equalp
-);
-
-/*
- * NSSRDNSeq_Duplicate
- *
- * This routine duplicates the specified RDNSeq. If the optional arena
- * argument is non-null, the memory required will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new RDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_Duplicate
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSName_CreateFromBER -- constructor
- * NSSName_CreateFromUTF8 -- constructor
- * NSSName_Create -- constructor
- *
- * NSSName_Destroy
- * NSSName_GetDEREncoding
- * NSSName_GetUTF8Encoding
- * NSSName_GetChoice
- * NSSName_GetRDNSequence
- * NSSName_GetSpecifiedChoice
- * NSSName_Compare
- * NSSName_Duplicate
- *
- * NSSName_GetUID
- * NSSName_GetEmail
- * NSSName_GetCommonName
- * NSSName_GetOrganization
- * NSSName_GetOrganizationalUnits
- * NSSName_GetStateOrProvince
- * NSSName_GetLocality
- * NSSName_GetCountry
- * NSSName_GetAttribute
- */
-
-/*
- * NSSName_CreateFromBER
- *
- * This routine creates an NSSName by decoding a BER- or DER-encoded
- * (directory) Name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have created an error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berName
-);
-
-/*
- * NSSName_CreateFromUTF8
- *
- * This routine creates an NSSName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * (directory) names. Currently the only choice is an RDNSeq. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. The routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringName
-);
-
-/*
- * NSSName_Create
- *
- * This routine creates an NSSName with the specified choice of
- * underlying name types. The value of the choice variable must be
- * one of the values of the NSSNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ======================== ===========
- * NSSNameChoiceRdnSequence NSSRDNSeq *
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_Create
-(
- NSSArena *arenaOpt,
- NSSNameChoice choice,
- void *arg
-);
-
-/*
- * NSSName_Destroy
- *
- * This routine will destroy a Name object. It should eventually be
- * called on all Names created without an arena. While it is not
- * necessary to call it on Names created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSName_Destroy
-(
- NSSName *name
-);
-
-/*
- * NSSName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSName
- */
-
-NSS_EXTERN NSSDER *
-NSSName_GetDEREncoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the Name in the format specified by the
- * underlying name choice. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSName_GetUTF8Encoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetChoice
- *
- * This routine returns the type of the choice underlying the specified
- * name. The return value will be a member of the NSSNameChoice
- * enumeration. This routine may return NSSNameChoiceInvalid upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * NSSNameChoiceInvalid upon error
- * An other member of the NSSNameChoice enumeration upon success
- */
-
-NSS_EXTERN NSSNameChoice
-NSSName_GetChoice
-(
- NSSName *name
-);
-
-/*
- * NSSName_GetRDNSequence
- *
- * If the choice underlying the specified NSSName is that of an
- * RDNSequence, this routine will return a pointer to that RDN
- * sequence. Otherwise, this routine will place an error on the
- * error stack, and return NULL. If the optional arena argument is
- * non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The
- * caller owns the returned pointer. This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSName_GetRDNSequence
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSName matches the specified
- * choice, a caller-owned pointer to that underlying object will be
- * returned. Otherwise, an error will be placed on the error stack and
- * NULL will be returned. If the optional arena argument is non-null,
- * the memory required will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-NSSName_GetSpecifiedChoice
-(
- NSSName *name,
- NSSNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_Compare
- *
- * This routine compares two Names for equality. For two Names to be
- * equal, they must have the same choice of underlying types, and the
- * underlying values must be equal. The result of the comparison will
- * be stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSName_Compare
-(
- NSSName *name1,
- NSSName *name2,
- PRBool *equalp
-);
-
-/*
- * NSSName_Duplicate
- *
- * This routine duplicates the specified nssname. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSName
- */
-
-NSS_EXTERN NSSName *
-NSSName_Duplicate
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a UID attribute, the UID will be the value of
- * that attribute. Note that no UID attribute is defined in either
- * PKIX or PKCS#9; rather, this seems to derive from RFC 1274, which
- * defines the type as a caseIgnoreString. We'll return a Directory
- * String. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetUID
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing either a PKIX email address or a PKCS#9 email
- * address, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5 String */
-NSSName_GetEmail
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a PKIX Common Name, the result will be that name. If
- * the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetCommonName
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified name, if the choices and content of the name permit.
- * If Name consists of a Sequence of Relative Distinguished names
- * containing a PKIX Organization, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetOrganization
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified name, if the choices and content of
- * the name permit. If the Name consists of a Sequence of Relative
- * Distinguished Names containing one or more organisational units,
- * the result will be the values of those attributes. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-NSSName_GetOrganizationalUnits
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a state or province, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetStateOrProvince
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetLocality
- *
- * This routine will attempt to derive a locality name from the
- * specified name, if the choices and content of the name permit. If
- * the Name consists of a Sequence of Relative Distinguished names
- * containing a Locality, the result will be the value of that
- * attribute. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetLocality
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a Country, the result will be the value of
- * that attribute.. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-NSSName_GetCountry
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetAttribute
- *
- * If the specified name consists of a Sequence of Relative
- * Distinguished Names containing an attribute with the specified
- * type, and the actual value of that attribute may be expressed
- * with a Directory String, then the value of that attribute will
- * be returned as a Directory String. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetAttribute
-(
- NSSName *name,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSGeneralName_CreateFromBER -- constructor
- * NSSGeneralName_CreateFromUTF8 -- constructor
- * NSSGeneralName_Create -- constructor
- *
- * NSSGeneralName_Destroy
- * NSSGeneralName_GetDEREncoding
- * NSSGeneralName_GetUTF8Encoding
- * NSSGeneralName_GetChoice
- * NSSGeneralName_GetOtherName
- * NSSGeneralName_GetRfc822Name
- * NSSGeneralName_GetDNSName
- * NSSGeneralName_GetX400Address
- * NSSGeneralName_GetDirectoryName
- * NSSGeneralName_GetEdiPartyName
- * NSSGeneralName_GetUniformResourceIdentifier
- * NSSGeneralName_GetIPAddress
- * NSSGeneralName_GetRegisteredID
- * NSSGeneralName_GetSpecifiedChoice
- * NSSGeneralName_Compare
- * NSSGeneralName_Duplicate
- *
- * NSSGeneralName_GetUID
- * NSSGeneralName_GetEmail
- * NSSGeneralName_GetCommonName
- * NSSGeneralName_GetOrganization
- * NSSGeneralName_GetOrganizationalUnits
- * NSSGeneralName_GetStateOrProvince
- * NSSGeneralName_GetLocality
- * NSSGeneralName_GetCountry
- * NSSGeneralName_GetAttribute
- */
-
-/*
- * NSSGeneralName_CreateFromBER
- *
- * This routine creates an NSSGeneralName by decoding a BER- or DER-
- * encoded general name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralName
-);
-
-/*
- * NSSGeneralName_CreateFromUTF8
- *
- * This routine creates an NSSGeneralName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * general names. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringGeneralName
-);
-
-/*
- * NSSGeneralName_Create
- *
- * This routine creates an NSSGeneralName with the specified choice of
- * underlying name types. The value of the choice variable must be one
- * of the values of the NSSGeneralNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ============================================ =========
- * NSSGeneralNameChoiceOtherName
- * NSSGeneralNameChoiceRfc822Name
- * NSSGeneralNameChoiceDNSName
- * NSSGeneralNameChoiceX400Address
- * NSSGeneralNameChoiceDirectoryName NSSName *
- * NSSGeneralNameChoiceEdiPartyName
- * NSSGeneralNameChoiceUniformResourceIdentifier
- * NSSGeneralNameChoiceIPAddress
- * NSSGeneralNameChoiceRegisteredID
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one fo the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_Create
-(
- NSSGeneralNameChoice choice,
- void *arg
-);
-
-/*
- * NSSGeneralName_Destroy
- *
- * This routine will destroy a General Name object. It should
- * eventually be called on all General Names created without an arena.
- * While it is not necessary to call it on General Names created within
- * an arena, it is not an error to do so. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * usuccessful, it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralName_Destroy
-(
- NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralName
- */
-
-NSS_EXTERN NSSDER *
-NSSGeneralName_GetDEREncoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the General Name in the format specified by the
- * underlying name choice. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSGeneralName_GetUTF8Encoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetChoice
- *
- * This routine returns the type of choice underlying the specified
- * general name. The return value will be a member of the
- * NSSGeneralNameChoice enumeration. This routine may return
- * NSSGeneralNameChoiceInvalid upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NSSGeneralNameChoiceInvalid upon error
- * An other member of the NSSGeneralNameChoice enumeration
- */
-
-NSS_EXTERN NSSGeneralNameChoice
-NSSGeneralName_GetChoice
-(
- NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralName_GetOtherName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * Other Name, this routine will return a pointer to that Other name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSOtherName
- */
-
-NSS_EXTERN NSSOtherName *
-NSSGeneralName_GetOtherName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetRfc822Name
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * RFC 822 Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRFC822Name
- */
-
-NSS_EXTERN NSSRFC822Name *
-NSSGeneralName_GetRfc822Name
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetDNSName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * DNS Name, this routine will return a pointer to that DNS name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSDNSName
- */
-
-NSS_EXTERN NSSDNSName *
-NSSGeneralName_GetDNSName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetX400Address
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * X.400 Address, this routine will return a pointer to that Address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSX400Address
- */
-
-NSS_EXTERN NSSX400Address *
-NSSGeneralName_GetX400Address
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetDirectoryName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * (directory) Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSName
- */
-
-NSS_EXTERN NSSName *
-NSSGeneralName_GetName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetEdiPartyName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * EDI Party Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSEdiPartyName
- */
-
-NSS_EXTERN NSSEdiPartyName *
-NSSGeneralName_GetEdiPartyName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUniformResourceIdentifier
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * URI, this routine will return a pointer to that URI.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSURI
- */
-
-NSS_EXTERN NSSURI *
-NSSGeneralName_GetUniformResourceIdentifier
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetIPAddress
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * IP Address , this routine will return a pointer to that address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSIPAddress
- */
-
-NSS_EXTERN NSSIPAddress *
-NSSGeneralName_GetIPAddress
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetRegisteredID
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * Registered ID, this routine will return a pointer to that ID.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRegisteredID
- */
-
-NSS_EXTERN NSSRegisteredID *
-NSSGeneralName_GetRegisteredID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSGeneralName matches the
- * specified choice, a caller-owned pointer to that underlying object
- * will be returned. Otherwise, an error will be placed on the error
- * stack and NULL will be returned. If the optional arena argument
- * is non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The caller
- * owns the returned pointer. This routine may return NULL upon
- * error, in which caes it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-NSSGeneralName_GetSpecifiedChoice
-(
- NSSGeneralName *generalName,
- NSSGeneralNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_Compare
- *
- * This routine compares two General Names for equality. For two
- * General Names to be equal, they must have the same choice of
- * underlying types, and the underlying values must be equal. The
- * result of the comparison will be stored at the location pointed
- * to by the "equalp" variable, which must point to a valid PRBool.
- * This routine may return PR_FAILURE upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following value:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralName_Compare
-(
- NSSGeneralName *generalName1,
- NSSGeneralName *generalName2,
- PRBool *equalp
-);
-
-/*
- * NSSGeneralName_Duplicate
- *
- * This routine duplicates the specified General Name. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSGeneralName
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_Duplicate
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished Names containing a UID
- * attribute, the UID will be the value of that attribute. Note
- * that no UID attribute is defined in either PKIX or PKCS#9;
- * rather, this seems to derive from RFC 1274, which defines the
- * type as a caseIgnoreString. We'll return a Directory String.
- * If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetUID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing either
- * a PKIX email address or a PKCS#9 email address, the result will
- * be the value of that attribute. If the General Name is an RFC 822
- * Name, the result will be the string form of that name. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5String */
-NSSGeneralName_GetEmail
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a PKIX
- * Common Name, the result will be that name. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetCommonName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing an
- * Organization, the result will be the value of that attribute.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetOrganization
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified general name, if the choices and
- * content of the name permit. If the General Name is a (directory)
- * Name consisting of a Sequence of Relative Distinguished names
- * containing one or more organisational units, the result will
- * consist of those units. If the optional arena argument is non-
- * null, the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-NSSGeneralName_GetOrganizationalUnits
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a state or
- * province, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetStateOrProvince
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetLocality
- *
- * This routine will attempt to derive a locality name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a Locality,
- * the result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetLocality
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting of a
- * Sequence of Relative Distinguished names containing a Country, the
- * result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-NSSGeneralName_GetCountry
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetAttribute
- *
- * If the specified general name is a (directory) name consisting
- * of a Sequence of Relative Distinguished Names containing an
- * attribute with the specified type, and the actual value of that
- * attribute may be expressed with a Directory String, then the
- * value of that attribute will be returned as a Directory String.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetAttribute
-(
- NSSGeneralName *generalName,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSGeneralNameSeq_CreateFromBER -- constructor
- * NSSGeneralNameSeq_Create -- constructor
- *
- * NSSGeneralNameSeq_Destroy
- * NSSGeneralNameSeq_GetDEREncoding
- * NSSGeneralNameSeq_AppendGeneralName
- * NSSGeneralNameSeq_GetGeneralNameCount
- * NSSGeneralNameSeq_GetGeneralName
- * NSSGeneralNameSeq_Compare
- * NSSGeneralnameSeq_Duplicate
- */
-
-/*
- * NSSGeneralNameSeq_CreateFromBER
- *
- * This routine creates a general name sequence by decoding a BER-
- * or DER-encoded GeneralNames. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_Create
- *
- * This routine creates an NSSGeneralNameSeq from one or more General
- * Names. The final argument to this routine must be NULL. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_Create
-(
- NSSArena *arenaOpt,
- NSSGeneralName *generalName1,
- ...
-);
-
-/*
- * NSSGeneralNameSeq_Destroy
- *
- * This routine will destroy an NSSGeneralNameSeq object. It should
- * eventually be called on all NSSGeneralNameSeqs created without an
- * arena. While it is not necessary to call it on NSSGeneralNameSeq's
- * created within an arena, it is not an error to do so. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_Destroy
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_GetDEREncoding
- *
- * This routine will DER-encode an NSSGeneralNameSeq object. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralNameSeq
- */
-
-NSS_EXTERN NSSDER *
-NSSGeneralNameSeq_GetDEREncoding
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq_AppendGeneralName
- *
- * This routine appends a General Name to the end of the existing
- * General Name Sequence. If the sequence was created with a non-null
- * arena argument, that same arena will be used for any additional
- * required memory. If the sequence was created with a NULL arena
- * argument, any additional memory will be obtained from the heap.
- * This routine returns a PRStatus value; it will return PR_SUCCESS
- * upon success, and upon failure it will create an error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure.
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_AppendGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralNameSeq_GetGeneralNameCount
- *
- * This routine returns the cardinality of the specified General name
- * Sequence. This routine may return 0 upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value;
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSGeneralNameSeq_GetGeneralNameCount
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_GetGeneralName
- *
- * This routine returns a pointer to the i'th General Name in the
- * specified General Name Sequence. The value of the variable 'i' is
- * on the range [0,c) where c is the cardinality returned from
- * NSSGeneralNameSeq_GetGeneralNameCount. The caller owns the General
- * Name the pointer to which is returned. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to a General Name.
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralNameSeq_GetGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * NSSGeneralNameSeq_Compare
- *
- * This routine compares two General Name Sequences for equality. For
- * two General Name Sequences to be equal, they must have the same
- * cardinality, and each General Name in one sequence must be equal to
- * the corresponding General Name in the other. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_Compare
-(
- NSSGeneralNameSeq *generalNameSeq1,
- NSSGeneralNameSeq *generalNameSeq2,
- PRBool *equalp
-);
-
-/*
- * NSSGeneralNameSeq_Duplicate
- *
- * This routine duplicates the specified sequence of general names. If
- * the optional arena argument is non-null, the memory required will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new General Name Sequence.
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_Duplicate
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSPT1M_H */
diff --git a/security/nss/lib/pki1/nsspki1t.h b/security/nss/lib/pki1/nsspki1t.h
deleted file mode 100644
index 8765a3ad3..000000000
--- a/security/nss/lib/pki1/nsspki1t.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI1T_H
-#define NSSPKI1T_H
-
-#ifdef DEBUG
-static const char NSSPKI1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki1t.h
- *
- * This file contains the public type definitions for the PKIX part-1
- * objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * OBJECT IDENTIFIER
- *
- * This is the basic OID that crops up everywhere.
- */
-
-struct NSSOIDStr;
-typedef struct NSSOIDStr NSSOID;
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNamess consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- */
-
-struct NSSATAVStr;
-typedef struct NSSATAVStr NSSATAV;
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- */
-
-struct NSSRDNStr;
-typedef struct NSSRDNStr NSSRDN;
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- */
-
-struct NSSRDNSeqStr;
-typedef struct NSSRDNSeqStr NSSRDNSeq;
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- */
-
-struct NSSNameStr;
-typedef struct NSSNameStr NSSName;
-
-/*
- * NameChoice
- *
- * This enumeration is used to specify choice within a name.
- */
-
-enum NSSNameChoiceEnum {
- NSSNameChoiceInvalid = -1,
- NSSNameChoiceRdnSequence
-};
-typedef enum NSSNameChoiceEnum NSSNameChoice;
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- */
-
-struct NSSGeneralNameStr;
-typedef struct NSSGeneralNameStr NSSGeneralName;
-
-/*
- * GeneralNameChoice
- *
- * This enumerates the possible general name types.
- */
-
-enum NSSGeneralNameChoiceEnum {
- NSSGeneralNameChoiceInvalid = -1,
- NSSGeneralNameChoiceOtherName = 0,
- NSSGeneralNameChoiceRfc822Name = 1,
- NSSGeneralNameChoiceDNSName = 2,
- NSSGeneralNameChoiceX400Address = 3,
- NSSGeneralNameChoiceDirectoryName = 4,
- NSSGeneralNameChoiceEdiPartyName = 5,
- NSSGeneralNameChoiceUniformResourceIdentifier = 6,
- NSSGeneralNameChoiceIPAddress = 7,
- NSSGeneralNameChoiceRegisteredID = 8
-};
-typedef enum NSSGeneralNameChoiceEnum NSSGeneralNameChoice;
-
-/*
- * The "other" types of general names.
- */
-
-struct NSSOtherNameStr;
-typedef struct NSSOtherNameStr NSSOtherName;
-
-struct NSSRFC822NameStr;
-typedef struct NSSRFC822NameStr NSSRFC822Name;
-
-struct NSSDNSNameStr;
-typedef struct NSSDNSNameStr NSSDNSName;
-
-struct NSSX400AddressStr;
-typedef struct NSSX400AddressStr NSSX400Address;
-
-struct NSSEdiPartyNameStr;
-typedef struct NSSEdiPartyNameStr NSSEdiPartyName;
-
-struct NSSURIStr;
-typedef struct NSSURIStr NSSURI;
-
-struct NSSIPAddressStr;
-typedef struct NSSIPAddressStr NSSIPAddress;
-
-struct NSSRegisteredIDStr;
-typedef struct NSSRegisteredIDStr NSSRegisteredID;
-
-/*
- * GeneralNameSeq
- *
- * This structure contains a sequence of GeneralName objects.
- * Note that the PKIX documents refer to this as "GeneralNames,"
- * which differs from "GeneralName" by only one letter. To
- * try to reduce confusion, we expand the name slightly to
- * "GeneralNameSeq."
- */
-
-struct NSSGeneralNameSeqStr;
-typedef struct NSSGeneralNameSeqStr NSSGeneralNameSeq;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKI1T_H */
diff --git a/security/nss/lib/pki1/oid.c b/security/nss/lib/pki1/oid.c
deleted file mode 100644
index 9bddf33ee..000000000
--- a/security/nss/lib/pki1/oid.c
+++ /dev/null
@@ -1,1615 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * oid.c
- *
- * This file contains the implementation of the basic OID routines.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-#include "plhash.h"
-#include "plstr.h"
-
-/*
- * NSSOID
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSOID_CreateFromBER -- constructor
- * NSSOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * NSSOID_GetDEREncoding
- * NSSOID_GetUTF8Encoding
-
- * The non-public "methods" regarding this "object" are:
- *
- * nssOID_CreateFromBER -- constructor
- * nssOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * nssOID_GetDEREncoding
- * nssOID_GetUTF8Encoding
- *
- * In debug builds, the following non-public calls are also available:
- *
- * nssOID_verifyPointer
- * nssOID_getExplanation
- * nssOID_getTaggedUTF8
- */
-
-const NSSOID *NSS_OID_UNKNOWN = (NSSOID *)NULL;
-
-/*
- * First, the public "wrappers"
- */
-
-/*
- * NSSOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromBER
-(
- NSSBER *berOid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- /*
- * NSSBERs can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSBER *)NULL == berOid ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSOID *)NULL;
- }
-
- if( (void *)NULL == berOid->data ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssOID_CreateFromBER(berOid);
-}
-
-/*
- * NSSOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- /*
- * NSSUTF8s can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSUTF8 *)NULL == stringOid ) {
- nss_SetError(NSS_ERROR_INVALID_UTF8);
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssOID_CreateFromUTF8(stringOid);
-}
-
-/*
- * NSSOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-NSSOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssOID_GetDEREncoding(oid, rvOpt, arenaOpt);
-}
-
-/*
- * NSSOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssOID_GetUTF8Encoding(oid, arenaOpt);
-}
-
-/*
- * Next, some internal bookkeeping; including the OID "tag" table
- * and the debug-version pointer tracker.
- */
-
-/*
- * For implementation reasons (so NSSOIDs can be compared with ==),
- * we hash all NSSOIDs. This is the hash table.
- */
-
-static PLHashTable *oid_hash_table;
-
-/*
- * And this is its lock.
- */
-
-static PZLock *oid_hash_lock;
-
-/*
- * This is the hash function. We simply XOR the encoded form with
- * itself in sizeof(PLHashNumber)-byte chunks. Improving this
- * routine is left as an excercise for the more mathematically
- * inclined student.
- */
-
-static PLHashNumber PR_CALLBACK
-oid_hash
-(
- const void *key
-)
-{
- const NSSItem *item = (const NSSItem *)key;
- PLHashNumber rv = 0;
-
- PRUint8 *data = (PRUint8 *)item->data;
- PRUint32 i;
- PRUint8 *rvc = (PRUint8 *)&rv;
-
- for( i = 0; i < item->size; i++ ) {
- rvc[ i % sizeof(rv) ] ^= *data;
- data++;
- }
-
- return rv;
-}
-
-/*
- * This is the key-compare function. It simply does a lexical
- * comparison on the encoded OID form. This does not result in
- * quite the same ordering as the "sequence of numbers" order,
- * but heck it's only used internally by the hash table anyway.
- */
-
-static PRIntn PR_CALLBACK
-oid_hash_compare
-(
- const void *k1,
- const void *k2
-)
-{
- PRIntn rv;
-
- const NSSItem *i1 = (const NSSItem *)k1;
- const NSSItem *i2 = (const NSSItem *)k2;
-
- PRUint32 size = (i1->size < i2->size) ? i1->size : i2->size;
-
- rv = (PRIntn)nsslibc_memequal(i1->data, i2->data, size, (PRStatus *)NULL);
- if( 0 == rv ) {
- rv = i1->size - i2->size;
- }
-
- return !rv;
-}
-
-/*
- * The pointer-tracking code
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker oid_pointer_tracker;
-
-static PRStatus
-oid_add_pointer
-(
- const NSSOID *oid
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&oid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&oid_pointer_tracker, oid);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-#if defined(CAN_DELETE_OIDS)
-/*
- * We actually don't define NSSOID deletion, since we keep OIDs
- * in a hash table for easy comparison. Were we to, this is
- * what the pointer-removal function would look like.
- */
-
-static PRStatus
-oid_remove_pointer
-(
- const NSSOID *oid
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&oid_pointer_tracker, oid);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-#endif /* CAN_DELETE_OIDS */
-
-#endif /* DEBUG */
-
-/*
- * All dynamically-added OIDs get their memory from one statically-
- * declared arena here, merely so that any cleanup code will have
- * an easier time of it.
- */
-
-static NSSArena *oid_arena;
-
-/*
- * This is the call-once function which initializes the hashtable.
- * It creates it, then prepopulates it with all of the builtin OIDs.
- * It also creates the aforementioned NSSArena.
- */
-
-static PRStatus PR_CALLBACK
-oid_once_func
-(
- void
-)
-{
- PRUint32 i;
-
- /* Initialize the arena */
- oid_arena = nssArena_Create();
- if( (NSSArena *)NULL == oid_arena ) {
- goto loser;
- }
-
- /* Create the hash table lock */
- oid_hash_lock = PZ_NewLock(nssILockOID);
- if( (PZLock *)NULL == oid_hash_lock ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* Create the hash table */
- oid_hash_table = PL_NewHashTable(0, oid_hash, oid_hash_compare,
- PL_CompareValues,
- (PLHashAllocOps *)0,
- (void *)0);
- if( (PLHashTable *)NULL == oid_hash_table ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* And populate it with all the builtins */
- for( i = 0; i < nss_builtin_oid_count; i++ ) {
- NSSOID *oid = (NSSOID *)&nss_builtin_oids[i];
- PLHashEntry *e = PL_HashTableAdd(oid_hash_table, &oid->data, oid);
- if( (PLHashEntry *)NULL == e ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != oid_add_pointer(oid) ) {
- goto loser;
- }
-#endif /* DEBUG */
- }
-
- return PR_SUCCESS;
-
- loser:
- if( (PLHashTable *)NULL != oid_hash_table ) {
- PL_HashTableDestroy(oid_hash_table);
- oid_hash_table = (PLHashTable *)NULL;
- }
-
- if( (PZLock *)NULL != oid_hash_lock ) {
- PZ_DestroyLock(oid_hash_lock);
- oid_hash_lock = (PZLock *)NULL;
- }
-
- if( (NSSArena *)NULL != oid_arena ) {
- (void)nssArena_Destroy(oid_arena);
- oid_arena = (NSSArena *)NULL;
- }
-
- return PR_FAILURE;
-}
-
-/*
- * This is NSPR's once-block.
- */
-
-static PRCallOnceType oid_call_once;
-
-/*
- * And this is our multiply-callable internal init routine, which
- * will call-once our call-once function.
- */
-
-static PRStatus
-oid_init
-(
- void
-)
-{
- return PR_CallOnce(&oid_call_once, oid_once_func);
-}
-
-#ifdef DEBUG
-
-/*
- * nssOID_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSOID object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssOID_verifyPointer
-(
- const NSSOID *oid
-)
-{
- PRStatus rv;
-
- rv = oid_init();
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_initialize(&oid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&oid_pointer_tracker, oid);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_NSSOID);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * oid_sanity_check_ber
- *
- * This routine merely applies some sanity-checking to the BER-encoded
- * OID.
- */
-
-static PRStatus
-oid_sanity_check_ber
-(
- NSSBER *berOid
-)
-{
- PRUint32 i;
- PRUint8 *data = (PRUint8 *)berOid->data;
-
- /*
- * The size must be longer than zero bytes.
- */
-
- if( berOid->size <= 0 ) {
- return PR_FAILURE;
- }
-
- /*
- * In general, we can't preclude any number from showing up
- * someday. We could probably guess that top-level numbers
- * won't get very big (beyond the current ccitt(0), iso(1),
- * or joint-ccitt-iso(2)). However, keep in mind that the
- * encoding rules wrap the first two numbers together, as
- *
- * (first * 40) + second
- *
- * Also, it is noted in the specs that this implies that the
- * second number won't go above forty.
- *
- * 128 encodes 3.8, which seems pretty safe for now. Let's
- * check that the first byte is less than that.
- *
- * XXX This is a "soft check" -- we may want to exclude it.
- */
-
- if( data[0] >= 0x80 ) {
- return PR_FAILURE;
- }
-
- /*
- * In a normalised format, leading 0x80s will never show up.
- * This means that no 0x80 will be preceeded by the final
- * byte of a sequence, which would naturaly be less than 0x80.
- * Our internal encoding for the single-digit OIDs uses 0x80,
- * but the only places we use them (loading the builtin table,
- * and adding a UTF8-encoded OID) bypass this check.
- */
-
- for( i = 1; i < berOid->size; i++ ) {
- if( (0x80 == data[i]) && (data[i-1] < 0x80) ) {
- return PR_FAILURE;
- }
- }
-
- /*
- * The high bit of each octet indicates that following octets
- * are included in the current number. Thus the last byte can't
- * have the high bit set.
- */
-
- if( data[ berOid->size-1 ] >= 0x80 ) {
- return PR_FAILURE;
- }
-
- /*
- * Other than that, any byte sequence is legit.
- */
- return PR_SUCCESS;
-}
-
-/*
- * nssOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromBER
-(
- NSSBER *berOid
-)
-{
- NSSOID *rv;
- PLHashEntry *e;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSOID *)NULL;
- }
-
- if( PR_SUCCESS != oid_sanity_check_ber(berOid) ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSOID *)NULL;
- }
-
- /*
- * Does it exist?
- */
- PZ_Lock(oid_hash_lock);
- rv = (NSSOID *)PL_HashTableLookup(oid_hash_table, berOid);
- (void)PZ_Unlock(oid_hash_lock);
- if( (NSSOID *)NULL != rv ) {
- /* Found it! */
- return rv;
- }
-
- /*
- * Doesn't exist-- create it.
- */
- rv = nss_ZNEW(oid_arena, NSSOID);
- if( (NSSOID *)NULL == rv ) {
- return (NSSOID *)NULL;
- }
-
- rv->data.data = nss_ZAlloc(oid_arena, berOid->size);
- if( (void *)NULL == rv->data.data ) {
- return (NSSOID *)NULL;
- }
-
- rv->data.size = berOid->size;
- nsslibc_memcpy(rv->data.data, berOid->data, berOid->size);
-
-#ifdef DEBUG
- rv->tag = "<runtime>";
- rv->expl = "(OID registered at runtime)";
-#endif /* DEBUG */
-
- PZ_Lock(oid_hash_lock);
- e = PL_HashTableAdd(oid_hash_table, &rv->data, rv);
- (void)PZ_Unlock(oid_hash_lock);
- if( (PLHashEntry *)NULL == e ) {
- nss_ZFreeIf(rv->data.data);
- nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSOID *)NULL;
- }
-
-#ifdef DEBUG
- {
- PRStatus st;
- st = oid_add_pointer(rv);
- if( PR_SUCCESS != st ) {
- PZ_Lock(oid_hash_lock);
- (void)PL_HashTableRemove(oid_hash_table, &rv->data);
- (void)PZ_Unlock(oid_hash_lock);
- (void)nss_ZFreeIf(rv->data.data);
- (void)nss_ZFreeIf(rv);
- return (NSSOID *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * oid_sanity_check_utf8
- *
- * This routine merely applies some sanity-checking to the
- * UTF8-encoded OID.
- */
-
-static PRStatus
-oid_sanity_check_utf8
-(
- NSSUTF8 *s
-)
-{
- /*
- * It may begin with an octothorpe, which we skip.
- */
-
- if( '#' == *s ) {
- s++;
- }
-
- /*
- * It begins with a number
- */
-
- if( (*s < '0') || (*s > '9') ) {
- return PR_FAILURE;
- }
-
- /*
- * First number is only one digit long
- *
- * XXX This is a "soft check" -- we may want to exclude it
- */
-
- if( (s[1] != '.') && (s[1] != '\0') ) {
- return PR_FAILURE;
- }
-
- /*
- * Every character is either a digit or a period
- */
-
- for( ; '\0' != *s; s++ ) {
- if( ('.' != *s) && ((*s < '0') || (*s > '9')) ) {
- return PR_FAILURE;
- }
-
- /* No two consecutive periods */
- if( ('.' == *s) && ('.' == s[1]) ) {
- return PR_FAILURE;
- }
- }
-
- /*
- * The last character isn't a period
- */
-
- if( '.' == *--s ) {
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-static PRUint32
-oid_encode_number
-(
- PRUint32 n,
- PRUint8 *dp,
- PRUint32 nb
-)
-{
- PRUint32 a[5];
- PRUint32 i;
- PRUint32 rv;
-
- a[0] = (n >> 28) & 0x7f;
- a[1] = (n >> 21) & 0x7f;
- a[2] = (n >> 14) & 0x7f;
- a[3] = (n >> 7) & 0x7f;
- a[4] = n & 0x7f;
-
- for( i = 0; i < 5; i++ ) {
- if( 0 != a[i] ) {
- break;
- }
- }
-
- if( 5 == i ) {
- i--;
- }
-
- rv = 5-i;
- if( rv > nb ) {
- return rv;
- }
-
- for( ; i < 4; i++ ) {
- *dp = 0x80 | a[i];
- dp++;
- }
-
- *dp = a[4];
-
- return rv;
-}
-
-/*
- * oid_encode_huge
- *
- * This routine will convert a huge decimal number into the DER
- * encoding for oid numbers. It is not limited to numbers that will
- * fit into some wordsize, like oid_encode_number. But it's not
- * necessarily very fast, either. This is here in case some joker
- * throws us an ASCII oid like 1.2.3.99999999999999999999999999.
- */
-
-static PRUint32
-oid_encode_huge
-(
- NSSUTF8 *s,
- NSSUTF8 *e,
- PRUint8 *dp,
- PRUint32 nb
-)
-{
- PRUint32 slen = (e-s);
- PRUint32 blen = (slen+1)/2;
- PRUint8 *st = (PRUint8 *)NULL;
- PRUint8 *bd = (PRUint8 *)NULL;
- PRUint32 i;
- PRUint32 bitno;
- PRUint8 *last;
- PRUint8 *first;
- PRUint32 byteno;
- PRUint8 mask;
-
- /* We'll be munging the data, so duplicate it */
- st = (PRUint8 *)nss_ZAlloc((NSSArena *)NULL, slen);
- if( (PRUint8 *)NULL == st ) {
- return 0;
- }
-
- /* Don't know ahead of time exactly how long we'll need */
- bd = (PRUint8 *)nss_ZAlloc((NSSArena *)NULL, blen);
- if( (PRUint8 *)NULL == bd ) {
- (void)nss_ZFreeIf(st);
- return 0;
- }
-
- /* Copy the original, and convert ASCII to numbers */
- for( i = 0; i < slen; i++ ) {
- st[i] = (PRUint8)(s[i] - '0');
- }
-
- last = &st[slen-1];
- first = &st[0];
-
- /*
- * The way we create the binary version is by looking at it
- * bit by bit. Start with the least significant bit. If the
- * number is odd, set that bit. Halve the number (with integer
- * division), and go to the next least significant bit. Keep
- * going until the number goes to zero.
- */
- for( bitno = 0; ; bitno++ ) {
- PRUint8 *d;
-
- byteno = bitno/7;
- mask = (PRUint8)(1 << (bitno%7));
-
- /* Skip leading zeroes */
- for( ; first < last; first ++ ) {
- if( 0 != *first ) {
- break;
- }
- }
-
- /* Down to one number and it's a zero? Done. */
- if( (first == last) && (0 == *last) ) {
- break;
- }
-
- /* Last digit is odd? Set the bit */
- if( *last & 1 ) {
- bd[ byteno ] |= mask;
- }
-
-
- /*
- * Divide the number in half. This is just a matter
- * of going from the least significant digit upwards,
- * halving each one. If any digit is odd (other than
- * the last, which has already been handled), add five
- * to the digit to its right.
- */
- *last /= 2;
-
- for( d = &last[-1]; d >= first; d-- ) {
- if( *d & 1 ) {
- d[1] += 5;
- }
-
- *d /= 2;
- }
- }
-
- /* Is there room to write the encoded data? */
- if( (byteno+1) > nb ) {
- return (byteno+1);
- }
-
- /* Trim any leading zero that crept in there */
- for( ; byteno > 0; byteno-- ) {
- if( 0 != bd[ byteno ] ) {
- break;
- }
- }
-
- /* Copy all but the last, marking the "continue" bit */
- for( i = 0; i < byteno; i++ ) {
- dp[i] = bd[ byteno-i ] | 0x80;
- }
- /* And the last with the "continue" bit clear */
- dp[byteno] = bd[0];
-
- (void)nss_ZFreeIf(bd);
- (void)nss_ZFreeIf(st);
- return (byteno+1);
-}
-
-/*
- * oid_encode_string
- *
- * This routine converts a dotted-number OID into a DER-encoded
- * one. It assumes we've already sanity-checked the string.
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static NSSOID *
-oid_encode_string
-(
- NSSUTF8 *s
-)
-{
- PRUint32 nn = 0; /* number of numbers */
- PRUint32 nb = 0; /* number of bytes (estimated) */
- NSSUTF8 *t;
- PRUint32 nd = 0; /* number of digits */
- NSSOID *rv;
- PRUint8 *dp;
- PRUint32 a, b;
- PRUint32 inc;
-
- /* Dump any octothorpe */
- if( '#' == *s ) {
- s++;
- }
-
- /* Count up the bytes needed */
- for( t = s; '\0' != *t; t++ ) {
- if( '.' == *t ) {
- nb += (nd+1)/2; /* errs on the big side */
- nd = 0;
- nn++;
- } else {
- nd++;
- }
- }
- nb += (nd+1)/2;
- nn++;
-
- if( 1 == nn ) {
- /*
- * We have our own "denormalised" encoding for these,
- * which is only used internally.
- */
- nb++;
- }
-
- /*
- * Allocate. Note that we don't use the oid_arena here.. this is
- * because there really isn't a "free()" for stuff allocated out of
- * arenas (at least with the current implementation), so this would
- * keep using up memory each time a UTF8-encoded OID were added.
- * If need be (if this is the first time this oid has been seen),
- * we'll copy it.
- */
- rv = nss_ZNEW((NSSArena *)NULL, NSSOID);
- if( (NSSOID *)NULL == rv ) {
- return (NSSOID *)NULL;
- }
-
- rv->data.data = nss_ZAlloc((NSSArena *)NULL, nb);
- if( (void *)NULL == rv->data.data ) {
- (void)nss_ZFreeIf(rv);
- return (NSSOID *)NULL;
- }
-
- dp = (PRUint8 *)rv->data.data;
-
- a = atoi(s);
-
- if( 1 == nn ) {
- dp[0] = '\x80';
- inc = oid_encode_number(a, &dp[1], nb-1);
- if( inc >= nb ) {
- goto loser;
- }
- } else {
- for( t = s; '.' != *t; t++ ) {
- ;
- }
-
- t++;
- b = atoi(t);
- inc = oid_encode_number(a*40+b, dp, nb);
- if( inc > nb ) {
- goto loser;
- }
- dp += inc;
- nb -= inc;
- nn -= 2;
-
- while( nn-- > 0 ) {
- NSSUTF8 *u;
-
- for( ; '.' != *t; t++ ) {
- ;
- }
-
- t++;
-
- for( u = t; ('\0' != *u) && ('.' != *u); u++ ) {
- ;
- }
-
- if( (u-t > 9) ) {
- /* In the billions. Rats. */
- inc = oid_encode_huge(t, u, dp, nb);
- } else {
- b = atoi(t);
- inc = oid_encode_number(b, dp, nb);
- }
-
- if( inc > nb ) {
- goto loser;
- }
- dp += inc;
- nb -= inc;
- }
- }
-
- return rv;
-
- loser:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return (NSSOID *)NULL;
-}
-
-/*
- * nssOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-)
-{
- NSSOID *rv = (NSSOID *)NULL;
- NSSOID *candidate = (NSSOID *)NULL;
- PLHashEntry *e;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSOID *)NULL;
- }
-
- if( PR_SUCCESS != oid_sanity_check_utf8(stringOid) ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSOID *)NULL;
- }
-
- candidate = oid_encode_string(stringOid);
- if( (NSSOID *)NULL == candidate ) {
- /* Internal error only */
- return rv;
- }
-
- /*
- * Does it exist?
- */
- PZ_Lock(oid_hash_lock);
- rv = (NSSOID *)PL_HashTableLookup(oid_hash_table, &candidate->data);
- (void)PZ_Unlock(oid_hash_lock);
- if( (NSSOID *)NULL != rv ) {
- /* Already exists. Delete my copy and return the original. */
- (void)nss_ZFreeIf(candidate->data.data);
- (void)nss_ZFreeIf(candidate);
- return rv;
- }
-
- /*
- * Nope. Add it. Remember to allocate it out of the oid arena.
- */
-
- rv = nss_ZNEW(oid_arena, NSSOID);
- if( (NSSOID *)NULL == rv ) {
- goto loser;
- }
-
- rv->data.data = nss_ZAlloc(oid_arena, candidate->data.size);
- if( (void *)NULL == rv->data.data ) {
- goto loser;
- }
-
- rv->data.size = candidate->data.size;
- nsslibc_memcpy(rv->data.data, candidate->data.data, rv->data.size);
-
- (void)nss_ZFreeIf(candidate->data.data);
- (void)nss_ZFreeIf(candidate);
-
-#ifdef DEBUG
- rv->tag = "<runtime>";
- rv->expl = "(OID registered at runtime)";
-#endif /* DEBUG */
-
- PZ_Lock(oid_hash_lock);
- e = PL_HashTableAdd(oid_hash_table, &rv->data, rv);
- (void)PZ_Unlock(oid_hash_lock);
- if( (PLHashEntry *)NULL == e ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
-#ifdef DEBUG
- {
- PRStatus st;
- st = oid_add_pointer(rv);
- if( PR_SUCCESS != st ) {
- PZ_Lock(oid_hash_lock);
- (void)PL_HashTableRemove(oid_hash_table, &rv->data);
- (void)PZ_Unlock(oid_hash_lock);
- goto loser;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (NSSOID *)NULL != candidate ) {
- (void)nss_ZFreeIf(candidate->data.data);
- }
- (void)nss_ZFreeIf(candidate);
-
- if( (NSSOID *)NULL != rv ) {
- (void)nss_ZFreeIf(rv->data.data);
- }
- (void)nss_ZFreeIf(rv);
-
- return (NSSOID *)NULL;
-}
-
-/*
- * nssOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-nssOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- const NSSItem *it;
- NSSDER *rv;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSDER *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- it = &oid->data;
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->data = nss_ZAlloc(arenaOpt, it->size);
- if( (void *)NULL == rv->data ) {
- if( rv != rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
- return (NSSDER *)NULL;
- }
-
- rv->size = it->size;
- nsslibc_memcpy(rv->data, it->data, it->size);
-
- return rv;
-}
-
-/*
- * nssOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-nssOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- PRUint8 *end;
- PRUint8 *d;
- PRUint8 *e;
- char *a;
- char *b;
- PRUint32 len;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSUTF8 *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- a = (char *)NULL;
-
- /* d will point to the next sequence of bytes to decode */
- d = (PRUint8 *)oid->data.data;
- /* end points to one past the legitimate data */
- end = &d[ oid->data.size ];
-
-#ifdef NSSDEBUG
- /*
- * Guarantee that the for(e=d;e<end;e++) loop below will
- * terminate. Our BER sanity-checking code above will prevent
- * such a BER from being registered, so the only other way one
- * might show up is if our dotted-decimal encoder above screws
- * up or our generated list is wrong. So I'll wrap it with
- * #ifdef NSSDEBUG and #endif.
- */
- if( end[-1] & 0x80 ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Check for our pseudo-encoded single-digit OIDs
- */
- if( (*d == 0x80) && (2 == oid->data.size) ) {
- /* Funky encoding. The second byte is the number */
- a = PR_smprintf("%lu", (PRUint32)d[1]);
- if( (char *)NULL == a ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
- goto done;
- }
-
- for( ; d < end; d = &e[1] ) {
-
- for( e = d; e < end; e++ ) {
- if( 0 == (*e & 0x80) ) {
- break;
- }
- }
-
- if( ((e-d) > 4) || (((e-d) == 4) && (*d & 0x70)) ) {
- /* More than a 32-bit number */
- } else {
- PRUint32 n = 0;
-
- switch( e-d ) {
- case 4:
- n |= ((PRUint32)(e[-4] & 0x0f)) << 28;
- case 3:
- n |= ((PRUint32)(e[-3] & 0x7f)) << 21;
- case 2:
- n |= ((PRUint32)(e[-2] & 0x7f)) << 14;
- case 1:
- n |= ((PRUint32)(e[-1] & 0x7f)) << 7;
- case 0:
- n |= ((PRUint32)(e[-0] & 0x7f)) ;
- }
-
- if( (char *)NULL == a ) {
- /* This is the first number.. decompose it */
- PRUint32 one = (n/40), two = (n%40);
-
- a = PR_smprintf("%lu.%lu", one, two);
- if( (char *)NULL == a ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
- } else {
- b = PR_smprintf("%s.%lu", a, n);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- PR_smprintf_free(a);
- a = b;
- }
- }
- }
-
- done:
- /*
- * Even if arenaOpt is NULL, we have to copy the data so that
- * it'll be freed with the right version of free: ours, not
- * PR_smprintf_free's.
- */
- len = PL_strlen(a);
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len);
- if( (NSSUTF8 *)NULL == rv ) {
- PR_smprintf_free(a);
- return (NSSUTF8 *)NULL;
- }
-
- nsslibc_memcpy(rv, a, len);
- PR_smprintf_free(a);
-
- return rv;
-}
-
-/*
- * nssOID_getExplanation
- *
- * This method is only present in debug builds.
- *
- * This routine will return a static pointer to a UTF8-encoded string
- * describing (in English) the specified OID. The memory pointed to
- * by the return value is not owned by the caller, and should not be
- * freed or modified. Note that explanations are only provided for
- * the OIDs built into the NSS library; there is no way to specify an
- * explanation for dynamically created OIDs. This routine is intended
- * only for use in debugging tools such as "derdump." This routine
- * may return null upon error, in which case it will have placed an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- * NULL upon error
- * A static pointer to a readonly, non-caller-owned UTF8-encoded
- * string explaining the specified OID.
- */
-
-#ifdef DEBUG
-NSS_EXTERN const NSSUTF8 *
-nssOID_getExplanation
-(
- NSSOID *oid
-)
-{
- if( PR_SUCCESS != oid_init() ) {
- return (const NSSUTF8 *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return oid->expl;
-}
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getTaggedUTF8
- *
- * This method is only present in debug builds.
- *
- * This routine will return a pointer to a caller-owned UTF8-encoded
- * string containing a tagged encoding of the specified OID. Note
- * that OID (component) tags are only provided for the OIDs built
- * into the NSS library; there is no way to specify tags for
- * dynamically created OIDs. This routine is intended for use in
- * debugging tools such as "derdump." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the tagged encoding of
- * this NSSOID
- */
-
-#ifdef DEBUG
-NSS_EXTERN NSSUTF8 *
-nssOID_getTaggedUTF8
-(
- NSSOID *oid,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- char *raw;
- char *c;
- char *a = (char *)NULL;
- char *b;
- PRBool done = PR_FALSE;
- PRUint32 len;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSUTF8 *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- a = PR_smprintf("{");
- if( (char *)NULL == a ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- /*
- * What I'm doing here is getting the text version of the OID,
- * e.g. 1.2.12.92, then looking up each set of leading numbers
- * as oids.. e.g. "1," then "1.2," then "1.2.12," etc. Each of
- * those will have the leaf tag, and I just build up the string.
- * I never said this was the most efficient way of doing it,
- * but hey it's a debug-build thing, and I'm getting really tired
- * of writing this stupid low-level PKI code.
- */
-
- /* I know it's all ASCII, so I can use char */
- raw = (char *)nssOID_GetUTF8Encoding(oid, (NSSArena *)NULL);
- if( (char *)NULL == raw ) {
- return (NSSUTF8 *)NULL;
- }
-
- for( c = raw; !done; c++ ) {
- NSSOID *lead;
- char *lastdot;
-
- for( ; '.' != *c; c++ ) {
- if( '\0' == *c ) {
- done = PR_TRUE;
- break;
- }
- }
-
- *c = '\0';
- lead = nssOID_CreateFromUTF8((NSSUTF8 *)raw);
- if( (NSSOID *)NULL == lead ) {
- PR_smprintf_free(a);
- nss_ZFreeIf(raw);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- lastdot = PL_strrchr(raw, '.');
- if( (char *)NULL == lastdot ) {
- lastdot = raw;
- }
-
- b = PR_smprintf("%s %s(%s) ", a, lead->tag, &lastdot[1]);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- nss_ZFreeIf(raw);
- /* drop the OID reference on the floor */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- PR_smprintf_free(a);
- a = b;
-
- if( !done ) {
- *c = '.';
- }
- }
-
- nss_ZFreeIf(raw);
-
- b = PR_smprintf("%s }", a);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- len = PL_strlen(b);
-
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len+1);
- if( (NSSUTF8 *)NULL == rv ) {
- PR_smprintf_free(b);
- return (NSSUTF8 *)NULL;
- }
-
- nsslibc_memcpy(rv, b, len);
- PR_smprintf_free(b);
-
- return rv;
-}
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
diff --git a/security/nss/lib/pki1/oiddata.c b/security/nss/lib/pki1/oiddata.c
deleted file mode 100644
index 1945421d1..000000000
--- a/security/nss/lib/pki1/oiddata.c
+++ /dev/null
@@ -1,2933 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-const NSSOID nss_builtin_oids[] = {
- {
-#ifdef DEBUG
- "ccitt",
- "ITU-T",
-#endif /* DEBUG */
- { "\x80\x00", 2 }
- },
- {
-#ifdef DEBUG
- "recommendation",
- "ITU-T Recommendation",
-#endif /* DEBUG */
- { "\x00", 1 }
- },
- {
-#ifdef DEBUG
- "question",
- "ITU-T Question",
-#endif /* DEBUG */
- { "\x01", 1 }
- },
- {
-#ifdef DEBUG
- "administration",
- "ITU-T Administration",
-#endif /* DEBUG */
- { "\x02", 1 }
- },
- {
-#ifdef DEBUG
- "network-operator",
- "ITU-T Network Operator",
-#endif /* DEBUG */
- { "\x03", 1 }
- },
- {
-#ifdef DEBUG
- "identified-organization",
- "ITU-T Identified Organization",
-#endif /* DEBUG */
- { "\x04", 1 }
- },
- {
-#ifdef DEBUG
- "data",
- "RFC Data",
-#endif /* DEBUG */
- { "\x09", 1 }
- },
- {
-#ifdef DEBUG
- "pss",
- "PSS British Telecom X.25 Network",
-#endif /* DEBUG */
- { "\x09\x92\x26", 3 }
- },
- {
-#ifdef DEBUG
- "ucl",
- "RFC 1274 UCL Data networks",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c", 7 }
- },
- {
-#ifdef DEBUG
- "pilot",
- "RFC 1274 pilot",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64", 8 }
- },
- {
-#ifdef DEBUG
- "attributeType",
- "RFC 1274 Attribute Type",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01", 9 }
- },
- {
-#ifdef DEBUG
- "uid",
- "RFC 1274 User Id",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x01", 10 }
- },
- {
-#ifdef DEBUG
- "mail",
- "RFC 1274 E-mail Addres",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x03", 10 }
- },
- {
-#ifdef DEBUG
- "dc",
- "RFC 2247 Domain Component",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x19", 10 }
- },
- {
-#ifdef DEBUG
- "attributeSyntax",
- "RFC 1274 Attribute Syntax",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x03", 9 }
- },
- {
-#ifdef DEBUG
- "iA5StringSyntax",
- "RFC 1274 IA5 String Attribute Syntax",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x03\x04", 10 }
- },
- {
-#ifdef DEBUG
- "caseIgnoreIA5StringSyntax",
- "RFC 1274 Case-Ignore IA5 String Attribute Syntax",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x03\x05", 10 }
- },
- {
-#ifdef DEBUG
- "objectClass",
- "RFC 1274 Object Class",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x04", 9 }
- },
- {
-#ifdef DEBUG
- "groups",
- "RFC 1274 Groups",
-#endif /* DEBUG */
- { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x0a", 9 }
- },
- {
-#ifdef DEBUG
- "ucl",
- "RFC 1327 ucl",
-#endif /* DEBUG */
- { "\x09\x92\x26\x86\xe8\xc4\xb5\xbe\x7f", 9 }
- },
- {
-#ifdef DEBUG
- "iso",
- "ISO",
-#endif /* DEBUG */
- { "\x80\x01", 2 }
- },
- {
-#ifdef DEBUG
- "standard",
- "ISO Standard",
-#endif /* DEBUG */
- { "\x28", 1 }
- },
- {
-#ifdef DEBUG
- "registration-authority",
- "ISO Registration Authority",
-#endif /* DEBUG */
- { "\x29", 1 }
- },
- {
-#ifdef DEBUG
- "member-body",
- "ISO Member Body",
-#endif /* DEBUG */
- { "\x2a", 1 }
- },
- {
-#ifdef DEBUG
- "australia",
- "Australia (ISO)",
-#endif /* DEBUG */
- { "\x2a\x24", 2 }
- },
- {
-#ifdef DEBUG
- "taiwan",
- "Taiwan (ISO)",
-#endif /* DEBUG */
- { "\x2a\x81\x1e", 3 }
- },
- {
-#ifdef DEBUG
- "ireland",
- "Ireland (ISO)",
-#endif /* DEBUG */
- { "\x2a\x82\x74", 3 }
- },
- {
-#ifdef DEBUG
- "norway",
- "Norway (ISO)",
-#endif /* DEBUG */
- { "\x2a\x84\x42", 3 }
- },
- {
-#ifdef DEBUG
- "sweden",
- "Sweden (ISO)",
-#endif /* DEBUG */
- { "\x2a\x85\x70", 3 }
- },
- {
-#ifdef DEBUG
- "great-britain",
- "Great Britain (ISO)",
-#endif /* DEBUG */
- { "\x2a\x86\x3a", 3 }
- },
- {
-#ifdef DEBUG
- "us",
- "United States (ISO)",
-#endif /* DEBUG */
- { "\x2a\x86\x48", 3 }
- },
- {
-#ifdef DEBUG
- "organization",
- "US (ISO) organization",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x01", 4 }
- },
- {
-#ifdef DEBUG
- "ansi-z30-50",
- "ANSI Z39.50",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x13", 5 }
- },
- {
-#ifdef DEBUG
- "dicom",
- "DICOM",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x18", 5 }
- },
- {
-#ifdef DEBUG
- "ieee-1224",
- "IEEE 1224",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x21", 5 }
- },
- {
-#ifdef DEBUG
- "ieee-802-10",
- "IEEE 802.10",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x26", 5 }
- },
- {
-#ifdef DEBUG
- "ieee-802-11",
- "IEEE 802.11",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x34", 5 }
- },
- {
-#ifdef DEBUG
- "x9-57",
- "ANSI X9.57",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38", 5 }
- },
- {
-#ifdef DEBUG
- "holdInstruction",
- "ANSI X9.57 Hold Instruction",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x02", 6 }
- },
- {
-#ifdef DEBUG
- "id-holdinstruction-none",
- "ANSI X9.57 Hold Instruction: None",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x02\x01", 7 }
- },
- {
-#ifdef DEBUG
- "id-holdinstruction-callissuer",
- "ANSI X9.57 Hold Instruction: Call Issuer",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x02\x02", 7 }
- },
- {
-#ifdef DEBUG
- "id-holdinstruction-reject",
- "ANSI X9.57 Hold Instruction: Reject",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x02\x03", 7 }
- },
- {
-#ifdef DEBUG
- "x9algorithm",
- "ANSI X9.57 Algorithm",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x04", 6 }
- },
- {
-#ifdef DEBUG
- "id-dsa",
- "ANSI X9.57 DSA Signature",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x04\x01", 7 }
- },
- {
-#ifdef DEBUG
- "id-dsa-with-sha1",
- "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x38\x04\x03", 7 }
- },
- {
-#ifdef DEBUG
- "x942",
- "ANSI X9.42",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x3e", 5 }
- },
- {
-#ifdef DEBUG
- "algorithm",
- "ANSI X9.42 Algorithm",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x3e\x02", 6 }
- },
- {
-#ifdef DEBUG
- "dhpublicnumber",
- "Diffie-Hellman Public Key Algorithm",
-#endif /* DEBUG */
- { "\x2a\x86\x48\xce\x3e\x02\x01", 7 }
- },
- {
-#ifdef DEBUG
- "entrust",
- "Entrust Technologies",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf6\x7d", 6 }
- },
- {
-#ifdef DEBUG
- "rsadsi",
- "RSA Data Security Inc.",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d", 6 }
- },
- {
-#ifdef DEBUG
- "pkcs",
- "PKCS",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01", 7 }
- },
- {
-#ifdef DEBUG
- "pkcs-1",
- "PKCS #1",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x01", 8 }
- },
- {
-#ifdef DEBUG
- "rsaEncryption",
- "PKCS #1 RSA Encryption",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01", 9 }
- },
- {
-#ifdef DEBUG
- "md2WithRSAEncryption",
- "PKCS #1 MD2 With RSA Encryption",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x02", 9 }
- },
- {
-#ifdef DEBUG
- "md4WithRSAEncryption",
- "PKCS #1 MD4 With RSA Encryption",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x03", 9 }
- },
- {
-#ifdef DEBUG
- "md5WithRSAEncryption",
- "PKCS #1 MD5 With RSA Encryption",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x04", 9 }
- },
- {
-#ifdef DEBUG
- "sha1WithRSAEncryption",
- "PKCS #1 SHA-1 With RSA Encryption",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05", 9 }
- },
- {
-#ifdef DEBUG
- "pkcs-5",
- "PKCS #5",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x05", 8 }
- },
- {
-#ifdef DEBUG
- "pbeWithMD2AndDES-CBC",
- "PKCS #5 Password Based Encryption With MD2 and DES-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x01", 9 }
- },
- {
-#ifdef DEBUG
- "pbeWithMD5AndDES-CBC",
- "PKCS #5 Password Based Encryption With MD5 and DES-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03", 9 }
- },
- {
-#ifdef DEBUG
- "pbeWithSha1AndDES-CBC",
- "PKCS #5 Password Based Encryption With SHA-1 and DES-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0a", 9 }
- },
- {
-#ifdef DEBUG
- "pkcs-7",
- "PKCS #7",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07", 8 }
- },
- {
-#ifdef DEBUG
- "data",
- "PKCS #7 Data",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x01", 9 }
- },
- {
-#ifdef DEBUG
- "signedData",
- "PKCS #7 Signed Data",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x02", 9 }
- },
- {
-#ifdef DEBUG
- "envelopedData",
- "PKCS #7 Enveloped Data",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x03", 9 }
- },
- {
-#ifdef DEBUG
- "signedAndEnvelopedData",
- "PKCS #7 Signed and Enveloped Data",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x04", 9 }
- },
- {
-#ifdef DEBUG
- "digestedData",
- "PKCS #7 Digested Data",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x05", 9 }
- },
- {
-#ifdef DEBUG
- "encryptedData",
- "PKCS #7 Encrypted Data",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x06", 9 }
- },
- {
-#ifdef DEBUG
- "pkcs-9",
- "PKCS #9",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09", 8 }
- },
- {
-#ifdef DEBUG
- "emailAddress",
- "PKCS #9 Email Address",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x01", 9 }
- },
- {
-#ifdef DEBUG
- "unstructuredName",
- "PKCS #9 Unstructured Name",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x02", 9 }
- },
- {
-#ifdef DEBUG
- "contentType",
- "PKCS #9 Content Type",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x03", 9 }
- },
- {
-#ifdef DEBUG
- "messageDigest",
- "PKCS #9 Message Digest",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x04", 9 }
- },
- {
-#ifdef DEBUG
- "signingTime",
- "PKCS #9 Signing Time",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x05", 9 }
- },
- {
-#ifdef DEBUG
- "counterSignature",
- "PKCS #9 Counter Signature",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x06", 9 }
- },
- {
-#ifdef DEBUG
- "challengePassword",
- "PKCS #9 Challenge Password",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x07", 9 }
- },
- {
-#ifdef DEBUG
- "unstructuredAddress",
- "PKCS #9 Unstructured Address",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x08", 9 }
- },
- {
-#ifdef DEBUG
- "extendedCertificateAttributes",
- "PKCS #9 Extended Certificate Attributes",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x09", 9 }
- },
- {
-#ifdef DEBUG
- "sMIMECapabilities",
- "PKCS #9 S/MIME Capabilities",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x0f", 9 }
- },
- {
-#ifdef DEBUG
- "friendlyName",
- "PKCS #9 Friendly Name",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x14", 9 }
- },
- {
-#ifdef DEBUG
- "localKeyID",
- "PKCS #9 Local Key ID",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x15", 9 }
- },
- {
-#ifdef DEBUG
- "certTypes",
- "PKCS #9 Certificate Types",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x16", 9 }
- },
- {
-#ifdef DEBUG
- "x509Certificate",
- "PKCS #9 Certificate Type = X.509",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x16\x01", 10 }
- },
- {
-#ifdef DEBUG
- "sdsiCertificate",
- "PKCS #9 Certificate Type = SDSI",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x16\x02", 10 }
- },
- {
-#ifdef DEBUG
- "crlTypes",
- "PKCS #9 Certificate Revocation List Types",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x17", 9 }
- },
- {
-#ifdef DEBUG
- "x509Crl",
- "PKCS #9 CRL Type = X.509",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x17\x01", 10 }
- },
- {
-#ifdef DEBUG
- "pkcs-12",
- "PKCS #12",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c", 8 }
- },
- {
-#ifdef DEBUG
- "pkcs-12PbeIds",
- "PKCS #12 Password Based Encryption IDs",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01", 9 }
- },
- {
-#ifdef DEBUG
- "pbeWithSHA1And128BitRC4",
- "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x01", 10 }
- },
- {
-#ifdef DEBUG
- "pbeWithSHA1And40BitRC4",
- "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x02", 10 }
- },
- {
-#ifdef DEBUG
- "pbeWithSHA1And3-KeyTripleDES-CBC",
- "PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x03", 10 }
- },
- {
-#ifdef DEBUG
- "pbeWithSHA1And2-KeyTripleDES-CBC",
- "PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x04", 10 }
- },
- {
-#ifdef DEBUG
- "pbeWithSHA1And128BitRC2-CBC",
- "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x05", 10 }
- },
- {
-#ifdef DEBUG
- "pbeWithSHA1And40BitRC2-CBC",
- "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x06", 10 }
- },
- {
-#ifdef DEBUG
- "pkcs-12EspvkIds",
- "PKCS #12 ESPVK IDs",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x02", 9 }
- },
- {
-#ifdef DEBUG
- "pkcs8-key-shrouding",
- "PKCS #12 Key Shrouding",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x02\x01", 10 }
- },
- {
-#ifdef DEBUG
- "draft1Pkcs-12Bag-ids",
- "Draft 1.0 PKCS #12 Bag IDs",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03", 9 }
- },
- {
-#ifdef DEBUG
- "keyBag",
- "Draft 1.0 PKCS #12 Key Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x01", 10 }
- },
- {
-#ifdef DEBUG
- "certAndCRLBagId",
- "Draft 1.0 PKCS #12 Cert and CRL Bag ID",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x02", 10 }
- },
- {
-#ifdef DEBUG
- "secretBagId",
- "Draft 1.0 PKCS #12 Secret Bag ID",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x03", 10 }
- },
- {
-#ifdef DEBUG
- "safeContentsId",
- "Draft 1.0 PKCS #12 Safe Contents Bag ID",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x04", 10 }
- },
- {
-#ifdef DEBUG
- "pkcs-8ShroudedKeyBagId",
- "Draft 1.0 PKCS #12 PKCS #8-shrouded Key Bag ID",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x05", 10 }
- },
- {
-#ifdef DEBUG
- "pkcs-12CertBagIds",
- "PKCS #12 Certificate Bag IDs",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x04", 9 }
- },
- {
-#ifdef DEBUG
- "x509CertCRLBagId",
- "PKCS #12 X.509 Certificate and CRL Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x04\x01", 10 }
- },
- {
-#ifdef DEBUG
- "SDSICertBagID",
- "PKCS #12 SDSI Certificate Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x04\x02", 10 }
- },
- {
-#ifdef DEBUG
- "pkcs-12Oids",
- "PKCS #12 OIDs (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05", 9 }
- },
- {
-#ifdef DEBUG
- "pkcs-12PbeIds",
- "PKCS #12 OIDs PBE IDs (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01", 10 }
- },
- {
-#ifdef DEBUG
- "pbeWithSha1And128BitRC4",
- "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC4 (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x01", 11 }
- },
- {
-#ifdef DEBUG
- "pbeWithSha1And40BitRC4",
- "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC4 (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x02", 11 }
- },
- {
-#ifdef DEBUG
- "pbeWithSha1AndTripleDES-CBC",
- "PKCS #12 OIDs PBE with SHA-1 and Triple DES-CBC (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x03", 11 }
- },
- {
-#ifdef DEBUG
- "pbeWithSha1And128BitRC2-CBC",
- "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC2-CBC (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x04", 11 }
- },
- {
-#ifdef DEBUG
- "pbeWithSha1And40BitRC2-CBC",
- "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC2-CBC (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x05", 11 }
- },
- {
-#ifdef DEBUG
- "pkcs-12EnvelopingIds",
- "PKCS #12 OIDs Enveloping IDs (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02", 10 }
- },
- {
-#ifdef DEBUG
- "rsaEncryptionWith128BitRC4",
- "PKCS #12 OIDs Enveloping RSA Encryption with 128-bit RC4",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02\x01", 11 }
- },
- {
-#ifdef DEBUG
- "rsaEncryptionWith40BitRC4",
- "PKCS #12 OIDs Enveloping RSA Encryption with 40-bit RC4",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02\x02", 11 }
- },
- {
-#ifdef DEBUG
- "rsaEncryptionWithTripleDES",
- "PKCS #12 OIDs Enveloping RSA Encryption with Triple DES",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02\x03", 11 }
- },
- {
-#ifdef DEBUG
- "pkcs-12SignatureIds",
- "PKCS #12 OIDs Signature IDs (XXX)",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x03", 10 }
- },
- {
-#ifdef DEBUG
- "rsaSignatureWithSHA1Digest",
- "PKCS #12 OIDs RSA Signature with SHA-1 Digest",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x03\x01", 11 }
- },
- {
-#ifdef DEBUG
- "pkcs-12Version1",
- "PKCS #12 Version 1",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a", 9 }
- },
- {
-#ifdef DEBUG
- "pkcs-12BagIds",
- "PKCS #12 Bag IDs",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01", 10 }
- },
- {
-#ifdef DEBUG
- "keyBag",
- "PKCS #12 Key Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x01", 11 }
- },
- {
-#ifdef DEBUG
- "pkcs-8ShroudedKeyBag",
- "PKCS #12 PKCS #8-shrouded Key Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x02", 11 }
- },
- {
-#ifdef DEBUG
- "certBag",
- "PKCS #12 Certificate Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x03", 11 }
- },
- {
-#ifdef DEBUG
- "crlBag",
- "PKCS #12 CRL Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x04", 11 }
- },
- {
-#ifdef DEBUG
- "secretBag",
- "PKCS #12 Secret Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x05", 11 }
- },
- {
-#ifdef DEBUG
- "safeContentsBag",
- "PKCS #12 Safe Contents Bag",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x06", 11 }
- },
- {
-#ifdef DEBUG
- "digest",
- "RSA digest algorithm",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x02", 7 }
- },
- {
-#ifdef DEBUG
- "md2",
- "MD2",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x02\x02", 8 }
- },
- {
-#ifdef DEBUG
- "md4",
- "MD4",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x02\x04", 8 }
- },
- {
-#ifdef DEBUG
- "md5",
- "MD5",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x02\x05", 8 }
- },
- {
-#ifdef DEBUG
- "cipher",
- "RSA cipher algorithm",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x03", 7 }
- },
- {
-#ifdef DEBUG
- "rc2cbc",
- "RC2-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x03\x02", 8 }
- },
- {
-#ifdef DEBUG
- "rc4",
- "RC4",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x03\x04", 8 }
- },
- {
-#ifdef DEBUG
- "desede3cbc",
- "DES-EDE3-CBC",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x03\x07", 8 }
- },
- {
-#ifdef DEBUG
- "rc5cbcpad",
- "RC5-CBCPad",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x0d\x03\x09", 8 }
- },
- {
-#ifdef DEBUG
- "microsoft",
- "Microsoft",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x14", 6 }
- },
- {
-#ifdef DEBUG
- "columbia-university",
- "Columbia University",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x18", 6 }
- },
- {
-#ifdef DEBUG
- "unisys",
- "Unisys",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x24", 6 }
- },
- {
-#ifdef DEBUG
- "xapia",
- "XAPIA",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf7\x7a", 6 }
- },
- {
-#ifdef DEBUG
- "wordperfect",
- "WordPerfect",
-#endif /* DEBUG */
- { "\x2a\x86\x48\x86\xf8\x23", 6 }
- },
- {
-#ifdef DEBUG
- "identified-organization",
- "ISO identified organizations",
-#endif /* DEBUG */
- { "\x2b", 1 }
- },
- {
-#ifdef DEBUG
- "us-dod",
- "United States Department of Defense",
-#endif /* DEBUG */
- { "\x2b\x06", 2 }
- },
- {
-#ifdef DEBUG
- "internet",
- "The Internet",
-#endif /* DEBUG */
- { "\x2b\x06\x01", 3 }
- },
- {
-#ifdef DEBUG
- "directory",
- "Internet: Directory",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x01", 4 }
- },
- {
-#ifdef DEBUG
- "management",
- "Internet: Management",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x02", 4 }
- },
- {
-#ifdef DEBUG
- "experimental",
- "Internet: Experimental",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x03", 4 }
- },
- {
-#ifdef DEBUG
- "private",
- "Internet: Private",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x04", 4 }
- },
- {
-#ifdef DEBUG
- "security",
- "Internet: Security",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05", 4 }
- },
- {
-#ifdef DEBUG
- "",
- "",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05", 5 }
- },
- {
-#ifdef DEBUG
- "id-pkix",
- "Public Key Infrastructure",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07", 6 }
- },
- {
-#ifdef DEBUG
- "PKIX1Explicit88",
- "RFC 2459 Explicitly Tagged Module, 1988 Syntax",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x00\x01", 8 }
- },
- {
-#ifdef DEBUG
- "PKIXImplicit88",
- "RFC 2459 Implicitly Tagged Module, 1988 Syntax",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x00\x02", 8 }
- },
- {
-#ifdef DEBUG
- "PKIXExplicit93",
- "RFC 2459 Explicitly Tagged Module, 1993 Syntax",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x00\x03", 8 }
- },
- {
-#ifdef DEBUG
- "id-pe",
- "PKIX Private Certificate Extensions",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x01", 7 }
- },
- {
-#ifdef DEBUG
- "id-pe-authorityInfoAccess",
- "Certificate Authority Information Access",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x01\x01", 8 }
- },
- {
-#ifdef DEBUG
- "id-qt",
- "PKIX Policy Qualifier Types",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x02", 7 }
- },
- {
-#ifdef DEBUG
- "id-qt-cps",
- "PKIX CPS Pointer Qualifier",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x02\x01", 8 }
- },
- {
-#ifdef DEBUG
- "id-qt-unotice",
- "PKIX User Notice Qualifier",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x02\x02", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp",
- "PKIX Key Purpose",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03", 7 }
- },
- {
-#ifdef DEBUG
- "id-kp-serverAuth",
- "TLS Web Server Authentication Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x01", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-clientAuth",
- "TLS Web Client Authentication Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x02", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-codeSigning",
- "Code Signing Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x03", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-emailProtection",
- "E-Mail Protection Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x04", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-ipsecEndSystem",
- "IPSEC End System Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x05", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-ipsecTunnel",
- "IPSEC Tunnel Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x06", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-ipsecUser",
- "IPSEC User Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x07", 8 }
- },
- {
-#ifdef DEBUG
- "id-kp-timeStamping",
- "Time Stamping Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x08", 8 }
- },
- {
-#ifdef DEBUG
- "ocsp-responder",
- "OCSP Responder Certificate",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x03\x09", 8 }
- },
- {
-#ifdef DEBUG
- "pkix-id-pkix",
- "",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07", 7 }
- },
- {
-#ifdef DEBUG
- "pkix-id-pkip",
- "",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05", 8 }
- },
- {
-#ifdef DEBUG
- "pkix-id-regctrl",
- "CRMF Registration Control",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01", 9 }
- },
- {
-#ifdef DEBUG
- "regtoken",
- "CRMF Registration Control, Registration Token",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x01", 10 }
- },
- {
-#ifdef DEBUG
- "authenticator",
- "CRMF Registration Control, Registration Authenticator",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x02", 10 }
- },
- {
-#ifdef DEBUG
- "pkipubinfo",
- "CRMF Registration Control, PKI Publication Info",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x03", 10 }
- },
- {
-#ifdef DEBUG
- "pki-arch-options",
- "CRMF Registration Control, PKI Archive Options",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x04", 10 }
- },
- {
-#ifdef DEBUG
- "old-cert-id",
- "CRMF Registration Control, Old Certificate ID",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x05", 10 }
- },
- {
-#ifdef DEBUG
- "protocol-encryption-key",
- "CRMF Registration Control, Protocol Encryption Key",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x06", 10 }
- },
- {
-#ifdef DEBUG
- "pkix-id-reginfo",
- "CRMF Registration Info",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x02", 9 }
- },
- {
-#ifdef DEBUG
- "utf8-pairs",
- "CRMF Registration Info, UTF8 Pairs",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x02\x01", 10 }
- },
- {
-#ifdef DEBUG
- "cert-request",
- "CRMF Registration Info, Certificate Request",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x07\x05\x02\x02", 10 }
- },
- {
-#ifdef DEBUG
- "id-ad",
- "PKIX Access Descriptors",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30", 7 }
- },
- {
-#ifdef DEBUG
- "id-ad-ocsp",
- "PKIX Online Certificate Status Protocol",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01", 8 }
- },
- {
-#ifdef DEBUG
- "basic-response",
- "OCSP Basic Response",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x01", 9 }
- },
- {
-#ifdef DEBUG
- "nonce-extension",
- "OCSP Nonce Extension",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x02", 9 }
- },
- {
-#ifdef DEBUG
- "response",
- "OCSP Response Types Extension",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x03", 9 }
- },
- {
-#ifdef DEBUG
- "crl",
- "OCSP CRL Reference Extension",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x04", 9 }
- },
- {
-#ifdef DEBUG
- "no-check",
- "OCSP No Check Extension",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x05", 9 }
- },
- {
-#ifdef DEBUG
- "archive-cutoff",
- "OCSP Archive Cutoff Extension",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x06", 9 }
- },
- {
-#ifdef DEBUG
- "service-locator",
- "OCSP Service Locator Extension",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x01\x07", 9 }
- },
- {
-#ifdef DEBUG
- "id-ad-caIssuers",
- "Certificate Authority Issuers",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x05\x05\x07\x30\x02", 8 }
- },
- {
-#ifdef DEBUG
- "snmpv2",
- "Internet: SNMPv2",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x06", 4 }
- },
- {
-#ifdef DEBUG
- "mail",
- "Internet: mail",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x07", 4 }
- },
- {
-#ifdef DEBUG
- "mime-mhs",
- "Internet: mail MIME mhs",
-#endif /* DEBUG */
- { "\x2b\x06\x01\x07\x01", 5 }
- },
- {
-#ifdef DEBUG
- "ecma",
- "European Computers Manufacturing Association",
-#endif /* DEBUG */
- { "\x2b\x0c", 2 }
- },
- {
-#ifdef DEBUG
- "oiw",
- "Open Systems Implementors Workshop",
-#endif /* DEBUG */
- { "\x2b\x0e", 2 }
- },
- {
-#ifdef DEBUG
- "secsig",
- "Open Systems Implementors Workshop Security Special Interest Group",
-#endif /* DEBUG */
- { "\x2b\x0e\x03", 3 }
- },
- {
-#ifdef DEBUG
- "oIWSECSIGAlgorithmObjectIdentifiers",
- "OIW SECSIG Algorithm OIDs",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x01", 4 }
- },
- {
-#ifdef DEBUG
- "algorithm",
- "OIW SECSIG Algorithm",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02", 4 }
- },
- {
-#ifdef DEBUG
- "desecb",
- "DES-ECB",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x06", 5 }
- },
- {
-#ifdef DEBUG
- "descbc",
- "DES-CBC",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x07", 5 }
- },
- {
-#ifdef DEBUG
- "desofb",
- "DES-OFB",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x08", 5 }
- },
- {
-#ifdef DEBUG
- "descfb",
- "DES-CFB",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x09", 5 }
- },
- {
-#ifdef DEBUG
- "desmac",
- "DES-MAC",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x0a", 5 }
- },
- {
-#ifdef DEBUG
- "isoSHAWithRSASignature",
- "ISO SHA with RSA Signature",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x0f", 5 }
- },
- {
-#ifdef DEBUG
- "desede",
- "DES-EDE",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x11", 5 }
- },
- {
-#ifdef DEBUG
- "sha1",
- "SHA-1",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x1a", 5 }
- },
- {
-#ifdef DEBUG
- "bogusDSASignatureWithSHA1Digest",
- "Forgezza DSA Signature with SHA-1 Digest",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x02\x1b", 5 }
- },
- {
-#ifdef DEBUG
- "authentication-mechanism",
- "OIW SECSIG Authentication Mechanisms",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x03", 4 }
- },
- {
-#ifdef DEBUG
- "security-attribute",
- "OIW SECSIG Security Attributes",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x04", 4 }
- },
- {
-#ifdef DEBUG
- "document-definition",
- "OIW SECSIG Document Definitions used in security",
-#endif /* DEBUG */
- { "\x2b\x0e\x03\x05", 4 }
- },
- {
-#ifdef DEBUG
- "directory-services-sig",
- "OIW directory services sig",
-#endif /* DEBUG */
- { "\x2b\x0e\x07", 3 }
- },
- {
-#ifdef DEBUG
- "ewos",
- "European Workshop on Open Systems",
-#endif /* DEBUG */
- { "\x2b\x10", 2 }
- },
- {
-#ifdef DEBUG
- "osf",
- "Open Software Foundation",
-#endif /* DEBUG */
- { "\x2b\x16", 2 }
- },
- {
-#ifdef DEBUG
- "nordunet",
- "Nordunet",
-#endif /* DEBUG */
- { "\x2b\x17", 2 }
- },
- {
-#ifdef DEBUG
- "nato-id-org",
- "NATO identified organisation",
-#endif /* DEBUG */
- { "\x2b\x1a", 2 }
- },
- {
-#ifdef DEBUG
- "teletrust",
- "Teletrust",
-#endif /* DEBUG */
- { "\x2b\x24", 2 }
- },
- {
-#ifdef DEBUG
- "smpte",
- "Society of Motion Picture and Television Engineers",
-#endif /* DEBUG */
- { "\x2b\x34", 2 }
- },
- {
-#ifdef DEBUG
- "sita",
- "Societe Internationale de Telecommunications Aeronautiques",
-#endif /* DEBUG */
- { "\x2b\x45", 2 }
- },
- {
-#ifdef DEBUG
- "iana",
- "Internet Assigned Numbers Authority",
-#endif /* DEBUG */
- { "\x2b\x5a", 2 }
- },
- {
-#ifdef DEBUG
- "thawte",
- "Thawte",
-#endif /* DEBUG */
- { "\x2b\x65", 2 }
- },
- {
-#ifdef DEBUG
- "joint-iso-ccitt",
- "Joint ISO/ITU-T assignment",
-#endif /* DEBUG */
- { "\x80\x02", 2 }
- },
- {
-#ifdef DEBUG
- "presentation",
- "Joint ISO/ITU-T Presentation",
-#endif /* DEBUG */
- { "\x50", 1 }
- },
- {
-#ifdef DEBUG
- "asn-1",
- "Abstract Syntax Notation One",
-#endif /* DEBUG */
- { "\x51", 1 }
- },
- {
-#ifdef DEBUG
- "acse",
- "Association Control",
-#endif /* DEBUG */
- { "\x52", 1 }
- },
- {
-#ifdef DEBUG
- "rtse",
- "Reliable Transfer",
-#endif /* DEBUG */
- { "\x53", 1 }
- },
- {
-#ifdef DEBUG
- "rose",
- "Remote Operations",
-#endif /* DEBUG */
- { "\x54", 1 }
- },
- {
-#ifdef DEBUG
- "x500",
- "Directory",
-#endif /* DEBUG */
- { "\x55", 1 }
- },
- {
-#ifdef DEBUG
- "modules",
- "X.500 modules",
-#endif /* DEBUG */
- { "\x55\x01", 2 }
- },
- {
-#ifdef DEBUG
- "service-environment",
- "X.500 service environment",
-#endif /* DEBUG */
- { "\x55\x02", 2 }
- },
- {
-#ifdef DEBUG
- "application-context",
- "X.500 application context",
-#endif /* DEBUG */
- { "\x55\x03", 2 }
- },
- {
-#ifdef DEBUG
- "id-at",
- "X.520 attribute types",
-#endif /* DEBUG */
- { "\x55\x04", 2 }
- },
- {
-#ifdef DEBUG
- "id-at-commonName",
- "X.520 Common Name",
-#endif /* DEBUG */
- { "\x55\x04\x03", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-surname",
- "X.520 Surname",
-#endif /* DEBUG */
- { "\x55\x04\x04", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-countryName",
- "X.520 Country Name",
-#endif /* DEBUG */
- { "\x55\x04\x06", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-localityName",
- "X.520 Locality Name",
-#endif /* DEBUG */
- { "\x55\x04\x07", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-stateOrProvinceName",
- "X.520 State or Province Name",
-#endif /* DEBUG */
- { "\x55\x04\x08", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-organizationName",
- "X.520 Organization Name",
-#endif /* DEBUG */
- { "\x55\x04\x0a", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-organizationalUnitName",
- "X.520 Organizational Unit Name",
-#endif /* DEBUG */
- { "\x55\x04\x0b", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-title",
- "X.520 Title",
-#endif /* DEBUG */
- { "\x55\x04\x0c", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-name",
- "X.520 Name",
-#endif /* DEBUG */
- { "\x55\x04\x29", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-givenName",
- "X.520 Given Name",
-#endif /* DEBUG */
- { "\x55\x04\x2a", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-initials",
- "X.520 Initials",
-#endif /* DEBUG */
- { "\x55\x04\x2b", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-generationQualifier",
- "X.520 Generation Qualifier",
-#endif /* DEBUG */
- { "\x55\x04\x2c", 3 }
- },
- {
-#ifdef DEBUG
- "id-at-dnQualifier",
- "X.520 DN Qualifier",
-#endif /* DEBUG */
- { "\x55\x04\x2e", 3 }
- },
- {
-#ifdef DEBUG
- "attribute-syntax",
- "X.500 attribute syntaxes",
-#endif /* DEBUG */
- { "\x55\x05", 2 }
- },
- {
-#ifdef DEBUG
- "object-classes",
- "X.500 standard object classes",
-#endif /* DEBUG */
- { "\x55\x06", 2 }
- },
- {
-#ifdef DEBUG
- "attribute-set",
- "X.500 attribute sets",
-#endif /* DEBUG */
- { "\x55\x07", 2 }
- },
- {
-#ifdef DEBUG
- "algorithms",
- "X.500-defined algorithms",
-#endif /* DEBUG */
- { "\x55\x08", 2 }
- },
- {
-#ifdef DEBUG
- "encryption",
- "X.500-defined encryption algorithms",
-#endif /* DEBUG */
- { "\x55\x08\x01", 3 }
- },
- {
-#ifdef DEBUG
- "rsa",
- "RSA Encryption Algorithm",
-#endif /* DEBUG */
- { "\x55\x08\x01\x01", 4 }
- },
- {
-#ifdef DEBUG
- "abstract-syntax",
- "X.500 abstract syntaxes",
-#endif /* DEBUG */
- { "\x55\x09", 2 }
- },
- {
-#ifdef DEBUG
- "operational-attribute",
- "DSA Operational Attributes",
-#endif /* DEBUG */
- { "\x55\x0c", 2 }
- },
- {
-#ifdef DEBUG
- "matching-rule",
- "Matching Rule",
-#endif /* DEBUG */
- { "\x55\x0d", 2 }
- },
- {
-#ifdef DEBUG
- "knowledge-matching-rule",
- "X.500 knowledge Matching Rules",
-#endif /* DEBUG */
- { "\x55\x0e", 2 }
- },
- {
-#ifdef DEBUG
- "name-form",
- "X.500 name forms",
-#endif /* DEBUG */
- { "\x55\x0f", 2 }
- },
- {
-#ifdef DEBUG
- "group",
- "X.500 groups",
-#endif /* DEBUG */
- { "\x55\x10", 2 }
- },
- {
-#ifdef DEBUG
- "subentry",
- "X.500 subentry",
-#endif /* DEBUG */
- { "\x55\x11", 2 }
- },
- {
-#ifdef DEBUG
- "operational-attribute-type",
- "X.500 operational attribute type",
-#endif /* DEBUG */
- { "\x55\x12", 2 }
- },
- {
-#ifdef DEBUG
- "operational-binding",
- "X.500 operational binding",
-#endif /* DEBUG */
- { "\x55\x13", 2 }
- },
- {
-#ifdef DEBUG
- "schema-object-class",
- "X.500 schema Object class",
-#endif /* DEBUG */
- { "\x55\x14", 2 }
- },
- {
-#ifdef DEBUG
- "schema-operational-attribute",
- "X.500 schema operational attributes",
-#endif /* DEBUG */
- { "\x55\x15", 2 }
- },
- {
-#ifdef DEBUG
- "administrative-role",
- "X.500 administrative roles",
-#endif /* DEBUG */
- { "\x55\x17", 2 }
- },
- {
-#ifdef DEBUG
- "access-control-attribute",
- "X.500 access control attribute",
-#endif /* DEBUG */
- { "\x55\x18", 2 }
- },
- {
-#ifdef DEBUG
- "ros",
- "X.500 ros object",
-#endif /* DEBUG */
- { "\x55\x19", 2 }
- },
- {
-#ifdef DEBUG
- "contract",
- "X.500 contract",
-#endif /* DEBUG */
- { "\x55\x1a", 2 }
- },
- {
-#ifdef DEBUG
- "package",
- "X.500 package",
-#endif /* DEBUG */
- { "\x55\x1b", 2 }
- },
- {
-#ifdef DEBUG
- "access-control-schema",
- "X.500 access control schema",
-#endif /* DEBUG */
- { "\x55\x1c", 2 }
- },
- {
-#ifdef DEBUG
- "id-ce",
- "X.500 Certificate Extension",
-#endif /* DEBUG */
- { "\x55\x1d", 2 }
- },
- {
-#ifdef DEBUG
- "subject-directory-attributes",
- "Certificate Subject Directory Attributes",
-#endif /* DEBUG */
- { "\x55\x1d\x05", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-subjectDirectoryAttributes",
- "Certificate Subject Directory Attributes",
-#endif /* DEBUG */
- { "\x55\x1d\x09", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-subjectKeyIdentifier",
- "Certificate Subject Key ID",
-#endif /* DEBUG */
- { "\x55\x1d\x0e", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-keyUsage",
- "Certificate Key Usage",
-#endif /* DEBUG */
- { "\x55\x1d\x0f", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-privateKeyUsagePeriod",
- "Certificate Private Key Usage Period",
-#endif /* DEBUG */
- { "\x55\x1d\x10", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-subjectAltName",
- "Certificate Subject Alternate Name",
-#endif /* DEBUG */
- { "\x55\x1d\x11", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-issuerAltName",
- "Certificate Issuer Alternate Name",
-#endif /* DEBUG */
- { "\x55\x1d\x12", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-basicConstraints",
- "Certificate Basic Constraints",
-#endif /* DEBUG */
- { "\x55\x1d\x13", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-cRLNumber",
- "CRL Number",
-#endif /* DEBUG */
- { "\x55\x1d\x14", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-cRLReasons",
- "CRL Reason Code",
-#endif /* DEBUG */
- { "\x55\x1d\x15", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-holdInstructionCode",
- "Hold Instruction Code",
-#endif /* DEBUG */
- { "\x55\x1d\x17", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-invalidityDate",
- "Invalid Date",
-#endif /* DEBUG */
- { "\x55\x1d\x18", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-deltaCRLIndicator",
- "Delta CRL Indicator",
-#endif /* DEBUG */
- { "\x55\x1d\x1b", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-issuingDistributionPoint",
- "Issuing Distribution Point",
-#endif /* DEBUG */
- { "\x55\x1d\x1c", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-certificateIssuer",
- "Certificate Issuer",
-#endif /* DEBUG */
- { "\x55\x1d\x1d", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-nameConstraints",
- "Certificate Name Constraints",
-#endif /* DEBUG */
- { "\x55\x1d\x1e", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-cRLDistributionPoints",
- "CRL Distribution Points",
-#endif /* DEBUG */
- { "\x55\x1d\x1f", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-certificatePolicies",
- "Certificate Policies",
-#endif /* DEBUG */
- { "\x55\x1d\x20", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-policyMappings",
- "Certificate Policy Mappings",
-#endif /* DEBUG */
- { "\x55\x1d\x21", 3 }
- },
- {
-#ifdef DEBUG
- "policy-constraints",
- "Certificate Policy Constraints (old)",
-#endif /* DEBUG */
- { "\x55\x1d\x22", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-authorityKeyIdentifier",
- "Certificate Authority Key Identifier",
-#endif /* DEBUG */
- { "\x55\x1d\x23", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-policyConstraints",
- "Certificate Policy Constraints",
-#endif /* DEBUG */
- { "\x55\x1d\x24", 3 }
- },
- {
-#ifdef DEBUG
- "id-ce-extKeyUsage",
- "Extended Key Usage",
-#endif /* DEBUG */
- { "\x55\x1d\x25", 3 }
- },
- {
-#ifdef DEBUG
- "id-mgt",
- "X.500 Management Object",
-#endif /* DEBUG */
- { "\x55\x1e", 2 }
- },
- {
-#ifdef DEBUG
- "x400",
- "X.400 MHS",
-#endif /* DEBUG */
- { "\x56", 1 }
- },
- {
-#ifdef DEBUG
- "ccr",
- "Committment, Concurrency and Recovery",
-#endif /* DEBUG */
- { "\x57", 1 }
- },
- {
-#ifdef DEBUG
- "oda",
- "Office Document Architecture",
-#endif /* DEBUG */
- { "\x58", 1 }
- },
- {
-#ifdef DEBUG
- "osi-management",
- "OSI management",
-#endif /* DEBUG */
- { "\x59", 1 }
- },
- {
-#ifdef DEBUG
- "tp",
- "Transaction Processing",
-#endif /* DEBUG */
- { "\x5a", 1 }
- },
- {
-#ifdef DEBUG
- "dor",
- "Distinguished Object Reference",
-#endif /* DEBUG */
- { "\x5b", 1 }
- },
- {
-#ifdef DEBUG
- "rdt",
- "Referenced Data Transfer",
-#endif /* DEBUG */
- { "\x5c", 1 }
- },
- {
-#ifdef DEBUG
- "nlm",
- "Network Layer Management",
-#endif /* DEBUG */
- { "\x5d", 1 }
- },
- {
-#ifdef DEBUG
- "tlm",
- "Transport Layer Management",
-#endif /* DEBUG */
- { "\x5e", 1 }
- },
- {
-#ifdef DEBUG
- "llm",
- "Link Layer Management",
-#endif /* DEBUG */
- { "\x5f", 1 }
- },
- {
-#ifdef DEBUG
- "country",
- "Country Assignments",
-#endif /* DEBUG */
- { "\x60", 1 }
- },
- {
-#ifdef DEBUG
- "canada",
- "Canada",
-#endif /* DEBUG */
- { "\x60\x7c", 2 }
- },
- {
-#ifdef DEBUG
- "taiwan",
- "Taiwan",
-#endif /* DEBUG */
- { "\x60\x81\x1e", 3 }
- },
- {
-#ifdef DEBUG
- "norway",
- "Norway",
-#endif /* DEBUG */
- { "\x60\x84\x42", 3 }
- },
- {
-#ifdef DEBUG
- "switzerland",
- "Switzerland",
-#endif /* DEBUG */
- { "\x60\x85\x74", 3 }
- },
- {
-#ifdef DEBUG
- "us",
- "United States",
-#endif /* DEBUG */
- { "\x60\x86\x48", 3 }
- },
- {
-#ifdef DEBUG
- "us-company",
- "United States Company",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01", 4 }
- },
- {
-#ifdef DEBUG
- "us-government",
- "United States Government (1.101)",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65", 5 }
- },
- {
-#ifdef DEBUG
- "us-dod",
- "United States Department of Defense",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02", 6 }
- },
- {
-#ifdef DEBUG
- "id-infosec",
- "US DOD Infosec",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01", 7 }
- },
- {
-#ifdef DEBUG
- "id-modules",
- "US DOD Infosec modules",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x00", 8 }
- },
- {
-#ifdef DEBUG
- "id-algorithms",
- "US DOD Infosec algorithms (MISSI)",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01", 8 }
- },
- {
-#ifdef DEBUG
- "old-dss",
- "MISSI DSS Algorithm (Old)",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x02", 9 }
- },
- {
-#ifdef DEBUG
- "skipjack-cbc-64",
- "Skipjack CBC64",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x04", 9 }
- },
- {
-#ifdef DEBUG
- "kea",
- "MISSI KEA Algorithm",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x0a", 9 }
- },
- {
-#ifdef DEBUG
- "old-kea-dss",
- "MISSI KEA and DSS Algorithm (Old)",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x0c", 9 }
- },
- {
-#ifdef DEBUG
- "dss",
- "MISSI DSS Algorithm",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x13", 9 }
- },
- {
-#ifdef DEBUG
- "kea-dss",
- "MISSI KEA and DSS Algorithm",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x14", 9 }
- },
- {
-#ifdef DEBUG
- "alt-kea",
- "MISSI Alternate KEA Algorithm",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x01\x16", 9 }
- },
- {
-#ifdef DEBUG
- "id-formats",
- "US DOD Infosec formats",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x02", 8 }
- },
- {
-#ifdef DEBUG
- "id-policy",
- "US DOD Infosec policy",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x03", 8 }
- },
- {
-#ifdef DEBUG
- "id-object-classes",
- "US DOD Infosec object classes",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x04", 8 }
- },
- {
-#ifdef DEBUG
- "id-attributes",
- "US DOD Infosec attributes",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x05", 8 }
- },
- {
-#ifdef DEBUG
- "id-attribute-syntax",
- "US DOD Infosec attribute syntax",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x65\x02\x01\x06", 8 }
- },
- {
-#ifdef DEBUG
- "netscape",
- "Netscape Communications Corp.",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42", 7 }
- },
- {
-#ifdef DEBUG
- "cert-ext",
- "Netscape Cert Extensions",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01", 8 }
- },
- {
-#ifdef DEBUG
- "cert-type",
- "Certificate Type",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x01", 9 }
- },
- {
-#ifdef DEBUG
- "base-url",
- "Certificate Extension Base URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x02", 9 }
- },
- {
-#ifdef DEBUG
- "revocation-url",
- "Certificate Revocation URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x03", 9 }
- },
- {
-#ifdef DEBUG
- "ca-revocation-url",
- "Certificate Authority Revocation URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x04", 9 }
- },
- {
-#ifdef DEBUG
- "ca-crl-download-url",
- "Certificate Authority CRL Download URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x05", 9 }
- },
- {
-#ifdef DEBUG
- "ca-cert-url",
- "Certificate Authority Certificate Download URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x06", 9 }
- },
- {
-#ifdef DEBUG
- "renewal-url",
- "Certificate Renewal URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x07", 9 }
- },
- {
-#ifdef DEBUG
- "ca-policy-url",
- "Certificate Authority Policy URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x08", 9 }
- },
- {
-#ifdef DEBUG
- "homepage-url",
- "Certificate Homepage URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x09", 9 }
- },
- {
-#ifdef DEBUG
- "entity-logo",
- "Certificate Entity Logo",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0a", 9 }
- },
- {
-#ifdef DEBUG
- "user-picture",
- "Certificate User Picture",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0b", 9 }
- },
- {
-#ifdef DEBUG
- "ssl-server-name",
- "Certificate SSL Server Name",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0c", 9 }
- },
- {
-#ifdef DEBUG
- "comment",
- "Certificate Comment",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0d", 9 }
- },
- {
-#ifdef DEBUG
- "thayes",
- "",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0e", 9 }
- },
- {
-#ifdef DEBUG
- "data-type",
- "Netscape Data Types",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x02", 8 }
- },
- {
-#ifdef DEBUG
- "gif",
- "image/gif",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x02\x01", 9 }
- },
- {
-#ifdef DEBUG
- "jpeg",
- "image/jpeg",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x02\x02", 9 }
- },
- {
-#ifdef DEBUG
- "url",
- "URL",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x02\x03", 9 }
- },
- {
-#ifdef DEBUG
- "html",
- "text/html",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x02\x04", 9 }
- },
- {
-#ifdef DEBUG
- "cert-sequence",
- "Certificate Sequence",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x02\x05", 9 }
- },
- {
-#ifdef DEBUG
- "directory",
- "Netscape Directory",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x03", 8 }
- },
- {
-#ifdef DEBUG
- "policy",
- "Netscape Policy Type OIDs",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x04", 8 }
- },
- {
-#ifdef DEBUG
- "export-approved",
- "Strong Crypto Export Approved",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x04\x01", 9 }
- },
- {
-#ifdef DEBUG
- "cert-server",
- "Netscape Certificate Server",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x05", 8 }
- },
- {
-#ifdef DEBUG
- "",
- "",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x05\x01", 9 }
- },
- {
-#ifdef DEBUG
- "recovery-request",
- "Netscape Cert Server Recovery Request",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x05\x01\x01", 10 }
- },
- {
-#ifdef DEBUG
- "algs",
- "Netscape algorithm OIDs",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x06", 8 }
- },
- {
-#ifdef DEBUG
- "smime-kea",
- "Netscape S/MIME KEA",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x06\x01", 9 }
- },
- {
-#ifdef DEBUG
- "name-components",
- "Netscape Name Components",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x07", 8 }
- },
- {
-#ifdef DEBUG
- "nickname",
- "Netscape Nickname",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x42\x07\x01", 9 }
- },
- {
-#ifdef DEBUG
- "verisign",
- "Verisign",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x45", 7 }
- },
- {
-#ifdef DEBUG
- "",
- "",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x45\x01", 8 }
- },
- {
-#ifdef DEBUG
- "",
- "",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x45\x01\x07", 9 }
- },
- {
-#ifdef DEBUG
- "",
- "",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x45\x01\x07\x01", 10 }
- },
- {
-#ifdef DEBUG
- "verisign-user-notices",
- "Verisign User Notices",
-#endif /* DEBUG */
- { "\x60\x86\x48\x01\x86\xf8\x45\x01\x07\x01\x01", 11 }
- },
- {
-#ifdef DEBUG
- "us-government",
- "US Government (101)",
-#endif /* DEBUG */
- { "\x60\x86\x48\x65", 4 }
- },
- {
-#ifdef DEBUG
- "us-government2",
- "US Government (102)",
-#endif /* DEBUG */
- { "\x60\x86\x48\x66", 4 }
- },
- {
-#ifdef DEBUG
- "old-netscape",
- "Netscape Communications Corp. (Old)",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a", 5 }
- },
- {
-#ifdef DEBUG
- "ns-cert-ext",
- "Netscape Cert Extensions (Old NS)",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a\x01", 6 }
- },
- {
-#ifdef DEBUG
- "netscape-ok",
- "Netscape says this cert is ok (Old NS)",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a\x01\x01", 7 }
- },
- {
-#ifdef DEBUG
- "issuer-logo",
- "Certificate Issuer Logo (Old NS)",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a\x01\x02", 7 }
- },
- {
-#ifdef DEBUG
- "subject-logo",
- "Certificate Subject Logo (Old NS)",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a\x01\x03", 7 }
- },
- {
-#ifdef DEBUG
- "ns-file-type",
- "Netscape File Type",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a\x02", 6 }
- },
- {
-#ifdef DEBUG
- "ns-image-type",
- "Netscape Image Type",
-#endif /* DEBUG */
- { "\x60\x86\x48\xd8\x6a\x03", 6 }
- },
- {
-#ifdef DEBUG
- "registration-procedures",
- "Registration procedures",
-#endif /* DEBUG */
- { "\x61", 1 }
- },
- {
-#ifdef DEBUG
- "physical-layer-management",
- "Physical layer Management",
-#endif /* DEBUG */
- { "\x62", 1 }
- },
- {
-#ifdef DEBUG
- "mheg",
- "MHEG",
-#endif /* DEBUG */
- { "\x63", 1 }
- },
- {
-#ifdef DEBUG
- "guls",
- "Generic Upper Layer Security",
-#endif /* DEBUG */
- { "\x64", 1 }
- },
- {
-#ifdef DEBUG
- "tls",
- "Transport Layer Security Protocol",
-#endif /* DEBUG */
- { "\x65", 1 }
- },
- {
-#ifdef DEBUG
- "nls",
- "Network Layer Security Protocol",
-#endif /* DEBUG */
- { "\x66", 1 }
- },
- {
-#ifdef DEBUG
- "organization",
- "International organizations",
-#endif /* DEBUG */
- { "\x67", 1 }
- }
-};
-
-const PRUint32 nss_builtin_oid_count = 379;
-
-const NSSOID *NSS_OID_RFC1274_UID = (NSSOID *)&nss_builtin_oids[11];
-const NSSOID *NSS_OID_RFC1274_EMAIL = (NSSOID *)&nss_builtin_oids[12];
-const NSSOID *NSS_OID_RFC2247_DC = (NSSOID *)&nss_builtin_oids[13];
-const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE = (NSSOID *)&nss_builtin_oids[43];
-const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = (NSSOID *)&nss_builtin_oids[44];
-const NSSOID *NSS_OID_X942_DIFFIE_HELMAN_KEY = (NSSOID *)&nss_builtin_oids[47];
-const NSSOID *NSS_OID_PKCS1_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[52];
-const NSSOID *NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[53];
-const NSSOID *NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[54];
-const NSSOID *NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[55];
-const NSSOID *NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[56];
-const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = (NSSOID *)&nss_builtin_oids[58];
-const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = (NSSOID *)&nss_builtin_oids[59];
-const NSSOID *NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = (NSSOID *)&nss_builtin_oids[60];
-const NSSOID *NSS_OID_PKCS7 = (NSSOID *)&nss_builtin_oids[61];
-const NSSOID *NSS_OID_PKCS7_DATA = (NSSOID *)&nss_builtin_oids[62];
-const NSSOID *NSS_OID_PKCS7_SIGNED_DATA = (NSSOID *)&nss_builtin_oids[63];
-const NSSOID *NSS_OID_PKCS7_ENVELOPED_DATA = (NSSOID *)&nss_builtin_oids[64];
-const NSSOID *NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA = (NSSOID *)&nss_builtin_oids[65];
-const NSSOID *NSS_OID_PKCS7_DIGESTED_DATA = (NSSOID *)&nss_builtin_oids[66];
-const NSSOID *NSS_OID_PKCS7_ENCRYPTED_DATA = (NSSOID *)&nss_builtin_oids[67];
-const NSSOID *NSS_OID_PKCS9_EMAIL_ADDRESS = (NSSOID *)&nss_builtin_oids[69];
-const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_NAME = (NSSOID *)&nss_builtin_oids[70];
-const NSSOID *NSS_OID_PKCS9_CONTENT_TYPE = (NSSOID *)&nss_builtin_oids[71];
-const NSSOID *NSS_OID_PKCS9_MESSAGE_DIGEST = (NSSOID *)&nss_builtin_oids[72];
-const NSSOID *NSS_OID_PKCS9_SIGNING_TIME = (NSSOID *)&nss_builtin_oids[73];
-const NSSOID *NSS_OID_PKCS9_COUNTER_SIGNATURE = (NSSOID *)&nss_builtin_oids[74];
-const NSSOID *NSS_OID_PKCS9_CHALLENGE_PASSWORD = (NSSOID *)&nss_builtin_oids[75];
-const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS = (NSSOID *)&nss_builtin_oids[76];
-const NSSOID *NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = (NSSOID *)&nss_builtin_oids[77];
-const NSSOID *NSS_OID_PKCS9_SMIME_CAPABILITIES = (NSSOID *)&nss_builtin_oids[78];
-const NSSOID *NSS_OID_PKCS9_FRIENDLY_NAME = (NSSOID *)&nss_builtin_oids[79];
-const NSSOID *NSS_OID_PKCS9_LOCAL_KEY_ID = (NSSOID *)&nss_builtin_oids[80];
-const NSSOID *NSS_OID_PKCS9_X509_CERT = (NSSOID *)&nss_builtin_oids[82];
-const NSSOID *NSS_OID_PKCS9_SDSI_CERT = (NSSOID *)&nss_builtin_oids[83];
-const NSSOID *NSS_OID_PKCS9_X509_CRL = (NSSOID *)&nss_builtin_oids[85];
-const NSSOID *NSS_OID_PKCS12 = (NSSOID *)&nss_builtin_oids[86];
-const NSSOID *NSS_OID_PKCS12_PBE_IDS = (NSSOID *)&nss_builtin_oids[87];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = (NSSOID *)&nss_builtin_oids[88];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = (NSSOID *)&nss_builtin_oids[89];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC = (NSSOID *)&nss_builtin_oids[90];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC = (NSSOID *)&nss_builtin_oids[91];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = (NSSOID *)&nss_builtin_oids[92];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = (NSSOID *)&nss_builtin_oids[93];
-const NSSOID *NSS_OID_PKCS12_KEY_BAG = (NSSOID *)&nss_builtin_oids[120];
-const NSSOID *NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG = (NSSOID *)&nss_builtin_oids[121];
-const NSSOID *NSS_OID_PKCS12_CERT_BAG = (NSSOID *)&nss_builtin_oids[122];
-const NSSOID *NSS_OID_PKCS12_CRL_BAG = (NSSOID *)&nss_builtin_oids[123];
-const NSSOID *NSS_OID_PKCS12_SECRET_BAG = (NSSOID *)&nss_builtin_oids[124];
-const NSSOID *NSS_OID_PKCS12_SAFE_CONTENTS_BAG = (NSSOID *)&nss_builtin_oids[125];
-const NSSOID *NSS_OID_MD2 = (NSSOID *)&nss_builtin_oids[127];
-const NSSOID *NSS_OID_MD4 = (NSSOID *)&nss_builtin_oids[128];
-const NSSOID *NSS_OID_MD5 = (NSSOID *)&nss_builtin_oids[129];
-const NSSOID *NSS_OID_RC2_CBC = (NSSOID *)&nss_builtin_oids[131];
-const NSSOID *NSS_OID_RC4 = (NSSOID *)&nss_builtin_oids[132];
-const NSSOID *NSS_OID_DES_EDE3_CBC = (NSSOID *)&nss_builtin_oids[133];
-const NSSOID *NSS_OID_RC5_CBC_PAD = (NSSOID *)&nss_builtin_oids[134];
-const NSSOID *NSS_OID_X509_AUTH_INFO_ACCESS = (NSSOID *)&nss_builtin_oids[154];
-const NSSOID *NSS_OID_PKIX_CPS_POINTER_QUALIFIER = (NSSOID *)&nss_builtin_oids[156];
-const NSSOID *NSS_OID_PKIX_USER_NOTICE_QUALIFIER = (NSSOID *)&nss_builtin_oids[157];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_SERVER_AUTH = (NSSOID *)&nss_builtin_oids[159];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH = (NSSOID *)&nss_builtin_oids[160];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_CODE_SIGN = (NSSOID *)&nss_builtin_oids[161];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION = (NSSOID *)&nss_builtin_oids[162];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM = (NSSOID *)&nss_builtin_oids[163];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL = (NSSOID *)&nss_builtin_oids[164];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_USER = (NSSOID *)&nss_builtin_oids[165];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_TIME_STAMP = (NSSOID *)&nss_builtin_oids[166];
-const NSSOID *NSS_OID_OCSP_RESPONDER = (NSSOID *)&nss_builtin_oids[167];
-const NSSOID *NSS_OID_PKIX_REGCTRL_REGTOKEN = (NSSOID *)&nss_builtin_oids[171];
-const NSSOID *NSS_OID_PKIX_REGCTRL_AUTHENTICATOR = (NSSOID *)&nss_builtin_oids[172];
-const NSSOID *NSS_OID_PKIX_REGCTRL_PKIPUBINFO = (NSSOID *)&nss_builtin_oids[173];
-const NSSOID *NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = (NSSOID *)&nss_builtin_oids[174];
-const NSSOID *NSS_OID_PKIX_REGCTRL_OLD_CERT_ID = (NSSOID *)&nss_builtin_oids[175];
-const NSSOID *NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = (NSSOID *)&nss_builtin_oids[176];
-const NSSOID *NSS_OID_PKIX_REGINFO_UTF8_PAIRS = (NSSOID *)&nss_builtin_oids[178];
-const NSSOID *NSS_OID_PKIX_REGINFO_CERT_REQUEST = (NSSOID *)&nss_builtin_oids[179];
-const NSSOID *NSS_OID_OID_PKIX_OCSP = (NSSOID *)&nss_builtin_oids[181];
-const NSSOID *NSS_OID_PKIX_OCSP_BASIC_RESPONSE = (NSSOID *)&nss_builtin_oids[182];
-const NSSOID *NSS_OID_PKIX_OCSP_NONCE = (NSSOID *)&nss_builtin_oids[183];
-const NSSOID *NSS_OID_PKIX_OCSP_RESPONSE = (NSSOID *)&nss_builtin_oids[184];
-const NSSOID *NSS_OID_PKIX_OCSP_CRL = (NSSOID *)&nss_builtin_oids[185];
-const NSSOID *NSS_OID_X509_OCSP_NO_CHECK = (NSSOID *)&nss_builtin_oids[186];
-const NSSOID *NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF = (NSSOID *)&nss_builtin_oids[187];
-const NSSOID *NSS_OID_PKIX_OCSP_SERVICE_LOCATOR = (NSSOID *)&nss_builtin_oids[188];
-const NSSOID *NSS_OID_DES_ECB = (NSSOID *)&nss_builtin_oids[198];
-const NSSOID *NSS_OID_DES_CBC = (NSSOID *)&nss_builtin_oids[199];
-const NSSOID *NSS_OID_DES_OFB = (NSSOID *)&nss_builtin_oids[200];
-const NSSOID *NSS_OID_DES_CFB = (NSSOID *)&nss_builtin_oids[201];
-const NSSOID *NSS_OID_DES_MAC = (NSSOID *)&nss_builtin_oids[202];
-const NSSOID *NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE = (NSSOID *)&nss_builtin_oids[203];
-const NSSOID *NSS_OID_DES_EDE = (NSSOID *)&nss_builtin_oids[204];
-const NSSOID *NSS_OID_SHA1 = (NSSOID *)&nss_builtin_oids[205];
-const NSSOID *NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = (NSSOID *)&nss_builtin_oids[206];
-const NSSOID *NSS_OID_X520_COMMON_NAME = (NSSOID *)&nss_builtin_oids[231];
-const NSSOID *NSS_OID_X520_SURNAME = (NSSOID *)&nss_builtin_oids[232];
-const NSSOID *NSS_OID_X520_COUNTRY_NAME = (NSSOID *)&nss_builtin_oids[233];
-const NSSOID *NSS_OID_X520_LOCALITY_NAME = (NSSOID *)&nss_builtin_oids[234];
-const NSSOID *NSS_OID_X520_STATE_OR_PROVINCE_NAME = (NSSOID *)&nss_builtin_oids[235];
-const NSSOID *NSS_OID_X520_ORGANIZATION_NAME = (NSSOID *)&nss_builtin_oids[236];
-const NSSOID *NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME = (NSSOID *)&nss_builtin_oids[237];
-const NSSOID *NSS_OID_X520_TITLE = (NSSOID *)&nss_builtin_oids[238];
-const NSSOID *NSS_OID_X520_NAME = (NSSOID *)&nss_builtin_oids[239];
-const NSSOID *NSS_OID_X520_GIVEN_NAME = (NSSOID *)&nss_builtin_oids[240];
-const NSSOID *NSS_OID_X520_INITIALS = (NSSOID *)&nss_builtin_oids[241];
-const NSSOID *NSS_OID_X520_GENERATION_QUALIFIER = (NSSOID *)&nss_builtin_oids[242];
-const NSSOID *NSS_OID_X520_DN_QUALIFIER = (NSSOID *)&nss_builtin_oids[243];
-const NSSOID *NSS_OID_X500_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[249];
-const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTR = (NSSOID *)&nss_builtin_oids[268];
-const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES = (NSSOID *)&nss_builtin_oids[269];
-const NSSOID *NSS_OID_X509_SUBJECT_KEY_ID = (NSSOID *)&nss_builtin_oids[270];
-const NSSOID *NSS_OID_X509_KEY_USAGE = (NSSOID *)&nss_builtin_oids[271];
-const NSSOID *NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD = (NSSOID *)&nss_builtin_oids[272];
-const NSSOID *NSS_OID_X509_SUBJECT_ALT_NAME = (NSSOID *)&nss_builtin_oids[273];
-const NSSOID *NSS_OID_X509_ISSUER_ALT_NAME = (NSSOID *)&nss_builtin_oids[274];
-const NSSOID *NSS_OID_X509_BASIC_CONSTRAINTS = (NSSOID *)&nss_builtin_oids[275];
-const NSSOID *NSS_OID_X509_CRL_NUMBER = (NSSOID *)&nss_builtin_oids[276];
-const NSSOID *NSS_OID_X509_REASON_CODE = (NSSOID *)&nss_builtin_oids[277];
-const NSSOID *NSS_OID_X509_HOLD_INSTRUCTION_CODE = (NSSOID *)&nss_builtin_oids[278];
-const NSSOID *NSS_OID_X509_INVALID_DATE = (NSSOID *)&nss_builtin_oids[279];
-const NSSOID *NSS_OID_X509_DELTA_CRL_INDICATOR = (NSSOID *)&nss_builtin_oids[280];
-const NSSOID *NSS_OID_X509_ISSUING_DISTRIBUTION_POINT = (NSSOID *)&nss_builtin_oids[281];
-const NSSOID *NSS_OID_X509_CERTIFICATE_ISSUER = (NSSOID *)&nss_builtin_oids[282];
-const NSSOID *NSS_OID_X509_NAME_CONSTRAINTS = (NSSOID *)&nss_builtin_oids[283];
-const NSSOID *NSS_OID_X509_CRL_DIST_POINTS = (NSSOID *)&nss_builtin_oids[284];
-const NSSOID *NSS_OID_X509_CERTIFICATE_POLICIES = (NSSOID *)&nss_builtin_oids[285];
-const NSSOID *NSS_OID_X509_POLICY_MAPPINGS = (NSSOID *)&nss_builtin_oids[286];
-const NSSOID *NSS_OID_X509_AUTH_KEY_ID = (NSSOID *)&nss_builtin_oids[288];
-const NSSOID *NSS_OID_X509_POLICY_CONSTRAINTS = (NSSOID *)&nss_builtin_oids[289];
-const NSSOID *NSS_OID_X509_EXT_KEY_USAGE = (NSSOID *)&nss_builtin_oids[290];
-const NSSOID *NSS_OID_MISSI_DSS_OLD = (NSSOID *)&nss_builtin_oids[314];
-const NSSOID *NSS_OID_FORTEZZA_SKIPJACK = (NSSOID *)&nss_builtin_oids[315];
-const NSSOID *NSS_OID_MISSI_KEA = (NSSOID *)&nss_builtin_oids[316];
-const NSSOID *NSS_OID_MISSI_KEA_DSS_OLD = (NSSOID *)&nss_builtin_oids[317];
-const NSSOID *NSS_OID_MISSI_DSS = (NSSOID *)&nss_builtin_oids[318];
-const NSSOID *NSS_OID_MISSI_KEA_DSS = (NSSOID *)&nss_builtin_oids[319];
-const NSSOID *NSS_OID_MISSI_ALT_KEY = (NSSOID *)&nss_builtin_oids[320];
-const NSSOID *NSS_OID_NS_CERT_EXT_CERT_TYPE = (NSSOID *)&nss_builtin_oids[328];
-const NSSOID *NSS_OID_NS_CERT_EXT_BASE_URL = (NSSOID *)&nss_builtin_oids[329];
-const NSSOID *NSS_OID_NS_CERT_EXT_REVOCATION_URL = (NSSOID *)&nss_builtin_oids[330];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL = (NSSOID *)&nss_builtin_oids[331];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_CRL_URL = (NSSOID *)&nss_builtin_oids[332];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_CERT_URL = (NSSOID *)&nss_builtin_oids[333];
-const NSSOID *NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL = (NSSOID *)&nss_builtin_oids[334];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_POLICY_URL = (NSSOID *)&nss_builtin_oids[335];
-const NSSOID *NSS_OID_NS_CERT_EXT_HOMEPAGE_URL = (NSSOID *)&nss_builtin_oids[336];
-const NSSOID *NSS_OID_NS_CERT_EXT_ENTITY_LOGO = (NSSOID *)&nss_builtin_oids[337];
-const NSSOID *NSS_OID_NS_CERT_EXT_USER_PICTURE = (NSSOID *)&nss_builtin_oids[338];
-const NSSOID *NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME = (NSSOID *)&nss_builtin_oids[339];
-const NSSOID *NSS_OID_NS_CERT_EXT_COMMENT = (NSSOID *)&nss_builtin_oids[340];
-const NSSOID *NSS_OID_NS_CERT_EXT_THAYES = (NSSOID *)&nss_builtin_oids[341];
-const NSSOID *NSS_OID_NS_TYPE_GIF = (NSSOID *)&nss_builtin_oids[343];
-const NSSOID *NSS_OID_NS_TYPE_JPEG = (NSSOID *)&nss_builtin_oids[344];
-const NSSOID *NSS_OID_NS_TYPE_URL = (NSSOID *)&nss_builtin_oids[345];
-const NSSOID *NSS_OID_NS_TYPE_HTML = (NSSOID *)&nss_builtin_oids[346];
-const NSSOID *NSS_OID_NS_TYPE_CERT_SEQUENCE = (NSSOID *)&nss_builtin_oids[347];
-const NSSOID *NSS_OID_NS_KEY_USAGE_GOVT_APPROVED = (NSSOID *)&nss_builtin_oids[350];
-const NSSOID *NSS_OID_NETSCAPE_RECOVERY_REQUEST = (NSSOID *)&nss_builtin_oids[353];
-const NSSOID *NSS_OID_NETSCAPE_SMIME_KEA = (NSSOID *)&nss_builtin_oids[355];
-const NSSOID *NSS_OID_NETSCAPE_NICKNAME = (NSSOID *)&nss_builtin_oids[357];
-const NSSOID *NSS_OID_VERISIGN_USER_NOTICES = (NSSOID *)&nss_builtin_oids[362];
-const NSSOID *NSS_OID_NS_CERT_EXT_NETSCAPE_OK = (NSSOID *)&nss_builtin_oids[367];
-const NSSOID *NSS_OID_NS_CERT_EXT_ISSUER_LOGO = (NSSOID *)&nss_builtin_oids[368];
-const NSSOID *NSS_OID_NS_CERT_EXT_SUBJECT_LOGO = (NSSOID *)&nss_builtin_oids[369];
-
-const nssAttributeTypeAliasTable nss_attribute_type_aliases[] = {
- {
- "uid",
- &NSS_OID_RFC1274_UID
- },
- {
- "mail",
- &NSS_OID_RFC1274_EMAIL
- },
- {
- "dc",
- &NSS_OID_RFC2247_DC
- },
- {
- "cn",
- &NSS_OID_X520_COMMON_NAME
- },
- {
- "sn",
- &NSS_OID_X520_SURNAME
- },
- {
- "c",
- &NSS_OID_X520_COUNTRY_NAME
- },
- {
- "l",
- &NSS_OID_X520_LOCALITY_NAME
- },
- {
- "s",
- &NSS_OID_X520_STATE_OR_PROVINCE_NAME
- },
- {
- "o",
- &NSS_OID_X520_ORGANIZATION_NAME
- },
- {
- "ou",
- &NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME
- },
- {
- "title",
- &NSS_OID_X520_TITLE
- },
- {
- "name",
- &NSS_OID_X520_NAME
- },
- {
- "givenName",
- &NSS_OID_X520_GIVEN_NAME
- },
- {
- "initials",
- &NSS_OID_X520_INITIALS
- },
- {
- "generationQualifier",
- &NSS_OID_X520_GENERATION_QUALIFIER
- },
- {
- "dnQualifier",
- &NSS_OID_X520_DN_QUALIFIER
- }
-};
-
-const PRUint32 nss_attribute_type_alias_count = 16;
-
diff --git a/security/nss/lib/pki1/oiddata.h b/security/nss/lib/pki1/oiddata.h
deleted file mode 100644
index d51c37517..000000000
--- a/security/nss/lib/pki1/oiddata.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef OIDDATA_H
-#define OIDDATA_H
-
-#ifdef DEBUG
-static const char OIDDATA_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-extern const NSSOID nss_builtin_oids[];
-extern const PRUint32 nss_builtin_oid_count;
-
-/*extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];*/
-/*extern const PRUint32 nss_attribute_type_alias_count;*/
-
-extern const NSSOID *NSS_OID_RFC1274_UID;
-extern const NSSOID *NSS_OID_RFC1274_EMAIL;
-extern const NSSOID *NSS_OID_RFC2247_DC;
-extern const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE;
-extern const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-extern const NSSOID *NSS_OID_X942_DIFFIE_HELMAN_KEY;
-extern const NSSOID *NSS_OID_PKCS1_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS7;
-extern const NSSOID *NSS_OID_PKCS7_DATA;
-extern const NSSOID *NSS_OID_PKCS7_SIGNED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_ENVELOPED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_DIGESTED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_ENCRYPTED_DATA;
-extern const NSSOID *NSS_OID_PKCS9_EMAIL_ADDRESS;
-extern const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_NAME;
-extern const NSSOID *NSS_OID_PKCS9_CONTENT_TYPE;
-extern const NSSOID *NSS_OID_PKCS9_MESSAGE_DIGEST;
-extern const NSSOID *NSS_OID_PKCS9_SIGNING_TIME;
-extern const NSSOID *NSS_OID_PKCS9_COUNTER_SIGNATURE;
-extern const NSSOID *NSS_OID_PKCS9_CHALLENGE_PASSWORD;
-extern const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS;
-extern const NSSOID *NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES;
-extern const NSSOID *NSS_OID_PKCS9_SMIME_CAPABILITIES;
-extern const NSSOID *NSS_OID_PKCS9_FRIENDLY_NAME;
-extern const NSSOID *NSS_OID_PKCS9_LOCAL_KEY_ID;
-extern const NSSOID *NSS_OID_PKCS9_X509_CERT;
-extern const NSSOID *NSS_OID_PKCS9_SDSI_CERT;
-extern const NSSOID *NSS_OID_PKCS9_X509_CRL;
-extern const NSSOID *NSS_OID_PKCS12;
-extern const NSSOID *NSS_OID_PKCS12_PBE_IDS;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
-extern const NSSOID *NSS_OID_PKCS12_KEY_BAG;
-extern const NSSOID *NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG;
-extern const NSSOID *NSS_OID_PKCS12_CERT_BAG;
-extern const NSSOID *NSS_OID_PKCS12_CRL_BAG;
-extern const NSSOID *NSS_OID_PKCS12_SECRET_BAG;
-extern const NSSOID *NSS_OID_PKCS12_SAFE_CONTENTS_BAG;
-extern const NSSOID *NSS_OID_MD2;
-extern const NSSOID *NSS_OID_MD4;
-extern const NSSOID *NSS_OID_MD5;
-extern const NSSOID *NSS_OID_RC2_CBC;
-extern const NSSOID *NSS_OID_RC4;
-extern const NSSOID *NSS_OID_DES_EDE3_CBC;
-extern const NSSOID *NSS_OID_RC5_CBC_PAD;
-extern const NSSOID *NSS_OID_X509_AUTH_INFO_ACCESS;
-extern const NSSOID *NSS_OID_PKIX_CPS_POINTER_QUALIFIER;
-extern const NSSOID *NSS_OID_PKIX_USER_NOTICE_QUALIFIER;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_SERVER_AUTH;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_CODE_SIGN;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_USER;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_TIME_STAMP;
-extern const NSSOID *NSS_OID_OCSP_RESPONDER;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_REGTOKEN;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_AUTHENTICATOR;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_PKIPUBINFO;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_OLD_CERT_ID;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY;
-extern const NSSOID *NSS_OID_PKIX_REGINFO_UTF8_PAIRS;
-extern const NSSOID *NSS_OID_PKIX_REGINFO_CERT_REQUEST;
-extern const NSSOID *NSS_OID_OID_PKIX_OCSP;
-extern const NSSOID *NSS_OID_PKIX_OCSP_BASIC_RESPONSE;
-extern const NSSOID *NSS_OID_PKIX_OCSP_NONCE;
-extern const NSSOID *NSS_OID_PKIX_OCSP_RESPONSE;
-extern const NSSOID *NSS_OID_PKIX_OCSP_CRL;
-extern const NSSOID *NSS_OID_X509_OCSP_NO_CHECK;
-extern const NSSOID *NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF;
-extern const NSSOID *NSS_OID_PKIX_OCSP_SERVICE_LOCATOR;
-extern const NSSOID *NSS_OID_DES_ECB;
-extern const NSSOID *NSS_OID_DES_CBC;
-extern const NSSOID *NSS_OID_DES_OFB;
-extern const NSSOID *NSS_OID_DES_CFB;
-extern const NSSOID *NSS_OID_DES_MAC;
-extern const NSSOID *NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE;
-extern const NSSOID *NSS_OID_DES_EDE;
-extern const NSSOID *NSS_OID_SHA1;
-extern const NSSOID *NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-extern const NSSOID *NSS_OID_X520_COMMON_NAME;
-extern const NSSOID *NSS_OID_X520_SURNAME;
-extern const NSSOID *NSS_OID_X520_COUNTRY_NAME;
-extern const NSSOID *NSS_OID_X520_LOCALITY_NAME;
-extern const NSSOID *NSS_OID_X520_STATE_OR_PROVINCE_NAME;
-extern const NSSOID *NSS_OID_X520_ORGANIZATION_NAME;
-extern const NSSOID *NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME;
-extern const NSSOID *NSS_OID_X520_TITLE;
-extern const NSSOID *NSS_OID_X520_NAME;
-extern const NSSOID *NSS_OID_X520_GIVEN_NAME;
-extern const NSSOID *NSS_OID_X520_INITIALS;
-extern const NSSOID *NSS_OID_X520_GENERATION_QUALIFIER;
-extern const NSSOID *NSS_OID_X520_DN_QUALIFIER;
-extern const NSSOID *NSS_OID_X500_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTR;
-extern const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES;
-extern const NSSOID *NSS_OID_X509_SUBJECT_KEY_ID;
-extern const NSSOID *NSS_OID_X509_KEY_USAGE;
-extern const NSSOID *NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD;
-extern const NSSOID *NSS_OID_X509_SUBJECT_ALT_NAME;
-extern const NSSOID *NSS_OID_X509_ISSUER_ALT_NAME;
-extern const NSSOID *NSS_OID_X509_BASIC_CONSTRAINTS;
-extern const NSSOID *NSS_OID_X509_CRL_NUMBER;
-extern const NSSOID *NSS_OID_X509_REASON_CODE;
-extern const NSSOID *NSS_OID_X509_HOLD_INSTRUCTION_CODE;
-extern const NSSOID *NSS_OID_X509_INVALID_DATE;
-extern const NSSOID *NSS_OID_X509_DELTA_CRL_INDICATOR;
-extern const NSSOID *NSS_OID_X509_ISSUING_DISTRIBUTION_POINT;
-extern const NSSOID *NSS_OID_X509_CERTIFICATE_ISSUER;
-extern const NSSOID *NSS_OID_X509_NAME_CONSTRAINTS;
-extern const NSSOID *NSS_OID_X509_CRL_DIST_POINTS;
-extern const NSSOID *NSS_OID_X509_CERTIFICATE_POLICIES;
-extern const NSSOID *NSS_OID_X509_POLICY_MAPPINGS;
-extern const NSSOID *NSS_OID_X509_AUTH_KEY_ID;
-extern const NSSOID *NSS_OID_X509_POLICY_CONSTRAINTS;
-extern const NSSOID *NSS_OID_X509_EXT_KEY_USAGE;
-extern const NSSOID *NSS_OID_MISSI_DSS_OLD;
-extern const NSSOID *NSS_OID_FORTEZZA_SKIPJACK;
-extern const NSSOID *NSS_OID_MISSI_KEA;
-extern const NSSOID *NSS_OID_MISSI_KEA_DSS_OLD;
-extern const NSSOID *NSS_OID_MISSI_DSS;
-extern const NSSOID *NSS_OID_MISSI_KEA_DSS;
-extern const NSSOID *NSS_OID_MISSI_ALT_KEY;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CERT_TYPE;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_BASE_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_REVOCATION_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_CRL_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_CERT_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_POLICY_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_HOMEPAGE_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_ENTITY_LOGO;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_USER_PICTURE;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_COMMENT;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_THAYES;
-extern const NSSOID *NSS_OID_NS_TYPE_GIF;
-extern const NSSOID *NSS_OID_NS_TYPE_JPEG;
-extern const NSSOID *NSS_OID_NS_TYPE_URL;
-extern const NSSOID *NSS_OID_NS_TYPE_HTML;
-extern const NSSOID *NSS_OID_NS_TYPE_CERT_SEQUENCE;
-extern const NSSOID *NSS_OID_NS_KEY_USAGE_GOVT_APPROVED;
-extern const NSSOID *NSS_OID_NETSCAPE_RECOVERY_REQUEST;
-extern const NSSOID *NSS_OID_NETSCAPE_SMIME_KEA;
-extern const NSSOID *NSS_OID_NETSCAPE_NICKNAME;
-extern const NSSOID *NSS_OID_VERISIGN_USER_NOTICES;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_NETSCAPE_OK;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_ISSUER_LOGO;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_SUBJECT_LOGO;
-
-#endif /* OIDDATA_H */
diff --git a/security/nss/lib/pki1/oidgen.perl b/security/nss/lib/pki1/oidgen.perl
deleted file mode 100755
index 2d644481e..000000000
--- a/security/nss/lib/pki1/oidgen.perl
+++ /dev/null
@@ -1,313 +0,0 @@
-#!perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-$cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-$cfile = shift;
-$hfile = shift;
-$count = -1;
-while(<>) {
- s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
- next if (/^\s*$/);
-
- /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
- $name = $1;
- $value = $2;
- # This is certainly not the best way to dequote the data.
- $value =~ s/"//g;
-
- if( $name =~ "OID" ) {
- $count++;
- $x[$count]{$name} = $value;
- $enc = encodeoid($value);
- $x[$count]{" encoding"} = escapeoid($enc);
- $x[$count]{" encoding length"} = length($enc);
- } else {
- if( $count < 0 ) {
- $g{$name} = $value;
- } else {
- $x[$count]{$name} = $value;
- }
- }
-}
-
-# dodump();
-
-doprint($cfile,$hfile);
-
-sub dodump {
-for( $i = 0; $i <= $count; $i++ ) {
- print "number $i:\n";
- %y = %{$x[$i]};
- while(($n,$v) = each(%y)) {
- print "\t$n ==> $v\n";
- }
-}
-}
-
-sub doprint {
-open(CFILE, "> $cfile") || die "Can't open $cfile: $!";
-open(HFILE, "> $hfile") || die "Can't open $hfile: $!";
-
-print CFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-const NSSOID nss_builtin_oids[] = {
-EOD
- ;
-
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- print CFILE " {\n";
- print CFILE "#ifdef DEBUG\n";
- print CFILE " \"$y{TAG}\",\n";
- print CFILE " \"$y{EXPL}\",\n";
- print CFILE "#endif /* DEBUG */\n";
- print CFILE " { \"", $y{" encoding"};
- print CFILE "\", ", $y{" encoding length"}, " }\n";
-
- if( $i == $count ) {
- print CFILE " }\n";
- } else {
- print CFILE " },\n";
- }
-}
-
-print CFILE "};\n\n";
-
-print CFILE "const PRUint32 nss_builtin_oid_count = ", ($count+1), ";\n\n";
-
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- if( defined($y{NAME}) ) {
- print CFILE "const NSSOID *$y{NAME} = (NSSOID *)&nss_builtin_oids[$i];\n";
- }
-}
-
-print CFILE "\n";
-
-$attrcount = -1;
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- if( defined($y{ATTR}) ) {
- if( defined($y{NAME}) ) {
- $attrcount++;
- $attr[$attrcount]{ATTR} = $y{ATTR};
- $attr[$attrcount]{NAME} = $y{NAME};
- } else {
- warn "Attribute $y{ATTR} has no name, and will be omitted!";
- }
- }
-}
-
-print CFILE "const nssAttributeTypeAliasTable nss_attribute_type_aliases[] = {\n";
-
-for( $i = 0; $i <= $attrcount; $i++ ) {
- %y = %{$attr[$i]};
- print CFILE " {\n";
- print CFILE " \"$y{ATTR}\",\n";
- print CFILE " &$y{NAME}\n";
-
- if( $i == $attrcount ) {
- print CFILE " }\n";
- } else {
- print CFILE " },\n";
- }
-}
-
-print CFILE "};\n\n";
-
-print CFILE "const PRUint32 nss_attribute_type_alias_count = ", ($attrcount+1), ";\n\n";
-
-print HFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef OIDDATA_H
-#define OIDDATA_H
-
-#ifdef DEBUG
-static const char OIDDATA_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-extern const NSSOID nss_builtin_oids[];
-extern const PRUint32 nss_builtin_oid_count;
-
-/*extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];*/
-/*extern const PRUint32 nss_attribute_type_alias_count;*/
-
-EOD
- ;
-
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- if( defined($y{NAME}) ) {
- print HFILE "extern const NSSOID *$y{NAME};\n";
- }
-}
-
-print HFILE <<EOD
-
-#endif /* OIDDATA_H */
-EOD
- ;
-
-close CFILE;
-close HFILE;
-}
-
-sub encodenum {
- my $v = $_[0];
- my @d;
- my $i;
- my $rv = "";
-
- while( $v > 128 ) {
- push @d, ($v % 128);
- $v /= 128;
- };
- push @d, ($v%128);
-
- for( $i = @d-1; $i > 0; $i-- ) {
- $rv = $rv . chr(128 + $d[$i]);
- }
-
- $rv = $rv . chr($d[0]);
-
- return $rv;
-}
-
-sub encodeoid {
- my @o = split(/\./, $_[0]);
- my $rv = "";
- my $i;
-
- if( @o < 2 ) {
- # NSS's special "illegal" encoding
- return chr(128) . encodenum($o[0]);
- }
-
- $rv = encodenum($o[0] * 40 + $o[1]);
- shift @o; shift @o;
-
- foreach $i (@o) {
- $rv = $rv . encodenum($i);
- }
-
- return $rv;
-}
-
-sub escapeoid {
- my @v = unpack("C*", $_[0]);
- my $a;
- my $rv = "";
-
- foreach $a (@v) {
- $rv = $rv . sprintf("\\x%02x", $a);
- }
-
- return $rv;
-}
diff --git a/security/nss/lib/pki1/oids.txt b/security/nss/lib/pki1/oids.txt
deleted file mode 100644
index df7b3ab28..000000000
--- a/security/nss/lib/pki1/oids.txt
+++ /dev/null
@@ -1,2115 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-# Fields
-# OID -- the OID data itself, in dotted-number format
-# TAG -- the unofficial but common name. e.g., when written like
-# { joint-iso-ccitt(2) country(16) US(840) company(1) netscape(113730) }
-# those words ("joint-iso-ccitt," "country," etc.) are the tags.
-# EXPL -- a textual explanation, that should stand by itself
-# NAME -- the name we use in our code. If no NAME is given, it won't be included
-#
-# Additionally, some sets of OIDs map to some other spaces..
-# additional fields capture that data:
-#
-# CKM -- the corresponding Cryptoki Mechanism, if any
-# CKK -- the corresponding Cryptoki Key type, if any
-# ATTR -- the UTF-8 attribute type encoding, if applicable
-# it should be in the standard presentation style (e.g., lowercase),
-# already-escaped a la RFC 2253 if necessary (which would only
-# be necessary if some idiot defined an attribute with, say,
-# an equals sign in it)
-# CERT_EXTENSION -- SUPPORTED or UNSUPPORTED certificate extension, if applicable
-
-# Top of the OID tree -- see http://www.alvestrand.no/objectid/top.html
-#
-OID 0
-TAG ccitt # ITU-T used to be called CCITT
-EXPL "ITU-T"
-
-# See X.208 Annex C for an explanation of the OIDs below ccitt/itu-t
-
-OID 0.0
-TAG recommendation
-EXPL "ITU-T Recommendation"
-
-OID 0.1
-TAG question
-EXPL "ITU-T Question"
-
-OID 0.2
-TAG administration
-EXPL "ITU-T Administration"
-
-OID 0.3
-TAG network-operator
-EXPL "ITU-T Network Operator"
-
-OID 0.4
-TAG identified-organization
-EXPL "ITU-T Identified Organization"
-
-OID 0.9 # used in some RFCs (unofficial!)
-TAG data
-EXPL "RFC Data"
-
-OID 0.9.2342
-TAG pss
-EXPL "PSS British Telecom X.25 Network"
-
-OID 0.9.2342.19200300
-TAG ucl
-EXPL "RFC 1274 UCL Data networks"
-
-OID 0.9.2342.19200300.100
-TAG pilot
-EXPL "RFC 1274 pilot"
-
-OID 0.9.2342.19200300.100.1
-TAG attributeType
-EXPL "RFC 1274 Attribute Type"
-
-OID 0.9.2342.19200300.100.1.1
-TAG uid
-EXPL "RFC 1274 User Id"
-NAME NSS_OID_RFC1274_UID
-ATTR "uid"
-
-OID 0.9.2342.19200300.100.1.3
-TAG mail
-EXPL "RFC 1274 E-mail Addres"
-NAME NSS_OID_RFC1274_EMAIL
-ATTR "mail" # XXX fgmr
-
-OID 0.9.2342.19200300.100.1.25
-TAG dc
-EXPL "RFC 2247 Domain Component"
-NAME NSS_OID_RFC2247_DC
-ATTR "dc"
-
-OID 0.9.2342.19200300.100.3
-TAG attributeSyntax
-EXPL "RFC 1274 Attribute Syntax"
-
-OID 0.9.2342.19200300.100.3.4
-TAG iA5StringSyntax
-EXPL "RFC 1274 IA5 String Attribute Syntax"
-
-OID 0.9.2342.19200300.100.3.5
-TAG caseIgnoreIA5StringSyntax
-EXPL "RFC 1274 Case-Ignore IA5 String Attribute Syntax"
-
-OID 0.9.2342.19200300.100.4
-TAG objectClass
-EXPL "RFC 1274 Object Class"
-
-OID 0.9.2342.19200300.100.10
-TAG groups
-EXPL "RFC 1274 Groups"
-
-OID 0.9.2342.234219200300
-TAG ucl
-EXPL "RFC 1327 ucl"
-
-OID 1
-TAG iso
-EXPL "ISO"
-
-# See X.208 Annex B for an explanation of the OIDs below iso
-
-OID 1.0
-TAG standard
-EXPL "ISO Standard"
-
-OID 1.1
-TAG registration-authority
-EXPL "ISO Registration Authority"
-
-OID 1.2
-TAG member-body
-EXPL "ISO Member Body"
-
-OID 1.2.36
-TAG australia
-EXPL "Australia (ISO)"
-
-OID 1.2.158
-TAG taiwan
-EXPL "Taiwan (ISO)"
-
-OID 1.2.372
-TAG ireland
-EXPL "Ireland (ISO)"
-
-OID 1.2.578
-TAG norway
-EXPL "Norway (ISO)"
-
-OID 1.2.752
-TAG sweden
-EXPL "Sweden (ISO)"
-
-OID 1.2.826
-TAG great-britain
-EXPL "Great Britain (ISO)"
-
-OID 1.2.840
-TAG us
-EXPL "United States (ISO)"
-
-OID 1.2.840.1
-TAG organization
-EXPL "US (ISO) organization"
-
-OID 1.2.840.10003
-TAG ansi-z30-50
-EXPL "ANSI Z39.50"
-
-OID 1.2.840.10008
-TAG dicom
-EXPL "DICOM"
-
-OID 1.2.840.10017
-TAG ieee-1224
-EXPL "IEEE 1224"
-
-OID 1.2.840.10022
-TAG ieee-802-10
-EXPL "IEEE 802.10"
-
-OID 1.2.840.10036
-TAG ieee-802-11
-EXPL "IEEE 802.11"
-
-OID 1.2.840.10040
-TAG x9-57
-EXPL "ANSI X9.57"
-
-# RFC 2459:
-#
-# holdInstruction OBJECT IDENTIFIER ::=
-# {iso(1) member-body(2) us(840) x9cm(10040) 2}
-#
-# Note that the appendices of RFC 2459 define the (wrong) value
-# of 2.2.840.10040.2 for this oid.
-OID 1.2.840.10040.2
-TAG holdInstruction
-EXPL "ANSI X9.57 Hold Instruction"
-
-# RFC 2459:
-#
-# id-holdinstruction-none OBJECT IDENTIFIER ::=
-# {holdInstruction 1} -- deprecated
-OID 1.2.840.10040.2.1
-TAG id-holdinstruction-none
-EXPL "ANSI X9.57 Hold Instruction: None"
-
-# RFC 2459:
-#
-# id-holdinstruction-callissuer OBJECT IDENTIFIER ::=
-# {holdInstruction 2}
-OID 1.2.840.10040.2.2
-TAG id-holdinstruction-callissuer
-EXPL "ANSI X9.57 Hold Instruction: Call Issuer"
-
-# RFC 2459:
-#
-# id-holdinstruction-reject OBJECT IDENTIFIER ::=
-# {holdInstruction 3}
-OID 1.2.840.10040.2.3
-TAG id-holdinstruction-reject
-EXPL "ANSI X9.57 Hold Instruction: Reject"
-
-OID 1.2.840.10040.4
-TAG x9algorithm
-EXPL "ANSI X9.57 Algorithm"
-
-# RFC 2459:
-#
-# id-dsa OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
-OID 1.2.840.10040.4.1
-TAG id-dsa
-EXPL "ANSI X9.57 DSA Signature"
-NAME NSS_OID_ANSIX9_DSA_SIGNATURE
-CKM CKM_DSA
-CKK CKK_DSA
-
-# RFC 2459:
-#
-# id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
-OID 1.2.840.10040.4.3
-TAG id-dsa-with-sha1
-EXPL "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest"
-NAME NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST
-CKM CKM_DSA_SHA1
-
-OID 1.2.840.10046
-TAG x942
-EXPL "ANSI X9.42"
-
-OID 1.2.840.10046.2
-TAG algorithm
-EXPL "ANSI X9.42 Algorithm"
-
-# RFC 2459:
-#
-# dhpublicnumber OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
-OID 1.2.840.10046.2.1
-TAG dhpublicnumber
-EXPL "Diffie-Hellman Public Key Algorithm"
-NAME NSS_OID_X942_DIFFIE_HELMAN_KEY
-CKM CKM_DH_PKCS_DERIVE
-CKK CKK_DH
-
-OID 1.2.840.113533
-TAG entrust
-EXPL "Entrust Technologies"
-
-OID 1.2.840.113549
-TAG rsadsi
-EXPL "RSA Data Security Inc."
-
-OID 1.2.840.113549.1
-# http://www.rsa.com/rsalabs/pubs/PKCS/
-TAG pkcs
-EXPL "PKCS"
-
-# RFC 2459:
-#
-# pkcs-1 OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
-OID 1.2.840.113549.1.1
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-1.asc
-TAG pkcs-1
-EXPL "PKCS #1"
-
-# RFC 2459:
-#
-# rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
-OID 1.2.840.113549.1.1.1
-TAG rsaEncryption
-EXPL "PKCS #1 RSA Encryption"
-NAME NSS_OID_PKCS1_RSA_ENCRYPTION
-CKM CKM_RSA_PKCS
-CKK CKK_RSA
-
-# RFC 2459:
-#
-# md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 }
-OID 1.2.840.113549.1.1.2
-TAG md2WithRSAEncryption
-EXPL "PKCS #1 MD2 With RSA Encryption"
-NAME NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION
-CKM CKM_MD2_RSA_PKCS
-
-OID 1.2.840.113549.1.1.3
-TAG md4WithRSAEncryption
-EXPL "PKCS #1 MD4 With RSA Encryption"
-NAME NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION
-# No CKM!
-
-# RFC 2459:
-#
-# md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 }
-OID 1.2.840.113549.1.1.4
-TAG md5WithRSAEncryption
-EXPL "PKCS #1 MD5 With RSA Encryption"
-NAME NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION
-CKM CKM_MD5_RSA_PKCS
-
-# RFC 2459:
-#
-# sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 }
-OID 1.2.840.113549.1.1.5
-TAG sha1WithRSAEncryption
-EXPL "PKCS #1 SHA-1 With RSA Encryption"
-NAME NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION
-CKM CKM_SHA1_RSA_PKCS
-
-OID 1.2.840.113549.1.5
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-5.asc
-TAG pkcs-5
-EXPL "PKCS #5"
-
-OID 1.2.840.113549.1.5.1
-TAG pbeWithMD2AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With MD2 and DES-CBC"
-NAME NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC
-CKM CKM_PBE_MD2_DES_CBC
-
-OID 1.2.840.113549.1.5.3
-TAG pbeWithMD5AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With MD5 and DES-CBC"
-NAME NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC
-CKM CKM_PBE_MD5_DES_CBC
-
-OID 1.2.840.113549.1.5.10
-TAG pbeWithSha1AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With SHA-1 and DES-CBC"
-NAME NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_DES_CBC
-
-OID 1.2.840.113549.1.7
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-7.asc
-TAG pkcs-7
-EXPL "PKCS #7"
-NAME NSS_OID_PKCS7
-
-OID 1.2.840.113549.1.7.1
-TAG data
-EXPL "PKCS #7 Data"
-NAME NSS_OID_PKCS7_DATA
-
-OID 1.2.840.113549.1.7.2
-TAG signedData
-EXPL "PKCS #7 Signed Data"
-NAME NSS_OID_PKCS7_SIGNED_DATA
-
-OID 1.2.840.113549.1.7.3
-TAG envelopedData
-EXPL "PKCS #7 Enveloped Data"
-NAME NSS_OID_PKCS7_ENVELOPED_DATA
-
-OID 1.2.840.113549.1.7.4
-TAG signedAndEnvelopedData
-EXPL "PKCS #7 Signed and Enveloped Data"
-NAME NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA
-
-OID 1.2.840.113549.1.7.5
-TAG digestedData
-EXPL "PKCS #7 Digested Data"
-NAME NSS_OID_PKCS7_DIGESTED_DATA
-
-OID 1.2.840.113549.1.7.6
-TAG encryptedData
-EXPL "PKCS #7 Encrypted Data"
-NAME NSS_OID_PKCS7_ENCRYPTED_DATA
-
-# RFC 2459:
-#
-# pkcs-9 OBJECT IDENTIFIER ::=
-# { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
-OID 1.2.840.113549.1.9
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-9.asc
-TAG pkcs-9
-EXPL "PKCS #9"
-
-# RFC 2459:
-#
-# emailAddress AttributeType ::= { pkcs-9 1 }
-OID 1.2.840.113549.1.9.1
-TAG emailAddress
-EXPL "PKCS #9 Email Address"
-NAME NSS_OID_PKCS9_EMAIL_ADDRESS
-
-OID 1.2.840.113549.1.9.2
-TAG unstructuredName
-EXPL "PKCS #9 Unstructured Name"
-NAME NSS_OID_PKCS9_UNSTRUCTURED_NAME
-
-OID 1.2.840.113549.1.9.3
-TAG contentType
-EXPL "PKCS #9 Content Type"
-NAME NSS_OID_PKCS9_CONTENT_TYPE
-
-OID 1.2.840.113549.1.9.4
-TAG messageDigest
-EXPL "PKCS #9 Message Digest"
-NAME NSS_OID_PKCS9_MESSAGE_DIGEST
-
-OID 1.2.840.113549.1.9.5
-TAG signingTime
-EXPL "PKCS #9 Signing Time"
-NAME NSS_OID_PKCS9_SIGNING_TIME
-
-OID 1.2.840.113549.1.9.6
-TAG counterSignature
-EXPL "PKCS #9 Counter Signature"
-NAME NSS_OID_PKCS9_COUNTER_SIGNATURE
-
-OID 1.2.840.113549.1.9.7
-TAG challengePassword
-EXPL "PKCS #9 Challenge Password"
-NAME NSS_OID_PKCS9_CHALLENGE_PASSWORD
-
-OID 1.2.840.113549.1.9.8
-TAG unstructuredAddress
-EXPL "PKCS #9 Unstructured Address"
-NAME NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS
-
-OID 1.2.840.113549.1.9.9
-TAG extendedCertificateAttributes
-EXPL "PKCS #9 Extended Certificate Attributes"
-NAME NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES
-
-OID 1.2.840.113549.1.9.15
-TAG sMIMECapabilities
-EXPL "PKCS #9 S/MIME Capabilities"
-NAME NSS_OID_PKCS9_SMIME_CAPABILITIES
-
-OID 1.2.840.113549.1.9.20
-TAG friendlyName
-EXPL "PKCS #9 Friendly Name"
-NAME NSS_OID_PKCS9_FRIENDLY_NAME
-
-OID 1.2.840.113549.1.9.21
-TAG localKeyID
-EXPL "PKCS #9 Local Key ID"
-NAME NSS_OID_PKCS9_LOCAL_KEY_ID
-
-OID 1.2.840.113549.1.9.22
-TAG certTypes
-EXPL "PKCS #9 Certificate Types"
-
-OID 1.2.840.113549.1.9.22.1
-TAG x509Certificate
-EXPL "PKCS #9 Certificate Type = X.509"
-NAME NSS_OID_PKCS9_X509_CERT
-
-OID 1.2.840.113549.1.9.22.2
-TAG sdsiCertificate
-EXPL "PKCS #9 Certificate Type = SDSI"
-NAME NSS_OID_PKCS9_SDSI_CERT
-
-OID 1.2.840.113549.1.9.23
-TAG crlTypes
-EXPL "PKCS #9 Certificate Revocation List Types"
-
-OID 1.2.840.113549.1.9.23.1
-TAG x509Crl
-EXPL "PKCS #9 CRL Type = X.509"
-NAME NSS_OID_PKCS9_X509_CRL
-
-OID 1.2.840.113549.1.12
-# http://www.rsa.com/rsalabs/pubs/PKCS/html/pkcs-12.html
-# NOTE -- PKCS #12 multiple contradictory
-# documents exist. Somebody go figure out the canonical
-# OID list, keeping in mind backwards-compatability..
-TAG pkcs-12
-EXPL "PKCS #12"
-NAME NSS_OID_PKCS12
-
-OID 1.2.840.113549.1.12.1
-TAG pkcs-12PbeIds
-EXPL "PKCS #12 Password Based Encryption IDs"
-NAME NSS_OID_PKCS12_PBE_IDS
-# We called it SEC_OID_PKCS12_MODE_IDS
-
-OID 1.2.840.113549.1.12.1.1
-TAG pbeWithSHA1And128BitRC4
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.1.2
-TAG pbeWithSHA1And40BitRC4
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.1.3
-TAG pbeWithSHA1And3-KeyTripleDES-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.1.4
-TAG pbeWithSHA1And2-KeyTripleDES-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC
-CKM CKM_PBE_SHA1_DES2_EDE_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.1.5
-TAG pbeWithSHA1And128BitRC2-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.1.6
-TAG pbeWithSHA1And40BitRC2-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.2
-TAG pkcs-12EspvkIds
-EXPL "PKCS #12 ESPVK IDs"
-# We called it SEC_OID_PKCS12_ESPVK_IDS
-
-OID 1.2.840.113549.1.12.2.1
-TAG pkcs8-key-shrouding
-EXPL "PKCS #12 Key Shrouding"
-# We called it SEC_OID_PKCS12_PKCS8_KEY_SHROUDING
-
-OID 1.2.840.113549.1.12.3
-TAG draft1Pkcs-12Bag-ids
-EXPL "Draft 1.0 PKCS #12 Bag IDs"
-# We called it SEC_OID_PKCS12_BAG_IDS
-
-OID 1.2.840.113549.1.12.3.1
-TAG keyBag
-EXPL "Draft 1.0 PKCS #12 Key Bag"
-# We called it SEC_OID_PKCS12_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.3.2
-TAG certAndCRLBagId
-EXPL "Draft 1.0 PKCS #12 Cert and CRL Bag ID"
-# We called it SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
-
-OID 1.2.840.113549.1.12.3.3
-TAG secretBagId
-EXPL "Draft 1.0 PKCS #12 Secret Bag ID"
-# We called it SEC_OID_PKCS12_SECRET_BAG_ID
-
-OID 1.2.840.113549.1.12.3.4
-TAG safeContentsId
-EXPL "Draft 1.0 PKCS #12 Safe Contents Bag ID"
-# We called it SEC_OID_PKCS12_SAFE_CONTENTS_ID
-
-OID 1.2.840.113549.1.12.3.5
-TAG pkcs-8ShroudedKeyBagId
-EXPL "Draft 1.0 PKCS #12 PKCS #8-shrouded Key Bag ID"
-# We called it SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.4
-TAG pkcs-12CertBagIds
-EXPL "PKCS #12 Certificate Bag IDs"
-# We called it SEC_OID_PKCS12_CERT_BAG_IDS
-
-OID 1.2.840.113549.1.12.4.1
-TAG x509CertCRLBagId
-EXPL "PKCS #12 X.509 Certificate and CRL Bag"
-# We called it SEC_OID_PKCS12_X509_CERT_CRL_BAG
-
-OID 1.2.840.113549.1.12.4.2
-TAG SDSICertBagID
-EXPL "PKCS #12 SDSI Certificate Bag"
-# We called it SEC_OID_PKCS12_SDSI_CERT_BAG
-
-OID 1.2.840.113549.1.12.5
-TAG pkcs-12Oids
-EXPL "PKCS #12 OIDs (XXX)"
-# We called it SEC_OID_PKCS12_OIDS
-
-OID 1.2.840.113549.1.12.5.1
-TAG pkcs-12PbeIds
-EXPL "PKCS #12 OIDs PBE IDs (XXX)"
-# We called it SEC_OID_PKCS12_PBE_IDS
-
-OID 1.2.840.113549.1.12.5.1.1
-TAG pbeWithSha1And128BitRC4
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC4 (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.1.2
-TAG pbeWithSha1And40BitRC4
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC4 (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.1.3
-TAG pbeWithSha1AndTripleDES-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and Triple DES-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.5.1.4
-TAG pbeWithSha1And128BitRC2-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC2-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.5.1.5
-TAG pbeWithSha1And40BitRC2-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC2-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.5.2
-TAG pkcs-12EnvelopingIds
-EXPL "PKCS #12 OIDs Enveloping IDs (XXX)"
-# We called it SEC_OID_PKCS12_ENVELOPING_IDS
-
-OID 1.2.840.113549.1.12.5.2.1
-TAG rsaEncryptionWith128BitRC4
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 128-bit RC4"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.2.2
-TAG rsaEncryptionWith40BitRC4
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 40-bit RC4"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.2.3
-TAG rsaEncryptionWithTripleDES
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with Triple DES"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES
-
-OID 1.2.840.113549.1.12.5.3
-TAG pkcs-12SignatureIds
-EXPL "PKCS #12 OIDs Signature IDs (XXX)"
-# We called it SEC_OID_PKCS12_SIGNATURE_IDS
-
-OID 1.2.840.113549.1.12.5.3.1
-TAG rsaSignatureWithSHA1Digest
-EXPL "PKCS #12 OIDs RSA Signature with SHA-1 Digest"
-# We called it SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST
-
-OID 1.2.840.113549.1.12.10
-TAG pkcs-12Version1
-EXPL "PKCS #12 Version 1"
-
-OID 1.2.840.113549.1.12.10.1
-TAG pkcs-12BagIds
-EXPL "PKCS #12 Bag IDs"
-
-OID 1.2.840.113549.1.12.10.1.1
-TAG keyBag
-EXPL "PKCS #12 Key Bag"
-NAME NSS_OID_PKCS12_KEY_BAG
-# We called it SEC_OID_PKCS12_V1_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.2
-TAG pkcs-8ShroudedKeyBag
-EXPL "PKCS #12 PKCS #8-shrouded Key Bag"
-NAME NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG
-# We called it SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.3
-TAG certBag
-EXPL "PKCS #12 Certificate Bag"
-NAME NSS_OID_PKCS12_CERT_BAG
-# We called it SEC_OID_PKCS12_V1_CERT_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.4
-TAG crlBag
-EXPL "PKCS #12 CRL Bag"
-NAME NSS_OID_PKCS12_CRL_BAG
-# We called it SEC_OID_PKCS12_V1_CRL_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.5
-TAG secretBag
-EXPL "PKCS #12 Secret Bag"
-NAME NSS_OID_PKCS12_SECRET_BAG
-# We called it SEC_OID_PKCS12_V1_SECRET_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.6
-TAG safeContentsBag
-EXPL "PKCS #12 Safe Contents Bag"
-NAME NSS_OID_PKCS12_SAFE_CONTENTS_BAG
-# We called it SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID
-
-OID 1.2.840.113549.2
-TAG digest
-EXPL "RSA digest algorithm"
-
-OID 1.2.840.113549.2.2
-TAG md2
-EXPL "MD2"
-NAME NSS_OID_MD2
-CKM CKM_MD2
-
-OID 1.2.840.113549.2.4
-TAG md4
-EXPL "MD4"
-NAME NSS_OID_MD4
-# No CKM
-
-OID 1.2.840.113549.2.5
-TAG md5
-EXPL "MD5"
-NAME NSS_OID_MD5
-CKM CKM_MD5
-
-OID 1.2.840.113549.3
-TAG cipher
-EXPL "RSA cipher algorithm"
-
-OID 1.2.840.113549.3.2
-TAG rc2cbc
-EXPL "RC2-CBC"
-NAME NSS_OID_RC2_CBC
-CKM_RC2_CBC
-
-OID 1.2.840.113549.3.4
-TAG rc4
-EXPL "RC4"
-NAME NSS_OID_RC4
-CKM CKM_RC4
-
-OID 1.2.840.113549.3.7
-TAG desede3cbc
-EXPL "DES-EDE3-CBC"
-NAME NSS_OID_DES_EDE3_CBC
-CKM CKM_DES3_CBC
-
-OID 1.2.840.113549.3.9
-TAG rc5cbcpad
-EXPL "RC5-CBCPad"
-NAME NSS_OID_RC5_CBC_PAD
-CKM CKM_RC5_CBC
-
-OID 1.2.840.113556
-TAG microsoft
-EXPL "Microsoft"
-
-OID 1.2.840.113560
-TAG columbia-university
-EXPL "Columbia University"
-
-OID 1.2.840.113572
-TAG unisys
-EXPL "Unisys"
-
-OID 1.2.840.113658
-TAG xapia
-EXPL "XAPIA"
-
-OID 1.2.840.113699
-TAG wordperfect
-EXPL "WordPerfect"
-
-OID 1.3
-TAG identified-organization
-EXPL "ISO identified organizations"
-
-OID 1.3.6
-TAG us-dod
-EXPL "United States Department of Defense"
-
-OID 1.3.6.1
-TAG internet # See RFC 1065
-EXPL "The Internet"
-
-OID 1.3.6.1.1
-TAG directory
-EXPL "Internet: Directory"
-
-OID 1.3.6.1.2
-TAG management
-EXPL "Internet: Management"
-
-OID 1.3.6.1.3
-TAG experimental
-EXPL "Internet: Experimental"
-
-OID 1.3.6.1.4
-TAG private
-EXPL "Internet: Private"
-
-OID 1.3.6.1.5
-TAG security
-EXPL "Internet: Security"
-
-OID 1.3.6.1.5.5
-
-# RFC 2459:
-#
-# id-pkix OBJECT IDENTIFIER ::=
-# { iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) }
-OID 1.3.6.1.5.5.7
-TAG id-pkix
-EXPL "Public Key Infrastructure"
-
-# RFC 2459:
-#
-# PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-88(1)}
-OID 1.3.6.1.5.5.7.0.1
-TAG PKIX1Explicit88
-EXPL "RFC 2459 Explicitly Tagged Module, 1988 Syntax"
-
-# RFC 2459:
-#
-# PKIX1Implicit88 {iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)}
-OID 1.3.6.1.5.5.7.0.2
-TAG PKIXImplicit88
-EXPL "RFC 2459 Implicitly Tagged Module, 1988 Syntax"
-
-# RFC 2459:
-#
-# PKIX1Explicit93 {iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-93(3)}
-OID 1.3.6.1.5.5.7.0.3
-TAG PKIXExplicit93
-EXPL "RFC 2459 Explicitly Tagged Module, 1993 Syntax"
-
-# RFC 2459:
-#
-# id-pe OBJECT IDENTIFIER ::= { id-pkix 1 }
-# -- arc for private certificate extensions
-OID 1.3.6.1.5.5.7.1
-TAG id-pe
-EXPL "PKIX Private Certificate Extensions"
-
-# RFC 2459:
-#
-# id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
-OID 1.3.6.1.5.5.7.1.1
-TAG id-pe-authorityInfoAccess
-EXPL "Certificate Authority Information Access"
-NAME NSS_OID_X509_AUTH_INFO_ACCESS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
-# -- arc for policy qualifier types
-OID 1.3.6.1.5.5.7.2
-TAG id-qt
-EXPL "PKIX Policy Qualifier Types"
-
-# RFC 2459:
-#
-# id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 }
-# -- OID for CPS qualifier
-OID 1.3.6.1.5.5.7.2.1
-TAG id-qt-cps
-EXPL "PKIX CPS Pointer Qualifier"
-NAME NSS_OID_PKIX_CPS_POINTER_QUALIFIER
-
-# RFC 2459:
-#
-# id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
-# -- OID for user notice qualifier
-OID 1.3.6.1.5.5.7.2.2
-TAG id-qt-unotice
-EXPL "PKIX User Notice Qualifier"
-NAME NSS_OID_PKIX_USER_NOTICE_QUALIFIER
-
-# RFC 2459:
-#
-# id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
-# -- arc for extended key purpose OIDS
-OID 1.3.6.1.5.5.7.3
-TAG id-kp
-EXPL "PKIX Key Purpose"
-
-# RFC 2459:
-#
-# id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
-OID 1.3.6.1.5.5.7.3.1
-TAG id-kp-serverAuth
-EXPL "TLS Web Server Authentication Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_SERVER_AUTH
-
-# RFC 2459:
-#
-# id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
-OID 1.3.6.1.5.5.7.3.2
-TAG id-kp-clientAuth
-EXPL "TLS Web Client Authentication Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH
-
-# RFC 2459:
-#
-# id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
-OID 1.3.6.1.5.5.7.3.3
-TAG id-kp-codeSigning
-EXPL "Code Signing Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_CODE_SIGN
-
-# RFC 2459:
-#
-# id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
-OID 1.3.6.1.5.5.7.3.4
-TAG id-kp-emailProtection
-EXPL "E-Mail Protection Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION
-
-# RFC 2459:
-#
-# id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 }
-OID 1.3.6.1.5.5.7.3.5
-TAG id-kp-ipsecEndSystem
-EXPL "IPSEC End System Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM
-
-# RFC 2459:
-#
-# id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 }
-OID 1.3.6.1.5.5.7.3.6
-TAG id-kp-ipsecTunnel
-EXPL "IPSEC Tunnel Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL
-
-# RFC 2459:
-#
-# id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 }
-OID 1.3.6.1.5.5.7.3.7
-TAG id-kp-ipsecUser
-EXPL "IPSEC User Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_USER
-
-# RFC 2459:
-#
-# id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
-OID 1.3.6.1.5.5.7.3.8
-TAG id-kp-timeStamping
-EXPL "Time Stamping Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_TIME_STAMP
-
-OID 1.3.6.1.5.5.7.3.9
-TAG ocsp-responder
-EXPL "OCSP Responder Certificate"
-NAME NSS_OID_OCSP_RESPONDER
-
-OID 1.3.6.1.5.5.7.7
-TAG pkix-id-pkix
-
-OID 1.3.6.1.5.5.7.7.5
-TAG pkix-id-pkip
-
-OID 1.3.6.1.5.5.7.7.5.1
-TAG pkix-id-regctrl
-EXPL "CRMF Registration Control"
-
-OID 1.3.6.1.5.5.7.7.5.1.1
-TAG regtoken
-EXPL "CRMF Registration Control, Registration Token"
-NAME NSS_OID_PKIX_REGCTRL_REGTOKEN
-
-OID 1.3.6.1.5.5.7.7.5.1.2
-TAG authenticator
-EXPL "CRMF Registration Control, Registration Authenticator"
-NAME NSS_OID_PKIX_REGCTRL_AUTHENTICATOR
-
-OID 1.3.6.1.5.5.7.7.5.1.3
-TAG pkipubinfo
-EXPL "CRMF Registration Control, PKI Publication Info"
-NAME NSS_OID_PKIX_REGCTRL_PKIPUBINFO
-
-OID 1.3.6.1.5.5.7.7.5.1.4
-TAG pki-arch-options
-EXPL "CRMF Registration Control, PKI Archive Options"
-NAME NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS
-
-OID 1.3.6.1.5.5.7.7.5.1.5
-TAG old-cert-id
-EXPL "CRMF Registration Control, Old Certificate ID"
-NAME NSS_OID_PKIX_REGCTRL_OLD_CERT_ID
-
-OID 1.3.6.1.5.5.7.7.5.1.6
-TAG protocol-encryption-key
-EXPL "CRMF Registration Control, Protocol Encryption Key"
-NAME NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY
-
-OID 1.3.6.1.5.5.7.7.5.2
-TAG pkix-id-reginfo
-EXPL "CRMF Registration Info"
-
-OID 1.3.6.1.5.5.7.7.5.2.1
-TAG utf8-pairs
-EXPL "CRMF Registration Info, UTF8 Pairs"
-NAME NSS_OID_PKIX_REGINFO_UTF8_PAIRS
-
-OID 1.3.6.1.5.5.7.7.5.2.2
-TAG cert-request
-EXPL "CRMF Registration Info, Certificate Request"
-NAME NSS_OID_PKIX_REGINFO_CERT_REQUEST
-
-# RFC 2549:
-#
-# id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
-# -- arc for access descriptors
-OID 1.3.6.1.5.5.7.48
-TAG id-ad
-EXPL "PKIX Access Descriptors"
-
-# RFC 2549:
-#
-# id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
-OID 1.3.6.1.5.5.7.48.1
-TAG id-ad-ocsp
-EXPL "PKIX Online Certificate Status Protocol"
-NAME NSS_OID_OID_PKIX_OCSP
-
-OID 1.3.6.1.5.5.7.48.1.1
-TAG basic-response
-EXPL "OCSP Basic Response"
-NAME NSS_OID_PKIX_OCSP_BASIC_RESPONSE
-
-OID 1.3.6.1.5.5.7.48.1.2
-TAG nonce-extension
-EXPL "OCSP Nonce Extension"
-NAME NSS_OID_PKIX_OCSP_NONCE
-
-OID 1.3.6.1.5.5.7.48.1.3
-TAG response
-EXPL "OCSP Response Types Extension"
-NAME NSS_OID_PKIX_OCSP_RESPONSE
-
-OID 1.3.6.1.5.5.7.48.1.4
-TAG crl
-EXPL "OCSP CRL Reference Extension"
-NAME NSS_OID_PKIX_OCSP_CRL
-
-OID 1.3.6.1.5.5.7.48.1.5
-TAG no-check
-EXPL "OCSP No Check Extension"
-NAME NSS_OID_X509_OCSP_NO_CHECK # X509_... ?
-
-OID 1.3.6.1.5.5.7.48.1.6
-TAG archive-cutoff
-EXPL "OCSP Archive Cutoff Extension"
-NAME NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF
-
-OID 1.3.6.1.5.5.7.48.1.7
-TAG service-locator
-EXPL "OCSP Service Locator Extension"
-NAME NSS_OID_PKIX_OCSP_SERVICE_LOCATOR
-
-# RFC 2549:
-#
-# id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
-OID 1.3.6.1.5.5.7.48.2
-TAG id-ad-caIssuers
-EXPL "Certificate Authority Issuers"
-
-OID 1.3.6.1.6
-TAG snmpv2
-EXPL "Internet: SNMPv2"
-
-OID 1.3.6.1.7
-TAG mail
-EXPL "Internet: mail"
-
-OID 1.3.6.1.7.1
-TAG mime-mhs
-EXPL "Internet: mail MIME mhs"
-
-OID 1.3.12
-TAG ecma
-EXPL "European Computers Manufacturing Association"
-
-OID 1.3.14
-TAG oiw
-EXPL "Open Systems Implementors Workshop"
-
-OID 1.3.14.3 secsig
-TAG secsig
-EXPL "Open Systems Implementors Workshop Security Special Interest Group"
-
-OID 1.3.14.3.1
-TAG oIWSECSIGAlgorithmObjectIdentifiers
-EXPL "OIW SECSIG Algorithm OIDs"
-
-OID 1.3.14.3.2
-TAG algorithm
-EXPL "OIW SECSIG Algorithm"
-
-OID 1.3.14.3.2.6
-TAG desecb
-EXPL "DES-ECB"
-NAME NSS_OID_DES_ECB
-CKM CKM_DES_ECB
-
-OID 1.3.14.3.2.7
-TAG descbc
-EXPL "DES-CBC"
-NAME NSS_OID_DES_CBC
-CKM CKM_DES_CBC
-
-OID 1.3.14.3.2.8
-TAG desofb
-EXPL "DES-OFB"
-NAME NSS_OID_DES_OFB
-# No CKM..
-
-OID 1.3.14.3.2.9
-TAG descfb
-EXPL "DES-CFB"
-NAME NSS_OID_DES_CFB
-# No CKM..
-
-OID 1.3.14.3.2.10
-TAG desmac
-EXPL "DES-MAC"
-NAME NSS_OID_DES_MAC
-CKM CKM_DES_MAC
-
-OID 1.3.14.3.2.15
-TAG isoSHAWithRSASignature
-EXPL "ISO SHA with RSA Signature"
-NAME NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE
-# No CKM..
-
-OID 1.3.14.3.2.17
-TAG desede
-EXPL "DES-EDE"
-NAME NSS_OID_DES_EDE
-# No CKM..
-
-OID 1.3.14.3.2.26
-TAG sha1
-EXPL "SHA-1"
-NAME NSS_OID_SHA1
-CKM CKM_SHA_1
-
-OID 1.3.14.3.2.27
-TAG bogusDSASignatureWithSHA1Digest
-EXPL "Forgezza DSA Signature with SHA-1 Digest"
-NAME NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST
-CKM CKM_DSA_SHA1
-
-OID 1.3.14.3.3
-TAG authentication-mechanism
-EXPL "OIW SECSIG Authentication Mechanisms"
-
-OID 1.3.14.3.4
-TAG security-attribute
-EXPL "OIW SECSIG Security Attributes"
-
-OID 1.3.14.3.5
-TAG document-definition
-EXPL "OIW SECSIG Document Definitions used in security"
-
-OID 1.3.14.7
-TAG directory-services-sig
-EXPL "OIW directory services sig"
-
-OID 1.3.16
-TAG ewos
-EXPL "European Workshop on Open Systems"
-
-OID 1.3.22
-TAG osf
-EXPL "Open Software Foundation"
-
-OID 1.3.23
-TAG nordunet
-EXPL "Nordunet"
-
-OID 1.3.26
-TAG nato-id-org
-EXPL "NATO identified organisation"
-
-OID 1.3.36
-TAG teletrust
-EXPL "Teletrust"
-
-OID 1.3.52
-TAG smpte
-EXPL "Society of Motion Picture and Television Engineers"
-
-OID 1.3.69
-TAG sita
-EXPL "Societe Internationale de Telecommunications Aeronautiques"
-
-OID 1.3.90
-TAG iana
-EXPL "Internet Assigned Numbers Authority"
-
-OID 1.3.101
-TAG thawte
-EXPL "Thawte"
-
-OID 2
-TAG joint-iso-ccitt
-EXPL "Joint ISO/ITU-T assignment"
-
-OID 2.0
-TAG presentation
-EXPL "Joint ISO/ITU-T Presentation"
-
-OID 2.1
-TAG asn-1
-EXPL "Abstract Syntax Notation One"
-
-OID 2.2
-TAG acse
-EXPL "Association Control"
-
-OID 2.3
-TAG rtse
-EXPL "Reliable Transfer"
-
-OID 2.4
-TAG rose
-EXPL "Remote Operations"
-
-OID 2.5
-TAG x500
-EXPL "Directory"
-
-OID 2.5.1
-TAG modules
-EXPL "X.500 modules"
-
-OID 2.5.2
-TAG service-environment
-EXPL "X.500 service environment"
-
-OID 2.5.3
-TAG application-context
-EXPL "X.500 application context"
-
-# RFC 2459:
-#
-# id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4}
-OID 2.5.4
-TAG id-at
-EXPL "X.520 attribute types"
-
-# RFC 2459:
-#
-# id-at-commonName AttributeType ::= {id-at 3}
-OID 2.5.4.3
-TAG id-at-commonName
-EXPL "X.520 Common Name"
-NAME NSS_OID_X520_COMMON_NAME
-ATTR "cn"
-
-# RFC 2459:
-#
-# id-at-surname AttributeType ::= {id-at 4}
-OID 2.5.4.4
-TAG id-at-surname
-EXPL "X.520 Surname"
-NAME NSS_OID_X520_SURNAME
-ATTR "sn"
-
-# RFC 2459:
-#
-# id-at-countryName AttributeType ::= {id-at 6}
-OID 2.5.4.6
-TAG id-at-countryName
-EXPL "X.520 Country Name"
-NAME NSS_OID_X520_COUNTRY_NAME
-ATTR "c"
-
-# RFC 2459:
-#
-# id-at-localityName AttributeType ::= {id-at 7}
-OID 2.5.4.7
-TAG id-at-localityName
-EXPL "X.520 Locality Name"
-NAME NSS_OID_X520_LOCALITY_NAME
-ATTR "l"
-
-# RFC 2459:
-#
-# id-at-stateOrProvinceName AttributeType ::= {id-at 8}
-OID 2.5.4.8
-TAG id-at-stateOrProvinceName
-EXPL "X.520 State or Province Name"
-NAME NSS_OID_X520_STATE_OR_PROVINCE_NAME
-ATTR "s"
-
-# RFC 2459:
-#
-# id-at-organizationName AttributeType ::= {id-at 10}
-OID 2.5.4.10
-TAG id-at-organizationName
-EXPL "X.520 Organization Name"
-NAME NSS_OID_X520_ORGANIZATION_NAME
-ATTR "o"
-
-# RFC 2459:
-#
-# id-at-organizationalUnitName AttributeType ::= {id-at 11}
-OID 2.5.4.11
-TAG id-at-organizationalUnitName
-EXPL "X.520 Organizational Unit Name"
-NAME NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME
-ATTR "ou"
-
-# RFC 2459:
-#
-# id-at-title AttributeType ::= {id-at 12}
-OID 2.5.4.12
-TAG id-at-title
-EXPL "X.520 Title"
-NAME NSS_OID_X520_TITLE
-ATTR "title"
-
-# RFC 2459:
-#
-# id-at-name AttributeType ::= {id-at 41}
-OID 2.5.4.41
-TAG id-at-name
-EXPL "X.520 Name"
-NAME NSS_OID_X520_NAME
-ATTR "name"
-
-# RFC 2459:
-#
-# id-at-givenName AttributeType ::= {id-at 42}
-OID 2.5.4.42
-TAG id-at-givenName
-EXPL "X.520 Given Name"
-NAME NSS_OID_X520_GIVEN_NAME
-ATTR "givenName"
-
-# RFC 2459:
-#
-# id-at-initials AttributeType ::= {id-at 43}
-OID 2.5.4.43
-TAG id-at-initials
-EXPL "X.520 Initials"
-NAME NSS_OID_X520_INITIALS
-ATTR "initials"
-
-# RFC 2459:
-#
-# id-at-generationQualifier AttributeType ::= {id-at 44}
-OID 2.5.4.44
-TAG id-at-generationQualifier
-EXPL "X.520 Generation Qualifier"
-NAME NSS_OID_X520_GENERATION_QUALIFIER
-ATTR "generationQualifier"
-
-# RFC 2459:
-#
-# id-at-dnQualifier AttributeType ::= {id-at 46}
-OID 2.5.4.46
-TAG id-at-dnQualifier
-EXPL "X.520 DN Qualifier"
-NAME NSS_OID_X520_DN_QUALIFIER
-ATTR "dnQualifier"
-
-OID 2.5.5
-TAG attribute-syntax
-EXPL "X.500 attribute syntaxes"
-
-OID 2.5.6
-TAG object-classes
-EXPL "X.500 standard object classes"
-
-OID 2.5.7
-TAG attribute-set
-EXPL "X.500 attribute sets"
-
-OID 2.5.8
-TAG algorithms
-EXPL "X.500-defined algorithms"
-
-OID 2.5.8.1
-TAG encryption
-EXPL "X.500-defined encryption algorithms"
-
-OID 2.5.8.1.1
-TAG rsa
-EXPL "RSA Encryption Algorithm"
-NAME NSS_OID_X500_RSA_ENCRYPTION
-CKM CKM_RSA_X_509
-
-OID 2.5.9
-TAG abstract-syntax
-EXPL "X.500 abstract syntaxes"
-
-OID 2.5.12
-TAG operational-attribute
-EXPL "DSA Operational Attributes"
-
-OID 2.5.13
-TAG matching-rule
-EXPL "Matching Rule"
-
-OID 2.5.14
-TAG knowledge-matching-rule
-EXPL "X.500 knowledge Matching Rules"
-
-OID 2.5.15
-TAG name-form
-EXPL "X.500 name forms"
-
-OID 2.5.16
-TAG group
-EXPL "X.500 groups"
-
-OID 2.5.17
-TAG subentry
-EXPL "X.500 subentry"
-
-OID 2.5.18
-TAG operational-attribute-type
-EXPL "X.500 operational attribute type"
-
-OID 2.5.19
-TAG operational-binding
-EXPL "X.500 operational binding"
-
-OID 2.5.20
-TAG schema-object-class
-EXPL "X.500 schema Object class"
-
-OID 2.5.21
-TAG schema-operational-attribute
-EXPL "X.500 schema operational attributes"
-
-OID 2.5.23
-TAG administrative-role
-EXPL "X.500 administrative roles"
-
-OID 2.5.24
-TAG access-control-attribute
-EXPL "X.500 access control attribute"
-
-OID 2.5.25
-TAG ros
-EXPL "X.500 ros object"
-
-OID 2.5.26
-TAG contract
-EXPL "X.500 contract"
-
-OID 2.5.27
-TAG package
-EXPL "X.500 package"
-
-OID 2.5.28
-TAG access-control-schema
-EXPL "X.500 access control schema"
-
-# RFC 2459:
-#
-# id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29}
-OID 2.5.29
-TAG id-ce
-EXPL "X.500 Certificate Extension"
-
-OID 2.5.29.5
-TAG subject-directory-attributes
-EXPL "Certificate Subject Directory Attributes"
-NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTR
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 }
-OID 2.5.29.9
-TAG id-ce-subjectDirectoryAttributes
-EXPL "Certificate Subject Directory Attributes"
-NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 }
-OID 2.5.29.14
-TAG id-ce-subjectKeyIdentifier
-EXPL "Certificate Subject Key ID"
-NAME NSS_OID_X509_SUBJECT_KEY_ID
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
-OID 2.5.29.15
-TAG id-ce-keyUsage
-EXPL "Certificate Key Usage"
-NAME NSS_OID_X509_KEY_USAGE
-CERT_EXTENSION SUPPORTED
-# We called it PKCS12_KEY_USAGE
-
-# RFC 2459:
-#
-# id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 }
-OID 2.5.29.16
-TAG id-ce-privateKeyUsagePeriod
-EXPL "Certificate Private Key Usage Period"
-NAME NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
-OID 2.5.29.17
-TAG id-ce-subjectAltName
-EXPL "Certificate Subject Alternate Name"
-NAME NSS_OID_X509_SUBJECT_ALT_NAME
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 }
-OID 2.5.29.18
-TAG id-ce-issuerAltName
-EXPL "Certificate Issuer Alternate Name"
-NAME NSS_OID_X509_ISSUER_ALT_NAME
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
-OID 2.5.29.19
-TAG id-ce-basicConstraints
-EXPL "Certificate Basic Constraints"
-NAME NSS_OID_X509_BASIC_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
-OID 2.5.29.20
-TAG id-ce-cRLNumber
-EXPL "CRL Number"
-NAME NSS_OID_X509_CRL_NUMBER
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
-OID 2.5.29.21
-TAG id-ce-cRLReasons
-EXPL "CRL Reason Code"
-NAME NSS_OID_X509_REASON_CODE
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 }
-OID 2.5.29.23
-TAG id-ce-holdInstructionCode
-EXPL "Hold Instruction Code"
-NAME NSS_OID_X509_HOLD_INSTRUCTION_CODE
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24 }
-OID 2.5.29.24
-TAG id-ce-invalidityDate
-EXPL "Invalid Date"
-NAME NSS_OID_X509_INVALID_DATE
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 }
-OID 2.5.29.27
-TAG id-ce-deltaCRLIndicator
-EXPL "Delta CRL Indicator"
-NAME NSS_OID_X509_DELTA_CRL_INDICATOR
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 }
-OID 2.5.29.28
-TAG id-ce-issuingDistributionPoint
-EXPL "Issuing Distribution Point"
-NAME NSS_OID_X509_ISSUING_DISTRIBUTION_POINT
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 }
-OID 2.5.29.29
-TAG id-ce-certificateIssuer
-EXPL "Certificate Issuer"
-NAME NSS_OID_X509_CERTIFICATE_ISSUER
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 }
-OID 2.5.29.30
-TAG id-ce-nameConstraints
-EXPL "Certificate Name Constraints"
-NAME NSS_OID_X509_NAME_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31}
-OID 2.5.29.31
-TAG id-ce-cRLDistributionPoints
-EXPL "CRL Distribution Points"
-NAME NSS_OID_X509_CRL_DIST_POINTS
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 }
-OID 2.5.29.32
-TAG id-ce-certificatePolicies
-EXPL "Certificate Policies"
-NAME NSS_OID_X509_CERTIFICATE_POLICIES
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 }
-OID 2.5.29.33
-TAG id-ce-policyMappings
-EXPL "Certificate Policy Mappings"
-NAME NSS_OID_X509_POLICY_MAPPINGS
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.5.29.34
-TAG policy-constraints
-EXPL "Certificate Policy Constraints (old)"
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 }
-OID 2.5.29.35
-TAG id-ce-authorityKeyIdentifier
-EXPL "Certificate Authority Key Identifier"
-NAME NSS_OID_X509_AUTH_KEY_ID
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 }
-OID 2.5.29.36
-TAG id-ce-policyConstraints
-EXPL "Certificate Policy Constraints"
-NAME NSS_OID_X509_POLICY_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
-OID 2.5.29.37
-TAG id-ce-extKeyUsage
-EXPL "Extended Key Usage"
-NAME NSS_OID_X509_EXT_KEY_USAGE
-CERT_EXTENSION SUPPORTED
-
-OID 2.5.30
-TAG id-mgt
-EXPL "X.500 Management Object"
-
-OID 2.6
-TAG x400
-EXPL "X.400 MHS"
-
-OID 2.7
-TAG ccr
-EXPL "Committment, Concurrency and Recovery"
-
-OID 2.8
-TAG oda
-EXPL "Office Document Architecture"
-
-OID 2.9
-TAG osi-management
-EXPL "OSI management"
-
-OID 2.10
-TAG tp
-EXPL "Transaction Processing"
-
-OID 2.11
-TAG dor
-EXPL "Distinguished Object Reference"
-
-OID 2.12
-TAG rdt
-EXPL "Referenced Data Transfer"
-
-OID 2.13
-TAG nlm
-EXPL "Network Layer Management"
-
-OID 2.14
-TAG tlm
-EXPL "Transport Layer Management"
-
-OID 2.15
-TAG llm
-EXPL "Link Layer Management"
-
-OID 2.16
-TAG country
-EXPL "Country Assignments"
-
-OID 2.16.124
-TAG canada
-EXPL "Canada"
-
-OID 2.16.158
-TAG taiwan
-EXPL "Taiwan"
-
-OID 2.16.578
-TAG norway
-EXPL "Norway"
-
-OID 2.16.756
-TAG switzerland
-EXPL "Switzerland"
-
-OID 2.16.840
-TAG us
-EXPL "United States"
-
-OID 2.16.840.1
-TAG us-company
-EXPL "United States Company"
-
-OID 2.16.840.1.101
-TAG us-government
-EXPL "United States Government (1.101)"
-
-OID 2.16.840.1.101.2
-TAG us-dod
-EXPL "United States Department of Defense"
-
-OID 2.16.840.1.101.2.1
-TAG id-infosec
-EXPL "US DOD Infosec"
-
-OID 2.16.840.1.101.2.1.0
-TAG id-modules
-EXPL "US DOD Infosec modules"
-
-OID 2.16.840.1.101.2.1.1
-TAG id-algorithms
-EXPL "US DOD Infosec algorithms (MISSI)"
-
-OID 2.16.840.1.101.2.1.1.2
-TAG old-dss
-EXPL "MISSI DSS Algorithm (Old)"
-NAME NSS_OID_MISSI_DSS_OLD
-
-# This is labeled as "### mwelch temporary"
-# Is it official?? XXX fgmr
-OID 2.16.840.1.101.2.1.1.4
-TAG skipjack-cbc-64
-EXPL "Skipjack CBC64"
-NAME NSS_OID_FORTEZZA_SKIPJACK
-CKM CKM_SKIPJACK_CBC64
-
-OID 2.16.840.1.101.2.1.1.10
-TAG kea
-EXPL "MISSI KEA Algorithm"
-NAME NSS_OID_MISSI_KEA
-
-OID 2.16.840.1.101.2.1.1.12
-TAG old-kea-dss
-EXPL "MISSI KEA and DSS Algorithm (Old)"
-NAME NSS_OID_MISSI_KEA_DSS_OLD
-
-OID 2.16.840.1.101.2.1.1.19
-TAG dss
-EXPL "MISSI DSS Algorithm"
-NAME NSS_OID_MISSI_DSS
-
-OID 2.16.840.1.101.2.1.1.20
-TAG kea-dss
-EXPL "MISSI KEA and DSS Algorithm"
-NAME NSS_OID_MISSI_KEA_DSS
-
-OID 2.16.840.1.101.2.1.1.22
-TAG alt-kea
-EXPL "MISSI Alternate KEA Algorithm"
-NAME NSS_OID_MISSI_ALT_KEY
-
-OID 2.16.840.1.101.2.1.2
-TAG id-formats
-EXPL "US DOD Infosec formats"
-
-OID 2.16.840.1.101.2.1.3
-TAG id-policy
-EXPL "US DOD Infosec policy"
-
-OID 2.16.840.1.101.2.1.4
-TAG id-object-classes
-EXPL "US DOD Infosec object classes"
-
-OID 2.16.840.1.101.2.1.5
-TAG id-attributes
-EXPL "US DOD Infosec attributes"
-
-OID 2.16.840.1.101.2.1.6
-TAG id-attribute-syntax
-EXPL "US DOD Infosec attribute syntax"
-
-OID 2.16.840.1.113730
-# The Netscape OID space
-TAG netscape
-EXPL "Netscape Communications Corp."
-
-OID 2.16.840.1.113730.1
-TAG cert-ext
-EXPL "Netscape Cert Extensions"
-
-OID 2.16.840.1.113730.1.1
-TAG cert-type
-EXPL "Certificate Type"
-NAME NSS_OID_NS_CERT_EXT_CERT_TYPE
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.2
-TAG base-url
-EXPL "Certificate Extension Base URL"
-NAME NSS_OID_NS_CERT_EXT_BASE_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.3
-TAG revocation-url
-EXPL "Certificate Revocation URL"
-NAME NSS_OID_NS_CERT_EXT_REVOCATION_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.4
-TAG ca-revocation-url
-EXPL "Certificate Authority Revocation URL"
-NAME NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.5
-TAG ca-crl-download-url
-EXPL "Certificate Authority CRL Download URL"
-NAME NSS_OID_NS_CERT_EXT_CA_CRL_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.6
-TAG ca-cert-url
-EXPL "Certificate Authority Certificate Download URL"
-NAME NSS_OID_NS_CERT_EXT_CA_CERT_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.7
-TAG renewal-url
-EXPL "Certificate Renewal URL"
-NAME NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.8
-TAG ca-policy-url
-EXPL "Certificate Authority Policy URL"
-NAME NSS_OID_NS_CERT_EXT_CA_POLICY_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.9
-TAG homepage-url
-EXPL "Certificate Homepage URL"
-NAME NSS_OID_NS_CERT_EXT_HOMEPAGE_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.10
-TAG entity-logo
-EXPL "Certificate Entity Logo"
-NAME NSS_OID_NS_CERT_EXT_ENTITY_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.11
-TAG user-picture
-EXPL "Certificate User Picture"
-NAME NSS_OID_NS_CERT_EXT_USER_PICTURE
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.12
-TAG ssl-server-name
-EXPL "Certificate SSL Server Name"
-NAME NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.13
-TAG comment
-EXPL "Certificate Comment"
-NAME NSS_OID_NS_CERT_EXT_COMMENT
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.14
-TAG thayes
-EXPL ""
-NAME NSS_OID_NS_CERT_EXT_THAYES
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.2
-TAG data-type
-EXPL "Netscape Data Types"
-
-OID 2.16.840.1.113730.2.1
-TAG gif
-EXPL "image/gif"
-NAME NSS_OID_NS_TYPE_GIF
-
-OID 2.16.840.1.113730.2.2
-TAG jpeg
-EXPL "image/jpeg"
-NAME NSS_OID_NS_TYPE_JPEG
-
-OID 2.16.840.1.113730.2.3
-TAG url
-EXPL "URL"
-NAME NSS_OID_NS_TYPE_URL
-
-OID 2.16.840.1.113730.2.4
-TAG html
-EXPL "text/html"
-NAME NSS_OID_NS_TYPE_HTML
-
-OID 2.16.840.1.113730.2.5
-TAG cert-sequence
-EXPL "Certificate Sequence"
-NAME NSS_OID_NS_TYPE_CERT_SEQUENCE
-
-OID 2.16.840.1.113730.3
-# The Netscape Directory OID space
-TAG directory
-EXPL "Netscape Directory"
-
-OID 2.16.840.1.113730.4
-TAG policy
-EXPL "Netscape Policy Type OIDs"
-
-OID 2.16.840.1.113730.4.1
-TAG export-approved
-EXPL "Strong Crypto Export Approved"
-NAME NSS_OID_NS_KEY_USAGE_GOVT_APPROVED
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.5
-TAG cert-server
-EXPL "Netscape Certificate Server"
-
-OID 2.16.840.1.113730.5.1
-
-OID 2.16.840.1.113730.5.1.1
-TAG recovery-request
-EXPL "Netscape Cert Server Recovery Request"
-NAME NSS_OID_NETSCAPE_RECOVERY_REQUEST
-
-OID 2.16.840.1.113730.6
-TAG algs
-EXPL "Netscape algorithm OIDs"
-
-OID 2.16.840.1.113730.6.1
-TAG smime-kea
-EXPL "Netscape S/MIME KEA"
-NAME NSS_OID_NETSCAPE_SMIME_KEA
-
-OID 2.16.840.1.113730.7
-TAG name-components
-EXPL "Netscape Name Components"
-
-OID 2.16.840.1.113730.7.1
-TAG nickname
-EXPL "Netscape Nickname"
-NAME NSS_OID_NETSCAPE_NICKNAME
-
-OID 2.16.840.1.113733
-TAG verisign
-EXPL "Verisign"
-
-OID 2.16.840.1.113733.1
-
-OID 2.16.840.1.113733.1.7
-
-OID 2.16.840.1.113733.1.7.1
-
-OID 2.16.840.1.113733.1.7.1.1
-TAG verisign-user-notices
-EXPL "Verisign User Notices"
-NAME NSS_OID_VERISIGN_USER_NOTICES
-
-OID 2.16.840.101
-TAG us-government
-EXPL "US Government (101)"
-
-OID 2.16.840.102
-TAG us-government2
-EXPL "US Government (102)"
-
-OID 2.16.840.11370
-TAG old-netscape
-EXPL "Netscape Communications Corp. (Old)"
-
-OID 2.16.840.11370.1
-TAG ns-cert-ext
-EXPL "Netscape Cert Extensions (Old NS)"
-
-OID 2.16.840.11370.1.1
-TAG netscape-ok
-EXPL "Netscape says this cert is ok (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_NETSCAPE_OK
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.1.2
-TAG issuer-logo
-EXPL "Certificate Issuer Logo (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_ISSUER_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.1.3
-TAG subject-logo
-EXPL "Certificate Subject Logo (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_SUBJECT_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.2
-TAG ns-file-type
-EXPL "Netscape File Type"
-
-OID 2.16.840.11370.3
-TAG ns-image-type
-EXPL "Netscape Image Type"
-
-OID 2.17
-TAG registration-procedures
-EXPL "Registration procedures"
-
-OID 2.18
-TAG physical-layer-management
-EXPL "Physical layer Management"
-
-OID 2.19
-TAG mheg
-EXPL "MHEG"
-
-OID 2.20
-TAG guls
-EXPL "Generic Upper Layer Security"
-
-OID 2.21
-TAG tls
-EXPL "Transport Layer Security Protocol"
-
-OID 2.22
-TAG nls
-EXPL "Network Layer Security Protocol"
-
-OID 2.23
-TAG organization
-EXPL "International organizations"
diff --git a/security/nss/lib/pki1/pki1.h b/security/nss/lib/pki1/pki1.h
deleted file mode 100644
index 15d29685d..000000000
--- a/security/nss/lib/pki1/pki1.h
+++ /dev/null
@@ -1,3032 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI1_H
-#define PKI1_H
-
-#ifdef DEBUG
-static const char PKI1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pki1.h
- *
- * This file contains the prototypes to the non-public NSS routines
- * relating to the PKIX part-1 objects.
- */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-#ifndef NSSPKI1_H
-#include "nsspki1.h"
-#endif /* NSSPKI1_H */
-
-PR_BEGIN_EXTERN_C
-
-/* fgmr 19990505 moved these here from oiddata.h */
-extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];
-extern const PRUint32 nss_attribute_type_alias_count;
-
-/*
- * NSSOID
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssOID_CreateFromBER -- constructor
- * nssOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * nssOID_GetDEREncoding
- * nssOID_GetUTF8Encoding
- *
- * In debug builds, the following non-public calls are also available:
- *
- * nssOID_verifyPointer
- * nssOID_getExplanation
- * nssOID_getTaggedUTF8
- */
-
-/*
- * nssOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NSS_OID_UNKNOWN upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromBER
-(
- NSSBER *berOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_UTF8;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-nssOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-nssOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-);
-
-/*
- * nssOID_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid poitner to an NSSOID object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssOID_verifyPointer
-(
- const NSSOID *oid
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getExplanation
- *
- * This method is only present in debug builds.
- *
- * This routine will return a static pointer to a UTF8-encoded string
- * describing (in English) the specified OID. The memory pointed to
- * by the return value is not owned by the caller, and should not be
- * freed or modified. Note that explanations are only provided for
- * the OIDs built into the NSS library; there is no way to specify an
- * explanation for dynamically created OIDs. This routine is intended
- * only for use in debugging tools such as "derdump." This routine
- * may return null upon error, in which case it will have placed an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- * NULL upon error
- * A static pointer to a readonly, non-caller-owned UTF8-encoded
- * string explaining the specified OID.
- */
-
-#ifdef DEBUG
-NSS_EXTERN const NSSUTF8 *
-nssOID_getExplanation
-(
- NSSOID *oid
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getTaggedUTF8
- *
- * This method is only present in debug builds.
- *
- * This routine will return a pointer to a caller-owned UTF8-encoded
- * string containing a tagged encoding of the specified OID. Note
- * that OID (component) tags are only provided for the OIDs built
- * into the NSS library; there is no way to specify tags for
- * dynamically created OIDs. This routine is intended for use in
- * debugging tools such as "derdump." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the tagged encoding of
- * this NSSOID
- */
-
-#ifdef DEBUG
-NSS_EXTERN NSSUTF8 *
-nssOID_getTaggedUTF8
-(
- NSSOID *oid,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
-
-/*
- * NSSATAV
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssATAV_CreateFromBER -- constructor
- * nssATAV_CreateFromUTF8 -- constructor
- * nssATAV_Create -- constructor
- *
- * nssATAV_Destroy
- * nssATAV_GetDEREncoding
- * nssATAV_GetUTF8Encoding
- * nssATAV_GetType
- * nssATAV_GetValue
- * nssATAV_Compare
- * nssATAV_Duplicate
- *
- * In debug builds, the following non-public call is also available:
- *
- * nssATAV_verifyPointer
- */
-
-/*
- * nssATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- const NSSBER *berATAV
-);
-
-/*
- * nssATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- const NSSUTF8 *stringATAV
-);
-
-/*
- * nssATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-);
-
-/*
- * nssATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssATAV_Destroy
-(
- NSSATAV *atav
-);
-
-/*
- * nssATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_EXTERN NSSDER *
-nssATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_EXTERN NSSUTF8 *
-nssATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An element of enum NSSOIDenum upon success
- */
-
-NSS_EXTERN const NSSOID *
-nssATAV_GetType
-(
- NSSATAV *atav
-);
-
-/*
- * nssATAV_GetValue
- *
- * This routine returns a string containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error upon the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_EXTERN NSSUTF8 *
-nssATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have set an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-);
-
-/*
- * nssATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSATAV object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILRUE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssATAV_verifyPointer
-(
- NSSATAV *atav
-);
-#endif /* DEBUG */
-
-/*
- * NSSRDN
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssRDN_CreateFromBER -- constructor
- * nssRDN_CreateFromUTF8 -- constructor
- * nssRDN_Create -- constructor
- * nssRDN_CreateSimple -- constructor
- *
- * nssRDN_Destroy
- * nssRDN_GetDEREncoding
- * nssRDN_GetUTF8Encoding
- * nssRDN_AddATAV
- * nssRDN_GetATAVCount
- * nssRDN_GetATAV
- * nssRDN_GetSimpleATAV
- * nssRDN_Compare
- * nssRDN_Duplicate
- */
-
-/*
- * nssRDN_CreateFromBER
- *
- * This routine creates an NSSRDN by decoding a BER- or DER-encoded
- * RDN. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDN
-);
-
-/*
- * nssRDN_CreateFromUTF8
- *
- * This routine creates an NSSRDN by decoding an UTF8 string
- * consisting of either a single ATAV in the "equals" format, e.g.,
- * "uid=smith," or one or more such ATAVs in parentheses, e.g.,
- * "(sn=Smith,ou=Sales)." If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDN
-);
-
-/*
- * nssRDN_Create
- *
- * This routine creates an NSSRDN from one or more NSSATAVs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_Create
-(
- NSSArena *arenaOpt,
- NSSATAV *atav1,
- ...
-);
-
-/*
- * nssRDN_CreateSimple
- *
- * This routine creates a simple NSSRDN from a single NSSATAV. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateSimple
-(
- NSSArena *arenaOpt,
- NSSATAV *atav
-);
-
-/*
- * nssRDN_Destroy
- *
- * This routine will destroy an RDN object. It should eventually be
- * called on all RDNs created without an arena. While it is not
- * necessary to call it on RDNs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssRDN_Destroy
-(
- NSSRDN *rdn
-);
-
-/*
- * nssRDN_GetDEREncoding
- *
- * This routine will DER-encode an RDN object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDN
- */
-
-NSS_EXTERN NSSDER *
-nssRDN_GetDEREncoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDN. A simple (one-ATAV) RDN will be simply
- * the string representation of that ATAV; a non-simple RDN will be in
- * parenthesised form. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * null upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssRDN_GetUTF8Encoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_AddATAV
- *
- * This routine adds an ATAV to the set of ATAVs in the specified RDN.
- * Remember that RDNs consist of an unordered set of ATAVs. If the
- * RDN was created with a non-null arena argument, that same arena
- * will be used for any additional required memory. If the RDN was
- * created with a NULL arena argument, any additional memory will
- * be obtained from the heap. This routine returns a PRStatus value;
- * it will return PR_SUCCESS upon success, and upon failure it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssRDN_AddATAV
-(
- NSSRDN *rdn,
- NSSATAV *atav
-);
-
-/*
- * nssRDN_GetATAVCount
- *
- * This routine returns the cardinality of the set of ATAVs within
- * the specified RDN. This routine may return 0 upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssRDN_GetATAVCount
-(
- NSSRDN *rdn
-);
-
-/*
- * nssRDN_GetATAV
- *
- * This routine returns a pointer to an ATAV that is a member of
- * the set of ATAVs within the specified RDN. While the set of
- * ATAVs within an RDN is unordered, this routine will return
- * distinct values for distinct values of 'i' as long as the RDN
- * is not changed in any way. The RDN may be changed by calling
- * NSSRDN_AddATAV. The value of the variable 'i' is on the range
- * [0,c) where c is the cardinality returned from NSSRDN_GetATAVCount.
- * The caller owns the ATAV the pointer to which is returned. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssRDN_GetATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * nssRDN_GetSimpleATAV
- *
- * Most RDNs are actually very simple, with a single ATAV. This
- * routine will return the single ATAV from such an RDN. The caller
- * owns the ATAV the pointer to which is returned. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, including the case where
- * the set of ATAVs in the RDN is nonsingular. Upon error, this
- * routine will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_RDN_NOT_SIMPLE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssRDN_GetSimpleATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_Compare
- *
- * This routine compares two RDNs for equality. For two RDNs to be
- * equal, they must have the same number of ATAVs, and every ATAV in
- * one must be equal to an ATAV in the other. (Note that the sets
- * of ATAVs are unordered.) The result of the comparison will be
- * stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssRDN_Compare
-(
- NSSRDN *rdn1,
- NSSRDN *rdn2,
- PRBool *equalp
-);
-
-/*
- * nssRDN_Duplicate
- *
- * This routine duplicates the specified RDN. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new RDN
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_Duplicate
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssRDNSeq_CreateFromBER -- constructor
- * nssRDNSeq_CreateFromUTF8 -- constructor
- * nssRDNSeq_Create -- constructor
- *
- * nssRDNSeq_Destroy
- * nssRDNSeq_GetDEREncoding
- * nssRDNSeq_GetUTF8Encoding
- * nssRDNSeq_AppendRDN
- * nssRDNSeq_GetRDNCount
- * nssRDNSeq_GetRDN
- * nssRDNSeq_Compare
- * nssRDNSeq_Duplicate
- *
- * nssRDNSeq_EvaluateUTF8 -- not an object method
- */
-
-/*
- * nssRDNSeq_CreateFromBER
- *
- * This routine creates an NSSRDNSeq by decoding a BER- or DER-encoded
- * sequence of RDNs. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDNSeq
-);
-
-/*
- * nssRDNSeq_CreateFromUTF8
- *
- * This routine creates an NSSRDNSeq by decoding a UTF8 string
- * consisting of a comma-separated sequence of RDNs, such as
- * "(sn=Smith,ou=Sales),o=Acme,c=US." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDNSeq
-);
-
-/*
- * nssRDNSeq_Create
- *
- * This routine creates an NSSRDNSeq from one or more NSSRDNs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * NULL upon error
- * A pointero to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_Create
-(
- NSSArena *arenaOpt,
- NSSRDN *rdn1,
- ...
-);
-
-/*
- * nssRDNSeq_Destroy
- *
- * This routine will destroy an RDNSeq object. It should eventually
- * be called on all RDNSeqs created without an arena. While it is not
- * necessary to call it on RDNSeqs created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_Destroy
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * nssRDNSeq_GetDEREncoding
- *
- * This routine will DER-encode an RDNSeq object. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return null upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDNSeq
- */
-
-NSS_EXTERN NSSDER *
-nssRDNSeq_GetDEREncoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDNSeq as a comma-separated sequence of RDNs.
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssRDNSeq_GetUTF8Encoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_AppendRDN
- *
- * This routine appends an RDN to the end of the existing RDN
- * sequence. If the RDNSeq was created with a non-null arena
- * argument, that same arena will be used for any additional required
- * memory. If the RDNSeq was created with a NULL arena argument, any
- * additional memory will be obtained from the heap. This routine
- * returns a PRStatus value; it will return PR_SUCCESS upon success,
- * and upon failure it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_AppendRDN
-(
- NSSRDNSeq *rdnseq,
- NSSRDN *rdn
-);
-
-/*
- * nssRDNSeq_GetRDNCount
- *
- * This routine returns the cardinality of the sequence of RDNs within
- * the specified RDNSeq. This routine may return 0 upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssRDNSeq_GetRDNCount
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * nssRDNSeq_GetRDN
- *
- * This routine returns a pointer to the i'th RDN in the sequence of
- * RDNs that make up the specified RDNSeq. The sequence begins with
- * the top-level (e.g., "c=US") RDN. The value of the variable 'i'
- * is on the range [0,c) where c is the cardinality returned from
- * NSSRDNSeq_GetRDNCount. The caller owns the RDN the pointer to which
- * is returned. If the optional arena argument is non-null, the memory
- * used will be obtained from that areana; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error upon the error stack. Note
- * that the usual UTF8 representation of RDN Sequences is from last
- * to first.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDN
- */
-
-NSS_EXTERN NSSRDN *
-nssRDNSeq_GetRDN
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * nssRDNSeq_Compare
- *
- * This routine compares two RDNSeqs for equality. For two RDNSeqs to
- * be equal, they must have the same number of RDNs, and each RDN in
- * one sequence must be equal to the corresponding RDN in the other
- * sequence. The result of the comparison will be stored at the
- * location pointed to by the "equalp" variable, which must point to a
- * valid PRBool. This routine may return PR_FAILURE upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_Compare
-(
- NSSRDNSeq *rdnseq1,
- NSSRDNSeq *rdnseq2,
- PRBool *equalp
-);
-
-/*
- * nssRDNSeq_Duplicate
- *
- * This routine duplicates the specified RDNSeq. If the optional arena
- * argument is non-null, the memory required will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new RDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_Duplicate
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_EvaluateUTF8
- *
- * This routine evaluates a UTF8 string, and returns PR_TRUE if the
- * string contains the string representation of an RDNSeq. This
- * routine is used by the (directory) Name routines
- * nssName_CreateFromUTF8 and nssName_EvaluateUTF8 to determine which
- * choice of directory name the string may encode. This routine may
- * return PR_FALSE upon error, but it subsumes that condition under the
- * general "string does not evaluate as an RDNSeq" state, and does not
- * set an error on the error stack.
- *
- * Return value:
- * PR_TRUE if the string represents an RDNSeq
- * PR_FALSE if otherwise
- */
-
-NSS_EXTERN PRBool
-nssRDNSeq_EvaluateUTF8
-(
- NSSUTF8 *str
-);
-
-/*
- * NSSName
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssName_CreateFromBER -- constructor
- * nssName_CreateFromUTF8 -- constructor
- * nssName_Create -- constructor
- *
- * nssName_Destroy
- * nssName_GetDEREncoding
- * nssName_GetUTF8Encoding
- * nssName_GetChoice
- * nssName_GetRDNSequence
- * nssName_GetSpecifiedChoice
- * nssName_Compare
- * nssName_Duplicate
- *
- * nssName_GetUID
- * nssName_GetEmail
- * nssName_GetCommonName
- * nssName_GetOrganization
- * nssName_GetOrganizationalUnits
- * nssName_GetStateOrProvince
- * nssName_GetLocality
- * nssName_GetCountry
- * nssName_GetAttribute
- *
- * nssName_EvaluateUTF8 -- not an object method
- */
-
-/*
- * nssName_CreateFromBER
- *
- * This routine creates an NSSName by decoding a BER- or DER-encoded
- * (directory) Name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berName
-);
-
-/*
- * nssName_CreateFromUTF8
- *
- * This routine creates an NSSName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * (directory) names. Currently the only choice is an RDNSeq. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. The routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringName
-);
-
-/*
- * nssName_Create
- *
- * This routine creates an NSSName with the specified choice of
- * underlying name types. The value of the choice variable must be
- * one of the values of the NSSNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ======================== ===========
- * NSSNameChoiceRdnSequence NSSRDNSeq *
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_Create
-(
- NSSArena *arenaOpt,
- NSSNameChoice choice,
- void *arg
-);
-
-/*
- * nssName_Destroy
- *
- * This routine will destroy a Name object. It should eventually be
- * called on all Names created without an arena. While it is not
- * necessary to call it on Names created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssName_Destroy
-(
- NSSName *name
-);
-
-/*
- * nssName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSName
- */
-
-NSS_EXTERN NSSDER *
-nssName_GetDEREncoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the Name in the format specified by the
- * underlying name choice. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssName_GetUTF8Encoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetChoice
- *
- * This routine returns the type of the choice underlying the specified
- * name. The return value will be a member of the NSSNameChoice
- * enumeration. This routine may return NSSNameChoiceInvalid upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * NSSNameChoiceInvalid upon error
- * An other member of the NSSNameChoice enumeration upon success
- */
-
-NSS_EXTERN NSSNameChoice
-nssName_GetChoice
-(
- NSSName *name
-);
-
-/*
- * nssName_GetRDNSequence
- *
- * If the choice underlying the specified NSSName is that of an
- * RDNSequence, this routine will return a pointer to that RDN
- * sequence. Otherwise, this routine will place an error on the
- * error stack, and return NULL. If the optional arena argument is
- * non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The
- * caller owns the returned pointer. This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssName_GetRDNSequence
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSName matches the specified
- * choice, a caller-owned pointer to that underlying object will be
- * returned. Otherwise, an error will be placed on the error stack and
- * NULL will be returned. If the optional arena argument is non-null,
- * the memory required will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-nssName_GetSpecifiedChoice
-(
- NSSName *name,
- NSSNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_Compare
- *
- * This routine compares two Names for equality. For two Names to be
- * equal, they must have the same choice of underlying types, and the
- * underlying values must be equal. The result of the comparison will
- * be stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssName_Compare
-(
- NSSName *name1,
- NSSName *name2,
- PRBool *equalp
-);
-
-/*
- * nssName_Duplicate
- *
- * This routine duplicates the specified nssname. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSName
- */
-
-NSS_EXTERN NSSName *
-nssName_Duplicate
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a UID attribute, the UID will be the value of
- * that attribute. Note that no UID attribute is defined in either
- * PKIX or PKCS#9; rather, this seems to derive from RFC 1274, which
- * defines the type as a caseIgnoreString. We'll return a Directory
- * String. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetUID
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing either a PKIX email address or a PKCS#9 email
- * address, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5 String */
-nssName_GetEmail
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a PKIX Common Name, the result will be that name. If
- * the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetCommonName
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified name, if the choices and content of the name permit.
- * If Name consists of a Sequence of Relative Distinguished names
- * containing a PKIX Organization, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetOrganization
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified name, if the choices and content of
- * the name permit. If the Name consists of a Sequence of Relative
- * Distinguished Names containing one or more organisational units,
- * the result will be the values of those attributes. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-nssName_GetOrganizationalUnits
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a state or province, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetStateOrProvince
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetLocality
- *
- * This routine will attempt to derive a locality name from the
- * specified name, if the choices and content of the name permit. If
- * the Name consists of a Sequence of Relative Distinguished names
- * containing a Locality, the result will be the value of that
- * attribute. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetLocality
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a Country, the result will be the value of
- * that attribute.. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-nssName_GetCountry
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetAttribute
- *
- * If the specified name consists of a Sequence of Relative
- * Distinguished Names containing an attribute with the specified
- * type, and the actual value of that attribute may be expressed
- * with a Directory String, then the value of that attribute will
- * be returned as a Directory String. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetAttribute
-(
- NSSName *name,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_EvaluateUTF8
- *
- * This routine evaluates a UTF8 string, and returns PR_TRUE if the
- * string contains the string representation of an NSSName. This
- * routine is used by the GeneralName routine
- * nssGeneralName_CreateFromUTF8 to determine which choice of
- * general name the string may encode. This routine may return
- * PR_FALSE upon error, but it subsumes that condition under the
- * general "string does not evaluate as a Name" state, and does not
- * set an error on the error stack.
- *
- * Return value:
- * PR_TRUE if the string represents a Name
- * PR_FALSE otherwise
- */
-
-NSS_EXTERN PRBool
-nssName_EvaluateUTF8
-(
- NSSUTF8 *str
-);
-
-/*
- * NSSGeneralName
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssGeneralName_CreateFromBER -- constructor
- * nssGeneralName_CreateFromUTF8 -- constructor
- * nssGeneralName_Create -- constructor
- *
- * nssGeneralName_Destroy
- * nssGeneralName_GetDEREncoding
- * nssGeneralName_GetUTF8Encoding
- * nssGeneralName_GetChoice
- * nssGeneralName_GetOtherName
- * nssGeneralName_GetRfc822Name
- * nssGeneralName_GetDNSName
- * nssGeneralName_GetX400Address
- * nssGeneralName_GetDirectoryName
- * nssGeneralName_GetEdiPartyName
- * nssGeneralName_GetUniformResourceIdentifier
- * nssGeneralName_GetIPAddress
- * nssGeneralName_GetRegisteredID
- * nssGeneralName_GetSpecifiedChoice
- * nssGeneralName_Compare
- * nssGeneralName_Duplicate
- *
- * nssGeneralName_GetUID
- * nssGeneralName_GetEmail
- * nssGeneralName_GetCommonName
- * nssGeneralName_GetOrganization
- * nssGeneralName_GetOrganizationalUnits
- * nssGeneralName_GetStateOrProvince
- * nssGeneralName_GetLocality
- * nssGeneralName_GetCountry
- * nssGeneralName_GetAttribute
- */
-
-/*
- * nssGeneralName_CreateFromBER
- *
- * This routine creates an NSSGeneralName by decoding a BER- or DER-
- * encoded general name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralName
-);
-
-/*
- * nssGeneralName_CreateFromUTF8
- *
- * This routine creates an NSSGeneralName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * general names. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringGeneralName
-);
-
-/*
- * nssGeneralName_Create
- *
- * This routine creates an NSSGeneralName with the specified choice of
- * underlying name types. The value of the choice variable must be one
- * of the values of the NSSGeneralNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ============================================ =========
- * NSSGeneralNameChoiceOtherName
- * NSSGeneralNameChoiceRfc822Name
- * NSSGeneralNameChoiceDNSName
- * NSSGeneralNameChoiceX400Address
- * NSSGeneralNameChoiceDirectoryName NSSName *
- * NSSGeneralNameChoiceEdiPartyName
- * NSSGeneralNameChoiceUniformResourceIdentifier
- * NSSGeneralNameChoiceIPAddress
- * NSSGeneralNameChoiceRegisteredID
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one fo the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_Create
-(
- NSSGeneralNameChoice choice,
- void *arg
-);
-
-/*
- * nssGeneralName_Destroy
- *
- * This routine will destroy a General Name object. It should
- * eventually be called on all General Names created without an arena.
- * While it is not necessary to call it on General Names created within
- * an arena, it is not an error to do so. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * usuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssGeneralName_Destroy
-(
- NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralName
- */
-
-NSS_EXTERN NSSDER *
-nssGeneralName_GetDEREncoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the General Name in the format specified by the
- * underlying name choice. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssGeneralName_GetUTF8Encoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetChoice
- *
- * This routine returns the type of choice underlying the specified
- * general name. The return value will be a member of the
- * NSSGeneralNameChoice enumeration. This routine may return
- * NSSGeneralNameChoiceInvalid upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NSSGeneralNameChoiceInvalid upon error
- * An other member of the NSSGeneralNameChoice enumeration
- */
-
-NSS_EXTERN NSSGeneralNameChoice
-nssGeneralName_GetChoice
-(
- NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralName_GetOtherName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * Other Name, this routine will return a pointer to that Other name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSOtherName
- */
-
-NSS_EXTERN NSSOtherName *
-nssGeneralName_GetOtherName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetRfc822Name
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * RFC 822 Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRFC822Name
- */
-
-NSS_EXTERN NSSRFC822Name *
-nssGeneralName_GetRfc822Name
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetDNSName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * DNS Name, this routine will return a pointer to that DNS name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSDNSName
- */
-
-NSS_EXTERN NSSDNSName *
-nssGeneralName_GetDNSName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetX400Address
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * X.400 Address, this routine will return a pointer to that Address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSX400Address
- */
-
-NSS_EXTERN NSSX400Address *
-nssGeneralName_GetX400Address
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetDirectoryName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * (directory) Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSName
- */
-
-NSS_EXTERN NSSName *
-nssGeneralName_GetName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetEdiPartyName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * EDI Party Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSEdiPartyName
- */
-
-NSS_EXTERN NSSEdiPartyName *
-nssGeneralName_GetEdiPartyName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUniformResourceIdentifier
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * URI, this routine will return a pointer to that URI.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSURI
- */
-
-NSS_EXTERN NSSURI *
-nssGeneralName_GetUniformResourceIdentifier
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetIPAddress
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * IP Address , this routine will return a pointer to that address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSIPAddress
- */
-
-NSS_EXTERN NSSIPAddress *
-nssGeneralName_GetIPAddress
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetRegisteredID
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * Registered ID, this routine will return a pointer to that ID.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRegisteredID
- */
-
-NSS_EXTERN NSSRegisteredID *
-nssGeneralName_GetRegisteredID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSGeneralName matches the
- * specified choice, a caller-owned pointer to that underlying object
- * will be returned. Otherwise, an error will be placed on the error
- * stack and NULL will be returned. If the optional arena argument
- * is non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The caller
- * owns the returned pointer. This routine may return NULL upon
- * error, in which caes it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-nssGeneralName_GetSpecifiedChoice
-(
- NSSGeneralName *generalName,
- NSSGeneralNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_Compare
- *
- * This routine compares two General Names for equality. For two
- * General Names to be equal, they must have the same choice of
- * underlying types, and the underlying values must be equal. The
- * result of the comparison will be stored at the location pointed
- * to by the "equalp" variable, which must point to a valid PRBool.
- * This routine may return PR_FAILURE upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following value:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssGeneralName_Compare
-(
- NSSGeneralName *generalName1,
- NSSGeneralName *generalName2,
- PRBool *equalp
-);
-
-/*
- * nssGeneralName_Duplicate
- *
- * This routine duplicates the specified General Name. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSGeneralName
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_Duplicate
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished Names containing a UID
- * attribute, the UID will be the value of that attribute. Note
- * that no UID attribute is defined in either PKIX or PKCS#9;
- * rather, this seems to derive from RFC 1274, which defines the
- * type as a caseIgnoreString. We'll return a Directory String.
- * If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetUID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing either
- * a PKIX email address or a PKCS#9 email address, the result will
- * be the value of that attribute. If the General Name is an RFC 822
- * Name, the result will be the string form of that name. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5String */
-nssGeneralName_GetEmail
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a PKIX
- * Common Name, the result will be that name. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetCommonName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing an
- * Organization, the result will be the value of that attribute.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetOrganization
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified general name, if the choices and
- * content of the name permit. If the General Name is a (directory)
- * Name consisting of a Sequence of Relative Distinguished names
- * containing one or more organisational units, the result will
- * consist of those units. If the optional arena argument is non-
- * null, the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-nssGeneralName_GetOrganizationalUnits
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a state or
- * province, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetStateOrProvince
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetLocality
- *
- * This routine will attempt to derive a locality name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a Locality,
- * the result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetLocality
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting of a
- * Sequence of Relative Distinguished names containing a Country, the
- * result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-nssGeneralName_GetCountry
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetAttribute
- *
- * If the specified general name is a (directory) name consisting
- * of a Sequence of Relative Distinguished Names containing an
- * attribute with the specified type, and the actual value of that
- * attribute may be expressed with a Directory String, then the
- * value of that attribute will be returned as a Directory String.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetAttribute
-(
- NSSGeneralName *generalName,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq
- *
- * The public "methods" regarding this "object" are:
- *
- * nssGeneralNameSeq_CreateFromBER -- constructor
- * nssGeneralNameSeq_Create -- constructor
- *
- * nssGeneralNameSeq_Destroy
- * nssGeneralNameSeq_GetDEREncoding
- * nssGeneralNameSeq_AppendGeneralName
- * nssGeneralNameSeq_GetGeneralNameCount
- * nssGeneralNameSeq_GetGeneralName
- * nssGeneralNameSeq_Compare
- * nssGeneralnameSeq_Duplicate
- */
-
-/*
- * nssGeneralNameSeq_CreateFromBER
- *
- * This routine creates a general name sequence by decoding a BER-
- * or DER-encoded GeneralNames. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralNameSeq
-);
-
-/*
- * nssGeneralNameSeq_Create
- *
- * This routine creates an NSSGeneralNameSeq from one or more General
- * Names. The final argument to this routine must be NULL. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_Create
-(
- NSSArena *arenaOpt,
- NSSGeneralName *generalName1,
- ...
-);
-
-/*
- * nssGeneralNameSeq_Destroy
- *
- * This routine will destroy an NSSGeneralNameSeq object. It should
- * eventually be called on all NSSGeneralNameSeqs created without an
- * arena. While it is not necessary to call it on NSSGeneralNameSeq's
- * created within an arena, it is not an error to do so. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_Destroy
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * nssGeneralNameSeq_GetDEREncoding
- *
- * This routine will DER-encode an NSSGeneralNameSeq object. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralNameSeq
- */
-
-NSS_EXTERN NSSDER *
-nssGeneralNameSeq_GetDEREncoding
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralNameSeq_AppendGeneralName
- *
- * This routine appends a General Name to the end of the existing
- * General Name Sequence. If the sequence was created with a non-null
- * arena argument, that same arena will be used for any additional
- * required memory. If the sequence was created with a NULL arena
- * argument, any additional memory will be obtained from the heap.
- * This routine returns a PRStatus value; it will return PR_SUCCESS
- * upon success, and upon failure it will set an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure.
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_AppendGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralNameSeq_GetGeneralNameCount
- *
- * This routine returns the cardinality of the specified General name
- * Sequence. This routine may return 0 upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value;
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssGeneralNameSeq_GetGeneralNameCount
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * nssGeneralNameSeq_GetGeneralName
- *
- * This routine returns a pointer to the i'th General Name in the
- * specified General Name Sequence. The value of the variable 'i' is
- * on the range [0,c) where c is the cardinality returned from
- * NSSGeneralNameSeq_GetGeneralNameCount. The caller owns the General
- * Name the pointer to which is returned. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to a General Name.
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralNameSeq_GetGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * nssGeneralNameSeq_Compare
- *
- * This routine compares two General Name Sequences for equality. For
- * two General Name Sequences to be equal, they must have the same
- * cardinality, and each General Name in one sequence must be equal to
- * the corresponding General Name in the other. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have set an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_Compare
-(
- NSSGeneralNameSeq *generalNameSeq1,
- NSSGeneralNameSeq *generalNameSeq2,
- PRBool *equalp
-);
-
-/*
- * nssGeneralNameSeq_Duplicate
- *
- * This routine duplicates the specified sequence of general names. If
- * the optional arena argument is non-null, the memory required will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new General Name Sequence.
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_Duplicate
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKI1_H */
diff --git a/security/nss/lib/pki1/pki1t.h b/security/nss/lib/pki1/pki1t.h
deleted file mode 100644
index de6e5c835..000000000
--- a/security/nss/lib/pki1/pki1t.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI1T_H
-#define PKI1T_H
-
-#ifdef DEBUG
-static const char PKI1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pki1t.h
- *
- * This file contains definitions for the types used in the PKIX part-1
- * code, but not available publicly.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSOID
- *
- * This structure is used to hold our internal table of built-in OID
- * data. The fields are as follows:
- *
- * NSSItem data -- this is the actual DER-encoded multinumber oid
- * const char *expl -- this explains the derivation, and is checked
- * in a unit test. While the field always exists,
- * it is only populated or used in debug builds.
- *
- */
-
-struct NSSOIDStr {
-#ifdef DEBUG
- const NSSUTF8 *tag;
- const NSSUTF8 *expl;
-#endif /* DEBUG */
- NSSItem data;
-};
-
-/*
- * nssAttributeTypeAliasTable
- *
- * Attribute types are passed around as oids (at least in the X.500
- * and PKI worlds, as opposed to ldap). However, when written as
- * strings they usually have well-known aliases, e.g., "ou" or "c."
- *
- * This type defines a table, populated in the generated oiddata.c
- * file, of the aliases we recognize.
- *
- * The fields are as follows:
- *
- * NSSUTF8 *alias -- a well-known string alias for an oid
- * NSSOID *oid -- the oid to which the alias corresponds
- *
- */
-
-struct nssAttributeTypeAliasTableStr {
- const NSSUTF8 *alias;
- const NSSOID **oid;
-};
-typedef struct nssAttributeTypeAliasTableStr nssAttributeTypeAliasTable;
-
-PR_END_EXTERN_C
-
-#endif /* PKI1T_H */
diff --git a/security/nss/lib/pki1/rdn.c b/security/nss/lib/pki1/rdn.c
deleted file mode 100644
index f778de22c..000000000
--- a/security/nss/lib/pki1/rdn.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * rdn.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * RelativeDistinguishedName.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * RelativeDistinguishedName
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * An RDN is merely an (unordered) set of ATAV's. The setSize (that's
- * a noun, not a verb) variable is a "helper" variable kept for
- * convenience.
- */
-
-struct nssRDNStr {
- PRUint32 setSize;
- NSSATAV **atavs;
-};
diff --git a/security/nss/lib/pki1/rdnseq.c b/security/nss/lib/pki1/rdnseq.c
deleted file mode 100644
index bbd4dfe4b..000000000
--- a/security/nss/lib/pki1/rdnseq.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * rdnseq.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * RDNSequence.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * RDNSequence
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * An RDNSequence is simply an (ordered) sequence of RDN's. The
- * seqSize variable is a "helper" kept for simplicity.
- */
-
-struct nssRDNSeqStr {
- PRUint32 seqSize;
- NSSRDN **rdns;
-};
diff --git a/security/nss/lib/pkix/doc/name_rules.html b/security/nss/lib/pkix/doc/name_rules.html
deleted file mode 100644
index 70f9dd72e..000000000
--- a/security/nss/lib/pkix/doc/name_rules.html
+++ /dev/null
@@ -1,178 +0,0 @@
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.6 [en] (X11; U; IRIX 6.3 IP32) [Netscape]">
-</head>
-<body>
-
-<h1>
-Notes on libpkix name rules</h1>
-&nbsp;
-<h2>
-Types</h2>
-Every type mentioned in RFC 2459 is reflected in libpkix.&nbsp; The type
-names, defined in <tt>nsspkix.h</tt>, are exactly the names used in the
-RFC with the added prefix of ``<tt>NSSPKIX</tt>.''&nbsp; The <tt>PKIX</tt>
-part of the name is to distinguish between these specifically defined types
-and more general reflections that are used in higher-level trust domains,
-crypto contexts, etc.&nbsp; For example, <tt>NSSPKIXCertificate</tt> is
-a type with specific properties defined in RFC 2459, while <tt>NSSCertificate</tt>
-is a general type, not necessarily based on an X.509 certificate, that
-has additional associated information.
-<p>Additionally, libpkix defines some "helper"&nbsp;types, usually when
-a type definition in the RFC&nbsp;was unusually complex.&nbsp; These types
-are prefixed with <tt>NSSPKIX</tt> as above, but the next letter is lowercase.&nbsp;
-Examples of these types include <tt>NSSPKIXrevokedCertificates</tt> and
-<tt>NSSPKIXpolicyMapping</tt>.
-<br>&nbsp;
-<h2>
-Simple types</h2>
-Many types used in or defined by RFC 2459 have more-or-less equivalent
-``natural'' types.&nbsp; These include <tt>BOOLEAN</tt>, <tt>INTEGER</tt>,
-the string types, and the date types.
-<p><tt>BOOLEAN</tt> values are always automatically converted to and from
-<tt>PRBool</tt> types.
-<p><tt>INTEGER</tt> types are used in two ways: as a ``small integer,''
-typically a quantity, and as an identification value (e.g., the serial
-number of a certificate).&nbsp; In the former situation, the RFC usually
-states that the values may be limited by the application to some value.&nbsp;
-We reflect these integers as <tt>PRInt32</tt> values, which is limited
-to about two billion.&nbsp; (The reason an unsigned integer wasn't used
-is that we use -1 as an error value; while admittedly reserving one half
-of the number space merely to indicate an error is perhaps wasteful, reducing
-the count limit from four billion to two isn't that unreasonable.)&nbsp;
-``Large integer'' uses are reflected as <tt>NSSItem</tt>s.
-<p>String types -- even complicated <tt>CHOICE</tt>s of strings -- are
-always converted to and from <tt>NSSUTF8</tt> strings.&nbsp; Most of the
-string types can handle any UTF-8 string; the few that don't will check
-the <tt>NSSUTF8</tt> string for invalid characters and return an error
-if any are found.
-<p>Date types are always converted to and from <tt>PRTime</tt> values.
-<font color="#FF0000">***FGMR*** or whatever.</font><font color="#000000">&nbsp;
-The RFC-defined types may contain values that may not be represented as
-<tt>PRTime</tt>s; when conversion of such a value is attempted, the error
-<tt>NSS_ERROR_VALUE_OUT_OF_RANGE</tt> will be returned.&nbsp; However,
-types that contain time values have comparator methods defined, so that
-valid comparisons may be made, even if the time is out of the range of
-<tt>PRTime</tt>.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Function names</font></h2>
-<font color="#000000">All function names are created by catenating the
-type name, an underscore, and the name of a method defined on that type.&nbsp;
-In some situations, this does create rather long function names; however,
-since these are usually assocated with the more obscure types, we felt
-that sticking to a common naming system was preferable to inventing new
-names.&nbsp; (The Principle of Least Surprise.)</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Universal methods</font></h2>
-<font color="#000000">Every type has a few standard methods:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_CreateFromBER</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Create</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Destroy</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_GetDEREncoding</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Equal</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Duplicate</font></tt></li>
-</ul>
-<font color="#000000">For types for which a BER encoding can be created
-which is not the DER&nbsp;encoding, there is a method <tt>&lt;typename>_GetBEREncoding</tt>.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Accessors</font></h2>
-<font color="#000000">Simple accessor method names are constructed with
-``<tt>Get</tt>'' and ``<tt>Set</tt>'' followed by the field name:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;fieldname></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;fieldname></font></tt></li>
-</ul>
-<font color="#000000">Optional fields also have ``<tt>Has</tt>'' and ``<tt>Remove</tt>''
-methods, constructed in the same way.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Sequences</font></h2>
-<font color="#000000">Sequences have the following accessors:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name>Count</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name>s</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;name>s</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Append&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Insert&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Remove&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Find&lt;name></font></tt></li>
-</ul>
-<font color="#000000">Sets (unordered sequences) replace the <tt>Append</tt>
-and <tt>Insert</tt> methods with <tt>Add</tt>.&nbsp; The plural Get and
-Set methods operate on arrays of the subtype.</font>
-<br><font color="#000000"></font>&nbsp;
-<br><font color="#000000"></font>&nbsp;
-<br><font color="#000000"></font>&nbsp;
-</body>
-</html>
diff --git a/security/nss/lib/pkix/include/nsspkix.h b/security/nss/lib/pkix/include/nsspkix.h
deleted file mode 100644
index 6e55be3a9..000000000
--- a/security/nss/lib/pkix/include/nsspkix.h
+++ /dev/null
@@ -1,24377 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIX_H
-#define NSSPKIX_H
-
-#ifdef DEBUG
-static const char NSSPKIX_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkix.h
- *
- * This file contains the prototypes for the public methods defined
- * for the PKIX part-1 objects.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- * The public calls for the type:
- *
- * NSSPKIXAttribute_Decode
- * NSSPKIXAttribute_Create
- * NSSPKIXAttribute_CreateFromArray
- * NSSPKIXAttribute_Destroy
- * NSSPKIXAttribute_Encode
- * NSSPKIXAttribute_GetType
- * NSSPKIXAttribute_SetType
- * NSSPKIXAttribute_GetValueCount
- * NSSPKIXAttribute_GetValues
- * NSSPKIXAttribute_SetValues
- * NSSPKIXAttribute_GetValue
- * NSSPKIXAttribute_SetValue
- * NSSPKIXAttribute_AddValue
- * NSSPKIXAttribute_RemoveValue
- * NSSPKIXAttribute_FindValue
- * NSSPKIXAttribute_Equal
- * NSSPKIXAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-);
-
-/*
- * NSSPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-);
-
-/*
- * NSSPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_Encode
- *
- * This routine returns the BER encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAttribute_Encode
-(
- NSSPKIXAttribute *attribute,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-NSSPKIXAttribute_GetType
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetType
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * NSSPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i
-);
-
-/*
- * NSSPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *attributeValue
-);
-
-/*
- * NSSPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNames consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- * The public calls for the type:
- *
- * NSSPKIXAttributeTypeAndValue_Decode
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- * NSSPKIXAttributeTypeAndValue_Create
- * NSSPKIXAttributeTypeAndValue_Destroy
- * NSSPKIXAttributeTypeAndValue_Encode
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- * NSSPKIXAttributeTypeAndValue_GetType
- * NSSPKIXAttributeTypeAndValue_SetType
- * NSSPKIXAttributeTypeAndValue_GetValue
- * NSSPKIXAttributeTypeAndValue_SetValue
- * NSSPKIXAttributeTypeAndValue_Equal
- * NSSPKIXAttributeTypeAndValue_Duplicate
- */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-NSSPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- * ub-name INTEGER ::= 32768
- *
- * The public calls for this type:
- *
- * NSSPKIXX520Name_Decode
- * NSSPKIXX520Name_CreateFromUTF8
- * NSSPKIXX520Name_Create (?)
- * NSSPKIXX520Name_Destroy
- * NSSPKIXX520Name_Encode
- * NSSPKIXX520Name_GetUTF8Encoding
- * NSSPKIXX520Name_Equal
- * NSSPKIXX520Name_Duplicate
- *
- * The public data for this type:
- *
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- */
-
-/*
- * NSSPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520Name_Create
- *
- * XXX fgmr: currently nssStringType is a private type. Thus,
- * this public method should not exist. I'm leaving this here
- * to remind us later what we want to decide.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-/*
- * NSS_EXTERN NSSPKIXX520Name *
- * NSSPKIXX520Name_Create
- * (
- * NSSArena *arenaOpt,
- * nssStringType type,
- * NSSItem *data
- * );
- */
-
-/*
- * NSSPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-);
-
-/*
- * NSSPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- * ub-name INTEGER ::= 32768
- */
-
-extern const PRUint32 NSSPKIXX520Name_MAXIMUM_LENGTH;
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- * ub-common-name INTEGER ::= 64
- *
- * The public calls for this type:
- *
- * NSSPKIXX520CommonName_Decode
- * NSSPKIXX520CommonName_CreateFromUTF8
- * NSSPKIXX520CommonName_Create (?)
- * NSSPKIXX520CommonName_Destroy
- * NSSPKIXX520CommonName_Encode
- * NSSPKIXX520CommonName_GetUTF8Encoding
- * NSSPKIXX520CommonName_Equal
- * NSSPKIXX520CommonName_Duplicate
- *
- * The public data for this type:
- *
- * NSSPKIXX520CommonName_MAXIMUM_LENGTH
- *
- */
-
-/*
- * NSSPKIXX520CommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520CommonName_Create
- *
- * XXX fgmr: currently nssStringType is a private type. Thus,
- * this public method should not exist. I'm leaving this here
- * to remind us later what we want to decide.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-/*
- * NSS_EXTERN NSSPKIXX520CommonName *
- * NSSPKIXX520CommonName_Create
- * (
- * NSSArena *arenaOpt,
- * nssStringType type,
- * NSSItem *data
- * );
- */
-
-/*
- * NSSPKIXX520CommonName_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520CommonName_Destroy
-(
- NSSPKIXX520CommonName *name
-);
-
-/*
- * NSSPKIXX520CommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520CommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520CommonName_Encode
-(
- NSSPKIXX520CommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXX520CommonName_GetUTF8Encoding
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXX520CommonName_Equal
-(
- NSSPKIXX520CommonName *name1,
- NSSPKIXX520CommonName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXX520CommonName_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_Duplicate
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- * ub-common-name INTEGER ::= 64
- */
-
-extern const PRUint32 NSSPKIXX520CommonName_MAXIMUM_LENGTH;
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520LocalityName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-locality-name)),
- * printableString PrintableString (SIZE (1..ub-locality-name)),
- * universalString UniversalString (SIZE (1..ub-locality-name)),
- * utf8String UTF8String (SIZE (1..ub-locality-name)),
- * bmpString BMPString (SIZE(1..ub-locality-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520LocalityName_Decode
- * NSSPKIXX520LocalityName_CreateFromUTF8
- * NSSPKIXX520LocalityName_Encode
- *
- */
-
-/*
- * NSSPKIXX520LocalityName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-NSSPKIXX520LocalityName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520LocalityName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-NSSPKIXX520LocalityName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520LocalityName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520LocalityName_Encode
-(
- NSSPKIXX520LocalityName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520StateOrProvinceName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-state-name)),
- * printableString PrintableString (SIZE (1..ub-state-name)),
- * universalString UniversalString (SIZE (1..ub-state-name)),
- * utf8String UTF8String (SIZE (1..ub-state-name)),
- * bmpString BMPString (SIZE(1..ub-state-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520StateOrProvinceName_Decode
- * NSSPKIXX520StateOrProvinceName_CreateFromUTF8
- * NSSPKIXX520StateOrProvinceName_Encode
- *
- */
-
-/*
- * NSSPKIXX520StateOrProvinceName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-NSSPKIXX520StateOrProvinceName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520StateOrProvinceName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-NSSPKIXX520StateOrProvinceName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520StateOrProvinceName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520StateOrProvinceName_Encode
-(
- NSSPKIXX520StateOrProvinceName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organization-name)),
- * printableString PrintableString (SIZE (1..ub-organization-name)),
- * universalString UniversalString (SIZE (1..ub-organization-name)),
- * utf8String UTF8String (SIZE (1..ub-organization-name)),
- * bmpString BMPString (SIZE(1..ub-organization-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520OrganizationName_Decode
- * NSSPKIXX520OrganizationName_CreateFromUTF8
- * NSSPKIXX520OrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXX520OrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-NSSPKIXX520OrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520OrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-NSSPKIXX520OrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520OrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520OrganizationName_Encode
-(
- NSSPKIXX520OrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationalUnitName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
- * printableString PrintableString
- * (SIZE (1..ub-organizational-unit-name)),
- * universalString UniversalString
- * (SIZE (1..ub-organizational-unit-name)),
- * utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
- * bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520OrganizationalUnitName_Decode
- * NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
- * NSSPKIXX520OrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXX520OrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-NSSPKIXX520OrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520OrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520OrganizationalUnitName_Encode
-(
- NSSPKIXX520OrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520Title ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-title)),
- * printableString PrintableString (SIZE (1..ub-title)),
- * universalString UniversalString (SIZE (1..ub-title)),
- * utf8String UTF8String (SIZE (1..ub-title)),
- * bmpString BMPString (SIZE(1..ub-title)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520Title_Decode
- * NSSPKIXX520Title_CreateFromUTF8
- * NSSPKIXX520Title_Encode
- *
- */
-
-/*
- * NSSPKIXX520Title_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-NSSPKIXX520Title_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520Title_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-NSSPKIXX520Title_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520Title_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Title_Encode
-(
- NSSPKIXX520Title *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520dnQualifier ::= PrintableString
- *
- * The public calls for this type:
- *
- * NSSPKIXX520dnQualifier_Decode
- * NSSPKIXX520dnQualifier_CreateFromUTF8
- * NSSPKIXX520dnQualifier_Encode
- *
- */
-
-/*
- * NSSPKIXX520dnQualifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-NSSPKIXX520dnQualifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520dnQualifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-NSSPKIXX520dnQualifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520dnQualifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520dnQualifier_Encode
-(
- NSSPKIXX520dnQualifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
- *
- * The public calls for this type:
- *
- * NSSPKIXX520countryName_Decode
- * NSSPKIXX520countryName_CreateFromUTF8
- * NSSPKIXX520countryName_Encode
- *
- */
-
-/*
- * NSSPKIXX520countryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-NSSPKIXX520countryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520countryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-NSSPKIXX520countryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520countryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520countryName_Encode
-(
- NSSPKIXX520countryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXPkcs9email_Decode
- * NSSPKIXPkcs9email_CreateFromUTF8
- * NSSPKIXPkcs9email_Encode
- *
- */
-
-/*
- * NSSPKIXPkcs9email_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-NSSPKIXPkcs9email_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPkcs9email_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-NSSPKIXPkcs9email_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPkcs9email_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPkcs9email_Encode
-(
- NSSPKIXPkcs9email *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- * The public calls for this type:
- *
- * NSSPKIXName_Decode
- * NSSPKIXName_CreateFromUTF8
- * NSSPKIXName_Create
- * NSSPKIXName_CreateFromRDNSequence
- * NSSPKIXName_Destroy
- * NSSPKIXName_Encode
- * NSSPKIXName_GetUTF8Encoding
- * NSSPKIXName_GetChoice
- * NSSPKIXName_GetRDNSequence
- * NSSPKIXName_GetSpecifiedChoice {fgmr remove this}
- * NSSPKIXName_SetRDNSequence
- * NSSPKIXName_SetSpecifiedChoice
- * NSSPKIXName_Equal
- * NSSPKIXName_Duplicate
- *
- * (here is where I had specific attribute value gettors in pki1)
- *
- */
-
-/*
- * NSSPKIXName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-);
-
-/*
- * NSSPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-);
-
-/*
- * NSSPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXName_Destroy
-(
- NSSPKIXName *name
-);
-
-/*
- * NSSPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_EXTERN NSSPKIXNameChoice
-NSSPKIXName_GetChoice
-(
- NSSPKIXName *name
-);
-
-/*
- * NSSPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXName_Equal
-(
- NSSPKIXName *name1,
- NSSPKIXName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * The public calls for this type:
- *
- * NSSPKIXRDNSequence_Decode
- * NSSPKIXRDNSequence_CreateFromUTF8
- * NSSPKIXRDNSequence_Create
- * NSSPKIXRDNSequence_CreateFromArray
- * NSSPKIXRDNSequence_Destroy
- * NSSPKIXRDNSequence_Encode
- * NSSPKIXRDNSequence_GetUTF8Encoding
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- * NSSPKIXRDNSequence_Equal
- * NSSPKIXRDNSequence_Duplicate
- *
- */
-
-/*
- * NSSPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-);
-
-/*
- * NSSPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdns[]
-);
-
-/*
- * NSSPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * NSSPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName **
-NSSPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-);
-
-/*
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistinguishedName ::= RDNSequence
- *
- * This is just a public typedef; no new methods are required. {fgmr-- right?}
- */
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * The public calls for this type:
- *
- * NSSPKIXRelativeDistinguishedName_Decode
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- * NSSPKIXRelativeDistinguishedName_Create
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- * NSSPKIXRelativeDistinguishedName_Destroy
- * NSSPKIXRelativeDistinguishedName_Encode
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_Equal
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * fgmr: Logical additional functions include
- *
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValueByType
- * returns PRInt32
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValuesByType
- * returns array of PRInt32
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueForType
- * returns NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValuesForType
- * returns array of NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValueForType
- * returns NSSPKIXAttributeValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValuesForType
- * returns array of NSSPKIXAttributeValue
- *
- * NOTE: the "return array" versions are only meaningful if an RDN may
- * contain multiple ATAVs with the same type. Verify in the RFC if
- * this is possible or not. If not, nuke those three functions.
- *
- */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs[]
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue **
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DirectoryString ::= CHOICE {
- * teletexString TeletexString (SIZE (1..MAX)),
- * printableString PrintableString (SIZE (1..MAX)),
- * universalString UniversalString (SIZE (1..MAX)),
- * utf8String UTF8String (SIZE (1..MAX)),
- * bmpString BMPString (SIZE(1..MAX)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXDirectoryString_Decode
- * NSSPKIXDirectoryString_CreateFromUTF8
- * NSSPKIXDirectoryString_Encode
- *
- */
-
-/*
- * NSSPKIXDirectoryString_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-NSSPKIXDirectoryString_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDirectoryString_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-NSSPKIXDirectoryString_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXDirectoryString_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_DIRECTORY_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDirectoryString_Encode
-(
- NSSPKIXDirectoryString *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The public calls for this type:
- *
- * NSSPKIXCertificate_Decode
- * NSSPKIXCertificate_Create
- * NSSPKIXCertificate_Destroy
- * NSSPKIXCertificate_Encode
- * NSSPKIXCertificate_GetTBSCertificate
- * NSSPKIXCertificate_SetTBSCertificate
- * NSSPKIXCertificate_GetAlgorithmIdentifier
- * NSSPKIXCertificate_SetAlgorithmIdentifier
- * NSSPKIXCertificate_GetSignature
- * NSSPKIXCertificate_SetSignature
- * NSSPKIXCertificate_Equal
- * NSSPKIXCertificate_Duplicate
- *
- * { inherit TBSCertificate gettors? }
- *
- */
-
-/*
- * NSSPKIXCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificate_Create
- *
- * -- fgmr comments --
- * { at this level we'll have to just accept a specified signature }
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGID
- * NSS_ERROR_INVALID_PKIX_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID,
- NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_Destroy
-(
- NSSPKIXCertificate *cert
-);
-
-/*
- * NSSPKIXCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificate_Encode
-(
- NSSPKIXCertificate *cert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_GetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXCertificate_GetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXCertificate_GetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXCertificate_GetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * NSSPKIXCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXCertificate_GetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificate_Equal
-(
- NSSPKIXCertificate *one,
- NSSPKIXCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Duplicate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- * The public calls for this type:
- *
- * NSSPKIXTBSCertificate_Decode
- * NSSPKIXTBSCertificate_Create
- * NSSPKIXTBSCertificate_Destroy
- * NSSPKIXTBSCertificate_Encode
- * NSSPKIXTBSCertificate_GetVersion
- * NSSPKIXTBSCertificate_SetVersion
- * NSSPKIXTBSCertificate_GetSerialNumber
- * NSSPKIXTBSCertificate_SetSerialNumber
- * NSSPKIXTBSCertificate_GetSignature
- * NSSPKIXTBSCertificate_SetSignature
- * { inherit algid gettors? }
- * NSSPKIXTBSCertificate_GetIssuer
- * NSSPKIXTBSCertificate_SetIssuer
- * { inherit "helper" issuer gettors? }
- * NSSPKIXTBSCertificate_GetValidity
- * NSSPKIXTBSCertificate_SetValidity
- * { inherit validity accessors }
- * NSSPKIXTBSCertificate_GetSubject
- * NSSPKIXTBSCertificate_SetSubject
- * NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
- * NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
- * NSSPKIXTBSCertificate_HasIssuerUniqueID
- * NSSPKIXTBSCertificate_GetIssuerUniqueID
- * NSSPKIXTBSCertificate_SetIssuerUniqueID
- * NSSPKIXTBSCertificate_RemoveIssuerUniqueID
- * NSSPKIXTBSCertificate_HasSubjectUniqueID
- * NSSPKIXTBSCertificate_GetSubjectUniqueID
- * NSSPKIXTBSCertificate_SetSubjectUniqueID
- * NSSPKIXTBSCertificate_RemoveSubjectUniqueID
- * NSSPKIXTBSCertificate_HasExtensions
- * NSSPKIXTBSCertificate_GetExtensions
- * NSSPKIXTBSCertificate_SetExtensions
- * NSSPKIXTBSCertificate_RemoveExtensions
- * { extension accessors }
- * NSSPKIXTBSCertificate_Equal
- * NSSPKIXTBSCertificate_Duplicate
- */
-
-/*
- * NSSPKIXTBSCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTBSCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ISSUER_NAME
- * NSS_ERROR_INVALID_VALIDITY
- * NSS_ERROR_INVALID_SUBJECT_NAME
- * NSS_ERROR_INVALID_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ISSUER_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_SUBJECT_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_EXTENSION
- *
- * Return value:
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXCertificateSerialNumber *serialNumber,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXValidity *validity,
- NSSPKIXName *subject,
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXUniqueIdentifier *issuerUniqueID,
- NSSPKIXUniqueIdentifier *subjectUniqueID,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_Destroy
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTBSCertificate_Encode
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-NSSPKIXTBSCertificate_GetVersion
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetVersion
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXVersion version
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXTBSCertificate_GetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *snOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *sn
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXTBSCertificate_GetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID
-);
-
-/*
- * { fgmr inherit algid gettors? }
- */
-
-/*
- * NSSPKIXTBSCertificate_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertificate_GetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *issuer
-);
-
-/*
- * { inherit "helper" issuer gettors? }
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *
- * Return value:
- */
-
-/*
- * NSSPKIXTBSCertificate_GetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXTBSCertificate_GetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXValidity *validity
-);
-
-/*
- * { fgmr inherit validity accessors }
- */
-
-/*
- * NSSPKIXTBSCertificate_GetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertificate_GetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *subject
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * NSSPKIXTBSCertificate_HasIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-NSSPKIXTBSCertificate_GetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_HasSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-NSSPKIXTBSCertificate_GetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_HasExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXTBSCertificate_GetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveExtensions
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * { extension accessors }
- */
-
-/*
- * NSSPKIXTBSCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_Equal
-(
- NSSPKIXTBSCertificate *one,
- NSSPKIXTBSCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Duplicate
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateSerialNumber ::= INTEGER
- *
- * This is just a typedef'd NSSBER; no methods are required.
- * {fgmr -- the asn.1 stuff should have routines to convert
- * integers to natural types when possible and vv. we can
- * refer to them here..}
- */
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- * The public calls for the type:
- *
- * NSSPKIXValidity_Decode
- * NSSPKIXValidity_Create
- * NSSPKIXValidity_Encode
- * NSSPKIXValidity_Destroy
- * NSSPKIXValidity_GetNotBefore
- * NSSPKIXValidity_SetNotBefore
- * NSSPKIXValidity_GetNotAfter
- * NSSPKIXValidity_SetNotAfter
- * NSSPKIXValidity_Equal
- * NSSPKIXValidity_Compare
- * NSSPKIXValidity_Duplicate
- *
- */
-
-/*
- * NSSPKIXValidity_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXValidity_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTime notBefore,
- NSSPKIXTime notAfter
-);
-
-/*
- * NSSPKIXValidity_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_Destroy
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXValidity_Encode
-(
- NSSPKIXValidity *validity,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXValidity_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXValidity_GetNotBefore
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_SetNotBefore
- *
- * -- fgmr comments --
- * {do we require that it be before the "notAfter" value?}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_SetNotBefore
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notBefore
-);
-
-/*
- * NSSPKIXValidity_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXValidity_GetNotAfter
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_SetNotAfter
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notAfter
-);
-
-/*
- * NSSPKIXValidity_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXValidity_Equal
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXValidity_Compare
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * 1 if the second is "greater" or later than the first
- * 0 if they are equal
- * -1 if the first is "greater" or later than the first
- * -2 upon failure
- */
-
-NSS_EXTERN PRIntn
-NSSPKIXValidity_Compare
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two
-);
-
-/*
- * NSSPKIXValidity_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Duplicate
-(
- NSSPKIXValidity *validity,
- NSSArena *arenaOpt
-);
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- * The public calls for the type:
- *
- * NSSPKIXTime_Decode
- * NSSPKIXTime_CreateFromPRTime
- * NSSPKIXTime_CreateFromUTF8
- * NSSPKIXTime_Destroy
- * NSSPKIXTime_Encode
- * NSSPKIXTime_GetPRTime
- * NSSPKIXTime_GetUTF8Encoding
- * NSSPKIXTime_Equal
- * NSSPKIXTime_Duplicate
- * NSSPKIXTime_Compare
- *
- */
-
-/*
- * NSSPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-);
-
-/*
- * NSSPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTime_Destroy
- *
- */
-
-NSS_EXTERN PR_STATUS
-NSSPKIXTime_Destroy
-(
- NSSPKIXTime *time
-);
-
-/*
- * NSSPKIXTime_Encode
- *
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_EXTERN PRTime
-NSSPKIXTime_GetPRTime
-(
- NSSPKIXTime *time,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKXITime_GetUTF8Encoding
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_Equal
- *
- */
-
-NSS_EXTERN PRBool
-NSSPKXITime_Equal
-(
- NSSPKXITime *time1,
- NSSPKXITime *time2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTime_Duplicate
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKXITime_Duplicate
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- * Returns 0 on error
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTime_Compare
-(
- NSSPKIXTime *time1,
- NSSPKIXTime *tiem2,
- PRStatus *statusOpt
-);
-
-/*
- * UniqueIdentifier
- *
- * -- fgmr comments --
- * Should we distinguish bitstrings from "regular" items/BERs?
- * It could be another typedef, but with a separate type to help
- * remind users about the factor of 8. OR we could make it a
- * hard type, and require the use of some (trivial) converters.
- *
- * From RFC 2459:
- *
- * UniqueIdentifier ::= BIT STRING
- *
- */
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- * The public calls for the type:
- *
- * NSSPKIXSubjectPublicKeyInfo_Decode
- * NSSPKIXSubjectPublicKeyInfo_Create
- * NSSPKIXSubjectPublicKeyInfo_Encode
- * NSSPKIXSubjectPublicKeyInfo_Destroy
- * NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
- * NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
- * NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- * NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- * NSSPKIXSubjectPublicKeyInfo_Equal
- * NSSPKIXSubjectPublicKeyInfo_Duplicate
- *
- */
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *subjectPublicKey
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_Destroy
-(
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXSubjectPublicKeyInfo_Encode
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spkOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spk
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXSubjectPublicKeyInfo_Equal
-(
- NSSPKIXSubjectPublicKeyInfo *one,
- NSSPKIXSubjectPublicKeyInfo *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Duplicate
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-/* { FGMR } */
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-/* { FGMR } */
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The public calls for the type:
- *
- * NSSPKIXCertificateList_Decode
- * NSSPKIXCertificateList_Create
- * NSSPKIXCertificateList_Encode
- * NSSPKIXCertificateList_Destroy
- * NSSPKIXCertificateList_GetTBSCertList
- * NSSPKIXCertificateList_SetTBSCertList
- * NSSPKIXCertificateList_GetSignatureAlgorithm
- * NSSPKIXCertificateList_SetSignatureAlgorithm
- * NSSPKIXCertificateList_GetSignature
- * NSSPKIXCertificateList_SetSignature
- * NSSPKIXCertificateList_Equal
- * NSSPKIXCertificateList_Duplicate
- *
- */
-
-/*
- * NSSPKIXCertificateList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificateList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertList *tbsCertList,
- NSSPKIXAlgorithmIdentifier *sigAlg,
- NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificateList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_Destroy
-(
- NSSPKIXCertificateList *certList
-);
-
-/*
- * NSSPKIXCertificateList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificateList_Encode
-(
- NSSPKIXCertificateList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_GetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXCertificateList_GetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXTBSCertList *tbsCertList
-);
-
-/*
- * NSSPKIXCertificateList_GetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXCertificateList_GetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXAlgorithmIdentifier *sigAlg
-);
-
-/*
- * NSSPKIXCertificateList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXCertificateList_GetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *sig
-);
-
-/*
- * NSSPKIXCertificateList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificateList_Equal
-(
- NSSPKIXCertificateList *one,
- NSSPKIXCertificateList *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificateList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Duplicate
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- * The public calls for the type:
- *
- * NSSPKIXTBSCertList_Decode
- * NSSPKIXTBSCertList_Create
- * NSSPKIXTBSCertList_Destroy
- * NSSPKIXTBSCertList_Encode
- * NSSPKIXTBSCertList_GetVersion
- * NSSPKIXTBSCertList_SetVersion
- * NSSPKIXTBSCertList_GetSignature
- * NSSPKIXTBSCertList_SetSignature
- * NSSPKIXTBSCertList_GetIssuer
- * NSSPKIXTBSCertList_SetIssuer
- * NSSPKIXTBSCertList_GetThisUpdate
- * NSSPKIXTBSCertList_SetThisUpdate
- * NSSPKIXTBSCertList_HasNextUpdate
- * NSSPKIXTBSCertList_GetNextUpdate
- * NSSPKIXTBSCertList_SetNextUpdate
- * NSSPKIXTBSCertList_RemoveNextUpdate
- * NSSPKIXTBSCertList_GetRevokedCertificates
- * NSSPKIXTBSCertList_SetRevokedCertificates
- * NSSPKIXTBSCertList_HasCrlExtensions
- * NSSPKIXTBSCertList_GetCrlExtensions
- * NSSPKIXTBSCertList_SetCrlExtensions
- * NSSPKIXTBSCertList_RemoveCrlExtensions
- * NSSPKIXTBSCertList_Equal
- * NSSPKIXTBSCertList_Duplicate
- *
- */
-
-/*
- * NSSPKIXTBSCertList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTBSCertList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_TIME
- * (something for the times being out of order?)
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXTime thisUpdate,
- NSSPKIXTime nextUpdateOpt,
- NSSPKIXrevokedCertificates *revokedCerts,
- NSSPKIXExtensions *crlExtensionsOpt
-);
-
-/*
- * NSSPKIXTBSCertList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_Destroy
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTBSCertList_Encode
-(
- NSSPKIXTBSCertList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-NSSPKIXTBSCertList_GetVersion
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetVersion
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXVersion version
-);
-
-/*
- * NSSPKIXTBSCertList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXTBSCertList_GetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * NSSPKIXTBSCertList_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertList_GetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXName *issuer
-);
-
-/*
- * NSSPKIXTBSCertList_GetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXTBSCertList_GetThisUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetThisUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime thisUpdate
-);
-
-/*
- * NSSPKIXTBSCertList_HasNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_HasNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXTBSCertList_GetNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime nextUpdate
-);
-
-/*
- * NSSPKIXTBSCertList_RemoveNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_NEXT_UPDATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_RemoveNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon succes
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXTBSCertList_GetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXrevokedCertificates *revoked
-);
-
-/*
- * NSSPKIXTBSCertList_HasCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_HasCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXTBSCertList_GetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertList_RemoveCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_RemoveCrlExtensions
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_Equal
-(
- NSSPKIXTBSCertList *one,
- NSSPKIXTBSCertList *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Duplicate
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The public calls for the type:
- *
- * NSSPKIXrevokedCertificates_Decode
- * NSSPKIXrevokedCertificates_Create
- * NSSPKIXrevokedCertificates_Encode
- * NSSPKIXrevokedCertificates_Destroy
- * NSSPKIXrevokedCertificates_GetRevokedCertificateCount
- * NSSPKIXrevokedCertificates_GetRevokedCertificates
- * NSSPKIXrevokedCertificates_SetRevokedCertificates
- * NSSPKIXrevokedCertificates_GetRevokedCertificate
- * NSSPKIXrevokedCertificates_SetRevokedCertificate
- * NSSPKIXrevokedCertificates_InsertRevokedCertificate
- * NSSPKIXrevokedCertificates_AppendRevokedCertificate
- * NSSPKIXrevokedCertificates_RemoveRevokedCertificate
- * NSSPKIXrevokedCertificates_Equal
- * NSSPKIXrevokedCertificates_Duplicate
- *
- */
-
-/*
- * NSSPKIXrevokedCertificates_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXrevokedCertificates_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXrevokedCertificate *rc1,
- ...
-);
-
-/*
- * NSSPKIXrevokedCertificates_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_Destroy
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * NSSPKIXrevokedCertificates_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXrevokedCertificates_Encode
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificateCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXrevokedCertificates_GetRevokedCertificateCount
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXrevokedCertificate pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate **
-NSSPKIXrevokedCertificates_GetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_SetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc[],
- PRInt32 countOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificates_GetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_SetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_SetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_InsertRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_InsertRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_AppendRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_AppendRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_RemoveRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_RemoveRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i
-);
-
-/*
- * NSSPKIXrevokedCertificates_FindRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXrevokedCertificates_FindRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificates_Equal
-(
- NSSPKIXrevokedCertificates *one,
- NSSPKIXrevokedCertificates *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Duplicate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSArena *arenaOpt
-);
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The public calls for this type:
- *
- * NSSPKIXrevokedCertificate_Decode
- * NSSPKIXrevokedCertificate_Create
- * NSSPKIXrevokedCertificate_Encode
- * NSSPKIXrevokedCertificate_Destroy
- * NSSPKIXrevokedCertificate_GetUserCertificate
- * NSSPKIXrevokedCertificate_SetUserCertificate
- * NSSPKIXrevokedCertificate_GetRevocationDate
- * NSSPKIXrevokedCertificate_SetRevocationDate
- * NSSPKIXrevokedCertificate_HasCrlEntryExtensions
- * NSSPKIXrevokedCertificate_GetCrlEntryExtensions
- * NSSPKIXrevokedCertificate_SetCrlEntryExtensions
- * NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
- * NSSPKIXrevokedCertificate_Equal
- * NSSPKIXrevokedCertificate_Duplicate
- *
- */
-
-
-/*
- * NSSPKIXrevokedCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXrevokedCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_TIME
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertificateSerialNumber *userCertificate,
- NSSPKIXTime *revocationDate,
- NSSPKIXExtensions *crlEntryExtensionsOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_Destroy
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXrevokedCertificate_Encode
-(
- NSSPKIXrevokedCertificate *rc,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXrevokedCertificate_GetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_SetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXCertificateSerialNumber *csn
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXrevokedCertificate_GetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_SetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXTime *revocationDate
-);
-
-/*
- * NSSPKIXrevokedCertificate_HasCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificate_HasCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXrevokedCertificate_GetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_SetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXExtensions *crlEntryExtensions
-);
-
-/*
- * NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificate_Equal
-(
- NSSPKIXrevokedCertificate *one,
- NSSPKIXrevokedCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Duplicate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- * The public calls for this type:
- *
- * NSSPKIXAlgorithmIdentifier_Decode
- * NSSPKIXAlgorithmIdentifier_Create
- * NSSPKIXAlgorithmIdentifier_Encode
- * NSSPKIXAlgorithmIdentifier_Destroy
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- * NSSPKIXAlgorithmIdentifier_GetParameters
- * NSSPKIXAlgorithmIdentifier_SetParameters
- * NSSPKIXAlgorithmIdentifier_Compare
- * NSSPKIXAlgorithmIdentifier_Duplicate
- * { algorithm-specific parameter types and accessors ? }
- *
- */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-);
-
-/*
- * { algorithm-specific parameter types and accessors ? }
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- * The public calls for this type:
- *
- * NSSPKIXORAddress_Decode
- * NSSPKIXORAddress_Create
- * NSSPKIXORAddress_Destroy
- * NSSPKIXORAddress_Encode
- * NSSPKIXORAddress_GetBuiltInStandardAttributes
- * NSSPKIXORAddress_SetBuiltInStandardAttributes
- * NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_HasExtensionsAttributes
- * NSSPKIXORAddress_GetExtensionsAttributes
- * NSSPKIXORAddress_SetExtensionsAttributes
- * NSSPKIXORAddress_RemoveExtensionsAttributes
- * NSSPKIXORAddress_Equal
- * NSSPKIXORAddress_Duplicate
- *
- */
-
-/*
- * NSSPKIXORAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXORAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXBuiltInDomainDefinedAttributes *biddaOpt,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * NSSPKIXORAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_Destroy
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXORAddress_Encode
-(
- NSSPKIXORAddress *ora,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_GetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXORAddress_GetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_HasExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_HasExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_GetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXORAddress_GetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * NSSPKIXORAddress_RemoveExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_RemoveExtensionsAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_Equal
-(
- NSSPKIXORAddress *ora1,
- NSSPKIXORAddress *ora2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Duplicate
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- * The public calls for this type:
- *
- * NSSPKIXBuiltInStandardAttributes_Decode
- * NSSPKIXBuiltInStandardAttributes_Create
- * NSSPKIXBuiltInStandardAttributes_Destroy
- * NSSPKIXBuiltInStandardAttributes_Encode
- * NSSPKIXBuiltInStandardAttributes_HasCountryName
- * NSSPKIXBuiltInStandardAttributes_GetCountryName
- * NSSPKIXBuiltInStandardAttributes_SetCountryName
- * NSSPKIXBuiltInStandardAttributes_RemoveCountryName
- * NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationName
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationName
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationName
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
- * NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_HasPersonalName
- * NSSPKIXBuiltInStandardAttributes_GetPersonalName
- * NSSPKIXBuiltInStandardAttributes_SetPersonalName
- * NSSPKIXBuiltInStandardAttributes_RemovePersonalName
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_Equal
- * NSSPKIXBuiltInStandardAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCountryName *countryNameOpt,
- NSSPKIXAdministrationDomainName *administrationDomainNameOpt,
- NSSPKIXNetworkAddress *networkAddressOpt,
- NSSPKIXTerminalIdentifier *terminalIdentifierOpt,
- NSSPKIXPrivateDomainName *privateDomainNameOpt,
- NSSPKIXOrganizationName *organizationNameOpt,
- NSSPKIXNumericUserIdentifier *numericUserIdentifierOpt,
- NSSPKIXPersonalName *personalNameOpt,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNamesOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_Destroy
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInStandardAttributes_Encode
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXBuiltInStandardAttributes_GetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXCountryName *countryName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXAdministrationDomainName *administrationDomainName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNetworkAddress *networkAddress
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXTerminalIdentifier *terminalIdentifier
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPrivateDomainName *privateDomainName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXBuiltInStandardAttributes_GetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationName *organizationName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNumericUserIdentifier *numericUserIdentifier
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXBuiltInStandardAttributes_GetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemovePersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemovePersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNames
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_Equal
-(
- NSSPKIXBuiltInStandardAttributes *bisa1,
- NSSPKIXBuiltInStandardAttributes *bisa2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Duplicate
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CountryName ::= [APPLICATION 1] CHOICE {
- * x121-dcc-code NumericString
- * (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXCountryName_Decode
- * NSSPKIXCountryName_CreateFromUTF8
- * NSSPKIXCountryName_Encode
- *
- */
-
-/*
- * NSSPKIXCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCountryName_Encode
-(
- NSSPKIXCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- * numeric NumericString (SIZE (0..ub-domain-name-length)),
- * printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXAdministrationDomainName_Decode
- * NSSPKIXAdministrationDomainName_CreateFromUTF8
- * NSSPKIXAdministrationDomainName_Encode
- *
- */
-
-/*
- * NSSPKIXAdministrationDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXAdministrationDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAdministrationDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXAdministrationDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXAdministrationDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAdministrationDomainName_Encode
-(
- NSSPKIXAdministrationDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXX121Address_Decode
- * NSSPKIXX121Address_CreateFromUTF8
- * NSSPKIXX121Address_Encode
- *
- */
-
-/*
- * NSSPKIXX121Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-NSSPKIXX121Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX121Address_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-NSSPKIXX121Address_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX121Address_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X121_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX121Address_Encode
-(
- NSSPKIXX121Address *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NetworkAddress ::= X121Address -- see also extended-network-address
- *
- * The public calls for this type:
- *
- * NSSPKIXNetworkAddress_Decode
- * NSSPKIXNetworkAddress_CreateFromUTF8
- * NSSPKIXNetworkAddress_Encode
- *
- */
-
-/*
- * NSSPKIXNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNetworkAddress_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXNetworkAddress_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXNetworkAddress_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNetworkAddress_Encode
-(
- NSSPKIXNetworkAddress *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTerminalIdentifier_Decode
- * NSSPKIXTerminalIdentifier_CreateFromUTF8
- * NSSPKIXTerminalIdentifier_Encode
- *
- */
-
-/*
- * NSSPKIXTerminalIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXTerminalIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTerminalIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXTerminalIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTerminalIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTerminalIdentifier_Encode
-(
- NSSPKIXTerminalIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments --
- *
- * PrivateDomainName ::= CHOICE {
- * numeric NumericString (SIZE (1..ub-domain-name-length)),
- * printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXPrivateDomainName_Decode
- * NSSPKIXPrivateDomainName_CreateFromUTF8
- * NSSPKIXPrivateDomainName_Encode
- *
- */
-
-/*
- * NSSPKIXPrivateDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXPrivateDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPrivateDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXPrivateDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPrivateDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPrivateDomainName_Encode
-(
- NSSPKIXPrivateDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- * OrganizationName ::= PrintableString
- * (SIZE (1..ub-organization-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXOrganizationName_Decode
- * NSSPKIXOrganizationName_CreateFromUTF8
- * NSSPKIXOrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationName_Encode
-(
- NSSPKIXOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NumericUserIdentifier ::= NumericString
- * (SIZE (1..ub-numeric-user-id-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXNumericUserIdentifier_Decode
- * NSSPKIXNumericUserIdentifier_CreateFromUTF8
- * NSSPKIXNumericUserIdentifier_Encode
- *
- */
-
-/*
- * NSSPKIXNumericUserIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXNumericUserIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNumericUserIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXNumericUserIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXNumericUserIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNumericUserIdentifier_Encode
-(
- NSSPKIXNumericUserIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXPersonalName_Decode
- * NSSPKIXPersonalName_Create
- * NSSPKIXPersonalName_Destroy
- * NSSPKIXPersonalName_Encode
- * NSSPKIXPersonalName_GetSurname
- * NSSPKIXPersonalName_SetSurname
- * NSSPKIXPersonalName_HasGivenName
- * NSSPKIXPersonalName_GetGivenName
- * NSSPKIXPersonalName_SetGivenName
- * NSSPKIXPersonalName_RemoveGivenName
- * NSSPKIXPersonalName_HasInitials
- * NSSPKIXPersonalName_GetInitials
- * NSSPKIXPersonalName_SetInitials
- * NSSPKIXPersonalName_RemoveInitials
- * NSSPKIXPersonalName_HasGenerationQualifier
- * NSSPKIXPersonalName_GetGenerationQualifier
- * NSSPKIXPersonalName_SetGenerationQualifier
- * NSSPKIXPersonalName_RemoveGenerationQualifier
- * NSSPKIXPersonalName_Equal
- * NSSPKIXPersonalName_Duplicate
- *
- */
-
-/*
- * NSSPKIXPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * NSSPKIXPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_Destroy
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPersonalName_Encode
-(
- NSSPKIXPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * NSSPKIXPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasGivenName
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * NSSPKIXPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveGivenName
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasInitials
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * NSSPKIXPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveInitials
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * NSSPKIXPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_Equal
-(
- NSSPKIXPersonalName *personalName1,
- NSSPKIXPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Duplicate
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- * The public calls for the type:
- *
- * NSSPKIXOrganizationalUnitNames_Decode
- * NSSPKIXOrganizationalUnitNames_Create
- * NSSPKIXOrganizationalUnitNames_Destroy
- * NSSPKIXOrganizationalUnitNames_Encode
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_Equal
- * NSSPKIXOrganizationalUnitNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_Destroy
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationalUnitNames_Encode
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName **
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRIntn
-NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXOrganizationalUnitNames_Equal
-(
- NSSPKIXOrganizationalUnitNames *ous1,
- NSSPKIXOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Duplicate
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitName ::= PrintableString (SIZE
- * (1..ub-organizational-unit-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXOrganizationalUnitName_Decode
- * NSSPKIXOrganizationalUnitName_CreateFromUTF8
- * NSSPKIXOrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationalUnitName_Encode
-(
- NSSPKIXOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- * The public calls for this type:
- *
- * NSSPKIXBuiltInDomainDefinedAttributes_Decode
- * NSSPKIXBuiltInDomainDefinedAttributes_Create
- * NSSPKIXBuiltInDomainDefinedAttributes_Destroy
- * NSSPKIXBuiltInDomainDefinedAttributes_Encode
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_Equal
- * NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- ...
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInDomainDefinedAttributes_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXBuiltInDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute **
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *bidda[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInDomainDefinedAttributes_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas1,
- NSSPKIXBuiltInDomainDefinedAttributes *biddas2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- * The public calls for this type:
- *
- * NSSPKIXBuiltInDomainDefinedAttribute_Decode
- * NSSPKIXBuiltInDomainDefinedAttribute_Create
- * NSSPKIXBuiltInDomainDefinedAttribute_Destroy
- * NSSPKIXBuiltInDomainDefinedAttribute_Encode
- * NSSPKIXBuiltInDomainDefinedAttribute_GetType
- * NSSPKIXBuiltInDomainDefinedAttribute_SetType
- * NSSPKIXBuiltInDomainDefinedAttribute_GetValue
- * NSSPKIXBuiltInDomainDefinedAttribute_SetValue
- * NSSPKIXBuiltInDomainDefinedAttribute_Equal
- * NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInDomainDefinedAttribute_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXBuiltInDomainDefinedAttribute_GetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_SetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *type
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXBuiltInDomainDefinedAttribute_GetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_SetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInDomainDefinedAttribute_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- * The public calls for this type:
- *
- * NSSPKIXExtensionAttributes_Decode
- * NSSPKIXExtensionAttributes_Create
- * NSSPKIXExtensionAttributes_Destroy
- * NSSPKIXExtensionAttributes_Encode
- * NSSPKIXExtensionAttributes_GetExtensionAttributeCount
- * NSSPKIXExtensionAttributes_GetExtensionAttributes
- * NSSPKIXExtensionAttributes_SetExtensionAttributes
- * NSSPKIXExtensionAttributes_GetExtensionAttribute
- * NSSPKIXExtensionAttributes_SetExtensionAttribute
- * NSSPKIXExtensionAttributes_InsertExtensionAttribute
- * NSSPKIXExtensionAttributes_AppendExtensionAttribute
- * NSSPKIXExtensionAttributes_RemoveExtensionAttribute
- * NSSPKIXExtensionAttributes_FindExtensionAttribute
- * NSSPKIXExtensionAttributes_Equal
- * NSSPKIXExtensionAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtensionAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtensionAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttribute ea1,
- ...
-);
-
-/*
- * NSSPKIXExtensionAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_Destroy
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * NSSPKIXExtensionAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtensionAttributes_Encode
-(
- NSSPKIXExtensionAttributes *eas
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtensionAttributes_GetExtensionAttributeCount
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXExtensionAttribute pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute **
-NSSPKIXExtensionAttributes_GetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_SetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_SetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttributes_GetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_SetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_SetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_InsertExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_InsertExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_AppendExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_AppendExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_RemoveExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_RemoveExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
-);
-
-/*
- * NSSPKIXExtensionAttributes_FindExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtensionAttributes_FindExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtensionAttributes_Equal
-(
- NSSPKIXExtensionAttributes *eas1,
- NSSPKIXExtensionAttributes *eas2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Duplicate
-(
- NSSPKIXExtensionAttributes *eas,
- NSSArena *arenaOpt
-);
-
-/*
- * fgmr
- * There should be accessors to search the ExtensionAttributes and
- * return the value for a specific value, etc.
- */
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- * The public calls for this type:
- *
- * NSSPKIXExtensionAttribute_Decode
- * NSSPKIXExtensionAttribute_Create
- * NSSPKIXExtensionAttribute_Destroy
- * NSSPKIXExtensionAttribute_Encode
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeType
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeType
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
- * NSSPKIXExtensionAttribute_Equal
- * NSSPKIXExtensionAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtensionAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtensionAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE_TYPE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttributeType type,
- NSSItem *value
-);
-
-/*
- * NSSPKIXExtensionAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_Destroy
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtensionAttribute_Encode
-(
- NSSPKIXExtensionAttribute *ea,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeType
- *
- * -- fgmr comments --
- * {One of these objects created from BER generated by a program
- * adhering to a later version of the PKIX standards might have
- * a value not mentioned in the enumeration definition. This isn't
- * a bug.}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A member of the NSSPKIXExtensionAttributeType enumeration
- * upon success
- * NSSPKIXExtensionAttributeType_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributeType
-NSSPKIXExtensionAttribute_GetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_SetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea,
- NSSPKIXExtensionAttributeType type
-);
-
-/*
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *value
-);
-
-/*
- * NSSPKIXExtensionAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtensionAttribute_Equal
-(
- NSSPKIXExtensionAttribute *ea1,
- NSSPKIXExtensionAttribute *ea2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Duplicate
-(
- NSSPKIXExtensionAttribute *ea,
- NSSArena *arenaOpt
-);
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXCommonName_Decode
- * NSSPKIXCommonName_CreateFromUTF8
- * NSSPKIXCommonName_Encode
- *
- */
-
-/*
- * NSSPKIXCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-NSSPKIXCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-NSSPKIXCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCommonName_Encode
-(
- NSSPKIXCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexCommonName_Decode
- * NSSPKIXTeletexCommonName_CreateFromUTF8
- * NSSPKIXTeletexCommonName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-NSSPKIXTeletexCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-NSSPKIXTeletexCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexCommonName_Encode
-(
- NSSPKIXTeletexCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationName ::=
- * TeletexString (SIZE (1..ub-organization-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexOrganizationName_Decode
- * NSSPKIXTeletexOrganizationName_CreateFromUTF8
- * NSSPKIXTeletexOrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-NSSPKIXTeletexOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-NSSPKIXTeletexOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationName_Encode
-(
- NSSPKIXTeletexOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexPersonalName_Decode
- * NSSPKIXTeletexPersonalName_Create
- * NSSPKIXTeletexPersonalName_Destroy
- * NSSPKIXTeletexPersonalName_Encode
- * NSSPKIXTeletexPersonalName_GetSurname
- * NSSPKIXTeletexPersonalName_SetSurname
- * NSSPKIXTeletexPersonalName_HasGivenName
- * NSSPKIXTeletexPersonalName_GetGivenName
- * NSSPKIXTeletexPersonalName_SetGivenName
- * NSSPKIXTeletexPersonalName_RemoveGivenName
- * NSSPKIXTeletexPersonalName_HasInitials
- * NSSPKIXTeletexPersonalName_GetInitials
- * NSSPKIXTeletexPersonalName_SetInitials
- * NSSPKIXTeletexPersonalName_RemoveInitials
- * NSSPKIXTeletexPersonalName_HasGenerationQualifier
- * NSSPKIXTeletexPersonalName_GetGenerationQualifier
- * NSSPKIXTeletexPersonalName_SetGenerationQualifier
- * NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
- * NSSPKIXTeletexPersonalName_Equal
- * NSSPKIXTeletexPersonalName_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_Destroy
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexPersonalName_Encode
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveGivenName
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveInitials
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_Equal
-(
- NSSPKIXTeletexPersonalName *personalName1,
- NSSPKIXTeletexPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Duplicate
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- * The public calls for the type:
- *
- * NSSPKIXTeletexOrganizationalUnitNames_Decode
- * NSSPKIXTeletexOrganizationalUnitNames_Create
- * NSSPKIXTeletexOrganizationalUnitNames_Destroy
- * NSSPKIXTeletexOrganizationalUnitNames_Encode
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_Equal
- * NSSPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_Destroy
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationalUnitNames_Encode
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName **
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexOrganizationalUnitNames_Equal
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous1,
- NSSPKIXTeletexOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Duplicate
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitName ::= TeletexString
- * (SIZE (1..ub-organizational-unit-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexOrganizationalUnitName_Decode
- * NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- * NSSPKIXTeletexOrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationalUnitName_Encode
-(
- NSSPKIXTeletexOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXPDSName_Decode
- * NSSPKIXPDSName_CreateFromUTF8
- * NSSPKIXPDSName_Encode
- *
- */
-
-/*
- * NSSPKIXPDSName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-NSSPKIXPDSName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPDSName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-NSSPKIXPDSName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPDSName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPDSName_Encode
-(
- NSSPKIXPDSName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryCountryName ::= CHOICE {
- * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXPhysicalDeliveryCountryName_Decode
- * NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- * NSSPKIXPhysicalDeliveryCountryName_Encode
- *
- */
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-NSSPKIXPhysicalDeliveryCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PHYSICAL_DELIVERY_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPhysicalDeliveryCountryName_Encode
-(
- NSSPKIXPhysicalDeliveryCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostalCode ::= CHOICE {
- * numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- * printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXPostalCode_Decode
- * NSSPKIXPostalCode_CreateFromUTF8
- * NSSPKIXPostalCode_Encode
- *
- */
-
-/*
- * NSSPKIXPostalCode_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-NSSPKIXPostalCode_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPostalCode_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-NSSPKIXPostalCode_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPostalCode_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POSTAL_CODE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPostalCode_Encode
-(
- NSSPKIXPostalCode *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXPDSParameter_Decode
- * NSSPKIXPDSParameter_CreateFromUTF8
- * NSSPKIXPDSParameter_Create
- * NSSPKIXPDSParameter_Delete
- * NSSPKIXPDSParameter_Encode
- * NSSPKIXPDSParameter_GetUTF8Encoding
- * NSSPKIXPDSParameter_HasPrintableString
- * NSSPKIXPDSParameter_GetPrintableString
- * NSSPKIXPDSParameter_SetPrintableString
- * NSSPKIXPDSParameter_RemovePrintableString
- * NSSPKIXPDSParameter_HasTeletexString
- * NSSPKIXPDSParameter_GetTeletexString
- * NSSPKIXPDSParameter_SetTeletexString
- * NSSPKIXPDSParameter_RemoveTeletexString
- * NSSPKIXPDSParameter_Equal
- * NSSPKIXPDSParameter_Duplicate
- */
-
-/*
- * NSSPKIXPDSParameter_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPDSParameter_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPDSParameter_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *printableStringOpt,
- NSSUTF8 *teletexStringOpt
-);
-
-/*
- * NSSPKIXPDSParameter_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_Destroy
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPDSParameter_Encode
-(
- NSSPKIXPDSParameter *p,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetUTF8Encoding
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_HasPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_HasPrintableString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_SetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_SetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *printableString
-);
-
-/*
- * NSSPKIXPDSParameter_RemovePrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_RemovePrintableString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_HasTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_HasTeletexString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_SetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_SetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *teletexString
-);
-
-/*
- * NSSPKIXPDSParameter_RemoveTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_RemoveTeletexString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_Equal
-(
- NSSPKIXPDSParameter *p1,
- NSSPKIXPDSParameter *p2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Duplicate
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * fgmr: what about these PDS types?
- *
- * PhysicalDeliveryOfficeName
- *
- * PhysicalDeliveryOfficeNumber
- *
- * ExtensionORAddressComponents
- *
- * PhysicalDeliveryPersonalName
- *
- * PhysicalDeliveryOrganizationName
- *
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * StreetAddress
- *
- * PostOfficeBoxAddress
- *
- * PosteRestanteAddress
- *
- * UniquePostalName
- *
- * LocalPostalAttributes
- *
- */
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- * The public calls for the type:
- *
- *
- */
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- * The public calls for the type:
- *
- * NSSPKIXExtendedNetworkAddress_Decode
- * NSSPKIXExtendedNetworkAddress_Create
- * NSSPKIXExtendedNetworkAddress_Destroy
- * NSSPKIXExtendedNetworkAddress_Encode
- * NSSPKIXExtendedNetworkAddress_GetChoice
- * NSSPKIXExtendedNetworkAddress_Get
- * NSSPKIXExtendedNetworkAddress_GetE1634Address
- * NSSPKIXExtendedNetworkAddress_GetPsapAddress
- * NSSPKIXExtendedNetworkAddress_Set
- * NSSPKIXExtendedNetworkAddress_SetE163Address
- * NSSPKIXExtendedNetworkAddress_SetPsapAddress
- * NSSPKIXExtendedNetworkAddress_Equal
- * NSSPKIXExtendedNetworkAddress_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtendedNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtendedNetworkAddressChoice choice,
- void *address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_CreateFromE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_CreateFromE1634Address
-(
- NSSArena *arenaOpt,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_CreateFromPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_CreateFromPresentationAddress
-(
- NSSArena *arenaOpt,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_Destroy
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtendedNetworkAddress_Encode
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * A valid element of the NSSPKIXExtendedNetworkAddressChoice upon
- * success
- * The value NSSPKIXExtendedNetworkAddress_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddressChoice
-NSSPKIXExtendedNetworkAddress_GetChoice
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXExtendedNetworkAddress_GetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1643Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1643Address *
-NSSPKIXExtendedNetworkAddress_GetE1634Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPresentationAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPresentationAddress *
-NSSPKIXExtendedNetworkAddress_GetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- void *address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetE163Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetE163Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtendedNetworkAddress_Equal
-(
- NSSPKIXExtendedNetworkAddress *ena1,
- NSSPKIXExtendedNetworkAddress *ena2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Duplicate
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- * The public calls for the type:
- *
- * NSSPKIXe1634Address_Decode
- * NSSPKIXe1634Address_Create
- * NSSPKIXe1634Address_Destroy
- * NSSPKIXe1634Address_Encode
- * NSSPKIXe1634Address_GetNumber
- * NSSPKIXe1634Address_SetNumber
- * NSSPKIXe1634Address_HasSubAddress
- * NSSPKIXe1634Address_GetSubAddress
- * NSSPKIXe1634Address_SetSubAddress
- * NSSPKIXe1634Address_RemoveSubAddress
- * NSSPKIXe1634Address_Equal
- * NSSPKIXe1634Address_Duplicate
- *
- */
-
-/*
- * NSSPKIXe1634Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXe1634Address_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *number,
- NSSUTF8 *subAddressOpt
-);
-
-/*
- * NSSPKIXe1634Address_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_Destroy
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * NSSPKIXe1634Address_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXe1634Address_Encode
-(
- NSSPKIXe1634Address *e,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_GetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXe1634Address_GetNumber
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_SetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_SetNumber
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *number
-);
-
-/*
- * NSSPKIXe1634Address_HasSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXe1634Address_HasSubAddress
-(
- NSSPKIXe1634Address *e,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXe1634Address_GetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXe1634Address_GetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_SetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_SetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *subAddress
-);
-
-/*
- * NSSPKIXe1634Address_RemoveSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_RemoveSubAddress
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * NSSPKIXe1634Address_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXe1634Address_Equal
-(
- NSSPKIXe1634Address *e1,
- NSSPKIXe1634Address *e2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXe1634Address_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Duplicate
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- * The public calls for the type:
- *
- * NSSPKIXPresentationAddress_Decode
- * NSSPKIXPresentationAddress_Create
- * NSSPKIXPresentationAddress_Destroy
- * NSSPKIXPresentationAddress_Encode
- * NSSPKIXPresentationAddress_HasPSelector
- * NSSPKIXPresentationAddress_GetPSelector
- * NSSPKIXPresentationAddress_SetPSelector
- * NSSPKIXPresentationAddress_RemovePSelector
- * NSSPKIXPresentationAddress_HasSSelector
- * NSSPKIXPresentationAddress_GetSSelector
- * NSSPKIXPresentationAddress_SetSSelector
- * NSSPKIXPresentationAddress_RemoveSSelector
- * NSSPKIXPresentationAddress_HasTSelector
- * NSSPKIXPresentationAddress_GetTSelector
- * NSSPKIXPresentationAddress_SetTSelector
- * NSSPKIXPresentationAddress_RemoveTSelector
- * NSSPKIXPresentationAddress_HasNAddresses
- * NSSPKIXPresentationAddress_GetNAddresses
- * NSSPKIXPresentationAddress_SetNAddresses
- * NSSPKIXPresentationAddress_RemoveNAddresses
- *{NAddresses must be more complex than that}
- * NSSPKIXPresentationAddress_Compare
- * NSSPKIXPresentationAddress_Duplicate
- *
- */
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- * The public calls for the type:
- *
- * NSSPKIXTeletexDomainDefinedAttributes_Decode
- * NSSPKIXTeletexDomainDefinedAttributes_Create
- * NSSPKIXTeletexDomainDefinedAttributes_Destroy
- * NSSPKIXTeletexDomainDefinedAttributes_Encode
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_Equal
- * NSSPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- ...
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexDomainDefinedAttributes_Encode
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute **
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexDomainDefinedAttributes_Equal
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas1,
- NSSPKIXTeletexDomainDefinedAttributes *tddas2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- * The public calls for the type:
- *
- * NSSPKIXTeletexDomainDefinedAttribute_Decode
- * NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- * NSSPKIXTeletexDomainDefinedAttribute_Create
- * NSSPKIXTeletexDomainDefinedAttribute_Destroy
- * NSSPKIXTeletexDomainDefinedAttribute_Encode
- * NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- * NSSPKIXTeletexDomainDefinedAttribute_GetType
- * NSSPKIXTeletexDomainDefinedAttribute_SetType
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- * NSSPKIXTeletexDomainDefinedAttribute_Equal
- * NSSPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexDomainDefinedAttribute_Encode
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_SetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *type
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_SetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexDomainDefinedAttribute_Equal
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- NSSPKIXTeletexDomainDefinedAttribute *tdda2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- * The public calls for the type:
- *
- * NSSPKIXAuthorityKeyIdentifier_Decode
- * NSSPKIXAuthorityKeyIdentifier_Create
- * NSSPKIXAuthorityKeyIdentifier_Destroy
- * NSSPKIXAuthorityKeyIdentifier_Encode
- * NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_Equal
- * NSSPKIXAuthorityKeyIdentifier_Duplicate
- *
- */
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyIdentifier *keyIdentifierOpt,
- NSSPKIXGeneralNames *authorityCertIssuerOpt,
- NSSPKIXCertificateSerialNumber *authorityCertSerialNumberOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_Destroy
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAuthorityKeyIdentifier_Encode
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *keyIdentifier
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has them
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXCertificateSerialNumber *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXGeneralNames *issuer,
- NSSPKIXCertificateSerialNumber *serialNumber
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_Equal
-(
- NSSPKIXAuthorityKeyIdentifier *aki1,
- NSSPKIXAuthorityKeyIdentifier *aki2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Duplicate
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- * The public calls for the type:
- *
- * NSSPKIXKeyUsage_Decode
- * NSSPKIXKeyUsage_CreateFromUTF8
- * NSSPKIXKeyUsage_CreateFromValue
- * NSSPKIXKeyUsage_Destroy
- * NSSPKIXKeyUsage_Encode
- * NSSPKIXKeyUsage_GetUTF8Encoding
- * NSSPKIXKeyUsage_GetValue
- * NSSPKIXKeyUsage_SetValue
- * { bitwise accessors? }
- * NSSPKIXKeyUsage_Equal
- * NSSPKIXKeyUsage_Duplicate
- *
- */
-
-/*
- * NSSPKIXKeyUsage_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXKeyUsage_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXKeyUsage_CreateFromValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_CreateFromValue
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * NSSPKIXKeyUsage_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXKeyUsage_Destroy
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * NSSPKIXKeyUsage_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXKeyUsage_Encode
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXKeyUsage_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXKeyUsage_GetUTF8Encoding
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXKeyUsage_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * A set of NSSKeyUsageValue values OR-d together upon success
- * NSSKeyUsage_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSKeyUsageValue
-NSSPKIXKeyUsage_GetValue
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * NSSPKIXKeyUsage_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXKeyUsage_SetValue
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * NSSPKIXKeyUsage_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXKeyUsage_Equal
-(
- NSSPKIXKeyUsage *keyUsage1,
- NSSPKIXKeyUsage *keyUsage2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXKeyUsage_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_Duplicate
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- * The public calls for the type:
- *
- * NSSPKIXPrivateKeyUsagePeriod_Decode
- * NSSPKIXPrivateKeyUsagePeriod_Create
- * NSSPKIXPrivateKeyUsagePeriod_Destroy
- * NSSPKIXPrivateKeyUsagePeriod_Encode
- * NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_Equal
- * NSSPKIXPrivateKeyUsagePeriod_Duplicate
- *
- */
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Create
-(
- NSSArena *arenaOpt,
- NSSTime *notBeforeOpt,
- NSSTime *notAfterOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_Destroy
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPrivateKeyUsagePeriod_Encode
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notBefore
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notAfter
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_Equal
-(
- NSSPKIXPrivateKeyUsagePeriod *period1,
- NSSPKIXPrivateKeyUsagePeriod *period2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Duplicate
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * The public calls for the type:
- *
- * NSSPKIXCertificatePolicies_Decode
- * NSSPKIXCertificatePolicies_Create
- * NSSPKIXCertificatePolicies_Destroy
- * NSSPKIXCertificatePolicies_Encode
- * NSSPKIXCertificatePolicies_GetPolicyInformationCount
- * NSSPKIXCertificatePolicies_GetPolicyInformations
- * NSSPKIXCertificatePolicies_SetPolicyInformations
- * NSSPKIXCertificatePolicies_GetPolicyInformation
- * NSSPKIXCertificatePolicies_SetPolicyInformation
- * NSSPKIXCertificatePolicies_InsertPolicyInformation
- * NSSPKIXCertificatePolicies_AppendPolicyInformation
- * NSSPKIXCertificatePolicies_RemovePolicyInformation
- * NSSPKIXCertificatePolicies_FindPolicyInformation
- * NSSPKIXCertificatePolicies_Equal
- * NSSPKIXCertificatePolicies_Duplicate
- *
- */
-
-/*
- * NSSPKIXCertificatePolicies_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificatePolicies_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyInformation *pi1,
- ...
-);
-
-/*
- * NSSPKIXCertificatePolicies_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_Destroy
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * NSSPKIXCertificatePolicies_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificatePolicies_Encode
-(
- NSSPKIXCertificatePolicies *cp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformationCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCertificatePolicies_GetPolicyInformationCount
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformations
- *
- * We regret the function name.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyInformation pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation **
-NSSPKIXCertificatePolicies_GetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_SetPolicyInformations
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_SetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXCertificatePolicies_GetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_SetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_SetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_InsertPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_InsertPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_AppendPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_AppendPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_RemovePolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_RemovePolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i
-);
-
-/*
- * NSSPKIXCertificatePolicies_FindPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCertificatePolicies_FindPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificatePolicies_Equal
-(
- NSSPKIXCertificatePolicies *cp1,
- NSSPKIXCertificatePolicies *cp2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Duplicate
-(
- NSSPKIXCertificatePolicies *cp,
- NSSArena *arenaOpt
-);
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- * The public calls for the type:
- *
- * NSSPKIXPolicyInformation_Decode
- * NSSPKIXPolicyInformation_Create
- * NSSPKIXPolicyInformation_Destroy
- * NSSPKIXPolicyInformation_Encode
- * NSSPKIXPolicyInformation_GetPolicyIdentifier
- * NSSPKIXPolicyInformation_SetPolicyIdentifier
- * NSSPKIXPolicyInformation_GetPolicyQualifierCount
- * NSSPKIXPolicyInformation_GetPolicyQualifiers
- * NSSPKIXPolicyInformation_SetPolicyQualifiers
- * NSSPKIXPolicyInformation_GetPolicyQualifier
- * NSSPKIXPolicyInformation_SetPolicyQualifier
- * NSSPKIXPolicyInformation_InsertPolicyQualifier
- * NSSPKIXPolicyInformation_AppendPolicyQualifier
- * NSSPKIXPolicyInformation_RemovePolicyQualifier
- * NSSPKIXPolicyInformation_Equal
- * NSSPKIXPolicyInformation_Duplicate
- * { and accessors by specific policy qualifier ID }
- *
- */
-
-/*
- * NSSPKIXPolicyInformation_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyInformation_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *id,
- NSSPKIXPolicyQualifierInfo *pqi1,
- ...
-);
-
-/*
- * NSSPKIXPolicyInformation_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_Destroy
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyInformation_Encode
-(
- NSSPKIXPolicyInformation *pi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid OID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyInformation_GetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXCertPolicyIdentifier *cpi
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifierCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyInformation_GetPolicyQualifierCount
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyQualifierInfo pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo **
-NSSPKIXPolicyInformation_GetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *pqi[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyInformation_GetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_InsertPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_InsertPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_AppendPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_AppendPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_RemovePolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_RemovePolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i
-);
-
-/*
- * NSSPKIXPolicyInformation_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyInformation_Equal
-(
- NSSPKIXPolicyInformation *pi1,
- NSSPKIXPolicyInformation *pi2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Duplicate
-(
- NSSPKIXPolicyInformation *pi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific policy qualifier ID }
- *
- */
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- * The public calls for the type:
- *
- * NSSPKIXPolicyQualifierInfo_Decode
- * NSSPKIXPolicyQualifierInfo_Create
- * NSSPKIXPolicyQualifierInfo_Destroy
- * NSSPKIXPolicyQualifierInfo_Encode
- * NSSPKIXPolicyQualifierInfo_GetPolicyQualifierID
- * NSSPKIXPolicyQualifierInfo_SetPolicyQualifierID
- * NSSPKIXPolicyQualifierInfo_GetQualifier
- * NSSPKIXPolicyQualifierInfo_SetQualifier
- * NSSPKIXPolicyQualifierInfo_Equal
- * NSSPKIXPolicyQualifierInfo_Duplicate
- * { and accessors by specific qualifier id/type }
- *
- */
-
-/*
- * NSSPKIXPolicyQualifierInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyQualifierId *policyQualifierId,
- NSSItem *qualifier
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_Destroy
-(
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyQualifierInfo_Encode
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_GetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierId (an NSSOID) upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierId *
-NSSPKIXPolicyQualifierInfo_GetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_SetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_SetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSPKIXPolicyQualifierId *pqid
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_GetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXPolicyQualifierInfo_GetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_SetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_SetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *qualifier
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyQualifierInfo_Equal
-(
- NSSPKIXPolicyQualifierInfo *pqi1,
- NSSPKIXPolicyQualifierInfo *pqi2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Duplicate
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific qualifier id/type }
- *
- */
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CPSuri ::= IA5String
- *
- * The public calls for this type:
- *
- * NSSPKIXCPSuri_Decode
- * NSSPKIXCPSuri_CreateFromUTF8
- * NSSPKIXCPSuri_Encode
- *
- */
-
-/*
- * NSSPKIXCPSuri_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-NSSPKIXCPSuri_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCPSuri_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-NSSPKIXCPSuri_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCPSuri_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CPS_URI
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCPSuri_Encode
-(
- NSSPKIXCPSuri *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- * The public calls for this type:
- *
- * NSSPKIXUserNotice_Decode
- * NSSPKIXUserNotice_Create
- * NSSPKIXUserNotice_Destroy
- * NSSPKIXUserNotice_Encode
- * NSSPKIXUserNotice_HasNoticeRef
- * NSSPKIXUserNotice_GetNoticeRef
- * NSSPKIXUserNotice_SetNoticeRef
- * NSSPKIXUserNotice_RemoveNoticeRef
- * NSSPKIXUserNotice_HasExplicitText
- * NSSPKIXUserNotice_GetExplicitText
- * NSSPKIXUserNotice_SetExplicitText
- * NSSPKIXUserNotice_RemoveExplicitText
- * NSSPKIXUserNotice_Equal
- * NSSPKIXUserNotice_Duplicate
- *
- */
-
-
-/*
- * NSSPKIXUserNotice_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXUserNotice_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNoticeReference *noticeRef,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * NSSPKIXUserNotice_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_Destroy
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXUserNotice_Encode
-(
- NSSPKIXUserNotice *userNotice,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_HasNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_HasNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_GetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXUserNotice_GetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_SetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_SetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXNoticeReference *noticeRef
-);
-
-/*
- * NSSPKIXUserNotice_RemoveNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_RemoveNoticeRef
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_HasExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has some
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_HasExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_GetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXUserNotice_GetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_SetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_SetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * NSSPKIXUserNotice_RemoveExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_RemoveExplicitText
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_Equal
-(
- NSSPKIXUserNotice *userNotice1,
- NSSPKIXUserNotice *userNotice2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Duplicate
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- * The public calls for this type:
- *
- * NSSPKIXNoticeReference_Decode
- * NSSPKIXNoticeReference_Create
- * NSSPKIXNoticeReference_Destroy
- * NSSPKIXNoticeReference_Encode
- * NSSPKIXNoticeReference_GetOrganization
- * NSSPKIXNoticeReference_SetOrganization
- * NSSPKIXNoticeReference_GetNoticeNumberCount
- * NSSPKIXNoticeReference_GetNoticeNumbers
- * NSSPKIXNoticeReference_SetNoticeNumbers
- * NSSPKIXNoticeReference_GetNoticeNumber
- * NSSPKIXNoticeReference_SetNoticeNumber
- * NSSPKIXNoticeReference_InsertNoticeNumber
- * NSSPKIXNoticeReference_AppendNoticeNumber
- * NSSPKIXNoticeReference_RemoveNoticeNumber
- * { maybe number-exists-p gettor? }
- * NSSPKIXNoticeReference_Equal
- * NSSPKIXNoticeReference_Duplicate
- *
- */
-
-/*
- * NSSPKIXNoticeReference_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNoticeReference_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDisplayText *organization,
- PRUint32 noticeCount,
- PRInt32 noticeNumber1,
- ...
-);
-
-/*
- * { fgmr -- or should the call that takes PRInt32 be _CreateFromValues,
- * and the _Create call take NSSBER integers? }
- */
-
-/*
- * NSSPKIXNoticeReference_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_Destroy
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * NSSPKIXNoticeReference_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNoticeReference_Encode
-(
- NSSPKIXNoticeReference *nr,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_GetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXNoticeReference_GetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_SetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSPKIXDisplayText *organization
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumberCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXNoticeReference_GetNoticeNumberCount
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of PRInt32 values upon success
- * NULL upon failure
- */
-
-NSS_EXTERN PRInt32 *
-NSSPKIXNoticeReference_GetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_SetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumbers[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumber
- *
- * -- fgmr comments --
- * Because there is no natural "invalid" notice number value, we must
- * pass the number by reference, and return an explicit status value.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_GetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 *noticeNumberP
-);
-
-/*
- * NSSPKIXNoticeReference_SetNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_InsertNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_InsertNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_AppendNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_AppendNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_RemoveNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_RemoveNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i
-);
-
-/*
- * { maybe number-exists-p gettor? }
- */
-
-/*
- * NSSPKIXNoticeReference_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNoticeReference_Equal
-(
- NSSPKIXNoticeReference *nr1,
- NSSPKIXNoticeReference *nr2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNoticeReference_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Duplicate
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DisplayText ::= CHOICE {
- * visibleString VisibleString (SIZE (1..200)),
- * bmpString BMPString (SIZE (1..200)),
- * utf8String UTF8String (SIZE (1..200)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXDisplayText_Decode
- * NSSPKIXDisplayText_CreateFromUTF8
- * NSSPKIXDisplayText_Encode
- *
- */
-
-/*
- * NSSPKIXDisplayText_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXDisplayText_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDisplayText_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXDisplayText_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXDisplayText_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDisplayText_Encode
-(
- NSSPKIXDisplayText *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The public calls for this type:
- *
- * NSSPKIXPolicyMappings_Decode
- * NSSPKIXPolicyMappings_Create
- * NSSPKIXPolicyMappings_Destroy
- * NSSPKIXPolicyMappings_Encode
- * NSSPKIXPolicyMappings_GetPolicyMappingCount
- * NSSPKIXPolicyMappings_GetPolicyMappings
- * NSSPKIXPolicyMappings_SetPolicyMappings
- * NSSPKIXPolicyMappings_GetPolicyMapping
- * NSSPKIXPolicyMappings_SetPolicyMapping
- * NSSPKIXPolicyMappings_InsertPolicyMapping
- * NSSPKIXPolicyMappings_AppendPolicyMapping
- * NSSPKIXPolicyMappings_RemovePolicyMapping
- * NSSPKIXPolicyMappings_FindPolicyMapping
- * NSSPKIXPolicyMappings_Equal
- * NSSPKIXPolicyMappings_Duplicate
- * NSSPKIXPolicyMappings_IssuerDomainPolicyExists
- * NSSPKIXPolicyMappings_SubjectDomainPolicyExists
- * NSSPKIXPolicyMappings_FindIssuerDomainPolicy
- * NSSPKIXPolicyMappings_FindSubjectDomainPolicy
- * NSSPKIXPolicyMappings_MapIssuerToSubject
- * NSSPKIXPolicyMappings_MapSubjectToIssuer
- * { find's and map's: what if there's more than one? }
- *
- */
-
-/*
- * NSSPKIXPolicyMappings_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyMappings_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSPKIXpolicyMapping *policyMapping1,
- ...
-);
-
-/*
- * NSSPKIXPolicyMappings_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_Destroy
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * NSSPKIXPolicyMappings_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyMappings_Encode
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMappingCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_GetPolicyMappingCount
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXpolicyMapping pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping **
-NSSPKIXPolicyMappings_GetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_SetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping[]
- PRInt32 count
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXPolicyMappings_GetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_SetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_InsertPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_InsertPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_AppendPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_AppendPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_RemovePolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_RemovePolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i
-);
-
-/*
- * NSSPKIXPolicyMappings_FindPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_Equal
-(
- NSSPKIXPolicyMappings *policyMappings1,
- NSSPKIXpolicyMappings *policyMappings2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Duplicate
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_IssuerDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_IssuerDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SubjectDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_SubjectDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *subjectDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_FindIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindIssuerDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_FindSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindSubjectDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_MapIssuerToSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyMappings_MapIssuerToSubject
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_MapSubjectToIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyMappings_MapSubjectToIssuer
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The public calls for this type:
- *
- * NSSPKIXpolicyMapping_Decode
- * NSSPKIXpolicyMapping_Create
- * NSSPKIXpolicyMapping_Destroy
- * NSSPKIXpolicyMapping_Encode
- * NSSPKIXpolicyMapping_GetIssuerDomainPolicy
- * NSSPKIXpolicyMapping_SetIssuerDomainPolicy
- * NSSPKIXpolicyMapping_GetSubjectDomainPolicy
- * NSSPKIXpolicyMapping_SetSubjectDomainPolicy
- * NSSPKIXpolicyMapping_Equal
- * NSSPKIXpolicyMapping_Duplicate
- *
- */
-
-/*
- * NSSPKIXpolicyMapping_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXpolicyMapping_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_Destroy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXpolicyMapping_Encode
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXpolicyMapping_GetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXpolicyMapping_GetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_SetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_SetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_GetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXpolicyMapping_GetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_SetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_SetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXpolicyMapping_Equal
-(
- NSSPKIXpolicyMapping *policyMapping1,
- NSSPKIXpolicyMapping *policyMapping2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXpolicyMapping_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Duplicate
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSArena *arenaOpt
-);
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralName_Decode
- * NSSPKIXGeneralName_CreateFromUTF8
- * NSSPKIXGeneralName_Create
- * NSSPKIXGeneralName_CreateFromOtherName
- * NSSPKIXGeneralName_CreateFromRfc822Name
- * NSSPKIXGeneralName_CreateFromDNSName
- * NSSPKIXGeneralName_CreateFromX400Address
- * NSSPKIXGeneralName_CreateFromDirectoryName
- * NSSPKIXGeneralName_CreateFromEDIPartyName
- * NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
- * NSSPKIXGeneralName_CreateFromIPAddress
- * NSSPKIXGeneralName_CreateFromRegisteredID
- * NSSPKIXGeneralName_Destroy
- * NSSPKIXGeneralName_Encode
- * NSSPKIXGeneralName_GetUTF8Encoding
- * NSSPKIXGeneralName_GetChoice
- * NSSPKIXGeneralName_GetOtherName
- * NSSPKIXGeneralName_GetRfc822Name
- * NSSPKIXGeneralName_GetDNSName
- * NSSPKIXGeneralName_GetX400Address
- * NSSPKIXGeneralName_GetDirectoryName
- * NSSPKIXGeneralName_GetEDIPartyName
- * NSSPKIXGeneralName_GetUniformResourceIdentifier
- * NSSPKIXGeneralName_GetIPAddress
- * NSSPKIXGeneralName_GetRegisteredID
- * NSSPKIXGeneralName_GetSpecifiedChoice
- * NSSPKIXGeneralName_Equal
- * NSSPKIXGeneralName_Duplicate
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-/*
- * NSSPKIXGeneralName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXGeneralName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNameChoice choice,
- void *content
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromOtherName
-(
- NSSArena *arenaOpt,
- NSSPKIXAnotherName *otherName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromRfc822Name
-(
- NSSArena *arenaOpt,
- NSSUTF8 *rfc822Name
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromDNSName
-(
- NSSArena *arenaOpt,
- NSSUTF8 *dNSName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromX400Address
-(
- NSSArena *arenaOpt,
- NSSPKIXORAddress *x400Address
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromDirectoryName
-(
- NSSArena *arenaOpt,
- NSSPKIXName *directoryName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromEDIPartyName
-(
- NSSArena *arenaOpt,
- NSSPKIXEDIPartyName *ediPartyname
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
-(
- NSSArena *arenaOpt,
- NSSUTF8 *uniformResourceIdentifier
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromIPAddress
-(
- NSSArena *arenaOpt,
- NSSItem *iPAddress
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromRegisteredID
-(
- NSSArena *arenaOpt,
- NSSOID *registeredID
-);
-
-/*
- * NSSPKIXGeneralName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralName_Destroy
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralName_Encode
-(
- NSSPKIXGeneralName *generalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetUTF8Encoding
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid NSSPKIXGeneralNameChoice value upon success
- * NSSPKIXGeneralNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNameChoice
-NSSPKIXGeneralName_GetChoice
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_GetOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXGeneralName_GetOtherName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetRfc822Name
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetDNSName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXGeneralName_GetX400Address
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXGeneralName_GetDirectoryName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXGeneralName_GetEDIPartyName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetUniformResourceIdentifier
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXGeneralName_GetIPAddress
-(
- NSSPKIXGeneralName *generalName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXGeneralName_GetRegisteredID
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXGeneralName_GetSpecifiedChoice
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralName_Equal
-(
- NSSPKIXGeneralName *generalName1,
- NSSPKIXGeneralName *generalName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Duplicate
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralNames_Decode
- * NSSPKIXGeneralNames_Create
- * NSSPKIXGeneralNames_Destroy
- * NSSPKIXGeneralNames_Encode
- * NSSPKIXGeneralNames_GetGeneralNameCount
- * NSSPKIXGeneralNames_GetGeneralNames
- * NSSPKIXGeneralNames_SetGeneralNames
- * NSSPKIXGeneralNames_GetGeneralName
- * NSSPKIXGeneralNames_SetGeneralName
- * NSSPKIXGeneralNames_InsertGeneralName
- * NSSPKIXGeneralNames_AppendGeneralName
- * NSSPKIXGeneralNames_RemoveGeneralName
- * NSSPKIXGeneralNames_FindGeneralName
- * NSSPKIXGeneralNames_Equal
- * NSSPKIXGeneralNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXGeneralNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralName *generalName1,
- ...
-);
-
-/*
- * NSSPKIXGeneralNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_Destroy
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * NSSPKIXGeneralNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralNames_Encode
-(
- NSSPKIXGeneralNames *generalNames,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralNames_GetGeneralNameCount
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralName pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName **
-NSSPKIXGeneralNames_GetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_SetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_SetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralNames_GetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_SetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_SetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_InsertGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_InsertGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_AppendGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_AppendGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_RemoveGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_RemoveGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i
-);
-
-/*
- * NSSPKIXGeneralNames_FindGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralNames_FindGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralNames_Equal
-(
- NSSPKIXGeneralNames *generalNames1,
- NSSPKIXGeneralNames *generalNames2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Duplicate
-(
- NSSPKIXGeneralNames *generalNames,
- NSSArena *arenaOpt
-);
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * The public calls for this type:
- *
- * NSSPKIXAnotherName_Decode
- * NSSPKIXAnotherName_Create
- * NSSPKIXAnotherName_Destroy
- * NSSPKIXAnotherName_Encode
- * NSSPKIXAnotherName_GetTypeId
- * NSSPKIXAnotherName_SetTypeId
- * NSSPKIXAnotherName_GetValue
- * NSSPKIXAnotherName_SetValue
- * NSSPKIXAnotherName_Equal
- * NSSPKIXAnotherName_Duplicate
- *
- */
-
-/*
- * NSSPKIXAnotherName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAnotherName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Create
-(
- NSSArena *arenaOpt,
- NSSOID *typeId,
- NSSItem *value
-);
-
-/*
- * NSSPKIXAnotherName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_Destroy
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * NSSPKIXAnotherName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAnotherName_Encode
-(
- NSSPKIXAnotherName *anotherName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAnotherName_GetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAnotherName_GetTypeId
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * NSSPKIXAnotherName_SetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_SetTypeId
-(
- NSSPKIXAnotherName *anotherName,
- NSSOID *typeId
-);
-
-/*
- * NSSPKIXAnotherName_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXAnotherName_GetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAnotherName_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_SetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *value
-);
-
-/*
- * NSSPKIXAnotherName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAnotherName_Equal
-(
- NSSPKIXAnotherName *anotherName1,
- NSSPKIXAnotherName *anotherName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAnotherName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Duplicate
-(
- NSSPKIXAnotherName *anotherName,
- NSSArena *arenaOpt
-);
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- * The public calls for this type:
- *
- * NSSPKIXEDIPartyName_Decode
- * NSSPKIXEDIPartyName_Create
- * NSSPKIXEDIPartyName_Destroy
- * NSSPKIXEDIPartyName_Encode
- * NSSPKIXEDIPartyName_HasNameAssigner
- * NSSPKIXEDIPartyName_GetNameAssigner
- * NSSPKIXEDIPartyName_SetNameAssigner
- * NSSPKIXEDIPartyName_RemoveNameAssigner
- * NSSPKIXEDIPartyName_GetPartyName
- * NSSPKIXEDIPartyName_SetPartyName
- * NSSPKIXEDIPartyName_Equal
- * NSSPKIXEDIPartyName_Duplicate
- *
- */
-
-/*
- * NSSPKIXEDIPartyName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXEDIPartyName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *nameAssignerOpt,
- NSSUTF8 *partyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_Destroy
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXEDIPartyName_Encode
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_HasNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXEDIPartyName_HasNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_GetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXEDIPartyName_GetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_SetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_SetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *nameAssigner
-);
-
-/*
- * NSSPKIXEDIPartyName_RemoveNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_RemoveNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_GetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXEDIPartyName_GetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_SetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_SetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *partyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXEDIPartyName_Equal
-(
- NSSPKIXEDIPartyName *ediPartyName1,
- NSSPKIXEDIPartyName *ediPartyName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Duplicate
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- * The public calls for this type:
- *
- * NSSPKIXSubjectDirectoryAttributes_Decode
- * NSSPKIXSubjectDirectoryAttributes_Create
- * NSSPKIXSubjectDirectoryAttributes_Destroy
- * NSSPKIXSubjectDirectoryAttributes_Encode
- * NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
- * NSSPKIXSubjectDirectoryAttributes_GetAttributes
- * NSSPKIXSubjectDirectoryAttributes_SetAttributes
- * NSSPKIXSubjectDirectoryAttributes_GetAttribute
- * NSSPKIXSubjectDirectoryAttributes_SetAttribute
- * NSSPKIXSubjectDirectoryAttributes_InsertAttribute
- * NSSPKIXSubjectDirectoryAttributes_AppendAttribute
- * NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
- * NSSPKIXSubjectDirectoryAttributes_FindAttribute
- * NSSPKIXSubjectDirectoryAttributes_Equal
- * NSSPKIXSubjectDirectoryAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttribute *attribute1,
- ...
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_Destroy
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXSubjectDirectoryAttributes_Encode
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttribute pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttribute **
-NSSPKIXSubjectDirectoryAttributes_GetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_SetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_SetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSAttribute *attributes[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXSubjectDirectoryAttributes_GetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_SetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_SetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_InsertAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_InsertAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_AppendAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_AppendAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_FindAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ATTRIBUTE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXSubjectDirectoryAttributes_FindAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXSubjectDirectoryAttributes_Equal
-(
- NSSPKIXSubjectDirectoryAttributes *sda1,
- NSSPKIXSubjectDirectoryAttributes *sda2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Duplicate
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSArena *arenaOpt
-);
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXBasicConstraints_Decode
- * NSSPKIXBasicConstraints_Create
- * NSSPKIXBasicConstraints_Destroy
- * NSSPKIXBasicConstraints_Encode
- * NSSPKIXBasicConstraints_GetCA
- * NSSPKIXBasicConstraints_SetCA
- * NSSPKIXBasicConstraints_HasPathLenConstraint
- * NSSPKIXBasicConstraints_GetPathLenConstraint
- * NSSPKIXBasicConstraints_SetPathLenConstraint
- * NSSPKIXBasicConstraints_RemovePathLenConstraint
- * NSSPKIXBasicConstraints_Equal
- * NSSPKIXBasicConstraints_Duplicate
- * NSSPKIXBasicConstraints_CompareToPathLenConstraint
- *
- */
-
-/*
- * NSSPKIXBasicConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBasicConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Create
-(
- NSSArena *arenaOpt,
- PRBool ca,
- PRInt32 pathLenConstraint
-);
-
-/*
- * NSSPKIXBasicConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_Destroy
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBasicConstraints_Encode
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_GetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the CA bit is true
- * PR_FALSE if it isn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_GetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_SetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_SetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRBool ca
-);
-
-/*
- * NSSPKIXBasicConstraints_HasPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_HasPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_GetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBasicConstraints_GetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_SetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_SetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 pathLenConstraint
-);
-
-/*
- * NSSPKIXBasicConstraints_RemovePathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_RemovePathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_Equal
-(
- NSSPKIXBasicConstraints *basicConstraints1,
- NSSPKIXBasicConstraints *basicConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Duplicate
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * 1 if the specified value is greater than the pathLenConstraint
- * 0 if the specified value equals the pathLenConstraint
- * -1 if the specified value is less than the pathLenConstraint
- * -2 upon error
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBasicConstraints_CompareToPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 value
-);
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXNameConstraints_Decode
- * NSSPKIXNameConstraints_Create
- * NSSPKIXNameConstraints_Destroy
- * NSSPKIXNameConstraints_Encode
- * NSSPKIXNameConstraints_HasPermittedSubtrees
- * NSSPKIXNameConstraints_GetPermittedSubtrees
- * NSSPKIXNameConstraints_SetPermittedSubtrees
- * NSSPKIXNameConstraints_RemovePermittedSubtrees
- * NSSPKIXNameConstraints_HasExcludedSubtrees
- * NSSPKIXNameConstraints_GetExcludedSubtrees
- * NSSPKIXNameConstraints_SetExcludedSubtrees
- * NSSPKIXNameConstraints_RemoveExcludedSubtrees
- * NSSPKIXNameConstraints_Equal
- * NSSPKIXNameConstraints_Duplicate
- * { and the comparator functions }
- *
- */
-
-/*
- * NSSPKIXNameConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNameConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtrees *permittedSubtrees,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_Destroy
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNameConstraints_Encode
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_HasPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_HasPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_GetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXNameConstraints_GetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_SetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_SetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *permittedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_RemovePermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_RemovePermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_HasExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_HasExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_GetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXNameConstraints_GetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_SetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_SetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_RemoveExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_RemoveExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_Equal
-(
- NSSPKIXNameConstraints *nameConstraints1,
- NSSPKIXNameConstraints *nameConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Duplicate
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * { and the comparator functions }
- *
- */
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralSubtrees_Decode
- * NSSPKIXGeneralSubtrees_Create
- * NSSPKIXGeneralSubtrees_Destroy
- * NSSPKIXGeneralSubtrees_Encode
- * NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
- * NSSPKIXGeneralSubtrees_GetGeneralSubtrees
- * NSSPKIXGeneralSubtrees_SetGeneralSubtrees
- * NSSPKIXGeneralSubtrees_GetGeneralSubtree
- * NSSPKIXGeneralSubtrees_SetGeneralSubtree
- * NSSPKIXGeneralSubtrees_InsertGeneralSubtree
- * NSSPKIXGeneralSubtrees_AppendGeneralSubtree
- * NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
- * NSSPKIXGeneralSubtrees_FindGeneralSubtree
- * NSSPKIXGeneralSubtrees_Equal
- * NSSPKIXGeneralSubtrees_Duplicate
- * { and finders and comparators }
- *
- */
-
-/*
- * NSSPKIXGeneralSubtrees_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtree *generalSubtree1,
- ...
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_Destroy
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralSubtrees_Encode
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralSubtree pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree **
-NSSPKIXGeneralSubtrees_GetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_SetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_SetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtrees_GetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_SetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_SetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_InsertGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_InsertGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_AppendGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_AppendGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i
-);
-
-/*
- * NSSPKIXGeneralSubtrees_FindGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralSubtrees_FindGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtrees_Equal
-(
- NSSPKIXGeneralSubtrees *generalSubtrees1,
- NSSPKIXGeneralSubtrees *generalSubtrees2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Duplicate
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSArena *arenaOpt
-);
-
-/*
- * { and finders and comparators }
- *
- */
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralSubtree_Decode
- * NSSPKIXGeneralSubtree_Create
- * NSSPKIXGeneralSubtree_Destroy
- * NSSPKIXGeneralSubtree_Encode
- * NSSPKIXGeneralSubtree_GetBase
- * NSSPKIXGeneralSubtree_SetBase
- * NSSPKIXGeneralSubtree_GetMinimum
- * NSSPKIXGeneralSubtree_SetMinimum
- * NSSPKIXGeneralSubtree_HasMaximum
- * NSSPKIXGeneralSubtree_GetMaximum
- * NSSPKIXGeneralSubtree_SetMaximum
- * NSSPKIXGeneralSubtree_RemoveMaximum
- * NSSPKIXGeneralSubtree_Equal
- * NSSPKIXGeneralSubtree_Duplicate
- * NSSPKIXGeneralSubtree_DistanceInRange
- * {other tests and comparators}
- *
- */
-
-/*
- * NSSPKIXGeneralSubtree_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralSubtree_Create
- *
- * -- fgmr comments --
- * The optional maximum value may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBaseDistance minimum,
- NSSPKIXBaseDistance maximumOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_Destroy
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralSubtree_Encode
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralSubtree_GetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXGeneralName *base
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-NSSPKIXGeneralSubtree_GetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *minimum
-);
-
-/*
- * NSSPKIXGeneralSubtree_HasMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_HasMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-NSSPKIXGeneralSubtree_GetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *maximum
-);
-
-/*
- * NSSPKIXGeneralSubtree_RemoveMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_RemoveMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_Equal
-(
- NSSPKIXGeneralSubtree *generalSubtree1,
- NSSPKIXGeneralSubtree *generalSubtree2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Duplicate
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_DistanceInRange
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_TRUE if the specified value is within the minimum and maximum
- * base distances
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_DistanceInRange
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance value,
- PRStatus *statusOpt
-);
-
-/*
- * {other tests and comparators}
- *
- */
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXPolicyConstraints_Decode
- * NSSPKIXPolicyConstraints_Create
- * NSSPKIXPolicyConstraints_Destroy
- * NSSPKIXPolicyConstraints_Encode
- * NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_Equal
- * NSSPKIXPolicyConstraints_Duplicate
- *
- */
-
-/*
- * NSSPKIXPolicyConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyConstraints_Create
- *
- * -- fgmr comments --
- * The optional values may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXSkipCerts requireExplicitPolicy,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * NSSPKIXPolicyConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_Destroy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyConstraints_Encode
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts requireExplicitPolicy
-);
-
-/*
- * NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_Equal
-(
- NSSPKIXPolicyConstraints *policyConstraints1,
- NSSPKIXPolicyConstraints *policyConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Duplicate
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- * The public calls for this type:
- *
- * NSSPKIXCRLDistPointsSyntax_Decode
- * NSSPKIXCRLDistPointsSyntax_Create
- * NSSPKIXCRLDistPointsSyntax_Destroy
- * NSSPKIXCRLDistPointsSyntax_Encode
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_Equal
- * NSSPKIXCRLDistPointsSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPoint *distributionPoint1,
- ...
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_Destroy
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCRLDistPointsSyntax_Encode
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXDistributionPoint pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoints **
-NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *distributionPoint[]
- PRInt32 count
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCRLDistPointsSyntax_Equal
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax1,
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Duplicate
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXDistributionPoint_Decode
- * NSSPKIXDistributionPoint_Create
- * NSSPKIXDistributionPoint_Destroy
- * NSSPKIXDistributionPoint_Encode
- * NSSPKIXDistributionPoint_HasDistributionPoint
- * NSSPKIXDistributionPoint_GetDistributionPoint
- * NSSPKIXDistributionPoint_SetDistributionPoint
- * NSSPKIXDistributionPoint_RemoveDistributionPoint
- * NSSPKIXDistributionPoint_HasReasons
- * NSSPKIXDistributionPoint_GetReasons
- * NSSPKIXDistributionPoint_SetReasons
- * NSSPKIXDistributionPoint_RemoveReasons
- * NSSPKIXDistributionPoint_HasCRLIssuer
- * NSSPKIXDistributionPoint_GetCRLIssuer
- * NSSPKIXDistributionPoint_SetCRLIssuer
- * NSSPKIXDistributionPoint_RemoveCRLIssuer
- * NSSPKIXDistributionPoint_Equal
- * NSSPKIXDistributionPoint_Duplicate
- *
- */
-
-/*
- * NSSPKIXDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPoint,
- NSSPKIXReasonFlags reasons,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_Destroy
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDistributionPoint_Encode
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPoint_GetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXDistributionPointName *name
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_HasReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetReasons
- *
- * It is unlikely that the reason flags are all zero; so zero is
- * returned in error situations.
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * A valid nonzero NSSPKIXReasonFlags value upon success
- * A valid zero NSSPKIXReasonFlags if the value is indeed zero
- * Zero upon error
- */
-
-NSS_EXTERN NSSPKIXReasonFlags
-NSSPKIXDistributionPoint_GetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXReasonFlags reasons
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_HasCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXDistributionPoint_GetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_Equal
-(
- NSSPKIXDistributionPoint *distributionPoint1,
- NSSPKIXDistributionPoint *distributionPoint2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Duplicate
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- * The public calls for this type:
- *
- * NSSPKIXDistributionPointName_Decode
- * NSSPKIXDistributionPointName_Create
- * NSSPKIXDistributionPointName_CreateFromFullName
- * NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- * NSSPKIXDistributionPointName_Destroy
- * NSSPKIXDistributionPointName_Encode
- * NSSPKIXDistributionPointName_GetChoice
- * NSSPKIXDistributionPointName_GetFullName
- * NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- * NSSPKIXDistributionPointName_Equal
- * NSSPKIXDistributionPointName_Duplicate
- *
- */
-
-/*
- * NSSPKIXDistributionPointName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDistributionPointName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointNameChoice which,
- void *name
-);
-
-/*
- * NSSPKIXDistributionPointName_CreateFromFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_CreateFromFullName
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNames *fullName
-);
-
-/*
- * NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPointName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPointName_Destroy
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXDistributionPointName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDistributionPointName_Encode
-(
- NSSPKIXDistributionPointName *dpn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * A valid NSSPKIXDistributionPointNameChoice value upon success
- * NSSPKIXDistributionPointNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointNameChoice
-NSSPKIXDistributionPointName_GetChoice
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXDistributionPointName_GetFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralnames *
-NSSPKIXDistributionPointName_GetFullName
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPointName_Equal
-(
- NSSPKIXDistributionPointName *dpn1,
- NSSPKIXDistributionPointName *dpn2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Duplicate
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- * The public calls for this type:
- *
- * NSSPKIXReasonFlags_Decode
- * NSSPKIXReasonFlags_Create
- * NSSPKIXReasonFlags_CreateFromMask
- * NSSPKIXReasonFlags_Destroy
- * NSSPKIXReasonFlags_Encode
- * NSSPKIXReasonFlags_GetMask
- * NSSPKIXReasonFlags_SetMask
- * NSSPKIXReasonFlags_Equal
- * NSSPKIXReasonFlags_Duplicate
- * { bitwise accessors? }
- *
- */
-
-/*
- * NSSPKIXReasonFlags_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXReasonFlags_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Create
-(
- NSSArena *arenaOpt,
- PRBool keyCompromise,
- PRBool cACompromise,
- PRBool affiliationChanged,
- PRBool superseded,
- PRBool cessationOfOperation,
- PRBool certificateHold
-);
-
-/*
- * NSSPKIXReasonFlags_CreateFromMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_CreateFromMask
-(
- NSSArena *arenaOpt,
- NSSPKIXReasonFlagsMask why
-);
-
-/*
- * NSSPKIXReasonFlags_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXReasonFlags_Destroy
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * NSSPKIXReasonFlags_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXReasonFlags_Encode
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXReasonFlags_GetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid mask of NSSPKIXReasonFlagsMask values upon success
- * NSSPKIXReasonFlagsMask_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlagsMask
-NSSPKIXReasonFlags_GetMask
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * NSSPKIXReasonFlags_SetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXReasonFlags_SetMask
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSPKIXReasonFlagsMask mask
-);
-
-/*
- * NSSPKIXReasonFlags_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXReasonFlags_Equal
-(
- NSSPKIXReasonFlags *reasonFlags1,
- NSSPKIXReasonFlags *reasonFlags2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXReasonFlags_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Duplicate
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSArena *arenaOpt
-);
-
-/*
- * { bitwise accessors? }
- *
- */
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * The public calls for this type:
- *
- * NSSPKIXExtKeyUsageSyntax_Decode
- * NSSPKIXExtKeyUsageSyntax_Create
- * NSSPKIXExtKeyUsageSyntax_Destroy
- * NSSPKIXExtKeyUsageSyntax_Encode
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_Equal
- * NSSPKIXExtKeyUsageSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyPurposeId *kpid1,
- ...
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_Destroy
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtKeyUsageSyntax_Encode
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXKeyPurposeId pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId **
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *ids[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyPurposeId upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId *
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified key purpose id upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtKeyUsageSyntax_Equal
-(
- NSSPKIXExtKeyUsageSyntax *eku1,
- NSSPKIXExtKeyUsageSyntax *eku2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Duplicate
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSArena *arenaOpt
-);
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- * The public calls for this type:
- *
- * NSSPKIXAuthorityInfoAccessSyntax_Decode
- * NSSPKIXAuthorityInfoAccessSyntax_Create
- * NSSPKIXAuthorityInfoAccessSyntax_Destroy
- * NSSPKIXAuthorityInfoAccessSyntax_Encode
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_Equal
- * NSSPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAccessDescription *ad1,
- ...
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_Destroy
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAuthorityInfoAccessSyntax_Encode
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAccessDescription pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription **
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityInfoAccessSyntax_Equal
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias1,
- NSSPKIXAuthorityInfoAccessSyntax *aias2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Duplicate
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSArena *arenaOpt
-);
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- * The public calls for this type:
- *
- * NSSPKIXAccessDescription_Decode
- * NSSPKIXAccessDescription_Create
- * NSSPKIXAccessDescription_Destroy
- * NSSPKIXAccessDescription_Encode
- * NSSPKIXAccessDescription_GetAccessMethod
- * NSSPKIXAccessDescription_SetAccessMethod
- * NSSPKIXAccessDescription_GetAccessLocation
- * NSSPKIXAccessDescription_SetAccessLocation
- * NSSPKIXAccessDescription_Equal
- * NSSPKIXAccessDescription_Duplicate
- *
- */
-
-/*
- * NSSPKIXAccessDescription_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAccessDescription_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Create
-(
- NSSArena *arenaOpt,
- NSSOID *accessMethod,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * NSSPKIXAccessDescription_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_Destroy
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAccessDescription_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAccessDescription_Encode
-(
- NSSPKIXAccessDescription *ad,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAccessDescription_GetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAccessDescription_GetAccessMethod
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAccessDescription_SetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_SetAccessMethod
-(
- NSSPKIXAccessDescription *ad,
- NSSOID *accessMethod
-);
-
-/*
- * NSSPKIXAccessDescription_GetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXAccessDescription_GetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAccessDescription_SetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_SetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * NSSPKIXAccessDescription_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAccessDescription_Equal
-(
- NSSPKIXAccessDescription *ad1,
- NSSPKIXAccessDescription *ad2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAccessDescription_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Duplicate
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- * The public calls for this type:
- *
- * NSSPKIXIssuingDistributionPoint_Decode
- * NSSPKIXIssuingDistributionPoint_Create
- * NSSPKIXIssuingDistributionPoint_Destroy
- * NSSPKIXIssuingDistributionPoint_Encode
- * NSSPKIXIssuingDistributionPoint_HasDistributionPoint
- * NSSPKIXIssuingDistributionPoint_GetDistributionPoint
- * NSSPKIXIssuingDistributionPoint_SetDistributionPoint
- * NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- * NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_GetIndirectCRL
- * NSSPKIXIssuingDistributionPoint_SetIndirectCRL
- * NSSPKIXIssuingDistributionPoint_Equal
- * NSSPKIXIssuingDistributionPoint_Duplicate
- *
- */
-
-/*
- * NSSPKIXIssuingDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPointOpt,
- PRBool onlyContainsUserCerts,
- PRBool onlyContainsCACerts,
- NSSPKIXReasonFlags *onlySomeReasons
- PRBool indirectCRL
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_Destroy
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXIssuingDistributionPoint_Encode
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_HasDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXIssuingDistributionPoint_GetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsUserCerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsUserCerts
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsCACerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsCACerts
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXReasonFlags *onlySomeReasons
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the indirectCRL value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool indirectCRL
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_Equal
-(
- NSSPKIXIssuingDistributionPoint *idp1,
- NSSPKIXIssuingDistributionPoint *idp2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Duplicate
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIX_H */
diff --git a/security/nss/lib/pkix/include/nsspkixt.h b/security/nss/lib/pkix/include/nsspkixt.h
deleted file mode 100644
index ea35269ff..000000000
--- a/security/nss/lib/pkix/include/nsspkixt.h
+++ /dev/null
@@ -1,2281 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIXT_H
-#define NSSPKIXT_H
-
-#ifdef DEBUG
-static const char NSSPKIXT_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkixt.h
- *
- * This file contains the public type definitions for the PKIX part-1
- * objects. The contents are strongly based on the types defined in
- * RFC 2459 {fgmr: and others, e.g., s/mime?}. The type names have
- * been prefixed with "NSSPKIX."
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A Note About Strings
- *
- * RFC 2459 refers to several types of strings, including UniversalString,
- * BMPString, UTF8String, TeletexString, PrintableString, IA5String, and
- * more. As with the rest of the NSS libraries, all strings are converted
- * to UTF8 form as soon as possible, and dealt with in that form from
- * then on.
- *
- */
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- */
-
-struct NSSPKIXAttributeStr;
-typedef struct NSSPKIXAttributeStr NSSPKIXAttribute;
-
-/*
- * AttributeType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AttributeType ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXAttributeType;
-
-/*
- * AttributeValue
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AttributeValue ::= ANY
- *
- */
-
-typedef NSSItem NSSPKIXAttributeValue;
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNamess consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- */
-
-struct NSSPKIXAttributeTypeAndValueStr;
-typedef struct NSSPKIXAttributeTypeAndValueStr NSSPKIXAttributeTypeAndValue;
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- */
-
-struct NSSPKIXX520NameStr;
-typedef struct NSSPKIXX520NameStr NSSPKIXX520Name;
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- */
-
-struct NSSPKIXX520CommonNameStr;
-typedef struct NSSPKIXX520CommonNameStr NSSPKIXX520CommonName;
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520LocalityName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-locality-name)),
- * printableString PrintableString (SIZE (1..ub-locality-name)),
- * universalString UniversalString (SIZE (1..ub-locality-name)),
- * utf8String UTF8String (SIZE (1..ub-locality-name)),
- * bmpString BMPString (SIZE(1..ub-locality-name)) }
- *
- */
-
-struct NSSPKIXX520LocalityNameStr;
-typedef struct NSSPKIXX520LocalityNameStr NSSPKIXX520LocalityName;
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520StateOrProvinceName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-state-name)),
- * printableString PrintableString (SIZE (1..ub-state-name)),
- * universalString UniversalString (SIZE (1..ub-state-name)),
- * utf8String UTF8String (SIZE (1..ub-state-name)),
- * bmpString BMPString (SIZE(1..ub-state-name)) }
- *
- */
-
-struct NSSPKIXX520StateOrProvinceNameStr;
-typedef struct NSSPKIXX520StateOrProvinceNameStr NSSPKIXX520StateOrProvinceName;
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organization-name)),
- * printableString PrintableString (SIZE (1..ub-organization-name)),
- * universalString UniversalString (SIZE (1..ub-organization-name)),
- * utf8String UTF8String (SIZE (1..ub-organization-name)),
- * bmpString BMPString (SIZE(1..ub-organization-name)) }
- *
- */
-
-struct NSSPKIXX520OrganizationNameStr;
-typedef struct NSSPKIXX520OrganizationNameStr NSSPKIXX520OrganizationName;
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationalUnitName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
- * printableString PrintableString
- * (SIZE (1..ub-organizational-unit-name)),
- * universalString UniversalString
- * (SIZE (1..ub-organizational-unit-name)),
- * utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
- * bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
- *
- */
-
-struct NSSPKIXX520OrganizationalUnitNameStr;
-typedef struct NSSPKIXX520OrganizationalUnitNameStr NSSPKIXX520OrganizationalUnitName;
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520Title ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-title)),
- * printableString PrintableString (SIZE (1..ub-title)),
- * universalString UniversalString (SIZE (1..ub-title)),
- * utf8String UTF8String (SIZE (1..ub-title)),
- * bmpString BMPString (SIZE(1..ub-title)) }
- *
- */
-
-struct NSSPKIXX520TitleStr;
-typedef struct NSSPKIXX520TitleStr NSSPKIXX520Title;
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520dnQualifier ::= PrintableString
- *
- */
-
-struct NSSPKIXX520dnQualifierStr;
-typedef struct NSSPKIXX520dnQualifierStr NSSPKIXX520dnQualifier;
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
- *
- */
-
-struct NSSPKIXX520countryNameStr;
-typedef struct NSSPKIXX520countryNameStr NSSPKIXX520countryName;
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- */
-
-struct NSSPKIXPkcs9emailStr;
-typedef struct NSSPKIXPkcs9emailStr NSSPKIXPkcs9email;
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- */
-
-struct NSSPKIXNameStr;
-typedef struct NSSPKIXNameStr NSSPKIXName;
-
-/*
- * NameChoice
- *
- * This enumeration is used to specify choice within a name.
- */
-
-enum NSSPKIXNameChoiceEnum {
- NSSPKIXNameChoice_NSSinvalid = -1,
- NSSPKIXNameChoice_rdnSequence
-};
-typedef enum NSSPKIXNameChoiceEnum NSSPKIXNameChoice;
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- */
-
-struct NSSPKIXRDNSequenceStr;
-typedef struct NSSPKIXRDNSequenceStr NSSPKIXRDNSequence;
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistinguishedName ::= RDNSequence
- *
- */
-
-typedef NSSPKIXRDNSequence NSSPKIXDistinguishedName;
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- */
-
-struct NSSPKIXRelativeDistinguishedNameStr;
-typedef struct NSSPKIXRelativeDistinguishedNameStr NSSPKIXRelativeDistinguishedName;
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DirectoryString ::= CHOICE {
- * teletexString TeletexString (SIZE (1..MAX)),
- * printableString PrintableString (SIZE (1..MAX)),
- * universalString UniversalString (SIZE (1..MAX)),
- * utf8String UTF8String (SIZE (1..MAX)),
- * bmpString BMPString (SIZE(1..MAX)) }
- *
- */
-
-struct NSSPKIXDirectoryStringStr;
-typedef struct NSSPKIXDirectoryStringStr NSSPKIXDirectoryString;
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateStr;
-typedef struct NSSPKIXCertificateStr NSSPKIXCertificate;
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- */
-
-struct NSSPKIXTBSCertificateStr;
-typedef struct NSSPKIXTBSCertificateStr NSSPKIXTBSCertificate;
-
-/*
- * Version
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Version ::= INTEGER { v1(0), v2(1), v3(2) }
- *
- */
-
-enum NSSPKIXVersionEnum {
- NSSPKIXVersion_NSSinvalid = -1,
- NSSPKIXVersion_v1 = 0,
- NSSPKIXVersion_v2 = 1,
- NSSPKIXVersion_v3 = 2
-};
-typedef enum NSSPKIXVersionEnum NSSPKIXVersion;
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateSerialNumber ::= INTEGER
- *
- */
-
-typedef NSSBER NSSPKIXCertificateSerialNumber;
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- */
-
-struct NSSPKIXValidityStr;
-typedef struct NSSPKIXValidityStr NSSPKIXValidity;
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- */
-
-struct NSSPKIXTimeStr;
-typedef struct NSSPKIXTimeStr NSSPKIXTime;
-
-/*
- * UniqueIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UniqueIdentifier ::= BIT STRING
- *
- */
-
-typedef NSSBitString NSSPKIXUniqueIdentifier;
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- */
-
-struct NSSPKIXSubjectPublicKeyInfoStr;
-typedef NSSPKIXSubjectPublicKeyInfoStr NSSPKIXSubjectPublicKeyInfo;
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-struct NSSPKIXExtensionsStr;
-typedef struct NSSPKIXExtensionsStr NSSPKIXExtensions;
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-struct NSSPKIXExtensionStr;
-typedef struct NSSPKIXExtensionStr NSSPKIXExtension;
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateListStr;
-typedef struct NSSPKIXCertificateListStr NSSPKIXCertificateList;
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- */
-
-struct NSSPKIXTBSCertListStr;
-typedef struct NSSPKIXTBSCertListStr NSSPKIXTBSCertList;
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificatesStr;
-typedef struct NSSPKIXrevokedCertificatesStr NSSPKIXrevokedCertificates;
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificateStr;
-typedef struct NSSPKIXrevokedCertificateStr NSSPKIXrevokedCertificate;
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- *
- */
-
-struct NSSPKIXAlgorithmIdentifierStr;
-typedef NSSPKIXAlgorithmIdentifierStr NSSPKIXAlgorithmIdentifier;
-
-/*
- * -- types related to NSSPKIXAlgorithmIdentifiers:
- *
- * Dss-Sig-Value ::= SEQUENCE {
- * r INTEGER,
- * s INTEGER }
- *
- * DomainParameters ::= SEQUENCE {
- * p INTEGER, -- odd prime, p=jq +1
- * g INTEGER, -- generator, g
- * q INTEGER, -- factor of p-1
- * j INTEGER OPTIONAL, -- subgroup factor, j>= 2
- * validationParms ValidationParms OPTIONAL }
- *
- * ValidationParms ::= SEQUENCE {
- * seed BIT STRING,
- * pgenCounter INTEGER }
- *
- * Dss-Parms ::= SEQUENCE {
- * p INTEGER,
- * q INTEGER,
- * g INTEGER }
- *
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- */
-
-struct NSSPKIXORAddressStr;
-typedef struct NSSPKIXORAddressStr NSSPKIXORAddress;
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- */
-
-struct NSSPKIXBuiltInStandardAttributesStr;
-typedef struct NSSPKIXBuiltInStandardAttributesStr NSSPKIXBuiltInStandardAttributes;
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CountryName ::= [APPLICATION 1] CHOICE {
- * x121-dcc-code NumericString
- * (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- */
-
-struct NSSPKIXCountryNameStr;
-typedef struct NSSPKIXCountryNameStr NSSPKIXCountryName;
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- * numeric NumericString (SIZE (0..ub-domain-name-length)),
- * printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- */
-
-struct NSSPKIXAdministrationDomainNameStr;
-typedef struct NSSPKIXAdministrationDomainNameStr NSSPKIXAdministrationDomainName;
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- */
-
-struct NSSPKIXX121AddressStr;
-typedef struct NSSPKIXX121AddressStr NSSPKIXX121Address;
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NetworkAddress ::= X121Address -- see also extended-network-address
- *
- */
-
-struct NSSPKIXNetworkAddressStr;
-typedef struct NSSPKIXNetworkAddressStr NSSPKIXNetworkAddress;
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- */
-
-struct NSSPKIXTerminalIdentifierStr;
-typedef struct NSSPKIXTerminalIdentifierStr NSSPKIXTerminalIdentifier;
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments --
- *
- * PrivateDomainName ::= CHOICE {
- * numeric NumericString (SIZE (1..ub-domain-name-length)),
- * printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- */
-
-struct NSSPKIXPrivateDomainNameStr;
-typedef struct NSSPKIXPrivateDomainNameStr NSSPKIXPrivateDomainName;
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- * OrganizationName ::= PrintableString
- * (SIZE (1..ub-organization-name-length))
- *
- */
-
-struct NSSPKIXOrganizationNameStr;
-typedef struct NSSPKIXOrganizationNameStr NSSPKIXOrganizationName;
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NumericUserIdentifier ::= NumericString
- * (SIZE (1..ub-numeric-user-id-length))
- *
- */
-
-struct NSSPKIXNumericUserIdentifierStr;
-typedef struct NSSPKIXNumericUserIdentifierStr NSSPKIXNumericUserIdentifier;
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPersonalNameStr;
-typedef NSSPKIXPersonalNameStr NSSPKIXPersonalName;
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- */
-
-struct NSSPKIXOrganizationalUnitNamesStr;
-typedef NSSPKIXOrganizationalUnitNamesStr NSSPKIXOrganizationalUnitNames;
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitName ::= PrintableString (SIZE
- * (1..ub-organizational-unit-name-length))
- *
- */
-
-struct NSSPKIXOrganizationalUnitNameStr;
-typedef struct NSSPKIXOrganizationalUnitNameStr NSSPKIXOrganizationalUnitName;
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributesStr;
-typedef struct NSSPKIXBuiltInDomainDefinedAttributesStr NSSPKIXBuiltInDomainDefinedAttributes;
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributeStr;
-typedef struct NSSPKIXBuiltInDomainDefinedAttributeStr NSSPKIXBuiltInDomainDefinedAttribute;
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- */
-
-struct NSSPKIXExtensionAttributesStr;
-typedef struct NSSPKIXExtensionAttributesStr NSSPKIXExtensionAttributes;
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- */
-
-struct NSSPKIXExtensionAttributeStr;
-typedef struct NSSPKIXExtensionAttributeStr NSSPKIXExtensionAttribute;
-
-/*
- * ExtensionAttributeType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * common-name INTEGER ::= 1
- * teletex-common-name INTEGER ::= 2
- * teletex-organization-name INTEGER ::= 3
- * teletex-personal-name INTEGER ::= 4
- * teletex-organizational-unit-names INTEGER ::= 5
- * teletex-domain-defined-attributes INTEGER ::= 6
- * pds-name INTEGER ::= 7
- * physical-delivery-country-name INTEGER ::= 8
- * postal-code INTEGER ::= 9
- * physical-delivery-office-name INTEGER ::= 10
- * physical-delivery-office-number INTEGER ::= 11
- * extension-OR-address-components INTEGER ::= 12
- * physical-delivery-personal-name INTEGER ::= 13
- * physical-delivery-organization-name INTEGER ::= 14
- * extension-physical-delivery-address-components INTEGER ::= 15
- * unformatted-postal-address INTEGER ::= 16
- * street-address INTEGER ::= 17
- * post-office-box-address INTEGER ::= 18
- * poste-restante-address INTEGER ::= 19
- * unique-postal-name INTEGER ::= 20
- * local-postal-attributes INTEGER ::= 21
- * extended-network-address INTEGER ::= 22
- * terminal-type INTEGER ::= 23
- *
- */
-
-enum NSSPKIXExtensionAttributeTypeEnum {
- NSSPKIXExtensionAttributeType_NSSinvalid = -1,
- NSSPKIXExtensionAttributeType_CommonName = 1,
- NSSPKIXExtensionAttributeType_TeletexCommonName = 2,
- NSSPKIXExtensionAttributeType_TeletexOrganizationName = 3,
- NSSPKIXExtensionAttributeType_TeletexPersonalName = 4,
- NSSPKIXExtensionAttributeType_TeletexOrganizationalUnitNames = 5,
- NSSPKIXExtensionAttributeType_TeletexDomainDefinedAttributes = 6,
- NSSPKIXExtensionAttributeType_PdsName = 7,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryCountryName = 8,
- NSSPKIXExtensionAttributeType_PostalCode = 9,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryOfficeName = 10,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryOfficeNumber = 11,
- NSSPKIXExtensionAttributeType_ExtensionOrAddressComponents = 12,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryPersonalName = 13,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryOrganizationName = 14,
- NSSPKIXExtensionAttributeType_ExtensionPhysicalDeliveryAddressComponents = 15,
- NSSPKIXExtensionAttributeType_UnformattedPostalAddress = 16,
- NSSPKIXExtensionAttributeType_StreetAddress = 17,
- NSSPKIXExtensionAttributeType_PostOfficeBoxAddress = 18,
- NSSPKIXExtensionAttributeType_PosteRestanteAddress = 19,
- NSSPKIXExtensionAttributeType_UniquePostalName = 20,
- NSSPKIXExtensionAttributeType_LocalPostalAttributes = 21,
- NSSPKIXExtensionAttributeType_ExtendedNetworkAddress = 22,
- NSSPKIXExtensionAttributeType_TerminalType = 23
-};
-typedef enum NSSPKIXExtensionAttributeTypeEnum NSSPKIXExtensionAttributeType;
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- */
-
-struct NSSPKIXCommonNameStr;
-typedef struct NSSPKIXCommonNameStr NSSPKIXCommonName;
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- */
-
-struct NSSPKIXTeletexCommonNameStr;
-typedef struct NSSPKIXTeletexCommonNameStr NSSPKIXTeletexCommonName;
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationName ::=
- * TeletexString (SIZE (1..ub-organization-name-length))
- *
- */
-
-struct NSSPKIXTeletexOrganizationNameStr;
-typedef struct NSSPKIXTeletexOrganizationNameStr NSSPKIXTeletexOrganizationName;
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXTeletexPersonalNameStr;
-typedef struct NSSPKIXTeletexPersonalNameStr NSSPKIXTeletexPersonalName;
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNamesStr;
-typedef struct NSSPKIXTeletexOrganizationalUnitNamesStr NSSPKIXTeletexOrganizationalUnitNames;
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitName ::= TeletexString
- * (SIZE (1..ub-organizational-unit-name-length))
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNameStr;
-typedef struct NSSPKIXTeletexOrganizationalUnitNameStr NSSPKIXTeletexOrganizationalUnitName;
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- */
-
-struct NSSPKIXPDSNameStr;
-typedef struct NSSPKIXPDSNameStr NSSPKIXPDSName;
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryCountryName ::= CHOICE {
- * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- */
-
-struct NSSPKIXPhysicalDeliveryCountryNameStr;
-typedef struct NSSPKIXPhysicalDeliveryCountryNameStr NSSPKIXPhysicalDeliveryCountryName;
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostalCode ::= CHOICE {
- * numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- * printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- */
-
-struct NSSPKIXPostalCodeStr;
-typedef struct NSSPKIXPostalCodeStr NSSPKIXPostalCode;
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPDSParameterStr;
-typedef struct NSSPKIXPDSParameterStr NSSPKIXPDSParameter;
-
-/*
- * PhysicalDeliveryOfficeName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryOfficeName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOfficeName;
-
-/*
- * PhysicalDeliveryOfficeNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryOfficeNumber ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOfficeNumber;
-
-/*
- * ExtensionORAddressComponents
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionORAddressComponents ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXExtensionORAddressComponents;
-
-/*
- * PhysicalDeliveryPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryPersonalName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryPersonalName;
-
-/*
- * PhysicalDeliveryOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryOrganizationName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOrganizationName;
-
-/*
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXExtensionPhysicalDeliveryAddressComponents;
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXUnformattedPostalAddressStr;
-typedef struct NSSPKIXUnformattedPostalAddressStr NSSPKIXUnformattedPostalAddress;
-
-/*
- * StreetAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * StreetAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXStreetAddress;
-
-/*
- * PostOfficeBoxAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostOfficeBoxAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPostOfficeBoxAddress;
-
-/*
- * PosteRestanteAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PosteRestanteAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPosteRestanteAddress;
-
-/*
- * UniquePostalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UniquePostalName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXUniquePostalName;
-
-/*
- * LocalPostalAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * LocalPostalAttributes ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXLocalPostalAttributes;
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- */
-
-struct NSSPKIXExtendedNetworkAddressStr;
-typedef struct NSSPKIXExtendedNetworkAddressStr NSSPKIXExtendedNetworkAddress;
-
-/*
- * NSSPKIXExtendedNetworkAddressChoice
- *
- * Helper enumeration for ExtendedNetworkAddress
- * -- fgmr comments --
- *
- */
-
-enum NSSPKIXExtendedNetworkAddressEnum {
- NSSPKIXExtendedNetworkAddress_NSSinvalid = -1,
- NSSPKIXExtendedNetworkAddress_e1634Address,
- NSSPKIXExtendedNetworkAddress_psapAddress
-};
-typedef enum NSSPKIXExtendedNetworkAddressEnum NSSPKIXExtendedNetworkAddressChoice;
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- */
-
-struct NSSe1634addressStr;
-typedef struct NSSe1634addressStr NSSe1634address;
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- */
-
-struct NSSPKIXPresentationAddressStr;
-typedef struct NSSPKIXPresentationAddressStr NSSPKIXPresentationAddress;
-
-/*
- * TerminalType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalType ::= INTEGER {
- * telex (3),
- * teletex (4),
- * g3-facsimile (5),
- * g4-facsimile (6),
- * ia5-terminal (7),
- * videotex (8) } (0..ub-integer-options)
- *
- */
-
-enum NSSPKIXTerminalTypeEnum {
- NSSPKIXTerminalType_NSSinvalid = -1,
- NSSPKIXTerminalType_telex = 3,
- NSSPKIXTerminalType_teletex = 4,
- NSSPKIXTerminalType_g3Facsimile = 5,
- NSSPKIXTerminalType_g4Facsimile = 6,
- NSSPKIXTerminalType_iA5Terminal = 7,
- NSSPKIXTerminalType_videotex = 8
-};
-typedef enum NSSPKIXTerminalTypeEnum NSSPKIXTerminalType;
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributesStr;
-typedef struct NSSPKIXTeletexDomainDefinedAttributesStr NSSPKIXTeletexDomainDefinedAttributes;
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributeStr;
-typedef struct NSSPKIXTeletexDomainDefinedAttributeStr NSSPKIXTeletexDomainDefinedAttribute;
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- */
-
-struct NSSPKIXAuthorityKeyIdentifierStr;
-typedef struct NSSPKIXAuthorityKeyIdentifierStr NSSPKIXAuthorityKeyIdentifier;
-
-/*
- * KeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyIdentifier ::= OCTET STRING
- *
- */
-
-typedef NSSItem NSSPKIXKeyIdentifier;
-
-/*
- * SubjectKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectKeyIdentifier ::= KeyIdentifier
- *
- */
-
-typedef NSSPKIXKeyIdentifier NSSPKIXSubjectKeyIdentifier;
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- */
-
-struct NSSPKIXKeyUsageStr;
-typedef struct NSSPKIXKeyUsageStr NSSPKIXKeyUsage;
-
-/*
- * KeyUsageValue
- *
- * -- helper for testing many key usages at once
- *
- */
-
-enum NSSPKIXKeyUsageValueEnum {
- NSSPKIXKeyUsage_NSSinvalid = 0,
- NSSPKIXKeyUsage_DigitalSignature = 0x001,
- NSSPKIXKeyUsage_NonRepudiation = 0x002,
- NSSPKIXKeyUsage_KeyEncipherment = 0x004,
- NSSPKIXKeyUsage_DataEncipherment = 0x008,
- NSSPKIXKeyUsage_KeyAgreement = 0x010,
- NSSPKIXKeyUsage_KeyCertSign = 0x020,
- NSSPKIXKeyUsage_CRLSign = 0x040,
- NSSPKIXKeyUsage_EncipherOnly = 0x080,
- NSSPKIXKeyUsage_DecipherOnly = 0x100
-};
-typedef enum NSSPKIXKeyUsageValueEnum NSSPKIXKeyUsageValue;
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- */
-
-struct NSSPKIXPrivateKeyUsagePeriodStr;
-typedef struct NSSPKIXPrivateKeyUsagePeriodStr NSSPKIXPrivateKeyUsagePeriod;
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- */
-
-struct NSSPKIXCertificatePoliciesStr;
-typedef struct NSSPKIXCertificatePoliciesStr NSSPKIXCertificatePolicies;
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyInformationStr;
-typedef struct NSSPKIXPolicyInformationStr NSSPKIXPolicyInformation;
-
-/*
- * CertPolicyId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertPolicyId ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXCertPolicyId;
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- */
-
-struct NSSPKIXPolicyQualifierInfoStr;
-typedef NSSPKIXPolicyQualifierInfoStr NSSPKIXPolicyQualifierInfo;
-
-/*
- * PolicyQualifierId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierId ::=
- * OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
- *
- */
-
-typedef NSSOID NSSPKIXPolicyQualifierId;
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CPSuri ::= IA5String
- *
- */
-
-struct NSSPKIXCPSuriStr;
-typedef struct NSSPKIXCPSuriStr NSSPKIXCPSuri;
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- */
-
-struct NSSPKIXUserNoticeStr;
-typedef struct NSSPKIXUserNoticeStr NSSPKIXUserNotice;
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- */
-
-struct NSSPKIXNoticeReferenceStr;
-typedef struct NSSPKIXNoticeReferenceStr NSSPKIXNoticeReference;
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DisplayText ::= CHOICE {
- * visibleString VisibleString (SIZE (1..200)),
- * bmpString BMPString (SIZE (1..200)),
- * utf8String UTF8String (SIZE (1..200)) }
- *
- */
-
-struct NSSPKIXDisplayTextStr;
-typedef struct NSSPKIXDisplayTextStr NSSPKIXDisplayText;
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXPolicyMappingsStr;
-typedef struct NSSPKIXPolicyMappingsStr NSSPKIXPolicyMappings;
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXpolicyMappingStr;
-typedef struct NSSPKIXpolicyMappingStr NSSPKIXpolicyMapping;
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- */
-
-struct NSSPKIXGeneralNameStr;
-typedef struct NSSPKIXGeneralNameStr NSSPKIXGeneralName;
-
-/*
- * GeneralNameChoice
- *
- * This enumerates the possible general name types.
- */
-
-enum NSSPKIXGeneralNameChoiceEnum {
- NSSPKIXGeneralNameChoice_NSSinvalid = -1,
- NSSPKIXGeneralNameChoice_otherName = 0,
- NSSPKIXGeneralNameChoice_rfc822Name = 1,
- NSSPKIXGeneralNameChoice_dNSName = 2,
- NSSPKIXGeneralNameChoice_x400Address = 3,
- NSSPKIXGeneralNameChoice_directoryName = 4,
- NSSPKIXGeneralNameChoice_ediPartyName = 5,
- NSSPKIXGeneralNameChoice_uniformResourceIdentifier = 6,
- NSSPKIXGeneralNameChoice_iPAddress = 7,
- NSSPKIXGeneralNameChoice_registeredID = 8
-};
-typedef enum NSSPKIXGeneralNameChoiceEnum NSSPKIXGeneralNameChoice;
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- */
-
-struct NSSPKIXGeneralNamesStr;
-typedef struct NSSPKIXGeneralNamesStr NSSPKIXGeneralNames;
-
-/*
- * SubjectAltName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectAltName ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXSubjectAltName;
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */
-
-struct NSSPKIXAnotherNameStr;
-typedef struct NSSPKIXAnotherNameStr NSSPKIXAnotherName;
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- */
-
-struct NSSPKIXEDIPartyNameStr;
-typedef struct NSSPKIXEDIPartyNameStr NSSPKIXEDIPartyName;
-
-/*
- * IssuerAltName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuerAltName ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXIssuerAltName;
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- */
-
-struct NSSPKIXSubjectDirectoryAttributesStr;
-typedef struct NSSPKIXSubjectDirectoryAttributesStr NSSPKIXSubjectDirectoryAttributes;
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- */
-
-struct NSSPKIXBasicConstraintsStr;
-typedef struct NSSPKIXBasicConstraintsStr NSSPKIXBasicConstraints;
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- */
-
-struct NSSPKIXNameConstraintsStr;
-typedef struct NSSPKIXNameConstraintsStr NSSPKIXNameConstraints;
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- */
-
-struct NSSPKIXGeneralSubtreesStr;
-typedef struct NSSPKIXGeneralSubtreesStr NSSPKIXGeneralSubtrees;
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- */
-
-struct NSSPKIXGeneralSubtreeStr;
-typedef struct NSSPKIXGeneralSubtreeStr NSSPKIXGeneralSubtree;
-
-/*
- * BaseDistance
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BaseDistance ::= INTEGER (0..MAX)
- *
- */
-
-typedef PRInt32 NSSPKIXBaseDistance;
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyConstraintsStr;
-typedef NSSPKIXPolicyConstraintsStr NSSPKIXPolicyConstraints;
-
-/*
- * SkipCerts
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SkipCerts ::= INTEGER (0..MAX)
- *
- */
-
-typedef NSSItem NSSPKIXSkipCerts;
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- */
-
-struct NSSPKIXCRLDistPointsSyntaxStr;
-typedef struct NSSPKIXCRLDistPointsSyntaxStr NSSPKIXCRLDistPointsSyntax;
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- */
-
-struct NSSPKIXDistributionPointStr;
-typedef struct NSSPKIXDistributionPointStr NSSPKIXDistributionPoint;
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- */
-
-struct NSSPKIXDistributionPointNameStr;
-typedef struct NSSPKIXDistributionPointNameStr NSSPKIXDistributionPointName;
-
-/*
- * DistributionPointNameChoice
- *
- * -- fgmr comments --
- *
- */
-
-enum NSSPKIXDistributionPointNameChoiceEnum {
- NSSDistributionPointNameChoice_NSSinvalid = -1,
- NSSDistributionPointNameChoice_FullName = 0,
- NSSDistributionPointNameChoice_NameRelativeToCRLIssuer = 1
-};
-typedef enum NSSPKIXDistributionPointNameChoiceEnum NSSPKIXDistributionPointNameChoice;
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- */
-
-struct NSSPKIXReasonFlagsStr;
-typedef struct NSSPKIXReasonFlagsStr NSSPKIXReasonFlags;
-
-/*
- * ReasonFlagsMask
- *
- * -- fgmr comments --
- *
- */
-
-typedef PRInt32 NSSPKIXReasonFlagsMask;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_NSSinvalid = -1;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_KeyCompromise = 0x02;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CACompromise = 0x04;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_AffiliationChanged = 0x08;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_Superseded = 0x10;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CessationOfOperation= 0x20;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CertificateHold = 0x40;
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- */
-
-struct NSSPKIXExtKeyUsageSyntaxStr;
-typedef struct NSSPKIXExtKeyUsageSyntaxStr NSSPKIXExtKeyUsageSyntax;
-
-/*
- * KeyPurposeId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyPurposeId ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXKeyPurposeId;
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- */
-
-struct NSSPKIXAuthorityInfoAccessSyntaxStr;
-typedef struct NSSPKIXAuthorityInfoAccessSyntaxStr NSSPKIXAuthorityInfoAccessSyntax;
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- */
-
-struct NSSPKIXAccessDescriptionStr;
-typedef struct NSSPKIXAccessDescriptionStr NSSPKIXAccessDescription;
-
-/*
- * CRLNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLNumber ::= INTEGER (0..MAX)
- *
- */
-
-typedef NSSItem NSSPKIXCRLNumber;
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- */
-
-struct NSSPKIXIssuingDistributionPointStr;
-typedef struct NSSPKIXIssuingDistributionPointStr NSSPKIXIssuingDistributionPoint;
-
-/*
- * BaseCRLNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BaseCRLNumber ::= CRLNumber
- *
- */
-
-typedef NSSPKIXCRLNumber NSSPKIXBaseCRLNumber;
-
-/*
- * CRLReason
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLReason ::= ENUMERATED {
- * unspecified (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6),
- * removeFromCRL (8) }
- *
- */
-
-enum NSSPKIXCRLReasonEnum {
- NSSPKIXCRLReasonEnum_NSSinvalid = -1,
- NSSPKIXCRLReasonEnum_unspecified = 0,
- NSSPKIXCRLReasonEnum_keyCompromise = 1,
- NSSPKIXCRLReasonEnum_cACompromise = 2,
- NSSPKIXCRLReasonEnum_affiliationChanged = 3,
- NSSPKIXCRLReasonEnum_superseded = 4,
- NSSPKIXCRLReasonEnum_cessationOfOperation = 5,
- NSSPKIXCRLReasonEnum_certificateHold = 6,
- NSSPKIXCRLReasonEnum_removeFromCRL = 8
-};
-typedef enum NSSPKIXCRLReasonEnum NSSPKIXCRLReason;
-
-/*
- * CertificateIssuer
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateIssuer ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXCertificateIssuer;
-
-/*
- * HoldInstructionCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * HoldInstructionCode ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXHoldInstructionCode;
-
-/*
- * InvalidityDate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * InvalidityDate ::= GeneralizedTime
- *
- */
-
-typedef PRTime NSSPKIXInvalidityDate;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIXT_H */
diff --git a/security/nss/lib/pkix/include/pkix.h b/security/nss/lib/pkix/include/pkix.h
deleted file mode 100644
index 8ebe95595..000000000
--- a/security/nss/lib/pkix/include/pkix.h
+++ /dev/null
@@ -1,26086 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIX_H
-#define PKIX_H
-
-#ifdef DEBUG
-static const char PKIX_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkix.h
- *
- * This file contains the prototypes for the private methods defined
- * for the PKIX part-1 objects.
- */
-
-#ifndef NSSPKIX_H
-#include "nsspkix.h"
-#endif /* NSSPKIX_H */
-
-#ifndef PKIXT_H
-#include "pkixt.h"
-#endif /* PKIXT_H */
-
-#ifndef ASN1T_H
-#include "asn1t.h"
-#endif /* ASN1T_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- * The private calls for the type:
- *
- * nssPKIXAttribute_Decode
- * nssPKIXAttribute_Create
- * nssPKIXAttribute_CreateFromArray
- * nssPKIXAttribute_Destroy
- * nssPKIXAttribute_Encode
- * nssPKIXAttribute_GetType
- * nssPKIXAttribute_SetType
- * nssPKIXAttribute_GetValueCount
- * nssPKIXAttribute_GetValues
- * nssPKIXAttribute_SetValues
- * nssPKIXAttribute_GetValue
- * nssPKIXAttribute_SetValue
- * nssPKIXAttribute_AddValue
- * nssPKIXAttribute_RemoveValue
- * nssPKIXAttribute_FindValue
- * nssPKIXAttribute_Equal
- * nssPKIXAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAttribute_verifyPointer
- */
-
-/*
- * nssPKIXAttribute_template
- *
- *
- */
-
-extern const nssASN1Template nssPKIXAttribute_template[];
-
-/*
- * nssPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-);
-
-/*
- * nssPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-);
-
-/*
- * nssPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_Encode
- *
- * This routine returns the BER encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttribute_Encode
-(
- NSSPKIXAttribute *attribute,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-nssPKIXAttribute_GetType
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetType
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * nssPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-);
-
-/*
- * nssPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i
-);
-
-/*
- * nssPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *attributeValue
-);
-
-/*
- * nssPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_verifyPointer
-(
- NSSPKIXAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNames consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- * The private calls for the type:
- *
- * nssPKIXAttributeTypeAndValue_Decode
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- * nssPKIXAttributeTypeAndValue_Create
- * nssPKIXAttributeTypeAndValue_Destroy
- * nssPKIXAttributeTypeAndValue_Encode
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- * nssPKIXAttributeTypeAndValue_GetType
- * nssPKIXAttributeTypeAndValue_SetType
- * nssPKIXAttributeTypeAndValue_GetValue
- * nssPKIXAttributeTypeAndValue_SetValue
- * nssPKIXAttributeTypeAndValue_Equal
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAttributeTypeAndValue_verifyPointer
- */
-
-/*
- * nssPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-nssPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAttributeTypeAndValue_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttributeTypeAndValue
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE_TYPE_AND_VALUE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_verifyPointer
-(
- NSSPKIXAttributeTypeAndValue *p
-);
-#endif /* DEBUG */
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- *
- * ub-name INTEGER ::= 32768
- *
- * The private calls for this type:
- *
- * nssPKIXX520Name_Decode
- * nssPKIXX520Name_CreateFromUTF8
- * nssPKIXX520Name_Create
- * nssPKIXX520Name_Destroy
- * nssPKIXX520Name_Encode
- * nssPKIXX520Name_GetUTF8Encoding
- * nssPKIXX520Name_Equal
- * nssPKIXX520Name_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXX520Name_verifyPointer
- */
-
-/*
- * nssPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520Name_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSItem *data
-);
-
-/*
- * nssPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-);
-
-/*
- * nssPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-
-/*
- * nssPKIXX520Name_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520Name
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXX520Name_verifyPointer
-(
- NSSPKIXX520Name *p
-);
-
-#endif /* DEBUG */
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- *
- * ub-common-name INTEGER ::= 64
- *
- * The private calls for this type:
- *
- *
- * nssPKIXX520CommonName_Decode
- * nssPKIXX520CommonName_CreateFromUTF8
- * nssPKIXX520CommonName_Create
- * nssPKIXX520CommonName_Destroy
- * nssPKIXX520CommonName_Encode
- * nssPKIXX520CommonName_GetUTF8Encoding
- * nssPKIXX520CommonName_Equal
- * nssPKIXX520CommonName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXX520CommonName_verifyPointer
- */
-
-/*
- * nssPKIXX520CommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520CommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520CommonName_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSItem *data
-);
-
-/*
- * nssPKIXX520CommonName_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520CommonName_Destroy
-(
- NSSPKIXX520CommonName *name
-);
-
-/*
- * nssPKIXX520CommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520CommonName_Encode
-(
- NSSPKIXX520CommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520CommonName_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXX520CommonName_GetUTF8Encoding
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520CommonName_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXX520CommonName_Equal
-(
- NSSPKIXX520CommonName *name1,
- NSSPKIXX520CommonName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXX520CommonName_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Duplicate
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-
-/*
- * nssPKIXX520CommonName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520CommonName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXX520CommonName_verifyPointer
-(
- NSSPKIXX520CommonName *p
-);
-
-#endif /* DEBUG */
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520LocalityName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-locality-name)),
- * printableString PrintableString (SIZE (1..ub-locality-name)),
- * universalString UniversalString (SIZE (1..ub-locality-name)),
- * utf8String UTF8String (SIZE (1..ub-locality-name)),
- * bmpString BMPString (SIZE(1..ub-locality-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520LocalityName_Decode
- * nssPKIXX520LocalityName_CreateFromUTF8
- * nssPKIXX520LocalityName_Encode
- *
- */
-
-/*
- * nssPKIXX520LocalityName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-nssPKIXX520LocalityName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520LocalityName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-nssPKIXX520LocalityName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520LocalityName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520LocalityName_Encode
-(
- NSSPKIXX520LocalityName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520StateOrProvinceName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-state-name)),
- * printableString PrintableString (SIZE (1..ub-state-name)),
- * universalString UniversalString (SIZE (1..ub-state-name)),
- * utf8String UTF8String (SIZE (1..ub-state-name)),
- * bmpString BMPString (SIZE(1..ub-state-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520StateOrProvinceName_Decode
- * nssPKIXX520StateOrProvinceName_CreateFromUTF8
- * nssPKIXX520StateOrProvinceName_Encode
- *
- */
-
-/*
- * nssPKIXX520StateOrProvinceName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-nssPKIXX520StateOrProvinceName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520StateOrProvinceName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-nssPKIXX520StateOrProvinceName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520StateOrProvinceName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520StateOrProvinceName_Encode
-(
- NSSPKIXX520StateOrProvinceName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organization-name)),
- * printableString PrintableString (SIZE (1..ub-organization-name)),
- * universalString UniversalString (SIZE (1..ub-organization-name)),
- * utf8String UTF8String (SIZE (1..ub-organization-name)),
- * bmpString BMPString (SIZE(1..ub-organization-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520OrganizationName_Decode
- * nssPKIXX520OrganizationName_CreateFromUTF8
- * nssPKIXX520OrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXX520OrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-nssPKIXX520OrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520OrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-nssPKIXX520OrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520OrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520OrganizationName_Encode
-(
- NSSPKIXX520OrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationalUnitName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
- * printableString PrintableString
- * (SIZE (1..ub-organizational-unit-name)),
- * universalString UniversalString
- * (SIZE (1..ub-organizational-unit-name)),
- * utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
- * bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520OrganizationalUnitName_Decode
- * nssPKIXX520OrganizationalUnitName_CreateFromUTF8
- * nssPKIXX520OrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXX520OrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-nssPKIXX520OrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520OrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-nssPKIXX520OrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520OrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520OrganizationalUnitName_Encode
-(
- NSSPKIXX520OrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520Title ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-title)),
- * printableString PrintableString (SIZE (1..ub-title)),
- * universalString UniversalString (SIZE (1..ub-title)),
- * utf8String UTF8String (SIZE (1..ub-title)),
- * bmpString BMPString (SIZE(1..ub-title)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520Title_Decode
- * nssPKIXX520Title_CreateFromUTF8
- * nssPKIXX520Title_Encode
- *
- */
-
-/*
- * nssPKIXX520Title_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-nssPKIXX520Title_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520Title_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-nssPKIXX520Title_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520Title_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Title_Encode
-(
- NSSPKIXX520Title *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520dnQualifier ::= PrintableString
- *
- * The private calls for this type:
- *
- * nssPKIXX520dnQualifier_Decode
- * nssPKIXX520dnQualifier_CreateFromUTF8
- * nssPKIXX520dnQualifier_Encode
- *
- */
-
-/*
- * nssPKIXX520dnQualifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-nssPKIXX520dnQualifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520dnQualifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-nssPKIXX520dnQualifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520dnQualifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520dnQualifier_Encode
-(
- NSSPKIXX520dnQualifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
- *
- * The private calls for this type:
- *
- * nssPKIXX520countryName_Decode
- * nssPKIXX520countryName_CreateFromUTF8
- * nssPKIXX520countryName_Encode
- *
- */
-
-/*
- * nssPKIXX520countryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-nssPKIXX520countryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520countryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-nssPKIXX520countryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520countryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520countryName_Encode
-(
- NSSPKIXX520countryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- * The private calls for this type:
- *
- * nssPKIXPkcs9email_Decode
- * nssPKIXPkcs9email_CreateFromUTF8
- * nssPKIXPkcs9email_Encode
- *
- */
-
-/*
- * nssPKIXPkcs9email_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-nssPKIXPkcs9email_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPkcs9email_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-nssPKIXPkcs9email_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPkcs9email_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPkcs9email_Encode
-(
- NSSPKIXPkcs9email *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- * The private calls for this type:
- *
- * nssPKIXName_Decode
- * nssPKIXName_CreateFromUTF8
- * nssPKIXName_Create
- * nssPKIXName_CreateFromRDNSequence
- * nssPKIXName_Destroy
- * nssPKIXName_Encode
- * nssPKIXName_GetUTF8Encoding
- * nssPKIXName_GetChoice
- * nssPKIXName_GetRDNSequence
- * nssPKIXName_GetSpecifiedChoice {fgmr remove this}
-{fgmr} _SetRDNSequence
-{fgmr} _SetSpecifiedChoice
- * nssPKIXName_Equal
- * nssPKIXName_Duplicate
- *
- * (here is where I had specific attribute value gettors in pki1)
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXName_verifyPointer
- *
- */
-
-/*
- * nssPKIXName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-);
-
-/*
- * nssPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-);
-
-/*
- * nssPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXName_Destroy
-(
- NSSPKIXName *name
-);
-
-/*
- * nssPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_EXTERN NSSPKIXNameChoice
-nssPKIXName_GetChoice
-(
- NSSPKIXName *name
-);
-
-/*
- * nssPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXName_Equal
-(
- NSSPKIXName *name1,
- NSSPKIXName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXName_verifyPointer
-(
- NSSPKIXName *p
-);
-#endif /* DEBUG */
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * The private calls for this type:
- *
- * nssPKIXRDNSequence_Decode
- * nssPKIXRDNSequence_CreateFromUTF8
- * nssPKIXRDNSequence_Create
- * nssPKIXRDNSequence_CreateFromArray
- * nssPKIXRDNSequence_Destroy
- * nssPKIXRDNSequence_Encode
- * nssPKIXRDNSequence_GetUTF8Encoding
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- * nssPKIXRDNSequence_Equal
- * nssPKIXRDNSequence_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXRDNSequence_verifyPointer
- *
- */
-
-/*
- * nssPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdn1
-);
-
-/*
- * nssPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-);
-
-/*
- * nssPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * nssPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName **
-nssPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-);
-
-/*
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXRDNSequence_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRDNSequence
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_verifyPointer
-(
- NSSPKIXRDNSequence *p
-);
-#endif /* DEBUG */
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistinguishedName ::= RDNSequence
- *
- * This is just a public typedef; no new methods are required. {fgmr-- right?}
- */
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * The private calls for this type:
- *
- * nssPKIXRelativeDistinguishedName_Decode
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- * nssPKIXRelativeDistinguishedName_Create
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- * nssPKIXRelativeDistinguishedName_Destroy
- * nssPKIXRelativeDistinguishedName_Encode
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_Equal
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * fgmr: Logical additional functions include
- *
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValueByType
- * returns PRInt32
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValuesByType
- * returns array of PRInt32
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueForType
- * returns NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValuesForType
- * returns array of NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValueForType
- * returns NSSPKIXAttributeValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValuesForType
- * returns array of NSSPKIXAttributeValue
- *
- * NOTE: the "return array" versions are only meaningful if an RDN may
- * contain multiple ATAVs with the same type. Verify in the RFC if
- * this is possible or not. If not, nuke those three functions.
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- */
-
-/*
- * nssPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue **
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRelativeDistinguishedName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_verifyPointer
-(
- NSSPKIXRelativeDistinguishedName *p
-);
-#endif /* DEBUG */
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DirectoryString ::= CHOICE {
- * teletexString TeletexString (SIZE (1..MAX)),
- * printableString PrintableString (SIZE (1..MAX)),
- * universalString UniversalString (SIZE (1..MAX)),
- * utf8String UTF8String (SIZE (1..MAX)),
- * bmpString BMPString (SIZE(1..MAX)) }
- *
- * The private calls for this type:
- *
- * nssPKIXDirectoryString_Decode
- * nssPKIXDirectoryString_CreateFromUTF8
- * nssPKIXDirectoryString_Encode
- *
- */
-
-/*
- * nssPKIXDirectoryString_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-nssPKIXDirectoryString_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDirectoryString_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-nssPKIXDirectoryString_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXDirectoryString_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_DIRECTORY_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDirectoryString_Encode
-(
- NSSPKIXDirectoryString *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The private calls for this type:
- *
- * nssPKIXCertificate_Decode
- * nssPKIXCertificate_Create
- * nssPKIXCertificate_Destroy
- * nssPKIXCertificate_Encode
- * nssPKIXCertificate_GetTBSCertificate
- * nssPKIXCertificate_SetTBSCertificate
- * nssPKIXCertificate_GetAlgorithmIdentifier
- * nssPKIXCertificate_SetAlgorithmIdentifier
- * nssPKIXCertificate_GetSignature
- * nssPKIXCertificate_SetSignature
- * nssPKIXCertificate_Equal
- * nssPKIXCertificate_Duplicate
- *
- * { inherit TBSCertificate gettors? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCertificate_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCertificate_Create
- *
- * -- fgmr comments --
- * { at this level we'll have to just accept a specified signature }
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGID
- * NSS_ERROR_INVALID_PKIX_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID,
- NSSItem *signature
-);
-
-/*
- * nssPKIXCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_Destroy
-(
- NSSPKIXCertificate *cert
-);
-
-/*
- * nssPKIXCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificate_Encode
-(
- NSSPKIXCertificate *cert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_GetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXCertificate_GetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXCertificate_GetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXCertificate_GetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * nssPKIXCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXCertificate_GetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *signature
-);
-
-/*
- * nssPKIXCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificate_Equal
-(
- NSSPKIXCertificate *one,
- NSSPKIXCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Duplicate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificate
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_verifyPointer
-(
- NSSPKIXCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- * The private calls for this type:
- *
- * nssPKIXTBSCertificate_Decode
- * nssPKIXTBSCertificate_Create
- * nssPKIXTBSCertificate_Destroy
- * nssPKIXTBSCertificate_Encode
- * nssPKIXTBSCertificate_GetVersion
- * nssPKIXTBSCertificate_SetVersion
- * nssPKIXTBSCertificate_GetSerialNumber
- * nssPKIXTBSCertificate_SetSerialNumber
- * nssPKIXTBSCertificate_GetSignature
- * nssPKIXTBSCertificate_SetSignature
- * { inherit algid gettors? }
- * nssPKIXTBSCertificate_GetIssuer
- * nssPKIXTBSCertificate_SetIssuer
- * { inherit "helper" issuer gettors? }
- * nssPKIXTBSCertificate_GetValidity
- * nssPKIXTBSCertificate_SetValidity
- * { inherit validity accessors }
- * nssPKIXTBSCertificate_GetSubject
- * nssPKIXTBSCertificate_SetSubject
- * nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
- * nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
- * nssPKIXTBSCertificate_HasIssuerUniqueID
- * nssPKIXTBSCertificate_GetIssuerUniqueID
- * nssPKIXTBSCertificate_SetIssuerUniqueID
- * nssPKIXTBSCertificate_RemoveIssuerUniqueID
- * nssPKIXTBSCertificate_HasSubjectUniqueID
- * nssPKIXTBSCertificate_GetSubjectUniqueID
- * nssPKIXTBSCertificate_SetSubjectUniqueID
- * nssPKIXTBSCertificate_RemoveSubjectUniqueID
- * nssPKIXTBSCertificate_HasExtensions
- * nssPKIXTBSCertificate_GetExtensions
- * nssPKIXTBSCertificate_SetExtensions
- * nssPKIXTBSCertificate_RemoveExtensions
- * { extension accessors }
- * nssPKIXTBSCertificate_Equal
- * nssPKIXTBSCertificate_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTBSCertificate_verifyPointer
- */
-
-/*
- * nssPKIXTBSCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTBSCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ISSUER_NAME
- * NSS_ERROR_INVALID_VALIDITY
- * NSS_ERROR_INVALID_SUBJECT_NAME
- * NSS_ERROR_INVALID_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ISSUER_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_SUBJECT_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_EXTENSION
- *
- * Return value:
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXCertificateSerialNumber *serialNumber,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXValidity *validity,
- NSSPKIXName *subject,
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXUniqueIdentifier *issuerUniqueID,
- NSSPKIXUniqueIdentifier *subjectUniqueID,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_Destroy
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTBSCertificate_Encode
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-nssPKIXTBSCertificate_GetVersion
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetVersion
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXVersion version
-);
-
-/*
- * nssPKIXTBSCertificate_GetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXTBSCertificate_GetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *snOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *sn
-);
-
-/*
- * nssPKIXTBSCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXTBSCertificate_GetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID
-);
-
-/*
- * { fgmr inherit algid gettors? }
- */
-
-/*
- * nssPKIXTBSCertificate_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertificate_GetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *issuer
-);
-
-/*
- * { inherit "helper" issuer gettors? }
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *
- * Return value:
- */
-
-/*
- * nssPKIXTBSCertificate_GetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXTBSCertificate_GetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXValidity *validity
-);
-
-/*
- * { fgmr inherit validity accessors }
- */
-
-/*
- * nssPKIXTBSCertificate_GetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertificate_GetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *subject
-);
-
-/*
- * nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * nssPKIXTBSCertificate_HasIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-nssPKIXTBSCertificate_GetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_HasSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-nssPKIXTBSCertificate_GetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_HasExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXTBSCertificate_GetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveExtensions
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * { extension accessors }
- */
-
-/*
- * nssPKIXTBSCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_Equal
-(
- NSSPKIXTBSCertificate *one,
- NSSPKIXTBSCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Duplicate
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTBSCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTBSCertificate
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_verifyPointer
-(
- NSSPKIXTBSCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateSerialNumber ::= INTEGER
- *
- * This is just a typedef'd NSSBER; no methods are required.
- * {fgmr -- the asn.1 stuff should have routines to convert
- * integers to natural types when possible and vv. we can
- * refer to them here..}
- */
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- * The private calls for the type:
- *
- * nssPKIXValidity_Decode
- * nssPKIXValidity_Create
- * nssPKIXValidity_Encode
- * nssPKIXValidity_Destroy
- * nssPKIXValidity_GetNotBefore
- * nssPKIXValidity_SetNotBefore
- * nssPKIXValidity_GetNotAfter
- * nssPKIXValidity_SetNotAfter
- * nssPKIXValidity_Equal
- * nssPKIXValidity_Compare
- * nssPKIXValidity_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXValidity_verifyPointer
- *
- */
-
-/*
- * nssPKIXValidity_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXValidity_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTime notBefore,
- NSSPKIXTime notAfter
-);
-
-/*
- * nssPKIXValidity_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_Destroy
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXValidity_Encode
-(
- NSSPKIXValidity *validity,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXValidity_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXValidity_GetNotBefore
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_SetNotBefore
- *
- * -- fgmr comments --
- * {do we require that it be before the "notAfter" value?}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_SetNotBefore
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notBefore
-);
-
-/*
- * nssPKIXValidity_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXValidity_GetNotAfter
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_SetNotAfter
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notAfter
-);
-
-/*
- * nssPKIXValidity_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXValidity_Equal
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXValidity_Compare
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * 1 if the second is "greater" or later than the first
- * 0 if they are equal
- * -1 if the first is "greater" or later than the first
- * -2 upon failure
- */
-
-NSS_EXTERN PRIntn
-nssPKIXValidity_Compare
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two
-);
-
-/*
- * nssPKIXValidity_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Duplicate
-(
- NSSPKIXValidity *validity,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXValidity_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXValidity
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_verifyPointer
-(
- NSSPKIXValidity *p
-);
-#endif /* DEBUG */
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- * The private calls for the type:
- *
- * nssPKIXTime_Decode
- * nssPKIXTime_CreateFromPRTime
- * nssPKIXTime_CreateFromUTF8
- * nssPKIXTime_Destroy
- * nssPKIXTime_Encode
- * nssPKIXTime_GetPRTime
- * nssPKIXTime_GetUTF8Encoding
- * nssPKIXTime_Equal
- * nssPKIXTime_Duplicate
- * nssPKIXTime_Compare
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTime_verifyPointer
- *
- */
-
-/*
- * nssPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-);
-
-/*
- * nssPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTime_Destroy
- *
- */
-
-NSS_EXTERN PR_STATUS
-nssPKIXTime_Destroy
-(
- NSSPKIXTime *time
-);
-
-/*
- * nssPKIXTime_Encode
- *
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_EXTERN PRTime
-nssPKIXTime_GetPRTime
-(
- NSSPKIXTime *time,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKXITime_GetUTF8Encoding
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_Equal
- *
- */
-
-NSS_EXTERN PRBool
-nssPKXITime_Equal
-(
- NSSPKXITime *time1,
- NSSPKXITime *time2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTime_Duplicate
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKXITime_Duplicate
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- * Returns 0 on error
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTime_Compare
-(
- NSSPKIXTime *time1,
- NSSPKIXTime *tiem2,
- PRStatus *statusOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTime_verifyPointer
- *
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTime_verifyPointer
-(
- NSSPKIXTime *time
-);
-#endif /* DEBUG */
-
-/*
- * UniqueIdentifier
- *
- * From RFC 2459:
- *
- * UniqueIdentifier ::= BIT STRING
- *
- */
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- * The private calls for the type:
- *
- * nssPKIXSubjectPublicKeyInfo_Decode
- * nssPKIXSubjectPublicKeyInfo_Create
- * nssPKIXSubjectPublicKeyInfo_Encode
- * nssPKIXSubjectPublicKeyInfo_Destroy
- * nssPKIXSubjectPublicKeyInfo_GetAlgorithm
- * nssPKIXSubjectPublicKeyInfo_SetAlgorithm
- * nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- * nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- * nssPKIXSubjectPublicKeyInfo_Equal
- * nssPKIXSubjectPublicKeyInfo_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXSubjectPublicKeyInfo_verifyPointer
- *
- */
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *subjectPublicKey
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_Destroy
-(
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXSubjectPublicKeyInfo_Encode
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXSubjectPublicKeyInfo_GetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_SetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spkOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spk
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXSubjectPublicKeyInfo_Equal
-(
- NSSPKIXSubjectPublicKeyInfo *one,
- NSSPKIXSubjectPublicKeyInfo *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Duplicate
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXSubjectPublicKeyInfo_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXSubjectPublicKeyInfo
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_verifyPointer
-(
- NSSPKIXSubjectPublicKeyInfo *p
-);
-#endif /* DEBUG */
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-/* { FGMR } */
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-/* { FGMR } */
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The private calls for the type:
- *
- * nssPKIXCertificateList_Decode
- * nssPKIXCertificateList_Create
- * nssPKIXCertificateList_Encode
- * nssPKIXCertificateList_Destroy
- * nssPKIXCertificateList_GetTBSCertList
- * nssPKIXCertificateList_SetTBSCertList
- * nssPKIXCertificateList_GetSignatureAlgorithm
- * nssPKIXCertificateList_SetSignatureAlgorithm
- * nssPKIXCertificateList_GetSignature
- * nssPKIXCertificateList_SetSignature
- * nssPKIXCertificateList_Equal
- * nssPKIXCertificateList_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCertificateList_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificateList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCertificateList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertList *tbsCertList,
- NSSPKIXAlgorithmIdentifier *sigAlg,
- NSSItem *signature
-);
-
-/*
- * nssPKIXCertificateList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_Destroy
-(
- NSSPKIXCertificateList *certList
-);
-
-/*
- * nssPKIXCertificateList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificateList_Encode
-(
- NSSPKIXCertificateList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_GetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXCertificateList_GetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXTBSCertList *tbsCertList
-);
-
-/*
- * nssPKIXCertificateList_GetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXCertificateList_GetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXAlgorithmIdentifier *sigAlg
-);
-
-/*
- * nssPKIXCertificateList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXCertificateList_GetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *sig
-);
-
-/*
- * nssPKIXCertificateList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificateList_Equal
-(
- NSSPKIXCertificateList *one,
- NSSPKIXCertificateList *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificateList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Duplicate
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificateList_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificateList
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_verifyPointer
-(
- NSSPKIXCertificateList *p
-);
-#endif /* DEBUG */
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- * The private calls for the type:
- *
- * nssPKIXTBSCertList_Decode
- * nssPKIXTBSCertList_Create
- * nssPKIXTBSCertList_Destroy
- * nssPKIXTBSCertList_Encode
- * nssPKIXTBSCertList_GetVersion
- * nssPKIXTBSCertList_SetVersion
- * nssPKIXTBSCertList_GetSignature
- * nssPKIXTBSCertList_SetSignature
- * nssPKIXTBSCertList_GetIssuer
- * nssPKIXTBSCertList_SetIssuer
- * nssPKIXTBSCertList_GetThisUpdate
- * nssPKIXTBSCertList_SetThisUpdate
- * nssPKIXTBSCertList_HasNextUpdate
- * nssPKIXTBSCertList_GetNextUpdate
- * nssPKIXTBSCertList_SetNextUpdate
- * nssPKIXTBSCertList_RemoveNextUpdate
- * nssPKIXTBSCertList_GetRevokedCertificates
- * nssPKIXTBSCertList_SetRevokedCertificates
- * nssPKIXTBSCertList_HasCrlExtensions
- * nssPKIXTBSCertList_GetCrlExtensions
- * nssPKIXTBSCertList_SetCrlExtensions
- * nssPKIXTBSCertList_RemoveCrlExtensions
- * nssPKIXTBSCertList_Equal
- * nssPKIXTBSCertList_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTBSCertList_verifyPointer
- *
- */
-
-/*
- * nssPKIXTBSCertList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTBSCertList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_TIME
- * (something for the times being out of order?)
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXTime thisUpdate,
- NSSPKIXTime nextUpdateOpt,
- NSSPKIXrevokedCertificates *revokedCerts,
- NSSPKIXExtensions *crlExtensionsOpt
-);
-
-/*
- * nssPKIXTBSCertList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_Destroy
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTBSCertList_Encode
-(
- NSSPKIXTBSCertList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-nssPKIXTBSCertList_GetVersion
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetVersion
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXVersion version
-);
-
-/*
- * nssPKIXTBSCertList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXTBSCertList_GetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * nssPKIXTBSCertList_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertList_GetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXName *issuer
-);
-
-/*
- * nssPKIXTBSCertList_GetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXTBSCertList_GetThisUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetThisUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime thisUpdate
-);
-
-/*
- * nssPKIXTBSCertList_HasNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_HasNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXTBSCertList_GetNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime nextUpdate
-);
-
-/*
- * nssPKIXTBSCertList_RemoveNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_NEXT_UPDATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_RemoveNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon succes
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXTBSCertList_GetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXrevokedCertificates *revoked
-);
-
-/*
- * nssPKIXTBSCertList_HasCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_HasCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXTBSCertList_GetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertList_RemoveCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_RemoveCrlExtensions
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_Equal
-(
- NSSPKIXTBSCertList *one,
- NSSPKIXTBSCertList *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Duplicate
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTBSCertList_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTBSCertList
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_verifyPointer
-(
- NSSPKIXTBSCertList *p
-);
-#endif /* DEBUG */
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The private calls for the type:
- *
- * nssPKIXrevokedCertificates_Decode
- * nssPKIXrevokedCertificates_Create
- * nssPKIXrevokedCertificates_Encode
- * nssPKIXrevokedCertificates_Destroy
- * nssPKIXrevokedCertificates_GetRevokedCertificateCount
- * nssPKIXrevokedCertificates_GetRevokedCertificates
- * nssPKIXrevokedCertificates_SetRevokedCertificates
- * nssPKIXrevokedCertificates_GetRevokedCertificate
- * nssPKIXrevokedCertificates_SetRevokedCertificate
- * nssPKIXrevokedCertificates_InsertRevokedCertificate
- * nssPKIXrevokedCertificates_AppendRevokedCertificate
- * nssPKIXrevokedCertificates_RemoveRevokedCertificate
- * nssPKIXrevokedCertificates_Equal
- * nssPKIXrevokedCertificates_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXrevokedCertificates_verifyPointer
- *
- */
-
-/*
- * nssPKIXrevokedCertificates_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXrevokedCertificates_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXrevokedCertificate *rc1,
- ...
-);
-
-/*
- * nssPKIXrevokedCertificates_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_Destroy
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * nssPKIXrevokedCertificates_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXrevokedCertificates_Encode
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificateCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXrevokedCertificates_GetRevokedCertificateCount
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXrevokedCertificate pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate **
-nssPKIXrevokedCertificates_GetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_SetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc[],
- PRInt32 countOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificates_GetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_SetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_SetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_InsertRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_InsertRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_AppendRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_AppendRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_RemoveRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_RemoveRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i
-);
-
-/*
- * nssPKIXrevokedCertificates_FindRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXrevokedCertificates_FindRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificates_Equal
-(
- NSSPKIXrevokedCertificates *one,
- NSSPKIXrevokedCertificates *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Duplicate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXrevokedCertificates_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXrevokedCertificates
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_verifyPointer
-(
- NSSPKIXrevokedCertificates *p
-);
-#endif /* DEBUG */
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The private calls for this type:
- *
- * nssPKIXrevokedCertificate_Decode
- * nssPKIXrevokedCertificate_Create
- * nssPKIXrevokedCertificate_Encode
- * nssPKIXrevokedCertificate_Destroy
- * nssPKIXrevokedCertificate_GetUserCertificate
- * nssPKIXrevokedCertificate_SetUserCertificate
- * nssPKIXrevokedCertificate_GetRevocationDate
- * nssPKIXrevokedCertificate_SetRevocationDate
- * nssPKIXrevokedCertificate_HasCrlEntryExtensions
- * nssPKIXrevokedCertificate_GetCrlEntryExtensions
- * nssPKIXrevokedCertificate_SetCrlEntryExtensions
- * nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
- * nssPKIXrevokedCertificate_Equal
- * nssPKIXrevokedCertificate_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXrevokedCertificate_verifyPointer
- *
- */
-
-
-/*
- * nssPKIXrevokedCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXrevokedCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_TIME
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertificateSerialNumber *userCertificate,
- NSSPKIXTime *revocationDate,
- NSSPKIXExtensions *crlEntryExtensionsOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_Destroy
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXrevokedCertificate_Encode
-(
- NSSPKIXrevokedCertificate *rc,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_GetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXrevokedCertificate_GetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_SetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXCertificateSerialNumber *csn
-);
-
-/*
- * nssPKIXrevokedCertificate_GetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXrevokedCertificate_GetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_SetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXTime *revocationDate
-);
-
-/*
- * nssPKIXrevokedCertificate_HasCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificate_HasCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_GetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXrevokedCertificate_GetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_SetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXExtensions *crlEntryExtensions
-);
-
-/*
- * nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificate_Equal
-(
- NSSPKIXrevokedCertificate *one,
- NSSPKIXrevokedCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Duplicate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXrevokedCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXrevokedCertificate
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_verifyPointer
-(
- NSSPKIXrevokedCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- * The private calls for this type:
- *
- * nssPKIXAlgorithmIdentifier_Decode
- * nssPKIXAlgorithmIdentifier_Create
- * nssPKIXAlgorithmIdentifier_Encode
- * nssPKIXAlgorithmIdentifier_Destroy
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- * nssPKIXAlgorithmIdentifier_GetParameters
- * nssPKIXAlgorithmIdentifier_SetParameters
- * nssPKIXAlgorithmIdentifier_Compare
- * nssPKIXAlgorithmIdentifier_Duplicate
- * { algorithm-specific parameter types and accessors ? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- */
-
-/*
- * nssPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-);
-
-/*
- * { algorithm-specific parameter types and accessors ? }
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAlgorithmIdentifier
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_verifyPointer
-(
- NSSPKIXAlgorithmIdentifier *p
-);
-#endif /* DEBUG */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- * The private calls for this type:
- *
- * nssPKIXORAddress_Decode
- * nssPKIXORAddress_Create
- * nssPKIXORAddress_Destroy
- * nssPKIXORAddress_Encode
- * nssPKIXORAddress_GetBuiltInStandardAttributes
- * nssPKIXORAddress_SetBuiltInStandardAttributes
- * nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_HasExtensionsAttributes
- * nssPKIXORAddress_GetExtensionsAttributes
- * nssPKIXORAddress_SetExtensionsAttributes
- * nssPKIXORAddress_RemoveExtensionsAttributes
- * nssPKIXORAddress_Equal
- * nssPKIXORAddress_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXORAddress_verifyPointer
- *
- */
-
-/*
- * nssPKIXORAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXORAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXBuiltInDomainDefinedAttributes *biddaOpt,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * nssPKIXORAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_Destroy
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXORAddress_Encode
-(
- NSSPKIXORAddress *ora,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_GetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXORAddress_GetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_HasExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_HasExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_GetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXORAddress_GetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * nssPKIXORAddress_RemoveExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_RemoveExtensionsAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_Equal
-(
- NSSPKIXORAddress *ora1,
- NSSPKIXORAddress *ora2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Duplicate
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXORAddress_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXORAddress
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_verifyPointer
-(
- NSSPKIXORAddress *p
-);
-#endif /* DEBUG */
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- * The private calls for this type:
- *
- * nssPKIXBuiltInStandardAttributes_Decode
- * nssPKIXBuiltInStandardAttributes_Create
- * nssPKIXBuiltInStandardAttributes_Destroy
- * nssPKIXBuiltInStandardAttributes_Encode
- * nssPKIXBuiltInStandardAttributes_HasCountryName
- * nssPKIXBuiltInStandardAttributes_GetCountryName
- * nssPKIXBuiltInStandardAttributes_SetCountryName
- * nssPKIXBuiltInStandardAttributes_RemoveCountryName
- * nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_HasNetworkAddress
- * nssPKIXBuiltInStandardAttributes_GetNetworkAddress
- * nssPKIXBuiltInStandardAttributes_SetNetworkAddress
- * nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- * nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
- * nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
- * nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
- * nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- * nssPKIXBuiltInStandardAttributes_HasOrganizationName
- * nssPKIXBuiltInStandardAttributes_GetOrganizationName
- * nssPKIXBuiltInStandardAttributes_SetOrganizationName
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
- * nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_HasPersonalName
- * nssPKIXBuiltInStandardAttributes_GetPersonalName
- * nssPKIXBuiltInStandardAttributes_SetPersonalName
- * nssPKIXBuiltInStandardAttributes_RemovePersonalName
- * nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_Equal
- * nssPKIXBuiltInStandardAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBuiltInStandardAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInStandardAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCountryName *countryNameOpt,
- NSSPKIXAdministrationDomainName *administrationDomainNameOpt,
- NSSPKIXNetworkAddress *networkAddressOpt,
- NSSPKIXTerminalIdentifier *terminalIdentifierOpt,
- NSSPKIXPrivateDomainName *privateDomainNameOpt,
- NSSPKIXOrganizationName *organizationNameOpt,
- NSSPKIXNumericUserIdentifier *numericUserIdentifierOpt,
- NSSPKIXPersonalName *personalNameOpt,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNamesOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_Destroy
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInStandardAttributes_Encode
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXBuiltInStandardAttributes_GetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXCountryName *countryName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXAdministrationDomainName *administrationDomainName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXBuiltInStandardAttributes_GetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNetworkAddress *networkAddress
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXTerminalIdentifier *terminalIdentifier
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPrivateDomainName *privateDomainName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXBuiltInStandardAttributes_GetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationName *organizationName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNumericUserIdentifier *numericUserIdentifier
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXBuiltInStandardAttributes_GetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemovePersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemovePersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNames
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_Equal
-(
- NSSPKIXBuiltInStandardAttributes *bisa1,
- NSSPKIXBuiltInStandardAttributes *bisa2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Duplicate
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInStandardAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInStandardAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_verifyPointer
-(
- NSSPKIXBuiltInStandardAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CountryName ::= [APPLICATION 1] CHOICE {
- * x121-dcc-code NumericString
- * (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXCountryName_Decode
- * nssPKIXCountryName_CreateFromUTF8
- * nssPKIXCountryName_Encode
- *
- */
-
-/*
- * nssPKIXCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCountryName_Encode
-(
- NSSPKIXCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- * numeric NumericString (SIZE (0..ub-domain-name-length)),
- * printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXAdministrationDomainName_Decode
- * nssPKIXAdministrationDomainName_CreateFromUTF8
- * nssPKIXAdministrationDomainName_Encode
- *
- */
-
-/*
- * nssPKIXAdministrationDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXAdministrationDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAdministrationDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXAdministrationDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXAdministrationDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAdministrationDomainName_Encode
-(
- NSSPKIXAdministrationDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- * The private calls for this type:
- *
- * nssPKIXX121Address_Decode
- * nssPKIXX121Address_CreateFromUTF8
- * nssPKIXX121Address_Encode
- *
- */
-
-/*
- * nssPKIXX121Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-nssPKIXX121Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX121Address_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-nssPKIXX121Address_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX121Address_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X121_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX121Address_Encode
-(
- NSSPKIXX121Address *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NetworkAddress ::= X121Address -- see also extended-network-address
- *
- * The private calls for this type:
- *
- * nssPKIXNetworkAddress_Decode
- * nssPKIXNetworkAddress_CreateFromUTF8
- * nssPKIXNetworkAddress_Encode
- *
- */
-
-/*
- * nssPKIXNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNetworkAddress_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXNetworkAddress_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXNetworkAddress_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNetworkAddress_Encode
-(
- NSSPKIXNetworkAddress *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTerminalIdentifier_Decode
- * nssPKIXTerminalIdentifier_CreateFromUTF8
- * nssPKIXTerminalIdentifier_Encode
- *
- */
-
-/*
- * nssPKIXTerminalIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXTerminalIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTerminalIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXTerminalIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTerminalIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTerminalIdentifier_Encode
-(
- NSSPKIXTerminalIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments --
- *
- * PrivateDomainName ::= CHOICE {
- * numeric NumericString (SIZE (1..ub-domain-name-length)),
- * printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXPrivateDomainName_Decode
- * nssPKIXPrivateDomainName_CreateFromUTF8
- * nssPKIXPrivateDomainName_Encode
- *
- */
-
-/*
- * nssPKIXPrivateDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXPrivateDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPrivateDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXPrivateDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPrivateDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPrivateDomainName_Encode
-(
- NSSPKIXPrivateDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- * OrganizationName ::= PrintableString
- * (SIZE (1..ub-organization-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXOrganizationName_Decode
- * nssPKIXOrganizationName_CreateFromUTF8
- * nssPKIXOrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationName_Encode
-(
- NSSPKIXOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NumericUserIdentifier ::= NumericString
- * (SIZE (1..ub-numeric-user-id-length))
- *
- * The private calls for this type:
- *
- * nssPKIXNumericUserIdentifier_Decode
- * nssPKIXNumericUserIdentifier_CreateFromUTF8
- * nssPKIXNumericUserIdentifier_Encode
- *
- */
-
-/*
- * nssPKIXNumericUserIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXNumericUserIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNumericUserIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXNumericUserIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXNumericUserIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNumericUserIdentifier_Encode
-(
- NSSPKIXNumericUserIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXPersonalName_Decode
- * nssPKIXPersonalName_Create
- * nssPKIXPersonalName_Destroy
- * nssPKIXPersonalName_Encode
- * nssPKIXPersonalName_GetSurname
- * nssPKIXPersonalName_SetSurname
- * nssPKIXPersonalName_HasGivenName
- * nssPKIXPersonalName_GetGivenName
- * nssPKIXPersonalName_SetGivenName
- * nssPKIXPersonalName_RemoveGivenName
- * nssPKIXPersonalName_HasInitials
- * nssPKIXPersonalName_GetInitials
- * nssPKIXPersonalName_SetInitials
- * nssPKIXPersonalName_RemoveInitials
- * nssPKIXPersonalName_HasGenerationQualifier
- * nssPKIXPersonalName_GetGenerationQualifier
- * nssPKIXPersonalName_SetGenerationQualifier
- * nssPKIXPersonalName_RemoveGenerationQualifier
- * nssPKIXPersonalName_Equal
- * nssPKIXPersonalName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPersonalName_verifyPointer
- *
- */
-
-/*
- * nssPKIXPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * nssPKIXPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_Destroy
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPersonalName_Encode
-(
- NSSPKIXPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * nssPKIXPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasGivenName
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * nssPKIXPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveGivenName
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasInitials
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * nssPKIXPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveInitials
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * nssPKIXPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_Equal
-(
- NSSPKIXPersonalName *personalName1,
- NSSPKIXPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Duplicate
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPersonalName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPersonalName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_verifyPointer
-(
- NSSPKIXPersonalName *p
-);
-#endif /* DEBUG */
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- * The private calls for the type:
- *
- * nssPKIXOrganizationalUnitNames_Decode
- * nssPKIXOrganizationalUnitNames_Create
- * nssPKIXOrganizationalUnitNames_Destroy
- * nssPKIXOrganizationalUnitNames_Encode
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_Equal
- * nssPKIXOrganizationalUnitNames_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXOrganizationalUnitNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_Destroy
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationalUnitNames_Encode
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName **
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRIntn
-nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXOrganizationalUnitNames_Equal
-(
- NSSPKIXOrganizationalUnitNames *ous1,
- NSSPKIXOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Duplicate
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXOrganizationalUnitNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXOrganizationalUnitNames
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_verifyPointer
-(
- NSSPKIXOrganizationalUnitNames *p
-);
-#endif /* DEBUG */
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitName ::= PrintableString (SIZE
- * (1..ub-organizational-unit-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXOrganizationalUnitName_Decode
- * nssPKIXOrganizationalUnitName_CreateFromUTF8
- * nssPKIXOrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationalUnitName_Encode
-(
- NSSPKIXOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- * The private calls for this type:
- *
- * nssPKIXBuiltInDomainDefinedAttributes_Decode
- * nssPKIXBuiltInDomainDefinedAttributes_Create
- * nssPKIXBuiltInDomainDefinedAttributes_Destroy
- * nssPKIXBuiltInDomainDefinedAttributes_Encode
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_Equal
- * nssPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- ...
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInDomainDefinedAttributes_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXBuiltInDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute **
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *bidda[],
- PRInt32 count
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInDomainDefinedAttributes_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas1,
- NSSPKIXBuiltInDomainDefinedAttributes *biddas2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
-(
- NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- * The private calls for this type:
- *
- * nssPKIXBuiltInDomainDefinedAttribute_Decode
- * nssPKIXBuiltInDomainDefinedAttribute_Create
- * nssPKIXBuiltInDomainDefinedAttribute_Destroy
- * nssPKIXBuiltInDomainDefinedAttribute_Encode
- * nssPKIXBuiltInDomainDefinedAttribute_GetType
- * nssPKIXBuiltInDomainDefinedAttribute_SetType
- * nssPKIXBuiltInDomainDefinedAttribute_GetValue
- * nssPKIXBuiltInDomainDefinedAttribute_SetValue
- * nssPKIXBuiltInDomainDefinedAttribute_Equal
- * nssPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInDomainDefinedAttribute_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXBuiltInDomainDefinedAttribute_GetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_SetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *type
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXBuiltInDomainDefinedAttribute_GetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_SetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInDomainDefinedAttribute_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
-(
- NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- * The private calls for this type:
- *
- * nssPKIXExtensionAttributes_Decode
- * nssPKIXExtensionAttributes_Create
- * nssPKIXExtensionAttributes_Destroy
- * nssPKIXExtensionAttributes_Encode
- * nssPKIXExtensionAttributes_GetExtensionAttributeCount
- * nssPKIXExtensionAttributes_GetExtensionAttributes
- * nssPKIXExtensionAttributes_SetExtensionAttributes
- * nssPKIXExtensionAttributes_GetExtensionAttribute
- * nssPKIXExtensionAttributes_SetExtensionAttribute
- * nssPKIXExtensionAttributes_InsertExtensionAttribute
- * nssPKIXExtensionAttributes_AppendExtensionAttribute
- * nssPKIXExtensionAttributes_RemoveExtensionAttribute
- * nssPKIXExtensionAttributes_FindExtensionAttribute
- * nssPKIXExtensionAttributes_Equal
- * nssPKIXExtensionAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtensionAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtensionAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtensionAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttribute ea1,
- ...
-);
-
-/*
- * nssPKIXExtensionAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_Destroy
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * nssPKIXExtensionAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtensionAttributes_Encode
-(
- NSSPKIXExtensionAttributes *eas
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtensionAttributes_GetExtensionAttributeCount
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXExtensionAttribute pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute **
-nssPKIXExtensionAttributes_GetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_SetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_SetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea[],
- PRInt32 count
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttributes_GetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_SetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_SetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_InsertExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_InsertExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_AppendExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_AppendExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_RemoveExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_RemoveExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
-);
-
-/*
- * nssPKIXExtensionAttributes_FindExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtensionAttributes_FindExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtensionAttributes_Equal
-(
- NSSPKIXExtensionAttributes *eas1,
- NSSPKIXExtensionAttributes *eas2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Duplicate
-(
- NSSPKIXExtensionAttributes *eas,
- NSSArena *arenaOpt
-);
-
-/*
- * fgmr
- * There should be accessors to search the ExtensionAttributes and
- * return the value for a specific value, etc.
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXExtensionAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtensionAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_verifyPointer
-(
- NSSPKIXExtensionAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- * The private calls for this type:
- *
- * nssPKIXExtensionAttribute_Decode
- * nssPKIXExtensionAttribute_Create
- * nssPKIXExtensionAttribute_Destroy
- * nssPKIXExtensionAttribute_Encode
- * nssPKIXExtensionAttribute_GetExtensionsAttributeType
- * nssPKIXExtensionAttribute_SetExtensionsAttributeType
- * nssPKIXExtensionAttribute_GetExtensionsAttributeValue
- * nssPKIXExtensionAttribute_SetExtensionsAttributeValue
- * nssPKIXExtensionAttribute_Equal
- * nssPKIXExtensionAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtensionAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtensionAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtensionAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE_TYPE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttributeType type,
- NSSItem *value
-);
-
-/*
- * nssPKIXExtensionAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_Destroy
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtensionAttribute_Encode
-(
- NSSPKIXExtensionAttribute *ea,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_GetExtensionsAttributeType
- *
- * -- fgmr comments --
- * {One of these objects created from BER generated by a program
- * adhering to a later version of the PKIX standards might have
- * a value not mentioned in the enumeration definition. This isn't
- * a bug.}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A member of the NSSPKIXExtensionAttributeType enumeration
- * upon success
- * NSSPKIXExtensionAttributeType_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributeType
-nssPKIXExtensionAttribute_GetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttribute_SetExtensionsAttributeType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_SetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea,
- NSSPKIXExtensionAttributeType type
-);
-
-/*
- * nssPKIXExtensionAttribute_GetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXExtensionAttribute_GetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_SetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_SetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *value
-);
-
-/*
- * nssPKIXExtensionAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtensionAttribute_Equal
-(
- NSSPKIXExtensionAttribute *ea1,
- NSSPKIXExtensionAttribute *ea2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Duplicate
-(
- NSSPKIXExtensionAttribute *ea,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtensionAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtensionAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_verifyPointer
-(
- NSSPKIXExtensionAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXCommonName_Decode
- * nssPKIXCommonName_CreateFromUTF8
- * nssPKIXCommonName_Encode
- *
- */
-
-/*
- * nssPKIXCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-nssPKIXCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-nssPKIXCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCommonName_Encode
-(
- NSSPKIXCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexCommonName_Decode
- * nssPKIXTeletexCommonName_CreateFromUTF8
- * nssPKIXTeletexCommonName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-nssPKIXTeletexCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-nssPKIXTeletexCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexCommonName_Encode
-(
- NSSPKIXTeletexCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationName ::=
- * TeletexString (SIZE (1..ub-organization-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexOrganizationName_Decode
- * nssPKIXTeletexOrganizationName_CreateFromUTF8
- * nssPKIXTeletexOrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-nssPKIXTeletexOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-nssPKIXTeletexOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationName_Encode
-(
- NSSPKIXTeletexOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexPersonalName_Decode
- * nssPKIXTeletexPersonalName_Create
- * nssPKIXTeletexPersonalName_Destroy
- * nssPKIXTeletexPersonalName_Encode
- * nssPKIXTeletexPersonalName_GetSurname
- * nssPKIXTeletexPersonalName_SetSurname
- * nssPKIXTeletexPersonalName_HasGivenName
- * nssPKIXTeletexPersonalName_GetGivenName
- * nssPKIXTeletexPersonalName_SetGivenName
- * nssPKIXTeletexPersonalName_RemoveGivenName
- * nssPKIXTeletexPersonalName_HasInitials
- * nssPKIXTeletexPersonalName_GetInitials
- * nssPKIXTeletexPersonalName_SetInitials
- * nssPKIXTeletexPersonalName_RemoveInitials
- * nssPKIXTeletexPersonalName_HasGenerationQualifier
- * nssPKIXTeletexPersonalName_GetGenerationQualifier
- * nssPKIXTeletexPersonalName_SetGenerationQualifier
- * nssPKIXTeletexPersonalName_RemoveGenerationQualifier
- * nssPKIXTeletexPersonalName_Equal
- * nssPKIXTeletexPersonalName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexPersonalName_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_Destroy
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexPersonalName_Encode
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveGivenName
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveInitials
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_Equal
-(
- NSSPKIXTeletexPersonalName *personalName1,
- NSSPKIXTeletexPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Duplicate
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexPersonalName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexPersonalName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_verifyPointer
-(
- NSSPKIXTeletexPersonalName *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- * The private calls for the type:
- *
- * nssPKIXTeletexOrganizationalUnitNames_Decode
- * nssPKIXTeletexOrganizationalUnitNames_Create
- * nssPKIXTeletexOrganizationalUnitNames_Destroy
- * nssPKIXTeletexOrganizationalUnitNames_Encode
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_Equal
- * nssPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexOrganizationalUnitNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_Destroy
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationalUnitNames_Encode
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName **
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexOrganizationalUnitNames_Equal
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous1,
- NSSPKIXTeletexOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Duplicate
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexOrganizationalUnitNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexOrganizationalUnitNames
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_verifyPointer
-(
- NSSPKIXTeletexOrganizationalUnitNames *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitName ::= TeletexString
- * (SIZE (1..ub-organizational-unit-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexOrganizationalUnitName_Decode
- * nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- * nssPKIXTeletexOrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationalUnitName_Encode
-(
- NSSPKIXTeletexOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXPDSName_Decode
- * nssPKIXPDSName_CreateFromUTF8
- * nssPKIXPDSName_Encode
- *
- */
-
-/*
- * nssPKIXPDSName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-nssPKIXPDSName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPDSName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-nssPKIXPDSName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPDSName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPDSName_Encode
-(
- NSSPKIXPDSName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryCountryName ::= CHOICE {
- * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXPhysicalDeliveryCountryName_Decode
- * nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- * nssPKIXPhysicalDeliveryCountryName_Encode
- *
- */
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-nssPKIXPhysicalDeliveryCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PHYSICAL_DELIVERY_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPhysicalDeliveryCountryName_Encode
-(
- NSSPKIXPhysicalDeliveryCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostalCode ::= CHOICE {
- * numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- * printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXPostalCode_Decode
- * nssPKIXPostalCode_CreateFromUTF8
- * nssPKIXPostalCode_Encode
- *
- */
-
-/*
- * nssPKIXPostalCode_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-nssPKIXPostalCode_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPostalCode_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-nssPKIXPostalCode_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPostalCode_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POSTAL_CODE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPostalCode_Encode
-(
- NSSPKIXPostalCode *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXPDSParameter_Decode
- * nssPKIXPDSParameter_CreateFromUTF8
- * nssPKIXPDSParameter_Create
- * nssPKIXPDSParameter_Delete
- * nssPKIXPDSParameter_Encode
- * nssPKIXPDSParameter_GetUTF8Encoding
- * nssPKIXPDSParameter_HasPrintableString
- * nssPKIXPDSParameter_GetPrintableString
- * nssPKIXPDSParameter_SetPrintableString
- * nssPKIXPDSParameter_RemovePrintableString
- * nssPKIXPDSParameter_HasTeletexString
- * nssPKIXPDSParameter_GetTeletexString
- * nssPKIXPDSParameter_SetTeletexString
- * nssPKIXPDSParameter_RemoveTeletexString
- * nssPKIXPDSParameter_Equal
- * nssPKIXPDSParameter_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPDSParameter_verifyPointer
- */
-
-/*
- * nssPKIXPDSParameter_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPDSParameter_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPDSParameter_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *printableStringOpt,
- NSSUTF8 *teletexStringOpt
-);
-
-/*
- * nssPKIXPDSParameter_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_Destroy
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPDSParameter_Encode
-(
- NSSPKIXPDSParameter *p,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetUTF8Encoding
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_HasPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_HasPrintableString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_SetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_SetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *printableString
-);
-
-/*
- * nssPKIXPDSParameter_RemovePrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_RemovePrintableString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_HasTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_HasTeletexString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_SetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_SetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *teletexString
-);
-
-/*
- * nssPKIXPDSParameter_RemoveTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_RemoveTeletexString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_Equal
-(
- NSSPKIXPDSParameter *p1,
- NSSPKIXPDSParameter *p2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Duplicate
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPDSParameter_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPDSParameter
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_verifyPointer
-(
- NSSPKIXPDSParameter *p
-);
-#endif /* DEBUG */
-
-/*
- * fgmr: what about these PDS types?
- *
- * PhysicalDeliveryOfficeName
- *
- * PhysicalDeliveryOfficeNumber
- *
- * ExtensionORAddressComponents
- *
- * PhysicalDeliveryPersonalName
- *
- * PhysicalDeliveryOrganizationName
- *
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * StreetAddress
- *
- * PostOfficeBoxAddress
- *
- * PosteRestanteAddress
- *
- * UniquePostalName
- *
- * LocalPostalAttributes
- *
- */
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- * The private calls for the type:
- *
- *
- */
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- * The private calls for the type:
- *
- * nssPKIXExtendedNetworkAddress_Decode
- * nssPKIXExtendedNetworkAddress_Create
- * nssPKIXExtendedNetworkAddress_Encode
- * nssPKIXExtendedNetworkAddress_Destroy
- * nssPKIXExtendedNetworkAddress_GetChoice
- * nssPKIXExtendedNetworkAddress_Get
- * nssPKIXExtendedNetworkAddress_GetE1634Address
- * nssPKIXExtendedNetworkAddress_GetPsapAddress
- * nssPKIXExtendedNetworkAddress_Set
- * nssPKIXExtendedNetworkAddress_SetE163Address
- * nssPKIXExtendedNetworkAddress_SetPsapAddress
- * nssPKIXExtendedNetworkAddress_Equal
- * nssPKIXExtendedNetworkAddress_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtendedNetworkAddress_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtendedNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtendedNetworkAddressChoice choice,
- void *address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_CreateFromE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_CreateFromE1634Address
-(
- NSSArena *arenaOpt,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_CreateFromPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_CreateFromPresentationAddress
-(
- NSSArena *arenaOpt,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_Destroy
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtendedNetworkAddress_Encode
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * A valid element of the NSSPKIXExtendedNetworkAddressChoice upon
- * success
- * The value nssPKIXExtendedNetworkAddress_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddressChoice
-nssPKIXExtendedNetworkAddress_GetChoice
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXExtendedNetworkAddress_GetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1643Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1643Address *
-nssPKIXExtendedNetworkAddress_GetE1634Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPresentationAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPresentationAddress *
-nssPKIXExtendedNetworkAddress_GetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- void *address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetE163Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetE163Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtendedNetworkAddress_Equal
-(
- NSSPKIXExtendedNetworkAddress *ena1,
- NSSPKIXExtendedNetworkAddress *ena2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Duplicate
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtendedNetworkAddress_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtendedNetworkAddress
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_verifyPointer
-(
- NSSPKIXExtendedNetworkAddress *p
-);
-#endif /* DEBUG */
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- * The private calls for the type:
- *
- * nssPKIXe1634Address_Decode
- * nssPKIXe1634Address_Create
- * nssPKIXe1634Address_Destroy
- * nssPKIXe1634Address_Encode
- * nssPKIXe1634Address_GetNumber
- * nssPKIXe1634Address_SetNumber
- * nssPKIXe1634Address_HasSubAddress
- * nssPKIXe1634Address_GetSubAddress
- * nssPKIXe1634Address_SetSubAddress
- * nssPKIXe1634Address_RemoveSubAddress
- * nssPKIXe1634Address_Equal
- * nssPKIXe1634Address_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXe1634Address_verifyPointer
- *
- */
-
-/*
- * nssPKIXe1634Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXe1634Address_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *number,
- NSSUTF8 *subAddressOpt
-);
-
-/*
- * nssPKIXe1634Address_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_Destroy
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * nssPKIXe1634Address_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXe1634Address_Encode
-(
- NSSPKIXe1634Address *e,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_GetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXe1634Address_GetNumber
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_SetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_SetNumber
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *number
-);
-
-/*
- * nssPKIXe1634Address_HasSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXe1634Address_HasSubAddress
-(
- NSSPKIXe1634Address *e,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXe1634Address_GetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXe1634Address_GetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_SetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_SetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *subAddress
-);
-
-/*
- * nssPKIXe1634Address_RemoveSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_RemoveSubAddress
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * nssPKIXe1634Address_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXe1634Address_Equal
-(
- NSSPKIXe1634Address *e1,
- NSSPKIXe1634Address *e2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXe1634Address_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Duplicate
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXe1634Address_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXe1634Address
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_verifyPointer
-(
- NSSPKIXe1634Address *p
-);
-#endif /* DEBUG */
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- * The private calls for the type:
- *
- * nssPKIXPresentationAddress_Decode
- * nssPKIXPresentationAddress_Create
- * nssPKIXPresentationAddress_Destroy
- * nssPKIXPresentationAddress_Encode
- * nssPKIXPresentationAddress_HasPSelector
- * nssPKIXPresentationAddress_GetPSelector
- * nssPKIXPresentationAddress_SetPSelector
- * nssPKIXPresentationAddress_RemovePSelector
- * nssPKIXPresentationAddress_HasSSelector
- * nssPKIXPresentationAddress_GetSSelector
- * nssPKIXPresentationAddress_SetSSelector
- * nssPKIXPresentationAddress_RemoveSSelector
- * nssPKIXPresentationAddress_HasTSelector
- * nssPKIXPresentationAddress_GetTSelector
- * nssPKIXPresentationAddress_SetTSelector
- * nssPKIXPresentationAddress_RemoveTSelector
- * nssPKIXPresentationAddress_HasNAddresses
- * nssPKIXPresentationAddress_GetNAddresses
- * nssPKIXPresentationAddress_SetNAddresses
- * nssPKIXPresentationAddress_RemoveNAddresses
- *{NAddresses must be more complex than that}
- * nssPKIXPresentationAddress_Compare
- * nssPKIXPresentationAddress_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * _verifyPointer
- *
- */
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- * The private calls for the type:
- *
- * nssPKIXTeletexDomainDefinedAttributes_Decode
- * nssPKIXTeletexDomainDefinedAttributes_Create
- * nssPKIXTeletexDomainDefinedAttributes_Destroy
- * nssPKIXTeletexDomainDefinedAttributes_Encode
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_Equal
- * nssPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexDomainDefinedAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- ...
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexDomainDefinedAttributes_Encode
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute **
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda[],
- PRInt32 count
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexDomainDefinedAttributes_Equal
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas1,
- NSSPKIXTeletexDomainDefinedAttributes *tddas2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexDomainDefinedAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_verifyPointer
-(
- NSSPKIXTeletexDomainDefinedAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- * The private calls for the type:
- *
- * nssPKIXTeletexDomainDefinedAttribute_Decode
- * nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- * nssPKIXTeletexDomainDefinedAttribute_Create
- * nssPKIXTeletexDomainDefinedAttribute_Destroy
- * nssPKIXTeletexDomainDefinedAttribute_Encode
- * nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- * nssPKIXTeletexDomainDefinedAttribute_GetType
- * nssPKIXTeletexDomainDefinedAttribute_SetType
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- * nssPKIXTeletexDomainDefinedAttribute_Equal
- * nssPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexDomainDefinedAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexDomainDefinedAttribute_Encode
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_SetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *type
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_SetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexDomainDefinedAttribute_Equal
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- NSSPKIXTeletexDomainDefinedAttribute *tdda2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexDomainDefinedAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_verifyPointer
-(
- NSSPKIXTeletexDomainDefinedAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- * The private calls for the type:
- *
- * nssPKIXAuthorityKeyIdentifier_Decode
- * nssPKIXAuthorityKeyIdentifier_Create
- * nssPKIXAuthorityKeyIdentifier_Destroy
- * nssPKIXAuthorityKeyIdentifier_Encode
- * nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- * nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- * nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- * nssPKIXAuthorityKeyIdentifier_Equal
- * nssPKIXAuthorityKeyIdentifier_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAuthorityKeyIdentifier_verifyPointer
- *
- */
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyIdentifier *keyIdentifierOpt,
- NSSPKIXGeneralNames *authorityCertIssuerOpt,
- NSSPKIXCertificateSerialNumber *authorityCertSerialNumberOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_Destroy
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAuthorityKeyIdentifier_Encode
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *keyIdentifier
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has them
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXCertificateSerialNumber *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXGeneralNames *issuer,
- NSSPKIXCertificateSerialNumber *serialNumber
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_Equal
-(
- NSSPKIXAuthorityKeyIdentifier *aki1,
- NSSPKIXAuthorityKeyIdentifier *aki2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Duplicate
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAuthorityKeyIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAuthorityKeyIdentifier
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_verifyPointer
-(
- NSSPKIXAuthorityKeyIdentifier *p
-);
-#endif /* DEBUG */
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- * The private calls for the type:
- *
- * nssPKIXKeyUsage_Decode
- * nssPKIXKeyUsage_CreateFromUTF8
- * nssPKIXKeyUsage_CreateFromValue
- * nssPKIXKeyUsage_Destroy
- * nssPKIXKeyUsage_Encode
- * nssPKIXKeyUsage_GetUTF8Encoding
- * nssPKIXKeyUsage_GetValue
- * nssPKIXKeyUsage_SetValue
- * { bitwise accessors? }
- * nssPKIXKeyUsage_Equal
- * nssPKIXKeyUsage_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXKeyUsage_verifyPointer
- *
- */
-
-/*
- * nssPKIXKeyUsage_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXKeyUsage_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXKeyUsage_CreateFromValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_CreateFromValue
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * nssPKIXKeyUsage_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_Destroy
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * nssPKIXKeyUsage_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXKeyUsage_Encode
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXKeyUsage_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXKeyUsage_GetUTF8Encoding
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXKeyUsage_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * A set of NSSKeyUsageValue values OR-d together upon success
- * NSSKeyUsage_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSKeyUsageValue
-nssPKIXKeyUsage_GetValue
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * nssPKIXKeyUsage_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_SetValue
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * nssPKIXKeyUsage_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXKeyUsage_Equal
-(
- NSSPKIXKeyUsage *keyUsage1,
- NSSPKIXKeyUsage *keyUsage2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXKeyUsage_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_Duplicate
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXKeyUsage_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXKeyUsage
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_verifyPointer
-(
- NSSPKIXKeyUsage *p
-);
-#endif /* DEBUG */
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- * The private calls for the type:
- *
- * nssPKIXPrivateKeyUsagePeriod_Decode
- * nssPKIXPrivateKeyUsagePeriod_Create
- * nssPKIXPrivateKeyUsagePeriod_Destroy
- * nssPKIXPrivateKeyUsagePeriod_Encode
- * nssPKIXPrivateKeyUsagePeriod_HasNotBefore
- * nssPKIXPrivateKeyUsagePeriod_GetNotBefore
- * nssPKIXPrivateKeyUsagePeriod_SetNotBefore
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- * nssPKIXPrivateKeyUsagePeriod_HasNotAfter
- * nssPKIXPrivateKeyUsagePeriod_GetNotAfter
- * nssPKIXPrivateKeyUsagePeriod_SetNotAfter
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- * nssPKIXPrivateKeyUsagePeriod_Equal
- * nssPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPrivateKeyUsagePeriod_verifyPointer
- *
- */
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Create
-(
- NSSArena *arenaOpt,
- NSSTime *notBeforeOpt,
- NSSTime *notAfterOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_Destroy
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPrivateKeyUsagePeriod_Encode
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_HasNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_HasNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-nssPKIXPrivateKeyUsagePeriod_GetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_SetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_SetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notBefore
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_HasNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_HasNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-nssPKIXPrivateKeyUsagePeriod_GetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_SetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notAfter
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_Equal
-(
- NSSPKIXPrivateKeyUsagePeriod *period1,
- NSSPKIXPrivateKeyUsagePeriod *period2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Duplicate
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPrivateKeyUsagePeriod_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPrivateKeyUsagePeriod
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_verifyPointer
-(
- NSSPKIXPrivateKeyUsagePeriod *p
-);
-#endif /* DEBUG */
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * The private calls for the type:
- *
- * nssPKIXCertificatePolicies_Decode
- * nssPKIXCertificatePolicies_Create
- * nssPKIXCertificatePolicies_Destroy
- * nssPKIXCertificatePolicies_Encode
- * nssPKIXCertificatePolicies_GetPolicyInformationCount
- * nssPKIXCertificatePolicies_GetPolicyInformations
- * nssPKIXCertificatePolicies_SetPolicyInformations
- * nssPKIXCertificatePolicies_GetPolicyInformation
- * nssPKIXCertificatePolicies_SetPolicyInformation
- * nssPKIXCertificatePolicies_InsertPolicyInformation
- * nssPKIXCertificatePolicies_AppendPolicyInformation
- * nssPKIXCertificatePolicies_RemovePolicyInformation
- * nssPKIXCertificatePolicies_FindPolicyInformation
- * nssPKIXCertificatePolicies_Equal
- * nssPKIXCertificatePolicies_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCertificatePolicies_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificatePolicies_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCertificatePolicies_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyInformation *pi1,
- ...
-);
-
-/*
- * nssPKIXCertificatePolicies_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_Destroy
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * nssPKIXCertificatePolicies_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificatePolicies_Encode
-(
- NSSPKIXCertificatePolicies *cp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformationCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCertificatePolicies_GetPolicyInformationCount
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformations
- *
- * We regret the function name.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyInformation pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation **
-nssPKIXCertificatePolicies_GetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_SetPolicyInformations
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_SetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi[],
- PRInt32 count
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXCertificatePolicies_GetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_SetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_SetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_InsertPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_InsertPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_AppendPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_AppendPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_RemovePolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_RemovePolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i
-);
-
-/*
- * nssPKIXCertificatePolicies_FindPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCertificatePolicies_FindPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificatePolicies_Equal
-(
- NSSPKIXCertificatePolicies *cp1,
- NSSPKIXCertificatePolicies *cp2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Duplicate
-(
- NSSPKIXCertificatePolicies *cp,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificatePolicies_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificatePolicies
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_verifyPointer
-(
- NSSPKIXCertificatePolicies *p
-);
-#endif /* DEBUG */
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- * The private calls for the type:
- *
- * nssPKIXPolicyInformation_Decode
- * nssPKIXPolicyInformation_Create
- * nssPKIXPolicyInformation_Destroy
- * nssPKIXPolicyInformation_Encode
- * nssPKIXPolicyInformation_GetPolicyIdentifier
- * nssPKIXPolicyInformation_SetPolicyIdentifier
- * nssPKIXPolicyInformation_GetPolicyQualifierCount
- * nssPKIXPolicyInformation_GetPolicyQualifiers
- * nssPKIXPolicyInformation_SetPolicyQualifiers
- * nssPKIXPolicyInformation_GetPolicyQualifier
- * nssPKIXPolicyInformation_SetPolicyQualifier
- * nssPKIXPolicyInformation_InsertPolicyQualifier
- * nssPKIXPolicyInformation_AppendPolicyQualifier
- * nssPKIXPolicyInformation_RemovePolicyQualifier
- * nssPKIXPolicyInformation_Equal
- * nssPKIXPolicyInformation_Duplicate
- * { and accessors by specific policy qualifier ID }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyInformation_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyInformation_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyInformation_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *id,
- NSSPKIXPolicyQualifierInfo *pqi1,
- ...
-);
-
-/*
- * nssPKIXPolicyInformation_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_Destroy
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyInformation_Encode
-(
- NSSPKIXPolicyInformation *pi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid OID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyInformation_GetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXCertPolicyIdentifier *cpi
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifierCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyInformation_GetPolicyQualifierCount
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyQualifierInfo pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo **
-nssPKIXPolicyInformation_GetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *pqi[],
- PRInt32 count
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyInformation_GetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_InsertPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_InsertPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_AppendPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_AppendPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_RemovePolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_RemovePolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i
-);
-
-/*
- * nssPKIXPolicyInformation_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyInformation_Equal
-(
- NSSPKIXPolicyInformation *pi1,
- NSSPKIXPolicyInformation *pi2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyInformation_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Duplicate
-(
- NSSPKIXPolicyInformation *pi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific policy qualifier ID }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyInformation_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyInformation
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_verifyPointer
-(
- NSSPKIXPolicyInformation *p
-);
-#endif /* DEBUG */
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- * The private calls for the type:
- *
- * nssPKIXPolicyQualifierInfo_Decode
- * nssPKIXPolicyQualifierInfo_Create
- * nssPKIXPolicyQualifierInfo_Destroy
- * nssPKIXPolicyQualifierInfo_Encode
- * nssPKIXPolicyQualifierInfo_GetPolicyQualifierID
- * nssPKIXPolicyQualifierInfo_SetPolicyQualifierID
- * nssPKIXPolicyQualifierInfo_GetQualifier
- * nssPKIXPolicyQualifierInfo_SetQualifier
- * nssPKIXPolicyQualifierInfo_Equal
- * nssPKIXPolicyQualifierInfo_Duplicate
- * { and accessors by specific qualifier id/type }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyQualifierInfo_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyQualifierInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyQualifierId *policyQualifierId,
- NSSItem *qualifier
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_Destroy
-(
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyQualifierInfo_Encode
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_GetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierId (an NSSOID) upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierId *
-nssPKIXPolicyQualifierInfo_GetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_SetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_SetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSPKIXPolicyQualifierId *pqid
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_GetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXPolicyQualifierInfo_GetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_SetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_SetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *qualifier
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyQualifierInfo_Equal
-(
- NSSPKIXPolicyQualifierInfo *pqi1,
- NSSPKIXPolicyQualifierInfo *pqi2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Duplicate
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific qualifier id/type }
- *
- */
-#ifdef DEBUG
-/*
- * nssPKIXPolicyQualifierInfo_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyQualifierInfo
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_verifyPointer
-(
- NSSPKIXPolicyQualifierInfo *p
-);
-#endif /* DEBUG */
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CPSuri ::= IA5String
- *
- * The private calls for this type:
- *
- * nssPKIXCPSuri_Decode
- * nssPKIXCPSuri_CreateFromUTF8
- * nssPKIXCPSuri_Encode
- *
- */
-
-/*
- * nssPKIXCPSuri_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-nssPKIXCPSuri_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCPSuri_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-nssPKIXCPSuri_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCPSuri_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CPS_URI
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCPSuri_Encode
-(
- NSSPKIXCPSuri *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- * The private calls for this type:
- *
- * nssPKIXUserNotice_Decode
- * nssPKIXUserNotice_Create
- * nssPKIXUserNotice_Destroy
- * nssPKIXUserNotice_Encode
- * nssPKIXUserNotice_HasNoticeRef
- * nssPKIXUserNotice_GetNoticeRef
- * nssPKIXUserNotice_SetNoticeRef
- * nssPKIXUserNotice_RemoveNoticeRef
- * nssPKIXUserNotice_HasExplicitText
- * nssPKIXUserNotice_GetExplicitText
- * nssPKIXUserNotice_SetExplicitText
- * nssPKIXUserNotice_RemoveExplicitText
- * nssPKIXUserNotice_Equal
- * nssPKIXUserNotice_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXUserNotice_verifyPointer
- *
- */
-
-
-/*
- * nssPKIXUserNotice_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXUserNotice_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNoticeReference *noticeRef,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * nssPKIXUserNotice_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_Destroy
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXUserNotice_Encode
-(
- NSSPKIXUserNotice *userNotice,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_HasNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_HasNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_GetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXUserNotice_GetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_SetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_SetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXNoticeReference *noticeRef
-);
-
-/*
- * nssPKIXUserNotice_RemoveNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_RemoveNoticeRef
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_HasExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has some
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_HasExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_GetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXUserNotice_GetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_SetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_SetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * nssPKIXUserNotice_RemoveExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_RemoveExplicitText
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_Equal
-(
- NSSPKIXUserNotice *userNotice1,
- NSSPKIXUserNotice *userNotice2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Duplicate
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXUserNotice_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXUserNotice
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_verifyPointer
-(
- NSSPKIXUserNotice *p
-);
-#endif /* DEBUG */
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- * The private calls for this type:
- *
- * nssPKIXNoticeReference_Decode
- * nssPKIXNoticeReference_Create
- * nssPKIXNoticeReference_Destroy
- * nssPKIXNoticeReference_Encode
- * nssPKIXNoticeReference_GetOrganization
- * nssPKIXNoticeReference_SetOrganization
- * nssPKIXNoticeReference_GetNoticeNumberCount
- * nssPKIXNoticeReference_GetNoticeNumbers
- * nssPKIXNoticeReference_SetNoticeNumbers
- * nssPKIXNoticeReference_GetNoticeNumber
- * nssPKIXNoticeReference_SetNoticeNumber
- * nssPKIXNoticeReference_InsertNoticeNumber
- * nssPKIXNoticeReference_AppendNoticeNumber
- * nssPKIXNoticeReference_RemoveNoticeNumber
- * { maybe number-exists-p gettor? }
- * nssPKIXNoticeReference_Equal
- * nssPKIXNoticeReference_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXNoticeReference_verifyPointer
- *
- */
-
-/*
- * nssPKIXNoticeReference_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNoticeReference_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDisplayText *organization,
- PRUint32 noticeCount,
- PRInt32 noticeNumber1,
- ...
-);
-
-/*
- * { fgmr -- or should the call that takes PRInt32 be _CreateFromValues,
- * and the _Create call take NSSBER integers? }
- */
-
-/*
- * nssPKIXNoticeReference_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_Destroy
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * nssPKIXNoticeReference_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNoticeReference_Encode
-(
- NSSPKIXNoticeReference *nr,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_GetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXNoticeReference_GetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_SetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSPKIXDisplayText *organization
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumberCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXNoticeReference_GetNoticeNumberCount
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of PRInt32 values upon success
- * NULL upon failure
- */
-
-NSS_EXTERN PRInt32 *
-nssPKIXNoticeReference_GetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_SetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumbers[],
- PRInt32 count
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumber
- *
- * -- fgmr comments --
- * Because there is no natural "invalid" notice number value, we must
- * pass the number by reference, and return an explicit status value.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_GetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 *noticeNumberP
-);
-
-/*
- * nssPKIXNoticeReference_SetNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_InsertNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_InsertNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_AppendNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_AppendNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_RemoveNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_RemoveNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i
-);
-
-/*
- * { maybe number-exists-p gettor? }
- */
-
-/*
- * nssPKIXNoticeReference_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXNoticeReference_Equal
-(
- NSSPKIXNoticeReference *nr1,
- NSSPKIXNoticeReference *nr2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNoticeReference_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Duplicate
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXNoticeReference_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXNoticeReference
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_verifyPointer
-(
- NSSPKIXNoticeReference *p
-);
-#endif /* DEBUG */
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DisplayText ::= CHOICE {
- * visibleString VisibleString (SIZE (1..200)),
- * bmpString BMPString (SIZE (1..200)),
- * utf8String UTF8String (SIZE (1..200)) }
- *
- * The private calls for this type:
- *
- * nssPKIXDisplayText_Decode
- * nssPKIXDisplayText_CreateFromUTF8
- * nssPKIXDisplayText_Encode
- *
- */
-
-/*
- * nssPKIXDisplayText_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXDisplayText_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDisplayText_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXDisplayText_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXDisplayText_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDisplayText_Encode
-(
- NSSPKIXDisplayText *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The private calls for this type:
- *
- * nssPKIXPolicyMappings_Decode
- * nssPKIXPolicyMappings_Create
- * nssPKIXPolicyMappings_Destroy
- * nssPKIXPolicyMappings_Encode
- * nssPKIXPolicyMappings_GetPolicyMappingCount
- * nssPKIXPolicyMappings_GetPolicyMappings
- * nssPKIXPolicyMappings_SetPolicyMappings
- * nssPKIXPolicyMappings_GetPolicyMapping
- * nssPKIXPolicyMappings_SetPolicyMapping
- * nssPKIXPolicyMappings_InsertPolicyMapping
- * nssPKIXPolicyMappings_AppendPolicyMapping
- * nssPKIXPolicyMappings_RemovePolicyMapping
- * nssPKIXPolicyMappings_FindPolicyMapping
- * nssPKIXPolicyMappings_Equal
- * nssPKIXPolicyMappings_Duplicate
- * nssPKIXPolicyMappings_IssuerDomainPolicyExists
- * nssPKIXPolicyMappings_SubjectDomainPolicyExists
- * nssPKIXPolicyMappings_FindIssuerDomainPolicy
- * nssPKIXPolicyMappings_FindSubjectDomainPolicy
- * nssPKIXPolicyMappings_MapIssuerToSubject
- * nssPKIXPolicyMappings_MapSubjectToIssuer
- * { find's and map's: what if there's more than one? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyMappings_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyMappings_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyMappings_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSPKIXpolicyMapping *policyMapping1,
- ...
-);
-
-/*
- * nssPKIXPolicyMappings_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_Destroy
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * nssPKIXPolicyMappings_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyMappings_Encode
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMappingCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_GetPolicyMappingCount
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXpolicyMapping pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping **
-nssPKIXPolicyMappings_GetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_SetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping[]
- PRInt32 count
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXPolicyMappings_GetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_SetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_InsertPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_InsertPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_AppendPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_AppendPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_RemovePolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_RemovePolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i
-);
-
-/*
- * nssPKIXPolicyMappings_FindPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_Equal
-(
- NSSPKIXPolicyMappings *policyMappings1,
- NSSPKIXpolicyMappings *policyMappings2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Duplicate
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyMappings_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyMappings
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_verifyPointer
-(
- NSSPKIXPolicyMappings *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXPolicyMappings_IssuerDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_IssuerDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SubjectDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_SubjectDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *subjectDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_FindIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindIssuerDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_FindSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindSubjectDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_MapIssuerToSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyMappings_MapIssuerToSubject
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_MapSubjectToIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyMappings_MapSubjectToIssuer
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The private calls for this type:
- *
- * nssPKIXpolicyMapping_Decode
- * nssPKIXpolicyMapping_Create
- * nssPKIXpolicyMapping_Destroy
- * nssPKIXpolicyMapping_Encode
- * nssPKIXpolicyMapping_GetIssuerDomainPolicy
- * nssPKIXpolicyMapping_SetIssuerDomainPolicy
- * nssPKIXpolicyMapping_GetSubjectDomainPolicy
- * nssPKIXpolicyMapping_SetSubjectDomainPolicy
- * nssPKIXpolicyMapping_Equal
- * nssPKIXpolicyMapping_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXpolicyMapping_verifyPointer
- *
- */
-
-/*
- * nssPKIXpolicyMapping_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXpolicyMapping_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_Destroy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXpolicyMapping_Encode
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXpolicyMapping_GetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXpolicyMapping_GetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_SetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_SetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_GetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXpolicyMapping_GetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_SetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_SetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXpolicyMapping_Equal
-(
- NSSPKIXpolicyMapping *policyMapping1,
- NSSPKIXpolicyMapping *policyMapping2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXpolicyMapping_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Duplicate
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXpolicyMapping_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXpolicyMapping
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_verifyPointer
-(
- NSSPKIXpolicyMapping *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralName_Decode
- * nssPKIXGeneralName_CreateFromUTF8
- * nssPKIXGeneralName_Create
- * nssPKIXGeneralName_CreateFromOtherName
- * nssPKIXGeneralName_CreateFromRfc822Name
- * nssPKIXGeneralName_CreateFromDNSName
- * nssPKIXGeneralName_CreateFromX400Address
- * nssPKIXGeneralName_CreateFromDirectoryName
- * nssPKIXGeneralName_CreateFromEDIPartyName
- * nssPKIXGeneralName_CreateFromUniformResourceIdentifier
- * nssPKIXGeneralName_CreateFromIPAddress
- * nssPKIXGeneralName_CreateFromRegisteredID
- * nssPKIXGeneralName_Destroy
- * nssPKIXGeneralName_Encode
- * nssPKIXGeneralName_GetUTF8Encoding
- * nssPKIXGeneralName_GetChoice
- * nssPKIXGeneralName_GetOtherName
- * nssPKIXGeneralName_GetRfc822Name
- * nssPKIXGeneralName_GetDNSName
- * nssPKIXGeneralName_GetX400Address
- * nssPKIXGeneralName_GetDirectoryName
- * nssPKIXGeneralName_GetEDIPartyName
- * nssPKIXGeneralName_GetUniformResourceIdentifier
- * nssPKIXGeneralName_GetIPAddress
- * nssPKIXGeneralName_GetRegisteredID
- * nssPKIXGeneralName_GetSpecifiedChoice
- * nssPKIXGeneralName_Equal
- * nssPKIXGeneralName_Duplicate
- * (in pki1 I had specific attribute value gettors here too)
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralName_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXGeneralName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNameChoice choice,
- void *content
-);
-
-/*
- * nssPKIXGeneralName_CreateFromOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromOtherName
-(
- NSSArena *arenaOpt,
- NSSPKIXAnotherName *otherName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromRfc822Name
-(
- NSSArena *arenaOpt,
- NSSUTF8 *rfc822Name
-);
-
-/*
- * nssPKIXGeneralName_CreateFromDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromDNSName
-(
- NSSArena *arenaOpt,
- NSSUTF8 *dNSName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromX400Address
-(
- NSSArena *arenaOpt,
- NSSPKIXORAddress *x400Address
-);
-
-/*
- * nssPKIXGeneralName_CreateFromDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromDirectoryName
-(
- NSSArena *arenaOpt,
- NSSPKIXName *directoryName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromEDIPartyName
-(
- NSSArena *arenaOpt,
- NSSPKIXEDIPartyName *ediPartyname
-);
-
-/*
- * nssPKIXGeneralName_CreateFromUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromUniformResourceIdentifier
-(
- NSSArena *arenaOpt,
- NSSUTF8 *uniformResourceIdentifier
-);
-
-/*
- * nssPKIXGeneralName_CreateFromIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromIPAddress
-(
- NSSArena *arenaOpt,
- NSSItem *iPAddress
-);
-
-/*
- * nssPKIXGeneralName_CreateFromRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromRegisteredID
-(
- NSSArena *arenaOpt,
- NSSOID *registeredID
-);
-
-/*
- * nssPKIXGeneralName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralName_Destroy
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralName_Encode
-(
- NSSPKIXGeneralName *generalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetUTF8Encoding
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid NSSPKIXGeneralNameChoice value upon success
- * NSSPKIXGeneralNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNameChoice
-nssPKIXGeneralName_GetChoice
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_GetOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXGeneralName_GetOtherName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetRfc822Name
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetDNSName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXGeneralName_GetX400Address
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXGeneralName_GetDirectoryName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXGeneralName_GetEDIPartyName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetUniformResourceIdentifier
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXGeneralName_GetIPAddress
-(
- NSSPKIXGeneralName *generalName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXGeneralName_GetRegisteredID
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXGeneralName_GetSpecifiedChoice
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralName_Equal
-(
- NSSPKIXGeneralName *generalName1,
- NSSPKIXGeneralName *generalName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Duplicate
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralName_verifyPointer
-(
- NSSPKIXGeneralName *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralNames_Decode
- * nssPKIXGeneralNames_Create
- * nssPKIXGeneralNames_Destroy
- * nssPKIXGeneralNames_Encode
- * nssPKIXGeneralNames_GetGeneralNameCount
- * nssPKIXGeneralNames_GetGeneralNames
- * nssPKIXGeneralNames_SetGeneralNames
- * nssPKIXGeneralNames_GetGeneralName
- * nssPKIXGeneralNames_SetGeneralName
- * nssPKIXGeneralNames_InsertGeneralName
- * nssPKIXGeneralNames_AppendGeneralName
- * nssPKIXGeneralNames_RemoveGeneralName
- * nssPKIXGeneralNames_FindGeneralName
- * nssPKIXGeneralNames_Equal
- * nssPKIXGeneralNames_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralName *generalName1,
- ...
-);
-
-/*
- * nssPKIXGeneralNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_Destroy
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * nssPKIXGeneralNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralNames_Encode
-(
- NSSPKIXGeneralNames *generalNames,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralNames_GetGeneralNameCount
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralName pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName **
-nssPKIXGeneralNames_GetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_SetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_SetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName[],
- PRInt32 count
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralNames_GetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_SetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_SetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_InsertGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_InsertGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_AppendGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_AppendGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_RemoveGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_RemoveGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i
-);
-
-/*
- * nssPKIXGeneralNames_FindGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralNames_FindGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralNames_Equal
-(
- NSSPKIXGeneralNames *generalNames1,
- NSSPKIXGeneralNames *generalNames2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Duplicate
-(
- NSSPKIXGeneralNames *generalNames,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralNames
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_verifyPointer
-(
- NSSPKIXGeneralNames *p
-);
-#endif /* DEBUG */
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * The private calls for this type:
- *
- * nssPKIXAnotherName_Decode
- * nssPKIXAnotherName_Create
- * nssPKIXAnotherName_Destroy
- * nssPKIXAnotherName_Encode
- * nssPKIXAnotherName_GetTypeId
- * nssPKIXAnotherName_SetTypeId
- * nssPKIXAnotherName_GetValue
- * nssPKIXAnotherName_SetValue
- * nssPKIXAnotherName_Equal
- * nssPKIXAnotherName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAnotherName_verifyPointer
- *
- */
-
-/*
- * nssPKIXAnotherName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAnotherName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Create
-(
- NSSArena *arenaOpt,
- NSSOID *typeId,
- NSSItem *value
-);
-
-/*
- * nssPKIXAnotherName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_Destroy
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * nssPKIXAnotherName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAnotherName_Encode
-(
- NSSPKIXAnotherName *anotherName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAnotherName_GetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAnotherName_GetTypeId
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * nssPKIXAnotherName_SetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_SetTypeId
-(
- NSSPKIXAnotherName *anotherName,
- NSSOID *typeId
-);
-
-/*
- * nssPKIXAnotherName_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXAnotherName_GetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAnotherName_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_SetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *value
-);
-
-/*
- * nssPKIXAnotherName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAnotherName_Equal
-(
- NSSPKIXAnotherName *anotherName1,
- NSSPKIXAnotherName *anotherName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAnotherName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Duplicate
-(
- NSSPKIXAnotherName *anotherName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAnotherName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAnotherName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_verifyPointer
-(
- NSSPKIXAnotherName *p
-);
-#endif /* DEBUG */
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- * The private calls for this type:
- *
- * nssPKIXEDIPartyName_Decode
- * nssPKIXEDIPartyName_Create
- * nssPKIXEDIPartyName_Destroy
- * nssPKIXEDIPartyName_Encode
- * nssPKIXEDIPartyName_HasNameAssigner
- * nssPKIXEDIPartyName_GetNameAssigner
- * nssPKIXEDIPartyName_SetNameAssigner
- * nssPKIXEDIPartyName_RemoveNameAssigner
- * nssPKIXEDIPartyName_GetPartyName
- * nssPKIXEDIPartyName_SetPartyName
- * nssPKIXEDIPartyName_Equal
- * nssPKIXEDIPartyName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXEDIPartyName_verifyPointer
- *
- */
-
-/*
- * nssPKIXEDIPartyName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXEDIPartyName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *nameAssignerOpt,
- NSSUTF8 *partyName
-);
-
-/*
- * nssPKIXEDIPartyName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_Destroy
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXEDIPartyName_Encode
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_HasNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXEDIPartyName_HasNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_GetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXEDIPartyName_GetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_SetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_SetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *nameAssigner
-);
-
-/*
- * nssPKIXEDIPartyName_RemoveNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_RemoveNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_GetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXEDIPartyName_GetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_SetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_SetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *partyName
-);
-
-/*
- * nssPKIXEDIPartyName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXEDIPartyName_Equal
-(
- NSSPKIXEDIPartyName *ediPartyName1,
- NSSPKIXEDIPartyName *ediPartyName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXEDIPartyName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Duplicate
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXEDIPartyName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXEDIPartyName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_verifyPointer
-(
- NSSPKIXEDIPartyName *p
-);
-#endif /* DEBUG */
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- * The private calls for this type:
- *
- * nssPKIXSubjectDirectoryAttributes_Decode
- * nssPKIXSubjectDirectoryAttributes_Create
- * nssPKIXSubjectDirectoryAttributes_Destroy
- * nssPKIXSubjectDirectoryAttributes_Encode
- * nssPKIXSubjectDirectoryAttributes_GetAttributeCount
- * nssPKIXSubjectDirectoryAttributes_GetAttributes
- * nssPKIXSubjectDirectoryAttributes_SetAttributes
- * nssPKIXSubjectDirectoryAttributes_GetAttribute
- * nssPKIXSubjectDirectoryAttributes_SetAttribute
- * nssPKIXSubjectDirectoryAttributes_InsertAttribute
- * nssPKIXSubjectDirectoryAttributes_AppendAttribute
- * nssPKIXSubjectDirectoryAttributes_RemoveAttribute
- * nssPKIXSubjectDirectoryAttributes_FindAttribute
- * nssPKIXSubjectDirectoryAttributes_Equal
- * nssPKIXSubjectDirectoryAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXSubjectDirectoryAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttribute *attribute1,
- ...
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_Destroy
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXSubjectDirectoryAttributes_Encode
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXSubjectDirectoryAttributes_GetAttributeCount
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttribute pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttribute **
-nssPKIXSubjectDirectoryAttributes_GetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_SetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_SetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSAttribute *attributes[],
- PRInt32 count
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXSubjectDirectoryAttributes_GetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_SetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_SetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_InsertAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_InsertAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_AppendAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_AppendAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_RemoveAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_RemoveAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_FindAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ATTRIBUTE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXSubjectDirectoryAttributes_FindAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXSubjectDirectoryAttributes_Equal
-(
- NSSPKIXSubjectDirectoryAttributes *sda1,
- NSSPKIXSubjectDirectoryAttributes *sda2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Duplicate
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXSubjectDirectoryAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXSubjectDirectoryAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_verifyPointer
-(
- NSSPKIXSubjectDirectoryAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXBasicConstraints_Decode
- * nssPKIXBasicConstraints_Create
- * nssPKIXBasicConstraints_Destroy
- * nssPKIXBasicConstraints_Encode
- * nssPKIXBasicConstraints_GetCA
- * nssPKIXBasicConstraints_SetCA
- * nssPKIXBasicConstraints_HasPathLenConstraint
- * nssPKIXBasicConstraints_GetPathLenConstraint
- * nssPKIXBasicConstraints_SetPathLenConstraint
- * nssPKIXBasicConstraints_RemovePathLenConstraint
- * nssPKIXBasicConstraints_Equal
- * nssPKIXBasicConstraints_Duplicate
- * nssPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBasicConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXBasicConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBasicConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Create
-(
- NSSArena *arenaOpt,
- PRBool ca,
- PRInt32 pathLenConstraint
-);
-
-/*
- * nssPKIXBasicConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_Destroy
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBasicConstraints_Encode
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBasicConstraints_GetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the CA bit is true
- * PR_FALSE if it isn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_GetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_SetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_SetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRBool ca
-);
-
-/*
- * nssPKIXBasicConstraints_HasPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_HasPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_GetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBasicConstraints_GetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_SetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_SetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 pathLenConstraint
-);
-
-/*
- * nssPKIXBasicConstraints_RemovePathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_RemovePathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_Equal
-(
- NSSPKIXBasicConstraints *basicConstraints1,
- NSSPKIXBasicConstraints *basicConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Duplicate
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBasicConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBasicConstraints
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_verifyPointer
-(
- NSSPKIXBasicConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * 1 if the specified value is greater than the pathLenConstraint
- * 0 if the specified value equals the pathLenConstraint
- * -1 if the specified value is less than the pathLenConstraint
- * -2 upon error
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBasicConstraints_CompareToPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 value
-);
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXNameConstraints_Decode
- * nssPKIXNameConstraints_Create
- * nssPKIXNameConstraints_Destroy
- * nssPKIXNameConstraints_Encode
- * nssPKIXNameConstraints_HasPermittedSubtrees
- * nssPKIXNameConstraints_GetPermittedSubtrees
- * nssPKIXNameConstraints_SetPermittedSubtrees
- * nssPKIXNameConstraints_RemovePermittedSubtrees
- * nssPKIXNameConstraints_HasExcludedSubtrees
- * nssPKIXNameConstraints_GetExcludedSubtrees
- * nssPKIXNameConstraints_SetExcludedSubtrees
- * nssPKIXNameConstraints_RemoveExcludedSubtrees
- * nssPKIXNameConstraints_Equal
- * nssPKIXNameConstraints_Duplicate
- * { and the comparator functions }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXNameConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXNameConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNameConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtrees *permittedSubtrees,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_Destroy
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNameConstraints_Encode
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_HasPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_HasPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_GetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXNameConstraints_GetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_SetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_SetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *permittedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_RemovePermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_RemovePermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_HasExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_HasExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_GetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXNameConstraints_GetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_SetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_SetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_RemoveExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_RemoveExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_Equal
-(
- NSSPKIXNameConstraints *nameConstraints1,
- NSSPKIXNameConstraints *nameConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Duplicate
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * { and the comparator functions }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXNameConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXNameConstraints
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_verifyPointer
-(
- NSSPKIXNameConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralSubtrees_Decode
- * nssPKIXGeneralSubtrees_Create
- * nssPKIXGeneralSubtrees_Destroy
- * nssPKIXGeneralSubtrees_Encode
- * nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
- * nssPKIXGeneralSubtrees_GetGeneralSubtrees
- * nssPKIXGeneralSubtrees_SetGeneralSubtrees
- * nssPKIXGeneralSubtrees_GetGeneralSubtree
- * nssPKIXGeneralSubtrees_SetGeneralSubtree
- * nssPKIXGeneralSubtrees_InsertGeneralSubtree
- * nssPKIXGeneralSubtrees_AppendGeneralSubtree
- * nssPKIXGeneralSubtrees_RemoveGeneralSubtree
- * nssPKIXGeneralSubtrees_FindGeneralSubtree
- * nssPKIXGeneralSubtrees_Equal
- * nssPKIXGeneralSubtrees_Duplicate
- * { and finders and comparators }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralSubtrees_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralSubtrees_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralSubtrees_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtree *generalSubtree1,
- ...
-);
-
-/*
- * nssPKIXGeneralSubtrees_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_Destroy
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * nssPKIXGeneralSubtrees_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralSubtrees_Encode
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralSubtree pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree **
-nssPKIXGeneralSubtrees_GetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_SetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_SetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree[],
- PRInt32 count
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtrees_GetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_SetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_SetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_InsertGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_InsertGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_AppendGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_AppendGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_RemoveGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_RemoveGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i
-);
-
-/*
- * nssPKIXGeneralSubtrees_FindGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralSubtrees_FindGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtrees_Equal
-(
- NSSPKIXGeneralSubtrees *generalSubtrees1,
- NSSPKIXGeneralSubtrees *generalSubtrees2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Duplicate
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSArena *arenaOpt
-);
-
-/*
- * { and finders and comparators }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralSubtrees_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralSubtrees
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_verifyPointer
-(
- NSSPKIXGeneralSubtrees *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralSubtree_Decode
- * nssPKIXGeneralSubtree_Create
- * nssPKIXGeneralSubtree_Destroy
- * nssPKIXGeneralSubtree_Encode
- * nssPKIXGeneralSubtree_GetBase
- * nssPKIXGeneralSubtree_SetBase
- * nssPKIXGeneralSubtree_GetMinimum
- * nssPKIXGeneralSubtree_SetMinimum
- * nssPKIXGeneralSubtree_HasMaximum
- * nssPKIXGeneralSubtree_GetMaximum
- * nssPKIXGeneralSubtree_SetMaximum
- * nssPKIXGeneralSubtree_RemoveMaximum
- * nssPKIXGeneralSubtree_Equal
- * nssPKIXGeneralSubtree_Duplicate
- * nssPKIXGeneralSubtree_DistanceInRange
- * {other tests and comparators}
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralSubtree_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralSubtree_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralSubtree_Create
- *
- * -- fgmr comments --
- * The optional maximum value may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBaseDistance minimum,
- NSSPKIXBaseDistance maximumOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_Destroy
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralSubtree_Encode
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_GetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralSubtree_GetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_SetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXGeneralName *base
-);
-
-/*
- * nssPKIXGeneralSubtree_GetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-nssPKIXGeneralSubtree_GetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_SetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *minimum
-);
-
-/*
- * nssPKIXGeneralSubtree_HasMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_HasMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_GetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-nssPKIXGeneralSubtree_GetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_SetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *maximum
-);
-
-/*
- * nssPKIXGeneralSubtree_RemoveMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_RemoveMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_Equal
-(
- NSSPKIXGeneralSubtree *generalSubtree1,
- NSSPKIXGeneralSubtree *generalSubtree2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Duplicate
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralSubtree_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralSubtree
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_verifyPointer
-(
- NSSPKIXGeneralSubtree *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXGeneralSubtree_DistanceInRange
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_TRUE if the specified value is within the minimum and maximum
- * base distances
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_DistanceInRange
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance value,
- PRStatus *statusOpt
-);
-
-/*
- * {other tests and comparators}
- *
- */
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXPolicyConstraints_Decode
- * nssPKIXPolicyConstraints_Create
- * nssPKIXPolicyConstraints_Destroy
- * nssPKIXPolicyConstraints_Encode
- * nssPKIXPolicyConstraints_HasRequireExplicitPolicy
- * nssPKIXPolicyConstraints_GetRequireExplicitPolicy
- * nssPKIXPolicyConstraints_SetRequireExplicitPolicy
- * nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- * nssPKIXPolicyConstraints_HasInhibitPolicyMapping
- * nssPKIXPolicyConstraints_GetInhibitPolicyMapping
- * nssPKIXPolicyConstraints_SetInhibitPolicyMapping
- * nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- * nssPKIXPolicyConstraints_Equal
- * nssPKIXPolicyConstraints_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyConstraints_Create
- *
- * -- fgmr comments --
- * The optional values may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXSkipCerts requireExplicitPolicy,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * nssPKIXPolicyConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_Destroy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyConstraints_Encode
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyConstraints_HasRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_HasRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_GetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyConstraints_GetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_SetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_SetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts requireExplicitPolicy
-);
-
-/*
- * nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_HasInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_HasInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_GetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyConstraints_GetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_SetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_SetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_Equal
-(
- NSSPKIXPolicyConstraints *policyConstraints1,
- NSSPKIXPolicyConstraints *policyConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Duplicate
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyConstraints
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_verifyPointer
-(
- NSSPKIXPolicyConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- * The private calls for this type:
- *
- * nssPKIXCRLDistPointsSyntax_Decode
- * nssPKIXCRLDistPointsSyntax_Create
- * nssPKIXCRLDistPointsSyntax_Destroy
- * nssPKIXCRLDistPointsSyntax_Encode
- * nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoints
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoints
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoint
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoint
- * nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
- * nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
- * nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- * nssPKIXCRLDistPointsSyntax_FindDistributionPoint
- * nssPKIXCRLDistPointsSyntax_Equal
- * nssPKIXCRLDistPointsSyntax_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCRLDistPointsSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXCRLDistPointsSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPoint *distributionPoint1,
- ...
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_Destroy
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCRLDistPointsSyntax_Encode
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXDistributionPoint pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoints **
-nssPKIXCRLDistPointsSyntax_GetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_SetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *distributionPoint[]
- PRInt32 count
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXCRLDistPointsSyntax_GetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_SetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_FindDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCRLDistPointsSyntax_FindDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCRLDistPointsSyntax_Equal
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax1,
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Duplicate
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCRLDistPointsSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCRLDistPointsSyntax
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_verifyPointer
-(
- NSSPKIXCRLDistPointsSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXDistributionPoint_Decode
- * nssPKIXDistributionPoint_Create
- * nssPKIXDistributionPoint_Destroy
- * nssPKIXDistributionPoint_Encode
- * nssPKIXDistributionPoint_HasDistributionPoint
- * nssPKIXDistributionPoint_GetDistributionPoint
- * nssPKIXDistributionPoint_SetDistributionPoint
- * nssPKIXDistributionPoint_RemoveDistributionPoint
- * nssPKIXDistributionPoint_HasReasons
- * nssPKIXDistributionPoint_GetReasons
- * nssPKIXDistributionPoint_SetReasons
- * nssPKIXDistributionPoint_RemoveReasons
- * nssPKIXDistributionPoint_HasCRLIssuer
- * nssPKIXDistributionPoint_GetCRLIssuer
- * nssPKIXDistributionPoint_SetCRLIssuer
- * nssPKIXDistributionPoint_RemoveCRLIssuer
- * nssPKIXDistributionPoint_Equal
- * nssPKIXDistributionPoint_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXDistributionPoint_verifyPointer
- *
- */
-
-/*
- * nssPKIXDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPoint,
- NSSPKIXReasonFlags reasons,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * nssPKIXDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_Destroy
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDistributionPoint_Encode
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPoint_GetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXDistributionPointName *name
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_HasReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetReasons
- *
- * It is unlikely that the reason flags are all zero; so zero is
- * returned in error situations.
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * A valid nonzero NSSPKIXReasonFlags value upon success
- * A valid zero NSSPKIXReasonFlags if the value is indeed zero
- * Zero upon error
- */
-
-NSS_EXTERN NSSPKIXReasonFlags
-nssPKIXDistributionPoint_GetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXReasonFlags reasons
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_HasCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXDistributionPoint_GetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_Equal
-(
- NSSPKIXDistributionPoint *distributionPoint1,
- NSSPKIXDistributionPoint *distributionPoint2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Duplicate
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXDistributionPoint_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXDistributionPoint
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_verifyPointer
-(
- NSSPKIXDistributionPoint *p
-);
-#endif /* DEBUG */
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- * The private calls for this type:
- *
- * nssPKIXDistributionPointName_Decode
- * nssPKIXDistributionPointName_Create
- * nssPKIXDistributionPointName_CreateFromFullName
- * nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- * nssPKIXDistributionPointName_Destroy
- * nssPKIXDistributionPointName_Encode
- * nssPKIXDistributionPointName_GetChoice
- * nssPKIXDistributionPointName_GetFullName
- * nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- * nssPKIXDistributionPointName_Equal
- * nssPKIXDistributionPointName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXDistributionPointName_verifyPointer
- *
- */
-
-/*
- * nssPKIXDistributionPointName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDistributionPointName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointNameChoice which,
- void *name
-);
-
-/*
- * nssPKIXDistributionPointName_CreateFromFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_CreateFromFullName
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNames *fullName
-);
-
-/*
- * nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer
-);
-
-/*
- * nssPKIXDistributionPointName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPointName_Destroy
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXDistributionPointName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDistributionPointName_Encode
-(
- NSSPKIXDistributionPointName *dpn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * A valid NSSPKIXDistributionPointNameChoice value upon success
- * NSSPKIXDistributionPointNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointNameChoice
-nssPKIXDistributionPointName_GetChoice
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXDistributionPointName_GetFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralnames *
-nssPKIXDistributionPointName_GetFullName
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPointName_Equal
-(
- NSSPKIXDistributionPointName *dpn1,
- NSSPKIXDistributionPointName *dpn2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPointName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Duplicate
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXDistributionPointName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXDistributionPointName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPointName_verifyPointer
-(
- NSSPKIXDistributionPointName *p
-);
-#endif /* DEBUG */
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- * The private calls for this type:
- *
- * nssPKIXReasonFlags_Decode
- * nssPKIXReasonFlags_Create
- * nssPKIXReasonFlags_CreateFromMask
- * nssPKIXReasonFlags_Destroy
- * nssPKIXReasonFlags_Encode
- * nssPKIXReasonFlags_GetMask
- * nssPKIXReasonFlags_SetMask
- * nssPKIXReasonFlags_Equal
- * nssPKIXReasonFlags_Duplicate
- * { bitwise accessors? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXReasonFlags_verifyPointer
- *
- */
-
-/*
- * nssPKIXReasonFlags_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXReasonFlags_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Create
-(
- NSSArena *arenaOpt,
- PRBool keyCompromise,
- PRBool cACompromise,
- PRBool affiliationChanged,
- PRBool superseded,
- PRBool cessationOfOperation,
- PRBool certificateHold
-);
-
-/*
- * nssPKIXReasonFlags_CreateFromMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_CreateFromMask
-(
- NSSArena *arenaOpt,
- NSSPKIXReasonFlagsMask why
-);
-
-/*
- * nssPKIXReasonFlags_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_Destroy
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * nssPKIXReasonFlags_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXReasonFlags_Encode
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXReasonFlags_GetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid mask of NSSPKIXReasonFlagsMask values upon success
- * NSSPKIXReasonFlagsMask_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlagsMask
-nssPKIXReasonFlags_GetMask
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * nssPKIXReasonFlags_SetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_SetMask
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSPKIXReasonFlagsMask mask
-);
-
-/*
- * nssPKIXReasonFlags_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXReasonFlags_Equal
-(
- NSSPKIXReasonFlags *reasonFlags1,
- NSSPKIXReasonFlags *reasonFlags2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXReasonFlags_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Duplicate
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSArena *arenaOpt
-);
-
-/*
- * { bitwise accessors? }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXReasonFlags_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXReasonFlags
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_verifyPointer
-(
- NSSPKIXReasonFlags *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * The private calls for this type:
- *
- * nssPKIXExtKeyUsageSyntax_Decode
- * nssPKIXExtKeyUsageSyntax_Create
- * nssPKIXExtKeyUsageSyntax_Destroy
- * nssPKIXExtKeyUsageSyntax_Encode
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_Equal
- * nssPKIXExtKeyUsageSyntax_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtKeyUsageSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtKeyUsageSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyPurposeId *kpid1,
- ...
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_Destroy
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtKeyUsageSyntax_Encode
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXKeyPurposeId pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId **
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *ids[],
- PRInt32 count
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyPurposeId upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId *
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified key purpose id upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtKeyUsageSyntax_Equal
-(
- NSSPKIXExtKeyUsageSyntax *eku1,
- NSSPKIXExtKeyUsageSyntax *eku2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Duplicate
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtKeyUsageSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtKeyUsageSyntax
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_verifyPointer
-(
- NSSPKIXExtKeyUsageSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- * The private calls for this type:
- *
- * nssPKIXAuthorityInfoAccessSyntax_Decode
- * nssPKIXAuthorityInfoAccessSyntax_Create
- * nssPKIXAuthorityInfoAccessSyntax_Destroy
- * nssPKIXAuthorityInfoAccessSyntax_Encode
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_Equal
- * nssPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAuthorityInfoAccessSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAccessDescription *ad1,
- ...
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_Destroy
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAuthorityInfoAccessSyntax_Encode
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAccessDescription pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription **
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad[],
- PRInt32 count
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityInfoAccessSyntax_Equal
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias1,
- NSSPKIXAuthorityInfoAccessSyntax *aias2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Duplicate
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAuthorityInfoAccessSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAuthorityInfoAccessSyntax
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_verifyPointer
-(
- NSSPKIXAuthorityInfoAccessSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- * The private calls for this type:
- *
- * nssPKIXAccessDescription_Decode
- * nssPKIXAccessDescription_Create
- * nssPKIXAccessDescription_Destroy
- * nssPKIXAccessDescription_Encode
- * nssPKIXAccessDescription_GetAccessMethod
- * nssPKIXAccessDescription_SetAccessMethod
- * nssPKIXAccessDescription_GetAccessLocation
- * nssPKIXAccessDescription_SetAccessLocation
- * nssPKIXAccessDescription_Equal
- * nssPKIXAccessDescription_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAccessDescription_verifyPointer
- *
- */
-
-/*
- * nssPKIXAccessDescription_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAccessDescription_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Create
-(
- NSSArena *arenaOpt,
- NSSOID *accessMethod,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * nssPKIXAccessDescription_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_Destroy
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAccessDescription_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAccessDescription_Encode
-(
- NSSPKIXAccessDescription *ad,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAccessDescription_GetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAccessDescription_GetAccessMethod
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAccessDescription_SetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_SetAccessMethod
-(
- NSSPKIXAccessDescription *ad,
- NSSOID *accessMethod
-);
-
-/*
- * nssPKIXAccessDescription_GetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXAccessDescription_GetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAccessDescription_SetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_SetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * nssPKIXAccessDescription_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAccessDescription_Equal
-(
- NSSPKIXAccessDescription *ad1,
- NSSPKIXAccessDescription *ad2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAccessDescription_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Duplicate
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAccessDescription_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAccessDescription
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_verifyPointer
-(
- NSSPKIXAccessDescription *p
-);
-#endif /* DEBUG */
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- * The private calls for this type:
- *
- * nssPKIXIssuingDistributionPoint_Decode
- * nssPKIXIssuingDistributionPoint_Create
- * nssPKIXIssuingDistributionPoint_Destroy
- * nssPKIXIssuingDistributionPoint_Encode
- * nssPKIXIssuingDistributionPoint_HasDistributionPoint
- * nssPKIXIssuingDistributionPoint_GetDistributionPoint
- * nssPKIXIssuingDistributionPoint_SetDistributionPoint
- * nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- * nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_GetIndirectCRL
- * nssPKIXIssuingDistributionPoint_SetIndirectCRL
- * nssPKIXIssuingDistributionPoint_Equal
- * nssPKIXIssuingDistributionPoint_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXIssuingDistributionPoint_verifyPointer
- *
- */
-
-/*
- * nssPKIXIssuingDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPointOpt,
- PRBool onlyContainsUserCerts,
- PRBool onlyContainsCACerts,
- NSSPKIXReasonFlags *onlySomeReasons
- PRBool indirectCRL
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_Destroy
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXIssuingDistributionPoint_Encode
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_HasDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXIssuingDistributionPoint_GetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsUserCerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsUserCerts
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsCACerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsCACerts
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXReasonFlags *onlySomeReasons
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the indirectCRL value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool indirectCRL
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_Equal
-(
- NSSPKIXIssuingDistributionPoint *idp1,
- NSSPKIXIssuingDistributionPoint *idp2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Duplicate
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXIssuingDistributionPoint_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXIssuingDistributionPoint
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_verifyPointer
-(
- NSSPKIXIssuingDistributionPoint *p
-);
-#endif /* DEBUG */
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIX_H */
diff --git a/security/nss/lib/pkix/include/pkixm.h b/security/nss/lib/pkix/include/pkixm.h
deleted file mode 100644
index c273848b5..000000000
--- a/security/nss/lib/pkix/include/pkixm.h
+++ /dev/null
@@ -1,969 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXM_H
-#define PKIXM_H
-
-#ifdef DEBUG
-static const char PKIXM_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixm.h
- *
- * This file contains the private type definitions for the
- * PKIX part-1 objects. Mostly, this file contains the actual
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef PKIXTM_H
-#include "pkixtm.h"
-#endif /* PKIXTM_H */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nss_pkix_Attribute_v_create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nss_pkix_Attribute_v_create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- va_list ap
-);
-
-#ifdef DEBUG
-
-/*
- * nss_pkix_Attribute_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttribute pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_Attribute_add_pointer
-(
- const NSSPKIXAttribute *p
-);
-
-/*
- * nss_pkix_Attribute_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAttribute
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_Attribute_remove_pointer
-(
- const NSSPKIXAttribute *p
-);
-
-#endif /* DEBUG */
-
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_AttributeTypeAndValue_add_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AttributeTypeAndValue_remove_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_X520Name_DoUTF8
- *
- */
-
-NSS_EXTERN PR_STATUS
-nss_pkix_X520Name_DoUTF8
-(
- NSSPKIXX520Name *name
-);
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_X520Name_add_pointer
-(
- const NSSPKIXX520Name *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_X520Name_remove_pointer
-(
- const NSSPKIXX520Name *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_X520CommonName_DoUTF8
- *
- */
-
-NSS_EXTERN PR_STATUS
-nss_pkix_X520CommonName_DoUTF8
-(
- NSSPKIXX520CommonName *name
-);
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_X520CommonName_add_pointer
-(
- const NSSPKIXX520CommonName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_X520CommonName_remove_pointer
-(
- const NSSPKIXX520CommonName *p
-);
-
-
-NSS_EXTERN PRStatus
-nss_pkix_Name_add_pointer
-(
- const NSSPKIXName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Name_remove_pointer
-(
- const NSSPKIXName *p
-);
-
-/*
- * nss_pkix_RDNSequence_v_create
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nss_pkix_RDNSequence_v_create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-);
-
-/*
- * nss_pkix_RDNSequence_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_Clear
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-#ifdef DEBUG
-
-#ifdef NSSDEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_register
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_deregister
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-#endif /* NSSDEBUG */
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_add_pointer
-(
- const NSSPKIXRDNSequence *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_remove_pointer
-(
- const NSSPKIXRDNSequence *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_RelativeDistinguishedName_v_create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nss_pkix_RelativeDistinguishedName_V_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-);
-
-/*
- * nss_pkix_RelativeDistinguishedName_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_Clear
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-#ifdef DEBUG
-
-#ifdef NSSDEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_register
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_deregister
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-#endif /* NSSDEBUG */
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_add_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_remove_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Certificate_add_pointer
-(
- const NSSPKIXCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Certificate_remove_pointer
-(
- const NSSPKIXCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertificate_add_pointer
-(
- const NSSPKIXTBSCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertificate_remove_pointer
-(
- const NSSPKIXTBSCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Validity_add_pointer
-(
- const NSSPKIXValidity *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Validity_remove_pointer
-(
- const NSSPKIXValidity *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectPublicKeyInfo_add_pointer
-(
- const NSSPKIXSubjectPublicKeyInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectPublicKeyInfo_remove_pointer
-(
- const NSSPKIXSubjectPublicKeyInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificateList_add_pointer
-(
- const NSSPKIXCertificateList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificateList_remove_pointer
-(
- const NSSPKIXCertificateList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertList_add_pointer
-(
- const NSSPKIXTBSCertList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertList_remove_pointer
-(
- const NSSPKIXTBSCertList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificates_add_pointer
-(
- const NSSPKIXrevokedCertificates *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificates_remove_pointer
-(
- const NSSPKIXrevokedCertificates *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificate_add_pointer
-(
- const NSSPKIXrevokedCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificate_remove_pointer
-(
- const NSSPKIXrevokedCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AlgorithmIdentifier_add_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AlgorithmIdentifier_remove_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ORAddress_add_pointer
-(
- const NSSPKIXORAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ORAddress_remove_pointer
-(
- const NSSPKIXORAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInStandardAttributes_add_pointer
-(
- const NSSPKIXBuiltInStandardAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInStandardAttributes_remove_pointer
-(
- const NSSPKIXBuiltInStandardAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PersonalName_add_pointer
-(
- const NSSPKIXPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PersonalName_remove_pointer
-(
- const NSSPKIXPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_OrganizationalUnitNames_add_pointer
-(
- const NSSPKIXOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_OrganizationalUnitNames_remove_pointer
-(
- const NSSPKIXOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttributes_add_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttributes_remove_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttribute_add_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttribute_remove_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttributes_add_pointer
-(
- const NSSPKIXExtensionAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttributes_remove_pointer
-(
- const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttribute_add_pointer
-(
- const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttribute_remove_pointer
-(
- const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexPersonalName_add_pointer
-(
- const NSSPKIXTeletexPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexPersonalName_remove_pointer
-(
- const NSSPKIXTeletexPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexOrganizationalUnitNames_add_pointer
-(
- const NSSPKIXTeletexOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexOrganizationalUnitNames_remove_pointer
-(
- const NSSPKIXTeletexOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PDSParameter_add_pointer
-(
- const NSSPKIXPDSParameter *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PDSParameter_remove_pointer
-(
- const NSSPKIXPDSParameter *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtendedNetworkAddress_add_pointer
-(
- const NSSPKIXExtendedNetworkAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtendedNetworkAddress_remove_pointer
-(
- const NSSPKIXExtendedNetworkAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_e1634Address_add_pointer
-(
- const NSSPKIXe1634Address *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_e1634Address_remove_pointer
-(
- const NSSPKIXe1634Address *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttributes_add_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttributes_remove_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttribute_add_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttribute_remove_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityKeyIdentifier_add_pointer
-(
- const NSSPKIXAuthorityKeyIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityKeyIdentifier_remove_pointer
-(
- const NSSPKIXAuthorityKeyIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_KeyUsage_add_pointer
-(
- const NSSPKIXKeyUsage *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_KeyUsage_remove_pointer
-(
- const NSSPKIXKeyUsage *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PrivateKeyUsagePeriod_add_pointer
-(
- const NSSPKIXPrivateKeyUsagePeriod *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PrivateKeyUsagePeriod_remove_pointer
-(
- const NSSPKIXPrivateKeyUsagePeriod *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificatePolicies_add_pointer
-(
- const NSSPKIXCertificatePolicies *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificatePolicies_remove_pointer
-(
- const NSSPKIXCertificatePolicies *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyInformation_add_pointer
-(
- const NSSPKIXPolicyInformation *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyInformation_remove_pointer
-(
- const NSSPKIXPolicyInformation *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyQualifierInfo_add_pointer
-(
- const NSSPKIXPolicyQualifierInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyQualifierInfo_remove_pointer
-(
- const NSSPKIXPolicyQualifierInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_UserNotice_add_pointer
-(
- const NSSPKIXUserNotice *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_UserNotice_remove_pointer
-(
- const NSSPKIXUserNotice *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NoticeReference_add_pointer
-(
- const NSSPKIXNoticeReference *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NoticeReference_remove_pointer
-(
- const NSSPKIXNoticeReference *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyMappings_add_pointer
-(
- const NSSPKIXPolicyMappings *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyMappings_remove_pointer
-(
- const NSSPKIXPolicyMappings *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_policyMapping_add_pointer
-(
- const NSSPKIXpolicyMapping *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_policyMapping_remove_pointer
-(
- const NSSPKIXpolicyMapping *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralName_add_pointer
-(
- const NSSPKIXGeneralName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralName_remove_pointer
-(
- const NSSPKIXGeneralName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralNames_add_pointer
-(
- const NSSPKIXGeneralNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralNames_remove_pointer
-(
- const NSSPKIXGeneralNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AnotherName_add_pointer
-(
- const NSSPKIXAnotherName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AnotherName_remove_pointer
-(
- const NSSPKIXAnotherName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_EDIPartyName_add_pointer
-(
- const NSSPKIXEDIPartyName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_EDIPartyName_remove_pointer
-(
- const NSSPKIXEDIPartyName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectDirectoryAttributes_add_pointer
-(
- const NSSPKIXSubjectDirectoryAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectDirectoryAttributes_remove_pointer
-(
- const NSSPKIXSubjectDirectoryAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BasicConstraints_add_pointer
-(
- const NSSPKIXBasicConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BasicConstraints_remove_pointer
-(
- const NSSPKIXBasicConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NameConstraints_add_pointer
-(
- const NSSPKIXNameConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NameConstraints_remove_pointer
-(
- const NSSPKIXNameConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtrees_add_pointer
-(
- const NSSPKIXGeneralSubtrees *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtrees_remove_pointer
-(
- const NSSPKIXGeneralSubtrees *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtree_add_pointer
-(
- const NSSPKIXGeneralSubtree *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtree_remove_pointer
-(
- const NSSPKIXGeneralSubtree *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyConstraints_add_pointer
-(
- const NSSPKIXPolicyConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyConstraints_remove_pointer
-(
- const NSSPKIXPolicyConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CRLDistPointsSyntax_add_pointer
-(
- const NSSPKIXCRLDistPointsSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CRLDistPointsSyntax_remove_pointer
-(
- const NSSPKIXCRLDistPointsSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPoint_add_pointer
-(
- const NSSPKIXDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPoint_remove_pointer
-(
- const NSSPKIXDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPointName_add_pointer
-(
- const NSSPKIXDistributionPointName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPointName_remove_pointer
-(
- const NSSPKIXDistributionPointName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ReasonFlags_add_pointer
-(
- const NSSPKIXReasonFlags *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ReasonFlags_remove_pointer
-(
- const NSSPKIXReasonFlags *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtKeyUsageSyntax_add_pointer
-(
- const NSSPKIXExtKeyUsageSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtKeyUsageSyntax_remove_pointer
-(
- const NSSPKIXExtKeyUsageSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityInfoAccessSyntax_add_pointer
-(
- const NSSPKIXAuthorityInfoAccessSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityInfoAccessSyntax_remove_pointer
-(
- const NSSPKIXAuthorityInfoAccessSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AccessDescription_add_pointer
-(
- const NSSPKIXAccessDescription *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AccessDescription_remove_pointer
-(
- const NSSPKIXAccessDescription *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_IssuingDistributionPoint_add_pointer
-(
- const NSSPKIXIssuingDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_IssuingDistributionPoint_remove_pointer
-(
- const NSSPKIXIssuingDistributionPoint *p
-);
-
-#endif /* DEBUG */
-
-PR_END_EXTERN_C
-
-#endif /* PKIXM_H */
diff --git a/security/nss/lib/pkix/include/pkixt.h b/security/nss/lib/pkix/include/pkixt.h
deleted file mode 100644
index b620cfb8c..000000000
--- a/security/nss/lib/pkix/include/pkixt.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXT_H
-#define PKIXT_H
-
-#ifdef DEBUG
-static const char PKIXT_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixt.h
- *
- * This file contains the private type definitions for the
- * PKIX part-1 objects. Mostly, this file contains the actual
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-PR_END_EXTERN_C
-
-#endif /* PKIXT_H */
diff --git a/security/nss/lib/pkix/include/pkixtm.h b/security/nss/lib/pkix/include/pkixtm.h
deleted file mode 100644
index 1a9e57af0..000000000
--- a/security/nss/lib/pkix/include/pkixtm.h
+++ /dev/null
@@ -1,1581 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXTM_H
-#define PKIXTM_H
-
-#ifdef DEBUG
-static const char PKIXTM_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixtm.h
- *
- * This file contains the module-private type definitions for the
- * PKIX part-1 objects. Mostly, this file contains the actual
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- */
-
-struct NSSPKIXAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSBER *ber;
- NSSDER *der;
- nssASN1Item asn1type;
- nssASN1Item **asn1values;
- NSSPKIXAttributeType *type;
- PRUint32 valuesCount;
-};
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNamess consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- */
-
-struct NSSPKIXAttributeTypeAndValueStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- nssASN1Item asn1type;
- nssASN1Item asn1value;
- NSSPKIXAttributeType *type;
- NSSUTF8 *utf8;
-};
-
-/*
- * X520Name
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- *
- * ub-name INTEGER ::= 32768
- *
- */
-
-struct NSSPKIXX520NameStr {
- nssASN1Item string;
- NSSUTF8 *utf8;
- NSSDER *der;
- PRBool wasPrintable;
- PRBool inArena;
-};
-
-/*
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- * ub-common-name INTEGER ::= 64
- *
- */
-
-struct NSSPKIXX520CommonNameStr {
-};
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- */
-
-struct NSSPKIXNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *ber;
- NSSDER *der;
- NSSUTF8 *utf;
- NSSPKIXNameChoice choice;
- union {
- NSSPKIXRDNSequence *rdnSequence;
- } u;
-};
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- */
-
-struct NSSPKIXRDNSequenceStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSBER *ber;
- NSSDER *der;
- NSSUTF8 *utf8;
- PRUint32 count;
- NSSPKIXRelativeDistinguishedName **rdns;
-};
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- */
-
-struct NSSPKIXRelativeDistinguishedNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSBER *ber;
- NSSUTF8 *utf8;
- PRUint32 count;
- NSSPKIXAttributeTypeAndValue **atavs;
-};
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXTBSCertificate *tbsCertificate;
- NSSPKIXAlgorithmIdentifier *signatureAlgorithm;
- NSSItem *signature;
-};
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- */
-
-struct NSSPKIXTBSCertificateStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXVersion version;
- NSSPKIXCertificateSerialNumber serialNumber;
- NSSPKIXAlgorithmIdentifier *signature;
- NSSPKIXName *issuer;
- NSSPKIXValidity *validity;
- NSSPKIXName *subject;
- NSSPKIXSubjectPublicKeyInfo *subjectPublicKeyInfo;
- NSSPKIXUniqueIdentifier *issuerUniqueID;
- NSSPKIXUniqueIdentifier *subjectUniqueID;
- NSSPKIXExtensions *extensions;
-};
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- */
-
-struct NSSPKIXValidityStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- */
-
-struct NSSPKIXTimeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSBER *ber;
- nssASN1Item asn1item;
- PRTime prTime;
- PRBool prTimeValid;
-};
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- */
-
-struct NSSPKIXSubjectPublicKeyInfoStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXAlgorithmIdentifier *algorithm;
- NSSItem *subjectPublicKey;
-};
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-struct NSSPKIXExtensionsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-struct NSSPKIXExtensionStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSOID *extnID;
- PRBool critical;
- NSSItem *extnValue;
-};
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateListStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXTBSCertList *tbsCertList;
- NSSPKIXAlgorithmIdentifier *signatureAlgorithm;
- NSSItem *signature;
-};
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- */
-
-struct NSSPKIXTBSCertListStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXVersion version;
- NSSPKIXAlgorithmIdentifier *signature;
- NSSPKIXName *issuer;
- -time- thisUpdate;
- -time- nextUpdate;
- NSSPKIXrevokedCertificates *revokedCertificates;
- NSSPKIXExtensions *crlExtensions;
-};
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificatesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificateStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCertificateSerialNumber *userCertificate;
- -time- revocationDate;
- NSSPKIXExtensions *crlEntryExtensions;
-};
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- *
- */
-
-struct NSSPKIXAlgorithmIdentifierStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSBER *ber;
- NSSOID *algorithm;
- NSSItem *parameters;
-};
-
-/*
- * -- types related to NSSPKIXAlgorithmIdentifiers:
- *
- * Dss-Sig-Value ::= SEQUENCE {
- * r INTEGER,
- * s INTEGER }
- *
- * DomainParameters ::= SEQUENCE {
- * p INTEGER, -- odd prime, p=jq +1
- * g INTEGER, -- generator, g
- * q INTEGER, -- factor of p-1
- * j INTEGER OPTIONAL, -- subgroup factor, j>= 2
- * validationParms ValidationParms OPTIONAL }
- *
- * ValidationParms ::= SEQUENCE {
- * seed BIT STRING,
- * pgenCounter INTEGER }
- *
- * Dss-Parms ::= SEQUENCE {
- * p INTEGER,
- * q INTEGER,
- * g INTEGER }
- *
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- */
-
-struct NSSPKIXORAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXBuiltInStandardAttributes *builtInStandardAttributes;
- NSSPKIXBuiltInDomainDefinedAttributes *builtInDomainDefinedAttributes;
- NSSPKIXExtensionsAttributes *extensionAttributes;
-};
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- */
-
-struct NSSPKIXBuiltInStandardAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCountryName *countryName;
- NSSPKIXAdministrationDomainName *administrationDomainName;
- NSSPKIXNetworkAddress *networkAddress;
- NSSPKIXTerminalIdentifier *terminalIdentifier;
- NSSPKIXPrivateDomainName *privateDomainName;
- NSSPKIXOrganizationName *organizationName;
- NSSPKIXNumericUserIdentifier *numericUserIdentifier;
- NSSPKIXPersonalName *personalName;
- NSSPKIXOrganizationalUnitNames *organizationalUnitNames;
-};
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPersonalNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *surname;
- NSSUTF8 *givenName;
- NSSUTF8 *initials;
- NSSUTF8 *generationQualifier;
-};
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- */
-
-struct NSSPKIXOrganizationalUnitNamesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *type;
- NSSUTF8 *value;
-};
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- */
-
-struct NSSPKIXExtensionAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- */
-
-struct NSSPKIXExtensionAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXExtensionsAttributeType extensionAttributeType;
- NSSItem *extensionAttributeValue;
-};
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXTeletexPersonalNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *surname;
- NSSUTF8 *givenName;
- NSSUTF8 *initials;
- NSSUTF8 *generationQualifier;
-};
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNamesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPDSParameterStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *printableString;
- NSSTUF8 *teletexString;
-};
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXUnformattedPostalAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
- NSSUTF8 *teletexString;
-};
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- */
-
-struct NSSPKIXExtendedNetworkAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXExtendedNetworkAddressChoice choice;
- union {
- NSSe1634address *e1634Address;
- NSSPKIXPresentationAddress *psapAddress;
- } u;
-};
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- */
-
-struct NSSe1634addressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *number;
- NSSUTF8 *subAddress;
-};
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- */
-
-struct NSSPKIXPresentationAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSItem *pSelector;
- NSSItem *sSelector;
- NSSItem *tSelector;
- NSSItem *nAddresses[]; --fgmr--
-};
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *type;
- NSSUTF8 *value;
-};
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- */
-
-struct NSSPKIXAuthorityKeyIdentifierStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXKeyIdentifier *keyIdentifier;
- NSSPKIXGeneralNames *authorityCertIssuer;
- NSSPKIXCertificateSerialNumber *authorityCertSerialNumber;
-};
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- */
-
-struct NSSPKIXKeyUsageStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXKeyUsageValue keyUsage;
-};
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- */
-
-struct NSSPKIXPrivateKeyUsagePeriodStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- --time--
- --time--
-};
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- */
-
-struct NSSPKIXCertificatePoliciesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyInformationStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCertPolicyId *policyIdentifier;
- NSSPKIXPolicyQualifierInfo *policyQualifiers[];
- --fgmr--
-};
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- */
-
-struct NSSPKIXPolicyQualifierInfoStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXPolicyQualifierId *policyQualifierId;
- NSSItem *qualifier;
-};
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- */
-
-struct NSSPKIXUserNoticeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXNoticeReference *noticeRef;
- NSSPKIXDisplayText *explicitText;
-};
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- */
-
-struct NSSPKIXNoticeReferenceStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDisplayText *organization;
- NSSItem *noticeNumbers[]; --fgmr--
- ...
-};
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXPolicyMappingsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXpolicyMapping *policyMappings[]; --fgmr--
- ...
-};
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXpolicyMappingStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCertPolicyId *issuerDomainPolicy;
- NSSPKIXCertPolicyId *subjectDomainPolicy;
-};
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- */
-
-struct NSSPKIXGeneralNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXGeneralNameChoice choice;
- union {
- NSSPKIXAnotherName *otherName;
- NSSUTF8 *rfc822Name;
- NSSUTF8 *dNSName;
- NSSPKIXORAddress *x400Address;
- NSSPKIXName *directoryName;
- NSSEDIPartyName *ediPartyName;
- NSSUTF8 *uniformResourceIdentifier;
- NSSItem *iPAddress;
- NSSOID *registeredID;
- } u;
-};
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- */
-
-struct NSSPKIXGeneralNamesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */
-
-struct NSSPKIXAnotherNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSOID *typeId;
- NSSItem *value;
-};
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- */
-
-struct NSSPKIXEDIPartyNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDirectoryString *nameAssigner;
- NSSPKIXDirectoryString *partyname;
-};
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- */
-
-struct NSSPKIXSubjectDirectoryAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- */
-
-struct NSSPKIXBasicConstraintsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- PRBool cA;
- PRInt32 pathLenConstraint; --fgmr--
-};
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- */
-
-struct NSSPKIXNameConstraintsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXGeneralSubtrees *permittedSubtrees;
- NSSPKIXGeneralSubtrees *excludedSubtrees;
-};
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- */
-
-struct NSSPKIXGeneralSubtreesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- */
-
-struct NSSPKIXGeneralSubtreeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXGeneralName;
- NSSPKIXBaseDistance minimum;
- NSSPKIXBaseDistance maximum;
-};
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyConstraintsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXSkipCerts *requireExplicitPolicy;
- NSSPKIXSkipCerts *inhibitPolicyMapping;
-};
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- */
-
-struct NSSPKIXCRLDistPointsSyntaxStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- */
-
-struct NSSPKIXDistributionPointStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDistributionPointName *distributionPoint;
- NSSPKIXReasonFlags *reasons;
- NSSPKIXGeneralNames *cRLIssuer;
-};
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- */
-
-struct NSSPKIXDistributionPointNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDistributionPointNameChoice choice;
- union {
- NSSPKIXGeneralNames *fullName;
- NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer;
- } u;
-};
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- */
-
-struct NSSPKIXReasonFlagsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXReasonFlagsMask reasonFlags;
-};
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- */
-
-struct NSSPKIXExtKeyUsageSyntaxStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- */
-
-struct NSSPKIXAuthorityInfoAccessSyntaxStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- */
-
-struct NSSPKIXAccessDescriptionStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSOID *accessMethod;
- NSSPKIXGeneralName *accessLocation;
-};
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- */
-
-struct NSSPKIXIssuingDistributionPointStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDistributionPointName *distributionPoint;
- PRBool onlyContainsUserCerts;
- PRBool onlyContainsCACerts;
- NSSPKIXReasonFlags onlySomeReasons;
- PRBool indirectCRL;
-};
-
-PR_END_EXTERN_C
-
-#endif /* PKIXTM_H */
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c
deleted file mode 100644
index cf95b4e26..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Create(arenaOpt, algorithm, parameters);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c
deleted file mode 100644
index 1e4e47b03..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c
deleted file mode 100644
index f2a901151..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Destroy(algid);
-}
-
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c
deleted file mode 100644
index 186ab49bc..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Duplicate(algid, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c
deleted file mode 100644
index d390b3595..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Encode(algid, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c
deleted file mode 100644
index 65c52a2ba..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Equal(algid1, algid2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c
deleted file mode 100644
index be7493a66..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSOID *
-NSSPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_GetAlgorithm(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c
deleted file mode 100644
index e94622e23..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-NSSPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSItem *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_GetParameters(algid, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c
deleted file mode 100644
index 0797fbd49..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_AlgorithmIdentifier_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_Clear
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != algid->ber ) {
- nss_ZFreeIf(algid->ber->data);
- nss_ZFreeIf(algid->ber);
- }
-
- if( (NSSDER *)NULL != algid->der ) {
- nss_ZFreeIf(algid->der->data);
- nss_ZFreeIf(algid->der);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c
deleted file mode 100644
index c527a6a56..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
- if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->algorithm = algorithm;
- rv->parameters = nssItem_Duplicate(parameters, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->parameters ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c
deleted file mode 100644
index 9713d34db..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
- if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXAlgorithmIdentifier_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c
deleted file mode 100644
index 7ef4d1fe1..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_AlgorithmIdentifier_remove_pointer(algid);
-#endif /* DEBUG */
-
- if( PR_TRUE == algid->i_allocated_arena ) {
- return nssArena_Destroy(algid->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c
deleted file mode 100644
index ae3cf72b2..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
- if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->ber = nssItem_Duplicate(algid->ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- rv->der = nssItem_Duplicate(algid->der, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->der ) {
- goto loser;
- }
-
- rv->algorithm = algid->algorithm;
-
- rv->parameters = nssItem_Duplicate(algid->parameters, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->parameters ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c
deleted file mode 100644
index c9939350a..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != algid->ber ) {
- it = algid->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != algid->der ) {
- it = algid->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(algid->arena, (NSSItem *)NULL, algid,
- nssPKIXAlgorithmIdentifier_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- algid->ber = it;
- break;
- case NSSASN1DER:
- algid->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c
deleted file mode 100644
index 423dfdb74..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( algid1->algorithm != algid2->algorithm ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
- return PR_FALSE;
- }
-
- return nssItem_Equal(algid1->parameters, algid2->parameters, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c
deleted file mode 100644
index 4c7c37b6e..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSOID *
-nssPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSOID *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return algid->algorithm;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c
deleted file mode 100644
index 5d6f1decb..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSItem *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- return nssItem_Duplicate(algid->parameters, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c
deleted file mode 100644
index ccf9f23e2..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- algid->algorithm = algorithm;
- return nss_pkix_AlgorithmIdentifier_Clear(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c
deleted file mode 100644
index d5a7e8424..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-)
-{
- NSSItem *prev;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- prev = algid->parameters;
-
- algid->parameters = nssItem_Duplicate(parameters, algid->arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == algid->parameters ) {
- algid->parameters = prev;
- return PR_FAILURE;
- }
-
- (void)nssItem_Destroy(prev);
- return nss_pkix_AlgorithmIdentifier_Clear(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c
deleted file mode 100644
index d829643e0..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_SetAlgorithm(algid, algorithm);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c
deleted file mode 100644
index d751fb689..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_SetParameters(algid, parameters);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c
deleted file mode 100644
index c9a9f8072..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_algid_pointer_tracker;
-
-/*
- * nss_pkix_AlgorithmIdentifier_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAlgorithmIdentifier pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_add_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_algid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_algid_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(p->arena,
- nss_pkix_AlgorithmIdentifier_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_AlgorithmIdentifier_remove_pointer(p);
- return rv;
- }
-
- return rv;
-}
-
-/*
- * nss_pkix_AlgorithmIdentifier_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAlgorithmIdentifier
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_remove_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_algid_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_AlgorithmIdentifier_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAlgorithmIdentifier
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_verifyPointer
-(
- NSSPKIXAlgorithmIdentifier *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_algid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_algid_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Attribute/AddValue.c b/security/nss/lib/pkix/src/Attribute/AddValue.c
deleted file mode 100644
index aad082c50..000000000
--- a/security/nss/lib/pkix/src/Attribute/AddValue.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_AddValue(attribute, value);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/Create.c b/security/nss/lib/pkix/src/Attribute/Create.c
deleted file mode 100644
index 9fe406b2d..000000000
--- a/security/nss/lib/pkix/src/Attribute/Create.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INSUFFICIENT_VALUES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-)
-{
- va_list ap;
- NSSPKIXAttribute *rv;
- PRUint32 count;
-
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == value1 ) {
- nss_SetError(NSS_ERROR_INSUFFICIENT_VALUES);
- return (NSSPKIXAttribute *)NULL;
- }
-
- {
- va_start(ap, typeOid);
-
- while( 1 ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(v) ) {
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* DEBUG */
-
- va_start(ap, typeOid);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, typeOid);
- rv = nss_pkix_Attribute_V_Create(arenaOpt, typeOid, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/CreateFromArray.c b/security/nss/lib/pkix/src/Attribute/CreateFromArray.c
deleted file mode 100644
index 2928c3bcc..000000000
--- a/security/nss/lib/pkix/src/Attribute/CreateFromArray.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssItem_verifyPointer(&values[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_CreateFromArray(arenaOpt, typeOid, count, values);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Decode.c b/security/nss/lib/pkix/src/Attribute/Decode.c
deleted file mode 100644
index a16f195cd..000000000
--- a/security/nss/lib/pkix/src/Attribute/Decode.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Destroy.c b/security/nss/lib/pkix/src/Attribute/Destroy.c
deleted file mode 100644
index bd9454fca..000000000
--- a/security/nss/lib/pkix/src/Attribute/Destroy.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Destroy(attribute);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Duplicate.c b/security/nss/lib/pkix/src/Attribute/Duplicate.c
deleted file mode 100644
index 146a49610..000000000
--- a/security/nss/lib/pkix/src/Attribute/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Duplicate(attribute, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Encode.c b/security/nss/lib/pkix/src/Attribute/Encode.c
deleted file mode 100644
index 179bd3d68..000000000
--- a/security/nss/lib/pkix/src/Attribute/Encode.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Encode
- *
- * This routine returns an ASN.1 encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAttribute_Encode
-(
- NSSPKIXAttribute *attribute,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Encode(attribute, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Equal.c b/security/nss/lib/pkix/src/Attribute/Equal.c
deleted file mode 100644
index d91782aea..000000000
--- a/security/nss/lib/pkix/src/Attribute/Equal.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Equal(one, two);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/FindValue.c b/security/nss/lib/pkix/src/Attribute/FindValue.c
deleted file mode 100644
index ba725051f..000000000
--- a/security/nss/lib/pkix/src/Attribute/FindValue.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_FindValue(attribute, value);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetType.c b/security/nss/lib/pkix/src/Attribute/GetType.c
deleted file mode 100644
index 0bae2b988..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetType.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-NSSPKIXAttribute_GetType
-(
- NSSPKIXAttribute *attribute
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeType *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetType(attribute);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetValue.c b/security/nss/lib/pkix/src/Attribute/GetValue.c
deleted file mode 100644
index afce8d135..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValue.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetValue(attribute, i, itemOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetValueCount.c b/security/nss/lib/pkix/src/Attribute/GetValueCount.c
deleted file mode 100644
index 0cdc36b60..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValueCount.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return -1;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetValueCount(attribute);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/GetValues.c b/security/nss/lib/pkix/src/Attribute/GetValues.c
deleted file mode 100644
index 986af03d1..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValues.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetValues(attribute, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MClear.c b/security/nss/lib/pkix/src/Attribute/MClear.c
deleted file mode 100644
index 6fb77ba7d..000000000
--- a/security/nss/lib/pkix/src/Attribute/MClear.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_Attribute_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_Clear
-(
- NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != a->ber ) {
- nss_ZFreeIf(a->ber->data);
- nss_ZFreeIf(a->ber);
- }
-
- if( (NSSDER *)NULL != a->der ) {
- nss_ZFreeIf(a->der->data);
- nss_ZFreeIf(a->der);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MCount.c b/security/nss/lib/pkix/src/Attribute/MCount.c
deleted file mode 100644
index abb0831cb..000000000
--- a/security/nss/lib/pkix/src/Attribute/MCount.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_Attribute_Count
- *
- * This module-private routine sets the valuesCount part of the
- * NSSPKIXAttribute argument. It does no checking, and is intended
- * only for use inside the NSSPKIXAttribute implementation itself.
- * There is no error return. There is no return value.
- */
-
-NSS_IMPLEMENT void
-nss_pkix_Attribute_Count
-(
- NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item *)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_ASSERTION_FAILED);
- return;
- }
-
- if( 0 == a->valuesCount ) {
- PRUint32 i;
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (nssASN1Item *)NULL == a->asn1values[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- return;
- }
-#endif /* PEDANTIC */
-
- a->valuesCount = i;
- }
-
- return;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MVCreate.c b/security/nss/lib/pkix/src/Attribute/MVCreate.c
deleted file mode 100644
index 1a54026d4..000000000
--- a/security/nss/lib/pkix/src/Attribute/MVCreate.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_Attribute_V_Create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INTERNAL_ERROR;
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nss_pkix_Attribute_V_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- va_list ap
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
- PRStatus status;
- PRUint32 i;
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->type = typeOid;
- {
- NSSItem typeder;
- NSSItem *x = nssOID_GetDEREncoding(rv->type, &typeder, arena);
- if( (NSSItem *)NULL == x ) {
- goto loser;
- }
-
- rv->asn1type.size = typeder.size;
- rv->asn1type.data = typeder.data;
- }
-
- rv->valuesCount = count;
-
- rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, count);
- if( (nssASN1Item **)NULL == rv->asn1values ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSItem tmp;
- NSSPKIXAttributeValue *v = (NSSPKIXAttributeValue *)
- va_arg(ap, NSSPKIXAttributeValue *);
-
- rv->asn1values[i] = nss_ZNEW(arena, nssASN1Item);
- if( (nssASN1Item *)NULL == rv->asn1values[i] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(v, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1values[i].size = tmp.size;
- rv->asn1values[i].data = tmp.data;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS !=
- nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer,
- rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PAddValue.c b/security/nss/lib/pkix/src/Attribute/PAddValue.c
deleted file mode 100644
index 732845490..000000000
--- a/security/nss/lib/pkix/src/Attribute/PAddValue.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeValue *value
-)
-{
- PRUint32 newcount;
- nssASN1Item **new_asn1_items = (nssASN1Item **)NULL;
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item **)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == a->valuesCount ) {
- PRUint32 i;
-
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (nssASN1Item *)NULL == a->asn1values[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- /* Internal error is that we don't handle them this big */
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- a->valuesCount = i;
- }
-
- newcount = a->valuesCount + 1;
- /* Check newcount for a rollover. */
-
- /* Remember that our asn1values array is NULL-terminated */
- new_asn1_items = (nssASN1Item **)nss_ZRealloc(a->asn1values,
- ((newcount+1) * sizeof(nssASN1Item *)));
- if( (nssASN1Item **)NULL == new_asn1_items ) {
- goto loser;
- }
-
- new_asn1_items[ a->valuesCount ] = nss_ZNEW(a->arena, nssASN1Item);
- if( (nssASN1Item *)NULL == new_asn1_items[ a->valuesCount ] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(value, a->arena, &tmp) ) {
- goto loser;
- }
-
- new_asn1_items[ a->valuesCount ]->size = tmp.size;
- new_asn1_items[ a->valuesCount ]->data = tmp.data;
-
- a->valuesCount++;
- a->asn1values = new_asn1_items;
-
- return nss_pkix_Attribute_Clear(a);
-
- loser:
- if( (nssASN1Item **)NULL != new_asn1_items ) {
- nss_ZFreeIf(new_asn1_items[ newcount-1 ]);
- /* We could realloc back down, but we actually know it's a no-op */
- a->asn1values = new_asn1_items;
- }
-
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PCreate.c b/security/nss/lib/pkix/src/Attribute/PCreate.c
deleted file mode 100644
index 40dc5c07c..000000000
--- a/security/nss/lib/pkix/src/Attribute/PCreate.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INSUFFICIENT_VALUES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-)
-{
- va_list ap;
- NSSPKIXAttribute *rv;
- PRUint32 count;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == value1 ) {
- nss_SetError(NSS_ERROR_INSUFFICIENT_VALUES);
- return (NSSPKIXAttribute *)NULL;
- }
-
- {
- va_start(ap, typeOid);
-
- while( 1 ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(v) ) {
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* NSSDEBUG */
-
- va_start(ap, typeOid);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, typeOid);
- rv = nss_pkix_Attribute_V_Create(arenaOpt, typeOid, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c b/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c
deleted file mode 100644
index c2d301d12..000000000
--- a/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssItem_verifyPointer(&values[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->type = typeOid;
- {
- NSSItem typeder;
- NSSItem *x = nssOID_GetDEREncoding(rv->type, &typeder, arena);
- if( (NSSItem *)NULL == x ) {
- goto loser;
- }
-
- rv->asn1type.size = typeder.size;
- rv->asn1type.data = typeder.data;
- }
-
- rv->valuesCount = count;
-
- rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, count);
- if( (nssASN1Item **)NULL == rv->asn1values ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSItem tmp;
- NSSPKIXAttributeValue *v = &values[i];
-
- rv->asn1values[i] = nss_ZNEW(arena, nssASN1Item);
- if( (nssASN1Item *)NULL == rv->asn1values[i] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(v, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1values[i].size = tmp.size;
- rv->asn1values[i].data = tmp.data;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS !=
- nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer,
- rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDecode.c b/security/nss/lib/pkix/src/Attribute/PDecode.c
deleted file mode 100644
index 49a059404..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDecode.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXAttribute_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer, rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDestroy.c b/security/nss/lib/pkix/src/Attribute/PDestroy.c
deleted file mode 100644
index 5f2b5a135..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDestroy.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it place an error on
- * the error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_Attribute_remove_pointer(attribute);
- (void)nssArena_RemoveDestructor(arena, nss_pkix_Attribute_remove_pointer,
- attribute);
-#endif /* DEBUG */
-
- if( PR_TRUE == attribute->i_allocated_arena ) {
- return nssArena_Destroy(attribute->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDuplicate.c b/security/nss/lib/pkix/src/Attribute/PDuplicate.c
deleted file mode 100644
index 765510e59..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDuplicate.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return PR_FAILURE;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSBER *)NULL != attribute->ber ) {
- rv->ber = nssItem_Duplicate(arena, attribute->ber, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != attribute->der ) {
- rv->der = nssItem_Duplicate(arena, attribute->der, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (void *)NULL != attribute->asn1type.data ) {
- rv->asn1type.size = attribute->asn1type.size;
- rv->asn1type.data = nss_ZAlloc(arena, attribute->asn1type.size);
- if( (void *)NULL == rv->asn1type.data ) {
- goto loser;
- }
- (void)nsslibc_memcpy(rv->asn1type.data, attribute->asn1type.data,
- rv->asn1type.size);
- }
-
- if( (nssASN1Item **)NULL != attribute->asn1values ) {
- rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, attribute->valuesCount);
- if( (nssASN1Item **)NULL == rv->asn1values ) {
- goto loser;
- }
-
- for( i = 0; i < attribute->valuesCount; i++ ) {
- nssASN1Item *src;
- nssASN1Item *dst;
-
- src = attribute->asn1values[i];
- dst = nss_ZNEW(arena, nssASN1Item);
- if( (nssASN1Item *)NULL == dst ) {
- goto loser;
- }
-
- rv->asn1values[i] = dst;
-
- dst->size = src->size;
- dst->data = nss_ZAlloc(arena, dst->size);
- if( (void *)NULL == dst->data ) {
- goto loser;
- }
- (void)nsslibc_memcpy(dst->data, src->data, src->size);
- }
- }
-
- rv->type = attribute->type; /* NULL or otherwise */
- rv->valuescount = attribute->valuesCount;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS !=
- nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer,
- rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PEncode.c b/security/nss/lib/pkix/src/Attribute/PEncode.c
deleted file mode 100644
index 7fc647ed2..000000000
--- a/security/nss/lib/pkix/src/Attribute/PEncode.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_Encode
- *
- * This routine returns an ASN.1 encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXAttribute_Encode
-(
- NSSPKIXAttribute *a,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != a->ber ) {
- it = a->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != a->der ) {
- it = a->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(a->arena, (NSSItem *)NULL, a,
- nssPKIXAttribute_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- a->ber = it;
- break;
- case NSSASN1DER:
- a->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PEqual.c b/security/nss/lib/pkix/src/Attribute/PEqual.c
deleted file mode 100644
index 247bfd575..000000000
--- a/security/nss/lib/pkix/src/Attribute/PEqual.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-)
-{
- PRStatus dummyStatus = PR_SUCCESS; /* quiet warnings */
- PRStatus *status;
- PRUint32 i;
-
- if( (PRStatus *)NULL != statusOpt ) {
- status = statusOpt;
- *status = PR_SUCCESS;
- } else {
- status = &dummyStatus;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(one) ) {
- *status = PR_FAILURE;
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(two) ) {
- *status = PR_FAILURE;
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
- return nssItem_Equal(one->der, two->der, statusOpt);
- }
-
- if( (NSSPKIXAttributeType *)NULL == one->type ) {
- NSSItem berOid;
- berOid.size = one->asn1type.size;
- berOid.data = one->asn1type.data;
- one->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&berOid);
- }
-
- if( (NSSPKIXAttributeType *)NULL == two->type ) {
- NSSItem berOid;
- berOid.size = two->asn1type.size;
- berOid.data = two->asn1type.data;
- two->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&berOid);
- }
-
- if( one->type != two->type ) {
- return PR_FALSE;
- }
-
- if( 0 == one->valuesCount ) {
- nss_pkix_Attribute_Count(one);
- }
-
-#ifdef PEDANTIC
- if( 0 == one->valuesCount ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- *statusOpt = PR_FAILURE;
- return PR_FALSE;
- }
-#endif /* PEDANTIC */
-
- if( 0 == two->valuesCount ) {
- nss_pkix_Attribute_Count(two);
- }
-
-#ifdef PEDANTIC
- if( 0 == two->valuesCount ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- *statusOpt = PR_FAILURE;
- return PR_FALSE;
- }
-#endif /* PEDANTIC */
-
- if( one->valuesCount != two->valuesCount ) {
- return PR_FALSE;
- }
-
- *status = nss_pkix_Attribute_Distinguish(one);
- if( PR_FAILURE == *status ) {
- return PR_FALSE;
- }
-
- *status = nss_pkix_Attribute_Distinguish(two);
- if( PR_FAILURE == *status ) {
- return PR_FALSE;
- }
-
- for( i == 0; i < one->valuesCount; i++ ) {
- NSSItem onetmp, twotmp;
-
- onetmp.size = one->asn1values[i]->size;
- onetmp.data = one->asn1values[i]->data;
- twotmp.size = two->asn1values[i]->size;
- twotmp.data = two->asn1values[i]->data;
-
- if( PR_FALSE == nssItem_Equal(&one, &two, statusOpt) ) {
- return PR_FALSE;
- }
- }
-
- return PR_TRUE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PFindValue.c b/security/nss/lib/pkix/src/Attribute/PFindValue.c
deleted file mode 100644
index 0f1095f0c..000000000
--- a/security/nss/lib/pkix/src/Attribute/PFindValue.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeValue *attributeValue
-)
-{
- PRUint32 i;
- nssASN1Item **a;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item **)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_ASSERTION_FAILED);
- return -1;
- }
-
- for( i = 0, a = &a->asn1values[0]; *a; a++, (i > 0x7fffffff) || i++ ) {
- NSSItem tmp;
-
- tmp.size = (*a)->size;
- tmp.data = (*a)->data;
-
- if( PR_TRUE == nssItem_Equal(attributeValue, &tmp, (PRStatus *)NULL) ) {
- if( i > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
- return (PRInt32)i;
- }
- }
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetType.c b/security/nss/lib/pkix/src/Attribute/PGetType.c
deleted file mode 100644
index 4b61431b8..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetType.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-nssPKIXAttribute_GetType
-(
- NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return (NSSPKIXAttributeType *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSPKIXAttributeType *)NULL == a->type ) {
- NSSItem ber;
-
- ber.size = a->asn1type.size;
- ber.data = a->asn1type.data;
-
- a->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&ber);
- }
-
- return a->type;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValue.c b/security/nss/lib/pkix/src/Attribute/PGetValue.c
deleted file mode 100644
index bbf12ca67..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValue.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt} [0,valueCount)
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == attribute->valuesCount ) {
- nss_pkix_Attribute_Count(attribute);
- }
-
- if( (i < 0) || (i >= attribute->valuesCount) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- tmp.size = attribute->asn1values[i]->size;
- tmp.data = attribute->asn1values[i]->data;
-
- return nssItem_Duplicate(&tmp, arenaOpt, itemOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValueCount.c b/security/nss/lib/pkix/src/Attribute/PGetValueCount.c
deleted file mode 100644
index ada1d403d..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValueCount.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == attribute->valuesCount ) {
- nss_pkix_Attribute_Count(attribute);
- }
-
-#ifdef PEDANTIC
- if( 0 == attribute->valuesCount ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-#endif /* PEDANTIC */
-
- if( attribute->valuesCount > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-
- return (PRInt32)(attribute->valuesCount);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValues.c b/security/nss/lib/pkix/src/Attribute/PGetValues.c
deleted file mode 100644
index ccc11dbe0..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValues.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXAttributeValue *rv = (NSSPKIXAttributeValue *)NULL;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == attribute->valuesCount ) {
- nss_pkix_Attribute_Count(attribute);
- }
-
-#ifdef PEDANTIC
- if( 0 == attribute->valuesCount ) {
- if( 0 == limit ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- } else {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- }
- return (NSSPKIXAttributeValue *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (limit < attribute->valuesCount) &&
- !((0 == limit) && ((NSSPKIXAttributeValue *)NULL == rvOpt)) ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- limit = attribute->valuesCount;
- if( (NSSPKIXAttributeValue *)NULL == rvOpt ) {
- rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXAttributeValue, limit);
- if( (NSSPKIXAttributeValue *)NULL == rv ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- for( i = 0; i < limit; i++ ) {
- NSSAttributeValue tmp;
- nssASN1Item *p = attribute->asn1values[i];
- NSSAttributeValue *r = &rv[i];
-
- tmp.size = p->size;
- tmp.data = p->data;
-
- if( (NSSItem *)NULL == nssItem_Duplicate(&tmp, arenaOpt, r) ) {
- goto loser;
- }
- }
-
- return rv;
-
- loser:
- for( i = 0; i < limit; i++ ) {
- NSSAttributeValue *r = &rv[i];
- nss_ZFreeIf(r->data);
- }
-
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSAttributeValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PRemoveValue.c b/security/nss/lib/pkix/src/Attribute/PRemoveValue.c
deleted file mode 100644
index 6da2ebc07..000000000
--- a/security/nss/lib/pkix/src/Attribute/PRemoveValue.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-PR_IMPLEMENET(PRStatus)
-nssPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *a,
- PRInt32 i
-)
-{
- nssASN1Item **ip;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == a->valuesCount ) {
- nss_pkix_Attribute_Count(a);
- }
-
- if( i < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- if( 1 == a->valuesCount ) {
- nss_SetError(NSS_ERROR_AT_MINIMUM);
- return PR_FAILURE;
- }
-
-#ifdef PEDANTIC
- if( 0 == a->valuesCount ) {
- /* Too big.. but we can still remove one */
- nss_ZFreeIf(a->asn1values[i].data);
- for( ip = &a->asn1values[i]; *ip; ip++ ) {
- ip[0] = ip[1];
- }
- } else
-#endif /* PEDANTIC */
-
- {
- nssASN1Item *si;
- PRUint32 end;
-
- if( i >= a->valueCount ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- end = a->valuesCount - 1;
-
- si = a->asn1values[i];
- a->asn1values[i] = a->asn1values[ end ];
- a->asn1values[ end ] = (nssASN1Item *)NULL;
-
- nss_ZFreeIf(si->data);
- nss_ZFreeIf(si);
-
- /* We could realloc down, but we know it's a no-op */
- a->valuesCount = end;
- }
-
- return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetType.c b/security/nss/lib/pkix/src/Attribute/PSetType.c
deleted file mode 100644
index 8f430aab3..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetType.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetType
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeType *attributeType
-)
-{
- NSSDER tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- a->type = attributeType;
-
- nss_ZFreeIf(a->asn1type.data);
- if( (NSSDER *)NULL == nssOID_GetDEREncoding(a->type, &tmp, a->arena) ) {
- return PR_FAILURE;
- }
-
- a->asn1type.size = tmp.size;
- a->asn1type.data = tmp.data;
-
- return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetValue.c b/security/nss/lib/pkix/src/Attribute/PSetValue.c
deleted file mode 100644
index 4fd490a6a..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetValue.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *a,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( i < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- if( 0 == a->valuesCount ) {
- nss_pkix_Attribute_Count(a);
- }
-
- if( (0 != a->valuesCount) && (i > a->valuesCount) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(value, a->arena, &tmp) ) {
- return PR_FAILURE;
- }
-
- nss_ZFreeIf(a->asn1values[i]->data);
- a->asn1values[i]->size = tmp.size;
- a->asn1values[i]->data = tmp.data;
-
- return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetValues.c b/security/nss/lib/pkix/src/Attribute/PSetValues.c
deleted file mode 100644
index 64df8eb55..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetValues.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-)
-{
- nssASN1Item **ip;
- nssASN1Item *newarray;
- PRUint32 i;
- nssArenaMark *mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == values ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( count < 1 ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item **)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_ASSERTION_FAILED);
- return PR_FAILURE;
- }
-
- mark = nssArena_Mark(a->arena);
- if( (nssArenaMark *)NULL == mark ) {
- return PR_FAILURE;
- }
-
- newarray = nss_ZNEWARRAY(a->arena, nssASN1Item *, count);
- if( (nssASN1Item *)NULL == newarray ) {
- return PR_FAILURE;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSItem tmp;
-
- newarray[i] = nss_ZNEW(a->arena, nssASN1Item);
- if( (nssASN1Item *)NULL == newarray[i] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(&values[i], a->arena, &tmp) ) {
- goto loser;
- }
-
- newarray[i]->size = tmp.size;
- newarray[i]->data = tmp.data;
- }
-
- for( ip = &a->asn1values[0]; *ip; ip++ ) {
- nss_ZFreeIf((*ip)->data);
- nss_ZFreeIf(*ip);
- }
-
- nss_ZFreeIf(a->asn1values);
-
- a->asn1values = newarray;
- a->valuesCount = count;
-
- (void)nss_pkix_Attribute_Clear(a);
- return nssArena_Unmark(a->arena, mark);
-
- loser:
- (void)nssArena_Release(a->arena, mark);
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/RemoveValue.c b/security/nss/lib/pkix/src/Attribute/RemoveValue.c
deleted file mode 100644
index e869fd96a..000000000
--- a/security/nss/lib/pkix/src/Attribute/RemoveValue.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_RemoveValue(attribute, i);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/SetType.c b/security/nss/lib/pkix/src/Attribute/SetType.c
deleted file mode 100644
index 4975c8f8a..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetType.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetType
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeType *attributeType
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_SetType(attribute, attributeType);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/SetValue.c b/security/nss/lib/pkix/src/Attribute/SetValue.c
deleted file mode 100644
index 43f74ad26..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetValue.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_SetValue(attribute, i, value);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/SetValues.c b/security/nss/lib/pkix/src/Attribute/SetValues.c
deleted file mode 100644
index 7c3645cf7..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetValues.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == values ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( count < 1 ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKXIAttribute_SetValues(attribute, values, count);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/template.c b/security/nss/lib/pkix/src/Attribute/template.c
deleted file mode 100644
index 850b6a9b0..000000000
--- a/security/nss/lib/pkix/src/Attribute/template.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_template
- *
- *
- */
-
-const nssASN1Template nssPKIXAttribute_template[] = {
- { nssASN1_SEQUENCE, 0, NULL, sizeof(NSSPKIXAttribute) },
- { nssASN1_OBJECT_ID, offsetof(NSSPKIXAttribute, asn1type) },
- { nssASN1_SET_OF, offsetof(NSSPKIXAttribute, asn1values),
- nssASN1Template_Any },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/Attribute/verifyPointer.c b/security/nss/lib/pkix/src/Attribute/verifyPointer.c
deleted file mode 100644
index c0ae3ed84..000000000
--- a/security/nss/lib/pkix/src/Attribute/verifyPointer.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_attribute_pointer_tracker;
-
-/*
- * nss_pkix_Attribute_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttribute pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_add_pointer
-(
- const NSSPKIXAttribute *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_attribute_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_attribute_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_Attribute_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAttribute
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_remove_pointer
-(
- const NSSPKIXAttribute *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_attribute_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssPKIXAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_verifyPointer
-(
- NSSPKIXAttribute *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_attribute_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_attribute_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c
deleted file mode 100644
index 84e721f80..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue(arenaOpt, typeOid, value);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c
deleted file mode 100644
index 72e0a3114..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c
deleted file mode 100644
index 33b657303..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c
deleted file mode 100644
index b3c28a03f..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Destroy(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c
deleted file mode 100644
index 09d1f27c3..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Duplicate(atav, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c
deleted file mode 100644
index 1b67be84d..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Encode(atav, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c
deleted file mode 100644
index 0cbf06eca..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Equal(atav1, atav2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c
deleted file mode 100644
index 68e2f48f6..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-NSSPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSPKIXAttributeType *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_GetType(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c
deleted file mode 100644
index 611e4bcb9..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_GetUTF8Encoding(atav, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c
deleted file mode 100644
index 5516c63ea..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_GetValue(atav, itemOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c
deleted file mode 100644
index eeae7db86..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_AttributeTypeAndValue_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_Clear
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != atav->ber ) {
- nss_ZFreeIf(atav->ber->data);
- nss_ZFreeIf(atav->ber);
- }
-
- if( (NSSDER *)NULL != atav->der ) {
- nss_ZFreeIf(atav->der->data);
- nss_ZFreeIf(atav->der);
- }
-
- nss_ZFreeIf(atav->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c
deleted file mode 100644
index 2dc6d8ac5..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->type = typeOid;
-
- {
- NSSItem tmp;
- if( (NSSItem *)NULL == nssOID_GetDEREncoding(typeOid, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1type.size = tmp.size;
- rv->asn1type.data = tmp.data;
- }
-
- {
- NSSItem tmp;
- if( (NSSItem *)NULL == nssItem_Duplicate(value, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1value.size = tmp.size;
- rv->asn1value.data = tmp.data;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c
deleted file mode 100644
index a2fa289ea..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Fill this in later from ../pki1/atav.c implementation */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c
deleted file mode 100644
index 9e017526c..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- /* For this object, BER is DER */
- rv->der = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv,
- nssPKIXAttributeTypeAndValue_template,
- ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c
deleted file mode 100644
index 47242f545..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_AttributeTypeAndValue_remove_pointer(atav);
- (void)nssArena_RemoveDestructor(arena,
- nss_pkix_AttributeTypeAndValue_remove_pointer, atav);
-#endif /* DEBUG */
-
- if( PR_TRUE == atav->i_allocated_arena ) {
- return nssArena_Destroy(atav->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c
deleted file mode 100644
index 53fc85171..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSDER *)NULL != atav->der ) {
- rv->der = nssItem_Duplicate(atav->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser; /* actually, this isn't fatal */
- }
- }
-
- {
- NSSItem src, dst;
- src.size = atav->asn1type.size;
- src.data = atav->asn1type.data;
- if( (NSSItem *)NULL == nssItem_Duplicate(&src, arena, &dst) ) {
- goto loser;
- }
- rv->asn1type.size = dst.size;
- rv->asn1type.data = dst.data;
- }
-
- {
- NSSItem src, dst;
- src.size = atav->asn1value.size;
- src.data = atav->asn1value.data;
- if( (NSSItem *)NULL == nssItem_Duplicate(&src, arena, &dst) ) {
- goto loser;
- }
- rv->asn1value.size = dst.size;
- rv->asn1value.data = dst.data;
- }
-
- rv->type = atav->type;
-
- if( (NSSUTF8 *)NULL != atav->utf8 ) {
- rv->utf8 = nssUTF8_Duplicate(atav->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser; /* actually, this isn't fatal */
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c
deleted file mode 100644
index 64a77e590..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- case NSSASN1DER:
- break;
- case NSSASN1CER:
- case NSSASN1LWER:
- case NSSASN1PER:
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- /* For this item its DER is BER */
-
- if( (NSSDER *)NULL == atav->der ) {
- atav->der = nssASN1_EncodeDER(atav->arena, (NSSItem *)NULL, a,
- nssPKIXAtributeTypeAndValue_template, NSSASN1DER);
- if( (NSSDER *)NULL == atav->der ) {
- return (NSSBER *)NULL;
- }
- }
-
- return nssItem_Duplicate(a->der, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c
deleted file mode 100644
index 67dc970f1..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-)
-{
- NSSItem one, two;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav1) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav2) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- one.size = atav1->asn1type.size;
- one.data = atav1->asn1type.data;
- two.size = atav2->asn1type.size;
- two.data = atav2->asn1type.data;
-
- if( PR_FALSE == nssItem_Equal(&one, &two, statusOpt) ) {
- return PR_FALSE;
- }
-
- one.size = atav1->asn1value.size;
- one.data = atav1->asn1value.data;
- two.size = atav2->asn1value.size;
- two.data = atav2->asn1value.data;
-
- return nssItem_Equal(&one, &two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c
deleted file mode 100644
index 20411e8ee..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-nssPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSPKIXAttributeType *)NULL == atav->type ) {
- NSSItem ber;
-
- ber.size = atav->asn1type.size;
- ber.data = atav->asn1type.data;
-
- atav->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&ber);
- }
-
- return atav->type;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c
deleted file mode 100644
index 41145b3cf..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == atav->utf8 ) {
- /* xxx fgmr fill this in from the ../pki1/atav.c implementation */
- }
-
- return nssUTF8_Duplicate(atav->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c
deleted file mode 100644
index 33f9e5b2b..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- tmp.size = atav->asn1value.size;
- tmp.data = atav->asn1value.data;
-
- return nssItem_Duplicate(&tmp, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c
deleted file mode 100644
index 4e25b88cc..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-)
-{
- NSSDER tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- atav->type = attributeType;
-
- nss_ZFreeIf(atav->asn1type.data);
- if( (NSSDER *)NULL == nssOID_GetDEREncoding(atav->type, &tmp, atav->arena) ) {
- return PR_FAILURE;
- }
-
- atav->asn1type.size = tmp.size;
- atav->asn1type.data = tmp.data;
-
- return nss_pkix_AttributeTypeAndValue_Clear(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c
deleted file mode 100644
index 82de4db00..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSItem *)NULL == nssItem_Duplicate(value, atav->arena, &tmp) ) {
- return PR_FAILURE;
- }
-
- nss_ZFreeIf(atav->asn1value.data);
- atav->asn1value.size = tmp.size;
- atav->asn1value.data = tmp.data;
-
- return nss_pkix_AttributeTypeAndValue_Clear(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c
deleted file mode 100644
index 672b7b738..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_SetType(atav, attributeType);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c
deleted file mode 100644
index fafc54d6c..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_SetValue(atav, value);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c
deleted file mode 100644
index 548a4fac9..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_template
- *
- */
-
-const nssASN1Template nssPKIXAttributeTypeAndValue_template[] = {
- { nssASN1_SEQUENCE, 0, NULL, sizeof(NSSPKIXAttributeTypeAndValue) },
- { nssASN1_OBJECT_ID, offsetof(NSSPKIXAttributeTypeAndValue, asn1type) },
- { nssASN1_ANY, offsetof(NSSPKIXAttributeTypeAndValue, asn1value) },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c
deleted file mode 100644
index 340e19c1b..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_atav_pointer_tracker;
-
-/*
- * nss_pkix_AttributeTypeAndValue_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttributeTypeAndValue
- * pointer to the internal pointer-tracker. This routine should only
- * be used by the NSSPKIX module. This routine returns a PRStatus
- * value; upon error it will place an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_add_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_atav_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(arena,
- nss_pkix_AttributeTypeAndValue_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_AttributeTypeAndValue_remove_pointer(p);
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_AttributeTypeAndValue_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid
- * NSSPKIXAttributeTypeAndValue pointer from the internal
- * pointer-tracker. This routine should only be used by the
- * NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_remove_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_atav_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_AttributeTypeAndValue_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXAttributeTypeAndValue_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an
- * NSSPKIXAttributeTypeAndValue object, this routine will return
- * PR_SUCCESS. Otherwise, it will put an error on the error stack
- * and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_verifyPointer
-(
- NSSPKIXAttributeTypeAndValue *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_atav_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Name/Create.c b/security/nss/lib/pkix/src/Name/Create.c
deleted file mode 100644
index dc9059f0b..000000000
--- a/security/nss/lib/pkix/src/Name/Create.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- {
- NSSPKIXRDNSequence *r = (NSSPKIXRDNSequence *)arg;
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(r) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- return (NSSPKIXName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Create(arenaOpt, choice, arg);
-}
diff --git a/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c b/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c
deleted file mode 100644
index da07742cc..000000000
--- a/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnSequence) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_CreateFromRDNSequence(arenaOpt, rdnSequence);
-}
diff --git a/security/nss/lib/pkix/src/Name/CreateFromUTF8.c b/security/nss/lib/pkix/src/Name/CreateFromUTF8.c
deleted file mode 100644
index f2111ea75..000000000
--- a/security/nss/lib/pkix/src/Name/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/Name/Decode.c b/security/nss/lib/pkix/src/Name/Decode.c
deleted file mode 100644
index b30fac01e..000000000
--- a/security/nss/lib/pkix/src/Name/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromBER
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_CreateFromBER(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Name/Destroy.c b/security/nss/lib/pkix/src/Name/Destroy.c
deleted file mode 100644
index c8c2bc9f2..000000000
--- a/security/nss/lib/pkix/src/Name/Destroy.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXName_Destroy
-(
- NSSPKIXName *name
-)
-{
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Destroy(name);
-}
diff --git a/security/nss/lib/pkix/src/Name/Duplicate.c b/security/nss/lib/pkix/src/Name/Duplicate.c
deleted file mode 100644
index 6c8831729..000000000
--- a/security/nss/lib/pkix/src/Name/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Duplicate(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/Encode.c b/security/nss/lib/pkix/src/Name/Encode.c
deleted file mode 100644
index 344a53724..000000000
--- a/security/nss/lib/pkix/src/Name/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Encode(name, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/Equal.c b/security/nss/lib/pkix/src/Name/Equal.c
deleted file mode 100644
index 9a74eef94..000000000
--- a/security/nss/lib/pkix/src/Name/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXName_Equal
-(
- NSSPKIXName *name1,
- NSSPKIXName *name2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIX_Equal(name1, name2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetChoice.c b/security/nss/lib/pkix/src/Name/GetChoice.c
deleted file mode 100644
index 8a36ada00..000000000
--- a/security/nss/lib/pkix/src/Name/GetChoice.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_IMPLEMENT NSSPKIXNameChoice
-NSSPKIXName_GetChoice
-(
- NSSPKIXName *name
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return NSSPKIXNameChoice_NSSinvalid;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetChoice(name);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetRDNSequence.c b/security/nss/lib/pkix/src/Name/GetRDNSequence.c
deleted file mode 100644
index 94562ae3c..000000000
--- a/security/nss/lib/pkix/src/Name/GetRDNSequence.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetRDNSequence(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c b/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c
deleted file mode 100644
index 3de2d5b84..000000000
--- a/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_IMPLEMENT void *
-NSSPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name) ) {
- return (void *)NULL;
- }
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- return (void *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (void *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetSpecifiedChoice(name, choice, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c b/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c
deleted file mode 100644
index c86dd94b2..000000000
--- a/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetUTF8Encoding(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/MClear.c b/security/nss/lib/pkix/src/Name/MClear.c
deleted file mode 100644
index e8d6b1961..000000000
--- a/security/nss/lib/pkix/src/Name/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_Name_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_Clear
-(
- NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != name->ber ) {
- nss_ZFreeIf(name->ber->data);
- nss_ZFreeIf(name->ber);
- }
-
- if( (NSSDER *)NULL != name->der ) {
- nss_ZFreeIf(name->der->data);
- nss_ZFreeIf(name->der);
- }
-
- nss_ZFreeIf(name->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/Mregister.c b/security/nss/lib/pkix/src/Name/Mregister.c
deleted file mode 100644
index 09ddb9d99..000000000
--- a/security/nss/lib/pkix/src/Name/Mregister.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifdef NSSDEBUG
-/*
- * nss_pkix_Name_register
- *
- * Registers whatever sub-component exists within this Name.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_register
-(
- NSSPKIXName *name
-)
-{
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- /* add pointer */
- /* (sub-)register pointer */
- /* add destructor to arena */
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreate.c b/security/nss/lib/pkix/src/Name/PCreate.c
deleted file mode 100644
index e93737599..000000000
--- a/security/nss/lib/pkix/src/Name/PCreate.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- if( (PR_SUCCESS != nssPKIXRDNSequence_verifyPointer((NSSPKIXRDNSequence *)arg) ) ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return (NSSPKIXName *)NULL;
- }
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- goto loser;
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- rv->choice = choice;
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate((NSSPKIXRDNSequence *)arg, arena);
- if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
- goto loser;
- }
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c b/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c
deleted file mode 100644
index 169e409a3..000000000
--- a/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnSequence) ) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- rv->choice = NSSPKIXNameChoice_rdnSequence;
- rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate(rdnSequence, arena);
- if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c b/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c
deleted file mode 100644
index 0939a19e3..000000000
--- a/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Insert intelligence here -- fgmr */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDecode.c b/security/nss/lib/pkix/src/Name/PDecode.c
deleted file mode 100644
index d3f20d473..000000000
--- a/security/nss/lib/pkix/src/Name/PDecode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromBER
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXName_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDestroy.c b/security/nss/lib/pkix/src/Name/PDestroy.c
deleted file mode 100644
index f1fd41721..000000000
--- a/security/nss/lib/pkix/src/Name/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXName_Destroy
-(
- NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_Name_remove_pointer(name);
-#endif /* DEBUG */
-
- if( PR_TRUE == name->i_allocated_arena ) {
- return nssArena_Destroy(name->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDuplicate.c b/security/nss/lib/pkix/src/Name/PDuplicate.c
deleted file mode 100644
index c5788a0f1..000000000
--- a/security/nss/lib/pkix/src/Name/PDuplicate.c
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSBER *)NULL != name->ber ) {
- rv->ber = nssItem_Duplicate(name->ber, arena, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != name->der ) {
- rv->der = nssItem_Duplicate(name->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL != name->utf8 ) {
- rv->utf8 = nssUTF8_duplicate(name->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- rv->choice = name->choice;
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arena);
- if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
- goto loser;
- }
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PEncode.c b/security/nss/lib/pkix/src/Name/PEncode.c
deleted file mode 100644
index 469b528fb..000000000
--- a/security/nss/lib/pkix/src/Name/PEncode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != name->ber ) {
- it = name->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != name->der ) {
- it = name->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(name->arena, (NSSItem *)NULL, name,
- nssPKIXName_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- name->ber = it;
- break;
- case NSSASN1DER:
- name->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/PEqual.c b/security/nss/lib/pkix/src/Name/PEqual.c
deleted file mode 100644
index 5ad91dd2a..000000000
--- a/security/nss/lib/pkix/src/Name/PEqual.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXName_Equal
-(
- NSSPKIXName *one,
- NSSPKIXName *two,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXName_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
- return nssItem_Equal(one->der, two->der, statusOpt);
- }
-
- if( one->choice != two->choice ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
- return PR_FALSE;
- }
-
- switch( one->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- return nssPKIXRDNSequence_Equal(one->u.rdnSequence, two->u.rdnSequence, statusOpt);
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetChoice.c b/security/nss/lib/pkix/src/Name/PGetChoice.c
deleted file mode 100644
index f34a93908..000000000
--- a/security/nss/lib/pkix/src/Name/PGetChoice.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_IMPLEMENT NSSPKIXNameChoice
-nssPKIXName_GetChoice
-(
- NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return NSSPKIXNameChoice_NSSinvalid;
- }
-#endif /* NSSDEBUG */
-
- return name->choice;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetRDNSequence.c b/security/nss/lib/pkix/src/Name/PGetRDNSequence.c
deleted file mode 100644
index 0899e550d..000000000
--- a/security/nss/lib/pkix/src/Name/PGetRDNSequence.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- return nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arenaOpt);
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-
- nss_SetError(NSS_ERROR_WRONG_CHOICE);
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c b/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c
deleted file mode 100644
index a24c8ea86..000000000
--- a/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_IMPLEMENT void *
-nssPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (void *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (void *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( choice != name->choice ) {
- nss_SetError(NSS_ERROR_WRONG_CHOICE);
- return (void *)NULL;
- }
-
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- return (void *)nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arenaOpt);
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-
- nss_SetError(NSS_ERROR_WRONG_CHOICE);
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c
deleted file mode 100644
index 164229277..000000000
--- a/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- /* xxx fgmr fill this in from pki1 implementation */
- }
-
- return nssUTF8_Duplicate(name->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/template.c b/security/nss/lib/pkix/src/Name/template.c
deleted file mode 100644
index 72ac85466..000000000
--- a/security/nss/lib/pkix/src/Name/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXName_template
- *
- */
-
-const nssASN1Template nssPKIXName_template[] = {
- { nssASN1_CHOICE, offsetof(NSSPKIXName, choice), 0, sizeof(NSSPKIXName) },
- { nssASN1_POINTER, offsetof(NSSPKIXName, u.rdnSequence),
- nssPKIXRDNSequence_template, NSSPKIXNameChoice_rdnSequence },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/Name/verifyPointer.c b/security/nss/lib/pkix/src/Name/verifyPointer.c
deleted file mode 100644
index 6c27e5910..000000000
--- a/security/nss/lib/pkix/src/Name/verifyPointer.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_name_pointer_tracker;
-
-/*
- * nss_pkix_Name_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXName pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_add_pointer
-(
- const NSSPKIXName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(p->arena,
- nss_pkix_Name_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_Name_remove_pointer(p);
- return rv;
- }
-
-#ifdef NSSDEBUG
- switch( p->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- rv = nss_pkix_RDNSequence_register(p->u.rdnSequence);
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- rv = PR_FAILURE;
- break;
- }
-
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_Name_remove_pointer(p);
- }
-#endif /* NSSDEBUG */
-
- return rv;
-}
-
-/*
- * nss_pkix_Name_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXName
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_remove_pointer
-(
- const NSSPKIXName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
-#ifdef NSSDEBUG
- switch( p->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- (void)nss_pkix_RDNSequence_register(p->u.rdnSequence);
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-#endif /* NSSDEBUG */
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_Name_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXName_verifyPointer
-(
- NSSPKIXName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c
deleted file mode 100644
index 4e0d0d018..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_AppendRelativeDistinguishedName(rdnseq, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Create.c b/security/nss/lib/pkix/src/RDNSequence/Create.c
deleted file mode 100644
index 52b8a851c..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Create.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRDNSequence *rv;
- PRUint32 count;
-
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of RDNs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- va_end(ap);
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* DEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RDNSequence_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c b/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c
deleted file mode 100644
index b6412187c..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdns[]
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(&rdns[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_CreateFromArray(arenaOpt, count, rnds);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c b/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c
deleted file mode 100644
index dcdbc54a2..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Decode.c b/security/nss/lib/pkix/src/RDNSequence/Decode.c
deleted file mode 100644
index ebbad116a..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Destroy.c b/security/nss/lib/pkix/src/RDNSequence/Destroy.c
deleted file mode 100644
index 5962364e5..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Destroy(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Duplicate.c b/security/nss/lib/pkix/src/RDNSequence/Duplicate.c
deleted file mode 100644
index 2bf53ba59..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Duplicate(rdnseq, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Encode.c b/security/nss/lib/pkix/src/RDNSequence/Encode.c
deleted file mode 100644
index 84ab4db67..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Encode(rdnseq, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Equal.c b/security/nss/lib/pkix/src/RDNSequence/Equal.c
deleted file mode 100644
index fe0fa0f07..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Equal(one, two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c
deleted file mode 100644
index cb04286d3..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_FindRelativeDistinguishedName(rdnseq, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c
deleted file mode 100644
index 9b152f4da..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetRelativeDistinguishedName(rdnseq, i, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c
deleted file mode 100644
index 05b5e89b4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return -1;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetRelativeDistinguishedNameCount(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c
deleted file mode 100644
index 06d419bed..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName **
-NSSPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetRelativeDistinguishedNames(rdnseq, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c b/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c
deleted file mode 100644
index 4519a5ba4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetUTF8Encoding(rdnseq, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c
deleted file mode 100644
index 433c2a315..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_InsertRelativeDistinguishedName(rdnseq, i, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MClear.c b/security/nss/lib/pkix/src/RDNSequence/MClear.c
deleted file mode 100644
index 7df7eb099..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RDNSequence_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_Clear
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != rdnseq->ber ) {
- nss_ZFreeIf(rdnseq->ber->data);
- nss_ZFreeIf(rdnseq->ber);
- }
-
- if( (NSSDER *)NULL != rdnseq->der ) {
- nss_ZFreeIf(rdnseq->der->data);
- nss_ZFreeIf(rdnseq->der);
- }
-
- nss_ZFreeIf(rdnseq->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MCount.c b/security/nss/lib/pkix/src/RDNSequence/MCount.c
deleted file mode 100644
index 649721c9f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MCount.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RDNSequence_Count
- */
-
-NSS_IMPLEMENT void
-nss_pkix_RDNSequence_Count
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXRelativeDistinguishedName **)NULL != rdnseq->rdns);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rdnseq->rdns ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdnseq->count ) {
- PRUint32 i;
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdnseq->rdns[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- return;
- }
-#endif /* PEDANTIC */
-
- rdnseq->count = i;
- }
-
- return;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MVCreate.c b/security/nss/lib/pkix/src/RDNSequence/MVCreate.c
deleted file mode 100644
index caeb1995f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MVCreate.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RDNSequence_v_create
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nss_pkix_RDNSequence_v_create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, count);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXRelativeDistinguishedName *v = (NSSPKIXRelativeDistinguishedName *)
- va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-
-#ifdef NSSDEBUG
- /*
- * It's okay to test this down here, since
- * supposedly these have already been checked.
- */
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(v) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c
deleted file mode 100644
index 9d1ea4875..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- NSSPKIXRelativeDistinguishedName **na;
- NSSPKIXRelativeDistinguishedName *dup;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- na = (NSSPKIXRelativeDistinguishedName **)
- nss_ZRealloc(rdnseq->rdns, ((rdnseq->count+2) *
- sizeof(NSSPKIXRelativeDistinguishedName *)));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- rdnseq->rdns = na;
-
- dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- na[ rdnseq->count++ ] = dup;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreate.c b/security/nss/lib/pkix/src/RDNSequence/PCreate.c
deleted file mode 100644
index 0fdc6848f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreate.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRDNSequence *rv;
- PRUint32 count;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of RDNs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- va_end(ap);
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* NSSDEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RDNSequence_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c b/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c
deleted file mode 100644
index 0e244cb73..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdns[]
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(&rdns[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, (count+1));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXRelativeDistinguishedName *v = rdns[i];
-
- rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c b/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c
deleted file mode 100644
index 196332665..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Insert intelligence here -- fgmr */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDecode.c b/security/nss/lib/pkix/src/RDNSequence/PDecode.c
deleted file mode 100644
index 557f5bc32..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDecode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXRDNSequence_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDestroy.c b/security/nss/lib/pkix/src/RDNSequence/PDestroy.c
deleted file mode 100644
index 17cc846cf..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_RDNSequence_remove_pointer(rdnseq);
-#endif /* DEBUG */
-
- if( PR_TRUE == rdnseq->i_allocated_arena ) {
- return nssArena_Destroy(rdnseq->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c b/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c
deleted file mode 100644
index a57828692..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSBER *)NULL != rdnseq->ber ) {
- rv->ber = nssItem_Duplicate(rdnseq->ber, arena, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != rdnseq->der ) {
- rv->der = nssItem_Duplicate(rdnseq->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL != rdnseq->utf8 ) {
- rv->utf8 = nssUTF8_duplicate(rdnseq->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- rv->count = rdnseq->count;
-
- rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, (rv->count+1));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXRelativeDistinguishedName *v = rdnseq->rdns[i];
-
- rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PEncode.c b/security/nss/lib/pkix/src/RDNSequence/PEncode.c
deleted file mode 100644
index 5700fa099..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PEncode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != rdnseq->ber ) {
- it = rdnseq->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != rdnseq->der ) {
- it = rdnseq->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(rdnseq->arena, (NSSItem *)NULL, rdnseq,
- nssPKIXRDNSequence_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- rdnseq->ber = it;
- break;
- case NSSASN1DER:
- rdnseq->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PEqual.c b/security/nss/lib/pkix/src/RDNSequence/PEqual.c
deleted file mode 100644
index a1dd5af53..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PEqual.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-)
-{
- NSSPKIXRelativeDistinguishedName **a;
- NSSPKIXRelativeDistinguishedName **b;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
- return nssItem_Equal(one->der, two->der, statusOpt);
- }
-
- /*
- * Since this is a sequence, the order is significant.
- * So we just walk down both lists, comparing.
- */
-
- for( a = one->rdns, b = two->rdns; *a && *b; a++, b++ ) {
- if( PR_FALSE == nssPKIXRelativeDistinguishedName_Equal(*a, *b, statusOpt) ) {
- return PR_FALSE;
- }
- }
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- if( *a || *b ) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c
deleted file mode 100644
index 8064b9636..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- PRUint32 i;
- NSSPKIXRelativeDistinguishedName **a;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- for( i = 0, a = rdnseq->rdns; *a; a++, (i > 0x7fffffff) || i++ ) {
- if( PR_TRUE == nssPKIXRelativeDistinguishedName_Equal(*a, rdn) ) {
- if( i > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
- return (PRInt32)i;
- }
- }
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c
deleted file mode 100644
index 7ea20d259..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- return nssPKIXRelativeDistinguishedName_Duplicate(rdnseq->rdns[i], arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c
deleted file mode 100644
index a01077db1..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-#endif /* PEDANTIC */
-
- if( rdnseq->count > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-
- return (PRInt32)(rdnseq->count);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c
deleted file mode 100644
index 115480dfd..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName **
-nssPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXRelativeDistinguishedName **rv = (NSSPKIXRelativeDistinguishedName **)NULL;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (limit < rdnseq->count) &&
- !((0 == limit) && ((NSSPKIXRelativeDistinguishedName **)NULL == rvOpt)) ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-
- limit = rdnseq->count;
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rvOpt ) {
- rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXRelativeDistinguishedName *, limit);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- for( i = 0; i < limit; i++ ) {
- rv[i] = nssPKIXRelativedistinguishedName_Duplicate(rdnseq->rdns[i], arenaOpt);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv[i] ) {
- goto loser;
- }
- }
-
- return rv;
-
- loser:
- for( i = 0; i < limit; i++ ) {
- NSSPKIXRelativeDistinguishedName *x = rv[i];
- if( (NSSPKIXRelativeDistinguishedName *)NULL == x ) {
- break;
- }
- (void)nssPKIXRelativeDistinguishedName_Destroy(x);
- }
-
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSPKIXRelativeDistinguishedName **)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c
deleted file mode 100644
index 2250bf960..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == rdnseq->utf8 ) {
- /* xxx fgmr fill this in from pki1 implementation */
- }
-
- return nssUTF8_Duplicate(rdnseq->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c
deleted file mode 100644
index 213866694..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- NSSPKIXRelativeDistinguishedName **na;
- NSSPKIXRelativeDistinguishedName *dup;
- PRInt32 c;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- na = (NSSPKIXRelativeDistinguishedName **)
- nss_ZRealloc(rdnseq->rdns, ((rdnseq->count+2) *
- sizeof(NSSPKIXRelativeDistinguishedName *)));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- rdnseq->rdns = na;
-
- dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- for( c = rdnseq->count; c > i; c-- ) {
- na[ c ] = na[ c-1 ];
- }
-
- na[ i ] = dup;
- rdnseq->count++;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c
deleted file mode 100644
index 447620c77..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-)
-{
- NSSPKIXRelativeDistinguishedName **na;
- PRInt32 c;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]);
-
- rdnseq->rdns[i] = rdnseq->rdns[ rdnseq->count ];
- rdnseq->rdns[ rdnseq->count ] = (NSSPKIXRelativeDistinguishedName *)NULL;
- rdnseq->count--;
-
- na = (NSSPKIXRelativeDistinguishedName **)
- nss_ZRealloc(rdnseq->rdns, ((rdnseq->count) *
- sizeof(NSSPKIXRelativeDistinguishedName *)));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- rdnseq->rdns = na;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c
deleted file mode 100644
index 5c8123266..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- NSSPKIXRelativeDistinguishedName *dup;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]);
- rdnseq->rdns[i] = dup;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c
deleted file mode 100644
index b0320a4b7..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-)
-{
- NSSPKIXRelativeDistinguishedName **ip;
- NSSPKIXRelativeDistinguishedName **newarray;
- PRUint32 i;
- nssArenaMark *mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rdns ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdns[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdns[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- mark = nssArena_Mark(rdnseq->mark);
- if( (nssArenaMark *)NULL == mark ) {
- return PR_FAILURE;
- }
-
- newarray = nss_ZNEWARRAY(rdnseq->arena, NSSPKIXRelativeDistinguishedName *, countOpt);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == newarray ) {
- goto loser;
- }
-
- for( i = 0; i < countOpt; i++ ) {
- newarray[i] = nssPKIXRelativeDistinguishedName_Duplicate(rdns[i], rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == newarray[i] ) {
- goto loser;
- }
- }
-
- for( i = 0; i < rdnseq->count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]) ) {
- goto loser;
- }
- }
-
- nss_ZFreeIf(rdnseq->rdns);
-
- rdnseq->count = countOpt;
- rdnseq->rdns = newarray;
-
- (void)nss_pkix_RDNSequence_Clear(rdnseq);
-
- return nssArena_Unmark(rdnseq->arena, mark);
-
- loser:
- (void)nssArena_Release(a->arena, mark);
- return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c
deleted file mode 100644
index 141ab7f37..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_RemoveRelativeDistinguishedName(rdnseq, i);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c
deleted file mode 100644
index 7484eb55d..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_SetRelativeDistinguishedName(rdnseq, i, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c
deleted file mode 100644
index 40e7c8247..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rdns ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdns[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdns[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_SetRelativeDistinguishedNames(rdnseq, rdns, countOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/template.c b/security/nss/lib/pkix/src/RDNSequence/template.c
deleted file mode 100644
index ff5bbc0ba..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/template.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRDNSequence_template
- *
- */
-
-const nssASN1Template nssPKIXRDNSequence_template[] = {
- { nssASN1_SEQUENCE_OF, offsetof(NSSPKIXRDNSequence, rdns),
- nssPKIXRelativeDistinguishedName_template },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c b/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c
deleted file mode 100644
index 47a53a5c4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_rdnseq_pointer_tracker;
-
-/*
- * nss_pkix_RDNSequence_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXRDNSequence pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_add_pointer
-(
- const NSSPKIXRDNSequence *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdnseq_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_rdnseq_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(arena,
- nss_pkix_RDNSequence_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_RDNSequence_remove_pointer(p);
- return rv;
- }
-
-#ifdef NSSDEBUG
- {
- NSSPKIXRelativeDistinguishedName *r;
-
- for( r = p->rdns; *r; r++ ) {
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(*r) ) {
- (void)nss_pkix_RDNSequence_remove_pointer(p);
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_RDNSequence_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXRDNSequence
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_remove_pointer
-(
- const NSSPKIXRDNSequence *p
-)
-{
- PRStatus rv;
-
-#ifdef NSSDEBUG
- {
- NSSPKIXRelativeDistinguishedName *r;
-
- for( r = p->rdns; *r; r++ ) {
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(*r);
- }
- }
-#endif /* NSSDEBUG */
-
- rv = nssPointerTracker_remove(&pkix_rdnseq_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_RDNSequence_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXRDNSequence_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRDNSequence
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_verifyPointer
-(
- NSSPKIXRDNSequence *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdnseq_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_rdnseq_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c
deleted file mode 100644
index efb142396..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue(rdn, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c
deleted file mode 100644
index 52e139c69..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRelativeDistinguishedName *rv;
- PRUint32 count;
-
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of ATAVs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* DEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RelativeDistinguishedName_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c
deleted file mode 100644
index 0c01be4da..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs[]
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssAttributeTypeAndValue_verifyPointer(&atavs[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_CreateFromArray(arenaOpt, count, atavs);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c
deleted file mode 100644
index 990b7acd2..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c
deleted file mode 100644
index b8d0b243a..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c
deleted file mode 100644
index ca8b1e85f..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Destroy(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c
deleted file mode 100644
index 416b405e8..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Duplicate(rdn, arenaOpt);
-}
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c
deleted file mode 100644
index ea6b82a55..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Encode(rdn, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c
deleted file mode 100644
index 3e4a3fc3e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Equal(one, two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c
deleted file mode 100644
index 65032b1c1..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue(rdn, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c
deleted file mode 100644
index 1a58bd132..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue(rdn, i, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c
deleted file mode 100644
index 1209e726c..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return -1;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount(rdn);
-}
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c
deleted file mode 100644
index 7efc30173..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue **
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues(rdn, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c
deleted file mode 100644
index 9c428ae40..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetUTF8Encoding(rdn, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c
deleted file mode 100644
index 2b1a93820..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_Clear
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != rdn->ber ) {
- nss_ZFreeIf(rdn->ber->data);
- nss_ZFreeIf(rdn->ber);
- }
-
- if( (NSSDER *)NULL != rdn->der ) {
- nss_ZFreeIf(rdn->der->data);
- nss_ZFreeIf(rdn->der);
- }
-
- nss_ZFreeIf(rdn->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c
deleted file mode 100644
index 23d976160..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_Count
- */
-
-NSS_IMPLEMENT void
-nss_pkix_RelativeDistinguishedName_Count
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdn->count ) {
- PRUint32 i;
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rdn->atavs[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- return;
- }
-#endif /* PEDANTIC */
-
- rdn->count = i;
- }
-
- return;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c
deleted file mode 100644
index c40a4b6e7..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_v_create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nss_pkix_RelativeDistinguishedName_V_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->atav = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, count);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rv->atav ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXAttributeTypeAndValue *v = (NSSPKIXAttributeTypeAndValue *)
- va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-
-#ifdef NSSDEBUG
- /*
- * It's okay to test this down here, since
- * supposedly these have already been checked.
- */
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(v) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- rv->atav[i] = nssPKIXAttributeTypeAndValue_Duplicate(v, arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atav[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_RelativeDistinguishedName_remove_pointer, rv) ) {
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c
deleted file mode 100644
index 68541d17e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- PRUint32 newcount;
- NSSPKIXAttributeTypeAndValue **newarray;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- newcount = rdn->count+1;
- /* Check newcount for a rollover. */
-
- /* Remember that our atavs array is NULL-terminated */
- newarray = (NSSPKIXAttributeTypeAndValue **)nss_ZRealloc(rdn->atavs,
- ((newcount+1) * sizeof(NSSPKIXAttributeTypeAndValue *)));
- if( (NSSPKIXAttributeTypeAndValue **)NULL == newarray ) {
- return PR_FAILURE;
- }
-
- rdn->atavs = newarray;
-
- rdn->atavs[ rdn->count ] = nssPKIXAttributeTypeAndValue_Duplicate(atav, rdn->arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rdn->atavs[ rdn->count ] ) {
- return PR_FAILURE; /* array is "too big" but whatever */
- }
-
- rdn->count = newcount;
-
- return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c
deleted file mode 100644
index a3a1f7315..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRelativeDistinguishedName *rv;
- PRUint32 count;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of ATAVs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* NSSDEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RelativeDistinguishedName_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c
deleted file mode 100644
index fa7e27eed..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssAttributeTypeAndValue_verifyPointer(&atavs[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->atav = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, count);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rv->atav ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXAttributeTypeAndValue *v = atavs[i];
-
- rv->atav[i] = nssPKIXAttributeTypeAndValue_Duplicate(v, arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atav[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c
deleted file mode 100644
index 2f2f995be..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Insert intelligence here -- fgmr */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c
deleted file mode 100644
index ad1766280..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXRelativeDistinguishedName_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c
deleted file mode 100644
index 94b8fcf00..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(rdn);
-#endif /* DEBUG */
-
- if( PR_TRUE == rdn->i_allocated_arena ) {
- return nssArena_Destroy(rdn->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c
deleted file mode 100644
index 0277b7b01..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
- NSSPKIXAttributeTypeAndValue **from, **to;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSDER *)NULL != rdn->der ) {
- rv->der = nssItem_Duplicate(rdn->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (NSSBER *)NULL != rdn->ber ) {
- rv->ber = nssItem_Duplicate(rdn->ber, arena, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL != rdn->utf8 ) {
- rv->utf8 = nssUTF8_Duplicate(rdn->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- rv->count = rdn->count;
-
- {
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- if( 0 == rdn->count ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
- }
-
- rv->count = rdn->count; /* might as well save it */
- }
-
- rv->atavs = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, rdn->count + 1);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atavs ) {
- goto loser;
- }
- }
-
- for( from = &rdn->atavs[0], to = &rv->atavs[0]; *from; from++, to++ ) {
- *to = nssPKIXAttributeTypeAndValue_Duplicate(*from, arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == *to ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c
deleted file mode 100644
index d2af9470b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != rdn->ber ) {
- it = rdn->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != rdn->der ) {
- it = rdn->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(rdn->arena, (NSSItem *)NULL, rdn,
- nssPKIXRelativeDistinguishedName_template,
- encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- rdn->ber = it;
- break;
- case NSSASN1DER:
- rdn->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c
deleted file mode 100644
index 2ac566a8b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(one) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(two) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSDER *)NULL == one->der ) {
- one->der = nssASN1_EncodeItem(one->arena, (NSSItem *)NULL, one,
- nssPKIXRelativeDistinguishedName_template,
- NSSASN1DER);
- if( (NSSDER *)NULL == one->der ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL == two->der ) {
- two->der = nssASN1_EncodeItem(two->arena, (NSSItem *)NULL, two,
- nssPKIXRelativeDistinguishedName_template,
- NSSASN1DER);
- if( (NSSDER *)NULL == two->der ) {
- goto loser;
- }
- }
-
- return nssItem_Equal(one->der, two->der, statusOpt);
-
- loser:
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c
deleted file mode 100644
index ee7c55e10..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- PRUint32 i;
- NSSPKIXAttributeTypeAndValue **a;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return -1;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return -1;
- }
-
- for( i = 0, a = rdn->atavs; *a; a++, (i > 0x7fffffff) || i++ ) {
- if( PR_TRUE == nssPKIXAttributeTypeAndValue_Equal(*a, atav) ) {
- if( i > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
- return (PRInt32)i;
- }
- }
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c
deleted file mode 100644
index 22c3abac6..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- if( (i < 0) || (i >= rdn->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- return nssPKIXAttributeTypeAndValue_Duplicate(rdn->atavs[i], arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c
deleted file mode 100644
index df8e1b48e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdn->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-#endif /* PEDANTIC */
-
- if( rdn->count > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-
- return (PRInt32)(rdn->count);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c
deleted file mode 100644
index 7675d5ad3..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue **
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXAttributeTypeAndValue **rv = (NSSPKIXAttributeTypeAndValue **)NULL;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdn->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (limit < rdn->count) &&
- !((0 == limit) && ((NSSPKIXAttributeTypeAndValue **)NULL == rvOpt)) ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-
- limit = rdn->count;
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rvOpt ) {
- rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXAttributeTypeAndValue *, limit);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rv ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- for( i = 0; i < limit; i++ ) {
- rv[i] = nssPKIXAttributeTypeAndValue_Duplicate(rdn->atav[i], arenaOpt);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv[i] ) {
- goto loser;
- }
- }
-
- return rv;
-
- loser:
- for( i = 0; i < limit; i++ ) {
- NSSPKIXAttributeTypeAndValue *x = rv[i];
- if( (NSSPKIXAttributeTypeAndValue *)NULL == x ) {
- break;
- }
- (void)nssPKIXAttributeTypeAndValue_Destroy(x);
- }
-
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSPKIXAttributeTypeAndValue **)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c
deleted file mode 100644
index 01abf228c..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == rdn->utf8 ) {
- /* xxx fgmr fill this in from pki1 implementation */
- }
-
- return nssUTF8_Duplicate(rdn->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c
deleted file mode 100644
index 84b5cc819..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- if( i < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- /* Is there a technical minimum? */
- /*
- * if( 1 == rdn->count ) {
- * nss_SetError(NSS_ERROR_AT_MINIMUM);
- * return PR_FAILURE;
- * }
- */
-
-#ifdef PEDANTIC
- if( 0 == rdn->count ) {
- NSSPKIXAttributeTypeAndValue **ip;
- /* Too big.. but we can still remove one */
- nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]);
- for( ip = &rdn->atavs[i]; *ip; ip++ ) {
- ip[0] = ip[1];
- }
- } else
-#endif /* PEDANTIC */
-
- {
- NSSPKIXAttributeTypeAndValue *si;
- PRUint32 end;
-
- if( i >= rdn->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- end = rdn->count - 1;
-
- si = rdn->atavs[i];
- rdn->atavs[i] = rdn->atavs[end];
- rdn->atavs[end] = (NSSPKIXAttributeTypeAndValue *)NULL;
-
- nssPKIXAttributeTypeAndValue_Destroy(si);
-
- /* We could realloc down, but we know it's a no-op */
- rdn->count = end;
- }
-
- return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c
deleted file mode 100644
index 01439e2e7..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- NSSPKIXAttributeTypeAndValue *dup;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- if( (i < 0) || (i >= rdn->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- dup = nssPKIXAttributeTypeAndValue_Duplicate(atav, rdn->arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == dup ) {
- return PR_FAILURE;
- }
-
- nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]);
- rdn->atavs[i] = dup;
-
- return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c
deleted file mode 100644
index 839839ea2..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-)
-{
- NSSPKIXAttributeTypeAndValue **ip;
- NSSPKIXAttributeTypeAndValue **newarray;
- PRUint32 i;
- nssArenaMark *mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeTypeAndValues **)NULL == atavs ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0xffffffff; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atavs[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xffffffff == 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- reutrn PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- countOpt = i;
- }
-
- mark = nssArena_Mark(rdn->mark);
- if( (nssArenaMark *)NULL == mark ) {
- return PR_FAILURE;
- }
-
- newarray = nss_ZNEWARRAY(rdn->arena, NSSPKIXAttributeTypeAndValue *, countOpt);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == newarray ) {
- goto loser;
- }
-
- for( i = 0; i < countOpt; i++ ) {
- newarray[i] = nssPKIXAttributeTypeAndValue_Duplicate(atavs[i], rdn->arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == newarray[i] ) {
- goto loser;
- }
- }
-
- for( i = 0; i < rdn->count; i++ ) {
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]) ) {
- goto loser;
- }
- }
-
- nss_ZFreeIf(rdn->atavs);
-
- rdn->count = countOpt;
- rdn->atavs = newarray;
-
- (void)nss_pkix_RelativeDistinguishedName_Clear(rdn);
-
- return nssArena_Unmark(rdn->arena, mark);
-
- loser:
- (void)nssArena_Release(a->arena, mark);
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c
deleted file mode 100644
index b9f1deb66..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue(rdn, i);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c
deleted file mode 100644
index fa2224a6b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue(rdn, i, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c
deleted file mode 100644
index c6a8f0434..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeTypeAndValue **)NULL == atavs ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atavs[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atavs[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues(rdn, atavs, countOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c
deleted file mode 100644
index fff01836a..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_template
- *
- */
-
-const nssASN1Template nssPKIXRelativeDistinguishedName_template[] = {
- { nssASN1_SET_OF, offsetof(NSSPKIXRelativeDistinguishedName, atavs),
- nssPKIXAttributeTypeAndValue_template,
- sizeof(NSSPKIXRelativeDistinguishedName) }
-};
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c
deleted file mode 100644
index d7274abae..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_rdn_pointer_tracker;
-
-/*
- * nss_pkix_RelativeDistinguishedName_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXRelativeDistinguishedName pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_add_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdn_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_rdn_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(p->arena,
- nss_pkix_RelativeDistinguishedName_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(p);
- return rv;
- }
-
-#ifdef NSSDEBUG
- {
- NSSPKIXAttributeTypeAndValue *a;
-
- for( a = p->atavs; *a; a++ ) {
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(*a) ) {
- nss_pkix_RelativeDistinguishedName_remove_pointer(p);
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_RelativeDistinguishedName_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXRelativeDistinguishedName
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_remove_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-)
-{
- PRStatus rv;
-
-#ifdef NSSDEBUG
- {
- NSSPKIXAttributeTypeAndValue *a;
-
- for( a = p->atavs; *a; a++ ) {
- (void)nss_pkix_AttributeTypeAndValue_remove_pointer(*a);
- }
- }
-#endif /* NSSDEBUG */
-
- rv = nssPointerTracker_remove(&pkix_rdn_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_RelativeDistinguishedName_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRelativeDistinguishedName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_verifyPointer
-(
- NSSPKIXRelativeDistinguishedName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdn_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_rdn_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Time/Compare.c b/security/nss/lib/pkix/src/Time/Compare.c
deleted file mode 100644
index 3c0c2a83d..000000000
--- a/security/nss/lib/pkix/src/Time/Compare.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- * Returns 0 on error
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXTime_Compare
-(
- NSSPKIXTime *time1,
- NSSPKIXTime *time2,
- PRStatus *statusOpt
-)
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Compare(time1, time2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/CreateFromPRTime.c b/security/nss/lib/pkix/src/Time/CreateFromPRTime.c
deleted file mode 100644
index 909adb14e..000000000
--- a/security/nss/lib/pkix/src/Time/CreateFromPRTime.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_CreateFromPRTime(arenaOpt, prTime);
-}
diff --git a/security/nss/lib/pkix/src/Time/CreateFromUTF8.c b/security/nss/lib/pkix/src/Time/CreateFromUTF8.c
deleted file mode 100644
index 469741ac6..000000000
--- a/security/nss/lib/pkix/src/Time/CreateFromUTF8.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXTime *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_CreateFromUTF8(arenaOpt, utf8);
-}
diff --git a/security/nss/lib/pkix/src/Time/Decode.c b/security/nss/lib/pkix/src/Time/Decode.c
deleted file mode 100644
index 948dc0b93..000000000
--- a/security/nss/lib/pkix/src/Time/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXTime *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Time/Destroy.c b/security/nss/lib/pkix/src/Time/Destroy.c
deleted file mode 100644
index d694850ef..000000000
--- a/security/nss/lib/pkix/src/Time/Destroy.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Destroy
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-NSSPKIXTime_Destroy
-(
- NSSPKIXTime *time
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Destroy(time);
-}
diff --git a/security/nss/lib/pkix/src/Time/Duplicate.c b/security/nss/lib/pkix/src/Time/Duplicate.c
deleted file mode 100644
index dee6f61e9..000000000
--- a/security/nss/lib/pkix/src/Time/Duplicate.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Duplicate
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKXITime_Duplicate
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSPKXITime *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Duplicate(time, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/Encode.c b/security/nss/lib/pkix/src/Time/Encode.c
deleted file mode 100644
index 9063e4f3a..000000000
--- a/security/nss/lib/pkix/src/Time/Encode.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Encode
- *
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Encode(time, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/Equal.c b/security/nss/lib/pkix/src/Time/Equal.c
deleted file mode 100644
index 4ed05acd5..000000000
--- a/security/nss/lib/pkix/src/Time/Equal.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Equal
- *
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKXITime_Equal
-(
- NSSPKXITime *time1,
- NSSPKXITime *time2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Equal(time1, time2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/GetPRTime.c b/security/nss/lib/pkix/src/Time/GetPRTime.c
deleted file mode 100644
index 5871a482d..000000000
--- a/security/nss/lib/pkix/src/Time/GetPRTime.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_IMPLEMENT PRTime
-NSSPKIXTime_GetPRTime
-(
- NSSPKIXTime *time,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (PRTime)0;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_GetPRTime(time, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c b/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c
deleted file mode 100644
index 7fc383b81..000000000
--- a/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKXITime_GetUTF8Encoding
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_GetUTF8Encoding(time, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c b/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c
deleted file mode 100644
index 13805e65d..000000000
--- a/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXTime);
- if( (NSSPKIXTime *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->prTime = prTime;
- rv->prTimeValid = PR_TRUE;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c b/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c
deleted file mode 100644
index 1a15639ed..000000000
--- a/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXTime *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXTime);
- if( (NSSPKIXTime *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- /* fgmr base on nspr's pl implementation? */
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PDecode.c b/security/nss/lib/pkix/src/Time/PDecode.c
deleted file mode 100644
index 385665468..000000000
--- a/security/nss/lib/pkix/src/Time/PDecode.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXTime *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXTime);
- if( (NSSPKIXTime *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXTime_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PDestroy.c b/security/nss/lib/pkix/src/Time/PDestroy.c
deleted file mode 100644
index 973974b51..000000000
--- a/security/nss/lib/pkix/src/Time/PDestroy.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Destroy
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-nssPKIXTime_Destroy
-(
- NSSPKIXTime *time
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_Time_remove_pointer(time);
-#endif /* DEBUG */
-
- if( PR_TRUE == time->i_allocated_arena ) {
- return nssArena_Destroy(time->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Time/PEncode.c b/security/nss/lib/pkix/src/Time/PEncode.c
deleted file mode 100644
index 8904fac50..000000000
--- a/security/nss/lib/pkix/src/Time/PEncode.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Encode
- *
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
diff --git a/security/nss/lib/pkix/src/Time/template.c b/security/nss/lib/pkix/src/Time/template.c
deleted file mode 100644
index 38c4f3c78..000000000
--- a/security/nss/lib/pkix/src/Time/template.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXTime_template
- *
- */
-
-const nssASN1Template nssPKIXTime_template[] = {
- { nssASN1_INLINE, offsetof(NSSPKIXTime, asn1item),
- nssASN1Template_Any, sizeof(NSSPKIXTime) }
-};
diff --git a/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c b/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c
deleted file mode 100644
index 84df20054..000000000
--- a/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- PRStatus status = PR_SUCCESS;
- PRUint32 length;
- nss_ClearErrorStack();
-
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXX520Name *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXX520Name *)NULL;
- }
-#endif /* DEBUG */
-
- length = nssUTF8_Length(utf8, &status);
- if( PR_SUCCESS != status ) {
- if( NSS_ERROR_VALUE_TOO_LARGE == NSS_GetError() ) {
- nss_SetError(NSS_ERROR_STRING_TOO_LONG);
- }
- return (NSSPKIXX520Name *)NULL;
- }
-
- if( (length < 1 ) || (length > NSSPKIXX520Name_MAXIMUM_LENGTH) ) {
- nss_SetError(NSS_ERROR_STRING_TOO_LONG);
- }
-
- return nssPKIXX520Name_CreateFromUTF8(arenaOpt, utf8);
-}
-
-/*
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- * ub-name INTEGER ::= 32768
- */
-
-const PRUint32 NSSPKIXX520Name_MAXIMUM_LENGTH = 32768;
diff --git a/security/nss/lib/pkix/src/X520Name/Decode.c b/security/nss/lib/pkix/src/X520Name/Decode.c
deleted file mode 100644
index ac59d5598..000000000
--- a/security/nss/lib/pkix/src/X520Name/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Destroy.c b/security/nss/lib/pkix/src/X520Name/Destroy.c
deleted file mode 100644
index 49037d3b4..000000000
--- a/security/nss/lib/pkix/src/X520Name/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT NSSDER *
-NSSPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSDER *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Destroy(name);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Duplicate.c b/security/nss/lib/pkix/src/X520Name/Duplicate.c
deleted file mode 100644
index bcb4b5a2b..000000000
--- a/security/nss/lib/pkix/src/X520Name/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Duplicate(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Encode.c b/security/nss/lib/pkix/src/X520Name/Encode.c
deleted file mode 100644
index 83cfd5442..000000000
--- a/security/nss/lib/pkix/src/X520Name/Encode.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Encode(name, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Equal.c b/security/nss/lib/pkix/src/X520Name/Equal.c
deleted file mode 100644
index 75842e8f5..000000000
--- a/security/nss/lib/pkix/src/X520Name/Equal.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Equal(name1, name2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c b/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c
deleted file mode 100644
index 2e42124eb..000000000
--- a/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSDER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_GetUTF8Encoding(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/MDoUTF8.c b/security/nss/lib/pkix/src/X520Name/MDoUTF8.c
deleted file mode 100644
index 69cbf691e..000000000
--- a/security/nss/lib/pkix/src/X520Name/MDoUTF8.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_X520Name_DoUTF8
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-nss_pkix_X520Name_DoUTF8
-(
- NSSPKIXX520Name *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- PRUint8 tag = (*(PRUint8 *)name->string.data) & nssASN1_TAG_MASK;
- nssStringType type;
- void *data = (void *)&((PRUint8 *)name->string.data)[1];
- PRUint32 size = name->string.size-1;
-
- switch( tag ) {
- case nssASN1_TELETEX_STRING:
- type = nssStringType_TeletexString;
- break;
- case nssASN1_PRINTABLE_STRING:
- type = nssStringType_PrintableString;
- break;
- case nssASN1_UNIVERSAL_STRING:
- type = nssStringType_UniversalString;
- break;
- case nssASN1_BMP_STRING:
- type = nssStringType_BMPString;
- break;
- case nssASN1_UTF8_STRING:
- type = nssStringType_UTF8String;
- break;
- default:
- nss_SetError(NSS_ERROR_INVALID_BER);
- return PR_FAILURE;
- }
-
- name->utf8 = nssUTF8_Create(arenaOpt, type, data, size);
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- return PR_FAILURE;
- }
-
- if( nssASN1_PRINTABLE_STRING == tag ) {
- name->wasPrintable = PR_TRUE;
- }
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PCreate.c b/security/nss/lib/pkix/src/X520Name/PCreate.c
deleted file mode 100644
index c507a8f75..000000000
--- a/security/nss/lib/pkix/src/X520Name/PCreate.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSItem *data
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXX520Name *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(data) ) {
- return (NSSPKIXX520Name *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( type ) {
- case nssStringType_TeletexString:
- case nssStringType_PrintableString:
- case nssStringType_UniversalString:
- case nssStringType_UTF8String:
- case nssStringType_BMPString:
- break;
- default:
- nss_SetError(NSS_ERROR_INVALID_STRING_TYPE);
- goto loser;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- rv->utf8 = nssUTF8_Create(arenaOpt, type, data->data, data->size);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- if( nssStringType_PrintableString == type ) {
- rv->wasPrintable = PR_TRUE;
- }
-
- rv->der = nssUTF8_GetDEREncoding(arenaOpt, type, rv->utf8);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
-
- rv->string.size = rv->der->size;
- rv->string.data = nss_ZAlloc(arenaOpt, rv->string.size);
- if( (void *)NULL == rv->string.data ) {
- goto loser;
- }
-
- (void)nsslibc_memcpy(rv->string.data, rv->der->data, rv->string.size);
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- if( (NSSDER *)NULL != rv->der ) {
- nss_ZFreeIf(rv->der->data);
- nss_ZFreeIf(rv->der);
- }
-
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c b/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c
deleted file mode 100644
index 0459f8c51..000000000
--- a/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXX520Name *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXX520Name *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- rv->utf8 = nssUTF8_Duplicate(utf8, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /*
- * RFC 2459 states (s. 4.1.2.4) that certificates issued after
- * 2003-12-31 MUST encode strings as UTF8Strings, and until
- * then they may be encoded as PrintableStrings, BMPStrings,
- * or UTF8Strings (when the character sets allow). However, it
- * specifically notes that even before 2003-12-31, strings may
- * be encoded as UTF8Strings. So unless something important
- * breaks, I'll do UTF8Strings.
- */
-
- rv->der = nssUTF8_GetDEREncoding(arenaOpt, nssStringType_UTF8String,
- utf8);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
-
- rv->string.size = rv->der->size;
- rv->string.data = nss_ZAlloc(arenaOpt, rv->string.size);
- if( (void *)NULL == rv->string.data ) {
- goto loser;
- }
-
- (void)nsslibc_memcpy(rv->string.data, rv->der->size, rv->string.size);
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- if( (NSSDER *)NULL != rv->der ) {
- nss_ZFreeIf(rv->der->data);
- nss_ZFreeIf(rv->der);
- }
-
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDecode.c b/security/nss/lib/pkix/src/X520Name/PDecode.c
deleted file mode 100644
index 8228c8db4..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDecode.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arenaOpt, rv, nssPKIXX520_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDestroy.c b/security/nss/lib/pkix/src/X520Name/PDestroy.c
deleted file mode 100644
index 9a9bdaaa2..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDestroy.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSDER *
-nssPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( PR_TRUE != name->inArena ) {
- /*
- * Note that inArena is merely a hint. If this object was
- * created passively, this flag will be NULL no matter if
- * it was in an arena or not. However, you may safely
- * (try to) free memory in an NSSArena, so this isn't a
- * problem.
- */
-
- if( (NSSDER *)NULL != name->der ) {
- nss_ZFreeIf(name->der->data);
- nss_ZFreeIf(name->der);
- }
-
- nss_ZFreeIf(name->utf8);
- nss_ZFreeIf(name->string.data);
- nss_ZFreeIf(name);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDuplicate.c b/security/nss/lib/pkix/src/X520Name/PDuplicate.c
deleted file mode 100644
index a2b6d7e53..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDuplicate.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- rv->string.size = name->string.size;
- rv->string.data = nss_ZAlloc(arenaOpt, name->string.size);
- if( (void *)NULL == rv->string.data ) {
- goto loser;
- }
-
- (void)nsslibc_memcpy(rv->string.data, name->string.data, name->string.size);
-
- if( (NSSUTF8 *)NULL != name->utf8 ) {
- rv->utf8 = nssUTF8_Duplicate(name->utf8, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != name->der ) {
- rv->der = nssItem_Duplicate(name->der, arenaOpt, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- rv->wasPrintable = name->wasPrintable;
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- if( (NSSDER *)NULL != rv->der ) {
- nss_ZFreeIf(rv->der->data);
- nss_ZFreeIf(rv->der);
- }
-
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PEncode.c b/security/nss/lib/pkix/src/X520Name/PEncode.c
deleted file mode 100644
index d9f001bae..000000000
--- a/security/nss/lib/pkix/src/X520Name/PEncode.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSDER *)NULL == name->der ) {
- /* XXX fgmr */
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name) ) {
- return (NSSBER *)NULL;
- }
- }
-
- rv->der = nssUTF8_GetDEREncoding(arenaOpt, type, rv->utf8);
- if( (NSSDER *)NULL == rv->der ) {
- return (NSSBER *)NULL;
- }
- }
-
- return nssItem_Duplicate(name->der, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PEqual.c b/security/nss/lib/pkix/src/X520Name/PEqual.c
deleted file mode 100644
index 9ebe75005..000000000
--- a/security/nss/lib/pkix/src/X520Name/PEqual.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-)
-{
- PRBool rv;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name1) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name2) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name1->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name1) ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL == name2->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name2) ) {
- goto loser;
- }
- }
-
- if( (PR_TRUE == name1->wasPrintable) && (PR_TRUE == name2->wasPrintable) ) {
- return nssUTF8_PrintableMatch(name1->utf8, name2->utf8, statusOpt);
- }
-
- return nssUTF8_Equal(name1->utf8, name2->utf8, statusOpt);
-
- loser:
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c
deleted file mode 100644
index b023b1fea..000000000
--- a/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSDER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-
- return nssUTF8_Duplicate(rv->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/template.c b/security/nss/lib/pkix/src/X520Name/template.c
deleted file mode 100644
index 63f18e724..000000000
--- a/security/nss/lib/pkix/src/X520Name/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXX520Name_template
- *
- *
- */
-
-const nssASN1Template nssPKIXX520Name_template[] = {
- { nssASN1_ANY, offsetof(NSSPKIXX520Name, string), NULL,
- sizeof(NSSPKIXX520Name) },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/X520Name/verifyPointer.c b/security/nss/lib/pkix/src/X520Name/verifyPointer.c
deleted file mode 100644
index 9e447797d..000000000
--- a/security/nss/lib/pkix/src/X520Name/verifyPointer.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_x520_name_pointer_tracker;
-
-/*
- * nss_pkix_X520Name_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXX520Name pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_X520Name_add_pointer
-(
- const NSSPKIXX520Name *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_x520_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_x520_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_X520Name_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXX520Name
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_X520Name_remove_pointer
-(
- const NSSPKIXX520Name *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_x520_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssPKIXX520Name_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520Name
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXX520Name_verifyPointer
-(
- NSSPKIXX520Name *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_x520_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_X520_NAME);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_x520_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_X520_NAME);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
diff --git a/security/nss/lib/smime/Makefile b/security/nss/lib/smime/Makefile
deleted file mode 100644
index cb85677bc..000000000
--- a/security/nss/lib/smime/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/smime/cms.h b/security/nss/lib/smime/cms.h
deleted file mode 100644
index 0538f1a37..000000000
--- a/security/nss/lib/smime/cms.h
+++ /dev/null
@@ -1,1141 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interfaces of the CMS implementation.
- *
- * $Id$
- */
-
-#ifndef _CMS_H_
-#define _CMS_H_
-
-#include "seccomon.h"
-
-#include "secoidt.h"
-#include "certt.h"
-#include "keyt.h"
-#include "hasht.h"
-#include "cmst.h"
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/************************************************************************
- * cmsdecode.c - CMS decoding
- ************************************************************************/
-
-/*
- * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
- *
- * "poolp" - pointer to arena for message, or NULL if new pool should be created
- * "cb", "cb_arg" - callback function and argument for delivery of inner content
- * inner content will be stored in the message if cb is NULL.
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- */
-extern NSSCMSDecoderContext *
-NSS_CMSDecoder_Start(PRArenaPool *poolp,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
-
-/*
- * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
- */
-extern SECStatus
-NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len);
-
-/*
- * NSS_CMSDecoder_Cancel - cancel a decoding process
- */
-extern void
-NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx);
-
-/*
- * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
- */
-extern NSSCMSMessage *
-NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx);
-
-/*
- * NSS_CMSMessage_CreateFromDER - decode a CMS message from DER encoded data
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
-
-/************************************************************************
- * cmsencode.c - CMS encoding
- ************************************************************************/
-
-/*
- * NSS_CMSEncoder_Start - set up encoding of a CMS message
- *
- * "cmsg" - message to encode
- * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
- * will not be called if NULL.
- * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
- * "destpoolp" - pool to allocate DER-encoded output in
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-extern NSSCMSEncoderContext *
-NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
- NSSCMSContentCallback outputfn, void *outputarg,
- SECItem *dest, PLArenaPool *destpoolp,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
-
-/*
- * NSS_CMSEncoder_Update - take content data delivery from the user
- *
- * "p7ecx" - encoder context
- * "data" - content data
- * "len" - length of content data
- */
-extern SECStatus
-NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
-
-/*
- * NSS_CMSEncoder_Cancel - stop all encoding
- */
-extern SECStatus
-NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx);
-
-/*
- * NSS_CMSEncoder_Finish - signal the end of data
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-extern SECStatus
-NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx);
-
-/************************************************************************
- * cmsmessage.c - CMS message object
- ************************************************************************/
-
-/*
- * NSS_CMSMessage_Create - create a CMS message object
- *
- * "poolp" - arena to allocate memory from, or NULL if new arena should be created
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_Create(PLArenaPool *poolp);
-
-/*
- * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
- *
- * "cmsg" - message object
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- *
- * used internally.
- */
-extern void
-NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
-
-/*
- * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
- */
-extern void
-NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_Copy - return a copy of the given message.
- *
- * The copy may be virtual or may be real -- either way, the result needs
- * to be passed to NSS_CMSMessage_Destroy later (as does the original).
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_Copy(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
- */
-extern PLArenaPool *
-NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg);
-
-/*
- * Return a pointer to the actual content.
- * In the case of those types which are encrypted, this returns the *plain* content.
- * In case of nested contentInfos, this descends and retrieves the innermost content.
- */
-extern SECItem *
-NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
- *
- * CMS data content objects do not count.
- */
-extern int
-NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_ContentLevel - find content level #n
- *
- * CMS data content objects do not count.
- */
-extern NSSCMSContentInfo *
-NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n);
-
-/*
- * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
- */
-extern PRBool
-NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
- */
-extern PRBool
-NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
- *
- * If the CMS message has a SignedData with a signature (not just a SignedData)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-extern PRBool
-NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsContentEmpty - see if content is empty
- *
- * returns PR_TRUE is innermost content length is < minLen
- * XXX need the encrypted content length (why?)
- */
-extern PRBool
-NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen);
-
-/************************************************************************
- * cmscinfo.c - CMS contentInfo methods
- ************************************************************************/
-
-/*
- * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
- */
-extern void
-NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
- */
-extern NSSCMSContentInfo *
-NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_SetContent - set cinfo's content type & content to CMS object
- */
-extern SECStatus
-NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr);
-
-/*
- * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetType
- * set cinfo's content type & content to CMS object
- */
-extern SECStatus
-NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSContentInfo_GetContent - get pointer to inner content
- *
- * needs to be casted...
- */
-extern void *
-NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
- *
- * this is typically only called by NSS_CMSMessage_GetContent()
- */
-extern SECItem *
-NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
- * for future reference) and return the inner content type.
- */
-extern SECOidTag
-NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo);
-
-extern SECItem *
-NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
- * for future reference) and return the content encryption algorithm tag.
- */
-extern SECOidTag
-NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
- */
-extern SECAlgorithmID *
-NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECOidTag bulkalgtag, SECItem *parameters, int keysize);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECAlgorithmID *algid, int keysize);
-
-extern void
-NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey);
-
-extern PK11SymKey *
-NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo);
-
-extern int
-NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo);
-
-/************************************************************************
- * cmsutil.c - CMS misc utility functions
- ************************************************************************/
-
-/*
- * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
- *
- * make sure that the order of the objects guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in objs).
- */
-extern SECStatus
-NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2);
-
-/*
- * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
- * sort arrays of SECItems containing DER
- */
-extern int
-NSS_CMSUtil_DERCompare(void *a, void *b);
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algid - algorithmid of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-extern int
-NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid);
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algiddata - id of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-extern int
-NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray, SECOidTag algtag);
-
-extern const SECHashObject *
-NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid);
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-extern SECOidTag
-NSS_CMSUtil_MakeSignatureAlgorithm(SECOidTag hashalg, SECOidTag encalg);
-
-extern const SEC_ASN1Template *
-NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type);
-
-extern size_t
-NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type);
-
-extern NSSCMSContentInfo *
-NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type);
-
-extern const char *
-NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs);
-
-/************************************************************************
- * cmssigdata.c - CMS signedData methods
- ************************************************************************/
-
-extern NSSCMSSignedData *
-NSS_CMSSignedData_Create(NSSCMSMessage *cmsg);
-
-extern void
-NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
- * before start of encoding.
- *
- * In detail:
- * - find out about the right value to put into sigd->version
- * - come up with a list of digestAlgorithms (which should be the union of the algorithms
- * in the signerinfos).
- * If we happen to have a pre-set list of algorithms (and digest values!), we
- * check if we have all the signerinfos' algorithms. If not, this is an error.
- */
-extern SECStatus
-NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - create the signatures in all the SignerInfos
- *
- * Please note that nothing is done to the Certificates and CRLs in the message - this
- * is entirely the responsibility of our callers.
- */
-extern SECStatus
-NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the decoder.
- */
-extern SECStatus
-NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
- * after all decoding is finished.
- */
-extern SECStatus
-NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
- */
-extern NSSCMSSignerInfo **
-NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd);
-
-extern int
-NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd);
-
-extern NSSCMSSignerInfo *
-NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i);
-
-/*
- * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
- */
-extern SECAlgorithmID **
-NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
- */
-extern SECItem **
-NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
- SECCertUsage certusage, PRBool keepcerts);
-
-/*
- * NSS_CMSSignedData_HasDigests - see if we have digests in place
- */
-extern PRBool
-NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_VerifySignerInfo - check a signature.
- *
- * The digests were either calculated during decoding (and are stored in the
- * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
- *
- * The verification checks if the signing cert is valid and has a trusted chain
- * for the purpose specified by "certusage".
- */
-extern SECStatus
-NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i, CERTCertDBHandle *certdb,
- SECCertUsage certusage);
-
-/*
- * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
-*/
-extern SECStatus
-NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
- CERTCertDBHandle *certdb,
- SECCertUsage usage);
-
-extern SECStatus
-NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist);
-
-/*
- * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs
- */
-extern SECStatus
-NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert);
-
-extern SECStatus
-NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert);
-
-extern PRBool
-NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
- NSSCMSSignerInfo *signerinfo);
-
-extern SECItem *
-NSS_CMSSignedData_GetDigestByAlgTag(NSSCMSSignedData *sigd, SECOidTag algtag);
-
-extern SECStatus
-NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
- SECAlgorithmID **digestalgs,
- SECItem **digests);
-
-extern SECStatus
-NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digestdata);
-
-extern SECStatus
-NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
- NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digest);
-
-extern SECItem *
-NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag);
-
-/*
- * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
- *
- * cert - base certificates that will be included
- * include_chain - if true, include the complete cert chain for cert
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- */
-extern NSSCMSSignedData *
-NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain);
-
-/************************************************************************
- * cmssiginfo.c - signerinfo methods
- ************************************************************************/
-
-extern NSSCMSSignerInfo *
-NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag);
-extern NSSCMSSignerInfo *
-NSS_CMSSignerInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg, SECItem *subjKeyID, SECKEYPublicKey *pubKey, SECKEYPrivateKey *signingKey, SECOidTag digestalgtag);
-
-/*
- * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
- */
-extern void
-NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si);
-
-/*
- * NSS_CMSSignerInfo_Sign - sign something
- *
- */
-extern SECStatus
-NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
-
-extern SECStatus
-NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
- SECCertUsage certusage);
-
-/*
- * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
- *
- * Just verifies the signature. The assumption is that verification of the certificate
- * is done already.
- */
-extern SECStatus
-NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
-
-extern NSSCMSVerificationStatus
-NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo);
-
-extern SECOidData *
-NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo);
-
-extern SECOidTag
-NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo);
-
-extern int
-NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo);
-
-extern CERTCertificateList *
-NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
- * in UTCTime format, of a CMS signerInfo.
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to XXXX (what?)
- * A return value of NULL is an error.
- */
-extern SECStatus
-NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime);
-
-/*
- * Return the signing cert of a CMS signerInfo.
- *
- * the certs in the enclosing SignedData must have been imported already
- */
-extern CERTCertificate *
-NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb);
-
-/*
- * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-extern char *
-NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo);
-
-/*
- * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-extern char *
-NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo);
-
-/*
- * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
- * unauthenticated attributes of "signerinfo".
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will do nothing.
- *
- * XXX This will probably just shove the current time into "signerinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t);
-
-/*
- * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME).
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb);
-
-/*
- * NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo", using the OID prefered by Microsoft.
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME),
- * if compatibility with Microsoft mail clients is wanted.
- */
-SECStatus
-NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb);
-
-/*
- * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
- SECOidTag digestalg, CERTCertificate signingcert);
-
-/*
- * XXXX the following needs to be done in the S/MIME layer code
- * after signature of a signerinfo is verified
- */
-extern SECStatus
-NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
- */
-extern SECStatus
-NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage);
-
-/************************************************************************
- * cmsenvdata.c - CMS envelopedData methods
- ************************************************************************/
-
-/*
- * NSS_CMSEnvelopedData_Create - create an enveloped data message
- */
-extern NSSCMSEnvelopedData *
-NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
-
-/*
- * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
- */
-extern void
-NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp);
-
-/*
- * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
- *
- * rip must be created on the same pool as edp - this is not enforced, though.
- */
-extern SECStatus
-NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip);
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
- *
- * at this point, we need
- * - recipientinfos set up with recipient's certificates
- * - a content encryption algorithm (if none, 3DES will be used)
- *
- * this function will generate a random content encryption key (aka bulk key),
- * initialize the recipientinfos with certificate identification and wrap the bulk key
- * using the proper algorithm for every certificiate.
- * it will finally set the bulk algorithm and key so that the encode step can find it.
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
- * derive bulk key & set up our contentinfo
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd);
-
-
-/************************************************************************
- * cmsrecinfo.c - CMS recipientInfo methods
- ************************************************************************/
-
-/*
- * NSS_CMSRecipientInfo_Create - create a recipientinfo
- *
- * we currently do not create KeyAgreement recipientinfos with multiple recipientEncryptedKeys
- * the certificate is supposed to have been verified by the caller
- */
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert);
-
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg,
- SECItem *subjKeyID,
- SECKEYPublicKey *pubKey);
-
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert(NSSCMSMessage *cmsg,
- CERTCertificate *cert);
-
-/*
- * NSS_CMSRecipientInfo_CreateNew - create a blank recipientinfo for
- * applications which want to encode their own CMS structures and
- * key exchange types.
- */
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateNew(void* pwfn_arg);
-
-/*
- * NSS_CMSRecipientInfo_CreateFromDER - create a recipientinfo from partially
- * decoded DER data for applications which want to encode their own CMS
- * structures and key exchange types.
- */
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateFromDER(SECItem* input, void* pwfn_arg);
-
-extern void
-NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri);
-
-/*
- * NSS_CMSRecipientInfo_GetCertAndKey - retrieve the cert and key from the
- * recipientInfo struct. If retcert or retkey are NULL, the cert or
- * key (respectively) would not be returned). This function is a no-op if both
- * retcert and retkey are NULL. Caller inherits ownership of the cert and key
- * he requested (and is responsible to free them).
- */
-SECStatus NSS_CMSRecipientInfo_GetCertAndKey(NSSCMSRecipientInfo *ri,
- CERTCertificate** retcert, SECKEYPrivateKey** retkey);
-
-extern int
-NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri);
-
-extern SECItem *
-NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex);
-
-/*
- * NSS_CMSRecipientInfo_Encode - encode an NSS_CMSRecipientInfo as ASN.1
- */
-SECStatus NSS_CMSRecipientInfo_Encode(PRArenaPool* poolp,
- const NSSCMSRecipientInfo *src,
- SECItem* returned);
-
-extern SECOidTag
-NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri);
-
-extern SECStatus
-NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, SECOidTag bulkalgtag);
-
-extern PK11SymKey *
-NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
- CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag);
-
-/************************************************************************
- * cmsencdata.c - CMS encryptedData methods
- ************************************************************************/
-/*
- * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * "keysize" is the key size.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern NSSCMSEncryptedData *
-NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
-
-/*
- * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
- */
-extern void
-NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
- * before encoding begins.
- *
- * In particular:
- * - set the correct version value.
- * - get the encryption key
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd);
-
-/************************************************************************
- * cmsdigdata.c - CMS encryptedData methods
- ************************************************************************/
-/*
- * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
- *
- * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
- * digestAlg is passed as parameter
- * contentInfo must be filled by the user
- * digest will be calculated while encoding
- */
-extern NSSCMSDigestedData *
-NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg);
-
-/*
- * NSS_CMSDigestedData_Destroy - destroy a digestedData object
- */
-extern void
-NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
- * before encoding begins.
- *
- * In particular:
- * - set the right version number. The contentInfo's content type must be set up already.
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
- *
- * In detail:
- * - check the digests for equality
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd);
-
-/************************************************************************
- * cmsdigest.c - digestion routines
- ************************************************************************/
-
-/*
- * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
- * digest algorithms in "digestalgs" in parallel.
- */
-extern NSSCMSDigestContext *
-NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs);
-
-/*
- * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
- * only one algorithm.
- */
-extern NSSCMSDigestContext *
-NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg);
-
-/*
- * NSS_CMSDigestContext_Update - feed more data into the digest machine
- */
-extern void
-NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len);
-
-/*
- * NSS_CMSDigestContext_Cancel - cancel digesting operation
- */
-extern void
-NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx);
-
-/*
- * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
- * into an array of SECItems (allocated on poolp)
- */
-extern SECStatus
-NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem ***digestsp);
-
-/*
- * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
- * but for one digest.
- */
-extern SECStatus
-NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem *digest);
-
-/************************************************************************
- *
- ************************************************************************/
-
-/* shortcuts for basic use */
-
-/*
- * NSS_CMSDEREncode - DER Encode a CMS message, with input being
- * the plaintext message and derOut being the output,
- * stored in arena's pool.
- */
-extern SECStatus
-NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut,
- PLArenaPool *arena);
-
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _CMS_H_ */
diff --git a/security/nss/lib/smime/cmsarray.c b/security/nss/lib/smime/cmsarray.c
deleted file mode 100644
index 68d7e1963..000000000
--- a/security/nss/lib/smime/cmsarray.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS array functions.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secerr.h"
-
-/*
- * ARRAY FUNCTIONS
- *
- * In NSS, arrays are rather primitive arrays of pointers.
- * Makes it easy to walk the array, but hard to count elements
- * and manage the storage.
- *
- * This is a feeble attempt to encapsulate the functionality
- * and get rid of hundreds of lines of similar code
- */
-
-/*
- * NSS_CMSArray_Alloc - allocate an array in an arena
- *
- * This allocates space for the array of pointers
- */
-void **
-NSS_CMSArray_Alloc(PRArenaPool *poolp, int n)
-{
- return (void **)PORT_ArenaZAlloc(poolp, n * sizeof(void *));
-}
-
-/*
- * NSS_CMSArray_Add - add an element to the end of an array
- *
- * The array of pointers is either created (if array was empty before) or grown.
- */
-SECStatus
-NSS_CMSArray_Add(PRArenaPool *poolp, void ***array, void *obj)
-{
- void **p;
- int n;
- void **dest;
-
- PORT_Assert(array != NULL);
- if (array == NULL)
- return SECFailure;
-
- if (*array == NULL) {
- dest = (void **)PORT_ArenaAlloc(poolp, 2 * sizeof(void *));
- n = 0;
- } else {
- n = 0; p = *array;
- while (*p++)
- n++;
- dest = (void **)PORT_ArenaGrow (poolp,
- *array,
- (n + 1) * sizeof(void *),
- (n + 2) * sizeof(void *));
- }
- dest[n] = obj;
- dest[n+1] = NULL;
- *array = dest;
- return SECSuccess;
-}
-
-/*
- * NSS_CMSArray_IsEmpty - check if array is empty
- */
-PRBool
-NSS_CMSArray_IsEmpty(void **array)
-{
- return (array == NULL || array[0] == NULL);
-}
-
-/*
- * NSS_CMSArray_Count - count number of elements in array
- */
-int
-NSS_CMSArray_Count(void **array)
-{
- int n = 0;
-
- if (array == NULL)
- return 0;
-
- while (*array++ != NULL)
- n++;
-
- return n;
-}
-
-/*
- * NSS_CMSArray_Sort - sort an array in place
- *
- * If "secondary" or "tertiary are not NULL, it must be arrays with the same
- * number of elements as "primary". The same reordering will get applied to it.
- *
- * "compare" is a function that returns
- * < 0 when the first element is less than the second
- * = 0 when the first element is equal to the second
- * > 0 when the first element is greater than the second
- * to acheive ascending ordering.
- */
-void
-NSS_CMSArray_Sort(void **primary, int (*compare)(void *,void *), void **secondary, void **tertiary)
-{
- int n, i, limit, lastxchg;
- void *tmp;
-
- n = NSS_CMSArray_Count(primary);
-
- PORT_Assert(secondary == NULL || NSS_CMSArray_Count(secondary) == n);
- PORT_Assert(tertiary == NULL || NSS_CMSArray_Count(tertiary) == n);
-
- if (n <= 1) /* ordering is fine */
- return;
-
- /* yes, ladies and gentlemen, it's BUBBLE SORT TIME! */
- limit = n - 1;
- while (1) {
- lastxchg = 0;
- for (i = 0; i < limit; i++) {
- if ((*compare)(primary[i], primary[i+1]) > 0) {
- /* exchange the neighbours */
- tmp = primary[i+1];
- primary[i+1] = primary[i];
- primary[i] = tmp;
- if (secondary) { /* secondary array? */
- tmp = secondary[i+1]; /* exchange there as well */
- secondary[i+1] = secondary[i];
- secondary[i] = tmp;
- }
- if (tertiary) { /* tertiary array? */
- tmp = tertiary[i+1]; /* exchange there as well */
- tertiary[i+1] = tertiary[i];
- tertiary[i] = tmp;
- }
- lastxchg = i+1; /* index of the last element bubbled up */
- }
- }
- if (lastxchg == 0) /* no exchanges, so array is sorted */
- break; /* we're done */
- limit = lastxchg; /* array is sorted up to [limit] */
- }
-}
-
-#if 0
-
-/* array iterator stuff... not used */
-
-typedef void **NSSCMSArrayIterator;
-
-/* iterator */
-NSSCMSArrayIterator
-NSS_CMSArray_First(void **array)
-{
- if (array == NULL || array[0] == NULL)
- return NULL;
- return (NSSCMSArrayIterator)&(array[0]);
-}
-
-void *
-NSS_CMSArray_Obj(NSSCMSArrayIterator iter)
-{
- void **p = (void **)iter;
-
- return *iter; /* which is NULL if we are at the end of the array */
-}
-
-NSSCMSArrayIterator
-NSS_CMSArray_Next(NSSCMSArrayIterator iter)
-{
- void **p = (void **)iter;
-
- return (NSSCMSArrayIterator)(p + 1);
-}
-
-#endif
diff --git a/security/nss/lib/smime/cmsasn1.c b/security/nss/lib/smime/cmsasn1.c
deleted file mode 100644
index be44c7524..000000000
--- a/security/nss/lib/smime/cmsasn1.c
+++ /dev/null
@@ -1,575 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS ASN.1 templates
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_BitStringTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
-
-/* -----------------------------------------------------------------------------
- * MESSAGE
- * (uses NSSCMSContentInfo)
- */
-
-/* forward declaration */
-static const SEC_ASN1Template *
-nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
-
-static const SEC_ASN1TemplateChooserPtr nss_cms_chooser
- = nss_cms_choose_content_template;
-
-const SEC_ASN1Template NSSCMSMessageTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSMessage) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSMessage,contentInfo.contentType) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSMessage,contentInfo.content),
- &nss_cms_chooser },
- { 0 }
-};
-
-static const SEC_ASN1Template NSS_PointerToCMSMessageTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSMessageTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * ENCAPSULATED & ENCRYPTED CONTENTINFO
- * (both use a NSSCMSContentInfo)
- */
-static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSContentInfo,contentType) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSContentInfo,rawContent),
- SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSContentInfo,contentType) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSContentInfo,contentEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSContentInfo,rawContent),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * SIGNED DATA
- */
-
-const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
-
-const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSSignedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSSignedData,version) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignedData,digestAlgorithms),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSSignedData,contentInfo),
- NSSCMSEncapsulatedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSSignedData,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSSignedData,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { SEC_ASN1_SET_OF,
- offsetof(NSSCMSSignedData,signerInfos),
- NSSCMSSignerInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * signeridentifier
- */
-
-static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSSignerIdentifier,identifierType), NULL,
- sizeof(NSSCMSSignerIdentifier) },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSSignerIdentifier,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
- NSSCMSRecipientID_SubjectKeyID },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignerIdentifier,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSRecipientID_IssuerSN },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * signerinfo
- */
-
-const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSignerInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSSignerInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSSignerInfo,signerIdentifier),
- NSSCMSSignerIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignerInfo,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSSignerInfo,authAttr),
- nss_cms_set_of_attribute_template },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignerInfo,digestEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSignerInfo,encDigest) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSSignerInfo,unAuthAttr),
- nss_cms_set_of_attribute_template },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * ENVELOPED DATA
- */
-
-static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSOriginatorInfo) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSOriginatorInfo,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSOriginatorInfo,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
-
-const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSEnvelopedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSEnvelopedData,version) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSEnvelopedData,originatorInfo),
- NSSCMSOriginatorInfoTemplate },
- { SEC_ASN1_SET_OF,
- offsetof(NSSCMSEnvelopedData,recipientInfos),
- NSSCMSRecipientInfoTemplate },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSEnvelopedData,contentInfo),
- NSSCMSEncryptedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSEnvelopedData,unprotectedAttr),
- nss_cms_set_of_attribute_template },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
-};
-
-/* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
-
-/* -----------------------------------------------------------------------------
- * key transport recipient info
- */
-
-static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSRecipientIdentifier,identifierType), NULL,
- sizeof(NSSCMSRecipientIdentifier) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
- NSSCMSRecipientID_SubjectKeyID },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSRecipientID_IssuerSN },
- { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSKeyTransRecipientInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier),
- NSSCMSRecipientIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKeyTransRecipientInfo,encKey) },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * key agreement recipient info
- */
-
-static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSOriginatorPublicKey,publicKey),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL,
- sizeof(NSSCMSOriginatorIdentifierOrKey) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSOriginatorIDOrKey_IssuerSN },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
- NSSCMSOriginatorIDOrKey_SubjectKeyID },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey),
- NSSCMSOriginatorPublicKeyTemplate,
- NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
- { 0 }
-};
-
-const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSRecipientKeyIdentifier,subjectKeyIdentifier) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSRecipientKeyIdentifier,date) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSRecipientKeyIdentifier,other) },
- { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL,
- sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSKeyAgreeRecipientID_IssuerSN },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
- NSSCMSRecipientKeyIdentifierTemplate,
- NSSCMSKeyAgreeRecipientID_RKeyID },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier),
- NSSCMSKeyAgreeRecipientIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSRecipientEncryptedKey,encKey),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSKeyAgreeRecipientInfo,version) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey),
- NSSCMSOriginatorIdentifierOrKeyTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSKeyAgreeRecipientInfo,ukm),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys),
- NSSCMSRecipientEncryptedKeyTemplate },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * KEK recipient info
- */
-
-static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKEKIdentifier) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKIdentifier,keyIdentifier) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKIdentifier,date) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKIdentifier,other) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSKEKRecipientInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSKEKRecipientInfo,kekIdentifier),
- NSSCMSKEKIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSKEKRecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKRecipientInfo,encKey) },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * recipient info
- */
-const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSRecipientInfo,recipientInfoType), NULL,
- sizeof(NSSCMSRecipientInfo) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSRecipientInfo,ri.keyAgreeRecipientInfo),
- NSSCMSKeyAgreeRecipientInfoTemplate,
- NSSCMSRecipientInfoID_KeyAgree },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(NSSCMSRecipientInfo,ri.kekRecipientInfo),
- NSSCMSKEKRecipientInfoTemplate,
- NSSCMSRecipientInfoID_KEK },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSRecipientInfo,ri.keyTransRecipientInfo),
- NSSCMSKeyTransRecipientInfoTemplate,
- NSSCMSRecipientInfoID_KeyTrans },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- *
- */
-
-const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSDigestedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSDigestedData,version) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSDigestedData,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSDigestedData,contentInfo),
- NSSCMSEncapsulatedContentInfoTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSDigestedData,digest) },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
-};
-
-const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSEncryptedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSEncryptedData,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSEncryptedData,contentInfo),
- NSSCMSEncryptedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSEncryptedData,unprotectedAttr),
- nss_cms_set_of_attribute_template },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * FORTEZZA KEA
- */
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(NSSCMSSMIMEKEAParameters,bulkKeySize) },
- { 0 }
-};
-
-const SEC_ASN1Template *
-nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate)
-{
- const SEC_ASN1Template *returnVal = NULL;
-
- switch(whichTemplate)
- {
- case NSSCMSKEAUsesNonSkipjack:
- returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
- break;
- case NSSCMSKEAUsesSkipjack:
- returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
- break;
- case NSSCMSKEAUsesNonSkipjackWithPaddedEncKey:
- default:
- returnVal = NSS_SMIMEKEAParamTemplateAllParams;
- break;
- }
- return returnVal;
-}
-
-/* -----------------------------------------------------------------------------
- *
- */
-static const SEC_ASN1Template *
-nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- NSSCMSContentInfo *cinfo;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- cinfo = (NSSCMSContentInfo *)src_or_dest;
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS7_DATA:
- theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- theTemplate = NSS_PointerToCMSSignedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- theTemplate = NSS_PointerToCMSDigestedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
- break;
- }
- return theTemplate;
-}
diff --git a/security/nss/lib/smime/cmsattr.c b/security/nss/lib/smime/cmsattr.c
deleted file mode 100644
index 4217e6c78..000000000
--- a/security/nss/lib/smime/cmsattr.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS attributes.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-/*
- * -------------------------------------------------------------------
- * XXX The following Attribute stuff really belongs elsewhere.
- * The Attribute type is *not* part of CMS but rather X.501.
- * But for now, since CMS is the only customer of attributes,
- * we define them here. Once there is a use outside of CMS,
- * then change the attribute types and functions from internal
- * to external naming convention, and move them elsewhere!
- */
-
-
-/*
- * NSS_CMSAttribute_Create - create an attribute
- *
- * if value is NULL, the attribute won't have a value. It can be added later
- * with NSS_CMSAttribute_AddValue.
- */
-NSSCMSAttribute *
-NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded)
-{
- NSSCMSAttribute *attr;
- SECItem *copiedvalue;
- void *mark;
-
- PORT_Assert (poolp != NULL);
-
- mark = PORT_ArenaMark (poolp);
-
- attr = (NSSCMSAttribute *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSAttribute));
- if (attr == NULL)
- goto loser;
-
- attr->typeTag = SECOID_FindOIDByTag(oidtag);
- if (attr->typeTag == NULL)
- goto loser;
-
- if (SECITEM_CopyItem(poolp, &(attr->type), &(attr->typeTag->oid)) != SECSuccess)
- goto loser;
-
- if (value != NULL) {
- if ((copiedvalue = SECITEM_AllocItem(poolp, NULL, value->len)) == NULL)
- goto loser;
-
- if (SECITEM_CopyItem(poolp, copiedvalue, value) != SECSuccess)
- goto loser;
-
- NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)copiedvalue);
- }
-
- attr->encoded = encoded;
-
- PORT_ArenaUnmark (poolp, mark);
-
- return attr;
-
-loser:
- PORT_Assert (mark != NULL);
- PORT_ArenaRelease (poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSAttribute_AddValue - add another value to an attribute
- */
-SECStatus
-NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value)
-{
- SECItem copiedvalue;
- void *mark;
-
- PORT_Assert (poolp != NULL);
-
- mark = PORT_ArenaMark(poolp);
-
- /* XXX we need an object memory model #$%#$%! */
- if (SECITEM_CopyItem(poolp, &copiedvalue, value) != SECSuccess)
- goto loser;
-
- if (NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)&copiedvalue) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_Assert (mark != NULL);
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSAttribute_GetType - return the OID tag
- */
-SECOidTag
-NSS_CMSAttribute_GetType(NSSCMSAttribute *attr)
-{
- SECOidData *typetag;
-
- typetag = SECOID_FindOID(&(attr->type));
- if (typetag == NULL)
- return SEC_OID_UNKNOWN;
-
- return typetag->offset;
-}
-
-/*
- * NSS_CMSAttribute_GetValue - return the first attribute value
- *
- * We do some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-SECItem *
-NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr)
-{
- SECItem *value;
-
- if (attr == NULL)
- return NULL;
-
- value = attr->values[0];
-
- if (value == NULL || value->data == NULL || value->len == 0)
- return NULL;
-
- if (attr->values[1] != NULL)
- return NULL;
-
- return value;
-}
-
-/*
- * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
- */
-PRBool
-NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av)
-{
- SECItem *value;
-
- if (attr == NULL)
- return PR_FALSE;
-
- value = NSS_CMSAttribute_GetValue(attr);
-
- return (value != NULL && value->len == av->len &&
- PORT_Memcmp (value->data, av->data, value->len) == 0);
-}
-
-/*
- * templates and functions for separate ASN.1 encoding of attributes
- *
- * used in NSS_CMSAttributeArray_Reorder
- */
-
-/*
- * helper function for dynamic template determination of the attribute value
- */
-static const SEC_ASN1Template *
-cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- NSSCMSAttribute *attribute;
- SECOidData *oiddata;
- PRBool encoded;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- attribute = (NSSCMSAttribute *)src_or_dest;
-
- if (encoding && attribute->encoded)
- /* we're encoding, and the attribute value is already encoded. */
- return SEC_ASN1_GET(SEC_AnyTemplate);
-
- /* get attribute's typeTag */
- oiddata = attribute->typeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&attribute->type);
- attribute->typeTag = oiddata;
- }
-
- if (oiddata == NULL) {
- /* still no OID tag? OID is unknown then. en/decode value as ANY. */
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- } else {
- switch (oiddata->offset) {
- case SEC_OID_PKCS9_SMIME_CAPABILITIES:
- case SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE:
- /* these guys need to stay DER-encoded */
- default:
- /* same goes for OIDs that are not handled here */
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- /* otherwise choose proper template */
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- case SEC_OID_RFC1274_MAIL:
- case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
- break;
- case SEC_OID_PKCS9_MESSAGE_DIGEST:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate);
- break;
- /* XXX Want other types here, too */
- }
- }
-
- if (encoding) {
- /*
- * If we are encoding and we think we have an already-encoded value,
- * then the code which initialized this attribute should have set
- * the "encoded" property to true (and we would have returned early,
- * up above). No devastating error, but that code should be fixed.
- * (It could indicate that the resulting encoded bytes are wrong.)
- */
- PORT_Assert (!encoded);
- } else {
- /*
- * We are decoding; record whether the resulting value is
- * still encoded or not.
- */
- attribute->encoded = encoded;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1TemplateChooserPtr cms_attr_chooser
- = cms_attr_choose_attr_value_template;
-
-const SEC_ASN1Template nss_cms_attribute_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSAttribute) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSAttribute,type) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
- offsetof(NSSCMSAttribute,values),
- &cms_attr_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template nss_cms_set_of_attribute_template[] = {
- { SEC_ASN1_SET_OF, 0, nss_cms_attribute_template },
-};
-
-/* =============================================================================
- * Attribute Array methods
- */
-
-/*
- * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
- *
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in cmsencode.c. (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-SECItem *
-NSS_CMSAttributeArray_Encode(PRArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest)
-{
- return SEC_ASN1EncodeItem (poolp, dest, (void *)attrs, nss_cms_set_of_attribute_template);
-}
-
-/*
- * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
- *
- * make sure that the order of the attributes guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in attrs).
- */
-SECStatus
-NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs)
-{
- return NSS_CMSArray_SortByDER((void **)attrs, nss_cms_attribute_template, NULL);
-}
-
-/*
- * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
- * find one that matches the specified object ID.
- *
- * If "only" is true, then make sure that there is not more than one attribute
- * of the same type. Otherwise, just return the first one found. (XXX Does
- * anybody really want that first-found behavior? It was like that when I found it...)
- */
-NSSCMSAttribute *
-NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only)
-{
- SECOidData *oid;
- NSSCMSAttribute *attr1, *attr2;
-
- if (attrs == NULL)
- return NULL;
-
- oid = SECOID_FindOIDByTag(oidtag);
- if (oid == NULL)
- return NULL;
-
- while ((attr1 = *attrs++) != NULL) {
- if (attr1->type.len == oid->oid.len && PORT_Memcmp (attr1->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr1 == NULL)
- return NULL;
-
- if (!only)
- return attr1;
-
- while ((attr2 = *attrs++) != NULL) {
- if (attr2->type.len == oid->oid.len && PORT_Memcmp (attr2->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr2 != NULL)
- return NULL;
-
- return attr1;
-}
-
-/*
- * NSS_CMSAttributeArray_AddAttr - add an attribute to an
- * array of attributes.
- */
-SECStatus
-NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr)
-{
- NSSCMSAttribute *oattr;
- void *mark;
- SECOidTag type;
-
- mark = PORT_ArenaMark(poolp);
-
- /* find oidtag of attr */
- type = NSS_CMSAttribute_GetType(attr);
-
- /* see if we have one already */
- oattr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
- PORT_Assert (oattr == NULL);
- if (oattr != NULL)
- goto loser; /* XXX or would it be better to replace it? */
-
- /* no, shove it in */
- if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
- */
-SECStatus
-NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECOidTag type, SECItem *value, PRBool encoded)
-{
- NSSCMSAttribute *attr;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
-
- /* see if we have one already */
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
- if (attr == NULL) {
- /* not found? create one! */
- attr = NSS_CMSAttribute_Create(poolp, type, value, encoded);
- if (attr == NULL)
- goto loser;
- /* and add it to the list */
- if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
- goto loser;
- } else {
- /* found, shove it in */
- /* XXX we need a decent memory model @#$#$!#!!! */
- attr->values[0] = value;
- attr->encoded = encoded;
- }
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c
deleted file mode 100644
index 85756a536..000000000
--- a/security/nss/lib/smime/cmscinfo.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS contentInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSContentInfo_Create - create a content info
- *
- * version is set in the _Finalize procedures for each content type
- */
-
-/*
- * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
- */
-void
-NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo)
-{
- SECOidTag kind;
-
- kind = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- NSS_CMSEnvelopedData_Destroy(cinfo->content.envelopedData);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- NSS_CMSSignedData_Destroy(cinfo->content.signedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- NSS_CMSEncryptedData_Destroy(cinfo->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- NSS_CMSDigestedData_Destroy(cinfo->content.digestedData);
- break;
- default:
- /* XXX Anything else that needs to be "manually" freed/destroyed? */
- break;
- }
- if (cinfo->bulkkey)
- PK11_FreeSymKey(cinfo->bulkkey);
-
- if (cinfo->ciphcx) {
- NSS_CMSCipherContext_Destroy(cinfo->ciphcx);
- cinfo->ciphcx = NULL;
- }
-
- /* we live in a pool, so no need to worry about storage */
-}
-
-/*
- * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
- */
-NSSCMSContentInfo *
-NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo)
-{
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_DATA:
- return NULL;
- case SEC_OID_PKCS7_SIGNED_DATA:
- return &(cinfo->content.signedData->contentInfo);
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- return &(cinfo->content.envelopedData->contentInfo);
- case SEC_OID_PKCS7_DIGESTED_DATA:
- return &(cinfo->content.digestedData->contentInfo);
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return &(cinfo->content.encryptedData->contentInfo);
- default:
- return NULL;
- }
-}
-
-/*
- * NSS_CMSContentInfo_SetContent - set content type & content
- */
-SECStatus
-NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr)
-{
- SECStatus rv;
-
- cinfo->contentTypeTag = SECOID_FindOIDByTag(type);
- if (cinfo->contentTypeTag == NULL)
- return SECFailure;
-
- /* do not copy the oid, just create a reference */
- rv = SECITEM_CopyItem (cmsg->poolp, &(cinfo->contentType), &(cinfo->contentTypeTag->oid));
- if (rv != SECSuccess)
- return SECFailure;
-
- cinfo->content.pointer = ptr;
-
- if (type != SEC_OID_PKCS7_DATA) {
- /* as we always have some inner data,
- * we need to set it to something, just to fool the encoder enough to work on it
- * and get us into nss_cms_encoder_notify at that point */
- cinfo->rawContent = SECITEM_AllocItem(cmsg->poolp, NULL, 1);
- if (cinfo->rawContent == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetContent
- */
-
-/*
- * data == NULL -> pass in data via NSS_CMSEncoder_Update
- * data != NULL -> take this data
- */
-SECStatus
-NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached)
-{
- if (NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DATA, (void *)data) != SECSuccess)
- return SECFailure;
- cinfo->rawContent = (detached) ?
- NULL : (data) ?
- data : SECITEM_AllocItem(cmsg->poolp, NULL, 1);
- return SECSuccess;
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_SIGNED_DATA, (void *)sigd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENVELOPED_DATA, (void *)envd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DIGESTED_DATA, (void *)digd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENCRYPTED_DATA, (void *)encd);
-}
-
-/*
- * NSS_CMSContentInfo_GetContent - get pointer to inner content
- *
- * needs to be casted...
- */
-void *
-NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo)
-{
- switch (cinfo->contentTypeTag->offset) {
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return cinfo->content.pointer;
- default:
- return NULL;
- }
-}
-
-/*
- * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
- *
- * this is typically only called by NSS_CMSMessage_GetContent()
- */
-SECItem *
-NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo)
-{
- NSSCMSContentInfo *ccinfo;
-
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_DATA:
- return cinfo->content.data; /* end of recursion - every message has to have a data cinfo */
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- if ((ccinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) == NULL)
- break;
- return NSS_CMSContentInfo_GetContent(ccinfo);
- default:
- PORT_Assert(0);
- break;
- }
- return NULL;
-}
-
-/*
- * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
- * for future reference) and return the inner content type.
- */
-SECOidTag
-NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag == NULL)
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
- if (cinfo->contentTypeTag == NULL)
- return SEC_OID_UNKNOWN;
-
- return cinfo->contentTypeTag->offset;
-}
-
-SECItem *
-NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag == NULL)
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
- if (cinfo->contentTypeTag == NULL)
- return NULL;
-
- return &(cinfo->contentTypeTag->oid);
-}
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
- * for future reference) and return the content encryption algorithm tag.
- */
-SECOidTag
-NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->contentEncAlgTag == SEC_OID_UNKNOWN)
- cinfo->contentEncAlgTag = SECOID_GetAlgorithmTag(&(cinfo->contentEncAlg));
-
- return cinfo->contentEncAlgTag;
-}
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
- */
-SECAlgorithmID *
-NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo)
-{
- return &(cinfo->contentEncAlg);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECOidTag bulkalgtag, SECItem *parameters, int keysize)
-{
- SECStatus rv;
-
- rv = SECOID_SetAlgorithmID(poolp, &(cinfo->contentEncAlg), bulkalgtag, parameters);
- if (rv != SECSuccess)
- return SECFailure;
- cinfo->keysize = keysize;
- return SECSuccess;
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECAlgorithmID *algid, int keysize)
-{
- SECStatus rv;
-
- rv = SECOID_CopyAlgorithmID(poolp, &(cinfo->contentEncAlg), algid);
- if (rv != SECSuccess)
- return SECFailure;
- if (keysize >= 0)
- cinfo->keysize = keysize;
- return SECSuccess;
-}
-
-void
-NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey)
-{
- cinfo->bulkkey = PK11_ReferenceSymKey(bulkkey);
- cinfo->keysize = PK11_GetKeyStrength(cinfo->bulkkey, &(cinfo->contentEncAlg));
-}
-
-PK11SymKey *
-NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->bulkkey == NULL)
- return NULL;
-
- return PK11_ReferenceSymKey(cinfo->bulkkey);
-}
-
-int
-NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo)
-{
- return cinfo->keysize;
-}
diff --git a/security/nss/lib/smime/cmscipher.c b/security/nss/lib/smime/cmscipher.c
deleted file mode 100644
index 27e5668aa..000000000
--- a/security/nss/lib/smime/cmscipher.c
+++ /dev/null
@@ -1,792 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Encryption/decryption routines for CMS implementation, none of which are exported.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-/*
- * -------------------------------------------------------------------
- * Cipher stuff.
- */
-
-typedef SECStatus (*nss_cms_cipher_function) (void *, unsigned char *, unsigned int *,
- unsigned int, const unsigned char *, unsigned int);
-typedef SECStatus (*nss_cms_cipher_destroy) (void *, PRBool);
-
-#define BLOCK_SIZE 4096
-
-struct NSSCMSCipherContextStr {
- void * cx; /* PK11 cipher context */
- nss_cms_cipher_function doit;
- nss_cms_cipher_destroy destroy;
- PRBool encrypt; /* encrypt / decrypt switch */
- int block_size; /* block & pad sizes for cipher */
- int pad_size;
- int pending_count; /* pending data (not yet en/decrypted */
- unsigned char pending_buf[BLOCK_SIZE];/* because of blocking */
-};
-
-/*
- * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
- * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function below (for starting up encryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-NSSCMSCipherContext *
-NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid)
-{
- NSSCMSCipherContext *cc;
- void *ciphercx;
- CK_MECHANISM_TYPE mechanism;
- SECItem *param;
- PK11SlotInfo *slot;
- SECOidTag algtag;
-
- algtag = SECOID_GetAlgorithmTag(algid);
-
- /* set param and mechanism */
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
- PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
- /* HACK ALERT!
- * in this case, key is not actually a PK11SymKey *, but a SEC_PKCS5KeyAndPassword *
- */
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
-
- /* find correct PK11 mechanism and parameters to initialize pbeMech */
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if (!pbeParams)
- return NULL;
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
-
- /* now map pbeMech to cryptoMech */
- if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, keyPwd->pwitem,
- PR_FALSE) != CKR_OK) {
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- /* and use it to initialize param & mechanism */
- if ((param = (SECItem *)PORT_ZAlloc(sizeof(SECItem))) == NULL)
- return NULL;
-
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- if ((param = PK11_ParamFromAlgid(algid)) == NULL)
- return NULL;
- }
-
- cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
- if (cc == NULL) {
- SECITEM_FreeItem(param,PR_TRUE);
- return NULL;
- }
-
- /* figure out pad and block sizes */
- cc->pad_size = PK11_GetBlockSize(mechanism, param);
- slot = PK11_GetSlotFromKey(key);
- cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
- PK11_FreeSlot(slot);
-
- /* create PK11 cipher context */
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_DECRYPT, key, param);
- SECITEM_FreeItem(param, PR_TRUE);
- if (ciphercx == NULL) {
- PORT_Free (cc);
- return NULL;
- }
-
- cc->cx = ciphercx;
- cc->doit = (nss_cms_cipher_function) PK11_CipherOp;
- cc->destroy = (nss_cms_cipher_destroy) PK11_DestroyContext;
- cc->encrypt = PR_FALSE;
- cc->pending_count = 0;
-
- return cc;
-}
-
-/*
- * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
- * based on the given bulk encryption key and algorithm tag. Fill in the algorithm
- * identifier (which may include an iv) appropriately.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function above (for starting up decryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-NSSCMSCipherContext *
-NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid)
-{
- NSSCMSCipherContext *cc;
- void *ciphercx;
- SECItem *param;
- SECStatus rv;
- CK_MECHANISM_TYPE mechanism;
- PK11SlotInfo *slot;
- PRBool needToEncodeAlgid = PR_FALSE;
- SECOidTag algtag = SECOID_GetAlgorithmTag(algid);
-
- /* set param and mechanism */
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
- PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
- /* HACK ALERT!
- * in this case, key is not actually a PK11SymKey *, but a SEC_PKCS5KeyAndPassword *
- */
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
-
- /* find correct PK11 mechanism and parameters to initialize pbeMech */
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if (!pbeParams)
- return NULL;
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
-
- /* now map pbeMech to cryptoMech */
- if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, keyPwd->pwitem,
- PR_FALSE) != CKR_OK) {
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- /* and use it to initialize param & mechanism */
- if ((param = (SECItem *)PORT_ZAlloc(sizeof(SECItem))) == NULL)
- return NULL;
-
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- if ((param = PK11_GenerateNewParam(mechanism, key)) == NULL)
- return NULL;
- needToEncodeAlgid = PR_TRUE;
- }
-
- cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
- if (cc == NULL)
- return NULL;
-
- /* now find pad and block sizes for our mechanism */
- cc->pad_size = PK11_GetBlockSize(mechanism,param);
- slot = PK11_GetSlotFromKey(key);
- cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
- PK11_FreeSlot(slot);
-
- /* and here we go, creating a PK11 cipher context */
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT, key, param);
- if (ciphercx == NULL) {
- PORT_Free(cc);
- cc = NULL;
- goto loser;
- }
-
- /*
- * These are placed after the CreateContextBySymKey() because some
- * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
- * Don't move it from here.
- * XXX is that right? the purpose of this is to get the correct algid
- * containing the IVs etc. for encoding. this means we need to set this up
- * BEFORE encoding the algid in the contentInfo, right?
- */
- if (needToEncodeAlgid) {
- rv = PK11_ParamToAlgid(algtag, param, poolp, algid);
- if(rv != SECSuccess) {
- PORT_Free(cc);
- cc = NULL;
- goto loser;
- }
- }
-
- cc->cx = ciphercx;
- cc->doit = (nss_cms_cipher_function)PK11_CipherOp;
- cc->destroy = (nss_cms_cipher_destroy)PK11_DestroyContext;
- cc->encrypt = PR_TRUE;
- cc->pending_count = 0;
-
-loser:
- SECITEM_FreeItem(param, PR_TRUE);
-
- return cc;
-}
-
-void
-NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc)
-{
- PORT_Assert(cc != NULL);
- if (cc == NULL)
- return;
- (*cc->destroy)(cc->cx, PR_TRUE);
- PORT_Free(cc);
-}
-
-/*
- * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- *
- * Note that this can return zero, which does not mean that the decrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent decrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
-{
- int blocks, block_size;
-
- PORT_Assert (! cc->encrypt);
-
- block_size = cc->block_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we will always use up all of the pending
- * bytes plus all of the input bytes, *but*, there will be padding
- * at the end and we cannot predict how many bytes of padding we
- * will end up removing. The amount given here is actually known
- * to be at least 1 byte too long (because we know we will have
- * at least 1 byte of padding), but seemed clearer/better to me.
- */
- if (final)
- return cc->pending_count + input_len;
-
- /*
- * Okay, this amount is exactly what we will output on the
- * next cipher operation. We will always hang onto the last
- * 1 - block_size bytes for non-final operations. That is,
- * we will do as many complete blocks as we can *except* the
- * last block (complete or partial). (This is because until
- * we know we are at the end, we cannot know when to interpret
- * and removing the padding byte(s), which are guaranteed to
- * be there.)
- */
- blocks = (cc->pending_count + input_len - 1) / block_size;
- return blocks * block_size;
-}
-
-/*
- * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.
- *
- * Note that this can return zero, which does not mean that the encrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent encrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
-{
- int blocks, block_size;
- int pad_size;
-
- PORT_Assert (cc->encrypt);
-
- block_size = cc->block_size;
- pad_size = cc->pad_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we only send out what we need for
- * remaining bytes plus the padding. (There is always padding,
- * so even if we have an exact number of blocks as input, we
- * will add another full block that is just padding.)
- */
- if (final) {
- if (pad_size == 0) {
- return cc->pending_count + input_len;
- } else {
- blocks = (cc->pending_count + input_len) / pad_size;
- blocks++;
- return blocks*pad_size;
- }
- }
-
- /*
- * Now, count the number of complete blocks of data we have.
- */
- blocks = (cc->pending_count + input_len) / block_size;
-
-
- return blocks * block_size;
-}
-
-
-/*
- * NSS_CMSCipherContext_Decrypt - do the decryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Decrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
- * When "final" is true, this is the last of the data to be decrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the decryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "cc".
- * We also need to determine which bytes are padding, and remove
- * them from the output. We can only do this step when we know we
- * have the final block of data. PKCS #7 specifies that the padding
- * used for a block cipher is a string of bytes, each of whose value is
- * the same as the length of the padding, and that all data is padded.
- * (Even data that starts out with an exact multiple of blocks gets
- * added to it another block, all of which is padding.)
- */
-SECStatus
-NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (! cc->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = NSS_CMSCipherContext_DecryptLength(cc, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- /*
- * hardware encryption does not like small decryption sizes here, so we
- * allow both blocking and padding.
- */
- bsize = cc->block_size;
- padsize = cc->pad_size;
-
- /*
- * When no blocking or padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (* cc->doit) (cc->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = cc->pending_count;
- pbuf = cc->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we have at most a whole block and this is not our last call,
- * then we are done for now. (We do not try to decrypt a lone
- * single block because we cannot interpret the padding bytes
- * until we know we are handling the very last block of all input.)
- */
- if (input_len == 0 && !final) {
- cc->pending_count = pcount;
- if (output_len_p)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * Given the logic above, we expect to have a full block by now.
- * If we do not, there is something wrong, either with our own
- * logic or with (length of) the data given to us.
- */
- PORT_Assert ((padsize == 0) || (pcount % padsize) == 0);
- if ((padsize != 0) && (pcount % padsize) != 0) {
- PORT_Assert (final);
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- /*
- * Decrypt the block.
- */
- rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then NSS_CMSCipherContext_DecryptLength needs to be made smarter!
- */
- PORT_Assert(ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- /*
- * If this is our last call, we expect to have an exact number of
- * blocks left to be decrypted; we will decrypt them all.
- *
- * If not our last call, we always save between 1 and bsize bytes
- * until next time. (We must do this because we cannot be sure
- * that none of the decrypted bytes are padding bytes until we
- * have at least another whole block of data. You cannot tell by
- * looking -- the data could be anything -- you can only tell by
- * context, knowing you are looking at the last block.) We could
- * decrypt a whole block now but it is easier if we just treat it
- * the same way we treat partial block bytes.
- */
- if (final) {
- if (padsize) {
- blocks = input_len / padsize;
- ifraglen = blocks * padsize;
- } else ifraglen = input_len;
- PORT_Assert (ifraglen == input_len);
-
- if (ifraglen != input_len) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- } else {
- blocks = (input_len - 1) / bsize;
- ifraglen = blocks * bsize;
- PORT_Assert (ifraglen < input_len);
-
- pcount = input_len - ifraglen;
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- cc->pending_count = pcount;
- }
-
- if (ifraglen) {
- rv = (* cc->doit)(cc->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7DecryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
- if (ifraglen != ofraglen) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
-
- output_len += ofraglen;
- } else {
- ofraglen = 0;
- }
-
- /*
- * If we just did our very last block, "remove" the padding by
- * adjusting the output length.
- */
- if (final && (padsize != 0)) {
- unsigned int padlen = *(output + ofraglen - 1);
- PORT_Assert (padlen > 0 && padlen <= padsize);
- if (padlen == 0 || padlen > padsize) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- output_len -= padlen;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSCipherContext_Encrypt - do the encryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Encrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
- * When "final" is true, this is the last of the data to be encrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the encryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "cc".
- * We also need to add padding bytes at the end. PKCS #7 specifies
- * that the padding used for a block cipher is a string of bytes,
- * each of whose value is the same as the length of the padding,
- * and that all data is padded. (Even data that starts out with
- * an exact multiple of blocks gets added to it another block,
- * all of which is padding.)
- *
- * XXX I would kind of like to combine this with the function above
- * which does decryption, since they have a lot in common. But the
- * tricky parts about padding and filling blocks would be much
- * harder to read that way, so I left them separate. At least for
- * now until it is clear that they are right.
- */
-SECStatus
-NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, padlen, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (cc->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = NSS_CMSCipherContext_EncryptLength (cc, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- bsize = cc->block_size;
- padsize = cc->pad_size;
-
- /*
- * When no blocking and padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (*cc->doit)(cc->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = cc->pending_count;
- pbuf = cc->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we do not have a full block and we know we will be
- * called again, then we are done for now.
- */
- if (pcount < bsize && !final) {
- cc->pending_count = pcount;
- if (output_len_p != NULL)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * If we have a whole block available, encrypt it.
- */
- if ((padsize == 0) || (pcount % padsize) == 0) {
- rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
-
- pcount = 0;
- }
- }
-
- if (input_len) {
- PORT_Assert (pcount == 0);
-
- blocks = input_len / bsize;
- ifraglen = blocks * bsize;
-
- if (ifraglen) {
- rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
-
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- pcount = input_len - ifraglen;
- PORT_Assert (pcount < bsize);
- if (pcount)
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- }
-
- if (final) {
- padlen = padsize - (pcount % padsize);
- PORT_Memset (pbuf + pcount, padlen, padlen);
- rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
- pbuf, pcount+padlen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == (pcount+padlen));
- output_len += ofraglen;
- } else {
- cc->pending_count = pcount;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c
deleted file mode 100644
index 906fbaa25..000000000
--- a/security/nss/lib/smime/cmsdecode.c
+++ /dev/null
@@ -1,692 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS decoding.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "secerr.h"
-
-struct NSSCMSDecoderContextStr {
- SEC_ASN1DecoderContext * dcx; /* ASN.1 decoder context */
- NSSCMSMessage * cmsg; /* backpointer to the root message */
- SECOidTag type; /* type of message */
- NSSCMSContent content; /* pointer to message */
- NSSCMSDecoderContext * childp7dcx; /* inner CMS decoder context */
- PRBool saw_contents;
- int error;
- NSSCMSContentCallback cb;
- void * cb_arg;
-};
-
-static void nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx);
-static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx);
-static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx);
-static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx,
- const unsigned char *data, unsigned long len, PRBool final);
-
-extern const SEC_ASN1Template NSSCMSMessageTemplate[];
-
-/*
- * nss_cms_decoder_notify -
- * this is the driver of the decoding process. It gets called by the ASN.1
- * decoder before and after an object is decoded.
- * at various points in the decoding process, we intercept to set up and do
- * further processing.
- */
-static void
-nss_cms_decoder_notify(void *arg, PRBool before, void *dest, int depth)
-{
- NSSCMSDecoderContext *p7dcx;
- NSSCMSContentInfo *rootcinfo, *cinfo;
- PRBool after = !before;
-
- p7dcx = (NSSCMSDecoderContext *)arg;
- rootcinfo = &(p7dcx->cmsg->contentInfo);
-
- /* XXX error handling: need to set p7dcx->error */
-
-#ifdef CMSDEBUG
- fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth);
-#endif
-
- /* so what are we working on right now? */
- switch (p7dcx->type) {
- case SEC_OID_UNKNOWN:
- /*
- * right now, we are still decoding the OUTER (root) cinfo
- * As soon as we know the inner content type, set up the info,
- * but NO inner decoder or filter. The root decoder handles the first
- * level children by itself - only for encapsulated contents (which
- * are encoded as DER inside of an OCTET STRING) we need to set up a
- * child decoder...
- */
- if (after && dest == &(rootcinfo->contentType)) {
- p7dcx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
- p7dcx->content = rootcinfo->content; /* is this ready already ? need to alloc? */
- /* XXX yes we need to alloc -- continue here */
- }
- break;
- case SEC_OID_PKCS7_DATA:
- /* this can only happen if the outermost cinfo has DATA in it */
- /* otherwise, we handle this type implicitely in the inner decoders */
-
- if (before && dest == &(rootcinfo->content)) {
- /* fake it to cause the filter to put the data in the right place... */
- /* we want the ASN.1 decoder to deliver the decoded bytes to us from now on */
- SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
- nss_cms_decoder_update_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- break;
- }
-
- if (after && dest == &(rootcinfo->content.data)) {
- /* remove the filter */
- SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
-
- if (before && dest == &(rootcinfo->content))
- break; /* we're not there yet */
-
- if (p7dcx->content.pointer == NULL)
- p7dcx->content = rootcinfo->content;
-
- /* get this data type's inner contentInfo */
- cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-
- if (before && dest == &(cinfo->contentType)) {
- /* at this point, set up the &%$&$ back pointer */
- /* we cannot do it later, because the content itself is optional! */
- /* please give me C++ */
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- p7dcx->content.signedData->cmsg = p7dcx->cmsg;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- p7dcx->content.digestedData->cmsg = p7dcx->cmsg;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- p7dcx->content.envelopedData->cmsg = p7dcx->cmsg;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- p7dcx->content.encryptedData->cmsg = p7dcx->cmsg;
- break;
- default:
- PORT_Assert(0);
- break;
- }
- }
-
- if (before && dest == &(cinfo->rawContent)) {
- /* we want the ASN.1 decoder to deliver the decoded bytes to us from now on */
- SEC_ASN1DecoderSetFilterProc(p7dcx->dcx, nss_cms_decoder_update_filter,
- p7dcx, (PRBool)(p7dcx->cb != NULL));
-
-
- /* we're right in front of the data */
- if (nss_cms_before_data(p7dcx) != SECSuccess) {
- SEC_ASN1DecoderClearFilterProc(p7dcx->dcx); /* stop all processing */
- p7dcx->error = PORT_GetError();
- }
- }
- if (after && dest == &(cinfo->rawContent)) {
- /* we're right after of the data */
- if (nss_cms_after_data(p7dcx) != SECSuccess)
- p7dcx->error = PORT_GetError();
-
- /* we don't need to see the contents anymore */
- SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
- }
- break;
-
-#if 0 /* NIH */
- case SEC_OID_PKCS7_AUTHENTICATED_DATA:
-#endif
- default:
- /* unsupported or unknown message type - fail (more or less) gracefully */
- p7dcx->error = SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE;
- break;
- }
-}
-
-/*
- * nss_cms_before_data - set up the current encoder to receive data
- */
-static SECStatus
-nss_cms_before_data(NSSCMSDecoderContext *p7dcx)
-{
- SECStatus rv;
- SECOidTag childtype;
- PLArenaPool *poolp;
- NSSCMSDecoderContext *childp7dcx;
- NSSCMSContentInfo *cinfo;
- const SEC_ASN1Template *template;
- void *mark = NULL;
- size_t size;
-
- poolp = p7dcx->cmsg->poolp;
-
- /* call _Decode_BeforeData handlers */
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* we're decoding a signedData, so set up the digests */
- rv = NSS_CMSSignedData_Decode_BeforeData(p7dcx->content.signedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- /* we're encoding a digestedData, so set up the digest */
- rv = NSS_CMSDigestedData_Decode_BeforeData(p7dcx->content.digestedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Decode_BeforeData(p7dcx->content.envelopedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Decode_BeforeData(p7dcx->content.encryptedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- default:
- return SECFailure;
- }
-
- /* ok, now we have a pointer to cinfo */
- /* find out what kind of data is encapsulated */
-
- cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- if (childtype == SEC_OID_PKCS7_DATA) {
- cinfo->content.data = SECITEM_AllocItem(poolp, NULL, 0);
- if (cinfo->content.data == NULL)
- /* set memory error */
- return SECFailure;
-
- p7dcx->childp7dcx = NULL;
- return SECSuccess;
- }
-
- /* set up inner decoder */
-
- if ((template = NSS_CMSUtil_GetTemplateByTypeTag(childtype)) == NULL)
- return SECFailure;
-
- childp7dcx = (NSSCMSDecoderContext *)PORT_ZAlloc(sizeof(NSSCMSDecoderContext));
- if (childp7dcx == NULL)
- return SECFailure;
-
- mark = PORT_ArenaMark(poolp);
-
- /* allocate space for the stuff we're creating */
- size = NSS_CMSUtil_GetSizeByTypeTag(childtype);
- childp7dcx->content.pointer = (void *)PORT_ArenaZAlloc(poolp, size);
- if (childp7dcx->content.pointer == NULL)
- goto loser;
-
- /* start the child decoder */
- childp7dcx->dcx = SEC_ASN1DecoderStart(poolp, childp7dcx->content.pointer, template);
- if (childp7dcx->dcx == NULL)
- goto loser;
-
- /* the new decoder needs to notify, too */
- SEC_ASN1DecoderSetNotifyProc(childp7dcx->dcx, nss_cms_decoder_notify, childp7dcx);
-
- /* tell the parent decoder that it needs to feed us the content data */
- p7dcx->childp7dcx = childp7dcx;
-
- childp7dcx->type = childtype; /* our type */
-
- childp7dcx->cmsg = p7dcx->cmsg; /* backpointer to root message */
-
- /* should the child decoder encounter real data, it needs to give it to the caller */
- childp7dcx->cb = p7dcx->cb;
- childp7dcx->cb_arg = p7dcx->cb_arg;
-
- /* now set up the parent to hand decoded data to the next level decoder */
- p7dcx->cb = (NSSCMSContentCallback)NSS_CMSDecoder_Update;
- p7dcx->cb_arg = childp7dcx;
-
- PORT_ArenaUnmark(poolp, mark);
-
- return SECSuccess;
-
-loser:
- if (mark)
- PORT_ArenaRelease(poolp, mark);
- if (childp7dcx)
- PORT_Free(childp7dcx);
- p7dcx->childp7dcx = NULL;
- return SECFailure;
-}
-
-static SECStatus
-nss_cms_after_data(NSSCMSDecoderContext *p7dcx)
-{
- PLArenaPool *poolp;
- NSSCMSDecoderContext *childp7dcx;
- SECStatus rv = SECFailure;
-
- poolp = p7dcx->cmsg->poolp;
-
- /* Handle last block. This is necessary to flush out the last bytes
- * of a possibly incomplete block */
- nss_cms_decoder_work_data(p7dcx, NULL, 0, PR_TRUE);
-
- /* finish any "inner" decoders - there's no more data coming... */
- if (p7dcx->childp7dcx != NULL) {
- childp7dcx = p7dcx->childp7dcx;
- if (childp7dcx->dcx != NULL) {
- if (SEC_ASN1DecoderFinish(childp7dcx->dcx) != SECSuccess) {
- /* do what? free content? */
- rv = SECFailure;
- } else {
- rv = nss_cms_after_end(childp7dcx);
- }
- if (rv != SECSuccess)
- goto done;
- }
- PORT_Free(p7dcx->childp7dcx);
- p7dcx->childp7dcx = NULL;
- }
-
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* this will finish the digests and verify */
- rv = NSS_CMSSignedData_Decode_AfterData(p7dcx->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Decode_AfterData(p7dcx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Decode_AfterData(p7dcx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Decode_AfterData(p7dcx->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- /* do nothing */
- break;
- default:
- rv = SECFailure;
- break;
- }
-done:
- return rv;
-}
-
-static SECStatus
-nss_cms_after_end(NSSCMSDecoderContext *p7dcx)
-{
- SECStatus rv;
- PLArenaPool *poolp;
-
- poolp = p7dcx->cmsg->poolp;
-
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- rv = NSS_CMSSignedData_Decode_AfterEnd(p7dcx->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Decode_AfterEnd(p7dcx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Decode_AfterEnd(p7dcx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Decode_AfterEnd(p7dcx->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- rv = SECSuccess;
- break;
- default:
- rv = SECFailure; /* we should not have got that far... */
- break;
- }
- return rv;
-}
-
-/*
- * nss_cms_decoder_work_data - handle decoded data bytes.
- *
- * This function either decrypts the data if needed, and/or calculates digests
- * on it, then either stores it or passes it on to the next level decoder.
- */
-static void
-nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx,
- const unsigned char *data, unsigned long len,
- PRBool final)
-{
- NSSCMSContentInfo *cinfo;
- unsigned char *buf = NULL;
- unsigned char *dest;
- unsigned int offset;
- SECStatus rv;
- SECItem *storage;
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-
- if (cinfo->ciphcx != NULL) {
- /*
- * we are decrypting.
- *
- * XXX If we get an error, we do not want to do the digest or callback,
- * but we want to keep decoding. Or maybe we want to stop decoding
- * altogether if there is a callback, because obviously we are not
- * sending the data back and they want to know that.
- */
-
- unsigned int outlen = 0; /* length of decrypted data */
- unsigned int buflen; /* length available for decrypted data */
-
- /* find out about the length of decrypted data */
- buflen = NSS_CMSCipherContext_DecryptLength(cinfo->ciphcx, len, final);
-
- /*
- * it might happen that we did not provide enough data for a full
- * block (decryption unit), and that there is no output available
- */
-
- /* no output available, AND no input? */
- if (buflen == 0 && len == 0)
- goto loser; /* bail out */
-
- /*
- * have inner decoder: pass the data on (means inner content type is NOT data)
- * no inner decoder: we have DATA in here: either call callback or store
- */
- if (buflen != 0) {
- /* there will be some output - need to make room for it */
- /* allocate buffer from the heap */
- buf = (unsigned char *)PORT_Alloc(buflen);
- if (buf == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
- }
-
- /*
- * decrypt incoming data
- * buf can still be NULL here (and buflen == 0) here if we don't expect
- * any output (see above), but we still need to call NSS_CMSCipherContext_Decrypt to
- * keep track of incoming data
- */
- rv = NSS_CMSCipherContext_Decrypt(cinfo->ciphcx, buf, &outlen, buflen,
- data, len, final);
- if (rv != SECSuccess) {
- p7dcx->error = PORT_GetError();
- goto loser;
- }
-
- PORT_Assert (final || outlen == buflen);
-
- /* swap decrypted data in */
- data = buf;
- len = outlen;
- }
-
- if (len == 0)
- goto done; /* nothing more to do */
-
- /*
- * Update the running digests with plaintext bytes (if we need to).
- */
- if (cinfo->digcx)
- NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
-
- /* at this point, we have the plain decoded & decrypted data */
- /* which is either more encoded DER which we need to hand to the child decoder */
- /* or data we need to hand back to our caller */
-
- /* pass the content back to our caller or */
- /* feed our freshly decrypted and decoded data into child decoder */
- if (p7dcx->cb != NULL) {
- (*p7dcx->cb)(p7dcx->cb_arg, (const char *)data, len);
- }
-#if 1
- else
-#endif
- if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) == SEC_OID_PKCS7_DATA) {
- /* store it in "inner" data item as well */
- /* find the DATA item in the encapsulated cinfo and store it there */
- storage = cinfo->content.data;
-
- offset = storage->len;
- if (storage->len == 0) {
- dest = (unsigned char *)PORT_ArenaAlloc(p7dcx->cmsg->poolp, len);
- } else {
- dest = (unsigned char *)PORT_ArenaGrow(p7dcx->cmsg->poolp,
- storage->data,
- storage->len,
- storage->len + len);
- }
- if (dest == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- storage->data = dest;
- storage->len += len;
-
- /* copy it in */
- PORT_Memcpy(storage->data + offset, data, len);
- }
-
-done:
-loser:
- if (buf)
- PORT_Free (buf);
-}
-
-/*
- * nss_cms_decoder_update_filter - process ASN.1 data
- *
- * once we have set up a filter in nss_cms_decoder_notify(),
- * all data processed by the ASN.1 decoder is also passed through here.
- * we pass the content bytes (as opposed to length and tag bytes) on to
- * nss_cms_decoder_work_data().
- */
-static void
-nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- NSSCMSDecoderContext *p7dcx;
-
- PORT_Assert (len); /* paranoia */
- if (len == 0)
- return;
-
- p7dcx = (NSSCMSDecoderContext*)arg;
-
- p7dcx->saw_contents = PR_TRUE;
-
- /* pass on the content bytes only */
- if (data_kind == SEC_ASN1_Contents)
- nss_cms_decoder_work_data(p7dcx, (const unsigned char *) data, len, PR_FALSE);
-}
-
-/*
- * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
- *
- * "poolp" - pointer to arena for message, or NULL if new pool should be created
- * "cb", "cb_arg" - callback function and argument for delivery of inner content
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- */
-NSSCMSDecoderContext *
-NSS_CMSDecoder_Start(PRArenaPool *poolp,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg)
-{
- NSSCMSDecoderContext *p7dcx;
- NSSCMSMessage *cmsg;
-
- cmsg = NSS_CMSMessage_Create(poolp);
- if (cmsg == NULL)
- return NULL;
-
- NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
- NULL, NULL);
-
- p7dcx = (NSSCMSDecoderContext*)PORT_ZAlloc(sizeof(NSSCMSDecoderContext));
- if (p7dcx == NULL) {
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
- }
-
- p7dcx->dcx = SEC_ASN1DecoderStart(cmsg->poolp, cmsg, NSSCMSMessageTemplate);
- if (p7dcx->dcx == NULL) {
- PORT_Free (p7dcx);
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
- }
-
- SEC_ASN1DecoderSetNotifyProc (p7dcx->dcx, nss_cms_decoder_notify, p7dcx);
-
- p7dcx->cmsg = cmsg;
- p7dcx->type = SEC_OID_UNKNOWN;
-
- p7dcx->cb = cb;
- p7dcx->cb_arg = cb_arg;
-
- return p7dcx;
-}
-
-/*
- * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
- */
-SECStatus
-NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len)
-{
- if (p7dcx->dcx != NULL && p7dcx->error == 0) { /* if error is set already, don't bother */
- if (SEC_ASN1DecoderUpdate (p7dcx->dcx, buf, len) != SECSuccess) {
- p7dcx->error = PORT_GetError();
- PORT_Assert (p7dcx->error);
- if (p7dcx->error == 0)
- p7dcx->error = -1;
- }
- }
-
- if (p7dcx->error == 0)
- return SECSuccess;
-
- /* there has been a problem, let's finish the decoder */
- if (p7dcx->dcx != NULL) {
- (void) SEC_ASN1DecoderFinish (p7dcx->dcx);
- p7dcx->dcx = NULL;
- }
- PORT_SetError (p7dcx->error);
-
- return SECFailure;
-}
-
-/*
- * NSS_CMSDecoder_Cancel - stop decoding in case of error
- */
-void
-NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx)
-{
- /* XXXX what about inner decoders? running digests? decryption? */
- /* XXXX there's a leak here! */
- NSS_CMSMessage_Destroy(p7dcx->cmsg);
- (void)SEC_ASN1DecoderFinish(p7dcx->dcx);
- PORT_Free(p7dcx);
-}
-
-/*
- * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
- */
-NSSCMSMessage *
-NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx)
-{
- NSSCMSMessage *cmsg;
-
- cmsg = p7dcx->cmsg;
-
- if (p7dcx->dcx == NULL || SEC_ASN1DecoderFinish(p7dcx->dcx) != SECSuccess ||
- nss_cms_after_end(p7dcx) != SECSuccess)
- {
- NSS_CMSMessage_Destroy(cmsg); /* needs to get rid of pool if it's ours */
- cmsg = NULL;
- }
-
- PORT_Free(p7dcx);
- return cmsg;
-}
-
-NSSCMSMessage *
-NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg)
-{
- NSSCMSDecoderContext *p7dcx;
-
- /* first arg(poolp) == NULL => create our own pool */
- p7dcx = NSS_CMSDecoder_Start(NULL, cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg);
- (void) NSS_CMSDecoder_Update(p7dcx, (char *)DERmessage->data, DERmessage->len);
- return NSS_CMSDecoder_Finish(p7dcx);
-}
-
diff --git a/security/nss/lib/smime/cmsdigdata.c b/security/nss/lib/smime/cmsdigdata.c
deleted file mode 100644
index 9d57a5266..000000000
--- a/security/nss/lib/smime/cmsdigdata.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS digestedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secitem.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
- *
- * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
- * digestAlg is passed as parameter
- * contentInfo must be filled by the user
- * digest will be calculated while encoding
- */
-NSSCMSDigestedData *
-NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg)
-{
- void *mark;
- NSSCMSDigestedData *digd;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- digd = (NSSCMSDigestedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSDigestedData));
- if (digd == NULL)
- goto loser;
-
- digd->cmsg = cmsg;
-
- if (SECOID_CopyAlgorithmID (poolp, &(digd->digestAlg), digestalg) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return digd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSDigestedData_Destroy - destroy a digestedData object
- */
-void
-NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd)
-{
- /* everything's in a pool, so don't worry about the storage */
- NSS_CMSContentInfo_Destroy(&(digd->contentInfo));
- return;
-}
-
-/*
- * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd)
-{
- return &(digd->contentInfo);
-}
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
- * before encoding begins.
- *
- * In particular:
- * - set the right version number. The contentInfo's content type must be set up already.
- */
-SECStatus
-NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd)
-{
- unsigned long version;
- SECItem *dummy;
-
- version = NSS_CMS_DIGESTED_DATA_VERSION_DATA;
- if (NSS_CMSContentInfo_GetContentTypeTag(&(digd->contentInfo)) != SEC_OID_PKCS7_DATA)
- version = NSS_CMS_DIGESTED_DATA_VERSION_ENCAP;
-
- dummy = SEC_ASN1EncodeInteger(digd->cmsg->poolp, &(digd->version), version);
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-SECStatus
-NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd)
-{
- /* set up the digests */
- if (digd->digestAlg.algorithm.len != 0 && digd->digest.len == 0) {
- /* if digest is already there, do nothing */
- digd->contentInfo.digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
- if (digd->contentInfo.digcx == NULL)
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-SECStatus
-NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd)
-{
- /* did we have digest calculation going on? */
- if (digd->contentInfo.digcx) {
- if (NSS_CMSDigestContext_FinishSingle(digd->contentInfo.digcx,
- digd->cmsg->poolp, &(digd->digest)) != SECSuccess)
- return SECFailure; /* error has been set by NSS_CMSDigestContext_FinishSingle */
- digd->contentInfo.digcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-SECStatus
-NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd)
-{
- /* is there a digest algorithm yet? */
- if (digd->digestAlg.algorithm.len == 0)
- return SECFailure;
-
- digd->contentInfo.digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
- if (digd->contentInfo.digcx == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-SECStatus
-NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd)
-{
- /* did we have digest calculation going on? */
- if (digd->contentInfo.digcx) {
- if (NSS_CMSDigestContext_FinishSingle(digd->contentInfo.digcx,
- digd->cmsg->poolp, &(digd->cdigest)) != SECSuccess)
- return SECFailure; /* error has been set by NSS_CMSDigestContext_FinishSingle */
- digd->contentInfo.digcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
- *
- * In detail:
- * - check the digests for equality
- */
-SECStatus
-NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd)
-{
- /* did we have digest calculation going on? */
- if (digd->cdigest.len != 0) {
- /* XXX comparision btw digest & cdigest */
- /* XXX set status */
- /* TODO!!!! */
- }
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsdigest.c b/security/nss/lib/smime/cmsdigest.c
deleted file mode 100644
index 6c7bd918b..000000000
--- a/security/nss/lib/smime/cmsdigest.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS digesting.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-struct NSSCMSDigestContextStr {
- PRBool saw_contents;
- int digcnt;
- void ** digcxs;
-const SECHashObject ** digobjs;
-};
-
-/*
- * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
- * digest algorithms in "digestalgs" in parallel.
- */
-NSSCMSDigestContext *
-NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs)
-{
- NSSCMSDigestContext *cmsdigcx;
- const SECHashObject *digobj;
- void *digcx;
- int digcnt;
- int i;
-
- digcnt = (digestalgs == NULL) ? 0 : NSS_CMSArray_Count((void **)digestalgs);
-
- cmsdigcx = (NSSCMSDigestContext *)PORT_Alloc(sizeof(NSSCMSDigestContext));
- if (cmsdigcx == NULL)
- return NULL;
-
- if (digcnt > 0) {
- cmsdigcx->digcxs = (void **)PORT_Alloc(digcnt * sizeof (void *));
- cmsdigcx->digobjs = (const SECHashObject **)PORT_Alloc(digcnt * sizeof(SECHashObject *));
- if (cmsdigcx->digcxs == NULL || cmsdigcx->digobjs == NULL)
- goto loser;
- }
-
- cmsdigcx->digcnt = 0;
-
- /*
- * Create a digest object context for each algorithm.
- */
- for (i = 0; i < digcnt; i++) {
- digobj = NSS_CMSUtil_GetHashObjByAlgID(digestalgs[i]);
- /*
- * Skip any algorithm we do not even recognize; obviously,
- * this could be a problem, but if it is critical then the
- * result will just be that the signature does not verify.
- * We do not necessarily want to error out here, because
- * the particular algorithm may not actually be important,
- * but we cannot know that until later.
- */
- if (digobj == NULL)
- continue;
-
- digcx = (*digobj->create)();
- if (digcx != NULL) {
- (*digobj->begin) (digcx);
- cmsdigcx->digobjs[cmsdigcx->digcnt] = digobj;
- cmsdigcx->digcxs[cmsdigcx->digcnt] = digcx;
- cmsdigcx->digcnt++;
- }
- }
-
- cmsdigcx->saw_contents = PR_FALSE;
-
- return cmsdigcx;
-
-loser:
- if (cmsdigcx) {
- if (cmsdigcx->digobjs)
- PORT_Free(cmsdigcx->digobjs);
- if (cmsdigcx->digcxs)
- PORT_Free(cmsdigcx->digcxs);
- }
- return NULL;
-}
-
-/*
- * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
- * only one algorithm.
- */
-NSSCMSDigestContext *
-NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg)
-{
- SECAlgorithmID *digestalgs[] = { NULL, NULL }; /* fake array */
-
- digestalgs[0] = digestalg;
- return NSS_CMSDigestContext_StartMultiple(digestalgs);
-}
-
-/*
- * NSS_CMSDigestContext_Update - feed more data into the digest machine
- */
-void
-NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len)
-{
- int i;
-
- cmsdigcx->saw_contents = PR_TRUE;
-
- for (i = 0; i < cmsdigcx->digcnt; i++)
- (*cmsdigcx->digobjs[i]->update)(cmsdigcx->digcxs[i], data, len);
-}
-
-/*
- * NSS_CMSDigestContext_Cancel - cancel digesting operation
- */
-void
-NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx)
-{
- int i;
-
- for (i = 0; i < cmsdigcx->digcnt; i++)
- (*cmsdigcx->digobjs[i]->destroy)(cmsdigcx->digcxs[i], PR_TRUE);
-}
-
-/*
- * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
- * into an array of SECItems (allocated on poolp)
- */
-SECStatus
-NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem ***digestsp)
-{
- const SECHashObject *digobj;
- void *digcx;
- SECItem **digests, *digest;
- int i;
- void *mark;
- SECStatus rv = SECFailure;
-
- /* no contents? do not update digests */
- if (digestsp == NULL || !cmsdigcx->saw_contents) {
- for (i = 0; i < cmsdigcx->digcnt; i++)
- (*cmsdigcx->digobjs[i]->destroy)(cmsdigcx->digcxs[i], PR_TRUE);
- rv = SECSuccess;
- goto cleanup;
- }
-
- mark = PORT_ArenaMark (poolp);
-
- /* allocate digest array & SECItems on arena */
- digests = (SECItem **)PORT_ArenaAlloc(poolp, (cmsdigcx->digcnt+1) * sizeof(SECItem *));
- digest = (SECItem *)PORT_ArenaZAlloc(poolp, cmsdigcx->digcnt * sizeof(SECItem));
- if (digests == NULL || digest == NULL) {
- goto loser;
- }
-
- for (i = 0; i < cmsdigcx->digcnt; i++, digest++) {
- digcx = cmsdigcx->digcxs[i];
- digobj = cmsdigcx->digobjs[i];
-
- digest->data = (unsigned char*)PORT_ArenaAlloc(poolp, digobj->length);
- if (digest->data == NULL)
- goto loser;
- digest->len = digobj->length;
- (* digobj->end)(digcx, digest->data, &(digest->len), digest->len);
- digests[i] = digest;
- (* digobj->destroy)(digcx, PR_TRUE);
- }
- digests[i] = NULL;
- *digestsp = digests;
-
- rv = SECSuccess;
-
-loser:
- if (rv == SECSuccess)
- PORT_ArenaUnmark(poolp, mark);
- else
- PORT_ArenaRelease(poolp, mark);
-
-cleanup:
- if (cmsdigcx->digcnt > 0) {
- PORT_Free(cmsdigcx->digcxs);
- PORT_Free(cmsdigcx->digobjs);
- }
- PORT_Free(cmsdigcx);
-
- return rv;
-}
-
-/*
- * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
- * but for one digest.
- */
-SECStatus
-NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem *digest)
-{
- SECStatus rv = SECFailure;
- SECItem **dp;
- PLArenaPool *arena = NULL;
-
- if ((arena = PORT_NewArena(1024)) == NULL)
- goto loser;
-
- /* get the digests into arena, then copy the first digest into poolp */
- if (NSS_CMSDigestContext_FinishMultiple(cmsdigcx, arena, &dp) != SECSuccess)
- goto loser;
-
- /* now copy it into poolp */
- if (SECITEM_CopyItem(poolp, digest, dp[0]) != SECSuccess)
- goto loser;
-
- rv = SECSuccess;
-
-loser:
- if (arena)
- PORT_FreeArena(arena, PR_FALSE);
-
- return rv;
-}
diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c
deleted file mode 100644
index ffd801a16..000000000
--- a/security/nss/lib/smime/cmsencdata.c
+++ /dev/null
@@ -1,287 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS encryptedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-/*
- * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * "keysize" is the key size.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-NSSCMSEncryptedData *
-NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
-{
- void *mark;
- NSSCMSEncryptedData *encd;
- PLArenaPool *poolp;
- SECAlgorithmID *pbe_algid;
- SECStatus rv;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- encd = (NSSCMSEncryptedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEncryptedData));
- if (encd == NULL)
- goto loser;
-
- encd->cmsg = cmsg;
-
- /* version is set in NSS_CMSEncryptedData_Encode_BeforeStart() */
-
- switch (algorithm) {
- /* XXX hmmm... hardcoded algorithms? */
- case SEC_OID_RC2_CBC:
- case SEC_OID_DES_EDE3_CBC:
- case SEC_OID_DES_CBC:
- rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(encd->contentInfo), algorithm, NULL, keysize);
- break;
- default:
- /* Assume password-based-encryption. At least, try that. */
- pbe_algid = PK11_CreatePBEAlgorithmID(algorithm, 1, NULL);
- if (pbe_algid == NULL) {
- rv = SECFailure;
- break;
- }
- rv = NSS_CMSContentInfo_SetContentEncAlgID(poolp, &(encd->contentInfo), pbe_algid, keysize);
- SECOID_DestroyAlgorithmID (pbe_algid, PR_TRUE);
- break;
- }
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return encd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
- */
-void
-NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd)
-{
- /* everything's in a pool, so don't worry about the storage */
- NSS_CMSContentInfo_Destroy(&(encd->contentInfo));
- return;
-}
-
-/*
- * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd)
-{
- return &(encd->contentInfo);
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
- * before encoding begins.
- *
- * In particular:
- * - set the correct version value.
- * - get the encryption key
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd)
-{
- int version;
- PK11SymKey *bulkkey = NULL;
- SECItem *dummy;
- NSSCMSContentInfo *cinfo = &(encd->contentInfo);
-
- if (NSS_CMSArray_IsEmpty((void **)encd->unprotectedAttr))
- version = NSS_CMS_ENCRYPTED_DATA_VERSION;
- else
- version = NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR;
-
- dummy = SEC_ASN1EncodeInteger (encd->cmsg->poolp, &(encd->version), version);
- if (dummy == NULL)
- return SECFailure;
-
- /* now get content encryption key (bulk key) by using our cmsg callback */
- if (encd->cmsg->decrypt_key_cb)
- bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg,
- NSS_CMSContentInfo_GetContentEncAlg(cinfo));
- if (bulkkey == NULL)
- return SECFailure;
-
- /* store the bulk key in the contentInfo so that the encoder can find it */
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
- PK11_FreeSymKey (bulkkey);
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd)
-{
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey;
- SECAlgorithmID *algid;
-
- cinfo = &(encd->contentInfo);
-
- /* find bulkkey and algorithm - must have been set by NSS_CMSEncryptedData_Encode_BeforeStart */
- bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
- if (bulkkey == NULL)
- return SECFailure;
- algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
- if (algid == NULL)
- return SECFailure;
-
- /* this may modify algid (with IVs generated in a token).
- * it is therefore essential that algid is a pointer to the "real" contentEncAlg,
- * not just to a copy */
- cinfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(encd->cmsg->poolp, bulkkey, algid);
- PK11_FreeSymKey(bulkkey);
- if (cinfo->ciphcx == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd)
-{
- if (encd->contentInfo.ciphcx) {
- NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
- encd->contentInfo.ciphcx = NULL;
- }
-
- /* nothing to do after data */
- return SECSuccess;
-}
-
-
-/*
- * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd)
-{
- PK11SymKey *bulkkey = NULL;
- NSSCMSContentInfo *cinfo;
- SECAlgorithmID *bulkalg;
- SECStatus rv = SECFailure;
-
- cinfo = &(encd->contentInfo);
-
- bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-
- if (encd->cmsg->decrypt_key_cb == NULL) /* no callback? no key../ */
- goto loser;
-
- bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg, bulkalg);
- if (bulkkey == NULL)
- /* no success finding a bulk key */
- goto loser;
-
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- cinfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
- if (cinfo->ciphcx == NULL)
- goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
-
- /*
- * HACK ALERT!!
- * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
- * structure. Therefore, we need to set the bulkkey to the actual key
- * prior to freeing it.
- */
- if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
- SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
- bulkkey = keyPwd->key;
- }
-
- /* we are done with (this) bulkkey now. */
- PK11_FreeSymKey(bulkkey);
-
- rv = SECSuccess;
-
-loser:
- return rv;
-}
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd)
-{
- if (encd->contentInfo.ciphcx) {
- NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
- encd->contentInfo.ciphcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd)
-{
- /* apply final touches */
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsencode.c b/security/nss/lib/smime/cmsencode.c
deleted file mode 100644
index 978f02a55..000000000
--- a/security/nss/lib/smime/cmsencode.c
+++ /dev/null
@@ -1,743 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS encoding.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secrng.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-struct nss_cms_encoder_output {
- NSSCMSContentCallback outputfn;
- void *outputarg;
- PLArenaPool *destpoolp;
- SECItem *dest;
-};
-
-struct NSSCMSEncoderContextStr {
- SEC_ASN1EncoderContext * ecx; /* ASN.1 encoder context */
- PRBool ecxupdated; /* true if data was handed in */
- NSSCMSMessage * cmsg; /* pointer to the root message */
- SECOidTag type; /* type tag of the current content */
- NSSCMSContent content; /* pointer to current content */
- struct nss_cms_encoder_output output; /* output function */
- int error; /* error code */
- NSSCMSEncoderContext * childp7ecx; /* link to child encoder context */
-};
-
-static SECStatus nss_cms_before_data(NSSCMSEncoderContext *p7ecx);
-static SECStatus nss_cms_after_data(NSSCMSEncoderContext *p7ecx);
-static SECStatus nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
-static SECStatus nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
- const unsigned char *data, unsigned long len,
- PRBool final, PRBool innermost);
-
-extern const SEC_ASN1Template NSSCMSMessageTemplate[];
-
-/*
- * The little output function that the ASN.1 encoder calls to hand
- * us bytes which we in turn hand back to our caller (via the callback
- * they gave us).
- */
-static void
-nss_cms_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct nss_cms_encoder_output *output = (struct nss_cms_encoder_output *)arg;
- unsigned char *dest;
- unsigned long offset;
-
-#ifdef CMSDEBUG
- int i;
-
- fprintf(stderr, "kind = %d, depth = %d, len = %d\n", data_kind, depth, len);
- for (i=0; i < len; i++) {
- fprintf(stderr, " %02x%s", (unsigned int)buf[i] & 0xff, ((i % 16) == 15) ? "\n" : "");
- }
- if ((i % 16) != 0)
- fprintf(stderr, "\n");
-#endif
-
- if (output->outputfn != NULL)
- /* call output callback with DER data */
- output->outputfn(output->outputarg, buf, len);
-
- if (output->dest != NULL) {
- /* store DER data in SECItem */
- offset = output->dest->len;
- if (offset == 0) {
- dest = (unsigned char *)PORT_ArenaAlloc(output->destpoolp, len);
- } else {
- dest = (unsigned char *)PORT_ArenaGrow(output->destpoolp,
- output->dest->data,
- output->dest->len,
- output->dest->len + len);
- }
- if (dest == NULL)
- /* oops */
- return;
-
- output->dest->data = dest;
- output->dest->len += len;
-
- /* copy it in */
- PORT_Memcpy(output->dest->data + offset, buf, len);
- }
-}
-
-/*
- * nss_cms_encoder_notify - ASN.1 encoder callback
- *
- * this function is called by the ASN.1 encoder before and after the encoding of
- * every object. here, it is used to keep track of data structures, set up
- * encryption and/or digesting and possibly set up child encoders.
- */
-static void
-nss_cms_encoder_notify(void *arg, PRBool before, void *dest, int depth)
-{
- NSSCMSEncoderContext *p7ecx;
- NSSCMSContentInfo *rootcinfo, *cinfo;
- PRBool after = !before;
- PLArenaPool *poolp;
- SECOidTag childtype;
- SECItem *item;
-
- p7ecx = (NSSCMSEncoderContext *)arg;
- PORT_Assert(p7ecx != NULL);
-
- rootcinfo = &(p7ecx->cmsg->contentInfo);
- poolp = p7ecx->cmsg->poolp;
-
-#ifdef CMSDEBUG
- fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth);
-#endif
-
- /*
- * Watch for the content field, at which point we want to instruct
- * the ASN.1 encoder to start taking bytes from the buffer.
- */
- switch (p7ecx->type) {
- default:
- case SEC_OID_UNKNOWN:
- /* we're still in the root message */
- if (after && dest == &(rootcinfo->contentType)) {
- /* got the content type OID now - so find out the type tag */
- p7ecx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
- /* set up a pointer to our current content */
- p7ecx->content = rootcinfo->content;
- }
- break;
-
- case SEC_OID_PKCS7_DATA:
- if (before && dest == &(rootcinfo->rawContent)) {
- /* just set up encoder to grab from user - no encryption or digesting */
- if ((item = rootcinfo->content.data) != NULL)
- (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data, item->len, PR_TRUE, PR_TRUE);
- else
- SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
- SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
-
- /* when we know what the content is, we encode happily until we reach the inner content */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- if (after && dest == &(cinfo->contentType)) {
- /* we're right before encoding the data (if we have some or not) */
- /* (for encrypted data, we're right before the contentEncAlg which may change */
- /* in nss_cms_before_data because of IV calculation when setting up encryption) */
- if (nss_cms_before_data(p7ecx) != SECSuccess)
- p7ecx->error = PORT_GetError();
- }
- if (before && dest == &(cinfo->rawContent)) {
- if (childtype == SEC_OID_PKCS7_DATA && (item = cinfo->content.data) != NULL)
- /* we have data - feed it in */
- (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data, item->len, PR_TRUE, PR_TRUE);
- else
- /* else try to get it from user */
- SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
- }
- if (after && dest == &(cinfo->rawContent)) {
- if (nss_cms_after_data(p7ecx) != SECSuccess)
- p7ecx->error = PORT_GetError();
- SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
- }
- break;
- }
-}
-
-/*
- * nss_cms_before_data - setup the current encoder to receive data
- */
-static SECStatus
-nss_cms_before_data(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv;
- SECOidTag childtype;
- NSSCMSContentInfo *cinfo;
- PLArenaPool *poolp;
- NSSCMSEncoderContext *childp7ecx;
- const SEC_ASN1Template *template;
-
- poolp = p7ecx->cmsg->poolp;
-
- /* call _Encode_BeforeData handlers */
- switch (p7ecx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* we're encoding a signedData, so set up the digests */
- rv = NSS_CMSSignedData_Encode_BeforeData(p7ecx->content.signedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- /* we're encoding a digestedData, so set up the digest */
- rv = NSS_CMSDigestedData_Encode_BeforeData(p7ecx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_BeforeData(p7ecx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_BeforeData(p7ecx->content.encryptedData);
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess)
- return SECFailure;
-
- /* ok, now we have a pointer to cinfo */
- /* find out what kind of data is encapsulated */
-
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- switch (childtype) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
-#if 0
- case SEC_OID_PKCS7_DATA: /* XXX here also??? maybe yes! */
-#endif
- /* in these cases, we need to set up a child encoder! */
- /* create new encoder context */
- childp7ecx = PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
- if (childp7ecx == NULL)
- return SECFailure;
-
- /* the CHILD encoder needs to hand its encoded data to the CURRENT encoder
- * (which will encrypt and/or digest it)
- * this needs to route back into our update function
- * which finds the lowest encoding context & encrypts and computes digests */
- childp7ecx->type = childtype;
- childp7ecx->content = cinfo->content;
- /* use the non-recursive update function here, of course */
- childp7ecx->output.outputfn = (NSSCMSContentCallback)nss_cms_encoder_update;
- childp7ecx->output.outputarg = p7ecx;
- childp7ecx->output.destpoolp = NULL;
- childp7ecx->output.dest = NULL;
- childp7ecx->cmsg = p7ecx->cmsg;
-
- template = NSS_CMSUtil_GetTemplateByTypeTag(childtype);
- if (template == NULL)
- goto loser; /* cannot happen */
-
- /* now initialize the data for encoding the first third */
- switch (childp7ecx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- rv = SECSuccess;
- break;
- default:
- PORT_Assert(0);
- break;
- }
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * Initialize the BER encoder.
- */
- childp7ecx->ecx = SEC_ASN1EncoderStart(cinfo->content.pointer, template,
- nss_cms_encoder_out, &(childp7ecx->output));
- if (childp7ecx->ecx == NULL)
- goto loser;
-
- childp7ecx->ecxupdated = PR_FALSE;
-
- /*
- * Indicate that we are streaming. We will be streaming until we
- * get past the contents bytes.
- */
- SEC_ASN1EncoderSetStreaming(childp7ecx->ecx);
-
- /*
- * The notify function will watch for the contents field.
- */
- SEC_ASN1EncoderSetNotifyProc(childp7ecx->ecx, nss_cms_encoder_notify, childp7ecx);
-
- /* please note that we are NOT calling SEC_ASN1EncoderUpdate here to kick off the */
- /* encoding process - we'll do that from the update function instead */
- /* otherwise we'd be encoding data from a call of the notify function of the */
- /* parent encoder (which would not work) */
-
- /* this will kick off the encoding process & encode everything up to the content bytes,
- * at which point the notify function sets streaming mode (and possibly creates
- * another child encoder). */
- if (SEC_ASN1EncoderUpdate(childp7ecx->ecx, NULL, 0) != SECSuccess)
- goto loser;
-
- p7ecx->childp7ecx = childp7ecx;
- break;
-
- case SEC_OID_PKCS7_DATA:
- p7ecx->childp7ecx = NULL;
- break;
- default:
- /* we do not know this type */
- p7ecx->error = SEC_ERROR_BAD_DER;
- break;
- }
-
- return SECSuccess;
-
-loser:
- if (childp7ecx) {
- if (childp7ecx->ecx)
- SEC_ASN1EncoderFinish(childp7ecx->ecx);
- PORT_Free(childp7ecx);
- }
- return SECFailure;
-}
-
-static SECStatus
-nss_cms_after_data(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv = SECFailure;
-
- switch (p7ecx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* this will finish the digests and sign */
- rv = NSS_CMSSignedData_Encode_AfterData(p7ecx->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_AfterData(p7ecx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Encode_AfterData(p7ecx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_AfterData(p7ecx->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- /* do nothing */
- break;
- default:
- rv = SECFailure;
- break;
- }
- return rv;
-}
-
-/*
- * nss_cms_encoder_work_data - process incoming data
- *
- * (from the user or the next encoding layer)
- * Here, we need to digest and/or encrypt, then pass it on
- */
-static SECStatus
-nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
- const unsigned char *data, unsigned long len,
- PRBool final, PRBool innermost)
-{
- unsigned char *buf = NULL;
- SECStatus rv;
- NSSCMSContentInfo *cinfo;
-
- rv = SECSuccess; /* may as well be optimistic */
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- /* we got data (either from the caller, or from a lower level encoder) */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-
- /* Update the running digest. */
- if (len && cinfo->digcx != NULL)
- NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
-
- /* Encrypt this chunk. */
- if (cinfo->ciphcx != NULL) {
- unsigned int inlen; /* length of data being encrypted */
- unsigned int outlen; /* length of encrypted data */
- unsigned int buflen; /* length available for encrypted data */
-
- inlen = len;
- buflen = NSS_CMSCipherContext_EncryptLength(cinfo->ciphcx, inlen, final);
- if (buflen == 0) {
- /*
- * No output is expected, but the input data may be buffered
- * so we still have to call Encrypt.
- */
- rv = NSS_CMSCipherContext_Encrypt(cinfo->ciphcx, NULL, NULL, 0,
- data, inlen, final);
- if (final) {
- len = 0;
- goto done;
- }
- return rv;
- }
-
- if (dest != NULL)
- buf = (unsigned char*)PORT_ArenaAlloc(p7ecx->cmsg->poolp, buflen);
- else
- buf = (unsigned char*)PORT_Alloc(buflen);
-
- if (buf == NULL) {
- rv = SECFailure;
- } else {
- rv = NSS_CMSCipherContext_Encrypt(cinfo->ciphcx, buf, &outlen, buflen,
- data, inlen, final);
- data = buf;
- len = outlen;
- }
- if (rv != SECSuccess)
- /* encryption or malloc failed? */
- return rv;
- }
-
-
- /*
- * at this point (data,len) has everything we'd like to give to the CURRENT encoder
- * (which will encode it, then hand it back to the user or the parent encoder)
- * We don't encode the data if we're innermost and we're told not to include the data
- */
- if (p7ecx->ecx != NULL && len && (!innermost || cinfo->rawContent != NULL))
- rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, (const char *)data, len);
-
-done:
-
- if (cinfo->ciphcx != NULL) {
- if (dest != NULL) {
- dest->data = buf;
- dest->len = len;
- } else if (buf != NULL) {
- PORT_Free (buf);
- }
- }
- return rv;
-}
-
-/*
- * nss_cms_encoder_update - deliver encoded data to the next higher level
- *
- * no recursion here because we REALLY want to end up at the next higher encoder!
- */
-static SECStatus
-nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
-{
- /* XXX Error handling needs help. Return what? Do "Finish" on failure? */
- return nss_cms_encoder_work_data (p7ecx, NULL, (const unsigned char *)data, len, PR_FALSE, PR_FALSE);
-}
-
-/*
- * NSS_CMSEncoder_Start - set up encoding of a CMS message
- *
- * "cmsg" - message to encode
- * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
- * will not be called if NULL.
- * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
- * "destpoolp" - pool to allocate DER-encoded output in
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-NSSCMSEncoderContext *
-NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
- NSSCMSContentCallback outputfn, void *outputarg,
- SECItem *dest, PLArenaPool *destpoolp,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
-{
- NSSCMSEncoderContext *p7ecx;
- SECStatus rv;
- NSSCMSContentInfo *cinfo;
-
- NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
- detached_digestalgs, detached_digests);
-
- p7ecx = (NSSCMSEncoderContext *)PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
- if (p7ecx == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- p7ecx->cmsg = cmsg;
- p7ecx->output.outputfn = outputfn;
- p7ecx->output.outputarg = outputarg;
- p7ecx->output.dest = dest;
- p7ecx->output.destpoolp = destpoolp;
- p7ecx->type = SEC_OID_UNKNOWN;
-
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
- break;
- default:
- rv = SECFailure;
- break;
- }
- if (rv != SECSuccess)
- return NULL;
-
- /* Initialize the BER encoder.
- * Note that this will not encode anything until the first call to SEC_ASN1EncoderUpdate */
- p7ecx->ecx = SEC_ASN1EncoderStart(cmsg, NSSCMSMessageTemplate,
- nss_cms_encoder_out, &(p7ecx->output));
- if (p7ecx->ecx == NULL) {
- PORT_Free (p7ecx);
- return NULL;
- }
- p7ecx->ecxupdated = PR_FALSE;
-
- /*
- * Indicate that we are streaming. We will be streaming until we
- * get past the contents bytes.
- */
- SEC_ASN1EncoderSetStreaming(p7ecx->ecx);
-
- /*
- * The notify function will watch for the contents field.
- */
- SEC_ASN1EncoderSetNotifyProc(p7ecx->ecx, nss_cms_encoder_notify, p7ecx);
-
- /* this will kick off the encoding process & encode everything up to the content bytes,
- * at which point the notify function sets streaming mode (and possibly creates
- * a child encoder). */
- if (SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0) != SECSuccess) {
- PORT_Free (p7ecx);
- return NULL;
- }
-
- return p7ecx;
-}
-
-/*
- * NSS_CMSEncoder_Update - take content data delivery from the user
- *
- * "p7ecx" - encoder context
- * "data" - content data
- * "len" - length of content data
- *
- * need to find the lowest level (and call SEC_ASN1EncoderUpdate on the way down),
- * then hand the data to the work_data fn
- */
-SECStatus
-NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
-{
- SECStatus rv;
- NSSCMSContentInfo *cinfo;
- SECOidTag childtype;
-
- if (p7ecx->error)
- return SECFailure;
-
- /* hand data to the innermost decoder */
- if (p7ecx->childp7ecx) {
- /* recursion here */
- rv = NSS_CMSEncoder_Update(p7ecx->childp7ecx, data, len);
- } else {
- /* we are at innermost decoder */
- /* find out about our inner content type - must be data */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- if (childtype != SEC_OID_PKCS7_DATA)
- return SECFailure;
- /* and we must not have preset data */
- if (cinfo->content.data != NULL)
- return SECFailure;
-
- /* hand it the data so it can encode it (let DER trickle up the chain) */
- rv = nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data, len, PR_FALSE, PR_TRUE);
- }
- return rv;
-}
-
-/*
- * NSS_CMSEncoder_Cancel - stop all encoding
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-SECStatus
-NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv = SECFailure;
-
- /* XXX do this right! */
-
- /*
- * Finish any inner decoders before us so that all the encoded data is flushed
- * This basically finishes all the decoders from the innermost to the outermost.
- * Finishing an inner decoder may result in data being updated to the outer decoder
- * while we are already in NSS_CMSEncoder_Finish, but that's allright.
- */
- if (p7ecx->childp7ecx) {
- rv = NSS_CMSEncoder_Cancel(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
- /* remember rv for now */
- }
-
- /*
- * On the way back up, there will be no more data (if we had an
- * inner encoder, it is done now!)
- * Flush out any remaining data and/or finish digests.
- */
- rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
- if (rv != SECSuccess)
- goto loser;
-
- p7ecx->childp7ecx = NULL;
-
- /* kick the encoder back into working mode again.
- * We turn off streaming stuff (which will cause the encoder to continue
- * encoding happily, now that we have all the data (like digests) ready for it).
- */
- SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
- SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
-
- /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
- rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
-
-loser:
- SEC_ASN1EncoderFinish(p7ecx->ecx);
- PORT_Free (p7ecx);
- return rv;
-}
-
-/*
- * NSS_CMSEncoder_Finish - signal the end of data
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-SECStatus
-NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv = SECFailure;
- NSSCMSContentInfo *cinfo;
- SECOidTag childtype;
-
- /*
- * Finish any inner decoders before us so that all the encoded data is flushed
- * This basically finishes all the decoders from the innermost to the outermost.
- * Finishing an inner decoder may result in data being updated to the outer decoder
- * while we are already in NSS_CMSEncoder_Finish, but that's allright.
- */
- if (p7ecx->childp7ecx) {
- rv = NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
- if (rv != SECSuccess)
- goto loser;
- }
-
- /*
- * On the way back up, there will be no more data (if we had an
- * inner encoder, it is done now!)
- * Flush out any remaining data and/or finish digests.
- */
- rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
- if (rv != SECSuccess)
- goto loser;
-
- p7ecx->childp7ecx = NULL;
-
- /* find out about our inner content type - must be data */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- if (childtype == SEC_OID_PKCS7_DATA && cinfo->content.data == NULL) {
- SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
- /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
- rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
- }
-
- SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
-
- if (p7ecx->error)
- rv = SECFailure;
-
-loser:
- SEC_ASN1EncoderFinish(p7ecx->ecx);
- PORT_Free (p7ecx);
- return rv;
-}
diff --git a/security/nss/lib/smime/cmsenvdata.c b/security/nss/lib/smime/cmsenvdata.c
deleted file mode 100644
index 111ada533..000000000
--- a/security/nss/lib/smime/cmsenvdata.c
+++ /dev/null
@@ -1,424 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS envelopedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-/*
- * NSS_CMSEnvelopedData_Create - create an enveloped data message
- */
-NSSCMSEnvelopedData *
-NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
-{
- void *mark;
- NSSCMSEnvelopedData *envd;
- PLArenaPool *poolp;
- SECStatus rv;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- envd = (NSSCMSEnvelopedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEnvelopedData));
- if (envd == NULL)
- goto loser;
-
- envd->cmsg = cmsg;
-
- /* version is set in NSS_CMSEnvelopedData_Encode_BeforeStart() */
-
- rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(envd->contentInfo), algorithm, NULL, keysize);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return envd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
- */
-void
-NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp)
-{
- NSSCMSRecipientInfo **recipientinfos;
- NSSCMSRecipientInfo *ri;
-
- if (edp == NULL)
- return;
-
- recipientinfos = edp->recipientInfos;
- if (recipientinfos == NULL)
- return;
-
- while ((ri = *recipientinfos++) != NULL)
- NSS_CMSRecipientInfo_Destroy(ri);
-
- NSS_CMSContentInfo_Destroy(&(edp->contentInfo));
-
-}
-
-/*
- * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
- */
-NSSCMSContentInfo *
-NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd)
-{
- return &(envd->contentInfo);
-}
-
-/*
- * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
- *
- * rip must be created on the same pool as edp - this is not enforced, though.
- */
-SECStatus
-NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip)
-{
- void *mark;
- SECStatus rv;
-
- /* XXX compare pools, if not same, copy rip into edp's pool */
-
- PR_ASSERT(edp != NULL);
- PR_ASSERT(rip != NULL);
-
- mark = PORT_ArenaMark(edp->cmsg->poolp);
-
- rv = NSS_CMSArray_Add(edp->cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
- if (rv != SECSuccess) {
- PORT_ArenaRelease(edp->cmsg->poolp, mark);
- return SECFailure;
- }
-
- PORT_ArenaUnmark (edp->cmsg->poolp, mark);
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
- *
- * at this point, we need
- * - recipientinfos set up with recipient's certificates
- * - a content encryption algorithm (if none, 3DES will be used)
- *
- * this function will generate a random content encryption key (aka bulk key),
- * initialize the recipientinfos with certificate identification and wrap the bulk key
- * using the proper algorithm for every certificiate.
- * it will finally set the bulk algorithm and key so that the encode step can find it.
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd)
-{
- int version;
- NSSCMSRecipientInfo **recipientinfos;
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey = NULL;
- SECOidTag bulkalgtag;
- CK_MECHANISM_TYPE type;
- PK11SlotInfo *slot;
- SECStatus rv;
- SECItem *dummy;
- PLArenaPool *poolp;
- extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
- void *mark = NULL;
- int i;
-
- poolp = envd->cmsg->poolp;
- cinfo = &(envd->contentInfo);
-
- recipientinfos = envd->recipientInfos;
- if (recipientinfos == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
- PORT_SetErrorString("Cannot find recipientinfos to encode.");
-#endif
- goto loser;
- }
-
- version = NSS_CMS_ENVELOPED_DATA_VERSION_REG;
- if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
- version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
- } else {
- for (i = 0; recipientinfos[i] != NULL; i++) {
- if (NSS_CMSRecipientInfo_GetVersion(recipientinfos[i]) != 0) {
- version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
- break;
- }
- }
- }
- dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
- if (dummy == NULL)
- goto loser;
-
- /* now we need to have a proper content encryption algorithm
- * on the SMIME level, we would figure one out by looking at SMIME capabilities
- * we cannot do that on our level, so if none is set already, we'll just go
- * with one of the mandatory algorithms (3DES) */
- if ((bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
- rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, cinfo, SEC_OID_DES_EDE3_CBC, NULL, 168);
- if (rv != SECSuccess)
- goto loser;
- bulkalgtag = SEC_OID_DES_EDE3_CBC;
- }
-
- /* generate a random bulk key suitable for content encryption alg */
- type = PK11_AlgtagToMechanism(bulkalgtag);
- slot = PK11_GetBestSlot(type, envd->cmsg->pwfn_arg);
- if (slot == NULL)
- goto loser; /* error has been set by PK11_GetBestSlot */
-
- /* this is expensive... */
- bulkkey = PK11_KeyGen(slot, type, NULL, NSS_CMSContentInfo_GetBulkKeySize(cinfo) / 8, envd->cmsg->pwfn_arg);
- PK11_FreeSlot(slot);
- if (bulkkey == NULL)
- goto loser; /* error has been set by PK11_KeyGen */
-
- mark = PORT_ArenaMark(poolp);
-
- /* Encrypt the bulk key with the public key of each recipient. */
- for (i = 0; recipientinfos[i] != NULL; i++) {
- rv = NSS_CMSRecipientInfo_WrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
- if (rv != SECSuccess)
- goto loser; /* error has been set by NSS_CMSRecipientInfo_EncryptBulkKey */
- /* could be: alg not supported etc. */
- }
-
- /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
- rv = NSS_CMSArray_SortByDER((void **)envd->recipientInfos, NSSCMSRecipientInfoTemplate, NULL);
- if (rv != SECSuccess)
- goto loser; /* error has been set by NSS_CMSArray_SortByDER */
-
- /* store the bulk key in the contentInfo so that the encoder can find it */
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- PORT_ArenaUnmark(poolp, mark);
-
- PK11_FreeSymKey(bulkkey);
-
- return SECSuccess;
-
-loser:
- if (mark != NULL)
- PORT_ArenaRelease (poolp, mark);
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
-
- return SECFailure;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
- *
- * it is essential that this is called before the contentEncAlg is encoded, because
- * setting up the encryption may generate IVs and thus change it!
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd)
-{
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey;
- SECAlgorithmID *algid;
-
- cinfo = &(envd->contentInfo);
-
- /* find bulkkey and algorithm - must have been set by NSS_CMSEnvelopedData_Encode_BeforeStart */
- bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
- if (bulkkey == NULL)
- return SECFailure;
- algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
- if (algid == NULL)
- return SECFailure;
-
- /* this may modify algid (with IVs generated in a token).
- * it is essential that algid is a pointer to the contentEncAlg data, not a
- * pointer to a copy! */
- cinfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(envd->cmsg->poolp, bulkkey, algid);
- PK11_FreeSymKey(bulkkey);
- if (cinfo->ciphcx == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd)
-{
- if (envd->contentInfo.ciphcx) {
- NSS_CMSCipherContext_Destroy(envd->contentInfo.ciphcx);
- envd->contentInfo.ciphcx = NULL;
- }
-
- /* nothing else to do after data */
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
- * derive bulk key & set up our contentinfo
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd)
-{
- NSSCMSRecipientInfo *ri;
- PK11SymKey *bulkkey = NULL;
- SECOidTag bulkalgtag;
- SECAlgorithmID *bulkalg;
- SECStatus rv = SECFailure;
- NSSCMSContentInfo *cinfo;
- NSSCMSRecipient **recipient_list = NULL;
- NSSCMSRecipient *recipient;
- int rlIndex;
-
- if (NSS_CMSArray_Count((void **)envd->recipientInfos) == 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
- PORT_SetErrorString("No recipient data in envelope.");
-#endif
- goto loser;
- }
-
- /* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
- /* get the cert and private key for it right away */
- recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
- if (recipient_list == NULL)
- goto loser;
-
- /* what about multiple recipientInfos that match?
- * especially if, for some reason, we could not produce a bulk key with the first match?!
- * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
- * maybe later... */
- rlIndex = PK11_FindCertAndKeyByRecipientListNew(recipient_list, envd->cmsg->pwfn_arg);
-
- /* if that fails, then we're not an intended recipient and cannot decrypt */
- if (rlIndex < 0) {
- PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
-#if 0
- PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
-#endif
- goto loser;
- }
-
- recipient = recipient_list[rlIndex];
- if (!recipient->cert || !recipient->privkey) {
- /* XXX should set an error code ?!? */
- goto loser;
- }
- /* get a pointer to "our" recipientinfo */
- ri = envd->recipientInfos[recipient->riIndex];
-
- cinfo = &(envd->contentInfo);
- bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
- bulkkey = NSS_CMSRecipientInfo_UnwrapBulkKey(ri,recipient->subIndex,
- recipient->cert,
- recipient->privkey,
- bulkalgtag);
- if (bulkkey == NULL) {
- /* no success finding a bulk key */
- goto loser;
- }
-
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-
- cinfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
- if (cinfo->ciphcx == NULL)
- goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
-
- /*
- * HACK ALERT!!
- * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
- * structure. Therefore, we need to set the bulkkey to the actual key
- * prior to freeing it.
- */
- if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
- SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
- bulkkey = keyPwd->key;
- }
-
- rv = SECSuccess;
-
-loser:
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
- if (recipient_list != NULL)
- nss_cms_recipient_list_destroy(recipient_list);
- return rv;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd)
-{
- if (envd->contentInfo.ciphcx) {
- NSS_CMSCipherContext_Destroy(envd->contentInfo.ciphcx);
- envd->contentInfo.ciphcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd)
-{
- /* apply final touches */
- return SECSuccess;
-}
-
diff --git a/security/nss/lib/smime/cmslocal.h b/security/nss/lib/smime/cmslocal.h
deleted file mode 100644
index 962871804..000000000
--- a/security/nss/lib/smime/cmslocal.h
+++ /dev/null
@@ -1,336 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for CMS implementation, none of which are exported.
- *
- * Do not export this file! If something in here is really needed outside
- * of smime code, first try to add a CMS interface which will do it for
- * you. If that has a problem, then just move out what you need, changing
- * its name as appropriate!
- *
- * $Id$
- */
-
-#ifndef _CMSLOCAL_H_
-#define _CMSLOCAL_H_
-
-#include "cms.h"
-#include "cmsreclist.h"
-#include "secasn1t.h"
-
-extern const SEC_ASN1Template NSSCMSContentInfoTemplate[];
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/***********************************************************************
- * cmscipher.c - en/decryption routines
- ***********************************************************************/
-
-/*
- * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
- * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
- */
-extern NSSCMSCipherContext *
-NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid);
-
-/*
- * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
- * based on the given bulk encryption key and algorithm tag. Fill in the algorithm
- * identifier (which may include an iv) appropriately.
- */
-extern NSSCMSCipherContext *
-NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid);
-
-extern void
-NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc);
-
-/*
- * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- */
-extern unsigned int
-NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
-
-/*
- * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.
- */
-extern unsigned int
-NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
-
-/*
- * NSS_CMSCipherContext_Decrypt - do the decryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Decrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
- * When "final" is true, this is the last of the data to be decrypted.
- */
-extern SECStatus
-NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final);
-
-/*
- * NSS_CMSCipherContext_Encrypt - do the encryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Encrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
- * When "final" is true, this is the last of the data to be encrypted.
- */
-extern SECStatus
-NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final);
-
-/************************************************************************
- * cmspubkey.c - public key operations
- ************************************************************************/
-
-/*
- * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
- *
- * this function takes a symmetric key and encrypts it using an RSA public key
- * according to PKCS#1 and RFC2633 (S/MIME)
- */
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert,
- PK11SymKey *key,
- SECItem *encKey);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_RSAPubKey(PLArenaPool *poolp,
- SECKEYPublicKey *publickey,
- PK11SymKey *bulkkey, SECItem *encKey);
-
-/*
- * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
- *
- * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
- * key handle. Please note that the actual unwrapped key data may not be allowed to leave
- * a hardware token...
- */
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg);
-
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey,
- SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
- SECItem *originatorPubKey);
-
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey,
- SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
-
-/************************************************************************
- * cmsreclist.c - recipient list stuff
- ************************************************************************/
-extern NSSCMSRecipient **nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos);
-extern void nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list);
-extern NSSCMSRecipientEncryptedKey *NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp);
-
-/************************************************************************
- * cmsarray.c - misc array functions
- ************************************************************************/
-/*
- * NSS_CMSArray_Alloc - allocate an array in an arena
- */
-extern void **
-NSS_CMSArray_Alloc(PRArenaPool *poolp, int n);
-
-/*
- * NSS_CMSArray_Add - add an element to the end of an array
- */
-extern SECStatus
-NSS_CMSArray_Add(PRArenaPool *poolp, void ***array, void *obj);
-
-/*
- * NSS_CMSArray_IsEmpty - check if array is empty
- */
-extern PRBool
-NSS_CMSArray_IsEmpty(void **array);
-
-/*
- * NSS_CMSArray_Count - count number of elements in array
- */
-extern int
-NSS_CMSArray_Count(void **array);
-
-/*
- * NSS_CMSArray_Sort - sort an array ascending, in place
- *
- * If "secondary" is not NULL, the same reordering gets applied to it.
- * If "tertiary" is not NULL, the same reordering gets applied to it.
- * "compare" is a function that returns
- * < 0 when the first element is less than the second
- * = 0 when the first element is equal to the second
- * > 0 when the first element is greater than the second
- */
-extern void
-NSS_CMSArray_Sort(void **primary, int (*compare)(void *,void *), void **secondary, void **tertiary);
-
-/************************************************************************
- * cmsattr.c - misc attribute functions
- ************************************************************************/
-/*
- * NSS_CMSAttribute_Create - create an attribute
- *
- * if value is NULL, the attribute won't have a value. It can be added later
- * with NSS_CMSAttribute_AddValue.
- */
-extern NSSCMSAttribute *
-NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded);
-
-/*
- * NSS_CMSAttribute_AddValue - add another value to an attribute
- */
-extern SECStatus
-NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value);
-
-/*
- * NSS_CMSAttribute_GetType - return the OID tag
- */
-extern SECOidTag
-NSS_CMSAttribute_GetType(NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttribute_GetValue - return the first attribute value
- *
- * We do some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-extern SECItem *
-NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
- */
-extern PRBool
-NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av);
-
-/*
- * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
- *
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in cmsencode.c. (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-extern SECItem *
-NSS_CMSAttributeArray_Encode(PRArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest);
-
-/*
- * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
- *
- * make sure that the order of the attributes guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in attrs).
- */
-extern SECStatus
-NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs);
-
-/*
- * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
- * find one that matches the specified object ID.
- *
- * If "only" is true, then make sure that there is not more than one attribute
- * of the same type. Otherwise, just return the first one found. (XXX Does
- * anybody really want that first-found behavior? It was like that when I found it...)
- */
-extern NSSCMSAttribute *
-NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only);
-
-/*
- * NSS_CMSAttributeArray_AddAttr - add an attribute to an
- * array of attributes.
- */
-extern SECStatus
-NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
- */
-extern SECStatus
-NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECOidTag type, SECItem *value, PRBool encoded);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _CMSLOCAL_H_ */
diff --git a/security/nss/lib/smime/cmsmessage.c b/security/nss/lib/smime/cmsmessage.c
deleted file mode 100644
index 21a730e6f..000000000
--- a/security/nss/lib/smime/cmsmessage.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS message methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSMessage_Create - create a CMS message object
- *
- * "poolp" - arena to allocate memory from, or NULL if new arena should be created
- */
-NSSCMSMessage *
-NSS_CMSMessage_Create(PLArenaPool *poolp)
-{
- void *mark = NULL;
- NSSCMSMessage *cmsg;
- PRBool poolp_is_ours = PR_FALSE;
-
- if (poolp == NULL) {
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return NULL;
- poolp_is_ours = PR_TRUE;
- }
-
- if (!poolp_is_ours)
- mark = PORT_ArenaMark(poolp);
-
- cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSMessage));
- if (cmsg == NULL) {
- if (!poolp_is_ours) {
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- } else
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
-
- cmsg->poolp = poolp;
- cmsg->poolp_is_ours = poolp_is_ours;
- cmsg->refCount = 1;
-
- if (mark)
- PORT_ArenaUnmark(poolp, mark);
-
- return cmsg;
-}
-
-/*
- * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
- *
- * "cmsg" - message object
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-void
-NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
-{
- if (pwfn)
- PK11_SetPasswordFunc(pwfn);
- cmsg->pwfn_arg = pwfn_arg;
- cmsg->decrypt_key_cb = decrypt_key_cb;
- cmsg->decrypt_key_cb_arg = decrypt_key_cb_arg;
- cmsg->detached_digestalgs = detached_digestalgs;
- cmsg->detached_digests = detached_digests;
-}
-
-/*
- * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
- */
-void
-NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg)
-{
- PORT_Assert (cmsg->refCount > 0);
- if (cmsg->refCount <= 0) /* oops */
- return;
-
- cmsg->refCount--; /* thread safety? */
- if (cmsg->refCount > 0)
- return;
-
- NSS_CMSContentInfo_Destroy(&(cmsg->contentInfo));
-
- /* if poolp is not NULL, cmsg is the owner of its arena */
- if (cmsg->poolp_is_ours)
- PORT_FreeArena (cmsg->poolp, PR_FALSE); /* XXX clear it? */
-}
-
-/*
- * NSS_CMSMessage_Copy - return a copy of the given message.
- *
- * The copy may be virtual or may be real -- either way, the result needs
- * to be passed to NSS_CMSMessage_Destroy later (as does the original).
- */
-NSSCMSMessage *
-NSS_CMSMessage_Copy(NSSCMSMessage *cmsg)
-{
- if (cmsg == NULL)
- return NULL;
-
- PORT_Assert (cmsg->refCount > 0);
-
- cmsg->refCount++; /* XXX chrisk thread safety? */
- return cmsg;
-}
-
-/*
- * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
- */
-PLArenaPool *
-NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg)
-{
- return cmsg->poolp;
-}
-
-/*
- * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg)
-{
- return &(cmsg->contentInfo);
-}
-
-/*
- * Return a pointer to the actual content.
- * In the case of those types which are encrypted, this returns the *plain* content.
- * In case of nested contentInfos, this descends and retrieves the innermost content.
- */
-SECItem *
-NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg)
-{
- /* this is a shortcut */
- return NSS_CMSContentInfo_GetInnerContent(NSS_CMSMessage_GetContentInfo(cmsg));
-}
-
-/*
- * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
- *
- * CMS data content objects do not count.
- */
-int
-NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg)
-{
- int count = 0;
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
- count++;
- }
- return count;
-}
-
-/*
- * NSS_CMSMessage_ContentLevel - find content level #n
- *
- * CMS data content objects do not count.
- */
-NSSCMSContentInfo *
-NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n)
-{
- int count = 0;
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL && count < n; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
- count++;
- }
-
- return cinfo;
-}
-
-/*
- * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
- */
-PRBool
-NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg)
-{
- NSSCMSContentInfo *cinfo;
-
- /* descend into CMS message */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
- if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- continue; /* next level */
-
- if (NSS_CMSSignedData_ContainsCertsOrCrls(cinfo->content.signedData))
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
- */
-PRBool
-NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg)
-{
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo))
- {
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return PR_TRUE;
- default:
- break;
- }
- }
- return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
- *
- * If the CMS message has a SignedData with a signature (not just a SignedData)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-PRBool
-NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg)
-{
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo))
- {
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- if (!NSS_CMSArray_IsEmpty((void **)cinfo->content.signedData->signerInfos))
- return PR_TRUE;
- break;
- default:
- break;
- }
- }
- return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsContentEmpty - see if content is empty
- *
- * returns PR_TRUE is innermost content length is < minLen
- * XXX need the encrypted content length (why?)
- */
-PRBool
-NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen)
-{
- SECItem *item = NULL;
-
- if (cmsg == NULL)
- return PR_TRUE;
-
- item = NSS_CMSContentInfo_GetContent(NSS_CMSMessage_GetContentInfo(cmsg));
-
- if (!item) {
- return PR_TRUE;
- } else if(item->len <= minLen) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c
deleted file mode 100644
index 1cf0336e4..000000000
--- a/security/nss/lib/smime/cmspubkey.c
+++ /dev/null
@@ -1,555 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS public key crypto
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/* ====== RSA ======================================================================= */
-
-/*
- * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
- *
- * this function takes a symmetric key and encrypts it using an RSA public key
- * according to PKCS#1 and RFC2633 (S/MIME)
- */
-SECStatus
-NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert,
- PK11SymKey *bulkkey,
- SECItem *encKey)
-{
- SECStatus rv;
- SECKEYPublicKey *publickey;
-
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL)
- return SECFailure;
-
- rv = NSS_CMSUtil_EncryptSymKey_RSAPubKey(poolp, publickey, bulkkey, encKey);
- SECKEY_DestroyPublicKey(publickey);
- return rv;
-}
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_RSAPubKey(PLArenaPool *poolp,
- SECKEYPublicKey *publickey,
- PK11SymKey *bulkkey, SECItem *encKey)
-{
- SECStatus rv;
- int data_len;
- KeyType keyType;
- void *mark = NULL;
-
-
- mark = PORT_ArenaMark(poolp);
- if (!mark)
- goto loser;
-
- /* sanity check */
- keyType = SECKEY_GetPublicKeyType(publickey);
- PORT_Assert(keyType == rsaKey);
- if (keyType != rsaKey) {
- goto loser;
- }
- /* allocate memory for the encrypted key */
- data_len = SECKEY_PublicKeyStrength(publickey); /* block size (assumed to be > keylen) */
- encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, data_len);
- encKey->len = data_len;
- if (encKey->data == NULL)
- goto loser;
-
- /* encrypt the key now */
- rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(SEC_OID_PKCS1_RSA_ENCRYPTION),
- publickey, bulkkey, encKey);
-
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- return SECFailure;
-}
-
-/*
- * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
- *
- * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
- * key handle. Please note that the actual unwrapped key data may not be allowed to leave
- * a hardware token...
- */
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag)
-{
- /* that's easy */
- return PK11_PubUnwrapSymKey(privkey, encKey, PK11_AlgtagToMechanism(bulkalgtag), CKA_DECRYPT, 0);
-}
-
-/* ====== MISSI (Fortezza) ========================================================== */
-
-extern const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[];
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *bulkkey,
- SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg)
-{
- SECOidTag certalgtag; /* the certificate's encryption algorithm */
- SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
- SECStatus rv = SECFailure;
- SECItem *params = NULL;
- SECStatus err;
- PK11SymKey *tek;
- CERTCertificate *ourCert;
- SECKEYPublicKey *ourPubKey, *publickey = NULL;
- SECKEYPrivateKey *ourPrivKey = NULL;
- NSSCMSKEATemplateSelector whichKEA = NSSCMSKEAInvalid;
- NSSCMSSMIMEKEAParameters keaParams;
- PLArenaPool *arena = NULL;
- extern const SEC_ASN1Template *nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate);
-
- /* Clear keaParams, since cleanup code checks the lengths */
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- PORT_Assert(certalgtag == SEC_OID_MISSI_KEA_DSS_OLD ||
- certalgtag == SEC_OID_MISSI_KEA_DSS ||
- certalgtag == SEC_OID_MISSI_KEA);
-
-#define SMIME_FORTEZZA_RA_LENGTH 128
-#define SMIME_FORTEZZA_IV_LENGTH 24
-#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
-
- /* We really want to show our KEA tag as the key exchange algorithm tag. */
- encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
-
- /* Get the public key of the recipient. */
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL) goto loser;
-
- /* Find our own cert, and extract its keys. */
- ourCert = PK11_FindBestKEAMatch(cert, pwfn_arg);
- if (ourCert == NULL) goto loser;
-
- arena = PORT_NewArena(1024);
- if (arena == NULL)
- goto loser;
-
- ourPubKey = CERT_ExtractPublicKey(ourCert);
- if (ourPubKey == NULL) {
- CERT_DestroyCertificate(ourCert);
- goto loser;
- }
-
- /* While we're here, copy the public key into the outgoing
- * KEA parameters. */
- SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey), &(ourPubKey->u.fortezza.KEAKey));
- SECKEY_DestroyPublicKey(ourPubKey);
- ourPubKey = NULL;
-
- /* Extract our private key in order to derive the KEA key. */
- ourPrivKey = PK11_FindKeyByAnyCert(ourCert, pwfn_arg);
- CERT_DestroyCertificate(ourCert); /* we're done with this */
- if (!ourPrivKey)
- goto loser;
-
- /* Prepare raItem with 128 bytes (filled with zeros). */
- keaParams.originatorRA.data = (unsigned char *)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
- keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
-
- /* Generate the TEK (token exchange key) which we use
- * to wrap the bulk encryption key. (keaparams.originatorRA) will be
- * filled with a random seed which we need to send to
- * the recipient. (user keying material in RFC2630/DSA speak) */
- tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, pwfn_arg);
-
- SECKEY_DestroyPublicKey(publickey);
- SECKEY_DestroyPrivateKey(ourPrivKey);
- publickey = NULL;
- ourPrivKey = NULL;
-
- if (!tek)
- goto loser;
-
- /* allocate space for the wrapped key data */
- encKey->data = (unsigned char *)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
- encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
- if (encKey->data == NULL) {
- PK11_FreeSymKey(tek);
- goto loser;
- }
-
- /* Wrap the bulk key. What we do with the resulting data
- depends on whether we're using Skipjack to wrap the key. */
- switch (PK11_AlgtagToMechanism(symalgtag)) {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* SKIPJACK, we use the wrap mechanism because we can do it on the hardware */
- err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, bulkkey, encKey);
- whichKEA = NSSCMSKEAUsesSkipjack;
- break;
- default:
- /* Not SKIPJACK, we encrypt the raw key data */
- keaParams.nonSkipjackIV.data =
- (unsigned char *)PORT_ArenaAlloc(arena, SMIME_FORTEZZA_IV_LENGTH);
- keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
- err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV, tek, bulkkey, encKey);
- if (err != SECSuccess)
- goto loser;
-
- if (encKey->len != PK11_GetKeyLength(bulkkey)) {
- /* The size of the encrypted key is not the same as
- that of the original bulk key, presumably due to
- padding. Encode and store the real size of the
- bulk key. */
- if (SEC_ASN1EncodeInteger(arena, &keaParams.bulkKeySize, PK11_GetKeyLength(bulkkey)) == NULL)
- err = (SECStatus)PORT_GetError();
- else
- /* use full template for encoding */
- whichKEA = NSSCMSKEAUsesNonSkipjackWithPaddedEncKey;
- }
- else
- /* enc key length == bulk key length */
- whichKEA = NSSCMSKEAUsesNonSkipjack;
- break;
- }
-
- PK11_FreeSymKey(tek);
-
- if (err != SECSuccess)
- goto loser;
-
- PORT_Assert(whichKEA != NSSCMSKEAInvalid);
-
- /* Encode the KEA parameters into the recipient info. */
- params = SEC_ASN1EncodeItem(poolp, NULL, &keaParams, nss_cms_get_kea_template(whichKEA));
- if (params == NULL)
- goto loser;
-
- /* pass back the algorithm params */
- *pparams = params;
-
- rv = SECSuccess;
-
-loser:
- if (arena)
- PORT_FreeArena(arena, PR_FALSE);
- if (publickey)
- SECKEY_DestroyPublicKey(publickey);
- if (ourPrivKey)
- SECKEY_DestroyPrivateKey(ourPrivKey);
- return rv;
-}
-
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
-{
- /* fortezza: do a key exchange */
- SECStatus err;
- CK_MECHANISM_TYPE bulkType;
- PK11SymKey *tek;
- SECKEYPublicKey *originatorPubKey;
- NSSCMSSMIMEKEAParameters keaParams;
- PK11SymKey *bulkkey;
- int bulkLength;
-
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- /* NOTE: this uses the SMIME v2 recipientinfo for compatibility.
- All additional KEA parameters are DER-encoded in the encryption algorithm parameters */
-
- /* Decode the KEA algorithm parameters. */
- err = SEC_ASN1DecodeItem(NULL, &keaParams, NSS_SMIMEKEAParamTemplateAllParams,
- &(keyEncAlg->parameters));
- if (err != SECSuccess)
- goto loser;
-
- /* get originator's public key */
- originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
- keaParams.originatorKEAKey.len);
- if (originatorPubKey == NULL)
- goto loser;
-
- /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
- The Derive function generates a shared secret and combines it with the originatorRA
- data to come up with an unique session key */
- tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, pwfn_arg);
- SECKEY_DestroyPublicKey(originatorPubKey); /* not needed anymore */
- if (tek == NULL)
- goto loser;
-
- /* Now that we have the TEK, unwrap the bulk key
- with which to decrypt the message. We have to
- do one of two different things depending on
- whether Skipjack was used for *bulk* encryption
- of the message. */
- bulkType = PK11_AlgtagToMechanism(bulkalgtag);
- switch (bulkType) {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* Skipjack is being used as the bulk encryption algorithm.*/
- /* Unwrap the bulk key. */
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
- encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- break;
- default:
- /* Skipjack was not used for bulk encryption of this
- message. Use Skipjack CBC64, with the nonSkipjackIV
- part of the KEA key parameters, to decrypt
- the bulk key. If the optional parameter bulkKeySize is present,
- bulk key size is different than the encrypted key size */
- if (keaParams.bulkKeySize.len > 0) {
- err = SEC_ASN1DecodeItem(NULL, &bulkLength,
- SEC_ASN1_GET(SEC_IntegerTemplate),
- &keaParams.bulkKeySize);
- if (err != SECSuccess)
- goto loser;
- }
-
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV,
- encKey, bulkType, CKA_DECRYPT, bulkLength);
- break;
- }
- return bulkkey;
-loser:
- return NULL;
-}
-
-/* ====== ESDH (Ephemeral-Static Diffie-Hellman) ==================================== */
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
- SECItem *pubKey)
-{
-#if 0 /* not yet done */
- SECOidTag certalgtag; /* the certificate's encryption algorithm */
- SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
- SECStatus rv;
- SECItem *params = NULL;
- int data_len;
- SECStatus err;
- PK11SymKey *tek;
- CERTCertificate *ourCert;
- SECKEYPublicKey *ourPubKey;
- NSSCMSKEATemplateSelector whichKEA = NSSCMSKEAInvalid;
-
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- PORT_Assert(certalgtag == SEC_OID_X942_DIFFIE_HELMAN_KEY);
-
- /* We really want to show our KEA tag as the key exchange algorithm tag. */
- encalgtag = SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN;
-
- /* Get the public key of the recipient. */
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL) goto loser;
-
- /* XXXX generate a DH key pair on a PKCS11 module (XXX which parameters?) */
- /* XXXX */ourCert = PK11_FindBestKEAMatch(cert, wincx);
- if (ourCert == NULL) goto loser;
-
- arena = PORT_NewArena(1024);
- if (arena == NULL) goto loser;
-
- /* While we're here, extract the key pair's public key data and copy it into */
- /* the outgoing parameters. */
- /* XXXX */ourPubKey = CERT_ExtractPublicKey(ourCert);
- if (ourPubKey == NULL)
- {
- goto loser;
- }
- SECITEM_CopyItem(arena, pubKey, /* XXX */&(ourPubKey->u.fortezza.KEAKey));
- SECKEY_DestroyPublicKey(ourPubKey); /* we only need the private key from now on */
- ourPubKey = NULL;
-
- /* Extract our private key in order to derive the KEA key. */
- ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
- CERT_DestroyCertificate(ourCert); /* we're done with this */
- if (!ourPrivKey) goto loser;
-
- /* If ukm desired, prepare it - allocate enough space (filled with zeros). */
- if (ukm) {
- ukm->data = (unsigned char*)PORT_ArenaZAlloc(arena,/* XXXX */);
- ukm->len = /* XXXX */;
- }
-
- /* Generate the KEK (key exchange key) according to RFC2631 which we use
- * to wrap the bulk encryption key. */
- kek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
- ukm, NULL,
- /* XXXX */CKM_KEA_KEY_DERIVE, /* XXXX */CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, wincx);
-
- SECKEY_DestroyPublicKey(publickey);
- SECKEY_DestroyPrivateKey(ourPrivKey);
- publickey = NULL;
- ourPrivKey = NULL;
-
- if (!kek)
- goto loser;
-
- /* allocate space for the encrypted CEK (bulk key) */
- encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
- encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
- if (encKey->data == NULL)
- {
- PK11_FreeSymKey(kek);
- goto loser;
- }
-
-
- /* Wrap the bulk key using CMSRC2WRAP or CMS3DESWRAP, depending on the */
- /* bulk encryption algorithm */
- switch (/* XXXX */PK11_AlgtagToMechanism(enccinfo->encalg))
- {
- case /* XXXX */CKM_SKIPJACK_CFB8:
- err = PK11_WrapSymKey(/* XXXX */CKM_CMS3DES_WRAP, NULL, kek, bulkkey, encKey);
- whichKEA = NSSCMSKEAUsesSkipjack;
- break;
- case /* XXXX */CKM_SKIPJACK_CFB8:
- err = PK11_WrapSymKey(/* XXXX */CKM_CMSRC2_WRAP, NULL, kek, bulkkey, encKey);
- whichKEA = NSSCMSKEAUsesSkipjack;
- break;
- default:
- /* XXXX what do we do here? Neither RC2 nor 3DES... */
- err = SECFailure;
- /* set error */
- break;
- }
-
- PK11_FreeSymKey(kek); /* we do not need the KEK anymore */
- if (err != SECSuccess)
- goto loser;
-
- PORT_Assert(whichKEA != NSSCMSKEAInvalid);
-
- /* see RFC2630 12.3.1.1 "keyEncryptionAlgorithm must be ..." */
- /* params is the DER encoded key wrap algorithm (with parameters!) (XXX) */
- params = SEC_ASN1EncodeItem(arena, NULL, &keaParams, sec_pkcs7_get_kea_template(whichKEA));
- if (params == NULL)
- goto loser;
-
- /* now set keyEncAlg */
- rv = SECOID_SetAlgorithmID(poolp, keyEncAlg, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN, params);
- if (rv != SECSuccess)
- goto loser;
-
- /* XXXXXXX this is not right yet */
-loser:
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (publickey) {
- SECKEY_DestroyPublicKey(publickey);
- }
- if (ourPrivKey) {
- SECKEY_DestroyPrivateKey(ourPrivKey);
- }
-#endif
- return SECFailure;
-}
-
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
-{
-#if 0 /* not yet done */
- SECStatus err;
- CK_MECHANISM_TYPE bulkType;
- PK11SymKey *tek;
- SECKEYPublicKey *originatorPubKey;
- NSSCMSSMIMEKEAParameters keaParams;
-
- /* XXXX get originator's public key */
- originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
- keaParams.originatorKEAKey.len);
- if (originatorPubKey == NULL)
- goto loser;
-
- /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
- The Derive function generates a shared secret and combines it with the originatorRA
- data to come up with an unique session key */
- tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, pwfn_arg);
- SECKEY_DestroyPublicKey(originatorPubKey); /* not needed anymore */
- if (tek == NULL)
- goto loser;
-
- /* Now that we have the TEK, unwrap the bulk key
- with which to decrypt the message. */
- /* Skipjack is being used as the bulk encryption algorithm.*/
- /* Unwrap the bulk key. */
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
- encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-
- return bulkkey;
-
-loser:
-#endif
- return NULL;
-}
-
diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c
deleted file mode 100644
index ac460f5bd..000000000
--- a/security/nss/lib/smime/cmsrecinfo.c
+++ /dev/null
@@ -1,733 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS recipientInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-PRBool
-nss_cmsrecipientinfo_usessubjectkeyid(NSSCMSRecipientInfo *ri)
-{
- if (ri->recipientInfoType == NSSCMSRecipientInfoID_KeyTrans) {
- NSSCMSRecipientIdentifier *rid;
- rid = &ri->ri.keyTransRecipientInfo.recipientIdentifier;
- if (rid->identifierType == NSSCMSRecipientID_SubjectKeyID) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
-
-static SECOidData fakeContent = { 0 };
-NSSCMSRecipientInfo *
-nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg, NSSCMSRecipientIDSelector type,
- CERTCertificate *cert, SECKEYPublicKey *pubKey,
- SECItem *subjKeyID, void* pwfn_arg, SECItem* DERinput)
-{
- NSSCMSRecipientInfo *ri;
- void *mark;
- SECOidTag certalgtag;
- SECStatus rv = SECSuccess;
- NSSCMSRecipientEncryptedKey *rek;
- NSSCMSOriginatorIdentifierOrKey *oiok;
- unsigned long version;
- SECItem *dummy;
- PLArenaPool *poolp;
- CERTSubjectPublicKeyInfo *spki, *freeSpki = NULL;
- NSSCMSRecipientIdentifier *rid;
- extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
-
- if (!cmsg) {
- /* a CMSMessage wasn't supplied, create a fake one to hold the pwfunc
- * and a private arena pool */
- cmsg = NSS_CMSMessage_Create(NULL);
- cmsg->pwfn_arg = pwfn_arg;
- /* mark it as a special cms message */
- cmsg->contentInfo.contentTypeTag = &fakeContent;
- }
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- ri = (NSSCMSRecipientInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientInfo));
- if (ri == NULL)
- goto loser;
-
- ri->cmsg = cmsg;
-
- if (DERinput) {
- /* decode everything from DER */
- SECItem newinput;
- SECStatus rv = SECITEM_CopyItem(poolp, &newinput, DERinput);
- if (SECSuccess != rv)
- goto loser;
- rv = SEC_QuickDERDecodeItem(poolp, ri, NSSCMSRecipientInfoTemplate, &newinput);
- if (SECSuccess != rv)
- goto loser;
- }
-
- switch (type) {
- case NSSCMSRecipientID_IssuerSN:
- {
- ri->cert = CERT_DupCertificate(cert);
- if (NULL == ri->cert)
- goto loser;
- spki = &(cert->subjectPublicKeyInfo);
- break;
- }
-
- case NSSCMSRecipientID_SubjectKeyID:
- {
- PORT_Assert(pubKey);
- spki = freeSpki = SECKEY_CreateSubjectPublicKeyInfo(pubKey);
- break;
- }
-
- case NSSCMSRecipientID_BrandNew:
- goto done;
- break;
-
- default:
- /* unkown type */
- goto loser;
- break;
- }
-
- certalgtag = SECOID_GetAlgorithmTag(&(spki->algorithm));
-
- rid = &ri->ri.keyTransRecipientInfo.recipientIdentifier;
- switch (certalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
- rid->identifierType = type;
- if (type == NSSCMSRecipientID_IssuerSN) {
- rid->id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
- if (rid->id.issuerAndSN == NULL) {
- break;
- }
- } else if (type == NSSCMSRecipientID_SubjectKeyID){
- NSSCMSKeyTransRecipientInfoEx *riExtra;
-
- rid->id.subjectKeyID = PORT_ArenaNew(poolp, SECItem);
- if (rid->id.subjectKeyID == NULL) {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- break;
- }
- SECITEM_CopyItem(poolp, rid->id.subjectKeyID, subjKeyID);
- if (rid->id.subjectKeyID->data == NULL) {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- break;
- }
- riExtra = &ri->ri.keyTransRecipientInfoEx;
- riExtra->version = 0;
- riExtra->pubKey = SECKEY_CopyPublicKey(pubKey);
- if (riExtra->pubKey == NULL) {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- break;
- }
- } else {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA:
- PORT_Assert(type != NSSCMSRecipientID_SubjectKeyID);
- if (type == NSSCMSRecipientID_SubjectKeyID) {
- rv = SECFailure;
- break;
- }
- /* backward compatibility - this is not really a keytrans operation */
- ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
- /* hardcoded issuerSN choice for now */
- ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType = NSSCMSRecipientID_IssuerSN;
- ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
- rv = SECFailure;
- break;
- }
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
- PORT_Assert(type != NSSCMSRecipientID_SubjectKeyID);
- if (type == NSSCMSRecipientID_SubjectKeyID) {
- rv = SECFailure;
- break;
- }
- /* a key agreement op */
- ri->recipientInfoType = NSSCMSRecipientInfoID_KeyAgree;
-
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
- rv = SECFailure;
- break;
- }
- /* we do not support the case where multiple recipients
- * share the same KeyAgreeRecipientInfo and have multiple RecipientEncryptedKeys
- * in this case, we would need to walk all the recipientInfos, take the
- * ones that do KeyAgreement algorithms and join them, algorithm by algorithm
- * Then, we'd generate ONE ukm and OriginatorIdentifierOrKey */
-
- /* only epheremal-static Diffie-Hellman is supported for now
- * this is the only form of key agreement that provides potential anonymity
- * of the sender, plus we do not have to include certs in the message */
-
- /* force single recipientEncryptedKey for now */
- if ((rek = NSS_CMSRecipientEncryptedKey_Create(poolp)) == NULL) {
- rv = SECFailure;
- break;
- }
-
- /* hardcoded IssuerSN choice for now */
- rek->recipientIdentifier.identifierType = NSSCMSKeyAgreeRecipientID_IssuerSN;
- if ((rek->recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) {
- rv = SECFailure;
- break;
- }
-
- oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
-
- /* see RFC2630 12.3.1.1 */
- oiok->identifierType = NSSCMSOriginatorIDOrKey_OriginatorPublicKey;
-
- rv = NSS_CMSArray_Add(poolp, (void ***)&ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys,
- (void *)rek);
-
- break;
- default:
- /* other algorithms not supported yet */
- /* NOTE that we do not support any KEK algorithm */
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- rv = SECFailure;
- break;
- }
-
- if (rv == SECFailure)
- goto loser;
-
- /* set version */
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType == NSSCMSRecipientID_IssuerSN)
- version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN;
- else
- version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY;
- dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyTransRecipientInfo.version), version);
- if (dummy == NULL)
- goto loser;
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyAgreeRecipientInfo.version),
- NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION);
- if (dummy == NULL)
- goto loser;
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* NOTE: this cannot happen as long as we do not support any KEK algorithm */
- dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.kekRecipientInfo.version),
- NSS_CMS_KEK_RECIPIENT_INFO_VERSION);
- if (dummy == NULL)
- goto loser;
- break;
-
- }
-
-done:
- PORT_ArenaUnmark (poolp, mark);
- if (freeSpki)
- SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
- return ri;
-
-loser:
- if (freeSpki) {
- SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
- }
- PORT_ArenaRelease (poolp, mark);
- if (cmsg->contentInfo.contentTypeTag == &fakeContent) {
- NSS_CMSMessage_Destroy(cmsg);
- }
- return NULL;
-}
-
-/*
- * NSS_CMSRecipientInfo_Create - create a recipientinfo
- *
- * we currently do not create KeyAgreement recipientinfos with multiple
- * recipientEncryptedKeys the certificate is supposed to have been
- * verified by the caller
- */
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert)
-{
- return nss_cmsrecipientinfo_create(cmsg, NSSCMSRecipientID_IssuerSN, cert,
- NULL, NULL, NULL, NULL);
-}
-
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateNew(void* pwfn_arg)
-{
- return nss_cmsrecipientinfo_create(NULL, NSSCMSRecipientID_BrandNew, NULL,
- NULL, NULL, pwfn_arg, NULL);
-}
-
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateFromDER(SECItem* input, void* pwfn_arg)
-{
- return nss_cmsrecipientinfo_create(NULL, NSSCMSRecipientID_BrandNew, NULL,
- NULL, NULL, pwfn_arg, input);
-}
-
-
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg,
- SECItem *subjKeyID,
- SECKEYPublicKey *pubKey)
-{
- return nss_cmsrecipientinfo_create(cmsg, NSSCMSRecipientID_SubjectKeyID,
- NULL, pubKey, subjKeyID, NULL, NULL);
-}
-
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert(NSSCMSMessage *cmsg,
- CERTCertificate *cert)
-{
- SECKEYPublicKey *pubKey = NULL;
- SECItem subjKeyID = {siBuffer, NULL, 0};
- NSSCMSRecipientInfo *retVal = NULL;
-
- if (!cmsg || !cert) {
- return NULL;
- }
- pubKey = CERT_ExtractPublicKey(cert);
- if (!pubKey) {
- goto done;
- }
- if (CERT_FindSubjectKeyIDExtension(cert, &subjKeyID) != SECSuccess ||
- subjKeyID.data == NULL) {
- goto done;
- }
- retVal = NSS_CMSRecipientInfo_CreateWithSubjKeyID(cmsg, &subjKeyID, pubKey);
-done:
- if (pubKey)
- SECKEY_DestroyPublicKey(pubKey);
-
- if (subjKeyID.data)
- SECITEM_FreeItem(&subjKeyID, PR_FALSE);
-
- return retVal;
-}
-
-void
-NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri)
-{
- if (!ri) {
- return;
- }
- /* version was allocated on the pool, so no need to destroy it */
- /* issuerAndSN was allocated on the pool, so no need to destroy it */
- if (ri->cert != NULL)
- CERT_DestroyCertificate(ri->cert);
-
- if (nss_cmsrecipientinfo_usessubjectkeyid(ri)) {
- NSSCMSKeyTransRecipientInfoEx *extra;
- extra = &ri->ri.keyTransRecipientInfoEx;
- if (extra->pubKey)
- SECKEY_DestroyPublicKey(extra->pubKey);
- }
- if (ri->cmsg && ri->cmsg->contentInfo.contentTypeTag == &fakeContent) {
- NSS_CMSMessage_Destroy(ri->cmsg);
- }
-
- /* we're done. */
-}
-
-int
-NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri)
-{
- unsigned long version;
- SECItem *versionitem = NULL;
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- /* ignore subIndex */
- versionitem = &(ri->ri.keyTransRecipientInfo.version);
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* ignore subIndex */
- versionitem = &(ri->ri.kekRecipientInfo.version);
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- versionitem = &(ri->ri.keyAgreeRecipientInfo.version);
- break;
- }
-
- PORT_Assert(versionitem);
- if (versionitem == NULL)
- return 0;
-
- /* always take apart the SECItem */
- if (SEC_ASN1DecodeInteger(versionitem, &version) != SECSuccess)
- return 0;
- else
- return (int)version;
-}
-
-SECItem *
-NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex)
-{
- SECItem *enckey = NULL;
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- /* ignore subIndex */
- enckey = &(ri->ri.keyTransRecipientInfo.encKey);
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* ignore subIndex */
- enckey = &(ri->ri.kekRecipientInfo.encKey);
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
- break;
- }
- return enckey;
-}
-
-
-SECOidTag
-NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri)
-{
- SECOidTag encalgtag = SEC_OID_UNKNOWN; /* an invalid encryption alg */
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
- break;
- case NSSCMSRecipientInfoID_KEK:
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
- break;
- }
- return encalgtag;
-}
-
-SECStatus
-NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey,
- SECOidTag bulkalgtag)
-{
- CERTCertificate *cert;
- SECOidTag certalgtag;
- SECStatus rv = SECSuccess;
- SECItem *params = NULL;
- NSSCMSRecipientEncryptedKey *rek;
- NSSCMSOriginatorIdentifierOrKey *oiok;
- CERTSubjectPublicKeyInfo *spki, *freeSpki = NULL;
- PLArenaPool *poolp;
- NSSCMSKeyTransRecipientInfoEx *extra = NULL;
- PRBool usesSubjKeyID;
-
- poolp = ri->cmsg->poolp;
- cert = ri->cert;
- usesSubjKeyID = nss_cmsrecipientinfo_usessubjectkeyid(ri);
- if (cert) {
- spki = &cert->subjectPublicKeyInfo;
- certalgtag = SECOID_GetAlgorithmTag(&(spki->algorithm));
- } else if (usesSubjKeyID) {
- extra = &ri->ri.keyTransRecipientInfoEx;
- /* sanity check */
- PORT_Assert(extra->pubKey);
- if (!extra->pubKey) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- spki = freeSpki = SECKEY_CreateSubjectPublicKeyInfo(extra->pubKey);
- certalgtag = SECOID_GetAlgorithmTag(&spki->algorithm);
- } else {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* XXX set ri->recipientInfoType to the proper value here */
- /* or should we look if it's been set already ? */
-
- certalgtag = SECOID_GetAlgorithmTag(&spki->algorithm);
- switch (certalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- /* wrap the symkey */
- if (cert) {
- rv = NSS_CMSUtil_EncryptSymKey_RSA(poolp, cert, bulkkey,
- &ri->ri.keyTransRecipientInfo.encKey);
- if (rv != SECSuccess)
- break;
- } else if (usesSubjKeyID) {
- PORT_Assert(extra != NULL);
- rv = NSS_CMSUtil_EncryptSymKey_RSAPubKey(poolp, extra->pubKey,
- bulkkey, &ri->ri.keyTransRecipientInfo.encKey);
- if (rv != SECSuccess)
- break;
- }
-
- rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, NULL);
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA:
- rv = NSS_CMSUtil_EncryptSymKey_MISSI(poolp, cert, bulkkey,
- bulkalgtag,
- &ri->ri.keyTransRecipientInfo.encKey,
- &params, ri->cmsg->pwfn_arg);
- if (rv != SECSuccess)
- break;
-
- /* here, we DO need to pass the params to the wrap function because, with
- * RSA, there is no funny stuff going on with generation of IV vectors or so */
- rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, params);
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
- rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[0];
- if (rek == NULL) {
- rv = SECFailure;
- break;
- }
-
- oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
- PORT_Assert(oiok->identifierType == NSSCMSOriginatorIDOrKey_OriginatorPublicKey);
-
- /* see RFC2630 12.3.1.1 */
- if (SECOID_SetAlgorithmID(poolp, &oiok->id.originatorPublicKey.algorithmIdentifier,
- SEC_OID_X942_DIFFIE_HELMAN_KEY, NULL) != SECSuccess) {
- rv = SECFailure;
- break;
- }
-
- /* this will generate a key pair, compute the shared secret, */
- /* derive a key and ukm for the keyEncAlg out of it, encrypt the bulk key with */
- /* the keyEncAlg, set encKey, keyEncAlg, publicKey etc. */
- rv = NSS_CMSUtil_EncryptSymKey_ESDH(poolp, cert, bulkkey,
- &rek->encKey,
- &ri->ri.keyAgreeRecipientInfo.ukm,
- &ri->ri.keyAgreeRecipientInfo.keyEncAlg,
- &oiok->id.originatorPublicKey.publicKey);
-
- break;
- default:
- /* other algorithms not supported yet */
- /* NOTE that we do not support any KEK algorithm */
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- rv = SECFailure;
- break;
- }
- if (freeSpki)
- SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
-
- return rv;
-}
-
-PK11SymKey *
-NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
- CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag)
-{
- PK11SymKey *bulkkey = NULL;
- SECAlgorithmID *encalg;
- SECOidTag encalgtag;
- SECItem *enckey;
- int error;
-
- ri->cert = CERT_DupCertificate(cert);
- /* mark the recipientInfo so we can find it later */
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- encalg = &(ri->ri.keyTransRecipientInfo.keyEncAlg);
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
- enckey = &(ri->ri.keyTransRecipientInfo.encKey); /* ignore subIndex */
- switch (encalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- /* RSA encryption algorithm: */
- /* get the symmetric (bulk) key by unwrapping it using our private key */
- bulkkey = NSS_CMSUtil_DecryptSymKey_RSA(privkey, enckey, bulkalgtag);
- break;
- case SEC_OID_NETSCAPE_SMIME_KEA:
- /* FORTEZZA key exchange algorithm */
- /* the supplemental data is in the parameters of encalg */
- bulkkey = NSS_CMSUtil_DecryptSymKey_MISSI(privkey, enckey, encalg, bulkalgtag, ri->cmsg->pwfn_arg);
- break;
- default:
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto loser;
- }
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- encalg = &(ri->ri.keyAgreeRecipientInfo.keyEncAlg);
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
- enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
- switch (encalgtag) {
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- /* Diffie-Helman key exchange */
- /* XXX not yet implemented */
- /* XXX problem: SEC_OID_X942_DIFFIE_HELMAN_KEY points to a PKCS3 mechanism! */
- /* we support ephemeral-static DH only, so if the recipientinfo */
- /* has originator stuff in it, we punt (or do we? shouldn't be that hard...) */
- /* first, we derive the KEK (a symkey!) using a Derive operation, then we get the */
- /* content encryption key using a Unwrap op */
- /* the derive operation has to generate the key using the algorithm in RFC2631 */
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- break;
- default:
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto loser;
- }
- break;
- case NSSCMSRecipientInfoID_KEK:
- encalg = &(ri->ri.kekRecipientInfo.keyEncAlg);
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
- enckey = &(ri->ri.kekRecipientInfo.encKey);
- /* not supported yet */
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto loser;
- break;
- }
- /* XXXX continue here */
- return bulkkey;
-
-loser:
- return NULL;
-}
-
-SECStatus NSS_CMSRecipientInfo_GetCertAndKey(NSSCMSRecipientInfo *ri,
- CERTCertificate** retcert,
- SECKEYPrivateKey** retkey)
-{
- CERTCertificate* cert = NULL;
- NSSCMSRecipient** recipients = NULL;
- NSSCMSRecipientInfo* recipientInfos[2];
- SECStatus rv = SECSuccess;
- SECKEYPrivateKey* key = NULL;
-
- if (!ri)
- return SECFailure;
-
- if (!retcert && !retkey) {
- /* nothing requested, nothing found, success */
- return SECSuccess;
- }
-
- if (retcert) {
- *retcert = NULL;
- }
- if (retkey) {
- *retkey = NULL;
- }
-
- if (ri->cert) {
- cert = CERT_DupCertificate(ri->cert);
- if (!cert) {
- rv = SECFailure;
- }
- }
- if (SECSuccess == rv && !cert) {
- /* we don't have the cert, we have to look for it */
- /* first build an NSS_CMSRecipient */
- recipientInfos[0] = ri;
- recipientInfos[1] = NULL;
-
- recipients = nss_cms_recipient_list_create(recipientInfos);
- if (recipients) {
- /* now look for the cert and key */
- if (0 == PK11_FindCertAndKeyByRecipientListNew(recipients,
- ri->cmsg->pwfn_arg)) {
- cert = CERT_DupCertificate(recipients[0]->cert);
- key = SECKEY_CopyPrivateKey(recipients[0]->privkey);
- } else {
- rv = SECFailure;
- }
-
- nss_cms_recipient_list_destroy(recipients);
- }
- else {
- rv = SECFailure;
- }
- } else if (SECSuccess == rv && cert && retkey) {
- /* we have the cert, we just need the key now */
- key = PK11_FindPrivateKeyFromCert(cert->slot, cert, ri->cmsg->pwfn_arg);
- }
- if (retcert) {
- *retcert = cert;
- } else {
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
- }
- if (retkey) {
- *retkey = key;
- } else {
- if (key) {
- SECKEY_DestroyPrivateKey(key);
- }
- }
-
- return rv;
-}
-
-SECStatus NSS_CMSRecipientInfo_Encode(PRArenaPool* poolp,
- const NSSCMSRecipientInfo *src,
- SECItem* returned)
-{
- extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
- SECStatus rv = SECFailure;
- if (!src || !returned) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- } else if (SEC_ASN1EncodeItem(poolp, returned, src,
- NSSCMSRecipientInfoTemplate)) {
- rv = SECSuccess;
- }
- return rv;
-}
diff --git a/security/nss/lib/smime/cmsreclist.c b/security/nss/lib/smime/cmsreclist.c
deleted file mode 100644
index b6fc62ee4..000000000
--- a/security/nss/lib/smime/cmsreclist.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS recipient list functions
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-static int
-nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos, NSSCMSRecipient **recipient_list)
-{
- int count = 0;
- int rlindex = 0;
- int i, j;
- NSSCMSRecipient *rle;
- NSSCMSRecipientInfo *ri;
- NSSCMSRecipientEncryptedKey *rek;
-
- for (i = 0; recipientinfos[i] != NULL; i++) {
- ri = recipientinfos[i];
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- if (recipient_list) {
- /* alloc one & fill it out */
- rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
- if (rle == NULL)
- return -1;
-
- rle->riIndex = i;
- rle->subIndex = -1;
- switch (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType) {
- case NSSCMSRecipientID_IssuerSN:
- rle->kind = RLIssuerSN;
- rle->id.issuerAndSN = ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN;
- break;
- case NSSCMSRecipientID_SubjectKeyID:
- rle->kind = RLSubjKeyID;
- rle->id.subjectKeyID = ri->ri.keyTransRecipientInfo.recipientIdentifier.id.subjectKeyID;
- break;
- }
- recipient_list[rlindex++] = rle;
- } else {
- count++;
- }
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- if (ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys == NULL)
- break;
- for (j=0; ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j] != NULL; j++) {
- if (recipient_list) {
- rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j];
- /* alloc one & fill it out */
- rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
- if (rle == NULL)
- return -1;
-
- rle->riIndex = i;
- rle->subIndex = j;
- switch (rek->recipientIdentifier.identifierType) {
- case NSSCMSKeyAgreeRecipientID_IssuerSN:
- rle->kind = RLIssuerSN;
- rle->id.issuerAndSN = rek->recipientIdentifier.id.issuerAndSN;
- break;
- case NSSCMSKeyAgreeRecipientID_RKeyID:
- rle->kind = RLSubjKeyID;
- rle->id.subjectKeyID = rek->recipientIdentifier.id.recipientKeyIdentifier.subjectKeyIdentifier;
- break;
- }
- recipient_list[rlindex++] = rle;
- } else {
- count++;
- }
- }
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* KEK is not implemented */
- break;
- }
- }
- /* if we have a recipient list, we return on success (-1, above, on failure) */
- /* otherwise, we return the count. */
- if (recipient_list) {
- recipient_list[rlindex] = NULL;
- return 0;
- } else {
- return count;
- }
-}
-
-NSSCMSRecipient **
-nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos)
-{
- int count, rv;
- NSSCMSRecipient **recipient_list;
-
- /* count the number of recipient identifiers */
- count = nss_cms_recipients_traverse(recipientinfos, NULL);
- if (count <= 0) {
- /* no recipients? */
- PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
- PORT_SetErrorString("Cannot find recipient data in envelope.");
-#endif
- return NULL;
- }
-
- /* allocate an array of pointers */
- recipient_list = (NSSCMSRecipient **)
- PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *));
- if (recipient_list == NULL)
- return NULL;
-
- /* now fill in the recipient_list */
- rv = nss_cms_recipients_traverse(recipientinfos, recipient_list);
- if (rv < 0) {
- nss_cms_recipient_list_destroy(recipient_list);
- return NULL;
- }
- return recipient_list;
-}
-
-void
-nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list)
-{
- int i;
- NSSCMSRecipient *recipient;
-
- for (i=0; recipient_list[i] != NULL; i++) {
- recipient = recipient_list[i];
- if (recipient->cert)
- CERT_DestroyCertificate(recipient->cert);
- if (recipient->privkey)
- SECKEY_DestroyPrivateKey(recipient->privkey);
- if (recipient->slot)
- PK11_FreeSlot(recipient->slot);
- PORT_Free(recipient);
- }
- PORT_Free(recipient_list);
-}
-
-NSSCMSRecipientEncryptedKey *
-NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp)
-{
- return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientEncryptedKey));
-}
diff --git a/security/nss/lib/smime/cmsreclist.h b/security/nss/lib/smime/cmsreclist.h
deleted file mode 100644
index 19b13e115..000000000
--- a/security/nss/lib/smime/cmsreclist.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * $Id$
- */
-
-#ifndef _CMSRECLIST_H
-#define _CMSRECLIST_H
-
-struct NSSCMSRecipientStr {
- int riIndex; /* this recipient's index in recipientInfo array */
- int subIndex; /* index into recipientEncryptedKeys */
- /* (only in NSSCMSKeyAgreeRecipientInfoStr) */
- enum {RLIssuerSN=0, RLSubjKeyID=1} kind; /* for conversion recipientinfos -> recipientlist */
- union {
- CERTIssuerAndSN * issuerAndSN;
- SECItem * subjectKeyID;
- } id;
-
- /* result data (filled out for each recipient that's us) */
- CERTCertificate * cert;
- SECKEYPrivateKey * privkey;
- PK11SlotInfo * slot;
-};
-
-typedef struct NSSCMSRecipientStr NSSCMSRecipient;
-
-#endif /* _CMSRECLIST_H */
diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c
deleted file mode 100644
index 82c32be9f..000000000
--- a/security/nss/lib/smime/cmssigdata.c
+++ /dev/null
@@ -1,985 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS signedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-/*#include "cdbhdl.h"*/
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-NSSCMSSignedData *
-NSS_CMSSignedData_Create(NSSCMSMessage *cmsg)
-{
- void *mark;
- NSSCMSSignedData *sigd;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- sigd = (NSSCMSSignedData *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSSignedData));
- if (sigd == NULL)
- goto loser;
-
- sigd->cmsg = cmsg;
-
- /* signerInfos, certs, certlists, crls are all empty */
- /* version is set in NSS_CMSSignedData_Finalize() */
-
- PORT_ArenaUnmark(poolp, mark);
- return sigd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-void
-NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd)
-{
- CERTCertificate **certs, *cert;
- CERTCertificateList **certlists, *certlist;
- NSSCMSSignerInfo **signerinfos, *si;
-
- if (sigd == NULL)
- return;
-
- certs = sigd->certs;
- certlists = sigd->certLists;
- signerinfos = sigd->signerInfos;
-
- if (certs != NULL) {
- while ((cert = *certs++) != NULL)
- CERT_DestroyCertificate (cert);
- }
-
- if (certlists != NULL) {
- while ((certlist = *certlists++) != NULL)
- CERT_DestroyCertificateList (certlist);
- }
-
- if (signerinfos != NULL) {
- while ((si = *signerinfos++) != NULL)
- NSS_CMSSignerInfo_Destroy(si);
- }
-
- /* everything's in a pool, so don't worry about the storage */
- NSS_CMSContentInfo_Destroy(&(sigd->contentInfo));
-
-}
-
-/*
- * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
- * before start of encoding.
- *
- * In detail:
- * - find out about the right value to put into sigd->version
- * - come up with a list of digestAlgorithms (which should be the union of the algorithms
- * in the signerinfos).
- * If we happen to have a pre-set list of algorithms (and digest values!), we
- * check if we have all the signerinfos' algorithms. If not, this is an error.
- */
-SECStatus
-NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd)
-{
- NSSCMSSignerInfo *signerinfo;
- SECOidTag digestalgtag;
- SECItem *dummy;
- int version;
- SECStatus rv;
- PRBool haveDigests = PR_FALSE;
- int n, i;
- PLArenaPool *poolp;
-
- poolp = sigd->cmsg->poolp;
-
- /* we assume that we have precomputed digests if there is a list of algorithms, and */
- /* a chunk of data for each of those algorithms */
- if (sigd->digestAlgorithms != NULL && sigd->digests != NULL) {
- for (i=0; sigd->digestAlgorithms[i] != NULL; i++) {
- if (sigd->digests[i] == NULL)
- break;
- }
- if (sigd->digestAlgorithms[i] == NULL) /* reached the end of the array? */
- haveDigests = PR_TRUE; /* yes: we must have all the digests */
- }
-
- version = NSS_CMS_SIGNED_DATA_VERSION_BASIC;
-
- /* RFC2630 5.1 "version is the syntax version number..." */
- if (NSS_CMSContentInfo_GetContentTypeTag(&(sigd->contentInfo)) != SEC_OID_PKCS7_DATA)
- version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
-
- /* prepare all the SignerInfos (there may be none) */
- for (i=0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
- signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
-
- /* RFC2630 5.1 "version is the syntax version number..." */
- if (NSS_CMSSignerInfo_GetVersion(signerinfo) != NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN)
- version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
-
- /* collect digestAlgorithms from SignerInfos */
- /* (we need to know which algorithms we have when the content comes in) */
- /* do not overwrite any existing digestAlgorithms (and digest) */
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
- if (n < 0 && haveDigests) {
- /* oops, there is a digestalg we do not have a digest for */
- /* but we were supposed to have all the digests already... */
- goto loser;
- } else if (n < 0) {
- /* add the digestAlgorithm & a NULL digest */
- rv = NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, NULL);
- if (rv != SECSuccess)
- goto loser;
- } else {
- /* found it, nothing to do */
- }
- }
-
- dummy = SEC_ASN1EncodeInteger(poolp, &(sigd->version), (long)version);
- if (dummy == NULL)
- return SECFailure;
-
- /* this is a SET OF, so we need to sort them guys */
- rv = NSS_CMSArray_SortByDER((void **)sigd->digestAlgorithms,
- SEC_ASN1_GET(SECOID_AlgorithmIDTemplate),
- (void **)sigd->digests);
- if (rv != SECSuccess)
- return SECFailure;
-
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd)
-{
- /* set up the digests */
- if (sigd->digestAlgorithms != NULL) {
- sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
- if (sigd->contentInfo.digcx == NULL)
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - create the signatures in all the SignerInfos
- *
- * Please note that nothing is done to the Certificates and CRLs in the message - this
- * is entirely the responsibility of our callers.
- */
-SECStatus
-NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd)
-{
- NSSCMSSignerInfo **signerinfos, *signerinfo;
- NSSCMSContentInfo *cinfo;
- SECOidTag digestalgtag;
- SECStatus ret = SECFailure;
- SECStatus rv;
- SECItem *contentType;
- int certcount;
- int i, ci, cli, n, rci, si;
- PLArenaPool *poolp;
- CERTCertificateList *certlist;
- extern const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
-
- poolp = sigd->cmsg->poolp;
- cinfo = &(sigd->contentInfo);
-
- /* did we have digest calculation going on? */
- if (cinfo->digcx) {
- rv = NSS_CMSDigestContext_FinishMultiple(cinfo->digcx, poolp, &(sigd->digests));
- if (rv != SECSuccess)
- goto loser; /* error has been set by NSS_CMSDigestContext_FinishMultiple */
- cinfo->digcx = NULL;
- }
-
- signerinfos = sigd->signerInfos;
- certcount = 0;
-
- /* prepare all the SignerInfos (there may be none) */
- for (i=0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
- signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
-
- /* find correct digest for this signerinfo */
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
- if (n < 0 || sigd->digests == NULL || sigd->digests[n] == NULL) {
- /* oops - digest not found */
- PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
- goto loser;
- }
-
- /* XXX if our content is anything else but data, we need to force the
- * presence of signed attributes (RFC2630 5.3 "signedAttributes is a
- * collection...") */
-
- /* pass contentType here as we want a contentType attribute */
- if ((contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo)) == NULL)
- goto loser;
-
- /* sign the thing */
- rv = NSS_CMSSignerInfo_Sign(signerinfo, sigd->digests[n], contentType);
- if (rv != SECSuccess)
- goto loser;
-
- /* while we're at it, count number of certs in certLists */
- certlist = NSS_CMSSignerInfo_GetCertList(signerinfo);
- if (certlist)
- certcount += certlist->len;
- }
-
- /* this is a SET OF, so we need to sort them guys */
- rv = NSS_CMSArray_SortByDER((void **)signerinfos, NSSCMSSignerInfoTemplate, NULL);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * now prepare certs & crls
- */
-
- /* count the rest of the certs */
- if (sigd->certs != NULL) {
- for (ci = 0; sigd->certs[ci] != NULL; ci++)
- certcount++;
- }
-
- if (sigd->certLists != NULL) {
- for (cli = 0; sigd->certLists[cli] != NULL; cli++)
- certcount += sigd->certLists[cli]->len;
- }
-
- if (certcount == 0) {
- sigd->rawCerts = NULL;
- } else {
- /*
- * Combine all of the certs and cert chains into rawcerts.
- * Note: certcount is an upper bound; we may not need that many slots
- * but we will allocate anyway to avoid having to do another pass.
- * (The temporary space saving is not worth it.)
- *
- * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
- * SetOfDERcertficates implementation
- */
- sigd->rawCerts = (SECItem **)PORT_ArenaAlloc(poolp, (certcount + 1) * sizeof(SECItem *));
- if (sigd->rawCerts == NULL)
- return SECFailure;
-
- /*
- * XXX Want to check for duplicates and not add *any* cert that is
- * already in the set. This will be more important when we start
- * dealing with larger sets of certs, dual-key certs (signing and
- * encryption), etc. For the time being we can slide by...
- *
- * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
- * SetOfDERcertficates implementation
- */
- rci = 0;
- if (signerinfos != NULL) {
- for (si = 0; signerinfos[si] != NULL; si++) {
- signerinfo = signerinfos[si];
- for (ci = 0; ci < signerinfo->certList->len; ci++)
- sigd->rawCerts[rci++] = &(signerinfo->certList->certs[ci]);
- }
- }
-
- if (sigd->certs != NULL) {
- for (ci = 0; sigd->certs[ci] != NULL; ci++)
- sigd->rawCerts[rci++] = &(sigd->certs[ci]->derCert);
- }
-
- if (sigd->certLists != NULL) {
- for (cli = 0; sigd->certLists[cli] != NULL; cli++) {
- for (ci = 0; ci < sigd->certLists[cli]->len; ci++)
- sigd->rawCerts[rci++] = &(sigd->certLists[cli]->certs[ci]);
- }
- }
-
- sigd->rawCerts[rci] = NULL;
-
- /* this is a SET OF, so we need to sort them guys - we have the DER already, though */
- NSS_CMSArray_Sort((void **)sigd->rawCerts, NSS_CMSUtil_DERCompare, NULL, NULL);
- }
-
- ret = SECSuccess;
-
-loser:
- return ret;
-}
-
-SECStatus
-NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
-{
- /* set up the digests */
- if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
- /* if digests are already there, do nothing */
- sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
- if (sigd->contentInfo.digcx == NULL)
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the decoder.
- */
-SECStatus
-NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd)
-{
- /* did we have digest calculation going on? */
- if (sigd->contentInfo.digcx) {
- if (NSS_CMSDigestContext_FinishMultiple(sigd->contentInfo.digcx, sigd->cmsg->poolp, &(sigd->digests)) != SECSuccess)
- return SECFailure; /* error has been set by NSS_CMSDigestContext_FinishMultiple */
- sigd->contentInfo.digcx = NULL;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
- * after all decoding is finished.
- */
-SECStatus
-NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd)
-{
- NSSCMSSignerInfo **signerinfos;
- int i;
-
- /* set cmsg for all the signerinfos */
- signerinfos = sigd->signerInfos;
-
- /* set cmsg for all the signerinfos */
- if (signerinfos) {
- for (i = 0; signerinfos[i] != NULL; i++)
- signerinfos[i]->cmsg = sigd->cmsg;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
- */
-NSSCMSSignerInfo **
-NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd)
-{
- return sigd->signerInfos;
-}
-
-int
-NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd)
-{
- return NSS_CMSArray_Count((void **)sigd->signerInfos);
-}
-
-NSSCMSSignerInfo *
-NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
-{
- return sigd->signerInfos[i];
-}
-
-/*
- * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
- */
-SECAlgorithmID **
-NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd)
-{
- return sigd->digestAlgorithms;
-}
-
-/*
- * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
- */
-NSSCMSContentInfo *
-NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd)
-{
- return &(sigd->contentInfo);
-}
-
-/*
- * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
- */
-SECItem **
-NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd)
-{
- return sigd->rawCerts;
-}
-
-SECStatus
-NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
- SECCertUsage certusage, PRBool keepcerts)
-{
- int certcount;
- CERTCertificate **certArray = NULL;
- CERTCertList *certList = NULL;
- CERTCertListNode *node;
- SECStatus rv;
- SECItem **rawArray;
- int i;
- PRTime now;
-
- certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
-
- /* get the certs in the temp DB */
- rv = CERT_ImportCerts(certdb, certusage, certcount, sigd->rawCerts,
- &certArray, PR_FALSE, PR_FALSE, NULL);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (!keepcerts) {
- goto done;
- }
-
- /* build a CertList for filtering */
- certList = CERT_NewCertList();
- if (certList == NULL) {
- rv = SECFailure;
- goto loser;
- }
- for (i=0; i < certcount; i++) {
- CERTCertificate *cert = CERT_DupCertificate(certArray[i]);
- CERT_AddCertToListTail(certList,cert);
- }
-
- /* filter out the certs we don't want */
- rv = CERT_FilterCertListByUsage(certList,certusage, PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* go down the remaining list of certs and verify that they have
- * valid chains, then import them.
- */
- now = PR_Now();
- for (node = CERT_LIST_HEAD(certList) ; !CERT_LIST_END(node,certList);
- node= CERT_LIST_NEXT(node)) {
- CERTCertificateList *certChain;
-
- if (CERT_VerifyCert(certdb, node->cert,
- PR_TRUE, certusage, now, NULL, NULL) != SECSuccess) {
- continue;
- }
-
- certChain = CERT_CertChainFromCert(node->cert, certusage, PR_FALSE);
- if (!certChain) {
- continue;
- }
-
- /*
- * CertChain returns an array of SECItems, import expects an array of
- * SECItem pointers. Create the SECItem Pointers from the array of
- * SECItems.
- */
- rawArray = (SECItem **)PORT_Alloc(certChain->len*sizeof (SECItem *));
- if (!rawArray) {
- CERT_DestroyCertificateList(certChain);
- continue;
- }
- for (i=0; i < certChain->len; i++) {
- rawArray[i] = &certChain->certs[i];
- }
- (void )CERT_ImportCerts(certdb, certusage, certChain->len,
- rawArray, NULL, keepcerts, PR_FALSE, NULL);
- PORT_Free(rawArray);
- CERT_DestroyCertificateList(certChain);
- }
-
- rv = SECSuccess;
-
- /* XXX CRL handling */
-
-done:
- if (sigd->signerInfos != NULL) {
- /* fill in all signerinfo's certs */
- for (i = 0; sigd->signerInfos[i] != NULL; i++)
- (void)NSS_CMSSignerInfo_GetSigningCertificate(
- sigd->signerInfos[i], certdb);
- }
-
-loser:
- /* now free everything */
- if (certArray) {
- CERT_DestroyCertArray(certArray,certcount);
- }
- if (certList) {
- CERT_DestroyCertList(certList);
- }
-
- return rv;
-}
-
-/*
- * XXX the digests need to be passed in BETWEEN the decoding and the verification in case
- * of external signatures!
- */
-
-/*
- * NSS_CMSSignedData_VerifySignerInfo - check the signatures.
- *
- * The digests were either calculated during decoding (and are stored in the
- * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
- *
- * The verification checks if the signing cert is valid and has a trusted chain
- * for the purpose specified by "certusage".
- */
-SECStatus
-NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i,
- CERTCertDBHandle *certdb, SECCertUsage certusage)
-{
- NSSCMSSignerInfo *signerinfo;
- NSSCMSContentInfo *cinfo;
- SECOidData *algiddata;
- SECItem *contentType, *digest;
-
- cinfo = &(sigd->contentInfo);
-
- signerinfo = sigd->signerInfos[i];
-
- /* verify certificate */
- if (NSS_CMSSignerInfo_VerifyCertificate(signerinfo, certdb, certusage) != SECSuccess)
- return SECFailure; /* error is set by NSS_CMSSignerInfo_VerifyCertificate */
-
- /* find digest and contentType for signerinfo */
- algiddata = NSS_CMSSignerInfo_GetDigestAlg(signerinfo);
- digest = NSS_CMSSignedData_GetDigestByAlgTag(sigd, algiddata->offset);
- contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo);
-
- /* now verify signature */
- return NSS_CMSSignerInfo_Verify(signerinfo, digest, contentType);
-}
-
-/*
- * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
- */
-SECStatus
-NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
- CERTCertDBHandle *certdb,
- SECCertUsage usage)
-{
- CERTCertificate *cert;
- SECStatus rv = SECSuccess;
- int i;
- int count;
- PRTime now;
-
- if (!sigd || !certdb || !sigd->rawCerts) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- count = NSS_CMSArray_Count((void**)sigd->rawCerts);
- now = PR_Now();
- for (i=0; i < count; i++) {
- if (sigd->certs && sigd->certs[i]) {
- cert = CERT_DupCertificate(sigd->certs[i]);
- } else {
- cert = CERT_FindCertByDERCert(certdb, sigd->rawCerts[i]);
- if (!cert) {
- rv = SECFailure;
- break;
- }
- }
- rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, now,
- NULL, NULL);
- CERT_DestroyCertificate(cert);
- }
-
- return rv;
-}
-
-/*
- * NSS_CMSSignedData_HasDigests - see if we have digests in place
- */
-PRBool
-NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd)
-{
- return (sigd->digests != NULL);
-}
-
-SECStatus
-NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist)
-{
- SECStatus rv;
-
- PORT_Assert(certlist != NULL);
-
- if (certlist == NULL)
- return SECFailure;
-
- /* XXX memory?? a certlist has an arena of its own and is not refcounted!?!? */
- rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certLists), (void *)certlist);
-
- return rv;
-}
-
-/*
- * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs
- */
-SECStatus
-NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert)
-{
- CERTCertificateList *certlist;
- SECCertUsage usage;
- SECStatus rv;
-
- usage = certUsageEmailSigner;
-
- /* do not include root */
- certlist = CERT_CertChainFromCert(cert, usage, PR_FALSE);
- if (certlist == NULL)
- return SECFailure;
-
- rv = NSS_CMSSignedData_AddCertList(sigd, certlist);
-
- return rv;
-}
-
-SECStatus
-NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
-{
- CERTCertificate *c;
- SECStatus rv;
-
- PORT_Assert(cert != NULL);
-
- if (cert == NULL)
- return SECFailure;
-
- c = CERT_DupCertificate(cert);
- rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certs), (void *)c);
- return rv;
-}
-
-PRBool
-NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd)
-{
- if (sigd->rawCerts != NULL && sigd->rawCerts[0] != NULL)
- return PR_TRUE;
- else if (sigd->crls != NULL && sigd->crls[0] != NULL)
- return PR_TRUE;
- else
- return PR_FALSE;
-}
-
-SECStatus
-NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
- NSSCMSSignerInfo *signerinfo)
-{
- void *mark;
- SECStatus rv;
- SECOidTag digestalgtag;
- PLArenaPool *poolp;
-
- poolp = sigd->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- /* add signerinfo */
- rv = NSS_CMSArray_Add(poolp, (void ***)&(sigd->signerInfos), (void *)signerinfo);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * add empty digest
- * Empty because we don't have it yet. Either it gets created during encoding
- * (if the data is present) or has to be set externally.
- * XXX maybe pass it in optionally?
- */
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- rv = NSS_CMSSignedData_SetDigestValue(sigd, digestalgtag, NULL);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * The last thing to get consistency would be adding the digest.
- */
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-SECItem *
-NSS_CMSSignedData_GetDigestByAlgTag(NSSCMSSignedData *sigd, SECOidTag algtag)
-{
- int idx;
-
- idx = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, algtag);
- return sigd->digests[idx];
-}
-
-/*
- * NSS_CMSSignedData_SetDigests - set a signedData's digests member
- *
- * "digestalgs" - array of digest algorithm IDs
- * "digests" - array of digests corresponding to the digest algorithms
- */
-SECStatus
-NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
- SECAlgorithmID **digestalgs,
- SECItem **digests)
-{
- int cnt, i, idx;
-
- if (sigd->digestAlgorithms == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* we assume that the digests array is just not there yet */
- PORT_Assert(sigd->digests == NULL);
- if (sigd->digests != NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
-
- /* now allocate one (same size as digestAlgorithms) */
- cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
- sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
- if (sigd->digests == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
- /* try to find the sigd's i'th digest algorithm in the array we passed in */
- idx = NSS_CMSAlgArray_GetIndexByAlgID(digestalgs, sigd->digestAlgorithms[i]);
- if (idx < 0) {
- PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
- return SECFailure;
- }
-
- /* found it - now set it */
- if ((sigd->digests[i] = SECITEM_AllocItem(sigd->cmsg->poolp, NULL, 0)) == NULL ||
- SECITEM_CopyItem(sigd->cmsg->poolp, sigd->digests[i], digests[idx]) != SECSuccess)
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digestdata)
-{
- SECItem *digest = NULL;
- PLArenaPool *poolp;
- void *mark;
- int n, cnt;
-
- poolp = sigd->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
-
- if (digestdata) {
- digest = (SECItem *) PORT_ArenaZAlloc(poolp,sizeof(SECItem));
-
- /* copy digestdata item to arena (in case we have it and are not only making room) */
- if (SECITEM_CopyItem(poolp, digest, digestdata) != SECSuccess)
- goto loser;
- }
-
- /* now allocate one (same size as digestAlgorithms) */
- if (sigd->digests == NULL) {
- cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
- sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
- if (sigd->digests == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
-
- n = -1;
- if (sigd->digestAlgorithms != NULL)
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-
- /* if not found, add a digest */
- if (n < 0) {
- if (NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, digest) != SECSuccess)
- goto loser;
- } else {
- /* replace NULL pointer with digest item (and leak previous value) */
- sigd->digests[n] = digest;
- }
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
- NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digest)
-{
- SECAlgorithmID *digestalg;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
-
- digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
- if (digestalg == NULL)
- goto loser;
-
- if (SECOID_SetAlgorithmID (poolp, digestalg, digestalgtag, NULL) != SECSuccess) /* no params */
- goto loser;
-
- if (NSS_CMSArray_Add(poolp, (void ***)&(sigd->digestAlgorithms), (void *)digestalg) != SECSuccess ||
- /* even if digest is NULL, add dummy to have same-size array */
- NSS_CMSArray_Add(poolp, (void ***)&(sigd->digests), (void *)digest) != SECSuccess)
- {
- goto loser;
- }
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECItem *
-NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag)
-{
- int n;
-
- if (sigd->digestAlgorithms == NULL)
- return NULL;
-
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-
- return (n < 0) ? NULL : sigd->digests[n];
-}
-
-/* =============================================================================
- * Misc. utility functions
- */
-
-/*
- * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
- *
- * cert - base certificates that will be included
- * include_chain - if true, include the complete cert chain for cert
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- *
- * XXXX CRLs
- */
-NSSCMSSignedData *
-NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain)
-{
- NSSCMSSignedData *sigd;
- void *mark;
- PLArenaPool *poolp;
- SECStatus rv;
-
- poolp = cmsg->poolp;
- mark = PORT_ArenaMark(poolp);
-
- sigd = NSS_CMSSignedData_Create(cmsg);
- if (sigd == NULL)
- goto loser;
-
- /* no signerinfos, thus no digestAlgorithms */
-
- /* but certs */
- if (include_chain) {
- rv = NSS_CMSSignedData_AddCertChain(sigd, cert);
- } else {
- rv = NSS_CMSSignedData_AddCertificate(sigd, cert);
- }
- if (rv != SECSuccess)
- goto loser;
-
- /* RFC2630 5.2 sez:
- * In the degenerate case where there are no signers, the
- * EncapsulatedContentInfo value being "signed" is irrelevant. In this
- * case, the content type within the EncapsulatedContentInfo value being
- * "signed" should be id-data (as defined in section 4), and the content
- * field of the EncapsulatedContentInfo value should be omitted.
- */
- rv = NSS_CMSContentInfo_SetContent_Data(cmsg, &(sigd->contentInfo), NULL, PR_TRUE);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return sigd;
-
-loser:
- if (sigd)
- NSS_CMSSignedData_Destroy(sigd);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/* TODO:
- * NSS_CMSSignerInfo_GetReceiptRequest()
- * NSS_CMSSignedData_HasReceiptRequest()
- * easy way to iterate over signers
- */
-
diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c
deleted file mode 100644
index 1d56c7bb6..000000000
--- a/security/nss/lib/smime/cmssiginfo.c
+++ /dev/null
@@ -1,999 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS signerInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secder.h"
-#include "cryptohi.h"
-
-#include "smime.h"
-
-/* =============================================================================
- * SIGNERINFO
- */
-NSSCMSSignerInfo *
-nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey, SECKEYPrivateKey *signingKey, SECOidTag digestalgtag);
-
-NSSCMSSignerInfo *
-NSS_CMSSignerInfo_CreateWithSubjKeyID(NSSCMSMessage *cmsg, SECItem *subjKeyID, SECKEYPublicKey *pubKey, SECKEYPrivateKey *signingKey, SECOidTag digestalgtag)
-{
- return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_SubjectKeyID, NULL, subjKeyID, pubKey, signingKey, digestalgtag);
-}
-
-NSSCMSSignerInfo *
-NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag)
-{
- return nss_cmssignerinfo_create(cmsg, NSSCMSSignerID_IssuerSN, cert, NULL, NULL, NULL, digestalgtag);
-}
-
-NSSCMSSignerInfo *
-nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type, CERTCertificate *cert, SECItem *subjKeyID, SECKEYPublicKey *pubKey, SECKEYPrivateKey *signingKey, SECOidTag digestalgtag)
-{
- void *mark;
- NSSCMSSignerInfo *signerinfo;
- int version;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- signerinfo = (NSSCMSSignerInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSSignerInfo));
- if (signerinfo == NULL) {
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
-
- signerinfo->cmsg = cmsg;
-
- switch(type) {
- case NSSCMSSignerID_IssuerSN:
- signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_IssuerSN;
- if ((signerinfo->cert = CERT_DupCertificate(cert)) == NULL)
- goto loser;
- if ((signerinfo->signerIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL)
- goto loser;
- break;
- case NSSCMSSignerID_SubjectKeyID:
- signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_SubjectKeyID;
- PORT_Assert(subjKeyID);
- if (!subjKeyID)
- goto loser;
-
- signerinfo->signerIdentifier.id.subjectKeyID = PORT_ArenaNew(poolp, SECItem);
- SECITEM_CopyItem(poolp, signerinfo->signerIdentifier.id.subjectKeyID,
- subjKeyID);
- signerinfo->signingKey = SECKEY_CopyPrivateKey(signingKey);
- if (!signerinfo->signingKey)
- goto loser;
- signerinfo->pubKey = SECKEY_CopyPublicKey(pubKey);
- if (!signerinfo->pubKey)
- goto loser;
- break;
- default:
- goto loser;
- }
-
- /* set version right now */
- version = NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN;
- /* RFC2630 5.3 "version is the syntax version number. If the .... " */
- if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID)
- version = NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY;
- (void)SEC_ASN1EncodeInteger(poolp, &(signerinfo->version), (long)version);
-
- if (SECOID_SetAlgorithmID(poolp, &signerinfo->digestAlg, digestalgtag, NULL) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return signerinfo;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
- */
-void
-NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si)
-{
- if (si->cert != NULL)
- CERT_DestroyCertificate(si->cert);
-
- if (si->certList != NULL)
- CERT_DestroyCertificateList(si->certList);
-
- /* XXX storage ??? */
-}
-
-/*
- * NSS_CMSSignerInfo_Sign - sign something
- *
- */
-SECStatus
-NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
-{
- CERTCertificate *cert;
- SECKEYPrivateKey *privkey = NULL;
- SECOidTag digestalgtag;
- SECOidTag pubkAlgTag;
- SECItem signature = { 0 };
- SECStatus rv;
- PLArenaPool *poolp, *tmppoolp;
- SECAlgorithmID *algID, freeAlgID;
- CERTSubjectPublicKeyInfo *spki;
-
- PORT_Assert (digest != NULL);
-
- poolp = signerinfo->cmsg->poolp;
-
- switch (signerinfo->signerIdentifier.identifierType) {
- case NSSCMSSignerID_IssuerSN:
- cert = signerinfo->cert;
-
- if ((privkey = PK11_FindKeyByAnyCert(cert, signerinfo->cmsg->pwfn_arg)) == NULL)
- goto loser;
- algID = &cert->subjectPublicKeyInfo.algorithm;
- break;
- case NSSCMSSignerID_SubjectKeyID:
- privkey = signerinfo->signingKey;
- signerinfo->signingKey = NULL;
- spki = SECKEY_CreateSubjectPublicKeyInfo(signerinfo->pubKey);
- SECKEY_DestroyPublicKey(signerinfo->pubKey);
- signerinfo->pubKey = NULL;
- SECOID_CopyAlgorithmID(NULL, &freeAlgID, &spki->algorithm);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- algID = &freeAlgID;
- break;
- default:
- goto loser;
- }
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- /*
- * XXX I think there should be a cert-level interface for this,
- * so that I do not have to know about subjectPublicKeyInfo...
- */
- pubkAlgTag = SECOID_GetAlgorithmTag(algID);
- if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID) {
- SECOID_DestroyAlgorithmID(&freeAlgID, PR_FALSE);
- }
-
- /* Fortezza MISSI have weird signature formats.
- * Map them to standard DSA formats
- */
- pubkAlgTag = PK11_FortezzaMapSig(pubkAlgTag);
-
- if (signerinfo->authAttr != NULL) {
- SECOidTag signAlgTag;
- SECItem encoded_attrs;
-
- /* find and fill in the message digest attribute. */
- rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr),
- SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE);
- if (rv != SECSuccess)
- goto loser;
-
- if (contentType != NULL) {
- /* if the caller wants us to, find and fill in the content type attribute. */
- rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr),
- SEC_OID_PKCS9_CONTENT_TYPE, contentType, PR_FALSE);
- if (rv != SECSuccess)
- goto loser;
- }
-
- if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /*
- * Before encoding, reorder the attributes so that when they
- * are encoded, they will be conforming DER, which is required
- * to have a specific order and that is what must be used for
- * the hash/signature. We do this here, rather than building
- * it into EncodeAttributes, because we do not want to do
- * such reordering on incoming messages (which also uses
- * EncodeAttributes) or our old signatures (and other "broken"
- * implementations) will not verify. So, we want to guarantee
- * that we send out good DER encodings of attributes, but not
- * to expect to receive them.
- */
- if (NSS_CMSAttributeArray_Reorder(signerinfo->authAttr) != SECSuccess)
- goto loser;
-
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
- if (NSS_CMSAttributeArray_Encode(tmppoolp, &(signerinfo->authAttr),
- &encoded_attrs) == NULL)
- goto loser;
-
- signAlgTag = NSS_CMSUtil_MakeSignatureAlgorithm(digestalgtag, pubkAlgTag);
- rv = SEC_SignData(&signature, encoded_attrs.data, encoded_attrs.len,
- privkey, signAlgTag);
- PORT_FreeArena(tmppoolp, PR_FALSE); /* awkward memory management :-( */
- } else {
- rv = SGN_Digest(privkey, digestalgtag, &signature, digest);
- }
- SECKEY_DestroyPrivateKey(privkey);
- privkey = NULL;
-
- if (rv != SECSuccess)
- goto loser;
-
- if (SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature)
- != SECSuccess)
- goto loser;
-
- SECITEM_FreeItem(&signature, PR_FALSE);
-
- if (SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg), pubkAlgTag,
- NULL) != SECSuccess)
- goto loser;
-
- return SECSuccess;
-
-loser:
- if (signature.len != 0)
- SECITEM_FreeItem (&signature, PR_FALSE);
- if (privkey)
- SECKEY_DestroyPrivateKey(privkey);
- return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
- SECCertUsage certusage)
-{
- CERTCertificate *cert;
- int64 stime;
-
- if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb)) == NULL) {
- signerinfo->verificationStatus = NSSCMSVS_SigningCertNotFound;
- return SECFailure;
- }
-
- /*
- * Get and convert the signing time; if available, it will be used
- * both on the cert verification and for importing the sender
- * email profile.
- */
- if (NSS_CMSSignerInfo_GetSigningTime (signerinfo, &stime) != SECSuccess)
- stime = PR_Now(); /* not found or conversion failed, so check against now */
-
- /*
- * XXX This uses the signing time, if available. Additionally, we
- * might want to, if there is no signing time, get the message time
- * from the mail header itself, and use that. That would require
- * a change to our interface though, and for S/MIME callers to pass
- * in a time (and for non-S/MIME callers to pass in nothing, or
- * maybe make them pass in the current time, always?).
- */
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime, signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
- *
- * Just verifies the signature. The assumption is that verification of the certificate
- * is done already.
- */
-SECStatus
-NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
-{
- SECKEYPublicKey *publickey = NULL;
- NSSCMSAttribute *attr;
- SECItem encoded_attrs;
- CERTCertificate *cert;
- NSSCMSVerificationStatus vs = NSSCMSVS_Unverified;
- PLArenaPool *poolp;
-
- if (signerinfo == NULL)
- return SECFailure;
-
- /* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL and */
- /* cert has not been verified */
- if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL)) == NULL) {
- vs = NSSCMSVS_SigningCertNotFound;
- goto loser;
- }
-
- if ((publickey = CERT_ExtractPublicKey(cert)) == NULL) {
- vs = NSSCMSVS_ProcessingError;
- goto loser;
- }
-
- /*
- * XXX This may not be the right set of algorithms to check.
- * I'd prefer to trust that just calling VFY_Verify{Data,Digest}
- * would do the right thing (and set an error if it could not);
- * then additional algorithms could be handled by that code
- * and we would Just Work. So this check should just be removed,
- * but not until the VFY code is better at setting errors.
- */
- switch (SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg))) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- /* ok */
- break;
- case SEC_OID_UNKNOWN:
- vs = NSSCMSVS_SignatureAlgorithmUnknown;
- goto loser;
- default:
- vs = NSSCMSVS_SignatureAlgorithmUnsupported;
- goto loser;
- }
-
- if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
- if (contentType) {
- /*
- * Check content type
- *
- * RFC2630 sez that if there are any authenticated attributes,
- * then there must be one for content type which matches the
- * content type of the content being signed, and there must
- * be one for message digest which matches our message digest.
- * So check these things first.
- */
- if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE)) == NULL)
- {
- vs = NSSCMSVS_MalformedSignature;
- goto loser;
- }
-
- if (NSS_CMSAttribute_CompareValue(attr, contentType) == PR_FALSE) {
- vs = NSSCMSVS_MalformedSignature;
- goto loser;
- }
- }
-
- /*
- * Check digest
- */
- if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE)) == NULL)
- {
- vs = NSSCMSVS_MalformedSignature;
- goto loser;
- }
- if (NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) {
- vs = NSSCMSVS_DigestMismatch;
- goto loser;
- }
-
- if ((poolp = PORT_NewArena (1024)) == NULL) {
- vs = NSSCMSVS_ProcessingError;
- goto loser;
- }
-
- /*
- * Check signature
- *
- * The signature is based on a digest of the DER-encoded authenticated
- * attributes. So, first we encode and then we digest/verify.
- * we trust the decoder to have the attributes in the right (sorted) order
- */
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
-
- if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr), &encoded_attrs) == NULL ||
- encoded_attrs.data == NULL || encoded_attrs.len == 0)
- {
- vs = NSSCMSVS_ProcessingError;
- goto loser;
- }
-
- vs = (VFY_VerifyData (encoded_attrs.data, encoded_attrs.len,
- publickey, &(signerinfo->encDigest),
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
-
- PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */
-
- } else {
- SECItem *sig;
-
- /* No authenticated attributes. The signature is based on the plain message digest. */
- sig = &(signerinfo->encDigest);
- if (sig->len == 0)
- goto loser;
-
- vs = (VFY_VerifyDigest(digest, publickey, sig,
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
- }
-
- if (vs == NSSCMSVS_BadSignature) {
- /*
- * XXX Change the generic error into our specific one, because
- * in that case we get a better explanation out of the Security
- * Advisor. This is really a bug in our error strings (the
- * "generic" error has a lousy/wrong message associated with it
- * which assumes the signature verification was done for the
- * purposes of checking the issuer signature on a certificate)
- * but this is at least an easy workaround and/or in the
- * Security Advisor, which specifically checks for the error
- * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
- * in that case but does not similarly check for
- * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
- * probably say the wrong thing in the case that it *was* the
- * certificate signature check that failed during the cert
- * verification done above. Our error handling is really a mess.
- */
- if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
- PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
- }
-
- if (publickey != NULL)
- SECKEY_DestroyPublicKey (publickey);
-
- signerinfo->verificationStatus = vs;
-
- return (vs == NSSCMSVS_GoodSignature) ? SECSuccess : SECFailure;
-
-loser:
- if (publickey != NULL)
- SECKEY_DestroyPublicKey (publickey);
-
- signerinfo->verificationStatus = vs;
-
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- return SECFailure;
-}
-
-NSSCMSVerificationStatus
-NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo)
-{
- return signerinfo->verificationStatus;
-}
-
-SECOidData *
-NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo)
-{
- return SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-}
-
-SECOidTag
-NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo)
-{
- SECOidData *algdata;
-
- algdata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
- if (algdata != NULL)
- return algdata->offset;
- else
- return SEC_OID_UNKNOWN;
-}
-
-CERTCertificateList *
-NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo)
-{
- return signerinfo->certList;
-}
-
-int
-NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo)
-{
- unsigned long version;
-
- /* always take apart the SECItem */
- if (SEC_ASN1DecodeInteger(&(signerinfo->version), &version) != SECSuccess)
- return 0;
- else
- return (int)version;
-}
-
-/*
- * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
- * in UTCTime format, of a CMS signerInfo.
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to XXXX (what?)
- * A return value of NULL is an error.
- */
-SECStatus
-NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime)
-{
- NSSCMSAttribute *attr;
- SECItem *value;
-
- if (sinfo == NULL)
- return SECFailure;
-
- if (sinfo->signingTime != 0) {
- *stime = sinfo->signingTime; /* cached copy */
- return SECSuccess;
- }
-
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr, SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
- /* XXXX multi-valued attributes NIH */
- if (attr == NULL || (value = NSS_CMSAttribute_GetValue(attr)) == NULL)
- return SECFailure;
- if (DER_UTCTimeToTime(stime, value) != SECSuccess)
- return SECFailure;
- sinfo->signingTime = *stime; /* make cached copy */
- return SECSuccess;
-}
-
-/*
- * Return the signing cert of a CMS signerInfo.
- *
- * the certs in the enclosing SignedData must have been imported already
- */
-CERTCertificate *
-NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb)
-{
- CERTCertificate *cert;
- NSSCMSSignerIdentifier *sid;
-
- if (signerinfo->cert != NULL)
- return signerinfo->cert;
-
- /* no certdb, and cert hasn't been set yet? */
- if (certdb == NULL)
- return NULL;
-
- /*
- * This cert will also need to be freed, but since we save it
- * in signerinfo for later, we do not want to destroy it when
- * we leave this function -- we let the clean-up of the entire
- * cinfo structure later do the destroy of this cert.
- */
- sid = &signerinfo->signerIdentifier;
- switch (sid->identifierType) {
- case NSSCMSSignerID_IssuerSN:
- cert = CERT_FindCertByIssuerAndSN(certdb, sid->id.issuerAndSN);
- break;
- case NSSCMSSignerID_SubjectKeyID:
- cert = CERT_FindCertBySubjectKeyID(certdb, sid->id.subjectKeyID);
- break;
- default:
- cert = NULL;
- break;
- }
-
- /* cert can be NULL at that point */
- signerinfo->cert = cert; /* earmark it */
-
- return cert;
-}
-
-/*
- * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-char *
-NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo)
-{
- CERTCertificate *signercert;
-
- /* will fail if cert is not verified */
- if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
- return NULL;
-
- return (CERT_GetCommonName(&signercert->subject));
-}
-
-/*
- * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-char *
-NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo)
-{
- CERTCertificate *signercert;
-
- if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
- return NULL;
-
- if (signercert->emailAddr == NULL)
- return NULL;
-
- return (PORT_Strdup(signercert->emailAddr));
-}
-
-/*
- * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- */
-SECStatus
-NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
-{
- return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->authAttr), attr);
-}
-
-/*
- * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
- * unauthenticated attributes of "signerinfo".
- */
-SECStatus
-NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
-{
- return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->unAuthAttr), attr);
-}
-
-/*
- * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will do nothing.
- *
- * XXX This will probably just shove the current time into "signerinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- */
-SECStatus
-NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t)
-{
- NSSCMSAttribute *attr;
- SECItem stime;
- void *mark;
- PLArenaPool *poolp;
-
- poolp = signerinfo->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- /* create new signing time attribute */
- if (DER_TimeToUTCTime(&stime, t) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SIGNING_TIME, &stime, PR_FALSE)) == NULL) {
- SECITEM_FreeItem (&stime, PR_FALSE);
- goto loser;
- }
-
- SECITEM_FreeItem (&stime, PR_FALSE);
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
-
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo)
-{
- NSSCMSAttribute *attr;
- SECItem *smimecaps = NULL;
- void *mark;
- PLArenaPool *poolp;
-
- poolp = signerinfo->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- smimecaps = SECITEM_AllocItem(poolp, NULL, 0);
- if (smimecaps == NULL)
- goto loser;
-
- /* create new signing time attribute */
- if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps,
- PK11_FortezzaHasKEA(signerinfo->cert)) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SMIME_CAPABILITIES, smimecaps, PR_TRUE)) == NULL)
- goto loser;
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb)
-{
- NSSCMSAttribute *attr;
- SECItem *smimeekp = NULL;
- void *mark;
- PLArenaPool *poolp;
-
- /* verify this cert for encryption */
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- return SECFailure;
- }
-
- poolp = signerinfo->cmsg->poolp;
- mark = PORT_ArenaMark(poolp);
-
- smimeekp = SECITEM_AllocItem(poolp, NULL, 0);
- if (smimeekp == NULL)
- goto loser;
-
- /* create new signing time attribute */
- if (NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL)
- goto loser;
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo", using the OID prefered by Microsoft.
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME),
- * if compatibility with Microsoft mail clients is wanted.
- */
-SECStatus
-NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb)
-{
- NSSCMSAttribute *attr;
- SECItem *smimeekp = NULL;
- void *mark;
- PLArenaPool *poolp;
-
- /* verify this cert for encryption */
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- return SECFailure;
- }
-
- poolp = signerinfo->cmsg->poolp;
- mark = PORT_ArenaMark(poolp);
-
- smimeekp = SECITEM_AllocItem(poolp, NULL, 0);
- if (smimeekp == NULL)
- goto loser;
-
- /* create new signing time attribute */
- if (NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL)
- goto loser;
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
- *
- * 1. digest the DER-encoded signature value of the original signerinfo
- * 2. create new signerinfo with correct version, sid, digestAlg
- * 3. add message-digest authAttr, but NO content-type
- * 4. sign the authAttrs
- * 5. DER-encode the new signerInfo
- * 6. add the whole thing to original signerInfo's unAuthAttrs
- * as a SEC_OID_PKCS9_COUNTER_SIGNATURE attribute
- *
- * XXXX give back the new signerinfo?
- */
-SECStatus
-NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
- SECOidTag digestalg, CERTCertificate signingcert)
-{
- /* XXXX TBD XXXX */
- return SECFailure;
-}
-
-/*
- * XXXX the following needs to be done in the S/MIME layer code
- * after signature of a signerinfo is verified
- */
-SECStatus
-NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo)
-{
- CERTCertificate *cert = NULL;
- SECItem *profile = NULL;
- NSSCMSAttribute *attr;
- SECItem *utc_stime = NULL;
- SECItem *ekp;
- CERTCertDBHandle *certdb;
- int save_error;
- SECStatus rv;
- PRBool must_free_cert = PR_FALSE;
-
- certdb = CERT_GetDefaultCertDB();
-
- /* sanity check - see if verification status is ok (unverified does not count...) */
- if (signerinfo->verificationStatus != NSSCMSVS_GoodSignature)
- return SECFailure;
-
- /* find preferred encryption cert */
- if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr) &&
- (attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, PR_TRUE)) != NULL)
- { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */
- ekp = NSS_CMSAttribute_GetValue(attr);
- if (ekp == NULL)
- return SECFailure;
-
- /* we assume that all certs coming with the message have been imported to the */
- /* temporary database */
- cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp);
- if (cert == NULL)
- return SECFailure;
- must_free_cert = PR_TRUE;
- }
-
- if (cert == NULL) {
- /* no preferred cert found?
- * find the cert the signerinfo is signed with instead */
- cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb);
- if (cert == NULL || cert->emailAddr == NULL)
- return SECFailure;
- }
-
- /* verify this cert for encryption (has been verified for signing so far) */ /* don't verify this cert for encryption. It may just be a signing cert.
- * that's OK, we can still save the S/MIME profile. The encryption cert
- * should have already been saved */
-#ifdef notdef
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- if (must_free_cert)
- CERT_DestroyCertificate(cert);
- return SECFailure;
- }
-#endif
-
- /* XXX store encryption cert permanently? */
-
- /*
- * Remember the current error set because we do not care about
- * anything set by the functions we are about to call.
- */
- save_error = PORT_GetError();
-
- if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_PKCS9_SMIME_CAPABILITIES,
- PR_TRUE);
- profile = NSS_CMSAttribute_GetValue(attr);
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_PKCS9_SIGNING_TIME,
- PR_TRUE);
- utc_stime = NSS_CMSAttribute_GetValue(attr);
- }
-
- rv = CERT_SaveSMimeProfile (cert, profile, utc_stime);
- if (must_free_cert)
- CERT_DestroyCertificate(cert);
-
- /*
- * Restore the saved error in case the calls above set a new
- * one that we do not actually care about.
- */
- PORT_SetError (save_error);
-
- return rv;
-}
-
-/*
- * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
- */
-SECStatus
-NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage)
-{
- if (signerinfo->cert == NULL)
- return SECFailure;
-
- /* don't leak if we get called twice */
- if (signerinfo->certList != NULL) {
- CERT_DestroyCertificateList(signerinfo->certList);
- signerinfo->certList = NULL;
- }
-
- switch (cm) {
- case NSSCMSCM_None:
- signerinfo->certList = NULL;
- break;
- case NSSCMSCM_CertOnly:
- signerinfo->certList = CERT_CertListFromCert(signerinfo->cert);
- break;
- case NSSCMSCM_CertChain:
- signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_FALSE);
- break;
- case NSSCMSCM_CertChainWithRoot:
- signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_TRUE);
- break;
- }
-
- if (cm != NSSCMSCM_None && signerinfo->certList == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmst.h b/security/nss/lib/smime/cmst.h
deleted file mode 100644
index 3b550c0a1..000000000
--- a/security/nss/lib/smime/cmst.h
+++ /dev/null
@@ -1,528 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header for CMS types.
- *
- * $Id$
- */
-
-#ifndef _CMST_H_
-#define _CMST_H_
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "certt.h"
-#include "secmodt.h"
-#include "secmodt.h"
-
-#include "plarena.h"
-
-/* Non-opaque objects. NOTE, though: I want them to be treated as
- * opaque as much as possible. If I could hide them completely,
- * I would. (I tried, but ran into trouble that was taking me too
- * much time to get out of.) I still intend to try to do so.
- * In fact, the only type that "outsiders" should even *name* is
- * NSSCMSMessage, and they should not reference its fields.
- */
-/* rjr: PKCS #11 cert handling (pk11cert.c) does use NSSCMSRecipientInfo's.
- * This is because when we search the recipient list for the cert and key we
- * want, we need to invert the order of the loops we used to have. The old
- * loops were:
- *
- * For each recipient {
- * find_cert = PK11_Find_AllCert(recipient->issuerSN);
- * [which unrolls to... ]
- * For each slot {
- * Log into slot;
- * search slot for cert;
- * }
- * }
- *
- * the new loop searchs all the recipients at once on a slot. this allows
- * PKCS #11 to order slots in such a way that logout slots don't get checked
- * if we can find the cert on a logged in slot. This eliminates lots of
- * spurious password prompts when smart cards are installed... so why this
- * comment? If you make NSSCMSRecipientInfo completely opaque, you need
- * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
- * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
- * function.
- */
-
-typedef struct NSSCMSMessageStr NSSCMSMessage;
-
-typedef union NSSCMSContentUnion NSSCMSContent;
-typedef struct NSSCMSContentInfoStr NSSCMSContentInfo;
-
-typedef struct NSSCMSSignedDataStr NSSCMSSignedData;
-typedef struct NSSCMSSignerInfoStr NSSCMSSignerInfo;
-typedef struct NSSCMSSignerIdentifierStr NSSCMSSignerIdentifier;
-
-typedef struct NSSCMSEnvelopedDataStr NSSCMSEnvelopedData;
-typedef struct NSSCMSOriginatorInfoStr NSSCMSOriginatorInfo;
-typedef struct NSSCMSRecipientInfoStr NSSCMSRecipientInfo;
-
-typedef struct NSSCMSDigestedDataStr NSSCMSDigestedData;
-typedef struct NSSCMSEncryptedDataStr NSSCMSEncryptedData;
-
-typedef struct NSSCMSSMIMEKEAParametersStr NSSCMSSMIMEKEAParameters;
-
-typedef struct NSSCMSAttributeStr NSSCMSAttribute;
-
-typedef struct NSSCMSDecoderContextStr NSSCMSDecoderContext;
-typedef struct NSSCMSEncoderContextStr NSSCMSEncoderContext;
-
-typedef struct NSSCMSCipherContextStr NSSCMSCipherContext;
-typedef struct NSSCMSDigestContextStr NSSCMSDigestContext;
-
-/*
- * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart.
- * If specified, this is where the content bytes (only) will be "sent"
- * as they are recovered during the decoding.
- * And:
- * Type of function passed to NSSCMSEncode or NSSCMSEncoderStart.
- * This is where the DER-encoded bytes will be "sent".
- *
- * XXX Should just combine this with NSSCMSEncoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (*NSSCMSContentCallback)(void *arg, const char *buf, unsigned long len);
-
-/*
- * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart
- * to retrieve the decryption key. This function is intended to be
- * used for EncryptedData content info's which do not have a key available
- * in a certificate, etc.
- */
-typedef PK11SymKey *(*NSSCMSGetDecryptKeyCallback)(void *arg, SECAlgorithmID *algid);
-
-
-/* =============================================================================
- * ENCAPSULATED CONTENTINFO & CONTENTINFO
- */
-
-union NSSCMSContentUnion {
- /* either unstructured */
- SECItem * data;
- /* or structured data */
- NSSCMSDigestedData * digestedData;
- NSSCMSEncryptedData * encryptedData;
- NSSCMSEnvelopedData * envelopedData;
- NSSCMSSignedData * signedData;
- /* or anonymous pointer to something */
- void * pointer;
-};
-
-struct NSSCMSContentInfoStr {
- SECItem contentType;
- NSSCMSContent content;
- /* --------- local; not part of encoding --------- */
- SECOidData * contentTypeTag;
-
- /* additional info for encryptedData and envelopedData */
- /* we waste this space for signedData and digestedData. sue me. */
-
- SECAlgorithmID contentEncAlg;
- SECItem * rawContent; /* encrypted DER, optional */
- /* XXXX bytes not encrypted, but encoded? */
- /* --------- local; not part of encoding --------- */
- PK11SymKey * bulkkey; /* bulk encryption key */
- int keysize; /* size of bulk encryption key
- * (only used by creation code) */
- SECOidTag contentEncAlgTag; /* oid tag of encryption algorithm
- * (only used by creation code) */
- NSSCMSCipherContext *ciphcx; /* context for en/decryption going on */
- NSSCMSDigestContext *digcx; /* context for digesting going on */
-};
-
-/* =============================================================================
- * MESSAGE
- */
-
-struct NSSCMSMessageStr {
- NSSCMSContentInfo contentInfo; /* "outer" cinfo */
- /* --------- local; not part of encoding --------- */
- PLArenaPool * poolp;
- PRBool poolp_is_ours;
- int refCount;
- /* properties of the "inner" data */
- SECAlgorithmID ** detached_digestalgs;
- SECItem ** detached_digests;
- void * pwfn_arg;
- NSSCMSGetDecryptKeyCallback decrypt_key_cb;
- void * decrypt_key_cb_arg;
-};
-
-/* =============================================================================
- * SIGNEDDATA
- */
-
-struct NSSCMSSignedDataStr {
- SECItem version;
- SECAlgorithmID ** digestAlgorithms;
- NSSCMSContentInfo contentInfo;
- SECItem ** rawCerts;
- CERTSignedCrl ** crls;
- NSSCMSSignerInfo ** signerInfos;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
- SECItem ** digests;
- CERTCertificate ** certs;
- CERTCertificateList ** certLists;
-};
-#define NSS_CMS_SIGNED_DATA_VERSION_BASIC 1 /* what we *create* */
-#define NSS_CMS_SIGNED_DATA_VERSION_EXT 3 /* what we *create* */
-
-typedef enum {
- NSSCMSVS_Unverified = 0,
- NSSCMSVS_GoodSignature = 1,
- NSSCMSVS_BadSignature = 2,
- NSSCMSVS_DigestMismatch = 3,
- NSSCMSVS_SigningCertNotFound = 4,
- NSSCMSVS_SigningCertNotTrusted = 5,
- NSSCMSVS_SignatureAlgorithmUnknown = 6,
- NSSCMSVS_SignatureAlgorithmUnsupported = 7,
- NSSCMSVS_MalformedSignature = 8,
- NSSCMSVS_ProcessingError = 9
-} NSSCMSVerificationStatus;
-
-typedef enum {
- NSSCMSSignerID_IssuerSN = 0,
- NSSCMSSignerID_SubjectKeyID = 1
-} NSSCMSSignerIDSelector;
-
-struct NSSCMSSignerIdentifierStr {
- NSSCMSSignerIDSelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN;
- SECItem *subjectKeyID;
- } id;
-};
-
-struct NSSCMSSignerInfoStr {
- SECItem version;
- NSSCMSSignerIdentifier signerIdentifier;
- SECAlgorithmID digestAlg;
- NSSCMSAttribute ** authAttr;
- SECAlgorithmID digestEncAlg;
- SECItem encDigest;
- NSSCMSAttribute ** unAuthAttr;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
- CERTCertificate * cert;
- CERTCertificateList * certList;
- PRTime signingTime;
- NSSCMSVerificationStatus verificationStatus;
- SECKEYPrivateKey * signingKey; /* Used if we're using subjKeyID*/
- SECKEYPublicKey * pubKey;
-};
-#define NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN 1 /* what we *create* */
-#define NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY 3 /* what we *create* */
-
-typedef enum {
- NSSCMSCM_None = 0,
- NSSCMSCM_CertOnly = 1,
- NSSCMSCM_CertChain = 2,
- NSSCMSCM_CertChainWithRoot = 3
-} NSSCMSCertChainMode;
-
-/* =============================================================================
- * ENVELOPED DATA
- */
-struct NSSCMSEnvelopedDataStr {
- SECItem version;
- NSSCMSOriginatorInfo * originatorInfo; /* optional */
- NSSCMSRecipientInfo ** recipientInfos;
- NSSCMSContentInfo contentInfo;
- NSSCMSAttribute ** unprotectedAttr;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
-};
-#define NSS_CMS_ENVELOPED_DATA_VERSION_REG 0 /* what we *create* */
-#define NSS_CMS_ENVELOPED_DATA_VERSION_ADV 2 /* what we *create* */
-
-struct NSSCMSOriginatorInfoStr {
- SECItem ** rawCerts;
- CERTSignedCrl ** crls;
- /* --------- local; not part of encoding --------- */
- CERTCertificate ** certs;
-};
-
-/* -----------------------------------------------------------------------------
- * key transport recipient info
- */
-typedef enum {
- NSSCMSRecipientID_IssuerSN = 0,
- NSSCMSRecipientID_SubjectKeyID = 1,
- NSSCMSRecipientID_BrandNew = 2
-} NSSCMSRecipientIDSelector;
-
-struct NSSCMSRecipientIdentifierStr {
- NSSCMSRecipientIDSelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN;
- SECItem *subjectKeyID;
- } id;
-};
-typedef struct NSSCMSRecipientIdentifierStr NSSCMSRecipientIdentifier;
-
-struct NSSCMSKeyTransRecipientInfoStr {
- SECItem version;
- NSSCMSRecipientIdentifier recipientIdentifier;
- SECAlgorithmID keyEncAlg;
- SECItem encKey;
-};
-typedef struct NSSCMSKeyTransRecipientInfoStr NSSCMSKeyTransRecipientInfo;
-
-/*
- * View comments before NSSCMSRecipientInfoStr for purpose of this
- * structure.
- */
-struct NSSCMSKeyTransRecipientInfoExStr {
- NSSCMSKeyTransRecipientInfo recipientInfo;
- int version; /* version of this structure (0) */
- SECKEYPublicKey *pubKey;
-};
-
-typedef struct NSSCMSKeyTransRecipientInfoExStr NSSCMSKeyTransRecipientInfoEx;
-
-#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN 0 /* what we *create* */
-#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY 2 /* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * key agreement recipient info
- */
-struct NSSCMSOriginatorPublicKeyStr {
- SECAlgorithmID algorithmIdentifier;
- SECItem publicKey; /* bit string! */
-};
-typedef struct NSSCMSOriginatorPublicKeyStr NSSCMSOriginatorPublicKey;
-
-typedef enum {
- NSSCMSOriginatorIDOrKey_IssuerSN = 0,
- NSSCMSOriginatorIDOrKey_SubjectKeyID = 1,
- NSSCMSOriginatorIDOrKey_OriginatorPublicKey = 2
-} NSSCMSOriginatorIDOrKeySelector;
-
-struct NSSCMSOriginatorIdentifierOrKeyStr {
- NSSCMSOriginatorIDOrKeySelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN; /* static-static */
- SECItem *subjectKeyID; /* static-static */
- NSSCMSOriginatorPublicKey originatorPublicKey; /* ephemeral-static */
- } id;
-};
-typedef struct NSSCMSOriginatorIdentifierOrKeyStr NSSCMSOriginatorIdentifierOrKey;
-
-struct NSSCMSRecipientKeyIdentifierStr {
- SECItem * subjectKeyIdentifier;
- SECItem * date; /* optional */
- SECItem * other; /* optional */
-};
-typedef struct NSSCMSRecipientKeyIdentifierStr NSSCMSRecipientKeyIdentifier;
-
-typedef enum {
- NSSCMSKeyAgreeRecipientID_IssuerSN = 0,
- NSSCMSKeyAgreeRecipientID_RKeyID = 1
-} NSSCMSKeyAgreeRecipientIDSelector;
-
-struct NSSCMSKeyAgreeRecipientIdentifierStr {
- NSSCMSKeyAgreeRecipientIDSelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN;
- NSSCMSRecipientKeyIdentifier recipientKeyIdentifier;
- } id;
-};
-typedef struct NSSCMSKeyAgreeRecipientIdentifierStr NSSCMSKeyAgreeRecipientIdentifier;
-
-struct NSSCMSRecipientEncryptedKeyStr {
- NSSCMSKeyAgreeRecipientIdentifier recipientIdentifier;
- SECItem encKey;
-};
-typedef struct NSSCMSRecipientEncryptedKeyStr NSSCMSRecipientEncryptedKey;
-
-struct NSSCMSKeyAgreeRecipientInfoStr {
- SECItem version;
- NSSCMSOriginatorIdentifierOrKey originatorIdentifierOrKey;
- SECItem * ukm; /* optional */
- SECAlgorithmID keyEncAlg;
- NSSCMSRecipientEncryptedKey ** recipientEncryptedKeys;
-};
-typedef struct NSSCMSKeyAgreeRecipientInfoStr NSSCMSKeyAgreeRecipientInfo;
-
-#define NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION 3 /* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * KEK recipient info
- */
-struct NSSCMSKEKIdentifierStr {
- SECItem keyIdentifier;
- SECItem * date; /* optional */
- SECItem * other; /* optional */
-};
-typedef struct NSSCMSKEKIdentifierStr NSSCMSKEKIdentifier;
-
-struct NSSCMSKEKRecipientInfoStr {
- SECItem version;
- NSSCMSKEKIdentifier kekIdentifier;
- SECAlgorithmID keyEncAlg;
- SECItem encKey;
-};
-typedef struct NSSCMSKEKRecipientInfoStr NSSCMSKEKRecipientInfo;
-
-#define NSS_CMS_KEK_RECIPIENT_INFO_VERSION 4 /* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * recipient info
- */
-
-typedef enum {
- NSSCMSRecipientInfoID_KeyTrans = 0,
- NSSCMSRecipientInfoID_KeyAgree = 1,
- NSSCMSRecipientInfoID_KEK = 2
-} NSSCMSRecipientInfoIDSelector;
-
-/*
- * In order to preserve backwards binary compatibility when implementing
- * creation of Recipient Info's that uses subjectKeyID in the
- * keyTransRecipientInfo we need to stash a public key pointer in this
- * structure somewhere. We figured out that NSSCMSKeyTransRecipientInfo
- * is the smallest member of the ri union. We're in luck since that's
- * the very structure that would need to use the public key. So we created
- * a new structure NSSCMSKeyTransRecipientInfoEx which has a member
- * NSSCMSKeyTransRecipientInfo as the first member followed by a version
- * and a public key pointer. This way we can keep backwards compatibility
- * without changing the size of this structure.
- *
- * BTW, size of structure:
- * NSSCMSKeyTransRecipientInfo: 9 ints, 4 pointers
- * NSSCMSKeyAgreeRecipientInfo: 12 ints, 8 pointers
- * NSSCMSKEKRecipientInfo: 10 ints, 7 pointers
- *
- * The new structure:
- * NSSCMSKeyTransRecipientInfoEx: sizeof(NSSCMSKeyTransRecipientInfo) +
- * 1 int, 1 pointer
- */
-
-struct NSSCMSRecipientInfoStr {
- NSSCMSRecipientInfoIDSelector recipientInfoType;
- union {
- NSSCMSKeyTransRecipientInfo keyTransRecipientInfo;
- NSSCMSKeyAgreeRecipientInfo keyAgreeRecipientInfo;
- NSSCMSKEKRecipientInfo kekRecipientInfo;
- NSSCMSKeyTransRecipientInfoEx keyTransRecipientInfoEx;
- } ri;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
- CERTCertificate * cert; /* recipient's certificate */
-};
-
-/* =============================================================================
- * DIGESTED DATA
- */
-struct NSSCMSDigestedDataStr {
- SECItem version;
- SECAlgorithmID digestAlg;
- NSSCMSContentInfo contentInfo;
- SECItem digest;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer */
- SECItem cdigest; /* calculated digest */
-};
-#define NSS_CMS_DIGESTED_DATA_VERSION_DATA 0 /* what we *create* */
-#define NSS_CMS_DIGESTED_DATA_VERSION_ENCAP 2 /* what we *create* */
-
-/* =============================================================================
- * ENCRYPTED DATA
- */
-struct NSSCMSEncryptedDataStr {
- SECItem version;
- NSSCMSContentInfo contentInfo;
- NSSCMSAttribute ** unprotectedAttr; /* optional */
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer */
-};
-#define NSS_CMS_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
-#define NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR 2 /* what we *create* */
-
-/* =============================================================================
- * FORTEZZA KEA
- */
-
-/* An enumerated type used to select templates based on the encryption
- scenario and data specifics. */
-typedef enum {
- NSSCMSKEAInvalid = -1,
- NSSCMSKEAUsesSkipjack = 0,
- NSSCMSKEAUsesNonSkipjack = 1,
- NSSCMSKEAUsesNonSkipjackWithPaddedEncKey = 2
-} NSSCMSKEATemplateSelector;
-
-/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
- but I cannot think of a more appropriate place at this time. */
-struct NSSCMSSMIMEKEAParametersStr {
- SECItem originatorKEAKey; /* sender KEA key (encrypted?) */
- SECItem originatorRA; /* random number generated by sender */
- SECItem nonSkipjackIV; /* init'n vector for SkipjackCBC64
- decryption of KEA key if Skipjack
- is not the bulk algorithm used on
- the message */
- SECItem bulkKeySize; /* if Skipjack is not the bulk
- algorithm used on the message,
- and the size of the bulk encryption
- key is not the same as that of
- originatorKEAKey (due to padding
- perhaps), this field will contain
- the real size of the bulk encryption
- key. */
-};
-
-/*
- * *****************************************************************************
- * *****************************************************************************
- * *****************************************************************************
- */
-
-/*
- * See comment above about this type not really belonging to CMS.
- */
-struct NSSCMSAttributeStr {
- /* The following fields make up an encoded Attribute: */
- SECItem type;
- SECItem ** values; /* data may or may not be encoded */
- /* The following fields are not part of an encoded Attribute: */
- SECOidData * typeTag;
- PRBool encoded; /* when true, values are encoded */
-};
-
-#endif /* _CMST_H_ */
diff --git a/security/nss/lib/smime/cmsutil.c b/security/nss/lib/smime/cmsutil.c
deleted file mode 100644
index 9c88e4ee9..000000000
--- a/security/nss/lib/smime/cmsutil.c
+++ /dev/null
@@ -1,390 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS miscellaneous utility functions.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "sechash.h"
-
-/*
- * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
- *
- * make sure that the order of the objects guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in objs).
- */
-SECStatus
-NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2)
-{
- PRArenaPool *poolp;
- int num_objs;
- SECItem **enc_objs;
- SECStatus rv = SECFailure;
- int i;
-
- if (objs == NULL) /* already sorted */
- return SECSuccess;
-
- num_objs = NSS_CMSArray_Count((void **)objs);
- if (num_objs == 0 || num_objs == 1) /* already sorted. */
- return SECSuccess;
-
- poolp = PORT_NewArena (1024); /* arena for temporaries */
- if (poolp == NULL)
- return SECFailure; /* no memory; nothing we can do... */
-
- /*
- * Allocate arrays to hold the individual encodings which we will use
- * for comparisons and the reordered attributes as they are sorted.
- */
- enc_objs = (SECItem **)PORT_ArenaZAlloc(poolp, (num_objs + 1) * sizeof(SECItem *));
- if (enc_objs == NULL)
- goto loser;
-
- /* DER encode each individual object. */
- for (i = 0; i < num_objs; i++) {
- enc_objs[i] = SEC_ASN1EncodeItem(poolp, NULL, objs[i], objtemplate);
- if (enc_objs[i] == NULL)
- goto loser;
- }
- enc_objs[num_objs] = NULL;
-
- /* now compare and sort objs by the order of enc_objs */
- NSS_CMSArray_Sort((void **)enc_objs, NSS_CMSUtil_DERCompare, objs, objs2);
-
- rv = SECSuccess;
-
-loser:
- PORT_FreeArena (poolp, PR_FALSE);
- return rv;
-}
-
-/*
- * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
- * sort arrays of SECItems containing DER
- */
-int
-NSS_CMSUtil_DERCompare(void *a, void *b)
-{
- SECItem *der1 = (SECItem *)a;
- SECItem *der2 = (SECItem *)b;
- int j;
-
- /*
- * Find the lowest (lexigraphically) encoding. One that is
- * shorter than all the rest is known to be "less" because each
- * attribute is of the same type (a SEQUENCE) and so thus the
- * first octet of each is the same, and the second octet is
- * the length (or the length of the length with the high bit
- * set, followed by the length, which also works out to always
- * order the shorter first). Two (or more) that have the
- * same length need to be compared byte by byte until a mismatch
- * is found.
- */
- if (der1->len != der2->len)
- return (der1->len < der2->len) ? -1 : 1;
-
- for (j = 0; j < der1->len; j++) {
- if (der1->data[j] == der2->data[j])
- continue;
- return (der1->data[j] < der2->data[j]) ? -1 : 1;
- }
- return 0;
-}
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algid - algorithmid of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-int
-NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid)
-{
- int i;
-
- if (algorithmArray == NULL || algorithmArray[0] == NULL)
- return -1;
-
- for (i = 0; algorithmArray[i] != NULL; i++) {
- if (SECOID_CompareAlgorithmID(algorithmArray[i], algid) == SECEqual)
- break; /* bingo */
- }
-
- if (algorithmArray[i] == NULL)
- return -1; /* not found */
-
- return i;
-}
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgTag - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algtag - algorithm tag of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-int
-NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray,
- SECOidTag algtag)
-{
- SECOidData *algid;
- int i = -1;
-
- if (algorithmArray == NULL || algorithmArray[0] == NULL)
- return i;
-
-#ifdef ORDER_N_SQUARED
- for (i = 0; algorithmArray[i] != NULL; i++) {
- algid = SECOID_FindOID(&(algorithmArray[i]->algorithm));
- if (algid->offset == algtag)
- break; /* bingo */
- }
-#else
- algid = SECOID_FindOIDByTag(algtag);
- if (!algid)
- return i;
- for (i = 0; algorithmArray[i] != NULL; i++) {
- if (SECITEM_ItemsAreEqual(&algorithmArray[i]->algorithm, &algid->oid))
- break; /* bingo */
- }
-#endif
-
- if (algorithmArray[i] == NULL)
- return -1; /* not found */
-
- return i;
-}
-
-const SECHashObject *
-NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid)
-{
- SECOidTag oidTag = SECOID_FindOIDTag(&(algid->algorithm));
- const SECHashObject *digobj = HASH_GetHashObjectByOidTag(oidTag);
-
- return digobj;
-}
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-SECOidTag
-NSS_CMSUtil_MakeSignatureAlgorithm(SECOidTag hashalg, SECOidTag encalg)
-{
- switch (encalg) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- switch (hashalg) {
- case SEC_OID_MD2:
- return SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
- case SEC_OID_MD5:
- return SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA1:
- return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA256:
- return SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA384:
- return SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA512:
- return SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
- default:
- return SEC_OID_UNKNOWN;
- }
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- switch (hashalg) {
- case SEC_OID_SHA1:
- return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- default:
- return SEC_OID_UNKNOWN;
- }
- default:
- break;
- }
-
- return encalg; /* maybe it is already the right algid */
-}
-
-const SEC_ASN1Template *
-NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type)
-{
- const SEC_ASN1Template *template;
- extern const SEC_ASN1Template NSSCMSSignedDataTemplate[];
- extern const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[];
- extern const SEC_ASN1Template NSSCMSEncryptedDataTemplate[];
- extern const SEC_ASN1Template NSSCMSDigestedDataTemplate[];
-
- switch (type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- template = NSSCMSSignedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- template = NSSCMSEnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- template = NSSCMSEncryptedDataTemplate;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- template = NSSCMSDigestedDataTemplate;
- break;
- default:
- case SEC_OID_PKCS7_DATA:
- template = NULL;
- break;
- }
- return template;
-}
-
-size_t
-NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type)
-{
- size_t size;
-
- switch (type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- size = sizeof(NSSCMSSignedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- size = sizeof(NSSCMSEnvelopedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- size = sizeof(NSSCMSEncryptedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- size = sizeof(NSSCMSDigestedData);
- break;
- default:
- case SEC_OID_PKCS7_DATA:
- size = 0;
- break;
- }
- return size;
-}
-
-NSSCMSContentInfo *
-NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type)
-{
- NSSCMSContent c;
- NSSCMSContentInfo *cinfo;
-
- PORT_Assert(msg != NULL);
-
- c.pointer = msg;
- switch (type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- cinfo = &(c.signedData->contentInfo);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- cinfo = &(c.envelopedData->contentInfo);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- cinfo = &(c.encryptedData->contentInfo);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- cinfo = &(c.digestedData->contentInfo);
- break;
- default:
- cinfo = NULL;
- }
- return cinfo;
-}
-
-const char *
-NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs)
-{
- switch (vs) {
- case NSSCMSVS_Unverified: return "Unverified";
- case NSSCMSVS_GoodSignature: return "GoodSignature";
- case NSSCMSVS_BadSignature: return "BadSignature";
- case NSSCMSVS_DigestMismatch: return "DigestMismatch";
- case NSSCMSVS_SigningCertNotFound: return "SigningCertNotFound";
- case NSSCMSVS_SigningCertNotTrusted: return "SigningCertNotTrusted";
- case NSSCMSVS_SignatureAlgorithmUnknown: return "SignatureAlgorithmUnknown";
- case NSSCMSVS_SignatureAlgorithmUnsupported: return "SignatureAlgorithmUnsupported";
- case NSSCMSVS_MalformedSignature: return "MalformedSignature";
- case NSSCMSVS_ProcessingError: return "ProcessingError";
- default: return "Unknown";
- }
-}
-
-SECStatus
-NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut,
- PLArenaPool *arena)
-{
- NSSCMSEncoderContext *ecx;
- SECStatus rv = SECSuccess;
- if (!cmsg || !derOut || !arena) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ecx = NSS_CMSEncoder_Start(cmsg, 0, 0, derOut, arena, 0, 0, 0, 0, 0, 0);
- if (!ecx) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
- if (input) {
- rv = NSS_CMSEncoder_Update(ecx, (const char*)input->data, input->len);
- if (rv) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- }
- }
- rv |= NSS_CMSEncoder_Finish(ecx);
- if (rv) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- }
- return rv;
-}
diff --git a/security/nss/lib/smime/config.mk b/security/nss/lib/smime/config.mk
deleted file mode 100644
index cd5c893a5..000000000
--- a/security/nss/lib/smime/config.mk
+++ /dev/null
@@ -1,89 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-RELEASE_LIBS = $(TARGETS)
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
-
-RES = $(OBJDIR)/smime.res
-RESNAME = smime.rc
-
-ifdef NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-else # ! NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/nss3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-endif # NS_USE_GCC
-
-else
-
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-
-ifeq ($(OS_ARCH), Darwin)
-EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib
-endif
-
-endif
-
-
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../pkcs12 \
- ../pkcs7 \
- $(NULL)
-
-
diff --git a/security/nss/lib/smime/manifest.mn b/security/nss/lib/smime/manifest.mn
deleted file mode 100644
index 10c559ef0..000000000
--- a/security/nss/lib/smime/manifest.mn
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- cms.h \
- cmst.h \
- smime.h \
- cmsreclist.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- cmslocal.h \
- $(NULL)
-
-MODULE = nss
-MAPFILE = $(OBJDIR)/smime.def
-
-CSRCS = \
- cmsarray.c \
- cmsasn1.c \
- cmsattr.c \
- cmscinfo.c \
- cmscipher.c \
- cmsdecode.c \
- cmsdigdata.c \
- cmsdigest.c \
- cmsencdata.c \
- cmsencode.c \
- cmsenvdata.c \
- cmsmessage.c \
- cmspubkey.c \
- cmsrecinfo.c \
- cmsreclist.c \
- cmssigdata.c \
- cmssiginfo.c \
- cmsutil.c \
- smimemessage.c \
- smimeutil.c \
- smimever.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = smime
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/smime/smime.def b/security/nss/lib/smime/smime.def
deleted file mode 100644
index c220d38c0..000000000
--- a/security/nss/lib/smime/smime.def
+++ /dev/null
@@ -1,242 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+
-;+NSS_3.2 { # NSS 3.2 release
-;+ global:
-LIBRARY smime3 ;-
-EXPORTS ;-
-NSS_CMSContentInfo_GetBulkKey;
-NSS_CMSContentInfo_GetBulkKeySize;
-NSS_CMSContentInfo_GetContent;
-NSS_CMSContentInfo_GetContentEncAlgTag;
-NSS_CMSContentInfo_GetContentTypeTag;
-NSS_CMSContentInfo_SetBulkKey;
-NSS_CMSContentInfo_SetContent;
-NSS_CMSContentInfo_SetContentEncAlg;
-NSS_CMSContentInfo_SetContent_Data;
-NSS_CMSContentInfo_SetContent_DigestedData;
-NSS_CMSContentInfo_SetContent_EncryptedData;
-NSS_CMSContentInfo_SetContent_EnvelopedData;
-NSS_CMSContentInfo_SetContent_SignedData;
-NSS_CMSDEREncode;
-NSS_CMSDecoder_Cancel;
-NSS_CMSDecoder_Finish;
-NSS_CMSDecoder_Start;
-NSS_CMSDecoder_Update;
-NSS_CMSDigestContext_Cancel;
-NSS_CMSDigestContext_FinishMultiple;
-NSS_CMSDigestContext_FinishSingle;
-NSS_CMSDigestContext_StartMultiple;
-NSS_CMSDigestContext_StartSingle;
-NSS_CMSDigestContext_Update;
-NSS_CMSDigestedData_Create;
-NSS_CMSDigestedData_Destroy;
-NSS_CMSDigestedData_GetContentInfo;
-NSS_CMSEncoder_Cancel;
-NSS_CMSEncoder_Finish;
-NSS_CMSEncoder_Start;
-NSS_CMSEncoder_Update;
-NSS_CMSEncryptedData_Create;
-NSS_CMSEncryptedData_Destroy;
-NSS_CMSEncryptedData_GetContentInfo;
-NSS_CMSEnvelopedData_AddRecipient;
-NSS_CMSEnvelopedData_Create;
-NSS_CMSEnvelopedData_Destroy;
-NSS_CMSEnvelopedData_GetContentInfo;
-NSS_CMSMessage_ContentLevel;
-NSS_CMSMessage_ContentLevelCount;
-NSS_CMSMessage_Copy;
-NSS_CMSMessage_Create;
-NSS_CMSMessage_CreateFromDER;
-NSS_CMSMessage_Destroy;
-NSS_CMSMessage_GetContent;
-NSS_CMSMessage_GetContentInfo;
-NSS_CMSRecipientInfo_Create;
-NSS_CMSRecipientInfo_Destroy;
-NSS_CMSSignedData_AddCertChain;
-NSS_CMSSignedData_AddCertList;
-NSS_CMSSignedData_AddCertificate;
-NSS_CMSSignedData_AddDigest;
-NSS_CMSSignedData_AddSignerInfo;
-NSS_CMSSignedData_Create;
-NSS_CMSSignedData_CreateCertsOnly;
-NSS_CMSSignedData_Destroy;
-NSS_CMSSignedData_GetContentInfo;
-NSS_CMSSignedData_GetDigestAlgs;
-NSS_CMSSignedData_GetSignerInfo;
-NSS_CMSSignedData_HasDigests;
-NSS_CMSSignedData_ImportCerts;
-NSS_CMSSignedData_SetDigests;
-NSS_CMSSignedData_SignerInfoCount;
-NSS_CMSSignedData_VerifyCertsOnly;
-NSS_CMSSignedData_VerifySignerInfo;
-NSS_CMSSignerInfo_AddSMIMECaps;
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs;
-NSS_CMSSignerInfo_AddSigningTime;
-NSS_CMSSignerInfo_Create;
-NSS_CMSSignerInfo_Destroy;
-NSS_CMSSignerInfo_GetCertList;
-NSS_CMSSignerInfo_GetSignerCommonName;
-NSS_CMSSignerInfo_GetSignerEmailAddress;
-NSS_CMSSignerInfo_GetSigningCertificate;
-NSS_CMSSignerInfo_GetSigningTime;
-NSS_CMSSignerInfo_GetVerificationStatus;
-NSS_CMSSignerInfo_GetVersion;
-NSS_CMSSignerInfo_IncludeCerts;
-NSS_CMSUtil_VerificationStatusToString;
-NSS_SMIMEUtil_FindBulkAlgForRecipients;
-CERT_DecodeCertPackage;
-SEC_PKCS7AddRecipient;
-SEC_PKCS7AddSigningTime;
-SEC_PKCS7ContentType;
-SEC_PKCS7CreateData;
-SEC_PKCS7CreateEncryptedData;
-SEC_PKCS7CreateEnvelopedData;
-SEC_PKCS7CreateSignedData;
-SEC_PKCS7DecodeItem;
-SEC_PKCS7DecoderFinish;
-SEC_PKCS7DecoderStart;
-SEC_PKCS7DecoderUpdate;
-SEC_PKCS7DecryptContents;
-SEC_PKCS7DestroyContentInfo;
-SEC_PKCS7EncoderFinish;
-SEC_PKCS7EncoderStart;
-SEC_PKCS7EncoderUpdate;
-SEC_PKCS7GetCertificateList;
-SEC_PKCS7GetContent;
-SEC_PKCS7GetEncryptionAlgorithm;
-SEC_PKCS7IncludeCertChain;
-SEC_PKCS7IsContentEmpty;
-SEC_PKCS7VerifySignature;
-SEC_PKCS12AddCertAndKey;
-SEC_PKCS12AddPasswordIntegrity;
-SEC_PKCS12CreateExportContext;
-SEC_PKCS12CreatePasswordPrivSafe;
-SEC_PKCS12CreateUnencryptedSafe;
-SEC_PKCS12EnableCipher;
-SEC_PKCS12Encode;
-SEC_PKCS12DecoderImportBags;
-SEC_PKCS12DecoderFinish;
-SEC_PKCS12DecoderStart;
-SEC_PKCS12DecoderUpdate;
-SEC_PKCS12DecoderValidateBags;
-SEC_PKCS12DecoderVerify;
-SEC_PKCS12DestroyExportContext;
-SEC_PKCS12IsEncryptionAllowed;
-SEC_PKCS12SetPreferredCipher;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.2.1 { # NSS 3.2.1 release
-;+ global:
-NSSSMIME_VersionCheck;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.3 { # NSS 3.3 release
-;+ global:
-SEC_PKCS7AddCertificate;
-SEC_PKCS7CreateCertsOnly;
-SEC_PKCS7Encode;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-CERT_DecodeCertFromPackage;
-NSS_CMSMessage_IsSigned;
-NSS_CMSSignedData_SetDigestValue;
-NSS_SMIMESignerInfo_SaveSMIMEProfile;
-SEC_PKCS12DecoderGetCerts;
-SEC_PKCS7ContainsCertsOrCrls;
-SEC_PKCS7ContentIsEncrypted;
-SEC_PKCS7ContentIsSigned;
-SEC_PKCS7CopyContentInfo;
-SEC_PKCS7GetSignerCommonName;
-SEC_PKCS7GetSignerEmailAddress;
-SEC_PKCS7GetSigningTime;
-SEC_PKCS7SetContent;
-SEC_PKCS7VerifyDetachedSignature;
-SECMIME_DecryptionAllowed;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.4.1 { # NSS 3.4.1 release
-;+ global:
-NSS_CMSMessage_IsEncrypted;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.6 { # NSS 3.6 release
-;+ global:
-NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs;
-NSS_CMSSignerInfo_CreateWithSubjKeyID;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.7 { # NSS 3.7 release
-;+ global:
-NSS_CMSRecipientInfo_CreateWithSubjKeyID;
-NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.7.2 { # NSS 3.7.2 release
-;+ global:
-NSS_CMSRecipientInfo_WrapBulkKey;
-NSS_CMSRecipientInfo_UnwrapBulkKey;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.8 { # NSS 3.8 release
-;+ global:
-NSS_CMSRecipientInfo_CreateNew;
-NSS_CMSRecipientInfo_CreateFromDER;
-NSS_CMSRecipientInfo_Encode;
-NSS_CMSRecipientInfo_GetCertAndKey;
-SEC_PKCS12DecoderSetTargetTokenCAs;
-;+ local:
-;+ *;
-;+};
diff --git a/security/nss/lib/smime/smime.h b/security/nss/lib/smime/smime.h
deleted file mode 100644
index 22d73324a..000000000
--- a/security/nss/lib/smime/smime.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header file for routines specific to S/MIME. Keep things that are pure
- * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
- *
- * $Id$
- */
-
-#ifndef _SECMIME_H_
-#define _SECMIME_H_ 1
-
-#include "cms.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Initialize the local recording of the user S/MIME cipher preferences.
- * This function is called once for each cipher, the order being
- * important (first call records greatest preference, and so on).
- * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
- * If the function is called again after that, it is assumed that
- * the preferences are being reset, and the old preferences are
- * discarded.
- *
- * XXX This is for a particular user, and right now the storage is
- * XXX local, static. The preference should be stored elsewhere to allow
- * XXX for multiple uses of one library? How does SSL handle this;
- * XXX it has something similar?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled. (It is not necessary to call the function for
- * ciphers that are disabled, however, as that is the default.)
- *
- * If the cipher preference is successfully recorded, SECSuccess
- * is returned. Otherwise SECFailure is returned. The only errors
- * are due to failure allocating memory or bad parameters/calls:
- * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- * SEC_ERROR_XXX (function is being called more times than there
- * are known/expected ciphers)
- */
-extern SECStatus NSS_SMIMEUtil_EnableCipher(long which, int on);
-
-/*
- * Initialize the local recording of the S/MIME policy.
- * This function is called to allow/disallow a particular cipher.
- *
- * XXX This is for a the current module, I think, so local, static storage
- * XXX is okay. Is that correct, or could multiple uses of the same
- * XXX library expect to operate under different policies?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled.
- */
-extern SECStatus NSS_SMIMEUtils_AllowCipher(long which, int on);
-
-/*
- * Does the current policy allow S/MIME decryption of this particular
- * algorithm and keysize?
- */
-extern PRBool NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-extern PRBool NSS_SMIMEUtil_EncryptionPossible(void);
-
-/*
- * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities attr value
- *
- * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
- * S/MIME capabilities attribute value.
- */
-extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers);
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
- */
-extern SECStatus NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert);
-
-/*
- * NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value using MS oid
- */
-extern SECStatus NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert);
-
-/*
- * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference - find cert marked by EncryptionKeyPreference
- * attribute
- */
-extern CERTCertificate *NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp);
-
-/*
- * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
- */
-extern SECStatus
-NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/smime/smime.rc b/security/nss/lib/smime/smime.rc
deleted file mode 100644
index f75da062d..000000000
--- a/security/nss/lib/smime/smime.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "smime"
-#define MY_FILEDESCRIPTION "NSS S/MIME Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/smime/smimemessage.c b/security/nss/lib/smime/smimemessage.c
deleted file mode 100644
index 8e684bd11..000000000
--- a/security/nss/lib/smime/smimemessage.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * SMIME message methods
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-#include "smime.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-#if 0
-/*
- * NSS_SMIMEMessage_CreateEncrypted - start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender. It will be checked for validity.
- * "rcerts" are the certs for the recipients. They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-NSSCMSMessage *
-NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert,
- CERTCertificate **rcerts,
- CERTCertDBHandle *certdb,
- PK11PasswordFunc pwfn,
- void *pwfn_arg)
-{
- NSSCMSMessage *cmsg;
- long cipher;
- SECOidTag encalg;
- int keysize;
- int mapi, rci;
-
- cipher = smime_choose_cipher (scert, rcerts);
- if (cipher < 0)
- return NULL;
-
- mapi = smime_mapi_by_cipher (cipher);
- if (mapi < 0)
- return NULL;
-
- /*
- * XXX This is stretching it -- CreateEnvelopedData should probably
- * take a cipher itself of some sort, because we cannot know what the
- * future will bring in terms of parameters for each type of algorithm.
- * For example, just an algorithm and keysize is *not* sufficient to
- * fully specify the usage of RC5 (which also needs to know rounds and
- * block size). Work this out into a better API!
- */
- encalg = smime_cipher_map[mapi].algtag;
- keysize = smime_keysize_by_cipher (cipher);
- if (keysize < 0)
- return NULL;
-
- cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
- certdb, encalg, keysize,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- for (rci = 0; rcerts[rci] != NULL; rci++) {
- if (rcerts[rci] == scert)
- continue;
- if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
- NULL) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
- }
-
- return cinfo;
-}
-
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "ecert" is the signer's encryption cert. If it is different from
- * scert, then it will be included in the signed message so that the
- * recipient can save it for future encryptions.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-
-NSSCMSMessage *
-NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert,
- CERTCertificate *ecert,
- CERTCertDBHandle *certdb,
- SECOidTag digestalgtag,
- SECItem *digest,
- PK11PasswordFunc pwfn,
- void *pwfn_arg)
-{
- NSSCMSMessage *cmsg;
- NSSCMSSignedData *sigd;
- NSSCMSSignerInfo *signerinfo;
-
- /* See note in header comment above about digestalg. */
- /* Doesn't explain this. PORT_Assert (digestalgtag == SEC_OID_SHA1); */
-
- cmsg = NSS_CMSMessage_Create(NULL);
- if (cmsg == NULL)
- return NULL;
-
- sigd = NSS_CMSSignedData_Create(cmsg);
- if (sigd == NULL)
- goto loser;
-
- /* create just one signerinfo */
- signerinfo = NSS_CMSSignerInfo_Create(cmsg, scert, digestalgtag);
- if (signerinfo == NULL)
- goto loser;
-
- /* Add the signing time to the signerinfo. */
- if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) != SECSuccess)
- goto loser;
-
- /* and add the SMIME profile */
- if (NSS_SMIMESignerInfo_AddSMIMEProfile(signerinfo, scert) != SECSuccess)
- goto loser;
-
- /* now add the signerinfo to the signeddata */
- if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess)
- goto loser;
-
- /* include the signing cert and its entire chain */
- /* note that there are no checks for duplicate certs in place, as all the */
- /* essential data structures (like set of certificate) are not there */
- if (NSS_CMSSignedData_AddCertChain(sigd, scert) != SECSuccess)
- goto loser;
-
- /* If the encryption cert and the signing cert differ, then include
- * the encryption cert too. */
- if ( ( ecert != NULL ) && ( ecert != scert ) ) {
- if (NSS_CMSSignedData_AddCertificate(sigd, ecert) != SECSuccess)
- goto loser;
- }
-
- return cmsg;
-loser:
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-#endif
diff --git a/security/nss/lib/smime/smimesym.c b/security/nss/lib/smime/smimesym.c
deleted file mode 100644
index e7bb771e5..000000000
--- a/security/nss/lib/smime/smimesym.c
+++ /dev/null
@@ -1,8 +0,0 @@
-extern void SEC_PKCS7DecodeItem();
-extern void SEC_PKCS7DestroyContentInfo();
-
-smime_CMDExports() {
- SEC_PKCS7DecodeItem();
- SEC_PKCS7DestroyContentInfo();
-}
-
diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c
deleted file mode 100644
index 6564db294..000000000
--- a/security/nss/lib/smime/smimeutil.c
+++ /dev/null
@@ -1,779 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Stuff specific to S/MIME policy and interoperability.
- *
- * $Id$
- */
-
-#include "secmime.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "ciferfam.h" /* for CIPHER_FAMILY symbols */
-#include "secasn1.h"
-#include "secitem.h"
-#include "cert.h"
-#include "key.h"
-#include "secerr.h"
-#include "cms.h"
-#include "nss.h"
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
-
-/* various integer's ASN.1 encoding */
-static unsigned char asn1_int40[] = { SEC_ASN1_INTEGER, 0x01, 0x28 };
-static unsigned char asn1_int64[] = { SEC_ASN1_INTEGER, 0x01, 0x40 };
-static unsigned char asn1_int128[] = { SEC_ASN1_INTEGER, 0x02, 0x00, 0x80 };
-
-/* RC2 algorithm parameters (used in smime_cipher_map) */
-static SECItem param_int40 = { siBuffer, asn1_int40, sizeof(asn1_int40) };
-static SECItem param_int64 = { siBuffer, asn1_int64, sizeof(asn1_int64) };
-static SECItem param_int128 = { siBuffer, asn1_int128, sizeof(asn1_int128) };
-
-/*
- * XXX Would like the "parameters" field to be a SECItem *, but the
- * encoder is having trouble with optional pointers to an ANY. Maybe
- * once that is fixed, can change this back...
- */
-typedef struct {
- SECItem capabilityID;
- SECItem parameters;
- long cipher; /* optimization */
-} NSSSMIMECapability;
-
-static const SEC_ASN1Template NSSSMIMECapabilityTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSSMIMECapability) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSSMIMECapability,capabilityID), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(NSSSMIMECapability,parameters), },
- { 0, }
-};
-
-static const SEC_ASN1Template NSSSMIMECapabilitiesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, NSSSMIMECapabilityTemplate }
-};
-
-/*
- * NSSSMIMEEncryptionKeyPreference - if we find one of these, it needs to prompt us
- * to store this and only this certificate permanently for the sender email address.
- */
-typedef enum {
- NSSSMIMEEncryptionKeyPref_IssuerSN,
- NSSSMIMEEncryptionKeyPref_RKeyID,
- NSSSMIMEEncryptionKeyPref_SubjectKeyID
-} NSSSMIMEEncryptionKeyPrefSelector;
-
-typedef struct {
- NSSSMIMEEncryptionKeyPrefSelector selector;
- union {
- CERTIssuerAndSN *issuerAndSN;
- NSSCMSRecipientKeyIdentifier *recipientKeyID;
- SECItem *subjectKeyID;
- } id;
-} NSSSMIMEEncryptionKeyPreference;
-
-extern const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[];
-
-static const SEC_ASN1Template smime_encryptionkeypref_template[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSSMIMEEncryptionKeyPreference,selector), NULL,
- sizeof(NSSSMIMEEncryptionKeyPreference) },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSSMIMEEncryptionKeyPreference,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSSMIMEEncryptionKeyPref_IssuerSN },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSSMIMEEncryptionKeyPreference,id.recipientKeyID),
- NSSCMSRecipientKeyIdentifierTemplate,
- NSSSMIMEEncryptionKeyPref_IssuerSN },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
- offsetof(NSSSMIMEEncryptionKeyPreference,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_OctetStringTemplate),
- NSSSMIMEEncryptionKeyPref_SubjectKeyID },
- { 0, }
-};
-
-/* smime_cipher_map - map of SMIME symmetric "ciphers" to algtag & parameters */
-typedef struct {
- unsigned long cipher;
- SECOidTag algtag;
- SECItem *parms;
- PRBool enabled; /* in the user's preferences */
- PRBool allowed; /* per export policy */
-} smime_cipher_map_entry;
-
-/* global: list of supported SMIME symmetric ciphers, ordered roughly by increasing strength */
-static smime_cipher_map_entry smime_cipher_map[] = {
-/* cipher algtag parms enabled allowed */
-/* ---------------------------------------------------------------------------------- */
- { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &param_int40, PR_TRUE, PR_TRUE },
- { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL, PR_TRUE, PR_TRUE },
- { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &param_int64, PR_TRUE, PR_TRUE },
- { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &param_int128, PR_TRUE, PR_TRUE },
- { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL, PR_TRUE, PR_TRUE },
- { SMIME_FORTEZZA, SEC_OID_FORTEZZA_SKIPJACK, NULL, PR_TRUE, PR_TRUE }
-};
-static const int smime_cipher_map_count = sizeof(smime_cipher_map) / sizeof(smime_cipher_map_entry);
-
-/*
- * smime_mapi_by_cipher - find index into smime_cipher_map by cipher
- */
-static int
-smime_mapi_by_cipher(unsigned long cipher)
-{
- int i;
-
- for (i = 0; i < smime_cipher_map_count; i++) {
- if (smime_cipher_map[i].cipher == cipher)
- return i; /* bingo */
- }
- return -1; /* should not happen if we're consistent, right? */
-}
-
-/*
- * NSS_SMIME_EnableCipher - this function locally records the user's preference
- */
-SECStatus
-NSS_SMIMEUtil_EnableCipher(unsigned long which, PRBool on)
-{
- unsigned long mask;
- int mapi;
-
- mask = which & CIPHER_FAMILYID_MASK;
-
- PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
- if (mask != CIPHER_FAMILYID_SMIME)
- /* XXX set an error! */
- return SECFailure;
-
- mapi = smime_mapi_by_cipher(which);
- if (mapi < 0)
- /* XXX set an error */
- return SECFailure;
-
- /* do we try to turn on a forbidden cipher? */
- if (!smime_cipher_map[mapi].allowed && on) {
- PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
- return SECFailure;
- }
-
- if (smime_cipher_map[mapi].enabled != on)
- smime_cipher_map[mapi].enabled = on;
-
- return SECSuccess;
-}
-
-
-/*
- * this function locally records the export policy
- */
-SECStatus
-NSS_SMIMEUtil_AllowCipher(unsigned long which, PRBool on)
-{
- unsigned long mask;
- int mapi;
-
- mask = which & CIPHER_FAMILYID_MASK;
-
- PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
- if (mask != CIPHER_FAMILYID_SMIME)
- /* XXX set an error! */
- return SECFailure;
-
- mapi = smime_mapi_by_cipher(which);
- if (mapi < 0)
- /* XXX set an error */
- return SECFailure;
-
- if (smime_cipher_map[mapi].allowed != on)
- smime_cipher_map[mapi].allowed = on;
-
- return SECSuccess;
-}
-
-/*
- * Based on the given algorithm (including its parameters, in some cases!)
- * and the given key (may or may not be inspected, depending on the
- * algorithm), find the appropriate policy algorithm specification
- * and return it. If no match can be made, -1 is returned.
- */
-static SECStatus
-nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, unsigned long *cipher)
-{
- SECOidTag algtag;
- unsigned int keylen_bits;
- unsigned long c;
-
- algtag = SECOID_GetAlgorithmTag(algid);
- switch (algtag) {
- case SEC_OID_RC2_CBC:
- keylen_bits = PK11_GetKeyStrength(key, algid);
- switch (keylen_bits) {
- case 40:
- c = SMIME_RC2_CBC_40;
- break;
- case 64:
- c = SMIME_RC2_CBC_64;
- break;
- case 128:
- c = SMIME_RC2_CBC_128;
- break;
- default:
- return SECFailure;
- }
- break;
- case SEC_OID_DES_CBC:
- c = SMIME_DES_CBC_56;
- break;
- case SEC_OID_DES_EDE3_CBC:
- c = SMIME_DES_EDE3_168;
- break;
- case SEC_OID_FORTEZZA_SKIPJACK:
- c = SMIME_FORTEZZA;
- break;
- default:
- return SECFailure;
- }
- *cipher = c;
- return SECSuccess;
-}
-
-static PRBool
-nss_smime_cipher_allowed(unsigned long which)
-{
- int mapi;
-
- mapi = smime_mapi_by_cipher(which);
- if (mapi < 0)
- return PR_FALSE;
- return smime_cipher_map[mapi].allowed;
-}
-
-PRBool
-NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
- unsigned long which;
-
- if (nss_smime_get_cipher_for_alg_and_key(algid, key, &which) != SECSuccess)
- return PR_FALSE;
-
- return nss_smime_cipher_allowed(which);
-}
-
-
-/*
- * NSS_SMIME_EncryptionPossible - check if any encryption is allowed
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-PRBool
-NSS_SMIMEUtil_EncryptionPossible(void)
-{
- int i;
-
- for (i = 0; i < smime_cipher_map_count; i++) {
- if (smime_cipher_map[i].allowed)
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-
-static int
-nss_SMIME_FindCipherForSMIMECap(NSSSMIMECapability *cap)
-{
- int i;
- SECOidTag capIDTag;
-
- /* we need the OIDTag here */
- capIDTag = SECOID_FindOIDTag(&(cap->capabilityID));
-
- /* go over all the SMIME ciphers we know and see if we find a match */
- for (i = 0; i < smime_cipher_map_count; i++) {
- if (smime_cipher_map[i].algtag != capIDTag)
- continue;
- /*
- * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
- * 2 NULLs as equal and NULL and non-NULL as not equal), we could
- * use that here instead of all of the following comparison code.
- */
- if (cap->parameters.data == NULL && smime_cipher_map[i].parms == NULL)
- break; /* both empty: bingo */
-
- if (cap->parameters.data != NULL && smime_cipher_map[i].parms != NULL &&
- cap->parameters.len == smime_cipher_map[i].parms->len &&
- PORT_Memcmp (cap->parameters.data, smime_cipher_map[i].parms->data,
- cap->parameters.len) == 0)
- {
- break; /* both not empty, same length & equal content: bingo */
- }
- }
-
- if (i == smime_cipher_map_count)
- return 0; /* no match found */
- else
- return smime_cipher_map[i].cipher; /* match found, point to cipher */
-}
-
-/*
- * smime_choose_cipher - choose a cipher that works for all the recipients
- *
- * "scert" - sender's certificate
- * "rcerts" - recipient's certificates
- */
-static long
-smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
-{
- PRArenaPool *poolp;
- long cipher;
- long chosen_cipher;
- int *cipher_abilities;
- int *cipher_votes;
- int weak_mapi;
- int strong_mapi;
- int rcount, mapi, max, i;
- PRBool scert_is_fortezza = (scert == NULL) ? PR_FALSE : PK11_FortezzaHasKEA(scert);
-
- chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
- weak_mapi = smime_mapi_by_cipher(chosen_cipher);
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- goto done;
-
- cipher_abilities = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
- cipher_votes = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
- if (cipher_votes == NULL || cipher_abilities == NULL)
- goto done;
-
- /* If the user has the Fortezza preference turned on, make
- * that the strong cipher. Otherwise, use triple-DES. */
- strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
- if (scert_is_fortezza) {
- mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
- if (mapi >= 0 && smime_cipher_map[mapi].enabled)
- strong_mapi = mapi;
- }
-
- /* walk all the recipient's certs */
- for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
- SECItem *profile;
- NSSSMIMECapability **caps;
- int pref;
-
- /* the first cipher that matches in the user's SMIME profile gets
- * "smime_cipher_map_count" votes; the next one gets "smime_cipher_map_count" - 1
- * and so on. If every cipher matches, the last one gets 1 (one) vote */
- pref = smime_cipher_map_count;
-
- /* find recipient's SMIME profile */
- profile = CERT_FindSMimeProfile(rcerts[rcount]);
-
- if (profile != NULL && profile->data != NULL && profile->len > 0) {
- /* we have a profile (still DER-encoded) */
- caps = NULL;
- /* decode it */
- if (SEC_ASN1DecodeItem(poolp, &caps, NSSSMIMECapabilitiesTemplate, profile) == SECSuccess &&
- caps != NULL)
- {
- /* walk the SMIME capabilities for this recipient */
- for (i = 0; caps[i] != NULL; i++) {
- cipher = nss_SMIME_FindCipherForSMIMECap(caps[i]);
- mapi = smime_mapi_by_cipher(cipher);
- if (mapi >= 0) {
- /* found the cipher */
- cipher_abilities[mapi]++;
- cipher_votes[mapi] += pref;
- --pref;
- }
- }
- }
- } else {
- /* no profile found - so we can only assume that the user can do
- * the mandatory algorithms which is RC2-40 (weak crypto) and 3DES (strong crypto) */
- SECKEYPublicKey *key;
- unsigned int pklen_bits;
-
- /*
- * if recipient's public key length is > 512, vote for a strong cipher
- * please not that the side effect of this is that if only one recipient
- * has an export-level public key, the strong cipher is disabled.
- *
- * XXX This is probably only good for RSA keys. What I would
- * really like is a function to just say; Is the public key in
- * this cert an export-length key? Then I would not have to
- * know things like the value 512, or the kind of key, or what
- * a subjectPublicKeyInfo is, etc.
- */
- key = CERT_ExtractPublicKey(rcerts[rcount]);
- pklen_bits = 0;
- if (key != NULL) {
- pklen_bits = SECKEY_PublicKeyStrength (key) * 8;
- SECKEY_DestroyPublicKey (key);
- }
-
- if (pklen_bits > 512) {
- /* cast votes for the strong algorithm */
- cipher_abilities[strong_mapi]++;
- cipher_votes[strong_mapi] += pref;
- pref--;
- }
-
- /* always cast (possibly less) votes for the weak algorithm */
- cipher_abilities[weak_mapi]++;
- cipher_votes[weak_mapi] += pref;
- }
- if (profile != NULL)
- SECITEM_FreeItem(profile, PR_TRUE);
- }
-
- /* find cipher that is agreeable by all recipients and that has the most votes */
- max = 0;
- for (mapi = 0; mapi < smime_cipher_map_count; mapi++) {
- /* if not all of the recipients can do this, forget it */
- if (cipher_abilities[mapi] != rcount)
- continue;
- /* if cipher is not enabled or not allowed by policy, forget it */
- if (!smime_cipher_map[mapi].enabled || !smime_cipher_map[mapi].allowed)
- continue;
- /* if we're not doing fortezza, but the cipher is fortezza, forget it */
- if (!scert_is_fortezza && (smime_cipher_map[mapi].cipher == SMIME_FORTEZZA))
- continue;
- /* now see if this one has more votes than the last best one */
- if (cipher_votes[mapi] >= max) {
- /* if equal number of votes, prefer the ones further down in the list */
- /* with the expectation that these are higher rated ciphers */
- chosen_cipher = smime_cipher_map[mapi].cipher;
- max = cipher_votes[mapi];
- }
- }
- /* if no common cipher was found, chosen_cipher stays at the default */
-
-done:
- if (poolp != NULL)
- PORT_FreeArena (poolp, PR_FALSE);
-
- return chosen_cipher;
-}
-
-/*
- * XXX This is a hack for now to satisfy our current interface.
- * Eventually, with more parameters needing to be specified, just
- * looking up the keysize is not going to be sufficient.
- */
-static int
-smime_keysize_by_cipher (unsigned long which)
-{
- int keysize;
-
- switch (which) {
- case SMIME_RC2_CBC_40:
- keysize = 40;
- break;
- case SMIME_RC2_CBC_64:
- keysize = 64;
- break;
- case SMIME_RC2_CBC_128:
- keysize = 128;
- break;
- case SMIME_DES_CBC_56:
- case SMIME_DES_EDE3_168:
- case SMIME_FORTEZZA:
- /*
- * These are special; since the key size is fixed, we actually
- * want to *avoid* specifying a key size.
- */
- keysize = 0;
- break;
- default:
- keysize = -1;
- break;
- }
-
- return keysize;
-}
-
-/*
- * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
- *
- * it would be great for UI purposes if there would be a way to find out which recipients
- * prevented a strong cipher from being used...
- */
-SECStatus
-NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize)
-{
- unsigned long cipher;
- int mapi;
-
- cipher = smime_choose_cipher(NULL, rcerts);
- mapi = smime_mapi_by_cipher(cipher);
-
- *bulkalgtag = smime_cipher_map[mapi].algtag;
- *keysize = smime_keysize_by_cipher(smime_cipher_map[mapi].cipher);
-
- return SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities for this instance of NSS
- *
- * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
- * S/MIME capabilities attribute value.
- *
- * XXX Please note that, in contradiction to RFC2633 2.5.2, the capabilities only include
- * symmetric ciphers, NO signature algorithms or key encipherment algorithms.
- *
- * "poolp" - arena pool to create the S/MIME capabilities data on
- * "dest" - SECItem to put the data in
- * "includeFortezzaCiphers" - PR_TRUE if fortezza ciphers should be included
- */
-SECStatus
-NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers)
-{
- NSSSMIMECapability *cap;
- NSSSMIMECapability **smime_capabilities;
- smime_cipher_map_entry *map;
- SECOidData *oiddata;
- SECItem *dummy;
- int i, capIndex;
-
- /* if we have an old NSSSMIMECapability array, we'll reuse it (has the right size) */
- /* smime_cipher_map_count + 1 is an upper bound - we might end up with less */
- smime_capabilities = (NSSSMIMECapability **)PORT_ZAlloc((smime_cipher_map_count + 1)
- * sizeof(NSSSMIMECapability *));
- if (smime_capabilities == NULL)
- return SECFailure;
-
- capIndex = 0;
-
- /* Add all the symmetric ciphers
- * We walk the cipher list backwards, as it is ordered by increasing strength,
- * we prefer the stronger cipher over a weaker one, and we have to list the
- * preferred algorithm first */
- for (i = smime_cipher_map_count - 1; i >= 0; i--) {
- /* Find the corresponding entry in the cipher map. */
- map = &(smime_cipher_map[i]);
- if (!map->enabled)
- continue;
-
- /* If we're using a non-Fortezza cert, only advertise non-Fortezza
- capabilities. (We advertise all capabilities if we have a
- Fortezza cert.) */
- if ((!includeFortezzaCiphers) && (map->cipher == SMIME_FORTEZZA))
- continue;
-
- /* get next SMIME capability */
- cap = (NSSSMIMECapability *)PORT_ZAlloc(sizeof(NSSSMIMECapability));
- if (cap == NULL)
- break;
- smime_capabilities[capIndex++] = cap;
-
- oiddata = SECOID_FindOIDByTag(map->algtag);
- if (oiddata == NULL)
- break;
-
- cap->capabilityID.data = oiddata->oid.data;
- cap->capabilityID.len = oiddata->oid.len;
- cap->parameters.data = map->parms ? map->parms->data : NULL;
- cap->parameters.len = map->parms ? map->parms->len : 0;
- cap->cipher = smime_cipher_map[i].cipher;
- }
-
- /* XXX add signature algorithms */
- /* XXX add key encipherment algorithms */
-
- smime_capabilities[capIndex] = NULL; /* last one - now encode */
- dummy = SEC_ASN1EncodeItem(poolp, dest, &smime_capabilities, NSSSMIMECapabilitiesTemplate);
-
- /* now that we have the proper encoded SMIMECapabilities (or not),
- * free the work data */
- for (i = 0; smime_capabilities[i] != NULL; i++)
- PORT_Free(smime_capabilities[i]);
- PORT_Free(smime_capabilities);
-
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
- *
- * "poolp" - arena pool to create the attr value on
- * "dest" - SECItem to put the data in
- * "cert" - certificate that should be marked as preferred encryption key
- * cert is expected to have been verified for EmailRecipient usage.
- */
-SECStatus
-NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert)
-{
- NSSSMIMEEncryptionKeyPreference ekp;
- SECItem *dummy = NULL;
- PLArenaPool *tmppoolp = NULL;
-
- if (cert == NULL)
- goto loser;
-
- tmppoolp = PORT_NewArena(1024);
- if (tmppoolp == NULL)
- goto loser;
-
- /* XXX hardcoded IssuerSN choice for now */
- ekp.selector = NSSSMIMEEncryptionKeyPref_IssuerSN;
- ekp.id.issuerAndSN = CERT_GetCertIssuerAndSN(tmppoolp, cert);
- if (ekp.id.issuerAndSN == NULL)
- goto loser;
-
- dummy = SEC_ASN1EncodeItem(poolp, dest, &ekp, smime_encryptionkeypref_template);
-
-loser:
- if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value using MS oid
- *
- * "poolp" - arena pool to create the attr value on
- * "dest" - SECItem to put the data in
- * "cert" - certificate that should be marked as preferred encryption key
- * cert is expected to have been verified for EmailRecipient usage.
- */
-SECStatus
-NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert)
-{
- SECItem *dummy = NULL;
- PLArenaPool *tmppoolp = NULL;
- CERTIssuerAndSN *isn;
-
- if (cert == NULL)
- goto loser;
-
- tmppoolp = PORT_NewArena(1024);
- if (tmppoolp == NULL)
- goto loser;
-
- isn = CERT_GetCertIssuerAndSN(tmppoolp, cert);
- if (isn == NULL)
- goto loser;
-
- dummy = SEC_ASN1EncodeItem(poolp, dest, isn, SEC_ASN1_GET(CERT_IssuerAndSNTemplate));
-
-loser:
- if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference -
- * find cert marked by EncryptionKeyPreference attribute
- *
- * "certdb" - handle for the cert database to look in
- * "DERekp" - DER-encoded value of S/MIME Encryption Key Preference attribute
- *
- * if certificate is supposed to be found among the message's included certificates,
- * they are assumed to have been imported already.
- */
-CERTCertificate *
-NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp)
-{
- PLArenaPool *tmppoolp = NULL;
- CERTCertificate *cert = NULL;
- NSSSMIMEEncryptionKeyPreference ekp;
-
- tmppoolp = PORT_NewArena(1024);
- if (tmppoolp == NULL)
- return NULL;
-
- /* decode DERekp */
- if (SEC_ASN1DecodeItem(tmppoolp, &ekp, smime_encryptionkeypref_template, DERekp) != SECSuccess)
- goto loser;
-
- /* find cert */
- switch (ekp.selector) {
- case NSSSMIMEEncryptionKeyPref_IssuerSN:
- cert = CERT_FindCertByIssuerAndSN(certdb, ekp.id.issuerAndSN);
- break;
- case NSSSMIMEEncryptionKeyPref_RKeyID:
- case NSSSMIMEEncryptionKeyPref_SubjectKeyID:
- /* XXX not supported yet - we need to be able to look up certs by SubjectKeyID */
- break;
- default:
- PORT_Assert(0);
- }
-loser:
- if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
- return cert;
-}
-
-extern const char __nss_smime_rcsid[];
-extern const char __nss_smime_sccsid[];
-
-PRBool
-NSSSMIME_VersionCheck(const char *importedVersion)
-{
- /*
- * This is the secret handshake algorithm.
- *
- * This release has a simple version compatibility
- * check algorithm. This release is not backward
- * compatible with previous major releases. It is
- * not compatible with future major, minor, or
- * patch releases.
- */
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_smime_rcsid[0] + __nss_smime_sccsid[0];
-
- return NSS_VersionCheck(importedVersion);
-}
-
diff --git a/security/nss/lib/smime/smimever.c b/security/nss/lib/smime/smimever.c
deleted file mode 100644
index d10e7a6a3..000000000
--- a/security/nss/lib/smime/smimever.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_smime_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_smime_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/softoken/Makefile b/security/nss/lib/softoken/Makefile
deleted file mode 100644
index fa3b20648..000000000
--- a/security/nss/lib/softoken/Makefile
+++ /dev/null
@@ -1,91 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pkcs11c.c in 64-bit mode for unknown reasons. A workaround is
-# to compile it with optimizations turned on. (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pkcs11.o: pkcs11.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-$(OBJDIR)/pkcs11c.o: pkcs11c.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
diff --git a/security/nss/lib/softoken/alghmac.c b/security/nss/lib/softoken/alghmac.c
deleted file mode 100644
index fb22fbd9c..000000000
--- a/security/nss/lib/softoken/alghmac.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sechash.h"
-#include "secport.h"
-#include "alghmac.h"
-#include "secerr.h"
-
-#define HMAC_PAD_SIZE 64
-
-struct HMACContextStr {
- void *hash;
- const SECHashObject *hashobj;
- unsigned char ipad[HMAC_PAD_SIZE];
- unsigned char opad[HMAC_PAD_SIZE];
-};
-
-void
-HMAC_Destroy(HMACContext *cx)
-{
- if (cx == NULL)
- return;
-
- if (cx->hash != NULL)
- cx->hashobj->destroy(cx->hash, PR_TRUE);
- PORT_ZFree(cx, sizeof(HMACContext));
-}
-
-HMACContext *
-HMAC_Create(const SECHashObject *hash_obj, const unsigned char *secret,
- unsigned int secret_len, PRBool isFIPS)
-{
- HMACContext *cx;
- unsigned int i;
- unsigned char hashed_secret[HASH_LENGTH_MAX];
-
- /* required by FIPS 198 Section 3 */
- if (isFIPS && secret_len < hash_obj->length/2) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- cx = (HMACContext*)PORT_ZAlloc(sizeof(HMACContext));
- if (cx == NULL)
- return NULL;
- cx->hashobj = hash_obj;
-
- cx->hash = cx->hashobj->create();
- if (cx->hash == NULL)
- goto loser;
-
- if (secret_len > HMAC_PAD_SIZE) {
- cx->hashobj->begin( cx->hash);
- cx->hashobj->update(cx->hash, secret, secret_len);
- PORT_Assert(cx->hashobj->length <= sizeof hashed_secret);
- cx->hashobj->end( cx->hash, hashed_secret, &secret_len,
- sizeof hashed_secret);
- if (secret_len != cx->hashobj->length)
- goto loser;
- secret = (const unsigned char *)&hashed_secret[0];
- }
-
- PORT_Memset(cx->ipad, 0x36, sizeof cx->ipad);
- PORT_Memset(cx->opad, 0x5c, sizeof cx->opad);
-
- /* fold secret into padding */
- for (i = 0; i < secret_len; i++) {
- cx->ipad[i] ^= secret[i];
- cx->opad[i] ^= secret[i];
- }
- PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
- return cx;
-
-loser:
- PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
- HMAC_Destroy(cx);
- return NULL;
-}
-
-void
-HMAC_Begin(HMACContext *cx)
-{
- /* start inner hash */
- cx->hashobj->begin(cx->hash);
- cx->hashobj->update(cx->hash, cx->ipad, sizeof(cx->ipad));
-}
-
-void
-HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len)
-{
- cx->hashobj->update(cx->hash, data, data_len);
-}
-
-SECStatus
-HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
- unsigned int max_result_len)
-{
- if (max_result_len < cx->hashobj->length) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- cx->hashobj->end(cx->hash, result, result_len, max_result_len);
- if (*result_len != cx->hashobj->length)
- return SECFailure;
-
- cx->hashobj->begin(cx->hash);
- cx->hashobj->update(cx->hash, cx->opad, sizeof(cx->opad));
- cx->hashobj->update(cx->hash, result, *result_len);
- cx->hashobj->end(cx->hash, result, result_len, max_result_len);
- return SECSuccess;
-}
-
-HMACContext *
-HMAC_Clone(HMACContext *cx)
-{
- HMACContext *newcx;
-
- newcx = (HMACContext*)PORT_ZAlloc(sizeof(HMACContext));
- if (newcx == NULL)
- goto loser;
-
- newcx->hashobj = cx->hashobj;
- newcx->hash = cx->hashobj->clone(cx->hash);
- if (newcx->hash == NULL)
- goto loser;
- PORT_Memcpy(newcx->ipad, cx->ipad, sizeof(cx->ipad));
- PORT_Memcpy(newcx->opad, cx->opad, sizeof(cx->opad));
- return newcx;
-
-loser:
- HMAC_Destroy(newcx);
- return NULL;
-}
diff --git a/security/nss/lib/softoken/alghmac.h b/security/nss/lib/softoken/alghmac.h
deleted file mode 100644
index fe1ff59d2..000000000
--- a/security/nss/lib/softoken/alghmac.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _ALGHMAC_H_
-#define _ALGHMAC_H_
-
-typedef struct HMACContextStr HMACContext;
-
-SEC_BEGIN_PROTOS
-
-/* destroy HMAC context */
-extern void
-HMAC_Destroy(HMACContext *cx);
-
-/* create HMAC context
- * hashObj hash object from SECRawHashObjects[]
- * secret the secret with which the HMAC is performed.
- * secret_len the length of the secret.
- * isFIPS true if conforming to FIPS 198.
- *
- * NULL is returned if an error occurs.
- */
-extern HMACContext *
-HMAC_Create(const SECHashObject *hashObj, const unsigned char *secret,
- unsigned int secret_len, PRBool isFIPS);
-
-/* reset HMAC for a fresh round */
-extern void
-HMAC_Begin(HMACContext *cx);
-
-/* update HMAC
- * cx HMAC Context
- * data the data to perform HMAC on
- * data_len the length of the data to process
- */
-extern void
-HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len);
-
-/* Finish HMAC -- place the results within result
- * cx HMAC context
- * result buffer for resulting hmac'd data
- * result_len where the resultant hmac length is stored
- * max_result_len maximum possible length that can be stored in result
- */
-extern SECStatus
-HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
- unsigned int max_result_len);
-
-/* clone a copy of the HMAC state. this is usefult when you would
- * need to keep a running hmac but also need to extract portions
- * partway through the process.
- */
-extern HMACContext *
-HMAC_Clone(HMACContext *cx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/softoken/cdbhdl.h b/security/nss/lib/softoken/cdbhdl.h
deleted file mode 100644
index d3a3f7c8d..000000000
--- a/security/nss/lib/softoken/cdbhdl.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * cdbhdl.h - certificate database handle
- * private to the certdb module
- *
- * $Id$
- */
-#ifndef _CDBHDL_H_
-#define _CDBHDL_H_
-
-#include "nspr.h"
-#include "mcom_db.h"
-#include "pcertt.h"
-
-/*
- * Handle structure for open certificate databases
- */
-struct NSSLOWCERTCertDBHandleStr {
- DB *permCertDB;
- PZMonitor *dbMon;
- PRBool dbVerify;
-};
-
-#ifdef DBM_USING_NSPR
-#define NO_RDONLY PR_RDONLY
-#define NO_RDWR PR_RDWR
-#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
-#else
-#define NO_RDONLY O_RDONLY
-#define NO_RDWR O_RDWR
-#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
-#endif
-
-typedef DB * (*rdbfunc)(const char *appName, const char *prefix,
- const char *type, int flags);
-typedef int (*rdbstatusfunc)(void);
-
-#define RDB_FAIL 1
-#define RDB_RETRY 2
-
-DB * rdbopen(const char *appName, const char *prefix,
- const char *type, int flags, int *status);
-
-DB *dbsopen (const char *dbname , int flags, int mode, DBTYPE type,
- const void * appData);
-SECStatus db_Copy(DB *dest,DB *src);
-int db_BeginTransaction(DB *db);
-int db_FinishTransaction(DB *db, PRBool abort);
-int db_InitComplete(DB *db);
-
-#endif
diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk
deleted file mode 100644
index a9f7c4b4b..000000000
--- a/security/nss/lib/softoken/config.mk
+++ /dev/null
@@ -1,105 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-CRYPTODIR=../freebl
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
- CRYPTODIR=../crypto
-endif
-
-EXTRA_LIBS += \
- $(CRYPTOLIB) \
- $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
- $(NULL)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-ifdef NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-else # ! NS_USE_GCC
-ifdef MOZILLA_BSAFE_BUILD
- EXTRA_LIBS+=$(DIST)/lib/bsafe$(BSAFEVER).lib
-endif
-
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-endif # NS_USE_GCC
-
-else
-
-ifdef MOZILLA_BSAFE_BUILD
- EXTRA_LIBS+=$(DIST)/lib/$(LIB_PREFIX)bsafe.$(LIB_SUFFIX)
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-
-ifeq ($(OS_TARGET),SunOS)
-ifndef USE_64
-ifeq ($(CPU_ARCH),sparc)
-# The -R '$ORIGIN' linker option instructs libsoftokn3.so to search for its
-# dependencies (libfreebl_*.so) in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-endif
-endif
-endif
-
-ifeq ($(OS_TARGET),WINCE)
-DEFINES += -DDBM_USING_NSPR
-endif
diff --git a/security/nss/lib/softoken/dbinit.c b/security/nss/lib/softoken/dbinit.c
deleted file mode 100644
index 55b27ef3b..000000000
--- a/security/nss/lib/softoken/dbinit.c
+++ /dev/null
@@ -1,419 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include <ctype.h>
-#include "seccomon.h"
-#include "prinit.h"
-#include "prprf.h"
-#include "prmem.h"
-#include "pcertt.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secrng.h"
-#include "cdbhdl.h"
-#include "pkcs11i.h"
-
-static char *
-pk11_certdb_name_cb(void *arg, int dbVersion)
-{
- const char *configdir = (const char *)arg;
- const char *dbver;
- char *smpname = NULL;
- char *dbname = NULL;
-
- switch (dbVersion) {
- case 8:
- dbver = "8";
- break;
- case 7:
- dbver = "7";
- break;
- case 6:
- dbver = "6";
- break;
- case 5:
- dbver = "5";
- break;
- case 4:
- default:
- dbver = "";
- break;
- }
-
- /* make sure we return something allocated with PORT_ so we have properly
- * matched frees at the end */
- smpname = PR_smprintf(CERT_DB_FMT, configdir, dbver);
- if (smpname) {
- dbname = PORT_Strdup(smpname);
- PR_smprintf_free(smpname);
- }
- return dbname;
-}
-
-static char *
-pk11_keydb_name_cb(void *arg, int dbVersion)
-{
- const char *configdir = (const char *)arg;
- const char *dbver;
- char *smpname = NULL;
- char *dbname = NULL;
-
- switch (dbVersion) {
- case 4:
- dbver = "4";
- break;
- case 3:
- dbver = "3";
- break;
- case 1:
- dbver = "1";
- break;
- case 2:
- default:
- dbver = "";
- break;
- }
-
- smpname = PR_smprintf(KEY_DB_FMT, configdir, dbver);
- if (smpname) {
- dbname = PORT_Strdup(smpname);
- PR_smprintf_free(smpname);
- }
- return dbname;
-}
-
-/* for now... we need to define vendor specific codes here.
- */
-#define CKR_CERTDB_FAILED CKR_DEVICE_ERROR
-#define CKR_KEYDB_FAILED CKR_DEVICE_ERROR
-
-const char *
-pk11_EvaluateConfigDir(const char *configdir,char **appName)
-{
- if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
- char *cdir;
-
- *appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1);
- if (*appName == NULL) {
- return configdir;
- }
- cdir = *appName;
- while (*cdir && *cdir != ':') {
- cdir++;
- }
- if (*cdir == ':') {
- *cdir = 0;
- cdir++;
- }
- configdir = cdir;
- }
- return configdir;
-}
-
-static CK_RV
-pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
- NSSLOWCERTCertDBHandle **certdbPtr)
-{
- NSSLOWCERTCertDBHandle *certdb = NULL;
- CK_RV crv = CKR_CERTDB_FAILED;
- SECStatus rv;
- char * name = NULL;
- char * appName = NULL;
-
- if (prefix == NULL) {
- prefix = "";
- }
-
- configdir = pk11_EvaluateConfigDir(configdir, &appName);
-
- name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
- if (name == NULL) goto loser;
-
- certdb = (NSSLOWCERTCertDBHandle*)PORT_ZAlloc(sizeof(NSSLOWCERTCertDBHandle));
- if (certdb == NULL)
- goto loser;
-
-/* fix when we get the DB in */
- rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
- pk11_certdb_name_cb, (void *)name, PR_FALSE);
- if (rv == SECSuccess) {
- crv = CKR_OK;
- *certdbPtr = certdb;
- certdb = NULL;
- }
-loser:
- if (certdb) PR_Free(certdb);
- if (name) PR_smprintf_free(name);
- if (appName) PORT_Free(appName);
- return crv;
-}
-
-static CK_RV
-pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
- NSSLOWKEYDBHandle **keydbPtr)
-{
- NSSLOWKEYDBHandle *keydb;
- char * name = NULL;
- char * appName = NULL;
-
- if (prefix == NULL) {
- prefix = "";
- }
- configdir = pk11_EvaluateConfigDir(configdir, &appName);
-
- name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
- if (name == NULL)
- return SECFailure;
- keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix,
- pk11_keydb_name_cb, (void *)name);
- PR_smprintf_free(name);
- if (appName) PORT_Free(appName);
- if (keydb == NULL)
- return CKR_KEYDB_FAILED;
- *keydbPtr = keydb;
-
- return CKR_OK;
-}
-
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- * Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- * PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * be opened.
- */
-CK_RV
-pk11_DBInit(const char *configdir, const char *certPrefix,
- const char *keyPrefix, PRBool readOnly,
- PRBool noCertDB, PRBool noKeyDB, PRBool forceOpen,
- NSSLOWCERTCertDBHandle **certdbPtr, NSSLOWKEYDBHandle **keydbPtr)
-{
- CK_RV crv = CKR_OK;
-
-
- if (!noCertDB) {
- crv = pk11_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr);
- if (crv != CKR_OK) {
- if (!forceOpen) goto loser;
- crv = CKR_OK;
- }
- }
- if (!noKeyDB) {
-
- crv = pk11_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr);
- if (crv != CKR_OK) {
- if (!forceOpen) goto loser;
- crv = CKR_OK;
- }
- }
-
-
-loser:
- return crv;
-}
-
-
-void
-pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
- NSSLOWKEYDBHandle *keyHandle)
-{
- if (certHandle) {
- nsslowcert_ClosePermCertDB(certHandle);
- PORT_Free(certHandle);
- certHandle= NULL;
- }
-
- if (keyHandle) {
- nsslowkey_CloseKeyDB(keyHandle);
- keyHandle= NULL;
- }
-}
-
-static int rdbmapflags(int flags);
-static rdbfunc pk11_rdbfunc = NULL;
-static rdbstatusfunc pk11_rdbstatusfunc = NULL;
-
-/* NOTE: SHLIB_SUFFIX is defined on the command line */
-#define RDBLIB SHLIB_PREFIX"rdb."SHLIB_SUFFIX
-
-DB * rdbopen(const char *appName, const char *prefix,
- const char *type, int flags, int *status)
-{
- PRLibrary *lib;
- DB *db;
-
- if (pk11_rdbfunc) {
- db = (*pk11_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
- if (!db && status && pk11_rdbstatusfunc) {
- *status = (*pk11_rdbstatusfunc)();
- }
- return db;
- }
-
- /*
- * try to open the library.
- */
- lib = PR_LoadLibrary(RDBLIB);
-
- if (!lib) {
- return NULL;
- }
-
- /* get the entry points */
- pk11_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus");
- pk11_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
- if (pk11_rdbfunc) {
- db = (*pk11_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
- if (!db && status && pk11_rdbstatusfunc) {
- *status = (*pk11_rdbstatusfunc)();
- }
- return db;
- }
-
- /* couldn't find the entry point, unload the library and fail */
- PR_UnloadLibrary(lib);
- return NULL;
-}
-
-/*
- * the following data structures are from rdb.h.
- */
-struct RDBStr {
- DB db;
- int (*xactstart)(DB *db);
- int (*xactdone)(DB *db, PRBool abort);
- int version;
- int (*dbinitcomplete)(DB *db);
-};
-
-#define DB_RDB ((DBTYPE) 0xff)
-#define RDB_RDONLY 1
-#define RDB_RDWR 2
-#define RDB_CREATE 4
-
-static int
-rdbmapflags(int flags) {
- switch (flags) {
- case NO_RDONLY:
- return RDB_RDONLY;
- case NO_RDWR:
- return RDB_RDWR;
- case NO_CREATE:
- return RDB_CREATE;
- default:
- break;
- }
- return 0;
-}
-
-
-PRBool
-db_IsRDB(DB *db)
-{
- return (PRBool) db->type == DB_RDB;
-}
-
-int
-db_BeginTransaction(DB *db)
-{
- struct RDBStr *rdb = (struct RDBStr *)db;
- if (db->type != DB_RDB) {
- return 0;
- }
-
- return rdb->xactstart(db);
-}
-
-int
-db_FinishTransaction(DB *db, PRBool abort)
-{
- struct RDBStr *rdb = (struct RDBStr *)db;
- if (db->type != DB_RDB) {
- return 0;
- }
-
- return rdb->xactdone(db, abort);
-}
-
-int
-db_InitComplete(DB *db)
-{
- struct RDBStr *rdb = (struct RDBStr *)db;
- if (db->type != DB_RDB) {
- return 0;
- }
- /* we should have addes a version number to the RDBS structure. Since we
- * didn't, we detect that we have and 'extended' structure if the rdbstatus
- * func exists */
- if (!pk11_rdbstatusfunc) {
- return 0;
- }
-
- return rdb->dbinitcomplete(db);
-}
-
-
-
-SECStatus
-db_Copy(DB *dest,DB *src)
-{
- int ret;
- DBT key,data;
- ret = (*src->seq)(src, &key, &data, R_FIRST);
- if (ret) {
- return SECSuccess;
- }
-
- do {
- (void)(*dest->put)(dest,&key,&data, R_NOOVERWRITE);
- } while ( (*src->seq)(src, &key, &data, R_NEXT) == 0);
- (void)(*dest->sync)(dest,0);
-
- return SECSuccess;
-}
-
diff --git a/security/nss/lib/softoken/dbmshim.c b/security/nss/lib/softoken/dbmshim.c
deleted file mode 100644
index a085765c6..000000000
--- a/security/nss/lib/softoken/dbmshim.c
+++ /dev/null
@@ -1,661 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Berkeley DB 1.85 Shim code to handle blobs.
- *
- * $Id$
- */
-#include "mcom_db.h"
-#include "secitem.h"
-#include "secder.h"
-#include "prprf.h"
-#include "cdbhdl.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "pcertt.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssb64.h"
-#include "blapi.h"
-#include "sechash.h"
-
-#include "pkcs11i.h"
-
-/*
- * Blob block:
- * Byte 0 CERTDB Version -+ -+
- * Byte 1 certDBEntryTypeBlob | BLOB_HEAD_LEN |
- * Byte 2 flags (always '0'); | |
- * Byte 3 reserved (always '0'); -+ |
- * Byte 4 LSB length | <--BLOB_LENGTH_START | BLOB_BUF_LEN
- * Byte 5 . | |
- * Byte 6 . | BLOB_LENGTH_LEN |
- * Byte 7 MSB length | |
- * Byte 8 blob_filename -+ -+ <-- BLOB_NAME_START |
- * Byte 9 . | BLOB_NAME_LEN |
- * . . | |
- * Byte 37 . -+ -+
- */
-#define DBS_BLOCK_SIZE (16*1024) /* 16 k */
-#define DBS_MAX_ENTRY_SIZE (DBS_BLOCK_SIZE - (2048)) /* 14 k */
-#define DBS_CACHE_SIZE DBS_BLOCK_SIZE*8
-#define ROUNDDIV(x,y) (x+(y-1))/y
-#define BLOB_HEAD_LEN 4
-#define BLOB_LENGTH_START BLOB_HEAD_LEN
-#define BLOB_LENGTH_LEN 4
-#define BLOB_NAME_START BLOB_LENGTH_START+BLOB_LENGTH_LEN
-#define BLOB_NAME_LEN 1+ROUNDDIV(SHA1_LENGTH,3)*4+1
-#define BLOB_BUF_LEN BLOB_HEAD_LEN+BLOB_LENGTH_LEN+BLOB_NAME_LEN
-
-/* a Shim data structure. This data structure has a db built into it. */
-typedef struct DBSStr DBS;
-
-struct DBSStr {
- DB db;
- char *blobdir;
- int mode;
- PRBool readOnly;
- PRFileMap *dbs_mapfile;
- unsigned char *dbs_addr;
- PRUint32 dbs_len;
- char staticBlobArea[BLOB_BUF_LEN];
-};
-
-
-
-/*
- * return true if the Datablock contains a blobtype
- */
-static PRBool
-dbs_IsBlob(DBT *blobData)
-{
- unsigned char *addr = (unsigned char *)blobData->data;
- if (blobData->size < BLOB_BUF_LEN) {
- return PR_FALSE;
- }
- return addr && ((certDBEntryType) addr[1] == certDBEntryTypeBlob);
-}
-
-/*
- * extract the filename in the blob of the real data set.
- * This value is not malloced (does not need to be freed by the caller.
- */
-static const char *
-dbs_getBlobFileName(DBT *blobData)
-{
- char *addr = (char *)blobData->data;
-
- return &addr[BLOB_NAME_START];
-}
-
-/*
- * extract the size of the actual blob from the blob record
- */
-static PRUint32
-dbs_getBlobSize(DBT *blobData)
-{
- unsigned char *addr = (unsigned char *)blobData->data;
-
- return (PRUint32)(addr[BLOB_LENGTH_START+3] << 24) |
- (addr[BLOB_LENGTH_START+2] << 16) |
- (addr[BLOB_LENGTH_START+1] << 8) |
- addr[BLOB_LENGTH_START];
-}
-
-
-/* We are using base64 data for the filename, but base64 data can include a
- * '/' which is interpreted as a path separator on many platforms. Replace it
- * with an inocuous '-'. We don't need to convert back because we never actual
- * decode the filename.
- */
-
-static void
-dbs_replaceSlash(char *cp, int len)
-{
- while (len--) {
- if (*cp == '/') *cp = '-';
- cp++;
- }
-}
-
-/*
- * create a blob record from a key, data and return it in blobData.
- * NOTE: The data element is static data (keeping with the dbm model).
- */
-static void
-dbs_mkBlob(DBS *dbsp,const DBT *key, const DBT *data, DBT *blobData)
-{
- unsigned char sha1_data[SHA1_LENGTH];
- char *b = dbsp->staticBlobArea;
- PRUint32 length = data->size;
- SECItem sha1Item;
-
- b[0] = CERT_DB_FILE_VERSION; /* certdb version number */
- b[1] = (char) certDBEntryTypeBlob; /* type */
- b[2] = 0; /* flags */
- b[3] = 0; /* reserved */
- b[BLOB_LENGTH_START] = length & 0xff;
- b[BLOB_LENGTH_START+1] = (length >> 8) & 0xff;
- b[BLOB_LENGTH_START+2] = (length >> 16) & 0xff;
- b[BLOB_LENGTH_START+3] = (length >> 24) & 0xff;
- sha1Item.data = sha1_data;
- sha1Item.len = SHA1_LENGTH;
- SHA1_HashBuf(sha1_data,key->data,key->size);
- b[BLOB_NAME_START]='b'; /* Make sure we start with a alpha */
- NSSBase64_EncodeItem(NULL,&b[BLOB_NAME_START+1],BLOB_NAME_LEN-1,&sha1Item);
- b[BLOB_BUF_LEN-1] = 0;
- dbs_replaceSlash(&b[BLOB_NAME_START+1],BLOB_NAME_LEN-1);
- blobData->data = b;
- blobData->size = BLOB_BUF_LEN;
- return;
-}
-
-
-/*
- * construct a path to the actual blob. The string returned must be
- * freed by the caller with PR_smprintf_free.
- *
- * Note: this file does lots of consistancy checks on the DBT. The
- * routines that call this depend on these checks, so they don't worry
- * about them (success of this routine implies a good blobdata record).
- */
-static char *
-dbs_getBlobFilePath(char *blobdir,DBT *blobData)
-{
- const char *name;
-
- if (blobdir == NULL) {
- PR_SetError(SEC_ERROR_BAD_DATABASE,0);
- return NULL;
- }
- if (!dbs_IsBlob(blobData)) {
- PR_SetError(SEC_ERROR_BAD_DATABASE,0);
- return NULL;
- }
- name = dbs_getBlobFileName(blobData);
- if (!name || *name == 0) {
- PR_SetError(SEC_ERROR_BAD_DATABASE,0);
- return NULL;
- }
- return PR_smprintf("%s" PATH_SEPARATOR "%s", blobdir, name);
-}
-
-/*
- * Delete a blob file pointed to by the blob record.
- */
-static void
-dbs_removeBlob(DBS *dbsp, DBT *blobData)
-{
- char *file;
-
- file = dbs_getBlobFilePath(dbsp->blobdir, blobData);
- if (!file) {
- return;
- }
- PR_Delete(file);
- PR_smprintf_free(file);
-}
-
-/*
- * Directory modes are slightly different, the 'x' bit needs to be on to
- * access them. Copy all the read bits to 'x' bits
- */
-static int
-dbs_DirMode(int mode)
-{
- int x_bits = (mode >> 2) & 0111;
- return mode | x_bits;
-}
-
-/*
- * write a data blob to it's file. blobdData is the blob record that will be
- * stored in the database. data is the actual data to go out on disk.
- */
-static int
-dbs_writeBlob(DBS *dbsp, int mode, DBT *blobData, const DBT *data)
-{
- char *file = NULL;
- PRFileDesc *filed;
- PRStatus status;
- int len;
- int error = 0;
-
- file = dbs_getBlobFilePath(dbsp->blobdir, blobData);
- if (!file) {
- goto loser;
- }
- if (PR_Access(dbsp->blobdir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- status = PR_MkDir(dbsp->blobdir,dbs_DirMode(mode));
- if (status != PR_SUCCESS) {
- goto loser;
- }
- }
- filed = PR_OpenFile(file,PR_CREATE_FILE|PR_TRUNCATE|PR_WRONLY, mode);
- if (filed == NULL) {
- error = PR_GetError();
- goto loser;
- }
- len = PR_Write(filed,data->data,data->size);
- error = PR_GetError();
- PR_Close(filed);
- if (len < (int)data->size) {
- goto loser;
- }
- PR_smprintf_free(file);
- return 0;
-
-loser:
- if (file) {
- PR_Delete(file);
- PR_smprintf_free(file);
- }
- /* don't let close or delete reset the error */
- PR_SetError(error,0);
- return -1;
-}
-
-
-/*
- * we need to keep a address map in memory between calls to DBM.
- * remember what we have mapped can close it when we get another dbm
- * call.
- *
- * NOTE: Not all platforms support mapped files. This code is designed to
- * detect this at runtime. If map files aren't supported the OS will indicate
- * this by failing the PR_Memmap call. In this case we emulate mapped files
- * by just reading in the file into regular memory. We signal this state by
- * making dbs_mapfile NULL and dbs_addr non-NULL.
- */
-
-static void
-dbs_freemap(DBS *dbsp)
-{
- if (dbsp->dbs_mapfile) {
- PR_MemUnmap(dbsp->dbs_addr,dbsp->dbs_len);
- PR_CloseFileMap(dbsp->dbs_mapfile);
- dbsp->dbs_mapfile = NULL;
- dbsp->dbs_addr = NULL;
- dbsp->dbs_len = 0;
- } else if (dbsp->dbs_addr) {
- PORT_Free(dbsp->dbs_addr);
- dbsp->dbs_addr = NULL;
- dbsp->dbs_len = 0;
- }
- return;
-}
-
-static void
-dbs_setmap(DBS *dbsp, PRFileMap *mapfile, unsigned char *addr, PRUint32 len)
-{
- dbsp->dbs_mapfile = mapfile;
- dbsp->dbs_addr = addr;
- dbsp->dbs_len = len;
-}
-
-/*
- * platforms that cannot map the file need to read it into a temp buffer.
- */
-static unsigned char *
-dbs_EmulateMap(PRFileDesc *filed, int len)
-{
- unsigned char *addr;
- PRInt32 dataRead;
-
- addr = PORT_Alloc(len);
- if (addr == NULL) {
- return NULL;
- }
-
- dataRead = PR_Read(filed,addr,len);
- if (dataRead != len) {
- PORT_Free(addr);
- if (dataRead > 0) {
- /* PR_Read didn't set an error, we need to */
- PR_SetError(SEC_ERROR_BAD_DATABASE,0);
- }
- return NULL;
- }
-
- return addr;
-}
-
-
-/*
- * pull a database record off the disk
- * data points to the blob record on input and the real record (if we could
- * read it) on output. if there is an error data is not modified.
- */
-static int
-dbs_readBlob(DBS *dbsp, DBT *data)
-{
- char *file = NULL;
- PRFileDesc *filed = NULL;
- PRFileMap *mapfile = NULL;
- unsigned char *addr = NULL;
- int error;
- int len = -1;
-
- file = dbs_getBlobFilePath(dbsp->blobdir, data);
- if (!file) {
- goto loser;
- }
- filed = PR_OpenFile(file,PR_RDONLY,0);
- PR_smprintf_free(file); file = NULL;
- if (filed == NULL) {
- goto loser;
- }
-
- len = dbs_getBlobSize(data);
- mapfile = PR_CreateFileMap(filed, len, PR_PROT_READONLY);
- if (mapfile == NULL) {
- /* USE PR_GetError instead of PORT_GetError here
- * because we are getting the error from PR_xxx
- * function */
- if (PR_GetError() != PR_NOT_IMPLEMENTED_ERROR) {
- goto loser;
- }
- addr = dbs_EmulateMap(filed, len);
- } else {
- addr = PR_MemMap(mapfile, 0, len);
- }
- if (addr == NULL) {
- goto loser;
- }
- PR_Close(filed);
- dbs_setmap(dbsp,mapfile,addr,len);
-
- data->data = addr;
- data->size = len;
- return 0;
-
-loser:
- /* preserve the error code */
- error = PR_GetError();
- if (addr) {
- if (mapfile) {
- PORT_Assert(len != -1);
- PR_MemUnmap(addr,len);
- } else {
- PORT_Free(addr);
- }
- }
- if (mapfile) {
- PR_CloseFileMap(mapfile);
- }
- if (filed) {
- PR_Close(filed);
- }
- PR_SetError(error,0);
- return -1;
-}
-
-/*
- * actual DBM shims
- */
-static int
-dbs_get(const DB *dbs, const DBT *key, DBT *data, unsigned int flags)
-{
- int ret;
- DBS *dbsp = (DBS *)dbs;
- DB *db = (DB *)dbs->internal;
-
-
- dbs_freemap(dbsp);
-
- ret = (* db->get)(db, key, data, flags);
- if ((ret == 0) && dbs_IsBlob(data)) {
- ret = dbs_readBlob(dbsp,data);
- }
-
- return(ret);
-}
-
-static int
-dbs_put(const DB *dbs, DBT *key, const DBT *data, unsigned int flags)
-{
- DBT blob;
- int ret = 0;
- DBS *dbsp = (DBS *)dbs;
- DB *db = (DB *)dbs->internal;
-
- dbs_freemap(dbsp);
-
- /* If the db is readonly, just pass the data down to rdb and let it fail */
- if (!dbsp->readOnly) {
- DBT oldData;
- int ret1;
-
- /* make sure the current record is deleted if it's a blob */
- ret1 = (*db->get)(db,key,&oldData,0);
- if ((ret1 == 0) && flags == R_NOOVERWRITE) {
- /* let DBM return the error to maintain consistancy */
- return (* db->put)(db, key, data, flags);
- }
- if ((ret1 == 0) && dbs_IsBlob(&oldData)) {
- dbs_removeBlob(dbsp, &oldData);
- }
-
- if (data->size > DBS_MAX_ENTRY_SIZE) {
- dbs_mkBlob(dbsp,key,data,&blob);
- ret = dbs_writeBlob(dbsp, dbsp->mode, &blob, data);
- data = &blob;
- }
- }
-
- if (ret == 0) {
- ret = (* db->put)(db, key, data, flags);
- }
- return(ret);
-}
-
-static int
-dbs_sync(const DB *dbs, unsigned int flags)
-{
- DB *db = (DB *)dbs->internal;
- DBS *dbsp = (DBS *)dbs;
-
- dbs_freemap(dbsp);
-
- return (* db->sync)(db, flags);
-}
-
-static int
-dbs_del(const DB *dbs, const DBT *key, unsigned int flags)
-{
- int ret;
- DBS *dbsp = (DBS *)dbs;
- DB *db = (DB *)dbs->internal;
-
- dbs_freemap(dbsp);
-
- if (!dbsp->readOnly) {
- DBT oldData;
- ret = (*db->get)(db,key,&oldData,0);
- if ((ret == 0) && dbs_IsBlob(&oldData)) {
- dbs_removeBlob(dbsp,&oldData);
- }
- }
-
- return (* db->del)(db, key, flags);
-}
-
-static int
-dbs_seq(const DB *dbs, DBT *key, DBT *data, unsigned int flags)
-{
- int ret;
- DBS *dbsp = (DBS *)dbs;
- DB *db = (DB *)dbs->internal;
-
- dbs_freemap(dbsp);
-
- ret = (* db->seq)(db, key, data, flags);
- if ((ret == 0) && dbs_IsBlob(data)) {
- /* don't return a blob read as an error so traversals keep going */
- (void) dbs_readBlob(dbsp,data);
- }
-
- return(ret);
-}
-
-static int
-dbs_close(DB *dbs)
-{
- DBS *dbsp = (DBS *)dbs;
- DB *db = (DB *)dbs->internal;
- int ret;
-
- dbs_freemap(dbsp);
- ret = (* db->close)(db);
- PORT_Free(dbsp->blobdir);
- PORT_Free(dbsp);
- return ret;
-}
-
-static int
-dbs_fd(const DB *dbs)
-{
- DB *db = (DB *)dbs->internal;
-
- return (* db->fd)(db);
-}
-
-/*
- * the naming convention we use is
- * change the .xxx into .dir. (for nss it's always .db);
- * if no .extension exists or is equal to .dir, add a .dir
- * the returned data must be freed.
- */
-#define DIRSUFFIX ".dir"
-static char *
-dbs_mkBlobDirName(const char *dbname)
-{
- int dbname_len = PORT_Strlen(dbname);
- int dbname_end = dbname_len;
- const char *cp;
- char *blobDir = NULL;
-
- /* scan back from the end looking for either a directory separator, a '.',
- * or the end of the string. NOTE: Windows should check for both separators
- * here. For now this is safe because we know NSS always uses a '.'
- */
- for (cp = &dbname[dbname_len];
- (cp > dbname) && (*cp != '.') && (*cp != *PATH_SEPARATOR) ;
- cp--)
- /* Empty */ ;
- if (*cp == '.') {
- dbname_end = cp - dbname;
- if (PORT_Strcmp(cp,DIRSUFFIX) == 0) {
- dbname_end = dbname_len;
- }
- }
- blobDir = PORT_ZAlloc(dbname_end+sizeof(DIRSUFFIX));
- if (blobDir == NULL) {
- return NULL;
- }
- PORT_Memcpy(blobDir,dbname,dbname_end);
- PORT_Memcpy(&blobDir[dbname_end],DIRSUFFIX,sizeof(DIRSUFFIX));
- return blobDir;
-}
-
-#define DBM_DEFAULT 0
-static const HASHINFO dbs_hashInfo = {
- DBS_BLOCK_SIZE, /* bucket size, must be greater than = to
- * or maximum entry size (+ header)
- * we allow before blobing */
- DBM_DEFAULT, /* Fill Factor */
- DBM_DEFAULT, /* number of elements */
- DBS_CACHE_SIZE, /* cache size */
- DBM_DEFAULT, /* hash function */
- DBM_DEFAULT, /* byte order */
-};
-
-/*
- * the open function. NOTE: this is the only exposed function in this file.
- * everything else is called through the function table pointer.
- */
-DB *
-dbsopen(const char *dbname, int flags, int mode, DBTYPE type,
- const void *userData)
-{
- DB *db = NULL,*dbs = NULL;
- DBS *dbsp = NULL;
-
- /* NOTE: we are overriding userData with dbs_hashInfo. since all known
- * callers pass 0, this is ok, otherwise we should merge the two */
-
- dbsp = (DBS *)PORT_ZAlloc(sizeof(DBS));
- if (!dbsp) {
- return NULL;
- }
- dbs = &dbsp->db;
-
- dbsp->blobdir=dbs_mkBlobDirName(dbname);
- if (dbsp->blobdir == NULL) {
- goto loser;
- }
- dbsp->mode = mode;
- dbsp->readOnly = (PRBool)(flags == NO_RDONLY);
- dbsp->dbs_mapfile = NULL;
- dbsp->dbs_addr = NULL;
- dbsp->dbs_len = 0;
-
- /* the real dbm call */
- db = dbopen(dbname, flags, mode, type, &dbs_hashInfo);
- if (db == NULL) {
- goto loser;
- }
- dbs->internal = (void *) db;
- dbs->type = type;
- dbs->close = dbs_close;
- dbs->get = dbs_get;
- dbs->del = dbs_del;
- dbs->put = dbs_put;
- dbs->seq = dbs_seq;
- dbs->sync = dbs_sync;
- dbs->fd = dbs_fd;
-
- return dbs;
-loser:
- if (db) {
- (*db->close)(db);
- }
- if (dbsp && dbsp->blobdir) {
- PORT_Free(dbsp->blobdir);
- }
- if (dbsp) {
- PORT_Free(dbsp);
- }
- return NULL;
-}
diff --git a/security/nss/lib/softoken/ecdecode.c b/security/nss/lib/softoken/ecdecode.c
deleted file mode 100644
index a981241f7..000000000
--- a/security/nss/lib/softoken/ecdecode.c
+++ /dev/null
@@ -1,1607 +0,0 @@
-/*
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Elliptic Curve Cryptography library.
- *
- * The Initial Developer of the Original Code is Sun Microsystems, Inc.
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- */
-
-#ifdef NSS_ENABLE_ECC
-
-#include "blapi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "ec.h"
-
-#define CHECK_OK(func) if (func == NULL) goto cleanup;
-
-/* Initializes a SECItem from a hexadecimal string */
-static SECItem *
-hexString2SECItem(PRArenaPool *arena, SECItem *item, const char *str)
-{
- int i = 0;
- int byteval = 0;
- int tmp = PORT_Strlen(str);
-
- if ((tmp % 2) != 0) return NULL;
-
- item->data = (unsigned char *) PORT_ArenaZAlloc(arena, tmp/2);
- if (item->data == NULL) return NULL;
- item->len = tmp/2;
-
- while (str[i]) {
- if ((str[i] >= '0') && (str[i] <= '9'))
- tmp = str[i] - '0';
- else if ((str[i] >= 'a') && (str[i] <= 'f'))
- tmp = str[i] - 'a' + 10;
- else if ((str[i] >= 'A') && (str[i] <= 'F'))
- tmp = str[i] - 'A' + 10;
- else
- return NULL;
-
- byteval = byteval * 16 + tmp;
- if ((i % 2) != 0) {
- item->data[i/2] = byteval;
- byteval = 0;
- }
- i++;
- }
-
- return item;
-}
-
-SECStatus
-EC_FillParams(PRArenaPool *arena, const SECItem *encodedParams,
- ECParams *params)
-{
- SECOidTag tag;
- SECItem oid = { siBuffer, NULL, 0};
-
-#if EC_DEBUG
- int i;
-
- printf("Encoded params in EC_DecodeParams: ");
- for (i = 0; i < encodedParams->len; i++) {
- printf("%02x:", encodedParams->data[i]);
- }
- printf("\n");
-#endif
-
- if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) &&
- (encodedParams->len != SECG_CURVE_OID_TOTAL_LEN)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
- return SECFailure;
- };
-
- oid.len = encodedParams->len - 2;
- oid.data = encodedParams->data + 2;
- if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) ||
- ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
- return SECFailure;
- }
-
- params->arena = arena;
- params->cofactor = 0;
- params->type = ec_params_named;
-
-#if EC_DEBUG
- printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag));
-#endif
-
- switch (tag) {
- case SEC_OID_ANSIX962_EC_C2PNB163V1:
- /* Populate params for c2pnb163v1 */
- params->fieldID.size = 163;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "0000000107"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "072546B5435234A422E0789675F432C8" \
- "9435DE5242"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "00C9517D06D5240D3CFF38C74B20B6CD" \
- "4D6F9DD4D9"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "07AF69989546103D79329FCC3D74880F" \
- "33BBE803CB" \
- "01EC23211B5966ADEA1D3F87F7EA5848" \
- "AEF0B7CA9F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0400000000000000000001E60FC8821C" \
- "C74DAEAFC1"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB163V2:
- /* Populate params for c2pnb163v2 */
- params->fieldID.size = 163;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "0000000107"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "0108B39E77C4B108BED981ED0E890E11" \
- "7C511CF072"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0667ACEB38AF4E488C407433FFAE4F1C" \
- "811638DF20"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0024266E4EB5106D0A964D92C4860E26" \
- "71DB9B6CC5" \
- "079F684DDF6684C5CD258B3890021B23" \
- "86DFD19FC5"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "03FFFFFFFFFFFFFFFFFFFDF64DE1151A" \
- "DBB78F10A7"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB163V3:
- /* Populate params for c2pnb163v3 */
- params->fieldID.size = 163;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "0000000107"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "07A526C63D3E25A256A007699F5447E3" \
- "2AE456B50E"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "03F7061798EB99E238FD6F1BF95B48FE" \
- "EB4854252B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "02F9F87B7C574D0BDECF8A22E6524775" \
- "F98CDEBDCB" \
- "05B935590C155E17EA48EB3FF3718B89" \
- "3DF59A05D0"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "03FFFFFFFFFFFFFFFFFFFE1AEE140F11" \
- "0AFF961309"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB176V1:
- /* Populate params for c2pnb176v1 */
- params->fieldID.size = 176;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "01000000000000000000000000000000" \
- "00080000000007"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "E4E6DB2995065C407D9D39B8D0967B96" \
- "704BA8E9C90B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "5DDA470ABE6414DE8EC133AE28E9BBD7" \
- "FCEC0AE0FFF2"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "8D16C2866798B600F9F08BB4A8E860F3" \
- "298CE04A5798" \
- "6FA4539C2DADDDD6BAB5167D61B436E1" \
- "D92BB16A562C"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "00010092537397ECA4F6145799D62B0A" \
- "19CE06FE26AD"));
- params->cofactor = 0xFF6E;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB191V1:
- /* Populate params for c2tnb191v1 */
- params->fieldID.size = 191;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "0000000000000201"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "2866537B676752636A68F56554E12640" \
- "276B649EF7526267"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "2E45EF571F00786F67B0081B9495A3D9" \
- "5462F5DE0AA185EC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "36B3DAF8A23206F9C4F299D7B21A9C36" \
- "9137F2C84AE1AA0D" \
- "765BE73433B3F95E332932E70EA245CA" \
- "2418EA0EF98018FB"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "40000000000000000000000004A20E90" \
- "C39067C893BBB9A5"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB191V2:
- /* Populate params for c2tnb191v2 */
- params->fieldID.size = 191;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "0000000000000201"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "401028774D7777C7B7666D1366EA4320" \
- "71274F89FF01E718"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0620048D28BCBD03B6249C99182B7C8C" \
- "D19700C362C46A01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "3809B2B7CC1B28CC5A87926AAD83FD28" \
- "789E81E2C9E3BF10" \
- "17434386626D14F3DBF01760D9213A3E" \
- "1CF37AEC437D668A"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "20000000000000000000000050508CB8" \
- "9F652824E06B8173"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB191V3:
- /* Populate params for c2tnb191v3 */
- params->fieldID.size = 191;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "0000000000000201"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "6C01074756099122221056911C77D77E" \
- "77A777E7E7E77FCB"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "71FE1AF926CF847989EFEF8DB459F663" \
- "94D90F32AD3F15E8"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "375D4CE24FDE434489DE8746E7178601" \
- "5009E66E38A926DD" \
- "545A39176196575D985999366E6AD34C" \
- "E0A77CD7127B06BE"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "155555555555555555555555610C0B19" \
- "6812BFB6288A3EA3"));
- params->cofactor = 6;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB208W1:
- /* Populate params for c2pnb208w1 */
- params->fieldID.size = 208;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "01000000000000000000000000000000" \
- "0800000000000000000007"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "C8619ED45A62E6212E1160349E2BFA84" \
- "4439FAFC2A3FD1638F9E"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "89FDFBE4ABE193DF9559ECF07AC0CE78" \
- "554E2784EB8C1ED1A57A" \
- "0F55B51A06E78E9AC38A035FF520D8B0" \
- "1781BEB1A6BB08617DE3"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "000101BAF95C9723C57B6C21DA2EFF2D" \
- "5ED588BDD5717E212F9D"));
- params->cofactor = 0xFE48;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB239V1:
- /* Populate params for c2tnb239v1 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "0000000000000000001000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "32010857077C5431123A46B808906756" \
- "F543423E8D27877578125778AC76"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "790408F2EEDAF392B012EDEFB3392F30" \
- "F4327C0CA3F31FC383C422AA8C16"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "57927098FA932E7C0A96D3FD5B706EF7" \
- "E5F5C156E16B7E7C86038552E91D" \
- "61D8EE5077C33FECF6F1A16B268DE469" \
- "C3C7744EA9A971649FC7A9616305"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "2000000000000000000000000000000F" \
- "4D42FFE1492A4993F1CAD666E447"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB239V2:
- /* Populate params for c2tnb239v2 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "0000000000000000001000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "4230017757A767FAE42398569B746325" \
- "D45313AF0766266479B75654E65F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "5037EA654196CFF0CD82B2C14A2FCF2E" \
- "3FF8775285B545722F03EACDB74B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "28F9D04E900069C8DC47A08534FE76D2" \
- "B900B7D7EF31F5709F200C4CA205" \
- "5667334C45AFF3B5A03BAD9DD75E2C71" \
- "A99362567D5453F7FA6E227EC833"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "1555555555555555555555555555553C" \
- "6F2885259C31E3FCDF154624522D"));
- params->cofactor = 6;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB239V3:
- /* Populate params for c2tnb239v3 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "0000000000000000001000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01238774666A67766D6676F778E676B6" \
- "6999176666E687666D8766C66A9F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "6A941977BA9F6A435199ACFC51067ED5" \
- "87F519C5ECB541B8E44111DE1D40"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "70F6E9D04D289C4E89913CE3530BFDE9" \
- "03977D42B146D539BF1BDE4E9C92" \
- "2E5A0EAF6E5E1305B9004DCE5C0ED7FE" \
- "59A35608F33837C816D80B79F461"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC" \
- "4912D2D9DF903EF9888B8A0E4CFF"));
- params->cofactor = 0x0A;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB272W1:
- /* Populate params for c2pnb272w1 */
- params->fieldID.size = 272;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "01000000000000000000000000000000" \
- "00000000000000000000000100000000" \
- "00000B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "91A091F03B5FBA4AB2CCF49C4EDD220F" \
- "B028712D42BE752B2C40094DBACDB586" \
- "FB20"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "7167EFC92BB2E3CE7C8AAAFF34E12A9C" \
- "557003D7C73A6FAF003F99F6CC8482E5" \
- "40F7"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "6108BABB2CEEBCF787058A056CBE0CFE" \
- "622D7723A289E08A07AE13EF0D10D171" \
- "DD8D" \
- "10C7695716851EEF6BA7F6872E6142FB" \
- "D241B830FF5EFCACECCAB05E02005DDE" \
- "9D23"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "000100FAF51354E0E39E4892DF6E319C" \
- "72C8161603FA45AA7B998A167B8F1E62" \
- "9521"));
- params->cofactor = 0xFF06;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB304W1:
- /* Populate params for c2pnb304w1 */
- params->fieldID.size = 304;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "01000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000807"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FD0D693149A118F651E6DCE680208537" \
- "7E5F882D1B510B44160074C128807836" \
- "5A0396C8E681"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "BDDB97E555A50A908E43B01C798EA5DA" \
- "A6788F1EA2794EFCF57166B8C1403960" \
- "1E55827340BE"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "197B07845E9BE2D96ADB0F5F3C7F2CFF" \
- "BD7A3EB8B6FEC35C7FD67F26DDF6285A" \
- "644F740A2614" \
- "E19FBEB76E0DA171517ECF401B50289B" \
- "F014103288527A9B416A105E80260B54" \
- "9FDC1B92C03B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "000101D556572AABAC800101D556572A" \
- "ABAC8001022D5C91DD173F8FB561DA68" \
- "99164443051D"));
- params->cofactor = 0xFE2E;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB359V1:
- /* Populate params for c2tnb359v1 */
- params->fieldID.size = 359;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000100000000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "5667676A654B20754F356EA92017D946" \
- "567C46675556F19556A04616B567D223" \
- "A5E05656FB549016A96656A557"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "2472E2D0197C49363F1FE7F5B6DB075D" \
- "52B6947D135D8CA445805D39BC345626" \
- "089687742B6329E70680231988"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "3C258EF3047767E7EDE0F1FDAA79DAEE" \
- "3841366A132E163ACED4ED2401DF9C6B" \
- "DCDE98E8E707C07A2239B1B097" \
- "53D7E08529547048121E9C95F3791DD8" \
- "04963948F34FAE7BF44EA82365DC7868" \
- "FE57E4AE2DE211305A407104BD"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "01AF286BCA1AF286BCA1AF286BCA1AF2" \
- "86BCA1AF286BC9FB8F6B85C556892C20" \
- "A7EB964FE7719E74F490758D3B"));
- params->cofactor = 0x4C;
- break;
-
- case SEC_OID_ANSIX962_EC_C2PNB368W1:
- /* Populate params for c2pnb368w1 */
- params->fieldID.size = 368;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "01000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "000000002000000000000000000007"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "E0D2EE25095206F5E2A4F9ED229F1F25" \
- "6E79A0E2B455970D8D0D865BD94778C5" \
- "76D62F0AB7519CCD2A1A906AE30D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "FC1217D4320A90452C760A58EDCD30C8" \
- "DD069B3C34453837A34ED50CB54917E1" \
- "C2112D84D164F444F8F74786046A"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "1085E2755381DCCCE3C1557AFA10C2F0" \
- "C0C2825646C5B34A394CBCFA8BC16B22" \
- "E7E789E927BE216F02E1FB136A5F" \
- "7B3EB1BDDCBA62D5D8B2059B525797FC" \
- "73822C59059C623A45FF3843CEE8F87C" \
- "D1855ADAA81E2A0750B80FDA2310"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "00010090512DA9AF72B08349D98A5DD4" \
- "C7B0532ECA51CE03E2D10F3B7AC579BD" \
- "87E909AE40A6F131E9CFCE5BD967"));
- params->cofactor = 0xFF70;
- break;
-
- case SEC_OID_ANSIX962_EC_C2TNB431R1:
- /* Populate params for c2tnb431r1 */
- params->fieldID.size = 431;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000001000000000000000000" \
- "000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "1A827EF00DD6FC0E234CAF046C6A5D8A" \
- "85395B236CC4AD2CF32A0CADBDC9DDF6" \
- "20B0EB9906D0957F6C6FEACD615468DF" \
- "104DE296CD8F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "10D9B4A3D9047D8B154359ABFB1B7F54" \
- "85B04CEB868237DDC9DEDA982A679A5A" \
- "919B626D4E50A8DD731B107A9962381F" \
- "B5D807BF2618"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "120FC05D3C67A99DE161D2F4092622FE" \
- "CA701BE4F50F4758714E8A87BBF2A658" \
- "EF8C21E7C5EFE965361F6C2999C0C247" \
- "B0DBD70CE6B7" \
- "20D0AF8903A96F8D5FA2C255745D3C45" \
- "1B302C9346D9B7E485E7BCE41F6B591F" \
- "3E8F6ADDCBB0BC4C2F947A7DE1A89B62" \
- "5D6A598B3760"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "03403403403403403403403403403403" \
- "40340340340340340340340323C313FA" \
- "B50589703B5EC68D3587FEC60D161CC1" \
- "49C1AD4A91"));
- params->cofactor = 0x2760;
- break;
-
- case SEC_OID_SECG_EC_SECT113R1:
- /* Populate params for sect113r1 */
- params->fieldID.size = 113;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "020000000000000000000000000201"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "003088250CA6E7C7FE649CE85820F7"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "00E8BEE4D3E2260744188BE0E9C723"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "009D73616F35F4AB1407D73562C10F" \
- "00A52830277958EE84D1315ED31886"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0100000000000000D9CCEC8A39E56F"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT113R2:
- /* Populate params for sect113r2 */
- params->fieldID.size = 113;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "020000000000000000000000000201"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00689918DBEC7E5A0DD6DFC0AA55C7"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0095E9A9EC9B297BD4BF36E059184F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "01A57A6A7B26CA5EF52FCDB8164797" \
- "00B3ADC94ED1FE674C06E695BABA1D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "010000000000000108789B2496AF93"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT131R1:
- /* Populate params for sect131r1 */
- params->fieldID.size = 131;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000001" \
- "0D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "07A11B09A76B562144418FF3FF8C2570" \
- "B8"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0217C05610884B63B9C6C7291678F9D3" \
- "41"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0081BAF91FDF9833C40F9C1813436383" \
- "99" \
- "078C6E7EA38C001F73C8134B1B4EF9E1" \
- "50"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0400000000000000023123953A9464B5" \
- "4D"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT131R2:
- /* Populate params for sect131r2 */
- params->fieldID.size = 131;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000001" \
- "0D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "03E5A88919D7CAFCBF415F07C2176573" \
- "B2"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "04B8266A46C55657AC734CE38F018F21" \
- "92"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0356DCD8F2F95031AD652D23951BB366" \
- "A8" \
- "0648F06D867940A5366D9E265DE9EB24" \
- "0F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0400000000000000016954A233049BA9" \
- "8F"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT163K1:
- /* Populate params for sect163k1
- * (the NIST K-163 curve)
- */
- params->fieldID.size = 163;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000C9"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "02FE13C0537BBC11ACAA07D793DE4E6D" \
- "5E5C94EEE8" \
- "0289070FB05D38FF58321F2E800536D5" \
- "38CCDAA3D9"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "04000000000000000000020108A2E0CC" \
- "0D99F8A5EF"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT163R1:
- /* Populate params for sect163r1 */
- params->fieldID.size = 163;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000C9"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "07B6882CAAEFA84F9554FF8428BD88E2" \
- "46D2782AE2"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0713612DCDDCB40AAB946BDA29CA91F7" \
- "3AF958AFD9"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0369979697AB43897789566789567F78" \
- "7A7876A654" \
- "00435EDB42EFAFB2989D51FEFCE3C809" \
- "88F41FF883"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "03FFFFFFFFFFFFFFFFFFFF48AAB689C2" \
- "9CA710279B"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT163R2:
- /* Populate params for sect163r2
- * (the NIST B-163 curve)
- */
- params->fieldID.size = 163;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000C9"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "020A601907B8C953CA1481EB10512F78" \
- "744A3205FD"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "03F0EBA16286A2D57EA0991168D49946" \
- "37E8343E36" \
- "00D51FBC6C71A0094FA2CDD545B11C5C" \
- "0C797324F1"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "040000000000000000000292FE77E70C" \
- "12A4234C33"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT193R1:
- /* Populate params for sect193r1 */
- params->fieldID.size = 193;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "02000000000000000000000000000000" \
- "000000000000008001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "0017858FEB7A98975169E171F77B4087" \
- "DE098AC8A911DF7B01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "00FDFB49BFE6C3A89FACADAA7A1E5BBC" \
- "7CC1C2E5D831478814"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "01F481BC5F0FF84A74AD6CDF6FDEF4BF" \
- "6179625372D8C0C5E1" \
- "0025E399F2903712CCF3EA9E3A1AD17F" \
- "B0B3201B6AF7CE1B05"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "01000000000000000000000000C7F34A" \
- "778F443ACC920EBA49"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT193R2:
- /* Populate params for sect193r2 */
- params->fieldID.size = 193;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "02000000000000000000000000000000" \
- "000000000000008001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "0163F35A5137C2CE3EA6ED8667190B0B" \
- "C43ECD69977702709B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "00C9BB9E8927D4D64C377E2AB2856A5B" \
- "16E3EFB7F61D4316AE"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "00D9B67D192E0367C803F39E1A7E82CA1" \
- "4A651350AAE617E8F" \
- "01CE94335607C304AC29E7DEFBD9CA01" \
- "F596F927224CDECF6C"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "010000000000000000000000015AAB56" \
- "1B005413CCD4EE99D5"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT233K1:
- /* Populate params for sect233k1
- * (the NIST K-233 curve)
- */
- params->fieldID.size = 233;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "02000000000000000000000000000000" \
- "0000000004000000000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "017232BA853A7E731AF129F22FF41495" \
- "63A419C26BF50A4C9D6EEFAD6126" \
- "01DB537DECE819B7F70F555A67C427A8" \
- "CD9BF18AEB9B56E0C11056FAE6A3"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "00800000000000000000000000000006" \
- "9D5BB915BCD46EFB1AD5F173ABDF"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECT233R1:
- /* Populate params for sect233r1
- * (the NIST B-233 curve)
- */
- params->fieldID.size = 233;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "02000000000000000000000000000000" \
- "0000000004000000000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00000000000000000000000000000000" \
- "0000000000000000000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0066647EDE6C332C7F8C0923BB58213B" \
- "333B20E9CE4281FE115F7D8F90AD"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "00FAC9DFCBAC8313BB2139F1BB755FEF" \
- "65BC391F8B36F8F8EB7371FD558B" \
- "01006A08A41903350678E58528BEBF8A" \
- "0BEFF867A7CA36716F7E01F81052"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "01000000000000000000000000000013" \
- "E974E72F8A6922031D2603CFE0D7"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT239K1:
- /* Populate params for sect239k1 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "80000000000000000000400000000000" \
- "0000000000000000000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "29A0B6A887A983E9730988A68727A8B2" \
- "D126C44CC2CC7B2A6555193035DC" \
- "76310804F12E549BDB011C103089E735" \
- "10ACB275FC312A5DC6B76553F0CA"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "2000000000000000000000000000005A" \
- "79FEC67CB6E91F1C1DA800E478A5"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECT283K1:
- /* Populate params for sect283k1
- * (the NIST K-283 curve)
- */
- params->fieldID.size = 283;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "000010A1"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0503213F78CA44883F1A3B8162F188E5" \
- "53CD265F23C1567A16876913B0C2AC24" \
- "58492836" \
- "01CCDA380F1C9E318D90F95D07E5426F" \
- "E87E45C0E8184698E45962364E341161" \
- "77DD2259"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFE9AE2ED07577265DFF7F94451E06" \
- "1E163C61"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECT283R1:
- /* Populate params for sect283r1
- * (the NIST B-283 curve)
- */
- params->fieldID.size = 283;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "000010A1"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "027B680AC8B8596DA5A4AF8A19A0303F" \
- "CA97FD7645309FA2A581485AF6263E31" \
- "3B79A2F5"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "05F939258DB7DD90E1934F8C70B0DFEC" \
- "2EED25B8557EAC9C80E2E198F8CDBECD" \
- "86B12053" \
- "03676854FE24141CB98FE6D4B20D02B4" \
- "516FF702350EDDB0826779C813F0DF45" \
- "BE8112F4"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFEF90399660FC938A90165B042A7C" \
- "EFADB307"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT409K1:
- /* Populate params for sect409k1
- * (the NIST K-409 curve)
- */
- params->fieldID.size = 409;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "02000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000000000080000000000000" \
- "00000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0060F05F658F49C1AD3AB1890F718421" \
- "0EFD0987E307C84C27ACCFB8F9F67CC2" \
- "C460189EB5AAAA62EE222EB1B35540CF" \
- "E9023746" \
- "01E369050B7C4E42ACBA1DACBF04299C" \
- "3460782F918EA427E6325165E9EA10E3" \
- "DA5F6C42E9C55215AA9CA27A5863EC48" \
- "D8E0286B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA" \
- "20400EC4557D5ED3E3E7CA5B4B5C83B8" \
- "E01E5FCF"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECT409R1:
- /* Populate params for sect409r1
- * (the NIST B-409 curve)
- */
- params->fieldID.size = 409;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "02000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000000000080000000000000" \
- "00000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0021A5C2C8EE9FEB5C4B9A753B7B476B" \
- "7FD6422EF1F3DD674761FA99D6AC27C8" \
- "A9A197B272822F6CD57A55AA4F50AE31" \
- "7B13545F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "015D4860D088DDB3496B0C6064756260" \
- "441CDE4AF1771D4DB01FFE5B34E59703" \
- "DC255A868A1180515603AEAB60794E54" \
- "BB7996A7" \
- "0061B1CFAB6BE5F32BBFA78324ED106A" \
- "7636B9C5A7BD198D0158AA4F5488D08F" \
- "38514F1FDF4B4F40D2181B3681C364BA" \
- "0273C706"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "01000000000000000000000000000000" \
- "0000000000000000000001E2AAD6A612" \
- "F33307BE5FA47C3C9E052F838164CD37" \
- "D9A21173"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_SECG_EC_SECT571K1:
- /* Populate params for sect571k1
- * (the NIST K-571 curve)
- */
- params->fieldID.size = 571;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "0000000000000425"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "026EB7A859923FBC82189631F8103FE4" \
- "AC9CA2970012D5D46024804801841CA4" \
- "4370958493B205E647DA304DB4CEB08C" \
- "BBD1BA39494776FB988B47174DCA88C7" \
- "E2945283A01C8972" \
- "0349DC807F4FBF374F4AEADE3BCA9531" \
- "4DD58CEC9F307A54FFC61EFC006D8A2C" \
- "9D4979C0AC44AEA74FBEBBB9F772AEDC" \
- "B620B01A7BA7AF1B320430C8591984F6" \
- "01CD4C143EF1C7A3"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "02000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000131850E1F19A63E4B391A8DB" \
- "917F4138B630D84BE5D639381E91DEB4" \
- "5CFE778F637C1001"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECT571R1:
- /* Populate params for sect571r1
- * (the NIST B-571 curve)
- */
- params->fieldID.size = 571;
- params->fieldID.type = ec_field_GF2m;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly,
- "08000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "00000000000000000000000000000000" \
- "0000000000000425"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "02F40E7E2221F295DE297117B7F3D62F" \
- "5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD" \
- "84FFABBD8EFA59332BE7AD6756A66E29" \
- "4AFD185A78FF12AA520E4DE739BACA0C" \
- "7FFEFF7F2955727A"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0303001D34B856296C16C0D40D3CD775" \
- "0A93D1D2955FA80AA5F40FC8DB7B2ABD" \
- "BDE53950F4C0D293CDD711A35B67FB14" \
- "99AE60038614F1394ABFA3B4C850D927" \
- "E1E7769C8EEC2D19" \
- "037BF27342DA639B6DCCFFFEB73D69D7" \
- "8C6C27A6009CBBCA1980F8533921E8A6" \
- "84423E43BAB08A576291AF8F461BB2A8" \
- "B3531D2F0485C19B16E2F1516E23DD3C" \
- "1A4827AF1B8AC15B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFE661CE18FF55987308059B18" \
- "6823851EC7DD9CA1161DE93D5174D66E" \
- "8382E9BB2FE84E47"));
- params->cofactor = 2;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME192V1:
- /* Populate params for prime192v1 aka secp192r1
- * (the NIST P-192 curve)
- */
- params->fieldID.size = 192;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "64210519E59C80E70FA7E9AB72243049" \
- "FEB8DEECC146B9B1"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "188DA80EB03090F67CBF20EB43A18800" \
- "F4FF0AFD82FF1012" \
- "07192B95FFC8DA78631011ED6B24CDD5" \
- "73F977A11E794811"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836" \
- "146BC9B1B4D22831"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME192V2:
- /* Populate params for prime192v2 */
- params->fieldID.size = 192;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "CC22D6DFB95C6B25E49C0D6364A4E598" \
- "0C393AA21668D953"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "EEA2BAE7E1497842F2DE7769CFE9C989" \
- "C072AD696F48034A" \
- "6574D11D69B6EC7A672BB82A083DF2F2" \
- "B0847DE970B2DE15"));
-
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724" \
- "DC80418648D8DD31"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME192V3:
- /* Populate params for prime192v3 */
- params->fieldID.size = 192;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "22123DC2395A05CAA7423DAECCC94760" \
- "A7D462256BD56916"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "7D29778100C65A1DA1783716588DCE2B" \
- "8B4AEE8E228F1896" \
- "38A90F22637337334B49DCB66A6DC8F9" \
- "978ACA7648A943B0"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031" \
- "C83F4294F640EC13"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME239V1:
- /* Populate params for prime239v1 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF" \
- "FFFF8000000000007FFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF" \
- "FFFF8000000000007FFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "6B016C3BDCF18941D0D654921475CA71" \
- "A9DB2FB27D1D37796185C2942C0A"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "0FFA963CDCA8816CCC33B8642BEDF905" \
- "C3D358573D3F27FBBD3B3CB9AAAF" \
- "7DEBE8E4E90A5DAE6E4054CA530BA046" \
- "54B36818CE226B39FCCB7B02F1AE"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E" \
- "5E9A9F5D9071FBD1522688909D0B"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME239V2:
- /* Populate params for prime239v2 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF" \
- "FFFF8000000000007FFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF" \
- "FFFF8000000000007FFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "617FAB6832576CBBFED50D99F0249C3F" \
- "EE58B94BA0038C7AE84C8C832F2C"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "38AF09D98727705120C921BB5E9E2629" \
- "6A3CDCF2F35757A0EAFD87B830E7" \
- "5B0125E4DBEA0EC7206DA0FC01D9B081" \
- "329FB555DE6EF460237DFF8BE4BA"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "7FFFFFFFFFFFFFFFFFFFFFFF800000CF" \
- "A7E8594377D414C03821BC582063"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME239V3:
- /* Populate params for prime239v3 */
- params->fieldID.size = 239;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF" \
- "FFFF8000000000007FFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF" \
- "FFFF8000000000007FFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "255705FA2A306654B1F4CB03D6A750A3" \
- "0C250102D4988717D9BA15AB6D3E"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "6768AE8E18BB92CFCF005C949AA2C6D9" \
- "4853D0E660BBF854B1C9505FE95A" \
- "1607E6898F390C06BC1D552BAD226F3B" \
- "6FCFE48B6E818499AF18E3ED6CF3"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF97" \
- "5DEB41B3A6057C3C432146526551"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_ANSIX962_EC_PRIME256V1:
- /* Populate params for prime256v1 aka secp256r1
- * (the NIST P-256 curve)
- */
- params->fieldID.size = 256;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFF000000010000000000000000" \
- "00000000FFFFFFFFFFFFFFFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFF000000010000000000000000" \
- "00000000FFFFFFFFFFFFFFFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "5AC635D8AA3A93E7B3EBBD55769886BC" \
- "651D06B0CC53B0F63BCE3C3E27D2604B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "6B17D1F2E12C4247F8BCE6E563A440F2" \
- "77037D812DEB33A0F4A13945D898C296" \
- "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" \
- "2BCE33576B315ECECBB6406837BF51F5"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFF00000000FFFFFFFFFFFFFFFF" \
- "BCE6FAADA7179E84F3B9CAC2FC632551"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP112R1:
- /* Populate params for secp112r1 */
- params->fieldID.size = 112;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "DB7C2ABF62E35E668076BEAD208B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "DB7C2ABF62E35E668076BEAD2088"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "659EF8BA043916EEDE8911702B22"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "09487239995A5EE76B55F9C2F098" \
- "A89CE5AF8724C0A23E0E0FF77500"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "DB7C2ABF62E35E7628DFAC6561C5"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP112R2:
- /* Populate params for secp112r2 */
- params->fieldID.size = 112;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "DB7C2ABF62E35E668076BEAD208B"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "6127C24C05F38A0AAAF65C0EF02C"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "51DEF1815DB5ED74FCC34C85D709"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "4BA30AB5E892B4E1649DD0928643" \
- "ADCD46F5882E3747DEF36E956E97"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "36DF0AAFD8B8D7597CA10520D04B"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECP128R1:
- /* Populate params for secp128r1 */
- params->fieldID.size = 128;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "E87579C11079F43DD824993C2CEE5ED3"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "161FF7528B899B2D0C28607CA52C5B86" \
- "CF5AC8395BAFEB13C02DA292DDED7A83"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFE0000000075A30D1B9038A115"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP128R2:
- /* Populate params for secp128r2 */
- params->fieldID.size = 128;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "D6031998D1B3BBFEBF59CC9BBFF9AEE1"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "5EEEFCA380D02919DC2C6558BB6D8A5D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "7B6AA5D85E572983E6FB32A7CDEBC140" \
- "27B6916A894D3AEE7106FE805FC34B44"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "3FFFFFFF7FFFFFFFBE0024720613B5A3"));
- params->cofactor = 4;
- break;
-
- case SEC_OID_SECG_EC_SECP160K1:
- /* Populate params for secp160k1 */
- params->fieldID.size = 160;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFAC73"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "07"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "3B4C382CE37AA192A4019E763036F4F5" \
- "DD4D7EBB" \
- "938CF935318FDCED6BC28286531733C3" \
- "F03C4FEE"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0100000000000000000001B8FA16DFAB" \
- "9ACA16B6B3"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP160R1:
- /* Populate params for secp160r1 */
- params->fieldID.size = 160;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "7FFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "7FFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "1C97BEFC54BD7A8B65ACF89F81D4D4AD" \
- "C565FA45"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "4A96B5688EF573284664698968C38BB9" \
- "13CBFC82" \
- "23A628553168947D59DCC91204235137" \
- "7AC5FB32"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0100000000000000000001F4C8F927AE" \
- "D3CA752257"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP160R2:
- /* Populate params for secp160r1 */
- params->fieldID.size = 160;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFAC73"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFAC70"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "B4E134D3FB59EB8BAB57274904664D5A" \
- "F50388BA"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "52DCB034293A117E1F4FF11B30F7199D" \
- "3144CE6D" \
- "FEAFFEF2E331F296E071FA0DF9982CFE" \
- "A7D43F2E"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "0100000000000000000000351EE786A8" \
- "18F3A1A16B"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP192K1:
- /* Populate params for secp192k1 */
- params->fieldID.size = 192;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFEFFFFEE37"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "03"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "DB4FF10EC057E9AE26B07D0280B7F434" \
- "1DA5D1B1EAE06C7D" \
- "9B2F2F6D9C5628A7844163D015BE8634" \
- "4082AA88D95E2F9D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC17" \
- "0F69466A74DEFD8D"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP224K1:
- /* Populate params for secp224k1 */
- params->fieldID.size = 224;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFEFFFFE56D"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "05"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "A1455B334DF099DF30FC28A169A467E9" \
- "E47075A90F7E650EB6B7A45C" \
- "7E089FED7FBA344282CAFBD6F7E319F7" \
- "C0B0BD59E2CA4BDB556D61A5"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "010000000000000000000000000001DC" \
- "E8D2EC6184CAF0A971769FB1F7"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP224R1:
- /* Populate params for secp224r1
- * (the NIST P-224 curve)
- */
- params->fieldID.size = 224;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "000000000000000000000001"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFFFFFFFFFFFFFFFFFE"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "B4050A850C04B3ABF54132565044B0B7" \
- "D7BFD8BA270B39432355FFB4"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "B70E0CBD6BB4BF7F321390B94A03C1D3" \
- "56C21122343280D6115C1D21" \
- "BD376388B5F723FB4C22DFE6CD4375A0" \
- "5A07476444D5819985007E34"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2" \
- "E0B8F03E13DD29455C5C2A3D"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP256K1:
- /* Populate params for secp256k1 */
- params->fieldID.size = 256;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "07"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "79BE667EF9DCBBAC55A06295CE870B07" \
- "029BFCDB2DCE28D959F2815B16F81798" \
- "483ADA7726A3C4655DA4FBFC0E1108A8" \
- "FD17B448A68554199C47D08FFB10D4B8"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "BAAEDCE6AF48A03BBFD25E8CD0364141"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP384R1:
- /* Populate params for secp384r1
- * (the NIST P-384 curve)
- */
- params->fieldID.size = 384;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFF0000000000000000FFFFFFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" \
- "FFFFFFFF0000000000000000FFFFFFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "B3312FA7E23EE7E4988E056BE3F82D19" \
- "181D9C6EFE8141120314088F5013875A" \
- "C656398D8A2ED19D2A85C8EDD3EC2AEF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "AA87CA22BE8B05378EB1C71EF320AD74" \
- "6E1D3B628BA79B9859F741E082542A38" \
- "5502F25DBF55296C3A545E3872760AB7" \
- "3617DE4A96262C6F5D9E98BF9292DC29" \
- "F8F41DBD289A147CE9DA3113B5F0B8C0" \
- "0A60B1CE1D7E819D7A431D7C90EA0E5F"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFC7634D81F4372DDF" \
- "581A0DB248B0A77AECEC196ACCC52973"));
- params->cofactor = 1;
- break;
-
- case SEC_OID_SECG_EC_SECP521R1:
- /* Populate params for secp521r1
- * (the NIST P-521 curve)
- */
- params->fieldID.size = 521;
- params->fieldID.type = ec_field_GFp;
- CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime,
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFF"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.a,
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFC"));
- CHECK_OK(hexString2SECItem(params->arena, &params->curve.b,
- "0051953EB9618E1C9A1F929A21A0B685" \
- "40EEA2DA725B99B315F3B8B489918EF1" \
- "09E156193951EC7E937B1652C0BD3BB1" \
- "BF073573DF883D2C34F1EF451FD46B50" \
- "3F00"));
- CHECK_OK(hexString2SECItem(params->arena, &params->base,
- "04" \
- "00C6858E06B70404E9CD9E3ECB662395" \
- "B4429C648139053FB521F828AF606B4D" \
- "3DBAA14B5E77EFE75928FE1DC127A2FF" \
- "A8DE3348B3C1856A429BF97E7E31C2E5" \
- "BD66" \
- "011839296A789A3BC0045C8A5FB42C7D" \
- "1BD998F54449579B446817AFBD17273E" \
- "662C97EE72995EF42640C550B9013FAD" \
- "0761353C7086A272C24088BE94769FD1" \
- "6650"));
- CHECK_OK(hexString2SECItem(params->arena, &params->order,
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
- "FFFA51868783BF2F966B7FCC0148F709" \
- "A5D03BB5C9B8899C47AEBB6FB71E9138" \
- "6409"));
- params->cofactor = 1;
- break;
-
- default:
- break;
- };
-
-cleanup:
- if (!params->cofactor) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
-#if EC_DEBUG
- printf("Unrecognized curve, returning NULL params\n");
-#endif
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams)
-{
- PRArenaPool *arena;
- ECParams *params;
- SECStatus rv = SECFailure;
-
- /* Initialize an arena for the ECParams structure */
- if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE)))
- return SECFailure;
-
- params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams));
- if (!params) {
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
-
- /* Copy the encoded params */
- SECITEM_AllocItem(arena, &(params->DEREncoding),
- encodedParams->len);
- memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len);
-
- /* Fill out the rest of the ECParams structure based on
- * the encoded params
- */
- rv = EC_FillParams(arena, encodedParams, params);
- if (rv == SECFailure) {
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- } else {
- *ecparams = params;;
- return SECSuccess;
- }
-}
-
-#endif /* NSS_ENABLE_ECC */
diff --git a/security/nss/lib/softoken/fipstest.c b/security/nss/lib/softoken/fipstest.c
deleted file mode 100644
index 8fe4f567e..000000000
--- a/security/nss/lib/softoken/fipstest.c
+++ /dev/null
@@ -1,1093 +0,0 @@
-/*
- * PKCS #11 FIPS Power-Up Self Test.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "softoken.h" /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB, */
- /* DES-CBC, DES3-ECB, DES3-CBC, RSA */
- /* and DSA. */
-#include "seccomon.h" /* Required for RSA and DSA. */
-#include "lowkeyi.h" /* Required for RSA and DSA. */
-#include "pkcs11.h" /* Required for PKCS #11. */
-#include "secerr.h"
-
-/* FIPS preprocessor directives for RC2-ECB and RC2-CBC. */
-#define FIPS_RC2_KEY_LENGTH 5 /* 40-bits */
-#define FIPS_RC2_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_RC2_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for RC4. */
-#define FIPS_RC4_KEY_LENGTH 5 /* 40-bits */
-#define FIPS_RC4_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_RC4_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for DES-ECB and DES-CBC. */
-#define FIPS_DES_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for DES3-CBC and DES3-ECB. */
-#define FIPS_DES3_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES3_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for MD2. */
-#define FIPS_MD2_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-
-/* FIPS preprocessor directives for MD5. */
-#define FIPS_MD5_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-
-/* FIPS preprocessor directives for SHA-1. */
-#define FIPS_SHA1_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-
-/* FIPS preprocessor directives for RSA. */
-#define FIPS_RSA_TYPE siBuffer
-#define FIPS_RSA_PUBLIC_EXPONENT_LENGTH 1 /* 8-bits */
-#define FIPS_RSA_PRIVATE_VERSION_LENGTH 1 /* 8-bits */
-#define FIPS_RSA_MESSAGE_LENGTH 16 /* 128-bits */
-#define FIPS_RSA_COEFFICIENT_LENGTH 32 /* 256-bits */
-#define FIPS_RSA_PRIME0_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_PRIME1_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_EXPONENT0_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_EXPONENT1_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_PRIVATE_EXPONENT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_ENCRYPT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_DECRYPT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_CRYPTO_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_SIGNATURE_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_MODULUS_LENGTH 65 /* 520-bits */
-
-
-/* FIPS preprocessor directives for DSA. */
-#define FIPS_DSA_TYPE siBuffer
-#define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
-#define FIPS_DSA_PRIME_LENGTH 64 /* 512-bits */
-#define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */
-
-static CK_RV
-pk11_fips_RC2_PowerUpSelfTest( void )
-{
- /* RC2 Known Key (40-bits). */
- static const PRUint8 rc2_known_key[] = { "RSARC" };
-
- /* RC2-CBC Known Initialization Vector (64-bits). */
- static const PRUint8 rc2_cbc_known_initialization_vector[] = {"Security"};
-
- /* RC2 Known Plaintext (64-bits). */
- static const PRUint8 rc2_ecb_known_plaintext[] = {"Netscape"};
- static const PRUint8 rc2_cbc_known_plaintext[] = {"Netscape"};
-
- /* RC2 Known Ciphertext (64-bits). */
- static const PRUint8 rc2_ecb_known_ciphertext[] = {
- 0x1a,0x71,0x33,0x54,0x8d,0x5c,0xd2,0x30};
- static const PRUint8 rc2_cbc_known_ciphertext[] = {
- 0xff,0x41,0xdb,0x94,0x8a,0x4c,0x33,0xb3};
-
- /* RC2 variables. */
- PRUint8 rc2_computed_ciphertext[FIPS_RC2_ENCRYPT_LENGTH];
- PRUint8 rc2_computed_plaintext[FIPS_RC2_DECRYPT_LENGTH];
- RC2Context * rc2_context;
- unsigned int rc2_bytes_encrypted;
- unsigned int rc2_bytes_decrypted;
- SECStatus rc2_status;
-
-
- /******************************************************/
- /* RC2-ECB Single-Round Known Answer Encryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- NULL, NSS_RC2,
- FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Encrypt( rc2_context, rc2_computed_ciphertext,
- &rc2_bytes_encrypted, FIPS_RC2_ENCRYPT_LENGTH,
- rc2_ecb_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_encrypted != FIPS_RC2_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_ciphertext, rc2_ecb_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* RC2-ECB Single-Round Known Answer Decryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- NULL, NSS_RC2,
- FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Decrypt( rc2_context, rc2_computed_plaintext,
- &rc2_bytes_decrypted, FIPS_RC2_DECRYPT_LENGTH,
- rc2_ecb_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_decrypted != FIPS_RC2_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_plaintext, rc2_ecb_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* RC2-CBC Single-Round Known Answer Encryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- rc2_cbc_known_initialization_vector,
- NSS_RC2_CBC, FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Encrypt( rc2_context, rc2_computed_ciphertext,
- &rc2_bytes_encrypted, FIPS_RC2_ENCRYPT_LENGTH,
- rc2_cbc_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_encrypted != FIPS_RC2_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_ciphertext, rc2_cbc_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* RC2-CBC Single-Round Known Answer Decryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- rc2_cbc_known_initialization_vector,
- NSS_RC2_CBC, FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Decrypt( rc2_context, rc2_computed_plaintext,
- &rc2_bytes_decrypted, FIPS_RC2_DECRYPT_LENGTH,
- rc2_cbc_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_decrypted != FIPS_RC2_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_plaintext, rc2_ecb_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_RC4_PowerUpSelfTest( void )
-{
- /* RC4 Known Key (40-bits). */
- static const PRUint8 rc4_known_key[] = { "RSARC" };
-
- /* RC4 Known Plaintext (64-bits). */
- static const PRUint8 rc4_known_plaintext[] = { "Netscape" };
-
- /* RC4 Known Ciphertext (64-bits). */
- static const PRUint8 rc4_known_ciphertext[] = {
- 0x29,0x33,0xc7,0x9a,0x9d,0x6c,0x09,0xdd};
-
- /* RC4 variables. */
- PRUint8 rc4_computed_ciphertext[FIPS_RC4_ENCRYPT_LENGTH];
- PRUint8 rc4_computed_plaintext[FIPS_RC4_DECRYPT_LENGTH];
- RC4Context * rc4_context;
- unsigned int rc4_bytes_encrypted;
- unsigned int rc4_bytes_decrypted;
- SECStatus rc4_status;
-
-
- /**************************************************/
- /* RC4 Single-Round Known Answer Encryption Test: */
- /**************************************************/
-
- rc4_context = RC4_CreateContext( rc4_known_key, FIPS_RC4_KEY_LENGTH );
-
- if( rc4_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc4_status = RC4_Encrypt( rc4_context, rc4_computed_ciphertext,
- &rc4_bytes_encrypted, FIPS_RC4_ENCRYPT_LENGTH,
- rc4_known_plaintext, FIPS_RC4_DECRYPT_LENGTH );
-
- RC4_DestroyContext( rc4_context, PR_TRUE );
-
- if( ( rc4_status != SECSuccess ) ||
- ( rc4_bytes_encrypted != FIPS_RC4_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc4_computed_ciphertext, rc4_known_ciphertext,
- FIPS_RC4_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /**************************************************/
- /* RC4 Single-Round Known Answer Decryption Test: */
- /**************************************************/
-
- rc4_context = RC4_CreateContext( rc4_known_key, FIPS_RC4_KEY_LENGTH );
-
- if( rc4_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc4_status = RC4_Decrypt( rc4_context, rc4_computed_plaintext,
- &rc4_bytes_decrypted, FIPS_RC4_DECRYPT_LENGTH,
- rc4_known_ciphertext, FIPS_RC4_ENCRYPT_LENGTH );
-
- RC4_DestroyContext( rc4_context, PR_TRUE );
-
- if( ( rc4_status != SECSuccess ) ||
- ( rc4_bytes_decrypted != FIPS_RC4_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc4_computed_plaintext, rc4_known_plaintext,
- FIPS_RC4_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_DES_PowerUpSelfTest( void )
-{
- /* DES Known Key (56-bits). */
- static const PRUint8 des_known_key[] = { "ANSI DES" };
-
- /* DES-CBC Known Initialization Vector (64-bits). */
- static const PRUint8 des_cbc_known_initialization_vector[] = { "Security" };
-
- /* DES Known Plaintext (64-bits). */
- static const PRUint8 des_ecb_known_plaintext[] = { "Netscape" };
- static const PRUint8 des_cbc_known_plaintext[] = { "Netscape" };
-
- /* DES Known Ciphertext (64-bits). */
- static const PRUint8 des_ecb_known_ciphertext[] = {
- 0x26,0x14,0xe9,0xc3,0x28,0x80,0x50,0xb0};
- static const PRUint8 des_cbc_known_ciphertext[] = {
- 0x5e,0x95,0x94,0x5d,0x76,0xa2,0xd3,0x7d};
-
- /* DES variables. */
- PRUint8 des_computed_ciphertext[FIPS_DES_ENCRYPT_LENGTH];
- PRUint8 des_computed_plaintext[FIPS_DES_DECRYPT_LENGTH];
- DESContext * des_context;
- unsigned int des_bytes_encrypted;
- unsigned int des_bytes_decrypted;
- SECStatus des_status;
-
-
- /******************************************************/
- /* DES-ECB Single-Round Known Answer Encryption Test: */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key, NULL, NSS_DES, PR_TRUE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Encrypt( des_context, des_computed_ciphertext,
- &des_bytes_encrypted, FIPS_DES_ENCRYPT_LENGTH,
- des_ecb_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_encrypted != FIPS_DES_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_ciphertext, des_ecb_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* DES-ECB Single-Round Known Answer Decryption Test: */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key, NULL, NSS_DES, PR_FALSE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Decrypt( des_context, des_computed_plaintext,
- &des_bytes_decrypted, FIPS_DES_DECRYPT_LENGTH,
- des_ecb_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_plaintext, des_ecb_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* DES-CBC Single-Round Known Answer Encryption Test. */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key,
- des_cbc_known_initialization_vector,
- NSS_DES_CBC, PR_TRUE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Encrypt( des_context, des_computed_ciphertext,
- &des_bytes_encrypted, FIPS_DES_ENCRYPT_LENGTH,
- des_cbc_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_encrypted != FIPS_DES_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_ciphertext, des_cbc_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* DES-CBC Single-Round Known Answer Decryption Test. */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key,
- des_cbc_known_initialization_vector,
- NSS_DES_CBC, PR_FALSE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Decrypt( des_context, des_computed_plaintext,
- &des_bytes_decrypted, FIPS_DES_DECRYPT_LENGTH,
- des_cbc_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_plaintext, des_cbc_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_DES3_PowerUpSelfTest( void )
-{
- /* DES3 Known Key (56-bits). */
- static const PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
-
- /* DES3-CBC Known Initialization Vector (64-bits). */
- static const PRUint8 des3_cbc_known_initialization_vector[] = { "Security" };
-
- /* DES3 Known Plaintext (64-bits). */
- static const PRUint8 des3_ecb_known_plaintext[] = { "Netscape" };
- static const PRUint8 des3_cbc_known_plaintext[] = { "Netscape" };
-
- /* DES3 Known Ciphertext (64-bits). */
- static const PRUint8 des3_ecb_known_ciphertext[] = {
- 0x55,0x8e,0xad,0x3c,0xee,0x49,0x69,0xbe};
- static const PRUint8 des3_cbc_known_ciphertext[] = {
- 0x43,0xdc,0x6a,0xc1,0xaf,0xa6,0x32,0xf5};
-
- /* DES3 variables. */
- PRUint8 des3_computed_ciphertext[FIPS_DES3_ENCRYPT_LENGTH];
- PRUint8 des3_computed_plaintext[FIPS_DES3_DECRYPT_LENGTH];
- DESContext * des3_context;
- unsigned int des3_bytes_encrypted;
- unsigned int des3_bytes_decrypted;
- SECStatus des3_status;
-
-
- /*******************************************************/
- /* DES3-ECB Single-Round Known Answer Encryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key, NULL,
- NSS_DES_EDE3, PR_TRUE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Encrypt( des3_context, des3_computed_ciphertext,
- &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
- des3_ecb_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_ciphertext, des3_ecb_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /*******************************************************/
- /* DES3-ECB Single-Round Known Answer Decryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key, NULL,
- NSS_DES_EDE3, PR_FALSE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Decrypt( des3_context, des3_computed_plaintext,
- &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
- des3_ecb_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_plaintext, des3_ecb_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /*******************************************************/
- /* DES3-CBC Single-Round Known Answer Encryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key,
- des3_cbc_known_initialization_vector,
- NSS_DES_EDE3_CBC, PR_TRUE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Encrypt( des3_context, des3_computed_ciphertext,
- &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
- des3_cbc_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_ciphertext, des3_cbc_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /*******************************************************/
- /* DES3-CBC Single-Round Known Answer Decryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key,
- des3_cbc_known_initialization_vector,
- NSS_DES_EDE3_CBC, PR_FALSE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Decrypt( des3_context, des3_computed_plaintext,
- &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
- des3_cbc_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_plaintext, des3_cbc_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_MD2_PowerUpSelfTest( void )
-{
- /* MD2 Known Hash Message (512-bits). */
- static const PRUint8 md2_known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
- /* MD2 Known Digest Message (128-bits). */
- static const PRUint8 md2_known_digest[] = {
- 0x41,0x5a,0x12,0xb2,0x3f,0x28,0x97,0x17,
- 0x0c,0x71,0x4e,0xcc,0x40,0xc8,0x1d,0x1b};
-
- /* MD2 variables. */
- MD2Context * md2_context;
- unsigned int md2_bytes_hashed;
- PRUint8 md2_computed_digest[MD2_LENGTH];
-
-
- /***********************************************/
- /* MD2 Single-Round Known Answer Hashing Test. */
- /***********************************************/
-
- md2_context = MD2_NewContext();
-
- if( md2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- MD2_Begin( md2_context );
-
- MD2_Update( md2_context, md2_known_hash_message,
- FIPS_MD2_HASH_MESSAGE_LENGTH );
-
- MD2_End( md2_context, md2_computed_digest, &md2_bytes_hashed, MD2_LENGTH );
-
- MD2_DestroyContext( md2_context , PR_TRUE );
-
- if( ( md2_bytes_hashed != MD2_LENGTH ) ||
- ( PORT_Memcmp( md2_computed_digest, md2_known_digest,
- MD2_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_MD5_PowerUpSelfTest( void )
-{
- /* MD5 Known Hash Message (512-bits). */
- static const PRUint8 md5_known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
- /* MD5 Known Digest Message (128-bits). */
- static const PRUint8 md5_known_digest[] = {
- 0x25,0xc8,0xc0,0x10,0xc5,0x6e,0x68,0x28,
- 0x28,0xa4,0xa5,0xd2,0x98,0x9a,0xea,0x2d};
-
- /* MD5 variables. */
- PRUint8 md5_computed_digest[MD5_LENGTH];
- SECStatus md5_status;
-
-
- /***********************************************/
- /* MD5 Single-Round Known Answer Hashing Test. */
- /***********************************************/
-
- md5_status = MD5_HashBuf( md5_computed_digest, md5_known_hash_message,
- FIPS_MD5_HASH_MESSAGE_LENGTH );
-
- if( ( md5_status != SECSuccess ) ||
- ( PORT_Memcmp( md5_computed_digest, md5_known_digest,
- MD5_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_SHA1_PowerUpSelfTest( void )
-{
- /* SHA-1 Known Hash Message (512-bits). */
- static const PRUint8 sha1_known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
- /* SHA-1 Known Digest Message (160-bits). */
- static const PRUint8 sha1_known_digest[] = {
- 0x0a,0x6d,0x07,0xba,0x1e,0xbd,0x8a,0x1b,
- 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0,
- 0xe0,0x68,0x47,0x7a};
-
- /* SHA-1 variables. */
- PRUint8 sha1_computed_digest[SHA1_LENGTH];
- SECStatus sha1_status;
-
-
- /*************************************************/
- /* SHA-1 Single-Round Known Answer Hashing Test. */
- /*************************************************/
-
- sha1_status = SHA1_HashBuf( sha1_computed_digest, sha1_known_hash_message,
- FIPS_SHA1_HASH_MESSAGE_LENGTH );
-
- if( ( sha1_status != SECSuccess ) ||
- ( PORT_Memcmp( sha1_computed_digest, sha1_known_digest,
- SHA1_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_RSA_PowerUpSelfTest( void )
-{
- /* RSA Known Modulus used in both Public/Private Key Values (520-bits). */
- static const PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
- 0x00,0xa1,0xe9,0x5e,0x66,0x88,0xe2,0xf2,
- 0x2b,0xe7,0x70,0x36,0x33,0xbc,0xeb,0x55,
- 0x55,0xf1,0x60,0x18,0x3c,0xfb,0xd2,0x79,
- 0xf6,0xc4,0xb8,0x09,0xe3,0x12,0xf6,0x63,
- 0x6d,0xc7,0x8e,0x19,0xc0,0x0e,0x10,0x78,
- 0xc1,0xfe,0x2a,0x41,0x74,0x2d,0xf7,0xc4,
- 0x69,0xa7,0x3c,0xbc,0x8a,0xc8,0x31,0x2b,
- 0x4f,0x60,0xf0,0xf1,0xec,0x5a,0x29,0xec,
- 0x6b};
-
- /* RSA Known Public Key Values (8-bits). */
- static const PRUint8 rsa_public_exponent[] = { 0x03 };
-
- /* RSA Known Private Key Values (version is 8-bits), */
- /* (private exponent is 512-bits), */
- /* (private prime0 is 264-bits), */
- /* (private prime1 is 264-bits), */
- /* (private prime exponent0 is 264-bits), */
- /* (private prime exponent1 is 264-bits), */
- /* and (private coefficient is 256-bits). */
- static const PRUint8 rsa_version[] = { 0x00 };
- static const PRUint8 rsa_private_exponent[FIPS_RSA_PRIVATE_EXPONENT_LENGTH] = {
- 0x6b,0xf0,0xe9,0x99,0xb0,0x97,0x4c,0x1d,
- 0x44,0xf5,0x79,0x77,0xd3,0x47,0x8e,0x39,
- 0x4b,0x95,0x65,0x7d,0xfd,0x36,0xfb,0xf9,
- 0xd8,0x7a,0xb1,0x42,0x0c,0xa4,0x42,0x48,
- 0x20,0x1c,0x6b,0x7d,0x5d,0xa3,0x58,0xd6,
- 0x95,0xd6,0x41,0xe3,0xd6,0x73,0xad,0xdb,
- 0x3b,0x89,0x00,0x8a,0xcd,0x1d,0xb9,0x06,
- 0xac,0xac,0x0e,0x02,0x72,0x1c,0xf8,0xab };
- static const PRUint8 rsa_prime0[FIPS_RSA_PRIME0_LENGTH] = {
- 0x00,0xd2,0x2c,0x9d,0xef,0x7c,0x8f,0x58,
- 0x93,0x19,0xa1,0x77,0x0e,0x38,0x3e,0x85,
- 0xb4,0xaf,0xcc,0x99,0xa5,0x43,0xbf,0x97,
- 0xdc,0x46,0xb8,0x3f,0x6e,0x85,0x18,0x00,
- 0x81};
- static const PRUint8 rsa_prime1[FIPS_RSA_PRIME1_LENGTH] = {
- 0x00,0xc5,0x36,0xda,0x94,0x85,0x0c,0x1a,
- 0xed,0x03,0xc7,0x67,0x90,0x34,0x0b,0xb9,
- 0xec,0x1e,0x22,0xa2,0x15,0x50,0xc4,0xfd,
- 0xe9,0x17,0x36,0x9d,0x7a,0x29,0xe6,0x76,
- 0xeb};
- static const PRUint8 rsa_exponent0[FIPS_RSA_EXPONENT0_LENGTH] = {
- 0x00,0x8c,0x1d,0xbe,0x9f,0xa8,
- 0x5f,0x90,0x62,0x11,0x16,0x4f,
- 0x5e,0xd0,0x29,0xae,0x78,0x75,
- 0x33,0x11,0x18,0xd7,0xd5,0x0f,
- 0xe8,0x2f,0x25,0x7f,0x9f,0x03,
- 0x65,0x55,0xab};
- static const PRUint8 rsa_exponent1[FIPS_RSA_EXPONENT1_LENGTH] = {
- 0x00,0x83,0x79,0xe7,0x0d,0xae,
- 0x08,0x11,0xf3,0x57,0xda,0x45,
- 0x0a,0xcd,0x5d,0x26,0x9d,0x69,
- 0x6c,0x6c,0x0e,0x35,0xd8,0xa9,
- 0x46,0x0f,0x79,0xbe,0x51,0x71,
- 0x44,0x4f,0x47};
- static const PRUint8 rsa_coefficient[FIPS_RSA_COEFFICIENT_LENGTH] = {
- 0x54,0x8d,0xb8,0xdc,0x8b,0xde,0xbb,
- 0x08,0xc9,0x67,0xb7,0xa9,0x5f,0xa5,
- 0xc4,0x5e,0x67,0xaa,0xfe,0x1a,0x08,
- 0xeb,0x48,0x43,0xcb,0xb0,0xb9,0x38,
- 0x3a,0x31,0x39,0xde};
-
-
- /* RSA Known Plaintext (512-bits). */
- static const PRUint8 rsa_known_plaintext[] = {
- "Known plaintext utilized for RSA"
- " Encryption and Decryption test." };
-
- /* RSA Known Ciphertext (512-bits). */
- static const PRUint8 rsa_known_ciphertext[] = {
- 0x12,0x80,0x3a,0x53,0xee,0x93,0x81,0xa5,
- 0xf7,0x40,0xc5,0xb1,0xef,0xd9,0x27,0xaf,
- 0xef,0x4b,0x87,0x44,0x00,0xd0,0xda,0xcf,
- 0x10,0x57,0x4c,0xd5,0xc3,0xed,0x84,0xdc,
- 0x74,0x03,0x19,0x69,0x2c,0xd6,0x54,0x3e,
- 0xd2,0xe3,0x90,0xb6,0x67,0x91,0x2f,0x1f,
- 0x54,0x13,0x99,0x00,0x0b,0xfd,0x52,0x7f,
- 0xd8,0xc6,0xdb,0x8a,0xfe,0x06,0xf3,0xb1};
-
- /* RSA Known Message (128-bits). */
- static const PRUint8 rsa_known_message[] = { "Netscape Forever" };
-
- /* RSA Known Signed Hash (512-bits). */
- static const PRUint8 rsa_known_signature[] = {
- 0x27,0x23,0xa6,0x71,0x57,0xc8,0x70,0x5f,
- 0x70,0x0e,0x06,0x7b,0x96,0x6a,0xaa,0x41,
- 0x6e,0xab,0x67,0x4b,0x5f,0x76,0xc4,0x53,
- 0x23,0xd7,0x57,0x7a,0x3a,0xbc,0x4c,0x27,
- 0x65,0xca,0xde,0x9f,0xd3,0x1d,0xa4,0x5a,
- 0xf9,0x8f,0xb2,0x05,0xa3,0x86,0xf9,0x66,
- 0x55,0x4c,0x68,0x50,0x66,0xa4,0xe9,0x17,
- 0x45,0x11,0xb8,0x1a,0xfc,0xbc,0x79,0x3b};
-
-
- static const RSAPublicKey bl_public_key = { NULL,
- { FIPS_RSA_TYPE, (unsigned char *)rsa_modulus, FIPS_RSA_MODULUS_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_public_exponent, FIPS_RSA_PUBLIC_EXPONENT_LENGTH }
- };
- static const RSAPrivateKey bl_private_key = { NULL,
- { FIPS_RSA_TYPE, (unsigned char *)rsa_version, FIPS_RSA_PRIVATE_VERSION_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_modulus, FIPS_RSA_MODULUS_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_public_exponent, FIPS_RSA_PUBLIC_EXPONENT_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_private_exponent, FIPS_RSA_PRIVATE_EXPONENT_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_prime0, FIPS_RSA_PRIME0_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_prime1, FIPS_RSA_PRIME1_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_exponent0, FIPS_RSA_EXPONENT0_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_exponent1, FIPS_RSA_EXPONENT1_LENGTH },
- { FIPS_RSA_TYPE, (unsigned char *)rsa_coefficient, FIPS_RSA_COEFFICIENT_LENGTH }
- };
-
- /* RSA variables. */
-#ifdef CREATE_TEMP_ARENAS
- PLArenaPool * rsa_public_arena;
- PLArenaPool * rsa_private_arena;
-#endif
- NSSLOWKEYPublicKey * rsa_public_key;
- NSSLOWKEYPrivateKey * rsa_private_key;
- unsigned int rsa_bytes_signed;
- SECStatus rsa_status;
-
- NSSLOWKEYPublicKey low_public_key = { NULL, NSSLOWKEYRSAKey, };
- NSSLOWKEYPrivateKey low_private_key = { NULL, NSSLOWKEYRSAKey, };
- PRUint8 rsa_computed_ciphertext[FIPS_RSA_ENCRYPT_LENGTH];
- PRUint8 rsa_computed_plaintext[FIPS_RSA_DECRYPT_LENGTH];
- PRUint8 rsa_computed_signature[FIPS_RSA_SIGNATURE_LENGTH];
-
- /****************************************/
- /* Compose RSA Public/Private Key Pair. */
- /****************************************/
-
- low_public_key.u.rsa = bl_public_key;
- low_private_key.u.rsa = bl_private_key;
-
- rsa_public_key = &low_public_key;
- rsa_private_key = &low_private_key;
-
-#ifdef CREATE_TEMP_ARENAS
- /* Create some space for the RSA public key. */
- rsa_public_arena = PORT_NewArena( NSS_SOFTOKEN_DEFAULT_CHUNKSIZE );
-
- if( rsa_public_arena == NULL ) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- return( CKR_HOST_MEMORY );
- }
-
- /* Create some space for the RSA private key. */
- rsa_private_arena = PORT_NewArena( NSS_SOFTOKEN_DEFAULT_CHUNKSIZE );
-
- if( rsa_private_arena == NULL ) {
- PORT_FreeArena( rsa_public_arena, PR_TRUE );
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- return( CKR_HOST_MEMORY );
- }
-
- rsa_public_key->arena = rsa_public_arena;
- rsa_private_key->arena = rsa_private_arena;
-#endif
-
- /**************************************************/
- /* RSA Single-Round Known Answer Encryption Test. */
- /**************************************************/
-
- /* Perform RSA Public Key Encryption. */
- rsa_status = RSA_PublicKeyOp(&rsa_public_key->u.rsa,
- rsa_computed_ciphertext, rsa_known_plaintext);
-
- if( ( rsa_status != SECSuccess ) ||
- ( PORT_Memcmp( rsa_computed_ciphertext, rsa_known_ciphertext,
- FIPS_RSA_ENCRYPT_LENGTH ) != 0 ) )
- goto rsa_loser;
-
- /**************************************************/
- /* RSA Single-Round Known Answer Decryption Test. */
- /**************************************************/
-
- /* Perform RSA Private Key Decryption. */
- rsa_status = RSA_PrivateKeyOp(&rsa_private_key->u.rsa,
- rsa_computed_plaintext, rsa_known_ciphertext);
-
- if( ( rsa_status != SECSuccess ) ||
- ( PORT_Memcmp( rsa_computed_plaintext, rsa_known_plaintext,
- FIPS_RSA_DECRYPT_LENGTH ) != 0 ) )
- goto rsa_loser;
-
-
- /*************************************************/
- /* RSA Single-Round Known Answer Signature Test. */
- /*************************************************/
-
- /* Perform RSA signature with the RSA private key. */
- rsa_status = RSA_Sign( rsa_private_key, rsa_computed_signature,
- &rsa_bytes_signed,
- FIPS_RSA_SIGNATURE_LENGTH, (unsigned char *)rsa_known_message,
- FIPS_RSA_MESSAGE_LENGTH );
-
- if( ( rsa_status != SECSuccess ) ||
- ( rsa_bytes_signed != FIPS_RSA_SIGNATURE_LENGTH ) ||
- ( PORT_Memcmp( rsa_computed_signature, rsa_known_signature,
- FIPS_RSA_SIGNATURE_LENGTH ) != 0 ) )
- goto rsa_loser;
-
-
- /****************************************************/
- /* RSA Single-Round Known Answer Verification Test. */
- /****************************************************/
-
- /* Perform RSA verification with the RSA public key. */
- rsa_status = RSA_CheckSign( rsa_public_key,
- rsa_computed_signature,
- FIPS_RSA_SIGNATURE_LENGTH,
- (unsigned char *)rsa_known_message,
- FIPS_RSA_MESSAGE_LENGTH );
-
- if( rsa_status != SECSuccess )
- goto rsa_loser;
-
- /* Dispose of all RSA key material. */
- nsslowkey_DestroyPublicKey( rsa_public_key );
- nsslowkey_DestroyPrivateKey( rsa_private_key );
-
- return( CKR_OK );
-
-
-rsa_loser:
-
- nsslowkey_DestroyPublicKey( rsa_public_key );
- nsslowkey_DestroyPrivateKey( rsa_private_key );
-
- return( CKR_DEVICE_ERROR );
-}
-
-
-static CK_RV
-pk11_fips_DSA_PowerUpSelfTest( void )
-{
- /* DSA Known P (512-bits), Q (160-bits), and G (512-bits) Values. */
- static const PRUint8 dsa_P[] = {
- 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
- 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
- 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
- 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
- 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
- 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
- 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
- 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91};
- static const PRUint8 dsa_Q[] = {
- 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
- 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
- 0xda,0xce,0x91,0x5f};
- static const PRUint8 dsa_G[] = {
- 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
- 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
- 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
- 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
- 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
- 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
- 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
- 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02};
-
- /* DSA Known Random Values (known random key block is 160-bits) */
- /* and (known random signature block is 160-bits). */
- static const PRUint8 dsa_known_random_key_block[] = {
- "Mozilla Rules World!"};
- static const PRUint8 dsa_known_random_signature_block[] = {
- "Random DSA Signature"};
-
- /* DSA Known Digest (160-bits) */
- static const PRUint8 dsa_known_digest[] = { "DSA Signature Digest" };
-
- /* DSA Known Signature (320-bits). */
- static const PRUint8 dsa_known_signature[] = {
- 0x39,0x0d,0x84,0xb1,0xf7,0x52,0x89,0xba,
- 0xec,0x1e,0xa8,0xe2,0x00,0x8e,0x37,0x8f,
- 0xc2,0xf5,0xf8,0x70,0x11,0xa8,0xc7,0x02,
- 0x0e,0x75,0xcf,0x6b,0x54,0x4a,0x52,0xe8,
- 0xd8,0x6d,0x4a,0xe8,0xee,0x56,0x8e,0x59};
-
- /* DSA variables. */
- DSAPrivateKey * dsa_private_key;
- SECStatus dsa_status;
- SECItem dsa_signature_item;
- SECItem dsa_digest_item;
- DSAPublicKey dsa_public_key;
- PRUint8 dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
- static const PQGParams dsa_pqg = { NULL,
- { FIPS_DSA_TYPE, (unsigned char *)dsa_P, FIPS_DSA_PRIME_LENGTH },
- { FIPS_DSA_TYPE, (unsigned char *)dsa_Q, FIPS_DSA_SUBPRIME_LENGTH },
- { FIPS_DSA_TYPE, (unsigned char *)dsa_G, FIPS_DSA_BASE_LENGTH }};
-
- /*******************************************/
- /* Generate a DSA public/private key pair. */
- /*******************************************/
-
- /* Generate a DSA public/private key pair. */
-
- dsa_status = DSA_NewKeyFromSeed(&dsa_pqg, dsa_known_random_key_block,
- &dsa_private_key);
-
- if( dsa_status != SECSuccess )
- return( CKR_HOST_MEMORY );
-
- /* construct public key from private key. */
- dsa_public_key.params = dsa_private_key->params;
- dsa_public_key.publicValue = dsa_private_key->publicValue;
-
- /*************************************************/
- /* DSA Single-Round Known Answer Signature Test. */
- /*************************************************/
-
- dsa_signature_item.data = dsa_computed_signature;
- dsa_signature_item.len = sizeof dsa_computed_signature;
-
- dsa_digest_item.data = (unsigned char *)dsa_known_digest;
- dsa_digest_item.len = SHA1_LENGTH;
-
- /* Perform DSA signature process. */
- dsa_status = DSA_SignDigestWithSeed( dsa_private_key,
- &dsa_signature_item,
- &dsa_digest_item,
- dsa_known_random_signature_block );
-
- if( ( dsa_status != SECSuccess ) ||
- ( dsa_signature_item.len != FIPS_DSA_SIGNATURE_LENGTH ) ||
- ( PORT_Memcmp( dsa_computed_signature, dsa_known_signature,
- FIPS_DSA_SIGNATURE_LENGTH ) != 0 ) ) {
- dsa_status = SECFailure;
- } else {
-
- /****************************************************/
- /* DSA Single-Round Known Answer Verification Test. */
- /****************************************************/
-
- /* Perform DSA verification process. */
- dsa_status = DSA_VerifyDigest( &dsa_public_key,
- &dsa_signature_item,
- &dsa_digest_item);
- }
-
- PORT_FreeArena(dsa_private_key->params.arena, PR_TRUE);
- /* Don't free public key, it uses same arena as private key */
-
- /* Verify DSA signature. */
- if( dsa_status != SECSuccess )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-
-
-}
-
-
-CK_RV
-pk11_fipsPowerUpSelfTest( void )
-{
- CK_RV rv;
-
- /* RC2 Power-Up SelfTest(s). */
- rv = pk11_fips_RC2_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* RC4 Power-Up SelfTest(s). */
- rv = pk11_fips_RC4_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* DES Power-Up SelfTest(s). */
- rv = pk11_fips_DES_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* DES3 Power-Up SelfTest(s). */
- rv = pk11_fips_DES3_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* MD2 Power-Up SelfTest(s). */
- rv = pk11_fips_MD2_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* MD5 Power-Up SelfTest(s). */
- rv = pk11_fips_MD5_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* SHA-1 Power-Up SelfTest(s). */
- rv = pk11_fips_SHA1_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* RSA Power-Up SelfTest(s). */
- rv = pk11_fips_RSA_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* DSA Power-Up SelfTest(s). */
- rv = pk11_fips_DSA_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* Passed Power-Up SelfTest(s). */
- return( CKR_OK );
-}
-
diff --git a/security/nss/lib/softoken/fipstokn.c b/security/nss/lib/softoken/fipstokn.c
deleted file mode 100644
index c33670451..000000000
--- a/security/nss/lib/softoken/fipstokn.c
+++ /dev/null
@@ -1,993 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- * This implementation has two slots:
- * slot 1 is our generic crypto support. It does not require login
- * (unless you've enabled FIPS). It supports Public Key ops, and all they
- * bulk ciphers and hashes. It can also support Private Key ops for imported
- * Private keys. It does not have any token storage.
- * slot 2 is our private key support. It requires a login before use. It
- * can store Private Keys and Certs as token objects. Currently only private
- * keys and their associated Certificates are saved on the token.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-#include "seccomon.h"
-#include "softoken.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-
-
-/*
- * ******************** Password Utilities *******************************
- */
-static PRBool isLoggedIn = PR_FALSE;
-static PRBool fatalError = PR_FALSE;
-
-/* Fips required checks before any useful crypto graphic services */
-static CK_RV pk11_fipsCheck(void) {
- if (isLoggedIn != PR_TRUE)
- return CKR_USER_NOT_LOGGED_IN;
- if (fatalError)
- return CKR_DEVICE_ERROR;
- return CKR_OK;
-}
-
-
-#define PK11_FIPSCHECK() \
- CK_RV rv; \
- if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
-
-#define PK11_FIPSFATALCHECK() \
- if (fatalError) return CKR_DEVICE_ERROR;
-
-
-/* grab an attribute out of a raw template */
-void *
-fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
-{
- int i;
-
- for (i=0; i < (int) ulCount; i++) {
- if (pTemplate[i].type == type) {
- return pTemplate[i].pValue;
- }
- }
- return NULL;
-}
-
-
-#define __PASTE(x,y) x##y
-
-/* ------------- forward declare all the NSC_ functions ------------- */
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS,name)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-/* ------------- forward declare all the FIPS functions ------------- */
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F,name)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-/* ------------- build the CK_CRYPTO_TABLE ------------------------- */
-static CK_FUNCTION_LIST pk11_fipsTable = {
- { 1, 10 },
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) __PASTE(F,name),
-
-
-#include "pkcs11f.h"
-
-};
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-static CK_RV
-fips_login_if_key_object(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
-{
- CK_RV rv;
- CK_OBJECT_CLASS objClass;
- CK_ATTRIBUTE class;
- class.type = CKA_CLASS;
- class.pValue = &objClass;
- class.ulValueLen = sizeof(objClass);
- rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
- if (rv == CKR_OK) {
- if ((objClass == CKO_PRIVATE_KEY) || (objClass == CKO_SECRET_KEY)) {
- rv = pk11_fipsCheck();
- }
- }
- return rv;
-}
-
-
-/**********************************************************************
- *
- * Start of PKCS 11 functions
- *
- **********************************************************************/
-/* return the function list */
-CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
- *pFunctionList = &pk11_fipsTable;
- return CKR_OK;
-}
-
-/* sigh global so pkcs11 can read it */
-PRBool nsf_init = PR_FALSE;
-
-/* FC_Initialize initializes the PKCS #11 library. */
-CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
- CK_RV crv;
-
- if (nsf_init) {
- return CKR_CRYPTOKI_ALREADY_INITIALIZED;
- }
-
- crv = nsc_CommonInitialize(pReserved, PR_TRUE);
-
- /* not an 'else' rv can be set by either PK11_LowInit or PK11_SlotInit*/
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- return crv;
- }
-
- fatalError = PR_FALSE; /* any error has been reset */
-
- crv = pk11_fipsPowerUpSelfTest();
- if (crv != CKR_OK) {
- nsc_CommonFinalize(NULL, PR_TRUE);
- fatalError = PR_TRUE;
- return crv;
- }
- nsf_init = PR_TRUE;
-
- return CKR_OK;
-}
-
-/*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
-CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
- CK_RV crv;
- if (!nsf_init) {
- return CKR_OK;
- }
- crv = nsc_CommonFinalize (pReserved, PR_TRUE);
- nsf_init = (PRBool) !(crv == CKR_OK);
- return crv;
-}
-
-
-/* FC_GetInfo returns general information about PKCS #11. */
-CK_RV FC_GetInfo(CK_INFO_PTR pInfo) {
- return NSC_GetInfo(pInfo);
-}
-
-/* FC_GetSlotList obtains a list of slots in the system. */
-CK_RV FC_GetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
- return nsc_CommonGetSlotList(tokenPresent,pSlotList,pulCount,
- NSC_FIPS_MODULE);
-}
-
-/* FC_GetSlotInfo obtains information about a particular slot in the system. */
-CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
-
- CK_RV crv;
-
- crv = NSC_GetSlotInfo(slotID,pInfo);
- if (crv != CKR_OK) {
- return crv;
- }
-
- return CKR_OK;
-}
-
-
-/*FC_GetTokenInfo obtains information about a particular token in the system.*/
- CK_RV FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo) {
- CK_RV crv;
-
- crv = NSC_GetTokenInfo(slotID,pInfo);
- pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED;
- return crv;
-
-}
-
-
-
-/*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
- CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
- PK11_FIPSFATALCHECK();
- if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
- /* FIPS Slot supports all functions */
- return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
-}
-
-
-/* FC_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
- CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo) {
- PK11_FIPSFATALCHECK();
- if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
- /* FIPS Slot supports all functions */
- return NSC_GetMechanismInfo(slotID,type,pInfo);
-}
-
-
-/* FC_InitToken initializes a token. */
- CK_RV FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
- CK_ULONG usPinLen,CK_CHAR_PTR pLabel) {
- return CKR_HOST_MEMORY; /*is this the right function for not implemented*/
-}
-
-
-/* FC_InitPIN initializes the normal user's PIN. */
- CK_RV FC_InitPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
- return NSC_InitPIN(hSession,pPin,ulPinLen);
-}
-
-
-/* FC_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
- CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
- CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
- CK_RV rv;
- if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
- return NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
-}
-
-/* FC_OpenSession opens a session between an application and a token. */
- CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
- CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
- PK11_FIPSFATALCHECK();
- return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
-}
-
-
-/* FC_CloseSession closes a session between an application and a token. */
- CK_RV FC_CloseSession(CK_SESSION_HANDLE hSession) {
- return NSC_CloseSession(hSession);
-}
-
-
-/* FC_CloseAllSessions closes all sessions with a token. */
- CK_RV FC_CloseAllSessions (CK_SLOT_ID slotID) {
- return NSC_CloseAllSessions (slotID);
-}
-
-
-/* FC_GetSessionInfo obtains information about the session. */
- CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
-
- rv = NSC_GetSessionInfo(hSession,pInfo);
- if (rv == CKR_OK) {
- if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
- pInfo->state = CKS_RO_USER_FUNCTIONS;
- }
- if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
- pInfo->state = CKS_RW_USER_FUNCTIONS;
- }
- }
- return rv;
-}
-
-/* FC_Login logs a user into a token. */
- CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
- CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = NSC_Login(hSession,userType,pPin,usPinLen);
- if (rv == CKR_OK)
- isLoggedIn = PR_TRUE;
- else if (rv == CKR_USER_ALREADY_LOGGED_IN)
- {
- isLoggedIn = PR_TRUE;
-
- /* Provide FIPS PUB 140-1 power-up self-tests on demand. */
- rv = pk11_fipsPowerUpSelfTest();
- if (rv == CKR_OK)
- return CKR_USER_ALREADY_LOGGED_IN;
- else
- fatalError = PR_TRUE;
- }
- return rv;
-}
-
-/* FC_Logout logs a user out from a token. */
- CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
-
- rv = NSC_Logout(hSession);
- isLoggedIn = PR_FALSE;
- return rv;
-}
-
-
-/* FC_CreateObject creates a new object. */
- CK_RV FC_CreateObject(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject) {
- CK_OBJECT_CLASS * classptr;
- PK11_FIPSCHECK();
- classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
- if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
- /* FIPS can't create keys from raw key material */
- if ((*classptr == CKO_SECRET_KEY) || (*classptr == CKO_PRIVATE_KEY)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- return NSC_CreateObject(hSession,pTemplate,ulCount,phObject);
-}
-
-
-
-
-
-/* FC_CopyObject copies an object, creating a new object for the copy. */
- CK_RV FC_CopyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
- CK_OBJECT_HANDLE_PTR phNewObject) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = fips_login_if_key_object(hSession, hObject);
- if (rv != CKR_OK) {
- return rv;
- }
- return NSC_CopyObject(hSession,hObject,pTemplate,usCount,phNewObject);
-}
-
-
-/* FC_DestroyObject destroys an object. */
- CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = fips_login_if_key_object(hSession, hObject);
- if (rv != CKR_OK) {
- return rv;
- }
- return NSC_DestroyObject(hSession,hObject);
-}
-
-
-/* FC_GetObjectSize gets the size of an object in bytes. */
- CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pusSize) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = fips_login_if_key_object(hSession, hObject);
- if (rv != CKR_OK) {
- return rv;
- }
- return NSC_GetObjectSize(hSession, hObject, pusSize);
-}
-
-
-/* FC_GetAttributeValue obtains the value of one or more object attributes. */
- CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = fips_login_if_key_object(hSession, hObject);
- if (rv != CKR_OK) {
- return rv;
- }
- return NSC_GetAttributeValue(hSession,hObject,pTemplate,usCount);
-}
-
-
-/* FC_SetAttributeValue modifies the value of one or more object attributes */
- CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = fips_login_if_key_object(hSession, hObject);
- if (rv != CKR_OK) {
- return rv;
- }
- return NSC_SetAttributeValue(hSession,hObject,pTemplate,usCount);
-}
-
-
-
-/* FC_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
- CK_RV FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
- /* let publically readable object be found */
- int i;
- CK_RV rv;
- PRBool needLogin = PR_FALSE;
-
- PK11_FIPSFATALCHECK();
-
- for (i=0; i < usCount; i++) {
- CK_OBJECT_CLASS class;
- if (pTemplate[i].type != CKA_CLASS) {
- continue;
- }
- if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
- continue;
- }
- if (pTemplate[i].pValue == NULL) {
- continue;
- }
- class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
- if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
- needLogin = PR_TRUE;
- break;
- }
- }
- if (needLogin) {
- if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
- }
- return NSC_FindObjectsInit(hSession,pTemplate,usCount);
-}
-
-
-/* FC_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
- CK_RV FC_FindObjects(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
- CK_ULONG_PTR pusObjectCount) {
- /* let publically readable object be found */
- PK11_FIPSFATALCHECK();
- return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
- pusObjectCount);
-}
-
-
-/*
- ************** Crypto Functions: Encrypt ************************
- */
-
-/* FC_EncryptInit initializes an encryption operation. */
- CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_EncryptInit(hSession,pMechanism,hKey);
-}
-
-/* FC_Encrypt encrypts single-part data. */
- CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pusEncryptedDataLen) {
- PK11_FIPSCHECK();
- return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
- pusEncryptedDataLen);
-}
-
-
-/* FC_EncryptUpdate continues a multiple-part encryption operation. */
- CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pusEncryptedPartLen) {
- PK11_FIPSCHECK();
- return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
- pusEncryptedPartLen);
-}
-
-
-/* FC_EncryptFinal finishes a multiple-part encryption operation. */
- CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
-
- PK11_FIPSCHECK();
- return NSC_EncryptFinal(hSession,pLastEncryptedPart,
- pusLastEncryptedPartLen);
-}
-
-/*
- ************** Crypto Functions: Decrypt ************************
- */
-
-
-/* FC_DecryptInit initializes a decryption operation. */
- CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_DecryptInit(hSession,pMechanism,hKey);
-}
-
-/* FC_Decrypt decrypts encrypted data in a single part. */
- CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
- CK_ULONG_PTR pusDataLen) {
- PK11_FIPSCHECK();
- return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
- pusDataLen);
-}
-
-
-/* FC_DecryptUpdate continues a multiple-part decryption operation. */
- CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
- PK11_FIPSCHECK();
- return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
- pPart,pusPartLen);
-}
-
-
-/* FC_DecryptFinal finishes a multiple-part decryption operation. */
- CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
- PK11_FIPSCHECK();
- return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
-}
-
-
-/*
- ************** Crypto Functions: Digest (HASH) ************************
- */
-
-/* FC_DigestInit initializes a message-digesting operation. */
- CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism) {
- PK11_FIPSFATALCHECK();
- return NSC_DigestInit(hSession, pMechanism);
-}
-
-
-/* FC_Digest digests data in a single part. */
- CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pusDigestLen) {
- PK11_FIPSFATALCHECK();
- return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
-}
-
-
-/* FC_DigestUpdate continues a multiple-part message-digesting operation. */
- CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG usPartLen) {
- PK11_FIPSFATALCHECK();
- return NSC_DigestUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_DigestFinal finishes a multiple-part message-digesting operation. */
- CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pusDigestLen) {
- PK11_FIPSFATALCHECK();
- return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
-}
-
-
-/*
- ************** Crypto Functions: Sign ************************
- */
-
-/* FC_SignInit initializes a signature (private key encryption) operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_SignInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pusSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
-}
-
-
-/* FC_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG usPartLen) {
- PK11_FIPSCHECK();
- return NSC_SignUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
- CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pusSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
-}
-
-/*
- ************** Crypto Functions: Sign Recover ************************
- */
-/* FC_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
- CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_SignRecoverInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
- CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
-}
-
-/*
- ************** Crypto Functions: verify ************************
- */
-
-/* FC_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
- CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_VerifyInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
- /* make sure we're legal */
- PK11_FIPSCHECK();
- return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
-}
-
-
-/* FC_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG usPartLen) {
- PK11_FIPSCHECK();
- return NSC_VerifyUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
- CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
-}
-
-/*
- ************** Crypto Functions: Verify Recover ************************
- */
-
-/* FC_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
- CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
- CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
- CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
- PK11_FIPSCHECK();
- return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
- pusDataLen);
-}
-
-/*
- **************************** Key Functions: ************************
- */
-
-/* FC_GenerateKey generates a secret key, creating a new key object. */
- CK_RV FC_GenerateKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all secret keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
-
- return NSC_GenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey);
-}
-
-
-/* FC_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
- CK_RV FC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all private keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pPrivateKeyTemplate,
- usPrivateKeyAttributeCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
- return NSC_GenerateKeyPair (hSession,pMechanism,pPublicKeyTemplate,
- usPublicKeyAttributeCount,pPrivateKeyTemplate,
- usPrivateKeyAttributeCount,phPublicKey,phPrivateKey);
-}
-
-
-/* FC_WrapKey wraps (i.e., encrypts) a key. */
- CK_RV FC_WrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pusWrappedKeyLen) {
- PK11_FIPSCHECK();
- return NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
- pusWrappedKeyLen);
-}
-
-
-/* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
- CK_RV FC_UnwrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey, CK_ULONG usWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all secret keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
- usAttributeCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
- return NSC_UnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
- usWrappedKeyLen,pTemplate,usAttributeCount,phKey);
-}
-
-
-/* FC_DeriveKey derives a key from a base key, creating a new key object. */
- CK_RV FC_DeriveKey( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all secret keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
- usAttributeCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
- return NSC_DeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
- usAttributeCount, phKey);
-}
-
-/*
- **************************** Radom Functions: ************************
- */
-
-/* FC_SeedRandom mixes additional seed material into the token's random number
- * generator. */
- CK_RV FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
- CK_ULONG usSeedLen) {
- CK_RV crv;
-
- PK11_FIPSFATALCHECK();
- crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- }
- return crv;
-}
-
-
-/* FC_GenerateRandom generates random data. */
- CK_RV FC_GenerateRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData, CK_ULONG usRandomLen) {
- CK_RV crv;
-
- PK11_FIPSFATALCHECK();
- crv = NSC_GenerateRandom(hSession,pRandomData,usRandomLen);
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- }
- return crv;
-}
-
-
-/* FC_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
- CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
- return NSC_GetFunctionStatus(hSession);
-}
-
-
-/* FC_CancelFunction cancels a function running in parallel */
- CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
- return NSC_CancelFunction(hSession);
-}
-
-/*
- **************************** Version 1.1 Functions: ************************
- */
-
-/* FC_GetOperationState saves the state of the cryptographic
- *operation in a session. */
-CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
- PK11_FIPSFATALCHECK();
- return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
-}
-
-
-/* FC_SetOperationState restores the state of the cryptographic operation
- * in a session. */
-CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
- PK11_FIPSFATALCHECK();
- return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
- hEncryptionKey,hAuthenticationKey);
-}
-
-/* FC_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
- /* let publically readable object be found */
- PK11_FIPSFATALCHECK();
- return NSC_FindObjectsFinal(hSession);
-}
-
-
-/* Dual-function cryptographic operations */
-
-/* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
- * operation. */
-CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen) {
- PK11_FIPSCHECK();
- return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
- pulEncryptedPartLen);
-}
-
-
-/* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
- * operation. */
-CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
-
- PK11_FIPSCHECK();
- return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
- pPart,pulPartLen);
-}
-
-/* FC_SignEncryptUpdate continues a multiple-part signing and encryption
- * operation. */
-CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen) {
-
- PK11_FIPSCHECK();
- return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
- pulEncryptedPartLen);
-}
-
-/* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
- * operation. */
-CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
-
- PK11_FIPSCHECK();
- return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
- pData,pulDataLen);
-}
-
-
-/* FC_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_DigestKey(hSession,hKey);
-}
-
-
-CK_RV FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved)
-{
- return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
-}
diff --git a/security/nss/lib/softoken/keydb.c b/security/nss/lib/softoken/keydb.c
deleted file mode 100644
index da2380a1a..000000000
--- a/security/nss/lib/softoken/keydb.c
+++ /dev/null
@@ -1,2539 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Private Key Database code
- *
- * $Id$
- */
-
-#include "lowkeyi.h"
-#include "seccomon.h"
-#include "sechash.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "blapi.h"
-#include "secitem.h"
-#include "pcert.h"
-#include "mcom_db.h"
-#include "lowpbe.h"
-#include "secerr.h"
-#include "cdbhdl.h"
-
-#include "keydbi.h"
-
-/*
- * Record keys for keydb
- */
-#define SALT_STRING "global-salt"
-#define VERSION_STRING "Version"
-#define KEYDB_PW_CHECK_STRING "password-check"
-#define KEYDB_PW_CHECK_LEN 14
-#define KEYDB_FAKE_PW_CHECK_STRING "fake-password-check"
-#define KEYDB_FAKE_PW_CHECK_LEN 19
-
-/* Size of the global salt for key database */
-#define SALT_LENGTH 16
-
-const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWKEYAttribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) },
- { SEC_ASN1_SET_OF, offsetof(NSSLOWKEYAttribute, attrValue),
- SEC_AnyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate },
-};
-/* ASN1 Templates for new decoder/encoder */
-const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSLOWKEYPrivateKeyInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSLOWKEYPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSLOWKEYPrivateKeyInfo,privateKey) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
- nsslowkey_SetOfAttributeTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PointerToPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, nsslowkey_PrivateKeyInfoTemplate }
-};
-
-const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo) },
- { SEC_ASN1_INLINE,
- offsetof(NSSLOWKEYEncryptedPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSLOWKEYEncryptedPrivateKeyInfo,encryptedData) },
- { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PointerToEncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, nsslowkey_EncryptedPrivateKeyInfoTemplate }
-};
-
-
-/* ====== Default key databse encryption algorithm ====== */
-
-static SECOidTag defaultKeyDBAlg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
-
-/*
- * Default algorithm for encrypting data in the key database
- */
-SECOidTag
-nsslowkey_GetDefaultKeyDBAlg(void)
-{
- return(defaultKeyDBAlg);
-}
-
-void
-nsslowkey_SetDefaultKeyDBAlg(SECOidTag alg)
-{
- defaultKeyDBAlg = alg;
-
- return;
-}
-
-static void
-sec_destroy_dbkey(NSSLOWKEYDBKey *dbkey)
-{
- if ( dbkey && dbkey->arena ) {
- PORT_FreeArena(dbkey->arena, PR_FALSE);
- }
-}
-
-static void
-free_dbt(DBT *dbt)
-{
- if ( dbt ) {
- PORT_Free(dbt->data);
- PORT_Free(dbt);
- }
-
- return;
-}
-
-/*
- * format of key database entries for version 3 of database:
- * byte offset field
- * ----------- -----
- * 0 version
- * 1 salt-len
- * 2 nn-len
- * 3.. salt-data
- * ... nickname
- * ... encrypted-key-data
- */
-static DBT *
-encode_dbkey(NSSLOWKEYDBKey *dbkey,unsigned char version)
-{
- DBT *bufitem = NULL;
- unsigned char *buf;
- int nnlen;
- char *nn;
-
- bufitem = (DBT *)PORT_ZAlloc(sizeof(DBT));
- if ( bufitem == NULL ) {
- goto loser;
- }
-
- if ( dbkey->nickname ) {
- nn = dbkey->nickname;
- nnlen = PORT_Strlen(nn) + 1;
- } else {
- nn = "";
- nnlen = 1;
- }
-
- /* compute the length of the record */
- /* 1 + 1 + 1 == version number header + salt length + nn len */
- bufitem->size = dbkey->salt.len + nnlen + dbkey->derPK.len + 1 + 1 + 1;
-
- bufitem->data = (void *)PORT_ZAlloc(bufitem->size);
- if ( bufitem->data == NULL ) {
- goto loser;
- }
-
- buf = (unsigned char *)bufitem->data;
-
- /* set version number */
- buf[0] = version;
-
- /* set length of salt */
- PORT_Assert(dbkey->salt.len < 256);
- buf[1] = dbkey->salt.len;
-
- /* set length of nickname */
- PORT_Assert(nnlen < 256);
- buf[2] = nnlen;
-
- /* copy salt */
- PORT_Memcpy(&buf[3], dbkey->salt.data, dbkey->salt.len);
-
- /* copy nickname */
- PORT_Memcpy(&buf[3 + dbkey->salt.len], nn, nnlen);
-
- /* copy encrypted key */
- PORT_Memcpy(&buf[3 + dbkey->salt.len + nnlen], dbkey->derPK.data,
- dbkey->derPK.len);
-
- return(bufitem);
-
-loser:
- if ( bufitem ) {
- free_dbt(bufitem);
- }
-
- return(NULL);
-}
-
-static NSSLOWKEYDBKey *
-decode_dbkey(DBT *bufitem, int expectedVersion)
-{
- NSSLOWKEYDBKey *dbkey;
- PLArenaPool *arena = NULL;
- unsigned char *buf;
- int version;
- int keyoff;
- int nnlen;
- int saltoff;
-
- buf = (unsigned char *)bufitem->data;
-
- version = buf[0];
-
- if ( version != expectedVersion ) {
- goto loser;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
- if ( dbkey == NULL ) {
- goto loser;
- }
-
- dbkey->arena = arena;
- dbkey->salt.data = NULL;
- dbkey->derPK.data = NULL;
-
- dbkey->salt.len = buf[1];
- dbkey->salt.data = (unsigned char *)PORT_ArenaZAlloc(arena, dbkey->salt.len);
- if ( dbkey->salt.data == NULL ) {
- goto loser;
- }
-
- saltoff = 2;
- keyoff = 2 + dbkey->salt.len;
-
- if ( expectedVersion >= 3 ) {
- nnlen = buf[2];
- if ( nnlen ) {
- dbkey->nickname = (char *)PORT_ArenaZAlloc(arena, nnlen + 1);
- if ( dbkey->nickname ) {
- PORT_Memcpy(dbkey->nickname, &buf[keyoff+1], nnlen);
- }
- }
- keyoff += ( nnlen + 1 );
- saltoff = 3;
- }
-
- PORT_Memcpy(dbkey->salt.data, &buf[saltoff], dbkey->salt.len);
-
- dbkey->derPK.len = bufitem->size - keyoff;
- dbkey->derPK.data = (unsigned char *)PORT_ArenaZAlloc(arena,dbkey->derPK.len);
- if ( dbkey->derPK.data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(dbkey->derPK.data, &buf[keyoff], dbkey->derPK.len);
-
- return(dbkey);
-
-loser:
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-static NSSLOWKEYDBKey *
-get_dbkey(NSSLOWKEYDBHandle *handle, DBT *index)
-{
- NSSLOWKEYDBKey *dbkey;
- DBT entry;
- int ret;
-
- /* get it from the database */
- ret = (* handle->db->get)(handle->db, index, &entry, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
-
- /* set up dbkey struct */
-
- dbkey = decode_dbkey(&entry, handle->version);
-
- return(dbkey);
-}
-
-static SECStatus
-put_dbkey(NSSLOWKEYDBHandle *handle, DBT *index, NSSLOWKEYDBKey *dbkey, PRBool update)
-{
- DBT *keydata = NULL;
- int status;
-
- keydata = encode_dbkey(dbkey, handle->version);
- if ( keydata == NULL ) {
- goto loser;
- }
-
- /* put it in the database */
- if ( update ) {
- status = (* handle->db->put)(handle->db, index, keydata, 0);
- } else {
- status = (* handle->db->put)(handle->db, index, keydata,
- R_NOOVERWRITE);
- }
-
- if ( status ) {
- goto loser;
- }
-
- /* sync the database */
- status = (* handle->db->sync)(handle->db, 0);
- if ( status ) {
- goto loser;
- }
-
- free_dbt(keydata);
- return(SECSuccess);
-
-loser:
- if ( keydata ) {
- free_dbt(keydata);
- }
-
- return(SECFailure);
-}
-
-SECStatus
-nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle,
- SECStatus (* keyfunc)(DBT *k, DBT *d, void *pdata),
- void *udata )
-{
- DBT data;
- DBT key;
- SECStatus status;
- int ret;
-
- if (handle == NULL) {
- return(SECFailure);
- }
-
- ret = (* handle->db->seq)(handle->db, &key, &data, R_FIRST);
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- /* skip version record */
- if ( data.size > 1 ) {
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
-
- /* skip password check */
- if ( key.size == KEYDB_PW_CHECK_LEN ) {
- if ( PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
- KEYDB_PW_CHECK_LEN) == 0 ) {
- continue;
- }
- }
-
- status = (* keyfunc)(&key, &data, udata);
- if (status != SECSuccess) {
- return(status);
- }
- }
- } while ( (* handle->db->seq)(handle->db, &key, &data, R_NEXT) == 0 );
-
- return(SECSuccess);
-}
-
-typedef struct keyNode {
- struct keyNode *next;
- DBT key;
-} keyNode;
-
-typedef struct {
- PLArenaPool *arena;
- keyNode *head;
-} keyList;
-
-static SECStatus
-sec_add_key_to_list(DBT *key, DBT *data, void *arg)
-{
- keyList *keylist;
- keyNode *node;
- void *keydata;
-
- keylist = (keyList *)arg;
-
- /* allocate the node struct */
- node = (keyNode*)PORT_ArenaZAlloc(keylist->arena, sizeof(keyNode));
- if ( node == NULL ) {
- return(SECFailure);
- }
-
- /* allocate room for key data */
- keydata = PORT_ArenaZAlloc(keylist->arena, key->size);
- if ( keydata == NULL ) {
- return(SECFailure);
- }
-
- /* link node into list */
- node->next = keylist->head;
- keylist->head = node;
-
- /* copy key into node */
- PORT_Memcpy(keydata, key->data, key->size);
- node->key.size = key->size;
- node->key.data = keydata;
-
- return(SECSuccess);
-}
-
-static SECItem *
-decodeKeyDBGlobalSalt(DBT *saltData)
-{
- SECItem *saltitem;
-
- saltitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if ( saltitem == NULL ) {
- return(NULL);
- }
-
- saltitem->data = (unsigned char *)PORT_ZAlloc(saltData->size);
- if ( saltitem->data == NULL ) {
- PORT_Free(saltitem);
- return(NULL);
- }
-
- saltitem->len = saltData->size;
- PORT_Memcpy(saltitem->data, saltData->data, saltitem->len);
-
- return(saltitem);
-}
-
-static SECItem *
-GetKeyDBGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
- DBT saltKey;
- DBT saltData;
- int ret;
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- ret = (* handle->db->get)(handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- return(NULL);
- }
-
- return(decodeKeyDBGlobalSalt(&saltData));
-}
-
-static SECStatus
-StoreKeyDBGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
- DBT saltKey;
- DBT saltData;
- int status;
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- saltData.data = (void *)handle->global_salt->data;
- saltData.size = handle->global_salt->len;
-
- /* put global salt into the database now */
- status = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( status ) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-static SECStatus
-makeGlobalVersion(NSSLOWKEYDBHandle *handle)
-{
- unsigned char version;
- DBT versionData;
- DBT versionKey;
- int status;
-
- version = NSSLOWKEY_DB_FILE_VERSION;
- versionData.data = &version;
- versionData.size = 1;
- versionKey.data = VERSION_STRING;
- versionKey.size = sizeof(VERSION_STRING)-1;
-
- /* put version string into the database now */
- status = (* handle->db->put)(handle->db, &versionKey, &versionData, 0);
- if ( status ) {
- return(SECFailure);
- }
- handle->version = version;
-
- return(SECSuccess);
-}
-
-
-static SECStatus
-makeGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
- DBT saltKey;
- DBT saltData;
- unsigned char saltbuf[16];
- int status;
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- saltData.data = (void *)saltbuf;
- saltData.size = sizeof(saltbuf);
- RNG_GenerateGlobalRandomBytes(saltbuf, sizeof(saltbuf));
-
- /* put global salt into the database now */
- status = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( status ) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-static SECStatus
-ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem,
- SECOidTag new_algorithm);
-/*
- * Second pass of updating the key db. This time we have a password.
- */
-static SECStatus
-nsslowkey_UpdateKeyDBPass2(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- SECStatus rv;
-
- rv = ChangeKeyDBPasswordAlg(handle, pwitem, pwitem,
- nsslowkey_GetDefaultKeyDBAlg());
-
- return(rv);
-}
-
-static SECStatus
-encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
- SECItem *encCheck);
-
-static unsigned char
-nsslowkey_version(DB *db)
-{
- DBT versionKey;
- DBT versionData;
- int ret;
- versionKey.data = VERSION_STRING;
- versionKey.size = sizeof(VERSION_STRING)-1;
-
- /* lookup version string in database */
- ret = (* db->get)( db, &versionKey, &versionData, 0 );
-
- /* error accessing the database */
- if ( ret < 0 ) {
- return 255;
- }
-
- if ( ret >= 1 ) {
- return 0;
- }
- return *( (unsigned char *)versionData.data);
-}
-
-static PRBool
-seckey_HasAServerKey(DB *db)
-{
- DBT key;
- DBT data;
- int ret;
- PRBool found = PR_FALSE;
-
- ret = (* db->seq)(db, &key, &data, R_FIRST);
- if ( ret ) {
- return PR_FALSE;
- }
-
- do {
- /* skip version record */
- if ( data.size > 1 ) {
- /* skip salt */
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
- /* skip pw check entry */
- if ( key.size == KEYDB_PW_CHECK_LEN ) {
- if ( PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
- KEYDB_PW_CHECK_LEN) == 0 ) {
- continue;
- }
- }
-
- /* keys stored by nickname will have 0 as the last byte of the
- * db key. Other keys must be stored by modulus. We will not
- * update those because they are left over from a keygen that
- * never resulted in a cert.
- */
- if ( ((unsigned char *)key.data)[key.size-1] != 0 ) {
- continue;
- }
-
- if (PORT_Strcmp(key.data,"Server-Key") == 0) {
- found = PR_TRUE;
- break;
- }
-
- }
- } while ( (* db->seq)(db, &key, &data, R_NEXT) == 0 );
-
- return found;
-}
-/*
- * currently updates key database from v2 to v3
- */
-static SECStatus
-nsslowkey_UpdateKeyDBPass1(NSSLOWKEYDBHandle *handle)
-{
- SECStatus rv;
- DBT checkKey;
- DBT checkData;
- DBT saltKey;
- DBT saltData;
- DBT key;
- DBT data;
- unsigned char version;
- SECItem *rc4key = NULL;
- NSSLOWKEYDBKey *dbkey = NULL;
- SECItem *oldSalt = NULL;
- int ret;
- SECItem checkitem;
-
- if ( handle->updatedb == NULL ) {
- return(SECSuccess);
- }
-
- /*
- * check the version record
- */
- version = nsslowkey_version(handle->updatedb);
- if (version != 2) {
- goto done;
- }
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- ret = (* handle->updatedb->get)(handle->updatedb, &saltKey, &saltData, 0);
- if ( ret ) {
- /* no salt in old db, so it is corrupted */
- goto done;
- }
-
- oldSalt = decodeKeyDBGlobalSalt(&saltData);
- if ( oldSalt == NULL ) {
- /* bad salt in old db, so it is corrupted */
- goto done;
- }
-
- /*
- * look for a pw check entry
- */
- checkKey.data = KEYDB_PW_CHECK_STRING;
- checkKey.size = KEYDB_PW_CHECK_LEN;
-
- ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
- &checkData, 0 );
- if (ret) {
- /*
- * if we have a key, but no KEYDB_PW_CHECK_STRING, then this must
- * be an old server database, and it does have a password associated
- * with it. Put a fake entry in so we can identify this db when we do
- * get the password for it.
- */
- if (seckey_HasAServerKey(handle->updatedb)) {
- DBT fcheckKey;
- DBT fcheckData;
-
- /*
- * include a fake string
- */
- fcheckKey.data = KEYDB_FAKE_PW_CHECK_STRING;
- fcheckKey.size = KEYDB_FAKE_PW_CHECK_LEN;
- fcheckData.data = "1";
- fcheckData.size = 1;
- /* put global salt into the new database now */
- ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- goto done;
- }
- ret = (* handle->db->put)( handle->db, &fcheckKey, &fcheckData, 0);
- if ( ret ) {
- goto done;
- }
- } else {
- goto done;
- }
- } else {
- /* put global salt into the new database now */
- ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- goto done;
- }
-
- dbkey = decode_dbkey(&checkData, 2);
- if ( dbkey == NULL ) {
- goto done;
- }
- checkitem = dbkey->derPK;
- dbkey->derPK.data = NULL;
-
- /* format the new pw check entry */
- rv = encodePWCheckEntry(NULL, &dbkey->derPK, SEC_OID_RC4, &checkitem);
- if ( rv != SECSuccess ) {
- goto done;
- }
-
- rv = put_dbkey(handle, &checkKey, dbkey, PR_TRUE);
- if ( rv != SECSuccess ) {
- goto done;
- }
-
- /* free the dbkey */
- sec_destroy_dbkey(dbkey);
- dbkey = NULL;
- }
-
-
- /* now traverse the database */
- ret = (* handle->updatedb->seq)(handle->updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- goto done;
- }
-
- do {
- /* skip version record */
- if ( data.size > 1 ) {
- /* skip salt */
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
- /* skip pw check entry */
- if ( key.size == checkKey.size ) {
- if ( PORT_Memcmp(key.data, checkKey.data, key.size) == 0 ) {
- continue;
- }
- }
-
- /* keys stored by nickname will have 0 as the last byte of the
- * db key. Other keys must be stored by modulus. We will not
- * update those because they are left over from a keygen that
- * never resulted in a cert.
- */
- if ( ((unsigned char *)key.data)[key.size-1] != 0 ) {
- continue;
- }
-
- dbkey = decode_dbkey(&data, 2);
- if ( dbkey == NULL ) {
- continue;
- }
-
- /* This puts the key into the new database with the same
- * index (nickname) that it had before. The second pass
- * of the update will have the password. It will decrypt
- * and re-encrypt the entries using a new algorithm.
- */
- dbkey->nickname = (char *)key.data;
- rv = put_dbkey(handle, &key, dbkey, PR_FALSE);
- dbkey->nickname = NULL;
-
- sec_destroy_dbkey(dbkey);
- }
- } while ( (* handle->updatedb->seq)(handle->updatedb, &key, &data,
- R_NEXT) == 0 );
-
- dbkey = NULL;
-
-done:
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
-
- (* handle->updatedb->close)(handle->updatedb);
- handle->updatedb = NULL;
-
- if ( rc4key ) {
- SECITEM_FreeItem(rc4key, PR_TRUE);
- }
-
- if ( oldSalt ) {
- SECITEM_FreeItem(oldSalt, PR_TRUE);
- }
-
- if ( dbkey ) {
- sec_destroy_dbkey(dbkey);
- }
-
- return(SECSuccess);
-}
-
-static SECStatus
-openNewDB(const char *appName, const char *prefix, const char *dbname,
- NSSLOWKEYDBHandle *handle, NSSLOWKEYDBNameFunc namecb, void *cbarg)
-{
- SECStatus rv = SECFailure;
- int status = RDB_FAIL;
- char *updname = NULL;
- DB *updatedb = NULL;
- PRBool updated = PR_FALSE;
- int ret;
-
- if (appName) {
- handle->db = rdbopen( appName, prefix, "key", NO_CREATE, &status);
- } else {
- handle->db = dbopen( dbname, NO_CREATE, 0600, DB_HASH, 0 );
- }
- /* if create fails then we lose */
- if ( handle->db == NULL ) {
- return (status == RDB_RETRY) ? SECWouldBlock: SECFailure;
- }
-
- rv = db_BeginTransaction(handle->db);
- if (rv != SECSuccess) {
- db_InitComplete(handle->db);
- return rv;
- }
-
- /* force a transactional read, which will verify that one and only one
- * process attempts the update. */
- if (nsslowkey_version(handle->db) == NSSLOWKEY_DB_FILE_VERSION) {
- /* someone else has already updated the database for us */
- db_FinishTransaction(handle->db, PR_FALSE);
- db_InitComplete(handle->db);
- return SECSuccess;
- }
-
- /*
- * if we are creating a multiaccess database, see if there is a
- * local database we can update from.
- */
- if (appName) {
- updatedb = dbopen( dbname, NO_RDONLY, 0600, DB_HASH, 0 );
- if (updatedb) {
- handle->version = nsslowkey_version(updatedb);
- if (handle->version != NSSLOWKEY_DB_FILE_VERSION) {
- (updatedb->close)(updatedb);
- } else {
- db_Copy(handle->db, updatedb);
- (updatedb->close)(updatedb);
- db_FinishTransaction(handle->db,PR_FALSE);
- db_InitComplete(handle->db);
- return SECSuccess;
- }
- }
- }
-
- /* update the version number */
- rv = makeGlobalVersion(handle);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /*
- * try to update from v2 db
- */
- updname = (*namecb)(cbarg, 2);
- if ( updname != NULL ) {
- handle->updatedb = dbopen( updname, NO_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free( updname );
-
- if ( handle->updatedb ) {
- /*
- * Try to update the db using a null password. If the db
- * doesn't have a password, then this will work. If it does
- * have a password, then this will fail and we will do the
- * update later
- */
- rv = nsslowkey_UpdateKeyDBPass1(handle);
- if ( rv == SECSuccess ) {
- updated = PR_TRUE;
- }
- }
-
- }
-
- /* we are using the old salt if we updated from an old db */
- if ( ! updated ) {
- rv = makeGlobalSalt(handle);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
- if ( ret ) {
- rv = SECFailure;
- goto loser;
- }
- rv = SECSuccess;
-
-loser:
- db_FinishTransaction(handle->db, rv != SECSuccess);
- db_InitComplete(handle->db);
- return rv;
-}
-
-
-static DB *
-openOldDB(const char *appName, const char *prefix, const char *dbname,
- PRBool openflags, int *version) {
- DB *db = NULL;
-
- if (appName) {
- db = rdbopen( appName, prefix, "key", openflags, NULL);
- } else {
- db = dbopen( dbname, openflags, 0600, DB_HASH, 0 );
- }
-
- /* check for correct version number */
- if (db != NULL) {
- *version = nsslowkey_version(db);
- if (*version != NSSLOWKEY_DB_FILE_VERSION ) {
- /* bogus version number record, reset the database */
- (* db->close)( db );
- db = NULL;
- }
- }
- return db;
-}
-
-NSSLOWKEYDBHandle *
-nsslowkey_OpenKeyDB(PRBool readOnly, const char *appName, const char *prefix,
- NSSLOWKEYDBNameFunc namecb, void *cbarg)
-{
- NSSLOWKEYDBHandle *handle;
- SECStatus rv;
- int openflags;
- char *dbname = NULL;
-
- handle = (NSSLOWKEYDBHandle *)PORT_ZAlloc (sizeof(NSSLOWKEYDBHandle));
- if (handle == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- openflags = readOnly ? NO_RDONLY : NO_RDWR;
-
- dbname = (*namecb)(cbarg, NSSLOWKEY_DB_FILE_VERSION);
- if ( dbname == NULL ) {
- goto loser;
- }
-
- handle->appname = appName ? PORT_Strdup(appName) : NULL ;
- handle->dbname = (appName == NULL) ? PORT_Strdup(dbname) :
- (prefix ? PORT_Strdup(prefix) : NULL);
- handle->readOnly = readOnly;
-
-
- handle->db = openOldDB(appName, prefix, dbname, openflags,
- &handle->version);
- if (handle->version == 255) {
- goto loser;
- }
-
-
- /* if first open fails, try to create a new DB */
- if ( handle->db == NULL ) {
- if ( readOnly ) {
- goto loser;
- }
-
- rv = openNewDB(appName, prefix, dbname, handle, namecb, cbarg);
- /* two processes started to initialize the database at the same time.
- * The multiprocess code blocked the second one, then had it retry to
- * see if it can just open the database normally */
- if (rv == SECWouldBlock) {
- handle->db = openOldDB(appName,prefix,dbname,
- openflags, &handle->version);
- if (handle->db == NULL) {
- goto loser;
- }
- } else if (rv != SECSuccess) {
- goto loser;
- }
-
- }
-
- handle->global_salt = GetKeyDBGlobalSalt(handle);
- if ( dbname )
- PORT_Free( dbname );
- return handle;
-
-loser:
-
- if ( dbname )
- PORT_Free( dbname );
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
-
- if ( handle->db ) {
- (* handle->db->close)(handle->db);
- }
- if ( handle->updatedb ) {
- (* handle->updatedb->close)(handle->updatedb);
- }
- PORT_Free(handle);
- return NULL;
-}
-
-/*
- * Close the database
- */
-void
-nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle)
-{
- if (handle != NULL) {
- if (handle->db != NULL) {
- (* handle->db->close)(handle->db);
- }
- if (handle->dbname) PORT_Free(handle->dbname);
- if (handle->appname) PORT_Free(handle->appname);
- if (handle->global_salt) {
- SECITEM_FreeItem(handle->global_salt,PR_TRUE);
- }
-
- PORT_Free(handle);
- }
-}
-
-/* Get the key database version */
-int
-nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle)
-{
- PORT_Assert(handle != NULL);
-
- return handle->version;
-}
-
-/*
- * Delete a private key that was stored in the database
- */
-SECStatus
-nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, SECItem *pubkey)
-{
- DBT namekey;
- int ret;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- /* set up db key and data */
- namekey.data = pubkey->data;
- namekey.size = pubkey->len;
-
- /* delete it from the database */
- ret = (* handle->db->del)(handle->db, &namekey, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * Store a key in the database, indexed by its public key modulus.(value!)
- */
-SECStatus
-nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg)
-{
- return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData,
- nickname, arg, nsslowkey_GetDefaultKeyDBAlg(),PR_FALSE);
-}
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg)
-{
- return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData,
- nickname, arg, nsslowkey_GetDefaultKeyDBAlg(),PR_TRUE);
-}
-
-/* see if the symetric CKA_ID already Exists.
- */
-PRBool
-nsslowkey_KeyForIDExists(NSSLOWKEYDBHandle *handle, SECItem *id)
-{
- DBT namekey;
- DBT dummy;
- int status;
-
- namekey.data = (char *)id->data;
- namekey.size = id->len;
- status = (* handle->db->get)(handle->db, &namekey, &dummy, 0);
- if ( status ) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/* see if the public key for this cert is in the database filed
- * by modulus
- */
-PRBool
-nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle, NSSLOWCERTCertificate *cert)
-{
- NSSLOWKEYPublicKey *pubkey = NULL;
- DBT namekey;
- DBT dummy;
- int status;
-
- /* get cert's public key */
- pubkey = nsslowcert_ExtractPublicKey(cert);
- if ( pubkey == NULL ) {
- return PR_FALSE;
- }
-
- /* TNH - make key from NSSLOWKEYPublicKey */
- switch (pubkey->keyType) {
- case NSSLOWKEYRSAKey:
- namekey.data = pubkey->u.rsa.modulus.data;
- namekey.size = pubkey->u.rsa.modulus.len;
- break;
- case NSSLOWKEYDSAKey:
- namekey.data = pubkey->u.dsa.publicValue.data;
- namekey.size = pubkey->u.dsa.publicValue.len;
- break;
- case NSSLOWKEYDHKey:
- namekey.data = pubkey->u.dh.publicValue.data;
- namekey.size = pubkey->u.dh.publicValue.len;
- break;
- default:
- /* XXX We don't do Fortezza or DH yet. */
- return PR_FALSE;
- }
-
- if (handle->version != 3) {
- unsigned char buf[SHA1_LENGTH];
- SHA1_HashBuf(buf,namekey.data,namekey.size);
- /* NOTE: don't use pubkey after this! it's now thrashed */
- PORT_Memcpy(namekey.data,buf,sizeof(buf));
- namekey.size = sizeof(buf);
- }
-
- status = (* handle->db->get)(handle->db, &namekey, &dummy, 0);
- /* some databases have the key stored as a signed value */
- if (status) {
- unsigned char *buf = (unsigned char *)PORT_Alloc(namekey.size+1);
- if (buf) {
- PORT_Memcpy(&buf[1], namekey.data, namekey.size);
- buf[0] = 0;
- namekey.data = buf;
- namekey.size ++;
- status = (* handle->db->get)(handle->db, &namekey, &dummy, 0);
- PORT_Free(buf);
- }
- }
- nsslowkey_DestroyPublicKey(pubkey);
- if ( status ) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/*
- * check to see if the user has a password
- */
-SECStatus
-nsslowkey_HasKeyDBPassword(NSSLOWKEYDBHandle *handle)
-{
- DBT checkkey, checkdata;
- int ret;
-
- if (handle == NULL) {
- return(SECFailure);
- }
-
- checkkey.data = KEYDB_PW_CHECK_STRING;
- checkkey.size = KEYDB_PW_CHECK_LEN;
-
- ret = (* handle->db->get)(handle->db, &checkkey, &checkdata, 0 );
- if ( ret ) {
- /* see if this was an updated DB first */
- checkkey.data = KEYDB_FAKE_PW_CHECK_STRING;
- checkkey.size = KEYDB_FAKE_PW_CHECK_LEN;
- ret = (* handle->db->get)(handle->db, &checkkey, &checkdata, 0 );
- if ( ret ) {
- return(SECFailure);
- }
- }
-
- return(SECSuccess);
-}
-
-/*
- * Set up the password checker in the key database.
- * This is done by encrypting a known plaintext with the user's key.
- */
-SECStatus
-nsslowkey_SetKeyDBPassword(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- return nsslowkey_SetKeyDBPasswordAlg(handle, pwitem,
- nsslowkey_GetDefaultKeyDBAlg());
-}
-
-static SECStatus
-HashPassword(unsigned char *hashresult, char *pw, SECItem *salt)
-{
- SHA1Context *cx;
- unsigned int outlen;
- cx = SHA1_NewContext();
- if ( cx == NULL ) {
- return(SECFailure);
- }
-
- SHA1_Begin(cx);
- if ( ( salt != NULL ) && ( salt->data != NULL ) ) {
- SHA1_Update(cx, salt->data, salt->len);
- }
-
- SHA1_Update(cx, (unsigned char *)pw, PORT_Strlen(pw));
- SHA1_End(cx, hashresult, &outlen, SHA1_LENGTH);
-
- SHA1_DestroyContext(cx, PR_TRUE);
-
- return(SECSuccess);
-}
-
-SECItem *
-nsslowkey_HashPassword(char *pw, SECItem *salt)
-{
- SECItem *pwitem;
- SECStatus rv;
-
- pwitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if ( pwitem == NULL ) {
- return(NULL);
- }
- pwitem->len = SHA1_LENGTH;
- pwitem->data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
- if ( pwitem->data == NULL ) {
- PORT_Free(pwitem);
- return(NULL);
- }
- if ( pw ) {
- rv = HashPassword(pwitem->data, pw, salt);
- if ( rv != SECSuccess ) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- return(NULL);
- }
- }
-
- return(pwitem);
-}
-
-/* Derive the actual password value for the database from a pw string */
-SECItem *
-nsslowkey_DeriveKeyDBPassword(NSSLOWKEYDBHandle *keydb, char *pw)
-{
- PORT_Assert(keydb != NULL);
- PORT_Assert(pw != NULL);
- if (keydb == NULL || pw == NULL) return(NULL);
-
- return nsslowkey_HashPassword(pw, keydb->global_salt);
-}
-
-#if 0
-/* Appears obsolete - TNH */
-/* get the algorithm with which a private key
- * is encrypted.
- */
-SECOidTag
-seckey_get_private_key_algorithm(NSSLOWKEYDBHandle *keydb, DBT *index)
-{
- NSSLOWKEYDBKey *dbkey = NULL;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
- NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
- PLArenaPool *poolp = NULL;
- SECStatus rv;
-
- poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(poolp == NULL)
- return (SECOidTag)SECFailure; /* TNH - this is bad */
-
- dbkey = get_dbkey(keydb, index);
- if(dbkey == NULL)
- return (SECOidTag)SECFailure;
-
- epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp,
- sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
- if(epki == NULL)
- goto loser;
- rv = SEC_ASN1DecodeItem(poolp, epki,
- nsslowkey_EncryptedPrivateKeyInfoTemplate, &dbkey->derPK);
- if(rv == SECFailure)
- goto loser;
-
- algorithm = SECOID_GetAlgorithmTag(&epki->algorithm);
-
- /* let success fall through */
-loser:
- if(poolp != NULL)
- PORT_FreeArena(poolp, PR_TRUE);\
- if(dbkey != NULL)
- sec_destroy_dbkey(dbkey);
-
- return algorithm;
-}
-#endif
-
-/*
- * Derive an RC4 key from a password key and a salt. This
- * was the method to used to encrypt keys in the version 2?
- * database
- */
-SECItem *
-seckey_create_rc4_key(SECItem *pwitem, SECItem *salt)
-{
- MD5Context *md5 = NULL;
- unsigned int part;
- SECStatus rv = SECFailure;
- SECItem *key = NULL;
-
- key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(key != NULL)
- {
- key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- MD5_LENGTH);
- key->len = MD5_LENGTH;
- if(key->data != NULL)
- {
- md5 = MD5_NewContext();
- if ( md5 != NULL )
- {
- MD5_Begin(md5);
- MD5_Update(md5, salt->data, salt->len);
- MD5_Update(md5, pwitem->data, pwitem->len);
- MD5_End(md5, key->data, &part, MD5_LENGTH);
- MD5_DestroyContext(md5, PR_TRUE);
- rv = SECSuccess;
- }
- }
-
- if(rv != SECSuccess)
- {
- SECITEM_FreeItem(key, PR_TRUE);
- key = NULL;
- }
- }
-
- return key;
-}
-
-SECItem *
-seckey_create_rc4_salt(void)
-{
- SECItem *salt = NULL;
- SECStatus rv = SECFailure;
-
- salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(salt == NULL)
- return NULL;
-
- salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- SALT_LENGTH);
- if(salt->data != NULL)
- {
- salt->len = SALT_LENGTH;
- RNG_GenerateGlobalRandomBytes(salt->data, salt->len);
- rv = SECSuccess;
- }
-
- if(rv == SECFailure)
- {
- SECITEM_FreeItem(salt, PR_TRUE);
- salt = NULL;
- }
-
- return salt;
-}
-
-SECItem *
-seckey_rc4_decode(SECItem *key, SECItem *src)
-{
- SECItem *dest = NULL;
- RC4Context *ctxt = NULL;
- SECStatus rv = SECFailure;
-
- if((key == NULL) || (src == NULL))
- return NULL;
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest == NULL)
- return NULL;
-
- dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- (src->len + 64)); /* TNH - padding? */
- if(dest->data != NULL)
- {
- ctxt = RC4_CreateContext(key->data, key->len);
- if(ctxt != NULL)
- {
- rv = RC4_Decrypt(ctxt, dest->data, &dest->len,
- src->len + 64, src->data, src->len);
- RC4_DestroyContext(ctxt, PR_TRUE);
- }
- }
-
- if(rv == SECFailure)
- if(dest != NULL)
- {
- SECITEM_FreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- return dest;
-}
-
-/* TNH - keydb is unused */
-/* TNH - the pwitem should be the derived key for RC4 */
-NSSLOWKEYEncryptedPrivateKeyInfo *
-seckey_encrypt_private_key(
- NSSLOWKEYPrivateKey *pk, SECItem *pwitem, NSSLOWKEYDBHandle *keydb,
- SECOidTag algorithm, SECItem **salt)
-{
- NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- SECStatus rv = SECFailure;
- PLArenaPool *temparena = NULL, *permarena = NULL;
- SECItem *der_item = NULL;
- NSSPKCS5PBEParameter *param = NULL;
- SECItem *dummy = NULL, *dest = NULL;
- SECAlgorithmID *algid;
-
- *salt = NULL;
- permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(permarena == NULL)
- return NULL;
-
- temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(temparena == NULL)
- goto loser;
-
- /* allocate structures */
- epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(permarena,
- sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
- pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
- der_item = (SECItem *)PORT_ArenaZAlloc(temparena, sizeof(SECItem));
- if((epki == NULL) || (pki == NULL) || (der_item == NULL))
- goto loser;
-
- epki->arena = permarena;
-
- /* setup private key info */
- dummy = SEC_ASN1EncodeInteger(temparena, &(pki->version),
- NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
- if(dummy == NULL)
- goto loser;
-
- /* Encode the key, and set the algorithm (with params) */
- switch (pk->keyType) {
- case NSSLOWKEYRSAKey:
- prepare_low_rsa_priv_key_for_asn1(pk);
- dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
- nsslowkey_RSAPrivateKeyTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
- SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
- if (rv == SECFailure) {
- goto loser;
- }
-
- break;
- case NSSLOWKEYDSAKey:
- prepare_low_dsa_priv_key_for_asn1(pk);
- dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
- nsslowkey_DSAPrivateKeyTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
- dummy = SEC_ASN1EncodeItem(temparena, NULL, &pk->u.dsa.params,
- nsslowkey_PQGParamsTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
- SEC_OID_ANSIX9_DSA_SIGNATURE, dummy);
- if (rv == SECFailure) {
- goto loser;
- }
-
- break;
- case NSSLOWKEYDHKey:
- prepare_low_dh_priv_key_for_asn1(pk);
- dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
- nsslowkey_DHPrivateKeyTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
- SEC_OID_X942_DIFFIE_HELMAN_KEY, dummy);
- if (rv == SECFailure) {
- goto loser;
- }
- break;
- default:
- /* We don't support DH or Fortezza private keys yet */
- PORT_Assert(PR_FALSE);
- break;
- }
-
- /* setup encrypted private key info */
- dummy = SEC_ASN1EncodeItem(temparena, der_item, pki,
- nsslowkey_PrivateKeyInfoTemplate);
- if(dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECFailure; /* assume failure */
- *salt = seckey_create_rc4_salt();
- if (*salt == NULL) {
- goto loser;
- }
-
- param = nsspkcs5_NewParam(algorithm,*salt,1);
- if (param == NULL) {
- goto loser;
- }
-
- dest = nsspkcs5_CipherData(param, pwitem, der_item, PR_TRUE, NULL);
- if (dest == NULL) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(permarena, &epki->encryptedData, dest);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- algid = nsspkcs5_CreateAlgorithmID(permarena, algorithm, param);
- if (algid == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_CopyAlgorithmID(permarena, &epki->algorithm, algid);
- SECOID_DestroyAlgorithmID(algid, PR_TRUE);
-
-loser:
- if(dest != NULL)
- SECITEM_FreeItem(dest, PR_TRUE);
-
- if(param != NULL)
- nsspkcs5_DestroyPBEParameter(param);
-
- /* let success fall through */
-
- if(rv == SECFailure)
- {
- PORT_FreeArena(permarena, PR_TRUE);
- epki = NULL;
- if(*salt != NULL)
- SECITEM_FreeItem(*salt, PR_TRUE);
- }
-
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
-
- return epki;
-}
-
-static SECStatus
-seckey_put_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, SECItem *pwitem,
- NSSLOWKEYPrivateKey *pk, char *nickname, PRBool update,
- SECOidTag algorithm)
-{
- NSSLOWKEYDBKey *dbkey = NULL;
- NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
- PLArenaPool *temparena = NULL, *permarena = NULL;
- SECItem *dummy = NULL;
- SECItem *salt = NULL;
- SECStatus rv = SECFailure;
-
- if((keydb == NULL) || (index == NULL) || (pwitem == NULL) ||
- (pk == NULL))
- return SECFailure;
-
- permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(permarena == NULL)
- return SECFailure;
-
- dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(permarena, sizeof(NSSLOWKEYDBKey));
- if(dbkey == NULL)
- goto loser;
- dbkey->arena = permarena;
- dbkey->nickname = nickname;
-
- /* TNH - for RC4, the salt should be created here */
-
- epki = seckey_encrypt_private_key(pk, pwitem, keydb, algorithm, &salt);
- if(epki == NULL)
- goto loser;
- temparena = epki->arena;
-
- if(salt != NULL)
- {
- rv = SECITEM_CopyItem(permarena, &(dbkey->salt), salt);
- SECITEM_ZfreeItem(salt, PR_TRUE);
- }
-
- dummy = SEC_ASN1EncodeItem(permarena, &(dbkey->derPK), epki,
- nsslowkey_EncryptedPrivateKeyInfoTemplate);
- if(dummy == NULL)
- rv = SECFailure;
- else
- rv = put_dbkey(keydb, index, dbkey, update);
-
- /* let success fall through */
-loser:
- if(rv != SECSuccess)
- if(permarena != NULL)
- PORT_FreeArena(permarena, PR_TRUE);
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
-
- return rv;
-}
-
-/*
- * Store a key in the database, indexed by its public key modulus.
- * Note that the nickname is optional. It was only used by keyutil.
- */
-SECStatus
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *pwitem,
- SECOidTag algorithm,
- PRBool update)
-{
- DBT namekey;
- SECStatus rv;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- /* set up db key and data */
- namekey.data = pubKeyData->data;
- namekey.size = pubKeyData->len;
-
- /* encrypt the private key */
- rv = seckey_put_private_key(handle, &namekey, pwitem, privkey, nickname,
- update, algorithm);
-
- return(rv);
-}
-
-NSSLOWKEYPrivateKey *
-seckey_decrypt_private_key(NSSLOWKEYEncryptedPrivateKeyInfo *epki,
- SECItem *pwitem)
-{
- NSSLOWKEYPrivateKey *pk = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- SECStatus rv = SECFailure;
- SECOidTag algorithm;
- PLArenaPool *temparena = NULL, *permarena = NULL;
- SECItem *salt = NULL, *dest = NULL, *key = NULL;
- NSSPKCS5PBEParameter *param;
-
- if((epki == NULL) || (pwitem == NULL))
- goto loser;
-
- temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if((temparena == NULL) || (permarena == NULL))
- goto loser;
-
- /* allocate temporary items */
- pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
-
- /* allocate permanent arena items */
- pk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(permarena,
- sizeof(NSSLOWKEYPrivateKey));
-
- if((pk == NULL) || (pki == NULL))
- goto loser;
-
- pk->arena = permarena;
-
- algorithm = SECOID_GetAlgorithmTag(&(epki->algorithm));
- switch(algorithm)
- {
- case SEC_OID_RC4:
- salt = SECITEM_DupItem(&epki->algorithm.parameters);
- if(salt != NULL)
- {
- key = seckey_create_rc4_key(pwitem, salt);
- if(key != NULL)
- {
- dest = seckey_rc4_decode(key, &epki->encryptedData);
- }
- }
- if(salt != NULL)
- SECITEM_ZfreeItem(salt, PR_TRUE);
- if(key != NULL)
- SECITEM_ZfreeItem(key, PR_TRUE);
- break;
- default:
- /* we depend on the fact that if this key was encoded with
- * DES, that the pw was also encoded with DES, so we don't have
- * to do the update here, the password code will handle it. */
- param = nsspkcs5_AlgidToParam(&epki->algorithm);
- if (param == NULL) {
- break;
- }
- dest = nsspkcs5_CipherData(param, pwitem, &epki->encryptedData,
- PR_FALSE, NULL);
- nsspkcs5_DestroyPBEParameter(param);
- break;
- }
-
- if(dest != NULL)
- {
- rv = SEC_ASN1DecodeItem(temparena, pki,
- nsslowkey_PrivateKeyInfoTemplate, dest);
- if(rv == SECSuccess)
- {
- switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- pk->keyType = NSSLOWKEYRSAKey;
- prepare_low_rsa_priv_key_for_asn1(pk);
- rv = SEC_ASN1DecodeItem(permarena, pk,
- nsslowkey_RSAPrivateKeyTemplate,
- &pki->privateKey);
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- pk->keyType = NSSLOWKEYDSAKey;
- prepare_low_dsa_priv_key_for_asn1(pk);
- rv = SEC_ASN1DecodeItem(permarena, pk,
- nsslowkey_DSAPrivateKeyTemplate,
- &pki->privateKey);
- if (rv != SECSuccess)
- goto loser;
- prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
- rv = SEC_ASN1DecodeItem(permarena, &pk->u.dsa.params,
- nsslowkey_PQGParamsTemplate,
- &pki->algorithm.parameters);
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- pk->keyType = NSSLOWKEYDHKey;
- prepare_low_dh_priv_key_for_asn1(pk);
- rv = SEC_ASN1DecodeItem(permarena, pk,
- nsslowkey_DHPrivateKeyTemplate,
- &pki->privateKey);
- break;
- default:
- rv = SECFailure;
- break;
- }
- }
- else if(PORT_GetError() == SEC_ERROR_BAD_DER)
- {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- goto loser;
- }
- }
-
- /* let success fall through */
-loser:
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
- if(dest != NULL)
- SECITEM_ZfreeItem(dest, PR_TRUE);
-
- if(rv != SECSuccess)
- {
- if(permarena != NULL)
- PORT_FreeArena(permarena, PR_TRUE);
- pk = NULL;
- }
-
- return pk;
-}
-
-static NSSLOWKEYPrivateKey *
-seckey_decode_encrypted_private_key(NSSLOWKEYDBKey *dbkey, SECItem *pwitem)
-{
- NSSLOWKEYPrivateKey *pk = NULL;
- NSSLOWKEYEncryptedPrivateKeyInfo *epki;
- PLArenaPool *temparena = NULL;
- SECStatus rv;
- SECOidTag algorithm;
-
- if( ( dbkey == NULL ) || ( pwitem == NULL ) ) {
- return NULL;
- }
-
- temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(temparena == NULL) {
- return NULL;
- }
-
- epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)
- PORT_ArenaZAlloc(temparena, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
-
- if(epki == NULL) {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(temparena, epki,
- nsslowkey_EncryptedPrivateKeyInfoTemplate,
- &(dbkey->derPK));
- if(rv != SECSuccess) {
- goto loser;
- }
-
- algorithm = SECOID_GetAlgorithmTag(&(epki->algorithm));
- switch(algorithm)
- {
- case SEC_OID_RC4:
- /* TNH - this code should derive the actual RC4 key from salt and
- pwitem */
- rv = SECITEM_CopyItem(temparena, &(epki->algorithm.parameters),
- &(dbkey->salt));
- break;
- default:
- break;
- }
-
- pk = seckey_decrypt_private_key(epki, pwitem);
-
- /* let success fall through */
-loser:
-
- PORT_FreeArena(temparena, PR_TRUE);
- return pk;
-}
-
-NSSLOWKEYPrivateKey *
-seckey_get_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, char **nickname,
- SECItem *pwitem)
-{
- NSSLOWKEYDBKey *dbkey = NULL;
- NSSLOWKEYPrivateKey *pk = NULL;
-
- if( ( keydb == NULL ) || ( index == NULL ) || ( pwitem == NULL ) ) {
- return NULL;
- }
-
- dbkey = get_dbkey(keydb, index);
- if(dbkey == NULL) {
- goto loser;
- }
-
- if ( nickname ) {
- if ( dbkey->nickname && ( dbkey->nickname[0] != 0 ) ) {
- *nickname = PORT_Strdup(dbkey->nickname);
- } else {
- *nickname = NULL;
- }
- }
-
- pk = seckey_decode_encrypted_private_key(dbkey, pwitem);
-
- /* let success fall through */
-loser:
-
- if ( dbkey != NULL ) {
- sec_destroy_dbkey(dbkey);
- }
-
- return pk;
-}
-
-/*
- * used by pkcs11 to import keys into it's object format... In the future
- * we really need a better way to tie in...
- */
-NSSLOWKEYPrivateKey *
-nsslowkey_DecryptKey(DBT *key, SECItem *pwitem,
- NSSLOWKEYDBHandle *handle) {
- return seckey_get_private_key(handle,key,NULL,pwitem);
-}
-
-/*
- * Find a key in the database, indexed by its public key modulus
- * This is used to find keys that have been stored before their
- * certificate arrives. Once the certificate arrives the key
- * is looked up by the public modulus in the certificate, and the
- * re-stored by its nickname.
- */
-NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
- SECItem *pwitem)
-{
- DBT namekey;
- NSSLOWKEYPrivateKey *pk = NULL;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
-
- /* set up db key */
- namekey.data = modulus->data;
- namekey.size = modulus->len;
-
- pk = seckey_get_private_key(handle, &namekey, NULL, pwitem);
-
- /* no need to free dbkey, since its on the stack, and the data it
- * points to is owned by the database
- */
- return(pk);
-}
-
-char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
- SECItem *modulus, SECItem *pwitem)
-{
- DBT namekey;
- NSSLOWKEYPrivateKey *pk = NULL;
- char *nickname = NULL;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
-
- /* set up db key */
- namekey.data = modulus->data;
- namekey.size = modulus->len;
-
- pk = seckey_get_private_key(handle, &namekey, &nickname, pwitem);
- if (pk) {
- nsslowkey_DestroyPrivateKey(pk);
- }
-
- /* no need to free dbkey, since its on the stack, and the data it
- * points to is owned by the database
- */
- return(nickname);
-}
-/* ===== ENCODING ROUTINES ===== */
-
-static SECStatus
-encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
- SECItem *encCheck)
-{
- SECOidData *oidData;
- SECStatus rv;
-
- oidData = SECOID_FindOIDByTag(alg);
- if ( oidData == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- entry->len = 1 + oidData->oid.len + encCheck->len;
- if ( arena ) {
- entry->data = (unsigned char *)PORT_ArenaAlloc(arena, entry->len);
- } else {
- entry->data = (unsigned char *)PORT_Alloc(entry->len);
- }
-
- if ( entry->data == NULL ) {
- goto loser;
- }
-
- /* first length of oid */
- entry->data[0] = (unsigned char)oidData->oid.len;
- /* next oid itself */
- PORT_Memcpy(&entry->data[1], oidData->oid.data, oidData->oid.len);
- /* finally the encrypted check string */
- PORT_Memcpy(&entry->data[1+oidData->oid.len], encCheck->data,
- encCheck->len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Set up the password checker in the key database.
- * This is done by encrypting a known plaintext with the user's key.
- */
-SECStatus
-nsslowkey_SetKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem, SECOidTag algorithm)
-{
- DBT checkkey;
- NSSPKCS5PBEParameter *param = NULL;
- SECStatus rv = SECFailure;
- NSSLOWKEYDBKey *dbkey = NULL;
- PLArenaPool *arena;
- SECItem *salt = NULL;
- SECItem *dest = NULL, test_key;
-
- if (handle == NULL) {
- return(SECFailure);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
- if ( dbkey == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- dbkey->arena = arena;
-
- /* encrypt key */
- checkkey.data = test_key.data = (unsigned char *)KEYDB_PW_CHECK_STRING;
- checkkey.size = test_key.len = KEYDB_PW_CHECK_LEN;
-
- salt = seckey_create_rc4_salt();
- if(salt == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- param = nsspkcs5_NewParam(algorithm, salt, 1);
- if (param == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- dest = nsspkcs5_CipherData(param, pwitem, &test_key, PR_TRUE, NULL);
- if (dest == NULL)
- {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &dbkey->salt, salt);
- if (rv == SECFailure) {
- goto loser;
- }
-
- rv = encodePWCheckEntry(arena, &dbkey->derPK, algorithm, dest);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = put_dbkey(handle, &checkkey, dbkey, PR_TRUE);
-
- /* let success fall through */
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- if ( dest != NULL ) {
- SECITEM_ZfreeItem(dest, PR_TRUE);
- }
-
- if ( salt != NULL ) {
- SECITEM_ZfreeItem(salt, PR_TRUE);
- }
-
- if (param != NULL) {
- nsspkcs5_DestroyPBEParameter(param);
- }
-
- return(rv);
-}
-
-static SECStatus
-seckey_CheckKeyDB1Password(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- SECStatus rv = SECFailure;
- keyList keylist;
- keyNode *node = NULL;
- NSSLOWKEYPrivateKey *privkey = NULL;
-
-
- /*
- * first find a key
- */
-
- /* traverse the database, collecting the keys of all records */
- keylist.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( keylist.arena == NULL )
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(SECFailure);
- }
- keylist.head = NULL;
-
- /* TNH - TraverseKeys should not be public, since it exposes
- the underlying DBT data type. */
- rv = nsslowkey_TraverseKeys(handle, sec_add_key_to_list, (void *)&keylist);
- if ( rv != SECSuccess )
- goto done;
-
- /* just get the first key from the list */
- node = keylist.head;
-
- /* no private keys, accept any password */
- if (node == NULL) {
- rv = SECSuccess;
- goto done;
- }
- privkey = seckey_get_private_key(handle, &node->key, NULL, pwitem);
- if (privkey == NULL) {
- rv = SECFailure;
- goto done;
- }
-
- /* if we can decrypt the private key, then we had the correct password */
- rv = SECSuccess;
- nsslowkey_DestroyPrivateKey(privkey);
-
-done:
-
- /* free the arena */
- if ( keylist.arena ) {
- PORT_FreeArena(keylist.arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-/*
- * check to see if the user has typed the right password
- */
-SECStatus
-nsslowkey_CheckKeyDBPassword(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- DBT checkkey;
- DBT checkdata;
- NSSPKCS5PBEParameter *param = NULL;
- SECStatus rv = SECFailure;
- NSSLOWKEYDBKey *dbkey = NULL;
- SECItem *key = NULL;
- SECItem *dest = NULL;
- SECOidTag algorithm;
- SECItem oid;
- SECItem encstring;
- PRBool update = PR_FALSE;
- int ret;
-
- if (handle == NULL) {
- goto loser;
- }
-
- checkkey.data = KEYDB_PW_CHECK_STRING;
- checkkey.size = KEYDB_PW_CHECK_LEN;
-
- dbkey = get_dbkey(handle, &checkkey);
-
- if ( dbkey == NULL ) {
- checkkey.data = KEYDB_FAKE_PW_CHECK_STRING;
- checkkey.size = KEYDB_FAKE_PW_CHECK_LEN;
- ret = (* handle->db->get)(handle->db, &checkkey,
- &checkdata, 0 );
- if (ret) {
- goto loser;
- }
- /* if we have the fake PW_CHECK, then try to decode the key
- * rather than the pwcheck item.
- */
- rv = seckey_CheckKeyDB1Password(handle,pwitem);
- if (rv == SECSuccess) {
- /* OK we have enough to complete our conversion */
- nsslowkey_UpdateKeyDBPass2(handle,pwitem);
- }
- return rv;
- }
-
- /* build the oid item */
- oid.len = dbkey->derPK.data[0];
- oid.data = &dbkey->derPK.data[1];
-
- /* make sure entry is the correct length
- * since we are probably using a block cipher, the block will be
- * padded, so we may get a bit more than the exact size we need.
- */
- if ( dbkey->derPK.len < (KEYDB_PW_CHECK_LEN + 1 + oid.len ) ) {
- goto loser;
- }
-
- /* find the algorithm tag */
- algorithm = SECOID_FindOIDTag(&oid);
-
- /* make a secitem of the encrypted check string */
- encstring.len = dbkey->derPK.len - ( oid.len + 1 );
- encstring.data = &dbkey->derPK.data[oid.len+1];
- encstring.type = 0;
-
- switch(algorithm)
- {
- case SEC_OID_RC4:
- key = seckey_create_rc4_key(pwitem, &dbkey->salt);
- if(key != NULL) {
- dest = seckey_rc4_decode(key, &encstring);
- SECITEM_FreeItem(key, PR_TRUE);
- }
- break;
- default:
- param = nsspkcs5_NewParam(algorithm, &dbkey->salt, 1);
- if (param != NULL) {
- /* Decrypt - this function implements a workaround for
- * a previous coding error. It will decrypt values using
- * DES rather than 3DES, if the initial try at 3DES
- * decryption fails. In this case, the update flag is
- * set to TRUE. This indication is used later to force
- * an update of the database to "real" 3DES encryption.
- */
- dest = nsspkcs5_CipherData(param, pwitem,
- &encstring, PR_FALSE, &update);
- nsspkcs5_DestroyPBEParameter(param);
- }
- break;
- }
-
- if(dest == NULL) {
- goto loser;
- }
-
- if ((dest->len == KEYDB_PW_CHECK_LEN) &&
- (PORT_Memcmp(dest->data,
- KEYDB_PW_CHECK_STRING, KEYDB_PW_CHECK_LEN) == 0)) {
- rv = SECSuccess;
- /* we succeeded */
- if ( algorithm == SEC_OID_RC4 ) {
- /* partially updated database */
- nsslowkey_UpdateKeyDBPass2(handle, pwitem);
- }
- /* Force an update of the password to remove the incorrect DES
- * encryption (see the note above)
- */
- if (update &&
- (algorithm == SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC)) {
- /* data base was encoded with DES not triple des, fix it */
- nsslowkey_UpdateKeyDBPass2(handle,pwitem);
- }
- }
-
-loser:
- sec_destroy_dbkey(dbkey);
- if(dest != NULL) {
- SECITEM_ZfreeItem(dest, PR_TRUE);
- }
-
- return(rv);
-}
-
-/*
- * Change the database password and/or algorithm. This internal
- * routine does not check the old password. That must be done by
- * the caller.
- */
-static SECStatus
-ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem,
- SECOidTag new_algorithm)
-{
- SECStatus rv;
- keyList keylist;
- keyNode *node = NULL;
- NSSLOWKEYPrivateKey *privkey = NULL;
- char *nickname;
- DBT newkey;
- int ret;
-
- /* traverse the database, collecting the keys of all records */
- keylist.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( keylist.arena == NULL )
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(SECFailure);
- }
- keylist.head = NULL;
-
- rv = db_BeginTransaction(handle->db);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* TNH - TraverseKeys should not be public, since it exposes
- the underlying DBT data type. */
- rv = nsslowkey_TraverseKeys(handle, sec_add_key_to_list, (void *)&keylist);
- if ( rv != SECSuccess )
- goto loser;
-
- /* walk the list, re-encrypting each entry */
- node = keylist.head;
- while ( node != NULL )
- {
- privkey = seckey_get_private_key(handle, &node->key, &nickname,
- oldpwitem);
-
- if (privkey == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- /* delete the old record */
- ret = (* handle->db->del)(handle->db, &node->key, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- /* get the public key, which we use as the database index */
-
- switch (privkey->keyType) {
- case NSSLOWKEYRSAKey:
- newkey.data = privkey->u.rsa.modulus.data;
- newkey.size = privkey->u.rsa.modulus.len;
- break;
- case NSSLOWKEYDSAKey:
- newkey.data = privkey->u.dsa.publicValue.data;
- newkey.size = privkey->u.dsa.publicValue.len;
- break;
- case NSSLOWKEYDHKey:
- newkey.data = privkey->u.dh.publicValue.data;
- newkey.size = privkey->u.dh.publicValue.len;
- break;
- default:
- /* should we continue here and loose the key? */
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- rv = seckey_put_private_key(handle, &newkey, newpwitem, privkey,
- nickname, PR_TRUE, new_algorithm);
-
- if ( rv != SECSuccess )
- {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- /* next node */
- node = node->next;
- }
-
- rv = nsslowkey_SetKeyDBPasswordAlg(handle, newpwitem, new_algorithm);
-
-loser:
-
- db_FinishTransaction(handle->db,rv != SECSuccess);
-
- /* free the arena */
- if ( keylist.arena ) {
- PORT_FreeArena(keylist.arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-/*
- * Re-encrypt the entire key database with a new password.
- * NOTE: The really should create a new database rather than doing it
- * in place in the original
- */
-SECStatus
-nsslowkey_ChangeKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem)
-{
- SECStatus rv;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- rv = nsslowkey_CheckKeyDBPassword(handle, oldpwitem);
- if ( rv != SECSuccess ) {
- return(SECFailure); /* return rv? */
- }
-
- rv = ChangeKeyDBPasswordAlg(handle, oldpwitem, newpwitem,
- nsslowkey_GetDefaultKeyDBAlg());
-
-loser:
- return(rv);
-}
-
-
-#define MAX_DB_SIZE 0xffff
-/*
- * Clear out all the keys in the existing database
- */
-SECStatus
-nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle)
-{
- SECStatus rv;
- int ret;
- int errors = 0;
-
- if ( handle->db == NULL ) {
- return(SECSuccess);
- }
-
- if (handle->readOnly) {
- /* set an error code */
- return SECFailure;
- }
-
- if (handle->appname == NULL && handle->dbname == NULL) {
- return SECFailure;
- }
-
- (* handle->db->close)(handle->db);
- if (handle->appname) {
- handle->db=
- rdbopen(handle->appname, handle->dbname, "key", NO_CREATE, NULL);
- } else {
- handle->db = dbopen( handle->dbname, NO_CREATE, 0600, DB_HASH, 0 );
- }
- if (handle->db == NULL) {
- /* set an error code */
- return SECFailure;
- }
-
- rv = makeGlobalVersion(handle);
- if ( rv != SECSuccess ) {
- errors++;
- goto done;
- }
-
- if (handle->global_salt) {
- rv = StoreKeyDBGlobalSalt(handle);
- } else {
- rv = makeGlobalSalt(handle);
- if ( rv == SECSuccess ) {
- handle->global_salt = GetKeyDBGlobalSalt(handle);
- }
- }
- if ( rv != SECSuccess ) {
- errors++;
- }
-
-done:
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
- db_InitComplete(handle->db);
-
- return (errors == 0 ? SECSuccess : SECFailure);
-}
diff --git a/security/nss/lib/softoken/keydbi.h b/security/nss/lib/softoken/keydbi.h
deleted file mode 100644
index 583efcb8a..000000000
--- a/security/nss/lib/softoken/keydbi.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * private.h - Private data structures for the software token library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _KEYDBI_H_
-#define _KEYDBI_H_
-
-#include "nspr.h"
-#include "seccomon.h"
-#include "mcom_db.h"
-
-/*
- * Handle structure for open key databases
- */
-struct NSSLOWKEYDBHandleStr {
- DB *db;
- DB *updatedb; /* used when updating an old version */
- SECItem *global_salt; /* password hashing salt for this db */
- int version; /* version of the database */
- char *appname; /* multiaccess app name */
- char *dbname; /* name of the openned DB */
- PRBool readOnly; /* is the DB read only */
-};
-
-/*
-** Typedef for callback for traversing key database.
-** "key" is the key used to index the data in the database (nickname)
-** "data" is the key data
-** "pdata" is the user's data
-*/
-typedef SECStatus (* NSSLOWKEYTraverseKeysFunc)(DBT *key, DBT *data, void *pdata);
-
-
-SEC_BEGIN_PROTOS
-
-/*
-** Traverse the entire key database, and pass the nicknames and keys to a
-** user supplied function.
-** "f" is the user function to call for each key
-** "udata" is the user's data, which is passed through to "f"
-*/
-extern SECStatus nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYTraverseKeysFunc f,
- void *udata);
-
-SEC_END_PROTOS
-
-#endif /* _KEYDBI_H_ */
diff --git a/security/nss/lib/softoken/lowcert.c b/security/nss/lib/softoken/lowcert.c
deleted file mode 100644
index 2a55538e7..000000000
--- a/security/nss/lib/softoken/lowcert.c
+++ /dev/null
@@ -1,568 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate handling code
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secder.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "prtime.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secasn1.h"
-#include "secoid.h"
-
-static const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSubjectPublicKeyInfo) },
- { SEC_ASN1_INLINE, offsetof(NSSLOWCERTSubjectPublicKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(NSSLOWCERTSubjectPublicKeyInfo,subjectPublicKey), },
- { 0, }
-};
-
-static const SEC_ASN1Template nsslowcert_RSAPublicKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.modulus), },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.publicExponent), },
- { 0, }
-};
-static const SEC_ASN1Template nsslowcert_DSAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dsa.publicValue), },
- { 0, }
-};
-static const SEC_ASN1Template nsslowcert_DHPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dh.publicValue), },
- { 0, }
-};
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type. This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-static void
-prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
- pubk->u.rsa.modulus.type = siUnsignedInteger;
- pubk->u.rsa.publicExponent.type = siUnsignedInteger;
-}
-
-static void
-prepare_low_dsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
- pubk->u.dsa.publicValue.type = siUnsignedInteger;
- pubk->u.dsa.params.prime.type = siUnsignedInteger;
- pubk->u.dsa.params.subPrime.type = siUnsignedInteger;
- pubk->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-static void
-prepare_low_dh_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
- pubk->u.dh.prime.type = siUnsignedInteger;
- pubk->u.dh.base.type = siUnsignedInteger;
- pubk->u.dh.publicValue.type = siUnsignedInteger;
-}
-
-/*
- * Allow use of default cert database, so that apps(such as mozilla) don't
- * have to pass the handle all over the place.
- */
-static NSSLOWCERTCertDBHandle *default_pcert_db_handle = 0;
-
-void
-nsslowcert_SetDefaultCertDB(NSSLOWCERTCertDBHandle *handle)
-{
- default_pcert_db_handle = handle;
-
- return;
-}
-
-NSSLOWCERTCertDBHandle *
-nsslowcert_GetDefaultCertDB(void)
-{
- return(default_pcert_db_handle);
-}
-
-/*
- * simple cert decoder to avoid the cost of asn1 engine
- */
-static unsigned char *
-nsslowcert_dataStart(unsigned char *buf, unsigned int length,
- unsigned int *data_length, PRBool includeTag) {
- unsigned char tag;
- unsigned int used_length= 0;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return NULL;
- }
-
- *data_length = buf[used_length++];
-
- if (*data_length&0x80) {
- int len_count = *data_length & 0x7f;
-
- *data_length = 0;
-
- while (len_count-- > 0) {
- *data_length = (*data_length << 8) | buf[used_length++];
- }
- }
-
- if (*data_length > (length-used_length) ) {
- *data_length = length-used_length;
- return NULL;
- }
- if (includeTag) *data_length += used_length;
-
- return (buf + (includeTag ? 0 : used_length));
-}
-
-static int
-nsslowcert_GetValidityFields(unsigned char *buf,int buf_length,
- SECItem *notBefore, SECItem *notAfter)
-{
- notBefore->data = nsslowcert_dataStart(buf,buf_length,
- &notBefore->len,PR_FALSE);
- if (notBefore->data == NULL) return SECFailure;
- buf_length -= (notBefore->data-buf) + notBefore->len;
- buf = notBefore->data + notBefore->len;
- notAfter->data = nsslowcert_dataStart(buf,buf_length,
- &notAfter->len,PR_FALSE);
- if (notAfter->data == NULL) return SECFailure;
- return SECSuccess;
-}
-
-static int
-nsslowcert_GetCertFields(unsigned char *cert,int cert_length,
- SECItem *issuer, SECItem *serial, SECItem *derSN, SECItem *subject,
- SECItem *valid, SECItem *subjkey)
-{
- unsigned char *buf;
- unsigned int buf_length;
- unsigned char *dummy;
- unsigned int dummylen;
-
- /* get past the signature wrap */
- buf = nsslowcert_dataStart(cert,cert_length,&buf_length,PR_FALSE);
- if (buf == NULL) return SECFailure;
- /* get into the raw cert data */
- buf = nsslowcert_dataStart(buf,buf_length,&buf_length,PR_FALSE);
- if (buf == NULL) return SECFailure;
- /* skip past any optional version number */
- if ((buf[0] & 0xa0) == 0xa0) {
- dummy = nsslowcert_dataStart(buf,buf_length,&dummylen,PR_FALSE);
- if (dummy == NULL) return SECFailure;
- buf_length -= (dummy-buf) + dummylen;
- buf = dummy + dummylen;
- }
- /* serial number */
- if (derSN) {
- derSN->data=nsslowcert_dataStart(buf,buf_length,&derSN->len,PR_TRUE);
- }
- serial->data = nsslowcert_dataStart(buf,buf_length,&serial->len,PR_FALSE);
- if (serial->data == NULL) return SECFailure;
- buf_length -= (serial->data-buf) + serial->len;
- buf = serial->data + serial->len;
- /* skip the OID */
- dummy = nsslowcert_dataStart(buf,buf_length,&dummylen,PR_FALSE);
- if (dummy == NULL) return SECFailure;
- buf_length -= (dummy-buf) + dummylen;
- buf = dummy + dummylen;
- /* issuer */
- issuer->data = nsslowcert_dataStart(buf,buf_length,&issuer->len,PR_TRUE);
- if (issuer->data == NULL) return SECFailure;
- buf_length -= (issuer->data-buf) + issuer->len;
- buf = issuer->data + issuer->len;
-
- /* only wanted issuer/SN */
- if (valid == NULL) {
- return SECSuccess;
- }
- /* validity */
- valid->data = nsslowcert_dataStart(buf,buf_length,&valid->len,PR_FALSE);
- if (valid->data == NULL) return SECFailure;
- buf_length -= (valid->data-buf) + valid->len;
- buf = valid->data + valid->len;
- /*subject */
- subject->data=nsslowcert_dataStart(buf,buf_length,&subject->len,PR_TRUE);
- if (subject->data == NULL) return SECFailure;
- buf_length -= (subject->data-buf) + subject->len;
- buf = subject->data + subject->len;
- /* subject key info */
- subjkey->data=nsslowcert_dataStart(buf,buf_length,&subjkey->len,PR_TRUE);
- if (subjkey->data == NULL) return SECFailure;
- buf_length -= (subjkey->data-buf) + subjkey->len;
- buf = subjkey->data + subjkey->len;
- return SECSuccess;
-}
-
-SECStatus
-nsslowcert_GetCertTimes(NSSLOWCERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
- int rv;
- NSSLOWCERTValidity validity;
-
- rv = nsslowcert_GetValidityFields(c->validity.data,c->validity.len,
- &validity.notBefore,&validity.notAfter);
- if (rv != SECSuccess) {
- return rv;
- }
-
- /* convert DER not-before time */
- rv = DER_UTCTimeToTime(notBefore, &validity.notBefore);
- if (rv) {
- return(SECFailure);
- }
-
- /* convert DER not-after time */
- rv = DER_UTCTimeToTime(notAfter, &validity.notAfter);
- if (rv) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * is certa newer than certb? If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb)
-{
- PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
- SECStatus rv;
- PRBool newerbefore, newerafter;
-
- rv = nsslowcert_GetCertTimes(certa, &notBeforeA, &notAfterA);
- if ( rv != SECSuccess ) {
- return(PR_FALSE);
- }
-
- rv = nsslowcert_GetCertTimes(certb, &notBeforeB, &notAfterB);
- if ( rv != SECSuccess ) {
- return(PR_TRUE);
- }
-
- newerbefore = PR_FALSE;
- if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
- newerbefore = PR_TRUE;
- }
-
- newerafter = PR_FALSE;
- if ( LL_CMP(notAfterA, >, notAfterB) ) {
- newerafter = PR_TRUE;
- }
-
- if ( newerbefore && newerafter ) {
- return(PR_TRUE);
- }
-
- if ( ( !newerbefore ) && ( !newerafter ) ) {
- return(PR_FALSE);
- }
-
- /* get current UTC time */
- now = PR_Now();
-
- if ( newerbefore ) {
- /* cert A was issued after cert B, but expires sooner */
- /* if A is expired, then pick B */
- if ( LL_CMP(notAfterA, <, now ) ) {
- return(PR_FALSE);
- }
- return(PR_TRUE);
- } else {
- /* cert B was issued after cert A, but expires sooner */
- /* if B is expired, then pick A */
- if ( LL_CMP(notAfterB, <, now ) ) {
- return(PR_TRUE);
- }
- return(PR_FALSE);
- }
-}
-
-#define SOFT_DEFAULT_CHUNKSIZE 2048
-
-
-static SECStatus
-nsslowcert_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn,
- SECItem *key)
-{
- unsigned int len = sn->len + issuer->len;
-
-
- if (arena) {
- key->data = (unsigned char*)PORT_ArenaAlloc(arena, len);
- } else {
- if (len > key->len) {
- key->data = (unsigned char*)PORT_ArenaAlloc(arena, len);
- }
- }
- if ( !key->data ) {
- goto loser;
- }
-
- key->len = len;
- /* copy the serialNumber */
- PORT_Memcpy(key->data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate(SECItem *derSignedCert, char *nickname)
-{
- NSSLOWCERTCertificate *cert;
- int rv;
-
- /* allocate the certificate structure */
- cert = nsslowcert_CreateCert();
-
- if ( !cert ) {
- goto loser;
- }
-
- /* point to passed in DER data */
- cert->derCert = *derSignedCert;
- cert->nickname = NULL;
- cert->certKey.data = NULL;
- cert->referenceCount = 1;
-
- /* decode the certificate info */
- rv = nsslowcert_GetCertFields(cert->derCert.data, cert->derCert.len,
- &cert->derIssuer, &cert->serialNumber, &cert->derSN, &cert->derSubject,
- &cert->validity, &cert->derSubjKeyInfo);
-
- /* cert->subjectKeyID; x509v3 subject key identifier */
- cert->subjectKeyID.data = NULL;
- cert->subjectKeyID.len = 0;
- cert->dbEntry = NULL;
- cert ->trust = NULL;
-
- /* generate and save the database key for the cert */
- cert->certKey.data = cert->certKeySpace;
- cert->certKey.len = sizeof(cert->certKeySpace);
- rv = nsslowcert_KeyFromIssuerAndSN(NULL, &cert->derIssuer,
- &cert->serialNumber, &cert->certKey);
- if ( rv ) {
- goto loser;
- }
-
- /* set the nickname */
- if ( nickname == NULL ) {
- cert->nickname = NULL;
- } else {
- /* copy and install the nickname */
- cert->nickname = pkcs11_copyNickname(nickname,cert->nicknameSpace,
- sizeof(cert->nicknameSpace));
- }
-
-#ifdef FIXME
- /* initialize the subjectKeyID */
- rv = cert_GetKeyID(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* set the email address */
- cert->emailAddr = CERT_GetCertificateEmailAddress(cert);
-
-#endif
-
- cert->referenceCount = 1;
-
- return(cert);
-
-loser:
- if (cert) {
- nsslowcert_DestroyCertificate(cert);
- }
-
- return(0);
-}
-
-char *
-nsslowcert_FixupEmailAddr(char *emailAddr)
-{
- char *retaddr;
- char *str;
-
- if ( emailAddr == NULL ) {
- return(NULL);
- }
-
- /* copy the string */
- str = retaddr = PORT_Strdup(emailAddr);
- if ( str == NULL ) {
- return(NULL);
- }
-
- /* make it lower case */
- while ( *str ) {
- *str = tolower( *str );
- str++;
- }
-
- return(retaddr);
-}
-
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
- int rv;
- NSSLOWCERTCertKey certkey;
-
- PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));
-
- rv = nsslowcert_GetCertFields(derCert->data, derCert->len,
- &certkey.derIssuer, &certkey.serialNumber, NULL, NULL, NULL, NULL);
-
- if ( rv ) {
- goto loser;
- }
-
- return(nsslowcert_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
- &certkey.serialNumber, key));
-loser:
- return(SECFailure);
-}
-
-NSSLOWKEYPublicKey *
-nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert)
-{
- NSSLOWCERTSubjectPublicKeyInfo spki;
- NSSLOWKEYPublicKey *pubk;
- SECItem os;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag tag;
- SECItem newDerSubjKeyInfo;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- pubk = (NSSLOWKEYPublicKey *)
- PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- pubk->arena = arena;
- PORT_Memset(&spki,0,sizeof(spki));
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newDerSubjKeyInfo, &cert->derSubjKeyInfo);
- if ( rv != SECSuccess ) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- /* we haven't bothered decoding the spki struct yet, do it now */
- rv = SEC_QuickDERDecodeItem(arena, &spki,
- nsslowcert_SubjectPublicKeyInfoTemplate, &newDerSubjKeyInfo);
- if (rv != SECSuccess) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- /* Convert bit string length from bits to bytes */
- os = spki.subjectPublicKey;
- DER_ConvertBitString (&os);
-
- tag = SECOID_GetAlgorithmTag(&spki.algorithm);
- switch ( tag ) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- pubk->keyType = NSSLOWKEYRSAKey;
- prepare_low_rsa_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk,
- nsslowcert_RSAPublicKeyTemplate, &os);
- if (rv == SECSuccess)
- return pubk;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- pubk->keyType = NSSLOWKEYDSAKey;
- prepare_low_dsa_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk,
- nsslowcert_DSAPublicKeyTemplate, &os);
- if (rv == SECSuccess) return pubk;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- pubk->keyType = NSSLOWKEYDHKey;
- prepare_low_dh_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk,
- nsslowcert_DHPublicKeyTemplate, &os);
- if (rv == SECSuccess) return pubk;
- break;
- default:
- rv = SECFailure;
- break;
- }
-
- nsslowkey_DestroyPublicKey (pubk);
- return NULL;
-}
-
diff --git a/security/nss/lib/softoken/lowkey.c b/security/nss/lib/softoken/lowkey.c
deleted file mode 100644
index 1e3c6144b..000000000
--- a/security/nss/lib/softoken/lowkey.c
+++ /dev/null
@@ -1,378 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "lowkeyi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "pcert.h"
-#include "secerr.h"
-
-
-const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
- { SEC_ASN1_INTEGER, offsetof(PQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(PQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(PQGParams,base) },
- { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.version) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.modulus) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.publicExponent) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.privateExponent) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime1) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime2) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent1) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent2) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.coefficient) },
- { 0 }
-};
-
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.publicValue) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
- { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) },
- { 0, }
-};
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type. This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-void
-prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
- key->u.rsa.modulus.type = siUnsignedInteger;
- key->u.rsa.publicExponent.type = siUnsignedInteger;
- key->u.rsa.privateExponent.type = siUnsignedInteger;
- key->u.rsa.prime1.type = siUnsignedInteger;
- key->u.rsa.prime2.type = siUnsignedInteger;
- key->u.rsa.exponent1.type = siUnsignedInteger;
- key->u.rsa.exponent2.type = siUnsignedInteger;
- key->u.rsa.coefficient.type = siUnsignedInteger;
-}
-
-void
-prepare_low_pqg_params_for_asn1(PQGParams *params)
-{
- params->prime.type = siUnsignedInteger;
- params->subPrime.type = siUnsignedInteger;
- params->base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
- key->u.dsa.publicValue.type = siUnsignedInteger;
- key->u.dsa.privateValue.type = siUnsignedInteger;
- key->u.dsa.params.prime.type = siUnsignedInteger;
- key->u.dsa.params.subPrime.type = siUnsignedInteger;
- key->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key)
-{
- key->u.dsa.privateValue.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
- key->u.dh.prime.type = siUnsignedInteger;
- key->u.dh.base.type = siUnsignedInteger;
- key->u.dh.publicValue.type = siUnsignedInteger;
- key->u.dh.privateValue.type = siUnsignedInteger;
-}
-
-void
-nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
-{
- if (privk && privk->arena) {
- PORT_FreeArena(privk->arena, PR_TRUE);
- }
-}
-
-void
-nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
-{
- if (pubk && pubk->arena) {
- PORT_FreeArena(pubk->arena, PR_FALSE);
- }
-}
-unsigned
-nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
-{
- unsigned char b0;
-
- /* interpret modulus length as key strength... in
- * fortezza that's the public key length */
-
- switch (pubk->keyType) {
- case NSSLOWKEYRSAKey:
- b0 = pubk->u.rsa.modulus.data[0];
- return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
- default:
- break;
- }
- return 0;
-}
-
-unsigned
-nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk)
-{
-
- unsigned char b0;
-
- switch (privk->keyType) {
- case NSSLOWKEYRSAKey:
- b0 = privk->u.rsa.modulus.data[0];
- return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1;
- default:
- break;
- }
- return 0;
-}
-
-NSSLOWKEYPublicKey *
-nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
-{
- NSSLOWKEYPublicKey *pubk;
- PLArenaPool *arena;
-
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- switch(privk->keyType) {
- case NSSLOWKEYRSAKey:
- case NSSLOWKEYNullKey:
- pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof (NSSLOWKEYPublicKey));
- if (pubk != NULL) {
- SECStatus rv;
-
- pubk->arena = arena;
- pubk->keyType = privk->keyType;
- if (privk->keyType == NSSLOWKEYNullKey) return pubk;
- rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
- &privk->u.rsa.modulus);
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent,
- &privk->u.rsa.publicExponent);
- if (rv == SECSuccess)
- return pubk;
- }
- nsslowkey_DestroyPublicKey (pubk);
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
- break;
- case NSSLOWKEYDSAKey:
- pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPublicKey));
- if (pubk != NULL) {
- SECStatus rv;
-
- pubk->arena = arena;
- pubk->keyType = privk->keyType;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
- &privk->u.dsa.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &privk->u.dsa.params.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &privk->u.dsa.params.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &privk->u.dsa.params.base);
- if (rv == SECSuccess) return pubk;
- }
- break;
- case NSSLOWKEYDHKey:
- pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPublicKey));
- if (pubk != NULL) {
- SECStatus rv;
-
- pubk->arena = arena;
- pubk->keyType = privk->keyType;
- rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
- &privk->u.dh.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
- &privk->u.dh.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
- &privk->u.dh.base);
- if (rv == SECSuccess) return pubk;
- }
- break;
- /* No Fortezza in Low Key implementations (Fortezza keys aren't
- * stored in our data base */
- default:
- break;
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey)
-{
- NSSLOWKEYPrivateKey *returnKey = NULL;
- SECStatus rv = SECFailure;
- PLArenaPool *poolp;
-
- if(!privKey) {
- return NULL;
- }
-
- poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(!poolp) {
- return NULL;
- }
-
- returnKey = (NSSLOWKEYPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPrivateKey));
- if(!returnKey) {
- rv = SECFailure;
- goto loser;
- }
-
- returnKey->keyType = privKey->keyType;
- returnKey->arena = poolp;
-
- switch(privKey->keyType) {
- case NSSLOWKEYRSAKey:
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus),
- &(privKey->u.rsa.modulus));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version),
- &(privKey->u.rsa.version));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent),
- &(privKey->u.rsa.publicExponent));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent),
- &(privKey->u.rsa.privateExponent));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1),
- &(privKey->u.rsa.prime1));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2),
- &(privKey->u.rsa.prime2));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1),
- &(privKey->u.rsa.exponent1));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2),
- &(privKey->u.rsa.exponent2));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient),
- &(privKey->u.rsa.coefficient));
- if(rv != SECSuccess) break;
- break;
- case NSSLOWKEYDSAKey:
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue),
- &(privKey->u.dsa.publicValue));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue),
- &(privKey->u.dsa.privateValue));
- if(rv != SECSuccess) break;
- returnKey->u.dsa.params.arena = poolp;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime),
- &(privKey->u.dsa.params.prime));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime),
- &(privKey->u.dsa.params.subPrime));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base),
- &(privKey->u.dsa.params.base));
- if(rv != SECSuccess) break;
- break;
- case NSSLOWKEYDHKey:
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue),
- &(privKey->u.dh.publicValue));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue),
- &(privKey->u.dh.privateValue));
- if(rv != SECSuccess) break;
- returnKey->u.dsa.params.arena = poolp;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime),
- &(privKey->u.dh.prime));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base),
- &(privKey->u.dh.base));
- if(rv != SECSuccess) break;
- break;
- default:
- rv = SECFailure;
- }
-
-loser:
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_TRUE);
- returnKey = NULL;
- }
-
- return returnKey;
-}
diff --git a/security/nss/lib/softoken/lowkeyi.h b/security/nss/lib/softoken/lowkeyi.h
deleted file mode 100644
index b03457a66..000000000
--- a/security/nss/lib/softoken/lowkeyi.h
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _LOWKEYI_H_
-#define _LOWKEYI_H_
-
-#include "prtypes.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "pcertt.h"
-#include "lowkeyti.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type. This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-extern void prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_pqg_params_for_asn1(PQGParams *params);
-extern void prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-
-typedef char * (* NSSLOWKEYDBNameFunc)(void *arg, int dbVersion);
-
-/*
-** Open a key database.
-*/
-extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
- const char *domain,
- const char *prefix,
- NSSLOWKEYDBNameFunc namecb,
- void *cbarg);
-
-
-/*
- * Clear out all the keys in the existing database
- */
-extern SECStatus nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
-** Close the specified key database.
-*/
-extern void nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
- * Get the version number of the database
- */
-extern int nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle);
-
-/*
-** Support a default key database.
-*/
-extern void nsslowkey_SetDefaultKeyDB(NSSLOWKEYDBHandle *handle);
-extern NSSLOWKEYDBHandle *nsslowkey_GetDefaultKeyDB(void);
-
-/* set the alg id of the key encryption algorithm */
-extern void nsslowkey_SetDefaultKeyDBAlg(SECOidTag alg);
-
-/*
- * given a password and salt, produce a hash of the password
- */
-extern SECItem *nsslowkey_HashPassword(char *pw, SECItem *salt);
-
-/*
- * Derive the actual password value for a key database from the
- * password string value. The derivation uses global salt value
- * stored in the key database.
- */
-extern SECItem *
-nsslowkey_DeriveKeyDBPassword(NSSLOWKEYDBHandle *handle, char *pw);
-
-/*
-** Delete a key from the database
-*/
-extern SECStatus nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle,
- SECItem *pubkey);
-
-/*
-** Store a key in the database, indexed by its public key modulus.
-** "pk" is the private key to store
-** "f" is a the callback function for getting the password
-** "arg" is the argument for the callback
-*/
-extern SECStatus nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *pk,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg);
-
-/* does the key for this cert exist in the database filed by modulus */
-extern PRBool nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle,
- NSSLOWCERTCertificate *cert);
-/* does a key with this ID already exist? */
-extern PRBool nsslowkey_KeyForIDExists(NSSLOWKEYDBHandle *handle, SECItem *id);
-
-
-extern SECStatus nsslowkey_HasKeyDBPassword(NSSLOWKEYDBHandle *handle);
-extern SECStatus nsslowkey_SetKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem);
-extern SECStatus nsslowkey_CheckKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem);
-extern SECStatus nsslowkey_ChangeKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem,
- SECItem *newpwitem);
-
-/*
-** Destroy a private key object.
-** "key" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
-
-/*
-** Destroy a public key object.
-** "key" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
-
-/*
-** Return the modulus length of "pubKey".
-*/
-extern unsigned int nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubKey);
-
-
-/*
-** Return the modulus length of "privKey".
-*/
-extern unsigned int nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privKey);
-
-
-/*
-** Convert a low private key "privateKey" into a public low key
-*/
-extern NSSLOWKEYPublicKey
- *nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
-
-/*
- * Set the Key Database password.
- * handle is a handle to the key database
- * pwitem is the new password
- * algorithm is the algorithm by which the key database
- * password is to be encrypted.
- * On failure, SECFailure is returned, otherwise SECSuccess is
- * returned.
- */
-extern SECStatus
-nsslowkey_SetKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem,
- SECOidTag algorithm);
-
-/* Check the key database password.
- * handle is a handle to the key database
- * pwitem is the suspect password
- * algorithm is the algorithm by which the key database
- * password is to be encrypted.
- * The password is checked against plaintext to see if it is the
- * actual password. If it is not, SECFailure is returned.
- */
-extern SECStatus
-nsslowkey_CheckKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem,
- SECOidTag algorithm);
-
-/* Change the key database password and/or algorithm by which
- * the password is stored with.
- * handle is a handle to the key database
- * old_pwitem is the current password
- * new_pwitem is the new password
- * old_algorithm is the algorithm by which the key database
- * password is currently encrypted.
- * new_algorithm is the algorithm with which the new password
- * is to be encrypted.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus
-nsslowkey_ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem,
- SECOidTag old_algorithm);
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg);
-
-/* Store key by modulus and specify an encryption algorithm to use.
- * handle is the pointer to the key database,
- * privkey is the private key to be stored,
- * f and arg are the function and arguments to the callback
- * to get a password,
- * algorithm is the algorithm which the privKey is to be stored.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg,
- SECOidTag algorithm,
- PRBool update);
-
-/* Find key by modulus. This function is the inverse of store key
- * by modulus. An attempt to locate the key with "modulus" is
- * performed. If the key is found, the private key is returned,
- * else NULL is returned.
- * modulus is the modulus to locate
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
- SECItem *arg);
-
-extern char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
- SECItem *modulus, SECItem *pwitem);
-
-
-/* Make a copy of a low private key in it's own arena.
- * a return of NULL indicates an error.
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey);
-
-
-SEC_END_PROTOS
-
-#endif /* _LOWKEYI_H_ */
diff --git a/security/nss/lib/softoken/lowkeyti.h b/security/nss/lib/softoken/lowkeyti.h
deleted file mode 100644
index 938686a06..000000000
--- a/security/nss/lib/softoken/lowkeyti.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _LOWKEYTI_H_
-#define _LOWKEYTI_H_ 1
-
-#include "blapit.h"
-#include "prtypes.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secasn1t.h"
-#include "secoidt.h"
-/*#include "secmodt.h"
-#include "pkcs11t.h" */
-
-
-/*
- * a key in/for the data base
- */
-struct NSSLOWKEYDBKeyStr {
- PLArenaPool *arena;
- int version;
- char *nickname;
- SECItem salt;
- SECItem derPK;
-};
-typedef struct NSSLOWKEYDBKeyStr NSSLOWKEYDBKey;
-
-typedef struct NSSLOWKEYDBHandleStr NSSLOWKEYDBHandle;
-
-#ifdef NSS_USE_KEY4_DB
-#define NSSLOWKEY_DB_FILE_VERSION 4
-#else
-#define NSSLOWKEY_DB_FILE_VERSION 3
-#endif
-
-#define NSSLOWKEY_VERSION 0 /* what we *create* */
-
-/*
-** Typedef for callback to get a password "key".
-*/
-extern const SEC_ASN1Template nsslowkey_PQGParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyExportTemplate[];
-
-extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
-
-/*
- * PKCS #8 attributes
- */
-struct NSSLOWKEYAttributeStr {
- SECItem attrType;
- SECItem *attrValue;
-};
-typedef struct NSSLOWKEYAttributeStr NSSLOWKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECItem version;
- SECAlgorithmID algorithm;
- SECItem privateKey;
- NSSLOWKEYAttribute **attributes;
-};
-typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
-#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYEncryptedPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem encryptedData;
-};
-typedef struct NSSLOWKEYEncryptedPrivateKeyInfoStr NSSLOWKEYEncryptedPrivateKeyInfo;
-
-
-typedef enum {
- NSSLOWKEYNullKey = 0,
- NSSLOWKEYRSAKey = 1,
- NSSLOWKEYDSAKey = 2,
- NSSLOWKEYDHKey = 4,
- NSSLOWKEYECKey = 5
-} NSSLOWKEYType;
-
-/*
-** An RSA public key object.
-*/
-struct NSSLOWKEYPublicKeyStr {
- PLArenaPool *arena;
- NSSLOWKEYType keyType ;
- union {
- RSAPublicKey rsa;
- DSAPublicKey dsa;
- DHPublicKey dh;
- ECPublicKey ec;
- } u;
-};
-typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct NSSLOWKEYPrivateKeyStr {
- PLArenaPool *arena;
- NSSLOWKEYType keyType;
- union {
- RSAPrivateKey rsa;
- DSAPrivateKey dsa;
- DHPrivateKey dh;
- ECPrivateKey ec;
- } u;
-};
-typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
-
-#endif /* _LOWKEYTI_H_ */
diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c
deleted file mode 100644
index be7e06e89..000000000
--- a/security/nss/lib/softoken/lowpbe.c
+++ /dev/null
@@ -1,1182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "hasht.h"
-#include "pkcs11t.h"
-#include "blapi.h"
-#include "hasht.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "lowpbe.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "softoken.h"
-#include "secerr.h"
-
-/* template for PKCS 5 PBE Parameter. This template has been expanded
- * based upon the additions in PKCS 12. This should eventually be moved
- * if RSA updates PKCS 5.
- */
-static const SEC_ASN1Template NSSPKCS5PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSPKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSPKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSPKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSPKCS5PKCS12V2PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSPKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING, offsetof(NSSPKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER, offsetof(NSSPKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-SECStatus
-nsspkcs5_HashBuf(const SECHashObject *hashObj, unsigned char *dest,
- unsigned char *src, int len)
-{
- void *ctx;
- unsigned int retLen;
-
- ctx = hashObj->create();
- if(ctx == NULL) {
- return SECFailure;
- }
- hashObj->begin(ctx);
- hashObj->update(ctx, src, len);
- hashObj->end(ctx, dest, &retLen, hashObj->length);
- hashObj->destroy(ctx, PR_TRUE);
- return SECSuccess;
-}
-
-/* generate bits using any hash
- */
-static SECItem *
-nsspkcs5_PBKDF1(const SECHashObject *hashObj, SECItem *salt, SECItem *pwd,
- int iter, PRBool faulty3DES)
-{
- SECItem *hash = NULL, *pre_hash = NULL;
- SECStatus rv = SECFailure;
-
- if((salt == NULL) || (pwd == NULL) || (iter < 0)) {
- return NULL;
- }
-
- hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- pre_hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-
- if((hash != NULL) && (pre_hash != NULL)) {
- int i, ph_len;
-
- ph_len = hashObj->length;
- if((salt->len + pwd->len) > hashObj->length) {
- ph_len = salt->len + pwd->len;
- }
-
- rv = SECFailure;
-
- /* allocate buffers */
- hash->len = hashObj->length;
- hash->data = (unsigned char *)PORT_ZAlloc(hash->len);
- pre_hash->data = (unsigned char *)PORT_ZAlloc(ph_len);
-
- /* in pbeSHA1TripleDESCBC there was an allocation error that made
- * it into the caller. We do not want to propagate those errors
- * further, so we are doing it correctly, but reading the old method.
- */
- if (faulty3DES) {
- pre_hash->len = ph_len;
- } else {
- pre_hash->len = salt->len + pwd->len;
- }
-
- /* preform hash */
- if ((hash->data != NULL) && (pre_hash->data != NULL)) {
- rv = SECSuccess;
- /* check for 0 length password */
- if(pwd->len > 0) {
- PORT_Memcpy(pre_hash->data, pwd->data, pwd->len);
- }
- if(salt->len > 0) {
- PORT_Memcpy((pre_hash->data+pwd->len), salt->data, salt->len);
- }
- for(i = 0; ((i < iter) && (rv == SECSuccess)); i++) {
- rv = nsspkcs5_HashBuf(hashObj, hash->data,
- pre_hash->data, pre_hash->len);
- if(rv != SECFailure) {
- pre_hash->len = hashObj->length;
- PORT_Memcpy(pre_hash->data, hash->data, hashObj->length);
- }
- }
- }
- }
-
- if(pre_hash != NULL) {
- SECITEM_FreeItem(pre_hash, PR_TRUE);
- }
-
- if((rv != SECSuccess) && (hash != NULL)) {
- SECITEM_FreeItem(hash, PR_TRUE);
- hash = NULL;
- }
-
- return hash;
-}
-
-/* this bit generation routine is described in PKCS 12 and the proposed
- * extensions to PKCS 5. an initial hash is generated following the
- * instructions laid out in PKCS 5. If the number of bits generated is
- * insufficient, then the method discussed in the proposed extensions to
- * PKCS 5 in PKCS 12 are used. This extension makes use of the HMAC
- * function. And the P_Hash function from the TLS standard.
- */
-static SECItem *
-nsspkcs5_PFXPBE(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param,
- SECItem *init_hash, unsigned int bytes_needed)
-{
- SECItem *ret_bits = NULL;
- int hash_size = 0;
- unsigned int i;
- unsigned int hash_iter;
- unsigned int dig_len;
- SECStatus rv = SECFailure;
- unsigned char *state = NULL;
- unsigned int state_len;
- HMACContext *cx = NULL;
-
- hash_size = hashObj->length;
- hash_iter = (bytes_needed + (unsigned int)hash_size - 1) / hash_size;
-
- /* allocate return buffer */
- ret_bits = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(ret_bits == NULL)
- return NULL;
- ret_bits->data = (unsigned char *)PORT_ZAlloc((hash_iter * hash_size) + 1);
- ret_bits->len = (hash_iter * hash_size);
- if(ret_bits->data == NULL) {
- PORT_Free(ret_bits);
- return NULL;
- }
-
- /* allocate intermediate hash buffer. 8 is for the 8 bytes of
- * data which are added based on iteration number
- */
-
- if ((unsigned int)hash_size > pbe_param->salt.len) {
- state_len = hash_size;
- } else {
- state_len = pbe_param->salt.len;
- }
- state = (unsigned char *)PORT_ZAlloc(state_len);
- if(state == NULL) {
- rv = SECFailure;
- goto loser;
- }
- if(pbe_param->salt.len > 0) {
- PORT_Memcpy(state, pbe_param->salt.data, pbe_param->salt.len);
- }
-
- cx = HMAC_Create(hashObj, init_hash->data, init_hash->len, PR_TRUE);
- if (cx == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- for(i = 0; i < hash_iter; i++) {
-
- /* generate output bits */
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- HMAC_Update(cx, pbe_param->salt.data, pbe_param->salt.len);
- rv = HMAC_Finish(cx, ret_bits->data + (i * hash_size),
- &dig_len, hash_size);
- if (rv != SECSuccess)
- goto loser;
- PORT_Assert((unsigned int)hash_size == dig_len);
-
- /* generate new state */
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- rv = HMAC_Finish(cx, state, &state_len, state_len);
- if (rv != SECSuccess)
- goto loser;
- PORT_Assert(state_len == dig_len);
- }
-
-loser:
- if (state != NULL)
- PORT_ZFree(state, state_len);
- HMAC_Destroy(cx);
-
- if(rv != SECSuccess) {
- SECITEM_ZfreeItem(ret_bits, PR_TRUE);
- ret_bits = NULL;
- }
-
- return ret_bits;
-}
-
-/* generate bits for the key and iv determination. if enough bits
- * are not generated using PKCS 5, then we need to generate more bits
- * based on the extension proposed in PKCS 12
- */
-static SECItem *
-nsspkcs5_PBKDF1Extended(const SECHashObject *hashObj,
- NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem, PRBool faulty3DES)
-{
- SECItem * hash = NULL;
- SECItem * newHash = NULL;
- int bytes_needed;
- int bytes_available;
-
- bytes_needed = pbe_param->ivLen + pbe_param->keyLen;
- bytes_available = hashObj->length;
-
- hash = nsspkcs5_PBKDF1(hashObj, &pbe_param->salt, pwitem,
- pbe_param->iter, faulty3DES);
-
- if(hash == NULL) {
- return NULL;
- }
-
- if(bytes_needed <= bytes_available) {
- return hash;
- }
-
- newHash = nsspkcs5_PFXPBE(hashObj, pbe_param, hash, bytes_needed);
- if (hash != newHash)
- SECITEM_FreeItem(hash, PR_TRUE);
- return newHash;
-}
-
-#ifdef PBKDF2
-
-/*
- * PBDKDF2 is PKCS #5 v2.0 it's currently not used by NSS
- */
-/*
- * We This is safe because hLen for all our
- * HMAC algorithms are multiples of 4.
- */
-static void
-xorbytes(unsigned char *dest, unsigned char *src, int len)
-{
-#ifdef PARANOIA
- while (len--) {
- *dest = *dest ^ *src;
- dest++;
- src++;
- }
-#else
- PRUInt32 dest32 = (PRUInt32 *)dest;
- PRUInt32 src32 = (PRUInt32 *)dest;
- while (len -= sizeof(PRUInt32)) {
- *dest32 = *dest32 ^ *src32;
- dest++;
- src++;
- }
-#endif
-}
-
-static SECStatus
-nsspkcs5_PBKFD2_F(const SECHashObject *hashobj, SECItem *pwitem, SECItem *salt,
- int iterations, unsigned int i, unsigned char *T)
-{
- int j;
- HMACContext *cx = NULL;
- unsigned int hLen = hashObject->length
- SECStatus rv = SECFailure;
- unsigned char *last = NULL;
- int lastLength = salt->len + 4;
-
- cx=HMAC_Create(hashobj,pwitem->data,pwitem->len,PR_TRUE);
- if (cx == NULL) {
- goto loser;
- }
- PORT_Memset(T,0,hLen);
- realLastLength= MAX(lastLength,hLen);
- last = PORT_Alloc(realLastLength);
- if (last == NULL) {
- goto loser;
- }
- PORT_Memcpy(last,salt.data,salt.len);
- last[salt->len ] = (i >> 24) & 0xff;
- last[salt->len+1] = (i >> 16) & 0xff;
- last[salt->len+2] = (i >> 8) & 0xff;
- last[salt->len+3] = i & 0xff;
-
- /* NOTE: we need at least one iteration to return success! */
- for (j=0; j < interations; j++) {
- rv =HMAC_Begin(cx);
- if (rv !=SECSuccess) {
- break;
- }
- HMAC_Update(cx,last,lastLength);
- rv =HMAC_Finish(cx,last,&lastLength,hLen);
- if (rv !=SECSuccess) {
- break;
- }
- do_xor(T,last,hLen);
- }
-loser:
- if (cx) {
- HMAC_DestroyContext(cx);
- }
- if (last) {
- PORT_ZFree(last,reaLastLength);
- }
- return rv;
-}
-
-static SECItem *
-nsspkcs5_PBKFD2(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param,
- SECItem *pwitem)
-{
- unsigned int dkLen = bytesNeeded;
- unsigned int hLen = hashObject->length
- unsigned int l = (dkLen+hLen-1) / hLen;
- unsigned char *rp;
- SECItem *result;
- SECItem *salt = pbe_param->salt;
- int interations = pbe_param->iter;
- int bytesNeeded = pbe_param->keyLen;
-
- result = SECITEM_AllocItem(NULL,NULL,l*hLen);
- if (result == NULL) {
- return NULL;
- }
-
- T = PORT_Alloc(hLen);
- if (T == NULL) {
- goto loser;
- }
-
- for (i=0,rp=results->data; i < l ; i++, rp +=hLen) {
- rv = nsspkcs5_PBKFD2_F(hashobj,pwitem,salt,iterations,i,T);
- if (rv != SECSuccess) {
- break;
- }
- PORT_Memcpy(rp,T,hLen);
- }
-
-loser:
- if (T) {
- PORT_ZFree(T);
- }
- if (rv != SECSuccess) {
- SECITEM_FreeITEM(result,PR_TRUE);
- result = NULL;
- } else {
- result->len = dkLen;
- }
-
- return result;
-}
-#endif
-
-#define HMAC_BUFFER 64
-#define NSSPBE_ROUNDUP(x,y) ((((x)+((y)-1))/(y))*(y))
-#define NSSPBE_MIN(x,y) ((x) < (y) ? (x) : (y))
-/*
- * This is the extended PBE function defined by the final PKCS #12 spec.
- */
-static SECItem *
-nsspkcs5_PKCS12PBE(const SECHashObject *hashObject,
- NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
- PBEBitGenID bitGenPurpose, unsigned int bytesNeeded)
-{
- PRArenaPool *arena = NULL;
- unsigned int SLen,PLen;
- unsigned int hashLength = hashObject->length;
- unsigned char *S, *P;
- SECItem *A = NULL, B, D, I;
- SECItem *salt = &pbe_param->salt;
- unsigned int c,i = 0;
- unsigned int hashLen;
- int iter;
- unsigned char *iterBuf;
- void *hash = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(!arena) {
- return NULL;
- }
-
- /* how many hash object lengths are needed */
- c = (bytesNeeded + (hashLength-1))/hashLength;
-
- /* initialize our buffers */
- D.len = HMAC_BUFFER;
- /* B and D are the same length, use one alloc go get both */
- D.data = (unsigned char*)PORT_ArenaZAlloc(arena, D.len*2);
- B.len = D.len;
- B.data = D.data + D.len;
-
- /* if all goes well, A will be returned, so don't use our temp arena */
- A = SECITEM_AllocItem(NULL,NULL,c*hashLength);
- if (A == NULL) {
- goto loser;
- }
-
- SLen = NSSPBE_ROUNDUP(salt->len,HMAC_BUFFER);
- PLen = NSSPBE_ROUNDUP(pwitem->len,HMAC_BUFFER);
- I.len = SLen+PLen;
- I.data = (unsigned char*)PORT_ArenaZAlloc(arena, I.len);
- if (I.data == NULL) {
- goto loser;
- }
-
- /* S & P are only used to initialize I */
- S = I.data;
- P = S + SLen;
-
- PORT_Memset(D.data, (char)bitGenPurpose, D.len);
- if (SLen) {
- for (i=0; i < SLen; i += salt->len) {
- PORT_Memcpy(S+i, salt->data, NSSPBE_MIN(SLen-i,salt->len));
- }
- }
- if (PLen) {
- for (i=0; i < PLen; i += pwitem->len) {
- PORT_Memcpy(P+i, pwitem->data, NSSPBE_MIN(PLen-i,pwitem->len));
- }
- }
-
- iterBuf = (unsigned char*)PORT_ArenaZAlloc(arena,hashLength);
- if (iterBuf == NULL) {
- goto loser;
- }
-
- hash = hashObject->create();
- if(!hash) {
- goto loser;
- }
- /* calculate the PBE now */
- for(i = 0; i < c; i++) {
- int Bidx; /* must be signed or the for loop won't terminate */
- unsigned int k, j;
- unsigned char *Ai = A->data+i*hashLength;
-
-
- for(iter = 0; iter < pbe_param->iter; iter++) {
- hashObject->begin(hash);
-
- if (iter) {
- hashObject->update(hash, iterBuf, hashLen);
- } else {
- hashObject->update(hash, D.data, D.len);
- hashObject->update(hash, I.data, I.len);
- }
-
- hashObject->end(hash, iterBuf, &hashLen, hashObject->length);
- if(hashLen != hashObject->length) {
- break;
- }
- }
-
- PORT_Memcpy(Ai, iterBuf, hashLength);
- for (Bidx = 0; Bidx < B.len; Bidx += hashLength) {
- PORT_Memcpy(B.data+Bidx,iterBuf,NSSPBE_MIN(B.len-Bidx,hashLength));
- }
-
- k = I.len/B.len;
- for(j = 0; j < k; j++) {
- unsigned int q, carryBit;
- unsigned char *Ij = I.data + j*B.len;
-
- /* (Ij = Ij+B+1) */
- for (Bidx = (B.len-1), q=1, carryBit=0; Bidx >= 0; Bidx--,q=0) {
- q += (unsigned int)Ij[Bidx];
- q += (unsigned int)B.data[Bidx];
- q += carryBit;
-
- carryBit = (q > 0xff);
- Ij[Bidx] = (unsigned char)(q & 0xff);
- }
- }
- }
-loser:
- if (hash) {
- hashObject->destroy(hash, PR_TRUE);
- }
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- /* if i != c, then we didn't complete the loop above and must of failed
- * somwhere along the way */
- if (i != c) {
- SECITEM_ZfreeItem(A,PR_TRUE);
- A = NULL;
- } else {
- A->len = bytesNeeded;
- }
-
- return A;
-}
-
-/*
- * generate key as per PKCS 5
- */
-SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
- SECItem *iv, PRBool faulty3DES)
-{
- SECItem *hash = NULL, *key = NULL;
- const SECHashObject *hashObj;
- PRBool getIV = PR_FALSE;
-
- if((pbe_param == NULL) || (pwitem == NULL)) {
- return NULL;
- }
-
- key = SECITEM_AllocItem(NULL,NULL,pbe_param->keyLen);
- if (key == NULL) {
- return NULL;
- }
-
- if ((pbe_param->ivLen) && (iv->data == NULL)) {
- getIV = PR_TRUE;
- iv->data = (unsigned char *)PORT_Alloc(pbe_param->ivLen);
- if (iv->data == NULL) {
- goto loser;
- }
- iv->len = pbe_param->ivLen;
- }
-
- hashObj = &SECRawHashObjects[pbe_param->hashType];
- switch (pbe_param->pbeType) {
- case NSSPKCS5_PBKDF1:
- hash = nsspkcs5_PBKDF1Extended(hashObj,pbe_param,pwitem,faulty3DES);
- if (hash == NULL) {
- goto loser;
- }
- PORT_Assert(hash->len >= key->len+iv->len);
- if (getIV) {
- PORT_Memcpy(iv->data, hash->data+(hash->len - iv->len),iv->len);
- }
- break;
-#ifdef PBKDF2
- case NSSPKCS5_PBKDF2:
- hash = nsspkcs5_PBKDF2(hashObj,pbe_param,pwitem);
- PORT_Assert(!getIV);
- break;
-#endif
- case NSSPKCS5_PKCS12_V2:
- if (getIV) {
- hash = nsspkcs5_PKCS12PBE(hashObj,pbe_param,pwitem,
- pbeBitGenCipherIV,iv->len);
- if (hash == NULL) {
- goto loser;
- }
- PORT_Memcpy(iv->data,hash->data,iv->len);
- SECITEM_ZfreeItem(hash,PR_TRUE);
- hash = NULL;
- }
- hash = nsspkcs5_PKCS12PBE(hashObj,pbe_param,pwitem,
- pbe_param->keyID,key->len);
- default:
- break;
- }
-
- if (hash == NULL) {
- goto loser;
- }
-
- if (pbe_param->is2KeyDES) {
- PORT_Memcpy(key->data, hash->data, (key->len * 2) / 3);
- PORT_Memcpy(&(key->data[(key->len * 2) / 3]), key->data,
- key->len / 3);
- } else {
- PORT_Memcpy(key->data, hash->data, key->len);
- }
-
- SECITEM_FreeItem(hash, PR_TRUE);
- return key;
-
-loser:
- if (getIV && iv->data) {
- PORT_ZFree(iv->data,iv->len);
- iv->data = NULL;
- }
-
- SECITEM_ZfreeItem(key, PR_TRUE);
- return NULL;
-}
-
-static SECStatus
-nsspkcs5_FillInParam(SECOidTag algorithm, NSSPKCS5PBEParameter *pbe_param)
-{
- PRBool skipType = PR_FALSE;
-
- pbe_param->keyLen = 5;
- pbe_param->ivLen = 8;
- pbe_param->hashType = HASH_AlgSHA1;
- pbe_param->pbeType = NSSPKCS5_PBKDF1;
- pbe_param->encAlg = SEC_OID_RC2_CBC;
- pbe_param->is2KeyDES = PR_FALSE;
- switch(algorithm) {
- /* DES3 Algorithms */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- pbe_param->is2KeyDES = PR_TRUE;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
- /* fall through */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
- pbe_param->keyLen = 24;
- pbe_param->encAlg = SEC_OID_DES_EDE3_CBC;
- break;
-
- /* DES Algorithms */
- case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
- pbe_param->hashType = HASH_AlgMD2;
- goto finish_des;
- case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
- pbe_param->hashType = HASH_AlgMD5;
- /* fall through */
- case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
-finish_des:
- pbe_param->keyLen = 8;
- pbe_param->encAlg = SEC_OID_DES_CBC;
- break;
-
- /* RC2 Algorithms */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- pbe_param->keyLen = 16;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
- break;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- pbe_param->keyLen = 16;
- /* fall through */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- break;
-
- /* RC4 algorithms */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
- skipType = PR_TRUE;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- pbe_param->keyLen = 16;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- if (!skipType) {
- pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
- }
- /* fall through */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
- pbe_param->ivLen = 0;
- pbe_param->encAlg = SEC_OID_RC4;
- break;
- default:
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* decode the algid and generate a PKCS 5 parameter from it
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator)
-{
- PRArenaPool *arena = NULL;
- NSSPKCS5PBEParameter *pbe_param = NULL;
- SECStatus rv = SECFailure;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL)
- return NULL;
-
- /* allocate memory for the parameter */
- pbe_param = (NSSPKCS5PBEParameter *)PORT_ArenaZAlloc(arena,
- sizeof(NSSPKCS5PBEParameter));
-
- if (pbe_param == NULL) {
- goto loser;
- }
-
- pbe_param->poolp = arena;
-
- rv = nsspkcs5_FillInParam(alg, pbe_param);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- pbe_param->iter = iterator;
- if (salt) {
- rv = SECITEM_CopyItem(arena,&pbe_param->salt,salt);
- }
-
- /* default key gen */
- pbe_param->keyID = pbeBitGenCipherKey;
-
-loser:
- if (rv != SECSuccess) {
- PORT_FreeArena(arena, PR_TRUE);
- pbe_param = NULL;
- }
-
- return pbe_param;
-}
-
-/* decode the algid and generate a PKCS 5 parameter from it
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid)
-{
- NSSPKCS5PBEParameter *pbe_param = NULL;
- SECOidTag algorithm;
- SECStatus rv = SECFailure;
-
- if (algid == NULL) {
- return NULL;
- }
-
- algorithm = SECOID_GetAlgorithmTag(algid);
- if (algorithm == SEC_OID_UNKNOWN) {
- goto loser;
- }
-
- pbe_param = nsspkcs5_NewParam(algorithm, NULL, 1);
- if (pbe_param == NULL) {
- goto loser;
- }
-
- /* decode parameter */
- rv = SECFailure;
- switch (pbe_param->pbeType) {
- case NSSPKCS5_PBKDF1:
- rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
- NSSPKCS5PBEParameterTemplate, &algid->parameters);
- break;
- case NSSPKCS5_PKCS12_V2:
- rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
- NSSPKCS5PKCS12V2PBEParameterTemplate, &algid->parameters);
- break;
- case NSSPKCS5_PBKDF2:
- break;
- }
-
-loser:
- if (rv == SECSuccess) {
- pbe_param->iter = DER_GetInteger(&pbe_param->iteration);
- } else {
- nsspkcs5_DestroyPBEParameter(pbe_param);
- pbe_param = NULL;
- }
-
- return pbe_param;
-}
-
-/* destroy a pbe parameter. it assumes that the parameter was
- * generated using the appropriate create function and therefor
- * contains an arena pool.
- */
-void
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *pbe_param)
-{
- if (pbe_param != NULL) {
- PORT_FreeArena(pbe_param->poolp, PR_TRUE);
- }
-}
-
-
-/* crypto routines */
-/* perform DES encryption and decryption. these routines are called
- * by nsspkcs5_CipherData. In the case of an error, NULL is returned.
- */
-static SECItem *
-sec_pkcs5_des(SECItem *key, SECItem *iv, SECItem *src, PRBool triple_des,
- PRBool encrypt)
-{
- SECItem *dest;
- SECItem *dup_src;
- SECStatus rv = SECFailure;
- int pad;
-
- if((src == NULL) || (key == NULL) || (iv == NULL))
- return NULL;
-
- dup_src = SECITEM_DupItem(src);
- if(dup_src == NULL) {
- return NULL;
- }
-
- if(encrypt != PR_FALSE) {
- void *dummy;
-
- dummy = DES_PadBuffer(NULL, dup_src->data,
- dup_src->len, &dup_src->len);
- if(dummy == NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- return NULL;
- }
- dup_src->data = (unsigned char*)dummy;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest != NULL) {
- /* allocate with over flow */
- dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
- if(dest->data != NULL) {
- DESContext *ctxt;
- ctxt = DES_CreateContext(key->data, iv->data,
- (triple_des ? NSS_DES_EDE3_CBC : NSS_DES_CBC),
- encrypt);
-
- if(ctxt != NULL) {
- rv = (encrypt ? DES_Encrypt : DES_Decrypt)(
- ctxt, dest->data, &dest->len,
- dup_src->len + 64, dup_src->data, dup_src->len);
-
- /* remove padding -- assumes 64 bit blocks */
- if((encrypt == PR_FALSE) && (rv == SECSuccess)) {
- pad = dest->data[dest->len-1];
- if((pad > 0) && (pad <= 8)) {
- if(dest->data[dest->len-pad] != pad) {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- } else {
- dest->len -= pad;
- }
- } else {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- }
- }
- DES_DestroyContext(ctxt, PR_TRUE);
- }
- }
- }
-
- if(rv == SECFailure) {
- if(dest != NULL) {
- SECITEM_FreeItem(dest, PR_TRUE);
- }
- dest = NULL;
- }
-
- if(dup_src != NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- }
-
- return dest;
-}
-
-/* perform rc2 encryption/decryption if an error occurs, NULL is returned
- */
-static SECItem *
-sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy,
- PRBool encrypt)
-{
- SECItem *dest;
- SECItem *dup_src;
- SECStatus rv = SECFailure;
- int pad;
-
- if((src == NULL) || (key == NULL) || (iv == NULL)) {
- return NULL;
- }
-
- dup_src = SECITEM_DupItem(src);
- if(dup_src == NULL) {
- return NULL;
- }
-
- if(encrypt != PR_FALSE) {
- void *dummy;
-
- dummy = DES_PadBuffer(NULL, dup_src->data,
- dup_src->len, &dup_src->len);
- if(dummy == NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- return NULL;
- }
- dup_src->data = (unsigned char*)dummy;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest != NULL) {
- dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
- if(dest->data != NULL) {
- RC2Context *ctxt;
-
- ctxt = RC2_CreateContext(key->data, key->len, iv->data,
- NSS_RC2_CBC, key->len);
-
- if(ctxt != NULL) {
- rv = (encrypt ? RC2_Encrypt: RC2_Decrypt)(
- ctxt, dest->data, &dest->len,
- dup_src->len + 64, dup_src->data, dup_src->len);
-
- /* assumes 8 byte blocks -- remove padding */
- if((rv == SECSuccess) && (encrypt != PR_TRUE)) {
- pad = dest->data[dest->len-1];
- if((pad > 0) && (pad <= 8)) {
- if(dest->data[dest->len-pad] != pad) {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECFailure;
- } else {
- dest->len -= pad;
- }
- } else {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECFailure;
- }
- }
-
- }
- }
- }
-
- if((rv != SECSuccess) && (dest != NULL)) {
- SECITEM_FreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- if(dup_src != NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- }
-
- return dest;
-}
-
-/* perform rc4 encryption and decryption */
-static SECItem *
-sec_pkcs5_rc4(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy_op,
- PRBool encrypt)
-{
- SECItem *dest;
- SECStatus rv = SECFailure;
-
- if((src == NULL) || (key == NULL) || (iv == NULL)) {
- return NULL;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest != NULL) {
- dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- (src->len + 64));
- if(dest->data != NULL) {
- RC4Context *ctxt;
-
- ctxt = RC4_CreateContext(key->data, key->len);
- if(ctxt) {
- rv = (encrypt ? RC4_Encrypt : RC4_Decrypt)(
- ctxt, dest->data, &dest->len,
- src->len + 64, src->data, src->len);
- RC4_DestroyContext(ctxt, PR_TRUE);
- }
- }
- }
-
- if((rv != SECSuccess) && (dest)) {
- SECITEM_FreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- return dest;
-}
-/* function pointer template for crypto functions */
-typedef SECItem *(* pkcs5_crypto_func)(SECItem *key, SECItem *iv,
- SECItem *src, PRBool op1, PRBool op2);
-
-/* performs the cipher operation on the src and returns the result.
- * if an error occurs, NULL is returned.
- *
- * a null length password is allowed. this corresponds to encrypting
- * the data with ust the salt.
- */
-/* change this to use PKCS 11? */
-SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
- SECItem *src, PRBool encrypt, PRBool *update)
-{
- SECItem *key = NULL, iv;
- SECItem *dest = NULL;
- PRBool tripleDES = PR_TRUE;
- pkcs5_crypto_func cryptof;
-
- iv.data = NULL;
-
- if (update) {
- *update = PR_FALSE;
- }
-
- if ((pwitem == NULL) || (src == NULL)) {
- return NULL;
- }
-
- /* get key, and iv */
- key = nsspkcs5_ComputeKeyAndIV(pbe_param, pwitem, &iv, PR_FALSE);
- if(key == NULL) {
- return NULL;
- }
-
- switch(pbe_param->encAlg) {
- case SEC_OID_DES_EDE3_CBC:
- cryptof = sec_pkcs5_des;
- tripleDES = PR_TRUE;
- break;
- case SEC_OID_DES_CBC:
- cryptof = sec_pkcs5_des;
- tripleDES = PR_FALSE;
- break;
- case SEC_OID_RC2_CBC:
- cryptof = sec_pkcs5_rc2;
- break;
- case SEC_OID_RC4:
- cryptof = sec_pkcs5_rc4;
- break;
- default:
- cryptof = NULL;
- break;
- }
-
- if (cryptof == NULL) {
- goto loser;
- }
-
- dest = (*cryptof)(key, &iv, src, tripleDES, encrypt);
- /*
- * it's possible for some keys and keydb's to claim to
- * be triple des when they're really des. In this case
- * we simply try des. If des works we set the update flag
- * so the key db knows it needs to update all it's entries.
- * The case can only happen on decrypted of a
- * SEC_OID_DES_EDE3_CBD.
- */
- if ((dest == NULL) && (encrypt == PR_FALSE) &&
- (pbe_param->encAlg == SEC_OID_DES_EDE3_CBC)) {
- dest = (*cryptof)(key, &iv, src, PR_FALSE, encrypt);
- if (update && (dest != NULL)) *update = PR_TRUE;
- }
-
-loser:
- if (key != NULL) {
- SECITEM_ZfreeItem(key, PR_TRUE);
- }
- if (iv.data != NULL) {
- SECITEM_ZfreeItem(&iv, PR_FALSE);
- }
-
- return dest;
-}
-
-/* creates a algorithm ID containing the PBE algorithm and appropriate
- * parameters. the required parameter is the algorithm. if salt is
- * not specified, it is generated randomly. if IV is specified, it overrides
- * the PKCS 5 generation of the IV.
- *
- * the returned SECAlgorithmID should be destroyed using
- * SECOID_DestroyAlgorithmID
- */
-SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm,
- NSSPKCS5PBEParameter *pbe_param)
-{
- SECAlgorithmID *algid, *ret_algid = NULL;
- SECItem der_param;
- SECStatus rv = SECFailure;
- void *dummy = NULL;
-
- if (arena == NULL) {
- return NULL;
- }
-
- der_param.data = NULL;
- der_param.len = 0;
-
- /* generate the algorithm id */
- algid = (SECAlgorithmID *)PORT_ArenaZAlloc(arena, sizeof(SECAlgorithmID));
- if (algid == NULL) {
- goto loser;
- }
-
- if (pbe_param->iteration.data == NULL) {
- dummy = SEC_ASN1EncodeInteger(pbe_param->poolp,&pbe_param->iteration,
- pbe_param->iter);
- if (dummy == NULL) {
- goto loser;
- }
- }
- switch (pbe_param->pbeType) {
- case NSSPKCS5_PBKDF1:
- dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
- NSSPKCS5PBEParameterTemplate);
- break;
- case NSSPKCS5_PKCS12_V2:
- dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
- NSSPKCS5PKCS12V2PBEParameterTemplate);
- break;
- default:
- break;
- }
-
- if (dummy == NULL) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, algid, algorithm, &der_param);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
- if (ret_algid == NULL) {
- goto loser;
- }
-
- rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
- if (rv != SECSuccess) {
- SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
- ret_algid = NULL;
- }
-
-loser:
-
- return ret_algid;
-}
diff --git a/security/nss/lib/softoken/lowpbe.h b/security/nss/lib/softoken/lowpbe.h
deleted file mode 100644
index 8ddee11a6..000000000
--- a/security/nss/lib/softoken/lowpbe.h
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECPKCS5_H_
-#define _SECPKCS5_H_
-
-#include "plarena.h"
-#include "secitem.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "hasht.h"
-
-typedef SECItem * (* SEC_PKCS5GetPBEPassword)(void *arg);
-
-/* used for V2 PKCS 12 Draft Spec */
-typedef enum {
- pbeBitGenIDNull = 0,
- pbeBitGenCipherKey = 0x01,
- pbeBitGenCipherIV = 0x02,
- pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef enum {
- NSSPKCS5_PBKDF1 = 0,
- NSSPKCS5_PBKDF2 = 1,
- NSSPKCS5_PKCS12_V2 = 2
-} NSSPKCS5PBEType;
-
-typedef struct NSSPKCS5PBEParameterStr NSSPKCS5PBEParameter;
-
-struct NSSPKCS5PBEParameterStr {
- PRArenaPool *poolp;
- SECItem salt; /* octet string */
- SECItem iteration; /* integer */
-
- /* used locally */
- int iter;
- int keyLen;
- int ivLen;
- HASH_HashType hashType;
- NSSPKCS5PBEType pbeType;
- PBEBitGenID keyID;
- SECOidTag encAlg;
- PRBool is2KeyDES;
-};
-
-
-SEC_BEGIN_PROTOS
-/* Create a PKCS5 Algorithm ID
- * The algorithm ID is set up using the PKCS #5 parameter structure
- * algorithm is the PBE algorithm ID for the desired algorithm
- * pbe is a pbe param block with all the info needed to create the
- * algorithm id.
- * If an error occurs or the algorithm specified is not supported
- * or is not a password based encryption algorithm, NULL is returned.
- * Otherwise, a pointer to the algorithm id is returned.
- */
-extern SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm,
- NSSPKCS5PBEParameter *pbe);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator);
-
-
-/* Encrypt/Decrypt data using password based encryption.
- * algid is the PBE algorithm identifier,
- * pwitem is the password,
- * src is the source for encryption/decryption,
- * encrypt is PR_TRUE for encryption, PR_FALSE for decryption.
- * The key and iv are generated based upon PKCS #5 then the src
- * is either encrypted or decrypted. If an error occurs, NULL
- * is returned, otherwise the ciphered contents is returned.
- */
-extern SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *, SECItem *pwitem,
- SECItem *src, PRBool encrypt, PRBool *update);
-
-extern SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *, SECItem *pwitem,
- SECItem *iv, PRBool faulty3DES);
-
-/* Destroys PBE parameter */
-extern void
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *param);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/softoken/manifest.mn b/security/nss/lib/softoken/manifest.mn
deleted file mode 100644
index baf114426..000000000
--- a/security/nss/lib/softoken/manifest.mn
+++ /dev/null
@@ -1,82 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-REQUIRES = dbm
-
-LIBRARY_NAME = softokn
-LIBRARY_VERSION = 3
-MAPFILE = $(OBJDIR)/softokn.def
-
-DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
-
-
-EXPORTS = \
- pkcs11.h \
- pkcs11f.h \
- pkcs11p.h \
- pkcs11t.h \
- pkcs11n.h \
- pkcs11u.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- alghmac.h \
- pk11pars.h \
- pkcs11i.h \
- $(NULL)
-
-CSRCS = \
- alghmac.c \
- dbinit.c \
- dbmshim.c \
- ecdecode.c \
- fipstest.c \
- fipstokn.c \
- keydb.c \
- lowcert.c \
- lowkey.c \
- lowpbe.c \
- padbuf.c \
- pcertdb.c \
- pk11db.c \
- pkcs11.c \
- pkcs11c.c \
- pkcs11u.c \
- rawhash.c \
- rsawrapr.c \
- softkver.c \
- tlsprf.c \
- $(NULL)
diff --git a/security/nss/lib/softoken/padbuf.c b/security/nss/lib/softoken/padbuf.c
deleted file mode 100644
index a4e28947a..000000000
--- a/security/nss/lib/softoken/padbuf.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "blapit.h"
-#include "secport.h"
-#include "secerr.h"
-
-/*
- * Prepare a buffer for DES encryption, growing to the appropriate boundary,
- * filling with the appropriate padding.
- *
- * NOTE: If arena is non-NULL, we re-allocate from there, otherwise
- * we assume (and use) XP memory (re)allocation.
- */
-unsigned char *
-DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, unsigned int inlen,
- unsigned int *outlen)
-{
- unsigned char *outbuf;
- unsigned int des_len;
- unsigned int i;
- unsigned char des_pad_len;
-
- /*
- * We need from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
- * The extra bytes contain the value of the length of the padding:
- * if we have 2 bytes of padding, then the padding is "0x02, 0x02".
- */
- des_len = (inlen + DES_KEY_LENGTH) & ~(DES_KEY_LENGTH - 1);
-
- if (arena != NULL) {
- outbuf = (unsigned char*)PORT_ArenaGrow (arena, inbuf, inlen, des_len);
- } else {
- outbuf = (unsigned char*)PORT_Realloc (inbuf, des_len);
- }
-
- if (outbuf == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- des_pad_len = des_len - inlen;
- for (i = inlen; i < des_len; i++)
- outbuf[i] = des_pad_len;
-
- *outlen = des_len;
- return outbuf;
-}
diff --git a/security/nss/lib/softoken/pcert.h b/security/nss/lib/softoken/pcert.h
deleted file mode 100644
index 9743a8619..000000000
--- a/security/nss/lib/softoken/pcert.h
+++ /dev/null
@@ -1,240 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PCERTDB_H_
-#define _PCERTDB_H_
-
-#include "plarena.h"
-#include "prlong.h"
-#include "pcertt.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Add a DER encoded certificate to the permanent database.
-** "derCert" is the DER encoded certificate.
-** "nickname" is the nickname to use for the cert
-** "trust" is the trust parameters for the cert
-*/
-SECStatus nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *handle,
- NSSLOWCERTCertificate *cert,
- char *nickname, NSSLOWCERTCertTrust *trust);
-SECStatus nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname);
-
-SECStatus nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert);
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(NSSLOWCERTCertificate *cert,
- SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-** "certfunc" is the user function to call for each certificate
-** "udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
- PermCertCallback certfunc,
- void *udata );
-
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle);
-
-certDBEntryRevocation *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle,
- SECItem *crlKey, PRBool isKRL);
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle,SECItem *derName,
- PRBool isKRL);
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl ,
- SECItem *derKey, char *url, PRBool isKRL);
-
-NSSLOWCERTCertDBHandle *nsslowcert_GetDefaultCertDB();
-NSSLOWKEYPublicKey *nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *);
-
-NSSLOWCERTCertificate *
-nsslowcert_NewTempCertificate(NSSLOWCERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER);
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyTrust(NSSLOWCERTTrust *Trust);
-
-/*
- * Lookup a certificate in the databases without locking
- * "certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey);
-
-/*
- * Lookup trust for a certificate in the databases without locking
- * "certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database. Return the cert if found.
-** "issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database. Return the cert if found.
-** "issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTTrust *
-nsslowcert_FindTrustByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-** "derCert" is the DER encoded certificate
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-
-/* convert an email address to lower case */
-char *nsslowcert_FixupEmailAddr(char *emailAddr);
-
-/*
-** Decode a DER encoded certificate into an NSSLOWCERTCertificate structure
-** "derSignedCert" is the DER encoded signed certificate
-** "copyDER" is true if the DER should be copied, false if the
-** existing copy should be referenced
-** "nickname" is the nickname to use in the database. If it is NULL
-** then a temporary nickname is generated.
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate (SECItem *derSignedCert, char *nickname);
-
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *certHandle,
- char *emailAddr);
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry);
-
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
- const char *domain, const char *prefix,
- NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
-
-void
-nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle);
-
-/*
- * is certa newer than certb? If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb);
-
-
-SECStatus
-nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
- certDBEntryType type,
- SECStatus (* callback)(SECItem *data, SECItem *key,
- certDBEntryType type, void *pdata),
- void *udata );
-SECStatus
-nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
- SECItem *derSubject,
- NSSLOWCERTCertCallback cb, void *cbarg);
-int
-nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
- SECItem *derSubject);
-SECStatus
-nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
- char *nickname, NSSLOWCERTCertCallback cb, void *cbarg);
-
-int
-nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
- char *nickname);
-SECStatus
-nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert,
- NSSLOWCERTCertTrust *trust);
-
-SECStatus
-nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr,
- SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime);
-
-/*
- * Change the trust attributes of a certificate and make them permanent
- * in the database.
- */
-SECStatus
-nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle,
- NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust);
-
-PRBool
-nsslowcert_needDBVerify(NSSLOWCERTCertDBHandle *handle);
-
-void
-nsslowcert_setDBVerify(NSSLOWCERTCertDBHandle *handle, PRBool value);
-
-PRBool
-nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust);
-
-void
-nsslowcert_DestroyGlobalLocks(void);
-
-void
-pkcs11_freeNickname(char *nickname, char *space);
-
-char *
-pkcs11_copyNickname(char *nickname, char *space, int spaceLen);
-
-void
-pkcs11_freeStaticData(unsigned char *data, unsigned char *space);
-
-unsigned char *
-pkcs11_copyStaticData(unsigned char *data, int datalen, unsigned char *space,
- int spaceLen);
-NSSLOWCERTCertificate *
-nsslowcert_CreateCert(void);
-SEC_END_PROTOS
-
- #endif /* _PCERTDB_H_ */
diff --git a/security/nss/lib/softoken/pcertdb.c b/security/nss/lib/softoken/pcertdb.c
deleted file mode 100644
index 3c615b6fc..000000000
--- a/security/nss/lib/softoken/pcertdb.c
+++ /dev/null
@@ -1,5269 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Permanent Certificate database handling code
- *
- * $Id$
- */
-#include "prtime.h"
-
-#include "lowkeyti.h"
-#include "pcert.h"
-#include "mcom_db.h"
-#include "pcert.h"
-#include "secitem.h"
-#include "secder.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "base64.h"
-#include "sechash.h"
-#include "plhash.h"
-
-#include "cdbhdl.h"
-
-/* forward declaration */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCertNoLocking(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-static SECStatus
-nsslowcert_UpdateSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle,
- char *emailAddr, SECItem *derSubject, SECItem *emailProfile,
- SECItem *profileTime);
-static SECStatus
-nsslowcert_UpdatePermCert(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust);
-static SECStatus
-nsslowcert_UpdateCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
- SECItem *crlKey, char *url, PRBool isKRL);
-
-static NSSLOWCERTCertificate *certListHead = NULL;
-static NSSLOWCERTTrust *trustListHead = NULL;
-static certDBEntryCert *entryListHead = NULL;
-static int certListCount = 0;
-static int trustListCount = 0;
-static int entryListCount = 0;
-#define MAX_CERT_LIST_COUNT 10
-#define MAX_TRUST_LIST_COUNT 10
-#define MAX_ENTRY_LIST_COUNT 10
-
-/*
- * the following functions are wrappers for the db library that implement
- * a global lock to make the database thread safe.
- */
-static PZLock *dbLock = NULL;
-
-void
-certdb_InitDBLock(NSSLOWCERTCertDBHandle *handle)
-{
- if (dbLock == NULL) {
- nss_InitLock(&dbLock, nssILockCertDB);
- PORT_Assert(dbLock != NULL);
- }
-
- return;
-}
-
-/*
- * Acquire the global lock on the cert database.
- * This lock is currently used for the following operations:
- * adding or deleting a cert to either the temp or perm databases
- * converting a temp to perm or perm to temp
- * changing (maybe just adding!?) the trust of a cert
- * chaning the DB status checking Configuration
- */
-static void
-nsslowcert_LockDB(NSSLOWCERTCertDBHandle *handle)
-{
- PZ_EnterMonitor(handle->dbMon);
- return;
-}
-
-/*
- * Free the global cert database lock.
- */
-static void
-nsslowcert_UnlockDB(NSSLOWCERTCertDBHandle *handle)
-{
- PRStatus prstat;
-
- prstat = PZ_ExitMonitor(handle->dbMon);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *certRefCountLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-static void
-nsslowcert_LockCertRefCount(NSSLOWCERTCertificate *cert)
-{
- if ( certRefCountLock == NULL ) {
- nss_InitLock(&certRefCountLock, nssILockRefLock);
- PORT_Assert(certRefCountLock != NULL);
- }
-
- PZ_Lock(certRefCountLock);
- return;
-}
-
-/*
- * Free the cert reference count lock
- */
-static void
-nsslowcert_UnlockCertRefCount(NSSLOWCERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certRefCountLock != NULL);
-
- prstat = PZ_Unlock(certRefCountLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *certTrustLock = NULL;
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-nsslowcert_LockCertTrust(NSSLOWCERTCertificate *cert)
-{
- if ( certTrustLock == NULL ) {
- nss_InitLock(&certTrustLock, nssILockCertDB);
- PORT_Assert(certTrustLock != NULL);
- }
-
- PZ_Lock(certTrustLock);
- return;
-}
-
-/*
- * Free the cert trust lock
- */
-void
-nsslowcert_UnlockCertTrust(NSSLOWCERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certTrustLock != NULL);
-
- prstat = PZ_Unlock(certTrustLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *freeListLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-static void
-nsslowcert_LockFreeList(void)
-{
- if ( freeListLock == NULL ) {
- nss_InitLock(&freeListLock, nssILockRefLock);
- PORT_Assert(freeListLock != NULL);
- }
-
- PZ_Lock(freeListLock);
- return;
-}
-
-/*
- * Free the cert reference count lock
- */
-static void
-nsslowcert_UnlockFreeList(void)
-{
- PRStatus prstat;
-
- PORT_Assert(freeListLock != NULL);
-
- prstat = PZ_Unlock(freeListLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *c)
-{
- if (c) {
- nsslowcert_LockCertRefCount(c);
- ++c->referenceCount;
- nsslowcert_UnlockCertRefCount(c);
- }
- return c;
-}
-
-static int
-certdb_Get(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->get)(db, key, data, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static int
-certdb_Put(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
- PRStatus prstat;
- int ret = 0;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->put)(db, key, data, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static int
-certdb_Sync(DB *db, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->sync)(db, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-#define DB_NOT_FOUND -30991 /* from DBM 3.2 */
-static int
-certdb_Del(DB *db, DBT *key, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->del)(db, key, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- /* don't fail if the record is already deleted */
- if (ret == DB_NOT_FOUND) {
- ret = 0;
- }
-
- return(ret);
-}
-
-static int
-certdb_Seq(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->seq)(db, key, data, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static void
-certdb_Close(DB *db)
-{
- PRStatus prstat;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- (* db->close)(db);
-
- prstat = PZ_Unlock(dbLock);
-
- return;
-}
-
-void
-pkcs11_freeNickname(char *nickname, char *space)
-{
- if (nickname && nickname != space) {
- PORT_Free(nickname);
- }
-}
-
-char *
-pkcs11_copyNickname(char *nickname,char *space, int spaceLen)
-{
- int len;
- char *copy = NULL;
-
- len = PORT_Strlen(nickname)+1;
- if (len <= spaceLen) {
- copy = space;
- PORT_Memcpy(copy,nickname,len);
- } else {
- copy = PORT_Strdup(nickname);
- }
-
- return copy;
-}
-
-void
-pkcs11_freeStaticData (unsigned char *data, unsigned char *space)
-{
- if (data && data != space) {
- PORT_Free(data);
- }
-}
-
-unsigned char *
-pkcs11_copyStaticData(unsigned char *data, int len,
- unsigned char *space, int spaceLen)
-{
- unsigned char *copy = NULL;
-
- if (len <= spaceLen) {
- copy = space;
- } else {
- copy = (unsigned char *) PORT_Alloc(len);
- }
- if (copy) {
- PORT_Memcpy(copy,data,len);
- }
-
- return copy;
-}
-
-/*
- * destroy a database entry
- */
-static void
-DestroyDBEntry(certDBEntry *entry)
-{
- PRArenaPool *arena = entry->common.arena;
-
- /* must be one of our certDBEntry from the free list */
- if (arena == NULL) {
- certDBEntryCert *certEntry;
- if ( entry->common.type != certDBEntryTypeCert) {
- return;
- }
- certEntry = (certDBEntryCert *)entry;
-
- pkcs11_freeStaticData(certEntry->derCert.data, certEntry->derCertSpace);
- pkcs11_freeNickname(certEntry->nickname, certEntry->nicknameSpace);
-
- nsslowcert_LockFreeList();
- if (entryListCount > MAX_ENTRY_LIST_COUNT) {
- PORT_Free(certEntry);
- } else {
- entryListCount++;
- PORT_Memset(certEntry, 0, sizeof( *certEntry));
- certEntry->next = entryListHead;
- entryListHead = certEntry;
- }
- nsslowcert_UnlockFreeList();
- return;
- }
-
-
- /* Zero out the entry struct, so that any further attempts to use it
- * will cause an exception (e.g. null pointer reference). */
- PORT_Memset(&entry->common, 0, sizeof entry->common);
- PORT_FreeArena(arena, PR_FALSE);
-
- return;
-}
-
-/* forward references */
-static void nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert);
-
-static SECStatus
-DeleteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryType type, SECItem *dbkey)
-{
- DBT key;
- int ret;
-
- /* init the database key */
- key.data = dbkey->data;
- key.size = dbkey->len;
-
- dbkey->data[0] = (unsigned char)type;
-
- /* delete entry from database */
- ret = certdb_Del(handle->permCertDB, &key, 0 );
- if ( ret != 0 ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- ret = certdb_Sync(handle->permCertDB, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-ReadDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
- SECItem *dbkey, SECItem *dbentry, PRArenaPool *arena)
-{
- DBT data, key;
- int ret;
- unsigned char *buf;
-
- /* init the database key */
- key.data = dbkey->data;
- key.size = dbkey->len;
-
- dbkey->data[0] = (unsigned char)entry->type;
-
- /* read entry from database */
- ret = certdb_Get(handle->permCertDB, &key, &data, 0 );
- if ( ret != 0 ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* validate the entry */
- if ( data.size < SEC_DB_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
- buf = (unsigned char *)data.data;
- /* version 7 has the same schema, we may be using a v7 db if we openned
- * the databases readonly. */
- if (!((buf[0] == (unsigned char)CERT_DB_FILE_VERSION)
- || (buf[0] == (unsigned char) CERT_DB_V7_FILE_VERSION))) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
- if ( buf[1] != (unsigned char)entry->type ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy out header information */
- entry->version = (unsigned int)buf[0];
- entry->type = (certDBEntryType)buf[1];
- entry->flags = (unsigned int)buf[2];
-
- /* format body of entry for return to caller */
- dbentry->len = data.size - SEC_DB_ENTRY_HEADER_LEN;
- if ( dbentry->len ) {
- if (arena) {
- dbentry->data = (unsigned char *)
- PORT_ArenaAlloc(arena, dbentry->len);
- if ( dbentry->data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_Memcpy(dbentry->data, &buf[SEC_DB_ENTRY_HEADER_LEN],
- dbentry->len);
- } else {
- dbentry->data = &buf[SEC_DB_ENTRY_HEADER_LEN];
- }
- } else {
- dbentry->data = NULL;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/**
- ** Implement low level database access
- **/
-static SECStatus
-WriteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
- SECItem *dbkey, SECItem *dbentry)
-{
- int ret;
- DBT data, key;
- unsigned char *buf;
-
- data.data = dbentry->data;
- data.size = dbentry->len;
-
- buf = (unsigned char*)data.data;
-
- buf[0] = (unsigned char)entry->version;
- buf[1] = (unsigned char)entry->type;
- buf[2] = (unsigned char)entry->flags;
-
- key.data = dbkey->data;
- key.size = dbkey->len;
-
- dbkey->data[0] = (unsigned char)entry->type;
-
- /* put the record into the database now */
- ret = certdb_Put(handle->permCertDB, &key, &data, 0);
-
- if ( ret != 0 ) {
- goto loser;
- }
-
- ret = certdb_Sync( handle->permCertDB, 0 );
-
- if ( ret ) {
- goto loser;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * encode a database cert record
- */
-static SECStatus
-EncodeDBCertEntry(certDBEntryCert *entry, PRArenaPool *arena, SECItem *dbitem)
-{
- unsigned int nnlen;
- unsigned char *buf;
- char *nn;
- char zbuf = 0;
-
- if ( entry->nickname ) {
- nn = entry->nickname;
- } else {
- nn = &zbuf;
- }
- nnlen = PORT_Strlen(nn) + 1;
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->derCert.len + nnlen + DB_CERT_ENTRY_HEADER_LEN +
- SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->trust.sslFlags >> 8 ) & 0xff;
- buf[1] = entry->trust.sslFlags & 0xff;
- buf[2] = ( entry->trust.emailFlags >> 8 ) & 0xff;
- buf[3] = entry->trust.emailFlags & 0xff;
- buf[4] = ( entry->trust.objectSigningFlags >> 8 ) & 0xff;
- buf[5] = entry->trust.objectSigningFlags & 0xff;
- buf[6] = ( entry->derCert.len >> 8 ) & 0xff;
- buf[7] = entry->derCert.len & 0xff;
- buf[8] = ( nnlen >> 8 ) & 0xff;
- buf[9] = nnlen & 0xff;
-
- PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN], entry->derCert.data,
- entry->derCert.len);
-
- PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN + entry->derCert.len],
- nn, nnlen);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * encode a database key for a cert record
- */
-static SECStatus
-EncodeDBCertKey(SECItem *certKey, PRArenaPool *arena, SECItem *dbkey)
-{
- unsigned int len = certKey->len + SEC_DB_KEY_HEADER_LEN;
- if (arena) {
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
- } else {
- if (dbkey->len < len) {
- dbkey->data = (unsigned char *)PORT_Alloc(len);
- }
- }
- dbkey->len = len;
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
- certKey->data, certKey->len);
- dbkey->data[0] = certDBEntryTypeCert;
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-EncodeDBGenericKey(SECItem *certKey, PRArenaPool *arena, SECItem *dbkey,
- certDBEntryType entryType)
-{
- /*
- * we only allow _one_ KRL key!
- */
- if (entryType == certDBEntryTypeKeyRevocation) {
- dbkey->len = SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- dbkey->data[0] = (unsigned char) entryType;
- return(SECSuccess);
- }
-
-
- dbkey->len = certKey->len + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
- certKey->data, certKey->len);
- dbkey->data[0] = (unsigned char) entryType;
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
-{
- unsigned int nnlen;
- unsigned int headerlen;
- int lenoff;
-
- /* allow updates of old versions of the database */
- switch ( entry->common.version ) {
- case 5:
- headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
- lenoff = 3;
- break;
- case 6:
- /* should not get here */
- PORT_Assert(0);
- headerlen = DB_CERT_V6_ENTRY_HEADER_LEN;
- lenoff = 3;
- break;
- case 7:
- case 8:
- headerlen = DB_CERT_ENTRY_HEADER_LEN;
- lenoff = 6;
- break;
- default:
- /* better not get here */
- PORT_Assert(0);
- headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
- lenoff = 3;
- break;
- }
-
- /* is record long enough for header? */
- if ( dbentry->len < headerlen ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->derCert.len = ( ( dbentry->data[lenoff] << 8 ) |
- dbentry->data[lenoff+1] );
- nnlen = ( ( dbentry->data[lenoff+2] << 8 ) | dbentry->data[lenoff+3] );
- if ( ( entry->derCert.len + nnlen + headerlen )
- != dbentry->len) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy the dercert */
-
- entry->derCert.data = pkcs11_copyStaticData(&dbentry->data[headerlen],
- entry->derCert.len,entry->derCertSpace,sizeof(entry->derCertSpace));
- if ( entry->derCert.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* copy the nickname */
- if ( nnlen > 1 ) {
- entry->nickname = (char *)pkcs11_copyStaticData(
- &dbentry->data[headerlen+entry->derCert.len], nnlen,
- (unsigned char *)entry->nicknameSpace,
- sizeof(entry->nicknameSpace));
- if ( entry->nickname == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- } else {
- entry->nickname = NULL;
- }
-
- if ( entry->common.version < 7 ) {
- /* allow updates of v5 db */
- entry->trust.sslFlags = dbentry->data[0];
- entry->trust.emailFlags = dbentry->data[1];
- entry->trust.objectSigningFlags = dbentry->data[2];
- } else {
- entry->trust.sslFlags = ( dbentry->data[0] << 8 ) | dbentry->data[1];
- entry->trust.emailFlags = ( dbentry->data[2] << 8 ) | dbentry->data[3];
- entry->trust.objectSigningFlags =
- ( dbentry->data[4] << 8 ) | dbentry->data[5];
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-
-/*
- * Create a new certDBEntryCert from existing data
- */
-static certDBEntryCert *
-NewDBCertEntry(SECItem *derCert, char *nickname,
- NSSLOWCERTCertTrust *trust, int flags)
-{
- certDBEntryCert *entry;
- PRArenaPool *arena = NULL;
- int nnlen;
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
- if ( !arena ) {
- goto loser;
- }
-
- entry = (certDBEntryCert *)PORT_ArenaZAlloc(arena, sizeof(certDBEntryCert));
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- /* fill in the dbCert */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeCert;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- if ( trust ) {
- entry->trust = *trust;
- }
-
- entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, derCert->len);
- if ( !entry->derCert.data ) {
- goto loser;
- }
- entry->derCert.len = derCert->len;
- PORT_Memcpy(entry->derCert.data, derCert->data, derCert->len);
-
- nnlen = ( nickname ? strlen(nickname) + 1 : 0 );
-
- if ( nnlen ) {
- entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( !entry->nickname ) {
- goto loser;
- }
- PORT_Memcpy(entry->nickname, nickname, nnlen);
-
- } else {
- entry->nickname = 0;
- }
-
- return(entry);
-
-loser:
-
- /* allocation error, free arena and return */
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
-}
-
-/*
- * Decode a version 4 DBCert from the byte stream database format
- * and construct a current database entry struct
- */
-static certDBEntryCert *
-DecodeV4DBCertEntry(unsigned char *buf, int len)
-{
- certDBEntryCert *entry;
- int certlen;
- int nnlen;
- PRArenaPool *arena;
-
- /* make sure length is at least long enough for the header */
- if ( len < DBCERT_V4_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(0);
- }
-
- /* get other lengths */
- certlen = buf[3] << 8 | buf[4];
- nnlen = buf[5] << 8 | buf[6];
-
- /* make sure DB entry is the right size */
- if ( ( certlen + nnlen + DBCERT_V4_HEADER_LEN ) != len ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(0);
- }
-
- /* allocate arena */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
- if ( !arena ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
- }
-
- /* allocate structure and members */
- entry = (certDBEntryCert *) PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
-
- if ( !entry ) {
- goto loser;
- }
-
- entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, certlen);
- if ( !entry->derCert.data ) {
- goto loser;
- }
- entry->derCert.len = certlen;
-
- if ( nnlen ) {
- entry->nickname = (char *) PORT_ArenaAlloc(arena, nnlen);
- if ( !entry->nickname ) {
- goto loser;
- }
- } else {
- entry->nickname = 0;
- }
-
- entry->common.arena = arena;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.type = certDBEntryTypeCert;
- entry->common.flags = 0;
- entry->trust.sslFlags = buf[0];
- entry->trust.emailFlags = buf[1];
- entry->trust.objectSigningFlags = buf[2];
-
- PORT_Memcpy(entry->derCert.data, &buf[DBCERT_V4_HEADER_LEN], certlen);
- PORT_Memcpy(entry->nickname, &buf[DBCERT_V4_HEADER_LEN + certlen], nnlen);
-
- if (PORT_Strcmp(entry->nickname,"Server-Cert") == 0) {
- entry->trust.sslFlags |= CERTDB_USER;
- }
-
- return(entry);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
-}
-
-/*
- * Encode a Certificate database entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBCertEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECItem tmpitem;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBCertEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* get the database key and format it */
- rv = nsslowcert_KeyFromDERCert(tmparena, &entry->derCert, &tmpitem);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = EncodeDBCertKey(&tmpitem, tmparena, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-}
-
-
-/*
- * delete a certificate entry
- */
-static SECStatus
-DeleteDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- SECItem dbkey;
- SECStatus rv;
-
- dbkey.data= NULL;
- dbkey.len = 0;
-
- rv = EncodeDBCertKey(certKey, NULL, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeCert, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- if (dbkey.data) {
- PORT_Free(dbkey.data);
- }
- return(SECSuccess);
-
-loser:
- if (dbkey.data) {
- PORT_Free(dbkey.data);
- }
- return(SECFailure);
-}
-
-static certDBEntryCert *
-CreateCertEntry(void)
-{
- certDBEntryCert *entry;
-
- nsslowcert_LockFreeList();
- entry = entryListHead;
- if (entry) {
- entryListCount--;
- entryListHead = entry->next;
- }
- nsslowcert_UnlockFreeList();
- if (entry) {
- return entry;
- }
-
- return PORT_ZAlloc(sizeof(certDBEntryCert));
-}
-
-/*
- * Read a certificate entry
- */
-static certDBEntryCert *
-ReadDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- certDBEntryCert *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
- unsigned char buf[512];
-
- dbkey.data = buf;
- dbkey.len = sizeof(buf);
-
- entry = CreateCertEntry();
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = NULL;
- entry->common.type = certDBEntryTypeCert;
-
- rv = EncodeDBCertKey(certKey, NULL, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, NULL);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = DecodeDBCertEntry(entry, &dbentry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- pkcs11_freeStaticData(dbkey.data,buf);
- dbkey.data = NULL;
- return(entry);
-
-loser:
- pkcs11_freeStaticData(dbkey.data,buf);
- dbkey.data = NULL;
- if ( entry ) {
-
- }
- DestroyDBEntry((certDBEntry *)entry);
-
- return(NULL);
-}
-
-/*
- * encode a database cert record
- */
-static SECStatus
-EncodeDBCrlEntry(certDBEntryRevocation *entry, PRArenaPool *arena, SECItem *dbitem)
-{
- unsigned int nnlen = 0;
- unsigned char *buf;
-
- if (entry->url) {
- nnlen = PORT_Strlen(entry->url) + 1;
- }
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->derCrl.len + nnlen
- + SEC_DB_ENTRY_HEADER_LEN + DB_CRL_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->derCrl.len >> 8 ) & 0xff;
- buf[1] = entry->derCrl.len & 0xff;
- buf[2] = ( nnlen >> 8 ) & 0xff;
- buf[3] = nnlen & 0xff;
-
- PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN], entry->derCrl.data,
- entry->derCrl.len);
-
- if (nnlen != 0) {
- PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
- entry->url, nnlen);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
-{
- unsigned int nnlen;
-
- /* is record long enough for header? */
- if ( dbentry->len < DB_CRL_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->derCrl.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
- if ( ( entry->derCrl.len + nnlen + DB_CRL_ENTRY_HEADER_LEN )
- != dbentry->len) {
- /* CRL entry is greater than 64 K. Hack to make this continue to work */
- if (dbentry->len >= (0xffff - DB_CRL_ENTRY_HEADER_LEN) - nnlen) {
- entry->derCrl.len =
- (dbentry->len - DB_CRL_ENTRY_HEADER_LEN) - nnlen;
- } else {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
- }
-
- /* copy the dercert */
- entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->derCrl.len);
- if ( entry->derCrl.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->derCrl.data, &dbentry->data[DB_CRL_ENTRY_HEADER_LEN],
- entry->derCrl.len);
-
- /* copy the url */
- entry->url = NULL;
- if (nnlen != 0) {
- entry->url = (char *)PORT_ArenaAlloc(entry->common.arena, nnlen);
- if ( entry->url == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->url,
- &dbentry->data[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
- nnlen);
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-/*
- * Create a new certDBEntryRevocation from existing data
- */
-static certDBEntryRevocation *
-NewDBCrlEntry(SECItem *derCrl, char * url, certDBEntryType crlType, int flags)
-{
- certDBEntryRevocation *entry;
- PRArenaPool *arena = NULL;
- int nnlen;
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
- if ( !arena ) {
- goto loser;
- }
-
- entry = (certDBEntryRevocation*)
- PORT_ArenaZAlloc(arena, sizeof(certDBEntryRevocation));
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- /* fill in the dbRevolcation */
- entry->common.arena = arena;
- entry->common.type = crlType;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
-
- entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(arena, derCrl->len);
- if ( !entry->derCrl.data ) {
- goto loser;
- }
-
- if (url) {
- nnlen = PORT_Strlen(url) + 1;
- entry->url = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( !entry->url ) {
- goto loser;
- }
- PORT_Memcpy(entry->url, url, nnlen);
- } else {
- entry->url = NULL;
- }
-
-
- entry->derCrl.len = derCrl->len;
- PORT_Memcpy(entry->derCrl.data, derCrl->data, derCrl->len);
-
- return(entry);
-
-loser:
-
- /* allocation error, free arena and return */
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
-}
-
-
-static SECStatus
-WriteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryRevocation *entry,
- SECItem *crlKey )
-{
- SECItem dbkey;
- PRArenaPool *tmparena = NULL;
- SECItem encodedEntry;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBCrlEntry(entry, tmparena, &encodedEntry);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = EncodeDBGenericKey(crlKey, tmparena, &dbkey, entry->common.type);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &encodedEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-}
-/*
- * delete a crl entry
- */
-static SECStatus
-DeleteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey,
- certDBEntryType crlType)
-{
- SECItem dbkey;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBGenericKey(crlKey, arena, &dbkey, crlType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, crlType, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a certificate entry
- */
-static certDBEntryRevocation *
-ReadDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey,
- certDBEntryType crlType)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryRevocation *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryRevocation *)
- PORT_ArenaAlloc(arena, sizeof(certDBEntryRevocation));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = crlType;
-
- rv = EncodeDBGenericKey(certKey, tmparena, &dbkey, crlType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, NULL);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = DecodeDBCrlEntry(entry, &dbentry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry)
-{
- DestroyDBEntry(entry);
- return;
-}
-
-/*
- * Encode a database nickname record
- */
-static SECStatus
-EncodeDBNicknameEntry(certDBEntryNickname *entry, PRArenaPool *arena,
- SECItem *dbitem)
-{
- unsigned char *buf;
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN +
- SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->subjectName.len >> 8 ) & 0xff;
- buf[1] = entry->subjectName.len & 0xff;
-
- PORT_Memcpy(&buf[DB_NICKNAME_ENTRY_HEADER_LEN], entry->subjectName.data,
- entry->subjectName.len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Encode a database key for a nickname record
- */
-static SECStatus
-EncodeDBNicknameKey(char *nickname, PRArenaPool *arena,
- SECItem *dbkey)
-{
- unsigned int nnlen;
-
- nnlen = PORT_Strlen(nickname) + 1; /* includes null */
-
- /* now get the database key and format it */
- dbkey->len = nnlen + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], nickname, nnlen);
- dbkey->data[0] = certDBEntryTypeNickname;
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBNicknameEntry(certDBEntryNickname *entry, SECItem *dbentry,
- char *nickname)
-{
- /* is record long enough for header? */
- if ( dbentry->len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- if (( entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN ) !=
- dbentry->len ){
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy the certkey */
- entry->subjectName.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->subjectName.len);
- if ( entry->subjectName.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->subjectName.data,
- &dbentry->data[DB_NICKNAME_ENTRY_HEADER_LEN],
- entry->subjectName.len);
- entry->subjectName.type = siBuffer;
-
- entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena,
- PORT_Strlen(nickname)+1);
- if ( entry->nickname ) {
- PORT_Strcpy(entry->nickname, nickname);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new nickname entry
- */
-static certDBEntryNickname *
-NewDBNicknameEntry(char *nickname, SECItem *subjectName, unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntryNickname *entry;
- int nnlen;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryNickname));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* init common fields */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeNickname;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- /* copy the nickname */
- nnlen = PORT_Strlen(nickname) + 1;
-
- entry->nickname = (char*)PORT_ArenaAlloc(arena, nnlen);
- if ( entry->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(entry->nickname, nickname, nnlen);
-
- rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * delete a nickname entry
- */
-static SECStatus
-DeleteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- SECItem dbkey;
-
- if ( nickname == NULL ) {
- return(SECSuccess);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBNicknameKey(nickname, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeNickname, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a nickname entry
- */
-static certDBEntryNickname *
-ReadDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryNickname *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryNickname));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeNickname;
-
- rv = EncodeDBNicknameKey(nickname, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* is record long enough for header? */
- if ( dbentry.len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- rv = DecodeDBNicknameEntry(entry, &dbentry, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Encode a nickname entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryNickname *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBNicknameEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBNicknameKey(entry->nickname, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-
-}
-
-SECStatus
-EncodeDBSMimeEntry(certDBEntrySMime *entry, PRArenaPool *arena,
- SECItem *dbitem)
-{
- unsigned char *buf;
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->subjectName.len + entry->smimeOptions.len +
- entry->optionsDate.len +
- DB_SMIME_ENTRY_HEADER_LEN + SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->subjectName.len >> 8 ) & 0xff;
- buf[1] = entry->subjectName.len & 0xff;
- buf[2] = ( entry->smimeOptions.len >> 8 ) & 0xff;
- buf[3] = entry->smimeOptions.len & 0xff;
- buf[4] = ( entry->optionsDate.len >> 8 ) & 0xff;
- buf[5] = entry->optionsDate.len & 0xff;
-
- /* if no smime options, then there should not be an options date either */
- PORT_Assert( ! ( ( entry->smimeOptions.len == 0 ) &&
- ( entry->optionsDate.len != 0 ) ) );
-
- PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN], entry->subjectName.data,
- entry->subjectName.len);
- if ( entry->smimeOptions.len ) {
- PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN+entry->subjectName.len],
- entry->smimeOptions.data,
- entry->smimeOptions.len);
- PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN + entry->subjectName.len +
- entry->smimeOptions.len],
- entry->optionsDate.data,
- entry->optionsDate.len);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Encode a database key for a SMIME record
- */
-static SECStatus
-EncodeDBSMimeKey(char *emailAddr, PRArenaPool *arena,
- SECItem *dbkey)
-{
- unsigned int addrlen;
-
- addrlen = PORT_Strlen(emailAddr) + 1; /* includes null */
-
- /* now get the database key and format it */
- dbkey->len = addrlen + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], emailAddr, addrlen);
- dbkey->data[0] = certDBEntryTypeSMimeProfile;
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Decode a database SMIME record
- */
-static SECStatus
-DecodeDBSMimeEntry(certDBEntrySMime *entry, SECItem *dbentry, char *emailAddr)
-{
- /* is record long enough for header? */
- if ( dbentry->len < DB_SMIME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- entry->smimeOptions.len = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
- entry->optionsDate.len = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
- if (( entry->subjectName.len + entry->smimeOptions.len +
- entry->optionsDate.len + DB_SMIME_ENTRY_HEADER_LEN ) != dbentry->len){
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy the subject name */
- entry->subjectName.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->subjectName.len);
- if ( entry->subjectName.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->subjectName.data,
- &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN],
- entry->subjectName.len);
-
- /* copy the smime options */
- if ( entry->smimeOptions.len ) {
- entry->smimeOptions.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->smimeOptions.len);
- if ( entry->smimeOptions.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->smimeOptions.data,
- &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
- entry->subjectName.len],
- entry->smimeOptions.len);
- }
- if ( entry->optionsDate.len ) {
- entry->optionsDate.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->optionsDate.len);
- if ( entry->optionsDate.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->optionsDate.data,
- &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
- entry->subjectName.len +
- entry->smimeOptions.len],
- entry->optionsDate.len);
- }
-
- /* both options and options date must either exist or not exist */
- if ( ( ( entry->optionsDate.len == 0 ) ||
- ( entry->smimeOptions.len == 0 ) ) &&
- entry->smimeOptions.len != entry->optionsDate.len ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- entry->emailAddr = (char *)PORT_ArenaAlloc(entry->common.arena,
- PORT_Strlen(emailAddr)+1);
- if ( entry->emailAddr ) {
- PORT_Strcpy(entry->emailAddr, emailAddr);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new SMIME entry
- */
-static certDBEntrySMime *
-NewDBSMimeEntry(char *emailAddr, SECItem *subjectName, SECItem *smimeOptions,
- SECItem *optionsDate, unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntrySMime *entry;
- int addrlen;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySMime));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* init common fields */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSMimeProfile;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- /* copy the email addr */
- addrlen = PORT_Strlen(emailAddr) + 1;
-
- entry->emailAddr = (char*)PORT_ArenaAlloc(arena, addrlen);
- if ( entry->emailAddr == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(entry->emailAddr, emailAddr, addrlen);
-
- /* copy the subject name */
- rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* copy the smime options */
- if ( smimeOptions ) {
- rv = SECITEM_CopyItem(arena, &entry->smimeOptions, smimeOptions);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- PORT_Assert(optionsDate == NULL);
- entry->smimeOptions.data = NULL;
- entry->smimeOptions.len = 0;
- }
-
- /* copy the options date */
- if ( optionsDate ) {
- rv = SECITEM_CopyItem(arena, &entry->optionsDate, optionsDate);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- PORT_Assert(smimeOptions == NULL);
- entry->optionsDate.data = NULL;
- entry->optionsDate.len = 0;
- }
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * delete a SMIME entry
- */
-static SECStatus
-DeleteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- SECItem dbkey;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSMimeKey(emailAddr, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeSMimeProfile, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a SMIME entry
- */
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntrySMime *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySMime));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSMimeProfile;
-
- rv = EncodeDBSMimeKey(emailAddr, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* is record long enough for header? */
- if ( dbentry.len < DB_SMIME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- rv = DecodeDBSMimeEntry(entry, &dbentry, emailAddr);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Encode a SMIME entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySMime *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSMimeEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBSMimeKey(entry->emailAddr, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-
-}
-
-/*
- * Encode a database subject record
- */
-static SECStatus
-EncodeDBSubjectEntry(certDBEntrySubject *entry, PRArenaPool *arena,
- SECItem *dbitem)
-{
- unsigned char *buf;
- int len;
- unsigned int ncerts;
- unsigned int i;
- unsigned char *tmpbuf;
- unsigned int nnlen = 0;
- unsigned int eaddrslen = 0;
- int keyidoff;
- SECItem *certKeys;
- SECItem *keyIDs;
-
- if ( entry->nickname ) {
- nnlen = PORT_Strlen(entry->nickname) + 1;
- }
- if ( entry->emailAddrs ) {
- eaddrslen = 2;
- for (i=0; i < entry->nemailAddrs; i++) {
- eaddrslen += PORT_Strlen(entry->emailAddrs[i]) + 1 + 2;
- }
- }
-
- ncerts = entry->ncerts;
-
- /* compute the length of the entry */
- keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen ;
- len = keyidoff + 4 * ncerts + eaddrslen;
- for ( i = 0; i < ncerts; i++ ) {
- len += entry->certKeys[i].len;
- len += entry->keyIDs[i].len;
- }
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = len + SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( ncerts >> 8 ) & 0xff;
- buf[1] = ncerts & 0xff;
- buf[2] = ( nnlen >> 8 ) & 0xff;
- buf[3] = nnlen & 0xff;
- /* v7 email field is NULL in v8 */
- buf[4] = 0;
- buf[5] = 0;
-
- PORT_Memcpy(&buf[DB_SUBJECT_ENTRY_HEADER_LEN], entry->nickname, nnlen);
-
- for ( i = 0; i < ncerts; i++ ) {
-
- certKeys = entry->certKeys;
- keyIDs = entry->keyIDs;
-
- buf[keyidoff+i*2] = ( certKeys[i].len >> 8 ) & 0xff;
- buf[keyidoff+1+i*2] = certKeys[i].len & 0xff;
- buf[keyidoff+ncerts*2+i*2] = ( keyIDs[i].len >> 8 ) & 0xff;
- buf[keyidoff+1+ncerts*2+i*2] = keyIDs[i].len & 0xff;
- }
-
- /* temp pointer used to stuff certkeys and keyids into the buffer */
- tmpbuf = &buf[keyidoff+ncerts*4];
-
- for ( i = 0; i < ncerts; i++ ) {
- certKeys = entry->certKeys;
- PORT_Memcpy(tmpbuf, certKeys[i].data, certKeys[i].len);
- tmpbuf = tmpbuf + certKeys[i].len;
- }
-
- for ( i = 0; i < ncerts; i++ ) {
- keyIDs = entry->keyIDs;
- PORT_Memcpy(tmpbuf, keyIDs[i].data, keyIDs[i].len);
- tmpbuf = tmpbuf + keyIDs[i].len;
- }
-
- if (entry->emailAddrs) {
- tmpbuf[0] = (entry->nemailAddrs >> 8) & 0xff;
- tmpbuf[1] = entry->nemailAddrs & 0xff;
- tmpbuf += 2;
- for (i=0; i < entry->nemailAddrs; i++) {
- int nameLen = PORT_Strlen(entry->emailAddrs[i]) + 1;
- tmpbuf[0] = (nameLen >> 8) & 0xff;
- tmpbuf[1] = nameLen & 0xff;
- tmpbuf += 2;
- PORT_Memcpy(tmpbuf,entry->emailAddrs[i],nameLen);
- tmpbuf +=nameLen;
- }
- }
-
- PORT_Assert(tmpbuf == &buf[len]);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Encode a database key for a subject record
- */
-static SECStatus
-EncodeDBSubjectKey(SECItem *derSubject, PRArenaPool *arena,
- SECItem *dbkey)
-{
- dbkey->len = derSubject->len + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], derSubject->data,
- derSubject->len);
- dbkey->data[0] = certDBEntryTypeSubject;
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBSubjectEntry(certDBEntrySubject *entry, SECItem *dbentry,
- SECItem *derSubject)
-{
- unsigned int ncerts;
- PRArenaPool *arena;
- unsigned int len, itemlen;
- unsigned char *tmpbuf;
- unsigned char *end;
- unsigned int i;
- SECStatus rv;
- unsigned int keyidoff;
- unsigned int nnlen, eaddrlen;
- unsigned int stdlen;
-
- arena = entry->common.arena;
-
- rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* is record long enough for header? */
- if ( dbentry->len < DB_SUBJECT_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- entry->ncerts = ncerts = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
- eaddrlen = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
- stdlen = ncerts * 4 + DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
- if ( dbentry->len < stdlen) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena,
- sizeof(SECItem) * ncerts);
- entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena,
- sizeof(SECItem) * ncerts);
-
- if ( ( entry->certKeys == NULL ) || ( entry->keyIDs == NULL ) ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- if ( nnlen > 1 ) { /* null terminator is stored */
- entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( entry->nickname == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->nickname,
- &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN],
- nnlen);
- } else {
- entry->nickname = NULL;
- }
-
- /* if we have an old style email entry, there is only one */
- entry->nemailAddrs = 0;
- if ( eaddrlen > 1 ) { /* null terminator is stored */
- entry->emailAddrs = (char **)PORT_ArenaAlloc(arena, sizeof(char *));
- if ( entry->emailAddrs == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->emailAddrs[0] = (char *)PORT_ArenaAlloc(arena, eaddrlen);
- if ( entry->emailAddrs[0] == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->emailAddrs[0],
- &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN+nnlen],
- eaddrlen);
- entry->nemailAddrs = 1;
- } else {
- entry->emailAddrs = NULL;
- }
-
- /* collect the lengths of the certKeys and keyIDs, and total the
- * overall length.
- */
- keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
- len = keyidoff + 4 * ncerts;
-
- tmpbuf = &dbentry->data[0];
-
- for ( i = 0; i < ncerts; i++ ) {
-
- itemlen = ( tmpbuf[keyidoff + 2*i] << 8 ) | tmpbuf[keyidoff + 1 + 2*i] ;
- len += itemlen;
- entry->certKeys[i].len = itemlen;
-
- itemlen = ( tmpbuf[keyidoff + 2*ncerts + 2*i] << 8 ) |
- tmpbuf[keyidoff + 1 + 2*ncerts + 2*i] ;
- len += itemlen;
- entry->keyIDs[i].len = itemlen;
- }
-
- /* is database entry correct length? */
- if ( len > dbentry->len ){
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- tmpbuf = &tmpbuf[keyidoff + 4*ncerts];
- for ( i = 0; i < ncerts; i++ ) {
- entry->certKeys[i].data =
- (unsigned char *)PORT_ArenaAlloc(arena, entry->certKeys[i].len);
- if ( entry->certKeys[i].data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->certKeys[i].data, tmpbuf, entry->certKeys[i].len);
- tmpbuf = &tmpbuf[entry->certKeys[i].len];
- }
-
- for ( i = 0; i < ncerts; i++ ) {
- entry->keyIDs[i].data =
- (unsigned char *)PORT_ArenaAlloc(arena, entry->keyIDs[i].len);
- if ( entry->keyIDs[i].data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->keyIDs[i].data, tmpbuf, entry->keyIDs[i].len);
- tmpbuf = &tmpbuf[entry->keyIDs[i].len];
- }
-
- end = &dbentry->data[dbentry->len];
- if ((eaddrlen == 0) && (tmpbuf+1 < end)) {
- /* read in the additional email addresses */
- entry->nemailAddrs = tmpbuf[0] << 8 | tmpbuf[1];
- tmpbuf += 2;
- entry->emailAddrs = (char **)
- PORT_ArenaAlloc(arena, entry->nemailAddrs * sizeof(char *));
- if (entry->emailAddrs == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- for (i=0; i < entry->nemailAddrs; i++) {
- int nameLen;
- if (tmpbuf + 2 > end) {
- goto loser;
- }
-
- nameLen = tmpbuf[0] << 8 | tmpbuf[1];
- entry->emailAddrs[i] = PORT_ArenaAlloc(arena,nameLen);
- if (entry->emailAddrs == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if (tmpbuf + (nameLen+2) > end) {
- goto loser;
- }
- PORT_Memcpy(entry->emailAddrs[i],&tmpbuf[2],nameLen);
- tmpbuf += 2 + nameLen;
- }
- }
-
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new subject entry with a single cert
- */
-static certDBEntrySubject *
-NewDBSubjectEntry(SECItem *derSubject, SECItem *certKey,
- SECItem *keyID, char *nickname, char *emailAddr,
- unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntrySubject *entry;
- SECStatus rv;
- unsigned int nnlen;
- unsigned int eaddrlen;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySubject));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* init common fields */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSubject;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- /* copy the subject */
- rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- entry->ncerts = 1;
- entry->nemailAddrs = 0;
- /* copy nickname */
- if ( nickname && ( *nickname != '\0' ) ) {
- nnlen = PORT_Strlen(nickname) + 1;
- entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( entry->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(entry->nickname, nickname, nnlen);
- } else {
- entry->nickname = NULL;
- }
-
- /* copy email addr */
- if ( emailAddr && ( *emailAddr != '\0' ) ) {
- emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
- if ( emailAddr == NULL ) {
- entry->emailAddrs = NULL;
- goto loser;
- }
-
- eaddrlen = PORT_Strlen(emailAddr) + 1;
- entry->emailAddrs = (char **)PORT_ArenaAlloc(arena, sizeof(char *));
- if ( entry->emailAddrs == NULL ) {
- PORT_Free(emailAddr);
- goto loser;
- }
- entry->emailAddrs[0] = PORT_ArenaStrdup(arena,emailAddr);
- if (entry->emailAddrs[0]) {
- entry->nemailAddrs = 1;
- }
-
- PORT_Free(emailAddr);
- } else {
- entry->emailAddrs = NULL;
- }
-
- /* allocate space for certKeys and keyIDs */
- entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
- entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
- if ( ( entry->certKeys == NULL ) || ( entry->keyIDs == NULL ) ) {
- goto loser;
- }
-
- /* copy the certKey and keyID */
- rv = SECITEM_CopyItem(arena, &entry->certKeys[0], certKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &entry->keyIDs[0], keyID);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * delete a subject entry
- */
-static SECStatus
-DeleteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
- SECItem dbkey;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSubjectKey(derSubject, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeSubject, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read the subject entry
- */
-static certDBEntrySubject *
-ReadDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntrySubject *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySubject));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSubject;
-
- rv = EncodeDBSubjectKey(derSubject, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = DecodeDBSubjectEntry(entry, &dbentry, derSubject);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Encode a subject name entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySubject *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSubjectEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBSubjectKey(&entry->derSubject, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-
-}
-
-typedef enum { nsslowcert_remove, nsslowcert_add } nsslowcertUpdateType;
-
-static SECStatus
-nsslowcert_UpdateSubjectEmailAddr(NSSLOWCERTCertDBHandle *dbhandle,
- SECItem *derSubject, char *emailAddr, nsslowcertUpdateType updateType)
-{
- PRBool save = PR_FALSE, delold = PR_FALSE;
- certDBEntrySubject *entry = NULL;
- int index = -1, i;
- SECStatus rv;
-
- if (emailAddr) {
- emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
- if (emailAddr == NULL) {
- return SECFailure;
- }
- } else {
- return SECSuccess;
- }
-
- entry = ReadDBSubjectEntry(dbhandle,derSubject);
- if (entry == NULL) {
- goto loser;
- }
-
- if ( entry->emailAddrs ) {
- for (i=0; i < entry->nemailAddrs; i++) {
- if (PORT_Strcmp(entry->emailAddrs[i],emailAddr) == 0) {
- index = i;
- }
- }
- }
-
-
- if (updateType == nsslowcert_remove) {
- if (index == -1) {
- return SECSuccess;
- }
-
- entry->nemailAddrs--;
- for (i=index; i < entry->nemailAddrs; i++) {
- entry->emailAddrs[i] = entry->emailAddrs[i+1];
- }
- } else {
- char **newAddrs = NULL;
- if (index != -1) {
- return SECSuccess;
- }
- newAddrs = (char **)PORT_ArenaAlloc(entry->common.arena,
- (entry->nemailAddrs+1)* sizeof(char *));
- if (!newAddrs) {
- goto loser;
- }
- for (i=0; i < entry->nemailAddrs; i++) {
- newAddrs[i] = entry->emailAddrs[i];
- }
- newAddrs[entry->nemailAddrs] =
- PORT_ArenaStrdup(entry->common.arena,emailAddr);
- if (!newAddrs[entry->nemailAddrs]) {
- goto loser;
- }
- entry->emailAddrs = newAddrs;
- entry->nemailAddrs++;
- }
-
- /* delete the subject entry */
- DeleteDBSubjectEntry(dbhandle, derSubject);
-
- /* write the new one */
- rv = WriteDBSubjectEntry(dbhandle, entry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- DestroyDBEntry((certDBEntry *)entry);
- if (emailAddr) PORT_Free(emailAddr);
- return(SECSuccess);
-
-loser:
- if (entry) DestroyDBEntry((certDBEntry *)entry);
- if (emailAddr) PORT_Free(emailAddr);
- return(SECFailure);
-}
-
-/*
- * writes a nickname to an existing subject entry that does not currently
- * have one
- */
-static SECStatus
-AddNicknameToSubject(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname)
-{
- certDBEntrySubject *entry;
- SECStatus rv;
-
- if ( nickname == NULL ) {
- return(SECFailure);
- }
-
- entry = ReadDBSubjectEntry(dbhandle,&cert->derSubject);
- PORT_Assert(entry != NULL);
- if ( entry == NULL ) {
- goto loser;
- }
-
- PORT_Assert(entry->nickname == NULL);
- if ( entry->nickname != NULL ) {
- goto loser;
- }
-
- entry->nickname = (nickname) ?
- PORT_ArenaStrdup(entry->common.arena, nickname) : NULL;
-
- if ( entry->nickname == NULL ) {
- goto loser;
- }
-
- /* delete the subject entry */
- DeleteDBSubjectEntry(dbhandle, &cert->derSubject);
-
- /* write the new one */
- rv = WriteDBSubjectEntry(dbhandle, entry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new version entry
- */
-static certDBEntryVersion *
-NewDBVersionEntry(unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntryVersion *entry;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryVersion));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeVersion;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Read the version entry
- */
-static certDBEntryVersion *
-ReadDBVersionEntry(NSSLOWCERTCertDBHandle *handle)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryVersion *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryVersion));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeVersion;
-
- /* now get the database key and format it */
- dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
- if ( dbkey.data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
- SEC_DB_VERSION_KEY_LEN);
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-
-/*
- * Encode a version entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBVersionEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryVersion *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem.len = SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbitem.len);
- if ( dbitem.data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* now get the database key and format it */
- dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
- if ( dbkey.data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
- SEC_DB_VERSION_KEY_LEN);
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-}
-
-/*
- * cert is no longer a perm cert, but will remain a temp cert
- */
-static SECStatus
-RemovePermSubjectNode(NSSLOWCERTCertificate *cert)
-{
- certDBEntrySubject *entry;
- unsigned int i;
- SECStatus rv;
-
- entry = ReadDBSubjectEntry(cert->dbhandle,&cert->derSubject);
- if ( entry == NULL ) {
- return(SECFailure);
- }
-
- PORT_Assert(entry->ncerts);
- rv = SECFailure;
-
- if ( entry->ncerts > 1 ) {
- for ( i = 0; i < entry->ncerts; i++ ) {
- if ( SECITEM_CompareItem(&entry->certKeys[i], &cert->certKey) ==
- SECEqual ) {
- /* copy rest of list forward one entry */
- for ( i = i + 1; i < entry->ncerts; i++ ) {
- entry->certKeys[i-1] = entry->certKeys[i];
- entry->keyIDs[i-1] = entry->keyIDs[i];
- }
- entry->ncerts--;
- DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
- rv = WriteDBSubjectEntry(cert->dbhandle, entry);
- break;
- }
- }
- } else {
- /* no entries left, delete the perm entry in the DB */
- if ( entry->emailAddrs ) {
- /* if the subject had an email record, then delete it too */
- for (i=0; i < entry->nemailAddrs; i++) {
- DeleteDBSMimeEntry(cert->dbhandle, entry->emailAddrs[i]);
- }
- }
- if ( entry->nickname ) {
- DeleteDBNicknameEntry(cert->dbhandle, entry->nickname);
- }
-
- DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
- }
- DestroyDBEntry((certDBEntry *)entry);
-
- return(rv);
-}
-
-/*
- * add a cert to the perm subject list
- */
-static SECStatus
-AddPermSubjectNode(certDBEntrySubject *entry, NSSLOWCERTCertificate *cert,
- char *nickname)
-{
- SECItem *newCertKeys, *newKeyIDs;
- unsigned int i, new_i;
- SECStatus rv;
- NSSLOWCERTCertificate *cmpcert;
- unsigned int nnlen;
- unsigned int ncerts;
- PRBool added = PR_FALSE;
-
- PORT_Assert(entry);
- ncerts = entry->ncerts;
-
- if ( nickname && entry->nickname ) {
- /* nicknames must be the same */
- PORT_Assert(PORT_Strcmp(nickname, entry->nickname) == 0);
- }
-
- if ( ( entry->nickname == NULL ) && ( nickname != NULL ) ) {
- /* copy nickname into the entry */
- nnlen = PORT_Strlen(nickname) + 1;
- entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena,nnlen);
- if ( entry->nickname == NULL ) {
- return(SECFailure);
- }
- PORT_Memcpy(entry->nickname, nickname, nnlen);
- }
-
- /* a DB entry already exists, so add this cert */
- newCertKeys = (SECItem *)PORT_ArenaAlloc(entry->common.arena,
- sizeof(SECItem) * ( ncerts + 1 ) );
- newKeyIDs = (SECItem *)PORT_ArenaAlloc(entry->common.arena,
- sizeof(SECItem) * ( ncerts + 1 ) );
-
- if ( ( newCertKeys == NULL ) || ( newKeyIDs == NULL ) ) {
- return(SECFailure);
- }
-
- for ( i = 0, new_i=0; i < ncerts; i++ ) {
- cmpcert = nsslowcert_FindCertByKey(cert->dbhandle,
- &entry->certKeys[i]);
- /* The entry has been corrupted, remove it from the list */
- if (!cmpcert) {
- continue;
- }
-
- if ( nsslowcert_IsNewer(cert, cmpcert) ) {
- /* insert before cmpcert */
- rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[new_i],
- &cert->certKey);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[new_i],
- &cert->subjectKeyID);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- new_i++;
- /* copy the rest of the entry */
- for ( ; i < ncerts; i++ ,new_i++) {
- newCertKeys[new_i] = entry->certKeys[i];
- newKeyIDs[new_i] = entry->keyIDs[i];
- }
-
- /* update certKeys and keyIDs */
- entry->certKeys = newCertKeys;
- entry->keyIDs = newKeyIDs;
-
- /* set new count value */
- entry->ncerts = new_i;
- added = PR_TRUE;
- break;
- }
- /* copy this cert entry */
- newCertKeys[new_i] = entry->certKeys[i];
- newKeyIDs[new_i] = entry->keyIDs[i];
- new_i++; /* only increment if we copied the entries */
- }
-
- if ( !added ) {
- /* insert new one at end */
- rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[new_i],
- &cert->certKey);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[new_i],
- &cert->subjectKeyID);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- new_i++;
-
- /* update certKeys and keyIDs */
- entry->certKeys = newCertKeys;
- entry->keyIDs = newKeyIDs;
-
- /* increment count */
- entry->ncerts = new_i;
- }
- DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
- rv = WriteDBSubjectEntry(cert->dbhandle, entry);
- return(rv);
-}
-
-
-SECStatus
-nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
- SECItem *derSubject,
- NSSLOWCERTCertCallback cb, void *cbarg)
-{
- certDBEntrySubject *entry;
- unsigned int i;
- NSSLOWCERTCertificate *cert;
- SECStatus rv = SECSuccess;
-
- entry = ReadDBSubjectEntry(handle, derSubject);
-
- if ( entry == NULL ) {
- return(SECFailure);
- }
-
- for( i = 0; i < entry->ncerts; i++ ) {
- cert = nsslowcert_FindCertByKey(handle, &entry->certKeys[i]);
- if (!cert) {
- continue;
- }
- rv = (* cb)(cert, cbarg);
- nsslowcert_DestroyCertificate(cert);
- if ( rv == SECFailure ) {
- break;
- }
- }
-
- DestroyDBEntry((certDBEntry *)entry);
-
- return(rv);
-}
-
-int
-nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
- SECItem *derSubject)
-{
- certDBEntrySubject *entry;
- int ret;
-
- entry = ReadDBSubjectEntry(handle, derSubject);
-
- if ( entry == NULL ) {
- return(SECFailure);
- }
-
- ret = entry->ncerts;
-
- DestroyDBEntry((certDBEntry *)entry);
-
- return(ret);
-}
-
-SECStatus
-nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
- char *nickname, NSSLOWCERTCertCallback cb, void *cbarg)
-{
- certDBEntryNickname *nnentry = NULL;
- certDBEntrySMime *smentry = NULL;
- SECStatus rv;
- SECItem *derSubject = NULL;
-
- nnentry = ReadDBNicknameEntry(handle, nickname);
- if ( nnentry ) {
- derSubject = &nnentry->subjectName;
- } else {
- smentry = nsslowcert_ReadDBSMimeEntry(handle, nickname);
- if ( smentry ) {
- derSubject = &smentry->subjectName;
- }
- }
-
- if ( derSubject ) {
- rv = nsslowcert_TraversePermCertsForSubject(handle, derSubject,
- cb, cbarg);
- } else {
- rv = SECFailure;
- }
-
- if ( nnentry ) {
- DestroyDBEntry((certDBEntry *)nnentry);
- }
- if ( smentry ) {
- DestroyDBEntry((certDBEntry *)smentry);
- }
-
- return(rv);
-}
-
-int
-nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
- char *nickname)
-{
- certDBEntryNickname *entry;
- int ret;
-
- entry = ReadDBNicknameEntry(handle, nickname);
-
- if ( entry ) {
- ret = nsslowcert_NumPermCertsForSubject(handle, &entry->subjectName);
- DestroyDBEntry((certDBEntry *)entry);
- } else {
- ret = 0;
- }
- return(ret);
-}
-
-/*
- * add a nickname to a cert that doesn't have one
- */
-static SECStatus
-AddNicknameToPermCert(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname)
-{
- certDBEntryCert *entry;
- int rv;
-
- entry = cert->dbEntry;
- PORT_Assert(entry != NULL);
- if ( entry == NULL ) {
- goto loser;
- }
-
- pkcs11_freeNickname(entry->nickname,entry->nicknameSpace);
- entry->nickname = NULL;
- entry->nickname = pkcs11_copyNickname(nickname,entry->nicknameSpace,
- sizeof(entry->nicknameSpace));
-
- rv = WriteDBCertEntry(dbhandle, entry);
- if ( rv ) {
- goto loser;
- }
-
- pkcs11_freeNickname(cert->nickname,cert->nicknameSpace);
- cert->nickname = NULL;
- cert->nickname = pkcs11_copyNickname(nickname,cert->nicknameSpace,
- sizeof(cert->nicknameSpace));
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * add a nickname to a cert that is already in the perm database, but doesn't
- * have one yet (it is probably an e-mail cert).
- */
-SECStatus
-nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname)
-{
- SECStatus rv = SECFailure;
- certDBEntrySubject *entry = NULL;
- certDBEntryNickname *nicknameEntry = NULL;
-
- nsslowcert_LockDB(dbhandle);
-
- entry = ReadDBSubjectEntry(dbhandle, &cert->derSubject);
- if (entry == NULL) goto loser;
-
- if ( entry->nickname == NULL ) {
-
- /* no nickname for subject */
- rv = AddNicknameToSubject(dbhandle, cert, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = AddNicknameToPermCert(dbhandle, cert, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
- if ( nicknameEntry == NULL ) {
- goto loser;
- }
-
- rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- /* subject already has a nickname */
- rv = AddNicknameToPermCert(dbhandle, cert, entry->nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- /* make sure nickname entry exists. If the database was corrupted,
- * we may have lost the nickname entry. Add it back now */
- nicknameEntry = ReadDBNicknameEntry(dbhandle, entry->nickname);
- if (nicknameEntry == NULL ) {
- nicknameEntry = NewDBNicknameEntry(entry->nickname,
- &cert->derSubject, 0);
- if ( nicknameEntry == NULL ) {
- goto loser;
- }
-
- rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
- }
- rv = SECSuccess;
-
-loser:
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- if (nicknameEntry) {
- DestroyDBEntry((certDBEntry *)nicknameEntry);
- }
- nsslowcert_UnlockDB(dbhandle);
- return(rv);
-}
-
-static certDBEntryCert *
-AddCertToPermDB(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert,
- char *nickname, NSSLOWCERTCertTrust *trust)
-{
- certDBEntryCert *certEntry = NULL;
- certDBEntryNickname *nicknameEntry = NULL;
- certDBEntrySubject *subjectEntry = NULL;
- int state = 0;
- SECStatus rv;
- PRBool donnentry = PR_FALSE;
-
- if ( nickname ) {
- donnentry = PR_TRUE;
- }
-
- subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
-
- if ( subjectEntry && subjectEntry->nickname ) {
- donnentry = PR_FALSE;
- nickname = subjectEntry->nickname;
- }
-
- certEntry = NewDBCertEntry(&cert->derCert, nickname, trust, 0);
- if ( certEntry == NULL ) {
- goto loser;
- }
-
- if ( donnentry ) {
- nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
- if ( nicknameEntry == NULL ) {
- goto loser;
- }
- }
-
- rv = WriteDBCertEntry(handle, certEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- state = 1;
-
- if ( nicknameEntry ) {
- rv = WriteDBNicknameEntry(handle, nicknameEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- state = 2;
-
- cert->dbhandle = handle;
-
- /* add to or create new subject entry */
- if ( subjectEntry ) {
- /* REWRITE BASED ON SUBJECT ENTRY */
- cert->dbhandle = handle;
- rv = AddPermSubjectNode(subjectEntry, cert, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- /* make a new subject entry - this case is only used when updating
- * an old version of the database. This is OK because the oldnickname
- * db format didn't allow multiple certs with the same subject.
- */
- /* where does subjectKeyID and certKey come from? */
- subjectEntry = NewDBSubjectEntry(&cert->derSubject, &cert->certKey,
- &cert->subjectKeyID, nickname,
- NULL, 0);
- if ( subjectEntry == NULL ) {
- goto loser;
- }
- rv = WriteDBSubjectEntry(handle, subjectEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- state = 3;
-
- if ( nicknameEntry ) {
- DestroyDBEntry((certDBEntry *)nicknameEntry);
- }
-
- if ( subjectEntry ) {
- DestroyDBEntry((certDBEntry *)subjectEntry);
- }
-
- return(certEntry);
-
-loser:
- /* don't leave partial entry in the database */
- if ( state > 0 ) {
- rv = DeleteDBCertEntry(handle, &cert->certKey);
- }
- if ( ( state > 1 ) && donnentry ) {
- rv = DeleteDBNicknameEntry(handle, nickname);
- }
- if ( state > 2 ) {
- rv = DeleteDBSubjectEntry(handle, &cert->derSubject);
- }
- if ( certEntry ) {
- DestroyDBEntry((certDBEntry *)certEntry);
- }
- if ( nicknameEntry ) {
- DestroyDBEntry((certDBEntry *)nicknameEntry);
- }
- if ( subjectEntry ) {
- DestroyDBEntry((certDBEntry *)subjectEntry);
- }
-
- return(NULL);
-}
-
-/* forward declaration */
-static SECStatus
-UpdateV7DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb);
-
-/*
- * version 8 uses the same schema as version 7. The only differences are
- * 1) version 8 db uses the blob shim to store data entries > 32k.
- * 2) version 8 db sets the db block size to 32k.
- * both of these are dealt with by the handle.
- */
-
-static SECStatus
-UpdateV8DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- return UpdateV7DB(handle,updatedb);
-}
-
-
-/*
- * we could just blindly sequence through reading key data pairs and writing
- * them back out, but some cert.db's have gotten quite large and may have some
- * subtle corruption problems, so instead we cycle through the certs and
- * CRL's and S/MIME profiles and rebuild our subject lists from those records.
- */
-static SECStatus
-UpdateV7DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- DBT key, data;
- int ret;
- NSSLOWCERTCertificate *cert;
- PRBool isKRL = PR_FALSE;
- certDBEntryType entryType;
- SECItem dbEntry, dbKey;
- certDBEntryRevocation crlEntry;
- certDBEntryCert certEntry;
- certDBEntrySMime smimeEntry;
- SECStatus rv;
-
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
-
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- unsigned char *dataBuf = (unsigned char *)data.data;
- unsigned char *keyBuf = (unsigned char *)key.data;
- dbEntry.data = &dataBuf[SEC_DB_ENTRY_HEADER_LEN];
- dbEntry.len = data.size - SEC_DB_ENTRY_HEADER_LEN;
- entryType = (certDBEntryType) keyBuf[0];
- dbKey.data = &keyBuf[SEC_DB_KEY_HEADER_LEN];
- dbKey.len = key.size - SEC_DB_KEY_HEADER_LEN;
- if ((dbEntry.len <= 0) || (dbKey.len <= 0)) {
- continue;
- }
-
- switch (entryType) {
- /* these entries will get regenerated as we read the
- * rest of the data from the database */
- case certDBEntryTypeVersion:
- case certDBEntryTypeSubject:
- case certDBEntryTypeContentVersion:
- case certDBEntryTypeNickname:
- break;
-
- case certDBEntryTypeCert:
- /* decode Entry */
- certEntry.common.version = (unsigned int)dataBuf[0];
- certEntry.common.type = entryType;
- certEntry.common.flags = (unsigned int)dataBuf[2];
- rv = DecodeDBCertEntry(&certEntry,&dbEntry);
- if (rv != SECSuccess) {
- break;
- }
- /* should we check for existing duplicates? */
- cert = nsslowcert_DecodeDERCertificate(&certEntry.derCert,
- certEntry.nickname);
- if (cert) {
- nsslowcert_UpdatePermCert(handle, cert, certEntry.nickname,
- &certEntry.trust);
- nsslowcert_DestroyCertificate(cert);
- }
- /* free any data the decode may have allocated. */
- pkcs11_freeStaticData(certEntry.derCert.data,
- certEntry.derCertSpace);
- pkcs11_freeNickname(certEntry.nickname, certEntry.nicknameSpace);
- break;
-
- case certDBEntryTypeKeyRevocation:
- isKRL = PR_TRUE;
- /* fall through */
- case certDBEntryTypeRevocation:
- crlEntry.common.version = (unsigned int)dataBuf[0];
- crlEntry.common.type = entryType;
- crlEntry.common.flags = (unsigned int)dataBuf[2];
- crlEntry.common.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (crlEntry.common.arena == NULL) {
- break;
- }
- rv = DecodeDBCrlEntry(&crlEntry,&dbEntry);
- if (rv != SECSuccess) {
- break;
- }
- nsslowcert_UpdateCrl(handle, &crlEntry.derCrl, &dbKey,
- crlEntry.url, isKRL);
- /* free data allocated by the decode */
- PORT_FreeArena(crlEntry.common.arena, PR_FALSE);
- crlEntry.common.arena = NULL;
- break;
-
- case certDBEntryTypeSMimeProfile:
- smimeEntry.common.version = (unsigned int)dataBuf[0];
- smimeEntry.common.type = entryType;
- smimeEntry.common.flags = (unsigned int)dataBuf[2];
- smimeEntry.common.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- rv = DecodeDBSMimeEntry(&smimeEntry,&dbEntry,(char *)dbKey.data);
- /* decode entry */
- nsslowcert_UpdateSMimeProfile(handle, smimeEntry.emailAddr,
- &smimeEntry.subjectName, &smimeEntry.smimeOptions,
- &smimeEntry.optionsDate);
- PORT_FreeArena(smimeEntry.common.arena, PR_FALSE);
- smimeEntry.common.arena = NULL;
- break;
- default:
- break;
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- (* updatedb->close)(updatedb);
-
- /* a database update is a good time to go back and verify the integrity of
- * the keys and certs */
- handle->dbVerify = PR_TRUE;
- return(SECSuccess);
-}
-
-/*
- * NOTE - Version 6 DB did not go out to the real world in a release,
- * so we can remove this function in a later release.
- */
-static SECStatus
-UpdateV6DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- int ret;
- DBT key, data;
- unsigned char *buf, *tmpbuf = NULL;
- certDBEntryType type;
- certDBEntryNickname *nnEntry = NULL;
- certDBEntrySubject *subjectEntry = NULL;
- certDBEntrySMime *emailEntry = NULL;
- char *nickname;
- char *emailAddr;
- SECStatus rv;
-
- /*
- * Sequence through the old database and copy all of the entries
- * to the new database. Subject name entries will have the new
- * fields inserted into them (with zero length).
- */
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- buf = (unsigned char *)data.data;
-
- if ( data.size >= 3 ) {
- if ( buf[0] == 6 ) { /* version number */
- type = (certDBEntryType)buf[1];
- if ( type == certDBEntryTypeSubject ) {
- /* expando subjecto entrieo */
- tmpbuf = (unsigned char *)PORT_Alloc(data.size + 4);
- if ( tmpbuf ) {
- /* copy header stuff */
- PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN + 2);
- /* insert 4 more bytes of zero'd header */
- PORT_Memset(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 2],
- 0, 4);
- /* copy rest of the data */
- PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
- &buf[SEC_DB_ENTRY_HEADER_LEN + 2],
- data.size - (SEC_DB_ENTRY_HEADER_LEN + 2));
-
- data.data = (void *)tmpbuf;
- data.size += 4;
- buf = tmpbuf;
- }
- } else if ( type == certDBEntryTypeCert ) {
- /* expando certo entrieo */
- tmpbuf = (unsigned char *)PORT_Alloc(data.size + 3);
- if ( tmpbuf ) {
- /* copy header stuff */
- PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN);
-
- /* copy trust flage, setting msb's to 0 */
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN] = 0;
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+1] =
- buf[SEC_DB_ENTRY_HEADER_LEN];
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+2] = 0;
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+3] =
- buf[SEC_DB_ENTRY_HEADER_LEN+1];
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+4] = 0;
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+5] =
- buf[SEC_DB_ENTRY_HEADER_LEN+2];
-
- /* copy rest of the data */
- PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
- &buf[SEC_DB_ENTRY_HEADER_LEN + 3],
- data.size - (SEC_DB_ENTRY_HEADER_LEN + 3));
-
- data.data = (void *)tmpbuf;
- data.size += 3;
- buf = tmpbuf;
- }
-
- }
-
- /* update the record version number */
- buf[0] = CERT_DB_FILE_VERSION;
-
- /* copy to the new database */
- ret = certdb_Put(handle->permCertDB, &key, &data, 0);
- if ( tmpbuf ) {
- PORT_Free(tmpbuf);
- tmpbuf = NULL;
- }
- }
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- ret = certdb_Sync(handle->permCertDB, 0);
-
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- buf = (unsigned char *)data.data;
-
- if ( data.size >= 3 ) {
- if ( buf[0] == CERT_DB_FILE_VERSION ) { /* version number */
- type = (certDBEntryType)buf[1];
- if ( type == certDBEntryTypeNickname ) {
- nickname = &((char *)key.data)[1];
-
- /* get the matching nickname entry in the new DB */
- nnEntry = ReadDBNicknameEntry(handle, nickname);
- if ( nnEntry == NULL ) {
- goto endloop;
- }
-
- /* find the subject entry pointed to by nickname */
- subjectEntry = ReadDBSubjectEntry(handle,
- &nnEntry->subjectName);
- if ( subjectEntry == NULL ) {
- goto endloop;
- }
-
- subjectEntry->nickname =
- (char *)PORT_ArenaAlloc(subjectEntry->common.arena,
- key.size - 1);
- if ( subjectEntry->nickname ) {
- PORT_Memcpy(subjectEntry->nickname, nickname,
- key.size - 1);
- rv = WriteDBSubjectEntry(handle, subjectEntry);
- }
- } else if ( type == certDBEntryTypeSMimeProfile ) {
- emailAddr = &((char *)key.data)[1];
-
- /* get the matching smime entry in the new DB */
- emailEntry = nsslowcert_ReadDBSMimeEntry(handle, emailAddr);
- if ( emailEntry == NULL ) {
- goto endloop;
- }
-
- /* find the subject entry pointed to by nickname */
- subjectEntry = ReadDBSubjectEntry(handle,
- &emailEntry->subjectName);
- if ( subjectEntry == NULL ) {
- goto endloop;
- }
-
- subjectEntry->emailAddrs = (char **)
- PORT_ArenaAlloc(subjectEntry->common.arena,
- sizeof(char *));
- if ( subjectEntry->emailAddrs ) {
- subjectEntry->emailAddrs[0] =
- (char *)PORT_ArenaAlloc(subjectEntry->common.arena,
- key.size - 1);
- if ( subjectEntry->emailAddrs[0] ) {
- PORT_Memcpy(subjectEntry->emailAddrs[0], emailAddr,
- key.size - 1);
- subjectEntry->nemailAddrs = 1;
- rv = WriteDBSubjectEntry(handle, subjectEntry);
- }
- }
- }
-
-endloop:
- if ( subjectEntry ) {
- DestroyDBEntry((certDBEntry *)subjectEntry);
- subjectEntry = NULL;
- }
- if ( nnEntry ) {
- DestroyDBEntry((certDBEntry *)nnEntry);
- nnEntry = NULL;
- }
- if ( emailEntry ) {
- DestroyDBEntry((certDBEntry *)emailEntry);
- emailEntry = NULL;
- }
- }
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- ret = certdb_Sync(handle->permCertDB, 0);
-
- (* updatedb->close)(updatedb);
- return(SECSuccess);
-}
-
-
-static SECStatus
-updateV5Callback(NSSLOWCERTCertificate *cert, SECItem *k, void *pdata)
-{
- NSSLOWCERTCertDBHandle *handle;
- certDBEntryCert *entry;
- NSSLOWCERTCertTrust *trust;
-
- handle = (NSSLOWCERTCertDBHandle *)pdata;
- trust = &cert->dbEntry->trust;
-
- /* SSL user certs can be used for email if they have an email addr */
- if ( cert->emailAddr && ( trust->sslFlags & CERTDB_USER ) &&
- ( trust->emailFlags == 0 ) ) {
- trust->emailFlags = CERTDB_USER;
- }
- /* servers didn't set the user flags on the server cert.. */
- if (PORT_Strcmp(cert->dbEntry->nickname,"Server-Cert") == 0) {
- trust->sslFlags |= CERTDB_USER;
- }
-
- entry = AddCertToPermDB(handle, cert, cert->dbEntry->nickname,
- &cert->dbEntry->trust);
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
-
- return(SECSuccess);
-}
-
-static SECStatus
-UpdateV5DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- NSSLOWCERTCertDBHandle updatehandle;
- SECStatus rv;
-
- updatehandle.permCertDB = updatedb;
- updatehandle.dbMon = PZ_NewMonitor(nssILockCertDB);
-
- rv = nsslowcert_TraversePermCerts(&updatehandle, updateV5Callback,
- (void *)handle);
-
- PZ_DestroyMonitor(updatehandle.dbMon);
-
- (* updatedb->close)(updatedb);
- return(SECSuccess);
-}
-
-static PRBool
-isV4DB(DB *db) {
- DBT key,data;
- int ret;
-
- key.data = "Version";
- key.size = 7;
-
- ret = (*db->get)(db, &key, &data, 0);
- if (ret) {
- return PR_FALSE;
- }
-
- if ((data.size == 1) && (*(unsigned char *)data.data <= 4)) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-static SECStatus
-UpdateV4DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- DBT key, data;
- certDBEntryCert *entry, *entry2;
- int ret;
- PRArenaPool *arena = NULL;
- NSSLOWCERTCertificate *cert;
-
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
-
- if ( ret ) {
- return(SECFailure);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return(SECFailure);
- }
-
- do {
- if ( data.size != 1 ) { /* skip version number */
-
- /* decode the old DB entry */
- entry = (certDBEntryCert *)
- DecodeV4DBCertEntry((unsigned char*)data.data, data.size);
-
- if ( entry ) {
- cert = nsslowcert_DecodeDERCertificate(&entry->derCert,
- entry->nickname);
-
- if ( cert != NULL ) {
- /* add to new database */
- entry2 = AddCertToPermDB(handle, cert, entry->nickname,
- &entry->trust);
-
- nsslowcert_DestroyCertificate(cert);
- if ( entry2 ) {
- DestroyDBEntry((certDBEntry *)entry2);
- }
- }
- DestroyDBEntry((certDBEntry *)entry);
- }
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- PORT_FreeArena(arena, PR_FALSE);
- (* updatedb->close)(updatedb);
- return(SECSuccess);
-}
-
-
-/*
- * return true if a database key conflict exists
- */
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle)
-{
- SECStatus rv;
- DBT tmpdata;
- DBT namekey;
- int ret;
- SECItem keyitem;
- PRArenaPool *arena = NULL;
- SECItem derKey;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- /* get the db key of the cert */
- rv = nsslowcert_KeyFromDERCert(arena, derCert, &derKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBCertKey(&derKey, arena, &keyitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- namekey.data = keyitem.data;
- namekey.size = keyitem.len;
-
- ret = certdb_Get(handle->permCertDB, &namekey, &tmpdata, 0);
- if ( ret == 0 ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
-
- return(PR_FALSE);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(PR_TRUE);
-}
-
-/*
- * return true if a nickname conflict exists
- * NOTE: caller must have already made sure that this exact cert
- * doesn't exist in the DB
- */
-static PRBool
-nsslowcert_CertNicknameConflict(char *nickname, SECItem *derSubject,
- NSSLOWCERTCertDBHandle *handle)
-{
- PRBool rv;
- certDBEntryNickname *entry;
-
- if ( nickname == NULL ) {
- return(PR_FALSE);
- }
-
- entry = ReadDBNicknameEntry(handle, nickname);
-
- if ( entry == NULL ) {
- /* no entry for this nickname, so no conflict */
- return(PR_FALSE);
- }
-
- rv = PR_TRUE;
- if ( SECITEM_CompareItem(derSubject, &entry->subjectName) == SECEqual ) {
- /* if subject names are the same, then no conflict */
- rv = PR_FALSE;
- }
-
- DestroyDBEntry((certDBEntry *)entry);
- return(rv);
-}
-
-#ifdef DBM_USING_NSPR
-#define NO_RDONLY PR_RDONLY
-#define NO_RDWR PR_RDWR
-#define NO_CREATE (PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
-#else
-#define NO_RDONLY O_RDONLY
-#define NO_RDWR O_RDWR
-#define NO_CREATE (O_RDWR | O_CREAT | O_TRUNC)
-#endif
-
-/*
- * open an old database that needs to be updated
- */
-static DB *
-nsslowcert_openolddb(NSSLOWCERTDBNameFunc namecb, void *cbarg, int version)
-{
- char * tmpname;
- DB *updatedb = NULL;
-
- tmpname = (* namecb)(cbarg, version); /* get v6 db name */
- if ( tmpname ) {
- updatedb = dbopen( tmpname, NO_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free(tmpname);
- }
- return updatedb;
-}
-
-static SECStatus
-openNewCertDB(const char *appName, const char *prefix, const char *certdbname,
- NSSLOWCERTCertDBHandle *handle, NSSLOWCERTDBNameFunc namecb, void *cbarg)
-{
- SECStatus rv;
- certDBEntryVersion *versionEntry = NULL;
- DB *updatedb = NULL;
- int status = RDB_FAIL;
-
- if (appName) {
- handle->permCertDB=rdbopen( appName, prefix, "cert", NO_CREATE, &status);
- } else {
- handle->permCertDB=dbsopen(certdbname, NO_CREATE, 0600, DB_HASH, 0);
- }
-
- /* if create fails then we lose */
- if ( handle->permCertDB == 0 ) {
- return status == RDB_RETRY ? SECWouldBlock : SECFailure;
- }
-
- rv = db_BeginTransaction(handle->permCertDB);
- if (rv != SECSuccess) {
- db_InitComplete(handle->permCertDB);
- return SECFailure;
- }
-
- /* Verify version number; */
-
- if (appName) {
- updatedb = dbsopen(certdbname, NO_RDONLY, 0600, DB_HASH, 0);
- if (updatedb) {
- rv = UpdateV8DB(handle, updatedb);
- db_FinishTransaction(handle->permCertDB,PR_FALSE);
- db_InitComplete(handle->permCertDB);
- return(rv);
- }
- }
-
- versionEntry = NewDBVersionEntry(0);
- if ( versionEntry == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = WriteDBVersionEntry(handle, versionEntry);
-
- DestroyDBEntry((certDBEntry *)versionEntry);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* rv must already be Success here because of previous if statement */
- /* try to upgrade old db here */
- if ((updatedb = nsslowcert_openolddb(namecb,cbarg,7)) != NULL) {
- rv = UpdateV7DB(handle, updatedb);
- } else if ((updatedb = nsslowcert_openolddb(namecb,cbarg,6)) != NULL) {
- rv = UpdateV6DB(handle, updatedb);
- } else if ((updatedb = nsslowcert_openolddb(namecb,cbarg,5)) != NULL) {
- rv = UpdateV5DB(handle, updatedb);
- } else if ((updatedb = nsslowcert_openolddb(namecb,cbarg,4)) != NULL) {
- /* NES has v5 format db's with v4 db names! */
- if (isV4DB(updatedb)) {
- rv = UpdateV4DB(handle,updatedb);
- } else {
- rv = UpdateV5DB(handle,updatedb);
- }
- }
-
-
-loser:
- db_FinishTransaction(handle->permCertDB,rv != SECSuccess);
- db_InitComplete(handle->permCertDB);
- return rv;
-}
-
-static int
-nsslowcert_GetVersionNumber( NSSLOWCERTCertDBHandle *handle)
-{
- certDBEntryVersion *versionEntry = NULL;
- int version = 0;
-
- versionEntry = ReadDBVersionEntry(handle);
- if ( versionEntry == NULL ) {
- return 0;
- }
- version = versionEntry->common.version;
- DestroyDBEntry((certDBEntry *)versionEntry);
- return version;
-}
-
-/*
- * Open the certificate database and index databases. Create them if
- * they are not there or bad.
- */
-static SECStatus
-nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
- const char *appName, const char *prefix,
- NSSLOWCERTDBNameFunc namecb, void *cbarg)
-{
- SECStatus rv;
- int openflags;
- char *certdbname;
- int version = 0;
-
- certdbname = (* namecb)(cbarg, CERT_DB_FILE_VERSION);
- if ( certdbname == NULL ) {
- return(SECFailure);
- }
-
- openflags = readOnly ? NO_RDONLY : NO_RDWR;
-
- /*
- * first open the permanent file based database.
- */
- if (appName) {
- handle->permCertDB = rdbopen( appName, prefix, "cert", openflags, NULL);
- } else {
- handle->permCertDB = dbsopen( certdbname, openflags, 0600, DB_HASH, 0 );
- }
-
- /* check for correct version number */
- if ( handle->permCertDB ) {
- version = nsslowcert_GetVersionNumber(handle);
- if ((version != CERT_DB_FILE_VERSION) &&
- !(appName && version == CERT_DB_V7_FILE_VERSION)) {
- goto loser;
- }
- } else if ( readOnly ) {
- /* don't create if readonly */
- /* Try openning a version 7 database */
- handle->permCertDB = nsslowcert_openolddb(namecb,cbarg, 7);
- if (!handle->permCertDB) {
- goto loser;
- }
- if (nsslowcert_GetVersionNumber(handle) != 7) {
- goto loser;
- }
- } else {
- /* if first open fails, try to create a new DB */
- rv = openNewCertDB(appName,prefix,certdbname,handle,namecb,cbarg);
- if (rv == SECWouldBlock) {
- /* only the rdb version can fail with wouldblock */
- handle->permCertDB =
- rdbopen( appName, prefix, "cert", openflags, NULL);
-
- /* check for correct version number */
- if ( !handle->permCertDB ) {
- goto loser;
- }
- version = nsslowcert_GetVersionNumber(handle);
- if ((version != CERT_DB_FILE_VERSION) &&
- !(appName && version == CERT_DB_V7_FILE_VERSION)) {
- goto loser;
- }
- } else if (rv != SECSuccess) {
- goto loser;
- }
- }
-
- PORT_Free(certdbname);
-
- return (SECSuccess);
-
-loser:
-
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
-
- if ( handle->permCertDB ) {
- certdb_Close(handle->permCertDB);
- handle->permCertDB = 0;
- }
-
- PORT_Free(certdbname);
-
- return(SECFailure);
-}
-
-/*
- * delete all DB records associated with a particular certificate
- */
-static SECStatus
-DeletePermCert(NSSLOWCERTCertificate *cert)
-{
- SECStatus rv;
- SECStatus ret;
-
- ret = SECSuccess;
-
- rv = DeleteDBCertEntry(cert->dbhandle, &cert->certKey);
- if ( rv != SECSuccess ) {
- ret = SECFailure;
- }
-
- rv = RemovePermSubjectNode(cert);
-
-
- return(ret);
-}
-
-/*
- * Delete a certificate from the permanent database.
- */
-SECStatus
-nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert)
-{
- SECStatus rv;
-
- nsslowcert_LockDB(cert->dbhandle);
-
- rv = db_BeginTransaction(cert->dbhandle->permCertDB);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- /* delete the records from the permanent database */
- rv = DeletePermCert(cert);
-
- /* get rid of dbcert and stuff pointing to it */
- DestroyDBEntry((certDBEntry *)cert->dbEntry);
- cert->dbEntry = NULL;
- cert->trust = NULL;
-
- db_FinishTransaction(cert->dbhandle->permCertDB,rv != SECSuccess);
-loser:
-
- nsslowcert_UnlockDB(cert->dbhandle);
- return(rv);
-}
-
-/*
- * Traverse all of the entries in the database of a particular type
- * call the given function for each one.
- */
-SECStatus
-nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
- certDBEntryType type,
- SECStatus (* callback)(SECItem *data, SECItem *key,
- certDBEntryType type, void *pdata),
- void *udata )
-{
- DBT data;
- DBT key;
- SECStatus rv;
- int ret;
- SECItem dataitem;
- SECItem keyitem;
- unsigned char *buf;
- unsigned char *keybuf;
-
- ret = certdb_Seq(handle->permCertDB, &key, &data, R_FIRST);
-
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- buf = (unsigned char *)data.data;
-
- if ( buf[1] == (unsigned char)type ) {
- dataitem.len = data.size;
- dataitem.data = buf;
- dataitem.type = siBuffer;
- keyitem.len = key.size - SEC_DB_KEY_HEADER_LEN;
- keybuf = (unsigned char *)key.data;
- keyitem.data = &keybuf[SEC_DB_KEY_HEADER_LEN];
- keyitem.type = siBuffer;
-
- rv = (* callback)(&dataitem, &keyitem, type, udata);
- if ( rv != SECSuccess ) {
- return(rv);
- }
- }
- } while ( certdb_Seq(handle->permCertDB, &key, &data, R_NEXT) == 0 );
-
- return(SECSuccess);
-}
-/*
- * Decode a certificate and enter it into the temporary certificate database.
- * Deal with nicknames correctly
- *
- * This is the private entry point.
- */
-static NSSLOWCERTCertificate *
-DecodeACert(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
-{
- NSSLOWCERTCertificate *cert = NULL;
-
- cert = nsslowcert_DecodeDERCertificate(&entry->derCert, entry->nickname );
-
- if ( cert == NULL ) {
- goto loser;
- }
-
- cert->dbhandle = handle;
- cert->dbEntry = entry;
- cert->trust = &entry->trust;
-
- return(cert);
-
-loser:
- return(0);
-}
-
-static NSSLOWCERTTrust *
-CreateTrust(void)
-{
- NSSLOWCERTTrust *trust = NULL;
-
- nsslowcert_LockFreeList();
- trust = trustListHead;
- if (trust) {
- trustListCount--;
- trustListHead = trust->next;
- }
- nsslowcert_UnlockFreeList();
- if (trust) {
- return trust;
- }
-
- return PORT_ZAlloc(sizeof(NSSLOWCERTTrust));
-}
-
-
-static NSSLOWCERTTrust *
-DecodeTrustEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry, SECItem *dbKey)
-{
- NSSLOWCERTTrust *trust = CreateTrust();
- if (trust == NULL) {
- return trust;
- }
- trust->dbhandle = handle;
- trust->dbEntry = entry;
- trust->dbKey.data = pkcs11_copyStaticData(dbKey->data,dbKey->len,
- trust->dbKeySpace, sizeof(trust->dbKeySpace));
- if (!trust->dbKey.data) {
- PORT_Free(trust);
- return NULL;
- }
- trust->dbKey.len = dbKey->len;
-
- trust->trust = &entry->trust;
- trust->derCert = &entry->derCert;
-
- return(trust);
-}
-
-typedef struct {
- PermCertCallback certfunc;
- NSSLOWCERTCertDBHandle *handle;
- void *data;
-} PermCertCallbackState;
-
-/*
- * traversal callback to decode certs and call callers callback
- */
-static SECStatus
-certcallback(SECItem *dbdata, SECItem *dbkey, certDBEntryType type, void *data)
-{
- PermCertCallbackState *mystate;
- SECStatus rv;
- certDBEntryCert *entry;
- SECItem entryitem;
- NSSLOWCERTCertificate *cert;
- PRArenaPool *arena = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
- mystate = (PermCertCallbackState *)data;
- entry->common.version = (unsigned int)dbdata->data[0];
- entry->common.type = (certDBEntryType)dbdata->data[1];
- entry->common.flags = (unsigned int)dbdata->data[2];
- entry->common.arena = arena;
-
- entryitem.len = dbdata->len - SEC_DB_ENTRY_HEADER_LEN;
- entryitem.data = &dbdata->data[SEC_DB_ENTRY_HEADER_LEN];
-
- rv = DecodeDBCertEntry(entry, &entryitem);
- if (rv != SECSuccess ) {
- goto loser;
- }
- entry->derCert.type = siBuffer;
-
- /* note: Entry is 'inheritted'. */
- cert = DecodeACert(mystate->handle, entry);
-
- rv = (* mystate->certfunc)(cert, dbkey, mystate->data);
-
- /* arena stored in entry destroyed by nsslowcert_DestroyCertificate */
- nsslowcert_DestroyCertificateNoLocking(cert);
-
- return(rv);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return(SECFailure);
-}
-
-/*
- * Traverse all of the certificates in the permanent database and
- * call the given function for each one; expect the caller to have lock.
- */
-static SECStatus
-TraversePermCertsNoLocking(NSSLOWCERTCertDBHandle *handle,
- SECStatus (* certfunc)(NSSLOWCERTCertificate *cert,
- SECItem *k,
- void *pdata),
- void *udata )
-{
- SECStatus rv;
- PermCertCallbackState mystate;
-
- mystate.certfunc = certfunc;
- mystate.handle = handle;
- mystate.data = udata;
- rv = nsslowcert_TraverseDBEntries(handle, certDBEntryTypeCert, certcallback,
- (void *)&mystate);
-
- return(rv);
-}
-
-/*
- * Traverse all of the certificates in the permanent database and
- * call the given function for each one.
- */
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
- SECStatus (* certfunc)(NSSLOWCERTCertificate *cert, SECItem *k,
- void *pdata),
- void *udata )
-{
- SECStatus rv;
-
- nsslowcert_LockDB(handle);
- rv = TraversePermCertsNoLocking(handle, certfunc, udata);
- nsslowcert_UnlockDB(handle);
-
- return(rv);
-}
-
-
-
-/*
- * Close the database
- */
-void
-nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle)
-{
- if ( handle ) {
- if ( handle->permCertDB ) {
- certdb_Close( handle->permCertDB );
- handle->permCertDB = NULL;
- }
- if (handle->dbMon) {
- PZ_DestroyMonitor(handle->dbMon);
- handle->dbMon = NULL;
- }
- }
- return;
-}
-
-/*
- * Get the trust attributes from a certificate
- */
-SECStatus
-nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
-{
- SECStatus rv;
-
- nsslowcert_LockCertTrust(cert);
-
- if ( cert->trust == NULL ) {
- rv = SECFailure;
- } else {
- *trust = *cert->trust;
- rv = SECSuccess;
- }
-
- nsslowcert_UnlockCertTrust(cert);
- return(rv);
-}
-
-/*
- * Change the trust attributes of a certificate and make them permanent
- * in the database.
- */
-SECStatus
-nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle,
- NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
-{
- certDBEntryCert *entry;
- int rv;
- SECStatus ret;
-
- nsslowcert_LockDB(handle);
- nsslowcert_LockCertTrust(cert);
- /* only set the trust on permanent certs */
- if ( cert->trust == NULL ) {
- ret = SECFailure;
- goto done;
- }
-
- *cert->trust = *trust;
- if ( cert->dbEntry == NULL ) {
- ret = SECSuccess; /* not in permanent database */
- goto done;
- }
-
- entry = cert->dbEntry;
- entry->trust = *trust;
-
- rv = WriteDBCertEntry(handle, entry);
- if ( rv ) {
- ret = SECFailure;
- goto done;
- }
-
- ret = SECSuccess;
-
-done:
- nsslowcert_UnlockCertTrust(cert);
- nsslowcert_UnlockDB(handle);
- return(ret);
-}
-
-
-static SECStatus
-nsslowcert_UpdatePermCert(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
-{
- char *oldnn;
- certDBEntryCert *entry;
- PRBool conflict;
- SECStatus ret;
-
- PORT_Assert(!cert->dbEntry);
-
- /* don't add a conflicting nickname */
- conflict = nsslowcert_CertNicknameConflict(nickname, &cert->derSubject,
- dbhandle);
- if ( conflict ) {
- ret = SECFailure;
- goto done;
- }
-
- /* save old nickname so that we can delete it */
- oldnn = cert->nickname;
-
- entry = AddCertToPermDB(dbhandle, cert, nickname, trust);
-
- if ( entry == NULL ) {
- ret = SECFailure;
- goto done;
- }
-
- pkcs11_freeNickname(oldnn,cert->nicknameSpace);
-
- cert->nickname = (entry->nickname) ? pkcs11_copyNickname(entry->nickname,
- cert->nicknameSpace, sizeof(cert->nicknameSpace)) : NULL;
- cert->trust = &entry->trust;
- cert->dbEntry = entry;
-
- ret = SECSuccess;
-done:
- return(ret);
-}
-
-SECStatus
-nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
-{
- SECStatus ret;
- SECStatus rv;
-
- nsslowcert_LockDB(dbhandle);
- rv = db_BeginTransaction(dbhandle->permCertDB);
- if (rv != SECSuccess) {
- nsslowcert_UnlockDB(dbhandle);
- return SECFailure;
- }
-
- ret = nsslowcert_UpdatePermCert(dbhandle, cert, nickname, trust);
-
- db_FinishTransaction(dbhandle->permCertDB, ret != SECSuccess);
- nsslowcert_UnlockDB(dbhandle);
- return(ret);
-}
-
-/*
- * Open the certificate database and index databases. Create them if
- * they are not there or bad.
- */
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
- const char *appName, const char *prefix,
- NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
-{
- int rv;
-
- certdb_InitDBLock(handle);
-
- handle->dbMon = PZ_NewMonitor(nssILockCertDB);
- PORT_Assert(handle->dbMon != NULL);
- handle->dbVerify = PR_FALSE;
-
- rv = nsslowcert_OpenPermCertDB(handle, readOnly, appName, prefix,
- namecb, cbarg);
- if ( rv ) {
- goto loser;
- }
-
- return (SECSuccess);
-
-loser:
-
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
-}
-
-PRBool
-nsslowcert_needDBVerify(NSSLOWCERTCertDBHandle *handle)
-{
- if (!handle) return PR_FALSE;
- return handle->dbVerify;
-}
-
-void
-nsslowcert_setDBVerify(NSSLOWCERTCertDBHandle *handle, PRBool value)
-{
- handle->dbVerify = value;
-}
-
-
-/*
- * Lookup a certificate in the databases.
- */
-static NSSLOWCERTCertificate *
-FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey, PRBool lockdb)
-{
- NSSLOWCERTCertificate *cert = NULL;
- certDBEntryCert *entry;
- PRBool locked = PR_FALSE;
-
- if ( lockdb ) {
- locked = PR_TRUE;
- nsslowcert_LockDB(handle);
- }
-
- /* find in perm database */
- entry = ReadDBCertEntry(handle, certKey);
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- /* inherit entry */
- cert = DecodeACert(handle, entry);
-
-loser:
- if (cert == NULL) {
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- }
-
- if ( locked ) {
- nsslowcert_UnlockDB(handle);
- }
-
- return(cert);
-}
-
-/*
- * Lookup a certificate in the databases.
- */
-static NSSLOWCERTTrust *
-FindTrustByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey, PRBool lockdb)
-{
- NSSLOWCERTTrust *trust = NULL;
- certDBEntryCert *entry;
- PRBool locked = PR_FALSE;
-
- if ( lockdb ) {
- locked = PR_TRUE;
- nsslowcert_LockDB(handle);
- }
-
- /* find in perm database */
- entry = ReadDBCertEntry(handle, certKey);
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- if (!nsslowcert_hasTrust(&entry->trust)) {
- goto loser;
- }
-
- /* inherit entry */
- trust = DecodeTrustEntry(handle, entry, certKey);
-
-loser:
- if (trust == NULL) {
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- }
-
- if ( locked ) {
- nsslowcert_UnlockDB(handle);
- }
-
- return(trust);
-}
-
-/*
- * Lookup a certificate in the databases without locking
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- return(FindCertByKey(handle, certKey, PR_FALSE));
-}
-
-/*
- * Lookup a trust object in the databases without locking
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- return(FindTrustByKey(handle, certKey, PR_FALSE));
-}
-
-/*
- * Generate a key from an issuerAndSerialNumber, and find the
- * associated cert in the database.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN)
-{
- SECItem certKey;
- SECItem *sn = &issuerAndSN->serialNumber;
- SECItem *issuer = &issuerAndSN->derIssuer;
- NSSLOWCERTCertificate *cert;
- int data_left = sn->len-1;
- int data_len = sn->len;
- int index = 0;
-
- /* automatically detect DER encoded serial numbers and remove the der
- * encoding since the database expects unencoded data.
- * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
- if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
- /* remove the der encoding of the serial number before generating the
- * key.. */
- data_left = sn->len-2;
- data_len = sn->data[1];
- index = 2;
-
- /* extended length ? (not very likely for a serial number) */
- if (data_len & 0x80) {
- int len_count = data_len & 0x7f;
-
- data_len = 0;
- data_left -= len_count;
- if (data_left > 0) {
- while (len_count --) {
- data_len = (data_len << 8) | sn->data[index++];
- }
- }
- }
- /* XXX leaving any leading zeros on the serial number for backwards
- * compatibility
- */
- /* not a valid der, must be just an unlucky serial number value */
- if (data_len != data_left) {
- data_len = sn->len;
- index = 0;
- }
- }
-
- certKey.type = 0;
- certKey.data = (unsigned char*)PORT_Alloc(sn->len + issuer->len);
- certKey.len = data_len + issuer->len;
-
- if ( certKey.data == NULL ) {
- return(0);
- }
-
- /* first try the serial number as hand-decoded above*/
- /* copy the serialNumber */
- PORT_Memcpy(certKey.data, &sn->data[index], data_len);
-
- /* copy the issuer */
- PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);
-
- cert = nsslowcert_FindCertByKey(handle, &certKey);
- if (cert) {
- PORT_Free(certKey.data);
- return (cert);
- }
-
- /* didn't find it, try by der encoded serial number */
- /* copy the serialNumber */
- PORT_Memcpy(certKey.data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
- certKey.len = sn->len + issuer->len;
-
- cert = nsslowcert_FindCertByKey(handle, &certKey);
-
- PORT_Free(certKey.data);
-
- return(cert);
-}
-
-/*
- * Generate a key from an issuerAndSerialNumber, and find the
- * associated cert in the database.
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByIssuerAndSN(NSSLOWCERTCertDBHandle *handle,
- NSSLOWCERTIssuerAndSN *issuerAndSN)
-{
- SECItem certKey;
- SECItem *sn = &issuerAndSN->serialNumber;
- SECItem *issuer = &issuerAndSN->derIssuer;
- NSSLOWCERTTrust *trust;
- unsigned char keyBuf[512];
- int data_left = sn->len-1;
- int data_len = sn->len;
- int index = 0;
- int len;
-
- /* automatically detect DER encoded serial numbers and remove the der
- * encoding since the database expects unencoded data.
- * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
- if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
- /* remove the der encoding of the serial number before generating the
- * key.. */
- data_left = sn->len-2;
- data_len = sn->data[1];
- index = 2;
-
- /* extended length ? (not very likely for a serial number) */
- if (data_len & 0x80) {
- int len_count = data_len & 0x7f;
-
- data_len = 0;
- data_left -= len_count;
- if (data_left > 0) {
- while (len_count --) {
- data_len = (data_len << 8) | sn->data[index++];
- }
- }
- }
- /* XXX leaving any leading zeros on the serial number for backwards
- * compatibility
- */
- /* not a valid der, must be just an unlucky serial number value */
- if (data_len != data_left) {
- data_len = sn->len;
- index = 0;
- }
- }
-
- certKey.type = 0;
- certKey.len = data_len + issuer->len;
- len = sn->len + issuer->len;
- if (len > sizeof (keyBuf)) {
- certKey.data = (unsigned char*)PORT_Alloc(len);
- } else {
- certKey.data = keyBuf;
- }
-
- if ( certKey.data == NULL ) {
- return(0);
- }
-
- /* first try the serial number as hand-decoded above*/
- /* copy the serialNumber */
- PORT_Memcpy(certKey.data, &sn->data[index], data_len);
-
- /* copy the issuer */
- PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);
-
- trust = nsslowcert_FindTrustByKey(handle, &certKey);
- if (trust) {
- pkcs11_freeStaticData(certKey.data, keyBuf);
- return (trust);
- }
-
- if (index == 0) {
- pkcs11_freeStaticData(certKey.data, keyBuf);
- return NULL;
- }
-
- /* didn't find it, try by der encoded serial number */
- /* copy the serialNumber */
- PORT_Memcpy(certKey.data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
- certKey.len = sn->len + issuer->len;
-
- trust = nsslowcert_FindTrustByKey(handle, &certKey);
-
- pkcs11_freeStaticData(certKey.data, keyBuf);
-
- return(trust);
-}
-
-/*
- * look for the given DER certificate in the database
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert)
-{
- PRArenaPool *arena;
- SECItem certKey;
- SECStatus rv;
- NSSLOWCERTCertificate *cert = NULL;
-
- /* create a scratch arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return(NULL);
- }
-
- /* extract the database key from the cert */
- rv = nsslowcert_KeyFromDERCert(arena, derCert, &certKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* find the certificate */
- cert = nsslowcert_FindCertByKey(handle, &certKey);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(cert);
-}
-
-static void
-DestroyCertificate(NSSLOWCERTCertificate *cert, PRBool lockdb)
-{
- int refCount;
- NSSLOWCERTCertDBHandle *handle;
-
- if ( cert ) {
-
- handle = cert->dbhandle;
-
- /*
- * handle may be NULL, for example if the cert was created with
- * nsslowcert_DecodeDERCertificate.
- */
- if ( lockdb && handle ) {
- nsslowcert_LockDB(handle);
- }
-
- nsslowcert_LockCertRefCount(cert);
- PORT_Assert(cert->referenceCount > 0);
- refCount = --cert->referenceCount;
- nsslowcert_UnlockCertRefCount(cert);
-
- if ( ( refCount == 0 ) ) {
- certDBEntryCert *entry = cert->dbEntry;
-
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
-
- pkcs11_freeNickname(cert->nickname,cert->nicknameSpace);
- pkcs11_freeStaticData(cert->certKey.data,cert->certKeySpace);
- cert->certKey.data = NULL;
- cert->nickname = NULL;
-
- /* zero cert before freeing. Any stale references to this cert
- * after this point will probably cause an exception. */
- PORT_Memset(cert, 0, sizeof *cert);
-
- /* use reflock to protect the free list */
- nsslowcert_LockFreeList();
- if (certListCount > MAX_CERT_LIST_COUNT) {
- PORT_Free(cert);
- } else {
- certListCount++;
- cert->next = certListHead;
- certListHead = cert;
- }
- nsslowcert_UnlockFreeList();
-
- cert = NULL;
- }
- if ( lockdb && handle ) {
- nsslowcert_UnlockDB(handle);
- }
- }
-
- return;
-}
-
-NSSLOWCERTCertificate *
-nsslowcert_CreateCert(void)
-{
- NSSLOWCERTCertificate *cert;
- nsslowcert_LockFreeList();
- cert = certListHead;
- if (cert) {
- certListHead = cert->next;
- certListCount--;
- }
- nsslowcert_UnlockFreeList();
-
- if (cert) {
- return cert;
- }
- return (NSSLOWCERTCertificate *) PORT_ZAlloc(sizeof(NSSLOWCERTCertificate));
-}
-
-void
-nsslowcert_DestroyTrust(NSSLOWCERTTrust *trust)
-{
- certDBEntryCert *entry = trust->dbEntry;
-
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- pkcs11_freeStaticData(trust->dbKey.data,trust->dbKeySpace);
- PORT_Memset(trust, 0, sizeof(*trust));
-
- nsslowcert_LockFreeList();
- if (trustListCount > MAX_TRUST_LIST_COUNT) {
- PORT_Free(trust);
- } else {
- trustListCount++;
- trust->next = trustListHead;
- trustListHead = trust;
- }
- nsslowcert_UnlockFreeList();
-
- return;
-}
-
-void
-nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert)
-{
- DestroyCertificate(cert, PR_TRUE);
- return;
-}
-
-static void
-nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert)
-{
- DestroyCertificate(cert, PR_FALSE);
- return;
-}
-
-/*
- * Lookup a CRL in the databases. We mirror the same fast caching data base
- * caching stuff used by certificates....?
- */
-certDBEntryRevocation *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle,
- SECItem *crlKey, PRBool isKRL)
-{
- SECItem keyitem;
- DBT key;
- SECStatus rv;
- PRArenaPool *arena = NULL;
- certDBEntryRevocation *entry = NULL;
- certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
- : certDBEntryTypeRevocation;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBGenericKey(crlKey, arena, &keyitem, crlType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- key.data = keyitem.data;
- key.size = keyitem.len;
-
- /* find in perm database */
- entry = ReadDBCrlEntry(handle, crlKey, crlType);
-
- if ( entry == NULL ) {
- goto loser;
- }
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return entry;
-}
-
-/*
- * replace the existing URL in the data base with a new one
- */
-static SECStatus
-nsslowcert_UpdateCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
- SECItem *crlKey, char *url, PRBool isKRL)
-{
- SECStatus rv = SECFailure;
- certDBEntryRevocation *entry = NULL;
- certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
- : certDBEntryTypeRevocation;
- DeleteDBCrlEntry(handle, crlKey, crlType);
-
- /* Write the new entry into the data base */
- entry = NewDBCrlEntry(derCrl, url, crlType, 0);
- if (entry == NULL) goto done;
-
- rv = WriteDBCrlEntry(handle, entry, crlKey);
- if (rv != SECSuccess) goto done;
-
-done:
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- return rv;
-}
-
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
- SECItem *crlKey, char *url, PRBool isKRL)
-{
- SECStatus rv;
-
- rv = db_BeginTransaction(handle->permCertDB);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- rv = nsslowcert_UpdateCrl(handle, derCrl, crlKey, url, isKRL);
-
- db_FinishTransaction(handle->permCertDB, rv != SECSuccess);
- return rv;
-}
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle, SECItem *derName,
- PRBool isKRL)
-{
- SECStatus rv;
- certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
- : certDBEntryTypeRevocation;
- rv = db_BeginTransaction(handle->permCertDB);
- if (rv != SECSuccess) {
- return SECFailure;
- }
-
- rv = DeleteDBCrlEntry(handle, derName, crlType);
- if (rv != SECSuccess) goto done;
-
-done:
- db_FinishTransaction(handle->permCertDB, rv != SECSuccess);
- return rv;
-}
-
-
-PRBool
-nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust)
-{
- if (trust == NULL) {
- return PR_FALSE;
- }
- return !((trust->sslFlags & CERTDB_TRUSTED_UNKNOWN) &&
- (trust->emailFlags & CERTDB_TRUSTED_UNKNOWN) &&
- (trust->objectSigningFlags & CERTDB_TRUSTED_UNKNOWN));
-}
-
-/*
- * This function has the logic that decides if another person's cert and
- * email profile from an S/MIME message should be saved. It can deal with
- * the case when there is no profile.
- */
-static SECStatus
-nsslowcert_UpdateSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle,
- char *emailAddr, SECItem *derSubject, SECItem *emailProfile,
- SECItem *profileTime)
-{
- certDBEntrySMime *entry = NULL;
- SECStatus rv = SECFailure;;
-
-
- /* find our existing entry */
- entry = nsslowcert_ReadDBSMimeEntry(dbhandle, emailAddr);
-
- if ( entry ) {
- /* keep our old db entry consistant for old applications. */
- if (!SECITEM_ItemsAreEqual(derSubject, &entry->subjectName)) {
- nsslowcert_UpdateSubjectEmailAddr(dbhandle, &entry->subjectName,
- emailAddr, nsslowcert_remove);
- }
- DestroyDBEntry((certDBEntry *)entry);
- entry = NULL;
- }
-
- /* now save the entry */
- entry = NewDBSMimeEntry(emailAddr, derSubject, emailProfile,
- profileTime, 0);
- if ( entry == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- nsslowcert_LockDB(dbhandle);
-
- rv = DeleteDBSMimeEntry(dbhandle, emailAddr);
- /* if delete fails, try to write new entry anyway... */
-
- /* link subject entry back here */
- rv = nsslowcert_UpdateSubjectEmailAddr(dbhandle, derSubject, emailAddr,
- nsslowcert_add);
- if ( rv != SECSuccess ) {
- nsslowcert_UnlockDB(dbhandle);
- goto loser;
- }
-
- rv = WriteDBSMimeEntry(dbhandle, entry);
- if ( rv != SECSuccess ) {
- nsslowcert_UnlockDB(dbhandle);
- goto loser;
- }
-
- nsslowcert_UnlockDB(dbhandle);
-
- rv = SECSuccess;
-
-loser:
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- return(rv);
-}
-
-SECStatus
-nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr,
- SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime)
-{
- certDBEntrySMime *entry = NULL;
- SECStatus rv = SECFailure;;
-
- rv = db_BeginTransaction(dbhandle->permCertDB);
- if (rv != SECSuccess) {
- return SECFailure;
- }
-
- rv = nsslowcert_UpdateSMimeProfile(dbhandle, emailAddr,
- derSubject, emailProfile, profileTime);
-
- db_FinishTransaction(dbhandle->permCertDB, rv != SECSuccess);
- return(rv);
-}
-
-void
-nsslowcert_DestroyGlobalLocks()
-{
- if (dbLock) {
- PZ_DestroyLock(dbLock);
- dbLock = NULL;
- }
- if (certRefCountLock) {
- PZ_DestroyLock(certRefCountLock);
- certRefCountLock = NULL;
- }
- if (certTrustLock) {
- PZ_DestroyLock(certTrustLock);
- certTrustLock = NULL;
- }
-}
-
diff --git a/security/nss/lib/softoken/pcertt.h b/security/nss/lib/softoken/pcertt.h
deleted file mode 100644
index 13a155b1e..000000000
--- a/security/nss/lib/softoken/pcertt.h
+++ /dev/null
@@ -1,443 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _PCERTT_H_
-#define _PCERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-/* Non-opaque objects */
-typedef struct NSSLOWCERTCertDBHandleStr NSSLOWCERTCertDBHandle;
-typedef struct NSSLOWCERTCertKeyStr NSSLOWCERTCertKey;
-
-typedef struct NSSLOWCERTTrustStr NSSLOWCERTTrust;
-typedef struct NSSLOWCERTCertTrustStr NSSLOWCERTCertTrust;
-typedef struct NSSLOWCERTCertificateStr NSSLOWCERTCertificate;
-typedef struct NSSLOWCERTCertificateListStr NSSLOWCERTCertificateList;
-typedef struct NSSLOWCERTIssuerAndSNStr NSSLOWCERTIssuerAndSN;
-typedef struct NSSLOWCERTSignedDataStr NSSLOWCERTSignedData;
-typedef struct NSSLOWCERTSubjectPublicKeyInfoStr NSSLOWCERTSubjectPublicKeyInfo;
-typedef struct NSSLOWCERTValidityStr NSSLOWCERTValidity;
-
-/*
-** An X.509 validity object
-*/
-struct NSSLOWCERTValidityStr {
- PRArenaPool *arena;
- SECItem notBefore;
- SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct NSSLOWCERTCertKeyStr {
- SECItem serialNumber;
- SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct NSSLOWCERTSignedDataStr {
- SECItem data;
- SECAlgorithmID signatureAlgorithm;
- SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct NSSLOWCERTSubjectPublicKeyInfoStr {
- PRArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem subjectPublicKey;
-};
-
-typedef struct _certDBEntryCert certDBEntryCert;
-typedef struct _certDBEntryRevocation certDBEntryRevocation;
-
-struct NSSLOWCERTCertTrustStr {
- unsigned int sslFlags;
- unsigned int emailFlags;
- unsigned int objectSigningFlags;
-};
-
-/*
-** PKCS11 Trust representation
-*/
-struct NSSLOWCERTTrustStr {
- NSSLOWCERTTrust *next;
- NSSLOWCERTCertDBHandle *dbhandle;
- SECItem dbKey; /* database key for this cert */
- certDBEntryCert *dbEntry; /* database entry struct */
- NSSLOWCERTCertTrust *trust;
- SECItem *derCert; /* original DER for the cert */
- unsigned char dbKeySpace[512];
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct NSSLOWCERTCertificateStr {
- /* the arena is used to allocate any data structures that have the same
- * lifetime as the cert. This is all stuff that hangs off of the cert
- * structure, and is all freed at the same time. I is used when the
- * cert is decoded, destroyed, and at some times when it changes
- * state
- */
- NSSLOWCERTCertificate *next;
- NSSLOWCERTCertDBHandle *dbhandle;
-
- SECItem derCert; /* original DER for the cert */
- SECItem derIssuer; /* DER for issuer name */
- SECItem derSN;
- SECItem serialNumber;
- SECItem derSubject; /* DER for subject name */
- SECItem derSubjKeyInfo;
- NSSLOWCERTSubjectPublicKeyInfo *subjectPublicKeyInfo;
- SECItem certKey; /* database key for this cert */
- SECItem validity;
- certDBEntryCert *dbEntry; /* database entry struct */
- SECItem subjectKeyID; /* x509v3 subject key identifier */
- char *nickname;
- char *emailAddr;
- NSSLOWCERTCertTrust *trust;
-
- /* the reference count is modified whenever someone looks up, dups
- * or destroys a certificate
- */
- int referenceCount;
-
- char nicknameSpace[200];
- unsigned char certKeySpace[512];
-};
-
-#define SEC_CERTIFICATE_VERSION_1 0 /* default created */
-#define SEC_CERTIFICATE_VERSION_2 1 /* v2 */
-#define SEC_CERTIFICATE_VERSION_3 2 /* v3 extensions */
-
-#define SEC_CRL_VERSION_1 0 /* default */
-#define SEC_CRL_VERSION_2 1 /* v2 extensions */
-
-struct NSSLOWCERTIssuerAndSNStr {
- SECItem derIssuer;
- SECItem serialNumber;
-};
-
-typedef SECStatus (* NSSLOWCERTCertCallback)(NSSLOWCERTCertificate *cert, void *arg);
-
-/* This is the typedef for the callback passed to nsslowcert_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*NSSLOWCERTDBNameFunc)(void *arg, int dbVersion);
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h" /* way down here because I expect template stuff to
- * move out of here anyway */
-
-/*
- * Certificate Database related definitions and data structures
- */
-
-/* version number of certificate database */
-#define CERT_DB_FILE_VERSION 8
-#define CERT_DB_V7_FILE_VERSION 7
-#define CERT_DB_CONTENT_VERSION 2
-
-#define SEC_DB_ENTRY_HEADER_LEN 3
-#define SEC_DB_KEY_HEADER_LEN 1
-
-/* All database entries have this form:
- *
- * byte offset field
- * ----------- -----
- * 0 version
- * 1 type
- * 2 flags
- */
-
-/* database entry types */
-typedef enum {
- certDBEntryTypeVersion = 0,
- certDBEntryTypeCert = 1,
- certDBEntryTypeNickname = 2,
- certDBEntryTypeSubject = 3,
- certDBEntryTypeRevocation = 4,
- certDBEntryTypeKeyRevocation = 5,
- certDBEntryTypeSMimeProfile = 6,
- certDBEntryTypeContentVersion = 7,
- certDBEntryTypeBlob = 8
-} certDBEntryType;
-
-typedef struct {
- certDBEntryType type;
- unsigned int version;
- unsigned int flags;
- PRArenaPool *arena;
-} certDBEntryCommon;
-
-/*
- * Certificate entry:
- *
- * byte offset field
- * ----------- -----
- * 0 sslFlags-msb
- * 1 sslFlags-lsb
- * 2 emailFlags-msb
- * 3 emailFlags-lsb
- * 4 objectSigningFlags-msb
- * 5 objectSigningFlags-lsb
- * 6 derCert-len-msb
- * 7 derCert-len-lsb
- * 8 nickname-len-msb
- * 9 nickname-len-lsb
- * ... derCert
- * ... nickname
- *
- * NOTE: the nickname string as stored in the database is null terminated,
- * in other words, the last byte of the db entry is always 0
- * if a nickname is present.
- * NOTE: if nickname is not present, then nickname-len-msb and
- * nickname-len-lsb will both be zero.
- */
-struct _certDBEntryCert {
- certDBEntryCommon common;
- certDBEntryCert *next;
- NSSLOWCERTCertTrust trust;
- SECItem derCert;
- char *nickname;
- char nicknameSpace[200];
- unsigned char derCertSpace[2048];
-};
-
-/*
- * Certificate Nickname entry:
- *
- * byte offset field
- * ----------- -----
- * 0 subjectname-len-msb
- * 1 subjectname-len-lsb
- * 2... subjectname
- *
- * The database key for this type of entry is a nickname string
- * The "subjectname" value is the DER encoded DN of the identity
- * that matches this nickname.
- */
-typedef struct {
- certDBEntryCommon common;
- char *nickname;
- SECItem subjectName;
-} certDBEntryNickname;
-
-#define DB_NICKNAME_ENTRY_HEADER_LEN 2
-
-/*
- * Certificate Subject entry:
- *
- * byte offset field
- * ----------- -----
- * 0 ncerts-msb
- * 1 ncerts-lsb
- * 2 nickname-msb
- * 3 nickname-lsb
- * 4 emailAddr-msb
- * 5 emailAddr-lsb
- * ... nickname
- * ... emailAddr
- * ...+2*i certkey-len-msb
- * ...+1+2*i certkey-len-lsb
- * ...+2*ncerts+2*i keyid-len-msb
- * ...+1+2*ncerts+2*i keyid-len-lsb
- * ... certkeys
- * ... keyids
- *
- * The database key for this type of entry is the DER encoded subject name
- * The "certkey" value is an array of certificate database lookup keys that
- * points to the database entries for the certificates that matche
- * this subject.
- *
- */
-typedef struct _certDBEntrySubject {
- certDBEntryCommon common;
- SECItem derSubject;
- unsigned int ncerts;
- char *nickname;
- SECItem *certKeys;
- SECItem *keyIDs;
- char **emailAddrs;
- unsigned int nemailAddrs;
-} certDBEntrySubject;
-
-#define DB_SUBJECT_ENTRY_HEADER_LEN 6
-
-/*
- * Certificate SMIME profile entry:
- *
- * byte offset field
- * ----------- -----
- * 0 subjectname-len-msb
- * 1 subjectname-len-lsb
- * 2 smimeoptions-len-msb
- * 3 smimeoptions-len-lsb
- * 4 options-date-len-msb
- * 5 options-date-len-lsb
- * 6... subjectname
- * ... smimeoptions
- * ... options-date
- *
- * The database key for this type of entry is the email address string
- * The "subjectname" value is the DER encoded DN of the identity
- * that matches this nickname.
- * The "smimeoptions" value is a string that represents the algorithm
- * capabilities on the remote user.
- * The "options-date" is the date that the smime options value was created.
- * This is generally the signing time of the signed message that contained
- * the options. It is a UTCTime value.
- */
-typedef struct {
- certDBEntryCommon common;
- char *emailAddr;
- SECItem subjectName;
- SECItem smimeOptions;
- SECItem optionsDate;
-} certDBEntrySMime;
-
-#define DB_SMIME_ENTRY_HEADER_LEN 6
-
-/*
- * Crl/krl entry:
- *
- * byte offset field
- * ----------- -----
- * 0 derCert-len-msb
- * 1 derCert-len-lsb
- * 2 url-len-msb
- * 3 url-len-lsb
- * ... derCert
- * ... url
- *
- * NOTE: the url string as stored in the database is null terminated,
- * in other words, the last byte of the db entry is always 0
- * if a nickname is present.
- * NOTE: if url is not present, then url-len-msb and
- * url-len-lsb will both be zero.
- */
-#define DB_CRL_ENTRY_HEADER_LEN 4
-struct _certDBEntryRevocation {
- certDBEntryCommon common;
- SECItem derCrl;
- char *url; /* where to load the crl from */
-};
-
-/*
- * Database Version Entry:
- *
- * byte offset field
- * ----------- -----
- * only the low level header...
- *
- * The database key for this type of entry is the string "Version"
- */
-typedef struct {
- certDBEntryCommon common;
-} certDBEntryVersion;
-
-#define SEC_DB_VERSION_KEY "Version"
-#define SEC_DB_VERSION_KEY_LEN sizeof(SEC_DB_VERSION_KEY)
-
-/*
- * Database Content Version Entry:
- *
- * byte offset field
- * ----------- -----
- * 0 contentVersion
- *
- * The database key for this type of entry is the string "ContentVersion"
- */
-typedef struct {
- certDBEntryCommon common;
- char contentVersion;
-} certDBEntryContentVersion;
-
-#define SEC_DB_CONTENT_VERSION_KEY "ContentVersion"
-#define SEC_DB_CONTENT_VERSION_KEY_LEN sizeof(SEC_DB_CONTENT_VERSION_KEY)
-
-typedef union {
- certDBEntryCommon common;
- certDBEntryVersion version;
- certDBEntryCert cert;
- certDBEntryNickname nickname;
- certDBEntrySubject subject;
- certDBEntryRevocation revocation;
-} certDBEntry;
-
-/* length of the fixed part of a database entry */
-#define DBCERT_V4_HEADER_LEN 7
-#define DB_CERT_V5_ENTRY_HEADER_LEN 7
-#define DB_CERT_V6_ENTRY_HEADER_LEN 7
-#define DB_CERT_ENTRY_HEADER_LEN 10
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER (1<<0)
-#define CERTDB_TRUSTED (1<<1)
-#define CERTDB_SEND_WARN (1<<2)
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA (1<<5)
-#define CERTDB_USER (1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA (1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA (1<<9) /* can do strong crypto in export ver */
-#define CERTDB_NOT_TRUSTED (1<<10) /* explicitly don't trust this cert */
-#define CERTDB_TRUSTED_UNKNOWN (1<<11) /* accept trust from another source */
-
-/* bits not affected by the CKO_NETSCAPE_TRUST object */
-#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | CERTDB_VALID_PEER | \
- CERTDB_NS_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_INVISIBLE_CA | \
- CERTDB_GOVT_APPROVED_CA)
-
-#endif /* _PCERTT_H_ */
diff --git a/security/nss/lib/softoken/pk11db.c b/security/nss/lib/softoken/pk11db.c
deleted file mode 100644
index 5a4906984..000000000
--- a/security/nss/lib/softoken/pk11db.c
+++ /dev/null
@@ -1,893 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following code handles the storage of PKCS 11 modules used by the
- * NSS. This file is written to abstract away how the modules are
- * stored so we can deside that later.
- */
-
-#include "pk11pars.h"
-#include "pkcs11i.h"
-#include "mcom_db.h"
-#include "cdbhdl.h"
-
-#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
-
-static void
-secmod_parseTokenFlags(char *tmp, pk11_token_parameters *parsed) {
- parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
- parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
- parsed->noKeyDB = pk11_argHasFlag("flags","noKeyDB",tmp);
- parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
- parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
- parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp);
- return;
-}
-
-static void
-secmod_parseFlags(char *tmp, pk11_parameters *parsed) {
- parsed->noModDB = pk11_argHasFlag("flags","noModDB",tmp);
- parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
- /* keep legacy interface working */
- parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
- parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
- parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
- parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp);
- return;
-}
-
-CK_RV
-secmod_parseTokenParameters(char *param, pk11_token_parameters *parsed)
-{
- int next;
- char *tmp;
- char *index;
- index = pk11_argStrip(param);
-
- while (*index) {
- PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",
- if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); })
- PK11_HANDLE_STRING_ARG(index,tmp,"flags=",
- if(tmp) { secmod_parseTokenFlags(param,parsed); PORT_Free(tmp); })
- PK11_HANDLE_FINAL_ARG(index)
- }
- return CKR_OK;
-}
-
-static void
-secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
-{
- char *tokenIndex;
- pk11_token_parameters *tokens = NULL;
- int i=0,count = 0,next;
-
- if ((tokenParams == NULL) || (*tokenParams == 0)) return;
-
- /* first count the number of slots */
- for (tokenIndex = pk11_argStrip(tokenParams); *tokenIndex;
- tokenIndex = pk11_argStrip(pk11_argSkipParameter(tokenIndex))) {
- count++;
- }
-
- /* get the data structures */
- tokens = (pk11_token_parameters *)
- PORT_ZAlloc(count*sizeof(pk11_token_parameters));
- if (tokens == NULL) return;
-
- for (tokenIndex = pk11_argStrip(tokenParams), i = 0;
- *tokenIndex && i < count ; i++ ) {
- char *name;
- name = pk11_argGetName(tokenIndex,&next);
- tokenIndex += next;
-
- tokens[i].slotID = pk11_argDecodeNumber(name);
- tokens[i].readOnly = PR_TRUE;
- tokens[i].noCertDB = PR_TRUE;
- tokens[i].noKeyDB = PR_TRUE;
- if (!pk11_argIsBlank(*tokenIndex)) {
- char *args = pk11_argFetchValue(tokenIndex,&next);
- tokenIndex += next;
- if (args) {
- secmod_parseTokenParameters(args,&tokens[i]);
- PORT_Free(args);
- }
- }
- if (name) PORT_Free(name);
- tokenIndex = pk11_argStrip(tokenIndex);
- }
- parsed->token_count = i;
- parsed->tokens = tokens;
- return;
-}
-
-CK_RV
-secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS)
-{
- int next;
- char *tmp;
- char *index;
- char *certPrefix = NULL, *keyPrefix = NULL;
- char *tokdes = NULL, *ptokdes = NULL;
- char *slotdes = NULL, *pslotdes = NULL;
- char *fslotdes = NULL, *fpslotdes = NULL;
- char *minPW = NULL;
- index = pk11_argStrip(param);
-
- PORT_Memset(parsed, 0, sizeof(pk11_parameters));
-
- while (*index) {
- PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
- /* constructed values, used so legacy interfaces still work */
- PK11_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)
- PK11_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)
- PK11_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;)
-
- PK11_HANDLE_STRING_ARG(index,tmp,"flags=",
- if(tmp) { secmod_parseFlags(param,parsed); PORT_Free(tmp); })
- PK11_HANDLE_STRING_ARG(index,tmp,"tokens=",
- if(tmp) { secmod_parseTokens(tmp,parsed); PORT_Free(tmp); })
- PK11_HANDLE_FINAL_ARG(index)
- }
- if (parsed->tokens == NULL) {
- int count = isFIPS ? 1 : 2;
- int index = count-1;
- pk11_token_parameters *tokens = NULL;
-
- tokens = (pk11_token_parameters *)
- PORT_ZAlloc(count*sizeof(pk11_token_parameters));
- if (tokens == NULL) {
- goto loser;
- }
- parsed->tokens = tokens;
- parsed->token_count = count;
- tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
- tokens[index].certPrefix = certPrefix;
- tokens[index].keyPrefix = keyPrefix;
- tokens[index].minPW = minPW ? atoi(minPW) : 0;
- tokens[index].readOnly = parsed->readOnly;
- tokens[index].noCertDB = parsed->noCertDB;
- tokens[index].noKeyDB = parsed->noCertDB;
- tokens[index].forceOpen = parsed->forceOpen;
- tokens[index].pwRequired = parsed->pwRequired;
- tokens[index].optimizeSpace = parsed->optimizeSpace;
- tokens[0].optimizeSpace = parsed->optimizeSpace;
- certPrefix = NULL;
- keyPrefix = NULL;
- if (isFIPS) {
- tokens[index].tokdes = fslotdes;
- tokens[index].slotdes = fpslotdes;
- fslotdes = NULL;
- fpslotdes = NULL;
- } else {
- tokens[index].tokdes = ptokdes;
- tokens[index].slotdes = pslotdes;
- tokens[0].slotID = NETSCAPE_SLOT_ID;
- tokens[0].tokdes = tokdes;
- tokens[0].slotdes = slotdes;
- tokens[0].noCertDB = PR_TRUE;
- tokens[0].noKeyDB = PR_TRUE;
- ptokdes = NULL;
- pslotdes = NULL;
- tokdes = NULL;
- slotdes = NULL;
- }
- }
-
-loser:
- FREE_CLEAR(certPrefix);
- FREE_CLEAR(keyPrefix);
- FREE_CLEAR(tokdes);
- FREE_CLEAR(ptokdes);
- FREE_CLEAR(slotdes);
- FREE_CLEAR(pslotdes);
- FREE_CLEAR(fslotdes);
- FREE_CLEAR(fpslotdes);
- FREE_CLEAR(minPW);
- return CKR_OK;
-}
-
-void
-secmod_freeParams(pk11_parameters *params)
-{
- int i;
-
- for (i=0; i < params->token_count; i++) {
- FREE_CLEAR(params->tokens[i].configdir);
- FREE_CLEAR(params->tokens[i].certPrefix);
- FREE_CLEAR(params->tokens[i].keyPrefix);
- FREE_CLEAR(params->tokens[i].tokdes);
- FREE_CLEAR(params->tokens[i].slotdes);
- }
-
- FREE_CLEAR(params->configdir);
- FREE_CLEAR(params->secmodName);
- FREE_CLEAR(params->man);
- FREE_CLEAR(params->libdes);
- FREE_CLEAR(params->tokens);
-}
-
-
-char *
-secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
-{
- int next;
- char *configdir = NULL;
- char *secmodName = NULL;
- char *value = NULL;
- char *save_params = param;
- const char *lconfigdir;
- param = pk11_argStrip(param);
-
-
- while (*param) {
- PK11_HANDLE_STRING_ARG(param,configdir,"configDir=",;)
- PK11_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
- PK11_HANDLE_FINAL_ARG(param)
- }
-
- *rw = PR_TRUE;
- if (pk11_argHasFlag("flags","readOnly",save_params) ||
- pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
-
- if (!secmodName || *secmodName == '\0') {
- if (secmodName) PORT_Free(secmodName);
- secmodName = PORT_Strdup(SECMOD_DB);
- }
- *filename = secmodName;
-
- lconfigdir = pk11_EvaluateConfigDir(configdir, appName);
-
- if (lconfigdir) {
- value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName);
- } else {
- value = PR_smprintf("%s",secmodName);
- }
- if (configdir) PORT_Free(configdir);
- return value;
-}
-
-/* Construct a database key for a given module */
-static SECStatus secmod_MakeKey(DBT *key, char * module) {
- int len = 0;
- char *commonName;
-
- commonName = pk11_argGetParamValue("name",module);
- if (commonName == NULL) {
- commonName = pk11_argGetParamValue("library",module);
- }
- if (commonName == NULL) return SECFailure;
- len = PORT_Strlen(commonName);
- key->data = commonName;
- key->size = len;
- return SECSuccess;
-}
-
-/* free out constructed database key */
-static void
-secmod_FreeKey(DBT *key)
-{
- if (key->data) {
- PORT_Free(key->data);
- }
- key->data = NULL;
- key->size = 0;
-}
-
-typedef struct secmodDataStr secmodData;
-typedef struct secmodSlotDataStr secmodSlotData;
-struct secmodDataStr {
- unsigned char major;
- unsigned char minor;
- unsigned char nameStart[2];
- unsigned char slotOffset[2];
- unsigned char internal;
- unsigned char fips;
- unsigned char ssl[8];
- unsigned char trustOrder[4];
- unsigned char cipherOrder[4];
- unsigned char reserved1;
- unsigned char isModuleDB;
- unsigned char isModuleDBOnly;
- unsigned char isCritical;
- unsigned char reserved[4];
- unsigned char names[6]; /* enough space for the length fields */
-};
-
-struct secmodSlotDataStr {
- unsigned char slotID[4];
- unsigned char defaultFlags[4];
- unsigned char timeout[4];
- unsigned char askpw;
- unsigned char hasRootCerts;
- unsigned char reserved[18]; /* this makes it a round 32 bytes */
-};
-
-#define SECMOD_DB_VERSION_MAJOR 0
-#define SECMOD_DB_VERSION_MINOR 6
-#define SECMOD_DB_EXT1_VERSION_MAJOR 0
-#define SECMOD_DB_EXT1_VERSION_MINOR 6
-#define SECMOD_DB_NOUI_VERSION_MAJOR 0
-#define SECMOD_DB_NOUI_VERSION_MINOR 4
-
-#define SECMOD_PUTSHORT(dest,src) \
- (dest)[1] = (unsigned char) ((src)&0xff); \
- (dest)[0] = (unsigned char) (((src) >> 8) & 0xff);
-#define SECMOD_PUTLONG(dest,src) \
- (dest)[3] = (unsigned char) ((src)&0xff); \
- (dest)[2] = (unsigned char) (((src) >> 8) & 0xff); \
- (dest)[1] = (unsigned char) (((src) >> 16) & 0xff); \
- (dest)[0] = (unsigned char) (((src) >> 24) & 0xff);
-#define SECMOD_GETSHORT(src) \
- ((unsigned short) (((src)[0] << 8) | (src)[1]))
-#define SECMOD_GETLONG(src) \
- ((unsigned long) (( (unsigned long) (src)[0] << 24) | \
- ( (unsigned long) (src)[1] << 16) | \
- ( (unsigned long) (src)[2] << 8) | \
- (unsigned long) (src)[3]))
-
-/*
- * build a data base entry from a module
- */
-static SECStatus
-secmod_EncodeData(DBT *data, char * module)
-{
- secmodData *encoded = NULL;
- secmodSlotData *slot;
- unsigned char *dataPtr;
- unsigned short len, len2 = 0, len3 = 0;
- int count = 0;
- unsigned short offset;
- int dataLen, i;
- unsigned long order;
- unsigned long ssl[2];
- char *commonName = NULL , *dllName = NULL, *param = NULL, *nss = NULL;
- char *slotParams, *ciphers;
- PK11PreSlotInfo *slotInfo = NULL;
- SECStatus rv = SECFailure;
-
- rv = pk11_argParseModuleSpec(module,&dllName,&commonName,&param,&nss);
- if (rv != SECSuccess) return rv;
- rv = SECFailure;
-
- if (commonName == NULL) {
- /* set error */
- goto loser;
- }
-
- len = PORT_Strlen(commonName);
- if (dllName) {
- len2 = PORT_Strlen(dllName);
- }
- if (param) {
- len3 = PORT_Strlen(param);
- }
-
- slotParams = pk11_argGetParamValue("slotParams",nss);
- slotInfo = pk11_argParseSlotInfo(NULL,slotParams,&count);
- if (slotParams) PORT_Free(slotParams);
-
- if (count && slotInfo == NULL) {
- /* set error */
- goto loser;
- }
-
- dataLen = sizeof(secmodData) + len + len2 + len3 + sizeof(unsigned short) +
- count*sizeof(secmodSlotData);
-
- data->data = (unsigned char *) PORT_ZAlloc(dataLen);
- encoded = (secmodData *)data->data;
- dataPtr = (unsigned char *) data->data;
- data->size = dataLen;
-
- if (encoded == NULL) {
- /* set error */
- goto loser;
- }
-
- encoded->major = SECMOD_DB_VERSION_MAJOR;
- encoded->minor = SECMOD_DB_VERSION_MINOR;
- encoded->internal = (unsigned char)
- (pk11_argHasFlag("flags","internal",nss) ? 1 : 0);
- encoded->fips = (unsigned char)
- (pk11_argHasFlag("flags","FIPS",nss) ? 1 : 0);
- encoded->isModuleDB = (unsigned char)
- (pk11_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
- encoded->isModuleDBOnly = (unsigned char)
- (pk11_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
- encoded->isCritical = (unsigned char)
- (pk11_argHasFlag("flags","critical",nss) ? 1 : 0);
-
- order = pk11_argReadLong("trustOrder",nss, PK11_DEFAULT_TRUST_ORDER, NULL);
- SECMOD_PUTLONG(encoded->trustOrder,order);
- order = pk11_argReadLong("cipherOrder",nss,PK11_DEFAULT_CIPHER_ORDER,NULL);
- SECMOD_PUTLONG(encoded->cipherOrder,order);
-
-
- ciphers = pk11_argGetParamValue("ciphers",nss);
- pk11_argSetNewCipherFlags(&ssl[0], ciphers);
- SECMOD_PUTLONG(encoded->ssl,ssl[0]);
- SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]);
- if (ciphers) PORT_Free(ciphers);
-
- offset = (unsigned short) &(((secmodData *)0)->names[0]);
- SECMOD_PUTSHORT(encoded->nameStart,offset);
- offset = offset + len + len2 + len3 + 3*sizeof(unsigned short);
- SECMOD_PUTSHORT(encoded->slotOffset,offset);
-
-
- SECMOD_PUTSHORT(&dataPtr[offset],((unsigned short)count));
- slot = (secmodSlotData *)(dataPtr+offset+sizeof(unsigned short));
-
- offset = 0;
- SECMOD_PUTSHORT(encoded->names,len);
- offset += sizeof(unsigned short);
- PORT_Memcpy(&encoded->names[offset],commonName,len);
- offset += len;
-
-
- SECMOD_PUTSHORT(&encoded->names[offset],len2);
- offset += sizeof(unsigned short);
- if (len2) PORT_Memcpy(&encoded->names[offset],dllName,len2);
- offset += len2;
-
- SECMOD_PUTSHORT(&encoded->names[offset],len3);
- offset += sizeof(unsigned short);
- if (len3) PORT_Memcpy(&encoded->names[offset],param,len3);
- offset += len3;
-
- if (count) {
- for (i=0; i < count; i++) {
- SECMOD_PUTLONG(slot[i].slotID, slotInfo[i].slotID);
- SECMOD_PUTLONG(slot[i].defaultFlags,
- slotInfo[i].defaultFlags);
- SECMOD_PUTLONG(slot[i].timeout,slotInfo[i].timeout);
- slot[i].askpw = slotInfo[i].askpw;
- slot[i].hasRootCerts = slotInfo[i].hasRootCerts;
- PORT_Memset(slot[i].reserved, 0, sizeof(slot[i].reserved));
- }
- }
- rv = SECSuccess;
-
-loser:
- if (commonName) PORT_Free(commonName);
- if (dllName) PORT_Free(dllName);
- if (param) PORT_Free(param);
- if (slotInfo) PORT_Free(slotInfo);
- if (nss) PORT_Free(nss);
- return rv;
-
-}
-
-static void
-secmod_FreeData(DBT *data)
-{
- if (data->data) {
- PORT_Free(data->data);
- }
-}
-
-/*
- * build a module from the data base entry.
- */
-static char *
-secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
-{
- secmodData *encoded;
- secmodSlotData *slots;
- char *commonName = NULL,*dllName = NULL,*parameters = NULL;
- unsigned char *names;
- unsigned short len;
- unsigned long slotCount;
- unsigned short offset;
- PRBool isOldVersion = PR_FALSE;
- PRBool internal, isFIPS, isModuleDB=PR_FALSE, isModuleDBOnly=PR_FALSE;
- PRBool extended=PR_FALSE;
- PRBool hasRootCerts=PR_FALSE,hasRootTrust=PR_FALSE;
- unsigned long trustOrder=PK11_DEFAULT_TRUST_ORDER,
- cipherOrder=PK11_DEFAULT_CIPHER_ORDER;
- unsigned long ssl0=0, ssl1=0;
- char **slotStrings = NULL;
- unsigned long slotID,defaultFlags,timeout;
- char *nss,*moduleSpec;
- int i;
-
- PLArenaPool *arena;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) return NULL;
-
- encoded = (secmodData *)data->data;
- names = (unsigned char *)data->data;
- offset = SECMOD_GETSHORT(encoded->slotOffset);
- slots = (secmodSlotData *) (names + offset + 2);
- slotCount = SECMOD_GETSHORT(names + offset);
- names += SECMOD_GETSHORT(encoded->nameStart);
-
- * retInternal = internal = (encoded->internal != 0) ? PR_TRUE: PR_FALSE;
- isFIPS = (encoded->fips != 0) ? PR_TRUE: PR_FALSE;
- len = SECMOD_GETSHORT(names);
-
- if (internal && (encoded->major == SECMOD_DB_NOUI_VERSION_MAJOR) &&
- (encoded->minor <= SECMOD_DB_NOUI_VERSION_MINOR)) {
- isOldVersion = PR_TRUE;
- }
-
- if ((encoded->major == SECMOD_DB_EXT1_VERSION_MAJOR) &&
- (encoded->minor >= SECMOD_DB_EXT1_VERSION_MINOR)) {
- trustOrder = SECMOD_GETLONG(encoded->trustOrder);
- cipherOrder = SECMOD_GETLONG(encoded->cipherOrder);
- isModuleDB = (encoded->isModuleDB != 0) ? PR_TRUE: PR_FALSE;
- isModuleDBOnly = (encoded->isModuleDBOnly != 0) ? PR_TRUE: PR_FALSE;
- extended = PR_TRUE;
- }
-
- if (internal && !extended) {
- trustOrder = 0;
- cipherOrder = 100;
- }
-
- /* decode the common name */
- commonName = (char*)PORT_ArenaAlloc(arena,len+1);
- if (commonName == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return NULL;
- }
- PORT_Memcpy(commonName,&names[2],len);
- commonName[len] = 0;
-
- /* decode the DLL name */
- names += len+2;
- len = SECMOD_GETSHORT(names);
- if (len) {
- dllName = (char*)PORT_ArenaAlloc(arena,len + 1);
- if (dllName == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return NULL;
- }
- PORT_Memcpy(dllName,&names[2],len);
- dllName[len] = 0;
- }
- if (!internal && extended) {
- names += len+2;
- len = SECMOD_GETSHORT(names);
- if (len) {
- parameters = (char*)PORT_ArenaAlloc(arena,len + 1);
- if (parameters == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return NULL;
- }
- PORT_Memcpy(parameters,&names[2],len);
- parameters[len] = 0;
- }
- }
- if (internal) {
- parameters = PORT_ArenaStrdup(arena,defParams);
- }
-
- /* decode SSL cipher enable flags */
- ssl0 = SECMOD_GETLONG(encoded->ssl);
- ssl1 = SECMOD_GETLONG(&encoded->ssl[4]);
-
- /* slotCount; */
- slotStrings = (char **)PORT_ArenaAlloc(arena, slotCount * sizeof(char *));
- for (i=0; i < (int) slotCount; i++) {
- slotID = SECMOD_GETLONG(slots[i].slotID);
- defaultFlags = SECMOD_GETLONG(slots[i].defaultFlags);
- if (isOldVersion && internal && (slotID != 2)) {
- unsigned long internalFlags=
- pk11_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
- defaultFlags |= internalFlags;
- }
- timeout = SECMOD_GETLONG(slots[i].timeout);
- hasRootCerts = slots[i].hasRootCerts;
- if (hasRootCerts && !extended) {
- trustOrder = 100;
- }
-
- slotStrings[i] = pk11_mkSlotString(slotID, defaultFlags, timeout,
- (unsigned char)slots[i].askpw,
- hasRootCerts, hasRootTrust);
- }
-
- nss = pk11_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB,
- isModuleDBOnly, internal, trustOrder, cipherOrder, ssl0, ssl1);
- moduleSpec = pk11_mkNewModuleSpec(dllName,commonName,parameters,nss);
- PR_smprintf_free(nss);
- PORT_FreeArena(arena,PR_TRUE);
-
- return (moduleSpec);
-}
-
-
-
-static DB *
-secmod_OpenDB(const char *appName, const char *filename, const char *dbName,
- PRBool readOnly, PRBool update)
-{
- DB *pkcs11db = NULL;
-
-
- if (appName) {
- char *secname = PORT_Strdup(filename);
- int len = strlen(secname);
- int status = RDB_FAIL;
-
- if (len >= 3 && PORT_Strcmp(&secname[len-3],".db") == 0) {
- secname[len-3] = 0;
- }
- pkcs11db=
- rdbopen(appName, "", secname, readOnly ? NO_RDONLY:NO_RDWR, NULL);
- if (update && !pkcs11db) {
- DB *updatedb;
-
- pkcs11db = rdbopen(appName, "", secname, NO_CREATE, &status);
- if (!pkcs11db) {
- if (status == RDB_RETRY) {
- pkcs11db= rdbopen(appName, "", secname,
- readOnly ? NO_RDONLY:NO_RDWR, NULL);
- }
- PORT_Free(secname);
- return pkcs11db;
- }
- updatedb = dbopen(dbName, NO_RDONLY, 0600, DB_HASH, 0);
- if (updatedb) {
- db_Copy(pkcs11db,updatedb);
- (*updatedb->close)(updatedb);
- } else {
- (*pkcs11db->close)(pkcs11db);
- PORT_Free(secname);
- return NULL;
- }
- }
- PORT_Free(secname);
- return pkcs11db;
- }
-
- /* I'm sure we should do more checks here sometime... */
- pkcs11db = dbopen(dbName, readOnly ? NO_RDONLY : NO_RDWR, 0600, DB_HASH, 0);
-
- /* didn't exist? create it */
- if (pkcs11db == NULL) {
- if (readOnly)
- return NULL;
-
- pkcs11db = dbopen( dbName, NO_CREATE, 0600, DB_HASH, 0 );
- if (pkcs11db)
- (* pkcs11db->sync)(pkcs11db, 0);
- }
- return pkcs11db;
-}
-
-static void
-secmod_CloseDB(DB *pkcs11db)
-{
- (*pkcs11db->close)(pkcs11db);
-}
-
-static char *
-secmod_addEscape(const char *string, char quote)
-{
- char *newString = 0;
- int escapes = 0, size = 0;
- const char *src;
- char *dest;
-
- for (src=string; *src ; src++) {
- if ((*src == quote) || (*src == '\\')) escapes++;
- size++;
- }
-
- newString = PORT_ZAlloc(escapes+size+1);
- if (newString == NULL) {
- return NULL;
- }
-
- for (src=string, dest=newString; *src; src++,dest++) {
- if ((*src == '\\') || (*src == quote)) {
- *dest++ = '\\';
- }
- *dest = *src;
- }
-
- return newString;
-}
-
-#define SECMOD_STEP 10
-#define PK11_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\""
-/*
- * Read all the existing modules in
- */
-char **
-secmod_ReadPermDB(const char *appName, const char *filename,
- const char *dbname, char *params, PRBool rw)
-{
- DBT key,data;
- int ret;
- DB *pkcs11db = NULL;
- char **moduleList = NULL;
- int moduleCount = 1;
- int useCount = SECMOD_STEP;
-
- moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
- if (moduleList == NULL) return NULL;
-
- pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_TRUE,rw);
- if (pkcs11db == NULL) goto done;
-
- /* read and parse the file or data base */
- ret = (*pkcs11db->seq)(pkcs11db, &key, &data, R_FIRST);
- if (ret) goto done;
-
-
- do {
- char *moduleString;
- PRBool internal = PR_FALSE;
- if ((moduleCount+1) >= useCount) {
- useCount += SECMOD_STEP;
- moduleList =
- (char **)PORT_Realloc(moduleList,useCount*sizeof(char *));
- if (moduleList == NULL) goto done;
- PORT_Memset(&moduleList[moduleCount+1],0,
- sizeof(char *)*SECMOD_STEP);
- }
- moduleString = secmod_DecodeData(params,&data,&internal);
- if (internal) {
- moduleList[0] = moduleString;
- } else {
- moduleList[moduleCount] = moduleString;
- moduleCount++;
- }
- } while ( (*pkcs11db->seq)(pkcs11db, &key, &data, R_NEXT) == 0);
-
-done:
- if (!moduleList[0]) {
- char * newparams = secmod_addEscape(params,'"');
- if (newparams) {
- moduleList[0] = PR_smprintf(PK11_DEFAULT_INTERNAL_INIT,newparams,
- SECMOD_SLOT_FLAGS);
- PORT_Free(newparams);
- }
- }
- /* deal with trust cert db here */
-
- if (pkcs11db) {
- secmod_CloseDB(pkcs11db);
- } else {
- secmod_AddPermDB(appName,filename,dbname,moduleList[0], rw) ;
- }
- return moduleList;
-}
-
-SECStatus
-secmod_ReleasePermDBData(const char *appName, const char *filename,
- const char *dbname, char **moduleSpecList, PRBool rw)
-{
- char **index;
- for(index = moduleSpecList; *index; index++) {
- PR_smprintf_free(*index);
- }
- PORT_Free(moduleSpecList);
- return SECSuccess;
-}
-
-/*
- * Delete a module from the Data Base
- */
-SECStatus
-secmod_DeletePermDB(const char *appName, const char *filename,
- const char *dbname, char *args, PRBool rw)
-{
- DBT key;
- SECStatus rv = SECFailure;
- DB *pkcs11db = NULL;
- int ret;
-
- if (!rw) return SECFailure;
-
- /* make sure we have a db handle */
- pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE,PR_FALSE);
- if (pkcs11db == NULL) {
- return SECFailure;
- }
-
- rv = secmod_MakeKey(&key,args);
- if (rv != SECSuccess) goto done;
- rv = SECFailure;
- ret = (*pkcs11db->del)(pkcs11db, &key, 0);
- secmod_FreeKey(&key);
- if (ret != 0) goto done;
-
-
- ret = (*pkcs11db->sync)(pkcs11db, 0);
- if (ret == 0) rv = SECSuccess;
-
-done:
- secmod_CloseDB(pkcs11db);
- return rv;
-}
-
-/*
- * Add a module to the Data base
- */
-SECStatus
-secmod_AddPermDB(const char *appName, const char *filename,
- const char *dbname, char *module, PRBool rw)
-{
- DBT key,data;
- SECStatus rv = SECFailure;
- DB *pkcs11db = NULL;
- int ret;
-
-
- if (!rw) return SECFailure;
-
- /* make sure we have a db handle */
- pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE,PR_FALSE);
- if (pkcs11db == NULL) {
- return SECFailure;
- }
-
- rv = secmod_MakeKey(&key,module);
- if (rv != SECSuccess) goto done;
- rv = secmod_EncodeData(&data,module);
- if (rv != SECSuccess) {
- secmod_FreeKey(&key);
- goto done;
- }
- rv = SECFailure;
- ret = (*pkcs11db->put)(pkcs11db, &key, &data, 0);
- secmod_FreeKey(&key);
- secmod_FreeData(&data);
- if (ret != 0) goto done;
-
- ret = (*pkcs11db->sync)(pkcs11db, 0);
- if (ret == 0) rv = SECSuccess;
-
-done:
- secmod_CloseDB(pkcs11db);
- return rv;
-}
diff --git a/security/nss/lib/softoken/pk11pars.h b/security/nss/lib/softoken/pk11pars.h
deleted file mode 100644
index 5fc939f80..000000000
--- a/security/nss/lib/softoken/pk11pars.h
+++ /dev/null
@@ -1,852 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-
-/*
- * this header file contains routines for parsing PKCS #11 module spec
- * strings. It contains 'C' code and should only be included in one module.
- * Currently it is included in both softoken and the wrapper.
- */
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "prprf.h"
-#include "secmodt.h"
-#include "pk11init.h"
-
-#define PK11_ARG_LIBRARY_PARAMETER "library="
-#define PK11_ARG_NAME_PARAMETER "name="
-#define PK11_ARG_MODULE_PARAMETER "parameters="
-#define PK11_ARG_NSS_PARAMETER "NSS="
-#define PK11_ARG_FORTEZZA_FLAG "FORTEZZA"
-#define PK11_ARG_ESCAPE '\\'
-
-struct pk11argSlotFlagTable {
- char *name;
- int len;
- unsigned long value;
-};
-
-#define PK11_DEFAULT_CIPHER_ORDER 0
-#define PK11_DEFAULT_TRUST_ORDER 50
-
-
-#define PK11_ARG_ENTRY(arg,flag) \
-{ #arg , sizeof(#arg)-1, flag }
-static struct pk11argSlotFlagTable pk11_argSlotFlagTable[] = {
- PK11_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
- PK11_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
- PK11_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
- PK11_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
- PK11_ARG_ENTRY(DES,SECMOD_DES_FLAG),
- PK11_ARG_ENTRY(DH,SECMOD_DH_FLAG),
- PK11_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
- PK11_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
- PK11_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
- PK11_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
- PK11_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
- PK11_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
- PK11_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
- PK11_ARG_ENTRY(AES,SECMOD_AES_FLAG),
- PK11_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
- PK11_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
-};
-
-#define PK11_HANDLE_STRING_ARG(param,target,value,command) \
- if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
- param += sizeof(value)-1; \
- target = pk11_argFetchValue(param,&next); \
- param += next; \
- command ;\
- } else
-
-#define PK11_HANDLE_FINAL_ARG(param) \
- { param = pk11_argSkipParameter(param); } param = pk11_argStrip(param);
-
-
-static int pk11_argSlotFlagTableSize =
- sizeof(pk11_argSlotFlagTable)/sizeof(pk11_argSlotFlagTable[0]);
-
-
-static PRBool pk11_argGetPair(char c) {
- switch (c) {
- case '\'': return c;
- case '\"': return c;
- case '<': return '>';
- case '{': return '}';
- case '[': return ']';
- case '(': return ')';
- default: break;
- }
- return ' ';
-}
-
-static PRBool pk11_argIsBlank(char c) {
- return isspace(c);
-}
-
-static PRBool pk11_argIsEscape(char c) {
- return c == '\\';
-}
-
-static PRBool pk11_argIsQuote(char c) {
- switch (c) {
- case '\'':
- case '\"':
- case '<':
- case '{': /* } end curly to keep vi bracket matching working */
- case '(': /* ) */
- case '[': /* ] */ return PR_TRUE;
- default: break;
- }
- return PR_FALSE;
-}
-
-static PRBool pk11_argHasChar(char *v, char c)
-{
- for ( ;*v; v++) {
- if (*v == c) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PRBool pk11_argHasBlanks(char *v)
-{
- for ( ;*v; v++) {
- if (pk11_argIsBlank(*v)) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static char *pk11_argStrip(char *c) {
- while (*c && pk11_argIsBlank(*c)) c++;
- return c;
-}
-
-static char *
-pk11_argFindEnd(char *string) {
- char endChar = ' ';
- PRBool lastEscape = PR_FALSE;
-
- if (pk11_argIsQuote(*string)) {
- endChar = pk11_argGetPair(*string);
- string++;
- }
-
- for (;*string; string++) {
- if (lastEscape) {
- lastEscape = PR_FALSE;
- continue;
- }
- if (pk11_argIsEscape(*string) && !lastEscape) {
- lastEscape = PR_TRUE;
- continue;
- }
- if ((endChar == ' ') && pk11_argIsBlank(*string)) break;
- if (*string == endChar) {
- break;
- }
- }
-
- return string;
-}
-
-static char *
-pk11_argFetchValue(char *string, int *pcount)
-{
- char *end = pk11_argFindEnd(string);
- char *retString, *copyString;
- PRBool lastEscape = PR_FALSE;
-
- *pcount = (end - string)+1;
-
- if (*pcount == 0) return NULL;
-
- copyString = retString = (char *)PORT_Alloc(*pcount);
- if (retString == NULL) return NULL;
-
- if (pk11_argIsQuote(*string)) string++;
- for (; string < end; string++) {
- if (pk11_argIsEscape(*string) && !lastEscape) {
- lastEscape = PR_TRUE;
- continue;
- }
- lastEscape = PR_FALSE;
- *copyString++ = *string;
- }
- *copyString = 0;
- return retString;
-}
-
-static char *
-pk11_argSkipParameter(char *string)
-{
- char *end;
- /* look for the end of the <name>= */
- for (;*string; string++) {
- if (*string == '=') { string++; break; }
- if (pk11_argIsBlank(*string)) return(string);
- }
-
- end = pk11_argFindEnd(string);
- if (*end) end++;
- return end;
-}
-
-
-static SECStatus
-pk11_argParseModuleSpec(char *modulespec, char **lib, char **mod,
- char **parameters, char **nss)
-{
- int next;
- modulespec = pk11_argStrip(modulespec);
-
- *lib = *mod = *parameters = *nss = 0;
-
- while (*modulespec) {
- PK11_HANDLE_STRING_ARG(modulespec,*lib,PK11_ARG_LIBRARY_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*mod,PK11_ARG_NAME_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*parameters,
- PK11_ARG_MODULE_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*nss,PK11_ARG_NSS_PARAMETER,;)
- PK11_HANDLE_FINAL_ARG(modulespec)
- }
- return SECSuccess;
-}
-
-
-static char *
-pk11_argGetParamValue(char *paramName,char *parameters)
-{
- char searchValue[256];
- int paramLen = strlen(paramName);
- char *returnValue = NULL;
- int next;
-
- if ((parameters == NULL) || (*parameters == 0)) return NULL;
-
- PORT_Assert(paramLen+2 < sizeof(searchValue));
-
- PORT_Strcpy(searchValue,paramName);
- PORT_Strcat(searchValue,"=");
- while (*parameters) {
- if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
- parameters += paramLen+1;
- returnValue = pk11_argFetchValue(parameters,&next);
- break;
- } else {
- parameters = pk11_argSkipParameter(parameters);
- }
- parameters = pk11_argStrip(parameters);
- }
- return returnValue;
-}
-
-
-static char *
-pk11_argNextFlag(char *flags)
-{
- for (; *flags ; flags++) {
- if (*flags == ',') {
- flags++;
- break;
- }
- }
- return flags;
-}
-
-static PRBool
-pk11_argHasFlag(char *label, char *flag, char *parameters)
-{
- char *flags,*index;
- int len = strlen(flag);
- PRBool found = PR_FALSE;
-
- flags = pk11_argGetParamValue(label,parameters);
- if (flags == NULL) return PR_FALSE;
-
- for (index=flags; *index; index=pk11_argNextFlag(index)) {
- if (PORT_Strncasecmp(index,flag,len) == 0) {
- found=PR_TRUE;
- break;
- }
- }
- PORT_Free(flags);
- return found;
-}
-
-static void
-pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
-{
- newCiphers[0] = newCiphers[1] = 0;
- if ((cipherList == NULL) || (*cipherList == 0)) return;
-
- for (;*cipherList; cipherList=pk11_argNextFlag(cipherList)) {
- if (PORT_Strncasecmp(cipherList,PK11_ARG_FORTEZZA_FLAG,
- sizeof(PK11_ARG_FORTEZZA_FLAG)-1) == 0) {
- newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
- }
-
- /* add additional flags here as necessary */
- /* direct bit mapping escape */
- if (*cipherList == 0) {
- if (cipherList[1] == 'l') {
- newCiphers[1] |= atoi(&cipherList[2]);
- } else {
- newCiphers[0] |= atoi(&cipherList[2]);
- }
- }
- }
-}
-
-
-/*
- * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
- */
-static long
-pk11_argDecodeNumber(char *num)
-{
- int radix = 10;
- unsigned long value = 0;
- long retValue = 0;
- int sign = 1;
- int digit;
-
- if (num == NULL) return retValue;
-
- num = pk11_argStrip(num);
-
- if (*num == '-') {
- sign = -1;
- num++;
- }
-
- if (*num == '0') {
- radix = 8;
- num++;
- if ((*num == 'x') || (*num == 'X')) {
- radix = 16;
- num++;
- }
- }
-
-
- for ( ;*num; num++ ) {
- if (isdigit(*num)) {
- digit = *num - '0';
- } else if ((*num >= 'a') && (*num <= 'f')) {
- digit = *num - 'a' + 10;
- } else if ((*num >= 'A') && (*num <= 'F')) {
- digit = *num - 'A' + 10;
- } else {
- break;
- }
- if (digit >= radix) break;
- value = value*radix + digit;
- }
-
- retValue = ((int) value) * sign;
- return retValue;
-}
-
-static long
-pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
-{
- char *value;
- long retValue;
- if (isdefault) *isdefault = PR_FALSE;
-
- value = pk11_argGetParamValue(label,params);
- if (value == NULL) {
- if (isdefault) *isdefault = PR_TRUE;
- return defValue;
- }
- retValue = pk11_argDecodeNumber(value);
- if (value) PORT_Free(value);
-
- return retValue;
-}
-
-
-static unsigned long
-pk11_argSlotFlags(char *label,char *params)
-{
- char *flags,*index;
- unsigned long retValue = 0;
- int i;
- PRBool all = PR_FALSE;
-
- flags = pk11_argGetParamValue(label,params);
- if (flags == NULL) return 0;
-
- if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
-
- for (index=flags; *index; index=pk11_argNextFlag(index)) {
- for (i=0; i < pk11_argSlotFlagTableSize; i++) {
- if (all || (PORT_Strncasecmp(index, pk11_argSlotFlagTable[i].name,
- pk11_argSlotFlagTable[i].len) == 0)) {
- retValue |= pk11_argSlotFlagTable[i].value;
- }
- }
- }
- PORT_Free(flags);
- return retValue;
-}
-
-
-static void
-pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
-{
- char *askpw;
-
- slotInfo->slotID=pk11_argDecodeNumber(name);
- slotInfo->defaultFlags=pk11_argSlotFlags("slotFlags",params);
- slotInfo->timeout=pk11_argReadLong("timeout",params, 0, NULL);
-
- askpw = pk11_argGetParamValue("askpw",params);
- slotInfo->askpw = 0;
-
- if (askpw) {
- if (PORT_Strcasecmp(askpw,"every") == 0) {
- slotInfo->askpw = -1;
- } else if (PORT_Strcasecmp(askpw,"timeout") == 0) {
- slotInfo->askpw = 1;
- }
- PORT_Free(askpw);
- slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
- }
- slotInfo->hasRootCerts = pk11_argHasFlag("rootFlags","hasRootCerts",params);
- slotInfo->hasRootTrust = pk11_argHasFlag("rootFlags","hasRootTrust",params);
-}
-
-static char *
-pk11_argGetName(char *inString, int *next)
-{
- char *name=NULL;
- char *string;
- int len;
-
- /* look for the end of the <name>= */
- for (string = inString;*string; string++) {
- if (*string == '=') { break; }
- if (pk11_argIsBlank(*string)) break;
- }
-
- len = string - inString;
-
- *next = len;
- if (*string == '=') (*next) += 1;
- if (len > 0) {
- name = PORT_Alloc(len+1);
- PORT_Strncpy(name,inString,len);
- name[len] = 0;
- }
- return name;
-}
-
-static PK11PreSlotInfo *
-pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
-{
- char *slotIndex;
- PK11PreSlotInfo *slotInfo = NULL;
- int i=0,count = 0,next;
-
- *retCount = 0;
- if ((slotParams == NULL) || (*slotParams == 0)) return NULL;
-
- /* first count the number of slots */
- for (slotIndex = pk11_argStrip(slotParams); *slotIndex;
- slotIndex = pk11_argStrip(pk11_argSkipParameter(slotIndex))) {
- count++;
- }
-
- /* get the data structures */
- if (arena) {
- slotInfo = (PK11PreSlotInfo *)
- PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo));
- PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo));
- } else {
- slotInfo = (PK11PreSlotInfo *)
- PORT_ZAlloc(count*sizeof(PK11PreSlotInfo));
- }
- if (slotInfo == NULL) return NULL;
-
- for (slotIndex = pk11_argStrip(slotParams), i = 0;
- *slotIndex && i < count ; ) {
- char *name;
- name = pk11_argGetName(slotIndex,&next);
- slotIndex += next;
-
- if (!pk11_argIsBlank(*slotIndex)) {
- char *args = pk11_argFetchValue(slotIndex,&next);
- slotIndex += next;
- if (args) {
- pk11_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
- i++;
- PORT_Free(args);
- }
- }
- if (name) PORT_Free(name);
- slotIndex = pk11_argStrip(slotIndex);
- }
- *retCount = i;
- return slotInfo;
-}
-
-static char *pk11_nullString = "";
-
-static char *
-pk11_formatValue(PRArenaPool *arena, char *value, char quote)
-{
- char *vp,*vp2,*retval;
- int size = 0, escapes = 0;
-
- for (vp=value; *vp ;vp++) {
- if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) escapes++;
- size++;
- }
- if (arena) {
- retval = PORT_ArenaZAlloc(arena,size+escapes+1);
- } else {
- retval = PORT_ZAlloc(size+escapes+1);
- }
- if (retval == NULL) return NULL;
- vp2 = retval;
- for (vp=value; *vp; vp++) {
- if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE))
- *vp2++ = PK11_ARG_ESCAPE;
- *vp2++ = *vp;
- }
- return retval;
-}
-
-static char *pk11_formatPair(char *name,char *value, char quote)
-{
- char openQuote = quote;
- char closeQuote = pk11_argGetPair(quote);
- char *newValue = NULL;
- char *returnValue;
- PRBool need_quote = PR_FALSE;
-
- if (!value || (*value == 0)) return pk11_nullString;
-
- if (pk11_argHasBlanks(value) || pk11_argIsQuote(value[0]))
- need_quote=PR_TRUE;
-
- if ((need_quote && pk11_argHasChar(value,closeQuote))
- || pk11_argHasChar(value,PK11_ARG_ESCAPE)) {
- value = newValue = pk11_formatValue(NULL, value,quote);
- if (newValue == NULL) return pk11_nullString;
- }
- if (need_quote) {
- returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
- } else {
- returnValue = PR_smprintf("%s=%s",name,value);
- }
- if (returnValue == NULL) returnValue = pk11_nullString;
-
- if (newValue) PORT_Free(newValue);
-
- return returnValue;
-}
-
-static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long def)
-{
- char *returnValue;
-
- if (value == def) return pk11_nullString;
-
- returnValue = PR_smprintf("%s=%d",name,value);
-
- return returnValue;
-}
-
-static void
-pk11_freePair(char *pair)
-{
- if (pair && pair != pk11_nullString) {
- PR_smprintf_free(pair);
- }
-}
-
-#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
- sizeof("moduleDBOnly")+sizeof("critical")
-static char *
-pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
-{
- char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,MAX_FLAG_SIZE);
- if (internal) {
- PORT_Strcat(flags,"internal");
- first = PR_FALSE;
- }
- if (isFIPS) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"FIPS");
- first = PR_FALSE;
- }
- if (isModuleDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"moduleDB");
- first = PR_FALSE;
- }
- if (isModuleDBOnly) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"moduleDBOnly");
- first = PR_FALSE;
- }
- if (isCritical) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"critical");
- first = PR_FALSE;
- }
- return flags;
-}
-
-static char *
-pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
-{
- char *cipher = NULL;
- int i;
-
- for (i=0; i < sizeof(ssl0)*8; i++) {
- if (ssl0 & (1<<i)) {
- char *string;
- if ((1<<i) == SECMOD_FORTEZZA_FLAG) {
- string = PR_smprintf("%s","FORTEZZA");
- } else {
- string = PR_smprintf("0h0x%08x",1<<i);
- }
- if (cipher) {
- char *tmp;
- tmp = PR_smprintf("%s,%s",cipher,string);
- PR_smprintf_free(cipher);
- PR_smprintf_free(string);
- tmp = cipher;
- } else {
- cipher = string;
- }
- }
- }
- for (i=0; i < sizeof(ssl0)*8; i++) {
- if (ssl1 & (1<<i)) {
- if (cipher) {
- char *tmp;
- tmp = PR_smprintf("%s,0l0x%08",cipher,1<<i);
- PR_smprintf_free(cipher);
- tmp = cipher;
- } else {
- cipher = PR_smprintf("0l0x%08x",1<<i);
- }
- }
- }
-
- return cipher;
-}
-
-static char *
-pk11_mkSlotFlags(unsigned long defaultFlags)
-{
- char *flags=NULL;
- int i,j;
-
- for (i=0; i < sizeof(defaultFlags)*8; i++) {
- if (defaultFlags & (1<<i)) {
- char *string = NULL;
-
- for (j=0; j < pk11_argSlotFlagTableSize; j++) {
- if (pk11_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) {
- string = pk11_argSlotFlagTable[j].name;
- break;
- }
- }
- if (string) {
- if (flags) {
- char *tmp;
- tmp = PR_smprintf("%s,%s",flags,string);
- PR_smprintf_free(flags);
- flags = tmp;
- } else {
- flags = PR_smprintf("%s",string);
- }
- }
- }
- }
-
- return flags;
-}
-
-#define PK11_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust")
-
-static char *
-pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
-{
- char *flags= (char *)PORT_ZAlloc(PK11_MAX_ROOT_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,PK11_MAX_ROOT_FLAG_SIZE);
- if (hasRootCerts) {
- PORT_Strcat(flags,"hasRootCerts");
- first = PR_FALSE;
- }
- if (hasRootTrust) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"hasRootTrust");
- first = PR_FALSE;
- }
- return flags;
-}
-
-static char *
-pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
- unsigned long timeout, unsigned char askpw_in,
- PRBool hasRootCerts, PRBool hasRootTrust) {
- char *askpw,*flags,*rootFlags,*slotString;
- char *flagPair,*rootFlagsPair;
-
- switch (askpw_in) {
- case 0xff:
- askpw = "every";
- break;
- case 1:
- askpw = "timeout";
- break;
- default:
- askpw = "any";
- break;
- }
- flags = pk11_mkSlotFlags(defaultFlags);
- rootFlags = pk11_mkRootFlags(hasRootCerts,hasRootTrust);
- flagPair=pk11_formatPair("slotFlags",flags,'\'');
- rootFlagsPair=pk11_formatPair("rootFlags",rootFlags,'\'');
- if (flags) PR_smprintf_free(flags);
- if (rootFlags) PORT_Free(rootFlags);
- if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
- slotString = PR_smprintf("0x%08x=[%s askpw=%s timeout=%d %s]",slotID,flagPair,askpw,timeout,rootFlagsPair);
- } else {
- slotString = PR_smprintf("0x%08x=[%s %s]",slotID,flagPair,rootFlagsPair);
- }
- pk11_freePair(flagPair);
- pk11_freePair(rootFlagsPair);
- return slotString;
-}
-
-static char *
-pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical,
- unsigned long trustOrder, unsigned long cipherOrder,
- unsigned long ssl0, unsigned long ssl1) {
- int slotLen, i;
- char *slotParams, *ciphers, *nss, *nssFlags, *tmp;
- char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair;
-
-
- /* now let's build up the string
- * first the slot infos
- */
- slotLen=0;
- for (i=0; i < (int)slotCount; i++) {
- slotLen += PORT_Strlen(slotStrings[i])+1;
- }
- slotLen += 1; /* space for the final NULL */
-
- slotParams = (char *)PORT_ZAlloc(slotLen);
- PORT_Memset(slotParams,0,slotLen);
- for (i=0; i < (int)slotCount; i++) {
- PORT_Strcat(slotParams,slotStrings[i]);
- PORT_Strcat(slotParams," ");
- PR_smprintf_free(slotStrings[i]);
- slotStrings[i]=NULL;
- }
-
- /*
- * now the NSS structure
- */
- nssFlags = pk11_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
- isCritical);
- /* for now only the internal module is critical */
- ciphers = pk11_mkCipherFlags(ssl0, ssl1);
-
- trustOrderPair=pk11_formatIntPair("trustOrder",trustOrder,
- PK11_DEFAULT_TRUST_ORDER);
- cipherOrderPair=pk11_formatIntPair("cipherOrder",cipherOrder,
- PK11_DEFAULT_CIPHER_ORDER);
- slotPair=pk11_formatPair("slotParams",slotParams,'{'); /* } */
- if (slotParams) PORT_Free(slotParams);
- cipherPair=pk11_formatPair("ciphers",ciphers,'\'');
- if (ciphers) PR_smprintf_free(ciphers);
- flagPair=pk11_formatPair("Flags",nssFlags,'\'');
- if (nssFlags) PORT_Free(nssFlags);
- nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
- cipherOrderPair,slotPair,cipherPair,flagPair);
- pk11_freePair(trustOrderPair);
- pk11_freePair(cipherOrderPair);
- pk11_freePair(slotPair);
- pk11_freePair(cipherPair);
- pk11_freePair(flagPair);
- tmp = pk11_argStrip(nss);
- if (*tmp == '\0') {
- PR_smprintf_free(nss);
- nss = NULL;
- }
- return nss;
-}
-
-static char *
-pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
- char *NSS) {
- char *moduleSpec;
- char *lib,*name,*param,*nss;
-
- /*
- * now the final spec
- */
- lib = pk11_formatPair("library",dllName,'\"');
- name = pk11_formatPair("name",commonName,'\"');
- param = pk11_formatPair("parameters",parameters,'\"');
- nss = pk11_formatPair("NSS",NSS,'\"');
- moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
- pk11_freePair(lib);
- pk11_freePair(name);
- pk11_freePair(param);
- pk11_freePair(nss);
- return (moduleSpec);
-}
-
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
deleted file mode 100644
index 5f819b9c2..000000000
--- a/security/nss/lib/softoken/pkcs11.c
+++ /dev/null
@@ -1,4723 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- * This implementation has two slots:
- * slot 1 is our generic crypto support. It does not require login.
- * It supports Public Key ops, and all they bulk ciphers and hashes.
- * It can also support Private Key ops for imported Private keys. It does
- * not have any token storage.
- * slot 2 is our private key support. It requires a login before use. It
- * can store Private Keys and Certs as token objects. Currently only private
- * keys and their associated Certificates are saved on the token.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-#include "seccomon.h"
-#include "secitem.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "softoken.h"
-#include "lowkeyi.h"
-#include "blapi.h"
-#include "secder.h"
-#include "secport.h"
-#include "pcert.h"
-#include "secrng.h"
-
-#include "keydbi.h"
-
-#ifdef NSS_ENABLE_ECC
-extern SECStatus EC_FillParams(PRArenaPool *arena,
- const SECItem *encodedParams, ECParams *params);
-#endif
-
-/*
- * ******************** Static data *******************************
- */
-
-/* The next three strings must be exactly 32 characters long */
-static char *manufacturerID = "mozilla.org ";
-static char manufacturerID_space[33];
-static char *libraryDescription = "NSS Internal Crypto Services ";
-static char libraryDescription_space[33];
-
-#define __PASTE(x,y) x##y
-
-/*
- * we renamed all our internal functions, get the correct
- * definitions for them...
- */
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_EXTERN extern
-#define CK_PKCS11_FUNCTION_INFO(func) \
- CK_RV __PASTE(NS,func)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-
-
-/* build the crypto module table */
-static const CK_FUNCTION_LIST pk11_funcList = {
- { 1, 10 },
-
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_PKCS11_FUNCTION_INFO(func) \
- __PASTE(NS,func),
-#include "pkcs11f.h"
-
-};
-
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-
-#undef __PASTE
-
-/* List of DES Weak Keys */
-typedef unsigned char desKey[8];
-static const desKey pk11_desWeakTable[] = {
-#ifdef noParity
- /* weak */
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
- { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },
- { 0xe0, 0xe0, 0xe0, 0xe0, 0xf0, 0xf0, 0xf0, 0xf0 },
- { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
- /* semi-weak */
- { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },
- { 0xfe, 0x00, 0xfe, 0x00, 0x00, 0xfe, 0x00, 0xfe },
-
- { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },
- { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
-
- { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0x0f, 0x00, 0x0f },
- { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
-
- { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
- { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
-
- { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },
- { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },
-
- { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },
- { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
-#else
- /* weak */
- { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
- { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e },
- { 0xe0, 0xe0, 0xe0, 0xe0, 0xf1, 0xf1, 0xf1, 0xf1 },
- { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
-
- /* semi-weak */
- { 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe },
- { 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01 },
-
- { 0x1f, 0xe0, 0x1f, 0xe0, 0x0e, 0xf1, 0x0e, 0xf1 },
- { 0xe0, 0x1f, 0xe0, 0x1f, 0xf1, 0x0e, 0xf1, 0x0e },
-
- { 0x01, 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1 },
- { 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1, 0x01 },
-
- { 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
- { 0xfe, 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e },
-
- { 0x01, 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e },
- { 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e, 0x01 },
-
- { 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1, 0xfe },
- { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1 }
-#endif
-};
-
-
-static const int pk11_desWeakTableSize = sizeof(pk11_desWeakTable)/
- sizeof(pk11_desWeakTable[0]);
-
-/* DES KEY Parity conversion table. Takes each byte/2 as an index, returns
- * that byte with the proper parity bit set */
-static const unsigned char parityTable[256] = {
-/* Even...0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e */
-/* E */ 0x01,0x02,0x04,0x07,0x08,0x0b,0x0d,0x0e,
-/* Odd....0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e */
-/* O */ 0x10,0x13,0x15,0x16,0x19,0x1a,0x1c,0x1f,
-/* Odd....0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e */
-/* O */ 0x20,0x23,0x25,0x26,0x29,0x2a,0x2c,0x2f,
-/* Even...0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e */
-/* E */ 0x31,0x32,0x34,0x37,0x38,0x3b,0x3d,0x3e,
-/* Odd....0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e */
-/* O */ 0x40,0x43,0x45,0x46,0x49,0x4a,0x4c,0x4f,
-/* Even...0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e */
-/* E */ 0x51,0x52,0x54,0x57,0x58,0x5b,0x5d,0x5e,
-/* Even...0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e */
-/* E */ 0x61,0x62,0x64,0x67,0x68,0x6b,0x6d,0x6e,
-/* Odd....0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e */
-/* O */ 0x70,0x73,0x75,0x76,0x79,0x7a,0x7c,0x7f,
-/* Odd....0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e */
-/* O */ 0x80,0x83,0x85,0x86,0x89,0x8a,0x8c,0x8f,
-/* Even...0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e */
-/* E */ 0x91,0x92,0x94,0x97,0x98,0x9b,0x9d,0x9e,
-/* Even...0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae */
-/* E */ 0xa1,0xa2,0xa4,0xa7,0xa8,0xab,0xad,0xae,
-/* Odd....0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe */
-/* O */ 0xb0,0xb3,0xb5,0xb6,0xb9,0xba,0xbc,0xbf,
-/* Even...0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce */
-/* E */ 0xc1,0xc2,0xc4,0xc7,0xc8,0xcb,0xcd,0xce,
-/* Odd....0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde */
-/* O */ 0xd0,0xd3,0xd5,0xd6,0xd9,0xda,0xdc,0xdf,
-/* Odd....0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee */
-/* O */ 0xe0,0xe3,0xe5,0xe6,0xe9,0xea,0xec,0xef,
-/* Even...0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe */
-/* E */ 0xf1,0xf2,0xf4,0xf7,0xf8,0xfb,0xfd,0xfe,
-};
-
-/* Mechanisms */
-struct mechanismList {
- CK_MECHANISM_TYPE type;
- CK_MECHANISM_INFO info;
- PRBool privkey;
-};
-
-/*
- * the following table includes a complete list of mechanism defined by
- * PKCS #11 version 2.01. Those Mechanisms not supported by this PKCS #11
- * module are ifdef'ed out.
- */
-#define CKF_EN_DE CKF_ENCRYPT | CKF_DECRYPT
-#define CKF_WR_UN CKF_WRAP | CKF_UNWRAP
-#define CKF_SN_VR CKF_SIGN | CKF_VERIFY
-#define CKF_SN_RE CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER
-
-#define CKF_EN_DE_WR_UN CKF_EN_DE | CKF_WR_UN
-#define CKF_SN_VR_RE CKF_SN_VR | CKF_SN_RE
-#define CKF_DUZ_IT_ALL CKF_EN_DE_WR_UN | CKF_SN_VR_RE
-
-#define CKF_EC_PNU CKF_EC_FP | CKF_EC_NAMEDCURVE | CKF_EC_UNCOMPRESS
-
-#define CKF_EC_BPNU CKF_EC_F_2M | CKF_EC_PNU
-
-#define CK_MAX 0xffffffff
-
-static const struct mechanismList mechanisms[] = {
-
- /*
- * PKCS #11 Mechanism List.
- *
- * The first argument is the PKCS #11 Mechanism we support.
- * The second argument is Mechanism info structure. It includes:
- * The minimum key size,
- * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
- * in bytes for RC5, AES, and CAST*
- * ignored for DES*, IDEA and FORTEZZA based
- * The maximum key size,
- * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
- * in bytes for RC5, AES, and CAST*
- * ignored for DES*, IDEA and FORTEZZA based
- * Flags
- * What operations are supported by this mechanism.
- * The third argument is a bool which tells if this mechanism is
- * supported in the database token.
- *
- */
-
- /* ------------------------- RSA Operations ---------------------------*/
- {CKM_RSA_PKCS_KEY_PAIR_GEN,{128,CK_MAX,CKF_GENERATE_KEY_PAIR},PR_TRUE},
- {CKM_RSA_PKCS, {128,CK_MAX,CKF_DUZ_IT_ALL}, PR_TRUE},
-#ifdef PK11_RSA9796_SUPPORTED
- {CKM_RSA_9796, {128,CK_MAX,CKF_DUZ_IT_ALL}, PR_TRUE},
-#endif
- {CKM_RSA_X_509, {128,CK_MAX,CKF_DUZ_IT_ALL}, PR_TRUE},
- /* -------------- RSA Multipart Signing Operations -------------------- */
- {CKM_MD2_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_MD5_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_SHA1_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_SHA256_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_SHA384_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_SHA512_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- /* ------------------------- DSA Operations --------------------------- */
- {CKM_DSA_KEY_PAIR_GEN, {512, 1024, CKF_GENERATE_KEY_PAIR}, PR_TRUE},
- {CKM_DSA, {512, 1024, CKF_SN_VR}, PR_TRUE},
- {CKM_DSA_SHA1, {512, 1024, CKF_SN_VR}, PR_TRUE},
- /* -------------------- Diffie Hellman Operations --------------------- */
- /* no diffie hellman yet */
- {CKM_DH_PKCS_KEY_PAIR_GEN, {128, 1024, CKF_GENERATE_KEY_PAIR}, PR_TRUE},
- {CKM_DH_PKCS_DERIVE, {128, 1024, CKF_DERIVE}, PR_TRUE},
-#ifdef NSS_ENABLE_ECC
- /* -------------------- Elliptic Curve Operations --------------------- */
- {CKM_EC_KEY_PAIR_GEN, {112, 571, CKF_GENERATE_KEY_PAIR|CKF_EC_BPNU}, PR_TRUE},
- {CKM_ECDH1_DERIVE, {112, 571, CKF_DERIVE|CKF_EC_BPNU}, PR_TRUE},
- {CKM_ECDSA, {112, 571, CKF_SN_VR|CKF_EC_BPNU}, PR_TRUE},
- {CKM_ECDSA_SHA1, {112, 571, CKF_SN_VR|CKF_EC_BPNU}, PR_TRUE},
-#endif /* NSS_ENABLE_ECC */
- /* ------------------------- RC2 Operations --------------------------- */
- {CKM_RC2_KEY_GEN, {1, 128, CKF_GENERATE}, PR_TRUE},
- {CKM_RC2_ECB, {1, 128, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_RC2_CBC, {1, 128, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_RC2_MAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_RC2_MAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_RC2_CBC_PAD, {1, 128, CKF_EN_DE_WR_UN}, PR_TRUE},
- /* ------------------------- RC4 Operations --------------------------- */
- {CKM_RC4_KEY_GEN, {1, 256, CKF_GENERATE}, PR_FALSE},
- {CKM_RC4, {1, 256, CKF_EN_DE_WR_UN}, PR_FALSE},
- /* ------------------------- DES Operations --------------------------- */
- {CKM_DES_KEY_GEN, { 8, 8, CKF_GENERATE}, PR_TRUE},
- {CKM_DES_ECB, { 8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_DES_CBC, { 8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_DES_MAC, { 8, 8, CKF_SN_VR}, PR_TRUE},
- {CKM_DES_MAC_GENERAL, { 8, 8, CKF_SN_VR}, PR_TRUE},
- {CKM_DES_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_DES2_KEY_GEN, {24, 24, CKF_GENERATE}, PR_TRUE},
- {CKM_DES3_KEY_GEN, {24, 24, CKF_GENERATE}, PR_TRUE },
- {CKM_DES3_ECB, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
- {CKM_DES3_CBC, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
- {CKM_DES3_MAC, {24, 24, CKF_SN_VR}, PR_TRUE },
- {CKM_DES3_MAC_GENERAL, {24, 24, CKF_SN_VR}, PR_TRUE },
- {CKM_DES3_CBC_PAD, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
- /* ------------------------- CDMF Operations --------------------------- */
- {CKM_CDMF_KEY_GEN, {8, 8, CKF_GENERATE}, PR_TRUE},
- {CKM_CDMF_ECB, {8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CDMF_CBC, {8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CDMF_MAC, {8, 8, CKF_SN_VR}, PR_TRUE},
- {CKM_CDMF_MAC_GENERAL, {8, 8, CKF_SN_VR}, PR_TRUE},
- {CKM_CDMF_CBC_PAD, {8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- /* ------------------------- AES Operations --------------------------- */
- {CKM_AES_KEY_GEN, {16, 32, CKF_GENERATE}, PR_TRUE},
- {CKM_AES_ECB, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_AES_CBC, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_AES_MAC, {16, 32, CKF_SN_VR}, PR_TRUE},
- {CKM_AES_MAC_GENERAL, {16, 32, CKF_SN_VR}, PR_TRUE},
- {CKM_AES_CBC_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
- /* ------------------------- Hashing Operations ----------------------- */
- {CKM_MD2, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_MD2_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_MD2_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_MD5, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_MD5_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_MD5_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA_1, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_SHA_1_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA_1_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA384, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_SHA384_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA384_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA512, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_SHA512_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_SHA512_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
- {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE},
- /* ------------------------- CAST Operations --------------------------- */
-#ifdef NSS_SOFTOKEN_DOES_CAST
- /* Cast operations are not supported ( yet? ) */
- {CKM_CAST_KEY_GEN, {1, 8, CKF_GENERATE}, PR_TRUE},
- {CKM_CAST_ECB, {1, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST_CBC, {1, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST_MAC, {1, 8, CKF_SN_VR}, PR_TRUE},
- {CKM_CAST_MAC_GENERAL, {1, 8, CKF_SN_VR}, PR_TRUE},
- {CKM_CAST_CBC_PAD, {1, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST3_KEY_GEN, {1, 16, CKF_GENERATE}, PR_TRUE},
- {CKM_CAST3_ECB, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST3_CBC, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST3_MAC, {1, 16, CKF_SN_VR}, PR_TRUE},
- {CKM_CAST3_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_TRUE},
- {CKM_CAST3_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST5_KEY_GEN, {1, 16, CKF_GENERATE}, PR_TRUE},
- {CKM_CAST5_ECB, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST5_CBC, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_CAST5_MAC, {1, 16, CKF_SN_VR}, PR_TRUE},
- {CKM_CAST5_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_TRUE},
- {CKM_CAST5_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
-#endif
-#if NSS_SOFTOKEN_DOES_RC5
- /* ------------------------- RC5 Operations --------------------------- */
- {CKM_RC5_KEY_GEN, {1, 32, CKF_GENERATE}, PR_TRUE},
- {CKM_RC5_ECB, {1, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_RC5_CBC, {1, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_RC5_MAC, {1, 32, CKF_SN_VR}, PR_TRUE},
- {CKM_RC5_MAC_GENERAL, {1, 32, CKF_SN_VR}, PR_TRUE},
- {CKM_RC5_CBC_PAD, {1, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
-#endif
-#ifdef NSS_SOFTOKEN_DOES_IDEA
- /* ------------------------- IDEA Operations -------------------------- */
- {CKM_IDEA_KEY_GEN, {16, 16, CKF_GENERATE}, PR_TRUE},
- {CKM_IDEA_ECB, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_IDEA_CBC, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_IDEA_MAC, {16, 16, CKF_SN_VR}, PR_TRUE},
- {CKM_IDEA_MAC_GENERAL, {16, 16, CKF_SN_VR}, PR_TRUE},
- {CKM_IDEA_CBC_PAD, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
-#endif
- /* --------------------- Secret Key Operations ------------------------ */
- {CKM_GENERIC_SECRET_KEY_GEN, {1, 32, CKF_GENERATE}, PR_TRUE},
- {CKM_CONCATENATE_BASE_AND_KEY, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_CONCATENATE_BASE_AND_DATA, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_CONCATENATE_DATA_AND_BASE, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_XOR_BASE_AND_DATA, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_EXTRACT_KEY_FROM_KEY, {1, 32, CKF_DERIVE}, PR_FALSE},
- /* ---------------------- SSL Key Derivations ------------------------- */
- {CKM_SSL3_PRE_MASTER_KEY_GEN, {48, 48, CKF_GENERATE}, PR_FALSE},
- {CKM_SSL3_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE},
- {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE},
- {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE},
- {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE},
- {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE},
- {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- /* ---------------------- PBE Key Derivations ------------------------ */
- {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE},
- {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE},
- /* ------------------ NETSCAPE PBE Key Derivations ------------------- */
- {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC4_40, {40,40, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC4_128, {128,128, CKF_GENERATE}, PR_TRUE},
- {CKM_PBA_SHA1_WITH_SHA1_HMAC, {20,20, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, {20,20, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE},
- /* ------------------ AES Key Wrap (also encrypt) ------------------- */
- {CKM_NETSCAPE_AES_KEY_WRAP, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
- {CKM_NETSCAPE_AES_KEY_WRAP_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
-};
-static const CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
-
-static char *
-pk11_setStringName(const char *inString, char *buffer, int buffer_length)
-{
- int full_length, string_length;
-
- full_length = buffer_length -1;
- string_length = PORT_Strlen(inString);
- /*
- * shorten the string, respecting utf8 encoding
- * to do so, we work backward from the end
- * bytes looking from the end are either:
- * - ascii [0x00,0x7f]
- * - the [2-n]th byte of a multibyte sequence
- * [0x3F,0xBF], i.e, most significant 2 bits are '10'
- * - the first byte of a multibyte sequence [0xC0,0xFD],
- * i.e, most significant 2 bits are '11'
- *
- * When the string is too long, we lop off any trailing '10' bytes,
- * if any. When these are all eliminated we lop off
- * one additional byte. Thus if we lopped any '10'
- * we'll be lopping a '11' byte (the first byte of the multibyte sequence),
- * otherwise we're lopping off an ascii character.
- *
- * To test for '10' bytes, we first AND it with
- * 11000000 (0xc0) so that we get 10000000 (0x80) if and only if
- * the byte starts with 10. We test for equality.
- */
- while ( string_length > full_length ) {
- /* need to shorten */
- while ( string_length > 0 &&
- ((inString[string_length-1]&(char)0xc0) == (char)0x80)) {
- /* lop off '10' byte */
- string_length--;
- }
- /*
- * test string_length in case bad data is received
- * and string consisted of all '10' bytes,
- * avoiding any infinite loop
- */
- if ( string_length ) {
- /* remove either '11' byte or an asci byte */
- string_length--;
- }
- }
- PORT_Memset(buffer,' ',full_length);
- buffer[full_length] = 0;
- PORT_Memcpy(buffer,inString,string_length);
- return buffer;
-}
-/*
- * Configuration utils
- */
-static CK_RV
-pk11_configure(const char *man, const char *libdes)
-{
-
- /* make sure the internationalization was done correctly... */
- if (man) {
- manufacturerID = pk11_setStringName(man,manufacturerID_space,
- sizeof(manufacturerID_space));
- }
- if (libdes) {
- libraryDescription = pk11_setStringName(libdes,
- libraryDescription_space, sizeof(libraryDescription_space));
- }
-
- return CKR_OK;
-}
-
-/*
- * ******************** Password Utilities *******************************
- */
-
-/*
- * see if the key DB password is enabled
- */
-PRBool
-pk11_hasNullPassword(NSSLOWKEYDBHandle *keydb,SECItem **pwitem)
-{
- PRBool pwenabled;
-
- pwenabled = PR_FALSE;
- *pwitem = NULL;
- if (nsslowkey_HasKeyDBPassword (keydb) == SECSuccess) {
- *pwitem = nsslowkey_HashPassword("", keydb->global_salt);
- if ( *pwitem ) {
- if (nsslowkey_CheckKeyDBPassword (keydb, *pwitem) == SECSuccess) {
- pwenabled = PR_TRUE;
- } else {
- SECITEM_ZfreeItem(*pwitem, PR_TRUE);
- *pwitem = NULL;
- }
- }
- }
-
- return pwenabled;
-}
-
-/*
- * ******************** Object Creation Utilities ***************************
- */
-
-
-/* Make sure a given attribute exists. If it doesn't, initialize it to
- * value and len
- */
-CK_RV
-pk11_defaultAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *value,
- unsigned int len)
-{
- if ( !pk11_hasAttribute(object, type)) {
- return pk11_AddAttributeType(object,type,value,len);
- }
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Data Object
- */
-static CK_RV
-pk11_handleDataObject(PK11Session *session,PK11Object *object)
-{
- CK_RV crv;
-
- /* first reject private and token data objects */
- if (pk11_isTrue(object,CKA_PRIVATE) || pk11_isTrue(object,CKA_TOKEN)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* now just verify the required date fields */
- crv = pk11_defaultAttribute(object,CKA_APPLICATION,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VALUE,NULL,0);
- if (crv != CKR_OK) return crv;
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Certificate Object
- */
-static CK_RV
-pk11_handleCertObject(PK11Session *session,PK11Object *object)
-{
- CK_CERTIFICATE_TYPE type;
- PK11Attribute *attribute;
- CK_RV crv;
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_CERTIFICATE_TYPE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* We only support X.509 Certs for now */
- attribute = pk11_FindAttribute(object,CKA_CERTIFICATE_TYPE);
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- type = *(CK_CERTIFICATE_TYPE *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- if (type != CKC_X_509) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* X.509 Certificate */
-
- /* make sure we have a cert */
- if ( !pk11_hasAttribute(object,CKA_VALUE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* in PKCS #11, Subject is a required field */
- if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* in PKCS #11, Issuer is a required field */
- if ( !pk11_hasAttribute(object,CKA_ISSUER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* in PKCS #11, Serial is a required field */
- if ( !pk11_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* add it to the object */
- object->objectInfo = NULL;
- object->infoFree = (PK11Free) NULL;
-
- /* now just verify the required date fields */
- crv = pk11_defaultAttribute(object, CKA_ID, NULL, 0);
- if (crv != CKR_OK) { return crv; }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- SECItem derCert;
- NSSLOWCERTCertificate *cert;
- NSSLOWCERTCertTrust *trust = NULL;
- NSSLOWCERTCertTrust userTrust =
- { CERTDB_USER, CERTDB_USER, CERTDB_USER };
- NSSLOWCERTCertTrust defTrust =
- { CERTDB_TRUSTED_UNKNOWN,
- CERTDB_TRUSTED_UNKNOWN, CERTDB_TRUSTED_UNKNOWN };
- char *label = NULL;
- char *email = NULL;
- SECStatus rv;
- PRBool inDB = PR_TRUE;
-
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* get the der cert */
- attribute = pk11_FindAttribute(object,CKA_VALUE);
- PORT_Assert(attribute);
-
- derCert.type = 0;
- derCert.data = (unsigned char *)attribute->attrib.pValue;
- derCert.len = attribute->attrib.ulValueLen ;
-
- label = pk11_getString(object,CKA_LABEL);
-
- cert = nsslowcert_FindCertByDERCert(slot->certDB, &derCert);
- if (cert == NULL) {
- cert = nsslowcert_DecodeDERCertificate(&derCert, label);
- inDB = PR_FALSE;
- }
- if (cert == NULL) {
- if (label) PORT_Free(label);
- pk11_FreeAttribute(attribute);
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- if (slot->keyDB && nsslowkey_KeyForCertExists(slot->keyDB,cert)) {
- trust = &userTrust;
- }
- if (!inDB) {
- if (!trust) trust = &defTrust;
- rv = nsslowcert_AddPermCert(slot->certDB, cert, label, trust);
- } else {
- rv = trust ? nsslowcert_ChangeCertTrust(slot->certDB,cert,trust) :
- SECSuccess;
- }
-
- if (label) PORT_Free(label);
- pk11_FreeAttribute(attribute);
-
- if (rv != SECSuccess) {
- nsslowcert_DestroyCertificate(cert);
- return CKR_DEVICE_ERROR;
- }
-
- /*
- * Add a NULL S/MIME profile if necessary.
- */
- email = pk11_getString(object,CKA_NETSCAPE_EMAIL);
- if (email) {
- certDBEntrySMime *entry;
-
- entry = nsslowcert_ReadDBSMimeEntry(slot->certDB,email);
- if (!entry) {
- nsslowcert_SaveSMimeProfile(slot->certDB, email,
- &cert->derSubject, NULL, NULL);
- } else {
- nsslowcert_DestroyDBEntry((certDBEntry *)entry);
- }
- PORT_Free(email);
- }
- object->handle=pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT);
- nsslowcert_DestroyCertificate(cert);
- }
-
- return CKR_OK;
-}
-
-unsigned int
-pk11_MapTrust(CK_TRUST trust, PRBool clientAuth)
-{
- unsigned int trustCA = clientAuth ? CERTDB_TRUSTED_CLIENT_CA :
- CERTDB_TRUSTED_CA;
- switch (trust) {
- case CKT_NETSCAPE_TRUSTED:
- return CERTDB_VALID_PEER|CERTDB_TRUSTED;
- case CKT_NETSCAPE_TRUSTED_DELEGATOR:
- return CERTDB_VALID_CA|trustCA;
- case CKT_NETSCAPE_UNTRUSTED:
- return CERTDB_NOT_TRUSTED;
- case CKT_NETSCAPE_MUST_VERIFY:
- return 0;
- case CKT_NETSCAPE_VALID: /* implies must verify */
- return CERTDB_VALID_PEER;
- case CKT_NETSCAPE_VALID_DELEGATOR: /* implies must verify */
- return CERTDB_VALID_CA;
- default:
- break;
- }
- return CERTDB_TRUSTED_UNKNOWN;
-}
-
-
-/*
- * check the consistancy and initialize a Trust Object
- */
-static CK_RV
-pk11_handleTrustObject(PK11Session *session,PK11Object *object)
-{
- NSSLOWCERTIssuerAndSN issuerSN;
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_ISSUER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_CERT_SHA1_HASH) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_CERT_MD5_HASH) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- PK11Attribute *issuer = NULL;
- PK11Attribute *serial = NULL;
- NSSLOWCERTCertificate *cert = NULL;
- PK11Attribute *trust;
- CK_TRUST sslTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- CK_TRUST clientTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- CK_TRUST emailTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- CK_TRUST signTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- NSSLOWCERTCertTrust dbTrust = { 0 };
- SECStatus rv;
-
-
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- issuer = pk11_FindAttribute(object,CKA_ISSUER);
- PORT_Assert(issuer);
- issuerSN.derIssuer.data = (unsigned char *)issuer->attrib.pValue;
- issuerSN.derIssuer.len = issuer->attrib.ulValueLen ;
-
- serial = pk11_FindAttribute(object,CKA_SERIAL_NUMBER);
- PORT_Assert(serial);
- issuerSN.serialNumber.data = (unsigned char *)serial->attrib.pValue;
- issuerSN.serialNumber.len = serial->attrib.ulValueLen ;
-
- cert = nsslowcert_FindCertByIssuerAndSN(slot->certDB,&issuerSN);
- pk11_FreeAttribute(serial);
- pk11_FreeAttribute(issuer);
-
- if (cert == NULL) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- trust = pk11_FindAttribute(object,CKA_TRUST_SERVER_AUTH);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&sslTrust,trust->attrib.pValue, sizeof(sslTrust));
- }
- pk11_FreeAttribute(trust);
- }
- trust = pk11_FindAttribute(object,CKA_TRUST_CLIENT_AUTH);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&clientTrust,trust->attrib.pValue,
- sizeof(clientTrust));
- }
- pk11_FreeAttribute(trust);
- }
- trust = pk11_FindAttribute(object,CKA_TRUST_EMAIL_PROTECTION);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&emailTrust,trust->attrib.pValue,
- sizeof(emailTrust));
- }
- pk11_FreeAttribute(trust);
- }
- trust = pk11_FindAttribute(object,CKA_TRUST_CODE_SIGNING);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&signTrust,trust->attrib.pValue,
- sizeof(signTrust));
- }
- pk11_FreeAttribute(trust);
- }
-
- /* preserve certain old fields */
- if (cert->trust) {
- dbTrust.sslFlags =
- cert->trust->sslFlags & CERTDB_PRESERVE_TRUST_BITS;
- dbTrust.emailFlags=
- cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS;
- dbTrust.objectSigningFlags =
- cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS;
- }
-
- dbTrust.sslFlags |= pk11_MapTrust(sslTrust,PR_FALSE);
- dbTrust.sslFlags |= pk11_MapTrust(clientTrust,PR_TRUE);
- dbTrust.emailFlags |= pk11_MapTrust(emailTrust,PR_FALSE);
- dbTrust.objectSigningFlags |= pk11_MapTrust(signTrust,PR_FALSE);
-
- rv = nsslowcert_ChangeCertTrust(slot->certDB,cert,&dbTrust);
- object->handle=pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_TRUST);
- nsslowcert_DestroyCertificate(cert);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- }
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object
- */
-static CK_RV
-pk11_handleSMimeObject(PK11Session *session,PK11Object *object)
-{
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_NETSCAPE_EMAIL) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- SECItem derSubj,rawProfile,rawTime,emailKey;
- SECItem *pRawProfile = NULL;
- SECItem *pRawTime = NULL;
- char *email = NULL;
- PK11Attribute *subject,*profile,*time;
- SECStatus rv;
-
- PORT_Assert(slot);
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* lookup SUBJECT */
- subject = pk11_FindAttribute(object,CKA_SUBJECT);
- PORT_Assert(subject);
- derSubj.data = (unsigned char *)subject->attrib.pValue;
- derSubj.len = subject->attrib.ulValueLen ;
- derSubj.type = 0;
-
- /* lookup VALUE */
- profile = pk11_FindAttribute(object,CKA_VALUE);
- if (profile) {
- rawProfile.data = (unsigned char *)profile->attrib.pValue;
- rawProfile.len = profile->attrib.ulValueLen ;
- rawProfile.type = siBuffer;
- pRawProfile = &rawProfile;
- }
-
- /* lookup Time */
- time = pk11_FindAttribute(object,CKA_NETSCAPE_SMIME_TIMESTAMP);
- if (time) {
- rawTime.data = (unsigned char *)time->attrib.pValue;
- rawTime.len = time->attrib.ulValueLen ;
- rawTime.type = siBuffer;
- pRawTime = &rawTime;
- }
-
-
- email = pk11_getString(object,CKA_NETSCAPE_EMAIL);
-
- /* Store CRL by SUBJECT */
- rv = nsslowcert_SaveSMimeProfile(slot->certDB, email, &derSubj,
- pRawProfile,pRawTime);
-
- pk11_FreeAttribute(subject);
- if (profile) pk11_FreeAttribute(profile);
- if (time) pk11_FreeAttribute(time);
- if (rv != SECSuccess) {
- PORT_Free(email);
- return CKR_DEVICE_ERROR;
- }
- emailKey.data = (unsigned char *)email;
- emailKey.len = PORT_Strlen(email)+1;
-
- object->handle = pk11_mkHandle(slot, &emailKey, PK11_TOKEN_TYPE_SMIME);
- PORT_Free(email);
- }
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object
- */
-static CK_RV
-pk11_handleCrlObject(PK11Session *session,PK11Object *object)
-{
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_VALUE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- PRBool isKRL = PR_FALSE;
- SECItem derSubj,derCrl;
- char *url = NULL;
- PK11Attribute *subject,*crl;
- SECStatus rv;
-
- PORT_Assert(slot);
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* lookup SUBJECT */
- subject = pk11_FindAttribute(object,CKA_SUBJECT);
- PORT_Assert(subject);
- derSubj.data = (unsigned char *)subject->attrib.pValue;
- derSubj.len = subject->attrib.ulValueLen ;
-
- /* lookup VALUE */
- crl = pk11_FindAttribute(object,CKA_VALUE);
- PORT_Assert(crl);
- derCrl.data = (unsigned char *)crl->attrib.pValue;
- derCrl.len = crl->attrib.ulValueLen ;
-
-
- url = pk11_getString(object,CKA_NETSCAPE_URL);
- isKRL = pk11_isTrue(object,CKA_NETSCAPE_KRL);
-
- /* Store CRL by SUBJECT */
- rv = nsslowcert_AddCrl(slot->certDB, &derCrl, &derSubj, url, isKRL);
-
- if (url) {
- PORT_Free(url);
- }
- pk11_FreeAttribute(crl);
- if (rv != SECSuccess) {
- pk11_FreeAttribute(subject);
- return CKR_DEVICE_ERROR;
- }
-
- /* if we overwrote the existing CRL, poison the handle entry so we get
- * a new object handle */
- (void) pk11_poisonHandle(slot, &derSubj,
- isKRL ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL);
- object->handle = pk11_mkHandle(slot, &derSubj,
- isKRL ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL);
- pk11_FreeAttribute(subject);
- }
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Public Key Object
- */
-static CK_RV
-pk11_handlePublicKeyObject(PK11Session *session, PK11Object *object,
- CK_KEY_TYPE key_type)
-{
- CK_BBOOL encrypt = CK_TRUE;
- CK_BBOOL recover = CK_TRUE;
- CK_BBOOL wrap = CK_TRUE;
- CK_BBOOL derive = CK_FALSE;
- CK_BBOOL verify = CK_TRUE;
- CK_ATTRIBUTE_TYPE pubKeyAttr = CKA_VALUE;
- CK_RV crv;
-
- switch (key_type) {
- case CKK_RSA:
- if ( !pk11_hasAttribute(object, CKA_MODULUS)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- pubKeyAttr = CKA_MODULUS;
- break;
- case CKK_DSA:
- if ( !pk11_hasAttribute(object, CKA_SUBPRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- /* fall through */
- case CKK_DH:
- if ( !pk11_hasAttribute(object, CKA_PRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_BASE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if (key_type == CKK_DH) {
- verify = CK_FALSE;
- derive = CK_TRUE;
- }
- encrypt = CK_FALSE;
- recover = CK_FALSE;
- wrap = CK_FALSE;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKK_EC:
- if ( !pk11_hasAttribute(object, CKA_EC_PARAMS)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_EC_POINT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- derive = CK_TRUE; /* for ECDH */
- verify = CK_TRUE; /* for ECDSA */
- encrypt = CK_FALSE;
- recover = CK_FALSE;
- wrap = CK_FALSE;
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* make sure the required fields exist */
- crv = pk11_defaultAttribute(object,CKA_SUBJECT,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_ENCRYPT,&encrypt,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VERIFY,&verify,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VERIFY_RECOVER,
- &recover,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_WRAP,&wrap,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DERIVE,&derive,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- object->objectInfo = pk11_GetPubKey(object,key_type, &crv);
- if (object->objectInfo == NULL) {
- return crv;
- }
- object->infoFree = (PK11Free) nsslowkey_DestroyPublicKey;
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- NSSLOWKEYPrivateKey *priv;
- SECItem pubKey;
-
- crv = pk11_Attribute2SSecItem(NULL,&pubKey,object,pubKeyAttr);
- if (crv != CKR_OK) return crv;
-
- PORT_Assert(pubKey.data);
- if (slot->keyDB == NULL) {
- PORT_Free(pubKey.data);
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- if (slot->keyDB->version != 3) {
- unsigned char buf[SHA1_LENGTH];
- SHA1_HashBuf(buf,pubKey.data,pubKey.len);
- PORT_Memcpy(pubKey.data,buf,sizeof(buf));
- pubKey.len = sizeof(buf);
- }
- /* make sure the associated private key already exists */
- /* only works if we are logged in */
- priv = nsslowkey_FindKeyByPublicKey(slot->keyDB, &pubKey,
- slot->password);
- if (priv == NULL) {
- PORT_Free(pubKey.data);
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- nsslowkey_DestroyPrivateKey(priv);
-
- object->handle = pk11_mkHandle(slot, &pubKey, PK11_TOKEN_TYPE_PUB);
- PORT_Free(pubKey.data);
- }
-
- return CKR_OK;
-}
-
-static NSSLOWKEYPrivateKey *
-pk11_mkPrivKey(PK11Object *object,CK_KEY_TYPE key, CK_RV *rvp);
-
-/*
- * check the consistancy and initialize a Private Key Object
- */
-static CK_RV
-pk11_handlePrivateKeyObject(PK11Session *session,PK11Object *object,CK_KEY_TYPE key_type)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL encrypt = CK_TRUE;
- CK_BBOOL recover = CK_TRUE;
- CK_BBOOL wrap = CK_TRUE;
- CK_BBOOL derive = CK_FALSE;
- CK_BBOOL ckfalse = CK_FALSE;
- SECItem mod;
- CK_RV crv;
-
- switch (key_type) {
- case CKK_RSA:
- if ( !pk11_hasAttribute(object, CKA_MODULUS)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PRIME_1)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PRIME_2)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_EXPONENT_1)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_EXPONENT_2)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_COEFFICIENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- /* make sure Netscape DB attribute is set correctly */
- crv = pk11_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
- if (crv != CKR_OK) return crv;
- crv = pk11_forceAttribute(object, CKA_NETSCAPE_DB,
- pk11_item_expand(&mod));
- if (mod.data) PORT_Free(mod.data);
- if (crv != CKR_OK) return crv;
-
- break;
- case CKK_DSA:
- if ( !pk11_hasAttribute(object, CKA_SUBPRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_NETSCAPE_DB)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- /* fall through */
- case CKK_DH:
- if ( !pk11_hasAttribute(object, CKA_PRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_BASE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- encrypt = CK_FALSE;
- recover = CK_FALSE;
- wrap = CK_FALSE;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKK_EC:
- if ( !pk11_hasAttribute(object, CKA_EC_PARAMS)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- encrypt = CK_FALSE;
- recover = CK_FALSE;
- wrap = CK_FALSE;
- derive = CK_TRUE;
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- crv = pk11_defaultAttribute(object,CKA_SUBJECT,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DECRYPT,&encrypt,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SIGN,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SIGN_RECOVER,&recover,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_UNWRAP,&wrap,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DERIVE,&derive,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- /* the next two bits get modified only in the key gen and token cases */
- crv = pk11_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* should we check the non-token RSA private keys? */
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- NSSLOWKEYPrivateKey *privKey;
- char *label;
- SECStatus rv = SECSuccess;
- SECItem pubKey;
-
- if (slot->keyDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- privKey=pk11_mkPrivKey(object,key_type,&crv);
- if (privKey == NULL) return crv;
- label = pk11_getString(object,CKA_LABEL);
-
- crv = pk11_Attribute2SSecItem(NULL,&pubKey,object,CKA_NETSCAPE_DB);
- if (crv != CKR_OK) {
- if (label) PORT_Free(label);
- nsslowkey_DestroyPrivateKey(privKey);
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if (slot->keyDB->version != 3) {
- unsigned char buf[SHA1_LENGTH];
- SHA1_HashBuf(buf,pubKey.data,pubKey.len);
- PORT_Memcpy(pubKey.data,buf,sizeof(buf));
- pubKey.len = sizeof(buf);
- }
-
- if (key_type == CKK_RSA) {
- rv = RSA_PrivateKeyCheck(&privKey->u.rsa);
- if (rv == SECFailure) {
- goto fail;
- }
- }
- rv = nsslowkey_StoreKeyByPublicKey(object->slot->keyDB,
- privKey, &pubKey, label, object->slot->password);
-
-fail:
- if (label) PORT_Free(label);
- object->handle = pk11_mkHandle(slot,&pubKey,PK11_TOKEN_TYPE_PRIV);
- if (pubKey.data) PORT_Free(pubKey.data);
- nsslowkey_DestroyPrivateKey(privKey);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- } else {
- object->objectInfo = pk11_mkPrivKey(object,key_type,&crv);
- if (object->objectInfo == NULL) return crv;
- object->infoFree = (PK11Free) nsslowkey_DestroyPrivateKey;
- /* now NULL out the sensitive attributes */
- if (pk11_isTrue(object,CKA_SENSITIVE)) {
- pk11_nullAttribute(object,CKA_PRIVATE_EXPONENT);
- pk11_nullAttribute(object,CKA_PRIME_1);
- pk11_nullAttribute(object,CKA_PRIME_2);
- pk11_nullAttribute(object,CKA_EXPONENT_1);
- pk11_nullAttribute(object,CKA_EXPONENT_2);
- pk11_nullAttribute(object,CKA_COEFFICIENT);
- }
- }
- return CKR_OK;
-}
-
-/* forward delcare the DES formating function for handleSecretKey */
-void pk11_FormatDESKey(unsigned char *key, int length);
-static NSSLOWKEYPrivateKey *pk11_mkSecretKeyRep(PK11Object *object);
-
-/* Validate secret key data, and set defaults */
-static CK_RV
-validateSecretKey(PK11Session *session, PK11Object *object,
- CK_KEY_TYPE key_type, PRBool isFIPS)
-{
- CK_RV crv;
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- PK11Attribute *attribute = NULL;
- crv = pk11_defaultAttribute(object,CKA_SENSITIVE,
- isFIPS?&cktrue:&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_EXTRACTABLE,
- &cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_ENCRYPT,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DECRYPT,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SIGN,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VERIFY,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_WRAP,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_UNWRAP,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- /* the next two bits get modified only in the key gen and token cases */
- crv = pk11_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* some types of keys have a value length */
- crv = CKR_OK;
- switch (key_type) {
- /* force CKA_VALUE_LEN to be set */
- case CKK_GENERIC_SECRET:
- case CKK_RC2:
- case CKK_RC4:
-#if NSS_SOFTOKEN_DOES_RC5
- case CKK_RC5:
-#endif
-#ifdef NSS_SOFTOKEN_DOES_CAST
- case CKK_CAST:
- case CKK_CAST3:
- case CKK_CAST5:
-#endif
-#if NSS_SOFTOKEN_DOES_IDEA
- case CKK_IDEA:
-#endif
- attribute = pk11_FindAttribute(object,CKA_VALUE);
- /* shouldn't happen */
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- crv = pk11_forceAttribute(object, CKA_VALUE_LEN,
- &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
- pk11_FreeAttribute(attribute);
- break;
- /* force the value to have the correct parity */
- case CKK_DES:
- case CKK_DES2:
- case CKK_DES3:
- case CKK_CDMF:
- attribute = pk11_FindAttribute(object,CKA_VALUE);
- /* shouldn't happen */
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- pk11_FormatDESKey((unsigned char*)attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- pk11_FreeAttribute(attribute);
- break;
- default:
- break;
- }
-
- return crv;
-}
-
-#define PK11_KEY_MAX_RETRIES 10 /* don't hang if we are having problems with the rng */
-#define PK11_KEY_ID_SIZE 18 /* don't use either SHA1 or MD5 sizes */
-/*
- * Secret keys must have a CKA_ID value to be stored in the database. This code
- * will generate one if there wasn't one already.
- */
-static CK_RV
-pk11_GenerateSecretCKA_ID(NSSLOWKEYDBHandle *handle, SECItem *id, char *label)
-{
- unsigned int retries;
- SECStatus rv = SECSuccess;
- CK_RV crv = CKR_OK;
-
- id->data = NULL;
- if (label) {
- id->data = (unsigned char *)PORT_Strdup(label);
- if (id->data == NULL) {
- return CKR_HOST_MEMORY;
- }
- id->len = PORT_Strlen(label)+1;
- if (!nsslowkey_KeyForIDExists(handle,id)) {
- return CKR_OK;
- }
- PORT_Free(id->data);
- id->data = NULL;
- id->len = 0;
- }
- id->data = (unsigned char *)PORT_Alloc(PK11_KEY_ID_SIZE);
- if (id->data == NULL) {
- return CKR_HOST_MEMORY;
- }
- id->len = PK11_KEY_ID_SIZE;
-
- retries = 0;
- do {
- rv = RNG_GenerateGlobalRandomBytes(id->data,id->len);
- } while (rv == SECSuccess && nsslowkey_KeyForIDExists(handle,id) &&
- (++retries <= PK11_KEY_MAX_RETRIES));
-
- if ((rv != SECSuccess) || (retries > PK11_KEY_MAX_RETRIES)) {
- crv = CKR_DEVICE_ERROR; /* random number generator is bad */
- PORT_Free(id->data);
- id->data = NULL;
- id->len = 0;
- }
- return crv;
-}
-
-/*
- * check the consistancy and initialize a Secret Key Object
- */
-static CK_RV
-pk11_handleSecretKeyObject(PK11Session *session,PK11Object *object,
- CK_KEY_TYPE key_type, PRBool isFIPS)
-{
- CK_RV crv;
- NSSLOWKEYPrivateKey *privKey = NULL;
- SECItem pubKey;
- char *label = NULL;
-
- pubKey.data = 0;
-
- /* First validate and set defaults */
- crv = validateSecretKey(session, object, key_type, isFIPS);
- if (crv != CKR_OK) goto loser;
-
- /* If the object is a TOKEN object, store in the database */
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- SECStatus rv = SECSuccess;
-
- if (slot->keyDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- label = pk11_getString(object,CKA_LABEL);
-
- crv = pk11_Attribute2SecItem(NULL, &pubKey, object, CKA_ID);
- /* Should this be ID? */
- if (crv != CKR_OK) goto loser;
-
- /* if we don't have an ID, generate one */
- if (pubKey.len == 0) {
- if (pubKey.data) {
- PORT_Free(pubKey.data);
- pubKey.data = NULL;
- }
- crv = pk11_GenerateSecretCKA_ID(slot->keyDB, &pubKey, label);
- if (crv != CKR_OK) goto loser;
-
- crv = pk11_forceAttribute(object, CKA_ID, pubKey.data, pubKey.len);
- if (crv != CKR_OK) goto loser;
- }
-
- privKey=pk11_mkSecretKeyRep(object);
- if (privKey == NULL) {
- crv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- PORT_Assert(slot->keyDB);
- rv = nsslowkey_StoreKeyByPublicKey(slot->keyDB,
- privKey, &pubKey, label, slot->password);
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- object->handle = pk11_mkHandle(slot,&pubKey,PK11_TOKEN_TYPE_KEY);
- }
-
-loser:
- if (label) PORT_Free(label);
- if (privKey) nsslowkey_DestroyPrivateKey(privKey);
- if (pubKey.data) PORT_Free(pubKey.data);
-
- return crv;
-}
-
-/*
- * check the consistancy and initialize a Key Object
- */
-static CK_RV
-pk11_handleKeyObject(PK11Session *session, PK11Object *object)
-{
- PK11Attribute *attribute;
- CK_KEY_TYPE key_type;
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_RV crv;
-
- /* verify the required fields */
- if ( !pk11_hasAttribute(object,CKA_KEY_TYPE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* now verify the common fields */
- crv = pk11_defaultAttribute(object,CKA_ID,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_START_DATE,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_END_DATE,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_LOCAL,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* get the key type */
- attribute = pk11_FindAttribute(object,CKA_KEY_TYPE);
- key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- switch (object->objclass) {
- case CKO_PUBLIC_KEY:
- return pk11_handlePublicKeyObject(session,object,key_type);
- case CKO_PRIVATE_KEY:
- return pk11_handlePrivateKeyObject(session,object,key_type);
- case CKO_SECRET_KEY:
- /* make sure the required fields exist */
- return pk11_handleSecretKeyObject(session,object,key_type,
- (PRBool)(session->slot->slotID == FIPS_SLOT_ID));
- default:
- break;
- }
- return CKR_ATTRIBUTE_VALUE_INVALID;
-}
-
-/*
- * check the consistancy and Verify a DSA Parameter Object
- */
-static CK_RV
-pk11_handleDSAParameterObject(PK11Session *session, PK11Object *object)
-{
- PK11Attribute *primeAttr = NULL;
- PK11Attribute *subPrimeAttr = NULL;
- PK11Attribute *baseAttr = NULL;
- PK11Attribute *seedAttr = NULL;
- PK11Attribute *hAttr = NULL;
- PK11Attribute *attribute;
- CK_RV crv = CKR_TEMPLATE_INCOMPLETE;
- PQGParams params;
- PQGVerify vfy, *verify = NULL;
- SECStatus result,rv;
-
- primeAttr = pk11_FindAttribute(object,CKA_PRIME);
- if (primeAttr == NULL) goto loser;
- params.prime.data = primeAttr->attrib.pValue;
- params.prime.len = primeAttr->attrib.ulValueLen;
-
- subPrimeAttr = pk11_FindAttribute(object,CKA_SUBPRIME);
- if (subPrimeAttr == NULL) goto loser;
- params.subPrime.data = subPrimeAttr->attrib.pValue;
- params.subPrime.len = subPrimeAttr->attrib.ulValueLen;
-
- baseAttr = pk11_FindAttribute(object,CKA_BASE);
- if (baseAttr == NULL) goto loser;
- params.base.data = baseAttr->attrib.pValue;
- params.base.len = baseAttr->attrib.ulValueLen;
-
- attribute = pk11_FindAttribute(object, CKA_NETSCAPE_PQG_COUNTER);
- if (attribute != NULL) {
- vfy.counter = *(CK_ULONG *) attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- seedAttr = pk11_FindAttribute(object, CKA_NETSCAPE_PQG_SEED);
- if (seedAttr == NULL) goto loser;
- vfy.seed.data = seedAttr->attrib.pValue;
- vfy.seed.len = seedAttr->attrib.ulValueLen;
-
- hAttr = pk11_FindAttribute(object, CKA_NETSCAPE_PQG_H);
- if (hAttr == NULL) goto loser;
- vfy.h.data = hAttr->attrib.pValue;
- vfy.h.len = hAttr->attrib.ulValueLen;
-
- verify = &vfy;
- }
-
- crv = CKR_FUNCTION_FAILED;
- rv = PQG_VerifyParams(&params,verify,&result);
- if (rv == SECSuccess) {
- crv = (result== SECSuccess) ? CKR_OK : CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
-loser:
- if (hAttr) pk11_FreeAttribute(hAttr);
- if (seedAttr) pk11_FreeAttribute(seedAttr);
- if (baseAttr) pk11_FreeAttribute(baseAttr);
- if (subPrimeAttr) pk11_FreeAttribute(subPrimeAttr);
- if (primeAttr) pk11_FreeAttribute(primeAttr);
-
- return crv;
-}
-
-/*
- * check the consistancy and initialize a Key Parameter Object
- */
-static CK_RV
-pk11_handleKeyParameterObject(PK11Session *session, PK11Object *object)
-{
- PK11Attribute *attribute;
- CK_KEY_TYPE key_type;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_RV crv;
-
- /* verify the required fields */
- if ( !pk11_hasAttribute(object,CKA_KEY_TYPE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* now verify the common fields */
- crv = pk11_defaultAttribute(object,CKA_LOCAL,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* get the key type */
- attribute = pk11_FindAttribute(object,CKA_KEY_TYPE);
- key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- switch (key_type) {
- case CKK_DSA:
- return pk11_handleDSAParameterObject(session,object);
-
- default:
- break;
- }
- return CKR_KEY_TYPE_INCONSISTENT;
-}
-
-/*
- * Handle Object does all the object consistancy checks, automatic attribute
- * generation, attribute defaulting, etc. If handleObject succeeds, the object
- * will be assigned an object handle, and the object installed in the session
- * or stored in the DB.
- */
-CK_RV
-pk11_handleObject(PK11Object *object, PK11Session *session)
-{
- PK11Slot *slot = session->slot;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_BBOOL cktrue = CK_TRUE;
- PK11Attribute *attribute;
- CK_RV crv;
-
- /* make sure all the base object types are defined. If not set the
- * defaults */
- crv = pk11_defaultAttribute(object,CKA_TOKEN,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_PRIVATE,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_LABEL,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_MODIFIABLE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* don't create a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- return CKR_USER_NOT_LOGGED_IN;
- }
-
-
- if (((session->info.flags & CKF_RW_SESSION) == 0) &&
- (pk11_isTrue(object,CKA_TOKEN))) {
- return CKR_SESSION_READ_ONLY;
- }
-
- /* PKCS #11 object ID's are unique for all objects on a
- * token */
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- object->handle = slot->tokenIDCount++;
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-
- /* get the object class */
- attribute = pk11_FindAttribute(object,CKA_CLASS);
- if (attribute == NULL) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- object->objclass = *(CK_OBJECT_CLASS *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- /* now handle the specific. Get a session handle for these functions
- * to use */
- switch (object->objclass) {
- case CKO_DATA:
- crv = pk11_handleDataObject(session,object);
- break;
- case CKO_CERTIFICATE:
- crv = pk11_handleCertObject(session,object);
- break;
- case CKO_NETSCAPE_TRUST:
- crv = pk11_handleTrustObject(session,object);
- break;
- case CKO_NETSCAPE_CRL:
- crv = pk11_handleCrlObject(session,object);
- break;
- case CKO_NETSCAPE_SMIME:
- crv = pk11_handleSMimeObject(session,object);
- break;
- case CKO_PRIVATE_KEY:
- case CKO_PUBLIC_KEY:
- case CKO_SECRET_KEY:
- crv = pk11_handleKeyObject(session,object);
- break;
- case CKO_KG_PARAMETERS:
- crv = pk11_handleKeyParameterObject(session,object);
- break;
- default:
- crv = CKR_ATTRIBUTE_VALUE_INVALID;
- break;
- }
-
- /* can't fail from here on out unless the pk_handlXXX functions have
- * failed the request */
- if (crv != CKR_OK) {
- return crv;
- }
-
- /* now link the object into the slot and session structures */
- if (pk11_isToken(object->handle)) {
- pk11_convertSessionToToken(object);
- } else {
- object->slot = slot;
- pk11_AddObject(session,object);
- }
-
- return CKR_OK;
-}
-
-/*
- * ******************** Public Key Utilities ***************************
- */
-/* Generate a low public key structure from an object */
-NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,CK_KEY_TYPE key_type,
- CK_RV *crvp)
-{
- NSSLOWKEYPublicKey *pubKey;
- PLArenaPool *arena;
- CK_RV crv;
-
- if (object->objclass != CKO_PUBLIC_KEY) {
- *crvp = CKR_KEY_TYPE_INCONSISTENT;
- return NULL;
- }
-
- if (pk11_isToken(object->handle)) {
-/* ferret out the token object handle */
- }
-
- /* If we already have a key, use it */
- if (object->objectInfo) {
- *crvp = CKR_OK;
- return (NSSLOWKEYPublicKey *)object->objectInfo;
- }
-
- /* allocate the structure */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- *crvp = CKR_HOST_MEMORY;
- return NULL;
- }
-
- pubKey = (NSSLOWKEYPublicKey *)
- PORT_ArenaAlloc(arena,sizeof(NSSLOWKEYPublicKey));
- if (pubKey == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- *crvp = CKR_HOST_MEMORY;
- return NULL;
- }
-
- /* fill in the structure */
- pubKey->arena = arena;
- switch (key_type) {
- case CKK_RSA:
- pubKey->keyType = NSSLOWKEYRSAKey;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.modulus,
- object,CKA_MODULUS);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.publicExponent,
- object,CKA_PUBLIC_EXPONENT);
- break;
- case CKK_DSA:
- pubKey->keyType = NSSLOWKEYDSAKey;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.subPrime,
- object,CKA_SUBPRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.publicValue,
- object,CKA_VALUE);
- break;
- case CKK_DH:
- pubKey->keyType = NSSLOWKEYDHKey;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.publicValue,
- object,CKA_VALUE);
- break;
-#ifdef NSS_ENABLE_ECC
- case CKK_EC:
- pubKey->keyType = NSSLOWKEYECKey;
- crv = pk11_Attribute2SSecItem(arena,
- &pubKey->u.ec.ecParams.DEREncoding,
- object,CKA_EC_PARAMS);
- if (crv != CKR_OK) break;
-
- /* Fill out the rest of the ecParams structure
- * based on the encoded params
- */
- if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding,
- &pubKey->u.ec.ecParams) != SECSuccess) break;
-
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.ec.publicValue,
- object,CKA_EC_POINT);
- break;
-#endif /* NSS_ENABLE_ECC */
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- *crvp = crv;
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-
- object->objectInfo = pubKey;
- object->infoFree = (PK11Free) nsslowkey_DestroyPublicKey;
- return pubKey;
-}
-
-/* make a private key from a verified object */
-static NSSLOWKEYPrivateKey *
-pk11_mkPrivKey(PK11Object *object, CK_KEY_TYPE key_type, CK_RV *crvp)
-{
- NSSLOWKEYPrivateKey *privKey;
- PLArenaPool *arena;
- CK_RV crv = CKR_OK;
- SECStatus rv;
-
- PORT_Assert(!pk11_isToken(object->handle));
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- *crvp = CKR_HOST_MEMORY;
- return NULL;
- }
-
- privKey = (NSSLOWKEYPrivateKey *)
- PORT_ArenaZAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
- if (privKey == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- *crvp = CKR_HOST_MEMORY;
- return NULL;
- }
-
- /* in future this would be a switch on key_type */
- privKey->arena = arena;
- switch (key_type) {
- case CKK_RSA:
- privKey->keyType = NSSLOWKEYRSAKey;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.modulus,
- object,CKA_MODULUS);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.publicExponent,object,
- CKA_PUBLIC_EXPONENT);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.privateExponent,object,
- CKA_PRIVATE_EXPONENT);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.prime1,object,
- CKA_PRIME_1);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.prime2,object,
- CKA_PRIME_2);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.exponent1,
- object, CKA_EXPONENT_1);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.exponent2,
- object, CKA_EXPONENT_2);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.coefficient,object,
- CKA_COEFFICIENT);
- if (crv != CKR_OK) break;
- rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
- NSSLOWKEY_VERSION);
- if (rv != SECSuccess) crv = CKR_HOST_MEMORY;
- break;
-
- case CKK_DSA:
- privKey->keyType = NSSLOWKEYDSAKey;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.subPrime,
- object,CKA_SUBPRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.privateValue,
- object,CKA_VALUE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.publicValue,
- object,CKA_NETSCAPE_DB);
- /* can't set the public value.... */
- break;
-
- case CKK_DH:
- privKey->keyType = NSSLOWKEYDHKey;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.privateValue,
- object,CKA_VALUE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.publicValue,
- object,CKA_NETSCAPE_DB);
- break;
-
-#ifdef NSS_ENABLE_ECC
- case CKK_EC:
- privKey->keyType = NSSLOWKEYECKey;
- crv = pk11_Attribute2SSecItem(arena,
- &privKey->u.ec.ecParams.DEREncoding,
- object,CKA_EC_PARAMS);
- if (crv != CKR_OK) break;
-
- /* Fill out the rest of the ecParams structure
- * based on the encoded params
- */
- if (EC_FillParams(arena, &privKey->u.ec.ecParams.DEREncoding,
- &privKey->u.ec.ecParams) != SECSuccess) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.ec.privateValue,
- object,CKA_VALUE);
- if (crv != CKR_OK) break;
- /* XXX Why does this break handlePrivateKeyObject ?
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.ec.publicValue,
- object,CKA_NETSCAPE_DB);
- */
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- *crvp = crv;
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- return privKey;
-}
-
-
-/* Generate a low private key structure from an object */
-NSSLOWKEYPrivateKey *
-pk11_GetPrivKey(PK11Object *object,CK_KEY_TYPE key_type, CK_RV *crvp)
-{
- NSSLOWKEYPrivateKey *priv = NULL;
-
- if (object->objclass != CKO_PRIVATE_KEY) {
- *crvp = CKR_KEY_TYPE_INCONSISTENT;
- return NULL;
- }
- if (object->objectInfo) {
- *crvp = CKR_OK;
- return (NSSLOWKEYPrivateKey *)object->objectInfo;
- }
-
- if (pk11_isToken(object->handle)) {
- /* grab it from the data base */
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
-
- PORT_Assert(to);
- PORT_Assert(object->slot->keyDB);
- priv = nsslowkey_FindKeyByPublicKey(object->slot->keyDB, &to->dbKey,
- object->slot->password);
- *crvp = priv ? CKR_OK : CKR_DEVICE_ERROR;
- } else {
- priv = pk11_mkPrivKey(object, key_type, crvp);
- }
- object->objectInfo = priv;
- object->infoFree = (PK11Free) nsslowkey_DestroyPrivateKey;
- return priv;
-}
-
-/*
- **************************** Symetric Key utils ************************
- */
-/*
- * set the DES key with parity bits correctly
- */
-void
-pk11_FormatDESKey(unsigned char *key, int length)
-{
- int i;
-
- /* format the des key */
- for (i=0; i < length; i++) {
- key[i] = parityTable[key[i]>>1];
- }
-}
-
-/*
- * check a des key (des2 or des3 subkey) for weak keys.
- */
-PRBool
-pk11_CheckDESKey(unsigned char *key)
-{
- int i;
-
- /* format the des key with parity */
- pk11_FormatDESKey(key, 8);
-
- for (i=0; i < pk11_desWeakTableSize; i++) {
- if (PORT_Memcmp(key,pk11_desWeakTable[i],8) == 0) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
-/*
- * check if a des or triple des key is weak.
- */
-PRBool
-pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type)
-{
-
- switch(key_type) {
- case CKK_DES:
- return pk11_CheckDESKey(key);
- case CKM_DES2_KEY_GEN:
- if (pk11_CheckDESKey(key)) return PR_TRUE;
- return pk11_CheckDESKey(&key[8]);
- case CKM_DES3_KEY_GEN:
- if (pk11_CheckDESKey(key)) return PR_TRUE;
- if (pk11_CheckDESKey(&key[8])) return PR_TRUE;
- return pk11_CheckDESKey(&key[16]);
- default:
- break;
- }
- return PR_FALSE;
-}
-
-
-/* make a fake private key representing a symmetric key */
-static NSSLOWKEYPrivateKey *
-pk11_mkSecretKeyRep(PK11Object *object)
-{
- NSSLOWKEYPrivateKey *privKey = 0;
- PLArenaPool *arena = 0;
- CK_RV crv;
- SECStatus rv;
- static unsigned char derZero[1] = { 0 };
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
- privKey = (NSSLOWKEYPrivateKey *)
- PORT_ArenaZAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
- if (privKey == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
- privKey->arena = arena;
-
- /* Secret keys are represented in the database as "fake" RSA keys. The RSA key
- * is marked as a secret key representation by setting the public exponent field
- * to 0, which is an invalid RSA exponent. The other fields are set as follows:
- * modulus - CKA_ID value for the secret key
- * private exponent - CKA_VALUE (the key itself)
- * coefficient - CKA_KEY_TYPE, which indicates what encryption algorithm
- * is used for the key.
- * all others - set to integer 0
- */
- privKey->keyType = NSSLOWKEYRSAKey;
-
- /* The modulus is set to the key id of the symmetric key */
- crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.modulus,object,CKA_ID);
- if (crv != CKR_OK) goto loser;
-
- /* The public exponent is set to 0 length to indicate a special key */
- privKey->u.rsa.publicExponent.len = sizeof derZero;
- privKey->u.rsa.publicExponent.data = derZero;
-
- /* The private exponent is the actual key value */
- crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.privateExponent,object,CKA_VALUE);
- if (crv != CKR_OK) goto loser;
-
- /* All other fields empty - needs testing */
- privKey->u.rsa.prime1.len = sizeof derZero;
- privKey->u.rsa.prime1.data = derZero;
-
- privKey->u.rsa.prime2.len = sizeof derZero;
- privKey->u.rsa.prime2.data = derZero;
-
- privKey->u.rsa.exponent1.len = sizeof derZero;
- privKey->u.rsa.exponent1.data = derZero;
-
- privKey->u.rsa.exponent2.len = sizeof derZero;
- privKey->u.rsa.exponent2.data = derZero;
-
- /* Coeficient set to KEY_TYPE */
- crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.coefficient,object,CKA_KEY_TYPE);
- if (crv != CKR_OK) goto loser;
-
- /* Private key version field set normally for compatibility */
- rv = DER_SetUInteger(privKey->arena,
- &privKey->u.rsa.version, NSSLOWKEY_VERSION);
- if (rv != SECSuccess) { crv = CKR_HOST_MEMORY; goto loser; }
-
-loser:
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- privKey = 0;
- }
-
- return privKey;
-}
-
-static PRBool
-isSecretKey(NSSLOWKEYPrivateKey *privKey)
-{
- if (privKey->keyType == NSSLOWKEYRSAKey &&
- privKey->u.rsa.publicExponent.len == 1 &&
- privKey->u.rsa.publicExponent.data[0] == 0)
- return PR_TRUE;
-
- return PR_FALSE;
-}
-
-/**********************************************************************
- *
- * Start of PKCS 11 functions
- *
- **********************************************************************/
-
-
-/* return the function list */
-CK_RV NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
-{
- *pFunctionList = (CK_FUNCTION_LIST_PTR) &pk11_funcList;
- return CKR_OK;
-}
-
-/* return the function list */
-CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
-{
- return NSC_GetFunctionList(pFunctionList);
-}
-
-static PLHashNumber
-pk11_HashNumber(const void *key)
-{
- return (PLHashNumber) key;
-}
-
-/*
- * eventually I'd like to expunge all occurances of XXX_SLOT_ID and
- * just go with the info in the slot. This is one place, however,
- * where it might be a little difficult.
- */
-const char *
-pk11_getDefTokName(CK_SLOT_ID slotID)
-{
- static char buf[33];
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- return "NSS Generic Crypto Services ";
- case PRIVATE_KEY_SLOT_ID:
- return "NSS Certificate DB ";
- case FIPS_SLOT_ID:
- return "NSS FIPS-140-1 Certificate DB ";
- default:
- break;
- }
- sprintf(buf,"NSS Application Token %08x ",(unsigned int) slotID);
- return buf;
-}
-
-const char *
-pk11_getDefSlotName(CK_SLOT_ID slotID)
-{
- static char buf[65];
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- return
- "NSS Internal Cryptographic Services ";
- case PRIVATE_KEY_SLOT_ID:
- return
- "NSS User Private Key and Certificate Services ";
- case FIPS_SLOT_ID:
- return
- "Netscape FIPS-140-1 User Private Key Services ";
- default:
- break;
- }
- sprintf(buf,
- "NSS Application Slot %08x ",
- (unsigned int) slotID);
- return buf;
-}
-
-static CK_ULONG nscSlotCount[2] = {0 , 0};
-static CK_SLOT_ID_PTR nscSlotList[2] = {NULL, NULL};
-static CK_ULONG nscSlotListSize[2] = {0, 0};
-static PLHashTable *nscSlotHashTable[2] = {NULL, NULL};
-
-static int
-pk11_GetModuleIndex(CK_SLOT_ID slotID)
-{
- if ((slotID == FIPS_SLOT_ID) || (slotID > 100)) {
- return NSC_FIPS_MODULE;
- }
- return NSC_NON_FIPS_MODULE;
-}
-
-/* look up a slot structure from the ID (used to be a macro when we only
- * had two slots) */
-PK11Slot *
-pk11_SlotFromID(CK_SLOT_ID slotID)
-{
- int index = pk11_GetModuleIndex(slotID);
- return (PK11Slot *)PL_HashTableLookupConst(nscSlotHashTable[index],
- (void *)slotID);
-}
-
-PK11Slot *
-pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle)
-{
- CK_ULONG slotIDIndex = (handle >> 24) & 0x7f;
- CK_ULONG moduleIndex = (handle >> 31) & 1;
-
- if (slotIDIndex >= nscSlotCount[moduleIndex]) {
- return NULL;
- }
-
- return pk11_SlotFromID(nscSlotList[moduleIndex][slotIDIndex]);
-}
-
-PK11Slot * pk11_NewSlotFromID(CK_SLOT_ID slotID, int moduleIndex)
-{
- PK11Slot *slot = NULL;
- PLHashEntry *entry;
- int index;
-
- index = pk11_GetModuleIndex(slotID);
-
- /* make sure the slotID for this module is valid */
- if (moduleIndex != index) {
- return NULL;
- }
-
- if (nscSlotList[index] == NULL) {
- nscSlotListSize[index] = NSC_SLOT_LIST_BLOCK_SIZE;
- nscSlotList[index] = (CK_SLOT_ID *)
- PORT_ZAlloc(nscSlotListSize[index]*sizeof(CK_SLOT_ID));
- if (nscSlotList[index] == NULL) {
- return NULL;
- }
- }
- if (nscSlotCount[index] >= nscSlotListSize[index]) {
- CK_SLOT_ID* oldNscSlotList = nscSlotList[index];
- CK_ULONG oldNscSlotListSize = nscSlotListSize[index];
- nscSlotListSize[index] += NSC_SLOT_LIST_BLOCK_SIZE;
- nscSlotList[index] = (CK_SLOT_ID *) PORT_Realloc(oldNscSlotList,
- nscSlotListSize[index]*sizeof(CK_SLOT_ID));
- if (nscSlotList[index] == NULL) {
- nscSlotList[index] = oldNscSlotList;
- nscSlotListSize[index] = oldNscSlotListSize;
- return NULL;
- }
- }
-
- if (nscSlotHashTable[index] == NULL) {
- nscSlotHashTable[index] = PL_NewHashTable(64,pk11_HashNumber,
- PL_CompareValues, PL_CompareValues, NULL, 0);
- if (nscSlotHashTable[index] == NULL) {
- return NULL;
- }
- }
-
- slot = (PK11Slot *) PORT_ZAlloc(sizeof(PK11Slot));
- if (slot == NULL) {
- return NULL;
- }
-
- entry = PL_HashTableAdd(nscSlotHashTable[index],(void *)slotID,slot);
- if (entry == NULL) {
- PORT_Free(slot);
- return NULL;
- }
- slot->index = (nscSlotCount[index] & 0x7f) | ((index << 7) & 0x80);
- nscSlotList[index][nscSlotCount[index]++] = slotID;
-
- return slot;
-}
-
-static SECStatus
-pk11_set_user(NSSLOWCERTCertificate *cert, SECItem *dummy, void *arg)
-{
- PK11Slot *slot = (PK11Slot *)arg;
- NSSLOWCERTCertTrust trust = *cert->trust;
-
- if (nsslowkey_KeyForCertExists(slot->keyDB,cert)) {
- trust.sslFlags |= CERTDB_USER;
- trust.emailFlags |= CERTDB_USER;
- trust.objectSigningFlags |= CERTDB_USER;
- } else {
- trust.sslFlags &= ~CERTDB_USER;
- trust.emailFlags &= ~CERTDB_USER;
- trust.objectSigningFlags &= ~CERTDB_USER;
- }
-
- if (PORT_Memcmp(&trust,cert->trust, sizeof (trust)) != 0) {
- nsslowcert_ChangeCertTrust(slot->certDB,cert, &trust);
- }
-
- /* should check for email address and make sure we have an s/mime profile */
- return SECSuccess;
-}
-
-static void
-pk11_DBVerify(PK11Slot *slot)
-{
- /* walk through all the certs and check to see if there are any
- * user certs, and make sure there are s/mime profiles for all certs with
- * email addresses */
- nsslowcert_TraversePermCerts(slot->certDB,pk11_set_user,slot);
-
- return;
-}
-
-/*
- * initialize one of the slot structures. figure out which by the ID
- */
-CK_RV
-PK11_SlotInit(char *configdir,pk11_token_parameters *params, int moduleIndex)
-{
- unsigned int i;
- CK_SLOT_ID slotID = params->slotID;
- PK11Slot *slot = pk11_NewSlotFromID(slotID, moduleIndex);
- PRBool needLogin = !params->noKeyDB;
- CK_RV crv;
-
- if (slot == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- slot->optimizeSpace = params->optimizeSpace;
- if (slot->optimizeSpace) {
- slot->tokObjHashSize = SPACE_TOKEN_OBJECT_HASH_SIZE;
- slot->sessHashSize = SPACE_SESSION_HASH_SIZE;
- slot->numSessionLocks = 1;
- } else {
- slot->tokObjHashSize = TIME_TOKEN_OBJECT_HASH_SIZE;
- slot->sessHashSize = TIME_SESSION_HASH_SIZE;
- slot->numSessionLocks = slot->sessHashSize/BUCKETS_PER_SESSION_LOCK;
- }
- slot->sessionLockMask = slot->numSessionLocks-1;
-
-#ifdef PKCS11_USE_THREADS
- slot->slotLock = PZ_NewLock(nssILockSession);
- if (slot->slotLock == NULL) {
- return CKR_HOST_MEMORY;
- }
- slot->sessionLock = (PZLock **)
- PORT_ZAlloc(slot->numSessionLocks * sizeof(PZLock *));
- if (slot->sessionLock == NULL) {
- return CKR_HOST_MEMORY;
- }
- for (i=0; i < slot->numSessionLocks; i++) {
- slot->sessionLock[i] = PZ_NewLock(nssILockSession);
- if (slot->sessionLock[i] == NULL) return CKR_HOST_MEMORY;
- }
- slot->objectLock = PZ_NewLock(nssILockObject);
- if (slot->objectLock == NULL) return CKR_HOST_MEMORY;
-#else
- slot->slotLock = NULL;
- slot->sessionLock = (PZLock **)
- PORT_ZAlloc(slot->numSessionLocks * sizeof(PZLock *));
- if (slot->sessionLock == NULL) {
- return CKR_HOST_MEMORY;
- }
- for (i=0; i < slot->numSessionLocks; i++) {
- slot->sessionLock[i] = NULL;
- }
- slot->objectLock = NULL;
-#endif
- slot->head = (PK11Session **)
- PORT_ZAlloc(slot->sessHashSize*sizeof(PK11Session *));
- if (slot->head == NULL) {
- return CKR_HOST_MEMORY;
- }
- slot->tokObjects = (PK11Object **)
- PORT_ZAlloc(slot->tokObjHashSize*sizeof(PK11Object *));
- if (slot->tokObjects == NULL) {
- return CKR_HOST_MEMORY;
- }
- slot->tokenHashTable = PL_NewHashTable(64,pk11_HashNumber,PL_CompareValues,
- SECITEM_HashCompare, NULL, 0);
- if (slot->tokenHashTable == NULL) {
- return CKR_HOST_MEMORY;
- }
- slot->password = NULL;
- slot->hasTokens = PR_FALSE;
- slot->sessionIDCount = 0;
- slot->sessionIDConflict = 0;
- slot->sessionCount = 0;
- slot->rwSessionCount = 0;
- slot->tokenIDCount = 1;
- slot->needLogin = PR_FALSE;
- slot->isLoggedIn = PR_FALSE;
- slot->ssoLoggedIn = PR_FALSE;
- slot->DB_loaded = PR_FALSE;
- slot->slotID = slotID;
- slot->certDB = NULL;
- slot->keyDB = NULL;
- slot->minimumPinLen = 0;
- slot->readOnly = params->readOnly;
- pk11_setStringName(params->tokdes ? params->tokdes :
- pk11_getDefTokName(slotID), slot->tokDescription,
- sizeof(slot->tokDescription));
- pk11_setStringName(params->slotdes ? params->slotdes :
- pk11_getDefSlotName(slotID), slot->slotDescription,
- sizeof(slot->slotDescription));
-
- if ((!params->noCertDB) || (!params->noKeyDB)) {
- crv = pk11_DBInit(params->configdir ? params->configdir : configdir,
- params->certPrefix, params->keyPrefix, params->readOnly,
- params->noCertDB, params->noKeyDB, params->forceOpen,
- &slot->certDB, &slot->keyDB);
- if (crv != CKR_OK) {
- /* shoutdown slot? */
- return crv;
- }
-
- if (nsslowcert_needDBVerify(slot->certDB)) {
- pk11_DBVerify(slot);
- }
- }
- if (needLogin) {
- /* if the data base is initialized with a null password,remember that */
- slot->needLogin =
- (PRBool)!pk11_hasNullPassword(slot->keyDB,&slot->password);
- if (params->minPW <= PK11_MAX_PIN) {
- slot->minimumPinLen = params->minPW;
- }
- if ((slot->minimumPinLen == 0) && (params->pwRequired) &&
- (slot->minimumPinLen <= PK11_MAX_PIN)) {
- slot->minimumPinLen = 1;
- }
- }
- return CKR_OK;
-}
-
-static PRIntn
-pk11_freeHashItem(PLHashEntry* entry, PRIntn index, void *arg)
-{
- SECItem *item = (SECItem *)entry->value;
-
- SECITEM_FreeItem(item, PR_TRUE);
- return HT_ENUMERATE_NEXT;
-}
-
-/*
- * initialize one of the slot structures. figure out which by the ID
- */
-static CK_RV
-pk11_DestroySlotData(PK11Slot *slot)
-{
- unsigned int i;
-
-#ifdef PKCS11_USE_THREADS
- if (slot->slotLock) {
- PZ_DestroyLock(slot->slotLock);
- slot->slotLock = NULL;
- }
- if (slot->sessionLock) {
- for (i=0; i < slot->numSessionLocks; i++) {
- if (slot->sessionLock[i]) {
- PZ_DestroyLock(slot->sessionLock[i]);
- slot->sessionLock[i] = NULL;
- }
- }
- }
- if (slot->objectLock) {
- PZ_DestroyLock(slot->objectLock);
- slot->objectLock = NULL;
- }
-#endif
- if (slot->sessionLock) {
- PORT_Free(slot->sessionLock);
- slot->sessionLock = NULL;
- }
-
- if (slot->tokenHashTable) {
- PL_HashTableEnumerateEntries(slot->tokenHashTable,
- pk11_freeHashItem,NULL);
- PL_HashTableDestroy(slot->tokenHashTable);
- slot->tokenHashTable = NULL;
- }
-
- if (slot->tokObjects) {
- for(i=0; i < slot->tokObjHashSize; i++) {
- PK11Object *object = slot->tokObjects[i];
- slot->tokObjects[i] = NULL;
- if (object) pk11_FreeObject(object);
- }
- PORT_Free(slot->tokObjects);
- slot->tokObjects = NULL;
- }
- slot->tokObjHashSize = 0;
- if (slot->head) {
- for(i=0; i < slot->sessHashSize; i++) {
- PK11Session *session = slot->head[i];
- slot->head[i] = NULL;
- if (session) pk11_FreeSession(session);
- }
- PORT_Free(slot->head);
- slot->head = NULL;
- }
- slot->sessHashSize = 0;
- pk11_DBShutdown(slot->certDB,slot->keyDB);
-
- PORT_Free(slot);
- return CKR_OK;
-}
-
-/*
- * handle the SECMOD.db
- */
-char **
-NSC_ModuleDBFunc(unsigned long function,char *parameters, void *args)
-{
- char *secmod = NULL;
- char *appName = NULL;
- char *filename = NULL;
- PRBool rw;
- static char *success="Success";
- char **rvstr = NULL;
-
- secmod = secmod_getSecmodName(parameters,&appName,&filename, &rw);
-
- switch (function) {
- case SECMOD_MODULE_DB_FUNCTION_FIND:
- rvstr = secmod_ReadPermDB(appName,filename,secmod,(char *)parameters,rw);
- break;
- case SECMOD_MODULE_DB_FUNCTION_ADD:
- rvstr = (secmod_AddPermDB(appName,filename,secmod,(char *)args,rw)
- == SECSuccess) ? &success: NULL;
- break;
- case SECMOD_MODULE_DB_FUNCTION_DEL:
- rvstr = (secmod_DeletePermDB(appName,filename,secmod,(char *)args,rw)
- == SECSuccess) ? &success: NULL;
- break;
- case SECMOD_MODULE_DB_FUNCTION_RELEASE:
- rvstr = (secmod_ReleasePermDBData(appName,filename,secmod,
- (char **)args,rw) == SECSuccess) ? &success: NULL;
- break;
- }
- if (secmod) PR_smprintf_free(secmod);
- if (appName) PORT_Free(appName);
- if (filename) PORT_Free(filename);
- return rvstr;
-}
-
-static void nscFreeAllSlots(int moduleIndex)
-{
- /* free all the slots */
- PK11Slot *slot = NULL;
- CK_SLOT_ID slotID;
- int i;
-
- if (nscSlotList[moduleIndex]) {
- CK_ULONG tmpSlotCount = nscSlotCount[moduleIndex];
- CK_SLOT_ID_PTR tmpSlotList = nscSlotList[moduleIndex];
- PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
-
- /* first close all the session */
- for (i=0; i < (int) tmpSlotCount; i++) {
- slotID = tmpSlotList[i];
- (void) NSC_CloseAllSessions(slotID);
- }
-
- /* now clear out the statics */
- nscSlotList[moduleIndex] = NULL;
- nscSlotCount[moduleIndex] = 0;
- nscSlotHashTable[moduleIndex] = NULL;
- nscSlotListSize[moduleIndex] = 0;
-
- for (i=0; i < (int) tmpSlotCount; i++) {
- slotID = tmpSlotList[i];
- slot = (PK11Slot *)
- PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
- PORT_Assert(slot);
- if (!slot) continue;
- pk11_DestroySlotData(slot);
- PL_HashTableRemove(tmpSlotHashTable, (void *)slotID);
- }
- PORT_Free(tmpSlotList);
- PL_HashTableDestroy(tmpSlotHashTable);
- }
-}
-
-static void
-pk11_closePeer(PRBool isFIPS)
-{
- CK_SLOT_ID slotID = isFIPS ? PRIVATE_KEY_SLOT_ID: FIPS_SLOT_ID;
- PK11Slot *slot;
- int moduleIndex = isFIPS? NSC_NON_FIPS_MODULE : NSC_FIPS_MODULE;
- PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
-
- slot = (PK11Slot *) PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
- if (slot == NULL) {
- return;
- }
- pk11_DBShutdown(slot->certDB,slot->keyDB);
- slot->certDB = NULL;
- slot->keyDB = NULL;
- return;
-}
-
-static PRBool nsc_init = PR_FALSE;
-extern SECStatus secoid_Init(void);
-
-/* NSC_Initialize initializes the Cryptoki library. */
-CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS)
-{
- CK_RV crv = CKR_OK;
- SECStatus rv;
- CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *) pReserved;
- int i;
- int moduleIndex = isFIPS? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE;
-
-
- if (isFIPS) {
- /* make sure that our check file signatures are OK */
- if (!BLAPI_VerifySelf(NULL) ||
- !BLAPI_SHVerify(SOFTOKEN_LIB_NAME, (PRFuncPtr) pk11_closePeer)) {
- crv = CKR_DEVICE_ERROR; /* better error code? checksum error? */
- return crv;
- }
- }
-
- rv = secoid_Init();
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- return crv;
- }
-
- rv = RNG_RNGInit(); /* initialize random number generator */
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- return crv;
- }
- RNG_SystemInfoForRNG();
-
-
- /* NOTE:
- * we should be getting out mutexes from this list, not statically binding
- * them from NSPR. This should happen before we allow the internal to split
- * off from the rest on NSS.
- */
-
- /* initialize the key and cert db's */
- nsslowkey_SetDefaultKeyDBAlg
- (SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC);
- crv = CKR_ARGUMENTS_BAD;
- if ((init_args && init_args->LibraryParameters)) {
- pk11_parameters paramStrings;
-
- crv = secmod_parseParameters
- ((char *)init_args->LibraryParameters, &paramStrings, isFIPS);
- if (crv != CKR_OK) {
- return crv;
- }
- crv = pk11_configure(paramStrings.man, paramStrings.libdes);
- if (crv != CKR_OK) {
- goto loser;
- }
-
- /* if we have a peer already open, have him close his DB's so we
- * don't clobber each other. */
- if ((isFIPS && nsc_init) || (!isFIPS && nsf_init)) {
- pk11_closePeer(isFIPS);
- }
-
- for (i=0; i < paramStrings.token_count; i++) {
- crv =
- PK11_SlotInit(paramStrings.configdir, &paramStrings.tokens[i],
- moduleIndex);
- if (crv != CKR_OK) {
- nscFreeAllSlots(moduleIndex);
- break;
- }
- }
-loser:
- secmod_freeParams(&paramStrings);
- }
-
- return crv;
-}
-
-CK_RV NSC_Initialize(CK_VOID_PTR pReserved)
-{
- CK_RV crv;
- if (nsc_init) {
- return CKR_CRYPTOKI_ALREADY_INITIALIZED;
- }
- crv = nsc_CommonInitialize(pReserved,PR_FALSE);
- nsc_init = (PRBool) (crv == CKR_OK);
- return crv;
-}
-
-extern SECStatus SECOID_Shutdown(void);
-
-/* NSC_Finalize indicates that an application is done with the
- * Cryptoki library.*/
-CK_RV nsc_CommonFinalize (CK_VOID_PTR pReserved, PRBool isFIPS)
-{
-
-
- nscFreeAllSlots(isFIPS ? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE);
-
- /* don't muck with the globals is our peer is still initialized */
- if (isFIPS && nsc_init) {
- return CKR_OK;
- }
- if (!isFIPS && nsf_init) {
- return CKR_OK;
- }
-
- nsslowcert_DestroyGlobalLocks();
-
-#ifdef LEAK_TEST
- /*
- * do we really want to throw away all our hard earned entropy here!!?
- * No we don't! Not calling RNG_RNGShutdown only 'leaks' data on the
- * initial call to RNG_Init(). So the only reason to call this is to clean
- * up leak detection warnings on shutdown. In many cases we *don't* want
- * to free up the global RNG context because the application has Finalized
- * simply to swap profiles. We don't want to loose the entropy we've
- * already collected.
- */
- RNG_RNGShutdown();
-#endif
-
- pk11_CleanupFreeLists();
- /* tell freeBL to clean up after itself */
- BL_Cleanup();
- /* clean up the default OID table */
- SECOID_Shutdown();
- nsc_init = PR_FALSE;
-
- return CKR_OK;
-}
-
-/* NSC_Finalize indicates that an application is done with the
- * Cryptoki library.*/
-CK_RV NSC_Finalize (CK_VOID_PTR pReserved)
-{
- CK_RV crv;
-
- if (!nsc_init) {
- return CKR_OK;
- }
-
- crv = nsc_CommonFinalize (pReserved, PR_FALSE);
-
- nsc_init = (PRBool) !(crv == CKR_OK);
-
- return crv;
-}
-
-extern const char __nss_softokn_rcsid[];
-extern const char __nss_softokn_sccsid[];
-
-/* NSC_GetInfo returns general information about Cryptoki. */
-CK_RV NSC_GetInfo(CK_INFO_PTR pInfo)
-{
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_softokn_rcsid[0] + __nss_softokn_sccsid[0];
- pInfo->cryptokiVersion.major = 2;
- pInfo->cryptokiVersion.minor = 11;
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- pInfo->libraryVersion.major = 3;
- pInfo->libraryVersion.minor = 8;
- PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
- pInfo->flags = 0;
- return CKR_OK;
-}
-
-
-/* NSC_GetSlotList obtains a list of slots in the system. */
-CK_RV nsc_CommonGetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex)
-{
- *pulCount = nscSlotCount[moduleIndex];
- if (pSlotList != NULL) {
- PORT_Memcpy(pSlotList,nscSlotList[moduleIndex],
- nscSlotCount[moduleIndex]*sizeof(CK_SLOT_ID));
- }
- return CKR_OK;
-}
-
-/* NSC_GetSlotList obtains a list of slots in the system. */
-CK_RV NSC_GetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
-{
- return nsc_CommonGetSlotList(tokenPresent, pSlotList, pulCount,
- NSC_NON_FIPS_MODULE);
-}
-
-/* NSC_GetSlotInfo obtains information about a particular slot in the system. */
-CK_RV NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
-{
- PK11Slot *slot = pk11_SlotFromID(slotID);
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- pInfo->firmwareVersion.major = 0;
- pInfo->firmwareVersion.minor = 0;
-
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- PORT_Memcpy(pInfo->slotDescription,slot->slotDescription,64);
- pInfo->flags = CKF_TOKEN_PRESENT;
- /* ok we really should read it out of the keydb file. */
- /* pInfo->hardwareVersion.major = NSSLOWKEY_DB_FILE_VERSION; */
- pInfo->hardwareVersion.major = 3;
- pInfo->hardwareVersion.minor = 8;
- return CKR_OK;
-}
-
-#define CKF_THREAD_SAFE 0x8000 /* for now */
-/*
- * check the current state of the 'needLogin' flag in case the database has
- * been changed underneath us.
- */
-static PRBool
-pk11_checkNeedLogin(PK11Slot *slot)
-{
- if (slot->password) {
- if (nsslowkey_CheckKeyDBPassword(slot->keyDB,slot->password)
- == SECSuccess) {
- return slot->needLogin;
- } else {
- SECITEM_FreeItem(slot->password, PR_TRUE);
- slot->password = NULL;
- slot->isLoggedIn = PR_FALSE;
- }
- }
- slot->needLogin =
- (PRBool)!pk11_hasNullPassword(slot->keyDB,&slot->password);
- return (slot->needLogin);
-}
-
-/* NSC_GetTokenInfo obtains information about a particular token in
- * the system. */
-CK_RV NSC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo)
-{
- PK11Slot *slot = pk11_SlotFromID(slotID);
- NSSLOWKEYDBHandle *handle;
-
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- PORT_Memcpy(pInfo->model,"NSS 3 ",16);
- PORT_Memcpy(pInfo->serialNumber,"0000000000000000",16);
- pInfo->ulMaxSessionCount = 0; /* arbitrarily large */
- pInfo->ulSessionCount = slot->sessionCount;
- pInfo->ulMaxRwSessionCount = 0; /* arbitarily large */
- pInfo->ulRwSessionCount = slot->rwSessionCount;
- pInfo->firmwareVersion.major = 0;
- pInfo->firmwareVersion.minor = 0;
- PORT_Memcpy(pInfo->label,slot->tokDescription,32);
- handle = slot->keyDB;
- if (handle == NULL) {
- pInfo->flags= CKF_RNG | CKF_WRITE_PROTECTED | CKF_THREAD_SAFE;
- pInfo->ulMaxPinLen = 0;
- pInfo->ulMinPinLen = 0;
- pInfo->ulTotalPublicMemory = 0;
- pInfo->ulFreePublicMemory = 0;
- pInfo->ulTotalPrivateMemory = 0;
- pInfo->ulFreePrivateMemory = 0;
- pInfo->hardwareVersion.major = 4;
- pInfo->hardwareVersion.minor = 0;
- } else {
- /*
- * we have three possible states which we may be in:
- * (1) No DB password has been initialized. This also means we
- * have no keys in the key db.
- * (2) Password initialized to NULL. This means we have keys, but
- * the user has chosen not use a password.
- * (3) Finally we have an initialized password whicn is not NULL, and
- * we will need to prompt for it.
- */
- if (nsslowkey_HasKeyDBPassword(handle) == SECFailure) {
- pInfo->flags = CKF_THREAD_SAFE | CKF_LOGIN_REQUIRED;
- } else if (!pk11_checkNeedLogin(slot)) {
- pInfo->flags = CKF_THREAD_SAFE | CKF_USER_PIN_INITIALIZED;
- } else {
- pInfo->flags = CKF_THREAD_SAFE |
- CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED;
- }
- pInfo->ulMaxPinLen = PK11_MAX_PIN;
- pInfo->ulMinPinLen = 0;
- if (slot->minimumPinLen > 0) {
- pInfo->ulMinPinLen = (CK_ULONG)slot->minimumPinLen;
- }
- pInfo->ulTotalPublicMemory = 1;
- pInfo->ulFreePublicMemory = 1;
- pInfo->ulTotalPrivateMemory = 1;
- pInfo->ulFreePrivateMemory = 1;
- pInfo->hardwareVersion.major = CERT_DB_FILE_VERSION;
- pInfo->hardwareVersion.minor = handle->version;
- }
- return CKR_OK;
-}
-
-/* NSC_GetMechanismList obtains a list of mechanism types
- * supported by a token. */
-CK_RV NSC_GetMechanismList(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount)
-{
- CK_ULONG i;
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- *pulCount = mechanismCount;
- if (pMechanismList != NULL) {
- for (i=0; i < mechanismCount; i++) {
- pMechanismList[i] = mechanisms[i].type;
- }
- }
- break;
- default:
- *pulCount = 0;
- for (i=0; i < mechanismCount; i++) {
- if (mechanisms[i].privkey) {
- (*pulCount)++;
- if (pMechanismList != NULL) {
- *pMechanismList++ = mechanisms[i].type;
- }
- }
- }
- break;
- }
- return CKR_OK;
-}
-
-
-/* NSC_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
-CK_RV NSC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo)
-{
- PRBool isPrivateKey;
- CK_ULONG i;
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- isPrivateKey = PR_FALSE;
- break;
- default:
- isPrivateKey = PR_TRUE;
- break;
- }
- for (i=0; i < mechanismCount; i++) {
- if (type == mechanisms[i].type) {
- if (isPrivateKey && !mechanisms[i].privkey) {
- return CKR_MECHANISM_INVALID;
- }
- PORT_Memcpy(pInfo,&mechanisms[i].info, sizeof(CK_MECHANISM_INFO));
- return CKR_OK;
- }
- }
- return CKR_MECHANISM_INVALID;
-}
-
-CK_RV pk11_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op)
-{
- CK_ULONG i;
- CK_FLAGS flags;
-
- switch (op) {
- case CKA_ENCRYPT: flags = CKF_ENCRYPT; break;
- case CKA_DECRYPT: flags = CKF_DECRYPT; break;
- case CKA_WRAP: flags = CKF_WRAP; break;
- case CKA_UNWRAP: flags = CKF_UNWRAP; break;
- case CKA_SIGN: flags = CKF_SIGN; break;
- case CKA_SIGN_RECOVER: flags = CKF_SIGN_RECOVER; break;
- case CKA_VERIFY: flags = CKF_VERIFY; break;
- case CKA_VERIFY_RECOVER: flags = CKF_VERIFY_RECOVER; break;
- case CKA_DERIVE: flags = CKF_DERIVE; break;
- default:
- return CKR_ARGUMENTS_BAD;
- }
- for (i=0; i < mechanismCount; i++) {
- if (type == mechanisms[i].type) {
- return (flags & mechanisms[i].info.flags) ? CKR_OK
- : CKR_MECHANISM_INVALID;
- }
- }
- return CKR_MECHANISM_INVALID;
-}
-
-
-static SECStatus
-pk11_TurnOffUser(NSSLOWCERTCertificate *cert, SECItem *k, void *arg)
-{
- NSSLOWCERTCertTrust trust;
- SECStatus rv;
-
- rv = nsslowcert_GetCertTrust(cert,&trust);
- if (rv == SECSuccess && ((trust.emailFlags & CERTDB_USER) ||
- (trust.sslFlags & CERTDB_USER) ||
- (trust.objectSigningFlags & CERTDB_USER))) {
- trust.emailFlags &= ~CERTDB_USER;
- trust.sslFlags &= ~CERTDB_USER;
- trust.objectSigningFlags &= ~CERTDB_USER;
- nsslowcert_ChangeCertTrust(cert->dbhandle,cert,&trust);
- }
- return SECSuccess;
-}
-
-/* NSC_InitToken initializes a token. */
-CK_RV NSC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,CK_CHAR_PTR pLabel) {
- PK11Slot *slot = pk11_SlotFromID(slotID);
- NSSLOWKEYDBHandle *handle;
- NSSLOWCERTCertDBHandle *certHandle;
- SECStatus rv;
- unsigned int i;
- PK11Object *object;
-
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- /* don't initialize the database if we aren't talking to a token
- * that uses the key database.
- */
- if (slotID == NETSCAPE_SLOT_ID) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* first, delete all our loaded key and cert objects from our
- * internal list. */
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- for (i=0; i < slot->tokObjHashSize; i++) {
- do {
- object = slot->tokObjects[i];
- /* hand deque */
- /* this duplicates function of NSC_close session functions, but
- * because we know that we are freeing all the sessions, we can
- * do more efficient processing */
- if (object) {
- slot->tokObjects[i] = object->next;
-
- if (object->next) object->next->prev = NULL;
- object->next = object->prev = NULL;
- }
- if (object) pk11_FreeObject(object);
- } while (object != NULL);
- }
- slot->DB_loaded = PR_FALSE;
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-
- /* then clear out the key database */
- handle = slot->keyDB;
- if (handle == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* what to do on an error here? */
- rv = nsslowkey_ResetKeyDB(handle);
-
- /* finally mark all the user certs as non-user certs */
- certHandle = slot->certDB;
- if (certHandle == NULL) return CKR_OK;
-
- nsslowcert_TraversePermCerts(certHandle,pk11_TurnOffUser, NULL);
-
- return CKR_OK; /*is this the right function for not implemented*/
-}
-
-
-/* NSC_InitPIN initializes the normal user's PIN. */
-CK_RV NSC_InitPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
-{
- PK11Session *sp;
- PK11Slot *slot;
- NSSLOWKEYDBHandle *handle;
- SECItem *newPin;
- char newPinStr[PK11_MAX_PIN+1];
- SECStatus rv;
-
-
- sp = pk11_SessionFromHandle(hSession);
- if (sp == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- slot = pk11_SlotFromSession(sp);
- if (slot == NULL) {
- pk11_FreeSession(sp);
- return CKR_SESSION_HANDLE_INVALID;;
- }
-
- handle = slot->keyDB;
- if (handle == NULL) {
- pk11_FreeSession(sp);
- return CKR_PIN_LEN_RANGE;
- }
-
-
- if (sp->info.state != CKS_RW_SO_FUNCTIONS) {
- pk11_FreeSession(sp);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- pk11_FreeSession(sp);
-
- /* make sure the pins aren't too long */
- if (ulPinLen > PK11_MAX_PIN) {
- return CKR_PIN_LEN_RANGE;
- }
- if (ulPinLen < (CK_ULONG)slot->minimumPinLen) {
- return CKR_PIN_LEN_RANGE;
- }
-
- if (nsslowkey_HasKeyDBPassword(handle) != SECFailure) {
- return CKR_DEVICE_ERROR;
- }
-
- /* convert to null terminated string */
- PORT_Memcpy(newPinStr,pPin,ulPinLen);
- newPinStr[ulPinLen] = 0;
-
- /* build the hashed pins which we pass around */
- newPin = nsslowkey_HashPassword(newPinStr,handle->global_salt);
- PORT_Memset(newPinStr,0,sizeof(newPinStr));
-
- /* change the data base */
- rv = nsslowkey_SetKeyDBPassword(handle,newPin);
-
- /* Now update our local copy of the pin */
- if (rv == SECSuccess) {
- if (slot->password) {
- SECITEM_ZfreeItem(slot->password, PR_TRUE);
- }
- slot->password = newPin;
- if (ulPinLen == 0) slot->needLogin = PR_FALSE;
- return CKR_OK;
- }
- SECITEM_ZfreeItem(newPin, PR_TRUE);
- return CKR_PIN_INCORRECT;
-}
-
-
-/* NSC_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
-CK_RV NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen, CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
-{
- PK11Session *sp;
- PK11Slot *slot;
- NSSLOWKEYDBHandle *handle;
- SECItem *newPin;
- SECItem *oldPin;
- char newPinStr[PK11_MAX_PIN+1],oldPinStr[PK11_MAX_PIN+1];
- SECStatus rv;
-
-
- sp = pk11_SessionFromHandle(hSession);
- if (sp == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- slot = pk11_SlotFromSession(sp);
- if (!slot) {
- pk11_FreeSession(sp);
- return CKR_SESSION_HANDLE_INVALID;;
- }
-
- handle = slot->keyDB;
- if (handle == NULL) {
- pk11_FreeSession(sp);
- return CKR_PIN_LEN_RANGE;
- }
-
- if (slot->needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
- pk11_FreeSession(sp);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- pk11_FreeSession(sp);
-
- /* make sure the pins aren't too long */
- if ((ulNewLen > PK11_MAX_PIN) || (ulOldLen > PK11_MAX_PIN)) {
- return CKR_PIN_LEN_RANGE;
- }
- if (ulNewLen < (CK_ULONG)slot->minimumPinLen) {
- return CKR_PIN_LEN_RANGE;
- }
-
-
- /* convert to null terminated string */
- PORT_Memcpy(newPinStr,pNewPin,ulNewLen);
- newPinStr[ulNewLen] = 0;
- PORT_Memcpy(oldPinStr,pOldPin,ulOldLen);
- oldPinStr[ulOldLen] = 0;
-
- /* build the hashed pins which we pass around */
- newPin = nsslowkey_HashPassword(newPinStr,handle->global_salt);
- oldPin = nsslowkey_HashPassword(oldPinStr,handle->global_salt);
- PORT_Memset(newPinStr,0,sizeof(newPinStr));
- PORT_Memset(oldPinStr,0,sizeof(oldPinStr));
-
- /* change the data base */
- rv = nsslowkey_ChangeKeyDBPassword(handle,oldPin,newPin);
-
- /* Now update our local copy of the pin */
- SECITEM_ZfreeItem(oldPin, PR_TRUE);
- if (rv == SECSuccess) {
- if (slot->password) {
- SECITEM_ZfreeItem(slot->password, PR_TRUE);
- }
- slot->password = newPin;
- slot->needLogin = (PRBool)(ulNewLen != 0);
- return CKR_OK;
- }
- SECITEM_ZfreeItem(newPin, PR_TRUE);
- return CKR_PIN_INCORRECT;
-}
-
-/* NSC_OpenSession opens a session between an application and a token. */
-CK_RV NSC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
- CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession)
-{
- PK11Slot *slot;
- CK_SESSION_HANDLE sessionID;
- PK11Session *session;
- PK11Session *sameID;
-
- slot = pk11_SlotFromID(slotID);
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- /* new session (we only have serial sessions) */
- session = pk11_NewSession(slotID, Notify, pApplication,
- flags | CKF_SERIAL_SESSION);
- if (session == NULL) return CKR_HOST_MEMORY;
-
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- if (slot->readOnly && (flags & CKF_RW_SESSION)) {
- /* NETSCAPE_SLOT_ID is Read ONLY */
- session->info.flags &= ~CKF_RW_SESSION;
- }
- slot->sessionCount++;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount++;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-
- do {
- do {
- sessionID = (PR_AtomicIncrement(&slot->sessionIDCount) & 0xffffff)
- | (slot->index << 24);
- } while (sessionID == CK_INVALID_HANDLE);
- PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,sessionID));)
- pk11queue_find(sameID, sessionID, slot->head, slot->sessHashSize);
- if (sameID == NULL) {
- session->handle = sessionID;
- pk11_update_state(slot, session);
- pk11queue_add(session, sessionID, slot->head,slot->sessHashSize);
- } else {
- slot->sessionIDConflict++; /* for debugging */
- }
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,sessionID));)
- } while (sameID != NULL);
-
- *phSession = sessionID;
- return CKR_OK;
-}
-
-
-/* NSC_CloseSession closes a session between an application and a token. */
-CK_RV NSC_CloseSession(CK_SESSION_HANDLE hSession)
-{
- PK11Slot *slot;
- PK11Session *session;
- SECItem *pw = NULL;
- PRBool sessionFound;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- slot = pk11_SlotFromSession(session);
- sessionFound = PR_FALSE;
-
- /* lock */
- PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,hSession));)
- if (pk11queue_is_queued(session,hSession,slot->head,slot->sessHashSize)) {
- sessionFound = PR_TRUE;
- pk11queue_delete(session,hSession,slot->head,slot->sessHashSize);
- session->refCount--; /* can't go to zero while we hold the reference */
- PORT_Assert(session->refCount > 0);
- }
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,hSession));)
-
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- if (sessionFound) {
- slot->sessionCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- }
- if (slot->sessionCount == 0) {
- pw = slot->password;
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-
- pk11_FreeSession(session);
- if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
- return CKR_OK;
-}
-
-
-/* NSC_CloseAllSessions closes all sessions with a token. */
-CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID)
-{
- PK11Slot *slot;
- SECItem *pw = NULL;
- PK11Session *session;
- unsigned int i;
-
- slot = pk11_SlotFromID(slotID);
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- /* first log out the card */
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- pw = slot->password;
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
- if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-
- /* now close all the current sessions */
- /* NOTE: If you try to open new sessions before NSC_CloseAllSessions
- * completes, some of those new sessions may or may not be closed by
- * NSC_CloseAllSessions... but any session running when this code starts
- * will guarrenteed be close, and no session will be partially closed */
- for (i=0; i < slot->sessHashSize; i++) {
- do {
- PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,i));)
- session = slot->head[i];
- /* hand deque */
- /* this duplicates function of NSC_close session functions, but
- * because we know that we are freeing all the sessions, we can
- * do more efficient processing */
- if (session) {
- slot->head[i] = session->next;
- if (session->next) session->next->prev = NULL;
- session->next = session->prev = NULL;
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,i));)
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- slot->sessionCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
- } else {
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,i));)
- }
- if (session) pk11_FreeSession(session);
- } while (session != NULL);
- }
- return CKR_OK;
-}
-
-
-/* NSC_GetSessionInfo obtains information about the session. */
-CK_RV NSC_GetSessionInfo(CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo)
-{
- PK11Session *session;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
- PORT_Memcpy(pInfo,&session->info,sizeof(CK_SESSION_INFO));
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_Login logs a user into a token. */
-CK_RV NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
- CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
-{
- PK11Slot *slot;
- PK11Session *session;
- NSSLOWKEYDBHandle *handle;
- CK_FLAGS sessionFlags;
- SECItem *pin;
- char pinStr[PK11_MAX_PIN+1];
-
-
- /* get the slot */
- slot = pk11_SlotFromSessionHandle(hSession);
-
- /* make sure the session is valid */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- sessionFlags = session->info.flags;
- pk11_FreeSession(session);
- session = NULL;
-
- /* can't log into the Netscape Slot */
- if (slot->slotID == NETSCAPE_SLOT_ID)
- return CKR_USER_TYPE_INVALID;
-
- if (slot->isLoggedIn) return CKR_USER_ALREADY_LOGGED_IN;
- slot->ssoLoggedIn = PR_FALSE;
-
- if (ulPinLen > PK11_MAX_PIN) return CKR_PIN_LEN_RANGE;
-
- /* convert to null terminated string */
- PORT_Memcpy(pinStr,pPin,ulPinLen);
- pinStr[ulPinLen] = 0;
-
- handle = slot->keyDB;
- if (handle == NULL) {
- return CKR_USER_TYPE_INVALID;
- }
-
- /*
- * Deal with bootstrap. We allow the SSO to login in with a NULL
- * password if and only if we haven't initialized the KEY DB yet.
- * We only allow this on a RW session.
- */
- if (nsslowkey_HasKeyDBPassword(handle) == SECFailure) {
- /* allow SSO's to log in only if there is not password on the
- * key database */
- if (((userType == CKU_SO) && (sessionFlags & CKF_RW_SESSION))
- /* fips always needs to authenticate, even if there isn't a db */
- || (slot->slotID == FIPS_SLOT_ID)) {
- /* should this be a fixed password? */
- if (ulPinLen == 0) {
- SECItem *pw;
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- pw = slot->password;
- slot->password = NULL;
- slot->isLoggedIn = PR_TRUE;
- slot->ssoLoggedIn = (PRBool)(userType == CKU_SO);
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
- pk11_update_all_states(slot);
- SECITEM_ZfreeItem(pw,PR_TRUE);
- return CKR_OK;
- }
- return CKR_PIN_INCORRECT;
- }
- return CKR_USER_TYPE_INVALID;
- }
-
- /* don't allow the SSO to log in if the user is already initialized */
- if (userType != CKU_USER) { return CKR_USER_TYPE_INVALID; }
-
-
- /* build the hashed pins which we pass around */
- pin = nsslowkey_HashPassword(pinStr,handle->global_salt);
- if (pin == NULL) return CKR_HOST_MEMORY;
-
- if (nsslowkey_CheckKeyDBPassword(handle,pin) == SECSuccess) {
- SECItem *tmp;
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- tmp = slot->password;
- slot->isLoggedIn = PR_TRUE;
- slot->password = pin;
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
- if (tmp) SECITEM_ZfreeItem(tmp, PR_TRUE);
-
- /* update all sessions */
- pk11_update_all_states(slot);
- return CKR_OK;
- }
-
- SECITEM_ZfreeItem(pin, PR_TRUE);
- return CKR_PIN_INCORRECT;
-}
-
-/* NSC_Logout logs a user out from a token. */
-CK_RV NSC_Logout(CK_SESSION_HANDLE hSession)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- SECItem *pw = NULL;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- pk11_FreeSession(session);
- session = NULL;
-
- if (!slot->isLoggedIn) return CKR_USER_NOT_LOGGED_IN;
-
- PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
- pw = slot->password;
- slot->isLoggedIn = PR_FALSE;
- slot->ssoLoggedIn = PR_FALSE;
- slot->password = NULL;
- PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
- if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-
- pk11_update_all_states(slot);
- return CKR_OK;
-}
-
-
-/* NSC_CreateObject creates a new object. */
-CK_RV NSC_CreateObject(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- CK_RV crv;
- int i;
-
-
- /*
- * now lets create an object to hang the attributes off of
- */
- object = pk11_NewObject(slot); /* fill in the handle later */
- if (object == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulCount; i++) {
- crv = pk11_AddAttributeType(object,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) {
- pk11_FreeObject(object);
- return crv;
- }
- }
-
- /* get the session */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(object);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- /*
- * handle the base object stuff
- */
- crv = pk11_handleObject(object,session);
- *phObject = object->handle;
- pk11_FreeSession(session);
- pk11_FreeObject(object);
-
- return crv;
-}
-
-
-/* NSC_CopyObject copies an object, creating a new object for the copy. */
-CK_RV NSC_CopyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject)
-{
- PK11Object *destObject,*srcObject;
- PK11Session *session;
- CK_RV crv = CKR_OK;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- int i;
-
- /* Get srcObject so we can find the class */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
- srcObject = pk11_ObjectFromHandle(hObject,session);
- if (srcObject == NULL) {
- pk11_FreeSession(session);
- return CKR_OBJECT_HANDLE_INVALID;
- }
- /*
- * create an object to hang the attributes off of
- */
- destObject = pk11_NewObject(slot); /* fill in the handle later */
- if (destObject == NULL) {
- pk11_FreeSession(session);
- pk11_FreeObject(srcObject);
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulCount; i++) {
- if (pk11_modifyType(pTemplate[i].type,srcObject->objclass) == PK11_NEVER) {
- crv = CKR_ATTRIBUTE_READ_ONLY;
- break;
- }
- crv = pk11_AddAttributeType(destObject,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) { break; }
- }
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- pk11_FreeObject(srcObject);
- pk11_FreeObject(destObject);
- return crv;
- }
-
- /* sensitive can only be changed to CK_TRUE */
- if (pk11_hasAttribute(destObject,CKA_SENSITIVE)) {
- if (!pk11_isTrue(destObject,CKA_SENSITIVE)) {
- pk11_FreeSession(session);
- pk11_FreeObject(srcObject);
- pk11_FreeObject(destObject);
- return CKR_ATTRIBUTE_READ_ONLY;
- }
- }
-
- /*
- * now copy the old attributes from the new attributes
- */
- /* don't create a token object if we aren't in a rw session */
- /* we need to hold the lock to copy a consistant version of
- * the object. */
- crv = pk11_CopyObject(destObject,srcObject);
-
- destObject->objclass = srcObject->objclass;
- pk11_FreeObject(srcObject);
- if (crv != CKR_OK) {
- pk11_FreeObject(destObject);
- pk11_FreeSession(session);
- }
-
- crv = pk11_handleObject(destObject,session);
- *phNewObject = destObject->handle;
- pk11_FreeSession(session);
- pk11_FreeObject(destObject);
-
- return crv;
-}
-
-
-/* NSC_GetObjectSize gets the size of an object in bytes. */
-CK_RV NSC_GetObjectSize(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) {
- *pulSize = 0;
- return CKR_OK;
-}
-
-
-/* NSC_GetAttributeValue obtains the value of one or more object attributes. */
-CK_RV NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11Attribute *attribute;
- PRBool sensitive;
- CK_RV crv;
- int i;
-
- /*
- * make sure we're allowed
- */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- object = pk11_ObjectFromHandle(hObject,session);
- pk11_FreeSession(session);
- if (object == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* don't read a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- pk11_FreeObject(object);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- crv = CKR_OK;
- sensitive = pk11_isTrue(object,CKA_SENSITIVE);
- for (i=0; i < (int) ulCount; i++) {
- /* Make sure that this attribute is retrievable */
- if (sensitive && pk11_isSensitive(pTemplate[i].type,object->objclass)) {
- crv = CKR_ATTRIBUTE_SENSITIVE;
- pTemplate[i].ulValueLen = -1;
- continue;
- }
- attribute = pk11_FindAttribute(object,pTemplate[i].type);
- if (attribute == NULL) {
- crv = CKR_ATTRIBUTE_TYPE_INVALID;
- pTemplate[i].ulValueLen = -1;
- continue;
- }
- if (pTemplate[i].pValue != NULL) {
- PORT_Memcpy(pTemplate[i].pValue,attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- }
- pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
- pk11_FreeAttribute(attribute);
- }
-
- pk11_FreeObject(object);
- return crv;
-}
-
-/* NSC_SetAttributeValue modifies the value of one or more object attributes */
-CK_RV NSC_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Attribute *attribute;
- PK11Object *object;
- PRBool isToken;
- CK_RV crv = CKR_OK;
- CK_BBOOL legal;
- int i;
-
- /*
- * make sure we're allowed
- */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- object = pk11_ObjectFromHandle(hObject,session);
- if (object == NULL) {
- pk11_FreeSession(session);
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* don't modify a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- /* don't modify a token object if we aren't in a rw session */
- isToken = pk11_isTrue(object,CKA_TOKEN);
- if (((session->info.flags & CKF_RW_SESSION) == 0) && isToken) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_SESSION_READ_ONLY;
- }
- pk11_FreeSession(session);
-
- /* only change modifiable objects */
- if (!pk11_isTrue(object,CKA_MODIFIABLE)) {
- pk11_FreeObject(object);
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- for (i=0; i < (int) ulCount; i++) {
- /* Make sure that this attribute is changeable */
- switch (pk11_modifyType(pTemplate[i].type,object->objclass)) {
- case PK11_NEVER:
- case PK11_ONCOPY:
- default:
- crv = CKR_ATTRIBUTE_READ_ONLY;
- break;
-
- case PK11_SENSITIVE:
- legal = (pTemplate[i].type == CKA_EXTRACTABLE) ? CK_FALSE : CK_TRUE;
- if ((*(CK_BBOOL *)pTemplate[i].pValue) != legal) {
- crv = CKR_ATTRIBUTE_READ_ONLY;
- }
- break;
- case PK11_ALWAYS:
- break;
- }
- if (crv != CKR_OK) break;
-
- /* find the old attribute */
- attribute = pk11_FindAttribute(object,pTemplate[i].type);
- if (attribute == NULL) {
- crv =CKR_ATTRIBUTE_TYPE_INVALID;
- break;
- }
- pk11_FreeAttribute(attribute);
- crv = pk11_forceAttribute(object,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
-
- }
-
- pk11_FreeObject(object);
- return crv;
-}
-
-/*
- * find any certs that may match the template and load them.
- */
-#define NSC_CERT 0x00000001
-#define NSC_TRUST 0x00000002
-#define NSC_CRL 0x00000004
-#define NSC_SMIME 0x00000008
-#define NSC_PRIVATE 0x00000010
-#define NSC_PUBLIC 0x00000020
-#define NSC_KEY 0x00000040
-
-/*
- * structure to collect key handles.
- */
-typedef struct pk11CrlDataStr {
- PK11Slot *slot;
- PK11SearchResults *searchHandles;
- CK_ATTRIBUTE *template;
- CK_ULONG templ_count;
-} pk11CrlData;
-
-
-static SECStatus
-pk11_crl_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
-{
- pk11CrlData *crlData;
- CK_OBJECT_HANDLE class_handle;
- PK11Slot *slot;
-
- crlData = (pk11CrlData *)arg;
- slot = crlData->slot;
-
- class_handle = (type == certDBEntryTypeRevocation) ? PK11_TOKEN_TYPE_CRL :
- PK11_TOKEN_KRL_HANDLE;
- if (pk11_tokenMatch(slot, key, class_handle,
- crlData->template, crlData->templ_count)) {
- pk11_addHandle(crlData->searchHandles,
- pk11_mkHandle(slot,key,class_handle));
- }
- return(SECSuccess);
-}
-
-static void
-pk11_searchCrls(PK11Slot *slot, SECItem *derSubject, PRBool isKrl,
- unsigned long classFlags, PK11SearchResults *search,
- CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) {
- return;
- }
- if (derSubject->data != NULL) {
- certDBEntryRevocation *crl =
- nsslowcert_FindCrlByKey(certHandle, derSubject, isKrl);
-
- if (crl != NULL) {
- pk11_addHandle(search, pk11_mkHandle(slot, derSubject,
- isKrl ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL));
- nsslowcert_DestroyDBEntry((certDBEntry *)crl);
- }
- } else {
- pk11CrlData crlData;
-
- /* traverse */
- crlData.slot = slot;
- crlData.searchHandles = search;
- crlData.template = pTemplate;
- crlData.templ_count = ulCount;
- nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeRevocation,
- pk11_crl_collect, (void *)&crlData);
- nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeKeyRevocation,
- pk11_crl_collect, (void *)&crlData);
- }
-}
-
-/*
- * structure to collect key handles.
- */
-typedef struct pk11KeyDataStr {
- PK11Slot *slot;
- PK11SearchResults *searchHandles;
- SECItem *id;
- CK_ATTRIBUTE *template;
- CK_ULONG templ_count;
- unsigned long classFlags;
- PRBool isLoggedIn;
- PRBool strict;
-} pk11KeyData;
-
-
-static SECStatus
-pk11_key_collect(DBT *key, DBT *data, void *arg)
-{
- pk11KeyData *keyData;
- NSSLOWKEYPrivateKey *privKey = NULL;
- SECItem tmpDBKey;
- PK11Slot *slot;
-
- keyData = (pk11KeyData *)arg;
- slot = keyData->slot;
-
- tmpDBKey.data = key->data;
- tmpDBKey.len = key->size;
- tmpDBKey.type = siBuffer;
-
- PORT_Assert(slot->keyDB);
- if (!keyData->strict && keyData->id) {
- SECItem result;
- PRBool haveMatch= PR_FALSE;
- unsigned char hashKey[SHA1_LENGTH];
- result.data = hashKey;
- result.len = sizeof(hashKey);
-
- if (keyData->id->len == 0) {
- /* Make sure this isn't a NSC_KEY */
- privKey = nsslowkey_FindKeyByPublicKey(keyData->slot->keyDB,
- &tmpDBKey, keyData->slot->password);
- if (privKey) {
- haveMatch = isSecretKey(privKey) ?
- (PRBool)(keyData->classFlags & NSC_KEY) != 0:
- (PRBool)(keyData->classFlags &
- (NSC_PRIVATE|NSC_PUBLIC)) != 0;
- nsslowkey_DestroyPrivateKey(privKey);
- }
- } else {
- SHA1_HashBuf( hashKey, key->data, key->size ); /* match id */
- haveMatch = SECITEM_ItemsAreEqual(keyData->id,&result);
- if (!haveMatch && ((unsigned char *)key->data)[0] == 0) {
- /* This is a fix for backwards compatibility. The key
- * database indexes private keys by the public key, and
- * versions of NSS prior to 3.4 stored the public key as
- * a signed integer. The public key is now treated as an
- * unsigned integer, with no leading zero. In order to
- * correctly compute the hash of an old key, it is necessary
- * to fallback and detect the leading zero.
- */
- SHA1_HashBuf(hashKey,
- (unsigned char *)key->data + 1, key->size - 1);
- haveMatch = SECITEM_ItemsAreEqual(keyData->id,&result);
- }
- }
- if (haveMatch) {
- if (keyData->classFlags & NSC_PRIVATE) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_PRIV));
- }
- if (keyData->classFlags & NSC_PUBLIC) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_PUB));
- }
- if (keyData->classFlags & NSC_KEY) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_KEY));
- }
- }
- return SECSuccess;
- }
-
- privKey = nsslowkey_FindKeyByPublicKey(keyData->slot->keyDB, &tmpDBKey,
- keyData->slot->password);
- if ( privKey == NULL ) {
- goto loser;
- }
-
- if (isSecretKey(privKey)) {
- if ((keyData->classFlags & NSC_KEY) &&
- pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_KEY,
- keyData->template, keyData->templ_count)) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_KEY));
- }
- } else {
- if ((keyData->classFlags & NSC_PRIVATE) &&
- pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_PRIV,
- keyData->template, keyData->templ_count)) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(keyData->slot,&tmpDBKey,PK11_TOKEN_TYPE_PRIV));
- }
- if ((keyData->classFlags & NSC_PUBLIC) &&
- pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_PUB,
- keyData->template, keyData->templ_count)) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(keyData->slot, &tmpDBKey,PK11_TOKEN_TYPE_PUB));
- }
- }
-
-loser:
- if ( privKey ) {
- nsslowkey_DestroyPrivateKey(privKey);
- }
- return(SECSuccess);
-}
-
-static void
-pk11_searchKeys(PK11Slot *slot, SECItem *key_id, PRBool isLoggedIn,
- unsigned long classFlags, PK11SearchResults *search,
- CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
- NSSLOWKEYDBHandle *keyHandle = NULL;
- NSSLOWKEYPrivateKey *privKey;
- pk11KeyData keyData;
- PRBool found = PR_FALSE;
-
- keyHandle = slot->keyDB;
- if (keyHandle == NULL) {
- return;
- }
-
- if (key_id->data) {
- privKey = nsslowkey_FindKeyByPublicKey(keyHandle, key_id, slot->password);
- if (privKey) {
- if ((classFlags & NSC_KEY) && isSecretKey(privKey)) {
- pk11_addHandle(search,
- pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_KEY));
- found = PR_TRUE;
- }
- if ((classFlags & NSC_PRIVATE) && !isSecretKey(privKey)) {
- pk11_addHandle(search,
- pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_PRIV));
- found = PR_TRUE;
- }
- if ((classFlags & NSC_PUBLIC) && !isSecretKey(privKey)) {
- pk11_addHandle(search,
- pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_PUB));
- found = PR_TRUE;
- }
- nsslowkey_DestroyPrivateKey(privKey);
- }
- /* don't do the traversal if we have an up to date db */
- if (keyHandle->version != 3) {
- return;
- }
- /* don't do the traversal if it can't possibly be the correct id */
- /* all soft token id's are SHA1_HASH_LEN's */
- if (key_id->len != SHA1_LENGTH) {
- return;
- }
- if (found) {
- /* if we already found some keys, don't do the traversal */
- return;
- }
- }
- keyData.slot = slot;
- keyData.searchHandles = search;
- keyData.id = key_id;
- keyData.template = pTemplate;
- keyData.templ_count = ulCount;
- keyData.isLoggedIn = isLoggedIn;
- keyData.classFlags = classFlags;
- keyData.strict = NSC_STRICT;
-
- nsslowkey_TraverseKeys(keyHandle, pk11_key_collect, &keyData);
-}
-
-/*
- * structure to collect certs into
- */
-typedef struct pk11CertDataStr {
- PK11Slot *slot;
- int cert_count;
- int max_cert_count;
- NSSLOWCERTCertificate **certs;
- CK_ATTRIBUTE *template;
- CK_ULONG templ_count;
- unsigned long classFlags;
- PRBool strict;
-} pk11CertData;
-
-/*
- * collect all the certs from the traverse call.
- */
-static SECStatus
-pk11_cert_collect(NSSLOWCERTCertificate *cert,void *arg)
-{
- pk11CertData *cd = (pk11CertData *)arg;
-
- if (cert == NULL) {
- return SECSuccess;
- }
-
- if (cd->certs == NULL) {
- return SECFailure;
- }
-
- if (cd->strict) {
- if ((cd->classFlags & NSC_CERT) && !pk11_tokenMatch(cd->slot,
- &cert->certKey, PK11_TOKEN_TYPE_CERT, cd->template,cd->templ_count)) {
- return SECSuccess;
- }
- if ((cd->classFlags & NSC_TRUST) && !pk11_tokenMatch(cd->slot,
- &cert->certKey, PK11_TOKEN_TYPE_TRUST,
- cd->template, cd->templ_count)) {
- return SECSuccess;
- }
- }
-
- /* allocate more space if we need it. This should only happen in
- * the general traversal case */
- if (cd->cert_count >= cd->max_cert_count) {
- int size;
- cd->max_cert_count += NSC_CERT_BLOCK_SIZE;
- size = cd->max_cert_count * sizeof (NSSLOWCERTCertificate *);
- cd->certs = (NSSLOWCERTCertificate **)PORT_Realloc(cd->certs,size);
- if (cd->certs == NULL) {
- return SECFailure;
- }
- }
-
- cd->certs[cd->cert_count++] = nsslowcert_DupCertificate(cert);
- return SECSuccess;
-}
-
-/* provide impedence matching ... */
-static SECStatus
-pk11_cert_collect2(NSSLOWCERTCertificate *cert, SECItem *dymmy, void *arg)
-{
- return pk11_cert_collect(cert, arg);
-}
-
-static void
-pk11_searchSingleCert(pk11CertData *certData,NSSLOWCERTCertificate *cert)
-{
- if (cert == NULL) {
- return;
- }
- if (certData->strict &&
- !pk11_tokenMatch(certData->slot, &cert->certKey, PK11_TOKEN_TYPE_CERT,
- certData->template,certData->templ_count)) {
- nsslowcert_DestroyCertificate(cert);
- return;
- }
- certData->certs = (NSSLOWCERTCertificate **)
- PORT_Alloc(sizeof (NSSLOWCERTCertificate *));
- if (certData->certs == NULL) {
- nsslowcert_DestroyCertificate(cert);
- return;
- }
- certData->certs[0] = cert;
- certData->cert_count = 1;
-}
-
-static void
-pk11_CertSetupData(pk11CertData *certData,int count)
-{
- certData->max_cert_count = count;
-
- if (certData->max_cert_count <= 0) {
- return;
- }
- certData->certs = (NSSLOWCERTCertificate **)
- PORT_Alloc( count * sizeof(NSSLOWCERTCertificate *));
- return;
-}
-
-static void
-pk11_searchCertsAndTrust(PK11Slot *slot, SECItem *derCert, SECItem *name,
- SECItem *derSubject, NSSLOWCERTIssuerAndSN *issuerSN,
- SECItem *email,
- unsigned long classFlags, PK11SearchResults *handles,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
- pk11CertData certData;
- int i;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) return;
-
- certData.slot = slot;
- certData.max_cert_count = 0;
- certData.certs = NULL;
- certData.cert_count = 0;
- certData.template = pTemplate;
- certData.templ_count = ulCount;
- certData.classFlags = classFlags;
- certData.strict = NSC_STRICT;
-
-
- /*
- * Find the Cert.
- */
- if (derCert->data != NULL) {
- NSSLOWCERTCertificate *cert =
- nsslowcert_FindCertByDERCert(certHandle,derCert);
- pk11_searchSingleCert(&certData,cert);
- } else if (name->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(name->len+1);
- int count;
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,name->data,name->len);
- tmp_name[name->len] = 0;
-
- count= nsslowcert_NumPermCertsForNickname(certHandle,tmp_name);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForNickname(certHandle,tmp_name,
- pk11_cert_collect, &certData);
- PORT_Free(tmp_name);
- } else if (derSubject->data != NULL) {
- int count;
-
- count = nsslowcert_NumPermCertsForSubject(certHandle,derSubject);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForSubject(certHandle,derSubject,
- pk11_cert_collect, &certData);
- } else if ((issuerSN->derIssuer.data != NULL) &&
- (issuerSN->serialNumber.data != NULL)) {
- if (classFlags & NSC_CERT) {
- NSSLOWCERTCertificate *cert =
- nsslowcert_FindCertByIssuerAndSN(certHandle,issuerSN);
-
- pk11_searchSingleCert(&certData,cert);
- }
- if (classFlags & NSC_TRUST) {
- NSSLOWCERTTrust *trust =
- nsslowcert_FindTrustByIssuerAndSN(certHandle, issuerSN);
-
- if (trust) {
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&trust->dbKey,PK11_TOKEN_TYPE_TRUST));
- nsslowcert_DestroyTrust(trust);
- }
- }
- } else if (email->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(email->len+1);
- certDBEntrySMime *entry = NULL;
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,email->data,email->len);
- tmp_name[email->len] = 0;
-
- entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
- if (entry) {
- int count;
- SECItem *subjectName = &entry->subjectName;
-
- count = nsslowcert_NumPermCertsForSubject(certHandle, subjectName);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForSubject(certHandle, subjectName,
- pk11_cert_collect, &certData);
-
- nsslowcert_DestroyDBEntry((certDBEntry *)entry);
- }
- PORT_Free(tmp_name);
- } else {
- /* we aren't filtering the certs, we are working on all, so turn
- * on the strict filters. */
- certData.strict = PR_TRUE;
- pk11_CertSetupData(&certData,NSC_CERT_BLOCK_SIZE);
- nsslowcert_TraversePermCerts(certHandle, pk11_cert_collect2, &certData);
- }
-
- /*
- * build the handles
- */
- for (i=0 ; i < certData.cert_count ; i++) {
- NSSLOWCERTCertificate *cert = certData.certs[i];
-
- /* if we filtered it would have been on the stuff above */
- if (classFlags & NSC_CERT) {
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT));
- }
- if ((classFlags & NSC_TRUST) && nsslowcert_hasTrust(cert->trust)) {
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_TRUST));
- }
- nsslowcert_DestroyCertificate(cert);
- }
-
- if (certData.certs) PORT_Free(certData.certs);
- return;
-}
-
-static void
-pk11_searchSMime(PK11Slot *slot, SECItem *email, PK11SearchResults *handles,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
- certDBEntrySMime *entry;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) return;
-
- if (email->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(email->len+1);
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,email->data,email->len);
- tmp_name[email->len] = 0;
-
- entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
- if (entry) {
- SECItem emailKey;
-
- emailKey.data = (unsigned char *)tmp_name;
- emailKey.len = PORT_Strlen(tmp_name)+1;
- emailKey.type = 0;
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&emailKey,PK11_TOKEN_TYPE_SMIME));
- nsslowcert_DestroyDBEntry((certDBEntry *)entry);
- }
- PORT_Free(tmp_name);
- }
- return;
-}
-
-static CK_RV
-pk11_searchTokenList(PK11Slot *slot, PK11SearchResults *search,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount,
- PRBool *tokenOnly, PRBool isLoggedIn)
-{
- int i;
- PRBool isKrl = PR_FALSE;
- SECItem derCert = { siBuffer, NULL, 0 };
- SECItem derSubject = { siBuffer, NULL, 0 };
- SECItem name = { siBuffer, NULL, 0 };
- SECItem email = { siBuffer, NULL, 0 };
- SECItem key_id = { siBuffer, NULL, 0 };
- SECItem cert_sha1_hash = { siBuffer, NULL, 0 };
- SECItem cert_md5_hash = { siBuffer, NULL, 0 };
- NSSLOWCERTIssuerAndSN issuerSN = {
- { siBuffer, NULL, 0 },
- { siBuffer, NULL, 0 }
- };
- SECItem *copy = NULL;
- unsigned long classFlags =
- NSC_CERT|NSC_TRUST|NSC_PRIVATE|NSC_PUBLIC|NSC_KEY|NSC_SMIME|NSC_CRL;
-
- /* if we aren't logged in, don't look for private or secret keys */
- if (!isLoggedIn) {
- classFlags &= ~(NSC_PRIVATE|NSC_KEY);
- }
-
- /*
- * look for things to search on token objects for. If the right options
- * are specified, we can use them as direct indeces into the database
- * (rather than using linear searches. We can also use the attributes to
- * limit the kinds of objects we are searching for. Later we can use this
- * array to filter the remaining objects more finely.
- */
- for (i=0 ;classFlags && i < (int)ulCount; i++) {
-
- switch (pTemplate[i].type) {
- case CKA_SUBJECT:
- copy = &derSubject;
- classFlags &= (NSC_CERT|NSC_PRIVATE|NSC_PUBLIC|NSC_SMIME|NSC_CRL);
- break;
- case CKA_ISSUER:
- copy = &issuerSN.derIssuer;
- classFlags &= (NSC_CERT|NSC_TRUST);
- break;
- case CKA_SERIAL_NUMBER:
- copy = &issuerSN.serialNumber;
- classFlags &= (NSC_CERT|NSC_TRUST);
- break;
- case CKA_VALUE:
- copy = &derCert;
- classFlags &= (NSC_CERT|NSC_CRL|NSC_SMIME);
- break;
- case CKA_LABEL:
- copy = &name;
- break;
- case CKA_NETSCAPE_EMAIL:
- copy = &email;
- classFlags &= NSC_SMIME|NSC_CERT;
- break;
- case CKA_NETSCAPE_SMIME_TIMESTAMP:
- classFlags &= NSC_SMIME;
- break;
- case CKA_CLASS:
- if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
- classFlags = 0;
- break;;
- }
- switch (*((CK_OBJECT_CLASS *)pTemplate[i].pValue)) {
- case CKO_CERTIFICATE:
- classFlags &= NSC_CERT;
- break;
- case CKO_NETSCAPE_TRUST:
- classFlags &= NSC_TRUST;
- break;
- case CKO_NETSCAPE_CRL:
- classFlags &= NSC_CRL;
- break;
- case CKO_NETSCAPE_SMIME:
- classFlags &= NSC_SMIME;
- break;
- case CKO_PRIVATE_KEY:
- classFlags &= NSC_PRIVATE;
- break;
- case CKO_PUBLIC_KEY:
- classFlags &= NSC_PUBLIC;
- break;
- case CKO_SECRET_KEY:
- classFlags &= NSC_KEY;
- break;
- default:
- classFlags = 0;
- break;
- }
- break;
- case CKA_PRIVATE:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
- classFlags &= (NSC_PRIVATE|NSC_KEY);
- } else {
- classFlags &= ~(NSC_PRIVATE|NSC_KEY);
- }
- break;
- case CKA_SENSITIVE:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
- classFlags &= (NSC_PRIVATE|NSC_KEY);
- } else {
- classFlags = 0;
- }
- break;
- case CKA_TOKEN:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
- *tokenOnly = PR_TRUE;
- } else {
- classFlags = 0;
- }
- break;
- case CKA_CERT_SHA1_HASH:
- classFlags &= NSC_TRUST;
- copy = &cert_sha1_hash; break;
- case CKA_CERT_MD5_HASH:
- classFlags &= NSC_TRUST;
- copy = &cert_md5_hash; break;
- case CKA_CERTIFICATE_TYPE:
- if (pTemplate[i].ulValueLen != sizeof(CK_CERTIFICATE_TYPE)) {
- classFlags = 0;
- }
- classFlags &= NSC_CERT;
- if (*((CK_CERTIFICATE_TYPE *)pTemplate[i].pValue) != CKC_X_509) {
- classFlags = 0;
- }
- break;
- case CKA_ID:
- copy = &key_id;
- classFlags &= (NSC_CERT|NSC_PRIVATE|NSC_KEY|NSC_PUBLIC);
- break;
- case CKA_NETSCAPE_KRL:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- classFlags &= NSC_CRL;
- isKrl = (PRBool)(*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE);
- break;
- case CKA_MODIFIABLE:
- break;
- case CKA_KEY_TYPE:
- case CKA_DERIVE:
- classFlags &= NSC_PUBLIC|NSC_PRIVATE|NSC_KEY;
- break;
- case CKA_VERIFY_RECOVER:
- classFlags &= NSC_PUBLIC;
- break;
- case CKA_SIGN_RECOVER:
- classFlags &= NSC_PRIVATE;
- break;
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_WRAP:
- classFlags &= NSC_PUBLIC|NSC_KEY;
- break;
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_UNWRAP:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_EXTRACTABLE:
- case CKA_NEVER_EXTRACTABLE:
- classFlags &= NSC_PRIVATE|NSC_KEY;
- break;
- /* can't be a certificate if it doesn't match one of the above
- * attributes */
- default:
- classFlags = 0;
- break;
- }
- if (copy) {
- copy->data = (unsigned char*)pTemplate[i].pValue;
- copy->len = pTemplate[i].ulValueLen;
- }
- copy = NULL;
- }
-
-
- /* certs */
- if (classFlags & (NSC_CERT|NSC_TRUST)) {
- pk11_searchCertsAndTrust(slot,&derCert,&name,&derSubject,
- &issuerSN, &email,classFlags,search,
- pTemplate, ulCount);
- }
-
- /* keys */
- if (classFlags & (NSC_PRIVATE|NSC_PUBLIC|NSC_KEY)) {
- pk11_searchKeys(slot, &key_id, isLoggedIn, classFlags, search,
- pTemplate, ulCount);
- }
-
- /* crl's */
- if (classFlags & NSC_CRL) {
- pk11_searchCrls(slot, &derSubject, isKrl, classFlags, search,
- pTemplate, ulCount);
- }
- /* Add S/MIME entry stuff */
- if (classFlags & NSC_SMIME) {
- pk11_searchSMime(slot, &email, search, pTemplate, ulCount);
- }
- return CKR_OK;
-}
-
-
-/* NSC_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
-CK_RV NSC_FindObjectsInit(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount)
-{
- PK11SearchResults *search = NULL, *freeSearch = NULL;
- PK11Session *session = NULL;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PRBool tokenOnly = PR_FALSE;
- CK_RV crv = CKR_OK;
- PRBool isLoggedIn;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- crv = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- search = (PK11SearchResults *)PORT_Alloc(sizeof(PK11SearchResults));
- if (search == NULL) {
- crv = CKR_HOST_MEMORY;
- goto loser;
- }
- search->handles = (CK_OBJECT_HANDLE *)
- PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
- if (search->handles == NULL) {
- crv = CKR_HOST_MEMORY;
- goto loser;
- }
- search->index = 0;
- search->size = 0;
- search->array_size = NSC_SEARCH_BLOCK_SIZE;
- isLoggedIn = (PRBool)((!slot->needLogin) || slot->isLoggedIn);
-
- crv = pk11_searchTokenList(slot, search, pTemplate, ulCount, &tokenOnly,
- isLoggedIn);
- if (crv != CKR_OK) {
- goto loser;
- }
-
- /* build list of found objects in the session */
- if (!tokenOnly) {
- crv = pk11_searchObjectList(search, slot->tokObjects,
- slot->tokObjHashSize, slot->objectLock,
- pTemplate, ulCount, isLoggedIn);
- }
- if (crv != CKR_OK) {
- goto loser;
- }
-
- if ((freeSearch = session->search) != NULL) {
- session->search = NULL;
- pk11_FreeSearch(freeSearch);
- }
- session->search = search;
- pk11_FreeSession(session);
- return CKR_OK;
-
-loser:
- if (search) {
- pk11_FreeSearch(search);
- }
- if (session) {
- pk11_FreeSession(session);
- }
- return crv;
-}
-
-
-/* NSC_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
-CK_RV NSC_FindObjects(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount)
-{
- PK11Session *session;
- PK11SearchResults *search;
- int transfer;
- int left;
-
- *pulObjectCount = 0;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- if (session->search == NULL) {
- pk11_FreeSession(session);
- return CKR_OK;
- }
- search = session->search;
- left = session->search->size - session->search->index;
- transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
- if (transfer > 0) {
- PORT_Memcpy(phObject,&search->handles[search->index],
- transfer*sizeof(CK_OBJECT_HANDLE_PTR));
- } else {
- *phObject = CK_INVALID_HANDLE;
- }
-
- search->index += transfer;
- if (search->index == search->size) {
- session->search = NULL;
- pk11_FreeSearch(search);
- }
- *pulObjectCount = transfer;
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV NSC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
-{
- PK11Session *session;
- PK11SearchResults *search;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- search = session->search;
- session->search = NULL;
- pk11_FreeSession(session);
- if (search != NULL) {
- pk11_FreeSearch(search);
- }
- return CKR_OK;
-}
-
-
-
-CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved)
-{
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
diff --git a/security/nss/lib/softoken/pkcs11.h b/security/nss/lib/softoken/pkcs11.h
deleted file mode 100644
index 9b54421e7..000000000
--- a/security/nss/lib/softoken/pkcs11.h
+++ /dev/null
@@ -1,319 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s): RSA Labs
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- *
- * The latest version of this header can be found at:
- * http://www.rsalabs.com/pkcs/pkcs-11/index.html
- */
-#ifndef _PKCS11_H_
-#define _PKCS11_H_ 1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Before including this file (pkcs11.h) (or pkcs11t.h by
- * itself), 6 platform-specific macros must be defined. These
- * macros are described below, and typical definitions for them
- * are also given. Be advised that these definitions can depend
- * on both the platform and the compiler used (and possibly also
- * on whether a PKCS #11 library is linked statically or
- * dynamically).
- *
- * In addition to defining these 6 macros, the packing convention
- * for PKCS #11 structures should be set. The PKCS #11
- * convention on packing is that structures should be 1-byte
- * aligned.
- *
- * In a Win32 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(push, cryptoki, 1)
- *
- * and using the following preprocessor directive after including
- * pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(pop, cryptoki)
- *
- * In a Win16 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(1)
- *
- * In a UNIX environment, you're on your own here. You might
- * not need to do anything.
- *
- *
- * Now for the macros:
- *
- *
- * 1. CK_PTR: The indirection string for making a pointer to an
- * object. It can be used like this:
- *
- * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_PTR *
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_PTR far *
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_PTR *
- *
- *
- * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
- * an exportable PKCS #11 library function definition out of a
- * return type and a function name. It should be used in the
- * following fashion to define the exposed PKCS #11 functions in
- * a PKCS #11 library:
- *
- * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
- * CK_VOID_PTR pReserved
- * )
- * {
- * ...
- * }
- *
- * For defining a function in a Win32 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- * returnType __declspec(dllexport) name
- *
- * For defining a function in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- * returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- * returnType name
- *
- *
- * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
- * an importable PKCS #11 library function declaration out of a
- * return type and a function name. It should be used in the
- * following fashion:
- *
- * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
- * CK_VOID_PTR pReserved
- * );
- *
- * For declaring a function in a Win32 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType __declspec(dllimport) name
- *
- * For declaring a function in a Win16 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType name
- *
- *
- * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
- * which makes a PKCS #11 API function pointer declaration or
- * function pointer type declaration out of a return type and a
- * function name. It should be used in the following fashion:
- *
- * // Define funcPtr to be a pointer to a PKCS #11 API function
- * // taking arguments args and returning CK_RV.
- * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
- *
- * or
- *
- * // Define funcPtrType to be the type of a pointer to a
- * // PKCS #11 API function taking arguments args and returning
- * // CK_RV, and then define funcPtr to be a variable of type
- * // funcPtrType.
- * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
- * funcPtrType funcPtr;
- *
- * For accessing functions in a Win32 PKCS #11 .dll, in might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType __declspec(dllimport) (* name)
- *
- * For accessing functions in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType __export _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType (* name)
- *
- *
- * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
- * a function pointer type for an application callback out of
- * a return type for the callback and a name for the callback.
- * It should be used in the following fashion:
- *
- * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
- *
- * to declare a function pointer, myCallback, to a callback
- * which takes arguments args and returns a CK_RV. It can also
- * be used like this:
- *
- * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
- * myCallbackType myCallback;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType (* name)
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType (* name)
- *
- *
- * 6. NULL_PTR: This macro is the value of a NULL pointer.
- *
- * In any ANSI/ISO C environment (and in many others as well),
- * this should be defined by
- *
- * #ifndef NULL_PTR
- * #define NULL_PTR 0
- * #endif
- */
-
-
-/* All the various PKCS #11 types and #define'd values are in the
- * file pkcs11t.h. */
-#include "pkcs11t.h"
-
-#define __PASTE(x,y) x##y
-
-
-/* packing defines */
-#include "pkcs11p.h"
-/* ==============================================================
- * Define the "extern" form of all the entry points.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST 1
-#define CK_PKCS11_FUNCTION_INFO(name) \
- CK_DECLARE_FUNCTION(CK_RV, name)
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define the typedef form of all the entry points. That is, for
- * each PKCS #11 function C_XXX, define a type CK_C_XXX which is
- * a pointer to that kind of function.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST 1
-#define CK_PKCS11_FUNCTION_INFO(name) \
- typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define structed vector of entry points. A CK_FUNCTION_LIST
- * contains a CK_VERSION indicating a library's PKCS #11 version
- * and then a whole slew of function pointers to the routines in
- * the library. This type was declared, but not defined, in
- * pkcs11t.h.
- * ==============================================================
- */
-
-#define CK_PKCS11_FUNCTION_INFO(name) \
- __PASTE(CK_,name) name;
-
-struct CK_FUNCTION_LIST {
-
- CK_VERSION version; /* PKCS #11 version */
-
-/* Pile all the function pointers into the CK_FUNCTION_LIST. */
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-};
-
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-/* unpack */
-#include "pkcs11u.h"
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
deleted file mode 100644
index 82da04d16..000000000
--- a/security/nss/lib/softoken/pkcs11c.c
+++ /dev/null
@@ -1,5265 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- * This implementation has two slots:
- * slot 1 is our generic crypto support. It does not require login.
- * It supports Public Key ops, and all they bulk ciphers and hashes.
- * It can also support Private Key ops for imported Private keys. It does
- * not have any token storage.
- * slot 2 is our private key support. It requires a login before use. It
- * can store Private Keys and Certs as token objects. Currently only private
- * keys and their associated Certificates are saved on the token.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "blapi.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "sechash.h"
-#include "secder.h"
-#include "secdig.h"
-#include "lowpbe.h" /* We do PBE below */
-#include "pkcs11t.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "softoken.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-#include "pcert.h"
-#include "ssl3prot.h" /* for SSL3_RANDOM_LENGTH */
-
-#define __PASTE(x,y) x##y
-
-/*
- * we renamed all our internal functions, get the correct
- * definitions for them...
- */
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_EXTERN extern
-#define CK_PKCS11_FUNCTION_INFO(func) \
- CK_RV __PASTE(NS,func)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-static void pk11_Null(void *data, PRBool freeit)
-{
- return;
-}
-
-#ifdef NSS_ENABLE_ECC
-extern SECStatus EC_DecodeParams(const SECItem *encodedParams,
- ECParams **ecparams);
-#endif /* NSS_ENABLE_ECC */
-
-/*
- * free routines.... Free local type allocated data, and convert
- * other free routines to the destroy signature.
- */
-static void
-pk11_FreePrivKey(NSSLOWKEYPrivateKey *key, PRBool freeit)
-{
- nsslowkey_DestroyPrivateKey(key);
-}
-
-static void
-pk11_HMAC_Destroy(HMACContext *context, PRBool freeit)
-{
- HMAC_Destroy(context);
-}
-
-static void
-pk11_Space(void *data, PRBool freeit)
-{
- PORT_Free(data);
-}
-
-
-/*
- * turn a CDMF key into a des key. CDMF is an old IBM scheme to export DES by
- * Deprecating a full des key to 40 bit key strenth.
- */
-static CK_RV
-pk11_cdmf2des(unsigned char *cdmfkey, unsigned char *deskey)
-{
- unsigned char key1[8] = { 0xc4, 0x08, 0xb0, 0x54, 0x0b, 0xa1, 0xe0, 0xae };
- unsigned char key2[8] = { 0xef, 0x2c, 0x04, 0x1c, 0xe6, 0x38, 0x2f, 0xe6 };
- unsigned char enc_src[8];
- unsigned char enc_dest[8];
- unsigned int leng,i;
- DESContext *descx;
- SECStatus rv;
-
-
- /* zero the parity bits */
- for (i=0; i < 8; i++) {
- enc_src[i] = cdmfkey[i] & 0xfe;
- }
-
- /* encrypt with key 1 */
- descx = DES_CreateContext(key1, NULL, NSS_DES, PR_TRUE);
- if (descx == NULL) return CKR_HOST_MEMORY;
- rv = DES_Encrypt(descx, enc_dest, &leng, 8, enc_src, 8);
- DES_DestroyContext(descx,PR_TRUE);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-
- /* xor source with des, zero the parity bits and depricate the key*/
- for (i=0; i < 8; i++) {
- if (i & 1) {
- enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0xfe;
- } else {
- enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0x0e;
- }
- }
-
- /* encrypt with key 2 */
- descx = DES_CreateContext(key2, NULL, NSS_DES, PR_TRUE);
- if (descx == NULL) return CKR_HOST_MEMORY;
- rv = DES_Encrypt(descx, deskey, &leng, 8, enc_src, 8);
- DES_DestroyContext(descx,PR_TRUE);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-
- /* set the corret parity on our new des key */
- pk11_FormatDESKey(deskey, 8);
- return CKR_OK;
-}
-
-
-/* NSC_DestroyObject destroys an object. */
-CK_RV
-NSC_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11FreeStatus status;
-
- /*
- * This whole block just makes sure we really can destroy the
- * requested object.
- */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- object = pk11_ObjectFromHandle(hObject,session);
- if (object == NULL) {
- pk11_FreeSession(session);
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* don't destroy a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- /* don't destroy a token object if we aren't in a rw session */
-
- if (((session->info.flags & CKF_RW_SESSION) == 0) &&
- (pk11_isTrue(object,CKA_TOKEN))) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_SESSION_READ_ONLY;
- }
-
- pk11_DeleteObject(session,object);
-
- pk11_FreeSession(session);
-
- /*
- * get some indication if the object is destroyed. Note: this is not
- * 100%. Someone may have an object reference outstanding (though that
- * should not be the case by here. Also note that the object is "half"
- * destroyed. Our internal representation is destroyed, but it may still
- * be in the data base.
- */
- status = pk11_FreeObject(object);
-
- return (status != PK11_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions: Utilities ************************
- */
-
-
-/*
- * return a context based on the PK11Context type.
- */
-PK11SessionContext *
-pk11_ReturnContextByType(PK11Session *session, PK11ContextType type)
-{
- switch (type) {
- case PK11_ENCRYPT:
- case PK11_DECRYPT:
- return session->enc_context;
- case PK11_HASH:
- return session->hash_context;
- case PK11_SIGN:
- case PK11_SIGN_RECOVER:
- case PK11_VERIFY:
- case PK11_VERIFY_RECOVER:
- return session->hash_context;
- }
- return NULL;
-}
-
-/*
- * change a context based on the PK11Context type.
- */
-void
-pk11_SetContextByType(PK11Session *session, PK11ContextType type,
- PK11SessionContext *context)
-{
- switch (type) {
- case PK11_ENCRYPT:
- case PK11_DECRYPT:
- session->enc_context = context;
- break;
- case PK11_HASH:
- session->hash_context = context;
- break;
- case PK11_SIGN:
- case PK11_SIGN_RECOVER:
- case PK11_VERIFY:
- case PK11_VERIFY_RECOVER:
- session->hash_context = context;
- break;
- }
- return;
-}
-
-/*
- * code to grab the context. Needed by every C_XXXUpdate, C_XXXFinal,
- * and C_XXX function. The function takes a session handle, the context type,
- * and wether or not the session needs to be multipart. It returns the context,
- * and optionally returns the session pointer (if sessionPtr != NULL) if session
- * pointer is returned, the caller is responsible for freeing it.
- */
-static CK_RV
-pk11_GetContext(CK_SESSION_HANDLE handle,PK11SessionContext **contextPtr,
- PK11ContextType type, PRBool needMulti, PK11Session **sessionPtr)
-{
- PK11Session *session;
- PK11SessionContext *context;
-
- session = pk11_SessionFromHandle(handle);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- context = pk11_ReturnContextByType(session,type);
- /* make sure the context is valid */
- if((context==NULL)||(context->type!=type)||(needMulti&&!(context->multi))){
- pk11_FreeSession(session);
- return CKR_OPERATION_NOT_INITIALIZED;
- }
- *contextPtr = context;
- if (sessionPtr != NULL) {
- *sessionPtr = session;
- } else {
- pk11_FreeSession(session);
- }
- return CKR_OK;
-}
-
-/*
- ************** Crypto Functions: Encrypt ************************
- */
-
-/*
- * All the NSC_InitXXX functions have a set of common checks and processing they
- * all need to do at the beginning. This is done here.
- */
-static CK_RV
-pk11_InitGeneric(PK11Session *session,PK11SessionContext **contextPtr,
- PK11ContextType ctype,PK11Object **keyPtr,
- CK_OBJECT_HANDLE hKey, CK_KEY_TYPE *keyTypePtr,
- CK_OBJECT_CLASS pubKeyType, CK_ATTRIBUTE_TYPE operation)
-{
- PK11Object *key = NULL;
- PK11Attribute *att;
- PK11SessionContext *context;
-
- /* We can only init if there is not current context active */
- if (pk11_ReturnContextByType(session,ctype) != NULL) {
- return CKR_OPERATION_ACTIVE;
- }
-
- /* find the key */
- if (keyPtr) {
- unsigned int size;
- key = pk11_ObjectFromHandle(hKey,session);
- if (key == NULL) {
- return CKR_KEY_HANDLE_INVALID;
- }
-
- /* make sure it's a valid key for this operation */
- if (((key->objclass != CKO_SECRET_KEY) && (key->objclass != pubKeyType))
- || !pk11_isTrue(key,operation)) {
- pk11_FreeObject(key);
- return CKR_KEY_TYPE_INCONSISTENT;
- }
- /* get the key type */
- att = pk11_FindAttribute(key,CKA_KEY_TYPE);
- PORT_Assert(att != NULL);
- size = sizeof(CK_KEY_TYPE);
- if (att->attrib.ulValueLen < size) {
- CK_KEY_TYPE kt;
- int i;
- int shift;
-#ifdef IS_LITTLE_ENDIAN
- shift = 0;
-#else
- shift = (att->attrib.ulValueLen - 1) * 8;
-#endif
- kt = 0;
- for (i=att->attrib.ulValueLen - 1; i>=0; i--) {
- kt |= ((unsigned char *)att->attrib.pValue)[i] << shift;
-#ifdef IS_LITTLE_ENDIAN
- shift += 8;
-#else
- shift -= 8;
-#endif
- }
- *keyTypePtr = kt;
- } else {
- *keyTypePtr = *((CK_KEY_TYPE *)att->attrib.pValue);
- }
- pk11_FreeAttribute(att);
- *keyPtr = key;
- }
-
- /* allocate the context structure */
- context = (PK11SessionContext *)PORT_Alloc(sizeof(PK11SessionContext));
- if (context == NULL) {
- if (key) pk11_FreeObject(key);
- return CKR_HOST_MEMORY;
- }
- context->type = ctype;
- context->multi = PR_TRUE;
- context->cipherInfo = NULL;
- context->hashInfo = NULL;
- context->doPad = PR_FALSE;
- context->padDataLength = 0;
- context->key = key;
- context->blockSize = 0;
-
- *contextPtr = context;
- return CKR_OK;
-}
-
-/* NSC_CryptInit initializes an encryption/Decryption operation. */
-/* This function is used by NSC_EncryptInit, NSC_DecryptInit,
- * NSC_WrapKey, NSC_UnwrapKey,
- * NSC_SignInit, NSC_VerifyInit (via pk11_InitCBCMac),
- * The only difference in their uses is the value of etype.
- */
-static CK_RV
-pk11_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE etype,
- PK11ContextType contextType, PRBool isEncrypt)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- PK11Attribute *att;
- CK_RC2_CBC_PARAMS *rc2_param;
-#if NSS_SOFTOKEN_DOES_RC5
- CK_RC5_CBC_PARAMS *rc5_param;
- SECItem rc5Key;
-#endif
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- unsigned effectiveKeyLength;
- unsigned char newdeskey[8];
- PRBool useNewKey=PR_FALSE;
- int t;
-
- crv = pk11_MechAllowsOperation(pMechanism->mechanism, etype);
- if (crv != CKR_OK)
- return crv;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
- crv = pk11_InitGeneric(session,&context,contextType,&key,hKey,&key_type,
- isEncrypt ?CKO_PUBLIC_KEY:CKO_PRIVATE_KEY, etype);
-
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->doPad = PR_FALSE;
- switch(pMechanism->mechanism) {
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- if (key_type != CKK_RSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- context->cipherInfo = isEncrypt ?
- (void *)pk11_GetPubKey(key,CKK_RSA,&crv) :
- (void *)pk11_GetPrivKey(key,CKK_RSA,&crv);
- if (context->cipherInfo == NULL) {
- break;
- }
- if (isEncrypt) {
- context->update = (PK11Cipher)
- (pMechanism->mechanism == CKM_RSA_X_509
- ? RSA_EncryptRaw : RSA_EncryptBlock);
- } else {
- context->update = (PK11Cipher)
- (pMechanism->mechanism == CKM_RSA_X_509
- ? RSA_DecryptRaw : RSA_DecryptBlock);
- }
- context->destroy = pk11_Null;
- break;
- case CKM_RC2_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- context->blockSize = 8;
- if (key_type != CKK_RC2) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- rc2_param = (CK_RC2_CBC_PARAMS *)pMechanism->pParameter;
- effectiveKeyLength = (rc2_param->ulEffectiveBits+7)/8;
- context->cipherInfo =
- RC2_CreateContext((unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen, rc2_param->iv,
- pMechanism->mechanism == CKM_RC2_ECB ? NSS_RC2 :
- NSS_RC2_CBC,effectiveKeyLength);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? RC2_Encrypt : RC2_Decrypt);
- context->destroy = (PK11Destroy) RC2_DestroyContext;
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- if (key_type != CKK_RC5) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- rc5_param = (CK_RC5_CBC_PARAMS *)pMechanism->pParameter;
- context->blockSize = rc5_param->ulWordsize*2;
- rc5Key.data = (unsigned char*)att->attrib.pValue;
- rc5Key.len = att->attrib.ulValueLen;
- context->cipherInfo = RC5_CreateContext(&rc5Key,rc5_param->ulRounds,
- rc5_param->ulWordsize,rc5_param->pIv,
- pMechanism->mechanism == CKM_RC5_ECB ? NSS_RC5 : NSS_RC5_CBC);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? RC5_Encrypt : RC5_Decrypt);
- context->destroy = (PK11Destroy) RC5_DestroyContext;
- break;
-#endif
- case CKM_RC4:
- if (key_type != CKK_RC4) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- context->cipherInfo =
- RC4_CreateContext((unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY; /* WRONG !!! */
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? RC4_Encrypt : RC4_Decrypt);
- context->destroy = (PK11Destroy) RC4_DestroyContext;
- break;
- case CKM_CDMF_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- if (key_type != CKK_CDMF) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = (pMechanism->mechanism == CKM_CDMF_ECB) ? NSS_DES : NSS_DES_CBC;
- useNewKey=PR_TRUE;
- if (crv != CKR_OK) break;
- goto finish_des;
- case CKM_DES_ECB:
- if (key_type != CKK_DES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES;
- goto finish_des;
- case CKM_DES_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_DES_CBC:
- if (key_type != CKK_DES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES_CBC;
- goto finish_des;
- case CKM_DES3_ECB:
- if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES_EDE3;
- goto finish_des;
- case CKM_DES3_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_DES3_CBC:
- if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES_EDE3_CBC;
-finish_des:
- context->blockSize = 8;
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- if (useNewKey) {
- crv = pk11_cdmf2des((unsigned char*)att->attrib.pValue,newdeskey);
- if (crv != CKR_OK) {
- pk11_FreeAttribute(att);
- break;
- }
- }
- context->cipherInfo = DES_CreateContext(
- useNewKey ? newdeskey : (unsigned char*)att->attrib.pValue,
- (unsigned char*)pMechanism->pParameter,t, isEncrypt);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? DES_Encrypt : DES_Decrypt);
- context->destroy = (PK11Destroy) DES_DestroyContext;
- break;
-
- case CKM_AES_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- context->blockSize = 16;
- if (key_type != CKK_AES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- context->cipherInfo = AES_CreateContext(
- (unsigned char*)att->attrib.pValue,
- (unsigned char*)pMechanism->pParameter,
- pMechanism->mechanism == CKM_AES_ECB ? NSS_AES : NSS_AES_CBC,
- isEncrypt, att->attrib.ulValueLen, 16);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? AES_Encrypt : AES_Decrypt);
- context->destroy = (PK11Destroy) AES_DestroyContext;
- break;
-
- case CKM_NETSCAPE_AES_KEY_WRAP_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_NETSCAPE_AES_KEY_WRAP:
- context->multi = PR_FALSE;
- context->blockSize = 8;
- if (key_type != CKK_AES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- context->cipherInfo = AESKeyWrap_CreateContext(
- (unsigned char*)att->attrib.pValue,
- (unsigned char*)pMechanism->pParameter,
- isEncrypt, att->attrib.ulValueLen);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? AESKeyWrap_Encrypt
- : AESKeyWrap_Decrypt);
- context->destroy = (PK11Destroy) AESKeyWrap_DestroyContext;
- break;
-
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, contextType, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_EncryptInit initializes an encryption operation. */
-CK_RV NSC_EncryptInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
- return pk11_CryptInit(hSession, pMechanism, hKey, CKA_ENCRYPT,
- PK11_ENCRYPT, PR_TRUE);
-}
-
-/* NSC_EncryptUpdate continues a multiple-part encryption operation. */
-CK_RV NSC_EncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen)
-{
- PK11SessionContext *context;
- unsigned int outlen,i;
- unsigned int padoutlen = 0;
- unsigned int maxout = *pulEncryptedPartLen;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_TRUE,NULL);
- if (crv != CKR_OK) return crv;
-
- /* do padding */
- if (context->doPad) {
- /* deal with previous buffered data */
- if (context->padDataLength != 0) {
- /* fill in the padded to a full block size */
- for (i=context->padDataLength;
- (ulPartLen != 0) && i < context->blockSize; i++) {
- context->padBuf[i] = *pPart++;
- ulPartLen--;
- context->padDataLength++;
- }
-
- /* not enough data to encrypt yet? then return */
- if (context->padDataLength != context->blockSize) {
- *pulEncryptedPartLen = 0;
- return CKR_OK;
- }
- /* encrypt the current padded data */
- rv = (*context->update)(context->cipherInfo, pEncryptedPart,
- &padoutlen, context->blockSize, context->padBuf,
- context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- pEncryptedPart += padoutlen;
- maxout -= padoutlen;
- }
- /* save the residual */
- context->padDataLength = ulPartLen % context->blockSize;
- if (context->padDataLength) {
- PORT_Memcpy(context->padBuf,
- &pPart[ulPartLen-context->padDataLength],
- context->padDataLength);
- ulPartLen -= context->padDataLength;
- }
- /* if we've exhausted our new buffer, we're done */
- if (ulPartLen == 0) {
- *pulEncryptedPartLen = padoutlen;
- return CKR_OK;
- }
- }
-
-
- /* do it: NOTE: this assumes buf size in is >= buf size out! */
- rv = (*context->update)(context->cipherInfo,pEncryptedPart,
- &outlen, maxout, pPart, ulPartLen);
- *pulEncryptedPartLen = (CK_ULONG) (outlen + padoutlen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/* NSC_EncryptFinal finishes a multiple-part encryption operation. */
-CK_RV NSC_EncryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen,i;
- unsigned int maxout = *pulLastEncryptedPartLen;
- CK_RV crv;
- SECStatus rv = SECSuccess;
- PRBool contextFinished = PR_TRUE;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- *pulLastEncryptedPartLen = 0;
- if (!pLastEncryptedPart) {
- /* caller is checking the amount of remaining data */
- if (context->blockSize > 0 && context->doPad) {
- *pulLastEncryptedPartLen = context->blockSize;
- contextFinished = PR_FALSE; /* still have padding to go */
- }
- goto finish;
- }
-
- /* do padding */
- if (context->doPad) {
- unsigned char padbyte = (unsigned char)
- (context->blockSize - context->padDataLength);
- /* fill out rest of pad buffer with pad magic*/
- for (i=context->padDataLength; i < context->blockSize; i++) {
- context->padBuf[i] = padbyte;
- }
- rv = (*context->update)(context->cipherInfo,pLastEncryptedPart,
- &outlen, maxout, context->padBuf, context->blockSize);
- if (rv == SECSuccess) *pulLastEncryptedPartLen = (CK_ULONG) outlen;
- }
-
-finish:
- if (contextFinished) {
- pk11_SetContextByType(session, PK11_ENCRYPT, NULL);
- pk11_FreeContext(context);
- }
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Encrypt encrypts single-part data. */
-CK_RV NSC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulEncryptedDataLen;
- CK_RV crv;
- CK_RV crv2;
- SECStatus rv = SECSuccess;
- SECItem pText;
-
- pText.type = siBuffer;
- pText.data = pData;
- pText.len = ulDataLen;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- if (!pEncryptedData) {
- *pulEncryptedDataLen = ulDataLen + 2 * context->blockSize;
- goto finish;
- }
-
- if (context->doPad) {
- if (context->multi) {
- CK_ULONG finalLen;
- /* padding is fairly complicated, have the update and final
- * code deal with it */
- pk11_FreeSession(session);
- crv = NSC_EncryptUpdate(hSession, pData, ulDataLen, pEncryptedData,
- pulEncryptedDataLen);
- if (crv != CKR_OK)
- *pulEncryptedDataLen = 0;
- maxoutlen -= *pulEncryptedDataLen;
- pEncryptedData += *pulEncryptedDataLen;
- finalLen = maxoutlen;
- crv2 = NSC_EncryptFinal(hSession, pEncryptedData, &finalLen);
- if (crv2 == CKR_OK)
- *pulEncryptedDataLen += finalLen;
- return crv == CKR_OK ? crv2 : crv;
- }
- /* doPad without multi means that padding must be done on the first
- ** and only update. There will be no final.
- */
- PORT_Assert(context->blockSize > 1);
- if (context->blockSize > 1) {
- CK_ULONG remainder = ulDataLen % context->blockSize;
- CK_ULONG padding = context->blockSize - remainder;
- pText.len += padding;
- pText.data = PORT_ZAlloc(pText.len);
- if (pText.data) {
- memcpy(pText.data, pData, ulDataLen);
- memset(pText.data + ulDataLen, padding, padding);
- } else {
- crv = CKR_HOST_MEMORY;
- goto fail;
- }
- }
- }
-
- /* do it: NOTE: this assumes buf size is big enough. */
- rv = (*context->update)(context->cipherInfo, pEncryptedData,
- &outlen, maxoutlen, pText.data, pText.len);
- crv = (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
- *pulEncryptedDataLen = (CK_ULONG) outlen;
- if (pText.data != pData)
- PORT_ZFree(pText.data, pText.len);
-fail:
- pk11_SetContextByType(session, PK11_ENCRYPT, NULL);
- pk11_FreeContext(context);
-finish:
- pk11_FreeSession(session);
-
- return crv;
-}
-
-
-/*
- ************** Crypto Functions: Decrypt ************************
- */
-
-/* NSC_DecryptInit initializes a decryption operation. */
-CK_RV NSC_DecryptInit( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
- return pk11_CryptInit(hSession, pMechanism, hKey, CKA_DECRYPT,
- PK11_DECRYPT, PR_FALSE);
-}
-
-/* NSC_DecryptUpdate continues a multiple-part decryption operation. */
-CK_RV NSC_DecryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
-{
- PK11SessionContext *context;
- unsigned int padoutlen = 0;
- unsigned int outlen;
- unsigned int maxout = *pulPartLen;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_TRUE,NULL);
- if (crv != CKR_OK) return crv;
-
- if (context->doPad) {
- /* first decrypt our saved buffer */
- if (context->padDataLength != 0) {
- rv = (*context->update)(context->cipherInfo, pPart, &padoutlen,
- maxout, context->padBuf, context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- pPart += padoutlen;
- maxout -= padoutlen;
- }
- /* now save the final block for the next decrypt or the final */
- PORT_Memcpy(context->padBuf,&pEncryptedPart[ulEncryptedPartLen -
- context->blockSize], context->blockSize);
- context->padDataLength = context->blockSize;
- ulEncryptedPartLen -= context->padDataLength;
- }
-
- /* do it: NOTE: this assumes buf size in is >= buf size out! */
- rv = (*context->update)(context->cipherInfo,pPart, &outlen,
- maxout, pEncryptedPart, ulEncryptedPartLen);
- *pulPartLen = (CK_ULONG) (outlen + padoutlen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/* NSC_DecryptFinal finishes a multiple-part decryption operation. */
-CK_RV NSC_DecryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxout = *pulLastPartLen;
- CK_RV crv;
- SECStatus rv = SECSuccess;
- PRBool contextFinished = PR_TRUE;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- *pulLastPartLen = 0;
- if (!pLastPart) {
- /* caller is checking the amount of remaining data */
- if (context->padDataLength > 0) {
- *pulLastPartLen = 2 * context->blockSize;
- contextFinished = PR_FALSE; /* still have padding to go */
- }
- goto finish;
- }
-
- if (context->doPad) {
- /* decrypt our saved buffer */
- if (context->padDataLength != 0) {
- /* this assumes that pLastPart is big enough to hold the *whole*
- * buffer!!! */
- rv = (*context->update)(context->cipherInfo, pLastPart, &outlen,
- maxout, context->padBuf, context->blockSize);
- if (rv == SECSuccess) {
- unsigned int padSize =
- (unsigned int) pLastPart[context->blockSize-1];
- if ((padSize > context->blockSize) || (padSize == 0)) {
- rv = SECFailure;
- } else {
- *pulLastPartLen = outlen - padSize;
- }
- }
- }
- }
-
-finish:
- if (contextFinished) {
- pk11_SetContextByType(session, PK11_DECRYPT, NULL);
- pk11_FreeContext(context);
- }
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Decrypt decrypts encrypted data in a single part. */
-CK_RV NSC_Decrypt(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,CK_ULONG ulEncryptedDataLen,CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulDataLen;
- CK_RV crv;
- CK_RV crv2;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- if (!pData) {
- *pulDataLen = ulEncryptedDataLen + context->blockSize;
- goto finish;
- }
-
- if (context->doPad && context->multi) {
- CK_ULONG finalLen;
- /* padding is fairly complicated, have the update and final
- * code deal with it */
- pk11_FreeSession(session);
- crv = NSC_DecryptUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
- pData, pulDataLen);
- if (crv != CKR_OK)
- *pulDataLen = 0;
- maxoutlen -= *pulDataLen;
- pData += *pulDataLen;
- finalLen = maxoutlen;
- crv2 = NSC_DecryptFinal(hSession, pData, &finalLen);
- if (crv2 == CKR_OK)
- *pulDataLen += finalLen;
- return crv == CKR_OK ? crv2 : crv;
- }
-
- rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen,
- pEncryptedData, ulEncryptedDataLen);
- /* XXX need to do MUCH better error mapping than this. */
- crv = (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
- if (rv == SECSuccess && context->doPad) {
- CK_ULONG padding = pData[outlen - 1];
- if (padding > context->blockSize || !padding) {
- crv = CKR_ENCRYPTED_DATA_INVALID;
- } else
- outlen -= padding;
- }
- *pulDataLen = (CK_ULONG) outlen;
- pk11_SetContextByType(session, PK11_DECRYPT, NULL);
- pk11_FreeContext(context);
-finish:
- pk11_FreeSession(session);
- return crv;
-}
-
-
-
-/*
- ************** Crypto Functions: Digest (HASH) ************************
- */
-
-/* NSC_DigestInit initializes a message-digesting operation. */
-CK_RV NSC_DigestInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism)
-{
- PK11Session *session;
- PK11SessionContext *context;
- CK_RV crv = CKR_OK;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL)
- return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_HASH,NULL,0,NULL, 0, 0);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
-
-#define INIT_MECH(mech,mmm) \
- case mech: { \
- mmm ## Context * mmm ## _ctx = mmm ## _NewContext(); \
- context->cipherInfo = (void *)mmm ## _ctx; \
- context->cipherInfoLen = mmm ## _FlattenSize(mmm ## _ctx); \
- context->currentMech = mech; \
- context->hashUpdate = (PK11Hash) mmm ## _Update; \
- context->end = (PK11End) mmm ## _End; \
- context->destroy = (PK11Destroy) mmm ## _DestroyContext; \
- context->maxLen = mmm ## _LENGTH; \
- if (mmm ## _ctx) \
- mmm ## _Begin(mmm ## _ctx); \
- else \
- crv = CKR_HOST_MEMORY; \
- break; \
- }
-
- switch(pMechanism->mechanism) {
- INIT_MECH(CKM_MD2, MD2)
- INIT_MECH(CKM_MD5, MD5)
- INIT_MECH(CKM_SHA_1, SHA1)
- INIT_MECH(CKM_SHA256, SHA256)
- INIT_MECH(CKM_SHA384, SHA384)
- INIT_MECH(CKM_SHA512, SHA512)
-
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_HASH, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* NSC_Digest digests data in a single part. */
-CK_RV NSC_Digest(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int digestLen;
- unsigned int maxout = *pulDigestLen;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_HASH,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- if (pDigest == NULL) {
- *pulDigestLen = context->maxLen;
- goto finish;
- }
-
- /* do it: */
- (*context->hashUpdate)(context->cipherInfo, pData, ulDataLen);
- /* NOTE: this assumes buf size is bigenough for the algorithm */
- (*context->end)(context->cipherInfo, pDigest, &digestLen,maxout);
- *pulDigestLen = digestLen;
-
- pk11_SetContextByType(session, PK11_HASH, NULL);
- pk11_FreeContext(context);
-finish:
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* NSC_DigestUpdate continues a multiple-part message-digesting operation. */
-CK_RV NSC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen)
-{
- PK11SessionContext *context;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_HASH,PR_TRUE,NULL);
- if (crv != CKR_OK) return crv;
- /* do it: */
- (*context->hashUpdate)(context->cipherInfo, pPart, ulPartLen);
- return CKR_OK;
-}
-
-
-/* NSC_DigestFinal finishes a multiple-part message-digesting operation. */
-CK_RV NSC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int maxout = *pulDigestLen;
- unsigned int digestLen;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, &session);
- if (crv != CKR_OK) return crv;
-
- if (pDigest != NULL) {
- (*context->end)(context->cipherInfo, pDigest, &digestLen, maxout);
- *pulDigestLen = digestLen;
- pk11_SetContextByType(session, PK11_HASH, NULL);
- pk11_FreeContext(context);
- } else {
- *pulDigestLen = context->maxLen;
- }
-
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/*
- * these helper functions are used by Generic Macing and Signing functions
- * that use hashes as part of their operations.
- */
-#define DOSUB(mmm) \
-static CK_RV \
-pk11_doSub ## mmm(PK11SessionContext *context) { \
- mmm ## Context * mmm ## _ctx = mmm ## _NewContext(); \
- context->hashInfo = (void *) mmm ## _ctx; \
- context->hashUpdate = (PK11Hash) mmm ## _Update; \
- context->end = (PK11End) mmm ## _End; \
- context->hashdestroy = (PK11Destroy) mmm ## _DestroyContext; \
- if (!context->hashInfo) { \
- return CKR_HOST_MEMORY; \
- } \
- mmm ## _Begin( mmm ## _ctx ); \
- return CKR_OK; \
-}
-
-DOSUB(MD2)
-DOSUB(MD5)
-DOSUB(SHA1)
-DOSUB(SHA256)
-DOSUB(SHA384)
-DOSUB(SHA512)
-
-/*
- * HMAC General copies only a portion of the result. This update routine likes
- * the final HMAC output with the signature.
- */
-static SECStatus
-pk11_HMACCopy(CK_ULONG *copyLen,unsigned char *sig,unsigned int *sigLen,
- unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
- if (maxLen < *copyLen) return SECFailure;
- PORT_Memcpy(sig,hash,*copyLen);
- *sigLen = *copyLen;
- return SECSuccess;
-}
-
-/* Verify is just a compare for HMAC */
-static SECStatus
-pk11_HMACCmp(CK_ULONG *copyLen,unsigned char *sig,unsigned int sigLen,
- unsigned char *hash, unsigned int hashLen)
-{
- return PORT_Memcmp(sig,hash,*copyLen) ? SECSuccess : SECFailure ;
-}
-
-/*
- * common HMAC initalization routine
- */
-static CK_RV
-pk11_doHMACInit(PK11SessionContext *context,HASH_HashType hash,
- PK11Object *key, CK_ULONG mac_size)
-{
- PK11Attribute *keyval;
- HMACContext *HMACcontext;
- CK_ULONG *intpointer;
- const SECHashObject *hashObj = &SECRawHashObjects[hash];
- PRBool isFIPS = (key->slot->slotID == FIPS_SLOT_ID);
-
- /* required by FIPS 198 Section 4 */
- if (isFIPS && (mac_size < 4 || mac_size < hashObj->length/2)) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- keyval = pk11_FindAttribute(key,CKA_VALUE);
- if (keyval == NULL) return CKR_KEY_SIZE_RANGE;
-
- HMACcontext = HMAC_Create(hashObj,
- (const unsigned char*)keyval->attrib.pValue,
- keyval->attrib.ulValueLen, isFIPS);
- context->hashInfo = HMACcontext;
- context->multi = PR_TRUE;
- pk11_FreeAttribute(keyval);
- if (context->hashInfo == NULL) {
- if (PORT_GetError() == SEC_ERROR_INVALID_ARGS) {
- return CKR_KEY_SIZE_RANGE;
- }
- return CKR_HOST_MEMORY;
- }
- context->hashUpdate = (PK11Hash) HMAC_Update;
- context->end = (PK11End) HMAC_Finish;
-
- context->hashdestroy = (PK11Destroy) pk11_HMAC_Destroy;
- intpointer = (CK_ULONG *) PORT_Alloc(sizeof(CK_ULONG));
- if (intpointer == NULL) {
- return CKR_HOST_MEMORY;
- }
- *intpointer = mac_size;
- context->cipherInfo = (void *) intpointer;
- context->destroy = (PK11Destroy) pk11_Space;
- context->update = (PK11Cipher) pk11_HMACCopy;
- context->verify = (PK11Verify) pk11_HMACCmp;
- context->maxLen = hashObj->length;
- HMAC_Begin(HMACcontext);
- return CKR_OK;
-}
-
-/*
- * SSL Macing support. SSL Macs are inited, then update with the base
- * hashing algorithm, then finalized in sign and verify
- */
-
-/*
- * FROM SSL:
- * 60 bytes is 3 times the maximum length MAC size that is supported.
- * We probably should have one copy of this table. We still need this table
- * in ssl to 'sign' the handshake hashes.
- */
-static unsigned char ssl_pad_1 [60] = {
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36
-};
-static unsigned char ssl_pad_2 [60] = {
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c
-};
-
-static SECStatus
-pk11_SSLMACSign(PK11SSLMACInfo *info,unsigned char *sig,unsigned int *sigLen,
- unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
- unsigned char tmpBuf[PK11_MAX_MAC_LENGTH];
- unsigned int out;
-
- info->begin(info->hashContext);
- info->update(info->hashContext,info->key,info->keySize);
- info->update(info->hashContext,ssl_pad_2,info->padSize);
- info->update(info->hashContext,hash,hashLen);
- info->end(info->hashContext,tmpBuf,&out,PK11_MAX_MAC_LENGTH);
- PORT_Memcpy(sig,tmpBuf,info->macSize);
- *sigLen = info->macSize;
- return SECSuccess;
-}
-
-static SECStatus
-pk11_SSLMACVerify(PK11SSLMACInfo *info,unsigned char *sig,unsigned int sigLen,
- unsigned char *hash, unsigned int hashLen)
-{
- unsigned char tmpBuf[PK11_MAX_MAC_LENGTH];
- unsigned int out;
-
- info->begin(info->hashContext);
- info->update(info->hashContext,info->key,info->keySize);
- info->update(info->hashContext,ssl_pad_2,info->padSize);
- info->update(info->hashContext,hash,hashLen);
- info->end(info->hashContext,tmpBuf,&out,PK11_MAX_MAC_LENGTH);
- return (PORT_Memcmp(sig,tmpBuf,info->macSize) == 0) ?
- SECSuccess : SECFailure;
-}
-
-/*
- * common HMAC initalization routine
- */
-static CK_RV
-pk11_doSSLMACInit(PK11SessionContext *context,SECOidTag oid,
- PK11Object *key, CK_ULONG mac_size)
-{
- PK11Attribute *keyval;
- PK11Begin begin;
- int padSize;
- PK11SSLMACInfo *sslmacinfo;
- CK_RV crv = CKR_MECHANISM_INVALID;
-
- if (oid == SEC_OID_SHA1) {
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) return crv;
- begin = (PK11Begin) SHA1_Begin;
- padSize = 40;
- } else {
- crv = pk11_doSubMD5(context);
- if (crv != CKR_OK) return crv;
- begin = (PK11Begin) MD5_Begin;
- padSize = 48;
- }
- context->multi = PR_TRUE;
-
- keyval = pk11_FindAttribute(key,CKA_VALUE);
- if (keyval == NULL) return CKR_KEY_SIZE_RANGE;
-
- context->hashUpdate(context->hashInfo,keyval->attrib.pValue,
- keyval->attrib.ulValueLen);
- context->hashUpdate(context->hashInfo,ssl_pad_1,padSize);
- sslmacinfo = (PK11SSLMACInfo *) PORT_Alloc(sizeof(PK11SSLMACInfo));
- if (sslmacinfo == NULL) {
- pk11_FreeAttribute(keyval);
- return CKR_HOST_MEMORY;
- }
- sslmacinfo->macSize = mac_size;
- sslmacinfo->hashContext = context->hashInfo;
- PORT_Memcpy(sslmacinfo->key,keyval->attrib.pValue,
- keyval->attrib.ulValueLen);
- sslmacinfo->keySize = keyval->attrib.ulValueLen;
- sslmacinfo->begin = begin;
- sslmacinfo->end = context->end;
- sslmacinfo->update = context->hashUpdate;
- sslmacinfo->padSize = padSize;
- pk11_FreeAttribute(keyval);
- context->cipherInfo = (void *) sslmacinfo;
- context->destroy = (PK11Destroy) pk11_Space;
- context->update = (PK11Cipher) pk11_SSLMACSign;
- context->verify = (PK11Verify) pk11_SSLMACVerify;
- context->maxLen = mac_size;
- return CKR_OK;
-}
-
-/*
- ************** Crypto Functions: Sign ************************
- */
-
-/*
- * Check if We're using CBCMacing and initialize the session context if we are.
- */
-static CK_RV
-pk11_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE keyUsage,
- PK11ContextType contextType)
-
-{
- CK_MECHANISM cbc_mechanism;
- CK_ULONG mac_bytes = PK11_INVALID_MAC_SIZE;
- CK_RC2_CBC_PARAMS rc2_params;
-#if NSS_SOFTOKEN_DOES_RC5
- CK_RC5_CBC_PARAMS rc5_params;
- CK_RC5_MAC_GENERAL_PARAMS *rc5_mac;
-#endif
- unsigned char ivBlock[PK11_MAX_BLOCK_SIZE];
- PK11SessionContext *context;
- CK_RV crv;
- int blockSize;
-
- switch (pMechanism->mechanism) {
- case CKM_RC2_MAC_GENERAL:
- mac_bytes =
- ((CK_RC2_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
- /* fall through */
- case CKM_RC2_MAC:
- /* this works because ulEffectiveBits is in the same place in both the
- * CK_RC2_MAC_GENERAL_PARAMS and CK_RC2_CBC_PARAMS */
- rc2_params.ulEffectiveBits = ((CK_RC2_MAC_GENERAL_PARAMS *)
- pMechanism->pParameter)->ulEffectiveBits;
- PORT_Memset(rc2_params.iv,0,sizeof(rc2_params.iv));
- cbc_mechanism.mechanism = CKM_RC2_CBC;
- cbc_mechanism.pParameter = &rc2_params;
- cbc_mechanism.ulParameterLen = sizeof(rc2_params);
- blockSize = 8;
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_MAC_GENERAL:
- mac_bytes =
- ((CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
- /* fall through */
- case CKM_RC5_MAC:
- /* this works because ulEffectiveBits is in the same place in both the
- * CK_RC5_MAC_GENERAL_PARAMS and CK_RC5_CBC_PARAMS */
- rc5_mac = (CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter;
- rc5_params.ulWordsize = rc5_mac->ulWordsize;
- rc5_params.ulRounds = rc5_mac->ulRounds;
- rc5_params.pIv = ivBlock;
- blockSize = rc5_mac->ulWordsize*2;
- rc5_params.ulIvLen = blockSize;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_RC5_CBC;
- cbc_mechanism.pParameter = &rc5_params;
- cbc_mechanism.ulParameterLen = sizeof(rc5_params);
- break;
-#endif
- /* add cast and idea later */
- case CKM_DES_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_DES_MAC:
- blockSize = 8;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_DES_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- case CKM_DES3_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_DES3_MAC:
- blockSize = 8;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_DES3_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- case CKM_CDMF_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_CDMF_MAC:
- blockSize = 8;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_CDMF_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- case CKM_AES_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_AES_MAC:
- blockSize = 16;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_AES_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- default:
- return CKR_FUNCTION_NOT_SUPPORTED;
- }
-
- crv = pk11_CryptInit(hSession, &cbc_mechanism, hKey, keyUsage,
- contextType, PR_TRUE);
- if (crv != CKR_OK) return crv;
- crv = pk11_GetContext(hSession,&context,contextType,PR_TRUE,NULL);
-
- /* this shouldn't happen! */
- PORT_Assert(crv == CKR_OK);
- if (crv != CKR_OK) return crv;
- context->blockSize = blockSize;
- if (mac_bytes == PK11_INVALID_MAC_SIZE) mac_bytes = blockSize/2;
- context->macSize = mac_bytes;
- return CKR_OK;
-}
-
-/*
- * encode RSA PKCS #1 Signature data before signing...
- */
-static SECStatus
-pk11_HashSign(PK11HashSignInfo *info,unsigned char *sig,unsigned int *sigLen,
- unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
-
- SECStatus rv = SECFailure;
- SECItem digder;
- PLArenaPool *arena = NULL;
- SGNDigestInfo *di = NULL;
-
- digder.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) { goto loser; }
-
- /* Construct digest info */
- di = SGN_CreateDigestInfo(info->hashOid, hash, hashLen);
- if (!di) { goto loser; }
-
- /* Der encode the digest as a DigestInfo */
- rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /*
- ** Encrypt signature after constructing appropriate PKCS#1 signature
- ** block
- */
- rv = RSA_Sign(info->key,sig,sigLen,maxLen,digder.data,digder.len);
-
- loser:
- SGN_DestroyDigestInfo(di);
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
-
-static SECStatus
-nsc_DSA_Verify_Stub(void *ctx, void *sigBuf, unsigned int sigLen,
- void *dataBuf, unsigned int dataLen)
-{
- SECItem signature, digest;
- NSSLOWKEYPublicKey *key = (NSSLOWKEYPublicKey *)ctx;
-
- signature.data = (unsigned char *)sigBuf;
- signature.len = sigLen;
- digest.data = (unsigned char *)dataBuf;
- digest.len = dataLen;
- return DSA_VerifyDigest(&(key->u.dsa), &signature, &digest);
-}
-
-static SECStatus
-nsc_DSA_Sign_Stub(void *ctx, void *sigBuf,
- unsigned int *sigLen, unsigned int maxSigLen,
- void *dataBuf, unsigned int dataLen)
-{
- SECItem signature = { 0 }, digest;
- SECStatus rv;
- NSSLOWKEYPrivateKey *key = (NSSLOWKEYPrivateKey *)ctx;
-
- (void)SECITEM_AllocItem(NULL, &signature, maxSigLen);
- digest.data = (unsigned char *)dataBuf;
- digest.len = dataLen;
- rv = DSA_SignDigest(&(key->u.dsa), &signature, &digest);
- *sigLen = signature.len;
- PORT_Memcpy(sigBuf, signature.data, signature.len);
- SECITEM_FreeItem(&signature, PR_FALSE);
- return rv;
-}
-
-#ifdef NSS_ENABLE_ECC
-static SECStatus
-nsc_ECDSAVerifyStub(void *ctx, void *sigBuf, unsigned int sigLen,
- void *dataBuf, unsigned int dataLen)
-{
- SECItem signature, digest;
- NSSLOWKEYPublicKey *key = (NSSLOWKEYPublicKey *)ctx;
-
- signature.data = (unsigned char *)sigBuf;
- signature.len = sigLen;
- digest.data = (unsigned char *)dataBuf;
- digest.len = dataLen;
- return ECDSA_VerifyDigest(&(key->u.ec), &signature, &digest);
-}
-
-static SECStatus
-nsc_ECDSASignStub(void *ctx, void *sigBuf,
- unsigned int *sigLen, unsigned int maxSigLen,
- void *dataBuf, unsigned int dataLen)
-{
- SECItem signature = { 0 }, digest;
- SECStatus rv;
- NSSLOWKEYPrivateKey *key = (NSSLOWKEYPrivateKey *)ctx;
-
- (void)SECITEM_AllocItem(NULL, &signature, maxSigLen);
- digest.data = (unsigned char *)dataBuf;
- digest.len = dataLen;
- rv = ECDSA_SignDigest(&(key->u.ec), &signature, &digest);
- *sigLen = signature.len;
- PORT_Memcpy(sigBuf, signature.data, signature.len);
- SECITEM_FreeItem(&signature, PR_FALSE);
- return rv;
-}
-#endif /* NSS_ENABLE_ECC */
-
-/* NSC_SignInit setups up the signing operations. There are three basic
- * types of signing:
- * (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied
- * to data in a single Sign operation (which often looks a lot like an
- * encrypt, with data coming in and data going out).
- * (2) Hash based signing, where we continually hash the data, then apply
- * some sort of signature to the end.
- * (3) Block Encryption CBC MAC's, where the Data is encrypted with a key,
- * and only the final block is part of the mac.
- *
- * For case number 3, we initialize a context much like the Encryption Context
- * (in fact we share code). We detect case 3 in C_SignUpdate, C_Sign, and
- * C_Final by the following method... if it's not multi-part, and it's doesn't
- * have a hash context, it must be a block Encryption CBC MAC.
- *
- * For case number 2, we initialize a hash structure, as well as make it
- * multi-part. Updates are simple calls to the hash update function. Final
- * calls the hashend, then passes the result to the 'update' function (which
- * operates as a final signature function). In some hash based MAC'ing (as
- * opposed to hash base signatures), the update function is can be simply a
- * copy (as is the case with HMAC).
- */
-CK_RV NSC_SignInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- NSSLOWKEYPrivateKey *privKey;
- PK11HashSignInfo *info = NULL;
-
- /* Block Cipher MACing Algorithms use a different Context init method..*/
- crv = pk11_InitCBCMac(hSession, pMechanism, hKey, CKA_SIGN, PK11_SIGN);
- if (crv != CKR_FUNCTION_NOT_SUPPORTED) return crv;
-
- /* we're not using a block cipher mac */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_SIGN,&key,hKey,&key_type,
- CKO_PRIVATE_KEY,CKA_SIGN);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->multi = PR_FALSE;
-
-#define INIT_RSA_SIGN_MECH(mmm) \
- case CKM_ ## mmm ## _RSA_PKCS: \
- context->multi = PR_TRUE; \
- crv = pk11_doSub ## mmm (context); \
- if (crv != CKR_OK) break; \
- context->update = (PK11Cipher) pk11_HashSign; \
- info = PORT_New(PK11HashSignInfo); \
- if (info == NULL) { crv = CKR_HOST_MEMORY; break; } \
- info->hashOid = SEC_OID_ ## mmm ; \
- goto finish_rsa;
-
- switch(pMechanism->mechanism) {
- INIT_RSA_SIGN_MECH(MD5)
- INIT_RSA_SIGN_MECH(MD2)
- INIT_RSA_SIGN_MECH(SHA1)
- INIT_RSA_SIGN_MECH(SHA256)
- INIT_RSA_SIGN_MECH(SHA384)
- INIT_RSA_SIGN_MECH(SHA512)
-
- case CKM_RSA_PKCS:
- context->update = (PK11Cipher) RSA_Sign;
- goto finish_rsa;
- case CKM_RSA_X_509:
- context->update = (PK11Cipher) RSA_SignRaw;
-finish_rsa:
- if (key_type != CKK_RSA) {
- if (info) PORT_Free(info);
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- privKey = pk11_GetPrivKey(key,CKK_RSA,&crv);
- if (privKey == NULL) {
- if (info) PORT_Free(info);
- break;
- }
- /* OK, info is allocated only if we're doing hash and sign mechanism.
- * It's necessary to be able to set the correct OID in the final
- * signature.
- */
- if (info) {
- info->key = privKey;
- context->cipherInfo = info;
- context->destroy = (PK11Destroy)pk11_Space;
- } else {
- context->cipherInfo = privKey;
- context->destroy = (PK11Destroy)pk11_Null;
- }
- context->maxLen = nsslowkey_PrivateModulusLen(privKey);
- break;
-
- case CKM_DSA_SHA1:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- /* fall through */
- case CKM_DSA:
- if (key_type != CKK_DSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- privKey = pk11_GetPrivKey(key,CKK_DSA,&crv);
- if (privKey == NULL) {
- break;
- }
- context->cipherInfo = privKey;
- context->update = (PK11Cipher) nsc_DSA_Sign_Stub;
- context->destroy = (privKey == key->objectInfo) ?
- (PK11Destroy) pk11_Null:(PK11Destroy)pk11_FreePrivKey;
- context->maxLen = DSA_SIGNATURE_LEN;
-
- break;
-
-#ifdef NSS_ENABLE_ECC
- case CKM_ECDSA_SHA1:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- /* fall through */
- case CKM_ECDSA:
- if (key_type != CKK_EC) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- privKey = pk11_GetPrivKey(key,CKK_EC,&crv);
- if (privKey == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->cipherInfo = privKey;
- context->update = (PK11Cipher) nsc_ECDSASignStub;
- context->destroy = (privKey == key->objectInfo) ?
- (PK11Destroy) pk11_Null:(PK11Destroy)pk11_FreePrivKey;
- context->maxLen = MAX_ECKEY_LEN * 2;
-
- break;
-#endif /* NSS_ENABLE_ECC */
-
-#define INIT_HMAC_MECH(mmm) \
- case CKM_ ## mmm ## _HMAC_GENERAL: \
- crv = pk11_doHMACInit(context, HASH_Alg ## mmm ,key, \
- *(CK_ULONG *)pMechanism->pParameter); \
- break; \
- case CKM_ ## mmm ## _HMAC: \
- crv = pk11_doHMACInit(context, HASH_Alg ## mmm ,key, mmm ## _LENGTH); \
- break;
-
- INIT_HMAC_MECH(MD2)
- INIT_HMAC_MECH(MD5)
- INIT_HMAC_MECH(SHA256)
- INIT_HMAC_MECH(SHA384)
- INIT_HMAC_MECH(SHA512)
-
- case CKM_SHA_1_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SHA_1_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,SHA1_LENGTH);
- break;
-
- case CKM_SSL3_MD5_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_MD5,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SSL3_SHA1_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_SHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_TLS_PRF_GENERAL:
- crv = pk11_TLSPRFInit(context, key, key_type);
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_SIGN, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* MACUpdate is the common implementation for SignUpdate and VerifyUpdate.
- * (sign and verify only very in their setup and final operations) */
-static CK_RV
-pk11_MACUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,PK11ContextType type)
-{
- unsigned int outlen;
- PK11SessionContext *context;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,type,PR_FALSE,NULL);
- if (crv != CKR_OK) return crv;
-
- if (context->hashInfo) {
- (*context->hashUpdate)(context->hashInfo, pPart, ulPartLen);
- return CKR_OK;
- }
-
- /* must be block cipher macing */
-
- /* deal with previous buffered data */
- if (context->padDataLength != 0) {
- int i;
- /* fill in the padded to a full block size */
- for (i=context->padDataLength; (ulPartLen != 0) &&
- i < (int)context->blockSize; i++) {
- context->padBuf[i] = *pPart++;
- ulPartLen--;
- context->padDataLength++;
- }
-
- /* not enough data to encrypt yet? then return */
- if (context->padDataLength != context->blockSize) return CKR_OK;
- /* encrypt the current padded data */
- rv = (*context->update)(context->cipherInfo,context->macBuf,&outlen,
- PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- }
-
- /* save the residual */
- context->padDataLength = ulPartLen % context->blockSize;
- if (context->padDataLength) {
- PORT_Memcpy(context->padBuf,
- &pPart[ulPartLen-context->padDataLength],
- context->padDataLength);
- ulPartLen -= context->padDataLength;
- }
-
- /* if we've exhausted our new buffer, we're done */
- if (ulPartLen == 0) { return CKR_OK; }
-
- /* run the data through out encrypter */
- while (ulPartLen) {
- rv = (*context->update)(context->cipherInfo, context->padBuf, &outlen,
- PK11_MAX_BLOCK_SIZE, pPart, context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- /* paranoia.. make sure we exit the loop */
- PORT_Assert(ulPartLen >= context->blockSize);
- if (ulPartLen < context->blockSize) break;
- ulPartLen -= context->blockSize;
- }
-
- return CKR_OK;
-
-}
-
-/* NSC_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen)
-{
- return pk11_MACUpdate(hSession, pPart, ulPartLen, PK11_SIGN);
-}
-
-
-/* NSC_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
-CK_RV NSC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int digestLen;
- unsigned int maxoutlen = *pulSignatureLen;
- unsigned char tmpbuf[PK11_MAX_MAC_LENGTH];
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- *pulSignatureLen = 0;
- crv = pk11_GetContext(hSession,&context,PK11_SIGN,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- if (!pSignature) {
- *pulSignatureLen = context->maxLen;
- goto finish;
- } else if (context->hashInfo) {
- (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
- rv = (*context->update)(context->cipherInfo, pSignature,
- &outlen, maxoutlen, tmpbuf, digestLen);
- *pulSignatureLen = (CK_ULONG) outlen;
- } else {
- /* deal with the last block if any residual */
- if (context->padDataLength) {
- /* fill out rest of pad buffer with pad magic*/
- int i;
- for (i=context->padDataLength; i < (int)context->blockSize; i++) {
- context->padBuf[i] = 0;
- }
- rv = (*context->update)(context->cipherInfo,context->macBuf,
- &outlen,PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
- }
- if (rv == SECSuccess) {
- PORT_Memcpy(pSignature,context->macBuf,context->macSize);
- *pulSignatureLen = context->macSize;
- }
- }
-
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_SIGN, NULL);
-
-finish:
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_Sign(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulSignatureLen;
- CK_RV crv,crv2;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_SIGN,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- if (!pSignature) {
- *pulSignatureLen = context->maxLen;
- goto finish;
- }
-
- /* multi part Signing are completely implemented by SignUpdate and
- * sign Final */
- if (context->multi) {
- pk11_FreeSession(session);
- crv = NSC_SignUpdate(hSession,pData,ulDataLen);
- if (crv != CKR_OK) *pulSignatureLen = 0;
- crv2 = NSC_SignFinal(hSession, pSignature, pulSignatureLen);
- return crv == CKR_OK ? crv2 :crv;
- }
-
- rv = (*context->update)(context->cipherInfo, pSignature,
- &outlen, maxoutlen, pData, ulDataLen);
- *pulSignatureLen = (CK_ULONG) outlen;
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_SIGN, NULL);
-
-finish:
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions: Sign Recover ************************
- */
-/* NSC_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_RV NSC_SignRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
- switch (pMechanism->mechanism) {
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- return NSC_SignInit(hSession,pMechanism,hKey);
- default:
- break;
- }
- return CKR_MECHANISM_INVALID;
-}
-
-
-/* NSC_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_RV NSC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
-{
- return NSC_Sign(hSession,pData,ulDataLen,pSignature,pulSignatureLen);
-}
-
-/*
- ************** Crypto Functions: verify ************************
- */
-
-/* Handle RSA Signature formating */
-static SECStatus
-pk11_hashCheckSign(PK11HashVerifyInfo *info, unsigned char *sig,
- unsigned int sigLen, unsigned char *digest, unsigned int digestLen)
-{
-
- SECItem it;
- SGNDigestInfo *di = NULL;
- SECStatus rv = SECSuccess;
-
- it.data = NULL;
-
- if (info->key == NULL) goto loser;
-
- it.len = nsslowkey_PublicModulusLen(info->key);
- if (!it.len) goto loser;
-
- it.data = (unsigned char *) PORT_Alloc(it.len);
- if (it.data == NULL) goto loser;
-
- /* decrypt the block */
- rv = RSA_CheckSignRecover(info->key, it.data, &it.len, it.len, sig, sigLen);
- if (rv != SECSuccess) goto loser;
-
- di = SGN_DecodeDigestInfo(&it);
- if (di == NULL) goto loser;
- if (di->digest.len != digestLen) goto loser;
-
- /* make sure the tag is OK */
- if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != info->hashOid) {
- goto loser;
- }
- /* Now check the signature */
- if (PORT_Memcmp(digest, di->digest.data, di->digest.len) == 0) {
- goto done;
- }
-
- loser:
- rv = SECFailure;
-
- done:
- if (it.data != NULL) PORT_Free(it.data);
- if (di != NULL) SGN_DestroyDigestInfo(di);
-
- return rv;
-}
-
-/* NSC_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-CK_RV NSC_VerifyInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- NSSLOWKEYPublicKey *pubKey;
- PK11HashVerifyInfo *info = NULL;
-
- /* Block Cipher MACing Algorithms use a different Context init method..*/
- crv = pk11_InitCBCMac(hSession, pMechanism, hKey, CKA_VERIFY, PK11_VERIFY);
- if (crv != CKR_FUNCTION_NOT_SUPPORTED) return crv;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_VERIFY,&key,hKey,&key_type,
- CKO_PUBLIC_KEY,CKA_VERIFY);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->multi = PR_FALSE;
-
-#define INIT_RSA_VFY_MECH(mmm) \
- case CKM_ ## mmm ## _RSA_PKCS: \
- context->multi = PR_TRUE; \
- crv = pk11_doSub ## mmm (context); \
- if (crv != CKR_OK) break; \
- context->verify = (PK11Verify) pk11_hashCheckSign; \
- info = PORT_New(PK11HashVerifyInfo); \
- if (info == NULL) { crv = CKR_HOST_MEMORY; break; } \
- info->hashOid = SEC_OID_ ## mmm ; \
- goto finish_rsa;
-
- switch(pMechanism->mechanism) {
- INIT_RSA_VFY_MECH(MD5)
- INIT_RSA_VFY_MECH(MD2)
- INIT_RSA_VFY_MECH(SHA1)
- INIT_RSA_VFY_MECH(SHA256)
- INIT_RSA_VFY_MECH(SHA384)
- INIT_RSA_VFY_MECH(SHA512)
-
- case CKM_RSA_PKCS:
- context->verify = (PK11Verify) RSA_CheckSign;
- goto finish_rsa;
- case CKM_RSA_X_509:
- context->verify = (PK11Verify) RSA_CheckSignRaw;
-finish_rsa:
- if (key_type != CKK_RSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- pubKey = pk11_GetPubKey(key,CKK_RSA,&crv);
- if (pubKey == NULL) {
- break;
- }
- if (info) {
- info->key = pubKey;
- context->cipherInfo = info;
- context->destroy = pk11_Space;
- } else {
- context->cipherInfo = pubKey;
- context->destroy = pk11_Null;
- }
- break;
- case CKM_DSA_SHA1:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- /* fall through */
- case CKM_DSA:
- if (key_type != CKK_DSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- pubKey = pk11_GetPubKey(key,CKK_DSA,&crv);
- if (pubKey == NULL) {
- break;
- }
- context->cipherInfo = pubKey;
- context->verify = (PK11Verify) nsc_DSA_Verify_Stub;
- context->destroy = pk11_Null;
- break;
-#ifdef NSS_ENABLE_ECC
- case CKM_ECDSA_SHA1:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- /* fall through */
- case CKM_ECDSA:
- if (key_type != CKK_EC) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- pubKey = pk11_GetPubKey(key,CKK_EC,&crv);
- if (pubKey == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->cipherInfo = pubKey;
- context->verify = (PK11Verify) nsc_ECDSAVerifyStub;
- context->destroy = pk11_Null;
- break;
-#endif /* NSS_ENABLE_ECC */
-
- INIT_HMAC_MECH(MD2)
- INIT_HMAC_MECH(MD5)
- INIT_HMAC_MECH(SHA256)
- INIT_HMAC_MECH(SHA384)
- INIT_HMAC_MECH(SHA512)
-
- case CKM_SHA_1_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SHA_1_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,SHA1_LENGTH);
- break;
-
- case CKM_SSL3_MD5_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_MD5,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SSL3_SHA1_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_SHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_TLS_PRF_GENERAL:
- crv = pk11_TLSPRFInit(context, key, key_type);
- break;
-
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_Free(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_VERIFY, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_VERIFY,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- rv = (*context->verify)(context->cipherInfo,pSignature, ulSignatureLen,
- pData, ulDataLen);
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_VERIFY, NULL);
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_SIGNATURE_INVALID;
-
-}
-
-
-/* NSC_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen)
-{
- return pk11_MACUpdate(hSession, pPart, ulPartLen, PK11_VERIFY);
-}
-
-
-/* NSC_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
-CK_RV NSC_VerifyFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int digestLen;
- unsigned char tmpbuf[PK11_MAX_MAC_LENGTH];
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_VERIFY,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- if (context->hashInfo) {
- (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
- rv = (*context->verify)(context->cipherInfo, pSignature,
- ulSignatureLen, tmpbuf, digestLen);
- } else {
- if (context->padDataLength) {
- /* fill out rest of pad buffer with pad magic*/
- int i;
- for (i=context->padDataLength; i < (int)context->blockSize; i++) {
- context->padBuf[i] = 0;
- }
- rv = (*context->update)(context->cipherInfo,context->macBuf,
- &outlen,PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
- }
- if (rv == SECSuccess) {
- rv =(PORT_Memcmp(pSignature,context->macBuf,context->macSize) == 0)
- ? SECSuccess : SECFailure;
- }
- }
-
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_VERIFY, NULL);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_SIGNATURE_INVALID;
-
-}
-
-/*
- ************** Crypto Functions: Verify Recover ************************
- */
-
-/* NSC_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_RV NSC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- NSSLOWKEYPublicKey *pubKey;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_VERIFY_RECOVER,
- &key,hKey,&key_type,CKO_PUBLIC_KEY,CKA_VERIFY_RECOVER);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->multi = PR_TRUE;
-
- switch(pMechanism->mechanism) {
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- if (key_type != CKK_RSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- pubKey = pk11_GetPubKey(key,CKK_RSA,&crv);
- if (pubKey == NULL) {
- break;
- }
- context->cipherInfo = pubKey;
- context->update = (PK11Cipher) (pMechanism->mechanism == CKM_RSA_X_509
- ? RSA_CheckSignRecoverRaw : RSA_CheckSignRecover);
- context->destroy = pk11_Null;
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_Free(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_VERIFY_RECOVER, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* NSC_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_RV NSC_VerifyRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulDataLen;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_VERIFY_RECOVER,
- PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen,
- pSignature, ulSignatureLen);
- *pulDataLen = (CK_ULONG) outlen;
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_VERIFY_RECOVER, NULL);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/*
- **************************** Random Functions: ************************
- */
-
-/* NSC_SeedRandom mixes additional seed material into the token's random number
- * generator. */
-CK_RV NSC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen)
-{
- SECStatus rv;
-
- rv = RNG_RandomUpdate(pSeed, ulSeedLen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_GenerateRandom generates random data. */
-CK_RV NSC_GenerateRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
-{
- SECStatus rv;
-
- rv = RNG_GenerateGlobalRandomBytes(pRandomData, ulRandomLen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/*
- **************************** Key Functions: ************************
- */
-
-
-/*
- * generate a password based encryption key. This code uses
- * PKCS5 to do the work.
- */
-static CK_RV
-nsc_pbe_key_gen(NSSPKCS5PBEParameter *pkcs5_pbe, CK_MECHANISM_PTR pMechanism,
- char *buf, CK_ULONG *key_length, PRBool faulty3DES)
-{
- SECItem *pbe_key = NULL, iv, pwitem;
- CK_PBE_PARAMS *pbe_params = NULL;
-
- *key_length = 0;
- iv.data = NULL; iv.len = 0;
-
- pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
-
- pwitem.data = (unsigned char *)pbe_params->pPassword;
- pwitem.len = (unsigned int)pbe_params->ulPasswordLen;
- pbe_key = nsspkcs5_ComputeKeyAndIV(pkcs5_pbe, &pwitem, &iv, faulty3DES);
- if (pbe_key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- PORT_Memcpy(buf, pbe_key->data, pbe_key->len);
- *key_length = pbe_key->len;
- SECITEM_ZfreeItem(pbe_key, PR_TRUE);
- pbe_key = NULL;
-
- if (iv.data && pbe_params->pInitVector != NULL) {
- PORT_Memcpy(pbe_params->pInitVector, iv.data, iv.len);
- }
- return CKR_OK;
-}
-static CK_RV
-nsc_parameter_gen(CK_KEY_TYPE key_type, PK11Object *key)
-{
- PK11Attribute *attribute;
- CK_ULONG counter;
- unsigned int seedBits = 0;
- unsigned int primeBits;
- CK_RV crv = CKR_OK;
- PQGParams *params = NULL;
- PQGVerify *vfy = NULL;
- SECStatus rv;
-
- attribute = pk11_FindAttribute(key, CKA_PRIME_BITS);
- if (attribute == NULL) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- primeBits = (unsigned int) *(CK_ULONG *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- attribute = pk11_FindAttribute(key, CKA_NETSCAPE_PQG_SEED_BITS);
- if (attribute != NULL) {
- seedBits = (unsigned int) *(CK_ULONG *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
- }
-
- pk11_DeleteAttributeType(key,CKA_PRIME_BITS);
- pk11_DeleteAttributeType(key,CKA_NETSCAPE_PQG_SEED_BITS);
-
- if (seedBits == 0) {
- rv = PQG_ParamGen(primeBits, &params, &vfy);
- } else {
- rv = PQG_ParamGenSeedLen(primeBits,seedBits/8, &params, &vfy);
- }
-
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- crv = pk11_AddAttributeType(key,CKA_PRIME,
- params->prime.data, params->prime.len);
- if (crv != CKR_OK) goto loser;
- crv = pk11_AddAttributeType(key,CKA_SUBPRIME,
- params->subPrime.data, params->subPrime.len);
- if (crv != CKR_OK) goto loser;
- crv = pk11_AddAttributeType(key,CKA_BASE,
- params->base.data, params->base.len);
- if (crv != CKR_OK) goto loser;
- counter = vfy->counter;
- crv = pk11_AddAttributeType(key,CKA_NETSCAPE_PQG_COUNTER,
- &counter, sizeof(counter));
- crv = pk11_AddAttributeType(key,CKA_NETSCAPE_PQG_SEED,
- vfy->seed.data, vfy->seed.len);
- if (crv != CKR_OK) goto loser;
- crv = pk11_AddAttributeType(key,CKA_NETSCAPE_PQG_H,
- vfy->h.data, vfy->h.len);
- if (crv != CKR_OK) goto loser;
-
-loser:
- if (params) {
- PQG_DestroyParams(params);
- }
- if (vfy) {
- PQG_DestroyVerify(vfy);
- }
- return crv;
-}
-
-
-
-
-
-
-
-static CK_RV
-nsc_SetupBulkKeyGen(CK_MECHANISM_TYPE mechanism, CK_KEY_TYPE *key_type,
- CK_ULONG *key_length)
-{
- CK_RV crv = CKR_OK;
-
- switch (mechanism) {
- case CKM_RC2_KEY_GEN:
- *key_type = CKK_RC2;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_KEY_GEN:
- *key_type = CKK_RC5;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
-#endif
- case CKM_RC4_KEY_GEN:
- *key_type = CKK_RC4;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- case CKM_GENERIC_SECRET_KEY_GEN:
- *key_type = CKK_GENERIC_SECRET;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- case CKM_CDMF_KEY_GEN:
- *key_type = CKK_CDMF;
- *key_length = 8;
- break;
- case CKM_DES_KEY_GEN:
- *key_type = CKK_DES;
- *key_length = 8;
- break;
- case CKM_DES2_KEY_GEN:
- *key_type = CKK_DES2;
- *key_length = 16;
- break;
- case CKM_DES3_KEY_GEN:
- *key_type = CKK_DES3;
- *key_length = 24;
- break;
- case CKM_AES_KEY_GEN:
- *key_type = CKK_AES;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- default:
- PORT_Assert(0);
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- return crv;
-}
-
-CK_RV
-nsc_SetupHMACKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe)
-{
- SECItem salt;
- CK_PBE_PARAMS *pbe_params = NULL;
- NSSPKCS5PBEParameter *params;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- *pbe = NULL;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- params = (NSSPKCS5PBEParameter *) PORT_ArenaZAlloc(arena,
- sizeof(NSSPKCS5PBEParameter));
- if (params == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return CKR_HOST_MEMORY;
- }
-
- params->poolp = arena;
- params->ivLen = 0;
- params->pbeType = NSSPKCS5_PKCS12_V2;
- params->hashType = HASH_AlgSHA1;
- params->encAlg = SEC_OID_SHA1; /* any invalid value */
- params->is2KeyDES = PR_FALSE;
- params->keyID = pbeBitGenIntegrityKey;
- pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
- params->iter = pbe_params->ulIteration;
-
- salt.data = (unsigned char *)pbe_params->pSalt;
- salt.len = (unsigned int)pbe_params->ulSaltLen;
- rv = SECITEM_CopyItem(arena,&params->salt,&salt);
- if (rv != SECSuccess) {
- PORT_FreeArena(arena,PR_TRUE);
- return CKR_HOST_MEMORY;
- }
- switch (pMechanism->mechanism) {
- case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
- case CKM_PBA_SHA1_WITH_SHA1_HMAC:
- params->hashType = HASH_AlgSHA1;
- params->keyLen = 20;
- break;
- case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
- params->hashType = HASH_AlgMD5;
- params->keyLen = 16;
- break;
- case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
- params->hashType = HASH_AlgMD2;
- params->keyLen = 16;
- break;
- default:
- PORT_FreeArena(arena,PR_TRUE);
- return CKR_MECHANISM_INVALID;
- }
- *pbe = params;
- return CKR_OK;
-}
-/* maybe this should be table driven? */
-static CK_RV
-nsc_SetupPBEKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe,
- CK_KEY_TYPE *key_type)
-{
- CK_RV crv = CKR_OK;
- SECOidData *oid;
- CK_PBE_PARAMS *pbe_params;
- NSSPKCS5PBEParameter *params;
- SECItem salt;
-
- *pbe = NULL;
-
- oid = SECOID_FindOIDByMechanism(pMechanism->mechanism);
- if (oid == NULL) {
- return CKR_MECHANISM_INVALID;
- }
-
- pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
- salt.data = (unsigned char *)pbe_params->pSalt;
- salt.len = (unsigned int)pbe_params->ulSaltLen;
-
- params=nsspkcs5_NewParam(oid->offset, &salt, pbe_params->ulIteration);
- if (params == NULL) {
- return CKR_MECHANISM_INVALID;
- }
-
-
- switch (params->encAlg) {
- case SEC_OID_DES_CBC:
- *key_type = CKK_DES;
- break;
- case SEC_OID_DES_EDE3_CBC:
- *key_type = params->is2KeyDES ? CKK_DES2 : CKK_DES3;
- break;
- case SEC_OID_RC2_CBC:
- *key_type = CKK_RC2;
- break;
- case SEC_OID_RC4:
- *key_type = CKK_RC4;
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- nsspkcs5_DestroyPBEParameter(params);
- break;
- }
- if (crv == CKR_OK) {
- *pbe = params;
- }
- return crv;
-}
-
-/* NSC_GenerateKey generates a secret key, creating a new key object. */
-CK_RV NSC_GenerateKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey)
-{
- PK11Object *key;
- PK11Session *session;
- PRBool checkWeak = PR_FALSE;
- CK_ULONG key_length = 0;
- CK_KEY_TYPE key_type = CKK_INVALID_KEY_TYPE;
- CK_OBJECT_CLASS objclass = CKO_SECRET_KEY;
- CK_RV crv = CKR_OK;
- CK_BBOOL cktrue = CK_TRUE;
- int i;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- char buf[MAX_KEY_LEN];
- enum {nsc_pbe, nsc_ssl, nsc_bulk, nsc_param} key_gen_type;
- NSSPKCS5PBEParameter *pbe_param;
- SSL3RSAPreMasterSecret *rsa_pms;
- CK_VERSION *version;
- /* in very old versions of NSS, there were implementation errors with key
- * generation methods. We want to beable to read these, but not
- * produce them any more. The affected algorithm was 3DES.
- */
- PRBool faultyPBE3DES = PR_FALSE;
-
-
- /*
- * now lets create an object to hang the attributes off of
- */
- key = pk11_NewObject(slot); /* fill in the handle later */
- if (key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG *)pTemplate[i].pValue;
- continue;
- }
-
- crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
- }
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return crv;
- }
-
- /* make sure we don't have any class, key_type, or value fields */
- pk11_DeleteAttributeType(key,CKA_CLASS);
- pk11_DeleteAttributeType(key,CKA_KEY_TYPE);
- pk11_DeleteAttributeType(key,CKA_VALUE);
-
- /* Now Set up the parameters to generate the key (based on mechanism) */
- key_gen_type = nsc_bulk; /* bulk key by default */
- switch (pMechanism->mechanism) {
- case CKM_CDMF_KEY_GEN:
- case CKM_DES_KEY_GEN:
- case CKM_DES2_KEY_GEN:
- case CKM_DES3_KEY_GEN:
- checkWeak = PR_TRUE;
- case CKM_RC2_KEY_GEN:
- case CKM_RC4_KEY_GEN:
- case CKM_GENERIC_SECRET_KEY_GEN:
- case CKM_AES_KEY_GEN:
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_KEY_GEN:
-#endif
- crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length);
- break;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- key_type = CKK_GENERIC_SECRET;
- key_length = 48;
- key_gen_type = nsc_ssl;
- break;
- case CKM_PBA_SHA1_WITH_SHA1_HMAC:
- case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
- key_gen_type = nsc_pbe;
- key_type = CKK_GENERIC_SECRET;
- crv = nsc_SetupHMACKeyGen(pMechanism, &pbe_param);
- break;
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- faultyPBE3DES = PR_TRUE;
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC4_128:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_PBE_MD2_DES_CBC:
- key_gen_type = nsc_pbe;
- crv = nsc_SetupPBEKeyGen(pMechanism,&pbe_param, &key_type);
- break;
- case CKM_DSA_PARAMETER_GEN:
- key_gen_type = nsc_param;
- key_type = CKK_DSA;
- objclass = CKO_KG_PARAMETERS;
- crv = CKR_OK;
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- /* make sure we aren't going to overflow the buffer */
- if (sizeof(buf) < key_length) {
- /* someone is getting pretty optimistic about how big their key can
- * be... */
- crv = CKR_TEMPLATE_INCONSISTENT;
- }
-
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* if there was no error,
- * key_type *MUST* be set in the switch statement above */
- PORT_Assert( key_type != CKK_INVALID_KEY_TYPE );
-
- /*
- * now to the actual key gen.
- */
- switch (key_gen_type) {
- case nsc_pbe:
- crv = nsc_pbe_key_gen(pbe_param, pMechanism, buf, &key_length,
- faultyPBE3DES);
- nsspkcs5_DestroyPBEParameter(pbe_param);
- break;
- case nsc_ssl:
- rsa_pms = (SSL3RSAPreMasterSecret *)buf;
- version = (CK_VERSION *)pMechanism->pParameter;
- rsa_pms->client_version[0] = version->major;
- rsa_pms->client_version[1] = version->minor;
- crv =
- NSC_GenerateRandom(0,&rsa_pms->random[0], sizeof(rsa_pms->random));
- break;
- case nsc_bulk:
- /* get the key, check for weak keys and repeat if found */
- do {
- crv = NSC_GenerateRandom(0, (unsigned char *)buf, key_length);
- } while (crv == CKR_OK && checkWeak &&
- pk11_IsWeakKey((unsigned char *)buf,key_type));
- break;
- case nsc_param:
- /* generate parameters */
- *buf = 0;
- crv = nsc_parameter_gen(key_type,key);
- break;
- }
-
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* Add the class, key_type, and value */
- crv = pk11_AddAttributeType(key,CKA_CLASS,&objclass,sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
- crv = pk11_AddAttributeType(key,CKA_KEY_TYPE,&key_type,sizeof(CK_KEY_TYPE));
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
- if (key_length != 0) {
- crv = pk11_AddAttributeType(key,CKA_VALUE,buf,key_length);
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
- }
-
- /* get the session */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- /*
- * handle the base object stuff
- */
- crv = pk11_handleObject(key,session);
- pk11_FreeSession(session);
- if (pk11_isTrue(key,CKA_SENSITIVE)) {
- pk11_forceAttribute(key,CKA_ALWAYS_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
- }
- if (!pk11_isTrue(key,CKA_EXTRACTABLE)) {
- pk11_forceAttribute(key,CKA_NEVER_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
- }
-
- *phKey = key->handle;
- pk11_FreeObject(key);
- return crv;
-}
-
-
-
-/* NSC_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-CK_RV NSC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey)
-{
- PK11Object * publicKey,*privateKey;
- PK11Session * session;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- CK_BBOOL cktrue = CK_TRUE;
- SECStatus rv;
- CK_OBJECT_CLASS pubClass = CKO_PUBLIC_KEY;
- CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
- int i;
- PK11Slot * slot = pk11_SlotFromSessionHandle(hSession);
-
- /* RSA */
- int public_modulus_bits = 0;
- SECItem pubExp;
- RSAPrivateKey * rsaPriv;
-
- /* DSA */
- PQGParams pqgParam;
- DHParams dhParam;
- DSAPrivateKey * dsaPriv;
-
- /* Diffie Hellman */
- int private_value_bits = 0;
- DHPrivateKey * dhPriv;
-
-#ifdef NSS_ENABLE_ECC
- /* Elliptic Curve Cryptography */
- SECItem ecEncodedParams; /* DER Encoded parameters */
- ECPrivateKey * ecPriv;
- ECParams * ecParams;
-#endif /* NSS_ENABLE_ECC */
-
- /*
- * now lets create an object to hang the attributes off of
- */
- publicKey = pk11_NewObject(slot); /* fill in the handle later */
- if (publicKey == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the publicKey
- */
- for (i=0; i < (int) ulPublicKeyAttributeCount; i++) {
- if (pPublicKeyTemplate[i].type == CKA_MODULUS_BITS) {
- public_modulus_bits = *(CK_ULONG *)pPublicKeyTemplate[i].pValue;
- continue;
- }
-
- crv = pk11_AddAttributeType(publicKey,
- pk11_attr_expand(&pPublicKeyTemplate[i]));
- if (crv != CKR_OK) break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeObject(publicKey);
- return CKR_HOST_MEMORY;
- }
-
- privateKey = pk11_NewObject(slot); /* fill in the handle later */
- if (privateKey == NULL) {
- pk11_FreeObject(publicKey);
- return CKR_HOST_MEMORY;
- }
- /*
- * now load the private key template
- */
- for (i=0; i < (int) ulPrivateKeyAttributeCount; i++) {
- if (pPrivateKeyTemplate[i].type == CKA_VALUE_BITS) {
- private_value_bits = *(CK_ULONG *)pPrivateKeyTemplate[i].pValue;
- continue;
- }
-
- crv = pk11_AddAttributeType(privateKey,
- pk11_attr_expand(&pPrivateKeyTemplate[i]));
- if (crv != CKR_OK) break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeObject(publicKey);
- pk11_FreeObject(privateKey);
- return CKR_HOST_MEMORY;
- }
- pk11_DeleteAttributeType(privateKey,CKA_CLASS);
- pk11_DeleteAttributeType(privateKey,CKA_KEY_TYPE);
- pk11_DeleteAttributeType(privateKey,CKA_VALUE);
- pk11_DeleteAttributeType(publicKey,CKA_CLASS);
- pk11_DeleteAttributeType(publicKey,CKA_KEY_TYPE);
- pk11_DeleteAttributeType(publicKey,CKA_VALUE);
-
- /* Now Set up the parameters to generate the key (based on mechanism) */
- switch (pMechanism->mechanism) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- /* format the keys */
- pk11_DeleteAttributeType(publicKey,CKA_MODULUS);
- pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
- pk11_DeleteAttributeType(privateKey,CKA_MODULUS);
- pk11_DeleteAttributeType(privateKey,CKA_PRIVATE_EXPONENT);
- pk11_DeleteAttributeType(privateKey,CKA_PUBLIC_EXPONENT);
- pk11_DeleteAttributeType(privateKey,CKA_PRIME_1);
- pk11_DeleteAttributeType(privateKey,CKA_PRIME_2);
- pk11_DeleteAttributeType(privateKey,CKA_EXPONENT_1);
- pk11_DeleteAttributeType(privateKey,CKA_EXPONENT_2);
- pk11_DeleteAttributeType(privateKey,CKA_COEFFICIENT);
- key_type = CKK_RSA;
- if (public_modulus_bits == 0) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- }
-
- /* extract the exponent */
- crv=pk11_Attribute2SSecItem(NULL,&pubExp,publicKey,CKA_PUBLIC_EXPONENT);
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(privateKey,CKA_PUBLIC_EXPONENT,
- pk11_item_expand(&pubExp));
- if (crv != CKR_OK) {
- PORT_Free(pubExp.data);
- break;
- }
-
- rsaPriv = RSA_NewKey(public_modulus_bits, &pubExp);
- PORT_Free(pubExp.data);
- if (rsaPriv == NULL) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- /* now fill in the RSA dependent paramenters in the public key */
- crv = pk11_AddAttributeType(publicKey,CKA_MODULUS,
- pk11_item_expand(&rsaPriv->modulus));
- if (crv != CKR_OK) goto kpg_done;
- /* now fill in the RSA dependent paramenters in the private key */
- crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
- pk11_item_expand(&rsaPriv->modulus));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_MODULUS,
- pk11_item_expand(&rsaPriv->modulus));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_PRIVATE_EXPONENT,
- pk11_item_expand(&rsaPriv->privateExponent));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_PRIME_1,
- pk11_item_expand(&rsaPriv->prime1));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_PRIME_2,
- pk11_item_expand(&rsaPriv->prime2));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_EXPONENT_1,
- pk11_item_expand(&rsaPriv->exponent1));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_EXPONENT_2,
- pk11_item_expand(&rsaPriv->exponent2));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_COEFFICIENT,
- pk11_item_expand(&rsaPriv->coefficient));
-kpg_done:
- /* Should zeroize the contents first, since this func doesn't. */
- PORT_FreeArena(rsaPriv->arena, PR_TRUE);
- break;
- case CKM_DSA_KEY_PAIR_GEN:
- pk11_DeleteAttributeType(publicKey,CKA_VALUE);
- pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
- pk11_DeleteAttributeType(privateKey,CKA_PRIME);
- pk11_DeleteAttributeType(privateKey,CKA_SUBPRIME);
- pk11_DeleteAttributeType(privateKey,CKA_BASE);
- key_type = CKK_DSA;
-
- /* extract the necessary paramters and copy them to the private key */
- crv=pk11_Attribute2SSecItem(NULL,&pqgParam.prime,publicKey,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(NULL,&pqgParam.subPrime,publicKey,
- CKA_SUBPRIME);
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- break;
- }
- crv=pk11_Attribute2SSecItem(NULL,&pqgParam.base,publicKey,CKA_BASE);
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey,CKA_PRIME,
- pk11_item_expand(&pqgParam.prime));
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey,CKA_SUBPRIME,
- pk11_item_expand(&pqgParam.subPrime));
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey,CKA_BASE,
- pk11_item_expand(&pqgParam.base));
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
- break;
- }
-
- /* Generate the key */
- rv = DSA_NewKey(&pqgParam, &dsaPriv);
-
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
-
- if (rv != SECSuccess) { crv = CKR_DEVICE_ERROR; break; }
-
- /* store the generated key into the attributes */
- crv = pk11_AddAttributeType(publicKey,CKA_VALUE,
- pk11_item_expand(&dsaPriv->publicValue));
- if (crv != CKR_OK) goto dsagn_done;
-
- /* now fill in the RSA dependent paramenters in the private key */
- crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
- pk11_item_expand(&dsaPriv->publicValue));
- if (crv != CKR_OK) goto dsagn_done;
- crv = pk11_AddAttributeType(privateKey,CKA_VALUE,
- pk11_item_expand(&dsaPriv->privateValue));
-
-dsagn_done:
- /* should zeroize, since this function doesn't. */
- PORT_FreeArena(dsaPriv->params.arena, PR_TRUE);
- break;
-
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- pk11_DeleteAttributeType(privateKey,CKA_PRIME);
- pk11_DeleteAttributeType(privateKey,CKA_BASE);
- pk11_DeleteAttributeType(privateKey,CKA_VALUE);
- pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
- key_type = CKK_DH;
-
- /* extract the necessary parameters and copy them to private keys */
- crv = pk11_Attribute2SSecItem(NULL, &dhParam.prime, publicKey,
- CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(NULL, &dhParam.base, publicKey, CKA_BASE);
- if (crv != CKR_OK) {
- PORT_Free(dhParam.prime.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey, CKA_PRIME,
- pk11_item_expand(&dhParam.prime));
- if (crv != CKR_OK) {
- PORT_Free(dhParam.prime.data);
- PORT_Free(dhParam.base.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey, CKA_BASE,
- pk11_item_expand(&dhParam.base));
- if (crv != CKR_OK) goto dhgn_done;
-
- rv = DH_NewKey(&dhParam, &dhPriv);
- PORT_Free(dhParam.prime.data);
- PORT_Free(dhParam.base.data);
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
-
- crv=pk11_AddAttributeType(publicKey, CKA_VALUE,
- pk11_item_expand(&dhPriv->publicValue));
- if (crv != CKR_OK) goto dhgn_done;
-
- crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
- pk11_item_expand(&dhPriv->publicValue));
- if (crv != CKR_OK) goto dhgn_done;
-
- crv=pk11_AddAttributeType(privateKey, CKA_VALUE,
- pk11_item_expand(&dhPriv->privateValue));
-
-dhgn_done:
- /* should zeroize, since this function doesn't. */
- PORT_FreeArena(dhPriv->arena, PR_TRUE);
- break;
-
-#ifdef NSS_ENABLE_ECC
- case CKM_EC_KEY_PAIR_GEN:
- pk11_DeleteAttributeType(privateKey,CKA_EC_PARAMS);
- pk11_DeleteAttributeType(privateKey,CKA_VALUE);
- key_type = CKK_EC;
-
- /* extract the necessary parameters and copy them to private keys */
- crv = pk11_Attribute2SSecItem(NULL, &ecEncodedParams, publicKey,
- CKA_EC_PARAMS);
- if (crv != CKR_OK) break;
-
- crv = pk11_AddAttributeType(privateKey, CKA_EC_PARAMS,
- pk11_item_expand(&ecEncodedParams));
- if (crv != CKR_OK) {
- PORT_Free(ecEncodedParams.data);
- break;
- }
-
- /* Decode ec params before calling EC_NewKey */
- rv = EC_DecodeParams(&ecEncodedParams, &ecParams);
- PORT_Free(ecEncodedParams.data);
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- rv = EC_NewKey(ecParams, &ecPriv);
- PORT_FreeArena(ecParams->arena, PR_TRUE);
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
-
- crv = pk11_AddAttributeType(publicKey, CKA_EC_POINT,
- pk11_item_expand(&ecPriv->publicValue));
- if (crv != CKR_OK) goto ecgn_done;
-
- crv = pk11_AddAttributeType(privateKey, CKA_VALUE,
- pk11_item_expand(&ecPriv->privateValue));
-
-ecgn_done:
- /* should zeroize, since this function doesn't. */
- PORT_FreeArena(ecPriv->ecParams.arena, PR_TRUE);
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- crv = CKR_MECHANISM_INVALID;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeObject(privateKey);
- pk11_FreeObject(publicKey);
- return crv;
- }
-
-
- /* Add the class, key_type The loop lets us check errors blow out
- * on errors and clean up at the bottom */
- session = NULL; /* make pedtantic happy... session cannot leave the*/
- /* loop below NULL unless an error is set... */
- do {
- crv = pk11_AddAttributeType(privateKey,CKA_CLASS,&privClass,
- sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(publicKey,CKA_CLASS,&pubClass,
- sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(privateKey,CKA_KEY_TYPE,&key_type,
- sizeof(CK_KEY_TYPE));
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(publicKey,CKA_KEY_TYPE,&key_type,
- sizeof(CK_KEY_TYPE));
- if (crv != CKR_OK) break;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) crv = CKR_SESSION_HANDLE_INVALID;
- } while (0);
-
- if (crv != CKR_OK) {
- pk11_FreeObject(privateKey);
- pk11_FreeObject(publicKey);
- return crv;
- }
-
- /*
- * handle the base object cleanup for the public Key
- */
- crv = pk11_handleObject(privateKey,session);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- pk11_FreeObject(privateKey);
- pk11_FreeObject(publicKey);
- return crv;
- }
-
- /*
- * handle the base object cleanup for the private Key
- * If we have any problems, we destroy the public Key we've
- * created and linked.
- */
- crv = pk11_handleObject(publicKey,session);
- pk11_FreeSession(session);
- if (crv != CKR_OK) {
- pk11_FreeObject(publicKey);
- NSC_DestroyObject(hSession,privateKey->handle);
- pk11_FreeObject(privateKey);
- return crv;
- }
- if (pk11_isTrue(privateKey,CKA_SENSITIVE)) {
- pk11_forceAttribute(privateKey,CKA_ALWAYS_SENSITIVE,
- &cktrue,sizeof(CK_BBOOL));
- }
- if (pk11_isTrue(publicKey,CKA_SENSITIVE)) {
- pk11_forceAttribute(publicKey,CKA_ALWAYS_SENSITIVE,
- &cktrue,sizeof(CK_BBOOL));
- }
- if (!pk11_isTrue(privateKey,CKA_EXTRACTABLE)) {
- pk11_forceAttribute(privateKey,CKA_NEVER_EXTRACTABLE,
- &cktrue,sizeof(CK_BBOOL));
- }
- if (!pk11_isTrue(publicKey,CKA_EXTRACTABLE)) {
- pk11_forceAttribute(publicKey,CKA_NEVER_EXTRACTABLE,
- &cktrue,sizeof(CK_BBOOL));
- }
- *phPrivateKey = privateKey->handle;
- *phPublicKey = publicKey->handle;
- pk11_FreeObject(publicKey);
- pk11_FreeObject(privateKey);
-
- return CKR_OK;
-}
-
-static SECItem *pk11_PackagePrivateKey(PK11Object *key, CK_RV *crvp)
-{
- NSSLOWKEYPrivateKey *lk = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- PK11Attribute *attribute = NULL;
- PLArenaPool *arena = NULL;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
- void *dummy, *param = NULL;
- SECStatus rv = SECSuccess;
- SECItem *encodedKey = NULL;
-
- if(!key) {
- *crvp = CKR_KEY_HANDLE_INVALID; /* really can't happen */
- return NULL;
- }
-
- attribute = pk11_FindAttribute(key, CKA_KEY_TYPE);
- if(!attribute) {
- *crvp = CKR_KEY_TYPE_INCONSISTENT;
- return NULL;
- }
-
- lk = pk11_GetPrivKey(key, *(CK_KEY_TYPE *)attribute->attrib.pValue, crvp);
- pk11_FreeAttribute(attribute);
- if(!lk) {
- return NULL;
- }
-
- arena = PORT_NewArena(2048); /* XXX different size? */
- if(!arena) {
- *crvp = CKR_HOST_MEMORY;
- rv = SECFailure;
- goto loser;
- }
-
- pki = (NSSLOWKEYPrivateKeyInfo*)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
- if(!pki) {
- *crvp = CKR_HOST_MEMORY;
- rv = SECFailure;
- goto loser;
- }
- pki->arena = arena;
-
- param = NULL;
- switch(lk->keyType) {
- case NSSLOWKEYRSAKey:
- prepare_low_rsa_priv_key_for_asn1(lk);
- dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
- nsslowkey_RSAPrivateKeyTemplate);
- algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
- break;
- case NSSLOWKEYDSAKey:
- prepare_low_dsa_priv_key_export_for_asn1(lk);
- dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
- nsslowkey_DSAPrivateKeyExportTemplate);
- prepare_low_pqg_params_for_asn1(&lk->u.dsa.params);
- param = SEC_ASN1EncodeItem(NULL, NULL, &(lk->u.dsa.params),
- nsslowkey_PQGParamsTemplate);
- algorithm = SEC_OID_ANSIX9_DSA_SIGNATURE;
- break;
- case NSSLOWKEYDHKey:
- default:
- dummy = NULL;
- break;
- }
-
- if(!dummy || ((lk->keyType == NSSLOWKEYDSAKey) && !param)) {
- *crvp = CKR_DEVICE_ERROR; /* should map NSS SECError */
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm,
- (SECItem*)param);
- if(rv != SECSuccess) {
- *crvp = CKR_DEVICE_ERROR; /* should map NSS SECError */
- rv = SECFailure;
- goto loser;
- }
-
- dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
- NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
- if(!dummy) {
- *crvp = CKR_DEVICE_ERROR; /* should map NSS SECError */
- rv = SECFailure;
- goto loser;
- }
-
- encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki,
- nsslowkey_PrivateKeyInfoTemplate);
- *crvp = encodedKey ? CKR_OK : CKR_DEVICE_ERROR;
-
-loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- if(lk && (lk != key->objectInfo)) {
- nsslowkey_DestroyPrivateKey(lk);
- }
-
- if(param) {
- SECITEM_ZfreeItem((SECItem*)param, PR_TRUE);
- }
-
- if(rv != SECSuccess) {
- return NULL;
- }
-
- return encodedKey;
-}
-
-/* it doesn't matter yet, since we colapse error conditions in the
- * level above, but we really should map those few key error differences */
-CK_RV pk11_mapWrap(CK_RV crv)
-{
- switch (crv) {
- case CKR_ENCRYPTED_DATA_INVALID: crv = CKR_WRAPPED_KEY_INVALID; break;
- }
- return crv;
-}
-
-/* NSC_WrapKey wraps (i.e., encrypts) a key. */
-CK_RV NSC_WrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen)
-{
- PK11Session *session;
- PK11Attribute *attribute;
- PK11Object *key;
- CK_RV crv;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- key = pk11_ObjectFromHandle(hKey,session);
- pk11_FreeSession(session);
- if (key == NULL) {
- return CKR_KEY_HANDLE_INVALID;
- }
-
- switch(key->objclass) {
- case CKO_SECRET_KEY:
- {
- PK11SessionContext *context = NULL;
- SECItem pText;
-
- attribute = pk11_FindAttribute(key,CKA_VALUE);
-
- if (attribute == NULL) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- crv = pk11_CryptInit(hSession, pMechanism, hWrappingKey,
- CKA_WRAP, PK11_ENCRYPT, PR_TRUE);
- if (crv != CKR_OK) {
- pk11_FreeAttribute(attribute);
- break;
- }
-
- pText.type = siBuffer;
- pText.data = (unsigned char *)attribute->attrib.pValue;
- pText.len = attribute->attrib.ulValueLen;
-
- /* Find out if this is a block cipher. */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_FALSE,NULL);
- if (crv != CKR_OK || !context)
- break;
- if (context->blockSize > 1) {
- unsigned int remainder = pText.len % context->blockSize;
- if (!context->doPad && remainder) {
- /* When wrapping secret keys with unpadded block ciphers,
- ** the keys are zero padded, if necessary, to fill out
- ** a full block.
- */
- pText.len += context->blockSize - remainder;
- pText.data = PORT_ZAlloc(pText.len);
- if (pText.data)
- memcpy(pText.data, attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- else {
- crv = CKR_HOST_MEMORY;
- break;
- }
- }
- }
-
- crv = NSC_Encrypt(hSession, (CK_BYTE_PTR)pText.data,
- pText.len, pWrappedKey, pulWrappedKeyLen);
-
- if (pText.data != (unsigned char *)attribute->attrib.pValue)
- PORT_ZFree(pText.data, pText.len);
- pk11_FreeAttribute(attribute);
- break;
- }
-
- case CKO_PRIVATE_KEY:
- {
- SECItem *bpki = pk11_PackagePrivateKey(key, &crv);
-
- if(!bpki) {
- break;
- }
-
- crv = pk11_CryptInit(hSession, pMechanism, hWrappingKey,
- CKA_WRAP, PK11_ENCRYPT, PR_TRUE);
- if(crv != CKR_OK) {
- SECITEM_ZfreeItem(bpki, PR_TRUE);
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
-
- crv = NSC_Encrypt(hSession, bpki->data, bpki->len,
- pWrappedKey, pulWrappedKeyLen);
- SECITEM_ZfreeItem(bpki, PR_TRUE);
- break;
- }
-
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- pk11_FreeObject(key);
-
- return pk11_mapWrap(crv);
-}
-
-/*
- * import a pprivate key info into the desired slot
- */
-static SECStatus
-pk11_unwrapPrivateKey(PK11Object *key, SECItem *bpki)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_KEY_TYPE keyType = CKK_RSA;
- SECStatus rv = SECFailure;
- const SEC_ASN1Template *keyTemplate, *paramTemplate;
- void *paramDest = NULL;
- PLArenaPool *arena;
- NSSLOWKEYPrivateKey *lpk = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- SECItem *ck_id = NULL;
- CK_RV crv = CKR_KEY_TYPE_INCONSISTENT;
-
- arena = PORT_NewArena(2048);
- if(!arena) {
- return SECFailure;
- }
-
- pki = (NSSLOWKEYPrivateKeyInfo*)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
- if(!pki) {
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
-
- if(SEC_ASN1DecodeItem(arena, pki, nsslowkey_PrivateKeyInfoTemplate, bpki)
- != SECSuccess) {
- PORT_FreeArena(arena, PR_FALSE);
- return SECFailure;
- }
-
- lpk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPrivateKey));
- if(lpk == NULL) {
- goto loser;
- }
- lpk->arena = arena;
-
- switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keyTemplate = nsslowkey_RSAPrivateKeyTemplate;
- paramTemplate = NULL;
- paramDest = NULL;
- lpk->keyType = NSSLOWKEYRSAKey;
- prepare_low_rsa_priv_key_for_asn1(lpk);
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- keyTemplate = nsslowkey_DSAPrivateKeyExportTemplate;
- paramTemplate = nsslowkey_PQGParamsTemplate;
- paramDest = &(lpk->u.dsa.params);
- lpk->keyType = NSSLOWKEYDSAKey;
- prepare_low_dsa_priv_key_export_for_asn1(lpk);
- prepare_low_pqg_params_for_asn1(&lpk->u.dsa.params);
- break;
- /* case NSSLOWKEYDHKey: */
- default:
- keyTemplate = NULL;
- paramTemplate = NULL;
- paramDest = NULL;
- break;
- }
-
- if(!keyTemplate) {
- goto loser;
- }
-
- /* decode the private key and any algorithm parameters */
- rv = SEC_QuickDERDecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
- if(rv != SECSuccess) {
- goto loser;
- }
- if(paramDest && paramTemplate) {
- rv = SEC_QuickDERDecodeItem(arena, paramDest, paramTemplate,
- &(pki->algorithm.parameters));
- if(rv != SECSuccess) {
- goto loser;
- }
- }
-
- rv = SECFailure;
-
- switch (lpk->keyType) {
- case NSSLOWKEYRSAKey:
- keyType = CKK_RSA;
- if(pk11_hasAttribute(key, CKA_NETSCAPE_DB)) {
- pk11_DeleteAttributeType(key, CKA_NETSCAPE_DB);
- }
- crv = pk11_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
- sizeof(keyType));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_UNWRAP, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_DECRYPT, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_MODULUS,
- pk11_item_expand(&lpk->u.rsa.modulus));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PUBLIC_EXPONENT,
- pk11_item_expand(&lpk->u.rsa.publicExponent));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIVATE_EXPONENT,
- pk11_item_expand(&lpk->u.rsa.privateExponent));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIME_1,
- pk11_item_expand(&lpk->u.rsa.prime1));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIME_2,
- pk11_item_expand(&lpk->u.rsa.prime2));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_EXPONENT_1,
- pk11_item_expand(&lpk->u.rsa.exponent1));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_EXPONENT_2,
- pk11_item_expand(&lpk->u.rsa.exponent2));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_COEFFICIENT,
- pk11_item_expand(&lpk->u.rsa.coefficient));
- break;
- case NSSLOWKEYDSAKey:
- keyType = CKK_DSA;
- crv = (pk11_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK :
- CKR_KEY_TYPE_INCONSISTENT;
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
- sizeof(keyType));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIME,
- pk11_item_expand(&lpk->u.dsa.params.prime));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SUBPRIME,
- pk11_item_expand(&lpk->u.dsa.params.subPrime));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_BASE,
- pk11_item_expand(&lpk->u.dsa.params.base));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_VALUE,
- pk11_item_expand(&lpk->u.dsa.privateValue));
- if(crv != CKR_OK) break;
- break;
-#ifdef notdef
- case NSSLOWKEYDHKey:
- template = dhTemplate;
- templateCount = sizeof(dhTemplate)/sizeof(CK_ATTRIBUTE);
- keyType = CKK_DH;
- break;
-#endif
- /* what about fortezza??? */
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
-
-loser:
- if(ck_id) {
- SECITEM_ZfreeItem(ck_id, PR_TRUE);
- }
-
- if(lpk) {
- nsslowkey_DestroyPrivateKey(lpk);
- }
-
- if(crv != CKR_OK) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-/* NSC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
-CK_RV NSC_UnwrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey)
-{
- PK11Object *key = NULL;
- PK11Session *session;
- int key_length = 0;
- unsigned char * buf = NULL;
- CK_RV crv = CKR_OK;
- int i;
- CK_ULONG bsize = ulWrappedKeyLen;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- SECItem bpki;
- CK_OBJECT_CLASS target_type = CKO_SECRET_KEY;
-
- /*
- * now lets create an object to hang the attributes off of
- */
- key = pk11_NewObject(slot); /* fill in the handle later */
- if (key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulAttributeCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG *)pTemplate[i].pValue;
- continue;
- }
- if (pTemplate[i].type == CKA_CLASS) {
- target_type = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
- }
- crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
- }
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return crv;
- }
-
- crv = pk11_CryptInit(hSession,pMechanism,hUnwrappingKey,CKA_UNWRAP,
- PK11_DECRYPT, PR_FALSE);
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return pk11_mapWrap(crv);
- }
-
- /* allocate the buffer to decrypt into
- * this assumes the unwrapped key is never larger than the
- * wrapped key. For all the mechanisms we support this is true */
- buf = (unsigned char *)PORT_Alloc( ulWrappedKeyLen);
- bsize = ulWrappedKeyLen;
-
- crv = NSC_Decrypt(hSession, pWrappedKey, ulWrappedKeyLen, buf, &bsize);
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- PORT_Free(buf);
- return pk11_mapWrap(crv);
- }
-
- switch(target_type) {
- case CKO_SECRET_KEY:
- if (!pk11_hasAttribute(key,CKA_KEY_TYPE)) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- }
-
- if(key_length == 0) {
- key_length = bsize;
- }
- if (key_length > MAX_KEY_LEN) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
-
- /* add the value */
- crv = pk11_AddAttributeType(key,CKA_VALUE,buf,key_length);
- break;
- case CKO_PRIVATE_KEY:
- bpki.data = (unsigned char *)buf;
- bpki.len = bsize;
- crv = CKR_OK;
- if(pk11_unwrapPrivateKey(key, &bpki) != SECSuccess) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- }
- break;
- default:
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
-
- PORT_ZFree(buf, bsize);
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* get the session */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- /*
- * handle the base object stuff
- */
- crv = pk11_handleObject(key,session);
- *phKey = key->handle;
- pk11_FreeSession(session);
- pk11_FreeObject(key);
-
- return crv;
-
-}
-
-/*
- * The SSL key gen mechanism create's lots of keys. This function handles the
- * details of each of these key creation.
- */
-static CK_RV
-pk11_buildSSLKey(CK_SESSION_HANDLE hSession, PK11Object *baseKey,
- PRBool isMacKey, unsigned char *keyBlock, unsigned int keySize,
- CK_OBJECT_HANDLE *keyHandle)
-{
- PK11Object *key;
- PK11Session *session;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_RV crv = CKR_HOST_MEMORY;
-
- /*
- * now lets create an object to hang the attributes off of
- */
- *keyHandle = CK_INVALID_HANDLE;
- key = pk11_NewObject(baseKey->slot);
- if (key == NULL) return CKR_HOST_MEMORY;
- pk11_narrowToSessionObject(key)->wasDerived = PR_TRUE;
-
- crv = pk11_CopyObject(key,baseKey);
- if (crv != CKR_OK) goto loser;
- if (isMacKey) {
- crv = pk11_forceAttribute(key,CKA_KEY_TYPE,&keyType,sizeof(keyType));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_ENCRYPT,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_DECRYPT,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_SIGN,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_VERIFY,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_WRAP,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_UNWRAP,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- }
- crv = pk11_forceAttribute(key,CKA_VALUE,keyBlock,keySize);
- if (crv != CKR_OK) goto loser;
-
- /* get the session */
- crv = CKR_HOST_MEMORY;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) { goto loser; }
-
- crv = pk11_handleObject(key,session);
- pk11_FreeSession(session);
- *keyHandle = key->handle;
-loser:
- if (key) pk11_FreeObject(key);
- return crv;
-}
-
-/*
- * if there is an error, we need to free the keys we already created in SSL
- * This is the routine that will do it..
- */
-static void
-pk11_freeSSLKeys(CK_SESSION_HANDLE session,
- CK_SSL3_KEY_MAT_OUT *returnedMaterial ) {
- if (returnedMaterial->hClientMacSecret != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session,returnedMaterial->hClientMacSecret);
- }
- if (returnedMaterial->hServerMacSecret != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session, returnedMaterial->hServerMacSecret);
- }
- if (returnedMaterial->hClientKey != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session, returnedMaterial->hClientKey);
- }
- if (returnedMaterial->hServerKey != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session, returnedMaterial->hServerKey);
- }
-}
-
-/*
- * when deriving from sensitive and extractable keys, we need to preserve some
- * of the semantics in the derived key. This helper routine maintains these
- * semantics.
- */
-static CK_RV
-pk11_DeriveSensitiveCheck(PK11Object *baseKey,PK11Object *destKey) {
- PRBool hasSensitive;
- PRBool sensitive = PR_FALSE;
- PRBool hasExtractable;
- PRBool extractable = PR_TRUE;
- CK_RV crv = CKR_OK;
- PK11Attribute *att;
-
- hasSensitive = PR_FALSE;
- att = pk11_FindAttribute(destKey,CKA_SENSITIVE);
- if (att) {
- hasSensitive = PR_TRUE;
- sensitive = (PRBool) *(CK_BBOOL *)att->attrib.pValue;
- pk11_FreeAttribute(att);
- }
-
- hasExtractable = PR_FALSE;
- att = pk11_FindAttribute(destKey,CKA_EXTRACTABLE);
- if (att) {
- hasExtractable = PR_TRUE;
- extractable = (PRBool) *(CK_BBOOL *)att->attrib.pValue;
- pk11_FreeAttribute(att);
- }
-
-
- /* don't make a key more accessible */
- if (pk11_isTrue(baseKey,CKA_SENSITIVE) && hasSensitive &&
- (sensitive == PR_FALSE)) {
- return CKR_KEY_FUNCTION_NOT_PERMITTED;
- }
- if (!pk11_isTrue(baseKey,CKA_EXTRACTABLE) && hasExtractable &&
- (extractable == PR_TRUE)) {
- return CKR_KEY_FUNCTION_NOT_PERMITTED;
- }
-
- /* inherit parent's sensitivity */
- if (!hasSensitive) {
- att = pk11_FindAttribute(baseKey,CKA_SENSITIVE);
- if (att == NULL) return CKR_KEY_TYPE_INCONSISTENT;
- crv = pk11_defaultAttribute(destKey,pk11_attr_expand(&att->attrib));
- pk11_FreeAttribute(att);
- if (crv != CKR_OK) return crv;
- }
- if (!hasExtractable) {
- att = pk11_FindAttribute(baseKey,CKA_EXTRACTABLE);
- if (att == NULL) return CKR_KEY_TYPE_INCONSISTENT;
- crv = pk11_defaultAttribute(destKey,pk11_attr_expand(&att->attrib));
- pk11_FreeAttribute(att);
- if (crv != CKR_OK) return crv;
- }
-
- /* we should inherit the parent's always extractable/ never sensitive info,
- * but handleObject always forces this attributes, so we would need to do
- * something special. */
- return CKR_OK;
-}
-
-/*
- * make known fixed PKCS #11 key types to their sizes in bytes
- */
-static unsigned long
-pk11_MapKeySize(CK_KEY_TYPE keyType) {
- switch (keyType) {
- case CKK_CDMF:
- return 8;
- case CKK_DES:
- return 8;
- case CKK_DES2:
- return 16;
- case CKK_DES3:
- return 24;
- /* IDEA and CAST need to be added */
- default:
- break;
- }
- return 0;
-}
-
-/*
- * SSL Key generation given pre master secret
- */
-#define NUM_MIXERS 9
-static const char * const mixers[NUM_MIXERS] = {
- "A",
- "BB",
- "CCC",
- "DDDD",
- "EEEEE",
- "FFFFFF",
- "GGGGGGG",
- "HHHHHHHH",
- "IIIIIIIII" };
-#define SSL3_PMS_LENGTH 48
-#define SSL3_MASTER_SECRET_LENGTH 48
-
-
-/* NSC_DeriveKey derives a key from a base key, creating a new key object. */
-CK_RV NSC_DeriveKey( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey)
-{
- PK11Session * session;
- PK11Slot * slot = pk11_SlotFromSessionHandle(hSession);
- PK11Object * key;
- PK11Object * sourceKey;
- PK11Attribute * att;
- PK11Attribute * att2;
- unsigned char * buf;
- SHA1Context * sha;
- MD5Context * md5;
- MD2Context * md2;
- CK_ULONG macSize;
- CK_ULONG tmpKeySize;
- CK_ULONG IVSize;
- CK_ULONG keySize = 0;
- CK_RV crv = CKR_OK;
- CK_BBOOL cktrue = CK_TRUE;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_OBJECT_CLASS classType = CKO_SECRET_KEY;
- CK_KEY_DERIVATION_STRING_DATA *stringPtr;
- PRBool isTLS = PR_FALSE;
- PRBool isDH = PR_FALSE;
- SECStatus rv;
- int i;
- unsigned int outLen;
- unsigned char sha_out[SHA1_LENGTH];
- unsigned char key_block[NUM_MIXERS * MD5_LENGTH];
- unsigned char key_block2[MD5_LENGTH];
- PRBool isFIPS;
-
- /*
- * now lets create an object to hang the attributes off of
- */
- if (phKey) *phKey = CK_INVALID_HANDLE;
-
- key = pk11_NewObject(slot); /* fill in the handle later */
- if (key == NULL) {
- return CKR_HOST_MEMORY;
- }
- isFIPS = (slot->slotID == FIPS_SLOT_ID);
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulAttributeCount; i++) {
- crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
-
- if (pTemplate[i].type == CKA_KEY_TYPE) {
- keyType = *(CK_KEY_TYPE *)pTemplate[i].pValue;
- }
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- keySize = *(CK_ULONG *)pTemplate[i].pValue;
- }
- }
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- if (keySize == 0) {
- keySize = pk11_MapKeySize(keyType);
- }
-
- /* Derive can only create SECRET KEY's currently... */
- classType = CKO_SECRET_KEY;
- crv = pk11_forceAttribute (key,CKA_CLASS,&classType,sizeof(classType));
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return crv;
- }
-
- /* look up the base key we're deriving with */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- sourceKey = pk11_ObjectFromHandle(hBaseKey,session);
- pk11_FreeSession(session);
- if (sourceKey == NULL) {
- pk11_FreeObject(key);
- return CKR_KEY_HANDLE_INVALID;
- }
-
- /* don't use key derive to expose sensitive keys */
- crv = pk11_DeriveSensitiveCheck(sourceKey,key);
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- pk11_FreeObject(sourceKey);
- return crv;
- }
-
- /* get the value of the base key */
- att = pk11_FindAttribute(sourceKey,CKA_VALUE);
- if (att == NULL) {
- pk11_FreeObject(key);
- pk11_FreeObject(sourceKey);
- return CKR_KEY_HANDLE_INVALID;
- }
-
- switch (pMechanism->mechanism) {
- /*
- * generate the master secret
- */
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_MASTER_KEY_DERIVE_DH:
- isTLS = PR_TRUE;
- /* fall thru */
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_MASTER_KEY_DERIVE_DH:
- {
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS *ssl3_master;
- SSL3RSAPreMasterSecret *rsa_pms;
- if ((pMechanism->mechanism == CKM_SSL3_MASTER_KEY_DERIVE_DH) ||
- (pMechanism->mechanism == CKM_TLS_MASTER_KEY_DERIVE_DH))
- isDH = PR_TRUE;
-
- /* first do the consistancy checks */
- if (!isDH && (att->attrib.ulValueLen != SSL3_PMS_LENGTH)) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att2 = pk11_FindAttribute(sourceKey,CKA_KEY_TYPE);
- if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
- CKK_GENERIC_SECRET)) {
- if (att2) pk11_FreeAttribute(att2);
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- pk11_FreeAttribute(att2);
- if (keyType != CKK_GENERIC_SECRET) {
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- if ((keySize != 0) && (keySize != SSL3_MASTER_SECRET_LENGTH)) {
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
-
-
- /* finally do the key gen */
- ssl3_master = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *)
- pMechanism->pParameter;
- if (ssl3_master->pVersion) {
- PK11SessionObject *sessKey = pk11_narrowToSessionObject(key);
- rsa_pms = (SSL3RSAPreMasterSecret *) att->attrib.pValue;
- /* don't leak more key material then necessary for SSL to work */
- if ((sessKey == NULL) || sessKey->wasDerived) {
- ssl3_master->pVersion->major = 0xff;
- ssl3_master->pVersion->minor = 0xff;
- } else {
- ssl3_master->pVersion->major = rsa_pms->client_version[0];
- ssl3_master->pVersion->minor = rsa_pms->client_version[1];
- }
- }
- if (ssl3_master->RandomInfo.ulClientRandomLen != SSL3_RANDOM_LENGTH) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- break;
- }
- if (ssl3_master->RandomInfo.ulServerRandomLen != SSL3_RANDOM_LENGTH) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- break;
- }
-
- if (isTLS) {
- unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
- SECItem crsr = { siBuffer, NULL, 0 };
- SECItem master = { siBuffer, NULL, 0 };
- SECItem pms = { siBuffer, NULL, 0 };
- SECStatus status;
-
- pms.data = (unsigned char*)att->attrib.pValue;
- pms.len = att->attrib.ulValueLen;
- master.data = key_block;
- master.len = SSL3_MASTER_SECRET_LENGTH;
- crsr.data = crsrdata;
- crsr.len = sizeof(crsrdata);
-
- PORT_Memcpy(crsrdata, ssl3_master->RandomInfo.pClientRandom,
- SSL3_RANDOM_LENGTH);
- PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH,
- ssl3_master->RandomInfo.pServerRandom, SSL3_RANDOM_LENGTH);
-
- status = pk11_PRF(&pms, "master secret", &crsr, &master, isFIPS);
- if (status != SECSuccess) {
- crv = CKR_FUNCTION_FAILED;
- break;
- }
- } else {
- /* now allocate the hash contexts */
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- sha = SHA1_NewContext();
- if (sha == NULL) {
- PORT_Free(md5);
- crv = CKR_HOST_MEMORY;
- break;
- }
- for (i = 0; i < 3; i++) {
- SHA1_Begin(sha);
- SHA1_Update(sha, (unsigned char*) mixers[i], strlen(mixers[i]));
- SHA1_Update(sha, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- SHA1_Update(sha, ssl3_master->RandomInfo.pClientRandom,
- ssl3_master->RandomInfo.ulClientRandomLen);
- SHA1_Update(sha, ssl3_master->RandomInfo.pServerRandom,
- ssl3_master->RandomInfo.ulServerRandomLen);
- SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
- PORT_Assert(outLen == SHA1_LENGTH);
- MD5_Begin(md5);
- MD5_Update(md5, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD5_Update(md5, sha_out, outLen);
- MD5_End(md5, &key_block[i*MD5_LENGTH], &outLen, MD5_LENGTH);
- PORT_Assert(outLen == MD5_LENGTH);
- }
- PORT_Free(md5);
- PORT_Free(sha);
- }
-
- /* store the results */
- crv = pk11_forceAttribute
- (key,CKA_VALUE,key_block,SSL3_MASTER_SECRET_LENGTH);
- if (crv != CKR_OK) break;
- keyType = CKK_GENERIC_SECRET;
- crv = pk11_forceAttribute (key,CKA_KEY_TYPE,&keyType,sizeof(keyType));
- if (isTLS) {
- /* TLS's master secret is used to "sign" finished msgs with PRF. */
- /* XXX This seems like a hack. But PK11_Derive only accepts
- * one "operation" argument. */
- crv = pk11_forceAttribute(key,CKA_SIGN, &cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) break;
- crv = pk11_forceAttribute(key,CKA_VERIFY,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) break;
- /* While we're here, we might as well force this, too. */
- crv = pk11_forceAttribute(key,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) break;
- }
- break;
- }
-
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- isTLS = PR_TRUE;
- /* fall thru */
- case CKM_SSL3_KEY_AND_MAC_DERIVE:
- {
- CK_SSL3_KEY_MAT_PARAMS *ssl3_keys;
- CK_SSL3_KEY_MAT_OUT * ssl3_keys_out;
- CK_ULONG effKeySize;
-
- crv = pk11_DeriveSensitiveCheck(sourceKey,key);
- if (crv != CKR_OK) break;
-
- if (att->attrib.ulValueLen != SSL3_MASTER_SECRET_LENGTH) {
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- att2 = pk11_FindAttribute(sourceKey,CKA_KEY_TYPE);
- if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
- CKK_GENERIC_SECRET)) {
- if (att2) pk11_FreeAttribute(att2);
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- pk11_FreeAttribute(att2);
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- sha = SHA1_NewContext();
- if (sha == NULL) {
- PORT_Free(md5);
- crv = CKR_HOST_MEMORY;
- break;
- }
- ssl3_keys = (CK_SSL3_KEY_MAT_PARAMS *) pMechanism->pParameter;
- /*
- * clear out our returned keys so we can recover on failure
- */
- ssl3_keys_out = ssl3_keys->pReturnedKeyMaterial;
- ssl3_keys_out->hClientMacSecret = CK_INVALID_HANDLE;
- ssl3_keys_out->hServerMacSecret = CK_INVALID_HANDLE;
- ssl3_keys_out->hClientKey = CK_INVALID_HANDLE;
- ssl3_keys_out->hServerKey = CK_INVALID_HANDLE;
-
- /*
- * generate the key material: This looks amazingly similar to the
- * PMS code, and is clearly crying out for a function to provide it.
- */
- if (isTLS) {
- SECStatus status;
- SECItem master = { siBuffer, NULL, 0 };
- SECItem srcr = { siBuffer, NULL, 0 };
- SECItem keyblk = { siBuffer, NULL, 0 };
- unsigned char srcrdata[SSL3_RANDOM_LENGTH * 2];
-
- master.data = (unsigned char*)att->attrib.pValue;
- master.len = att->attrib.ulValueLen;
- srcr.data = srcrdata;
- srcr.len = sizeof srcrdata;
- keyblk.data = key_block;
- keyblk.len = sizeof key_block;
-
- PORT_Memcpy(srcrdata,
- ssl3_keys->RandomInfo.pServerRandom,
- SSL3_RANDOM_LENGTH);
- PORT_Memcpy(srcrdata + SSL3_RANDOM_LENGTH,
- ssl3_keys->RandomInfo.pClientRandom,
- SSL3_RANDOM_LENGTH);
-
- status = pk11_PRF(&master, "key expansion", &srcr, &keyblk,
- isFIPS);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- } else {
- /* key_block =
- * MD5(master_secret + SHA('A' + master_secret +
- * ServerHello.random + ClientHello.random)) +
- * MD5(master_secret + SHA('BB' + master_secret +
- * ServerHello.random + ClientHello.random)) +
- * MD5(master_secret + SHA('CCC' + master_secret +
- * ServerHello.random + ClientHello.random)) +
- * [...];
- */
- for (i = 0; i < NUM_MIXERS; i++) {
- SHA1_Begin(sha);
- SHA1_Update(sha, (unsigned char*) mixers[i], strlen(mixers[i]));
- SHA1_Update(sha, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- SHA1_Update(sha, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- SHA1_Update(sha, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
- PORT_Assert(outLen == SHA1_LENGTH);
- MD5_Begin(md5);
- MD5_Update(md5, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD5_Update(md5, sha_out, outLen);
- MD5_End(md5, &key_block[i*MD5_LENGTH], &outLen, MD5_LENGTH);
- PORT_Assert(outLen == MD5_LENGTH);
- }
- }
-
- /*
- * Put the key material where it goes.
- */
- i = 0; /* now shows how much consumed */
- macSize = ssl3_keys->ulMacSizeInBits/8;
- effKeySize = ssl3_keys->ulKeySizeInBits/8;
- IVSize = ssl3_keys->ulIVSizeInBits/8;
- if (keySize == 0) {
- effKeySize = keySize;
- }
-
- /*
- * The key_block is partitioned as follows:
- * client_write_MAC_secret[CipherSpec.hash_size]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_TRUE,&key_block[i],macSize,
- &ssl3_keys_out->hClientMacSecret);
- if (crv != CKR_OK)
- goto key_and_mac_derive_fail;
-
- i += macSize;
-
- /*
- * server_write_MAC_secret[CipherSpec.hash_size]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_TRUE,&key_block[i],macSize,
- &ssl3_keys_out->hServerMacSecret);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
- i += macSize;
-
- if (keySize) {
- if (!ssl3_keys->bIsExport) {
- /*
- ** Generate Domestic write keys and IVs.
- ** client_write_key[CipherSpec.key_material]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,&key_block[i],
- keySize, &ssl3_keys_out->hClientKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
- i += keySize;
-
- /*
- ** server_write_key[CipherSpec.key_material]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,&key_block[i],
- keySize, &ssl3_keys_out->hServerKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
- i += keySize;
-
- /*
- ** client_write_IV[CipherSpec.IV_size]
- */
- PORT_Memcpy(ssl3_keys_out->pIVClient, &key_block[i], IVSize);
- i += IVSize;
-
- /*
- ** server_write_IV[CipherSpec.IV_size]
- */
- PORT_Memcpy(ssl3_keys_out->pIVServer, &key_block[i], IVSize);
- i += IVSize;
- PORT_Assert(i <= sizeof key_block);
-
- } else if (!isTLS) {
-
- /*
- ** Generate SSL3 Export write keys and IVs.
- ** client_write_key[CipherSpec.key_material]
- ** final_client_write_key = MD5(client_write_key +
- ** ClientHello.random + ServerHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, &key_block[i], effKeySize);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- i += effKeySize;
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,key_block2,
- keySize,&ssl3_keys_out->hClientKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** server_write_key[CipherSpec.key_material]
- ** final_server_write_key = MD5(server_write_key +
- ** ServerHello.random + ClientHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, &key_block[i], effKeySize);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- i += effKeySize;
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,key_block2,
- keySize,&ssl3_keys_out->hServerKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** client_write_IV =
- ** MD5(ClientHello.random + ServerHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- PORT_Memcpy(ssl3_keys_out->pIVClient, key_block2, IVSize);
-
- /*
- ** server_write_IV =
- ** MD5(ServerHello.random + ClientHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- PORT_Memcpy(ssl3_keys_out->pIVServer, key_block2, IVSize);
-
- } else {
-
- /*
- ** Generate TLS Export write keys and IVs.
- */
- SECStatus status;
- SECItem secret = { siBuffer, NULL, 0 };
- SECItem crsr = { siBuffer, NULL, 0 };
- SECItem keyblk = { siBuffer, NULL, 0 };
- unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
-
- crsr.data = crsrdata;
- crsr.len = sizeof crsrdata;
-
- PORT_Memcpy(crsrdata,
- ssl3_keys->RandomInfo.pClientRandom,
- SSL3_RANDOM_LENGTH);
- PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH,
- ssl3_keys->RandomInfo.pServerRandom,
- SSL3_RANDOM_LENGTH);
-
-
- /*
- ** client_write_key[CipherSpec.key_material]
- ** final_client_write_key = PRF(client_write_key,
- ** "client write key",
- ** client_random + server_random);
- */
- secret.data = &key_block[i];
- secret.len = effKeySize;
- i += effKeySize;
- keyblk.data = key_block2;
- keyblk.len = sizeof key_block2;
- status = pk11_PRF(&secret, "client write key", &crsr, &keyblk,
- isFIPS);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- crv = pk11_buildSSLKey(hSession, key, PR_FALSE, key_block2,
- keySize, &ssl3_keys_out->hClientKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** server_write_key[CipherSpec.key_material]
- ** final_server_write_key = PRF(server_write_key,
- ** "server write key",
- ** client_random + server_random);
- */
- secret.data = &key_block[i];
- secret.len = effKeySize;
- i += effKeySize;
- keyblk.data = key_block2;
- keyblk.len = sizeof key_block2;
- status = pk11_PRF(&secret, "server write key", &crsr, &keyblk,
- isFIPS);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- crv = pk11_buildSSLKey(hSession, key, PR_FALSE, key_block2,
- keySize, &ssl3_keys_out->hServerKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** iv_block = PRF("", "IV block",
- ** client_random + server_random);
- ** client_write_IV[SecurityParameters.IV_size]
- ** server_write_IV[SecurityParameters.IV_size]
- */
- if (IVSize) {
- secret.data = NULL;
- secret.len = 0;
- keyblk.data = &key_block[i];
- keyblk.len = 2 * IVSize;
- status = pk11_PRF(&secret, "IV block", &crsr, &keyblk,
- isFIPS);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- PORT_Memcpy(ssl3_keys_out->pIVClient, keyblk.data, IVSize);
- PORT_Memcpy(ssl3_keys_out->pIVServer, keyblk.data + IVSize,
- IVSize);
- }
- }
- }
-
- crv = CKR_OK;
-
- if (0) {
-key_and_mac_derive_fail:
- if (crv == CKR_OK)
- crv = CKR_FUNCTION_FAILED;
- pk11_freeSSLKeys(hSession, ssl3_keys_out);
- }
- MD5_DestroyContext(md5, PR_TRUE);
- SHA1_DestroyContext(sha, PR_TRUE);
- pk11_FreeObject(key);
- key = NULL;
- break;
- }
-
- case CKM_CONCATENATE_BASE_AND_KEY:
- {
- PK11Object *newKey;
-
- crv = pk11_DeriveSensitiveCheck(sourceKey,key);
- if (crv != CKR_OK) break;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- crv = CKR_SESSION_HANDLE_INVALID;
- break;
- }
-
- newKey = pk11_ObjectFromHandle(*(CK_OBJECT_HANDLE *)
- pMechanism->pParameter,session);
- pk11_FreeSession(session);
- if ( newKey == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
-
- if (pk11_isTrue(newKey,CKA_SENSITIVE)) {
- crv = pk11_forceAttribute(newKey,CKA_SENSITIVE,&cktrue,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) {
- pk11_FreeObject(newKey);
- break;
- }
- }
-
- att2 = pk11_FindAttribute(newKey,CKA_VALUE);
- if (att2 == NULL) {
- pk11_FreeObject(newKey);
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- tmpKeySize = att->attrib.ulValueLen+att2->attrib.ulValueLen;
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- pk11_FreeObject(newKey);
- pk11_FreeAttribute(att2);
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(tmpKeySize);
- if (buf == NULL) {
- pk11_FreeAttribute(att2);
- pk11_FreeObject(newKey);
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- PORT_Memcpy(buf,att->attrib.pValue,att->attrib.ulValueLen);
- PORT_Memcpy(buf+att->attrib.ulValueLen,
- att2->attrib.pValue,att2->attrib.ulValueLen);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,tmpKeySize);
- pk11_FreeAttribute(att2);
- pk11_FreeObject(newKey);
- break;
- }
-
- case CKM_CONCATENATE_BASE_AND_DATA:
- stringPtr = (CK_KEY_DERIVATION_STRING_DATA *) pMechanism->pParameter;
- tmpKeySize = att->attrib.ulValueLen+stringPtr->ulLen;
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(tmpKeySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- PORT_Memcpy(buf,att->attrib.pValue,att->attrib.ulValueLen);
- PORT_Memcpy(buf+att->attrib.ulValueLen,stringPtr->pData,
- stringPtr->ulLen);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,tmpKeySize);
- break;
- case CKM_CONCATENATE_DATA_AND_BASE:
- stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
- tmpKeySize = att->attrib.ulValueLen+stringPtr->ulLen;
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(tmpKeySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- PORT_Memcpy(buf,stringPtr->pData,stringPtr->ulLen);
- PORT_Memcpy(buf+stringPtr->ulLen,att->attrib.pValue,
- att->attrib.ulValueLen);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,tmpKeySize);
- break;
- case CKM_XOR_BASE_AND_DATA:
- stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
- tmpKeySize = PR_MIN(att->attrib.ulValueLen,stringPtr->ulLen);
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(keySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
-
- PORT_Memcpy(buf,att->attrib.pValue,keySize);
- for (i=0; i < (int)keySize; i++) {
- buf[i] ^= stringPtr->pData[i];
- }
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,keySize);
- break;
-
- case CKM_EXTRACT_KEY_FROM_KEY:
- {
- /* the following assumes 8 bits per byte */
- CK_ULONG extract = *(CK_EXTRACT_PARAMS *)pMechanism->pParameter;
- CK_ULONG shift = extract & 0x7; /* extract mod 8 the fast way */
- CK_ULONG offset = extract >> 3; /* extract div 8 the fast way */
-
- if (keySize == 0) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- }
- /* make sure we have enough bits in the original key */
- if (att->attrib.ulValueLen <
- (offset + keySize + ((shift != 0)? 1 :0)) ) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(keySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- /* copy the bits we need into the new key */
- for (i=0; i < (int)keySize; i++) {
- unsigned char *value =
- ((unsigned char *)att->attrib.pValue)+offset+i;
- if (shift) {
- buf[i] = (value[0] << (shift)) | (value[1] >> (8 - shift));
- } else {
- buf[i] = value[0];
- }
- }
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,keySize);
- break;
- }
- case CKM_MD2_KEY_DERIVATION:
- if (keySize == 0) keySize = MD2_LENGTH;
- if (keySize > MD2_LENGTH) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- /* now allocate the hash contexts */
- md2 = MD2_NewContext();
- if (md2 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- MD2_Begin(md2);
- MD2_Update(md2,(const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD2_End(md2,key_block,&outLen,MD2_LENGTH);
- MD2_DestroyContext(md2, PR_TRUE);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,key_block,keySize);
- break;
- case CKM_MD5_KEY_DERIVATION:
- if (keySize == 0) keySize = MD5_LENGTH;
- if (keySize > MD5_LENGTH) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- /* now allocate the hash contexts */
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- MD5_Begin(md5);
- MD5_Update(md5,(const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD5_End(md5,key_block,&outLen,MD5_LENGTH);
- MD5_DestroyContext(md5, PR_TRUE);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,key_block,keySize);
- break;
- case CKM_SHA1_KEY_DERIVATION:
- if (keySize == 0) keySize = SHA1_LENGTH;
- if (keySize > SHA1_LENGTH) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- /* now allocate the hash contexts */
- sha = SHA1_NewContext();
- if (sha == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- SHA1_Begin(sha);
- SHA1_Update(sha,(const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- SHA1_End(sha,key_block,&outLen,SHA1_LENGTH);
- SHA1_DestroyContext(sha, PR_TRUE);
-
- crv = pk11_forceAttribute(key,CKA_VALUE,key_block,keySize);
- break;
-
- case CKM_DH_PKCS_DERIVE:
- {
- SECItem derived, dhPublic;
- SECItem dhPrime, dhValue;
- /* sourceKey - values for the local existing low key */
- /* get prime and value attributes */
- crv = pk11_Attribute2SecItem(NULL, &dhPrime, sourceKey, CKA_PRIME);
- if (crv != SECSuccess) break;
- crv = pk11_Attribute2SecItem(NULL, &dhValue, sourceKey, CKA_VALUE);
- if (crv != SECSuccess) {
- PORT_Free(dhPrime.data);
- break;
- }
-
- dhPublic.data = pMechanism->pParameter;
- dhPublic.len = pMechanism->ulParameterLen;
-
- /* calculate private value - oct */
- rv = DH_Derive(&dhPublic, &dhPrime, &dhValue, &derived, keySize);
-
- PORT_Free(dhPrime.data);
- PORT_Free(dhValue.data);
-
- if (rv == SECSuccess) {
- pk11_forceAttribute(key, CKA_VALUE, derived.data, derived.len);
- PORT_ZFree(derived.data, derived.len);
- } else
- crv = CKR_HOST_MEMORY;
-
- break;
- }
-
-#ifdef NSS_ENABLE_ECC
- case CKM_ECDH1_DERIVE:
- case CKM_ECDH1_COFACTOR_DERIVE:
- {
- SECItem ecScalar, ecPoint;
- SECItem tmp;
- ECParams *ecParams;
- PRBool withCofactor = PR_FALSE;
- unsigned char secret_hash[20];
- unsigned char *secret;
- int secretlen;
- CK_ECDH1_DERIVE_PARAMS *mechParams;
-
- /* get params and value attributes */
- crv = pk11_Attribute2SecItem(NULL, &tmp, sourceKey,
- CKA_EC_PARAMS);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SecItem(NULL, &ecScalar, sourceKey, CKA_VALUE);
- if (crv != CKR_OK) {
- PORT_Free(tmp.data);
- break;
- }
-
- /* Check elliptic curve parameters */
- rv = EC_DecodeParams(&tmp, &ecParams);
- PORT_Free(tmp.data);
- if (rv != SECSuccess) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- PORT_Free(ecScalar.data);
- break;
- }
-
- /* Check mechanism parameters */
- mechParams = (CK_ECDH1_DERIVE_PARAMS *) pMechanism->pParameter;
- if ((pMechanism->ulParameterLen != sizeof(CK_ECDH1_DERIVE_PARAMS)) ||
- ((mechParams->kdf == CKD_NULL) &&
- ((mechParams->ulSharedDataLen != 0) ||
- (mechParams->pSharedData != NULL)))) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- PORT_FreeArena(ecParams->arena, PR_TRUE);
- PORT_Free(ecScalar.data);
- break;
- }
-
- ecPoint.data = mechParams->pPublicData;
- ecPoint.len = mechParams->ulPublicDataLen;
-
- if (pMechanism->mechanism == CKM_ECDH1_COFACTOR_DERIVE) {
- withCofactor = PR_TRUE;
- } else {
- /* When not using cofactor derivation, one should
- * validate the public key to avoid small subgroup
- * attacks.
- */
- if (EC_ValidatePublicKey(ecParams, &ecPoint) != SECSuccess) {
- crv = CKR_ARGUMENTS_BAD;
- PORT_FreeArena(ecParams->arena, PR_TRUE);
- PORT_Free(ecScalar.data);
- break;
- }
- }
-
- rv = ECDH_Derive(&ecPoint, ecParams, &ecScalar,
- withCofactor, &tmp);
- PORT_FreeArena(ecParams->arena, PR_TRUE);
- PORT_Free(ecScalar.data);
-
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
-
- secret = tmp.data;
- secretlen = tmp.len;
- if (mechParams->kdf == CKD_SHA1_KDF) {
- /* Compute SHA1 hash */
- memset(secret_hash, 0, 20);
- rv = SHA1_HashBuf(secret_hash, tmp.data, tmp.len);
- if (rv != SECSuccess) {
- PORT_ZFree(tmp.data, tmp.len);
- } else {
- secret = secret_hash;
- secretlen = 20;
- }
- }
-
- if (rv == SECSuccess) {
- pk11_forceAttribute(key, CKA_VALUE, secret, secretlen);
- PORT_ZFree(tmp.data, tmp.len);
- memset(secret_hash, 0, 20);
- } else
- crv = CKR_HOST_MEMORY;
-
- break;
- }
-#endif /* NSS_ENABLE_ECC */
-
- default:
- crv = CKR_MECHANISM_INVALID;
- }
- pk11_FreeAttribute(att);
- pk11_FreeObject(sourceKey);
- if (crv != CKR_OK) {
- if (key) pk11_FreeObject(key);
- return crv;
- }
-
- /* link the key object into the list */
- if (key) {
- PK11SessionObject *sessKey = pk11_narrowToSessionObject(key);
- PORT_Assert(sessKey);
- /* get the session */
- sessKey->wasDerived = PR_TRUE;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_HOST_MEMORY;
- }
-
- crv = pk11_handleObject(key,session);
- pk11_FreeSession(session);
- *phKey = key->handle;
- pk11_FreeObject(key);
- }
- return crv;
-}
-
-
-/* NSC_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
-CK_RV NSC_GetFunctionStatus(CK_SESSION_HANDLE hSession)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/* NSC_CancelFunction cancels a function running in parallel */
-CK_RV NSC_CancelFunction(CK_SESSION_HANDLE hSession)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/* NSC_GetOperationState saves the state of the cryptographic
- *operation in a session.
- * NOTE: This code only works for digest functions for now. eventually need
- * to add full flatten/resurect to our state stuff so that all types of state
- * can be saved */
-CK_RV NSC_GetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
-{
- PK11SessionContext *context;
- PK11Session *session;
- CK_RV crv;
- CK_ULONG pOSLen = *pulOperationStateLen;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, &session);
- if (crv != CKR_OK) return crv;
-
- *pulOperationStateLen = context->cipherInfoLen + sizeof(CK_MECHANISM_TYPE)
- + sizeof(PK11ContextType);
- if (pOperationState == NULL) {
- pk11_FreeSession(session);
- return CKR_OK;
- } else {
- if (pOSLen < *pulOperationStateLen) {
- return CKR_BUFFER_TOO_SMALL;
- }
- }
- PORT_Memcpy(pOperationState,&context->type,sizeof(PK11ContextType));
- pOperationState += sizeof(PK11ContextType);
- PORT_Memcpy(pOperationState,&context->currentMech,
- sizeof(CK_MECHANISM_TYPE));
- pOperationState += sizeof(CK_MECHANISM_TYPE);
- PORT_Memcpy(pOperationState,context->cipherInfo,context->cipherInfoLen);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-#define pk11_Decrement(stateSize,len) \
- stateSize = ((stateSize) > (CK_ULONG)(len)) ? \
- ((stateSize) - (CK_ULONG)(len)) : 0;
-
-/* NSC_SetOperationState restores the state of the cryptographic
- * operation in a session. This is coded like it can restore lots of
- * states, but it only works for truly flat cipher structures. */
-CK_RV NSC_SetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
-{
- PK11SessionContext *context;
- PK11Session *session;
- PK11ContextType type;
- CK_MECHANISM mech;
- CK_RV crv = CKR_OK;
-
- while (ulOperationStateLen != 0) {
- /* get what type of state we're dealing with... */
- PORT_Memcpy(&type,pOperationState, sizeof(PK11ContextType));
-
- /* fix up session contexts based on type */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- context = pk11_ReturnContextByType(session, type);
- pk11_SetContextByType(session, type, NULL);
- if (context) {
- pk11_FreeContext(context);
- }
- pOperationState += sizeof(PK11ContextType);
- pk11_Decrement(ulOperationStateLen,sizeof(PK11ContextType));
-
-
- /* get the mechanism structure */
- PORT_Memcpy(&mech.mechanism,pOperationState,sizeof(CK_MECHANISM_TYPE));
- pOperationState += sizeof(CK_MECHANISM_TYPE);
- pk11_Decrement(ulOperationStateLen, sizeof(CK_MECHANISM_TYPE));
- /* should be filled in... but not necessary for hash */
- mech.pParameter = NULL;
- mech.ulParameterLen = 0;
- switch (type) {
- case PK11_HASH:
- crv = NSC_DigestInit(hSession,&mech);
- if (crv != CKR_OK) break;
- crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE,
- NULL);
- if (crv != CKR_OK) break;
- PORT_Memcpy(context->cipherInfo,pOperationState,
- context->cipherInfoLen);
- pOperationState += context->cipherInfoLen;
- pk11_Decrement(ulOperationStateLen,context->cipherInfoLen);
- break;
- default:
- /* do sign/encrypt/decrypt later */
- crv = CKR_SAVED_STATE_INVALID;
- }
- pk11_FreeSession(session);
- if (crv != CKR_OK) break;
- }
- return crv;
-}
-
-/* Dual-function cryptographic operations */
-
-/* NSC_DigestEncryptUpdate continues a multiple-part digesting and encryption
- * operation. */
-CK_RV NSC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen)
-{
- CK_RV crv;
-
- crv = NSC_EncryptUpdate(hSession,pPart,ulPartLen, pEncryptedPart,
- pulEncryptedPartLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_DigestUpdate(hSession,pPart,ulPartLen);
-
- return crv;
-}
-
-
-/* NSC_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_RV NSC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
-{
- CK_RV crv;
-
- crv = NSC_DecryptUpdate(hSession,pEncryptedPart, ulEncryptedPartLen,
- pPart, pulPartLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_DigestUpdate(hSession,pPart,*pulPartLen);
-
- return crv;
-}
-
-
-/* NSC_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_RV NSC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen)
-{
- CK_RV crv;
-
- crv = NSC_EncryptUpdate(hSession,pPart,ulPartLen, pEncryptedPart,
- pulEncryptedPartLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_SignUpdate(hSession,pPart,ulPartLen);
-
- return crv;
-}
-
-
-/* NSC_DecryptVerifyUpdate continues a multiple-part decryption
- * and verify operation. */
-CK_RV NSC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
-{
- CK_RV crv;
-
- crv = NSC_DecryptUpdate(hSession,pEncryptedData, ulEncryptedDataLen,
- pData, pulDataLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_VerifyUpdate(hSession, pData, *pulDataLen);
-
- return crv;
-}
-
-/* NSC_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-CK_RV NSC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session = NULL;
- PK11Object *key = NULL;
- PK11Attribute *att;
- CK_RV crv;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
- key = pk11_ObjectFromHandle(hKey,session);
- pk11_FreeSession(session);
- if (key == NULL) return CKR_KEY_HANDLE_INVALID;
-
- /* PUT ANY DIGEST KEY RESTRICTION CHECKS HERE */
-
- /* make sure it's a valid key for this operation */
- if (key->objclass != CKO_SECRET_KEY) {
- pk11_FreeObject(key);
- return CKR_KEY_TYPE_INCONSISTENT;
- }
- /* get the key value */
- att = pk11_FindAttribute(key,CKA_VALUE);
- pk11_FreeObject(key);
-
- crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue,
- att->attrib.ulValueLen);
- pk11_FreeAttribute(att);
- return crv;
-}
diff --git a/security/nss/lib/softoken/pkcs11f.h b/security/nss/lib/softoken/pkcs11f.h
deleted file mode 100644
index 70d34da5e..000000000
--- a/security/nss/lib/softoken/pkcs11f.h
+++ /dev/null
@@ -1,934 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all the */
-/* PKCS #11 function prototypes. Because this information is */
-/* used for more than just declaring function prototypes, the */
-/* order of the functions appearing herein is important, and */
-/* should not be altered. */
-
-
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
- * cast to CK_C_INITIALIZE_ARGS_PTR
- * and dereferenced */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the
- * PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_PKCS11_FUNCTION_INFO(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_INFO_PTR pInfo /* location that receives information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
- * function list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_BBOOL tokenPresent, /* only slots with tokens? */
- CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
- CK_ULONG_PTR pulCount /* receives number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in
- * the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the ID of the slot */
- CK_SLOT_INFO_PTR pInfo /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token
- * in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_TOKEN_INFO_PTR pInfo /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types
- * supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of token's slot */
- CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
- CK_ULONG_PTR pulCount /* gets # of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular
- * mechanism possibly supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE type, /* type of mechanism */
- CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_PKCS11_FUNCTION_INFO(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
-/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_CHAR_PTR pPin, /* the SO's initial PIN */
- CK_ULONG ulPinLen, /* length in bytes of the PIN */
- CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_PKCS11_FUNCTION_INFO(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pPin, /* the normal user's PIN */
- CK_ULONG ulPinLen /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of the user who is logged in. */
-CK_PKCS11_FUNCTION_INFO(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pOldPin, /* the old PIN */
- CK_ULONG ulOldLen, /* length of the old PIN */
- CK_CHAR_PTR pNewPin, /* the new PIN */
- CK_ULONG ulNewLen /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the slot's ID */
- CK_FLAGS flags, /* from CK_SESSION_INFO */
- CK_VOID_PTR pApplication, /* passed to callback */
- CK_NOTIFY Notify, /* callback function */
- CK_SESSION_HANDLE_PTR phSession /* gets session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_SESSION_INFO_PTR pInfo /* receives session info */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pOperationState, /* gets state */
- CK_ULONG_PTR pulOperationStateLen /* gets state length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic
- * operation in a session. */
-CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pOperationState, /* holds state */
- CK_ULONG ulOperationStateLen, /* holds state length */
- CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
- CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_PKCS11_FUNCTION_INFO(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_USER_TYPE userType, /* the user type */
- CK_CHAR_PTR pPin, /* the user's PIN */
- CK_ULONG ulPinLen /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_PKCS11_FUNCTION_INFO(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_PKCS11_FUNCTION_INFO(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the
- * copy. */
-CK_PKCS11_FUNCTION_INFO(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ULONG_PTR pulSize /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
- * attributes. */
-CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
- * attributes */
-CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session
- * objects that match a template. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
- CK_ULONG ulCount /* attrs in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session
- * objects that match a template, obtaining additional object
- * handles. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
- CK_ULONG ulMaxObjectCount, /* max handles to get */
- CK_ULONG_PTR pulObjectCount /* actual # returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session
- * objects. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_PKCS11_FUNCTION_INFO(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pData, /* the plaintext data */
- CK_ULONG ulDataLen, /* bytes of plaintext */
- CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext data len */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session handle */
- CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
- CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedData, /* ciphertext */
- CK_ULONG ulEncryptedDataLen, /* ciphertext length */
- CK_BYTE_PTR pData, /* gets plaintext */
- CK_ULONG_PTR pulDataLen /* gets p-text size */
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* encrypted data */
- CK_ULONG ulEncryptedPartLen, /* input length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* p-text size */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastPart, /* gets plaintext */
- CK_ULONG_PTR pulLastPartLen /* p-text size */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* data to be digested */
- CK_ULONG ulDataLen, /* bytes of data to digest */
- CK_BYTE_PTR pDigest, /* gets the message digest */
- CK_ULONG_PTR pulDigestLen /* gets digest length */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* data to be digested */
- CK_ULONG ulPartLen /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting
- * operation, by digesting the value of a secret key as part of
- * the data already digested. */
-CK_PKCS11_FUNCTION_INFO(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hKey /* secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pDigest, /* gets the message digest */
- CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
- * operation, where the signature is (will be) an appendix to
- * the data, and plaintext cannot be recovered from the
- *signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single
- * part, where the signature is (will be) an appendix to the
- * data, and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data to sign */
- CK_ULONG ulDataLen, /* count of bytes to sign */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the data to sign */
- CK_ULONG ulPartLen /* count of bytes to sign */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation, where
- * the data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation, where the
- * data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data to sign */
- CK_ULONG ulDataLen, /* count of bytes to sign */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation, where the
- * signature is an appendix to the data, and plaintext cannot
- * cannot be recovered from the signature (e.g. DSA). */
-CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* verification key */
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data, and plaintext
- * cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* signed data */
- CK_ULONG ulDataLen, /* length of signed data */
- CK_BYTE_PTR pSignature, /* signature */
- CK_ULONG ulSignatureLen /* signature length*/
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification
- * operation, where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* signed data */
- CK_ULONG ulPartLen /* length of signed data */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification
- * operation, checking the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* signature to verify */
- CK_ULONG ulSignatureLen /* signature length */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* signature to verify */
- CK_ULONG ulSignatureLen, /* signature length */
- CK_BYTE_PTR pData, /* gets signed data */
- CK_ULONG_PTR pulDataLen /* gets signed data len */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting
- * and encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext length */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* ciphertext */
- CK_ULONG ulEncryptedPartLen, /* ciphertext length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* gets plaintext len */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext length */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* ciphertext */
- CK_ULONG ulEncryptedPartLen, /* ciphertext length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* gets p-text length */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* key generation mech. */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
- CK_ULONG ulCount, /* # of attrs in template */
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session
- * handle */
- CK_MECHANISM_PTR pMechanism, /* key-gen
- * mech. */
- CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
- * for pub.
- * key */
- CK_ULONG ulPublicKeyAttributeCount, /* # pub.
- * attrs. */
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
- * for priv.
- * key */
- CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
- * attrs. */
- CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
- * key
- * handle */
- CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
- * priv. key
- * handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_PKCS11_FUNCTION_INFO(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
- CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
- CK_OBJECT_HANDLE hKey, /* key to be wrapped */
- CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
- CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
- * key object. */
-CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
- CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
- CK_BYTE_PTR pWrappedKey, /* the wrapped key */
- CK_ULONG ulWrappedKeyLen, /* wrapped key len */
- CK_ATTRIBUTE_PTR pTemplate, /* new key template */
- CK_ULONG ulAttributeCount, /* template length */
- CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
- CK_OBJECT_HANDLE hBaseKey, /* base key */
- CK_ATTRIBUTE_PTR pTemplate, /* new key template */
- CK_ULONG ulAttributeCount, /* template length */
- CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's
- * random number generator. */
-CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSeed, /* the seed material */
- CK_ULONG ulSeedLen /* length of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR RandomData, /* receives the random data */
- CK_ULONG ulRandomLen /* # of bytes to generate */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus is a legacy function; it obtains an
- * updated status of a function running in parallel with an
- * application. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction is a legacy function; it cancels a function
- * running in parallel. */
-CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FLAGS flags, /* blocking/nonblocking flag */
- CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
- CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
-);
-#endif
diff --git a/security/nss/lib/softoken/pkcs11i.h b/security/nss/lib/softoken/pkcs11i.h
deleted file mode 100644
index 35841b269..000000000
--- a/security/nss/lib/softoken/pkcs11i.h
+++ /dev/null
@@ -1,689 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal data structures and functions used by pkcs11.c
- */
-#ifndef _PKCS11I_H_
-#define _PKCS11I_H_ 1
-
-#include "nssilock.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-#include "pkcs11t.h"
-#include "pcertt.h"
-
-
-/*
- * Configuration Defines
- *
- * The following defines affect the space verse speed trade offs of
- * the PKCS #11 module. For the most part the current settings are optimized
- * for web servers, where we want faster speed and lower lock contention at
- * the expense of space.
- */
-
-#define PKCS11_USE_THREADS /* set to true of you are need threads */
-/*
- * Attribute Allocation strategy:
- *
- * 1) static allocation (PKCS11_STATIC_ATTRIBUTES set
- * PKCS11_REF_COUNT_ATTRIBUTES not set)
- * Attributes are pre-allocated as part of the session object and used from
- * the object array.
- *
- * 2) heap allocation with ref counting (PKCS11_STATIC_ATTRIBUTES not set
- * PKCS11_REF_COUNT_ATTRIBUTES set)
- * Attributes are allocated from the heap when needed and freed when their
- * reference count goes to zero.
- *
- * 3) arena allocation (PKCS11_STATIC_ATTRIBUTES not set
- * PKCS11_REF_COUNT_ATTRIBUTE not set)
- * Attributes are allocated from the arena when needed and freed only when
- * the object goes away.
- */
-#define PKCS11_STATIC_ATTRIBUTES
-/*#define PKCS11_REF_COUNT_ATTRIBUTES */
-/* the next two are only active if PKCS11_STATIC_ATTRIBUTES is set */
-#define MAX_OBJS_ATTRS 45 /* number of attributes to preallocate in
- * the object (must me the absolute max) */
-#define ATTR_SPACE 50 /* Maximum size of attribute data before extra
- * data needs to be allocated. This is set to
- * enough space to hold an SSL MASTER secret */
-
-#define NSC_STRICT PR_FALSE /* forces the code to do strict template
- * matching when doing C_FindObject on token
- * objects. This will slow down search in
- * NSS. */
-/* default search block allocations and increments */
-#define NSC_CERT_BLOCK_SIZE 50
-#define NSC_SEARCH_BLOCK_SIZE 5
-#define NSC_SLOT_LIST_BLOCK_SIZE 10
-
-#define NSC_FIPS_MODULE 1
-#define NSC_NON_FIPS_MODULE 0
-
-/* these are data base storage hashes, not cryptographic hashes.. The define
- * the effective size of the various object hash tables */
-/* clients care more about memory usage than lookup performance on
- * cyrptographic objects. Clients also have less objects around to play with
- *
- * we eventually should make this configurable at runtime! Especially now that
- * NSS is a shared library.
- */
-#define SPACE_ATTRIBUTE_HASH_SIZE 32
-#define SPACE_TOKEN_OBJECT_HASH_SIZE 32
-#define SPACE_SESSION_HASH_SIZE 32
-#define TIME_ATTRIBUTE_HASH_SIZE 32
-#define TIME_TOKEN_OBJECT_HASH_SIZE 1024
-#define TIME_SESSION_HASH_SIZE 1024
-#define MAX_OBJECT_LIST_SIZE 800
- /* how many objects to keep on the free list
- * before we start freeing them */
-#define MAX_KEY_LEN 256
-
-#define MULTIACCESS "multiaccess:"
-
-/*
- * LOG2_BUCKETS_PER_SESSION_LOCK must be a prime number.
- * With SESSION_HASH_SIZE=1024, LOG2 can be 9, 5, 1, or 0.
- * With SESSION_HASH_SIZE=4096, LOG2 can be 11, 9, 5, 1, or 0.
- *
- * HASH_SIZE LOG2_BUCKETS_PER BUCKETS_PER_LOCK NUMBER_OF_BUCKETS
- * 1024 9 512 2
- * 1024 5 32 32
- * 1024 1 2 512
- * 1024 0 1 1024
- * 4096 11 2048 2
- * 4096 9 512 8
- * 4096 5 32 128
- * 4096 1 2 2048
- * 4096 0 1 4096
- */
-#define LOG2_BUCKETS_PER_SESSION_LOCK 1
-#define BUCKETS_PER_SESSION_LOCK (1 << (LOG2_BUCKETS_PER_SESSION_LOCK))
-/* NOSPREAD sessionID to hash table index macro has been slower. */
-
-#ifdef PKCS11_USE_THREADS
-#define PK11_USE_THREADS(x) x
-#else
-#define PK11_USE_THREADS(x)
-#endif
-
-/* define typedefs, double as forward declarations as well */
-typedef struct PK11AttributeStr PK11Attribute;
-typedef struct PK11ObjectListStr PK11ObjectList;
-typedef struct PK11ObjectFreeListStr PK11ObjectFreeList;
-typedef struct PK11ObjectListElementStr PK11ObjectListElement;
-typedef struct PK11ObjectStr PK11Object;
-typedef struct PK11SessionObjectStr PK11SessionObject;
-typedef struct PK11TokenObjectStr PK11TokenObject;
-typedef struct PK11SessionStr PK11Session;
-typedef struct PK11SlotStr PK11Slot;
-typedef struct PK11SessionContextStr PK11SessionContext;
-typedef struct PK11SearchResultsStr PK11SearchResults;
-typedef struct PK11HashVerifyInfoStr PK11HashVerifyInfo;
-typedef struct PK11HashSignInfoStr PK11HashSignInfo;
-typedef struct PK11SSLMACInfoStr PK11SSLMACInfo;
-
-/* define function pointer typdefs for pointer tables */
-typedef void (*PK11Destroy)(void *, PRBool);
-typedef void (*PK11Begin)(void *);
-typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
- void *, unsigned int);
-typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*PK11Hash)(void *,void *,unsigned int);
-typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
-typedef void (*PK11Free)(void *);
-
-/* Value to tell if an attribute is modifiable or not.
- * NEVER: attribute is only set on creation.
- * ONCOPY: attribute is set on creation and can only be changed on copy.
- * SENSITIVE: attribute can only be changed to TRUE.
- * ALWAYS: attribute can always be changed.
- */
-typedef enum {
- PK11_NEVER = 0,
- PK11_ONCOPY = 1,
- PK11_SENSITIVE = 2,
- PK11_ALWAYS = 3
-} PK11ModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
- PK11_DestroyFailure,
- PK11_Destroyed,
- PK11_Busy
-} PK11FreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct PK11AttributeStr {
- PK11Attribute *next;
- PK11Attribute *prev;
- PRBool freeAttr;
- PRBool freeData;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- int refCount;
- PZLock *refLock;
-#endif
- /*must be called handle to make pk11queue_find work */
- CK_ATTRIBUTE_TYPE handle;
- CK_ATTRIBUTE attrib;
-#ifdef PKCS11_STATIC_ATTRIBUTES
- unsigned char space[ATTR_SPACE];
-#endif
-};
-
-
-/*
- * doubly link list of objects
- */
-struct PK11ObjectListStr {
- PK11ObjectList *next;
- PK11ObjectList *prev;
- PK11Object *parent;
-};
-
-struct PK11ObjectFreeListStr {
- PK11Object *head;
- PZLock *lock;
- int count;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct PK11ObjectStr {
- PK11Object *next;
- PK11Object *prev;
- CK_OBJECT_CLASS objclass;
- CK_OBJECT_HANDLE handle;
- int refCount;
- PZLock *refLock;
- PK11Slot *slot;
- void *objectInfo;
- PK11Free infoFree;
-#ifndef PKCS11_STATIC_ATTRIBUTES
- PLArenaPool *arena;
-#endif
-};
-
-struct PK11TokenObjectStr {
- PK11Object obj;
- SECItem dbKey;
-};
-
-struct PK11SessionObjectStr {
- PK11Object obj;
- PK11ObjectList sessionList;
- PZLock *attributeLock;
- PK11Session *session;
- PRBool wasDerived;
-#ifdef PKCS11_STATIC_ATTRIBUTES
- int nextAttr;
- PK11Attribute attrList[MAX_OBJS_ATTRS];
-#endif
- PRBool optimizeSpace;
- unsigned int hashSize;
- PK11Attribute *head[1];
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct PK11ObjectListElementStr {
- PK11ObjectListElement *next;
- PK11Object *object;
-};
-
-/*
- * Area to hold Search results
- */
-struct PK11SearchResultsStr {
- CK_OBJECT_HANDLE *handles;
- int size;
- int index;
- int array_size;
-};
-
-
-/*
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
- PK11_ENCRYPT,
- PK11_DECRYPT,
- PK11_HASH,
- PK11_SIGN,
- PK11_SIGN_RECOVER,
- PK11_VERIFY,
- PK11_VERIFY_RECOVER
-} PK11ContextType;
-
-
-#define PK11_MAX_BLOCK_SIZE 16
-/* currently SHA512 is the biggest hash length */
-#define PK11_MAX_MAC_LENGTH 64
-#define PK11_INVALID_MAC_SIZE 0xffffffff
-
-struct PK11SessionContextStr {
- PK11ContextType type;
- PRBool multi; /* is multipart */
- PRBool doPad; /* use PKCS padding for block ciphers */
- unsigned int blockSize; /* blocksize for padding */
- unsigned int padDataLength; /* length of the valid data in padbuf */
- unsigned char padBuf[PK11_MAX_BLOCK_SIZE];
- unsigned char macBuf[PK11_MAX_BLOCK_SIZE];
- CK_ULONG macSize; /* size of a general block cipher mac*/
- void *cipherInfo;
- void *hashInfo;
- unsigned int cipherInfoLen;
- CK_MECHANISM_TYPE currentMech;
- PK11Cipher update;
- PK11Hash hashUpdate;
- PK11End end;
- PK11Destroy destroy;
- PK11Destroy hashdestroy;
- PK11Verify verify;
- unsigned int maxLen;
- PK11Object *key;
-};
-
-/*
- * Sessions (have objects)
- */
-struct PK11SessionStr {
- PK11Session *next;
- PK11Session *prev;
- CK_SESSION_HANDLE handle;
- int refCount;
- PZLock *objectLock;
- int objectIDCount;
- CK_SESSION_INFO info;
- CK_NOTIFY notify;
- CK_VOID_PTR appData;
- PK11Slot *slot;
- PK11SearchResults *search;
- PK11SessionContext *enc_context;
- PK11SessionContext *hash_context;
- PK11SessionContext *sign_context;
- PK11ObjectList *objects[1];
-};
-
-/*
- * slots (have sessions and objects)
- *
- * The array of sessionLock's protect the session hash table (head[])
- * as well as the reference count of session objects in that bucket
- * (head[]->refCount), objectLock protects all elements of the token
- * object hash table (tokObjects[], tokenIDCount, and tokenHashTable),
- * and slotLock protects the remaining protected elements:
- * password, isLoggedIn, ssoLoggedIn, sessionCount, and rwSessionCount.
- */
-struct PK11SlotStr {
- CK_SLOT_ID slotID;
- PZLock *slotLock;
- PZLock **sessionLock;
- unsigned int numSessionLocks;
- unsigned long sessionLockMask;
- PZLock *objectLock;
- SECItem *password;
- PRBool hasTokens;
- PRBool isLoggedIn;
- PRBool ssoLoggedIn;
- PRBool needLogin;
- PRBool DB_loaded;
- PRBool readOnly;
- PRBool optimizeSpace;
- NSSLOWCERTCertDBHandle *certDB;
- NSSLOWKEYDBHandle *keyDB;
- int minimumPinLen;
- PRInt32 sessionIDCount; /* atomically incremented */
- int sessionIDConflict; /* not protected by a lock */
- int sessionCount;
- int rwSessionCount;
- int tokenIDCount;
- int index;
- PLHashTable *tokenHashTable;
- PK11Object **tokObjects;
- unsigned int tokObjHashSize;
- PK11Session **head;
- unsigned int sessHashSize;
- char tokDescription[33];
- char slotDescription[64];
-};
-
-/*
- * special joint operations Contexts
- */
-struct PK11HashVerifyInfoStr {
- SECOidTag hashOid;
- NSSLOWKEYPublicKey *key;
-};
-
-struct PK11HashSignInfoStr {
- SECOidTag hashOid;
- NSSLOWKEYPrivateKey *key;
-};
-
-/* context for the Final SSLMAC message */
-struct PK11SSLMACInfoStr {
- void *hashContext;
- PK11Begin begin;
- PK11Hash update;
- PK11End end;
- CK_ULONG macSize;
- int padSize;
- unsigned char key[MAX_KEY_LEN];
- unsigned int keySize;
-};
-
-/*
- * session handle modifiers
- */
-#define PK11_SESSION_SLOT_MASK 0xff000000L
-
-/*
- * object handle modifiers
- */
-#define PK11_TOKEN_MASK 0x80000000L
-#define PK11_TOKEN_MAGIC 0x80000000L
-#define PK11_TOKEN_TYPE_MASK 0x70000000L
-/* keydb (high bit == 0) */
-#define PK11_TOKEN_TYPE_PRIV 0x10000000L
-#define PK11_TOKEN_TYPE_PUB 0x20000000L
-#define PK11_TOKEN_TYPE_KEY 0x30000000L
-/* certdb (high bit == 1) */
-#define PK11_TOKEN_TYPE_TRUST 0x40000000L
-#define PK11_TOKEN_TYPE_CRL 0x50000000L
-#define PK11_TOKEN_TYPE_SMIME 0x60000000L
-#define PK11_TOKEN_TYPE_CERT 0x70000000L
-
-#define PK11_TOKEN_KRL_HANDLE (PK11_TOKEN_MAGIC|PK11_TOKEN_TYPE_CRL|1)
-/* how big a password/pin we can deal with */
-#define PK11_MAX_PIN 255
-
-/* slot ID's */
-#define NETSCAPE_SLOT_ID 1
-#define PRIVATE_KEY_SLOT_ID 2
-#define FIPS_SLOT_ID 3
-
-/* slot helper macros */
-#define pk11_SlotFromSession(sp) ((sp)->slot)
-#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
-
-/* queueing helper macros */
-#define pk11_hash(value,size) ((value) & (size-1))/*size must be a power of 2*/
-#define pk11queue_add(element,id,head,hash_size) \
- { int tmp = pk11_hash(id,hash_size); \
- (element)->next = (head)[tmp]; \
- (element)->prev = NULL; \
- if ((head)[tmp]) (head)[tmp]->prev = (element); \
- (head)[tmp] = (element); }
-#define pk11queue_find(element,id,head,hash_size) \
- for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
- (element) = (element)->next) { \
- if ((element)->handle == (id)) { break; } }
-#define pk11queue_is_queued(element,id,head,hash_size) \
- ( ((element)->next) || ((element)->prev) || \
- ((head)[pk11_hash(id,hash_size)] == (element)) )
-#define pk11queue_delete(element,id,head,hash_size) \
- if ((element)->next) (element)->next->prev = (element)->prev; \
- if ((element)->prev) (element)->prev->next = (element)->next; \
- else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
- (element)->next = NULL; \
- (element)->prev = NULL; \
-
-/* sessionID (handle) is used to determine session lock bucket */
-#ifdef NOSPREAD
-/* NOSPREAD: (ID>>L2LPB) & (perbucket-1) */
-#define PK11_SESSION_LOCK(slot,handle) \
- ((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) \
- & (slot)->sessionLockMask])
-#else
-/* SPREAD: ID & (perbucket-1) */
-#define PK11_SESSION_LOCK(slot,handle) \
- ((slot)->sessionLock[(handle) & (slot)->sessionLockMask])
-#endif
-
-/* expand an attribute & secitem structures out */
-#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define pk11_item_expand(ip) (ip)->data,(ip)->len
-
-typedef struct pk11_token_parametersStr {
- CK_SLOT_ID slotID;
- char *configdir;
- char *certPrefix;
- char *keyPrefix;
- char *tokdes;
- char *slotdes;
- int minPW;
- PRBool readOnly;
- PRBool noCertDB;
- PRBool noKeyDB;
- PRBool forceOpen;
- PRBool pwRequired;
- PRBool optimizeSpace;
-} pk11_token_parameters;
-
-typedef struct pk11_parametersStr {
- char *configdir;
- char *secmodName;
- char *man;
- char *libdes;
- PRBool readOnly;
- PRBool noModDB;
- PRBool noCertDB;
- PRBool forceOpen;
- PRBool pwRequired;
- PRBool optimizeSpace;
- pk11_token_parameters *tokens;
- int token_count;
-} pk11_parameters;
-
-
-/* machine dependent path stuff used by dbinit.c and pk11db.c */
-#ifdef macintosh
-#define PATH_SEPARATOR ":"
-#define SECMOD_DB "Security Modules"
-#define CERT_DB_FMT "%sCertificates%s"
-#define KEY_DB_FMT "%sKey Database%s"
-#else
-#define PATH_SEPARATOR "/"
-#define SECMOD_DB "secmod.db"
-#define CERT_DB_FMT "%scert%s.db"
-#define KEY_DB_FMT "%skey%s.db"
-#endif
-
-SEC_BEGIN_PROTOS
-
-extern int nsf_init;
-extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
-extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS);
-extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent,
- CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex);
-/* shared functions between PKCS11.c and PK11FIPS.c */
-extern CK_RV PK11_SlotInit(char *configdir,pk11_token_parameters *params,
- int moduleIndex);
-
-/* internal utility functions used by pkcs11.c */
-extern PK11Attribute *pk11_FindAttribute(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-extern void pk11_FreeAttribute(PK11Attribute *attribute);
-extern CK_RV pk11_AddAttributeType(PK11Object *object, CK_ATTRIBUTE_TYPE type,
- void *valPtr,
- CK_ULONG length);
-extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
- PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool pk11_hasAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool pk11_isTrue(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern void pk11_DeleteAttributeType(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
- PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
- PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-extern PK11ModifyType pk11_modifyType(CK_ATTRIBUTE_TYPE type,
- CK_OBJECT_CLASS inClass);
-extern PRBool pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
-extern char *pk11_getString(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern void pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_forceAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len);
-extern CK_RV pk11_defaultAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len);
-extern unsigned int pk11_MapTrust(CK_TRUST trust, PRBool clientAuth);
-
-extern PK11Object *pk11_NewObject(PK11Slot *slot);
-extern CK_RV pk11_CopyObject(PK11Object *destObject, PK11Object *srcObject);
-extern PK11FreeStatus pk11_FreeObject(PK11Object *object);
-extern CK_RV pk11_DeleteObject(PK11Session *session, PK11Object *object);
-extern void pk11_ReferenceObject(PK11Object *object);
-extern PK11Object *pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
- PK11Session *session);
-extern void pk11_AddSlotObject(PK11Slot *slot, PK11Object *object);
-extern void pk11_AddObject(PK11Session *session, PK11Object *object);
-
-extern CK_RV pk11_searchObjectList(PK11SearchResults *search,
- PK11Object **head, unsigned int size,
- PZLock *lock, CK_ATTRIBUTE_PTR inTemplate,
- int count, PRBool isLoggedIn);
-extern PK11ObjectListElement *pk11_FreeObjectListElement(
- PK11ObjectListElement *objectList);
-extern void pk11_FreeObjectList(PK11ObjectListElement *objectList);
-extern void pk11_FreeSearch(PK11SearchResults *search);
-extern CK_RV pk11_handleObject(PK11Object *object, PK11Session *session);
-
-extern PK11Slot *pk11_SlotFromID(CK_SLOT_ID slotID);
-extern PK11Slot *pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
-extern PK11Session *pk11_SessionFromHandle(CK_SESSION_HANDLE handle);
-extern void pk11_FreeSession(PK11Session *session);
-extern PK11Session *pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
- CK_VOID_PTR pApplication, CK_FLAGS flags);
-extern void pk11_update_state(PK11Slot *slot,PK11Session *session);
-extern void pk11_update_all_states(PK11Slot *slot);
-extern void pk11_FreeContext(PK11SessionContext *context);
-extern void pk11_CleanupFreeLists(void);
-
-extern NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,
- CK_KEY_TYPE key_type, CK_RV *crvp);
-extern NSSLOWKEYPrivateKey *pk11_GetPrivKey(PK11Object *object,
- CK_KEY_TYPE key_type, CK_RV *crvp);
-extern void pk11_FormatDESKey(unsigned char *key, int length);
-extern PRBool pk11_CheckDESKey(unsigned char *key);
-extern PRBool pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
-
-extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed,
- PRBool isFIPS);
-extern void secmod_freeParams(pk11_parameters *params);
-extern char *secmod_getSecmodName(char *params, char **domain,
- char **filename, PRBool *rw);
-extern char ** secmod_ReadPermDB(const char *domain, const char *filename,
- const char *dbname, char *params, PRBool rw);
-extern SECStatus secmod_DeletePermDB(const char *domain, const char *filename,
- const char *dbname, char *args, PRBool rw);
-extern SECStatus secmod_AddPermDB(const char *domain, const char *filename,
- const char *dbname, char *module, PRBool rw);
-extern SECStatus secmod_ReleasePermDBData(const char *domain,
- const char *filename, const char *dbname, char **specList, PRBool rw);
-/* mechanism allows this operation */
-extern CK_RV pk11_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op);
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- * Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- * PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * be opened.
- */
-CK_RV pk11_DBInit(const char *configdir, const char *certPrefix,
- const char *keyPrefix, PRBool readOnly, PRBool noCertDB,
- PRBool noKeyDB, PRBool forceOpen,
- NSSLOWCERTCertDBHandle **certDB, NSSLOWKEYDBHandle **keyDB);
-
-void pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
- NSSLOWKEYDBHandle *keyHandle);
-
-const char *pk11_EvaluateConfigDir(const char *configdir, char **domain);
-
-/*
- * narrow objects
- */
-PK11SessionObject * pk11_narrowToSessionObject(PK11Object *);
-PK11TokenObject * pk11_narrowToTokenObject(PK11Object *);
-
-/*
- * token object utilities
- */
-void pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle);
-PRBool pk11_poisonHandle(PK11Slot *slot, SECItem *dbkey,
- CK_OBJECT_HANDLE handle);
-PRBool pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
- CK_ATTRIBUTE_PTR theTemplate,int count);
-CK_OBJECT_HANDLE pk11_mkHandle(PK11Slot *slot,
- SECItem *dbKey, CK_OBJECT_HANDLE class);
-PK11Object * pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey,
- CK_OBJECT_HANDLE handle);
-PK11TokenObject *pk11_convertSessionToToken(PK11Object *so);
-
-/****************************************
- * implement TLS Pseudo Random Function (PRF)
- */
-
-extern SECStatus
-pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
- SECItem *result, PRBool isFIPS);
-
-extern CK_RV
-pk11_TLSPRFInit(PK11SessionContext *context,
- PK11Object * key,
- CK_KEY_TYPE key_type);
-
-SEC_END_PROTOS
-
-#endif /* _PKCS11I_H_ */
diff --git a/security/nss/lib/softoken/pkcs11n.h b/security/nss/lib/softoken/pkcs11n.h
deleted file mode 100644
index 4aaa8a8fb..000000000
--- a/security/nss/lib/softoken/pkcs11n.h
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PKCS11N_H_
-#define _PKCS11N_H_
-
-#ifdef DEBUG
-static const char CKT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkcs11n.h
- *
- * This file contains the NSS-specific type definitions for Cryptoki
- * (PKCS#11).
- */
-
-/*
- * NSSCK_VENDOR_NETSCAPE
- *
- * Cryptoki reserves the high half of all the number spaces for
- * vendor-defined use. I'd like to keep all of our Netscape-
- * specific values together, but not in the oh-so-obvious
- * 0x80000001, 0x80000002, etc. area. So I've picked an offset,
- * and constructed values for the beginnings of our spaces.
- *
- * Note that some "historical" Netscape values don't fall within
- * this range.
- */
-#define NSSCK_VENDOR_NETSCAPE 0x4E534350 /* NSCP */
-
-/*
- * Netscape-defined object classes
- *
- */
-#define CKO_NETSCAPE (CKO_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKO_NETSCAPE_CRL (CKO_NETSCAPE + 1)
-#define CKO_NETSCAPE_SMIME (CKO_NETSCAPE + 2)
-#define CKO_NETSCAPE_TRUST (CKO_NETSCAPE + 3)
-#define CKO_NETSCAPE_BUILTIN_ROOT_LIST (CKO_NETSCAPE + 4)
-
-/*
- * Netscape-defined key types
- *
- */
-#define CKK_NETSCAPE (CKK_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKK_NETSCAPE_PKCS8 (CKK_NETSCAPE + 1)
-/*
- * Netscape-defined certificate types
- *
- */
-#define CKC_NETSCAPE (CKC_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/*
- * Netscape-defined object attributes
- *
- */
-#define CKA_NETSCAPE (CKA_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKA_NETSCAPE_URL (CKA_NETSCAPE + 1)
-#define CKA_NETSCAPE_EMAIL (CKA_NETSCAPE + 2)
-#define CKA_NETSCAPE_SMIME_INFO (CKA_NETSCAPE + 3)
-#define CKA_NETSCAPE_SMIME_TIMESTAMP (CKA_NETSCAPE + 4)
-#define CKA_NETSCAPE_PKCS8_SALT (CKA_NETSCAPE + 5)
-#define CKA_NETSCAPE_PASSWORD_CHECK (CKA_NETSCAPE + 6)
-#define CKA_NETSCAPE_EXPIRES (CKA_NETSCAPE + 7)
-#define CKA_NETSCAPE_KRL (CKA_NETSCAPE + 8)
-
-#define CKA_NETSCAPE_PQG_COUNTER (CKA_NETSCAPE + 20)
-#define CKA_NETSCAPE_PQG_SEED (CKA_NETSCAPE + 21)
-#define CKA_NETSCAPE_PQG_H (CKA_NETSCAPE + 22)
-#define CKA_NETSCAPE_PQG_SEED_BITS (CKA_NETSCAPE + 23)
-
-/*
- * Trust attributes:
- *
- * If trust goes standard, these probably will too. So I'll
- * put them all in one place.
- */
-
-#define CKA_TRUST (CKA_NETSCAPE + 0x2000)
-
-/* "Usage" key information */
-#define CKA_TRUST_DIGITAL_SIGNATURE (CKA_TRUST + 1)
-#define CKA_TRUST_NON_REPUDIATION (CKA_TRUST + 2)
-#define CKA_TRUST_KEY_ENCIPHERMENT (CKA_TRUST + 3)
-#define CKA_TRUST_DATA_ENCIPHERMENT (CKA_TRUST + 4)
-#define CKA_TRUST_KEY_AGREEMENT (CKA_TRUST + 5)
-#define CKA_TRUST_KEY_CERT_SIGN (CKA_TRUST + 6)
-#define CKA_TRUST_CRL_SIGN (CKA_TRUST + 7)
-
-/* "Purpose" trust information */
-#define CKA_TRUST_SERVER_AUTH (CKA_TRUST + 8)
-#define CKA_TRUST_CLIENT_AUTH (CKA_TRUST + 9)
-#define CKA_TRUST_CODE_SIGNING (CKA_TRUST + 10)
-#define CKA_TRUST_EMAIL_PROTECTION (CKA_TRUST + 11)
-#define CKA_TRUST_IPSEC_END_SYSTEM (CKA_TRUST + 12)
-#define CKA_TRUST_IPSEC_TUNNEL (CKA_TRUST + 13)
-#define CKA_TRUST_IPSEC_USER (CKA_TRUST + 14)
-#define CKA_TRUST_TIME_STAMPING (CKA_TRUST + 15)
-#define CKA_CERT_SHA1_HASH (CKA_TRUST + 100)
-#define CKA_CERT_MD5_HASH (CKA_TRUST + 101)
-
-/* Netscape trust stuff */
-/* XXX fgmr new ones here-- step-up, etc. */
-
-/* HISTORICAL: define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB 0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST 0x80000001L
-
-/*
- * Netscape-defined crypto mechanisms
- *
- */
-#define CKM_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKM_NETSCAPE_AES_KEY_WRAP (CKM_NETSCAPE + 1)
-#define CKM_NETSCAPE_AES_KEY_WRAP_PAD (CKM_NETSCAPE + 2)
-
-/*
- * HISTORICAL:
- * Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC 0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC 0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC 0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC 0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC 0x80000008L
-#define CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN 0x80000009L
-#define CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN 0x8000000aL
-#define CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN 0x8000000bL
-
-#define CKM_TLS_PRF_GENERAL 0x80000373L
-
-/*
- * Netscape-defined return values
- *
- */
-#define CKR_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/*
- * Trust info
- *
- * This isn't part of the Cryptoki standard (yet), so I'm putting
- * all the definitions here. Some of this would move to nssckt.h
- * if trust info were made part of the standard. In view of this
- * possibility, I'm putting my (Netscape) values in the netscape
- * vendor space, like everything else.
- */
-
-typedef CK_ULONG CK_TRUST;
-
-/* The following trust types are defined: */
-#define CKT_VENDOR_DEFINED 0x80000000
-
-#define CKT_NETSCAPE (CKT_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/* If trust goes standard, these'll probably drop out of vendor space. */
-#define CKT_NETSCAPE_TRUSTED (CKT_NETSCAPE + 1)
-#define CKT_NETSCAPE_TRUSTED_DELEGATOR (CKT_NETSCAPE + 2)
-#define CKT_NETSCAPE_UNTRUSTED (CKT_NETSCAPE + 3)
-#define CKT_NETSCAPE_MUST_VERIFY (CKT_NETSCAPE + 4)
-#define CKT_NETSCAPE_TRUST_UNKNOWN (CKT_NETSCAPE + 5) /* default */
-
-/*
- * These may well remain Netscape-specific; I'm only using them
- * to cache resolution data.
- */
-#define CKT_NETSCAPE_VALID (CKT_NETSCAPE + 10)
-#define CKT_NETSCAPE_VALID_DELEGATOR (CKT_NETSCAPE + 11)
-
-
-/*
- * These are not really PKCS #11 values specifically. They are the 'loadable'
- * module spec NSS uses. The are available for others to use as well, but not
- * part of the formal PKCS #11 spec.
- *
- * The function 'FIND' returns an array of PKCS #11 initialization strings
- * The function 'ADD' takes a PKCS #11 initialization string and stores it.
- * The function 'DEL' takes a 'name= library=' value and deletes the associated
- * string.
- * The function 'RELEASE' frees the array returned by 'FIND'
- */
-#define SECMOD_MODULE_DB_FUNCTION_FIND 0
-#define SECMOD_MODULE_DB_FUNCTION_ADD 1
-#define SECMOD_MODULE_DB_FUNCTION_DEL 2
-#define SECMOD_MODULE_DB_FUNCTION_RELEASE 3
-typedef char ** (PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
- char *parameters, void *moduleSpec);
-
-#endif /* _PKCS11N_H_ */
diff --git a/security/nss/lib/softoken/pkcs11p.h b/security/nss/lib/softoken/pkcs11p.h
deleted file mode 100644
index 1361991c5..000000000
--- a/security/nss/lib/softoken/pkcs11p.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* these data types are platform/implementation dependent. */
-/*
- * Packing was removed from the shipped RSA header files, even
- * though it's still needed. put in a central file to help merging..
- */
-
-#if defined(_WIN32)
-#ifdef _MSC_VER
-#pragma warning(disable:4103)
-#endif
-#pragma pack(push, cryptoki, 1)
-#endif
-
diff --git a/security/nss/lib/softoken/pkcs11t.h b/security/nss/lib/softoken/pkcs11t.h
deleted file mode 100644
index 4b16e873d..000000000
--- a/security/nss/lib/softoken/pkcs11t.h
+++ /dev/null
@@ -1,1409 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* See top of pkcs11.h for information about the macros that
- * must be defined and the structure-packing conventions that
- * must be set before including this file.
- */
-
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-#ifndef CK_FALSE
-#define CK_FALSE 0
-#endif
-
-#ifndef CK_TRUE
-#define CK_TRUE (!CK_FALSE)
-#endif
-
-#include "prtypes.h"
-
-#define CK_PTR *
-#define CK_NULL_PTR 0
-#define CK_CALLBACK_FUNCTION(rv,func) rv (PR_CALLBACK * func)
-#define CK_DECLARE_FUNCTION(rv,func) PR_EXTERN(rv) func
-#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (PR_CALLBACK * func)
-
-#define CK_INVALID_SESSION 0
-
-/* an unsigned 8-bit value */
-typedef unsigned char CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_CHAR;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_UTF8CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-/* CK_LONG is new for v2.0 */
-typedef long int CK_LONG;
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef CK_ULONG CK_FLAGS;
-
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE 0
-
-
-typedef CK_BYTE CK_PTR CK_BYTE_PTR;
-typedef CK_CHAR CK_PTR CK_CHAR_PTR;
-typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
-typedef CK_ULONG CK_PTR CK_ULONG_PTR;
-typedef void CK_PTR CK_VOID_PTR;
-
-/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
-typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
-
-
-/* The following value is always invalid if used as a session */
-/* handle or object handle */
-#define CK_INVALID_HANDLE 0
-
-
-/* pack */
-#include "pkcs11p.h"
-
-typedef struct CK_VERSION {
- CK_BYTE major; /* integer portion of version number */
- CK_BYTE minor; /* 1/100ths portion of version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR;
-
-
-typedef struct CK_INFO {
- /* manufacturerID and libraryDecription have been changed from
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
- CK_VERSION cryptokiVersion; /* PKCS #11 interface ver */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags; /* must be zero */
-
- /* libraryDescription and libraryVersion are new for v2.0 */
- CK_UTF8CHAR libraryDescription[32]; /* blank padded */
- CK_VERSION libraryVersion; /* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR CK_INFO_PTR;
-
-
-/* CK_NOTIFICATION enumerates the types of notifications that
- * PKCS #11 provides to an application */
-/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
- * for v2.0 */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER 0
-
-
-typedef CK_ULONG CK_SLOT_ID;
-
-typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot */
-typedef struct CK_SLOT_INFO {
- /* slotDescription and manufacturerID have been changed from
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
- CK_UTF8CHAR slotDescription[64]; /* blank padded */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags;
-
- /* hardwareVersion and firmwareVersion are new for v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
-#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
-#define CKF_HW_SLOT 0x00000004 /* hardware slot */
-
-typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token */
-typedef struct CK_TOKEN_INFO {
- /* label, manufacturerID, and model have been changed from
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
- CK_UTF8CHAR label[32]; /* blank padded */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_UTF8CHAR model[16]; /* blank padded */
- CK_CHAR serialNumber[16]; /* blank padded */
- CK_FLAGS flags; /* see below */
-
- /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
- * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
- * changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulMaxSessionCount; /* max open sessions */
- CK_ULONG ulSessionCount; /* sess. now open */
- CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
- CK_ULONG ulRwSessionCount; /* R/W sess. now open */
- CK_ULONG ulMaxPinLen; /* in bytes */
- CK_ULONG ulMinPinLen; /* in bytes */
- CK_ULONG ulTotalPublicMemory; /* in bytes */
- CK_ULONG ulFreePublicMemory; /* in bytes */
- CK_ULONG ulTotalPrivateMemory; /* in bytes */
- CK_ULONG ulFreePrivateMemory; /* in bytes */
-
- /* hardwareVersion, firmwareVersion, and time are new for
- * v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
- CK_CHAR utcTime[16]; /* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- * Bit Flag Mask Meaning
- */
-#define CKF_RNG 0x00000001 /* has random #
- * generator */
-#define CKF_WRITE_PROTECTED 0x00000002 /* token is
- * write-
- * protected */
-#define CKF_LOGIN_REQUIRED 0x00000004 /* user must
- * login */
-#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's
- * PIN is set */
-
-/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
- * that means that *every* time the state of cryptographic
- * operations of a session is successfully saved, all keys
- * needed to continue those operations are stored in the state */
-#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
-
-/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
- * that the token has some sort of clock. The time on that
- * clock is returned in the token info structure */
-#define CKF_CLOCK_ON_TOKEN 0x00000040
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
- * set, that means that there is some way for the user to login
- * without sending a PIN through the PKCS #11 library itself */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
-
-/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
- * that means that a single session with the token can perform
- * dual simultaneous cryptographic operations (digest and
- * encrypt; decrypt and digest; sign and encrypt; and decrypt
- * and sign) */
-#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
-
-/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
- * token has been initialized using C_InitializeToken or an
- * equivalent mechanism outside the scope of PKCS #11.
- * Calling C_InitializeToken when this flag is set will cause
- * the token to be reinitialized. */
-#define CKF_TOKEN_INITIALIZED 0x00000400
-
-/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
- * true, the token supports secondary authentication for
- * private key objects. */
-/* DEPRICATED in v2.11 */
-#define CKF_SECONDARY_AUTHENTICATION 0x00000800
-
-/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
- * incorrect user login PIN has been entered at least once
- * since the last successful authentication. */
-#define CKF_USER_PIN_COUNT_LOW 0x00010000
-
-/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
- * supplying an incorrect user PIN will it to become locked. */
-#define CKF_USER_PIN_FINAL_TRY 0x00020000
-
-/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
- * user PIN has been locked. User login to the token is not
- * possible. */
-#define CKF_USER_PIN_LOCKED 0x00040000
-
-/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
- * the user PIN value is the default value set by token
- * initialization or manufacturing. */
-#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
-
-/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
- * incorrect SO login PIN has been entered at least once since
- * the last successful authentication. */
-#define CKF_SO_PIN_COUNT_LOW 0x00100000
-
-/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
- * supplying an incorrect SO PIN will it to become locked. */
-#define CKF_SO_PIN_FINAL_TRY 0x00200000
-
-/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
- * PIN has been locked. SO login to the token is not possible.
- */
-#define CKF_SO_PIN_LOCKED 0x00400000
-
-/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
- * the SO PIN value is the default value set by token
- * initialization or manufacturing. */
-#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
-
-typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a PKCS #11-assigned value that
- * identifies a session */
-typedef CK_ULONG CK_SESSION_HANDLE;
-
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
-
-
-/* CK_USER_TYPE enumerates the types of PKCS #11 users */
-/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO 0
-/* Normal user */
-#define CKU_USER 1
-
-
-/* CK_STATE enumerates the session states */
-/* CK_STATE has been changed from an enum to a CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_STATE;
-#define CKS_RO_PUBLIC_SESSION 0
-#define CKS_RO_USER_FUNCTIONS 1
-#define CKS_RW_PUBLIC_SESSION 2
-#define CKS_RW_USER_FUNCTIONS 3
-#define CKS_RW_SO_FUNCTIONS 4
-
-
-/* CK_SESSION_INFO provides information about a session */
-typedef struct CK_SESSION_INFO {
- CK_SLOT_ID slotID;
- CK_STATE state;
- CK_FLAGS flags; /* see below */
-
- /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
- CK_ULONG ulDeviceError; /* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table:
- * Bit Flag Mask Meaning
- */
-#define CKF_RW_SESSION 0x00000002 /* session is r/w */
-#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
-
-typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an
- * object */
-typedef CK_ULONG CK_OBJECT_HANDLE;
-
-typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or
- * types) of objects that PKCS #11 recognizes. It is defined
- * as follows: */
-/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-/* CKO_HW_FEATURE is new for v2.10 */
-/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
-#define CKO_DATA 0x00000000
-#define CKO_CERTIFICATE 0x00000001
-#define CKO_PUBLIC_KEY 0x00000002
-#define CKO_PRIVATE_KEY 0x00000003
-#define CKO_SECRET_KEY 0x00000004
-#define CKO_HW_FEATURE 0x00000005
-#define CKO_DOMAIN_PARAMETERS 0x00000006
-#define CKO_KG_PARAMETERS 0x00000006
-#define CKO_VENDOR_DEFINED 0x80000000
-
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
- * value that identifies the hardware feature type of an object
- * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
-typedef CK_ULONG CK_HW_FEATURE_TYPE;
-
-/* The following hardware feature types are defined */
-#define CKH_MONOTONIC_COUNTER 0x00000001
-#define CKH_CLOCK 0x00000002
-#define CKH_VENDOR_DEFINED 0x80000000
-
-/* CK_KEY_TYPE is a value that identifies a key type */
-/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA 0x00000000
-#define CKK_DSA 0x00000001
-#define CKK_DH 0x00000002
-
-/* CKK_ECDSA and CKK_KEA are new for v2.0 */
-/* CKK_X9_42_DH is new for v2.11 */
-#define CKK_ECDSA 0x00000003 /* deprecated in v2.11 */
-#define CKK_EC 0x00000003
-#define CKK_X9_42_DH 0x00000004
-#define CKK_KEA 0x00000005
-
-#define CKK_GENERIC_SECRET 0x00000010
-#define CKK_RC2 0x00000011
-#define CKK_RC4 0x00000012
-#define CKK_DES 0x00000013
-#define CKK_DES2 0x00000014
-#define CKK_DES3 0x00000015
-
-/* all these key types are new for v2.0 */
-#define CKK_CAST 0x00000016
-#define CKK_CAST3 0x00000017
-#define CKK_CAST5 0x00000018 /* deprecated in v2.11 */
-#define CKK_CAST128 0x00000018
-#define CKK_RC5 0x00000019
-#define CKK_IDEA 0x0000001A
-#define CKK_SKIPJACK 0x0000001B
-#define CKK_BATON 0x0000001C
-#define CKK_JUNIPER 0x0000001D
-#define CKK_CDMF 0x0000001E
-
-/* all these key types are new for v2.11 */
-#define CKK_AES 0x0000001F
-
-#define CKK_VENDOR_DEFINED 0x80000000
-#define CKK_INVALID_KEY_TYPE 0xffffffff
-
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
- * type */
-/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
- * for v2.0 */
-typedef CK_ULONG CK_CERTIFICATE_TYPE;
-
-/* The following certificate types are defined: */
-/* CKC_X_509_ATTR_CERT is new for v2.10 */
-#define CKC_X_509 0x00000000
-#define CKC_X_509_ATTR_CERT 0x00000001
-#define CKC_VENDOR_DEFINED 0x80000000
-
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
- * type */
-/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_ATTRIBUTE_TYPE;
-
-/* The following attribute types are defined: */
-#define CKA_CLASS 0x00000000
-#define CKA_TOKEN 0x00000001
-#define CKA_PRIVATE 0x00000002
-#define CKA_LABEL 0x00000003
-#define CKA_APPLICATION 0x00000010
-#define CKA_VALUE 0x00000011
-
-/* CKA_OBJECT_ID is new for v2.10 */
-#define CKA_OBJECT_ID 0x00000012
-
-#define CKA_CERTIFICATE_TYPE 0x00000080
-#define CKA_ISSUER 0x00000081
-#define CKA_SERIAL_NUMBER 0x00000082
-
-/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
- * for v2.10 */
-#define CKA_AC_ISSUER 0x00000083
-#define CKA_OWNER 0x00000084
-#define CKA_ATTR_TYPES 0x00000085
-/* CKA_TRUSTED is new for v2.11 */
-#define CKA_TRUSTED 0x00000086
-
-#define CKA_KEY_TYPE 0x00000100
-#define CKA_SUBJECT 0x00000101
-#define CKA_ID 0x00000102
-#define CKA_SENSITIVE 0x00000103
-#define CKA_ENCRYPT 0x00000104
-#define CKA_DECRYPT 0x00000105
-#define CKA_WRAP 0x00000106
-#define CKA_UNWRAP 0x00000107
-#define CKA_SIGN 0x00000108
-#define CKA_SIGN_RECOVER 0x00000109
-#define CKA_VERIFY 0x0000010A
-#define CKA_VERIFY_RECOVER 0x0000010B
-#define CKA_DERIVE 0x0000010C
-#define CKA_START_DATE 0x00000110
-#define CKA_END_DATE 0x00000111
-#define CKA_MODULUS 0x00000120
-#define CKA_MODULUS_BITS 0x00000121
-#define CKA_PUBLIC_EXPONENT 0x00000122
-#define CKA_PRIVATE_EXPONENT 0x00000123
-#define CKA_PRIME_1 0x00000124
-#define CKA_PRIME_2 0x00000125
-#define CKA_EXPONENT_1 0x00000126
-#define CKA_EXPONENT_2 0x00000127
-#define CKA_COEFFICIENT 0x00000128
-#define CKA_PRIME 0x00000130
-#define CKA_SUBPRIME 0x00000131
-#define CKA_BASE 0x00000132
-/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
-#define CKA_PRIME_BITS 0x00000133
-#define CKA_SUB_PRIME_BITS 0x00000134
-#define CKA_VALUE_BITS 0x00000160
-#define CKA_VALUE_LEN 0x00000161
-
-/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
- * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
- * and CKA_EC_POINT are new for v2.0 */
-#define CKA_EXTRACTABLE 0x00000162
-#define CKA_LOCAL 0x00000163
-#define CKA_NEVER_EXTRACTABLE 0x00000164
-#define CKA_ALWAYS_SENSITIVE 0x00000165
-/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
-#define CKA_KEY_GEN_MECHANISM 0x00000166
-#define CKA_MODIFIABLE 0x00000170
-#define CKA_ECDSA_PARAMS 0x00000180 /* depricated v2.11 */
-#define CKA_EC_PARAMS 0x00000180
-#define CKA_EC_POINT 0x00000181
-
-/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
- * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
- * are new for v2.10 */
-#define CKA_SECONDARY_AUTH 0x00000200 /* depricated v2.11 */
-#define CKA_AUTH_PIN_FLAGS 0x00000201 /* depricated v2.11 */
-#define CKA_HW_FEATURE_TYPE 0x00000300
-#define CKA_RESET_ON_INIT 0x00000301
-#define CKA_HAS_RESET 0x00000302
-
-#define CKA_VENDOR_DEFINED 0x80000000
-
-
-/* CK_ATTRIBUTE is a structure that includes the type, length
- * and value of an attribute */
-typedef struct CK_ATTRIBUTE {
- CK_ATTRIBUTE_TYPE type;
- CK_VOID_PTR pValue;
-
- /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulValueLen; /* in bytes */
-} CK_ATTRIBUTE;
-
-typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
-
-
-/* CK_DATE is a structure that defines a date */
-typedef struct CK_DATE{
- CK_CHAR year[4]; /* the year ("1900" - "9999") */
- CK_CHAR month[2]; /* the month ("01" - "12") */
- CK_CHAR day[2]; /* the day ("01" - "31") */
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism
- * type */
-/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
-#define CKM_RSA_PKCS 0x00000001
-#define CKM_RSA_9796 0x00000002
-#define CKM_RSA_X_509 0x00000003
-
-/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
- * are new for v2.0. They are mechanisms which hash and sign */
-#define CKM_MD2_RSA_PKCS 0x00000004
-#define CKM_MD5_RSA_PKCS 0x00000005
-#define CKM_SHA1_RSA_PKCS 0x00000006
-
-/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS & CKM_RSA_OAEP
- * are new for 2.10 */
-#define CKM_RIPEMD128_RSA_PKCS 0x00000007
-#define CKM_RIPEMD160_RSA_PKCS 0x00000008
-#define CKM_RSA_PKCS_OAEP 0x00000009
-
-/* CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31 & CKM_RSA_X9_31_KEY_PAIR_GEN
- * are new for 2.11 */
-#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
-#define CKM_RSA_X9_31 0x0000000B
-#define CKM_SHA1_RSA_X9_31 0x0000000C
-
-#define CKM_DSA_KEY_PAIR_GEN 0x00000010
-#define CKM_DSA 0x00000011
-#define CKM_DSA_SHA1 0x00000012
-#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
-#define CKM_DH_PKCS_DERIVE 0x00000021
-
-/* CKM_X9_42_DH_PKCS_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
- * CKM_X9_42_DH_HYBRID_DERIVE, & CKM_X9_42_MQV_DERIVE
- * are new for v2.11 */
-#define CKM_X9_42_DH_PKCS_KEY_PAIR_GEN 0x00000030
-#define CKM_X9_42_DH_DERIVE 0x00000031
-#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
-#define CKM_X9_42_MQV_DERIVE 0x00000033
-
-#define CKM_SHA256_RSA_PKCS 0x00000040 /* v2.20 */
-#define CKM_SHA384_RSA_PKCS 0x00000041 /* v2.20 */
-#define CKM_SHA512_RSA_PKCS 0x00000042 /* v2.20 */
-
-#define CKM_RC2_KEY_GEN 0x00000100
-#define CKM_RC2_ECB 0x00000101
-#define CKM_RC2_CBC 0x00000102
-#define CKM_RC2_MAC 0x00000103
-
-/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
-#define CKM_RC2_MAC_GENERAL 0x00000104
-#define CKM_RC2_CBC_PAD 0x00000105
-
-#define CKM_RC4_KEY_GEN 0x00000110
-#define CKM_RC4 0x00000111
-#define CKM_DES_KEY_GEN 0x00000120
-#define CKM_DES_ECB 0x00000121
-#define CKM_DES_CBC 0x00000122
-#define CKM_DES_MAC 0x00000123
-
-/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
-#define CKM_DES_MAC_GENERAL 0x00000124
-#define CKM_DES_CBC_PAD 0x00000125
-
-#define CKM_DES2_KEY_GEN 0x00000130
-#define CKM_DES3_KEY_GEN 0x00000131
-#define CKM_DES3_ECB 0x00000132
-#define CKM_DES3_CBC 0x00000133
-#define CKM_DES3_MAC 0x00000134
-
-/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
- * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
- * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
-#define CKM_DES3_MAC_GENERAL 0x00000135
-#define CKM_DES3_CBC_PAD 0x00000136
-#define CKM_CDMF_KEY_GEN 0x00000140
-#define CKM_CDMF_ECB 0x00000141
-#define CKM_CDMF_CBC 0x00000142
-#define CKM_CDMF_MAC 0x00000143
-#define CKM_CDMF_MAC_GENERAL 0x00000144
-#define CKM_CDMF_CBC_PAD 0x00000145
-
-#define CKM_MD2 0x00000200
-
-/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
-#define CKM_MD2_HMAC 0x00000201
-#define CKM_MD2_HMAC_GENERAL 0x00000202
-
-#define CKM_MD5 0x00000210
-
-/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
-#define CKM_MD5_HMAC 0x00000211
-#define CKM_MD5_HMAC_GENERAL 0x00000212
-
-#define CKM_SHA_1 0x00000220
-
-/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
-#define CKM_SHA_1_HMAC 0x00000221
-#define CKM_SHA_1_HMAC_GENERAL 0x00000222
-
-/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
- * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
- * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
-#define CKM_RIPEMD128 0x00000230
-#define CKM_RIPEMD128_HMAC 0x00000231
-#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
-#define CKM_RIPEMD160 0x00000240
-#define CKM_RIPEMD160_HMAC 0x00000241
-#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
-
-#define CKM_SHA256 0x00000250 /* v2.20 */
-#define CKM_SHA256_HMAC_GENERAL 0x00000251 /* v2.20 */
-#define CKM_SHA256_HMAC 0x00000252 /* v2.20 */
-
-#define CKM_SHA384 0x00000260 /* v2.20 */
-#define CKM_SHA384_HMAC_GENERAL 0x00000261 /* v2.20 */
-#define CKM_SHA384_HMAC 0x00000262 /* v2.20 */
-
-#define CKM_SHA512 0x00000270 /* v2.20 */
-#define CKM_SHA512_HMAC_GENERAL 0x00000271 /* v2.20 */
-#define CKM_SHA512_HMAC 0x00000272 /* v2.20 */
-
-/* All of the following mechanisms are new for v2.0 */
-/* Note that CAST128 and CAST5 are the same algorithm */
-#define CKM_CAST_KEY_GEN 0x00000300
-#define CKM_CAST_ECB 0x00000301
-#define CKM_CAST_CBC 0x00000302
-#define CKM_CAST_MAC 0x00000303
-#define CKM_CAST_MAC_GENERAL 0x00000304
-#define CKM_CAST_CBC_PAD 0x00000305
-#define CKM_CAST3_KEY_GEN 0x00000310
-#define CKM_CAST3_ECB 0x00000311
-#define CKM_CAST3_CBC 0x00000312
-#define CKM_CAST3_MAC 0x00000313
-#define CKM_CAST3_MAC_GENERAL 0x00000314
-#define CKM_CAST3_CBC_PAD 0x00000315
-#define CKM_CAST5_KEY_GEN 0x00000320
-#define CKM_CAST128_KEY_GEN 0x00000320
-#define CKM_CAST5_ECB 0x00000321
-#define CKM_CAST128_ECB 0x00000321
-#define CKM_CAST5_CBC 0x00000322
-#define CKM_CAST128_CBC 0x00000322
-#define CKM_CAST5_MAC 0x00000323
-#define CKM_CAST128_MAC 0x00000323
-#define CKM_CAST5_MAC_GENERAL 0x00000324
-#define CKM_CAST128_MAC_GENERAL 0x00000324
-#define CKM_CAST5_CBC_PAD 0x00000325
-#define CKM_CAST128_CBC_PAD 0x00000325
-#define CKM_RC5_KEY_GEN 0x00000330
-#define CKM_RC5_ECB 0x00000331
-#define CKM_RC5_CBC 0x00000332
-#define CKM_RC5_MAC 0x00000333
-#define CKM_RC5_MAC_GENERAL 0x00000334
-#define CKM_RC5_CBC_PAD 0x00000335
-#define CKM_IDEA_KEY_GEN 0x00000340
-#define CKM_IDEA_ECB 0x00000341
-#define CKM_IDEA_CBC 0x00000342
-#define CKM_IDEA_MAC 0x00000343
-#define CKM_IDEA_MAC_GENERAL 0x00000344
-#define CKM_IDEA_CBC_PAD 0x00000345
-#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
-#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
-#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
-#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
-#define CKM_XOR_BASE_AND_DATA 0x00000364
-#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
-#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
-#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
-#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
-
-/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
- * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE,
- * CKM_TLS_MASTER_KEY_DERIVE_DH, & CKM_SSL3_MASTER_KEY_DERIVE_DH
- * are new for v2.11. */
-#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
-#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
-#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
-#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
-#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
-
-#define CKM_SSL3_MD5_MAC 0x00000380
-#define CKM_SSL3_SHA1_MAC 0x00000381
-#define CKM_MD5_KEY_DERIVATION 0x00000390
-#define CKM_MD2_KEY_DERIVATION 0x00000391
-#define CKM_SHA1_KEY_DERIVATION 0x00000392
-#define CKM_SHA256_KEY_DERIVATION 0x00000393 /* v2.20 */
-#define CKM_SHA384_KEY_DERIVATION 0x00000394 /* v2.20 */
-#define CKM_SHA512_KEY_DERIVATION 0x00000395 /* v2.20 */
-
-#define CKM_PBE_MD2_DES_CBC 0x000003A0
-#define CKM_PBE_MD5_DES_CBC 0x000003A1
-#define CKM_PBE_MD5_CAST_CBC 0x000003A2
-#define CKM_PBE_MD5_CAST3_CBC 0x000003A3
-#define CKM_PBE_MD5_CAST5_CBC 0x000003A4
-#define CKM_PBE_MD5_CAST128_CBC 0x000003A4
-#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
-#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
-#define CKM_PBE_SHA1_RC4_128 0x000003A6
-#define CKM_PBE_SHA1_RC4_40 0x000003A7
-#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
-#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
-#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
-#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
-
-/* CKM_PKCS5_PBKD2 is new for v2.10 */
-#define CKM_PKCS5_PBKD2 0x000003B0
-
-#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
-#define CKM_KEY_WRAP_LYNKS 0x00000400
-#define CKM_KEY_WRAP_SET_OAEP 0x00000401
-
-/* Fortezza mechanisms */
-#define CKM_SKIPJACK_KEY_GEN 0x00001000
-#define CKM_SKIPJACK_ECB64 0x00001001
-#define CKM_SKIPJACK_CBC64 0x00001002
-#define CKM_SKIPJACK_OFB64 0x00001003
-#define CKM_SKIPJACK_CFB64 0x00001004
-#define CKM_SKIPJACK_CFB32 0x00001005
-#define CKM_SKIPJACK_CFB16 0x00001006
-#define CKM_SKIPJACK_CFB8 0x00001007
-#define CKM_SKIPJACK_WRAP 0x00001008
-#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
-#define CKM_SKIPJACK_RELAYX 0x0000100a
-#define CKM_KEA_KEY_PAIR_GEN 0x00001010
-#define CKM_KEA_KEY_DERIVE 0x00001011
-#define CKM_FORTEZZA_TIMESTAMP 0x00001020
-#define CKM_BATON_KEY_GEN 0x00001030
-#define CKM_BATON_ECB128 0x00001031
-#define CKM_BATON_ECB96 0x00001032
-#define CKM_BATON_CBC128 0x00001033
-#define CKM_BATON_COUNTER 0x00001034
-#define CKM_BATON_SHUFFLE 0x00001035
-#define CKM_BATON_WRAP 0x00001036
-#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 /* depricated in v2.11 */
-#define CKM_EC_KEY_PAIR_GEN 0x00001040
-#define CKM_ECDSA 0x00001041
-#define CKM_ECDSA_SHA1 0x00001042
-
-/* ECDH1 is new for 2.11 */
-#define CKM_ECDH1_DERIVE 0x00001043
-#define CKM_ECDH1_COFACTOR_DERIVE 0x00001044
-#define CKM_ECMQV_DERIVE 0x00001045
-
-#define CKM_JUNIPER_KEY_GEN 0x00001060
-#define CKM_JUNIPER_ECB128 0x00001061
-#define CKM_JUNIPER_CBC128 0x00001062
-#define CKM_JUNIPER_COUNTER 0x00001063
-#define CKM_JUNIPER_SHUFFLE 0x00001064
-#define CKM_JUNIPER_WRAP 0x00001065
-#define CKM_FASTHASH 0x00001070
-
-/* AES is new for 2.11 */
-#define CKM_AES_KEY_GEN 0x00001080
-#define CKM_AES_ECB 0x00001081
-#define CKM_AES_CBC 0x00001082
-#define CKM_AES_MAC 0x00001083
-#define CKM_AES_MAC_GENERAL 0x00001084
-#define CKM_AES_CBC_PAD 0x00001085
-
-/* CKM_DSA_PARAMETER_GEN, CKM_DH_PKCS_PARAMETER_GEN,
- * and CKM_DH_X9_42_PARAMETER_GEN are new for 2.11 */
-#define CKM_DSA_PARAMETER_GEN 0x00002000
-#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
-#define CKM_DH_X9_42_PARAMETER_GEN 0x00002002
-
-#define CKM_VENDOR_DEFINED 0x80000000
-
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular
- * mechanism */
-typedef struct CK_MECHANISM {
- CK_MECHANISM_TYPE mechanism;
- CK_VOID_PTR pParameter;
-
- /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
- CK_ULONG ulParameterLen; /* in bytes */
-} CK_MECHANISM;
-
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular
- * mechanism */
-typedef struct CK_MECHANISM_INFO {
- CK_ULONG ulMinKeySize;
- CK_ULONG ulMaxKeySize;
- CK_FLAGS flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows:
- * Bit Flag Mask Meaning */
-#define CKF_HW 0x00000001 /* performed by HW */
-
-/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
- * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
- * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
- * and CKF_DERIVE are new for v2.0. They specify whether or not
- * a mechanism can be used for a particular task */
-/* The flags CKF_EC_FP, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
- * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11 */
-#define CKF_ENCRYPT 0x00000100
-#define CKF_DECRYPT 0x00000200
-#define CKF_DIGEST 0x00000400
-#define CKF_SIGN 0x00000800
-#define CKF_SIGN_RECOVER 0x00001000
-#define CKF_VERIFY 0x00002000
-#define CKF_VERIFY_RECOVER 0x00004000
-#define CKF_GENERATE 0x00008000
-#define CKF_GENERATE_KEY_PAIR 0x00010000
-#define CKF_WRAP 0x00020000
-#define CKF_UNWRAP 0x00040000
-#define CKF_DERIVE 0x00080000
-#define CKF_EC_FP 0x00100000
-#define CKF_EC_F_2M 0x00200000
-#define CKF_EC_ECPARAMETERS 0x00400000
-#define CKF_EC_NAMEDCURVE 0x00800000
-#define CKF_EC_UNCOMPRESS 0x01000000
-#define CKF_EC_COMPRESS 0x02000000
-
-#define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */
-
-typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
-
-
-/* CK_RV is a value that identifies the return value of a
- * PKCS #11 function */
-/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_RV;
-
-#define CKR_OK 0x00000000
-#define CKR_CANCEL 0x00000001
-#define CKR_HOST_MEMORY 0x00000002
-#define CKR_SLOT_ID_INVALID 0x00000003
-
-/* CKR_FLAGS_INVALID was removed for v2.0 */
-
-/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
-#define CKR_GENERAL_ERROR 0x00000005
-#define CKR_FUNCTION_FAILED 0x00000006
-
-/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
- * and CKR_CANT_LOCK are new for v2.01 */
-#define CKR_ARGUMENTS_BAD 0x00000007
-#define CKR_NO_EVENT 0x00000008
-#define CKR_NEED_TO_CREATE_THREADS 0x00000009
-#define CKR_CANT_LOCK 0x0000000A
-
-#define CKR_ATTRIBUTE_READ_ONLY 0x00000010
-#define CKR_ATTRIBUTE_SENSITIVE 0x00000011
-#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
-#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
-#define CKR_DATA_INVALID 0x00000020
-#define CKR_DATA_LEN_RANGE 0x00000021
-#define CKR_DEVICE_ERROR 0x00000030
-#define CKR_DEVICE_MEMORY 0x00000031
-#define CKR_DEVICE_REMOVED 0x00000032
-#define CKR_ENCRYPTED_DATA_INVALID 0x00000040
-#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
-#define CKR_FUNCTION_CANCELED 0x00000050
-#define CKR_FUNCTION_NOT_PARALLEL 0x00000051
-
-/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
-#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
-
-#define CKR_KEY_HANDLE_INVALID 0x00000060
-
-/* CKR_KEY_SENSITIVE was removed for v2.0 */
-
-#define CKR_KEY_SIZE_RANGE 0x00000062
-#define CKR_KEY_TYPE_INCONSISTENT 0x00000063
-
-/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
- * v2.0 */
-#define CKR_KEY_NOT_NEEDED 0x00000064
-#define CKR_KEY_CHANGED 0x00000065
-#define CKR_KEY_NEEDED 0x00000066
-#define CKR_KEY_INDIGESTIBLE 0x00000067
-#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
-#define CKR_KEY_NOT_WRAPPABLE 0x00000069
-#define CKR_KEY_UNEXTRACTABLE 0x0000006A
-
-/* CKR_KEY_PARAMS_INVALID is new for v2.11 */
-#define CKR_KEY_PARAMS_INVALID 0x0000006B
-
-#define CKR_MECHANISM_INVALID 0x00000070
-#define CKR_MECHANISM_PARAM_INVALID 0x00000071
-
-/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
- * were removed for v2.0 */
-#define CKR_OBJECT_HANDLE_INVALID 0x00000082
-#define CKR_OPERATION_ACTIVE 0x00000090
-#define CKR_OPERATION_NOT_INITIALIZED 0x00000091
-#define CKR_PIN_INCORRECT 0x000000A0
-#define CKR_PIN_INVALID 0x000000A1
-#define CKR_PIN_LEN_RANGE 0x000000A2
-
-/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
-#define CKR_PIN_EXPIRED 0x000000A3
-#define CKR_PIN_LOCKED 0x000000A4
-
-#define CKR_SESSION_CLOSED 0x000000B0
-#define CKR_SESSION_COUNT 0x000000B1
-#define CKR_SESSION_HANDLE_INVALID 0x000000B3
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
-#define CKR_SESSION_READ_ONLY 0x000000B5
-#define CKR_SESSION_EXISTS 0x000000B6
-
-/* CKR_SESSION_READ_ONLY_EXISTS and
- * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
-#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
-#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
-
-#define CKR_SIGNATURE_INVALID 0x000000C0
-#define CKR_SIGNATURE_LEN_RANGE 0x000000C1
-#define CKR_TEMPLATE_INCOMPLETE 0x000000D0
-#define CKR_TEMPLATE_INCONSISTENT 0x000000D1
-#define CKR_TOKEN_NOT_PRESENT 0x000000E0
-#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
-#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
-#define CKR_USER_ALREADY_LOGGED_IN 0x00000100
-#define CKR_USER_NOT_LOGGED_IN 0x00000101
-#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
-#define CKR_USER_TYPE_INVALID 0x00000103
-
-/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
- * are new to v2.01 */
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
-#define CKR_USER_TOO_MANY_TYPES 0x00000105
-
-#define CKR_WRAPPED_KEY_INVALID 0x00000110
-#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
-#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
-#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
-#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
-
-/* New for v2.0 */
-#define CKR_RANDOM_NO_RNG 0x00000121
-
-/* New for v2.11 */
-#define CKR_DOMAIN_PARAMS_INVALID 0x00000130
-
-/* These are new to v2.0 */
-#define CKR_BUFFER_TOO_SMALL 0x00000150
-#define CKR_SAVED_STATE_INVALID 0x00000160
-#define CKR_INFORMATION_SENSITIVE 0x00000170
-#define CKR_STATE_UNSAVEABLE 0x00000180
-
-/* These are new to v2.01 */
-#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
-#define CKR_MUTEX_BAD 0x000001A0
-#define CKR_MUTEX_NOT_LOCKED 0x000001A1
-
-#define CKR_VENDOR_DEFINED 0x80000000
-
-
-/* CK_NOTIFY is an application callback that processes events */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_NOTIFICATION event,
- CK_VOID_PTR pApplication /* passed to C_OpenSession */
-);
-
-
-/* CK_FUNCTION_LIST is a structure holding a PKCS #11 spec
- * version and pointers of appropriate types to all the
- * PKCS #11 functions */
-/* CK_FUNCTION_LIST is new for v2.0 */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-
-/* CK_CREATEMUTEX is an application callback for creating a
- * mutex object */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
- CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a
- * mutex object */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a
- * mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to
- * C_Initialize */
-typedef struct CK_C_INITIALIZE_ARGS {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- CK_FLAGS flags;
- CK_CHAR_PTR *LibraryParameters;
- CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
-#define CKF_OS_LOCKING_OK 0x00000002
-
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK 1
-
-/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
- * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
- * Generation Function (MGF) applied to a message block when
- * formatting a message block for the PKCS #1 OAEP encryption
- * scheme. */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_MGF_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_MGF_TYPE CK_PTR CK_RSA_PKCS_OAEP_MGF_TYPE_PTR;
-
-/* The following MGFs are defined */
-#define CKG_MGF1_SHA1 0x00000001
-
-/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
- * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
- * of the encoding parameter when formatting a message block
- * for the PKCS #1 OAEP encryption scheme. */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
-
-/* The following encoding parameter sources are defined */
-#define CKZ_DATA_SPECIFIED 0x00000001
-
-/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
- * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
- * CKM_RSA_PKCS_OAEP mechanism. */
-typedef struct CK_RSA_PKCS_OAEP_PARAMS {
- CK_MECHANISM_TYPE hashAlg;
- CK_RSA_PKCS_OAEP_MGF_TYPE mgf;
- CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
- CK_VOID_PTR pSourceData;
- CK_ULONG ulSourceDataLen;
-} CK_RSA_PKCS_OAEP_PARAMS;
-
-typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the
- * CKM_KEA_DERIVE mechanism */
-/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
-typedef struct CK_KEA_DERIVE_PARAMS {
- CK_BBOOL isSender;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pRandomB;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
- * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
- * holds the effective keysize */
-typedef CK_ULONG CK_RC2_PARAMS;
-
-typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
- * mechanism */
-typedef struct CK_RC2_CBC_PARAMS {
- /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
-
- CK_BYTE iv[8]; /* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
-
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC2_MAC_GENERAL mechanism */
-/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
- CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
- * CKM_RC5_MAC mechanisms */
-/* CK_RC5_PARAMS is new for v2.0 */
-typedef struct CK_RC5_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
-} CK_RC5_PARAMS;
-
-typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
- * mechanism */
-/* CK_RC5_CBC_PARAMS is new for v2.0 */
-typedef struct CK_RC5_CBC_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_BYTE_PTR pIv; /* pointer to IV */
- CK_ULONG ulIvLen; /* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC5_MAC_GENERAL mechanism */
-/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
- CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
- * ciphers' MAC_GENERAL mechanisms. Its value is the length of
- * the MAC */
-/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
- CK_ULONG ulPasswordLen;
- CK_BYTE_PTR pPassword;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPAndGLen;
- CK_ULONG ulQLen;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pPrimeP;
- CK_BYTE_PTR pBaseG;
- CK_BYTE_PTR pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
- CK_SKIPJACK_PRIVATE_WRAP_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism */
-/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
- CK_ULONG ulOldWrappedXLen;
- CK_BYTE_PTR pOldWrappedX;
- CK_ULONG ulOldPasswordLen;
- CK_BYTE_PTR pOldPassword;
- CK_ULONG ulOldPublicDataLen;
- CK_BYTE_PTR pOldPublicData;
- CK_ULONG ulOldRandomLen;
- CK_BYTE_PTR pOldRandomA;
- CK_ULONG ulNewPasswordLen;
- CK_BYTE_PTR pNewPassword;
- CK_ULONG ulNewPublicDataLen;
- CK_BYTE_PTR pNewPublicData;
- CK_ULONG ulNewRandomLen;
- CK_BYTE_PTR pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
- CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-
-typedef struct CK_PBE_PARAMS {
- CK_CHAR_PTR pInitVector;
- CK_CHAR_PTR pPassword;
- CK_ULONG ulPasswordLen;
- CK_CHAR_PTR pSalt;
- CK_ULONG ulSaltLen;
- CK_ULONG ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
- * CKM_KEY_WRAP_SET_OAEP mechanism */
-/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
- CK_BYTE bBC; /* block contents byte */
- CK_BYTE_PTR pX; /* extra data */
- CK_ULONG ulXLen; /* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
- CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_RANDOM_DATA {
- CK_BYTE_PTR pClientRandom;
- CK_ULONG ulClientRandomLen;
- CK_BYTE_PTR pServerRandom;
- CK_ULONG ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
- CK_OBJECT_HANDLE hClientMacSecret;
- CK_OBJECT_HANDLE hServerMacSecret;
- CK_OBJECT_HANDLE hClientKey;
- CK_OBJECT_HANDLE hServerKey;
- CK_BYTE_PTR pIVClient;
- CK_BYTE_PTR pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_BBOOL bIsExport;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
- CK_BYTE_PTR pData;
- CK_ULONG ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
- CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-
-/* The CK_EXTRACT_PARAMS is used for the
- * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
- * of the base key should be used as the first bit of the
- * derived key */
-/* CK_EXTRACT_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
- * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
- * indicate the Pseudo-Random Function (PRF) used to generate
- * key bits using PKCS #5 PBKDF2. */
-typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
-
-typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
-
-/* The following PRFs are defined in PKCS #5 v2.0. */
-#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
-
-
-/* CK_PKCS5_PBKD2_SALT_SOURCE_TYPE is new for v2.10.
- * CK_PKCS5_PBKD2_SALT_SOURCE_TYPE is used to indicate the
- * source of the salt value when deriving a key using PKCS #5
- * PBKDF2. */
-typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
-
-typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
-
-/* The following salt value sources are defined in PKCS #5 v2.0. */
-#define CKZ_SALT_SPECIFIED 0x00000001
-
-/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
- * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
- * parameters to the CKM_PKCS5_PBKD2 mechanism. */
-typedef struct CK_PKCS5_PBKD2_PARAMS {
- CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
- CK_VOID_PTR pSaltSourceData;
- CK_ULONG ulSaltSourceDataLen;
- CK_ULONG iterations;
- CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
- CK_VOID_PTR pPrfData;
- CK_ULONG ulPrfDataLen;
-} CK_PKCS5_PBKD2_PARAMS;
-
-typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
-
-/* CK_ECDH1_DERIVE_PARAMS is defined in Section 12.4.4 of
- * PKCS#11v2.11. This structure provides parameters for
- * the CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE key
- * derivation mechanisms.
- */
-typedef CK_ULONG CK_EC_KDF_TYPE;
-#define CKD_NULL 0x00000001
-#define CKD_SHA1_KDF 0x00000002
-
-typedef struct CK_ECDH1_DERIVE_PARAMS {
- CK_EC_KDF_TYPE kdf;
- CK_ULONG ulSharedDataLen;
- CK_BYTE_PTR pSharedData;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_ECDH1_DERIVE_PARAMS;
-
-typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
-
-/* Netscape Specific defines */
-#include "pkcs11n.h"
-
-/* undo packing */
-#include "pkcs11u.h"
-
-#endif
diff --git a/security/nss/lib/softoken/pkcs11u.c b/security/nss/lib/softoken/pkcs11u.c
deleted file mode 100644
index 35e9bce82..000000000
--- a/security/nss/lib/softoken/pkcs11u.c
+++ /dev/null
@@ -1,2841 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal PKCS #11 functions. Should only be called by pkcs11.c
- */
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "pcertt.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secasn1.h"
-#include "blapi.h"
-#include "secerr.h"
-
-/*
- * ******************** Attribute Utilities *******************************
- */
-
-/*
- * create a new attribute with type, value, and length. Space is allocated
- * to hold value.
- */
-static PK11Attribute *
-pk11_NewAttribute(PK11Object *object,
- CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, CK_ULONG len)
-{
- PK11Attribute *attribute;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
- int index;
-
- if (so == NULL) {
- /* allocate new attribute in a buffer */
- PORT_Assert(0);
- }
- /*
- * PKCS11_STATIC_ATTRIBUTES attempts to keep down contention on Malloc and Arena locks
- * by limiting the number of these calls on high traversed paths. this
- * is done for attributes by 'allocating' them from a pool already allocated
- * by the parent object.
- */
- PK11_USE_THREADS(PZ_Lock(so->attributeLock);)
- index = so->nextAttr++;
- PK11_USE_THREADS(PZ_Unlock(so->attributeLock);)
- PORT_Assert(index < MAX_OBJS_ATTRS);
- if (index >= MAX_OBJS_ATTRS) return NULL;
-
- attribute = &so->attrList[index];
- attribute->attrib.type = type;
- attribute->freeAttr = PR_FALSE;
- attribute->freeData = PR_FALSE;
- if (value) {
- if (len <= ATTR_SPACE) {
- attribute->attrib.pValue = attribute->space;
- } else {
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
- }
- if (attribute->attrib.pValue == NULL) {
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
-#else
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
- attribute->freeAttr = PR_TRUE;
-#else
- attribute = (PK11Attribute*)PORT_ArenaAlloc(object->arena,sizeof(PK11Attribute));
- attribute->freeAttr = PR_FALSE;
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- if (attribute == NULL) return NULL;
- attribute->freeData = PR_FALSE;
-
- if (value) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
-#else
- attribute->attrib.pValue = PORT_ArenaAlloc(object->arena,len);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- if (attribute->attrib.pValue == NULL) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PORT_Free(attribute);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
-#endif /* PKCS11_STATIC_ATTRIBUTES */
- attribute->attrib.type = type;
- attribute->handle = type;
- attribute->next = attribute->prev = NULL;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute->refCount = 1;
-#ifdef PKCS11_USE_THREADS
- attribute->refLock = PZ_NewLock(nssILockRefLock);
- if (attribute->refLock == NULL) {
- if (attribute->attrib.pValue) PORT_Free(attribute->attrib.pValue);
- PORT_Free(attribute);
- return NULL;
- }
-#else
- attribute->refLock = NULL;
-#endif
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- return attribute;
-}
-
-static PK11Attribute *
-pk11_NewTokenAttribute(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value,
- CK_ULONG len, PRBool copy)
-{
- PK11Attribute *attribute;
-
- attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
-
- if (attribute == NULL) return NULL;
- attribute->attrib.type = type;
- attribute->handle = type;
- attribute->next = attribute->prev = NULL;
- attribute->freeAttr = PR_TRUE;
- attribute->freeData = PR_FALSE;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute->refCount = 1;
-#ifdef PKCS11_USE_THREADS
- attribute->refLock = PZ_NewLock(nssILockRefLock);
- if (attribute->refLock == NULL) {
- PORT_Free(attribute);
- return NULL;
- }
-#else
- attribute->refLock = NULL;
-#endif
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- attribute->attrib.type = type;
- if (!copy) {
- attribute->attrib.pValue = value;
- attribute->attrib.ulValueLen = len;
- return attribute;
- }
-
- if (value) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
- if (len <= ATTR_SPACE) {
- attribute->attrib.pValue = attribute->space;
- } else {
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
- }
-#else
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
-#endif
- if (attribute->attrib.pValue == NULL) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- if (attribute->refLock) {
- PK11_USE_THREADS(PZ_DestroyLock(attribute->refLock);)
- }
-#endif
- PORT_Free(attribute);
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- return attribute;
-}
-
-static PK11Attribute *
-pk11_NewTokenAttributeSigned(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value,
- CK_ULONG len, PRBool copy)
-{
- unsigned char * dval = (unsigned char *)value;
- if (*dval == 0) {
- dval++;
- len--;
- }
- return pk11_NewTokenAttribute(type,dval,len,copy);
-}
-
-/*
- * Free up all the memory associated with an attribute. Reference count
- * must be zero to call this.
- */
-static void
-pk11_DestroyAttribute(PK11Attribute *attribute)
-{
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PORT_Assert(attribute->refCount == 0);
- PK11_USE_THREADS(PZ_DestroyLock(attribute->refLock);)
-#endif
- if (attribute->freeData) {
- if (attribute->attrib.pValue) {
- /* clear out the data in the attribute value... it may have been
- * sensitive data */
- PORT_Memset(attribute->attrib.pValue, 0,
- attribute->attrib.ulValueLen);
- }
- PORT_Free(attribute->attrib.pValue);
- }
- PORT_Free(attribute);
-}
-
-/*
- * release a reference to an attribute structure
- */
-void
-pk11_FreeAttribute(PK11Attribute *attribute)
-{
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PRBool destroy = PR_FALSE;
-#endif
-
- if (attribute->freeAttr) {
- pk11_DestroyAttribute(attribute);
- return;
- }
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PK11_USE_THREADS(PZ_Lock(attribute->refLock);)
- if (attribute->refCount == 1) destroy = PR_TRUE;
- attribute->refCount--;
- PK11_USE_THREADS(PZ_Unlock(attribute->refLock);)
-
- if (destroy) pk11_DestroyAttribute(attribute);
-#endif
-}
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-#define PK11_DEF_ATTRIBUTE(value,len) \
- { NULL, NULL, PR_FALSE, PR_FALSE, 1, NULL, 0, { 0, value, len } }
-
-#else
-#define PK11_DEF_ATTRIBUTE(value,len) \
- { NULL, NULL, PR_FALSE, PR_FALSE, 0, { 0, value, len } }
-#endif
-
-CK_BBOOL pk11_staticTrueValue = CK_TRUE;
-CK_BBOOL pk11_staticFalseValue = CK_FALSE;
-static const PK11Attribute pk11_StaticTrueAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrueValue,sizeof(pk11_staticTrueValue));
-static const PK11Attribute pk11_StaticFalseAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticFalseValue,sizeof(pk11_staticFalseValue));
-static const PK11Attribute pk11_StaticNullAttr = PK11_DEF_ATTRIBUTE(NULL,0);
-char pk11_StaticOneValue = 1;
-static const PK11Attribute pk11_StaticOneAttr =
- PK11_DEF_ATTRIBUTE(&pk11_StaticOneValue,sizeof(pk11_StaticOneValue));
-
-CK_CERTIFICATE_TYPE pk11_staticX509Value = CKC_X_509;
-static const PK11Attribute pk11_StaticX509Attr =
- PK11_DEF_ATTRIBUTE(&pk11_staticX509Value, sizeof(pk11_staticX509Value));
-CK_TRUST pk11_staticTrustedValue = CKT_NETSCAPE_TRUSTED;
-CK_TRUST pk11_staticTrustedDelegatorValue = CKT_NETSCAPE_TRUSTED_DELEGATOR;
-CK_TRUST pk11_staticValidDelegatorValue = CKT_NETSCAPE_VALID_DELEGATOR;
-CK_TRUST pk11_staticUnTrustedValue = CKT_NETSCAPE_UNTRUSTED;
-CK_TRUST pk11_staticTrustUnknownValue = CKT_NETSCAPE_TRUST_UNKNOWN;
-CK_TRUST pk11_staticValidPeerValue = CKT_NETSCAPE_VALID;
-CK_TRUST pk11_staticMustVerifyValue = CKT_NETSCAPE_MUST_VERIFY;
-static const PK11Attribute pk11_StaticTrustedAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrustedValue,
- sizeof(pk11_staticTrustedValue));
-static const PK11Attribute pk11_StaticTrustedDelegatorAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrustedDelegatorValue,
- sizeof(pk11_staticTrustedDelegatorValue));
-static const PK11Attribute pk11_StaticValidDelegatorAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticValidDelegatorValue,
- sizeof(pk11_staticValidDelegatorValue));
-static const PK11Attribute pk11_StaticUnTrustedAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticUnTrustedValue,
- sizeof(pk11_staticUnTrustedValue));
-static const PK11Attribute pk11_StaticTrustUnknownAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrustUnknownValue,
- sizeof(pk11_staticTrustUnknownValue));
-static const PK11Attribute pk11_StaticValidPeerAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticValidPeerValue,
- sizeof(pk11_staticValidPeerValue));
-static const PK11Attribute pk11_StaticMustVerifyAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticMustVerifyValue,
- sizeof(pk11_staticMustVerifyValue));
-
-static certDBEntrySMime *
-pk11_getSMime(PK11TokenObject *object)
-{
- certDBEntrySMime *entry;
-
- if (object->obj.objclass != CKO_NETSCAPE_SMIME) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (certDBEntrySMime *)object->obj.objectInfo;
- }
-
- entry = nsslowcert_ReadDBSMimeEntry(object->obj.slot->certDB,
- (char *)object->dbKey.data);
- object->obj.objectInfo = (void *)entry;
- object->obj.infoFree = (PK11Free) nsslowcert_DestroyDBEntry;
- return entry;
-}
-
-static certDBEntryRevocation *
-pk11_getCrl(PK11TokenObject *object)
-{
- certDBEntryRevocation *crl;
- PRBool isKrl;
-
- if (object->obj.objclass != CKO_NETSCAPE_CRL) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (certDBEntryRevocation *)object->obj.objectInfo;
- }
-
- isKrl = (PRBool) object->obj.handle == PK11_TOKEN_KRL_HANDLE;
- crl = nsslowcert_FindCrlByKey(object->obj.slot->certDB,
- &object->dbKey, isKrl);
- object->obj.objectInfo = (void *)crl;
- object->obj.infoFree = (PK11Free) nsslowcert_DestroyDBEntry;
- return crl;
-}
-
-static NSSLOWCERTCertificate *
-pk11_getCert(PK11TokenObject *object)
-{
- NSSLOWCERTCertificate *cert;
- CK_OBJECT_CLASS objClass = object->obj.objclass;
-
- if ((objClass != CKO_CERTIFICATE) && (objClass != CKO_NETSCAPE_TRUST)) {
- return NULL;
- }
- if (objClass == CKO_CERTIFICATE && object->obj.objectInfo) {
- return (NSSLOWCERTCertificate *)object->obj.objectInfo;
- }
- cert = nsslowcert_FindCertByKey(object->obj.slot->certDB,&object->dbKey);
- if (objClass == CKO_CERTIFICATE) {
- object->obj.objectInfo = (void *)cert;
- object->obj.infoFree = (PK11Free) nsslowcert_DestroyCertificate ;
- }
- return cert;
-}
-
-static NSSLOWCERTTrust *
-pk11_getTrust(PK11TokenObject *object)
-{
- NSSLOWCERTTrust *trust;
-
- if (object->obj.objclass != CKO_NETSCAPE_TRUST) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (NSSLOWCERTTrust *)object->obj.objectInfo;
- }
- trust = nsslowcert_FindTrustByKey(object->obj.slot->certDB,&object->dbKey);
- object->obj.objectInfo = (void *)trust;
- object->obj.infoFree = (PK11Free) nsslowcert_DestroyTrust ;
- return trust;
-}
-
-static NSSLOWKEYPublicKey *
-pk11_GetPublicKey(PK11TokenObject *object)
-{
- NSSLOWKEYPublicKey *pubKey;
- NSSLOWKEYPrivateKey *privKey;
-
- if (object->obj.objclass != CKO_PUBLIC_KEY) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (NSSLOWKEYPublicKey *)object->obj.objectInfo;
- }
- privKey = nsslowkey_FindKeyByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (privKey == NULL) {
- return NULL;
- }
- pubKey = nsslowkey_ConvertToPublicKey(privKey);
- nsslowkey_DestroyPrivateKey(privKey);
- object->obj.objectInfo = (void *) pubKey;
- object->obj.infoFree = (PK11Free) nsslowkey_DestroyPublicKey ;
- return pubKey;
-}
-
-static NSSLOWKEYPrivateKey *
-pk11_GetPrivateKey(PK11TokenObject *object)
-{
- NSSLOWKEYPrivateKey *privKey;
-
- if ((object->obj.objclass != CKO_PRIVATE_KEY) &&
- (object->obj.objclass != CKO_SECRET_KEY)) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (NSSLOWKEYPrivateKey *)object->obj.objectInfo;
- }
- privKey = nsslowkey_FindKeyByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (privKey == NULL) {
- return NULL;
- }
- object->obj.objectInfo = (void *) privKey;
- object->obj.infoFree = (PK11Free) nsslowkey_DestroyPrivateKey ;
- return privKey;
-}
-
-/* pk11_GetPubItem returns data associated with the public key.
- * one only needs to free the public key. This comment is here
- * because this sematic would be non-obvious otherwise. All callers
- * should include this comment.
- */
-static SECItem *
-pk11_GetPubItem(NSSLOWKEYPublicKey *pubKey) {
- SECItem *pubItem = NULL;
- /* get value to compare from the cert's public key */
- switch ( pubKey->keyType ) {
- case NSSLOWKEYRSAKey:
- pubItem = &pubKey->u.rsa.modulus;
- break;
- case NSSLOWKEYDSAKey:
- pubItem = &pubKey->u.dsa.publicValue;
- break;
- case NSSLOWKEYDHKey:
- pubItem = &pubKey->u.dh.publicValue;
- break;
- default:
- break;
- }
- return pubItem;
-}
-
-static const SEC_ASN1Template pk11_SerialTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertificate,serialNumber) },
- { 0 }
-};
-
-static PK11Attribute *
-pk11_FindRSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_RSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.rsa.modulus.data,key->u.rsa.modulus.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_MODULUS:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.modulus.data,
- key->u.rsa.modulus.len, PR_FALSE);
- case CKA_PUBLIC_EXPONENT:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.publicExponent.data,
- key->u.rsa.publicExponent.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dsa.publicValue.data,
- key->u.dsa.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_VERIFY:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_VALUE:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.publicValue.data,
- key->u.dsa.publicValue.len, PR_FALSE);
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.prime.data,
- key->u.dsa.params.prime.len, PR_FALSE);
- case CKA_SUBPRIME:
- return pk11_NewTokenAttributeSigned(type,
- key->u.dsa.params.subPrime.data,
- key->u.dsa.params.subPrime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.base.data,
- key->u.dsa.params.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDHPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DH;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dh.publicValue.data,key->u.dh.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_VALUE:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.publicValue.data,
- key->u.dh.publicValue.len, PR_FALSE);
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.prime.data,
- key->u.dh.prime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.base.data,
- key->u.dh.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindPublicKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWKEYPublicKey *key;
- PK11Attribute *att = NULL;
- char *label;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_NEVER_EXTRACTABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_MODIFIABLE:
- case CKA_EXTRACTABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_LABEL:
- label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (label == NULL) {
- return (PK11Attribute *)&pk11_StaticOneAttr;
- }
- att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label), PR_TRUE);
- PORT_Free(label);
- return att;
- default:
- break;
- }
-
- key = pk11_GetPublicKey(object);
- if (key == NULL) {
- return NULL;
- }
-
- switch (key->keyType) {
- case NSSLOWKEYRSAKey:
- return pk11_FindRSAPublicKeyAttribute(key,type);
- case NSSLOWKEYDSAKey:
- return pk11_FindDSAPublicKeyAttribute(key,type);
- case NSSLOWKEYDHKey:
- return pk11_FindDHPublicKeyAttribute(key,type);
- default:
- break;
- }
-
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindSecretKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWKEYPrivateKey *key;
- char *label;
- PK11Attribute *att;
- CK_ULONG keyLen;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_EXTRACTABLE:
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_VERIFY:
- case CKA_WRAP:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_NEVER_EXTRACTABLE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_LABEL:
- label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (label == NULL) {
- return (PK11Attribute *)&pk11_StaticNullAttr;
- }
- att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label), PR_TRUE);
- PORT_Free(label);
- return att;
- case CKA_KEY_TYPE:
- case CKA_VALUE_LEN:
- case CKA_VALUE:
- break;
- default:
- return NULL;
- }
-
- key = pk11_GetPrivateKey(object);
- if (key == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,key->u.rsa.coefficient.data,
- key->u.rsa.coefficient.len, PR_FALSE);
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type,key->u.rsa.privateExponent.data,
- key->u.rsa.privateExponent.len, PR_FALSE);
- case CKA_VALUE_LEN:
- keyLen=key->u.rsa.privateExponent.len;
- return pk11_NewTokenAttribute(type, &keyLen, sizeof(CK_ULONG), PR_TRUE);
- }
-
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindRSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key,
- CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_RSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.rsa.modulus.data,key->u.rsa.modulus.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_SIGN_RECOVER:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_MODULUS:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.modulus.data,
- key->u.rsa.modulus.len, PR_FALSE);
- case CKA_PUBLIC_EXPONENT:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.publicExponent.data,
- key->u.rsa.publicExponent.len, PR_FALSE);
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- return (PK11Attribute *) &pk11_StaticNullAttr;
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key,
- CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dsa.publicValue.data,
- key->u.dsa.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- case CKA_DECRYPT:
- case CKA_SIGN_RECOVER:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_SIGN:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_VALUE:
- return (PK11Attribute *) &pk11_StaticNullAttr;
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.prime.data,
- key->u.dsa.params.prime.len, PR_FALSE);
- case CKA_SUBPRIME:
- return pk11_NewTokenAttributeSigned(type,
- key->u.dsa.params.subPrime.data,
- key->u.dsa.params.subPrime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.base.data,
- key->u.dsa.params.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDHPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DH;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dh.publicValue.data,key->u.dh.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_SIGN_RECOVER:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_VALUE:
- return (PK11Attribute *) &pk11_StaticNullAttr;
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.prime.data,
- key->u.dh.prime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.base.data,
- key->u.dh.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindPrivateKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWKEYPrivateKey *key;
- char *label;
- PK11Attribute *att;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_EXTRACTABLE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_NEVER_EXTRACTABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_SUBJECT:
- return (PK11Attribute *)&pk11_StaticNullAttr;
- case CKA_LABEL:
- label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (label == NULL) {
- return (PK11Attribute *)&pk11_StaticNullAttr;
- }
- att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label), PR_TRUE);
- PORT_Free(label);
- return att;
- default:
- break;
- }
- key = pk11_GetPrivateKey(object);
- if (key == NULL) {
- return NULL;
- }
- switch (key->keyType) {
- case NSSLOWKEYRSAKey:
- return pk11_FindRSAPrivateKeyAttribute(key,type);
- case NSSLOWKEYDSAKey:
- return pk11_FindDSAPrivateKeyAttribute(key,type);
- case NSSLOWKEYDHKey:
- return pk11_FindDHPrivateKeyAttribute(key,type);
- default:
- break;
- }
-
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindSMIMEAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- certDBEntrySMime *entry;
- switch (type) {
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_NETSCAPE_EMAIL:
- return pk11_NewTokenAttribute(type,object->dbKey.data,
- object->dbKey.len-1, PR_FALSE);
- case CKA_NETSCAPE_SMIME_TIMESTAMP:
- case CKA_SUBJECT:
- case CKA_VALUE:
- break;
- default:
- return NULL;
- }
- entry = pk11_getSMime(object);
- if (entry == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_NETSCAPE_SMIME_TIMESTAMP:
- return pk11_NewTokenAttribute(type,entry->optionsDate.data,
- entry->optionsDate.len, PR_FALSE);
- case CKA_SUBJECT:
- return pk11_NewTokenAttribute(type,entry->subjectName.data,
- entry->subjectName.len, PR_FALSE);
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type,entry->smimeOptions.data,
- entry->smimeOptions.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindTrustAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWCERTTrust *trust;
- unsigned char hash[SHA1_LENGTH];
- unsigned int trustFlags;
-
- switch (type) {
- case CKA_PRIVATE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_CERT_SHA1_HASH:
- case CKA_CERT_MD5_HASH:
- case CKA_TRUST_CLIENT_AUTH:
- case CKA_TRUST_SERVER_AUTH:
- case CKA_TRUST_EMAIL_PROTECTION:
- case CKA_TRUST_CODE_SIGNING:
- break;
- default:
- return NULL;
- }
- trust = pk11_getTrust(object);
- if (trust == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_CERT_SHA1_HASH:
- SHA1_HashBuf(hash,trust->derCert->data,trust->derCert->len);
- return pk11_NewTokenAttribute(type, hash, SHA1_LENGTH, PR_TRUE);
- case CKA_CERT_MD5_HASH:
- MD5_HashBuf(hash,trust->derCert->data,trust->derCert->len);
- return pk11_NewTokenAttribute(type, hash, MD5_LENGTH, PR_TRUE);
- case CKA_TRUST_CLIENT_AUTH:
- trustFlags = trust->trust->sslFlags & CERTDB_TRUSTED_CLIENT_CA ?
- trust->trust->sslFlags | CERTDB_TRUSTED_CA : 0 ;
- goto trust;
- case CKA_TRUST_SERVER_AUTH:
- trustFlags = trust->trust->sslFlags;
- goto trust;
- case CKA_TRUST_EMAIL_PROTECTION:
- trustFlags = trust->trust->emailFlags;
- goto trust;
- case CKA_TRUST_CODE_SIGNING:
- trustFlags = trust->trust->objectSigningFlags;
-trust:
- if (trustFlags & CERTDB_TRUSTED_CA ) {
- return (PK11Attribute *)&pk11_StaticTrustedDelegatorAttr;
- }
- if (trustFlags & CERTDB_TRUSTED) {
- return (PK11Attribute *)&pk11_StaticTrustedAttr;
- }
- if (trustFlags & CERTDB_NOT_TRUSTED) {
- return (PK11Attribute *)&pk11_StaticUnTrustedAttr;
- }
- if (trustFlags & CERTDB_TRUSTED_UNKNOWN) {
- return (PK11Attribute *)&pk11_StaticTrustUnknownAttr;
- }
- if (trustFlags & CERTDB_VALID_CA) {
- return (PK11Attribute *)&pk11_StaticValidDelegatorAttr;
- }
- if (trustFlags & CERTDB_VALID_PEER) {
- return (PK11Attribute *)&pk11_StaticValidPeerAttr;
- }
- return (PK11Attribute *)&pk11_StaticMustVerifyAttr;
- default:
- break;
- }
-
-#ifdef notdef
- switch (type) {
- case CKA_ISSUER:
- cert = pk11_getCertObject(object);
- if (cert == NULL) break;
- attr = pk11_NewTokenAttribute(type,cert->derIssuer.data,
- cert->derIssuer.len, PR_FALSE);
-
- case CKA_SERIAL_NUMBER:
- cert = pk11_getCertObject(object);
- if (cert == NULL) break;
- item = SEC_ASN1EncodeItem(NULL,NULL,cert,pk11_SerialTemplate);
- if (item == NULL) break;
- attr = pk11_NewTokenAttribute(type, item->data, item->len, PR_TRUE);
- SECITEM_FreeItem(item,PR_TRUE);
- }
- if (cert) {
- NSSLOWCERTDestroyCertificate(cert);
- return attr;
- }
-#endif
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindCrlAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- certDBEntryRevocation *crl;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_NETSCAPE_KRL:
- return (PK11Attribute *) ((object->obj.handle == PK11_TOKEN_KRL_HANDLE)
- ? &pk11_StaticTrueAttr : &pk11_StaticFalseAttr);
- case CKA_SUBJECT:
- return pk11_NewTokenAttribute(type,object->dbKey.data,
- object->dbKey.len, PR_FALSE);
- case CKA_NETSCAPE_URL:
- case CKA_VALUE:
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- crl = pk11_getCrl(object);
- if (!crl) {
- return NULL;
- }
- switch (type) {
- case CKA_NETSCAPE_URL:
- if (crl->url == NULL) {
- return (PK11Attribute *) &pk11_StaticNullAttr;
- }
- return pk11_NewTokenAttribute(type, crl->url,
- PORT_Strlen(crl->url)+1, PR_TRUE);
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type, crl->derCrl.data,
- crl->derCrl.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindCertAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWCERTCertificate *cert;
- NSSLOWKEYPublicKey *pubKey;
- unsigned char hash[SHA1_LENGTH];
- SECItem *item;
-
- switch (type) {
- case CKA_PRIVATE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_CERTIFICATE_TYPE:
- /* hardcoding X.509 into here */
- return (PK11Attribute *)&pk11_StaticX509Attr;
- case CKA_VALUE:
- case CKA_ID:
- case CKA_LABEL:
- case CKA_SUBJECT:
- case CKA_ISSUER:
- case CKA_SERIAL_NUMBER:
- case CKA_NETSCAPE_EMAIL:
- break;
- default:
- return NULL;
- }
- cert = pk11_getCert(object);
- if (cert == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type,cert->derCert.data,
- cert->derCert.len,PR_FALSE);
- case CKA_ID:
- if (((cert->trust->sslFlags & CERTDB_USER) == 0) &&
- ((cert->trust->emailFlags & CERTDB_USER) == 0) &&
- ((cert->trust->objectSigningFlags & CERTDB_USER) == 0)) {
- return (PK11Attribute *) &pk11_StaticNullAttr;
- }
- pubKey = nsslowcert_ExtractPublicKey(cert);
- if (pubKey == NULL) break;
- item = pk11_GetPubItem(pubKey);
- if (item == NULL) {
- nsslowkey_DestroyPublicKey(pubKey);
- break;
- }
- SHA1_HashBuf(hash,item->data,item->len);
- /* item is imbedded in pubKey, just free the key */
- nsslowkey_DestroyPublicKey(pubKey);
- return pk11_NewTokenAttribute(type, hash, SHA1_LENGTH, PR_TRUE);
- case CKA_LABEL:
- return cert->nickname ? pk11_NewTokenAttribute(type, cert->nickname,
- PORT_Strlen(cert->nickname), PR_FALSE) :
- (PK11Attribute *) &pk11_StaticNullAttr;
- case CKA_SUBJECT:
- return pk11_NewTokenAttribute(type,cert->derSubject.data,
- cert->derSubject.len, PR_FALSE);
- case CKA_ISSUER:
- return pk11_NewTokenAttribute(type,cert->derIssuer.data,
- cert->derIssuer.len, PR_FALSE);
- case CKA_SERIAL_NUMBER:
- return pk11_NewTokenAttribute(type,cert->derSN.data,
- cert->derSN.len, PR_FALSE);
- case CKA_NETSCAPE_EMAIL:
- return cert->emailAddr ? pk11_NewTokenAttribute(type, cert->emailAddr,
- PORT_Strlen(cert->emailAddr), PR_FALSE) :
- (PK11Attribute *) &pk11_StaticNullAttr;
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindTokenAttribute(PK11TokenObject *object,CK_ATTRIBUTE_TYPE type)
-{
- /* handle the common ones */
- switch (type) {
- case CKA_CLASS:
- return pk11_NewTokenAttribute(type,&object->obj.objclass,
- sizeof(object->obj.objclass),PR_FALSE);
- case CKA_TOKEN:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_LABEL:
- if ( (object->obj.objclass == CKO_CERTIFICATE)
- || (object->obj.objclass == CKO_PRIVATE_KEY)
- || (object->obj.objclass == CKO_PUBLIC_KEY)
- || (object->obj.objclass == CKO_SECRET_KEY)) {
- break;
- }
- return (PK11Attribute *) &pk11_StaticNullAttr;
- default:
- break;
- }
- switch (object->obj.objclass) {
- case CKO_CERTIFICATE:
- return pk11_FindCertAttribute(object,type);
- case CKO_NETSCAPE_CRL:
- return pk11_FindCrlAttribute(object,type);
- case CKO_NETSCAPE_TRUST:
- return pk11_FindTrustAttribute(object,type);
- case CKO_NETSCAPE_SMIME:
- return pk11_FindSMIMEAttribute(object,type);
- case CKO_PUBLIC_KEY:
- return pk11_FindPublicKeyAttribute(object,type);
- case CKO_PRIVATE_KEY:
- return pk11_FindPrivateKeyAttribute(object,type);
- case CKO_SECRET_KEY:
- return pk11_FindSecretKeyAttribute(object,type);
- default:
- break;
- }
- PORT_Assert(0);
- return NULL;
-}
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when
- * it is no longer needed.
- */
-PK11Attribute *
-pk11_FindAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) {
- return pk11_FindTokenAttribute(pk11_narrowToTokenObject(object),type);
- }
-
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- pk11queue_find(attribute,type,sessObject->head, sessObject->hashSize);
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- if (attribute) {
- /* atomic increment would be nice here */
- PK11_USE_THREADS(PZ_Lock(attribute->refLock);)
- attribute->refCount++;
- PK11_USE_THREADS(PZ_Unlock(attribute->refLock);)
- }
-#endif
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-
- return(attribute);
-}
-
-
-
-PRBool
-pk11_hasAttributeToken(PK11TokenObject *object)
-{
- return PR_FALSE;
-}
-
-/*
- * return true if object has attribute
- */
-PRBool
-pk11_hasAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) {
- return pk11_hasAttributeToken(pk11_narrowToTokenObject(object));
- }
-
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- pk11queue_find(attribute,type,sessObject->head, sessObject->hashSize);
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-
- return (PRBool)(attribute != NULL);
-}
-
-/*
- * add an attribute to an object
- */
-static void
-pk11_AddAttribute(PK11Object *object,PK11Attribute *attribute)
-{
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) return;
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- pk11queue_add(attribute,attribute->handle,
- sessObject->head, sessObject->hashSize);
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-}
-
-/*
- * copy an unsigned attribute into a SECItem. Secitem is allocated in
- * the specified arena.
- */
-CK_RV
-pk11_Attribute2SSecItem(PLArenaPool *arena,SECItem *item,PK11Object *object,
- CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
-
- item->data = NULL;
-
- attribute = pk11_FindAttribute(object, type);
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
- (void)SECITEM_AllocItem(arena, item, attribute->attrib.ulValueLen);
- if (item->data == NULL) {
- pk11_FreeAttribute(attribute);
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy(item->data, attribute->attrib.pValue, item->len);
- pk11_FreeAttribute(attribute);
- return CKR_OK;
-}
-
-
-/*
- * delete an attribute from an object
- */
-static void
-pk11_DeleteAttribute(PK11Object *object, PK11Attribute *attribute)
-{
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) {
- return ;
- }
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- if (pk11queue_is_queued(attribute,attribute->handle,
- sessObject->head, sessObject->hashSize)) {
- pk11queue_delete(attribute,attribute->handle,
- sessObject->head, sessObject->hashSize);
- }
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
- pk11_FreeAttribute(attribute);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-PRBool
-pk11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- PRBool tok = PR_FALSE;
-
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) { return PR_FALSE; }
- tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
- pk11_FreeAttribute(attribute);
-
- return tok;
-}
-
-/*
- * force an attribute to null.
- * this is for sensitive keys which are stored in the database, we don't
- * want to keep this info around in memory in the clear.
- */
-void
-pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
-
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) return;
-
- if (attribute->attrib.pValue != NULL) {
- PORT_Memset(attribute->attrib.pValue,0,attribute->attrib.ulValueLen);
- if (attribute->freeData) {
- PORT_Free(attribute->attrib.pValue);
- }
- attribute->freeData = PR_FALSE;
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- pk11_FreeAttribute(attribute);
-}
-
-static CK_RV
-pk11_SetCertAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- NSSLOWCERTCertificate *cert;
- char *nickname = NULL;
- SECStatus rv;
-
- /* we can't change the EMAIL values, but let the
- * upper layers feel better about the fact we tried to set these */
- if (type == CKA_NETSCAPE_EMAIL) {
- return CKR_OK;
- }
-
- if (to->obj.slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- if ((type != CKA_LABEL) && (type != CKA_ID)) {
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- cert = pk11_getCert(to);
- if (cert == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* if the app is trying to set CKA_ID, it's probably because it just
- * imported the key. Look to see if we need to set the CERTDB_USER bits.
- */
- if (type == CKA_ID) {
- if (((cert->trust->sslFlags & CERTDB_USER) == 0) &&
- ((cert->trust->emailFlags & CERTDB_USER) == 0) &&
- ((cert->trust->objectSigningFlags & CERTDB_USER) == 0)) {
- PK11Slot *slot = to->obj.slot;
-
- if (slot->keyDB && nsslowkey_KeyForCertExists(slot->keyDB,cert)) {
- NSSLOWCERTCertTrust trust = *cert->trust;
- trust.sslFlags |= CERTDB_USER;
- trust.emailFlags |= CERTDB_USER;
- trust.objectSigningFlags |= CERTDB_USER;
- nsslowcert_ChangeCertTrust(slot->certDB,cert,&trust);
- }
- }
- return CKR_OK;
- }
-
- /* must be CKA_LABEL */
- if (value != NULL) {
- nickname = PORT_ZAlloc(len+1);
- if (nickname == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy(nickname,value,len);
- nickname[len] = 0;
- }
- rv = nsslowcert_AddPermNickname(to->obj.slot->certDB, cert, nickname);
- if (nickname) PORT_Free(nickname);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- return CKR_OK;
-}
-
-static CK_RV
-pk11_SetPrivateKeyAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- NSSLOWKEYPrivateKey *privKey;
- char *nickname = NULL;
- SECStatus rv;
-
- /* we can't change the ID and we don't store the subject, but let the
- * upper layers feel better about the fact we tried to set these */
- if ((type == CKA_ID) || (type == CKA_SUBJECT)) {
- return CKR_OK;
- }
-
- if (to->obj.slot->keyDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- if (type != CKA_LABEL) {
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- privKey = pk11_GetPrivateKey(to);
- if (privKey == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
- if (value != NULL) {
- nickname = PORT_ZAlloc(len+1);
- if (nickname == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy(nickname,value,len);
- nickname[len] = 0;
- }
- rv = nsslowkey_UpdateNickname(to->obj.slot->keyDB, privKey, &to->dbKey,
- nickname, to->obj.slot->password);
- if (nickname) PORT_Free(nickname);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- return CKR_OK;
-}
-
-static CK_RV
-pk11_SetTrustAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- unsigned int flags;
- CK_TRUST trust;
- NSSLOWCERTCertificate *cert;
- NSSLOWCERTCertTrust dbTrust;
- SECStatus rv;
-
- if (to->obj.slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- if (len != sizeof (CK_TRUST)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- trust = *(CK_TRUST *)value;
- flags = pk11_MapTrust(trust, (PRBool) (type == CKA_TRUST_SERVER_AUTH));
-
- cert = pk11_getCert(to);
- if (cert == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
- dbTrust = *cert->trust;
-
- switch (type) {
- case CKA_TRUST_EMAIL_PROTECTION:
- dbTrust.emailFlags = flags |
- (cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS);
- break;
- case CKA_TRUST_CODE_SIGNING:
- dbTrust.objectSigningFlags = flags |
- (cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS);
- break;
- case CKA_TRUST_CLIENT_AUTH:
- dbTrust.sslFlags = flags | (cert->trust->sslFlags &
- (CERTDB_PRESERVE_TRUST_BITS|CERTDB_TRUSTED_CA));
- break;
- case CKA_TRUST_SERVER_AUTH:
- dbTrust.sslFlags = flags | (cert->trust->sslFlags &
- (CERTDB_PRESERVE_TRUST_BITS|CERTDB_TRUSTED_CLIENT_CA));
- break;
- default:
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- rv = nsslowcert_ChangeCertTrust(to->obj.slot->certDB,cert,&dbTrust);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- return CKR_OK;
-}
-
-static CK_RV
-pk11_forceTokenAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- PK11Attribute *attribute;
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
- CK_RV crv = CKR_ATTRIBUTE_READ_ONLY;
-
- PORT_Assert(to);
- if (to == NULL) {
- return CKR_DEVICE_ERROR;
- }
-
- /* if we are just setting it to the value we already have,
- * allow it to happen. Let label setting go through so
- * we have the opportunity to repair any database corruption. */
- attribute=pk11_FindAttribute(object,type);
- if ((type != CKA_LABEL) && (attribute->attrib.ulValueLen == len) &&
- PORT_Memcmp(attribute->attrib.pValue,value,len) == 0) {
- pk11_FreeAttribute(attribute);
- return CKR_OK;
- }
-
- switch (object->objclass) {
- case CKO_CERTIFICATE:
- /* change NICKNAME, EMAIL, */
- crv = pk11_SetCertAttribute(to,type,value,len);
- break;
- case CKO_NETSCAPE_CRL:
- /* change URL */
- break;
- case CKO_NETSCAPE_TRUST:
- crv = pk11_SetTrustAttribute(to,type,value,len);
- break;
- case CKO_PRIVATE_KEY:
- case CKO_SECRET_KEY:
- crv = pk11_SetPrivateKeyAttribute(to,type,value,len);
- break;
- }
- pk11_FreeAttribute(attribute);
- return crv;
-}
-
-/*
- * force an attribute to a spaecif value.
- */
-CK_RV
-pk11_forceAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type, void *value,
- unsigned int len)
-{
- PK11Attribute *attribute;
- void *att_val = NULL;
- PRBool freeData = PR_FALSE;
-
- if (pk11_isToken(object->handle)) {
- return pk11_forceTokenAttribute(object,type,value,len);
- }
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) return pk11_AddAttributeType(object,type,value,len);
-
-
- if (value) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
- if (len <= ATTR_SPACE) {
- att_val = attribute->space;
- } else {
- att_val = PORT_Alloc(len);
- freeData = PR_TRUE;
- }
-#else
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- att_val = PORT_Alloc(len);
- freeData = PR_TRUE;
-#else
- att_val = PORT_ArenaAlloc(object->arena,len);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-#endif /* PKCS11_STATIC_ATTRIBUTES */
- if (att_val == NULL) {
- return CKR_HOST_MEMORY;
- }
- if (attribute->attrib.pValue == att_val) {
- PORT_Memset(attribute->attrib.pValue,0,
- attribute->attrib.ulValueLen);
- }
- PORT_Memcpy(att_val,value,len);
- }
- if (attribute->attrib.pValue != NULL) {
- if (attribute->attrib.pValue != att_val) {
- PORT_Memset(attribute->attrib.pValue,0,
- attribute->attrib.ulValueLen);
- }
- if (attribute->freeData) {
- PORT_Free(attribute->attrib.pValue);
- }
- attribute->freeData = PR_FALSE;
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- if (att_val) {
- attribute->attrib.pValue = att_val;
- attribute->attrib.ulValueLen = len;
- attribute->freeData = freeData;
- }
- pk11_FreeAttribute(attribute);
- return CKR_OK;
-}
-
-/*
- * return a null terminated string from attribute 'type'. This string
- * is allocated and needs to be freed with PORT_Free() When complete.
- */
-char *
-pk11_getString(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- char *label = NULL;
-
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) return NULL;
-
- if (attribute->attrib.pValue != NULL) {
- label = (char *) PORT_Alloc(attribute->attrib.ulValueLen+1);
- if (label == NULL) {
- pk11_FreeAttribute(attribute);
- return NULL;
- }
-
- PORT_Memcpy(label,attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- label[attribute->attrib.ulValueLen] = 0;
- }
- pk11_FreeAttribute(attribute);
- return label;
-}
-
-/*
- * decode when a particular attribute may be modified
- * PK11_NEVER: This attribute must be set at object creation time and
- * can never be modified.
- * PK11_ONCOPY: This attribute may be modified only when you copy the
- * object.
- * PK11_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
- * CK_FALSE to CK_TRUE.
- * PK11_ALWAYS: This attribute can always be modified.
- * Some attributes vary their modification type based on the class of the
- * object.
- */
-PK11ModifyType
-pk11_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
-{
- /* if we don't know about it, user user defined, always allow modify */
- PK11ModifyType mtype = PK11_ALWAYS;
-
- switch(type) {
- /* NEVER */
- case CKA_CLASS:
- case CKA_CERTIFICATE_TYPE:
- case CKA_KEY_TYPE:
- case CKA_MODULUS:
- case CKA_MODULUS_BITS:
- case CKA_PUBLIC_EXPONENT:
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME:
- case CKA_SUBPRIME:
- case CKA_BASE:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- case CKA_VALUE_LEN:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_NEVER_EXTRACTABLE:
- case CKA_NETSCAPE_DB:
- mtype = PK11_NEVER;
- break;
-
- /* ONCOPY */
- case CKA_TOKEN:
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- mtype = PK11_ONCOPY;
- break;
-
- /* SENSITIVE */
- case CKA_SENSITIVE:
- case CKA_EXTRACTABLE:
- mtype = PK11_SENSITIVE;
- break;
-
- /* ALWAYS */
- case CKA_LABEL:
- case CKA_APPLICATION:
- case CKA_ID:
- case CKA_SERIAL_NUMBER:
- case CKA_START_DATE:
- case CKA_END_DATE:
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_VERIFY:
- case CKA_SIGN_RECOVER:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- case CKA_UNWRAP:
- mtype = PK11_ALWAYS;
- break;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- mtype = (inClass == CKO_DATA) ? PK11_ALWAYS : PK11_NEVER;
- break;
-
- case CKA_SUBJECT:
- mtype = (inClass == CKO_CERTIFICATE) ? PK11_NEVER : PK11_ALWAYS;
- break;
- default:
- break;
- }
- return mtype;
-}
-
-/* decode if a particular attribute is sensitive (cannot be read
- * back to the user of if the object is set to SENSITIVE) */
-PRBool
-pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
-{
- switch(type) {
- /* ALWAYS */
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- return PR_TRUE;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- /* PRIVATE and SECRET KEYS have SENSITIVE values */
- return (PRBool)((inClass == CKO_PRIVATE_KEY) || (inClass == CKO_SECRET_KEY));
-
- default:
- break;
- }
- return PR_FALSE;
-}
-
-/*
- * copy an attribute into a SECItem. Secitem is allocated in the specified
- * arena.
- */
-CK_RV
-pk11_Attribute2SecItem(PLArenaPool *arena,SECItem *item,PK11Object *object,
- CK_ATTRIBUTE_TYPE type)
-{
- int len;
- PK11Attribute *attribute;
-
- attribute = pk11_FindAttribute(object, type);
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- len = attribute->attrib.ulValueLen;
-
- if (arena) {
- item->data = (unsigned char *) PORT_ArenaAlloc(arena,len);
- } else {
- item->data = (unsigned char *) PORT_Alloc(len);
- }
- if (item->data == NULL) {
- pk11_FreeAttribute(attribute);
- return CKR_HOST_MEMORY;
- }
- item->len = len;
- PORT_Memcpy(item->data,attribute->attrib.pValue, len);
- pk11_FreeAttribute(attribute);
- return CKR_OK;
-}
-
-void
-pk11_DeleteAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- attribute = pk11_FindAttribute(object, type);
- if (attribute == NULL) return ;
- pk11_DeleteAttribute(object,attribute);
- pk11_FreeAttribute(attribute);
-}
-
-CK_RV
-pk11_AddAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *valPtr,
- CK_ULONG length)
-{
- PK11Attribute *attribute;
- attribute = pk11_NewAttribute(object,type,valPtr,length);
- if (attribute == NULL) { return CKR_HOST_MEMORY; }
- pk11_AddAttribute(object,attribute);
- return CKR_OK;
-}
-
-/*
- * ******************** Object Utilities *******************************
- */
-
-static SECStatus
-pk11_deleteTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle)
-{
- SECItem *item;
- PRBool rem;
-
- item = (SECItem *)PL_HashTableLookup(slot->tokenHashTable, (void *)handle);
- rem = PL_HashTableRemove(slot->tokenHashTable,(void *)handle) ;
- if (rem && item) {
- SECITEM_FreeItem(item,PR_TRUE);
- }
- return rem ? SECSuccess : SECFailure;
-}
-
-static SECStatus
-pk11_addTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle, SECItem *key)
-{
- PLHashEntry *entry;
- SECItem *item;
-
- item = SECITEM_DupItem(key);
- if (item == NULL) {
- return SECFailure;
- }
- entry = PL_HashTableAdd(slot->tokenHashTable,(void *)handle,item);
- if (entry == NULL) {
- SECITEM_FreeItem(item,PR_TRUE);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECItem *
-pk11_lookupTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle)
-{
- return (SECItem *)PL_HashTableLookup(slot->tokenHashTable, (void *)handle);
-}
-
-/*
- * use the refLock. This operations should be very rare, so the added
- * contention on the ref lock should be lower than the overhead of adding
- * a new lock. We use separate functions for this just in case I'm wrong.
- */
-static void
-pk11_tokenKeyLock(PK11Slot *slot) {
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-}
-
-static void
-pk11_tokenKeyUnlock(PK11Slot *slot) {
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-}
-
-
-/* allocation hooks that allow us to recycle old object structures */
-static PK11ObjectFreeList sessionObjectList = { NULL, NULL, 0 };
-static PK11ObjectFreeList tokenObjectList = { NULL, NULL, 0 };
-
-PK11Object *
-pk11_GetObjectFromList(PRBool *hasLocks, PRBool optimizeSpace,
- PK11ObjectFreeList *list, unsigned int hashSize, PRBool isSessionObject)
-{
- PK11Object *object;
- int size = 0;
-
- if (!optimizeSpace) {
- if (list->lock == NULL) {
- list->lock = PZ_NewLock(nssILockObject);
- }
-
- PK11_USE_THREADS(PZ_Lock(list->lock));
- object = list->head;
- if (object) {
- list->head = object->next;
- list->count--;
- }
- PK11_USE_THREADS(PZ_Unlock(list->lock));
- if (object) {
- object->next = object->prev = NULL;
- *hasLocks = PR_TRUE;
- return object;
- }
- }
- size = isSessionObject ? sizeof(PK11SessionObject)
- + hashSize *sizeof(PK11Attribute *) : sizeof(PK11TokenObject);
-
- object = (PK11Object*)PORT_ZAlloc(size);
- if (isSessionObject) {
- ((PK11SessionObject *)object)->hashSize = hashSize;
- }
- *hasLocks = PR_FALSE;
- return object;
-}
-
-static void
-pk11_PutObjectToList(PK11Object *object, PK11ObjectFreeList *list,
- PRBool isSessionObject) {
-
- /* the code below is equivalent to :
- * optimizeSpace = isSessionObject ? object->optimizeSpace : PR_FALSE;
- * just faster.
- */
- PRBool optimizeSpace = isSessionObject &&
- ((PK11SessionObject *)object)->optimizeSpace;
- if (!optimizeSpace && (list->count < MAX_OBJECT_LIST_SIZE)) {
- if (list->lock == NULL) {
- list->lock = PZ_NewLock(nssILockObject);
- }
- PK11_USE_THREADS(PZ_Lock(list->lock));
- object->next = list->head;
- list->head = object;
- list->count++;
- PK11_USE_THREADS(PZ_Unlock(list->lock));
- return;
- }
- if (isSessionObject) {
- PK11SessionObject *so = (PK11SessionObject *)object;
- PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock);)
- so->attributeLock = NULL;
- }
- PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
- object->refLock = NULL;
- PORT_Free(object);
-}
-
-static PK11Object *
-pk11_freeObjectData(PK11Object *object) {
- PK11Object *next = object->next;
-
- PORT_Free(object);
- return next;
-}
-
-static void
-pk11_CleanupFreeList(PK11ObjectFreeList *list, PRBool isSessionList)
-{
- PK11Object *object;
-
- if (!list->lock) {
- return;
- }
- PK11_USE_THREADS(PZ_Lock(list->lock));
- for (object= list->head; object != NULL;
- object = pk11_freeObjectData(object)) {
-#ifdef PKCS11_USE_THREADS
- PZ_DestroyLock(object->refLock);
- if (isSessionList) {
- PZ_DestroyLock(((PK11SessionObject *)object)->attributeLock);
- }
-#endif
- }
- list->count = 0;
- list->head = NULL;
- PK11_USE_THREADS(PZ_Unlock(list->lock));
- PK11_USE_THREADS(PZ_DestroyLock(list->lock));
- list->lock = NULL;
-}
-
-void
-pk11_CleanupFreeLists(void)
-{
- pk11_CleanupFreeList(&sessionObjectList, PR_TRUE);
- pk11_CleanupFreeList(&tokenObjectList, PR_FALSE);
-}
-
-
-/*
- * Create a new object
- */
-PK11Object *
-pk11_NewObject(PK11Slot *slot)
-{
- PK11Object *object;
- PK11SessionObject *sessObject;
- PRBool hasLocks = PR_FALSE;
- unsigned int i;
- unsigned int hashSize = 0;
-
- hashSize = (slot->optimizeSpace) ? SPACE_ATTRIBUTE_HASH_SIZE :
- TIME_ATTRIBUTE_HASH_SIZE;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- object = pk11_GetObjectFromList(&hasLocks, slot->optimizeSpace,
- &sessionObjectList, hashSize, PR_TRUE);
- if (object == NULL) {
- return NULL;
- }
- sessObject = (PK11SessionObject *)object;
- sessObject->nextAttr = 0;
-
- for (i=0; i < MAX_OBJS_ATTRS; i++) {
- sessObject->attrList[i].attrib.pValue = NULL;
- sessObject->attrList[i].freeData = PR_FALSE;
- }
-#else
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048);
- if (arena == NULL) return NULL;
-
- object = (PK11Object*)PORT_ArenaAlloc(arena,sizeof(PK11SessionObject)
- +hashSize * sizeof(PK11Attribute *));
- if (object == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- object->arena = arena;
-
- sessObject = (PK11SessionObject *)object;
- sessObject->hashSize = hashSize;
-#endif
- sessObject->optimizeSpace = slot->optimizeSpace;
-
- object->handle = 0;
- object->next = object->prev = NULL;
- object->slot = slot;
- object->objclass = 0xffff;
- object->refCount = 1;
- sessObject->sessionList.next = NULL;
- sessObject->sessionList.prev = NULL;
- sessObject->sessionList.parent = object;
- sessObject->session = NULL;
- sessObject->wasDerived = PR_FALSE;
-#ifdef PKCS11_USE_THREADS
- if (!hasLocks) object->refLock = PZ_NewLock(nssILockRefLock);
- if (object->refLock == NULL) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
- PORT_Free(object);
-#else
- PORT_FreeArena(arena,PR_FALSE);
-#endif
- return NULL;
- }
- if (!hasLocks) sessObject->attributeLock = PZ_NewLock(nssILockAttribute);
- if (sessObject->attributeLock == NULL) {
- PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
-#ifdef PKCS11_STATIC_ATTRIBUTES
- PORT_Free(object);
-#else
- PORT_FreeArena(arena,PR_FALSE);
-#endif
- return NULL;
- }
-#else
- sessObject->attributeLock = NULL;
- object->refLock = NULL;
-#endif
- for (i=0; i < sessObject->hashSize; i++) {
- sessObject->head[i] = NULL;
- }
- object->objectInfo = NULL;
- object->infoFree = NULL;
- return object;
-}
-
-static CK_RV
-pk11_DestroySessionObjectData(PK11SessionObject *so)
-{
- int i;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- for (i=0; i < MAX_OBJS_ATTRS; i++) {
- unsigned char *value = so->attrList[i].attrib.pValue;
- if (value) {
- PORT_Memset(value,0,so->attrList[i].attrib.ulValueLen);
- if (so->attrList[i].freeData) {
- PORT_Free(value);
- }
- so->attrList[i].attrib.pValue = NULL;
- so->attrList[i].freeData = PR_FALSE;
- }
- }
-#endif
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- /* clean out the attributes */
- /* since no one is referencing us, it's safe to walk the chain
- * without a lock */
- for (i=0; i < so->hashSize; i++) {
- PK11Attribute *ap,*next;
- for (ap = so->head[i]; ap != NULL; ap = next) {
- next = ap->next;
- /* paranoia */
- ap->next = ap->prev = NULL;
- pk11_FreeAttribute(ap);
- }
- so->head[i] = NULL;
- }
-#endif
-/* PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock));*/
- return CKR_OK;
-}
-
-/*
- * free all the data associated with an object. Object reference count must
- * be 'zero'.
- */
-static CK_RV
-pk11_DestroyObject(PK11Object *object)
-{
- CK_RV crv = CKR_OK;
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
-
- PORT_Assert(object->refCount == 0);
-
- /* delete the database value */
- if (to) {
- if (to->dbKey.data) {
- PORT_Free(to->dbKey.data);
- to->dbKey.data = NULL;
- }
- }
- if (so) {
- pk11_DestroySessionObjectData(so);
- }
- if (object->objectInfo) {
- (*object->infoFree)(object->objectInfo);
- object->objectInfo = NULL;
- object->infoFree = NULL;
- }
-#ifdef PKCS11_STATIC_ATTRIBUTES
- if (so) {
- pk11_PutObjectToList(object,&sessionObjectList,PR_TRUE);
- } else {
- pk11_PutObjectToList(object,&tokenObjectList,PR_FALSE);
- }
-#else
- if (object->refLock) {
- PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
- }
- arena = object->arena;
- PORT_FreeArena(arena,PR_FALSE);
-#endif
- return crv;
-}
-
-void
-pk11_ReferenceObject(PK11Object *object)
-{
- PK11_USE_THREADS(PZ_Lock(object->refLock);)
- object->refCount++;
- PK11_USE_THREADS(PZ_Unlock(object->refLock);)
-}
-
-static PK11Object *
-pk11_ObjectFromHandleOnSlot(CK_OBJECT_HANDLE handle, PK11Slot *slot)
-{
- PK11Object **head;
- PZLock *lock;
- PK11Object *object;
-
- if (pk11_isToken(handle)) {
- return pk11_NewTokenObject(slot, NULL, handle);
- }
-
- head = slot->tokObjects;
- lock = slot->objectLock;
-
- PK11_USE_THREADS(PZ_Lock(lock);)
- pk11queue_find(object,handle,head,slot->tokObjHashSize);
- if (object) {
- pk11_ReferenceObject(object);
- }
- PK11_USE_THREADS(PZ_Unlock(lock);)
-
- return(object);
-}
-/*
- * look up and object structure from a handle. OBJECT_Handles only make
- * sense in terms of a given session. make a reference to that object
- * structure returned.
- */
-PK11Object *
-pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle, PK11Session *session)
-{
- PK11Slot *slot = pk11_SlotFromSession(session);
-
- return pk11_ObjectFromHandleOnSlot(handle,slot);
-}
-
-
-/*
- * release a reference to an object handle
- */
-PK11FreeStatus
-pk11_FreeObject(PK11Object *object)
-{
- PRBool destroy = PR_FALSE;
- CK_RV crv;
-
- PK11_USE_THREADS(PZ_Lock(object->refLock);)
- if (object->refCount == 1) destroy = PR_TRUE;
- object->refCount--;
- PK11_USE_THREADS(PZ_Unlock(object->refLock);)
-
- if (destroy) {
- crv = pk11_DestroyObject(object);
- if (crv != CKR_OK) {
- return PK11_DestroyFailure;
- }
- return PK11_Destroyed;
- }
- return PK11_Busy;
-}
-
-/*
- * add an object to a slot and session queue. These two functions
- * adopt the object.
- */
-void
-pk11_AddSlotObject(PK11Slot *slot, PK11Object *object)
-{
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- pk11queue_add(object,object->handle,slot->tokObjects,slot->tokObjHashSize);
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-}
-
-void
-pk11_AddObject(PK11Session *session, PK11Object *object)
-{
- PK11Slot *slot = pk11_SlotFromSession(session);
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
-
- if (so) {
- PK11_USE_THREADS(PZ_Lock(session->objectLock);)
- pk11queue_add(&so->sessionList,0,session->objects,0);
- so->session = session;
- PK11_USE_THREADS(PZ_Unlock(session->objectLock);)
- }
- pk11_AddSlotObject(slot,object);
- pk11_ReferenceObject(object);
-}
-
-/*
- * add an object to a slot andsession queue
- */
-CK_RV
-pk11_DeleteObject(PK11Session *session, PK11Object *object)
-{
- PK11Slot *slot = pk11_SlotFromSession(session);
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
- CK_RV crv = CKR_OK;
- SECStatus rv;
- NSSLOWCERTCertificate *cert;
- NSSLOWCERTCertTrust tmptrust;
- PRBool isKrl;
-
- /* Handle Token case */
- if (so && so->session) {
- PK11Session *session = so->session;
- PK11_USE_THREADS(PZ_Lock(session->objectLock);)
- pk11queue_delete(&so->sessionList,0,session->objects,0);
- PK11_USE_THREADS(PZ_Unlock(session->objectLock);)
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- pk11queue_delete(object,object->handle,slot->tokObjects,
- slot->tokObjHashSize);
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
- pk11_FreeObject(object); /* reduce it's reference count */
- } else {
- PORT_Assert(to);
- /* remove the objects from the real data base */
- switch (object->handle & PK11_TOKEN_TYPE_MASK) {
- case PK11_TOKEN_TYPE_PRIV:
- case PK11_TOKEN_TYPE_KEY:
- /* KEYID is the public KEY for DSA and DH, and the MODULUS for
- * RSA */
- PORT_Assert(slot->keyDB);
- rv = nsslowkey_DeleteKey(slot->keyDB, &to->dbKey);
- if (rv != SECSuccess) crv= CKR_DEVICE_ERROR;
- break;
- case PK11_TOKEN_TYPE_PUB:
- break; /* public keys only exist at the behest of the priv key */
- case PK11_TOKEN_TYPE_CERT:
- cert = nsslowcert_FindCertByKey(slot->certDB,&to->dbKey);
- if (cert == NULL) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- rv = nsslowcert_DeletePermCertificate(cert);
- if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
- nsslowcert_DestroyCertificate(cert);
- break;
- case PK11_TOKEN_TYPE_CRL:
- isKrl = (PRBool) (object->handle == PK11_TOKEN_KRL_HANDLE);
- rv = nsslowcert_DeletePermCRL(slot->certDB,&to->dbKey,isKrl);
- if (rv == SECFailure) crv = CKR_DEVICE_ERROR;
- break;
- case PK11_TOKEN_TYPE_TRUST:
- cert = nsslowcert_FindCertByKey(slot->certDB,&to->dbKey);
- if (cert == NULL) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- tmptrust = *cert->trust;
- tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS;
- tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS;
- tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS;
- tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN;
- tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN;
- tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN;
- rv = nsslowcert_ChangeCertTrust(slot->certDB,cert,&tmptrust);
- if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
- nsslowcert_DestroyCertificate(cert);
- break;
- default:
- break;
- }
- pk11_tokenKeyLock(object->slot);
- pk11_deleteTokenKeyByHandle(object->slot,object->handle);
- pk11_tokenKeyUnlock(object->slot);
- }
- return crv;
-}
-
-/*
- * copy the attributes from one object to another. Don't overwrite existing
- * attributes. NOTE: This is a pretty expensive operation since it
- * grabs the attribute locks for the src object for a *long* time.
- */
-CK_RV
-pk11_CopyObject(PK11Object *destObject,PK11Object *srcObject)
-{
- PK11Attribute *attribute;
- PK11SessionObject *src_so = pk11_narrowToSessionObject(srcObject);
- unsigned int i;
-
- if (src_so == NULL) {
- return CKR_DEVICE_ERROR; /* can't copy token objects yet */
- }
-
- PK11_USE_THREADS(PZ_Lock(src_so->attributeLock);)
- for(i=0; i < src_so->hashSize; i++) {
- attribute = src_so->head[i];
- do {
- if (attribute) {
- if (!pk11_hasAttribute(destObject,attribute->handle)) {
- /* we need to copy the attribute since each attribute
- * only has one set of link list pointers */
- PK11Attribute *newAttribute = pk11_NewAttribute(
- destObject,pk11_attr_expand(&attribute->attrib));
- if (newAttribute == NULL) {
- PK11_USE_THREADS(PZ_Unlock(src_so->attributeLock);)
- return CKR_HOST_MEMORY;
- }
- pk11_AddAttribute(destObject,newAttribute);
- }
- attribute=attribute->next;
- }
- } while (attribute != NULL);
- }
- PK11_USE_THREADS(PZ_Unlock(src_so->attributeLock);)
- return CKR_OK;
-}
-
-/*
- * ******************** Search Utilities *******************************
- */
-
-/* add an object to a search list */
-CK_RV
-AddToList(PK11ObjectListElement **list,PK11Object *object)
-{
- PK11ObjectListElement *newElem =
- (PK11ObjectListElement *)PORT_Alloc(sizeof(PK11ObjectListElement));
-
- if (newElem == NULL) return CKR_HOST_MEMORY;
-
- newElem->next = *list;
- newElem->object = object;
- pk11_ReferenceObject(object);
-
- *list = newElem;
- return CKR_OK;
-}
-
-
-/* return true if the object matches the template */
-PRBool
-pk11_objectMatch(PK11Object *object,CK_ATTRIBUTE_PTR theTemplate,int count)
-{
- int i;
-
- for (i=0; i < count; i++) {
- PK11Attribute *attribute = pk11_FindAttribute(object,theTemplate[i].type);
- if (attribute == NULL) {
- return PR_FALSE;
- }
- if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
- if (PORT_Memcmp(attribute->attrib.pValue,theTemplate[i].pValue,
- theTemplate[i].ulValueLen) == 0) {
- pk11_FreeAttribute(attribute);
- continue;
- }
- }
- pk11_FreeAttribute(attribute);
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-/* search through all the objects in the queue and return the template matches
- * in the object list.
- */
-CK_RV
-pk11_searchObjectList(PK11SearchResults *search,PK11Object **head,
- unsigned int size, PZLock *lock, CK_ATTRIBUTE_PTR theTemplate,
- int count, PRBool isLoggedIn)
-{
- unsigned int i;
- PK11Object *object;
- CK_RV crv = CKR_OK;
-
- for(i=0; i < size; i++) {
- /* We need to hold the lock to copy a consistant version of
- * the linked list. */
- PK11_USE_THREADS(PZ_Lock(lock);)
- for (object = head[i]; object != NULL; object= object->next) {
- if (pk11_objectMatch(object,theTemplate,count)) {
- /* don't return objects that aren't yet visible */
- if ((!isLoggedIn) && pk11_isTrue(object,CKA_PRIVATE)) continue;
- pk11_addHandle(search,object->handle);
- }
- }
- PK11_USE_THREADS(PZ_Unlock(lock);)
- }
- return crv;
-}
-
-/*
- * free a single list element. Return the Next object in the list.
- */
-PK11ObjectListElement *
-pk11_FreeObjectListElement(PK11ObjectListElement *objectList)
-{
- PK11ObjectListElement *ol = objectList->next;
-
- pk11_FreeObject(objectList->object);
- PORT_Free(objectList);
- return ol;
-}
-
-/* free an entire object list */
-void
-pk11_FreeObjectList(PK11ObjectListElement *objectList)
-{
- PK11ObjectListElement *ol;
-
- for (ol= objectList; ol != NULL; ol = pk11_FreeObjectListElement(ol)) {}
-}
-
-/*
- * free a search structure
- */
-void
-pk11_FreeSearch(PK11SearchResults *search)
-{
- if (search->handles) {
- PORT_Free(search->handles);
- }
- PORT_Free(search);
-}
-
-/*
- * ******************** Session Utilities *******************************
- */
-
-/* update the sessions state based in it's flags and wether or not it's
- * logged in */
-void
-pk11_update_state(PK11Slot *slot,PK11Session *session)
-{
- if (slot->isLoggedIn) {
- if (slot->ssoLoggedIn) {
- session->info.state = CKS_RW_SO_FUNCTIONS;
- } else if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_USER_FUNCTIONS;
- } else {
- session->info.state = CKS_RO_USER_FUNCTIONS;
- }
- } else {
- if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_PUBLIC_SESSION;
- } else {
- session->info.state = CKS_RO_PUBLIC_SESSION;
- }
- }
-}
-
-/* update the state of all the sessions on a slot */
-void
-pk11_update_all_states(PK11Slot *slot)
-{
- unsigned int i;
- PK11Session *session;
-
- for (i=0; i < slot->sessHashSize; i++) {
- PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,i));)
- for (session = slot->head[i]; session; session = session->next) {
- pk11_update_state(slot,session);
- }
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,i));)
- }
-}
-
-/*
- * context are cipher and digest contexts that are associated with a session
- */
-void
-pk11_FreeContext(PK11SessionContext *context)
-{
- if (context->cipherInfo) {
- (*context->destroy)(context->cipherInfo,PR_TRUE);
- }
- if (context->hashInfo) {
- (*context->hashdestroy)(context->hashInfo,PR_TRUE);
- }
- if (context->key) {
- pk11_FreeObject(context->key);
- context->key = NULL;
- }
- PORT_Free(context);
-}
-
-/*
- * create a new nession. NOTE: The session handle is not set, and the
- * session is not added to the slot's session queue.
- */
-PK11Session *
-pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify, CK_VOID_PTR pApplication,
- CK_FLAGS flags)
-{
- PK11Session *session;
- PK11Slot *slot = pk11_SlotFromID(slotID);
-
- if (slot == NULL) return NULL;
-
- session = (PK11Session*)PORT_Alloc(sizeof(PK11Session));
- if (session == NULL) return NULL;
-
- session->next = session->prev = NULL;
- session->refCount = 1;
- session->enc_context = NULL;
- session->hash_context = NULL;
- session->sign_context = NULL;
- session->search = NULL;
- session->objectIDCount = 1;
-#ifdef PKCS11_USE_THREADS
- session->objectLock = PZ_NewLock(nssILockObject);
- if (session->objectLock == NULL) {
- PORT_Free(session);
- return NULL;
- }
-#else
- session->objectLock = NULL;
-#endif
- session->objects[0] = NULL;
-
- session->slot = slot;
- session->notify = notify;
- session->appData = pApplication;
- session->info.flags = flags;
- session->info.slotID = slotID;
- session->info.ulDeviceError = 0;
- pk11_update_state(slot,session);
- return session;
-}
-
-
-/* free all the data associated with a session. */
-static void
-pk11_DestroySession(PK11Session *session)
-{
- PK11ObjectList *op,*next;
- PORT_Assert(session->refCount == 0);
-
- /* clean out the attributes */
- /* since no one is referencing us, it's safe to walk the chain
- * without a lock */
- for (op = session->objects[0]; op != NULL; op = next) {
- next = op->next;
- /* paranoia */
- op->next = op->prev = NULL;
- pk11_DeleteObject(session,op->parent);
- }
- PK11_USE_THREADS(PZ_DestroyLock(session->objectLock);)
- if (session->enc_context) {
- pk11_FreeContext(session->enc_context);
- }
- if (session->hash_context) {
- pk11_FreeContext(session->hash_context);
- }
- if (session->sign_context) {
- pk11_FreeContext(session->sign_context);
- }
- if (session->search) {
- pk11_FreeSearch(session->search);
- }
- PORT_Free(session);
-}
-
-
-/*
- * look up a session structure from a session handle
- * generate a reference to it.
- */
-PK11Session *
-pk11_SessionFromHandle(CK_SESSION_HANDLE handle)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(handle);
- PK11Session *session;
-
- PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,handle));)
- pk11queue_find(session,handle,slot->head,slot->sessHashSize);
- if (session) session->refCount++;
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,handle));)
-
- return (session);
-}
-
-/*
- * release a reference to a session handle
- */
-void
-pk11_FreeSession(PK11Session *session)
-{
- PRBool destroy = PR_FALSE;
- PK11_USE_THREADS(PK11Slot *slot = pk11_SlotFromSession(session);)
-
- PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,session->handle));)
- if (session->refCount == 1) destroy = PR_TRUE;
- session->refCount--;
- PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,session->handle));)
-
- if (destroy) pk11_DestroySession(session);
-}
-/*
- * handle Token Object stuff
- */
-static void
-pk11_XORHash(unsigned char *key, unsigned char *dbkey, int len)
-{
- int i;
-
- PORT_Memset(key, 0, 4);
-
- for (i=0; i < len-4; i += 4) {
- key[0] ^= dbkey[i];
- key[1] ^= dbkey[i+1];
- key[2] ^= dbkey[i+2];
- key[3] ^= dbkey[i+3];
- }
-}
-
-/* Make a token handle for an object and record it so we can find it again */
-CK_OBJECT_HANDLE
-pk11_mkHandle(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class)
-{
- unsigned char hashBuf[4];
- CK_OBJECT_HANDLE handle;
- SECItem *key;
-
- handle = class;
- /* there is only one KRL, use a fixed handle for it */
- if (handle != PK11_TOKEN_KRL_HANDLE) {
- pk11_XORHash(hashBuf,dbKey->data,dbKey->len);
- handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) |
- (hashBuf[2] << 8) | hashBuf[3];
- handle = PK11_TOKEN_MAGIC | class |
- (handle & ~(PK11_TOKEN_TYPE_MASK|PK11_TOKEN_MASK));
- /* we have a CRL who's handle has randomly matched the reserved KRL
- * handle, increment it */
- if (handle == PK11_TOKEN_KRL_HANDLE) {
- handle++;
- }
- }
-
- pk11_tokenKeyLock(slot);
- while ((key = pk11_lookupTokenKeyByHandle(slot,handle)) != NULL) {
- if (SECITEM_ItemsAreEqual(key,dbKey)) {
- pk11_tokenKeyUnlock(slot);
- return handle;
- }
- handle++;
- }
- pk11_addTokenKeyByHandle(slot,handle,dbKey);
- pk11_tokenKeyUnlock(slot);
- return handle;
-}
-
-PRBool
-pk11_poisonHandle(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class)
-{
- unsigned char hashBuf[4];
- CK_OBJECT_HANDLE handle;
- SECItem *key;
-
- handle = class;
- /* there is only one KRL, use a fixed handle for it */
- if (handle != PK11_TOKEN_KRL_HANDLE) {
- pk11_XORHash(hashBuf,dbKey->data,dbKey->len);
- handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) |
- (hashBuf[2] << 8) | hashBuf[3];
- handle = PK11_TOKEN_MAGIC | class |
- (handle & ~(PK11_TOKEN_TYPE_MASK|PK11_TOKEN_MASK));
- /* we have a CRL who's handle has randomly matched the reserved KRL
- * handle, increment it */
- if (handle == PK11_TOKEN_KRL_HANDLE) {
- handle++;
- }
- }
- pk11_tokenKeyLock(slot);
- while ((key = pk11_lookupTokenKeyByHandle(slot,handle)) != NULL) {
- if (SECITEM_ItemsAreEqual(key,dbKey)) {
- key->data[0] ^= 0x80;
- pk11_tokenKeyUnlock(slot);
- return PR_TRUE;
- }
- handle++;
- }
- pk11_tokenKeyUnlock(slot);
- return PR_FALSE;
-}
-
-void
-pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle)
-{
- if (search->handles == NULL) {
- return;
- }
- if (search->size >= search->array_size) {
- search->array_size += NSC_SEARCH_BLOCK_SIZE;
- search->handles = (CK_OBJECT_HANDLE *) PORT_Realloc(search->handles,
- sizeof(CK_OBJECT_HANDLE)* search->array_size);
- if (search->handles == NULL) {
- return;
- }
- }
- search->handles[search->size] = handle;
- search->size++;
-}
-
-static const CK_OBJECT_HANDLE pk11_classArray[] = {
- 0, CKO_PRIVATE_KEY, CKO_PUBLIC_KEY, CKO_SECRET_KEY,
- CKO_NETSCAPE_TRUST, CKO_NETSCAPE_CRL, CKO_NETSCAPE_SMIME,
- CKO_CERTIFICATE };
-
-#define handleToClass(handle) \
- pk11_classArray[((handle & PK11_TOKEN_TYPE_MASK))>>28]
-
-PK11Object *
-pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE handle)
-{
- PK11Object *object = NULL;
- PK11TokenObject *tokObject = NULL;
- PRBool hasLocks = PR_FALSE;
- SECStatus rv;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- object = pk11_GetObjectFromList(&hasLocks, PR_FALSE, &tokenObjectList, 0,
- PR_FALSE);
- if (object == NULL) {
- return NULL;
- }
-#else
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048);
- if (arena == NULL) return NULL;
-
- object = (PK11Object*)PORT_ArenaZAlloc(arena,sizeof(PK11TokenObject));
- if (object == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- object->arena = arena;
-#endif
- tokObject = (PK11TokenObject *) object;
-
- object->objclass = handleToClass(handle);
- object->handle = handle;
- object->slot = slot;
- object->objectInfo = NULL;
- object->infoFree = NULL;
- if (dbKey == NULL) {
- pk11_tokenKeyLock(slot);
- dbKey = pk11_lookupTokenKeyByHandle(slot,handle);
- if (dbKey == NULL) {
- pk11_tokenKeyUnlock(slot);
- goto loser;
- }
- rv = SECITEM_CopyItem(NULL,&tokObject->dbKey,dbKey);
- pk11_tokenKeyUnlock(slot);
- } else {
- rv = SECITEM_CopyItem(NULL,&tokObject->dbKey,dbKey);
- }
- if (rv != SECSuccess) {
- goto loser;
- }
-#ifdef PKCS11_USE_THREADS
- if (!hasLocks) {
- object->refLock = PZ_NewLock(nssILockRefLock);
- }
- if (object->refLock == NULL) {
- goto loser;
- }
-#endif
- object->refCount = 1;
-
- return object;
-loser:
- if (object) {
- (void) pk11_DestroyObject(object);
- }
- return NULL;
-
-}
-
-PRBool
-pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
- CK_ATTRIBUTE_PTR theTemplate,int count)
-{
- PK11Object *object;
- PRBool ret;
-
- object = pk11_NewTokenObject(slot,dbKey,PK11_TOKEN_MASK|class);
- if (object == NULL) {
- return PR_FALSE;
- }
-
- ret = pk11_objectMatch(object,theTemplate,count);
- pk11_FreeObject(object);
- return ret;
-}
-
-PK11TokenObject *
-pk11_convertSessionToToken(PK11Object *obj)
-{
- SECItem *key;
- PK11SessionObject *so = (PK11SessionObject *)obj;
- PK11TokenObject *to = pk11_narrowToTokenObject(obj);
- SECStatus rv;
-
- pk11_DestroySessionObjectData(so);
- PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock));
- if (to == NULL) {
- return NULL;
- }
- pk11_tokenKeyLock(so->obj.slot);
- key = pk11_lookupTokenKeyByHandle(so->obj.slot,so->obj.handle);
- if (key == NULL) {
- pk11_tokenKeyUnlock(so->obj.slot);
- return NULL;
- }
- rv = SECITEM_CopyItem(NULL,&to->dbKey,key);
- pk11_tokenKeyUnlock(so->obj.slot);
- if (rv == SECFailure) {
- return NULL;
- }
-
- return to;
-
-}
-
-PK11SessionObject *
-pk11_narrowToSessionObject(PK11Object *obj)
-{
- return !pk11_isToken(obj->handle) ? (PK11SessionObject *)obj : NULL;
-}
-
-PK11TokenObject *
-pk11_narrowToTokenObject(PK11Object *obj)
-{
- return pk11_isToken(obj->handle) ? (PK11TokenObject *)obj : NULL;
-}
-
diff --git a/security/nss/lib/softoken/pkcs11u.h b/security/nss/lib/softoken/pkcs11u.h
deleted file mode 100644
index 777eda4d4..000000000
--- a/security/nss/lib/softoken/pkcs11u.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/*
- * reset any packing set by pkcs11p.h
- */
-
-#if defined (_WIN32)
-#ifdef _MSC_VER
-#pragma warning(disable:4103)
-#endif
-#pragma pack(pop, cryptoki)
-#endif
-
diff --git a/security/nss/lib/softoken/rawhash.c b/security/nss/lib/softoken/rawhash.c
deleted file mode 100644
index b32d3f31a..000000000
--- a/security/nss/lib/softoken/rawhash.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "sechash.h"
-#include "blapi.h" /* below the line */
-
-
-static void *
-null_hash_new_context(void)
-{
- return NULL;
-}
-
-static void *
-null_hash_clone_context(void *v)
-{
- PORT_Assert(v == NULL);
- return NULL;
-}
-
-static void
-null_hash_begin(void *v)
-{
-}
-
-static void
-null_hash_update(void *v, const unsigned char *input, unsigned int length)
-{
-}
-
-static void
-null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
- unsigned int maxOut)
-{
- *outLen = 0;
-}
-
-static void
-null_hash_destroy_context(void *v, PRBool b)
-{
- PORT_Assert(v == NULL);
-}
-
-
-const SECHashObject SECRawHashObjects[] = {
- { 0,
- (void * (*)(void)) null_hash_new_context,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) null_hash_destroy_context,
- (void (*)(void *)) null_hash_begin,
- (void (*)(void *, const unsigned char *, unsigned int)) null_hash_update,
- (void (*)(void *, unsigned char *, unsigned int *,
- unsigned int)) null_hash_end
- },
- { MD2_LENGTH,
- (void * (*)(void)) MD2_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) MD2_DestroyContext,
- (void (*)(void *)) MD2_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) MD2_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) MD2_End
- },
- { MD5_LENGTH,
- (void * (*)(void)) MD5_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) MD5_DestroyContext,
- (void (*)(void *)) MD5_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) MD5_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) MD5_End
- },
- { SHA1_LENGTH,
- (void * (*)(void)) SHA1_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) SHA1_DestroyContext,
- (void (*)(void *)) SHA1_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) SHA1_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) SHA1_End
- },
- { SHA256_LENGTH,
- (void * (*)(void)) SHA256_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) SHA256_DestroyContext,
- (void (*)(void *)) SHA256_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) SHA256_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) SHA256_End
- },
- { SHA384_LENGTH,
- (void * (*)(void)) SHA384_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) SHA384_DestroyContext,
- (void (*)(void *)) SHA384_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) SHA384_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) SHA384_End
- },
- { SHA512_LENGTH,
- (void * (*)(void)) SHA512_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) SHA512_DestroyContext,
- (void (*)(void *)) SHA512_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) SHA512_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) SHA512_End
- },
-};
-
diff --git a/security/nss/lib/softoken/rsawrapr.c b/security/nss/lib/softoken/rsawrapr.c
deleted file mode 100644
index b17d4fc8e..000000000
--- a/security/nss/lib/softoken/rsawrapr.c
+++ /dev/null
@@ -1,865 +0,0 @@
-/*
- * PKCS#1 encoding and decoding functions.
- * This file is believed to contain no code licensed from other parties.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "blapi.h"
-#include "softoken.h"
-#include "sechash.h"
-
-#include "lowkeyi.h"
-#include "secerr.h"
-
-#define RSA_BLOCK_MIN_PAD_LEN 8
-#define RSA_BLOCK_FIRST_OCTET 0x00
-#define RSA_BLOCK_PRIVATE0_PAD_OCTET 0x00
-#define RSA_BLOCK_PRIVATE_PAD_OCTET 0xff
-#define RSA_BLOCK_AFTER_PAD_OCTET 0x00
-
-#define OAEP_SALT_LEN 8
-#define OAEP_PAD_LEN 8
-#define OAEP_PAD_OCTET 0x00
-
-#define FLAT_BUFSIZE 512 /* bytes to hold flattened SHA1Context. */
-
-static SHA1Context *
-SHA1_CloneContext(SHA1Context *original)
-{
- SHA1Context * clone = NULL;
- unsigned char *pBuf;
- int sha1ContextSize = SHA1_FlattenSize(original);
- SECStatus frv;
- unsigned char buf[FLAT_BUFSIZE];
-
- PORT_Assert(sizeof buf >= sha1ContextSize);
- if (sizeof buf >= sha1ContextSize) {
- pBuf = buf;
- } else {
- pBuf = PORT_Alloc(sha1ContextSize);
- if (!pBuf)
- goto done;
- }
-
- frv = SHA1_Flatten(original, pBuf);
- if (frv == SECSuccess) {
- clone = SHA1_Resurrect(pBuf, NULL);
- memset(pBuf, 0, sha1ContextSize);
- }
-done:
- if (pBuf != buf)
- PORT_Free(pBuf);
- return clone;
-}
-
-/*
- * Modify data by XORing it with a special hash of salt.
- */
-static SECStatus
-oaep_xor_with_h1(unsigned char *data, unsigned int datalen,
- unsigned char *salt, unsigned int saltlen)
-{
- SHA1Context *sha1cx;
- unsigned char *dp, *dataend;
- unsigned char end_octet;
-
- sha1cx = SHA1_NewContext();
- if (sha1cx == NULL) {
- return SECFailure;
- }
-
- /*
- * Get a hash of salt started; we will use it several times,
- * adding in a different end octet (x00, x01, x02, ...).
- */
- SHA1_Begin (sha1cx);
- SHA1_Update (sha1cx, salt, saltlen);
- end_octet = 0;
-
- dp = data;
- dataend = data + datalen;
-
- while (dp < dataend) {
- SHA1Context *sha1cx_h1;
- unsigned int sha1len, sha1off;
- unsigned char sha1[SHA1_LENGTH];
-
- /*
- * Create hash of (salt || end_octet)
- */
- sha1cx_h1 = SHA1_CloneContext (sha1cx);
- SHA1_Update (sha1cx_h1, &end_octet, 1);
- SHA1_End (sha1cx_h1, sha1, &sha1len, sizeof(sha1));
- SHA1_DestroyContext (sha1cx_h1, PR_TRUE);
- PORT_Assert (sha1len == SHA1_LENGTH);
-
- /*
- * XOR that hash with the data.
- * When we have fewer than SHA1_LENGTH octets of data
- * left to xor, use just the low-order ones of the hash.
- */
- sha1off = 0;
- if ((dataend - dp) < SHA1_LENGTH)
- sha1off = SHA1_LENGTH - (dataend - dp);
- while (sha1off < SHA1_LENGTH)
- *dp++ ^= sha1[sha1off++];
-
- /*
- * Bump for next hash chunk.
- */
- end_octet++;
- }
-
- return SECSuccess;
-}
-
-/*
- * Modify salt by XORing it with a special hash of data.
- */
-static SECStatus
-oaep_xor_with_h2(unsigned char *salt, unsigned int saltlen,
- unsigned char *data, unsigned int datalen)
-{
- unsigned char sha1[SHA1_LENGTH];
- unsigned char *psalt, *psha1, *saltend;
- SECStatus rv;
-
- /*
- * Create a hash of data.
- */
- rv = SHA1_HashBuf (sha1, data, datalen);
- if (rv != SECSuccess) {
- return rv;
- }
-
- /*
- * XOR the low-order octets of that hash with salt.
- */
- PORT_Assert (saltlen <= SHA1_LENGTH);
- saltend = salt + saltlen;
- psalt = salt;
- psha1 = sha1 + SHA1_LENGTH - saltlen;
- while (psalt < saltend) {
- *psalt++ ^= *psha1++;
- }
-
- return SECSuccess;
-}
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1.
- */
-static unsigned char *
-rsa_FormatOneBlock(unsigned modulusLen, RSA_BlockType blockType,
- SECItem *data)
-{
- unsigned char *block;
- unsigned char *bp;
- int padLen;
- int i;
-
- block = (unsigned char *) PORT_Alloc(modulusLen);
- if (block == NULL)
- return NULL;
-
- bp = block;
-
- /*
- * All RSA blocks start with two octets:
- * 0x00 || BlockType
- */
- *bp++ = RSA_BLOCK_FIRST_OCTET;
- *bp++ = (unsigned char) blockType;
-
- switch (blockType) {
-
- /*
- * Blocks intended for private-key operation.
- */
- case RSA_BlockPrivate0: /* essentially unused */
- case RSA_BlockPrivate: /* preferred method */
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
- * Pad is either all 0x00 or all 0xff bytes, depending on blockType.
- */
- padLen = modulusLen - data->len - 3;
- PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
- PORT_Memset (bp,
- blockType == RSA_BlockPrivate0
- ? RSA_BLOCK_PRIVATE0_PAD_OCTET
- : RSA_BLOCK_PRIVATE_PAD_OCTET,
- padLen);
- bp += padLen;
- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
- PORT_Memcpy (bp, data->data, data->len);
- break;
-
- /*
- * Blocks intended for public-key operation.
- */
- case RSA_BlockPublic:
-
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
- * Pad is all non-zero random bytes.
- */
- padLen = modulusLen - data->len - 3;
- PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
- for (i = 0; i < padLen; i++) {
- /* Pad with non-zero random data. */
- do {
- RNG_GenerateGlobalRandomBytes(bp + i, 1);
- } while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET);
- }
- bp += padLen;
- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
- PORT_Memcpy (bp, data->data, data->len);
-
- break;
-
- /*
- * Blocks intended for public-key operation, using
- * Optimal Asymmetric Encryption Padding (OAEP).
- */
- case RSA_BlockOAEP:
- /*
- * 0x00 || BT || Modified2(Salt) || Modified1(PaddedData)
- * 1 1 OAEP_SALT_LEN OAEP_PAD_LEN + data->len [+ N]
- *
- * where:
- * PaddedData is "Pad1 || ActualData [|| Pad2]"
- * Salt is random data.
- * Pad1 is all zeros.
- * Pad2, if present, is random data.
- * (The "modified" fields are all the same length as the original
- * unmodified values; they are just xor'd with other values.)
- *
- * Modified1 is an XOR of PaddedData with a special octet
- * string constructed of iterated hashing of Salt (see below).
- * Modified2 is an XOR of Salt with the low-order octets of
- * the hash of Modified1 (see farther below ;-).
- *
- * Whew!
- */
-
-
- /*
- * Salt
- */
- RNG_GenerateGlobalRandomBytes(bp, OAEP_SALT_LEN);
- bp += OAEP_SALT_LEN;
-
- /*
- * Pad1
- */
- PORT_Memset (bp, OAEP_PAD_OCTET, OAEP_PAD_LEN);
- bp += OAEP_PAD_LEN;
-
- /*
- * Data
- */
- PORT_Memcpy (bp, data->data, data->len);
- bp += data->len;
-
- /*
- * Pad2
- */
- if (bp < (block + modulusLen))
- RNG_GenerateGlobalRandomBytes(bp, block - bp + modulusLen);
-
- /*
- * Now we have the following:
- * 0x00 || BT || Salt || PaddedData
- * (From this point on, "Pad1 || Data [|| Pad2]" is treated
- * as the one entity PaddedData.)
- *
- * We need to turn PaddedData into Modified1.
- */
- if (oaep_xor_with_h1(block + 2 + OAEP_SALT_LEN,
- modulusLen - 2 - OAEP_SALT_LEN,
- block + 2, OAEP_SALT_LEN) != SECSuccess) {
- PORT_Free (block);
- return NULL;
- }
-
- /*
- * Now we have:
- * 0x00 || BT || Salt || Modified1(PaddedData)
- *
- * The remaining task is to turn Salt into Modified2.
- */
- if (oaep_xor_with_h2(block + 2, OAEP_SALT_LEN,
- block + 2 + OAEP_SALT_LEN,
- modulusLen - 2 - OAEP_SALT_LEN) != SECSuccess) {
- PORT_Free (block);
- return NULL;
- }
-
- break;
-
- default:
- PORT_Assert (0);
- PORT_Free (block);
- return NULL;
- }
-
- return block;
-}
-
-static SECStatus
-rsa_FormatBlock(SECItem *result, unsigned modulusLen,
- RSA_BlockType blockType, SECItem *data)
-{
- /*
- * XXX For now assume that the data length fits in a single
- * XXX encryption block; the ASSERTs below force this.
- * XXX To fix it, each case will have to loop over chunks whose
- * XXX lengths satisfy the assertions, until all data is handled.
- * XXX (Unless RSA has more to say about how to handle data
- * XXX which does not fit in a single encryption block?)
- * XXX And I do not know what the result is supposed to be,
- * XXX so the interface to this function may need to change
- * XXX to allow for returning multiple blocks, if they are
- * XXX not wanted simply concatenated one after the other.
- */
-
- switch (blockType) {
- case RSA_BlockPrivate0:
- case RSA_BlockPrivate:
- case RSA_BlockPublic:
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- *
- * The "3" below is the first octet + the second octet + the 0x00
- * octet that always comes just before the ActualData.
- */
- PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
-
- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
- if (result->data == NULL) {
- result->len = 0;
- return SECFailure;
- }
- result->len = modulusLen;
-
- break;
-
- case RSA_BlockOAEP:
- /*
- * 0x00 || BT || M1(Salt) || M2(Pad1||ActualData[||Pad2])
- *
- * The "2" below is the first octet + the second octet.
- * (The other fields do not contain the clear values, but are
- * the same length as the clear values.)
- */
- PORT_Assert (data->len <= (modulusLen - (2 + OAEP_SALT_LEN
- + OAEP_PAD_LEN)));
-
- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
- if (result->data == NULL) {
- result->len = 0;
- return SECFailure;
- }
- result->len = modulusLen;
-
- break;
-
- case RSA_BlockRaw:
- /*
- * Pad || ActualData
- * Pad is zeros. The application is responsible for recovering
- * the actual data.
- */
- result->data = (unsigned char*)PORT_ZAlloc(modulusLen);
- result->len = modulusLen;
- PORT_Memcpy(result->data+(modulusLen-data->len),data->data,data->len);
- break;
-
- default:
- PORT_Assert (0);
- result->data = NULL;
- result->len = 0;
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_Sign(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int maxOutputLen,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv = SECSuccess;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- if (maxOutputLen < modulus_len)
- return SECFailure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- return SECFailure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPrivate,
- &unformatted);
- if (rv != SECSuccess)
- goto done;
-
- rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
- *output_len = modulus_len;
-
- goto done;
-
-done:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSign(NSSLOWKEYPublicKey *key,
- unsigned char * sign,
- unsigned int sign_len,
- unsigned char * hash,
- unsigned int hash_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- unsigned int i;
- unsigned char * buffer;
-
- modulus_len = nsslowkey_PublicModulusLen(key);
- if (sign_len != modulus_len)
- goto failure;
- if (hash_len > modulus_len - 8)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * check the padding that was used
- */
- if (buffer[0] != 0 || buffer[1] != 1)
- goto loser;
- for (i = 2; i < modulus_len - hash_len - 1; i++) {
- if (buffer[i] == 0)
- break;
- if (buffer[i] != 0xff)
- goto loser;
- }
-
- /*
- * make sure we get the same results
- */
- if (PORT_Memcmp(buffer + modulus_len - hash_len, hash, hash_len) != 0)
- goto loser;
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecover(NSSLOWKEYPublicKey *key,
- unsigned char * data,
- unsigned int * data_len,
- unsigned int max_output_len,
- unsigned char * sign,
- unsigned int sign_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- unsigned int i;
- unsigned char * buffer;
-
- if (sign_len != modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
- if (rv != SECSuccess)
- goto loser;
- *data_len = 0;
-
- /*
- * check the padding that was used
- */
- if (buffer[0] != 0 || buffer[1] != 1)
- goto loser;
- for (i = 2; i < modulus_len; i++) {
- if (buffer[i] == 0) {
- *data_len = modulus_len - i - 1;
- break;
- }
- if (buffer[i] != 0xff)
- goto loser;
- }
- if (*data_len == 0)
- goto loser;
- if (*data_len > max_output_len)
- goto loser;
-
- /*
- * make sure we get the same results
- */
- PORT_Memcpy(data,buffer + modulus_len - *data_len, *data_len);
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptBlock(NSSLOWKEYPublicKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- formatted.data = NULL;
- if (max_output_len < modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPublic,
- &unformatted);
- if (rv != SECSuccess)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
- if (rv != SECSuccess)
- goto failure;
-
- PORT_ZFree(formatted.data, modulus_len);
- *output_len = modulus_len;
- return SECSuccess;
-
-failure:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptBlock(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
- unsigned int i;
- unsigned char * buffer;
-
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
- if (input_len != modulus_len)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PrivateKeyOp(&key->u.rsa, buffer, input);
- if (rv != SECSuccess)
- goto loser;
-
- if (buffer[0] != 0 || buffer[1] != 2)
- goto loser;
- *output_len = 0;
- for (i = 2; i < modulus_len; i++) {
- if (buffer[i] == 0) {
- *output_len = modulus_len - i - 1;
- break;
- }
- }
- if (*output_len == 0)
- goto loser;
- if (*output_len > max_output_len)
- goto loser;
-
- PORT_Memcpy(output, buffer + modulus_len - *output_len, *output_len);
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-/*
- * added to make pkcs #11 happy
- * RAW is RSA_X_509
- */
-SECStatus
-RSA_SignRaw(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int maxOutputLen,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv = SECSuccess;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- if (maxOutputLen < modulus_len)
- return SECFailure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- return SECFailure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
- if (rv != SECSuccess)
- goto done;
-
- rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
- *output_len = modulus_len;
-
-done:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRaw(NSSLOWKEYPublicKey *key,
- unsigned char * sign,
- unsigned int sign_len,
- unsigned char * hash,
- unsigned int hash_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- unsigned char * buffer;
-
- if (sign_len != modulus_len)
- goto failure;
- if (hash_len > modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * make sure we get the same results
- */
- /* NOTE: should we verify the leading zeros? */
- if (PORT_Memcmp(buffer + (modulus_len-hash_len), hash, hash_len) != 0)
- goto loser;
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecoverRaw(NSSLOWKEYPublicKey *key,
- unsigned char * data,
- unsigned int * data_len,
- unsigned int max_output_len,
- unsigned char * sign,
- unsigned int sign_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
-
- if (sign_len != modulus_len)
- goto failure;
- if (max_output_len < modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, data, sign);
- if (rv != SECSuccess)
- goto failure;
-
- *data_len = modulus_len;
- return SECSuccess;
-
-failure:
- return SECFailure;
-}
-
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptRaw(NSSLOWKEYPublicKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- formatted.data = NULL;
- if (max_output_len < modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
- if (rv != SECSuccess)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
- if (rv != SECSuccess)
- goto failure;
-
- PORT_ZFree(formatted.data, modulus_len);
- *output_len = modulus_len;
- return SECSuccess;
-
-failure:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptRaw(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
-
- if (modulus_len <= 0)
- goto failure;
- if (modulus_len > max_output_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
- if (input_len != modulus_len)
- goto failure;
-
- rv = RSA_PrivateKeyOp(&key->u.rsa, output, input);
- if (rv != SECSuccess)
- goto failure;
-
- *output_len = modulus_len;
- return SECSuccess;
-
-failure:
- return SECFailure;
-}
diff --git a/security/nss/lib/softoken/softkver.c b/security/nss/lib/softoken/softkver.c
deleted file mode 100644
index e833664a1..000000000
--- a/security/nss/lib/softoken/softkver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2002 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_softokn_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_softokn_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/softoken/softoken.h b/security/nss/lib/softoken/softoken.h
deleted file mode 100644
index f9fb06222..000000000
--- a/security/nss/lib/softoken/softoken.h
+++ /dev/null
@@ -1,157 +0,0 @@
-/*
- * softoken.h - private data structures and prototypes for the softoken lib
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SOFTOKEN_H_
-#define _SOFTOKEN_H_
-
-#include "blapi.h"
-#include "lowkeyti.h"
-#include "softoknt.h"
-#include "secoidt.h"
-
-#include "pkcs11t.h" /* CK_RV Required for pk11_fipsPowerUpSelfTest(). */
-
-SEC_BEGIN_PROTOS
-
-/*
-** RSA encryption/decryption. When encrypting/decrypting the output
-** buffer must be at least the size of the public key modulus.
-*/
-
-/*
-** Format some data into a PKCS#1 encryption block, preparing the
-** data for RSA encryption.
-** "result" where the formatted block is stored (memory is allocated)
-** "modulusLen" the size of the formatted block
-** "blockType" what block type to use (SEC_RSABlock*)
-** "data" the data to format
-*/
-extern SECStatus RSA_FormatBlock(SECItem *result,
- unsigned int modulusLen,
- RSA_BlockType blockType,
- SECItem *data);
-/*
-** Similar, but just returns a pointer to the allocated memory, *and*
-** will *only* format one block, even if we (in the future) modify
-** RSA_FormatBlock() to loop over multiples of modulusLen.
-*/
-extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen,
- RSA_BlockType blockType,
- SECItem *data);
-
-
-
-/*
- * convenience wrappers for doing single RSA operations. They create the
- * RSA context internally and take care of the formatting
- * requirements. Blinding happens automagically within RSA_SignHash and
- * RSA_DecryptBlock.
- */
-extern
-SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign,
- unsigned int signLength, unsigned char *hash,
- unsigned int hashLength);
-extern
-SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
- unsigned int *data_len,unsigned int max_output_len,
- unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptBlock(NSSLOWKEYPublicKey *key, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen);
-
-/*
- * added to make pkcs #11 happy
- * RAW is RSA_X_509
- */
-extern
-SECStatus RSA_SignRaw( NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *output_len, unsigned int maxOutputLen,
- unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_CheckSignRaw( NSSLOWKEYPublicKey *key, unsigned char *sign,
- unsigned int sign_len, unsigned char *hash,
- unsigned int hash_len);
-extern
-SECStatus RSA_CheckSignRecoverRaw( NSSLOWKEYPublicKey *key, unsigned char *data,
- unsigned int *data_len, unsigned int max_output_len,
- unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptRaw( NSSLOWKEYPublicKey *key, unsigned char *output,
- unsigned int *output_len,
- unsigned int max_output_len,
- unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *output_len,
- unsigned int max_output_len,
- unsigned char *input, unsigned int input_len);
-
-/*
-** Prepare a buffer for DES encryption, growing to the appropriate boundary,
-** filling with the appropriate padding.
-** We add from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
-** The extra bytes contain the value of the length of the padding:
-** if we have 2 bytes of padding, then the padding is "0x02, 0x02".
-**
-** NOTE: If arena is non-NULL, we re-allocate from there, otherwise
-** we assume (and use) PR memory (re)allocation.
-** Maybe this belongs in util?
-*/
-extern unsigned char * DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf,
- unsigned int inlen, unsigned int *outlen);
-
-
-/****************************************/
-/*
-** Power-Up selftests required for FIPS and invoked only
-** under PKCS #11 FIPS mode.
-*/
-extern CK_RV pk11_fipsPowerUpSelfTest( void );
-
-
-SEC_END_PROTOS
-
-#endif /* _SOFTOKEN_H_ */
diff --git a/security/nss/lib/softoken/softokn.def b/security/nss/lib/softoken/softokn.def
deleted file mode 100644
index d851aa34d..000000000
--- a/security/nss/lib/softoken/softokn.def
+++ /dev/null
@@ -1,57 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+# Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-LIBRARY softokn3 ;-
-EXPORTS ;-
-C_GetFunctionList; Make this function like a real PKCS #11 module as well
-FC_GetFunctionList;
-NSC_GetFunctionList;
-NSC_ModuleDBFunc;
-;+ local:
-;+ *;
-;+};
diff --git a/security/nss/lib/softoken/softokn.rc b/security/nss/lib/softoken/softokn.rc
deleted file mode 100644
index 087a5d26b..000000000
--- a/security/nss/lib/softoken/softokn.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "softokn"
-#define MY_FILEDESCRIPTION "NSS PKCS #11 Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/softoken/softoknt.h b/security/nss/lib/softoken/softoknt.h
deleted file mode 100644
index da66c9042..000000000
--- a/security/nss/lib/softoken/softoknt.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * softoknt.h - public data structures for the software token library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SOFTOKNT_H_
-#define _SOFTOKNT_H_
-
-/*
- * RSA block types
- *
- * The actual values are important -- they are fixed, *not* arbitrary.
- * The explicit value assignments are not needed (because C would give
- * us those same values anyway) but are included as a reminder...
- */
-typedef enum {
- RSA_BlockPrivate0 = 0, /* unused, really */
- RSA_BlockPrivate = 1, /* pad for a private-key operation */
- RSA_BlockPublic = 2, /* pad for a public-key operation */
- RSA_BlockOAEP = 3, /* use OAEP padding */
- /* XXX is this only for a public-key
- operation? If so, add "Public" */
- RSA_BlockRaw = 4, /* simply justify the block appropriately */
- RSA_BlockTotal
-} RSA_BlockType;
-
-#define NSS_SOFTOKEN_DEFAULT_CHUNKSIZE 2048
-
-#endif /* _SOFTOKNT_H_ */
diff --git a/security/nss/lib/softoken/tlsprf.c b/security/nss/lib/softoken/tlsprf.c
deleted file mode 100644
index 9d1a6e677..000000000
--- a/security/nss/lib/softoken/tlsprf.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* tlsprf.c - TLS Pseudo Random Function (PRF) implementation
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "pkcs11i.h"
-#include "sechash.h"
-#include "alghmac.h"
-
-#define PK11_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
-
-#define PHASH_STATE_MAX_LEN 20
-
-/* TLS P_hash function */
-static SECStatus
-pk11_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label,
- SECItem *seed, SECItem *result, PRBool isFIPS)
-{
- unsigned char state[PHASH_STATE_MAX_LEN];
- unsigned char outbuf[PHASH_STATE_MAX_LEN];
- unsigned int state_len = 0, label_len = 0, outbuf_len = 0, chunk_size;
- unsigned int remaining;
- unsigned char *res;
- SECStatus status;
- HMACContext *cx;
- SECStatus rv = SECFailure;
- const SECHashObject *hashObj = &SECRawHashObjects[hashType];
-
- PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
- PORT_Assert((seed != NULL) && (seed->data != NULL));
- PORT_Assert((result != NULL) && (result->data != NULL));
-
- remaining = result->len;
- res = result->data;
-
- if (label != NULL)
- label_len = PORT_Strlen(label);
-
- cx = HMAC_Create(hashObj, secret->data, secret->len, isFIPS);
- if (cx == NULL)
- goto loser;
-
- /* initialize the state = A(1) = HMAC_hash(secret, seed) */
- HMAC_Begin(cx);
- HMAC_Update(cx, (unsigned char *)label, label_len);
- HMAC_Update(cx, seed->data, seed->len);
- status = HMAC_Finish(cx, state, &state_len, PHASH_STATE_MAX_LEN);
- if (status != SECSuccess)
- goto loser;
-
- /* generate a block at a time until we're done */
- while (remaining > 0) {
-
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- if (label_len)
- HMAC_Update(cx, (unsigned char *)label, label_len);
- HMAC_Update(cx, seed->data, seed->len);
- status = HMAC_Finish(cx, outbuf, &outbuf_len, PHASH_STATE_MAX_LEN);
- if (status != SECSuccess)
- goto loser;
-
- /* Update the state = A(i) = HMAC_hash(secret, A(i-1)) */
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- status = HMAC_Finish(cx, state, &state_len, PHASH_STATE_MAX_LEN);
- if (status != SECSuccess)
- goto loser;
-
- chunk_size = PR_MIN(outbuf_len, remaining);
- PORT_Memcpy(res, &outbuf, chunk_size);
- res += chunk_size;
- remaining -= chunk_size;
- }
-
- rv = SECSuccess;
-
-loser:
- /* if (cx) HMAC_Destroy(cx); */
- /* clear out state so it's not left on the stack */
- if (cx) HMAC_Destroy(cx);
- PORT_Memset(state, 0, sizeof(state));
- PORT_Memset(outbuf, 0, sizeof(outbuf));
- return rv;
-}
-
-SECStatus
-pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
- SECItem *result, PRBool isFIPS)
-{
- SECStatus rv = SECFailure, status;
- unsigned int i;
- SECItem tmp = { siBuffer, NULL, 0};
- SECItem S1;
- SECItem S2;
-
- PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
- PORT_Assert((seed != NULL) && (seed->data != NULL));
- PORT_Assert((result != NULL) && (result->data != NULL));
-
- S1.type = siBuffer;
- S1.len = (secret->len / 2) + (secret->len & 1);
- S1.data = secret->data;
-
- S2.type = siBuffer;
- S2.len = S1.len;
- S2.data = secret->data + (secret->len - S2.len);
-
- tmp.data = (unsigned char*)PORT_Alloc(result->len);
- if (tmp.data == NULL)
- goto loser;
- tmp.len = result->len;
-
- status = pk11_P_hash(HASH_AlgMD5, &S1, label, seed, result, isFIPS);
- if (status != SECSuccess)
- goto loser;
-
- status = pk11_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp, isFIPS);
- if (status != SECSuccess)
- goto loser;
-
- for (i = 0; i < result->len; i++)
- result->data[i] ^= tmp.data[i];
-
- rv = SECSuccess;
-
-loser:
- if (tmp.data != NULL)
- PORT_ZFree(tmp.data, tmp.len);
- return rv;
-}
-
-static void pk11_TLSPRFNull(void *data, PRBool freeit)
-{
- return;
-}
-
-typedef struct {
- PRUint32 cxSize; /* size of allocated block, in bytes. */
- PRUint32 cxBufSize; /* sizeof buffer at cxBufPtr. */
- unsigned char *cxBufPtr; /* points to real buffer, may be cxBuf. */
- PRUint32 cxKeyLen; /* bytes of cxBufPtr containing key. */
- PRUint32 cxDataLen; /* bytes of cxBufPtr containing data. */
- SECStatus cxRv; /* records failure of void functions. */
- PRBool cxIsFIPS; /* true if conforming to FIPS 198. */
- unsigned char cxBuf[512]; /* actual size may be larger than 512. */
-} TLSPRFContext;
-
-static void
-pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
- unsigned int data_len)
-{
- PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen;
-
- if (cx->cxRv != SECSuccess) /* function has previously failed. */
- return;
- if (bytesUsed + data_len > cx->cxBufSize) {
- /* We don't use realloc here because
- ** (a) realloc doesn't zero out the old block, and
- ** (b) if realloc fails, we lose the old block.
- */
- PRUint32 newBufSize = bytesUsed + data_len + 512;
- unsigned char * newBuf = (unsigned char *)PORT_Alloc(newBufSize);
- if (!newBuf) {
- cx->cxRv = SECFailure;
- return;
- }
- PORT_Memcpy(newBuf, cx->cxBufPtr, bytesUsed);
- if (cx->cxBufPtr != cx->cxBuf) {
- PORT_ZFree(cx->cxBufPtr, bytesUsed);
- }
- cx->cxBufPtr = newBuf;
- cx->cxBufSize = newBufSize;
- }
- PORT_Memcpy(cx->cxBufPtr + bytesUsed, data, data_len);
- cx->cxDataLen += data_len;
-}
-
-static void
-pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
- unsigned int *pDigestLen, unsigned int maxDigestLen)
-{
- *pDigestLen = 0; /* tells Verify that no data has been input yet. */
-}
-
-/* Compute the PRF values from the data previously input. */
-static SECStatus
-pk11_TLSPRFUpdate(TLSPRFContext *cx,
- unsigned char *sig, /* output goes here. */
- unsigned int * sigLen, /* how much output. */
- unsigned int maxLen, /* output buffer size */
- unsigned char *hash, /* unused. */
- unsigned int hashLen) /* unused. */
-{
- SECStatus rv;
- SECItem sigItem;
- SECItem seedItem;
- SECItem secretItem;
-
- if (cx->cxRv != SECSuccess)
- return cx->cxRv;
-
- secretItem.data = cx->cxBufPtr;
- secretItem.len = cx->cxKeyLen;
-
- seedItem.data = cx->cxBufPtr + cx->cxKeyLen;
- seedItem.len = cx->cxDataLen;
-
- sigItem.data = sig;
- sigItem.len = maxLen;
-
- rv = pk11_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS);
- if (rv == SECSuccess && sigLen != NULL)
- *sigLen = sigItem.len;
- return rv;
-
-}
-
-static SECStatus
-pk11_TLSPRFVerify(TLSPRFContext *cx,
- unsigned char *sig, /* input, for comparison. */
- unsigned int sigLen, /* length of sig. */
- unsigned char *hash, /* data to be verified. */
- unsigned int hashLen) /* size of hash data. */
-{
- unsigned char * tmp = (unsigned char *)PORT_Alloc(sigLen);
- unsigned int tmpLen = sigLen;
- SECStatus rv;
-
- if (!tmp)
- return SECFailure;
- if (hashLen) {
- /* hashLen is non-zero when the user does a one-step verify.
- ** In this case, none of the data has been input yet.
- */
- pk11_TLSPRFHashUpdate(cx, hash, hashLen);
- }
- rv = pk11_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
- if (rv == SECSuccess) {
- rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen));
- }
- PORT_ZFree(tmp, sigLen);
- return rv;
-}
-
-static void
-pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
-{
- if (freeit) {
- if (cx->cxBufPtr != cx->cxBuf)
- PORT_ZFree(cx->cxBufPtr, cx->cxBufSize);
- PORT_ZFree(cx, cx->cxSize);
- }
-}
-
-CK_RV
-pk11_TLSPRFInit(PK11SessionContext *context,
- PK11Object * key,
- CK_KEY_TYPE key_type)
-{
- PK11Attribute * keyVal;
- TLSPRFContext * prf_cx;
- CK_RV crv = CKR_HOST_MEMORY;
- PRUint32 keySize;
- PRUint32 blockSize;
-
- if (key_type != CKK_GENERIC_SECRET)
- return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */
-
- context->multi = PR_TRUE;
-
- keyVal = pk11_FindAttribute(key, CKA_VALUE);
- keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
- blockSize = keySize + sizeof(TLSPRFContext);
- prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
- if (!prf_cx)
- goto done;
- prf_cx->cxSize = blockSize;
- prf_cx->cxKeyLen = keySize;
- prf_cx->cxDataLen = 0;
- prf_cx->cxBufSize = blockSize - PK11_OFFSETOF(TLSPRFContext, cxBuf);
- prf_cx->cxRv = SECSuccess;
- prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID);
- prf_cx->cxBufPtr = prf_cx->cxBuf;
- if (keySize)
- PORT_Memcpy(prf_cx->cxBufPtr, keyVal->attrib.pValue, keySize);
-
- context->hashInfo = (void *) prf_cx;
- context->cipherInfo = (void *) prf_cx;
- context->hashUpdate = (PK11Hash) pk11_TLSPRFHashUpdate;
- context->end = (PK11End) pk11_TLSPRFEnd;
- context->update = (PK11Cipher) pk11_TLSPRFUpdate;
- context->verify = (PK11Verify) pk11_TLSPRFVerify;
- context->destroy = (PK11Destroy) pk11_TLSPRFNull;
- context->hashdestroy = (PK11Destroy) pk11_TLSPRFHashDestroy;
- crv = CKR_OK;
-
-done:
- if (keyVal)
- pk11_FreeAttribute(keyVal);
- return crv;
-}
-
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
deleted file mode 100644
index 9b652250d..000000000
--- a/security/nss/lib/ssl/Makefile
+++ /dev/null
@@ -1,87 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-CSRCS += win32err.c
-DEFINES += -DIN_LIBSSL
-else
-ifeq ($(OS_TARGET),OS2)
-CSRCS += os2_err.c
-else
-CSRCS += unix_err.c
-endif
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/ssl/authcert.c b/security/nss/lib/ssl/authcert.c
deleted file mode 100644
index bd473f11f..000000000
--- a/security/nss/lib/ssl/authcert.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "prerror.h"
-#include "secitem.h"
-#include "prnetdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "secder.h"
-#include "key.h"
-#include "nss.h"
-#include "ssl.h"
-#include "pk11func.h" /* for PK11_ function calls */
-
-/*
- * This callback used by SSL to pull client sertificate upon
- * server request
- */
-SECStatus
-NSS_GetClientAuthData(void * arg,
- PRFileDesc * socket,
- struct CERTDistNamesStr * caNames,
- struct CERTCertificateStr ** pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
- CERTCertificate * cert = NULL;
- SECKEYPrivateKey * privkey = NULL;
- char * chosenNickName = (char *)arg; /* CONST */
- void * proto_win = NULL;
- SECStatus rv = SECFailure;
-
- proto_win = SSL_RevealPinArg(socket);
-
- if (chosenNickName) {
- cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
- if ( cert ) {
- privkey = PK11_FindKeyByAnyCert(cert, proto_win);
- if ( privkey ) {
- rv = SECSuccess;
- } else {
- CERT_DestroyCertificate(cert);
- }
- }
- } else { /* no name given, automatically find the right cert. */
- CERTCertNicknames * names;
- int i;
-
- names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
- if (names != NULL) {
- for (i = 0; i < names->numnicknames; i++) {
- cert = PK11_FindCertFromNickname(names->nicknames[i],proto_win);
- if ( !cert )
- continue;
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) !=
- secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
- rv = NSS_CmpCertChainWCANames(cert, caNames);
- if ( rv == SECSuccess ) {
- privkey = PK11_FindKeyByAnyCert(cert, proto_win);
- if ( privkey )
- break;
- }
- rv = SECFailure;
- CERT_DestroyCertificate(cert);
- }
- CERT_FreeNicknames(names);
- }
- }
- if (rv == SECSuccess) {
- *pRetCert = cert;
- *pRetKey = privkey;
- }
- return rv;
-}
-
diff --git a/security/nss/lib/ssl/cmpcert.c b/security/nss/lib/ssl/cmpcert.c
deleted file mode 100644
index 9ca25c10b..000000000
--- a/security/nss/lib/ssl/cmpcert.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "prerror.h"
-#include "secitem.h"
-#include "prnetdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "secder.h"
-#include "key.h"
-#include "nss.h"
-
-/*
- * Look to see if any of the signers in the cert chain for "cert" are found
- * in the list of caNames.
- * Returns SECSuccess if so, SECFailure if not.
- */
-SECStatus
-NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
-{
- SECItem * caname;
- CERTCertificate * curcert;
- CERTCertificate * oldcert;
- PRInt32 contentlen;
- int j;
- int headerlen;
- int depth;
- SECStatus rv;
- SECItem issuerName;
- SECItem compatIssuerName;
-
- if (!cert || !caNames || !caNames->nnames || !caNames->names ||
- !caNames->names->data)
- return SECFailure;
- depth=0;
- curcert = CERT_DupCertificate(cert);
-
- while( curcert ) {
- issuerName = curcert->derIssuer;
-
- /* compute an alternate issuer name for compatibility with 2.0
- * enterprise server, which send the CA names without
- * the outer layer of DER hearder
- */
- rv = DER_Lengths(&issuerName, &headerlen, (uint32 *)&contentlen);
- if ( rv == SECSuccess ) {
- compatIssuerName.data = &issuerName.data[headerlen];
- compatIssuerName.len = issuerName.len - headerlen;
- } else {
- compatIssuerName.data = NULL;
- compatIssuerName.len = 0;
- }
-
- for (j = 0; j < caNames->nnames; j++) {
- caname = &caNames->names[j];
- if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {
- rv = SECSuccess;
- CERT_DestroyCertificate(curcert);
- goto done;
- } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) {
- rv = SECSuccess;
- CERT_DestroyCertificate(curcert);
- goto done;
- }
- }
- if ( ( depth <= 20 ) &&
- ( SECITEM_CompareItem(&curcert->derIssuer, &curcert->derSubject)
- != SECEqual ) ) {
- oldcert = curcert;
- curcert = CERT_FindCertByName(curcert->dbhandle,
- &curcert->derIssuer);
- CERT_DestroyCertificate(oldcert);
- depth++;
- } else {
- CERT_DestroyCertificate(curcert);
- curcert = NULL;
- }
- }
- rv = SECFailure;
-
-done:
- return rv;
-}
-
diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk
deleted file mode 100644
index 3917eaba1..000000000
--- a/security/nss/lib/ssl/config.mk
+++ /dev/null
@@ -1,81 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
-
-RES = $(OBJDIR)/ssl.res
-RESNAME = ssl.rc
-
-ifdef NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-else # ! NS_USE_GCC
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/nss3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-endif # NS_USE_GCC
-
-else
-
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-
-ifeq ($(OS_ARCH), BeOS)
-EXTRA_SHARED_LIBS += -lbe
-endif
-
-ifeq ($(OS_ARCH), Darwin)
-EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib
-endif
-
-endif
diff --git a/security/nss/lib/ssl/emulate.c b/security/nss/lib/ssl/emulate.c
deleted file mode 100644
index 9d5734e5a..000000000
--- a/security/nss/lib/ssl/emulate.c
+++ /dev/null
@@ -1,633 +0,0 @@
-/*
- * Functions that emulate PR_AcceptRead and PR_TransmitFile for SSL sockets.
- * Each Layered NSPR protocol (like SSL) must unfortunately contain its
- * own implementation of these functions. This code was taken from NSPR.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nspr.h"
-
-#if defined( XP_UNIX ) || defined( XP_BEOS )
-#include <fcntl.h>
-#endif
-#if defined(WIN32)
-#include <windef.h>
-#include <winbase.h>
-#endif
-#include <string.h>
-
-#define AMASK 7 /* mask for alignment of PRNetAddr */
-
-/*
- * _PR_EmulateAcceptRead
- *
- * Accept an incoming connection on sd, set *nd to point to the
- * newly accepted socket, read 'amount' bytes from the accepted
- * socket.
- *
- * buf is a buffer of length = amount + (2 * sizeof(PRNetAddr)) + 32
- * *raddr points to the PRNetAddr of the accepted connection upon
- * return
- *
- * return number of bytes read or -1 on error
- *
- */
-PRInt32
-ssl_EmulateAcceptRead( PRFileDesc * sd,
- PRFileDesc ** nd,
- PRNetAddr ** raddr,
- void * buf,
- PRInt32 amount,
- PRIntervalTime timeout)
-{
- PRFileDesc * newsockfd;
- PRInt32 rv;
- PRNetAddr remote;
-
- if (!(newsockfd = PR_Accept(sd, &remote, PR_INTERVAL_NO_TIMEOUT))) {
- return -1;
- }
-
- rv = PR_Recv(newsockfd, buf, amount, 0, timeout);
- if (rv >= 0) {
- ptrdiff_t pNetAddr = (((ptrdiff_t)buf) + amount + AMASK) & ~AMASK;
-
- *nd = newsockfd;
- *raddr = (PRNetAddr *)pNetAddr;
- memcpy((void *)pNetAddr, &remote, sizeof(PRNetAddr));
- return rv;
- }
-
- PR_Close(newsockfd);
- return -1;
-}
-
-
-#if !defined( XP_UNIX ) && !defined( WIN32 ) && !defined( XP_BEOS )
-/*
- * _PR_EmulateTransmitFile
- *
- * Send file fd across socket sd. If headers is non-NULL, 'hlen'
- * bytes of headers is sent before sending the file.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-#define _TRANSMITFILE_BUFSIZE (16 * 1024)
-
-PRInt32
-ssl_EmulateTransmitFile( PRFileDesc * sd,
- PRFileDesc * fd,
- const void * headers,
- PRInt32 hlen,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout)
-{
- char * buf = NULL;
- PRInt32 count = 0;
- PRInt32 rlen;
- PRInt32 rv;
-
- buf = PR_MALLOC(_TRANSMITFILE_BUFSIZE);
- if (buf == NULL) {
- PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
- return -1;
- }
-
- /*
- * send headers, first
- */
- while (hlen) {
- rv = PR_Send(sd, headers, hlen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- }
- count += rv;
- headers = (const void*) ((const char*)headers + rv);
- hlen -= rv;
- }
- /*
- * send file, next
- */
- while ((rlen = PR_Read(fd, buf, _TRANSMITFILE_BUFSIZE)) > 0) {
- while (rlen) {
- char *bufptr = buf;
-
- rv = PR_Send(sd, bufptr, rlen,0,PR_INTERVAL_NO_TIMEOUT);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- }
- count += rv;
- bufptr = ((char*)bufptr + rv);
- rlen -= rv;
- }
- }
- if (rlen == 0) {
- /*
- * end-of-file
- */
- if (flags & PR_TRANSMITFILE_CLOSE_SOCKET)
- PR_Close(sd);
- rv = count;
- } else {
- PR_ASSERT(rlen < 0);
- /* PR_Read() has invoked PR_SetError(). */
- rv = -1;
- }
-
-done:
- if (buf)
- PR_DELETE(buf);
- return rv;
-}
-#else
-
-#define TRANSMITFILE_MMAP_CHUNK (256 * 1024)
-
-/*
- * _PR_UnixTransmitFile
- *
- * Send file fd across socket sd. If headers is non-NULL, 'hlen'
- * bytes of headers is sent before sending the file.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-
-PRInt32
-ssl_EmulateTransmitFile( PRFileDesc * sd,
- PRFileDesc * fd,
- const void * headers,
- PRInt32 hlen,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout)
-{
- void * addr = NULL;
- PRFileMap * mapHandle = NULL;
- PRInt32 count = 0;
- PRInt32 index = 0;
- PRInt32 len = 0;
- PRInt32 rv;
- struct PRFileInfo info;
- struct PRIOVec iov[2];
-
- /* Get file size */
- if (PR_SUCCESS != PR_GetOpenFileInfo(fd, &info)) {
- count = -1;
- goto done;
- }
- if (hlen) {
- iov[index].iov_base = (char *) headers;
- iov[index].iov_len = hlen;
- index++;
- }
- if (info.size > 0) {
- mapHandle = PR_CreateFileMap(fd, info.size, PR_PROT_READONLY);
- if (mapHandle == NULL) {
- count = -1;
- goto done;
- }
- /*
- * If the file is large, mmap and send the file in chunks so as
- * to not consume too much virtual address space
- */
- len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
- /*
- * Map in (part of) file. Take care of zero-length files.
- */
- if (len) {
- addr = PR_MemMap(mapHandle, 0, len);
- if (addr == NULL) {
- count = -1;
- goto done;
- }
- }
- iov[index].iov_base = (char*)addr;
- iov[index].iov_len = len;
- index++;
- }
- if (!index)
- goto done;
- rv = PR_Writev(sd, iov, index, timeout);
- if (len) {
- PR_MemUnmap(addr, len);
- }
- if (rv >= 0) {
- PR_ASSERT(rv == hlen + len);
- info.size -= len;
- count += rv;
- } else {
- count = -1;
- goto done;
- }
- /*
- * send remaining bytes of the file, if any
- */
- len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
- while (len > 0) {
- /*
- * Map in (part of) file
- */
- PR_ASSERT((count - hlen) % TRANSMITFILE_MMAP_CHUNK == 0);
- addr = PR_MemMap(mapHandle, count - hlen, len);
- if (addr == NULL) {
- count = -1;
- goto done;
- }
- rv = PR_Send(sd, addr, len, 0, timeout);
- PR_MemUnmap(addr, len);
- if (rv >= 0) {
- PR_ASSERT(rv == len);
- info.size -= rv;
- count += rv;
- len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
- } else {
- count = -1;
- goto done;
- }
- }
-done:
- if ((count >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
- PR_Close(sd);
- if (mapHandle != NULL)
- PR_CloseFileMap(mapHandle);
- return count;
-}
-#endif /* XP_UNIX || WIN32 || XP_BEOS */
-
-
-
-
-#if !defined( XP_UNIX ) && !defined( WIN32 ) && !defined( XP_BEOS )
-/*
- * _PR_EmulateSendFile
- *
- * Send file sfd->fd across socket sd. The header and trailer buffers
- * specified in the 'sfd' argument are sent before and after the file,
- * respectively.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-
-PRInt32
-ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
- PRTransmitFileFlags flags, PRIntervalTime timeout)
-{
- char * buf = NULL;
- const void * buffer;
- PRInt32 rv;
- PRInt32 count = 0;
- PRInt32 rlen;
- PRInt32 buflen;
- PRInt32 sendbytes;
- PRInt32 readbytes;
-
-#define _SENDFILE_BUFSIZE (16 * 1024)
-
- buf = (char*)PR_MALLOC(_SENDFILE_BUFSIZE);
- if (buf == NULL) {
- PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
- return -1;
- }
-
- /*
- * send header, first
- */
- buflen = sfd->hlen;
- buffer = sfd->header;
- while (buflen) {
- rv = PR_Send(sd, buffer, buflen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- buffer = (const void*) ((const char*)buffer + rv);
- buflen -= rv;
- }
- }
- /*
- * send file, next
- */
-
- if (PR_Seek(sfd->fd, sfd->file_offset, PR_SEEK_SET) < 0) {
- rv = -1;
- goto done;
- }
- sendbytes = sfd->file_nbytes;
- if (sendbytes == 0) {
- /* send entire file */
- while ((rlen = PR_Read(sfd->fd, buf, _SENDFILE_BUFSIZE)) > 0) {
- while (rlen) {
- char *bufptr = buf;
-
- rv = PR_Send(sd, bufptr, rlen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- bufptr = ((char*)bufptr + rv);
- rlen -= rv;
- }
- }
- }
- if (rlen < 0) {
- /* PR_Read() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- }
- } else {
- readbytes = PR_MIN(sendbytes, _SENDFILE_BUFSIZE);
- while (readbytes && ((rlen = PR_Read(sfd->fd, buf, readbytes)) > 0)) {
- while (rlen) {
- char *bufptr = buf;
-
- rv = PR_Send(sd, bufptr, rlen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- sendbytes -= rv;
- bufptr = ((char*)bufptr + rv);
- rlen -= rv;
- }
- }
- readbytes = PR_MIN(sendbytes, _SENDFILE_BUFSIZE);
- }
- if (rlen < 0) {
- /* PR_Read() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else if (sendbytes != 0) {
- /*
- * there are fewer bytes in file to send than specified
- */
- PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
- rv = -1;
- goto done;
- }
- }
- /*
- * send trailer, last
- */
- buflen = sfd->tlen;
- buffer = sfd->trailer;
- while (buflen) {
- rv = PR_Send(sd, buffer, buflen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- buffer = (const void*) ((const char*)buffer + rv);
- buflen -= rv;
- }
- }
- rv = count;
-
-done:
- if (buf)
- PR_DELETE(buf);
- if ((rv >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
- PR_Close(sd);
- return rv;
-}
-
-#else /* UNIX, NT, and BEOS handled below */
-
-/*
- * _PR_UnixSendFile
- *
- * Send file sfd->fd across socket sd. If header/trailer are specified
- * they are sent before and after the file, respectively.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-#define SENDFILE_MMAP_CHUNK (256 * 1024)
-
-PRInt32
-ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
- PRTransmitFileFlags flags, PRIntervalTime timeout)
-{
- void * addr = NULL;
- PRFileMap * mapHandle = NULL;
- PRInt32 count = 0;
- PRInt32 file_bytes;
- PRInt32 index = 0;
- PRInt32 len;
- PRInt32 rv;
- PRUint32 addr_offset;
- PRUint32 file_mmap_offset;
- PRUint32 mmap_len;
- PRUint32 pagesize;
- struct PRFileInfo info;
- struct PRIOVec iov[3];
-
- /* Get file size */
- if (PR_SUCCESS != PR_GetOpenFileInfo(sfd->fd, &info)) {
- count = -1;
- goto done;
- }
- if (sfd->file_nbytes &&
- (info.size < (sfd->file_offset + sfd->file_nbytes))) {
- /*
- * there are fewer bytes in file to send than specified
- */
- PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
- count = -1;
- goto done;
- }
- if (sfd->file_nbytes)
- file_bytes = sfd->file_nbytes;
- else
- file_bytes = info.size - sfd->file_offset;
-
-#if defined(WIN32)
- {
- SYSTEM_INFO sysinfo;
- GetSystemInfo(&sysinfo);
- pagesize = sysinfo.dwAllocationGranularity;
- }
-#else
- pagesize = PR_GetPageSize();
-#endif
- /*
- * If the file is large, mmap and send the file in chunks so as
- * to not consume too much virtual address space
- */
- if (!sfd->file_offset || !(sfd->file_offset & (pagesize - 1))) {
- /*
- * case 1: page-aligned file offset
- */
- mmap_len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
- len = mmap_len;
- file_mmap_offset = sfd->file_offset;
- addr_offset = 0;
- } else {
- /*
- * case 2: non page-aligned file offset
- */
- /* find previous page boundary */
- file_mmap_offset = (sfd->file_offset & ~(pagesize - 1));
-
- /* number of initial bytes to skip in mmap'd segment */
- addr_offset = sfd->file_offset - file_mmap_offset;
- PR_ASSERT(addr_offset > 0);
- mmap_len = PR_MIN(file_bytes + addr_offset, SENDFILE_MMAP_CHUNK);
- len = mmap_len - addr_offset;
- }
- /*
- * OK I've convinced myself that length has to be possitive (file_bytes is
- * negative or SENDFILE_MMAP_CHUNK is less than pagesize). Just assert
- * that this is the case so we catch problems in debug builds.
- */
- PR_ASSERT(len >= 0);
-
- /*
- * Map in (part of) file. Take care of zero-length files.
- */
- if (len > 0) {
- mapHandle = PR_CreateFileMap(sfd->fd, info.size, PR_PROT_READONLY);
- if (!mapHandle) {
- count = -1;
- goto done;
- }
- addr = PR_MemMap(mapHandle, file_mmap_offset, mmap_len);
- if (!addr) {
- count = -1;
- goto done;
- }
- }
- /*
- * send headers, first, followed by the file
- */
- if (sfd->hlen) {
- iov[index].iov_base = (char *) sfd->header;
- iov[index].iov_len = sfd->hlen;
- index++;
- }
- if (len) {
- iov[index].iov_base = (char*)addr + addr_offset;
- iov[index].iov_len = len;
- index++;
- }
- if ((file_bytes == len) && (sfd->tlen)) {
- /*
- * all file data is mapped in; send the trailer too
- */
- iov[index].iov_base = (char *) sfd->trailer;
- iov[index].iov_len = sfd->tlen;
- index++;
- }
- rv = PR_Writev(sd, iov, index, timeout);
- if (len)
- PR_MemUnmap(addr, mmap_len);
- if (rv < 0) {
- count = -1;
- goto done;
- }
-
- PR_ASSERT(rv == sfd->hlen + len + ((len == file_bytes) ? sfd->tlen : 0));
-
- file_bytes -= len;
- count += rv;
- if (!file_bytes) /* header, file and trailer are sent */
- goto done;
-
- /*
- * send remaining bytes of the file, if any
- */
- len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
- while (len > 0) {
- /*
- * Map in (part of) file
- */
- file_mmap_offset = sfd->file_offset + count - sfd->hlen;
- PR_ASSERT((file_mmap_offset % pagesize) == 0);
-
- addr = PR_MemMap(mapHandle, file_mmap_offset, len);
- if (!addr) {
- count = -1;
- goto done;
- }
- rv = PR_Send(sd, addr, len, 0, timeout);
- PR_MemUnmap(addr, len);
- if (rv < 0) {
- count = -1;
- goto done;
- }
-
- PR_ASSERT(rv == len);
- file_bytes -= rv;
- count += rv;
- len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
- }
- PR_ASSERT(0 == file_bytes);
- if (sfd->tlen) {
- rv = PR_Send(sd, sfd->trailer, sfd->tlen, 0, timeout);
- if (rv >= 0) {
- PR_ASSERT(rv == sfd->tlen);
- count += rv;
- } else
- count = -1;
- }
-done:
- if (mapHandle)
- PR_CloseFileMap(mapHandle);
- if ((count >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
- PR_Close(sd);
- return count;
-}
-#endif /* UNIX, NT, and BEOS */
diff --git a/security/nss/lib/ssl/manifest.mn b/security/nss/lib/ssl/manifest.mn
deleted file mode 100644
index ae6431a27..000000000
--- a/security/nss/lib/ssl/manifest.mn
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-# DEFINES = -DTRACE
-
-
-PRIVATE_EXPORTS = \
- ssl3prot.h \
- sslimpl.h \
- $(NULL)
-
-EXPORTS = \
- ssl.h \
- sslt.h \
- sslerr.h \
- sslproto.h \
- preenc.h \
- $(NULL)
-
-MODULE = nss
-MAPFILE = $(OBJDIR)/ssl.def
-
-CSRCS = \
- emulate.c \
- prelib.c \
- ssl3con.c \
- ssl3gthr.c \
- sslauth.c \
- sslcon.c \
- ssldef.c \
- sslenum.c \
- sslerr.c \
- sslgathr.c \
- sslmutex.c \
- sslnonce.c \
- sslreveal.c \
- sslsecur.c \
- sslsnce.c \
- sslsock.c \
- ssltrace.c \
- sslver.c \
- authcert.c \
- cmpcert.c \
- nsskea.c \
- sslinfo.c \
- $(NULL)
-
-
-REQUIRES = dbm
-
-LIBRARY_NAME = ssl
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/ssl/notes.txt b/security/nss/lib/ssl/notes.txt
deleted file mode 100644
index a36f242ee..000000000
--- a/security/nss/lib/ssl/notes.txt
+++ /dev/null
@@ -1,161 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-SSL's Buffers: enumerated and explained.
-
----------------------------------------------------------------------------
-incoming:
-
-gs = ss->gather
-hs = ss->ssl3->hs
-
-gs->inbuf SSL3 only: incoming (encrypted) ssl records are placed here,
- and then decrypted (or copied) to gs->buf.
-
-gs->buf SSL2: incoming SSL records are put here, and then decrypted
- in place.
- SSL3: ssl3_HandleHandshake puts decrypted ssl records here.
-
-hs.msg_body (SSL3 only) When an incoming handshake message spans more
- than one ssl record, the first part(s) of it are accumulated
- here until it all arrives.
-
-hs.msgState (SSL3 only) an alternative set of pointers/lengths for gs->buf.
- Used only when a handleHandshake function returns SECWouldBlock.
- ssl3_HandleHandshake remembers how far it previously got by
- using these pointers instead of gs->buf when it is called
- after a previous SECWouldBlock return.
-
----------------------------------------------------------------------------
-outgoing:
-
-sec = ss->sec
-ci = ss->sec->ci /* connect info */
-
-ci->sendBuf Outgoing handshake messages are appended to this buffer.
- This buffer will then be sent as a single SSL record.
-
-sec->writeBuf outgoing ssl records are constructed here and encrypted in
- place before being written or copied to pendingBuf.
-
-ss->pendingBuf contains outgoing ciphertext that was saved after a write
- attempt to the socket failed, e.g. EWouldBlock.
- Generally empty with blocking sockets (should be no incomplete
- writes).
-
-ss->saveBuf Used only by socks code. Intended to be used to buffer
- outgoing data until a socks handshake completes. However,
- this buffer is always empty. There is no code to put
- anything into it.
-
----------------------------------------------------------------------------
-
-SECWouldBlock means that the function cannot make progress because it is
-waiting for some event OTHER THAN socket I/O completion (e.g. waiting for
-user dialog to finish). It is not the same as EWOULDBLOCK.
-
----------------------------------------------------------------------------
-
-Rank (order) of locks
-
-[ReadLock ->]\ [firstHandshake ->] [ssl3Handshake ->] recvbuf \ -> "spec"
-[WriteLock->]/ xmitbuf /
-
-crypto and hash Data that must be protected while turning plaintext into
-ciphertext:
-
-SSL2: (in ssl2_Send*)
- sec->hash*
- sec->hashcx (ptr and data)
- sec->enc
- sec->writecx* (ptr and content)
- sec->sendSecret*(ptr and content)
- sec->sendSequence locked by xmitBufLock
- sec->blockSize
- sec->writeBuf* (ptr & content) locked by xmitBufLock
- "in" locked by xmitBufLock
-
-SSl3: (in ssl3_SendPlainText)
- ss->ssl3 (the pointer)
- ss->ssl3->current_write* (the pointer and the data in the spec
- and any data referenced by the spec.
-
- ss->sec->isServer
- ss->sec->writebuf* (ptr & content) locked by xmitBufLock
- "buf" locked by xmitBufLock
-
-crypto and hash data that must be protected while turning ciphertext into
-plaintext:
-
-SSL2: (in ssl2_GatherData)
- gs->* (locked by recvBufLock )
- sec->dec
- sec->readcx
- sec->hash* (ptr and data)
- sec->hashcx (ptr and data)
-
-SSL3: (in ssl3_HandleRecord )
- ssl3->current_read* (the pointer and all data refernced)
- ss->sec->isServer
-
-
-Data that must be protected while being used by a "writer":
-
-ss->pendingBuf.*
-ss->saveBuf.* (which is dead)
-
-in ssl3_sendPlainText
-
-ss->ssl3->current_write-> (spec)
-ss->sec->writeBuf.*
-ss->sec->isServer
-
-in SendBlock
-
-ss->sec->hash->length
-ss->sec->blockSize
-ss->sec->writeBuf.*
-ss->sec->sendSecret
-ss->sec->sendSequence
-ss->sec->writecx *
-ss->pendingBuf
-
---------------------------------------------------------------------------
-
-Data variables (not const) protected by the "sslGlobalDataLock".
-Note, this really should be a reader/writer lock.
-
-allowedByPolicy sslcon.c
-maybeAllowedByPolicy sslcon.c
-chosenPreference sslcon.c
-policyWasSet sslcon.c
-
-cipherSuites[] ssl3con.c
diff --git a/security/nss/lib/ssl/nsskea.c b/security/nss/lib/ssl/nsskea.c
deleted file mode 100644
index ec7be1735..000000000
--- a/security/nss/lib/ssl/nsskea.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Return SSLKEAType derived from cert's Public Key algorithm info.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include "cert.h"
-#include "ssl.h" /* for SSLKEAType */
-#include "secoid.h"
-
-SSLKEAType
-NSS_FindCertKEAType(CERTCertificate * cert)
-{
- SSLKEAType keaType = kt_null;
- int tag;
-
- if (!cert) goto loser;
-
- tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (tag) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keaType = kt_rsa;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- keaType = kt_fortezza;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- keaType = kt_dh;
- break;
- default:
- keaType = kt_null;
- }
-
- loser:
-
- return keaType;
-
-}
-
diff --git a/security/nss/lib/ssl/os2_err.c b/security/nss/lib/ssl/os2_err.c
deleted file mode 100644
index 77d49df2f..000000000
--- a/security/nss/lib/ssl/os2_err.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prlog.h"
-#include <errno.h>
-
-
-/*
- * Based on win32err.c
- * OS2TODO Stub everything for now to build. HCT
- */
-
-/* forward declaration. */
-void nss_MD_os2_map_default_error(PRInt32 err);
-
-void nss_MD_os2_map_opendir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_closedir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_readdir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_delete_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/* The error code for stat() is in errno. */
-void nss_MD_os2_map_stat_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_fstat_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_rename_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/* The error code for access() is in errno. */
-void nss_MD_os2_map_access_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_mkdir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_rmdir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_read_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_transmitfile_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_write_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_lseek_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_fsync_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/*
- * For both CloseHandle() and closesocket().
- */
-void nss_MD_os2_map_close_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_socket_error(PRInt32 err)
-{
-// PR_ASSERT(err != WSANOTINITIALISED);
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_recv_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_recvfrom_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_send_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_sendto_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_accept_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-// case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_acceptex_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_connect_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
-// case WSAEINVAL: prError = PR_ALREADY_INITIATED_ERROR; break;
-// case WSAETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_bind_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_listen_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-// case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_shutdown_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_getsockname_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_getpeername_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_getsockopt_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_setsockopt_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_open_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_gethostname_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/* Win32 select() only works on sockets. So in this
-** context, WSAENOTSOCK is equivalent to EBADF on Unix.
-*/
-void nss_MD_os2_map_select_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAENOTSOCK: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_lockf_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-
-
-void nss_MD_os2_map_default_error(PRInt32 err)
-{
- PRErrorCode prError;
-
- switch (err) {
-// case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
-// case ERROR_ACCESS_DENIED: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-// case ERROR_ALREADY_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
-// case ERROR_DISK_CORRUPT: prError = PR_IO_ERROR; break;
-// case ERROR_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-// case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
-// case ERROR_DRIVE_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
-// case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
-// case ERROR_FILE_CORRUPT: prError = PR_IO_ERROR; break;
-// case ERROR_FILE_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
-// case ERROR_FILE_INVALID: prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#if ERROR_FILE_NOT_FOUND != ENOENT
-// case ERROR_FILE_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
-#endif
- default: prError = PR_UNKNOWN_ERROR; break;
- }
- PR_SetError(prError, err);
-}
-
diff --git a/security/nss/lib/ssl/os2_err.h b/security/nss/lib/ssl/os2_err.h
deleted file mode 100644
index 7f80c0177..000000000
--- a/security/nss/lib/ssl/os2_err.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * This code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* NSPR doesn't make these functions public, so we have to duplicate
-** them in NSS.
-*/
-
-//HCT Based on Win32err.h
-extern void nss_MD_os2_map_accept_error(PRInt32 err);
-extern void nss_MD_os2_map_acceptex_error(PRInt32 err);
-extern void nss_MD_os2_map_access_error(PRInt32 err);
-extern void nss_MD_os2_map_bind_error(PRInt32 err);
-extern void nss_MD_os2_map_close_error(PRInt32 err);
-extern void nss_MD_os2_map_closedir_error(PRInt32 err);
-extern void nss_MD_os2_map_connect_error(PRInt32 err);
-extern void nss_MD_os2_map_default_error(PRInt32 err);
-extern void nss_MD_os2_map_delete_error(PRInt32 err);
-extern void nss_MD_os2_map_fstat_error(PRInt32 err);
-extern void nss_MD_os2_map_fsync_error(PRInt32 err);
-extern void nss_MD_os2_map_gethostname_error(PRInt32 err);
-extern void nss_MD_os2_map_getpeername_error(PRInt32 err);
-extern void nss_MD_os2_map_getsockname_error(PRInt32 err);
-extern void nss_MD_os2_map_getsockopt_error(PRInt32 err);
-extern void nss_MD_os2_map_listen_error(PRInt32 err);
-extern void nss_MD_os2_map_lockf_error(PRInt32 err);
-extern void nss_MD_os2_map_lseek_error(PRInt32 err);
-extern void nss_MD_os2_map_mkdir_error(PRInt32 err);
-extern void nss_MD_os2_map_open_error(PRInt32 err);
-extern void nss_MD_os2_map_opendir_error(PRInt32 err);
-extern void nss_MD_os2_map_read_error(PRInt32 err);
-extern void nss_MD_os2_map_readdir_error(PRInt32 err);
-extern void nss_MD_os2_map_recv_error(PRInt32 err);
-extern void nss_MD_os2_map_recvfrom_error(PRInt32 err);
-extern void nss_MD_os2_map_rename_error(PRInt32 err);
-extern void nss_MD_os2_map_rmdir_error(PRInt32 err);
-extern void nss_MD_os2_map_select_error(PRInt32 err);
-extern void nss_MD_os2_map_send_error(PRInt32 err);
-extern void nss_MD_os2_map_sendto_error(PRInt32 err);
-extern void nss_MD_os2_map_setsockopt_error(PRInt32 err);
-extern void nss_MD_os2_map_shutdown_error(PRInt32 err);
-extern void nss_MD_os2_map_socket_error(PRInt32 err);
-extern void nss_MD_os2_map_stat_error(PRInt32 err);
-extern void nss_MD_os2_map_transmitfile_error(PRInt32 err);
-extern void nss_MD_os2_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/ssl/preenc.h b/security/nss/lib/ssl/preenc.h
deleted file mode 100644
index 3dfbe1e92..000000000
--- a/security/nss/lib/ssl/preenc.h
+++ /dev/null
@@ -1,161 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
-
-/*
- * Functions and types used by https servers to send (download) pre-encrypted
- * files over SSL connections that use Fortezza ciphersuites.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prio.h"
-
-typedef struct PEHeaderStr PEHeader;
-
-#define PE_MIME_TYPE "application/pre-encrypted"
-
-
-/*
- * unencrypted header. The 'top' half of this header is generic. The union
- * is type specific, and may include bulk cipher type information
- * (Fortezza supports only Fortezza Bulk encryption). Only fortezza
- * pre-encrypted is defined.
- */
-typedef struct PEFortezzaHeaderStr PEFortezzaHeader;
-typedef struct PEFortezzaGeneratedHeaderStr PEFortezzaGeneratedHeader;
-typedef struct PEFixedKeyHeaderStr PEFixedKeyHeader;
-typedef struct PERSAKeyHeaderStr PERSAKeyHeader;
-
-struct PEFortezzaHeaderStr {
- unsigned char key[12]; /* Ks wrapped MEK */
- unsigned char iv[24]; /* iv for this MEK */
- unsigned char hash[20]; /* SHA hash of file */
- unsigned char serial[8]; /* serial number of the card that owns
- * Ks */
-};
-
-struct PEFortezzaGeneratedHeaderStr {
- unsigned char key[12]; /* TEK wrapped MEK */
- unsigned char iv[24]; /* iv for this MEK */
- unsigned char hash[20]; /* SHA hash of file */
- unsigned char Ra[128]; /* RA to generate TEK */
- unsigned char Y[128]; /* Y to generate TEK */
-};
-
-struct PEFixedKeyHeaderStr {
- unsigned char pkcs11Mech[4]; /* Symetric key operation */
- unsigned char labelLen[2]; /* length of the token label */
- unsigned char keyIDLen[2]; /* length of the token Key ID */
- unsigned char ivLen[2]; /* length of IV */
- unsigned char keyLen[2]; /* length of key (DES3_ECB encrypted) */
- unsigned char data[1]; /* start of data */
-};
-
-struct PERSAKeyHeaderStr {
- unsigned char pkcs11Mech[4]; /* Symetric key operation */
- unsigned char issuerLen[2]; /* length of cert issuer */
- unsigned char serialLen[2]; /* length of the cert serial */
- unsigned char ivLen[2]; /* length of IV */
- unsigned char keyLen[2]; /* length of key (RSA encrypted) */
- unsigned char data[1]; /* start of data */
-};
-
-/* macros to get at the variable length data fields */
-#define PEFIXED_Label(header) (header->data)
-#define PEFIXED_KeyID(header) (&header->data[GetInt2(header->labelLen)])
-#define PEFIXED_IV(header) (&header->data[GetInt2(header->labelLen)\
- +GetInt2(header->keyIDLen)])
-#define PEFIXED_Key(header) (&header->data[GetInt2(header->labelLen)\
- +GetInt2(header->keyIDLen)+GetInt2(header->keyLen)])
-#define PERSA_Issuer(header) (header->data)
-#define PERSA_Serial(header) (&header->data[GetInt2(header->issuerLen)])
-#define PERSA_IV(header) (&header->data[GetInt2(header->issuerLen)\
- +GetInt2(header->serialLen)])
-#define PERSA_Key(header) (&header->data[GetInt2(header->issuerLen)\
- +GetInt2(header->serialLen)+GetInt2(header->keyLen)])
-struct PEHeaderStr {
- unsigned char magic [2]; /* always 0xC0DE */
- unsigned char len [2]; /* length of PEHeader */
- unsigned char type [2]; /* FORTEZZA, DIFFIE-HELMAN, RSA */
- unsigned char version[2]; /* version number: 1.0 */
- union {
- PEFortezzaHeader fortezza;
- PEFortezzaGeneratedHeader g_fortezza;
- PEFixedKeyHeader fixed;
- PERSAKeyHeader rsa;
- } u;
-};
-
-#define PE_CRYPT_INTRO_LEN 8
-#define PE_INTRO_LEN 4
-#define PE_BASE_HEADER_LEN 8
-
-#define PRE_BLOCK_SIZE 8 /* for decryption blocks */
-
-
-/*
- * Platform neutral encode/decode macros.
- */
-#define GetInt2(c) ((c[0] << 8) | c[1])
-#define GetInt4(c) (((unsigned long)c[0] << 24)|((unsigned long)c[1] << 16)\
- |((unsigned long)c[2] << 8)| ((unsigned long)c[3]))
-#define PutInt2(c,i) ((c[1] = (i) & 0xff), (c[0] = ((i) >> 8) & 0xff))
-#define PutInt4(c,i) ((c[0]=((i) >> 24) & 0xff),(c[1]=((i) >> 16) & 0xff),\
- (c[2] = ((i) >> 8) & 0xff), (c[3] = (i) & 0xff))
-
-/*
- * magic numbers.
- */
-#define PRE_MAGIC 0xc0de
-#define PRE_VERSION 0x1010
-#define PRE_FORTEZZA_FILE 0x00ff /* pre-encrypted file on disk */
-#define PRE_FORTEZZA_STREAM 0x00f5 /* pre-encrypted file in stream */
-#define PRE_FORTEZZA_GEN_STREAM 0x00f6 /* Generated pre-encrypted file */
-#define PRE_FIXED_FILE 0x000f /* fixed key on disk */
-#define PRE_RSA_FILE 0x001f /* RSA in file */
-#define PRE_FIXED_STREAM 0x0005 /* fixed key in stream */
-
-/*
- * internal implementation info
- */
-
-
-/* convert an existing stream header to a version with local parameters */
-PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *,
- int *headerSize);
-
-/* convert an existing file header to one suitable for streaming out */
-PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *,
- int *headerSize);
-
diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c
deleted file mode 100644
index 1c7351a39..000000000
--- a/security/nss/lib/ssl/prelib.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
-
-/*
- * Functions used by https servers to send (download) pre-encrypted files
- * over SSL connections that use Fortezza ciphersuites.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "keyhi.h"
-#include "secitem.h"
-#include "sslimpl.h"
-#include "pkcs11t.h"
-#include "preenc.h"
-#include "pk11func.h"
-
-static unsigned char fromHex(char x) {
- if ((x >= '0') && (x <= '9')) return x-'0';
- if ((x >= 'a') && (x <= 'f')) return x-'a'+10;
- return x-'A'+10;
-}
-
-PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
- int *headerSize)
-{
- PK11SymKey *key, *tek, *Ks;
- sslSocket *ss;
- PK11SlotInfo *slot;
- CK_TOKEN_INFO info;
- int oldHeaderSize;
- PEHeader *header;
- SECStatus rv;
- SECItem item;
- int i;
-
- if (fd == NULL) {
- /* XXX set an error */
- return NULL;
- }
-
- ss = ssl_FindSocket(fd);
- if (ss == NULL) {
- return NULL;
- }
-
- PORT_Assert(ss->ssl3 != NULL);
- if (ss->ssl3 == NULL) {
- return NULL;
- }
-
- if (GetInt2(inHeader->magic) != PRE_MAGIC) {
- return NULL;
- }
-
- oldHeaderSize = GetInt2(inHeader->len);
- header = (PEHeader *) PORT_ZAlloc(oldHeaderSize);
- if (header == NULL) {
- return NULL;
- }
-
- switch (GetInt2(inHeader->type)) {
- case PRE_FORTEZZA_FILE:
- case PRE_FORTEZZA_GEN_STREAM:
- case PRE_FIXED_FILE:
- case PRE_RSA_FILE:
- default:
- *headerSize = oldHeaderSize;
- PORT_Memcpy(header,inHeader,oldHeaderSize);
- return header;
-
- case PRE_FORTEZZA_STREAM:
- *headerSize = PE_BASE_HEADER_LEN + sizeof(PEFortezzaHeader);
- PutInt2(header->magic,PRE_MAGIC);
- PutInt2(header->len,*headerSize);
- PutInt2(header->type, PRE_FORTEZZA_FILE);
- PORT_Memcpy(header->version,inHeader->version,sizeof(header->version));
- PORT_Memcpy(header->u.fortezza.hash,inHeader->u.fortezza.hash,
- sizeof(header->u.fortezza.hash));
- PORT_Memcpy(header->u.fortezza.iv,inHeader->u.fortezza.iv,
- sizeof(header->u.fortezza.iv));
-
- /* get the kea context from the session */
- tek = ss->ssl3->fortezza.tek;
- if (tek == NULL) {
- PORT_Free(header);
- return NULL;
- }
-
-
- /* get the slot and the serial number */
- slot = PK11_GetSlotFromKey(tek);
- if (slot == NULL) {
- PORT_Free(header);
- return NULL;
- }
- rv = PK11_GetTokenInfo(slot,&info);
- if (rv != SECSuccess) {
- PORT_Free(header);
- PK11_FreeSlot(slot);
- return NULL;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- PORT_Free(header);
- return NULL;
- }
-
- /* unwrap the key with the TEK */
- item.data = inHeader->u.fortezza.key;
- item.len = sizeof(inHeader->u.fortezza.key);
- key = PK11_UnwrapSymKey(tek,CKM_SKIPJACK_WRAP,
- NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (key == NULL) {
- PORT_Free(header);
- PK11_FreeSymKey(Ks);
- return NULL;
- }
-
- /* rewrap with the local Ks */
- item.data = header->u.fortezza.key;
- item.len = sizeof(header->u.fortezza.key);
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks, key, &item);
- PK11_FreeSymKey(Ks);
- PK11_FreeSymKey(key);
- if (rv != SECSuccess) {
- PORT_Free(header);
- return NULL;
- }
-
- /* copy our local serial number into header */
- for (i=0; i < sizeof(header->u.fortezza.serial); i++) {
- header->u.fortezza.serial[i] =
- (fromHex(info.serialNumber[i*2]) << 4) |
- fromHex(info.serialNumber[i*2 + 1]);
- }
- break;
- case PRE_FIXED_STREAM:
- /* not implemented yet */
- PORT_Free(header);
- return NULL;
- }
-
- return(header);
-}
-
-/*
- * this one needs to allocate space and work for RSA & FIXED key files as well
- */
-PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
- int *headerSize)
-{
- PK11SymKey *key, *tek, *Ks;
- sslSocket *ss;
- PK11SlotInfo *slot;
- SECStatus rv;
- SECItem item;
-
- *headerSize = 0; /* hack */
-
- if (fd == NULL) {
- /* XXX set an error */
- return NULL;
- }
-
- ss = ssl_FindSocket(fd);
- if (ss == NULL) {
- return NULL;
- }
-
- PORT_Assert(ss->ssl3 != NULL);
- if (ss->ssl3 == NULL) {
- return NULL;
- }
-
- /* get the kea context from the session */
- tek = ss->ssl3->fortezza.tek;
- if (tek == NULL) {
- return NULL;
- }
-
- slot = PK11_GetSlotFromKey(tek);
- if (slot == NULL) return NULL;
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, PK11_GetWindow(tek));
- PK11_FreeSlot(slot);
- if (Ks == NULL) return NULL;
-
-
- /* unwrap with the local Ks */
- item.data = header->u.fortezza.key;
- item.len = sizeof(header->u.fortezza.key);
- /* rewrap the key with the TEK */
- key = PK11_UnwrapSymKey(Ks,CKM_SKIPJACK_WRAP,
- NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (key == NULL) {
- PK11_FreeSymKey(Ks);
- return NULL;
- }
-
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, key, &item);
- PK11_FreeSymKey(Ks);
- PK11_FreeSymKey(key);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- /* copy over our local serial number */
- PORT_Memset(header->u.fortezza.serial,0,sizeof(header->u.fortezza.serial));
-
- /* change type to stream */
- PutInt2(header->type, PRE_FORTEZZA_STREAM);
-
- return(header);
-}
-
-
diff --git a/security/nss/lib/ssl/ssl.def b/security/nss/lib/ssl/ssl.def
deleted file mode 100644
index 33083caea..000000000
--- a/security/nss/lib/ssl/ssl.def
+++ /dev/null
@@ -1,123 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+
-;+NSS_3.2 { # NSS 3.2 release
-;+ global:
-LIBRARY ssl3 ;-
-EXPORTS ;-
-SSL_ImplementedCiphers DATA ;
-SSL_NumImplementedCiphers DATA ;
-NSS_CmpCertChainWCANames;
-NSS_FindCertKEAType;
-NSS_GetClientAuthData;
-NSS_SetDomesticPolicy;
-NSS_SetExportPolicy;
-NSS_SetFrancePolicy;
-SSL_AuthCertificate;
-SSL_AuthCertificateHook;
-SSL_BadCertHook;
-SSL_CertDBHandleSet;
-SSL_CipherPolicyGet;
-SSL_CipherPolicySet;
-SSL_CipherPrefGet;
-SSL_CipherPrefGetDefault;
-SSL_CipherPrefSet;
-SSL_CipherPrefSetDefault;
-SSL_ClearSessionCache;
-SSL_ConfigMPServerSIDCache;
-SSL_ConfigSecureServer;
-SSL_ConfigServerSessionIDCache;
-SSL_DataPending;
-SSL_ForceHandshake;
-SSL_GetClientAuthDataHook;
-SSL_GetSessionID;
-SSL_GetStatistics;
-SSL_HandshakeCallback;
-SSL_ImportFD;
-SSL_InheritMPServerSIDCache;
-SSL_InvalidateSession;
-SSL_OptionGet;
-SSL_OptionGetDefault;
-SSL_OptionSet;
-SSL_OptionSetDefault;
-SSL_PeerCertificate;
-SSL_PreencryptedFileToStream;
-SSL_PreencryptedStreamToFile;
-SSL_ReHandshake;
-SSL_ResetHandshake;
-SSL_RestartHandshakeAfterCertReq;
-SSL_RestartHandshakeAfterServerCert;
-SSL_RevealCert;
-SSL_RevealPinArg;
-SSL_RevealURL;
-SSL_SecurityStatus;
-SSL_SetPKCS11PinArg;
-SSL_SetSockPeerID;
-SSL_SetURL;
-;+ local:
-;+*;
-;+};
-;+NSS_3.2.1 { # NSS 3.2.1 release
-;+ global:
-NSSSSL_VersionCheck;
-;+ local:
-;+*;
-;+};
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-SSL_GetChannelInfo;
-SSL_GetCipherSuiteInfo;
-SSL_GetMaxServerCacheLocks;
-SSL_LocalCertificate;
-SSL_SetMaxServerCacheLocks;
-;+ local:
-;+*;
-;+};
-;+NSS_3.7.4 { # NSS 3.7.4 release
-;+ global:
-SSL_ShutdownServerSessionIDCache;
-;+ local:
-;+*;
-;+};
diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h
deleted file mode 100644
index cbc5dcc6d..000000000
--- a/security/nss/lib/ssl/ssl.h
+++ /dev/null
@@ -1,456 +0,0 @@
-/*
- * This file contains prototypes for the public SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __ssl_h_
-#define __ssl_h_
-
-#include "prtypes.h"
-#include "prerror.h"
-#include "prio.h"
-#include "seccomon.h"
-#include "cert.h"
-#include "keyt.h"
-
-#include "sslt.h" /* public ssl data types */
-
-#if defined(_WIN32) && !defined(IN_LIBSSL) && !defined(NSS_USE_STATIC_LIBS)
-#define SSL_IMPORT extern __declspec(dllimport)
-#else
-#define SSL_IMPORT extern
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* constant table enumerating all implemented SSL 2 and 3 cipher suites. */
-SSL_IMPORT const PRUint16 SSL_ImplementedCiphers[];
-
-/* number of entries in the above table. */
-SSL_IMPORT const PRUint16 SSL_NumImplementedCiphers;
-
-/* Macro to tell which ciphers in table are SSL2 vs SSL3/TLS. */
-#define SSL_IS_SSL2_CIPHER(which) (((which) & 0xfff0) == 0xff00)
-
-/*
-** Imports fd into SSL, returning a new socket. Copies SSL configuration
-** from model.
-*/
-SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
-
-/*
-** Enable/disable an ssl mode
-**
-** SSL_SECURITY:
-** enable/disable use of SSL security protocol before connect
-**
-** SSL_SOCKS:
-** enable/disable use of socks before connect
-** (No longer supported).
-**
-** SSL_REQUEST_CERTIFICATE:
-** require a certificate during secure connect
-*/
-/* options */
-#define SSL_SECURITY 1 /* (on by default) */
-#define SSL_SOCKS 2 /* (off by default) */
-#define SSL_REQUEST_CERTIFICATE 3 /* (off by default) */
-#define SSL_HANDSHAKE_AS_CLIENT 5 /* force accept to hs as client */
- /* (off by default) */
-#define SSL_HANDSHAKE_AS_SERVER 6 /* force connect to hs as server */
- /* (off by default) */
-#define SSL_ENABLE_SSL2 7 /* enable ssl v2 (on by default) */
-#define SSL_ENABLE_SSL3 8 /* enable ssl v3 (on by default) */
-#define SSL_NO_CACHE 9 /* don't use the session cache */
- /* (off by default) */
-#define SSL_REQUIRE_CERTIFICATE 10 /* (SSL_REQUIRE_FIRST_HANDSHAKE */
- /* by default) */
-#define SSL_ENABLE_FDX 11 /* permit simultaneous read/write */
- /* (off by default) */
-#define SSL_V2_COMPATIBLE_HELLO 12 /* send v3 client hello in v2 fmt */
- /* (on by default) */
-#define SSL_ENABLE_TLS 13 /* enable TLS (on by default) */
-#define SSL_ROLLBACK_DETECTION 14 /* for compatibility, default: on */
-
-#ifdef SSL_DEPRECATED_FUNCTION
-/* Old deprecated function names */
-SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
-SSL_IMPORT SECStatus SSL_EnableDefault(int option, PRBool on);
-#endif
-
-/* New function names */
-SSL_IMPORT SECStatus SSL_OptionSet(PRFileDesc *fd, PRInt32 option, PRBool on);
-SSL_IMPORT SECStatus SSL_OptionGet(PRFileDesc *fd, PRInt32 option, PRBool *on);
-SSL_IMPORT SECStatus SSL_OptionSetDefault(PRInt32 option, PRBool on);
-SSL_IMPORT SECStatus SSL_OptionGetDefault(PRInt32 option, PRBool *on);
-SSL_IMPORT SECStatus SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle);
-
-/*
-** Control ciphers that SSL uses. If on is non-zero then the named cipher
-** is enabled, otherwise it is disabled.
-** The "cipher" values are defined in sslproto.h (the SSL_EN_* values).
-** EnableCipher records user preferences.
-** SetPolicy sets the policy according to the policy module.
-*/
-#ifdef SSL_DEPRECATED_FUNCTION
-/* Old deprecated function names */
-SSL_IMPORT SECStatus SSL_EnableCipher(long which, PRBool enabled);
-SSL_IMPORT SECStatus SSL_SetPolicy(long which, int policy);
-#endif
-
-/* New function names */
-SSL_IMPORT SECStatus SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 cipher, PRBool enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 cipher, PRBool *enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefSetDefault(PRInt32 cipher, PRBool enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 cipher, PRBool *enabled);
-SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
-SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
-
-/* Values for "policy" argument to SSL_PolicySet */
-/* Values returned by SSL_CipherPolicyGet. */
-#define SSL_NOT_ALLOWED 0 /* or invalid or unimplemented */
-#define SSL_ALLOWED 1
-#define SSL_RESTRICTED 2 /* only with "Step-Up" certs. */
-
-/* Values for "on" with SSL_REQUIRE_CERTIFICATE. */
-#define SSL_REQUIRE_NEVER ((PRBool)0)
-#define SSL_REQUIRE_ALWAYS ((PRBool)1)
-#define SSL_REQUIRE_FIRST_HANDSHAKE ((PRBool)2)
-#define SSL_REQUIRE_NO_ERROR ((PRBool)3)
-
-/*
-** Reset the handshake state for fd. This will make the complete SSL
-** handshake protocol execute from the ground up on the next i/o
-** operation.
-*/
-SSL_IMPORT SECStatus SSL_ResetHandshake(PRFileDesc *fd, PRBool asServer);
-
-/*
-** Force the handshake for fd to complete immediately. This blocks until
-** the complete SSL handshake protocol is finished.
-*/
-SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd);
-
-/*
-** Query security status of socket. *on is set to one if security is
-** enabled. *keySize will contain the stream key size used. *issuer will
-** contain the RFC1485 verison of the name of the issuer of the
-** certificate at the other end of the connection. For a client, this is
-** the issuer of the server's certificate; for a server, this is the
-** issuer of the client's certificate (if any). Subject is the subject of
-** the other end's certificate. The pointers can be zero if the desired
-** data is not needed. All strings returned by this function are owned
-** by SSL, and will be freed when the socket is closed.
-*/
-SSL_IMPORT SECStatus SSL_SecurityStatus(PRFileDesc *fd, int *on, char **cipher,
- int *keySize, int *secretKeySize,
- char **issuer, char **subject);
-
-/* Values for "on" */
-#define SSL_SECURITY_STATUS_NOOPT -1
-#define SSL_SECURITY_STATUS_OFF 0
-#define SSL_SECURITY_STATUS_ON_HIGH 1
-#define SSL_SECURITY_STATUS_ON_LOW 2
-#define SSL_SECURITY_STATUS_FORTEZZA 3
-
-/*
-** Return the certificate for our SSL peer. If the client calls this
-** it will always return the server's certificate. If the server calls
-** this, it may return NULL if client authentication is not enabled or
-** if the client had no certificate when asked.
-** "fd" the socket "file" descriptor
-*/
-SSL_IMPORT CERTCertificate *SSL_PeerCertificate(PRFileDesc *fd);
-
-/*
-** Authenticate certificate hook. Called when a certificate comes in
-** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the
-** certificate.
-*/
-typedef SECStatus (PR_CALLBACK *SSLAuthCertificate)(void *arg, PRFileDesc *fd,
- PRBool checkSig,
- PRBool isServer);
-
-SSL_IMPORT SECStatus SSL_AuthCertificateHook(PRFileDesc *fd,
- SSLAuthCertificate f,
- void *arg);
-
-/* An implementation of the certificate authentication hook */
-SSL_IMPORT SECStatus SSL_AuthCertificate(void *arg, PRFileDesc *fd,
- PRBool checkSig, PRBool isServer);
-
-/*
- * Prototype for SSL callback to get client auth data from the application.
- * arg - application passed argument
- * caNames - pointer to distinguished names of CAs that the server likes
- * pRetCert - pointer to pointer to cert, for return of cert
- * pRetKey - pointer to key pointer, for return of key
- */
-typedef SECStatus (PR_CALLBACK *SSLGetClientAuthData)(void *arg,
- PRFileDesc *fd,
- CERTDistNames *caNames,
- CERTCertificate **pRetCert,/*return */
- SECKEYPrivateKey **pRetKey);/* return */
-
-/*
- * Set the client side callback for SSL to retrieve user's private key
- * and certificate.
- * fd - the file descriptor for the connection in question
- * f - the application's callback that delivers the key and cert
- * a - application specific data
- */
-SSL_IMPORT SECStatus SSL_GetClientAuthDataHook(PRFileDesc *fd,
- SSLGetClientAuthData f, void *a);
-
-
-/*
- * Set the client side argument for SSL to retrieve PKCS #11 pin.
- * fd - the file descriptor for the connection in question
- * a - pkcs11 application specific data
- */
-SSL_IMPORT SECStatus SSL_SetPKCS11PinArg(PRFileDesc *fd, void *a);
-
-/*
-** This is a callback for dealing with server certs that are not authenticated
-** by the client. The client app can decide that it actually likes the
-** cert by some external means and restart the connection.
-*/
-typedef SECStatus (PR_CALLBACK *SSLBadCertHandler)(void *arg, PRFileDesc *fd);
-SSL_IMPORT SECStatus SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f,
- void *arg);
-
-/*
-** Configure ssl for running a secure server. Needs the
-** certificate for the server and the servers private key. The arguments
-** are copied.
-*/
-SSL_IMPORT SECStatus SSL_ConfigSecureServer(
- PRFileDesc *fd, CERTCertificate *cert,
- SECKEYPrivateKey *key, SSLKEAType kea);
-
-/*
-** Configure a secure servers session-id cache. Define the maximum number
-** of entries in the cache, the longevity of the entires, and the directory
-** where the cache files will be placed. These values can be zero, and
-** if so, the implementation will choose defaults.
-** This version of the function is for use in applications that have only one
-** process that uses the cache (even if that process has multiple threads).
-*/
-SSL_IMPORT SECStatus SSL_ConfigServerSessionIDCache(int maxCacheEntries,
- PRUint32 timeout,
- PRUint32 ssl3_timeout,
- const char * directory);
-/*
-** Like SSL_ConfigServerSessionIDCache, with one important difference.
-** If the application will run multiple processes (as opposed to, or in
-** addition to multiple threads), then it must call this function, instead
-** of calling SSL_ConfigServerSessionIDCache().
-** This has nothing to do with the number of processORs, only processEs.
-** This function sets up a Server Session ID (SID) cache that is safe for
-** access by multiple processes on the same system.
-*/
-SSL_IMPORT SECStatus SSL_ConfigMPServerSIDCache(int maxCacheEntries,
- PRUint32 timeout,
- PRUint32 ssl3_timeout,
- const char * directory);
-
-/* Get and set the configured maximum number of mutexes used for the
-** server's store of SSL sessions. This value is used by the server
-** session ID cache initialization functions shown above. Note that on
-** some platforms, these mutexes are actually implemented with POSIX
-** semaphores, or with unnamed pipes. The default value varies by platform.
-** An attempt to set a too-low maximum will return an error and the
-** configured value will not be changed.
-*/
-SSL_IMPORT PRUint32 SSL_GetMaxServerCacheLocks(void);
-SSL_IMPORT SECStatus SSL_SetMaxServerCacheLocks(PRUint32 maxLocks);
-
-/* environment variable set by SSL_ConfigMPServerSIDCache, and queried by
- * SSL_InheritMPServerSIDCache when envString is NULL.
- */
-#define SSL_ENV_VAR_NAME "SSL_INHERITANCE"
-
-/* called in child to inherit SID Cache variables.
- * If envString is NULL, this function will use the value of the environment
- * variable "SSL_INHERITANCE", otherwise the string value passed in will be
- * used.
- */
-SSL_IMPORT SECStatus SSL_InheritMPServerSIDCache(const char * envString);
-
-/*
-** Set the callback on a particular socket that gets called when we finish
-** performing a handshake.
-*/
-typedef void (PR_CALLBACK *SSLHandshakeCallback)(PRFileDesc *fd,
- void *client_data);
-SSL_IMPORT SECStatus SSL_HandshakeCallback(PRFileDesc *fd,
- SSLHandshakeCallback cb, void *client_data);
-
-/*
-** For the server, request a new handshake. For the client, begin a new
-** handshake. If flushCache is non-zero, the SSL3 cache entry will be
-** flushed first, ensuring that a full SSL handshake will be done.
-** If flushCache is zero, and an SSL connection is established, it will
-** do the much faster session restart handshake. This will change the
-** session keys without doing another private key operation.
-*/
-SSL_IMPORT SECStatus SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache);
-
-#ifdef SSL_DEPRECATED_FUNCTION
-/* deprecated!
-** For the server, request a new handshake. For the client, begin a new
-** handshake. Flushes SSL3 session cache entry first, ensuring that a
-** full handshake will be done.
-** This call is equivalent to SSL_ReHandshake(fd, PR_TRUE)
-*/
-SSL_IMPORT SECStatus SSL_RedoHandshake(PRFileDesc *fd);
-#endif
-
-/*
- * Allow the application to pass a URL or hostname into the SSL library
- */
-SSL_IMPORT SECStatus SSL_SetURL(PRFileDesc *fd, const char *url);
-
-/*
-** Return the number of bytes that SSL has waiting in internal buffers.
-** Return 0 if security is not enabled.
-*/
-SSL_IMPORT int SSL_DataPending(PRFileDesc *fd);
-
-/*
-** Invalidate the SSL session associated with fd.
-*/
-SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd);
-
-/*
-** Return a SECItem containing the SSL session ID associated with the fd.
-*/
-SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd);
-
-/*
-** Clear out the client's SSL session cache, not the server's session cache.
-*/
-SSL_IMPORT void SSL_ClearSessionCache(void);
-
-/*
-** Close the server's SSL session cache.
-*/
-SSL_IMPORT SECStatus SSL_ShutdownServerSessionIDCache(void);
-
-/*
-** Set peer information so we can correctly look up SSL session later.
-** You only have to do this if you're tunneling through a proxy.
-*/
-SSL_IMPORT SECStatus SSL_SetSockPeerID(PRFileDesc *fd, char *peerID);
-
-/*
-** Reveal the security information for the peer.
-*/
-SSL_IMPORT CERTCertificate * SSL_RevealCert(PRFileDesc * socket);
-SSL_IMPORT void * SSL_RevealPinArg(PRFileDesc * socket);
-SSL_IMPORT char * SSL_RevealURL(PRFileDesc * socket);
-
-
-/* This callback may be passed to the SSL library via a call to
- * SSL_GetClientAuthDataHook() for each SSL client socket.
- * It will be invoked when SSL needs to know what certificate and private key
- * (if any) to use to respond to a request for client authentication.
- * If arg is non-NULL, it is a pointer to a NULL-terminated string containing
- * the nickname of the cert/key pair to use.
- * If arg is NULL, this function will search the cert and key databases for
- * a suitable match and send it if one is found.
- */
-SSL_IMPORT SECStatus
-NSS_GetClientAuthData(void * arg,
- PRFileDesc * socket,
- struct CERTDistNamesStr * caNames,
- struct CERTCertificateStr ** pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/*
- * Look to see if any of the signers in the cert chain for "cert" are found
- * in the list of caNames.
- * Returns SECSuccess if so, SECFailure if not.
- * Used by NSS_GetClientAuthData. May be used by other callback functions.
- */
-SSL_IMPORT SECStatus NSS_CmpCertChainWCANames(CERTCertificate *cert,
- CERTDistNames *caNames);
-
-/*
- * Returns key exchange type of the keys in an SSL server certificate.
- */
-SSL_IMPORT SSLKEAType NSS_FindCertKEAType(CERTCertificate * cert);
-
-/* Set cipher policies to a predefined Domestic (U.S.A.) policy.
- * This essentially enables all supported ciphers.
- */
-SSL_IMPORT SECStatus NSS_SetDomesticPolicy(void);
-
-/* Set cipher policies to a predefined Policy that is exportable from the USA
- * according to present U.S. policies as we understand them.
- * See documentation for the list.
- * Note that your particular application program may be able to obtain
- * an export license with more or fewer capabilities than those allowed
- * by this function. In that case, you should use SSL_SetPolicy()
- * to explicitly allow those ciphers you may legally export.
- */
-SSL_IMPORT SECStatus NSS_SetExportPolicy(void);
-
-/* Set cipher policies to a predefined Policy that is exportable from the USA
- * according to present U.S. policies as we understand them, and that the
- * nation of France will permit to be imported into their country.
- * See documentation for the list.
- */
-SSL_IMPORT SECStatus NSS_SetFrancePolicy(void);
-
-SSL_IMPORT SSL3Statistics * SSL_GetStatistics(void);
-
-/* Report more information than SSL_SecurityStatus.
-** Caller supplies the info struct. Function fills it in.
-*/
-SSL_IMPORT SECStatus SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info,
- PRUintn len);
-SSL_IMPORT SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite,
- SSLCipherSuiteInfo *info, PRUintn len);
-
-/*
-** Return a new reference to the certificate that was most recently sent
-** to the peer on this SSL/TLS connection, or NULL if none has been sent.
-*/
-SSL_IMPORT CERTCertificate * SSL_LocalCertificate(PRFileDesc *fd);
-
-SEC_END_PROTOS
-
-#endif /* __ssl_h_ */
diff --git a/security/nss/lib/ssl/ssl.rc b/security/nss/lib/ssl/ssl.rc
deleted file mode 100644
index 864c94f94..000000000
--- a/security/nss/lib/ssl/ssl.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "ssl"
-#define MY_FILEDESCRIPTION "NSS SSL Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
deleted file mode 100644
index 8d3106a9c..000000000
--- a/security/nss/lib/ssl/ssl3con.c
+++ /dev/null
@@ -1,8856 +0,0 @@
-/*
- * SSL3 Protocol
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "ssl.h"
-#include "cryptohi.h" /* for DSAU_ stuff */
-#include "keyhi.h"
-#include "secder.h"
-#include "secitem.h"
-
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "sslerr.h"
-#include "prtime.h"
-#include "prinrval.h"
-#include "prerror.h"
-#include "pratom.h"
-#include "prthread.h"
-
-#include "pk11func.h"
-#include "secmod.h"
-#include "nsslocks.h"
-#include "ec.h"
-
-#include <stdio.h>
-
-#ifndef PK11_SETATTRS
-#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
- (x)->pValue=(v); (x)->ulValueLen = (l);
-#endif
-
-static void ssl3_CleanupPeerCerts(ssl3State *ssl3);
-static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
- PK11SlotInfo * serverKeySlot);
-static SECStatus ssl3_GenerateSessionKeys(sslSocket *ss, const PK11SymKey *pms);
-static SECStatus ssl3_HandshakeFailure( sslSocket *ss);
-static SECStatus ssl3_InitState( sslSocket *ss);
-static sslSessionID *ssl3_NewSessionID( sslSocket *ss, PRBool is_server);
-static SECStatus ssl3_SendCertificate( sslSocket *ss);
-static SECStatus ssl3_SendEmptyCertificate( sslSocket *ss);
-static SECStatus ssl3_SendCertificateRequest(sslSocket *ss);
-static SECStatus ssl3_SendFinished( sslSocket *ss, PRInt32 flags);
-static SECStatus ssl3_SendServerHello( sslSocket *ss);
-static SECStatus ssl3_SendServerHelloDone( sslSocket *ss);
-static SECStatus ssl3_SendServerKeyExchange( sslSocket *ss);
-
-static SECStatus Null_Cipher(void *ctx, unsigned char *output, int *outputLen,
- int maxOutputLen, const unsigned char *input,
- int inputLen);
-
-#define MAX_SEND_BUF_LENGTH 32000 /* watch for 16-bit integer overflow */
-#define MIN_SEND_BUF_LENGTH 4000
-
-#define MAX_CIPHER_SUITES 20
-
-/* This list of SSL3 cipher suites is sorted in descending order of
- * precedence (desirability). It only includes cipher suites we implement.
- * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites
- * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c)
- */
-static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
- /* cipher_suite policy enabled is_present*/
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
- { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
- { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
- { SSL_RSA_WITH_RC4_128_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
- { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
- { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDH_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
- { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDH_RSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
- { SSL_RSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_WITH_NULL_MD5, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
-};
-
-static const /*SSL3CompressionMethod*/ uint8 compressions [] = {
- compression_null
-};
-
-static const int compressionMethodsCount =
- sizeof(compressions) / sizeof(compressions[0]);
-
-static const /*SSL3ClientCertificateType */ uint8 certificate_types [] = {
- ct_RSA_sign,
- ct_DSS_sign,
-};
-
-static const /*SSL3ClientCertificateType */ uint8 fortezza_certificate_types [] = {
- ct_Fortezza,
-};
-
-/*
- * make sure there is room in the write buffer for padding and
- * other compression and cryptographic expansions
- */
-#define SSL3_BUFFER_FUDGE 100
-
-#define SET_ERROR_CODE /* reminder */
-#define SEND_ALERT /* reminder */
-#define TEST_FOR_FAILURE /* reminder */
-#define DEAL_WITH_FAILURE /* reminder */
-
-#define EXPORT_RSA_KEY_LENGTH 64 /* bytes */
-
-
-/* This is a hack to make sure we don't do double handshakes for US policy */
-PRBool ssl3_global_policy_some_restricted = PR_FALSE;
-
-/* This global item is used only in servers. It is is initialized by
-** SSL_ConfigSecureServer(), and is used in ssl3_SendCertificateRequest().
-*/
-CERTDistNames *ssl3_server_ca_list = NULL;
-static SSL3Statistics ssl3stats;
-
-/* indexed by SSL3BulkCipher */
-static const ssl3BulkCipherDef bulk_cipher_defs[] = {
- /* cipher calg keySz secretSz type ivSz BlkSz keygen */
- {cipher_null, calg_null, 0, 0, type_stream, 0, 0, kg_null},
- {cipher_rc4, calg_rc4, 16, 16, type_stream, 0, 0, kg_strong},
- {cipher_rc4_40, calg_rc4, 16, 5, type_stream, 0, 0, kg_export},
- {cipher_rc4_56, calg_rc4, 16, 7, type_stream, 0, 0, kg_export},
- {cipher_rc2, calg_rc2, 16, 16, type_block, 8, 8, kg_strong},
- {cipher_rc2_40, calg_rc2, 16, 5, type_block, 8, 8, kg_export},
- {cipher_des, calg_des, 8, 8, type_block, 8, 8, kg_strong},
- {cipher_3des, calg_3des, 24, 24, type_block, 8, 8, kg_strong},
- {cipher_des40, calg_des, 8, 5, type_block, 8, 8, kg_export},
- {cipher_idea, calg_idea, 16, 16, type_block, 8, 8, kg_strong},
- {cipher_fortezza, calg_fortezza, 10, 10, type_block, 24, 8, kg_null},
- {cipher_aes_128, calg_aes, 16, 16, type_block, 16,16, kg_strong},
- {cipher_aes_256, calg_aes, 32, 32, type_block, 16,16, kg_strong},
- {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, kg_null},
-};
-
-static const ssl3KEADef kea_defs[] = { /* indexed by SSL3KeyExchangeAlgorithm */
- /* kea exchKeyType signKeyType is_limited limit tls_keygen */
- {kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE},
- {kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE},
- {kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE},
- {kea_dh_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE},
- {kea_dh_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE},
- {kea_dh_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_dh_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE},
- {kea_dhe_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE},
- {kea_dhe_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE},
- {kea_dhe_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_dhe_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE},
- {kea_dh_anon, kt_dh, sign_null, PR_FALSE, 0, PR_FALSE},
- {kea_dh_anon_export, kt_dh, sign_null, PR_TRUE, 512, PR_FALSE},
- {kea_fortezza, kt_fortezza, sign_dsa, PR_FALSE, 0, PR_FALSE},
- {kea_rsa_fips, kt_rsa, sign_rsa, PR_FALSE, 0, PR_TRUE },
-#ifdef NSS_ENABLE_ECC
- {kea_ecdh_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE},
- {kea_ecdhe_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE},
- {kea_ecdh_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_ecdhe_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE},
-#endif /* NSS_ENABLE_ECC */
-};
-
-/* must use ssl_LookupCipherSuiteDef to access */
-static const ssl3CipherSuiteDef cipher_suite_defs[] = {
-/* cipher_suite bulk_cipher_alg mac_alg key_exchange_alg */
-
- {SSL_NULL_WITH_NULL_NULL, cipher_null, mac_null, kea_null},
- {SSL_RSA_WITH_NULL_MD5, cipher_null, mac_md5, kea_rsa},
- {SSL_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_rsa},
- {SSL_RSA_EXPORT_WITH_RC4_40_MD5,cipher_rc4_40, mac_md5, kea_rsa_export},
- {SSL_RSA_WITH_RC4_128_MD5, cipher_rc4, mac_md5, kea_rsa},
- {SSL_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_rsa},
- {SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
- cipher_rc2_40, mac_md5, kea_rsa_export},
-#if 0 /* not implemented */
- {SSL_RSA_WITH_IDEA_CBC_SHA, cipher_idea, mac_sha, kea_rsa},
- {SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_rsa_export},
-#endif
- {SSL_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa},
- {SSL_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa},
- {SSL_DHE_DSS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_dss},
- {SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
- cipher_3des, mac_sha, kea_dhe_dss},
- {TLS_DHE_DSS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_dhe_dss},
-#if 0 /* not implemented */
- {SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_dss_export},
- {SSL_DH_DSS_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_dss},
- {SSL_DH_DSS_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_dss},
- {SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_rsa_export},
- {SSL_DH_RSA_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_rsa},
- {SSL_DH_RSA_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_rsa},
- {SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_dss_export},
- {SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_rsa_export},
-#endif
- {SSL_DHE_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_rsa},
- {SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
- cipher_3des, mac_sha, kea_dhe_rsa},
-#if 0
- {SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4_40, mac_md5, kea_dh_anon_export},
- {SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4, mac_md5, kea_dh_anon_export},
- {SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_anon_export},
- {SSL_DH_ANON_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_anon},
- {SSL_DH_ANON_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_anon},
-#endif
-
- {SSL_FORTEZZA_DMS_WITH_NULL_SHA, cipher_null, mac_sha, kea_fortezza},
- {SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
- cipher_fortezza, mac_sha, kea_fortezza},
- {SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_fortezza},
-
-/* New TLS cipher suites */
- {TLS_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_rsa},
- {TLS_DHE_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_dss},
- {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_rsa},
- {TLS_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_rsa},
- {TLS_DHE_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_dss},
- {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_rsa},
-#if 0
- {TLS_DH_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_dss},
- {TLS_DH_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_rsa},
- {TLS_DH_ANON_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_anon},
- {TLS_DH_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_dss},
- {TLS_DH_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_rsa},
- {TLS_DH_ANON_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_anon},
-#endif
-
- {TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- cipher_des, mac_sha,kea_rsa_export_1024},
- {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
- cipher_rc4_56, mac_sha,kea_rsa_export_1024},
-
- {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips},
- {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa_fips},
-
-#ifdef NSS_ENABLE_ECC
- /* Experimental TLS cipher suites using Elliptic Curves */
- {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa},
- {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa},
- {TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_ecdh_ecdsa},
- {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa},
- {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_ecdsa},
- {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_ecdsa},
-
- {TLS_ECDH_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_rsa},
- {TLS_ECDH_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_rsa},
- {TLS_ECDH_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_ecdh_rsa},
- {TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_rsa},
- {TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_rsa},
- {TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_rsa},
-
- {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdhe_ecdsa},
-
- {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdhe_rsa},
-#endif /* NSS_ENABLE_ECC */
-};
-
-static const CK_MECHANISM_TYPE kea_alg_defs[] = {
- 0x80000000L,
- CKM_RSA_PKCS,
- CKM_DH_PKCS_DERIVE,
- CKM_KEA_KEY_DERIVE,
- CKM_ECDH1_DERIVE
-};
-
-typedef struct SSLCipher2MechStr {
- SSLCipherAlgorithm calg;
- CK_MECHANISM_TYPE cmech;
-} SSLCipher2Mech;
-
-static const SSLCipher2Mech alg2Mech[] = {
- { calg_null , (CK_MECHANISM_TYPE)0x80000000L },
- { calg_rc4 , CKM_RC4 },
- { calg_rc2 , CKM_RC2_CBC },
- { calg_des , CKM_DES_CBC },
- { calg_3des , CKM_DES3_CBC },
- { calg_idea , CKM_IDEA_CBC },
- { calg_fortezza , CKM_SKIPJACK_CBC64 },
- { calg_aes , CKM_AES_CBC },
-/* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */
-};
-
-#define mmech_null (CK_MECHANISM_TYPE)0x80000000L
-#define mmech_md5 CKM_SSL3_MD5_MAC
-#define mmech_sha CKM_SSL3_SHA1_MAC
-#define mmech_md5_hmac CKM_MD5_HMAC
-#define mmech_sha_hmac CKM_SHA_1_HMAC
-
-static const ssl3MACDef mac_defs[] = { /* indexed by SSL3MACAlgorithm */
- /* mac mmech pad_size mac_size */
- { mac_null, mmech_null, 0, 0 },
- { mac_md5, mmech_md5, 48, MD5_LENGTH },
- { mac_sha, mmech_sha, 40, SHA1_LENGTH},
- {hmac_md5, mmech_md5_hmac, 48, MD5_LENGTH },
- {hmac_sha, mmech_sha_hmac, 40, SHA1_LENGTH},
-};
-
-/* indexed by SSL3BulkCipher */
-const char * const ssl3_cipherName[] = {
- "NULL",
- "RC4",
- "RC4-40",
- "RC4-56",
- "RC2-CBC",
- "RC2-CBC-40",
- "DES-CBC",
- "3DES-EDE-CBC",
- "DES-CBC-40",
- "IDEA-CBC",
- "FORTEZZA",
- "AES-128",
- "AES-256",
- "missing"
-};
-
-#ifdef NSS_ENABLE_ECC
-/* Types and names of elliptic curves used in TLS */
-typedef enum { ec_type_explicitPrime = 1,
- ec_type_explicitChar2Curve,
- ec_type_named
-} ECType;
-
-typedef enum { ec_noName = 0,
- ec_sect163k1, ec_sect163r1, ec_sect163r2,
- ec_sect193r1, ec_sect193r2, ec_sect233k1,
- ec_sect233r1, ec_sect239k1, ec_sect283k1,
- ec_sect283r1, ec_sect409k1, ec_sect409r1,
- ec_sect571k1, ec_sect571r1, ec_secp160k1,
- ec_secp160r1, ec_secp160r2, ec_secp192k1,
- ec_secp192r1, ec_secp224k1, ec_secp224r1,
- ec_secp256k1, ec_secp256r1, ec_secp384r1,
- ec_secp521r1,
- ec_pastLastName
-} ECName;
-
-#define supportedCurve(x) (((x) > ec_noName) && ((x) < ec_pastLastName))
-
-/* Table containing OID tags for elliptic curves named in the
- * ECC-TLS IETF draft.
- */
-static const SECOidTag ecName2OIDTag[] = {
- 0,
- SEC_OID_SECG_EC_SECT163K1, /* 1 */
- SEC_OID_SECG_EC_SECT163R1, /* 2 */
- SEC_OID_SECG_EC_SECT163R2, /* 3 */
- SEC_OID_SECG_EC_SECT193R1, /* 4 */
- SEC_OID_SECG_EC_SECT193R2, /* 5 */
- SEC_OID_SECG_EC_SECT233K1, /* 6 */
- SEC_OID_SECG_EC_SECT233R1, /* 7 */
- SEC_OID_SECG_EC_SECT239K1, /* 8 */
- SEC_OID_SECG_EC_SECT283K1, /* 9 */
- SEC_OID_SECG_EC_SECT283R1, /* 10 */
- SEC_OID_SECG_EC_SECT409K1, /* 11 */
- SEC_OID_SECG_EC_SECT409R1, /* 12 */
- SEC_OID_SECG_EC_SECT571K1, /* 13 */
- SEC_OID_SECG_EC_SECT571R1, /* 14 */
- SEC_OID_SECG_EC_SECP160K1, /* 15 */
- SEC_OID_SECG_EC_SECP160R1, /* 16 */
- SEC_OID_SECG_EC_SECP160R2, /* 17 */
- SEC_OID_SECG_EC_SECP192K1, /* 18 */
- SEC_OID_SECG_EC_SECP192R1, /* 19 */
- SEC_OID_SECG_EC_SECP224K1, /* 20 */
- SEC_OID_SECG_EC_SECP224R1, /* 21 */
- SEC_OID_SECG_EC_SECP256K1, /* 22 */
- SEC_OID_SECG_EC_SECP256R1, /* 23 */
- SEC_OID_SECG_EC_SECP384R1, /* 24 */
- SEC_OID_SECG_EC_SECP521R1, /* 25 */
-};
-
-static SECStatus
-ecName2params(PRArenaPool * arena, ECName curve, SECKEYECParams * params)
-{
- SECOidData *oidData = NULL;
-
- if ((curve <= ec_noName) || (curve >= ec_pastLastName) ||
- ((oidData = SECOID_FindOIDByTag(ecName2OIDTag[curve])) == NULL)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
- return SECFailure;
- }
-
- SECITEM_AllocItem(arena, params, (2 + oidData->oid.len));
- /*
- * params->data needs to contain the ASN encoding of an object ID (OID)
- * representing the named curve. The actual OID is in
- * oidData->oid.data so we simply prepend 0x06 and OID length
- */
- params->data[0] = SEC_ASN1_OBJECT_ID;
- params->data[1] = oidData->oid.len;
- memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);
-
- return SECSuccess;
-}
-
-static ECName
-params2ecName(SECKEYECParams * params)
-{
- SECItem oid = { siBuffer, NULL, 0};
- SECOidData *oidData = NULL;
- ECName i;
-
- /*
- * params->data needs to contain the ASN encoding of an object ID (OID)
- * representing a named curve. Here, we strip away everything
- * before the actual OID and use the OID to look up a named curve.
- */
- if (params->data[0] != SEC_ASN1_OBJECT_ID) return ec_noName;
- oid.len = params->len - 2;
- oid.data = params->data + 2;
- if ((oidData = SECOID_FindOID(&oid)) == NULL) return ec_noName;
- for (i = ec_noName + 1; i < ec_pastLastName; i++) {
- if (ecName2OIDTag[i] == oidData->offset)
- return i;
- }
-
- return ec_noName;
-}
-#endif /* NSS_ENABLE_ECC */
-
-#if defined(TRACE)
-
-static char *
-ssl3_DecodeHandshakeType(int msgType)
-{
- char * rv;
- static char line[40];
-
- switch(msgType) {
- case hello_request: rv = "hello_request (0)"; break;
- case client_hello: rv = "client_hello (1)"; break;
- case server_hello: rv = "server_hello (2)"; break;
- case certificate: rv = "certificate (11)"; break;
- case server_key_exchange: rv = "server_key_exchange (12)"; break;
- case certificate_request: rv = "certificate_request (13)"; break;
- case server_hello_done: rv = "server_hello_done (14)"; break;
- case certificate_verify: rv = "certificate_verify (15)"; break;
- case client_key_exchange: rv = "client_key_exchange (16)"; break;
- case finished: rv = "finished (20)"; break;
- default:
- sprintf(line, "*UNKNOWN* handshake type! (%d)", msgType);
- rv = line;
- }
- return rv;
-}
-
-static char *
-ssl3_DecodeContentType(int msgType)
-{
- char * rv;
- static char line[40];
-
- switch(msgType) {
- case content_change_cipher_spec:
- rv = "change_cipher_spec (20)"; break;
- case content_alert: rv = "alert (21)"; break;
- case content_handshake: rv = "handshake (22)"; break;
- case content_application_data:
- rv = "application_data (23)"; break;
- default:
- sprintf(line, "*UNKNOWN* record type! (%d)", msgType);
- rv = line;
- }
- return rv;
-}
-
-#endif
-
-SSL3Statistics *
-SSL_GetStatistics(void)
-{
- return &ssl3stats;
-}
-
-/* return pointer to ssl3CipherSuiteDef for suite, or NULL */
-/* XXX This does a linear search. A binary search would be better. */
-static const ssl3CipherSuiteDef *
-ssl_LookupCipherSuiteDef(ssl3CipherSuite suite)
-{
- int cipher_suite_def_len =
- sizeof(cipher_suite_defs) / sizeof(cipher_suite_defs[0]);
- int i;
-
- for (i = 0; i < cipher_suite_def_len; i++) {
- if (cipher_suite_defs[i].cipher_suite == suite)
- return &cipher_suite_defs[i];
- }
- PORT_Assert(PR_FALSE); /* We should never get here. */
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return NULL;
-}
-
-/* Find the cipher configuration struct associate with suite */
-/* XXX This does a linear search. A binary search would be better. */
-static ssl3CipherSuiteCfg *
-ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, ssl3CipherSuiteCfg *suites)
-{
- int i;
-
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- if (suites[i].cipher_suite == suite)
- return &suites[i];
- }
- /* return NULL and let the caller handle it. */
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return NULL;
-}
-
-
-/* Initialize the suite->isPresent value for config_match
- * Returns count of enabled ciphers supported by extant tokens,
- * regardless of policy or user preference.
- * If this returns zero, the user cannot do SSL v3.
- */
-int
-ssl3_config_match_init(sslSocket *ss)
-{
- ssl3CipherSuiteCfg * suite;
- const ssl3CipherSuiteDef *cipher_def;
- SSLCipherAlgorithm cipher_alg;
- CK_MECHANISM_TYPE cipher_mech;
- SSL3KEAType exchKeyType;
- int i;
- int numPresent = 0;
- int numEnabled = 0;
- PRBool isServer;
- sslServerCerts *svrAuth;
-
- if (!ss->enableSSL3 && !ss->enableTLS) {
- return 0;
- }
- isServer = (PRBool)( ss && ss->sec.isServer );
-
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- suite = &ss->cipherSuites[i];
- if (suite->enabled) {
- ++numEnabled;
- /* We need the cipher defs to see if we have a token that can handle
- * this cipher. It isn't part of the static definition.
- */
- cipher_def = ssl_LookupCipherSuiteDef(suite->cipher_suite);
- if (!cipher_def) {
- suite->isPresent = PR_FALSE;
- continue;
- }
- cipher_alg=bulk_cipher_defs[cipher_def->bulk_cipher_alg ].calg;
- PORT_Assert( alg2Mech[cipher_alg].calg == cipher_alg);
- cipher_mech = alg2Mech[cipher_alg].cmech;
- exchKeyType =
- kea_defs[cipher_def->key_exchange_alg].exchKeyType;
-#ifndef NSS_ENABLE_ECC
- svrAuth = ss->serverCerts + exchKeyType;
-#else
- /* XXX SSLKEAType isn't really a good choice for
- * indexing certificates. It doesn't work for
- * (EC)DHE-* ciphers. Here we use a hack to ensure
- * that the server uses an RSA cert for (EC)DHE-RSA.
- */
- switch (cipher_def->key_exchange_alg) {
- case kea_ecdhe_rsa:
- case kea_dhe_rsa:
- svrAuth = ss->serverCerts + kt_rsa;
- break;
- default:
- svrAuth = ss->serverCerts + exchKeyType;
- break;
- }
-#endif /* NSS_ENABLE_ECC */
-
- /* Mark the suites that are backed by real tokens, certs and keys */
- suite->isPresent = (PRBool)
- (((exchKeyType == kt_null) ||
- ((!isServer || (svrAuth->serverKey &&
- svrAuth->serverCertChain)) &&
- PK11_TokenExists(kea_alg_defs[exchKeyType]))) &&
- ((cipher_alg == calg_null) || PK11_TokenExists(cipher_mech)));
- if (suite->isPresent)
- ++numPresent;
- }
- }
- PORT_Assert(numPresent > 0 || numEnabled == 0);
- if (numPresent <= 0) {
- PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);
- }
- return numPresent;
-}
-
-
-/* return PR_TRUE if suite matches policy and enabled state */
-/* It would be a REALLY BAD THING (tm) if we ever permitted the use
-** of a cipher that was NOT_ALLOWED. So, if this is ever called with
-** policy == SSL_NOT_ALLOWED, report no match.
-*/
-/* adjust suite enabled to the availability of a token that can do the
- * cipher suite. */
-static PRBool
-config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled)
-{
- PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE);
- if (policy == SSL_NOT_ALLOWED || !enabled)
- return PR_FALSE;
- return (PRBool)(suite->enabled &&
- suite->isPresent &&
- suite->policy != SSL_NOT_ALLOWED &&
- suite->policy <= policy);
-}
-
-/* return number of cipher suites that match policy and enabled state */
-/* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */
-static int
-count_cipher_suites(sslSocket *ss, int policy, PRBool enabled)
-{
- int i, count = 0;
-
- if (!ss->enableSSL3 && !ss->enableTLS) {
- return 0;
- }
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- if (config_match(&ss->cipherSuites[i], policy, enabled))
- count++;
- }
- if (count <= 0) {
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- }
- return count;
-}
-
-static PRBool
-anyRestrictedEnabled(sslSocket *ss)
-{
- int i;
-
- if (!ss->enableSSL3 && !ss->enableTLS) {
- return PR_FALSE;
- }
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (suite->policy == SSL_RESTRICTED &&
- suite->enabled &&
- suite->isPresent)
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/*
- * Null compression, mac and encryption functions
- */
-
-static SECStatus
-Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
- const unsigned char *input, int inputLen)
-{
- *outputLen = inputLen;
- if (input != output)
- PORT_Memcpy(output, input, inputLen);
- return SECSuccess;
-}
-
-
-/*
- * SSL3 Utility functions
- */
-
-SECStatus
-ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion)
-{
- SSL3ProtocolVersion version;
- SSL3ProtocolVersion maxVersion;
-
- if (ss->enableTLS) {
- maxVersion = SSL_LIBRARY_VERSION_3_1_TLS;
- } else if (ss->enableSSL3) {
- maxVersion = SSL_LIBRARY_VERSION_3_0;
- } else {
- /* what are we doing here? */
- PORT_Assert(ss->enableSSL3 || ss->enableTLS);
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- return SECFailure;
- }
-
- ss->version = version = PR_MIN(maxVersion, peerVersion);
-
- if ((version == SSL_LIBRARY_VERSION_3_1_TLS && ss->enableTLS) ||
- (version == SSL_LIBRARY_VERSION_3_0 && ss->enableSSL3)) {
- return SECSuccess;
- }
-
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
-
-}
-
-static SECStatus
-ssl3_GetNewRandom(SSL3Random *random)
-{
- PRIntervalTime gmt = PR_IntervalToSeconds(PR_IntervalNow());
- SECStatus rv;
-
- random->rand[0] = (unsigned char)(gmt >> 24);
- random->rand[1] = (unsigned char)(gmt >> 16);
- random->rand[2] = (unsigned char)(gmt >> 8);
- random->rand[3] = (unsigned char)(gmt);
-
- /* first 4 bytes are reserverd for time */
- rv = PK11_GenerateRandom(&random->rand[4], SSL3_RANDOM_LENGTH - 4);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
- }
- return rv;
-}
-
-static SECStatus
-ssl3_SignHashes(SSL3Hashes *hash, SECKEYPrivateKey *key, SECItem *buf,
- PRBool isTLS)
-{
- SECStatus rv = SECFailure;
- PRBool doDerEncode = PR_FALSE;
- int signatureLen;
- SECItem hashItem;
-
- buf->data = NULL;
- signatureLen = PK11_SignatureLen(key);
- if (signatureLen <= 0) {
- PORT_SetError(SEC_ERROR_INVALID_KEY);
- goto done;
- }
-
- buf->len = (unsigned)signatureLen;
- buf->data = (unsigned char *)PORT_Alloc(signatureLen + 1);
- if (!buf->data)
- goto done; /* error code was set. */
-
- switch (key->keyType) {
- case rsaKey:
- hashItem.data = hash->md5;
- hashItem.len = sizeof(SSL3Hashes);
- break;
- case dsaKey:
- case fortezzaKey:
- doDerEncode = isTLS;
- hashItem.data = hash->sha;
- hashItem.len = sizeof(hash->sha);
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_KEY);
- goto done;
- }
- PRINT_BUF(60, (NULL, "hash(es) to be signed", hashItem.data, hashItem.len));
-
- rv = PK11_Sign(key, buf, &hashItem);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
- } else if (doDerEncode) {
- SECItem derSig = {siBuffer, NULL, 0};
-
- rv = DSAU_EncodeDerSig(&derSig, buf);
- if (rv == SECSuccess) {
- PORT_Free(buf->data); /* discard unencoded signature. */
- *buf = derSig; /* give caller encoded signature. */
- } else if (derSig.data) {
- PORT_Free(derSig.data);
- }
- }
-
- PRINT_BUF(60, (NULL, "signed hashes", (unsigned char*)buf->data, buf->len));
-done:
- if (rv != SECSuccess && buf->data) {
- PORT_Free(buf->data);
- buf->data = NULL;
- }
- return rv;
-}
-
-
-static SECStatus
-ssl3_VerifySignedHashes(SSL3Hashes *hash, CERTCertificate *cert,
- SECItem *buf, PRBool isTLS, void *pwArg)
-{
- SECKEYPublicKey * key;
- SECItem * signature = NULL;
- SECStatus rv;
- SECItem hashItem;
-#ifdef NSS_ENABLE_ECC
- int len;
-#endif /* NSS_ENABLE_ECC */
-
-
- PRINT_BUF(60, (NULL, "check signed hashes",
- buf->data, buf->len));
-
- key = CERT_ExtractPublicKey(cert);
- if (key == NULL) {
- /* CERT_ExtractPublicKey doesn't set error code */
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- return SECFailure;
- }
-
- switch (key->keyType) {
- case rsaKey:
- hashItem.data = hash->md5;
- hashItem.len = sizeof(SSL3Hashes);
- break;
- case dsaKey:
- case fortezzaKey:
- hashItem.data = hash->sha;
- hashItem.len = sizeof(hash->sha);
- if (isTLS) {
- signature = DSAU_DecodeDerSig(buf);
- if (!signature) {
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- return SECFailure;
- }
- buf = signature;
- }
- break;
-
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- hashItem.data = hash->sha;
- hashItem.len = sizeof(hash->sha);
- /*
- * ECDSA signatures always encode the integers r and s
- * using ASN (unlike DSA where ASN encoding is used
- * with TLS but not with SSL3)
- */
- len = SECKEY_PublicKeyStrength(key) * 2;
- if (len == 0) {
- SECKEY_DestroyPublicKey(key);
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
- return SECFailure;
- }
- signature = SECITEM_AllocItem(NULL, NULL, len);
- /* XXX Use a better decoder */
- if ((buf->len < len + 6) ||
- (buf->data[0] != 0x30) || /* must start with a SEQUENCE */
- (buf->data[1] != buf->len - 2) ||
- (buf->data[2] != 0x02) || /* 1st INTEGER, r */
- (buf->data[3] < len/2) ||
- (buf->data[4 + buf->data[3]] != 0x02) || /* 2nd INTEGER, s */
- (buf->data[5 + buf->data[3]] < len/2)) {
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- SECITEM_FreeItem(signature, PR_TRUE);
- return SECFailure;
- }
-
- PORT_Memcpy(signature->data,
- buf->data + 4 + (buf->data[3]-len/2), len/2);
- PORT_Memcpy(signature->data + len/2,
- buf->data + buf->len - len/2, len/2);
- buf = signature;
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- SECKEY_DestroyPublicKey(key);
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
- }
-
- PRINT_BUF(60, (NULL, "hash(es) to be verified",
- hashItem.data, hashItem.len));
-
- rv = PK11_Verify(key, buf, &hashItem, pwArg);
- SECKEY_DestroyPublicKey(key);
- if (signature) {
- SECITEM_FreeItem(signature, PR_TRUE);
- }
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- }
- return rv;
-}
-
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeExportRSAKeyHash(SECItem modulus, SECItem publicExponent,
- SSL3Random *client_rand, SSL3Random *server_rand,
- SSL3Hashes *hashes)
-{
- PK11Context * md5 = NULL;
- PK11Context * sha = NULL;
- PRUint8 * hashBuf;
- PRUint8 * pBuf;
- SECStatus rv = SECSuccess;
- unsigned int outLen;
- unsigned int bufLen;
- PRUint8 buf[2*SSL3_RANDOM_LENGTH + 2 + 4096/8 + 2 + 4096/8];
-
- bufLen = 2*SSL3_RANDOM_LENGTH + 2 + modulus.len + 2 + publicExponent.len;
- if (bufLen <= sizeof buf) {
- hashBuf = buf;
- } else {
- hashBuf = PORT_Alloc(bufLen);
- if (!hashBuf) {
- return SECFailure;
- }
- }
-
- md5 = PK11_CreateDigestContext(SEC_OID_MD5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
- sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
-
- memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH);
- pBuf = hashBuf + SSL3_RANDOM_LENGTH;
- memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
- pBuf += SSL3_RANDOM_LENGTH;
- pBuf[0] = (PRUint8)(modulus.len >> 8);
- pBuf[1] = (PRUint8)(modulus.len);
- pBuf += 2;
- memcpy(pBuf, modulus.data, modulus.len);
- pBuf += modulus.len;
- pBuf[0] = (PRUint8)(publicExponent.len >> 8);
- pBuf[1] = (PRUint8)(publicExponent.len);
- pBuf += 2;
- memcpy(pBuf, publicExponent.data, publicExponent.len);
- pBuf += publicExponent.len;
- PORT_Assert((unsigned int)(pBuf - hashBuf) == bufLen);
-
- rv = PK11_DigestBegin(md5);
- rv |= PK11_DigestOp(md5, hashBuf, bufLen);
- rv |= PK11_DigestFinal(md5, hashes->md5, &outLen, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- rv = PK11_DigestBegin(sha);
- rv |= PK11_DigestOp(sha, hashBuf, bufLen);
- rv |= PK11_DigestFinal(sha, hashes->sha, &outLen, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- PRINT_BUF(95, (NULL, "RSAkey hash: ", hashBuf, bufLen));
- PRINT_BUF(95, (NULL, "RSAkey hash: MD5 result", hashes->md5, MD5_LENGTH));
- PRINT_BUF(95, (NULL, "RSAkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
- if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
- if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
- if (hashBuf != buf && hashBuf != NULL)
- PORT_Free(hashBuf);
- return rv;
-}
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeDHKeyHash(SECItem dh_p, SECItem dh_g, SECItem dh_Ys,
- SSL3Random *client_rand, SSL3Random *server_rand,
- SSL3Hashes *hashes)
-{
- PK11Context * md5 = NULL;
- PK11Context * sha = NULL;
- PRUint8 * hashBuf;
- PRUint8 * pBuf;
- SECStatus rv = SECSuccess;
- unsigned int outLen;
- unsigned int bufLen;
- PRUint8 buf[2*SSL3_RANDOM_LENGTH + 2 + 4096/8 + 2 + 4096/8];
-
- bufLen = 2*SSL3_RANDOM_LENGTH + 2 + dh_p.len + 2 + dh_g.len + 2 + dh_Ys.len;
- if (bufLen <= sizeof buf) {
- hashBuf = buf;
- } else {
- hashBuf = PORT_Alloc(bufLen);
- if (!hashBuf) {
- return SECFailure;
- }
- }
-
- md5 = PK11_CreateDigestContext(SEC_OID_MD5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
- sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
-
- memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH);
- pBuf = hashBuf + SSL3_RANDOM_LENGTH;
- memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
- pBuf += SSL3_RANDOM_LENGTH;
- pBuf[0] = (PRUint8)(dh_p.len >> 8);
- pBuf[1] = (PRUint8)(dh_p.len);
- pBuf += 2;
- memcpy(pBuf, dh_p.data, dh_p.len);
- pBuf += dh_p.len;
- pBuf[0] = (PRUint8)(dh_g.len >> 8);
- pBuf[1] = (PRUint8)(dh_g.len);
- pBuf += 2;
- memcpy(pBuf, dh_g.data, dh_g.len);
- pBuf += dh_g.len;
- pBuf[0] = (PRUint8)(dh_Ys.len >> 8);
- pBuf[1] = (PRUint8)(dh_Ys.len);
- pBuf += 2;
- memcpy(pBuf, dh_Ys.data, dh_Ys.len);
- pBuf += dh_Ys.len;
- PORT_Assert((unsigned int)(pBuf - hashBuf) == bufLen);
-
- rv = PK11_DigestBegin(md5);
- rv |= PK11_DigestOp(md5, hashBuf, bufLen);
- rv |= PK11_DigestFinal(md5, hashes->md5, &outLen, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- rv = PK11_DigestBegin(sha);
- rv |= PK11_DigestOp(sha, hashBuf, bufLen);
- rv |= PK11_DigestFinal(sha, hashes->sha, &outLen, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- PRINT_BUF(95, (NULL, "DHkey hash: ", hashBuf, bufLen));
- PRINT_BUF(95, (NULL, "DHkey hash: MD5 result", hashes->md5, MD5_LENGTH));
- PRINT_BUF(95, (NULL, "DHkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
- if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
- if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
- if (hashBuf != buf && hashBuf != NULL)
- PORT_Free(hashBuf);
- return rv;
-}
-
-#ifdef NSS_ENABLE_ECC
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeECDHKeyHash(SECItem ec_params, SECItem server_ecpoint,
- SSL3Random *client_rand, SSL3Random *server_rand,
- SSL3Hashes *hashes)
-{
- PRUint8 * hashBuf;
- PRUint8 * pBuf;
- SECStatus rv = SECSuccess;
- unsigned int bufLen;
- /*
- * XXX For now, we only support named curves (the appropriate
- * checks are made before this method is called) so ec_params
- * takes up only two bytes. ECPoint needs to fit in 256 bytes
- * (because the spec says the length must fit in one byte)
- */
- PRUint8 buf[2*SSL3_RANDOM_LENGTH + 2 + 1 + 256];
-
- bufLen = 2*SSL3_RANDOM_LENGTH + ec_params.len + 1 + server_ecpoint.len;
- if (bufLen <= sizeof buf) {
- hashBuf = buf;
- } else {
- hashBuf = PORT_Alloc(bufLen);
- if (!hashBuf) {
- return SECFailure;
- }
- }
-
- memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH);
- pBuf = hashBuf + SSL3_RANDOM_LENGTH;
- memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
- pBuf += SSL3_RANDOM_LENGTH;
- memcpy(pBuf, ec_params.data, ec_params.len);
- pBuf += ec_params.len;
- pBuf[0] = (PRUint8)(server_ecpoint.len);
- pBuf += 1;
- memcpy(pBuf, server_ecpoint.data, server_ecpoint.len);
- pBuf += server_ecpoint.len;
- PORT_Assert((unsigned int)(pBuf - hashBuf) == bufLen);
-
- rv = PK11_HashBuf(SEC_OID_MD5, hashes->md5, hashBuf, bufLen);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- rv = PK11_HashBuf(SEC_OID_SHA1, hashes->sha, hashBuf, bufLen);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- PRINT_BUF(95, (NULL, "ECDHkey hash: ", hashBuf, bufLen));
- PRINT_BUF(95, (NULL, "ECDHkey hash: MD5 result", hashes->md5, MD5_LENGTH));
- PRINT_BUF(95, (NULL, "ECDHkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
- if (hashBuf != buf && hashBuf != NULL)
- PORT_Free(hashBuf);
- return rv;
-}
-#endif /* NSS_ENABLE_ECC */
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeFortezzaPublicKeyHash(SECItem publicValue, unsigned char * hash)
-{
- PK11Context *sha = NULL;
- SECStatus rv = SECFailure;
- unsigned int outLen;
-
- sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- return rv; /* Caller must set hiLevel error code. */
- }
-
- rv = PK11_DigestBegin(sha);
- rv |= PK11_DigestOp(sha, (unsigned char *)publicValue.data, publicValue.len);
- rv |= PK11_DigestFinal(sha, hash, &outLen, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
- if (rv != SECSuccess)
- rv = SECFailure;
- PK11_DestroyContext(sha, PR_TRUE);
-
- return rv;
-}
-
-
-static void
-ssl3_BumpSequenceNumber(SSL3SequenceNumber *num)
-{
- num->low++;
- if (num->low == 0)
- num->high++;
-}
-
-/* Called only from ssl3_DestroyCipherSpec (immediately below). */
-static void
-ssl3_CleanupKeyMaterial(ssl3KeyMaterial *mat)
-{
- if (mat->write_key != NULL) {
- PK11_FreeSymKey(mat->write_key);
- mat->write_key = NULL;
- }
- if (mat->write_mac_key != NULL) {
- PK11_FreeSymKey(mat->write_mac_key);
- mat->write_mac_key = NULL;
- }
- if (mat->write_mac_context != NULL) {
- PK11_DestroyContext(mat->write_mac_context, PR_TRUE);
- mat->write_mac_context = NULL;
- }
-}
-
-/* Called from ssl3_SendChangeCipherSpecs() and ssl3_HandleChangeCipherSpecs()
-** Caller must hold SpecWriteLock.
-*/
-static void
-ssl3_DestroyCipherSpec(ssl3CipherSpec *spec)
-{
-
-/* PORT_Assert( ssl_HaveSpecWriteLock(ss)); Don't have ss! */
-
- if (spec->destroy) {
- spec->destroy(spec->encodeContext,PR_TRUE);
- spec->destroy(spec->decodeContext,PR_TRUE);
- spec->encodeContext = NULL; /* paranoia */
- spec->decodeContext = NULL;
- }
- if (spec->master_secret != NULL) {
- PK11_FreeSymKey(spec->master_secret);
- spec->master_secret = NULL;
- }
- ssl3_CleanupKeyMaterial(&spec->client);
- ssl3_CleanupKeyMaterial(&spec->server);
- spec->destroy=NULL;
-}
-
-/* Called from ssl3_HandleServerHello(), ssl3_SendServerHello()
-** Caller must hold the ssl3 handshake lock.
-** Acquires & releases SpecWriteLock.
-*/
-static SECStatus
-ssl3_SetupPendingCipherSpec(sslSocket *ss, ssl3State *ssl3)
-{
- ssl3CipherSpec * pwSpec;
- ssl3CipherSpec * cwSpec;
- ssl3CipherSuite suite = ssl3->hs.cipher_suite;
- SSL3MACAlgorithm mac;
- SSL3BulkCipher cipher;
- SSL3KeyExchangeAlgorithm kea;
- const ssl3CipherSuiteDef *suite_def;
- PRBool isTLS;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- ssl_GetSpecWriteLock(ss); /*******************************/
-
- pwSpec = ssl3->pwSpec;
- PORT_Assert(pwSpec == ssl3->prSpec);
-
- /* This hack provides maximal interoperability with SSL 3 servers. */
- cwSpec = ss->ssl3->cwSpec;
- if (cwSpec->mac_def->mac == mac_null) {
- /* SSL records are not being MACed. */
- cwSpec->version = ss->version;
- }
-
- pwSpec->version = ss->version;
- isTLS = (PRBool)(pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- SSL_TRC(3, ("%d: SSL3[%d]: Set XXX Pending Cipher Suite to 0x%04x",
- SSL_GETPID(), ss->fd, suite));
-
- suite_def = ssl_LookupCipherSuiteDef(suite);
- if (suite_def == NULL) {
- ssl_ReleaseSpecWriteLock(ss);
- return SECFailure; /* error code set by ssl_LookupCipherSuiteDef */
- }
-
-
- cipher = suite_def->bulk_cipher_alg;
- kea = suite_def->key_exchange_alg;
- mac = suite_def->mac_alg;
- if (isTLS)
- mac += 2;
-
- ssl3->hs.suite_def = suite_def;
- ssl3->hs.kea_def = &kea_defs[kea];
- PORT_Assert(ssl3->hs.kea_def->kea == kea);
-
- pwSpec->cipher_def = &bulk_cipher_defs[cipher];
- PORT_Assert(pwSpec->cipher_def->cipher == cipher);
-
- pwSpec->mac_def = &mac_defs[mac];
- PORT_Assert(pwSpec->mac_def->mac == mac);
-
-
- ss->sec.keyBits = pwSpec->cipher_def->key_size * BPB;
- ss->sec.secretKeyBits = pwSpec->cipher_def->secret_key_size * BPB;
- ss->sec.cipherType = cipher;
-
- pwSpec->encodeContext = NULL;
- pwSpec->decodeContext = NULL;
-
- pwSpec->mac_size = pwSpec->mac_def->mac_size;
-
- ssl_ReleaseSpecWriteLock(ss); /*******************************/
- return SECSuccess;
-}
-
-/*
- * Called from: ssl3_SendClientKeyExchange (for Full handshake)
- * ssl3_HandleClientKeyExchange (for Full handshake)
- * ssl3_HandleServerHello (for session restart)
- * ssl3_HandleClientHello (for session restart)
- * Sets error code, but caller probably should override to disambiguate.
- * NULL pms means re-use old master_secret.
- */
-static SECStatus
-ssl3_InitPendingCipherSpec(sslSocket *ss, PK11SymKey *pms)
-{
- ssl3CipherSpec * pwSpec;
-const ssl3BulkCipherDef *cipher_def;
- PK11Context * serverContext = NULL;
- PK11Context * clientContext = NULL;
- SECItem * param;
- CK_ULONG macLength;
- SSLCipherAlgorithm calg;
- SECStatus rv;
- CK_MECHANISM_TYPE mechanism;
- CK_MECHANISM_TYPE mac_mech;
- SECItem iv;
- SECItem mac_param;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- ssl_GetSpecWriteLock(ss); /**************************************/
-
- PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-
- pwSpec = ss->ssl3->pwSpec;
- cipher_def = pwSpec->cipher_def;
- macLength = pwSpec->mac_size;
-
- /* generate session keys from pms (if pms is not NULL) or ms */
- rv = ssl3_GenerateSessionKeys(ss, pms);
- if (rv != SECSuccess) {
- goto bail_out; /* err code set by ssl3_GenerateSessionKeys */
- }
-
- pwSpec->client.write_mac_context = NULL;
- pwSpec->server.write_mac_context = NULL;
-
- mac_param.data = (unsigned char *)&macLength;
- mac_param.len = sizeof(macLength);
- mac_param.type = 0;
- mac_mech = pwSpec->mac_def->mmech;
-
- if (cipher_def->calg == calg_null) {
- pwSpec->encode = Null_Cipher;
- pwSpec->decode = Null_Cipher;
- pwSpec->destroy = NULL;
- pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech, CKA_SIGN, pwSpec->client.write_mac_key, &mac_param);
- if (pwSpec->client.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
- pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech, CKA_SIGN, pwSpec->server.write_mac_key, &mac_param);
- if (pwSpec->server.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
- goto success;
- }
-
- calg = cipher_def->calg;
- PORT_Assert(alg2Mech[calg].calg == calg);
- mechanism = alg2Mech[calg].cmech;
-
- /*
- * build the server context
- */
- iv.data = pwSpec->server.write_iv;
- iv.len = cipher_def->iv_size;
- param = PK11_ParamFromIV(mechanism, &iv);
- if (param == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
- goto fail;
- }
- serverContext = PK11_CreateContextBySymKey(mechanism,
- (ss->sec.isServer ? CKA_ENCRYPT : CKA_DECRYPT),
- pwSpec->server.write_key, param);
- iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
- if (iv.data)
- PORT_Memcpy(pwSpec->server.write_iv, iv.data, iv.len);
- SECITEM_FreeItem(param, PR_TRUE);
- if (serverContext == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
-
- /*
- * build the client context
- */
- iv.data = pwSpec->client.write_iv;
- iv.len = cipher_def->iv_size;
- param = PK11_ParamFromIV(mechanism, &iv);
- if (param == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
- goto fail;
- }
- clientContext = PK11_CreateContextBySymKey(mechanism,
- (ss->sec.isServer ? CKA_DECRYPT : CKA_ENCRYPT),
- pwSpec->client.write_key, param);
- iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
- if (iv.data)
- PORT_Memcpy(pwSpec->client.write_iv, iv.data, iv.len);
- SECITEM_FreeItem(param,PR_TRUE);
- if (clientContext == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
-
- pwSpec->encodeContext = (ss->sec.isServer) ? serverContext : clientContext;
- pwSpec->decodeContext = (ss->sec.isServer) ? clientContext : serverContext;
- pwSpec->encode = (SSLCipher) PK11_CipherOp;
- pwSpec->decode = (SSLCipher) PK11_CipherOp;
- pwSpec->destroy = (SSLDestroy) PK11_DestroyContext;
-
- serverContext = NULL;
- clientContext = NULL;
-
- pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech,CKA_SIGN, pwSpec->client.write_mac_key,&mac_param);
- if (pwSpec->client.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
- pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech, CKA_SIGN, pwSpec->server.write_mac_key,&mac_param);
- if (pwSpec->server.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
-success:
- ssl_ReleaseSpecWriteLock(ss); /******************************/
- return SECSuccess;
-
-fail:
- if (serverContext != NULL) PK11_DestroyContext(serverContext, PR_TRUE);
- if (clientContext != NULL) PK11_DestroyContext(clientContext, PR_TRUE);
- if (pwSpec->client.write_mac_context != NULL) {
- PK11_DestroyContext(pwSpec->client.write_mac_context,PR_TRUE);
- pwSpec->client.write_mac_context = NULL;
- }
- if (pwSpec->server.write_mac_context != NULL) {
- PK11_DestroyContext(pwSpec->server.write_mac_context,PR_TRUE);
- pwSpec->server.write_mac_context = NULL;
- }
-bail_out:
- ssl_ReleaseSpecWriteLock(ss);
- return SECFailure;
-}
-
-/*
- * 60 bytes is 3 times the maximum length MAC size that is supported.
- */
-static const unsigned char mac_pad_1 [60] = {
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36
-};
-static const unsigned char mac_pad_2 [60] = {
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c
-};
-
-/* Called from: ssl3_SendRecord()
-** ssl3_HandleRecord()
-** Caller must already hold the SpecReadLock. (wish we could assert that!)
-*/
-static SECStatus
-ssl3_ComputeRecordMAC(
- ssl3CipherSpec * spec,
- PK11Context * mac_context,
- SSL3ContentType type,
- SSL3ProtocolVersion version,
- SSL3SequenceNumber seq_num,
- SSL3Opaque * input,
- int inputLength,
- unsigned char * outbuf,
- unsigned int * outLength)
-{
- const ssl3MACDef * mac_def;
- SECStatus rv;
- unsigned int tempLen;
- unsigned char temp[MAX_MAC_LENGTH];
-
-/* ssl_GetSpecReadLock(ss); Don't have "ss"! */
-
- mac_def = spec->mac_def;
- if (mac_def->mac == mac_null) {
- *outLength = 0;
-/* ssl_ReleaseSpecReadLock(ss); */
- return SECSuccess;
- }
-
- temp[0] = (unsigned char)(seq_num.high >> 24);
- temp[1] = (unsigned char)(seq_num.high >> 16);
- temp[2] = (unsigned char)(seq_num.high >> 8);
- temp[3] = (unsigned char)(seq_num.high >> 0);
- temp[4] = (unsigned char)(seq_num.low >> 24);
- temp[5] = (unsigned char)(seq_num.low >> 16);
- temp[6] = (unsigned char)(seq_num.low >> 8);
- temp[7] = (unsigned char)(seq_num.low >> 0);
- temp[8] = type;
-
- /* TLS MAC includes the record's version field, SSL's doesn't.
- ** We decide which MAC defintion to use based on the version of
- ** the protocol that was negotiated when the spec became current,
- ** NOT based on the version value in the record itself.
- ** But, we use the record'v version value in the computation.
- */
- if (spec->version <= SSL_LIBRARY_VERSION_3_0) {
- temp[9] = MSB(inputLength);
- temp[10] = LSB(inputLength);
- tempLen = 11;
- } else {
- /* New TLS hash includes version. */
- temp[9] = MSB(version);
- temp[10] = LSB(version);
- temp[11] = MSB(inputLength);
- temp[12] = LSB(inputLength);
- tempLen = 13;
- }
-
- PRINT_BUF(95, (NULL, "frag hash1: temp", temp, tempLen));
- PRINT_BUF(95, (NULL, "frag hash1: input", input, inputLength));
-
- rv = PK11_DigestBegin(mac_context);
- rv |= PK11_DigestOp(mac_context, temp, tempLen);
- rv |= PK11_DigestOp(mac_context, input, inputLength);
-
- rv |= PK11_DigestFinal(mac_context, outbuf, outLength, spec->mac_size);
- PORT_Assert(rv != SECSuccess || *outLength == (unsigned)spec->mac_size);
-
-/* ssl_ReleaseSpecReadLock(ss); */
-
- PRINT_BUF(95, (NULL, "frag hash2: result", outbuf, *outLength));
-
- if (rv != SECSuccess) {
- rv = SECFailure;
- ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
- }
- return rv;
-}
-
-static PRBool
-ssl3_ClientAuthTokenPresent(sslSessionID *sid) {
- PK11SlotInfo *slot = NULL;
- PRBool isPresent = PR_TRUE;
-
- /* we only care if we are doing client auth */
- if (!sid || !sid->u.ssl3.clAuthValid) {
- return PR_TRUE;
- }
-
- /* get the slot */
- slot = SECMOD_LookupSlot(sid->u.ssl3.clAuthModuleID,
- sid->u.ssl3.clAuthSlotID);
- if (slot == NULL ||
- !PK11_IsPresent(slot) ||
- sid->u.ssl3.clAuthSeries != PK11_GetSlotSeries(slot) ||
- sid->u.ssl3.clAuthSlotID != PK11_GetSlotID(slot) ||
- sid->u.ssl3.clAuthModuleID != PK11_GetModuleID(slot) ||
- (PK11_NeedLogin(slot) && !PK11_IsLoggedIn(slot, NULL))) {
- isPresent = PR_FALSE;
- }
- if (slot) {
- PK11_FreeSlot(slot);
- }
- return isPresent;
-}
-
-/* Process the plain text before sending it.
- * Returns the number of bytes of plaintext that were succesfully sent
- * plus the number of bytes of plaintext that were copied into the
- * output (write) buffer.
- * Returns SECFailure on a hard IO error, memory error, or crypto error.
- * Does NOT return SECWouldBlock.
- */
-static PRInt32
-ssl3_SendRecord( sslSocket * ss,
- SSL3ContentType type,
- const SSL3Opaque * buf,
- PRInt32 bytes,
- PRInt32 flags)
-{
- ssl3CipherSpec * cwSpec;
- sslBuffer * write = &ss->sec.writeBuf;
- const ssl3BulkCipherDef * cipher_def;
- SECStatus rv;
- PRUint32 bufSize = 0;
- PRInt32 sent = 0;
- PRInt32 cipherBytes = -1;
- PRBool isBlocking = ssl_SocketIsBlocking(ss);
- PRBool ssl3WasNull = PR_FALSE;
-
- SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s bytes=%d",
- SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
- bytes));
- PRINT_BUF(3, (ss, "Send record (plain text)", buf, bytes));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- if (ss->ssl3 == NULL) {
- /* This can happen on a server if the very first incoming record
- ** looks like a defective ssl3 record (e.g. too long), and we're
- ** trying to send an alert.
- */
- ssl3WasNull = PR_TRUE;
- PR_ASSERT(type == content_alert);
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- return SECFailure; /* ssl3_InitState has set the error code. */
- }
- }
-
- /* check for Token Presence */
- if (!ssl3_ClientAuthTokenPresent(ss->sec.ci.sid)) {
- PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
- return SECFailure;
- }
-
- while (bytes > 0) {
- PRInt32 count;
- PRUint32 contentLen;
- PRUint32 fragLen;
- PRUint32 macLen;
-
- contentLen = PR_MIN(bytes, MAX_FRAGMENT_LENGTH);
- if (write->space < contentLen + SSL3_BUFFER_FUDGE) {
- rv = sslBuffer_Grow(write, contentLen + SSL3_BUFFER_FUDGE);
- if (rv != SECSuccess) {
- SSL_DBG(("%d: SSL3[%d]: SendRecord, tried to get %d bytes",
- SSL_GETPID(), ss->fd, contentLen + SSL3_BUFFER_FUDGE));
- return SECFailure; /* sslBuffer_Grow set a memory error code. */
- }
- }
-
- /* This variable records
- * the actual size of the buffer we allocated above. Some
- * algorithms (FORTEZZA) will expand the number of bytes it needs to
- * send data. If we only supply the output buffer with the same number
- * of bytes as the input buffer, we will fail.
- */
- bufSize = contentLen + SSL3_BUFFER_FUDGE;
-
- /*
- * null compression is easy to do
- */
- PORT_Memcpy(write->buf + SSL3_RECORD_HEADER_LENGTH, buf, contentLen);
- buf += contentLen;
- bytes -= contentLen;
- PORT_Assert( bytes >= 0 );
-
- ssl_GetSpecReadLock(ss); /********************************/
-
- cwSpec = ss->ssl3->cwSpec;
- cipher_def = cwSpec->cipher_def;
- /*
- * Add the MAC
- */
- rv = ssl3_ComputeRecordMAC(
- cwSpec, (ss->sec.isServer) ? cwSpec->server.write_mac_context
- : cwSpec->client.write_mac_context,
- type, cwSpec->version, cwSpec->write_seq_num,
- write->buf + SSL3_RECORD_HEADER_LENGTH, contentLen,
- write->buf + contentLen + SSL3_RECORD_HEADER_LENGTH, &macLen);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
- goto spec_locked_loser;
- }
- fragLen = contentLen + macLen; /* needs to be encrypted */
- PORT_Assert(fragLen <= MAX_FRAGMENT_LENGTH + 1024);
-
- /*
- * Pad the text (if we're doing a block cipher)
- * then Encrypt it
- */
- if (cipher_def->type == type_block) {
- int padding_length;
- int i;
- unsigned char * pBuf;
-
- /* Assume blockSize is a power of two */
- padding_length = cipher_def->block_size - 1 -
- ((fragLen) & (cipher_def->block_size - 1));
- fragLen += padding_length + 1;
- PORT_Assert((fragLen % cipher_def->block_size) == 0);
-
- /* Pad according to TLS rules (also acceptable to SSL3). */
- pBuf = &write->buf[fragLen + SSL3_RECORD_HEADER_LENGTH - 1];
- for (i = padding_length + 1; i > 0; --i) {
- *pBuf-- = padding_length;
- }
- }
- rv = cwSpec->encode(
- cwSpec->encodeContext, write->buf + SSL3_RECORD_HEADER_LENGTH,
- &cipherBytes, bufSize, write->buf + SSL3_RECORD_HEADER_LENGTH,
- fragLen);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_ENCRYPTION_FAILURE);
-spec_locked_loser:
- ssl_ReleaseSpecReadLock(ss);
- return SECFailure;
- }
- PORT_Assert(cipherBytes <= MAX_FRAGMENT_LENGTH + 1024);
-
- /*
- * XXX should we zero out our copy of the buffer after compressing
- * and encryption ??
- */
-
- ssl3_BumpSequenceNumber(&cwSpec->write_seq_num);
-
- ssl_ReleaseSpecReadLock(ss); /************************************/
-
- /* PORT_Assert(fragLen == cipherBytes); */
- write->len = cipherBytes + SSL3_RECORD_HEADER_LENGTH;
- write->buf[0] = type;
- write->buf[1] = MSB(cwSpec->version);
- write->buf[2] = LSB(cwSpec->version);
- write->buf[3] = MSB(cipherBytes);
- write->buf[4] = LSB(cipherBytes);
-
- PRINT_BUF(50, (ss, "send (encrypted) record data:", write->buf, write->len));
-
- /* If there's still some previously saved ciphertext,
- * or the caller doesn't want us to send the data yet,
- * then add all our new ciphertext to the amount previously saved.
- */
- if ((ss->pendingBuf.len > 0) ||
- (flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
-
- rv = ssl_SaveWriteData(ss, &ss->pendingBuf,
- write->buf, write->len);
- if (rv != SECSuccess) {
- /* presumably a memory error, SEC_ERROR_NO_MEMORY */
- return SECFailure;
- }
- write->len = 0; /* All cipher text is saved away. */
-
- if (!(flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
-
- ss->handshakeBegun = 1;
- count = ssl_SendSavedWriteData(ss, &ss->pendingBuf,
- &ssl_DefSend);
- if (count < 0 && PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
- return SECFailure;
- }
- }
- } else if (write->len > 0) {
- ss->handshakeBegun = 1;
- count = ssl_DefSend(ss, write->buf, write->len,
- flags & ~ssl_SEND_FLAG_MASK);
- if (count < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
- return (sent > 0) ? sent : SECFailure;
- }
- /* we got PR_WOULD_BLOCK_ERROR, which means none was sent. */
- count = 0;
- }
- /* now take all the remaining unsent newly-generated ciphertext and
- * append it to the buffer of previously unsent ciphertext.
- */
- if ((unsigned)count < write->len) {
- rv = ssl_SaveWriteData(ss, &ss->pendingBuf,
- write->buf + (unsigned)count,
- write->len - (unsigned)count);
- if (rv != SECSuccess) {
- /* presumably a memory error, SEC_ERROR_NO_MEMORY */
- return SECFailure;
- }
- }
- write->len = 0;
- }
- sent += contentLen;
- if ((flags & ssl_SEND_FLAG_NO_BUFFER) &&
- (isBlocking || (ss->pendingBuf.len > 0))) {
- break;
- }
- }
- return sent;
-}
-
-/* Attempt to send the content of "in" in an SSL application_data record.
- * Returns "len" or SECFailure, never SECWouldBlock, nor SECSuccess.
- */
-int
-ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
- PRInt32 len, PRInt32 flags)
-{
- PRInt32 sent = 0;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- while (len > 0) {
- PRInt32 count;
-
- if (sent > 0) {
- /*
- * The thread yield is intended to give the reader thread a
- * chance to get some cycles while the writer thread is in
- * the middle of a large application data write. (See
- * Bugzilla bug 127740, comment #1.)
- */
- ssl_ReleaseXmitBufLock(ss);
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield(); */
- ssl_GetXmitBufLock(ss);
- }
- count = ssl3_SendRecord(ss, content_application_data, in, len,
- flags | ssl_SEND_FLAG_NO_BUFFER);
- if (count < 0) {
- return (sent > 0) ? sent : count;
- /* error code set by ssl3_SendRecord */
- }
- sent += count;
- len -= count;
- in += count;
- }
- return sent;
-}
-
-/* Attempt to send the content of sendBuf buffer in an SSL handshake record.
- * This function returns SECSuccess or SECFailure, never SECWouldBlock.
- * It used to always set sendBuf.len to 0, even when returning SECFailure.
- * Now it does not.
- *
- * Called from SSL3_SendAlert(), ssl3_SendChangeCipherSpecs(),
- * ssl3_AppendHandshake(), ssl3_SendClientHello(),
- * ssl3_SendHelloRequest(), ssl3_SendServerHelloDone(),
- * ssl3_SendFinished(),
- */
-static SECStatus
-ssl3_FlushHandshake(sslSocket *ss, PRInt32 flags)
-{
- PRInt32 rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
- return SECSuccess;
-
- rv = ssl3_SendRecord(ss, content_handshake, ss->sec.ci.sendBuf.buf,
- ss->sec.ci.sendBuf.len, flags);
- if (rv < 0) {
- return (SECStatus)rv; /* error code set by ssl3_SendRecord */
- }
- ss->sec.ci.sendBuf.len = 0;
- return SECSuccess;
-}
-
-/*
- * Called from ssl3_HandleAlert and from ssl3_HandleCertificate when
- * the remote client sends a negative response to our certificate request.
- * Returns SECFailure if the application has required client auth.
- * SECSuccess otherwise.
- */
-static SECStatus
-ssl3_HandleNoCertificate(sslSocket *ss)
-{
- if (ss->sec.peerCert != NULL) {
- if (ss->sec.peerKey != NULL) {
- SECKEY_DestroyPublicKey(ss->sec.peerKey);
- ss->sec.peerKey = NULL;
- }
- CERT_DestroyCertificate(ss->sec.peerCert);
- ss->sec.peerCert = NULL;
- }
- ssl3_CleanupPeerCerts(ss->ssl3);
-
- /* If the server has required client-auth blindly but doesn't
- * actually look at the certificate it won't know that no
- * certificate was presented so we shutdown the socket to ensure
- * an error. We only do this if we haven't already completed the
- * first handshake because if we're redoing the handshake we
- * know the server is paying attention to the certificate.
- */
- if ((ss->requireCertificate == SSL_REQUIRE_ALWAYS) ||
- (!ss->firstHsDone &&
- (ss->requireCertificate == SSL_REQUIRE_FIRST_HANDSHAKE))) {
- PRFileDesc * lower;
-
- ss->sec.uncache(ss->sec.ci.sid);
- SSL3_SendAlert(ss, alert_fatal, bad_certificate);
-
- lower = ss->fd->lower;
-#ifdef _WIN32
- lower->methods->shutdown(lower, PR_SHUTDOWN_SEND);
-#else
- lower->methods->shutdown(lower, PR_SHUTDOWN_BOTH);
-#endif
- PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/************************************************************************
- * Alerts
- */
-
-/*
-** Acquires both handshake and XmitBuf locks.
-** Called from: ssl3_IllegalParameter <-
-** ssl3_HandshakeFailure <-
-** ssl3_HandleAlert <- ssl3_HandleRecord.
-** ssl3_HandleChangeCipherSpecs <- ssl3_HandleRecord
-** ssl3_ConsumeHandshakeVariable <-
-** ssl3_HandleHelloRequest <-
-** ssl3_HandleServerHello <-
-** ssl3_HandleServerKeyExchange <-
-** ssl3_HandleCertificateRequest <-
-** ssl3_HandleServerHelloDone <-
-** ssl3_HandleClientHello <-
-** ssl3_HandleV2ClientHello <-
-** ssl3_HandleCertificateVerify <-
-** ssl3_HandleFortezzaClientKeyExchange <-
-** ssl3_HandleClientKeyExchange <-
-** ssl3_HandleCertificate <-
-** ssl3_HandleFinished <-
-** ssl3_HandleHandshakeMessage <-
-** ssl3_HandleRecord <-
-**
-*/
-SECStatus
-SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
-{
- uint8 bytes[2];
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send alert record, level=%d desc=%d",
- SSL_GETPID(), ss->fd, level, desc));
-
- bytes[0] = level;
- bytes[1] = desc;
-
- ssl_GetSSL3HandshakeLock(ss);
- if (level == alert_fatal) {
- if (ss->sec.ci.sid) {
- ss->sec.uncache(ss->sec.ci.sid);
- }
- }
- ssl_GetXmitBufLock(ss);
- rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (rv == SECSuccess) {
- PRInt32 sent;
- sent = ssl3_SendRecord(ss, content_alert, bytes, 2, 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
- }
- ssl_ReleaseXmitBufLock(ss);
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv; /* error set by ssl3_FlushHandshake or ssl3_SendRecord */
-}
-
-/*
- * Send illegal_parameter alert. Set generic error number.
- */
-static SECStatus
-ssl3_IllegalParameter(sslSocket *ss)
-{
- PRBool isTLS;
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
- : SSL_ERROR_BAD_SERVER );
- return SECFailure;
-}
-
-/*
- * Send handshake_Failure alert. Set generic error number.
- */
-static SECStatus
-ssl3_HandshakeFailure(sslSocket *ss)
-{
- (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
- PORT_SetError( ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
- : SSL_ERROR_BAD_SERVER );
- return SECFailure;
-}
-
-/*
- * Send handshake_Failure alert. Set generic error number.
- */
-static SECStatus
-ssl3_DecodeError(sslSocket *ss)
-{
- (void)SSL3_SendAlert(ss, alert_fatal,
- ss->version > SSL_LIBRARY_VERSION_3_0 ? decode_error
- : illegal_parameter);
- PORT_SetError( ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
- : SSL_ERROR_BAD_SERVER );
- return SECFailure;
-}
-
-/* Called from ssl3_HandleRecord.
-** Caller must hold both RecvBuf and Handshake locks.
-*/
-static SECStatus
-ssl3_HandleAlert(sslSocket *ss, sslBuffer *buf)
-{
- SSL3AlertLevel level;
- SSL3AlertDescription desc;
- int error;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle alert record", SSL_GETPID(), ss->fd));
-
- if (buf->len != 2) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_ALERT);
- return SECFailure;
- }
- level = (SSL3AlertLevel)buf->buf[0];
- desc = (SSL3AlertDescription)buf->buf[1];
- buf->len = 0;
- SSL_TRC(5, ("%d: SSL3[%d] received alert, level = %d, description = %d",
- SSL_GETPID(), ss->fd, level, desc));
-
- switch (desc) {
- case close_notify: ss->recvdCloseNotify = 1;
- error = SSL_ERROR_CLOSE_NOTIFY_ALERT; break;
- case unexpected_message: error = SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT;
- break;
- case bad_record_mac: error = SSL_ERROR_BAD_MAC_ALERT; break;
- case decryption_failed: error = SSL_ERROR_DECRYPTION_FAILED_ALERT;
- break;
- case record_overflow: error = SSL_ERROR_RECORD_OVERFLOW_ALERT; break;
- case decompression_failure: error = SSL_ERROR_DECOMPRESSION_FAILURE_ALERT;
- break;
- case handshake_failure: error = SSL_ERROR_HANDSHAKE_FAILURE_ALERT;
- break;
- case no_certificate: error = SSL_ERROR_NO_CERTIFICATE; break;
- case bad_certificate: error = SSL_ERROR_BAD_CERT_ALERT; break;
- case unsupported_certificate:error = SSL_ERROR_UNSUPPORTED_CERT_ALERT;break;
- case certificate_revoked: error = SSL_ERROR_REVOKED_CERT_ALERT; break;
- case certificate_expired: error = SSL_ERROR_EXPIRED_CERT_ALERT; break;
- case certificate_unknown: error = SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT;
- break;
- case illegal_parameter: error = SSL_ERROR_ILLEGAL_PARAMETER_ALERT;break;
-
- /* All alerts below are TLS only. */
- case unknown_ca: error = SSL_ERROR_UNKNOWN_CA_ALERT; break;
- case access_denied: error = SSL_ERROR_ACCESS_DENIED_ALERT; break;
- case decode_error: error = SSL_ERROR_DECODE_ERROR_ALERT; break;
- case decrypt_error: error = SSL_ERROR_DECRYPT_ERROR_ALERT; break;
- case export_restriction: error = SSL_ERROR_EXPORT_RESTRICTION_ALERT;
- break;
- case protocol_version: error = SSL_ERROR_PROTOCOL_VERSION_ALERT; break;
- case insufficient_security: error = SSL_ERROR_INSUFFICIENT_SECURITY_ALERT;
- break;
- case internal_error: error = SSL_ERROR_INTERNAL_ERROR_ALERT; break;
- case user_canceled: error = SSL_ERROR_USER_CANCELED_ALERT; break;
- case no_renegotiation: error = SSL_ERROR_NO_RENEGOTIATION_ALERT; break;
- default: error = SSL_ERROR_RX_UNKNOWN_ALERT; break;
- }
- if (level == alert_fatal) {
- ss->sec.uncache(ss->sec.ci.sid);
- if ((ss->ssl3->hs.ws == wait_server_hello) &&
- (desc == handshake_failure)) {
- /* XXX This is a hack. We're assuming that any handshake failure
- * XXX on the client hello is a failure to match ciphers.
- */
- error = SSL_ERROR_NO_CYPHER_OVERLAP;
- }
- PORT_SetError(error);
- return SECFailure;
- }
- if ((desc == no_certificate) && (ss->ssl3->hs.ws == wait_client_cert)) {
- /* I'm a server. I've requested a client cert. He hasn't got one. */
- SECStatus rv;
-
- PORT_Assert(ss->sec.isServer);
- ss->ssl3->hs.ws = wait_client_key;
- rv = ssl3_HandleNoCertificate(ss);
- return rv;
- }
- return SECSuccess;
-}
-
-/*
- * Change Cipher Specs
- * Called from ssl3_HandleServerHelloDone,
- * ssl3_HandleClientHello,
- * and ssl3_HandleFinished
- *
- * Acquires and releases spec write lock, to protect switching the current
- * and pending write spec pointers.
- */
-
-static SECStatus
-ssl3_SendChangeCipherSpecs(sslSocket *ss)
-{
- uint8 change = change_cipher_spec_choice;
- ssl3State * ssl3 = ss->ssl3;
- ssl3CipherSpec * pwSpec;
- SECStatus rv;
- PRInt32 sent;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send change_cipher_spec record",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- sent = ssl3_SendRecord(ss, content_change_cipher_spec, &change, 1,
- ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (sent < 0) {
- return (SECStatus)sent; /* error code set by ssl3_SendRecord */
- }
-
- /* swap the pending and current write specs. */
- ssl_GetSpecWriteLock(ss); /**************************************/
- pwSpec = ss->ssl3->pwSpec;
- pwSpec->write_seq_num.high = 0;
- pwSpec->write_seq_num.low = 0;
-
- ssl3->pwSpec = ssl3->cwSpec;
- ssl3->cwSpec = pwSpec;
-
- SSL_TRC(3, ("%d: SSL3[%d] Set Current Write Cipher Suite to Pending",
- SSL_GETPID(), ss->fd ));
-
- /* We need to free up the contexts, keys and certs ! */
- /* If we are really through with the old cipher spec
- * (Both the read and write sides have changed) destroy it.
- */
- if (ss->ssl3->prSpec == ss->ssl3->pwSpec) {
- ssl3_DestroyCipherSpec(ss->ssl3->pwSpec);
- }
- ssl_ReleaseSpecWriteLock(ss); /**************************************/
-
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleRecord.
-** Caller must hold both RecvBuf and Handshake locks.
- *
- * Acquires and releases spec write lock, to protect switching the current
- * and pending write spec pointers.
-*/
-static SECStatus
-ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf)
-{
- ssl3CipherSpec * prSpec;
- SSL3WaitState ws = ss->ssl3->hs.ws;
- SSL3ChangeCipherSpecChoice change;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle change_cipher_spec record",
- SSL_GETPID(), ss->fd));
-
- if (ws != wait_change_cipher && ws != wait_cert_verify) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER);
- return SECFailure;
- }
-
- if(buf->len != 1) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
- return SECFailure;
- }
- change = (SSL3ChangeCipherSpecChoice)buf->buf[0];
- if (change != change_cipher_spec_choice) {
- /* illegal_parameter is correct here for both SSL3 and TLS. */
- (void)ssl3_IllegalParameter(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
- return SECFailure;
- }
- buf->len = 0;
-
- /* Swap the pending and current read specs. */
- ssl_GetSpecWriteLock(ss); /*************************************/
- prSpec = ss->ssl3->prSpec;
- prSpec->read_seq_num.high = prSpec->read_seq_num.low = 0;
-
- ss->ssl3->prSpec = ss->ssl3->crSpec;
- ss->ssl3->crSpec = prSpec;
- ss->ssl3->hs.ws = wait_finished;
-
- SSL_TRC(3, ("%d: SSL3[%d] Set Current Read Cipher Suite to Pending",
- SSL_GETPID(), ss->fd ));
-
- /* If we are really through with the old cipher prSpec
- * (Both the read and write sides have changed) destroy it.
- */
- if (ss->ssl3->prSpec == ss->ssl3->pwSpec) {
- ssl3_DestroyCipherSpec(ss->ssl3->prSpec);
- }
- ssl_ReleaseSpecWriteLock(ss); /*************************************/
- return SECSuccess;
-}
-
-/*
- * Key generation given pre master secret, or master secret (if !pms).
- * Sets a useful error code when returning SECFailure.
- *
- * Called only from ssl3_InitPendingCipherSpec(),
- *
- * which in turn is called from
- * ssl3_SendClientKeyExchange (for Full handshake)
- * ssl3_HandleClientKeyExchange (for Full handshake)
- * ssl3_HandleServerHello (for session restart)
- * ssl3_HandleClientHello (for session restart)
- * Caller MUST hold the specWriteLock, and SSL3HandshakeLock.
- * ssl3_InitPendingCipherSpec does that.
- */
-static SECStatus
-ssl3_GenerateSessionKeys(sslSocket *ss, const PK11SymKey *pms)
-{
- ssl3CipherSpec * pwSpec = ss->ssl3->pwSpec;
- const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def;
- const ssl3KEADef * kea_def = ss->ssl3->hs.kea_def;
- unsigned char * cr = (unsigned char *)&ss->ssl3->hs.client_random;
- unsigned char * sr = (unsigned char *)&ss->ssl3->hs.server_random;
- PK11SymKey * symKey = NULL;
- PK11SlotInfo * slot = NULL;
- void * pwArg = ss->pkcs11PinArg;
- PRBool isTLS = (PRBool)(kea_def->tls_keygen ||
- (pwSpec->version > SSL_LIBRARY_VERSION_3_0));
- PRBool skipKeysAndIVs = (PRBool)
- ((cipher_def->calg == calg_fortezza) ||
- (cipher_def->calg == calg_null));
- /*
- * Whenever isDH is true, we need to use CKM_TLS_MASTER_KEY_DERIVE_DH
- * which, unlike CKM_TLS_MASTER_KEY_DERIVE, converts arbitrary size
- * data into a 48-byte value.
- */
- PRBool isDH = (PRBool) ((ss->ssl3->hs.kea_def->exchKeyType == kt_dh) ||
- (ss->ssl3->hs.kea_def->exchKeyType == kt_ecdh));
- CK_MECHANISM_TYPE master_derive;
- CK_MECHANISM_TYPE key_derive;
- CK_MECHANISM_TYPE bulk_mechanism;
- SECItem params;
- int keySize;
- CK_FLAGS keyFlags;
- CK_VERSION pms_version;
- CK_SSL3_KEY_MAT_PARAMS key_material_params;
- CK_SSL3_KEY_MAT_OUT returnedKeys;
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS master_params;
- SSLCipherAlgorithm calg;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
- PORT_Assert( ssl_HaveSpecWriteLock(ss));
- PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
- if (isTLS) {
- if(isDH) master_derive = CKM_TLS_MASTER_KEY_DERIVE_DH;
- else master_derive = CKM_TLS_MASTER_KEY_DERIVE;
- key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
- keyFlags = CKF_SIGN | CKF_VERIFY;
- } else {
- if (isDH) master_derive = CKM_SSL3_MASTER_KEY_DERIVE_DH;
- else master_derive = CKM_SSL3_MASTER_KEY_DERIVE;
- key_derive = CKM_SSL3_KEY_AND_MAC_DERIVE;
- keyFlags = 0;
- }
-
- if (pms || !pwSpec->master_secret) {
- master_params.pVersion = &pms_version;
- master_params.RandomInfo.pClientRandom = cr;
- master_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
- master_params.RandomInfo.pServerRandom = sr;
- master_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
-
- params.data = (unsigned char *) &master_params;
- params.len = sizeof master_params;
- }
-
- if (pms != NULL) {
- pwSpec->master_secret = PK11_DeriveWithFlags((PK11SymKey *)pms,
- master_derive, &params, key_derive,
- CKA_DERIVE, 0, keyFlags);
- if (!isDH && pwSpec->master_secret && ss->detectRollBack) {
- SSL3ProtocolVersion client_version;
- client_version = pms_version.major << 8 | pms_version.minor;
- if (client_version != ss->clientHelloVersion) {
- /* Destroy it. Version roll-back detected. */
- PK11_FreeSymKey(pwSpec->master_secret);
- pwSpec->master_secret = NULL;
- }
- }
- if (pwSpec->master_secret == NULL) {
- /* Generate a faux master secret in the same slot as the old one. */
- PK11SlotInfo * slot = PK11_GetSlotFromKey((PK11SymKey *)pms);
- PK11SymKey * fpms = ssl3_GenerateRSAPMS(ss, pwSpec, slot);
-
- PK11_FreeSlot(slot);
- if (fpms != NULL) {
- pwSpec->master_secret = PK11_DeriveWithFlags(fpms,
- master_derive, &params, key_derive,
- CKA_DERIVE, 0, keyFlags);
- PK11_FreeSymKey(fpms);
- }
- }
- }
- if (pwSpec->master_secret == NULL) {
- /* Generate a faux master secret from the internal slot. */
- PK11SlotInfo * slot = PK11_GetInternalSlot();
- PK11SymKey * fpms = ssl3_GenerateRSAPMS(ss, pwSpec, slot);
-
- PK11_FreeSlot(slot);
- if (fpms != NULL) {
- pwSpec->master_secret = PK11_DeriveWithFlags(fpms,
- master_derive, &params, key_derive,
- CKA_DERIVE, 0, keyFlags);
- if (pwSpec->master_secret == NULL) {
- pwSpec->master_secret = fpms; /* use the fpms as the master. */
- fpms = NULL;
- }
- }
- if (fpms) {
- PK11_FreeSymKey(fpms);
- }
- }
- if (pwSpec->master_secret == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
- return SECFailure;
- }
-
- /*
- * generate the key material
- */
- key_material_params.ulMacSizeInBits = pwSpec->mac_size * BPB;
- key_material_params.ulKeySizeInBits = cipher_def->secret_key_size* BPB;
- key_material_params.ulIVSizeInBits = cipher_def->iv_size * BPB;
-
- key_material_params.bIsExport = (CK_BBOOL)(kea_def->is_limited);
- /* was: (CK_BBOOL)(cipher_def->keygen_mode != kg_strong); */
-
- key_material_params.RandomInfo.pClientRandom = cr;
- key_material_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
- key_material_params.RandomInfo.pServerRandom = sr;
- key_material_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
- key_material_params.pReturnedKeyMaterial = &returnedKeys;
-
- returnedKeys.pIVClient = pwSpec->client.write_iv;
- returnedKeys.pIVServer = pwSpec->server.write_iv;
- keySize = cipher_def->key_size;
-
- if (skipKeysAndIVs) {
- keySize = 0;
- key_material_params.ulKeySizeInBits = 0;
- key_material_params.ulIVSizeInBits = 0;
- returnedKeys.pIVClient = NULL;
- returnedKeys.pIVServer = NULL;
- }
-
- calg = cipher_def->calg;
- PORT_Assert( alg2Mech[calg].calg == calg);
- bulk_mechanism = alg2Mech[calg].cmech;
-
- params.data = (unsigned char *)&key_material_params;
- params.len = sizeof(key_material_params);
-
- /* CKM_SSL3_KEY_AND_MAC_DERIVE is defined to set ENCRYPT, DECRYPT, and
- * DERIVE by DEFAULT */
- symKey = PK11_Derive(pwSpec->master_secret, key_derive, &params,
- bulk_mechanism, CKA_ENCRYPT, keySize);
- if (!symKey) {
- ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
- return SECFailure;
- }
- /* we really should use the actual mac'ing mechanism here, but we
- * don't because these types are used to map keytype anyway and both
- * mac's map to the same keytype.
- */
- slot = PK11_GetSlotFromKey(symKey);
-
- PK11_FreeSlot(slot); /* slot is held until the key is freed */
- pwSpec->client.write_mac_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- CKM_SSL3_SHA1_MAC, returnedKeys.hClientMacSecret, PR_TRUE, pwArg);
- if (pwSpec->client.write_mac_key == NULL ) {
- goto loser; /* loser sets err */
- }
- pwSpec->server.write_mac_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- CKM_SSL3_SHA1_MAC, returnedKeys.hServerMacSecret, PR_TRUE, pwArg);
- if (pwSpec->server.write_mac_key == NULL ) {
- goto loser; /* loser sets err */
- }
- if (!skipKeysAndIVs) {
- pwSpec->client.write_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- bulk_mechanism, returnedKeys.hClientKey, PR_TRUE, pwArg);
- if (pwSpec->client.write_key == NULL ) {
- goto loser; /* loser sets err */
- }
- pwSpec->server.write_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- bulk_mechanism, returnedKeys.hServerKey, PR_TRUE, pwArg);
- if (pwSpec->server.write_key == NULL ) {
- goto loser; /* loser sets err */
- }
- }
- PK11_FreeSymKey(symKey);
- return SECSuccess;
-
-
-loser:
- if (symKey) PK11_FreeSymKey(symKey);
- ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
- return SECFailure;
-}
-
-/*
- * Handshake messages
- */
-/* Called from ssl3_AppendHandshake()
-** ssl3_StartHandshakeHash()
-** ssl3_HandleV2ClientHello()
-** ssl3_HandleHandshakeMessage()
-** Caller must hold the ssl3Handshake lock.
-*/
-static SECStatus
-ssl3_UpdateHandshakeHashes(sslSocket *ss, unsigned char *b, unsigned int l)
-{
- ssl3State *ssl3 = ss->ssl3;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- PRINT_BUF(90, (NULL, "MD5 & SHA handshake hash input:", b, l));
-
- rv = PK11_DigestOp(ssl3->hs.md5, b, l);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return rv;
- }
- rv = PK11_DigestOp(ssl3->hs.sha, b, l);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- return rv;
- }
- return rv;
-}
-
-/**************************************************************************
- * Append Handshake functions.
- * All these functions set appropriate error codes.
- * Most rely on ssl3_AppendHandshake to set the error code.
- **************************************************************************/
-static SECStatus
-ssl3_AppendHandshake(sslSocket *ss, const void *void_src, PRInt32 bytes)
-{
- unsigned char * src = (unsigned char *)void_src;
- int room = ss->sec.ci.sendBuf.space - ss->sec.ci.sendBuf.len;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) ); /* protects sendBuf. */
-
- if (ss->sec.ci.sendBuf.space < MAX_SEND_BUF_LENGTH && room < bytes) {
- rv = sslBuffer_Grow(&ss->sec.ci.sendBuf, PR_MAX(MIN_SEND_BUF_LENGTH,
- PR_MIN(MAX_SEND_BUF_LENGTH, ss->sec.ci.sendBuf.len + bytes)));
- if (rv != SECSuccess)
- return rv; /* sslBuffer_Grow has set a memory error code. */
- room = ss->sec.ci.sendBuf.space - ss->sec.ci.sendBuf.len;
- }
-
- PRINT_BUF(60, (ss, "Append to Handshake", (unsigned char*)void_src, bytes));
- rv = ssl3_UpdateHandshakeHashes(ss, src, bytes);
- if (rv != SECSuccess)
- return rv; /* error code set by ssl3_UpdateHandshakeHashes */
-
- while (bytes > room) {
- if (room > 0)
- PORT_Memcpy(ss->sec.ci.sendBuf.buf + ss->sec.ci.sendBuf.len, src,
- room);
- ss->sec.ci.sendBuf.len += room;
- rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- bytes -= room;
- src += room;
- room = ss->sec.ci.sendBuf.space;
- PORT_Assert(ss->sec.ci.sendBuf.len == 0);
- }
- PORT_Memcpy(ss->sec.ci.sendBuf.buf + ss->sec.ci.sendBuf.len, src, bytes);
- ss->sec.ci.sendBuf.len += bytes;
- return SECSuccess;
-}
-
-static SECStatus
-ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num, PRInt32 lenSize)
-{
- SECStatus rv;
- uint8 b[4];
- uint8 * p = b;
-
- switch (lenSize) {
- case 4:
- *p++ = (num >> 24) & 0xff;
- case 3:
- *p++ = (num >> 16) & 0xff;
- case 2:
- *p++ = (num >> 8) & 0xff;
- case 1:
- *p = num & 0xff;
- }
- SSL_TRC(60, ("%d: number:", SSL_GETPID()));
- rv = ssl3_AppendHandshake(ss, &b[0], lenSize);
- return rv; /* error code set by AppendHandshake, if applicable. */
-}
-
-static SECStatus
-ssl3_AppendHandshakeVariable(
- sslSocket *ss, const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize)
-{
- SECStatus rv;
-
- PORT_Assert((bytes < (1<<8) && lenSize == 1) ||
- (bytes < (1L<<16) && lenSize == 2) ||
- (bytes < (1L<<24) && lenSize == 3));
-
- SSL_TRC(60,("%d: append variable:", SSL_GETPID()));
- rv = ssl3_AppendHandshakeNumber(ss, bytes, lenSize);
- if (rv != SECSuccess) {
- return rv; /* error code set by AppendHandshake, if applicable. */
- }
- SSL_TRC(60, ("data:"));
- rv = ssl3_AppendHandshake(ss, src, bytes);
- return rv; /* error code set by AppendHandshake, if applicable. */
-}
-
-static SECStatus
-ssl3_AppendHandshakeHeader(sslSocket *ss, SSL3HandshakeType t, PRUint32 length)
-{
- SECStatus rv;
-
- SSL_TRC(30,("%d: SSL3[%d]: append handshake header: type %s",
- SSL_GETPID(), ss->fd, ssl3_DecodeHandshakeType(t)));
- PRINT_BUF(60, (ss, "MD5 handshake hash:",
- (unsigned char*)ss->ssl3->hs.md5, MD5_LENGTH));
- PRINT_BUF(95, (ss, "SHA handshake hash:",
- (unsigned char*)ss->ssl3->hs.sha, SHA1_LENGTH));
-
- rv = ssl3_AppendHandshakeNumber(ss, t, 1);
- if (rv != SECSuccess) {
- return rv; /* error code set by AppendHandshake, if applicable. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, length, 3);
- return rv; /* error code set by AppendHandshake, if applicable. */
-}
-
-/**************************************************************************
- * Consume Handshake functions.
- *
- * All data used in these functions is protected by two locks,
- * the RecvBufLock and the SSL3HandshakeLock
- **************************************************************************/
-
-/* Read up the next "bytes" number of bytes from the (decrypted) input
- * stream "b" (which is *length bytes long). Copy them into buffer "v".
- * Reduces *length by bytes. Advances *b by bytes.
- *
- * If this function returns SECFailure, it has already sent an alert,
- * and has set a generic error code. The caller should probably
- * override the generic error code by setting another.
- */
-static SECStatus
-ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes, SSL3Opaque **b,
- PRUint32 *length)
-{
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (bytes > *length) {
- return ssl3_DecodeError(ss);
- }
- PORT_Memcpy(v, *b, bytes);
- PRINT_BUF(60, (ss, "consume bytes:", *b, bytes));
- *b += bytes;
- *length -= bytes;
- return SECSuccess;
-}
-
-/* Read up the next "bytes" number of bytes from the (decrypted) input
- * stream "b" (which is *length bytes long), and interpret them as an
- * integer in network byte order. Returns the received value.
- * Reduces *length by bytes. Advances *b by bytes.
- *
- * Returns SECFailure (-1) on failure.
- * This value is indistinguishable from the equivalent received value.
- * Only positive numbers are to be received this way.
- * Thus, the largest value that may be sent this way is 0x7fffffff.
- * On error, an alert has been sent, and a generic error code has been set.
- */
-static PRInt32
-ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes, SSL3Opaque **b,
- PRUint32 *length)
-{
- PRInt32 num = 0;
- int i;
- SECStatus status;
- uint8 buf[4];
-
- status = ssl3_ConsumeHandshake(ss, buf, bytes, b, length);
- if (status != SECSuccess) {
- /* ssl3_DecodeError has already been called */
- return SECFailure;
- }
- for (i = 0; i < bytes; i++)
- num = (num << 8) + buf[i];
- return num;
-}
-
-/* Read in two values from the incoming decrypted byte stream "b", which is
- * *length bytes long. The first value is a number whose size is "bytes"
- * bytes long. The second value is a byte-string whose size is the value
- * of the first number received. The latter byte-string, and its length,
- * is returned in the SECItem i.
- *
- * Returns SECFailure (-1) on failure.
- * On error, an alert has been sent, and a generic error code has been set.
- */
-static SECStatus
-ssl3_ConsumeHandshakeVariable(sslSocket *ss, SECItem *i, PRInt32 bytes,
- SSL3Opaque **b, PRUint32 *length)
-{
- PRInt32 count;
- SECStatus rv;
-
- PORT_Assert(bytes <= 3);
- i->len = 0;
- i->data = NULL;
- count = ssl3_ConsumeHandshakeNumber(ss, bytes, b, length);
- if (count < 0) { /* Can't test for SECSuccess here. */
- return SECFailure;
- }
- if (count > 0) {
- i->data = (unsigned char*)PORT_Alloc(count);
- if (i->data == NULL) {
- /* XXX inconsistent. In other places, we don't send alerts for
- * our own memory failures. But here we do... */
- (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- i->len = count;
- rv = ssl3_ConsumeHandshake(ss, i->data, i->len, b, length);
- if (rv != SECSuccess) {
- PORT_Free(i->data);
- i->data = NULL;
- return rv; /* alert has already been sent. */
- }
- }
- return SECSuccess;
-}
-
-/**************************************************************************
- * end of Consume Handshake functions.
- **************************************************************************/
-
-/* Extract the hashes of handshake messages to this point.
- * Called from ssl3_SendCertificateVerify
- * ssl3_SendFinished
- * ssl3_HandleHandshakeMessage
- *
- * Caller must hold the SSL3HandshakeLock.
- * Caller must hold a read or write lock on the Spec R/W lock.
- * (There is presently no way to assert on a Read lock.)
- */
-static SECStatus
-ssl3_ComputeHandshakeHashes(sslSocket * ss,
- ssl3CipherSpec *spec, /* uses ->master_secret */
- SSL3Hashes * hashes, /* output goes here. */
- uint32 sender)
-{
- ssl3State * ssl3 = ss->ssl3;
- PK11Context * md5;
- PK11Context * sha = NULL;
- SECStatus rv = SECSuccess;
- unsigned int outLength;
- PRBool isTLS;
- SSL3Opaque md5_inner[MAX_MAC_LENGTH];
- SSL3Opaque sha_inner[MAX_MAC_LENGTH];
- unsigned char s[4];
- unsigned char md5StackBuf[256];
- unsigned char shaStackBuf[512];
- unsigned char *md5StateBuf = NULL;
- unsigned char *shaStateBuf = NULL;
- unsigned int md5StateLen, shaStateLen;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- isTLS = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0);
-
- md5StateBuf = PK11_SaveContextAlloc(ssl3->hs.md5, md5StackBuf,
- sizeof md5StackBuf, &md5StateLen);
- if (md5StateBuf == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- goto loser;
- }
- md5 = ssl3->hs.md5;
-
- shaStateBuf = PK11_SaveContextAlloc(ssl3->hs.sha, shaStackBuf,
- sizeof shaStackBuf, &shaStateLen);
- if (shaStateBuf == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- goto loser;
- }
- sha = ssl3->hs.sha;
-
- if (!isTLS) {
- /* compute hashes for SSL3. */
-
- s[0] = (unsigned char)(sender >> 24);
- s[1] = (unsigned char)(sender >> 16);
- s[2] = (unsigned char)(sender >> 8);
- s[3] = (unsigned char)sender;
-
- if (sender != 0) {
- rv |= PK11_DigestOp(md5, s, 4);
- PRINT_BUF(95, (NULL, "MD5 inner: sender", s, 4));
- }
-
- PRINT_BUF(95, (NULL, "MD5 inner: MAC Pad 1", mac_pad_1, mac_defs[mac_md5].pad_size));
-
- rv |= PK11_DigestKey(md5,spec->master_secret);
- rv |= PK11_DigestOp(md5, mac_pad_1, mac_defs[mac_md5].pad_size);
- rv |= PK11_DigestFinal(md5, md5_inner, &outLength, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(95, (NULL, "MD5 inner: result", md5_inner, outLength));
-
- if (sender != 0) {
- rv |= PK11_DigestOp(sha, s, 4);
- PRINT_BUF(95, (NULL, "SHA inner: sender", s, 4));
- }
-
- PRINT_BUF(95, (NULL, "SHA inner: MAC Pad 1", mac_pad_1, mac_defs[mac_sha].pad_size));
-
-
- rv |= PK11_DigestKey(sha, spec->master_secret);
- rv |= PK11_DigestOp(sha, mac_pad_1, mac_defs[mac_sha].pad_size);
- rv |= PK11_DigestFinal(sha, sha_inner, &outLength, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(95, (NULL, "SHA inner: result", sha_inner, outLength));
-
- PRINT_BUF(95, (NULL, "MD5 outer: MAC Pad 2", mac_pad_2, mac_defs[mac_md5].pad_size));
- PRINT_BUF(95, (NULL, "MD5 outer: MD5 inner", md5_inner, MD5_LENGTH));
-
- rv |= PK11_DigestBegin(md5);
- rv |= PK11_DigestKey(md5, spec->master_secret);
- rv |= PK11_DigestOp(md5, mac_pad_2, mac_defs[mac_md5].pad_size);
- rv |= PK11_DigestOp(md5, md5_inner, MD5_LENGTH);
- }
- rv |= PK11_DigestFinal(md5, hashes->md5, &outLength, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(60, (NULL, "MD5 outer: result", hashes->md5, MD5_LENGTH));
-
- if (!isTLS) {
- PRINT_BUF(95, (NULL, "SHA outer: MAC Pad 2", mac_pad_2, mac_defs[mac_sha].pad_size));
- PRINT_BUF(95, (NULL, "SHA outer: SHA inner", sha_inner, SHA1_LENGTH));
-
- rv |= PK11_DigestBegin(sha);
- rv |= PK11_DigestKey(sha,spec->master_secret);
- rv |= PK11_DigestOp(sha, mac_pad_2, mac_defs[mac_sha].pad_size);
- rv |= PK11_DigestOp(sha, sha_inner, SHA1_LENGTH);
- }
- rv |= PK11_DigestFinal(sha, hashes->sha, &outLength, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(60, (NULL, "SHA outer: result", hashes->sha, SHA1_LENGTH));
-
- rv = SECSuccess;
-
-loser:
- if (md5StateBuf) {
- if (PK11_RestoreContext(ssl3->hs.md5, md5StateBuf, md5StateLen)
- != SECSuccess)
- {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- }
- if (md5StateBuf != md5StackBuf) {
- PORT_ZFree(md5StateBuf, md5StateLen);
- }
- }
- if (shaStateBuf) {
- if (PK11_RestoreContext(ssl3->hs.sha, shaStateBuf, shaStateLen)
- != SECSuccess)
- {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- }
- if (shaStateBuf != shaStackBuf) {
- PORT_ZFree(shaStateBuf, shaStateLen);
- }
- }
-
- return rv;
-}
-
-/*
- * SSL 2 based implementations pass in the initial outbound buffer
- * so that the handshake hash can contain the included information.
- *
- * Called from ssl2_BeginClientHandshake() in sslcon.c
- */
-SECStatus
-ssl3_StartHandshakeHash(sslSocket *ss, unsigned char * buf, int length)
-{
- SECStatus rv;
-
- ssl_GetSSL3HandshakeLock(ss); /**************************************/
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- goto done; /* ssl3_InitState has set the error code. */
- }
-
- PORT_Memset(&ss->ssl3->hs.client_random, 0, SSL3_RANDOM_LENGTH);
- PORT_Memcpy(
- &ss->ssl3->hs.client_random.rand[SSL3_RANDOM_LENGTH - SSL_CHALLENGE_BYTES],
- &ss->sec.ci.clientChallenge,
- SSL_CHALLENGE_BYTES);
-
- rv = ssl3_UpdateHandshakeHashes(ss, buf, length);
- /* if it failed, ssl3_UpdateHandshakeHashes has set the error code. */
-
-done:
- ssl_ReleaseSSL3HandshakeLock(ss); /**************************************/
- return rv;
-}
-
-/**************************************************************************
- * end of Handshake Hash functions.
- * Begin Send and Handle functions for handshakes.
- **************************************************************************/
-
-/* Called from ssl3_HandleHelloRequest(),
- * ssl3_HandleFinished() (for step-up)
- * ssl3_RedoHandshake()
- * ssl2_BeginClientHandshake (when resuming ssl3 session)
- */
-SECStatus
-ssl3_SendClientHello(sslSocket *ss)
-{
- sslSessionID * sid;
- ssl3CipherSpec * cwSpec;
- SECStatus rv;
- int i;
- int length;
- int num_suites;
- int actual_count = 0;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(),
- ss->fd));
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- return rv; /* ssl3_InitState has set the error code. */
- }
-
- SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",
- SSL_GETPID(), ss->fd ));
- rv = PK11_DigestBegin(ss->ssl3->hs.md5);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return rv;
- }
- rv = PK11_DigestBegin(ss->ssl3->hs.sha);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- return rv;
- }
-
- /* We ignore ss->sec.ci.sid here, and use ssl_Lookup because Lookup
- * handles expired entries and other details.
- * XXX If we've been called from ssl2_BeginClientHandshake, then
- * this lookup is duplicative and wasteful.
- */
- sid = (ss->noCache) ? NULL
- : ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID, ss->url);
-
- /* We can't resume based on a different token. If the sid exists,
- * make sure the token that holds the master secret still exists ...
- * If we previously did client-auth, make sure that the token that holds
- * the private key still exists, is logged in, hasn't been removed, etc.
- * Also for fortezza, make sure that the card that holds the session keys
- * exist as well... */
- if (sid) {
- PK11SlotInfo *slot;
- PRBool sidOK = PR_TRUE;
- slot = (!sid->u.ssl3.masterValid) ? NULL :
- SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
- sid->u.ssl3.masterSlotID);
- if (slot == NULL) {
- sidOK = PR_FALSE;
- } else {
- PK11SymKey *wrapKey = NULL;
- if (!PK11_IsPresent(slot) ||
- ((wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
- sid->u.ssl3.masterWrapMech,
- sid->u.ssl3.masterWrapSeries,
- ss->pkcs11PinArg)) == NULL) ) {
- sidOK = PR_FALSE;
- }
- if (wrapKey) PK11_FreeSymKey(wrapKey);
- PK11_FreeSlot(slot);
- slot = NULL;
- }
- /* do sid-has-FORTEZZA-slot check */
- if (sid->u.ssl3.hasFortezza) {
- /* do has fortezza check */
- if (!PK11_VerifyKeyOK(sid->u.ssl3.tek))
- sidOK = PR_FALSE;
- }
-
- /* If we previously did client-auth, make sure that the token that
- ** holds the private key still exists, is logged in, hasn't been
- ** removed, etc.
- */
- if (sidOK && !ssl3_ClientAuthTokenPresent(sid)) {
- sidOK = PR_FALSE;
- }
-
- if (!sidOK) {
- ++ssl3stats.sch_sid_cache_not_ok;
- (*ss->sec.uncache)(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- }
- }
-
- if (sid) {
- ++ssl3stats.sch_sid_cache_hits;
-
- rv = ssl3_NegotiateVersion(ss, sid->version);
- if (rv != SECSuccess)
- return rv; /* error code was set */
-
- PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,
- sid->u.ssl3.sessionIDLength));
-
- ss->ssl3->policy = sid->u.ssl3.policy;
- } else {
- ++ssl3stats.sch_sid_cache_misses;
-
- rv = ssl3_NegotiateVersion(ss, SSL_LIBRARY_VERSION_3_1_TLS);
- if (rv != SECSuccess)
- return rv; /* error code was set */
-
- sid = ssl3_NewSessionID(ss, PR_FALSE);
- if (!sid) {
- return SECFailure; /* memory error is set */
- }
- }
-
- ssl_GetSpecWriteLock(ss);
- cwSpec = ss->ssl3->cwSpec;
- if (cwSpec->mac_def->mac == mac_null) {
- /* SSL records are not being MACed. */
- cwSpec->version = ss->version;
- }
- ssl_ReleaseSpecWriteLock(ss);
-
- if (ss->sec.ci.sid != NULL) {
- ssl_FreeSID(ss->sec.ci.sid); /* decrement ref count, free if zero */
- }
- ss->sec.ci.sid = sid;
-
- ss->sec.send = ssl3_SendApplicationData;
-
- /* shouldn't get here if SSL3 is disabled, but ... */
- PORT_Assert(ss->enableSSL3 || ss->enableTLS);
- if (!ss->enableSSL3 && !ss->enableTLS) {
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- return SECFailure;
- }
-
- /* how many suites does our PKCS11 support (regardless of policy)? */
- num_suites = ssl3_config_match_init(ss);
- if (!num_suites)
- return SECFailure; /* ssl3_config_match_init has set error code. */
-
- /* how many suites are permitted by policy and user preference? */
- num_suites = count_cipher_suites(ss, ss->ssl3->policy, PR_TRUE);
- if (!num_suites)
- return SECFailure; /* count_cipher_suites has set error code. */
-
- length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH +
- 1 + ((sid == NULL) ? 0 : sid->u.ssl3.sessionIDLength) +
- 2 + num_suites*sizeof(ssl3CipherSuite) +
- 1 + compressionMethodsCount;
-
- rv = ssl3_AppendHandshakeHeader(ss, client_hello, length);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
- ss->clientHelloVersion = ss->version;
- rv = ssl3_AppendHandshakeNumber(ss, ss->clientHelloVersion, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- rv = ssl3_GetNewRandom(&ss->ssl3->hs.client_random);
- if (rv != SECSuccess) {
- return rv; /* err set by GetNewRandom. */
- }
- rv = ssl3_AppendHandshake(ss, &ss->ssl3->hs.client_random,
- SSL3_RANDOM_LENGTH);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
- if (sid)
- rv = ssl3_AppendHandshakeVariable(
- ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
- else
- rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, num_suites*sizeof(ssl3CipherSuite), 2);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
-
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (config_match(suite, ss->ssl3->policy, PR_TRUE)) {
- actual_count++;
- if (actual_count > num_suites) {
- /* set error card removal/insertion error */
- PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
- return SECFailure;
- }
- rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite,
- sizeof(ssl3CipherSuite));
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- }
- }
-
- /* if cards were removed or inserted between count_cipher_suites and
- * generating our list, detect the error here rather than send it off to
- * the server.. */
- if (actual_count != num_suites) {
- /* Card removal/insertion error */
- PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
- return SECFailure;
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, compressionMethodsCount, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- for (i = 0; i < compressionMethodsCount; i++) {
- rv = ssl3_AppendHandshakeNumber(ss, compressions[i], 1);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- }
-
- rv = ssl3_FlushHandshake(ss, 0);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
-
- ss->ssl3->hs.ws = wait_server_hello;
- return rv;
-}
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Hello Request.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHelloRequest(sslSocket *ss)
-{
- sslSessionID *sid = ss->sec.ci.sid;
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle hello_request handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert(ss->ssl3);
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws == wait_server_hello)
- return SECSuccess;
- if (ss->ssl3->hs.ws != idle_handshake || ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
- return SECFailure;
- }
- if (sid) {
- ss->sec.uncache(sid);
- ssl_FreeSID(sid);
- ss->sec.ci.sid = NULL;
- }
-
- ssl_GetXmitBufLock(ss);
- rv = ssl3_SendClientHello(ss);
- ssl_ReleaseXmitBufLock(ss);
-
- return rv;
-}
-
-#define UNKNOWN_WRAP_MECHANISM 0x7fffffff
-
-static const CK_MECHANISM_TYPE wrapMechanismList[SSL_NUM_WRAP_MECHS] = {
- CKM_DES3_ECB,
- CKM_CAST5_ECB,
- CKM_DES_ECB,
- CKM_KEY_WRAP_LYNKS,
- CKM_IDEA_ECB,
- CKM_CAST3_ECB,
- CKM_CAST_ECB,
- CKM_RC5_ECB,
- CKM_RC2_ECB,
- CKM_CDMF_ECB,
- CKM_SKIPJACK_WRAP,
- CKM_SKIPJACK_CBC64,
- UNKNOWN_WRAP_MECHANISM
-};
-
-static int
-ssl_FindIndexByWrapMechanism(CK_MECHANISM_TYPE mech)
-{
- const CK_MECHANISM_TYPE *pMech = wrapMechanismList;
-
- while (mech != *pMech && *pMech != UNKNOWN_WRAP_MECHANISM) {
- ++pMech;
- }
- return (*pMech == UNKNOWN_WRAP_MECHANISM) ? -1
- : (pMech - wrapMechanismList);
-}
-
-static PK11SymKey *
-ssl_UnwrapSymWrappingKey(
- SSLWrappedSymWrappingKey *pWswk,
- SECKEYPrivateKey * svrPrivKey,
- SSL3KEAType exchKeyType,
- CK_MECHANISM_TYPE masterWrapMech,
- void * pwArg)
-{
- PK11SymKey * unwrappedWrappingKey = NULL;
- SECItem wrappedKey;
-
- /* found the wrapping key on disk. */
- PORT_Assert(pWswk->symWrapMechanism == masterWrapMech);
- PORT_Assert(pWswk->exchKeyType == exchKeyType);
- if (pWswk->symWrapMechanism != masterWrapMech ||
- pWswk->exchKeyType != exchKeyType) {
- goto loser;
- }
- wrappedKey.type = siBuffer;
- wrappedKey.data = pWswk->wrappedSymmetricWrappingkey;
- wrappedKey.len = pWswk->wrappedSymKeyLen;
- PORT_Assert(wrappedKey.len <= sizeof pWswk->wrappedSymmetricWrappingkey);
-
- switch (exchKeyType) {
- PK11SymKey * Ks;
- PK11SlotInfo * slot;
- SECItem param;
-
- case kt_fortezza:
- /* get the slot that the fortezza server private key is in. */
- slot = PK11_GetSlotFromPrivateKey(svrPrivKey);
- if (slot == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_CBC64, NULL, pwArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* unwrap client write key with the local Ks and IV */
- param.type = siBuffer;
- param.data = pWswk->wrapIV;
- param.len = pWswk->wrapIVLen;
- unwrappedWrappingKey =
- PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_CBC64, &param, &wrappedKey,
- masterWrapMech, CKA_UNWRAP, 0);
- PK11_FreeSymKey(Ks);
- break;
-
- case kt_rsa:
- unwrappedWrappingKey =
- PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
- masterWrapMech, CKA_UNWRAP, 0);
- break;
- default:
- /* Assert? */
- SET_ERROR_CODE
- goto loser;
- }
-loser:
- return unwrappedWrappingKey;
-}
-
-/* Each process sharing the server session ID cache has its own array of
- * SymKey pointers for the symmetric wrapping keys that are used to wrap
- * the master secrets. There is one key for each KEA type. These Symkeys
- * correspond to the wrapped SymKeys kept in the server session cache.
- */
-
-typedef struct {
- PK11SymKey * symWrapKey[kt_kea_size];
-} ssl3SymWrapKey;
-
-static PZLock * symWrapKeysLock;
-static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS];
-
-SECStatus
-SSL3_ShutdownServerCache(void)
-{
- int i, j;
-
- if (!symWrapKeysLock)
- return SECSuccess; /* was never initialized */
- PZ_Lock(symWrapKeysLock);
- /* get rid of all symWrapKeys */
- for (i = 0; i < SSL_NUM_WRAP_MECHS; ++i) {
- for (j = 0; j < kt_kea_size; ++j) {
- PK11SymKey ** pSymWrapKey;
- pSymWrapKey = &symWrapKeys[i].symWrapKey[j];
- if (*pSymWrapKey) {
- PK11_FreeSymKey(*pSymWrapKey);
- *pSymWrapKey = NULL;
- }
- }
- }
-
- PZ_Unlock(symWrapKeysLock);
- return SECSuccess;
-}
-
-/* Try to get wrapping key for mechanism from in-memory array.
- * If that fails, look for one on disk.
- * If that fails, generate a new one, put the new one on disk,
- * Put the new key in the in-memory array.
- */
-static PK11SymKey *
-getWrappingKey( sslSocket * ss,
- PK11SlotInfo * masterSecretSlot,
- SSL3KEAType exchKeyType,
- CK_MECHANISM_TYPE masterWrapMech,
- void * pwArg)
-{
- CERTCertificate * svrCert;
- SECKEYPrivateKey * svrPrivKey;
- SECKEYPublicKey * svrPubKey = NULL;
- PK11SymKey * unwrappedWrappingKey = NULL;
- PK11SymKey ** pSymWrapKey;
- CK_MECHANISM_TYPE asymWrapMechanism = CKM_INVALID_MECHANISM;
- int length;
- int symWrapMechIndex;
- SECStatus rv;
- SECItem wrappedKey;
- SSLWrappedSymWrappingKey wswk;
-
- svrPrivKey = ss->serverCerts[exchKeyType].serverKey;
- PORT_Assert(svrPrivKey != NULL);
- if (!svrPrivKey) {
- return NULL; /* why are we here?!? */
- }
-
- symWrapMechIndex = ssl_FindIndexByWrapMechanism(masterWrapMech);
- PORT_Assert(symWrapMechIndex >= 0);
- if (symWrapMechIndex < 0)
- return NULL; /* invalid masterWrapMech. */
-
- pSymWrapKey = &symWrapKeys[symWrapMechIndex].symWrapKey[exchKeyType];
-
- /* atomically initialize the lock */
- if (!symWrapKeysLock)
- nss_InitLock(&symWrapKeysLock, nssILockOther);
-
- PZ_Lock(symWrapKeysLock);
-
- unwrappedWrappingKey = *pSymWrapKey;
- if (unwrappedWrappingKey != NULL) {
- if (PK11_VerifyKeyOK(unwrappedWrappingKey)) {
- unwrappedWrappingKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
- goto done;
- }
- /* slot series has changed, so this key is no good any more. */
- PK11_FreeSymKey(unwrappedWrappingKey);
- *pSymWrapKey = unwrappedWrappingKey = NULL;
- }
-
- /* Try to get wrapped SymWrapping key out of the (disk) cache. */
- /* Following call fills in wswk on success. */
- if (ssl_GetWrappingKey(symWrapMechIndex, exchKeyType, &wswk)) {
- /* found the wrapped sym wrapping key on disk. */
- unwrappedWrappingKey =
- ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, exchKeyType,
- masterWrapMech, pwArg);
- if (unwrappedWrappingKey) {
- goto install;
- }
- }
-
- if (!masterSecretSlot) /* caller doesn't want to create a new one. */
- goto loser;
-
- length = PK11_GetBestKeyLength(masterSecretSlot, masterWrapMech);
- /* Zero length means fixed key length algorithm, or error.
- * It's ambiguous.
- */
- unwrappedWrappingKey = PK11_KeyGen(masterSecretSlot, masterWrapMech, NULL,
- length, pwArg);
- if (!unwrappedWrappingKey) {
- goto loser;
- }
-
- /* Prepare the buffer to receive the wrappedWrappingKey,
- * the symmetric wrapping key wrapped using the server's pub key.
- */
- PORT_Memset(&wswk, 0, sizeof wswk); /* eliminate UMRs. */
-
- svrCert = ss->serverCerts[exchKeyType].serverCert;
- svrPubKey = CERT_ExtractPublicKey(svrCert);
- if (svrPubKey == NULL) {
- /* CERT_ExtractPublicKey doesn't set error code */
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto loser;
- }
- wrappedKey.type = siBuffer;
- wrappedKey.len = SECKEY_PublicKeyStrength(svrPubKey);
- wrappedKey.data = wswk.wrappedSymmetricWrappingkey;
-
- PORT_Assert(wrappedKey.len <= sizeof wswk.wrappedSymmetricWrappingkey);
- if (wrappedKey.len > sizeof wswk.wrappedSymmetricWrappingkey)
- goto loser;
-
- /* wrap symmetric wrapping key in server's public key. */
- switch (exchKeyType) {
- PK11SymKey * Ks;
- PK11SlotInfo * fSlot;
- SECItem param;
-
- case kt_fortezza:
- /* get the slot that the fortezza server private key is in. */
- fSlot = PK11_GetSlotFromPrivateKey(svrPrivKey);
- if (fSlot == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(fSlot, CKM_SKIPJACK_CBC64, NULL, pwArg);
- PK11_FreeSlot(fSlot);
- if (Ks == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* wrap symmetricWrapping key with the local Ks */
- param.type = siBuffer;
- param.data = wswk.wrapIV;
- param.len = sizeof wswk.wrapIV;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &param, Ks,
- unwrappedWrappingKey, &wrappedKey);
- wswk.wrapIVLen = param.len;
- PK11_FreeSymKey(Ks);
- asymWrapMechanism = CKM_SKIPJACK_CBC64;
- break;
-
- case kt_rsa:
- asymWrapMechanism = CKM_RSA_PKCS;
- rv = PK11_PubWrapSymKey(asymWrapMechanism, svrPubKey,
- unwrappedWrappingKey, &wrappedKey);
- break;
-
- default:
- rv = SECFailure;
- break;
- }
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- PORT_Assert(asymWrapMechanism != CKM_INVALID_MECHANISM);
-
- wswk.symWrapMechanism = masterWrapMech;
- wswk.symWrapMechIndex = symWrapMechIndex;
- wswk.asymWrapMechanism = asymWrapMechanism;
- wswk.exchKeyType = exchKeyType;
- wswk.wrappedSymKeyLen = wrappedKey.len;
-
- /* put it on disk. */
- /* If the wrapping key for this KEA type has already been set,
- * then abandon the value we just computed and
- * use the one we got from the disk.
- */
- if (ssl_SetWrappingKey(&wswk)) {
- /* somebody beat us to it. The original contents of our wswk
- * has been replaced with the content on disk. Now, discard
- * the key we just created and unwrap this new one.
- */
- PK11_FreeSymKey(unwrappedWrappingKey);
-
- unwrappedWrappingKey =
- ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, exchKeyType,
- masterWrapMech, pwArg);
- }
-
-install:
- if (unwrappedWrappingKey) {
- *pSymWrapKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
- }
-
-loser:
-done:
- if (svrPubKey) {
- SECKEY_DestroyPublicKey(svrPubKey);
- svrPubKey = NULL;
- }
- PZ_Unlock(symWrapKeysLock);
- return unwrappedWrappingKey;
-}
-
-
-static SECStatus
-ssl3_FortezzaAppendHandshake(sslSocket *ss, unsigned char * data, int len)
-{
- SSL3FortezzaKeys *fortezza_CKE = NULL;
- SECStatus rv = SECFailure;
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- (sizeof(*fortezza_CKE)-sizeof(fortezza_CKE->y_c)) + 1 + len);
- if (rv == SECSuccess) {
- rv = ssl3_AppendHandshakeVariable(ss, data, len, 1);
- }
- return rv; /* err set by ssl3_AppendHandshake* */
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
- PK11SymKey * pms = NULL;
- SECStatus rv = SECFailure;
- SECItem enc_pms = {siBuffer, NULL, 0};
- PRBool isTLS;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss));
-
- /* Generate the pre-master secret ... */
- ssl_GetSpecWriteLock(ss);
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- pms = ssl3_GenerateRSAPMS(ss, ss->ssl3->pwSpec, NULL);
- ssl_ReleaseSpecWriteLock(ss);
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* Get the wrapped (encrypted) pre-master secret, enc_pms */
- enc_pms.len = SECKEY_PublicKeyStrength(svrPubKey);
- enc_pms.data = (unsigned char*)PORT_Alloc(enc_pms.len);
- if (enc_pms.data == NULL) {
- goto loser; /* err set by PORT_Alloc */
- }
-
- /* wrap pre-master secret in server's public key. */
- rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- isTLS ? enc_pms.len + 2 : enc_pms.len);
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
- if (isTLS) {
- rv = ssl3_AppendHandshakeVariable(ss, enc_pms.data, enc_pms.len, 2);
- } else {
- rv = ssl3_AppendHandshake(ss, enc_pms.data, enc_pms.len);
- }
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = SECSuccess;
-
-loser:
- if (enc_pms.data != NULL) {
- PORT_Free(enc_pms.data);
- }
- if (pms != NULL) {
- PK11_FreeSymKey(pms);
- }
- return rv;
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendDHClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
- PK11SymKey * pms = NULL;
- SECStatus rv = SECFailure;
- PRBool isTLS;
- CK_MECHANISM_TYPE target;
-
- SECKEYDHParams dhParam; /* DH parameters */
- SECKEYPublicKey *pubKey = NULL; /* Ephemeral DH key */
- SECKEYPrivateKey *privKey = NULL; /* Ephemeral DH key */
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss));
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* Copy DH parameters from server key */
-
- dhParam.prime.data = svrPubKey->u.dh.prime.data;
- dhParam.prime.len = svrPubKey->u.dh.prime.len;
- dhParam.base.data = svrPubKey->u.dh.base.data;
- dhParam.base.len = svrPubKey->u.dh.base.len;
-
- /* Generate ephemeral DH keypair */
- privKey = SECKEY_CreateDHPrivateKey(&dhParam, &pubKey, NULL);
- if (!privKey || !pubKey) {
- ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
- rv = SECFailure;
- goto loser;
- }
- PRINT_BUF(50, (ss, "DH public value:",
- pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len));
-
- if (isTLS) target = CKM_TLS_MASTER_KEY_DERIVE_DH;
- else target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
-
- /* Determine the PMS */
-
- pms = PK11_PubDerive(privKey, svrPubKey, PR_FALSE, NULL, NULL,
- CKM_DH_PKCS_DERIVE, target, CKA_DERIVE, 0, NULL);
-
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- SECKEY_DestroyPrivateKey(privKey);
- privKey = NULL;
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- pubKey->u.dh.publicValue.len + 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
- rv = ssl3_AppendHandshakeVariable(ss,
- pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len, 2);
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
-
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = SECSuccess;
-
-
-loser:
-
- if(pms) PK11_FreeSymKey(pms);
- if(privKey) SECKEY_DestroyPrivateKey(privKey);
- if(pubKey) SECKEY_DestroyPublicKey(pubKey);
- return rv;
-}
-
-#ifdef NSS_ENABLE_ECC
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendECDHClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
- PK11SymKey * pms = NULL;
- SECStatus rv = SECFailure;
- PRBool isTLS;
- CK_MECHANISM_TYPE target;
- SECKEYPublicKey *pubKey = NULL; /* Ephemeral ECDH key */
- SECKEYPrivateKey *privKey = NULL; /* Ephemeral ECDH key */
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss));
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* Generate ephemeral EC keypair */
- privKey = SECKEY_CreateECPrivateKey(&svrPubKey->u.ec.DEREncodedParams,
- &pubKey, NULL);
- if (!privKey || !pubKey) {
- ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
- rv = SECFailure;
- goto loser;
- }
- PRINT_BUF(50, (ss, "ECDH public value:",
- pubKey->u.ec.publicValue.data,
- pubKey->u.ec.publicValue.len));
-
- if (isTLS) target = CKM_TLS_MASTER_KEY_DERIVE_DH;
- else target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
-
- /* Determine the PMS */
- pms = PK11_PubDerive(privKey, svrPubKey, PR_FALSE, NULL, NULL,
- CKM_ECDH1_DERIVE, target, CKA_DERIVE, 0, NULL);
-
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- SECKEY_DestroyPrivateKey(privKey);
- privKey = NULL;
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- pubKey->u.ec.publicValue.len + 1);
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss,
- pubKey->u.ec.publicValue.data,
- pubKey->u.ec.publicValue.len, 1);
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
-
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = SECSuccess;
-
-loser:
- if(pms) PK11_FreeSymKey(pms);
- if(privKey) SECKEY_DestroyPrivateKey(privKey);
- if(pubKey) SECKEY_DestroyPublicKey(pubKey);
- return rv;
-}
-#endif /* NSS_ENABLE_ECC */
-
-/* fortezza client-auth portion of ClientKeyExchange message
- * This function appends the KEA public key from the client's V3 cert
- * (empty for a V1 cert) to the outgoing ClientKeyExchange message.
- * For a V3 cert, it also computes the Fortezza public key hash of that key
- * and signs that hash with the client's signing private key.
- * It also finds and returns the client's KEA private key.
- *
- * Called from sendFortezzaClientKeyExchange <- ssl3_SendClientKeyExchange()
- */
-static SECKEYPrivateKey *
-sendFortezzaCKXClientAuth(sslSocket *ss, SSL3FortezzaKeys * fortezza_CKE)
-{
- SECKEYPublicKey * pubKey = NULL;
- SECKEYPrivateKey * privKeaKey = NULL;
- CERTCertificate * peerCert = ss->sec.peerCert;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv = SECFailure;
- SECItem sigItem;
- SECItem hashItem;
-
- /* extract our own local public key. */
- pubKey = CERT_ExtractPublicKey(ss->ssl3->clientCertificate);
- if (!pubKey) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto loser;
- }
-
- if (pubKey->keyType == fortezzaKey) {
- /* fortezza clientauth with fortezza V1 certificate */
- rv = ssl3_FortezzaAppendHandshake(ss, NULL, 0);
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
- privKeaKey = PK11_FindKeyByAnyCert(ss->ssl3->clientCertificate, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
-
- } else {
- /* fortezza clientauth w/ V3 certificate or non fortezza cert*/
- CERTCertificate * ccert = NULL;
- SECKEYPublicKey * foundPubKey = NULL;
- unsigned char hash[SHA1_LENGTH];
-
- ccert = PK11_FindBestKEAMatch(peerCert, pwArg);
- if (ccert == NULL) {
- PORT_SetError(SSL_ERROR_FORTEZZA_PQG);
- goto v3_loser;
- }
-
- foundPubKey = CERT_ExtractPublicKey(ccert);
- if (foundPubKey == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto v3_loser;
- }
-
- if (foundPubKey->keyType == keaKey) {
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.kea.publicValue.data,
- foundPubKey->u.kea.publicValue.len);
- if (rv != SECSuccess) {
- goto v3_loser; /* err was set by AppendHandshake. */
- }
-
- rv = ssl3_ComputeFortezzaPublicKeyHash(
- foundPubKey->u.kea.publicValue, hash);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto v3_loser;
- }
- } else {
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.fortezza.KEAKey.data,
- foundPubKey->u.fortezza.KEAKey.len);
- if (rv != SECSuccess) {
- goto v3_loser; /* err was set by AppendHandshake. */
- }
-
- rv = ssl3_ComputeFortezzaPublicKeyHash(
- foundPubKey->u.fortezza.KEAKey, hash);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto v3_loser;
- }
- }
-
- hashItem.data = (unsigned char *) hash;
- hashItem.len = SHA1_LENGTH;
-
- sigItem.data = fortezza_CKE->y_signature;
- sigItem.len = sizeof fortezza_CKE->y_signature;
-
- rv = PK11_Sign(ss->ssl3->clientPrivateKey, &sigItem, &hashItem);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto v3_loser;
- }
-
- privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
-
-v3_loser:
- if (foundPubKey)
- SECKEY_DestroyPublicKey(foundPubKey);
- if (ccert)
- CERT_DestroyCertificate(ccert);
- } /* fortezza clientauth w/ V3 certificate or non fortezza cert*/
-
-loser:
-
- if (pubKey)
- SECKEY_DestroyPublicKey(pubKey);
- return privKeaKey;
-} /* End of fortezza client-auth. */
-
-
-/* fortezza without client-auth */
-/* fortezza client-auth portion of ClientKeyExchange message
- * This function appends the public KEA key from the client's cert
- * to the outgoing ClientKeyExchange message.
- * It also finds and returns the client's KEA private key.
- *
- * Called from sendFortezzaClientKeyExchange <- ssl3_SendClientKeyExchange()
- */
-static SECKEYPrivateKey *
-sendFortezzaCKXNoClientAuth(sslSocket *ss)
-{
- SECKEYPublicKey * foundPubKey = NULL;
- SECKEYPrivateKey * privKeaKey = NULL;
- CERTCertificate * ccert = NULL;
- CERTCertificate * peerCert = ss->sec.peerCert;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv = SECFailure;
-
- ccert = PK11_FindBestKEAMatch(peerCert, pwArg);
- if (ccert == NULL) {
- PORT_SetError(SSL_ERROR_FORTEZZA_PQG);
- goto loser;
- }
-
- foundPubKey = CERT_ExtractPublicKey(ccert);
- if (foundPubKey == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto loser;
- }
-
- if (foundPubKey->keyType == fortezzaKey) {
- /* fortezza V1 cert */
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.fortezza.KEAKey.data,
- foundPubKey->u.fortezza.KEAKey.len);
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
- privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
- } else {
- /* fortezza V3 cert */
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.kea.publicValue.data,
- foundPubKey->u.kea.publicValue.len);
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
- privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
- }
-
-loser:
- if (foundPubKey)
- SECKEY_DestroyPublicKey(foundPubKey);
- if (ccert)
- CERT_DestroyCertificate(ccert);
- return privKeaKey;
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendFortezzaClientKeyExchange(sslSocket * ss, SECKEYPublicKey * serverKey)
-{
- ssl3CipherSpec * pwSpec = NULL;
- sslSessionID * sid = ss->sec.ci.sid;
- PK11SlotInfo * slot = NULL;
- PK11SymKey * pms = NULL;
- PK11SymKey * tek = NULL;
- PK11SymKey * client_write_key = NULL;
- PK11SymKey * server_write_key = NULL;
- SECKEYPrivateKey * privKeaKey = NULL;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv = SECFailure;
- CK_VERSION version;
- SECItem param;
- SECItem raItem;
- SECItem rbItem;
- SECItem enc_pms;
- SECItem item;
- SSL3FortezzaKeys fortezza_CKE;
- PRBool releaseSpecWriteLock = PR_FALSE;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- /* first get an appropriate slot for doing MACing.
- * Note: This slot will NOT be a Fortezza slot because Fortezza
- * cannot generate an SSL3 pre-master-secret.
- */
- slot = PK11_GetBestSlot(CKM_SSL3_PRE_MASTER_KEY_GEN, pwArg);
- if (slot == NULL) {
- PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
- goto loser;
- }
-
- /* create a pre-Master secret */
- version.major = MSB(ss->version);
- version.minor = LSB(ss->version);
-
- param.data = (unsigned char *)&version;
- param.len = sizeof version;
-
- pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN,
- &param, 0, pwArg);
- PK11_FreeSlot(slot);
- slot = NULL;
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* If we don't have a certificate, we need to read out your public key.
- * This changes a bit when we need to deal with the PQG stuff
- */
- PORT_Memset(fortezza_CKE.y_signature, 0, sizeof fortezza_CKE.y_signature);
-
- /* Send the KEA public key and get the KEA private key. */
- if (ss->ssl3->clientCertificate != NULL) {
- /* with client-auth */
- privKeaKey = sendFortezzaCKXClientAuth(ss, &fortezza_CKE);
- } else {
- /* without client-auth */
- privKeaKey = sendFortezzaCKXNoClientAuth(ss);
- }
- if (privKeaKey == NULL) {
- rv = SECFailure;
- goto loser; /* error was already set. */
- }
-
- /* Now we derive the TEK, and generate r_c the client's "random" public key.
- * r_c is generated and filled in by the PubDerive call below.
- */
- raItem.data = fortezza_CKE.r_c;
- raItem.len = sizeof fortezza_CKE.r_c;
-
- /* R_s == server's "random" public key, sent in the Server Key Exchange */
- rbItem.data = ss->ssl3->fortezza.R_s;
- rbItem.len = sizeof ss->ssl3->fortezza.R_s;
-
- tek = PK11_PubDerive(privKeaKey, serverKey, PR_TRUE, /* generate r_c */
- &raItem, &rbItem, CKM_KEA_KEY_DERIVE,
- CKM_SKIPJACK_WRAP, CKA_WRAP, 0, pwArg);
- SECKEY_DestroyPrivateKey(privKeaKey);
- privKeaKey = NULL;
- if (tek == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(tek); /* can't fail. */
-
- /* encrypt the pms with the TEK.
- * NB: PK11_WrapSymKey will generate and output the encrypted PMS
- * AND the IV for decrypting the PMS.
- */
- param.data = fortezza_CKE.master_secret_iv;
- param.len = sizeof fortezza_CKE.master_secret_iv;
-
- enc_pms.data = fortezza_CKE.encrypted_preMasterSecret;
- enc_pms.len = sizeof fortezza_CKE.encrypted_preMasterSecret;
-
- rv = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &param, tek, pms, &enc_pms);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- rv = SECFailure; /* not there yet. */
-
- slot = PK11_GetSlotFromKey(tek);
-
- ssl_GetSpecWriteLock(ss); releaseSpecWriteLock = PR_TRUE;
-
- pwSpec = ss->ssl3->pwSpec;
- pwSpec->client.write_key = client_write_key =
- PK11_KeyGen(slot, CKM_SKIPJACK_CBC64, NULL, 0, pwArg);
- if (client_write_key == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- /* the -1 is a hack. It's supposed to be key size, but we use it
- * to tell the wrapper that we're doing a weird PKCS #11 key gen.
- * Usually the result of key gen is an encrypt key. This is not
- * the case with SSL, where this key is a decrypt key.
- */
- pwSpec->server.write_key = server_write_key =
- PK11_KeyGen(slot, CKM_SKIPJACK_CBC64, NULL, -1, pwArg);
- if (server_write_key == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* copy the keys and IVs out now */
- item.data = fortezza_CKE.wrapped_client_write_key;
- item.len = sizeof fortezza_CKE.wrapped_client_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, client_write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- item.data = fortezza_CKE.wrapped_server_write_key;
- item.len = sizeof fortezza_CKE.wrapped_server_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, server_write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* we only get the generated IV's if we're doing skipjack. */
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- PORT_Memcpy(fortezza_CKE.client_write_iv, pwSpec->client.write_iv,
- sizeof fortezza_CKE.client_write_iv);
- PORT_Memcpy(fortezza_CKE.server_write_iv, pwSpec->server.write_iv,
- sizeof fortezza_CKE.server_write_iv);
- } else {
- /* generate IVs to make old servers happy */
- rv = PK11_GenerateFortezzaIV(client_write_key,
- fortezza_CKE.client_write_iv,
- sizeof fortezza_CKE.client_write_iv);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- rv = PK11_GenerateFortezzaIV(server_write_key,
- fortezza_CKE.server_write_iv,
- sizeof fortezza_CKE.server_write_iv);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- }
-
- /* NOTE: This technique of writing out the struct, rather than writing
- * out the individual members works only because all the rest of the
- * values are fixed-length strings of well-defined byte order.
- * Add one SECItem or one Number and we will need to break the elements out.
- */
- rv = ssl3_AppendHandshake(ss, &fortezza_CKE.r_c,
- (sizeof fortezza_CKE - sizeof fortezza_CKE.y_c));
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
-
- /* now we initialize our contexts */
- sid->u.ssl3.hasFortezza = PR_TRUE;
- sid->u.ssl3.tek = tek; tek = NULL; /* adopt.. */
-
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- sid->u.ssl3.clientWriteKey =
- PK11_ReferenceSymKey(pwSpec->client.write_key);
- sid->u.ssl3.serverWriteKey=
- PK11_ReferenceSymKey(pwSpec->server.write_key);
-
- PORT_Memcpy(sid->u.ssl3.keys.client_write_iv,
- pwSpec->client.write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(sid->u.ssl3.keys.server_write_iv,
- pwSpec->server.write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
-
- rv = PK11_SaveContext((PK11Context *)pwSpec->encodeContext,
- sid->u.ssl3.clientWriteSave,
- &sid->u.ssl3.clientWriteSaveLen,
- sizeof sid->u.ssl3.clientWriteSave);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- } else {
- PK11_FreeSymKey(client_write_key);
- pwSpec->client.write_key = client_write_key = NULL;
-
- PK11_FreeSymKey(server_write_key);
- pwSpec->server.write_key = server_write_key = NULL;
-
- rv = SECSuccess;
- }
- /* FALL THROUGH */
-
-loser:
- if (tek) PK11_FreeSymKey(tek);
- if (slot) PK11_FreeSlot(slot);
- if (pms) PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- if (client_write_key) {
- PK11_FreeSymKey(client_write_key);
- pwSpec->client.write_key = client_write_key = NULL;
- }
- if (server_write_key) {
- PK11_FreeSymKey(server_write_key);
- pwSpec->server.write_key = server_write_key = NULL;
- }
- }
- if (releaseSpecWriteLock)
- ssl_GetSpecWriteLock(ss);
- return rv;
-}
-
-/* Called from ssl3_HandleServerHelloDone(). */
-static SECStatus
-ssl3_SendClientKeyExchange(sslSocket *ss)
-{
- SECKEYPublicKey * serverKey = NULL;
- SECStatus rv = SECFailure;
- PRBool isTLS;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send client_key_exchange handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- if (ss->sec.peerKey == NULL) {
- serverKey = CERT_ExtractPublicKey(ss->sec.peerCert);
- if (serverKey == NULL) {
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- return SECFailure;
- }
- } else {
- serverKey = ss->sec.peerKey;
- ss->sec.peerKey = NULL; /* we're done with it now */
- }
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- /* enforce limits on kea key sizes. */
- if (ss->ssl3->hs.kea_def->is_limited) {
- int keyLen = SECKEY_PublicKeyStrength(serverKey); /* bytes */
-
- if (keyLen * BPB > ss->ssl3->hs.kea_def->key_size_limit) {
- if (isTLS)
- (void)SSL3_SendAlert(ss, alert_fatal, export_restriction);
- else
- (void)ssl3_HandshakeFailure(ss);
- PORT_SetError(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED);
- goto loser;
- }
- }
-
- ss->sec.keaType = ss->ssl3->hs.kea_def->exchKeyType;
- ss->sec.keaKeyBits = SECKEY_PublicKeyStrengthInBits(serverKey);
-
- switch (ss->ssl3->hs.kea_def->exchKeyType) {
- case kt_rsa:
- rv = sendRSAClientKeyExchange(ss, serverKey);
- break;
-
- case kt_fortezza:
- rv = sendFortezzaClientKeyExchange(ss, serverKey);
- break;
-
- case kt_dh:
- rv = sendDHClientKeyExchange(ss, serverKey);
- break;
-
-#ifdef NSS_ENABLE_ECC
- case kt_ecdh:
- rv = sendECDHClientKeyExchange(ss, serverKey);
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- /* got an unknown or unsupported Key Exchange Algorithm. */
- SEND_ALERT
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- break;
- }
-
- SSL_TRC(3, ("%d: SSL3[%d]: DONE sending client_key_exchange",
- SSL_GETPID(), ss->fd));
-
-loser:
- if (serverKey)
- SECKEY_DestroyPublicKey(serverKey);
- return rv; /* err code already set. */
-}
-
-/* Called from ssl3_HandleServerHelloDone(). */
-static SECStatus
-ssl3_SendCertificateVerify(sslSocket *ss)
-{
- ssl3State * ssl3 = ss->ssl3;
- SECStatus rv = SECFailure;
- PRBool isTLS;
- SECItem buf = {siBuffer, NULL, 0};
- SSL3Hashes hashes;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- SSL_TRC(3, ("%d: SSL3[%d]: send certificate_verify handshake",
- SSL_GETPID(), ss->fd));
-
- ssl_GetSpecReadLock(ss);
- rv = ssl3_ComputeHandshakeHashes(ss, ssl3->pwSpec, &hashes, 0);
- ssl_ReleaseSpecReadLock(ss);
- if (rv != SECSuccess) {
- goto done; /* err code was set by ssl3_ComputeHandshakeHashes */
- }
-
- isTLS = (PRBool)(ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_SignHashes(&hashes, ssl3->clientPrivateKey, &buf, isTLS);
- if (rv == SECSuccess) {
- PK11SlotInfo * slot;
- sslSessionID * sid = ss->sec.ci.sid;
-
- /* Remember the info about the slot that did the signing.
- ** Later, when doing an SSL restart handshake, verify this.
- ** These calls are mere accessors, and can't fail.
- */
- slot = PK11_GetSlotFromPrivateKey(ss->ssl3->clientPrivateKey);
- sid->u.ssl3.clAuthSeries = PK11_GetSlotSeries(slot);
- sid->u.ssl3.clAuthSlotID = PK11_GetSlotID(slot);
- sid->u.ssl3.clAuthModuleID = PK11_GetModuleID(slot);
- sid->u.ssl3.clAuthValid = PR_TRUE;
- PK11_FreeSlot(slot);
- }
- /* If we're doing RSA key exchange, we're all done with the private key
- * here. Diffie-Hellman & Fortezza key exchanges need the client's
- * private key for the key exchange.
- */
- if (ssl3->hs.kea_def->exchKeyType == kt_rsa) {
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
- ssl3->clientPrivateKey = NULL;
- }
- if (rv != SECSuccess) {
- goto done; /* err code was set by ssl3_SignHashes */
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate_verify, buf.len + 2);
- if (rv != SECSuccess) {
- goto done; /* error code set by AppendHandshake */
- }
- rv = ssl3_AppendHandshakeVariable(ss, buf.data, buf.len, 2);
- if (rv != SECSuccess) {
- goto done; /* error code set by AppendHandshake */
- }
-
-done:
- if (buf.data)
- PORT_Free(buf.data);
- return rv;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ServerHello message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- sslSessionID *sid = ss->sec.ci.sid;
- PRInt32 temp; /* allow for consume number failure */
- PRBool suite_found = PR_FALSE;
- int i;
- int errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
- SECStatus rv;
- SECItem sidBytes = {siBuffer, NULL, 0};
- PRBool sid_match;
- PRBool isTLS = PR_FALSE;
- SSL3AlertDescription desc = illegal_parameter;
- SSL3ProtocolVersion version;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError(); /* ssl3_InitState has set the error code. */
- goto alert_loser;
- }
- if (ss->ssl3->hs.ws != wait_server_hello) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO;
- desc = unexpected_message;
- goto alert_loser;
- }
-
- temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (temp < 0) {
- goto loser; /* alert has been sent */
- }
- version = (SSL3ProtocolVersion)temp;
-
- /* this is appropriate since the negotiation is complete, and we only
- ** know SSL 3.x.
- */
- if (MSB(version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- goto alert_loser;
- }
-
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
- isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0);
-
- rv = ssl3_ConsumeHandshake(
- ss, &ss->ssl3->hs.server_random, SSL3_RANDOM_LENGTH, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* alert has been sent */
- }
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* alert has been sent */
- }
- if (sidBytes.len > SSL3_SESSIONID_BYTES) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- /* find selected cipher suite in our list. */
- temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (temp < 0) {
- goto loser; /* alert has been sent */
- }
- ssl3_config_match_init(ss);
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if ((temp == suite->cipher_suite) &&
- (config_match(suite, ss->ssl3->policy, PR_TRUE))) {
- suite_found = PR_TRUE;
- break; /* success */
- }
- }
- if (!suite_found) {
- desc = handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
- ss->ssl3->hs.cipher_suite = (ssl3CipherSuite)temp;
- ss->ssl3->hs.suite_def = ssl_LookupCipherSuiteDef((ssl3CipherSuite)temp);
- PORT_Assert(ss->ssl3->hs.suite_def);
- if (!ss->ssl3->hs.suite_def) {
- PORT_SetError(errCode = SEC_ERROR_LIBRARY_FAILURE);
- goto loser; /* we don't send alerts for our screw-ups. */
- }
-
- /* find selected compression method in our list. */
- temp = ssl3_ConsumeHandshakeNumber(ss, 1, &b, &length);
- if (temp < 0) {
- goto loser; /* alert has been sent */
- }
- suite_found = PR_FALSE;
- for (i = 0; i < compressionMethodsCount; i++) {
- if (temp == compressions[i]) {
- suite_found = PR_TRUE;
- break; /* success */
- }
- }
- if (!suite_found) {
- desc = handshake_failure;
- errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
- goto alert_loser;
- }
- ss->ssl3->hs.compression = (SSL3CompressionMethod)temp;
-
- if (length != 0) { /* malformed */
- goto alert_loser;
- }
-
- /* Any errors after this point are not "malformed" errors. */
- desc = handshake_failure;
-
- /* we need to call ssl3_SetupPendingCipherSpec here so we can check the
- * key exchange algorithm. */
- rv = ssl3_SetupPendingCipherSpec(ss, ss->ssl3);
- if (rv != SECSuccess) {
- goto alert_loser; /* error code is set. */
- }
-
- /* We may or may not have sent a session id, we may get one back or
- * not and if so it may match the one we sent.
- * Attempt to restore the master secret to see if this is so...
- * Don't consider failure to find a matching SID an error.
- */
- sid_match = (PRBool)(sidBytes.len > 0 &&
- sidBytes.len == sid->u.ssl3.sessionIDLength &&
- !PORT_Memcmp(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len));
-
- if (sid_match &&
- sid->version == ss->version &&
- sid->u.ssl3.cipherSuite == ss->ssl3->hs.cipher_suite) do {
- PK11SlotInfo *slot;
- PK11SymKey * wrapKey; /* wrapping key */
- SECItem wrappedMS; /* wrapped master secret. */
- CK_FLAGS keyFlags = 0;
-
- ss->sec.authAlgorithm = sid->authAlgorithm;
- ss->sec.authKeyBits = sid->authKeyBits;
- ss->sec.keaType = sid->keaType;
- ss->sec.keaKeyBits = sid->keaKeyBits;
-
- slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
- sid->u.ssl3.masterSlotID);
- if (slot == NULL) {
- break; /* not considered an error. */
- }
- if (!PK11_IsPresent(slot)) {
- PK11_FreeSlot(slot);
- break; /* not considered an error. */
- }
- wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
- sid->u.ssl3.masterWrapMech,
- sid->u.ssl3.masterWrapSeries,
- ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (wrapKey == NULL) {
- break; /* not considered an error. */
- }
-
- if (ss->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
- keyFlags = CKF_SIGN | CKF_VERIFY;
- }
-
- wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
- wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
- ss->ssl3->pwSpec->master_secret =
- PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech,
- NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
- CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
- errCode = PORT_GetError();
- PK11_FreeSymKey(wrapKey);
- if (ss->ssl3->pwSpec->master_secret == NULL) {
- break; /* errorCode set just after call to UnwrapSymKey. */
- }
-
- /* Got a Match */
- ++ssl3stats.hsh_sid_cache_hits;
- ss->ssl3->hs.ws = wait_change_cipher;
- ss->ssl3->hs.isResuming = PR_TRUE;
-
- /* copy the peer cert from the SID */
- if (sid->peerCert != NULL) {
- ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
- }
-
- /* reload the FORTEZZA key material. These keys aren't generated
- * by the master secret, but by the key exchange. We restart by
- * reusing these keys. */
- if (sid->u.ssl3.hasFortezza) {
- ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(sid->u.ssl3.tek);
- }
- if (ss->ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
- ss->ssl3->pwSpec->client.write_key =
- PK11_ReferenceSymKey(sid->u.ssl3.clientWriteKey);
- ss->ssl3->pwSpec->server.write_key =
- PK11_ReferenceSymKey(sid->u.ssl3.serverWriteKey);
- /* add the tek later for pre-encrypted files */
- PORT_Memcpy(ss->ssl3->pwSpec->client.write_iv,
- sid->u.ssl3.keys.client_write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(ss->ssl3->pwSpec->server.write_iv,
- sid->u.ssl3.keys.server_write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
- }
-
- /* NULL value for PMS signifies re-use of the old MS */
- rv = ssl3_InitPendingCipherSpec(ss, NULL);
- if (rv != SECSuccess) {
- goto alert_loser; /* err code was set by ssl3_InitPendingCipherSpec */
- }
- if (ss->ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
- rv = PK11_RestoreContext(
- (PK11Context *)ss->ssl3->pwSpec->encodeContext,
- sid->u.ssl3.clientWriteSave,
- sid->u.ssl3.clientWriteSaveLen);
- if (rv != SECSuccess) {
- goto alert_loser; /* err is set. */
- }
- }
- SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
- return SECSuccess;
- } while (0);
-
- if (sid_match)
- ++ssl3stats.hsh_sid_cache_not_ok;
- else
- ++ssl3stats.hsh_sid_cache_misses;
-
- /* throw the old one away */
- sid->u.ssl3.resumable = PR_FALSE;
- (*ss->sec.uncache)(sid);
- ssl_FreeSID(sid);
-
- /* get a new sid */
- ss->sec.ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE);
- if (sid == NULL) {
- goto alert_loser; /* memory error is set. */
- }
-
- sid->version = ss->version;
- sid->u.ssl3.sessionIDLength = sidBytes.len;
- PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len);
- SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
-
- ss->ssl3->hs.isResuming = PR_FALSE;
- ss->ssl3->hs.ws = wait_server_cert;
- return SECSuccess;
-
-alert_loser:
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-
-loser:
- if (sidBytes.data != NULL)
- SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
- errCode = ssl_MapLowLevelError(errCode);
- return SECFailure;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ServerKeyExchange message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- PRArenaPool * arena = NULL;
- SECKEYPublicKey *peerKey = NULL;
- PRBool isTLS;
- SECStatus rv;
- int errCode = SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH;
- SSL3AlertDescription desc = illegal_parameter;
- SECItem modulus = {siBuffer, NULL, 0};
- SECItem exponent = {siBuffer, NULL, 0};
- SECItem signature = {siBuffer, NULL, 0};
- SECItem dh_p = {siBuffer, NULL, 0};
- SECItem dh_g = {siBuffer, NULL, 0};
- SECItem dh_Ys = {siBuffer, NULL, 0};
- SSL3Hashes hashes;
-#ifdef NSS_ENABLE_ECC
- SECItem ec_params = {siBuffer, NULL, 0};
- SECItem ec_point = {siBuffer, NULL, 0};
-#endif /* NSS_ENABLE_ECC */
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle server_key_exchange handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws != wait_server_key &&
- ss->ssl3->hs.ws != wait_server_cert) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
- desc = unexpected_message;
- goto alert_loser;
- }
- if (ss->sec.peerCert == NULL) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
- desc = unexpected_message;
- goto alert_loser;
- }
-
- isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- switch (ss->ssl3->hs.kea_def->exchKeyType) {
-
- case kt_rsa:
- rv = ssl3_ConsumeHandshakeVariable(ss, &modulus, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &exponent, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- if (length != 0) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- /* failures after this point are not malformed handshakes. */
- /* TLS: send decrypt_error if signature failed. */
- desc = isTLS ? decrypt_error : handshake_failure;
-
- /*
- * check to make sure the hash is signed by right guy
- */
- rv = ssl3_ComputeExportRSAKeyHash(modulus, exponent,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random, &hashes);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
- rv = ssl3_VerifySignedHashes(&hashes, ss->sec.peerCert, &signature,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
-
- /*
- * we really need to build a new key here because we can no longer
- * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
- * pkcs11 slots and ID's.
- */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto no_memory;
- }
-
- peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
- if (peerKey == NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
-
- peerKey->arena = arena;
- peerKey->keyType = rsaKey;
- peerKey->pkcs11Slot = NULL;
- peerKey->pkcs11ID = CK_INVALID_HANDLE;
- if (SECITEM_CopyItem(arena, &peerKey->u.rsa.modulus, &modulus) ||
- SECITEM_CopyItem(arena, &peerKey->u.rsa.publicExponent, &exponent))
- {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
- ss->sec.peerKey = peerKey;
- SECITEM_FreeItem(&modulus, PR_FALSE);
- SECITEM_FreeItem(&exponent, PR_FALSE);
- SECITEM_FreeItem(&signature, PR_FALSE);
- ss->ssl3->hs.ws = wait_cert_request;
- return SECSuccess;
-
- case kt_dh:
- rv = ssl3_ConsumeHandshakeVariable(ss, &dh_p, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- if (length != 0) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- PRINT_BUF(60, (NULL, "Server DH p", dh_p.data, dh_p.len));
- PRINT_BUF(60, (NULL, "Server DH g", dh_g.data, dh_g.len));
- PRINT_BUF(60, (NULL, "Server DH Ys", dh_Ys.data, dh_Ys.len));
-
- /* failures after this point are not malformed handshakes. */
- /* TLS: send decrypt_error if signature failed. */
- desc = isTLS ? decrypt_error : handshake_failure;
-
- /*
- * check to make sure the hash is signed by right guy
- */
- rv = ssl3_ComputeDHKeyHash(dh_p, dh_g, dh_Ys,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random, &hashes);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
- rv = ssl3_VerifySignedHashes(&hashes, ss->sec.peerCert, &signature,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
-
- /*
- * we really need to build a new key here because we can no longer
- * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
- * pkcs11 slots and ID's.
- */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto no_memory;
- }
-
- ss->sec.peerKey = peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
- if (peerKey == NULL) {
- goto no_memory;
- }
-
- peerKey->arena = arena;
- peerKey->keyType = dhKey;
- peerKey->pkcs11Slot = NULL;
- peerKey->pkcs11ID = CK_INVALID_HANDLE;
-
- if (SECITEM_CopyItem(arena, &peerKey->u.dh.prime, &dh_p) ||
- SECITEM_CopyItem(arena, &peerKey->u.dh.base, &dh_g) ||
- SECITEM_CopyItem(arena, &peerKey->u.dh.publicValue, &dh_Ys))
- {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
- ss->sec.peerKey = peerKey;
- SECITEM_FreeItem(&dh_p, PR_FALSE);
- SECITEM_FreeItem(&dh_g, PR_FALSE);
- SECITEM_FreeItem(&dh_Ys, PR_FALSE);
- ss->ssl3->hs.ws = wait_cert_request;
- return SECSuccess;
-
-#ifdef NSS_ENABLE_ECC
- case kt_ecdh:
- /* XXX This works only for named curves, revisit this when
- * we support generic curves.
- */
- ec_params.len = 2;
- ec_params.data = (unsigned char*)PORT_Alloc(ec_params.len);
- rv = ssl3_ConsumeHandshake(ss, ec_params.data, ec_params.len, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
-
- /* Fail if the curve is not a named curve */
- if ((ec_params.data[0] != ec_type_named) ||
- !supportedCurve(ec_params.data[1])) {
- errCode = SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
- desc = handshake_failure;
- goto alert_loser;
- }
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &ec_point, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- /* Fail if the ec point uses compressed representation */
- if (ec_point.data[0] != EC_POINT_FORM_UNCOMPRESSED) {
- errCode = SEC_ERROR_UNSUPPORTED_EC_POINT_FORM;
- desc = handshake_failure;
- goto alert_loser;
- }
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
-
- if (length != 0) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- PRINT_BUF(60, (NULL, "Server EC params", ec_params.data,
- ec_params.len));
- PRINT_BUF(60, (NULL, "Server EC point", ec_point.data, ec_point.len));
-
- /* failures after this point are not malformed handshakes. */
- /* TLS: send decrypt_error if signature failed. */
- desc = isTLS ? decrypt_error : handshake_failure;
-
- /*
- * check to make sure the hash is signed by right guy
- */
- rv = ssl3_ComputeECDHKeyHash(ec_params, ec_point,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random, &hashes);
-
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
- rv = ssl3_VerifySignedHashes(&hashes, ss->sec.peerCert, &signature,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto no_memory;
- }
-
- ss->sec.peerKey = peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
- if (peerKey == NULL) {
- goto no_memory;
- }
-
- peerKey->arena = arena;
- peerKey->keyType = ecKey;
-
- /* set up EC parameters in peerKey */
- if (ecName2params(arena, ec_params.data[1],
- &peerKey->u.ec.DEREncodedParams) != SECSuccess) {
- /* we should never get here since we already
- * checked that we are dealing with a supported curve
- */
- errCode = SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
- goto alert_loser;
- }
-
- /* copy publicValue in peerKey */
- if (SECITEM_CopyItem(arena, &peerKey->u.ec.publicValue, &ec_point))
- {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
- peerKey->pkcs11Slot = NULL;
- peerKey->pkcs11ID = CK_INVALID_HANDLE;
-
- ss->sec.peerKey = peerKey;
- SECITEM_FreeItem(&ec_params, PR_FALSE);
- SECITEM_FreeItem(&ec_point, PR_FALSE);
- ss->ssl3->hs.ws = wait_cert_request;
-
- return SECSuccess;
-#endif /* NSS_ENABLE_ECC */
-
- case kt_fortezza:
-
- /* Fortezza needs *BOTH* a server cert message
- * and a server key exchange message.
- */
- if (ss->ssl3->hs.ws == wait_server_cert) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
- desc = unexpected_message;
- goto alert_loser;
- }
- /* Get the server's "random" public key. */
- rv = ssl3_ConsumeHandshake(ss, ss->ssl3->fortezza.R_s,
- sizeof ss->ssl3->fortezza.R_s, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- ss->ssl3->hs.ws = wait_cert_request;
- return SECSuccess;
-
- default:
- desc = handshake_failure;
- errCode = SEC_ERROR_UNSUPPORTED_KEYALG;
- break; /* goto alert_loser; */
- }
-
-alert_loser:
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- if (modulus.data != NULL) SECITEM_FreeItem(&modulus, PR_FALSE);
- if (exponent.data != NULL) SECITEM_FreeItem(&exponent, PR_FALSE);
- if (signature.data != NULL) SECITEM_FreeItem(&signature, PR_FALSE);
- if (dh_p.data != NULL) SECITEM_FreeItem(&dh_p, PR_FALSE);
- if (dh_g.data != NULL) SECITEM_FreeItem(&dh_g, PR_FALSE);
- if (dh_Ys.data != NULL) SECITEM_FreeItem(&dh_Ys, PR_FALSE);
-#ifdef NSS_ENABLE_ECC
- if (ec_params.data != NULL) SECITEM_FreeItem(&ec_params, PR_FALSE);
- if (ec_point.data != NULL) SECITEM_FreeItem(&ec_point, PR_FALSE);
-#endif /* NSS_ENABLE_ECC */
- PORT_SetError( errCode );
- return SECFailure;
-
-no_memory: /* no-memory error has already been set. */
- if (modulus.data != NULL) SECITEM_FreeItem(&modulus, PR_FALSE);
- if (exponent.data != NULL) SECITEM_FreeItem(&exponent, PR_FALSE);
- if (signature.data != NULL) SECITEM_FreeItem(&signature, PR_FALSE);
- if (dh_p.data != NULL) SECITEM_FreeItem(&dh_p, PR_FALSE);
- if (dh_g.data != NULL) SECITEM_FreeItem(&dh_g, PR_FALSE);
- if (dh_Ys.data != NULL) SECITEM_FreeItem(&dh_Ys, PR_FALSE);
-#ifdef NSS_ENABLE_ECC
- if (ec_params.data != NULL) SECITEM_FreeItem(&ec_params, PR_FALSE);
- if (ec_point.data != NULL) SECITEM_FreeItem(&ec_point, PR_FALSE);
-#endif /* NSS_ENABLE_ECC */
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return SECFailure;
-}
-
-
-typedef struct dnameNode {
- struct dnameNode *next;
- SECItem name;
-} dnameNode;
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate Request message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- ssl3State * ssl3 = ss->ssl3;
- PRArenaPool * arena = NULL;
- dnameNode * node;
- unsigned char * data;
- PRInt32 remaining;
- PRInt32 len;
- PRBool isTLS = PR_FALSE;
- int i;
- int errCode = SSL_ERROR_RX_MALFORMED_CERT_REQUEST;
- int nnames = 0;
- SECStatus rv;
- SSL3AlertDescription desc = illegal_parameter;
- SECItem cert_types = {siBuffer, NULL, 0};
- CERTDistNames ca_list;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_request handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ssl3->hs.ws != wait_cert_request &&
- ssl3->hs.ws != wait_server_key) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
- goto alert_loser;
- }
-
- /* clean up anything left from previous handshake. */
- if (ssl3->clientCertChain != NULL) {
- CERT_DestroyCertificateList(ssl3->clientCertChain);
- ssl3->clientCertChain = NULL;
- }
-
- isTLS = (PRBool)(ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length);
- if (rv != SECSuccess)
- goto loser; /* malformed, alert has been sent */
-
- arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto no_mem;
-
- remaining = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (remaining < 0)
- goto loser; /* malformed, alert has been sent */
-
- ca_list.head = node = PORT_ArenaZNew(arena, dnameNode);
- if (node == NULL)
- goto no_mem;
-
- while (remaining != 0) {
- if (remaining < 2)
- goto alert_loser; /* malformed */
-
- node->name.len = len = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (len < 0)
- goto loser; /* malformed, alert has been sent */
-
- remaining -= 2;
- if (remaining < len)
- goto alert_loser; /* malformed */
-
- data = node->name.data = (unsigned char*)PORT_ArenaAlloc(arena, len);
- if (data == NULL)
- goto no_mem;
-
- rv = ssl3_ConsumeHandshake(ss, data, len, &b, &length);
- if (rv != SECSuccess)
- goto loser; /* malformed, alert has been sent */
-
- remaining -= len;
- nnames++;
- if (remaining == 0)
- break; /* success */
-
- node->next = PORT_ArenaZNew(arena, dnameNode);
- node = node->next;
- if (node == NULL)
- goto no_mem;
- }
-
- ca_list.nnames = nnames;
- ca_list.names = (SECItem*)PORT_ArenaAlloc(arena, nnames * sizeof(SECItem));
- if (nnames > 0 && ca_list.names == NULL)
- goto no_mem;
-
- for(i = 0, node = (dnameNode*)ca_list.head;
- i < nnames;
- i++, node = node->next) {
- ca_list.names[i] = node->name;
- }
-
- if (length != 0)
- goto alert_loser; /* malformed */
-
- desc = no_certificate;
- ssl3->hs.ws = wait_hello_done;
-
- if (ss->getClientAuthData == NULL) {
- rv = SECFailure; /* force it to send a no_certificate alert */
- } else {
- /* XXX Should pass cert_types in this call!! */
- rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg,
- ss->fd, &ca_list,
- &ssl3->clientCertificate,
- &ssl3->clientPrivateKey);
- }
- switch (rv) {
- case SECWouldBlock: /* getClientAuthData has put up a dialog box. */
- ssl_SetAlwaysBlock(ss);
- break; /* not an error */
-
- case SECSuccess:
- /* check what the callback function returned */
- if ((!ssl3->clientCertificate) || (!ssl3->clientPrivateKey)) {
- /* we are missing either the key or cert */
- if (ssl3->clientCertificate) {
- /* got a cert, but no key - free it */
- CERT_DestroyCertificate(ssl3->clientCertificate);
- ssl3->clientCertificate = NULL;
- }
- if (ssl3->clientPrivateKey) {
- /* got a key, but no cert - free it */
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
- ssl3->clientPrivateKey = NULL;
- }
- goto send_no_certificate;
- }
- /* Setting ssl3->clientCertChain non-NULL will cause
- * ssl3_HandleServerHelloDone to call SendCertificate.
- */
- ssl3->clientCertChain = CERT_CertChainFromCert(ssl3->clientCertificate,
- certUsageSSLClient, PR_FALSE);
- if (ssl3->clientCertChain == NULL) {
- if (ssl3->clientCertificate != NULL) {
- CERT_DestroyCertificate(ssl3->clientCertificate);
- ssl3->clientCertificate = NULL;
- }
- if (ssl3->clientPrivateKey != NULL) {
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
- ssl3->clientPrivateKey = NULL;
- }
- goto send_no_certificate;
- }
- break; /* not an error */
-
- case SECFailure:
- default:
-send_no_certificate:
- if (isTLS) {
- ssl3->sendEmptyCert = PR_TRUE;
- } else {
- (void)SSL3_SendAlert(ss, alert_warning, no_certificate);
- }
- rv = SECSuccess;
- break;
- }
- goto done;
-
-no_mem:
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto done;
-
-alert_loser:
- if (isTLS && desc == illegal_parameter)
- desc = decode_error;
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- PORT_SetError(errCode);
- rv = SECFailure;
-done:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- if (cert_types.data != NULL)
- SECITEM_FreeItem(&cert_types, PR_FALSE);
- return rv;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- * cert Client cert chosen by application.
- * Note: ssl takes this reference, and does not bump the
- * reference count. The caller should drop its reference
- * without calling CERT_DestroyCert after calling this function.
- *
- * key Private key associated with cert. This function makes a
- * copy of the private key, so the caller remains responsible
- * for destroying its copy after this function returns.
- *
- * certChain DER-encoded certs, client cert and its signers.
- * Note: ssl takes this reference, and does not copy the chain.
- * The caller should drop its reference without destroying the
- * chain. SSL will free the chain when it is done with it.
- *
- * Return value: XXX
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- *
- * Caller holds 1stHandshakeLock.
- */
-SECStatus
-ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key,
- CERTCertificateList *certChain)
-{
- SECStatus rv = SECSuccess;
-
- if (MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0)) {
- /* XXX This code only works on the initial handshake on a connection,
- ** XXX It does not work on a subsequent handshake (redo).
- */
- if (ss->handshake != 0) {
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->ssl3->clientCertificate = cert;
- ss->ssl3->clientCertChain = certChain;
- if (key == NULL) {
- (void)SSL3_SendAlert(ss, alert_warning, no_certificate);
- ss->ssl3->clientPrivateKey = NULL;
- } else {
- ss->ssl3->clientPrivateKey = SECKEY_CopyPrivateKey(key);
- }
- ssl_GetRecvBufLock(ss);
- if (ss->ssl3->hs.msgState.buf != NULL) {
- rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
- }
- ssl_ReleaseRecvBufLock(ss);
- }
- }
- return rv;
-}
-
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Server Hello Done message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerHelloDone(sslSocket *ss)
-{
- SECStatus rv;
- SSL3WaitState ws = ss->ssl3->hs.ws;
- PRBool send_verify = PR_FALSE;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello_done handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ws != wait_hello_done &&
- ws != wait_server_cert &&
- ws != wait_server_key &&
- ws != wait_cert_request) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
- return SECFailure;
- }
-
- ssl_GetXmitBufLock(ss); /*******************************/
-
- if (ss->ssl3->sendEmptyCert) {
- ss->ssl3->sendEmptyCert = PR_FALSE;
- rv = ssl3_SendEmptyCertificate(ss);
- /* Don't send verify */
- if (rv != SECSuccess) {
- goto loser; /* error code is set. */
- }
- } else
- if (ss->ssl3->clientCertChain != NULL &&
- ss->ssl3->clientPrivateKey != NULL) {
- send_verify = PR_TRUE;
- rv = ssl3_SendCertificate(ss);
- if (rv != SECSuccess) {
- goto loser; /* error code is set. */
- }
- }
-
- rv = ssl3_SendClientKeyExchange(ss);
- if (rv != SECSuccess) {
- goto loser; /* err is set. */
- }
-
- if (send_verify) {
- rv = ssl3_SendCertificateVerify(ss);
- if (rv != SECSuccess) {
- goto loser; /* err is set. */
- }
- }
- rv = ssl3_SendChangeCipherSpecs(ss);
- if (rv != SECSuccess) {
- goto loser; /* err code was set. */
- }
- rv = ssl3_SendFinished(ss, 0);
- if (rv != SECSuccess) {
- goto loser; /* err code was set. */
- }
-
- ssl_ReleaseXmitBufLock(ss); /*******************************/
-
- ss->ssl3->hs.ws = wait_change_cipher;
- return SECSuccess;
-
-loser:
- ssl_ReleaseXmitBufLock(ss);
- return rv;
-}
-
-/*
- * Routines used by servers
- */
-static SECStatus
-ssl3_SendHelloRequest(sslSocket *ss)
-{
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send hello_request handshake", SSL_GETPID(),
- ss->fd));
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- rv = ssl3_AppendHandshakeHeader(ss, hello_request, 0);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake */
- }
- rv = ssl3_FlushHandshake(ss, 0);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- ss->ssl3->hs.ws = wait_client_hello;
- return SECSuccess;
-}
-
-/* Sets memory error when returning NULL.
- * Called from:
- * ssl3_SendClientHello()
- * ssl3_HandleServerHello()
- * ssl3_HandleClientHello()
- * ssl3_HandleV2ClientHello()
- */
-static sslSessionID *
-ssl3_NewSessionID(sslSocket *ss, PRBool is_server)
-{
- sslSessionID *sid;
-
- sid = PORT_ZNew(sslSessionID);
- if (sid == NULL)
- return sid;
-
- sid->peerID = (ss->peerID == NULL) ? NULL : PORT_Strdup(ss->peerID);
- sid->urlSvrName = (ss->url == NULL) ? NULL : PORT_Strdup(ss->url);
- sid->addr = ss->sec.ci.peer;
- sid->port = ss->sec.ci.port;
- sid->references = 1;
- sid->cached = never_cached;
- sid->version = ss->version;
-
- sid->u.ssl3.resumable = PR_TRUE;
- sid->u.ssl3.policy = SSL_ALLOWED;
- sid->u.ssl3.hasFortezza = PR_FALSE;
- sid->u.ssl3.clientWriteKey = NULL;
- sid->u.ssl3.serverWriteKey = NULL;
- sid->u.ssl3.tek = NULL;
-
- if (is_server) {
- SECStatus rv;
- int pid = SSL_GETPID();
-
- sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;
- sid->u.ssl3.sessionID[0] = (pid >> 8) & 0xff;
- sid->u.ssl3.sessionID[1] = pid & 0xff;
- rv = PK11_GenerateRandom(sid->u.ssl3.sessionID + 2,
- SSL3_SESSIONID_BYTES -2);
- if (rv != SECSuccess) {
- ssl_FreeSID(sid);
- ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
- return NULL;
- }
- }
- return sid;
-}
-
-/* Called from: ssl3_HandleClientHello, ssl3_HandleV2ClientHello */
-static SECStatus
-ssl3_SendServerHelloSequence(sslSocket *ss)
-{
- const ssl3KEADef *kea_def;
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: begin send server_hello sequence",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- rv = ssl3_SendServerHello(ss);
- if (rv != SECSuccess) {
- return rv; /* err code is set. */
- }
- rv = ssl3_SendCertificate(ss);
- if (rv != SECSuccess) {
- return rv; /* error code is set. */
- }
- /* We have to do this after the call to ssl3_SendServerHello,
- * because kea_def is set up by ssl3_SendServerHello().
- */
- kea_def = ss->ssl3->hs.kea_def;
- ss->ssl3->hs.usedStepDownKey = PR_FALSE;
- if (kea_def->kea == kea_fortezza) {
- rv = ssl3_SendServerKeyExchange(ss);
- if (rv != SECSuccess) {
- return rv; /* err code was set. */
- }
- } else if (kea_def->is_limited && kea_def->exchKeyType == kt_rsa) {
- /* see if we can legally use the key in the cert. */
- int keyLen; /* bytes */
-
- keyLen = PK11_GetPrivateModulusLen(
- ss->serverCerts[kea_def->exchKeyType].serverKey);
-
- if (keyLen > 0 &&
- keyLen * BPB <= kea_def->key_size_limit ) {
- /* XXX AND cert is not signing only!! */
- /* just fall through and use it. */
- } else if (ss->stepDownKeyPair != NULL) {
- ss->ssl3->hs.usedStepDownKey = PR_TRUE;
- rv = ssl3_SendServerKeyExchange(ss);
- if (rv != SECSuccess) {
- return rv; /* err code was set. */
- }
- } else {
-#ifndef HACKED_EXPORT_SERVER
- PORT_SetError(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED);
- return rv;
-#endif
- }
-#ifdef NSS_ENABLE_ECC
- } else if ((kea_def->kea == kea_ecdhe_rsa) ||
- (kea_def->kea == kea_ecdhe_ecdsa)) {
- rv = ssl3_SendServerKeyExchange(ss);
- if (rv != SECSuccess) {
- return rv; /* err code was set. */
- }
-#endif /* NSS_ENABLE_ECC */
- }
-
- if (ss->requestCertificate) {
- rv = ssl3_SendCertificateRequest(ss);
- if (rv != SECSuccess) {
- return rv; /* err code is set. */
- }
- }
- rv = ssl3_SendServerHelloDone(ss);
- if (rv != SECSuccess) {
- return rv; /* err code is set. */
- }
-
- ss->ssl3->hs.ws = (ss->requestCertificate) ? wait_client_cert
- : wait_client_key;
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Client Hello message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- sslSessionID * sid = NULL;
- ssl3State * ssl3;
- PRInt32 tmp;
- unsigned int i;
- int j;
- SECStatus rv;
- int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
- SSL3AlertDescription desc = illegal_parameter;
- SSL3ProtocolVersion version;
- SECItem sidBytes = {siBuffer, NULL, 0};
- SECItem suites = {siBuffer, NULL, 0};
- SECItem comps = {siBuffer, NULL, 0};
- PRBool haveSpecWriteLock = PR_FALSE;
- PRBool haveXmitBufLock = PR_FALSE;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle client_hello handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- /* Get peer name of client */
- rv = ssl_GetPeerInfo(ss);
- if (rv != SECSuccess) {
- return rv; /* error code is set. */
- }
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- return rv; /* ssl3_InitState has set the error code. */
- }
- ssl3 = ss->ssl3;
-
- if ((ssl3->hs.ws != wait_client_hello) &&
- (ssl3->hs.ws != idle_handshake)) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
- goto alert_loser;
- }
-
- tmp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (tmp < 0)
- goto loser; /* malformed, alert already sent */
- ss->clientHelloVersion = version = (SSL3ProtocolVersion)tmp;
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
-
- /* grab the client random data. */
- rv = ssl3_ConsumeHandshake(
- ss, &ssl3->hs.client_random, SSL3_RANDOM_LENGTH, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- /* grab the client's SID, if present. */
- rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- if (sidBytes.len > 0) {
- SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
- SSL_GETPID(), ss->fd, ss->sec.ci.peer.pr_s6_addr32[0],
- ss->sec.ci.peer.pr_s6_addr32[1],
- ss->sec.ci.peer.pr_s6_addr32[2],
- ss->sec.ci.peer.pr_s6_addr32[3]));
- sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sidBytes.data, sidBytes.len,
- ss->dbHandle);
- }
- SECITEM_FreeItem(&sidBytes, PR_FALSE);
-
- /* grab the list of cipher suites. */
- rv = ssl3_ConsumeHandshakeVariable(ss, &suites, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- /* grab the list of compression methods. */
- rv = ssl3_ConsumeHandshakeVariable(ss, &comps, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- /* It's OK for length to be non-zero here.
- * Non-zero length means that some new protocol revision has extended
- * the client hello message.
- */
-
- desc = handshake_failure;
-
- if (sid != NULL) {
- /* We've found a session cache entry for this client.
- * Now, if we're going to require a client-auth cert,
- * and we don't already have this client's cert in the session cache,
- * and this is the first handshake on this connection (not a redo),
- * then drop this old cache entry and start a new session.
- */
- if ((sid->peerCert == NULL) && ss->requestCertificate &&
- ((ss->requireCertificate == SSL_REQUIRE_ALWAYS) ||
- (ss->requireCertificate == SSL_REQUIRE_NO_ERROR) ||
- ((ss->requireCertificate == SSL_REQUIRE_FIRST_HANDSHAKE)
- && !ss->firstHsDone))) {
-
- ++ssl3stats.hch_sid_cache_not_ok;
- ss->sec.uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- }
- }
-
- /* Look for a matching cipher suite. */
- j = ssl3_config_match_init(ss);
- if (j <= 0) { /* no ciphers are working/supported by PK11 */
- errCode = PORT_GetError(); /* error code is already set. */
- goto alert_loser;
- }
- /* If we already have a session for this client, be sure to pick the
- ** same cipher suite we picked before.
- ** This is not a loop, despite appearances.
- */
- if (sid) do {
- ssl3CipherSuiteCfg *suite = ss->cipherSuites;
- for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) {
- if (suite->cipher_suite == sid->u.ssl3.cipherSuite)
- break;
- }
- if (!j)
- break;
- if (!config_match(suite, ssl3->policy, PR_TRUE))
- break;
- for (i = 0; i < suites.len; i += 2) {
- if ((suites.data[i] == MSB(suite->cipher_suite)) &&
- (suites.data[i + 1] == LSB(suite->cipher_suite))) {
-
- ssl3->hs.cipher_suite = suite->cipher_suite;
- ssl3->hs.suite_def =
- ssl_LookupCipherSuiteDef(ssl3->hs.cipher_suite);
- goto suite_found;
- }
- }
- } while (0);
-
- /* Select a cipher suite.
- ** NOTE: This suite selection algorithm should be the same as the one in
- ** ssl3_HandleV2ClientHello().
- */
- for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
- if (!config_match(suite, ssl3->policy, PR_TRUE))
- continue;
- for (i = 0; i < suites.len; i += 2) {
- if ((suites.data[i] == MSB(suite->cipher_suite)) &&
- (suites.data[i + 1] == LSB(suite->cipher_suite))) {
-
- ssl3->hs.cipher_suite = suite->cipher_suite;
- ssl3->hs.suite_def =
- ssl_LookupCipherSuiteDef(ssl3->hs.cipher_suite);
- goto suite_found;
- }
- }
- }
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
-
-suite_found:
- /* Look for a matching compression algorithm. */
- for (i = 0; i < comps.len; i++) {
- for (j = 0; j < compressionMethodsCount; j++) {
- if (comps.data[i] == compressions[j]) {
- ssl3->hs.compression = (SSL3CompressionMethod)compressions[j];
- goto compression_found;
- }
- }
- }
- errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
- /* null compression must be supported */
- goto alert_loser;
-
-compression_found:
- PORT_Free(suites.data);
- suites.data = NULL;
- PORT_Free(comps.data);
- comps.data = NULL;
-
- ss->sec.send = ssl3_SendApplicationData;
-
- /* If there are any failures while processing the old sid,
- * we don't consider them to be errors. Instead, We just behave
- * as if the client had sent us no sid to begin with, and make a new one.
- */
- if (sid != NULL) do {
- PK11SlotInfo * slot;
- PK11SymKey * wrapKey; /* wrapping key */
- SECItem wrappedKey; /* wrapped key */
- ssl3CipherSpec *pwSpec;
- CK_FLAGS keyFlags = 0;
-
- if (sid->version != ss->version ||
- sid->u.ssl3.cipherSuite != ssl3->hs.cipher_suite) {
- break; /* not an error */
- }
-
- if (ss->sec.ci.sid) {
- ss->sec.uncache(ss->sec.ci.sid);
- PORT_Assert(ss->sec.ci.sid != sid); /* should be impossible, but ... */
- if (ss->sec.ci.sid != sid) {
- ssl_FreeSID(ss->sec.ci.sid);
- }
- ss->sec.ci.sid = NULL;
- }
- /* we need to resurrect the master secret.... */
-
- ssl_GetSpecWriteLock(ss); haveSpecWriteLock = PR_TRUE;
- pwSpec = ssl3->pwSpec;
-
- wrapKey = getWrappingKey(ss, NULL, sid->u.ssl3.exchKeyType,
- sid->u.ssl3.masterWrapMech, ss->pkcs11PinArg);
- if (!wrapKey) {
- /* we have a SID cache entry, but no wrapping key for it??? */
- break;
- }
-
- if (ss->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
- keyFlags = CKF_SIGN | CKF_VERIFY;
- }
-
- wrappedKey.data = sid->u.ssl3.keys.wrapped_master_secret;
- wrappedKey.len = sid->u.ssl3.keys.wrapped_master_secret_len;
-
- /* unwrap the master secret. */
- pwSpec->master_secret =
- PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech,
- NULL, &wrappedKey, CKM_SSL3_MASTER_KEY_DERIVE,
- CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
- PK11_FreeSymKey(wrapKey);
- if (pwSpec->master_secret == NULL) {
- break; /* not an error */
- }
- ss->sec.ci.sid = sid;
- if (sid->peerCert != NULL) {
- ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
- }
-
- /*
- * Old SID passed all tests, so resume this old session.
- *
- * XXX make sure compression still matches
- */
- ++ssl3stats.hch_sid_cache_hits;
- ssl3->hs.isResuming = PR_TRUE;
-
- ss->sec.authAlgorithm = sid->authAlgorithm;
- ss->sec.authKeyBits = sid->authKeyBits;
- ss->sec.keaType = sid->keaType;
- ss->sec.keaKeyBits = sid->keaKeyBits;
-
- /* server sids don't remember the server cert we previously sent,
- ** but they do remember the kea type we originally used, so we
- ** can locate it again, provided that the current ssl socket
- ** has had its server certs configured the same as the previous one.
- */
- ss->sec.localCert =
- CERT_DupCertificate(ss->serverCerts[sid->keaType].serverCert);
-
- ssl_GetXmitBufLock(ss); haveXmitBufLock = PR_TRUE;
-
- rv = ssl3_SendServerHello(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- /* reload the FORTEZZA key material.
- * On Fortezza, the following keys & IVs are generated by the KEA,
- * not from the PMS. Since we're not going to redo the KEA, we
- * have to save & restore them for Fortezza.
- * use kea because we haven't call InitCipher Specs yet...?
- */
- if (ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
- PK11SymKey * Ks;
- SECItem item;
-
- PORT_Memcpy(pwSpec->client.write_iv,
- sid->u.ssl3.keys.client_write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(pwSpec->server.write_iv,
- sid->u.ssl3.keys.server_write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
-
- /* Now, unwrap the client and server write keys with Ks */
-
- /* get the slot that the fortezza server private key is in. */
- slot = PK11_GetSlotFromPrivateKey(
- ss->serverCerts[kt_fortezza].serverKey);
- if (slot == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL,
- ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* unwrap client write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_client_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_client_write_key;
-
- pwSpec->client.write_key =
- PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (pwSpec->client.write_key == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto loser;
- }
-
- /* unwrap server write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_server_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_server_write_key;
-
- pwSpec->server.write_key =
- PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_ENCRYPT, 0);
- if (pwSpec->server.write_key == NULL) {
- PK11_FreeSymKey(pwSpec->client.write_key);
- pwSpec->client.write_key = NULL;
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto loser;
- }
- /* Set flag that says "generate 8 byte random prefix plaintext." */
- PK11_SetFortezzaHack(pwSpec->server.write_key); /* can't fail */
-
- }
-
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
-
- /* NULL value for PMS signifies re-use of the old MS */
- rv = ssl3_InitPendingCipherSpec(ss, NULL);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- rv = ssl3_SendChangeCipherSpecs(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
- rv = ssl3_SendFinished(ss, 0);
- ssl3->hs.ws = wait_change_cipher;
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- if (haveXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss);
- haveXmitBufLock = PR_FALSE;
- }
-
- return SECSuccess;
- } while (0);
-
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
-
- if (sid) { /* we had a sid, but it's no longer valid, free it */
- ++ssl3stats.hch_sid_cache_not_ok;
- ss->sec.uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- }
- ++ssl3stats.hch_sid_cache_misses;
-
- sid = ssl3_NewSessionID(ss, PR_TRUE);
- if (sid == NULL) {
- errCode = PORT_GetError();
- goto loser; /* memory error is set. */
- }
- ss->sec.ci.sid = sid;
-
- ssl3->hs.isResuming = PR_FALSE;
- ssl_GetXmitBufLock(ss);
- rv = ssl3_SendServerHelloSequence(ss);
- ssl_ReleaseXmitBufLock(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- if (haveXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss);
- haveXmitBufLock = PR_FALSE;
- }
-
- return SECSuccess;
-
-alert_loser:
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
- /* FALLTHRU */
-loser:
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
-
- if (sidBytes.data != NULL) SECITEM_FreeItem(&sidBytes, PR_FALSE);
- if (suites.data != NULL) SECITEM_FreeItem(&suites, PR_FALSE);
- if (comps.data != NULL) SECITEM_FreeItem(&comps, PR_FALSE);
-
- if (haveXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss);
- haveXmitBufLock = PR_FALSE;
- }
-
- PORT_SetError(errCode);
- return SECFailure;
-}
-
-/*
- * ssl3_HandleV2ClientHello is used when a V2 formatted hello comes
- * in asking to use the V3 handshake.
- * Called from ssl2_HandleClientHelloMessage() in sslcon.c
- */
-SECStatus
-ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length)
-{
- sslSessionID * sid = NULL;
- unsigned char * suites;
- unsigned char * random;
- SSL3ProtocolVersion version;
- SECStatus rv;
- int i;
- int j;
- int sid_length;
- int suite_length;
- int rand_length;
- int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
- SSL3AlertDescription desc = handshake_failure;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle v2 client_hello", SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- ssl_GetSSL3HandshakeLock(ss);
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv; /* ssl3_InitState has set the error code. */
- }
-
- if (ss->ssl3->hs.ws != wait_client_hello) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
- goto loser; /* alert_loser */
- }
-
- version = (buffer[1] << 8) | buffer[2];
- suite_length = (buffer[3] << 8) | buffer[4];
- sid_length = (buffer[5] << 8) | buffer[6];
- rand_length = (buffer[7] << 8) | buffer[8];
- ss->clientHelloVersion = version;
-
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- /* send back which ever alert client will understand. */
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
-
- /* if we get a non-zero SID, just ignore it. */
- if (length !=
- SSL_HL_CLIENT_HELLO_HBYTES + suite_length + sid_length + rand_length) {
- SSL_DBG(("%d: SSL3[%d]: bad v2 client hello message, len=%d should=%d",
- SSL_GETPID(), ss->fd, length,
- SSL_HL_CLIENT_HELLO_HBYTES + suite_length + sid_length +
- rand_length));
- goto loser; /* malformed */ /* alert_loser */
- }
-
- suites = buffer + SSL_HL_CLIENT_HELLO_HBYTES;
- random = suites + suite_length + sid_length;
-
- if (rand_length < SSL_MIN_CHALLENGE_BYTES ||
- rand_length > SSL_MAX_CHALLENGE_BYTES) {
- goto loser; /* malformed */ /* alert_loser */
- }
-
- PORT_Assert(SSL_MAX_CHALLENGE_BYTES == SSL3_RANDOM_LENGTH);
-
- PORT_Memset(&ss->ssl3->hs.client_random, 0, SSL3_RANDOM_LENGTH);
- PORT_Memcpy(
- &ss->ssl3->hs.client_random.rand[SSL3_RANDOM_LENGTH - rand_length],
- random, rand_length);
-
- PRINT_BUF(60, (ss, "client random:", &ss->ssl3->hs.client_random.rand[0],
- SSL3_RANDOM_LENGTH));
-
- i = ssl3_config_match_init(ss);
- if (i <= 0) {
- errCode = PORT_GetError(); /* error code is already set. */
- goto alert_loser;
- }
-
- /* Select a cipher suite.
- ** NOTE: This suite selection algorithm should be the same as the one in
- ** ssl3_HandleClientHello().
- */
- for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
- if (!config_match(suite, ss->ssl3->policy, PR_TRUE))
- continue;
- for (i = 0; i < suite_length; i += 3) {
- if ((suites[i] == 0) &&
- (suites[i+1] == MSB(suite->cipher_suite)) &&
- (suites[i+2] == LSB(suite->cipher_suite))) {
-
- ss->ssl3->hs.cipher_suite = suite->cipher_suite;
- ss->ssl3->hs.suite_def =
- ssl_LookupCipherSuiteDef(ss->ssl3->hs.cipher_suite);
- goto suite_found;
- }
- }
- }
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
-
-suite_found:
-
- ss->ssl3->hs.compression = compression_null;
- ss->sec.send = ssl3_SendApplicationData;
-
- /* we don't even search for a cache hit here. It's just a miss. */
- ++ssl3stats.hch_sid_cache_misses;
- sid = ssl3_NewSessionID(ss, PR_TRUE);
- if (sid == NULL) {
- errCode = PORT_GetError();
- goto loser; /* memory error is set. */
- }
- ss->sec.ci.sid = sid;
- /* do not worry about memory leak of sid since it now belongs to ci */
-
- /* We have to update the handshake hashes before we can send stuff */
- rv = ssl3_UpdateHandshakeHashes(ss, buffer, length);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- ssl_GetXmitBufLock(ss);
- rv = ssl3_SendServerHelloSequence(ss);
- ssl_ReleaseXmitBufLock(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- /* XXX_1 The call stack to here is:
- * ssl_Do1stHandshake -> ssl2_HandleClientHelloMessage -> here.
- * ssl2_HandleClientHelloMessage returns whatever we return here.
- * ssl_Do1stHandshake will continue looping if it gets back either
- * SECSuccess or SECWouldBlock.
- * SECSuccess is preferable here. See XXX_1 in sslgathr.c.
- */
- ssl_ReleaseSSL3HandshakeLock(ss);
- return SECSuccess;
-
-alert_loser:
- SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- ssl_ReleaseSSL3HandshakeLock(ss);
- PORT_SetError(errCode);
- return SECFailure;
-}
-
-/* The negotiated version number has been already placed in ss->version.
-**
-** Called from: ssl3_HandleClientHello (resuming session),
-** ssl3_SendServerHelloSequence <- ssl3_HandleClientHello (new session),
-** ssl3_SendServerHelloSequence <- ssl3_HandleV2ClientHello (new session)
-*/
-static SECStatus
-ssl3_SendServerHello(sslSocket *ss)
-{
- sslSessionID *sid;
- SECStatus rv;
- PRUint32 length;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send server_hello handshake", SSL_GETPID(),
- ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
- PORT_Assert( MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0));
-
- if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
- }
-
- sid = ss->sec.ci.sid;
- length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH + 1 +
- ((sid == NULL) ? 0: SSL3_SESSIONID_BYTES) +
- sizeof(ssl3CipherSuite) + 1;
- rv = ssl3_AppendHandshakeHeader(ss, server_hello, length);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, ss->version, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_GetNewRandom(&ss->ssl3->hs.server_random);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
- return rv;
- }
- rv = ssl3_AppendHandshake(
- ss, &ss->ssl3->hs.server_random, SSL3_RANDOM_LENGTH);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
-
- if (sid)
- rv = ssl3_AppendHandshakeVariable(
- ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
- else
- rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3->hs.cipher_suite, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3->hs.compression, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_SetupPendingCipherSpec(ss, ss->ssl3);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_SetupPendingCipherSpec */
- }
-
- return SECSuccess;
-}
-
-
-static SECStatus
-ssl3_SendServerKeyExchange(sslSocket *ss)
-{
-const ssl3KEADef * kea_def = ss->ssl3->hs.kea_def;
- SECStatus rv = SECFailure;
- int length;
- PRBool isTLS;
- SECItem signed_hash = {siBuffer, NULL, 0};
- SSL3Hashes hashes;
- SECKEYPublicKey * sdPub; /* public key for step-down */
-#ifdef NSS_ENABLE_ECC
- SECKEYPublicKey * ecdhePub;
- SECItem ec_params = {siBuffer, NULL, 0};
- ECName curve;
-#endif /* NSS_ENABLE_ECC */
-
- SSL_TRC(3, ("%d: SSL3[%d]: send server_key_exchange handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- switch (kea_def->exchKeyType) {
- case kt_rsa:
- /* Perform SSL Step-Down here. */
- sdPub = ss->stepDownKeyPair->pubKey;
- PORT_Assert(sdPub != NULL);
- if (!sdPub) {
- PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
- rv = ssl3_ComputeExportRSAKeyHash(sdPub->u.rsa.modulus,
- sdPub->u.rsa.publicExponent,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random,
- &hashes);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return rv;
- }
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_SignHashes(&hashes, ss->serverCerts[kt_rsa].serverKey,
- &signed_hash, isTLS);
- if (rv != SECSuccess) {
- goto loser; /* ssl3_SignHashes has set err. */
- }
- if (signed_hash.data == NULL) {
- /* how can this happen and rv == SECSuccess ?? */
- PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- length = 2 + sdPub->u.rsa.modulus.len +
- 2 + sdPub->u.rsa.publicExponent.len +
- 2 + signed_hash.len;
-
- rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss, sdPub->u.rsa.modulus.data,
- sdPub->u.rsa.modulus.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(
- ss, sdPub->u.rsa.publicExponent.data,
- sdPub->u.rsa.publicExponent.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
- signed_hash.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
- PORT_Free(signed_hash.data);
- return SECSuccess;
-
- case kt_fortezza:
-
- /* Set server's "random" public key R_s to the email value == 1 */
- PORT_Memset(ss->ssl3->fortezza.R_s, 0, sizeof(ss->ssl3->fortezza.R_s));
- ss->ssl3->fortezza.R_s[127] = 1;
-
- /* don't waste time signing the random number */
- length = sizeof (ss->ssl3->fortezza.R_s) /*+ 2 + signed_hash.len*/;
-
- rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshake( ss, &ss->ssl3->fortezza.R_s,
- sizeof(ss->ssl3->fortezza.R_s));
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
- return SECSuccess;
-
-#ifdef NSS_ENABLE_ECC
- case kt_ecdh:
- /* Generate ephemeral ECDH key pair and send the public key */
- rv = ssl3_CreateECDHEphemeralKeys(ss);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
- ecdhePub = ss->ephemeralECDHKeyPair->pubKey;
- PORT_Assert(ecdhePub != NULL);
- if (!ecdhePub) {
- PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
-
- ec_params.len = 2;
- ec_params.data = (unsigned char*)PORT_Alloc(ec_params.len);
- curve = params2ecName(&ecdhePub->u.ec.DEREncodedParams);
- if (curve != ec_noName) {
- ec_params.data[0] = ec_type_named;
- ec_params.data[1] = curve;
- } else {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
- goto loser;
- }
-
- rv = ssl3_ComputeECDHKeyHash(ec_params, ecdhePub->u.ec.publicValue,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random,
- &hashes);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* XXX SSLKEAType isn't really a good choice for
- * indexing certificates. The following line of
- * code will need to change when we support
- * (EC)DHE-xxx ciphers on the server side where xxx
- * is something other than RSA.
- */
- rv = ssl3_SignHashes(&hashes, ss->serverCerts[kt_rsa].serverKey,
- &signed_hash, isTLS);
- if (rv != SECSuccess) {
- goto loser; /* ssl3_SignHashes has set err. */
- }
- if (signed_hash.data == NULL) {
- /* how can this happen and rv == SECSuccess ?? */
- PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- length = ec_params.len +
- 1 + ecdhePub->u.ec.publicValue.len +
- 2 + signed_hash.len;
-
- rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshake(ss, ec_params.data, ec_params.len);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss, ecdhePub->u.ec.publicValue.data,
- ecdhePub->u.ec.publicValue.len, 1);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
- signed_hash.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- PORT_Free(ec_params.data);
- PORT_Free(signed_hash.data);
- return SECSuccess;
-#endif /* NSS_ENABLE_ECC */
-
- case kt_dh:
- case kt_null:
- default:
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- break;
- }
-loser:
-#ifdef NSS_ENABLE_ECC
- if (ec_params.data != NULL)
- PORT_Free(ec_params.data);
-#endif /* NSS_ENABLE_ECC */
- if (signed_hash.data != NULL)
- PORT_Free(signed_hash.data);
- return SECFailure;
-}
-
-
-static SECStatus
-ssl3_SendCertificateRequest(sslSocket *ss)
-{
- SECItem * name;
- CERTDistNames *ca_list;
-const uint8 * certTypes;
- SECItem * names = NULL;
- SECStatus rv;
- int length;
- int i;
- int calen = 0;
- int nnames = 0;
- int certTypesLength;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send certificate_request handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- /* ssl3->ca_list is initialized to NULL, and never changed. */
- ca_list = ss->ssl3->ca_list;
- if (!ca_list) {
- ca_list = ssl3_server_ca_list;
- }
-
- if (ca_list != NULL) {
- names = ca_list->names;
- nnames = ca_list->nnames;
- }
-
- if (!nnames) {
- PORT_SetError(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA);
- return SECFailure;
- }
-
- for (i = 0, name = names; i < nnames; i++, name++) {
- calen += 2 + name->len;
- }
-
- if (ss->ssl3->hs.kea_def->exchKeyType == kt_fortezza) {
- certTypes = fortezza_certificate_types;
- certTypesLength = sizeof fortezza_certificate_types;
- } else {
- certTypes = certificate_types;
- certTypesLength = sizeof certificate_types;
- }
-
- length = 1 + certTypesLength + 2 + calen;
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeVariable(ss, certTypes, certTypesLength, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, calen, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- for (i = 0, name = names; i < nnames; i++, name++) {
- rv = ssl3_AppendHandshakeVariable(ss, name->data, name->len, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-ssl3_SendServerHelloDone(sslSocket *ss)
-{
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send server_hello_done handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- rv = ssl3_AppendHandshakeHeader(ss, server_hello_done, 0);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_FlushHandshake(ss, 0);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate Verify message
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
- SSL3Hashes *hashes)
-{
- SECItem signed_hash = {siBuffer, NULL, 0};
- SECStatus rv;
- int errCode = SSL_ERROR_RX_MALFORMED_CERT_VERIFY;
- SSL3AlertDescription desc = handshake_failure;
- PRBool isTLS;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_verify handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws != wait_cert_verify || ss->sec.peerCert == NULL) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY;
- goto alert_loser;
- }
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &signed_hash, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
-
- isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* XXX verify that the key & kea match */
- rv = ssl3_VerifySignedHashes(hashes, ss->sec.peerCert, &signed_hash,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- desc = isTLS ? decrypt_error : handshake_failure;
- goto alert_loser;
- }
-
- PORT_Free(signed_hash.data);
- signed_hash.data = NULL;
-
- if (length != 0) {
- desc = isTLS ? decode_error : illegal_parameter;
- goto alert_loser; /* malformed */
- }
- ss->ssl3->hs.ws = wait_change_cipher;
- return SECSuccess;
-
-alert_loser:
- SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- if (signed_hash.data != NULL) SECITEM_FreeItem(&signed_hash, PR_FALSE);
- PORT_SetError(errCode);
- return SECFailure;
-}
-
-/*
-** Called from ssl3_HandleClientKeyExchange()
-*/
-static SECStatus
-ssl3_HandleFortezzaClientKeyExchange(sslSocket *ss, SSL3Opaque *b,
- PRUint32 length,
- SECKEYPrivateKey *serverKey)
-{
- SECKEYPublicKey * pubKey = NULL;
- PK11SymKey * tek = NULL;
- PK11SymKey * pms;
- PK11SymKey * Ks = NULL;
- sslSessionID * sid = ss->sec.ci.sid;
- ssl3CipherSpec * pwSpec = ss->ssl3->pwSpec;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv;
- SECItem raItem;
- SECItem rbItem;
- SECItem param;
- SECItem item;
- SECItem enc_pms;
- SSL3FortezzaKeys fortezza_CKE;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- fortezza_CKE.y_c.data = NULL;
- rv = ssl3_ConsumeHandshakeVariable(ss, &fortezza_CKE.y_c, 1, &b, &length);
- if (rv != SECSuccess) {
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH);
- goto fortezza_loser;
- }
- rv = ssl3_ConsumeHandshake(ss, &fortezza_CKE.r_c,
- sizeof fortezza_CKE - sizeof fortezza_CKE.y_c,
- &b, &length);
- if (rv != SECSuccess) {
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH);
- goto fortezza_loser;
- }
-
- /* Build a Token Encryption key (tek). TEK's can never be unloaded
- * from the card, but given these parameters, and *OUR* fortezza
- * card, we can always regenerate the same one on the fly.
- */
- if (ss->sec.peerCert != NULL) {
- /* client-auth case */
-
- pubKey = CERT_ExtractPublicKey(ss->sec.peerCert);
- if (pubKey == NULL) {
- SEND_ALERT
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- rv = SECFailure;
- goto fortezza_loser;
- }
-
- if (pubKey->keyType != fortezzaKey) {
- /* handle V3 client-auth case */
- SECItem sigItem;
- SECItem hashItem;
- unsigned char hash[SHA1_LENGTH];
-
- rv = ssl3_ComputeFortezzaPublicKeyHash(fortezza_CKE.y_c, hash);
- if (rv != SECSuccess) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
- sigItem.data = fortezza_CKE.y_signature;
- sigItem.len = sizeof fortezza_CKE.y_signature;
-
- hashItem.data = hash;
- hashItem.len = sizeof hash;
-
- rv = PK11_Verify(pubKey, &sigItem, &hashItem, pwArg);
- if (rv != SECSuccess) {
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
- SECKEY_DestroyPublicKey(pubKey); pubKey = NULL;
- }
- }
- rv = SECFailure;
-
- /* Make the public key if necessary */
- if (fortezza_CKE.y_c.len != 0) {
- if (pubKey != NULL) {
- /* The client is not allowed to send the public key
- * if it can be extracted from the certificate. */
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
- pubKey = PK11_MakeKEAPubKey(fortezza_CKE.y_c.data,
- fortezza_CKE.y_c.len);
- }
- if (pubKey == NULL) {
- /* no public Key in either the cert or the protocol message*/
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* Now we derive the TEK. r_c is the client's "random" public key. */
- raItem.data = fortezza_CKE.r_c;
- raItem.len = sizeof(fortezza_CKE.r_c);
-
- /* R_s == server's "random" public key, sent in the Server Key Exchange */
- rbItem.data = ss->ssl3->fortezza.R_s;
- rbItem.len = sizeof ss->ssl3->fortezza.R_s;
-
- tek = PK11_PubDerive(serverKey, pubKey, PR_FALSE, /* don't gen r_c */
- &raItem, &rbItem, CKM_KEA_KEY_DERIVE,
- CKM_SKIPJACK_WRAP, CKA_WRAP, 0, pwArg);
- SECKEY_DestroyPublicKey(pubKey); pubKey = NULL;
- if (tek == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(tek);
-
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- item.data = fortezza_CKE.wrapped_client_write_key;
- item.len = sizeof fortezza_CKE.wrapped_client_write_key;
-
- pwSpec->client.write_key =
- PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (pwSpec->client.write_key == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto fortezza_loser;
- }
-
- item.data = fortezza_CKE.wrapped_server_write_key;
- item.len = sizeof fortezza_CKE.wrapped_server_write_key;
-
- pwSpec->server.write_key =
- PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_ENCRYPT, 0);
- if (pwSpec->server.write_key == NULL) {
- PK11_FreeSymKey(pwSpec->client.write_key);
- pwSpec->client.write_key = NULL;
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto fortezza_loser;
- }
- /* Set a flag that says "generate 8 byte random prefix plaintext." */
- PK11_SetFortezzaHack(pwSpec->server.write_key); /* can't fail */
-
- PORT_Memcpy(pwSpec->client.write_iv, fortezza_CKE.client_write_iv,
- sizeof fortezza_CKE.client_write_iv);
- PORT_Memcpy(pwSpec->server.write_iv, fortezza_CKE.server_write_iv,
- sizeof fortezza_CKE.server_write_iv);
-
- }
-
- /* decrypt the pms with the TEK */
- enc_pms.data = fortezza_CKE.encrypted_preMasterSecret;
- enc_pms.len = sizeof fortezza_CKE.encrypted_preMasterSecret;
-
- param.data = fortezza_CKE.master_secret_iv;
- param.len = sizeof fortezza_CKE.master_secret_iv;
-
- pms = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &param, &enc_pms,
- CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
- if (pms == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto fortezza_loser;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- SEND_ALERT
- goto fortezza_loser; /* err code is set. */
- }
-
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- PK11SlotInfo * slot;
-
- sid->u.ssl3.clientWriteKey =
- PK11_ReferenceSymKey(pwSpec->client.write_key);
- sid->u.ssl3.serverWriteKey =
- PK11_ReferenceSymKey(pwSpec->server.write_key);
-
- PORT_Memcpy(sid->u.ssl3.keys.client_write_iv, pwSpec->client.write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(sid->u.ssl3.keys.server_write_iv, pwSpec->server.write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
-
- /* Now, wrap the client and server write keys in Ks for storage
- * in the on-disk sid.
- */
-
- slot = PK11_GetSlotFromKey(tek); /* get ref to the slot */
- if (slot == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* rewrap server write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_server_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_server_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks,
- pwSpec->server.write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* rewrap client write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_client_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_client_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks,
- pwSpec->client.write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* wrap the master secret later, when we handle the client's
- * finished message.
- */
- }
-
- sid->u.ssl3.hasFortezza = PR_TRUE;
- sid->u.ssl3.tek = tek; tek = NULL;
-
- rv = SECSuccess;
-
-fortezza_loser:
- if (Ks) PK11_FreeSymKey(Ks);
- if (tek) PK11_FreeSymKey(tek);
- if (pubKey) SECKEY_DestroyPublicKey(pubKey);
- if (fortezza_CKE.y_c.data != NULL)
- SECITEM_FreeItem(&fortezza_CKE.y_c, PR_FALSE);
- return rv;
-}
-
-/* find a slot that is able to generate a PMS and wrap it with RSA.
- * Then generate and return the PMS.
- * If the serverKeySlot parameter is non-null, this function will use
- * that slot to do the job, otherwise it will find a slot.
- *
- * Called from ssl3_GenerateSessionKeys() (above)
- * sendRSAClientKeyExchange() (above)
- * ssl3_HandleRSAClientKeyExchange() (below)
- * Caller must hold the SpecWriteLock, the SSL3HandshakeLock
- */
-static PK11SymKey *
-ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
- PK11SlotInfo * serverKeySlot)
-{
- PK11SymKey * pms = NULL;
- PK11SlotInfo * slot = serverKeySlot;
- void * pwArg = ss->pkcs11PinArg;
- SECItem param;
- CK_VERSION version;
- CK_MECHANISM_TYPE mechanism_array[3];
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (slot == NULL) {
- SSLCipherAlgorithm calg;
- /* The specReadLock would suffice here, but we cannot assert on
- ** read locks. Also, all the callers who call with a non-null
- ** slot already hold the SpecWriteLock.
- */
- PORT_Assert( ssl_HaveSpecWriteLock(ss));
- PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-
- calg = spec->cipher_def->calg;
- PORT_Assert(alg2Mech[calg].calg == calg);
-
- /* First get an appropriate slot. */
- mechanism_array[0] = CKM_SSL3_PRE_MASTER_KEY_GEN;
- mechanism_array[1] = CKM_RSA_PKCS;
- mechanism_array[2] = alg2Mech[calg].cmech;
-
- slot = PK11_GetBestSlotMultiple(mechanism_array, 3, pwArg);
- if (slot == NULL) {
- /* can't find a slot with all three, find a slot with the minimum */
- slot = PK11_GetBestSlotMultiple(mechanism_array, 2, pwArg);
- if (slot == NULL) {
- PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
- return pms; /* which is NULL */
- }
- }
- }
-
- /* Generate the pre-master secret ... */
- version.major = MSB(ss->clientHelloVersion);
- version.minor = LSB(ss->clientHelloVersion);
-
- param.data = (unsigned char *)&version;
- param.len = sizeof version;
-
- pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN, &param, 0, pwArg);
- if (!serverKeySlot)
- PK11_FreeSlot(slot);
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- }
- return pms;
-}
-
-/* Note: The Bleichenbacher attack on PKCS#1 necessitates that we NEVER
- * return any indication of failure of the Client Key Exchange message,
- * where that failure is caused by the content of the client's message.
- * This function must not return SECFailure for any reason that is directly
- * or indirectly caused by the content of the client's encrypted PMS.
- * We must not send an alert and also not drop the connection.
- * Instead, we generate a random PMS. This will cause a failure
- * in the processing the finished message, which is exactly where
- * the failure must occur.
- *
- * Called from ssl3_HandleClientKeyExchange
- */
-static SECStatus
-ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
- SSL3Opaque *b,
- PRUint32 length,
- SECKEYPrivateKey *serverKey)
-{
- PK11SymKey * pms;
- SECStatus rv;
- SECItem enc_pms;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- enc_pms.data = b;
- enc_pms.len = length;
-
- if (ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
- PRInt32 kLen;
- kLen = ssl3_ConsumeHandshakeNumber(ss, 2, &enc_pms.data, &enc_pms.len);
- if (kLen < 0) {
- PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
- if ((unsigned)kLen < enc_pms.len) {
- enc_pms.len = kLen;
- }
- }
- /*
- * decrypt pms out of the incoming buffer
- * Note: CKM_SSL3_PRE_MASTER_KEY_GEN is NOT the mechanism used to do
- * the unwrap. Rather, it is the mechanism with which the unwrapped
- * pms will be used.
- */
- pms = PK11_PubUnwrapSymKey(serverKey, &enc_pms,
- CKM_SSL3_PRE_MASTER_KEY_GEN, CKA_DERIVE, 0);
- if (pms != NULL) {
- PRINT_BUF(60, (ss, "decrypted premaster secret:",
- PK11_GetKeyData(pms)->data,
- PK11_GetKeyData(pms)->len));
- } else {
- /* unwrap failed. Generate a bogus pre-master secret and carry on. */
- PK11SlotInfo * slot = PK11_GetSlotFromPrivateKey(serverKey);
-
- ssl_GetSpecWriteLock(ss);
- pms = ssl3_GenerateRSAPMS(ss, ss->ssl3->prSpec, slot);
- ssl_ReleaseSpecWriteLock(ss);
-
- PK11_FreeSlot(slot);
- }
-
- if (pms == NULL) {
- /* last gasp. */
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- SEND_ALERT
- return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
- }
- return SECSuccess;
-}
-
-#ifdef NSS_ENABLE_ECC
-/*
-** Called from ssl3_HandleClientKeyExchange()
-*/
-static SECStatus
-ssl3_HandleECDHClientKeyExchange(sslSocket *ss, SSL3Opaque *b,
- PRUint32 length,
- SECKEYPublicKey *srvrPubKey,
- SECKEYPrivateKey *srvrPrivKey)
-{
- PK11SymKey * pms;
- SECStatus rv;
- SECKEYPublicKey clntPubKey;
- CK_MECHANISM_TYPE target;
- PRBool isTLS;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- clntPubKey.keyType = ecKey;
- clntPubKey.u.ec.DEREncodedParams.len =
- srvrPubKey->u.ec.DEREncodedParams.len;
- clntPubKey.u.ec.DEREncodedParams.data =
- srvrPubKey->u.ec.DEREncodedParams.data;
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &clntPubKey.u.ec.publicValue,
- 1, &b, &length);
- if (rv != SECSuccess) {
- SEND_ALERT
- return SECFailure; /* XXX Who sets the error code?? */
- }
-
- isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- if (isTLS) target = CKM_TLS_MASTER_KEY_DERIVE_DH;
- else target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
-
- /* Determine the PMS */
- pms = PK11_PubDerive(srvrPrivKey, &clntPubKey, PR_FALSE, NULL, NULL,
- CKM_ECDH1_DERIVE, target, CKA_DERIVE, 0, NULL);
-
- PORT_Free(clntPubKey.u.ec.publicValue.data);
-
- if (pms == NULL) {
- /* last gasp. */
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- SEND_ALERT
- return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
- }
- return SECSuccess;
-}
-#endif /* NSS_ENABLE_ECC */
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ClientKeyExchange message from the remote client
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- SECKEYPrivateKey *serverKey = NULL;
- SECStatus rv;
-const ssl3KEADef * kea_def;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle client_key_exchange handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws != wait_client_key) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
- return SECFailure;
- }
-
- kea_def = ss->ssl3->hs.kea_def;
-
-#ifdef NSS_ENABLE_ECC
- /* XXX We'll need additional code here to compute serverKey and
- * ss->sec.keaKeyBits appropriately when we add server side
- * support for (EC)DHE-xxx cipher suites where xxx is something
- * other than rsa. Using SSLKEAType to index server certifiates
- * does not work for (EC)DHE ciphers.
- */
- if ((kea_def->kea == kea_ecdhe_rsa) ||
- (kea_def->kea == kea_ecdhe_ecdsa)) {
- if (ss->ephemeralECDHKeyPair != NULL) {
- serverKey = ss->ephemeralECDHKeyPair->privKey;
- ss->sec.keaKeyBits =
- SECKEY_PublicKeyStrengthInBits(ss->ephemeralECDHKeyPair->pubKey);
- }
- } else {
-#endif /* NSS_ENABLE_ECC */
-
- serverKey = (ss->ssl3->hs.usedStepDownKey
-#ifdef DEBUG
- && kea_def->is_limited /* XXX OR cert is signing only */
- && kea_def->exchKeyType == kt_rsa
- && ss->stepDownKeyPair != NULL
-#endif
- ) ? ss->stepDownKeyPair->privKey
- : ss->serverCerts[kea_def->exchKeyType].serverKey;
-
- if (ss->ssl3->hs.usedStepDownKey
-#ifdef DEBUG
- && kea_def->is_limited /* XXX OR cert is signing only */
- && kea_def->exchKeyType == kt_rsa
- && ss->stepDownKeyPair != NULL
-#endif
- ) {
- serverKey = ss->stepDownKeyPair->privKey;
- ss->sec.keaKeyBits = EXPORT_RSA_KEY_LENGTH * BPB;
- } else {
- sslServerCerts * sc = ss->serverCerts + kea_def->exchKeyType;
- serverKey = sc->serverKey;
- ss->sec.keaKeyBits = sc->serverKeyBits;
- }
-
-#ifdef NSS_ENABLE_ECC
- }
-#endif /* NSS_ENABLE_ECC */
-
- if (serverKey == NULL) {
- SEND_ALERT
- PORT_SetError(SSL_ERROR_NO_SERVER_KEY_FOR_ALG);
- return SECFailure;
- }
-
- ss->sec.keaType = kea_def->exchKeyType;
-
- switch (kea_def->exchKeyType) {
- case kt_rsa:
- rv = ssl3_HandleRSAClientKeyExchange(ss, b, length, serverKey);
- if (rv != SECSuccess) {
- SEND_ALERT
- return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
- }
- break;
-
- case kt_fortezza:
- rv = ssl3_HandleFortezzaClientKeyExchange(ss, b, length, serverKey);
- if (rv != SECSuccess) {
- return SECFailure; /* error code set */
- }
- break;
-
-#ifdef NSS_ENABLE_ECC
- case kt_ecdh:
- rv = ssl3_HandleECDHClientKeyExchange(ss, b, length,
- ss->ephemeralECDHKeyPair->pubKey,
- serverKey);
- if (rv != SECSuccess) {
- return SECFailure; /* error code set */
- }
- break;
-#endif /* NSS_ENABLE_ECC */
-
- default:
- (void) ssl3_HandshakeFailure(ss);
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
- }
- ss->ssl3->hs.ws = ss->sec.peerCert ? wait_cert_verify : wait_change_cipher;
- return SECSuccess;
-
-}
-
-/* This is TLS's equivalent of sending a no_certificate alert. */
-static SECStatus
-ssl3_SendEmptyCertificate(sslSocket *ss)
-{
- SECStatus rv;
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate, 3);
- if (rv == SECSuccess) {
- rv = ssl3_AppendHandshakeNumber(ss, 0, 3);
- }
- return rv; /* error, if any, set by functions called above. */
-}
-
-/*
- * Used by both client and server.
- * Called from HandleServerHelloDone and from SendServerHelloSequence.
- */
-static SECStatus
-ssl3_SendCertificate(sslSocket *ss)
-{
- SECStatus rv;
- CERTCertificateList *certChain;
- int len = 0;
- int i;
- SSL3KEAType certIndex;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send certificate handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- if (ss->sec.localCert)
- CERT_DestroyCertificate(ss->sec.localCert);
- if (ss->sec.isServer) {
- sslServerCerts * sc = NULL;
-
- /* XXX SSLKEAType isn't really a good choice for
- * indexing certificates (it breaks when we deal
- * with (EC)DHE-* cipher suites. This hack ensures
- * the RSA cert is picked for (EC)DHE-RSA.
- * Revisit this when we add server side support
- * for ECDHE-ECDSA or client-side authentication
- * using EC certificates.
- */
- if ((ss->ssl3->hs.kea_def->kea == kea_ecdhe_rsa) ||
- (ss->ssl3->hs.kea_def->kea == kea_dhe_rsa)) {
- certIndex = kt_rsa;
- } else {
- certIndex = ss->ssl3->hs.kea_def->exchKeyType;
- }
- sc = ss->serverCerts + certIndex;
- certChain = sc->serverCertChain;
- ss->sec.authKeyBits = sc->serverKeyBits;
- ss->sec.authAlgorithm = ss->ssl3->hs.kea_def->signKeyType;
- ss->sec.localCert = CERT_DupCertificate(sc->serverCert);
- } else {
- certChain = ss->ssl3->clientCertChain;
- ss->sec.localCert = CERT_DupCertificate(ss->ssl3->clientCertificate);
- }
-
- if (certChain) {
- for (i = 0; i < certChain->len; i++) {
- len += certChain->certs[i].len + 3;
- }
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate, len + 3);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, len, 3);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- for (i = 0; i < certChain->len; i++) {
- rv = ssl3_AppendHandshakeVariable(ss, certChain->certs[i].data,
- certChain->certs[i].len, 3);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- }
-
- return SECSuccess;
-}
-
-/* This is used to delete the CA certificates in the peer certificate chain
- * from the cert database after they've been validated.
- */
-static void
-ssl3_CleanupPeerCerts(ssl3State *ssl3)
-{
- PRArenaPool * arena = ssl3->peerCertArena;
- ssl3CertNode *certs = (ssl3CertNode *)ssl3->peerCertChain;
-
- for (; certs; certs = certs->next) {
- CERT_DestroyCertificate(certs->cert);
- }
- if (arena) PORT_FreeArena(arena, PR_FALSE);
- ssl3->peerCertArena = NULL;
- ssl3->peerCertChain = NULL;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- ssl3CertNode * c;
- ssl3CertNode * certs = NULL;
- PRArenaPool * arena = NULL;
- ssl3State * ssl3 = ss->ssl3;
- CERTCertificate *cert;
- PRInt32 remaining = 0;
- PRInt32 size;
- SECStatus rv;
- PRBool isServer = (PRBool)(!!ss->sec.isServer);
- PRBool trusted = PR_FALSE;
- PRBool isTLS;
- SSL3AlertDescription desc = bad_certificate;
- int errCode = SSL_ERROR_RX_MALFORMED_CERTIFICATE;
- SECItem certItem;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle certificate handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if ((ssl3->hs.ws != wait_server_cert) &&
- (ssl3->hs.ws != wait_client_cert)) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CERTIFICATE;
- goto alert_loser;
- }
-
- if (ss->sec.peerCert != NULL) {
- if (ss->sec.peerKey) {
- SECKEY_DestroyPublicKey(ss->sec.peerKey);
- ss->sec.peerKey = NULL;
- }
- CERT_DestroyCertificate(ss->sec.peerCert);
- ss->sec.peerCert = NULL;
- }
-
- ssl3_CleanupPeerCerts(ssl3);
- isTLS = (PRBool)(ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* It is reported that some TLS client sends a Certificate message
- ** with a zero-length message body. We'll treat that case like a
- ** normal no_certificates message to maximize interoperability.
- */
- if (length) {
- remaining = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
- if (remaining < 0)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
- }
-
- if (!remaining) {
- if (!(isTLS && isServer))
- goto alert_loser;
- /* This is TLS's version of a no_certificate alert. */
- /* I'm a server. I've requested a client cert. He hasn't got one. */
- rv = ssl3_HandleNoCertificate(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
- goto cert_block;
- }
-
- ssl3->peerCertArena = arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- /* First get the peer cert. */
- remaining -= 3;
- if (remaining < 0)
- goto decode_loser;
-
- size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
- if (size < 0)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- remaining -= size;
- if (remaining < 0)
- goto decode_loser;
-
- certItem.data = (unsigned char*)PORT_ArenaAlloc(arena, size);
- if (certItem.data == NULL) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- certItem.len = size;
- rv = ssl3_ConsumeHandshake(ss, certItem.data, certItem.len, &b, &length);
- if (rv != SECSuccess)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- ss->sec.peerCert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
- if (ss->sec.peerCert == NULL) {
- /* We should report an alert if the cert was bad, but not if the
- * problem was just some local problem, like memory error.
- */
- goto ambiguous_err;
- }
-
- /* Now get all of the CA certs. */
- while (remaining != 0) {
- remaining -= 3;
- if (remaining < 0)
- goto decode_loser;
-
- size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
- if (size < 0)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- remaining -= size;
- if (remaining < 0)
- goto decode_loser;
-
- certItem.data = (unsigned char*)PORT_ArenaAlloc(arena, size);
- if (certItem.data == NULL) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- certItem.len = size;
- rv = ssl3_ConsumeHandshake(ss, certItem.data, certItem.len,
- &b, &length);
- if (rv != SECSuccess)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- c = PORT_ArenaNew(arena, ssl3CertNode);
- if (c == NULL) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- c->cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
- if (c->cert == NULL) {
- goto ambiguous_err;
- }
-
- if (c->cert->trust)
- trusted = PR_TRUE;
-
- c->next = certs;
- certs = c;
- }
-
- if (remaining != 0)
- goto decode_loser;
-
- SECKEY_UpdateCertPQG(ss->sec.peerCert);
-
- /*
- * We're making a fortezza connection, and the card hasn't unloaded it's
- * certs, try to unload those certs now.
- */
- if (!trusted) {
- CERTCertificate *ccert;
-
- ccert = PK11_FindBestKEAMatch(ss->sec.peerCert, ss->pkcs11PinArg);
- if (ccert)
- CERT_DestroyCertificate(ccert);
- }
-
-
- rv = (SECStatus)(*ss->authCertificate)(ss->authCertificateArg, ss->fd,
- PR_TRUE, isServer);
- if (rv) {
- errCode = PORT_GetError();
- if (!ss->handleBadCert) {
- goto bad_cert;
- }
- rv = (SECStatus)(*ss->handleBadCert)(ss->badCertArg, ss->fd);
- if ( rv ) {
- if ( rv == SECWouldBlock ) {
- /* someone will handle this connection asynchronously*/
- SSL_DBG(("%d: SSL3[%d]: go to async cert handler",
- SSL_GETPID(), ss->fd));
- ssl3->peerCertChain = certs;
- certs = NULL;
- ssl_SetAlwaysBlock(ss);
- goto cert_block;
- }
- /* cert is bad */
- goto bad_cert;
- }
- /* cert is good */
- }
-
- /* start SSL Step Up, if appropriate */
- cert = ss->sec.peerCert;
- if (!isServer &&
- ssl3_global_policy_some_restricted &&
- ssl3->policy == SSL_ALLOWED &&
- anyRestrictedEnabled(ss) &&
- SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,
- PR_FALSE, /* checkSig */
- certUsageSSLServerWithStepUp,
-/*XXX*/ ss->authCertificateArg) ) {
- ssl3->policy = SSL_RESTRICTED;
- ssl3->hs.rehandshake = PR_TRUE;
- }
-
- ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-
- if (!ss->sec.isServer) {
- /* set the server authentication and key exchange types and sizes
- ** from the value in the cert. If the key exchange key is different,
- ** it will get fixed when we handle the server key exchange message.
- */
- SECKEYPublicKey * pubKey = CERT_ExtractPublicKey(cert);
- ss->sec.authAlgorithm = ssl3->hs.kea_def->signKeyType;
- ss->sec.keaType = ssl3->hs.kea_def->exchKeyType;
- if (pubKey) {
- ss->sec.keaKeyBits = ss->sec.authKeyBits =
- SECKEY_PublicKeyStrengthInBits(pubKey);
-#ifdef NSS_ENABLE_ECC
- if (ss->sec.keaType == kt_ecdh) {
- /* Get authKeyBits from signing key.
- * XXX The code below uses a quick approximation of
- * key size based on cert->signatureWrap.signature.data
- * (which contains the DER encoded signature). The field
- * cert->signatureWrap.signature.len contains the
- * length of the encoded signature in bits.
- */
- if (ss->ssl3->hs.kea_def->kea == kea_ecdh_ecdsa) {
- ss->sec.authKeyBits =
- cert->signatureWrap.signature.data[3]*8;
- if (cert->signatureWrap.signature.data[4] == 0x00)
- ss->sec.authKeyBits -= 8;
- /*
- * XXX: if cert is not signed by ecdsa we should
- * destroy pubKey and goto bad_cert
- */
- } else if (ss->ssl3->hs.kea_def->kea == kea_ecdh_rsa) {
- ss->sec.authKeyBits = cert->signatureWrap.signature.len;
- /*
- * XXX: if cert is not signed by rsa we should
- * destroy pubKey and goto bad_cert
- */
- }
- }
-#endif /* NSS_ENABLE_ECC */
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
- }
- }
-
- ssl3->peerCertChain = certs; certs = NULL; arena = NULL;
-
-cert_block:
- if (ss->sec.isServer) {
- ssl3->hs.ws = wait_client_key;
- } else {
- ssl3->hs.ws = wait_cert_request; /* disallow server_key_exchange */
- if (ssl3->hs.kea_def->is_limited ||
- /* XXX OR server cert is signing only. */
- ssl3->hs.kea_def->kea == kea_fortezza ||
-#ifdef NSS_ENABLE_ECC
- ssl3->hs.kea_def->kea == kea_ecdhe_ecdsa ||
- ssl3->hs.kea_def->kea == kea_ecdhe_rsa ||
-#endif /* NSS_ENABLE_ECC */
- ssl3->hs.kea_def->exchKeyType == kt_dh) {
- ssl3->hs.ws = wait_server_key; /* allow server_key_exchange */
- }
- }
-
- /* rv must normally be equal to SECSuccess here. If we called
- * handleBadCert, it can also be SECWouldBlock.
- */
- return rv;
-
-ambiguous_err:
- errCode = PORT_GetError();
- switch (errCode) {
- case PR_OUT_OF_MEMORY_ERROR:
- case SEC_ERROR_BAD_DATABASE:
- case SEC_ERROR_NO_MEMORY:
- if (isTLS) {
- desc = internal_error;
- goto alert_loser;
- }
- goto loser;
- }
- /* fall through to bad_cert. */
-
-bad_cert: /* caller has set errCode. */
- switch (errCode) {
- case SEC_ERROR_LIBRARY_FAILURE: desc = unsupported_certificate; break;
- case SEC_ERROR_EXPIRED_CERTIFICATE: desc = certificate_expired; break;
- case SEC_ERROR_REVOKED_CERTIFICATE: desc = certificate_revoked; break;
- case SEC_ERROR_INADEQUATE_KEY_USAGE:
- case SEC_ERROR_INADEQUATE_CERT_TYPE:
- desc = certificate_unknown; break;
- case SEC_ERROR_UNTRUSTED_CERT:
- desc = isTLS ? access_denied : certificate_unknown; break;
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_ISSUER:
- desc = isTLS ? unknown_ca : certificate_unknown; break;
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- desc = isTLS ? unknown_ca : certificate_expired; break;
-
- case SEC_ERROR_CERT_NOT_IN_NAME_SPACE:
- case SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_BAD_SIGNATURE:
- default: desc = bad_certificate; break;
- }
- SSL_DBG(("%d: SSL3[%d]: peer certificate is no good: error=%d",
- SSL_GETPID(), ss->fd, errCode));
-
- goto alert_loser;
-
-decode_loser:
- desc = isTLS ? decode_error : bad_certificate;
-
-alert_loser:
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-
-loser:
- ssl3->peerCertChain = certs; certs = NULL; arena = NULL;
- ssl3_CleanupPeerCerts(ssl3);
-
- if (ss->sec.peerCert != NULL) {
- CERT_DestroyCertificate(ss->sec.peerCert);
- ss->sec.peerCert = NULL;
- }
- (void)ssl_MapLowLevelError(errCode);
- return SECFailure;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX Need to document here how an application marks a cert to show that
-** the application has accepted it (overridden CERT_VerifyCert).
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
-*/
-int
-ssl3_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
- CERTCertificate * cert;
- ssl3State * ssl3 = ss->ssl3;
- int rv = SECSuccess;
-
- if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
- SET_ERROR_CODE
- return SECFailure;
- }
- if (!ss->ssl3) {
- SET_ERROR_CODE
- return SECFailure;
- }
-
- cert = ss->sec.peerCert;
-
- /* Permit step up if user decided to accept the cert */
- if (!ss->sec.isServer &&
- ssl3_global_policy_some_restricted &&
- ssl3->policy == SSL_ALLOWED &&
- anyRestrictedEnabled(ss) &&
- (SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,
- PR_FALSE, /* checksig */
- certUsageSSLServerWithStepUp,
-/*XXX*/ ss->authCertificateArg) )) {
- ssl3->policy = SSL_RESTRICTED;
- ssl3->hs.rehandshake = PR_TRUE;
- }
-
- if (ss->handshake != NULL) {
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-
- ssl_GetRecvBufLock(ss);
- if (ssl3->hs.msgState.buf != NULL) {
- rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
- }
- ssl_ReleaseRecvBufLock(ss);
- }
-
- return rv;
-}
-
-static SECStatus
-ssl3_ComputeTLSFinished(ssl3CipherSpec *spec,
- PRBool isServer,
- const SSL3Finished * hashes,
- TLSFinished * tlsFinished)
-{
- PK11Context *prf_context;
- const char * label;
- unsigned int len;
- SECStatus rv;
- SECItem param = {siBuffer, NULL, 0};
-
- label = isServer ? "server finished" : "client finished";
- len = 15;
-
- prf_context =
- PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN,
- spec->master_secret, &param);
- if (!prf_context)
- return SECFailure;
-
- rv = PK11_DigestBegin(prf_context);
- rv |= PK11_DigestOp(prf_context, (const unsigned char *) label, len);
- rv |= PK11_DigestOp(prf_context, hashes->md5, sizeof *hashes);
- rv |= PK11_DigestFinal(prf_context, tlsFinished->verify_data,
- &len, sizeof *tlsFinished);
- PORT_Assert(rv != SECSuccess || len == sizeof *tlsFinished);
-
- PK11_DestroyContext(prf_context, PR_TRUE);
- return rv;
-}
-
-/* called from ssl3_HandleServerHelloDone
- * ssl3_HandleClientHello
- * ssl3_HandleFinished
- */
-static SECStatus
-ssl3_SendFinished(sslSocket *ss, PRInt32 flags)
-{
- ssl3CipherSpec *cwSpec;
- PRBool isTLS;
- PRBool isServer = ss->sec.isServer;
- SECStatus rv;
- SSL3Sender sender = isServer ? sender_server : sender_client;
- SSL3Finished hashes;
- TLSFinished tlsFinished;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send finished handshake", SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- ssl_GetSpecReadLock(ss);
- cwSpec = ss->ssl3->cwSpec;
- isTLS = (PRBool)(cwSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_ComputeHandshakeHashes(ss, cwSpec, &hashes, sender);
- if (isTLS && rv == SECSuccess) {
- rv = ssl3_ComputeTLSFinished(cwSpec, isServer, &hashes, &tlsFinished);
- }
- ssl_ReleaseSpecReadLock(ss);
- if (rv != SECSuccess) {
- goto fail; /* err code was set by ssl3_ComputeHandshakeHashes */
- }
-
- if (isTLS) {
- rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof tlsFinished);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- rv = ssl3_AppendHandshake(ss, &tlsFinished, sizeof tlsFinished);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- } else {
- rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof hashes);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- rv = ssl3_AppendHandshake(ss, &hashes, sizeof hashes);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- }
- rv = ssl3_FlushHandshake(ss, flags);
- if (rv != SECSuccess) {
- goto fail; /* error code set by ssl3_FlushHandshake */
- }
- return SECSuccess;
-
-fail:
- return rv;
-}
-
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Finished message from the peer.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
- const SSL3Hashes *hashes)
-{
- ssl3State * ssl3 = ss->ssl3;
- sslSessionID * sid = ss->sec.ci.sid;
- PK11SymKey * wrappingKey = NULL;
- PK11SlotInfo * symKeySlot;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv;
- PRBool isServer = ss->sec.isServer;
- PRBool isTLS;
- PRBool doStepUp;
- CK_MECHANISM_TYPE mechanism;
- SSL3KEAType effectiveExchKeyType;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle finished handshake",
- SSL_GETPID(), ss->fd));
-
- if (ssl3->hs.ws != wait_finished) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_FINISHED);
- return SECFailure;
- }
-
- isTLS = (PRBool)(ssl3->crSpec->version > SSL_LIBRARY_VERSION_3_0);
- if (isTLS) {
- TLSFinished tlsFinished;
-
- if (length != sizeof tlsFinished) {
- (void)SSL3_SendAlert(ss, alert_fatal, decode_error);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
- return SECFailure;
- }
- rv = ssl3_ComputeTLSFinished(ssl3->crSpec, !isServer,
- hashes, &tlsFinished);
- if (rv != SECSuccess ||
- 0 != PORT_Memcmp(&tlsFinished, b, length)) {
- (void)SSL3_SendAlert(ss, alert_fatal, decrypt_error);
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- return SECFailure;
- }
- } else {
- if (length != sizeof(SSL3Hashes)) {
- (void)ssl3_IllegalParameter(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
- return SECFailure;
- }
-
- if (0 != PORT_Memcmp(hashes, b, length)) {
- (void)ssl3_HandshakeFailure(ss);
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- return SECFailure;
- }
- }
-
- doStepUp = (PRBool)(!isServer && ssl3->hs.rehandshake);
-
- ssl_GetXmitBufLock(ss); /*************************************/
-
- if ((isServer && !ssl3->hs.isResuming) ||
- (!isServer && ssl3->hs.isResuming)) {
- PRInt32 flags = 0;
-
- rv = ssl3_SendChangeCipherSpecs(ss);
- if (rv != SECSuccess) {
- goto xmit_loser; /* err is set. */
- }
- /* If this thread is in SSL_SecureSend (trying to write some data)
- ** or if it is going to step up,
- ** then set the ssl_SEND_FLAG_FORCE_INTO_BUFFER flag, so that the
- ** last two handshake messages (change cipher spec and finished)
- ** will be sent in the same send/write call as the application data.
- */
- if (doStepUp || ss->writerThread == PR_GetCurrentThread()) {
- flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER;
- }
- rv = ssl3_SendFinished(ss, flags);
- if (rv != SECSuccess) {
- goto xmit_loser; /* err is set. */
- }
- }
-
- /* Optimization: don't cache this connection if we're going to step up. */
- if (doStepUp) {
- ssl_FreeSID(sid);
- ss->sec.ci.sid = sid = NULL;
- ssl3->hs.rehandshake = PR_FALSE;
- rv = ssl3_SendClientHello(ss);
-xmit_loser:
- ssl_ReleaseXmitBufLock(ss);
- return rv; /* err code is set if appropriate. */
- }
-
- ssl_ReleaseXmitBufLock(ss); /*************************************/
-
- /* The first handshake is now completed. */
- ss->handshake = NULL;
- ss->firstHsDone = PR_TRUE;
- ss->gs.writeOffset = 0;
- ss->gs.readOffset = 0;
-
- if (ssl3->hs.kea_def->kea == kea_ecdhe_rsa) {
- effectiveExchKeyType = kt_rsa;
- } else {
- effectiveExchKeyType = ssl3->hs.kea_def->exchKeyType;
- }
-
- if (sid->cached == never_cached) {
-
- /* fill in the sid */
- sid->u.ssl3.cipherSuite = ssl3->hs.cipher_suite;
- sid->u.ssl3.compression = ssl3->hs.compression;
- sid->u.ssl3.policy = ssl3->policy;
- sid->u.ssl3.exchKeyType = effectiveExchKeyType;
- sid->version = ss->version;
- sid->authAlgorithm = ss->sec.authAlgorithm;
- sid->authKeyBits = ss->sec.authKeyBits;
- sid->keaType = ss->sec.keaType;
- sid->keaKeyBits = ss->sec.keaKeyBits;
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
- sid->localCert = CERT_DupCertificate(ss->sec.localCert);
-
- ssl_GetSpecReadLock(ss); /*************************************/
- symKeySlot = PK11_GetSlotFromKey(ssl3->crSpec->master_secret);
- if (!isServer) {
- int wrapKeyIndex;
- int incarnation;
-
- /* these next few functions are mere accessors and don't fail. */
- sid->u.ssl3.masterWrapIndex = wrapKeyIndex =
- PK11_GetCurrentWrapIndex(symKeySlot);
- PORT_Assert(wrapKeyIndex == 0); /* array has only one entry! */
-
- sid->u.ssl3.masterWrapSeries = incarnation =
- PK11_GetSlotSeries(symKeySlot);
- sid->u.ssl3.masterSlotID = PK11_GetSlotID(symKeySlot);
- sid->u.ssl3.masterModuleID = PK11_GetModuleID(symKeySlot);
- sid->u.ssl3.masterValid = PR_TRUE;
-
- /* Get the default wrapping key, for wrapping the master secret before
- * placing it in the SID cache entry. */
- wrappingKey = PK11_GetWrapKey(symKeySlot, wrapKeyIndex,
- CKM_INVALID_MECHANISM, incarnation,
- pwArg);
- if (wrappingKey) {
- mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
- } else {
- int keyLength;
- /* if the wrappingKey doesn't exist, attempt to create it.
- * Note: we intentionally ignore errors here. If we cannot
- * generate a wrapping key, it is not fatal to this SSL connection,
- * but we will not be able to restart this session.
- */
- mechanism = PK11_GetBestWrapMechanism(symKeySlot);
- keyLength = PK11_GetBestKeyLength(symKeySlot, mechanism);
- /* Zero length means fixed key length algorithm, or error.
- * It's ambiguous.
- */
- wrappingKey = PK11_KeyGen(symKeySlot, mechanism, NULL,
- keyLength, pwArg);
- if (wrappingKey) {
- PK11_SetWrapKey(symKeySlot, wrapKeyIndex, wrappingKey);
- }
- }
- } else {
- /* server. */
- mechanism = PK11_GetBestWrapMechanism(symKeySlot);
- if (mechanism != CKM_INVALID_MECHANISM) {
- wrappingKey =
- getWrappingKey(ss, symKeySlot, effectiveExchKeyType,
- mechanism, pwArg);
- if (wrappingKey) {
- mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
- }
- }
- }
-
- sid->u.ssl3.masterWrapMech = mechanism;
- PK11_FreeSlot(symKeySlot);
-
- rv = SECFailure;
- if (wrappingKey) {
- SECItem msItem;
-
- msItem.data = sid->u.ssl3.keys.wrapped_master_secret;
- msItem.len = sizeof sid->u.ssl3.keys.wrapped_master_secret;
- rv = PK11_WrapSymKey(mechanism, NULL, wrappingKey,
- ssl3->crSpec->master_secret, &msItem);
- /* rv is examined below. */
- sid->u.ssl3.keys.wrapped_master_secret_len = msItem.len;
- PK11_FreeSymKey(wrappingKey);
- }
- ssl_ReleaseSpecReadLock(ss); /*************************************/
-
- /* If the wrap failed, we don't cache the sid.
- * The connection continues normally however.
- */
- if (!ss->noCache && rv == SECSuccess) {
- (*ss->sec.cache)(sid);
- }
- }
- ss->ssl3->hs.ws = idle_handshake;
-
- /* Do the handshake callback for sslv3 here. */
- if (ss->handshakeCallback != NULL) {
- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
- }
-
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshake() when it has gathered a complete ssl3
- * hanshake message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHandshakeMessage(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- SECStatus rv = SECSuccess;
- SSL3HandshakeType type = ss->ssl3->hs.msg_type;
- SSL3Hashes hashes; /* computed hashes are put here. */
- PRUint8 hdr[4];
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- /*
- * We have to compute the hashes before we update them with the
- * current message.
- */
- ssl_GetSpecReadLock(ss); /************************************/
- if((type == finished) || (type == certificate_verify)) {
- SSL3Sender sender = (SSL3Sender)0;
- ssl3CipherSpec *rSpec = ss->ssl3->prSpec;
-
- if (type == finished) {
- sender = ss->sec.isServer ? sender_client : sender_server;
- rSpec = ss->ssl3->crSpec;
- }
- rv = ssl3_ComputeHandshakeHashes(ss, rSpec, &hashes, sender);
- }
- ssl_ReleaseSpecReadLock(ss); /************************************/
- if (rv != SECSuccess) {
- return rv; /* error code was set by ssl3_ComputeHandshakeHashes*/
- }
- SSL_TRC(30,("%d: SSL3[%d]: handle handshake message: %s", SSL_GETPID(),
- ss->fd, ssl3_DecodeHandshakeType(ss->ssl3->hs.msg_type)));
- PRINT_BUF(60, (ss, "MD5 handshake hash:",
- (unsigned char*)ss->ssl3->hs.md5, MD5_LENGTH));
- PRINT_BUF(95, (ss, "SHA handshake hash:",
- (unsigned char*)ss->ssl3->hs.sha, SHA1_LENGTH));
-
- hdr[0] = (PRUint8)ss->ssl3->hs.msg_type;
- hdr[1] = (PRUint8)(length >> 16);
- hdr[2] = (PRUint8)(length >> 8);
- hdr[3] = (PRUint8)(length );
-
- /* Start new handshake hashes when we start a new handshake */
- if (ss->ssl3->hs.msg_type == client_hello) {
- SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",
- SSL_GETPID(), ss->fd ));
- rv = PK11_DigestBegin(ss->ssl3->hs.md5);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return rv;
- }
- rv = PK11_DigestBegin(ss->ssl3->hs.sha);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- return rv;
- }
- }
- /* We should not include hello_request messages in the handshake hashes */
- if (ss->ssl3->hs.msg_type != hello_request) {
- rv = ssl3_UpdateHandshakeHashes(ss, (unsigned char*) hdr, 4);
- if (rv != SECSuccess) return rv; /* err code already set. */
- rv = ssl3_UpdateHandshakeHashes(ss, b, length);
- if (rv != SECSuccess) return rv; /* err code already set. */
- }
-
- PORT_SetError(0); /* each message starts with no error. */
- switch (ss->ssl3->hs.msg_type) {
- case hello_request:
- if (length != 0) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST);
- return SECFailure;
- }
- if (ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
- return SECFailure;
- }
- rv = ssl3_HandleHelloRequest(ss);
- break;
- case client_hello:
- if (!ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO);
- return SECFailure;
- }
- rv = ssl3_HandleClientHello(ss, b, length);
- break;
- case server_hello:
- if (ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO);
- return SECFailure;
- }
- rv = ssl3_HandleServerHello(ss, b, length);
- break;
- case certificate:
- rv = ssl3_HandleCertificate(ss, b, length);
- break;
- case server_key_exchange:
- if (ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
- return SECFailure;
- }
- rv = ssl3_HandleServerKeyExchange(ss, b, length);
- break;
- case certificate_request:
- if (ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST);
- return SECFailure;
- }
- rv = ssl3_HandleCertificateRequest(ss, b, length);
- break;
- case server_hello_done:
- if (length != 0) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_DONE);
- return SECFailure;
- }
- if (ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
- return SECFailure;
- }
- rv = ssl3_HandleServerHelloDone(ss);
- break;
- case certificate_verify:
- if (!ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY);
- return SECFailure;
- }
- rv = ssl3_HandleCertificateVerify(ss, b, length, &hashes);
- break;
- case client_key_exchange:
- if (!ss->sec.isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
- return SECFailure;
- }
- rv = ssl3_HandleClientKeyExchange(ss, b, length);
- break;
- case finished:
- rv = ssl3_HandleFinished(ss, b, length, &hashes);
- break;
- default:
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNKNOWN_HANDSHAKE);
- rv = SECFailure;
- }
- return rv;
-}
-
-/* Called only from ssl3_HandleRecord, for each (deciphered) ssl3 record.
- * origBuf is the decrypted ssl record content.
- * Caller must hold the handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
-{
- /*
- * There may be a partial handshake message already in the handshake
- * state. The incoming buffer may contain another portion, or a
- * complete message or several messages followed by another portion.
- *
- * Each message is made contiguous before being passed to the actual
- * message parser.
- */
- ssl3State *ssl3 = ss->ssl3;
- sslBuffer *buf = &ssl3->hs.msgState; /* do not lose the original buffer pointer */
- SECStatus rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (buf->buf == NULL) {
- *buf = *origBuf;
- }
- while (buf->len > 0) {
- while (ssl3->hs.header_bytes < 4) {
- uint8 t;
- t = *(buf->buf++);
- buf->len--;
- if (ssl3->hs.header_bytes++ == 0)
- ssl3->hs.msg_type = (SSL3HandshakeType)t;
- else
- ssl3->hs.msg_len = (ssl3->hs.msg_len << 8) + t;
-
-#define MAX_HANDSHAKE_MSG_LEN 0x1ffff /* 128k - 1 */
-
- if (ssl3->hs.header_bytes == 4) {
- if (ssl3->hs.msg_len > MAX_HANDSHAKE_MSG_LEN) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
- }
-#undef MAX_HANDSHAKE_MSG_LEN
- if (buf->len == 0 && ssl3->hs.msg_len > 0) {
- buf->buf = NULL;
- return SECSuccess;
- }
- }
-
- /*
- * Header has been gathered and there is at least one byte of new
- * data available for this message. If it can be done right out
- * of the original buffer, then use it from there.
- */
- if (ssl3->hs.msg_body.len == 0 && buf->len >= ssl3->hs.msg_len) {
- /* handle it from input buffer */
- rv = ssl3_HandleHandshakeMessage(ss, buf->buf, ssl3->hs.msg_len);
- if (rv == SECFailure) {
- /* This test wants to fall through on either
- * SECSuccess or SECWouldBlock.
- * ssl3_HandleHandshakeMessage MUST set the error code.
- */
- return rv;
- }
- buf->buf += ssl3->hs.msg_len;
- buf->len -= ssl3->hs.msg_len;
- ssl3->hs.msg_len = 0;
- ssl3->hs.header_bytes = 0;
- if (rv != SECSuccess) { /* return if SECWouldBlock. */
- return rv;
- }
- } else {
- /* must be copied to msg_body and dealt with from there */
- unsigned int bytes;
-
- bytes = PR_MIN(buf->len, ssl3->hs.msg_len);
-
- /* Grow the buffer if needed */
- if (bytes > ssl3->hs.msg_body.space - ssl3->hs.msg_body.len) {
- rv = sslBuffer_Grow(&ssl3->hs.msg_body,
- ssl3->hs.msg_body.len + bytes);
- if (rv != SECSuccess) {
- /* sslBuffer_Grow has set a memory error code. */
- return SECFailure;
- }
- }
- PORT_Memcpy(ssl3->hs.msg_body.buf + ssl3->hs.msg_body.len,
- buf->buf, buf->len);
- buf->buf += bytes;
- buf->len -= bytes;
-
- /* should not be more than one message in msg_body */
- PORT_Assert(ssl3->hs.msg_body.len <= ssl3->hs.msg_len);
-
- /* if we have a whole message, do it */
- if (ssl3->hs.msg_body.len == ssl3->hs.msg_len) {
- rv = ssl3_HandleHandshakeMessage(
- ss, ssl3->hs.msg_body.buf, ssl3->hs.msg_len);
- /*
- * XXX This appears to be wrong. This error handling
- * should clean up after a SECWouldBlock return, like the
- * error handling used 40 lines before/above this one,
- */
- if (rv != SECSuccess) {
- /* ssl3_HandleHandshakeMessage MUST set error code. */
- return rv;
- }
- ssl3->hs.msg_body.len = 0;
- ssl3->hs.msg_len = 0;
- ssl3->hs.header_bytes = 0;
- } else {
- PORT_Assert(buf->len == 0);
- break;
- }
- }
- } /* end loop */
-
- origBuf->len = 0; /* So ssl3_GatherAppDataRecord will keep looping. */
- buf->buf = NULL; /* not a leak. */
- return SECSuccess;
-}
-
-/* if cText is non-null, then decipher, check MAC, and decompress the
- * SSL record from cText->buf (typically gs->inbuf)
- * into databuf (typically gs->buf), and any previous contents of databuf
- * is lost. Then handle databuf according to its SSL record type,
- * unless it's an application record.
- *
- * If cText is NULL, then the ciphertext has previously been deciphered and
- * checked, and is already sitting in databuf. It is processed as an SSL
- * Handshake message.
- *
- * DOES NOT process the decrypted/decompressed application data.
- * On return, databuf contains the decrypted/decompressed record.
- *
- * Called from ssl3_GatherCompleteHandshake
- * ssl3_RestartHandshakeAfterCertReq
- * ssl3_RestartHandshakeAfterServerCert
- *
- * Caller must hold the RecvBufLock.
- *
- * This function aquires and releases the SSL3Handshake Lock, holding the
- * lock around any calls to functions that handle records other than
- * Application Data records.
- */
-SECStatus
-ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf)
-{
-const ssl3BulkCipherDef *cipher_def;
- ssl3State * ssl3 = ss->ssl3;
- ssl3CipherSpec * crSpec;
- SECStatus rv;
- unsigned int hashBytes = MAX_MAC_LENGTH + 1;
- unsigned int padding_length;
- PRBool isTLS;
- PRBool padIsBad = PR_FALSE;
- SSL3ContentType rType;
- SSL3Opaque hash[MAX_MAC_LENGTH];
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (ssl3 == NULL) {
- ssl_GetSSL3HandshakeLock(ss);
- rv = ssl3_InitState(ss);
- ssl_ReleaseSSL3HandshakeLock(ss);
- if (rv != SECSuccess) {
- return rv; /* ssl3_InitState has set the error code. */
- }
- }
-
- ssl3 = ss->ssl3;
-
- /* check for Token Presence */
- if (!ssl3_ClientAuthTokenPresent(ss->sec.ci.sid)) {
- PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
- return SECFailure;
- }
-
- /* cText is NULL when we're called from ssl3_RestartHandshakeAfterXXX().
- * This implies that databuf holds a previously deciphered SSL Handshake
- * message.
- */
- if (cText == NULL) {
- SSL_DBG(("%d: SSL3[%d]: HandleRecord, resuming handshake",
- SSL_GETPID(), ss->fd));
- rType = content_handshake;
- goto process_it;
- }
-
- databuf->len = 0; /* filled in by decode call below. */
- if (databuf->space < MAX_FRAGMENT_LENGTH) {
- rv = sslBuffer_Grow(databuf, MAX_FRAGMENT_LENGTH + 2048);
- if (rv != SECSuccess) {
- SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes",
- SSL_GETPID(), ss->fd, MAX_FRAGMENT_LENGTH + 2048));
- /* sslBuffer_Grow has set a memory error code. */
- /* Perhaps we should send an alert. (but we have no memory!) */
- return SECFailure;
- }
- }
-
- PRINT_BUF(80, (ss, "ciphertext:", cText->buf->buf, cText->buf->len));
-
- ssl_GetSpecReadLock(ss); /******************************************/
-
- crSpec = ssl3->crSpec;
- cipher_def = crSpec->cipher_def;
- isTLS = (PRBool)(crSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- if (isTLS && cText->buf->len > (MAX_FRAGMENT_LENGTH + 2048)) {
- ssl_ReleaseSpecReadLock(ss);
- SSL3_SendAlert(ss, alert_fatal, record_overflow);
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
- /* decrypt from cText buf to databuf. */
- rv = crSpec->decode(
- crSpec->decodeContext, databuf->buf, (int *)&databuf->len,
- databuf->space, cText->buf->buf, cText->buf->len);
-
- PRINT_BUF(80, (ss, "cleartext:", databuf->buf, databuf->len));
- if (rv != SECSuccess) {
- int err = ssl_MapLowLevelError(SSL_ERROR_DECRYPTION_FAILURE);
- ssl_ReleaseSpecReadLock(ss);
- SSL3_SendAlert(ss, alert_fatal,
- isTLS ? decryption_failed : bad_record_mac);
- PORT_SetError(err);
- return SECFailure;
- }
-
- /* If it's a block cipher, check and strip the padding. */
- if (cipher_def->type == type_block) {
- padding_length = *(databuf->buf + databuf->len - 1);
- /* TLS permits padding to exceed the block size, up to 255 bytes. */
- if (padding_length + 1 + crSpec->mac_size > databuf->len)
- padIsBad = PR_TRUE;
- /* if TLS, check value of first padding byte. */
- else if (padding_length && isTLS &&
- padding_length !=
- *(databuf->buf + databuf->len - (padding_length + 1)))
- padIsBad = PR_TRUE;
- else
- databuf->len -= padding_length + 1;
- }
-
- /* Remove the MAC. */
- if (databuf->len >= crSpec->mac_size)
- databuf->len -= crSpec->mac_size;
- else
- padIsBad = PR_TRUE; /* really macIsBad */
-
- /* compute the MAC */
- rType = cText->type;
- rv = ssl3_ComputeRecordMAC(
- crSpec, (ss->sec.isServer) ? crSpec->client.write_mac_context
- : crSpec->server.write_mac_context,
- rType, cText->version, crSpec->read_seq_num,
- databuf->buf, databuf->len, hash, &hashBytes);
- if (rv != SECSuccess) {
- int err = ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
- ssl_ReleaseSpecReadLock(ss);
- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
- PORT_SetError(err);
- return rv;
- }
-
- /* Check the MAC */
- if (hashBytes != (unsigned)crSpec->mac_size || padIsBad ||
- PORT_Memcmp(databuf->buf + databuf->len, hash, crSpec->mac_size) != 0) {
- /* must not hold spec lock when calling SSL3_SendAlert. */
- ssl_ReleaseSpecReadLock(ss);
- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
- /* always log mac error, in case attacker can read server logs. */
- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
-
- SSL_DBG(("%d: SSL3[%d]: mac check failed", SSL_GETPID(), ss->fd));
-
- return SECFailure;
- }
-
- ssl3_BumpSequenceNumber(&crSpec->read_seq_num);
-
- ssl_ReleaseSpecReadLock(ss); /*****************************************/
-
- /*
- * The decrypted data is now in databuf.
- *
- * the null decompression routine is right here
- */
-
- /*
- ** Having completed the decompression, check the length again.
- */
- if (isTLS && databuf->len > (MAX_FRAGMENT_LENGTH + 1024)) {
- SSL3_SendAlert(ss, alert_fatal, record_overflow);
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
-
- /* Application data records are processed by the caller of this
- ** function, not by this function.
- */
- if (rType == content_application_data) {
- return SECSuccess;
- }
-
- /* It's a record that must be handled by ssl itself, not the application.
- */
-process_it:
- /* XXX Get the xmit lock here. Odds are very high that we'll be xmiting
- * data ang getting the xmit lock here prevents deadlocks.
- */
- ssl_GetSSL3HandshakeLock(ss);
-
- /* All the functions called in this switch MUST set error code if
- ** they return SECFailure or SECWouldBlock.
- */
- switch (rType) {
- case content_change_cipher_spec:
- rv = ssl3_HandleChangeCipherSpecs(ss, databuf);
- break;
- case content_alert:
- rv = ssl3_HandleAlert(ss, databuf);
- break;
- case content_handshake:
- rv = ssl3_HandleHandshake(ss, databuf);
- break;
- case content_application_data:
- rv = SECSuccess;
- break;
- default:
- SSL_DBG(("%d: SSL3[%d]: bogus content type=%d",
- SSL_GETPID(), ss->fd, cText->type));
- /* XXX Send an alert ??? */
- PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE);
- rv = SECFailure;
- break;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv;
-
-}
-
-/*
- * Initialization functions
- */
-
-/* Called from ssl3_InitState, immediately below. */
-/* Caller must hold the SpecWriteLock. */
-static void
-ssl3_InitCipherSpec(sslSocket *ss, ssl3CipherSpec *spec)
-{
- spec->cipher_def = &bulk_cipher_defs[cipher_null];
- PORT_Assert(spec->cipher_def->cipher == cipher_null);
- spec->mac_def = &mac_defs[mac_null];
- PORT_Assert(spec->mac_def->mac == mac_null);
- spec->encode = Null_Cipher;
- spec->decode = Null_Cipher;
- spec->destroy = NULL;
- spec->mac_size = 0;
- spec->master_secret = NULL;
-
- spec->client.write_key = NULL;
- spec->client.write_mac_key = NULL;
- spec->client.write_mac_context = NULL;
-
- spec->server.write_key = NULL;
- spec->server.write_mac_key = NULL;
- spec->server.write_mac_context = NULL;
-
- spec->write_seq_num.high = 0;
- spec->write_seq_num.low = 0;
-
- spec->read_seq_num.high = 0;
- spec->read_seq_num.low = 0;
-
- spec->version = ss->enableTLS
- ? SSL_LIBRARY_VERSION_3_1_TLS
- : SSL_LIBRARY_VERSION_3_0;
-}
-
-/* Called from: ssl3_SendRecord
-** ssl3_StartHandshakeHash() <- ssl2_BeginClientHandshake()
-** ssl3_SendClientHello()
-** ssl3_HandleServerHello()
-** ssl3_HandleClientHello()
-** ssl3_HandleV2ClientHello()
-** ssl3_HandleRecord()
-**
-** This function should perhaps acquire and release the SpecWriteLock.
-**
-**
-*/
-static SECStatus
-ssl3_InitState(sslSocket *ss)
-{
- ssl3State * ssl3 = NULL;
- PK11Context *md5 = NULL;
- PK11Context *sha = NULL;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- /* reinitialization for renegotiated sessions XXX */
- if (ss->ssl3 != NULL)
- return SECSuccess;
-
- ssl3 = PORT_ZNew(ssl3State); /* zero on purpose */
- if (ssl3 == NULL)
- return SECFailure; /* PORT_ZAlloc has set memory error code. */
-
- /* note that entire HandshakeState is zero, including the buffer */
- ssl3->policy = SSL_ALLOWED;
-
- ssl_GetSpecWriteLock(ss);
- ssl3->crSpec = ssl3->cwSpec = &ssl3->specs[0];
- ssl3->prSpec = ssl3->pwSpec = &ssl3->specs[1];
- ssl3->hs.rehandshake = PR_FALSE;
- ssl3_InitCipherSpec(ss, ssl3->crSpec);
- ssl3_InitCipherSpec(ss, ssl3->prSpec);
- ssl3->fortezza.tek = NULL;
-
- ssl3->hs.ws = (ss->sec.isServer) ? wait_client_hello : wait_server_hello;
- ssl_ReleaseSpecWriteLock(ss);
-
- /*
- * note: We should probably lookup an SSL3 slot for these
- * handshake hashes in hopes that we wind up with the same slots
- * that the master secret will wind up in ...
- */
- SSL_TRC(30,("%d: SSL3[%d]: start handshake hashes", SSL_GETPID(), ss->fd));
- ssl3->hs.md5 = md5 = PK11_CreateDigestContext(SEC_OID_MD5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- goto loser;
- }
- rv = PK11_DigestBegin(ssl3->hs.md5);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- goto loser;
- }
-
- sha = ssl3->hs.sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- goto loser;
- }
- rv = PK11_DigestBegin(ssl3->hs.sha);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- goto loser;
- }
-
- /* Don't hide this from the rest of the world any more. */
- ss->ssl3 = ssl3;
-
- return SECSuccess;
-
-loser:
- if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
- if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
- if (ssl3 != NULL) PORT_Free(ssl3);
- return SECFailure;
-}
-
-/* Returns a reference counted object that contains a key pair.
- * Or NULL on failure. Initial ref count is 1.
- * Uses the keys in the pair as input.
- */
-ssl3KeyPair *
-ssl3_NewKeyPair( SECKEYPrivateKey * privKey, SECKEYPublicKey * pubKey)
-{
- ssl3KeyPair * pair;
-
- if (!privKey || !pubKey) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return NULL;
- }
- pair = PORT_ZNew(ssl3KeyPair);
- if (!pair)
- return NULL; /* error code is set. */
- pair->refCount = 1;
- pair->privKey = privKey;
- pair->pubKey = pubKey;
- return pair; /* success */
-}
-
-ssl3KeyPair *
-ssl3_GetKeyPairRef(ssl3KeyPair * keyPair)
-{
- PR_AtomicIncrement(&keyPair->refCount);
- return keyPair;
-}
-
-void
-ssl3_FreeKeyPair(ssl3KeyPair * keyPair)
-{
- PRInt32 newCount = PR_AtomicDecrement(&keyPair->refCount);
- if (!newCount) {
- SECKEY_DestroyPrivateKey(keyPair->privKey);
- SECKEY_DestroyPublicKey( keyPair->pubKey);
- PORT_Free(keyPair);
- }
-}
-
-
-
-/*
- * Creates the public and private RSA keys for SSL Step down.
- * Called from SSL_ConfigSecureServer in sslsecur.c
- */
-SECStatus
-ssl3_CreateRSAStepDownKeys(sslSocket *ss)
-{
- SECStatus rv = SECSuccess;
- SECKEYPrivateKey * privKey; /* RSA step down key */
- SECKEYPublicKey * pubKey; /* RSA step down key */
-
- if (ss->stepDownKeyPair)
- ssl3_FreeKeyPair(ss->stepDownKeyPair);
- ss->stepDownKeyPair = NULL;
-#ifndef HACKED_EXPORT_SERVER
- /* Sigh, should have a get key strength call for private keys */
- if (PK11_GetPrivateModulusLen(ss->serverCerts[kt_rsa].serverKey) >
- EXPORT_RSA_KEY_LENGTH) {
- /* need to ask for the key size in bits */
- privKey = SECKEY_CreateRSAPrivateKey(EXPORT_RSA_KEY_LENGTH * BPB,
- &pubKey, NULL);
- if (!privKey || !pubKey ||
- !(ss->stepDownKeyPair = ssl3_NewKeyPair(privKey, pubKey))) {
- ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
- rv = SECFailure;
- }
- }
-#endif
- return rv;
-}
-
-#ifdef NSS_ENABLE_ECC
-/*
- * Creates the ephemeral public and private ECDH keys used by
- * server in ECDHE_RSA and ECDHE_ECDSA handshakes.
- * XXX For now, the elliptic curve is hardcoded to NIST P-224.
- * We need an API to specify the curve. This won't be a real
- * issue until we further develop server-side support for ECC
- * cipher suites.
- */
-SECStatus
-ssl3_CreateECDHEphemeralKeys(sslSocket *ss)
-{
- SECStatus rv = SECSuccess;
- SECKEYPrivateKey * privKey;
- SECKEYPublicKey * pubKey;
- SECKEYECParams ecParams = { siBuffer, NULL, 0 };
-
- if (ss->ephemeralECDHKeyPair)
- ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
- ss->ephemeralECDHKeyPair = NULL;
-
- if (ecName2params(NULL, ec_secp224r1, &ecParams) == SECFailure)
- return SECFailure;
- privKey = SECKEY_CreateECPrivateKey(&ecParams, &pubKey, NULL);
- if (!privKey || !pubKey ||
- !(ss->ephemeralECDHKeyPair = ssl3_NewKeyPair(privKey, pubKey))) {
- ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
- rv = SECFailure;
- }
-
- PORT_Free(ecParams.data);
- return rv;
-}
-#endif /* NSS_ENABLE_ECC */
-
-/* record the export policy for this cipher suite */
-SECStatus
-ssl3_SetPolicy(ssl3CipherSuite which, int policy)
-{
- ssl3CipherSuiteCfg *suite;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite == NULL) {
- return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
- }
- suite->policy = policy;
-
- if (policy == SSL_RESTRICTED) {
- ssl3_global_policy_some_restricted = PR_TRUE;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *oPolicy)
-{
- ssl3CipherSuiteCfg *suite;
- PRInt32 policy;
- SECStatus rv;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite) {
- policy = suite->policy;
- rv = SECSuccess;
- } else {
- policy = SSL_NOT_ALLOWED;
- rv = SECFailure; /* err code was set by Lookup. */
- }
- *oPolicy = policy;
- return rv;
-}
-
-/* record the user preference for this suite */
-SECStatus
-ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled)
-{
- ssl3CipherSuiteCfg *suite;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite == NULL) {
- return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
- }
- suite->enabled = enabled;
- return SECSuccess;
-}
-
-/* return the user preference for this suite */
-SECStatus
-ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *enabled)
-{
- ssl3CipherSuiteCfg *suite;
- PRBool pref;
- SECStatus rv;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite) {
- pref = suite->enabled;
- rv = SECSuccess;
- } else {
- pref = SSL_NOT_ALLOWED;
- rv = SECFailure; /* err code was set by Lookup. */
- }
- *enabled = pref;
- return rv;
-}
-
-SECStatus
-ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool enabled)
-{
- ssl3CipherSuiteCfg *suite;
-
- suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
- if (suite == NULL) {
- return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
- }
- suite->enabled = enabled;
- return SECSuccess;
-}
-
-SECStatus
-ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *enabled)
-{
- ssl3CipherSuiteCfg *suite;
- PRBool pref;
- SECStatus rv;
-
- suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
- if (suite) {
- pref = suite->enabled;
- rv = SECSuccess;
- } else {
- pref = SSL_NOT_ALLOWED;
- rv = SECFailure; /* err code was set by Lookup. */
- }
- *enabled = pref;
- return rv;
-}
-
-/* copy global default policy into socket. */
-void
-ssl3_InitSocketPolicy(sslSocket *ss)
-{
- PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites);
-}
-
-/* ssl3_config_match_init must have already been called by
- * the caller of this function.
- */
-SECStatus
-ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size)
-{
- int i, count = 0;
-
- PORT_Assert(ss != 0);
- if (!ss) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- if (!ss->enableSSL3 && !ss->enableTLS) {
- *size = 0;
- return SECSuccess;
- }
- if (cs == NULL) {
- *size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE);
- return SECSuccess;
- }
-
- /* ssl3_config_match_init was called by the caller of this function. */
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (config_match(suite, SSL_ALLOWED, PR_TRUE)) {
- if (cs != NULL) {
- *cs++ = 0x00;
- *cs++ = (suite->cipher_suite >> 8) & 0xFF;
- *cs++ = suite->cipher_suite & 0xFF;
- }
- count++;
- }
- }
- *size = count;
- return SECSuccess;
-}
-
-/*
-** If ssl3 socket has completed the first handshake, and is in idle state,
-** then start a new handshake.
-** If flushCache is true, the SID cache will be flushed first, forcing a
-** "Full" handshake (not a session restart handshake), to be done.
-**
-** called from SSL_RedoHandshake(), which already holds the handshake locks.
-*/
-SECStatus
-ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache)
-{
- sslSessionID * sid = ss->sec.ci.sid;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (!ss->firstHsDone ||
- ((ss->version >= SSL_LIBRARY_VERSION_3_0) &&
- ss->ssl3 && (ss->ssl3->hs.ws != idle_handshake))) {
- PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED);
- return SECFailure;
- }
- if (sid && flushCache) {
- ss->sec.uncache(sid); /* remove it from whichever cache it's in. */
- ssl_FreeSID(sid); /* dec ref count and free if zero. */
- ss->sec.ci.sid = NULL;
- }
-
- ssl_GetXmitBufLock(ss); /**************************************/
-
- /* start off a new handshake. */
- rv = (ss->sec.isServer) ? ssl3_SendHelloRequest(ss)
- : ssl3_SendClientHello(ss);
-
- ssl_ReleaseXmitBufLock(ss); /**************************************/
- return rv;
-}
-
-/* Called from ssl_FreeSocket() in sslsock.c */
-void
-ssl3_DestroySSL3Info(ssl3State *ssl3)
-{
- if (ssl3 == NULL)
- return; /* success the easy way. */
-
- if (ssl3->clientCertificate != NULL)
- CERT_DestroyCertificate(ssl3->clientCertificate);
-
- if (ssl3->clientPrivateKey != NULL)
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
-
- if (ssl3->peerCertArena != NULL)
- ssl3_CleanupPeerCerts(ssl3);
-
- if (ssl3->clientCertChain != NULL) {
- CERT_DestroyCertificateList(ssl3->clientCertChain);
- ssl3->clientCertChain = NULL;
- }
-
- /* clean up handshake */
- if (ssl3->hs.md5) {
- PK11_DestroyContext(ssl3->hs.md5,PR_TRUE);
- }
- if (ssl3->hs.sha) {
- PK11_DestroyContext(ssl3->hs.sha,PR_TRUE);
- }
-
- if (ssl3->fortezza.tek != NULL) {
- PK11_FreeSymKey(ssl3->fortezza.tek);
- }
- /* free the SSL3Buffer (msg_body) */
- PORT_Free(ssl3->hs.msg_body.buf);
-
- /* free up the CipherSpecs */
- ssl3_DestroyCipherSpec(&ssl3->specs[0]);
- ssl3_DestroyCipherSpec(&ssl3->specs[1]);
-
- PORT_Free(ssl3);
-}
-
-/* End of ssl3con.c */
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
deleted file mode 100644
index 92e1523b6..000000000
--- a/security/nss/lib/ssl/ssl3gthr.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
- * Gather (Read) entire SSL3 records from socket into buffer.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "ssl3prot.h"
-
-/*
- * Attempt to read in an entire SSL3 record.
- * Blocks here for blocking sockets, otherwise returns -1 with
- * PR_WOULD_BLOCK_ERROR when socket would block.
- *
- * returns 1 if received a complete SSL3 record.
- * returns 0 if recv returns EOF
- * returns -1 if recv returns <0
- * (The error value may have already been set to PR_WOULD_BLOCK_ERROR)
- *
- * Caller must hold the recv buf lock.
- *
- * The Gather state machine has 3 states: GS_INIT, GS_HEADER, GS_DATA.
- * GS_HEADER: waiting for the 5-byte SSL3 record header to come in.
- * GS_DATA: waiting for the body of the SSL3 record to come in.
- *
- * This loop returns when either (a) an error or EOF occurs,
- * (b) PR_WOULD_BLOCK_ERROR,
- * (c) data (entire SSL3 record) has been received.
- */
-static int
-ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags)
-{
- unsigned char *bp;
- unsigned char *lbp;
- int nb;
- int err;
- int rv = 1;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- if (gs->state == GS_INIT) {
- gs->state = GS_HEADER;
- gs->remainder = 5;
- gs->offset = 0;
- gs->writeOffset = 0;
- gs->readOffset = 0;
- gs->inbuf.len = 0;
- }
-
- lbp = gs->inbuf.buf;
- for(;;) {
- SSL_TRC(30, ("%d: SSL3[%d]: gather state %d (need %d more)",
- SSL_GETPID(), ss->fd, gs->state, gs->remainder));
- bp = ((gs->state != GS_HEADER) ? lbp : gs->hdr) + gs->offset;
- nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
-
- if (nb > 0) {
- PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
- } else if (nb == 0) {
- /* EOF */
- SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
- rv = 0;
- break;
- } else /* if (nb < 0) */ {
- SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
- PR_GetError()));
- rv = SECFailure;
- break;
- }
-
- PORT_Assert( nb <= gs->remainder );
- if (nb > gs->remainder) {
- /* ssl_DefRecv is misbehaving! this error is fatal to SSL. */
- gs->state = GS_INIT; /* so we don't crash next time */
- rv = SECFailure;
- break;
- }
-
- gs->offset += nb;
- gs->remainder -= nb;
- if (gs->state == GS_DATA)
- gs->inbuf.len += nb;
-
- /* if there's more to go, read some more. */
- if (gs->remainder > 0) {
- continue;
- }
-
- /* have received entire record header, or entire record. */
- switch (gs->state) {
- case GS_HEADER:
- /*
- ** Have received SSL3 record header in gs->hdr.
- ** Now extract the length of the following encrypted data,
- ** and then read in the rest of the SSL3 record into gs->inbuf.
- */
- gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4];
-
- /* This is the max fragment length for an encrypted fragment
- ** plus the size of the record header.
- */
- if(gs->remainder > (MAX_FRAGMENT_LENGTH + 2048 + 5)) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- gs->state = GS_INIT;
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
-
- gs->state = GS_DATA;
- gs->offset = 0;
- gs->inbuf.len = 0;
-
- if (gs->remainder > gs->inbuf.space) {
- err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
- if (err) { /* realloc has set error code to no mem. */
- return err;
- }
- lbp = gs->inbuf.buf;
- }
- break; /* End this case. Continue around the loop. */
-
-
- case GS_DATA:
- /*
- ** SSL3 record has been completely received.
- */
- gs->state = GS_INIT;
- return 1;
- }
- }
-
- return rv;
-}
-
-/* Gather in a record and when complete, Handle that record.
- * Repeat this until the handshake is complete,
- * or until application data is available.
- *
- * Returns 1 when the handshake is completed without error, or
- * application data is available.
- * Returns 0 if ssl3_GatherData hits EOF.
- * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
- *
- * Called from ssl_GatherRecord1stHandshake in sslcon.c,
- * and from SSL_ForceHandshake in sslsecur.c
- * and from ssl3_GatherAppDataRecord below (<- DoRecv in sslsecur.c).
- *
- * Caller must hold the recv buf lock.
- */
-int
-ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
-{
- SSL3Ciphertext cText;
- int rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- do {
- /* bring in the next sslv3 record. */
- rv = ssl3_GatherData(ss, &ss->gs, flags);
- if (rv <= 0) {
- return rv;
- }
-
- /* decipher it, and handle it if it's a handshake.
- * If it's application data, ss->gs.buf will not be empty upon return.
- */
- cText.type = (SSL3ContentType)ss->gs.hdr[0];
- cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
- cText.buf = &ss->gs.inbuf;
- rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
- if (rv < 0) {
- return ss->recvdCloseNotify ? 0 : rv;
- }
- } while (ss->ssl3->hs.ws != idle_handshake && ss->gs.buf.len == 0);
-
- ss->gs.readOffset = 0;
- ss->gs.writeOffset = ss->gs.buf.len;
- return 1;
-}
-
-/* Repeatedly gather in a record and when complete, Handle that record.
- * Repeat this until some application data is received.
- *
- * Returns 1 when application data is available.
- * Returns 0 if ssl3_GatherData hits EOF.
- * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
- *
- * Called from DoRecv in sslsecur.c
- * Caller must hold the recv buf lock.
- */
-int
-ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
-{
- int rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- do {
- rv = ssl3_GatherCompleteHandshake(ss, flags);
- } while (rv > 0 && ss->gs.buf.len == 0);
-
- return rv;
-}
diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h
deleted file mode 100644
index 54e1fafcc..000000000
--- a/security/nss/lib/ssl/ssl3prot.h
+++ /dev/null
@@ -1,313 +0,0 @@
-/*
- * Various and sundry protocol constants. DON'T CHANGE THESE. These
- * values are defined by the SSL 3.0 protocol specification.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __ssl3proto_h_
-#define __ssl3proto_h_
-
-typedef uint8 SSL3Opaque;
-
-typedef uint16 SSL3ProtocolVersion;
-/* version numbers are defined in sslproto.h */
-
-typedef uint16 ssl3CipherSuite;
-/* The cipher suites are defined in sslproto.h */
-
-#define MAX_CERT_TYPES 10
-#define MAX_COMPRESSION_METHODS 10
-#define MAX_MAC_LENGTH 64
-#define MAX_PADDING_LENGTH 64
-#define MAX_KEY_LENGTH 64
-#define EXPORT_KEY_LENGTH 5
-#define SSL3_RANDOM_LENGTH 32
-
-#define SSL3_RECORD_HEADER_LENGTH 5
-
-#define MAX_FRAGMENT_LENGTH 16384
-
-typedef enum {
- content_change_cipher_spec = 20,
- content_alert = 21,
- content_handshake = 22,
- content_application_data = 23
-} SSL3ContentType;
-
-typedef struct {
- SSL3ContentType type;
- SSL3ProtocolVersion version;
- uint16 length;
- SECItem fragment;
-} SSL3Plaintext;
-
-typedef struct {
- SSL3ContentType type;
- SSL3ProtocolVersion version;
- uint16 length;
- SECItem fragment;
-} SSL3Compressed;
-
-typedef struct {
- SECItem content;
- SSL3Opaque MAC[MAX_MAC_LENGTH];
-} SSL3GenericStreamCipher;
-
-typedef struct {
- SECItem content;
- SSL3Opaque MAC[MAX_MAC_LENGTH];
- uint8 padding[MAX_PADDING_LENGTH];
- uint8 padding_length;
-} SSL3GenericBlockCipher;
-
-typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
-
-typedef struct {
- SSL3ChangeCipherSpecChoice choice;
-} SSL3ChangeCipherSpec;
-
-typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
-
-typedef enum {
- close_notify = 0,
- unexpected_message = 10,
- bad_record_mac = 20,
- decryption_failed = 21, /* TLS only */
- record_overflow = 22, /* TLS only */
- decompression_failure = 30,
- handshake_failure = 40,
- no_certificate = 41, /* SSL3 only, NOT TLS */
- bad_certificate = 42,
- unsupported_certificate = 43,
- certificate_revoked = 44,
- certificate_expired = 45,
- certificate_unknown = 46,
- illegal_parameter = 47,
-
-/* All alerts below are TLS only. */
- unknown_ca = 48,
- access_denied = 49,
- decode_error = 50,
- decrypt_error = 51,
- export_restriction = 60,
- protocol_version = 70,
- insufficient_security = 71,
- internal_error = 80,
- user_canceled = 90,
- no_renegotiation = 100
-
-} SSL3AlertDescription;
-
-typedef struct {
- SSL3AlertLevel level;
- SSL3AlertDescription description;
-} SSL3Alert;
-
-typedef enum {
- hello_request = 0,
- client_hello = 1,
- server_hello = 2,
- certificate = 11,
- server_key_exchange = 12,
- certificate_request = 13,
- server_hello_done = 14,
- certificate_verify = 15,
- client_key_exchange = 16,
- finished = 20
-} SSL3HandshakeType;
-
-typedef struct {
- uint8 empty;
-} SSL3HelloRequest;
-
-typedef struct {
- SSL3Opaque rand[SSL3_RANDOM_LENGTH];
-} SSL3Random;
-
-typedef struct {
- SSL3Opaque id[32];
- uint8 length;
-} SSL3SessionID;
-
-typedef enum { compression_null = 0 } SSL3CompressionMethod;
-
-typedef struct {
- SSL3ProtocolVersion client_version;
- SSL3Random random;
- SSL3SessionID session_id;
- SECItem cipher_suites;
- uint8 cm_count;
- SSL3CompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
-} SSL3ClientHello;
-
-typedef struct {
- SSL3ProtocolVersion server_version;
- SSL3Random random;
- SSL3SessionID session_id;
- ssl3CipherSuite cipher_suite;
- SSL3CompressionMethod compression_method;
-} SSL3ServerHello;
-
-typedef struct {
- SECItem list;
-} SSL3Certificate;
-
-/* SSL3SignType moved to ssl.h */
-
-/* The SSL key exchange method used */
-typedef enum {
- kea_null,
- kea_rsa,
- kea_rsa_export,
- kea_rsa_export_1024,
- kea_dh_dss,
- kea_dh_dss_export,
- kea_dh_rsa,
- kea_dh_rsa_export,
- kea_dhe_dss,
- kea_dhe_dss_export,
- kea_dhe_rsa,
- kea_dhe_rsa_export,
- kea_dh_anon,
- kea_dh_anon_export,
- kea_fortezza,
- kea_rsa_fips,
- kea_ecdh_ecdsa,
- kea_ecdhe_ecdsa,
- kea_ecdh_rsa,
- kea_ecdhe_rsa
-} SSL3KeyExchangeAlgorithm;
-
-typedef struct {
- SECItem modulus;
- SECItem exponent;
-} SSL3ServerRSAParams;
-
-typedef struct {
- SECItem p;
- SECItem g;
- SECItem Ys;
-} SSL3ServerDHParams;
-
-typedef struct {
- union {
- SSL3ServerDHParams dh;
- SSL3ServerRSAParams rsa;
- } u;
-} SSL3ServerParams;
-
-typedef struct {
- uint8 md5[16];
- uint8 sha[20];
-} SSL3Hashes;
-
-typedef struct {
- union {
- SSL3Opaque anonymous;
- SSL3Hashes certified;
- } u;
-} SSL3ServerKeyExchange;
-
-typedef enum {
- ct_RSA_sign = 1,
- ct_DSS_sign = 2,
- ct_RSA_fixed_DH = 3,
- ct_DSS_fixed_DH = 4,
- ct_RSA_ephemeral_DH = 5,
- ct_DSS_ephemeral_DH = 6,
- ct_Fortezza = 20
-} SSL3ClientCertificateType;
-
-typedef SECItem *SSL3DistinquishedName;
-
-typedef struct {
- SSL3Opaque client_version[2];
- SSL3Opaque random[46];
-} SSL3RSAPreMasterSecret;
-
-typedef SECItem SSL3EncryptedPreMasterSecret;
-
-/* Following struct is the format of a Fortezza ClientKeyExchange message. */
-typedef struct {
- SECItem y_c;
- SSL3Opaque r_c [128];
- SSL3Opaque y_signature [40];
- SSL3Opaque wrapped_client_write_key [12];
- SSL3Opaque wrapped_server_write_key [12];
- SSL3Opaque client_write_iv [24];
- SSL3Opaque server_write_iv [24];
- SSL3Opaque master_secret_iv [24];
- SSL3Opaque encrypted_preMasterSecret[48];
-} SSL3FortezzaKeys;
-
-typedef SSL3Opaque SSL3MasterSecret[48];
-
-typedef enum { implicit, explicit } SSL3PublicValueEncoding;
-
-typedef struct {
- union {
- SSL3Opaque implicit;
- SECItem explicit;
- } dh_public;
-} SSL3ClientDiffieHellmanPublic;
-
-typedef struct {
- union {
- SSL3EncryptedPreMasterSecret rsa;
- SSL3ClientDiffieHellmanPublic diffie_helman;
- SSL3FortezzaKeys fortezza;
- } exchange_keys;
-} SSL3ClientKeyExchange;
-
-typedef SSL3Hashes SSL3PreSignedCertificateVerify;
-
-typedef SECItem SSL3CertificateVerify;
-
-typedef enum {
- sender_client = 0x434c4e54,
- sender_server = 0x53525652
-} SSL3Sender;
-
-typedef SSL3Hashes SSL3Finished;
-
-typedef struct {
- SSL3Opaque verify_data[12];
-} TLSFinished;
-
-#endif /* __ssl3proto_h_ */
diff --git a/security/nss/lib/ssl/sslauth.c b/security/nss/lib/ssl/sslauth.c
deleted file mode 100644
index eb1575058..000000000
--- a/security/nss/lib/ssl/sslauth.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-
-/* NEED LOCKS IN HERE. */
-CERTCertificate *
-SSL_PeerCertificate(PRFileDesc *fd)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
- SSL_GETPID(), fd));
- return 0;
- }
- if (ss->useSecurity && ss->sec.peerCert) {
- return CERT_DupCertificate(ss->sec.peerCert);
- }
- return 0;
-}
-
-/* NEED LOCKS IN HERE. */
-CERTCertificate *
-SSL_LocalCertificate(PRFileDesc *fd)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
- SSL_GETPID(), fd));
- return NULL;
- }
- if (ss->useSecurity) {
- if (ss->sec.localCert) {
- return CERT_DupCertificate(ss->sec.localCert);
- }
- if (ss->sec.ci.sid && ss->sec.ci.sid->localCert) {
- return CERT_DupCertificate(ss->sec.ci.sid->localCert);
- }
- }
- return NULL;
-}
-
-
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
- char **ip, char **sp)
-{
- sslSocket *ss;
- const char *cipherName;
- PRBool isDes = PR_FALSE;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SecurityStatus",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if (cp) *cp = 0;
- if (kp0) *kp0 = 0;
- if (kp1) *kp1 = 0;
- if (ip) *ip = 0;
- if (sp) *sp = 0;
- if (op) {
- *op = SSL_SECURITY_STATUS_OFF;
- }
-
- if (ss->useSecurity && ss->firstHsDone) {
-
- if (ss->version < SSL_LIBRARY_VERSION_3_0) {
- cipherName = ssl_cipherName[ss->sec.cipherType];
- } else {
- cipherName = ssl3_cipherName[ss->sec.cipherType];
- }
- if (cipherName && PORT_Strstr(cipherName, "DES")) isDes = PR_TRUE;
- /* do same key stuff for fortezza */
-
- if (cp) {
- *cp = PORT_Strdup(cipherName);
- }
-
- if (kp0) {
- *kp0 = ss->sec.keyBits;
- if (isDes) *kp0 = (*kp0 * 7) / 8;
- }
- if (kp1) {
- *kp1 = ss->sec.secretKeyBits;
- if (isDes) *kp1 = (*kp1 * 7) / 8;
- }
- if (op) {
- if (ss->sec.keyBits == 0) {
- *op = SSL_SECURITY_STATUS_OFF;
- } else if (ss->sec.secretKeyBits < 90) {
- *op = SSL_SECURITY_STATUS_ON_LOW;
-
- } else {
- *op = SSL_SECURITY_STATUS_ON_HIGH;
- }
- }
-
- if (ip || sp) {
- CERTCertificate *cert;
-
- cert = ss->sec.peerCert;
- if (cert) {
- if (ip) {
- *ip = CERT_NameToAscii(&cert->issuer);
- }
- if (sp) {
- *sp = CERT_NameToAscii(&cert->subject);
- }
- } else {
- if (ip) {
- *ip = PORT_Strdup("no certificate");
- }
- if (sp) {
- *sp = PORT_Strdup("no certificate");
- }
- }
- }
- }
-
- return SECSuccess;
-}
-
-/************************************************************************/
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_AuthCertificateHook(PRFileDesc *s, SSLAuthCertificate func, void *arg)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in AuthCertificateHook",
- SSL_GETPID(), s));
- return SECFailure;
- }
-
- ss->authCertificate = func;
- ss->authCertificateArg = arg;
-
- return SECSuccess;
-}
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_GetClientAuthDataHook(PRFileDesc *s, SSLGetClientAuthData func,
- void *arg)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
- SSL_GETPID(), s));
- return SECFailure;
- }
-
- ss->getClientAuthData = func;
- ss->getClientAuthDataArg = arg;
- return SECSuccess;
-}
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_SetPKCS11PinArg(PRFileDesc *s, void *arg)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
- SSL_GETPID(), s));
- return SECFailure;
- }
-
- ss->pkcs11PinArg = arg;
- return SECSuccess;
-}
-
-
-/* This is the "default" authCert callback function. It is called when a
- * certificate message is received from the peer and the local application
- * has not registered an authCert callback function.
- */
-SECStatus
-SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
-{
- SECStatus rv;
- CERTCertDBHandle * handle;
- sslSocket * ss;
- SECCertUsage certUsage;
- const char * hostname = NULL;
-
- ss = ssl_FindSocket(fd);
- PORT_Assert(ss != NULL);
- if (!ss) {
- return SECFailure;
- }
-
- handle = (CERTCertDBHandle *)arg;
-
- /* this may seem backwards, but isn't. */
- certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
- rv = CERT_VerifyCertNow(handle, ss->sec.peerCert, checkSig, certUsage,
- ss->pkcs11PinArg);
-
- if ( rv != SECSuccess || isServer )
- return rv;
-
- /* cert is OK. This is the client side of an SSL connection.
- * Now check the name field in the cert against the desired hostname.
- * NB: This is our only defense against Man-In-The-Middle (MITM) attacks!
- */
- hostname = ss->url;
- if (hostname && hostname[0])
- rv = CERT_VerifyCertName(ss->sec.peerCert, hostname);
- else
- rv = SECFailure;
- if (rv != SECSuccess)
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
-
- return rv;
-}
diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c
deleted file mode 100644
index e373fa28b..000000000
--- a/security/nss/lib/ssl/sslcon.c
+++ /dev/null
@@ -1,3782 +0,0 @@
-/*
- * SSL v2 handshake functions, and functions common to SSL2 and SSL3.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secitem.h"
-#include "sechash.h"
-#include "cryptohi.h" /* for SGN_ funcs */
-#include "keyhi.h" /* for SECKEY_ high level functions. */
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "ssl3prot.h"
-#include "sslerr.h"
-#include "pk11func.h"
-#include "prinit.h"
-#include "prtime.h" /* for PR_Now() */
-
-#define XXX
-static PRBool policyWasSet;
-
-/* This ordered list is indexed by (SSL_CK_xx * 3) */
-/* Second and third bytes are MSB and LSB of master key length. */
-static const PRUint8 allCipherSuites[] = {
- 0, 0, 0,
- SSL_CK_RC4_128_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC4_128_EXPORT40_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 0x00, 0x80,
- SSL_CK_IDEA_128_CBC_WITH_MD5, 0x00, 0x80,
- SSL_CK_DES_64_CBC_WITH_MD5, 0x00, 0x40,
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5, 0x00, 0xC0,
- 0, 0, 0
-};
-
-#define ssl2_NUM_SUITES_IMPLEMENTED 6
-
-/* This list is sent back to the client when the client-hello message
- * contains no overlapping ciphers, so the client can report what ciphers
- * are supported by the server. Unlike allCipherSuites (above), this list
- * is sorted by descending preference, not by cipherSuite number.
- */
-static const PRUint8 implementedCipherSuites[ssl2_NUM_SUITES_IMPLEMENTED * 3] = {
- SSL_CK_RC4_128_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_WITH_MD5, 0x00, 0x80,
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5, 0x00, 0xC0,
- SSL_CK_DES_64_CBC_WITH_MD5, 0x00, 0x40,
- SSL_CK_RC4_128_EXPORT40_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 0x00, 0x80
-};
-
-typedef struct ssl2SpecsStr {
- PRUint8 nkm; /* do this many hashes to generate key material. */
- PRUint8 nkd; /* size of readKey and writeKey in bytes. */
- PRUint8 blockSize;
- PRUint8 blockShift;
- CK_MECHANISM_TYPE mechanism;
- PRUint8 keyLen; /* cipher symkey size in bytes. */
- PRUint8 pubLen; /* publicly reveal this many bytes of key. */
- PRUint8 ivLen; /* length of IV data at *ca. */
-} ssl2Specs;
-
-static const ssl2Specs ssl_Specs[] = {
-/* NONE */
- { 0, 0, 0, 0, },
-/* SSL_CK_RC4_128_WITH_MD5 */
- { 2, 16, 1, 0, CKM_RC4, 16, 0, 0, },
-/* SSL_CK_RC4_128_EXPORT40_WITH_MD5 */
- { 2, 16, 1, 0, CKM_RC4, 16, 11, 0, },
-/* SSL_CK_RC2_128_CBC_WITH_MD5 */
- { 2, 16, 8, 3, CKM_RC2_CBC, 16, 0, 8, },
-/* SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 */
- { 2, 16, 8, 3, CKM_RC2_CBC, 16, 11, 8, },
-/* SSL_CK_IDEA_128_CBC_WITH_MD5 */
- { 0, 0, 0, 0, },
-/* SSL_CK_DES_64_CBC_WITH_MD5 */
- { 1, 8, 8, 3, CKM_DES_CBC, 8, 0, 8, },
-/* SSL_CK_DES_192_EDE3_CBC_WITH_MD5 */
- { 3, 24, 8, 3, CKM_DES3_CBC, 24, 0, 8, },
-};
-
-#define SET_ERROR_CODE /* reminder */
-#define TEST_FOR_FAILURE /* reminder */
-
-/*
-** Put a string tag in the library so that we can examine an executable
-** and see what kind of security it supports.
-*/
-const char *ssl_version = "SECURITY_VERSION:"
- " +us"
- " +export"
-#ifdef TRACE
- " +trace"
-#endif
-#ifdef DEBUG
- " +debug"
-#endif
- ;
-
-const char * const ssl_cipherName[] = {
- "unknown",
- "RC4",
- "RC4-Export",
- "RC2-CBC",
- "RC2-CBC-Export",
- "IDEA-CBC",
- "DES-CBC",
- "DES-EDE3-CBC",
- "unknown",
- "Fortezza",
-};
-
-
-/* bit-masks, showing which SSLv2 suites are allowed.
- * lsb corresponds to first cipher suite in allCipherSuites[].
- */
-static PRUint16 allowedByPolicy; /* all off by default */
-static PRUint16 maybeAllowedByPolicy; /* all off by default */
-static PRUint16 chosenPreference = 0xff; /* all on by default */
-
-/* bit values for the above two bit masks */
-#define SSL_CB_RC4_128_WITH_MD5 (1 << SSL_CK_RC4_128_WITH_MD5)
-#define SSL_CB_RC4_128_EXPORT40_WITH_MD5 (1 << SSL_CK_RC4_128_EXPORT40_WITH_MD5)
-#define SSL_CB_RC2_128_CBC_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_WITH_MD5)
-#define SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5)
-#define SSL_CB_IDEA_128_CBC_WITH_MD5 (1 << SSL_CK_IDEA_128_CBC_WITH_MD5)
-#define SSL_CB_DES_64_CBC_WITH_MD5 (1 << SSL_CK_DES_64_CBC_WITH_MD5)
-#define SSL_CB_DES_192_EDE3_CBC_WITH_MD5 (1 << SSL_CK_DES_192_EDE3_CBC_WITH_MD5)
-#define SSL_CB_IMPLEMENTED \
- (SSL_CB_RC4_128_WITH_MD5 | \
- SSL_CB_RC4_128_EXPORT40_WITH_MD5 | \
- SSL_CB_RC2_128_CBC_WITH_MD5 | \
- SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 | \
- SSL_CB_DES_64_CBC_WITH_MD5 | \
- SSL_CB_DES_192_EDE3_CBC_WITH_MD5)
-
-
-/* Construct a socket's list of cipher specs from the global default values.
- */
-static SECStatus
-ssl2_ConstructCipherSpecs(sslSocket *ss)
-{
- PRUint8 * cs = NULL;
- unsigned int allowed;
- unsigned int count;
- int ssl3_count = 0;
- int final_count;
- int i;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- count = 0;
- PORT_Assert(ss != 0);
- allowed = !ss->enableSSL2 ? 0 :
- (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED);
- while (allowed) {
- if (allowed & 1)
- ++count;
- allowed >>= 1;
- }
-
- /* Call ssl3_config_match_init() once here,
- * instead of inside ssl3_ConstructV2CipherSpecsHack(),
- * because the latter gets called twice below,
- * and then again in ssl2_BeginClientHandshake().
- */
- ssl3_config_match_init(ss);
-
- /* ask SSL3 how many cipher suites it has. */
- rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3_count);
- if (rv < 0)
- return rv;
- count += ssl3_count;
-
- /* Allocate memory to hold cipher specs */
- if (count > 0)
- cs = (PRUint8*) PORT_Alloc(count * 3);
- else
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- if (cs == NULL)
- return SECFailure;
-
- if (ss->cipherSpecs != NULL) {
- PORT_Free(ss->cipherSpecs);
- }
- ss->cipherSpecs = cs;
- ss->sizeCipherSpecs = count * 3;
-
- /* fill in cipher specs for SSL2 cipher suites */
- allowed = !ss->enableSSL2 ? 0 :
- (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED);
- for (i = 0; i < ssl2_NUM_SUITES_IMPLEMENTED * 3; i += 3) {
- const PRUint8 * hs = implementedCipherSuites + i;
- int ok = allowed & (1U << hs[0]);
- if (ok) {
- cs[0] = hs[0];
- cs[1] = hs[1];
- cs[2] = hs[2];
- cs += 3;
- }
- }
-
- /* now have SSL3 add its suites onto the end */
- rv = ssl3_ConstructV2CipherSpecsHack(ss, cs, &final_count);
-
- /* adjust for any difference between first pass and second pass */
- ss->sizeCipherSpecs -= (ssl3_count - final_count) * 3;
-
- return rv;
-}
-
-/* This function is called immediately after ssl2_ConstructCipherSpecs()
-** at the beginning of a handshake. It detects cases where a protocol
-** (e.g. SSL2 or SSL3) is logically enabled, but all its cipher suites
-** for that protocol have been disabled. If such cases, it clears the
-** enable bit for the protocol. If no protocols remain enabled, or
-** if no cipher suites are found, it sets the error code and returns
-** SECFailure, otherwise it returns SECSuccess.
-*/
-static SECStatus
-ssl2_CheckConfigSanity(sslSocket *ss)
-{
- unsigned int allowed;
- int ssl3CipherCount = 0;
- SECStatus rv;
-
- /* count the SSL2 and SSL3 enabled ciphers.
- * if either is zero, clear the socket's enable for that protocol.
- */
- if (!ss->cipherSpecs)
- goto disabled;
-
- allowed = ss->allowedByPolicy & ss->chosenPreference;
- if (! allowed)
- ss->enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */
-
- /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */
- /* Ask how many ssl3 CipherSuites were enabled. */
- rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount);
- if (rv != SECSuccess || ssl3CipherCount <= 0) {
- ss->enableSSL3 = PR_FALSE; /* not really enabled if no ciphers */
- ss->enableTLS = PR_FALSE;
- }
-
- if (!ss->enableSSL2 && !ss->enableSSL3 && !ss->enableTLS) {
- SSL_DBG(("%d: SSL[%d]: Can't handshake! both v2 and v3 disabled.",
- SSL_GETPID(), ss->fd));
-disabled:
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- */
-SECStatus
-ssl2_SetPolicy(PRInt32 which, PRInt32 policy)
-{
- PRUint32 bitMask;
- SECStatus rv = SECSuccess;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return SECFailure;
- }
-
- if (policy == SSL_ALLOWED) {
- allowedByPolicy |= bitMask;
- maybeAllowedByPolicy |= bitMask;
- } else if (policy == SSL_RESTRICTED) {
- allowedByPolicy &= ~bitMask;
- maybeAllowedByPolicy |= bitMask;
- } else {
- allowedByPolicy &= ~bitMask;
- maybeAllowedByPolicy &= ~bitMask;
- }
- allowedByPolicy &= SSL_CB_IMPLEMENTED;
- maybeAllowedByPolicy &= SSL_CB_IMPLEMENTED;
-
- policyWasSet = PR_TRUE;
- return rv;
-}
-
-SECStatus
-ssl2_GetPolicy(PRInt32 which, PRInt32 *oPolicy)
-{
- PRUint32 bitMask;
- PRInt32 policy;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- /* Caller assures oPolicy is not null. */
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- *oPolicy = SSL_NOT_ALLOWED;
- return SECFailure;
- }
-
- if (maybeAllowedByPolicy & bitMask) {
- policy = (allowedByPolicy & bitMask) ? SSL_ALLOWED : SSL_RESTRICTED;
- } else {
- policy = SSL_NOT_ALLOWED;
- }
-
- *oPolicy = policy;
- return SECSuccess;
-}
-
-/*
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- * Called from SSL_CipherPrefSetDefault in sslsock.c
- * These changes have no effect on any sslSockets already created.
- */
-SECStatus
-ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
-{
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return SECFailure;
- }
-
- if (enabled)
- chosenPreference |= bitMask;
- else
- chosenPreference &= ~bitMask;
- chosenPreference &= SSL_CB_IMPLEMENTED;
-
- return SECSuccess;
-}
-
-SECStatus
-ssl2_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
-{
- PRBool rv = PR_FALSE;
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- *enabled = PR_FALSE;
- return SECFailure;
- }
-
- rv = (PRBool)((chosenPreference & bitMask) != 0);
- *enabled = rv;
- return SECSuccess;
-}
-
-SECStatus
-ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled)
-{
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return SECFailure;
- }
-
- if (enabled)
- ss->chosenPreference |= bitMask;
- else
- ss->chosenPreference &= ~bitMask;
- ss->chosenPreference &= SSL_CB_IMPLEMENTED;
-
- return SECSuccess;
-}
-
-SECStatus
-ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled)
-{
- PRBool rv = PR_FALSE;
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- *enabled = PR_FALSE;
- return SECFailure;
- }
-
- rv = (PRBool)((ss->chosenPreference & bitMask) != 0);
- *enabled = rv;
- return SECSuccess;
-}
-
-
-/* copy global default policy into socket. */
-void
-ssl2_InitSocketPolicy(sslSocket *ss)
-{
- ss->allowedByPolicy = allowedByPolicy;
- ss->maybeAllowedByPolicy = maybeAllowedByPolicy;
- ss->chosenPreference = chosenPreference;
-}
-
-
-/************************************************************************/
-
-/* Called from ssl2_CreateSessionCypher(), which already holds handshake lock.
- */
-static SECStatus
-ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey,
- int cipherChoice)
-{
- switch (cipherChoice) {
-
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_WITH_MD5:
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC4_128_WITH_MD5:
- case SSL_CK_DES_64_CBC_WITH_MD5:
- case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
- sec->hash = HASH_GetHashObject(HASH_AlgMD5);
- SECITEM_CopyItem(0, &sec->sendSecret, writeKey);
- SECITEM_CopyItem(0, &sec->rcvSecret, readKey);
- break;
-
- default:
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
- }
- sec->hashcx = (*sec->hash->create)();
- if (sec->hashcx == NULL)
- return SECFailure;
- return SECSuccess;
-}
-
-/************************************************************************
- * All the Send functions below must acquire and release the socket's
- * xmitBufLock.
- */
-
-/* Called from all the Send* functions below. */
-static SECStatus
-ssl2_GetSendBuffer(sslSocket *ss, unsigned int len)
-{
- SECStatus rv = SECSuccess;
-
- PORT_Assert(ssl_HaveXmitBufLock(ss));
-
- if (len < 128) {
- len = 128;
- }
- if (len > ss->sec.ci.sendBuf.space) {
- rv = sslBuffer_Grow(&ss->sec.ci.sendBuf, len);
- if (rv != SECSuccess) {
- SSL_DBG(("%d: SSL[%d]: ssl2_GetSendBuffer failed, tried to get %d bytes",
- SSL_GETPID(), ss->fd, len));
- rv = SECFailure;
- }
- }
- return rv;
-}
-
-/* Called from:
- * ssl2_ClientSetupSessionCypher() <- ssl2_HandleServerHelloMessage()
- * ssl2_HandleRequestCertificate() <- ssl2_HandleMessage() <-
- ssl_Do1stHandshake()
- * ssl2_HandleMessage() <- ssl_Do1stHandshake()
- * ssl2_HandleServerHelloMessage() <- ssl_Do1stHandshake()
- after ssl2_BeginClientHandshake()
- * ssl2_RestartHandshakeAfterCertReq() <- Called from certdlgs.c in nav.
- * ssl2_HandleClientHelloMessage() <- ssl_Do1stHandshake()
- after ssl2_BeginServerHandshake()
- *
- * Acquires and releases the socket's xmitBufLock.
- */
-int
-ssl2_SendErrorMessage(sslSocket *ss, int error)
-{
- int rv;
- PRUint8 msg[SSL_HL_ERROR_HBYTES];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- msg[0] = SSL_MT_ERROR;
- msg[1] = MSB(error);
- msg[2] = LSB(error);
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- SSL_TRC(3, ("%d: SSL[%d]: sending error %d", SSL_GETPID(), ss->fd, error));
-
- ss->handshakeBegun = 1;
- rv = (*ss->sec.send)(ss, msg, sizeof(msg), 0);
- if (rv >= 0) {
- rv = SECSuccess;
- }
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_TryToFinish().
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendClientFinishedMessage(sslSocket *ss)
-{
- SECStatus rv = SECSuccess;
- int sent;
- PRUint8 msg[1 + SSL_CONNECTIONID_BYTES];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- if (ss->sec.ci.sentFinished == 0) {
- ss->sec.ci.sentFinished = 1;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending client-finished",
- SSL_GETPID(), ss->fd));
-
- msg[0] = SSL_MT_CLIENT_FINISHED;
- PORT_Memcpy(msg+1, ss->sec.ci.connectionID,
- sizeof(ss->sec.ci.connectionID));
-
- DUMP_MSG(29, (ss, msg, 1 + sizeof(ss->sec.ci.connectionID)));
- sent = (*ss->sec.send)(ss, msg, 1 + sizeof(ss->sec.ci.connectionID), 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
- }
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from
- * ssl2_HandleClientSessionKeyMessage() <- ssl2_HandleClientHelloMessage()
- * ssl2_HandleClientHelloMessage() <- ssl_Do1stHandshake()
- after ssl2_BeginServerHandshake()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendServerVerifyMessage(sslSocket *ss)
-{
- PRUint8 * msg;
- int sendLen;
- int sent;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- sendLen = 1 + SSL_CHALLENGE_BYTES;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess) {
- goto done;
- }
-
- msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_SERVER_VERIFY;
- PORT_Memcpy(msg+1, ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_TryToFinish().
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendServerFinishedMessage(sslSocket *ss)
-{
- sslSessionID * sid;
- PRUint8 * msg;
- int sendLen, sent;
- SECStatus rv = SECSuccess;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- if (ss->sec.ci.sentFinished == 0) {
- ss->sec.ci.sentFinished = 1;
- PORT_Assert(ss->sec.ci.sid != 0);
- sid = ss->sec.ci.sid;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending server-finished",
- SSL_GETPID(), ss->fd));
-
- sendLen = 1 + sizeof(sid->u.ssl2.sessionID);
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess) {
- goto done;
- }
-
- msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_SERVER_FINISHED;
- PORT_Memcpy(msg+1, sid->u.ssl2.sessionID,
- sizeof(sid->u.ssl2.sessionID));
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-
- if (sent < 0) {
- /* If send failed, it is now a bogus session-id */
- (*ss->sec.uncache)(sid);
- rv = (SECStatus)sent;
- } else if (!ss->noCache) {
- /* Put the sid in session-id cache, (may already be there) */
- (*ss->sec.cache)(sid);
- rv = SECSuccess;
- }
- ssl_FreeSID(sid);
- ss->sec.ci.sid = 0;
- }
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_ClientSetupSessionCypher() <-
- * ssl2_HandleServerHelloMessage()
- * after ssl2_BeginClientHandshake()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendSessionKeyMessage(sslSocket *ss, int cipher, int keySize,
- PRUint8 *ca, int caLen,
- PRUint8 *ck, int ckLen,
- PRUint8 *ek, int ekLen)
-{
- PRUint8 * msg;
- int sendLen;
- int sent;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- sendLen = SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen + caLen;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess)
- goto done;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending client-session-key",
- SSL_GETPID(), ss->fd));
-
- msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_CLIENT_MASTER_KEY;
- msg[1] = cipher;
- msg[2] = MSB(keySize);
- msg[3] = LSB(keySize);
- msg[4] = MSB(ckLen);
- msg[5] = LSB(ckLen);
- msg[6] = MSB(ekLen);
- msg[7] = LSB(ekLen);
- msg[8] = MSB(caLen);
- msg[9] = LSB(caLen);
- PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES, ck, ckLen);
- PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES+ckLen, ek, ekLen);
- PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES+ckLen+ekLen, ca, caLen);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*ss->sec.send)(ss, msg, sendLen, 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_TriggerNextMessage() <- ssl2_HandleMessage()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendCertificateRequestMessage(sslSocket *ss)
-{
- PRUint8 * msg;
- int sent;
- int sendLen;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- sendLen = SSL_HL_REQUEST_CERTIFICATE_HBYTES + SSL_CHALLENGE_BYTES;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess)
- goto done;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending certificate request",
- SSL_GETPID(), ss->fd));
-
- /* Generate random challenge for client to encrypt */
- PK11_GenerateRandom(ss->sec.ci.serverChallenge, SSL_CHALLENGE_BYTES);
-
- msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_REQUEST_CERTIFICATE;
- msg[1] = SSL_AT_MD5_WITH_RSA_ENCRYPTION;
- PORT_Memcpy(msg + SSL_HL_REQUEST_CERTIFICATE_HBYTES,
- ss->sec.ci.serverChallenge, SSL_CHALLENGE_BYTES);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*ss->sec.send)(ss, msg, sendLen, 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_HandleRequestCertificate() <- ssl2_HandleMessage()
- * ssl2_RestartHandshakeAfterCertReq() <- (application)
- * Acquires and releases the socket's xmitBufLock.
- */
-static int
-ssl2_SendCertificateResponseMessage(sslSocket *ss, SECItem *cert,
- SECItem *encCode)
-{
- PRUint8 *msg;
- int rv, sendLen;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- sendLen = SSL_HL_CLIENT_CERTIFICATE_HBYTES + encCode->len + cert->len;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv)
- goto done;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending certificate response",
- SSL_GETPID(), ss->fd));
-
- msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_CLIENT_CERTIFICATE;
- msg[1] = SSL_CT_X509_CERTIFICATE;
- msg[2] = MSB(cert->len);
- msg[3] = LSB(cert->len);
- msg[4] = MSB(encCode->len);
- msg[5] = LSB(encCode->len);
- PORT_Memcpy(msg + SSL_HL_CLIENT_CERTIFICATE_HBYTES, cert->data, cert->len);
- PORT_Memcpy(msg + SSL_HL_CLIENT_CERTIFICATE_HBYTES + cert->len,
- encCode->data, encCode->len);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- rv = (*ss->sec.send)(ss, msg, sendLen, 0);
- if (rv >= 0) {
- rv = SECSuccess;
- }
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/********************************************************************
-** Send functions above this line must aquire & release the socket's
-** xmitBufLock.
-** All the ssl2_Send functions below this line are called vis ss->sec.send
-** and require that the caller hold the xmitBufLock.
-*/
-
-/*
-** Called from ssl2_SendStream, ssl2_SendBlock, but not from ssl2_SendClear.
-*/
-static SECStatus
-ssl2_CalcMAC(PRUint8 * result,
- sslSecurityInfo * sec,
- const PRUint8 * data,
- unsigned int dataLen,
- unsigned int paddingLen)
-{
- const PRUint8 * secret = sec->sendSecret.data;
- unsigned int secretLen = sec->sendSecret.len;
- unsigned long sequenceNumber = sec->sendSequence;
- unsigned int nout;
- PRUint8 seq[4];
- PRUint8 padding[32];/* XXX max blocksize? */
-
- if (!sec->hash || !sec->hash->length)
- return SECSuccess;
- if (!sec->hashcx)
- return SECFailure;
-
- /* Reset hash function */
- (*sec->hash->begin)(sec->hashcx);
-
- /* Feed hash the data */
- (*sec->hash->update)(sec->hashcx, secret, secretLen);
- (*sec->hash->update)(sec->hashcx, data, dataLen);
- PORT_Memset(padding, paddingLen, paddingLen);
- (*sec->hash->update)(sec->hashcx, padding, paddingLen);
-
- seq[0] = (PRUint8) (sequenceNumber >> 24);
- seq[1] = (PRUint8) (sequenceNumber >> 16);
- seq[2] = (PRUint8) (sequenceNumber >> 8);
- seq[3] = (PRUint8) (sequenceNumber);
-
- PRINT_BUF(60, (0, "calc-mac secret:", secret, secretLen));
- PRINT_BUF(60, (0, "calc-mac data:", data, dataLen));
- PRINT_BUF(60, (0, "calc-mac padding:", padding, paddingLen));
- PRINT_BUF(60, (0, "calc-mac seq:", seq, 4));
-
- (*sec->hash->update)(sec->hashcx, seq, 4);
-
- /* Get result */
- (*sec->hash->end)(sec->hashcx, result, &nout, sec->hash->length);
-
- return SECSuccess;
-}
-
-/*
-** Maximum transmission amounts. These are tiny bit smaller than they
-** need to be (they account for the MAC length plus some padding),
-** assuming the MAC is 16 bytes long and the padding is a max of 7 bytes
-** long. This gives an additional 9 bytes of slop to work within.
-*/
-#define MAX_STREAM_CYPHER_LEN 0x7fe0
-#define MAX_BLOCK_CYPHER_LEN 0x3fe0
-
-/*
-** Send some data in the clear.
-** Package up data with the length header and send it.
-**
-** Return count of bytes succesfully written, or negative number (failure).
-*/
-static PRInt32
-ssl2_SendClear(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
- PRUint8 * out;
- int rv;
- int amount;
- int count = 0;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes in the clear",
- SSL_GETPID(), ss->fd, len));
- PRINT_BUF(50, (ss, "clear data:", (PRUint8*) in, len));
-
- while (len) {
- amount = PR_MIN( len, MAX_STREAM_CYPHER_LEN );
- if (amount + 2 > ss->sec.writeBuf.space) {
- rv = sslBuffer_Grow(&ss->sec.writeBuf, amount + 2);
- if (rv != SECSuccess) {
- count = rv;
- break;
- }
- }
- out = ss->sec.writeBuf.buf;
-
- /*
- ** Construct message.
- */
- out[0] = 0x80 | MSB(amount);
- out[1] = LSB(amount);
- PORT_Memcpy(&out[2], in, amount);
-
- /* Now send the data */
- rv = ssl_DefSend(ss, out, amount + 2, flags & ~ssl_SEND_FLAG_MASK);
- if (rv < 0) {
- if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
- rv = 0;
- } else {
- /* Return short write if some data already went out... */
- if (count == 0)
- count = rv;
- break;
- }
- }
-
- if ((unsigned)rv < (amount + 2)) {
- /* Short write. Save the data and return. */
- if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
- amount + 2 - rv) == SECFailure) {
- count = SECFailure;
- } else {
- count += amount;
- ss->sec.sendSequence++;
- }
- break;
- }
-
- ss->sec.sendSequence++;
- in += amount;
- count += amount;
- len -= amount;
- }
-
- return count;
-}
-
-/*
-** Send some data, when using a stream cipher. Stream ciphers have a
-** block size of 1. Package up the data with the length header
-** and send it.
-*/
-static PRInt32
-ssl2_SendStream(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
- PRUint8 * out;
- int rv;
- int count = 0;
-
- int amount;
- PRUint8 macLen;
- int nout;
- int buflen;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes using stream cipher",
- SSL_GETPID(), ss->fd, len));
- PRINT_BUF(50, (ss, "clear data:", (PRUint8*) in, len));
-
- while (len) {
- ssl_GetSpecReadLock(ss); /*************************************/
-
- macLen = ss->sec.hash->length;
- amount = PR_MIN( len, MAX_STREAM_CYPHER_LEN );
- buflen = amount + 2 + macLen;
- if (buflen > ss->sec.writeBuf.space) {
- rv = sslBuffer_Grow(&ss->sec.writeBuf, buflen);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- out = ss->sec.writeBuf.buf;
- nout = amount + macLen;
- out[0] = 0x80 | MSB(nout);
- out[1] = LSB(nout);
-
- /* Calculate MAC */
- rv = ssl2_CalcMAC(out+2, /* put MAC here */
- &ss->sec,
- in, amount, /* input addr & length */
- 0); /* no padding */
- if (rv != SECSuccess)
- goto loser;
-
- /* Encrypt MAC */
- rv = (*ss->sec.enc)(ss->sec.writecx, out+2, &nout, macLen, out+2, macLen);
- if (rv) goto loser;
-
- /* Encrypt data from caller */
- rv = (*ss->sec.enc)(ss->sec.writecx, out+2+macLen, &nout, amount, in, amount);
- if (rv) goto loser;
-
- ssl_ReleaseSpecReadLock(ss); /*************************************/
-
- PRINT_BUF(50, (ss, "encrypted data:", out, buflen));
-
- rv = ssl_DefSend(ss, out, buflen, flags & ~ssl_SEND_FLAG_MASK);
- if (rv < 0) {
- if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
- SSL_TRC(50, ("%d: SSL[%d]: send stream would block, "
- "saving data", SSL_GETPID(), ss->fd));
- rv = 0;
- } else {
- SSL_TRC(10, ("%d: SSL[%d]: send stream error %d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- /* Return short write if some data already went out... */
- if (count == 0)
- count = rv;
- goto done;
- }
- }
-
- if ((unsigned)rv < buflen) {
- /* Short write. Save the data and return. */
- if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
- buflen - rv) == SECFailure) {
- count = SECFailure;
- } else {
- count += amount;
- ss->sec.sendSequence++;
- }
- goto done;
- }
-
- ss->sec.sendSequence++;
- in += amount;
- count += amount;
- len -= amount;
- }
-
-done:
- return count;
-
-loser:
- ssl_ReleaseSpecReadLock(ss);
- return SECFailure;
-}
-
-/*
-** Send some data, when using a block cipher. Package up the data with
-** the length header and send it.
-*/
-/* XXX assumes blocksize is > 7 */
-static PRInt32
-ssl2_SendBlock(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
- PRUint8 * out; /* begining of output buffer. */
- PRUint8 * op; /* next output byte goes here. */
- int rv; /* value from funcs we called. */
- int count = 0; /* this function's return value. */
-
- unsigned int hlen; /* output record hdr len, 2 or 3 */
- unsigned int macLen; /* MAC is this many bytes long. */
- int amount; /* of plaintext to go in record. */
- unsigned int padding; /* add this many padding byte. */
- int nout; /* ciphertext size after header. */
- int buflen; /* size of generated record. */
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes using block cipher",
- SSL_GETPID(), ss->fd, len));
- PRINT_BUF(50, (ss, "clear data:", in, len));
-
- while (len) {
- ssl_GetSpecReadLock(ss); /*************************************/
-
- macLen = ss->sec.hash->length;
- /* Figure out how much to send, including mac and padding */
- amount = PR_MIN( len, MAX_BLOCK_CYPHER_LEN );
- nout = amount + macLen;
- padding = nout & (ss->sec.blockSize - 1);
- if (padding) {
- hlen = 3;
- padding = ss->sec.blockSize - padding;
- nout += padding;
- } else {
- hlen = 2;
- }
- buflen = hlen + nout;
- if (buflen > ss->sec.writeBuf.space) {
- rv = sslBuffer_Grow(&ss->sec.writeBuf, buflen);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- out = ss->sec.writeBuf.buf;
-
- /* Construct header */
- op = out;
- if (padding) {
- *op++ = MSB(nout);
- *op++ = LSB(nout);
- *op++ = padding;
- } else {
- *op++ = 0x80 | MSB(nout);
- *op++ = LSB(nout);
- }
-
- /* Calculate MAC */
- rv = ssl2_CalcMAC(op, /* MAC goes here. */
- &ss->sec,
- in, amount, /* intput addr, len */
- padding);
- if (rv != SECSuccess)
- goto loser;
- op += macLen;
-
- /* Copy in the input data */
- /* XXX could eliminate the copy by folding it into the encryption */
- PORT_Memcpy(op, in, amount);
- op += amount;
- if (padding) {
- PORT_Memset(op, padding, padding);
- op += padding;
- }
-
- /* Encrypt result */
- rv = (*ss->sec.enc)(ss->sec.writecx, out+hlen, &nout, buflen-hlen,
- out+hlen, op - (out + hlen));
- if (rv)
- goto loser;
-
- ssl_ReleaseSpecReadLock(ss); /*************************************/
-
- PRINT_BUF(50, (ss, "final xmit data:", out, op - out));
-
- rv = ssl_DefSend(ss, out, op - out, flags & ~ssl_SEND_FLAG_MASK);
- if (rv < 0) {
- if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
- rv = 0;
- } else {
- SSL_TRC(10, ("%d: SSL[%d]: send block error %d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- /* Return short write if some data already went out... */
- if (count == 0)
- count = rv;
- goto done;
- }
- }
-
- if (rv < (op - out)) {
- /* Short write. Save the data and return. */
- if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
- op - out - rv) == SECFailure) {
- count = SECFailure;
- } else {
- count += amount;
- ss->sec.sendSequence++;
- }
- goto done;
- }
-
- ss->sec.sendSequence++;
- in += amount;
- count += amount;
- len -= amount;
- }
-
-done:
- return count;
-
-loser:
- ssl_ReleaseSpecReadLock(ss);
- return SECFailure;
-}
-
-/*
-** Called from: ssl2_HandleServerHelloMessage,
-** ssl2_HandleClientSessionKeyMessage,
-** ssl2_RestartHandshakeAfterServerCert,
-** ssl2_HandleClientHelloMessage,
-**
-*/
-static void
-ssl2_UseEncryptedSendFunc(sslSocket *ss)
-{
- ssl_GetXmitBufLock(ss);
- PORT_Assert(ss->sec.hashcx != 0);
-
- ss->gs.encrypted = 1;
- ss->sec.send = (ss->sec.blockSize > 1) ? ssl2_SendBlock : ssl2_SendStream;
- ssl_ReleaseXmitBufLock(ss);
-}
-
-/* Called while initializing socket in ssl_CreateSecurityInfo().
-** This function allows us to keep the name of ssl2_SendClear static.
-*/
-void
-ssl2_UseClearSendFunc(sslSocket *ss)
-{
- ss->sec.send = ssl2_SendClear;
-}
-
-/************************************************************************
-** END of Send functions. *
-*************************************************************************/
-
-/***********************************************************************
- * For SSL3, this gathers in and handles records/messages until either
- * the handshake is complete or application data is available.
- *
- * For SSL2, this gathers in only the next SSLV2 record.
- *
- * Called from ssl_Do1stHandshake() via function pointer ss->handshake.
- * Caller must hold handshake lock.
- * This function acquires and releases the RecvBufLock.
- *
- * returns SECSuccess for success.
- * returns SECWouldBlock when that value is returned by ssl2_GatherRecord() or
- * ssl3_GatherCompleteHandshake().
- * returns SECFailure on all other errors.
- *
- * The gather functions called by ssl_GatherRecord1stHandshake are expected
- * to return values interpreted as follows:
- * 1 : the function completed without error.
- * 0 : the function read EOF.
- * -1 : read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * -2 : the function wants ssl_GatherRecord1stHandshake to be called again
- * immediately, by ssl_Do1stHandshake.
- *
- * This code is similar to, and easily confused with, DoRecv() in sslsecur.c
- *
- * This function is called from ssl_Do1stHandshake().
- * The following functions put ssl_GatherRecord1stHandshake into ss->handshake:
- * ssl2_HandleMessage
- * ssl2_HandleVerifyMessage
- * ssl2_HandleServerHelloMessage
- * ssl2_BeginClientHandshake
- * ssl2_HandleClientSessionKeyMessage
- * ssl2_RestartHandshakeAfterCertReq
- * ssl3_RestartHandshakeAfterCertReq
- * ssl2_RestartHandshakeAfterServerCert
- * ssl3_RestartHandshakeAfterServerCert
- * ssl2_HandleClientHelloMessage
- * ssl2_BeginServerHandshake
- */
-SECStatus
-ssl_GatherRecord1stHandshake(sslSocket *ss)
-{
- int rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetRecvBufLock(ss);
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- /* Wait for handshake to complete, or application data to arrive. */
- rv = ssl3_GatherCompleteHandshake(ss, 0);
- } else {
- /* See if we have a complete record */
- rv = ssl2_GatherRecord(ss, 0);
- }
- SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d",
- SSL_GETPID(), ss->fd, rv));
-
- ssl_ReleaseRecvBufLock(ss);
-
- if (rv <= 0) {
- if (rv == SECWouldBlock) {
- /* Progress is blocked waiting for callback completion. */
- SSL_TRC(10, ("%d: SSL[%d]: handshake blocked (need %d)",
- SSL_GETPID(), ss->fd, ss->gs.remainder));
- return SECWouldBlock;
- }
- if (rv == 0) {
- /* EOF. Loser */
- PORT_SetError(PR_END_OF_FILE_ERROR);
- }
- return SECFailure; /* rv is < 0 here. */
- }
-
- SSL_TRC(10, ("%d: SSL[%d]: got handshake record of %d bytes",
- SSL_GETPID(), ss->fd, ss->gs.recordLen));
-
- ss->handshake = 0; /* makes ssl_Do1stHandshake call ss->nextHandshake.*/
- return SECSuccess;
-}
-
-/************************************************************************/
-
-/* Called from ssl2_ServerSetupSessionCypher()
- * ssl2_ClientSetupSessionCypher()
- */
-static SECStatus
-ssl2_FillInSID(sslSessionID * sid,
- int cipher,
- PRUint8 *keyData,
- int keyLen,
- PRUint8 *ca,
- int caLen,
- int keyBits,
- int secretKeyBits,
- SSLSignType authAlgorithm,
- PRUint32 authKeyBits,
- SSLKEAType keaType,
- PRUint32 keaKeyBits)
-{
- PORT_Assert(sid->references == 1);
- PORT_Assert(sid->cached == never_cached);
- PORT_Assert(sid->u.ssl2.masterKey.data == 0);
- PORT_Assert(sid->u.ssl2.cipherArg.data == 0);
-
- sid->version = SSL_LIBRARY_VERSION_2;
-
- sid->u.ssl2.cipherType = cipher;
- sid->u.ssl2.masterKey.data = (PRUint8*) PORT_Alloc(keyLen);
- if (!sid->u.ssl2.masterKey.data) {
- return SECFailure;
- }
- PORT_Memcpy(sid->u.ssl2.masterKey.data, keyData, keyLen);
- sid->u.ssl2.masterKey.len = keyLen;
- sid->u.ssl2.keyBits = keyBits;
- sid->u.ssl2.secretKeyBits = secretKeyBits;
- sid->authAlgorithm = authAlgorithm;
- sid->authKeyBits = authKeyBits;
- sid->keaType = keaType;
- sid->keaKeyBits = keaKeyBits;
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- sid->expirationTime = sid->creationTime + ssl_sid_timeout;
-
- if (caLen) {
- sid->u.ssl2.cipherArg.data = (PRUint8*) PORT_Alloc(caLen);
- if (!sid->u.ssl2.cipherArg.data) {
- return SECFailure;
- }
- sid->u.ssl2.cipherArg.len = caLen;
- PORT_Memcpy(sid->u.ssl2.cipherArg.data, ca, caLen);
- }
- return SECSuccess;
-}
-
-/*
-** Construct session keys given the masterKey (tied to the session-id),
-** the client's challenge and the server's nonce.
-**
-** Called from ssl2_CreateSessionCypher() <-
-*/
-static SECStatus
-ssl2_ProduceKeys(sslSocket * ss,
- SECItem * readKey,
- SECItem * writeKey,
- SECItem * masterKey,
- PRUint8 * challenge,
- PRUint8 * nonce,
- int cipherType)
-{
- PK11Context * cx = 0;
- unsigned nkm = 0; /* number of hashes to generate key mat. */
- unsigned nkd = 0; /* size of readKey and writeKey. */
- unsigned part;
- unsigned i;
- unsigned off;
- SECStatus rv;
- PRUint8 countChar;
- PRUint8 km[3*16]; /* buffer for key material. */
-
- readKey->data = 0;
- writeKey->data = 0;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- rv = SECSuccess;
- cx = PK11_CreateDigestContext(SEC_OID_MD5);
- if (cx == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return SECFailure;
- }
-
- nkm = ssl_Specs[cipherType].nkm;
- nkd = ssl_Specs[cipherType].nkd;
-
- readKey->data = (PRUint8*) PORT_Alloc(nkd);
- if (!readKey->data)
- goto loser;
- readKey->len = nkd;
-
- writeKey->data = (PRUint8*) PORT_Alloc(nkd);
- if (!writeKey->data)
- goto loser;
- writeKey->len = nkd;
-
- /* Produce key material */
- countChar = '0';
- for (i = 0, off = 0; i < nkm; i++, off += 16) {
- rv = PK11_DigestBegin(cx);
- rv |= PK11_DigestOp(cx, masterKey->data, masterKey->len);
- rv |= PK11_DigestOp(cx, &countChar, 1);
- rv |= PK11_DigestOp(cx, challenge, SSL_CHALLENGE_BYTES);
- rv |= PK11_DigestOp(cx, nonce, SSL_CONNECTIONID_BYTES);
- rv |= PK11_DigestFinal(cx, km+off, &part, MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
- countChar++;
- }
-
- /* Produce keys */
- PORT_Memcpy(readKey->data, km, nkd);
- PORT_Memcpy(writeKey->data, km + nkd, nkd);
-
-loser:
- PK11_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-/* Called from ssl2_ServerSetupSessionCypher()
-** <- ssl2_HandleClientSessionKeyMessage()
-** <- ssl2_HandleClientHelloMessage()
-** and from ssl2_ClientSetupSessionCypher()
-** <- ssl2_HandleServerHelloMessage()
-*/
-static SECStatus
-ssl2_CreateSessionCypher(sslSocket *ss, sslSessionID *sid, PRBool isClient)
-{
- SECItem * rk = NULL;
- SECItem * wk = NULL;
- SECItem * param;
- SECStatus rv;
- int cipherType = sid->u.ssl2.cipherType;
- PK11SlotInfo * slot = NULL;
- CK_MECHANISM_TYPE mechanism;
- SECItem readKey;
- SECItem writeKey;
-
- void *readcx = 0;
- void *writecx = 0;
- readKey.data = 0;
- writeKey.data = 0;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- if((ss->sec.ci.sid == 0))
- goto sec_loser; /* don't crash if asserts are off */
-
- /* Trying to cut down on all these switch statements that should be tables.
- * So, test cipherType once, here, and then use tables below.
- */
- switch (cipherType) {
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC4_128_WITH_MD5:
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_WITH_MD5:
- case SSL_CK_DES_64_CBC_WITH_MD5:
- case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
- break;
-
- default:
- SSL_DBG(("%d: SSL[%d]: ssl2_CreateSessionCypher: unknown cipher=%d",
- SSL_GETPID(), ss->fd, cipherType));
- PORT_SetError(isClient ? SSL_ERROR_BAD_SERVER : SSL_ERROR_BAD_CLIENT);
- goto sec_loser;
- }
-
- rk = isClient ? &readKey : &writeKey;
- wk = isClient ? &writeKey : &readKey;
-
- /* Produce the keys for this session */
- rv = ssl2_ProduceKeys(ss, &readKey, &writeKey, &sid->u.ssl2.masterKey,
- ss->sec.ci.clientChallenge, ss->sec.ci.connectionID,
- cipherType);
- if (rv != SECSuccess)
- goto loser;
- PRINT_BUF(7, (ss, "Session read-key: ", rk->data, rk->len));
- PRINT_BUF(7, (ss, "Session write-key: ", wk->data, wk->len));
-
- PORT_Memcpy(ss->sec.ci.readKey, readKey.data, readKey.len);
- PORT_Memcpy(ss->sec.ci.writeKey, writeKey.data, writeKey.len);
- ss->sec.ci.keySize = readKey.len;
-
- /* Setup the MAC */
- rv = ssl2_CreateMAC(&ss->sec, rk, wk, cipherType);
- if (rv != SECSuccess)
- goto loser;
-
- /* First create the session key object */
- SSL_TRC(3, ("%d: SSL[%d]: using %s", SSL_GETPID(), ss->fd,
- ssl_cipherName[cipherType]));
-
-
- mechanism = ssl_Specs[cipherType].mechanism;
-
- /* set destructer before we call loser... */
- ss->sec.destroy = (void (*)(void*, PRBool)) PK11_DestroyContext;
- slot = PK11_GetBestSlot(mechanism, ss->pkcs11PinArg);
- if (slot == NULL)
- goto loser;
-
- param = PK11_ParamFromIV(mechanism, &sid->u.ssl2.cipherArg);
- if (param == NULL)
- goto loser;
- readcx = PK11_CreateContextByRawKey(slot, mechanism, PK11_OriginUnwrap,
- CKA_DECRYPT, rk, param,
- ss->pkcs11PinArg);
- SECITEM_FreeItem(param, PR_TRUE);
- if (readcx == NULL)
- goto loser;
-
- /* build the client context */
- param = PK11_ParamFromIV(mechanism, &sid->u.ssl2.cipherArg);
- if (param == NULL)
- goto loser;
- writecx = PK11_CreateContextByRawKey(slot, mechanism, PK11_OriginUnwrap,
- CKA_ENCRYPT, wk, param,
- ss->pkcs11PinArg);
- SECITEM_FreeItem(param,PR_TRUE);
- if (writecx == NULL)
- goto loser;
- PK11_FreeSlot(slot);
-
- rv = SECSuccess;
- ss->sec.enc = (SSLCipher) PK11_CipherOp;
- ss->sec.dec = (SSLCipher) PK11_CipherOp;
- ss->sec.readcx = (void *) readcx;
- ss->sec.writecx = (void *) writecx;
- ss->sec.blockSize = ssl_Specs[cipherType].blockSize;
- ss->sec.blockShift = ssl_Specs[cipherType].blockShift;
- ss->sec.cipherType = sid->u.ssl2.cipherType;
- ss->sec.keyBits = sid->u.ssl2.keyBits;
- ss->sec.secretKeyBits = sid->u.ssl2.secretKeyBits;
- goto done;
-
- loser:
- if (ss->sec.destroy) {
- if (readcx) (*ss->sec.destroy)(readcx, PR_TRUE);
- if (writecx) (*ss->sec.destroy)(writecx, PR_TRUE);
- }
- ss->sec.destroy = NULL;
- if (slot) PK11_FreeSlot(slot);
-
- sec_loser:
- rv = SECFailure;
-
- done:
- if (rk) {
- SECITEM_ZfreeItem(rk, PR_FALSE);
- }
- if (wk) {
- SECITEM_ZfreeItem(wk, PR_FALSE);
- }
- return rv;
-}
-
-/*
-** Setup the server ciphers given information from a CLIENT-MASTER-KEY
-** message.
-** "ss" pointer to the ssl-socket object
-** "cipher" the cipher type to use
-** "keyBits" the size of the final cipher key
-** "ck" the clear-key data
-** "ckLen" the number of bytes of clear-key data
-** "ek" the encrypted-key data
-** "ekLen" the number of bytes of encrypted-key data
-** "ca" the cipher-arg data
-** "caLen" the number of bytes of cipher-arg data
-**
-** The MASTER-KEY is constructed by first decrypting the encrypted-key
-** data. This produces the SECRET-KEY-DATA. The MASTER-KEY is composed by
-** concatenating the clear-key data with the SECRET-KEY-DATA. This code
-** checks to make sure that the client didn't send us an improper amount
-** of SECRET-KEY-DATA (it restricts the length of that data to match the
-** spec).
-**
-** Called from ssl2_HandleClientSessionKeyMessage().
-*/
-static SECStatus
-ssl2_ServerSetupSessionCypher(sslSocket *ss, int cipher, unsigned int keyBits,
- PRUint8 *ck, unsigned int ckLen,
- PRUint8 *ek, unsigned int ekLen,
- PRUint8 *ca, unsigned int caLen)
-{
- PRUint8 *kk = NULL;
- sslSessionID * sid;
- PRUint8 * kbuf = 0; /* buffer for RSA decrypted data. */
- unsigned int el1; /* length of RSA decrypted data in kbuf */
- unsigned int keySize;
- unsigned int modulusLen;
- SECStatus rv;
- PRUint8 mkbuf[SSL_MAX_MASTER_KEY_BYTES];
- sslServerCerts * sc = ss->serverCerts + kt_rsa;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert((sc->serverKey != 0));
- PORT_Assert((ss->sec.ci.sid != 0));
- sid = ss->sec.ci.sid;
-
- keySize = (keyBits + 7) >> 3;
- /* Is the message just way too big? */
- if (keySize > SSL_MAX_MASTER_KEY_BYTES) {
- /* bummer */
- SSL_DBG(("%d: SSL[%d]: keySize=%d ckLen=%d max session key size=%d",
- SSL_GETPID(), ss->fd, keySize, ckLen,
- SSL_MAX_MASTER_KEY_BYTES));
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
-
- /* Trying to cut down on all these switch statements that should be tables.
- * So, test cipherType once, here, and then use tables below.
- */
- switch (cipher) {
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC4_128_WITH_MD5:
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_WITH_MD5:
- case SSL_CK_DES_64_CBC_WITH_MD5:
- case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
- break;
-
- default:
- SSL_DBG(("%d: SSL[%d]: ssl2_ServerSetupSessionCypher: unknown cipher=%d",
- SSL_GETPID(), ss->fd, cipher));
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
- /* For export ciphers, make sure they didn't send too much key data. */
- if (ckLen != ssl_Specs[cipher].pubLen) {
- SSL_DBG(("%d: SSL[%d]: odd secret key size, keySize=%d ckLen=%d!",
- SSL_GETPID(), ss->fd, keySize, ckLen));
- /* Somebody tried to sneak by a strange secret key */
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
- /* allocate the buffer to hold the decrypted portion of the key. */
- /* XXX Haven't done any range check on ekLen. */
- kbuf = (PRUint8*) PORT_Alloc(ekLen);
- if (!kbuf) {
- goto loser;
- }
-
- /*
- ** Decrypt encrypted half of the key. Note that encrypted half has
- ** been made to match the modulus size of our public key using
- ** PKCS#1. keySize is the real size of the data that is interesting.
- ** NOTE: PK11_PubDecryptRaw will barf on a non-RSA key. This is
- ** desired behavior here.
- */
- rv = PK11_PubDecryptRaw(sc->serverKey, kbuf, &el1, ekLen, ek, ekLen);
- if (rv != SECSuccess)
- goto hide_loser;
-
- modulusLen = PK11_GetPrivateModulusLen(sc->serverKey);
- if (modulusLen == -1) {
- /* If the key was really bad, then PK11_pubDecryptRaw
- * would have failed, therefore the we must assume that the card
- * is just being a pain and not giving us the modulus... but it
- * should be the same size as the encrypted key length, so use it
- * and keep cranking */
- modulusLen = ekLen;
- }
- /* Is the length of the decrypted data (el1) the expected value? */
- if (modulusLen != el1)
- goto hide_loser;
-
- /* Cheaply verify that PKCS#1 was used to format the encryption block */
- kk = kbuf + modulusLen - (keySize - ckLen);
- if ((kbuf[0] != 0x00) || (kbuf[1] != 0x02) || (kk[-1] != 0x00)) {
- /* Tsk tsk. */
- SSL_DBG(("%d: SSL[%d]: strange encryption block",
- SSL_GETPID(), ss->fd));
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto hide_loser;
- }
-
- /* Make sure we're not subject to a version rollback attack. */
- if (ss->enableSSL3 || ss->enableTLS) {
- PRUint8 threes[8] = { 0x03, 0x03, 0x03, 0x03,
- 0x03, 0x03, 0x03, 0x03 };
-
- if (PORT_Memcmp(kk - 8 - 1, threes, 8) == 0) {
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto hide_loser;
- }
- }
- if (0) {
-hide_loser:
- /* Defense against the Bleichenbacher attack.
- * Provide the client with NO CLUES that the decrypted master key
- * was erroneous. Don't send any error messages.
- * Instead, Generate a completely bogus master key .
- */
- PK11_GenerateRandom(kbuf, ekLen);
- if (!kk) {
- kk = kbuf + ekLen - (keySize-ckLen);
- }
- }
-
- /*
- ** Construct master key out of the pieces.
- */
- if (ckLen) {
- PORT_Memcpy(mkbuf, ck, ckLen);
- }
- PORT_Memcpy(mkbuf+ckLen, kk, keySize-ckLen);
-
- /* Fill in session-id */
- rv = ssl2_FillInSID(sid, cipher, mkbuf, keySize, ca, caLen,
- keyBits, keyBits - (ckLen<<3),
- ss->sec.authAlgorithm, ss->sec.authKeyBits,
- ss->sec.keaType, ss->sec.keaKeyBits);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* Create session ciphers */
- rv = ssl2_CreateSessionCypher(ss, sid, PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SSL_TRC(1, ("%d: SSL[%d]: server, using %s cipher, clear=%d total=%d",
- SSL_GETPID(), ss->fd, ssl_cipherName[cipher],
- ckLen<<3, keySize<<3));
- rv = SECSuccess;
- goto done;
-
- loser:
- rv = SECFailure;
-
- done:
- PORT_Free(kbuf);
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Rewrite the incoming cipher specs, comparing to list of specs we support,
-** (ss->cipherSpecs) and eliminating anything we don't support
-**
-* Note: Our list may contain SSL v3 ciphers.
-* We MUST NOT match on any of those.
-* Fortunately, this is easy to detect because SSLv3 ciphers have zero
-* in the first byte, and none of the SSLv2 ciphers do.
-*
-* Called from ssl2_HandleClientHelloMessage().
-*/
-static int
-ssl2_QualifyCypherSpecs(sslSocket *ss,
- PRUint8 * cs, /* cipher specs in client hello msg. */
- int csLen)
-{
- PRUint8 * ms;
- PRUint8 * hs;
- PRUint8 * qs;
- int mc;
- int hc;
- PRUint8 qualifiedSpecs[ssl2_NUM_SUITES_IMPLEMENTED * 3];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (!ss->cipherSpecs) {
- ssl2_ConstructCipherSpecs(ss);
- }
-
- PRINT_BUF(10, (ss, "specs from client:", cs, csLen));
- qs = qualifiedSpecs;
- ms = ss->cipherSpecs;
- for (mc = ss->sizeCipherSpecs; mc > 0; mc -= 3, ms += 3) {
- if (ms[0] == 0)
- continue;
- for (hs = cs, hc = csLen; hc > 0; hs += 3, hc -= 3) {
- if ((hs[0] == ms[0]) &&
- (hs[1] == ms[1]) &&
- (hs[2] == ms[2])) {
- /* Copy this cipher spec into the "keep" section */
- qs[0] = hs[0];
- qs[1] = hs[1];
- qs[2] = hs[2];
- qs += 3;
- break;
- }
- }
- }
- hc = qs - qualifiedSpecs;
- PRINT_BUF(10, (ss, "qualified specs from client:", qualifiedSpecs, hc));
- PORT_Memcpy(cs, qualifiedSpecs, hc);
- return hc;
-}
-
-/*
-** Pick the best cipher we can find, given the array of server cipher
-** specs. Returns cipher number (e.g. SSL_CK_*), or -1 for no overlap.
-** If succesful, stores the master key size (bytes) in *pKeyLen.
-**
-** This is correct only for the client side, but presently
-** this function is only called from
-** ssl2_ClientSetupSessionCypher() <- ssl2_HandleServerHelloMessage()
-**
-** Note that most servers only return a single cipher suite in their
-** ServerHello messages. So, the code below for finding the "best" cipher
-** suite usually has only one choice. The client and server should send
-** their cipher suite lists sorted in descending order by preference.
-*/
-static int
-ssl2_ChooseSessionCypher(sslSocket *ss,
- int hc, /* number of cs's in hs. */
- PRUint8 * hs, /* server hello's cipher suites. */
- int * pKeyLen) /* out: sym key size in bytes. */
-{
- PRUint8 * ms;
- unsigned int i;
- int bestKeySize;
- int bestRealKeySize;
- int bestCypher;
- int keySize;
- int realKeySize;
- PRUint8 * ohs = hs;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (!ss->cipherSpecs) {
- ssl2_ConstructCipherSpecs(ss);
- }
-
- if (!ss->preferredCipher) {
- const PRUint8 * preferred = implementedCipherSuites;
- unsigned int allowed = ss->allowedByPolicy & ss->chosenPreference &
- SSL_CB_IMPLEMENTED;
- if (allowed) {
- for (i = ssl2_NUM_SUITES_IMPLEMENTED; i > 0; --i) {
- if (0 != (allowed & (1U << preferred[0]))) {
- ss->preferredCipher = preferred;
- break;
- }
- preferred += 3;
- }
- }
- }
- /*
- ** Scan list of ciphers recieved from peer and look for a match in
- ** our list.
- * Note: Our list may contain SSL v3 ciphers.
- * We MUST NOT match on any of those.
- * Fortunately, this is easy to detect because SSLv3 ciphers have zero
- * in the first byte, and none of the SSLv2 ciphers do.
- */
- bestKeySize = bestRealKeySize = 0;
- bestCypher = -1;
- while (--hc >= 0) {
- for (i = 0, ms = ss->cipherSpecs; i < ss->sizeCipherSpecs; i += 3, ms += 3) {
- if ((hs[0] == ss->preferredCipher[0]) &&
- (hs[1] == ss->preferredCipher[1]) &&
- (hs[2] == ss->preferredCipher[2]) &&
- hs[0] != 0) {
- /* Pick this cipher immediately! */
- *pKeyLen = (((hs[1] << 8) | hs[2]) + 7) >> 3;
- return hs[0];
- }
- if ((hs[0] == ms[0]) && (hs[1] == ms[1]) && (hs[2] == ms[2]) &&
- hs[0] != 0) {
- /* Found a match */
-
- /* Use secret keySize to determine which cipher is best */
- realKeySize = (hs[1] << 8) | hs[2];
- switch (hs[0]) {
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- keySize = 40;
- break;
- default:
- keySize = realKeySize;
- break;
- }
- if (keySize > bestKeySize) {
- bestCypher = hs[0];
- bestKeySize = keySize;
- bestRealKeySize = realKeySize;
- }
- }
- }
- hs += 3;
- }
- if (bestCypher < 0) {
- /*
- ** No overlap between server and client. Re-examine server list
- ** to see what kind of ciphers it does support so that we can set
- ** the error code appropriately.
- */
- if ((ohs[0] == SSL_CK_RC4_128_WITH_MD5) ||
- (ohs[0] == SSL_CK_RC2_128_CBC_WITH_MD5)) {
- PORT_SetError(SSL_ERROR_US_ONLY_SERVER);
- } else if ((ohs[0] == SSL_CK_RC4_128_EXPORT40_WITH_MD5) ||
- (ohs[0] == SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5)) {
- PORT_SetError(SSL_ERROR_EXPORT_ONLY_SERVER);
- } else {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- }
- SSL_DBG(("%d: SSL[%d]: no cipher overlap", SSL_GETPID(), ss->fd));
- goto loser;
- }
- *pKeyLen = (bestRealKeySize + 7) >> 3;
- return bestCypher;
-
- loser:
- return -1;
-}
-
-static SECStatus
-ssl2_ClientHandleServerCert(sslSocket *ss, PRUint8 *certData, int certLen)
-{
- CERTCertificate *cert = NULL;
- SECItem certItem;
-
- certItem.data = certData;
- certItem.len = certLen;
-
- /* decode the certificate */
- cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
-
- if (cert == NULL) {
- SSL_DBG(("%d: SSL[%d]: decode of server certificate fails",
- SSL_GETPID(), ss->fd));
- PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
- return SECFailure;
- }
-
-#ifdef TRACE
- {
- if (ssl_trace >= 1) {
- char *issuer;
- char *subject;
- issuer = CERT_NameToAscii(&cert->issuer);
- subject = CERT_NameToAscii(&cert->subject);
- SSL_TRC(1,("%d: server certificate issuer: '%s'",
- SSL_GETPID(), issuer ? issuer : "OOPS"));
- SSL_TRC(1,("%d: server name: '%s'",
- SSL_GETPID(), subject ? subject : "OOPS"));
- PORT_Free(issuer);
- PORT_Free(subject);
- }
- }
-#endif
-
- ss->sec.peerCert = cert;
- return SECSuccess;
-}
-
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1. SSL2 does this itself to handle the
- * rollback detection.
- */
-#define RSA_BLOCK_MIN_PAD_LEN 8
-#define RSA_BLOCK_FIRST_OCTET 0x00
-#define RSA_BLOCK_AFTER_PAD_OCTET 0x00
-#define RSA_BLOCK_PUBLIC_OCTET 0x02
-unsigned char *
-ssl_FormatSSL2Block(unsigned modulusLen, SECItem *data)
-{
- unsigned char *block;
- unsigned char *bp;
- int padLen;
- SECStatus rv;
- int i;
-
- PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
- block = (unsigned char *) PORT_Alloc(modulusLen);
- if (block == NULL)
- return NULL;
-
- bp = block;
-
- /*
- * All RSA blocks start with two octets:
- * 0x00 || BlockType
- */
- *bp++ = RSA_BLOCK_FIRST_OCTET;
- *bp++ = RSA_BLOCK_PUBLIC_OCTET;
-
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
- * Pad is all non-zero random bytes.
- */
- padLen = modulusLen - data->len - 3;
- PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
- rv = PK11_GenerateRandom(bp, padLen);
- if (rv == SECFailure) goto loser;
- /* replace all the 'zero' bytes */
- for (i = 0; i < padLen; i++) {
- while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET) {
- rv = PK11_GenerateRandom(bp+i, 1);
- if (rv == SECFailure) goto loser;
- }
- }
- bp += padLen;
- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
- PORT_Memcpy (bp, data->data, data->len);
-
- return block;
-loser:
- if (block) PORT_Free(block);
- return NULL;
-}
-
-/*
-** Given the server's public key and cipher specs, generate a session key
-** that is ready to use for encrypting/decrypting the byte stream. At
-** the same time, generate the SSL_MT_CLIENT_MASTER_KEY message and
-** send it to the server.
-**
-** Called from ssl2_HandleServerHelloMessage()
-*/
-static SECStatus
-ssl2_ClientSetupSessionCypher(sslSocket *ss, PRUint8 *cs, int csLen)
-{
- sslSessionID * sid;
- PRUint8 * ca; /* points to iv data, or NULL if none. */
- PRUint8 * ekbuf = 0;
- CERTCertificate * cert = 0;
- SECKEYPublicKey * serverKey = 0;
- unsigned modulusLen = 0;
- SECStatus rv;
- int cipher;
- int keyLen; /* cipher symkey size in bytes. */
- int ckLen; /* publicly reveal this many bytes of key. */
- int caLen; /* length of IV data at *ca. */
- int nc;
-
- unsigned char *eblock; /* holds unencrypted PKCS#1 formatted key. */
- SECItem rek; /* holds portion of symkey to be encrypted. */
-
- PRUint8 keyData[SSL_MAX_MASTER_KEY_BYTES];
- PRUint8 iv [8];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- eblock = NULL;
-
- sid = ss->sec.ci.sid;
- PORT_Assert(sid != 0);
-
- cert = ss->sec.peerCert;
-
- serverKey = CERT_ExtractPublicKey(cert);
- if (!serverKey) {
- SSL_DBG(("%d: SSL[%d]: extract public key failed: error=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
- rv = SECFailure;
- goto loser2;
- }
-
- ss->sec.authAlgorithm = ssl_sign_rsa;
- ss->sec.keaType = ssl_kea_rsa;
- ss->sec.keaKeyBits = \
- ss->sec.authKeyBits = SECKEY_PublicKeyStrengthInBits(serverKey);
-
- /* Choose a compatible cipher with the server */
- nc = csLen / 3;
- cipher = ssl2_ChooseSessionCypher(ss, nc, cs, &keyLen);
- if (cipher < 0) {
- /* ssl2_ChooseSessionCypher has set error code. */
- ssl2_SendErrorMessage(ss, SSL_PE_NO_CYPHERS);
- goto loser;
- }
-
- /* Generate the random keys */
- PK11_GenerateRandom(keyData, sizeof(keyData));
-
- /*
- ** Next, carve up the keys into clear and encrypted portions. The
- ** clear data is taken from the start of keyData and the encrypted
- ** portion from the remainder. Note that each of these portions is
- ** carved in half, one half for the read-key and one for the
- ** write-key.
- */
- ca = 0;
-
- /* We know that cipher is a legit value here, because
- * ssl2_ChooseSessionCypher doesn't return bogus values.
- */
- ckLen = ssl_Specs[cipher].pubLen; /* cleartext key length. */
- caLen = ssl_Specs[cipher].ivLen; /* IV length. */
- if (caLen) {
- PORT_Assert(sizeof iv >= caLen);
- PK11_GenerateRandom(iv, caLen);
- ca = iv;
- }
-
- /* Fill in session-id */
- rv = ssl2_FillInSID(sid, cipher, keyData, keyLen,
- ca, caLen, keyLen << 3, (keyLen - ckLen) << 3,
- ss->sec.authAlgorithm, ss->sec.authKeyBits,
- ss->sec.keaType, ss->sec.keaKeyBits);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SSL_TRC(1, ("%d: SSL[%d]: client, using %s cipher, clear=%d total=%d",
- SSL_GETPID(), ss->fd, ssl_cipherName[cipher],
- ckLen<<3, keyLen<<3));
-
- /* Now setup read and write ciphers */
- rv = ssl2_CreateSessionCypher(ss, sid, PR_TRUE);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /*
- ** Fill in the encryption buffer with some random bytes. Then
- ** copy in the portion of the session key we are encrypting.
- */
- modulusLen = SECKEY_PublicKeyStrength(serverKey);
- rek.data = keyData + ckLen;
- rek.len = keyLen - ckLen;
- eblock = ssl_FormatSSL2Block(modulusLen, &rek);
- if (eblock == NULL)
- goto loser;
-
- /* Set up the padding for version 2 rollback detection. */
- /* XXX We should really use defines here */
- if (ss->enableSSL3 || ss->enableTLS) {
- PORT_Assert((modulusLen - rek.len) > 12);
- PORT_Memset(eblock + modulusLen - rek.len - 8 - 1, 0x03, 8);
- }
- ekbuf = (PRUint8*) PORT_Alloc(modulusLen);
- if (!ekbuf)
- goto loser;
- PRINT_BUF(10, (ss, "master key encryption block:",
- eblock, modulusLen));
-
- /* Encrypt ekitem */
- rv = PK11_PubEncryptRaw(serverKey, ekbuf, eblock, modulusLen,
- ss->pkcs11PinArg);
- if (rv)
- goto loser;
-
- /* Now we have everything ready to send */
- rv = ssl2_SendSessionKeyMessage(ss, cipher, keyLen << 3, ca, caLen,
- keyData, ckLen, ekbuf, modulusLen);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECSuccess;
- goto done;
-
- loser:
- rv = SECFailure;
-
- loser2:
- done:
- PORT_Memset(keyData, 0, sizeof(keyData));
- PORT_ZFree(ekbuf, modulusLen);
- PORT_ZFree(eblock, modulusLen);
- SECKEY_DestroyPublicKey(serverKey);
- return rv;
-}
-
-/************************************************************************/
-
-/*
- * Called from ssl2_HandleMessage in response to SSL_MT_SERVER_FINISHED message.
- * Caller holds recvBufLock and handshakeLock
- */
-static void
-ssl2_ClientRegSessionID(sslSocket *ss, PRUint8 *s)
-{
- sslSessionID *sid = ss->sec.ci.sid;
-
- /* Record entry in nonce cache */
- if (sid->peerCert == NULL) {
- PORT_Memcpy(sid->u.ssl2.sessionID, s, sizeof(sid->u.ssl2.sessionID));
- sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-
- }
- if (!ss->noCache)
- (*ss->sec.cache)(sid);
-}
-
-/* Called from ssl2_HandleMessage() */
-static SECStatus
-ssl2_TriggerNextMessage(sslSocket *ss)
-{
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- if ((ss->sec.ci.requiredElements & CIS_HAVE_CERTIFICATE) &&
- !(ss->sec.ci.sentElements & CIS_HAVE_CERTIFICATE)) {
- ss->sec.ci.sentElements |= CIS_HAVE_CERTIFICATE;
- rv = ssl2_SendCertificateRequestMessage(ss);
- return rv;
- }
- return SECSuccess;
-}
-
-/* See if it's time to send our finished message, or if the handshakes are
-** complete. Send finished message if appropriate.
-** Returns SECSuccess unless anything goes wrong.
-**
-** Called from ssl2_HandleMessage,
-** ssl2_HandleVerifyMessage
-** ssl2_HandleServerHelloMessage
-** ssl2_HandleClientSessionKeyMessage
-** ssl2_RestartHandshakeAfterCertReq
-** ssl2_RestartHandshakeAfterServerCert
-*/
-static SECStatus
-ssl2_TryToFinish(sslSocket *ss)
-{
- SECStatus rv;
- char e, ef;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- e = ss->sec.ci.elements;
- ef = e | CIS_HAVE_FINISHED;
- if ((ef & ss->sec.ci.requiredElements) == ss->sec.ci.requiredElements) {
- if (ss->sec.isServer) {
- /* Send server finished message if we already didn't */
- rv = ssl2_SendServerFinishedMessage(ss);
- } else {
- /* Send client finished message if we already didn't */
- rv = ssl2_SendClientFinishedMessage(ss);
- }
- if (rv != SECSuccess) {
- return rv;
- }
- if ((e & ss->sec.ci.requiredElements) == ss->sec.ci.requiredElements) {
- /* Totally finished */
- ss->handshake = 0;
- return SECSuccess;
- }
- }
- return SECSuccess;
-}
-
-/*
-** Called from ssl2_HandleRequestCertificate
-** ssl2_RestartHandshakeAfterCertReq
-*/
-static SECStatus
-ssl2_SignResponse(sslSocket *ss,
- SECKEYPrivateKey *key,
- SECItem *response)
-{
- SGNContext * sgn = NULL;
- PRUint8 * challenge;
- unsigned int len;
- SECStatus rv = SECFailure;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- challenge = ss->sec.ci.serverChallenge;
- len = ss->sec.ci.serverChallengeLen;
-
- /* Sign the expected data... */
- sgn = SGN_NewContext(SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,key);
- if (!sgn)
- goto done;
- rv = SGN_Begin(sgn);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, ss->sec.ci.readKey, ss->sec.ci.keySize);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, ss->sec.ci.writeKey, ss->sec.ci.keySize);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, challenge, len);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, ss->sec.peerCert->derCert.data,
- ss->sec.peerCert->derCert.len);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_End(sgn, response);
- if (rv != SECSuccess)
- goto done;
-
-done:
- SGN_DestroyContext(sgn, PR_TRUE);
- return rv == SECSuccess ? SECSuccess : SECFailure;
-}
-
-/*
-** Try to handle a request-certificate message. Get client's certificate
-** and private key and sign a message for the server to see.
-** Caller must hold handshakeLock
-**
-** Called from ssl2_HandleMessage().
-*/
-static int
-ssl2_HandleRequestCertificate(sslSocket *ss)
-{
- CERTCertificate * cert = NULL; /* app-selected client cert. */
- SECKEYPrivateKey *key = NULL; /* priv key for cert. */
- SECStatus rv;
- SECItem response;
- int ret = 0;
- PRUint8 authType;
-
-
- /*
- * These things all need to be initialized before we can "goto loser".
- */
- response.data = NULL;
-
- /* get challenge info from connectionInfo */
- authType = ss->sec.ci.authType;
-
- if (authType != SSL_AT_MD5_WITH_RSA_ENCRYPTION) {
- SSL_TRC(7, ("%d: SSL[%d]: unsupported auth type 0x%x", SSL_GETPID(),
- ss->fd, authType));
- goto no_cert_error;
- }
-
- /* Get certificate and private-key from client */
- if (!ss->getClientAuthData) {
- SSL_TRC(7, ("%d: SSL[%d]: client doesn't support client-auth",
- SSL_GETPID(), ss->fd));
- goto no_cert_error;
- }
- ret = (*ss->getClientAuthData)(ss->getClientAuthDataArg, ss->fd,
- NULL, &cert, &key);
- if ( ret == SECWouldBlock ) {
- ssl_SetAlwaysBlock(ss);
- goto done;
- }
-
- if (ret) {
- goto no_cert_error;
- }
-
- /* check what the callback function returned */
- if ((!cert) || (!key)) {
- /* we are missing either the key or cert */
- if (cert) {
- /* got a cert, but no key - free it */
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- if (key) {
- /* got a key, but no cert - free it */
- SECKEY_DestroyPrivateKey(key);
- key = NULL;
- }
- goto no_cert_error;
- }
-
- rv = ssl2_SignResponse(ss, key, &response);
- if ( rv != SECSuccess ) {
- ret = -1;
- goto loser;
- }
-
- /* Send response message */
- ret = ssl2_SendCertificateResponseMessage(ss, &cert->derCert, &response);
-
- /* Now, remember the cert we sent. But first, forget any previous one. */
- if (ss->sec.localCert) {
- CERT_DestroyCertificate(ss->sec.localCert);
- }
- ss->sec.localCert = CERT_DupCertificate(cert);
- PORT_Assert(!ss->sec.ci.sid->localCert);
- if (ss->sec.ci.sid->localCert) {
- CERT_DestroyCertificate(ss->sec.ci.sid->localCert);
- }
- ss->sec.ci.sid->localCert = cert;
- cert = NULL;
-
- goto done;
-
- no_cert_error:
- SSL_TRC(7, ("%d: SSL[%d]: no certificate (ret=%d)", SSL_GETPID(),
- ss->fd, ret));
- ret = ssl2_SendErrorMessage(ss, SSL_PE_NO_CERTIFICATE);
-
- loser:
- done:
- if ( cert ) {
- CERT_DestroyCertificate(cert);
- }
- if ( key ) {
- SECKEY_DestroyPrivateKey(key);
- }
- if ( response.data ) {
- PORT_Free(response.data);
- }
-
- return ret;
-}
-
-/*
-** Called from ssl2_HandleMessage for SSL_MT_CLIENT_CERTIFICATE message.
-** Caller must hold HandshakeLock and RecvBufLock, since cd and response
-** are contained in the gathered input data.
-*/
-static SECStatus
-ssl2_HandleClientCertificate(sslSocket * ss,
- PRUint8 certType, /* XXX unused */
- PRUint8 * cd,
- unsigned int cdLen,
- PRUint8 * response,
- unsigned int responseLen)
-{
- CERTCertificate *cert = NULL;
- SECKEYPublicKey *pubKey = NULL;
- VFYContext * vfy = NULL;
- SECItem * derCert;
- SECStatus rv = SECFailure;
- SECItem certItem;
- SECItem rep;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- /* Extract the certificate */
- certItem.data = cd;
- certItem.len = cdLen;
-
- cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
- if (cert == NULL) {
- goto loser;
- }
-
- /* save the certificate, since the auth routine will need it */
- ss->sec.peerCert = cert;
-
- /* Extract the public key */
- pubKey = CERT_ExtractPublicKey(cert);
- if (!pubKey)
- goto loser;
-
- /* Verify the response data... */
- rep.data = response;
- rep.len = responseLen;
- /* SSL 2.0 only supports RSA certs, so we don't have to worry about
- * DSA here. */
- vfy = VFY_CreateContext(pubKey, &rep, SEC_OID_PKCS1_RSA_ENCRYPTION,
- ss->pkcs11PinArg);
- if (!vfy)
- goto loser;
- rv = VFY_Begin(vfy);
- if (rv)
- goto loser;
-
- rv = VFY_Update(vfy, ss->sec.ci.readKey, ss->sec.ci.keySize);
- if (rv)
- goto loser;
- rv = VFY_Update(vfy, ss->sec.ci.writeKey, ss->sec.ci.keySize);
- if (rv)
- goto loser;
- rv = VFY_Update(vfy, ss->sec.ci.serverChallenge, SSL_CHALLENGE_BYTES);
- if (rv)
- goto loser;
-
- derCert = &ss->serverCerts[kt_rsa].serverCert->derCert;
- rv = VFY_Update(vfy, derCert->data, derCert->len);
- if (rv)
- goto loser;
- rv = VFY_End(vfy);
- if (rv)
- goto loser;
-
- /* Now ask the server application if it likes the certificate... */
- rv = (SECStatus) (*ss->authCertificate)(ss->authCertificateArg,
- ss->fd, PR_TRUE, PR_TRUE);
- /* Hey, it liked it. */
- if (SECSuccess == rv)
- goto done;
-
-loser:
- ss->sec.peerCert = NULL;
- CERT_DestroyCertificate(cert);
-
-done:
- VFY_DestroyContext(vfy, PR_TRUE);
- SECKEY_DestroyPublicKey(pubKey);
- return rv;
-}
-
-/*
-** Handle remaining messages between client/server. Process finished
-** messages from either side and any authentication requests.
-** This should only be called for SSLv2 handshake messages,
-** not for application data records.
-** Caller must hold handshake lock.
-**
-** Called from ssl_Do1stHandshake().
-**
-*/
-static SECStatus
-ssl2_HandleMessage(sslSocket *ss)
-{
- PRUint8 * data;
- PRUint8 * cid;
- unsigned len, certType, certLen, responseLen;
- int rv;
- int rv2;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetRecvBufLock(ss);
-
- data = ss->gs.buf.buf + ss->gs.recordOffset;
-
- if (ss->gs.recordLen < 1) {
- goto bad_peer;
- }
- SSL_TRC(3, ("%d: SSL[%d]: received %d message",
- SSL_GETPID(), ss->fd, data[0]));
- DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
- switch (data[0]) {
- case SSL_MT_CLIENT_FINISHED:
- if (ss->sec.ci.elements & CIS_HAVE_FINISHED) {
- SSL_DBG(("%d: SSL[%d]: dup client-finished message",
- SSL_GETPID(), ss->fd));
- goto bad_peer;
- }
-
- /* See if nonce matches */
- len = ss->gs.recordLen - 1;
- cid = data + 1;
- if ((len != sizeof(ss->sec.ci.connectionID)) ||
- (PORT_Memcmp(ss->sec.ci.connectionID, cid, len) != 0)) {
- SSL_DBG(("%d: SSL[%d]: bad connection-id", SSL_GETPID(), ss->fd));
- PRINT_BUF(5, (ss, "sent connection-id",
- ss->sec.ci.connectionID,
- sizeof(ss->sec.ci.connectionID)));
- PRINT_BUF(5, (ss, "rcvd connection-id", cid, len));
- goto bad_peer;
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: got client finished, waiting for 0x%d",
- SSL_GETPID(), ss->fd,
- ss->sec.ci.requiredElements ^ ss->sec.ci.elements));
- ss->sec.ci.elements |= CIS_HAVE_FINISHED;
- break;
-
- case SSL_MT_SERVER_FINISHED:
- if (ss->sec.ci.elements & CIS_HAVE_FINISHED) {
- SSL_DBG(("%d: SSL[%d]: dup server-finished message",
- SSL_GETPID(), ss->fd));
- goto bad_peer;
- }
-
- if (ss->gs.recordLen - 1 != SSL2_SESSIONID_BYTES) {
- SSL_DBG(("%d: SSL[%d]: bad server-finished message, len=%d",
- SSL_GETPID(), ss->fd, ss->gs.recordLen));
- goto bad_peer;
- }
- ssl2_ClientRegSessionID(ss, data+1);
- SSL_TRC(5, ("%d: SSL[%d]: got server finished, waiting for 0x%d",
- SSL_GETPID(), ss->fd,
- ss->sec.ci.requiredElements ^ ss->sec.ci.elements));
- ss->sec.ci.elements |= CIS_HAVE_FINISHED;
- break;
-
- case SSL_MT_REQUEST_CERTIFICATE:
- len = ss->gs.recordLen - 2;
- if ((len != SSL_MIN_CHALLENGE_BYTES) ||
- (len > SSL_MAX_CHALLENGE_BYTES)) {
- /* Bad challenge */
- SSL_DBG(("%d: SSL[%d]: bad cert request message: code len=%d",
- SSL_GETPID(), ss->fd, len));
- goto bad_peer;
- }
-
- /* save auth request info */
- ss->sec.ci.authType = data[1];
- ss->sec.ci.serverChallengeLen = len;
- PORT_Memcpy(ss->sec.ci.serverChallenge, data + 2, len);
-
- rv = ssl2_HandleRequestCertificate(ss);
- if (rv == SECWouldBlock) {
- SSL_TRC(3, ("%d: SSL[%d]: async cert request",
- SSL_GETPID(), ss->fd));
- /* someone is handling this asynchronously */
- ssl_ReleaseRecvBufLock(ss);
- return SECWouldBlock;
- }
- if (rv) {
- SET_ERROR_CODE
- goto loser;
- }
- break;
-
- case SSL_MT_CLIENT_CERTIFICATE:
- if (!ss->authCertificate) {
- /* Server asked for authentication and can't handle it */
- PORT_SetError(SSL_ERROR_BAD_SERVER);
- goto loser;
- }
- if (ss->gs.recordLen < SSL_HL_CLIENT_CERTIFICATE_HBYTES) {
- SET_ERROR_CODE
- goto loser;
- }
- certType = data[1];
- certLen = (data[2] << 8) | data[3];
- responseLen = (data[4] << 8) | data[5];
- if (certType != SSL_CT_X509_CERTIFICATE) {
- PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
- goto loser;
- }
- rv = ssl2_HandleClientCertificate(ss, data[1],
- data + SSL_HL_CLIENT_CERTIFICATE_HBYTES,
- certLen,
- data + SSL_HL_CLIENT_CERTIFICATE_HBYTES + certLen,
- responseLen);
- if (rv) {
- rv2 = ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
- SET_ERROR_CODE
- goto loser;
- }
- ss->sec.ci.elements |= CIS_HAVE_CERTIFICATE;
- break;
-
- case SSL_MT_ERROR:
- rv = (data[1] << 8) | data[2];
- SSL_TRC(2, ("%d: SSL[%d]: got error message, error=0x%x",
- SSL_GETPID(), ss->fd, rv));
-
- /* Convert protocol error number into API error number */
- switch (rv) {
- case SSL_PE_NO_CYPHERS:
- rv = SSL_ERROR_NO_CYPHER_OVERLAP;
- break;
- case SSL_PE_NO_CERTIFICATE:
- rv = SSL_ERROR_NO_CERTIFICATE;
- break;
- case SSL_PE_BAD_CERTIFICATE:
- rv = SSL_ERROR_BAD_CERTIFICATE;
- break;
- case SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE:
- rv = SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
- break;
- default:
- goto bad_peer;
- }
- /* XXX make certificate-request optionally fail... */
- PORT_SetError(rv);
- goto loser;
-
- default:
- SSL_DBG(("%d: SSL[%d]: unknown message %d",
- SSL_GETPID(), ss->fd, data[0]));
- goto loser;
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: handled %d message, required=0x%x got=0x%x",
- SSL_GETPID(), ss->fd, data[0],
- ss->sec.ci.requiredElements, ss->sec.ci.elements));
-
- rv = ssl2_TryToFinish(ss);
- if (rv != SECSuccess)
- goto loser;
-
- ss->gs.recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- if (ss->handshake == 0) {
- return SECSuccess;
- }
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
- return ssl2_TriggerNextMessage(ss);
-
- bad_peer:
- PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT : SSL_ERROR_BAD_SERVER);
- /* FALL THROUGH */
-
- loser:
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-/************************************************************************/
-
-/* Called from ssl_Do1stHandshake, after ssl2_HandleServerHelloMessage or
-** ssl2_RestartHandshakeAfterServerCert.
-*/
-static SECStatus
-ssl2_HandleVerifyMessage(sslSocket *ss)
-{
- PRUint8 * data;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- ssl_GetRecvBufLock(ss);
-
- data = ss->gs.buf.buf + ss->gs.recordOffset;
- DUMP_MSG(29, (ss, data, ss->gs.recordLen));
- if ((ss->gs.recordLen != 1 + SSL_CHALLENGE_BYTES) ||
- (data[0] != SSL_MT_SERVER_VERIFY) ||
- PORT_Memcmp(data+1, ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES)) {
- /* Bad server */
- PORT_SetError(SSL_ERROR_BAD_SERVER);
- goto loser;
- }
- ss->sec.ci.elements |= CIS_HAVE_VERIFY;
-
- SSL_TRC(5, ("%d: SSL[%d]: got server-verify, required=0x%d got=0x%x",
- SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements,
- ss->sec.ci.elements));
-
- rv = ssl2_TryToFinish(ss);
- if (rv)
- goto loser;
-
- ss->gs.recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- if (ss->handshake == 0) {
- return SECSuccess;
- }
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
- return SECSuccess;
-
-
- loser:
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-/* Not static because ssl2_GatherData() tests ss->nextHandshake for this value.
- * ICK!
- * Called from ssl_Do1stHandshake after ssl2_BeginClientHandshake()
- */
-SECStatus
-ssl2_HandleServerHelloMessage(sslSocket *ss)
-{
- sslSessionID * sid;
- PRUint8 * cert;
- PRUint8 * cs;
- PRUint8 * data;
- SECStatus rv;
- int needed, sidHit, certLen, csLen, cidLen, certType, err;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- if (!ss->enableSSL2) {
- PORT_SetError(SSL_ERROR_SSL2_DISABLED);
- return SECFailure;
- }
-
- ssl_GetRecvBufLock(ss);
-
- PORT_Assert(ss->sec.ci.sid != 0);
- sid = ss->sec.ci.sid;
-
- data = ss->gs.buf.buf + ss->gs.recordOffset;
- DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
- /* Make sure first message has some data and is the server hello message */
- if ((ss->gs.recordLen < SSL_HL_SERVER_HELLO_HBYTES)
- || (data[0] != SSL_MT_SERVER_HELLO)) {
- if ((data[0] == SSL_MT_ERROR) && (ss->gs.recordLen == 3)) {
- err = (data[1] << 8) | data[2];
- if (err == SSL_PE_NO_CYPHERS) {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- goto loser;
- }
- }
- goto bad_server;
- }
-
- sidHit = data[1];
- certType = data[2];
- ss->version = (data[3] << 8) | data[4];
- certLen = (data[5] << 8) | data[6];
- csLen = (data[7] << 8) | data[8];
- cidLen = (data[9] << 8) | data[10];
- cert = data + SSL_HL_SERVER_HELLO_HBYTES;
- cs = cert + certLen;
-
- SSL_TRC(5,
- ("%d: SSL[%d]: server-hello, hit=%d vers=%x certLen=%d csLen=%d cidLen=%d",
- SSL_GETPID(), ss->fd, sidHit, ss->version, certLen,
- csLen, cidLen));
- if (ss->version != SSL_LIBRARY_VERSION_2) {
- if (ss->version < SSL_LIBRARY_VERSION_2) {
- SSL_TRC(3, ("%d: SSL[%d]: demoting self (%x) to server version (%x)",
- SSL_GETPID(), ss->fd, SSL_LIBRARY_VERSION_2,
- ss->version));
- } else {
- SSL_TRC(1, ("%d: SSL[%d]: server version is %x (we are %x)",
- SSL_GETPID(), ss->fd, ss->version, SSL_LIBRARY_VERSION_2));
- /* server claims to be newer but does not follow protocol */
- PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
- goto loser;
- }
- }
-
- /* Save connection-id for later */
- PORT_Memcpy(ss->sec.ci.connectionID, cs + csLen,
- sizeof(ss->sec.ci.connectionID));
-
- /* See if session-id hit */
- needed = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED | CIS_HAVE_VERIFY;
- if (sidHit) {
- if (certLen || csLen) {
- /* Uh oh - bogus server */
- SSL_DBG(("%d: SSL[%d]: client, huh? hit=%d certLen=%d csLen=%d",
- SSL_GETPID(), ss->fd, sidHit, certLen, csLen));
- goto bad_server;
- }
-
- /* Total winner. */
- SSL_TRC(1, ("%d: SSL[%d]: client, using nonce for peer=0x%08x "
- "port=0x%04x",
- SSL_GETPID(), ss->fd, ss->sec.ci.peer, ss->sec.ci.port));
- ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
- ss->sec.authAlgorithm = sid->authAlgorithm;
- ss->sec.authKeyBits = sid->authKeyBits;
- ss->sec.keaType = sid->keaType;
- ss->sec.keaKeyBits = sid->keaKeyBits;
- rv = ssl2_CreateSessionCypher(ss, sid, PR_TRUE);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- if (certType != SSL_CT_X509_CERTIFICATE) {
- PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
- goto loser;
- }
- if (csLen == 0) {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- SSL_DBG(("%d: SSL[%d]: no cipher overlap",
- SSL_GETPID(), ss->fd));
- goto loser;
- }
- if (certLen == 0) {
- SSL_DBG(("%d: SSL[%d]: client, huh? certLen=%d csLen=%d",
- SSL_GETPID(), ss->fd, certLen, csLen));
- goto bad_server;
- }
-
- if (sid->cached != never_cached) {
- /* Forget our session-id - server didn't like it */
- SSL_TRC(7, ("%d: SSL[%d]: server forgot me, uncaching session-id",
- SSL_GETPID(), ss->fd));
- (*ss->sec.uncache)(sid);
- ssl_FreeSID(sid);
- ss->sec.ci.sid = sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!sid) {
- goto loser;
- }
- sid->references = 1;
- sid->addr = ss->sec.ci.peer;
- sid->port = ss->sec.ci.port;
- }
-
- /* decode the server's certificate */
- rv = ssl2_ClientHandleServerCert(ss, cert, certLen);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SSL_ERROR_BAD_CERTIFICATE) {
- (void) ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
- }
- goto loser;
- }
-
- /* Setup new session cipher */
- rv = ssl2_ClientSetupSessionCypher(ss, cs, csLen);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SSL_ERROR_BAD_CERTIFICATE) {
- (void) ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
- }
- goto loser;
- }
- }
-
- /* Build up final list of required elements */
- ss->sec.ci.elements = CIS_HAVE_MASTER_KEY;
- ss->sec.ci.requiredElements = needed;
-
- if (!sidHit) {
- /* verify the server's certificate. if sidHit, don't check signatures */
- rv = (* ss->authCertificate)(ss->authCertificateArg, ss->fd,
- (PRBool)(!sidHit), PR_FALSE);
- if (rv) {
- if (ss->handleBadCert) {
- rv = (*ss->handleBadCert)(ss->badCertArg, ss->fd);
- if ( rv ) {
- if ( rv == SECWouldBlock ) {
- /* someone will handle this connection asynchronously*/
-
- SSL_DBG(("%d: SSL[%d]: go to async cert handler",
- SSL_GETPID(), ss->fd));
- ssl_ReleaseRecvBufLock(ss);
- ssl_SetAlwaysBlock(ss);
- return SECWouldBlock;
- }
- /* cert is bad */
- SSL_DBG(("%d: SSL[%d]: server certificate is no good: error=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- goto loser;
-
- }
- /* cert is good */
- } else {
- SSL_DBG(("%d: SSL[%d]: server certificate is no good: error=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- goto loser;
- }
- }
- }
- /*
- ** At this point we have a completed session key and our session
- ** cipher is setup and ready to go. Switch to encrypted write routine
- ** as all future message data is to be encrypted.
- */
- ssl2_UseEncryptedSendFunc(ss);
-
- rv = ssl2_TryToFinish(ss);
- if (rv != SECSuccess)
- goto loser;
-
- ss->gs.recordLen = 0;
-
- ssl_ReleaseRecvBufLock(ss);
-
- if (ss->handshake == 0) {
- return SECSuccess;
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: got server-hello, required=0x%d got=0x%x",
- SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements,
- ss->sec.ci.elements));
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleVerifyMessage;
- return SECSuccess;
-
- bad_server:
- PORT_SetError(SSL_ERROR_BAD_SERVER);
- /* FALL THROUGH */
-
- loser:
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-/* Sends out the initial client Hello message on the connection.
- * Acquires and releases the socket's xmitBufLock.
- */
-SECStatus
-ssl2_BeginClientHandshake(sslSocket *ss)
-{
- sslSessionID *sid;
- PRUint8 *msg;
- PRUint8 *cp;
- PRUint8 *localCipherSpecs = NULL;
- unsigned int localCipherSize;
- unsigned int i;
- int sendLen, sidLen = 0;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ss->sec.isServer = 0;
- ss->sec.sendSequence = 0;
- ss->sec.rcvSequence = 0;
- ssl_ChooseSessionIDProcs(&ss->sec);
-
- if (!ss->cipherSpecs) {
- rv = ssl2_ConstructCipherSpecs(ss);
- if (rv != SECSuccess)
- goto loser;
- }
-
- /* count the SSL2 and SSL3 enabled ciphers.
- * if either is zero, clear the socket's enable for that protocol.
- */
- rv = ssl2_CheckConfigSanity(ss);
- if (rv != SECSuccess)
- goto loser;
-
- /* Get peer name of server */
- rv = ssl_GetPeerInfo(ss);
- if (rv < 0) {
-#ifdef HPUX11
- /*
- * On some HP-UX B.11.00 systems, getpeername() occasionally
- * fails with ENOTCONN after a successful completion of
- * non-blocking connect. I found that if we do a write()
- * and then retry getpeername(), it will work.
- */
- if (PR_GetError() == PR_NOT_CONNECTED_ERROR) {
- char dummy;
- (void) PR_Write(ss->fd->lower, &dummy, 0);
- rv = ssl_GetPeerInfo(ss);
- if (rv < 0) {
- goto loser;
- }
- }
-#else
- goto loser;
-#endif
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: sending client-hello", SSL_GETPID(), ss->fd));
-
- /* Try to find server in our session-id cache */
- if (ss->noCache) {
- sid = NULL;
- } else {
- sid = ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID,
- ss->url);
- }
- while (sid) { /* this isn't really a loop */
- /* if we're not doing this SID's protocol any more, drop it. */
- if (((sid->version < SSL_LIBRARY_VERSION_3_0) && !ss->enableSSL2) ||
- ((sid->version == SSL_LIBRARY_VERSION_3_0) && !ss->enableSSL3) ||
- ((sid->version > SSL_LIBRARY_VERSION_3_0) && !ss->enableTLS)) {
- ss->sec.uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- break;
- }
- if (ss->enableSSL2 && sid->version < SSL_LIBRARY_VERSION_3_0) {
- /* If the cipher in this sid is not enabled, drop it. */
- for (i = 0; i < ss->sizeCipherSpecs; i += 3) {
- if (ss->cipherSpecs[i] == sid->u.ssl2.cipherType)
- break;
- }
- if (i >= ss->sizeCipherSpecs) {
- ss->sec.uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- break;
- }
- }
- sidLen = sizeof(sid->u.ssl2.sessionID);
- PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl2.sessionID,
- sidLen));
- ss->version = sid->version;
- PORT_Assert(!ss->sec.localCert);
- if (ss->sec.localCert) {
- CERT_DestroyCertificate(ss->sec.localCert);
- }
- ss->sec.localCert = CERT_DupCertificate(sid->localCert);
- break; /* this isn't really a loop */
- }
- if (!sid) {
- sidLen = 0;
- sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!sid) {
- goto loser;
- }
- sid->references = 1;
- sid->cached = never_cached;
- sid->addr = ss->sec.ci.peer;
- sid->port = ss->sec.ci.port;
- if (ss->peerID != NULL) {
- sid->peerID = PORT_Strdup(ss->peerID);
- }
- if (ss->url != NULL) {
- sid->urlSvrName = PORT_Strdup(ss->url);
- }
- }
- ss->sec.ci.sid = sid;
-
- PORT_Assert(sid != NULL);
-
- if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->v2CompatibleHello) &&
- (ss->enableSSL3 || ss->enableTLS)) {
-
- ss->gs.state = GS_INIT;
- ss->handshake = ssl_GatherRecord1stHandshake;
-
- /* ssl3_SendClientHello will override this if it succeeds. */
- ss->version = SSL_LIBRARY_VERSION_3_0;
-
- ssl_GetXmitBufLock(ss); /***************************************/
- ssl_GetSSL3HandshakeLock(ss);
- rv = ssl3_SendClientHello(ss);
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_ReleaseXmitBufLock(ss); /***************************************/
-
- return rv;
- }
-
- if (!ss->cipherSpecs) {
- rv = ssl2_ConstructCipherSpecs(ss);
- if (rv < 0) {
- return rv;
- }
- }
- localCipherSpecs = ss->cipherSpecs;
- localCipherSize = ss->sizeCipherSpecs;
-
- sendLen = SSL_HL_CLIENT_HELLO_HBYTES + localCipherSize + sidLen +
- SSL_CHALLENGE_BYTES;
-
- /* Generate challenge bytes for server */
- PK11_GenerateRandom(ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES);
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv)
- goto unlock_loser;
-
- /* Construct client-hello message */
- cp = msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_CLIENT_HELLO;
- if ( ss->enableTLS ) {
- ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_1_TLS;
- } else if ( ss->enableSSL3 ) {
- ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_0;
- } else {
- ss->clientHelloVersion = SSL_LIBRARY_VERSION_2;
- }
-
- msg[1] = MSB(ss->clientHelloVersion);
- msg[2] = LSB(ss->clientHelloVersion);
- msg[3] = MSB(localCipherSize);
- msg[4] = LSB(localCipherSize);
- msg[5] = MSB(sidLen);
- msg[6] = LSB(sidLen);
- msg[7] = MSB(SSL_CHALLENGE_BYTES);
- msg[8] = LSB(SSL_CHALLENGE_BYTES);
- cp += SSL_HL_CLIENT_HELLO_HBYTES;
- PORT_Memcpy(cp, localCipherSpecs, localCipherSize);
- cp += localCipherSize;
- if (sidLen) {
- PORT_Memcpy(cp, sid->u.ssl2.sessionID, sidLen);
- cp += sidLen;
- }
- PORT_Memcpy(cp, ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES);
-
- /* Send it to the server */
- DUMP_MSG(29, (ss, msg, sendLen));
- ss->handshakeBegun = 1;
- rv = (*ss->sec.send)(ss, msg, sendLen, 0);
-
- ssl_ReleaseXmitBufLock(ss); /***************************************/
-
- if (rv < 0) {
- goto loser;
- }
-
- rv = ssl3_StartHandshakeHash(ss, msg, sendLen);
- if (rv < 0) {
- goto loser;
- }
-
- /* Setup to receive servers hello message */
- ssl_GetRecvBufLock(ss);
- ss->gs.recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleServerHelloMessage;
- return SECSuccess;
-
-unlock_loser:
- ssl_ReleaseXmitBufLock(ss);
-loser:
- return SECFailure;
-}
-
-/************************************************************************/
-
-/* Handle the CLIENT-MASTER-KEY message.
-** Acquires and releases RecvBufLock.
-** Called from ssl2_HandleClientHelloMessage().
-*/
-static SECStatus
-ssl2_HandleClientSessionKeyMessage(sslSocket *ss)
-{
- PRUint8 * data;
- unsigned int caLen;
- unsigned int ckLen;
- unsigned int ekLen;
- unsigned int keySize;
- int cipher;
- SECStatus rv;
-
-
- ssl_GetRecvBufLock(ss);
-
- data = ss->gs.buf.buf + ss->gs.recordOffset;
- DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
- if ((ss->gs.recordLen < SSL_HL_CLIENT_MASTER_KEY_HBYTES)
- || (data[0] != SSL_MT_CLIENT_MASTER_KEY)) {
- goto bad_client;
- }
- cipher = data[1];
- keySize = (data[2] << 8) | data[3];
- ckLen = (data[4] << 8) | data[5];
- ekLen = (data[6] << 8) | data[7];
- caLen = (data[8] << 8) | data[9];
-
- SSL_TRC(5, ("%d: SSL[%d]: session-key, cipher=%d keySize=%d ckLen=%d ekLen=%d caLen=%d",
- SSL_GETPID(), ss->fd, cipher, keySize, ckLen, ekLen, caLen));
-
- if (ss->gs.recordLen <
- SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen + caLen) {
- SSL_DBG(("%d: SSL[%d]: protocol size mismatch dataLen=%d",
- SSL_GETPID(), ss->fd, ss->gs.recordLen));
- goto bad_client;
- }
-
- /* Use info from client to setup session key */
- /* XXX should validate cipher&keySize are in our array */
- rv = ssl2_ServerSetupSessionCypher(ss, cipher, keySize,
- data + SSL_HL_CLIENT_MASTER_KEY_HBYTES, ckLen,
- data + SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen, ekLen,
- data + SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen, caLen);
- ss->gs.recordLen = 0; /* we're done with this record. */
-
- ssl_ReleaseRecvBufLock(ss);
-
- if (rv != SECSuccess) {
- goto loser;
- }
- ss->sec.ci.elements |= CIS_HAVE_MASTER_KEY;
- ssl2_UseEncryptedSendFunc(ss);
-
- /* Send server verify message now that keys are established */
- rv = ssl2_SendServerVerifyMessage(ss);
- if (rv != SECSuccess)
- goto loser;
-
- rv = ssl2_TryToFinish(ss);
- if (rv != SECSuccess)
- goto loser;
- if (ss->handshake == 0) {
- return SECSuccess;
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: server: waiting for elements=0x%d",
- SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements ^ ss->sec.ci.elements));
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
-
- return ssl2_TriggerNextMessage(ss);
-
-bad_client:
- ssl_ReleaseRecvBufLock(ss);
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- /* FALLTHROUGH */
-
-loser:
- return SECFailure;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- * cert Client cert chosen by application.
- * key Private key associated with cert.
- *
- * XXX: need to make ssl2 and ssl3 versions of this function agree on whether
- * they take the reference, or bump the ref count!
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
- */
-int
-ssl2_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key)
-{
- int ret;
- SECStatus rv = SECSuccess;
- SECItem response;
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0)
- return SECFailure;
-
- response.data = NULL;
-
- /* generate error if no cert or key */
- if ( ( cert == NULL ) || ( key == NULL ) ) {
- goto no_cert;
- }
-
- /* generate signed response to the challenge */
- rv = ssl2_SignResponse(ss, key, &response);
- if ( rv != SECSuccess ) {
- goto no_cert;
- }
-
- /* Send response message */
- ret = ssl2_SendCertificateResponseMessage(ss, &cert->derCert, &response);
- if (ret) {
- goto no_cert;
- }
-
- /* try to finish the handshake */
- ret = ssl2_TryToFinish(ss);
- if (ret) {
- goto loser;
- }
-
- /* done with handshake */
- if (ss->handshake == 0) {
- ret = SECSuccess;
- goto done;
- }
-
- /* continue handshake */
- ssl_GetRecvBufLock(ss);
- ss->gs.recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
- ret = ssl2_TriggerNextMessage(ss);
- goto done;
-
-no_cert:
- /* no cert - send error */
- ret = ssl2_SendErrorMessage(ss, SSL_PE_NO_CERTIFICATE);
- goto done;
-
-loser:
- ret = SECFailure;
-done:
- /* free allocated data */
- if ( response.data ) {
- PORT_Free(response.data);
- }
-
- return ret;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX Need to document here how an application marks a cert to show that
-** the application has accepted it (overridden CERT_VerifyCert).
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
-*/
-int
-ssl2_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
- int rv = SECSuccess;
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0)
- return SECFailure;
-
- /* SSL 2
- ** At this point we have a completed session key and our session
- ** cipher is setup and ready to go. Switch to encrypted write routine
- ** as all future message data is to be encrypted.
- */
- ssl2_UseEncryptedSendFunc(ss);
-
- rv = ssl2_TryToFinish(ss);
- if (rv == SECSuccess && ss->handshake != NULL) {
- /* handshake is not yet finished. */
-
- SSL_TRC(5, ("%d: SSL[%d]: got server-hello, required=0x%d got=0x%x",
- SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements,
- ss->sec.ci.elements));
-
- ssl_GetRecvBufLock(ss);
- ss->gs.recordLen = 0; /* mark it all used up. */
- ssl_ReleaseRecvBufLock(ss);
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleVerifyMessage;
- }
-
- return rv;
-}
-
-/*
-** Handle the initial hello message from the client
-**
-** not static because ssl2_GatherData() tests ss->nextHandshake for this value.
-*/
-SECStatus
-ssl2_HandleClientHelloMessage(sslSocket *ss)
-{
- sslSessionID *sid;
- sslServerCerts * sc;
- CERTCertificate *serverCert;
- PRUint8 *msg;
- PRUint8 *data;
- PRUint8 *cs;
- PRUint8 *sd;
- PRUint8 *cert = NULL;
- PRUint8 *challenge;
- unsigned int challengeLen;
- SECStatus rv;
- int csLen;
- int sendLen;
- int sdLen;
- int certLen;
- int pid;
- int sent;
- int gotXmitBufLock = 0;
-#if defined(SOLARIS) && defined(i386)
- volatile PRUint8 hit;
-#else
- int hit;
-#endif
- PRUint8 csImpl[sizeof implementedCipherSuites];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- sc = ss->serverCerts + kt_rsa;
- serverCert = sc->serverCert;
-
- ssl_GetRecvBufLock(ss);
-
-
- data = ss->gs.buf.buf + ss->gs.recordOffset;
- DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
- /* Make sure first message has some data and is the client hello message */
- if ((ss->gs.recordLen < SSL_HL_CLIENT_HELLO_HBYTES)
- || (data[0] != SSL_MT_CLIENT_HELLO)) {
- goto bad_client;
- }
-
- /* Get peer name of client */
- rv = ssl_GetPeerInfo(ss);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* Examine version information */
- /*
- * See if this might be a V2 client hello asking to use the V3 protocol
- */
- if ((data[0] == SSL_MT_CLIENT_HELLO) &&
- (data[1] >= MSB(SSL_LIBRARY_VERSION_3_0)) &&
- (ss->enableSSL3 || ss->enableTLS)) {
- rv = ssl3_HandleV2ClientHello(ss, data, ss->gs.recordLen);
- if (rv != SECFailure) { /* Success */
- ss->handshake = NULL;
- ss->nextHandshake = ssl_GatherRecord1stHandshake;
- ss->securityHandshake = NULL;
- ss->gs.state = GS_INIT;
-
- /* ssl3_HandleV3ClientHello has set ss->version,
- ** and has gotten us a brand new sid.
- */
- ss->sec.ci.sid->version = ss->version;
- }
- ssl_ReleaseRecvBufLock(ss);
- return rv;
- }
- /* Previously, there was a test here to see if SSL2 was enabled.
- ** If not, an error code was set, and SECFailure was returned,
- ** without sending any error code to the other end of the connection.
- ** That test has been removed. If SSL2 has been disabled, there
- ** should be no SSL2 ciphers enabled, and consequently, the code
- ** below should send the ssl2 error message SSL_PE_NO_CYPHERS.
- ** We now believe this is the correct thing to do, even when SSL2
- ** has been explicitly disabled by the application.
- */
-
- /* Extract info from message */
- ss->version = (data[1] << 8) | data[2];
-
- /* If some client thinks ssl v2 is 2.0 instead of 0.2, we'll allow it. */
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- ss->version = SSL_LIBRARY_VERSION_2;
- }
-
- csLen = (data[3] << 8) | data[4];
- sdLen = (data[5] << 8) | data[6];
- challengeLen = (data[7] << 8) | data[8];
- cs = data + SSL_HL_CLIENT_HELLO_HBYTES;
- sd = cs + csLen;
- challenge = sd + sdLen;
- PRINT_BUF(7, (ss, "server, client session-id value:", sd, sdLen));
-
- if ((unsigned)ss->gs.recordLen !=
- SSL_HL_CLIENT_HELLO_HBYTES + csLen + sdLen + challengeLen) {
- SSL_DBG(("%d: SSL[%d]: bad client hello message, len=%d should=%d",
- SSL_GETPID(), ss->fd, ss->gs.recordLen,
- SSL_HL_CLIENT_HELLO_HBYTES+csLen+sdLen+challengeLen));
- goto bad_client;
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: client version is %x",
- SSL_GETPID(), ss->fd, ss->version));
- if (ss->version != SSL_LIBRARY_VERSION_2) {
- if (ss->version > SSL_LIBRARY_VERSION_2) {
- /*
- ** Newer client than us. Things are ok because new clients
- ** are required to be backwards compatible with old servers.
- ** Change version number to our version number so that client
- ** knows whats up.
- */
- ss->version = SSL_LIBRARY_VERSION_2;
- } else {
- SSL_TRC(1, ("%d: SSL[%d]: client version is %x (we are %x)",
- SSL_GETPID(), ss->fd, ss->version, SSL_LIBRARY_VERSION_2));
- PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
- goto loser;
- }
- }
-
- /* Qualify cipher specs before returning them to client */
- csLen = ssl2_QualifyCypherSpecs(ss, cs, csLen);
- if (csLen == 0) {
- /* no overlap, send client our list of supported SSL v2 ciphers. */
- cs = csImpl;
- csLen = sizeof implementedCipherSuites;
- PORT_Memcpy(cs, implementedCipherSuites, csLen);
- csLen = ssl2_QualifyCypherSpecs(ss, cs, csLen);
- if (csLen == 0) {
- /* We don't support any SSL v2 ciphers! */
- ssl2_SendErrorMessage(ss, SSL_PE_NO_CYPHERS);
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- goto loser;
- }
- /* Since this handhsake is going to fail, don't cache it. */
- ss->noCache = 1;
- }
-
- /* Squirrel away the challenge for later */
- PORT_Memcpy(ss->sec.ci.clientChallenge, challenge, challengeLen);
-
- /* Examine message and see if session-id is good */
- ss->sec.ci.elements = 0;
- if (sdLen > 0 && !ss->noCache) {
- SSL_TRC(7, ("%d: SSL[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
- SSL_GETPID(), ss->fd, ss->sec.ci.peer.pr_s6_addr32[0],
- ss->sec.ci.peer.pr_s6_addr32[1],
- ss->sec.ci.peer.pr_s6_addr32[2],
- ss->sec.ci.peer.pr_s6_addr32[3]));
- sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sd, sdLen, ss->dbHandle);
- } else {
- sid = NULL;
- }
- if (sid) {
- /* Got a good session-id. Short cut! */
- SSL_TRC(1, ("%d: SSL[%d]: server, using session-id for 0x%08x (age=%d)",
- SSL_GETPID(), ss->fd, ss->sec.ci.peer,
- ssl_Time() - sid->creationTime));
- PRINT_BUF(1, (ss, "session-id value:", sd, sdLen));
- ss->sec.ci.sid = sid;
- ss->sec.ci.elements = CIS_HAVE_MASTER_KEY;
- hit = 1;
- certLen = 0;
- csLen = 0;
-
- ss->sec.authAlgorithm = sid->authAlgorithm;
- ss->sec.authKeyBits = sid->authKeyBits;
- ss->sec.keaType = sid->keaType;
- ss->sec.keaKeyBits = sid->keaKeyBits;
-
- rv = ssl2_CreateSessionCypher(ss, sid, PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- SECItem * derCert = &serverCert->derCert;
-
- SSL_TRC(7, ("%d: SSL[%d]: server, lookup nonce missed",
- SSL_GETPID(), ss->fd));
- if (!serverCert) {
- SET_ERROR_CODE
- goto loser;
- }
- hit = 0;
- sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!sid) {
- goto loser;
- }
- sid->references = 1;
- sid->addr = ss->sec.ci.peer;
- sid->port = ss->sec.ci.port;
-
- /* Invent a session-id */
- ss->sec.ci.sid = sid;
- PK11_GenerateRandom(sid->u.ssl2.sessionID+2, SSL2_SESSIONID_BYTES-2);
-
- pid = SSL_GETPID();
- sid->u.ssl2.sessionID[0] = MSB(pid);
- sid->u.ssl2.sessionID[1] = LSB(pid);
- cert = derCert->data;
- certLen = derCert->len;
-
- /* pretend that server sids remember the local cert. */
- PORT_Assert(!sid->localCert);
- if (sid->localCert) {
- CERT_DestroyCertificate(sid->localCert);
- }
- sid->localCert = CERT_DupCertificate(serverCert);
-
- ss->sec.authAlgorithm = ssl_sign_rsa;
- ss->sec.keaType = ssl_kea_rsa;
- ss->sec.keaKeyBits = \
- ss->sec.authKeyBits = ss->serverCerts[kt_rsa].serverKeyBits;
- }
-
- /* server sids don't remember the local cert, so whether we found
- ** a sid or not, just "remember" we used the rsa server cert.
- */
- if (ss->sec.localCert) {
- CERT_DestroyCertificate(ss->sec.localCert);
- }
- ss->sec.localCert = CERT_DupCertificate(serverCert);
-
- /* Build up final list of required elements */
- ss->sec.ci.requiredElements = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED;
- if (ss->requestCertificate) {
- ss->sec.ci.requiredElements |= CIS_HAVE_CERTIFICATE;
- }
- ss->sec.ci.sentElements = 0;
-
- /* Send hello message back to client */
- sendLen = SSL_HL_SERVER_HELLO_HBYTES + certLen + csLen
- + SSL_CONNECTIONID_BYTES;
-
- ssl_GetXmitBufLock(ss); gotXmitBufLock = 1;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: sending server-hello (%d)",
- SSL_GETPID(), ss->fd, sendLen));
-
- msg = ss->sec.ci.sendBuf.buf;
- msg[0] = SSL_MT_SERVER_HELLO;
- msg[1] = hit;
- msg[2] = SSL_CT_X509_CERTIFICATE;
- msg[3] = MSB(ss->version);
- msg[4] = LSB(ss->version);
- msg[5] = MSB(certLen);
- msg[6] = LSB(certLen);
- msg[7] = MSB(csLen);
- msg[8] = LSB(csLen);
- msg[9] = MSB(SSL_CONNECTIONID_BYTES);
- msg[10] = LSB(SSL_CONNECTIONID_BYTES);
- if (certLen) {
- PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES, cert, certLen);
- }
- if (csLen) {
- PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES+certLen, cs, csLen);
- }
- PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES+certLen+csLen,
- ss->sec.ci.connectionID, SSL_CONNECTIONID_BYTES);
-
- DUMP_MSG(29, (ss, msg, sendLen));
-
- ss->handshakeBegun = 1;
- sent = (*ss->sec.send)(ss, msg, sendLen, 0);
- if (sent < 0) {
- goto loser;
- }
- ssl_ReleaseXmitBufLock(ss); gotXmitBufLock = 0;
-
- ss->gs.recordLen = 0;
- ss->handshake = ssl_GatherRecord1stHandshake;
- if (hit) {
- /* Old SID Session key is good. Go encrypted */
- ssl2_UseEncryptedSendFunc(ss);
-
- /* Send server verify message now that keys are established */
- rv = ssl2_SendServerVerifyMessage(ss);
- if (rv != SECSuccess)
- goto loser;
-
- ss->nextHandshake = ssl2_HandleMessage;
- ssl_ReleaseRecvBufLock(ss);
- rv = ssl2_TriggerNextMessage(ss);
- return rv;
- }
- ss->nextHandshake = ssl2_HandleClientSessionKeyMessage;
- ssl_ReleaseRecvBufLock(ss);
- return SECSuccess;
-
- bad_client:
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- /* FALLTHROUGH */
-
- loser:
- if (gotXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss); gotXmitBufLock = 0;
- }
- SSL_TRC(10, ("%d: SSL[%d]: server, wait for client-hello lossage",
- SSL_GETPID(), ss->fd));
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-SECStatus
-ssl2_BeginServerHandshake(sslSocket *ss)
-{
- SECStatus rv;
- sslServerCerts * rsaAuth = ss->serverCerts + kt_rsa;
-
- ss->sec.isServer = 1;
- ssl_ChooseSessionIDProcs(&ss->sec);
- ss->sec.sendSequence = 0;
- ss->sec.rcvSequence = 0;
-
- /* don't turn on SSL2 if we don't have an RSA key and cert */
- if (!rsaAuth->serverKey || !rsaAuth->serverCert) {
- ss->enableSSL2 = PR_FALSE;
- }
-
- if (!ss->cipherSpecs) {
- rv = ssl2_ConstructCipherSpecs(ss);
- if (rv != SECSuccess)
- goto loser;
- }
-
- /* count the SSL2 and SSL3 enabled ciphers.
- * if either is zero, clear the socket's enable for that protocol.
- */
- rv = ssl2_CheckConfigSanity(ss);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- ** Generate connection-id. Always do this, even if things fail
- ** immediately. This way the random number generator is always
- ** rolling around, every time we get a connection.
- */
- PK11_GenerateRandom(ss->sec.ci.connectionID,
- sizeof(ss->sec.ci.connectionID));
-
- ss->gs.recordLen = 0;
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleClientHelloMessage;
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-/* This function doesn't really belong in this file.
-** It's here to keep AIX compilers from optimizing it away,
-** and not including it in the DSO.
-*/
-
-#include "nss.h"
-extern const char __nss_ssl_rcsid[];
-extern const char __nss_ssl_sccsid[];
-
-PRBool
-NSSSSL_VersionCheck(const char *importedVersion)
-{
- /*
- * This is the secret handshake algorithm.
- *
- * This release has a simple version compatibility
- * check algorithm. This release is not backward
- * compatible with previous major releases. It is
- * not compatible with future major, minor, or
- * patch releases.
- */
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0];
- return NSS_VersionCheck(importedVersion);
-}
diff --git a/security/nss/lib/ssl/ssldef.c b/security/nss/lib/ssl/ssldef.c
deleted file mode 100644
index bb4883cf3..000000000
--- a/security/nss/lib/ssl/ssldef.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * "Default" SSLSocket methods, used by sockets that do neither SSL nor socks.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-
-#if defined(WIN32)
-#define MAP_ERROR(from,to) if (err == from) { PORT_SetError(to); }
-#define DEFINE_ERROR PRErrorCode err = PR_GetError();
-#else
-#define MAP_ERROR(from,to)
-#define DEFINE_ERROR
-#endif
-
-int ssl_DefConnect(sslSocket *ss, const PRNetAddr *sa)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->connect(lower, sa, ss->cTimeout);
- return rv;
-}
-
-int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->bind(lower, addr);
- return rv;
-}
-
-int ssl_DefListen(sslSocket *ss, int backlog)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->listen(lower, backlog);
- return rv;
-}
-
-int ssl_DefShutdown(sslSocket *ss, int how)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->shutdown(lower, how);
- return rv;
-}
-
-int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->recv(lower, (void *)buf, len, flags, ss->rTimeout);
- if (rv < 0) {
- DEFINE_ERROR
- MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
- } else if (rv > len) {
- PORT_Assert(rv <= len);
- PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
- rv = SECFailure;
- }
- return rv;
-}
-
-/* Default (unencrypted) send.
- * Returns SECSuccess or SECFailure, NOT SECWouldBlock.
- * Returns positive count if any data was written.
- * ALWAYS check for a short write after calling ssl_DefSend.
- */
-int ssl_DefSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv, count;
-
-#if NSS_DISABLE_NAGLE_DELAYS
- /* Although this is overkill, we disable Nagle delays completely for
- ** SSL sockets.
- */
- if (ss->useSecurity && !ss->delayDisabled) {
- ssl_EnableNagleDelay(ss, PR_FALSE); /* ignore error */
- ss->delayDisabled = 1;
- }
-#endif
- count = 0;
- for (;;) {
- rv = lower->methods->send(lower, (const void *)buf, len,
- flags, ss->wTimeout);
- if (rv < 0) {
- PRErrorCode err = PR_GetError();
- if (err == PR_WOULD_BLOCK_ERROR) {
- ss->lastWriteBlocked = 1;
- return count ? count : rv;
- }
- ss->lastWriteBlocked = 0;
- MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
- /* Loser */
- return rv;
- }
- count += rv;
- if (rv < len) {
- /* Short send. Send the rest in the next call */
- buf += rv;
- len -= rv;
- continue;
- }
- break;
- }
- ss->lastWriteBlocked = 0;
- return count;
-}
-
-int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->read(lower, (void *)buf, len);
- if (rv < 0) {
- DEFINE_ERROR
- MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
- }
- return rv;
-}
-
-int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv, count;
-
- count = 0;
- for (;;) {
- rv = lower->methods->write(lower, (void *)buf, len);
- if (rv < 0) {
- PRErrorCode err = PR_GetError();
- if (err == PR_WOULD_BLOCK_ERROR) {
- ss->lastWriteBlocked = 1;
- return count ? count : rv;
- }
- ss->lastWriteBlocked = 0;
- MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
- /* Loser */
- return rv;
- }
- count += rv;
- if (rv != len) {
- /* Short write. Send the rest in the next call */
- buf += rv;
- len -= rv;
- continue;
- }
- break;
- }
- ss->lastWriteBlocked = 0;
- return count;
-}
-
-int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->getpeername(lower, name);
- return rv;
-}
-
-int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->getsockname(lower, name);
- return rv;
-}
-
-int ssl_DefClose(sslSocket *ss)
-{
- PRFileDesc *fd;
- PRFileDesc *popped;
- int rv;
-
- fd = ss->fd;
-
- /* First, remove the SSL layer PRFileDesc from the socket's stack,
- ** then invoke the SSL layer's PRFileDesc destructor.
- ** This must happen before the next layer down is closed.
- */
- PORT_Assert(fd->higher == NULL);
- if (fd->higher) {
- PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
- return SECFailure;
- }
- ss->fd = NULL;
-
- /* PR_PopIOLayer will swap the contents of the top two PRFileDescs on
- ** the stack, and then remove the second one. This way, the address
- ** of the PRFileDesc on the top of the stack doesn't change.
- */
- popped = PR_PopIOLayer(fd, PR_TOP_IO_LAYER);
- popped->dtor(popped);
-
- /* fd is now the PRFileDesc for the next layer down.
- ** Now close the underlying socket.
- */
- rv = fd->methods->close(fd);
-
- ssl_FreeSocket(ss);
-
- SSL_TRC(5, ("%d: SSL[%d]: closing, rv=%d errno=%d",
- SSL_GETPID(), fd, rv, PORT_GetError()));
- return rv;
-}
diff --git a/security/nss/lib/ssl/sslenum.c b/security/nss/lib/ssl/sslenum.c
deleted file mode 100644
index 6cfc6c3b7..000000000
--- a/security/nss/lib/ssl/sslenum.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Table enumerating all implemented cipher suites
- * Part of public API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "ssl.h"
-#include "sslproto.h"
-
-const PRUint16 SSL_ImplementedCiphers[] = {
-
- /* 256-bit */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
-#ifdef NSS_ENABLE_ECC
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-#endif /* NSS_ENABLE_ECC */
- TLS_RSA_WITH_AES_256_CBC_SHA,
-
- /* 128-bit */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
-#ifdef NSS_ENABLE_ECC
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-#endif /* NSS_ENABLE_ECC */
- TLS_DHE_DSS_WITH_RC4_128_SHA,
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-#ifdef NSS_ENABLE_ECC
- TLS_ECDH_RSA_WITH_RC4_128_SHA,
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
- TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-#endif /* NSS_ENABLE_ECC */
- SSL_RSA_WITH_RC4_128_MD5,
- SSL_RSA_WITH_RC4_128_SHA,
- TLS_RSA_WITH_AES_128_CBC_SHA,
-
- /* 112-bit 3DES */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-#ifdef NSS_ENABLE_ECC
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
-#endif /* NSS_ENABLE_ECC */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
- SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-
- /* 80 bit skipjack */
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* KEA + SkipJack */
-
- /* 56-bit DES "domestic" cipher suites */
- SSL_DHE_RSA_WITH_DES_CBC_SHA,
- SSL_DHE_DSS_WITH_DES_CBC_SHA,
-#ifdef NSS_ENABLE_ECC
- TLS_ECDH_RSA_WITH_DES_CBC_SHA,
- TLS_ECDH_ECDSA_WITH_DES_CBC_SHA,
-#endif /* NSS_ENABLE_ECC */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA,
- SSL_RSA_WITH_DES_CBC_SHA,
-
- /* export ciphersuites with 1024-bit public key exchange keys */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-
- /* export ciphersuites with 512-bit public key exchange keys */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5,
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-
- /* ciphersuites with no encryption */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA,
-#ifdef NSS_ENABLE_ECC
- TLS_ECDH_RSA_WITH_NULL_SHA,
- TLS_ECDH_ECDSA_WITH_NULL_SHA,
-#endif /* NSS_ENABLE_ECC */
- SSL_RSA_WITH_NULL_SHA,
- SSL_RSA_WITH_NULL_MD5,
-
- /* SSL2 cipher suites. */
- SSL_EN_RC4_128_WITH_MD5,
- SSL_EN_RC2_128_CBC_WITH_MD5,
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */
- SSL_EN_DES_64_CBC_WITH_MD5,
- SSL_EN_RC4_128_EXPORT40_WITH_MD5,
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,
-
- 0
-
-};
-
-const PRUint16 SSL_NumImplementedCiphers =
- (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
-
diff --git a/security/nss/lib/ssl/sslerr.c b/security/nss/lib/ssl/sslerr.c
deleted file mode 100644
index f3e57d44d..000000000
--- a/security/nss/lib/ssl/sslerr.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Function to set error code only when meaningful error has not already
- * been set.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "seccomon.h"
-
-/* look at the current value of PR_GetError, and evaluate it to see
- * if it is meaningful or meaningless (out of context).
- * If it is meaningless, replace it with the hiLevelError.
- * Returns the chosen error value.
- */
-int
-ssl_MapLowLevelError(int hiLevelError)
-{
- int oldErr = PORT_GetError();
-
- switch (oldErr) {
-
- case 0:
- case PR_IO_ERROR:
- case SEC_ERROR_IO:
- case SEC_ERROR_BAD_DATA:
- case SEC_ERROR_LIBRARY_FAILURE:
- case SEC_ERROR_EXTENSION_NOT_FOUND:
- case SSL_ERROR_BAD_CLIENT:
- case SSL_ERROR_BAD_SERVER:
- case SSL_ERROR_SESSION_NOT_FOUND:
- PORT_SetError(hiLevelError);
- return hiLevelError;
-
- default: /* leave the majority of error codes alone. */
- return oldErr;
- }
-}
diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h
deleted file mode 100644
index 3285fb60c..000000000
--- a/security/nss/lib/ssl/sslerr.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- * Enumeration of all SSL-specific error codes.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#ifndef __SSL_ERR_H_
-#define __SSL_ERR_H_
-
-
-#define SSL_ERROR_BASE (-0x3000)
-#define SSL_ERROR_LIMIT (SSL_ERROR_BASE + 1000)
-
-#define IS_SSL_ERROR(code) \
- (((code) >= SSL_ERROR_BASE) && ((code) < SSL_ERROR_LIMIT))
-
-#ifndef NO_SECURITY_ERROR_ENUM
-typedef enum {
-SSL_ERROR_EXPORT_ONLY_SERVER = (SSL_ERROR_BASE + 0),
-SSL_ERROR_US_ONLY_SERVER = (SSL_ERROR_BASE + 1),
-SSL_ERROR_NO_CYPHER_OVERLAP = (SSL_ERROR_BASE + 2),
-/*
- * Received an alert reporting what we did wrong. (more alerts below)
- */
-SSL_ERROR_NO_CERTIFICATE /*_ALERT */ = (SSL_ERROR_BASE + 3),
-SSL_ERROR_BAD_CERTIFICATE = (SSL_ERROR_BASE + 4),
- /* error 5 is obsolete */
-SSL_ERROR_BAD_CLIENT = (SSL_ERROR_BASE + 6),
-SSL_ERROR_BAD_SERVER = (SSL_ERROR_BASE + 7),
-SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = (SSL_ERROR_BASE + 8),
-SSL_ERROR_UNSUPPORTED_VERSION = (SSL_ERROR_BASE + 9),
- /* error 10 is obsolete */
-SSL_ERROR_WRONG_CERTIFICATE = (SSL_ERROR_BASE + 11),
-SSL_ERROR_BAD_CERT_DOMAIN = (SSL_ERROR_BASE + 12),
-SSL_ERROR_POST_WARNING = (SSL_ERROR_BASE + 13),
-SSL_ERROR_SSL2_DISABLED = (SSL_ERROR_BASE + 14),
-SSL_ERROR_BAD_MAC_READ = (SSL_ERROR_BASE + 15),
-/*
- * Received an alert reporting what we did wrong.
- * (two more alerts above, and many more below)
- */
-SSL_ERROR_BAD_MAC_ALERT = (SSL_ERROR_BASE + 16),
-SSL_ERROR_BAD_CERT_ALERT = (SSL_ERROR_BASE + 17),
-SSL_ERROR_REVOKED_CERT_ALERT = (SSL_ERROR_BASE + 18),
-SSL_ERROR_EXPIRED_CERT_ALERT = (SSL_ERROR_BASE + 19),
-
-SSL_ERROR_SSL_DISABLED = (SSL_ERROR_BASE + 20),
-SSL_ERROR_FORTEZZA_PQG = (SSL_ERROR_BASE + 21),
-SSL_ERROR_UNKNOWN_CIPHER_SUITE = (SSL_ERROR_BASE + 22),
-SSL_ERROR_NO_CIPHERS_SUPPORTED = (SSL_ERROR_BASE + 23),
-SSL_ERROR_BAD_BLOCK_PADDING = (SSL_ERROR_BASE + 24),
-SSL_ERROR_RX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 25),
-SSL_ERROR_TX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 26),
-/*
- * Received a malformed (too long or short) SSL handshake.
- */
-SSL_ERROR_RX_MALFORMED_HELLO_REQUEST = (SSL_ERROR_BASE + 27),
-SSL_ERROR_RX_MALFORMED_CLIENT_HELLO = (SSL_ERROR_BASE + 28),
-SSL_ERROR_RX_MALFORMED_SERVER_HELLO = (SSL_ERROR_BASE + 29),
-SSL_ERROR_RX_MALFORMED_CERTIFICATE = (SSL_ERROR_BASE + 30),
-SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 31),
-SSL_ERROR_RX_MALFORMED_CERT_REQUEST = (SSL_ERROR_BASE + 32),
-SSL_ERROR_RX_MALFORMED_HELLO_DONE = (SSL_ERROR_BASE + 33),
-SSL_ERROR_RX_MALFORMED_CERT_VERIFY = (SSL_ERROR_BASE + 34),
-SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 35),
-SSL_ERROR_RX_MALFORMED_FINISHED = (SSL_ERROR_BASE + 36),
-/*
- * Received a malformed (too long or short) SSL record.
- */
-SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER = (SSL_ERROR_BASE + 37),
-SSL_ERROR_RX_MALFORMED_ALERT = (SSL_ERROR_BASE + 38),
-SSL_ERROR_RX_MALFORMED_HANDSHAKE = (SSL_ERROR_BASE + 39),
-SSL_ERROR_RX_MALFORMED_APPLICATION_DATA = (SSL_ERROR_BASE + 40),
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST = (SSL_ERROR_BASE + 41),
-SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO = (SSL_ERROR_BASE + 42),
-SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO = (SSL_ERROR_BASE + 43),
-SSL_ERROR_RX_UNEXPECTED_CERTIFICATE = (SSL_ERROR_BASE + 44),
-SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 45),
-SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST = (SSL_ERROR_BASE + 46),
-SSL_ERROR_RX_UNEXPECTED_HELLO_DONE = (SSL_ERROR_BASE + 47),
-SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY = (SSL_ERROR_BASE + 48),
-SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 49),
-SSL_ERROR_RX_UNEXPECTED_FINISHED = (SSL_ERROR_BASE + 50),
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER = (SSL_ERROR_BASE + 51),
-SSL_ERROR_RX_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 52),
-SSL_ERROR_RX_UNEXPECTED_HANDSHAKE = (SSL_ERROR_BASE + 53),
-SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA= (SSL_ERROR_BASE + 54),
-/*
- * Received record/message with unknown discriminant.
- */
-SSL_ERROR_RX_UNKNOWN_RECORD_TYPE = (SSL_ERROR_BASE + 55),
-SSL_ERROR_RX_UNKNOWN_HANDSHAKE = (SSL_ERROR_BASE + 56),
-SSL_ERROR_RX_UNKNOWN_ALERT = (SSL_ERROR_BASE + 57),
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-SSL_ERROR_CLOSE_NOTIFY_ALERT = (SSL_ERROR_BASE + 58),
-SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 59),
-SSL_ERROR_DECOMPRESSION_FAILURE_ALERT = (SSL_ERROR_BASE + 60),
-SSL_ERROR_HANDSHAKE_FAILURE_ALERT = (SSL_ERROR_BASE + 61),
-SSL_ERROR_ILLEGAL_PARAMETER_ALERT = (SSL_ERROR_BASE + 62),
-SSL_ERROR_UNSUPPORTED_CERT_ALERT = (SSL_ERROR_BASE + 63),
-SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT = (SSL_ERROR_BASE + 64),
-
-SSL_ERROR_GENERATE_RANDOM_FAILURE = (SSL_ERROR_BASE + 65),
-SSL_ERROR_SIGN_HASHES_FAILURE = (SSL_ERROR_BASE + 66),
-SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE = (SSL_ERROR_BASE + 67),
-SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 68),
-SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 69),
-
-SSL_ERROR_ENCRYPTION_FAILURE = (SSL_ERROR_BASE + 70),
-SSL_ERROR_DECRYPTION_FAILURE = (SSL_ERROR_BASE + 71),
-SSL_ERROR_SOCKET_WRITE_FAILURE = (SSL_ERROR_BASE + 72),
-
-SSL_ERROR_MD5_DIGEST_FAILURE = (SSL_ERROR_BASE + 73),
-SSL_ERROR_SHA_DIGEST_FAILURE = (SSL_ERROR_BASE + 74),
-SSL_ERROR_MAC_COMPUTATION_FAILURE = (SSL_ERROR_BASE + 75),
-SSL_ERROR_SYM_KEY_CONTEXT_FAILURE = (SSL_ERROR_BASE + 76),
-SSL_ERROR_SYM_KEY_UNWRAP_FAILURE = (SSL_ERROR_BASE + 77),
-SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED = (SSL_ERROR_BASE + 78),
-SSL_ERROR_IV_PARAM_FAILURE = (SSL_ERROR_BASE + 79),
-SSL_ERROR_INIT_CIPHER_SUITE_FAILURE = (SSL_ERROR_BASE + 80),
-SSL_ERROR_SESSION_KEY_GEN_FAILURE = (SSL_ERROR_BASE + 81),
-SSL_ERROR_NO_SERVER_KEY_FOR_ALG = (SSL_ERROR_BASE + 82),
-SSL_ERROR_TOKEN_INSERTION_REMOVAL = (SSL_ERROR_BASE + 83),
-SSL_ERROR_TOKEN_SLOT_NOT_FOUND = (SSL_ERROR_BASE + 84),
-SSL_ERROR_NO_COMPRESSION_OVERLAP = (SSL_ERROR_BASE + 85),
-SSL_ERROR_HANDSHAKE_NOT_COMPLETED = (SSL_ERROR_BASE + 86),
-SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE = (SSL_ERROR_BASE + 87),
-SSL_ERROR_CERT_KEA_MISMATCH = (SSL_ERROR_BASE + 88),
-SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA = (SSL_ERROR_BASE + 89),
-SSL_ERROR_SESSION_NOT_FOUND = (SSL_ERROR_BASE + 90),
-
-SSL_ERROR_DECRYPTION_FAILED_ALERT = (SSL_ERROR_BASE + 91),
-SSL_ERROR_RECORD_OVERFLOW_ALERT = (SSL_ERROR_BASE + 92),
-SSL_ERROR_UNKNOWN_CA_ALERT = (SSL_ERROR_BASE + 93),
-SSL_ERROR_ACCESS_DENIED_ALERT = (SSL_ERROR_BASE + 94),
-SSL_ERROR_DECODE_ERROR_ALERT = (SSL_ERROR_BASE + 95),
-SSL_ERROR_DECRYPT_ERROR_ALERT = (SSL_ERROR_BASE + 96),
-SSL_ERROR_EXPORT_RESTRICTION_ALERT = (SSL_ERROR_BASE + 97),
-SSL_ERROR_PROTOCOL_VERSION_ALERT = (SSL_ERROR_BASE + 98),
-SSL_ERROR_INSUFFICIENT_SECURITY_ALERT = (SSL_ERROR_BASE + 99),
-SSL_ERROR_INTERNAL_ERROR_ALERT = (SSL_ERROR_BASE + 100),
-SSL_ERROR_USER_CANCELED_ALERT = (SSL_ERROR_BASE + 101),
-SSL_ERROR_NO_RENEGOTIATION_ALERT = (SSL_ERROR_BASE + 102),
-
-SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
-} SSLErrorCodes;
-#endif /* NO_SECURITY_ERROR_ENUM */
-
-#endif /* __SSL_ERR_H_ */
diff --git a/security/nss/lib/ssl/sslgathr.c b/security/nss/lib/ssl/sslgathr.c
deleted file mode 100644
index 9f06a25e3..000000000
--- a/security/nss/lib/ssl/sslgathr.c
+++ /dev/null
@@ -1,476 +0,0 @@
-/*
- * Gather (Read) entire SSL2 records from socket into buffer.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-
-/* Forward static declarations */
-static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss);
-
-/*
-** Gather a single record of data from the receiving stream. This code
-** first gathers the header (2 or 3 bytes long depending on the value of
-** the most significant bit in the first byte) then gathers up the data
-** for the record into gs->buf. This code handles non-blocking I/O
-** and is to be called multiple times until ss->sec.recordLen != 0.
-** This function decrypts the gathered record in place, in gs_buf.
- *
- * Caller must hold RecvBufLock.
- *
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns 0 if it hits EOF.
- * Returns -1 (SECFailure) on any error
- * Returns -2 (SECWouldBlock) when it gathers an SSL v3 client hello header.
-**
-** The SSL2 Gather State machine has 4 states:
-** GS_INIT - Done reading in previous record. Haven't begun to read in
-** next record. When ssl2_GatherData is called with the machine
-** in this state, the machine will attempt to read the first 3
-** bytes of the SSL2 record header, and will advance the state
-** to GS_HEADER.
-**
-** GS_HEADER - The machine is in this state while waiting for the completion
-** of the first 3 bytes of the SSL2 record. When complete, the
-** machine will compute the remaining unread length of this record
-** and will initiate a read of that many bytes. The machine will
-** advance to one of two states, depending on whether the record
-** is encrypted (GS_MAC), or unencrypted (GS_DATA).
-**
-** GS_MAC - The machine is in this state while waiting for the remainder
-** of the SSL2 record to be read in. When the read is completed,
-** the machine checks the record for valid length, decrypts it,
-** and checks and discards the MAC, then advances to GS_INIT.
-**
-** GS_DATA - The machine is in this state while waiting for the remainder
-** of the unencrypted SSL2 record to be read in. Upon completion,
-** the machine advances to the GS_INIT state and returns the data.
-*/
-int
-ssl2_GatherData(sslSocket *ss, sslGather *gs, int flags)
-{
- unsigned char * bp;
- unsigned char * pBuf;
- int nb, err, rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (gs->state == GS_INIT) {
- /* Initialize gathering engine */
- gs->state = GS_HEADER;
- gs->remainder = 3;
- gs->count = 3;
- gs->offset = 0;
- gs->recordLen = 0;
- gs->recordPadding = 0;
- gs->hdr[2] = 0;
-
- gs->writeOffset = 0;
- gs->readOffset = 0;
- }
- if (gs->encrypted) {
- PORT_Assert(ss->sec.hash != 0);
- }
-
- pBuf = gs->buf.buf;
- for (;;) {
- SSL_TRC(30, ("%d: SSL[%d]: gather state %d (need %d more)",
- SSL_GETPID(), ss->fd, gs->state, gs->remainder));
- bp = ((gs->state != GS_HEADER) ? pBuf : gs->hdr) + gs->offset;
- nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
- if (nb > 0) {
- PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
- }
- if (nb == 0) {
- /* EOF */
- SSL_TRC(30, ("%d: SSL[%d]: EOF", SSL_GETPID(), ss->fd));
- rv = 0;
- break;
- }
- if (nb < 0) {
- SSL_DBG(("%d: SSL[%d]: recv error %d", SSL_GETPID(), ss->fd,
- PR_GetError()));
- rv = SECFailure;
- break;
- }
-
- gs->offset += nb;
- gs->remainder -= nb;
-
- if (gs->remainder > 0) {
- continue;
- }
-
- /* Probably finished this piece */
- switch (gs->state) {
- case GS_HEADER:
- if ((ss->enableSSL3 || ss->enableTLS) && !ss->firstHsDone) {
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- /* If this looks like an SSL3 handshake record,
- ** and we're expecting an SSL2 Hello message from our peer,
- ** handle it here.
- */
- if (gs->hdr[0] == content_handshake) {
- if ((ss->nextHandshake == ssl2_HandleClientHelloMessage) ||
- (ss->nextHandshake == ssl2_HandleServerHelloMessage)) {
- rv = ssl2_HandleV3HandshakeRecord(ss);
- if (rv == SECFailure) {
- return SECFailure;
- }
- }
- /* XXX_1 The call stack to here is:
- * ssl_Do1stHandshake -> ssl_GatherRecord1stHandshake ->
- * ssl2_GatherRecord -> here.
- * We want to return all the way out to ssl_Do1stHandshake,
- * and have it call ssl_GatherRecord1stHandshake again.
- * ssl_GatherRecord1stHandshake will call
- * ssl3_GatherCompleteHandshake when it is called again.
- *
- * Returning SECWouldBlock here causes
- * ssl_GatherRecord1stHandshake to return without clearing
- * ss->handshake, ensuring that ssl_Do1stHandshake will
- * call it again immediately.
- *
- * If we return 1 here, ssl_GatherRecord1stHandshake will
- * clear ss->handshake before returning, and thus will not
- * be called again by ssl_Do1stHandshake.
- */
- return SECWouldBlock;
- } else if (gs->hdr[0] == content_alert) {
- if (ss->nextHandshake == ssl2_HandleServerHelloMessage) {
- /* XXX This is a hack. We're assuming that any failure
- * XXX on the client hello is a failure to match
- * XXX ciphers.
- */
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
- }
- }
- } /* ((ss->enableSSL3 || ss->enableTLS) && !ss->firstHsDone) */
-
- /* we've got the first 3 bytes. The header may be two or three. */
- if (gs->hdr[0] & 0x80) {
- /* This record has a 2-byte header, and no padding */
- gs->count = ((gs->hdr[0] & 0x7f) << 8) | gs->hdr[1];
- gs->recordPadding = 0;
- } else {
- /* This record has a 3-byte header that is all read in now. */
- gs->count = ((gs->hdr[0] & 0x3f) << 8) | gs->hdr[1];
- /* is_escape = (gs->hdr[0] & 0x40) != 0; */
- gs->recordPadding = gs->hdr[2];
- }
-
- if (gs->count > gs->buf.space) {
- err = sslBuffer_Grow(&gs->buf, gs->count);
- if (err) {
- return err;
- }
- pBuf = gs->buf.buf;
- }
-
-
- if (gs->hdr[0] & 0x80) {
- /* we've already read in the first byte of the body.
- ** Put it into the buffer.
- */
- pBuf[0] = gs->hdr[2];
- gs->offset = 1;
- gs->remainder = gs->count - 1;
- } else {
- gs->offset = 0;
- gs->remainder = gs->count;
- }
-
- if (gs->encrypted) {
- gs->state = GS_MAC;
- gs->recordLen = gs->count - gs->recordPadding
- - ss->sec.hash->length;
- } else {
- gs->state = GS_DATA;
- gs->recordLen = gs->count;
- }
-
- break;
-
-
- case GS_MAC:
- /* Have read in entire rest of the ciphertext.
- ** Check for valid length.
- ** Decrypt it.
- ** Check the MAC.
- */
- PORT_Assert(gs->encrypted);
-
- {
- unsigned int macLen;
- int nout;
- unsigned char mac[SSL_MAX_MAC_BYTES];
-
- ssl_GetSpecReadLock(ss); /**********************************/
-
- /* If this is a stream cipher, blockSize will be 1,
- * and this test will always be false.
- * If this is a block cipher, this will detect records
- * that are not a multiple of the blocksize in length.
- */
- if (gs->count & (ss->sec.blockSize - 1)) {
- /* This is an error. Sender is misbehaving */
- SSL_DBG(("%d: SSL[%d]: sender, count=%d blockSize=%d",
- SSL_GETPID(), ss->fd, gs->count,
- ss->sec.blockSize));
- PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
- rv = SECFailure;
- goto spec_locked_done;
- }
- PORT_Assert(gs->count == gs->offset);
-
- if (gs->offset == 0) {
- rv = 0; /* means EOF. */
- goto spec_locked_done;
- }
-
- /* Decrypt the portion of data that we just recieved.
- ** Decrypt it in place.
- */
- rv = (*ss->sec.dec)(ss->sec.readcx, pBuf, &nout, gs->offset,
- pBuf, gs->offset);
- if (rv != SECSuccess) {
- goto spec_locked_done;
- }
-
-
- /* Have read in all the MAC portion of record
- **
- ** Prepare MAC by resetting it and feeding it the shared secret
- */
- macLen = ss->sec.hash->length;
- if (gs->offset >= macLen) {
- uint32 sequenceNumber = ss->sec.rcvSequence++;
- unsigned char seq[4];
-
- seq[0] = (unsigned char) (sequenceNumber >> 24);
- seq[1] = (unsigned char) (sequenceNumber >> 16);
- seq[2] = (unsigned char) (sequenceNumber >> 8);
- seq[3] = (unsigned char) (sequenceNumber);
-
- (*ss->sec.hash->begin)(ss->sec.hashcx);
- (*ss->sec.hash->update)(ss->sec.hashcx, ss->sec.rcvSecret.data,
- ss->sec.rcvSecret.len);
- (*ss->sec.hash->update)(ss->sec.hashcx, pBuf + macLen,
- gs->offset - macLen);
- (*ss->sec.hash->update)(ss->sec.hashcx, seq, 4);
- (*ss->sec.hash->end)(ss->sec.hashcx, mac, &macLen, macLen);
- }
-
- PORT_Assert(macLen == ss->sec.hash->length);
-
- ssl_ReleaseSpecReadLock(ss); /******************************/
-
- if (PORT_Memcmp(mac, pBuf, macLen) != 0) {
- /* MAC's didn't match... */
- SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
- SSL_GETPID(), ss->fd, ss->sec.rcvSequence));
- PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
- PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
- rv = SECFailure;
- goto cleanup;
- }
-
-
- PORT_Assert(gs->recordPadding + macLen <= gs->offset);
- if (gs->recordPadding + macLen <= gs->offset) {
- gs->recordOffset = macLen;
- gs->readOffset = macLen;
- gs->writeOffset = gs->offset - gs->recordPadding;
- rv = 1;
- } else {
- PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
-cleanup:
- /* nothing in the buffer any more. */
- gs->recordOffset = 0;
- gs->readOffset = 0;
- gs->writeOffset = 0;
- rv = SECFailure;
- }
-
- gs->recordLen = gs->writeOffset - gs->readOffset;
- gs->recordPadding = 0; /* forget we did any padding. */
- gs->state = GS_INIT;
-
-
- if (rv > 0) {
- PRINT_BUF(50, (ss, "recv clear record:",
- pBuf + gs->recordOffset, gs->recordLen));
- }
- return rv;
-
-spec_locked_done:
- ssl_ReleaseSpecReadLock(ss);
- return rv;
- }
-
- case GS_DATA:
- /* Have read in all the DATA portion of record */
-
- gs->recordOffset = 0;
- gs->readOffset = 0;
- gs->writeOffset = gs->offset;
- PORT_Assert(gs->recordLen == gs->writeOffset - gs->readOffset);
- gs->recordLen = gs->offset;
- gs->recordPadding = 0;
- gs->state = GS_INIT;
-
- ++ss->sec.rcvSequence;
-
- PRINT_BUF(50, (ss, "recv clear record:",
- pBuf + gs->recordOffset, gs->recordLen));
- return 1;
-
- } /* end switch gs->state */
- } /* end gather loop. */
- return rv;
-}
-
-/*
-** Gather a single record of data from the receiving stream. This code
-** first gathers the header (2 or 3 bytes long depending on the value of
-** the most significant bit in the first byte) then gathers up the data
-** for the record into the readBuf. This code handles non-blocking I/O
-** and is to be called multiple times until ss->sec.recordLen != 0.
- *
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns 0 if it hits EOF.
- * Returns -1 (SECFailure) on any error
- * Returns -2 (SECWouldBlock)
- *
- * Called by ssl_GatherRecord1stHandshake in sslcon.c,
- * and by DoRecv in sslsecur.c
- * Caller must hold RecvBufLock.
- */
-int
-ssl2_GatherRecord(sslSocket *ss, int flags)
-{
- return ssl2_GatherData(ss, &ss->gs, flags);
-}
-
-/*
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns 0 if it hits EOF.
- * Returns -1 (SECFailure) on any error
- * Returns -2 (SECWouldBlock)
- *
- * Called from SocksStartGather in sslsocks.c
- * Caller must hold RecvBufLock.
- */
-int
-ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs, unsigned int count)
-{
- int rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- gs->state = GS_DATA;
- gs->remainder = count;
- gs->count = count;
- gs->offset = 0;
- if (count > gs->buf.space) {
- rv = sslBuffer_Grow(&gs->buf, count);
- if (rv) {
- return rv;
- }
- }
- return ssl2_GatherData(ss, gs, 0);
-}
-
-/* Caller should hold RecvBufLock. */
-SECStatus
-ssl_InitGather(sslGather *gs)
-{
- SECStatus status;
-
- gs->state = GS_INIT;
- gs->writeOffset = 0;
- gs->readOffset = 0;
- status = sslBuffer_Grow(&gs->buf, 4096);
- return status;
-}
-
-/* Caller must hold RecvBufLock. */
-void
-ssl_DestroyGather(sslGather *gs)
-{
- if (gs) { /* the PORT_*Free functions check for NULL pointers. */
- PORT_ZFree(gs->buf.buf, gs->buf.space);
- PORT_Free(gs->inbuf.buf);
- }
-}
-
-/* Caller must hold RecvBufLock. */
-static SECStatus
-ssl2_HandleV3HandshakeRecord(sslSocket *ss)
-{
- SECStatus rv;
- SSL3ProtocolVersion version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- /* We've read in 3 bytes, there are 2 more to go in an ssl3 header. */
- ss->gs.remainder = 2;
- ss->gs.count = 0;
-
- /* Clearing these handshake pointers ensures that
- * ssl_Do1stHandshake won't call ssl2_HandleMessage when we return.
- */
- ss->nextHandshake = 0;
- ss->securityHandshake = 0;
-
- /* Setting ss->version to an SSL 3.x value will cause
- ** ssl_GatherRecord1stHandshake to invoke ssl3_GatherCompleteHandshake()
- ** the next time it is called.
- **/
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- return rv;
- }
-
- ss->sec.send = ssl3_SendApplicationData;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
deleted file mode 100644
index 90a99100e..000000000
--- a/security/nss/lib/ssl/sslimpl.h
+++ /dev/null
@@ -1,1319 +0,0 @@
-/*
- * This file is PRIVATE to SSL and should be the first thing included by
- * any SSL implementation file.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslimpl_h_
-#define __sslimpl_h_
-
-#ifdef DEBUG
-#undef NDEBUG
-#else
-#undef NDEBUG
-#define NDEBUG
-#endif
-#include "secport.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "ssl3prot.h"
-#include "hasht.h"
-#include "nssilock.h"
-#include "pkcs11t.h"
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include "unistd.h"
-#endif
-#include "nssrwlk.h"
-#include "prthread.h"
-
-#include "sslt.h" /* for some formerly private types, now public */
-
-/* to make some of these old enums public without namespace pollution,
-** it was necessary to prepend ssl_ to the names.
-** These #defines preserve compatibility with the old code here in libssl.
-*/
-typedef SSLKEAType SSL3KEAType;
-typedef SSLMACAlgorithm SSL3MACAlgorithm;
-typedef SSLSignType SSL3SignType;
-
-#define sign_null ssl_sign_null
-#define sign_rsa ssl_sign_rsa
-#define sign_dsa ssl_sign_dsa
-#define sign_ecdsa ssl_sign_ecdsa
-
-#define calg_null ssl_calg_null
-#define calg_rc4 ssl_calg_rc4
-#define calg_rc2 ssl_calg_rc2
-#define calg_des ssl_calg_des
-#define calg_3des ssl_calg_3des
-#define calg_idea ssl_calg_idea
-#define calg_fortezza ssl_calg_fortezza
-#define calg_aes ssl_calg_aes
-
-#define mac_null ssl_mac_null
-#define mac_md5 ssl_mac_md5
-#define mac_sha ssl_mac_sha
-#define hmac_md5 ssl_hmac_md5
-#define hmac_sha ssl_hmac_sha
-
-
-#if defined(DEBUG) || defined(TRACE)
-#ifdef __cplusplus
-#define Debug 1
-#else
-extern int Debug;
-#endif
-#else
-#undef Debug
-#endif
-#if defined(DEBUG)
-#define TRACE
-#endif
-
-#ifdef TRACE
-#define SSL_TRC(a,b) if (ssl_trace >= (a)) ssl_Trace b
-#define PRINT_BUF(a,b) if (ssl_trace >= (a)) ssl_PrintBuf b
-#define DUMP_MSG(a,b) if (ssl_trace >= (a)) ssl_DumpMsg b
-#else
-#define SSL_TRC(a,b)
-#define PRINT_BUF(a,b)
-#define DUMP_MSG(a,b)
-#endif
-
-#ifdef DEBUG
-#define SSL_DBG(b) if (ssl_debug) ssl_Trace b
-#else
-#define SSL_DBG(b)
-#endif
-
-#if defined (DEBUG)
-#ifdef macintosh
-#include "pprthred.h"
-#else
-#include "private/pprthred.h" /* for PR_InMonitor() */
-#endif
-#define ssl_InMonitor(m) PZ_InMonitor(m)
-#endif
-
-#define LSB(x) ((unsigned char) (x & 0xff))
-#define MSB(x) ((unsigned char) (((unsigned)(x)) >> 8))
-
-/************************************************************************/
-
-typedef enum { SSLAppOpRead = 0,
- SSLAppOpWrite,
- SSLAppOpRDWR,
- SSLAppOpPost,
- SSLAppOpHeader
-} SSLAppOperation;
-
-#define SSL_MIN_MASTER_KEY_BYTES 5
-#define SSL_MAX_MASTER_KEY_BYTES 64
-
-#define SSL2_SESSIONID_BYTES 16
-#define SSL3_SESSIONID_BYTES 32
-
-#define SSL_MIN_CHALLENGE_BYTES 16
-#define SSL_MAX_CHALLENGE_BYTES 32
-#define SSL_CHALLENGE_BYTES 16
-
-#define SSL_CONNECTIONID_BYTES 16
-
-#define SSL_MIN_CYPHER_ARG_BYTES 0
-#define SSL_MAX_CYPHER_ARG_BYTES 32
-
-#define SSL_MAX_MAC_BYTES 16
-
-/* number of wrap mechanisms potentially used to wrap master secrets. */
-#define SSL_NUM_WRAP_MECHS 13
-
-/* This makes the cert cache entry exactly 4k. */
-#define SSL_MAX_CACHED_CERT_LEN 4060
-
-#ifndef BPB
-#define BPB 8 /* Bits Per Byte */
-#endif
-
-typedef struct sslBufferStr sslBuffer;
-typedef struct sslConnectInfoStr sslConnectInfo;
-typedef struct sslGatherStr sslGather;
-typedef struct sslSecurityInfoStr sslSecurityInfo;
-typedef struct sslSessionIDStr sslSessionID;
-typedef struct sslSocketStr sslSocket;
-typedef struct sslSocketOpsStr sslSocketOps;
-
-typedef struct ssl3StateStr ssl3State;
-typedef struct ssl3CertNodeStr ssl3CertNode;
-typedef struct ssl3BulkCipherDefStr ssl3BulkCipherDef;
-typedef struct ssl3MACDefStr ssl3MACDef;
-typedef struct ssl3KeyPairStr ssl3KeyPair;
-
-struct ssl3CertNodeStr {
- struct ssl3CertNodeStr *next;
- CERTCertificate * cert;
-};
-
-typedef SECStatus (*sslHandshakeFunc)(sslSocket *ss);
-
-/* This type points to the low layer send func,
-** e.g. ssl2_SendStream or ssl3_SendPlainText.
-** These functions return the same values as PR_Send,
-** i.e. >= 0 means number of bytes sent, < 0 means error.
-*/
-typedef PRInt32 (*sslSendFunc)(sslSocket *ss, const unsigned char *buf,
- PRInt32 n, PRInt32 flags);
-
-typedef void (*sslSessionIDCacheFunc) (sslSessionID *sid);
-typedef void (*sslSessionIDUncacheFunc)(sslSessionID *sid);
-typedef sslSessionID *(*sslSessionIDLookupFunc)(const PRIPv6Addr *addr,
- unsigned char* sid,
- unsigned int sidLen,
- CERTCertDBHandle * dbHandle);
-
-
-/* Socket ops */
-struct sslSocketOpsStr {
- int (*connect) (sslSocket *, const PRNetAddr *);
- PRFileDesc *(*accept) (sslSocket *, PRNetAddr *);
- int (*bind) (sslSocket *, const PRNetAddr *);
- int (*listen) (sslSocket *, int);
- int (*shutdown)(sslSocket *, int);
- int (*close) (sslSocket *);
-
- int (*recv) (sslSocket *, unsigned char *, int, int);
-
- /* points to the higher-layer send func, e.g. ssl_SecureSend. */
- int (*send) (sslSocket *, const unsigned char *, int, int);
- int (*read) (sslSocket *, unsigned char *, int);
- int (*write) (sslSocket *, const unsigned char *, int);
-
- int (*getpeername)(sslSocket *, PRNetAddr *);
- int (*getsockname)(sslSocket *, PRNetAddr *);
-};
-
-/* Flags interpreted by ssl send functions. */
-#define ssl_SEND_FLAG_FORCE_INTO_BUFFER 0x40000000
-#define ssl_SEND_FLAG_NO_BUFFER 0x20000000
-#define ssl_SEND_FLAG_MASK 0x7f000000
-
-/*
-** A buffer object.
-*/
-struct sslBufferStr {
- unsigned char * buf;
- unsigned int len;
- unsigned int space;
-};
-
-/*
-** SSL3 cipher suite policy and preference struct.
-*/
-typedef struct {
-#if !defined(_WIN32)
- unsigned int cipher_suite : 16;
- unsigned int policy : 8;
- unsigned int enabled : 1;
- unsigned int isPresent : 1;
-#else
- ssl3CipherSuite cipher_suite;
- PRUint8 policy;
- unsigned char enabled : 1;
- unsigned char isPresent : 1;
-#endif
-} ssl3CipherSuiteCfg;
-
-#ifdef NSS_ENABLE_ECC
-#define ssl_V3_SUITES_IMPLEMENTED 40
-#else
-#define ssl_V3_SUITES_IMPLEMENTED 26
-#endif /* NSS_ENABLE_ECC */
-
-typedef struct sslOptionsStr {
- unsigned int useSecurity : 1; /* 1 */
- unsigned int useSocks : 1; /* 2 */
- unsigned int requestCertificate : 1; /* 3 */
- unsigned int requireCertificate : 2; /* 4-5 */
- unsigned int handshakeAsClient : 1; /* 6 */
- unsigned int handshakeAsServer : 1; /* 7 */
- unsigned int enableSSL2 : 1; /* 8 */
- unsigned int enableSSL3 : 1; /* 9 */
- unsigned int enableTLS : 1; /* 10 */
- unsigned int noCache : 1; /* 11 */
- unsigned int fdx : 1; /* 12 */
- unsigned int v2CompatibleHello : 1; /* 13 */
- unsigned int detectRollBack : 1; /* 14 */
-} sslOptions;
-
-typedef enum { sslHandshakingUndetermined = 0,
- sslHandshakingAsClient,
- sslHandshakingAsServer
-} sslHandshakingType;
-
-typedef struct sslServerCertsStr {
- /* Configuration state for server sockets */
- CERTCertificate * serverCert;
- CERTCertificateList * serverCertChain;
- SECKEYPrivateKey * serverKey;
- unsigned int serverKeyBits;
-} sslServerCerts;
-
-
-#define SSL_LOCK_RANK_SPEC 255
-#define SSL_LOCK_RANK_GLOBAL NSS_RWLOCK_RANK_NONE
-
-/* These are the valid values for shutdownHow.
-** These values are each 1 greater than the NSPR values, and the code
-** depends on that relation to efficiently convert PR_SHUTDOWN values
-** into ssl_SHUTDOWN values. These values use one bit for read, and
-** another bit for write, and can be used as bitmasks.
-*/
-#define ssl_SHUTDOWN_NONE 0 /* NOT shutdown at all */
-#define ssl_SHUTDOWN_RCV 1 /* PR_SHUTDOWN_RCV +1 */
-#define ssl_SHUTDOWN_SEND 2 /* PR_SHUTDOWN_SEND +1 */
-#define ssl_SHUTDOWN_BOTH 3 /* PR_SHUTDOWN_BOTH +1 */
-
-/*
-** A gather object. Used to read some data until a count has been
-** satisfied. Primarily for support of async sockets.
-** Everything in here is protected by the recvBufLock.
-*/
-struct sslGatherStr {
- int state; /* see GS_ values below. */ /* ssl 2 & 3 */
-
- /* "buf" holds received plaintext SSL records, after decrypt and MAC check.
- * SSL2: recv'd ciphertext records are put here, then decrypted in place.
- * SSL3: recv'd ciphertext records are put in inbuf (see below), then
- * decrypted into buf.
- */
- sslBuffer buf; /*recvBufLock*/ /* ssl 2 & 3 */
-
- /* number of bytes previously read into hdr or buf(ssl2) or inbuf (ssl3).
- ** (offset - writeOffset) is the number of ciphertext bytes read in but
- ** not yet deciphered.
- */
- unsigned int offset; /* ssl 2 & 3 */
-
- /* number of bytes to read in next call to ssl_DefRecv (recv) */
- unsigned int remainder; /* ssl 2 & 3 */
-
- /* Number of ciphertext bytes to read in after 2-byte SSL record header. */
- unsigned int count; /* ssl2 only */
-
- /* size of the final plaintext record.
- ** == count - (recordPadding + MAC size)
- */
- unsigned int recordLen; /* ssl2 only */
-
- /* number of bytes of padding to be removed after decrypting. */
- /* This value is taken from the record's hdr[2], which means a too large
- * value could crash us.
- */
- unsigned int recordPadding; /* ssl2 only */
-
- /* plaintext DATA begins this many bytes into "buf". */
- unsigned int recordOffset; /* ssl2 only */
-
- int encrypted; /* SSL2 session is now encrypted. ssl2 only */
-
- /* These next two values are used by SSL2 and SSL3.
- ** DoRecv uses them to extract application data.
- ** The difference between writeOffset and readOffset is the amount of
- ** data available to the application. Note that the actual offset of
- ** the data in "buf" is recordOffset (above), not readOffset.
- ** In the current implementation, this is made available before the
- ** MAC is checked!!
- */
- unsigned int readOffset; /* Spot where DATA reader (e.g. application
- ** or handshake code) will read next.
- ** Always zero for SSl3 application data.
- */
- /* offset in buf/inbuf/hdr into which new data will be read from socket. */
- unsigned int writeOffset;
-
- /* Buffer for ssl3 to read (encrypted) data from the socket */
- sslBuffer inbuf; /*recvBufLock*/ /* ssl3 only */
-
- /* The ssl[23]_GatherData functions read data into this buffer, rather
- ** than into buf or inbuf, while in the GS_HEADER state.
- ** The portion of the SSL record header put here always comes off the wire
- ** as plaintext, never ciphertext.
- ** For SSL2, the plaintext portion is two bytes long. For SSl3 it is 5.
- */
- unsigned char hdr[5]; /* ssl 2 & 3 */
-};
-
-/* sslGather.state */
-#define GS_INIT 0
-#define GS_HEADER 1
-#define GS_MAC 2
-#define GS_DATA 3
-#define GS_PAD 4
-
-typedef SECStatus (*SSLCipher)(void * context,
- unsigned char * out,
- int * outlen,
- int maxout,
- const unsigned char *in,
- int inlen);
-typedef SECStatus (*SSLDestroy)(void *context, PRBool freeit);
-
-
-
-/*
-** ssl3State and CipherSpec structs
-*/
-
-/* The SSL bulk cipher definition */
-typedef enum {
- cipher_null,
- cipher_rc4,
- cipher_rc4_40,
- cipher_rc4_56,
- cipher_rc2,
- cipher_rc2_40,
- cipher_des,
- cipher_3des,
- cipher_des40,
- cipher_idea,
- cipher_fortezza,
- cipher_aes_128,
- cipher_aes_256,
- cipher_missing /* reserved for no such supported cipher */
- /* This enum must match ssl3_cipherName[] in ssl3con.c. */
-} SSL3BulkCipher;
-
-typedef enum { type_stream, type_block } CipherType;
-
-#define MAX_IV_LENGTH 64
-
-/*
- * Do not depend upon 64 bit arithmetic in the underlying machine.
- */
-typedef struct {
- uint32 high;
- uint32 low;
-} SSL3SequenceNumber;
-
-typedef struct {
- SSL3Opaque write_iv[MAX_IV_LENGTH];
- PK11SymKey *write_key;
- PK11SymKey *write_mac_key;
- PK11Context *write_mac_context;
-} ssl3KeyMaterial;
-
-typedef struct {
- SSL3Opaque wrapped_client_write_key[12]; /* wrapped with Ks */
- SSL3Opaque wrapped_server_write_key[12]; /* wrapped with Ks */
- SSL3Opaque client_write_iv [24];
- SSL3Opaque server_write_iv [24];
- SSL3Opaque wrapped_master_secret [48];
- PRUint16 wrapped_master_secret_len;
-} ssl3SidKeys;
-
-/*
-** These are the "specs" in the "ssl3" struct.
-** Access to the pointers to these specs, and all the specs' contents
-** (direct and indirect) is protected by the reader/writer lock ss->specLock.
-*/
-typedef struct {
- const ssl3BulkCipherDef *cipher_def;
- const ssl3MACDef * mac_def;
- int mac_size;
- SSLCipher encode;
- void * encodeContext;
- SSLCipher decode;
- void * decodeContext;
- SSLDestroy destroy;
- PK11SymKey * master_secret;
- ssl3KeyMaterial client;
- ssl3KeyMaterial server;
- SSL3SequenceNumber write_seq_num;
- SSL3SequenceNumber read_seq_num;
- SSL3ProtocolVersion version;
-} ssl3CipherSpec;
-
-typedef enum { never_cached,
- in_client_cache,
- in_server_cache,
- invalid_cache /* no longer in any cache. */
-} Cached;
-
-struct sslSessionIDStr {
- sslSessionID * next; /* chain used for client sockets, only */
-
- CERTCertificate * peerCert;
- const char * peerID; /* client only */
- const char * urlSvrName; /* client only */
- CERTCertificate * localCert;
-
- PRIPv6Addr addr;
- PRUint16 port;
-
- SSL3ProtocolVersion version;
-
- PRUint32 creationTime; /* seconds since Jan 1, 1970 */
- PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
- PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
- Cached cached;
- int references;
-
- SSLSignType authAlgorithm;
- PRUint32 authKeyBits;
- SSLKEAType keaType;
- PRUint32 keaKeyBits;
-
- union {
- struct {
- /* the V2 code depends upon the size of sessionID. */
- unsigned char sessionID[SSL2_SESSIONID_BYTES];
-
- /* Stuff used to recreate key and read/write cipher objects */
- SECItem masterKey;
- int cipherType;
- SECItem cipherArg;
- int keyBits;
- int secretKeyBits;
- } ssl2;
- struct {
- /* values that are copied into the server's on-disk SID cache. */
- uint8 sessionIDLength;
- SSL3Opaque sessionID[SSL3_SESSIONID_BYTES];
-
- ssl3CipherSuite cipherSuite;
- SSL3CompressionMethod compression;
- PRBool resumable;
- int policy;
- PRBool hasFortezza;
- ssl3SidKeys keys;
- CK_MECHANISM_TYPE masterWrapMech;
- /* mechanism used to wrap master secret */
- SSL3KEAType exchKeyType;
- /* key type used in exchange algorithm,
- * and to wrap the sym wrapping key. */
-
- /* The following values are NOT restored from the server's on-disk
- * session cache, but are restored from the client's cache.
- */
- PK11SymKey * clientWriteKey;
- PK11SymKey * serverWriteKey;
- PK11SymKey * tek;
-
- /* The following values pertain to the slot that wrapped the
- ** master secret. (used only in client)
- */
- SECMODModuleID masterModuleID;
- /* what module wrapped the master secret */
- CK_SLOT_ID masterSlotID;
- PRUint16 masterWrapIndex;
- /* what's the key index for the wrapping key */
- PRUint16 masterWrapSeries;
- /* keep track of the slot series, so we don't
- * accidently try to use new keys after the
- * card gets removed and replaced.*/
-
- /* The following values pertain to the slot that did the signature
- ** for client auth. (used only in client)
- */
- SECMODModuleID clAuthModuleID;
- CK_SLOT_ID clAuthSlotID;
- PRUint16 clAuthSeries;
-
- char masterValid;
- char clAuthValid;
-
- /* the following values are used only in the client, and only
- * with fortezza.
- */
- SSL3Opaque clientWriteSave[80];
- int clientWriteSaveLen;
- } ssl3;
- } u;
-};
-
-
-typedef struct ssl3CipherSuiteDefStr {
- ssl3CipherSuite cipher_suite;
- SSL3BulkCipher bulk_cipher_alg;
- SSL3MACAlgorithm mac_alg;
- SSL3KeyExchangeAlgorithm key_exchange_alg;
-} ssl3CipherSuiteDef;
-
-/*
-** There are tables of these, all const.
-*/
-typedef struct {
- SSL3KeyExchangeAlgorithm kea;
- SSL3KEAType exchKeyType;
- SSL3SignType signKeyType;
- PRBool is_limited;
- int key_size_limit;
- PRBool tls_keygen;
-} ssl3KEADef;
-
-typedef enum { kg_null, kg_strong, kg_export } SSL3KeyGenMode;
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3BulkCipherDefStr {
- SSL3BulkCipher cipher;
- SSLCipherAlgorithm calg;
- int key_size;
- int secret_key_size;
- CipherType type;
- int iv_size;
- int block_size;
- SSL3KeyGenMode keygen_mode;
-};
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3MACDefStr {
- SSL3MACAlgorithm mac;
- CK_MECHANISM_TYPE mmech;
- int pad_size;
- int mac_size;
-};
-
-typedef enum {
- wait_client_hello,
- wait_client_cert,
- wait_client_key,
- wait_cert_verify,
- wait_change_cipher,
- wait_finished,
- wait_server_hello,
- wait_server_cert,
- wait_server_key,
- wait_cert_request,
- wait_hello_done,
- idle_handshake
-} SSL3WaitState;
-
-/*
-** This is the "hs" member of the "ssl3" struct.
-** This entire struct is protected by ssl3HandshakeLock
-*/
-typedef struct SSL3HandshakeStateStr {
- SSL3Random server_random;
- SSL3Random client_random;
- SSL3WaitState ws;
- PK11Context * md5; /* handshake running hashes */
- PK11Context * sha;
-const ssl3KEADef * kea_def;
- ssl3CipherSuite cipher_suite;
-const ssl3CipherSuiteDef *suite_def;
- SSL3CompressionMethod compression;
- sslBuffer msg_body; /* protected by recvBufLock */
- /* partial handshake message from record layer */
- unsigned int header_bytes;
- /* number of bytes consumed from handshake */
- /* message for message type and header length */
- SSL3HandshakeType msg_type;
- unsigned long msg_len;
- SECItem ca_list; /* used only by client */
- PRBool isResuming; /* are we resuming a session */
- PRBool rehandshake; /* immediately start another handshake
- * when this one finishes */
- PRBool usedStepDownKey; /* we did a server key exchange. */
- sslBuffer msgState; /* current state for handshake messages*/
- /* protected by recvBufLock */
-} SSL3HandshakeState;
-
-struct SSL3FortezzaKEAParamsStr {
- unsigned char R_s[128]; /* server's "random" public key */
- PK11SymKey * tek;
-};
-
-typedef struct SSL3FortezzaKEAParamsStr SSL3FortezzaKEAParams;
-
-/*
-** This is the "ssl3" struct, as in "ss->ssl3".
-** note:
-** usually, crSpec == cwSpec and prSpec == pwSpec.
-** Sometimes, crSpec == pwSpec and prSpec == cwSpec.
-** But there are never more than 2 actual specs.
-** No spec must ever be modified if either "current" pointer points to it.
-*/
-struct ssl3StateStr {
-
- /*
- ** The following Specs and Spec pointers must be protected using the
- ** Spec Lock.
- */
- ssl3CipherSpec * crSpec; /* current read spec. */
- ssl3CipherSpec * prSpec; /* pending read spec. */
- ssl3CipherSpec * cwSpec; /* current write spec. */
- ssl3CipherSpec * pwSpec; /* pending write spec. */
- ssl3CipherSpec specs[2]; /* one is current, one is pending. */
-
- SSL3HandshakeState hs;
-
- CERTCertificate * clientCertificate; /* used by client */
- SECKEYPrivateKey * clientPrivateKey; /* used by client */
- CERTCertificateList *clientCertChain; /* used by client */
- PRBool sendEmptyCert; /* used by client */
-
- int policy;
- /* This says what cipher suites we can do, and should
- * be either SSL_ALLOWED or SSL_RESTRICTED
- */
- PRArenaPool * peerCertArena;
- /* These are used to keep track of the peer CA */
- void * peerCertChain;
- /* chain while we are trying to validate it. */
- CERTDistNames * ca_list;
- /* used by server. trusted CAs for this socket. */
- SSL3FortezzaKEAParams fortezza;
-};
-
-typedef struct {
- SSL3ContentType type;
- SSL3ProtocolVersion version;
- sslBuffer * buf;
-} SSL3Ciphertext;
-
-struct ssl3KeyPairStr {
- SECKEYPrivateKey * privKey; /* RSA step down key */
- SECKEYPublicKey * pubKey; /* RSA step down key */
- PRInt32 refCount; /* use PR_Atomic calls for this. */
-};
-
-typedef struct SSLWrappedSymWrappingKeyStr {
- SSL3Opaque wrappedSymmetricWrappingkey[512];
- SSL3Opaque wrapIV[24];
- CK_MECHANISM_TYPE symWrapMechanism;
- /* unwrapped symmetric wrapping key uses this mechanism */
- CK_MECHANISM_TYPE asymWrapMechanism;
- /* mechanism used to wrap the SymmetricWrappingKey using
- * server's public and/or private keys. */
- SSL3KEAType exchKeyType; /* type of keys used to wrap SymWrapKey*/
- PRInt32 symWrapMechIndex;
- PRUint16 wrappedSymKeyLen;
- PRUint16 wrapIVLen;
-} SSLWrappedSymWrappingKey;
-
-
-
-
-
-
-
-
-
-
-/*
- * SSL2 buffers used in SSL3.
- * writeBuf in the SecurityInfo maintained by sslsecur.c is used
- * to hold the data just about to be passed to the kernel
- * sendBuf in the ConnectInfo maintained by sslcon.c is used
- * to hold handshake messages as they are accumulated
- */
-
-/*
-** This is "ci", as in "ss->sec->ci".
-**
-** Protection: All the variables in here are protected by
-** firstHandshakeLock AND (in ssl3) ssl3HandshakeLock
-*/
-struct sslConnectInfoStr {
- /* outgoing handshakes appended to this. */
- sslBuffer sendBuf; /*xmitBufLock*/ /* ssl 2 & 3 */
-
- PRIPv6Addr peer; /* ssl 2 & 3 */
- unsigned short port; /* ssl 2 & 3 */
-
- sslSessionID *sid; /* ssl 2 & 3 */
-
- /* see CIS_HAVE defines below for the bit values in *elements. */
- char elements; /* ssl2 only */
- char requiredElements; /* ssl2 only */
- char sentElements; /* ssl2 only */
-
- char sentFinished; /* ssl2 only */
-
- /* Length of server challenge. Used by client when saving challenge */
- int serverChallengeLen; /* ssl2 only */
- /* type of authentication requested by server */
- unsigned char authType; /* ssl2 only */
-
- /* Challenge sent by client to server in client-hello message */
- /* SSL3 gets a copy of this. See ssl3_StartHandshakeHash(). */
- unsigned char clientChallenge[SSL_MAX_CHALLENGE_BYTES]; /* ssl 2 & 3 */
-
- /* Connection-id sent by server to client in server-hello message */
- unsigned char connectionID[SSL_CONNECTIONID_BYTES]; /* ssl2 only */
-
- /* Challenge sent by server to client in request-certificate message */
- unsigned char serverChallenge[SSL_MAX_CHALLENGE_BYTES]; /* ssl2 only */
-
- /* Information kept to handle a request-certificate message */
- unsigned char readKey[SSL_MAX_MASTER_KEY_BYTES]; /* ssl2 only */
- unsigned char writeKey[SSL_MAX_MASTER_KEY_BYTES]; /* ssl2 only */
- unsigned keySize; /* ssl2 only */
-};
-
-/* bit values for ci->elements, ci->requiredElements, sentElements. */
-#define CIS_HAVE_MASTER_KEY 0x01
-#define CIS_HAVE_CERTIFICATE 0x02
-#define CIS_HAVE_FINISHED 0x04
-#define CIS_HAVE_VERIFY 0x08
-
-/* Note: The entire content of this struct and whatever it points to gets
- * blown away by SSL_ResetHandshake(). This is "sec" as in "ss->sec".
- *
- * Unless otherwise specified below, the contents of this struct are
- * protected by firstHandshakeLock AND (in ssl3) ssl3HandshakeLock.
- */
-struct sslSecurityInfoStr {
- sslSendFunc send; /*xmitBufLock*/ /* ssl 2 & 3 */
- int isServer; /* Spec Lock?*/ /* ssl 2 & 3 */
- sslBuffer writeBuf; /*xmitBufLock*/ /* ssl 2 & 3 */
-
- int cipherType; /* ssl 2 & 3 */
- int keyBits; /* ssl 2 & 3 */
- int secretKeyBits; /* ssl 2 & 3 */
- CERTCertificate *localCert; /* ssl 2 & 3 */
- CERTCertificate *peerCert; /* ssl 2 & 3 */
- SECKEYPublicKey *peerKey; /* ssl3 only */
-
- SSLSignType authAlgorithm;
- PRUint32 authKeyBits;
- SSLKEAType keaType;
- PRUint32 keaKeyBits;
-
- /*
- ** Procs used for SID cache (nonce) management.
- ** Different implementations exist for clients/servers
- ** The lookup proc is only used for servers. Baloney!
- */
- sslSessionIDCacheFunc cache; /* ssl 2 & 3 */
- sslSessionIDUncacheFunc uncache; /* ssl 2 & 3 */
-
- /*
- ** everything below here is for ssl2 only.
- ** This stuff is equivalent to SSL3's "spec", and is protected by the
- ** same "Spec Lock" as used for SSL3's specs.
- */
- uint32 sendSequence; /*xmitBufLock*/ /* ssl2 only */
- uint32 rcvSequence; /*recvBufLock*/ /* ssl2 only */
-
- /* Hash information; used for one-way-hash functions (MD2, MD5, etc.) */
- const SECHashObject *hash; /* Spec Lock */ /* ssl2 only */
- void *hashcx; /* Spec Lock */ /* ssl2 only */
-
- SECItem sendSecret; /* Spec Lock */ /* ssl2 only */
- SECItem rcvSecret; /* Spec Lock */ /* ssl2 only */
-
- /* Session cypher contexts; one for each direction */
- void *readcx; /* Spec Lock */ /* ssl2 only */
- void *writecx; /* Spec Lock */ /* ssl2 only */
- SSLCipher enc; /* Spec Lock */ /* ssl2 only */
- SSLCipher dec; /* Spec Lock */ /* ssl2 only */
- void (*destroy)(void *, PRBool); /* Spec Lock */ /* ssl2 only */
-
- /* Blocking information for the session cypher */
- int blockShift; /* Spec Lock */ /* ssl2 only */
- int blockSize; /* Spec Lock */ /* ssl2 only */
-
- /* These are used during a connection handshake */
- sslConnectInfo ci; /* ssl 2 & 3 */
-
-};
-
-
-/*
-** SSL Socket struct
-**
-** Protection: XXX
-*/
-struct sslSocketStr {
- PRFileDesc * fd;
-
- /* Pointer to operations vector for this socket */
- const sslSocketOps * ops;
-
- /* State flags */
- unsigned int useSocks : 1;
- unsigned int useSecurity : 1;
- unsigned int requestCertificate : 1;
- unsigned int requireCertificate : 2;
- unsigned int handshakeAsClient : 1;
- unsigned int handshakeAsServer : 1;
- unsigned int enableSSL2 : 1;
-
- unsigned int enableSSL3 : 1;
- unsigned int enableTLS : 1;
- unsigned int clientAuthRequested: 1;
- unsigned int noCache : 1;
- unsigned int fdx : 1; /* simultaneous R/W threads */
- unsigned int v2CompatibleHello : 1; /* Send v3+ client hello in v2 format */
- unsigned int detectRollBack : 1; /* Detect rollback to SSL v3 */
- unsigned int firstHsDone : 1; /* first handshake is complete. */
-
- unsigned int recvdCloseNotify : 1; /* received SSL EOF. */
- unsigned int lastWriteBlocked : 1;
- unsigned int TCPconnected : 1;
- unsigned int handshakeBegun : 1;
- unsigned int delayDisabled : 1; /* Nagle delay disabled */
-
- /* version of the protocol to use */
- SSL3ProtocolVersion version;
- SSL3ProtocolVersion clientHelloVersion; /* version sent in client hello. */
-
- sslSecurityInfo sec; /* not a pointer any more */
-
- /* protected by firstHandshakeLock AND (in ssl3) ssl3HandshakeLock. */
- const char *url; /* ssl 2 & 3 */
-
- /* Gather object used for gathering data */
- sslGather gs; /*recvBufLock*/
-
- sslHandshakeFunc handshake; /*firstHandshakeLock*/
- sslHandshakeFunc nextHandshake; /*firstHandshakeLock*/
- sslHandshakeFunc securityHandshake; /*firstHandshakeLock*/
-
- sslBuffer saveBuf; /*xmitBufLock*/
- sslBuffer pendingBuf; /*xmitBufLock*/
-
- /* the following variable is only used with socks or other proxies. */
- char * peerID; /* String uniquely identifies target server. */
-
- ssl3State * ssl3;
- unsigned char * cipherSpecs;
- unsigned int sizeCipherSpecs;
-const unsigned char * preferredCipher;
-
- /* Configuration state for server sockets */
- /* server cert and key for each KEA type */
- sslServerCerts serverCerts[kt_kea_size];
-
- ssl3KeyPair * stepDownKeyPair; /* RSA step down keys */
-
- /* Callbacks */
- SSLAuthCertificate authCertificate;
- void *authCertificateArg;
- SSLGetClientAuthData getClientAuthData;
- void *getClientAuthDataArg;
- SSLBadCertHandler handleBadCert;
- void *badCertArg;
- SSLHandshakeCallback handshakeCallback;
- void *handshakeCallbackData;
- void *pkcs11PinArg;
-
- PRIntervalTime rTimeout; /* timeout for NSPR I/O */
- PRIntervalTime wTimeout; /* timeout for NSPR I/O */
- PRIntervalTime cTimeout; /* timeout for NSPR I/O */
-
- PZLock * recvLock; /* lock against multiple reader threads. */
- PZLock * sendLock; /* lock against multiple sender threads. */
-
- PZMonitor * recvBufLock; /* locks low level recv buffers. */
- PZMonitor * xmitBufLock; /* locks low level xmit buffers. */
-
- /* Only one thread may operate on the socket until the initial handshake
- ** is complete. This Monitor ensures that. Since SSL2 handshake is
- ** only done once, this is also effectively the SSL2 handshake lock.
- */
- PZMonitor * firstHandshakeLock;
-
- /* This monitor protects the ssl3 handshake state machine data.
- ** Only one thread (reader or writer) may be in the ssl3 handshake state
- ** machine at any time. */
- PZMonitor * ssl3HandshakeLock;
-
- /* reader/writer lock, protects the secret data needed to encrypt and MAC
- ** outgoing records, and to decrypt and MAC check incoming ciphertext
- ** records. */
- NSSRWLock * specLock;
-
- /* handle to perm cert db (and implicitly to the temp cert db) used
- ** with this socket.
- */
- CERTCertDBHandle * dbHandle;
-
- PRThread * writerThread; /* thread holds SSL_LOCK_WRITER lock */
-
- PRUint16 shutdownHow; /* See ssl_SHUTDOWN defines below. */
-
- PRUint16 allowedByPolicy; /* copy of global policy bits. */
- PRUint16 maybeAllowedByPolicy; /* copy of global policy bits. */
- PRUint16 chosenPreference; /* SSL2 cipher preferences. */
-
- sslHandshakingType handshaking;
-
- ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED];
- ssl3KeyPair * ephemeralECDHKeyPair; /* for ECDHE-* handshake */
-};
-
-
-
-/* All the global data items declared here should be protected using the
-** ssl_global_data_lock, which is a reader/writer lock.
-*/
-extern NSSRWLock * ssl_global_data_lock;
-extern char ssl_debug;
-extern char ssl_trace;
-extern CERTDistNames * ssl3_server_ca_list;
-extern PRUint32 ssl_sid_timeout;
-extern PRUint32 ssl3_sid_timeout;
-extern PRBool ssl3_global_policy_some_restricted;
-
-extern const char * const ssl_cipherName[];
-extern const char * const ssl3_cipherName[];
-
-extern sslSessionIDLookupFunc ssl_sid_lookup;
-extern sslSessionIDCacheFunc ssl_sid_cache;
-extern sslSessionIDUncacheFunc ssl_sid_uncache;
-
-/************************************************************************/
-
-SEC_BEGIN_PROTOS
-
-/* Implementation of ops for default (non socks, non secure) case */
-extern int ssl_DefConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_DefAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr);
-extern int ssl_DefListen(sslSocket *ss, int backlog);
-extern int ssl_DefShutdown(sslSocket *ss, int how);
-extern int ssl_DefClose(sslSocket *ss);
-extern int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
-extern int ssl_DefSend(sslSocket *ss, const unsigned char *buf,
- int len, int flags);
-extern int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len);
-extern int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name);
-extern int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name);
-extern int ssl_DefGetsockopt(sslSocket *ss, PRSockOption optname,
- void *optval, PRInt32 *optlen);
-extern int ssl_DefSetsockopt(sslSocket *ss, PRSockOption optname,
- const void *optval, PRInt32 optlen);
-
-/* Implementation of ops for socks only case */
-extern int ssl_SocksConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SocksAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_SocksBind(sslSocket *ss, const PRNetAddr *addr);
-extern int ssl_SocksListen(sslSocket *ss, int backlog);
-extern int ssl_SocksGetsockname(sslSocket *ss, PRNetAddr *name);
-extern int ssl_SocksRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
-extern int ssl_SocksSend(sslSocket *ss, const unsigned char *buf,
- int len, int flags);
-extern int ssl_SocksRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_SocksWrite(sslSocket *ss, const unsigned char *buf, int len);
-
-/* Implementation of ops for secure only case */
-extern int ssl_SecureConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SecureAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_SecureRecv(sslSocket *ss, unsigned char *buf,
- int len, int flags);
-extern int ssl_SecureSend(sslSocket *ss, const unsigned char *buf,
- int len, int flags);
-extern int ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len);
-extern int ssl_SecureShutdown(sslSocket *ss, int how);
-extern int ssl_SecureClose(sslSocket *ss);
-
-/* Implementation of ops for secure socks case */
-extern int ssl_SecureSocksConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SecureSocksAccept(sslSocket *ss, PRNetAddr *addr);
-extern PRFileDesc *ssl_FindTop(sslSocket *ss);
-
-/* Gather funcs. */
-extern sslGather * ssl_NewGather(void);
-extern SECStatus ssl_InitGather(sslGather *gs);
-extern void ssl_DestroyGather(sslGather *gs);
-extern int ssl2_GatherData(sslSocket *ss, sslGather *gs, int flags);
-extern int ssl2_GatherRecord(sslSocket *ss, int flags);
-extern SECStatus ssl_GatherRecord1stHandshake(sslSocket *ss);
-
-extern SECStatus ssl2_HandleClientHelloMessage(sslSocket *ss);
-extern SECStatus ssl2_HandleServerHelloMessage(sslSocket *ss);
-extern int ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs,
- unsigned int count);
-
-extern SECStatus ssl_CreateSecurityInfo(sslSocket *ss);
-extern SECStatus ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os);
-extern void ssl_ResetSecurityInfo(sslSecurityInfo *sec);
-extern void ssl_DestroySecurityInfo(sslSecurityInfo *sec);
-
-extern sslSocket * ssl_DupSocket(sslSocket *old);
-
-extern void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *cp, int len);
-extern void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len);
-
-extern int ssl_SendSavedWriteData(sslSocket *ss, sslBuffer *buf,
- sslSendFunc fp);
-extern SECStatus ssl_SaveWriteData(sslSocket *ss, sslBuffer *buf,
- const void* p, unsigned int l);
-extern SECStatus ssl2_BeginClientHandshake(sslSocket *ss);
-extern SECStatus ssl2_BeginServerHandshake(sslSocket *ss);
-extern int ssl_Do1stHandshake(sslSocket *ss);
-
-extern SECStatus sslBuffer_Grow(sslBuffer *b, unsigned int newLen);
-
-extern void ssl2_UseClearSendFunc(sslSocket *ss);
-extern void ssl_ChooseSessionIDProcs(sslSecurityInfo *sec);
-
-extern sslSessionID *ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port,
- const char *peerID, const char *urlSvrName);
-extern void ssl_FreeSID(sslSessionID *sid);
-
-extern int ssl3_SendApplicationData(sslSocket *ss, const PRUint8 *in,
- int len, int flags);
-
-extern PRBool ssl_FdIsBlocking(PRFileDesc *fd);
-
-extern PRBool ssl_SocketIsBlocking(sslSocket *ss);
-
-extern void ssl_SetAlwaysBlock(sslSocket *ss);
-
-extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
-
-#define SSL_LOCK_READER(ss) if (ss->recvLock) PZ_Lock(ss->recvLock)
-#define SSL_UNLOCK_READER(ss) if (ss->recvLock) PZ_Unlock(ss->recvLock)
-#define SSL_LOCK_WRITER(ss) if (ss->sendLock) PZ_Lock(ss->sendLock)
-#define SSL_UNLOCK_WRITER(ss) if (ss->sendLock) PZ_Unlock(ss->sendLock)
-
-#define ssl_Get1stHandshakeLock(ss) PZ_EnterMonitor((ss)->firstHandshakeLock)
-#define ssl_Release1stHandshakeLock(ss) PZ_ExitMonitor((ss)->firstHandshakeLock)
-#define ssl_Have1stHandshakeLock(ss) PZ_InMonitor( (ss)->firstHandshakeLock)
-
-#define ssl_GetSSL3HandshakeLock(ss) PZ_EnterMonitor((ss)->ssl3HandshakeLock)
-#define ssl_ReleaseSSL3HandshakeLock(ss) PZ_ExitMonitor((ss)->ssl3HandshakeLock)
-#define ssl_HaveSSL3HandshakeLock(ss) PZ_InMonitor( (ss)->ssl3HandshakeLock)
-
-#define ssl_GetSpecReadLock(ss) NSSRWLock_LockRead( (ss)->specLock)
-#define ssl_ReleaseSpecReadLock(ss) NSSRWLock_UnlockRead( (ss)->specLock)
-
-#define ssl_GetSpecWriteLock(ss) NSSRWLock_LockWrite( (ss)->specLock)
-#define ssl_ReleaseSpecWriteLock(ss) NSSRWLock_UnlockWrite((ss)->specLock)
-#define ssl_HaveSpecWriteLock(ss) NSSRWLock_HaveWriteLock((ss)->specLock)
-
-#define ssl_GetRecvBufLock(ss) PZ_EnterMonitor((ss)->recvBufLock)
-#define ssl_ReleaseRecvBufLock(ss) PZ_ExitMonitor( (ss)->recvBufLock)
-#define ssl_HaveRecvBufLock(ss) PZ_InMonitor( (ss)->recvBufLock)
-
-#define ssl_GetXmitBufLock(ss) PZ_EnterMonitor((ss)->xmitBufLock)
-#define ssl_ReleaseXmitBufLock(ss) PZ_ExitMonitor( (ss)->xmitBufLock)
-#define ssl_HaveXmitBufLock(ss) PZ_InMonitor( (ss)->xmitBufLock)
-
-
-/* These functions are called from secnav, even though they're "private". */
-
-extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error);
-extern int SSL_RestartHandshakeAfterServerCert(struct sslSocketStr *ss);
-extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss,
- CERTCertificate *cert,
- SECKEYPrivateKey *key,
- CERTCertificateList *certChain);
-extern sslSocket *ssl_FindSocket(PRFileDesc *fd);
-extern void ssl_FreeSocket(struct sslSocketStr *ssl);
-extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level,
- SSL3AlertDescription desc);
-
-extern int ssl2_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key);
-
-extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key,
- CERTCertificateList *certChain);
-
-extern int ssl2_RestartHandshakeAfterServerCert(sslSocket *ss);
-extern int ssl3_RestartHandshakeAfterServerCert(sslSocket *ss);
-
-/*
- * for dealing with SSL 3.0 clients sending SSL 2.0 format hellos
- */
-extern SECStatus ssl3_HandleV2ClientHello(
- sslSocket *ss, unsigned char *buffer, int length);
-extern SECStatus ssl3_StartHandshakeHash(
- sslSocket *ss, unsigned char *buf, int length);
-
-/*
- * SSL3 specific routines
- */
-SECStatus ssl3_SendClientHello(sslSocket *ss);
-
-/*
- * input into the SSL3 machinery from the actualy network reading code
- */
-SECStatus ssl3_HandleRecord(
- sslSocket *ss, SSL3Ciphertext *cipher, sslBuffer *out);
-
-int ssl3_GatherAppDataRecord(sslSocket *ss, int flags);
-int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags);
-/*
- * When talking to export clients or using export cipher suites, servers
- * with public RSA keys larger than 512 bits need to use a 512-bit public
- * key, signed by the larger key. The smaller key is a "step down" key.
- * Generate that key pair and keep it around.
- */
-extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss);
-
-#ifdef NSS_ENABLE_ECC
-extern SECStatus ssl3_CreateECDHEphemeralKeys(sslSocket *ss);
-#endif /* NSS_ENABLE_ECC */
-
-extern SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool on);
-extern SECStatus ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *on);
-extern SECStatus ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled);
-extern SECStatus ssl2_CipherPrefGetDefault(PRInt32 which, PRBool *enabled);
-
-extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool on);
-extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *on);
-extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled);
-extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled);
-
-extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy);
-extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy);
-extern SECStatus ssl2_SetPolicy(PRInt32 which, PRInt32 policy);
-extern SECStatus ssl2_GetPolicy(PRInt32 which, PRInt32 *policy);
-
-extern void ssl2_InitSocketPolicy(sslSocket *ss);
-extern void ssl3_InitSocketPolicy(sslSocket *ss);
-
-extern SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss,
- unsigned char *cs, int *size);
-
-extern SECStatus ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache);
-
-extern void ssl3_DestroySSL3Info(ssl3State *ssl3);
-
-extern SECStatus ssl3_NegotiateVersion(sslSocket *ss,
- SSL3ProtocolVersion peerVersion);
-
-extern SECStatus ssl_GetPeerInfo(sslSocket *ss);
-
-/* Construct a new NSPR socket for the app to use */
-extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd);
-extern void ssl_FreePRSocket(PRFileDesc *fd);
-
-/* Internal config function so SSL2 can initialize the present state of
- * various ciphers */
-extern int ssl3_config_match_init(sslSocket *);
-
-
-/* Create a new ref counted key pair object from two keys. */
-extern ssl3KeyPair * ssl3_NewKeyPair( SECKEYPrivateKey * privKey,
- SECKEYPublicKey * pubKey);
-
-/* get a new reference (bump ref count) to an ssl3KeyPair. */
-extern ssl3KeyPair * ssl3_GetKeyPairRef(ssl3KeyPair * keyPair);
-
-/* Decrement keypair's ref count and free if zero. */
-extern void ssl3_FreeKeyPair(ssl3KeyPair * keyPair);
-
-/* calls for accessing wrapping keys across processes. */
-extern PRBool
-ssl_GetWrappingKey( PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk);
-
-/* The caller passes in the new value it wants
- * to set. This code tests the wrapped sym key entry in the file on disk.
- * If it is uninitialized, this function writes the caller's value into
- * the disk entry, and returns false.
- * Otherwise, it overwrites the caller's wswk with the value obtained from
- * the disk, and returns PR_TRUE.
- * This is all done while holding the locks/semaphores necessary to make
- * the operation atomic.
- */
-extern PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk);
-
-/* get rid of the symmetric wrapping key references. */
-extern SECStatus SSL3_ShutdownServerCache(void);
-
-/********************** misc calls *********************/
-
-extern int ssl_MapLowLevelError(int hiLevelError);
-
-extern PRUint32 ssl_Time(void);
-
-/* emulation of NSPR routines. */
-extern PRInt32
-ssl_EmulateAcceptRead( PRFileDesc * sd,
- PRFileDesc ** nd,
- PRNetAddr ** raddr,
- void * buf,
- PRInt32 amount,
- PRIntervalTime timeout);
-extern PRInt32
-ssl_EmulateTransmitFile( PRFileDesc * sd,
- PRFileDesc * fd,
- const void * headers,
- PRInt32 hlen,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout);
-extern PRInt32
-ssl_EmulateSendFile( PRFileDesc * sd,
- PRSendFileData * sfd,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout);
-
-#ifdef TRACE
-#define SSL_TRACE(msg) ssl_Trace msg
-#else
-#define SSL_TRACE(msg)
-#endif
-
-void ssl_Trace(const char *format, ...);
-
-SEC_END_PROTOS
-
-#ifdef XP_OS2_VACPP
-#include <process.h>
-#endif
-
-#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
-#define SSL_GETPID getpid
-#elif defined(_WIN32_WCE)
-#define SSL_GETPID GetCurrentProcessId
-#elif defined(WIN32)
-extern int __cdecl _getpid(void);
-#define SSL_GETPID _getpid
-#else
-#define SSL_GETPID() 0
-#endif
-
-#endif /* __sslimpl_h_ */
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
deleted file mode 100644
index 4186044a8..000000000
--- a/security/nss/lib/ssl/sslinfo.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-
-SECStatus
-SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
-{
- sslSocket * ss;
- SSLChannelInfo inf;
- sslSessionID * sid;
-
- if (!info || len < sizeof inf.length) {
- return SECSuccess;
- }
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- memset(&inf, 0, sizeof inf);
- inf.length = PR_MIN(sizeof inf, len);
-
- if (ss->useSecurity && ss->firstHsDone) {
- sid = ss->sec.ci.sid;
- inf.protocolVersion = ss->version;
- inf.authKeyBits = ss->sec.authKeyBits;
- inf.keaKeyBits = ss->sec.keaKeyBits;
- if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */
- inf.cipherSuite = ss->sec.cipherType | 0xff00;
- } else if (ss->ssl3) { /* SSL3 and TLS */
-
- /* XXX These should come from crSpec */
- inf.cipherSuite = ss->ssl3->hs.cipher_suite;
-#if 0
- /* misc */
- inf.isFIPS = (inf.symCipher == ssl_calg_des || inf.symCipher == ssl_calg_3des)
- && (inf.macAlgorithm == ssl_mac_sha || inf.macAlgorithm == ssl_hmac_sha)
- && (inf.protocolVersion > SSL_LIBRARY_VERSION_3_0 ||
- inf.cipherSuite >= 0xfef0);
-#endif
- }
- if (sid) {
- inf.creationTime = sid->creationTime;
- inf.lastAccessTime = sid->lastAccessTime;
- inf.expirationTime = sid->expirationTime;
- if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */
- inf.sessionIDLength = SSL2_SESSIONID_BYTES;
- memcpy(inf.sessionID, sid->u.ssl2.sessionID, SSL2_SESSIONID_BYTES);
- } else {
- unsigned int sidLen = sid->u.ssl3.sessionIDLength;
- sidLen = PR_MIN(sidLen, sizeof inf.sessionID);
- inf.sessionIDLength = sidLen;
- memcpy(inf.sessionID, sid->u.ssl3.sessionID, sidLen);
- }
- }
- }
-
- memcpy(info, &inf, inf.length);
-
- return SECSuccess;
-}
-
-#define kt_kea kt_fortezza
-#define calg_sj calg_fortezza
-
-#define CS(x) x, #x
-#define CK(x) x | 0xff00, #x
-
-#define S_DSA "DSA", ssl_auth_dsa
-#define S_RSA "RSA", ssl_auth_rsa
-#define S_KEA "KEA", ssl_auth_kea
-#define S_ECDSA "ECDSA", ssl_auth_ecdsa
-
-#define K_DHE "DHE", kt_dh
-#define K_RSA "RSA", kt_rsa
-#define K_KEA "KEA", kt_kea
-#define K_ECDH "ECDH", kt_ecdh
-#define K_ECDHE "ECDHE", kt_ecdh
-
-#define C_AES "AES", calg_aes
-#define C_RC4 "RC4", calg_rc4
-#define C_RC2 "RC2", calg_rc2
-#define C_DES "DES", calg_des
-#define C_3DES "3DES", calg_3des
-#define C_NULL "NULL", calg_null
-#define C_SJ "SKIPJACK", calg_sj
-
-#define B_256 256, 256, 256
-#define B_128 128, 128, 128
-#define B_3DES 192, 156, 112
-#define B_SJ 96, 80, 80
-#define B_DES 64, 56, 56
-#define B_56 128, 56, 56
-#define B_40 128, 40, 40
-#define B_0 0, 0, 0
-
-#define M_SHA "SHA1", ssl_mac_sha, 160
-#define M_MD5 "MD5", ssl_mac_md5, 128
-
-static const SSLCipherSuiteInfo suiteInfo[] = {
-/* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */
-{0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, 0, 0, 0, },
-{0,CS(TLS_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, 0, 0, 0, },
-
-{0,CS(SSL_FORTEZZA_DMS_WITH_RC4_128_SHA), S_KEA, K_KEA, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, 0, 0, 0, },
-{0,CS(SSL_RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, 0, 0, },
-{0,CS(SSL_RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_RSA, C_AES, B_128, M_SHA, 0, 0, 0, },
-
-{0,CS(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_DHE, C_3DES,B_3DES,M_SHA, 0, 0, 0, },
-{0,CS(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA), S_DSA, K_DHE, C_3DES,B_3DES,M_SHA, 0, 0, 0, },
-{0,CS(SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, 0, 1, },
-{0,CS(SSL_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, 0, 0, },
-
-{0,CS(SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),S_KEA, K_KEA, C_SJ, B_SJ, M_SHA, 1, 0, 0, },
-{0,CS(SSL_DHE_RSA_WITH_DES_CBC_SHA), S_RSA, K_DHE, C_DES, B_DES, M_SHA, 0, 0, 0, },
-{0,CS(SSL_DHE_DSS_WITH_DES_CBC_SHA), S_DSA, K_DHE, C_DES, B_DES, M_SHA, 0, 0, 0, },
-{0,CS(SSL_RSA_FIPS_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, 0, 1, },
-{0,CS(SSL_RSA_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, 0, 0, },
-
-{0,CS(TLS_RSA_EXPORT1024_WITH_RC4_56_SHA), S_RSA, K_RSA, C_RC4, B_56, M_SHA, 0, 1, 0, },
-{0,CS(TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, 1, 0, },
-{0,CS(SSL_RSA_EXPORT_WITH_RC4_40_MD5), S_RSA, K_RSA, C_RC4, B_40, M_MD5, 0, 1, 0, },
-{0,CS(SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5), S_RSA, K_RSA, C_RC2, B_40, M_MD5, 0, 1, 0, },
-{0,CS(SSL_FORTEZZA_DMS_WITH_NULL_SHA), S_KEA, K_KEA, C_NULL,B_0, M_SHA, 0, 1, 0, },
-{0,CS(SSL_RSA_WITH_NULL_SHA), S_RSA, K_RSA, C_NULL,B_0, M_SHA, 0, 1, 0, },
-{0,CS(SSL_RSA_WITH_NULL_MD5), S_RSA, K_RSA, C_NULL,B_0, M_MD5, 0, 1, 0, },
-
-#ifdef NSS_ENABLE_ECC
-/* ECC cipher suites */
-{0,CS(TLS_ECDH_ECDSA_WITH_NULL_SHA), S_ECDSA, K_ECDH, C_NULL, B_0, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_ECDSA_WITH_RC4_128_SHA), S_ECDSA, K_ECDH, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_ECDSA_WITH_DES_CBC_SHA), S_ECDSA, K_ECDH, C_DES, B_DES, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA), S_ECDSA, K_ECDH, C_3DES, B_3DES, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDH, C_AES, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA), S_ECDSA, K_ECDH, C_AES, B_256, M_SHA, 0, 0, 0, },
-
-{0,CS(TLS_ECDH_RSA_WITH_NULL_SHA), S_RSA, K_ECDH, C_NULL, B_0, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_RSA_WITH_RC4_128_SHA), S_RSA, K_ECDH, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_RSA_WITH_DES_CBC_SHA), S_RSA, K_ECDH, C_DES, B_DES, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_ECDH, C_3DES, B_3DES, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_ECDH, C_AES, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_ECDH, C_AES, B_256, M_SHA, 0, 0, 0, },
-
-{0,CS(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA, 0, 0, 0, },
-
-{0,CS(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_ECDHE, C_AES, B_128, M_SHA, 0, 0, 0, },
-#endif /* NSS_ENABLE_ECC */
-
-/* SSL 2 table */
-{0,CK(SSL_CK_RC4_128_WITH_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_RC2_128_CBC_WITH_MD5), S_RSA, K_RSA, C_RC2, B_128, M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_DES_192_EDE3_CBC_WITH_MD5), S_RSA, K_RSA, C_3DES,B_3DES,M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_DES_64_CBC_WITH_MD5), S_RSA, K_RSA, C_DES, B_DES, M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_RC4_128_EXPORT40_WITH_MD5), S_RSA, K_RSA, C_RC4, B_40, M_MD5, 0, 1, 0, },
-{0,CK(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5), S_RSA, K_RSA, C_RC2, B_40, M_MD5, 0, 1, 0, }
-};
-
-#define NUM_SUITEINFOS ((sizeof suiteInfo) / (sizeof suiteInfo[0]))
-
-
-SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite,
- SSLCipherSuiteInfo *info, PRUintn len)
-{
- unsigned int i;
-
- len = PR_MIN(len, sizeof suiteInfo[0]);
- if (!info || len < sizeof suiteInfo[0].length) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- for (i = 0; i < NUM_SUITEINFOS; i++) {
- if (suiteInfo[i].cipherSuite == cipherSuite) {
- memcpy(info, &suiteInfo[i], len);
- info->length = len;
- return SECSuccess;
- }
- }
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
-}
diff --git a/security/nss/lib/ssl/sslmutex.c b/security/nss/lib/ssl/sslmutex.c
deleted file mode 100644
index d877b074f..000000000
--- a/security/nss/lib/ssl/sslmutex.c
+++ /dev/null
@@ -1,664 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-/* This ifdef should match the one in sslsnce.c */
-#if (defined(XP_UNIX) || defined(XP_WIN32) || defined (XP_OS2) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-
-#include "sslmutex.h"
-#include "prerr.h"
-
-static SECStatus single_process_sslMutex_Init(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0 && pMutex->u.sslLock == 0 );
-
- pMutex->u.sslLock = PR_NewLock();
- if (!pMutex->u.sslLock) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Destroy(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0);
- PR_ASSERT(pMutex->u.sslLock!= 0);
- if (!pMutex->u.sslLock) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- PR_DestroyLock(pMutex->u.sslLock);
- return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Unlock(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0 );
- PR_ASSERT(pMutex->u.sslLock !=0);
- if (!pMutex->u.sslLock) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- PR_Unlock(pMutex->u.sslLock);
- return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Lock(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0);
- PR_ASSERT(pMutex->u.sslLock != 0 );
- if (!pMutex->u.sslLock) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- PR_Lock(pMutex->u.sslLock);
- return SECSuccess;
-}
-
-#if defined(LINUX) || defined(AIX) || defined(VMS) || defined(BEOS) || defined(BSDI) || defined(NETBSD) || defined(OPENBSD)
-
-#include <unistd.h>
-#include <fcntl.h>
-#include <string.h>
-#include <errno.h>
-#include "unix_err.h"
-#include "pratom.h"
-
-#define SSL_MUTEX_MAGIC 0xfeedfd
-#define NONBLOCKING_POSTS 1 /* maybe this is faster */
-
-#if NONBLOCKING_POSTS
-
-#ifndef FNONBLOCK
-#define FNONBLOCK O_NONBLOCK
-#endif
-
-static int
-setNonBlocking(int fd, int nonBlocking)
-{
- int flags;
- int err;
-
- flags = fcntl(fd, F_GETFL, 0);
- if (0 > flags)
- return flags;
- if (nonBlocking)
- flags |= FNONBLOCK;
- else
- flags &= ~FNONBLOCK;
- err = fcntl(fd, F_SETFL, flags);
- return err;
-}
-#endif
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- int err;
- PR_ASSERT(pMutex);
- pMutex->isMultiProcess = (PRBool)(shared != 0);
- if (!shared) {
- return single_process_sslMutex_Init(pMutex);
- }
- pMutex->u.pipeStr.mPipes[0] = -1;
- pMutex->u.pipeStr.mPipes[1] = -1;
- pMutex->u.pipeStr.mPipes[2] = -1;
- pMutex->u.pipeStr.nWaiters = 0;
-
- err = pipe(pMutex->u.pipeStr.mPipes);
- if (err) {
- return err;
- }
- /* close-on-exec is false by default */
- if (!shared) {
- err = fcntl(pMutex->u.pipeStr.mPipes[0], F_SETFD, FD_CLOEXEC);
- if (err)
- goto loser;
-
- err = fcntl(pMutex->u.pipeStr.mPipes[1], F_SETFD, FD_CLOEXEC);
- if (err)
- goto loser;
- }
-
-#if NONBLOCKING_POSTS
- err = setNonBlocking(pMutex->u.pipeStr.mPipes[1], 1);
- if (err)
- goto loser;
-#endif
-
- pMutex->u.pipeStr.mPipes[2] = SSL_MUTEX_MAGIC;
-
-#if defined(LINUX) && defined(i386)
- /* Pipe starts out empty */
- return SECSuccess;
-#else
- /* Pipe starts with one byte. */
- return sslMutex_Unlock(pMutex);
-#endif
-
-loser:
- nss_MD_unix_map_default_error(errno);
- close(pMutex->u.pipeStr.mPipes[0]);
- close(pMutex->u.pipeStr.mPipes[1]);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- close(pMutex->u.pipeStr.mPipes[0]);
- close(pMutex->u.pipeStr.mPipes[1]);
-
- pMutex->u.pipeStr.mPipes[0] = -1;
- pMutex->u.pipeStr.mPipes[1] = -1;
- pMutex->u.pipeStr.mPipes[2] = -1;
- pMutex->u.pipeStr.nWaiters = 0;
-
- return SECSuccess;
-}
-
-#if defined(LINUX) && defined(i386)
-/* No memory barrier needed for this platform */
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- PRInt32 oldValue;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- /* Do Memory Barrier here. */
- oldValue = PR_AtomicDecrement(&pMutex->u.pipeStr.nWaiters);
- if (oldValue > 1) {
- int cc;
- char c = 1;
- do {
- cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
- } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- PRInt32 oldValue;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- oldValue = PR_AtomicDecrement(&pMutex->u.pipeStr.nWaiters);
- /* Do Memory Barrier here. */
- if (oldValue > 0) {
- int cc;
- char c;
- do {
- cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
- } while (cc < 0 && errno == EINTR);
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-#else
-
-/* Using Atomic operations requires the use of a memory barrier instruction
-** on PowerPC, Sparc, and Alpha. NSPR's PR_Atomic functions do not perform
-** them, and NSPR does not provide a function that does them (e.g. PR_Barrier).
-** So, we don't use them on those platforms.
-*/
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- int cc;
- char c = 1;
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- do {
- cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
- } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- int cc;
- char c;
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
-
- do {
- cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
- } while (cc < 0 && errno == EINTR);
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-#endif
-
-#elif defined(WIN32)
-
-#include "win32err.h"
-
-/* on Windows, we need to find the optimal type of locking mechanism to use
- for the sslMutex.
-
- There are 3 cases :
- 1) single-process, use a PRLock, as for all other platforms
- 2) Win95 multi-process, use a Win32 mutex
- 3) on WINNT multi-process, use a PRLock + a Win32 mutex
-
-*/
-
-#ifdef WINNT
-
-SECStatus sslMutex_2LevelInit(sslMutex *sem)
-{
- /* the following adds a PRLock to sslMutex . This is done in each
- process of a multi-process server and is only needed on WINNT, if
- using fibers. We can't tell if native threads or fibers are used, so
- we always do it on WINNT
- */
- PR_ASSERT(sem);
- if (sem) {
- /* we need to reset the sslLock in the children or the single_process init
- function below will assert */
- sem->u.sslLock = NULL;
- }
- return single_process_sslMutex_Init(sem);
-}
-
-static SECStatus sslMutex_2LevelDestroy(sslMutex *sem)
-{
- return single_process_sslMutex_Destroy(sem);
-}
-
-#endif
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
-#ifdef WINNT
- SECStatus retvalue;
-#endif
- HANDLE hMutex;
- SECURITY_ATTRIBUTES attributes =
- { sizeof(SECURITY_ATTRIBUTES), NULL, TRUE };
-
- PR_ASSERT(pMutex != 0 && (pMutex->u.sslMutx == 0 ||
- pMutex->u.sslMutx == INVALID_HANDLE_VALUE) );
-
- pMutex->isMultiProcess = (PRBool)(shared != 0);
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Init(pMutex);
- }
-
-#ifdef WINNT
- /* we need a lock on WINNT for fibers in the parent process */
- retvalue = sslMutex_2LevelInit(pMutex);
- if (SECSuccess != retvalue)
- return SECFailure;
-#endif
-
- if (!pMutex || ((hMutex = pMutex->u.sslMutx) != 0 &&
- hMutex != INVALID_HANDLE_VALUE)) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- attributes.bInheritHandle = (shared ? TRUE : FALSE);
- hMutex = CreateMutex(&attributes, FALSE, NULL);
- if (hMutex == NULL) {
- hMutex = INVALID_HANDLE_VALUE;
- nss_MD_win32_map_default_error(GetLastError());
- return SECFailure;
- }
- pMutex->u.sslMutx = hMutex;
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- HANDLE hMutex;
- int rv;
- int retvalue = SECSuccess;
-
- PR_ASSERT(pMutex != 0);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
-
- /* multi-process mode */
-#ifdef WINNT
- /* on NT, get rid of the PRLock used for fibers within a process */
- retvalue = sslMutex_2LevelDestroy(pMutex);
-#endif
-
- PR_ASSERT( pMutex->u.sslMutx != 0 &&
- pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
- if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0
- || hMutex == INVALID_HANDLE_VALUE) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
-
- rv = CloseHandle(hMutex); /* ignore error */
- if (rv) {
- pMutex->u.sslMutx = hMutex = INVALID_HANDLE_VALUE;
- } else {
- nss_MD_win32_map_default_error(GetLastError());
- retvalue = SECFailure;
- }
- return retvalue;
-}
-
-int
-sslMutex_Unlock(sslMutex *pMutex)
-{
- BOOL success = FALSE;
- HANDLE hMutex;
-
- PR_ASSERT(pMutex != 0 );
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
-
- PR_ASSERT(pMutex->u.sslMutx != 0 &&
- pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
- if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 ||
- hMutex == INVALID_HANDLE_VALUE) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- success = ReleaseMutex(hMutex);
- if (!success) {
- nss_MD_win32_map_default_error(GetLastError());
- return SECFailure;
- }
-#ifdef WINNT
- return single_process_sslMutex_Unlock(pMutex);
- /* release PRLock for other fibers in the process */
-#else
- return SECSuccess;
-#endif
-}
-
-int
-sslMutex_Lock(sslMutex *pMutex)
-{
- HANDLE hMutex;
- DWORD event;
- DWORD lastError;
- SECStatus rv;
- SECStatus retvalue = SECSuccess;
- PR_ASSERT(pMutex != 0);
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
-#ifdef WINNT
- /* lock first to preserve from other threads/fibers
- in the same process */
- retvalue = single_process_sslMutex_Lock(pMutex);
-#endif
- PR_ASSERT(pMutex->u.sslMutx != 0 &&
- pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
- if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 ||
- hMutex == INVALID_HANDLE_VALUE) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure; /* what else ? */
- }
- /* acquire the mutex to be the only owner accross all other processes */
- event = WaitForSingleObject(hMutex, INFINITE);
- switch (event) {
- case WAIT_OBJECT_0:
- case WAIT_ABANDONED:
- rv = SECSuccess;
- break;
-
- case WAIT_TIMEOUT:
-#if defined(WAIT_IO_COMPLETION)
- case WAIT_IO_COMPLETION:
-#endif
- default: /* should never happen. nothing we can do. */
- PR_ASSERT(!("WaitForSingleObject returned invalid value."));
- PORT_SetError(PR_UNKNOWN_ERROR);
- rv = SECFailure;
- break;
-
- case WAIT_FAILED: /* failure returns this */
- rv = SECFailure;
- lastError = GetLastError(); /* for debugging */
- nss_MD_win32_map_default_error(lastError);
- break;
- }
-
- if (! (SECSuccess == retvalue && SECSuccess == rv)) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-#elif defined(XP_UNIX)
-
-#include <errno.h>
-#include "unix_err.h"
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- int rv;
- PR_ASSERT(pMutex);
- pMutex->isMultiProcess = (PRBool)(shared != 0);
- if (!shared) {
- return single_process_sslMutex_Init(pMutex);
- }
- do {
- rv = sem_init(&pMutex->u.sem, shared, 1);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- int rv;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
- do {
- rv = sem_destroy(&pMutex->u.sem);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- int rv;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
- do {
- rv = sem_post(&pMutex->u.sem);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- int rv;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
- do {
- rv = sem_wait(&pMutex->u.sem);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-#else
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- PR_ASSERT(pMutex);
- pMutex->isMultiProcess = (PRBool)(shared != 0);
- if (!shared) {
- return single_process_sslMutex_Init(pMutex);
- }
- PORT_Assert(!("sslMutex_Init not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- PR_ASSERT(pMutex);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
- PORT_Assert(!("sslMutex_Destroy not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- PR_ASSERT(pMutex);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
- PORT_Assert(!("sslMutex_Unlock not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- PR_ASSERT(pMutex);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
- PORT_Assert(!("sslMutex_Lock not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-#endif
-
-#endif
diff --git a/security/nss/lib/ssl/sslmutex.h b/security/nss/lib/ssl/sslmutex.h
deleted file mode 100644
index 97115782f..000000000
--- a/security/nss/lib/ssl/sslmutex.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#ifndef __SSLMUTEX_H_
-#define __SSLMUTEX_H_ 1
-
-/* What SSL really wants is portable process-shared unnamed mutexes in
- * shared memory, that have the property that if the process that holds
- * them dies, they are released automatically, and that (unlike fcntl
- * record locking) lock to the thread, not to the process.
- * NSPR doesn't provide that.
- * Windows has mutexes that meet that description, but they're not portable.
- * POSIX mutexes are not automatically released when the holder dies,
- * and other processes/threads cannot release the mutex on behalf of the
- * dead holder.
- * POSIX semaphores can be used to accomplish this on systems that implement
- * process-shared unnamed POSIX semaphores, because a watchdog thread can
- * discover and release semaphores that were held by a dead process.
- * On systems that do not support process-shared POSIX unnamed semaphores,
- * they can be emulated using pipes.
- * The performance cost of doing that is not yet measured.
- *
- * So, this API looks a lot like POSIX pthread mutexes.
- */
-
-#include "prtypes.h"
-#include "prlock.h"
-
-#if defined(WIN32)
-
-#include <wtypes.h>
-
-typedef struct
-{
- PRBool isMultiProcess;
-#ifdef WINNT
- /* on WINNT we need both the PRLock and the Win32 mutex for fibers */
- struct {
-#else
- union {
-#endif
- PRLock* sslLock;
- HANDLE sslMutx;
- } u;
-} sslMutex;
-
-typedef int sslPID;
-
-#elif defined(LINUX) || defined(AIX) || defined(VMS) || defined(BEOS) || defined(BSDI) || defined(NETBSD) || defined(OPENBSD)
-
-#include <sys/types.h>
-#include "prtypes.h"
-
-typedef struct {
- PRBool isMultiProcess;
- union {
- PRLock* sslLock;
- struct {
- int mPipes[3];
- PRInt32 nWaiters;
- } pipeStr;
- } u;
-} sslMutex;
-typedef pid_t sslPID;
-
-#elif defined(XP_UNIX) /* other types of Unix */
-
-#include <sys/types.h> /* for pid_t */
-#include <semaphore.h> /* for sem_t, and sem_* functions */
-
-typedef struct
-{
- PRBool isMultiProcess;
- union {
- PRLock* sslLock;
- sem_t sem;
- } u;
-} sslMutex;
-
-typedef pid_t sslPID;
-
-#else
-
-/* what platform is this ?? */
-
-typedef struct {
- PRBool isMultiProcess;
- union {
- PRLock* sslLock;
- /* include cross-process locking mechanism here */
- } u;
-} sslMutex;
-
-typedef int sslPID;
-
-#endif
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-extern SECStatus sslMutex_Init(sslMutex *sem, int shared);
-
-extern SECStatus sslMutex_Destroy(sslMutex *sem);
-
-extern SECStatus sslMutex_Unlock(sslMutex *sem);
-
-extern SECStatus sslMutex_Lock(sslMutex *sem);
-
-#ifdef WINNT
-
-extern SECStatus sslMutex_2LevelInit(sslMutex *sem);
-
-#endif
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
deleted file mode 100644
index ac79c6d66..000000000
--- a/security/nss/lib/ssl/sslnonce.c
+++ /dev/null
@@ -1,365 +0,0 @@
-/*
- * This file implements the CLIENT Session ID cache.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secitem.h"
-#include "ssl.h"
-
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "nssilock.h"
-#include "nsslocks.h"
-#if (defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-#include <time.h>
-#endif
-
-PRUint32 ssl_sid_timeout = 100;
-PRUint32 ssl3_sid_timeout = 86400L; /* 24 hours */
-
-static sslSessionID *cache;
-static PZLock * cacheLock;
-
-/* sids can be in one of 4 states:
- *
- * never_cached, created, but not yet put into cache.
- * in_client_cache, in the client cache's linked list.
- * in_server_cache, entry came from the server's cache file.
- * invalid_cache has been removed from the cache.
- */
-
-#define LOCK_CACHE lock_cache()
-#define UNLOCK_CACHE PZ_Unlock(cacheLock)
-
-static void
-lock_cache(void)
-{
- /* XXX Since the client session cache has no init function, we must
- * XXX init the cacheLock on the first call. Fix in NSS 3.0.
- */
- if (!cacheLock)
- nss_InitLock(&cacheLock, nssILockCache);
- PZ_Lock(cacheLock);
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * If the unreferenced sid is not in the cache, Free sid and its contents.
- */
-static void
-ssl_DestroySID(sslSessionID *sid)
-{
- SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached));
- PORT_Assert((sid->references == 0));
-
- if (sid->cached == in_client_cache)
- return; /* it will get taken care of next time cache is traversed. */
-
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE);
- SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE);
- }
- if (sid->peerID != NULL)
- PORT_Free((void *)sid->peerID); /* CONST */
-
- if (sid->urlSvrName != NULL)
- PORT_Free((void *)sid->urlSvrName); /* CONST */
-
- if ( sid->peerCert ) {
- CERT_DestroyCertificate(sid->peerCert);
- }
- if ( sid->localCert ) {
- CERT_DestroyCertificate(sid->localCert);
- }
-
- PORT_ZFree(sid, sizeof(sslSessionID));
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * Decrement reference count, and
- * free sid if ref count is zero, and sid is not in the cache.
- * Does NOT remove from the cache first.
- * If the sid is still in the cache, it is left there until next time
- * the cache list is traversed.
- */
-static void
-ssl_FreeLockedSID(sslSessionID *sid)
-{
- PORT_Assert(sid->references >= 1);
- if (--sid->references == 0) {
- ssl_DestroySID(sid);
- }
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * Decrement reference count, and
- * free sid if ref count is zero, and sid is not in the cache.
- * Does NOT remove from the cache first.
- * These locks are necessary because the sid _might_ be in the cache list.
- */
-void
-ssl_FreeSID(sslSessionID *sid)
-{
- LOCK_CACHE;
- ssl_FreeLockedSID(sid);
- UNLOCK_CACHE;
-}
-
-/************************************************************************/
-
-/*
-** Lookup sid entry in cache by Address, port, and peerID string.
-** If found, Increment reference count, and return pointer to caller.
-** If it has timed out or ref count is zero, remove from list and free it.
-*/
-
-sslSessionID *
-ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, const char *peerID,
- const char * urlSvrName)
-{
- sslSessionID **sidp;
- sslSessionID * sid;
- PRUint32 now;
-
- if (!urlSvrName)
- return NULL;
- now = ssl_Time();
- LOCK_CACHE;
- sidp = &cache;
- while ((sid = *sidp) != 0) {
- PORT_Assert(sid->cached == in_client_cache);
- PORT_Assert(sid->references >= 1);
-
- SSL_TRC(8, ("SSL: Lookup1: sid=0x%x", sid));
-
- if (sid->expirationTime < now || !sid->references) {
- /*
- ** This session-id timed out, or was orphaned.
- ** Don't even care who it belongs to, blow it out of our cache.
- */
- SSL_TRC(7, ("SSL: lookup1, throwing sid out, age=%d refs=%d",
- now - sid->creationTime, sid->references));
-
- *sidp = sid->next; /* delink it from the list. */
- sid->cached = invalid_cache; /* mark not on list. */
- if (!sid->references)
- ssl_DestroySID(sid);
- else
- ssl_FreeLockedSID(sid); /* drop ref count, free. */
-
- } else if (!memcmp(&sid->addr, addr, sizeof(PRIPv6Addr)) && /* server IP addr matches */
- (sid->port == port) && /* server port matches */
- /* proxy (peerID) matches */
- (((peerID == NULL) && (sid->peerID == NULL)) ||
- ((peerID != NULL) && (sid->peerID != NULL) &&
- PORT_Strcmp(sid->peerID, peerID) == 0)) &&
- /* is cacheable */
- (sid->version < SSL_LIBRARY_VERSION_3_0 ||
- sid->u.ssl3.resumable) &&
- /* server hostname matches. */
- (sid->urlSvrName != NULL) &&
- ((0 == PORT_Strcmp(urlSvrName, sid->urlSvrName)) ||
- ((sid->peerCert != NULL) && (SECSuccess ==
- CERT_VerifyCertName(sid->peerCert, urlSvrName))) )
- ) {
- /* Hit */
- sid->lastAccessTime = now;
- sid->references++;
- break;
- } else {
- sidp = &sid->next;
- }
- }
- UNLOCK_CACHE;
- return sid;
-}
-
-/*
-** Add an sid to the cache or return a previously cached entry to the cache.
-** Although this is static, it is called via ss->sec.cache().
-*/
-static void
-CacheSID(sslSessionID *sid)
-{
- PRUint32 expirationPeriod;
- SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
- "time=%x cached=%d",
- sid, sid->cached, sid->addr.pr_s6_addr32[0],
- sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2],
- sid->addr.pr_s6_addr32[3], sid->port, sid->creationTime,
- sid->cached));
-
- if (sid->cached == in_client_cache)
- return;
-
- /* XXX should be different trace for version 2 vs. version 3 */
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- expirationPeriod = ssl_sid_timeout;
- PRINT_BUF(8, (0, "sessionID:",
- sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID)));
- PRINT_BUF(8, (0, "masterKey:",
- sid->u.ssl2.masterKey.data, sid->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:",
- sid->u.ssl2.cipherArg.data, sid->u.ssl2.cipherArg.len));
- } else {
- if (sid->u.ssl3.sessionIDLength == 0)
- return;
- expirationPeriod = ssl3_sid_timeout;
- PRINT_BUF(8, (0, "sessionID:",
- sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength));
- }
- PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
- if (!sid->creationTime)
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- if (!sid->expirationTime)
- sid->expirationTime = sid->creationTime + expirationPeriod;
-
- /*
- * Put sid into the cache. Bump reference count to indicate that
- * cache is holding a reference. Uncache will reduce the cache
- * reference.
- */
- LOCK_CACHE;
- sid->references++;
- sid->cached = in_client_cache;
- sid->next = cache;
- cache = sid;
- UNLOCK_CACHE;
-}
-
-/*
- * If sid "zap" is in the cache,
- * removes sid from cache, and decrements reference count.
- * Caller must hold cache lock.
- */
-static void
-UncacheSID(sslSessionID *zap)
-{
- sslSessionID **sidp = &cache;
- sslSessionID *sid;
-
- if (zap->cached != in_client_cache) {
- return;
- }
-
- SSL_TRC(8,("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
- "time=%x cipher=%d",
- zap, zap->cached, zap->addr.pr_s6_addr32[0],
- zap->addr.pr_s6_addr32[1], zap->addr.pr_s6_addr32[2],
- zap->addr.pr_s6_addr32[3], zap->port, zap->creationTime,
- zap->u.ssl2.cipherType));
- if (zap->version < SSL_LIBRARY_VERSION_3_0) {
- PRINT_BUF(8, (0, "sessionID:",
- zap->u.ssl2.sessionID, sizeof(zap->u.ssl2.sessionID)));
- PRINT_BUF(8, (0, "masterKey:",
- zap->u.ssl2.masterKey.data, zap->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:",
- zap->u.ssl2.cipherArg.data, zap->u.ssl2.cipherArg.len));
- }
-
- /* See if it's in the cache, if so nuke it */
- while ((sid = *sidp) != 0) {
- if (sid == zap) {
- /*
- ** Bingo. Reduce reference count by one so that when
- ** everyone is done with the sid we can free it up.
- */
- *sidp = zap->next;
- zap->cached = invalid_cache;
- ssl_FreeLockedSID(zap);
- return;
- }
- sidp = &sid->next;
- }
-}
-
-/* If sid "zap" is in the cache,
- * removes sid from cache, and decrements reference count.
- * Although this function is static, it is called externally via
- * ss->sec.uncache().
- */
-static void
-LockAndUncacheSID(sslSessionID *zap)
-{
- LOCK_CACHE;
- UncacheSID(zap);
- UNLOCK_CACHE;
-
-}
-
-/* choose client or server cache functions for this sslsocket. */
-void
-ssl_ChooseSessionIDProcs(sslSecurityInfo *sec)
-{
- if (sec->isServer) {
- sec->cache = ssl_sid_cache;
- sec->uncache = ssl_sid_uncache;
- } else {
- sec->cache = CacheSID;
- sec->uncache = LockAndUncacheSID;
- }
-}
-
-/* wipe out the entire client session cache. */
-void
-SSL_ClearSessionCache(void)
-{
- LOCK_CACHE;
- while(cache != NULL)
- UncacheSID(cache);
- UNLOCK_CACHE;
-}
-
-/* returns an unsigned int containing the number of seconds in PR_Now() */
-PRUint32
-ssl_Time(void)
-{
- PRUint32 myTime;
-#if (defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
- myTime = time(NULL); /* accurate until the year 2038. */
-#else
- /* portable, but possibly slower */
- PRTime now;
- PRInt64 ll;
-
- now = PR_Now();
- LL_I2L(ll, 1000000L);
- LL_DIV(now, now, ll);
- LL_L2UI(myTime, now);
-#endif
- return myTime;
-}
-
diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h
deleted file mode 100644
index fe2dd55c5..000000000
--- a/security/nss/lib/ssl/sslproto.h
+++ /dev/null
@@ -1,199 +0,0 @@
-/*
- * Various and sundry protocol constants. DON'T CHANGE THESE. These values
- * are mostly defined by the SSL2, SSL3, or TLS protocol specifications.
- * Cipher kinds and ciphersuites are part of the public API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslproto_h_
-#define __sslproto_h_
-
-/* All versions less than 3_0 are treated as SSL version 2 */
-#define SSL_LIBRARY_VERSION_2 0x0002
-#define SSL_LIBRARY_VERSION_3_0 0x0300
-#define SSL_LIBRARY_VERSION_3_1_TLS 0x0301
-
-/* Header lengths of some of the messages */
-#define SSL_HL_ERROR_HBYTES 3
-#define SSL_HL_CLIENT_HELLO_HBYTES 9
-#define SSL_HL_CLIENT_MASTER_KEY_HBYTES 10
-#define SSL_HL_CLIENT_FINISHED_HBYTES 1
-#define SSL_HL_SERVER_HELLO_HBYTES 11
-#define SSL_HL_SERVER_VERIFY_HBYTES 1
-#define SSL_HL_SERVER_FINISHED_HBYTES 1
-#define SSL_HL_REQUEST_CERTIFICATE_HBYTES 2
-#define SSL_HL_CLIENT_CERTIFICATE_HBYTES 6
-
-/* Security handshake protocol codes */
-#define SSL_MT_ERROR 0
-#define SSL_MT_CLIENT_HELLO 1
-#define SSL_MT_CLIENT_MASTER_KEY 2
-#define SSL_MT_CLIENT_FINISHED 3
-#define SSL_MT_SERVER_HELLO 4
-#define SSL_MT_SERVER_VERIFY 5
-#define SSL_MT_SERVER_FINISHED 6
-#define SSL_MT_REQUEST_CERTIFICATE 7
-#define SSL_MT_CLIENT_CERTIFICATE 8
-
-/* Certificate types */
-#define SSL_CT_X509_CERTIFICATE 0x01
-#if 0 /* XXX Not implemented yet */
-#define SSL_PKCS6_CERTIFICATE 0x02
-#endif
-#define SSL_AT_MD5_WITH_RSA_ENCRYPTION 0x01
-
-/* Error codes */
-#define SSL_PE_NO_CYPHERS 0x0001
-#define SSL_PE_NO_CERTIFICATE 0x0002
-#define SSL_PE_BAD_CERTIFICATE 0x0004
-#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cypher kinds (not the spec version!) */
-#define SSL_CK_RC4_128_WITH_MD5 0x01
-#define SSL_CK_RC4_128_EXPORT40_WITH_MD5 0x02
-#define SSL_CK_RC2_128_CBC_WITH_MD5 0x03
-#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x04
-#define SSL_CK_IDEA_128_CBC_WITH_MD5 0x05
-#define SSL_CK_DES_64_CBC_WITH_MD5 0x06
-#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5 0x07
-
-/* Cipher enables. These are used only for SSL_EnableCipher
- * These values define the SSL2 suites, and do not colide with the
- * SSL3 Cipher suites defined below.
- */
-#define SSL_EN_RC4_128_WITH_MD5 0xFF01
-#define SSL_EN_RC4_128_EXPORT40_WITH_MD5 0xFF02
-#define SSL_EN_RC2_128_CBC_WITH_MD5 0xFF03
-#define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 0xFF04
-#define SSL_EN_IDEA_128_CBC_WITH_MD5 0xFF05
-#define SSL_EN_DES_64_CBC_WITH_MD5 0xFF06
-#define SSL_EN_DES_192_EDE3_CBC_WITH_MD5 0xFF07
-
-/* SSL v3 Cipher Suites */
-#define SSL_NULL_WITH_NULL_NULL 0x0000
-
-#define SSL_RSA_WITH_NULL_MD5 0x0001
-#define SSL_RSA_WITH_NULL_SHA 0x0002
-#define SSL_RSA_EXPORT_WITH_RC4_40_MD5 0x0003
-#define SSL_RSA_WITH_RC4_128_MD5 0x0004
-#define SSL_RSA_WITH_RC4_128_SHA 0x0005
-#define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006
-#define SSL_RSA_WITH_IDEA_CBC_SHA 0x0007
-#define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008
-#define SSL_RSA_WITH_DES_CBC_SHA 0x0009
-#define SSL_RSA_WITH_3DES_EDE_CBC_SHA 0x000a
-
-#define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000b
-#define SSL_DH_DSS_WITH_DES_CBC_SHA 0x000c
-#define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000d
-#define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000e
-#define SSL_DH_RSA_WITH_DES_CBC_SHA 0x000f
-#define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010
-
-#define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011
-#define SSL_DHE_DSS_WITH_DES_CBC_SHA 0x0012
-#define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013
-#define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014
-#define SSL_DHE_RSA_WITH_DES_CBC_SHA 0x0015
-#define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016
-
-#define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5 0x0017
-#define SSL_DH_ANON_WITH_RC4_128_MD5 0x0018
-#define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019
-#define SSL_DH_ANON_WITH_DES_CBC_SHA 0x001a
-#define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA 0x001b
-
-#define SSL_FORTEZZA_DMS_WITH_NULL_SHA 0x001c
-#define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA 0x001d
-#define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA 0x001e
-
-/* New TLS cipher suites */
-#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033
-#define TLS_DH_ANON_WITH_AES_128_CBC_SHA 0x0034
-
-#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039
-#define TLS_DH_ANON_WITH_AES_256_CBC_SHA 0x003A
-
-#define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x0062
-#define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA 0x0064
-
-#define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063
-#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065
-#define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066
-
-#ifdef NSS_ENABLE_ECC
-/* "Experimental" ECC cipher suites.
-** XXX These numbers might change before the current IETF draft
-** on ECC cipher suites for TLS becomes an RFC.
-*/
-#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0x0047
-#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0x0048
-#define TLS_ECDH_ECDSA_WITH_DES_CBC_SHA 0x0049
-#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0x004A
-#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x004B
-#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x004C
-
-#define TLS_ECDH_RSA_WITH_NULL_SHA 0x004D
-#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0x004E
-#define TLS_ECDH_RSA_WITH_DES_CBC_SHA 0x004F
-#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0x0050
-#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0051
-#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0052
-
-#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0077
-#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0078
-#endif /* NSS_ENABLE_ECC */
-
-/* Netscape "experimental" cipher suites. */
-#define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0
-#define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1
-
-/* New non-experimental openly spec'ed versions of those cipher suites. */
-#define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff
-#define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe
-
-#endif /* __sslproto_h_ */
diff --git a/security/nss/lib/ssl/sslreveal.c b/security/nss/lib/ssl/sslreveal.c
deleted file mode 100644
index 44ae47810..000000000
--- a/security/nss/lib/ssl/sslreveal.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Accessor functions for SSLSocket private members.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "certt.h"
-#include "sslimpl.h"
-
-/* given PRFileDesc, returns a copy of certificate associated with the socket
- * the caller should delete the cert when done with SSL_DestroyCertificate
- */
-CERTCertificate *
-SSL_RevealCert(PRFileDesc * fd)
-{
- CERTCertificate * cert = NULL;
- sslSocket * sslsocket = NULL;
-
- sslsocket = ssl_FindSocket(fd);
-
- /* CERT_DupCertificate increases reference count and returns pointer to
- * the same cert
- */
- if (sslsocket && sslsocket->sec.peerCert)
- cert = CERT_DupCertificate(sslsocket->sec.peerCert);
-
- return cert;
-}
-
-/* given PRFileDesc, returns a pointer to PinArg associated with the socket
- */
-void *
-SSL_RevealPinArg(PRFileDesc * fd)
-{
- sslSocket * sslsocket = NULL;
- void * PinArg = NULL;
-
- sslsocket = ssl_FindSocket(fd);
-
- /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
- if (sslsocket)
- PinArg = sslsocket->pkcs11PinArg;
-
- return PinArg;
-}
-
-
-/* given PRFileDesc, returns a pointer to the URL associated with the socket
- * the caller should free url when done
- */
-char *
-SSL_RevealURL(PRFileDesc * fd)
-{
- sslSocket * sslsocket = NULL;
- char * url = NULL;
-
- sslsocket = ssl_FindSocket(fd);
-
- if (sslsocket && sslsocket->url)
- url = PL_strdup(sslsocket->url);
-
- return url;
-}
-
diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c
deleted file mode 100644
index 110016a6a..000000000
--- a/security/nss/lib/ssl/sslsecur.c
+++ /dev/null
@@ -1,1283 +0,0 @@
-/*
- * Various SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "secitem.h"
-#include "keyhi.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "secoid.h" /* for SECOID_GetALgorithmTag */
-#include "pk11func.h" /* for PK11_GenerateRandom */
-
-#define MAX_BLOCK_CYPHER_SIZE 32
-
-#define TEST_FOR_FAILURE /* reminder */
-#define SET_ERROR_CODE /* reminder */
-
-/* Returns a SECStatus: SECSuccess or SECFailure, NOT SECWouldBlock.
- *
- * Currently, the list of functions called through ss->handshake is:
- *
- * In sslsocks.c:
- * SocksGatherRecord
- * SocksHandleReply
- * SocksStartGather
- *
- * In sslcon.c:
- * ssl_GatherRecord1stHandshake
- * ssl2_HandleClientSessionKeyMessage
- * ssl2_HandleMessage
- * ssl2_HandleVerifyMessage
- * ssl2_BeginClientHandshake
- * ssl2_BeginServerHandshake
- * ssl2_HandleClientHelloMessage
- * ssl2_HandleServerHelloMessage
- *
- * The ss->handshake function returns SECWouldBlock under these conditions:
- * 1. ssl_GatherRecord1stHandshake called ssl2_GatherData which read in
- * the beginning of an SSL v3 hello message and returned SECWouldBlock
- * to switch to SSL v3 handshake processing.
- *
- * 2. ssl2_HandleClientHelloMessage discovered version 3.0 in the incoming
- * v2 client hello msg, and called ssl3_HandleV2ClientHello which
- * returned SECWouldBlock.
- *
- * 3. SECWouldBlock was returned by one of the callback functions, via
- * one of these paths:
- * - ssl2_HandleMessage() -> ssl2_HandleRequestCertificate() -> ss->getClientAuthData()
- *
- * - ssl2_HandleServerHelloMessage() -> ss->handleBadCert()
- *
- * - ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() ->
- * ssl3_HandleRecord() -> ssl3_HandleHandshake() ->
- * ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificate() ->
- * ss->handleBadCert()
- *
- * - ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() ->
- * ssl3_HandleRecord() -> ssl3_HandleHandshake() ->
- * ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificateRequest() ->
- * ss->getClientAuthData()
- *
- * Called from: SSL_ForceHandshake (below),
- * ssl_SecureRecv (below) and
- * ssl_SecureSend (below)
- * from: WaitForResponse in sslsocks.c
- * ssl_SocksRecv in sslsocks.c
- * ssl_SocksSend in sslsocks.c
- *
- * Caller must hold the (write) handshakeLock.
- */
-int
-ssl_Do1stHandshake(sslSocket *ss)
-{
- int rv = SECSuccess;
- int loopCount = 0;
-
- do {
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( !ssl_HaveRecvBufLock(ss) );
- PORT_Assert( !ssl_HaveXmitBufLock(ss) );
-
- if (ss->handshake == 0) {
- /* Previous handshake finished. Switch to next one */
- ss->handshake = ss->nextHandshake;
- ss->nextHandshake = 0;
- }
- if (ss->handshake == 0) {
- /* Previous handshake finished. Switch to security handshake */
- ss->handshake = ss->securityHandshake;
- ss->securityHandshake = 0;
- }
- if (ss->handshake == 0) {
- ssl_GetRecvBufLock(ss);
- ss->gs.recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- SSL_TRC(3, ("%d: SSL[%d]: handshake is completed",
- SSL_GETPID(), ss->fd));
- /* call handshake callback for ssl v2 */
- /* for v3 this is done in ssl3_HandleFinished() */
- if ((ss->handshakeCallback != NULL) && /* has callback */
- (!ss->firstHsDone) && /* only first time */
- (ss->version < SSL_LIBRARY_VERSION_3_0)) { /* not ssl3 */
- ss->firstHsDone = PR_TRUE;
- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
- }
- ss->firstHsDone = PR_TRUE;
- ss->gs.writeOffset = 0;
- ss->gs.readOffset = 0;
- break;
- }
- rv = (*ss->handshake)(ss);
- ++loopCount;
- /* This code must continue to loop on SECWouldBlock,
- * or any positive value. See XXX_1 comments.
- */
- } while (rv != SECFailure); /* was (rv >= 0); XXX_1 */
-
- PORT_Assert( !ssl_HaveRecvBufLock(ss) );
- PORT_Assert( !ssl_HaveXmitBufLock(ss) );
-
- if (rv == SECWouldBlock) {
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
- * Handshake function that blocks. Used to force a
- * retry on a connection on the next read/write.
- */
-static SECStatus
-AlwaysBlock(sslSocket *ss)
-{
- PORT_SetError(PR_WOULD_BLOCK_ERROR); /* perhaps redundant. */
- return SECWouldBlock;
-}
-
-/*
- * set the initial handshake state machine to block
- */
-void
-ssl_SetAlwaysBlock(sslSocket *ss)
-{
- if (!ss->firstHsDone) {
- ss->handshake = AlwaysBlock;
- ss->nextHandshake = 0;
- }
-}
-
-/* Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
-{
- sslSocket *ss;
- SECStatus status;
- PRNetAddr addr;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in ResetHandshake", SSL_GETPID(), s));
- return SECFailure;
- }
-
- /* Don't waste my time */
- if (!ss->useSecurity)
- return SECSuccess;
-
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- /* Reset handshake state */
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- ss->firstHsDone = PR_FALSE;
- if ( asServer ) {
- ss->handshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
- } else {
- ss->handshake = ssl2_BeginClientHandshake;
- ss->handshaking = sslHandshakingAsClient;
- }
- ss->nextHandshake = 0;
- ss->securityHandshake = 0;
-
- ssl_GetRecvBufLock(ss);
- status = ssl_InitGather(&ss->gs);
- ssl_ReleaseRecvBufLock(ss);
-
- /*
- ** Blow away old security state and get a fresh setup.
- */
- ssl_GetXmitBufLock(ss);
- ssl_ResetSecurityInfo(&ss->sec);
- status = ssl_CreateSecurityInfo(ss);
- ssl_ReleaseXmitBufLock(ss);
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- if (!ss->TCPconnected)
- ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
-
- return status;
-}
-
-/* For SSLv2, does nothing but return an error.
-** For SSLv3, flushes SID cache entry (if requested),
-** and then starts new client hello or hello request.
-** Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if (!ss->useSecurity)
- return SECSuccess;
-
- ssl_Get1stHandshakeLock(ss);
-
- /* SSL v2 protocol does not support subsequent handshakes. */
- if (ss->version < SSL_LIBRARY_VERSION_3_0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- } else {
- ssl_GetSSL3HandshakeLock(ss);
- rv = ssl3_RedoHandshake(ss, flushCache); /* force full handshake. */
- ssl_ReleaseSSL3HandshakeLock(ss);
- }
-
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-SECStatus
-SSL_RedoHandshake(PRFileDesc *fd)
-{
- return SSL_ReHandshake(fd, PR_TRUE);
-}
-
-/* Register an application callback to be called when SSL handshake completes.
-** Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
- void *client_data)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if (!ss->useSecurity) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- ss->handshakeCallback = cb;
- ss->handshakeCallbackData = client_data;
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- return SECSuccess;
-}
-
-/* Try to make progress on an SSL handshake by attempting to read the
-** next handshake from the peer, and sending any responses.
-** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK if it cannot
-** read the next handshake from the underlying socket.
-** For SSLv2, returns when handshake is complete or fatal error occurs.
-** For SSLv3, returns when handshake is complete, or application data has
-** arrived that must be taken by application before handshake can continue,
-** or a fatal error occurs.
-** Application should use handshake completion callback to tell which.
-*/
-SECStatus
-SSL_ForceHandshake(PRFileDesc *fd)
-{
- sslSocket *ss;
- SECStatus rv = SECFailure;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in ForceHandshake",
- SSL_GETPID(), fd));
- return rv;
- }
-
- /* Don't waste my time */
- if (!ss->useSecurity)
- return SECSuccess;
-
- ssl_Get1stHandshakeLock(ss);
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- int gatherResult;
-
- ssl_GetRecvBufLock(ss);
- gatherResult = ssl3_GatherCompleteHandshake(ss, 0);
- ssl_ReleaseRecvBufLock(ss);
- if (gatherResult > 0) {
- rv = SECSuccess;
- } else if (gatherResult == 0) {
- PORT_SetError(PR_END_OF_FILE_ERROR);
- } else if (gatherResult == SECWouldBlock) {
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- }
- } else if (!ss->firstHsDone) {
- rv = ssl_Do1stHandshake(ss);
- } else {
- /* tried to force handshake on an SSL 2 socket that has
- ** already completed the handshake. */
- rv = SECSuccess; /* just pretend we did it. */
- }
-
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Grow a buffer to hold newLen bytes of data.
-** Called for both recv buffers and xmit buffers.
-** Caller must hold xmitBufLock or recvBufLock, as appropriate.
-*/
-SECStatus
-sslBuffer_Grow(sslBuffer *b, unsigned int newLen)
-{
- if (newLen > b->space) {
- if (b->buf) {
- b->buf = (unsigned char *) PORT_Realloc(b->buf, newLen);
- } else {
- b->buf = (unsigned char *) PORT_Alloc(newLen);
- }
- if (!b->buf) {
- return SECFailure;
- }
- SSL_TRC(10, ("%d: SSL: grow buffer from %d to %d",
- SSL_GETPID(), b->space, newLen));
- b->space = newLen;
- }
- return SECSuccess;
-}
-
-/*
-** Save away write data that is trying to be written before the security
-** handshake has been completed. When the handshake is completed, we will
-** flush this data out.
-** Caller must hold xmitBufLock
-*/
-SECStatus
-ssl_SaveWriteData(sslSocket *ss, sslBuffer *buf, const void *data,
- unsigned int len)
-{
- unsigned int newlen;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
- newlen = buf->len + len;
- if (newlen > buf->space) {
- rv = sslBuffer_Grow(buf, newlen);
- if (rv) {
- return rv;
- }
- }
- SSL_TRC(5, ("%d: SSL[%d]: saving %d bytes of data (%d total saved so far)",
- SSL_GETPID(), ss->fd, len, newlen));
- PORT_Memcpy(buf->buf + buf->len, data, len);
- buf->len = newlen;
- return SECSuccess;
-}
-
-/*
-** Send saved write data. This will flush out data sent prior to a
-** complete security handshake. Hopefully there won't be too much of it.
-** Returns count of the bytes sent, NOT a SECStatus.
-** Caller must hold xmitBufLock
-*/
-int
-ssl_SendSavedWriteData(sslSocket *ss, sslBuffer *buf, sslSendFunc send)
-{
- int rv = 0;
- int len = buf->len;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
- if (len != 0) {
- SSL_TRC(5, ("%d: SSL[%d]: sending %d bytes of saved data",
- SSL_GETPID(), ss->fd, len));
- rv = (*send)(ss, buf->buf, len, 0);
- if (rv < 0) {
- return rv;
- }
- if (rv < len) {
- /* UGH !! This shifts the whole buffer down by copying it, and
- ** it depends on PORT_Memmove doing overlapping moves correctly!
- ** It should advance the pointer offset instead !!
- */
- PORT_Memmove(buf->buf, buf->buf + rv, len - rv);
- buf->len = len - rv;
- } else {
- buf->len = 0;
- }
- }
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Receive some application data on a socket. Reads SSL records from the input
-** stream, decrypts them and then copies them to the output buffer.
-** Called from ssl_SecureRecv() below.
-**
-** Caller does NOT hold 1stHandshakeLock because that handshake is over.
-** Caller doesn't call this until initial handshake is complete.
-** For SSLv2, there is no subsequent handshake.
-** For SSLv3, the call to ssl3_GatherAppDataRecord may encounter handshake
-** messages from a subsequent handshake.
-**
-** This code is similar to, and easily confused with,
-** ssl_GatherRecord1stHandshake() in sslcon.c
-*/
-static int
-DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
-{
- int rv;
- int amount;
- int available;
-
- ssl_GetRecvBufLock(ss);
-
- available = ss->gs.writeOffset - ss->gs.readOffset;
- if (available == 0) {
- /* Get some more data */
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- /* Wait for application data to arrive. */
- rv = ssl3_GatherAppDataRecord(ss, 0);
- } else {
- /* See if we have a complete record */
- rv = ssl2_GatherRecord(ss, 0);
- }
- if (rv <= 0) {
- if (rv == 0) {
- /* EOF */
- SSL_TRC(10, ("%d: SSL[%d]: ssl_recv EOF",
- SSL_GETPID(), ss->fd));
- goto done;
- }
- if ((rv != SECWouldBlock) &&
- (PR_GetError() != PR_WOULD_BLOCK_ERROR)) {
- /* Some random error */
- goto done;
- }
-
- /*
- ** Gather record is blocked waiting for more record data to
- ** arrive. Try to process what we have already received
- */
- } else {
- /* Gather record has finished getting a complete record */
- }
-
- /* See if any clear data is now available */
- available = ss->gs.writeOffset - ss->gs.readOffset;
- if (available == 0) {
- /*
- ** No partial data is available. Force error code to
- ** EWOULDBLOCK so that caller will try again later. Note
- ** that the error code is probably EWOULDBLOCK already,
- ** but if it isn't (for example, if we received a zero
- ** length record) then this will force it to be correct.
- */
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- rv = SECFailure;
- goto done;
- }
- SSL_TRC(30, ("%d: SSL[%d]: partial data ready, available=%d",
- SSL_GETPID(), ss->fd, available));
- }
-
- /* Dole out clear data to reader */
- amount = PR_MIN(len, available);
- PORT_Memcpy(out, ss->gs.buf.buf + ss->gs.readOffset, amount);
- if (!(flags & PR_MSG_PEEK)) {
- ss->gs.readOffset += amount;
- }
- rv = amount;
-
- SSL_TRC(30, ("%d: SSL[%d]: amount=%d available=%d",
- SSL_GETPID(), ss->fd, amount, available));
- PRINT_BUF(4, (ss, "DoRecv receiving plaintext:", out, amount));
-
-done:
- ssl_ReleaseRecvBufLock(ss);
- return rv;
-}
-
-/************************************************************************/
-
-SSLKEAType
-ssl_FindCertKEAType(CERTCertificate * cert)
-{
- SSLKEAType keaType = kt_null;
- int tag;
-
- if (!cert) goto loser;
-
- tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (tag) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keaType = kt_rsa;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- keaType = kt_fortezza;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- keaType = kt_dh;
- break;
- default:
- keaType = kt_null;
- }
-
- loser:
-
- return keaType;
-
-}
-
-
-/* XXX need to protect the data that gets changed here.!! */
-
-SECStatus
-SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert,
- SECKEYPrivateKey *key, SSL3KEAType kea)
-{
- SECStatus rv;
- sslSocket *ss;
- sslServerCerts *sc;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- return SECFailure;
- }
-
- /* Both key and cert must have a value or be NULL */
- /* Passing a value of NULL will turn off key exchange algorithms that were
- * previously turned on */
- if (!cert != !key) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* make sure the key exchange is recognized */
- if ((kea >= kt_kea_size) || (kea < kt_null)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
- }
-
- if (kea != ssl_FindCertKEAType(cert)) {
- PORT_SetError(SSL_ERROR_CERT_KEA_MISMATCH);
- return SECFailure;
- }
-
- sc = ss->serverCerts + kea;
- /* load the server certificate */
- if (sc->serverCert != NULL) {
- CERT_DestroyCertificate(sc->serverCert);
- sc->serverCert = NULL;
- }
- if (cert) {
- SECKEYPublicKey * pubKey;
- sc->serverCert = CERT_DupCertificate(cert);
- if (!sc->serverCert)
- goto loser;
- /* get the size of the cert's public key, and remember it */
- pubKey = CERT_ExtractPublicKey(cert);
- if (!pubKey)
- goto loser;
- sc->serverKeyBits = SECKEY_PublicKeyStrengthInBits(pubKey);
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
- }
-
-
- /* load the server cert chain */
- if (sc->serverCertChain != NULL) {
- CERT_DestroyCertificateList(sc->serverCertChain);
- sc->serverCertChain = NULL;
- }
- if (cert) {
- sc->serverCertChain = CERT_CertChainFromCert(
- sc->serverCert, certUsageSSLServer, PR_TRUE);
- if (sc->serverCertChain == NULL)
- goto loser;
- }
-
- /* load the private key */
- if (sc->serverKey != NULL) {
- SECKEY_DestroyPrivateKey(sc->serverKey);
- sc->serverKey = NULL;
- }
- if (key) {
- sc->serverKey = SECKEY_CopyPrivateKey(key);
- if (sc->serverKey == NULL)
- goto loser;
- }
-
- if (kea == kt_rsa) {
- rv = ssl3_CreateRSAStepDownKeys(ss);
- if (rv != SECSuccess) {
- return SECFailure; /* err set by ssl3_CreateRSAStepDownKeys */
- }
- }
-
- /* Only do this once because it's global. */
- if (ssl3_server_ca_list == NULL)
- ssl3_server_ca_list = CERT_GetSSLCACerts(ss->dbHandle);
-
- return SECSuccess;
-
-loser:
- if (sc->serverCert != NULL) {
- CERT_DestroyCertificate(sc->serverCert);
- sc->serverCert = NULL;
- }
- if (sc->serverCertChain != NULL) {
- CERT_DestroyCertificateList(sc->serverCertChain);
- sc->serverCertChain = NULL;
- }
- if (sc->serverKey != NULL) {
- SECKEY_DestroyPrivateKey(sc->serverKey);
- sc->serverKey = NULL;
- }
- return SECFailure;
-}
-
-/************************************************************************/
-
-SECStatus
-ssl_CreateSecurityInfo(sslSocket *ss)
-{
- SECStatus status;
-
- /* initialize sslv2 socket to send data in the clear. */
- ssl2_UseClearSendFunc(ss);
-
- ss->sec.blockSize = 1;
- ss->sec.blockShift = 0;
-
- ssl_GetXmitBufLock(ss);
- status = sslBuffer_Grow(&ss->sec.writeBuf, 4096);
- ssl_ReleaseXmitBufLock(ss);
-
- return status;
-}
-
-SECStatus
-ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os)
-{
- ss->sec.send = os->sec.send;
- ss->sec.isServer = os->sec.isServer;
- ss->sec.keyBits = os->sec.keyBits;
- ss->sec.secretKeyBits = os->sec.secretKeyBits;
-
- ss->sec.peerCert = CERT_DupCertificate(os->sec.peerCert);
- if (os->sec.peerCert && !ss->sec.peerCert)
- goto loser;
-
- ss->sec.cache = os->sec.cache;
- ss->sec.uncache = os->sec.uncache;
-
- /* we don't dup the connection info. */
-
- ss->sec.sendSequence = os->sec.sendSequence;
- ss->sec.rcvSequence = os->sec.rcvSequence;
-
- if (os->sec.hash && os->sec.hashcx) {
- ss->sec.hash = os->sec.hash;
- ss->sec.hashcx = os->sec.hash->clone(os->sec.hashcx);
- if (os->sec.hashcx && !ss->sec.hashcx)
- goto loser;
- } else {
- ss->sec.hash = NULL;
- ss->sec.hashcx = NULL;
- }
-
- SECITEM_CopyItem(0, &ss->sec.sendSecret, &os->sec.sendSecret);
- if (os->sec.sendSecret.data && !ss->sec.sendSecret.data)
- goto loser;
- SECITEM_CopyItem(0, &ss->sec.rcvSecret, &os->sec.rcvSecret);
- if (os->sec.rcvSecret.data && !ss->sec.rcvSecret.data)
- goto loser;
-
- /* XXX following code is wrong if either cx != 0 */
- PORT_Assert(os->sec.readcx == 0);
- PORT_Assert(os->sec.writecx == 0);
- ss->sec.readcx = os->sec.readcx;
- ss->sec.writecx = os->sec.writecx;
- ss->sec.destroy = 0;
-
- ss->sec.enc = os->sec.enc;
- ss->sec.dec = os->sec.dec;
-
- ss->sec.blockShift = os->sec.blockShift;
- ss->sec.blockSize = os->sec.blockSize;
-
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-/* Reset sec back to its initial state.
-** Caller holds any relevant locks.
-*/
-void
-ssl_ResetSecurityInfo(sslSecurityInfo *sec)
-{
- /* Destroy MAC */
- if (sec->hash && sec->hashcx) {
- (*sec->hash->destroy)(sec->hashcx, PR_TRUE);
- sec->hashcx = NULL;
- sec->hash = NULL;
- }
- SECITEM_ZfreeItem(&sec->sendSecret, PR_FALSE);
- SECITEM_ZfreeItem(&sec->rcvSecret, PR_FALSE);
-
- /* Destroy ciphers */
- if (sec->destroy) {
- (*sec->destroy)(sec->readcx, PR_TRUE);
- (*sec->destroy)(sec->writecx, PR_TRUE);
- sec->readcx = NULL;
- sec->writecx = NULL;
- } else {
- PORT_Assert(sec->readcx == 0);
- PORT_Assert(sec->writecx == 0);
- }
- sec->readcx = 0;
- sec->writecx = 0;
-
- if (sec->localCert) {
- CERT_DestroyCertificate(sec->localCert);
- sec->localCert = NULL;
- }
- if (sec->peerCert) {
- CERT_DestroyCertificate(sec->peerCert);
- sec->peerCert = NULL;
- }
- if (sec->peerKey) {
- SECKEY_DestroyPublicKey(sec->peerKey);
- sec->peerKey = NULL;
- }
-
- /* cleanup the ci */
- if (sec->ci.sid != NULL) {
- ssl_FreeSID(sec->ci.sid);
- }
- PORT_ZFree(sec->ci.sendBuf.buf, sec->ci.sendBuf.space);
- memset(&sec->ci, 0, sizeof sec->ci);
-}
-
-/*
-** Called from SSL_ResetHandshake (above), and
-** from ssl_FreeSocket in sslsock.c
-** Caller should hold relevant locks (e.g. XmitBufLock)
-*/
-void
-ssl_DestroySecurityInfo(sslSecurityInfo *sec)
-{
- ssl_ResetSecurityInfo(sec);
-
- PORT_ZFree(sec->writeBuf.buf, sec->writeBuf.space);
- sec->writeBuf.buf = 0;
-
- memset(sec, 0, sizeof *sec);
-}
-
-/************************************************************************/
-
-int
-ssl_SecureConnect(sslSocket *ss, const PRNetAddr *sa)
-{
- PRFileDesc *osfd = ss->fd->lower;
- int rv;
-
- if ( ss->handshakeAsServer ) {
- ss->securityHandshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
- } else {
- ss->securityHandshake = ssl2_BeginClientHandshake;
- ss->handshaking = sslHandshakingAsClient;
- }
-
- /* connect to server */
- rv = osfd->methods->connect(osfd, sa, ss->cTimeout);
- if (rv == PR_SUCCESS) {
- ss->TCPconnected = 1;
- } else {
- int err = PR_GetError();
- SSL_DBG(("%d: SSL[%d]: connect failed, errno=%d",
- SSL_GETPID(), ss->fd, err));
- if (err == PR_IS_CONNECTED_ERROR) {
- ss->TCPconnected = 1;
- }
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: secure connect completed, rv == %d",
- SSL_GETPID(), ss->fd, rv));
- return rv;
-}
-
-int
-ssl_SecureClose(sslSocket *ss)
-{
- int rv;
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
- ss->firstHsDone &&
- !(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
- !ss->recvdCloseNotify &&
- (ss->ssl3 != NULL)) {
-
- /* We don't want the final alert to be Nagle delayed. */
- if (!ss->delayDisabled) {
- ssl_EnableNagleDelay(ss, PR_FALSE);
- ss->delayDisabled = 1;
- }
-
- (void) SSL3_SendAlert(ss, alert_warning, close_notify);
- }
- rv = ssl_DefClose(ss);
- return rv;
-}
-
-/* Caller handles all locking */
-int
-ssl_SecureShutdown(sslSocket *ss, int nsprHow)
-{
- PRFileDesc *osfd = ss->fd->lower;
- int rv;
- PRIntn sslHow = nsprHow + 1;
-
- if ((unsigned)nsprHow > PR_SHUTDOWN_BOTH) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return PR_FAILURE;
- }
-
- if ((sslHow & ssl_SHUTDOWN_SEND) != 0 &&
- !(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
- (ss->version >= SSL_LIBRARY_VERSION_3_0) &&
- ss->firstHsDone &&
- !ss->recvdCloseNotify &&
- (ss->ssl3 != NULL)) {
-
- (void) SSL3_SendAlert(ss, alert_warning, close_notify);
- }
-
- rv = osfd->methods->shutdown(osfd, nsprHow);
-
- ss->shutdownHow |= sslHow;
-
- return rv;
-}
-
-/************************************************************************/
-
-
-int
-ssl_SecureRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
-{
- sslSecurityInfo *sec;
- int rv = 0;
-
- sec = &ss->sec;
-
- if (ss->shutdownHow & ssl_SHUTDOWN_RCV) {
- PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
- return PR_FAILURE;
- }
- if (flags & ~PR_MSG_PEEK) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return PR_FAILURE;
- }
-
- if (!ssl_SocketIsBlocking(ss) && !ss->fdx) {
- ssl_GetXmitBufLock(ss);
- if (ss->pendingBuf.len != 0) {
- rv = ssl_SendSavedWriteData(ss, &ss->pendingBuf, ssl_DefSend);
- if ((rv < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
- ssl_ReleaseXmitBufLock(ss);
- return SECFailure;
- }
- /* XXX short write? */
- }
- ssl_ReleaseXmitBufLock(ss);
- }
-
- rv = 0;
- /* If any of these is non-zero, the initial handshake is not done. */
- if (!ss->firstHsDone) {
- ssl_Get1stHandshakeLock(ss);
- if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
- rv = ssl_Do1stHandshake(ss);
- }
- ssl_Release1stHandshakeLock(ss);
- }
- if (rv < 0) {
- return rv;
- }
-
- if (len == 0) return 0;
-
- rv = DoRecv(ss, (unsigned char*) buf, len, flags);
- SSL_TRC(2, ("%d: SSL[%d]: recving %d bytes securely (errno=%d)",
- SSL_GETPID(), ss->fd, rv, PORT_GetError()));
- return rv;
-}
-
-int
-ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
-{
- return ssl_SecureRecv(ss, buf, len, 0);
-}
-
-/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
-int
-ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
-{
- int rv = 0;
-
- if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
- PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
- return PR_FAILURE;
- }
- if (flags) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return PR_FAILURE;
- }
-
- ssl_GetXmitBufLock(ss);
- if (ss->pendingBuf.len != 0) {
- PORT_Assert(ss->pendingBuf.len > 0);
- rv = ssl_SendSavedWriteData(ss, &ss->pendingBuf, ssl_DefSend);
- if (rv >= 0 && ss->pendingBuf.len != 0) {
- PORT_Assert(ss->pendingBuf.len > 0);
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- rv = SECFailure;
- }
- }
- ssl_ReleaseXmitBufLock(ss);
- if (rv < 0) {
- return rv;
- }
-
- if (len > 0)
- ss->writerThread = PR_GetCurrentThread();
- /* If any of these is non-zero, the initial handshake is not done. */
- if (!ss->firstHsDone) {
- ssl_Get1stHandshakeLock(ss);
- if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
- rv = ssl_Do1stHandshake(ss);
- }
- ssl_Release1stHandshakeLock(ss);
- }
- if (rv < 0) {
- ss->writerThread = NULL;
- return rv;
- }
-
- /* Check for zero length writes after we do housekeeping so we make forward
- * progress.
- */
- if (len == 0) {
- return 0;
- }
- PORT_Assert(buf != NULL);
-
- SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
- SSL_GETPID(), ss->fd, len));
-
- /* Send out the data using one of these functions:
- * ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock,
- * ssl3_SendApplicationData
- */
- ssl_GetXmitBufLock(ss);
- rv = (*ss->sec.send)(ss, buf, len, flags);
- ssl_ReleaseXmitBufLock(ss);
- ss->writerThread = NULL;
- return rv;
-}
-
-int
-ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len)
-{
- return ssl_SecureSend(ss, buf, len, 0);
-}
-
-SECStatus
-SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f, void *arg)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSLBadCertHook",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- ss->handleBadCert = f;
- ss->badCertArg = arg;
-
- return SECSuccess;
-}
-
-/*
- * Allow the application to pass the url or hostname into the SSL library
- * so that we can do some checking on it.
- */
-SECStatus
-SSL_SetURL(PRFileDesc *fd, const char *url)
-{
- sslSocket * ss = ssl_FindSocket(fd);
- SECStatus rv = SECSuccess;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSLSetURL",
- SSL_GETPID(), fd));
- return SECFailure;
- }
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- if ( ss->url ) {
- PORT_Free((void *)ss->url); /* CONST */
- }
-
- ss->url = (const char *)PORT_Strdup(url);
- if ( ss->url == NULL ) {
- rv = SECFailure;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-/*
-** Returns Negative number on error, zero or greater on success.
-** Returns the amount of data immediately available to be read.
-*/
-int
-SSL_DataPending(PRFileDesc *fd)
-{
- sslSocket *ss;
- int rv = 0;
-
- ss = ssl_FindSocket(fd);
-
- if (ss && ss->useSecurity) {
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- ssl_GetRecvBufLock(ss);
- rv = ss->gs.writeOffset - ss->gs.readOffset;
- ssl_ReleaseRecvBufLock(ss);
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- }
-
- return rv;
-}
-
-SECStatus
-SSL_InvalidateSession(PRFileDesc *fd)
-{
- sslSocket * ss = ssl_FindSocket(fd);
- SECStatus rv = SECFailure;
-
- if (ss) {
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- if (ss->sec.ci.sid) {
- ss->sec.uncache(ss->sec.ci.sid);
- rv = SECSuccess;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- }
- return rv;
-}
-
-SECItem *
-SSL_GetSessionID(PRFileDesc *fd)
-{
- sslSocket * ss;
- SECItem * item = NULL;
-
- ss = ssl_FindSocket(fd);
- if (ss) {
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- if (ss->useSecurity && ss->firstHsDone && ss->sec.ci.sid) {
- item = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (item) {
- sslSessionID * sid = ss->sec.ci.sid;
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- item->len = SSL2_SESSIONID_BYTES;
- item->data = (unsigned char*)PORT_Alloc(item->len);
- PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
- } else {
- item->len = sid->u.ssl3.sessionIDLength;
- item->data = (unsigned char*)PORT_Alloc(item->len);
- PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
- }
- }
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- }
- return item;
-}
-
-SECStatus
-SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle)
-{
- sslSocket * ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss)
- return SECFailure;
- if (!dbHandle) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ss->dbHandle = dbHandle;
- return SECSuccess;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- * cert Client cert chosen by application.
- * Note: ssl takes this reference, and does not bump the
- * reference count. The caller should drop its reference
- * without calling CERT_DestroyCert after calling this function.
- *
- * key Private key associated with cert. This function makes a
- * copy of the private key, so the caller remains responsible
- * for destroying its copy after this function returns.
- *
- * certChain Chain of signers for cert.
- * Note: ssl takes this reference, and does not copy the chain.
- * The caller should drop its reference without destroying the
- * chain. SSL will free the chain when it is done with it.
- *
- * Return value: XXX
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- */
-int
-SSL_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key,
- CERTCertificateList *certChain)
-{
- int ret;
-
- ssl_Get1stHandshakeLock(ss); /************************************/
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- ret = ssl3_RestartHandshakeAfterCertReq(ss, cert, key, certChain);
- } else {
- ret = ssl2_RestartHandshakeAfterCertReq(ss, cert, key);
- }
-
- ssl_Release1stHandshakeLock(ss); /************************************/
- return ret;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX Need to document here how an application marks a cert to show that
-** the application has accepted it (overridden CERT_VerifyCert).
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- *
- * Return value: XXX
-*/
-int
-SSL_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
- int rv = SECSuccess;
-
- ssl_Get1stHandshakeLock(ss);
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- rv = ssl3_RestartHandshakeAfterServerCert(ss);
- } else {
- rv = ssl2_RestartHandshakeAfterServerCert(ss);
- }
-
- ssl_Release1stHandshakeLock(ss);
- return rv;
-}
diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c
deleted file mode 100644
index 15d0a618b..000000000
--- a/security/nss/lib/ssl/sslsnce.c
+++ /dev/null
@@ -1,1645 +0,0 @@
-/* This file implements the SERVER Session ID cache.
- * NOTE: The contents of this file are NOT used by the client.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server
- * cache sids!
- *
- * About record locking among different server processes:
- *
- * All processes that are part of the same conceptual server (serving on
- * the same address and port) MUST share a common SSL session cache.
- * This code makes the content of the shared cache accessible to all
- * processes on the same "server". This code works on Unix and Win32 only.
- *
- * We use NSPR anonymous shared memory and move data to & from shared memory.
- * We must do explicit locking of the records for all reads and writes.
- * The set of Cache entries are divided up into "sets" of 128 entries.
- * Each set is protected by a lock. There may be one or more sets protected
- * by each lock. That is, locks to sets are 1:N.
- * There is one lock for the entire cert cache.
- * There is one lock for the set of wrapped sym wrap keys.
- *
- * The anonymous shared memory is laid out as if it were declared like this:
- *
- * struct {
- * cacheDescriptor desc;
- * sidCacheLock sidCacheLocks[ numSIDCacheLocks];
- * sidCacheLock keyCacheLock;
- * sidCacheLock certCacheLock;
- * sidCacheSet sidCacheSets[ numSIDCacheSets ];
- * sidCacheEntry sidCacheData[ numSIDCacheEntries];
- * certCacheEntry certCacheData[numCertCacheEntries];
- * SSLWrappedSymWrappingKey keyCacheData[kt_kea_size][SSL_NUM_WRAP_MECHS];
- * } sharedMemCacheData;
- */
-#include "nssrenam.h"
-#include "seccomon.h"
-
-#if (defined(XP_UNIX) || defined(XP_WIN32) || defined (XP_OS2) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-#include "base64.h"
-
-#include <stdio.h>
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-
-#include <syslog.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <signal.h>
-#include "unix_err.h"
-
-#else
-
-#ifdef XP_WIN32
-#include <wtypes.h>
-#include "win32err.h"
-#endif
-
-#endif
-#include <sys/types.h>
-
-#define SET_ERROR_CODE /* reminder */
-
-#include "nspr.h"
-#include "nsslocks.h"
-#include "sslmutex.h"
-
-#ifdef XP_OS2_VACPP
-#pragma pack(1)
-#endif
-
-/*
-** Format of a cache entry in the shared memory.
-*/
-struct sidCacheEntryStr {
-/* 16 */ PRIPv6Addr addr; /* client's IP address */
-/* 4 */ PRUint32 creationTime;
-/* 4 */ PRUint32 lastAccessTime;
-/* 4 */ PRUint32 expirationTime;
-/* 2 */ PRUint16 version;
-/* 1 */ PRUint8 valid;
-/* 1 */ PRUint8 sessionIDLength;
-/* 32 */ PRUint8 sessionID[SSL3_SESSIONID_BYTES];
-/* 2 */ PRUint16 authAlgorithm;
-/* 2 */ PRUint16 authKeyBits;
-/* 2 */ PRUint16 keaType;
-/* 2 */ PRUint16 keaKeyBits;
-/* 72 - common header total */
-
- union {
- struct {
-/* 64 */ PRUint8 masterKey[SSL_MAX_MASTER_KEY_BYTES];
-/* 32 */ PRUint8 cipherArg[SSL_MAX_CYPHER_ARG_BYTES];
-
-/* 1 */ PRUint8 cipherType;
-/* 1 */ PRUint8 masterKeyLen;
-/* 1 */ PRUint8 keyBits;
-/* 1 */ PRUint8 secretKeyBits;
-/* 1 */ PRUint8 cipherArgLen;
-/*101 */} ssl2;
-
- struct {
-/* 2 */ ssl3CipherSuite cipherSuite;
-/* 2 */ PRUint16 compression; /* SSL3CompressionMethod */
-
-/*122 */ ssl3SidKeys keys; /* keys and ivs, wrapped as needed. */
-/* 1 */ PRUint8 hasFortezza;
-/* 1 */ PRUint8 resumable;
-
-/* 4 */ PRUint32 masterWrapMech;
-/* 4 */ SSL3KEAType exchKeyType;
-/* 4 */ PRInt32 certIndex;
-/*140 */} ssl3;
-#if defined(LINUX)
- struct {
- PRUint8 filler[144];
- } forceSize;
-#endif
- } u;
-};
-typedef struct sidCacheEntryStr sidCacheEntry;
-
-/* The length of this struct is supposed to be a power of 2, e.g. 4KB */
-struct certCacheEntryStr {
- PRUint16 certLength; /* 2 */
- PRUint16 sessionIDLength; /* 2 */
- PRUint8 sessionID[SSL3_SESSIONID_BYTES]; /* 32 */
- PRUint8 cert[SSL_MAX_CACHED_CERT_LEN]; /* 4060 */
-}; /* total 4096 */
-typedef struct certCacheEntryStr certCacheEntry;
-
-struct sidCacheLockStr {
- PRUint32 timeStamp;
- sslMutex mutex;
- sslPID pid;
-};
-typedef struct sidCacheLockStr sidCacheLock;
-
-struct sidCacheSetStr {
- PRIntn next;
-};
-typedef struct sidCacheSetStr sidCacheSet;
-
-struct cacheDescStr {
-
- PRUint32 sharedMemSize;
-
- PRUint32 numSIDCacheLocks;
- PRUint32 numSIDCacheSets;
- PRUint32 numSIDCacheSetsPerLock;
-
- PRUint32 numSIDCacheEntries;
- PRUint32 sidCacheSize;
-
- PRUint32 numCertCacheEntries;
- PRUint32 certCacheSize;
-
- PRUint32 numKeyCacheEntries;
- PRUint32 keyCacheSize;
-
- PRUint32 ssl2Timeout;
- PRUint32 ssl3Timeout;
-
- /* These values are volatile, and are accessed through sharedCache-> */
- PRUint32 nextCertCacheEntry; /* certCacheLock protects */
- PRBool stopPolling;
-
- /* The private copies of these values are pointers into shared mem */
- /* The copies of these values in shared memory are merely offsets */
- sidCacheLock * sidCacheLocks;
- sidCacheLock * keyCacheLock;
- sidCacheLock * certCacheLock;
- sidCacheSet * sidCacheSets;
- sidCacheEntry * sidCacheData;
- certCacheEntry * certCacheData;
- SSLWrappedSymWrappingKey * keyCacheData;
-
- /* Only the private copies of these pointers are valid */
- char * sharedMem;
- struct cacheDescStr * sharedCache; /* shared copy of this struct */
- PRFileMap * cacheMemMap;
- PRThread * poller;
- PRBool shared;
-};
-typedef struct cacheDescStr cacheDesc;
-
-static cacheDesc globalCache;
-
-static const char envVarName[] = { SSL_ENV_VAR_NAME };
-
-static PRBool isMultiProcess = PR_FALSE;
-
-
-#define DEF_SID_CACHE_ENTRIES 10000
-#define DEF_CERT_CACHE_ENTRIES 250
-#define MIN_CERT_CACHE_ENTRIES 125 /* the effective size in old releases. */
-#define DEF_KEY_CACHE_ENTRIES 250
-
-#define SID_CACHE_ENTRIES_PER_SET 128
-#define SID_ALIGNMENT 16
-
-#define DEF_SSL2_TIMEOUT 100 /* seconds */
-#define MAX_SSL2_TIMEOUT 100 /* seconds */
-#define MIN_SSL2_TIMEOUT 5 /* seconds */
-
-#define DEF_SSL3_TIMEOUT 86400L /* 24 hours */
-#define MAX_SSL3_TIMEOUT 86400L /* 24 hours */
-#define MIN_SSL3_TIMEOUT 5 /* seconds */
-
-#if defined(AIX) || defined(LINUX) || defined(VMS)
-#define MAX_SID_CACHE_LOCKS 8 /* two FDs per lock */
-#elif defined(OSF1)
-#define MAX_SID_CACHE_LOCKS 16 /* one FD per lock */
-#else
-#define MAX_SID_CACHE_LOCKS 256
-#endif
-
-#define SID_HOWMANY(val, size) (((val) + ((size) - 1)) / (size))
-#define SID_ROUNDUP(val, size) ((size) * SID_HOWMANY((val), (size)))
-
-
-static sslPID myPid;
-static PRUint32 ssl_max_sid_cache_locks = MAX_SID_CACHE_LOCKS;
-
-/* forward static function declarations */
-static PRUint32 SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl);
-static SECStatus LaunchLockPoller(cacheDesc *cache);
-
-
-
-
-struct inheritanceStr {
- PRUint32 sharedMemSize;
- PRUint16 fmStrLen;
-};
-
-typedef struct inheritanceStr inheritance;
-
-#if defined(_WIN32) || defined(XP_OS2)
-
-#define DEFAULT_CACHE_DIRECTORY "\\temp"
-
-#endif /* _win32 */
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-
-#define DEFAULT_CACHE_DIRECTORY "/tmp"
-
-#endif /* XP_UNIX || XP_BEOS */
-
-
-/************************************************************************/
-
-static PRUint32
-LockSidCacheLock(sidCacheLock *lock, PRUint32 now)
-{
- SECStatus rv = sslMutex_Lock(&lock->mutex);
- if (rv != SECSuccess)
- return 0;
- if (!now)
- now = ssl_Time();
- lock->timeStamp = now;
- lock->pid = myPid;
- return now;
-}
-
-static SECStatus
-UnlockSidCacheLock(sidCacheLock *lock)
-{
- SECStatus rv;
-
- lock->pid = 0;
- rv = sslMutex_Unlock(&lock->mutex);
- return rv;
-}
-
-/* returns the value of ssl_Time on success, zero on failure. */
-static PRUint32
-LockSet(cacheDesc *cache, PRUint32 set, PRUint32 now)
-{
- PRUint32 lockNum = set % cache->numSIDCacheLocks;
- sidCacheLock * lock = cache->sidCacheLocks + lockNum;
-
- return LockSidCacheLock(lock, now);
-}
-
-static SECStatus
-UnlockSet(cacheDesc *cache, PRUint32 set)
-{
- PRUint32 lockNum = set % cache->numSIDCacheLocks;
- sidCacheLock * lock = cache->sidCacheLocks + lockNum;
-
- return UnlockSidCacheLock(lock);
-}
-
-/************************************************************************/
-
-
-/* Put a certificate in the cache. Update the cert index in the sce.
-*/
-static PRUint32
-CacheCert(cacheDesc * cache, CERTCertificate *cert, sidCacheEntry *sce)
-{
- PRUint32 now;
- certCacheEntry cce;
-
- if ((cert->derCert.len > SSL_MAX_CACHED_CERT_LEN) ||
- (cert->derCert.len <= 0) ||
- (cert->derCert.data == NULL)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return 0;
- }
-
- cce.sessionIDLength = sce->sessionIDLength;
- PORT_Memcpy(cce.sessionID, sce->sessionID, cce.sessionIDLength);
-
- cce.certLength = cert->derCert.len;
- PORT_Memcpy(cce.cert, cert->derCert.data, cce.certLength);
-
- /* get lock on cert cache */
- now = LockSidCacheLock(cache->certCacheLock, 0);
- if (now) {
-
- /* Find where to place the next cert cache entry. */
- cacheDesc * sharedCache = cache->sharedCache;
- PRUint32 ndx = sharedCache->nextCertCacheEntry;
-
- /* write the entry */
- cache->certCacheData[ndx] = cce;
-
- /* remember where we put it. */
- sce->u.ssl3.certIndex = ndx;
-
- /* update the "next" cache entry index */
- sharedCache->nextCertCacheEntry =
- (ndx + 1) % cache->numCertCacheEntries;
-
- UnlockSidCacheLock(cache->certCacheLock);
- }
- return now;
-
-}
-
-/*
-** Convert local SID to shared memory one
-*/
-static void
-ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
-{
- to->valid = 1;
- to->version = from->version;
- to->addr = from->addr;
- to->creationTime = from->creationTime;
- to->lastAccessTime = from->lastAccessTime;
- to->expirationTime = from->expirationTime;
- to->authAlgorithm = from->authAlgorithm;
- to->authKeyBits = from->authKeyBits;
- to->keaType = from->keaType;
- to->keaKeyBits = from->keaKeyBits;
-
- if (from->version < SSL_LIBRARY_VERSION_3_0) {
- if ((from->u.ssl2.masterKey.len > SSL_MAX_MASTER_KEY_BYTES) ||
- (from->u.ssl2.cipherArg.len > SSL_MAX_CYPHER_ARG_BYTES)) {
- SSL_DBG(("%d: SSL: masterKeyLen=%d cipherArgLen=%d",
- myPid, from->u.ssl2.masterKey.len,
- from->u.ssl2.cipherArg.len));
- to->valid = 0;
- return;
- }
-
- to->u.ssl2.cipherType = from->u.ssl2.cipherType;
- to->u.ssl2.masterKeyLen = from->u.ssl2.masterKey.len;
- to->u.ssl2.cipherArgLen = from->u.ssl2.cipherArg.len;
- to->u.ssl2.keyBits = from->u.ssl2.keyBits;
- to->u.ssl2.secretKeyBits = from->u.ssl2.secretKeyBits;
- to->sessionIDLength = SSL2_SESSIONID_BYTES;
- PORT_Memcpy(to->sessionID, from->u.ssl2.sessionID, SSL2_SESSIONID_BYTES);
- PORT_Memcpy(to->u.ssl2.masterKey, from->u.ssl2.masterKey.data,
- from->u.ssl2.masterKey.len);
- PORT_Memcpy(to->u.ssl2.cipherArg, from->u.ssl2.cipherArg.data,
- from->u.ssl2.cipherArg.len);
-#ifdef DEBUG
- PORT_Memset(to->u.ssl2.masterKey+from->u.ssl2.masterKey.len, 0,
- sizeof(to->u.ssl2.masterKey) - from->u.ssl2.masterKey.len);
- PORT_Memset(to->u.ssl2.cipherArg+from->u.ssl2.cipherArg.len, 0,
- sizeof(to->u.ssl2.cipherArg) - from->u.ssl2.cipherArg.len);
-#endif
- SSL_TRC(8, ("%d: SSL: ConvertSID: masterKeyLen=%d cipherArgLen=%d "
- "time=%d addr=0x%08x%08x%08x%08x cipherType=%d", myPid,
- to->u.ssl2.masterKeyLen, to->u.ssl2.cipherArgLen,
- to->creationTime, to->addr.pr_s6_addr32[0],
- to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
- to->addr.pr_s6_addr32[3], to->u.ssl2.cipherType));
- } else {
- /* This is an SSL v3 session */
-
- to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
- to->u.ssl3.compression = (uint16)from->u.ssl3.compression;
- to->u.ssl3.resumable = from->u.ssl3.resumable;
- to->u.ssl3.hasFortezza = from->u.ssl3.hasFortezza;
- to->u.ssl3.keys = from->u.ssl3.keys;
- to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
- to->u.ssl3.exchKeyType = from->u.ssl3.exchKeyType;
- to->sessionIDLength = from->u.ssl3.sessionIDLength;
- to->u.ssl3.certIndex = -1;
-
- PORT_Memcpy(to->sessionID, from->u.ssl3.sessionID,
- to->sessionIDLength);
-
- SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x "
- "cipherSuite=%d",
- myPid, to->creationTime, to->addr.pr_s6_addr32[0],
- to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
- to->addr.pr_s6_addr32[3], to->u.ssl3.cipherSuite));
- }
-}
-
-/*
-** Convert shared memory cache-entry to local memory based one
-** This is only called from ServerSessionIDLookup().
-** Caller must hold cache lock when calling this.
-*/
-static sslSessionID *
-ConvertToSID(sidCacheEntry *from, certCacheEntry *pcce,
- CERTCertDBHandle * dbHandle)
-{
- sslSessionID *to;
- uint16 version = from->version;
-
- to = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!to) {
- return 0;
- }
-
- if (version < SSL_LIBRARY_VERSION_3_0) {
- /* This is an SSL v2 session */
- to->u.ssl2.masterKey.data =
- (unsigned char*) PORT_Alloc(from->u.ssl2.masterKeyLen);
- if (!to->u.ssl2.masterKey.data) {
- goto loser;
- }
- if (from->u.ssl2.cipherArgLen) {
- to->u.ssl2.cipherArg.data =
- (unsigned char*)PORT_Alloc(from->u.ssl2.cipherArgLen);
- if (!to->u.ssl2.cipherArg.data) {
- goto loser;
- }
- PORT_Memcpy(to->u.ssl2.cipherArg.data, from->u.ssl2.cipherArg,
- from->u.ssl2.cipherArgLen);
- }
-
- to->u.ssl2.cipherType = from->u.ssl2.cipherType;
- to->u.ssl2.masterKey.len = from->u.ssl2.masterKeyLen;
- to->u.ssl2.cipherArg.len = from->u.ssl2.cipherArgLen;
- to->u.ssl2.keyBits = from->u.ssl2.keyBits;
- to->u.ssl2.secretKeyBits = from->u.ssl2.secretKeyBits;
-/* to->sessionIDLength = SSL2_SESSIONID_BYTES; */
- PORT_Memcpy(to->u.ssl2.sessionID, from->sessionID, SSL2_SESSIONID_BYTES);
- PORT_Memcpy(to->u.ssl2.masterKey.data, from->u.ssl2.masterKey,
- from->u.ssl2.masterKeyLen);
-
- SSL_TRC(8, ("%d: SSL: ConvertToSID: masterKeyLen=%d cipherArgLen=%d "
- "time=%d addr=0x%08x%08x%08x%08x cipherType=%d",
- myPid, to->u.ssl2.masterKey.len,
- to->u.ssl2.cipherArg.len, to->creationTime,
- to->addr.pr_s6_addr32[0], to->addr.pr_s6_addr32[1],
- to->addr.pr_s6_addr32[2], to->addr.pr_s6_addr32[3],
- to->u.ssl2.cipherType));
- } else {
- /* This is an SSL v3 session */
-
- to->u.ssl3.sessionIDLength = from->sessionIDLength;
- to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
- to->u.ssl3.compression = (SSL3CompressionMethod)from->u.ssl3.compression;
- to->u.ssl3.resumable = from->u.ssl3.resumable;
- to->u.ssl3.hasFortezza = from->u.ssl3.hasFortezza;
- to->u.ssl3.keys = from->u.ssl3.keys;
- to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
- to->u.ssl3.exchKeyType = from->u.ssl3.exchKeyType;
-
- PORT_Memcpy(to->u.ssl3.sessionID, from->sessionID, from->sessionIDLength);
-
- /* the portions of the SID that are only restored on the client
- * are set to invalid values on the server.
- */
- to->u.ssl3.clientWriteKey = NULL;
- to->u.ssl3.serverWriteKey = NULL;
- to->u.ssl3.tek = NULL;
- to->urlSvrName = NULL;
-
- to->u.ssl3.masterModuleID = (SECMODModuleID)-1; /* invalid value */
- to->u.ssl3.masterSlotID = (CK_SLOT_ID)-1; /* invalid value */
- to->u.ssl3.masterWrapIndex = 0;
- to->u.ssl3.masterWrapSeries = 0;
- to->u.ssl3.masterValid = PR_FALSE;
-
- to->u.ssl3.clAuthModuleID = (SECMODModuleID)-1; /* invalid value */
- to->u.ssl3.clAuthSlotID = (CK_SLOT_ID)-1; /* invalid value */
- to->u.ssl3.clAuthSeries = 0;
- to->u.ssl3.clAuthValid = PR_FALSE;
-
- to->u.ssl3.clientWriteSaveLen = 0;
-
- if (from->u.ssl3.certIndex != -1 && pcce) {
- SECItem derCert;
-
- derCert.len = pcce->certLength;
- derCert.data = pcce->cert;
-
- to->peerCert = CERT_NewTempCertificate(dbHandle, &derCert, NULL,
- PR_FALSE, PR_TRUE);
- if (to->peerCert == NULL)
- goto loser;
- }
- }
-
- to->version = from->version;
- to->creationTime = from->creationTime;
- to->lastAccessTime = from->lastAccessTime;
- to->expirationTime = from->expirationTime;
- to->cached = in_server_cache;
- to->addr = from->addr;
- to->references = 1;
- to->authAlgorithm = from->authAlgorithm;
- to->authKeyBits = from->authKeyBits;
- to->keaType = from->keaType;
- to->keaKeyBits = from->keaKeyBits;
-
- return to;
-
- loser:
- if (to) {
- if (version < SSL_LIBRARY_VERSION_3_0) {
- if (to->u.ssl2.masterKey.data)
- PORT_Free(to->u.ssl2.masterKey.data);
- if (to->u.ssl2.cipherArg.data)
- PORT_Free(to->u.ssl2.cipherArg.data);
- }
- PORT_Free(to);
- }
- return NULL;
-}
-
-
-
-/*
-** Perform some mumbo jumbo on the ip-address and the session-id value to
-** compute a hash value.
-*/
-static PRUint32
-SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl)
-{
- PRUint32 rv;
- PRUint32 x[8];
-
- memset(x, 0, sizeof x);
- if (nl > sizeof x)
- nl = sizeof x;
- memcpy(x, s, nl);
-
- rv = (addr->pr_s6_addr32[0] ^ addr->pr_s6_addr32[1] ^
- addr->pr_s6_addr32[2] ^ addr->pr_s6_addr32[3] ^
- x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4] ^ x[5] ^ x[6] ^ x[7])
- % cache->numSIDCacheSets;
- return rv;
-}
-
-
-
-/*
-** Look something up in the cache. This will invalidate old entries
-** in the process. Caller has locked the cache set!
-** Returns PR_TRUE if found a valid match. PR_FALSE otherwise.
-*/
-static sidCacheEntry *
-FindSID(cacheDesc *cache, PRUint32 setNum, PRUint32 now,
- const PRIPv6Addr *addr, unsigned char *sessionID,
- unsigned sessionIDLength)
-{
- PRUint32 ndx = cache->sidCacheSets[setNum].next;
- int i;
-
- sidCacheEntry * set = cache->sidCacheData +
- (setNum * SID_CACHE_ENTRIES_PER_SET);
-
- for (i = SID_CACHE_ENTRIES_PER_SET; i > 0; --i) {
- sidCacheEntry * sce;
-
- ndx = (ndx - 1) % SID_CACHE_ENTRIES_PER_SET;
- sce = set + ndx;
-
- if (!sce->valid)
- continue;
-
- if (now > sce->expirationTime) {
- /* SessionID has timed out. Invalidate the entry. */
- SSL_TRC(7, ("%d: timed out sid entry addr=%08x%08x%08x%08x now=%x "
- "time+=%x",
- myPid, sce->addr.pr_s6_addr32[0],
- sce->addr.pr_s6_addr32[1], sce->addr.pr_s6_addr32[2],
- sce->addr.pr_s6_addr32[3], now,
- sce->expirationTime ));
- sce->valid = 0;
- continue;
- }
-
- /*
- ** Next, examine specific session-id/addr data to see if the cache
- ** entry matches our addr+session-id value
- */
- if (sessionIDLength == sce->sessionIDLength &&
- !memcmp(&sce->addr, addr, sizeof(PRIPv6Addr)) &&
- !memcmp(sce->sessionID, sessionID, sessionIDLength)) {
- /* Found it */
- return sce;
- }
- }
-
- PORT_SetError(SSL_ERROR_SESSION_NOT_FOUND);
- return NULL;
-}
-
-/************************************************************************/
-
-/* This is the primary function for finding entries in the server's sid cache.
- * Although it is static, this function is called via the global function
- * pointer ssl_sid_lookup.
- */
-static sslSessionID *
-ServerSessionIDLookup(const PRIPv6Addr *addr,
- unsigned char *sessionID,
- unsigned int sessionIDLength,
- CERTCertDBHandle * dbHandle)
-{
- sslSessionID * sid = 0;
- sidCacheEntry * psce;
- certCacheEntry *pcce = 0;
- cacheDesc * cache = &globalCache;
- PRUint32 now;
- PRUint32 set;
- PRInt32 cndx;
- sidCacheEntry sce;
- certCacheEntry cce;
-
- set = SIDindex(cache, addr, sessionID, sessionIDLength);
- now = LockSet(cache, set, 0);
- if (!now)
- return NULL;
-
- psce = FindSID(cache, set, now, addr, sessionID, sessionIDLength);
- if (psce) {
- if (psce->version >= SSL_LIBRARY_VERSION_3_0 &&
- (cndx = psce->u.ssl3.certIndex) != -1) {
-
- PRUint32 gotLock = LockSidCacheLock(cache->certCacheLock, now);
- if (gotLock) {
- pcce = &cache->certCacheData[cndx];
-
- /* See if the cert's session ID matches the sce cache. */
- if ((pcce->sessionIDLength == psce->sessionIDLength) &&
- !PORT_Memcmp(pcce->sessionID, psce->sessionID,
- pcce->sessionIDLength)) {
- cce = *pcce;
- } else {
- /* The cert doesen't match the SID cache entry,
- ** so invalidate the SID cache entry.
- */
- psce->valid = 0;
- psce = 0;
- pcce = 0;
- }
- UnlockSidCacheLock(cache->certCacheLock);
- } else {
- /* what the ??. Didn't get the cert cache lock.
- ** Don't invalidate the SID cache entry, but don't find it.
- */
- PORT_Assert(!("Didn't get cert Cache Lock!"));
- psce = 0;
- pcce = 0;
- }
- }
- if (psce) {
- psce->lastAccessTime = now;
- sce = *psce; /* grab a copy while holding the lock */
- }
- }
- UnlockSet(cache, set);
- if (psce) {
- /* sce conains a copy of the cache entry.
- ** Convert shared memory format to local format
- */
- sid = ConvertToSID(&sce, pcce ? &cce : 0, dbHandle);
- }
- return sid;
-}
-
-/*
-** Place a sid into the cache, if it isn't already there.
-*/
-static void
-ServerSessionIDCache(sslSessionID *sid)
-{
- sidCacheEntry sce;
- PRUint32 now = 0;
- uint16 version = sid->version;
- cacheDesc * cache = &globalCache;
-
- if ((version >= SSL_LIBRARY_VERSION_3_0) &&
- (sid->u.ssl3.sessionIDLength == 0)) {
- return;
- }
-
- if (sid->cached == never_cached || sid->cached == invalid_cache) {
- PRUint32 set;
-
- PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
- if (!sid->creationTime)
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- if (version < SSL_LIBRARY_VERSION_3_0) {
- if (!sid->expirationTime)
- sid->expirationTime = sid->creationTime + ssl_sid_timeout;
- SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipher=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl2.cipherType));
- PRINT_BUF(8, (0, "sessionID:", sid->u.ssl2.sessionID,
- SSL2_SESSIONID_BYTES));
- PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data,
- sid->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data,
- sid->u.ssl2.cipherArg.len));
-
- } else {
- if (!sid->expirationTime)
- sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
- SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipherSuite=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl3.cipherSuite));
- PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID,
- sid->u.ssl3.sessionIDLength));
- }
-
- ConvertFromSID(&sce, sid);
-
- if ((version >= SSL_LIBRARY_VERSION_3_0) &&
- (sid->peerCert != NULL)) {
- now = CacheCert(cache, sid->peerCert, &sce);
- }
-
- set = SIDindex(cache, &sce.addr, sce.sessionID, sce.sessionIDLength);
- now = LockSet(cache, set, now);
- if (now) {
- PRUint32 next = cache->sidCacheSets[set].next;
- PRUint32 ndx = set * SID_CACHE_ENTRIES_PER_SET + next;
-
- /* Write out new cache entry */
- cache->sidCacheData[ndx] = sce;
-
- cache->sidCacheSets[set].next =
- (next + 1) % SID_CACHE_ENTRIES_PER_SET;
-
- UnlockSet(cache, set);
- sid->cached = in_server_cache;
- }
- }
-}
-
-/*
-** Although this is static, it is called from ssl via global function pointer
-** ssl_sid_uncache. This invalidates the referenced cache entry.
-*/
-static void
-ServerSessionIDUncache(sslSessionID *sid)
-{
- cacheDesc * cache = &globalCache;
- PRUint8 * sessionID;
- unsigned int sessionIDLength;
- PRErrorCode err;
- PRUint32 set;
- PRUint32 now;
- sidCacheEntry *psce;
-
- if (sid == NULL)
- return;
-
- /* Uncaching a SID should never change the error code.
- ** So save it here and restore it before exiting.
- */
- err = PR_GetError();
-
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- sessionID = sid->u.ssl2.sessionID;
- sessionIDLength = SSL2_SESSIONID_BYTES;
- SSL_TRC(8, ("%d: SSL: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipher=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl2.cipherType));
- PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
- PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data,
- sid->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data,
- sid->u.ssl2.cipherArg.len));
- } else {
- sessionID = sid->u.ssl3.sessionID;
- sessionIDLength = sid->u.ssl3.sessionIDLength;
- SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipherSuite=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl3.cipherSuite));
- PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
- }
- set = SIDindex(cache, &sid->addr, sessionID, sessionIDLength);
- now = LockSet(cache, set, 0);
- if (now) {
- psce = FindSID(cache, set, now, &sid->addr, sessionID, sessionIDLength);
- if (psce) {
- psce->valid = 0;
- }
- UnlockSet(cache, set);
- }
- sid->cached = invalid_cache;
- PORT_SetError(err);
-}
-
-#ifdef XP_OS2
-
-#define INCL_DOSPROCESS
-#include <os2.h>
-
-long gettid(void)
-{
- PTIB ptib;
- PPIB ppib;
- DosGetInfoBlocks(&ptib, &ppib);
- return ((long)ptib->tib_ordinal); /* thread id */
-}
-#endif
-
-static SECStatus
-InitCache(cacheDesc *cache, int maxCacheEntries, PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout, const char *directory, PRBool shared)
-{
- ptrdiff_t ptr;
- sidCacheLock *pLock;
- char * sharedMem;
- PRFileMap * cacheMemMap;
- char * cfn = NULL; /* cache file name */
- int locks_initialized = 0;
- int locks_to_initialize = 0;
- PRUint32 init_time;
-
- if (cache->sharedMem) {
- /* Already done */
- return SECSuccess;
- }
-
- cache->numSIDCacheEntries = maxCacheEntries ? maxCacheEntries
- : DEF_SID_CACHE_ENTRIES;
- cache->numSIDCacheSets =
- SID_HOWMANY(cache->numSIDCacheEntries, SID_CACHE_ENTRIES_PER_SET);
-
- cache->numSIDCacheEntries =
- cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET;
-
- cache->numSIDCacheLocks =
- PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks);
-
- cache->numSIDCacheSetsPerLock =
- SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks);
-
- /* compute size of shared memory, and offsets of all pointers */
- ptr = 0;
- cache->sharedMem = (char *)ptr;
- ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT);
-
- cache->sidCacheLocks = (sidCacheLock *)ptr;
- cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
- cache->certCacheLock = cache->keyCacheLock + 1;
- ptr = (ptrdiff_t)(cache->certCacheLock + 1);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->sidCacheSets = (sidCacheSet *)ptr;
- ptr = (ptrdiff_t)(cache->sidCacheSets + cache->numSIDCacheSets);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->sidCacheData = (sidCacheEntry *)ptr;
- ptr = (ptrdiff_t)(cache->sidCacheData + cache->numSIDCacheEntries);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->certCacheData = (certCacheEntry *)ptr;
- cache->sidCacheSize =
- (char *)cache->certCacheData - (char *)cache->sidCacheData;
-
- /* This is really a poor way to computer this! */
- cache->numCertCacheEntries = cache->sidCacheSize / sizeof(certCacheEntry);
- if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES)
- cache->numCertCacheEntries = MIN_CERT_CACHE_ENTRIES;
- ptr = (ptrdiff_t)(cache->certCacheData + cache->numCertCacheEntries);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->keyCacheData = (SSLWrappedSymWrappingKey *)ptr;
- cache->certCacheSize =
- (char *)cache->keyCacheData - (char *)cache->certCacheData;
-
- cache->numKeyCacheEntries = kt_kea_size * SSL_NUM_WRAP_MECHS;
- ptr = (ptrdiff_t)(cache->keyCacheData + cache->numKeyCacheEntries);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->sharedMemSize = ptr;
-
- cache->keyCacheSize = (char *)ptr - (char *)cache->keyCacheData;
-
- if (ssl2_timeout) {
- if (ssl2_timeout > MAX_SSL2_TIMEOUT) {
- ssl2_timeout = MAX_SSL2_TIMEOUT;
- }
- if (ssl2_timeout < MIN_SSL2_TIMEOUT) {
- ssl2_timeout = MIN_SSL2_TIMEOUT;
- }
- cache->ssl2Timeout = ssl2_timeout;
- } else {
- cache->ssl2Timeout = DEF_SSL2_TIMEOUT;
- }
-
- if (ssl3_timeout) {
- if (ssl3_timeout > MAX_SSL3_TIMEOUT) {
- ssl3_timeout = MAX_SSL3_TIMEOUT;
- }
- if (ssl3_timeout < MIN_SSL3_TIMEOUT) {
- ssl3_timeout = MIN_SSL3_TIMEOUT;
- }
- cache->ssl3Timeout = ssl3_timeout;
- } else {
- cache->ssl3Timeout = DEF_SSL3_TIMEOUT;
- }
-
- /* Create file names */
-#if defined(XP_UNIX) || defined(XP_BEOS)
- /* there's some confusion here about whether PR_OpenAnonFileMap wants
- ** a directory name or a file name for its first argument.
- cfn = PR_smprintf("%s/.sslsvrcache.%d", directory, myPid);
- */
- cfn = PR_smprintf("%s", directory);
-#endif
-
-#ifdef XP_WIN32
- cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
- GetCurrentThreadId());
-#endif
-
-#ifdef XP_OS2
- cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
- gettid());
-#endif
- if (!cfn) {
- goto loser;
- }
-
- cache->shared = shared;
- /* Create cache */
- if (PR_TRUE == shared) {
- cacheMemMap = PR_OpenAnonFileMap(cfn, cache->sharedMemSize,
- PR_PROT_READWRITE);
- } else {
- cacheMemMap = NULL;
- }
-
- PR_smprintf_free(cfn);
- if( (PR_TRUE == shared) && (!cacheMemMap) ) {
- goto loser;
- }
-
- if (PR_TRUE == shared) {
- sharedMem = PR_MemMap(cacheMemMap, 0, cache->sharedMemSize);
- } else {
- sharedMem = PORT_Alloc(cache->sharedMemSize);
- }
-
- if (! sharedMem) {
- goto loser;
- }
-
- /* Initialize shared memory. This may not be necessary on all platforms */
- memset(sharedMem, 0, cache->sharedMemSize);
-
- /* Copy cache descriptor header into shared memory */
- memcpy(sharedMem, cache, sizeof *cache);
-
- /* save private copies of these values */
- cache->cacheMemMap = cacheMemMap;
- cache->sharedMem = sharedMem;
- cache->sharedCache = (cacheDesc *)sharedMem;
-
- /* Fix pointers in our private copy of cache descriptor to point to
- ** spaces in shared memory
- */
- ptr = (ptrdiff_t)cache->sharedMem;
- *(ptrdiff_t *)(&cache->sidCacheLocks) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheLock ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheLock) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheSets ) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheData ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheData) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheData ) += ptr;
-
- /* initialize the locks */
- init_time = ssl_Time();
- pLock = cache->sidCacheLocks;
- for (locks_to_initialize = cache->numSIDCacheLocks + 2;
- locks_initialized < locks_to_initialize;
- ++locks_initialized, ++pLock ) {
-
- SECStatus err = sslMutex_Init(&pLock->mutex, isMultiProcess);
- if (err)
- goto loser;
- pLock->timeStamp = init_time;
- pLock->pid = 0;
- }
-
- return SECSuccess;
-
-loser:
- if (cache->cacheMemMap) {
- if (cache->sharedMem) {
- if (locks_initialized > 0) {
- pLock = cache->sidCacheLocks;
- for (; locks_initialized > 0; --locks_initialized, ++pLock ) {
- sslMutex_Destroy(&pLock->mutex);
- }
- }
- if (shared) {
- PR_MemUnmap(cache->sharedMem, cache->sharedMemSize);
- cache->sharedMem = NULL;
- }
- }
- if (shared) {
- PR_CloseFileMap(cache->cacheMemMap);
- } else {
- PORT_Free(sharedMem);
- }
- cache->cacheMemMap = NULL;
- }
- return SECFailure;
-}
-
-PRUint32
-SSL_GetMaxServerCacheLocks(void)
-{
- return ssl_max_sid_cache_locks + 2;
- /* The extra two are the cert cache lock and the key cache lock. */
-}
-
-SECStatus
-SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
-{
- /* Minimum is 1 sid cache lock, 1 cert cache lock and 1 key cache lock.
- ** We'd like to test for a maximum value, but not all platforms' header
- ** files provide a symbol or function or other means of determining
- ** the maximum, other than trial and error.
- */
- if (maxLocks < 3) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ssl_max_sid_cache_locks = maxLocks - 2;
- /* The extra two are the cert cache lock and the key cache lock. */
- return SECSuccess;
-}
-
-SECStatus
-SSL_ConfigServerSessionIDCacheInstance( cacheDesc *cache,
- int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory, PRBool shared)
-{
- SECStatus rv;
-
-#if defined(DEBUG_nelsonb)
- printf("sizeof(sidCacheEntry) == %u\n", sizeof(sidCacheEntry));
-#endif
-#if !(defined(SOLARIS) && defined(i386))
-#ifndef XP_OS2
- PORT_Assert(sizeof(sidCacheEntry) % 8 == 0);
-#endif
-#endif
- PORT_Assert(sizeof(certCacheEntry) == 4096);
-
- myPid = SSL_GETPID();
- if (!directory) {
- directory = DEFAULT_CACHE_DIRECTORY;
- }
- rv = InitCache(cache, maxCacheEntries, ssl2_timeout, ssl3_timeout,
- directory, shared);
- if (rv) {
- SET_ERROR_CODE
- return SECFailure;
- }
-
- ssl_sid_lookup = ServerSessionIDLookup;
- ssl_sid_cache = ServerSessionIDCache;
- ssl_sid_uncache = ServerSessionIDUncache;
- return SECSuccess;
-}
-
-SECStatus
-SSL_ConfigServerSessionIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- return SSL_ConfigServerSessionIDCacheInstance(&globalCache,
- maxCacheEntries, ssl2_timeout, ssl3_timeout, directory, PR_FALSE);
-}
-
-SECStatus
-SSL_ShutdownServerSessionIDCacheInstance(cacheDesc *cache)
-{
- /* if single process, close down, clean up.
- ** if multi-process, TBD.
- */
- return SECSuccess;
-}
-
-SECStatus
-SSL_ShutdownServerSessionIDCache(void)
-{
- SSL3_ShutdownServerCache();
- return SSL_ShutdownServerSessionIDCacheInstance(&globalCache);
-}
-
-/* Use this function, instead of SSL_ConfigServerSessionIDCache,
- * if the cache will be shared by multiple processes.
- */
-SECStatus
-SSL_ConfigMPServerSIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- char * envValue;
- char * inhValue;
- cacheDesc * cache = &globalCache;
- PRUint32 fmStrLen;
- SECStatus result;
- PRStatus prStatus;
- SECStatus putEnvFailed;
- inheritance inherit;
- char fmString[PR_FILEMAP_STRING_BUFSIZE];
-
- isMultiProcess = PR_TRUE;
- result = SSL_ConfigServerSessionIDCacheInstance(cache, maxCacheEntries,
- ssl2_timeout, ssl3_timeout, directory, PR_TRUE);
- if (result != SECSuccess)
- return result;
-
- prStatus = PR_ExportFileMapAsString(cache->cacheMemMap,
- sizeof fmString, fmString);
- if ((prStatus != PR_SUCCESS) || !(fmStrLen = strlen(fmString))) {
- SET_ERROR_CODE
- return SECFailure;
- }
-
- inherit.sharedMemSize = cache->sharedMemSize;
- inherit.fmStrLen = fmStrLen;
-
- inhValue = BTOA_DataToAscii((unsigned char *)&inherit, sizeof inherit);
- if (!inhValue || !strlen(inhValue)) {
- SET_ERROR_CODE
- return SECFailure;
- }
- envValue = PR_smprintf("%s,%s", inhValue, fmString);
- if (!envValue || !strlen(envValue)) {
- SET_ERROR_CODE
- return SECFailure;
- }
- PORT_Free(inhValue);
-
- putEnvFailed = (SECStatus)NSS_PutEnv(envVarName, envValue);
- PR_smprintf_free(envValue);
- if (putEnvFailed) {
- SET_ERROR_CODE
- result = SECFailure;
- }
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
- /* Launch thread to poll cache for expired locks on Unix */
- LaunchLockPoller(cache);
-#endif
- return result;
-}
-
-SECStatus
-SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char * envString)
-{
- unsigned char * decoString = NULL;
- char * fmString = NULL;
- unsigned int decoLen;
- ptrdiff_t ptr;
- inheritance inherit;
- cacheDesc my;
-#ifdef WINNT
- sidCacheLock* newLocks;
- int locks_initialized = 0;
- int locks_to_initialize = 0;
-#endif
-
- myPid = SSL_GETPID();
-
- /* If this child was created by fork(), and not by exec() on unix,
- ** then isMultiProcess will already be set.
- ** If not, we'll set it below.
- */
- if (isMultiProcess)
- return SECSuccess; /* already done. */
-
- ssl_sid_lookup = ServerSessionIDLookup;
- ssl_sid_cache = ServerSessionIDCache;
- ssl_sid_uncache = ServerSessionIDUncache;
-
- if (!envString) {
- envString = getenv(envVarName);
- if (!envString) {
- SET_ERROR_CODE
- return SECFailure;
- }
- }
- envString = PORT_Strdup(envString);
- if (!envString)
- return SECFailure;
- fmString = strchr(envString, ',');
- if (!fmString)
- goto loser;
- *fmString++ = 0;
-
- decoString = ATOB_AsciiToData(envString, &decoLen);
- if (!decoString) {
- SET_ERROR_CODE
- goto loser;
- }
- if (decoLen != sizeof inherit) {
- SET_ERROR_CODE
- goto loser;
- }
-
- PORT_Memcpy(&inherit, decoString, sizeof inherit);
-
- if (strlen(fmString) != inherit.fmStrLen ) {
- goto loser;
- }
-
- memset(&my, 0, sizeof my);
- my.sharedMemSize = inherit.sharedMemSize;
-
- /* Create cache */
- my.cacheMemMap = PR_ImportFileMapFromString(fmString);
- if(! my.cacheMemMap) {
- goto loser;
- }
- my.sharedMem = PR_MemMap(my.cacheMemMap, 0, my.sharedMemSize);
- if (! my.sharedMem) {
- goto loser;
- }
- my.sharedCache = (cacheDesc *)my.sharedMem;
-
- if (my.sharedCache->sharedMemSize != my.sharedMemSize) {
- SET_ERROR_CODE
- goto loser;
- }
-
- memcpy(cache, my.sharedCache, sizeof *cache);
- cache->cacheMemMap = my.cacheMemMap;
- cache->sharedMem = my.sharedMem;
- cache->sharedCache = my.sharedCache;
-
- /* Fix pointers in our private copy of cache descriptor to point to
- ** spaces in shared memory
- */
- ptr = (ptrdiff_t)cache->sharedMem;
- *(ptrdiff_t *)(&cache->sidCacheLocks) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheLock ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheLock) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheSets ) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheData ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheData) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheData ) += ptr;
-
-#ifdef WINNT
- /* On Windows NT we need to "fix" the sidCacheLocks here to support fibers
- When NT fibers are used in a multi-process server, a second level of
- locking is needed to prevent a deadlock, in case a fiber acquires the
- cross-process mutex, yields, and another fiber is later scheduled on
- the same native thread and tries to acquire the cross-process mutex.
- We do this by using a PRLock in the sslMutex. However, it is stored in
- shared memory as part of sidCacheLocks, and we don't want to overwrite
- the PRLock of the parent process. So we need to make new, private
- copies of sidCacheLocks before modifying the sslMutex with our own
- PRLock
- */
-
- newLocks = (sidCacheLock*)PORT_Alloc(sizeof(sidCacheLock)*(cache->numSIDCacheLocks + 2));
- /* note from jpierre : this should be free'd in child processes when
- a function is added to delete the SSL session cache in the future */
- /* fix the locks */
- for (locks_to_initialize = cache->numSIDCacheLocks + 2;
- locks_initialized < locks_to_initialize;
- ++locks_initialized) {
- /* copy the old lock */
- memcpy(&newLocks[locks_initialized], &cache->sidCacheLocks[locks_initialized], sizeof(sidCacheLock));
- /* now, make a local PRLock in this sslMutex for this child process */
- sslMutex_2LevelInit(&newLocks[locks_initialized].mutex);
- }
-
- /* then, make our cache object point to our new private sidCacheLocks */
- /* first the session cache */
- cache->sidCacheLocks = newLocks;
- /* also fix the key and cert cache which use the last 2 lock entries */
- cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
- cache->certCacheLock = cache->keyCacheLock + 1;
-#endif
-
- PORT_Free(decoString);
- isMultiProcess = PR_TRUE;
- return SECSuccess;
-
-loser:
- if (decoString)
- PORT_Free(decoString);
- return SECFailure;
-
-}
-
-SECStatus
-SSL_InheritMPServerSIDCache(const char * envString)
-{
- return SSL_InheritMPServerSIDCacheInstance(&globalCache, envString);
-}
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-
-#define SID_LOCK_EXPIRATION_TIMEOUT 30 /* seconds */
-
-static void
-LockPoller(void * arg)
-{
- cacheDesc * cache = (cacheDesc *)arg;
- cacheDesc * sharedCache = cache->sharedCache;
- sidCacheLock * pLock;
- const char * timeoutString;
- PRIntervalTime timeout;
- PRUint32 now;
- PRUint32 then;
- int locks_polled = 0;
- int locks_to_poll = cache->numSIDCacheLocks + 2;
- PRUint32 expiration = SID_LOCK_EXPIRATION_TIMEOUT;
-
- timeoutString = getenv("NSS_SSL_SERVER_CACHE_MUTEX_TIMEOUT");
- if (timeoutString) {
- long newTime = strtol(timeoutString, 0, 0);
- if (newTime == 0)
- return; /* application doesn't want this function */
- if (newTime > 0)
- expiration = (PRUint32)newTime;
- /* if error (newTime < 0) ignore it and use default */
- }
-
- timeout = PR_SecondsToInterval(expiration);
- while(!sharedCache->stopPolling) {
- PR_Sleep(timeout);
- if (sharedCache->stopPolling)
- break;
-
- now = ssl_Time();
- then = now - expiration;
- for (pLock = cache->sidCacheLocks, locks_polled = 0;
- locks_to_poll > locks_polled && !sharedCache->stopPolling;
- ++locks_polled, ++pLock ) {
- pid_t pid;
-
- if (pLock->timeStamp < then &&
- pLock->timeStamp != 0 &&
- (pid = pLock->pid) != 0) {
-
- /* maybe we should try the lock? */
- int result = kill(pid, 0);
- if (result < 0 && errno == ESRCH) {
- SECStatus rv;
- /* No process exists by that pid any more.
- ** Treat this mutex as abandoned.
- */
- pLock->timeStamp = now;
- pLock->pid = 0;
- rv = sslMutex_Unlock(&pLock->mutex);
- if (rv != SECSuccess) {
- /* Now what? */
- }
- }
- }
- } /* end of loop over locks */
- } /* end of entire polling loop */
-}
-
-/* Launch thread to poll cache for expired locks */
-static SECStatus
-LaunchLockPoller(cacheDesc *cache)
-{
- PRThread * pollerThread;
-
- pollerThread =
- PR_CreateThread(PR_USER_THREAD, LockPoller, cache, PR_PRIORITY_NORMAL,
- PR_GLOBAL_THREAD, PR_UNJOINABLE_THREAD, 0);
- if (!pollerThread) {
- return SECFailure;
- }
- cache->poller = pollerThread;
- return SECSuccess;
-}
-#endif
-
-/************************************************************************
- * Code dealing with shared wrapped symmetric wrapping keys below *
- ************************************************************************/
-
-/* If now is zero, it implies that the lock is not held, and must be
-** aquired here.
-*/
-static PRBool
-getSvrWrappingKey(PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk,
- cacheDesc * cache,
- PRUint32 lockTime)
-{
- PRUint32 ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
- SSLWrappedSymWrappingKey * pwswk = cache->keyCacheData + ndx;
- PRUint32 now = 0;
- PRBool rv = PR_FALSE;
-
- if (!lockTime) {
- lockTime = now = LockSidCacheLock(cache->keyCacheLock, now);
- if (!lockTime) {
- return rv;
- }
- }
- if (pwswk->exchKeyType == exchKeyType &&
- pwswk->symWrapMechIndex == symWrapMechIndex &&
- pwswk->wrappedSymKeyLen != 0) {
- *wswk = *pwswk;
- rv = PR_TRUE;
- }
- if (now) {
- UnlockSidCacheLock(cache->keyCacheLock);
- }
- return rv;
-}
-
-PRBool
-ssl_GetWrappingKey( PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk)
-{
- PRBool rv;
-
- PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
- PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
- if ((unsigned)exchKeyType < kt_kea_size &&
- (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS) {
- rv = getSvrWrappingKey(symWrapMechIndex, exchKeyType, wswk,
- &globalCache, 0);
- } else {
- rv = PR_FALSE;
- }
-
- return rv;
-}
-
-/* The caller passes in the new value it wants
- * to set. This code tests the wrapped sym key entry in the shared memory.
- * If it is uninitialized, this function writes the caller's value into
- * the disk entry, and returns false.
- * Otherwise, it overwrites the caller's wswk with the value obtained from
- * the disk, and returns PR_TRUE.
- * This is all done while holding the locks/mutexes necessary to make
- * the operation atomic.
- */
-PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
-{
- cacheDesc * cache = &globalCache;
- PRBool rv = PR_FALSE;
- SSL3KEAType exchKeyType = wswk->exchKeyType;
- /* type of keys used to wrap SymWrapKey*/
- PRInt32 symWrapMechIndex = wswk->symWrapMechIndex;
- PRUint32 ndx;
- PRUint32 now = 0;
- SSLWrappedSymWrappingKey myWswk;
-
- PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
- if ((unsigned)exchKeyType >= kt_kea_size)
- return 0;
-
- PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
- if ((unsigned)symWrapMechIndex >= SSL_NUM_WRAP_MECHS)
- return 0;
-
- ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
- PORT_Memset(&myWswk, 0, sizeof myWswk); /* eliminate UMRs. */
-
- now = LockSidCacheLock(cache->keyCacheLock, now);
- if (now) {
- rv = getSvrWrappingKey(wswk->symWrapMechIndex, wswk->exchKeyType,
- &myWswk, cache, now);
- if (rv) {
- /* we found it on disk, copy it out to the caller. */
- PORT_Memcpy(wswk, &myWswk, sizeof *wswk);
- } else {
- /* Wasn't on disk, and we're still holding the lock, so write it. */
- cache->keyCacheData[ndx] = *wswk;
- }
- UnlockSidCacheLock(cache->keyCacheLock);
- }
- return rv;
-}
-
-#else /* MAC version or other platform */
-
-#include "seccomon.h"
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-
-SECStatus
-SSL_ConfigServerSessionIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigServerSessionIDCache)");
- return SECFailure;
-}
-
-SECStatus
-SSL_ConfigMPServerSIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigMPServerSIDCache)");
- return SECFailure;
-}
-
-SECStatus
-SSL_InheritMPServerSIDCache(const char * envString)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_InheritMPServerSIDCache)");
- return SECFailure;
-}
-
-PRBool
-ssl_GetWrappingKey( PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk)
-{
- PRBool rv = PR_FALSE;
- PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_GetWrappingKey)");
- return rv;
-}
-
-/* This is a kind of test-and-set. The caller passes in the new value it wants
- * to set. This code tests the wrapped sym key entry in the shared memory.
- * If it is uninitialized, this function writes the caller's value into
- * the disk entry, and returns false.
- * Otherwise, it overwrites the caller's wswk with the value obtained from
- * the disk, and returns PR_TRUE.
- * This is all done while holding the locks/mutexes necessary to make
- * the operation atomic.
- */
-PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
-{
- PRBool rv = PR_FALSE;
- PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_SetWrappingKey)");
- return rv;
-}
-
-PRUint32
-SSL_GetMaxServerCacheLocks(void)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_GetMaxServerCacheLocks)");
- return -1;
-}
-
-SECStatus
-SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_SetMaxServerCacheLocks)");
- return SECFailure;
-}
-
-#endif /* XP_UNIX || XP_WIN32 */
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
deleted file mode 100644
index e4f01898d..000000000
--- a/security/nss/lib/ssl/sslsock.c
+++ /dev/null
@@ -1,1934 +0,0 @@
-/*
- * vtables (and methods that call through them) for the 4 types of
- * SSLSockets supported. Only one type is still supported.
- * Various other functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "seccomon.h"
-#include "cert.h"
-#include "keyhi.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "nspr.h"
-
-#define SET_ERROR_CODE /* reminder */
-
-struct cipherPolicyStr {
- int cipher;
- unsigned char export; /* policy value for export policy */
- unsigned char france; /* policy value for france policy */
-};
-
-typedef struct cipherPolicyStr cipherPolicy;
-
-/* This table contains two preconfigured policies: Export and France.
-** It is used only by the functions SSL_SetDomesticPolicy,
-** SSL_SetExportPolicy, and SSL_SetFrancyPolicy.
-** Order of entries is not important.
-*/
-static cipherPolicy ssl_ciphers[] = { /* Export France */
- { SSL_EN_RC4_128_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_EN_RC2_128_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_EN_DES_64_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_EN_DES_192_EDE3_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_RC4_128_MD5, SSL_RESTRICTED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_RC4_128_SHA, SSL_RESTRICTED, SSL_NOT_ALLOWED },
- { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RESTRICTED, SSL_NOT_ALLOWED },
- { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_FORTEZZA_DMS_WITH_NULL_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_RSA_WITH_NULL_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_ALLOWED, SSL_NOT_ALLOWED },
-#ifdef NSS_ENABLE_ECC
- { TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED },
- { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_RSA_WITH_NULL_SHA, SSL_ALLOWED, SSL_ALLOWED },
- { TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
-#endif /* NSS_ENABLE_ECC */
- { 0, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }
-};
-
-static const sslSocketOps ssl_default_ops = { /* No SSL. */
- ssl_DefConnect,
- NULL,
- ssl_DefBind,
- ssl_DefListen,
- ssl_DefShutdown,
- ssl_DefClose,
- ssl_DefRecv,
- ssl_DefSend,
- ssl_DefRead,
- ssl_DefWrite,
- ssl_DefGetpeername,
- ssl_DefGetsockname
-};
-
-static const sslSocketOps ssl_secure_ops = { /* SSL. */
- ssl_SecureConnect,
- NULL,
- ssl_DefBind,
- ssl_DefListen,
- ssl_SecureShutdown,
- ssl_SecureClose,
- ssl_SecureRecv,
- ssl_SecureSend,
- ssl_SecureRead,
- ssl_SecureWrite,
- ssl_DefGetpeername,
- ssl_DefGetsockname
-};
-
-/*
-** default settings for socket enables
-*/
-static sslOptions ssl_defaults = {
- PR_TRUE, /* useSecurity */
- PR_FALSE, /* useSocks */
- PR_FALSE, /* requestCertificate */
- 2, /* requireCertificate */
- PR_FALSE, /* handshakeAsClient */
- PR_FALSE, /* handshakeAsServer */
- PR_TRUE, /* enableSSL2 */
- PR_TRUE, /* enableSSL3 */
- PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */
- PR_FALSE, /* noCache */
- PR_FALSE, /* fdx */
- PR_TRUE, /* v2CompatibleHello */
- PR_TRUE, /* detectRollBack */
-};
-
-sslSessionIDLookupFunc ssl_sid_lookup;
-sslSessionIDCacheFunc ssl_sid_cache;
-sslSessionIDUncacheFunc ssl_sid_uncache;
-
-static PRBool ssl_inited = PR_FALSE;
-static PRDescIdentity ssl_layer_id;
-
-int ssl_lock_readers = 1; /* default true. */
-char ssl_debug;
-char ssl_trace;
-
-
-/* forward declarations. */
-static sslSocket *ssl_NewSocket(void);
-static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack,
- PRDescIdentity id);
-
-/************************************************************************/
-
-/*
-** Lookup a socket structure from a file descriptor.
-** Only functions called through the PRIOMethods table should use this.
-** Other app-callable functions should use ssl_FindSocket.
-*/
-static sslSocket *
-ssl_GetPrivate(PRFileDesc *fd)
-{
- sslSocket *ss;
-
- PORT_Assert(fd != NULL);
- PORT_Assert(fd->methods->file_type == PR_DESC_LAYERED);
- PORT_Assert(fd->identity == ssl_layer_id);
-
- ss = (sslSocket *)fd->secret;
- ss->fd = fd;
- return ss;
-}
-
-sslSocket *
-ssl_FindSocket(PRFileDesc *fd)
-{
- PRFileDesc *layer;
- sslSocket *ss;
-
- PORT_Assert(fd != NULL);
- PORT_Assert(ssl_layer_id != 0);
-
- layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
- if (layer == NULL) {
- PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
- return NULL;
- }
-
- ss = (sslSocket *)layer->secret;
- ss->fd = layer;
- return ss;
-}
-
-sslSocket *
-ssl_DupSocket(sslSocket *os)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_NewSocket();
- if (ss) {
- ss->useSocks = PR_FALSE;
- ss->useSecurity = os->useSecurity;
- ss->requestCertificate = os->requestCertificate;
- ss->requireCertificate = os->requireCertificate;
- ss->handshakeAsClient = os->handshakeAsClient;
- ss->handshakeAsServer = os->handshakeAsServer;
- ss->enableSSL2 = os->enableSSL2;
- ss->enableSSL3 = os->enableSSL3;
- ss->enableTLS = os->enableTLS;
- ss->noCache = os->noCache;
- ss->fdx = os->fdx;
- ss->v2CompatibleHello = os->v2CompatibleHello;
- ss->detectRollBack = os->detectRollBack;
-
- ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID);
- ss->url = !os->url ? NULL : PORT_Strdup(os->url);
-
- ss->ops = os->ops;
- ss->rTimeout = os->rTimeout;
- ss->wTimeout = os->wTimeout;
- ss->cTimeout = os->cTimeout;
- ss->dbHandle = os->dbHandle;
-
- /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */
- ss->allowedByPolicy = os->allowedByPolicy;
- ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy;
- ss->chosenPreference = os->chosenPreference;
- PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites);
-
- if (os->cipherSpecs) {
- ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs);
- if (ss->cipherSpecs)
- PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs,
- os->sizeCipherSpecs);
- ss->sizeCipherSpecs = os->sizeCipherSpecs;
- ss->preferredCipher = os->preferredCipher;
- } else {
- ss->cipherSpecs = NULL; /* produced lazily */
- ss->sizeCipherSpecs = 0;
- ss->preferredCipher = NULL;
- }
- if (ss->useSecurity) {
- /* This int should be SSLKEAType, but CC on Irix complains,
- * during the for loop.
- */
- int i;
- sslServerCerts * oc = os->serverCerts;
- sslServerCerts * sc = ss->serverCerts;
-
- for (i=kt_null; i < kt_kea_size; i++, oc++, sc++) {
- if (oc->serverCert && oc->serverCertChain) {
- sc->serverCert = CERT_DupCertificate(oc->serverCert);
- sc->serverCertChain = CERT_DupCertList(oc->serverCertChain);
- if (!sc->serverCertChain)
- goto loser;
- } else {
- sc->serverCert = NULL;
- sc->serverCertChain = NULL;
- }
- sc->serverKey = oc->serverKey ?
- SECKEY_CopyPrivateKey(oc->serverKey) : NULL;
- if (oc->serverKey && !sc->serverKey)
- goto loser;
- sc->serverKeyBits = oc->serverKeyBits;
- }
- ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
- ssl3_GetKeyPairRef(os->stepDownKeyPair);
-/*
- * XXX the preceeding CERT_ and SECKEY_ functions can fail and return NULL.
- * XXX We should detect this, and not just march on with NULL pointers.
- */
- ss->authCertificate = os->authCertificate;
- ss->authCertificateArg = os->authCertificateArg;
- ss->getClientAuthData = os->getClientAuthData;
- ss->getClientAuthDataArg = os->getClientAuthDataArg;
- ss->handleBadCert = os->handleBadCert;
- ss->badCertArg = os->badCertArg;
- ss->handshakeCallback = os->handshakeCallback;
- ss->handshakeCallbackData = os->handshakeCallbackData;
- ss->pkcs11PinArg = os->pkcs11PinArg;
-
- /* Create security data */
- rv = ssl_CopySecurityInfo(ss, os);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- }
- return ss;
-
-loser:
- ssl_FreeSocket(ss);
- return NULL;
-}
-
-static void
-ssl_DestroyLocks(sslSocket *ss)
-{
-
- /* Destroy locks. */
- if (ss->firstHandshakeLock) {
- PZ_DestroyMonitor(ss->firstHandshakeLock);
- ss->firstHandshakeLock = NULL;
- }
- if (ss->ssl3HandshakeLock) {
- PZ_DestroyMonitor(ss->ssl3HandshakeLock);
- ss->ssl3HandshakeLock = NULL;
- }
- if (ss->specLock) {
- NSSRWLock_Destroy(ss->specLock);
- ss->specLock = NULL;
- }
-
- if (ss->recvLock) {
- PZ_DestroyLock(ss->recvLock);
- ss->recvLock = NULL;
- }
- if (ss->sendLock) {
- PZ_DestroyLock(ss->sendLock);
- ss->sendLock = NULL;
- }
- if (ss->xmitBufLock) {
- PZ_DestroyMonitor(ss->xmitBufLock);
- ss->xmitBufLock = NULL;
- }
- if (ss->recvBufLock) {
- PZ_DestroyMonitor(ss->recvBufLock);
- ss->recvBufLock = NULL;
- }
-}
-
-/* Caller holds any relevant locks */
-static void
-ssl_DestroySocketContents(sslSocket *ss)
-{
- /* "i" should be of type SSLKEAType, but CC on IRIX complains during
- * the for loop.
- */
- int i;
-
- /* Free up socket */
- ssl_DestroySecurityInfo(&ss->sec);
-
- ssl3_DestroySSL3Info(ss->ssl3);
-
- PORT_Free(ss->saveBuf.buf);
- PORT_Free(ss->pendingBuf.buf);
- ssl_DestroyGather(&ss->gs);
-
- if (ss->peerID != NULL)
- PORT_Free(ss->peerID);
- if (ss->url != NULL)
- PORT_Free((void *)ss->url); /* CONST */
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
-
- /* Clean up server configuration */
- for (i=kt_null; i < kt_kea_size; i++) {
- sslServerCerts * sc = ss->serverCerts + i;
- if (sc->serverCert != NULL)
- CERT_DestroyCertificate(sc->serverCert);
- if (sc->serverCertChain != NULL)
- CERT_DestroyCertificateList(sc->serverCertChain);
- if (sc->serverKey != NULL)
- SECKEY_DestroyPrivateKey(sc->serverKey);
- }
- if (ss->stepDownKeyPair) {
- ssl3_FreeKeyPair(ss->stepDownKeyPair);
- ss->stepDownKeyPair = NULL;
- }
-}
-
-/*
- * free an sslSocket struct, and all the stuff that hangs off of it
- */
-void
-ssl_FreeSocket(sslSocket *ss)
-{
-#ifdef DEBUG
- sslSocket *fs;
- sslSocket lSock;
-#endif
-
-/* Get every lock you can imagine!
-** Caller already holds these:
-** SSL_LOCK_READER(ss);
-** SSL_LOCK_WRITER(ss);
-*/
- ssl_Get1stHandshakeLock(ss);
- ssl_GetRecvBufLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
- ssl_GetXmitBufLock(ss);
- ssl_GetSpecWriteLock(ss);
-
-#ifdef DEBUG
- fs = &lSock;
- *fs = *ss; /* Copy the old socket structure, */
- PORT_Memset(ss, 0x1f, sizeof *ss); /* then blast the old struct ASAP. */
-#else
-#define fs ss
-#endif
-
- ssl_DestroySocketContents(fs);
-
- /* Release all the locks acquired above. */
- SSL_UNLOCK_READER(fs);
- SSL_UNLOCK_WRITER(fs);
- ssl_Release1stHandshakeLock(fs);
- ssl_ReleaseRecvBufLock(fs);
- ssl_ReleaseSSL3HandshakeLock(fs);
- ssl_ReleaseXmitBufLock(fs);
- ssl_ReleaseSpecWriteLock(fs);
-
- ssl_DestroyLocks(fs);
-
- PORT_Free(ss); /* free the caller's copy, not ours. */
- return;
-}
-#undef fs
-
-/************************************************************************/
-SECStatus
-ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled)
-{
- PRFileDesc * osfd = ss->fd->lower;
- int rv;
- PRSocketOptionData opt;
-
- opt.option = PR_SockOpt_NoDelay;
- opt.value.no_delay = (PRBool)!enabled;
-
- rv = osfd->methods->setsocketoption(osfd, &opt);
-
- return rv;
-}
-
-static void
-ssl_ChooseOps(sslSocket *ss)
-{
- ss->ops = ss->useSecurity ? &ssl_secure_ops : &ssl_default_ops;
-}
-
-/* Called from SSL_Enable (immediately below) */
-static SECStatus
-PrepareSocket(sslSocket *ss)
-{
- SECStatus rv = SECSuccess;
-
- ssl_ChooseOps(ss);
- return rv;
-}
-
-SECStatus
-SSL_Enable(PRFileDesc *fd, int which, PRBool on)
-{
- return SSL_OptionSet(fd, which, on);
-}
-
-SECStatus
-SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
-{
- sslSocket *ss = ssl_FindSocket(fd);
- SECStatus rv = SECSuccess;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
- return SECFailure;
- }
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- switch (which) {
- case SSL_SOCKS:
- ss->useSocks = PR_FALSE;
- rv = PrepareSocket(ss);
- if (on) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
- break;
-
- case SSL_SECURITY:
- ss->useSecurity = on;
- rv = PrepareSocket(ss);
- break;
-
- case SSL_REQUEST_CERTIFICATE:
- ss->requestCertificate = on;
- break;
-
- case SSL_REQUIRE_CERTIFICATE:
- ss->requireCertificate = on;
- break;
-
- case SSL_HANDSHAKE_AS_CLIENT:
- if ( ss->handshakeAsServer && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- break;
- }
- ss->handshakeAsClient = on;
- break;
-
- case SSL_HANDSHAKE_AS_SERVER:
- if ( ss->handshakeAsClient && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- break;
- }
- ss->handshakeAsServer = on;
- break;
-
- case SSL_ENABLE_TLS:
- ss->enableTLS = on;
- ss->preferredCipher = NULL;
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
- break;
-
- case SSL_ENABLE_SSL3:
- ss->enableSSL3 = on;
- ss->preferredCipher = NULL;
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
- break;
-
- case SSL_ENABLE_SSL2:
- ss->enableSSL2 = on;
- if (on) {
- ss->v2CompatibleHello = on;
- }
- ss->preferredCipher = NULL;
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
- break;
-
- case SSL_NO_CACHE:
- ss->noCache = on;
- break;
-
- case SSL_ENABLE_FDX:
- ss->fdx = on;
- break;
-
- case SSL_V2_COMPATIBLE_HELLO:
- ss->v2CompatibleHello = on;
- if (!on) {
- ss->enableSSL2 = on;
- }
- break;
-
- case SSL_ROLLBACK_DETECTION:
- ss->detectRollBack = on;
- break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-SECStatus
-SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
-{
- sslSocket *ss = ssl_FindSocket(fd);
- SECStatus rv = SECSuccess;
- PRBool on = PR_FALSE;
-
- if (!pOn) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
- *pOn = PR_FALSE;
- return SECFailure;
- }
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- switch (which) {
- case SSL_SOCKS: on = PR_FALSE; break;
- case SSL_SECURITY: on = ss->useSecurity; break;
- case SSL_REQUEST_CERTIFICATE: on = ss->requestCertificate; break;
- case SSL_REQUIRE_CERTIFICATE: on = ss->requireCertificate; break;
- case SSL_HANDSHAKE_AS_CLIENT: on = ss->handshakeAsClient; break;
- case SSL_HANDSHAKE_AS_SERVER: on = ss->handshakeAsServer; break;
- case SSL_ENABLE_TLS: on = ss->enableTLS; break;
- case SSL_ENABLE_SSL3: on = ss->enableSSL3; break;
- case SSL_ENABLE_SSL2: on = ss->enableSSL2; break;
- case SSL_NO_CACHE: on = ss->noCache; break;
- case SSL_ENABLE_FDX: on = ss->fdx; break;
- case SSL_V2_COMPATIBLE_HELLO: on = ss->v2CompatibleHello; break;
- case SSL_ROLLBACK_DETECTION: on = ss->detectRollBack; break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- *pOn = on;
- return rv;
-}
-
-SECStatus
-SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
-{
- SECStatus rv = SECSuccess;
- PRBool on = PR_FALSE;
-
- if (!pOn) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- switch (which) {
- case SSL_SOCKS: on = PR_FALSE; break;
- case SSL_SECURITY: on = ssl_defaults.useSecurity; break;
- case SSL_REQUEST_CERTIFICATE: on = ssl_defaults.requestCertificate; break;
- case SSL_REQUIRE_CERTIFICATE: on = ssl_defaults.requireCertificate; break;
- case SSL_HANDSHAKE_AS_CLIENT: on = ssl_defaults.handshakeAsClient; break;
- case SSL_HANDSHAKE_AS_SERVER: on = ssl_defaults.handshakeAsServer; break;
- case SSL_ENABLE_TLS: on = ssl_defaults.enableTLS; break;
- case SSL_ENABLE_SSL3: on = ssl_defaults.enableSSL3; break;
- case SSL_ENABLE_SSL2: on = ssl_defaults.enableSSL2; break;
- case SSL_NO_CACHE: on = ssl_defaults.noCache; break;
- case SSL_ENABLE_FDX: on = ssl_defaults.fdx; break;
- case SSL_V2_COMPATIBLE_HELLO: on = ssl_defaults.v2CompatibleHello; break;
- case SSL_ROLLBACK_DETECTION: on = ssl_defaults.detectRollBack; break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- *pOn = on;
- return rv;
-}
-
-/* XXX Use Global Lock to protect this stuff. */
-SECStatus
-SSL_EnableDefault(int which, PRBool on)
-{
- return SSL_OptionSetDefault(which, on);
-}
-
-SECStatus
-SSL_OptionSetDefault(PRInt32 which, PRBool on)
-{
- switch (which) {
- case SSL_SOCKS:
- ssl_defaults.useSocks = PR_FALSE;
- if (on) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- break;
-
- case SSL_SECURITY:
- ssl_defaults.useSecurity = on;
- break;
-
- case SSL_REQUEST_CERTIFICATE:
- ssl_defaults.requestCertificate = on;
- break;
-
- case SSL_REQUIRE_CERTIFICATE:
- ssl_defaults.requireCertificate = on;
- break;
-
- case SSL_HANDSHAKE_AS_CLIENT:
- if ( ssl_defaults.handshakeAsServer && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ssl_defaults.handshakeAsClient = on;
- break;
-
- case SSL_HANDSHAKE_AS_SERVER:
- if ( ssl_defaults.handshakeAsClient && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ssl_defaults.handshakeAsServer = on;
- break;
-
- case SSL_ENABLE_TLS:
- ssl_defaults.enableTLS = on;
- break;
-
- case SSL_ENABLE_SSL3:
- ssl_defaults.enableSSL3 = on;
- break;
-
- case SSL_ENABLE_SSL2:
- ssl_defaults.enableSSL2 = on;
- if (on) {
- ssl_defaults.v2CompatibleHello = on;
- }
- break;
-
- case SSL_NO_CACHE:
- ssl_defaults.noCache = on;
- break;
-
- case SSL_ENABLE_FDX:
- ssl_defaults.fdx = on;
- break;
-
- case SSL_V2_COMPATIBLE_HELLO:
- ssl_defaults.v2CompatibleHello = on;
- if (!on) {
- ssl_defaults.enableSSL2 = on;
- }
- break;
-
- case SSL_ROLLBACK_DETECTION:
- ssl_defaults.detectRollBack = on;
- break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* Part of the public NSS API.
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- */
-SECStatus
-SSL_SetPolicy(long which, int policy)
-{
- if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
- /* one of the two old FIPS ciphers */
- if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
- else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
- }
- return SSL_CipherPolicySet(which, policy);
-}
-
-SECStatus
-SSL_CipherPolicySet(PRInt32 which, PRInt32 policy)
-{
- SECStatus rv;
-
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_SetPolicy(which, policy);
- } else {
- rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy)
-{
- SECStatus rv;
-
- if (!oPolicy) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_GetPolicy(which, oPolicy);
- } else {
- rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy);
- }
- return rv;
-}
-
-/* Part of the public NSS API.
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- * These changes have no effect on any sslSockets already created.
- */
-SECStatus
-SSL_EnableCipher(long which, PRBool enabled)
-{
- if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
- /* one of the two old FIPS ciphers */
- if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
- else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
- }
- return SSL_CipherPrefSetDefault(which, enabled);
-}
-
-SECStatus
-SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
-{
- SECStatus rv;
-
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefSetDefault(which, enabled);
- } else {
- rv = ssl3_CipherPrefSetDefault((ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
-{
- SECStatus rv;
-
- if (!enabled) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefGetDefault(which, enabled);
- } else {
- rv = ssl3_CipherPrefGetDefault((ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
-{
- SECStatus rv;
- sslSocket *ss = ssl_FindSocket(fd);
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefSet(ss, which, enabled);
- } else {
- rv = ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
-{
- SECStatus rv;
- sslSocket *ss = ssl_FindSocket(fd);
-
- if (!enabled) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
- *enabled = PR_FALSE;
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefGet(ss, which, enabled);
- } else {
- rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-NSS_SetDomesticPolicy(void)
-{
-#ifndef EXPORT_VERSION
- SECStatus status = SECSuccess;
- cipherPolicy * policy;
-
- for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
- status = SSL_SetPolicy(policy->cipher, SSL_ALLOWED);
- if (status != SECSuccess)
- break;
- }
- return status;
-#else
- return NSS_SetExportPolicy();
-#endif
-}
-
-SECStatus
-NSS_SetExportPolicy(void)
-{
- SECStatus status = SECSuccess;
- cipherPolicy * policy;
-
- for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
- status = SSL_SetPolicy(policy->cipher, policy->export);
- if (status != SECSuccess)
- break;
- }
- return status;
-}
-
-SECStatus
-NSS_SetFrancePolicy(void)
-{
- SECStatus status = SECSuccess;
- cipherPolicy * policy;
-
- for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
- status = SSL_SetPolicy(policy->cipher, policy->france);
- if (status != SECSuccess)
- break;
- }
- return status;
-}
-
-
-
-/* LOCKS ??? XXX */
-PRFileDesc *
-SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
-{
- sslSocket * ns = NULL;
- PRStatus rv;
- PRNetAddr addr;
-
- if (model == NULL) {
- /* Just create a default socket if we're given NULL for the model */
- ns = ssl_NewSocket();
- } else {
- sslSocket * ss = ssl_FindSocket(model);
- if (ss == NULL) {
- SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD",
- SSL_GETPID(), model));
- return NULL;
- }
- ns = ssl_DupSocket(ss);
- }
- if (ns == NULL)
- return NULL;
-
- rv = ssl_PushIOLayer(ns, fd, PR_TOP_IO_LAYER);
- if (rv != PR_SUCCESS) {
- ssl_FreeSocket(ns);
- SET_ERROR_CODE
- return NULL;
- }
-#ifdef _WIN32
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* workaround NT winsock connect bug. */
-#endif
- ns = ssl_FindSocket(fd);
- PORT_Assert(ns);
- if (ns)
- ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
- return fd;
-}
-
-/************************************************************************/
-/* The following functions are the TOP LEVEL SSL functions.
-** They all get called through the NSPRIOMethods table below.
-*/
-
-static PRFileDesc * PR_CALLBACK
-ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout)
-{
- sslSocket *ss;
- sslSocket *ns = NULL;
- PRFileDesc *newfd = NULL;
- PRFileDesc *osfd;
- PRStatus status;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in accept", SSL_GETPID(), fd));
- return NULL;
- }
-
- /* IF this is a listen socket, there shouldn't be any I/O going on */
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- ss->cTimeout = timeout;
-
- osfd = ss->fd->lower;
-
- /* First accept connection */
- newfd = osfd->methods->accept(osfd, sockaddr, timeout);
- if (newfd == NULL) {
- SSL_DBG(("%d: SSL[%d]: accept failed, errno=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- } else {
- /* Create ssl module */
- ns = ssl_DupSocket(ss);
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss); /* ss isn't used below here. */
-
- if (ns == NULL)
- goto loser;
-
- /* push ssl module onto the new socket */
- status = ssl_PushIOLayer(ns, newfd, PR_TOP_IO_LAYER);
- if (status != PR_SUCCESS)
- goto loser;
-
- /* Now start server connection handshake with client.
- ** Don't need locks here because nobody else has a reference to ns yet.
- */
- if ( ns->useSecurity ) {
- if ( ns->handshakeAsClient ) {
- ns->handshake = ssl2_BeginClientHandshake;
- ss->handshaking = sslHandshakingAsClient;
- } else {
- ns->handshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
- }
- }
- ns->TCPconnected = 1;
- return newfd;
-
-loser:
- if (ns != NULL)
- ssl_FreeSocket(ns);
- if (newfd != NULL)
- PR_Close(newfd);
- return NULL;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Connect(PRFileDesc *fd, const PRNetAddr *sockaddr, PRIntervalTime timeout)
-{
- sslSocket *ss;
- PRStatus rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in connect", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
-
- /* IF this is a listen socket, there shouldn't be any I/O going on */
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- ss->cTimeout = timeout;
- rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr);
-#ifdef _WIN32
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* workaround NT winsock connect bug. */
-#endif
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
-
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Bind(PRFileDesc *fd, const PRNetAddr *addr)
-{
- sslSocket * ss = ssl_GetPrivate(fd);
- PRStatus rv;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in bind", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- rv = (PRStatus)(*ss->ops->bind)(ss, addr);
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Listen(PRFileDesc *fd, PRIntn backlog)
-{
- sslSocket * ss = ssl_GetPrivate(fd);
- PRStatus rv;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in listen", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- rv = (PRStatus)(*ss->ops->listen)(ss, backlog);
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Shutdown(PRFileDesc *fd, PRIntn how)
-{
- sslSocket * ss = ssl_GetPrivate(fd);
- PRStatus rv;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in shutdown", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
- SSL_LOCK_READER(ss);
- }
- if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
- SSL_LOCK_WRITER(ss);
- }
-
- rv = (PRStatus)(*ss->ops->shutdown)(ss, how);
-
- if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
- SSL_UNLOCK_WRITER(ss);
- }
- if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
- SSL_UNLOCK_READER(ss);
- }
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Close(PRFileDesc *fd)
-{
- sslSocket *ss;
- PRStatus rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in close", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
-
- /* There must not be any I/O going on */
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- /* By the time this function returns,
- ** ss is an invalid pointer, and the locks to which it points have
- ** been unlocked and freed. So, this is the ONE PLACE in all of SSL
- ** where the LOCK calls and the corresponding UNLOCK calls are not in
- ** the same function scope. The unlock calls are in ssl_FreeSocket().
- */
- rv = (PRStatus)(*ss->ops->close)(ss);
-
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Recv(PRFileDesc *fd, void *buf, PRInt32 len, PRIntn flags,
- PRIntervalTime timeout)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in recv", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_READER(ss);
- ss->rTimeout = timeout;
- if (!ss->fdx)
- ss->wTimeout = timeout;
- rv = (*ss->ops->recv)(ss, (unsigned char*)buf, len, flags);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Send(PRFileDesc *fd, const void *buf, PRInt32 len, PRIntn flags,
- PRIntervalTime timeout)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in send", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_WRITER(ss);
- ss->wTimeout = timeout;
- if (!ss->fdx)
- ss->rTimeout = timeout;
- rv = (*ss->ops->send)(ss, (const unsigned char*)buf, len, flags);
- SSL_UNLOCK_WRITER(ss);
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Read(PRFileDesc *fd, void *buf, PRInt32 len)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in read", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_READER(ss);
- ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
- if (!ss->fdx)
- ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
- rv = (*ss->ops->read)(ss, (unsigned char*)buf, len);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Write(PRFileDesc *fd, const void *buf, PRInt32 len)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in write", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_WRITER(ss);
- ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
- if (!ss->fdx)
- ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
- rv = (*ss->ops->write)(ss, (const unsigned char*)buf, len);
- SSL_UNLOCK_WRITER(ss);
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_GetPeerName(PRFileDesc *fd, PRNetAddr *addr)
-{
- sslSocket *ss;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in getpeername", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- return (PRStatus)(*ss->ops->getpeername)(ss, addr);
-}
-
-/*
-*/
-SECStatus
-ssl_GetPeerInfo(sslSocket *ss)
-{
- PRFileDesc * osfd;
- int rv;
- PRNetAddr sin;
-
- osfd = ss->fd->lower;
-
- PORT_Memset(&sin, 0, sizeof(sin));
- rv = osfd->methods->getpeername(osfd, &sin);
- if (rv < 0) {
- return SECFailure;
- }
- ss->TCPconnected = 1;
- if (sin.inet.family == PR_AF_INET) {
- PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ss->sec.ci.peer);
- ss->sec.ci.port = sin.inet.port;
- } else if (sin.ipv6.family == PR_AF_INET6) {
- ss->sec.ci.peer = sin.ipv6.ip;
- ss->sec.ci.port = sin.ipv6.port;
- } else {
- PORT_SetError(PR_ADDRESS_NOT_SUPPORTED_ERROR);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static PRStatus PR_CALLBACK
-ssl_GetSockName(PRFileDesc *fd, PRNetAddr *name)
-{
- sslSocket *ss;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in getsockname", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- return (PRStatus)(*ss->ops->getsockname)(ss, name);
-}
-
-SECStatus PR_CALLBACK
-SSL_SetSockPeerID(PRFileDesc *fd, char *peerID)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCacheIndex",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- ss->peerID = PORT_Strdup(peerID);
- return SECSuccess;
-}
-
-#define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ)
-
-static PRInt16 PR_CALLBACK
-ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
-{
- sslSocket *ss;
- PRInt16 new_flags = how_flags; /* should select on these flags. */
- PRNetAddr addr;
-
- *p_out_flags = 0;
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSL_Poll",
- SSL_GETPID(), fd));
- return 0; /* don't poll on this socket */
- }
-
- if (ss->useSecurity &&
- ss->handshaking != sslHandshakingUndetermined &&
- !ss->firstHsDone &&
- (how_flags & PR_POLL_RW)) {
- if (!ss->TCPconnected) {
- ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
- }
- /* If it's not connected, then presumably the application is polling
- ** on read or write appropriately, so don't change it.
- */
- if (ss->TCPconnected) {
- if (!ss->handshakeBegun) {
- /* If the handshake has not begun, poll on read or write
- ** based on the local application's role in the handshake,
- ** not based on what the application requested.
- */
- new_flags &= ~PR_POLL_RW;
- if (ss->handshaking == sslHandshakingAsClient) {
- new_flags |= PR_POLL_WRITE;
- } else { /* handshaking as server */
- new_flags |= PR_POLL_READ;
- }
- } else
- /* First handshake is in progress */
- if (ss->lastWriteBlocked) {
- if (new_flags & PR_POLL_READ) {
- /* The caller is waiting for data to be received,
- ** but the initial handshake is blocked on write, or the
- ** client's first handshake record has not been written.
- ** The code should select on write, not read.
- */
- new_flags ^= PR_POLL_READ; /* don't select on read. */
- new_flags |= PR_POLL_WRITE; /* do select on write. */
- }
- } else if (new_flags & PR_POLL_WRITE) {
- /* The caller is trying to write, but the handshake is
- ** blocked waiting for data to read, and the first
- ** handshake has been sent. so do NOT to poll on write.
- */
- new_flags ^= PR_POLL_WRITE; /* don't select on write. */
- new_flags |= PR_POLL_READ; /* do select on read. */
- }
- }
- } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
- *p_out_flags = PR_POLL_READ; /* it's ready already. */
- return new_flags;
- } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) &&
- (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */
- new_flags |= PR_POLL_WRITE; /* also select on write. */
- }
- if (new_flags && (fd->lower->methods->poll != NULL)) {
- PRInt16 lower_out_flags = 0;
- PRInt16 lower_new_flags;
- lower_new_flags = fd->lower->methods->poll(fd->lower, new_flags,
- &lower_out_flags);
- if ((lower_new_flags & lower_out_flags) && (how_flags != new_flags)) {
- PRInt16 out_flags = lower_out_flags & ~PR_POLL_RW;
- if (lower_out_flags & PR_POLL_READ)
- out_flags |= PR_POLL_WRITE;
- if (lower_out_flags & PR_POLL_WRITE)
- out_flags |= PR_POLL_READ;
- *p_out_flags = out_flags;
- new_flags = how_flags;
- } else {
- *p_out_flags = lower_out_flags;
- new_flags = lower_new_flags;
- }
- }
-
- return new_flags;
-}
-
-
-PRBool
-ssl_FdIsBlocking(PRFileDesc *fd)
-{
- PRSocketOptionData opt;
- PRStatus status;
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- status = PR_GetSocketOption(fd, &opt);
- if (status != PR_SUCCESS)
- return PR_FALSE;
- return (PRBool)!opt.value.non_blocking;
-}
-
-PRBool
-ssl_SocketIsBlocking(sslSocket *ss)
-{
- return ssl_FdIsBlocking(ss->fd);
-}
-
-PRInt32 sslFirstBufSize = 8 * 1024;
-PRInt32 sslCopyLimit = 1024;
-
-static PRInt32 PR_CALLBACK
-ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors,
- PRIntervalTime timeout)
-{
- PRInt32 bufLen;
- PRInt32 left;
- PRInt32 rv;
- PRInt32 sent = 0;
- const PRInt32 first_len = sslFirstBufSize;
- const PRInt32 limit = sslCopyLimit;
- PRBool blocking;
- PRIOVec myIov = { 0, 0 };
- char buf[MAX_FRAGMENT_LENGTH];
-
- if (vectors > PR_MAX_IOVECTOR_SIZE) {
- PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
- return -1;
- }
- blocking = ssl_FdIsBlocking(fd);
-
-#define K16 sizeof(buf)
-#define KILL_VECTORS while (vectors && !iov->iov_len) { ++iov; --vectors; }
-#define GET_VECTOR do { myIov = *iov++; --vectors; KILL_VECTORS } while (0)
-#define HANDLE_ERR(rv, len) \
- if (rv != len) { \
- if (rv < 0) { \
- if (!blocking \
- && (PR_GetError() == PR_WOULD_BLOCK_ERROR) \
- && (sent > 0)) { \
- return sent; \
- } else { \
- return -1; \
- } \
- } \
- /* Only a nonblocking socket can have partial sends */ \
- PR_ASSERT(!blocking); \
- return sent; \
- }
-#define SEND(bfr, len) \
- do { \
- rv = ssl_Send(fd, bfr, len, 0, timeout); \
- HANDLE_ERR(rv, len) \
- sent += len; \
- } while (0)
-
- /* Make sure the first write is at least 8 KB, if possible. */
- KILL_VECTORS
- if (!vectors)
- return ssl_Send(fd, 0, 0, 0, timeout);
- GET_VECTOR;
- if (!vectors) {
- return ssl_Send(fd, myIov.iov_base, myIov.iov_len, 0, timeout);
- }
- if (myIov.iov_len < first_len) {
- PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
- bufLen = myIov.iov_len;
- left = first_len - bufLen;
- while (vectors && left) {
- int toCopy;
- GET_VECTOR;
- toCopy = PR_MIN(left, myIov.iov_len);
- PORT_Memcpy(buf + bufLen, myIov.iov_base, toCopy);
- bufLen += toCopy;
- left -= toCopy;
- myIov.iov_base += toCopy;
- myIov.iov_len -= toCopy;
- }
- SEND( buf, bufLen );
- }
-
- while (vectors || myIov.iov_len) {
- PRInt32 addLen;
- if (!myIov.iov_len) {
- GET_VECTOR;
- }
- while (myIov.iov_len >= K16) {
- SEND(myIov.iov_base, K16);
- myIov.iov_base += K16;
- myIov.iov_len -= K16;
- }
- if (!myIov.iov_len)
- continue;
-
- if (!vectors || myIov.iov_len > limit) {
- addLen = 0;
- } else if ((addLen = iov->iov_len % K16) + myIov.iov_len <= limit) {
- /* Addlen is already computed. */;
- } else if (vectors > 1 &&
- iov[1].iov_len % K16 + addLen + myIov.iov_len <= 2 * limit) {
- addLen = limit - myIov.iov_len;
- } else
- addLen = 0;
-
- if (!addLen) {
- SEND( myIov.iov_base, myIov.iov_len );
- myIov.iov_len = 0;
- continue;
- }
- PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
- bufLen = myIov.iov_len;
- do {
- GET_VECTOR;
- PORT_Memcpy(buf + bufLen, myIov.iov_base, addLen);
- myIov.iov_base += addLen;
- myIov.iov_len -= addLen;
- bufLen += addLen;
-
- left = PR_MIN( limit, K16 - bufLen);
- if (!vectors /* no more left */
- || myIov.iov_len > 0 /* we didn't use that one all up */
- || bufLen >= K16 /* it's full. */
- ) {
- addLen = 0;
- } else if ((addLen = iov->iov_len % K16) <= left) {
- /* Addlen is already computed. */;
- } else if (vectors > 1 &&
- iov[1].iov_len % K16 + addLen <= left + limit) {
- addLen = left;
- } else
- addLen = 0;
-
- } while (addLen);
- SEND( buf, bufLen );
- }
- return sent;
-}
-
-/*
- * These functions aren't implemented.
- */
-
-static PRInt32 PR_CALLBACK
-ssl_Available(PRFileDesc *fd)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static PRInt64 PR_CALLBACK
-ssl_Available64(PRFileDesc *fd)
-{
- PRInt64 res;
-
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- LL_I2L(res, -1L);
- return res;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FSync(PRFileDesc *fd)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return PR_FAILURE;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_Seek(PRFileDesc *fd, PRInt32 offset, PRSeekWhence how) {
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static PRInt64 PR_CALLBACK
-ssl_Seek64(PRFileDesc *fd, PRInt64 offset, PRSeekWhence how) {
- PRInt64 res;
-
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- LL_I2L(res, -1L);
- return res;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FileInfo(PRFileDesc *fd, PRFileInfo *info)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return PR_FAILURE;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FileInfo64(PRFileDesc *fd, PRFileInfo64 *info)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return PR_FAILURE;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_RecvFrom(PRFileDesc *fd, void *buf, PRInt32 amount, PRIntn flags,
- PRNetAddr *addr, PRIntervalTime timeout)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_SendTo(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags,
- const PRNetAddr *addr, PRIntervalTime timeout)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static const PRIOMethods ssl_methods = {
- PR_DESC_LAYERED,
- ssl_Close, /* close */
- ssl_Read, /* read */
- ssl_Write, /* write */
- ssl_Available, /* available */
- ssl_Available64, /* available64 */
- ssl_FSync, /* fsync */
- ssl_Seek, /* seek */
- ssl_Seek64, /* seek64 */
- ssl_FileInfo, /* fileInfo */
- ssl_FileInfo64, /* fileInfo64 */
- ssl_WriteV, /* writev */
- ssl_Connect, /* connect */
- ssl_Accept, /* accept */
- ssl_Bind, /* bind */
- ssl_Listen, /* listen */
- ssl_Shutdown, /* shutdown */
- ssl_Recv, /* recv */
- ssl_Send, /* send */
- ssl_RecvFrom, /* recvfrom */
- ssl_SendTo, /* sendto */
- ssl_Poll, /* poll */
- ssl_EmulateAcceptRead, /* acceptread */
- ssl_EmulateTransmitFile, /* transmitfile */
- ssl_GetSockName, /* getsockname */
- ssl_GetPeerName, /* getpeername */
- NULL, /* getsockopt OBSOLETE */
- NULL, /* setsockopt OBSOLETE */
- NULL, /* getsocketoption */
- NULL, /* setsocketoption */
- ssl_EmulateSendFile, /* Send a (partial) file with header/trailer*/
- NULL, /* reserved for future use */
- NULL, /* reserved for future use */
- NULL, /* reserved for future use */
- NULL, /* reserved for future use */
- NULL /* reserved for future use */
-};
-
-
-static PRIOMethods combined_methods;
-
-static void
-ssl_SetupIOMethods(void)
-{
- PRIOMethods *new_methods = &combined_methods;
- const PRIOMethods *nspr_methods = PR_GetDefaultIOMethods();
- const PRIOMethods *my_methods = &ssl_methods;
-
- *new_methods = *nspr_methods;
-
- new_methods->file_type = my_methods->file_type;
- new_methods->close = my_methods->close;
- new_methods->read = my_methods->read;
- new_methods->write = my_methods->write;
- new_methods->available = my_methods->available;
- new_methods->available64 = my_methods->available64;
- new_methods->fsync = my_methods->fsync;
- new_methods->seek = my_methods->seek;
- new_methods->seek64 = my_methods->seek64;
- new_methods->fileInfo = my_methods->fileInfo;
- new_methods->fileInfo64 = my_methods->fileInfo64;
- new_methods->writev = my_methods->writev;
- new_methods->connect = my_methods->connect;
- new_methods->accept = my_methods->accept;
- new_methods->bind = my_methods->bind;
- new_methods->listen = my_methods->listen;
- new_methods->shutdown = my_methods->shutdown;
- new_methods->recv = my_methods->recv;
- new_methods->send = my_methods->send;
- new_methods->recvfrom = my_methods->recvfrom;
- new_methods->sendto = my_methods->sendto;
- new_methods->poll = my_methods->poll;
- new_methods->acceptread = my_methods->acceptread;
- new_methods->transmitfile = my_methods->transmitfile;
- new_methods->getsockname = my_methods->getsockname;
- new_methods->getpeername = my_methods->getpeername;
-/* new_methods->getsocketoption = my_methods->getsocketoption; */
-/* new_methods->setsocketoption = my_methods->setsocketoption; */
- new_methods->sendfile = my_methods->sendfile;
-
-}
-
-static PRCallOnceType initIoLayerOnce;
-
-static PRStatus
-ssl_InitIOLayer(void)
-{
- ssl_layer_id = PR_GetUniqueIdentity("SSL");
- ssl_SetupIOMethods();
- ssl_inited = PR_TRUE;
- return PR_SUCCESS;
-}
-
-static PRStatus
-ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, PRDescIdentity id)
-{
- PRFileDesc *layer = NULL;
- PRStatus status;
-
- if (!ssl_inited) {
- PR_CallOnce(&initIoLayerOnce, &ssl_InitIOLayer);
- }
-
- if (ns == NULL)
- goto loser;
-
- layer = PR_CreateIOLayerStub(ssl_layer_id, &combined_methods);
- if (layer == NULL)
- goto loser;
- layer->secret = (PRFilePrivate *)ns;
-
- /* Here, "stack" points to the PRFileDesc on the top of the stack.
- ** "layer" points to a new FD that is to be inserted into the stack.
- ** If layer is being pushed onto the top of the stack, then
- ** PR_PushIOLayer switches the contents of stack and layer, and then
- ** puts stack on top of layer, so that after it is done, the top of
- ** stack is the same "stack" as it was before, and layer is now the
- ** FD for the former top of stack.
- ** After this call, stack always points to the top PRFD on the stack.
- ** If this function fails, the contents of stack and layer are as
- ** they were before the call.
- */
- status = PR_PushIOLayer(stack, id, layer);
- if (status != PR_SUCCESS)
- goto loser;
-
- ns->fd = (id == PR_TOP_IO_LAYER) ? stack : layer;
- return PR_SUCCESS;
-
-loser:
- if (layer) {
- layer->dtor(layer); /* free layer */
- }
- return PR_FAILURE;
-}
-
-/*
-** Create a newsocket structure for a file descriptor.
-*/
-static sslSocket *
-ssl_NewSocket(void)
-{
- sslSocket *ss;
-#ifdef DEBUG
-#if (defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
- static int firsttime = 1;
-
- if (firsttime) {
- firsttime = 0;
- {
- char *ev = getenv("SSLDEBUG");
- if (ev && ev[0]) {
- ssl_debug = atoi(ev);
- SSL_TRACE(("SSL: debugging set to %d", ssl_debug));
- }
- }
-#ifdef TRACE
- {
- char *ev = getenv("SSLTRACE");
- if (ev && ev[0]) {
- ssl_trace = atoi(ev);
- SSL_TRACE(("SSL: tracing set to %d", ssl_trace));
- }
- }
-#endif /* TRACE */
- }
-#endif /* XP_UNIX || XP_WIN32 */
-#endif /* DEBUG */
-
- /* Make a new socket and get it ready */
- ss = (sslSocket*) PORT_ZAlloc(sizeof(sslSocket));
- if (ss) {
- /* This should be of type SSLKEAType, but CC on IRIX
- * complains during the for loop.
- */
- int i;
- SECStatus status;
-
- ss->useSecurity = ssl_defaults.useSecurity;
- ss->useSocks = PR_FALSE;
- ss->requestCertificate = ssl_defaults.requestCertificate;
- ss->requireCertificate = ssl_defaults.requireCertificate;
- ss->handshakeAsClient = ssl_defaults.handshakeAsClient;
- ss->handshakeAsServer = ssl_defaults.handshakeAsServer;
- ss->enableSSL2 = ssl_defaults.enableSSL2;
- ss->enableSSL3 = ssl_defaults.enableSSL3;
- ss->enableTLS = ssl_defaults.enableTLS ;
- ss->fdx = ssl_defaults.fdx;
- ss->v2CompatibleHello = ssl_defaults.v2CompatibleHello;
- ss->detectRollBack = ssl_defaults.detectRollBack;
- ss->noCache = ssl_defaults.noCache;
- ss->peerID = NULL;
- ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
- ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
- ss->cTimeout = PR_INTERVAL_NO_TIMEOUT;
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0; /* produced lazily */
- ss->preferredCipher = NULL;
- ss->url = NULL;
-
- for (i=kt_null; i < kt_kea_size; i++) {
- sslServerCerts * sc = ss->serverCerts + i;
- sc->serverCert = NULL;
- sc->serverCertChain = NULL;
- sc->serverKey = NULL;
- sc->serverKeyBits = 0;
- }
- ss->stepDownKeyPair = NULL;
- ss->dbHandle = CERT_GetDefaultCertDB();
-
- /* Provide default implementation of hooks */
- ss->authCertificate = SSL_AuthCertificate;
- ss->authCertificateArg = (void *)ss->dbHandle;
- ss->getClientAuthData = NULL;
- ss->handleBadCert = NULL;
- ss->badCertArg = NULL;
- ss->pkcs11PinArg = NULL;
-
- ssl_ChooseOps(ss);
- ssl2_InitSocketPolicy(ss);
- ssl3_InitSocketPolicy(ss);
-
- ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL);
- if (!ss->firstHandshakeLock) goto loser;
- ss->ssl3HandshakeLock = PZ_NewMonitor(nssILockSSL);
- if (!ss->ssl3HandshakeLock) goto loser;
- ss->specLock = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
- if (!ss->specLock) goto loser;
- ss->recvBufLock = PZ_NewMonitor(nssILockSSL);
- if (!ss->recvBufLock) goto loser;
- ss->xmitBufLock = PZ_NewMonitor(nssILockSSL);
- if (!ss->xmitBufLock) goto loser;
- ss->writerThread = NULL;
- if (ssl_lock_readers) {
- ss->recvLock = PZ_NewLock(nssILockSSL);
- if (!ss->recvLock) goto loser;
- ss->sendLock = PZ_NewLock(nssILockSSL);
- if (!ss->sendLock) goto loser;
- }
- status = ssl_CreateSecurityInfo(ss);
- if (status != SECSuccess) goto loser;
- status = ssl_InitGather(&ss->gs);
- if (status != SECSuccess) {
-loser:
- ssl_DestroySocketContents(ss);
- ssl_DestroyLocks(ss);
- PORT_Free(ss);
- ss = NULL;
- }
- }
- return ss;
-}
-
diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h
deleted file mode 100644
index 1b866e20a..000000000
--- a/security/nss/lib/ssl/sslt.h
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * This file contains prototypes for the public SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslt_h_
-#define __sslt_h_
-
-#include "prtypes.h"
-
-typedef struct SSL3StatisticsStr {
- /* statistics from ssl3_SendClientHello (sch) */
- long sch_sid_cache_hits;
- long sch_sid_cache_misses;
- long sch_sid_cache_not_ok;
-
- /* statistics from ssl3_HandleServerHello (hsh) */
- long hsh_sid_cache_hits;
- long hsh_sid_cache_misses;
- long hsh_sid_cache_not_ok;
-
- /* statistics from ssl3_HandleClientHello (hch) */
- long hch_sid_cache_hits;
- long hch_sid_cache_misses;
- long hch_sid_cache_not_ok;
-} SSL3Statistics;
-
-/* Key Exchange algorithm values */
-typedef enum {
- ssl_kea_null = 0,
- ssl_kea_rsa = 1,
- ssl_kea_dh = 2,
- ssl_kea_fortezza = 3,
- ssl_kea_ecdh = 4,
- ssl_kea_size /* number of ssl_kea_ algorithms */
-} SSLKEAType;
-
-/* The following defines are for backwards compatibility.
-** They will be removed in a forthcoming release to reduce namespace pollution.
-** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
-** soon.
-*/
-#define kt_null ssl_kea_null
-#define kt_rsa ssl_kea_rsa
-#define kt_dh ssl_kea_dh
-#define kt_fortezza ssl_kea_fortezza
-#define kt_ecdh ssl_kea_ecdh
-#define kt_kea_size ssl_kea_size
-
-typedef enum {
- ssl_sign_null = 0,
- ssl_sign_rsa = 1,
- ssl_sign_dsa = 2,
- ssl_sign_ecdsa = 3
-} SSLSignType;
-
-typedef enum {
- ssl_auth_null = 0,
- ssl_auth_rsa = 1,
- ssl_auth_dsa = 2,
- ssl_auth_kea = 3,
- ssl_auth_ecdsa = 4
-} SSLAuthType;
-
-typedef enum {
- ssl_calg_null = 0,
- ssl_calg_rc4 = 1,
- ssl_calg_rc2 = 2,
- ssl_calg_des = 3,
- ssl_calg_3des = 4,
- ssl_calg_idea = 5,
- ssl_calg_fortezza = 6, /* skipjack */
- ssl_calg_aes = 7 /* coming soon */
-} SSLCipherAlgorithm;
-
-typedef enum {
- ssl_mac_null = 0,
- ssl_mac_md5 = 1,
- ssl_mac_sha = 2,
- ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */
- ssl_hmac_sha = 4 /* TLS HMAC version of mac_sha */
-} SSLMACAlgorithm;
-
-typedef struct SSLChannelInfoStr {
- PRUint32 length;
- PRUint16 protocolVersion;
- PRUint16 cipherSuite;
-
- /* server authentication info */
- PRUint32 authKeyBits;
-
- /* key exchange algorithm info */
- PRUint32 keaKeyBits;
-
- /* session info */
- PRUint32 creationTime; /* seconds since Jan 1, 1970 */
- PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
- PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
- PRUint32 sessionIDLength; /* up to 32 */
- PRUint8 sessionID [32];
-} SSLChannelInfo;
-
-typedef struct SSLCipherSuiteInfoStr {
- PRUint16 length;
- PRUint16 cipherSuite;
-
- /* Cipher Suite Name */
- const char * cipherSuiteName;
-
- /* server authentication info */
- const char * authAlgorithmName;
- SSLAuthType authAlgorithm;
-
- /* key exchange algorithm info */
- const char * keaTypeName;
- SSLKEAType keaType;
-
- /* symmetric encryption info */
- const char * symCipherName;
- SSLCipherAlgorithm symCipher;
- PRUint16 symKeyBits;
- PRUint16 symKeySpace;
- PRUint16 effectiveKeyBits;
-
- /* MAC info */
- const char * macAlgorithmName;
- SSLMACAlgorithm macAlgorithm;
- PRUint16 macBits;
-
- PRUintn isFIPS : 1;
- PRUintn isExportable : 1;
- PRUintn nonStandard : 1;
- PRUintn reservedBits :29;
-
-} SSLCipherSuiteInfo;
-
-#endif /* __sslt_h_ */
diff --git a/security/nss/lib/ssl/ssltrace.c b/security/nss/lib/ssl/ssltrace.c
deleted file mode 100644
index 15f064813..000000000
--- a/security/nss/lib/ssl/ssltrace.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * Functions to trace SSL protocol behavior in DEBUG builds.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include <stdarg.h>
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "prprf.h"
-
-#if defined(DEBUG) || defined(TRACE)
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
- "................" /* 0x */
- "................" /* 1x */
- " !\"#$%&'()*+,-./" /* 2x */
- "0123456789:;<=>?" /* 3x */
- "@ABCDEFGHIJKLMNO" /* 4x */
- "PQRSTUVWXYZ[\\]^_" /* 5x */
- "`abcdefghijklmno" /* 6x */
- "pqrstuvwxyz{|}~." /* 7x */
- "................" /* 8x */
- "................" /* 9x */
- "................" /* ax */
- "................" /* bx */
- "................" /* cx */
- "................" /* dx */
- "................" /* ex */
- "................" /* fx */
-};
-
-void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len)
-{
- const unsigned char *cp = (const unsigned char *)vp;
- char buf[80];
- char *bp;
- char *ap;
-
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,
- msg, len));
- } else {
- SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));
- }
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- *ap++ = printable[ch];
- if (ap - buf >= 66) {
- *ap = 0;
- SSL_TRACE((" %s", buf));
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- }
- }
- if (bp > buf) {
- *ap = 0;
- SSL_TRACE((" %s", buf));
- }
-}
-
-#define LEN(cp) (((cp)[0] << 8) | ((cp)[1]))
-
-static void PrintType(sslSocket *ss, char *msg)
-{
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,
- msg));
- } else {
- SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));
- }
-}
-
-static void PrintInt(sslSocket *ss, char *msg, unsigned v)
-{
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd,
- msg, v));
- } else {
- SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));
- }
-}
-
-/* PrintBuf is just like ssl_PrintBuf above, except that:
- * a) It prefixes each line of the buffer with "XX: SSL[xxx] "
- * b) It dumps only hex, not ASCII.
- */
-static void PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len)
-{
- char buf[80];
- char *bp;
-
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",
- SSL_GETPID(), ss->fd, msg, len));
- } else {
- SSL_TRACE(("%d: SSL: %s [Len: %d]",
- SSL_GETPID(), msg, len));
- }
- bp = buf;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- if (bp + 4 > buf + 50) {
- *bp = 0;
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s",
- SSL_GETPID(), ss->fd, buf));
- } else {
- SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
- }
- bp = buf;
- }
- }
- if (bp > buf) {
- *bp = 0;
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s",
- SSL_GETPID(), ss->fd, buf));
- } else {
- SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
- }
- }
-}
-
-void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len)
-{
- switch (bp[0]) {
- case SSL_MT_ERROR:
- PrintType(ss, "Error");
- PrintInt(ss, "error", LEN(bp+1));
- break;
-
- case SSL_MT_CLIENT_HELLO:
- {
- unsigned lcs = LEN(bp+3);
- unsigned ls = LEN(bp+5);
- unsigned lc = LEN(bp+7);
-
- PrintType(ss, "Client-Hello");
-
- PrintInt(ss, "version (Major)", bp[1]);
- PrintInt(ss, "version (minor)", bp[2]);
-
- PrintBuf(ss, "cipher-specs", bp+9, lcs);
- PrintBuf(ss, "session-id", bp+9+lcs, ls);
- PrintBuf(ss, "challenge", bp+9+lcs+ls, lc);
- }
- break;
- case SSL_MT_CLIENT_MASTER_KEY:
- {
- unsigned lck = LEN(bp+4);
- unsigned lek = LEN(bp+6);
- unsigned lka = LEN(bp+8);
-
- PrintType(ss, "Client-Master-Key");
-
- PrintInt(ss, "cipher-choice", bp[1]);
- PrintInt(ss, "key-length", LEN(bp+2));
-
- PrintBuf(ss, "clear-key", bp+10, lck);
- PrintBuf(ss, "encrypted-key", bp+10+lck, lek);
- PrintBuf(ss, "key-arg", bp+10+lck+lek, lka);
- }
- break;
- case SSL_MT_CLIENT_FINISHED:
- PrintType(ss, "Client-Finished");
- PrintBuf(ss, "connection-id", bp+1, len-1);
- break;
- case SSL_MT_SERVER_HELLO:
- {
- unsigned lc = LEN(bp+5);
- unsigned lcs = LEN(bp+7);
- unsigned lci = LEN(bp+9);
-
- PrintType(ss, "Server-Hello");
-
- PrintInt(ss, "session-id-hit", bp[1]);
- PrintInt(ss, "certificate-type", bp[2]);
- PrintInt(ss, "version (Major)", bp[3]);
- PrintInt(ss, "version (minor)", bp[3]);
- PrintBuf(ss, "certificate", bp+11, lc);
- PrintBuf(ss, "cipher-specs", bp+11+lc, lcs);
- PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci);
- }
- break;
- case SSL_MT_SERVER_VERIFY:
- PrintType(ss, "Server-Verify");
- PrintBuf(ss, "challenge", bp+1, len-1);
- break;
- case SSL_MT_SERVER_FINISHED:
- PrintType(ss, "Server-Finished");
- PrintBuf(ss, "session-id", bp+1, len-1);
- break;
- case SSL_MT_REQUEST_CERTIFICATE:
- PrintType(ss, "Request-Certificate");
- PrintInt(ss, "authentication-type", bp[1]);
- PrintBuf(ss, "certificate-challenge", bp+2, len-2);
- break;
- case SSL_MT_CLIENT_CERTIFICATE:
- {
- unsigned lc = LEN(bp+2);
- unsigned lr = LEN(bp+4);
- PrintType(ss, "Client-Certificate");
- PrintInt(ss, "certificate-type", bp[1]);
- PrintBuf(ss, "certificate", bp+6, lc);
- PrintBuf(ss, "response", bp+6+lc, lr);
- }
- break;
- default:
- ssl_PrintBuf(ss, "sending *unknown* message type", bp, len);
- return;
- }
-}
-
-void
-ssl_Trace(const char *format, ... )
-{
- char buf[2000];
-
- va_list args;
- va_start(args, format);
- PR_vsnprintf(buf, sizeof(buf), format, args);
- va_end(args);
- puts(buf);
-}
-#endif
diff --git a/security/nss/lib/ssl/sslver.c b/security/nss/lib/ssl/sslver.c
deleted file mode 100644
index 58bcdd858..000000000
--- a/security/nss/lib/ssl/sslver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_ssl_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_ssl_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/ssl/unix_err.c b/security/nss/lib/ssl/unix_err.c
deleted file mode 100644
index 7e125c880..000000000
--- a/security/nss/lib/ssl/unix_err.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#if 0
-#include "primpl.h"
-#else
-#define _PR_POLL_AVAILABLE 1
-#include "prerror.h"
-#endif
-
-#if defined (__bsdi__) || defined(NTO) || defined(DARWIN) || defined(BEOS)
-#undef _PR_POLL_AVAILABLE
-#endif
-
-#if defined(_PR_POLL_AVAILABLE)
-#include <poll.h>
-#endif
-#include <errno.h>
-
-/* forward declarations. */
-void nss_MD_unix_map_default_error(int err);
-
-void nss_MD_unix_map_opendir_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_closedir_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_readdir_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case ENOENT: prError = PR_NO_MORE_FILES_ERROR; break;
-#ifdef EOVERFLOW
- case EOVERFLOW: prError = PR_IO_ERROR; break;
-#endif
- case EINVAL: prError = PR_IO_ERROR; break;
- case ENXIO: prError = PR_IO_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_unlink_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EPERM: prError = PR_IS_DIRECTORY_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_stat_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_fstat_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_rename_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EEXIST: prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_access_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_mkdir_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_rmdir_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case EEXIST: prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
- case EINVAL: prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_read_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_INVALID_METHOD_ERROR; break;
- case ENXIO: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_write_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_INVALID_METHOD_ERROR; break;
- case ENXIO: prError = PR_INVALID_METHOD_ERROR; break;
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_lseek_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_fsync_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- case EINVAL: prError = PR_INVALID_METHOD_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_close_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_socket_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_socketavailable_error(int err)
-{
- PR_SetError(PR_BAD_DESCRIPTOR_ERROR, err);
-}
-
-void nss_MD_unix_map_recv_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_recvfrom_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_send_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_sendto_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_writev_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_accept_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENODEV: prError = PR_NOT_TCP_SOCKET_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_connect_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EACCES: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-#if defined(UNIXWARE) || defined(SNI) || defined(NEC)
- /*
- * On some platforms, if we connect to a port on the local host
- * (the loopback address) that no process is listening on, we get
- * EIO instead of ECONNREFUSED.
- */
- case EIO: prError = PR_CONNECT_REFUSED_ERROR; break;
-#endif
- case ELOOP: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENOENT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENXIO: prError = PR_IO_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_bind_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
- /*
- * UNIX domain sockets are not supported in NSPR
- */
- case EIO: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case EISDIR: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ELOOP: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENOENT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENOTDIR: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case EROFS: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_listen_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_shutdown_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_socketpair_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getsockname_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getpeername_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getsockopt_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BUFFER_OVERFLOW_ERROR; break;
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_setsockopt_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BUFFER_OVERFLOW_ERROR; break;
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_open_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EAGAIN: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case EBUSY: prError = PR_IO_ERROR; break;
- case ENODEV: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_mmap_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EAGAIN: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case EMFILE: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ENODEV: prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
- case ENXIO: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_gethostname_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_select_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-#ifdef _PR_POLL_AVAILABLE
-void nss_MD_unix_map_poll_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case EAGAIN: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_poll_revents_error(int err)
-{
- if (err & POLLNVAL)
- PR_SetError(PR_BAD_DESCRIPTOR_ERROR, EBADF);
- else if (err & POLLHUP)
- PR_SetError(PR_CONNECT_RESET_ERROR, EPIPE);
- else if (err & POLLERR)
- PR_SetError(PR_IO_ERROR, EIO);
- else
- PR_SetError(PR_UNKNOWN_ERROR, err);
-}
-#endif /* _PR_POLL_AVAILABLE */
-
-
-void nss_MD_unix_map_flock_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- case EWOULDBLOCK: prError = PR_FILE_IS_LOCKED_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_lockf_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EACCES: prError = PR_FILE_IS_LOCKED_ERROR; break;
- case EDEADLK: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-#ifdef HPUX11
-void nss_MD_hpux_map_sendfile_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-#endif /* HPUX11 */
-
-
-void nss_MD_unix_map_default_error(int err)
-{
- PRErrorCode prError;
- switch (err ) {
- case EACCES: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case EADDRINUSE: prError = PR_ADDRESS_IN_USE_ERROR; break;
- case EADDRNOTAVAIL: prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
- case EAFNOSUPPORT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case EAGAIN: prError = PR_WOULD_BLOCK_ERROR; break;
- /*
- * On QNX and Neutrino, EALREADY is defined as EBUSY.
- */
-#if EALREADY != EBUSY
- case EALREADY: prError = PR_ALREADY_INITIATED_ERROR; break;
-#endif
- case EBADF: prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#ifdef EBADMSG
- case EBADMSG: prError = PR_IO_ERROR; break;
-#endif
- case EBUSY: prError = PR_FILESYSTEM_MOUNTED_ERROR; break;
- case ECONNREFUSED: prError = PR_CONNECT_REFUSED_ERROR; break;
- case ECONNRESET: prError = PR_CONNECT_RESET_ERROR; break;
- case EDEADLK: prError = PR_DEADLOCK_ERROR; break;
-#ifdef EDIRCORRUPTED
- case EDIRCORRUPTED: prError = PR_DIRECTORY_CORRUPTED_ERROR; break;
-#endif
-#ifdef EDQUOT
- case EDQUOT: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-#endif
- case EEXIST: prError = PR_FILE_EXISTS_ERROR; break;
- case EFAULT: prError = PR_ACCESS_FAULT_ERROR; break;
- case EFBIG: prError = PR_FILE_TOO_BIG_ERROR; break;
- case EINPROGRESS: prError = PR_IN_PROGRESS_ERROR; break;
- case EINTR: prError = PR_PENDING_INTERRUPT_ERROR; break;
- case EINVAL: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case EIO: prError = PR_IO_ERROR; break;
- case EISCONN: prError = PR_IS_CONNECTED_ERROR; break;
- case EISDIR: prError = PR_IS_DIRECTORY_ERROR; break;
- case ELOOP: prError = PR_LOOP_ERROR; break;
- case EMFILE: prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
- case EMLINK: prError = PR_MAX_DIRECTORY_ENTRIES_ERROR; break;
- case EMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
-#ifdef EMULTIHOP
- case EMULTIHOP: prError = PR_REMOTE_FILE_ERROR; break;
-#endif
- case ENAMETOOLONG: prError = PR_NAME_TOO_LONG_ERROR; break;
- case ENETUNREACH: prError = PR_NETWORK_UNREACHABLE_ERROR; break;
- case ENFILE: prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
-#if !defined(SCO)
- case ENOBUFS: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-#endif
- case ENODEV: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ENOLCK: prError = PR_FILE_IS_LOCKED_ERROR; break;
-#ifdef ENOLINK
- case ENOLINK: prError = PR_REMOTE_FILE_ERROR; break;
-#endif
- case ENOMEM: prError = PR_OUT_OF_MEMORY_ERROR; break;
- case ENOPROTOOPT: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case ENOSPC: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-#ifdef ENOSR
- case ENOSR: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-#endif
- case ENOTCONN: prError = PR_NOT_CONNECTED_ERROR; break;
- case ENOTDIR: prError = PR_NOT_DIRECTORY_ERROR; break;
- case ENOTSOCK: prError = PR_NOT_SOCKET_ERROR; break;
- case ENXIO: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case EOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-#ifdef EOVERFLOW
- case EOVERFLOW: prError = PR_BUFFER_OVERFLOW_ERROR; break;
-#endif
- case EPERM: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case EPIPE: prError = PR_CONNECT_RESET_ERROR; break;
-#ifdef EPROTO
- case EPROTO: prError = PR_IO_ERROR; break;
-#endif
- case EPROTONOSUPPORT: prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
- case EPROTOTYPE: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ERANGE: prError = PR_INVALID_METHOD_ERROR; break;
- case EROFS: prError = PR_READ_ONLY_FILESYSTEM_ERROR; break;
- case ESPIPE: prError = PR_INVALID_METHOD_ERROR; break;
- case ETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
-#if EWOULDBLOCK != EAGAIN
- case EWOULDBLOCK: prError = PR_WOULD_BLOCK_ERROR; break;
-#endif
- case EXDEV: prError = PR_NOT_SAME_DEVICE_ERROR; break;
-
- default: prError = PR_UNKNOWN_ERROR; break;
- }
- PR_SetError(prError, err);
-}
diff --git a/security/nss/lib/ssl/unix_err.h b/security/nss/lib/ssl/unix_err.h
deleted file mode 100644
index 2611baf81..000000000
--- a/security/nss/lib/ssl/unix_err.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* NSPR doesn't make these functions public, so we have to duplicate
-** them in NSS.
-*/
-extern void nss_MD_hpux_map_sendfile_error(int err);
-extern void nss_MD_unix_map_accept_error(int err);
-extern void nss_MD_unix_map_access_error(int err);
-extern void nss_MD_unix_map_bind_error(int err);
-extern void nss_MD_unix_map_close_error(int err);
-extern void nss_MD_unix_map_closedir_error(int err);
-extern void nss_MD_unix_map_connect_error(int err);
-extern void nss_MD_unix_map_default_error(int err);
-extern void nss_MD_unix_map_flock_error(int err);
-extern void nss_MD_unix_map_fstat_error(int err);
-extern void nss_MD_unix_map_fsync_error(int err);
-extern void nss_MD_unix_map_gethostname_error(int err);
-extern void nss_MD_unix_map_getpeername_error(int err);
-extern void nss_MD_unix_map_getsockname_error(int err);
-extern void nss_MD_unix_map_getsockopt_error(int err);
-extern void nss_MD_unix_map_listen_error(int err);
-extern void nss_MD_unix_map_lockf_error(int err);
-extern void nss_MD_unix_map_lseek_error(int err);
-extern void nss_MD_unix_map_mkdir_error(int err);
-extern void nss_MD_unix_map_mmap_error(int err);
-extern void nss_MD_unix_map_open_error(int err);
-extern void nss_MD_unix_map_opendir_error(int err);
-extern void nss_MD_unix_map_poll_error(int err);
-extern void nss_MD_unix_map_poll_revents_error(int err);
-extern void nss_MD_unix_map_read_error(int err);
-extern void nss_MD_unix_map_readdir_error(int err);
-extern void nss_MD_unix_map_recv_error(int err);
-extern void nss_MD_unix_map_recvfrom_error(int err);
-extern void nss_MD_unix_map_rename_error(int err);
-extern void nss_MD_unix_map_rmdir_error(int err);
-extern void nss_MD_unix_map_select_error(int err);
-extern void nss_MD_unix_map_send_error(int err);
-extern void nss_MD_unix_map_sendto_error(int err);
-extern void nss_MD_unix_map_setsockopt_error(int err);
-extern void nss_MD_unix_map_shutdown_error(int err);
-extern void nss_MD_unix_map_socket_error(int err);
-extern void nss_MD_unix_map_socketavailable_error(int err);
-extern void nss_MD_unix_map_socketpair_error(int err);
-extern void nss_MD_unix_map_stat_error(int err);
-extern void nss_MD_unix_map_unlink_error(int err);
-extern void nss_MD_unix_map_write_error(int err);
-extern void nss_MD_unix_map_writev_error(int err);
diff --git a/security/nss/lib/ssl/win32err.c b/security/nss/lib/ssl/win32err.c
deleted file mode 100644
index 4f55f280c..000000000
--- a/security/nss/lib/ssl/win32err.c
+++ /dev/null
@@ -1,376 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#if !defined(_WIN32_WCE)
-
-#include "prerror.h"
-#include "prlog.h"
-#include <errno.h>
-#include <windows.h>
-
-/*
- * On Win32, we map three kinds of error codes:
- * - GetLastError(): for Win32 functions
- * - WSAGetLastError(): for Winsock functions
- * - errno: for standard C library functions
- *
- * We do not check for WSAEINPROGRESS and WSAEINTR because we do not
- * use blocking Winsock 1.1 calls.
- *
- * Except for the 'socket' call, we do not check for WSAEINITIALISED.
- * It is assumed that if Winsock is not initialized, that fact will
- * be detected at the time we create new sockets.
- */
-
-/* forward declaration. */
-void nss_MD_win32_map_default_error(PRInt32 err);
-
-void nss_MD_win32_map_opendir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_closedir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_readdir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_delete_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/* The error code for stat() is in errno. */
-void nss_MD_win32_map_stat_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_fstat_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_rename_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/* The error code for access() is in errno. */
-void nss_MD_win32_map_access_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_mkdir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_rmdir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_read_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_transmitfile_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_write_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_lseek_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_fsync_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/*
- * For both CloseHandle() and closesocket().
- */
-void nss_MD_win32_map_close_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_socket_error(PRInt32 err)
-{
- PR_ASSERT(err != WSANOTINITIALISED);
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_recv_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_recvfrom_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_send_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_sendto_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_accept_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
- case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_acceptex_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_connect_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
- case WSAEINVAL: prError = PR_ALREADY_INITIATED_ERROR; break;
- case WSAETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_bind_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_listen_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
- case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_shutdown_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_getsockname_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_getpeername_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_getsockopt_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_setsockopt_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_open_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_gethostname_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/* Win32 select() only works on sockets. So in this
-** context, WSAENOTSOCK is equivalent to EBADF on Unix.
-*/
-void nss_MD_win32_map_select_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAENOTSOCK: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_lockf_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-
-
-void nss_MD_win32_map_default_error(PRInt32 err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case EACCES: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ERROR_ACCESS_DENIED: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case ERROR_ALREADY_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
- case ERROR_DISK_CORRUPT: prError = PR_IO_ERROR; break;
- case ERROR_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
- case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
- case ERROR_DRIVE_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
- case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
- case ERROR_FILE_CORRUPT: prError = PR_IO_ERROR; break;
- case ERROR_FILE_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
- case ERROR_FILE_INVALID: prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#if ERROR_FILE_NOT_FOUND != ENOENT
- case ERROR_FILE_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
-#endif
- case ERROR_HANDLE_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
- case ERROR_INVALID_ADDRESS: prError = PR_ACCESS_FAULT_ERROR; break;
- case ERROR_INVALID_HANDLE: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- case ERROR_INVALID_NAME: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case ERROR_INVALID_PARAMETER: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case ERROR_INVALID_USER_BUFFER: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ERROR_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
- case ERROR_NETNAME_DELETED: prError = PR_CONNECT_RESET_ERROR; break;
- case ERROR_NOACCESS: prError = PR_ACCESS_FAULT_ERROR; break;
- case ERROR_NOT_ENOUGH_MEMORY: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ERROR_NOT_ENOUGH_QUOTA: prError = PR_OUT_OF_MEMORY_ERROR; break;
- case ERROR_NOT_READY: prError = PR_IO_ERROR; break;
- case ERROR_NO_MORE_FILES: prError = PR_NO_MORE_FILES_ERROR; break;
- case ERROR_OPEN_FAILED: prError = PR_IO_ERROR; break;
- case ERROR_OPEN_FILES: prError = PR_IO_ERROR; break;
- case ERROR_OUTOFMEMORY: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ERROR_PATH_BUSY: prError = PR_IO_ERROR; break;
- case ERROR_PATH_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ERROR_SEEK_ON_DEVICE: prError = PR_IO_ERROR; break;
- case ERROR_SHARING_VIOLATION: prError = PR_FILE_IS_BUSY_ERROR; break;
- case ERROR_STACK_OVERFLOW: prError = PR_ACCESS_FAULT_ERROR; break;
- case ERROR_TOO_MANY_OPEN_FILES: prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
- case ERROR_WRITE_PROTECT: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case WSAEACCES: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case WSAEADDRINUSE: prError = PR_ADDRESS_IN_USE_ERROR; break;
- case WSAEADDRNOTAVAIL: prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
- case WSAEAFNOSUPPORT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case WSAEALREADY: prError = PR_ALREADY_INITIATED_ERROR; break;
- case WSAEBADF: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- case WSAECONNABORTED: prError = PR_CONNECT_ABORTED_ERROR; break;
- case WSAECONNREFUSED: prError = PR_CONNECT_REFUSED_ERROR; break;
- case WSAECONNRESET: prError = PR_CONNECT_RESET_ERROR; break;
- case WSAEDESTADDRREQ: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAEFAULT: prError = PR_ACCESS_FAULT_ERROR; break;
- case WSAEHOSTUNREACH: prError = PR_HOST_UNREACHABLE_ERROR; break;
- case WSAEINVAL: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAEISCONN: prError = PR_IS_CONNECTED_ERROR; break;
- case WSAEMFILE: prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
- case WSAEMSGSIZE: prError = PR_BUFFER_OVERFLOW_ERROR; break;
- case WSAENETDOWN: prError = PR_NETWORK_DOWN_ERROR; break;
- case WSAENETRESET: prError = PR_CONNECT_ABORTED_ERROR; break;
- case WSAENETUNREACH: prError = PR_NETWORK_UNREACHABLE_ERROR; break;
- case WSAENOBUFS: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case WSAENOPROTOOPT: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAENOTCONN: prError = PR_NOT_CONNECTED_ERROR; break;
- case WSAENOTSOCK: prError = PR_NOT_SOCKET_ERROR; break;
- case WSAEOPNOTSUPP: prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
- case WSAEPROTONOSUPPORT: prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
- case WSAEPROTOTYPE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAESHUTDOWN: prError = PR_SOCKET_SHUTDOWN_ERROR; break;
- case WSAESOCKTNOSUPPORT: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAETIMEDOUT: prError = PR_CONNECT_ABORTED_ERROR; break;
- case WSAEWOULDBLOCK: prError = PR_WOULD_BLOCK_ERROR; break;
- default: prError = PR_UNKNOWN_ERROR; break;
- }
- PR_SetError(prError, err);
-}
-
-#endif
diff --git a/security/nss/lib/ssl/win32err.h b/security/nss/lib/ssl/win32err.h
deleted file mode 100644
index b87dfefd4..000000000
--- a/security/nss/lib/ssl/win32err.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * This code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* NSPR doesn't make these functions public, so we have to duplicate
-** them in NSS.
-*/
-extern void nss_MD_win32_map_accept_error(PRInt32 err);
-extern void nss_MD_win32_map_acceptex_error(PRInt32 err);
-extern void nss_MD_win32_map_access_error(PRInt32 err);
-extern void nss_MD_win32_map_bind_error(PRInt32 err);
-extern void nss_MD_win32_map_close_error(PRInt32 err);
-extern void nss_MD_win32_map_closedir_error(PRInt32 err);
-extern void nss_MD_win32_map_connect_error(PRInt32 err);
-extern void nss_MD_win32_map_default_error(PRInt32 err);
-extern void nss_MD_win32_map_delete_error(PRInt32 err);
-extern void nss_MD_win32_map_fstat_error(PRInt32 err);
-extern void nss_MD_win32_map_fsync_error(PRInt32 err);
-extern void nss_MD_win32_map_gethostname_error(PRInt32 err);
-extern void nss_MD_win32_map_getpeername_error(PRInt32 err);
-extern void nss_MD_win32_map_getsockname_error(PRInt32 err);
-extern void nss_MD_win32_map_getsockopt_error(PRInt32 err);
-extern void nss_MD_win32_map_listen_error(PRInt32 err);
-extern void nss_MD_win32_map_lockf_error(PRInt32 err);
-extern void nss_MD_win32_map_lseek_error(PRInt32 err);
-extern void nss_MD_win32_map_mkdir_error(PRInt32 err);
-extern void nss_MD_win32_map_open_error(PRInt32 err);
-extern void nss_MD_win32_map_opendir_error(PRInt32 err);
-extern void nss_MD_win32_map_read_error(PRInt32 err);
-extern void nss_MD_win32_map_readdir_error(PRInt32 err);
-extern void nss_MD_win32_map_recv_error(PRInt32 err);
-extern void nss_MD_win32_map_recvfrom_error(PRInt32 err);
-extern void nss_MD_win32_map_rename_error(PRInt32 err);
-extern void nss_MD_win32_map_rmdir_error(PRInt32 err);
-extern void nss_MD_win32_map_select_error(PRInt32 err);
-extern void nss_MD_win32_map_send_error(PRInt32 err);
-extern void nss_MD_win32_map_sendto_error(PRInt32 err);
-extern void nss_MD_win32_map_setsockopt_error(PRInt32 err);
-extern void nss_MD_win32_map_shutdown_error(PRInt32 err);
-extern void nss_MD_win32_map_socket_error(PRInt32 err);
-extern void nss_MD_win32_map_stat_error(PRInt32 err);
-extern void nss_MD_win32_map_transmitfile_error(PRInt32 err);
-extern void nss_MD_win32_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/util/Makefile b/security/nss/lib/util/Makefile
deleted file mode 100644
index 0236afefa..000000000
--- a/security/nss/lib/util/Makefile
+++ /dev/null
@@ -1,88 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-# include $(CORE_DEPTH)/coreconf/arch.mk
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-ifeq ($(OS_TARGET),HP-UX)
-ifneq ($(OS_TEST),ia64)
- ASFILES += ret_cr16.s
-endif
-endif
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-tests:: $(OBJDIR)/test_utf8
-
-$(OBJDIR)/test_utf8: utf8.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $(OBJDIR)/test_utf8 -DTEST_UTF8 utf8.c $(OS_LIBS)
diff --git a/security/nss/lib/util/base64.h b/security/nss/lib/util/base64.h
deleted file mode 100644
index 92dc54d7c..000000000
--- a/security/nss/lib/util/base64.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * base64.h - prototypes for base64 encoding/decoding
- * Note: These functions are deprecated; see nssb64.h for new routines.
- *
- * $Id$
- */
-#ifndef _BASE64_H_
-#define _BASE64_H_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Return an PORT_Alloc'd ascii string which is the base64 encoded
-** version of the input string.
-*/
-extern char *BTOA_DataToAscii(const unsigned char *data, unsigned int len);
-
-/*
-** Return an PORT_Alloc'd string which is the base64 decoded version
-** of the input string; set *lenp to the length of the returned data.
-*/
-extern unsigned char *ATOB_AsciiToData(const char *string, unsigned int *lenp);
-
-/*
-** Convert from ascii to binary encoding of an item.
-*/
-extern SECStatus ATOB_ConvertAsciiToItem(SECItem *binary_item, char *ascii);
-
-/*
-** Convert from binary encoding of an item to ascii.
-*/
-extern char *BTOA_ConvertItemToAscii(SECItem *binary_item);
-
-SEC_END_PROTOS
-
-#endif /* _BASE64_H_ */
diff --git a/security/nss/lib/util/ciferfam.h b/security/nss/lib/util/ciferfam.h
deleted file mode 100644
index fd2f3bd0f..000000000
--- a/security/nss/lib/util/ciferfam.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ciferfam.h - cipher familie IDs used for configuring ciphers for export
- * control
- *
- * $Id$
- */
-
-#ifndef _CIFERFAM_H_
-#define _CIFERFAM_H_
-
-/* Cipher Suite "Families" */
-#define CIPHER_FAMILY_PKCS12 "PKCS12"
-#define CIPHER_FAMILY_SMIME "SMIME"
-#define CIPHER_FAMILY_SSL2 "SSLv2"
-#define CIPHER_FAMILY_SSL3 "SSLv3"
-#define CIPHER_FAMILY_SSL "SSL"
-#define CIPHER_FAMILY_ALL ""
-#define CIPHER_FAMILY_UNKNOWN "UNKNOWN"
-
-#define CIPHER_FAMILYID_MASK 0xFFFF0000L
-#define CIPHER_FAMILYID_SSL 0x00000000L
-#define CIPHER_FAMILYID_SMIME 0x00010000L
-#define CIPHER_FAMILYID_PKCS12 0x00020000L
-
-/* SMIME "Cipher Suites" */
-/*
- * Note that it is assumed that the cipher number itself can be used
- * as a bit position in a mask, and that mask is currently 32 bits wide.
- * So, if you want to add a cipher that is greater than 0033, secmime.c
- * needs to be made smarter at the same time.
- */
-#define SMIME_RC2_CBC_40 (CIPHER_FAMILYID_SMIME | 0001)
-#define SMIME_RC2_CBC_64 (CIPHER_FAMILYID_SMIME | 0002)
-#define SMIME_RC2_CBC_128 (CIPHER_FAMILYID_SMIME | 0003)
-#define SMIME_DES_CBC_56 (CIPHER_FAMILYID_SMIME | 0011)
-#define SMIME_DES_EDE3_168 (CIPHER_FAMILYID_SMIME | 0012)
-#define SMIME_RC5PAD_64_16_40 (CIPHER_FAMILYID_SMIME | 0021)
-#define SMIME_RC5PAD_64_16_64 (CIPHER_FAMILYID_SMIME | 0022)
-#define SMIME_RC5PAD_64_16_128 (CIPHER_FAMILYID_SMIME | 0023)
-#define SMIME_FORTEZZA (CIPHER_FAMILYID_SMIME | 0031)
-
-/* PKCS12 "Cipher Suites" */
-
-#define PKCS12_RC2_CBC_40 (CIPHER_FAMILYID_PKCS12 | 0001)
-#define PKCS12_RC2_CBC_128 (CIPHER_FAMILYID_PKCS12 | 0002)
-#define PKCS12_RC4_40 (CIPHER_FAMILYID_PKCS12 | 0011)
-#define PKCS12_RC4_128 (CIPHER_FAMILYID_PKCS12 | 0012)
-#define PKCS12_DES_56 (CIPHER_FAMILYID_PKCS12 | 0021)
-#define PKCS12_DES_EDE3_168 (CIPHER_FAMILYID_PKCS12 | 0022)
-
-/* SMIME version numbers are negative, to avoid colliding with SSL versions */
-#define SMIME_LIBRARY_VERSION_1_0 -0x0100
-
-#endif /* _CIFERFAM_H_ */
diff --git a/security/nss/lib/util/config.mk b/security/nss/lib/util/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/util/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/util/derdec.c b/security/nss/lib/util/derdec.c
deleted file mode 100644
index e98fcfcf3..000000000
--- a/security/nss/lib/util/derdec.c
+++ /dev/null
@@ -1,552 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include "secerr.h"
-
-static uint32
-der_indefinite_length(unsigned char *buf, unsigned char *end)
-{
- uint32 len, ret, dataLen;
- unsigned char tag, lenCode;
- int dataLenLen;
-
- len = 0;
- while ( 1 ) {
- if ((buf + 2) > end) {
- return(0);
- }
-
- tag = *buf++;
- lenCode = *buf++;
- len += 2;
-
- if ( ( tag == 0 ) && ( lenCode == 0 ) ) {
- return(len);
- }
-
- if ( lenCode == 0x80 ) { /* indefinite length */
- ret = der_indefinite_length(buf, end); /* recurse to find length */
- if (ret == 0)
- return 0;
- len += ret;
- buf += ret;
- } else { /* definite length */
- if (lenCode & 0x80) {
- /* Length of data is in multibyte format */
- dataLenLen = lenCode & 0x7f;
- switch (dataLenLen) {
- case 1:
- dataLen = buf[0];
- break;
- case 2:
- dataLen = (buf[0]<<8)|buf[1];
- break;
- case 3:
- dataLen = ((unsigned long)buf[0]<<16)|(buf[1]<<8)|buf[2];
- break;
- case 4:
- dataLen = ((unsigned long)buf[0]<<24)|
- ((unsigned long)buf[1]<<16)|(buf[2]<<8)|buf[3];
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- } else {
- /* Length of data is in single byte */
- dataLen = lenCode;
- dataLenLen = 0;
- }
-
- /* skip this item */
- buf = buf + dataLenLen + dataLen;
- len = len + dataLenLen + dataLen;
- }
- }
-}
-
-/*
-** Capture the next thing in the buffer.
-** Returns the length of the header and the length of the contents.
-*/
-static SECStatus
-der_capture(unsigned char *buf, unsigned char *end,
- int *header_len_p, uint32 *contents_len_p)
-{
- unsigned char *bp;
- unsigned char whole_tag;
- uint32 contents_len;
- int tag_number;
-
- if ((buf + 2) > end) {
- *header_len_p = 0;
- *contents_len_p = 0;
- if (buf == end)
- return SECSuccess;
- return SECFailure;
- }
-
- bp = buf;
-
- /* Get tag and verify that it is ok. */
- whole_tag = *bp++;
- tag_number = whole_tag & DER_TAGNUM_MASK;
-
- /*
- * XXX This code does not (yet) handle the high-tag-number form!
- */
- if (tag_number == DER_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
-
- if ((whole_tag & DER_CLASS_MASK) == DER_UNIVERSAL) {
- /* Check that the universal tag number is one we implement. */
- switch (tag_number) {
- case DER_BOOLEAN:
- case DER_INTEGER:
- case DER_BIT_STRING:
- case DER_OCTET_STRING:
- case DER_NULL:
- case DER_OBJECT_ID:
- case DER_SEQUENCE:
- case DER_SET:
- case DER_PRINTABLE_STRING:
- case DER_T61_STRING:
- case DER_IA5_STRING:
- case DER_VISIBLE_STRING:
- case DER_UTC_TIME:
- case 0: /* end-of-contents tag */
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- }
-
- /*
- * Get first byte of length code (might contain entire length, might not).
- */
- contents_len = *bp++;
-
- /*
- * If the high bit is set, then the length is in multibyte format,
- * or the thing has an indefinite-length.
- */
- if (contents_len & 0x80) {
- int bytes_of_encoded_len;
-
- bytes_of_encoded_len = contents_len & 0x7f;
- contents_len = 0;
-
- switch (bytes_of_encoded_len) {
- case 4:
- contents_len |= *bp++;
- contents_len <<= 8;
- /* fallthru */
- case 3:
- contents_len |= *bp++;
- contents_len <<= 8;
- /* fallthru */
- case 2:
- contents_len |= *bp++;
- contents_len <<= 8;
- /* fallthru */
- case 1:
- contents_len |= *bp++;
- break;
-
- case 0:
- contents_len = der_indefinite_length (bp, end);
- if (contents_len)
- break;
- /* fallthru */
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- }
-
- if ((bp + contents_len) > end) {
- /* Ran past end of buffer */
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
-
- *header_len_p = bp - buf;
- *contents_len_p = contents_len;
-
- return SECSuccess;
-}
-
-static unsigned char *
-der_decode(PRArenaPool *arena, void *dest, DERTemplate *dtemplate,
- unsigned char *buf, int header_len, uint32 contents_len)
-{
- unsigned char *orig_buf, *end;
- unsigned long encode_kind, under_kind;
- PRBool explicit, optional, universal, check_tag;
- SECItem *item;
- SECStatus rv;
- PRBool indefinite_length, explicit_indefinite_length;
-
- encode_kind = dtemplate->kind;
- explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
- optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- if (header_len == 0) {
- if (optional || (encode_kind & DER_ANY))
- return buf;
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
-
- if (encode_kind & DER_POINTER) {
- void *place, **placep;
- int offset;
-
- if (dtemplate->sub != NULL) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- place = PORT_ArenaZAlloc(arena, dtemplate->arg);
- offset = dtemplate->offset;
- } else {
- if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- place = PORT_ArenaZAlloc(arena, sizeof(SECItem));
- offset = 0;
- }
- if (place == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL; /* Out of memory */
- }
- placep = (void **)dest;
- *placep = place;
- dest = (void *)((char *)place + offset);
- } else if (encode_kind & DER_INLINE) {
- PORT_Assert (dtemplate->sub != NULL);
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- dest = (void *)((char *)dest + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- orig_buf = buf;
- end = buf + header_len + contents_len;
-
- explicit_indefinite_length = PR_FALSE;
-
- if (explicit) {
- /*
- * This tag is expected to match exactly.
- * (The template has all of the bits specified.)
- */
- if (*buf != (encode_kind & DER_TAG_MASK)) {
- if (optional)
- return buf;
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
- if ((header_len == 2) && (*(buf + 1) == 0x80))
- explicit_indefinite_length = PR_TRUE;
- buf += header_len;
- rv = der_capture (buf, end, &header_len, &contents_len);
- if (rv != SECSuccess)
- return NULL;
- if (header_len == 0) { /* XXX is this right? */
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
- optional = PR_FALSE; /* can no longer be optional */
- encode_kind = under_kind;
- }
-
- check_tag = PR_TRUE;
- if (encode_kind & (DER_DERPTR | DER_ANY | DER_FORCE | DER_SKIP)) {
- PORT_Assert ((encode_kind & DER_ANY) || !optional);
- encode_kind = encode_kind & (~DER_FORCE);
- under_kind = under_kind & (~DER_FORCE);
- check_tag = PR_FALSE;
- }
-
- if (check_tag) {
- PRBool wrong;
- unsigned char expect_tag, expect_num;
-
- /*
- * This tag is expected to match, but the simple types
- * may or may not have the constructed bit set, so we
- * have to have all this extra logic.
- */
- wrong = PR_TRUE;
- expect_tag = (unsigned char)encode_kind & DER_TAG_MASK;
- expect_num = expect_tag & DER_TAGNUM_MASK;
- if (expect_num == DER_SET || expect_num == DER_SEQUENCE) {
- if (*buf == (expect_tag | DER_CONSTRUCTED))
- wrong = PR_FALSE;
- } else {
- if (*buf == expect_tag)
- wrong = PR_FALSE;
- else if (*buf == (expect_tag | DER_CONSTRUCTED))
- wrong = PR_FALSE;
- }
- if (wrong) {
- if (optional)
- return buf;
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
- }
-
- if (under_kind & DER_DERPTR) {
- item = (SECItem *)dest;
- if (under_kind & DER_OUTER) {
- item->data = buf;
- item->len = header_len + contents_len;
- } else {
- item->data = buf + header_len;
- item->len = contents_len;
- }
- return orig_buf;
- }
-
- if (encode_kind & DER_ANY) {
- contents_len += header_len;
- header_len = 0;
- }
-
- if ((header_len == 2) && (*(buf + 1) == 0x80))
- indefinite_length = PR_TRUE;
- else
- indefinite_length = PR_FALSE;
-
- buf += header_len;
-
- if (contents_len == 0)
- return buf;
-
- under_kind &= ~DER_OPTIONAL;
-
- if (under_kind & DER_INDEFINITE) {
- int count, thing_size;
- unsigned char *sub_buf;
- DERTemplate *tmpt;
- void *things, **indp, ***placep;
-
- under_kind &= ~DER_INDEFINITE;
-
- /*
- * Count items.
- */
- count = 0;
- sub_buf = buf;
- while (sub_buf < end) {
- if (indefinite_length && sub_buf[0] == 0 && sub_buf[1] == 0) {
- break;
- }
- rv = der_capture (sub_buf, end, &header_len, &contents_len);
- if (rv != SECSuccess)
- return NULL;
- count++;
- sub_buf += header_len + contents_len;
- }
-
- /*
- * Allocate an array of pointers to items; extra one is for a NULL.
- */
- indp = (void**)PORT_ArenaZAlloc(arena, (count + 1) * sizeof(void *));
- if (indp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /*
- * Prepare.
- */
- if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
- tmpt = dtemplate->sub;
- PORT_Assert (tmpt != NULL);
- thing_size = tmpt->arg;
- PORT_Assert (thing_size != 0);
- } else {
- tmpt = NULL;
- thing_size = sizeof(SECItem);
- }
-
- /*
- * Allocate the items themselves.
- */
- things = PORT_ArenaZAlloc(arena, count * thing_size);
- if (things == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- placep = (void ***)dest;
- *placep = indp;
-
- while (count) {
- /* ignore return value because we already did whole thing above */
- (void) der_capture (buf, end, &header_len, &contents_len);
- if (tmpt != NULL) {
- void *sub_thing;
-
- sub_thing = (void *)((char *)things + tmpt->offset);
- buf = der_decode (arena, sub_thing, tmpt,
- buf, header_len, contents_len);
- if (buf == NULL)
- return NULL;
- } else {
- item = (SECItem *)things;
- if (under_kind == DER_ANY) {
- contents_len += header_len;
- header_len = 0;
- }
- buf += header_len;
- if (under_kind == DER_BIT_STRING) {
- item->data = buf + 1;
- item->len = ((contents_len - 1) << 3) - *buf;
- } else {
- item->data = buf;
- item->len = contents_len;
- }
- buf += contents_len;
- }
- *indp++ = things;
- things = (void *)((char *)things + thing_size);
- count--;
- }
-
- *indp = NULL;
-
- goto der_decode_done;
- }
-
- switch (under_kind) {
- case DER_SEQUENCE:
- case DER_SET:
- {
- DERTemplate *tmpt;
- void *sub_dest;
-
- for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
- sub_dest = (void *)((char *)dest + tmpt->offset);
- rv = der_capture (buf, end, &header_len, &contents_len);
- if (rv != SECSuccess)
- return NULL;
- buf = der_decode (arena, sub_dest, tmpt,
- buf, header_len, contents_len);
- if (buf == NULL)
- return NULL;
- }
- }
- break;
-
- case DER_BIT_STRING:
- item = (SECItem *)dest;
- item->data = buf + 1;
- item->len = ((contents_len - 1) << 3) - *buf;
- buf += contents_len;
- break;
-
- case DER_SKIP:
- buf += contents_len;
- break;
-
- default:
- item = (SECItem *)dest;
- item->data = buf;
- item->len = contents_len;
- buf += contents_len;
- break;
- }
-
-der_decode_done:
-
- if (indefinite_length && buf[0] == 0 && buf[1] == 0) {
- buf += 2;
- }
-
- if (explicit_indefinite_length && buf[0] == 0 && buf[1] == 0) {
- buf += 2;
- }
-
- return buf;
-}
-
-SECStatus
-DER_Decode(PRArenaPool *arena, void *dest, DERTemplate *dtemplate, SECItem *src)
-{
- unsigned char *buf;
- uint32 buf_len, contents_len;
- int header_len;
- SECStatus rv;
-
- buf = src->data;
- buf_len = src->len;
-
- rv = der_capture (buf, buf + buf_len, &header_len, &contents_len);
- if (rv != SECSuccess)
- return rv;
-
- dest = (void *)((char *)dest + dtemplate->offset);
- buf = der_decode (arena, dest, dtemplate, buf, header_len, contents_len);
- if (buf == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-SECStatus
-DER_Lengths(SECItem *item, int *header_len_p, uint32 *contents_len_p)
-{
- return(der_capture(item->data, &item->data[item->len], header_len_p,
- contents_len_p));
-}
diff --git a/security/nss/lib/util/derenc.c b/security/nss/lib/util/derenc.c
deleted file mode 100644
index 191b00528..000000000
--- a/security/nss/lib/util/derenc.c
+++ /dev/null
@@ -1,504 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include "secerr.h"
-/*
- * Generic templates for individual/simple items.
- */
-
-DERTemplate SECAnyTemplate[] = {
- { DER_ANY,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECBitStringTemplate[] = {
- { DER_BIT_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECBooleanTemplate[] = {
- { DER_BOOLEAN,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECIA5StringTemplate[] = {
- { DER_IA5_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECIntegerTemplate[] = {
- { DER_INTEGER,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECNullTemplate[] = {
- { DER_NULL,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECObjectIDTemplate[] = {
- { DER_OBJECT_ID,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECOctetStringTemplate[] = {
- { DER_OCTET_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECPrintableStringTemplate[] = {
- { DER_PRINTABLE_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECT61StringTemplate[] = {
- { DER_T61_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECUTCTimeTemplate[] = {
- { DER_UTC_TIME,
- 0, NULL, sizeof(SECItem) }
-};
-
-
-static int
-header_length(DERTemplate *dtemplate, uint32 contents_len)
-{
- uint32 len;
- unsigned long encode_kind, under_kind;
- PRBool explicit, optional, universal;
-
- encode_kind = dtemplate->kind;
-
- explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
- optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- if (encode_kind & DER_POINTER) {
- if (dtemplate->sub != NULL) {
- under_kind = dtemplate->sub->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- } else if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- } else if (encode_kind & DER_INLINE) {
- under_kind = dtemplate->sub->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- /* This is only used in decoding; it plays no part in encoding. */
- if (under_kind & DER_DERPTR)
- return 0;
-
- /* No header at all for an "empty" optional. */
- if ((contents_len == 0) && optional)
- return 0;
-
- /* And no header for a full DER_ANY. */
- if (encode_kind & DER_ANY)
- return 0;
-
- /*
- * The common case: one octet for identifier and as many octets
- * as necessary to hold the content length.
- */
- len = 1 + DER_LengthLength(contents_len);
-
- /* Account for the explicit wrapper, if necessary. */
- if (explicit) {
-#if 0 /*
- * Well, I was trying to do something useful, but these
- * assertions are too restrictive on valid templates.
- * I wanted to make sure that the top-level "kind" of
- * a template does not also specify DER_EXPLICIT, which
- * should only modify a component field. Maybe later
- * I can figure out a better way to detect such a problem,
- * but for now I must remove these checks altogether.
- */
- /*
- * This modifier applies only to components of a set or sequence;
- * it should never be used on a set/sequence itself -- confirm.
- */
- PORT_Assert (under_kind != DER_SEQUENCE);
- PORT_Assert (under_kind != DER_SET);
-#endif
-
- len += 1 + DER_LengthLength(len + contents_len);
- }
-
- return len;
-}
-
-
-static uint32
-contents_length(DERTemplate *dtemplate, void *src)
-{
- uint32 len;
- unsigned long encode_kind, under_kind;
- PRBool universal;
-
-
- PORT_Assert (src != NULL);
-
- encode_kind = dtemplate->kind;
-
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
- encode_kind &= ~DER_OPTIONAL;
-
- if (encode_kind & DER_POINTER) {
- src = *(void **)src;
- if (src == NULL) {
- return 0;
- }
- if (dtemplate->sub != NULL) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- } else if (encode_kind & DER_INLINE) {
- PORT_Assert (dtemplate->sub != NULL);
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- /* Having any of these bits is not expected here... */
- PORT_Assert ((under_kind & (DER_EXPLICIT | DER_INLINE | DER_OPTIONAL
- | DER_POINTER | DER_SKIP)) == 0);
-
- /* This is only used in decoding; it plays no part in encoding. */
- if (under_kind & DER_DERPTR)
- return 0;
-
- if (under_kind & DER_INDEFINITE) {
- uint32 sub_len;
- void **indp;
-
- indp = *(void ***)src;
- if (indp == NULL)
- return 0;
-
- len = 0;
- under_kind &= ~DER_INDEFINITE;
-
- if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
- DERTemplate *tmpt;
- void *sub_src;
-
- tmpt = dtemplate->sub;
-
- for (; *indp != NULL; indp++) {
- sub_src = (void *)((char *)(*indp) + tmpt->offset);
- sub_len = contents_length (tmpt, sub_src);
- len += sub_len + header_length (tmpt, sub_len);
- }
- } else {
- /*
- * XXX Lisa is not sure this code (for handling, for example,
- * DER_INDEFINITE | DER_OCTET_STRING) is right.
- */
- for (; *indp != NULL; indp++) {
- SECItem *item;
- item = (SECItem *)(*indp);
- sub_len = item->len;
- if (under_kind == DER_BIT_STRING) {
- sub_len = (sub_len + 7) >> 3;
- /* bit string contents involve an extra octet */
- if (sub_len)
- sub_len++;
- }
- if (under_kind != DER_ANY)
- len += 1 + DER_LengthLength (sub_len);
- }
- }
-
- return len;
- }
-
- switch (under_kind) {
- case DER_SEQUENCE:
- case DER_SET:
- {
- DERTemplate *tmpt;
- void *sub_src;
- uint32 sub_len;
-
- len = 0;
- for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
- sub_src = (void *)((char *)src + tmpt->offset);
- sub_len = contents_length (tmpt, sub_src);
- len += sub_len + header_length (tmpt, sub_len);
- }
- }
- break;
-
- case DER_BIT_STRING:
- len = (((SECItem *)src)->len + 7) >> 3;
- /* bit string contents involve an extra octet */
- if (len)
- len++;
- break;
-
- default:
- len = ((SECItem *)src)->len;
- break;
- }
-
- return len;
-}
-
-
-static unsigned char *
-der_encode(unsigned char *buf, DERTemplate *dtemplate, void *src)
-{
- int header_len;
- uint32 contents_len;
- unsigned long encode_kind, under_kind;
- PRBool explicit, optional, universal;
-
-
- /*
- * First figure out how long the encoding will be. Do this by
- * traversing the template from top to bottom and accumulating
- * the length of each leaf item.
- */
- contents_len = contents_length (dtemplate, src);
- header_len = header_length (dtemplate, contents_len);
-
- /*
- * Enough smarts was involved already, so that if both the
- * header and the contents have a length of zero, then we
- * are not doing any encoding for this element.
- */
- if (header_len == 0 && contents_len == 0)
- return buf;
-
- encode_kind = dtemplate->kind;
-
- explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
- optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~DER_OPTIONAL;
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- if (encode_kind & DER_POINTER) {
- if (contents_len) {
- src = *(void **)src;
- PORT_Assert (src != NULL);
- }
- if (dtemplate->sub != NULL) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- } else if (encode_kind & DER_INLINE) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- if (explicit) {
- buf = DER_StoreHeader (buf, encode_kind,
- (1 + DER_LengthLength(contents_len)
- + contents_len));
- encode_kind = under_kind;
- }
-
- if ((encode_kind & DER_ANY) == 0) { /* DER_ANY already contains header */
- buf = DER_StoreHeader (buf, encode_kind, contents_len);
- }
-
- /* If no real contents to encode, then we are done. */
- if (contents_len == 0)
- return buf;
-
- if (under_kind & DER_INDEFINITE) {
- void **indp;
-
- indp = *(void ***)src;
- PORT_Assert (indp != NULL);
-
- under_kind &= ~DER_INDEFINITE;
- if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
- DERTemplate *tmpt;
- void *sub_src;
-
- tmpt = dtemplate->sub;
- for (; *indp != NULL; indp++) {
- sub_src = (void *)((char *)(*indp) + tmpt->offset);
- buf = der_encode (buf, tmpt, sub_src);
- }
- } else {
- for (; *indp != NULL; indp++) {
- SECItem *item;
- int sub_len;
-
- item = (SECItem *)(*indp);
- sub_len = item->len;
- if (under_kind == DER_BIT_STRING) {
- if (sub_len) {
- int rem;
-
- sub_len = (sub_len + 7) >> 3;
- buf = DER_StoreHeader (buf, under_kind, sub_len + 1);
- rem = (sub_len << 3) - item->len;
- *buf++ = rem; /* remaining bits */
- } else {
- buf = DER_StoreHeader (buf, under_kind, 0);
- }
- } else if (under_kind != DER_ANY) {
- buf = DER_StoreHeader (buf, under_kind, sub_len);
- }
- PORT_Memcpy (buf, item->data, sub_len);
- buf += sub_len;
- }
- }
- return buf;
- }
-
- switch (under_kind) {
- case DER_SEQUENCE:
- case DER_SET:
- {
- DERTemplate *tmpt;
- void *sub_src;
-
- for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
- sub_src = (void *)((char *)src + tmpt->offset);
- buf = der_encode (buf, tmpt, sub_src);
- }
- }
- break;
-
- case DER_BIT_STRING:
- {
- SECItem *item;
- int rem;
-
- /*
- * The contents length includes our extra octet; subtract
- * it off so we just have the real string length there.
- */
- contents_len--;
- item = (SECItem *)src;
- PORT_Assert (contents_len == ((item->len + 7) >> 3));
- rem = (contents_len << 3) - item->len;
- *buf++ = rem; /* remaining bits */
- PORT_Memcpy (buf, item->data, contents_len);
- buf += contents_len;
- }
- break;
-
- default:
- {
- SECItem *item;
-
- item = (SECItem *)src;
- PORT_Assert (contents_len == item->len);
- PORT_Memcpy (buf, item->data, contents_len);
- buf += contents_len;
- }
- break;
- }
-
- return buf;
-}
-
-
-SECStatus
-DER_Encode(PRArenaPool *arena, SECItem *dest, DERTemplate *dtemplate, void *src)
-{
- unsigned int contents_len, header_len;
-
- src = (void **)((char *)src + dtemplate->offset);
-
- /*
- * First figure out how long the encoding will be. Do this by
- * traversing the template from top to bottom and accumulating
- * the length of each leaf item.
- */
- contents_len = contents_length (dtemplate, src);
- header_len = header_length (dtemplate, contents_len);
-
- dest->len = contents_len + header_len;
-
- /* Allocate storage to hold the encoding */
- dest->data = (unsigned char*) PORT_ArenaAlloc(arena, dest->len);
- if (dest->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* Now encode into the buffer */
- (void) der_encode (dest->data, dtemplate, src);
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/util/dersubr.c b/security/nss/lib/util/dersubr.c
deleted file mode 100644
index b8d33136b..000000000
--- a/security/nss/lib/util/dersubr.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include <limits.h>
-#include "secerr.h"
-
-int
-DER_LengthLength(uint32 len)
-{
- if (len > 127) {
- if (len > 255) {
- if (len > 65535L) {
- if (len > 16777215L) {
- return 5;
- } else {
- return 4;
- }
- } else {
- return 3;
- }
- } else {
- return 2;
- }
- } else {
- return 1;
- }
-}
-
-unsigned char *
-DER_StoreHeader(unsigned char *buf, unsigned int code, uint32 len)
-{
- unsigned char b[4];
-
- b[0] = (unsigned char)(len >> 24);
- b[1] = (unsigned char)(len >> 16);
- b[2] = (unsigned char)(len >> 8);
- b[3] = (unsigned char)len;
- if ((code & DER_TAGNUM_MASK) == DER_SET
- || (code & DER_TAGNUM_MASK) == DER_SEQUENCE)
- code |= DER_CONSTRUCTED;
- *buf++ = code;
- if (len > 127) {
- if (len > 255) {
- if (len > 65535) {
- if (len > 16777215) {
- *buf++ = 0x84;
- *buf++ = b[0];
- *buf++ = b[1];
- *buf++ = b[2];
- *buf++ = b[3];
- } else {
- *buf++ = 0x83;
- *buf++ = b[1];
- *buf++ = b[2];
- *buf++ = b[3];
- }
- } else {
- *buf++ = 0x82;
- *buf++ = b[2];
- *buf++ = b[3];
- }
- } else {
- *buf++ = 0x81;
- *buf++ = b[3];
- }
- } else {
- *buf++ = b[3];
- }
- return buf;
-}
-
-/*
- * XXX This should be rewritten, generalized, to take a long instead
- * of an int32.
- */
-SECStatus
-DER_SetInteger(PRArenaPool *arena, SECItem *it, int32 i)
-{
- unsigned char bb[4];
- unsigned len;
-
- bb[0] = (unsigned char) (i >> 24);
- bb[1] = (unsigned char) (i >> 16);
- bb[2] = (unsigned char) (i >> 8);
- bb[3] = (unsigned char) (i);
-
- /*
- ** Small integers are encoded in a single byte. Larger integers
- ** require progressively more space.
- */
- if (i < -128) {
- if (i < -32768L) {
- if (i < -8388608L) {
- len = 4;
- } else {
- len = 3;
- }
- } else {
- len = 2;
- }
- } else if (i > 127) {
- if (i > 32767L) {
- if (i > 8388607L) {
- len = 4;
- } else {
- len = 3;
- }
- } else {
- len = 2;
- }
- } else {
- len = 1;
- }
- it->data = (unsigned char*) PORT_ArenaAlloc(arena, len);
- if (!it->data) {
- return SECFailure;
- }
- it->len = len;
- PORT_Memcpy(it->data, bb + (4 - len), len);
- return SECSuccess;
-}
-
-/*
- * XXX This should be rewritten, generalized, to take an unsigned long instead
- * of a uint32.
- */
-SECStatus
-DER_SetUInteger(PRArenaPool *arena, SECItem *it, uint32 ui)
-{
- unsigned char bb[5];
- int len;
-
- bb[0] = 0;
- bb[1] = (unsigned char) (ui >> 24);
- bb[2] = (unsigned char) (ui >> 16);
- bb[3] = (unsigned char) (ui >> 8);
- bb[4] = (unsigned char) (ui);
-
- /*
- ** Small integers are encoded in a single byte. Larger integers
- ** require progressively more space.
- */
- if (ui > 0x7f) {
- if (ui > 0x7fff) {
- if (ui > 0x7fffffL) {
- if (ui >= 0x80000000L) {
- len = 5;
- } else {
- len = 4;
- }
- } else {
- len = 3;
- }
- } else {
- len = 2;
- }
- } else {
- len = 1;
- }
-
- it->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
- if (it->data == NULL) {
- return SECFailure;
- }
-
- it->len = len;
- PORT_Memcpy(it->data, bb + (sizeof(bb) - len), len);
-
- return SECSuccess;
-}
-
-/*
-** Convert a der encoded *signed* integer into a machine integral value.
-** If an underflow/overflow occurs, sets error code and returns min/max.
-*/
-long
-DER_GetInteger(SECItem *it)
-{
- long ival = 0;
- unsigned len = it->len;
- unsigned char *cp = it->data;
- unsigned long overflow = 0x1ffUL << (((sizeof(ival) - 1) * 8) - 1);
- unsigned long ofloinit;
-
- if (*cp & 0x80)
- ival = -1L;
- ofloinit = ival & overflow;
-
- while (len) {
- if ((ival & overflow) != ofloinit) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- if (ival < 0) {
- return LONG_MIN;
- }
- return LONG_MAX;
- }
- ival = ival << 8;
- ival |= *cp++;
- --len;
- }
- return ival;
-}
-
-/*
-** Convert a der encoded *unsigned* integer into a machine integral value.
-** If an underflow/overflow occurs, sets error code and returns min/max.
-*/
-unsigned long
-DER_GetUInteger(SECItem *it)
-{
- unsigned long ival = 0;
- unsigned len = it->len;
- unsigned char *cp = it->data;
- unsigned long overflow = 0xffUL << ((sizeof(ival) - 1) * 8);
-
- /* Cannot put a negative value into an unsigned container. */
- if (*cp & 0x80) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return 0;
- }
-
- while (len) {
- if (ival & overflow) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return ULONG_MAX;
- }
- ival = ival << 8;
- ival |= *cp++;
- --len;
- }
- return ival;
-}
diff --git a/security/nss/lib/util/dertime.c b/security/nss/lib/util/dertime.c
deleted file mode 100644
index 75e1761a2..000000000
--- a/security/nss/lib/util/dertime.c
+++ /dev/null
@@ -1,336 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "secder.h"
-#include "prlong.h"
-#include "secerr.h"
-
-#define HIDIGIT(v) (((v) / 10) + '0')
-#define LODIGIT(v) (((v) % 10) + '0')
-
-#define C_SINGLE_QUOTE '\047'
-
-#define DIGITHI(dig) (((dig) - '0') * 10)
-#define DIGITLO(dig) ((dig) - '0')
-#define ISDIGIT(dig) (((dig) >= '0') && ((dig) <= '9'))
-#define CAPTURE(var,p,label) \
-{ \
- if (!ISDIGIT((p)[0]) || !ISDIGIT((p)[1])) goto label; \
- (var) = ((p)[0] - '0') * 10 + ((p)[1] - '0'); \
-}
-
-#define SECMIN ((time_t) 60L)
-#define SECHOUR (60L*SECMIN)
-#define SECDAY (24L*SECHOUR)
-#define SECYEAR (365L*SECDAY)
-
-static long monthToDayInYear[12] = {
- 0,
- 31,
- 31+28,
- 31+28+31,
- 31+28+31+30,
- 31+28+31+30+31,
- 31+28+31+30+31+30,
- 31+28+31+30+31+30+31,
- 31+28+31+30+31+30+31+31,
- 31+28+31+30+31+30+31+31+30,
- 31+28+31+30+31+30+31+31+30+31,
- 31+28+31+30+31+30+31+31+30+31+30,
-};
-
-/* gmttime must contains UTC time in micro-seconds unit */
-SECStatus
-DER_TimeToUTCTime(SECItem *dst, int64 gmttime)
-{
- PRExplodedTime printableTime;
- unsigned char *d;
-
- dst->len = 13;
- dst->data = d = (unsigned char*) PORT_Alloc(13);
- dst->type = siBuffer;
- if (!d) {
- return SECFailure;
- }
-
- /* Convert an int64 time to a printable format. */
- PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
-
- /* The month in UTC time is base one */
- printableTime.tm_month++;
-
- /* UTC time does not handle the years before 1950 */
- if (printableTime.tm_year < 1950)
- return SECFailure;
-
- /* remove the century since it's added to the tm_year by the
- PR_ExplodeTime routine, but is not needed for UTC time */
- printableTime.tm_year %= 100;
-
- d[0] = HIDIGIT(printableTime.tm_year);
- d[1] = LODIGIT(printableTime.tm_year);
- d[2] = HIDIGIT(printableTime.tm_month);
- d[3] = LODIGIT(printableTime.tm_month);
- d[4] = HIDIGIT(printableTime.tm_mday);
- d[5] = LODIGIT(printableTime.tm_mday);
- d[6] = HIDIGIT(printableTime.tm_hour);
- d[7] = LODIGIT(printableTime.tm_hour);
- d[8] = HIDIGIT(printableTime.tm_min);
- d[9] = LODIGIT(printableTime.tm_min);
- d[10] = HIDIGIT(printableTime.tm_sec);
- d[11] = LODIGIT(printableTime.tm_sec);
- d[12] = 'Z';
- return SECSuccess;
-}
-
-SECStatus
-DER_AsciiToTime(int64 *dst, char *string)
-{
- long year, month, mday, hour, minute, second, hourOff, minOff, days;
- int64 result, tmp1, tmp2;
-
- /* Verify time is formatted properly and capture information */
- second = 0;
- hourOff = 0;
- minOff = 0;
- CAPTURE(year,string+0,loser);
- if (year < 50) {
- /* ASSUME that year # is in the 2000's, not the 1900's */
- year += 100;
- }
- CAPTURE(month,string+2,loser);
- if ((month == 0) || (month > 12)) goto loser;
- CAPTURE(mday,string+4,loser);
- if ((mday == 0) || (mday > 31)) goto loser;
- CAPTURE(hour,string+6,loser);
- if (hour > 23) goto loser;
- CAPTURE(minute,string+8,loser);
- if (minute > 59) goto loser;
- if (ISDIGIT(string[10])) {
- CAPTURE(second,string+10,loser);
- if (second > 59) goto loser;
- string += 2;
- }
- if (string[10] == '+') {
- CAPTURE(hourOff,string+11,loser);
- if (hourOff > 23) goto loser;
- CAPTURE(minOff,string+13,loser);
- if (minOff > 59) goto loser;
- } else if (string[10] == '-') {
- CAPTURE(hourOff,string+11,loser);
- if (hourOff > 23) goto loser;
- hourOff = -hourOff;
- CAPTURE(minOff,string+13,loser);
- if (minOff > 59) goto loser;
- minOff = -minOff;
- } else if (string[10] != 'Z') {
- goto loser;
- }
-
-
- /* Convert pieces back into a single value year */
- LL_I2L(tmp1, (year-70L));
- LL_I2L(tmp2, SECYEAR);
- LL_MUL(result, tmp1, tmp2);
-
- LL_I2L(tmp1, ( (mday-1L)*SECDAY + hour*SECHOUR + minute*SECMIN -
- hourOff*SECHOUR - minOff*SECMIN + second ) );
- LL_ADD(result, result, tmp1);
-
- /*
- ** Have to specially handle the day in the month and the year, to
- ** take into account leap days. The return time value is in
- ** seconds since January 1st, 12:00am 1970, so start examining
- ** the time after that. We can't represent a time before that.
- */
-
- /* Using two digit years, we can only represent dates from 1970
- to 2069. As a result, we cannot run into the leap year rule
- that states that 1700, 2100, etc. are not leap years (but 2000
- is). In other words, there are no years in the span of time
- that we can represent that are == 0 mod 4 but are not leap
- years. Whew.
- */
-
- days = monthToDayInYear[month-1];
- days += (year - 68)/4;
-
- if (((year % 4) == 0) && (month < 3)) {
- days--;
- }
-
- LL_I2L(tmp1, (days * SECDAY) );
- LL_ADD(result, result, tmp1 );
-
- /* convert to micro seconds */
- LL_I2L(tmp1, PR_USEC_PER_SEC);
- LL_MUL(result, result, tmp1);
-
- *dst = result;
- return SECSuccess;
-
- loser:
- PORT_SetError(SEC_ERROR_INVALID_TIME);
- return SECFailure;
-
-}
-
-SECStatus
-DER_UTCTimeToTime(int64 *dst, SECItem *time)
-{
- return DER_AsciiToTime(dst, (char*) time->data);
-}
-
-/*
- gmttime must contains UTC time in micro-seconds unit.
- Note: the caller should make sure that Generalized time
- should only be used for certifiate validities after the
- year 2049. Otherwise, UTC time should be used. This routine
- does not check this case, since it can be used to encode
- certificate extension, which does not have this restriction.
- */
-SECStatus
-DER_TimeToGeneralizedTime(SECItem *dst, int64 gmttime)
-{
- PRExplodedTime printableTime;
- unsigned char *d;
-
- dst->len = 15;
- dst->data = d = (unsigned char*) PORT_Alloc(15);
- dst->type = siBuffer;
- if (!d) {
- return SECFailure;
- }
-
- /*Convert a int64 time to a printable format. This is a temporary call
- until we change to NSPR 2.0
- */
- PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
-
- /* The month in Generalized time is base one */
- printableTime.tm_month++;
-
- d[0] = (printableTime.tm_year /1000) + '0';
- d[1] = ((printableTime.tm_year % 1000) / 100) + '0';
- d[2] = ((printableTime.tm_year % 100) / 10) + '0';
- d[3] = (printableTime.tm_year % 10) + '0';
- d[4] = HIDIGIT(printableTime.tm_month);
- d[5] = LODIGIT(printableTime.tm_month);
- d[6] = HIDIGIT(printableTime.tm_mday);
- d[7] = LODIGIT(printableTime.tm_mday);
- d[8] = HIDIGIT(printableTime.tm_hour);
- d[9] = LODIGIT(printableTime.tm_hour);
- d[10] = HIDIGIT(printableTime.tm_min);
- d[11] = LODIGIT(printableTime.tm_min);
- d[12] = HIDIGIT(printableTime.tm_sec);
- d[13] = LODIGIT(printableTime.tm_sec);
- d[14] = 'Z';
- return SECSuccess;
-}
-
-/*
- The caller should make sure that the generalized time should only
- be used for the certificate validity after the year 2051; otherwise,
- the certificate should be consider invalid!?
- */
-SECStatus
-DER_GeneralizedTimeToTime(int64 *dst, SECItem *time)
-{
- PRExplodedTime genTime;
- char *string;
- long hourOff, minOff;
- uint16 century;
-
- string = (char *)time->data;
- PORT_Memset (&genTime, 0, sizeof (genTime));
-
- /* Verify time is formatted properly and capture information */
- hourOff = 0;
- minOff = 0;
-
- CAPTURE(century, string+0, loser);
- century *= 100;
- CAPTURE(genTime.tm_year,string+2,loser);
- genTime.tm_year += century;
-
- CAPTURE(genTime.tm_month,string+4,loser);
- if ((genTime.tm_month == 0) || (genTime.tm_month > 12)) goto loser;
-
- /* NSPR month base is 0 */
- --genTime.tm_month;
-
- CAPTURE(genTime.tm_mday,string+6,loser);
- if ((genTime.tm_mday == 0) || (genTime.tm_mday > 31)) goto loser;
-
- CAPTURE(genTime.tm_hour,string+8,loser);
- if (genTime.tm_hour > 23) goto loser;
-
- CAPTURE(genTime.tm_min,string+10,loser);
- if (genTime.tm_min > 59) goto loser;
-
- if (ISDIGIT(string[12])) {
- CAPTURE(genTime.tm_sec,string+12,loser);
- if (genTime.tm_sec > 59) goto loser;
- string += 2;
- }
- if (string[12] == '+') {
- CAPTURE(hourOff,string+13,loser);
- if (hourOff > 23) goto loser;
- CAPTURE(minOff,string+15,loser);
- if (minOff > 59) goto loser;
- } else if (string[12] == '-') {
- CAPTURE(hourOff,string+13,loser);
- if (hourOff > 23) goto loser;
- hourOff = -hourOff;
- CAPTURE(minOff,string+15,loser);
- if (minOff > 59) goto loser;
- minOff = -minOff;
- } else if (string[12] != 'Z') {
- goto loser;
- }
-
- /* Since the values of hourOff and minOff are small, there will
- be no loss of data by the conversion to int8 */
- /* Convert the GMT offset to seconds and save it it genTime
- for the implode time process */
- genTime.tm_params.tp_gmt_offset = (PRInt32)((hourOff * 60L + minOff) * 60L);
- *dst = PR_ImplodeTime (&genTime);
- return SECSuccess;
-
- loser:
- PORT_SetError(SEC_ERROR_INVALID_TIME);
- return SECFailure;
-
-}
diff --git a/security/nss/lib/util/manifest.mn b/security/nss/lib/util/manifest.mn
deleted file mode 100644
index b7d9a00d2..000000000
--- a/security/nss/lib/util/manifest.mn
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- base64.h \
- ciferfam.h \
- nssb64.h \
- nssb64t.h \
- nsslocks.h \
- nssilock.h \
- nssilckt.h \
- nssrwlk.h \
- nssrwlkt.h \
- portreg.h \
- pqgutil.h \
- secasn1.h \
- secasn1t.h \
- seccomon.h \
- secder.h \
- secdert.h \
- secdig.h \
- secdigt.h \
- secitem.h \
- secoid.h \
- secoidt.h \
- secport.h \
- secerr.h \
- watcomfx.h \
- $(NULL)
-
-CSRCS = \
- quickder.c \
- secdig.c \
- derdec.c \
- derenc.c \
- dersubr.c \
- dertime.c \
- nssb64d.c \
- nssb64e.c \
- nssrwlk.c \
- nssilock.c \
- nsslocks.c \
- portreg.c \
- pqgutil.c \
- secalgid.c \
- secasn1d.c \
- secasn1e.c \
- secasn1u.c \
- secitem.c \
- secoid.c \
- sectime.c \
- secport.c \
- secinit.c \
- utf8.c \
- $(NULL)
-
-MODULE = nss
-
-# don't duplicate module name in REQUIRES
-REQUIRES = dbm
-
-LIBRARY_NAME = secutil
diff --git a/security/nss/lib/util/nssb64.h b/security/nss/lib/util/nssb64.h
deleted file mode 100644
index 1a813f3ea..000000000
--- a/security/nss/lib/util/nssb64.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public prototypes for base64 encoding/decoding.
- *
- * $Id$
- */
-#ifndef _NSSB64_H_
-#define _NSSB64_H_
-
-#include "seccomon.h"
-#include "nssb64t.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * Functions to start a base64 decoding/encoding context.
- */
-
-extern NSSBase64Decoder *
-NSSBase64Decoder_Create (PRInt32 (*output_fn) (void *, const unsigned char *,
- PRInt32),
- void *output_arg);
-
-extern NSSBase64Encoder *
-NSSBase64Encoder_Create (PRInt32 (*output_fn) (void *, const char *, PRInt32),
- void *output_arg);
-
-/*
- * Push data through the decoder/encoder, causing the output_fn (provided
- * to Create) to be called with the decoded/encoded data.
- */
-
-extern SECStatus
-NSSBase64Decoder_Update (NSSBase64Decoder *data, const char *buffer,
- PRUint32 size);
-
-extern SECStatus
-NSSBase64Encoder_Update (NSSBase64Encoder *data, const unsigned char *buffer,
- PRUint32 size);
-
-/*
- * When you're done processing, call this to close the context.
- * If "abort_p" is false, then calling this may cause the output_fn
- * to be called one last time (as the last buffered data is flushed out).
- */
-
-extern SECStatus
-NSSBase64Decoder_Destroy (NSSBase64Decoder *data, PRBool abort_p);
-
-extern SECStatus
-NSSBase64Encoder_Destroy (NSSBase64Encoder *data, PRBool abort_p);
-
-/*
- * Perform base64 decoding from an ascii string "inStr" to an Item.
- * The length of the input must be provided as "inLen". The Item
- * may be provided (as "outItemOpt"); you can also pass in a NULL
- * and the Item will be allocated for you.
- *
- * In any case, the data within the Item will be allocated for you.
- * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
- * If "arenaOpt" is NULL, standard allocation (heap) will be used and
- * you will want to free the result via SECITEM_FreeItem.
- *
- * Return value is NULL on error, the Item (allocated or provided) otherwise.
- */
-extern SECItem *
-NSSBase64_DecodeBuffer (PRArenaPool *arenaOpt, SECItem *outItemOpt,
- const char *inStr, unsigned int inLen);
-
-/*
- * Perform base64 encoding of binary data "inItem" to an ascii string.
- * The output buffer may be provided (as "outStrOpt"); you can also pass
- * in a NULL and the buffer will be allocated for you. The result will
- * be null-terminated, and if the buffer is provided, "maxOutLen" must
- * specify the maximum length of the buffer and will be checked to
- * supply sufficient space space for the encoded result. (If "outStrOpt"
- * is NULL, "maxOutLen" is ignored.)
- *
- * If "outStrOpt" is NULL, allocation will happen out of the passed-in
- * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
- * will be used.
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-extern char *
-NSSBase64_EncodeItem (PRArenaPool *arenaOpt, char *outStrOpt,
- unsigned int maxOutLen, SECItem *inItem);
-
-SEC_END_PROTOS
-
-#endif /* _NSSB64_H_ */
diff --git a/security/nss/lib/util/nssb64d.c b/security/nss/lib/util/nssb64d.c
deleted file mode 100644
index c49e38f87..000000000
--- a/security/nss/lib/util/nssb64d.c
+++ /dev/null
@@ -1,861 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Base64 decoding (ascii to binary).
- *
- * $Id$
- */
-
-#include "nssb64.h"
-#include "nspr.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/*
- * XXX We want this basic support to go into NSPR (the PL part).
- * Until that can happen, the PL interface is going to be kept entirely
- * internal here -- all static functions and opaque data structures.
- * When someone can get it moved over into NSPR, that should be done:
- * - giving everything names that are accepted by the NSPR module owners
- * (though I tried to choose ones that would work without modification)
- * - exporting the functions (remove static declarations and add
- * PR_IMPLEMENT as necessary)
- * - put prototypes into appropriate header file (probably replacing
- * the entire current lib/libc/include/plbase64.h in NSPR)
- * along with a typedef for the context structure (which should be
- * kept opaque -- definition in the source file only, but typedef
- * ala "typedef struct PLBase64FooStr PLBase64Foo;" in header file)
- * - modify anything else as necessary to conform to NSPR required style
- * (I looked but found no formatting guide to follow)
- *
- * You will want to move over everything from here down to the comment
- * which says "XXX End of base64 decoding code to be moved into NSPR",
- * into a new file in NSPR.
- */
-
-/*
- **************************************************************
- * XXX Beginning of base64 decoding code to be moved into NSPR.
- */
-
-/*
- * This typedef would belong in the NSPR header file (i.e. plbase64.h).
- */
-typedef struct PLBase64DecoderStr PLBase64Decoder;
-
-/*
- * The following implementation of base64 decoding was based on code
- * found in libmime (specifically, in mimeenc.c). It has been adapted to
- * use PR types and naming as well as to provide other necessary semantics
- * (like buffer-in/buffer-out in addition to "streaming" without undue
- * performance hit of extra copying if you made the buffer versions
- * use the output_fn). It also incorporates some aspects of the current
- * NSPR base64 decoding code. As such, you may find similarities to
- * both of those implementations. I tried to use names that reflected
- * the original code when possible. For this reason you may find some
- * inconsistencies -- libmime used lots of "in" and "out" whereas the
- * NSPR version uses "src" and "dest"; sometimes I changed one to the other
- * and sometimes I left them when I thought the subroutines were at least
- * self-consistent.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Opaque object used by the decoder to store state.
- */
-struct PLBase64DecoderStr {
- /* Current token (or portion, if token_size < 4) being decoded. */
- unsigned char token[4];
- int token_size;
-
- /*
- * Where to write the decoded data (used when streaming, not when
- * doing all in-memory (buffer) operations).
- *
- * Note that this definition is chosen to be compatible with PR_Write.
- */
- PRInt32 (*output_fn) (void *output_arg, const unsigned char *buf,
- PRInt32 size);
- void *output_arg;
-
- /*
- * Where the decoded output goes -- either temporarily (in the streaming
- * case, staged here before it goes to the output function) or what will
- * be the entire buffered result for users of the buffer version.
- */
- unsigned char *output_buffer;
- PRUint32 output_buflen; /* the total length of allocated buffer */
- PRUint32 output_length; /* the length that is currently populated */
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Table to convert an ascii "code" to its corresponding binary value.
- * For ease of use, the binary values in the table are the actual values
- * PLUS ONE. This is so that the special value of zero can denote an
- * invalid mapping; that was much easier than trying to fill in the other
- * values with some value other than zero, and to check for it.
- * Just remember to SUBTRACT ONE when using the value retrieved.
- */
-static unsigned char base64_codetovaluep1[256] = {
-/* 0: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 8: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 16: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 24: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 32: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 40: */ 0, 0, 0, 63, 0, 0, 0, 64,
-/* 48: */ 53, 54, 55, 56, 57, 58, 59, 60,
-/* 56: */ 61, 62, 0, 0, 0, 0, 0, 0,
-/* 64: */ 0, 1, 2, 3, 4, 5, 6, 7,
-/* 72: */ 8, 9, 10, 11, 12, 13, 14, 15,
-/* 80: */ 16, 17, 18, 19, 20, 21, 22, 23,
-/* 88: */ 24, 25, 26, 0, 0, 0, 0, 0,
-/* 96: */ 0, 27, 28, 29, 30, 31, 32, 33,
-/* 104: */ 34, 35, 36, 37, 38, 39, 40, 41,
-/* 112: */ 42, 43, 44, 45, 46, 47, 48, 49,
-/* 120: */ 50, 51, 52, 0, 0, 0, 0, 0,
-/* 128: */ 0, 0, 0, 0, 0, 0, 0, 0
-/* and rest are all zero as well */
-};
-
-#define B64_PAD '='
-
-
-/*
- * Reads 4; writes 3 (known, or expected, to have no trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_4to3 (const unsigned char *in, unsigned char *out)
-{
- int j;
- PRUint32 num = 0;
- unsigned char bits;
-
- for (j = 0; j < 4; j++) {
- bits = base64_codetovaluep1[in[j]];
- if (bits == 0)
- return -1;
- num = (num << 6) | (bits - 1);
- }
-
- out[0] = (unsigned char) (num >> 16);
- out[1] = (unsigned char) ((num >> 8) & 0xFF);
- out[2] = (unsigned char) (num & 0xFF);
-
- return 3;
-}
-
-/*
- * Reads 3; writes 2 (caller already confirmed EOF or trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_3to2 (const unsigned char *in, unsigned char *out)
-{
- PRUint32 num = 0;
- unsigned char bits1, bits2, bits3;
-
- bits1 = base64_codetovaluep1[in[0]];
- bits2 = base64_codetovaluep1[in[1]];
- bits3 = base64_codetovaluep1[in[2]];
-
- if ((bits1 == 0) || (bits2 == 0) || (bits3 == 0))
- return -1;
-
- num = ((PRUint32)(bits1 - 1)) << 10;
- num |= ((PRUint32)(bits2 - 1)) << 4;
- num |= ((PRUint32)(bits3 - 1)) >> 2;
-
- out[0] = (unsigned char) (num >> 8);
- out[1] = (unsigned char) (num & 0xFF);
-
- return 2;
-}
-
-/*
- * Reads 2; writes 1 (caller already confirmed EOF or trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_2to1 (const unsigned char *in, unsigned char *out)
-{
- PRUint32 num = 0;
- unsigned char bits1, bits2;
-
- bits1 = base64_codetovaluep1[in[0]];
- bits2 = base64_codetovaluep1[in[1]];
-
- if ((bits1 == 0) || (bits2 == 0))
- return -1;
-
- num = ((PRUint32)(bits1 - 1)) << 2;
- num |= ((PRUint32)(bits2 - 1)) >> 4;
-
- out[0] = (unsigned char) num;
-
- return 1;
-}
-
-/*
- * Reads 4; writes 0-3. Returns bytes written or -1 on error.
- * (Writes less than 3 only at (presumed) EOF.)
- */
-static int
-pl_base64_decode_token (const unsigned char *in, unsigned char *out)
-{
- if (in[3] != B64_PAD)
- return pl_base64_decode_4to3 (in, out);
-
- if (in[2] == B64_PAD)
- return pl_base64_decode_2to1 (in, out);
-
- return pl_base64_decode_3to2 (in, out);
-}
-
-static PRStatus
-pl_base64_decode_buffer (PLBase64Decoder *data, const unsigned char *in,
- PRUint32 length)
-{
- unsigned char *out = data->output_buffer;
- unsigned char *token = data->token;
- int i, n = 0;
-
- i = data->token_size;
- data->token_size = 0;
-
- while (length > 0) {
- while (i < 4 && length > 0) {
- /*
- * XXX Note that the following simply ignores any unexpected
- * characters. This is exactly what the original code in
- * libmime did, and I am leaving it. We certainly want to skip
- * over whitespace (we must); this does much more than that.
- * I am not confident changing it, and I don't want to slow
- * the processing down doing more complicated checking, but
- * someone else might have different ideas in the future.
- */
- if (base64_codetovaluep1[*in] > 0 || *in == B64_PAD)
- token[i++] = *in;
- in++;
- length--;
- }
-
- if (i < 4) {
- /* Didn't get enough for a complete token. */
- data->token_size = i;
- break;
- }
- i = 0;
-
- PR_ASSERT((out - data->output_buffer + 3) <= data->output_buflen);
-
- /*
- * Assume we are not at the end; the following function only works
- * for an internal token (no trailing padding characters) but is
- * faster that way. If it hits an invalid character (padding) it
- * will return an error; we break out of the loop and try again
- * calling the routine that will handle a final token.
- * Note that we intentionally do it this way rather than explicitly
- * add a check for padding here (because that would just slow down
- * the normal case) nor do we rely on checking whether we have more
- * input to process (because that would also slow it down but also
- * because we want to allow trailing garbage, especially white space
- * and cannot tell that without read-ahead, also a slow proposition).
- * Whew. Understand?
- */
- n = pl_base64_decode_4to3 (token, out);
- if (n < 0)
- break;
-
- /* Advance "out" by the number of bytes just written to it. */
- out += n;
- n = 0;
- }
-
- /*
- * See big comment above, before call to pl_base64_decode_4to3.
- * Here we check if we error'd out of loop, and allow for the case
- * that we are processing the last interesting token. If the routine
- * which should handle padding characters also fails, then we just
- * have bad input and give up.
- */
- if (n < 0) {
- n = pl_base64_decode_token (token, out);
- if (n < 0)
- return PR_FAILURE;
-
- out += n;
- }
-
- /*
- * As explained above, we can get here with more input remaining, but
- * it should be all characters we do not care about (i.e. would be
- * ignored when transferring from "in" to "token" in loop above,
- * except here we choose to ignore extraneous pad characters, too).
- * Swallow it, performing that check. If we find more characters that
- * we would expect to decode, something is wrong.
- */
- while (length > 0) {
- if (base64_codetovaluep1[*in] > 0)
- return PR_FAILURE;
- in++;
- length--;
- }
-
- /* Record the length of decoded data we have left in output_buffer. */
- data->output_length = (PRUint32) (out - data->output_buffer);
- return PR_SUCCESS;
-}
-
-/*
- * Flush any remaining buffered characters. Given well-formed input,
- * this will have nothing to do. If the input was missing the padding
- * characters at the end, though, there could be 1-3 characters left
- * behind -- we will tolerate that by adding the padding for them.
- */
-static PRStatus
-pl_base64_decode_flush (PLBase64Decoder *data)
-{
- int count;
-
- /*
- * If no remaining characters, or all are padding (also not well-formed
- * input, but again, be tolerant), then nothing more to do. (And, that
- * is considered successful.)
- */
- if (data->token_size == 0 || data->token[0] == B64_PAD)
- return PR_SUCCESS;
-
- /*
- * Assume we have all the interesting input except for some expected
- * padding characters. Add them and decode the resulting token.
- */
- while (data->token_size < 4)
- data->token[data->token_size++] = B64_PAD;
-
- data->token_size = 0; /* so a subsequent flush call is a no-op */
-
- count = pl_base64_decode_token (data->token,
- data->output_buffer + data->output_length);
- if (count < 0)
- return PR_FAILURE;
-
- /*
- * If there is an output function, call it with this last bit of data.
- * Otherwise we are doing all buffered output, and the decoded bytes
- * are now there, we just need to reflect that in the length.
- */
- if (data->output_fn != NULL) {
- PRInt32 output_result;
-
- PR_ASSERT(data->output_length == 0);
- output_result = data->output_fn (data->output_arg,
- data->output_buffer,
- (PRInt32) count);
- if (output_result < 0)
- return PR_FAILURE;
- } else {
- data->output_length += count;
- }
-
- return PR_SUCCESS;
-}
-
-
-/*
- * The maximum space needed to hold the output of the decoder given
- * input data of length "size".
- */
-static PRUint32
-PL_Base64MaxDecodedLength (PRUint32 size)
-{
- return ((size * 3) / 4);
-}
-
-
-/*
- * A distinct internal creation function for the buffer version to use.
- * (It does not want to specify an output_fn, and we want the normal
- * Create function to require that.) If more common initialization
- * of the decoding context needs to be done, it should be done *here*.
- */
-static PLBase64Decoder *
-pl_base64_create_decoder (void)
-{
- return PR_NEWZAP(PLBase64Decoder);
-}
-
-/*
- * Function to start a base64 decoding context.
- * An "output_fn" is required; the "output_arg" parameter to that is optional.
- */
-static PLBase64Decoder *
-PL_CreateBase64Decoder (PRInt32 (*output_fn) (void *, const unsigned char *,
- PRInt32),
- void *output_arg)
-{
- PLBase64Decoder *data;
-
- if (output_fn == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return NULL;
- }
-
- data = pl_base64_create_decoder ();
- if (data != NULL) {
- data->output_fn = output_fn;
- data->output_arg = output_arg;
- }
- return data;
-}
-
-
-/*
- * Push data through the decoder, causing the output_fn (provided to Create)
- * to be called with the decoded data.
- */
-static PRStatus
-PL_UpdateBase64Decoder (PLBase64Decoder *data, const char *buffer,
- PRUint32 size)
-{
- PRUint32 need_length;
- PRStatus status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL || buffer == NULL || size == 0) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- /*
- * How much space could this update need for decoding?
- */
- need_length = PL_Base64MaxDecodedLength (size + data->token_size);
-
- /*
- * Make sure we have at least that much. If not, (re-)allocate.
- */
- if (need_length > data->output_buflen) {
- unsigned char *output_buffer = data->output_buffer;
-
- if (output_buffer != NULL)
- output_buffer = (unsigned char *) PR_Realloc(output_buffer,
- need_length);
- else
- output_buffer = (unsigned char *) PR_Malloc(need_length);
-
- if (output_buffer == NULL)
- return PR_FAILURE;
-
- data->output_buffer = output_buffer;
- data->output_buflen = need_length;
- }
-
- /* There should not have been any leftover output data in the buffer. */
- PR_ASSERT(data->output_length == 0);
- data->output_length = 0;
-
- status = pl_base64_decode_buffer (data, (const unsigned char *) buffer,
- size);
-
- /* Now that we have some decoded data, write it. */
- if (status == PR_SUCCESS && data->output_length > 0) {
- PRInt32 output_result;
-
- PR_ASSERT(data->output_fn != NULL);
- output_result = data->output_fn (data->output_arg,
- data->output_buffer,
- (PRInt32) data->output_length);
- if (output_result < 0)
- status = PR_FAILURE;
- }
-
- data->output_length = 0;
- return status;
-}
-
-
-/*
- * When you're done decoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-static PRStatus
-PL_DestroyBase64Decoder (PLBase64Decoder *data, PRBool abort_p)
-{
- PRStatus status = PR_SUCCESS;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- /* Flush out the last few buffered characters. */
- if (!abort_p)
- status = pl_base64_decode_flush (data);
-
- if (data->output_buffer != NULL)
- PR_Free(data->output_buffer);
- PR_Free(data);
-
- return status;
-}
-
-
-/*
- * Perform base64 decoding from an input buffer to an output buffer.
- * The output buffer can be provided (as "dest"); you can also pass in
- * a NULL and this function will allocate a buffer large enough for you,
- * and return it. If you do provide the output buffer, you must also
- * provide the maximum length of that buffer (as "maxdestlen").
- * The actual decoded length of output will be returned to you in
- * "output_destlen".
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-static unsigned char *
-PL_Base64DecodeBuffer (const char *src, PRUint32 srclen, unsigned char *dest,
- PRUint32 maxdestlen, PRUint32 *output_destlen)
-{
- PRUint32 need_length;
- unsigned char *output_buffer = NULL;
- PLBase64Decoder *data = NULL;
- PRStatus status;
-
- PR_ASSERT(srclen > 0);
- if (srclen == 0)
- return dest;
-
- /*
- * How much space could we possibly need for decoding this input?
- */
- need_length = PL_Base64MaxDecodedLength (srclen);
-
- /*
- * Make sure we have at least that much, if output buffer provided.
- * If no output buffer provided, then we allocate that much.
- */
- if (dest != NULL) {
- PR_ASSERT(maxdestlen >= need_length);
- if (maxdestlen < need_length) {
- PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
- goto loser;
- }
- output_buffer = dest;
- } else {
- output_buffer = (unsigned char *) PR_Malloc(need_length);
- if (output_buffer == NULL)
- goto loser;
- maxdestlen = need_length;
- }
-
- data = pl_base64_create_decoder();
- if (data == NULL)
- goto loser;
-
- data->output_buflen = maxdestlen;
- data->output_buffer = output_buffer;
-
- status = pl_base64_decode_buffer (data, (const unsigned char *) src,
- srclen);
-
- /*
- * We do not wait for Destroy to flush, because Destroy will also
- * get rid of our decoder context, which we need to look at first!
- */
- if (status == PR_SUCCESS)
- status = pl_base64_decode_flush (data);
-
- /* Must clear this or Destroy will free it. */
- data->output_buffer = NULL;
-
- if (status == PR_SUCCESS) {
- *output_destlen = data->output_length;
- status = PL_DestroyBase64Decoder (data, PR_FALSE);
- data = NULL;
- if (status == PR_FAILURE)
- goto loser;
- return output_buffer;
- }
-
-loser:
- if (dest == NULL && output_buffer != NULL)
- PR_Free(output_buffer);
- if (data != NULL)
- (void) PL_DestroyBase64Decoder (data, PR_TRUE);
- return NULL;
-}
-
-
-/*
- * XXX End of base64 decoding code to be moved into NSPR.
- ********************************************************
- */
-
-/*
- * This is the beginning of the NSS cover functions. These will
- * provide the interface we want to expose as NSS-ish. For example,
- * they will operate on our Items, do any special handling or checking
- * we want to do, etc.
- */
-
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A boring cover structure for now. Perhaps someday it will include
- * some more interesting fields.
- */
-struct NSSBase64DecoderStr {
- PLBase64Decoder *pl_data;
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Function to start a base64 decoding context.
- */
-NSSBase64Decoder *
-NSSBase64Decoder_Create (PRInt32 (*output_fn) (void *, const unsigned char *,
- PRInt32),
- void *output_arg)
-{
- PLBase64Decoder *pl_data;
- NSSBase64Decoder *nss_data;
-
- nss_data = PORT_ZNew(NSSBase64Decoder);
- if (nss_data == NULL)
- return NULL;
-
- pl_data = PL_CreateBase64Decoder (output_fn, output_arg);
- if (pl_data == NULL) {
- PORT_Free(nss_data);
- return NULL;
- }
-
- nss_data->pl_data = pl_data;
- return nss_data;
-}
-
-
-/*
- * Push data through the decoder, causing the output_fn (provided to Create)
- * to be called with the decoded data.
- */
-SECStatus
-NSSBase64Decoder_Update (NSSBase64Decoder *data, const char *buffer,
- PRUint32 size)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_UpdateBase64Decoder (data->pl_data, buffer, size);
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * When you're done decoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-SECStatus
-NSSBase64Decoder_Destroy (NSSBase64Decoder *data, PRBool abort_p)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_DestroyBase64Decoder (data->pl_data, abort_p);
-
- PORT_Free(data);
-
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * Perform base64 decoding from an ascii string "inStr" to an Item.
- * The length of the input must be provided as "inLen". The Item
- * may be provided (as "outItemOpt"); you can also pass in a NULL
- * and the Item will be allocated for you.
- *
- * In any case, the data within the Item will be allocated for you.
- * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
- * If "arenaOpt" is NULL, standard allocation (heap) will be used and
- * you will want to free the result via SECITEM_FreeItem.
- *
- * Return value is NULL on error, the Item (allocated or provided) otherwise.
- */
-SECItem *
-NSSBase64_DecodeBuffer (PRArenaPool *arenaOpt, SECItem *outItemOpt,
- const char *inStr, unsigned int inLen)
-{
- SECItem *out_item = outItemOpt;
- PRUint32 max_out_len = PL_Base64MaxDecodedLength (inLen);
- PRUint32 out_len;
- void *mark = NULL;
- unsigned char *dummy;
-
- PORT_Assert(outItemOpt == NULL || outItemOpt->data == NULL);
-
- if (arenaOpt != NULL)
- mark = PORT_ArenaMark (arenaOpt);
-
- out_item = SECITEM_AllocItem (arenaOpt, outItemOpt, max_out_len);
- if (out_item == NULL) {
- if (arenaOpt != NULL)
- PORT_ArenaRelease (arenaOpt, mark);
- return NULL;
- }
-
- dummy = PL_Base64DecodeBuffer (inStr, inLen, out_item->data,
- max_out_len, &out_len);
- if (dummy == NULL) {
- if (arenaOpt != NULL) {
- PORT_ArenaRelease (arenaOpt, mark);
- if (outItemOpt != NULL) {
- outItemOpt->data = NULL;
- outItemOpt->len = 0;
- }
- } else {
- SECITEM_FreeItem (out_item,
- (outItemOpt == NULL) ? PR_TRUE : PR_FALSE);
- }
- return NULL;
- }
-
- if (arenaOpt != NULL)
- PORT_ArenaUnmark (arenaOpt, mark);
- out_item->len = out_len;
- return out_item;
-}
-
-
-/*
- * XXX Everything below is deprecated. If you add new stuff, put it
- * *above*, not below.
- */
-
-/*
- * XXX The following "ATOB" functions are provided for backward compatibility
- * with current code. They should be considered strongly deprecated.
- * When we can convert all our code over to using the new NSSBase64Decoder_
- * functions defined above, we should get rid of these altogether. (Remove
- * protoypes from base64.h as well -- actually, remove that file completely).
- * If someone thinks either of these functions provides such a very useful
- * interface (though, as shown, the same functionality can already be
- * obtained by calling NSSBase64_DecodeBuffer directly), fine -- but then
- * that API should be provided with a nice new NSSFoo name and using
- * appropriate types, etc.
- */
-
-#include "base64.h"
-
-/*
-** Return an PORT_Alloc'd string which is the base64 decoded version
-** of the input string; set *lenp to the length of the returned data.
-*/
-unsigned char *
-ATOB_AsciiToData(const char *string, unsigned int *lenp)
-{
- SECItem binary_item, *dummy;
-
- binary_item.data = NULL;
- binary_item.len = 0;
-
- dummy = NSSBase64_DecodeBuffer (NULL, &binary_item, string,
- (PRUint32) PORT_Strlen(string));
- if (dummy == NULL)
- return NULL;
-
- PORT_Assert(dummy == &binary_item);
-
- *lenp = dummy->len;
- return dummy->data;
-}
-
-/*
-** Convert from ascii to binary encoding of an item.
-*/
-SECStatus
-ATOB_ConvertAsciiToItem(SECItem *binary_item, char *ascii)
-{
- SECItem *dummy;
-
- if (binary_item == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /*
- * XXX Would prefer to assert here if data is non-null (actually,
- * don't need to, just let NSSBase64_DecodeBuffer do it), so as to
- * to catch unintended memory leaks, but callers are not clean in
- * this respect so we need to explicitly clear here to avoid the
- * assert in NSSBase64_DecodeBuffer.
- */
- binary_item->data = NULL;
- binary_item->len = 0;
-
- dummy = NSSBase64_DecodeBuffer (NULL, binary_item, ascii,
- (PRUint32) PORT_Strlen(ascii));
-
- if (dummy == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/util/nssb64e.c b/security/nss/lib/util/nssb64e.c
deleted file mode 100644
index bbe71a0c6..000000000
--- a/security/nss/lib/util/nssb64e.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Base64 encoding (binary to ascii).
- *
- * $Id$
- */
-
-#include "nssb64.h"
-#include "nspr.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/*
- * XXX See the big comment at the top of nssb64d.c about moving the
- * bulk of this code over into NSPR (the PL part). It all applies
- * here but I didn't want to duplicate it, to avoid divergence problems.
- */
-
-/*
- **************************************************************
- * XXX Beginning of base64 encoding code to be moved into NSPR.
- */
-
-
-struct PLBase64EncodeStateStr {
- unsigned chunks;
- unsigned saved;
- unsigned char buf[3];
-};
-
-/*
- * This typedef would belong in the NSPR header file (i.e. plbase64.h).
- */
-typedef struct PLBase64EncoderStr PLBase64Encoder;
-
-/*
- * The following implementation of base64 encoding was based on code
- * found in libmime (specifically, in mimeenc.c). It has been adapted to
- * use PR types and naming as well as to provide other necessary semantics
- * (like buffer-in/buffer-out in addition to "streaming" without undue
- * performance hit of extra copying if you made the buffer versions
- * use the output_fn). It also incorporates some aspects of the current
- * NSPR base64 encoding code. As such, you may find similarities to
- * both of those implementations. I tried to use names that reflected
- * the original code when possible. For this reason you may find some
- * inconsistencies -- libmime used lots of "in" and "out" whereas the
- * NSPR version uses "src" and "dest"; sometimes I changed one to the other
- * and sometimes I left them when I thought the subroutines were at least
- * self-consistent.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Opaque object used by the encoder to store state.
- */
-struct PLBase64EncoderStr {
- /*
- * The one or two bytes pending. (We need 3 to create a "token",
- * and hold the leftovers here. in_buffer_count is *only* ever
- * 0, 1, or 2.
- */
- unsigned char in_buffer[2];
- int in_buffer_count;
-
- /*
- * If the caller wants linebreaks added, line_length specifies
- * where they come out. It must be a multiple of 4; if the caller
- * provides one that isn't, we round it down to the nearest
- * multiple of 4.
- *
- * The value of current_column counts how many characters have been
- * added since the last linebreaks (or since the beginning, on the
- * first line). It is also always a multiple of 4; it is unused when
- * line_length is 0.
- */
- PRUint32 line_length;
- PRUint32 current_column;
-
- /*
- * Where to write the encoded data (used when streaming, not when
- * doing all in-memory (buffer) operations).
- *
- * Note that this definition is chosen to be compatible with PR_Write.
- */
- PRInt32 (*output_fn) (void *output_arg, const char *buf, PRInt32 size);
- void *output_arg;
-
- /*
- * Where the encoded output goes -- either temporarily (in the streaming
- * case, staged here before it goes to the output function) or what will
- * be the entire buffered result for users of the buffer version.
- */
- char *output_buffer;
- PRUint32 output_buflen; /* the total length of allocated buffer */
- PRUint32 output_length; /* the length that is currently populated */
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Table to convert a binary value to its corresponding ascii "code".
- */
-static unsigned char base64_valuetocode[64] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-#define B64_PAD '='
-#define B64_CR '\r'
-#define B64_LF '\n'
-
-static PRStatus
-pl_base64_encode_buffer (PLBase64Encoder *data, const unsigned char *in,
- PRUint32 size)
-{
- const unsigned char *end = in + size;
- char *out = data->output_buffer + data->output_length;
- unsigned int i = data->in_buffer_count;
- PRUint32 n = 0;
- int off;
- PRUint32 output_threshold;
-
- /* If this input buffer is too small, wait until next time. */
- if (size < (3 - i)) {
- data->in_buffer[i++] = in[0];
- if (size > 1)
- data->in_buffer[i++] = in[1];
- PR_ASSERT(i < 3);
- data->in_buffer_count = i;
- return PR_SUCCESS;
- }
-
- /* If there are bytes that were put back last time, take them now. */
- if (i > 0) {
- n = data->in_buffer[0];
- if (i > 1)
- n = (n << 8) | data->in_buffer[1];
- data->in_buffer_count = 0;
- }
-
- /* If our total is not a multiple of three, put one or two bytes back. */
- off = (size + i) % 3;
- if (off > 0) {
- size -= off;
- data->in_buffer[0] = in[size];
- if (off > 1)
- data->in_buffer[1] = in[size + 1];
- data->in_buffer_count = off;
- end -= off;
- }
-
- output_threshold = data->output_buflen - 3;
-
- /*
- * Populate the output buffer with base64 data, one line (or buffer)
- * at a time.
- */
- while (in < end) {
- int j, k;
-
- while (i < 3) {
- n = (n << 8) | *in++;
- i++;
- }
- i = 0;
-
- if (data->line_length > 0) {
- if (data->current_column >= data->line_length) {
- data->current_column = 0;
- *out++ = B64_CR;
- *out++ = B64_LF;
- data->output_length += 2;
- }
- data->current_column += 4; /* the bytes we are about to add */
- }
-
- for (j = 18; j >= 0; j -= 6) {
- k = (n >> j) & 0x3F;
- *out++ = base64_valuetocode[k];
- }
- n = 0;
- data->output_length += 4;
-
- if (data->output_length >= output_threshold) {
- PR_ASSERT(data->output_length <= data->output_buflen);
- if (data->output_fn != NULL) {
- PRInt32 output_result;
-
- output_result = data->output_fn (data->output_arg,
- data->output_buffer,
- (PRInt32) data->output_length);
- if (output_result < 0)
- return PR_FAILURE;
-
- out = data->output_buffer;
- data->output_length = 0;
- } else {
- /*
- * Check that we are about to exit the loop. (Since we
- * are over the threshold, there isn't enough room in the
- * output buffer for another trip around.)
- */
- PR_ASSERT(in == end);
- if (in < end) {
- PR_SetError (PR_BUFFER_OVERFLOW_ERROR, 0);
- return PR_FAILURE;
- }
- }
- }
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-pl_base64_encode_flush (PLBase64Encoder *data)
-{
- int i = data->in_buffer_count;
-
- if (i == 0 && data->output_length == 0)
- return PR_SUCCESS;
-
- if (i > 0) {
- char *out = data->output_buffer + data->output_length;
- PRUint32 n;
- int j, k;
-
- n = ((PRUint32) data->in_buffer[0]) << 16;
- if (i > 1)
- n |= ((PRUint32) data->in_buffer[1] << 8);
-
- data->in_buffer_count = 0;
-
- if (data->line_length > 0) {
- if (data->current_column >= data->line_length) {
- data->current_column = 0;
- *out++ = B64_CR;
- *out++ = B64_LF;
- data->output_length += 2;
- }
- }
-
- /*
- * This will fill in more than we really have data for, but the
- * valid parts will end up in the correct position and the extras
- * will be over-written with pad characters below.
- */
- for (j = 18; j >= 0; j -= 6) {
- k = (n >> j) & 0x3F;
- *out++ = base64_valuetocode[k];
- }
-
- /* Pad with equal-signs. */
- if (i == 1)
- out[-2] = B64_PAD;
- out[-1] = B64_PAD;
-
- data->output_length += 4;
- }
-
- if (data->output_fn != NULL) {
- PRInt32 output_result;
-
- output_result = data->output_fn (data->output_arg, data->output_buffer,
- (PRInt32) data->output_length);
- data->output_length = 0;
-
- if (output_result < 0)
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-
-/*
- * The maximum space needed to hold the output of the encoder given input
- * data of length "size", and allowing for CRLF added at least every
- * line_length bytes (we will add it at nearest lower multiple of 4).
- * There is no trailing CRLF.
- */
-static PRUint32
-PL_Base64MaxEncodedLength (PRUint32 size, PRUint32 line_length)
-{
- PRUint32 tokens, tokens_per_line, full_lines, line_break_chars, remainder;
-
- tokens = (size + 2) / 3;
-
- if (line_length == 0)
- return tokens * 4;
-
- if (line_length < 4) /* too small! */
- line_length = 4;
-
- tokens_per_line = line_length / 4;
- full_lines = tokens / tokens_per_line;
- remainder = (tokens - (full_lines * tokens_per_line)) * 4;
- line_break_chars = full_lines * 2;
- if (remainder == 0)
- line_break_chars -= 2;
-
- return (full_lines * tokens_per_line * 4) + line_break_chars + remainder;
-}
-
-
-/*
- * A distinct internal creation function for the buffer version to use.
- * (It does not want to specify an output_fn, and we want the normal
- * Create function to require that.) All common initialization of the
- * encoding context should be done *here*.
- *
- * Save "line_length", rounded down to nearest multiple of 4 (if not
- * already even multiple). Allocate output_buffer, if not provided --
- * based on given size if specified, otherwise based on line_length.
- */
-static PLBase64Encoder *
-pl_base64_create_encoder (PRUint32 line_length, char *output_buffer,
- PRUint32 output_buflen)
-{
- PLBase64Encoder *data;
- PRUint32 line_tokens;
-
- data = PR_NEWZAP(PLBase64Encoder);
- if (data == NULL)
- return NULL;
-
- if (line_length > 0 && line_length < 4) /* too small! */
- line_length = 4;
-
- line_tokens = line_length / 4;
- data->line_length = line_tokens * 4;
-
- if (output_buffer == NULL) {
- if (output_buflen == 0) {
- if (data->line_length > 0) /* need to include room for CRLF */
- output_buflen = data->line_length + 2;
- else
- output_buflen = 64; /* XXX what is a good size? */
- }
-
- output_buffer = (char *) PR_Malloc(output_buflen);
- if (output_buffer == NULL) {
- PR_Free(data);
- return NULL;
- }
- }
-
- data->output_buffer = output_buffer;
- data->output_buflen = output_buflen;
- return data;
-}
-
-/*
- * Function to start a base64 encoding context.
- * An "output_fn" is required; the "output_arg" parameter to that is optional.
- * If linebreaks in the encoded output are desired, "line_length" specifies
- * where to place them -- it will be rounded down to the nearest multiple of 4
- * (if it is not already an even multiple of 4). If it is zero, no linebreaks
- * will be added. (FYI, a linebreak is CRLF -- two characters.)
- */
-static PLBase64Encoder *
-PL_CreateBase64Encoder (PRInt32 (*output_fn) (void *, const char *, PRInt32),
- void *output_arg, PRUint32 line_length)
-{
- PLBase64Encoder *data;
-
- if (output_fn == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return NULL;
- }
-
- data = pl_base64_create_encoder (line_length, NULL, 0);
- if (data == NULL)
- return NULL;
-
- data->output_fn = output_fn;
- data->output_arg = output_arg;
-
- return data;
-}
-
-
-/*
- * Push data through the encoder, causing the output_fn (provided to Create)
- * to be called with the encoded data.
- */
-static PRStatus
-PL_UpdateBase64Encoder (PLBase64Encoder *data, const unsigned char *buffer,
- PRUint32 size)
-{
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL || buffer == NULL || size == 0) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- return pl_base64_encode_buffer (data, buffer, size);
-}
-
-
-/*
- * When you're done encoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-static PRStatus
-PL_DestroyBase64Encoder (PLBase64Encoder *data, PRBool abort_p)
-{
- PRStatus status = PR_SUCCESS;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- /* Flush out the last few buffered characters. */
- if (!abort_p)
- status = pl_base64_encode_flush (data);
-
- if (data->output_buffer != NULL)
- PR_Free(data->output_buffer);
- PR_Free(data);
-
- return status;
-}
-
-
-/*
- * Perform base64 encoding from an input buffer to an output buffer.
- * The output buffer can be provided (as "dest"); you can also pass in
- * a NULL and this function will allocate a buffer large enough for you,
- * and return it. If you do provide the output buffer, you must also
- * provide the maximum length of that buffer (as "maxdestlen").
- * The actual encoded length of output will be returned to you in
- * "output_destlen".
- *
- * If linebreaks in the encoded output are desired, "line_length" specifies
- * where to place them -- it will be rounded down to the nearest multiple of 4
- * (if it is not already an even multiple of 4). If it is zero, no linebreaks
- * will be added. (FYI, a linebreak is CRLF -- two characters.)
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-static char *
-PL_Base64EncodeBuffer (const unsigned char *src, PRUint32 srclen,
- PRUint32 line_length, char *dest, PRUint32 maxdestlen,
- PRUint32 *output_destlen)
-{
- PRUint32 need_length;
- PLBase64Encoder *data = NULL;
- PRStatus status;
-
- PR_ASSERT(srclen > 0);
- if (srclen == 0)
- return dest;
-
- /*
- * How much space could we possibly need for encoding this input?
- */
- need_length = PL_Base64MaxEncodedLength (srclen, line_length);
-
- /*
- * Make sure we have at least that much, if output buffer provided.
- */
- if (dest != NULL) {
- PR_ASSERT(maxdestlen >= need_length);
- if (maxdestlen < need_length) {
- PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
- return NULL;
- }
- } else {
- maxdestlen = need_length;
- }
-
- data = pl_base64_create_encoder(line_length, dest, maxdestlen);
- if (data == NULL)
- return NULL;
-
- status = pl_base64_encode_buffer (data, src, srclen);
-
- /*
- * We do not wait for Destroy to flush, because Destroy will also
- * get rid of our encoder context, which we need to look at first!
- */
- if (status == PR_SUCCESS)
- status = pl_base64_encode_flush (data);
-
- if (status != PR_SUCCESS) {
- (void) PL_DestroyBase64Encoder (data, PR_TRUE);
- return NULL;
- }
-
- dest = data->output_buffer;
-
- /* Must clear this or Destroy will free it. */
- data->output_buffer = NULL;
-
- *output_destlen = data->output_length;
- status = PL_DestroyBase64Encoder (data, PR_FALSE);
- if (status == PR_FAILURE) {
- PR_Free(dest);
- return NULL;
- }
-
- return dest;
-}
-
-/*
- * XXX End of base64 encoding code to be moved into NSPR.
- ********************************************************
- */
-
-/*
- * This is the beginning of the NSS cover functions. These will
- * provide the interface we want to expose as NSS-ish. For example,
- * they will operate on our Items, do any special handling or checking
- * we want to do, etc.
- */
-
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A boring cover structure for now. Perhaps someday it will include
- * some more interesting fields.
- */
-struct NSSBase64EncoderStr {
- PLBase64Encoder *pl_data;
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Function to start a base64 encoding context.
- */
-NSSBase64Encoder *
-NSSBase64Encoder_Create (PRInt32 (*output_fn) (void *, const char *, PRInt32),
- void *output_arg)
-{
- PLBase64Encoder *pl_data;
- NSSBase64Encoder *nss_data;
-
- nss_data = PORT_ZNew(NSSBase64Encoder);
- if (nss_data == NULL)
- return NULL;
-
- pl_data = PL_CreateBase64Encoder (output_fn, output_arg, 64);
- if (pl_data == NULL) {
- PORT_Free(nss_data);
- return NULL;
- }
-
- nss_data->pl_data = pl_data;
- return nss_data;
-}
-
-
-/*
- * Push data through the encoder, causing the output_fn (provided to Create)
- * to be called with the encoded data.
- */
-SECStatus
-NSSBase64Encoder_Update (NSSBase64Encoder *data, const unsigned char *buffer,
- PRUint32 size)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_UpdateBase64Encoder (data->pl_data, buffer, size);
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * When you're done encoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-SECStatus
-NSSBase64Encoder_Destroy (NSSBase64Encoder *data, PRBool abort_p)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_DestroyBase64Encoder (data->pl_data, abort_p);
-
- PORT_Free(data);
-
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * Perform base64 encoding of binary data "inItem" to an ascii string.
- * The output buffer may be provided (as "outStrOpt"); you can also pass
- * in a NULL and the buffer will be allocated for you. The result will
- * be null-terminated, and if the buffer is provided, "maxOutLen" must
- * specify the maximum length of the buffer and will be checked to
- * supply sufficient space space for the encoded result. (If "outStrOpt"
- * is NULL, "maxOutLen" is ignored.)
- *
- * If "outStrOpt" is NULL, allocation will happen out of the passed-in
- * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
- * will be used.
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-char *
-NSSBase64_EncodeItem (PRArenaPool *arenaOpt, char *outStrOpt,
- unsigned int maxOutLen, SECItem *inItem)
-{
- char *out_string = outStrOpt;
- PRUint32 max_out_len;
- PRUint32 out_len;
- void *mark = NULL;
- char *dummy;
-
- PORT_Assert(inItem != NULL && inItem->data != NULL && inItem->len != 0);
- if (inItem == NULL || inItem->data == NULL || inItem->len == 0) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- max_out_len = PL_Base64MaxEncodedLength (inItem->len, 64);
-
- if (arenaOpt != NULL)
- mark = PORT_ArenaMark (arenaOpt);
-
- if (out_string == NULL) {
- if (arenaOpt != NULL)
- out_string = PORT_ArenaAlloc (arenaOpt, max_out_len + 1);
- else
- out_string = PORT_Alloc (max_out_len + 1);
-
- if (out_string == NULL) {
- if (arenaOpt != NULL)
- PORT_ArenaRelease (arenaOpt, mark);
- return NULL;
- }
- } else {
- if ((max_out_len + 1) > maxOutLen) {
- PORT_SetError (SEC_ERROR_OUTPUT_LEN);
- return NULL;
- }
- max_out_len = maxOutLen;
- }
-
-
- dummy = PL_Base64EncodeBuffer (inItem->data, inItem->len, 64,
- out_string, max_out_len, &out_len);
- if (dummy == NULL) {
- if (arenaOpt != NULL) {
- PORT_ArenaRelease (arenaOpt, mark);
- } else {
- PORT_Free (out_string);
- }
- return NULL;
- }
-
- if (arenaOpt != NULL)
- PORT_ArenaUnmark (arenaOpt, mark);
-
- out_string[out_len] = '\0';
- return out_string;
-}
-
-
-/*
- * XXX Everything below is deprecated. If you add new stuff, put it
- * *above*, not below.
- */
-
-/*
- * XXX The following "BTOA" functions are provided for backward compatibility
- * with current code. They should be considered strongly deprecated.
- * When we can convert all our code over to using the new NSSBase64Encoder_
- * functions defined above, we should get rid of these altogether. (Remove
- * protoypes from base64.h as well -- actually, remove that file completely).
- * If someone thinks either of these functions provides such a very useful
- * interface (though, as shown, the same functionality can already be
- * obtained by calling NSSBase64_EncodeItem directly), fine -- but then
- * that API should be provided with a nice new NSSFoo name and using
- * appropriate types, etc.
- */
-
-#include "base64.h"
-
-/*
-** Return an PORT_Alloc'd ascii string which is the base64 encoded
-** version of the input string.
-*/
-char *
-BTOA_DataToAscii(const unsigned char *data, unsigned int len)
-{
- SECItem binary_item;
-
- binary_item.data = (unsigned char *)data;
- binary_item.len = len;
-
- return NSSBase64_EncodeItem (NULL, NULL, 0, &binary_item);
-}
-
-/*
-** Convert from binary encoding of an item to ascii.
-*/
-char *
-BTOA_ConvertItemToAscii (SECItem *binary_item)
-{
- return NSSBase64_EncodeItem (NULL, NULL, 0, binary_item);
-}
diff --git a/security/nss/lib/util/nssb64t.h b/security/nss/lib/util/nssb64t.h
deleted file mode 100644
index b7b079d8c..000000000
--- a/security/nss/lib/util/nssb64t.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public data structures for base64 encoding/decoding.
- *
- * $Id$
- */
-#ifndef _NSSB64T_H_
-#define _NSSB64T_H_
-
-typedef struct NSSBase64DecoderStr NSSBase64Decoder;
-typedef struct NSSBase64EncoderStr NSSBase64Encoder;
-
-#endif /* _NSSB64T_H_ */
diff --git a/security/nss/lib/util/nssilckt.h b/security/nss/lib/util/nssilckt.h
deleted file mode 100644
index e0b49902f..000000000
--- a/security/nss/lib/util/nssilckt.h
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** nssilock.h - Instrumented locking functions for NSS
-**
-** Description:
-** nssilock provides instrumentation for locks and monitors in
-** the NSS libraries. The instrumentation, when enabled, causes
-** each call to the instrumented function to record data about
-** the call to an external file. The external file
-** subsequently used to extract performance data and other
-** statistical information about the operation of locks used in
-** the nss library.
-**
-** To enable compilation with instrumentation, build NSS with
-** the compile time switch NEED_NSS_ILOCK defined.
-**
-** say: "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
-**
-** At runtime, to enable recording from nssilock, one or more
-** environment variables must be set. For each nssILockType to
-** be recorded, an environment variable of the form NSS_ILOCK_x
-** must be set to 1. For example:
-**
-** set NSS_ILOCK_Cert=1
-**
-** nssilock uses PRLOG is used to record to trace data. The
-** PRLogModule name associated with nssilock data is: "nssilock".
-** To enable recording of nssilock data you will need to set the
-** environment variable NSPR_LOG_MODULES to enable
-** recording for the nssilock log module. Similarly, you will
-** need to set the environment variable NSPR_LOG_FILE to specify
-** the filename to receive the recorded data. See prlog.h for usage.
-** Example:
-**
-** export NSPR_LOG_MODULES=nssilock:6
-** export NSPR_LOG_FILE=xxxLogfile
-**
-** Operation:
-** nssilock wraps calls to NSPR's PZLock and PZMonitor functions
-** with similarly named functions: PZ_NewLock(), etc. When NSS is
-** built with lock instrumentation enabled, the PZ* functions are
-** compiled into NSS; when lock instrumentation is disabled,
-** calls to PZ* functions are directly mapped to PR* functions
-** and the instrumentation arguments to the PZ* functions are
-** compiled away.
-**
-**
-** File Format:
-** The format of the external file is implementation
-** dependent. Where NSPR's PR_LOG() function is used, the file
-** contains data defined for PR_LOG() plus the data written by
-** the wrapped function. On some platforms and under some
-** circumstances, platform dependent logging or
-** instrumentation probes may be used. In any case, the
-** relevant data provided by the lock instrumentation is:
-**
-** lockType, func, address, duration, line, file [heldTime]
-**
-** where:
-**
-** lockType: a character representation of nssILockType for the
-** call. e.g. ... "cert"
-**
-** func: the function doing the tracing. e.g. "NewLock"
-**
-** address: address of the instrumented lock or monitor
-**
-** duration: is how long was spent in the instrumented function,
-** in PRIntervalTime "ticks".
-**
-** line: the line number within the calling function
-**
-** file: the file from which the call was made
-**
-** heldTime: how long the lock/monitor was held. field
-** present only for PZ_Unlock() and PZ_ExitMonitor().
-**
-** Design Notes:
-** The design for lock instrumentation was influenced by the
-** need to gather performance data on NSS 3.x. It is intended
-** that the effort to modify NSS to use lock instrumentation
-** be minimized. Existing calls to locking functions need only
-** have their names changed to the instrumentation function
-** names.
-**
-** Private NSS Interface:
-** nssilock.h defines a private interface for use by NSS.
-** nssilock.h is experimental in nature and is subject to
-** change or revocation without notice. ... Don't mess with
-** it.
-**
-*/
-
-/*
- * $Id:
- */
-
-#ifndef _NSSILCKT_H_
-#define _NSSILCKT_H_
-
-#include "prtypes.h"
-#include "prmon.h"
-#include "prlock.h"
-#include "prcvar.h"
-
-typedef enum {
- nssILockArena = 0,
- nssILockSession = 1,
- nssILockObject = 2,
- nssILockRefLock = 3,
- nssILockCert = 4,
- nssILockCertDB = 5,
- nssILockDBM = 6,
- nssILockCache = 7,
- nssILockSSL = 8,
- nssILockList = 9,
- nssILockSlot = 10,
- nssILockFreelist = 11,
- nssILockOID = 12,
- nssILockAttribute = 13,
- nssILockPK11cxt = 14, /* pk11context */
- nssILockRWLock = 15,
- nssILockOther = 16,
- nssILockSelfServ = 17,
- nssILockLast /* don't use this one! */
-} nssILockType;
-
-/*
-** Declare operation type enumerator
-** enumerations identify the function being performed
-*/
-typedef enum {
- FlushTT = 0,
- NewLock = 1,
- Lock = 2,
- Unlock = 3,
- DestroyLock = 4,
- NewCondVar = 5,
- WaitCondVar = 6,
- NotifyCondVar = 7,
- NotifyAllCondVar = 8,
- DestroyCondVar = 9,
- NewMonitor = 10,
- EnterMonitor = 11,
- ExitMonitor = 12,
- Notify = 13,
- NotifyAll = 14,
- Wait = 15,
- DestroyMonitor = 16
-} nssILockOp;
-
-/*
-** Declare the trace record
-*/
-struct pzTrace_s {
- PRUint32 threadID; /* PR_GetThreadID() */
- nssILockOp op; /* operation being performed */
- nssILockType ltype; /* lock type identifier */
- PRIntervalTime callTime; /* time spent in function */
- PRIntervalTime heldTime; /* lock held time, or -1 */
- void *lock; /* address of lock structure */
- PRIntn line; /* line number */
- char file[24]; /* filename */
-};
-
-PR_BEGIN_EXTERN_C
-/*
-** conditionally compile in nssilock features
-*/
-#if defined(NEED_NSS_ILOCK)
-
-/*
-** declare opaque types. See: nssilock.c
-*/
-typedef struct pzlock_s PZLock;
-typedef struct pzcondvar_s PZCondVar;
-typedef struct pzmonitor_s PZMonitor;
-
-#else /* NEED_NSS_ILOCK */
-
-#define PZLock PRLock
-#define PZCondVar PRCondVar
-#define PZMonitor PRMonitor
-
-#endif /* NEED_NSS_ILOCK */
-
-PR_END_EXTERN_C
-#endif /* _NSSILCKT_H_ */
diff --git a/security/nss/lib/util/nssilock.c b/security/nss/lib/util/nssilock.c
deleted file mode 100644
index 056ee6e73..000000000
--- a/security/nss/lib/util/nssilock.c
+++ /dev/null
@@ -1,519 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nssilock.c - NSS lock instrumentation wrapper functions
- *
- * NOTE - These are not public interfaces
- *
- * Implementation Notes:
- * I've tried to make the instrumentation relatively non-intrusive.
- * To do this, I have used a single PR_LOG() call in each
- * instrumented function. There's room for improvement.
- *
- *
- */
-
-#include "prinit.h"
-#include "prerror.h"
-#include "prlock.h"
-#include "prmem.h"
-#include "prenv.h"
-#include "prcvar.h"
-#include "prio.h"
-
-#if defined(NEED_NSS_ILOCK)
-#include "prlog.h"
-#include "nssilock.h"
-
-/*
-** Declare the instrumented PZLock
-*/
-struct pzlock_s {
- PRLock *lock; /* the PZLock to be instrumented */
- PRIntervalTime time; /* timestamp when the lock was aquired */
- nssILockType ltype;
-};
-
-/*
-** Declare the instrumented PZMonitor
-*/
-struct pzmonitor_s {
- PRMonitor *mon; /* the PZMonitor to be instrumented */
- PRIntervalTime time; /* timestamp when the monitor was aquired */
- nssILockType ltype;
-};
-
-/*
-** Declare the instrumented PZCondVar
-*/
-struct pzcondvar_s {
- PRCondVar *cvar; /* the PZCondVar to be instrumented */
- nssILockType ltype;
-};
-
-
-/*
-** Define a CallOnce type to ensure serialized self-initialization
-*/
-static PRCallOnceType coNssILock; /* CallOnce type */
-static PRIntn nssILockInitialized; /* initialization done when 1 */
-static PRLogModuleInfo *nssILog; /* Log instrumentation to this handle */
-
-
-#define NUM_TT_ENTRIES 6000000
-static PRInt32 traceIndex = -1; /* index into trace table */
-static struct pzTrace_s *tt; /* pointer to trace table */
-static PRInt32 ttBufSize = (NUM_TT_ENTRIES * sizeof(struct pzTrace_s ));
-static PRCondVar *ttCVar;
-static PRLock *ttLock;
-static PRFileDesc *ttfd; /* trace table file */
-
-/*
-** Vtrace() -- Trace events, write events to external media
-**
-** Vtrace() records traced events in an in-memory trace table
-** when the trace table fills, Vtrace writes the entire table
-** to a file.
-**
-** data can be lost!
-**
-*/
-static void Vtrace(
- nssILockOp op,
- nssILockType ltype,
- PRIntervalTime callTime,
- PRIntervalTime heldTime,
- void *lock,
- PRIntn line,
- char *file
-) {
- PRInt32 idx;
- struct pzTrace_s *tp;
-
-RetryTrace:
- idx = PR_AtomicIncrement( &traceIndex );
- while( NUM_TT_ENTRIES <= idx || op == FlushTT ) {
- if( NUM_TT_ENTRIES == idx || op == FlushTT ) {
- int writeSize = idx * sizeof(struct pzTrace_s);
- PR_Lock(ttLock);
- PR_Write( ttfd, tt, writeSize );
- traceIndex = -1;
- PR_NotifyAllCondVar( ttCVar );
- PR_Unlock(ttLock);
- goto RetryTrace;
- } else {
- PR_Lock(ttLock);
- while( NUM_TT_ENTRIES < idx )
- PR_WaitCondVar(ttCVar, PR_INTERVAL_NO_WAIT);
- PR_Unlock(ttLock);
- goto RetryTrace;
- }
- } /* end while() */
-
- /* create the trace entry */
- tp = tt + idx;
- tp->threadID = PR_GetThreadID(PR_GetCurrentThread());
- tp->op = op;
- tp->ltype = ltype;
- tp->callTime = callTime;
- tp->heldTime = heldTime;
- tp->lock = lock;
- tp ->line = line;
- strcpy(tp->file, file );
- return;
-} /* --- end Vtrace() --- */
-
-/*
-** pz_TraceFlush() -- Force trace table write to file
-**
-*/
-extern void pz_TraceFlush( void )
-{
- Vtrace( FlushTT, nssILockSelfServ, 0, 0, NULL, 0, "" );
- return;
-} /* --- end pz_TraceFlush() --- */
-
-/*
-** nssILockInit() -- Initialization for nssilock
-**
-** This function is called from the CallOnce mechanism.
-*/
-static PRStatus
- nssILockInit( void )
-{
- int i;
- nssILockInitialized = 1;
-
- /* new log module */
- nssILog = PR_NewLogModule("nssilock");
- if ( NULL == nssILog ) {
- return(PR_FAILURE);
- }
-
- tt = PR_Calloc( NUM_TT_ENTRIES, sizeof(struct pzTrace_s));
- if (NULL == tt ) {
- fprintf(stderr, "nssilock: can't allocate trace table\n");
- exit(1);
- }
-
- ttfd = PR_Open( "xxxTTLog", PR_CREATE_FILE | PR_WRONLY, 0666 );
- if ( NULL == ttfd ) {
- fprintf( stderr, "Oh Drat! Can't open 'xxxTTLog'\n");
- exit(1);
- }
-
- ttLock = PR_NewLock();
- ttCVar = PR_NewCondVar(ttLock);
-
- return(PR_SUCCESS);
-} /* --- end nssILockInit() --- */
-
-extern PZLock * pz_NewLock(
- nssILockType ltype,
- char *file,
- PRIntn line )
-{
- PRStatus rc;
- PZLock *lock;
-
- /* Self Initialize the nssILock feature */
- if (!nssILockInitialized) {
- rc = PR_CallOnce( &coNssILock, nssILockInit );
- if ( PR_FAILURE == rc ) {
- PR_SetError( PR_UNKNOWN_ERROR, 0 );
- return( NULL );
- }
- }
-
- lock = PR_NEWZAP( PZLock );
- if ( NULL != lock ) {
- lock->lock = PR_NewLock();
- if ( NULL == lock->lock ) {
- PR_DELETE( lock );
- lock = NULL;
- }
- }
- lock->ltype = ltype;
-
- Vtrace( NewLock, ltype, 0, 0, lock, line, file );
- return(lock);
-} /* --- end pz_NewLock() --- */
-
-extern void
- pz_Lock(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- PR_Lock( lock->lock );
- lock->time = PR_IntervalNow();
- callTime = lock->time - callTime;
-
- Vtrace( Lock, lock->ltype, callTime, 0, lock, line, file );
- return;
-} /* --- end pz_Lock() --- */
-
-extern PRStatus
- pz_Unlock(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime, now, heldTime;
-
- callTime = PR_IntervalNow();
- rc = PR_Unlock( lock->lock );
- now = PR_IntervalNow();
- callTime = now - callTime;
- heldTime = now - lock->time;
- Vtrace( Unlock, lock->ltype, callTime, heldTime, lock, line, file );
- return( rc );
-} /* --- end pz_Unlock() --- */
-
-extern void
- pz_DestroyLock(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- Vtrace( DestroyLock, lock->ltype, 0, 0, lock, line, file );
- PR_DestroyLock( lock->lock );
- PR_DELETE( lock );
- return;
-} /* --- end pz_DestroyLock() --- */
-
-
-
-extern PZCondVar *
- pz_NewCondVar(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- PZCondVar *cvar;
-
- cvar = PR_NEWZAP( PZCondVar );
- if ( NULL == cvar ) return(NULL);
-
- cvar->ltype = lock->ltype;
- cvar->cvar = PR_NewCondVar( lock->lock );
- if ( NULL == cvar->cvar ) {
- PR_DELETE( cvar );
- }
- Vtrace( NewCondVar, cvar->ltype, 0, 0, cvar, line, file );
- return( cvar );
-} /* --- end pz_NewCondVar() --- */
-
-extern void
- pz_DestroyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- )
-{
- Vtrace( DestroyCondVar, cvar->ltype, 0, 0, cvar, line, file );
- PR_DestroyCondVar( cvar->cvar );
- PR_DELETE( cvar );
-} /* --- end pz_DestroyCondVar() --- */
-
-extern PRStatus
- pz_WaitCondVar(
- PZCondVar *cvar,
- PRIntervalTime timeout,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_WaitCondVar( cvar->cvar, timeout );
- callTime = PR_IntervalNow() - callTime;
-
- Vtrace( WaitCondVar, cvar->ltype, callTime, 0, cvar, line, file );
- return(rc);
-} /* --- end pz_WaitCondVar() --- */
-
-extern PRStatus
- pz_NotifyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
-
- rc = PR_NotifyCondVar( cvar->cvar );
-
- Vtrace( NotifyCondVar, cvar->ltype, 0, 0, cvar, line, file );
- return(rc);
-} /* --- end pz_NotifyCondVar() --- */
-
-extern PRStatus
- pz_NotifyAllCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
-
- rc = PR_NotifyAllCondVar( cvar->cvar );
-
- Vtrace( NotifyAllCondVar, cvar->ltype, 0, 0, cvar, line, file );
- return(rc);
-} /* --- end pz_NotifyAllCondVar() --- */
-
-extern PZMonitor *
- pz_NewMonitor(
- nssILockType ltype,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PZMonitor *mon;
-
- /* Self Initialize the nssILock feature */
- if (!nssILockInitialized) {
- rc = PR_CallOnce( &coNssILock, nssILockInit );
- if ( PR_FAILURE == rc ) {
- PR_SetError( PR_UNKNOWN_ERROR, 0 );
- return( NULL );
- }
- }
-
- mon = PR_NEWZAP( PZMonitor );
- if ( NULL != mon ) {
- mon->mon = PR_NewMonitor();
- if ( NULL == mon->mon ) {
- PR_DELETE( mon );
- return NULL;
- }
- }
- mon->ltype = ltype;
-
- Vtrace( NewMonitor, mon->ltype, 0, 0, mon, line, file );
- return(mon);
-} /* --- end pz_NewMonitor() --- */
-
-extern void
- pz_DestroyMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- Vtrace( DestroyMonitor, mon->ltype, 0, 0, mon, line, file );
- PR_DestroyMonitor( mon->mon );
- PR_DELETE( mon );
- return;
-} /* --- end pz_DestroyMonitor() --- */
-
-extern void
- pz_EnterMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRIntervalTime callTime, now;
-
- callTime = PR_IntervalNow();
- PR_EnterMonitor( mon->mon );
- now = PR_IntervalNow();
- callTime = now - callTime;
- if ( PR_GetMonitorEntryCount(mon->mon) == 1 ) {
- mon->time = now;
- }
- Vtrace( EnterMonitor, mon->ltype, callTime, 0, mon, line, file );
- return;
-} /* --- end pz_EnterMonitor() --- */
-
-extern PRStatus
- pz_ExitMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime, now, heldTime;
- PRIntn mec = PR_GetMonitorEntryCount( mon->mon );
-
- heldTime = (PRIntervalTime)-1;
- callTime = PR_IntervalNow();
- rc = PR_ExitMonitor( mon->mon );
- now = PR_IntervalNow();
- callTime = now - callTime;
- if ( mec == 1 )
- heldTime = now - mon->time;
- Vtrace( ExitMonitor, mon->ltype, callTime, heldTime, mon, line, file );
- return( rc );
-} /* --- end pz_ExitMonitor() --- */
-
-extern PRIntn
- pz_GetMonitorEntryCount(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- return( PR_GetMonitorEntryCount(mon->mon));
-} /* --- end pz_GetMonitorEntryCount() --- */
-
-
-extern PRStatus
- pz_Wait(
- PZMonitor *mon,
- PRIntervalTime ticks,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_Wait( mon->mon, ticks );
- callTime = PR_IntervalNow() - callTime;
- Vtrace( Wait, mon->ltype, callTime, 0, mon, line, file );
- return( rc );
-} /* --- end pz_Wait() --- */
-
-extern PRStatus
- pz_Notify(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_Notify( mon->mon );
- callTime = PR_IntervalNow() - callTime;
- Vtrace( Notify, mon->ltype, callTime, 0, mon, line, file );
- return( rc );
-} /* --- end pz_Notify() --- */
-
-extern PRStatus
- pz_NotifyAll(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_NotifyAll( mon->mon );
- callTime = PR_IntervalNow() - callTime;
- Vtrace( NotifyAll, mon->ltype, callTime, 0, mon, line, file );
- return( rc );
-} /* --- end pz_NotifyAll() --- */
-
-#endif /* NEED_NSS_ILOCK */
-/* --- end nssilock.c --------------------------------- */
diff --git a/security/nss/lib/util/nssilock.h b/security/nss/lib/util/nssilock.h
deleted file mode 100644
index 38b457387..000000000
--- a/security/nss/lib/util/nssilock.h
+++ /dev/null
@@ -1,316 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** nssilock.h - Instrumented locking functions for NSS
-**
-** Description:
-** nssilock provides instrumentation for locks and monitors in
-** the NSS libraries. The instrumentation, when enabled, causes
-** each call to the instrumented function to record data about
-** the call to an external file. The external file
-** subsequently used to extract performance data and other
-** statistical information about the operation of locks used in
-** the nss library.
-**
-** To enable compilation with instrumentation, build NSS with
-** the compile time switch NEED_NSS_ILOCK defined.
-**
-** say: "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
-**
-** At runtime, to enable recording from nssilock, one or more
-** environment variables must be set. For each nssILockType to
-** be recorded, an environment variable of the form NSS_ILOCK_x
-** must be set to 1. For example:
-**
-** set NSS_ILOCK_Cert=1
-**
-** nssilock uses PRLOG is used to record to trace data. The
-** PRLogModule name associated with nssilock data is: "nssilock".
-** To enable recording of nssilock data you will need to set the
-** environment variable NSPR_LOG_MODULES to enable
-** recording for the nssilock log module. Similarly, you will
-** need to set the environment variable NSPR_LOG_FILE to specify
-** the filename to receive the recorded data. See prlog.h for usage.
-** Example:
-**
-** export NSPR_LOG_MODULES=nssilock:6
-** export NSPR_LOG_FILE=xxxLogfile
-**
-** Operation:
-** nssilock wraps calls to NSPR's PZLock and PZMonitor functions
-** with similarly named functions: PZ_NewLock(), etc. When NSS is
-** built with lock instrumentation enabled, the PZ* functions are
-** compiled into NSS; when lock instrumentation is disabled,
-** calls to PZ* functions are directly mapped to PR* functions
-** and the instrumentation arguments to the PZ* functions are
-** compiled away.
-**
-**
-** File Format:
-** The format of the external file is implementation
-** dependent. Where NSPR's PR_LOG() function is used, the file
-** contains data defined for PR_LOG() plus the data written by
-** the wrapped function. On some platforms and under some
-** circumstances, platform dependent logging or
-** instrumentation probes may be used. In any case, the
-** relevant data provided by the lock instrumentation is:
-**
-** lockType, func, address, duration, line, file [heldTime]
-**
-** where:
-**
-** lockType: a character representation of nssILockType for the
-** call. e.g. ... "cert"
-**
-** func: the function doing the tracing. e.g. "NewLock"
-**
-** address: address of the instrumented lock or monitor
-**
-** duration: is how long was spent in the instrumented function,
-** in PRIntervalTime "ticks".
-**
-** line: the line number within the calling function
-**
-** file: the file from which the call was made
-**
-** heldTime: how long the lock/monitor was held. field
-** present only for PZ_Unlock() and PZ_ExitMonitor().
-**
-** Design Notes:
-** The design for lock instrumentation was influenced by the
-** need to gather performance data on NSS 3.x. It is intended
-** that the effort to modify NSS to use lock instrumentation
-** be minimized. Existing calls to locking functions need only
-** have their names changed to the instrumentation function
-** names.
-**
-** Private NSS Interface:
-** nssilock.h defines a private interface for use by NSS.
-** nssilock.h is experimental in nature and is subject to
-** change or revocation without notice. ... Don't mess with
-** it.
-**
-*/
-
-/*
- * $Id:
- */
-
-#ifndef _NSSILOCK_H_
-#define _NSSILOCK_H_
-
-#include "prtypes.h"
-#include "prmon.h"
-#include "prlock.h"
-#include "prcvar.h"
-
-#include "nssilckt.h"
-
-PR_BEGIN_EXTERN_C
-
-#if defined(NEED_NSS_ILOCK)
-
-#define PZ_NewLock(t) pz_NewLock((t),__FILE__,__LINE__)
-extern PZLock *
- pz_NewLock(
- nssILockType ltype,
- char *file,
- PRIntn line
- );
-
-#define PZ_Lock(k) pz_Lock((k),__FILE__,__LINE__)
-extern void
- pz_Lock(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-#define PZ_Unlock(k) pz_Unlock((k),__FILE__,__LINE__)
-extern PRStatus
- pz_Unlock(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-#define PZ_DestroyLock(k) pz_DestroyLock((k),__FILE__,__LINE__)
-extern void
- pz_DestroyLock(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-
-#define PZ_NewCondVar(l) pz_NewCondVar((l),__FILE__,__LINE__)
-extern PZCondVar *
- pz_NewCondVar(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-#define PZ_DestroyCondVar(v) pz_DestroyCondVar((v),__FILE__,__LINE__)
-extern void
- pz_DestroyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- );
-
-#define PZ_WaitCondVar(v,t) pz_WaitCondVar((v),(t),__FILE__,__LINE__)
-extern PRStatus
- pz_WaitCondVar(
- PZCondVar *cvar,
- PRIntervalTime timeout,
- char *file,
- PRIntn line
- );
-
-#define PZ_NotifyCondVar(v) pz_NotifyCondVar((v),__FILE__,__LINE__)
-extern PRStatus
- pz_NotifyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- );
-
-#define PZ_NotifyAllCondVar(v) pz_NotifyAllCondVar((v),__FILE__,__LINE__)
-extern PRStatus
- pz_NotifyAllCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- );
-
-
-#define PZ_NewMonitor(t) pz_NewMonitor((t),__FILE__,__LINE__)
-extern PZMonitor *
- pz_NewMonitor(
- nssILockType ltype,
- char *file,
- PRIntn line
- );
-
-#define PZ_DestroyMonitor(m) pz_DestroyMonitor((m),__FILE__,__LINE__)
-extern void
- pz_DestroyMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_EnterMonitor(m) pz_EnterMonitor((m),__FILE__,__LINE__)
-extern void
- pz_EnterMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-
-#define PZ_ExitMonitor(m) pz_ExitMonitor((m),__FILE__,__LINE__)
-extern PRStatus
- pz_ExitMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_InMonitor(m) (PZ_GetMonitorEntryCount(m) > 0 )
-#define PZ_GetMonitorEntryCount(m) pz_GetMonitorEntryCount((m),__FILE__,__LINE__)
-extern PRIntn
- pz_GetMonitorEntryCount(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_Wait(m,i) pz_Wait((m),((i)),__FILE__,__LINE__)
-extern PRStatus
- pz_Wait(
- PZMonitor *mon,
- PRIntervalTime ticks,
- char *file,
- PRIntn line
- );
-
-#define PZ_Notify(m) pz_Notify((m),__FILE__,__LINE__)
-extern PRStatus
- pz_Notify(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_NotifyAll(m) pz_NotifyAll((m),__FILE__,__LINE__)
-extern PRStatus
- pz_NotifyAll(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_TraceFlush() pz_TraceFlush()
-extern void pz_TraceFlush( void );
-
-#else /* NEED_NSS_ILOCK */
-
-#define PZ_NewLock(t) PR_NewLock()
-#define PZ_DestroyLock(k) PR_DestroyLock((k))
-#define PZ_Lock(k) PR_Lock((k))
-#define PZ_Unlock(k) PR_Unlock((k))
-
-#define PZ_NewCondVar(l) PR_NewCondVar((l))
-#define PZ_DestroyCondVar(v) PR_DestroyCondVar((v))
-#define PZ_WaitCondVar(v,t) PR_WaitCondVar((v),(t))
-#define PZ_NotifyCondVar(v) PR_NotifyCondVar((v))
-#define PZ_NotifyAllCondVar(v) PR_NotifyAllCondVar((v))
-
-#define PZ_NewMonitor(t) PR_NewMonitor()
-#define PZ_DestroyMonitor(m) PR_DestroyMonitor((m))
-#define PZ_EnterMonitor(m) PR_EnterMonitor((m))
-#define PZ_ExitMonitor(m) PR_ExitMonitor((m))
-#define PZ_InMonitor(m) PR_InMonitor((m))
-#define PZ_Wait(m,t) PR_Wait(((m)),((t)))
-#define PZ_Notify(m) PR_Notify((m))
-#define PZ_NotifyAll(m) PR_Notify((m))
-#define PZ_TraceFlush() /* nothing */
-
-
-#endif /* NEED_NSS_ILOCK */
-
-PR_END_EXTERN_C
-#endif /* _NSSILOCK_H_ */
diff --git a/security/nss/lib/util/nsslocks.c b/security/nss/lib/util/nsslocks.c
deleted file mode 100644
index ce9072c68..000000000
--- a/security/nss/lib/util/nsslocks.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nsslocks.h - threadsafe functions to initialize lock pointers.
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "nsslocks.h"
-#include "pratom.h"
-#include "prthread.h"
-
-/* Given the address of a (global) pointer to a PZLock,
- * atomicly create the lock and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-SECStatus
-__nss_InitLock( PZLock **ppLock, nssILockType ltype )
-{
- static PRInt32 initializers;
-
- PORT_Assert( ppLock != NULL);
-
- /* atomically initialize the lock */
- while (!*ppLock) {
- PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
- if (myAttempt == 1) {
- *ppLock = PZ_NewLock(ltype);
- (void) PR_AtomicDecrement(&initializers);
- break;
- }
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield() */
- (void) PR_AtomicDecrement(&initializers);
- }
-
- return (*ppLock != NULL) ? SECSuccess : SECFailure;
-}
-
-SECStatus
-nss_InitLock( PZLock **ppLock, nssILockType ltype )
-{
- return __nss_InitLock(ppLock, ltype);
-}
-
-/* Given the address of a (global) pointer to a PZMonitor,
- * atomicly create the monitor and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-SECStatus
-nss_InitMonitor(PZMonitor **ppMonitor, nssILockType ltype )
-{
- static PRInt32 initializers;
-
- PORT_Assert( ppMonitor != NULL);
-
- /* atomically initialize the lock */
- while (!*ppMonitor) {
- PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
- if (myAttempt == 1) {
- *ppMonitor = PZ_NewMonitor(ltype);
- (void) PR_AtomicDecrement(&initializers);
- break;
- }
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield() */
- (void) PR_AtomicDecrement(&initializers);
- }
-
- return (*ppMonitor != NULL) ? SECSuccess : SECFailure;
-}
diff --git a/security/nss/lib/util/nsslocks.h b/security/nss/lib/util/nsslocks.h
deleted file mode 100644
index 8510cf6b8..000000000
--- a/security/nss/lib/util/nsslocks.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nsslocks.h - threadsafe functions to initialize lock pointers.
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#ifndef _NSSLOCKS_H_
-#define _NSSLOCKS_H_
-
-#include "seccomon.h"
-#include "nssilock.h"
-#include "prmon.h"
-
-SEC_BEGIN_PROTOS
-
-/* Given the address of a (global) pointer to a PZLock,
- * atomicly create the lock and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-extern SECStatus nss_InitLock( PZLock **ppLock, nssILockType ltype );
-
-/* Given the address of a (global) pointer to a PZMonitor,
- * atomicly create the monitor and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-extern SECStatus nss_InitMonitor(PZMonitor **ppMonitor, nssILockType ltype );
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/util/nssrwlk.c b/security/nss/lib/util/nssrwlk.c
deleted file mode 100644
index 33aaaa713..000000000
--- a/security/nss/lib/util/nssrwlk.c
+++ /dev/null
@@ -1,509 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrwlk.h"
-#include "nspr.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Reader-writer lock
- */
-struct nssRWLockStr {
- PZLock * rw_lock;
- char * rw_name; /* lock name */
- PRUint32 rw_rank; /* rank of the lock */
- PRInt32 rw_writer_locks; /* == 0, if unlocked */
- PRInt32 rw_reader_locks; /* == 0, if unlocked */
- /* > 0 , # of read locks */
- PRUint32 rw_waiting_readers; /* number of waiting readers */
- PRUint32 rw_waiting_writers; /* number of waiting writers */
- PZCondVar * rw_reader_waitq; /* cvar for readers */
- PZCondVar * rw_writer_waitq; /* cvar for writers */
- PRThread * rw_owner; /* lock owner for write-lock */
- /* Non-null if write lock held. */
-};
-
-PR_END_EXTERN_C
-
-#include <string.h>
-
-#ifdef DEBUG_RANK_ORDER
-#define NSS_RWLOCK_RANK_ORDER_DEBUG /* enable deadlock detection using
- rank-order for locks
- */
-#endif
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-static PRUintn nss_thread_rwlock_initialized;
-static PRUintn nss_thread_rwlock; /* TPD key for lock stack */
-static PRUintn nss_thread_rwlock_alloc_failed;
-
-#define _NSS_RWLOCK_RANK_ORDER_LIMIT 10
-
-typedef struct thread_rwlock_stack {
- PRInt32 trs_index; /* top of stack */
- NSSRWLock *trs_stack[_NSS_RWLOCK_RANK_ORDER_LIMIT]; /* stack of lock
- pointers */
-} thread_rwlock_stack;
-
-/* forward static declarations. */
-static PRUint32 nssRWLock_GetThreadRank(PRThread *me);
-static void nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock);
-static void nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock);
-static void nssRWLock_ReleaseLockStack(void *lock_stack);
-
-#endif
-
-#define UNTIL(x) while(!(x))
-
-/*
- * Reader/Writer Locks
- */
-
-/*
- * NSSRWLock_New
- * Create a reader-writer lock, with the given lock rank and lock name
- *
- */
-
-PR_IMPLEMENT(NSSRWLock *)
-NSSRWLock_New(PRUint32 lock_rank, const char *lock_name)
-{
- NSSRWLock *rwlock;
-
- rwlock = PR_NEWZAP(NSSRWLock);
- if (rwlock == NULL)
- return NULL;
-
- rwlock->rw_lock = PZ_NewLock(nssILockRWLock);
- if (rwlock->rw_lock == NULL) {
- goto loser;
- }
- rwlock->rw_reader_waitq = PZ_NewCondVar(rwlock->rw_lock);
- if (rwlock->rw_reader_waitq == NULL) {
- goto loser;
- }
- rwlock->rw_writer_waitq = PZ_NewCondVar(rwlock->rw_lock);
- if (rwlock->rw_writer_waitq == NULL) {
- goto loser;
- }
- if (lock_name != NULL) {
- rwlock->rw_name = (char*) PR_Malloc(strlen(lock_name) + 1);
- if (rwlock->rw_name == NULL) {
- goto loser;
- }
- strcpy(rwlock->rw_name, lock_name);
- } else {
- rwlock->rw_name = NULL;
- }
- rwlock->rw_rank = lock_rank;
- rwlock->rw_waiting_readers = 0;
- rwlock->rw_waiting_writers = 0;
- rwlock->rw_reader_locks = 0;
- rwlock->rw_writer_locks = 0;
-
- return rwlock;
-
-loser:
- NSSRWLock_Destroy(rwlock);
- return(NULL);
-}
-
-/*
-** Destroy the given RWLock "lock".
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_Destroy(NSSRWLock *rwlock)
-{
- PR_ASSERT(rwlock != NULL);
- PR_ASSERT(rwlock->rw_waiting_readers == 0);
-
- /* XXX Shouldn't we lock the PZLock before destroying this?? */
-
- if (rwlock->rw_name)
- PR_Free(rwlock->rw_name);
- if (rwlock->rw_reader_waitq)
- PZ_DestroyCondVar(rwlock->rw_reader_waitq);
- if (rwlock->rw_writer_waitq)
- PZ_DestroyCondVar(rwlock->rw_writer_waitq);
- if (rwlock->rw_lock)
- PZ_DestroyLock(rwlock->rw_lock);
- PR_DELETE(rwlock);
-}
-
-/***********************************************************************
-** Given the address of a NULL pointer to a NSSRWLock,
-** atomically initializes that pointer to a newly created NSSRWLock.
-** Returns the value placed into that pointer, or NULL.
-** If the lock cannot be created because of resource constraints,
-** the pointer will be left NULL.
-**
-***********************************************************************/
-PR_IMPLEMENT(NSSRWLock *)
-nssRWLock_AtomicCreate( NSSRWLock ** prwlock,
- PRUint32 lock_rank,
- const char * lock_name)
-{
- NSSRWLock * rwlock;
- static PRInt32 initializers;
-
- PR_ASSERT(prwlock != NULL);
-
- /* atomically initialize the lock */
- while (NULL == (rwlock = *prwlock)) {
- PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
- if (myAttempt == 1) {
- *prwlock = rwlock = NSSRWLock_New(lock_rank, lock_name);
- (void) PR_AtomicDecrement(&initializers);
- break;
- }
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield() */
- (void) PR_AtomicDecrement(&initializers);
- }
-
- return rwlock;
-}
-
-/*
-** Read-lock the RWLock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_LockRead(NSSRWLock *rwlock)
-{
- PRThread *me = PR_GetCurrentThread();
-
- PZ_Lock(rwlock->rw_lock);
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
- /*
- * assert that rank ordering is not violated; the rank of 'rwlock' should
- * be equal to or greater than the highest rank of all the locks held by
- * the thread.
- */
- PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
- (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
-#endif
- /*
- * wait if write-locked or if a writer is waiting; preference for writers
- */
- UNTIL ( (rwlock->rw_owner == me) || /* I own it, or */
- ((rwlock->rw_owner == NULL) && /* no-one owns it, and */
- (rwlock->rw_waiting_writers == 0))) { /* no-one is waiting to own */
-
- rwlock->rw_waiting_readers++;
- PZ_WaitCondVar(rwlock->rw_reader_waitq, PR_INTERVAL_NO_TIMEOUT);
- rwlock->rw_waiting_readers--;
- }
- rwlock->rw_reader_locks++; /* Increment read-lock count */
-
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- nssRWLock_SetThreadRank(me, rwlock);/* update thread's lock rank */
-#endif
-}
-
-/* Unlock a Read lock held on this RW lock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_UnlockRead(NSSRWLock *rwlock)
-{
- PZ_Lock(rwlock->rw_lock);
-
- PR_ASSERT(rwlock->rw_reader_locks > 0); /* lock must be read locked */
-
- if (( rwlock->rw_reader_locks > 0) && /* caller isn't screwey */
- (--rwlock->rw_reader_locks == 0) && /* not read locked any more */
- ( rwlock->rw_owner == NULL) && /* not write locked */
- ( rwlock->rw_waiting_writers > 0)) { /* someone's waiting. */
-
- PZ_NotifyCondVar(rwlock->rw_writer_waitq); /* wake him up. */
- }
-
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * update thread's lock rank
- */
- nssRWLock_UnsetThreadRank(me, rwlock);
-#endif
- return;
-}
-
-/*
-** Write-lock the RWLock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_LockWrite(NSSRWLock *rwlock)
-{
- PRThread *me = PR_GetCurrentThread();
-
- PZ_Lock(rwlock->rw_lock);
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * assert that rank ordering is not violated; the rank of 'rwlock' should
- * be equal to or greater than the highest rank of all the locks held by
- * the thread.
- */
- PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
- (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
-#endif
- /*
- * wait if read locked or write locked.
- */
- PR_ASSERT(rwlock->rw_reader_locks >= 0);
- PR_ASSERT(me != NULL);
-
- UNTIL ( (rwlock->rw_owner == me) || /* I own write lock, or */
- ((rwlock->rw_owner == NULL) && /* no writer and */
- (rwlock->rw_reader_locks == 0))) { /* no readers, either. */
-
- rwlock->rw_waiting_writers++;
- PZ_WaitCondVar(rwlock->rw_writer_waitq, PR_INTERVAL_NO_TIMEOUT);
- rwlock->rw_waiting_writers--;
- PR_ASSERT(rwlock->rw_reader_locks >= 0);
- }
-
- PR_ASSERT(rwlock->rw_reader_locks == 0);
- /*
- * apply write lock
- */
- rwlock->rw_owner = me;
- rwlock->rw_writer_locks++; /* Increment write-lock count */
-
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * update thread's lock rank
- */
- nssRWLock_SetThreadRank(me,rwlock);
-#endif
-}
-
-/* Unlock a Read lock held on this RW lock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_UnlockWrite(NSSRWLock *rwlock)
-{
- PRThread *me = PR_GetCurrentThread();
-
- PZ_Lock(rwlock->rw_lock);
- PR_ASSERT(rwlock->rw_owner == me); /* lock must be write-locked by me. */
- PR_ASSERT(rwlock->rw_writer_locks > 0); /* lock must be write locked */
-
- if ( rwlock->rw_owner == me && /* I own it, and */
- rwlock->rw_writer_locks > 0 && /* I own it, and */
- --rwlock->rw_writer_locks == 0) { /* I'm all done with it */
-
- rwlock->rw_owner = NULL; /* I don't own it any more. */
-
- /* Give preference to waiting writers. */
- if (rwlock->rw_waiting_writers > 0) {
- if (rwlock->rw_reader_locks == 0)
- PZ_NotifyCondVar(rwlock->rw_writer_waitq);
- } else if (rwlock->rw_waiting_readers > 0) {
- PZ_NotifyAllCondVar(rwlock->rw_reader_waitq);
- }
- }
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * update thread's lock rank
- */
- nssRWLock_UnsetThreadRank(me, rwlock);
-#endif
- return;
-}
-
-/* This is primarily for debugging, i.e. for inclusion in ASSERT calls. */
-PR_IMPLEMENT(PRBool)
-NSSRWLock_HaveWriteLock(NSSRWLock *rwlock) {
- PRBool ownWriteLock;
- PRThread *me = PR_GetCurrentThread();
-
- /* This lock call isn't really necessary.
- ** If this thread is the owner, that fact cannot change during this call,
- ** because this thread is in this call.
- ** If this thread is NOT the owner, the owner could change, but it
- ** could not become this thread.
- */
-#if UNNECESSARY
- PZ_Lock(rwlock->rw_lock);
-#endif
- ownWriteLock = (PRBool)(me == rwlock->rw_owner);
-#if UNNECESSARY
- PZ_Unlock(rwlock->rw_lock);
-#endif
- return ownWriteLock;
-}
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-/*
- * nssRWLock_SetThreadRank
- * Set a thread's lock rank, which is the highest of the ranks of all
- * the locks held by the thread. Pointers to the locks are added to a
- * per-thread list, which is anchored off a thread-private data key.
- */
-
-static void
-nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock)
-{
- thread_rwlock_stack *lock_stack;
- PRStatus rv;
-
- /*
- * allocated thread-private-data for rwlock list, if not already allocated
- */
- if (!nss_thread_rwlock_initialized) {
- /*
- * allocate tpd, only if not failed already
- */
- if (!nss_thread_rwlock_alloc_failed) {
- if (PR_NewThreadPrivateIndex(&nss_thread_rwlock,
- nssRWLock_ReleaseLockStack)
- == PR_FAILURE) {
- nss_thread_rwlock_alloc_failed = 1;
- return;
- }
- } else
- return;
- }
- /*
- * allocate a lock stack
- */
- if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL) {
- lock_stack = (thread_rwlock_stack *)
- PR_CALLOC(1 * sizeof(thread_rwlock_stack));
- if (lock_stack) {
- rv = PR_SetThreadPrivate(nss_thread_rwlock, lock_stack);
- if (rv == PR_FAILURE) {
- PR_DELETE(lock_stack);
- nss_thread_rwlock_alloc_failed = 1;
- return;
- }
- } else {
- nss_thread_rwlock_alloc_failed = 1;
- return;
- }
- }
- /*
- * add rwlock to lock stack, if limit is not exceeded
- */
- if (lock_stack) {
- if (lock_stack->trs_index < _NSS_RWLOCK_RANK_ORDER_LIMIT)
- lock_stack->trs_stack[lock_stack->trs_index++] = rwlock;
- }
- nss_thread_rwlock_initialized = 1;
-}
-
-static void
-nssRWLock_ReleaseLockStack(void *lock_stack)
-{
- PR_ASSERT(lock_stack);
- PR_DELETE(lock_stack);
-}
-
-/*
- * nssRWLock_GetThreadRank
- *
- * return thread's lock rank. If thread-private-data for the lock
- * stack is not allocated, return NSS_RWLOCK_RANK_NONE.
- */
-
-static PRUint32
-nssRWLock_GetThreadRank(PRThread *me)
-{
- thread_rwlock_stack *lock_stack;
-
- if (nss_thread_rwlock_initialized) {
- if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL)
- return (NSS_RWLOCK_RANK_NONE);
- else
- return(lock_stack->trs_stack[lock_stack->trs_index - 1]->rw_rank);
-
- } else
- return (NSS_RWLOCK_RANK_NONE);
-}
-
-/*
- * nssRWLock_UnsetThreadRank
- *
- * remove the rwlock from the lock stack. Since locks may not be
- * unlocked in a FIFO order, the entire lock stack is searched.
- */
-
-static void
-nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock)
-{
- thread_rwlock_stack *lock_stack;
- int new_index = 0, index, done = 0;
-
- if (!nss_thread_rwlock_initialized)
- return;
-
- lock_stack = PR_GetThreadPrivate(nss_thread_rwlock);
-
- PR_ASSERT(lock_stack != NULL);
-
- index = lock_stack->trs_index - 1;
- while (index-- >= 0) {
- if ((lock_stack->trs_stack[index] == rwlock) && !done) {
- /*
- * reset the slot for rwlock
- */
- lock_stack->trs_stack[index] = NULL;
- done = 1;
- }
- /*
- * search for the lowest-numbered empty slot, above which there are
- * no non-empty slots
- */
- if ((lock_stack->trs_stack[index] != NULL) && !new_index)
- new_index = index + 1;
- if (done && new_index)
- break;
- }
- /*
- * set top of stack to highest numbered empty slot
- */
- lock_stack->trs_index = new_index;
-
-}
-
-#endif /* NSS_RWLOCK_RANK_ORDER_DEBUG */
diff --git a/security/nss/lib/util/nssrwlk.h b/security/nss/lib/util/nssrwlk.h
deleted file mode 100644
index 3cad4b72d..000000000
--- a/security/nss/lib/util/nssrwlk.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: nsrwlock.h
-** Description: API to basic reader-writer lock functions of NSS.
-** These are re-entrant reader writer locks; that is,
-** If I hold the write lock, I can ask for it and get it again.
-** If I hold the write lock, I can also ask for and get a read lock.
-** I can then release the locks in any order (read or write).
-** I must release each lock type as many times as I acquired it.
-** Otherwise, these are normal reader/writer locks.
-**
-** For deadlock detection, locks should be ranked, and no lock may be aquired
-** while I hold a lock of higher rank number.
-** If you don't want that feature, always use NSS_RWLOCK_RANK_NONE.
-** Lock name is for debugging, and is optional (may be NULL)
-**/
-
-#ifndef nssrwlk_h___
-#define nssrwlk_h___
-
-#include "prtypes.h"
-#include "nssrwlkt.h"
-
-#define NSS_RWLOCK_RANK_NONE 0
-
-/* SEC_BEGIN_PROTOS */
-PR_BEGIN_EXTERN_C
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_New
-** DESCRIPTION:
-** Returns a pointer to a newly created reader-writer lock object.
-** INPUTS: Lock rank
-** Lock name
-** OUTPUTS: void
-** RETURN: NSSRWLock*
-** If the lock cannot be created because of resource constraints, NULL
-** is returned.
-**
-***********************************************************************/
-PR_EXTERN(NSSRWLock*) NSSRWLock_New(PRUint32 lock_rank, const char *lock_name);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_AtomicCreate
-** DESCRIPTION:
-** Given the address of a NULL pointer to a NSSRWLock,
-** atomically initializes that pointer to a newly created NSSRWLock.
-** Returns the value placed into that pointer, or NULL.
-**
-** INPUTS: address of NSRWLock pointer
-** Lock rank
-** Lock name
-** OUTPUTS: NSSRWLock*
-** RETURN: NSSRWLock*
-** If the lock cannot be created because of resource constraints,
-** the pointer will be left NULL.
-**
-***********************************************************************/
-PR_EXTERN(NSSRWLock *)
-nssRWLock_AtomicCreate( NSSRWLock ** prwlock,
- PRUint32 lock_rank,
- const char * lock_name);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_Destroy
-** DESCRIPTION:
-** Destroys a given RW lock object.
-** INPUTS: NSSRWLock *lock - Lock to be freed.
-** OUTPUTS: void
-** RETURN: None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_Destroy(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_LockRead
-** DESCRIPTION:
-** Apply a read lock (non-exclusive) on a RWLock
-** INPUTS: NSSRWLock *lock - Lock to be read-locked.
-** OUTPUTS: void
-** RETURN: None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_LockRead(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_LockWrite
-** DESCRIPTION:
-** Apply a write lock (exclusive) on a RWLock
-** INPUTS: NSSRWLock *lock - Lock to write-locked.
-** OUTPUTS: void
-** RETURN: None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_LockWrite(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_UnlockRead
-** DESCRIPTION:
-** Release a Read lock. Unlocking an unlocked lock has undefined results.
-** INPUTS: NSSRWLock *lock - Lock to unlocked.
-** OUTPUTS: void
-** RETURN: void
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_UnlockRead(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_UnlockWrite
-** DESCRIPTION:
-** Release a Write lock. Unlocking an unlocked lock has undefined results.
-** INPUTS: NSSRWLock *lock - Lock to unlocked.
-** OUTPUTS: void
-** RETURN: void
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_UnlockWrite(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_HaveWriteLock
-** DESCRIPTION:
-** Tells caller whether the current thread holds the write lock, or not.
-** INPUTS: NSSRWLock *lock - Lock to test.
-** OUTPUTS: void
-** RETURN: PRBool PR_TRUE IFF the current thread holds the write lock.
-***********************************************************************/
-
-PR_EXTERN(PRBool) NSSRWLock_HaveWriteLock(NSSRWLock *rwlock);
-
-/* SEC_END_PROTOS */
-PR_END_EXTERN_C
-
-#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/nssrwlkt.h b/security/nss/lib/util/nssrwlkt.h
deleted file mode 100644
index e4bd37c4a..000000000
--- a/security/nss/lib/util/nssrwlkt.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef nssrwlkt_h___
-#define nssrwlkt_h___
-#include "nssilock.h"
-/*
- * NSSRWLock --
- *
- * The reader writer lock, NSSRWLock, is an opaque object to the clients
- * of NSS. All routines operate on a pointer to this opaque entity.
- */
-
-typedef struct nssRWLockStr NSSRWLock;
-
-
-#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/portreg.c b/security/nss/lib/util/portreg.c
deleted file mode 100644
index 41f217f76..000000000
--- a/security/nss/lib/util/portreg.c
+++ /dev/null
@@ -1,317 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * shexp.c: shell-like wildcard match routines
- *
- *
- * See shexp.h for public documentation.
- *
- */
-
-#include "seccomon.h"
-#include "portreg.h"
-
-/* ----------------------------- shexp_valid ------------------------------ */
-
-
-static int
-_valid_subexp(const char *exp, char stop)
-{
- register int x,y,t;
- int nsc,np,tld;
-
- x=0;nsc=0;tld=0;
-
- while(exp[x] && (exp[x] != stop)) {
- switch(exp[x]) {
- case '~':
- if(tld) return INVALID_SXP;
- else ++tld;
- case '*':
- case '?':
- case '^':
- case '$':
- ++nsc;
- break;
- case '[':
- ++nsc;
- if((!exp[++x]) || (exp[x] == ']'))
- return INVALID_SXP;
- for(++x;exp[x] && (exp[x] != ']');++x)
- if(exp[x] == '\\')
- if(!exp[++x])
- return INVALID_SXP;
- if(!exp[x])
- return INVALID_SXP;
- break;
- case '(':
- ++nsc;np = 0;
- while(1) {
- if(exp[++x] == ')')
- return INVALID_SXP;
- for(y=x;(exp[y]) && (exp[y] != '|') && (exp[y] != ')');++y)
- if(exp[y] == '\\')
- if(!exp[++y])
- return INVALID_SXP;
- if(!exp[y])
- return INVALID_SXP;
- if(exp[y] == '|')
- ++np;
- t = _valid_subexp(&exp[x],exp[y]);
- if(t == INVALID_SXP)
- return INVALID_SXP;
- x+=t;
- if(exp[x] == ')') {
- if(!np)
- return INVALID_SXP;
- break;
- }
- }
- break;
- case ')':
- case ']':
- return INVALID_SXP;
- case '\\':
- if(!exp[++x])
- return INVALID_SXP;
- default:
- break;
- }
- ++x;
- }
- if((!stop) && (!nsc))
- return NON_SXP;
- return ((exp[x] == stop) ? x : INVALID_SXP);
-}
-
-int
-PORT_RegExpValid(const char *exp)
-{
- int x;
-
- x = _valid_subexp(exp, '\0');
- return (x < 0 ? x : VALID_SXP);
-}
-
-
-/* ----------------------------- shexp_match ----------------------------- */
-
-
-#define MATCH 0
-#define NOMATCH 1
-#define ABORTED -1
-
-static int _shexp_match(const char *str, const char *exp, PRBool case_insensitive);
-
-static int
-_handle_union(const char *str, const char *exp, PRBool case_insensitive)
-{
- char *e2 = (char *) PORT_Alloc(sizeof(char)*strlen(exp));
- register int t,p2,p1 = 1;
- int cp;
-
- while(1) {
- for(cp=1;exp[cp] != ')';cp++)
- if(exp[cp] == '\\')
- ++cp;
- for(p2 = 0;(exp[p1] != '|') && (p1 != cp);p1++,p2++) {
- if(exp[p1] == '\\')
- e2[p2++] = exp[p1++];
- e2[p2] = exp[p1];
- }
- for (t=cp+1; ((e2[p2] = exp[t]) != 0); ++t,++p2) {}
- if(_shexp_match(str,e2, case_insensitive) == MATCH) {
- PORT_Free(e2);
- return MATCH;
- }
- if(p1 == cp) {
- PORT_Free(e2);
- return NOMATCH;
- }
- else ++p1;
- }
-}
-
-
-static int
-_shexp_match(const char *str, const char *exp, PRBool case_insensitive)
-{
- register int x,y;
- int ret,neg;
-
- ret = 0;
- for(x=0,y=0;exp[y];++y,++x) {
- if((!str[x]) && (exp[y] != '(') && (exp[y] != '$') && (exp[y] != '*'))
- ret = ABORTED;
- else {
- switch(exp[y]) {
- case '$':
- if( (str[x]) )
- ret = NOMATCH;
- else
- --x; /* we don't want loop to increment x */
- break;
- case '*':
- while(exp[++y] == '*'){}
- if(!exp[y])
- return MATCH;
- while(str[x]) {
- switch(_shexp_match(&str[x++],&exp[y], case_insensitive)) {
- case NOMATCH:
- continue;
- case ABORTED:
- ret = ABORTED;
- break;
- default:
- return MATCH;
- }
- break;
- }
- if((exp[y] == '$') && (exp[y+1] == '\0') && (!str[x]))
- return MATCH;
- else
- ret = ABORTED;
- break;
- case '[':
- neg = ((exp[++y] == '^') && (exp[y+1] != ']'));
- if (neg)
- ++y;
-
- if ((isalnum(exp[y])) && (exp[y+1] == '-') &&
- (isalnum(exp[y+2])) && (exp[y+3] == ']'))
- {
- int start = exp[y], end = exp[y+2];
-
- /* no safeguards here */
- if(neg ^ ((str[x] < start) || (str[x] > end))) {
- ret = NOMATCH;
- break;
- }
- y+=3;
- }
- else {
- int matched;
-
- for (matched=0;exp[y] != ']';y++)
- matched |= (str[x] == exp[y]);
- if (neg ^ (!matched))
- ret = NOMATCH;
- }
- break;
- case '(':
- return _handle_union(&str[x],&exp[y], case_insensitive);
- break;
- case '?':
- break;
- case '\\':
- ++y;
- default:
- if(case_insensitive)
- {
- if(toupper(str[x]) != toupper(exp[y]))
- ret = NOMATCH;
- }
- else
- {
- if(str[x] != exp[y])
- ret = NOMATCH;
- }
- break;
- }
- }
- if(ret)
- break;
- }
- return (ret ? ret : (str[x] ? NOMATCH : MATCH));
-}
-
-static int
-port_RegExpMatch(const char *str, const char *xp, PRBool case_insensitive) {
- register int x;
- char *exp = 0;
-
- exp = PORT_Strdup(xp);
-
- if(!exp)
- return 1;
-
- for(x=strlen(exp)-1;x;--x) {
- if((exp[x] == '~') && (exp[x-1] != '\\')) {
- exp[x] = '\0';
- if(_shexp_match(str,&exp[++x], case_insensitive) == MATCH)
- goto punt;
- break;
- }
- }
- if(_shexp_match(str,exp, PR_FALSE) == MATCH) {
- PORT_Free(exp);
- return 0;
- }
-
- punt:
- PORT_Free(exp);
- return 1;
-}
-
-
-/* ------------------------------ shexp_cmp ------------------------------- */
-
-int
-PORT_RegExpSearch(const char *str, const char *exp)
-{
- switch(PORT_RegExpValid(exp))
- {
- case INVALID_SXP:
- return -1;
- case NON_SXP:
- return (strcmp(exp,str) ? 1 : 0);
- default:
- return port_RegExpMatch(str, exp, PR_FALSE);
- }
-}
-
-int
-PORT_RegExpCaseSearch(const char *str, const char *exp)
-{
- switch(PORT_RegExpValid(exp))
- {
- case INVALID_SXP:
- return -1;
- case NON_SXP:
- return (strcmp(exp,str) ? 1 : 0);
- default:
- return port_RegExpMatch(str, exp, PR_TRUE);
- }
-}
-
diff --git a/security/nss/lib/util/portreg.h b/security/nss/lib/util/portreg.h
deleted file mode 100644
index 420f404c7..000000000
--- a/security/nss/lib/util/portreg.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * shexp.h: Defines and prototypes for shell exp. match routines
- *
- *
- * This routine will match a string with a shell expression. The expressions
- * accepted are based loosely on the expressions accepted by zsh.
- *
- * o * matches anything
- * o ? matches one character
- * o \ will escape a special character
- * o $ matches the end of the string
- * o [abc] matches one occurence of a, b, or c. The only character that needs
- * to be escaped in this is ], all others are not special.
- * o [a-z] matches any character between a and z
- * o [^az] matches any character except a or z
- * o ~ followed by another shell expression will remove any pattern
- * matching the shell expression from the match list
- * o (foo|bar) will match either the substring foo, or the substring bar.
- * These can be shell expressions as well.
- *
- * The public interface to these routines is documented below.
- *
- */
-
-#ifndef SHEXP_H
-#define SHEXP_H
-
-/*
- * Requires that the macro MALLOC be set to a "safe" malloc that will
- * exit if no memory is available.
- */
-
-
-/* --------------------------- Public routines ---------------------------- */
-
-
-/*
- * shexp_valid takes a shell expression exp as input. It returns:
- *
- * NON_SXP if exp is a standard string
- * INVALID_SXP if exp is a shell expression, but invalid
- * VALID_SXP if exp is a valid shell expression
- */
-
-#define NON_SXP -1
-#define INVALID_SXP -2
-#define VALID_SXP 1
-
-SEC_BEGIN_PROTOS
-
-extern int PORT_RegExpValid(const char *exp);
-
-extern int PORT_RegExpSearch(const char *str, const char *exp);
-
-/* same as above but uses case insensitive search */
-extern int PORT_RegExpCaseSearch(const char *str, const char *exp);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/util/pqgutil.c b/security/nss/lib/util/pqgutil.c
deleted file mode 100644
index 24e1f62fb..000000000
--- a/security/nss/lib/util/pqgutil.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "pqgutil.h"
-#include "prerror.h"
-#include "secitem.h"
-
-#define PQG_DEFAULT_CHUNKSIZE 2048 /* bytes */
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- * *
- **************************************************************************/
-
-PQGParams *
-PQG_DupParams(const PQGParams *src)
-{
- PRArenaPool *arena;
- PQGParams *dest;
- SECStatus status;
-
- if (src == NULL) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return NULL;
- }
-
- arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto loser;
-
- dest = (PQGParams*)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- if (dest == NULL)
- goto loser;
-
- dest->arena = arena;
-
- status = SECITEM_CopyItem(arena, &dest->prime, &src->prime);
- if (status != SECSuccess)
- goto loser;
-
- status = SECITEM_CopyItem(arena, &dest->subPrime, &src->subPrime);
- if (status != SECSuccess)
- goto loser;
-
- status = SECITEM_CopyItem(arena, &dest->base, &src->base);
- if (status != SECSuccess)
- goto loser;
-
- return dest;
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-
-PQGParams *
-PQG_NewParams(const SECItem * prime, const SECItem * subPrime,
- const SECItem * base)
-{
- PQGParams * dest;
- PQGParams src;
-
- src.arena = NULL;
- src.prime = *prime;
- src.subPrime = *subPrime;
- src.base = *base;
- dest = PQG_DupParams(&src);
- return dest;
-}
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime)
-{
- return SECITEM_CopyItem(NULL, prime, &params->prime);
-}
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime)
-{
- return SECITEM_CopyItem(NULL, subPrime, &params->subPrime);
-}
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetBaseFromParams(const PQGParams *params, SECItem * base)
-{
- return SECITEM_CopyItem(NULL, base, &params->base);
-}
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-void
-PQG_DestroyParams(PQGParams *params)
-{
- if (params == NULL)
- return;
- if (params->arena != NULL) {
- PORT_FreeArena(params->arena, PR_FALSE); /* don't zero it */
- } else {
- SECITEM_FreeItem(&params->prime, PR_FALSE); /* don't free prime */
- SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
- SECITEM_FreeItem(&params->base, PR_FALSE); /* don't free base */
- PORT_Free(params);
- }
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- **************************************************************************/
-
-PQGVerify *
-PQG_DupVerify(const PQGVerify *src)
-{
- PRArenaPool *arena;
- PQGVerify * dest;
- SECStatus status;
-
- if (src == NULL) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return NULL;
- }
-
- arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto loser;
-
- dest = (PQGVerify*)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
- if (dest == NULL)
- goto loser;
-
- dest->arena = arena;
- dest->counter = src->counter;
-
- status = SECITEM_CopyItem(arena, &dest->seed, &src->seed);
- if (status != SECSuccess)
- goto loser;
-
- status = SECITEM_CopyItem(arena, &dest->h, &src->h);
- if (status != SECSuccess)
- goto loser;
-
- return dest;
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-
-PQGVerify *
-PQG_NewVerify(unsigned int counter, const SECItem * seed, const SECItem * h)
-{
- PQGVerify * dest;
- PQGVerify src;
-
- src.arena = NULL;
- src.counter = counter;
- src.seed = *seed;
- src.h = *h;
- dest = PQG_DupVerify(&src);
- return dest;
-}
-
-/**************************************************************************
- * Returns the "counter" value from the PQGVerify.
- **************************************************************************/
-unsigned int
-PQG_GetCounterFromVerify(const PQGVerify *verify)
-{
- return verify->counter;
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem * seed)
-{
- return SECITEM_CopyItem(NULL, seed, &verify->seed);
-}
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h)
-{
- return SECITEM_CopyItem(NULL, h, &verify->h);
-}
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-
-void
-PQG_DestroyVerify(PQGVerify *vfy)
-{
- if (vfy == NULL)
- return;
- if (vfy->arena != NULL) {
- PORT_FreeArena(vfy->arena, PR_FALSE); /* don't zero it */
- } else {
- SECITEM_FreeItem(&vfy->seed, PR_FALSE); /* don't free seed */
- SECITEM_FreeItem(&vfy->h, PR_FALSE); /* don't free h */
- PORT_Free(vfy);
- }
-}
diff --git a/security/nss/lib/util/pqgutil.h b/security/nss/lib/util/pqgutil.h
deleted file mode 100644
index 1ceb87803..000000000
--- a/security/nss/lib/util/pqgutil.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _PQGUTIL_H_
-#define _PQGUTIL_H_ 1
-
-#include "blapi.h"
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- **************************************************************************/
-extern PQGParams * PQG_DupParams(const PQGParams *src);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGParams * PQG_NewParams(const SECItem * prime,
- const SECItem * subPrime,
- const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetPrimeFromParams(const PQGParams *params,
- SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetSubPrimeFromParams(const PQGParams *params,
- SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetBaseFromParams(const PQGParams *params, SECItem *base);
-
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-extern void PQG_DestroyParams(PQGParams *params);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- **************************************************************************/
-extern PQGVerify * PQG_DupVerify(const PQGVerify *src);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGVerify * PQG_NewVerify(unsigned int counter, const SECItem * seed,
- const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed);
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-extern void PQG_DestroyVerify(PQGVerify *vfy);
-
-
-#endif
diff --git a/security/nss/lib/util/quickder.c b/security/nss/lib/util/quickder.c
deleted file mode 100644
index 6e71baca7..000000000
--- a/security/nss/lib/util/quickder.c
+++ /dev/null
@@ -1,904 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- Optimized ASN.1 DER decoder
-
-*/
-
-#include "secerr.h"
-#include "secasn1.h" /* for SEC_ASN1GetSubtemplate */
-#include "secitem.h"
-
-/*
- * simple definite-length ASN.1 decoder
- */
-
-static unsigned char* definite_length_decoder(const unsigned char *buf,
- const unsigned int length,
- unsigned int *data_length,
- PRBool includeTag)
-{
- unsigned char tag;
- unsigned int used_length= 0;
- unsigned int data_len;
-
- if (used_length >= length)
- {
- return NULL;
- }
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0)
- {
- return NULL;
- }
-
- if (used_length >= length)
- {
- return NULL;
- }
- data_len = buf[used_length++];
-
- if (data_len&0x80)
- {
- int len_count = data_len & 0x7f;
-
- data_len = 0;
-
- while (len_count-- > 0)
- {
- if (used_length >= length)
- {
- return NULL;
- }
- data_len = (data_len << 8) | buf[used_length++];
- }
- }
-
- if (data_len > (length-used_length) )
- {
- return NULL;
- }
- if (includeTag) data_len += used_length;
-
- *data_length = data_len;
- return ((unsigned char*)buf + (includeTag ? 0 : used_length));
-}
-
-static SECStatus GetItem(SECItem* src, SECItem* dest, PRBool includeTag)
-{
- if ( (!src) || (!dest) || (!src->data) )
- {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (!src->len)
- {
- /* reaching the end of the buffer is not an error */
- dest->data = NULL;
- dest->len = 0;
- dest->type = siBuffer;
-
- return SECSuccess;
- }
-
- dest->type = siBuffer;
- dest->data = definite_length_decoder(src->data, src->len, &dest->len,
- includeTag);
- if (dest->data == NULL)
- {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- src->len -= (dest->data - src->data) + dest->len;
- src->data = dest->data + dest->len;
- return SECSuccess;
-}
-
-/* check if the actual component's type matches the type in the template */
-
-static SECStatus MatchComponentType(const SEC_ASN1Template* templateEntry,
- SECItem* item, PRBool* match, void* dest)
-{
- unsigned long kind = 0;
- unsigned char tag = 0;
-
- if ( (!item) || (!templateEntry) || (!match) )
- {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (!item->len || !item->data)
- {
- *match = PR_FALSE;
- return SECSuccess;
- }
-
- kind = templateEntry->kind;
- tag = *(unsigned char*) item->data;
-
- if ( ( (kind & SEC_ASN1_INLINE) ||
- (kind & SEC_ASN1_POINTER) ) &&
- (0 == (kind & SEC_ASN1_TAG_MASK) ) )
- {
- /* These cases are special because the template's "kind" does not
- give us the information for the ASN.1 tag of the next item. It can
- only be figured out from the subtemplate. */
- if (!(kind & SEC_ASN1_OPTIONAL))
- {
- /* This is a required component. If there is a type mismatch,
- the decoding of the subtemplate will fail, so assume this
- is a match at the parent level and let it fail later. This
- avoids a redundant check in matching cases */
- *match = PR_TRUE;
- return SECSuccess;
- }
- else
- {
- /* optional component. This is the hard case. Now we need to
- look at the subtemplate to get the expected kind */
- const SEC_ASN1Template* subTemplate =
- SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE);
- if (!subTemplate)
- {
- PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
- return SECFailure;
- }
- if ( (subTemplate->kind & SEC_ASN1_INLINE) ||
- (subTemplate->kind & SEC_ASN1_POINTER) )
- {
- /* disallow nesting SEC_ASN1_POINTER and SEC_ASN1_INLINE,
- otherwise you may get a false positive due to the recursion
- optimization above that always matches the type if the
- component is required . Nesting these should never be
- required, so that no one should miss this ability */
- PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
- return SECFailure;
- }
- return MatchComponentType(subTemplate, item, match,
- (void*)((char*)dest + templateEntry->offset));
- }
- }
-
- if (kind & SEC_ASN1_CHOICE)
- {
- /* we need to check the component's tag against each choice's tag */
- /* XXX it would be nice to save the index of the choice here so that
- DecodeChoice wouldn't have to do this again. However, due to the
- recursivity of MatchComponentType, we don't know if we are in a
- required or optional component, so we can't write anywhere in
- the destination within this function */
- unsigned choiceIndex = 1;
- const SEC_ASN1Template* choiceEntry;
- while ( (choiceEntry = &templateEntry[choiceIndex++]) && (choiceEntry->kind))
- {
- if ( (SECSuccess == MatchComponentType(choiceEntry, item, match,
- (void*)((char*)dest + choiceEntry->offset))) &&
- (PR_TRUE == *match) )
- {
- return SECSuccess;
- }
- }
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
-
- if (kind & SEC_ASN1_ANY)
- {
- /* SEC_ASN1_ANY always matches */
- *match = PR_TRUE;
- return SECSuccess;
- }
-
- if ( (0 == ((unsigned char)kind & SEC_ASN1_TAGNUM_MASK)) &&
- (!(kind & SEC_ASN1_EXPLICIT)) &&
- ( ( (kind & SEC_ASN1_SAVE) ||
- (kind & SEC_ASN1_SKIP) ) &&
- (!(kind & SEC_ASN1_OPTIONAL))
- )
- )
- {
- /* when saving or skipping a required component, a type is not
- required in the template. This is for legacy support of
- SEC_ASN1_SAVE and SEC_ASN1_SKIP only. XXX I would like to
- deprecate these usages and always require a type, as this
- disables type checking, and effectively forbids us from
- transparently ignoring optional components we aren't aware of */
- *match = PR_TRUE;
- return SECSuccess;
- }
-
- /* first, do a class check */
- if ( (tag & SEC_ASN1_CLASS_MASK) !=
- (((unsigned char)kind) & SEC_ASN1_CLASS_MASK) )
- {
-#ifdef DEBUG
- /* this is only to help debugging of the decoder in case of problems */
- unsigned char tagclass = tag & SEC_ASN1_CLASS_MASK;
- unsigned char expectedclass = (unsigned char)kind & SEC_ASN1_CLASS_MASK;
-#endif
- *match = PR_FALSE;
- return SECSuccess;
- }
-
- /* now do a tag check */
- if ( ((unsigned char)kind & SEC_ASN1_TAGNUM_MASK) !=
- (tag & SEC_ASN1_TAGNUM_MASK))
- {
- *match = PR_FALSE;
- return SECSuccess;
- }
-
- /* now, do a method check. This depends on the class */
- switch (tag & SEC_ASN1_CLASS_MASK)
- {
- case SEC_ASN1_UNIVERSAL:
- /* For types of the SEC_ASN1_UNIVERSAL class, we know which must be
- primitive or constructed based on the tag */
- switch (tag & SEC_ASN1_TAGNUM_MASK)
- {
- case SEC_ASN1_SEQUENCE:
- case SEC_ASN1_SET:
- case SEC_ASN1_EMBEDDED_PDV:
- /* this component must be a constructed type */
- /* XXX add any new universal constructed type here */
- if (tag & SEC_ASN1_CONSTRUCTED)
- {
- *match = PR_TRUE;
- return SECSuccess;
- }
- break;
-
- default:
- /* this component must be a primitive type */
- if (! (tag & SEC_ASN1_CONSTRUCTED))
- {
- *match = PR_TRUE;
- return SECSuccess;
- }
- break;
- }
- break;
-
- default:
- /* for all other classes, we check the method based on the template */
- if ( (unsigned char)(kind & SEC_ASN1_METHOD_MASK) ==
- (tag & SEC_ASN1_METHOD_MASK) )
- {
- *match = PR_TRUE;
- return SECSuccess;
- }
- /* method does not match between template and component */
- break;
- }
-
- *match = PR_FALSE;
- return SECSuccess;
-}
-
-#ifdef DEBUG
-
-static SECStatus CheckSequenceTemplate(const SEC_ASN1Template* sequenceTemplate)
-{
- SECStatus rv = SECSuccess;
- const SEC_ASN1Template* sequenceEntry = NULL;
- unsigned long seqIndex = 0;
- unsigned long lastEntryIndex = 0;
- unsigned long ambiguityIndex = 0;
- PRBool foundAmbiguity = PR_FALSE;
-
- do
- {
- sequenceEntry = &sequenceTemplate[seqIndex++];
- if (sequenceEntry->kind)
- {
- /* ensure that we don't have an optional component of SEC_ASN1_ANY
- in the middle of the sequence, since we could not handle it */
- /* XXX this function needs to dig into the subtemplates to find
- the next tag */
- if ( (PR_FALSE == foundAmbiguity) &&
- (sequenceEntry->kind & SEC_ASN1_OPTIONAL) &&
- (sequenceEntry->kind & SEC_ASN1_ANY) )
- {
- foundAmbiguity = PR_TRUE;
- ambiguityIndex = seqIndex - 1;
- }
- }
- } while (sequenceEntry->kind);
-
- lastEntryIndex = seqIndex - 2;
-
- if (PR_FALSE != foundAmbiguity)
- {
- if (ambiguityIndex < lastEntryIndex)
- {
- /* ambiguity can only be tolerated on the last entry */
- PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
- rv = SECFailure;
- }
- }
-
- /* XXX also enforce ASN.1 requirement that tags be
- distinct for consecutive optional components */
-
- return rv;
-}
-
-#endif
-
-static SECStatus DecodeItem(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena, PRBool checkTag);
-
-static SECStatus DecodeSequence(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena)
-{
- SECStatus rv = SECSuccess;
- SECItem source;
- SECItem sequence;
- const SEC_ASN1Template* sequenceTemplate = &(templateEntry[1]);
- const SEC_ASN1Template* sequenceEntry = NULL;
- unsigned long seqindex = 0;
-
-#ifdef DEBUG
- /* for a sequence, we need to validate the template. */
- rv = CheckSequenceTemplate(sequenceTemplate);
-#endif
-
- source = *src;
-
- /* get the sequence */
- if (SECSuccess == rv)
- {
- rv = GetItem(&source, &sequence, PR_FALSE);
- }
-
- /* process it */
- if (SECSuccess == rv)
- do
- {
- sequenceEntry = &sequenceTemplate[seqindex++];
- if ( (sequenceEntry && sequenceEntry->kind) &&
- (sequenceEntry->kind != SEC_ASN1_SKIP_REST) )
- {
- rv = DecodeItem(dest, sequenceEntry, &sequence, arena, PR_TRUE);
- }
- } while ( (SECSuccess == rv) &&
- (sequenceEntry->kind &&
- sequenceEntry->kind != SEC_ASN1_SKIP_REST) );
- /* we should have consumed all the bytes in the sequence by now
- unless the caller doesn't care about the rest of the sequence */
- if (SECSuccess == rv && sequence.len &&
- sequenceEntry && sequenceEntry->kind != SEC_ASN1_SKIP_REST)
- {
- /* it isn't 100% clear whether this is a bad DER or a bad template.
- The problem is that logically, they don't match - there is extra
- data in the DER that the template doesn't know about */
- PORT_SetError(SEC_ERROR_BAD_DER);
- rv = SECFailure;
- }
-
- return rv;
-}
-
-static SECStatus DecodeInline(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena, PRBool checkTag)
-{
- const SEC_ASN1Template* inlineTemplate =
- SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE);
- return DecodeItem((void*)((char*)dest + templateEntry->offset),
- inlineTemplate, src, arena, checkTag);
-}
-
-static SECStatus DecodePointer(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena, PRBool checkTag)
-{
- const SEC_ASN1Template* ptrTemplate =
- SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE);
- void* subdata = PORT_ArenaZAlloc(arena, ptrTemplate->size);
- *(void**)((char*)dest + templateEntry->offset) = subdata;
- if (subdata)
- {
- return DecodeItem(subdata, ptrTemplate, src, arena, checkTag);
- }
- else
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-}
-
-static SECStatus DecodeImplicit(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena)
-{
- if (templateEntry->kind & SEC_ASN1_POINTER)
- {
- return DecodePointer((void*)((char*)dest ),
- templateEntry, src, arena, PR_FALSE);
- }
- else
- {
- return DecodeInline((void*)((char*)dest ),
- templateEntry, src, arena, PR_FALSE);
- }
-}
-
-static SECStatus DecodeChoice(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena)
-{
- SECStatus rv = SECSuccess;
- SECItem choice;
- const SEC_ASN1Template* choiceTemplate = &(templateEntry[1]);
- const SEC_ASN1Template* choiceEntry = NULL;
- unsigned long choiceindex = 0;
-
- /* XXX for a choice component, we should validate the template to make
- sure the tags are distinct, in debug builds. This hasn't been
- implemented yet */
- /* rv = CheckChoiceTemplate(sequenceTemplate); */
-
- /* process it */
- do
- {
- choice = *src;
- choiceEntry = &choiceTemplate[choiceindex++];
- if (choiceEntry->kind)
- {
- rv = DecodeItem(dest, choiceEntry, &choice, arena, PR_TRUE);
- }
- } while ( (SECFailure == rv) && (choiceEntry->kind));
-
- if (SECFailure == rv)
- {
- /* the component didn't match any of the choices */
- PORT_SetError(SEC_ERROR_BAD_DER);
- }
- else
- {
- /* set the type in the union here */
- int *which = (int *)((char *)dest + templateEntry->offset);
- *which = (int)choiceEntry->size;
- }
-
- /* we should have consumed all the bytes by now */
- /* fail if we have not */
- if (SECSuccess == rv && choice.len)
- {
- /* there is extra data that isn't listed in the template */
- PORT_SetError(SEC_ERROR_BAD_DER);
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus DecodeGroup(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena)
-{
- SECStatus rv = SECSuccess;
- SECItem source;
- SECItem group;
- PRUint32 totalEntries = 0;
- PRUint32 entryIndex = 0;
- void** entries = NULL;
-
- const SEC_ASN1Template* subTemplate =
- SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE);
-
- source = *src;
-
- /* get the group */
- if (SECSuccess == rv)
- {
- rv = GetItem(&source, &group, PR_FALSE);
- }
-
- /* XXX we should check the subtemplate in debug builds */
- if (SECSuccess == rv)
- {
- /* first, count the number of entries. Benchmarking showed that this
- counting pass is more efficient than trying to allocate entries as
- we read the DER, even if allocating many entries at a time
- */
- SECItem counter = group;
- do
- {
- SECItem anitem;
- rv = GetItem(&counter, &anitem, PR_TRUE);
- if (SECSuccess == rv && (anitem.len) )
- {
- totalEntries++;
- }
- } while ( (SECSuccess == rv) && (counter.len) );
-
- if (SECSuccess == rv)
- {
- /* allocate room for pointer array and entries */
- /* we want to allocate the array even if there is 0 entry */
- entries = (void**)PORT_ArenaZAlloc(arena, sizeof(void*)*
- (totalEntries + 1 ) + /* the extra one is for NULL termination */
- subTemplate->size*totalEntries);
-
- if (entries)
- {
- entries[totalEntries] = NULL; /* terminate the array */
- }
- else
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
- if (SECSuccess == rv)
- {
- void* entriesData = (unsigned char*)entries + (unsigned long)(sizeof(void*)*(totalEntries + 1 ));
- /* and fix the pointers in the array */
- PRUint32 entriesIndex = 0;
- for (entriesIndex = 0;entriesIndex<totalEntries;entriesIndex++)
- {
- entries[entriesIndex] =
- (char*)entriesData + (subTemplate->size*entriesIndex);
- }
- }
- }
- }
-
- if (SECSuccess == rv && totalEntries)
- do
- {
- if (!(entryIndex<totalEntries))
- {
- rv = SECFailure;
- break;
- }
- rv = DecodeItem(entries[entryIndex++], subTemplate, &group, arena, PR_TRUE);
- } while ( (SECSuccess == rv) && (group.len) );
- /* we should be at the end of the set by now */
- /* save the entries where requested */
- memcpy(((char*)dest + templateEntry->offset), &entries, sizeof(void**));
-
- return rv;
-}
-
-static SECStatus DecodeExplicit(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena)
-{
- SECStatus rv = SECSuccess;
- SECItem subItem;
- SECItem constructed = *src;
-
- rv = GetItem(&constructed, &subItem, PR_FALSE);
-
- if (SECSuccess == rv)
- {
- if (templateEntry->kind & SEC_ASN1_POINTER)
- {
- rv = DecodePointer(dest, templateEntry, &subItem, arena, PR_TRUE);
- }
- else
- {
- rv = DecodeInline(dest, templateEntry, &subItem, arena, PR_TRUE);
- }
- }
-
- return rv;
-}
-
-/* new decoder implementation. This is a recursive function */
-
-static SECStatus DecodeItem(void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src, PRArenaPool* arena, PRBool checkTag)
-{
- SECStatus rv = SECSuccess;
- SECItem temp;
- SECItem mark;
- PRBool pop = PR_FALSE;
- PRBool decode = PR_TRUE;
- PRBool save = PR_FALSE;
- unsigned long kind;
- PRBool match = PR_TRUE;
- PRBool optional = PR_FALSE;
-
- PR_ASSERT(src && dest && templateEntry && arena);
-#if 0
- if (!src || !dest || !templateEntry || !arena)
- {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-#endif
-
- if (SECSuccess == rv)
- {
- /* do the template validation */
- kind = templateEntry->kind;
- optional = (0 != (kind & SEC_ASN1_OPTIONAL));
- if (!kind)
- {
- PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
- rv = SECFailure;
- }
- }
-
- if (SECSuccess == rv)
- {
-#ifdef DEBUG
- if (kind & SEC_ASN1_DEBUG_BREAK)
- {
- /* when debugging the decoder or a template that fails to
- decode, put SEC_ASN1_DEBUG in the component that gives you
- trouble. The decoder will then get to this block and assert.
- If you want to debug the rest of the code, you can set a
- breakpoint and set dontassert to PR_TRUE, which will let
- you skip over the assert and continue the debugging session
- past it. */
- PRBool dontassert = PR_FALSE;
- PR_ASSERT(dontassert); /* set bkpoint here & set dontassert*/
- }
-#endif
-
- if ((kind & SEC_ASN1_SKIP) ||
- (kind & SEC_ASN1_SAVE))
- {
- /* if skipping or saving this component, don't decode it */
- decode = PR_FALSE;
- }
-
- if (kind & (SEC_ASN1_SAVE | SEC_ASN1_OPTIONAL))
- {
- /* if saving this component, or if it is optional, we may not want to
- move past it, so save the position in case we have to rewind */
- mark = *src;
- if (kind & SEC_ASN1_SAVE)
- {
- save = PR_TRUE;
- if (0 == (kind & SEC_ASN1_SKIP))
- {
- /* we will for sure have to rewind when saving this
- component and not skipping it. This is true for all
- legacy uses of SEC_ASN1_SAVE where the following entry
- in the template would causes the same component to be
- processed again */
- pop = PR_TRUE;
- }
- }
- }
-
- rv = GetItem(src, &temp, PR_TRUE);
- }
-
- if (SECSuccess == rv)
- {
- /* now check if the component matches what we expect in the template */
-
- if (PR_TRUE == checkTag)
-
- {
- rv = MatchComponentType(templateEntry, &temp, &match, dest);
- }
-
- if ( (SECSuccess == rv) && (PR_TRUE != match) )
- {
- if (kind & SEC_ASN1_OPTIONAL)
- {
-
- /* the optional component is missing. This is not fatal. */
- /* Rewind, don't decode, and don't save */
- pop = PR_TRUE;
- decode = PR_FALSE;
- save = PR_FALSE;
- }
- else
- {
- /* a required component is missing. abort */
- PORT_SetError(SEC_ERROR_BAD_DER);
- rv = SECFailure;
- }
- }
- }
-
- if ((SECSuccess == rv) && (PR_TRUE == decode))
- {
- /* the order of processing here is is the tricky part */
- /* we start with our special cases */
- /* first, check the component class */
- if (kind & SEC_ASN1_INLINE)
- {
- /* decode inline template */
- rv = DecodeInline(dest, templateEntry, &temp , arena, PR_TRUE);
- }
-
- else
- if (kind & SEC_ASN1_EXPLICIT)
- {
- rv = DecodeExplicit(dest, templateEntry, &temp, arena);
- }
- else
- if ( (SEC_ASN1_UNIVERSAL != (kind & SEC_ASN1_CLASS_MASK)) &&
-
- (!(kind & SEC_ASN1_EXPLICIT)))
- {
-
- /* decode implicitly tagged components */
- rv = DecodeImplicit(dest, templateEntry, &temp , arena);
- }
- else
- if (kind & SEC_ASN1_POINTER)
- {
- rv = DecodePointer(dest, templateEntry, &temp, arena, PR_TRUE);
- }
- else
- if (kind & SEC_ASN1_CHOICE)
- {
- rv = DecodeChoice(dest, templateEntry, &temp, arena);
- }
- else
- if (kind & SEC_ASN1_ANY)
- {
- /* catch-all ANY type, don't decode */
- save = PR_TRUE;
- if (kind & SEC_ASN1_INNER)
- {
- /* skip the tag and length */
- SECItem newtemp = temp;
- rv = GetItem(&newtemp, &temp, PR_FALSE);
- }
- }
- else
- if (kind & SEC_ASN1_GROUP)
- {
- if ( (SEC_ASN1_SEQUENCE == (kind & SEC_ASN1_TAGNUM_MASK)) ||
- (SEC_ASN1_SET == (kind & SEC_ASN1_TAGNUM_MASK)) )
- {
- rv = DecodeGroup(dest, templateEntry, &temp , arena);
- }
- else
- {
- /* a group can only be a SET OF or SEQUENCE OF */
- PORT_SetError(SEC_ERROR_BAD_TEMPLATE);
- rv = SECFailure;
- }
- }
- else
- if (SEC_ASN1_SEQUENCE == (kind & SEC_ASN1_TAGNUM_MASK))
- {
- /* plain SEQUENCE */
- rv = DecodeSequence(dest, templateEntry, &temp , arena);
- }
- else
- {
- /* handle all other types as "save" */
- /* we should only get here for primitive universal types */
- SECItem newtemp = temp;
- rv = GetItem(&newtemp, &temp, PR_FALSE);
- save = PR_TRUE;
- if ((SECSuccess == rv) && SEC_ASN1_UNIVERSAL == (kind & SEC_ASN1_CLASS_MASK))
- switch (kind & SEC_ASN1_TAGNUM_MASK)
- {
- /* special cases of primitive types */
- case SEC_ASN1_INTEGER:
- {
- /* remove leading zeroes if the caller requested siUnsignedInteger
- This is to allow RSA key operations to work */
- SECItem* destItem = (SECItem*) ((char*)dest + templateEntry->offset);
- if (destItem && (siUnsignedInteger == destItem->type))
- {
- while (temp.len > 1 && temp.data[0] == 0)
- { /* leading 0 */
- temp.data++;
- temp.len--;
- }
- }
- break;
- }
-
- case SEC_ASN1_BIT_STRING:
- {
- /* change the length in the SECItem to be the number of bits */
- if (temp.len && temp.data)
- {
- temp.len = (temp.len-1)*8 - ((*(unsigned char*)temp.data) & 0x7);
- temp.data = (unsigned char*)(temp.data+1);
- }
- break;
- }
-
- default:
- {
- break;
- }
- }
- }
- }
-
- if ((SECSuccess == rv) && (PR_TRUE == save))
- {
- SECItem* destItem = (SECItem*) ((char*)dest + templateEntry->offset);
- if (destItem)
- {
- *(destItem) = temp;
- }
- else
- {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
- }
-
- if (PR_TRUE == pop)
- {
- /* we don't want to move ahead, so restore the position */
- *src = mark;
- }
- return rv;
-}
-
-/* the function below is the public one */
-
-SECStatus SEC_QuickDERDecodeItem(PRArenaPool* arena, void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src)
-{
- SECStatus rv = SECSuccess;
- SECItem newsrc;
-
- if (!arena || !templateEntry || !src)
- {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- if (SECSuccess == rv)
- {
- newsrc = *src;
- rv = DecodeItem(dest, templateEntry, &newsrc, arena, PR_TRUE);
- if (SECSuccess == rv && newsrc.len)
- {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_EXTRA_INPUT);
- }
- }
-
- return rv;
-}
-
diff --git a/security/nss/lib/util/ret_cr16.s b/security/nss/lib/util/ret_cr16.s
deleted file mode 100644
index d1fffc577..000000000
--- a/security/nss/lib/util/ret_cr16.s
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef __LP64__
- .LEVEL 2.0W
-#else
- .LEVEL 1.1
-#endif
-
- .CODE ; equivalent to the following two lines
-; .SPACE $TEXT$,SORT=8
-; .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
-
-ret_cr16
- .PROC
- .CALLINFO FRAME=0, NO_CALLS
- .EXPORT ret_cr16,ENTRY
- .ENTER
-; BV %r0(%rp)
- BV 0(%rp)
- MFCTL %cr16,%ret0
- .LEAVE
- .PROCEND
- .END
diff --git a/security/nss/lib/util/secalgid.c b/security/nss/lib/util/secalgid.c
deleted file mode 100644
index 8d0d0df51..000000000
--- a/security/nss/lib/util/secalgid.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secoid.h"
-#include "secder.h" /* XXX remove this when remove the DERTemplate */
-#include "secasn1.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/* XXX Old template; want to expunge it eventually. */
-DERTemplate SECAlgorithmIDTemplate[] = {
- { DER_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { DER_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { DER_OPTIONAL | DER_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-SECOidTag
-SECOID_GetAlgorithmTag(SECAlgorithmID *id)
-{
- if (id == NULL || id->algorithm.data == NULL)
- return SEC_OID_UNKNOWN;
-
- return SECOID_FindOIDTag (&(id->algorithm));
-}
-
-SECStatus
-SECOID_SetAlgorithmID(PRArenaPool *arena, SECAlgorithmID *id, SECOidTag which,
- SECItem *params)
-{
- SECOidData *oiddata;
- PRBool add_null_param;
-
- oiddata = SECOID_FindOIDByTag(which);
- if ( !oiddata ) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return SECFailure;
- }
-
- if (SECITEM_CopyItem(arena, &id->algorithm, &oiddata->oid))
- return SECFailure;
-
- switch (which) {
- case SEC_OID_MD2:
- case SEC_OID_MD4:
- case SEC_OID_MD5:
- case SEC_OID_SHA1:
- case SEC_OID_SHA256:
- case SEC_OID_SHA384:
- case SEC_OID_SHA512:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
- add_null_param = PR_TRUE;
- break;
- default:
- add_null_param = PR_FALSE;
- break;
- }
-
- if (params) {
- /*
- * I am specifically *not* enforcing the following assertion
- * (by following it up with an error and a return of failure)
- * because I do not want to introduce any change in the current
- * behavior. But I do want for us to notice if the following is
- * ever true, because I do not think it should be so and probably
- * signifies an error/bug somewhere.
- */
- PORT_Assert(!add_null_param || (params->len == 2
- && params->data[0] == SEC_ASN1_NULL
- && params->data[1] == 0));
- if (SECITEM_CopyItem(arena, &id->parameters, params)) {
- return SECFailure;
- }
- } else {
- /*
- * Again, this is not considered an error. But if we assume
- * that nobody tries to set the parameters field themselves
- * (but always uses this routine to do that), then we should
- * not hit the following assertion. Unless they forgot to zero
- * the structure, which could also be a bad (and wrong) thing.
- */
- PORT_Assert(id->parameters.data == NULL);
-
- if (add_null_param) {
- (void) SECITEM_AllocItem(arena, &id->parameters, 2);
- if (id->parameters.data == NULL) {
- return SECFailure;
- }
- id->parameters.data[0] = SEC_ASN1_NULL;
- id->parameters.data[1] = 0;
- }
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SECOID_CopyAlgorithmID(PRArenaPool *arena, SECAlgorithmID *to, SECAlgorithmID *from)
-{
- SECStatus rv;
-
- rv = SECITEM_CopyItem(arena, &to->algorithm, &from->algorithm);
- if (rv) return rv;
- rv = SECITEM_CopyItem(arena, &to->parameters, &from->parameters);
- return rv;
-}
-
-void SECOID_DestroyAlgorithmID(SECAlgorithmID *algid, PRBool freeit)
-{
- SECITEM_FreeItem(&algid->parameters, PR_FALSE);
- SECITEM_FreeItem(&algid->algorithm, PR_FALSE);
- if(freeit == PR_TRUE)
- PORT_Free(algid);
-}
-
-SECComparison
-SECOID_CompareAlgorithmID(SECAlgorithmID *a, SECAlgorithmID *b)
-{
- SECComparison rv;
-
- rv = SECITEM_CompareItem(&a->algorithm, &b->algorithm);
- if (rv) return rv;
- rv = SECITEM_CompareItem(&a->parameters, &b->parameters);
- return rv;
-}
-
-/* This functions simply returns the address of the above-declared template. */
-SEC_ASN1_CHOOSER_IMPLEMENT(SECOID_AlgorithmIDTemplate)
-
diff --git a/security/nss/lib/util/secasn1.h b/security/nss/lib/util/secasn1.h
deleted file mode 100644
index 0d78c49c4..000000000
--- a/security/nss/lib/util/secasn1.h
+++ /dev/null
@@ -1,289 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
- * Encoding Rules). The routines are found in and used extensively by the
- * security library, but exported for other use.
- *
- * $Id$
- */
-
-#ifndef _SECASN1_H_
-#define _SECASN1_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secasn1t.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * XXX These function prototypes need full, explanatory comments.
- */
-
-/*
-** Decoding.
-*/
-
-extern SEC_ASN1DecoderContext *SEC_ASN1DecoderStart(PRArenaPool *pool,
- void *dest,
- const SEC_ASN1Template *t);
-
-/* XXX char or unsigned char? */
-extern SECStatus SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
- const char *buf,
- unsigned long len);
-
-extern SECStatus SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx);
-
-extern void SEC_ASN1DecoderSetFilterProc(SEC_ASN1DecoderContext *cx,
- SEC_ASN1WriteProc fn,
- void *arg, PRBool no_store);
-
-extern void SEC_ASN1DecoderClearFilterProc(SEC_ASN1DecoderContext *cx);
-
-extern void SEC_ASN1DecoderSetNotifyProc(SEC_ASN1DecoderContext *cx,
- SEC_ASN1NotifyProc fn,
- void *arg);
-
-extern void SEC_ASN1DecoderClearNotifyProc(SEC_ASN1DecoderContext *cx);
-
-extern SECStatus SEC_ASN1Decode(PRArenaPool *pool, void *dest,
- const SEC_ASN1Template *t,
- const char *buf, long len);
-
-extern SECStatus SEC_ASN1DecodeItem(PRArenaPool *pool, void *dest,
- const SEC_ASN1Template *t,
- SECItem *item);
-
-extern SECStatus SEC_QuickDERDecodeItem(PRArenaPool* arena, void* dest,
- const SEC_ASN1Template* templateEntry,
- SECItem* src);
-
-/*
-** Encoding.
-*/
-
-extern SEC_ASN1EncoderContext *SEC_ASN1EncoderStart(const void *src,
- const SEC_ASN1Template *t,
- SEC_ASN1WriteProc fn,
- void *output_arg);
-
-/* XXX char or unsigned char? */
-extern SECStatus SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
- const char *buf,
- unsigned long len);
-
-extern void SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
- SEC_ASN1NotifyProc fn,
- void *arg);
-
-extern void SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx);
-
-extern void sec_ASN1EncoderSetDER(SEC_ASN1EncoderContext *cx);
-
-extern void sec_ASN1EncoderClearDER(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx);
-
-extern SECStatus SEC_ASN1Encode(const void *src, const SEC_ASN1Template *t,
- SEC_ASN1WriteProc output_proc,
- void *output_arg);
-
-extern SECItem * SEC_ASN1EncodeItem(PRArenaPool *pool, SECItem *dest,
- const void *src, const SEC_ASN1Template *t);
-
-extern SECItem * SEC_ASN1EncodeInteger(PRArenaPool *pool,
- SECItem *dest, long value);
-
-extern SECItem * SEC_ASN1EncodeUnsignedInteger(PRArenaPool *pool,
- SECItem *dest,
- unsigned long value);
-
-extern SECStatus SEC_ASN1DecodeInteger(SECItem *src,
- unsigned long *value);
-
-/*
-** Utilities.
-*/
-
-/*
- * We have a length that needs to be encoded; how many bytes will the
- * encoding take?
- */
-extern int SEC_ASN1LengthLength (unsigned long len);
-
-/* encode the length and return the number of bytes we encoded. Buffer
- * must be pre allocated */
-extern int SEC_ASN1EncodeLength(unsigned char *buf,int value);
-
-/*
- * Find the appropriate subtemplate for the given template.
- * This may involve calling a "chooser" function, or it may just
- * be right there. In either case, it is expected to *have* a
- * subtemplate; this is asserted in debug builds (in non-debug
- * builds, NULL will be returned).
- *
- * "thing" is a pointer to the structure being encoded/decoded
- * "encoding", when true, means that we are in the process of encoding
- * (as opposed to in the process of decoding)
- */
-extern const SEC_ASN1Template *
-SEC_ASN1GetSubtemplate (const SEC_ASN1Template *inTemplate, void *thing,
- PRBool encoding);
-
-/************************************************************************/
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- * - a pointer to each one of those
- * - a set of each one of those
- * - a sequence of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-extern const SEC_ASN1Template SEC_AnyTemplate[];
-extern const SEC_ASN1Template SEC_BitStringTemplate[];
-extern const SEC_ASN1Template SEC_BMPStringTemplate[];
-extern const SEC_ASN1Template SEC_BooleanTemplate[];
-extern const SEC_ASN1Template SEC_EnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_GeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_IA5StringTemplate[];
-extern const SEC_ASN1Template SEC_IntegerTemplate[];
-extern const SEC_ASN1Template SEC_NullTemplate[];
-extern const SEC_ASN1Template SEC_ObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_OctetStringTemplate[];
-extern const SEC_ASN1Template SEC_PrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_T61StringTemplate[];
-extern const SEC_ASN1Template SEC_UniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_UTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_UTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_VisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_PointerToAnyTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBitStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBooleanTemplate[];
-extern const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_PointerToIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToIntegerTemplate[];
-extern const SEC_ASN1Template SEC_PointerToNullTemplate[];
-extern const SEC_ASN1Template SEC_PointerToObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_PointerToOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToT61StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_SequenceOfAnyTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfNullTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_SetOfAnyTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBitStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBooleanTemplate[];
-extern const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_SetOfIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfIntegerTemplate[];
-extern const SEC_ASN1Template SEC_SetOfNullTemplate[];
-extern const SEC_ASN1Template SEC_SetOfObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_SetOfOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfT61StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[];
-
-/*
- * Template for skipping a subitem; this only makes sense when decoding.
- */
-extern const SEC_ASN1Template SEC_SkipTemplate[];
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_DECLARE(SEC_AnyTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BMPStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BooleanTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BitStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_GeneralizedTimeTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_IA5StringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_IntegerTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_NullTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_ObjectIDTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_UTCTimeTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_UTF8StringTemplate)
-
-SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToAnyTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToOctetStringTemplate)
-
-SEC_ASN1_CHOOSER_DECLARE(SEC_SetOfAnyTemplate)
-
-SEC_END_PROTOS
-#endif /* _SECASN1_H_ */
diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c
deleted file mode 100644
index 890ddddba..000000000
--- a/security/nss/lib/util/secasn1d.c
+++ /dev/null
@@ -1,3031 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for DEcoding ASN.1 data based on BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#include "secasn1.h"
-#include "secerr.h"
-
-typedef enum {
- beforeIdentifier,
- duringIdentifier,
- afterIdentifier,
- beforeLength,
- duringLength,
- afterLength,
- beforeBitString,
- duringBitString,
- duringConstructedString,
- duringGroup,
- duringLeaf,
- duringSaveEncoding,
- duringSequence,
- afterConstructedString,
- afterGroup,
- afterExplicit,
- afterImplicit,
- afterInline,
- afterPointer,
- afterSaveEncoding,
- beforeEndOfContents,
- duringEndOfContents,
- afterEndOfContents,
- beforeChoice,
- duringChoice,
- afterChoice,
- notInUse
-} sec_asn1d_parse_place;
-
-#ifdef DEBUG_ASN1D_STATES
-static const char *place_names[] = {
- "beforeIdentifier",
- "duringIdentifier",
- "afterIdentifier",
- "beforeLength",
- "duringLength",
- "afterLength",
- "beforeBitString",
- "duringBitString",
- "duringConstructedString",
- "duringGroup",
- "duringLeaf",
- "duringSaveEncoding",
- "duringSequence",
- "afterConstructedString",
- "afterGroup",
- "afterExplicit",
- "afterImplicit",
- "afterInline",
- "afterPointer",
- "afterSaveEncoding",
- "beforeEndOfContents",
- "duringEndOfContents",
- "afterEndOfContents",
- "beforeChoice",
- "duringChoice",
- "afterChoice",
- "notInUse"
-};
-#endif /* DEBUG_ASN1D_STATES */
-
-typedef enum {
- allDone,
- decodeError,
- keepGoing,
- needBytes
-} sec_asn1d_parse_status;
-
-struct subitem {
- const void *data;
- unsigned long len; /* only used for substrings */
- struct subitem *next;
-};
-
-typedef struct sec_asn1d_state_struct {
- SEC_ASN1DecoderContext *top;
- const SEC_ASN1Template *theTemplate;
- void *dest;
-
- void *our_mark; /* free on completion */
-
- struct sec_asn1d_state_struct *parent; /* aka prev */
- struct sec_asn1d_state_struct *child; /* aka next */
-
- sec_asn1d_parse_place place;
-
- /*
- * XXX explain the next fields as clearly as possible...
- */
- unsigned char found_tag_modifiers;
- unsigned char expect_tag_modifiers;
- unsigned long check_tag_mask;
- unsigned long found_tag_number;
- unsigned long expect_tag_number;
- unsigned long underlying_kind;
-
- unsigned long contents_length;
- unsigned long pending;
- unsigned long consumed;
-
- int depth;
-
- /*
- * Bit strings have their length adjusted -- the first octet of the
- * contents contains a value between 0 and 7 which says how many bits
- * at the end of the octets are not actually part of the bit string;
- * when parsing bit strings we put that value here because we need it
- * later, for adjustment of the length (when the whole string is done).
- */
- unsigned int bit_string_unused_bits;
-
- /*
- * The following are used for indefinite-length constructed strings.
- */
- struct subitem *subitems_head;
- struct subitem *subitems_tail;
-
- PRPackedBool
- allocate, /* when true, need to allocate the destination */
- endofcontents, /* this state ended up parsing end-of-contents octets */
- explicit, /* we are handling an explicit header */
- indefinite, /* the current item has indefinite-length encoding */
- missing, /* an optional field that was not present */
- optional, /* the template says this field may be omitted */
- substring; /* this is a substring of a constructed string */
-
-} sec_asn1d_state;
-
-#define IS_HIGH_TAG_NUMBER(n) ((n) == SEC_ASN1_HIGH_TAG_NUMBER)
-#define LAST_TAG_NUMBER_BYTE(b) (((b) & 0x80) == 0)
-#define TAG_NUMBER_BITS 7
-#define TAG_NUMBER_MASK 0x7f
-
-#define LENGTH_IS_SHORT_FORM(b) (((b) & 0x80) == 0)
-#define LONG_FORM_LENGTH(b) ((b) & 0x7f)
-
-#define HIGH_BITS(field,cnt) ((field) >> ((sizeof(field) * 8) - (cnt)))
-
-
-/*
- * An "outsider" will have an opaque pointer to this, created by calling
- * SEC_ASN1DecoderStart(). It will be passed back in to all subsequent
- * calls to SEC_ASN1DecoderUpdate(), and when done it is passed to
- * SEC_ASN1DecoderFinish().
- */
-struct sec_DecoderContext_struct {
- PRArenaPool *our_pool; /* for our internal allocs */
- PRArenaPool *their_pool; /* for destination structure allocs */
-#ifdef SEC_ASN1D_FREE_ON_ERROR /*
- * XXX see comment below (by same
- * ifdef) that explains why this
- * does not work (need more smarts
- * in order to free back to mark)
- */
- /*
- * XXX how to make their_mark work in the case where they do NOT
- * give us a pool pointer?
- */
- void *their_mark; /* free on error */
-#endif
-
- sec_asn1d_state *current;
- sec_asn1d_parse_status status;
-
- SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
- void *notify_arg; /* argument to notify_proc */
- PRBool during_notify; /* true during call to notify_proc */
-
- SEC_ASN1WriteProc filter_proc; /* pass field bytes to this */
- void *filter_arg; /* argument to that function */
- PRBool filter_only; /* do not allocate/store fields */
-};
-
-
-/*
- * XXX this is a fairly generic function that may belong elsewhere
- */
-static void *
-sec_asn1d_alloc (PRArenaPool *poolp, unsigned long len)
-{
- void *thing;
-
- if (poolp != NULL) {
- /*
- * Allocate from the pool.
- */
- thing = PORT_ArenaAlloc (poolp, len);
- } else {
- /*
- * Allocate generically.
- */
- thing = PORT_Alloc (len);
- }
-
- return thing;
-}
-
-
-/*
- * XXX this is a fairly generic function that may belong elsewhere
- */
-static void *
-sec_asn1d_zalloc (PRArenaPool *poolp, unsigned long len)
-{
- void *thing;
-
- thing = sec_asn1d_alloc (poolp, len);
- if (thing != NULL)
- PORT_Memset (thing, 0, len);
- return thing;
-}
-
-
-static sec_asn1d_state *
-sec_asn1d_push_state (SEC_ASN1DecoderContext *cx,
- const SEC_ASN1Template *theTemplate,
- void *dest, PRBool new_depth)
-{
- sec_asn1d_state *state, *new_state;
-
- state = cx->current;
-
- PORT_Assert (state == NULL || state->child == NULL);
-
- if (state != NULL) {
- PORT_Assert (state->our_mark == NULL);
- state->our_mark = PORT_ArenaMark (cx->our_pool);
- }
-
- new_state = (sec_asn1d_state*)sec_asn1d_zalloc (cx->our_pool,
- sizeof(*new_state));
- if (new_state == NULL) {
- cx->status = decodeError;
- if (state != NULL) {
- PORT_ArenaRelease(cx->our_pool, state->our_mark);
- state->our_mark = NULL;
- }
- return NULL;
- }
-
- new_state->top = cx;
- new_state->parent = state;
- new_state->theTemplate = theTemplate;
- new_state->place = notInUse;
- if (dest != NULL)
- new_state->dest = (char *)dest + theTemplate->offset;
-
- if (state != NULL) {
- new_state->depth = state->depth;
- if (new_depth)
- new_state->depth++;
- state->child = new_state;
- }
-
- cx->current = new_state;
- return new_state;
-}
-
-
-static void
-sec_asn1d_scrub_state (sec_asn1d_state *state)
-{
- /*
- * Some default "scrubbing".
- * XXX right set of initializations?
- */
- state->place = beforeIdentifier;
- state->endofcontents = PR_FALSE;
- state->indefinite = PR_FALSE;
- state->missing = PR_FALSE;
- PORT_Assert (state->consumed == 0);
-}
-
-
-static void
-sec_asn1d_notify_before (SEC_ASN1DecoderContext *cx, void *dest, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_TRUE, dest, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static void
-sec_asn1d_notify_after (SEC_ASN1DecoderContext *cx, void *dest, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_FALSE, dest, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static sec_asn1d_state *
-sec_asn1d_init_state_based_on_template (sec_asn1d_state *state)
-{
- PRBool explicit, optional, universal;
- unsigned char expect_tag_modifiers;
- unsigned long encode_kind, under_kind;
- unsigned long check_tag_mask, expect_tag_number;
-
-
- /* XXX Check that both of these tests are really needed/appropriate. */
- if (state == NULL || state->top->status == decodeError)
- return state;
-
- encode_kind = state->theTemplate->kind;
-
- if (encode_kind & SEC_ASN1_SAVE) {
- /*
- * This is a "magic" field that saves away all bytes, allowing
- * the immediately following field to still be decoded from this
- * same spot -- sort of a fork.
- */
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_SAVE);
- if (state->top->filter_only) {
- /*
- * If we are not storing, then we do not do the SAVE field
- * at all. Just move ahead to the "real" field instead,
- * doing the appropriate notify calls before and after.
- */
- sec_asn1d_notify_after (state->top, state->dest, state->depth);
- /*
- * Since we are not storing, allow for our current dest value
- * to be NULL. (This might not actually occur, but right now I
- * cannot convince myself one way or the other.) If it is NULL,
- * assume that our parent dest can help us out.
- */
- if (state->dest == NULL)
- state->dest = state->parent->dest;
- else
- state->dest = (char *)state->dest - state->theTemplate->offset;
- state->theTemplate++;
- if (state->dest != NULL)
- state->dest = (char *)state->dest + state->theTemplate->offset;
- sec_asn1d_notify_before (state->top, state->dest, state->depth);
- encode_kind = state->theTemplate->kind;
- PORT_Assert ((encode_kind & SEC_ASN1_SAVE) == 0);
- } else {
- sec_asn1d_scrub_state (state);
- state->place = duringSaveEncoding;
- state = sec_asn1d_push_state (state->top, SEC_AnyTemplate,
- state->dest, PR_FALSE);
- if (state != NULL)
- state = sec_asn1d_init_state_based_on_template (state);
- return state;
- }
- }
-
-
- universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_EXPLICIT;
-
- optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_OPTIONAL;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- encode_kind &= ~SEC_ASN1_DYNAMIC;
- encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
- if( encode_kind & SEC_ASN1_CHOICE ) {
-#if 0 /* XXX remove? */
- sec_asn1d_state *child = sec_asn1d_push_state(state->top, state->theTemplate, state->dest, PR_FALSE);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- child->allocate = state->allocate;
- child->place = beforeChoice;
- return child;
-#else
- state->place = beforeChoice;
- return state;
-#endif
- }
-
- if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal
- && !explicit)) {
- const SEC_ASN1Template *subt;
- void *dest;
- PRBool child_allocate;
-
- PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
-
- sec_asn1d_scrub_state (state);
- child_allocate = PR_FALSE;
-
- if (encode_kind & SEC_ASN1_POINTER) {
- /*
- * A POINTER means we need to allocate the destination for
- * this field. But, since it may also be an optional field,
- * we defer the allocation until later; we just record that
- * it needs to be done.
- *
- * There are two possible scenarios here -- one is just a
- * plain POINTER (kind of like INLINE, except with allocation)
- * and the other is an implicitly-tagged POINTER. We don't
- * need to do anything special here for the two cases, but
- * since the template definition can be tricky, we do check
- * that there are no extraneous bits set in encode_kind.
- *
- * XXX The same conditions which assert should set an error.
- */
- if (universal) {
- /*
- * "universal" means this entry is a standalone POINTER;
- * there should be no other bits set in encode_kind.
- */
- PORT_Assert (encode_kind == SEC_ASN1_POINTER);
- } else {
- /*
- * If we get here we have an implicitly-tagged field
- * that needs to be put into a POINTER. The subtemplate
- * will determine how to decode the field, but encode_kind
- * describes the (implicit) tag we are looking for.
- * The non-tag bits of encode_kind will be ignored by
- * the code below; none of them should be set, however,
- * except for the POINTER bit itself -- so check that.
- */
- PORT_Assert ((encode_kind & ~SEC_ASN1_TAG_MASK)
- == SEC_ASN1_POINTER);
- }
- if (!state->top->filter_only)
- child_allocate = PR_TRUE;
- dest = NULL;
- state->place = afterPointer;
- } else {
- dest = state->dest;
- if (encode_kind & SEC_ASN1_INLINE) {
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
- state->place = afterInline;
- } else {
- state->place = afterImplicit;
- }
- }
-
- state->optional = optional;
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->dest, PR_FALSE);
- state = sec_asn1d_push_state (state->top, subt, dest, PR_FALSE);
- if (state == NULL)
- return NULL;
-
- state->allocate = child_allocate;
-
- if (universal) {
- state = sec_asn1d_init_state_based_on_template (state);
- if (state != NULL) {
- /*
- * If this field is optional, we need to record that on
- * the pushed child so it won't fail if the field isn't
- * found. I can't think of a way that this new state
- * could already have optional set (which we would wipe
- * out below if our local optional is not set) -- but
- * just to be sure, assert that it isn't set.
- */
- PORT_Assert (!state->optional);
- state->optional = optional;
- }
- return state;
- }
-
- under_kind = state->theTemplate->kind;
- under_kind &= ~SEC_ASN1_MAY_STREAM;
- } else if (explicit) {
- /*
- * For explicit, we only need to match the encoding tag next,
- * then we will push another state to handle the entire inner
- * part. In this case, there is no underlying kind which plays
- * any part in the determination of the outer, explicit tag.
- * So we just set under_kind to 0, which is not a valid tag,
- * and the rest of the tag matching stuff should be okay.
- */
- under_kind = 0;
- } else {
- /*
- * Nothing special; the underlying kind and the given encoding
- * information are the same.
- */
- under_kind = encode_kind;
- }
-
- /* XXX is this the right set of bits to test here? */
- PORT_Assert ((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
- | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
-
- if (encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) {
- PORT_Assert (encode_kind == under_kind);
- if (encode_kind & SEC_ASN1_SKIP) {
- PORT_Assert (!optional);
- PORT_Assert (encode_kind == SEC_ASN1_SKIP);
- state->dest = NULL;
- }
- check_tag_mask = 0;
- expect_tag_modifiers = 0;
- expect_tag_number = 0;
- } else {
- check_tag_mask = SEC_ASN1_TAG_MASK;
- expect_tag_modifiers = (unsigned char)encode_kind & SEC_ASN1_TAG_MASK
- & ~SEC_ASN1_TAGNUM_MASK;
- /*
- * XXX This assumes only single-octet identifiers. To handle
- * the HIGH TAG form we would need to do some more work, especially
- * in how to specify them in the template, because right now we
- * do not provide a way to specify more *tag* bits in encode_kind.
- */
- expect_tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
- switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
- case SEC_ASN1_SET:
- /*
- * XXX A plain old SET (as opposed to a SET OF) is not implemented.
- * If it ever is, remove this assert...
- */
- PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
- /* fallthru */
- case SEC_ASN1_SEQUENCE:
- expect_tag_modifiers |= SEC_ASN1_CONSTRUCTED;
- break;
- case SEC_ASN1_BIT_STRING:
- case SEC_ASN1_BMP_STRING:
- case SEC_ASN1_GENERALIZED_TIME:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_UTC_TIME:
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- check_tag_mask &= ~SEC_ASN1_CONSTRUCTED;
- break;
- }
- }
-
- state->check_tag_mask = check_tag_mask;
- state->expect_tag_modifiers = expect_tag_modifiers;
- state->expect_tag_number = expect_tag_number;
- state->underlying_kind = under_kind;
- state->explicit = explicit;
- state->optional = optional;
-
- sec_asn1d_scrub_state (state);
-
- return state;
-}
-
-
-static unsigned long
-sec_asn1d_parse_identifier (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
- unsigned char tag_number;
-
- PORT_Assert (state->place == beforeIdentifier);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- byte = (unsigned char) *buf;
- tag_number = byte & SEC_ASN1_TAGNUM_MASK;
-
- if (IS_HIGH_TAG_NUMBER (tag_number)) {
- state->place = duringIdentifier;
- state->found_tag_number = 0;
- /*
- * Actually, we have no idea how many bytes are pending, but we
- * do know that it is at least 1. That is all we know; we have
- * to look at each byte to know if there is another, etc.
- */
- state->pending = 1;
- } else {
- if (byte == 0 && state->parent != NULL &&
- (state->parent->indefinite ||
- (
- (state->parent->place == afterImplicit ||
- state->parent->place == afterPointer)
- && state->parent->parent != NULL && state->parent->parent->indefinite
- )
- )
- ) {
- /*
- * Our parent has indefinite-length encoding, and the
- * entire tag found is 0, so it seems that we have hit the
- * end-of-contents octets. To handle this, we just change
- * our state to that which expects to get the bytes of the
- * end-of-contents octets and let that code re-read this byte
- * so that our categorization of field types is correct.
- * After that, our parent will then deal with everything else.
- */
- state->place = duringEndOfContents;
- state->pending = 2;
- state->found_tag_number = 0;
- state->found_tag_modifiers = 0;
- /*
- * We might be an optional field that is, as we now find out,
- * missing. Give our parent a clue that this happened.
- */
- if (state->optional)
- state->missing = PR_TRUE;
- return 0;
- }
- state->place = afterIdentifier;
- state->found_tag_number = tag_number;
- }
- state->found_tag_modifiers = byte & ~SEC_ASN1_TAGNUM_MASK;
-
- return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_identifier (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
- int count;
-
- PORT_Assert (state->pending == 1);
- PORT_Assert (state->place == duringIdentifier);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- count = 0;
-
- while (len && state->pending) {
- if (HIGH_BITS (state->found_tag_number, TAG_NUMBER_BITS) != 0) {
- /*
- * The given high tag number overflows our container;
- * just give up. This is not likely to *ever* happen.
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
-
- state->found_tag_number <<= TAG_NUMBER_BITS;
-
- byte = (unsigned char) buf[count++];
- state->found_tag_number |= (byte & TAG_NUMBER_MASK);
-
- len--;
- if (LAST_TAG_NUMBER_BYTE (byte))
- state->pending = 0;
- }
-
- if (state->pending == 0)
- state->place = afterIdentifier;
-
- return count;
-}
-
-
-static void
-sec_asn1d_confirm_identifier (sec_asn1d_state *state)
-{
- PRBool match;
-
- PORT_Assert (state->place == afterIdentifier);
-
- match = (PRBool)(((state->found_tag_modifiers & state->check_tag_mask)
- == state->expect_tag_modifiers)
- && ((state->found_tag_number & state->check_tag_mask)
- == state->expect_tag_number));
- if (match) {
- state->place = beforeLength;
- } else {
- if (state->optional) {
- state->missing = PR_TRUE;
- state->place = afterEndOfContents;
- } else {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- }
- }
-}
-
-
-static unsigned long
-sec_asn1d_parse_length (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
-
- PORT_Assert (state->place == beforeLength);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- /*
- * The default/likely outcome. It may get adjusted below.
- */
- state->place = afterLength;
-
- byte = (unsigned char) *buf;
-
- if (LENGTH_IS_SHORT_FORM (byte)) {
- state->contents_length = byte;
- } else {
- state->contents_length = 0;
- state->pending = LONG_FORM_LENGTH (byte);
- if (state->pending == 0) {
- state->indefinite = PR_TRUE;
- } else {
- state->place = duringLength;
- }
- }
-
- return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_length (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- int count;
-
- PORT_Assert (state->pending > 0);
- PORT_Assert (state->place == duringLength);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- count = 0;
-
- while (len && state->pending) {
- if (HIGH_BITS (state->contents_length, 8) != 0) {
- /*
- * The given full content length overflows our container;
- * just give up.
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
-
- state->contents_length <<= 8;
- state->contents_length |= (unsigned char) buf[count++];
-
- len--;
- state->pending--;
- }
-
- if (state->pending == 0)
- state->place = afterLength;
-
- return count;
-}
-
-
-static void
-sec_asn1d_prepare_for_contents (sec_asn1d_state *state)
-{
- SECItem *item;
- PRArenaPool *poolp;
- unsigned long alloc_len;
-
-
- /*
- * XXX I cannot decide if this allocation should exclude the case
- * where state->endofcontents is true -- figure it out!
- */
- if (state->allocate) {
- void *dest;
-
- PORT_Assert (state->dest == NULL);
- /*
- * We are handling a POINTER or a member of a GROUP, and need to
- * allocate for the data structure.
- */
- dest = sec_asn1d_zalloc (state->top->their_pool,
- state->theTemplate->size);
- if (dest == NULL) {
- state->top->status = decodeError;
- return;
- }
- state->dest = (char *)dest + state->theTemplate->offset;
-
- /*
- * For a member of a GROUP, our parent will later put the
- * pointer wherever it belongs. But for a POINTER, we need
- * to record the destination now, in case notify or filter
- * procs need access to it -- they cannot find it otherwise,
- * until it is too late (for one-pass processing).
- */
- if (state->parent->place == afterPointer) {
- void **placep;
-
- placep = state->parent->dest;
- *placep = dest;
- }
- }
-
- /*
- * Remember, length may be indefinite here! In that case,
- * both contents_length and pending will be zero.
- */
- state->pending = state->contents_length;
-
- /*
- * An EXPLICIT is nothing but an outer header, which we have
- * already parsed and accepted. Now we need to do the inner
- * header and its contents.
- */
- if (state->explicit) {
- state->place = afterExplicit;
- state = sec_asn1d_push_state (state->top,
- SEC_ASN1GetSubtemplate(state->theTemplate,
- state->dest,
- PR_FALSE),
- state->dest, PR_TRUE);
- if (state != NULL)
- state = sec_asn1d_init_state_based_on_template (state);
- return;
- }
-
- /*
- * For GROUP (SET OF, SEQUENCE OF), even if we know the length here
- * we cannot tell how many items we will end up with ... so push a
- * state that can keep track of "children" (the individual members
- * of the group; we will allocate as we go and put them all together
- * at the end.
- */
- if (state->underlying_kind & SEC_ASN1_GROUP) {
- /* XXX If this assertion holds (should be able to confirm it via
- * inspection, too) then move this code into the switch statement
- * below under cases SET_OF and SEQUENCE_OF; it will be cleaner.
- */
- PORT_Assert (state->underlying_kind == SEC_ASN1_SET_OF
- || state->underlying_kind == SEC_ASN1_SEQUENCE_OF
- || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF|SEC_ASN1_DYNAMIC)
- || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF|SEC_ASN1_DYNAMIC)
- );
- if (state->contents_length != 0 || state->indefinite) {
- const SEC_ASN1Template *subt;
-
- state->place = duringGroup;
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->dest,
- PR_FALSE);
- state = sec_asn1d_push_state (state->top, subt, NULL, PR_TRUE);
- if (state != NULL) {
- if (!state->top->filter_only)
- state->allocate = PR_TRUE; /* XXX propogate this? */
- /*
- * Do the "before" field notification for next in group.
- */
- sec_asn1d_notify_before (state->top, state->dest, state->depth);
- state = sec_asn1d_init_state_based_on_template (state);
- }
- } else {
- /*
- * A group of zero; we are done.
- * XXX Should we store a NULL here? Or set state to
- * afterGroup and let that code do it?
- */
- state->place = afterEndOfContents;
- }
- return;
- }
-
- switch (state->underlying_kind) {
- case SEC_ASN1_SEQUENCE:
- /*
- * We need to push a child to handle the individual fields.
- */
- state->place = duringSequence;
- state = sec_asn1d_push_state (state->top, state->theTemplate + 1,
- state->dest, PR_TRUE);
- if (state != NULL) {
- /*
- * Do the "before" field notification.
- */
- sec_asn1d_notify_before (state->top, state->dest, state->depth);
- state = sec_asn1d_init_state_based_on_template (state);
- }
- break;
-
- case SEC_ASN1_SET: /* XXX SET is not really implemented */
- /*
- * XXX A plain SET requires special handling; scanning of a
- * template to see where a field should go (because by definition,
- * they are not in any particular order, and you have to look at
- * each tag to disambiguate what the field is). We may never
- * implement this because in practice, it seems to be unused.
- */
- PORT_Assert(0);
- state->top->status = decodeError;
- break;
-
- case SEC_ASN1_NULL:
- /*
- * The NULL type, by definition, is "nothing", content length of zero.
- * An indefinite-length encoding is not alloweed.
- */
- if (state->contents_length || state->indefinite) {
- state->top->status = decodeError;
- break;
- }
- if (state->dest != NULL) {
- item = (SECItem *)(state->dest);
- item->data = NULL;
- item->len = 0;
- }
- state->place = afterEndOfContents;
- break;
-
- case SEC_ASN1_BMP_STRING:
- /* Error if length is not divisable by 2 */
- if (state->contents_length % 2) {
- state->top->status = decodeError;
- break;
- }
- /* otherwise, handle as other string types */
- goto regular_string_type;
-
- case SEC_ASN1_UNIVERSAL_STRING:
- /* Error if length is not divisable by 4 */
- if (state->contents_length % 4) {
- state->top->status = decodeError;
- break;
- }
- /* otherwise, handle as other string types */
- goto regular_string_type;
-
- case SEC_ASN1_SKIP:
- case SEC_ASN1_ANY:
- case SEC_ASN1_ANY_CONTENTS:
- /*
- * These are not (necessarily) strings, but they need nearly
- * identical handling (especially when we need to deal with
- * constructed sub-pieces), so we pretend they are.
- */
- /* fallthru */
-regular_string_type:
- case SEC_ASN1_BIT_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UTC_TIME:
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- /*
- * We are allocating for a primitive or a constructed string.
- * If it is a constructed string, it may also be indefinite-length.
- * If it is primitive, the length can (legally) be zero.
- * Our first order of business is to allocate the memory for
- * the string, if we can (if we know the length).
- */
- item = (SECItem *)(state->dest);
-
- /*
- * If the item is a definite-length constructed string, then
- * the contents_length is actually larger than what we need
- * (because it also counts each intermediate header which we
- * will be throwing away as we go), but it is a perfectly good
- * upper bound that we just allocate anyway, and then concat
- * as we go; we end up wasting a few extra bytes but save a
- * whole other copy.
- */
- alloc_len = state->contents_length;
- poolp = NULL; /* quiet compiler warnings about unused... */
-
- if (item == NULL || state->top->filter_only) {
- if (item != NULL) {
- item->data = NULL;
- item->len = 0;
- }
- alloc_len = 0;
- } else if (state->substring) {
- /*
- * If we are a substring of a constructed string, then we may
- * not have to allocate anything (because our parent, the
- * actual constructed string, did it for us). If we are a
- * substring and we *do* have to allocate, that means our
- * parent is an indefinite-length, so we allocate from our pool;
- * later our parent will copy our string into the aggregated
- * whole and free our pool allocation.
- */
- if (item->data == NULL) {
- PORT_Assert (item->len == 0);
- poolp = state->top->our_pool;
- } else {
- alloc_len = 0;
- }
- } else {
- item->len = 0;
- item->data = NULL;
- poolp = state->top->their_pool;
- }
-
- if (alloc_len || ((! state->indefinite)
- && (state->subitems_head != NULL))) {
- struct subitem *subitem;
- int len;
-
- PORT_Assert (item->len == 0 && item->data == NULL);
- /*
- * Check for and handle an ANY which has stashed aside the
- * header (identifier and length) bytes for us to include
- * in the saved contents.
- */
- if (state->subitems_head != NULL) {
- PORT_Assert (state->underlying_kind == SEC_ASN1_ANY);
- for (subitem = state->subitems_head;
- subitem != NULL; subitem = subitem->next)
- alloc_len += subitem->len;
- }
-
- item->data = (unsigned char*)sec_asn1d_zalloc (poolp, alloc_len);
- if (item->data == NULL) {
- state->top->status = decodeError;
- break;
- }
-
- len = 0;
- for (subitem = state->subitems_head;
- subitem != NULL; subitem = subitem->next) {
- PORT_Memcpy (item->data + len, subitem->data, subitem->len);
- len += subitem->len;
- }
- item->len = len;
-
- /*
- * Because we use arenas and have a mark set, we later free
- * everything we have allocated, so this does *not* present
- * a memory leak (it is just temporarily left dangling).
- */
- state->subitems_head = state->subitems_tail = NULL;
- }
-
- if (state->contents_length == 0 && (! state->indefinite)) {
- /*
- * A zero-length simple or constructed string; we are done.
- */
- state->place = afterEndOfContents;
- } else if (state->found_tag_modifiers & SEC_ASN1_CONSTRUCTED) {
- const SEC_ASN1Template *sub;
-
- switch (state->underlying_kind) {
- case SEC_ASN1_ANY:
- case SEC_ASN1_ANY_CONTENTS:
- sub = SEC_AnyTemplate;
- break;
- case SEC_ASN1_BIT_STRING:
- sub = SEC_BitStringTemplate;
- break;
- case SEC_ASN1_BMP_STRING:
- sub = SEC_BMPStringTemplate;
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- sub = SEC_GeneralizedTimeTemplate;
- break;
- case SEC_ASN1_IA5_STRING:
- sub = SEC_IA5StringTemplate;
- break;
- case SEC_ASN1_OCTET_STRING:
- sub = SEC_OctetStringTemplate;
- break;
- case SEC_ASN1_PRINTABLE_STRING:
- sub = SEC_PrintableStringTemplate;
- break;
- case SEC_ASN1_T61_STRING:
- sub = SEC_T61StringTemplate;
- break;
- case SEC_ASN1_UNIVERSAL_STRING:
- sub = SEC_UniversalStringTemplate;
- break;
- case SEC_ASN1_UTC_TIME:
- sub = SEC_UTCTimeTemplate;
- break;
- case SEC_ASN1_UTF8_STRING:
- sub = SEC_UTF8StringTemplate;
- break;
- case SEC_ASN1_VISIBLE_STRING:
- sub = SEC_VisibleStringTemplate;
- break;
- case SEC_ASN1_SKIP:
- sub = SEC_SkipTemplate;
- break;
- default: /* redundant given outer switch cases, but */
- PORT_Assert(0); /* the compiler does not seem to know that, */
- sub = NULL; /* so just do enough to quiet it. */
- break;
- }
-
- state->place = duringConstructedString;
- state = sec_asn1d_push_state (state->top, sub, item, PR_TRUE);
- if (state != NULL) {
- state->substring = PR_TRUE; /* XXX propogate? */
- state = sec_asn1d_init_state_based_on_template (state);
- }
- } else if (state->indefinite) {
- /*
- * An indefinite-length string *must* be constructed!
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- } else {
- /*
- * A non-zero-length simple string.
- */
- if (state->underlying_kind == SEC_ASN1_BIT_STRING)
- state->place = beforeBitString;
- else
- state->place = duringLeaf;
- }
- break;
-
- default:
- /*
- * We are allocating for a simple leaf item.
- */
- if (state->contents_length) {
- if (state->dest != NULL) {
- item = (SECItem *)(state->dest);
- item->len = 0;
- if (state->top->filter_only) {
- item->data = NULL;
- } else {
- item->data = (unsigned char*)
- sec_asn1d_zalloc (state->top->their_pool,
- state->contents_length);
- if (item->data == NULL) {
- state->top->status = decodeError;
- return;
- }
- }
- }
- state->place = duringLeaf;
- } else {
- /*
- * An indefinite-length or zero-length item is not allowed.
- * (All legal cases of such were handled above.)
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- }
- }
-}
-
-
-static void
-sec_asn1d_free_child (sec_asn1d_state *state, PRBool error)
-{
- if (state->child != NULL) {
- PORT_Assert (error || state->child->consumed == 0);
- PORT_Assert (state->our_mark != NULL);
- PORT_ArenaRelease (state->top->our_pool, state->our_mark);
- if (error && state->top->their_pool == NULL) {
- /*
- * XXX We need to free anything allocated.
- * At this point, we failed in the middle of decoding. But we
- * can't free the data we previously allocated with PR_Malloc
- * unless we keep track of every pointer. So instead we have a
- * memory leak when decoding fails half-way, unless an arena is
- * used. See bug 95311 .
- */
- }
- state->child = NULL;
- state->our_mark = NULL;
- } else {
- /*
- * It is important that we do not leave a mark unreleased/unmarked.
- * But I do not think we should ever have one set in this case, only
- * if we had a child (handled above). So check for that. If this
- * assertion should ever get hit, then we probably need to add code
- * here to release back to our_mark (and then set our_mark to NULL).
- */
- PORT_Assert (state->our_mark == NULL);
- }
- state->place = beforeEndOfContents;
-}
-
-
-static void
-sec_asn1d_reuse_encoding (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- unsigned long consumed;
- SECItem *item;
- void *dest;
-
-
- child = state->child;
- PORT_Assert (child != NULL);
-
- consumed = child->consumed;
- child->consumed = 0;
-
- item = (SECItem *)(state->dest);
- PORT_Assert (item != NULL);
-
- PORT_Assert (item->len == consumed);
-
- /*
- * Free any grandchild.
- */
- sec_asn1d_free_child (child, PR_FALSE);
-
- /*
- * Notify after the SAVE field.
- */
- sec_asn1d_notify_after (state->top, state->dest, state->depth);
-
- /*
- * Adjust to get new dest and move forward.
- */
- dest = (char *)state->dest - state->theTemplate->offset;
- state->theTemplate++;
- child->dest = (char *)dest + state->theTemplate->offset;
- child->theTemplate = state->theTemplate;
-
- /*
- * Notify before the "real" field.
- */
- PORT_Assert (state->depth == child->depth);
- sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
- /*
- * This will tell DecoderUpdate to return when it is done.
- */
- state->place = afterSaveEncoding;
-
- /*
- * We already have a child; "push" it by making it current.
- */
- state->top->current = child;
-
- /*
- * And initialize it so it is ready to parse.
- */
- (void) sec_asn1d_init_state_based_on_template(child);
-
- /*
- * Now parse that out of our data.
- */
- if (SEC_ASN1DecoderUpdate (state->top,
- (char *) item->data, item->len) != SECSuccess)
- return;
-
- PORT_Assert (state->top->current == state);
- PORT_Assert (state->child == child);
-
- /*
- * That should have consumed what we consumed before.
- */
- PORT_Assert (consumed == child->consumed);
- child->consumed = 0;
-
- /*
- * Done.
- */
- state->consumed += consumed;
- child->place = notInUse;
- state->place = afterEndOfContents;
-}
-
-
-static unsigned long
-sec_asn1d_parse_leaf (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- SECItem *item;
- unsigned long bufLen;
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- if (state->pending < len)
- len = state->pending;
-
- bufLen = len;
-
- item = (SECItem *)(state->dest);
- if (item != NULL && item->data != NULL) {
- /* Strip leading zeroes when target is unsigned integer */
- if (state->underlying_kind == SEC_ASN1_INTEGER && /* INTEGER */
- item->len == 0 && /* MSB */
- item->type == siUnsignedInteger) /* unsigned */
- {
- while (len > 1 && buf[0] == 0) { /* leading 0 */
- buf++;
- len--;
- }
- }
- PORT_Memcpy (item->data + item->len, buf, len);
- item->len += len;
- }
- state->pending -= bufLen;
- if (state->pending == 0)
- state->place = beforeEndOfContents;
-
- return bufLen;
-}
-
-
-static unsigned long
-sec_asn1d_parse_bit_string (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
-
- /*PORT_Assert (state->pending > 0); */
- PORT_Assert (state->place == beforeBitString);
-
- if (state->pending == 0) {
- if (state->dest != NULL) {
- SECItem *item = (SECItem *)(state->dest);
- item->data = NULL;
- item->len = 0;
- state->place = beforeEndOfContents;
- return 0;
- }
- }
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- byte = (unsigned char) *buf;
- if (byte > 7) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
-
- state->bit_string_unused_bits = byte;
- state->place = duringBitString;
- state->pending -= 1;
-
- return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_bit_string (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- PORT_Assert (state->pending > 0);
- PORT_Assert (state->place == duringBitString);
-
- len = sec_asn1d_parse_leaf (state, buf, len);
- if (state->place == beforeEndOfContents && state->dest != NULL) {
- SECItem *item;
-
- item = (SECItem *)(state->dest);
- if (item->len)
- item->len = (item->len << 3) - state->bit_string_unused_bits;
- }
-
- return len;
-}
-
-
-/*
- * XXX All callers should be looking at return value to detect
- * out-of-memory errors (and stop!).
- */
-static struct subitem *
-sec_asn1d_add_to_subitems (sec_asn1d_state *state,
- const void *data, unsigned long len,
- PRBool copy_data)
-{
- struct subitem *thing;
-
- thing = (struct subitem*)sec_asn1d_zalloc (state->top->our_pool,
- sizeof (struct subitem));
- if (thing == NULL) {
- state->top->status = decodeError;
- return NULL;
- }
-
- if (copy_data) {
- void *copy;
- copy = sec_asn1d_alloc (state->top->our_pool, len);
- if (copy == NULL) {
- state->top->status = decodeError;
- return NULL;
- }
- PORT_Memcpy (copy, data, len);
- thing->data = copy;
- } else {
- thing->data = data;
- }
- thing->len = len;
- thing->next = NULL;
-
- if (state->subitems_head == NULL) {
- PORT_Assert (state->subitems_tail == NULL);
- state->subitems_head = state->subitems_tail = thing;
- } else {
- state->subitems_tail->next = thing;
- state->subitems_tail = thing;
- }
-
- return thing;
-}
-
-
-static void
-sec_asn1d_record_any_header (sec_asn1d_state *state,
- const char *buf,
- unsigned long len)
-{
- SECItem *item;
-
- item = (SECItem *)(state->dest);
- if (item != NULL && item->data != NULL) {
- PORT_Assert (state->substring);
- PORT_Memcpy (item->data + item->len, buf, len);
- item->len += len;
- } else {
- sec_asn1d_add_to_subitems (state, buf, len, PR_TRUE);
- }
-}
-
-
-/*
- * We are moving along through the substrings of a constructed string,
- * and have just finished parsing one -- we need to save our child data
- * (if the child was not already writing directly into the destination)
- * and then move forward by one.
- *
- * We also have to detect when we are done:
- * - a definite-length encoding stops when our pending value hits 0
- * - an indefinite-length encoding stops when our child is empty
- * (which means it was the end-of-contents octets)
- */
-static void
-sec_asn1d_next_substring (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- SECItem *item;
- unsigned long child_consumed;
- PRBool done;
-
- PORT_Assert (state->place == duringConstructedString);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- child_consumed = child->consumed;
- child->consumed = 0;
- state->consumed += child_consumed;
-
- done = PR_FALSE;
-
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- if( child_consumed > state->pending ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
-
- state->pending -= child_consumed;
- if (state->pending == 0)
- done = PR_TRUE;
- } else {
- PORT_Assert (state->indefinite);
-
- item = (SECItem *)(child->dest);
- if (item != NULL && item->data != NULL) {
- /*
- * Save the string away for later concatenation.
- */
- PORT_Assert (item->data != NULL);
- sec_asn1d_add_to_subitems (state, item->data, item->len, PR_FALSE);
- /*
- * Clear the child item for the next round.
- */
- item->data = NULL;
- item->len = 0;
- }
-
- /*
- * If our child was just our end-of-contents octets, we are done.
- */
- if (child->endofcontents)
- done = PR_TRUE;
- }
-
- /*
- * Stop or do the next one.
- */
- if (done) {
- child->place = notInUse;
- state->place = afterConstructedString;
- } else {
- sec_asn1d_scrub_state (child);
- state->top->current = child;
- }
-}
-
-
-/*
- * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
- */
-static void
-sec_asn1d_next_in_group (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- unsigned long child_consumed;
-
- PORT_Assert (state->place == duringGroup);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- child_consumed = child->consumed;
- child->consumed = 0;
- state->consumed += child_consumed;
-
- /*
- * If our child was just our end-of-contents octets, we are done.
- */
- if (child->endofcontents) {
- /* XXX I removed the PORT_Assert (child->dest == NULL) because there
- * was a bug in that a template that was a sequence of which also had
- * a child of a sequence of, in an indefinite group was not working
- * properly. This fix seems to work, (added the if statement below),
- * and nothing appears broken, but I am putting this note here just
- * in case. */
- /*
- * XXX No matter how many times I read that comment,
- * I cannot figure out what case he was fixing. I believe what he
- * did was deliberate, so I am loathe to touch it. I need to
- * understand how it could ever be that child->dest != NULL but
- * child->endofcontents is true, and why it is important to check
- * that state->subitems_head is NULL. This really needs to be
- * figured out, as I am not sure if the following code should be
- * compensating for "offset", as is done a little farther below
- * in the more normal case.
- */
- PORT_Assert (state->indefinite);
- PORT_Assert (state->pending == 0);
- if(child->dest && !state->subitems_head) {
- sec_asn1d_add_to_subitems (state, child->dest, 0, PR_FALSE);
- child->dest = NULL;
- }
-
- child->place = notInUse;
- state->place = afterGroup;
- return;
- }
-
- /*
- * Do the "after" field notification for next in group.
- */
- sec_asn1d_notify_after (state->top, child->dest, child->depth);
-
- /*
- * Save it away (unless we are not storing).
- */
- if (child->dest != NULL) {
- void *dest;
-
- dest = child->dest;
- dest = (char *)dest - child->theTemplate->offset;
- sec_asn1d_add_to_subitems (state, dest, 0, PR_FALSE);
- child->dest = NULL;
- }
-
- /*
- * Account for those bytes; see if we are done.
- */
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- if( child_consumed > state->pending ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
-
- state->pending -= child_consumed;
- if (state->pending == 0) {
- child->place = notInUse;
- state->place = afterGroup;
- return;
- }
- }
-
- /*
- * Do the "before" field notification for next item in group.
- */
- sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
- /*
- * Now we do the next one.
- */
- sec_asn1d_scrub_state (child);
-
- /* Initialize child state from the template */
- sec_asn1d_init_state_based_on_template(child);
-
- state->top->current = child;
-}
-
-
-/*
- * We are moving along through a sequence; move forward by one,
- * (detecting end-of-sequence when it happens).
- * XXX The handling of "missing" is ugly. Fix it.
- */
-static void
-sec_asn1d_next_in_sequence (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- unsigned long child_consumed;
- PRBool child_missing;
-
- PORT_Assert (state->place == duringSequence);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- /*
- * Do the "after" field notification.
- */
- sec_asn1d_notify_after (state->top, child->dest, child->depth);
-
- child_missing = (PRBool) child->missing;
- child_consumed = child->consumed;
- child->consumed = 0;
-
- /*
- * Take care of accounting.
- */
- if (child_missing) {
- PORT_Assert (child->optional);
- } else {
- state->consumed += child_consumed;
- /*
- * Free any grandchild.
- */
- sec_asn1d_free_child (child, PR_FALSE);
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- if( child_consumed > state->pending ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- state->pending -= child_consumed;
- if (state->pending == 0) {
- child->theTemplate++;
- while (child->theTemplate->kind != 0) {
- if ((child->theTemplate->kind & SEC_ASN1_OPTIONAL) == 0) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- child->theTemplate++;
- }
- child->place = notInUse;
- state->place = afterEndOfContents;
- return;
- }
- }
- }
-
- /*
- * Move forward.
- */
- child->theTemplate++;
- if (child->theTemplate->kind == 0) {
- /*
- * We are done with this sequence.
- */
- child->place = notInUse;
- if (state->pending) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- } else if (child_missing) {
- /*
- * We got to the end, but have a child that started parsing
- * and ended up "missing". The only legitimate reason for
- * this is that we had one or more optional fields at the
- * end of our sequence, and we were encoded indefinite-length,
- * so when we went looking for those optional fields we
- * found our end-of-contents octets instead.
- * (Yes, this is ugly; dunno a better way to handle it.)
- * So, first confirm the situation, and then mark that we
- * are done.
- */
- if (state->indefinite && child->endofcontents) {
- PORT_Assert (child_consumed == 2);
- if( child_consumed != 2 ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- } else {
- state->consumed += child_consumed;
- state->place = afterEndOfContents;
- }
- } else {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- }
- } else {
- /*
- * We have to finish out, maybe reading end-of-contents octets;
- * let the normal logic do the right thing.
- */
- state->place = beforeEndOfContents;
- }
- } else {
- unsigned char child_found_tag_modifiers = 0;
- unsigned long child_found_tag_number = 0;
-
- /*
- * Reset state and push.
- */
- if (state->dest != NULL)
- child->dest = (char *)state->dest + child->theTemplate->offset;
-
- /*
- * Do the "before" field notification.
- */
- sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
- if (child_missing) { /* if previous child was missing, copy the tag data we already have */
- child_found_tag_modifiers = child->found_tag_modifiers;
- child_found_tag_number = child->found_tag_number;
- }
- state->top->current = child;
- child = sec_asn1d_init_state_based_on_template (child);
- if (child_missing) {
- child->place = afterIdentifier;
- child->found_tag_modifiers = child_found_tag_modifiers;
- child->found_tag_number = child_found_tag_number;
- child->consumed = child_consumed;
- if (child->underlying_kind == SEC_ASN1_ANY
- && !child->top->filter_only) {
- /*
- * If the new field is an ANY, and we are storing, then
- * we need to save the tag out. We would have done this
- * already in the normal case, but since we were looking
- * for an optional field, and we did not find it, we only
- * now realize we need to save the tag.
- */
- unsigned char identifier;
-
- /*
- * Check that we did not end up with a high tag; for that
- * we need to re-encode the tag into multiple bytes in order
- * to store it back to look like what we parsed originally.
- * In practice this does not happen, but for completeness
- * sake it should probably be made to work at some point.
- */
- PORT_Assert (child_found_tag_number < SEC_ASN1_HIGH_TAG_NUMBER);
- identifier = (unsigned char)(child_found_tag_modifiers | child_found_tag_number);
- sec_asn1d_record_any_header (child, (char *) &identifier, 1);
- }
- }
- }
-}
-
-
-static void
-sec_asn1d_concat_substrings (sec_asn1d_state *state)
-{
- PORT_Assert (state->place == afterConstructedString);
-
- if (state->subitems_head != NULL) {
- struct subitem *substring;
- unsigned long alloc_len, item_len;
- unsigned char *where;
- SECItem *item;
- PRBool is_bit_string;
-
- item_len = 0;
- is_bit_string = (state->underlying_kind == SEC_ASN1_BIT_STRING)
- ? PR_TRUE : PR_FALSE;
-
- substring = state->subitems_head;
- while (substring != NULL) {
- /*
- * All bit-string substrings except the last one should be
- * a clean multiple of 8 bits.
- */
- if (is_bit_string && (substring->next == NULL)
- && (substring->len & 0x7)) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- item_len += substring->len;
- substring = substring->next;
- }
-
- if (is_bit_string) {
-#ifdef XP_WIN16 /* win16 compiler gets an internal error otherwise */
- alloc_len = (((long)item_len + 7) / 8);
-#else
- alloc_len = ((item_len + 7) >> 3);
-#endif
- } else {
- /*
- * Add 2 for the end-of-contents octets of an indefinite-length
- * ANY that is *not* also an INNER. Because we zero-allocate
- * below, all we need to do is increase the length here.
- */
- if (state->underlying_kind == SEC_ASN1_ANY && state->indefinite)
- item_len += 2;
- alloc_len = item_len;
- }
-
- item = (SECItem *)(state->dest);
- PORT_Assert (item != NULL);
- PORT_Assert (item->data == NULL);
- item->data = (unsigned char*)sec_asn1d_zalloc (state->top->their_pool,
- alloc_len);
- if (item->data == NULL) {
- state->top->status = decodeError;
- return;
- }
- item->len = item_len;
-
- where = item->data;
- substring = state->subitems_head;
- while (substring != NULL) {
- if (is_bit_string)
- item_len = (substring->len + 7) >> 3;
- else
- item_len = substring->len;
- PORT_Memcpy (where, substring->data, item_len);
- where += item_len;
- substring = substring->next;
- }
-
- /*
- * Because we use arenas and have a mark set, we later free
- * everything we have allocated, so this does *not* present
- * a memory leak (it is just temporarily left dangling).
- */
- state->subitems_head = state->subitems_tail = NULL;
- }
-
- state->place = afterEndOfContents;
-}
-
-
-static void
-sec_asn1d_concat_group (sec_asn1d_state *state)
-{
- const void ***placep;
-
- PORT_Assert (state->place == afterGroup);
-
- placep = (const void***)state->dest;
- if (state->subitems_head != NULL) {
- struct subitem *item;
- const void **group;
- int count;
-
- count = 0;
- item = state->subitems_head;
- while (item != NULL) {
- PORT_Assert (item->next != NULL || item == state->subitems_tail);
- count++;
- item = item->next;
- }
-
- group = (const void**)sec_asn1d_zalloc (state->top->their_pool,
- (count + 1) * (sizeof(void *)));
- if (group == NULL) {
- state->top->status = decodeError;
- return;
- }
-
- PORT_Assert (placep != NULL);
- *placep = group;
-
- item = state->subitems_head;
- while (item != NULL) {
- *group++ = item->data;
- item = item->next;
- }
- *group = NULL;
-
- /*
- * Because we use arenas and have a mark set, we later free
- * everything we have allocated, so this does *not* present
- * a memory leak (it is just temporarily left dangling).
- */
- state->subitems_head = state->subitems_tail = NULL;
- } else if (placep != NULL) {
- *placep = NULL;
- }
-
- state->place = afterEndOfContents;
-}
-
-
-/*
- * For those states that push a child to handle a subtemplate,
- * "absorb" that child (transfer necessary information).
- */
-static void
-sec_asn1d_absorb_child (sec_asn1d_state *state)
-{
- /*
- * There is absolutely supposed to be a child there.
- */
- PORT_Assert (state->child != NULL);
-
- /*
- * Inherit the missing status of our child, and do the ugly
- * backing-up if necessary.
- * (Only IMPLICIT or POINTER should encounter such; all other cases
- * should have confirmed a tag *before* pushing a child.)
- */
- state->missing = state->child->missing;
- if (state->missing) {
- PORT_Assert (state->place == afterImplicit
- || state->place == afterPointer);
- state->found_tag_number = state->child->found_tag_number;
- state->found_tag_modifiers = state->child->found_tag_modifiers;
- state->endofcontents = state->child->endofcontents;
- }
-
- /*
- * Add in number of bytes consumed by child.
- * (Only EXPLICIT should have already consumed bytes itself.)
- */
- PORT_Assert (state->place == afterExplicit || state->consumed == 0);
- state->consumed += state->child->consumed;
-
- /*
- * Subtract from bytes pending; this only applies to a definite-length
- * EXPLICIT field.
- */
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- PORT_Assert (state->place == afterExplicit);
-
- /*
- * If we had a definite-length explicit, then what the child
- * consumed should be what was left pending.
- */
- if (state->pending != state->child->consumed) {
- if (state->pending < state->child->consumed) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- /*
- * Okay, this is a hack. It *should* be an error whether
- * pending is too big or too small, but it turns out that
- * we had a bug in our *old* DER encoder that ended up
- * counting an explicit header twice in the case where
- * the underlying type was an ANY. So, because we cannot
- * prevent receiving these (our own certificate server can
- * send them to us), we need to be lenient and accept them.
- * To do so, we need to pretend as if we read all of the
- * bytes that the header said we would find, even though
- * we actually came up short.
- */
- state->consumed += (state->pending - state->child->consumed);
- }
- state->pending = 0;
- }
-
- /*
- * Indicate that we are done with child.
- */
- state->child->consumed = 0;
-
- /*
- * And move on to final state.
- * (Technically everybody could move to afterEndOfContents except
- * for an indefinite-length EXPLICIT; for simplicity though we assert
- * that but let the end-of-contents code do the real determination.)
- */
- PORT_Assert (state->place == afterExplicit || (! state->indefinite));
- state->place = beforeEndOfContents;
-}
-
-
-static void
-sec_asn1d_prepare_for_end_of_contents (sec_asn1d_state *state)
-{
- PORT_Assert (state->place == beforeEndOfContents);
-
- if (state->indefinite) {
- state->place = duringEndOfContents;
- state->pending = 2;
- } else {
- state->place = afterEndOfContents;
- }
-}
-
-
-static unsigned long
-sec_asn1d_parse_end_of_contents (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned int i;
-
- PORT_Assert (state->pending <= 2);
- PORT_Assert (state->place == duringEndOfContents);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- if (state->pending < len)
- len = state->pending;
-
- for (i = 0; i < len; i++) {
- if (buf[i] != 0) {
- /*
- * We expect to find only zeros; if not, just give up.
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
- }
-
- state->pending -= len;
-
- if (state->pending == 0) {
- state->place = afterEndOfContents;
- state->endofcontents = PR_TRUE;
- }
-
- return len;
-}
-
-
-static void
-sec_asn1d_pop_state (sec_asn1d_state *state)
-{
-#if 0 /* XXX I think this should always be handled explicitly by parent? */
- /*
- * Account for our child.
- */
- if (state->child != NULL) {
- state->consumed += state->child->consumed;
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- if( state->child->consumed > state->pending ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- } else {
- state->pending -= state->child->consumed;
- }
- }
- state->child->consumed = 0;
- }
-#endif /* XXX */
-
- /*
- * Free our child.
- */
- sec_asn1d_free_child (state, PR_FALSE);
-
- /*
- * Just make my parent be the current state. It will then clean
- * up after me and free me (or reuse me).
- */
- state->top->current = state->parent;
-}
-
-static sec_asn1d_state *
-sec_asn1d_before_choice
-(
- sec_asn1d_state *state
-)
-{
- sec_asn1d_state *child;
-
- if( state->allocate ) {
- void *dest;
-
- dest = sec_asn1d_zalloc(state->top->their_pool, state->theTemplate->size);
- if( (void *)NULL == dest ) {
- state->top->status = decodeError;
- return (sec_asn1d_state *)NULL;
- }
-
- state->dest = (char *)dest + state->theTemplate->offset;
- }
-
- child = sec_asn1d_push_state(state->top, state->theTemplate + 1,
- state->dest, PR_FALSE);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- sec_asn1d_scrub_state(child);
- child = sec_asn1d_init_state_based_on_template(child);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- child->optional = PR_TRUE;
-
- state->place = duringChoice;
-
- return child;
-}
-
-static sec_asn1d_state *
-sec_asn1d_during_choice
-(
- sec_asn1d_state *state
-)
-{
- sec_asn1d_state *child = state->child;
-
- PORT_Assert((sec_asn1d_state *)NULL != child);
-
- if( child->missing ) {
- unsigned char child_found_tag_modifiers = 0;
- unsigned long child_found_tag_number = 0;
-
- child->theTemplate++;
-
- if( 0 == child->theTemplate->kind ) {
- /* Ran out of choices */
- PORT_SetError(SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return (sec_asn1d_state *)NULL;
- }
-
- state->consumed += child->consumed;
-
- /* cargo'd from next_in_sequence innards */
- if( state->pending ) {
- PORT_Assert(!state->indefinite);
- if( child->consumed > state->pending ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return NULL;
- }
- state->pending -= child->consumed;
- if( 0 == state->pending ) {
- /* XXX uh.. not sure if I should have stopped this
- * from happening before. */
- PORT_Assert(0);
- PORT_SetError(SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return (sec_asn1d_state *)NULL;
- }
- }
-
- child->consumed = 0;
- sec_asn1d_scrub_state(child);
-
- /* move it on top again */
- state->top->current = child;
-
- child_found_tag_modifiers = child->found_tag_modifiers;
- child_found_tag_number = child->found_tag_number;
-
- child = sec_asn1d_init_state_based_on_template(child);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- /* copy our findings to the new top */
- child->found_tag_modifiers = child_found_tag_modifiers;
- child->found_tag_number = child_found_tag_number;
-
- child->optional = PR_TRUE;
- child->place = afterIdentifier;
-
- return child;
- } else {
- if( (void *)NULL != state->dest ) {
- /* Store the enum */
- int *which = (int *)((char *)state->dest + state->theTemplate->offset);
- *which = (int)child->theTemplate->size;
- }
-
- child->place = notInUse;
-
- state->place = afterChoice;
- return state;
- }
-}
-
-static void
-sec_asn1d_after_choice
-(
- sec_asn1d_state *state
-)
-{
- state->consumed += state->child->consumed;
- state->child->consumed = 0;
- state->place = afterEndOfContents;
- sec_asn1d_pop_state(state);
-}
-
-unsigned long
-sec_asn1d_uinteger(SECItem *src)
-{
- unsigned long value;
- int len;
-
- if (src->len > 5 || (src->len > 4 && src->data[0] == 0))
- return 0;
-
- value = 0;
- len = src->len;
- while (len) {
- value <<= 8;
- value |= src->data[--len];
- }
- return value;
-}
-
-SECStatus
-SEC_ASN1DecodeInteger(SECItem *src, unsigned long *value)
-{
- unsigned long v;
- unsigned int i;
-
- if (src == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (src->len > sizeof(unsigned long)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (src->data == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (src->data[0] & 0x80)
- v = -1; /* signed and negative - start with all 1's */
- else
- v = 0;
-
- for (i= 0; i < src->len; i++) {
- /* shift in next byte */
- v <<= 8;
- v |= src->data[i];
- }
- *value = v;
- return SECSuccess;
-}
-
-#ifdef DEBUG_ASN1D_STATES
-static void
-dump_states
-(
- SEC_ASN1DecoderContext *cx
-)
-{
- sec_asn1d_state *state;
-
- for( state = cx->current; state->parent; state = state->parent ) {
- ;
- }
-
- for( ; state; state = state->child ) {
- int i;
- for( i = 0; i < state->depth; i++ ) {
- printf(" ");
- }
-
- printf("%s: template[0]->kind = 0x%02x, expect tag number = 0x%02x\n",
- (state == cx->current) ? "STATE" : "State",
- state->theTemplate->kind, state->expect_tag_number);
- }
-
- return;
-}
-#endif /* DEBUG_ASN1D_STATES */
-
-SECStatus
-SEC_ASN1DecoderUpdate (SEC_ASN1DecoderContext *cx,
- const char *buf, unsigned long len)
-{
- sec_asn1d_state *state = NULL;
- unsigned long consumed;
- SEC_ASN1EncodingPart what;
- sec_asn1d_state *stateEnd = cx->current;
-
- if (cx->status == needBytes)
- cx->status = keepGoing;
-
- while (cx->status == keepGoing) {
- state = cx->current;
- what = SEC_ASN1_Contents;
- consumed = 0;
-#ifdef DEBUG_ASN1D_STATES
- printf("\nPLACE = %s, next byte = 0x%02x\n",
- (state->place >= 0 && state->place <= notInUse) ?
- place_names[ state->place ] : "(undefined)",
- (unsigned int)((unsigned char *)buf)[ consumed ]);
- dump_states(cx);
-#endif /* DEBUG_ASN1D_STATES */
- switch (state->place) {
- case beforeIdentifier:
- consumed = sec_asn1d_parse_identifier (state, buf, len);
- what = SEC_ASN1_Identifier;
- break;
- case duringIdentifier:
- consumed = sec_asn1d_parse_more_identifier (state, buf, len);
- what = SEC_ASN1_Identifier;
- break;
- case afterIdentifier:
- sec_asn1d_confirm_identifier (state);
- break;
- case beforeLength:
- consumed = sec_asn1d_parse_length (state, buf, len);
- what = SEC_ASN1_Length;
- break;
- case duringLength:
- consumed = sec_asn1d_parse_more_length (state, buf, len);
- what = SEC_ASN1_Length;
- break;
- case afterLength:
- sec_asn1d_prepare_for_contents (state);
- break;
- case beforeBitString:
- consumed = sec_asn1d_parse_bit_string (state, buf, len);
- break;
- case duringBitString:
- consumed = sec_asn1d_parse_more_bit_string (state, buf, len);
- break;
- case duringConstructedString:
- sec_asn1d_next_substring (state);
- break;
- case duringGroup:
- sec_asn1d_next_in_group (state);
- break;
- case duringLeaf:
- consumed = sec_asn1d_parse_leaf (state, buf, len);
- break;
- case duringSaveEncoding:
- sec_asn1d_reuse_encoding (state);
- break;
- case duringSequence:
- sec_asn1d_next_in_sequence (state);
- break;
- case afterConstructedString:
- sec_asn1d_concat_substrings (state);
- break;
- case afterExplicit:
- case afterImplicit:
- case afterInline:
- case afterPointer:
- sec_asn1d_absorb_child (state);
- break;
- case afterGroup:
- sec_asn1d_concat_group (state);
- break;
- case afterSaveEncoding:
- /* XXX comment! */
- return SECSuccess;
- case beforeEndOfContents:
- sec_asn1d_prepare_for_end_of_contents (state);
- break;
- case duringEndOfContents:
- consumed = sec_asn1d_parse_end_of_contents (state, buf, len);
- what = SEC_ASN1_EndOfContents;
- break;
- case afterEndOfContents:
- sec_asn1d_pop_state (state);
- break;
- case beforeChoice:
- state = sec_asn1d_before_choice(state);
- break;
- case duringChoice:
- state = sec_asn1d_during_choice(state);
- break;
- case afterChoice:
- sec_asn1d_after_choice(state);
- break;
- case notInUse:
- default:
- /* This is not an error, but rather a plain old BUG! */
- PORT_Assert (0);
- PORT_SetError (SEC_ERROR_BAD_DER);
- cx->status = decodeError;
- break;
- }
-
- if (cx->status == decodeError)
- break;
-
- /* We should not consume more than we have. */
- PORT_Assert (consumed <= len);
- if( consumed > len ) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- cx->status = decodeError;
- break;
- }
-
- /* It might have changed, so we have to update our local copy. */
- state = cx->current;
-
- /* If it is NULL, we have popped all the way to the top. */
- if (state == NULL) {
- PORT_Assert (consumed == 0);
-#if 0 /* XXX I want this here, but it seems that we have situations (like
- * downloading a pkcs7 cert chain from some issuers) that give us a
- * length which is greater than the entire encoding. So, we cannot
- * have this be an error.
- */
- if (len > 0)
- cx->status = decodeError;
- else
-#endif
- cx->status = allDone;
- break;
- }
- else if (state->theTemplate->kind == SEC_ASN1_SKIP_REST) {
- cx->status = allDone;
- break;
- }
-
- if (consumed == 0)
- continue;
-
- /*
- * The following check is specifically looking for an ANY
- * that is *not* also an INNER, because we need to save aside
- * all bytes in that case -- the contents parts will get
- * handled like all other contents, and the end-of-contents
- * bytes are added by the concat code, but the outer header
- * bytes need to get saved too, so we do them explicitly here.
- */
- if (state->underlying_kind == SEC_ASN1_ANY
- && !cx->filter_only && (what == SEC_ASN1_Identifier
- || what == SEC_ASN1_Length)) {
- sec_asn1d_record_any_header (state, buf, consumed);
- }
-
- /*
- * We had some number of good, accepted bytes. If the caller
- * has registered to see them, pass them along.
- */
- if (state->top->filter_proc != NULL) {
- int depth;
-
- depth = state->depth;
- if (what == SEC_ASN1_EndOfContents && !state->indefinite) {
- PORT_Assert (state->parent != NULL
- && state->parent->indefinite);
- depth--;
- PORT_Assert (depth == state->parent->depth);
- }
- (* state->top->filter_proc) (state->top->filter_arg,
- buf, consumed, depth, what);
- }
-
- state->consumed += consumed;
- buf += consumed;
- len -= consumed;
- }
-
- if (cx->status == decodeError) {
- while (state != NULL && stateEnd->parent!=state) {
- sec_asn1d_free_child (state, PR_TRUE);
- state = state->parent;
- }
-#ifdef SEC_ASN1D_FREE_ON_ERROR /*
- * XXX This does not work because we can
- * end up leaving behind dangling pointers
- * to stuff that was allocated. In order
- * to make this really work (which would
- * be a good thing, I think), we need to
- * keep track of every place/pointer that
- * was allocated and make sure to NULL it
- * out before we then free back to the mark.
- */
- if (cx->their_pool != NULL) {
- PORT_Assert (cx->their_mark != NULL);
- PORT_ArenaRelease (cx->their_pool, cx->their_mark);
- }
-#endif
- return SECFailure;
- }
-
-#if 0 /* XXX This is what I want, but cannot have because it seems we
- * have situations (like when downloading a pkcs7 cert chain from
- * some issuers) that give us a total length which is greater than
- * the entire encoding. So, we have to allow allDone to have a
- * remaining length greater than zero. I wanted to catch internal
- * bugs with this, noticing when we do not have the right length.
- * Oh well.
- */
- PORT_Assert (len == 0
- && (cx->status == needBytes || cx->status == allDone));
-#else
- PORT_Assert ((len == 0 && cx->status == needBytes)
- || cx->status == allDone);
-#endif
- return SECSuccess;
-}
-
-
-SECStatus
-SEC_ASN1DecoderFinish (SEC_ASN1DecoderContext *cx)
-{
- SECStatus rv;
-
- if (cx->status == needBytes) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- rv = SECFailure;
- } else {
- rv = SECSuccess;
- }
-
- /*
- * XXX anything else that needs to be finished?
- */
-
- PORT_FreeArena (cx->our_pool, PR_FALSE);
-
- return rv;
-}
-
-
-SEC_ASN1DecoderContext *
-SEC_ASN1DecoderStart (PRArenaPool *their_pool, void *dest,
- const SEC_ASN1Template *theTemplate)
-{
- PRArenaPool *our_pool;
- SEC_ASN1DecoderContext *cx;
-
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL)
- return NULL;
-
- cx = (SEC_ASN1DecoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
- if (cx == NULL) {
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- cx->our_pool = our_pool;
- if (their_pool != NULL) {
- cx->their_pool = their_pool;
-#ifdef SEC_ASN1D_FREE_ON_ERROR
- cx->their_mark = PORT_ArenaMark (their_pool);
-#endif
- }
-
- cx->status = needBytes;
-
- if (sec_asn1d_push_state(cx, theTemplate, dest, PR_FALSE) == NULL
- || sec_asn1d_init_state_based_on_template (cx->current) == NULL) {
- /*
- * Trouble initializing (probably due to failed allocations)
- * requires that we just give up.
- */
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- return cx;
-}
-
-
-void
-SEC_ASN1DecoderSetFilterProc (SEC_ASN1DecoderContext *cx,
- SEC_ASN1WriteProc fn, void *arg,
- PRBool only)
-{
- /* check that we are "between" fields here */
- PORT_Assert (cx->during_notify);
-
- cx->filter_proc = fn;
- cx->filter_arg = arg;
- cx->filter_only = only;
-}
-
-
-void
-SEC_ASN1DecoderClearFilterProc (SEC_ASN1DecoderContext *cx)
-{
- /* check that we are "between" fields here */
- PORT_Assert (cx->during_notify);
-
- cx->filter_proc = NULL;
- cx->filter_arg = NULL;
- cx->filter_only = PR_FALSE;
-}
-
-
-void
-SEC_ASN1DecoderSetNotifyProc (SEC_ASN1DecoderContext *cx,
- SEC_ASN1NotifyProc fn, void *arg)
-{
- cx->notify_proc = fn;
- cx->notify_arg = arg;
-}
-
-
-void
-SEC_ASN1DecoderClearNotifyProc (SEC_ASN1DecoderContext *cx)
-{
- cx->notify_proc = NULL;
- cx->notify_arg = NULL; /* not necessary; just being clean */
-}
-
-
-SECStatus
-SEC_ASN1Decode (PRArenaPool *poolp, void *dest,
- const SEC_ASN1Template *theTemplate,
- const char *buf, long len)
-{
- SEC_ASN1DecoderContext *dcx;
- SECStatus urv, frv;
-
- dcx = SEC_ASN1DecoderStart (poolp, dest, theTemplate);
- if (dcx == NULL)
- return SECFailure;
-
- urv = SEC_ASN1DecoderUpdate (dcx, buf, len);
- frv = SEC_ASN1DecoderFinish (dcx);
-
- if (urv != SECSuccess)
- return urv;
-
- return frv;
-}
-
-
-SECStatus
-SEC_ASN1DecodeItem (PRArenaPool *poolp, void *dest,
- const SEC_ASN1Template *theTemplate,
- SECItem *item)
-{
- return SEC_ASN1Decode (poolp, dest, theTemplate,
- (char *) item->data, item->len);
-}
-
-
-/*
- * Generic templates for individual/simple items and pointers to
- * and sets of same.
- *
- * If you need to add a new one, please note the following:
- * - For each new basic type you should add *four* templates:
- * one plain, one PointerTo, one SequenceOf and one SetOf.
- * - If the new type can be constructed (meaning, it is a
- * *string* type according to BER/DER rules), then you should
- * or-in SEC_ASN1_MAY_STREAM to the type in the basic template.
- * See the definition of the OctetString template for an example.
- * - It may not be obvious, but these are in *alphabetical*
- * order based on the SEC_ASN1_XXX name; so put new ones in
- * the appropriate place.
- */
-
-const SEC_ASN1Template SEC_AnyTemplate[] = {
- { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToAnyTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfAnyTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfAnyTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_BitStringTemplate[] = {
- { SEC_ASN1_BIT_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBitStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBitStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_BMPStringTemplate[] = {
- { SEC_ASN1_BMP_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBMPStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBMPStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_BooleanTemplate[] = {
- { SEC_ASN1_BOOLEAN, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBooleanTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBooleanTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_EnumeratedTemplate[] = {
- { SEC_ASN1_ENUMERATED, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_GeneralizedTimeTemplate[] = {
- { SEC_ASN1_GENERALIZED_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_IA5StringTemplate[] = {
- { SEC_ASN1_IA5_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToIA5StringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfIA5StringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_IntegerTemplate[] = {
- { SEC_ASN1_INTEGER, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToIntegerTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfIntegerTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_NullTemplate[] = {
- { SEC_ASN1_NULL, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToNullTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfNullTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfNullTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_ObjectIDTemplate[] = {
- { SEC_ASN1_OBJECT_ID, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToObjectIDTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfObjectIDTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_OctetStringTemplate[] = {
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToOctetStringTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfOctetStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_PrintableStringTemplate[] = {
- { SEC_ASN1_PRINTABLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_T61StringTemplate[] = {
- { SEC_ASN1_T61_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToT61StringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfT61StringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_UniversalStringTemplate[] = {
- { SEC_ASN1_UNIVERSAL_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_UTCTimeTemplate[] = {
- { SEC_ASN1_UTC_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_UTF8StringTemplate[] = {
- { SEC_ASN1_UTF8_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_VisibleStringTemplate[] = {
- { SEC_ASN1_VISIBLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_VisibleStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_VisibleStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_VisibleStringTemplate }
-};
-
-
-/*
- * Template for skipping a subitem.
- *
- * Note that it only makes sense to use this for decoding (when you want
- * to decode something where you are only interested in one or two of
- * the fields); you cannot encode a SKIP!
- */
-const SEC_ASN1Template SEC_SkipTemplate[] = {
- { SEC_ASN1_SKIP }
-};
-
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_AnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BMPStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BooleanTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BitStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IA5StringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_GeneralizedTimeTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IntegerTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_NullTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_ObjectIDTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToAnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToOctetStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SetOfAnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTCTimeTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTF8StringTemplate)
-
diff --git a/security/nss/lib/util/secasn1e.c b/security/nss/lib/util/secasn1e.c
deleted file mode 100644
index 0f5721db7..000000000
--- a/security/nss/lib/util/secasn1e.c
+++ /dev/null
@@ -1,1568 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#include "secasn1.h"
-
-typedef enum {
- beforeHeader,
- duringContents,
- duringGroup,
- duringSequence,
- afterContents,
- afterImplicit,
- afterInline,
- afterPointer,
- afterChoice,
- notInUse
-} sec_asn1e_parse_place;
-
-typedef enum {
- allDone,
- encodeError,
- keepGoing,
- needBytes
-} sec_asn1e_parse_status;
-
-typedef struct sec_asn1e_state_struct {
- SEC_ASN1EncoderContext *top;
- const SEC_ASN1Template *theTemplate;
- void *src;
-
- struct sec_asn1e_state_struct *parent; /* aka prev */
- struct sec_asn1e_state_struct *child; /* aka next */
-
- sec_asn1e_parse_place place; /* where we are in encoding process */
-
- /*
- * XXX explain the next fields as clearly as possible...
- */
- unsigned char tag_modifiers;
- unsigned char tag_number;
- unsigned long underlying_kind;
-
- int depth;
-
- PRBool explicit, /* we are handling an explicit header */
- indefinite, /* need end-of-contents */
- is_string, /* encoding a simple string or an ANY */
- may_stream, /* when streaming, do indefinite encoding */
- optional, /* omit field if it has no contents */
- ignore_stream; /* ignore streaming value of sub-template */
-} sec_asn1e_state;
-
-/*
- * An "outsider" will have an opaque pointer to this, created by calling
- * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent
- * calls to SEC_ASN1EncoderUpdate() and related routines, and when done
- * it is passed to SEC_ASN1EncoderFinish().
- */
-struct sec_EncoderContext_struct {
- PRArenaPool *our_pool; /* for our internal allocs */
-
- sec_asn1e_state *current;
- sec_asn1e_parse_status status;
-
- PRBool streaming;
- PRBool from_buf;
-
- SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
- void *notify_arg; /* argument to notify_proc */
- PRBool during_notify; /* true during call to notify_proc */
-
- SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */
- void *output_arg; /* argument to that function */
-};
-
-
-static sec_asn1e_state *
-sec_asn1e_push_state (SEC_ASN1EncoderContext *cx,
- const SEC_ASN1Template *theTemplate,
- const void *src, PRBool new_depth)
-{
- sec_asn1e_state *state, *new_state;
-
- state = cx->current;
-
- new_state = (sec_asn1e_state*)PORT_ArenaZAlloc (cx->our_pool,
- sizeof(*new_state));
- if (new_state == NULL) {
- cx->status = encodeError;
- return NULL;
- }
-
- new_state->top = cx;
- new_state->parent = state;
- new_state->theTemplate = theTemplate;
- new_state->place = notInUse;
- if (src != NULL)
- new_state->src = (char *)src + theTemplate->offset;
-
- if (state != NULL) {
- new_state->depth = state->depth;
- if (new_depth)
- new_state->depth++;
- state->child = new_state;
- }
-
- cx->current = new_state;
- return new_state;
-}
-
-
-static void
-sec_asn1e_scrub_state (sec_asn1e_state *state)
-{
- /*
- * Some default "scrubbing".
- * XXX right set of initializations?
- */
- state->place = beforeHeader;
- state->indefinite = PR_FALSE;
-}
-
-
-static void
-sec_asn1e_notify_before (SEC_ASN1EncoderContext *cx, void *src, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_TRUE, src, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static void
-sec_asn1e_notify_after (SEC_ASN1EncoderContext *cx, void *src, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_FALSE, src, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static sec_asn1e_state *
-sec_asn1e_init_state_based_on_template (sec_asn1e_state *state)
-{
- PRBool explicit, is_string, may_stream, optional, universal, ignore_stream;
- unsigned char tag_modifiers;
- unsigned long encode_kind, under_kind;
- unsigned long tag_number;
-
-
- encode_kind = state->theTemplate->kind;
-
- universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_EXPLICIT;
-
- optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_OPTIONAL;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
- ignore_stream = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_NO_STREAM;
-
- /* Just clear this to get it out of the way; we do not need it here */
- encode_kind &= ~SEC_ASN1_DYNAMIC;
-
- if( encode_kind & SEC_ASN1_CHOICE ) {
- under_kind = SEC_ASN1_CHOICE;
- } else
-
- if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal
- && !explicit)) {
- const SEC_ASN1Template *subt;
- void *src;
-
- PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
-
- sec_asn1e_scrub_state (state);
-
- if (encode_kind & SEC_ASN1_POINTER) {
- /*
- * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER);
- * but that was too restrictive. This needs to be fixed,
- * probably copying what the decoder now checks for, and
- * adding a big comment here to explain what the checks mean.
- */
- src = *(void **)state->src;
- state->place = afterPointer;
- if (src == NULL) {
- /*
- * If this is optional, but NULL, then the field does
- * not need to be encoded. In this case we are done;
- * we do not want to push a subtemplate.
- */
- if (optional)
- return state;
-
- /*
- * XXX this is an error; need to figure out
- * how to handle this
- */
- }
- } else {
- src = state->src;
- if (encode_kind & SEC_ASN1_INLINE) {
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
- state->place = afterInline;
- } else {
- /*
- * Save the tag modifiers and tag number here before moving
- * on to the next state in case this is a member of a
- * SEQUENCE OF
- */
- state->tag_modifiers = (unsigned char)encode_kind & SEC_ASN1_TAG_MASK
- & ~SEC_ASN1_TAGNUM_MASK;
- state->tag_number = (unsigned char)encode_kind & SEC_ASN1_TAGNUM_MASK;
-
- state->place = afterImplicit;
- state->optional = optional;
- }
- }
-
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, PR_TRUE);
- state = sec_asn1e_push_state (state->top, subt, src, PR_FALSE);
- if (state == NULL)
- return NULL;
-
- if (universal) {
- /*
- * This is a POINTER or INLINE; just init based on that
- * and we are done.
- */
- return sec_asn1e_init_state_based_on_template (state);
- }
-
- /*
- * This is an implicit, non-universal (meaning, application-private
- * or context-specific) field. This results in a "magic" tag but
- * encoding based on the underlying type. We pushed a new state
- * that is based on the subtemplate (the underlying type), but
- * now we will sort of alias it to give it some of our properties
- * (tag, optional status, etc.).
- */
-
- under_kind = state->theTemplate->kind;
- if (under_kind & SEC_ASN1_MAY_STREAM) {
- if (!ignore_stream)
- may_stream = PR_TRUE;
- under_kind &= ~SEC_ASN1_MAY_STREAM;
- }
- } else {
- under_kind = encode_kind;
- }
-
- /*
- * Sanity check that there are no unwanted bits marked in under_kind.
- * These bits were either removed above (after we recorded them) or
- * they simply should not be found (signalling a bad/broken template).
- * XXX is this the right set of bits to test here? (i.e. need to add
- * or remove any?)
- */
- PORT_Assert ((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
- | SEC_ASN1_SKIP | SEC_ASN1_INNER
- | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
-
- if (encode_kind & SEC_ASN1_ANY) {
- PORT_Assert (encode_kind == under_kind);
- tag_modifiers = 0;
- tag_number = 0;
- is_string = PR_TRUE;
- } else {
- tag_modifiers = (unsigned char)encode_kind & SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK;
- /*
- * XXX This assumes only single-octet identifiers. To handle
- * the HIGH TAG form we would need to do some more work, especially
- * in how to specify them in the template, because right now we
- * do not provide a way to specify more *tag* bits in encode_kind.
- */
- tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
- is_string = PR_FALSE;
- switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
- case SEC_ASN1_SET:
- /*
- * XXX A plain old SET (as opposed to a SET OF) is not implemented.
- * If it ever is, remove this assert...
- */
- PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
- /* fallthru */
- case SEC_ASN1_SEQUENCE:
- tag_modifiers |= SEC_ASN1_CONSTRUCTED;
- break;
- case SEC_ASN1_BIT_STRING:
- case SEC_ASN1_BMP_STRING:
- case SEC_ASN1_GENERALIZED_TIME:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_UTC_TIME:
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- /*
- * We do not yet know if we will be constructing the string,
- * so we have to wait to do this final tag modification.
- */
- is_string = PR_TRUE;
- break;
- }
- }
-
- state->tag_modifiers = tag_modifiers;
- state->tag_number = (unsigned char)tag_number;
- state->underlying_kind = under_kind;
- state->explicit = explicit;
- state->may_stream = may_stream;
- state->is_string = is_string;
- state->optional = optional;
- state->ignore_stream = ignore_stream;
-
- sec_asn1e_scrub_state (state);
-
- return state;
-}
-
-
-static void
-sec_asn1e_write_part (sec_asn1e_state *state,
- const char *buf, unsigned long len,
- SEC_ASN1EncodingPart part)
-{
- SEC_ASN1EncoderContext *cx;
-
- cx = state->top;
- (* cx->output_proc) (cx->output_arg, buf, len, state->depth, part);
-}
-
-
-/*
- * XXX This assumes only single-octet identifiers. To handle
- * the HIGH TAG form we would need to modify this interface and
- * teach it to properly encode the special form.
- */
-static void
-sec_asn1e_write_identifier_bytes (sec_asn1e_state *state, unsigned char value)
-{
- char byte;
-
- byte = (char) value;
- sec_asn1e_write_part (state, &byte, 1, SEC_ASN1_Identifier);
-}
-
-int
-SEC_ASN1EncodeLength(unsigned char *buf,int value) {
- int lenlen;
-
- lenlen = SEC_ASN1LengthLength (value);
- if (lenlen == 1) {
- buf[0] = value;
- } else {
- int i;
-
- i = lenlen - 1;
- buf[0] = 0x80 | i;
- while (i) {
- buf[i--] = value;
- value >>= 8;
- }
- PORT_Assert (value == 0);
- }
- return lenlen;
-}
-
-static void
-sec_asn1e_write_length_bytes (sec_asn1e_state *state, unsigned long value,
- PRBool indefinite)
-{
- int lenlen;
- unsigned char buf[sizeof(unsigned long) + 1];
-
- if (indefinite) {
- PORT_Assert (value == 0);
- buf[0] = 0x80;
- lenlen = 1;
- } else {
- lenlen = SEC_ASN1EncodeLength(buf,value);
- }
-
- sec_asn1e_write_part (state, (char *) buf, lenlen, SEC_ASN1_Length);
-}
-
-
-static void
-sec_asn1e_write_contents_bytes (sec_asn1e_state *state,
- const char *buf, unsigned long len)
-{
- sec_asn1e_write_part (state, buf, len, SEC_ASN1_Contents);
-}
-
-
-static void
-sec_asn1e_write_end_of_contents_bytes (sec_asn1e_state *state)
-{
- const char eoc[2] = {0, 0};
-
- sec_asn1e_write_part (state, eoc, 2, SEC_ASN1_EndOfContents);
-}
-
-static int
-sec_asn1e_which_choice
-(
- void *src,
- const SEC_ASN1Template *theTemplate
-)
-{
- int rv;
- unsigned int which = *(unsigned int *)((char *)src + theTemplate->offset);
-
- for( rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++ ) {
- if( which == theTemplate->size ) {
- return rv;
- }
- }
-
- return 0;
-}
-
-static unsigned long
-sec_asn1e_contents_length (const SEC_ASN1Template *theTemplate, void *src,
- PRBool ignoresubstream, PRBool *noheaderp)
-{
- unsigned long encode_kind, underlying_kind;
- PRBool explicit, optional, universal, may_stream;
- unsigned long len;
-
- /*
- * This function currently calculates the length in all cases
- * except the following: when writing out the contents of a
- * template that belongs to a state where it was a sub-template
- * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the
- * optional bit set. The information that the parent is optional
- * and that we should return the length of 0 when that length is
- * present since that means the optional field is no longer present.
- * So we add the ignoresubstream flag which is passed in when
- * writing the contents, but for all recursive calls to
- * sec_asn1e_contents_length, we pass PR_FALSE, because this
- * function correctly calculates the length for children templates
- * from that point on. Confused yet? At least you didn't have
- * to figure it out. ;) -javi
- */
- encode_kind = theTemplate->kind;
-
- universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_EXPLICIT;
-
- optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_OPTIONAL;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
- /* Just clear this to get it out of the way; we do not need it here */
- encode_kind &= ~SEC_ASN1_DYNAMIC;
- encode_kind &= ~SEC_ASN1_NO_STREAM;
-
- if( encode_kind & SEC_ASN1_CHOICE ) {
- void *src2;
- int indx = sec_asn1e_which_choice(src, theTemplate);
- if( 0 == indx ) {
- /* XXX set an error? "choice not found" */
- /* state->top->status = encodeError; */
- return 0;
- }
-
- src2 = (void *)((char *)src + theTemplate[indx].offset);
-
- return sec_asn1e_contents_length(&theTemplate[indx], src2,
- PR_FALSE, noheaderp);
- }
-
- if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) {
-
- /* XXX any bits we want to disallow (PORT_Assert against) here? */
-
- theTemplate = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
-
- if (encode_kind & SEC_ASN1_POINTER) {
- /*
- * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER);
- * but that was too restrictive. This needs to be fixed,
- * probably copying what the decoder now checks for, and
- * adding a big comment here to explain what the checks mean.
- * Alternatively, the check here could be omitted altogether
- * just letting sec_asn1e_init_state_based_on_template
- * do it, since that routine can do better error handling, too.
- */
- src = *(void **)src;
- if (src == NULL) {
- if (optional)
- *noheaderp = PR_TRUE;
- else
- *noheaderp = PR_FALSE;
- return 0;
- }
- } else if (encode_kind & SEC_ASN1_INLINE) {
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
- }
-
- src = (char *)src + theTemplate->offset;
-
- if (explicit) {
- len = sec_asn1e_contents_length (theTemplate, src, PR_FALSE,
- noheaderp);
- if (len == 0 && optional) {
- *noheaderp = PR_TRUE;
- } else if (*noheaderp) {
- /* Okay, *we* do not want to add in a header, but our caller still does. */
- *noheaderp = PR_FALSE;
- } else {
- /* if the inner content exists, our length is
- * len(identifier) + len(length) + len(innercontent)
- * XXX we currently assume len(identifier) == 1;
- * to support a high-tag-number this would need to be smarter.
- */
- len += 1 + SEC_ASN1LengthLength (len);
- }
- return len;
- }
-
- underlying_kind = theTemplate->kind;
- underlying_kind &= ~SEC_ASN1_MAY_STREAM;
-
- /* XXX Should we recurse here? */
- } else {
- underlying_kind = encode_kind;
- }
-
- /* This is only used in decoding; it plays no part in encoding. */
- if (underlying_kind & SEC_ASN1_SAVE) {
- /* check that there are no extraneous bits */
- PORT_Assert (underlying_kind == SEC_ASN1_SAVE);
- *noheaderp = PR_TRUE;
- return 0;
- }
-
- /* Having any of these bits is not expected here... */
- PORT_Assert ((underlying_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
- | SEC_ASN1_INLINE | SEC_ASN1_POINTER
- | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_SAVE | SEC_ASN1_SKIP)) == 0);
-
- if( underlying_kind & SEC_ASN1_CHOICE ) {
- void *src2;
- int indx = sec_asn1e_which_choice(src, theTemplate);
- if( 0 == indx ) {
- /* XXX set an error? "choice not found" */
- /* state->top->status = encodeError; */
- return 0;
- }
-
- src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);
- len = sec_asn1e_contents_length(&theTemplate[indx], src2, PR_FALSE,
- noheaderp);
- } else
-
- switch (underlying_kind) {
- case SEC_ASN1_SEQUENCE_OF:
- case SEC_ASN1_SET_OF:
- {
- const SEC_ASN1Template *tmpt;
- void *sub_src;
- unsigned long sub_len;
- void **group;
-
- len = 0;
-
- group = *(void ***)src;
- if (group == NULL)
- break;
-
- tmpt = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
-
- for (; *group != NULL; group++) {
- sub_src = (char *)(*group) + tmpt->offset;
- sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE,
- noheaderp);
- len += sub_len;
- /*
- * XXX The 1 below is the presumed length of the identifier;
- * to support a high-tag-number this would need to be smarter.
- */
- if (!*noheaderp)
- len += 1 + SEC_ASN1LengthLength (sub_len);
- }
- }
- break;
-
- case SEC_ASN1_SEQUENCE:
- case SEC_ASN1_SET:
- {
- const SEC_ASN1Template *tmpt;
- void *sub_src;
- unsigned long sub_len;
-
- len = 0;
- for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) {
- sub_src = (char *)src + tmpt->offset;
- sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE,
- noheaderp);
- len += sub_len;
- /*
- * XXX The 1 below is the presumed length of the identifier;
- * to support a high-tag-number this would need to be smarter.
- */
- if (!*noheaderp)
- len += 1 + SEC_ASN1LengthLength (sub_len);
- }
- }
- break;
-
- case SEC_ASN1_BIT_STRING:
- /* convert bit length to byte */
- len = (((SECItem *)src)->len + 7) >> 3;
- /* bit string contents involve an extra octet */
- if (len)
- len++;
- break;
-
- case SEC_ASN1_INTEGER:
- /* ASN.1 INTEGERs are signed.
- * If the source is an unsigned integer, the encoder will need
- * to handle the conversion here.
- */
- {
- unsigned char *buf = ((SECItem *)src)->data;
- SECItemType integerType = ((SECItem *)src)->type;
- len = ((SECItem *)src)->len;
- while (len > 0) {
- if (*buf != 0) {
- if (*buf & 0x80 && integerType == siUnsignedInteger) {
- len++; /* leading zero needed to make number signed */
- }
- break; /* reached beginning of number */
- }
- if (len == 1) {
- break; /* the number 0 */
- }
- if (buf[1] & 0x80) {
- break; /* leading zero already present */
- }
- /* extraneous leading zero, keep going */
- buf++;
- len--;
- }
- }
- break;
-
- default:
- len = ((SECItem *)src)->len;
- if (may_stream && len == 0 && !ignoresubstream)
- len = 1; /* if we're streaming, we may have a secitem w/len 0 as placeholder */
- break;
- }
-
- if ((len == 0 && optional) || underlying_kind == SEC_ASN1_ANY)
- *noheaderp = PR_TRUE;
- else
- *noheaderp = PR_FALSE;
-
- return len;
-}
-
-
-static void
-sec_asn1e_write_header (sec_asn1e_state *state)
-{
- unsigned long contents_length;
- unsigned char tag_number, tag_modifiers;
- PRBool noheader;
-
- PORT_Assert (state->place == beforeHeader);
-
- tag_number = state->tag_number;
- tag_modifiers = state->tag_modifiers;
-
- if (state->underlying_kind == SEC_ASN1_ANY) {
- state->place = duringContents;
- return;
- }
-
- if( state->underlying_kind & SEC_ASN1_CHOICE ) {
- int indx = sec_asn1e_which_choice(state->src, state->theTemplate);
- if( 0 == indx ) {
- /* XXX set an error? "choice not found" */
- state->top->status = encodeError;
- return;
- }
-
- state->place = afterChoice;
- state = sec_asn1e_push_state(state->top, &state->theTemplate[indx],
- state->src, PR_TRUE);
-
- if( (sec_asn1e_state *)NULL != state ) {
- /*
- * Do the "before" field notification.
- */
- sec_asn1e_notify_before (state->top, state->src, state->depth);
- state = sec_asn1e_init_state_based_on_template (state);
- }
-
- return;
- }
-
- /*
- * We are doing a definite-length encoding. First we have to
- * walk the data structure to calculate the entire contents length.
- */
- contents_length = sec_asn1e_contents_length (state->theTemplate,
- state->src,
- state->ignore_stream,
- &noheader);
- /*
- * We might be told explicitly not to put out a header.
- * But it can also be the case, via a pushed subtemplate, that
- * sec_asn1e_contents_length could not know that this field is
- * really optional. So check for that explicitly, too.
- */
- if (noheader || (contents_length == 0 && state->optional)) {
- state->place = afterContents;
- if (state->top->streaming && state->may_stream && state->top->from_buf)
- /* we did not find an optional indefinite string, so we don't encode it.
- * However, if TakeFromBuf is on, we stop here anyway to give our caller
- * a chance to intercept at the same point where we would stop if the
- * field were present. */
- state->top->status = needBytes;
- return;
- }
-
- if (state->top->streaming && state->may_stream
- && (state->top->from_buf || !state->is_string)) {
- /*
- * We need to put out an indefinite-length encoding.
- */
- state->indefinite = PR_TRUE;
- /*
- * The only universal types that can be constructed are SETs,
- * SEQUENCEs, and strings; so check that it is one of those,
- * or that it is not universal (e.g. context-specific).
- */
- PORT_Assert ((tag_number == SEC_ASN1_SET)
- || (tag_number == SEC_ASN1_SEQUENCE)
- || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0)
- || state->is_string);
- tag_modifiers |= SEC_ASN1_CONSTRUCTED;
- contents_length = 0;
- }
-
- sec_asn1e_write_identifier_bytes (state, (unsigned char)(tag_number | tag_modifiers));
- sec_asn1e_write_length_bytes (state, contents_length, state->indefinite);
-
- if (contents_length == 0 && !state->indefinite) {
- /*
- * If no real contents to encode, then we are done with this field.
- */
- state->place = afterContents;
- return;
- }
-
- /*
- * An EXPLICIT is nothing but an outer header, which we have already
- * written. Now we need to do the inner header and contents.
- */
- if (state->explicit) {
- state->place = afterContents;
- state = sec_asn1e_push_state (state->top,
- SEC_ASN1GetSubtemplate(state->theTemplate,
- state->src,
- PR_TRUE),
- state->src, PR_TRUE);
- if (state != NULL)
- state = sec_asn1e_init_state_based_on_template (state);
- return;
- }
-
- switch (state->underlying_kind) {
- case SEC_ASN1_SET_OF:
- case SEC_ASN1_SEQUENCE_OF:
- /*
- * We need to push a child to handle each member.
- */
- {
- void **group;
- const SEC_ASN1Template *subt;
-
- group = *(void ***)state->src;
- if (group == NULL || *group == NULL) {
- /*
- * Group is empty; we are done.
- */
- state->place = afterContents;
- return;
- }
- state->place = duringGroup;
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src,
- PR_TRUE);
- state = sec_asn1e_push_state (state->top, subt, *group, PR_TRUE);
- if (state != NULL)
- state = sec_asn1e_init_state_based_on_template (state);
- }
- break;
-
- case SEC_ASN1_SEQUENCE:
- case SEC_ASN1_SET:
- /*
- * We need to push a child to handle the individual fields.
- */
- state->place = duringSequence;
- state = sec_asn1e_push_state (state->top, state->theTemplate + 1,
- state->src, PR_TRUE);
- if (state != NULL) {
- /*
- * Do the "before" field notification.
- */
- sec_asn1e_notify_before (state->top, state->src, state->depth);
- state = sec_asn1e_init_state_based_on_template (state);
- }
- break;
-
- default:
- /*
- * I think we do not need to do anything else.
- * XXX Correct?
- */
- state->place = duringContents;
- break;
- }
-}
-
-
-static void
-sec_asn1e_write_contents (sec_asn1e_state *state,
- const char *buf, unsigned long len)
-{
- PORT_Assert (state->place == duringContents);
-
- if (state->top->from_buf) {
- /*
- * Probably they just turned on "take from buf", but have not
- * yet given us any bytes. If there is nothing in the buffer
- * then we have nothing to do but return and wait.
- */
- if (buf == NULL || len == 0) {
- state->top->status = needBytes;
- return;
- }
- /*
- * We are streaming, reading from a passed-in buffer.
- * This means we are encoding a simple string or an ANY.
- * For the former, we need to put out a substring, with its
- * own identifier and length. For an ANY, we just write it
- * out as is (our caller is required to ensure that it
- * is a properly encoded entity).
- */
- PORT_Assert (state->is_string); /* includes ANY */
- if (state->underlying_kind != SEC_ASN1_ANY) {
- unsigned char identifier;
-
- /*
- * Create the identifier based on underlying_kind. We cannot
- * use tag_number and tag_modifiers because this can be an
- * implicitly encoded field. In that case, the underlying
- * substrings *are* encoded with their real tag.
- */
- identifier = (unsigned char)state->underlying_kind & SEC_ASN1_TAG_MASK;
- /*
- * The underlying kind should just be a simple string; there
- * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set.
- */
- PORT_Assert ((identifier & SEC_ASN1_TAGNUM_MASK) == identifier);
- /*
- * Write out the tag and length for the substring.
- */
- sec_asn1e_write_identifier_bytes (state, identifier);
- if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
- char byte;
- /*
- * Assume we have a length in bytes but we need to output
- * a proper bit string. This interface only works for bit
- * strings that are full multiples of 8. If support for
- * real, variable length bit strings is needed then the
- * caller will have to know to pass in a bit length instead
- * of a byte length and then this code will have to
- * perform the encoding necessary (length written is length
- * in bytes plus 1, and the first octet of string is the
- * number of bits remaining between the end of the bit
- * string and the next byte boundary).
- */
- sec_asn1e_write_length_bytes (state, len + 1, PR_FALSE);
- byte = 0;
- sec_asn1e_write_contents_bytes (state, &byte, 1);
- } else {
- sec_asn1e_write_length_bytes (state, len, PR_FALSE);
- }
- }
- sec_asn1e_write_contents_bytes (state, buf, len);
- state->top->status = needBytes;
- } else {
- switch (state->underlying_kind) {
- case SEC_ASN1_SET:
- case SEC_ASN1_SEQUENCE:
- PORT_Assert (0);
- break;
-
- case SEC_ASN1_BIT_STRING:
- {
- SECItem *item;
- char rem;
-
- item = (SECItem *)state->src;
- len = (item->len + 7) >> 3;
- rem = (unsigned char)((len << 3) - item->len); /* remaining bits */
- sec_asn1e_write_contents_bytes (state, &rem, 1);
- sec_asn1e_write_contents_bytes (state, (char *) item->data,
- len);
- }
- break;
-
- case SEC_ASN1_BMP_STRING:
- /* The number of bytes must be divisable by 2 */
- if ((((SECItem *)state->src)->len) % 2) {
- SEC_ASN1EncoderContext *cx;
-
- cx = state->top;
- cx->status = encodeError;
- break;
- }
- /* otherwise, fall through to write the content */
- goto process_string;
-
- case SEC_ASN1_UNIVERSAL_STRING:
- /* The number of bytes must be divisable by 4 */
- if ((((SECItem *)state->src)->len) % 4) {
- SEC_ASN1EncoderContext *cx;
-
- cx = state->top;
- cx->status = encodeError;
- break;
- }
- /* otherwise, fall through to write the content */
- goto process_string;
-
- case SEC_ASN1_INTEGER:
- /* ASN.1 INTEGERs are signed. If the source is an unsigned
- * integer, the encoder will need to handle the conversion here.
- */
- {
- unsigned int blen;
- unsigned char *buf;
- SECItemType integerType;
- blen = ((SECItem *)state->src)->len;
- buf = ((SECItem *)state->src)->data;
- integerType = ((SECItem *)state->src)->type;
- while (blen > 0) {
- if (*buf & 0x80 && integerType == siUnsignedInteger) {
- char zero = 0; /* write a leading 0 */
- sec_asn1e_write_contents_bytes(state, &zero, 1);
- /* and then the remaining buffer */
- sec_asn1e_write_contents_bytes(state,
- (char *)buf, blen);
- break;
- }
- /* Check three possibilities:
- * 1. No leading zeros, msb of MSB is not 1;
- * 2. The number is zero itself;
- * 3. Encoding a signed integer with a leading zero,
- * keep the zero so that the number is positive.
- */
- if (*buf != 0 ||
- blen == 1 ||
- (buf[1] & 0x80 && integerType != siUnsignedInteger) )
- {
- sec_asn1e_write_contents_bytes(state,
- (char *)buf, blen);
- break;
- }
- /* byte is 0, continue */
- buf++;
- blen--;
- }
- }
- /* done with this content */
- break;
-
-process_string:
- default:
- {
- SECItem *item;
-
- item = (SECItem *)state->src;
- sec_asn1e_write_contents_bytes (state, (char *) item->data,
- item->len);
- }
- break;
- }
- state->place = afterContents;
- }
-}
-
-
-/*
- * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
- */
-static void
-sec_asn1e_next_in_group (sec_asn1e_state *state)
-{
- sec_asn1e_state *child;
- void **group;
- void *member;
-
- PORT_Assert (state->place == duringGroup);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- group = *(void ***)state->src;
-
- /*
- * Find placement of current item.
- */
- member = (char *)(state->child->src) - child->theTemplate->offset;
- while (*group != member)
- group++;
-
- /*
- * Move forward to next item.
- */
- group++;
- if (*group == NULL) {
- /*
- * That was our last one; we are done now.
- */
- child->place = notInUse;
- state->place = afterContents;
- return;
- }
- child->src = (char *)(*group) + child->theTemplate->offset;
-
- /*
- * Re-"push" child.
- */
- sec_asn1e_scrub_state (child);
- state->top->current = child;
-}
-
-
-/*
- * We are moving along through a sequence; move forward by one,
- * (detecting end-of-sequence when it happens).
- */
-static void
-sec_asn1e_next_in_sequence (sec_asn1e_state *state)
-{
- sec_asn1e_state *child;
-
- PORT_Assert (state->place == duringSequence);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- /*
- * Do the "after" field notification.
- */
- sec_asn1e_notify_after (state->top, child->src, child->depth);
-
- /*
- * Move forward.
- */
- child->theTemplate++;
- if (child->theTemplate->kind == 0) {
- /*
- * We are done with this sequence.
- */
- child->place = notInUse;
- state->place = afterContents;
- return;
- }
-
- /*
- * Reset state and push.
- */
-
- child->src = (char *)state->src + child->theTemplate->offset;
-
- /*
- * Do the "before" field notification.
- */
- sec_asn1e_notify_before (state->top, child->src, child->depth);
-
- state->top->current = child;
- (void) sec_asn1e_init_state_based_on_template (child);
-}
-
-
-static void
-sec_asn1e_after_contents (sec_asn1e_state *state)
-{
- PORT_Assert (state->place == afterContents);
-
- if (state->indefinite)
- sec_asn1e_write_end_of_contents_bytes (state);
-
- /*
- * Just make my parent be the current state. It will then clean
- * up after me and free me (or reuse me).
- */
- state->top->current = state->parent;
-}
-
-
-/*
- * This function is called whether or not we are streaming; if we
- * *are* streaming, our caller can also instruct us to take bytes
- * from the passed-in buffer (at buf, for length len, which is likely
- * bytes but could even mean bits if the current field is a bit string).
- * If we have been so instructed, we will gobble up bytes from there
- * (rather than from our src structure) and output them, and then
- * we will just return, expecting to be called again -- either with
- * more bytes or after our caller has instructed us that we are done
- * (for now) with the buffer.
- */
-SECStatus
-SEC_ASN1EncoderUpdate (SEC_ASN1EncoderContext *cx,
- const char *buf, unsigned long len)
-{
- sec_asn1e_state *state;
-
- if (cx->status == needBytes) {
- PORT_Assert (buf != NULL && len != 0);
- cx->status = keepGoing;
- }
-
- while (cx->status == keepGoing) {
- state = cx->current;
- switch (state->place) {
- case beforeHeader:
- sec_asn1e_write_header (state);
- break;
- case duringContents:
- sec_asn1e_write_contents (state, buf, len);
- break;
- case duringGroup:
- sec_asn1e_next_in_group (state);
- break;
- case duringSequence:
- sec_asn1e_next_in_sequence (state);
- break;
- case afterContents:
- sec_asn1e_after_contents (state);
- break;
- case afterImplicit:
- case afterInline:
- case afterPointer:
- case afterChoice:
- /*
- * These states are more documentation than anything.
- * They just need to force a pop.
- */
- PORT_Assert (!state->indefinite);
- state->place = afterContents;
- break;
- case notInUse:
- default:
- /* This is not an error, but rather a plain old BUG! */
- PORT_Assert (0);
- cx->status = encodeError;
- break;
- }
-
- if (cx->status == encodeError)
- break;
-
- /* It might have changed, so we have to update our local copy. */
- state = cx->current;
-
- /* If it is NULL, we have popped all the way to the top. */
- if (state == NULL) {
- cx->status = allDone;
- break;
- }
- }
-
- if (cx->status == encodeError) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-void
-SEC_ASN1EncoderFinish (SEC_ASN1EncoderContext *cx)
-{
- /*
- * XXX anything else that needs to be finished?
- */
-
- PORT_FreeArena (cx->our_pool, PR_FALSE);
-}
-
-
-SEC_ASN1EncoderContext *
-SEC_ASN1EncoderStart (const void *src, const SEC_ASN1Template *theTemplate,
- SEC_ASN1WriteProc output_proc, void *output_arg)
-{
- PRArenaPool *our_pool;
- SEC_ASN1EncoderContext *cx;
-
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL)
- return NULL;
-
- cx = (SEC_ASN1EncoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
- if (cx == NULL) {
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- cx->our_pool = our_pool;
- cx->output_proc = output_proc;
- cx->output_arg = output_arg;
-
- cx->status = keepGoing;
-
- if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL
- || sec_asn1e_init_state_based_on_template (cx->current) == NULL) {
- /*
- * Trouble initializing (probably due to failed allocations)
- * requires that we just give up.
- */
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- return cx;
-}
-
-
-/*
- * XXX Do we need a FilterProc, too?
- */
-
-
-void
-SEC_ASN1EncoderSetNotifyProc (SEC_ASN1EncoderContext *cx,
- SEC_ASN1NotifyProc fn, void *arg)
-{
- cx->notify_proc = fn;
- cx->notify_arg = arg;
-}
-
-
-void
-SEC_ASN1EncoderClearNotifyProc (SEC_ASN1EncoderContext *cx)
-{
- cx->notify_proc = NULL;
- cx->notify_arg = NULL; /* not necessary; just being clean */
-}
-
-
-void
-SEC_ASN1EncoderSetStreaming (SEC_ASN1EncoderContext *cx)
-{
- /* XXX is there a way to check that we are "between" fields here? */
-
- cx->streaming = PR_TRUE;
-}
-
-
-void
-SEC_ASN1EncoderClearStreaming (SEC_ASN1EncoderContext *cx)
-{
- /* XXX is there a way to check that we are "between" fields here? */
-
- cx->streaming = PR_FALSE;
-}
-
-
-void
-SEC_ASN1EncoderSetTakeFromBuf (SEC_ASN1EncoderContext *cx)
-{
- /*
- * XXX is there a way to check that we are "between" fields here? this
- * needs to include a check for being in between groups of items in
- * a SET_OF or SEQUENCE_OF.
- */
- PORT_Assert (cx->streaming);
-
- cx->from_buf = PR_TRUE;
-}
-
-
-void
-SEC_ASN1EncoderClearTakeFromBuf (SEC_ASN1EncoderContext *cx)
-{
- /* we should actually be taking from buf *now* */
- PORT_Assert (cx->from_buf);
- if (! cx->from_buf) /* if not, just do nothing */
- return;
-
- cx->from_buf = PR_FALSE;
-
- if (cx->status == needBytes) {
- cx->status = keepGoing;
- cx->current->place = afterContents;
- }
-}
-
-
-SECStatus
-SEC_ASN1Encode (const void *src, const SEC_ASN1Template *theTemplate,
- SEC_ASN1WriteProc output_proc, void *output_arg)
-{
- SEC_ASN1EncoderContext *ecx;
- SECStatus rv;
-
- ecx = SEC_ASN1EncoderStart (src, theTemplate, output_proc, output_arg);
- if (ecx == NULL)
- return SECFailure;
-
- rv = SEC_ASN1EncoderUpdate (ecx, NULL, 0);
-
- SEC_ASN1EncoderFinish (ecx);
- return rv;
-}
-
-
-/*
- * XXX depth and data_kind are unused; is there a PC way to silence warnings?
- * (I mean "politically correct", not anything to do with intel/win platform)
- */
-static void
-sec_asn1e_encode_item_count (void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- unsigned long *count;
-
- count = (unsigned long*)arg;
- PORT_Assert (count != NULL);
-
- *count += len;
-}
-
-
-/* XXX depth and data_kind are unused; is there a PC way to silence warnings? */
-static void
-sec_asn1e_encode_item_store (void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- SECItem *dest;
-
- dest = (SECItem*)arg;
- PORT_Assert (dest != NULL);
-
- PORT_Memcpy (dest->data + dest->len, buf, len);
- dest->len += len;
-}
-
-
-/*
- * Allocate an entire SECItem, or just the data part of it, to hold
- * "len" bytes of stuff. Allocate from the given pool, if specified,
- * otherwise just do a vanilla PORT_Alloc.
- *
- * XXX This seems like a reasonable general-purpose function (for SECITEM_)?
- */
-static SECItem *
-sec_asn1e_allocate_item (PRArenaPool *poolp, SECItem *dest, unsigned long len)
-{
- if (poolp != NULL) {
- void *release;
-
- release = PORT_ArenaMark (poolp);
- if (dest == NULL)
- dest = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
- if (dest != NULL) {
- dest->data = (unsigned char*)PORT_ArenaAlloc (poolp, len);
- if (dest->data == NULL) {
- dest = NULL;
- }
- }
- if (dest == NULL) {
- /* one or both allocations failed; release everything */
- PORT_ArenaRelease (poolp, release);
- } else {
- /* everything okay; unmark the arena */
- PORT_ArenaUnmark (poolp, release);
- }
- } else {
- SECItem *indest;
-
- indest = dest;
- if (dest == NULL)
- dest = (SECItem*)PORT_Alloc (sizeof(SECItem));
- if (dest != NULL) {
- dest->type = siBuffer;
- dest->data = (unsigned char*)PORT_Alloc (len);
- if (dest->data == NULL) {
- if (indest == NULL)
- PORT_Free (dest);
- dest = NULL;
- }
- }
- }
-
- return dest;
-}
-
-
-SECItem *
-SEC_ASN1EncodeItem (PRArenaPool *poolp, SECItem *dest, const void *src,
- const SEC_ASN1Template *theTemplate)
-{
- unsigned long encoding_length;
- SECStatus rv;
-
- PORT_Assert (dest == NULL || dest->data == NULL);
-
- encoding_length = 0;
- rv = SEC_ASN1Encode (src, theTemplate,
- sec_asn1e_encode_item_count, &encoding_length);
- if (rv != SECSuccess)
- return NULL;
-
- dest = sec_asn1e_allocate_item (poolp, dest, encoding_length);
- if (dest == NULL)
- return NULL;
-
- /* XXX necessary? This really just checks for a bug in the allocate fn */
- PORT_Assert (dest->data != NULL);
- if (dest->data == NULL)
- return NULL;
-
- dest->len = 0;
- (void) SEC_ASN1Encode (src, theTemplate, sec_asn1e_encode_item_store, dest);
-
- PORT_Assert (encoding_length == dest->len);
- return dest;
-}
-
-
-static SECItem *
-sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
- PRBool make_unsigned)
-{
- unsigned long copy;
- unsigned char sign;
- int len = 0;
-
- /*
- * Determine the length of the encoded value (minimum of 1).
- */
- copy = value;
- do {
- len++;
- sign = (unsigned char)(copy & 0x80);
- copy >>= 8;
- } while (copy);
-
- /*
- * If this is an unsigned encoding, and the high bit of the last
- * byte we counted was set, we need to add one to the length so
- * we put a high-order zero byte in the encoding.
- */
- if (sign && make_unsigned)
- len++;
-
- /*
- * Allocate the item (if necessary) and the data pointer within.
- */
- dest = sec_asn1e_allocate_item (poolp, dest, len);
- if (dest == NULL)
- return NULL;
-
- /*
- * Store the value, byte by byte, in the item.
- */
- dest->len = len;
- while (len) {
- dest->data[--len] = (unsigned char)value;
- value >>= 8;
- }
- PORT_Assert (value == 0);
-
- return dest;
-}
-
-
-SECItem *
-SEC_ASN1EncodeInteger(PRArenaPool *poolp, SECItem *dest, long value)
-{
- return sec_asn1e_integer (poolp, dest, (unsigned long) value, PR_FALSE);
-}
-
-
-extern SECItem *
-SEC_ASN1EncodeUnsignedInteger(PRArenaPool *poolp,
- SECItem *dest, unsigned long value)
-{
- return sec_asn1e_integer (poolp, dest, value, PR_TRUE);
-}
diff --git a/security/nss/lib/util/secasn1t.h b/security/nss/lib/util/secasn1t.h
deleted file mode 100644
index 6dcd24575..000000000
--- a/security/nss/lib/util/secasn1t.h
+++ /dev/null
@@ -1,292 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Types for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#ifndef _SECASN1T_H_
-#define _SECASN1T_H_
-
-/*
-** An array of these structures defines a BER/DER encoding for an object.
-**
-** The array usually starts with a dummy entry whose kind is SEC_ASN1_SEQUENCE;
-** such an array is terminated with an entry where kind == 0. (An array
-** which consists of a single component does not require a second dummy
-** entry -- the array is only searched as long as previous component(s)
-** instruct it.)
-*/
-typedef struct sec_ASN1Template_struct {
- /*
- ** Kind of item being decoded/encoded, including tags and modifiers.
- */
- unsigned long kind;
-
- /*
- ** The value is the offset from the base of the structure to the
- ** field that holds the value being decoded/encoded.
- */
- unsigned long offset;
-
- /*
- ** When kind suggests it (SEC_ASN1_POINTER, SEC_ASN1_GROUP, SEC_ASN1_INLINE,
- ** or a component that is *not* a SEC_ASN1_UNIVERSAL), this points to
- ** a sub-template for nested encoding/decoding,
- ** OR, iff SEC_ASN1_DYNAMIC is set, then this is a pointer to a pointer
- ** to a function which will return the appropriate template when called
- ** at runtime. NOTE! that explicit level of indirection, which is
- ** necessary because ANSI does not allow you to store a function
- ** pointer directly as a "void *" so we must store it separately and
- ** dereference it to get at the function pointer itself.
- */
- const void *sub;
-
- /*
- ** In the first element of a template array, the value is the size
- ** of the structure to allocate when this template is being referenced
- ** by another template via SEC_ASN1_POINTER or SEC_ASN1_GROUP.
- ** In all other cases, the value is ignored.
- */
- unsigned int size;
-} SEC_ASN1Template;
-
-
-/* default size used for allocation of encoding/decoding stuff */
-/* XXX what is the best value here? */
-#define SEC_ASN1_DEFAULT_ARENA_SIZE (2048)
-
-/*
-** BER/DER values for ASN.1 identifier octets.
-*/
-#define SEC_ASN1_TAG_MASK 0xff
-
-/*
- * BER/DER universal type tag numbers.
- * The values are defined by the X.208 standard; do not change them!
- * NOTE: if you add anything to this list, you must add code to secasn1d.c
- * to accept the tag, and probably also to secasn1e.c to encode it.
- * XXX It appears some have been added recently without being added to
- * the code; so need to go through the list now and double-check them all.
- * (Look especially at those added in revision 1.10.)
- */
-#define SEC_ASN1_TAGNUM_MASK 0x1f
-#define SEC_ASN1_BOOLEAN 0x01
-#define SEC_ASN1_INTEGER 0x02
-#define SEC_ASN1_BIT_STRING 0x03
-#define SEC_ASN1_OCTET_STRING 0x04
-#define SEC_ASN1_NULL 0x05
-#define SEC_ASN1_OBJECT_ID 0x06
-#define SEC_ASN1_OBJECT_DESCRIPTOR 0x07
-/* External type and instance-of type 0x08 */
-#define SEC_ASN1_REAL 0x09
-#define SEC_ASN1_ENUMERATED 0x0a
-#define SEC_ASN1_EMBEDDED_PDV 0x0b
-#define SEC_ASN1_UTF8_STRING 0x0c
-#define SEC_ASN1_SEQUENCE 0x10
-#define SEC_ASN1_SET 0x11
-#define SEC_ASN1_NUMERIC_STRING 0x12
-#define SEC_ASN1_PRINTABLE_STRING 0x13
-#define SEC_ASN1_T61_STRING 0x14
-#define SEC_ASN1_TELETEX_STRING SEC_ASN1_T61_STRING
-#define SEC_ASN1_VIDEOTEX_STRING 0x15
-#define SEC_ASN1_IA5_STRING 0x16
-#define SEC_ASN1_UTC_TIME 0x17
-#define SEC_ASN1_GENERALIZED_TIME 0x18
-#define SEC_ASN1_GRAPHIC_STRING 0x19
-#define SEC_ASN1_VISIBLE_STRING 0x1a
-#define SEC_ASN1_GENERAL_STRING 0x1b
-#define SEC_ASN1_UNIVERSAL_STRING 0x1c
-/* 0x1d */
-#define SEC_ASN1_BMP_STRING 0x1e
-#define SEC_ASN1_HIGH_TAG_NUMBER 0x1f
-
-/*
-** Modifiers to type tags. These are also specified by a/the
-** standard, and must not be changed.
-*/
-
-#define SEC_ASN1_METHOD_MASK 0x20
-#define SEC_ASN1_PRIMITIVE 0x00
-#define SEC_ASN1_CONSTRUCTED 0x20
-
-#define SEC_ASN1_CLASS_MASK 0xc0
-#define SEC_ASN1_UNIVERSAL 0x00
-#define SEC_ASN1_APPLICATION 0x40
-#define SEC_ASN1_CONTEXT_SPECIFIC 0x80
-#define SEC_ASN1_PRIVATE 0xc0
-
-/*
-** Our additions, used for templates.
-** These are not defined by any standard; the values are used internally only.
-** Just be careful to keep them out of the low 8 bits.
-** XXX finish comments
-*/
-#define SEC_ASN1_OPTIONAL 0x00100
-#define SEC_ASN1_EXPLICIT 0x00200
-#define SEC_ASN1_ANY 0x00400
-#define SEC_ASN1_INLINE 0x00800
-#define SEC_ASN1_POINTER 0x01000
-#define SEC_ASN1_GROUP 0x02000 /* with SET or SEQUENCE means
- * SET OF or SEQUENCE OF */
-#define SEC_ASN1_DYNAMIC 0x04000 /* subtemplate is found by calling
- * a function at runtime */
-#define SEC_ASN1_SKIP 0x08000 /* skip a field; only for decoding */
-#define SEC_ASN1_INNER 0x10000 /* with ANY means capture the
- * contents only (not the id, len,
- * or eoc); only for decoding */
-#define SEC_ASN1_SAVE 0x20000 /* stash away the encoded bytes first;
- * only for decoding */
-#define SEC_ASN1_MAY_STREAM 0x40000 /* field or one of its sub-fields may
- * stream in and so should encode as
- * indefinite-length when streaming
- * has been indicated; only for
- * encoding */
-#define SEC_ASN1_SKIP_REST 0x80000 /* skip all following fields;
- only for decoding */
-#define SEC_ASN1_CHOICE 0x100000 /* pick one from a template */
-#define SEC_ASN1_NO_STREAM 0X200000 /* This entry will not stream
- even if the sub-template says
- streaming is possible. Helps
- to solve ambiguities with potential
- streaming entries that are
- optional */
-#define SEC_ASN1_DEBUG_BREAK 0X400000 /* put this in your template and the
- decoder will assert when it
- processes it. Only for use with
- SEC_QuickDERDecodeItem */
-
-
-
-/* Shorthand/Aliases */
-#define SEC_ASN1_SEQUENCE_OF (SEC_ASN1_GROUP | SEC_ASN1_SEQUENCE)
-#define SEC_ASN1_SET_OF (SEC_ASN1_GROUP | SEC_ASN1_SET)
-#define SEC_ASN1_ANY_CONTENTS (SEC_ASN1_ANY | SEC_ASN1_INNER)
-
-
-/*
-** Function used for SEC_ASN1_DYNAMIC.
-** "arg" is a pointer to the structure being encoded/decoded
-** "enc", when true, means that we are encoding (false means decoding)
-*/
-typedef const SEC_ASN1Template * SEC_ASN1TemplateChooser(void *arg, PRBool enc);
-typedef SEC_ASN1TemplateChooser * SEC_ASN1TemplateChooserPtr;
-
-#if defined(_WIN32)
-#define SEC_ASN1_GET(x) NSS_Get_##x(NULL, PR_FALSE)
-#define SEC_ASN1_SUB(x) &p_NSS_Get_##x
-#define SEC_ASN1_XTRN SEC_ASN1_DYNAMIC
-#define SEC_ASN1_MKSUB(x) \
-static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x;
-#else
-#define SEC_ASN1_GET(x) x
-#define SEC_ASN1_SUB(x) x
-#define SEC_ASN1_XTRN 0
-#define SEC_ASN1_MKSUB(x)
-#endif
-
-#define SEC_ASN1_CHOOSER_DECLARE(x) \
-extern const SEC_ASN1Template * NSS_Get_##x (void *arg, PRBool enc);
-
-#define SEC_ASN1_CHOOSER_IMPLEMENT(x) \
-const SEC_ASN1Template * NSS_Get_##x(void * arg, PRBool enc) \
-{ return x; }
-
-/*
-** Opaque object used by the decoder to store state.
-*/
-typedef struct sec_DecoderContext_struct SEC_ASN1DecoderContext;
-
-/*
-** Opaque object used by the encoder to store state.
-*/
-typedef struct sec_EncoderContext_struct SEC_ASN1EncoderContext;
-
-/*
- * This is used to describe to a filter function the bytes that are
- * being passed to it. This is only useful when the filter is an "outer"
- * one, meaning it expects to get *all* of the bytes not just the
- * contents octets.
- */
-typedef enum {
- SEC_ASN1_Identifier = 0,
- SEC_ASN1_Length = 1,
- SEC_ASN1_Contents = 2,
- SEC_ASN1_EndOfContents = 3
-} SEC_ASN1EncodingPart;
-
-/*
- * Type of the function pointer used either for decoding or encoding,
- * when doing anything "funny" (e.g. manipulating the data stream)
- */
-typedef void (* SEC_ASN1NotifyProc)(void *arg, PRBool before,
- void *dest, int real_depth);
-
-/*
- * Type of the function pointer used for grabbing encoded bytes.
- * This can be used during either encoding or decoding, as follows...
- *
- * When decoding, this can be used to filter the encoded bytes as they
- * are parsed. This is what you would do if you wanted to process the data
- * along the way (like to decrypt it, or to perform a hash on it in order
- * to do a signature check later). See SEC_ASN1DecoderSetFilterProc().
- * When processing only part of the encoded bytes is desired, you "watch"
- * for the field(s) you are interested in with a "notify proc" (see
- * SEC_ASN1DecoderSetNotifyProc()) and for even finer granularity (e.g. to
- * ignore all by the contents bytes) you pay attention to the "data_kind"
- * parameter.
- *
- * When encoding, this is the specification for the output function which
- * will receive the bytes as they are encoded. The output function can
- * perform any postprocessing necessary (like hashing (some of) the data
- * to create a digest that gets included at the end) as well as shoving
- * the data off wherever it needs to go. (In order to "tune" any processing,
- * you can set a "notify proc" as described above in the decoding case.)
- *
- * The parameters:
- * - "arg" is an opaque pointer that you provided at the same time you
- * specified a function of this type
- * - "data" is a buffer of length "len", containing the encoded bytes
- * - "depth" is how deep in a nested encoding we are (it is not usually
- * valuable, but can be useful sometimes so I included it)
- * - "data_kind" tells you if these bytes are part of the ASN.1 encoded
- * octets for identifier, length, contents, or end-of-contents
- */
-typedef void (* SEC_ASN1WriteProc)(void *arg,
- const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-
-#endif /* _SECASN1T_H_ */
diff --git a/security/nss/lib/util/secasn1u.c b/security/nss/lib/util/secasn1u.c
deleted file mode 100644
index 83673ca0b..000000000
--- a/security/nss/lib/util/secasn1u.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Utility routines to complement the ASN.1 encoding and decoding functions.
- *
- * $Id$
- */
-
-#include "secasn1.h"
-
-
-/*
- * We have a length that needs to be encoded; how many bytes will the
- * encoding take?
- *
- * The rules are that 0 - 0x7f takes one byte (the length itself is the
- * entire encoding); everything else takes one plus the number of bytes
- * in the length.
- */
-int
-SEC_ASN1LengthLength (unsigned long len)
-{
- int lenlen = 1;
-
- if (len > 0x7f) {
- do {
- lenlen++;
- len >>= 8;
- } while (len);
- }
-
- return lenlen;
-}
-
-
-/*
- * XXX Move over (and rewrite as appropriate) the rest of the
- * stuff in dersubr.c!
- */
-
-
-/*
- * Find the appropriate subtemplate for the given template.
- * This may involve calling a "chooser" function, or it may just
- * be right there. In either case, it is expected to *have* a
- * subtemplate; this is asserted in debug builds (in non-debug
- * builds, NULL will be returned).
- *
- * "thing" is a pointer to the structure being encoded/decoded
- * "encoding", when true, means that we are in the process of encoding
- * (as opposed to in the process of decoding)
- */
-const SEC_ASN1Template *
-SEC_ASN1GetSubtemplate (const SEC_ASN1Template *theTemplate, void *thing,
- PRBool encoding)
-{
- const SEC_ASN1Template *subt = NULL;
-
- PORT_Assert (theTemplate->sub != NULL);
- if (theTemplate->sub != NULL) {
- if (theTemplate->kind & SEC_ASN1_DYNAMIC) {
- SEC_ASN1TemplateChooserPtr chooserp;
-
- chooserp = *(SEC_ASN1TemplateChooserPtr *) theTemplate->sub;
- if (chooserp) {
- if (thing != NULL)
- thing = (char *)thing - theTemplate->offset;
- subt = (* chooserp)(thing, encoding);
- }
- } else {
- subt = (SEC_ASN1Template*)theTemplate->sub;
- }
- }
- return subt;
-}
diff --git a/security/nss/lib/util/seccomon.h b/security/nss/lib/util/seccomon.h
deleted file mode 100644
index f55f1311d..000000000
--- a/security/nss/lib/util/seccomon.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * seccomon.h - common data structures for security libraries
- *
- * This file should have lowest-common-denominator datastructures
- * for security libraries. It should not be dependent on any other
- * headers, and should not require linking with any libraries.
- *
- * $Id$
- */
-
-#ifndef _SECCOMMON_H_
-#define _SECCOMMON_H_
-
-#include "prtypes.h"
-
-
-#ifdef __cplusplus
-# define SEC_BEGIN_PROTOS extern "C" {
-# define SEC_END_PROTOS }
-#else
-# define SEC_BEGIN_PROTOS
-# define SEC_END_PROTOS
-#endif
-
-#include "secport.h"
-
-typedef enum {
- siBuffer = 0,
- siClearDataBuffer = 1,
- siCipherDataBuffer = 2,
- siDERCertBuffer = 3,
- siEncodedCertBuffer = 4,
- siDERNameBuffer = 5,
- siEncodedNameBuffer = 6,
- siAsciiNameString = 7,
- siAsciiString = 8,
- siDEROID = 9,
- siUnsignedInteger = 10
-} SECItemType;
-
-typedef struct SECItemStr SECItem;
-
-struct SECItemStr {
- SECItemType type;
- unsigned char *data;
- unsigned int len;
-};
-
-/*
-** A status code. Status's are used by procedures that return status
-** values. Again the motivation is so that a compiler can generate
-** warnings when return values are wrong. Correct testing of status codes:
-**
-** SECStatus rv;
-** rv = some_function (some_argument);
-** if (rv != SECSuccess)
-** do_an_error_thing();
-**
-*/
-typedef enum _SECStatus {
- SECWouldBlock = -2,
- SECFailure = -1,
- SECSuccess = 0
-} SECStatus;
-
-/*
-** A comparison code. Used for procedures that return comparision
-** values. Again the motivation is so that a compiler can generate
-** warnings when return values are wrong.
-*/
-typedef enum _SECComparison {
- SECLessThan = -1,
- SECEqual = 0,
- SECGreaterThan = 1
-} SECComparison;
-
-#endif /* _SECCOMMON_H_ */
diff --git a/security/nss/lib/util/secder.h b/security/nss/lib/util/secder.h
deleted file mode 100644
index fdd43b1de..000000000
--- a/security/nss/lib/util/secder.h
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECDER_H_
-#define _SECDER_H_
-
-/*
- * secder.h - public data structures and prototypes for the DER encoding and
- * decoding utilities library
- *
- * $Id$
- */
-
-#if defined(_WIN32_WCE)
-#else
-#include <time.h>
-#endif
-
-#include "plarena.h"
-#include "prlong.h"
-
-#include "seccomon.h"
-#include "secdert.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Decode a piece of der encoded data.
-** "dest" points to a structure that will be filled in with the
-** decoding results. (NOTE: it should be zeroed before calling;
-** optional/missing fields are not zero-filled by DER_Decode.)
-** "t" is a template structure which defines the shape of the
-** expected data.
-** "src" is the der encoded data.
-** NOTE: substructures of "dest" will be allocated as needed from
-** "arena", but data subfields will point directly into the buffer
-** passed in as src->data. That is, the resulting "dest" structure
-** will contain pointers back into src->data, which must remain
-** active (allocated) and unmodified for as long as "dest" is active.
-** If this is a potential problem, you may want to just dup the buffer
-** (allocated from "arena", probably) and pass *that* in instead.
-*/
-extern SECStatus DER_Decode(PRArenaPool *arena, void *dest, DERTemplate *t,
- SECItem *src);
-
-/*
-** Encode a data structure into DER.
-** "dest" will be filled in (and memory allocated) to hold the der
-** encoded structure in "src"
-** "t" is a template structure which defines the shape of the
-** stored data
-** "src" is a pointer to the structure that will be encoded
-*/
-extern SECStatus DER_Encode(PRArenaPool *arena, SECItem *dest, DERTemplate *t,
- void *src);
-
-extern SECStatus DER_Lengths(SECItem *item, int *header_len_p, uint32 *contents_len_p);
-
-/*
-** Lower level der subroutine that stores the standard header into "to".
-** The header is of variable length, based on encodingLen.
-** The return value is the new value of "to" after skipping over the header.
-** "to" is where the header will be stored
-** "code" is the der code to write
-** "encodingLen" is the number of bytes of data that will follow
-** the header
-*/
-extern unsigned char *DER_StoreHeader(unsigned char *to, unsigned int code,
- uint32 encodingLen);
-
-/*
-** Return the number of bytes it will take to hold a der encoded length.
-*/
-extern int DER_LengthLength(uint32 len);
-
-/*
-** Store a der encoded *signed* integer (whose value is "src") into "dst".
-** XXX This should really be enhanced to take a long.
-*/
-extern SECStatus DER_SetInteger(PRArenaPool *arena, SECItem *dst, int32 src);
-
-/*
-** Store a der encoded *unsigned* integer (whose value is "src") into "dst".
-** XXX This should really be enhanced to take an unsigned long.
-*/
-extern SECStatus DER_SetUInteger(PRArenaPool *arena, SECItem *dst, uint32 src);
-
-/*
-** Decode a der encoded *signed* integer that is stored in "src".
-** If "-1" is returned, then the caller should check the error in
-** XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
-*/
-extern long DER_GetInteger(SECItem *src);
-
-/*
-** Decode a der encoded *unsigned* integer that is stored in "src".
-** If the ULONG_MAX is returned, then the caller should check the error
-** in XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
-*/
-extern unsigned long DER_GetUInteger(SECItem *src);
-
-/*
-** Convert a "UNIX" time value to a der encoded time value.
-** "result" is the der encoded time (memory is allocated)
-** "time" is the "UNIX" time value (Since Jan 1st, 1970).
-** The caller is responsible for freeing up the buffer which
-** result->data points to upon a successfull operation.
-*/
-extern SECStatus DER_TimeToUTCTime(SECItem *result, int64 time);
-
-/*
-** Convert an ascii encoded time value (according to DER rules) into
-** a UNIX time value.
-** "result" the resulting "UNIX" time
-** "string" the der notation ascii value to decode
-*/
-extern SECStatus DER_AsciiToTime(int64 *result, char *string);
-
-/*
-** Same as DER_AsciiToTime except takes an SECItem instead of a string
-*/
-extern SECStatus DER_UTCTimeToTime(int64 *result, SECItem *time);
-
-/*
-** Convert a DER encoded UTC time to an ascii time representation
-** "utctime" is the DER encoded UTC time to be converted. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *DER_UTCTimeToAscii(SECItem *utcTime);
-
-/*
-** Convert a DER encoded UTC time to an ascii time representation, but only
-** include the day, not the time.
-** "utctime" is the DER encoded UTC time to be converted.
-** The caller is responsible for deallocating the returned buffer.
-*/
-extern char *DER_UTCDayToAscii(SECItem *utctime);
-
-/*
-** Convert a int64 time to a DER encoded Generalized time
-*/
-extern SECStatus DER_TimeToGeneralizedTime(SECItem *dst, int64 gmttime);
-
-/*
-** Convert a DER encoded Generalized time value into a UNIX time value.
-** "dst" the resulting "UNIX" time
-** "string" the der notation ascii value to decode
-*/
-extern SECStatus DER_GeneralizedTimeToTime(int64 *dst, SECItem *time);
-
-/*
-** Convert from a int64 UTC time value to a formatted ascii value. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *CERT_UTCTime2FormattedAscii (int64 utcTime, char *format);
-
-
-/*
-** Convert from a int64 Generalized time value to a formatted ascii value. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *CERT_GenTime2FormattedAscii (int64 genTime, char *format);
-
-SEC_END_PROTOS
-
-#endif /* _SECDER_H_ */
-
diff --git a/security/nss/lib/util/secdert.h b/security/nss/lib/util/secdert.h
deleted file mode 100644
index 86f3451cf..000000000
--- a/security/nss/lib/util/secdert.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECDERT_H_
-#define _SECDERT_H_
-/*
- * secdert.h - public data structures for the DER encoding and
- * decoding utilities library
- *
- * $Id$
- */
-
-typedef struct DERTemplateStr DERTemplate;
-
-/*
-** An array of these structures defines an encoding for an object using DER.
-** The array usually starts with a dummy entry whose kind is DER_SEQUENCE;
-** such an array is terminated with an entry where kind == 0. (An array
-** which consists of a single component does not require a second dummy
-** entry -- the array is only searched as long as previous component(s)
-** instruct it.)
-*/
-struct DERTemplateStr {
- /*
- ** Kind of item being decoded/encoded, including tags and modifiers.
- */
- unsigned long kind;
-
- /*
- ** Offset from base of structure to field that holds the value
- ** being decoded/encoded.
- */
- unsigned int offset;
-
- /*
- ** When kind suggests it (DER_POINTER, DER_INDEFINITE, DER_INLINE),
- ** this points to a sub-template for nested encoding/decoding.
- */
- DERTemplate *sub;
-
- /*
- ** Argument value, dependent on "kind" and/or template placement
- ** within an array of templates:
- ** - In the first element of a template array, the value is the
- ** size of the structure to allocate when this template is being
- ** referenced by another template via DER_POINTER or DER_INDEFINITE.
- ** - In a component of a DER_SET or DER_SEQUENCE which is *not* a
- ** DER_UNIVERSAL type (that is, it has a class tag for either
- ** DER_APPLICATION, DER_CONTEXT_SPECIFIC, or DER_PRIVATE), the
- ** value is the underlying type of item being decoded/encoded.
- */
- unsigned long arg;
-};
-
-/************************************************************************/
-
-/* default chunksize for arenas used for DER stuff */
-#define DER_DEFAULT_CHUNKSIZE (2048)
-
-/*
-** BER/DER values for ASN.1 identifier octets.
-*/
-#define DER_TAG_MASK 0xff
-
-/*
- * BER/DER universal type tag numbers.
- * The values are defined by the X.208 standard; do not change them!
- * NOTE: if you add anything to this list, you must add code to derdec.c
- * to accept the tag, and probably also to derenc.c to encode it.
- */
-#define DER_TAGNUM_MASK 0x1f
-#define DER_BOOLEAN 0x01
-#define DER_INTEGER 0x02
-#define DER_BIT_STRING 0x03
-#define DER_OCTET_STRING 0x04
-#define DER_NULL 0x05
-#define DER_OBJECT_ID 0x06
-#define DER_SEQUENCE 0x10
-#define DER_SET 0x11
-#define DER_PRINTABLE_STRING 0x13
-#define DER_T61_STRING 0x14
-#define DER_IA5_STRING 0x16
-#define DER_UTC_TIME 0x17
-#define DER_VISIBLE_STRING 0x1a
-#define DER_HIGH_TAG_NUMBER 0x1f
-
-/*
-** Modifiers to type tags. These are also specified by a/the
-** standard, and must not be changed.
-*/
-
-#define DER_METHOD_MASK 0x20
-#define DER_PRIMITIVE 0x00
-#define DER_CONSTRUCTED 0x20
-
-#define DER_CLASS_MASK 0xc0
-#define DER_UNIVERSAL 0x00
-#define DER_APPLICATION 0x40
-#define DER_CONTEXT_SPECIFIC 0x80
-#define DER_PRIVATE 0xc0
-
-/*
-** Our additions, used for templates.
-** These are not defined by any standard; the values are used internally only.
-** Just be careful to keep them out of the low 8 bits.
-*/
-#define DER_OPTIONAL 0x00100
-#define DER_EXPLICIT 0x00200
-#define DER_ANY 0x00400
-#define DER_INLINE 0x00800
-#define DER_POINTER 0x01000
-#define DER_INDEFINITE 0x02000
-#define DER_DERPTR 0x04000
-#define DER_SKIP 0x08000
-#define DER_FORCE 0x10000
-#define DER_OUTER 0x40000 /* for DER_DERPTR */
-
-/*
-** Macro to convert der decoded bit string into a decoded octet
-** string. All it needs to do is fiddle with the length code.
-*/
-#define DER_ConvertBitString(item) \
-{ \
- (item)->len = ((item)->len + 7) >> 3; \
-}
-
-extern DERTemplate SECAnyTemplate[];
-extern DERTemplate SECBitStringTemplate[];
-extern DERTemplate SECBooleanTemplate[];
-extern DERTemplate SECIA5StringTemplate[];
-extern DERTemplate SECIntegerTemplate[];
-extern DERTemplate SECNullTemplate[];
-extern DERTemplate SECObjectIDTemplate[];
-extern DERTemplate SECOctetStringTemplate[];
-extern DERTemplate SECPrintableStringTemplate[];
-extern DERTemplate SECT61StringTemplate[];
-extern DERTemplate SECUTCTimeTemplate[];
-extern DERTemplate SECAlgorithmIDTemplate[];
-
-#endif /* _SECDERT_H_ */
diff --git a/security/nss/lib/util/secdig.c b/security/nss/lib/util/secdig.c
deleted file mode 100644
index 307e20d5e..000000000
--- a/security/nss/lib/util/secdig.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "secdig.h"
-
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-/*
- * XXX OLD Template. Once all uses have been switched over to new one,
- * remove this.
- */
-DERTemplate SGNDigestInfoTemplate[] = {
- { DER_SEQUENCE,
- 0, NULL, sizeof(SGNDigestInfo) },
- { DER_INLINE,
- offsetof(SGNDigestInfo,digestAlgorithm),
- SECAlgorithmIDTemplate, },
- { DER_OCTET_STRING,
- offsetof(SGNDigestInfo,digest), },
- { 0, }
-};
-
-/* XXX See comment below about SGN_DecodeDigestInfo -- keep this static! */
-/* XXX Changed from static -- need to change name? */
-const SEC_ASN1Template sgn_DigestInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SGNDigestInfo) },
- { SEC_ASN1_INLINE,
- offsetof(SGNDigestInfo,digestAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SGNDigestInfo,digest) },
- { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(sgn_DigestInfoTemplate)
-
-/*
- * XXX Want to have a SGN_DecodeDigestInfo, like:
- * SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
- * that creates a pool and allocates from it and decodes didata into
- * the newly allocated DigestInfo structure. Then fix secvfy.c (it
- * will no longer need an arena itself) to call this and then call
- * DestroyDigestInfo when it is done, then can remove the old template
- * above and keep our new template static and "hidden".
- */
-
-/*
- * XXX It might be nice to combine the following two functions (create
- * and encode). I think that is all anybody ever wants to do anyway.
- */
-
-SECItem *
-SGN_EncodeDigestInfo(PRArenaPool *poolp, SECItem *dest, SGNDigestInfo *diginfo)
-{
- return SEC_ASN1EncodeItem (poolp, dest, diginfo, sgn_DigestInfoTemplate);
-}
-
-SGNDigestInfo *
-SGN_CreateDigestInfo(SECOidTag algorithm, unsigned char *sig, unsigned len)
-{
- SGNDigestInfo *di;
- SECStatus rv;
- PRArenaPool *arena;
- SECItem *null_param;
- SECItem dummy_value;
-
- switch (algorithm) {
- case SEC_OID_MD2:
- case SEC_OID_MD5:
- case SEC_OID_SHA1:
- case SEC_OID_SHA256:
- case SEC_OID_SHA384:
- case SEC_OID_SHA512:
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return NULL;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return NULL;
- }
-
- di = (SGNDigestInfo *) PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
- if (di == NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
- }
-
- di->arena = arena;
-
- /*
- * PKCS #1 specifies that the AlgorithmID must have a NULL parameter
- * (as opposed to no parameter at all).
- */
- dummy_value.data = NULL;
- dummy_value.len = 0;
- null_param = SEC_ASN1EncodeItem(NULL, NULL, &dummy_value, SEC_NullTemplate);
- if (null_param == NULL) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &di->digestAlgorithm, algorithm,
- null_param);
-
- SECITEM_FreeItem(null_param, PR_TRUE);
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- di->digest.data = (unsigned char *) PORT_ArenaAlloc(arena, len);
- if (di->digest.data == NULL) {
- goto loser;
- }
-
- di->digest.len = len;
- PORT_Memcpy(di->digest.data, sig, len);
- return di;
-
- loser:
- SGN_DestroyDigestInfo(di);
- return NULL;
-}
-
-SGNDigestInfo *
-SGN_DecodeDigestInfo(SECItem *didata)
-{
- PRArenaPool *arena;
- SGNDigestInfo *di;
- SECStatus rv = SECFailure;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(arena == NULL)
- return NULL;
-
- di = (SGNDigestInfo *)PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
- if(di != NULL)
- {
- di->arena = arena;
- rv = SEC_ASN1DecodeItem(arena, di, sgn_DigestInfoTemplate, didata);
- }
-
- if((di == NULL) || (rv != SECSuccess))
- {
- PORT_FreeArena(arena, PR_TRUE);
- di = NULL;
- }
-
- return di;
-}
-
-void
-SGN_DestroyDigestInfo(SGNDigestInfo *di)
-{
- if (di && di->arena) {
- PORT_FreeArena(di->arena, PR_FALSE);
- }
-
- return;
-}
-
-SECStatus
-SGN_CopyDigestInfo(PRArenaPool *poolp, SGNDigestInfo *a, SGNDigestInfo *b)
-{
- SECStatus rv;
- void *mark;
-
- if((poolp == NULL) || (a == NULL) || (b == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(poolp);
- a->arena = poolp;
- rv = SECOID_CopyAlgorithmID(poolp, &a->digestAlgorithm,
- &b->digestAlgorithm);
- if (rv == SECSuccess)
- rv = SECITEM_CopyItem(poolp, &a->digest, &b->digest);
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return rv;
-}
-
-SECComparison
-SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b)
-{
- SECComparison rv;
-
- /* Check signature algorithm's */
- rv = SECOID_CompareAlgorithmID(&a->digestAlgorithm, &b->digestAlgorithm);
- if (rv) return rv;
-
- /* Compare signature block length's */
- rv = SECITEM_CompareItem(&a->digest, &b->digest);
- return rv;
-}
diff --git a/security/nss/lib/util/secdig.h b/security/nss/lib/util/secdig.h
deleted file mode 100644
index 048604554..000000000
--- a/security/nss/lib/util/secdig.h
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SECDIG_H_
-#define _SECDIG_H_
-
-#include "secdigt.h"
-
-#include "seccomon.h"
-#include "secasn1t.h"
-#include "secdert.h"
-
-SEC_BEGIN_PROTOS
-
-
-extern const SEC_ASN1Template sgn_DigestInfoTemplate[];
-
-SEC_ASN1_CHOOSER_DECLARE(sgn_DigestInfoTemplate)
-
-extern DERTemplate SGNDigestInfoTemplate[];
-
-
-/****************************************/
-/*
-** Digest-info functions
-*/
-
-/*
-** Create a new digest-info object
-** "algorithm" one of SEC_OID_MD2, SEC_OID_MD5, or SEC_OID_SHA1
-** "sig" the raw signature data (from MD2 or MD5)
-** "sigLen" the length of the signature data
-**
-** NOTE: this is a low level routine used to prepare some data for PKCS#1
-** digital signature formatting.
-**
-** XXX It might be nice to combine the create and encode functions.
-** I think that is all anybody ever wants to do anyway.
-*/
-extern SGNDigestInfo *SGN_CreateDigestInfo(SECOidTag algorithm,
- unsigned char *sig,
- unsigned int sigLen);
-
-/*
-** Destroy a digest-info object
-*/
-extern void SGN_DestroyDigestInfo(SGNDigestInfo *info);
-
-/*
-** Encode a digest-info object
-** "poolp" is where to allocate the result from; it can be NULL in
-** which case generic heap allocation (XP_ALLOC) will be used
-** "dest" is where to store the result; it can be NULL, in which case
-** it will be allocated (from poolp or heap, as explained above)
-** "diginfo" is the object to be encoded
-** The return value is NULL if any error occurred, otherwise it is the
-** resulting SECItem (either allocated or the same as the "dest" parameter).
-**
-** XXX It might be nice to combine the create and encode functions.
-** I think that is all anybody ever wants to do anyway.
-*/
-extern SECItem *SGN_EncodeDigestInfo(PRArenaPool *poolp, SECItem *dest,
- SGNDigestInfo *diginfo);
-
-/*
-** Decode a DER encoded digest info objct.
-** didata is thr source of the encoded digest.
-** The return value is NULL if an error occurs. Otherwise, a
-** digest info object which is allocated within it's own
-** pool is returned. The digest info should be deleted
-** by later calling SGN_DestroyDigestInfo.
-*/
-extern SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
-
-
-/*
-** Copy digest info.
-** poolp is the arena to which the digest will be copied.
-** a is the destination digest, it must be non-NULL.
-** b is the source digest
-** This function is for copying digests. It allows digests
-** to be copied into a specified pool. If the digest is in
-** the same pool as other data, you do not want to delete
-** the digest by calling SGN_DestroyDigestInfo.
-** A return value of SECFailure indicates an error. A return
-** of SECSuccess indicates no error occured.
-*/
-extern SECStatus SGN_CopyDigestInfo(PRArenaPool *poolp,
- SGNDigestInfo *a,
- SGNDigestInfo *b);
-
-/*
-** Compare two digest-info objects, returning the difference between
-** them.
-*/
-extern SECComparison SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECDIG_H_ */
diff --git a/security/nss/lib/util/secdigt.h b/security/nss/lib/util/secdigt.h
deleted file mode 100644
index fea6daa99..000000000
--- a/security/nss/lib/util/secdigt.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * secdigt.h - public data structures for digestinfos from the util lib.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SECDIGT_H_
-#define _SECDIGT_H_
-
-#include "plarena.h"
-#include "secoidt.h"
-#include "secitem.h"
-
-/*
-** A PKCS#1 digest-info object
-*/
-struct SGNDigestInfoStr {
- PLArenaPool * arena;
- SECAlgorithmID digestAlgorithm;
- SECItem digest;
-};
-typedef struct SGNDigestInfoStr SGNDigestInfo;
-
-
-
-#endif /* _SECDIGT_H_ */
diff --git a/security/nss/lib/util/secerr.h b/security/nss/lib/util/secerr.h
deleted file mode 100644
index e69449e7f..000000000
--- a/security/nss/lib/util/secerr.h
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __SEC_ERR_H_
-#define __SEC_ERR_H_
-
-
-#define SEC_ERROR_BASE (-0x2000)
-#define SEC_ERROR_LIMIT (SEC_ERROR_BASE + 1000)
-
-#define IS_SEC_ERROR(code) \
- (((code) >= SEC_ERROR_BASE) && ((code) < SEC_ERROR_LIMIT))
-
-#ifndef NO_SECURITY_ERROR_ENUM
-typedef enum {
-SEC_ERROR_IO = SEC_ERROR_BASE + 0,
-SEC_ERROR_LIBRARY_FAILURE = SEC_ERROR_BASE + 1,
-SEC_ERROR_BAD_DATA = SEC_ERROR_BASE + 2,
-SEC_ERROR_OUTPUT_LEN = SEC_ERROR_BASE + 3,
-SEC_ERROR_INPUT_LEN = SEC_ERROR_BASE + 4,
-SEC_ERROR_INVALID_ARGS = SEC_ERROR_BASE + 5,
-SEC_ERROR_INVALID_ALGORITHM = SEC_ERROR_BASE + 6,
-SEC_ERROR_INVALID_AVA = SEC_ERROR_BASE + 7,
-SEC_ERROR_INVALID_TIME = SEC_ERROR_BASE + 8,
-SEC_ERROR_BAD_DER = SEC_ERROR_BASE + 9,
-SEC_ERROR_BAD_SIGNATURE = SEC_ERROR_BASE + 10,
-SEC_ERROR_EXPIRED_CERTIFICATE = SEC_ERROR_BASE + 11,
-SEC_ERROR_REVOKED_CERTIFICATE = SEC_ERROR_BASE + 12,
-SEC_ERROR_UNKNOWN_ISSUER = SEC_ERROR_BASE + 13,
-SEC_ERROR_BAD_KEY = SEC_ERROR_BASE + 14,
-SEC_ERROR_BAD_PASSWORD = SEC_ERROR_BASE + 15,
-SEC_ERROR_RETRY_PASSWORD = SEC_ERROR_BASE + 16,
-SEC_ERROR_NO_NODELOCK = SEC_ERROR_BASE + 17,
-SEC_ERROR_BAD_DATABASE = SEC_ERROR_BASE + 18,
-SEC_ERROR_NO_MEMORY = SEC_ERROR_BASE + 19,
-SEC_ERROR_UNTRUSTED_ISSUER = SEC_ERROR_BASE + 20,
-SEC_ERROR_UNTRUSTED_CERT = SEC_ERROR_BASE + 21,
-SEC_ERROR_DUPLICATE_CERT = (SEC_ERROR_BASE + 22),
-SEC_ERROR_DUPLICATE_CERT_NAME = (SEC_ERROR_BASE + 23),
-SEC_ERROR_ADDING_CERT = (SEC_ERROR_BASE + 24),
-SEC_ERROR_FILING_KEY = (SEC_ERROR_BASE + 25),
-SEC_ERROR_NO_KEY = (SEC_ERROR_BASE + 26),
-SEC_ERROR_CERT_VALID = (SEC_ERROR_BASE + 27),
-SEC_ERROR_CERT_NOT_VALID = (SEC_ERROR_BASE + 28),
-SEC_ERROR_CERT_NO_RESPONSE = (SEC_ERROR_BASE + 29),
-SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE = (SEC_ERROR_BASE + 30),
-SEC_ERROR_CRL_EXPIRED = (SEC_ERROR_BASE + 31),
-SEC_ERROR_CRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 32),
-SEC_ERROR_CRL_INVALID = (SEC_ERROR_BASE + 33),
-SEC_ERROR_EXTENSION_VALUE_INVALID = (SEC_ERROR_BASE + 34),
-SEC_ERROR_EXTENSION_NOT_FOUND = (SEC_ERROR_BASE + 35),
-SEC_ERROR_CA_CERT_INVALID = (SEC_ERROR_BASE + 36),
-SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID = (SEC_ERROR_BASE + 37),
-SEC_ERROR_CERT_USAGES_INVALID = (SEC_ERROR_BASE + 38),
-SEC_INTERNAL_ONLY = (SEC_ERROR_BASE + 39),
-SEC_ERROR_INVALID_KEY = (SEC_ERROR_BASE + 40),
-SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 41),
-SEC_ERROR_OLD_CRL = (SEC_ERROR_BASE + 42),
-SEC_ERROR_NO_EMAIL_CERT = (SEC_ERROR_BASE + 43),
-SEC_ERROR_NO_RECIPIENT_CERTS_QUERY = (SEC_ERROR_BASE + 44),
-SEC_ERROR_NOT_A_RECIPIENT = (SEC_ERROR_BASE + 45),
-SEC_ERROR_PKCS7_KEYALG_MISMATCH = (SEC_ERROR_BASE + 46),
-SEC_ERROR_PKCS7_BAD_SIGNATURE = (SEC_ERROR_BASE + 47),
-SEC_ERROR_UNSUPPORTED_KEYALG = (SEC_ERROR_BASE + 48),
-SEC_ERROR_DECRYPTION_DISALLOWED = (SEC_ERROR_BASE + 49),
-/* Fortezza Alerts */
-XP_SEC_FORTEZZA_BAD_CARD = (SEC_ERROR_BASE + 50),
-XP_SEC_FORTEZZA_NO_CARD = (SEC_ERROR_BASE + 51),
-XP_SEC_FORTEZZA_NONE_SELECTED = (SEC_ERROR_BASE + 52),
-XP_SEC_FORTEZZA_MORE_INFO = (SEC_ERROR_BASE + 53),
-XP_SEC_FORTEZZA_PERSON_NOT_FOUND = (SEC_ERROR_BASE + 54),
-XP_SEC_FORTEZZA_NO_MORE_INFO = (SEC_ERROR_BASE + 55),
-XP_SEC_FORTEZZA_BAD_PIN = (SEC_ERROR_BASE + 56),
-XP_SEC_FORTEZZA_PERSON_ERROR = (SEC_ERROR_BASE + 57),
-SEC_ERROR_NO_KRL = (SEC_ERROR_BASE + 58),
-SEC_ERROR_KRL_EXPIRED = (SEC_ERROR_BASE + 59),
-SEC_ERROR_KRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 60),
-SEC_ERROR_REVOKED_KEY = (SEC_ERROR_BASE + 61),
-SEC_ERROR_KRL_INVALID = (SEC_ERROR_BASE + 62),
-SEC_ERROR_NEED_RANDOM = (SEC_ERROR_BASE + 63),
-SEC_ERROR_NO_MODULE = (SEC_ERROR_BASE + 64),
-SEC_ERROR_NO_TOKEN = (SEC_ERROR_BASE + 65),
-SEC_ERROR_READ_ONLY = (SEC_ERROR_BASE + 66),
-SEC_ERROR_NO_SLOT_SELECTED = (SEC_ERROR_BASE + 67),
-SEC_ERROR_CERT_NICKNAME_COLLISION = (SEC_ERROR_BASE + 68),
-SEC_ERROR_KEY_NICKNAME_COLLISION = (SEC_ERROR_BASE + 69),
-SEC_ERROR_SAFE_NOT_CREATED = (SEC_ERROR_BASE + 70),
-SEC_ERROR_BAGGAGE_NOT_CREATED = (SEC_ERROR_BASE + 71),
-XP_JAVA_REMOVE_PRINCIPAL_ERROR = (SEC_ERROR_BASE + 72),
-XP_JAVA_DELETE_PRIVILEGE_ERROR = (SEC_ERROR_BASE + 73),
-XP_JAVA_CERT_NOT_EXISTS_ERROR = (SEC_ERROR_BASE + 74),
-SEC_ERROR_BAD_EXPORT_ALGORITHM = (SEC_ERROR_BASE + 75),
-SEC_ERROR_EXPORTING_CERTIFICATES = (SEC_ERROR_BASE + 76),
-SEC_ERROR_IMPORTING_CERTIFICATES = (SEC_ERROR_BASE + 77),
-SEC_ERROR_PKCS12_DECODING_PFX = (SEC_ERROR_BASE + 78),
-SEC_ERROR_PKCS12_INVALID_MAC = (SEC_ERROR_BASE + 79),
-SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM = (SEC_ERROR_BASE + 80),
-SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE = (SEC_ERROR_BASE + 81),
-SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE = (SEC_ERROR_BASE + 82),
-SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM = (SEC_ERROR_BASE + 83),
-SEC_ERROR_PKCS12_UNSUPPORTED_VERSION = (SEC_ERROR_BASE + 84),
-SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT = (SEC_ERROR_BASE + 85),
-SEC_ERROR_PKCS12_CERT_COLLISION = (SEC_ERROR_BASE + 86),
-SEC_ERROR_USER_CANCELLED = (SEC_ERROR_BASE + 87),
-SEC_ERROR_PKCS12_DUPLICATE_DATA = (SEC_ERROR_BASE + 88),
-SEC_ERROR_MESSAGE_SEND_ABORTED = (SEC_ERROR_BASE + 89),
-SEC_ERROR_INADEQUATE_KEY_USAGE = (SEC_ERROR_BASE + 90),
-SEC_ERROR_INADEQUATE_CERT_TYPE = (SEC_ERROR_BASE + 91),
-SEC_ERROR_CERT_ADDR_MISMATCH = (SEC_ERROR_BASE + 92),
-SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY = (SEC_ERROR_BASE + 93),
-SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN = (SEC_ERROR_BASE + 94),
-SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME = (SEC_ERROR_BASE + 95),
-SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY = (SEC_ERROR_BASE + 96),
-SEC_ERROR_PKCS12_UNABLE_TO_WRITE = (SEC_ERROR_BASE + 97),
-SEC_ERROR_PKCS12_UNABLE_TO_READ = (SEC_ERROR_BASE + 98),
-SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED = (SEC_ERROR_BASE + 99),
-SEC_ERROR_KEYGEN_FAIL = (SEC_ERROR_BASE + 100),
-SEC_ERROR_INVALID_PASSWORD = (SEC_ERROR_BASE + 101),
-SEC_ERROR_RETRY_OLD_PASSWORD = (SEC_ERROR_BASE + 102),
-SEC_ERROR_BAD_NICKNAME = (SEC_ERROR_BASE + 103),
-SEC_ERROR_NOT_FORTEZZA_ISSUER = (SEC_ERROR_BASE + 104),
-SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY = (SEC_ERROR_BASE + 105),
-SEC_ERROR_JS_INVALID_MODULE_NAME = (SEC_ERROR_BASE + 106),
-SEC_ERROR_JS_INVALID_DLL = (SEC_ERROR_BASE + 107),
-SEC_ERROR_JS_ADD_MOD_FAILURE = (SEC_ERROR_BASE + 108),
-SEC_ERROR_JS_DEL_MOD_FAILURE = (SEC_ERROR_BASE + 109),
-SEC_ERROR_OLD_KRL = (SEC_ERROR_BASE + 110),
-SEC_ERROR_CKL_CONFLICT = (SEC_ERROR_BASE + 111),
-SEC_ERROR_CERT_NOT_IN_NAME_SPACE = (SEC_ERROR_BASE + 112),
-SEC_ERROR_KRL_NOT_YET_VALID = (SEC_ERROR_BASE + 113),
-SEC_ERROR_CRL_NOT_YET_VALID = (SEC_ERROR_BASE + 114),
-SEC_ERROR_UNKNOWN_CERT = (SEC_ERROR_BASE + 115),
-SEC_ERROR_UNKNOWN_SIGNER = (SEC_ERROR_BASE + 116),
-SEC_ERROR_CERT_BAD_ACCESS_LOCATION = (SEC_ERROR_BASE + 117),
-SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE = (SEC_ERROR_BASE + 118),
-SEC_ERROR_OCSP_BAD_HTTP_RESPONSE = (SEC_ERROR_BASE + 119),
-SEC_ERROR_OCSP_MALFORMED_REQUEST = (SEC_ERROR_BASE + 120),
-SEC_ERROR_OCSP_SERVER_ERROR = (SEC_ERROR_BASE + 121),
-SEC_ERROR_OCSP_TRY_SERVER_LATER = (SEC_ERROR_BASE + 122),
-SEC_ERROR_OCSP_REQUEST_NEEDS_SIG = (SEC_ERROR_BASE + 123),
-SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST = (SEC_ERROR_BASE + 124),
-SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS = (SEC_ERROR_BASE + 125),
-SEC_ERROR_OCSP_UNKNOWN_CERT = (SEC_ERROR_BASE + 126),
-SEC_ERROR_OCSP_NOT_ENABLED = (SEC_ERROR_BASE + 127),
-SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER = (SEC_ERROR_BASE + 128),
-SEC_ERROR_OCSP_MALFORMED_RESPONSE = (SEC_ERROR_BASE + 129),
-SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE = (SEC_ERROR_BASE + 130),
-SEC_ERROR_OCSP_FUTURE_RESPONSE = (SEC_ERROR_BASE + 131),
-SEC_ERROR_OCSP_OLD_RESPONSE = (SEC_ERROR_BASE + 132),
-/* smime stuff */
-SEC_ERROR_DIGEST_NOT_FOUND = (SEC_ERROR_BASE + 133),
-SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE = (SEC_ERROR_BASE + 134),
-SEC_ERROR_MODULE_STUCK = (SEC_ERROR_BASE + 135),
-SEC_ERROR_BAD_TEMPLATE = (SEC_ERROR_BASE + 136),
-SEC_ERROR_CRL_NOT_FOUND = (SEC_ERROR_BASE + 137),
-SEC_ERROR_REUSED_ISSUER_AND_SERIAL = (SEC_ERROR_BASE + 138),
-SEC_ERROR_BUSY = (SEC_ERROR_BASE + 139),
-SEC_ERROR_EXTRA_INPUT = (SEC_ERROR_BASE + 140),
-/* error codes used by elliptic curve code */
-SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE = (SEC_ERROR_BASE + 141),
-SEC_ERROR_UNSUPPORTED_EC_POINT_FORM = (SEC_ERROR_BASE + 142),
-SEC_ERROR_UNRECOGNIZED_OID = (SEC_ERROR_BASE + 143)
-
-} SECErrorCodes;
-#endif /* NO_SECURITY_ERROR_ENUM */
-
-#endif /* __SEC_ERR_H_ */
diff --git a/security/nss/lib/util/secinit.c b/security/nss/lib/util/secinit.c
deleted file mode 100644
index a18b1243b..000000000
--- a/security/nss/lib/util/secinit.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "secport.h"
-
-static int sec_inited = 0;
-
-void
-SEC_Init(void)
-{
- /* PR_Init() must be called before SEC_Init() */
-#if !defined(SERVER_BUILD)
- PORT_Assert(PR_Initialized() == PR_TRUE);
-#endif
- if (sec_inited)
- return;
-
- sec_inited = 1;
-}
diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c
deleted file mode 100644
index 012a403af..000000000
--- a/security/nss/lib/util/secitem.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for SECItem data structure.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "base64.h"
-#include "secerr.h"
-
-SECItem *
-SECITEM_AllocItem(PRArenaPool *arena, SECItem *item, unsigned int len)
-{
- SECItem *result = NULL;
- void *mark = NULL;
-
- if (arena != NULL) {
- mark = PORT_ArenaMark(arena);
- }
-
- if (item == NULL) {
- if (arena != NULL) {
- result = PORT_ArenaZAlloc(arena, sizeof(SECItem));
- } else {
- result = PORT_ZAlloc(sizeof(SECItem));
- }
- if (result == NULL) {
- goto loser;
- }
- } else {
- PORT_Assert(item->data == NULL);
- result = item;
- }
-
- result->len = len;
- if (len) {
- if (arena != NULL) {
- result->data = PORT_ArenaAlloc(arena, len);
- } else {
- result->data = PORT_Alloc(len);
- }
- }
-
- if (mark) {
- PORT_ArenaUnmark(arena, mark);
- }
- return(result);
-
-loser:
- if ( arena != NULL ) {
- if (mark) {
- PORT_ArenaRelease(arena, mark);
- }
- if (item != NULL) {
- item->data = NULL;
- item->len = 0;
- }
- } else {
- if (result != NULL) {
- SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE);
- }
- }
- return(NULL);
-}
-
-SECStatus
-SECITEM_ReallocItem(PRArenaPool *arena, SECItem *item, unsigned int oldlen,
- unsigned int newlen)
-{
- PORT_Assert(item != NULL);
- if (item == NULL) {
- /* XXX Set error. But to what? */
- return SECFailure;
- }
-
- /*
- * If no old length, degenerate to just plain alloc.
- */
- if (oldlen == 0) {
- PORT_Assert(item->data == NULL || item->len == 0);
- if (newlen == 0) {
- /* Nothing to do. Weird, but not a failure. */
- return SECSuccess;
- }
- item->len = newlen;
- if (arena != NULL) {
- item->data = PORT_ArenaAlloc(arena, newlen);
- } else {
- item->data = PORT_Alloc(newlen);
- }
- } else {
- if (arena != NULL) {
- item->data = PORT_ArenaGrow(arena, item->data, oldlen, newlen);
- } else {
- item->data = PORT_Realloc(item->data, newlen);
- }
- }
-
- if (item->data == NULL) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-SECComparison
-SECITEM_CompareItem(const SECItem *a, const SECItem *b)
-{
- unsigned m;
- SECComparison rv;
-
- m = ( ( a->len < b->len ) ? a->len : b->len );
-
- rv = (SECComparison) PORT_Memcmp(a->data, b->data, m);
- if (rv) {
- return rv;
- }
- if (a->len < b->len) {
- return SECLessThan;
- }
- if (a->len == b->len) {
- return SECEqual;
- }
- return SECGreaterThan;
-}
-
-PRBool
-SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b)
-{
- if (SECITEM_CompareItem(a, b) == SECEqual)
- return PR_TRUE;
-
- return PR_FALSE;
-}
-
-SECItem *
-SECITEM_DupItem(const SECItem *from)
-{
- SECItem *to;
-
- if ( from == NULL ) {
- return(NULL);
- }
-
- to = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if ( to == NULL ) {
- return(NULL);
- }
-
- to->data = (unsigned char *)PORT_Alloc(from->len);
- if ( to->data == NULL ) {
- PORT_Free(to);
- return(NULL);
- }
-
- to->len = from->len;
- to->type = from->type;
- PORT_Memcpy(to->data, from->data, to->len);
-
- return(to);
-}
-
-SECStatus
-SECITEM_CopyItem(PRArenaPool *arena, SECItem *to, const SECItem *from)
-{
- to->type = from->type;
- if (from->data && from->len) {
- if ( arena ) {
- to->data = (unsigned char*) PORT_ArenaAlloc(arena, from->len);
- } else {
- to->data = (unsigned char*) PORT_Alloc(from->len);
- }
-
- if (!to->data) {
- return SECFailure;
- }
- PORT_Memcpy(to->data, from->data, from->len);
- to->len = from->len;
- } else {
- to->data = 0;
- to->len = 0;
- }
- return SECSuccess;
-}
-
-void
-SECITEM_FreeItem(SECItem *zap, PRBool freeit)
-{
- if (zap) {
- PORT_Free(zap->data);
- zap->data = 0;
- zap->len = 0;
- if (freeit) {
- PORT_Free(zap);
- }
- }
-}
-
-void
-SECITEM_ZfreeItem(SECItem *zap, PRBool freeit)
-{
- if (zap) {
- PORT_ZFree(zap->data, zap->len);
- zap->data = 0;
- zap->len = 0;
- if (freeit) {
- PORT_ZFree(zap, sizeof(SECItem));
- }
- }
-}
-/* these reroutines were taken from pkix oid.c, which is supposed to
- * replace this file some day */
-/*
- * This is the hash function. We simply XOR the encoded form with
- * itself in sizeof(PLHashNumber)-byte chunks. Improving this
- * routine is left as an excercise for the more mathematically
- * inclined student.
- */
-PLHashNumber PR_CALLBACK
-SECITEM_Hash ( const void *key)
-{
- const SECItem *item = (const SECItem *)key;
- PLHashNumber rv = 0;
-
- PRUint8 *data = (PRUint8 *)item->data;
- PRUint32 i;
- PRUint8 *rvc = (PRUint8 *)&rv;
-
- for( i = 0; i < item->len; i++ ) {
- rvc[ i % sizeof(rv) ] ^= *data;
- data++;
- }
-
- return rv;
-}
-
-/*
- * This is the key-compare function. It simply does a lexical
- * comparison on the item data. This does not result in
- * quite the same ordering as the "sequence of numbers" order,
- * but heck it's only used internally by the hash table anyway.
- */
-PRIntn PR_CALLBACK
-SECITEM_HashCompare ( const void *k1, const void *k2)
-{
- const SECItem *i1 = (const SECItem *)k1;
- const SECItem *i2 = (const SECItem *)k2;
-
- return SECITEM_ItemsAreEqual(i1,i2);
-}
diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h
deleted file mode 100644
index 76a5d16fb..000000000
--- a/security/nss/lib/util/secitem.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECITEM_H_
-#define _SECITEM_H_
-/*
- * secitem.h - public data structures and prototypes for handling
- * SECItems
- *
- * $Id$
- */
-
-#include "plarena.h"
-#include "plhash.h"
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Allocate an item. If "arena" is not NULL, then allocate from there,
-** otherwise allocate from the heap. If "item" is not NULL, allocate
-** only the data for the item, not the item itself. The item structure
-** is allocated zero-filled; the data buffer is not zeroed.
-**
-** The resulting item is returned; NULL if any error occurs.
-**
-** XXX This probably should take a SECItemType, but since that is mostly
-** unused and our improved APIs (aka Stan) are looming, I left it out.
-*/
-extern SECItem *SECITEM_AllocItem(PRArenaPool *arena, SECItem *item,
- unsigned int len);
-
-/*
-** Reallocate the data for the specified "item". If "arena" is not NULL,
-** then reallocate from there, otherwise reallocate from the heap.
-** In the case where oldlen is 0, the data is allocated (not reallocated).
-** In any case, "item" is expected to be a valid SECItem pointer;
-** SECFailure is returned if it is not. If the allocation succeeds,
-** SECSuccess is returned.
-*/
-extern SECStatus SECITEM_ReallocItem(PRArenaPool *arena, SECItem *item,
- unsigned int oldlen, unsigned int newlen);
-
-/*
-** Compare two items returning the difference between them.
-*/
-extern SECComparison SECITEM_CompareItem(const SECItem *a, const SECItem *b);
-
-/*
-** Compare two items -- if they are the same, return true; otherwise false.
-*/
-extern PRBool SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b);
-
-/*
-** Copy "from" to "to"
-*/
-extern SECStatus SECITEM_CopyItem(PRArenaPool *arena, SECItem *to,
- const SECItem *from);
-
-/*
-** Allocate an item and copy "from" into it.
-*/
-extern SECItem *SECITEM_DupItem(const SECItem *from);
-
-/*
-** Free "zap". If freeit is PR_TRUE then "zap" itself is freed.
-*/
-extern void SECITEM_FreeItem(SECItem *zap, PRBool freeit);
-
-/*
-** Zero and then free "zap". If freeit is PR_TRUE then "zap" itself is freed.
-*/
-extern void SECITEM_ZfreeItem(SECItem *zap, PRBool freeit);
-
-PLHashNumber PR_CALLBACK SECITEM_Hash ( const void *key);
-
-PRIntn PR_CALLBACK SECITEM_HashCompare ( const void *k1, const void *k2);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECITEM_H_ */
diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c
deleted file mode 100644
index e83c04d7a..000000000
--- a/security/nss/lib/util/secoid.c
+++ /dev/null
@@ -1,1700 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secoid.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "plhash.h"
-
-/* MISSI Mosaic Object ID space */
-#define USGOV 0x60, 0x86, 0x48, 0x01, 0x65
-#define MISSI USGOV, 0x02, 0x01, 0x01
-#define MISSI_OLD_KEA_DSS MISSI, 0x0c
-#define MISSI_OLD_DSS MISSI, 0x02
-#define MISSI_KEA_DSS MISSI, 0x14
-#define MISSI_DSS MISSI, 0x13
-#define MISSI_KEA MISSI, 0x0a
-#define MISSI_ALT_KEA MISSI, 0x16
-
-#define NISTALGS USGOV, 3, 4
-#define AES NISTALGS, 1
-#define SHAXXX NISTALGS, 2
-
-/**
- ** The Netscape OID space is allocated by Terry Hayes. If you need
- ** a piece of the space, contact him at thayes@netscape.com.
- **/
-
-/* Netscape Communications Corporation Object ID space */
-/* { 2 16 840 1 113730 } */
-#define NETSCAPE_OID 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42
-#define NETSCAPE_CERT_EXT NETSCAPE_OID, 0x01
-#define NETSCAPE_DATA_TYPE NETSCAPE_OID, 0x02
-/* netscape directory oid - owned by Mark Smith (mcs@netscape.com) */
-#define NETSCAPE_DIRECTORY NETSCAPE_OID, 0x03
-#define NETSCAPE_POLICY NETSCAPE_OID, 0x04
-#define NETSCAPE_CERT_SERVER NETSCAPE_OID, 0x05
-#define NETSCAPE_ALGS NETSCAPE_OID, 0x06 /* algorithm OIDs */
-#define NETSCAPE_NAME_COMPONENTS NETSCAPE_OID, 0x07
-
-#define NETSCAPE_CERT_EXT_AIA NETSCAPE_CERT_EXT, 0x10
-#define NETSCAPE_CERT_SERVER_CRMF NETSCAPE_CERT_SERVER, 0x01
-
-/* these are old and should go away soon */
-#define OLD_NETSCAPE 0x60, 0x86, 0x48, 0xd8, 0x6a
-#define NS_CERT_EXT OLD_NETSCAPE, 0x01
-#define NS_FILE_TYPE OLD_NETSCAPE, 0x02
-#define NS_IMAGE_TYPE OLD_NETSCAPE, 0x03
-
-/* RSA OID name space */
-#define RSADSI 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d
-#define PKCS RSADSI, 0x01
-#define DIGEST RSADSI, 0x02
-#define CIPHER RSADSI, 0x03
-#define PKCS1 PKCS, 0x01
-#define PKCS5 PKCS, 0x05
-#define PKCS7 PKCS, 0x07
-#define PKCS9 PKCS, 0x09
-#define PKCS12 PKCS, 0x0c
-
-/* Fortezza algorithm OID space: { 2 16 840 1 101 2 1 1 } */
-/* ### mwelch -- Is this just for algorithms, or all of Fortezza? */
-#define FORTEZZA_ALG 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01
-
-/* Other OID name spaces */
-#define ALGORITHM 0x2b, 0x0e, 0x03, 0x02
-#define X500 0x55
-#define X520_ATTRIBUTE_TYPE X500, 0x04
-#define X500_ALG X500, 0x08
-#define X500_ALG_ENCRYPTION X500_ALG, 0x01
-
-/** X.509 v3 Extension OID
- ** {joint-iso-ccitt (2) ds(5) 29}
- **/
-#define ID_CE_OID X500, 0x1d
-
-#define RFC1274_ATTR_TYPE 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x1
-/* #define RFC2247_ATTR_TYPE 0x09, 0x92, 0x26, 0xf5, 0x98, 0x1e, 0x64, 0x1 this is WRONG! */
-
-/* PKCS #12 name spaces */
-#define PKCS12_MODE_IDS PKCS12, 0x01
-#define PKCS12_ESPVK_IDS PKCS12, 0x02
-#define PKCS12_BAG_IDS PKCS12, 0x03
-#define PKCS12_CERT_BAG_IDS PKCS12, 0x04
-#define PKCS12_OIDS PKCS12, 0x05
-#define PKCS12_PBE_IDS PKCS12_OIDS, 0x01
-#define PKCS12_ENVELOPING_IDS PKCS12_OIDS, 0x02
-#define PKCS12_SIGNATURE_IDS PKCS12_OIDS, 0x03
-#define PKCS12_V2_PBE_IDS PKCS12, 0x01
-#define PKCS9_CERT_TYPES PKCS9, 0x16
-#define PKCS9_CRL_TYPES PKCS9, 0x17
-#define PKCS9_SMIME_IDS PKCS9, 0x10
-#define PKCS9_SMIME_ATTRS PKCS9_SMIME_IDS, 2
-#define PKCS9_SMIME_ALGS PKCS9_SMIME_IDS, 3
-#define PKCS12_VERSION1 PKCS12, 0x0a
-#define PKCS12_V1_BAG_IDS PKCS12_VERSION1, 1
-
-/* for DSA algorithm */
-/* { iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) } */
-#define ANSI_X9_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x38, 0x4
-
-/* for DH algorithm */
-/* { iso(1) member-body(2) us(840) x9-57(10046) number-type(2) } */
-/* need real OID person to look at this, copied the above line
- * and added 6 to second to last value (and changed '4' to '2' */
-#define ANSI_X942_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x3e, 0x2
-
-#define VERISIGN 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45
-
-#define PKIX 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07
-#define PKIX_CERT_EXTENSIONS PKIX, 1
-#define PKIX_POLICY_QUALIFIERS PKIX, 2
-#define PKIX_KEY_USAGE PKIX, 3
-#define PKIX_ACCESS_DESCRIPTION PKIX, 0x30
-#define PKIX_OCSP PKIX_ACCESS_DESCRIPTION, 1
-
-#define PKIX_ID_PKIP PKIX, 5
-#define PKIX_ID_REGCTRL PKIX_ID_PKIP, 1
-#define PKIX_ID_REGINFO PKIX_ID_PKIP, 2
-
-/* Microsoft Object ID space */
-/* { 1.3.6.1.4.1.311 } */
-#define MICROSOFT_OID 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0x37
-
-#define CERTICOM_OID 0x2b, 0x81, 0x04
-#define SECG_OID CERTICOM_OID, 0x00
-
-#define ANSI_X962_OID 0x2a, 0x86, 0x48, 0xce, 0x3d
-#define ANSI_X962_CURVE_OID ANSI_X962_OID, 0x03
-#define ANSI_X962_GF2m_OID ANSI_X962_CURVE_OID, 0x00
-#define ANSI_X962_GFp_OID ANSI_X962_CURVE_OID, 0x01
-
-#define CONST_OID static const unsigned char
-
-CONST_OID md2[] = { DIGEST, 0x02 };
-CONST_OID md4[] = { DIGEST, 0x04 };
-CONST_OID md5[] = { DIGEST, 0x05 };
-
-CONST_OID rc2cbc[] = { CIPHER, 0x02 };
-CONST_OID rc4[] = { CIPHER, 0x04 };
-CONST_OID desede3cbc[] = { CIPHER, 0x07 };
-CONST_OID rc5cbcpad[] = { CIPHER, 0x09 };
-
-CONST_OID desecb[] = { ALGORITHM, 0x06 };
-CONST_OID descbc[] = { ALGORITHM, 0x07 };
-CONST_OID desofb[] = { ALGORITHM, 0x08 };
-CONST_OID descfb[] = { ALGORITHM, 0x09 };
-CONST_OID desmac[] = { ALGORITHM, 0x0a };
-CONST_OID sdn702DSASignature[] = { ALGORITHM, 0x0c };
-CONST_OID isoSHAWithRSASignature[] = { ALGORITHM, 0x0f };
-CONST_OID desede[] = { ALGORITHM, 0x11 };
-CONST_OID sha1[] = { ALGORITHM, 0x1a };
-CONST_OID bogusDSASignaturewithSHA1Digest[] = { ALGORITHM, 0x1b };
-
-CONST_OID pkcs1RSAEncryption[] = { PKCS1, 0x01 };
-CONST_OID pkcs1MD2WithRSAEncryption[] = { PKCS1, 0x02 };
-CONST_OID pkcs1MD4WithRSAEncryption[] = { PKCS1, 0x03 };
-CONST_OID pkcs1MD5WithRSAEncryption[] = { PKCS1, 0x04 };
-CONST_OID pkcs1SHA1WithRSAEncryption[] = { PKCS1, 0x05 };
-CONST_OID pkcs1SHA256WithRSAEncryption[] = { PKCS1, 11 };
-CONST_OID pkcs1SHA384WithRSAEncryption[] = { PKCS1, 12 };
-CONST_OID pkcs1SHA512WithRSAEncryption[] = { PKCS1, 13 };
-
-CONST_OID pkcs5PbeWithMD2AndDEScbc[] = { PKCS5, 0x01 };
-CONST_OID pkcs5PbeWithMD5AndDEScbc[] = { PKCS5, 0x03 };
-CONST_OID pkcs5PbeWithSha1AndDEScbc[] = { PKCS5, 0x0a };
-
-CONST_OID pkcs7[] = { PKCS7 };
-CONST_OID pkcs7Data[] = { PKCS7, 0x01 };
-CONST_OID pkcs7SignedData[] = { PKCS7, 0x02 };
-CONST_OID pkcs7EnvelopedData[] = { PKCS7, 0x03 };
-CONST_OID pkcs7SignedEnvelopedData[] = { PKCS7, 0x04 };
-CONST_OID pkcs7DigestedData[] = { PKCS7, 0x05 };
-CONST_OID pkcs7EncryptedData[] = { PKCS7, 0x06 };
-
-CONST_OID pkcs9EmailAddress[] = { PKCS9, 0x01 };
-CONST_OID pkcs9UnstructuredName[] = { PKCS9, 0x02 };
-CONST_OID pkcs9ContentType[] = { PKCS9, 0x03 };
-CONST_OID pkcs9MessageDigest[] = { PKCS9, 0x04 };
-CONST_OID pkcs9SigningTime[] = { PKCS9, 0x05 };
-CONST_OID pkcs9CounterSignature[] = { PKCS9, 0x06 };
-CONST_OID pkcs9ChallengePassword[] = { PKCS9, 0x07 };
-CONST_OID pkcs9UnstructuredAddress[] = { PKCS9, 0x08 };
-CONST_OID pkcs9ExtendedCertificateAttributes[] = { PKCS9, 0x09 };
-CONST_OID pkcs9SMIMECapabilities[] = { PKCS9, 15 };
-CONST_OID pkcs9FriendlyName[] = { PKCS9, 20 };
-CONST_OID pkcs9LocalKeyID[] = { PKCS9, 21 };
-
-CONST_OID pkcs9X509Certificate[] = { PKCS9_CERT_TYPES, 1 };
-CONST_OID pkcs9SDSICertificate[] = { PKCS9_CERT_TYPES, 2 };
-CONST_OID pkcs9X509CRL[] = { PKCS9_CRL_TYPES, 1 };
-
-/* RFC2630 (CMS) OIDs */
-CONST_OID cmsESDH[] = { PKCS9_SMIME_ALGS, 5 };
-CONST_OID cms3DESwrap[] = { PKCS9_SMIME_ALGS, 6 };
-CONST_OID cmsRC2wrap[] = { PKCS9_SMIME_ALGS, 7 };
-
-/* RFC2633 SMIME message attributes */
-CONST_OID smimeEncryptionKeyPreference[] = { PKCS9_SMIME_ATTRS, 11 };
-CONST_OID ms_smimeEncryptionKeyPreference[] = { MICROSOFT_OID, 0x10, 0x4 };
-
-CONST_OID x520CommonName[] = { X520_ATTRIBUTE_TYPE, 3 };
-CONST_OID x520CountryName[] = { X520_ATTRIBUTE_TYPE, 6 };
-CONST_OID x520LocalityName[] = { X520_ATTRIBUTE_TYPE, 7 };
-CONST_OID x520StateOrProvinceName[] = { X520_ATTRIBUTE_TYPE, 8 };
-CONST_OID x520OrgName[] = { X520_ATTRIBUTE_TYPE, 10 };
-CONST_OID x520OrgUnitName[] = { X520_ATTRIBUTE_TYPE, 11 };
-CONST_OID x520DnQualifier[] = { X520_ATTRIBUTE_TYPE, 46 };
-
-CONST_OID nsTypeGIF[] = { NETSCAPE_DATA_TYPE, 0x01 };
-CONST_OID nsTypeJPEG[] = { NETSCAPE_DATA_TYPE, 0x02 };
-CONST_OID nsTypeURL[] = { NETSCAPE_DATA_TYPE, 0x03 };
-CONST_OID nsTypeHTML[] = { NETSCAPE_DATA_TYPE, 0x04 };
-CONST_OID nsTypeCertSeq[] = { NETSCAPE_DATA_TYPE, 0x05 };
-
-CONST_OID missiCertKEADSSOld[] = { MISSI_OLD_KEA_DSS };
-CONST_OID missiCertDSSOld[] = { MISSI_OLD_DSS };
-CONST_OID missiCertKEADSS[] = { MISSI_KEA_DSS };
-CONST_OID missiCertDSS[] = { MISSI_DSS };
-CONST_OID missiCertKEA[] = { MISSI_KEA };
-CONST_OID missiCertAltKEA[] = { MISSI_ALT_KEA };
-CONST_OID x500RSAEncryption[] = { X500_ALG_ENCRYPTION, 0x01 };
-
-/* added for alg 1485 */
-CONST_OID rfc1274Uid[] = { RFC1274_ATTR_TYPE, 1 };
-CONST_OID rfc1274Mail[] = { RFC1274_ATTR_TYPE, 3 };
-CONST_OID rfc2247DomainComponent[] = { RFC1274_ATTR_TYPE, 25 };
-
-/* Netscape private certificate extensions */
-CONST_OID nsCertExtNetscapeOK[] = { NS_CERT_EXT, 1 };
-CONST_OID nsCertExtIssuerLogo[] = { NS_CERT_EXT, 2 };
-CONST_OID nsCertExtSubjectLogo[] = { NS_CERT_EXT, 3 };
-CONST_OID nsExtCertType[] = { NETSCAPE_CERT_EXT, 0x01 };
-CONST_OID nsExtBaseURL[] = { NETSCAPE_CERT_EXT, 0x02 };
-CONST_OID nsExtRevocationURL[] = { NETSCAPE_CERT_EXT, 0x03 };
-CONST_OID nsExtCARevocationURL[] = { NETSCAPE_CERT_EXT, 0x04 };
-CONST_OID nsExtCACRLURL[] = { NETSCAPE_CERT_EXT, 0x05 };
-CONST_OID nsExtCACertURL[] = { NETSCAPE_CERT_EXT, 0x06 };
-CONST_OID nsExtCertRenewalURL[] = { NETSCAPE_CERT_EXT, 0x07 };
-CONST_OID nsExtCAPolicyURL[] = { NETSCAPE_CERT_EXT, 0x08 };
-CONST_OID nsExtHomepageURL[] = { NETSCAPE_CERT_EXT, 0x09 };
-CONST_OID nsExtEntityLogo[] = { NETSCAPE_CERT_EXT, 0x0a };
-CONST_OID nsExtUserPicture[] = { NETSCAPE_CERT_EXT, 0x0b };
-CONST_OID nsExtSSLServerName[] = { NETSCAPE_CERT_EXT, 0x0c };
-CONST_OID nsExtComment[] = { NETSCAPE_CERT_EXT, 0x0d };
-
-/* the following 2 extensions are defined for and used by Cartman(NSM) */
-CONST_OID nsExtLostPasswordURL[] = { NETSCAPE_CERT_EXT, 0x0e };
-CONST_OID nsExtCertRenewalTime[] = { NETSCAPE_CERT_EXT, 0x0f };
-
-CONST_OID nsExtAIACertRenewal[] = { NETSCAPE_CERT_EXT_AIA, 0x01 };
-CONST_OID nsExtCertScopeOfUse[] = { NETSCAPE_CERT_EXT, 0x11 };
-/* Reserved Netscape (2 16 840 1 113730 1 18) = { NETSCAPE_CERT_EXT, 0x12 }; */
-
-/* Netscape policy values */
-CONST_OID nsKeyUsageGovtApproved[] = { NETSCAPE_POLICY, 0x01 };
-
-/* Netscape other name types */
-CONST_OID netscapeNickname[] = { NETSCAPE_NAME_COMPONENTS, 0x01 };
-CONST_OID netscapeAOLScreenname[] = { NETSCAPE_NAME_COMPONENTS, 0x02 };
-
-/* OIDs needed for cert server */
-CONST_OID netscapeRecoveryRequest[] = { NETSCAPE_CERT_SERVER_CRMF, 0x01 };
-
-
-/* Standard x.509 v3 Certificate Extensions */
-CONST_OID x509SubjectDirectoryAttr[] = { ID_CE_OID, 9 };
-CONST_OID x509SubjectKeyID[] = { ID_CE_OID, 14 };
-CONST_OID x509KeyUsage[] = { ID_CE_OID, 15 };
-CONST_OID x509PrivateKeyUsagePeriod[] = { ID_CE_OID, 16 };
-CONST_OID x509SubjectAltName[] = { ID_CE_OID, 17 };
-CONST_OID x509IssuerAltName[] = { ID_CE_OID, 18 };
-CONST_OID x509BasicConstraints[] = { ID_CE_OID, 19 };
-CONST_OID x509NameConstraints[] = { ID_CE_OID, 30 };
-CONST_OID x509CRLDistPoints[] = { ID_CE_OID, 31 };
-CONST_OID x509CertificatePolicies[] = { ID_CE_OID, 32 };
-CONST_OID x509PolicyMappings[] = { ID_CE_OID, 33 };
-CONST_OID x509PolicyConstraints[] = { ID_CE_OID, 34 };
-CONST_OID x509AuthKeyID[] = { ID_CE_OID, 35 };
-CONST_OID x509ExtKeyUsage[] = { ID_CE_OID, 37 };
-CONST_OID x509AuthInfoAccess[] = { PKIX_CERT_EXTENSIONS, 1 };
-
-/* Standard x.509 v3 CRL Extensions */
-CONST_OID x509CrlNumber[] = { ID_CE_OID, 20};
-CONST_OID x509ReasonCode[] = { ID_CE_OID, 21};
-CONST_OID x509InvalidDate[] = { ID_CE_OID, 24};
-
-/* pkcs 12 additions */
-CONST_OID pkcs12[] = { PKCS12 };
-CONST_OID pkcs12ModeIDs[] = { PKCS12_MODE_IDS };
-CONST_OID pkcs12ESPVKIDs[] = { PKCS12_ESPVK_IDS };
-CONST_OID pkcs12BagIDs[] = { PKCS12_BAG_IDS };
-CONST_OID pkcs12CertBagIDs[] = { PKCS12_CERT_BAG_IDS };
-CONST_OID pkcs12OIDs[] = { PKCS12_OIDS };
-CONST_OID pkcs12PBEIDs[] = { PKCS12_PBE_IDS };
-CONST_OID pkcs12EnvelopingIDs[] = { PKCS12_ENVELOPING_IDS };
-CONST_OID pkcs12SignatureIDs[] = { PKCS12_SIGNATURE_IDS };
-CONST_OID pkcs12PKCS8KeyShrouding[] = { PKCS12_ESPVK_IDS, 0x01 };
-CONST_OID pkcs12KeyBagID[] = { PKCS12_BAG_IDS, 0x01 };
-CONST_OID pkcs12CertAndCRLBagID[] = { PKCS12_BAG_IDS, 0x02 };
-CONST_OID pkcs12SecretBagID[] = { PKCS12_BAG_IDS, 0x03 };
-CONST_OID pkcs12X509CertCRLBag[] = { PKCS12_CERT_BAG_IDS, 0x01 };
-CONST_OID pkcs12SDSICertBag[] = { PKCS12_CERT_BAG_IDS, 0x02 };
-CONST_OID pkcs12PBEWithSha1And128BitRC4[] = { PKCS12_PBE_IDS, 0x01 };
-CONST_OID pkcs12PBEWithSha1And40BitRC4[] = { PKCS12_PBE_IDS, 0x02 };
-CONST_OID pkcs12PBEWithSha1AndTripleDESCBC[] = { PKCS12_PBE_IDS, 0x03 };
-CONST_OID pkcs12PBEWithSha1And128BitRC2CBC[] = { PKCS12_PBE_IDS, 0x04 };
-CONST_OID pkcs12PBEWithSha1And40BitRC2CBC[] = { PKCS12_PBE_IDS, 0x05 };
-CONST_OID pkcs12RSAEncryptionWith128BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x01 };
-CONST_OID pkcs12RSAEncryptionWith40BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x02 };
-CONST_OID pkcs12RSAEncryptionWithTripleDES[] = { PKCS12_ENVELOPING_IDS, 0x03 };
-CONST_OID pkcs12RSASignatureWithSHA1Digest[] = { PKCS12_SIGNATURE_IDS, 0x01 };
-
-/* pkcs 12 version 1.0 ids */
-CONST_OID pkcs12V2PBEWithSha1And128BitRC4[] = { PKCS12_V2_PBE_IDS, 0x01 };
-CONST_OID pkcs12V2PBEWithSha1And40BitRC4[] = { PKCS12_V2_PBE_IDS, 0x02 };
-CONST_OID pkcs12V2PBEWithSha1And3KeyTripleDEScbc[]= { PKCS12_V2_PBE_IDS, 0x03 };
-CONST_OID pkcs12V2PBEWithSha1And2KeyTripleDEScbc[]= { PKCS12_V2_PBE_IDS, 0x04 };
-CONST_OID pkcs12V2PBEWithSha1And128BitRC2cbc[] = { PKCS12_V2_PBE_IDS, 0x05 };
-CONST_OID pkcs12V2PBEWithSha1And40BitRC2cbc[] = { PKCS12_V2_PBE_IDS, 0x06 };
-
-CONST_OID pkcs12SafeContentsID[] = { PKCS12_BAG_IDS, 0x04 };
-CONST_OID pkcs12PKCS8ShroudedKeyBagID[] = { PKCS12_BAG_IDS, 0x05 };
-
-CONST_OID pkcs12V1KeyBag[] = { PKCS12_V1_BAG_IDS, 0x01 };
-CONST_OID pkcs12V1PKCS8ShroudedKeyBag[] = { PKCS12_V1_BAG_IDS, 0x02 };
-CONST_OID pkcs12V1CertBag[] = { PKCS12_V1_BAG_IDS, 0x03 };
-CONST_OID pkcs12V1CRLBag[] = { PKCS12_V1_BAG_IDS, 0x04 };
-CONST_OID pkcs12V1SecretBag[] = { PKCS12_V1_BAG_IDS, 0x05 };
-CONST_OID pkcs12V1SafeContentsBag[] = { PKCS12_V1_BAG_IDS, 0x06 };
-
-CONST_OID pkcs12KeyUsageAttr[] = { 2, 5, 29, 15 };
-
-CONST_OID ansix9DSASignature[] = { ANSI_X9_ALGORITHM, 0x01 };
-CONST_OID ansix9DSASignaturewithSHA1Digest[] = { ANSI_X9_ALGORITHM, 0x03 };
-
-/* verisign OIDs */
-CONST_OID verisignUserNotices[] = { VERISIGN, 1, 7, 1, 1 };
-
-/* pkix OIDs */
-CONST_OID pkixCPSPointerQualifier[] = { PKIX_POLICY_QUALIFIERS, 1 };
-CONST_OID pkixUserNoticeQualifier[] = { PKIX_POLICY_QUALIFIERS, 2 };
-
-CONST_OID pkixOCSP[] = { PKIX_OCSP };
-CONST_OID pkixOCSPBasicResponse[] = { PKIX_OCSP, 1 };
-CONST_OID pkixOCSPNonce[] = { PKIX_OCSP, 2 };
-CONST_OID pkixOCSPCRL[] = { PKIX_OCSP, 3 };
-CONST_OID pkixOCSPResponse[] = { PKIX_OCSP, 4 };
-CONST_OID pkixOCSPNoCheck[] = { PKIX_OCSP, 5 };
-CONST_OID pkixOCSPArchiveCutoff[] = { PKIX_OCSP, 6 };
-CONST_OID pkixOCSPServiceLocator[] = { PKIX_OCSP, 7 };
-
-CONST_OID pkixRegCtrlRegToken[] = { PKIX_ID_REGCTRL, 1};
-CONST_OID pkixRegCtrlAuthenticator[] = { PKIX_ID_REGCTRL, 2};
-CONST_OID pkixRegCtrlPKIPubInfo[] = { PKIX_ID_REGCTRL, 3};
-CONST_OID pkixRegCtrlPKIArchOptions[] = { PKIX_ID_REGCTRL, 4};
-CONST_OID pkixRegCtrlOldCertID[] = { PKIX_ID_REGCTRL, 5};
-CONST_OID pkixRegCtrlProtEncKey[] = { PKIX_ID_REGCTRL, 6};
-CONST_OID pkixRegInfoUTF8Pairs[] = { PKIX_ID_REGINFO, 1};
-CONST_OID pkixRegInfoCertReq[] = { PKIX_ID_REGINFO, 2};
-
-CONST_OID pkixExtendedKeyUsageServerAuth[] = { PKIX_KEY_USAGE, 1 };
-CONST_OID pkixExtendedKeyUsageClientAuth[] = { PKIX_KEY_USAGE, 2 };
-CONST_OID pkixExtendedKeyUsageCodeSign[] = { PKIX_KEY_USAGE, 3 };
-CONST_OID pkixExtendedKeyUsageEMailProtect[] = { PKIX_KEY_USAGE, 4 };
-CONST_OID pkixExtendedKeyUsageTimeStamp[] = { PKIX_KEY_USAGE, 8 };
-CONST_OID pkixOCSPResponderExtendedKeyUsage[] = { PKIX_KEY_USAGE, 9 };
-
-/* OIDs for Netscape defined algorithms */
-CONST_OID netscapeSMimeKEA[] = { NETSCAPE_ALGS, 0x01 };
-
-/* Fortezza algorithm OIDs */
-CONST_OID skipjackCBC[] = { FORTEZZA_ALG, 0x04 };
-CONST_OID dhPublicKey[] = { ANSI_X942_ALGORITHM, 0x1 };
-
-CONST_OID aes128_ECB[] = { AES, 1 };
-CONST_OID aes128_CBC[] = { AES, 2 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes128_OFB[] = { AES, 3 };
-CONST_OID aes128_CFB[] = { AES, 4 };
-#endif
-CONST_OID aes128_KEY_WRAP[] = { AES, 5 };
-
-CONST_OID aes192_ECB[] = { AES, 21 };
-CONST_OID aes192_CBC[] = { AES, 22 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes192_OFB[] = { AES, 23 };
-CONST_OID aes192_CFB[] = { AES, 24 };
-#endif
-CONST_OID aes192_KEY_WRAP[] = { AES, 25 };
-
-CONST_OID aes256_ECB[] = { AES, 41 };
-CONST_OID aes256_CBC[] = { AES, 42 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes256_OFB[] = { AES, 43 };
-CONST_OID aes256_CFB[] = { AES, 44 };
-#endif
-CONST_OID aes256_KEY_WRAP[] = { AES, 45 };
-
-CONST_OID sha256[] = { SHAXXX, 1 };
-CONST_OID sha384[] = { SHAXXX, 2 };
-CONST_OID sha512[] = { SHAXXX, 3 };
-
-CONST_OID ansix962ECPublicKey[] = { ANSI_X962_OID, 0x02, 0x01 };
-CONST_OID ansix962ECDSASignaturewithSHA1Digest[] = { ANSI_X962_OID, 0x04, 0x01 };
-
-/* ANSI X9.62 prime curve OIDs */
-/* NOTE: prime192v1 is the same as secp192r1, prime256v1 is the
- * same as secp256r1
- */
-CONST_OID ansiX962prime192v1[] = { ANSI_X962_GFp_OID, 0x01 };
-CONST_OID ansiX962prime192v2[] = { ANSI_X962_GFp_OID, 0x02 };
-CONST_OID ansiX962prime192v3[] = { ANSI_X962_GFp_OID, 0x03 };
-CONST_OID ansiX962prime239v1[] = { ANSI_X962_GFp_OID, 0x04 };
-CONST_OID ansiX962prime239v2[] = { ANSI_X962_GFp_OID, 0x05 };
-CONST_OID ansiX962prime239v3[] = { ANSI_X962_GFp_OID, 0x06 };
-CONST_OID ansiX962prime256v1[] = { ANSI_X962_GFp_OID, 0x07 };
-
-/* SECG prime curve OIDs */
-CONST_OID secgECsecp112r1[] = { SECG_OID, 0x06 };
-CONST_OID secgECsecp112r2[] = { SECG_OID, 0x07 };
-CONST_OID secgECsecp128r1[] = { SECG_OID, 0x1c };
-CONST_OID secgECsecp128r2[] = { SECG_OID, 0x1d };
-CONST_OID secgECsecp160k1[] = { SECG_OID, 0x09 };
-CONST_OID secgECsecp160r1[] = { SECG_OID, 0x08 };
-CONST_OID secgECsecp160r2[] = { SECG_OID, 0x1e };
-CONST_OID secgECsecp192k1[] = { SECG_OID, 0x1f };
-CONST_OID secgECsecp224k1[] = { SECG_OID, 0x20 };
-CONST_OID secgECsecp224r1[] = { SECG_OID, 0x21 };
-CONST_OID secgECsecp256k1[] = { SECG_OID, 0x0a };
-CONST_OID secgECsecp384r1[] = { SECG_OID, 0x22 };
-CONST_OID secgECsecp521r1[] = { SECG_OID, 0x23 };
-
-/* ANSI X9.62 characteristic two curve OIDs */
-CONST_OID ansiX962c2pnb163v1[] = { ANSI_X962_GF2m_OID, 0x01 };
-CONST_OID ansiX962c2pnb163v2[] = { ANSI_X962_GF2m_OID, 0x02 };
-CONST_OID ansiX962c2pnb163v3[] = { ANSI_X962_GF2m_OID, 0x03 };
-CONST_OID ansiX962c2pnb176v1[] = { ANSI_X962_GF2m_OID, 0x04 };
-CONST_OID ansiX962c2tnb191v1[] = { ANSI_X962_GF2m_OID, 0x05 };
-CONST_OID ansiX962c2tnb191v2[] = { ANSI_X962_GF2m_OID, 0x06 };
-CONST_OID ansiX962c2tnb191v3[] = { ANSI_X962_GF2m_OID, 0x07 };
-CONST_OID ansiX962c2onb191v4[] = { ANSI_X962_GF2m_OID, 0x08 };
-CONST_OID ansiX962c2onb191v5[] = { ANSI_X962_GF2m_OID, 0x09 };
-CONST_OID ansiX962c2pnb208w1[] = { ANSI_X962_GF2m_OID, 0x0a };
-CONST_OID ansiX962c2tnb239v1[] = { ANSI_X962_GF2m_OID, 0x0b };
-CONST_OID ansiX962c2tnb239v2[] = { ANSI_X962_GF2m_OID, 0x0c };
-CONST_OID ansiX962c2tnb239v3[] = { ANSI_X962_GF2m_OID, 0x0d };
-CONST_OID ansiX962c2onb239v4[] = { ANSI_X962_GF2m_OID, 0x0e };
-CONST_OID ansiX962c2onb239v5[] = { ANSI_X962_GF2m_OID, 0x0f };
-CONST_OID ansiX962c2pnb272w1[] = { ANSI_X962_GF2m_OID, 0x10 };
-CONST_OID ansiX962c2pnb304w1[] = { ANSI_X962_GF2m_OID, 0x11 };
-CONST_OID ansiX962c2tnb359v1[] = { ANSI_X962_GF2m_OID, 0x12 };
-CONST_OID ansiX962c2pnb368w1[] = { ANSI_X962_GF2m_OID, 0x13 };
-CONST_OID ansiX962c2tnb431r1[] = { ANSI_X962_GF2m_OID, 0x14 };
-
-/* SECG characterisitic two curve OIDs */
-CONST_OID secgECsect113r1[] = {SECG_OID, 0x04 };
-CONST_OID secgECsect113r2[] = {SECG_OID, 0x05 };
-CONST_OID secgECsect131r1[] = {SECG_OID, 0x16 };
-CONST_OID secgECsect131r2[] = {SECG_OID, 0x17 };
-CONST_OID secgECsect163k1[] = {SECG_OID, 0x01 };
-CONST_OID secgECsect163r1[] = {SECG_OID, 0x02 };
-CONST_OID secgECsect163r2[] = {SECG_OID, 0x0f };
-CONST_OID secgECsect193r1[] = {SECG_OID, 0x18 };
-CONST_OID secgECsect193r2[] = {SECG_OID, 0x19 };
-CONST_OID secgECsect233k1[] = {SECG_OID, 0x1a };
-CONST_OID secgECsect233r1[] = {SECG_OID, 0x1b };
-CONST_OID secgECsect239k1[] = {SECG_OID, 0x03 };
-CONST_OID secgECsect283k1[] = {SECG_OID, 0x10 };
-CONST_OID secgECsect283r1[] = {SECG_OID, 0x11 };
-CONST_OID secgECsect409k1[] = {SECG_OID, 0x24 };
-CONST_OID secgECsect409r1[] = {SECG_OID, 0x25 };
-CONST_OID secgECsect571k1[] = {SECG_OID, 0x26 };
-CONST_OID secgECsect571r1[] = {SECG_OID, 0x27 };
-
-#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
-#ifndef SECOID_NO_STRINGS
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
-#else
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, 0, mech, ext }
-#endif
-
-/*
- * NOTE: the order of these entries must mach the SECOidTag enum in secoidt.h!
- */
-const static SECOidData oids[] = {
- { { siDEROID, NULL, 0 }, SEC_OID_UNKNOWN,
- "Unknown OID", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION },
- OD( md2, SEC_OID_MD2, "MD2", CKM_MD2, INVALID_CERT_EXTENSION ),
- OD( md4, SEC_OID_MD4,
- "MD4", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( md5, SEC_OID_MD5, "MD5", CKM_MD5, INVALID_CERT_EXTENSION ),
- OD( sha1, SEC_OID_SHA1, "SHA-1", CKM_SHA_1, INVALID_CERT_EXTENSION ),
- OD( rc2cbc, SEC_OID_RC2_CBC,
- "RC2-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION ),
- OD( rc4, SEC_OID_RC4, "RC4", CKM_RC4, INVALID_CERT_EXTENSION ),
- OD( desede3cbc, SEC_OID_DES_EDE3_CBC,
- "DES-EDE3-CBC", CKM_DES3_CBC, INVALID_CERT_EXTENSION ),
- OD( rc5cbcpad, SEC_OID_RC5_CBC_PAD,
- "RC5-CBCPad", CKM_RC5_CBC, INVALID_CERT_EXTENSION ),
- OD( desecb, SEC_OID_DES_ECB,
- "DES-ECB", CKM_DES_ECB, INVALID_CERT_EXTENSION ),
- OD( descbc, SEC_OID_DES_CBC,
- "DES-CBC", CKM_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( desofb, SEC_OID_DES_OFB,
- "DES-OFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( descfb, SEC_OID_DES_CFB,
- "DES-CFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( desmac, SEC_OID_DES_MAC,
- "DES-MAC", CKM_DES_MAC, INVALID_CERT_EXTENSION ),
- OD( desede, SEC_OID_DES_EDE,
- "DES-EDE", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( isoSHAWithRSASignature, SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE,
- "ISO SHA with RSA Signature",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs1RSAEncryption, SEC_OID_PKCS1_RSA_ENCRYPTION,
- "PKCS #1 RSA Encryption", CKM_RSA_PKCS, INVALID_CERT_EXTENSION ),
-
- /* the following Signing mechanisms should get new CKM_ values when
- * values for CKM_RSA_WITH_MDX and CKM_RSA_WITH_SHA_1 get defined in
- * PKCS #11.
- */
- OD( pkcs1MD2WithRSAEncryption, SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION,
- "PKCS #1 MD2 With RSA Encryption", CKM_MD2_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
- OD( pkcs1MD4WithRSAEncryption, SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION,
- "PKCS #1 MD4 With RSA Encryption",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs1MD5WithRSAEncryption, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,
- "PKCS #1 MD5 With RSA Encryption", CKM_MD5_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
- OD( pkcs1SHA1WithRSAEncryption, SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION,
- "PKCS #1 SHA-1 With RSA Encryption", CKM_SHA1_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
-
- OD( pkcs5PbeWithMD2AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC,
- "PKCS #5 Password Based Encryption with MD2 and DES CBC",
- CKM_PBE_MD2_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs5PbeWithMD5AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC,
- "PKCS #5 Password Based Encryption with MD5 and DES CBC",
- CKM_PBE_MD5_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs5PbeWithSha1AndDEScbc, SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
- "PKCS #5 Password Based Encryption with SHA1 and DES CBC",
- CKM_NETSCAPE_PBE_SHA1_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs7, SEC_OID_PKCS7,
- "PKCS #7", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7Data, SEC_OID_PKCS7_DATA,
- "PKCS #7 Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7SignedData, SEC_OID_PKCS7_SIGNED_DATA,
- "PKCS #7 Signed Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7EnvelopedData, SEC_OID_PKCS7_ENVELOPED_DATA,
- "PKCS #7 Enveloped Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7SignedEnvelopedData, SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA,
- "PKCS #7 Signed And Enveloped Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7DigestedData, SEC_OID_PKCS7_DIGESTED_DATA,
- "PKCS #7 Digested Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7EncryptedData, SEC_OID_PKCS7_ENCRYPTED_DATA,
- "PKCS #7 Encrypted Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9EmailAddress, SEC_OID_PKCS9_EMAIL_ADDRESS,
- "PKCS #9 Email Address",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9UnstructuredName, SEC_OID_PKCS9_UNSTRUCTURED_NAME,
- "PKCS #9 Unstructured Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9ContentType, SEC_OID_PKCS9_CONTENT_TYPE,
- "PKCS #9 Content Type",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9MessageDigest, SEC_OID_PKCS9_MESSAGE_DIGEST,
- "PKCS #9 Message Digest",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9SigningTime, SEC_OID_PKCS9_SIGNING_TIME,
- "PKCS #9 Signing Time",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9CounterSignature, SEC_OID_PKCS9_COUNTER_SIGNATURE,
- "PKCS #9 Counter Signature",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9ChallengePassword, SEC_OID_PKCS9_CHALLENGE_PASSWORD,
- "PKCS #9 Challenge Password",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9UnstructuredAddress, SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS,
- "PKCS #9 Unstructured Address",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9ExtendedCertificateAttributes,
- SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES,
- "PKCS #9 Extended Certificate Attributes",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9SMIMECapabilities, SEC_OID_PKCS9_SMIME_CAPABILITIES,
- "PKCS #9 S/MIME Capabilities",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520CommonName, SEC_OID_AVA_COMMON_NAME,
- "X520 Common Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520CountryName, SEC_OID_AVA_COUNTRY_NAME,
- "X520 Country Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520LocalityName, SEC_OID_AVA_LOCALITY,
- "X520 Locality Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520StateOrProvinceName, SEC_OID_AVA_STATE_OR_PROVINCE,
- "X520 State Or Province Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520OrgName, SEC_OID_AVA_ORGANIZATION_NAME,
- "X520 Organization Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520OrgUnitName, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME,
- "X520 Organizational Unit Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520DnQualifier, SEC_OID_AVA_DN_QUALIFIER,
- "X520 DN Qualifier", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( rfc2247DomainComponent, SEC_OID_AVA_DC,
- "RFC 2247 Domain Component",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( nsTypeGIF, SEC_OID_NS_TYPE_GIF,
- "GIF", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeJPEG, SEC_OID_NS_TYPE_JPEG,
- "JPEG", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeURL, SEC_OID_NS_TYPE_URL,
- "URL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeHTML, SEC_OID_NS_TYPE_HTML,
- "HTML", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeCertSeq, SEC_OID_NS_TYPE_CERT_SEQUENCE,
- "Certificate Sequence",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertKEADSSOld, SEC_OID_MISSI_KEA_DSS_OLD,
- "MISSI KEA and DSS Algorithm (Old)",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertDSSOld, SEC_OID_MISSI_DSS_OLD,
- "MISSI DSS Algorithm (Old)",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertKEADSS, SEC_OID_MISSI_KEA_DSS,
- "MISSI KEA and DSS Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertDSS, SEC_OID_MISSI_DSS,
- "MISSI DSS Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertKEA, SEC_OID_MISSI_KEA,
- "MISSI KEA Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertAltKEA, SEC_OID_MISSI_ALT_KEA,
- "MISSI Alternate KEA Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* Netscape private extensions */
- OD( nsCertExtNetscapeOK, SEC_OID_NS_CERT_EXT_NETSCAPE_OK,
- "Netscape says this cert is OK",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsCertExtIssuerLogo, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
- "Certificate Issuer Logo",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsCertExtSubjectLogo, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
- "Certificate Subject Logo",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtCertType, SEC_OID_NS_CERT_EXT_CERT_TYPE,
- "Certificate Type",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtBaseURL, SEC_OID_NS_CERT_EXT_BASE_URL,
- "Certificate Extension Base URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtRevocationURL, SEC_OID_NS_CERT_EXT_REVOCATION_URL,
- "Certificate Revocation URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCARevocationURL, SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL,
- "Certificate Authority Revocation URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCACRLURL, SEC_OID_NS_CERT_EXT_CA_CRL_URL,
- "Certificate Authority CRL Download URL",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtCACertURL, SEC_OID_NS_CERT_EXT_CA_CERT_URL,
- "Certificate Authority Certificate Download URL",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtCertRenewalURL, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL,
- "Certificate Renewal URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCAPolicyURL, SEC_OID_NS_CERT_EXT_CA_POLICY_URL,
- "Certificate Authority Policy URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtHomepageURL, SEC_OID_NS_CERT_EXT_HOMEPAGE_URL,
- "Certificate Homepage URL",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtEntityLogo, SEC_OID_NS_CERT_EXT_ENTITY_LOGO,
- "Certificate Entity Logo",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtUserPicture, SEC_OID_NS_CERT_EXT_USER_PICTURE,
- "Certificate User Picture",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtSSLServerName, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME,
- "Certificate SSL Server Name",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtComment, SEC_OID_NS_CERT_EXT_COMMENT,
- "Certificate Comment",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtLostPasswordURL, SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL,
- "Lost Password URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCertRenewalTime, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME,
- "Certificate Renewal Time",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsKeyUsageGovtApproved, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED,
- "Strong Crypto Export Approved",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-
-
- /* x.509 v3 certificate extensions */
- OD( x509SubjectDirectoryAttr, SEC_OID_X509_SUBJECT_DIRECTORY_ATTR,
- "Certificate Subject Directory Attributes",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
- OD( x509SubjectKeyID, SEC_OID_X509_SUBJECT_KEY_ID,
- "Certificate Subject Key ID",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509KeyUsage, SEC_OID_X509_KEY_USAGE,
- "Certificate Key Usage",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509PrivateKeyUsagePeriod, SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD,
- "Certificate Private Key Usage Period",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509SubjectAltName, SEC_OID_X509_SUBJECT_ALT_NAME,
- "Certificate Subject Alt Name",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509IssuerAltName, SEC_OID_X509_ISSUER_ALT_NAME,
- "Certificate Issuer Alt Name",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509BasicConstraints, SEC_OID_X509_BASIC_CONSTRAINTS,
- "Certificate Basic Constraints",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509NameConstraints, SEC_OID_X509_NAME_CONSTRAINTS,
- "Certificate Name Constraints",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509CRLDistPoints, SEC_OID_X509_CRL_DIST_POINTS,
- "CRL Distribution Points",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509CertificatePolicies, SEC_OID_X509_CERTIFICATE_POLICIES,
- "Certificate Policies",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509PolicyMappings, SEC_OID_X509_POLICY_MAPPINGS,
- "Certificate Policy Mappings",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509PolicyConstraints, SEC_OID_X509_POLICY_CONSTRAINTS,
- "Certificate Policy Constraints",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509AuthKeyID, SEC_OID_X509_AUTH_KEY_ID,
- "Certificate Authority Key Identifier",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509ExtKeyUsage, SEC_OID_X509_EXT_KEY_USAGE,
- "Extended Key Usage",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509AuthInfoAccess, SEC_OID_X509_AUTH_INFO_ACCESS,
- "Authority Information Access",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-
- /* x.509 v3 CRL extensions */
- OD( x509CrlNumber, SEC_OID_X509_CRL_NUMBER,
- "CRL Number", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509ReasonCode, SEC_OID_X509_REASON_CODE,
- "CRL reason code", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509InvalidDate, SEC_OID_X509_INVALID_DATE,
- "Invalid Date", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-
- OD( x500RSAEncryption, SEC_OID_X500_RSA_ENCRYPTION,
- "X500 RSA Encryption", CKM_RSA_X_509, INVALID_CERT_EXTENSION ),
-
- /* added for alg 1485 */
- OD( rfc1274Uid, SEC_OID_RFC1274_UID,
- "RFC1274 User Id", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( rfc1274Mail, SEC_OID_RFC1274_MAIL,
- "RFC1274 E-mail Address",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* pkcs 12 additions */
- OD( pkcs12, SEC_OID_PKCS12,
- "PKCS #12", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12ModeIDs, SEC_OID_PKCS12_MODE_IDS,
- "PKCS #12 Mode IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12ESPVKIDs, SEC_OID_PKCS12_ESPVK_IDS,
- "PKCS #12 ESPVK IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12BagIDs, SEC_OID_PKCS12_BAG_IDS,
- "PKCS #12 Bag IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12CertBagIDs, SEC_OID_PKCS12_CERT_BAG_IDS,
- "PKCS #12 Cert Bag IDs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12OIDs, SEC_OID_PKCS12_OIDS,
- "PKCS #12 OIDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEIDs, SEC_OID_PKCS12_PBE_IDS,
- "PKCS #12 PBE IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12SignatureIDs, SEC_OID_PKCS12_SIGNATURE_IDS,
- "PKCS #12 Signature IDs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12EnvelopingIDs, SEC_OID_PKCS12_ENVELOPING_IDS,
- "PKCS #12 Enveloping IDs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PKCS8KeyShrouding, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING,
- "PKCS #12 Key Shrouding",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12KeyBagID, SEC_OID_PKCS12_KEY_BAG_ID,
- "PKCS #12 Key Bag ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12CertAndCRLBagID, SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
- "PKCS #12 Cert And CRL Bag ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12SecretBagID, SEC_OID_PKCS12_SECRET_BAG_ID,
- "PKCS #12 Secret Bag ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12X509CertCRLBag, SEC_OID_PKCS12_X509_CERT_CRL_BAG,
- "PKCS #12 X509 Cert CRL Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12SDSICertBag, SEC_OID_PKCS12_SDSI_CERT_BAG,
- "PKCS #12 SDSI Cert Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And128BitRC4,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4,
- "PKCS #12 PBE With Sha1 and 128 Bit RC4",
- CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And40BitRC4,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4,
- "PKCS #12 PBE With Sha1 and 40 Bit RC4",
- CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1AndTripleDESCBC,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC,
- "PKCS #12 PBE With Sha1 and Triple DES CBC",
- CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And128BitRC2CBC,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
- "PKCS #12 PBE With Sha1 and 128 Bit RC2 CBC",
- CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And40BitRC2CBC,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
- "PKCS #12 PBE With Sha1 and 40 Bit RC2 CBC",
- CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSAEncryptionWith128BitRC4,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4,
- "PKCS #12 RSA Encryption with 128 Bit RC4",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSAEncryptionWith40BitRC4,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4,
- "PKCS #12 RSA Encryption with 40 Bit RC4",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSAEncryptionWithTripleDES,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES,
- "PKCS #12 RSA Encryption with Triple DES",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSASignatureWithSHA1Digest,
- SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST,
- "PKCS #12 RSA Encryption with Triple DES",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* DSA signatures */
- OD( ansix9DSASignature, SEC_OID_ANSIX9_DSA_SIGNATURE,
- "ANSI X9.57 DSA Signature", CKM_DSA, INVALID_CERT_EXTENSION ),
- OD( ansix9DSASignaturewithSHA1Digest,
- SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST,
- "ANSI X9.57 DSA Signature with SHA1 Digest",
- CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
- OD( bogusDSASignaturewithSHA1Digest,
- SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST,
- "FORTEZZA DSA Signature with SHA1 Digest",
- CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-
- /* verisign oids */
- OD( verisignUserNotices, SEC_OID_VERISIGN_USER_NOTICES,
- "Verisign User Notices",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* pkix oids */
- OD( pkixCPSPointerQualifier, SEC_OID_PKIX_CPS_POINTER_QUALIFIER,
- "PKIX CPS Pointer Qualifier",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixUserNoticeQualifier, SEC_OID_PKIX_USER_NOTICE_QUALIFIER,
- "PKIX User Notice Qualifier",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( pkixOCSP, SEC_OID_PKIX_OCSP,
- "PKIX Online Certificate Status Protocol",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPBasicResponse, SEC_OID_PKIX_OCSP_BASIC_RESPONSE,
- "OCSP Basic Response", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPNonce, SEC_OID_PKIX_OCSP_NONCE,
- "OCSP Nonce Extension", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPCRL, SEC_OID_PKIX_OCSP_CRL,
- "OCSP CRL Reference Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPResponse, SEC_OID_PKIX_OCSP_RESPONSE,
- "OCSP Response Types Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPNoCheck, SEC_OID_PKIX_OCSP_NO_CHECK,
- "OCSP No Check Extension",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( pkixOCSPArchiveCutoff, SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF,
- "OCSP Archive Cutoff Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPServiceLocator, SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
- "OCSP Service Locator Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( pkixRegCtrlRegToken, SEC_OID_PKIX_REGCTRL_REGTOKEN,
- "PKIX CRMF Registration Control, Registration Token",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixRegCtrlAuthenticator, SEC_OID_PKIX_REGCTRL_AUTHENTICATOR,
- "PKIX CRMF Registration Control, Registration Authenticator",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixRegCtrlPKIPubInfo, SEC_OID_PKIX_REGCTRL_PKIPUBINFO,
- "PKIX CRMF Registration Control, PKI Publication Info",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegCtrlPKIArchOptions,
- SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
- "PKIX CRMF Registration Control, PKI Archive Options",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegCtrlOldCertID, SEC_OID_PKIX_REGCTRL_OLD_CERT_ID,
- "PKIX CRMF Registration Control, Old Certificate ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegCtrlProtEncKey, SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY,
- "PKIX CRMF Registration Control, Protocol Encryption Key",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegInfoUTF8Pairs, SEC_OID_PKIX_REGINFO_UTF8_PAIRS,
- "PKIX CRMF Registration Info, UTF8 Pairs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegInfoCertReq, SEC_OID_PKIX_REGINFO_CERT_REQUEST,
- "PKIX CRMF Registration Info, Certificate Request",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageServerAuth,
- SEC_OID_EXT_KEY_USAGE_SERVER_AUTH,
- "TLS Web Server Authentication Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageClientAuth,
- SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH,
- "TLS Web Client Authentication Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageCodeSign, SEC_OID_EXT_KEY_USAGE_CODE_SIGN,
- "Code Signing Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageEMailProtect,
- SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT,
- "E-Mail Protection Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageTimeStamp,
- SEC_OID_EXT_KEY_USAGE_TIME_STAMP,
- "Time Stamping Certifcate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixOCSPResponderExtendedKeyUsage, SEC_OID_OCSP_RESPONDER,
- "OCSP Responder Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-
- /* Netscape Algorithm OIDs */
-
- OD( netscapeSMimeKEA, SEC_OID_NETSCAPE_SMIME_KEA,
- "Netscape S/MIME KEA", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* Skipjack OID -- ### mwelch temporary */
- OD( skipjackCBC, SEC_OID_FORTEZZA_SKIPJACK,
- "Skipjack CBC64", CKM_SKIPJACK_CBC64, INVALID_CERT_EXTENSION ),
-
- /* pkcs12 v2 oids */
- OD( pkcs12V2PBEWithSha1And128BitRC4,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4,
- "PKCS12 V2 PBE With SHA1 And 128 Bit RC4",
- CKM_PBE_SHA1_RC4_128, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And40BitRC4,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4,
- "PKCS12 V2 PBE With SHA1 And 40 Bit RC4",
- CKM_PBE_SHA1_RC4_40, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And3KeyTripleDEScbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
- "PKCS12 V2 PBE With SHA1 And 3KEY Triple DES-cbc",
- CKM_PBE_SHA1_DES3_EDE_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And2KeyTripleDEScbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC,
- "PKCS12 V2 PBE With SHA1 And 2KEY Triple DES-cbc",
- CKM_PBE_SHA1_DES2_EDE_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And128BitRC2cbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
- "PKCS12 V2 PBE With SHA1 And 128 Bit RC2 CBC",
- CKM_PBE_SHA1_RC2_128_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And40BitRC2cbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
- "PKCS12 V2 PBE With SHA1 And 40 Bit RC2 CBC",
- CKM_PBE_SHA1_RC2_40_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12SafeContentsID, SEC_OID_PKCS12_SAFE_CONTENTS_ID,
- "PKCS #12 Safe Contents ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PKCS8ShroudedKeyBagID,
- SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID,
- "PKCS #12 Safe Contents ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1KeyBag, SEC_OID_PKCS12_V1_KEY_BAG_ID,
- "PKCS #12 V1 Key Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1PKCS8ShroudedKeyBag,
- SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID,
- "PKCS #12 V1 PKCS8 Shrouded Key Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1CertBag, SEC_OID_PKCS12_V1_CERT_BAG_ID,
- "PKCS #12 V1 Cert Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1CRLBag, SEC_OID_PKCS12_V1_CRL_BAG_ID,
- "PKCS #12 V1 CRL Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1SecretBag, SEC_OID_PKCS12_V1_SECRET_BAG_ID,
- "PKCS #12 V1 Secret Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1SafeContentsBag, SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
- "PKCS #12 V1 Safe Contents Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( pkcs9X509Certificate, SEC_OID_PKCS9_X509_CERT,
- "PKCS #9 X509 Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9SDSICertificate, SEC_OID_PKCS9_SDSI_CERT,
- "PKCS #9 SDSI Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9X509CRL, SEC_OID_PKCS9_X509_CRL,
- "PKCS #9 X509 CRL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9FriendlyName, SEC_OID_PKCS9_FRIENDLY_NAME,
- "PKCS #9 Friendly Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9LocalKeyID, SEC_OID_PKCS9_LOCAL_KEY_ID,
- "PKCS #9 Local Key ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12KeyUsageAttr, SEC_OID_PKCS12_KEY_USAGE,
- "PKCS 12 Key Usage", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( dhPublicKey, SEC_OID_X942_DIFFIE_HELMAN_KEY,
- "Diffie-Helman Public Key", CKM_DH_PKCS_DERIVE,
- INVALID_CERT_EXTENSION ),
- OD( netscapeNickname, SEC_OID_NETSCAPE_NICKNAME,
- "Netscape Nickname", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* Cert Server specific OIDs */
- OD( netscapeRecoveryRequest, SEC_OID_NETSCAPE_RECOVERY_REQUEST,
- "Recovery Request OID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( nsExtAIACertRenewal, SEC_OID_CERT_RENEWAL_LOCATOR,
- "Certificate Renewal Locator OID", CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
- OD( nsExtCertScopeOfUse, SEC_OID_NS_CERT_EXT_SCOPE_OF_USE,
- "Certificate Scope-of-Use Extension", CKM_INVALID_MECHANISM,
- SUPPORTED_CERT_EXTENSION ),
-
- /* CMS stuff */
- OD( cmsESDH, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN,
- "Ephemeral-Static Diffie-Hellman", CKM_INVALID_MECHANISM /* XXX */,
- INVALID_CERT_EXTENSION ),
- OD( cms3DESwrap, SEC_OID_CMS_3DES_KEY_WRAP,
- "CMS 3DES Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
- INVALID_CERT_EXTENSION ),
- OD( cmsRC2wrap, SEC_OID_CMS_RC2_KEY_WRAP,
- "CMS RC2 Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
- INVALID_CERT_EXTENSION ),
- OD( smimeEncryptionKeyPreference, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE,
- "S/MIME Encryption Key Preference",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* AES algorithm OIDs */
- OD( aes128_ECB, SEC_OID_AES_128_ECB,
- "AES-128-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
- OD( aes128_CBC, SEC_OID_AES_128_CBC,
- "AES-128-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
- OD( aes192_ECB, SEC_OID_AES_192_ECB,
- "AES-192-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
- OD( aes192_CBC, SEC_OID_AES_192_CBC,
- "AES-192-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
- OD( aes256_ECB, SEC_OID_AES_256_ECB,
- "AES-256-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
- OD( aes256_CBC, SEC_OID_AES_256_CBC,
- "AES-256-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
-
- /* More bogus DSA OIDs */
- OD( sdn702DSASignature, SEC_OID_SDN702_DSA_SIGNATURE,
- "SDN.702 DSA Signature", CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-
- OD( ms_smimeEncryptionKeyPreference,
- SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE,
- "Microsoft S/MIME Encryption Key Preference",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( sha256, SEC_OID_SHA256, "SHA-256", CKM_SHA256, INVALID_CERT_EXTENSION),
- OD( sha384, SEC_OID_SHA384, "SHA-384", CKM_SHA384, INVALID_CERT_EXTENSION),
- OD( sha512, SEC_OID_SHA512, "SHA-512", CKM_SHA512, INVALID_CERT_EXTENSION),
-
- OD( pkcs1SHA256WithRSAEncryption, SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION,
- "PKCS #1 SHA-256 With RSA Encryption", CKM_SHA256_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
- OD( pkcs1SHA384WithRSAEncryption, SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION,
- "PKCS #1 SHA-384 With RSA Encryption", CKM_SHA384_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
- OD( pkcs1SHA512WithRSAEncryption, SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION,
- "PKCS #1 SHA-512 With RSA Encryption", CKM_SHA512_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
-
- OD( aes128_KEY_WRAP, SEC_OID_AES_128_KEY_WRAP,
- "AES-128 Key Wrap", CKM_NETSCAPE_AES_KEY_WRAP, INVALID_CERT_EXTENSION),
- OD( aes192_KEY_WRAP, SEC_OID_AES_192_KEY_WRAP,
- "AES-192 Key Wrap", CKM_NETSCAPE_AES_KEY_WRAP, INVALID_CERT_EXTENSION),
- OD( aes256_KEY_WRAP, SEC_OID_AES_256_KEY_WRAP,
- "AES-256 Key Wrap", CKM_NETSCAPE_AES_KEY_WRAP, INVALID_CERT_EXTENSION),
-
- /* Elliptic Curve Cryptography (ECC) OIDs */
- OD( ansix962ECPublicKey, SEC_OID_ANSIX962_EC_PUBLIC_KEY,
- "X9.62 elliptic curve public key", CKM_ECDH1_DERIVE,
- INVALID_CERT_EXTENSION ),
- OD( ansix962ECDSASignaturewithSHA1Digest,
- SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST,
- "X9.62 ECDSA signature with SHA1", CKM_ECDSA_SHA1,
- INVALID_CERT_EXTENSION ),
-
- /* Named curves */
-
- /* ANSI X9.62 named elliptic curves (prime field) */
- OD( ansiX962prime192v1, SEC_OID_ANSIX962_EC_PRIME192V1,
- "ANSI X9.62 elliptic curve prime192v1 (aka secp192r1, NIST P-192)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962prime192v2, SEC_OID_ANSIX962_EC_PRIME192V2,
- "ANSI X9.62 elliptic curve prime192v2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962prime192v3, SEC_OID_ANSIX962_EC_PRIME192V3,
- "ANSI X9.62 elliptic curve prime192v3",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962prime239v1, SEC_OID_ANSIX962_EC_PRIME239V1,
- "ANSI X9.62 elliptic curve prime239v1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962prime239v2, SEC_OID_ANSIX962_EC_PRIME239V2,
- "ANSI X9.62 elliptic curve prime239v2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962prime239v3, SEC_OID_ANSIX962_EC_PRIME239V3,
- "ANSI X9.62 elliptic curve prime239v3",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962prime256v1, SEC_OID_ANSIX962_EC_PRIME256V1,
- "ANSI X9.62 elliptic curve prime256v1 (aka secp256r1, NIST P-256)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
- /* SECG named elliptic curves (prime field) */
- OD( secgECsecp112r1, SEC_OID_SECG_EC_SECP112R1,
- "SECG elliptic curve secp112r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp112r2, SEC_OID_SECG_EC_SECP112R2,
- "SECG elliptic curve secp112r2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp128r1, SEC_OID_SECG_EC_SECP128R1,
- "SECG elliptic curve secp128r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp128r2, SEC_OID_SECG_EC_SECP128R2,
- "SECG elliptic curve secp128r2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp160k1, SEC_OID_SECG_EC_SECP160K1,
- "SECG elliptic curve secp160k1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp160r1, SEC_OID_SECG_EC_SECP160R1,
- "SECG elliptic curve secp160r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp160r2, SEC_OID_SECG_EC_SECP160R2,
- "SECG elliptic curve secp160r2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp192k1, SEC_OID_SECG_EC_SECP192K1,
- "SECG elliptic curve secp192k1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp224k1, SEC_OID_SECG_EC_SECP224K1,
- "SECG elliptic curve secp224k1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp224r1, SEC_OID_SECG_EC_SECP224R1,
- "SECG elliptic curve secp224r1 (aka NIST P-224)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp256k1, SEC_OID_SECG_EC_SECP256K1,
- "SECG elliptic curve secp256k1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp384r1, SEC_OID_SECG_EC_SECP384R1,
- "SECG elliptic curve secp384r1 (aka NIST P-384)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsecp521r1, SEC_OID_SECG_EC_SECP521R1,
- "SECG elliptic curve secp521r1 (aka NIST P-521)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
- /* ANSI X9.62 named elliptic curves (characteristic two field) */
- OD( ansiX962c2pnb163v1, SEC_OID_ANSIX962_EC_C2PNB163V1,
- "ANSI X9.62 elliptic curve c2pnb163v1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb163v2, SEC_OID_ANSIX962_EC_C2PNB163V2,
- "ANSI X9.62 elliptic curve c2pnb163v2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb163v3, SEC_OID_ANSIX962_EC_C2PNB163V3,
- "ANSI X9.62 elliptic curve c2pnb163v3",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb176v1, SEC_OID_ANSIX962_EC_C2PNB176V1,
- "ANSI X9.62 elliptic curve c2pnb176v1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb191v1, SEC_OID_ANSIX962_EC_C2TNB191V1,
- "ANSI X9.62 elliptic curve c2tnb191v1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb191v2, SEC_OID_ANSIX962_EC_C2TNB191V2,
- "ANSI X9.62 elliptic curve c2tnb191v2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb191v3, SEC_OID_ANSIX962_EC_C2TNB191V3,
- "ANSI X9.62 elliptic curve c2tnb191v3",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2onb191v4, SEC_OID_ANSIX962_EC_C2ONB191V4,
- "ANSI X9.62 elliptic curve c2onb191v4",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2onb191v5, SEC_OID_ANSIX962_EC_C2ONB191V5,
- "ANSI X9.62 elliptic curve c2onb191v5",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb208w1, SEC_OID_ANSIX962_EC_C2PNB208W1,
- "ANSI X9.62 elliptic curve c2pnb208w1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb239v1, SEC_OID_ANSIX962_EC_C2TNB239V1,
- "ANSI X9.62 elliptic curve c2tnb239v1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb239v2, SEC_OID_ANSIX962_EC_C2TNB239V2,
- "ANSI X9.62 elliptic curve c2tnb239v2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb239v3, SEC_OID_ANSIX962_EC_C2TNB239V3,
- "ANSI X9.62 elliptic curve c2tnb239v3",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2onb239v4, SEC_OID_ANSIX962_EC_C2ONB239V4,
- "ANSI X9.62 elliptic curve c2onb239v4",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2onb239v5, SEC_OID_ANSIX962_EC_C2ONB239V5,
- "ANSI X9.62 elliptic curve c2onb239v5",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb272w1, SEC_OID_ANSIX962_EC_C2PNB272W1,
- "ANSI X9.62 elliptic curve c2pnb272w1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb304w1, SEC_OID_ANSIX962_EC_C2PNB304W1,
- "ANSI X9.62 elliptic curve c2pnb304w1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb359v1, SEC_OID_ANSIX962_EC_C2TNB359V1,
- "ANSI X9.62 elliptic curve c2tnb359v1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2pnb368w1, SEC_OID_ANSIX962_EC_C2PNB368W1,
- "ANSI X9.62 elliptic curve c2pnb368w1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( ansiX962c2tnb431r1, SEC_OID_ANSIX962_EC_C2TNB431R1,
- "ANSI X9.62 elliptic curve c2tnb431r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
- /* SECG named elliptic curves (characterisitic two field) */
- OD( secgECsect113r1, SEC_OID_SECG_EC_SECT113R1,
- "SECG elliptic curve sect113r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect113r2, SEC_OID_SECG_EC_SECT113R2,
- "SECG elliptic curve sect113r2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect131r1, SEC_OID_SECG_EC_SECT131R1,
- "SECG elliptic curve sect131r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect131r2, SEC_OID_SECG_EC_SECT131R2,
- "SECG elliptic curve sect131r2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect163k1, SEC_OID_SECG_EC_SECT163K1,
- "SECG elliptic curve sect163k1 (aka NIST K-163)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect163r1, SEC_OID_SECG_EC_SECT163R1,
- "SECG elliptic curve sect163r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect163r2, SEC_OID_SECG_EC_SECT163R2,
- "SECG elliptic curve sect163r2 (aka NIST B-163)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect193r1, SEC_OID_SECG_EC_SECT193R1,
- "SECG elliptic curve sect193r1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect193r2, SEC_OID_SECG_EC_SECT193R2,
- "SECG elliptic curve sect193r2",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect233k1, SEC_OID_SECG_EC_SECT233K1,
- "SECG elliptic curve sect233k1 (aka NIST K-233)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect233r1, SEC_OID_SECG_EC_SECT233R1,
- "SECG elliptic curve sect233r1 (aka NIST B-233)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect239k1, SEC_OID_SECG_EC_SECT239K1,
- "SECG elliptic curve sect239k1",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect283k1, SEC_OID_SECG_EC_SECT283K1,
- "SECG elliptic curve sect283k1 (aka NIST K-283)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect283r1, SEC_OID_SECG_EC_SECT283R1,
- "SECG elliptic curve sect283r1 (aka NIST B-283)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect409k1, SEC_OID_SECG_EC_SECT409K1,
- "SECG elliptic curve sect409k1 (aka NIST K-409)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect409r1, SEC_OID_SECG_EC_SECT409R1,
- "SECG elliptic curve sect409r1 (aka NIST B-409)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect571k1, SEC_OID_SECG_EC_SECT571K1,
- "SECG elliptic curve sect571k1 (aka NIST K-571)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
- OD( secgECsect571r1, SEC_OID_SECG_EC_SECT571R1,
- "SECG elliptic curve sect571r1 (aka NIST B-571)",
- CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
- OD( netscapeAOLScreenname, SEC_OID_NETSCAPE_AOLSCREENNAME,
- "AOL Screenname", CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
-};
-
-/*
- * now the dynamic table. The dynamic table gets build at init time.
- * and gets modified if the user loads new crypto modules.
- */
-
-static PLHashTable *oid_d_hash = 0;
-static SECOidData **secoidDynamicTable = NULL;
-static int secoidDynamicTableSize = 0;
-static int secoidLastDynamicEntry = 0;
-static int secoidLastHashEntry = 0;
-
-static SECStatus
-secoid_DynamicRehash(void)
-{
- SECOidData *oid;
- PLHashEntry *entry;
- int i;
- int last = secoidLastDynamicEntry;
-
- if (!oid_d_hash) {
- oid_d_hash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- PL_CompareValues, NULL, NULL);
- }
-
-
- if ( !oid_d_hash ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return(SECFailure);
- }
-
- for ( i = secoidLastHashEntry; i < last; i++ ) {
- oid = secoidDynamicTable[i];
-
- entry = PL_HashTableAdd( oid_d_hash, &oid->oid, oid );
- if ( entry == NULL ) {
- return(SECFailure);
- }
- }
- secoidLastHashEntry = last;
- return(SECSuccess);
-}
-
-
-
-/*
- * Lookup a Dynamic OID. Dynamic OID's still change slowly, so it's
- * cheaper to rehash the table when it changes than it is to do the loop
- * each time. Worry: what about thread safety here? Global Static data with
- * no locks.... (sigh).
- */
-static SECOidData *
-secoid_FindDynamic(SECItem *key) {
- SECOidData *ret = NULL;
- if (secoidDynamicTable == NULL) {
- /* PORT_SetError! */
- return NULL;
- }
- if (secoidLastHashEntry != secoidLastDynamicEntry) {
- SECStatus rv = secoid_DynamicRehash();
- if ( rv != SECSuccess ) {
- return NULL;
- }
- }
- ret = (SECOidData *)PL_HashTableLookup (oid_d_hash, key);
- return ret;
-
-}
-
-static SECOidData *
-secoid_FindDynamicByTag(SECOidTag tagnum)
-{
- int tagNumDiff;
-
- if (secoidDynamicTable == NULL) {
- return NULL;
- }
-
- if (tagnum < SEC_OID_TOTAL) {
- return NULL;
- }
-
- tagNumDiff = tagnum - SEC_OID_TOTAL;
- if (tagNumDiff >= secoidLastDynamicEntry) {
- return NULL;
- }
-
- return(secoidDynamicTable[tagNumDiff]);
-}
-
-/*
- * this routine is definately not thread safe. It is only called out
- * of the UI, or at init time. If we want to call it any other time,
- * we need to make it thread safe.
- */
-SECStatus
-SECOID_AddEntry(SECItem *oid, char *description, unsigned long mech) {
- SECOidData *oiddp = (SECOidData *)PORT_Alloc(sizeof(SECOidData));
- int last = secoidLastDynamicEntry;
- int tableSize = secoidDynamicTableSize;
- int next = last++;
- SECOidData **newTable = secoidDynamicTable;
- SECOidData **oldTable = NULL;
-
- if (oid == NULL) {
- return SECFailure;
- }
-
- /* fill in oid structure */
- if (SECITEM_CopyItem(NULL,&oiddp->oid,oid) != SECSuccess) {
- PORT_Free(oiddp);
- return SECFailure;
- }
- oiddp->offset = (SECOidTag)(next + SEC_OID_TOTAL);
- /* may we should just reference the copy passed to us? */
- oiddp->desc = PORT_Strdup(description);
- oiddp->mechanism = mech;
-
-
- if (last > tableSize) {
- int oldTableSize = tableSize;
- tableSize += 10;
- oldTable = newTable;
- newTable = (SECOidData **)PORT_ZAlloc(sizeof(SECOidData *)*tableSize);
- if (newTable == NULL) {
- PORT_Free(oiddp->oid.data);
- PORT_Free(oiddp);
- return SECFailure;
- }
- PORT_Memcpy(newTable,oldTable,sizeof(SECOidData *)*oldTableSize);
- PORT_Free(oldTable);
- }
-
- newTable[next] = oiddp;
- secoidDynamicTable = newTable;
- secoidDynamicTableSize = tableSize;
- secoidLastDynamicEntry= last;
- return SECSuccess;
-}
-
-
-/* normal static table processing */
-static PLHashTable *oidhash = NULL;
-static PLHashTable *oidmechhash = NULL;
-
-static PLHashNumber
-secoid_HashNumber(const void *key)
-{
- return (PLHashNumber) key;
-}
-
-
-SECStatus
-secoid_Init(void)
-{
- PLHashEntry *entry;
- const SECOidData *oid;
- int i;
-
- if (oidhash) {
- return PR_SUCCESS;
- }
-
- oidhash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- PL_CompareValues, NULL, NULL);
- oidmechhash = PL_NewHashTable(0, secoid_HashNumber, PL_CompareValues,
- PL_CompareValues, NULL, NULL);
-
- if ( !oidhash || !oidmechhash) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- PORT_Assert(0); /*This function should never fail. */
- return(SECFailure);
- }
-
- for ( i = 0; i < ( sizeof(oids) / sizeof(SECOidData) ); i++ ) {
- oid = &oids[i];
-
- PORT_Assert ( oid->offset == i );
-
- entry = PL_HashTableAdd( oidhash, &oid->oid, (void *)oid );
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- PORT_Assert(0); /*This function should never fail. */
- return(SECFailure);
- }
-
- if ( oid->mechanism != CKM_INVALID_MECHANISM ) {
- entry = PL_HashTableAdd( oidmechhash,
- (void *)oid->mechanism, (void *)oid );
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- PORT_Assert(0); /* This function should never fail. */
- return(SECFailure);
- }
- }
- }
-
- PORT_Assert (i == SEC_OID_TOTAL);
-
- return(SECSuccess);
-}
-
-SECOidData *
-SECOID_FindOIDByMechanism(unsigned long mechanism)
-{
- SECOidData *ret;
- int rv;
-
- PR_ASSERT(oidhash != NULL);
-
- ret = PL_HashTableLookupConst ( oidmechhash, (void *)mechanism);
- if ( ret == NULL ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- }
-
- return (ret);
-}
-
-SECOidData *
-SECOID_FindOID(SECItem *oid)
-{
- SECOidData *ret;
- int rv;
-
- PR_ASSERT(oidhash != NULL);
-
- ret = PL_HashTableLookupConst ( oidhash, oid );
- if ( ret == NULL ) {
- ret = secoid_FindDynamic(oid);
- if (ret == NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- }
- }
-
- return(ret);
-}
-
-SECOidTag
-SECOID_FindOIDTag(SECItem *oid)
-{
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID (oid);
- if (oiddata == NULL)
- return SEC_OID_UNKNOWN;
-
- return oiddata->offset;
-}
-
-/* This really should return const. */
-SECOidData *
-SECOID_FindOIDByTag(SECOidTag tagnum)
-{
-
- if (tagnum >= SEC_OID_TOTAL) {
- return secoid_FindDynamicByTag(tagnum);
- }
-
- PORT_Assert((unsigned int)tagnum < (sizeof(oids) / sizeof(SECOidData)));
- return (SECOidData *)(&oids[tagnum]);
-}
-
-PRBool SECOID_KnownCertExtenOID (SECItem *extenOid)
-{
- SECOidData * oidData;
-
- oidData = SECOID_FindOID (extenOid);
- if (oidData == (SECOidData *)NULL)
- return (PR_FALSE);
- return ((oidData->supportedExtension == SUPPORTED_CERT_EXTENSION) ?
- PR_TRUE : PR_FALSE);
-}
-
-
-const char *
-SECOID_FindOIDTagDescription(SECOidTag tagnum)
-{
- const SECOidData *oidData = SECOID_FindOIDByTag(tagnum);
- return oidData ? oidData->desc : 0;
-}
-
-/*
- * free up the oid tables.
- */
-SECStatus
-SECOID_Shutdown(void)
-{
- int i;
-
- if (oidhash) {
- PL_HashTableDestroy(oidhash);
- oidhash = NULL;
- }
- if (oidmechhash) {
- PL_HashTableDestroy(oidmechhash);
- oidmechhash = NULL;
- }
- if (oid_d_hash) {
- PL_HashTableDestroy(oid_d_hash);
- oid_d_hash = NULL;
- }
- if (secoidDynamicTable) {
- for (i=0; i < secoidLastDynamicEntry; i++) {
- PORT_Free(secoidDynamicTable[i]);
- }
- PORT_Free(secoidDynamicTable);
- secoidDynamicTable = NULL;
- secoidDynamicTableSize = 0;
- secoidLastDynamicEntry = 0;
- secoidLastHashEntry = 0;
- }
- return SECSuccess;
-}
diff --git a/security/nss/lib/util/secoid.h b/security/nss/lib/util/secoid.h
deleted file mode 100644
index a77bc60ba..000000000
--- a/security/nss/lib/util/secoid.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECOID_H_
-#define _SECOID_H_
-/*
- * secoid.h - public data structures and prototypes for ASN.1 OID functions
- *
- * $Id$
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template SECOID_AlgorithmIDTemplate[];
-
-/* This functions simply returns the address of the above-declared template. */
-SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate)
-
-/*
- * OID handling routines
- */
-extern SECOidData *SECOID_FindOID(SECItem *oid);
-extern SECOidTag SECOID_FindOIDTag(SECItem *oid);
-extern SECOidData *SECOID_FindOIDByTag(SECOidTag tagnum);
-extern SECOidData *SECOID_FindOIDByMechanism(unsigned long mechanism);
-
-/****************************************/
-/*
-** Algorithm id handling operations
-*/
-
-/*
-** Fill in an algorithm-ID object given a tag and some parameters.
-** "aid" where the DER encoded algorithm info is stored (memory
-** is allocated)
-** "tag" the tag defining the algorithm (SEC_OID_*)
-** "params" if not NULL, the parameters to go with the algorithm
-*/
-extern SECStatus SECOID_SetAlgorithmID(PRArenaPool *arena, SECAlgorithmID *aid,
- SECOidTag tag, SECItem *params);
-
-/*
-** Copy the "src" object to "dest". Memory is allocated in "dest" for
-** each of the appropriate sub-objects. Memory in "dest" is not freed
-** before memory is allocated (use SECOID_DestroyAlgorithmID(dest, PR_FALSE)
-** to do that).
-*/
-extern SECStatus SECOID_CopyAlgorithmID(PRArenaPool *arena, SECAlgorithmID *dest,
- SECAlgorithmID *src);
-
-/*
-** Get the SEC_OID_* tag for the given algorithm-id object.
-*/
-extern SECOidTag SECOID_GetAlgorithmTag(SECAlgorithmID *aid);
-
-/*
-** Destroy an algorithm-id object.
-** "aid" the certificate-request to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SECOID_DestroyAlgorithmID(SECAlgorithmID *aid, PRBool freeit);
-
-/*
-** Compare two algorithm-id objects, returning the difference between
-** them.
-*/
-extern SECComparison SECOID_CompareAlgorithmID(SECAlgorithmID *a,
- SECAlgorithmID *b);
-
-extern PRBool SECOID_KnownCertExtenOID (SECItem *extenOid);
-
-/* Given a SEC_OID_* tag, return a string describing it.
- */
-extern const char *SECOID_FindOIDTagDescription(SECOidTag tagnum);
-
-/*
- * free up the oid data structures.
- */
-extern SECStatus SECOID_Shutdown(void);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECOID_H_ */
diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h
deleted file mode 100644
index 62d15d7b1..000000000
--- a/security/nss/lib/util/secoidt.h
+++ /dev/null
@@ -1,415 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
- * Sun Microsystems, Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECOIDT_H_
-#define _SECOIDT_H_
-/*
- * secoidt.h - public data structures for ASN.1 OID functions
- *
- * $Id$
- */
-
-#include "secitem.h"
-
-typedef struct SECOidDataStr SECOidData;
-typedef struct SECAlgorithmIDStr SECAlgorithmID;
-
-/*
-** An X.500 algorithm identifier
-*/
-struct SECAlgorithmIDStr {
- SECItem algorithm;
- SECItem parameters;
-};
-
-/*
- * Misc object IDs - these numbers are for convenient handling.
- * They are mapped into real object IDs
- *
- * NOTE: the order of these entries must mach the array "oids" of SECOidData
- * in util/secoid.c.
- */
-typedef enum {
- SEC_OID_UNKNOWN = 0,
- SEC_OID_MD2 = 1,
- SEC_OID_MD4 = 2,
- SEC_OID_MD5 = 3,
- SEC_OID_SHA1 = 4,
- SEC_OID_RC2_CBC = 5,
- SEC_OID_RC4 = 6,
- SEC_OID_DES_EDE3_CBC = 7,
- SEC_OID_RC5_CBC_PAD = 8,
- SEC_OID_DES_ECB = 9,
- SEC_OID_DES_CBC = 10,
- SEC_OID_DES_OFB = 11,
- SEC_OID_DES_CFB = 12,
- SEC_OID_DES_MAC = 13,
- SEC_OID_DES_EDE = 14,
- SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE = 15,
- SEC_OID_PKCS1_RSA_ENCRYPTION = 16,
- SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = 17,
- SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = 18,
- SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = 19,
- SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = 20,
- SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = 21,
- SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = 22,
- SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = 23,
- SEC_OID_PKCS7 = 24,
- SEC_OID_PKCS7_DATA = 25,
- SEC_OID_PKCS7_SIGNED_DATA = 26,
- SEC_OID_PKCS7_ENVELOPED_DATA = 27,
- SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA = 28,
- SEC_OID_PKCS7_DIGESTED_DATA = 29,
- SEC_OID_PKCS7_ENCRYPTED_DATA = 30,
- SEC_OID_PKCS9_EMAIL_ADDRESS = 31,
- SEC_OID_PKCS9_UNSTRUCTURED_NAME = 32,
- SEC_OID_PKCS9_CONTENT_TYPE = 33,
- SEC_OID_PKCS9_MESSAGE_DIGEST = 34,
- SEC_OID_PKCS9_SIGNING_TIME = 35,
- SEC_OID_PKCS9_COUNTER_SIGNATURE = 36,
- SEC_OID_PKCS9_CHALLENGE_PASSWORD = 37,
- SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS = 38,
- SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = 39,
- SEC_OID_PKCS9_SMIME_CAPABILITIES = 40,
- SEC_OID_AVA_COMMON_NAME = 41,
- SEC_OID_AVA_COUNTRY_NAME = 42,
- SEC_OID_AVA_LOCALITY = 43,
- SEC_OID_AVA_STATE_OR_PROVINCE = 44,
- SEC_OID_AVA_ORGANIZATION_NAME = 45,
- SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME = 46,
- SEC_OID_AVA_DN_QUALIFIER = 47,
- SEC_OID_AVA_DC = 48,
-
- SEC_OID_NS_TYPE_GIF = 49,
- SEC_OID_NS_TYPE_JPEG = 50,
- SEC_OID_NS_TYPE_URL = 51,
- SEC_OID_NS_TYPE_HTML = 52,
- SEC_OID_NS_TYPE_CERT_SEQUENCE = 53,
- SEC_OID_MISSI_KEA_DSS_OLD = 54,
- SEC_OID_MISSI_DSS_OLD = 55,
- SEC_OID_MISSI_KEA_DSS = 56,
- SEC_OID_MISSI_DSS = 57,
- SEC_OID_MISSI_KEA = 58,
- SEC_OID_MISSI_ALT_KEA = 59,
-
- /* Netscape private certificate extensions */
- SEC_OID_NS_CERT_EXT_NETSCAPE_OK = 60,
- SEC_OID_NS_CERT_EXT_ISSUER_LOGO = 61,
- SEC_OID_NS_CERT_EXT_SUBJECT_LOGO = 62,
- SEC_OID_NS_CERT_EXT_CERT_TYPE = 63,
- SEC_OID_NS_CERT_EXT_BASE_URL = 64,
- SEC_OID_NS_CERT_EXT_REVOCATION_URL = 65,
- SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL = 66,
- SEC_OID_NS_CERT_EXT_CA_CRL_URL = 67,
- SEC_OID_NS_CERT_EXT_CA_CERT_URL = 68,
- SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL = 69,
- SEC_OID_NS_CERT_EXT_CA_POLICY_URL = 70,
- SEC_OID_NS_CERT_EXT_HOMEPAGE_URL = 71,
- SEC_OID_NS_CERT_EXT_ENTITY_LOGO = 72,
- SEC_OID_NS_CERT_EXT_USER_PICTURE = 73,
- SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME = 74,
- SEC_OID_NS_CERT_EXT_COMMENT = 75,
- SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL = 76,
- SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME = 77,
- SEC_OID_NS_KEY_USAGE_GOVT_APPROVED = 78,
-
- /* x.509 v3 Extensions */
- SEC_OID_X509_SUBJECT_DIRECTORY_ATTR = 79,
- SEC_OID_X509_SUBJECT_KEY_ID = 80,
- SEC_OID_X509_KEY_USAGE = 81,
- SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD = 82,
- SEC_OID_X509_SUBJECT_ALT_NAME = 83,
- SEC_OID_X509_ISSUER_ALT_NAME = 84,
- SEC_OID_X509_BASIC_CONSTRAINTS = 85,
- SEC_OID_X509_NAME_CONSTRAINTS = 86,
- SEC_OID_X509_CRL_DIST_POINTS = 87,
- SEC_OID_X509_CERTIFICATE_POLICIES = 88,
- SEC_OID_X509_POLICY_MAPPINGS = 89,
- SEC_OID_X509_POLICY_CONSTRAINTS = 90,
- SEC_OID_X509_AUTH_KEY_ID = 91,
- SEC_OID_X509_EXT_KEY_USAGE = 92,
- SEC_OID_X509_AUTH_INFO_ACCESS = 93,
-
- SEC_OID_X509_CRL_NUMBER = 94,
- SEC_OID_X509_REASON_CODE = 95,
- SEC_OID_X509_INVALID_DATE = 96,
- /* End of x.509 v3 Extensions */
-
- SEC_OID_X500_RSA_ENCRYPTION = 97,
-
- /* alg 1485 additions */
- SEC_OID_RFC1274_UID = 98,
- SEC_OID_RFC1274_MAIL = 99,
-
- /* PKCS 12 additions */
- SEC_OID_PKCS12 = 100,
- SEC_OID_PKCS12_MODE_IDS = 101,
- SEC_OID_PKCS12_ESPVK_IDS = 102,
- SEC_OID_PKCS12_BAG_IDS = 103,
- SEC_OID_PKCS12_CERT_BAG_IDS = 104,
- SEC_OID_PKCS12_OIDS = 105,
- SEC_OID_PKCS12_PBE_IDS = 106,
- SEC_OID_PKCS12_SIGNATURE_IDS = 107,
- SEC_OID_PKCS12_ENVELOPING_IDS = 108,
- /* SEC_OID_PKCS12_OFFLINE_TRANSPORT_MODE,
- SEC_OID_PKCS12_ONLINE_TRANSPORT_MODE, */
- SEC_OID_PKCS12_PKCS8_KEY_SHROUDING = 109,
- SEC_OID_PKCS12_KEY_BAG_ID = 110,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID = 111,
- SEC_OID_PKCS12_SECRET_BAG_ID = 112,
- SEC_OID_PKCS12_X509_CERT_CRL_BAG = 113,
- SEC_OID_PKCS12_SDSI_CERT_BAG = 114,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = 115,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = 116,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC = 117,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 118,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 119,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 = 120,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 = 121,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES = 122,
- SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST = 123,
- /* end of PKCS 12 additions */
-
- /* DSA signatures */
- SEC_OID_ANSIX9_DSA_SIGNATURE = 124,
- SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = 125,
- SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = 126,
-
- /* Verisign OIDs */
- SEC_OID_VERISIGN_USER_NOTICES = 127,
-
- /* PKIX OIDs */
- SEC_OID_PKIX_CPS_POINTER_QUALIFIER = 128,
- SEC_OID_PKIX_USER_NOTICE_QUALIFIER = 129,
- SEC_OID_PKIX_OCSP = 130,
- SEC_OID_PKIX_OCSP_BASIC_RESPONSE = 131,
- SEC_OID_PKIX_OCSP_NONCE = 132,
- SEC_OID_PKIX_OCSP_CRL = 133,
- SEC_OID_PKIX_OCSP_RESPONSE = 134,
- SEC_OID_PKIX_OCSP_NO_CHECK = 135,
- SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF = 136,
- SEC_OID_PKIX_OCSP_SERVICE_LOCATOR = 137,
- SEC_OID_PKIX_REGCTRL_REGTOKEN = 138,
- SEC_OID_PKIX_REGCTRL_AUTHENTICATOR = 139,
- SEC_OID_PKIX_REGCTRL_PKIPUBINFO = 140,
- SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = 141,
- SEC_OID_PKIX_REGCTRL_OLD_CERT_ID = 142,
- SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = 143,
- SEC_OID_PKIX_REGINFO_UTF8_PAIRS = 144,
- SEC_OID_PKIX_REGINFO_CERT_REQUEST = 145,
- SEC_OID_EXT_KEY_USAGE_SERVER_AUTH = 146,
- SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH = 147,
- SEC_OID_EXT_KEY_USAGE_CODE_SIGN = 148,
- SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT = 149,
- SEC_OID_EXT_KEY_USAGE_TIME_STAMP = 150,
- SEC_OID_OCSP_RESPONDER = 151,
-
- /* Netscape Algorithm OIDs */
- SEC_OID_NETSCAPE_SMIME_KEA = 152,
-
- /* Skipjack OID -- ### mwelch temporary */
- SEC_OID_FORTEZZA_SKIPJACK = 153,
-
- /* PKCS 12 V2 oids */
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 = 154,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 = 155,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC = 156,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC = 157,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 158,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 159,
- SEC_OID_PKCS12_SAFE_CONTENTS_ID = 160,
- SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID = 161,
-
- SEC_OID_PKCS12_V1_KEY_BAG_ID = 162,
- SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID = 163,
- SEC_OID_PKCS12_V1_CERT_BAG_ID = 164,
- SEC_OID_PKCS12_V1_CRL_BAG_ID = 165,
- SEC_OID_PKCS12_V1_SECRET_BAG_ID = 166,
- SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID = 167,
- SEC_OID_PKCS9_X509_CERT = 168,
- SEC_OID_PKCS9_SDSI_CERT = 169,
- SEC_OID_PKCS9_X509_CRL = 170,
- SEC_OID_PKCS9_FRIENDLY_NAME = 171,
- SEC_OID_PKCS9_LOCAL_KEY_ID = 172,
- SEC_OID_PKCS12_KEY_USAGE = 173,
-
- /*Diffe Helman OIDS */
- SEC_OID_X942_DIFFIE_HELMAN_KEY = 174,
-
- /* Netscape other name types */
- SEC_OID_NETSCAPE_NICKNAME = 175,
-
- /* Cert Server OIDS */
- SEC_OID_NETSCAPE_RECOVERY_REQUEST = 176,
-
- /* New PSM certificate management OIDs */
- SEC_OID_CERT_RENEWAL_LOCATOR = 177,
- SEC_OID_NS_CERT_EXT_SCOPE_OF_USE = 178,
-
- /* CMS (RFC2630) OIDs */
- SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = 179,
- SEC_OID_CMS_3DES_KEY_WRAP = 180,
- SEC_OID_CMS_RC2_KEY_WRAP = 181,
-
- /* SMIME attributes */
- SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE = 182,
-
- /* AES OIDs */
- SEC_OID_AES_128_ECB = 183,
- SEC_OID_AES_128_CBC = 184,
- SEC_OID_AES_192_ECB = 185,
- SEC_OID_AES_192_CBC = 186,
- SEC_OID_AES_256_ECB = 187,
- SEC_OID_AES_256_CBC = 188,
-
- SEC_OID_SDN702_DSA_SIGNATURE = 189,
-
- SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE = 190,
-
- SEC_OID_SHA256 = 191,
- SEC_OID_SHA384 = 192,
- SEC_OID_SHA512 = 193,
-
- SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION = 194,
- SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION = 195,
- SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION = 196,
-
- SEC_OID_AES_128_KEY_WRAP = 197,
- SEC_OID_AES_192_KEY_WRAP = 198,
- SEC_OID_AES_256_KEY_WRAP = 199,
-
- /* Elliptic Curve Cryptography (ECC) OIDs */
- SEC_OID_ANSIX962_EC_PUBLIC_KEY = 200,
- SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST = 201,
-
- /* ANSI X9.62 named elliptic curves (prime field) */
- SEC_OID_ANSIX962_EC_PRIME192V1 = 202,
- SEC_OID_ANSIX962_EC_PRIME192V2 = 203,
- SEC_OID_ANSIX962_EC_PRIME192V3 = 204,
- SEC_OID_ANSIX962_EC_PRIME239V1 = 205,
- SEC_OID_ANSIX962_EC_PRIME239V2 = 206,
- SEC_OID_ANSIX962_EC_PRIME239V3 = 207,
- SEC_OID_ANSIX962_EC_PRIME256V1 = 208,
-
- /* SECG named elliptic curves (prime field) */
- SEC_OID_SECG_EC_SECP112R1 = 209,
- SEC_OID_SECG_EC_SECP112R2 = 210,
- SEC_OID_SECG_EC_SECP128R1 = 211,
- SEC_OID_SECG_EC_SECP128R2 = 212,
- SEC_OID_SECG_EC_SECP160K1 = 213,
- SEC_OID_SECG_EC_SECP160R1 = 214,
- SEC_OID_SECG_EC_SECP160R2 = 215,
- SEC_OID_SECG_EC_SECP192K1 = 216,
- /* SEC_OID_SECG_EC_SECP192R1 is SEC_OID_ANSIX962_EC_PRIME192V1 */
- SEC_OID_SECG_EC_SECP224K1 = 217,
- SEC_OID_SECG_EC_SECP224R1 = 218,
- SEC_OID_SECG_EC_SECP256K1 = 219,
- /* SEC_OID_SECG_EC_SECP256R1 is SEC_OID_ANSIX962_EC_PRIME256V1 */
- SEC_OID_SECG_EC_SECP384R1 = 220,
- SEC_OID_SECG_EC_SECP521R1 = 221,
-
- /* ANSI X9.62 named elliptic curves (characteristic two field) */
- SEC_OID_ANSIX962_EC_C2PNB163V1 = 222,
- SEC_OID_ANSIX962_EC_C2PNB163V2 = 223,
- SEC_OID_ANSIX962_EC_C2PNB163V3 = 224,
- SEC_OID_ANSIX962_EC_C2PNB176V1 = 225,
- SEC_OID_ANSIX962_EC_C2TNB191V1 = 226,
- SEC_OID_ANSIX962_EC_C2TNB191V2 = 227,
- SEC_OID_ANSIX962_EC_C2TNB191V3 = 228,
- SEC_OID_ANSIX962_EC_C2ONB191V4 = 229,
- SEC_OID_ANSIX962_EC_C2ONB191V5 = 230,
- SEC_OID_ANSIX962_EC_C2PNB208W1 = 231,
- SEC_OID_ANSIX962_EC_C2TNB239V1 = 232,
- SEC_OID_ANSIX962_EC_C2TNB239V2 = 233,
- SEC_OID_ANSIX962_EC_C2TNB239V3 = 234,
- SEC_OID_ANSIX962_EC_C2ONB239V4 = 235,
- SEC_OID_ANSIX962_EC_C2ONB239V5 = 236,
- SEC_OID_ANSIX962_EC_C2PNB272W1 = 237,
- SEC_OID_ANSIX962_EC_C2PNB304W1 = 238,
- SEC_OID_ANSIX962_EC_C2TNB359V1 = 239,
- SEC_OID_ANSIX962_EC_C2PNB368W1 = 240,
- SEC_OID_ANSIX962_EC_C2TNB431R1 = 241,
-
- /* SECG named elliptic curves (characteristic two field) */
- SEC_OID_SECG_EC_SECT113R1 = 242,
- SEC_OID_SECG_EC_SECT113R2 = 243,
- SEC_OID_SECG_EC_SECT131R1 = 244,
- SEC_OID_SECG_EC_SECT131R2 = 245,
- SEC_OID_SECG_EC_SECT163K1 = 246,
- SEC_OID_SECG_EC_SECT163R1 = 247,
- SEC_OID_SECG_EC_SECT163R2 = 248,
- SEC_OID_SECG_EC_SECT193R1 = 249,
- SEC_OID_SECG_EC_SECT193R2 = 250,
- SEC_OID_SECG_EC_SECT233K1 = 251,
- SEC_OID_SECG_EC_SECT233R1 = 252,
- SEC_OID_SECG_EC_SECT239K1 = 253,
- SEC_OID_SECG_EC_SECT283K1 = 254,
- SEC_OID_SECG_EC_SECT283R1 = 255,
- SEC_OID_SECG_EC_SECT409K1 = 256,
- SEC_OID_SECG_EC_SECT409R1 = 257,
- SEC_OID_SECG_EC_SECT571K1 = 258,
- SEC_OID_SECG_EC_SECT571R1 = 259,
-
- SEC_OID_NETSCAPE_AOLSCREENNAME = 260,
-
- SEC_OID_TOTAL
-} SECOidTag;
-
-#define SEC_OID_SECG_EC_SECP192R1 SEC_OID_ANSIX962_EC_PRIME192V1
-#define SEC_OID_SECG_EC_SECP256R1 SEC_OID_ANSIX962_EC_PRIME256V1
-
-/* fake OID for DSS sign/verify */
-#define SEC_OID_SHA SEC_OID_MISS_DSS
-
-typedef enum {
- INVALID_CERT_EXTENSION = 0,
- UNSUPPORTED_CERT_EXTENSION = 1,
- SUPPORTED_CERT_EXTENSION = 2
-} SECSupportExtenTag;
-
-struct SECOidDataStr {
- SECItem oid;
- SECOidTag offset;
- const char * desc;
- unsigned long mechanism;
- SECSupportExtenTag supportedExtension;
- /* only used for x.509 v3 extensions, so
- that we can print the names of those
- extensions that we don't even support */
-};
-
-#endif /* _SECOIDT_H_ */
diff --git a/security/nss/lib/util/secplcy.c b/security/nss/lib/util/secplcy.c
deleted file mode 100644
index b7f42080d..000000000
--- a/security/nss/lib/util/secplcy.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secplcy.h"
-#include "prmem.h"
-
-SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
- secCPStruct *policy,
- long *ciphers)
-{
- SECCipherFind *find = PR_NEWZAP(SECCipherFind);
- if (find)
- {
- find->policy = policy;
- find->ciphers = ciphers;
- find->onlyAllowed = onlyAllowed;
- find->index = -1;
- }
- return find;
-}
-
-long sec_CipherFindNext(SECCipherFind *find)
-{
- char *policy;
- long rv = -1;
- secCPStruct *policies = (secCPStruct *) find->policy;
- long *ciphers = (long *) find->ciphers;
- long numCiphers = policies->num_ciphers;
-
- find->index++;
- while((find->index < numCiphers) && (rv == -1))
- {
- /* Translate index to cipher. */
- rv = ciphers[find->index];
-
- /* If we're only looking for allowed ciphers, and if this
- cipher isn't allowed, loop around.*/
- if (find->onlyAllowed)
- {
- /* Find the appropriate policy flag. */
- policy = (&(policies->begin_ciphers)) + find->index + 1;
-
- /* If this cipher isn't allowed by policy, continue. */
- if (! (*policy))
- {
- rv = -1;
- find->index++;
- }
- }
- }
-
- return rv;
-}
-
-char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
- long *ciphers)
-{
- char result = SEC_CIPHER_NOT_ALLOWED; /* our default answer */
- long numCiphers = policies->num_ciphers;
- char *policy;
- int i;
-
- /* Convert the cipher number into a policy flag location. */
- for (i=0, policy=(&(policies->begin_ciphers) + 1);
- i<numCiphers;
- i++, policy++)
- {
- if (cipher == ciphers[i])
- break;
- }
-
- if (i < numCiphers)
- {
- /* Found the cipher, get the policy value. */
- result = *policy;
- }
-
- return result;
-}
-
-void sec_CipherFindEnd(SECCipherFind *find)
-{
- PR_FREEIF(find);
-}
diff --git a/security/nss/lib/util/secplcy.h b/security/nss/lib/util/secplcy.h
deleted file mode 100644
index add5d8fac..000000000
--- a/security/nss/lib/util/secplcy.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __secplcy_h__
-#define __secplcy_h__
-
-#include "prtypes.h"
-
-/*
-** Cipher policy enforcement. This code isn't very pretty, but it accomplishes
-** the purpose of obscuring policy information from potential fortifiers. :-)
-**
-** The following routines are generic and intended for anywhere where cipher
-** policy enforcement is to be done, e.g. SSL and PKCS7&12.
-*/
-
-#define SEC_CIPHER_NOT_ALLOWED 0
-#define SEC_CIPHER_ALLOWED 1
-#define SEC_CIPHER_RESTRICTED 2 /* cipher is allowed in limited cases
- e.g. step-up */
-
-/* The length of the header string for each cipher table.
- (It's the same regardless of whether we're using md5 strings or not.) */
-#define SEC_POLICY_HEADER_LENGTH 48
-
-/* If we're testing policy stuff, we may want to use the plaintext version */
-#define SEC_POLICY_USE_MD5_STRINGS 1
-
-#define SEC_POLICY_THIS_IS_THE \
- "\x2a\x3a\x51\xbf\x2f\x71\xb7\x73\xaa\xca\x6b\x57\x70\xcd\xc8\x9f"
-#define SEC_POLICY_STRING_FOR_THE \
- "\x97\x15\xe2\x70\xd2\x8a\xde\xa9\xe7\xa7\x6a\xe2\x83\xe5\xb1\xf6"
-#define SEC_POLICY_SSL_TAIL \
- "\x70\x16\x25\xc0\x2a\xb2\x4a\xca\xb6\x67\xb1\x89\x20\xdf\x87\xca"
-#define SEC_POLICY_SMIME_TAIL \
- "\xdf\xd4\xe7\x2a\xeb\xc4\x1b\xb5\xd8\xe5\xe0\x2a\x16\x9f\xc4\xb9"
-#define SEC_POLICY_PKCS12_TAIL \
- "\x1c\xf8\xa4\x85\x4a\xc6\x8a\xfe\xe6\xca\x03\x72\x50\x1c\xe2\xc8"
-
-#if defined(SEC_POLICY_USE_MD5_STRINGS)
-
-/* We're not testing.
- Use md5 checksums of the strings. */
-
-#define SEC_POLICY_SSL_HEADER \
- SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SSL_TAIL
-
-#define SEC_POLICY_SMIME_HEADER \
- SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SMIME_TAIL
-
-#define SEC_POLICY_PKCS12_HEADER \
- SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_PKCS12_TAIL
-
-#else
-
-/* We're testing.
- Use plaintext versions of the strings, for testing purposes. */
-#define SEC_POLICY_SSL_HEADER \
- "This is the string for the SSL policy table. "
-#define SEC_POLICY_SMIME_HEADER \
- "This is the string for the PKCS7 policy table. "
-#define SEC_POLICY_PKCS12_HEADER \
- "This is the string for the PKCS12 policy table. "
-
-#endif
-
-/* Local cipher tables have to have these members at the top. */
-typedef struct _sec_cp_struct
-{
- char policy_string[SEC_POLICY_HEADER_LENGTH];
- long unused; /* placeholder for max keybits in pkcs12 struct */
- char num_ciphers;
- char begin_ciphers;
- /* cipher policy settings follow. each is a char. */
-} secCPStruct;
-
-struct SECCipherFindStr
-{
- /* (policy) and (ciphers) are opaque to the outside world */
- void *policy;
- void *ciphers;
- long index;
- PRBool onlyAllowed;
-};
-
-typedef struct SECCipherFindStr SECCipherFind;
-
-SEC_BEGIN_PROTOS
-
-SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
- secCPStruct *policy,
- long *ciphers);
-
-long sec_CipherFindNext(SECCipherFind *find);
-
-char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
- long *ciphers);
-
-void sec_CipherFindEnd(SECCipherFind *find);
-
-SEC_END_PROTOS
-
-#endif /* __SECPLCY_H__ */
diff --git a/security/nss/lib/util/secport.c b/security/nss/lib/util/secport.c
deleted file mode 100644
index 276cf6208..000000000
--- a/security/nss/lib/util/secport.c
+++ /dev/null
@@ -1,581 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "secport.h"
-#include "prvrsion.h"
-#include "prenv.h"
-
-#ifdef DEBUG
-#define THREADMARK
-#endif /* DEBUG */
-
-#ifdef THREADMARK
-#include "prthread.h"
-#endif /* THREADMARK */
-
-#if defined(XP_UNIX) || defined(XP_MAC) || defined(XP_OS2) || defined(XP_BEOS)
-#include <stdlib.h>
-#else
-#include "wtypes.h"
-#endif
-
-#define SET_ERROR_CODE /* place holder for code to set PR error code. */
-
-#ifdef THREADMARK
-typedef struct threadmark_mark_str {
- struct threadmark_mark_str *next;
- void *mark;
-} threadmark_mark;
-
-#endif /* THREADMARK */
-
-/* The value of this magic must change each time PORTArenaPool changes. */
-#define ARENAPOOL_MAGIC 0xB8AC9BDF
-
-typedef struct PORTArenaPool_str {
- PLArenaPool arena;
- PRUint32 magic;
- PRLock * lock;
-#ifdef THREADMARK
- PRThread *marking_thread;
- threadmark_mark *first_mark;
-#endif
-} PORTArenaPool;
-
-
-/* count of allocation failures. */
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.
- * XXX is this the appropriate location? or should they be
- * moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)PR_Malloc(bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
- void *rv;
-
- rv = (void *)PR_Realloc(oldptr, bytes);
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)PR_Calloc(1, bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
- if (ptr) {
- PR_Free(ptr);
- }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
- if (ptr) {
- memset(ptr, 0, len);
- PR_Free(ptr);
- }
-}
-
-char *
-PORT_Strdup(const char *str)
-{
- size_t len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char *)PORT_Alloc(len);
- if (newstr) {
- PORT_Memcpy(newstr, str, len);
- }
- return newstr;
-}
-
-void
-PORT_SetError(int value)
-{
- PR_SetError(value, 0);
- return;
-}
-
-int
-PORT_GetError(void)
-{
- return(PR_GetError());
-}
-
-/********************* Arena code follows *****************************/
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
- PORTArenaPool *pool;
-
- pool = PORT_ZNew(PORTArenaPool);
- if (!pool) {
- return NULL;
- }
- pool->magic = ARENAPOOL_MAGIC;
- pool->lock = PZ_NewLock(nssILockArena);
- if (!pool->lock) {
- ++port_allocFailures;
- PORT_Free(pool);
- return NULL;
- }
- PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
- return(&pool->arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PORTArenaPool *pool = (PORTArenaPool *)arena;
-
- /* Is it one of ours? Assume so and check the magic */
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
-#ifdef THREADMARK
- /* Most likely one of ours. Is there a thread id? */
- if (pool->marking_thread &&
- pool->marking_thread != PR_GetCurrentThread() ) {
- /* Another thread holds a mark in this arena */
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return NULL;
- } /* tid != null */
-#endif /* THREADMARK */
- PL_ARENA_ALLOCATE(p, arena, size);
- PZ_Unlock(pool->lock);
- } else {
- PL_ARENA_ALLOCATE(p, arena, size);
- }
-
- if (!p) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
- void *p = PORT_ArenaAlloc(arena, size);
-
- if (p) {
- PORT_Memset(p, 0, size);
- }
-
- return(p);
-}
-
-/* XXX - need to zeroize!! - jsw */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- PRLock * lock = (PRLock *)0;
- size_t len = sizeof *arena;
- extern const PRVersionDescription * libVersionPoint(void);
- static const PRVersionDescription * pvd;
- static PRBool doFreeArenaPool = PR_FALSE;
-
- if (ARENAPOOL_MAGIC == pool->magic ) {
- len = sizeof *pool;
- lock = pool->lock;
- PZ_Lock(lock);
- }
- if (!pvd) {
- /* Each of NSPR's DLLs has a function libVersionPoint().
- ** We could do a lot of extra work to be sure we're calling the
- ** one in the DLL that holds PR_FreeArenaPool, but instead we
- ** rely on the fact that ALL NSPR DLLs in the same directory
- ** must be from the same release, and we call which ever one we get.
- */
- /* no need for thread protection here */
- pvd = libVersionPoint();
- if ((pvd->vMajor > 4) ||
- (pvd->vMajor == 4 && pvd->vMinor > 1) ||
- (pvd->vMajor == 4 && pvd->vMinor == 1 && pvd->vPatch >= 1)) {
- const char *ev = PR_GetEnv("NSS_DISABLE_ARENA_FREE_LIST");
- if (!ev) doFreeArenaPool = PR_TRUE;
- }
- }
- if (doFreeArenaPool) {
- PL_FreeArenaPool(arena);
- } else {
- PL_FinishArenaPool(arena);
- }
- PORT_ZFree(arena, len);
- if (lock) {
- PZ_Unlock(lock);
- PZ_DestroyLock(lock);
- }
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- PORT_Assert(newsize >= oldsize);
-
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
- /* Do we do a THREADMARK check here? */
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
- PZ_Unlock(pool->lock);
- } else {
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
- }
-
- return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
- void * result;
-
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
-#ifdef THREADMARK
- {
- threadmark_mark *tm, **pw;
- PRThread * currentThread = PR_GetCurrentThread();
-
- if (! pool->marking_thread ) {
- /* First mark */
- pool->marking_thread = currentThread;
- } else if (currentThread != pool->marking_thread ) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return NULL;
- }
-
- result = PL_ARENA_MARK(arena);
- PL_ARENA_ALLOCATE(tm, arena, sizeof(threadmark_mark));
- if (!tm) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- tm->mark = result;
- tm->next = (threadmark_mark *)NULL;
-
- pw = &pool->first_mark;
- while( *pw ) {
- pw = &(*pw)->next;
- }
-
- *pw = tm;
- }
-#else /* THREADMARK */
- result = PL_ARENA_MARK(arena);
-#endif /* THREADMARK */
- PZ_Unlock(pool->lock);
- } else {
- /* a "pure" NSPR arena */
- result = PL_ARENA_MARK(arena);
- }
- return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
-#ifdef THREADMARK
- {
- threadmark_mark **pw, *tm;
-
- if (PR_GetCurrentThread() != pool->marking_thread ) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- pw = &pool->first_mark;
- while( *pw && (mark != (*pw)->mark) ) {
- pw = &(*pw)->next;
- }
-
- if (! *pw ) {
- /* bad mark */
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- tm = *pw;
- *pw = (threadmark_mark *)NULL;
-
- PL_ARENA_RELEASE(arena, mark);
-
- if (! pool->first_mark ) {
- pool->marking_thread = (PRThread *)NULL;
- }
- }
-#else /* THREADMARK */
- PL_ARENA_RELEASE(arena, mark);
-#endif /* THREADMARK */
- PZ_Unlock(pool->lock);
- } else {
- PL_ARENA_RELEASE(arena, mark);
- }
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
-#ifdef THREADMARK
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- if (ARENAPOOL_MAGIC == pool->magic ) {
- threadmark_mark **pw, *tm;
-
- PZ_Lock(pool->lock);
-
- if (PR_GetCurrentThread() != pool->marking_thread ) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- pw = &pool->first_mark;
- while( ((threadmark_mark *)NULL != *pw) && (mark != (*pw)->mark) ) {
- pw = &(*pw)->next;
- }
-
- if ((threadmark_mark *)NULL == *pw ) {
- /* bad mark */
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- tm = *pw;
- *pw = (threadmark_mark *)NULL;
-
- if (! pool->first_mark ) {
- pool->marking_thread = (PRThread *)NULL;
- }
-
- PZ_Unlock(pool->lock);
- }
-#endif /* THREADMARK */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena, const char *str) {
- int len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char*)PORT_ArenaAlloc(arena,len);
- if (newstr) {
- PORT_Memcpy(newstr,str,len);
- }
- return newstr;
-}
-
-/********************** end of arena functions ***********************/
-
-/****************** unicode conversion functions ***********************/
-/*
- * NOTE: These conversion functions all assume that the multibyte
- * characters are going to be in NETWORK BYTE ORDER, not host byte
- * order. This is because the only time we deal with UCS-2 and UCS-4
- * are when the data was received from or is going to be sent out
- * over the wire (in, e.g. certificates).
- */
-
-void
-PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
-{
- ucs4Utf8ConvertFunc = convFunc;
-}
-
-void
-PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc)
-{
- ucs2AsciiConvertFunc = convFunc;
-}
-
-void
-PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
-{
- ucs2Utf8ConvertFunc = convFunc;
-}
-
-PRBool
-PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen)
-{
- if(!ucs4Utf8ConvertFunc) {
- return sec_port_ucs4_utf8_conversion_function(toUnicode,
- inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
- }
-
- return (*ucs4Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
- maxOutBufLen, outBufLen);
-}
-
-PRBool
-PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen)
-{
- if(!ucs2Utf8ConvertFunc) {
- return sec_port_ucs2_utf8_conversion_function(toUnicode,
- inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
- }
-
- return (*ucs2Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
- maxOutBufLen, outBufLen);
-}
-
-PRBool
-PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen,
- PRBool swapBytes)
-{
- if(!ucs2AsciiConvertFunc) {
- return PR_FALSE;
- }
-
- return (*ucs2AsciiConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
- maxOutBufLen, outBufLen, swapBytes);
-}
-
-
-/* Portable putenv. Creates/replaces an environment variable of the form
- * envVarName=envValue
- */
-int
-NSS_PutEnv(const char * envVarName, const char * envValue)
-{
-#if defined(XP_MAC) || defined(_WIN32_WCE)
- return SECFailure;
-#else
- SECStatus result = SECSuccess;
- char * encoded;
- int putEnvFailed;
-#ifdef _WIN32
- PRBool setOK;
-
- setOK = SetEnvironmentVariable(envVarName, envValue);
- if (!setOK) {
- SET_ERROR_CODE
- return SECFailure;
- }
-#endif
-
- encoded = (char *)PORT_ZAlloc(strlen(envVarName) + 2 + strlen(envValue));
- strcpy(encoded, envVarName);
- strcat(encoded, "=");
- strcat(encoded, envValue);
-
- putEnvFailed = putenv(encoded); /* adopt. */
- if (putEnvFailed) {
- SET_ERROR_CODE
- result = SECFailure;
- PORT_Free(encoded);
- }
- return result;
-#endif
-}
-
diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h
deleted file mode 100644
index b154c0915..000000000
--- a/security/nss/lib/util/secport.h
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * secport.h - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#ifndef _SECPORT_H_
-#define _SECPORT_H_
-
-/*
- * define XP_MAC, XP_WIN, XP_BEOS, or XP_UNIX, in case they are not defined
- * by anyone else
- */
-#ifdef macintosh
-# ifndef XP_MAC
-# define XP_MAC 1
-# endif
-#endif
-
-#ifdef _WINDOWS
-# ifndef XP_WIN
-# define XP_WIN
-# endif
-#if defined(_WIN32) || defined(WIN32)
-# ifndef XP_WIN32
-# define XP_WIN32
-# endif
-#else
-# ifndef XP_WIN16
-# define XP_WIN16
-# endif
-#endif
-#endif
-
-#ifdef __BEOS__
-# ifndef XP_BEOS
-# define XP_BEOS
-# endif
-#endif
-
-#ifdef unix
-# ifndef XP_UNIX
-# define XP_UNIX
-# endif
-#endif
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#include "watcomfx.h"
-#endif
-
-#if defined(_WIN32_WCE)
-#include <windef.h>
-#include <types.h>
-#elif defined( XP_MAC )
-#include <types.h>
-#include <time.h> /* for time_t below */
-#else
-#include <sys/types.h>
-#endif
-
-#ifdef notdef
-#ifdef XP_MAC
-#include "NSString.h"
-#endif
-#endif
-
-#include <ctype.h>
-#include <string.h>
-#if defined(_WIN32_WCE)
-#include <stdlib.h> /* WinCE puts some stddef symbols here. */
-#else
-#include <stddef.h>
-#endif
-#include <stdlib.h>
-#include "prtypes.h"
-#include "prlog.h" /* for PR_ASSERT */
-#include "plarena.h"
-#include "plstr.h"
-
-/*
- * HACK for NSS 2.8 to allow Admin to compile without source changes.
- */
-#ifndef SEC_BEGIN_PROTOS
-#include "seccomon.h"
-#endif
-
-SEC_BEGIN_PROTOS
-
-extern void *PORT_Alloc(size_t len);
-extern void *PORT_Realloc(void *old, size_t len);
-extern void *PORT_AllocBlock(size_t len);
-extern void *PORT_ReallocBlock(void *old, size_t len);
-extern void PORT_FreeBlock(void *ptr);
-extern void *PORT_ZAlloc(size_t len);
-extern void PORT_Free(void *ptr);
-extern void PORT_ZFree(void *ptr, size_t len);
-extern time_t PORT_Time(void);
-extern void PORT_SetError(int value);
-extern int PORT_GetError(void);
-
-extern PLArenaPool *PORT_NewArena(unsigned long chunksize);
-extern void *PORT_ArenaAlloc(PLArenaPool *arena, size_t size);
-extern void *PORT_ArenaZAlloc(PLArenaPool *arena, size_t size);
-extern void PORT_FreeArena(PLArenaPool *arena, PRBool zero);
-extern void *PORT_ArenaGrow(PLArenaPool *arena, void *ptr,
- size_t oldsize, size_t newsize);
-extern void *PORT_ArenaMark(PLArenaPool *arena);
-extern void PORT_ArenaRelease(PLArenaPool *arena, void *mark);
-extern void PORT_ArenaUnmark(PLArenaPool *arena, void *mark);
-extern char *PORT_ArenaStrdup(PLArenaPool *arena, const char *str);
-
-#ifdef __cplusplus
-}
-#endif
-
-#define PORT_Assert PR_ASSERT
-#define PORT_ZNew(type) (type*)PORT_ZAlloc(sizeof(type))
-#define PORT_New(type) (type*)PORT_Alloc(sizeof(type))
-#define PORT_ArenaNew(poolp, type) \
- (type*) PORT_ArenaAlloc(poolp, sizeof(type))
-#define PORT_ArenaZNew(poolp, type) \
- (type*) PORT_ArenaZAlloc(poolp, sizeof(type))
-#define PORT_NewArray(type, num) \
- (type*) PORT_Alloc (sizeof(type)*(num))
-#define PORT_ZNewArray(type, num) \
- (type*) PORT_ZAlloc (sizeof(type)*(num))
-#define PORT_ArenaNewArray(poolp, type, num) \
- (type*) PORT_ArenaAlloc (poolp, sizeof(type)*(num))
-#define PORT_ArenaZNewArray(poolp, type, num) \
- (type*) PORT_ArenaZAlloc (poolp, sizeof(type)*(num))
-
-/* Please, keep these defines sorted alphbetically. Thanks! */
-
-#ifdef XP_STRING_FUNCS
-
-#define PORT_Atoi XP_ATOI
-
-#define PORT_Memcmp XP_MEMCMP
-#define PORT_Memcpy XP_MEMCPY
-#define PORT_Memmove XP_MEMMOVE
-#define PORT_Memset XP_MEMSET
-
-#define PORT_Strcasecmp XP_STRCASECMP
-#define PORT_Strcat XP_STRCAT
-#define PORT_Strchr XP_STRCHR
-#define PORT_Strrchr XP_STRRCHR
-#define PORT_Strcmp XP_STRCMP
-#define PORT_Strcpy XP_STRCPY
-#define PORT_Strdup XP_STRDUP
-#define PORT_Strlen(s) XP_STRLEN(s)
-#define PORT_Strncasecmp XP_STRNCASECMP
-#define PORT_Strncat strncat
-#define PORT_Strncmp XP_STRNCMP
-#define PORT_Strncpy strncpy
-#define PORT_Strstr XP_STRSTR
-#define PORT_Strtok XP_STRTOK_R
-
-#define PORT_Tolower XP_TO_LOWER
-
-#else /* XP_STRING_FUNCS */
-
-#define PORT_Atoi atoi
-
-#define PORT_Memcmp memcmp
-#define PORT_Memcpy memcpy
-#ifndef SUNOS4
-#define PORT_Memmove memmove
-#else /*SUNOS4*/
-#define PORT_Memmove(s,ct,n) bcopy ((ct), (s), (n))
-#endif/*SUNOS4*/
-#define PORT_Memset memset
-
-#define PORT_Strcasecmp PL_strcasecmp
-#define PORT_Strcat strcat
-#define PORT_Strchr strchr
-#define PORT_Strrchr strrchr
-#define PORT_Strcmp strcmp
-#define PORT_Strcpy strcpy
-extern char *PORT_Strdup(const char *s);
-#define PORT_Strlen(s) strlen(s)
-#define PORT_Strncasecmp PL_strncasecmp
-#define PORT_Strncat strncat
-#define PORT_Strncmp strncmp
-#define PORT_Strncpy strncpy
-#define PORT_Strstr strstr
-#define PORT_Strtok strtok
-
-#define PORT_Tolower tolower
-
-#endif /* XP_STRING_FUNCS */
-
-typedef PRBool (PR_CALLBACK * PORTCharConversionWSwapFunc) (PRBool toUnicode,
- unsigned char *inBuf, unsigned int inBufLen,
- unsigned char *outBuf, unsigned int maxOutBufLen,
- unsigned int *outBufLen, PRBool swapBytes);
-
-typedef PRBool (PR_CALLBACK * PORTCharConversionFunc) (PRBool toUnicode,
- unsigned char *inBuf, unsigned int inBufLen,
- unsigned char *outBuf, unsigned int maxOutBufLen,
- unsigned int *outBufLen);
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
-void PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc);
-PRBool PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen);
-PRBool PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen,
- PRBool swapBytes);
-void PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
-PRBool PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen);
-
-PR_EXTERN(PRBool)
-sec_port_ucs4_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-);
-
-PR_EXTERN(PRBool)
-sec_port_ucs2_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-);
-
-extern int NSS_PutEnv(const char * envVarName, const char * envValue);
-
-SEC_END_PROTOS
-
-#endif /* _SECPORT_H_ */
diff --git a/security/nss/lib/util/sectime.c b/security/nss/lib/util/sectime.c
deleted file mode 100644
index d3cca6f87..000000000
--- a/security/nss/lib/util/sectime.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prlong.h"
-#include "prtime.h"
-#include "secder.h"
-#include "cert.h"
-#include "secitem.h"
-
-const SEC_ASN1Template CERT_ValidityTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTValidity) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTValidity,notBefore) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTValidity,notAfter) },
- { 0 }
-};
-
-DERTemplate CERTValidityTemplate[] = {
- { DER_SEQUENCE,
- 0, NULL, sizeof(CERTValidity) },
- { DER_UTC_TIME,
- offsetof(CERTValidity,notBefore), },
- { DER_UTC_TIME,
- offsetof(CERTValidity,notAfter), },
- { 0, }
-};
-
-static char *DecodeUTCTime2FormattedAscii (SECItem *utcTimeDER, char *format);
-
-/* convert DER utc time to ascii time string */
-char *
-DER_UTCTimeToAscii(SECItem *utcTime)
-{
- return (DecodeUTCTime2FormattedAscii (utcTime, "%a %b %d %H:%M:%S %Y"));
-}
-
-/* convert DER utc time to ascii time string, only include day, not time */
-char *
-DER_UTCDayToAscii(SECItem *utctime)
-{
- return (DecodeUTCTime2FormattedAscii (utctime, "%a %b %d, %Y"));
-}
-
-CERTValidity *
-CERT_CreateValidity(int64 notBefore, int64 notAfter)
-{
- CERTValidity *v;
- int rv;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return(0);
- }
-
- v = (CERTValidity*) PORT_ArenaZAlloc(arena, sizeof(CERTValidity));
- if (v) {
- v->arena = arena;
- rv = DER_TimeToUTCTime(&v->notBefore, notBefore);
- if (rv) goto loser;
- rv = DER_TimeToUTCTime(&v->notAfter, notAfter);
- if (rv) goto loser;
- }
- return v;
-
- loser:
- CERT_DestroyValidity(v);
- return 0;
-}
-
-SECStatus
-CERT_CopyValidity(PRArenaPool *arena, CERTValidity *to, CERTValidity *from)
-{
- SECStatus rv;
-
- CERT_DestroyValidity(to);
- to->arena = arena;
-
- rv = SECITEM_CopyItem(arena, &to->notBefore, &from->notBefore);
- if (rv) return rv;
- rv = SECITEM_CopyItem(arena, &to->notAfter, &from->notAfter);
- return rv;
-}
-
-void
-CERT_DestroyValidity(CERTValidity *v)
-{
- if (v && v->arena) {
- PORT_FreeArena(v->arena, PR_FALSE);
- }
- return;
-}
-
-char *
-CERT_UTCTime2FormattedAscii (int64 utcTime, char *format)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Converse time to local time and decompose it into components */
- PR_ExplodeTime(utcTime, PR_LocalTimeParameters, &printableTime);
-
- timeString = (char *)PORT_Alloc(100);
-
- if ( timeString ) {
- PR_FormatTime( timeString, 100, format, &printableTime );
- }
-
- return (timeString);
-}
-
-char *CERT_GenTime2FormattedAscii (int64 genTime, char *format)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Decompose time into components */
- PR_ExplodeTime(genTime, PR_GMTParameters, &printableTime);
-
- timeString = (char *)PORT_Alloc(100);
-
- if ( timeString ) {
- PR_FormatTime( timeString, 100, format, &printableTime );
- }
-
- return (timeString);
-}
-
-
-/* convert DER utc time to ascii time string, The format of the time string
- depends on the input "format"
- */
-static char *
-DecodeUTCTime2FormattedAscii (SECItem *utcTimeDER, char *format)
-{
- int64 utcTime;
- int rv;
-
- rv = DER_UTCTimeToTime(&utcTime, utcTimeDER);
- if (rv) {
- return(NULL);
- }
- return (CERT_UTCTime2FormattedAscii (utcTime, format));
-}
diff --git a/security/nss/lib/util/utf8.c b/security/nss/lib/util/utf8.c
deleted file mode 100644
index 7a3c3954d..000000000
--- a/security/nss/lib/util/utf8.c
+++ /dev/null
@@ -1,2061 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "seccomon.h"
-#include "secport.h"
-
-/*
- * Define this if you want to support UTF-16 in UCS-2
- */
-#define UTF16
-
-/*
- * From RFC 2044:
- *
- * UCS-4 range (hex.) UTF-8 octet sequence (binary)
- * 0000 0000-0000 007F 0xxxxxxx
- * 0000 0080-0000 07FF 110xxxxx 10xxxxxx
- * 0000 0800-0000 FFFF 1110xxxx 10xxxxxx 10xxxxxx
- * 0001 0000-001F FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0020 0000-03FF FFFF 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0400 0000-7FFF FFFF 1111110x 10xxxxxx ... 10xxxxxx
- */
-
-/*
- * From http://www.imc.org/draft-hoffman-utf16
- *
- * For U on [0x00010000,0x0010FFFF]: Let U' = U - 0x00010000
- *
- * U' = yyyyyyyyyyxxxxxxxxxx
- * W1 = 110110yyyyyyyyyy
- * W2 = 110111xxxxxxxxxx
- */
-
-/*
- * This code is assuming NETWORK BYTE ORDER for the 16- and 32-bit
- * character values. If you wish to use this code for working with
- * host byte order values, define the following:
- *
- * #if IS_BIG_ENDIAN
- * #define L_0 0
- * #define L_1 1
- * #define L_2 2
- * #define L_3 3
- * #define H_0 0
- * #define H_1 1
- * #else / * not everyone has elif * /
- * #if IS_LITTLE_ENDIAN
- * #define L_0 3
- * #define L_1 2
- * #define L_2 1
- * #define L_3 0
- * #define H_0 1
- * #define H_1 0
- * #else
- * #error "PDP and NUXI support deferred"
- * #endif / * IS_LITTLE_ENDIAN * /
- * #endif / * IS_BIG_ENDIAN * /
- */
-
-#define L_0 0
-#define L_1 1
-#define L_2 2
-#define L_3 3
-#define H_0 0
-#define H_1 1
-
-PR_IMPLEMENT(PRBool)
-sec_port_ucs4_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-)
-{
-#ifndef TEST_UTF8
- PORT_Assert((unsigned int *)NULL != outBufLen);
-#endif /* TEST_UTF8 */
-
- if( toUnicode ) {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) i += 1;
- else if( (inBuf[i] & 0xE0) == 0xC0 ) i += 2;
- else if( (inBuf[i] & 0xF0) == 0xE0 ) i += 3;
- else if( (inBuf[i] & 0xF8) == 0xF0 ) i += 4;
- else if( (inBuf[i] & 0xFC) == 0xF8 ) i += 5;
- else if( (inBuf[i] & 0xFE) == 0xFC ) i += 6;
- else return PR_FALSE;
-
- len += 4;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) {
- /* 0000 0000-0000 007F <- 0xxxxxx */
- /* 0abcdefg ->
- 00000000 00000000 00000000 0abcdefg */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = 0x00;
- outBuf[len+L_2] = 0x00;
- outBuf[len+L_3] = inBuf[i+0] & 0x7F;
-
- i += 1;
- } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0000 0080-0000 07FF <- 110xxxxx 10xxxxxx */
- /* 110abcde 10fghijk ->
- 00000000 00000000 00000abc defghijk */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = 0x00;
- outBuf[len+L_2] = ((inBuf[i+0] & 0x1C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+0] & 0x03) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-
- i += 2;
- } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0000 0800-0000 FFFF <- 1110xxxx 10xxxxxx 10xxxxxx */
- /* 1110abcd 10efghij 10klmnop ->
- 00000000 00000000 abcdefgh ijklmnop */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = 0x00;
- outBuf[len+L_2] = ((inBuf[i+0] & 0x0F) << 4) | ((inBuf[i+1] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+1] & 0x03) << 6) | ((inBuf[i+2] & 0x3F) >> 0);
-
- i += 3;
- } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0001 0000-001F FFFF <- 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 11110abc 10defghi 10jklmno 10pqrstu ->
- 00000000 000abcde fghijklm nopqrstu */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = ((inBuf[i+0] & 0x07) << 2) | ((inBuf[i+1] & 0x30) >> 4);
- outBuf[len+L_2] = ((inBuf[i+1] & 0x0F) << 4) | ((inBuf[i+2] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+2] & 0x03) << 6) | ((inBuf[i+3] & 0x3F) >> 0);
-
- i += 4;
- } else if( (inBuf[i] & 0xFC) == 0xF8 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+4] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0020 0000-03FF FFFF <- 111110xx 10xxxxxx ... 10xxxxxx */
- /* 111110ab 10cdefgh 10ijklmn 10opqrst 10uvwxyz ->
- 000000ab cdefghij klmnopqr stuvwxyz */
-
- outBuf[len+L_0] = inBuf[i+0] & 0x03;
- outBuf[len+L_1] = ((inBuf[i+1] & 0x3F) << 2) | ((inBuf[i+2] & 0x30) >> 4);
- outBuf[len+L_2] = ((inBuf[i+2] & 0x0F) << 4) | ((inBuf[i+3] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+3] & 0x03) << 6) | ((inBuf[i+4] & 0x3F) >> 0);
-
- i += 5;
- } else /* if( (inBuf[i] & 0xFE) == 0xFC ) */ {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+4] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+5] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0400 0000-7FFF FFFF <- 1111110x 10xxxxxx ... 10xxxxxx */
- /* 1111110a 10bcdefg 10hijklm 10nopqrs 10tuvwxy 10zABCDE ->
- 0abcdefg hijklmno pqrstuvw xyzABCDE */
-
- outBuf[len+L_0] = ((inBuf[i+0] & 0x01) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
- outBuf[len+L_1] = ((inBuf[i+2] & 0x3F) << 2) | ((inBuf[i+3] & 0x30) >> 4);
- outBuf[len+L_2] = ((inBuf[i+3] & 0x0F) << 4) | ((inBuf[i+4] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+4] & 0x03) << 6) | ((inBuf[i+5] & 0x3F) >> 0);
-
- i += 6;
- }
-
- len += 4;
- }
-
- *outBufLen = len;
- return PR_TRUE;
- } else {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; i += 4 ) {
- if( inBuf[i+L_0] >= 0x04 ) len += 6;
- else if( (inBuf[i+L_0] > 0x00) || (inBuf[i+L_1] >= 0x20) ) len += 5;
- else if( inBuf[i+L_1] >= 0x01 ) len += 4;
- else if( inBuf[i+L_2] >= 0x08 ) len += 3;
- else if( (inBuf[i+L_2] > 0x00) || (inBuf[i+L_3] >= 0x80) ) len += 2;
- else len += 1;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; i += 4 ) {
- if( inBuf[i+L_0] >= 0x04 ) {
- /* 0400 0000-7FFF FFFF -> 1111110x 10xxxxxx ... 10xxxxxx */
- /* 0abcdefg hijklmno pqrstuvw xyzABCDE ->
- 1111110a 10bcdefg 10hijklm 10nopqrs 10tuvwxy 10zABCDE */
-
- outBuf[len+0] = 0xFC | ((inBuf[i+L_0] & 0x40) >> 6);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_0] & 0x3F) >> 0);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_1] & 0xFC) >> 2);
- outBuf[len+3] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
- | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+4] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+5] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 6;
- } else if( (inBuf[i+L_0] > 0x00) || (inBuf[i+L_1] >= 0x20) ) {
- /* 0020 0000-03FF FFFF -> 111110xx 10xxxxxx ... 10xxxxxx */
- /* 000000ab cdefghij klmnopqr stuvwxyz ->
- 111110ab 10cdefgh 10ijklmn 10opqrst 10uvwxyz */
-
- outBuf[len+0] = 0xF8 | ((inBuf[i+L_0] & 0x03) >> 0);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_1] & 0xFC) >> 2);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
- | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+3] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+4] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 5;
- } else if( inBuf[i+L_1] >= 0x01 ) {
- /* 0001 0000-001F FFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 00000000 000abcde fghijklm nopqrstu ->
- 11110abc 10defghi 10jklmno 10pqrstu */
-
- outBuf[len+0] = 0xF0 | ((inBuf[i+L_1] & 0x1C) >> 2);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
- | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+3] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 4;
- } else if( inBuf[i+L_2] >= 0x08 ) {
- /* 0000 0800-0000 FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
- /* 00000000 00000000 abcdefgh ijklmnop ->
- 1110abcd 10efghij 10klmnop */
-
- outBuf[len+0] = 0xE0 | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 3;
- } else if( (inBuf[i+L_2] > 0x00) || (inBuf[i+L_3] >= 0x80) ) {
- /* 0000 0080-0000 07FF -> 110xxxxx 10xxxxxx */
- /* 00000000 00000000 00000abc defghijk ->
- 110abcde 10fghijk */
-
- outBuf[len+0] = 0xC0 | ((inBuf[i+L_2] & 0x07) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 2;
- } else {
- /* 0000 0000-0000 007F -> 0xxxxxx */
- /* 00000000 00000000 00000000 0abcdefg ->
- 0abcdefg */
-
- outBuf[len+0] = (inBuf[i+L_3] & 0x7F);
-
- len += 1;
- }
- }
-
- *outBufLen = len;
- return PR_TRUE;
- }
-}
-
-PR_IMPLEMENT(PRBool)
-sec_port_ucs2_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-)
-{
-#ifndef TEST_UTF8
- PORT_Assert((unsigned int *)NULL != outBufLen);
-#endif /* TEST_UTF8 */
-
- if( toUnicode ) {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) {
- i += 1;
- len += 2;
- } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
- i += 2;
- len += 2;
- } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
- i += 3;
- len += 2;
-#ifdef UTF16
- } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
- i += 4;
- len += 4;
-
- if( (inBuf[i] & 0x04) &&
- ((inBuf[i] & 0x03) || (inBuf[i+1] & 0x30)) ) {
- /* Not representable as UTF16 */
- return PR_FALSE;
- }
-
-#endif /* UTF16 */
- } else return PR_FALSE;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) {
- /* 0000-007F <- 0xxxxxx */
- /* 0abcdefg -> 00000000 0abcdefg */
-
- outBuf[len+H_0] = 0x00;
- outBuf[len+H_1] = inBuf[i+0] & 0x7F;
-
- i += 1;
- len += 2;
- } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0080-07FF <- 110xxxxx 10xxxxxx */
- /* 110abcde 10fghijk -> 00000abc defghijk */
-
- outBuf[len+H_0] = ((inBuf[i+0] & 0x1C) >> 2);
- outBuf[len+H_1] = ((inBuf[i+0] & 0x03) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-
- i += 2;
- len += 2;
- } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0800-FFFF <- 1110xxxx 10xxxxxx 10xxxxxx */
- /* 1110abcd 10efghij 10klmnop -> abcdefgh ijklmnop */
-
- outBuf[len+H_0] = ((inBuf[i+0] & 0x0F) << 4) | ((inBuf[i+1] & 0x3C) >> 2);
- outBuf[len+H_1] = ((inBuf[i+1] & 0x03) << 6) | ((inBuf[i+2] & 0x3F) >> 0);
-
- i += 3;
- len += 2;
-#ifdef UTF16
- } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
- int abcde, BCDE;
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0001 0000-001F FFFF <- 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx -> [D800-DBFF] [DC00-DFFF] */
-
- /* 11110abc 10defghi 10jklmno 10pqrstu ->
- { Let 0BCDE = abcde - 1 }
- 110110BC DEfghijk 110111lm nopqrstu */
-
- abcde = ((inBuf[i+0] & 0x07) << 2) | ((inBuf[i+1] & 0x30) >> 4);
- BCDE = abcde - 1;
-
-#ifndef TEST_UTF8
- PORT_Assert(BCDE < 0x10); /* should have been caught above */
-#endif /* TEST_UTF8 */
-
- outBuf[len+0+H_0] = 0xD8 | ((BCDE & 0x0C) >> 2);
- outBuf[len+0+H_1] = ((BCDE & 0x03) << 6)
- | ((inBuf[i+1] & 0x0F) << 2)
- | ((inBuf[i+2] & 0x30) >> 4);
- outBuf[len+2+H_0] = 0xDC | ((inBuf[i+2] & 0x0C) >> 2);
- outBuf[len+2+H_1] = ((inBuf[i+2] & 0x03) << 6) | ((inBuf[i+3] & 0x3F) >> 0);
-
- i += 4;
- len += 4;
-#endif /* UTF16 */
- } else return PR_FALSE;
- }
-
- *outBufLen = len;
- return PR_TRUE;
- } else {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; i += 2 ) {
- if( (inBuf[i+H_0] == 0x00) && ((inBuf[i+H_0] & 0x80) == 0x00) ) len += 1;
- else if( inBuf[i+H_0] < 0x08 ) len += 2;
-#ifdef UTF16
- else if( ((inBuf[i+0+H_0] & 0xDC) == 0xD8) ) {
- if( ((inBuf[i+2+H_0] & 0xDC) == 0xDC) && ((inBufLen - i) > 2) ) {
- i += 2;
- len += 4;
- } else {
- return PR_FALSE;
- }
- }
-#endif /* UTF16 */
- else len += 3;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; i += 2 ) {
- if( (inBuf[i+H_0] == 0x00) && ((inBuf[i+H_1] & 0x80) == 0x00) ) {
- /* 0000-007F -> 0xxxxxx */
- /* 00000000 0abcdefg -> 0abcdefg */
-
- outBuf[len] = inBuf[i+H_1] & 0x7F;
-
- len += 1;
- } else if( inBuf[i+H_0] < 0x08 ) {
- /* 0080-07FF -> 110xxxxx 10xxxxxx */
- /* 00000abc defghijk -> 110abcde 10fghijk */
-
- outBuf[len+0] = 0xC0 | ((inBuf[i+H_0] & 0x07) << 2)
- | ((inBuf[i+H_1] & 0xC0) >> 6);
- outBuf[len+1] = 0x80 | ((inBuf[i+H_1] & 0x3F) >> 0);
-
- len += 2;
-#ifdef UTF16
- } else if( (inBuf[i+H_0] & 0xDC) == 0xD8 ) {
- int abcde, BCDE;
-
-#ifndef TEST_UTF8
- PORT_Assert(((inBuf[i+2+H_0] & 0xDC) == 0xDC) && ((inBufLen - i) > 2));
-#endif /* TEST_UTF8 */
-
- /* D800-DBFF DC00-DFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 110110BC DEfghijk 110111lm nopqrstu ->
- { Let abcde = BCDE + 1 }
- 11110abc 10defghi 10jklmno 10pqrstu */
-
- BCDE = ((inBuf[i+H_0] & 0x03) << 2) | ((inBuf[i+H_1] & 0xC0) >> 6);
- abcde = BCDE + 1;
-
- outBuf[len+0] = 0xF0 | ((abcde & 0x1C) >> 2);
- outBuf[len+1] = 0x80 | ((abcde & 0x03) << 4)
- | ((inBuf[i+0+H_1] & 0x3C) >> 2);
- outBuf[len+2] = 0x80 | ((inBuf[i+0+H_1] & 0x03) << 4)
- | ((inBuf[i+2+H_0] & 0x03) << 2)
- | ((inBuf[i+2+H_1] & 0xC0) >> 6);
- outBuf[len+3] = 0x80 | ((inBuf[i+2+H_1] & 0x3F) >> 0);
-
- i += 2;
- len += 4;
-#endif /* UTF16 */
- } else {
- /* 0800-FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
- /* abcdefgh ijklmnop -> 1110abcd 10efghij 10klmnop */
-
- outBuf[len+0] = 0xE0 | ((inBuf[i+H_0] & 0xF0) >> 4);
- outBuf[len+1] = 0x80 | ((inBuf[i+H_0] & 0x0F) << 2)
- | ((inBuf[i+H_1] & 0xC0) >> 6);
- outBuf[len+2] = 0x80 | ((inBuf[i+H_1] & 0x3F) >> 0);
-
- len += 3;
- }
- }
-
- *outBufLen = len;
- return PR_TRUE;
- }
-}
-
-#ifdef TEST_UTF8
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <netinet/in.h> /* for htonl and htons */
-
-/*
- * UCS-4 vectors
- */
-
-struct ucs4 {
- PRUint32 c;
- char *utf8;
-};
-
-/*
- * UCS-2 vectors
- */
-
-struct ucs2 {
- PRUint16 c;
- char *utf8;
-};
-
-#ifdef UTF16
-/*
- * UTF-16 vectors
- */
-
-struct utf16 {
- PRUint32 c;
- PRUint16 w[2];
-};
-#endif /* UTF16 */
-
-
-/*
- * UCS-4 vectors
- */
-
-struct ucs4 ucs4[] = {
- { 0x00000001, "\x01" },
- { 0x00000002, "\x02" },
- { 0x00000003, "\x03" },
- { 0x00000004, "\x04" },
- { 0x00000007, "\x07" },
- { 0x00000008, "\x08" },
- { 0x0000000F, "\x0F" },
- { 0x00000010, "\x10" },
- { 0x0000001F, "\x1F" },
- { 0x00000020, "\x20" },
- { 0x0000003F, "\x3F" },
- { 0x00000040, "\x40" },
- { 0x0000007F, "\x7F" },
-
- { 0x00000080, "\xC2\x80" },
- { 0x00000081, "\xC2\x81" },
- { 0x00000082, "\xC2\x82" },
- { 0x00000084, "\xC2\x84" },
- { 0x00000088, "\xC2\x88" },
- { 0x00000090, "\xC2\x90" },
- { 0x000000A0, "\xC2\xA0" },
- { 0x000000C0, "\xC3\x80" },
- { 0x000000FF, "\xC3\xBF" },
- { 0x00000100, "\xC4\x80" },
- { 0x00000101, "\xC4\x81" },
- { 0x00000102, "\xC4\x82" },
- { 0x00000104, "\xC4\x84" },
- { 0x00000108, "\xC4\x88" },
- { 0x00000110, "\xC4\x90" },
- { 0x00000120, "\xC4\xA0" },
- { 0x00000140, "\xC5\x80" },
- { 0x00000180, "\xC6\x80" },
- { 0x000001FF, "\xC7\xBF" },
- { 0x00000200, "\xC8\x80" },
- { 0x00000201, "\xC8\x81" },
- { 0x00000202, "\xC8\x82" },
- { 0x00000204, "\xC8\x84" },
- { 0x00000208, "\xC8\x88" },
- { 0x00000210, "\xC8\x90" },
- { 0x00000220, "\xC8\xA0" },
- { 0x00000240, "\xC9\x80" },
- { 0x00000280, "\xCA\x80" },
- { 0x00000300, "\xCC\x80" },
- { 0x000003FF, "\xCF\xBF" },
- { 0x00000400, "\xD0\x80" },
- { 0x00000401, "\xD0\x81" },
- { 0x00000402, "\xD0\x82" },
- { 0x00000404, "\xD0\x84" },
- { 0x00000408, "\xD0\x88" },
- { 0x00000410, "\xD0\x90" },
- { 0x00000420, "\xD0\xA0" },
- { 0x00000440, "\xD1\x80" },
- { 0x00000480, "\xD2\x80" },
- { 0x00000500, "\xD4\x80" },
- { 0x00000600, "\xD8\x80" },
- { 0x000007FF, "\xDF\xBF" },
-
- { 0x00000800, "\xE0\xA0\x80" },
- { 0x00000801, "\xE0\xA0\x81" },
- { 0x00000802, "\xE0\xA0\x82" },
- { 0x00000804, "\xE0\xA0\x84" },
- { 0x00000808, "\xE0\xA0\x88" },
- { 0x00000810, "\xE0\xA0\x90" },
- { 0x00000820, "\xE0\xA0\xA0" },
- { 0x00000840, "\xE0\xA1\x80" },
- { 0x00000880, "\xE0\xA2\x80" },
- { 0x00000900, "\xE0\xA4\x80" },
- { 0x00000A00, "\xE0\xA8\x80" },
- { 0x00000C00, "\xE0\xB0\x80" },
- { 0x00000FFF, "\xE0\xBF\xBF" },
- { 0x00001000, "\xE1\x80\x80" },
- { 0x00001001, "\xE1\x80\x81" },
- { 0x00001002, "\xE1\x80\x82" },
- { 0x00001004, "\xE1\x80\x84" },
- { 0x00001008, "\xE1\x80\x88" },
- { 0x00001010, "\xE1\x80\x90" },
- { 0x00001020, "\xE1\x80\xA0" },
- { 0x00001040, "\xE1\x81\x80" },
- { 0x00001080, "\xE1\x82\x80" },
- { 0x00001100, "\xE1\x84\x80" },
- { 0x00001200, "\xE1\x88\x80" },
- { 0x00001400, "\xE1\x90\x80" },
- { 0x00001800, "\xE1\xA0\x80" },
- { 0x00001FFF, "\xE1\xBF\xBF" },
- { 0x00002000, "\xE2\x80\x80" },
- { 0x00002001, "\xE2\x80\x81" },
- { 0x00002002, "\xE2\x80\x82" },
- { 0x00002004, "\xE2\x80\x84" },
- { 0x00002008, "\xE2\x80\x88" },
- { 0x00002010, "\xE2\x80\x90" },
- { 0x00002020, "\xE2\x80\xA0" },
- { 0x00002040, "\xE2\x81\x80" },
- { 0x00002080, "\xE2\x82\x80" },
- { 0x00002100, "\xE2\x84\x80" },
- { 0x00002200, "\xE2\x88\x80" },
- { 0x00002400, "\xE2\x90\x80" },
- { 0x00002800, "\xE2\xA0\x80" },
- { 0x00003000, "\xE3\x80\x80" },
- { 0x00003FFF, "\xE3\xBF\xBF" },
- { 0x00004000, "\xE4\x80\x80" },
- { 0x00004001, "\xE4\x80\x81" },
- { 0x00004002, "\xE4\x80\x82" },
- { 0x00004004, "\xE4\x80\x84" },
- { 0x00004008, "\xE4\x80\x88" },
- { 0x00004010, "\xE4\x80\x90" },
- { 0x00004020, "\xE4\x80\xA0" },
- { 0x00004040, "\xE4\x81\x80" },
- { 0x00004080, "\xE4\x82\x80" },
- { 0x00004100, "\xE4\x84\x80" },
- { 0x00004200, "\xE4\x88\x80" },
- { 0x00004400, "\xE4\x90\x80" },
- { 0x00004800, "\xE4\xA0\x80" },
- { 0x00005000, "\xE5\x80\x80" },
- { 0x00006000, "\xE6\x80\x80" },
- { 0x00007FFF, "\xE7\xBF\xBF" },
- { 0x00008000, "\xE8\x80\x80" },
- { 0x00008001, "\xE8\x80\x81" },
- { 0x00008002, "\xE8\x80\x82" },
- { 0x00008004, "\xE8\x80\x84" },
- { 0x00008008, "\xE8\x80\x88" },
- { 0x00008010, "\xE8\x80\x90" },
- { 0x00008020, "\xE8\x80\xA0" },
- { 0x00008040, "\xE8\x81\x80" },
- { 0x00008080, "\xE8\x82\x80" },
- { 0x00008100, "\xE8\x84\x80" },
- { 0x00008200, "\xE8\x88\x80" },
- { 0x00008400, "\xE8\x90\x80" },
- { 0x00008800, "\xE8\xA0\x80" },
- { 0x00009000, "\xE9\x80\x80" },
- { 0x0000A000, "\xEA\x80\x80" },
- { 0x0000C000, "\xEC\x80\x80" },
- { 0x0000FFFF, "\xEF\xBF\xBF" },
-
- { 0x00010000, "\xF0\x90\x80\x80" },
- { 0x00010001, "\xF0\x90\x80\x81" },
- { 0x00010002, "\xF0\x90\x80\x82" },
- { 0x00010004, "\xF0\x90\x80\x84" },
- { 0x00010008, "\xF0\x90\x80\x88" },
- { 0x00010010, "\xF0\x90\x80\x90" },
- { 0x00010020, "\xF0\x90\x80\xA0" },
- { 0x00010040, "\xF0\x90\x81\x80" },
- { 0x00010080, "\xF0\x90\x82\x80" },
- { 0x00010100, "\xF0\x90\x84\x80" },
- { 0x00010200, "\xF0\x90\x88\x80" },
- { 0x00010400, "\xF0\x90\x90\x80" },
- { 0x00010800, "\xF0\x90\xA0\x80" },
- { 0x00011000, "\xF0\x91\x80\x80" },
- { 0x00012000, "\xF0\x92\x80\x80" },
- { 0x00014000, "\xF0\x94\x80\x80" },
- { 0x00018000, "\xF0\x98\x80\x80" },
- { 0x0001FFFF, "\xF0\x9F\xBF\xBF" },
- { 0x00020000, "\xF0\xA0\x80\x80" },
- { 0x00020001, "\xF0\xA0\x80\x81" },
- { 0x00020002, "\xF0\xA0\x80\x82" },
- { 0x00020004, "\xF0\xA0\x80\x84" },
- { 0x00020008, "\xF0\xA0\x80\x88" },
- { 0x00020010, "\xF0\xA0\x80\x90" },
- { 0x00020020, "\xF0\xA0\x80\xA0" },
- { 0x00020040, "\xF0\xA0\x81\x80" },
- { 0x00020080, "\xF0\xA0\x82\x80" },
- { 0x00020100, "\xF0\xA0\x84\x80" },
- { 0x00020200, "\xF0\xA0\x88\x80" },
- { 0x00020400, "\xF0\xA0\x90\x80" },
- { 0x00020800, "\xF0\xA0\xA0\x80" },
- { 0x00021000, "\xF0\xA1\x80\x80" },
- { 0x00022000, "\xF0\xA2\x80\x80" },
- { 0x00024000, "\xF0\xA4\x80\x80" },
- { 0x00028000, "\xF0\xA8\x80\x80" },
- { 0x00030000, "\xF0\xB0\x80\x80" },
- { 0x0003FFFF, "\xF0\xBF\xBF\xBF" },
- { 0x00040000, "\xF1\x80\x80\x80" },
- { 0x00040001, "\xF1\x80\x80\x81" },
- { 0x00040002, "\xF1\x80\x80\x82" },
- { 0x00040004, "\xF1\x80\x80\x84" },
- { 0x00040008, "\xF1\x80\x80\x88" },
- { 0x00040010, "\xF1\x80\x80\x90" },
- { 0x00040020, "\xF1\x80\x80\xA0" },
- { 0x00040040, "\xF1\x80\x81\x80" },
- { 0x00040080, "\xF1\x80\x82\x80" },
- { 0x00040100, "\xF1\x80\x84\x80" },
- { 0x00040200, "\xF1\x80\x88\x80" },
- { 0x00040400, "\xF1\x80\x90\x80" },
- { 0x00040800, "\xF1\x80\xA0\x80" },
- { 0x00041000, "\xF1\x81\x80\x80" },
- { 0x00042000, "\xF1\x82\x80\x80" },
- { 0x00044000, "\xF1\x84\x80\x80" },
- { 0x00048000, "\xF1\x88\x80\x80" },
- { 0x00050000, "\xF1\x90\x80\x80" },
- { 0x00060000, "\xF1\xA0\x80\x80" },
- { 0x0007FFFF, "\xF1\xBF\xBF\xBF" },
- { 0x00080000, "\xF2\x80\x80\x80" },
- { 0x00080001, "\xF2\x80\x80\x81" },
- { 0x00080002, "\xF2\x80\x80\x82" },
- { 0x00080004, "\xF2\x80\x80\x84" },
- { 0x00080008, "\xF2\x80\x80\x88" },
- { 0x00080010, "\xF2\x80\x80\x90" },
- { 0x00080020, "\xF2\x80\x80\xA0" },
- { 0x00080040, "\xF2\x80\x81\x80" },
- { 0x00080080, "\xF2\x80\x82\x80" },
- { 0x00080100, "\xF2\x80\x84\x80" },
- { 0x00080200, "\xF2\x80\x88\x80" },
- { 0x00080400, "\xF2\x80\x90\x80" },
- { 0x00080800, "\xF2\x80\xA0\x80" },
- { 0x00081000, "\xF2\x81\x80\x80" },
- { 0x00082000, "\xF2\x82\x80\x80" },
- { 0x00084000, "\xF2\x84\x80\x80" },
- { 0x00088000, "\xF2\x88\x80\x80" },
- { 0x00090000, "\xF2\x90\x80\x80" },
- { 0x000A0000, "\xF2\xA0\x80\x80" },
- { 0x000C0000, "\xF3\x80\x80\x80" },
- { 0x000FFFFF, "\xF3\xBF\xBF\xBF" },
- { 0x00100000, "\xF4\x80\x80\x80" },
- { 0x00100001, "\xF4\x80\x80\x81" },
- { 0x00100002, "\xF4\x80\x80\x82" },
- { 0x00100004, "\xF4\x80\x80\x84" },
- { 0x00100008, "\xF4\x80\x80\x88" },
- { 0x00100010, "\xF4\x80\x80\x90" },
- { 0x00100020, "\xF4\x80\x80\xA0" },
- { 0x00100040, "\xF4\x80\x81\x80" },
- { 0x00100080, "\xF4\x80\x82\x80" },
- { 0x00100100, "\xF4\x80\x84\x80" },
- { 0x00100200, "\xF4\x80\x88\x80" },
- { 0x00100400, "\xF4\x80\x90\x80" },
- { 0x00100800, "\xF4\x80\xA0\x80" },
- { 0x00101000, "\xF4\x81\x80\x80" },
- { 0x00102000, "\xF4\x82\x80\x80" },
- { 0x00104000, "\xF4\x84\x80\x80" },
- { 0x00108000, "\xF4\x88\x80\x80" },
- { 0x00110000, "\xF4\x90\x80\x80" },
- { 0x00120000, "\xF4\xA0\x80\x80" },
- { 0x00140000, "\xF5\x80\x80\x80" },
- { 0x00180000, "\xF6\x80\x80\x80" },
- { 0x001FFFFF, "\xF7\xBF\xBF\xBF" },
-
- { 0x00200000, "\xF8\x88\x80\x80\x80" },
- { 0x00200001, "\xF8\x88\x80\x80\x81" },
- { 0x00200002, "\xF8\x88\x80\x80\x82" },
- { 0x00200004, "\xF8\x88\x80\x80\x84" },
- { 0x00200008, "\xF8\x88\x80\x80\x88" },
- { 0x00200010, "\xF8\x88\x80\x80\x90" },
- { 0x00200020, "\xF8\x88\x80\x80\xA0" },
- { 0x00200040, "\xF8\x88\x80\x81\x80" },
- { 0x00200080, "\xF8\x88\x80\x82\x80" },
- { 0x00200100, "\xF8\x88\x80\x84\x80" },
- { 0x00200200, "\xF8\x88\x80\x88\x80" },
- { 0x00200400, "\xF8\x88\x80\x90\x80" },
- { 0x00200800, "\xF8\x88\x80\xA0\x80" },
- { 0x00201000, "\xF8\x88\x81\x80\x80" },
- { 0x00202000, "\xF8\x88\x82\x80\x80" },
- { 0x00204000, "\xF8\x88\x84\x80\x80" },
- { 0x00208000, "\xF8\x88\x88\x80\x80" },
- { 0x00210000, "\xF8\x88\x90\x80\x80" },
- { 0x00220000, "\xF8\x88\xA0\x80\x80" },
- { 0x00240000, "\xF8\x89\x80\x80\x80" },
- { 0x00280000, "\xF8\x8A\x80\x80\x80" },
- { 0x00300000, "\xF8\x8C\x80\x80\x80" },
- { 0x003FFFFF, "\xF8\x8F\xBF\xBF\xBF" },
- { 0x00400000, "\xF8\x90\x80\x80\x80" },
- { 0x00400001, "\xF8\x90\x80\x80\x81" },
- { 0x00400002, "\xF8\x90\x80\x80\x82" },
- { 0x00400004, "\xF8\x90\x80\x80\x84" },
- { 0x00400008, "\xF8\x90\x80\x80\x88" },
- { 0x00400010, "\xF8\x90\x80\x80\x90" },
- { 0x00400020, "\xF8\x90\x80\x80\xA0" },
- { 0x00400040, "\xF8\x90\x80\x81\x80" },
- { 0x00400080, "\xF8\x90\x80\x82\x80" },
- { 0x00400100, "\xF8\x90\x80\x84\x80" },
- { 0x00400200, "\xF8\x90\x80\x88\x80" },
- { 0x00400400, "\xF8\x90\x80\x90\x80" },
- { 0x00400800, "\xF8\x90\x80\xA0\x80" },
- { 0x00401000, "\xF8\x90\x81\x80\x80" },
- { 0x00402000, "\xF8\x90\x82\x80\x80" },
- { 0x00404000, "\xF8\x90\x84\x80\x80" },
- { 0x00408000, "\xF8\x90\x88\x80\x80" },
- { 0x00410000, "\xF8\x90\x90\x80\x80" },
- { 0x00420000, "\xF8\x90\xA0\x80\x80" },
- { 0x00440000, "\xF8\x91\x80\x80\x80" },
- { 0x00480000, "\xF8\x92\x80\x80\x80" },
- { 0x00500000, "\xF8\x94\x80\x80\x80" },
- { 0x00600000, "\xF8\x98\x80\x80\x80" },
- { 0x007FFFFF, "\xF8\x9F\xBF\xBF\xBF" },
- { 0x00800000, "\xF8\xA0\x80\x80\x80" },
- { 0x00800001, "\xF8\xA0\x80\x80\x81" },
- { 0x00800002, "\xF8\xA0\x80\x80\x82" },
- { 0x00800004, "\xF8\xA0\x80\x80\x84" },
- { 0x00800008, "\xF8\xA0\x80\x80\x88" },
- { 0x00800010, "\xF8\xA0\x80\x80\x90" },
- { 0x00800020, "\xF8\xA0\x80\x80\xA0" },
- { 0x00800040, "\xF8\xA0\x80\x81\x80" },
- { 0x00800080, "\xF8\xA0\x80\x82\x80" },
- { 0x00800100, "\xF8\xA0\x80\x84\x80" },
- { 0x00800200, "\xF8\xA0\x80\x88\x80" },
- { 0x00800400, "\xF8\xA0\x80\x90\x80" },
- { 0x00800800, "\xF8\xA0\x80\xA0\x80" },
- { 0x00801000, "\xF8\xA0\x81\x80\x80" },
- { 0x00802000, "\xF8\xA0\x82\x80\x80" },
- { 0x00804000, "\xF8\xA0\x84\x80\x80" },
- { 0x00808000, "\xF8\xA0\x88\x80\x80" },
- { 0x00810000, "\xF8\xA0\x90\x80\x80" },
- { 0x00820000, "\xF8\xA0\xA0\x80\x80" },
- { 0x00840000, "\xF8\xA1\x80\x80\x80" },
- { 0x00880000, "\xF8\xA2\x80\x80\x80" },
- { 0x00900000, "\xF8\xA4\x80\x80\x80" },
- { 0x00A00000, "\xF8\xA8\x80\x80\x80" },
- { 0x00C00000, "\xF8\xB0\x80\x80\x80" },
- { 0x00FFFFFF, "\xF8\xBF\xBF\xBF\xBF" },
- { 0x01000000, "\xF9\x80\x80\x80\x80" },
- { 0x01000001, "\xF9\x80\x80\x80\x81" },
- { 0x01000002, "\xF9\x80\x80\x80\x82" },
- { 0x01000004, "\xF9\x80\x80\x80\x84" },
- { 0x01000008, "\xF9\x80\x80\x80\x88" },
- { 0x01000010, "\xF9\x80\x80\x80\x90" },
- { 0x01000020, "\xF9\x80\x80\x80\xA0" },
- { 0x01000040, "\xF9\x80\x80\x81\x80" },
- { 0x01000080, "\xF9\x80\x80\x82\x80" },
- { 0x01000100, "\xF9\x80\x80\x84\x80" },
- { 0x01000200, "\xF9\x80\x80\x88\x80" },
- { 0x01000400, "\xF9\x80\x80\x90\x80" },
- { 0x01000800, "\xF9\x80\x80\xA0\x80" },
- { 0x01001000, "\xF9\x80\x81\x80\x80" },
- { 0x01002000, "\xF9\x80\x82\x80\x80" },
- { 0x01004000, "\xF9\x80\x84\x80\x80" },
- { 0x01008000, "\xF9\x80\x88\x80\x80" },
- { 0x01010000, "\xF9\x80\x90\x80\x80" },
- { 0x01020000, "\xF9\x80\xA0\x80\x80" },
- { 0x01040000, "\xF9\x81\x80\x80\x80" },
- { 0x01080000, "\xF9\x82\x80\x80\x80" },
- { 0x01100000, "\xF9\x84\x80\x80\x80" },
- { 0x01200000, "\xF9\x88\x80\x80\x80" },
- { 0x01400000, "\xF9\x90\x80\x80\x80" },
- { 0x01800000, "\xF9\xA0\x80\x80\x80" },
- { 0x01FFFFFF, "\xF9\xBF\xBF\xBF\xBF" },
- { 0x02000000, "\xFA\x80\x80\x80\x80" },
- { 0x02000001, "\xFA\x80\x80\x80\x81" },
- { 0x02000002, "\xFA\x80\x80\x80\x82" },
- { 0x02000004, "\xFA\x80\x80\x80\x84" },
- { 0x02000008, "\xFA\x80\x80\x80\x88" },
- { 0x02000010, "\xFA\x80\x80\x80\x90" },
- { 0x02000020, "\xFA\x80\x80\x80\xA0" },
- { 0x02000040, "\xFA\x80\x80\x81\x80" },
- { 0x02000080, "\xFA\x80\x80\x82\x80" },
- { 0x02000100, "\xFA\x80\x80\x84\x80" },
- { 0x02000200, "\xFA\x80\x80\x88\x80" },
- { 0x02000400, "\xFA\x80\x80\x90\x80" },
- { 0x02000800, "\xFA\x80\x80\xA0\x80" },
- { 0x02001000, "\xFA\x80\x81\x80\x80" },
- { 0x02002000, "\xFA\x80\x82\x80\x80" },
- { 0x02004000, "\xFA\x80\x84\x80\x80" },
- { 0x02008000, "\xFA\x80\x88\x80\x80" },
- { 0x02010000, "\xFA\x80\x90\x80\x80" },
- { 0x02020000, "\xFA\x80\xA0\x80\x80" },
- { 0x02040000, "\xFA\x81\x80\x80\x80" },
- { 0x02080000, "\xFA\x82\x80\x80\x80" },
- { 0x02100000, "\xFA\x84\x80\x80\x80" },
- { 0x02200000, "\xFA\x88\x80\x80\x80" },
- { 0x02400000, "\xFA\x90\x80\x80\x80" },
- { 0x02800000, "\xFA\xA0\x80\x80\x80" },
- { 0x03000000, "\xFB\x80\x80\x80\x80" },
- { 0x03FFFFFF, "\xFB\xBF\xBF\xBF\xBF" },
-
- { 0x04000000, "\xFC\x84\x80\x80\x80\x80" },
- { 0x04000001, "\xFC\x84\x80\x80\x80\x81" },
- { 0x04000002, "\xFC\x84\x80\x80\x80\x82" },
- { 0x04000004, "\xFC\x84\x80\x80\x80\x84" },
- { 0x04000008, "\xFC\x84\x80\x80\x80\x88" },
- { 0x04000010, "\xFC\x84\x80\x80\x80\x90" },
- { 0x04000020, "\xFC\x84\x80\x80\x80\xA0" },
- { 0x04000040, "\xFC\x84\x80\x80\x81\x80" },
- { 0x04000080, "\xFC\x84\x80\x80\x82\x80" },
- { 0x04000100, "\xFC\x84\x80\x80\x84\x80" },
- { 0x04000200, "\xFC\x84\x80\x80\x88\x80" },
- { 0x04000400, "\xFC\x84\x80\x80\x90\x80" },
- { 0x04000800, "\xFC\x84\x80\x80\xA0\x80" },
- { 0x04001000, "\xFC\x84\x80\x81\x80\x80" },
- { 0x04002000, "\xFC\x84\x80\x82\x80\x80" },
- { 0x04004000, "\xFC\x84\x80\x84\x80\x80" },
- { 0x04008000, "\xFC\x84\x80\x88\x80\x80" },
- { 0x04010000, "\xFC\x84\x80\x90\x80\x80" },
- { 0x04020000, "\xFC\x84\x80\xA0\x80\x80" },
- { 0x04040000, "\xFC\x84\x81\x80\x80\x80" },
- { 0x04080000, "\xFC\x84\x82\x80\x80\x80" },
- { 0x04100000, "\xFC\x84\x84\x80\x80\x80" },
- { 0x04200000, "\xFC\x84\x88\x80\x80\x80" },
- { 0x04400000, "\xFC\x84\x90\x80\x80\x80" },
- { 0x04800000, "\xFC\x84\xA0\x80\x80\x80" },
- { 0x05000000, "\xFC\x85\x80\x80\x80\x80" },
- { 0x06000000, "\xFC\x86\x80\x80\x80\x80" },
- { 0x07FFFFFF, "\xFC\x87\xBF\xBF\xBF\xBF" },
- { 0x08000000, "\xFC\x88\x80\x80\x80\x80" },
- { 0x08000001, "\xFC\x88\x80\x80\x80\x81" },
- { 0x08000002, "\xFC\x88\x80\x80\x80\x82" },
- { 0x08000004, "\xFC\x88\x80\x80\x80\x84" },
- { 0x08000008, "\xFC\x88\x80\x80\x80\x88" },
- { 0x08000010, "\xFC\x88\x80\x80\x80\x90" },
- { 0x08000020, "\xFC\x88\x80\x80\x80\xA0" },
- { 0x08000040, "\xFC\x88\x80\x80\x81\x80" },
- { 0x08000080, "\xFC\x88\x80\x80\x82\x80" },
- { 0x08000100, "\xFC\x88\x80\x80\x84\x80" },
- { 0x08000200, "\xFC\x88\x80\x80\x88\x80" },
- { 0x08000400, "\xFC\x88\x80\x80\x90\x80" },
- { 0x08000800, "\xFC\x88\x80\x80\xA0\x80" },
- { 0x08001000, "\xFC\x88\x80\x81\x80\x80" },
- { 0x08002000, "\xFC\x88\x80\x82\x80\x80" },
- { 0x08004000, "\xFC\x88\x80\x84\x80\x80" },
- { 0x08008000, "\xFC\x88\x80\x88\x80\x80" },
- { 0x08010000, "\xFC\x88\x80\x90\x80\x80" },
- { 0x08020000, "\xFC\x88\x80\xA0\x80\x80" },
- { 0x08040000, "\xFC\x88\x81\x80\x80\x80" },
- { 0x08080000, "\xFC\x88\x82\x80\x80\x80" },
- { 0x08100000, "\xFC\x88\x84\x80\x80\x80" },
- { 0x08200000, "\xFC\x88\x88\x80\x80\x80" },
- { 0x08400000, "\xFC\x88\x90\x80\x80\x80" },
- { 0x08800000, "\xFC\x88\xA0\x80\x80\x80" },
- { 0x09000000, "\xFC\x89\x80\x80\x80\x80" },
- { 0x0A000000, "\xFC\x8A\x80\x80\x80\x80" },
- { 0x0C000000, "\xFC\x8C\x80\x80\x80\x80" },
- { 0x0FFFFFFF, "\xFC\x8F\xBF\xBF\xBF\xBF" },
- { 0x10000000, "\xFC\x90\x80\x80\x80\x80" },
- { 0x10000001, "\xFC\x90\x80\x80\x80\x81" },
- { 0x10000002, "\xFC\x90\x80\x80\x80\x82" },
- { 0x10000004, "\xFC\x90\x80\x80\x80\x84" },
- { 0x10000008, "\xFC\x90\x80\x80\x80\x88" },
- { 0x10000010, "\xFC\x90\x80\x80\x80\x90" },
- { 0x10000020, "\xFC\x90\x80\x80\x80\xA0" },
- { 0x10000040, "\xFC\x90\x80\x80\x81\x80" },
- { 0x10000080, "\xFC\x90\x80\x80\x82\x80" },
- { 0x10000100, "\xFC\x90\x80\x80\x84\x80" },
- { 0x10000200, "\xFC\x90\x80\x80\x88\x80" },
- { 0x10000400, "\xFC\x90\x80\x80\x90\x80" },
- { 0x10000800, "\xFC\x90\x80\x80\xA0\x80" },
- { 0x10001000, "\xFC\x90\x80\x81\x80\x80" },
- { 0x10002000, "\xFC\x90\x80\x82\x80\x80" },
- { 0x10004000, "\xFC\x90\x80\x84\x80\x80" },
- { 0x10008000, "\xFC\x90\x80\x88\x80\x80" },
- { 0x10010000, "\xFC\x90\x80\x90\x80\x80" },
- { 0x10020000, "\xFC\x90\x80\xA0\x80\x80" },
- { 0x10040000, "\xFC\x90\x81\x80\x80\x80" },
- { 0x10080000, "\xFC\x90\x82\x80\x80\x80" },
- { 0x10100000, "\xFC\x90\x84\x80\x80\x80" },
- { 0x10200000, "\xFC\x90\x88\x80\x80\x80" },
- { 0x10400000, "\xFC\x90\x90\x80\x80\x80" },
- { 0x10800000, "\xFC\x90\xA0\x80\x80\x80" },
- { 0x11000000, "\xFC\x91\x80\x80\x80\x80" },
- { 0x12000000, "\xFC\x92\x80\x80\x80\x80" },
- { 0x14000000, "\xFC\x94\x80\x80\x80\x80" },
- { 0x18000000, "\xFC\x98\x80\x80\x80\x80" },
- { 0x1FFFFFFF, "\xFC\x9F\xBF\xBF\xBF\xBF" },
- { 0x20000000, "\xFC\xA0\x80\x80\x80\x80" },
- { 0x20000001, "\xFC\xA0\x80\x80\x80\x81" },
- { 0x20000002, "\xFC\xA0\x80\x80\x80\x82" },
- { 0x20000004, "\xFC\xA0\x80\x80\x80\x84" },
- { 0x20000008, "\xFC\xA0\x80\x80\x80\x88" },
- { 0x20000010, "\xFC\xA0\x80\x80\x80\x90" },
- { 0x20000020, "\xFC\xA0\x80\x80\x80\xA0" },
- { 0x20000040, "\xFC\xA0\x80\x80\x81\x80" },
- { 0x20000080, "\xFC\xA0\x80\x80\x82\x80" },
- { 0x20000100, "\xFC\xA0\x80\x80\x84\x80" },
- { 0x20000200, "\xFC\xA0\x80\x80\x88\x80" },
- { 0x20000400, "\xFC\xA0\x80\x80\x90\x80" },
- { 0x20000800, "\xFC\xA0\x80\x80\xA0\x80" },
- { 0x20001000, "\xFC\xA0\x80\x81\x80\x80" },
- { 0x20002000, "\xFC\xA0\x80\x82\x80\x80" },
- { 0x20004000, "\xFC\xA0\x80\x84\x80\x80" },
- { 0x20008000, "\xFC\xA0\x80\x88\x80\x80" },
- { 0x20010000, "\xFC\xA0\x80\x90\x80\x80" },
- { 0x20020000, "\xFC\xA0\x80\xA0\x80\x80" },
- { 0x20040000, "\xFC\xA0\x81\x80\x80\x80" },
- { 0x20080000, "\xFC\xA0\x82\x80\x80\x80" },
- { 0x20100000, "\xFC\xA0\x84\x80\x80\x80" },
- { 0x20200000, "\xFC\xA0\x88\x80\x80\x80" },
- { 0x20400000, "\xFC\xA0\x90\x80\x80\x80" },
- { 0x20800000, "\xFC\xA0\xA0\x80\x80\x80" },
- { 0x21000000, "\xFC\xA1\x80\x80\x80\x80" },
- { 0x22000000, "\xFC\xA2\x80\x80\x80\x80" },
- { 0x24000000, "\xFC\xA4\x80\x80\x80\x80" },
- { 0x28000000, "\xFC\xA8\x80\x80\x80\x80" },
- { 0x30000000, "\xFC\xB0\x80\x80\x80\x80" },
- { 0x3FFFFFFF, "\xFC\xBF\xBF\xBF\xBF\xBF" },
- { 0x40000000, "\xFD\x80\x80\x80\x80\x80" },
- { 0x40000001, "\xFD\x80\x80\x80\x80\x81" },
- { 0x40000002, "\xFD\x80\x80\x80\x80\x82" },
- { 0x40000004, "\xFD\x80\x80\x80\x80\x84" },
- { 0x40000008, "\xFD\x80\x80\x80\x80\x88" },
- { 0x40000010, "\xFD\x80\x80\x80\x80\x90" },
- { 0x40000020, "\xFD\x80\x80\x80\x80\xA0" },
- { 0x40000040, "\xFD\x80\x80\x80\x81\x80" },
- { 0x40000080, "\xFD\x80\x80\x80\x82\x80" },
- { 0x40000100, "\xFD\x80\x80\x80\x84\x80" },
- { 0x40000200, "\xFD\x80\x80\x80\x88\x80" },
- { 0x40000400, "\xFD\x80\x80\x80\x90\x80" },
- { 0x40000800, "\xFD\x80\x80\x80\xA0\x80" },
- { 0x40001000, "\xFD\x80\x80\x81\x80\x80" },
- { 0x40002000, "\xFD\x80\x80\x82\x80\x80" },
- { 0x40004000, "\xFD\x80\x80\x84\x80\x80" },
- { 0x40008000, "\xFD\x80\x80\x88\x80\x80" },
- { 0x40010000, "\xFD\x80\x80\x90\x80\x80" },
- { 0x40020000, "\xFD\x80\x80\xA0\x80\x80" },
- { 0x40040000, "\xFD\x80\x81\x80\x80\x80" },
- { 0x40080000, "\xFD\x80\x82\x80\x80\x80" },
- { 0x40100000, "\xFD\x80\x84\x80\x80\x80" },
- { 0x40200000, "\xFD\x80\x88\x80\x80\x80" },
- { 0x40400000, "\xFD\x80\x90\x80\x80\x80" },
- { 0x40800000, "\xFD\x80\xA0\x80\x80\x80" },
- { 0x41000000, "\xFD\x81\x80\x80\x80\x80" },
- { 0x42000000, "\xFD\x82\x80\x80\x80\x80" },
- { 0x44000000, "\xFD\x84\x80\x80\x80\x80" },
- { 0x48000000, "\xFD\x88\x80\x80\x80\x80" },
- { 0x50000000, "\xFD\x90\x80\x80\x80\x80" },
- { 0x60000000, "\xFD\xA0\x80\x80\x80\x80" },
- { 0x7FFFFFFF, "\xFD\xBF\xBF\xBF\xBF\xBF" }
-};
-
-/*
- * UCS-2 vectors
- */
-
-struct ucs2 ucs2[] = {
- { 0x0001, "\x01" },
- { 0x0002, "\x02" },
- { 0x0003, "\x03" },
- { 0x0004, "\x04" },
- { 0x0007, "\x07" },
- { 0x0008, "\x08" },
- { 0x000F, "\x0F" },
- { 0x0010, "\x10" },
- { 0x001F, "\x1F" },
- { 0x0020, "\x20" },
- { 0x003F, "\x3F" },
- { 0x0040, "\x40" },
- { 0x007F, "\x7F" },
-
- { 0x0080, "\xC2\x80" },
- { 0x0081, "\xC2\x81" },
- { 0x0082, "\xC2\x82" },
- { 0x0084, "\xC2\x84" },
- { 0x0088, "\xC2\x88" },
- { 0x0090, "\xC2\x90" },
- { 0x00A0, "\xC2\xA0" },
- { 0x00C0, "\xC3\x80" },
- { 0x00FF, "\xC3\xBF" },
- { 0x0100, "\xC4\x80" },
- { 0x0101, "\xC4\x81" },
- { 0x0102, "\xC4\x82" },
- { 0x0104, "\xC4\x84" },
- { 0x0108, "\xC4\x88" },
- { 0x0110, "\xC4\x90" },
- { 0x0120, "\xC4\xA0" },
- { 0x0140, "\xC5\x80" },
- { 0x0180, "\xC6\x80" },
- { 0x01FF, "\xC7\xBF" },
- { 0x0200, "\xC8\x80" },
- { 0x0201, "\xC8\x81" },
- { 0x0202, "\xC8\x82" },
- { 0x0204, "\xC8\x84" },
- { 0x0208, "\xC8\x88" },
- { 0x0210, "\xC8\x90" },
- { 0x0220, "\xC8\xA0" },
- { 0x0240, "\xC9\x80" },
- { 0x0280, "\xCA\x80" },
- { 0x0300, "\xCC\x80" },
- { 0x03FF, "\xCF\xBF" },
- { 0x0400, "\xD0\x80" },
- { 0x0401, "\xD0\x81" },
- { 0x0402, "\xD0\x82" },
- { 0x0404, "\xD0\x84" },
- { 0x0408, "\xD0\x88" },
- { 0x0410, "\xD0\x90" },
- { 0x0420, "\xD0\xA0" },
- { 0x0440, "\xD1\x80" },
- { 0x0480, "\xD2\x80" },
- { 0x0500, "\xD4\x80" },
- { 0x0600, "\xD8\x80" },
- { 0x07FF, "\xDF\xBF" },
-
- { 0x0800, "\xE0\xA0\x80" },
- { 0x0801, "\xE0\xA0\x81" },
- { 0x0802, "\xE0\xA0\x82" },
- { 0x0804, "\xE0\xA0\x84" },
- { 0x0808, "\xE0\xA0\x88" },
- { 0x0810, "\xE0\xA0\x90" },
- { 0x0820, "\xE0\xA0\xA0" },
- { 0x0840, "\xE0\xA1\x80" },
- { 0x0880, "\xE0\xA2\x80" },
- { 0x0900, "\xE0\xA4\x80" },
- { 0x0A00, "\xE0\xA8\x80" },
- { 0x0C00, "\xE0\xB0\x80" },
- { 0x0FFF, "\xE0\xBF\xBF" },
- { 0x1000, "\xE1\x80\x80" },
- { 0x1001, "\xE1\x80\x81" },
- { 0x1002, "\xE1\x80\x82" },
- { 0x1004, "\xE1\x80\x84" },
- { 0x1008, "\xE1\x80\x88" },
- { 0x1010, "\xE1\x80\x90" },
- { 0x1020, "\xE1\x80\xA0" },
- { 0x1040, "\xE1\x81\x80" },
- { 0x1080, "\xE1\x82\x80" },
- { 0x1100, "\xE1\x84\x80" },
- { 0x1200, "\xE1\x88\x80" },
- { 0x1400, "\xE1\x90\x80" },
- { 0x1800, "\xE1\xA0\x80" },
- { 0x1FFF, "\xE1\xBF\xBF" },
- { 0x2000, "\xE2\x80\x80" },
- { 0x2001, "\xE2\x80\x81" },
- { 0x2002, "\xE2\x80\x82" },
- { 0x2004, "\xE2\x80\x84" },
- { 0x2008, "\xE2\x80\x88" },
- { 0x2010, "\xE2\x80\x90" },
- { 0x2020, "\xE2\x80\xA0" },
- { 0x2040, "\xE2\x81\x80" },
- { 0x2080, "\xE2\x82\x80" },
- { 0x2100, "\xE2\x84\x80" },
- { 0x2200, "\xE2\x88\x80" },
- { 0x2400, "\xE2\x90\x80" },
- { 0x2800, "\xE2\xA0\x80" },
- { 0x3000, "\xE3\x80\x80" },
- { 0x3FFF, "\xE3\xBF\xBF" },
- { 0x4000, "\xE4\x80\x80" },
- { 0x4001, "\xE4\x80\x81" },
- { 0x4002, "\xE4\x80\x82" },
- { 0x4004, "\xE4\x80\x84" },
- { 0x4008, "\xE4\x80\x88" },
- { 0x4010, "\xE4\x80\x90" },
- { 0x4020, "\xE4\x80\xA0" },
- { 0x4040, "\xE4\x81\x80" },
- { 0x4080, "\xE4\x82\x80" },
- { 0x4100, "\xE4\x84\x80" },
- { 0x4200, "\xE4\x88\x80" },
- { 0x4400, "\xE4\x90\x80" },
- { 0x4800, "\xE4\xA0\x80" },
- { 0x5000, "\xE5\x80\x80" },
- { 0x6000, "\xE6\x80\x80" },
- { 0x7FFF, "\xE7\xBF\xBF" },
- { 0x8000, "\xE8\x80\x80" },
- { 0x8001, "\xE8\x80\x81" },
- { 0x8002, "\xE8\x80\x82" },
- { 0x8004, "\xE8\x80\x84" },
- { 0x8008, "\xE8\x80\x88" },
- { 0x8010, "\xE8\x80\x90" },
- { 0x8020, "\xE8\x80\xA0" },
- { 0x8040, "\xE8\x81\x80" },
- { 0x8080, "\xE8\x82\x80" },
- { 0x8100, "\xE8\x84\x80" },
- { 0x8200, "\xE8\x88\x80" },
- { 0x8400, "\xE8\x90\x80" },
- { 0x8800, "\xE8\xA0\x80" },
- { 0x9000, "\xE9\x80\x80" },
- { 0xA000, "\xEA\x80\x80" },
- { 0xC000, "\xEC\x80\x80" },
- { 0xFFFF, "\xEF\xBF\xBF" }
-
-};
-
-#ifdef UTF16
-/*
- * UTF-16 vectors
- */
-
-struct utf16 utf16[] = {
- { 0x00010000, { 0xD800, 0xDC00 } },
- { 0x00010001, { 0xD800, 0xDC01 } },
- { 0x00010002, { 0xD800, 0xDC02 } },
- { 0x00010003, { 0xD800, 0xDC03 } },
- { 0x00010004, { 0xD800, 0xDC04 } },
- { 0x00010007, { 0xD800, 0xDC07 } },
- { 0x00010008, { 0xD800, 0xDC08 } },
- { 0x0001000F, { 0xD800, 0xDC0F } },
- { 0x00010010, { 0xD800, 0xDC10 } },
- { 0x0001001F, { 0xD800, 0xDC1F } },
- { 0x00010020, { 0xD800, 0xDC20 } },
- { 0x0001003F, { 0xD800, 0xDC3F } },
- { 0x00010040, { 0xD800, 0xDC40 } },
- { 0x0001007F, { 0xD800, 0xDC7F } },
- { 0x00010080, { 0xD800, 0xDC80 } },
- { 0x00010081, { 0xD800, 0xDC81 } },
- { 0x00010082, { 0xD800, 0xDC82 } },
- { 0x00010084, { 0xD800, 0xDC84 } },
- { 0x00010088, { 0xD800, 0xDC88 } },
- { 0x00010090, { 0xD800, 0xDC90 } },
- { 0x000100A0, { 0xD800, 0xDCA0 } },
- { 0x000100C0, { 0xD800, 0xDCC0 } },
- { 0x000100FF, { 0xD800, 0xDCFF } },
- { 0x00010100, { 0xD800, 0xDD00 } },
- { 0x00010101, { 0xD800, 0xDD01 } },
- { 0x00010102, { 0xD800, 0xDD02 } },
- { 0x00010104, { 0xD800, 0xDD04 } },
- { 0x00010108, { 0xD800, 0xDD08 } },
- { 0x00010110, { 0xD800, 0xDD10 } },
- { 0x00010120, { 0xD800, 0xDD20 } },
- { 0x00010140, { 0xD800, 0xDD40 } },
- { 0x00010180, { 0xD800, 0xDD80 } },
- { 0x000101FF, { 0xD800, 0xDDFF } },
- { 0x00010200, { 0xD800, 0xDE00 } },
- { 0x00010201, { 0xD800, 0xDE01 } },
- { 0x00010202, { 0xD800, 0xDE02 } },
- { 0x00010204, { 0xD800, 0xDE04 } },
- { 0x00010208, { 0xD800, 0xDE08 } },
- { 0x00010210, { 0xD800, 0xDE10 } },
- { 0x00010220, { 0xD800, 0xDE20 } },
- { 0x00010240, { 0xD800, 0xDE40 } },
- { 0x00010280, { 0xD800, 0xDE80 } },
- { 0x00010300, { 0xD800, 0xDF00 } },
- { 0x000103FF, { 0xD800, 0xDFFF } },
- { 0x00010400, { 0xD801, 0xDC00 } },
- { 0x00010401, { 0xD801, 0xDC01 } },
- { 0x00010402, { 0xD801, 0xDC02 } },
- { 0x00010404, { 0xD801, 0xDC04 } },
- { 0x00010408, { 0xD801, 0xDC08 } },
- { 0x00010410, { 0xD801, 0xDC10 } },
- { 0x00010420, { 0xD801, 0xDC20 } },
- { 0x00010440, { 0xD801, 0xDC40 } },
- { 0x00010480, { 0xD801, 0xDC80 } },
- { 0x00010500, { 0xD801, 0xDD00 } },
- { 0x00010600, { 0xD801, 0xDE00 } },
- { 0x000107FF, { 0xD801, 0xDFFF } },
- { 0x00010800, { 0xD802, 0xDC00 } },
- { 0x00010801, { 0xD802, 0xDC01 } },
- { 0x00010802, { 0xD802, 0xDC02 } },
- { 0x00010804, { 0xD802, 0xDC04 } },
- { 0x00010808, { 0xD802, 0xDC08 } },
- { 0x00010810, { 0xD802, 0xDC10 } },
- { 0x00010820, { 0xD802, 0xDC20 } },
- { 0x00010840, { 0xD802, 0xDC40 } },
- { 0x00010880, { 0xD802, 0xDC80 } },
- { 0x00010900, { 0xD802, 0xDD00 } },
- { 0x00010A00, { 0xD802, 0xDE00 } },
- { 0x00010C00, { 0xD803, 0xDC00 } },
- { 0x00010FFF, { 0xD803, 0xDFFF } },
- { 0x00011000, { 0xD804, 0xDC00 } },
- { 0x00011001, { 0xD804, 0xDC01 } },
- { 0x00011002, { 0xD804, 0xDC02 } },
- { 0x00011004, { 0xD804, 0xDC04 } },
- { 0x00011008, { 0xD804, 0xDC08 } },
- { 0x00011010, { 0xD804, 0xDC10 } },
- { 0x00011020, { 0xD804, 0xDC20 } },
- { 0x00011040, { 0xD804, 0xDC40 } },
- { 0x00011080, { 0xD804, 0xDC80 } },
- { 0x00011100, { 0xD804, 0xDD00 } },
- { 0x00011200, { 0xD804, 0xDE00 } },
- { 0x00011400, { 0xD805, 0xDC00 } },
- { 0x00011800, { 0xD806, 0xDC00 } },
- { 0x00011FFF, { 0xD807, 0xDFFF } },
- { 0x00012000, { 0xD808, 0xDC00 } },
- { 0x00012001, { 0xD808, 0xDC01 } },
- { 0x00012002, { 0xD808, 0xDC02 } },
- { 0x00012004, { 0xD808, 0xDC04 } },
- { 0x00012008, { 0xD808, 0xDC08 } },
- { 0x00012010, { 0xD808, 0xDC10 } },
- { 0x00012020, { 0xD808, 0xDC20 } },
- { 0x00012040, { 0xD808, 0xDC40 } },
- { 0x00012080, { 0xD808, 0xDC80 } },
- { 0x00012100, { 0xD808, 0xDD00 } },
- { 0x00012200, { 0xD808, 0xDE00 } },
- { 0x00012400, { 0xD809, 0xDC00 } },
- { 0x00012800, { 0xD80A, 0xDC00 } },
- { 0x00013000, { 0xD80C, 0xDC00 } },
- { 0x00013FFF, { 0xD80F, 0xDFFF } },
- { 0x00014000, { 0xD810, 0xDC00 } },
- { 0x00014001, { 0xD810, 0xDC01 } },
- { 0x00014002, { 0xD810, 0xDC02 } },
- { 0x00014004, { 0xD810, 0xDC04 } },
- { 0x00014008, { 0xD810, 0xDC08 } },
- { 0x00014010, { 0xD810, 0xDC10 } },
- { 0x00014020, { 0xD810, 0xDC20 } },
- { 0x00014040, { 0xD810, 0xDC40 } },
- { 0x00014080, { 0xD810, 0xDC80 } },
- { 0x00014100, { 0xD810, 0xDD00 } },
- { 0x00014200, { 0xD810, 0xDE00 } },
- { 0x00014400, { 0xD811, 0xDC00 } },
- { 0x00014800, { 0xD812, 0xDC00 } },
- { 0x00015000, { 0xD814, 0xDC00 } },
- { 0x00016000, { 0xD818, 0xDC00 } },
- { 0x00017FFF, { 0xD81F, 0xDFFF } },
- { 0x00018000, { 0xD820, 0xDC00 } },
- { 0x00018001, { 0xD820, 0xDC01 } },
- { 0x00018002, { 0xD820, 0xDC02 } },
- { 0x00018004, { 0xD820, 0xDC04 } },
- { 0x00018008, { 0xD820, 0xDC08 } },
- { 0x00018010, { 0xD820, 0xDC10 } },
- { 0x00018020, { 0xD820, 0xDC20 } },
- { 0x00018040, { 0xD820, 0xDC40 } },
- { 0x00018080, { 0xD820, 0xDC80 } },
- { 0x00018100, { 0xD820, 0xDD00 } },
- { 0x00018200, { 0xD820, 0xDE00 } },
- { 0x00018400, { 0xD821, 0xDC00 } },
- { 0x00018800, { 0xD822, 0xDC00 } },
- { 0x00019000, { 0xD824, 0xDC00 } },
- { 0x0001A000, { 0xD828, 0xDC00 } },
- { 0x0001C000, { 0xD830, 0xDC00 } },
- { 0x0001FFFF, { 0xD83F, 0xDFFF } },
- { 0x00020000, { 0xD840, 0xDC00 } },
- { 0x00020001, { 0xD840, 0xDC01 } },
- { 0x00020002, { 0xD840, 0xDC02 } },
- { 0x00020004, { 0xD840, 0xDC04 } },
- { 0x00020008, { 0xD840, 0xDC08 } },
- { 0x00020010, { 0xD840, 0xDC10 } },
- { 0x00020020, { 0xD840, 0xDC20 } },
- { 0x00020040, { 0xD840, 0xDC40 } },
- { 0x00020080, { 0xD840, 0xDC80 } },
- { 0x00020100, { 0xD840, 0xDD00 } },
- { 0x00020200, { 0xD840, 0xDE00 } },
- { 0x00020400, { 0xD841, 0xDC00 } },
- { 0x00020800, { 0xD842, 0xDC00 } },
- { 0x00021000, { 0xD844, 0xDC00 } },
- { 0x00022000, { 0xD848, 0xDC00 } },
- { 0x00024000, { 0xD850, 0xDC00 } },
- { 0x00028000, { 0xD860, 0xDC00 } },
- { 0x0002FFFF, { 0xD87F, 0xDFFF } },
- { 0x00030000, { 0xD880, 0xDC00 } },
- { 0x00030001, { 0xD880, 0xDC01 } },
- { 0x00030002, { 0xD880, 0xDC02 } },
- { 0x00030004, { 0xD880, 0xDC04 } },
- { 0x00030008, { 0xD880, 0xDC08 } },
- { 0x00030010, { 0xD880, 0xDC10 } },
- { 0x00030020, { 0xD880, 0xDC20 } },
- { 0x00030040, { 0xD880, 0xDC40 } },
- { 0x00030080, { 0xD880, 0xDC80 } },
- { 0x00030100, { 0xD880, 0xDD00 } },
- { 0x00030200, { 0xD880, 0xDE00 } },
- { 0x00030400, { 0xD881, 0xDC00 } },
- { 0x00030800, { 0xD882, 0xDC00 } },
- { 0x00031000, { 0xD884, 0xDC00 } },
- { 0x00032000, { 0xD888, 0xDC00 } },
- { 0x00034000, { 0xD890, 0xDC00 } },
- { 0x00038000, { 0xD8A0, 0xDC00 } },
- { 0x0003FFFF, { 0xD8BF, 0xDFFF } },
- { 0x00040000, { 0xD8C0, 0xDC00 } },
- { 0x00040001, { 0xD8C0, 0xDC01 } },
- { 0x00040002, { 0xD8C0, 0xDC02 } },
- { 0x00040004, { 0xD8C0, 0xDC04 } },
- { 0x00040008, { 0xD8C0, 0xDC08 } },
- { 0x00040010, { 0xD8C0, 0xDC10 } },
- { 0x00040020, { 0xD8C0, 0xDC20 } },
- { 0x00040040, { 0xD8C0, 0xDC40 } },
- { 0x00040080, { 0xD8C0, 0xDC80 } },
- { 0x00040100, { 0xD8C0, 0xDD00 } },
- { 0x00040200, { 0xD8C0, 0xDE00 } },
- { 0x00040400, { 0xD8C1, 0xDC00 } },
- { 0x00040800, { 0xD8C2, 0xDC00 } },
- { 0x00041000, { 0xD8C4, 0xDC00 } },
- { 0x00042000, { 0xD8C8, 0xDC00 } },
- { 0x00044000, { 0xD8D0, 0xDC00 } },
- { 0x00048000, { 0xD8E0, 0xDC00 } },
- { 0x0004FFFF, { 0xD8FF, 0xDFFF } },
- { 0x00050000, { 0xD900, 0xDC00 } },
- { 0x00050001, { 0xD900, 0xDC01 } },
- { 0x00050002, { 0xD900, 0xDC02 } },
- { 0x00050004, { 0xD900, 0xDC04 } },
- { 0x00050008, { 0xD900, 0xDC08 } },
- { 0x00050010, { 0xD900, 0xDC10 } },
- { 0x00050020, { 0xD900, 0xDC20 } },
- { 0x00050040, { 0xD900, 0xDC40 } },
- { 0x00050080, { 0xD900, 0xDC80 } },
- { 0x00050100, { 0xD900, 0xDD00 } },
- { 0x00050200, { 0xD900, 0xDE00 } },
- { 0x00050400, { 0xD901, 0xDC00 } },
- { 0x00050800, { 0xD902, 0xDC00 } },
- { 0x00051000, { 0xD904, 0xDC00 } },
- { 0x00052000, { 0xD908, 0xDC00 } },
- { 0x00054000, { 0xD910, 0xDC00 } },
- { 0x00058000, { 0xD920, 0xDC00 } },
- { 0x00060000, { 0xD940, 0xDC00 } },
- { 0x00070000, { 0xD980, 0xDC00 } },
- { 0x0007FFFF, { 0xD9BF, 0xDFFF } },
- { 0x00080000, { 0xD9C0, 0xDC00 } },
- { 0x00080001, { 0xD9C0, 0xDC01 } },
- { 0x00080002, { 0xD9C0, 0xDC02 } },
- { 0x00080004, { 0xD9C0, 0xDC04 } },
- { 0x00080008, { 0xD9C0, 0xDC08 } },
- { 0x00080010, { 0xD9C0, 0xDC10 } },
- { 0x00080020, { 0xD9C0, 0xDC20 } },
- { 0x00080040, { 0xD9C0, 0xDC40 } },
- { 0x00080080, { 0xD9C0, 0xDC80 } },
- { 0x00080100, { 0xD9C0, 0xDD00 } },
- { 0x00080200, { 0xD9C0, 0xDE00 } },
- { 0x00080400, { 0xD9C1, 0xDC00 } },
- { 0x00080800, { 0xD9C2, 0xDC00 } },
- { 0x00081000, { 0xD9C4, 0xDC00 } },
- { 0x00082000, { 0xD9C8, 0xDC00 } },
- { 0x00084000, { 0xD9D0, 0xDC00 } },
- { 0x00088000, { 0xD9E0, 0xDC00 } },
- { 0x0008FFFF, { 0xD9FF, 0xDFFF } },
- { 0x00090000, { 0xDA00, 0xDC00 } },
- { 0x00090001, { 0xDA00, 0xDC01 } },
- { 0x00090002, { 0xDA00, 0xDC02 } },
- { 0x00090004, { 0xDA00, 0xDC04 } },
- { 0x00090008, { 0xDA00, 0xDC08 } },
- { 0x00090010, { 0xDA00, 0xDC10 } },
- { 0x00090020, { 0xDA00, 0xDC20 } },
- { 0x00090040, { 0xDA00, 0xDC40 } },
- { 0x00090080, { 0xDA00, 0xDC80 } },
- { 0x00090100, { 0xDA00, 0xDD00 } },
- { 0x00090200, { 0xDA00, 0xDE00 } },
- { 0x00090400, { 0xDA01, 0xDC00 } },
- { 0x00090800, { 0xDA02, 0xDC00 } },
- { 0x00091000, { 0xDA04, 0xDC00 } },
- { 0x00092000, { 0xDA08, 0xDC00 } },
- { 0x00094000, { 0xDA10, 0xDC00 } },
- { 0x00098000, { 0xDA20, 0xDC00 } },
- { 0x000A0000, { 0xDA40, 0xDC00 } },
- { 0x000B0000, { 0xDA80, 0xDC00 } },
- { 0x000C0000, { 0xDAC0, 0xDC00 } },
- { 0x000D0000, { 0xDB00, 0xDC00 } },
- { 0x000FFFFF, { 0xDBBF, 0xDFFF } },
- { 0x0010FFFF, { 0xDBFF, 0xDFFF } }
-
-};
-#endif /* UTF16 */
-
-static void
-dump_utf8
-(
- char *word,
- unsigned char *utf8,
- char *end
-)
-{
- fprintf(stdout, "%s ", word);
- for( ; *utf8; utf8++ ) {
- fprintf(stdout, "%02.2x ", (unsigned int)*utf8);
- }
- fprintf(stdout, "%s", end);
-}
-
-static PRBool
-test_ucs4_chars
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- int i;
-
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- struct ucs4 *e = &ucs4[i];
- PRBool result;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint32 back = 0;
-
- (void)memset(utf8, 0, sizeof(utf8));
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8\n", e->c);
- rv = PR_FALSE;
- continue;
- }
-
- if( (len >= sizeof(utf8)) ||
- (strlen(e->utf8) != len) ||
- (utf8[len] = '\0', 0 != strcmp(e->utf8, utf8)) ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x%08.8x to UTF-8: ", e->c);
- dump_utf8("expected", e->utf8, ", ");
- dump_utf8("received", utf8, "\n");
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back, sizeof(back), &len);
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UCS-4\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back) != len) || (e->c != back) ) {
- dump_utf8("Wrong conversion of UTF-8", utf8, " to UCS-4:");
- fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back);
- rv = PR_FALSE;
- continue;
- }
- }
-
- return rv;
-}
-
-static PRBool
-test_ucs2_chars
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- int i;
-
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- struct ucs2 *e = &ucs2[i];
- PRBool result;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint16 back = 0;
-
- (void)memset(utf8, 0, sizeof(utf8));
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-2 0x%04.4x to UTF-8\n", e->c);
- rv = PR_FALSE;
- continue;
- }
-
- if( (len >= sizeof(utf8)) ||
- (strlen(e->utf8) != len) ||
- (utf8[len] = '\0', 0 != strcmp(e->utf8, utf8)) ) {
- fprintf(stdout, "Wrong conversion of UCS-2 0x%04.4x to UTF-8: ", e->c);
- dump_utf8("expected", e->utf8, ", ");
- dump_utf8("received", utf8, "\n");
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back, sizeof(back), &len);
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UCS-2\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back) != len) || (e->c != back) ) {
- dump_utf8("Wrong conversion of UTF-8", utf8, "to UCS-2:");
- fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back);
- rv = PR_FALSE;
- continue;
- }
- }
-
- return rv;
-}
-
-#ifdef UTF16
-static PRBool
-test_utf16_chars
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- int i;
-
- for( i = 0; i < sizeof(utf16)/sizeof(utf16[0]); i++ ) {
- struct utf16 *e = &utf16[i];
- PRBool result;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint32 back32 = 0;
- PRUint16 back[2];
-
- (void)memset(utf8, 0, sizeof(utf8));
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->w[0], sizeof(e->w), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UTF-16 0x%04.4x 0x%04.4x to UTF-8\n",
- e->w[0], e->w[1]);
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back32, sizeof(back32), &len);
-
- if( 4 != len ) {
- fprintf(stdout, "Failed to convert UTF-16 0x%04.4x 0x%04.4x to UTF-8: "
- "unexpected len %d\n", e->w[0], e->w[1], len);
- rv = PR_FALSE;
- continue;
- }
-
- utf8[len] = '\0'; /* null-terminate for printing */
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UCS-4 (utf-16 test)\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back32) != len) || (e->c != back32) ) {
- fprintf(stdout, "Wrong conversion of UTF-16 0x%04.4x 0x%04.4x ",
- e->w[0], e->w[1]);
- dump_utf8("to UTF-8", utf8, "and then to UCS-4: ");
- if( sizeof(back32) != len ) {
- fprintf(stdout, "len is %d\n", len);
- } else {
- fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back32);
- }
- rv = PR_FALSE;
- continue;
- }
-
- (void)memset(utf8, 0, sizeof(utf8));
- back[0] = back[1] = 0;
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8 (utf-16 test)\n",
- e->c);
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back[0], sizeof(back), &len);
-
- if( 4 != len ) {
- fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8: "
- "unexpected len %d\n", e->c, len);
- rv = PR_FALSE;
- continue;
- }
-
- utf8[len] = '\0'; /* null-terminate for printing */
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UTF-16\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back) != len) || (e->w[0] != back[0]) || (e->w[1] != back[1]) ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x%08.8x to UTF-8", e->c);
- dump_utf8("", utf8, "and then to UTF-16:");
- if( sizeof(back) != len ) {
- fprintf(stdout, "len is %d\n", len);
- } else {
- fprintf(stdout, "expected 0x%04.4x 0x%04.4x, received 0x%04.4x 0x%04.4xx\n",
- e->w[0], e->w[1], back[0], back[1]);
- }
- rv = PR_FALSE;
- continue;
- }
- }
-
- return rv;
-}
-#endif /* UTF16 */
-
-static PRBool
-test_zeroes
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- PRBool result;
- PRUint32 lzero = 0;
- PRUint16 szero = 0;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint32 lback = 1;
- PRUint16 sback = 1;
-
- (void)memset(utf8, 1, sizeof(utf8));
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&lzero, sizeof(lzero), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-4 0x00000000 to UTF-8\n");
- rv = PR_FALSE;
- } else if( 1 != len ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x00000000: len = %d\n", len);
- rv = PR_FALSE;
- } else if( '\0' != *utf8 ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x00000000: expected 00 ,"
- "received %02.2x\n", (unsigned int)*utf8);
- rv = PR_FALSE;
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- "", 1, (unsigned char *)&lback, sizeof(lback), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UTF-8 00 to UCS-4\n");
- rv = PR_FALSE;
- } else if( 4 != len ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-4: len = %d\n", len);
- rv = PR_FALSE;
- } else if( 0 != lback ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-4: "
- "expected 0x00000000, received 0x%08.8x\n", lback);
- rv = PR_FALSE;
- }
-
- (void)memset(utf8, 1, sizeof(utf8));
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&szero, sizeof(szero), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-2 0x0000 to UTF-8\n");
- rv = PR_FALSE;
- } else if( 1 != len ) {
- fprintf(stdout, "Wrong conversion of UCS-2 0x0000: len = %d\n", len);
- rv = PR_FALSE;
- } else if( '\0' != *utf8 ) {
- fprintf(stdout, "Wrong conversion of UCS-2 0x0000: expected 00 ,"
- "received %02.2x\n", (unsigned int)*utf8);
- rv = PR_FALSE;
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- "", 1, (unsigned char *)&sback, sizeof(sback), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UTF-8 00 to UCS-2\n");
- rv = PR_FALSE;
- } else if( 2 != len ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-2: len = %d\n", len);
- rv = PR_FALSE;
- } else if( 0 != sback ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-2: "
- "expected 0x0000, received 0x%04.4x\n", sback);
- rv = PR_FALSE;
- }
-
- return rv;
-}
-
-static PRBool
-test_multichars
-(
- void
-)
-{
- int i;
- unsigned int len, lenout;
- PRUint32 *ucs4s;
- char *ucs4_utf8;
- PRUint16 *ucs2s;
- char *ucs2_utf8;
- void *tmp;
- PRBool result;
-
- ucs4s = (PRUint32 *)calloc(sizeof(ucs4)/sizeof(ucs4[0]), sizeof(PRUint32));
- ucs2s = (PRUint16 *)calloc(sizeof(ucs2)/sizeof(ucs2[0]), sizeof(PRUint16));
-
- if( ((PRUint32 *)NULL == ucs4s) || ((PRUint16 *)NULL == ucs2s) ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- len = 0;
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- ucs4s[i] = ucs4[i].c;
- len += strlen(ucs4[i].utf8);
- }
-
- ucs4_utf8 = (char *)malloc(len);
-
- len = 0;
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- ucs2s[i] = ucs2[i].c;
- len += strlen(ucs2[i].utf8);
- }
-
- ucs2_utf8 = (char *)malloc(len);
-
- if( ((char *)NULL == ucs4_utf8) || ((char *)NULL == ucs2_utf8) ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- *ucs4_utf8 = '\0';
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- strcat(ucs4_utf8, ucs4[i].utf8);
- }
-
- *ucs2_utf8 = '\0';
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- strcat(ucs2_utf8, ucs2[i].utf8);
- }
-
- /* UTF-8 -> UCS-4 */
- len = sizeof(ucs4)/sizeof(ucs4[0]) * sizeof(PRUint32);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- ucs4_utf8, strlen(ucs4_utf8), tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UTF-8 to UCS-4\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UTF-8 to UCS-4\n");
- goto loser;
- }
-
- if( 0 != memcmp(ucs4s, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UTF-8 to UCS-4\n");
- goto loser;
- }
-
- free(tmp); tmp = (void *)NULL;
-
- /* UCS-4 -> UTF-8 */
- len = strlen(ucs4_utf8);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)ucs4s, sizeof(ucs4)/sizeof(ucs4[0]) * sizeof(PRUint32),
- tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UCS-4 to UTF-8\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UCS-4 to UTF-8\n");
- goto loser;
- }
-
- if( 0 != strncmp(ucs4_utf8, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UCS-4 to UTF-8\n");
- goto loser;
- }
-
- free(tmp); tmp = (void *)NULL;
-
- /* UTF-8 -> UCS-2 */
- len = sizeof(ucs2)/sizeof(ucs2[0]) * sizeof(PRUint16);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- ucs2_utf8, strlen(ucs2_utf8), tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UTF-8 to UCS-2\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UTF-8 to UCS-2\n");
- goto loser;
- }
-
- if( 0 != memcmp(ucs2s, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UTF-8 to UCS-2\n");
- goto loser;
- }
-
- free(tmp); tmp = (void *)NULL;
-
- /* UCS-2 -> UTF-8 */
- len = strlen(ucs2_utf8);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)ucs2s, sizeof(ucs2)/sizeof(ucs2[0]) * sizeof(PRUint16),
- tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UCS-2 to UTF-8\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UCS-2 to UTF-8\n");
- goto loser;
- }
-
- if( 0 != strncmp(ucs2_utf8, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UCS-2 to UTF-8\n");
- goto loser;
- }
-
-#ifdef UTF16
- /* implement me */
-#endif /* UTF16 */
-
- result = PR_TRUE;
- goto done;
-
- loser:
- result = PR_FALSE;
- done:
- free(ucs4s);
- free(ucs4_utf8);
- free(ucs2s);
- free(ucs2_utf8);
- if( (void *)NULL != tmp ) free(tmp);
- return result;
-}
-
-void
-byte_order
-(
- void
-)
-{
- /*
- * The implementation (now) expects the 16- and 32-bit characters
- * to be in network byte order, not host byte order. Therefore I
- * have to byteswap all those test vectors above. hton[ls] may be
- * functions, so I have to do this dynamically. If you want to
- * use this code to do host byte order conversions, just remove
- * the call in main() to this function.
- */
-
- int i;
-
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- struct ucs4 *e = &ucs4[i];
- e->c = htonl(e->c);
- }
-
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- struct ucs2 *e = &ucs2[i];
- e->c = htons(e->c);
- }
-
-#ifdef UTF16
- for( i = 0; i < sizeof(utf16)/sizeof(utf16[0]); i++ ) {
- struct utf16 *e = &utf16[i];
- e->c = htonl(e->c);
- e->w[0] = htons(e->w[0]);
- e->w[1] = htons(e->w[1]);
- }
-#endif /* UTF16 */
-
- return;
-}
-
-int
-main
-(
- int argc,
- char *argv[]
-)
-{
- byte_order();
-
- if( test_ucs4_chars() &&
- test_ucs2_chars() &&
-#ifdef UTF16
- test_utf16_chars() &&
-#endif /* UTF16 */
- test_zeroes() &&
- test_multichars() &&
- PR_TRUE ) {
- fprintf(stderr, "PASS\n");
- return 1;
- } else {
- fprintf(stderr, "FAIL\n");
- return 0;
- }
-}
-
-#endif /* TEST_UTF8 */
diff --git a/security/nss/lib/util/watcomfx.h b/security/nss/lib/util/watcomfx.h
deleted file mode 100644
index bc1d20f72..000000000
--- a/security/nss/lib/util/watcomfx.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#ifndef __WATCOM_FIX_H__
-#define __WATCOM_FIX_H__ 1
-/*
- * WATCOM's C compiler doesn't default to "__cdecl" conventions for external
- * symbols and functions. Rather than adding an explicit __cdecl modifier to
- * every external symbol and function declaration and definition, we use the
- * following pragma to (attempt to) change WATCOM c's default to __cdecl.
- * These pragmas were taken from pages 180-181, 266 & 269 of the
- * Watcom C/C++ version 11 User's Guide, 3rd edition.
- */
-#if defined(XP_WIN16) || defined(WIN16)
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [ax] \
- modify [ax bx cx dx es]
-#else
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [eax] \
- modify [eax ecx edx]
-#endif
-#pragma aux default far
-
-#endif /* once */
-#endif /* WATCOM compiler */
diff --git a/security/nss/macbuild/LoadableRoots.mcp.exp b/security/nss/macbuild/LoadableRoots.mcp.exp
deleted file mode 100644
index 562ecea21..000000000
--- a/security/nss/macbuild/LoadableRoots.mcp.exp
+++ /dev/null
@@ -1 +0,0 @@
-C_GetFunctionList
diff --git a/security/nss/macbuild/LoadableRoots.xml b/security/nss/macbuild/LoadableRoots.xml
deleted file mode 100644
index 5f3682970..000000000
--- a/security/nss/macbuild/LoadableRoots.xml
+++ /dev/null
@@ -1,2664 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>NSSckbi.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:builtins:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>NSSckbi.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>25ps6an5jceai[&#213;&#224; &#177;&#176;(</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSSCKBI</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckbi.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>mozz</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>anchor.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>constants.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bfind.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>binst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bobject.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bsession.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>btoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSSckfw.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>LoadableRoots.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>anchor.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>constants.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bfind.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>binst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bobject.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bsession.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>btoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSSckfw.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>LoadableRoots.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>NSSckbiDebug.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:builtins:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>NSSckbiDebug.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>25ps6an5jceai[&#213;&#224; &#177;&#176;(</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSSCKBI</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckbiDebug.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>mozz</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>anchor.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>constants.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bfind.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>binst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bobject.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bsession.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>btoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSSckfwDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>LoadableRoots.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>anchor.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>constants.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bfind.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>binst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bobject.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bsession.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>btoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSSckfwDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>LoadableRoots.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>NSSckbi.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>NSSckbiDebug.shlb</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <GROUP><NAME>Libraries</NAME>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <GROUP><NAME>Optimized</NAME>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSSckfw.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Debug</NAME>
- <FILEREF>
- <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSSckfwDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- </GROUP>
- <GROUP><NAME>NSS Base</NAME>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>anchor.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>constants.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bfind.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>binst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bobject.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bsession.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>bslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>btoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>macstubs.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckbi.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>LoadableRoots.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/NSS.Prefix b/security/nss/macbuild/NSS.Prefix
deleted file mode 100755
index 9a088a3b1..000000000
--- a/security/nss/macbuild/NSS.Prefix
+++ /dev/null
@@ -1,3 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix.h"
-#include "NSSCommon.h"
diff --git a/security/nss/macbuild/NSS.xml b/security/nss/macbuild/NSS.xml
deleted file mode 100644
index a9aefb197..000000000
--- a/security/nss/macbuild/NSS.xml
+++ /dev/null
@@ -1,4408 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>NSS3Debug.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>NSS3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE>no connections avaiable</VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>253yj7s53gi3a[&#213;&#224; &#177;&#176;(</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSS3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSS3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg1485.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certv3.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certxutl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>genname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>polcyxtn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>stanpcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xauthkid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xbsconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>item.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ckhelper.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devmod.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devtoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asymmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certificate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cryptocontext.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pki3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkibase.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkistore.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>symmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tdcache.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>trustdomain.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhigh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhtml.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crlv2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ocsp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xcrldist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dev3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11cert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11err.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11kea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11load.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pars.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pk12.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11sdr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11skey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11util.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsautil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sechash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>seckey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secsign.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utilDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBMDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>Softoken3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg1485.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certv3.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certxutl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>genname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>polcyxtn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>stanpcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xauthkid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xbsconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>item.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ckhelper.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devmod.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devtoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asymmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certificate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cryptocontext.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pki3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkibase.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkistore.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>symmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tdcache.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>trustdomain.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhigh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhtml.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crlv2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ocsp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xcrldist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dev3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11cert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11err.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11kea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11load.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pars.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pk12.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11sdr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11skey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11util.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsautil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sechash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>seckey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secsign.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utilDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBMDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>Softoken3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>NSS3.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:asn1:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:smime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:certdb:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:certhigh:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:crmf:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:cryptohi:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:fortcrypt:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:freebl:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:jar:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:nss:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pk11wrap:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs12:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs7:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pki1:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ssl:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:softoken:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:dev:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pki:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>NSS3.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>253yj7s53gi3a[&#213;&#224; &#177;&#176;(</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSS3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSS3.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg1485.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certv3.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certxutl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>genname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>polcyxtn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>stanpcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xauthkid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xbsconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>item.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ckhelper.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devmod.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devtoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asymmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certificate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cryptocontext.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pki3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkibase.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkistore.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>symmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tdcache.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>trustdomain.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhigh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhtml.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crlv2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ocsp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xcrldist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dev3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11cert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11err.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11kea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11load.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pars.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pk12.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11sdr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11skey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11util.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsautil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sechash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>seckey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secsign.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>util.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBM.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>Softoken3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg1485.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certv3.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certxutl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>genname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>polcyxtn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>stanpcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xauthkid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xbsconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>item.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ckhelper.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devmod.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devtoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asymmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certificate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cryptocontext.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pki3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkibase.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkistore.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>symmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tdcache.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>trustdomain.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhigh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhtml.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crlv2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ocsp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xcrldist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dev3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11cert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11err.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11kea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11load.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pars.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pk12.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11sdr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11skey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11util.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsautil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sechash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>seckey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secsign.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>util.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBM.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>Softoken3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>NSS3Debug.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>NSS3.shlb</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <GROUP><NAME>Rescued Items</NAME>
- </GROUP>
- <GROUP><NAME>Libraries</NAME>
- <GROUP><NAME>Optimized</NAME>
- <FILEREF>
- <TARGETNAME>NSS3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>util.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBM.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>Softoken3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Debug</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utilDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBMDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>Softoken3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>asn1</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>base</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arena.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>error.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>errorval.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hashops.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>item.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>libc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tracker.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>whatnspr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>certdb</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg1485.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certv3.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certxutl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>genname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>polcyxtn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secname.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>stanpcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xauthkid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xbsconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xconst.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>certhigh</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhigh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certhtml.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crlv2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ocsp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>xcrldist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>cryptohi</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsautil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sechash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>seckey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secsign.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secvfy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>dev</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ckhelper.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devmod.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devslot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devtoken.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>devutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>nss</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>pk11wrap</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dev3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11cert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11err.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11kea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11list.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11load.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pars.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pk12.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11sdr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11skey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11util.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>pki</NAME>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asymmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certificate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cryptocontext.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pki3hack.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkibase.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkistore.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>symmkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>tdcache.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>trustdomain.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <FILEREF>
- <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/NSSCommon.h b/security/nss/macbuild/NSSCommon.h
deleted file mode 100755
index 83a54d7e3..000000000
--- a/security/nss/macbuild/NSSCommon.h
+++ /dev/null
@@ -1,6 +0,0 @@
-/* Defines common to all versions of NSS */
-
-#define NSPR20 1
-#define MP_API_COMPATIBLE 1
-#define NSS_3_4_CODE 1 /* Remove this when we start building NSS 4.0 by default */
-#define SHLIB_SUFFIX "shlb"
diff --git a/security/nss/macbuild/NSSDebug.Prefix b/security/nss/macbuild/NSSDebug.Prefix
deleted file mode 100755
index 967b0889c..000000000
--- a/security/nss/macbuild/NSSDebug.Prefix
+++ /dev/null
@@ -1,3 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix_debug.h"
-#include "NSSCommon.h"
diff --git a/security/nss/macbuild/NSSckfw.xml b/security/nss/macbuild/NSSckfw.xml
deleted file mode 100644
index 247e8e720..000000000
--- a/security/nss/macbuild/NSSckfw.xml
+++ /dev/null
@@ -1,2232 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>NSSckfw.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>NSSckfw.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>263jyj7n63jgi32p&#211;&#191;H</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level3</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckfw.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>find.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>instance.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mechanism.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>object.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>session.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sessobj.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>token.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>wrap.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>find.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>instance.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mechanism.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>object.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>session.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sessobj.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>token.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>wrap.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>NSSckfwDebug.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>NSSckfwDebug.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>263jyj7n63jgi32p&#211;&#191;H</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DLGX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckfwDebug.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>find.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>instance.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mechanism.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>object.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>session.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sessobj.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>token.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>wrap.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>find.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>instance.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mechanism.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>object.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>session.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sessobj.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>token.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>wrap.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>NSSckfw.o</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>NSSckfwDebug.o</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>find.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>hash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>instance.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mechanism.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>object.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>session.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sessobj.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>slot.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>token.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>NSSckfw.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>wrap.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/Softoken.Prefix b/security/nss/macbuild/Softoken.Prefix
deleted file mode 100644
index 977efc8e2..000000000
--- a/security/nss/macbuild/Softoken.Prefix
+++ /dev/null
@@ -1,4 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix.h"
-#include "NSSCommon.h"
-#include "SoftokenCommon.h" \ No newline at end of file
diff --git a/security/nss/macbuild/SoftokenCommon.h b/security/nss/macbuild/SoftokenCommon.h
deleted file mode 100644
index 026169e9d..000000000
--- a/security/nss/macbuild/SoftokenCommon.h
+++ /dev/null
@@ -1,2 +0,0 @@
-#define RIJNDAEL_INCLUDE_TABLES 1
-#define SHLIB_PREFIX "" \ No newline at end of file
diff --git a/security/nss/macbuild/SoftokenDebug.Prefix b/security/nss/macbuild/SoftokenDebug.Prefix
deleted file mode 100644
index d0303ca71..000000000
--- a/security/nss/macbuild/SoftokenDebug.Prefix
+++ /dev/null
@@ -1,4 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix_debug.h"
-#include "NSSCommon.h"
-#include "SoftokenCommon.h" \ No newline at end of file
diff --git a/security/nss/macbuild/crmf.xml b/security/nss/macbuild/crmf.xml
deleted file mode 100644
index 299a49281..000000000
--- a/security/nss/macbuild/crmf.xml
+++ /dev/null
@@ -1,2394 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>crmfDebug.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:crmf:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>crmfDebug.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0SA@</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>crmfDebug.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1cmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>challcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfchal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfrec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfresp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfcont.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfpop.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmftmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>encutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>servget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1cmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>challcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfchal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfrec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfresp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfcont.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfpop.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmftmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>encutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>servget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>crmf.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:crmf:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>crmf.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0SA@</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>crmf.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1cmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>challcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfchal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfrec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfresp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfcont.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfpop.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmftmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>encutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>servget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1cmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>challcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfchal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfrec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfresp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfcont.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfpop.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmftmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>encutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>servget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>crmfDebug.o</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>crmf.o</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>asn1cmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>challcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfchal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfrec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmmfresp.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfcont.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfpop.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmfreq.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>crmftmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>encutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcli.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>respcmn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>crmfDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>servget.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/macstubs.c b/security/nss/macbuild/macstubs.c
deleted file mode 100644
index 98613cd06..000000000
--- a/security/nss/macbuild/macstubs.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
- /*
- * This file is meant only to make the Mac version of the
- * loadable root certs not have to build the nsprstub for NSS
- * which causes 2 versions of the PR_* functions to be loaded.
- * Very bad potentially.
- */
-
- #include "pkcs11t.h"
-
- void
- nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs) {}
- \ No newline at end of file
diff --git a/security/nss/macbuild/smime.xml b/security/nss/macbuild/smime.xml
deleted file mode 100644
index 9671a3b56..000000000
--- a/security/nss/macbuild/smime.xml
+++ /dev/null
@@ -1,3250 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>SMIME3Debug.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs12:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs7:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:smime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>SMIME3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SMIME3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SMIME3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12creat.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12dec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12plcy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12tmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certread.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7common.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7create.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7decode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7encode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secmime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsarray.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsattr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscipher.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsenvdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsmessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmspubkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsrecinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsreclist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssiginfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimemessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimeutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimever.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smime.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12creat.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12dec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12plcy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12tmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certread.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7common.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7create.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7decode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7encode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secmime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsarray.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsattr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscipher.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsenvdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsmessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmspubkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsrecinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsreclist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssiginfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimemessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimeutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimever.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smime.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>SMIME3.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs12:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs7:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:smime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>SMIME3.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SMIME3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SMIME3.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12creat.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12dec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12plcy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12tmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certread.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7common.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7create.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7decode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7encode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secmime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsarray.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsattr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscipher.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsenvdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsmessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmspubkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsrecinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsreclist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssiginfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimemessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimeutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimever.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smime.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12creat.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12dec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12plcy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12tmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certread.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7common.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7create.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7decode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7encode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secmime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsarray.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsattr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscipher.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsenvdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsmessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmspubkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsrecinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsreclist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssiginfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimemessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimeutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimever.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smime.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>SMIME3Debug.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>SMIME3.shlb</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <GROUP><NAME>pkcs7</NAME>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>certread.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7common.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7create.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7decode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7encode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p7local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secmime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>pkcs12</NAME>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12creat.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12dec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12local.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12plcy.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>p12tmpl.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>smime</NAME>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsarray.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsasn1.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsattr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmscipher.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdecode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsdigest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsencode.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsenvdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsmessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmspubkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsrecinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsreclist.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssigdata.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmssiginfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmsutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimemessage.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimeutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smimever.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Libraries</NAME>
- <GROUP><NAME>Debug</NAME>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Optimized</NAME>
- <FILEREF>
- <TARGETNAME>SMIME3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SMIME3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <FILEREF>
- <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>smime.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/softoken.xml b/security/nss/macbuild/softoken.xml
deleted file mode 100644
index 383e36bf4..000000000
--- a/security/nss/macbuild/softoken.xml
+++ /dev/null
@@ -1,3464 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>Softoken3Debug.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:freebl:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:softoken:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>Softoken3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>SoftokenDebug.prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>Softoken3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>Softoken3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utilDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg2268.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfive.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfour.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>des.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>desblapi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ldvector.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md5.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prng_fips1861.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rijndael.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sha_fast.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sysrand.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mplogic.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpmontg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpprime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alghmac.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbmshim.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstokn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>keydb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowpbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>padbuf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11c.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rawhash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsawrapr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBMDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softoken.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softkver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utilDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg2268.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfive.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfour.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>des.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>desblapi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ldvector.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md5.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prng_fips1861.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rijndael.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sha_fast.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sysrand.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mplogic.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpmontg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpprime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alghmac.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbmshim.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstokn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>keydb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowpbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>padbuf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11c.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rawhash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsawrapr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBMDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softoken.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softkver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>Softoken3.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:freebl:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:softoken:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>Softoken3.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>Softoken.prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>Softoken3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>Softoken3.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg2268.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfive.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfour.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>des.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>desblapi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ldvector.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md5.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prng_fips1861.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rijndael.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sha_fast.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sysrand.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mplogic.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpmontg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpprime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alghmac.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbmshim.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstokn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>keydb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowpbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>padbuf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11c.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rawhash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsawrapr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>util.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBM.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softoken.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softkver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg2268.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfive.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfour.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>des.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>desblapi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ldvector.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md5.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prng_fips1861.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rijndael.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sha_fast.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sysrand.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mplogic.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpmontg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpprime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alghmac.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbmshim.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstokn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>keydb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowpbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>padbuf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11c.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rawhash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsawrapr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>util.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBM.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softoken.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softkver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>Softoken3Debug.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>Softoken3.shlb</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <GROUP><NAME>freebl</NAME>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alg2268.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfive.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>arcfour.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>des.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>desblapi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dh.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ldvector.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md2.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>md5.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prng_fips1861.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rijndael.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsa.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sha_fast.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sysrand.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpi.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mplogic.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpmontg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>mpprime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>softoken</NAME>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>alghmac.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dbmshim.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstest.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>fipstokn.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>keydb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowkey.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>lowpbe.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>padbuf.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pcertdb.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pk11db.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11c.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pkcs11u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rawhash.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>rsawrapr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softkver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Libraries</NAME>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>InterfacesStubs</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <GROUP><NAME>Optimized</NAME>
- <FILEREF>
- <TARGETNAME>Softoken3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>util.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBM.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Debug</NAME>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utilDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>DBMDebug.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- </GROUP>
- <FILEREF>
- <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>softoken.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/ssl.xml b/security/nss/macbuild/ssl.xml
deleted file mode 100644
index b6eed8118..000000000
--- a/security/nss/macbuild/ssl.xml
+++ /dev/null
@@ -1,2816 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>SSL3Debug.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ssl:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>SSL3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE>no connections avaiable</VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SSL3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SSL3Debug.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>authcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmpcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>emulate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsskea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prelib.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3con.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3gthr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslauth.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslcon.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssldef.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslenum.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslerr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslgathr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslmutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslnonce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslreveal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsecur.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsnce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssltrace.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>authcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmpcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>emulate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsskea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prelib.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3con.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3gthr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslauth.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslcon.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssldef.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslenum.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslerr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslgathr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslmutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslnonce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslreveal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsecur.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsnce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssltrace.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>SSL3.shlb</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:ssl:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>SSL3.shlb</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE>no connections avaiable</VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SSL3</VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SSL3.shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>authcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmpcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>emulate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsskea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prelib.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3con.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3gthr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslauth.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslcon.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssldef.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslenum.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslerr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslgathr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslmutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslnonce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslreveal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsecur.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsnce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssltrace.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Library</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS>Debug</FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>authcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmpcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>emulate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsskea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prelib.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3con.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3gthr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslauth.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslcon.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssldef.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslenum.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslerr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslgathr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslmutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslnonce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslreveal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsecur.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsnce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssltrace.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>SSL3Debug.shlb</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>SSL3.shlb</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <GROUP><NAME>ssl</NAME>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>authcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>cmpcert.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>emulate.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsskea.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>prelib.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3con.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl3gthr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslauth.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslcon.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssldef.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslenum.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslerr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslgathr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslinfo.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslmutex.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslnonce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslreveal.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsecur.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsnce.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslsock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssltrace.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sslver.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Libraries</NAME>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSLibraryStartup.o</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <GROUP><NAME>Optimized</NAME>
- <FILEREF>
- <TARGETNAME>SSL3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntime.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLib.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- <GROUP><NAME>Debug</NAME>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSS3Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSPR20Debug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSRuntimeDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>NSStdLibDebug.shlb</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUP>
- </GROUP>
- <FILEREF>
- <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>ssl.mcp.exp</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/util.xml b/security/nss/macbuild/util.xml
deleted file mode 100644
index 5cbd6cec8..000000000
--- a/security/nss/macbuild/util.xml
+++ /dev/null
@@ -1,2614 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
- <TARGETLIST>
- <TARGET>
- <NAME>utilDebug.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>utilDebug.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>264mqj7w64m8i3ap&#163;H</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>utilDebug.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dersubr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dertime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssilock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsslocks.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssrwlk.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>portreg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqgutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secalgid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>quickder.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secdig.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secitem.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secoid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secport.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sectime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dersubr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dertime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssilock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsslocks.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssrwlk.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>portreg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqgutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secalgid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>quickder.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secdig.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secitem.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secoid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secport.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sectime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- <TARGET>
- <NAME>util.o</NAME>
- <SETTINGLIST>
-
- <!-- Settings for "Source Trees" panel -->
- <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Access Paths" panel -->
- <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>UserSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
- <SETTING><NAME>SystemSearchPaths</NAME>
- <SETTING>
- <SETTING><NAME>SearchPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Runtime" panel -->
- <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Target Settings" panel -->
- <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
- <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Targetname</NAME><VALUE>util.o</VALUE></SETTING>
- <SETTING><NAME>OutputDirectory</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "File Mappings" panel -->
- <SETTING><NAME>FileMappings</NAME>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- <SETTING>
- <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
- <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
- </SETTING>
- </SETTING>
-
- <!-- Settings for "Build Extras" panel -->
- <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>DebuggerAppPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DebuggerWorkingDir</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Debugger Target" panel -->
- <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
- <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>AltExePath</NAME>
- <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
- <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Remote Debug" panel -->
- <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Auto-target" panel -->
- <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Custom Keywords" panel -->
- <SETTING><NAME>CustomColor1</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor2</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor3</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>CustomColor4</NAME>
- <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
- <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "C/C++ Compiler" panel -->
- <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "C/C++ Warnings" panel -->
- <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "FTP Panel" panel -->
- <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>264mqj7w64m8i3ap&#163;H</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Command Line" panel -->
- <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PJavaDebugging" panel -->
- <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
- <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java Language" panel -->
- <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
- <!-- Settings for "Java MRJAppBuilder" panel -->
- <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Java Output" panel -->
- <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "Java Project" panel -->
- <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "JavaDoc Project" panel -->
- <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
- <!-- Settings for "MacOS Merge Panel" panel -->
- <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
- <SETTING><VALUE>DGLX</VALUE></SETTING>
- <SETTING><VALUE>ckid</VALUE></SETTING>
- <SETTING><VALUE>Proj</VALUE></SETTING>
- <SETTING><VALUE>WSPC</VALUE></SETTING>
- <SETTING><VALUE>mcvs</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "Output Flags" panel -->
- <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "Packager Panel" panel -->
- <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC CodeGen Mach-O" panel -->
- <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Disassembler" panel -->
- <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "PPC Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "PPC Linker" panel -->
- <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Linker" panel -->
- <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Mach-O Target" panel -->
- <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
- <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
- <!-- Settings for "PPC PEF" panel -->
- <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
- <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "PPC Project" panel -->
- <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>util.o</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
- <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
- <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
- <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
- </SETTING>
- <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "PPCAsm Panel" panel -->
- <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "Rez Compiler" panel -->
- <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
- <!-- Settings for "WinRC Compiler" panel -->
- <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
- <!-- Settings for "x86 CodeGen" panel -->
- <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
- <!-- Settings for "x86 Disassembler" panel -->
- <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
- <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
- <!-- Settings for "x86 Exceptions Panel" panel -->
- <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- <SETTING><VALUE>0</VALUE></SETTING>
- </SETTING>
-
- <!-- Settings for "x86 Global Optimizer" panel -->
- <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
- <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
- <!-- Settings for "x86 Linker" panel -->
- <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
- <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
- <!-- Settings for "x86 Project" panel -->
- <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
- <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
- <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
- 0001000101000000000000000000000000000000000000000000000000000000
- 0000000000000000
- </VALUE></PANELDATA>
- </SETTINGLIST>
- <FILELIST>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dersubr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dertime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssilock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsslocks.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssrwlk.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>portreg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqgutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secalgid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>quickder.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secdig.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secitem.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secoid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secport.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sectime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- <FILE>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- <FILEKIND>Text</FILEKIND>
- <FILEFLAGS></FILEFLAGS>
- </FILE>
- </FILELIST>
- <LINKORDER>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dersubr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dertime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssilock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsslocks.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssrwlk.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>portreg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqgutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secalgid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>quickder.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secdig.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secitem.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secoid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secport.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sectime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </LINKORDER>
- </TARGET>
- </TARGETLIST>
-
- <TARGETORDER>
- <ORDEREDTARGET><NAME>utilDebug.o</NAME></ORDEREDTARGET>
- <ORDEREDTARGET><NAME>util.o</NAME></ORDEREDTARGET>
- </TARGETORDER>
-
- <GROUPLIST>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derdec.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>derenc.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dersubr.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>dertime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssb64e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssilock.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nsslocks.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>nssrwlk.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>portreg.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>pqgutil.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secalgid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1d.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1e.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secasn1u.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>quickder.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secdig.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secinit.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secitem.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secoid.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>secport.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>sectime.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- <FILEREF>
- <TARGETNAME>utilDebug.o</TARGETNAME>
- <PATHTYPE>Name</PATHTYPE>
- <PATH>utf8.c</PATH>
- <PATHFORMAT>MacOS</PATHFORMAT>
- </FILEREF>
- </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/makefile.win b/security/nss/makefile.win
deleted file mode 100644
index 332059a3f..000000000
--- a/security/nss/makefile.win
+++ /dev/null
@@ -1,100 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# An NMAKE file to set up and adjust NSS's build system for
-# Client build. Client build should invoke NMAKE on this file
-# instead of invoking gmake directly.
-#
-
-DEPTH = ..\..
-include <$(DEPTH)\config\config.mak>
-
-GMAKE = gmake.exe
-
-GMAKE_FLAGS = OBJDIR_NAME=$(OBJDIR) MOZILLA_CLIENT=1
-GMAKE_FLAGS = $(GMAKE_FLAGS) MOZILLA_INCLUDES="-I$(MOZ_SRC:\=/)/mozilla/dist/include/nspr -I$(MOZ_SRC:\=/)/mozilla/dist/include/dbm"
-
-#
-# The Client's debug build uses MSVC's debug runtime library (/MDd).
-#
-
-!ifndef MOZ_DEBUG
-GMAKE_FLAGS = $(GMAKE_FLAGS) BUILD_OPT=1
-!endif
-
-!if "$(MOZ_BITS)" == "16"
-GMAKE_FLAGS = $(GMAKE_FLAGS) OS_TARGET=WIN16
-!else
-
-GMAKE_FLAGS = $(GMAKE_FLAGS) OS_TARGET=WIN95
-!ifdef MOZ_DEBUG
-!ifndef MOZ_NO_DEBUG_RTL
-GMAKE_FLAGS = $(GMAKE_FLAGS) USE_DEBUG_RTL=1
-!endif
-!endif
-
-!endif
-
-#
-# The rules. Simply invoke gmake with the same target.
-# The default target is 'all'. For Win16, set up the
-# environment to use the Watcom compiler, Watcom headers,
-# and Watcom libs.
-#
-
-all:: export libs install
-
-install:: moz_import install_roots
-
-depend::
- $(GMAKE) -C lib $(GMAKE_FLAGS) clean
-
-export libs install clobber clobber_all clean::
-!if "$(MOZ_BITS)" == "16"
- set PATH=%WATCPATH%
- set INCLUDE=%WATC_INC%
- set LIB=%WATC_LIB%
-!endif
- $(GMAKE) -C lib $(GMAKE_FLAGS) $@
-!if "$(MOZ_BITS)" == "16"
- set PATH=%MSVCPATH%
- set INCLUDE=%MSVC_INC%
- set LIB=%MSVC_LIB%
-!endif
-
-moz_import::
- copy $(DIST)\lib\dbm32.lib $(DIST)\lib\dbm.lib
-
-install_roots::
- $(MAKE_INSTALL) $(DIST)\lib\nssckbi.dll $(DIST)\bin
diff --git a/security/nss/manifest.mn b/security/nss/manifest.mn
deleted file mode 100644
index 286954d04..000000000
--- a/security/nss/manifest.mn
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ..
-DEPTH = ..
-
-IMPORTS = nspr20/v4.3 \
- dbm/DBM_1_61_RTM \
- $(NULL)
-
-RELEASE = nss
-
-DIRS = lib cmd
-
-
diff --git a/security/nss/pkg/Makefile b/security/nss/pkg/Makefile
deleted file mode 100644
index 20eab6bbf..000000000
--- a/security/nss/pkg/Makefile
+++ /dev/null
@@ -1,55 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-publish:
-ifeq ($(OS_TARGET),Linux)
- rm -rf $(OBJDIR)
- cp -r linux $(OBJDIR)
- $(MAKE) -C $(OBJDIR) publish
-endif
-ifeq ($(OS_TARGET),SunOS)
- rm -rf $(OBJDIR)
- cp -r solaris $(OBJDIR)
- $(MAKE) -C $(OBJDIR) publish
-endif
-
-clean::
- rm -rf $(OBJDIR)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/security/nss/pkg/linux/Makefile b/security/nss/pkg/linux/Makefile
deleted file mode 100644
index f25d09f71..000000000
--- a/security/nss/pkg/linux/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-
-CORE_DEPTH = ../../..
-
-NAME = sun-nss
-RELEASE = 1
-TOPDIR = /usr/src/redhat
-VERSION = `grep NSS_VERSION $(CORE_DEPTH)/../dist/public/nss/nss.h \
- | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//'`
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-publish:
- $(MAKE) clean
- mkdir -p usr/lib/mps
- find $(CORE_DEPTH)/../dist/$(OBJDIR)/lib -type l \
- \( -name "*.so" -o -name "*.chk" \) \
- -exec cp -L {} usr/lib/mps \;
- mkdir -p usr/include/mps
- cp -Lr $(CORE_DEPTH)/../dist/public/* usr/include/mps
- tar czvf $(NAME)-$(VERSION).tar.gz usr
- sed -e "s/NAME_REPLACE/$(NAME)/" \
- -e "s/VERSION_REPLACE/$(VERSION)/" \
- -e "s/RELEASE_REPLACE/$(RELEASE)/" \
- <$(NAME).spec >temp.spec
- echo "" >>temp.spec
- echo "%files" >>temp.spec
- echo "%defattr(-,root,root)" >>temp.spec
- echo "%dir /usr" >>temp.spec
- echo "%dir /usr/lib" >>temp.spec
- echo "%dir /usr/lib/mps" >>temp.spec
- find usr \( -name "*.so" -o -name "*.chk" \) \
- | sed -e "s-^-/-" >>temp.spec
- echo "" >>temp.spec
- echo "%files devel" >>temp.spec
- echo "%defattr(-,root,root)" >>temp.spec
- find usr -type d | sed -e "s-^-%dir /-" >>temp.spec
- find usr -type f ! \( -name "*.so" -o -name "*.chk" \) \
- | sed -e "s-^-/-" >>temp.spec
- cp $(NAME)-$(VERSION).tar.gz $(TOPDIR)/SOURCES
- rpm -ba temp.spec
- if [ ! -d RPMS ] ; then mkdir -p RPMS ; fi
- if [ ! -d SRPMS ] ; then mkdir -p SRPMS ; fi
- cp -v $(TOPDIR)/RPMS/i386/$(NAME)-$(VERSION)-* RPMS
- cp -v $(TOPDIR)/RPMS/i386/$(NAME)-devel-$(VERSION)-* RPMS
- cp -v $(TOPDIR)/SRPMS/$(NAME)-$(VERSION)-* SRPMS
-
-clean::
- rm -rf $(TOPDIR)/BUILD/$(NAME)
- rm -rf RPMS SRPMS usr
- rm -f temp.spec
- rm -f $(NAME)-$(VERSION).tar.gz
-
-include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/security/nss/pkg/linux/sun-nss.spec b/security/nss/pkg/linux/sun-nss.spec
deleted file mode 100644
index 1c3563332..000000000
--- a/security/nss/pkg/linux/sun-nss.spec
+++ /dev/null
@@ -1,41 +0,0 @@
-Summary: Network Security Services
-Name: NAME_REPLACE
-Vendor: Sun Microsystems
-Version: VERSION_REPLACE
-Release: RELEASE_REPLACE
-Copyright: MPL/GPL
-Group: System Environment/Base
-Source: %{name}-%{version}.tar.gz
-ExclusiveOS: Linux
-BuildRoot: /var/tmp/%{name}-root
-Requires: sun-nspr >= 4.3
-
-%description
-Network Security Services (NSS) is a set of libraries designed
-to support cross-platform development of security-enabled server
-applications. Applications built with NSS can support SSL v2
-and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME,
-X.509 v3 certificates, and other security standards. See:
-http://www.mozilla.org/projects/security/pki/nss/overview.html
-
-%package devel
-Summary: Development Libraries for Network Security Services
-Group: Development/Libraries
-Requires: %{name} = %{version}-%{release}
-
-%description devel
-Header files for doing development with Network Security Services.
-
-%prep
-%setup -c
-
-%build
-
-%install
-rm -rf $RPM_BUILD_ROOT
-mkdir $RPM_BUILD_ROOT
-cd $RPM_BUILD_ROOT
-tar xvzf $RPM_SOURCE_DIR/%{name}-%{version}.tar.gz
-
-%clean
-rm -rf $RPM_BUILD_ROOT
diff --git a/security/nss/pkg/solaris/Makefile b/security/nss/pkg/solaris/Makefile
deleted file mode 100644
index 2d2ff6ff4..000000000
--- a/security/nss/pkg/solaris/Makefile
+++ /dev/null
@@ -1,56 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-
-CORE_DEPTH = ../../..
-
-%: %.ksh
- $(RM) $@
- cp $< $@
- chmod +x $@
-
-
-ifeq ($(USE_64), 1)
-DIRS = \
- SUNWtlsx
-else
-DIRS = \
- SUNWtls
-endif
-
-PROTO = \
- $(ROOT) \
- $(ROOT)/usr \
- $(ROOT)/usr/lib \
- $(ROOT)/usr/lib/mps
-
-ifdef USE_64
-PROTO += $(ROOT)/usr/lib/mps/sparcv9
-endif
-
-include Makefile.com
-
-awk_pkginfo: bld_awk_pkginfo
- ./bld_awk_pkginfo -m $(MACH) -p "$(PRODUCT_VERSION)" -o $@ -v $(PRODUCT_VERSION)
-
-all:: awk_pkginfo $(PROTO)
-publish: awk_pkginfo $(PROTO)
- +$(LOOP_OVER_DIRS)
-
-clean clobber::
- $(RM) awk_pkginfo bld_awk_pkginfo
- $(RM) -r $(ROOT)
-
-$(ROOT) $(ROOT)/%:
- mkdir -p $@
-
-ifdef USE_64
-$(ROOT)/usr/lib/mps/sparcv9: $(ROOT)/usr/lib
- $(LN) -sf ../../../../$(DIST)/lib $@
-else
-$(ROOT)/usr/lib/mps: $(ROOT)/usr/lib
- $(LN) -sf ../../../$(DIST)/lib $@
-endif
diff --git a/security/nss/pkg/solaris/Makefile.com b/security/nss/pkg/solaris/Makefile.com
deleted file mode 100644
index 7d445459e..000000000
--- a/security/nss/pkg/solaris/Makefile.com
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-
-MACH = $(shell mach)
-
-PUBLISH_ROOT = $(DIST)
-ifeq ($(CORE_DEPTH),../../..)
-ROOT = ROOT
-else
-ROOT = $(subst ../../../,,$(CORE_DEPTH))/ROOT
-endif
-
-PKGARCHIVE = $(PUBLISH_ROOT)/pkgarchive
-DATAFILES = copyright
-FILES = $(DATAFILES) pkginfo
-
-PACKAGE = $(shell basename `pwd`)
-
-PRODUCT_VERSION = $(shell grep NSS_VERSION $(CORE_DEPTH)/../dist/public/nss/nss.h \
- | sed -e 's/"$$//' -e 's/.*"//' -e 's/ .*//')
-
-LN = /usr/bin/ln
-
-CLOBBERFILES = $(FILES)
-
-include $(CORE_DEPTH)/coreconf/config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# vim: ft=make
diff --git a/security/nss/pkg/solaris/Makefile.targ b/security/nss/pkg/solaris/Makefile.targ
deleted file mode 100644
index 279a7bca6..000000000
--- a/security/nss/pkg/solaris/Makefile.targ
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-
-pkginfo: pkginfo.tmpl ../awk_pkginfo
- $(RM) $@; nawk -f ../awk_pkginfo $@.tmpl > $@
-
-pkg: $(PKGARCHIVE)
- pkgmk -f prototype_$(MACH) -d $(PKGARCHIVE) -r $(ROOT) -o $(PACKAGE)
-
-$(PKGARCHIVE):
- [ -d $(PKGARCHIVE) ] || mkdir -p $(PKGARCHIVE)
-
-$(DATAFILES):: %: ../common_files/%
- $(RM) $@; cp ../common_files/$@ $@
-
-$(MACHDATAFILES): %: ../common_files/%_$(MACH)
- $(RM) $@; cp ../common_files/$@_$(MACH) $@
-
-clobber clean::
- -$(RM) $(CLOBBERFILES) $(CLEANFILES)
-
-.PHONY: pkg
diff --git a/security/nss/pkg/solaris/SUNWtls/Makefile b/security/nss/pkg/solaris/SUNWtls/Makefile
deleted file mode 100644
index 5058a1f68..000000000
--- a/security/nss/pkg/solaris/SUNWtls/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-
-CORE_DEPTH = ../../../..
-include ../Makefile.com
-
-DATAFILES +=
-
-all:: $(FILES)
-publish:: all pkg
-
-include ../Makefile.targ
diff --git a/security/nss/pkg/solaris/SUNWtls/pkgdepend b/security/nss/pkg/solaris/SUNWtls/pkgdepend
deleted file mode 100644
index 966ba0556..000000000
--- a/security/nss/pkg/solaris/SUNWtls/pkgdepend
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 2002 Microsystems, Inc. All Rights Reserved.
-# Use is subject to license terms.
-#
-# $Id$
-#
-# This package information file defines software dependencies associated
-# with the pkg. You can define three types of pkg dependencies with this file:
-# P indicates a prerequisite for installation
-# I indicates an incompatible package
-# R indicates a reverse dependency
-# <pkg.abbr> see pkginfo(4), PKG parameter
-# <name> see pkginfo(4), NAME parameter
-# <version> see pkginfo(4), VERSION parameter
-# <arch> see pkginfo(4), ARCH parameter
-# <type> <pkg.abbr> <name>
-# (<arch>)<version>
-# (<arch>)<version>
-# ...
-# <type> <pkg.abbr> <name>
-# ...
-
-P SUNWcar Core Architecture, (Root)
-P SUNWkvm Core Architecture, (Kvm)
-P SUNWcsr Core Solaris, (Root)
-P SUNWcsu Core Solaris, (Usr)
-P SUNWcsd Core Solaris Devices
-P SUNWcsl Core Solaris Libraries
-P SUNWpr Netscape Portable Runtime
diff --git a/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl b/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl
deleted file mode 100644
index e0a697529..000000000
--- a/security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-#
-# This required package information file describes characteristics of the
-# package, such as package abbreviation, full package name, package version,
-# and package architecture.
-#
-PKG="SUNWtls"
-NAME="Network Security Services"
-ARCH="ISA"
-VERSION="NSSVERS,REV=0.0.0"
-SUNW_PRODNAME="Network Security Services"
-SUNW_PRODVERS="RELEASE/VERSION"
-SUNW_PKGTYPE="usr"
-MAXINST="1000"
-CATEGORY="system"
-DESC="Network Security Services"
-VENDOR="Sun Microsystems, Inc."
-HOTLINE="Please contact your local service provider"
-EMAIL=""
-CLASSES="none"
-BASEDIR=/
-SUNW_PKGVERS="1.0"
-#VSTOCK="<reserved by Release Engineering for package part #>"
-#ISTATES="<developer defined>"
-#RSTATES='<developer defined>'
-#ULIMIT="<developer defined>"
-#ORDER="<developer defined>"
-#PSTAMP="<developer defined>"
-#INTONLY="<developer defined>"
diff --git a/security/nss/pkg/solaris/SUNWtls/prototype_com b/security/nss/pkg/solaris/SUNWtls/prototype_com
deleted file mode 100644
index c5e00d3e2..000000000
--- a/security/nss/pkg/solaris/SUNWtls/prototype_com
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-# This required package information file contains a list of package contents.
-# The 'pkgmk' command uses this file to identify the contents of a package
-# and their location on the development machine when building the package.
-# Can be created via a text editor or through use of the 'pkgproto' command.
-
-#!search <pathname pathname ...> # where to find pkg objects
-#!include <filename> # include another 'prototype' file
-#!default <mode> <owner> <group> # default used if not specified on entry
-#!<param>=<value> # puts parameter in pkg environment
-
-# packaging files
-i copyright
-i pkginfo
-i depend=pkgdepend
-#
-# source locations relative to the prototype file
-#
-# SUNWtls
-#
-d none usr 755 root sys
-d none usr/lib 755 root bin
-d none usr/lib/mps 755 root bin
-f none usr/lib/mps/libnss3.so 755 root bin
-f none usr/lib/mps/libsmime3.so 755 root bin
-f none usr/lib/mps/libssl3.so 755 root bin
-f none usr/lib/mps/libnssckbi.so 755 root bin
-f none usr/lib/mps/libsoftokn3.chk 755 root bin
-f none usr/lib/mps/libsoftokn3.so 755 root bin
diff --git a/security/nss/pkg/solaris/SUNWtls/prototype_i386 b/security/nss/pkg/solaris/SUNWtls/prototype_i386
deleted file mode 100644
index d2718ee05..000000000
--- a/security/nss/pkg/solaris/SUNWtls/prototype_i386
+++ /dev/null
@@ -1,30 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-# This required package information file contains a list of package contents.
-# The 'pkgmk' command uses this file to identify the contents of a package
-# and their location on the development machine when building the package.
-# Can be created via a text editor or through use of the 'pkgproto' command.
-
-#!search <pathname pathname ...> # where to find pkg objects
-#!include <filename> # include another 'prototype' file
-#!default <mode> <owner> <group> # default used if not specified on entry
-#!<param>=<value> # puts parameter in pkg environment
-
-#
-# Include ISA independent files (prototype_com)
-#
-!include prototype_com
-#
-#
-#
-# List files which are i386 specific here
-#
-# source locations relative to the prototype file
-#
-#
-# SUNWtls
-#
diff --git a/security/nss/pkg/solaris/SUNWtls/prototype_sparc b/security/nss/pkg/solaris/SUNWtls/prototype_sparc
deleted file mode 100644
index d916457c6..000000000
--- a/security/nss/pkg/solaris/SUNWtls/prototype_sparc
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-# This required package information file contains a list of package contents.
-# The 'pkgmk' command uses this file to identify the contents of a package
-# and their location on the development machine when building the package.
-# Can be created via a text editor or through use of the 'pkgproto' command.
-
-#!search <pathname pathname ...> # where to find pkg objects
-#!include <filename> # include another 'prototype' file
-#!default <mode> <owner> <group> # default used if not specified on entry
-#!<param>=<value> # puts parameter in pkg environment
-
-#
-# Include ISA independent files (prototype_com)
-#
-!include prototype_com
-#
-#
-#
-# List files which are SPARC specific here
-#
-# source locations relative to the prototype file
-#
-#
-# SUNWtls
-#
-f none usr/lib/mps/libfreebl_hybrid_3.chk 755 root bin
-f none usr/lib/mps/libfreebl_hybrid_3.so 755 root bin
-f none usr/lib/mps/libfreebl_pure32_3.chk 755 root bin
-f none usr/lib/mps/libfreebl_pure32_3.so 755 root bin
diff --git a/security/nss/pkg/solaris/SUNWtlsx/Makefile b/security/nss/pkg/solaris/SUNWtlsx/Makefile
deleted file mode 100644
index 5058a1f68..000000000
--- a/security/nss/pkg/solaris/SUNWtlsx/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-
-CORE_DEPTH = ../../../..
-include ../Makefile.com
-
-DATAFILES +=
-
-all:: $(FILES)
-publish:: all pkg
-
-include ../Makefile.targ
diff --git a/security/nss/pkg/solaris/SUNWtlsx/pkgdepend b/security/nss/pkg/solaris/SUNWtlsx/pkgdepend
deleted file mode 100644
index b5c7d7fa8..000000000
--- a/security/nss/pkg/solaris/SUNWtlsx/pkgdepend
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright 2002 Microsystems, Inc. All Rights Reserved.
-# Use is subject to license terms.
-#
-# $Id$
-#
-# This package information file defines software dependencies associated
-# with the pkg. You can define three types of pkg dependencies with this file:
-# P indicates a prerequisite for installation
-# I indicates an incompatible package
-# R indicates a reverse dependency
-# <pkg.abbr> see pkginfo(4), PKG parameter
-# <name> see pkginfo(4), NAME parameter
-# <version> see pkginfo(4), VERSION parameter
-# <arch> see pkginfo(4), ARCH parameter
-# <type> <pkg.abbr> <name>
-# (<arch>)<version>
-# (<arch>)<version>
-# ...
-# <type> <pkg.abbr> <name>
-# ...
-
-P SUNWcar Core Architecture, (Root)
-P SUNWkvm Core Architecture, (Kvm)
-P SUNWcsr Core Solaris, (Root)
-P SUNWcsu Core Solaris, (Usr)
-P SUNWcsd Core Solaris Devices
-P SUNWcsl Core Solaris Libraries
-P SUNWcarx Core Architecture, (Root) (64-bit)
-P SUNWcsxu Core Solaris (Usr) (64-bit)
-P SUNWcslx Core Solaris Libraries (64-bit)
-P SUNWprx Netscape Portable Runtime
diff --git a/security/nss/pkg/solaris/SUNWtlsx/pkginfo.tmpl b/security/nss/pkg/solaris/SUNWtlsx/pkginfo.tmpl
deleted file mode 100644
index 6129c2452..000000000
--- a/security/nss/pkg/solaris/SUNWtlsx/pkginfo.tmpl
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-#
-# This required package information file describes characteristics of the
-# package, such as package abbreviation, full package name, package version,
-# and package architecture.
-#
-PKG="SUNWtlsx"
-NAME="Network Security Services (64-bit)"
-ARCH="ISA"
-SUNW_ISA="sparcv9"
-VERSION="NSSVERS,REV=0.0.0"
-SUNW_PRODNAME="Network Security Services"
-SUNW_PRODVERS="RELEASE/VERSION"
-SUNW_PKGTYPE="usr"
-MAXINST="1000"
-CATEGORY="system"
-DESC="Network Security Services (64-bit)"
-VENDOR="Sun Microsystems, Inc."
-HOTLINE="Please contact your local service provider"
-EMAIL=""
-CLASSES="none"
-BASEDIR=/
-SUNW_PKGVERS="1.0"
-#VSTOCK="<reserved by Release Engineering for package part #>"
-#ISTATES="<developer defined>"
-#RSTATES='<developer defined>'
-#ULIMIT="<developer defined>"
-#ORDER="<developer defined>"
-#PSTAMP="<developer defined>"
-#INTONLY="<developer defined>"
diff --git a/security/nss/pkg/solaris/SUNWtlsx/prototype_com b/security/nss/pkg/solaris/SUNWtlsx/prototype_com
deleted file mode 100644
index 0dffc99e1..000000000
--- a/security/nss/pkg/solaris/SUNWtlsx/prototype_com
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-# This required package information file contains a list of package contents.
-# The 'pkgmk' command uses this file to identify the contents of a package
-# and their location on the development machine when building the package.
-# Can be created via a text editor or through use of the 'pkgproto' command.
-
-#!search <pathname pathname ...> # where to find pkg objects
-#!include <filename> # include another 'prototype' file
-#!default <mode> <owner> <group> # default used if not specified on entry
-#!<param>=<value> # puts parameter in pkg environment
-
-# packaging files
-i copyright
-i pkginfo
-i depend=pkgdepend
-#
-# source locations relative to the prototype file
-#
-# SUNWtlsx
-#
-d none usr 755 root sys
-d none usr/lib 755 root bin
-d none usr/lib/mps 755 root bin
diff --git a/security/nss/pkg/solaris/SUNWtlsx/prototype_sparc b/security/nss/pkg/solaris/SUNWtlsx/prototype_sparc
deleted file mode 100644
index 1f15d804b..000000000
--- a/security/nss/pkg/solaris/SUNWtlsx/prototype_sparc
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-#ident "$Id$"
-#
-# This required package information file contains a list of package contents.
-# The 'pkgmk' command uses this file to identify the contents of a package
-# and their location on the development machine when building the package.
-# Can be created via a text editor or through use of the 'pkgproto' command.
-
-#!search <pathname pathname ...> # where to find pkg objects
-#!include <filename> # include another 'prototype' file
-#!default <mode> <owner> <group> # default used if not specified on entry
-#!<param>=<value> # puts parameter in pkg environment
-
-#
-# Include ISA independent files (prototype_com)
-#
-!include prototype_com
-#
-#
-#
-# List files which are SPARC specific here
-#
-# source locations relative to the prototype file
-#
-#
-# SUNWtlsx
-#
-s none usr/lib/mps/64=sparcv9
-d none usr/lib/mps/sparcv9 755 root bin
-f none usr/lib/mps/sparcv9/libnss3.so 755 root bin
-f none usr/lib/mps/sparcv9/libsmime3.so 755 root bin
-f none usr/lib/mps/sparcv9/libssl3.so 755 root bin
-f none usr/lib/mps/sparcv9/libnssckbi.so 755 root bin
-f none usr/lib/mps/sparcv9/libsoftokn3.chk 755 root bin
-f none usr/lib/mps/sparcv9/libsoftokn3.so 755 root bin
diff --git a/security/nss/pkg/solaris/bld_awk_pkginfo.ksh b/security/nss/pkg/solaris/bld_awk_pkginfo.ksh
deleted file mode 100644
index 6f2723b4c..000000000
--- a/security/nss/pkg/solaris/bld_awk_pkginfo.ksh
+++ /dev/null
@@ -1,105 +0,0 @@
-#!/usr/bin/ksh -p
-#
-#ident "$Id$"
-#
-# Copyright 2002 Sun Microsystems, Inc. All rights reserved.
-# Use is subject to license terms.
-#
-# Simple script which builds the awk_pkginfo awk script. This awk script
-# is used to convert the pkginfo.tmpl files into pkginfo files
-# for the build.
-#
-
-usage()
-{
- cat <<-EOF
-usage: bld_awk_pkginfo -p <prodver> -m <mach> -o <awk_script> [-v <version>]
-EOF
-}
-
-#
-# Awk strings
-#
-# two VERSION patterns: one for Dewey decimal, one for Dewey plus ,REV=n
-# the first has one '=' the second has two or more '='
-#
-VERSION1="VERSION=[^=]*$"
-VERSION2="VERSION=[^=]*=.*$"
-PRODVERS="^SUNW_PRODVERS="
-ARCH='ARCH=\"ISA\"'
-
-#
-# parse command line
-#
-mach=""
-prodver=""
-awk_script=""
-version="NSSVERS"
-
-while getopts o:p:m:v: c
-do
- case $c in
- o)
- awk_script=$OPTARG
- ;;
- m)
- mach=$OPTARG
- ;;
- p)
- prodver=$OPTARG
- ;;
- v)
- version=$OPTARG
- ;;
- \?)
- usage
- exit 1
- ;;
- esac
-done
-
-if [[ ( -z $prodver ) || ( -z $mach ) || ( -z $awk_script ) ]]
-then
- usage
- exit 1
-fi
-
-if [[ -f $awk_script ]]
-then
- rm -f $awk_script
-fi
-
-#
-# Build REV= field based on date
-#
-rev=$(date "+%Y.%m.%d.%H.%M")
-
-#
-# Build awk script which will process all the
-# pkginfo.tmpl files.
-#
-# the first VERSION pattern is replaced with a leading quotation mark
-#
-rm -f $awk_script
-cat << EOF > $awk_script
-/$VERSION1/ {
- sub(/\=[^=]*$/,"=\"$rev\"")
- print
- next
- }
-/$VERSION2/ {
- sub(/\=[^=]*$/,"=$rev\"")
- sub(/NSSVERS/,"$version")
- print
- next
- }
-/$PRODVERS/ {
- printf "SUNW_PRODVERS=\"%s\"\n", "$prodver"
- next
- }
-/$ARCH/ {
- printf "ARCH=\"%s\"\n", "$mach"
- next
- }
-{ print }
-EOF
diff --git a/security/nss/pkg/solaris/common_files/copyright b/security/nss/pkg/solaris/common_files/copyright
deleted file mode 100644
index 4ef1ca7c2..000000000
--- a/security/nss/pkg/solaris/common_files/copyright
+++ /dev/null
@@ -1,28 +0,0 @@
-The contents of this package are subject to the Mozilla Public License
-Version 1.1 (the "License"); you may not use this package except in
-compliance with the License. You may obtain a copy of the License at
-http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS IS"
-basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
-License for the specific language governing rights and limitations
-under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape Communications
-Corporation. Portions created by Netscape are Copyright (C) 1994-2000
-Netscape Communications Corporation. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this package may be used under the terms
-of the GNU General Public License Version 2 or later (the "GPL"), in
-which case the provisions of the GPL are applicable instead of those
-above. If you wish to allow use of your version of this package only
-under the terms of the GPL and not to allow others to use your version
-of this package under the MPL, indicate your decision by deleting the
-provisions above and replace them with the notice and other provisions
-required by the GPL. If you do not delete the provisions above, a
-recipient may use your version of this package under either the MPL or
-the GPL.
diff --git a/security/nss/relnotes.txt b/security/nss/relnotes.txt
deleted file mode 100644
index c0998655b..000000000
--- a/security/nss/relnotes.txt
+++ /dev/null
@@ -1,284 +0,0 @@
-HCL Users,
-
-HCL 1.5.7 has been released. It fixes a very small list of bugs that
-were found since HCL 1.5.6 was released, and contains no new features or
-public API changes. The list of bugs fixed in HCL 1.5.7 is below.
-The release notes for HCL 1.5.6 are appended to these notes.
-
-ALL SERVERS should abandon HCL 1.5.6 and switch to HCL 1.5.7 ASAP.
-The reasons for this strong recommendation should be self apparent after
-reading the list of bugs fixed.
-
-We recommend that all sources that include HCL headers be recompiled
-with the new HCL 1.5.7 headers. This is only a precaution.
-
-
-Security Library 1.57
-Build Date: 19980902
-
-****************************************************************
-**
-** NOTE: THIS RELEASE IS NOT BINARY COMPATIBLE WITH 1.55
-** AND ANY APPLICATION CODE WILL HAVE TO BE RECOMPILED
-**
-****************************************************************
-
-
-****************************************************************
-**
-** Directory organization of this release
-**
-****************************************************************
-
-This release consists of the following:
-- a JAR file, xpheader.jar, that contains all of the public header files.
-
-- <platform> directories: where <platform> is of the form
- <os-name><os-version>[_<compiler>][_<implementation strategy>]_<DBG/OPT>.OBJ
- For example,
- IRIX6.2_DBG.OBJ (debug build)
- SunOS5.5.1_OPT.OBJ (optimized build)
- SunOS5.5.1_gcc_DBG.OBJ (built using the non-native compiler gcc)
- OSF1V4.0_PTH_DBG.OBJ (PTH means the implementation uses pthreads.)
- AIX4.1_PTH_USER_DBG.OBJ (PTH_USER means the implementation is
- a combination of user-level threads and pthreads.)
-
- Under each <platform> directory, is the file, mdbinary.jar. This is a
- JAR file containing the compiled libraries.
-
-
-************************************************************
-**
-** Platforms supported
-**
-************************************************************
-
-The following platforms are supported:
-- Solaris on sparc: 2.5.1, 2.6 (built with cc)
-- IRIX: 6.2, 6.3 (built with cc)
-- HP-UX: B.10.10, B10.20, B11.00 (built with cc)
-- OSF1: V4.0D (built with cc)
-- AIX: 4.2 (built with compiler xlC_r).
-- Linux: 2.1.108
-- WINNT: 4.0 (Visual C++ 4.2 built with and without debug runtime)
-
-
-************************************************************
-**
-** How to build the libraries yourself
-**
-************************************************************
-This release of HCL depends on NSPR version 19980529A and
-DBM version DBM_1_53.
-
-To build the libraries yourself, execute the following instructions.
-
-On UNIX machines:
- cvs co -r HCL_157 ns/security
- cvs co -r HCL_157 ns/coreconf
- cd ns/coreconf
- source ./.cshrc
- gmake [BUILD_OPT=1]
- cd ..
- cd security
- gmake [BUILD_OPT=1] import
- gmake [BUILD_OPT=1]
-
-On Windows NT machines:
- cvs co -r HCL_157 ns/security
- cvs co -r HCL_157 ns/coreconf
- cd ns/security
- gmake [BUILD_OPT=1] import
- gmake [BUILD_OPT=1]
-
-For IRIX builds using -n32 flag with pthreads:
- cvs co -r HCL_157 ns/security
- cvs co -r HCL_157 ns/coreconf
- cd ns/coreconf
- source ./.cshrc
- gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1]
- cd ..
- cd security
- gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1] import
- gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1]
-
-
-************************************************************
-**
-** Web site, mailing lists, questions, bug reports
-**
-************************************************************
-
-You can find information about the Security Libraries at the Hardcore Web
-site: http://warp/projects/hardcore/
-
-If you have any questions regarding SSL or the HCL libraries, please refer to the
-following documents:
- http://twain.mcom.com/developer/security/nss/ssl/index.htm
- http://twain.mcom.com/developer/security/nss/index.htm
-
-There is a mailing list for HCL issues:
- - hcl: the developers of HCL.
-
-Please use BugSplat on scopus (http://scopus/bugsplat) to report
-bugs. Choose product "Security Library", version "1.5".
-
-
-Here's how/where to get HCL 1.5.7:
-
-bits are available at
-/m/dist/security/19980902 a.k.a. /m/dist/security/HCL_1_57
-
-\\helium\dist\security\19980902 or \\helium\dist\security\HCL_1_57
-
-
-Here is the list of bugs fixed in HCL 1.5.7:
-a) Thread safety-related crash in cert lib.
-
-b) Thread safety-related problems in NSPR's PL_Arena code.
- Worked around by surrounding all HCL's PL_Arena calls with a lock/unlock.
- Applications that make their own calls to NSPR's PL_Arena functions or
- that use other non-HCL libraries that use PL_Arenas may continue to have
- thread-safety issues with PL_Arenas.
-
-c) Fixed a regression in PKCS#11 in HCL 1.5.6 that caused a crash the
- first time a server received a bleichenbacker attack ("million question")
- message.
-
-See the HCL 1.5.6 release notes below for the list of known bugs in 1.5.7.
-
-
-Here is a list of the bugs fixed in HCL 1.5.6:
-
-312467 SSL3 uses global pointers for step-down keys, leaks keys
-314392 CERT_DestroyCertificate locking code causes nested locking
-314571 Memory leak in SSL
-314574 HCL Leaks in PKCS #11.
-314576 Memory leak in pseudo-prime test in libcrypto
-314585 SSL's PR_AcceptRead returns non-aligned PRNetAddr
-314592 pkcs5 leaks two memory blocks for each RSA private key op
-314596 random number generator causes Unitialized Memory Reads
-
-------------------------------------------------------------------------
- HCL 1.5.6 Readme (release notes)
-------------------------------------------------------------------------
-
-This file summarizes enhancements, fixed and known bugs in HCL 1.5.6.
-
-For detailed instructions on setting up your environment to run the
-sample code in the samples directory, see Chapter 2, "Getting Started
-with SSL" (doc/ssl/gtstd.htm) of the SSL Reference (doc/ssl/index.htm).
-
-
-ENHANCEMENTS SINCE NSS 1.5.4
-
-1. SSL returns much more detailed error messages; for details, see
-doc/ssl/sslerr.htm
-
-SSL BUGS FIXED SINCE HCL 1.5.4
-
-1. The "million question" bug in SSL has been fixed.
-
-2. A potential problem (on Unix only) with SSL_InitSessionIDCache has
-been fixed. The application chooses the directory into which the SSL
-library places the server session cache. If the application doesn't
-specify a directory explicitly, the code defaults to using the system
-default "temporary" directory, which is generally world-writable. The
-problem that was fixed occured only when the application chose to put
-the session cache files into a directory writable by untrusted users.
-If the application put the cache files in a directory that has
-appropriate limits on access, there was no problem. But if the
-application put the cache files into a directory that was world
-writable, it was possible for a rogue program to try to substitute a
-file it already had open for the server's cache file, and it would
-succeed some of the time. When it succeeded, it had access to the
-content of the session ID cache, which enabled it to do various bad
-things, such as masquerade as one of the remote clients whose session
-was in the cache.
-
-The above problem with the Unix version of SSL_InitSessionIDCachehas
-been fixed, and rogue programs cannot succeed in substituting their own
-files for the server's files any more.
-
-3. Client no longer rejects SSL ServerKeyExchange when server's
-certificate key size is 512 bits.
-
-4. Server no longer crashes in SSL after required client authentication
-fails.
-
-5. A problem that was causing crashes when multiple threads
-simultaneously requested client authentication on their respective
-server sockets has been fixed.
-
-6. The following functions now work with SSL sockets:
-
- PR_Write
- PR_TransmitFile
- PR_AcceptRead
-
-7. SSL now accepts client hellos that are too long.
-
-8. A problem that produced bad results when multiple threads
-simultaneously used the random number generator has been fixed.
-
-
-
-KNOWN BUGS IN HCL 1.5.6:
-
-1. A crash may occur when multiple processes attempt to share a server
-session ID cache. Because of this bug, an application that handshakes
-as a server is limited to conducting all SSL calls in a single process.
-
-2. Removing a token does not invalidate the client-side session cache.
-
-3. While a handshake is in progress on an SSL socket, it is not safe
-for two threads to attempt simultaneous read and write calls (PR_Recv
-and PR_Send) on that socket. Workaround: ensure that only one thread
-uses an SSL socket at a time.
-
-We expect the above 3 bugs will be fixed in a forthcoming release.
-
-SSL v2 issues in HCL 1.5.x:
-
-1. SSL_RedoHandshake only works on SSL3 connections, not SSL2. The
-SSL2 protocol does not permit additional handshakes on the connection
-after the first one is done. Ergo, if a client certificate is to be
-requested in an SSL2 connection, it must be requested on the initial
-handshake.
-
-2. HCL's SSL2 ignores the setting of the SSL_REQUIRE_CERTIFICATE
-enable. When SSL_REQUEST_CERTIFICATE is enabled, SSL2 behaves as if
-SSL_REQUIRE_CERTIFICATE is also enabled, regardless of the actual
-setting of the SSL_REQUIRE_CERTIFICATE enable.
-
-3. HCL's SSL2 server code doesn't call the bad cert handler callback
-when the authCert callback returns an error. The ssl2 client code DOES
-use the badcerthandler callback, but the ssl2 server code does not.
-This means that if the server's authCert callback returns SECFailure,
-rejecting the client cert received on an SSL2 connection, the
-badCerthandler cannot override it.
-
-4. HCL's SSL2 server code never caches the client cert. Consequently,
-if an SSL2 server is configured to request the client cert, it must ask
-the client for the client cert on every connection, not just on the
-first connection in the "session". The SSL2 client must provide the
-cert in every SSL2 connection that requests it. If the user has set the
-"ask me every time" option for his certs, he will get prompted a LOT.
-
-Item 1 above is not a bug. That's the way ssl2 is defined. Items 2-4
-are limitations of our implementation. TomW says client auth in ssl2
-was never officially supported (although it is mostly implemented).
-
-Recommended workaround for SSL2 issues:
-
-a) Don't expect client auth to work for SSL2 users.
-b) Don't request client auth in the initial handshake. Request it in a
-subsequent handshake (e.g. set SSL_REQUEST_CERTIFICATE and call
-SSL_RedoHandshake() on SSL3 connections. This will completely avoid
-client auth problems with SSL2.
-
-For some time now, we've been suggesting that servers request client
-auth on a second handshake, not the first handshake in the connection.
-If they do that, then they will never get client certs from ssl2
-clients. That is a good thing.
-
diff --git a/security/nss/tests/all.sh b/security/nss/tests/all.sh
deleted file mode 100755
index 1e75ee743..000000000
--- a/security/nss/tests/all.sh
+++ /dev/null
@@ -1,101 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/all.sh
-#
-# Script to start all available NSS QA suites on one machine
-# this script is called or sourced by nssqa which runs on all required
-# platforms
-#
-# needs to work on all Unix and Windows platforms
-#
-# currently available NSS QA suites:
-# --------------------------------------------------
-# cert.sh - exercises certutil and creates certs necessary for all
-# other tests
-# ssl.sh - tests SSL V2 SSL V3 and TLS
-# smime.sh - S/MIME testing
-# sdr.sh - test NSS SDR
-# cipher.sh - test NSS ciphers
-# perf.sh - Nightly performance measurments
-# tools.sh - Tests the majority of the NSS tools
-# fips.sh - Tests basic functionallity of NSS in FIPS-compliant mode
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# NOTE:
-# -----
-# Unlike the old QA this is based on files sourcing each other
-# This is done to save time, since a great portion of time is lost
-# in calling and sourcing the same things multiple times over the
-# network. Also, this way all scripts have all shell function available
-# and a completely common environment
-#
-# file tells the test suite that the output is going to a log, so any
-# forked() children need to redirect their output to prevent them from
-# being over written.
-#
-########################################################################
-
-TESTS="cert ssl sdr cipher smime perf tools fips dbtests"
-SCRIPTNAME=all.sh
-CLEANUP="${SCRIPTNAME}"
-cd `dirname $0` # will cause problems if sourced
-
-#all.sh should be the first one to try to source the init
-if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd common
- . ./init.sh
-fi
-
-for i in ${TESTS}
-do
- SCRIPTNAME=${i}.sh
- echo "Running Tests for $i"
- if [ "$O_CRON" = "ON" ]
- then
- (cd ${QADIR}/$i ; . ./$SCRIPTNAME all file >> ${LOGFILE} 2>&1)
- else
- (cd ${QADIR}/$i ; . ./$SCRIPTNAME all file 2>&1 | tee -a ${LOGFILE})
- fi
-done
-
-SCRIPTNAME=all.sh
-
-. ${QADIR}/common/cleanup.sh
diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh
deleted file mode 100755
index 11d59456a..000000000
--- a/security/nss/tests/cert/cert.sh
+++ /dev/null
@@ -1,654 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-########################################################################
-#
-# mozilla/security/nss/tests/cert/rcert.sh
-#
-# Certificate generating and handeling for NSS QA, can be included
-# multiple times from all.sh and the individual scripts
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-# all.sh
-# ssl.sh
-# smime.sh
-# tools.sh
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# FIXME - Netscape - NSS
-########################################################################
-
-############################## cert_init ###############################
-# local shell function to initialize this script
-########################################################################
-cert_init()
-{
- SCRIPTNAME="cert.sh"
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . ./init.sh
- fi
- SCRIPTNAME="cert.sh"
- html_head "Certutil Tests"
-
- ################## Generate noise for our CA cert. ######################
- # NOTE: these keys are only suitable for testing, as this whole thing
- # bypasses the entropy gathering. Don't use this method to generate
- # keys and certs for product use or deployment.
- #
- ps -efl > ${NOISE_FILE} 2>&1
- ps aux >> ${NOISE_FILE} 2>&1
- noise
-
-}
-
-cert_log() ###################### write the cert_status file
-{
- echo "$SCRIPTNAME $*"
- echo $* >>${CERT_LOG_FILE}
-}
-
-################################ noise ##################################
-# Generate noise for our certs
-#
-# NOTE: these keys are only suitable for testing, as this whole thing bypasses
-# the entropy gathering. Don't use this method to generate keys and certs for
-# product use or deployment.
-#########################################################################
-noise()
-{
- #netstat >> ${NOISE_FILE} 2>&1
- date >> ${NOISE_FILE} 2>&1
-}
-
-################################ certu #################################
-# local shell function to call certutil, also: writes action and options to
-# stdout, sets variable RET and writes results to the html file results
-########################################################################
-certu()
-{
- echo "$SCRIPTNAME: ${CU_ACTION} --------------------------"
-
- if [ -n "${CU_SUBJECT}" ]; then
- #the subject of the cert contains blanks, and the shell
- #will strip the quotes off the string, if called otherwise...
- echo "certutil -s \"${CU_SUBJECT}\" $*"
- certutil -s "${CU_SUBJECT}" $*
- RET=$?
- CU_SUBJECT=""
- else
- echo "certutil $*"
- certutil $*
- RET=$?
- fi
- if [ "$RET" -ne 0 ]; then
- CERTFAILED=$RET
- html_failed "<TR><TD>${CU_ACTION} ($RET) "
- cert_log "ERROR: ${CU_ACTION} failed $RET"
- else
- html_passed "<TR><TD>${CU_ACTION}"
- fi
-
- # echo "Contine?"
- # cat > /dev/null
- return $RET
-}
-
-############################# cert_init_cert ##########################
-# local shell function to initialize creation of client and server certs
-########################################################################
-cert_init_cert()
-{
- CERTDIR="$1"
- CERTNAME="$2"
- CERTSERIAL="$3"
- DOMAIN="$4"
-
- if [ ! -d "${CERTDIR}" ]; then
- mkdir -p "${CERTDIR}"
- else
- echo "$SCRIPTNAME: WARNING - ${CERTDIR} exists"
- fi
- cd "${CERTDIR}"
- CERTDIR="."
-
- PROFILEDIR=${CERTDIR}
- if [ -n "${MULTIACCESS_DBM}" ]; then
- PROFILEDIR="multiaccess:${DOMAIN}"
- fi
-
- noise
-}
-
-############################# hw_acc #################################
-# local shell function to add hw accelerator modules to the db
-########################################################################
-hw_acc()
-{
- HW_ACC_RET=0
- HW_ACC_ERR=""
- if [ -n "$O_HWACC" -a "$O_HWACC" = ON -a -z "$USE_64" ] ; then
- echo "creating $CERTNAME s cert with hwaccelerator..."
- #case $ACCELERATOR in
- #rainbow)
-
-
- echo "modutil -add rainbow -libfile /usr/lib/libcryptoki22.so "
- echo " -dbdir ${PROFILEDIR} 2>&1 "
- echo | modutil -add rainbow -libfile /usr/lib/libcryptoki22.so \
- -dbdir ${PROFILEDIR} 2>&1
- if [ "$?" -ne 0 ]; then
- echo "modutil -add rainbow failed in `pwd`"
- HW_ACC_RET=1
- HW_ACC_ERR="modutil -add rainbow"
- fi
-
- echo "modutil -add ncipher "
- echo " -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so "
- echo " -dbdir ${PROFILEDIR} 2>&1 "
- echo | modutil -add ncipher \
- -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so \
- -dbdir ${PROFILEDIR} 2>&1
- if [ "$?" -ne 0 ]; then
- echo "modutil -add ncipher failed in `pwd`"
- HW_ACC_RET=`expr $HW_ACC_RET + 2`
- HW_ACC_ERR="$HW_ACC_ERR,modutil -add ncipher"
- fi
- if [ "$HW_ACC_RET" -ne 0 ]; then
- html_failed "<TR><TD>Adding HW accelerators to certDB for ${CERTNAME} ($HW_ACC_RET) "
- else
- html_passed "<TR><TD>Adding HW accelerators to certDB for ${CERTNAME}"
- fi
-
- fi
- return $HW_ACC_RET
-}
-
-############################# cert_create_cert #########################
-# local shell function to create client certs
-# initialize DB, import
-# root cert
-# add cert to DB
-########################################################################
-cert_create_cert()
-{
- cert_init_cert "$1" "$2" "$3" "$4"
-
- CU_ACTION="Initializing ${CERTNAME}'s Cert DB"
- certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
- hw_acc
- CU_ACTION="Import Root CA for $CERTNAME"
- certu -A -n "TestCA" -t "TC,TC,TC" -f "${R_PWFILE}" -d "${PROFILEDIR}" \
- -i "${R_CADIR}/root.cert" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
- cert_add_cert "$5"
- return $?
-}
-
-############################# cert_add_cert ############################
-# local shell function to add client certs to an existing CERT DB
-# generate request
-# sign request
-# import Cert
-#
-########################################################################
-cert_add_cert()
-{
-
- CU_ACTION="Generate Cert Request for $CERTNAME"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
- certu -C -c "TestCA" -m "$CERTSERIAL" -v 60 -d "${P_R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
-
- CU_ACTION="Import $CERTNAME's Cert"
- certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
- -i "${CERTNAME}.cert" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
-
- cert_log "SUCCESS: $CERTNAME's Cert Created"
- return 0
-}
-
-################################# cert_all_CA ################################
-# local shell function to build the additional Temp. Certificate Authority (CA)
-# used for the "real life" ssl test with 2 different CA's in the
-# client and in teh server's dir
-##########################################################################
-cert_all_CA()
-{
- echo nss > ${PWFILE}
-
- ALL_CU_SUBJECT="CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- cert_CA $CADIR TestCA -x "CTu,CTu,CTu" ${D_CA} "1"
-
- ALL_CU_SUBJECT="CN=NSS Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
- cert_CA $SERVER_CADIR serverCA -x "Cu,Cu,Cu" ${D_SERVER_CA} "2"
- ALL_CU_SUBJECT="CN=NSS Chain1 Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
- cert_CA $SERVER_CADIR chain-1-serverCA "-c serverCA" "u,u,u" ${D_SERVER_CA} "3"
- ALL_CU_SUBJECT="CN=NSS Chain2 Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
- cert_CA $SERVER_CADIR chain-2-serverCA "-c chain-1-serverCA" "u,u,u" ${D_SERVER_CA} "4"
-
-
-
- ALL_CU_SUBJECT="CN=NSS Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
- cert_CA $CLIENT_CADIR clientCA -x "Tu,Cu,Cu" ${D_CLIENT_CA} "5"
- ALL_CU_SUBJECT="CN=NSS Chain1 Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
- cert_CA $CLIENT_CADIR chain-1-clientCA "-c clientCA" "u,u,u" ${D_CLIENT_CA} "6"
- ALL_CU_SUBJECT="CN=NSS Chain2 Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
- cert_CA $CLIENT_CADIR chain-2-clientCA "-c chain-1-clientCA" "u,u,u" ${D_CLIENT_CA} "7"
-
- rm $CLIENT_CADIR/root.cert $SERVER_CADIR/root.cert
- # root.cert in $CLIENT_CADIR and in $SERVER_CADIR is the one of the last
- # in the chain
-}
-
-################################# cert_CA ################################
-# local shell function to build the Temp. Certificate Authority (CA)
-# used for testing purposes, creating a CA Certificate and a root cert
-##########################################################################
-cert_CA()
-{
- CUR_CADIR=$1
- NICKNAME=$2
- SIGNER=$3
- TRUSTARG=$4
- DOMAIN=$5
- CERTSERIAL=$6
-
- echo "$SCRIPTNAME: Creating a CA Certificate $NICKNAME =========================="
-
- if [ ! -d "${CUR_CADIR}" ]; then
- mkdir -p "${CUR_CADIR}"
- fi
- cd ${CUR_CADIR}
- pwd
-
- LPROFILE=.
- if [ -n "${MULTIACCESS_DBM}" ]; then
- LPROFILE="multiaccess:${DOMAIN}"
- fi
-
- if [ "$SIGNER" = "-x" ] ; then # self signed -> create DB
- CU_ACTION="Creating CA Cert DB"
- certu -N -d ${LPROFILE} -f ${R_PWFILE} 2>&1
- if [ "$RET" -ne 0 ]; then
- Exit 5 "Fatal - failed to create CA $NICKNAME "
- fi
- echo "$SCRIPTNAME: Certificate initialized ----------"
- fi
-
-
- ################# Creating CA Cert ######################################
- #
- CU_ACTION="Creating CA Cert $NICKNAME "
- CU_SUBJECT=$ALL_CU_SUBJECT
- certu -S -n $NICKNAME -t $TRUSTARG -v 60 $SIGNER -d ${LPROFILE} -1 -2 -5 \
- -f ${R_PWFILE} -z ${R_NOISE_FILE} -m $CERTSERIAL 2>&1 <<CERTSCRIPT
-5
-9
-n
-y
--1
-n
-5
-6
-7
-9
-n
-CERTSCRIPT
-
- if [ "$RET" -ne 0 ]; then
- echo "return value is $RET"
- Exit 6 "Fatal - failed to create CA cert"
- fi
-
- ################# Exporting Root Cert ###################################
- #
- CU_ACTION="Exporting Root Cert"
- certu -L -n $NICKNAME -r -d ${LPROFILE} -o root.cert
- if [ "$RET" -ne 0 ]; then
- Exit 7 "Fatal - failed to export root cert"
- fi
- cp root.cert ${NICKNAME}.ca.cert
-}
-
-############################## cert_smime_client #############################
-# local shell function to create client Certificates for S/MIME tests
-##############################################################################
-cert_smime_client()
-{
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Client CA Issued Certificates =============="
-
- cert_create_cert ${ALICEDIR} "Alice" 30 ${D_ALICE}
- cert_create_cert ${BOBDIR} "Bob" 40 ${D_BOB}
-
- echo "$SCRIPTNAME: Creating Dave's Certificate -------------------------"
- cert_create_cert "${DAVEDIR}" Dave 50 ${D_DAVE}
-
- echo "$SCRIPTNAME: Creating multiEmail's Certificate --------------------"
- cert_create_cert "${EVEDIR}" "Eve" 60 ${D_EVE} "-7 eve@bogus.net,eve@bogus.cc,beve@bogus.com"
-
- #echo "************* Copying CA files to ${SERVERDIR}"
- #cp ${CADIR}/*.db .
- #hw_acc
-
- #########################################################################
- #
- #cd ${CERTDIR}
- #CU_ACTION="Creating ${CERTNAME}'s Server Cert"
- #CU_SUBJECT="CN=${CERTNAME}, E=${CERTNAME}@bogus.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US"
- #certu -S -n "${CERTNAME}" -c "TestCA" -t "u,u,u" -m "$CERTSERIAL" \
- # -d ${PROFILEDIR} -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1
-
- #CU_ACTION="Export Dave's Cert"
- #cd ${DAVEDIR}
- #certu -L -n "Dave" -r -d ${P_R_DAVE} -o Dave.cert
-
- ################# Importing Certificates for S/MIME tests ###############
- #
- echo "$SCRIPTNAME: Importing Certificates =============================="
- CU_ACTION="Import Alices's cert into Bob's db"
- certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \
- -i ${R_ALICEDIR}/Alice.cert 2>&1
-
- CU_ACTION="Import Bob's cert into Alice's db"
- certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \
- -i ${R_BOBDIR}/Bob.cert 2>&1
-
- CU_ACTION="Import Dave's cert into Alice's DB"
- certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \
- -i ${R_DAVEDIR}/Dave.cert 2>&1
-
- CU_ACTION="Import Dave's cert into Bob's DB"
- certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \
- -i ${R_DAVEDIR}/Dave.cert 2>&1
-
- CU_ACTION="Import Eve's cert into Alice's DB"
- certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \
- -i ${R_EVEDIR}/Eve.cert 2>&1
-
- CU_ACTION="Import Eve's cert into Bob's DB"
- certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \
- -i ${R_EVEDIR}/Eve.cert 2>&1
-
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: SMIME failed $RET"
- else
- cert_log "SUCCESS: SMIME passed"
- fi
-}
-
-############################## cert_ssl ################################
-# local shell function to create client + server certs for extended SSL test
-########################################################################
-cert_extended_ssl()
-{
- ################# Creating Certs for extended SSL test ####################
- #
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Certificates, issued by the last ==============="
- echo " of a chain of CA's which are not in the same database============"
-
- echo "Server Cert"
- cert_init_cert ${EXT_SERVERDIR} "${HOSTADDR}" 1 ${D_EXT_SERVER}
-
- CU_ACTION="Initializing ${CERTNAME}'s Cert DB (ext.)"
- certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-
- CU_ACTION="Generate Cert Request for $CERTNAME (ext)"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request (ext)"
- cp ${CERTDIR}/req ${SERVER_CADIR}
- certu -C -c "chain-2-serverCA" -m 200 -v 60 -d "${P_SERVER_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert -t u,u,u (ext)"
- certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
- -i "${CERTNAME}.cert" 2>&1
-
- CU_ACTION="Import Client Root CA -t T,, for $CERTNAME (ext.)"
- certu -A -n "clientCA" -t "T,," -f "${R_PWFILE}" -d "${PROFILEDIR}" \
- -i "${CLIENT_CADIR}/clientCA.ca.cert" 2>&1
- echo "Importing all the server's own CA chain into the servers DB"
- for CA in `find ${SERVER_CADIR} -name "?*.ca.cert"` ;
- do
- N=`basename $CA | sed -e "s/.ca.cert//"`
- if [ $N = "serverCA" ] ; then
- T="-t C,C,C"
- else
- T="-t u,u,u"
- fi
- CU_ACTION="Import $N CA $T for $CERTNAME (ext.) "
- certu -A -n $N $T -f "${R_PWFILE}" -d "${PROFILEDIR}" \
- -i "${CA}" 2>&1
- done
-#============
- echo "Client Cert"
- cert_init_cert ${EXT_CLIENTDIR} ExtendedSSLUser 1 ${D_EXT_CLIENT}
-
- CU_ACTION="Initializing ${CERTNAME}'s Cert DB (ext.)"
- certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-
- CU_ACTION="Generate Cert Request for $CERTNAME (ext)"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
- CU_ACTION="Sign ${CERTNAME}'s Request (ext)"
- cp ${CERTDIR}/req ${CLIENT_CADIR}
- certu -C -c "chain-2-clientCA" -m 300 -v 60 -d "${P_CLIENT_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1
-
- CU_ACTION="Import $CERTNAME's Cert -t u,u,u (ext)"
- certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
- -i "${CERTNAME}.cert" 2>&1
- CU_ACTION="Import Server Root CA -t C,C,C for $CERTNAME (ext.)"
- certu -A -n "serverCA" -t "C,C,C" -f "${R_PWFILE}" -d "${PROFILEDIR}" \
- -i "${SERVER_CADIR}/serverCA.ca.cert" 2>&1
- echo "Importing all the client's own CA chain into the servers DB"
- for CA in `find ${CLIENT_CADIR} -name "?*.ca.cert"` ;
- do
- N=`basename $CA | sed -e "s/.ca.cert//"`
- if [ $N = "clientCA" ] ; then
- T="-t T,C,C"
- else
- T="-t u,u,u"
- fi
- CU_ACTION="Import $N CA $T for $CERTNAME (ext.)"
- certu -A -n $N $T -f "${R_PWFILE}" -d "${PROFILEDIR}" \
- -i "${CA}" 2>&1
- done
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: EXT failed $RET"
- else
- cert_log "SUCCESS: EXT passed"
- fi
-}
-
-############################## cert_ssl ################################
-# local shell function to create client + server certs for SSL test
-########################################################################
-cert_ssl()
-{
- ################# Creating Certs for SSL test ###########################
- #
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Client CA Issued Certificates ==============="
- cert_create_cert ${CLIENTDIR} "TestUser" 70 ${D_CLIENT}
-
- echo "$SCRIPTNAME: Creating Server CA Issued Certificate for \\"
- echo " ${HOSTADDR} ------------------------------------"
- cert_create_cert ${SERVERDIR} "${HOSTADDR}" 100 ${D_SERVER}
- certu -M -n "TestCA" -t "TC,TC,TC" -d ${PROFILEDIR}
-# cert_init_cert ${SERVERDIR} "${HOSTADDR}" 1 ${D_SERVER}
-# echo "************* Copying CA files to ${SERVERDIR}"
-# cp ${CADIR}/*.db .
-# hw_acc
-# CU_ACTION="Creating ${CERTNAME}'s Server Cert"
-# CU_SUBJECT="CN=${CERTNAME}, O=BOGUS Netscape, L=Mountain View, ST=California, C=US"
-# certu -S -n "${CERTNAME}" -c "TestCA" -t "Pu,Pu,Pu" -d ${PROFILEDIR} \
-# -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1
-
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: SSL failed $RET"
- else
- cert_log "SUCCESS: SSL passed"
- fi
-}
-############################## cert_stresscerts ################################
-# local shell function to create client certs for SSL stresstest
-########################################################################
-cert_stresscerts()
-{
-
- ############### Creating Certs for SSL stress test #######################
- #
- CERTDIR="$CLIENTDIR"
- cd "${CERTDIR}"
-
- PROFILEDIR=${CERTDIR}
- if [ -n "${MULTIACCESS_DBM}" ]; then
- PROFILEDIR="multiaccess:${D_CLIENT}"
- fi
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Client CA Issued Certificates ==============="
-
- CONTINUE=$GLOB_MAX_CERT
- CERTSERIAL=10
-
- while [ $CONTINUE -ge $GLOB_MIN_CERT ]
- do
- CERTNAME="TestUser$CONTINUE"
-# cert_add_cert ${CLIENTDIR} "TestUser$CONTINUE" $CERTSERIAL
- cert_add_cert
- CERTSERIAL=`expr $CERTSERIAL + 1 `
- CONTINUE=`expr $CONTINUE - 1 `
- done
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: StressCert failed $RET"
- else
- cert_log "SUCCESS: StressCert passed"
- fi
-}
-
-############################## cert_fips #####################################
-# local shell function to create certificates for FIPS tests
-##############################################################################
-cert_fips()
-{
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating FIPS 140-1 DSA Certificates =============="
- cert_init_cert "${FIPSDIR}" "FIPS PUB 140-1 Test Certificate" 1000 "${D_FIPS}"
-
- CU_ACTION="Initializing ${CERTNAME}'s Cert DB"
- certu -N -d "${PROFILEDIR}" -f "${R_FIPSPWFILE}" 2>&1
-
- echo "$SCRIPTNAME: Enable FIPS mode on database -----------------------"
- CU_ACTION="Enable FIPS mode on database for ${CERTNAME}"
- echo "modutil -dbdir ${PROFILEDIR} -fips true "
- modutil -dbdir ${PROFILEDIR} -fips true 2>&1 <<MODSCRIPT
-y
-MODSCRIPT
- RET=$?
- if [ "$RET" -ne 0 ]; then
- html_failed "<TR><TD>${CU_ACTION} ($RET) "
- cert_log "ERROR: ${CU_ACTION} failed $RET"
- else
- html_passed "<TR><TD>${CU_ACTION}"
- fi
-
- CU_ACTION="Generate Certificate for ${CERTNAME}"
- CU_SUBJECT="CN=${CERTNAME}, E=fips@bogus.com, O=BOGUS NSS, OU=FIPS PUB 140-1, L=Mountain View, ST=California, C=US"
- certu -S -n ${FIPSCERTNICK} -x -t "Cu,Cu,Cu" -d "${PROFILEDIR}" -f "${R_FIPSPWFILE}" -k dsa -m 500 -z "${R_NOISE_FILE}" 2>&1
- if [ "$RET" -eq 0 ]; then
- cert_log "SUCCESS: FIPS passed"
- fi
-}
-
-############################## cert_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cert_cleanup()
-{
- cert_log "$SCRIPTNAME: finished $SCRIPTNAME"
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-cert_init
-cert_all_CA
-cert_extended_ssl
-cert_ssl
-cert_smime_client
-cert_fips
-if [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
- cert_stresscerts
- #following lines to be used when databases are to be reused
- #cp -r /u/sonmi/tmp/stress/kentuckyderby.13/* $HOSTDIR
- #cp -r $HOSTDIR/../${HOST}.2/* $HOSTDIR
-
-fi
-cert_cleanup
diff --git a/security/nss/tests/cipher/cipher.sh b/security/nss/tests/cipher/cipher.sh
deleted file mode 100755
index a90a9dbe4..000000000
--- a/security/nss/tests/cipher/cipher.sh
+++ /dev/null
@@ -1,115 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/cipher/cipher.sh
-#
-# Script to test NSS ciphers
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## cipher_init #############################
-# local shell function to initialize this script
-########################################################################
-cipher_init()
-{
- SCRIPTNAME="cipher.sh"
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . ./init.sh
- fi
- SCRIPTNAME="cipher.sh"
- html_head "Cipher Tests"
-
- CIPHERDIR=${HOSTDIR}/cipher
- CIPHERTESTDIR=${QADIR}/../cmd/bltest
- D_CIPHER="Cipher.$version"
-
- CIPHER_TXT=${QADIR}/cipher/cipher.txt
-
- mkdir -p ${CIPHERDIR}
-
- cd ${CIPHERTESTDIR}
- P_CIPHER=.
- if [ -n "${MULTIACCESS_DBM}" ]; then
- P_CIPHER="multiaccess:${D_CIPHER}"
- fi
-}
-
-############################## cipher_main #############################
-# local shell function to test NSS ciphers
-########################################################################
-cipher_main()
-{
- cat ${CIPHER_TXT} | while read EXP_RET PARAM TESTNAME
- do
- if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
- PARAM=`echo $PARAM | sed -e "s/_-/ -/g"`
- TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
- echo "$SCRIPTNAME: $TESTNAME --------------------------------"
- echo "bltest -T -m $PARAM -d ${P_CIPHER}"
-
- bltest -T -m $PARAM -d ${P_CIPHER}
- html_msg $? $EXP_RET "$TESTNAME"
- fi
- done
-}
-
-############################## cipher_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cipher_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-cipher_init
-cipher_main
-cipher_cleanup
diff --git a/security/nss/tests/cipher/cipher.txt b/security/nss/tests/cipher/cipher.txt
deleted file mode 100644
index 29915cfc9..000000000
--- a/security/nss/tests/cipher/cipher.txt
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# This file defines the cipher tests
-#
-# expected
-# return bltest Test Case name
-# value params
-# ------- ---------- ---------------
- 0 des_ecb_-E DES_ECB_Encrypt
- 0 des_ecb_-D DES_ECB_Decrypt
- 0 des_cbc_-E DES_CBC_Encrypt
- 0 des_cbc_-D DES_CBC_Decrypt
- 0 des3_ecb_-E DES3_ECB_Encrypt
- 0 des3_ecb_-D DES3_ECB_Decrypt
- 0 des3_cbc_-E DES3_CBC_Encrypt
- 0 des3_cbc_-D DES3_CBC_Decrypt
- 0 aes_ecb_-E AES_ECB_Encrypt
- 0 aes_ecb_-D AES_ECB_Decrypt
- 0 aes_cbc_-E AES_CBC_Encrypt
- 0 aes_cbc_-D AES_CBC_Decrypt
- 0 rc2_ecb_-E RC2_ECB_Encrypt
- 0 rc2_ecb_-D RC2_ECB_Decrypt
- 0 rc2_cbc_-E RC2_CBC_Encrypt
- 0 rc2_cbc_-D RC2_CBC_Decrypt
- 0 rc4_-E RC4_Encrypt
- 0 rc4_-D RC4_Decrypt
- 0 rsa_-E RSA_Encrypt
- 0 rsa_-D RSA_Decrypt
- 0 dsa_-S DSA_Sign
- 0 dsa_-V DSA_Verify
- 0 md2_-H MD2_Hash
- 0 md5_-H MD5_Hash
- 0 sha1_-H SHA1_Hash
- 0 sha256_-H SHA256_Hash
- 0 sha384_-H SHA384_Hash
- 0 sha512_-H SHA512_Hash
diff --git a/security/nss/tests/cipher/dsa.txt b/security/nss/tests/cipher/dsa.txt
deleted file mode 100644
index 257d7ffe0..000000000
--- a/security/nss/tests/cipher/dsa.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the dsa performance tests
-#
-#
-# mode keysize bufsize repetitions cxrepetitions
- dsa 64 20 200 5
- dsa 96 20 200 3
- dsa 128 20 200 3
diff --git a/security/nss/tests/cipher/hash.txt b/security/nss/tests/cipher/hash.txt
deleted file mode 100644
index 17c6a41a1..000000000
--- a/security/nss/tests/cipher/hash.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the cryptographic hash performance tests
-#
-#
-# mode bufsize repetitions
- md2 1024 1000
- md5 1024 100000
- sha1 1024 10000
diff --git a/security/nss/tests/cipher/performance.sh b/security/nss/tests/cipher/performance.sh
deleted file mode 100755
index 2a9e1258b..000000000
--- a/security/nss/tests/cipher/performance.sh
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/bin/sh
-#
-# This is just a quick script so we can still run our testcases.
-# Longer term we need a scriptable test environment..
-#
-. ../common/init.sh
-CURDIR=`pwd`
-
-CIPHERDIR=${HOSTDIR}/cipher
-SKTESTS=${CURDIR}/symmkey.txt
-RSATESTS=${CURDIR}/rsa.txt
-DSATESTS=${CURDIR}/dsa.txt
-HASHTESTS=${CURDIR}/hash.txt
-SKPERFOUT=${CIPHERDIR}/skperfout.data
-RSAPERFOUT=${CIPHERDIR}/rsaperfout.data
-DSAPERFOUT=${CIPHERDIR}/dsaperfout.data
-HASHPERFOUT=${CIPHERDIR}/hashperfout.data
-PERFRESULTS=${HOSTDIR}/performance.html
-
-echo "<HTML><BODY>" >> ${PERFRESULTS}
-
-mkdir -p ${CIPHERDIR}
-cd ${CIPHERDIR}
-
-if [ -z $1 ]; then
- TESTSET="all"
-else
- TESTSET=$1
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "symmkey" ]; then
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>Symmetric Key Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>SYMMETRIC KEY SIZE (bits)</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-
-cat ${SKTESTS} | while read mode keysize bufsize reps cxreps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps"
- bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps >> ${SKPERFOUT}
- mv "tmp.in" "$mode.in"
- mv tmp.key $mode.key
- if [ -f tmp.iv ]; then
- mv tmp.iv $mode.iv
- fi
- echo "bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.out >> ${SKPERFOUT}
- echo "bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.inv"
- bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.inv >> ${SKPERFOUT}
- fi
-done
-
-cat ${SKPERFOUT} | while read md buf sk rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$sk</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "rsa" ]; then
-cat ${RSATESTS} | while read mode keysize bufsize exp reps cxreps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize -e $exp -g $keysize -u $cxreps"
- bltest -N -m $mode -b $bufsize -e $exp -g $keysize -u $cxreps >> ${RSAPERFOUT}
- mv "tmp.in" "$mode.in"
- mv tmp.key $mode.key
- echo "bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out >> ${RSAPERFOUT}
- echo "bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.inv"
- bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.inv >> ${RSAPERFOUT}
- fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=7>RSA Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>KEY SIZE (bits)</TH><TH>PUBLIC EXPONENT</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${RSAPERFOUT} | while read md buf mod pe rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$mod</TD><TD align=right>$pe</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "dsa" ]; then
-cat ${DSATESTS} | while read mode keysize bufsize reps cxreps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps"
- bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps >> ${DSAPERFOUT}
- mv "tmp.in" "$mode.in"
- mv tmp.key $mode.key
- echo "bltest -S -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -S -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out >> ${DSAPERFOUT}
- echo "bltest -V -m $mode -f ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -i ${CIPHERDIR}/$mode.in -o ${CIPHERDIR}/$mode.out"
- bltest -V -m $mode -f ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -i ${CIPHERDIR}/$mode.in -o ${CIPHERDIR}/$mode.out >> ${DSAPERFOUT}
- fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>DSA Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>KEY SIZE (bits)</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${DSAPERFOUT} | while read md buf mod rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$mod</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "hash" ]; then
-cat ${HASHTESTS} | while read mode bufsize reps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize"
- bltest -N -m $mode -b $bufsize
- mv "tmp.in" "$mode.in"
- echo "bltest -H -m $mode -i ${CIPHERDIR}/$mode.in -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -H -m $mode -i ${CIPHERDIR}/$mode.in -p $reps -o ${CIPHERDIR}/$mode.out >> ${HASHPERFOUT}
- fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>Hash Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>REPETITIONS</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${HASHPERFOUT} | while read md buf rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$rps</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-#rm -f ${TEMPFILES}
-cd ${CURDIR}
-
-echo "</BODY></HTML>" >> ${PERFRESULTS}
diff --git a/security/nss/tests/cipher/rsa.txt b/security/nss/tests/cipher/rsa.txt
deleted file mode 100644
index 5508971e9..000000000
--- a/security/nss/tests/cipher/rsa.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the rsa performance tests
-#
-#
-# mode keysize bufsize exponent repetitions cxrepetitions
- rsa 32 32 17 1000 5
- rsa 64 64 3 500 3
- rsa 128 128 65537 200 3
diff --git a/security/nss/tests/cipher/symmkey.txt b/security/nss/tests/cipher/symmkey.txt
deleted file mode 100644
index 741f86880..000000000
--- a/security/nss/tests/cipher/symmkey.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# This file enables test coverage of the symmetric key performance tests
-#
-#
-# mode keysize bufsize repetitions cxrepetitions
- des_ecb 8 8192 1000 100000
- des_cbc 8 8192 1000 100000
- des3_ecb 24 8192 1000 100000
- des3_cbc 24 8192 1000 100000
- rc2_ecb 5 8192 1000 100000
- rc2_ecb 8 8192 1000 100000
- rc2_ecb 16 8192 1000 100000
- rc2_cbc 5 8192 1000 100000
- rc2_cbc 8 8192 1000 100000
- rc2_cbc 16 8192 1000 100000
- rc4 5 8192 10000 100000
- rc4 8 8192 10000 100000
- rc4 16 8192 10000 100000
- rc4 24 8192 10000 100000
diff --git a/security/nss/tests/clean_tbx b/security/nss/tests/clean_tbx
deleted file mode 100755
index 4de955576..000000000
--- a/security/nss/tests/clean_tbx
+++ /dev/null
@@ -1,172 +0,0 @@
-#! /bin/perl
-
-#######################################################################
-#
-# /u/sonmi/bin/clean_tbx.pl
-#
-# this script is supposed to remove tinderbox QA if:
-# QA has passed, there are 2+ newer QA dirs of the same machine and
-# platform (32/64) and it is older than 2 hours
-# QA has failed, there are 2+ newer QA dirsof the same machine and
-# platform (32/64) with _identical failures and it is older than
-# 2 hours
-# directory is older than 48 hours
-#
-#######################################################################
-
-use Time::Local;
-
-$ANY_TBX_KEEP_HOURS=48;
-$NOT_FAILED_TBX_KEEP_HOURS=24;
-$PASSED_TBX_KEEP_HOURS=2;
-$IF_TBX_KEEP_HOURS=2;
-$PASSED_NEWER_DIRS=2;
-$IF_NEWER_DIRS=2;
-$verbose = 1;
-
-$TBX_TESTDIR="/share/builds/mccrel3/nss/nsstip/tinderbox/tests_results/security";
-$FTP_STAGE="/u/sonmi/tmp/ftp_stage/tinderbox";
-
-@tbx_dirs = ();
-
-$eANY_TBX_KEEP=$ANY_TBX_KEEP_HOURS*60*60;
-$ePASSED_TBX_KEEP=$PASSED_TBX_KEEP_HOURS*60*60;
-$eIF_TBX_KEEP=$IF_TBX_KEEP_HOURS*60*60;
-$eNOT_FAILED_TBX_KEEP=$NOT_FAILED_TBX_KEEP_HOURS*60*60;
-
-$year, $month, $days, $hours, $minutes, $seconds;
-$efulldate=0;
-
-$fulldate=0;
-
-$no_bits="";
-$last_no_bits="";
-
-$host="";
-$last_host="";
-
-@tbx_dirs = `ls -r $TBX_TESTDIR`; #sort first by host,
- #then 64,
- #then newest - oldest
-debug ("found $#tbx_dirs directories ");
-
-($seconds, $minutes, $hours, $days, $month, $year) = localtime;
-
-debug ("$seconds, $minutes, $hours, $days, $month, $year");
-
-$enow = timelocal(localtime);
-
-sub debug;
-sub warning;
-sub error;
-sub msg;
-sub init;
-sub check_tbx_dirs;
-
-sub check_tbx_dirs
-{
- my $platform_idx=0; # counts directories per platform, newest
- # to oldest (ignores incomplete)
- my $passed_idx=0; # counts passed directories newest to oldest
- my $QAstatus="unknown";
- foreach $tbx_dir (@tbx_dirs) {
- $tbx_dir =~ s/\n//g;
- $fulldate = $tbx_dir;
- $fulldate =~ s/^.*-(20.*-..\...$)/$1/;
- $day = $month = $year = $hour = $min = $fulldate;
- $host = $tbx_dir;
- $host =~ s/-20.*//;
- $no_bits = $host;
- $host =~ s/64$//;
- $no_bits =~ s/.*64$/64/;
- $no_bits =~ s/^[^6].*/other/;
- $year =~ s/(....).*/$1/;
- $month =~ s/....(..).*/$1/;
- $day =~ s/......(..).*/$1/;
- $hour =~ s/........-(..).*/$1/;
- $min =~ s/.*\.(..)$/$1/;
-
-
- if ( -f "$TBX_TESTDIR/$tbx_dir/QAstatus" ) {
- $QAstatus=`cat $TBX_TESTDIR/$tbx_dir/QAstatus 2>/dev/null`;
- $QAstatus =~ s/\n$//g;
- } else {
- $QAstatus="unknown";
- }
-
- $efulldate = timelocal( 0, $min, $hour, $day, $month-1, $year-1900);
- if ( "$host" !~ "$last_host" || "$no_bits" !~ "$last_no_bits" ) {
- if ( $QAstatus !~ "QA running" ) {
- $platform_idx = 0;
- } else {
- $platform_idx = -1;
- }
- $passed_idx = 0;
-
- $last_host = $host;
- $last_no_bits = $no_bits;
- } else {
- $platform_idx ++;
- $passed_idx++ if ( $QAstatus =~ "QA passed" ) ;
- }
-
- debug ("$tbx_dir host $host date $fulldate bits $no_bits $year/$month/$day $hour:$min QAstatus $QAstatus pli $platform_idx pai $passed_idx");
-
- if ( $passed_idx > $PASSED_NEWER_DIRS && $QAstatus =~ "QA passed" ) {
- $ekeeptime=$efulldate + $ePASSED_TBX_KEEP;
- #($s, $m, $h, $d, $mo, $y) = localtime($ekeeptime);
- #debug ("$passed_idx > $PASSED_NEWER_DIRS ekeeptime ($s, $m, $h, $d, $mo, $y) == $ekeeptime");
- rm_tbx ("Passed $PASSED_TBX_KEEP_HOURS + hours old") if ( $ekeeptime <= $enow );
- } elsif ( $QAstatus !~ "QA failed" ) {
- $ekeeptime=$efulldate + $eNOT_FAILED_TBX_KEEP;
- rm_tbx ("Not failed $NOT_FAILED_TBX_KEEP_HOURS + hours old") if ( $ekeeptime <= $enow );
- } else {
- $ekeeptime=$efulldate + $eANY_TBX_KEEP;
- rm_tbx ("Passed 2+ hours old") if ( $ekeeptime <= $enow );
- }
- if ( $QAstatus =~ "QA failed" ) {
- $ekeeptime=$efulldate + $eIF_TBX_KEEP;
- #FIXME - compare to the previous failure by filtering and
- #FIXME diffing the results.html files (first grep failed)
- }
- }
-
-}
-
-sub rm_tbx()
-{
-
-debug ("DELETING $tbx_dir... (@_[0]) ");
-system("rm -rf $TBX_TESTDIR/$tbx_dir");
-#debug ("rm -rf $TBX_TESTDIR/$tbx_dir");
-
-}
-
-sub msg
-{
- my $i;
- for ($i = 0; $i <= $#_ ; $i++ ) {
- print "@_[$i] ";
- }
- print "\n";
-
-}
-sub error
-{
- msg ("ERROR: " ,@_ );
-}
-
-sub warning
-{
- msg ("WARNING:" ,@_ );
-}
-sub debug
-{
- if ( $verbose == 1 ) {
- msg ("DEBUG: " ,@_ );
- } elsif ( $verbose == 2 ) {
- msg (@_ );
- }
-}
-
-check_tbx_dirs;
diff --git a/security/nss/tests/cmdtests/cmdtests.sh b/security/nss/tests/cmdtests/cmdtests.sh
deleted file mode 100644
index 7342e2a1c..000000000
--- a/security/nss/tests/cmdtests/cmdtests.sh
+++ /dev/null
@@ -1,132 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/cmd/tests/cmdtests.sh
-#
-# Script to run small tests to test specific crashes of NSS
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from
-# --------------
-# all.sh
-#
-# tests implemented:
-# vercrt (verify encryption cert - bugzilla bug 119059)
-# vercrtfps (verify encryption cert in fips mode - bugzilla bug 119214)
-# test3 (CERT_FindUserCertByUsage called 2nd time - bug 118864)
-#
-# special strings
-# ---------------
-#
-########################################################################
-
-############################## cmdtests_init ###########################
-# local shell function to initialize this script
-########################################################################
-cmdtests_init()
-{
- SCRIPTNAME=cmdtests.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . ./init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . ./cert.sh
- fi
- SCRIPTNAME=cmdtests.sh
- html_head "Tests in cmd/tests"
-
-# grep "SUCCESS: cmd/tests passed" $CERT_LOG_FILE >/dev/null || {
-# Exit 15 "Fatal - cert.sh needs to pass first"
-# }
-
- CMDTESTSDIR=${HOSTDIR}/cmd/tests
- COPYDIR=${CMDTESTSDIR}/copydir
-
- R_CMDTESTSDIR=../cmd/tests
- R_COPYDIR=../cmd/tests/copydir
- P_R_COPYDIR=${R_COPYDIR}
-
- if [ -n "${MULTIACCESS_DBM}" ]; then
- P_R_COPYDIR="multiaccess:Cmdtests.$version"
- fi
-
- mkdir -p ${CMDTESTSDIR}
- mkdir -p ${COPYDIR}
- mkdir -p ${CMDTESTSDIR}/html
-
- cd ${CMDTESTSDIR}
-}
-
-############################## ct_vercrt ##################################
-# CERT_VerifyCert should not fail when verifying encryption cert
-# Bugzilla Bug 119059
-########################################################################
-#ct_vercrt()
-#{
- # echo "$SCRIPTNAME: Verify encryption certificate ----------------------"
- # echo "vercrt"
- # vercrt
- # ret=$?
- # html_msg $ret 0 "Verify encryption certificate (vercrt)"
-#
-#}
-
-
-############################## cmdtests_cleanup ########################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cmdtests_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-cmdtests_init
-
-#ct_vercrt
-cmdtests_cleanup
diff --git a/security/nss/tests/common/Makefile b/security/nss/tests/common/Makefile
deleted file mode 100644
index 9e3743d62..000000000
--- a/security/nss/tests/common/Makefile
+++ /dev/null
@@ -1,49 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-objdir_name:
- @echo $(OBJDIR_NAME)
-
-os_arch:
- @echo $(OS_ARCH)
-
-dll_prefix:
- @echo $(DLL_PREFIX)
-
-dll_suffix:
- @echo $(DLL_SUFFIX)
diff --git a/security/nss/tests/common/cleanup.sh b/security/nss/tests/common/cleanup.sh
deleted file mode 100755
index 57d71dc48..000000000
--- a/security/nss/tests/common/cleanup.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/common/cleanup.sh
-#
-# Script to clean up after NSS QA suites
-# needs to work on all Unix and Windows platforms
-#
-########################################################################
-
-
-if [ -z "${CLEANUP}" -o "${CLEANUP}" = "${SCRIPTNAME}" ]; then
- html "</BODY></HTML>"
- rm -f ${TEMPFILES} 2>/dev/null
-fi
diff --git a/security/nss/tests/common/init.sh b/security/nss/tests/common/init.sh
deleted file mode 100644
index 473d1ddd0..000000000
--- a/security/nss/tests/common/init.sh
+++ /dev/null
@@ -1,459 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/common/init.sh
-#
-# initialization for NSS QA, can be included multiple times
-# from all.sh and the individual scripts
-#
-# variables, utilities and shellfunctions global to NSS QA
-# needs to work on all Unix and Windows platforms
-#
-# included from
-# -------------
-# all.sh
-# ssl.sh
-# sdr.sh
-# cipher.sh
-# perf.sh
-# cert.sh
-# smime.sh
-# tools.sh
-# fips.sh
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# NOTE:
-# -----
-# Unlike the old QA this is based on files sourcing each other
-# This is done to save time, since a great portion of time is lost
-# in calling and sourcing the same things multiple times over the
-# network. Also, this way all scripts have all shell function available
-# and a completely common environment
-#
-########################################################################
-NSS_STRICT_SHUTDOWN=1
-export NSS_STRICT_SHUTDOWN
-
-if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-
-# Exit shellfunction to clean up at exit (error, regular or signal)
- Exit()
- {
- if [ -n "$1" ] ; then
- echo "$SCRIPTNAME: Exit: $*"
- html_failed "<TR><TD>$*"
- fi
- echo "</TABLE><BR>" >> ${RESULTS}
- if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then
- ${KILL} `cat ${SERVERPID}`
- fi
- CLEANUP=${SCRIPTNAME}
- cd ${QADIR}
- . common/cleanup.sh
- case $1 in
- [0-4][0-9]|[0-9])
- exit $1;
- ;;
- *)
- exit 1
- ;;
- esac
- }
-
-#html functions to give the resultfiles a consistant look
- html() ######################### write the results.html file
- { # 3 functions so we can put targets in the output.log easier
- echo $* >>${RESULTS}
- }
- html_passed()
- {
- html "$* ${HTML_PASSED}"
- }
- html_failed()
- {
- html "$* ${HTML_FAILED}"
- }
- html_head()
- {
- html "<TABLE BORDER=1><TR><TH COLSPAN=3>$*</TH></TR>"
- html "<TR><TH width=500>Test Case</TH><TH width=50>Result</TH></TR>"
- echo "$SCRIPTNAME: $* ==============================="
- }
- html_msg()
- {
- if [ "$1" -ne "$2" ] ; then
- html_failed "<TR><TD>$3"
- if [ -n "$4" ] ; then
- echo "$SCRIPTNAME: $3 $4 FAILED"
- fi
- else
- html_passed "<TR><TD>$3"
- if [ -n "$4" ] ; then
- echo "$SCRIPTNAME: $3 $4 PASSED"
- fi
- fi
- }
- HTML_FAILED='</TD><TD bgcolor=red>Failed</TD><TR>'
- HTML_PASSED='</TD><TD bgcolor=lightGreen>Passed</TD><TR>'
-
-
-#directory name init
- SCRIPTNAME=init.sh
-
- mozilla_root=`(cd ../../../..; pwd)`
- MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root}
-
- qadir=`(cd ..; pwd)`
- QADIR=${QADIR-$qadir}
-
- common=${QADIR}/common
- COMMON=${TEST_COMMON-$common}
- export COMMON
-
- DIST=${DIST-${MOZILLA_ROOT}/dist}
- SECURITY_ROOT=${SECURITY_ROOT-${MOZILLA_ROOT}/security/nss}
- TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
- OBJDIR=`(cd $COMMON; gmake objdir_name)`
- OS_ARCH=`(cd $COMMON; gmake os_arch)`
- DLL_PREFIX=`(cd $COMMON; gmake dll_prefix)`
- DLL_SUFFIX=`(cd $COMMON; gmake dll_suffix)`
- OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//"`
-
-#in case of backward comp. tests the calling scripts set the
-#PATH and LD_LIBRARY_PATH and do not want them to be changed
- if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then
- if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" != "CYGWIN_NT" ]; then
- PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH
- PATH=`perl ../path_uniq -d ';' "$PATH"`
- else
- PATH=.:/bin:/usr/bin:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:$PATH
- # added /bin and /usr/bin in the beginning so a local perl will
- # be used
- PATH=`perl ../path_uniq -d ':' "$PATH"`
- fi
-
- LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib
- SHLIB_PATH=${DIST}/${OBJDIR}/lib
- LIBPATH=${DIST}/${OBJDIR}/lib
- DYLD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib
- fi
-
- if [ ! -d "${TESTDIR}" ]; then
- echo "$SCRIPTNAME init: Creating ${TESTDIR}"
- mkdir -p ${TESTDIR}
- fi
-
-#HOST and DOMSUF are needed for the server cert
- case $HOST in
- *\.*)
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- ?*)
- ;;
- *)
- HOST=`uname -n`
- case $HOST in
- *\.*)
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- ?*)
- ;;
- *)
- echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
- exit 1 #does not need to be Exit, very early in script
- ;;
- esac
- ;;
- esac
-
- if [ -z "${DOMSUF}" ]; then
- DOMSUF=`domainname`
- if [ -z "${DOMSUF}" ]; then
- echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
- exit 1 #does not need to be Exit, very early in script
- fi
- fi
-#HOSTADDR was a workaround for the dist. stress test, and is probably
-#not needed anymore (purpose: be able to use IP address for the server
-#cert instead of PC name which was not in the DNS because of dyn IP address
- if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
- HOSTADDR=${HOST}.${DOMSUF}
- else
- HOSTADDR=${IP_ADDRESS}
- fi
-
-#if running remote side of the distributed stress test we need to use
-#the files that the server side gives us...
- if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
- for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
- sed -e "s/.*${HOST}.//"` ; do
- version=$w
- done
- HOSTDIR=${TESTDIR}/${HOST}.$version
- echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR"
- echo $HOSTDIR
- if [ ! -d $HOSTDIR ] ; then
- echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test "
- echo " - server HOSTDIR $HOSTDIR does not exist"
- exit 1 #does not need to be Exit, very early in script
- fi
- fi
-
-#find the HOSTDIR, where the results are supposed to go
- if [ -n "${HOSTDIR}" ]; then
- version=`echo $HOSTDIR | sed -e "s/.*${HOST}.//"`
- else
- if [ -f "${TESTDIR}/${HOST}" ]; then
- version=`cat ${TESTDIR}/${HOST}`
- else
- version=1
- fi
-#file has a tendency to disappear, messing up the rest of QA -
-#workaround to find the next higher number if version file is not there
- if [ -z "${version}" ]; then # for some strange reason this file
- # gets truncated at times... Windos
- for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
- sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do
- version=`expr $w + 1`
- done
- if [ -z "${version}" ]; then
- version=1
- fi
- fi
- expr $version + 1 > ${TESTDIR}/${HOST}
-
- HOSTDIR=${TESTDIR}/${HOST}'.'$version
-
- mkdir -p ${HOSTDIR}
- fi
-
-#result and log file and filename init,
- if [ -z "${LOGFILE}" ]; then
- LOGFILE=${HOSTDIR}/output.log
- fi
- if [ ! -f "${LOGFILE}" ]; then
- touch ${LOGFILE}
- fi
- if [ -z "${RESULTS}" ]; then
- RESULTS=${HOSTDIR}/results.html
- fi
- if [ ! -f "${RESULTS}" ]; then
- cp ${COMMON}/results_header.html ${RESULTS}
- html "<H4>Platform: ${OBJDIR}<BR>"
- html "Test Run: ${HOST}.$version</H4>"
- html "${BC_ACTION}"
- html "<HR><BR>"
- html "<HTML><BODY>"
-
- echo "********************************************" | tee ${LOGFILE}
- echo " Platform: ${OBJDIR}" | tee ${LOGFILE}
- echo " Results: ${HOST}.$version" | tee ${LOGFILE}
- echo "********************************************" | tee ${LOGFILE}
- echo "$BC_ACTION" | tee ${LOGFILE}
- #if running remote side of the distributed stress test let the user know who it is...
- elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
- echo "********************************************" | tee ${LOGFILE}
- echo " Platform: ${OBJDIR}" | tee ${LOGFILE}
- echo " Results: ${HOST}.$version" | tee ${LOGFILE}
- echo " remote side of distributed stress test " | tee ${LOGFILE}
- echo " `uname -n -s`" | tee ${LOGFILE}
- echo "********************************************" | tee ${LOGFILE}
- fi
-
- echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |
- tee ${LOGFILE}
-
- KILL="kill"
-
- if [ `uname -s` = "SunOS" ]; then
- PS="/usr/5bin/ps"
- else
- PS="ps"
- fi
-#found 3 rsh's so far that do not work as expected - cygnus mks6
-#(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it
-#needs to be set in the environ.ksh
- if [ -z "$RSH" ]; then
- if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
- RSH=/cygdrive/c/winnt/system32/rsh
- elif [ "${OS_ARCH}" = "WINNT" ]; then
- RSH=c:/winnt/system32/rsh
- else
- RSH=rsh
- fi
- fi
-
-
-#more filename and directoryname init
- CURDIR=`pwd`
-
- CU_ACTION='Unknown certutil action'
-
- # would like to preserve some tmp files, also easier to see if there
- # are "leftovers" - another possibility ${HOSTDIR}/tmp
-
- TMP=${HOSTDIR} #TMP=${TMP-/tmp}
- TEMP=${TMP}
- TMPDIR=${TMP}
-
- CADIR=${HOSTDIR}/CA
- SERVERDIR=${HOSTDIR}/server
- CLIENTDIR=${HOSTDIR}/client
- ALICEDIR=${HOSTDIR}/alicedir
- BOBDIR=${HOSTDIR}/bobdir
- DAVEDIR=${HOSTDIR}/dave
- EVEDIR=${HOSTDIR}/eve
- FIPSDIR=${HOSTDIR}/fips
-
- SERVER_CADIR=${HOSTDIR}/serverCA
- CLIENT_CADIR=${HOSTDIR}/clientCA
- EXT_SERVERDIR=${HOSTDIR}/ext_server
- EXT_CLIENTDIR=${HOSTDIR}/ext_client
-
- PWFILE=${TMP}/tests.pw.$$
- NOISE_FILE=${TMP}/tests_noise.$$
-
- FIPSPWFILE=${TMP}/tests.fipspw.$$
- FIPSBADPWFILE=${TMP}/tests.fipsbadpw.$$
- FIPSP12PWFILE=${TMP}/tests.fipsp12pw.$$
- FIPSCERTNICK="FIPS_PUB_140-1_Test_Certificate"
-
- # domains to handle ipc based access to databases
- D_CA="TestCA.$version"
- D_ALICE="Alice.$version"
- D_BOB="Bob.$version"
- D_DAVE="Dave.$version"
- D_EVE="Eve.$version"
- D_SERVER_CA="ServerCA.$version"
- D_CLIENT_CA="ClientCA.$version"
- D_SERVER="Server.$version"
- D_CLIENT="Client.$version"
- D_FIPS="FIPS.$version"
- D_EXT_SERVER="ExtendedServer.$version"
- D_EXT_CLIENT="ExtendedClient.$version"
-
- # we need relative pathnames of these files abd directories, since our
- # tools can't handle the unix style absolut pathnames on cygnus
-
- R_CADIR=../CA
- R_SERVERDIR=../server
- R_CLIENTDIR=../client
- R_ALICEDIR=../alicedir
- R_BOBDIR=../bobdir
- R_DAVEDIR=../dave
- R_EVEDIR=../eve
- R_EXT_SERVERDIR=../ext_server
- R_EXT_CLIENTDIR=../ext_client
-
- #
- # profiles are either paths or domains depending on the setting of
- # MULTIACCESS_DBM
- #
- P_R_CADIR=${R_CADIR}
- P_R_ALICEDIR=${R_ALICEDIR}
- P_R_BOBDIR=${R_BOBDIR}
- P_R_DAVEDIR=${R_DAVEDIR}
- P_R_EVEDIR=${R_EVEDIR}
- P_R_SERVERDIR=${R_SERVERDIR}
- P_R_CLIENTDIR=${R_CLIENTDIR}
- P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR}
- P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR}
- P_SERVER_CADIR=${SERVER_CADIR}
- P_CLIENT_CADIR=${CLIENT_CADIR}
- if [ -n "${MULTIACCESS_DBM}" ]; then
- P_R_CADIR="multiaccess:${D_CA}"
- P_R_ALICEDIR="multiaccess:${D_ALICE}"
- P_R_BOBDIR="multiaccess:${D_BOB}"
- P_R_DAVEDIR="multiaccess:${D_DAVE}"
- P_R_EVEDIR="multiaccess:${D_EVE}"
- P_R_SERVERDIR="multiaccess:${D_SERVER}"
- P_R_CLIENTDIR="multiaccess:${D_CLIENT}"
- P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}"
- P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}"
- P_SERVER_CADIR="multiaccess:${D_SERVER_CA}"
- P_CLIENT_CADIR="multiaccess:${D_CLIENT_CA}"
- fi
-
- R_PWFILE=../tests.pw.$$
- R_NOISE_FILE=../tests_noise.$$
-
- R_FIPSPWFILE=../tests.fipspw.$$
- R_FIPSBADPWFILE=../tests.fipsbadpw.$$
- R_FIPSP12PWFILE=../tests.fipsp12pw.$$
-
- echo "fips140" > ${FIPSPWFILE}
- echo "fips104" > ${FIPSBADPWFILE}
- echo "pkcs12fips140" > ${FIPSP12PWFILE}
-
- # a new log file, short - fast to search, mostly for tools to
- # see if their portion of the cert has succeeded, also for me -
- CERT_LOG_FILE=${HOSTDIR}/cert.log #the output.log is so crowded...
-
- TEMPFILES="${PWFILE} ${NOISE_FILE}"
- trap "Exit $0 Signal_caught" 2 3
-
- export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH DYLD_LIBRARY_PATH
- export DOMSUF HOSTADDR
- export KILL PS
- export MOZILLA_ROOT SECURITY_ROOT DIST TESTDIR OBJDIR HOSTDIR QADIR
- export LOGFILE SCRIPTNAME
-
-#used for the distributed stress test, the server generates certificates
-#from GLOB_MIN_CERT to GLOB_MAX_CERT
-# NOTE - this variable actually gets initialized by directly by the
-# ssl_dist_stress.shs sl_ds_init() before init is called - need to change
-# in both places. speaking of data encapsulatioN...
-
- if [ -z "$GLOB_MIN_CERT" ] ; then
- GLOB_MIN_CERT=0
- fi
- if [ -z "$GLOB_MAX_CERT" ] ; then
- GLOB_MAX_CERT=200
- fi
- if [ -z "$MIN_CERT" ] ; then
- MIN_CERT=$GLOB_MIN_CERT
- fi
- if [ -z "$MAX_CERT" ] ; then
- MAX_CERT=$GLOB_MAX_CERT
- fi
-
- SCRIPTNAME=$0
- INIT_SOURCED=TRUE #whatever one does - NEVER export this one please
-fi
diff --git a/security/nss/tests/common/results_header.html b/security/nss/tests/common/results_header.html
deleted file mode 100644
index c09685b11..000000000
--- a/security/nss/tests/common/results_header.html
+++ /dev/null
@@ -1,6 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>Test Report for NSS</TITLE>
-</HEAD>
-<BODY BGCOLOR="#FFFFFF">
-<CENTER><H3>Test Report for NSS</H3></CENTER>
diff --git a/security/nss/tests/core_watch b/security/nss/tests/core_watch
deleted file mode 100755
index a627983a3..000000000
--- a/security/nss/tests/core_watch
+++ /dev/null
@@ -1,45 +0,0 @@
-#############################################################
-# script to watch for cores during QA runs, so they won't overwrite one
-# another
-# Not activated for efficiency reasons, and problems on MKS, us
-# only when needed and remember to remove afterwards
-#############################################################
-
-#############################################################
-# to activate put the following into all.sh (after the HOSTDIR
-# has been exported
-#############################################################
-# sh `dirname $0`/core_watch $HOSTDIR ${HOSTDIR} &
-# CORE_WATCH_PID=$!
-# if [ -n "${KILLPIDS}" ]
-# then
-# echo $CORE_WATCH_PID >>"${KILLPIDS}"
-# fi
-#############################################################
-
-#############################################################
-# or put the following into nssqa to watch the whole RESULTDIR
-# start it shortly before run_all
-#
-# NOTE: the more efficient way is above, this is potentially going
-# thru 1000ds of files every 30 seconds
-#############################################################
-# sh `dirname $0`/core_watch $RESULTDIR &
-# echo $! >>"${KILLPIDS}" #so Exit() can hopefully kill the core_watch
-#############################################################
-
-# in both cases remember to kill the process when done, since
-# the PIDs that end up in ${KILLPIDS} might not work for all OS
-# something like "kill_by_name core_watch
-
-echo $$ >>"${KILLPIDS}" #so Exit() can hopefully kill this shell
-while [ 1 ]
-do
- for w in `find $1 -name "core" -print`
- do
- echo "Found core $w"
- mv $w $w.`date +%H%M%S`
- done
- sleep 30
-done
-
diff --git a/security/nss/tests/dbtests/dbtests.sh b/security/nss/tests/dbtests/dbtests.sh
deleted file mode 100755
index ae498f780..000000000
--- a/security/nss/tests/dbtests/dbtests.sh
+++ /dev/null
@@ -1,232 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-# Sonja Mirtitsch Sun Microsystems
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-########################################################################
-#
-# mozilla/security/nss/tests/dbtest/dbtest.sh
-#
-# Certificate generating and handeling for NSS QA, can be included
-# multiple times from all.sh and the individual scripts
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-# all.sh
-# ssl.sh
-# smime.sh
-# tools.sh
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# FIXME - Netscape - NSS
-########################################################################
-
-############################## dbtest_init ###############################
-# local shell function to initialize this script
-########################################################################
-dbtest_init()
-{
- SCRIPTNAME="dbtests.sh"
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . ./init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . ./cert.sh
- fi
-
- SCRIPTNAME="dbtests.sh"
- DBTEST_LOG=${HOSTDIR}/dbtest.log #we don't want all the errormessages
- # in the output.log, otherwise we can't tell what's a real error
- RONLY_DIR=${HOSTDIR}/ronlydir
- EMPTY_DIR=${HOSTDIR}/emptydir
- grep "SUCCESS: SSL passed" $CERT_LOG_FILE >/dev/null || {
- html_head "SSL Test failure"
- Exit : "Fatal - SSL of cert.sh needs to pass first"
- }
-
- html_head "CERT and Key DB Tests"
-
-}
-
-############################## dbtest_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-dbtest_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- chmod a+rw $RONLY_DIR
- . common/cleanup.sh
-}
-
-Echo()
-{
- echo
- echo "---------------------------------------------------------------"
- echo "| $*"
- echo "---------------------------------------------------------------"
-}
-dbtest_main()
-{
- cd ${HOSTDIR}
-
-
- Echo "test opening the database readonly in a nonexisting directory"
- certutil -L -X -d ./non_existant_dir
- ret=$?
- if [ $ret -ne 255 ]; then
- html_failed "<TR><TD> Certutil succeeded in a nonexisting directory $ret"
- else
- html_passed "<TR><TD> Certutil failed in a nonexisting dir $ret"
- fi
- dbtest -r -d ./non_existant_dir
- ret=$?
- if [ $ret -ne 46 ]; then
- html_failed "<TR><TD> Dbtest readonly succeeded in a nonexisting directory $ret"
- else
- html_passed "<TR><TD> Dbtest readonly failed in a nonexisting dir $ret"
- fi
-
- Echo "test force opening the database in a nonexisting directory"
- dbtest -f -d ./non_existant_dir
- ret=$?
- if [ $ret -ne 0 ]; then
- html_failed "<TR><TD> Dbtest force failed in a nonexisting directory $ret"
- else
- html_passed "<TR><TD> Dbtest force succeeded in a nonexisting dir $ret"
- fi
-
- Echo "test opening the database readonly in an empty directory"
- mkdir $EMPTY_DIR
- tstclnt -h ${HOST} -d $EMPTY_DIR
- ret=$?
- if [ $ret -ne 1 ]; then
- html_failed "<TR><TD> Tstclnt succeded in an empty directory $ret"
- else
- html_passed "<TR><TD> Tstclnt failed in an empty dir $ret"
- fi
- dbtest -r -d $EMPTY_DIR
- ret=$?
- if [ $ret -ne 46 ]; then
- html_failed "<TR><TD> Dbtest readonly succeeded in an empty directory $ret"
- else
- html_passed "<TR><TD> Dbtest readonly failed in an empty dir $ret"
- fi
- rm -rf $EMPTY_DIR/* 2>/dev/null
- certutil -D -n xxxx -d $EMPTY_DIR #created DB
- ret=$?
- if [ $ret -ne 255 ]; then
- html_failed "<TR><TD> Certutil succeeded in deleting a cert in an empty directory $ret"
- else
- html_passed "<TR><TD> Certutil failed in an empty dir $ret"
- fi
- rm -rf $EMPTY_DIR/* 2>/dev/null
- Echo "test force opening the database readonly in a empty directory"
- dbtest -r -f -d $EMPTY_DIR
- ret=$?
- if [ $ret -ne 0 ]; then
- html_failed "<TR><TD> Dbtest force readonly failed in an empty directory $ret"
- else
- html_passed "<TR><TD> Dbtest force readonly succeeded in an empty dir $ret"
- fi
-
- Echo "test opening the database r/w in a readonly directory"
- mkdir $RONLY_DIR
- cp -r ${CLIENTDIR}/* $RONLY_DIR
- chmod -w $RONLY_DIR $RONLY_DIR/*
-
- # On Mac OS X 10.1, if we do a "chmod -w" on files in an
- # NFS-mounted directory, it takes several seconds for the
- # first open to see the files are readonly, but subsequent
- # opens immediately see the files are readonly. As a
- # workaround we open the files once first. (Bug 185074)
- if [ "${OS_ARCH}" = "Darwin" ]; then
- cat $RONLY_DIR/* > /dev/null
- fi
-
- dbtest -d $RONLY_DIR
- ret=$?
- if [ $ret -ne 46 ]; then
- html_failed "<TR><TD> Dbtest r/w succeeded in an readonly directory $ret"
- else
- html_passed "<TR><TD> Dbtest r/w failed in an readonly dir $ret"
- fi
- certutil -D -n "TestUser" -d .
- ret=$?
- if [ $ret -ne 255 ]; then
- html_failed "<TR><TD> Certutil succeeded in deleting a cert in an readonly directory $ret"
- else
- html_passed "<TR><TD> Certutil failed in an readonly dir $ret"
- fi
-
- Echo "test opening the database ronly in a readonly directory"
-
- dbtest -d $RONLY_DIR -r
- ret=$?
- if [ $ret -ne 0 ]; then
- html_failed "<TR><TD> Dbtest readonly failed in a readonly directory $ret"
- else
- html_passed "<TR><TD> Dbtest readonly succeeded in a readonly dir $ret"
- fi
-
- Echo "test force opening the database r/w in a readonly directory"
- dbtest -d $RONLY_DIR -f
- ret=$?
- if [ $ret -ne 0 ]; then
- html_failed "<TR><TD> Dbtest force failed in a readonly directory $ret"
- else
- html_passed "<TR><TD> Dbtest force succeeded in a readonly dir $ret"
- fi
-
- Echo "ls -l $RONLY_DIR"
- ls -ld $RONLY_DIR $RONLY_DIR/*
-
-}
-
-################## main #################################################
-
-dbtest_init
-dbtest_main >$DBTEST_LOG 2>&1
-dbtest_cleanup
diff --git a/security/nss/tests/dll_version.sh b/security/nss/tests/dll_version.sh
deleted file mode 100755
index 79a128585..000000000
--- a/security/nss/tests/dll_version.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-
-# version controll for DLLs
-# ToDo: make version parameter or find version from first occurance of 3.x
-# make the 3 a variable..., include the header
-
-#OS=`uname -s`
-#DSO_SUFFIX=so
-#if [ "$OS" = "HP-UX" ]; then
- #DSO_SUFFIX=sl
-#fi
-#what libnss3.$DSO_SUFFIX | grep NSS
-#what libsmime3.$DSO_SUFFIX | grep NSS
-#what libssl3.$DSO_SUFFIX | grep NSS
-#ident libnss3.$DSO_SUFFIX | grep NSS
-#ident libsmime3.$DSO_SUFFIX | grep NSS
-#ident libssl3.$DSO_SUFFIX | grep NSS
-
-for w in `find . -name "libnss3.s[ol]" ; find . -name "libsmime3.s[ol]"; find . -name "libssl3.s[ol]"`
-do
- NOWHAT=FALSE
- NOIDENT=FALSE
- echo $w
- what $w | grep NSS || NOWHAT=TRUE
- ident $w | grep NSS || NOIDENT=TRUE
- if [ $NOWHAT = TRUE ]
- then
- echo "ERROR what $w does not contain NSS"
- fi
- if [ $NOIDENT = TRUE ]
- then
- echo "ERROR ident $w does not contain NSS"
- fi
-done
-#for w in `find . -name "libnss3.s[ol]" ; find . -name "libsmime3.s[ol]"; find .
-#-name "libssl3.s[ol]"`
-#do
- #NOWHAT=FALSE
- #NOIDENT=FALSE
- #echo $w
- #what $w | grep NSS || NOWHAT=TRUE
- #ident $w | grep NSS || NOIDENT=TRUE
- #if [ $NOWHAT = TRUE -a $NOIDENT = TRUE ]
- #then
- #echo "WARNING what and ident $w does not contain NSS"
- #strings $w | grep NSS | grep '3.2' || echo "ERROR strings does
-#not either..."
- #fi
-#done
-
diff --git a/security/nss/tests/doc/clean.gif b/security/nss/tests/doc/clean.gif
deleted file mode 100644
index 08781cb2b..000000000
--- a/security/nss/tests/doc/clean.gif
+++ /dev/null
Binary files differ
diff --git a/security/nss/tests/doc/nssqa.txt b/security/nss/tests/doc/nssqa.txt
deleted file mode 100755
index 34fa0955b..000000000
--- a/security/nss/tests/doc/nssqa.txt
+++ /dev/null
@@ -1,108 +0,0 @@
-The new QA wrapper consistst mainly of 2 scripts, nssqa and qa_stat, both
-include a common header (header) and a common environment (set_environment).
-Also used is mksymlinks and path_uniq.
-
-The scripts that are used on a daily basis are located in /u/sonmi/bin.
-
-Parameters and Options are the same for both scripts.
-
-Parameters
-----------
- nssversion (supported: 30b, 31, tip)
- builddate (default - today, format mmdd)
-
-Options
--------
- -y answer all questions with y - use at your own risk... ignores warnings
- -s silent (only usefull with -y)
- -h, -? -help you guessed right - displays the usage
- -d debug
- -f <filename> - write the (error)output to filename
- -m <mailinglist> - send filename to mailinglist (csl) only useful
- with -f on nssqa
- -l <mozroot> run on a local build - does not work at this time
- -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.<scriptname>
-
-nssqa and qa_stat are Beta at the most
---------------------------
-Please be aware that
-
--) machinenames are still hardcoded --FIXED
--) other very iPlanet specific environments and features are being used.
-
--d Debug option will be removed from cron in a few weeks - or maybe not
--l QA on local build is not fully implemented yet
-
-Please do not use on Windows 95 and 98, ME platforms yet.
-
-use -d if script behaves strange or exits unexpectedly
-
-How to use QA
--------------
-To test a build, first run nssqa on the required QA platforms (some
-buildplatforms require QA to be run on additional platforms - for
-example Solaris 2.6 has to be tested on 2.8 32 and 64bit) If QA has
-been run on multiple or all required platforms it makes sense to run
-qa_stat on the output of nssqa as well.
-Before used on a new system (even if the same platform has been
-tested before) please use completely interactive, to see what the
-variables are being initialized to, and read the warnings. Same is
-true if being run from a different user account than svbld.
-
-In any case, if you are using it, please let me know the results.
-
-Pseudocode Description of nssqa:
---------------------------------
-not quite up to date
-
- header:init (global)
- set flags and variables to default values
- signal trap (for interupts and kills)
- set HOST and DOMSUF variables if running from cron
- parse parameters and options
- determine os and set up the environment (espec. PATH)
- set the directories to run in (influenced by parameters and -l option)
- set and initialize the tmp / debugging / output files
-
- nssqa:init (local)
- locking: if nssqa is already running on this systems (yes-exit,
- no-lockfile)
- set HOST and DOMSUF variables if running interavtively
- set flag to kill remaining selfserv processes during cleanup
- if QA platform different from build platform create neccessary
- symbolic links
- wait for the build to finish (max of 5h)
-
- main:
- repeated per test (optimized, debug, 32, 64 bit)
- set flags for this run of all.sh (optimized, debug, 32, 64 bit)
- set the DIST directory (where the binaries reside)
- kill running selfservers (sorry - just don't use the svbld
- account if you need to do your own testing... I will fix
- selfserv as soon as I can - but it hangs too often and
- disturbs all following QA)
- run all.sh
-
- header:exit (global)
- remove temporary files
- kill remaining selfservers
- send email to the list
-
-
- errorhandling
- Option / Parameter errors: Exit with usage information
-
- Severe errors: Exit wit errormessage
- example: directory in which all.sh resides does not exist
- can't create files or directories
- build not done after 5 hours
- is already running
-
- Other errors: User is prompted with the "errormessage - continue (y/n)?"
- example: local DIST dir does not exist (continues with next all.sh)
- outputdirectory does not exist (user can specify other)
-
- Signals 2, 3, 15 are treated as severe errors
-
-
-
diff --git a/security/nss/tests/doc/platform_specific_problems b/security/nss/tests/doc/platform_specific_problems
deleted file mode 100644
index 92a22ca03..000000000
--- a/security/nss/tests/doc/platform_specific_problems
+++ /dev/null
@@ -1,110 +0,0 @@
-I will, eventually convert all files here to html - just right now I have no
-time to do it. Anyone who'd like to - please feel free, mail me the file and
-I will check it in
-sonmi@netscape.com
-
-
-The NSS 3.1 SSL Stress Tests fail for me on FreeBSD 3.5. The end of the output
-of './ssl.sh stress' looks like this:
-
-********************* Stress Test ****************************
-********************* Stress SSL2 RC4 128 with MD5 ****************************
-selfserv -p 8443 -d
-/local/llennox/NSS-PSM/mozilla/tests_results/security/conrail.20/server -n
-conrail.cs.columbia.edu -w nss -i /tmp/tests_pid.5505 & strsclnt -p 8443 -d . -w nss -c 1000 -C A conrail.cs.columbia.edu
-strsclnt: -- SSL: Server Certificate Validated.
-strsclnt: PR_NewTCPSocket returned error -5974:
-Insufficient system resources.
-Terminated
-********************* Stress SSL3 RC4 128 with MD5 ****************************
-selfserv -p 8443 -d
-/local/llennox/NSS-PSM/mozilla/tests_results/security/conrail.20/server -n
-conrail.cs.columbia.edu -w nss -i /tmp/tests_pid.5505 & strsclnt -p 8443 -d . -w nss -c 1000 -C c conrail.cs.columbia.edu
-strsclnt: -- SSL: Server Certificate Validated.
-strsclnt: PR_NewTCPSocket returned error -5974:
-Insufficient system resources.
-Terminated
-
-Running ktrace on the process (ktrace is a system-call tracer, the equivalent of
-Linux's strace) reveals that socket() failed with ENOBUFS after it was called
-for the 953rd time for the first test, and it failed after the 27th time it was
-called for the second test.
-
-The failure is consistent, both for debug and optimized builds; I haven't tested
-to see whether the count of socket() failures is consistent.
-
-All the other NSS tests pass successfully.
-
-
-------- Additional Comments From Nelson Bolyard 2000-11-01 23:08 -------
-
-I see no indication of any error on NSS's part from this description.
-It sounds like an OS kernel configuration problem on the
-submittor's system. The stress test is just that. It stresses
-the server by pounding it with SSL connections. Apparently this
-test exhausts some kernel resource on the submittor's system.
-
-The only change to NSS that might be beneficial to this test
-would be to respond to this error by waiting and trying again
-for some limited number of times, rather than immediately
-treating it as a fatal error.
-
-However, while such a change might make the test appear to pass,
-it would merely be hiding a very serious problem, namely,
-chronic system resource exhaustion.
-
-So, I suggest that, in this case, the failure serves the useful
-purpose of revealing the system problem, which needs to be
-cured apart from any changes to NSS.
-
-I'll leave this bug open for a few more days, to give others
-a chance to persuade me that some NSS change would and should
-solve this problem.
-
-
-------- Additional Comments From Jonathan Lennox 2000-11-02 13:13 -------
-
-Okay, some more investigation leads me to agree with you. What's happening is
-that the TCP connections from the stress test stick around in TIME_WAIT for two
-minutes; my kernel is only configured to support 1064 simultaneous open sockets,
-which isn't enough for the 2K sockets opened by the stress test plus the 100 or
-so normally in use on my system.
-
-So I'd just suggest adding a note to the NSS test webpage to the effect of "The
-SSL stress test opens 2,048 TCP connections in quick succession. Kernel data
-structures may remain allocated for these connections for up to two minutes.
-Some systems may not be configured to allow this many simulatenous connections
-by default; if the stress tests fail, try increasing the number of simultaneous
-sockets supported."
-
-On FreeBSD, you can display the number of simultaneous sockets with the command
- sysctl kern.ipc.maxsockets
-which on my system returns 1064.
-
-It looks like this can be fixed with the kernel config option
- options NMBCLUSTERS=[something-large]
-or by increasing the 'maxusers' parameter.
-
-It looks like more recent FreeBSD implementations still have this limitation,
-and the same solutions apply, plus you can alternatively specify the maxsockets
-parameter in the boot loader.
-
-
----------------------------------
-
-hpux HP-UX hp64 B.11.00 A 9000/800 2014971275 two-user license
-
-we had to change following kernelparameters to make our tests pass
-
-1. maxfiles. old value = 60. new value = 100.
-2. nkthread. old value = 499. new value = 1328.
-3. max_thread_proc. old value = 64. new value = 512.
-4. maxusers. old value = 32. new value = 64.
-5. maxuprc. old value = 75. new value = 512.
-6. nproc. old formula = 20+8*MAXUSERS, which evaluated to 276.
- new value (note: not a formula) = 750.
-
-A few other kernel parameters were also changed automatically
-as a result of the above changes.
-
-
diff --git a/security/nss/tests/doc/qa_wrapper.html b/security/nss/tests/doc/qa_wrapper.html
deleted file mode 100755
index 755cca236..000000000
--- a/security/nss/tests/doc/qa_wrapper.html
+++ /dev/null
@@ -1,269 +0,0 @@
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; U; SunOS 5.8 sun4u) [Netscape]">
-</head>
-<body text="#000000" bgcolor="#FFFFFF" link="#0000EE" vlink="#551A8B" alink="#FF0000">
-
-<h3>
-<b><font face="Times New Roman,Times">Author Sonja Mirtitsch</font></b></h3>
-
-<h3>
-<b><font face="Times New Roman,Times">Last updated: 4/4/2001</font></b></h3>
-
-<h1>
-<b><font face="Times New Roman,Times">NSS 3.2.QA Wrapper</font></b></h1>
-
-<p><br>The QA&nbsp; wrapper tests the nightly builds of NSS. The actual
-tests are being run are called from the QA script all.sh. I will add documentation
-for the actual QA soon. The main purpose of the wrapper is: find out which
-build (NSS version, date, Build Platform) to test on which machine (OS,
-OS version) and construct a summary report, which is then mailed to the
-nss developers (aka mailing list nss-qa-report@netscape.com). Please see
-also the <a href="#advertisement">feature</a> section.
-<p><a href="#nssqa">nssqa</a>&nbsp; - the script that calls the actual
-qa script all.sh
-<br><a href="#qa_stat">qa_stat</a> - sends out status reports
-<br><a href="#qaclean">qaclean</a>&nbsp; - if everything else fails
-<p>Sample <a href="/u/sonmi/doc/publish/glob_result.html">global result</a>,
-<a href="/u/sonmi/doc/publish/results.html">individual result </a>and <a href="/u/sonmi/doc/publish/output.log">log
-files</a>
-<p>The QA wrapper consistst mainly of scripts, most located in security/nss/tests
-and subdirectories, but run from /u/sonmi/bin
-<p>nssqa and qa_stat, the main scripts both include a common header (<a href="../header">header</a>)
-and a common environment (<a href="../set_environment">set_environment</a>).
-<br>Also used is <a href="../mksymlinks">mksymlinks</a> and <a href="../path_uniq">path_uniq</a>
-and <a href="#qaclean">qaclean</a>.
-<p>The scripts that are used on a daily basis are located in /u/sonmi/bin
-and checked into security/nss/tests
-<p>Parameters and Options are the same for most scripts.
-<p><a NAME="Parameters"></a><b><u><font size=+1>Parameters</font></u></b>
-<br>&nbsp;&nbsp;&nbsp; nssversion (supported: 30b, 31, tip, default tip)
-<br>&nbsp;&nbsp;&nbsp; builddate (default - today, format mmdd)
-<p><a NAME="Options"></a><b><u><font size=+1>Options</font></u></b>
-<br>&nbsp;&nbsp;&nbsp; -y answer all questions with y - use at your own
-risk... ignores warnings
-<br>&nbsp;&nbsp;&nbsp; -s silent (only usefull with -y)
-<br>&nbsp;&nbsp;&nbsp; -h, -? -help you guessed right - displays the usage
-<br>&nbsp;&nbsp;&nbsp; -d debug
-<br>&nbsp;&nbsp;&nbsp; -f &lt;filename> - write the (error)output to filename
-<br>&nbsp;&nbsp;&nbsp; -fcron writes resultfile in the same location as
-would the -cron
-<br>&nbsp;&nbsp;&nbsp; -m &lt;mailinglist> - send filename to mailinglist
-(csl) only useful
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; with -f on nssqa
-<br>&nbsp;&nbsp;&nbsp; -l &lt;mozroot> run on a local build - does not
-work at this time
-<br>&nbsp;&nbsp;&nbsp; -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.&lt;scriptname>
-<br>&nbsp;
-<p>Please be aware that some iPlanet specific environments and features
-are being used.
-<p>-d Debug option might be removed from cron in a few weeks - or maybe
-not
-<br>-l QA on local build is not fully implemented yet - will not be implemented,
-all.sh can be called directly instead
-<p>Please do not use on Windows 95 and 98, ME platforms yet.
-<p>use -d if script behaves strange or exits unexpectedly
-<p><b><font size=+1>How to use the QA-wrapper</font></b>
-<br>To test a build, first run nssqa on the required QA platforms (some
-buildplatforms require QA to be run on additional platforms - for example
-Solaris 2.6 has to be tested on 2.8 32 and 64bit) If QA has been run on
-multiple or all required platforms it makes sense to run qa_stat on the
-output of nssqa as well.
-<br>Before used on a new system (even if the same platform has been tested
-before) please use completely interactive, to see what the variables are
-being initialized to, and read the warnings. Same is true if being run
-from a different user account than svbld.
-<p>In any case, if you are using it, please let me know the results.
-<p><a NAME="nssqa"></a><b><u><font size=+1>nssqa:</font></u></b>
-<p>the script that calls the actual qa script all.sh
-<p>nssqa <a href="#Parameters">parameters</a> and&nbsp; <a href="#Options">options</a>
-<p><a href="../nssqa">view the script</a>
-<p><b><u><font size=+1>Pseudocode Description of nssqa</font></u></b>
-<br>not quite up to date
-<p>&nbsp;&nbsp;&nbsp; header:init (global)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set flags and variables
-to default values
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; signal trap (for interupts
-and kills)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set HOST and DOMSUF variables
-if running from cron
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; parse parameters and options
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; determine os and set up
-the environment (espec. PATH)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set the directories to run
-in (influenced by parameters and -l option)<br>
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set the directories for backward
-compatibility testing
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set and initialize the tmp
-/ debugging / output files
-<p>&nbsp;&nbsp;&nbsp; nssqa:init (local)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; locking: if nssqa is already
-running on this systems (yes-exit,
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-no-lockfile)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set HOST and DOMSUF variables
-if running interavtively
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set flag to kill remaining
-selfserv processes during cleanup
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if QA platform different
-from build platform create neccessary
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-symbolic links
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; wait for the build to finish
-(max of 5h)
-<p>&nbsp;&nbsp;&nbsp; main:
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; repeated per test (optimized,
-debug, 32, 64 bit)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-set flags for this run of all.sh (optimized, debug, 32, 64 bit)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-set the DIST directory (where the binaries reside)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-kill running selfservers (sorry - just don't use the svbld
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-account if you need to do your own testing... I will fix
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-selfserv as soon as I can - but it hangs too often and
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-disturbs all following QA)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-run all.sh
-<p>&nbsp;&nbsp;&nbsp; header:exit (global)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; remove temporary files
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; kill remaining selfservers
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; send email to the list
-<br>&nbsp;
-<p>&nbsp;&nbsp;&nbsp; errorhandling
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Option / Parameter errors:
-Exit with usage information
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Severe errors: Exit wit errormessage
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-example: directory in which all.sh resides does not exist
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-can't create files or directories
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-build not done after 5 hours
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-is already running
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Other errors: User is prompted
-with the "errormessage - continue (y/n)?"
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-example: local DIST dir does not exist (continues with next all.sh)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-outputdirectory does not exist (user can specify other)
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Signals 2, 3, 15 are treated
-as severe errors
-<br>&nbsp;
-<br>&nbsp;
-<br>&nbsp;
-<p><img SRC="clean.gif" height=129 width=92 align=LEFT><a NAME="qaclean"></a><b><u><font size=+2>qaclean:</font></u></b>/u/sonmi/bin/qaclean
-<br>&nbsp;
-<p>Use qaclean as user "svbld" to get the propper permissions. It is supposed
-to clean up after a "hanging" QA and will also brutally kill, interupt
-and disturb any other nss related test or performance meassurement on the
-named machine. NT and 2000 might require an additional reboot, since the
-ps is not so good about telling us the actual programmname - so we can't
-kill them... Please note that this is a brute force script, it should not
-be used on a regular basis, file a bug whenever you have to use it, since
-hanging QA is nothing that should occur frequently
-<p>&nbsp;<a href="../qaclean">view the script</a>
-<p>What it does:
-<ol>
-<li>
-see if there is a lockfile (/tmp/nssqa.$$ or $TMP/nssqa.$$)</li>
-
-<br>if yes:
-<ol>kill the process of the lockfile <font color="#666666">(future expansion
-and if possible it's children )</font>
-<br>rm the lockfile</ol>
-
-<li>
-kill selfservers</li>
-
-<li>
-kill whatever other qa related processes might be hanging</li>
-
-<li>
-clean up tmp files</li>
-</ol>
-<b>QAClean Parameters:</b>
-<br>&nbsp;&nbsp;&nbsp; machinename.
-<br>&nbsp;&nbsp;&nbsp; for example
-<br>&nbsp;&nbsp;&nbsp; qaclean kentuckyderby
-<br>&nbsp;&nbsp;&nbsp; started on any machine, will clean up on kentuckyderby
-<p><a NAME="qa_stat"></a><b><u><font size=+2>qa_stat</font></u></b>
-<p>qa_stat is the script that is being started from the svbld cron on kentuckyderby
-every morning at 10:00 and runs some (very primitive) analysis on the qa
-results.
-<br>I'd like to rewrite the whole thing in perl, and in a few weeks I might
-just do this...
-<p>&nbsp;<a href="../qa_stat">view the script</a>
-<p>qa_stat <a href="#Parameters">parameters</a> and&nbsp; <a href="#Options">options</a>
-<p><a NAME="advertisement"></a><b><u><font size=+1>Why we need the QA wrapper</font></u></b>
-<p>We need the new QA wrapper, because we have to test on so many platforms,
-that running the tests and evaluating the results for the nightly builds
-took about an average workday.
-<p><b><font size=+1>New Features:</font></b>
-<ul>
-<li>
-runs from <b>cron</b> / rsh or <b>interactive</b> if desired</li>
-
-<li>
-generates <b>summary</b> (no need to look through 60-90 directories)</li>
-
-<li>
-sends <b>email</b> about results</li>
-
-<li>
-automatically <b>recognizes common errors</b> and problems and conflicts
-and corrects them</li>
-
-<br>(or attempts to correct them :-)
-<li>
-automatically determines <b>which build </b>to test (waits if build in
-progress, exits if no build)</li>
-
-<li>
-runs on <b>all required platforms</b> (Windows 98 and before not functional
-yet)</li>
-
-<li>
-Windows version runs on <b>free Cygnus</b> as well as on MKS</li>
-
-<li>
-debug mode, normal mode and silent mode</li>
-
-<li>
-<b>locking</b> mechanism so it won't run twice</li>
-
-<li>
-<b>cleanup</b> after being killed and most errors (no remaining selfservers,
-tmpfiles, lock files)</li>
-</ul>
-The 1st script is started via cron between 5:00 and 8:00 am on different
-systems, and starts QA on the nightly build. At 10:00 the next script is
-started, and sends a QA summary to the nss developers.
-<p><b>Cygnus Advantages</b>:
-<ul>
-<li>
-<b>free</b></li>
-
-<li>
-better handling of <b>processes</b> (background, processIDs, Signals)</li>
-
-<li>
-Unix / Linux <b>compatible</b> sh / bash</li>
-</ul>
-<b>Disadvantages</b>
-<ul>
-<li>
-MKS functionality needs to be preserved (makes <b>8 Windows platforms</b>
-instead of 4 for the QA suites - makes 32 testruns on Windows alone)</li>
-
-<br>In certain functionality's <b>slow</b>
-<br><b></b>&nbsp;</ul>
-<b>Porting the windows QA&nbsp;to Uwin as well is also being considered</b>
-</body>
-</html>
diff --git a/security/nss/tests/fips/fips.sh b/security/nss/tests/fips/fips.sh
deleted file mode 100755
index 5e8d994a9..000000000
--- a/security/nss/tests/fips/fips.sh
+++ /dev/null
@@ -1,216 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/fips/fips.sh
-#
-# Script to test basic functionallity of NSS in FIPS-compliant mode
-#
-# needs to work on all Unix and Windows platforms
-#
-# tests implemented:
-#
-# special strings
-# ---------------
-#
-########################################################################
-
-############################## fips_init ##############################
-# local shell function to initialize this script
-########################################################################
-fips_init()
-{
- SCRIPTNAME=fips.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . ./init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . ./cert.sh
- fi
- SCRIPTNAME=fips.sh
- html_head "FIPS 140-1 Compliance Tests"
-
- grep "SUCCESS: FIPS passed" $CERT_LOG_FILE >/dev/null || {
- Exit 15 "Fatal - FIPS of cert.sh needs to pass first"
- }
-
- COPYDIR=${FIPSDIR}/copydir
-
- R_FIPSDIR=../fips
- P_R_FIPSDIR=../fips
- R_COPYDIR=../fips/copydir
-
- if [ -n "${MULTIACCESS_DBM}" ]; then
- P_R_FIPSDIR="multiaccess:${D_FIPS}"
- fi
-
- mkdir -p ${FIPSDIR}
- mkdir -p ${COPYDIR}
-
- cd ${FIPSDIR}
-}
-
-############################## fips_140_1 ##############################
-# local shell function to test basic functionality of NSS while in
-# FIPS 140-1 compliant mode
-########################################################################
-fips_140_1()
-{
- echo "$SCRIPTNAME: Verify this module is in FIPS mode -----------------"
- echo "modutil -dbdir ${P_R_FIPSDIR} -list"
- modutil -dbdir ${P_R_FIPSDIR} -list 2>&1
- modutil -dbdir ${P_R_FIPSDIR} -chkfips true 2>&1
- html_msg $? 0 "Verify this module is in FIPS mode (modutil -chkfips true)"
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${P_R_FIPSDIR} -L"
- certutil -d ${P_R_FIPSDIR} -L 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: List the FIPS module keys -------------------------"
- echo "certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
- certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module keys (certutil -K)"
-
- echo "$SCRIPTNAME: Attempt to list FIPS module keys with incorrect password"
- echo "certutil -d ${P_R_FIPSDIR} -K -f ${FIPSBADPWFILE}"
- certutil -d ${P_R_FIPSDIR} -K -f ${FIPSBADPWFILE} 2>&1
- RET=$?
- html_msg $RET 255 "Attempt to list FIPS module keys with incorrect password (certutil -K)"
- echo "certutil -K returned $RET"
-
- echo "$SCRIPTNAME: Validate the certificate --------------------------"
- echo "certutil -d ${P_R_FIPSDIR} -V -n ${FIPSCERTNICK} -u SR -e -f ${R_FIPSPWFILE}"
- certutil -d ${P_R_FIPSDIR} -V -n ${FIPSCERTNICK} -u SR -e -f ${R_FIPSPWFILE}
- html_msg $? 0 "Validate the certificate (certutil -V -e)"
-
- echo "$SCRIPTNAME: Export the certificate and key as a PKCS#12 file --"
- echo "pk12util -d ${P_R_FIPSDIR} -o fips140.p12 -n ${FIPSCERTNICK} -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE}"
- pk12util -d ${P_R_FIPSDIR} -o fips140.p12 -n ${FIPSCERTNICK} -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Export the certificate and key as a PKCS#12 file (pk12util -o)"
-
- echo "$SCRIPTNAME: Export the certificate as a DER-encoded file ------"
- echo "certutil -d ${P_R_FIPSDIR} -L -n ${FIPSCERTNICK} -r -o fips140.crt"
- certutil -d ${P_R_FIPSDIR} -L -n ${FIPSCERTNICK} -r -o fips140.crt 2>&1
- html_msg $? 0 "Export the certificate as a DER (certutil -L -r)"
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${P_R_FIPSDIR} -L"
- certutil -d ${P_R_FIPSDIR} -L 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: Delete the certificate and key from the FIPS module"
- echo "certutil -d ${P_R_FIPSDIR} -F -n ${FIPSCERTNICK} -f ${R_FIPSPWFILE}"
- certutil -d ${P_R_FIPSDIR} -F -n ${FIPSCERTNICK} -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Delete the certificate and key from the FIPS module (certutil -D)"
-
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${P_R_FIPSDIR} -L"
- certutil -d ${P_R_FIPSDIR} -L 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: List the FIPS module keys."
- echo "certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
- certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
- # certutil -K now returns a failure if no keys are found. This verifies that
- # our delete succeded.
- html_msg $? 255 "List the FIPS module keys (certutil -K)"
-
- echo "$SCRIPTNAME: Import the certificate and key from the PKCS#12 file"
- echo "pk12util -d ${P_R_FIPSDIR} -i fips140.p12 -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE}"
- pk12util -d ${P_R_FIPSDIR} -i fips140.p12 -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Import the certificate and key from the PKCS#12 file (pk12util -i)"
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${P_R_FIPSDIR} -L"
- certutil -d ${P_R_FIPSDIR} -L 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: List the FIPS module keys --------------------------"
- echo "certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
- certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module keys (certutil -K)"
-
-#
-# This test was interfering with QA running on more than one machine pointing
-# to the same binary file. Turn it off for now.
-#
-# echo "$SCRIPTNAME: Detect mangled database --------------------------"
-# SOFTOKEN=${DIST}/${OBJDIR}/lib/${DLL_PREFIX}softokn3.${DLL_SUFFIX}
-# echo "cp ${SOFTOKEN} ${TMP}/softokn3.sav"
-# cp ${SOFTOKEN} ${TMP}/softokn3.sav
-# echo "mangling ${SOFTOKEN}"
-# echo "mangle -i ${SOFTOKEN} -o 60000 -b 5"
-# mangle -i ${SOFTOKEN} -o 60000 -b 5 2>&1
-# if [ $? -eq 0 ]; then
-# echo "dbtest -r -d ${P_R_FIPSDIR} "
-# suppress the expected failure message
-# dbtest -r -d ${P_R_FIPSDIR} > ${TMP}/dbtestoutput.txt 2>&1
-# html_msg $? 46 "Init NSS with a corrupted library (dbtest -r)"
-# echo "cp ${TMP}/softokn3.sav ${SOFTOKEN}"
-# cp ${TMP}/softokn3.sav ${SOFTOKEN}
-# else
-# html_msg 0 0 "Skipping corruption test, can't open ${DLL_PREFIX}softokn3.${DLL_SUFFIX}"
-# fi
-# echo "rm ${TMP}/softokn3.sav"
-# rm ${TMP}/softokn3.sav
-}
-
-############################## fips_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-fips_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-fips_init
-
-fips_140_1
-fips_cleanup
-
diff --git a/security/nss/tests/header b/security/nss/tests/header
deleted file mode 100644
index 3c70fad4a..000000000
--- a/security/nss/tests/header
+++ /dev/null
@@ -1,1624 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/header - /u/svbld/bin/init/nss/header
-#
-# variables, utilities and shellfunctions global to NSS QA
-# needs to work on all Unix platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-# qa_stat
-# mksymlinks
-# nssqa
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, 332, tip 32)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk... ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -fcronfile produces the resultfiles in the same locations
-# as would have been produced with -cron
-# -m <mailinglist> - send filename to mailinglist (csl) only useful
-# with -f
-# -ml <mailinglist> - send link to filename to mailinglist (csl)
-# only useful with -f
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.<scriptname>
-# -t run on a tinderbox build that means: local, from the startlocation
-# -l <mozroot directory> run on a local build mozroot
-# -ln <mozroot> copy a networkbuild to a local directory mozroot,
-# used for networkindipendend QA
-# -lt try to copy a networkbuild to a local directory, if not possible
-# run on the network
-# used for networkindipendend QA
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# moduls (not yet)
-# ----------------
-# --# INIT
-# --# USERCOM
-# --# UTILS
-#
-# FIXME - split in init / usercom / utils
-#
-########################################################################
-
-#------------------------------# INIT #------------------------------
-
-# below the option flags get initialized
-
-if [ -z "$QASCRIPT_DIR" ]
-then
- QASCRIPT_DIR=`dirname $0`
- if [ "$QASCRIPT_DIR" = '.' ]
- then
- QASCRIPT_DIR=`pwd`
- fi
-fi
-export QASCRIPT_DIR
-
-O_HWACC=OFF
-if [ -z "$O_ALWAYS_YES" ] ; then
- O_ALWAYS_YES=OFF # turned on by -y answer all questions with y
-fi
-
-if [ -z "$O_INIT" ] # header is global, some including scripts may not
-then # want the init to run, the others don't need to bother
- O_INIT=ON
-fi
-if [ -z "$O_PARAM" ] # header is global, some including scripts may not
-then # require parameters, the others don't need to bother
- O_PARAM=ON
-fi
-if [ -z "$O_OPTIONS" ] # header is global, some including scripts may not
-then # permit options, they don't need to bother
- O_OPTIONS=OFF
-fi
-O_SILENT=OFF # turned on by -s silent (only usefull with -y)
-if [ -z "$O_DEBUG" ] ; then
- O_DEBUG=OFF # turned on by -d - calls to Debug produce output when ON
-fi
-O_FILE=OFF # turned on by -f echo all output to a file $FILENAME
-O_CRON=OFF # turned on by -cron cron use only
-O_CRONFILE=OFF # turned on by -cron cron and -fcron
-O_LOCAL=OFF # turned on by -l* run on a local build in $LOCAL_MOZROOT
-O_LN=OFF # turned on by -ln and -lt, test a networkbuild locally
-O_MAIL=OFF # turned on by -m - sends email
-O_MAIL_LINK=OFF # turned on by -ml - sends email
-O_TBX=OFF # turned on by -t run on a tinderbox build
- # that means: local, from the startlocation
-
-if [ -z "$DOMSUF" ]
-then
-
- DOMSUF=red.iplanet.com
- DS_WAS_SET=FALSE
-else
- DS_WAS_SET=TRUE
-fi
-
-TMPFILES=""
-
-WAIT_FOR=600 # if waiting for an event sleep n seconds before rechecking
- # recomended value 10 minutes 600
-WAIT_TIMES=30 # recheck n times before giving up - recomended 30 - total of 5h
-
-if [ -z "$QAYEAR" ] # may I introduce - the y2k+1 bug? QA for last year
-then # might not work
- QAYEAR=`date +%Y`
-fi
-
-if [ -z "$TMP" ]
-then
- if [ -z "$TEMP" ]
- then
- TMP="/tmp"
- else
- TMP=$TEMP
- fi
-fi
-if [ ! -w "$TMP" ]
-then
- echo "Can't write to tmp directory $TMP - exiting"
- echo "Can't write to tmp directory $TMP - exiting" >&2
- exit 1
-fi
-
-KILLPIDS="$TMP/killpids.$$"
-export KILLERPIDS
-TMPFILES="$TMPFILES $KILLPIDS"
-
-KILL_SELFSERV=OFF # if sourcing script sets this to on cleanup will also
- # kill the running selfserv processes
-
- # Set the masterbuilds
-if [ -z "$UX_MASTERBUILD" ]
-then
- UX_MASTERBUILD=booboo_Solaris8
- #if [ ! -d $UX_MASTERBUILD ] ; then
- #UX_MASTERBUILD=booboo_Solaris8_forte6
- #fi
- UX_MB_WAS_SET=FALSE
-else
- UX_MB_WAS_SET=TRUE
-fi
-if [ -z "$NT_MASTERBUILD" ]
-then
- NT_MASTERBUILD=blowfish_NT4.0_Win95
- NT_MB_WAS_SET=FALSE # in this case later functions can override if
- # they find a different build that looks like NT
-else
- NT_MB_WAS_SET=TRUE
-fi
-if [ -z "$MASTERBUILD" ]
-then
- MASTERBUILD=$UX_MASTERBUILD
-fi
-
- # Set the default build
-if [ -z "$BUILDNUMBER" ]
-then
- BUILDNUMBER=1
-fi
-export BUILDNUMBER
-O_LDIR=OFF #local QA dir for NT, temporary
-
-if [ -z "$WIN_WAIT_FOREVER" ] # header is global, some including scripts
-then # want the init to wait forever for directories to
- # appear (windows only) if OFF exit, if ON wait forever
- WIN_WAIT_FOREVER=OFF
-fi
-
- # NOTE: following variables have to change
- # from release to release
-if [ -z "$BC_MASTER" ] # master directory for backwardscompatibility testing
-then
- RH="NO"
- grep 7.1 /etc/redhat-release > /dev/null 2>/dev/null && RH="YES"
- grep 7.2 /etc/redhat-release > /dev/null 2>/dev/null && RH="YES"
-
- if [ "$RH" = "YES" ]
- then # NSS-3-3-1RTM
- BC_UX_MASTER=nss331/builds/20010928.2.331-RTM/booboo_Solaris8
- BC_NT_MASTER=nss331/builds/20010928.2.331-RTM/blowfish_NT4.0_Win95
- else # NSS-3-2-2RTM
- BC_UX_MASTER=nss322/builds/20010820.1/y2sun2_Solaris8
- BC_NT_MASTER=nss322/builds/20010820.1/blowfish_NT4.0_Win95
- fi
- BC_MASTER=$BC_UX_MASTER
- BC_MASTER_WAS_SET=FALSE
-else
- BC_MASTER_WAS_SET=TRUE
-fi
-BC_RELEASE=3.2
-export BC_RELEASE
-
-EARLY_EXIT=TRUE #before the report file has been created, causes Exit to
- #create it
-
-UX_D0=/share/builds/mccrel3/nss
-
-################################### glob_init ##########################
-# global shell function, main initialisation function
-########################################################################
-glob_init()
-{
- if [ $O_PARAM = "ON" ] ; then
- eval_opts $* # parse parameters and options - set flags
- fi
- # if running from cron HOST needs to be known early,
- init_host # so the output file name can be constructed.
- Debug "Setting up environment...( $QASCRIPT_DIR/set_environment) "
- . $QASCRIPT_DIR/set_environment #finds out if we are running on Windows
- Debug "OPerating system: $os_name $os_full"
- umask 0
- init_dirs
- init_files
- init_vars
-}
-
-################################### init_vars ###########################
-# global shell function, sets the environment variables, part of init
-########################################################################
-init_vars()
-{
- if [ -z "$LOGNAME" ]
- then
- if [ $O_WIN = "ON" ]
- then
- LOGNAME=$USERNAME
- else
- LOGNAME=$USER
- fi
- if [ -z "$LOGNAME" ]
- then
- LOGNAME=$UNAME
- if [ -z "$LOGNAME" ]
- then
- LOGNAME=`basename $HOME`
- fi
- fi
- fi
- if [ -z "$LOGNAME" ]
- then
- Exit "Can't determine current user"
- fi
- case $HOST in
- iws-perf)
- O_HWACC=ON
- HWACC_LIST="rainbow ncipher"
- #MODUTIL="-add rainbow -libfile /usr/lib/libcryptoki22.so"
- export HWACC_LIST
- ;;
- *)
- O_HWACC=OFF
- ;;
- esac
- export O_HWACC
-}
-
-########################################################################
-# functions below deal with setting up the directories and PATHs for
-# all different flavors of OS (Unix, Linux, NT MKS, NT Cygnus) and QA
-# (Standard, local tinderbox)
-########################################################################
-
-########################## find_nt_masterbuild #########################
-# global shell function, sets the nt masterbuild directories, part of init
-########################################################################
-find_nt_masterbuild()
-{
- NT_MASTERDIR=${DAILY_BUILD}/${NT_MASTERBUILD}
- if [ "${NT_MB_WAS_SET}" = "FALSE" -a ! -d $NT_MASTERDIR ] ; then
- if [ -d ${DAILY_BUILD}/*NT4* ] ; then
- NT_MASTERBUILD=` cd ${DAILY_BUILD}; ls -d *NT4* `
- Debug "NT_MASTERBUILD $NT_MASTERBUILD"
- NT_MASTERDIR=${DAILY_BUILD}/${NT_MASTERBUILD}
- fi
- fi
- Debug "NT_MASTERDIR $NT_MASTERDIR"
-}
-
-################################### set_daily_build_dirs ###########################
-# global shell function, sets directories
-########################################################################
-set_daily_build_dirs()
-{
- if [ "$O_LOCAL" = "ON" -a "$O_LN" = "OFF" ] ; then
- DAILY_BUILD=${LOCAL_MOZROOT} # on local builds NSS_VER_DIR and DAILY_BUILD are
- # set to the LOCAL_MOZROOT, since it is not sure
- # if ../.. (DAILY_BUILD) even exists
- LOCALDIST=${LOCAL_MOZROOT}/dist
- elif [ "$O_TBX" = "ON" ] ; then
- DAILY_BUILD="$TBX_DAILY_BUILD"
- LOCALDIST=${UXDIST}
- else
- DAILY_BUILD=${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.${BUILDNUMBER}
- LOCALDIST=${DAILY_BUILD}/${MASTERBUILD}/mozilla/dist
- fi
-}
-
-map_os64()
-{
- IS_64=""
- case `uname -s` in
- #OSF1) has been done already - always 64 bit
- SunOS)
- MAPPED_OS=Solaris*8
- IS_64=`(isainfo -v | grep 64)>/dev/null 2>/dev/null && echo 64 bit`
- if [ "$O_TBX" = "OFF" ] ; then
- set_osdir
- if [ -n "$IS_64" ]
- then #Wait for the 64 bit build to finish...
- Debug Testing build for $MAPPED_OS in $OSDIR
- Wait ${OSDIR}/SVbuild.InProgress.1 0
- fi
- fi
- ;;
- AIX)
- IS_64=`lslpp -l | grep "bos.64bit"> /dev/null && echo 64 bit`
- ;;
- HP-UX)
- IS_64=`getconf KERNEL_BITS | grep 64 >/dev/null && echo 64 bit`
- ;;
- esac
- Debug "Mapped OS to $MAPPED_OS"
-}
-
-
-
-################################### copy_to_local ########################
-# global shell function, copies the necessary directories from the
-# daily build aerea to the local disk
-########################################################################
-copy_to_local()
-{
- Debug "Copy network directories to local directories"
- C2L_ERROR=0
- if [ ! -d ${LOCAL_MOZROOT}/dist ] ; then
- mkdir -p ${LOCAL_MOZROOT}/dist || C2L_ERROR=1
- fi
- if [ ! -d ${LOCAL_MOZROOT}/security/nss ] ; then
- mkdir -p ${LOCAL_MOZROOT}/security/nss || C2L_ERROR=2
- fi
- if [ $C2L_ERROR != 0 ] ; then
- Exit "copy_to_local: Can t make necesssary directories ($C2L_ERROR ) "
- fi
- if [ ! -d ${LOCAL_MOZROOT}/security/nss/tests ] ; then
- cp -r ${TESTSCRIPTDIR} ${LOCAL_MOZROOT}/security/nss || C2L_ERROR=1
- fi
- if [ ! -d ${LOCAL_MOZROOT}/security/coreconf ] ; then
- cp -r ${MOZILLA_ROOT}/security/coreconf ${LOCAL_MOZROOT}/security || C2L_ERROR=2
- fi
-
- NO_DIRS=0;
- if [ "$O_WIN" = "ON" ] ; then
- OS_TARGET=WINNT;export OS_TARGET
- fi
- unset BUILD_OPT;export BUILD_OPT;
- unset USE_64;export USE_64;
-#FIXME only tested on 64 bit Solaris and only got 32 bit builds
- while [ $NO_DIRS -lt 4 ] ; do
- # first time thru: Debug 32 bit NT
- set_objdir
- Debug "Copying ${OBJDIR}..."
- if [ ! -d ${LOCAL_MOZROOT}/dist/${OBJDIR} ] ; then
- cp -r ${LOCALDIST}/${OBJDIR} ${LOCAL_MOZROOT}/dist || C2L_ERROR=3
- fi
- NO_DIRS=`expr $NO_DIRS + 1`
- if [ $NO_DIRS = 1 ] ; then # 2nd time: OPT 32 bit NT
- BUILD_OPT=1; export BUILD_OPT;
- elif [ $NO_DIRS = 2 ] ; then # 3rd time: OPT, either 64 bit or Win95 or force exit
- if [ "$O_WIN" = "ON" ] ; then
- OS_TARGET=WIN95;export OS_TARGET
- else
- map_os64
- if [ -z "$IS_64" ] ; then #32 bit platform
- NO_DIRS=4
- else
- USE_64=1; export USE_64
- fi
- fi
- elif [ $NO_DIRS = 3 ] ; then # 4th time: Debug either 64 bit or Win95
- unset BUILD_OPT;export BUILD_OPT;
- fi
-
-
- done
- if [ $C2L_ERROR != 0 ] ; then
- Exit "copy_to_local: Can t copy necesssary directories ($C2L_ERROR ) "
- fi
- unset TESTSCRIPTDIR
- unset TESTDIR
- unset RESULTDIR
- O_LN=OFF #from here on pretend it is regular -l local QA FIXME, might cause
- #problems with the backwardcompatibility tests
- Debug "Successfully copied network directories to local directories"
-}
-
-################################### local_dirs ###########################
-# global shell function, sets the directories for local QA
-########################################################################
-local_dirs()
-{
- Debug "Set directories for local QA"
- #if [ "$O_WIN" = "ON" ] ; then
- #win_set_tmp
- #fi
- NSS_VER_DIR=${LOCAL_MOZROOT} # on local builds NSS_VER_DIR and DAILY_BUILD are
- # set to the LOCAL_MOZROOT, since it is not sure
- # if ../../../.. (NSS_VER_DIR) even exists
- if [ -z "${RESULTDIR}" ] ; then # needs to be local as well
- Debug "Setting RESULTDIR for local QA"
- RESULTDIR="${LOCAL_MOZROOT}/tests_results/security/${HOST}-`date +%Y%m%d-%H.%M`"
- fi
- set_daily_build_dirs
- UX_MASTERDIR=`dirname ${LOCAL_MOZROOT}`
- NT_MASTERDIR=$UX_MASTERDIR
- MOZILLA_ROOT=${LOCAL_MOZROOT}
-
- UXDIST=${MOZILLA_ROOT}/dist
- NTDIST=${UXDIST}
-
- if [ -z "${TESTDIR}" ] ; then
- Debug "Setting TESTDIR for local QA"
- TESTDIR=${RESULTDIR}
- fi
- if [ -n "$TESTDIR" ] ; then
- if [ ! -d $TESTDIR ] ; then
- Debug "Making TESTDIR for local QA"
- mkdir -p $TESTDIR
- fi
- fi
- export TESTDIR
- Debug "RESULTDIR $RESULTDIR TESTDIR $TESTDIR"
-
- TESTSCRIPTDIR=${LOCAL_MOZROOT}/security/nss/tests
- COMMON=${TESTSCRIPTDIR}/common
-
- set_objdir
- debug_dirs
- export_dirs
-}
-
-
-################################### tbx_dirs ###########################
-# global shell function, sets the directories for tinderbox QA
-########################################################################
-tbx_dirs()
-{
- Debug "Set directories for tinderbox"
- if [ "$O_WIN" = "ON" ] ; then
- win_set_d1 # we need the NSS_VER_DIR later
- else
- NSS_VER_DIR="$UX_D0"/nss$NSSVER
- fi
- if [ -z "${RESULTDIR}" ] ; then # needs to be different for tinderbox
- Debug "Setting RESULTDIR for tinderbox"
- TBX_NOBITS=""
- echo $QASCRIPT_DIR | grep 64 >/dev/null && TBX_NOBITS=64
- TRD="${HOST}${TBX_NOBITS}-`date +%Y%m%d-%H.%M`"
- RESULTDIR="${NSS_VER_DIR}/tinderbox/tests_results/security/${TRD}"
- fi
- TBX_DAILY_BUILD=`cd ../../../../..;pwd`
- NSS_VER_DIR="${TBX_DAILY_BUILD}/../.."
- TBX_LOGFILE_DIR=`ls ${NSS_VER_DIR}/logs/tinderbox | sed -e 's/ .*//g'`
- if [ -z "$TBX_LOGFILE_DIR" ] ; then
- TBX_LOGFILE_DIR=`ls ${NSS_VER_DIR}/logs/tbx | sed -e 's/ .*//g'`
- TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tbx/${TBX_LOGFILE_DIR}"
- else
- TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/${TBX_LOGFILE_DIR}"
- fi
- Debug "Set TBX_LOGFILE_DIR ${TBX_LOGFILE_DIR}"
-
- set_daily_build_dirs
- UX_MASTERDIR=`cd ../../../..;pwd`
- NT_MASTERDIR=$UX_MASTERDIR
- MOZILLA_ROOT=$UX_MASTERDIR/mozilla
-
- UXDIST=${MOZILLA_ROOT}/dist
- NTDIST=${UXDIST}
-
- if [ -z "${TESTDIR}" ] ; then
- Debug "Setting TESTDIR for tinderbox"
- TESTDIR=${RESULTDIR}
- fi
- if [ -n "$TESTDIR" ] ; then
- if [ ! -d $TESTDIR ] ; then
- Debug "Making TESTDIR for tinderbox"
- mkdir -p $TESTDIR
- fi
- fi
- Debug "Making QAstatus file"
- echo "QA running" >${TESTDIR}/QAstatus
- export TESTDIR
- Debug "RESULTDIR $RESULTDIR TESTDIR $TESTDIR"
-
- TESTSCRIPTDIR=`pwd`
- COMMON=${TESTSCRIPTDIR}/common
-
- set_objdir
- debug_dirs
- export_dirs
-}
-
-################################### init_mcom ###########################
-# global shell function, sets domain specific variables for AOL's
-# domains according to Bishakha's instructions
-########################################################################
-init_mcom()
-{
- Debug "Running in mcom or netscape domain - changing directories..."
- if [ "${UX_MB_WAS_SET}" = "FALSE" ] ; then #in case it was set
- # before script was called use these values
- UX_MASTERBUILD=spd04_Solaris8
- fi
- if [ "${NT_MB_WAS_SET}" = "FALSE" ] ; then
- NT_MASTERBUILD=spd06_NT4
- fi
-
- MASTERBUILD=$UX_MASTERBUILD
- if [ "${BC_MASTER_WAS_SET}" = "FALSE" ] ; then
- BC_UX_MASTER=nss322/builds/20010820.1/y2sun2_Solaris8
- BC_NT_MASTER=nss322/builds/20010820.1/blowfish_NT4.0_Win95
- BC_MASTER=$BC_UX_MASTER
- fi
- UX_D0=/share/builds/sbsrel2/nss
-}
-################################### init_dirs ###########################
-# global shell function, sets the directories for standard QA
-# calls special functions for tinderbox, windows or local QA, part of init
-########################################################################
-init_dirs()
-{
- if [ ${DOMSUF} = "mcom.com" -o ${DOMSUF} = "netscape.com" ] ; then
- init_mcom
- fi
- if [ $O_WIN = "ON" ] ; then
- win_set_tmp
- write_to_tmpfile
- MASTERBUILD=$NT_MASTERBUILD
- BC_MASTER=$BC_NT_MASTER
- fi
- if [ "$O_LOCAL" = "ON" -a $O_LN = "OFF" ] ; then # if it is a LN we need to know
- # all the directories off the network first to copy them
- local_dirs # O_LOCAL alone assumes that all the directories are already there
- return
- elif [ "$O_TBX" = "ON" ] ; then
- tbx_dirs
- return
- elif [ "$O_WIN" = "ON" ] ; then
- win_set_d1
- else
- NSS_VER_DIR="$UX_D0"/nss$NSSVER
- fi
- #set -x
-
- set_daily_build_dirs
-
- if [ -z "${BCDIST}" ] ; then
- #BCDIST=/share/builds/mccrel3/nss/${BC_MASTER}/mozilla/dist
- BCDIST=${NSS_VER_DIR}/../${BC_MASTER}/mozilla/dist
- if [ ! -d $BCDIST -a `basename $0` != jssqa ] ; then
- ask "Backward compatibility directory $BCDIST does not exist, continue" "y" "n" || Exit
- fi
- fi
-
- UX_MASTERDIR=${DAILY_BUILD}/${UX_MASTERBUILD}
- find_nt_masterbuild
-
- if [ "$O_WIN" = "ON" ]
- then
- MOZILLA_ROOT=${NT_MASTERDIR}/mozilla
- else
- MOZILLA_ROOT=${UX_MASTERDIR}/mozilla
- fi
-
- UXDIST=${UX_MASTERDIR}/mozilla/dist
- NTDIST=${NT_MASTERDIR}/mozilla/dist
-
- if [ -z "${RESULTDIR}" ] ; then
- RESULTDIR=${UX_MASTERDIR}/mozilla/tests_results/security
- fi
-
- if [ -n "$PRODUCT_TO_TEST" -a "$PRODUCT_TO_TEST" = "JSS" ] ; then
-
- if [ "$O_WIN" = "ON" ] ; then
- JSS_NSS_SRC_DIR=$JSS_NSS_NT_SRC_DIR
- fi
- TESTSCRIPTDIR=${NSS_VER_DIR}/../${JSS_NSS_SRC_DIR}/mozilla/security/nss/tests
- else
- TESTSCRIPTDIR=${MOZILLA_ROOT}/security/nss/tests
- fi
-
- if [ ! -d $TESTSCRIPTDIR -a `basename $0` != jssqa ] ; then
- if [ "$O_WIN" = "ON" -a "$WIN_WAIT_FOREVER" = "ON" ]
- then
- WaitForever $TESTSCRIPTDIR/all.sh 1
- else
- Exit "Test directory $TESTSCRIPTDIR does not exist"
- fi
- fi
-
- COMMON=${TESTSCRIPTDIR}/common
- if [ "$O_LOCAL" = "ON" -a $O_LN = "ON" ] ; then # if it is a LN we need to know
- # all the directories off the network first to copy them
- copy_to_local
- local_dirs
- fi
- #set +x
-
-
- set_objdir
- debug_dirs
- export_dirs
-}
-
-debug_dirs()
-{
- Debug "NTDIST $NTDIST"
- Debug "UXDIST $UXDIST"
- Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
- Debug "RESULTDIR $RESULTDIR"
- Debug "TMP $TMP"
- Debug "LOCALDIST_BIN $LOCALDIST_BIN"
- Debug "COMMON $COMMON"
- Debug "MOZILLA_ROOT $MOZILLA_ROOT"
- Debug "BCDIST $BCDIST"
-}
-
-export_dirs()
-{
- export NSS_VER_DIR DAILY_BUILD NTDIST UXDIST RESULTDIR TESTSCRIPTDIR BCDIST
- export UX_MASTERDIR NT_MASTERDIR COMMON MOZILLA_ROOT
-}
-
-set_osdir()
-{
- OSDIR=${DAILY_BUILD}/*${MAPPED_OS}*
-}
-
-################################### init_files ###########################
-# global shell function, sets filenames, initializes files, part of init
-########################################################################
-init_files()
-{
- if [ $O_CRONFILE = "ON" ]
- then
- Debug "attempting to create resultfiles"
- if [ "$O_TBX" = "ON" ] ; then
- NEWFILENAME=${TBX_LOGFILE_DIR}/qa.log
- if [ ! -w ${TBX_LOGFILE_DIR} ] ; then
- Exit "can't touch $NEWFILENAME"
- fi
- else
- NEWFILENAME=$RESULTDIR/$HOST.`basename $0`
- fi
- if [ ! -d $RESULTDIR ]
- then
- mkdir -p $RESULTDIR || Exit "Error: can't make $RESULTDIR"
- fi
- if [ ! -w $RESULTDIR ] ; then
- Exit "can't touch $NEWFILENAME"
- fi
- Debug "About to touch $NEWFILENAME "
- touch $NEWFILENAME || Exit "Error: can't touch $NEWFILENAME"
- if [ "$O_TBX" = "ON" ] ; then
- echo "QA results in $RESULTDIR" >>$NEWFILENAME || Exit "Error: can't write to $NEWFILENAME"
- fi
- Debug "About to cat $FILENAME >>$NEWFILENAME "
- cat $FILENAME >>$NEWFILENAME || Exit "Error: can't append $FILENAME to $NEWFILENAME"
- TMPFILES="$TMPFILES $FILENAME"
- FILENAME=$NEWFILENAME
- Debug "Writing output to $FILENAME"
- fi
-
-}
-
-################################### write_to_tmpfile ##########################
-# global shell function, for NT and cron operation, first a tmpfile
-# needs to be created
-########################################################################
-write_to_tmpfile()
-{
- O_CRONFILE=ON
- O_FILE=ON
- FILENAME=${TMP}/nsstmp.$$ # for now write to the temporary file
- # since we don't know the hostname yet
- # will be inserted to the real file later
- TMPFILES="$TMPFILES nsstmp.$$"
- touch $FILENAME || Exit "Error: can't touch $FILENAME"
- Debug "Writing output to $FILENAME"
-}
-
-############################# turn_on_cronoptions ######################
-# global shell function, turns on options needed for cron and tinderbox
-########################################################################
-turn_on_cronoptions()
-{
- O_CRON=ON
- O_SILENT=ON
- O_DEBUG=ON # FIXME take out!
- O_ALWAYS_YES=ON
- write_to_tmpfile
-}
-
-########################## test_mozroot ##########################
-# global shell function, determines if the variable LOCAL_MOZROOT is set,
-# and is usable as mozilla root diretory for a local QA
-###################################################################
-test_mozroot()
-{
- PWD=`pwd`
- Debug "LOCAL_MOZROOT = $LOCAL_MOZROOT"
- case "$LOCAL_MOZROOT" in
- [0-9-]*|tip)
- glob_usage "Error: -"$1" requires a directoryname to follow (start with a letter) "
- ;;
- \.\.)
- LOCAL_MOZROOT=`dirname $PWD`
- ;;
- \.)
- LOCAL_MOZROOT=$PWD
- ;;
- \.\/*)
- LOCAL_MOZROOT=`echo $LOCAL_MOZROOT | sed -e "s/^\.//"`
- LOCAL_MOZROOT="${PWD}${LOCAL_MOZROOT}"
- ;;
- \.\.\/*)
- LOCAL_MOZROOT="${PWD}/${LOCAL_MOZROOT}"
- ;;
- \/*|[a-zA-Z]:\/*)
- ;;
- ?*)
- LOCAL_MOZROOT="${PWD}/${LOCAL_MOZROOT}"
- ;;
- *)
- glob_usage "Error: -"$1" requires a directoryname to follow"
- ;;
- esac
- Debug "Reformated MOZROOT to $LOCAL_MOZROOT"
- if [ "$1" = "ln" ] ; then
- LOCAL_MOZROOT_PARENT=`dirname $LOCAL_MOZROOT`
- if [ ! -d $LOCAL_MOZROOT_PARENT -o ! -w $LOCAL_MOZROOT_PARENT -o \
- ! -x $LOCAL_MOZROOT_PARENT ] ; then
- Exit "Error: Can't create $LOCAL_MOZROOT (permissions)"
- fi
- if [ ! -d "$LOCAL_MOZROOT" ] ; then
- mkdir $LOCAL_MOZROOT ||
- Exit "Error: Can't create mozroot $LOCAL_MOZROOT (mkdir failed)"
- else
- ask "mozroot $LOCAL_MOZROOT exists - continue (y will remove dir) ?" \
- "y" "n" || Exit
- rm -rf $LOCAL_MOZROOT/dist $LOCAL_MOZROOT/security $LOCAL_MOZROOT/tests_results ||
- Exit "Error: Can't clean mozroot $LOCAL_MOZROOT"
- fi
- fi
- if [ ! -d "$LOCAL_MOZROOT" ] ; then
- glob_usage "Error: mozilla root $LOCAL_MOZROOT not a valid directory"
- fi
-}
-
-################################### eval_opts ##########################
-# global shell function, evapuates options and parameters, sets flags
-# variables and defaults
-########################################################################
-eval_opts()
-{
- while [ -n "$1" ]
- do
- case $1 in
- -cron)
- turn_on_cronoptions
- ;;
- -T*|-t*)
- O_TBX=ON
- turn_on_cronoptions
- O_SILENT=OFF #FIXME debug only
- ;;
- -S*|-s*)
- O_SILENT=ON
- ;;
- -Y*|-y)
- Debug "Option -y dedectet"
- O_ALWAYS_YES=ON
- ;;
- -d*|-D)
- O_DEBUG=ON
- #set -x
- ;;
- -ml|-ML)
- O_MAIL_LINK=ON
- shift
- MAILINGLIST=$1
- if [ -z "$MAILINGLIST" ]
- then
- glob_usage "Error: -m requires a mailinglist to follow, for example sonmi,wtc,nelsonb "
- fi
- Debug "Sending link to result to $MAILINGLIST"
- ;;
- -m|-M)
- O_MAIL=ON
- shift
- MAILINGLIST=$1
- if [ -z "$MAILINGLIST" ]
- then
- glob_usage "Error: -m requires a mailinglist to follow, for example sonmi,wtc,nelsonb "
- fi
- Debug "Sending result to $MAILINGLIST"
- ;;
- -fcron*|-F[Cc][Rr][Oo][Nn]*)
- write_to_tmpfile
- ;;
- -f|-F)
- O_FILE=ON
- shift
- FILENAME=$1
- if [ -z "$FILENAME" ]
- then
- glob_usage "Error: -f requires a filename to follow"
- fi
- #rm -f $FILENAME 2>/dev/null
- touch $FILENAME || Exit "Error: can't touch $FILENAME"
- #NOTE we append rather that creating
- Debug "Writing output to $FILENAME"
- ;;
- -h|-help|"-?")
- glob_usage
- ;;
- -ln)
- if [ `basename $0` != nssqa ] ; then
- glob_usage "Error: Can't handle option $1"
- fi
- O_LOCAL=ON
- O_LN=ON
- shift
- LOCAL_MOZROOT=$1
- test_mozroot ln
- ;;
- -lt)
- if [ `basename $0` != nssqa ] ; then
- glob_usage "Error: Can't handle option $1"
- fi
- O_LN=ON
- O_LOCAL=ON
- ;;
- -l)
- if [ `basename $0` != nssqa ] ; then
- glob_usage "Error: Can't handle option $1"
- fi
- O_LOCAL=ON
- shift
- LOCAL_MOZROOT=$1
- test_mozroot l
- ;;
- -p)
- shift
- PORT=$1
- export PORT
- ;;
- -*)
- glob_usage "Error: Can't handle option $1"
- ;;
- tip|3.|3..)
- NSSVER=$1
- if [ -z "$NSSVER" ] ; then
- glob_usage "Error: illegal parameter"
- fi
- ;;
- [01][0-9][0123][0-9])
- BUILDDATE=$1
- if [ -z "$BUILDDATE" ] ; then
- glob_usage "Error: illegal parameter"
- fi
- ;;
- ?*)
- glob_usage "Error: Can't handle parameter $1"
- ;;
- esac
- shift
- done
-
- if [ -z "$PORT" -a "$O_TBX" = "ON" ] ; then
- PORT=8444
- export PORT
- if [ -z "$NSSVER" ] ; then
- NSSVER="tip"
- Debug "NSS Version: Parameters missing - defaulting to tip!"
- fi
- elif [ -z "$NSSVER" ] ; then
- NSSVER="tip"
- Debug "NSS Version: Parameters missing - defaulting to tip!"
- fi
- if [ -z "$BUILDDATE" ] ; then
- BUILDDATE=`date +%m%d`
- Debug "Builddate: Parameters missing - defaulting to today!"
- fi
-
- Debug "Builddate $BUILDDATE NssVersion $NSSVER"
- export BUILDDATE NSSVER
- export O_CRON O_SILENT O_DEBUG O_ALWAYS_YES O_TBX
-}
-
-win_set_tmp()
-{
- TMP=`echo "$TMP" | sed -e 's/ /\/t/g' -e 's//\/b/' -e 's/\\\/\//g'`
- Debug "TMP reformated to $TMP"
-}
-
-######################### win_set_d1 ################################
-# global shell function, interactively finds the directories in case
-# windows can't get to the default
-########################################################################
-win_set_d1()
-{
- Debug "set Windows Directories..."
- #win_set_tmp
- if [ "$O_CYGNUS" = ON ]
- then
- NSS_VER_DIR=/cygdrive/w/nss/nss$NSSVER
- else
- NSS_VER_DIR=w:/nss/nss$NSSVER
- fi
- if [ ! -w $NSS_VER_DIR ]
- then
- Echo "Windows special... can't write in $NSS_VER_DIR"
- if [ "$O_CYGNUS" = ON ]
- then
- NSS_VER_DIR=/cygdrive/u/nss/nss$NSSVER
- else
- NSS_VER_DIR="u:/nss/nss$NSSVER"
- fi
- else
- Debug "NSS_VER_DIR set to $NSS_VER_DIR"
- return
- fi
-
- while [ ! -w $NSS_VER_DIR ]
- do
- if [ "$O_CRONFILE" = "ON" ]
- then
- Exit "cant write in $NSS_VER_DIR"
- fi
- Warning "cant write in $NSS_VER_DIR"
- Echo "input start directory (u:/nss, d:/src/nss, f:/shared/nss) "
- read D
- if [ -n "$D" ]
- then
- NSS_VER_DIR=$D/nss$NSSVER
- fi
- done
- Debug "NSS_VER_DIR set to $NSS_VER_DIR"
-}
-
-########################### init_host ##################################
-# global shell function, sets required variables HOST and DOMSUF, and asks
-# the user if it has been set right
-########################################################################
-set_host()
-{
- init_host
-}
-init_host()
-{
- if [ `basename $0` != nssqa ] ; then
- return
- fi
-
- init_host_done=0
-
- if [ $DS_WAS_SET = FALSE ] #give chance to overwrite, espec. for NT
- then
- Debug "Domainname was not set..."
- DOMSUF=`domainname 2>/dev/null`
- if [ -z "$DOMSUF" ]
- then
- Debug "domainname command did not work ..."
- DOMSUF=`echo $HOST | grep '\.' | sed -e "s/[^\.]*\.//"`
-
- if [ -z "$DOMSUF" ]
- then
- Debug "Domainname not part of the hostname"
- DOMSUF=`cat /etc/defaultdomain 2>/dev/null`
- if [ -z "$DOMSUF" ]
- then
- Debug "Domainname needs to be hardcoded to red.iplanet.com"
- DOMSUF="red.iplanet.com"
- fi
- fi
- fi
- fi
- case $HOST in
- *\.*)
- Debug "HOSTNAME $HOST contains Dot"
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- esac
- if [ -z "$HOST" ]
- then
- HOST=`uname -n`
- case $HOST in
- *\.*)
- Debug "HOSTNAME $HOST contains Dot"
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- esac
- fi
- if [ $O_DEBUG = "ON" ]
- then
- while [ $init_host_done -eq 0 ]
- do
- Echo
- ask "DOMSUF=$DOMSUF, HOST=$HOST - OK", "y" "n" &&
- init_host_done=1
- if [ $init_host_done -eq 0 ]
- then
- Echo "input DOMSUF: "
- read D
- if [ -n "$D" ]
- then
- DOMSUF=$D
- fi
- Echo "input HOST: "
- read H
- if [ -n "$H" ]
- then
- HOST=$H
- fi
- fi
- done
- fi
- export HOST DOMSUF
- Debug "HOST: $HOST, DOMSUF: $DOMSUF"
-}
-
-#-----------------------------# UTILS #----------------------------------
-
-########################### qa_stat_get_sysinfo ########################
-# local shell function, tries to determine the QA operating system
-########################################################################
-qa_stat_get_sysinfo()
-{
- case $1 in
- ?*) REM_SYS=$1
- GET_SYSINFO="rsh $1"
- ;;
- *) REM_SYS=""
- GET_SYSINFO=""
- ;;
- esac
- QA_SYS=`$GET_SYSINFO uname -sr`
- echo $QA_SYS | grep Linux >/dev/null &&
- QA_RHVER=`$GET_SYSINFO cat /etc/redhat-release`
- if [ -n "$QA_RHVER" ]
- then
- QA_OS=`echo $REM_SYS $QA_RHVER | sed -e "s/Red Hat /RH /" \
- -e "s/ release//"`
- else
- case $QA_SYS in
- *SunOS*5.[89]*)
- ISAINFO=`$GET_SYSINFO isainfo -v`
- IS_64=`echo $ISAINFO | grep 64 >/dev/null && \
- echo 64 bit`
- IS_I386=`echo $ISAINFO | grep i386 >/dev/null && \
- echo i86pc`
- if [ -n "$IS_I386" ] ; then IS_64="$IS_I386"; fi;
- if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
- ;;
- *HP*)
- IS_64=`$GET_SYSINFO getconf KERNEL_BITS |
- grep 64 >/dev/null && echo 64 bit`
- if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
- ;;
- *AIX*)
- IS_64=`$GET_SYSINFO lslpp -l |
- grep "bos.64bit"> /dev/null && echo 64 bit`
- if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
- ;;
- esac
- QA_OS=`echo "$REM_SYS $QA_SYS $IS_64"`
- fi
- if [ "$O_SILENT" != ON ] ; then
- echo $QA_OS
- fi
- QA_OS_STRING=`echo $QA_OS | sed -e "s/^[_ ]//" -e "s/ /_/g"`
-}
-
-################################### set_objdir #########################
-# global shell function, sets the object directories and DIST
-########################################################################
-set_objdir()
-{
- Debug "set object dir"
- OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
- OS_ARCH=`cd ${TESTSCRIPTDIR}/common; gmake os_arch`
-
- #at this point $MASTERBUILD needs to be either NT or unix
-
- set_daily_build_dirs
- LOCALDIST_BIN=${LOCALDIST}/${OBJDIR}/bin
- DIST=$LOCALDIST
-
- if [ -z "${TEST_LEVEL}" ] ; then
- TEST_LEVEL=0
- fi
- bc ${TEST_LEVEL} #set the path for the backward compatibility test
-
- PATH_CONTAINS_BIN="TRUE"
- export PATH_CONTAINS_BIN
-
- export OBJDIR OS_ARCH LOCALDIST LOCALDIST_BIN DIST PATH
-}
-
-########################### bc #########################################
-# global shell function , sets paths for the backward compatibility test
-########################################################################
-bc()
-{
- if [ -n "$PRODUCT_TO_TEST" -a "$PRODUCT_TO_TEST" = "JSS" ] ; then
- TESTDIR=${RESULTDIR}
- BC_ACTION=""
- DON_T_SET_PATHS="FALSE" #let init.sh override - FIXME - check if necessary
- return
- fi
- DON_T_SET_PATHS="TRUE"
- case $1 in
- 0)
- #unset TESTDIR
- TESTDIR=${RESULTDIR}
- if [ "$O_WIN" = "ON" -a "$O_CYGNUS" != ON ] ; then
- PATH="$TESTSCRIPTDIR;$LOCALDIST_BIN;$BASEPATH"
- else
- PATH=$TESTSCRIPTDIR:$LOCALDIST_BIN:$BASEPATH
- fi
- BC_ACTION=""
- DON_T_SET_PATHS="FALSE" #let init.sh override - FIXME - check if necessary
- ;;
- *)
- if [ "$O_LOCAL" = "ON" ] ; then
- Exit "FIXME Can't run backwardcompatibility tests locally yet"
- fi
- TESTSCRIPTDIR=${BCDIST}/../security/nss/tests
- COMMON=${TESTSCRIPTDIR}/common
- TESTDIR=${RESULTDIR}/bct
- BC_ACTION="backward compatibility of binaries in $BC_MASTER to new libs"
- BCDIST_BIN=${BCDIST}/${OBJDIR}/bin
- LD_LIBRARY_PATH=${LOCALDIST}/${OBJDIR}/lib
- if [ "$O_WIN" = "ON" ] ; then
- if [ "$O_CYGNUS" = ON ] ; then
- PATH=$TESTSCRIPTDIR:$BCDIST_BIN:$BASEPATH:$LD_LIBRARY_PATH
- else
- PATH="$TESTSCRIPTDIR;$BCDIST_BIN;$BASEPATH;$LD_LIBRARY_PATH"
- fi
- else
- PATH=$TESTSCRIPTDIR:$BCDIST_BIN:$BASEPATH
- fi
- Debug "1st stage of backward compatibility test"
- ;;
- esac
- if [ -n "$TESTDIR" ] ; then
- if [ ! -d $TESTDIR ] ; then
- mkdir -p $TESTDIR
- fi
- export TESTDIR
- fi
- SHLIB_PATH=${LD_LIBRARY_PATH}
- LIBPATH=${LD_LIBRARY_PATH}
- Debug "PATH $PATH"
- Debug "LD_LIBRARY_PATH $LD_LIBRARY_PATH"
- export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
- export DON_T_SET_PATHS BC_ACTION
- export TESTSCRIPTDIR COMMON
-}
-
-########################### Ps #########################################
-# global shell function , attempts a platform specific ps
-########################################################################
-Ps()
-{
-#AIX, OSF ps -ef, solaris /usr/5bin/ps -ef, win ps -ef but no user id
-#linux ps -ef, HP
-
- if [ $os_name = "SunOS" ]
- then
- /usr/5bin/ps -ef
- else
- ps -ef
- fi
-}
-
-########################### kill_by_name ################################
-# global shell function , kills the process whose name is given as
-# parameter
-########################################################################
-kill_by_name()
-{
- for PID in `Ps | grep "$1" | grep -v grep | \
- sed -e "s/^ *//g" -e "s/^[^ ]* //" -e "s/^ *//g" -e "s/ .*//g"`
- do
- if [ $O_WIN = "ON" -a $O_CYGNUS = "ON" ]
- then
- ask "Do you want to kill Process $PID (`Ps | grep $PID | \
- grep -v grep | awk '{ print $1, $2, $6, $7, $8, $9 }' | \
- sed -e "s/[0-9]:[0-6][0-9]//g" | grep $PID `)" \
- "y" "n" && {
- kill $PID
- sleep 1
- kill -9 $PID 2>/dev/null
- }
- else
- ask "Do you want to kill Process $PID (`Ps | grep $PID | \
- grep -v grep | awk '{ print $1, $2, $8, $9, $10, $11 }' | \
- sed -e "s/[0-9]:[0-6][0-9]//g" | grep $PID `)" \
- "y" "n" && {
- kill $PID
- sleep 1
- kill -9 $PID 2>/dev/null
- }
- fi
- done
-}
-
-############################### early_exit ###################################
-# global shell function , attempts a little more usefull user notification
-# of a complete failure
-########################################################################
-
-early_exit()
-{
- if [ -z "$DOCDIR" ]
- then
- DOCDIR=`dirname $0`/../doc
- fi
- if [ -f $DOCDIR/QAerror.html ]
- then
- Debug "Found QA errorheader"
- rm ${FILENAME}.err 2>/dev/null
- cp $DOCDIR/QAerror.html ${FILENAME}.err
- echo "$1" >>${FILENAME}.err
- echo '</font></b></h1>' >>${FILENAME}.err
- if [ -n "$FILENAME" -a -f "$FILENAME" ]
- then
- cat $FILENAME | sed -e "s/^/<br>/" >>${FILENAME}.err
- fi
- echo '</body></html>' >>${FILENAME}.err
- cat ${FILENAME}.err | $RMAIL $MAILINGLIST
-
- rm ${FILENAME}.err 2>/dev/null
- #echo "cat ${FILENAME}.err | $RMAIL $MAILINGLIST "
- fi
-}
-
-############################### Exit ###################################
-# global shell function , central exiting point
-# cleanup: temporary files, kill the remaining selfservers if sourcing
-# script sets KILL_SELFSERV
-########################################################################
-Exit()
-{
- Echo $1
- if [ "$O_CRON" = "OFF" ]
- then
- echo $1 >&2
- fi
- if [ -f "${KILLPIDS}" ]
- then
- Debug "Attempting to kill background processes...`cat ${KILLPIDS}`"
- kill `cat "${KILLPIDS}"`
- sleep 1
- kill -9 `cat "${KILLPIDS}"`
- fi
- if [ -n "${TMPFILES}" ]
- then
- Debug "rm -f ${TMPFILES}"
- rm -f $TMPFILES 2>/dev/null
- fi
- O_ALWAYS_YES=ON # set to non-interactive - don't ask anymore questions here
- if [ $KILL_SELFSERV = "ON" ]
- then
- kill_by_name selfserv
- fi
- if [ $O_MAIL_LINK = "ON" -a $O_FILE = "ON" ]
- then
- if [ $EARLY_EXIT = TRUE ] #before the report file has been created
- then
- early_exit "$1"
- else
- head -3 $FILENAME >$ML_FILE
- echo "Content-Type: text/plain; charset=us-ascii; format=flowed
- Content-Transfer-Encoding: 7bit
-
-" >>$ML_FILE
- echo $HREF_TMP_HTML_FILE >>$ML_FILE
- cat $ML_FILE | $RMAIL $MAILINGLIST
- fi
-
-#FIXME - early exit etc
- elif [ $O_MAIL = "ON" -a $O_FILE = "ON" ]
- then
- if [ $EARLY_EXIT = TRUE ] #before the report file has been created
- then
- early_exit "$1"
- elif [ -n "$FILENAME" -a -f "$FILENAME" ]
- then
- cat $FILENAME | $RMAIL $MAILINGLIST
- fi
- #rm $FILENAME 2>/dev/null
- elif [ $O_MAIL = "ON" -a $EARLY_EXIT = TRUE ]
- then
- early_exit "$1"
- rm $FILENAME 2>/dev/null
- fi
- #chmod a+rw ${RESULTDIR} ${RESULTDIR}/* ${RESULTDIR}/*/* &
- if [ -n "$O_TBX" -a "$O_TBX" = "ON" ] ; then
- rm ${TESTDIR}/QAstatus
-
- if [ "$1" = "killed... cleaning up..." ] ; then
- echo "QA killed" >${TESTDIR}/QAstatus
- elif [ "$TBX_EXIT" = 0 ] ; then
- echo "QA passed" >${TESTDIR}/QAstatus
- else
- echo "QA failed" >${TESTDIR}/QAstatus
- fi
-
- exit $TBX_EXIT
-
- else
- exit
- fi
-}
-
-trap "rm -f ${TMPFILES} 2>/dev/null; Exit 'killed... cleaning up...'" 2 3 15
-
-################################ Wait ##################################
-# global shell function to wait for an event to happen, 1st parameter
-# filename to watch, 2nd parameter 0 - wait for it to disappear, 1 wait
-# for it to be created.
-# uses the variables WAIT_FOR and WAIT_TIMES
-# WAIT_FOR: if waiting for an event sleep n seconds before rechecking
-# recomended value 10 minutes 600
-# WAIT_TIMES: recheck n times before giving up to prevent endless loop
-# recomended 30 - total of 5h
-########################################################################
-
-Wait()
-{
- i=0
- Debug "Waiting for $1"
- while [ $i -lt $WAIT_TIMES ]
- do
- i=`expr $i + 1`
- if [ -f "$1" -a $2 -eq 1 ] # if file exists and is supposed to
- then
- return
- fi
- if [ ! -f "$1" -a $2 -eq 0 ] # not exists and not supposed to exist
- then
- return
- fi
- Debug "Waiting for $1, loop #$i, about to sleep $WAIT_FOR seconds zzzz..."
- sleep $WAIT_FOR
- done
- TOTAL=`expr $WAIT_TIMES \* $WAIT_FOR / 60`
- Exit "I HAVE WAITED LONG ENOUGH FOR $1 NOW, I'M GONE! (THAT WAS A TOTAL OF $TOTAL MINUTES) I have better things to do... "
-}
-
-################################ WaitForever ##################################
-# global shell function to wait for an event to happen, 1st parameter
-# filename to watch, 2nd parameter 0 - wait for it to disappear, 1 wait
-# for it to be created.
-# because we daon't have any relyable cron on NT...
-########################################################################
-
-WaitForever()
-{
- i=0
- Debug "Waiting for $1"
- TOTAL=0
- while [ 1 ]
- do
- i=`expr $i + 1`
- if [ -f "$1" -a $2 -eq 1 ] # if file exists and is supposed to
- then
- return
- fi
- if [ ! -f "$1" -a $2 -eq 0 ] # not exists and not supposed to exist
- then
- return
- fi
- Debug "Waiting for $1, loop #$i, about to sleep $WAIT_FOR seconds Total $TOTAL"
- sleep $WAIT_FOR
- TOTAL=`expr $i \* $WAIT_FOR / 60`
- if [ -n "$MAX_FOREVER" ] # we are cheating. Forever can be very short...
- then
- if [ "$TOTAL" -gt "$MAX_FOREVER" ]
- then
- Exit "I HAVE WAITED LONG ENOUGH FOR $1 NOW, I'M GONE! (THAT WAS A TOTAL OF $TOTAL MINUTES) I have better things to do... "
- fi
- fi
- done
-}
-################################### is_running #########################
-# global shell function , implements primitive locking mechanism
-# filename is passed as a parameter, if filename.* exists we assume calling
-# script is running already and exit, otherwise filename.processid is
-# created
-########################################################################
-is_running()
-{
- Debug "Testing if $0 is already running... file ${1} - ${1}.$$"
- if [ -f ${1}.* ]
- then
- Exit "$0 seems to be running already ($1 exists) - Exiting"
- fi
- TMPFILES="$TMPFILES ${1}.$$"
- echo "running $0 on `date` PID $$" >${1}.$$
- Debug "wrote \"running $0 on `date` PID $$\" to ${1}.$$"
-
-}
-
-#---------------------------# USERCOM #---------------------------------
-############################## Echo #####################################
-# global shell function , depending on the options the output gets written
-# to a file, or is being discarded
-# FIXME \n and \c are mistreates by differnet shells, and linux has /bin/echo
-# instead of /usr/bin/echo
-########################################################################
-Echo ()
-{
- if [ $O_SILENT = OFF ]
- then
- echo "$*"
- #/usr/bin/echo "$*"
- fi
- if [ $O_FILE = ON ]
- then
- echo "$*" >>$FILENAME
- fi
-}
-
-################################### ask ################################
-# global shell function, Asks the a question, and gives the returns 0
-# on the 1st choice, 1 on the 2nd choice
-#
-# PARAMETERS:
-# $1 question text
-# $2 1st choice
-# $3 2nd choice
-#
-# MODIFIERS:
-# -y O_ALWAYS_YES will assume a first choice always (not neccessaryly "y")
-#
-# RETURN:
-# 0 - User picked 1st choice
-# 1 - User picked 2nd choice
-#
-# EXAMPLE
-# ask "Would you like to continue" "y" "n" || Exit
-# will produce the string "Would you like to continue (y/n) ?",
-# read input from keyboard (or assume a yes with option -y)
-# - on a yes it will return 0, on a no it will return 1, the
-# shell interprets it as error and the || Exit will be executed
-#
-# NOTE: NEVER use "n" as the second parameter - it will mess up -y
-# don't ask "Continue" "n" "y" || Exit # it will Exit on a "y"
-#
-########################################################################
-Ask()
-{
- ask $*
-}
-
-ask()
-{
- if [ $O_ALWAYS_YES = ON ]
- then
- Echo "$1 ($2/$3) ?"
- Echo "YES!"
- return 0
- fi
- A=""
- while [ 1 ]
- do
-
- Echo "$1 ($2/$3) ?"
- read A
- if [ -n "$A" ]
- then
- if [ $A = $2 ]
- then
- return 0
- elif [ $A = $3 ]
- then
- return 1
- fi
- fi
- done
- return 0
-}
-
-################################### Warning ############################
-# global shell function, Asks the user a "... continue? (y/n)" question,
-# and exits when the user answers with no
-# NOTE -y will answer the warnings always with yes
-########################################################################
-Warning ()
-{
- ask "WARNING: $0: \n $* continue " "y" "n" || Exit
-}
-
-################################### Debug ############################
-# global shell function, when option -d Debugging output is written
-########################################################################
-Debug()
-{
- if [ $O_DEBUG = ON ]
- then
- Echo "DEBUG: (`date +%H:%M`) $0: $*"
- fi
-}
-
-################################### line ###############################
-# global shell function, supposed to make output more readable...
-########################################################################
-line()
-{
-Echo
-#Echo "======================================================================="
-#Echo
-}
-
-################################### opt_usage ##########################
-# global shell function, tells user about available options
-########################################################################
-opt_usage()
-{
- if [ $O_OPTIONS = "ON" ]
- then
- Echo
- line
- Echo
- Echo " -y answer all questions with y - use at your own risk..."
- Echo " -s silent (only usefull with -y)"
- Echo " -h, -? - you guessed right - displays this text"
- Echo " -d debug"
- Echo " -f <filename> - write the (error)output to filename"
- Echo " -fcronfile produces the resultfiles in the same locations"
- Echo " as would have been produced with -cron"
- Echo " -m <mailinglist> - send filename to mailinglist (csl "
- Echo " example sonmi,nelsonb,wtc) only useful with -f"
- Echo " -ml <mailinglist> - send link to filename to mailinglist "
- Echo " (csl example sonmi,nelsonb,wtc) only useful with -f"
- Echo " -cron equivalient to -y -s -d -f \$RESULTDIR/\$HOST.nssqa"
- Echo " -t run on a tinderbox build (included -cron)"
- if [ `basename $0` = nssqa ] ; then
- Echo " -l <mozroot> run on a local build"
- Echo " -ln <mozroot> copy a networkbuild to a local directory "
- Echo " mozroot, used for networkindipendend QA "
- Echo " -lt try to copy a networkbuild to a local directory, if"
- Echo " not possible run on the network
- Echo " used for networkindipendend QA
- fi
-#
-# special strings
- fi
-
-}
-
-################################### glob_usage #########################
-# global shell function, how to use the calling script (parameters, options)
-########################################################################
-glob_usage()
-{
- line
- Echo $1
- Echo
- if [ $O_OPTIONS = "ON" ]
- then
- Echo "usage $0 [options] nssversion builddate"
- else
- Echo "usage $0 nssversion builddate"
- fi
-
- Echo " for example: $0 30b 0926"
- Echo " $0 31 1002"
- opt_usage
- Echo
- Exit "$1"
-}
-
-tell()
-{
- if [ $O_SILENT = OFF ]
- then
- line
- pwd
- ls -CF
- line
- fi
- if [ $O_FILE = ON ]
- then
- line
- pwd >>$FILENAME
- ls -CF >>$FILENAME
- line
- fi
-}
-
-if [ $O_INIT = "ON" ]
-then
- glob_init $*
-fi
-EARLY_EXIT=FALSE
diff --git a/security/nss/tests/jss_dll_version.sh b/security/nss/tests/jss_dll_version.sh
deleted file mode 100755
index cb29c4a1a..000000000
--- a/security/nss/tests/jss_dll_version.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-
-# version controll for DLLs
-# ToDo: make version parameter or find version from first occurance of 3.x
-# make the 3 a variable..., include the header
-
-for w in `find . -name "libjss3.s[ol]"`
-do
- NOWHAT=FALSE
- NOIDENT=FALSE
- echo $w
- what $w | grep JSS || NOWHAT=TRUE
- ident $w | grep JSS || NOIDENT=TRUE
- if [ $NOWHAT = TRUE ]
- then
- echo "ERROR what $w does not contain JSS"
- fi
- if [ $NOIDENT = TRUE ]
- then
- echo "ERROR ident $w does not contain JSS"
- fi
-done
diff --git a/security/nss/tests/jssdir b/security/nss/tests/jssdir
deleted file mode 100755
index 1609fbfcf..000000000
--- a/security/nss/tests/jssdir
+++ /dev/null
@@ -1,28 +0,0 @@
-if ( "$2" == "" ) then
- setenv BUILDDATE `date +%m%d`
-else
- setenv BUILDDATE $2
-endif
-
-if ( "$1" == "" ) then
- setenv JSSVER tip
-else
- setenv JSSVER $1
-endif
-
-if ( ! ${?QAYEAR} ) then
- setenv QAYEAR `date +%Y`
-else if ( "$QAYEAR" == "" ) then
- setenv QAYEAR `date +%Y`
-
-endif
-
-setenv JSS_VER_DIR /share/builds/mccrel3/jss/jss$JSSVER
-setenv NTDIST ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/blowfish_NT4.0_Win95/mozilla/dist
-setenv UXDIST ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/dist
-setenv TESTSCRIPTDIR ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/security/jss/tests
-setenv RESULTDIR ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/tests_results/security
-
-cd ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8
-pwd
-ls
diff --git a/security/nss/tests/jssqa b/security/nss/tests/jssqa
deleted file mode 100755
index d5356b9e8..000000000
--- a/security/nss/tests/jssqa
+++ /dev/null
@@ -1,220 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/jssqa
-#
-# this script is supposed to automatically run - now a sanity test, later QA for
-# JSS on all required Unix and Windows (NT and 2000) platforms
-#
-# parameters
-# ----------
-# jssversion (supported: 31, tip)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk...ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.nssqa
-#
-########################################################################
-
-O_OPTIONS=ON # accept options (see above for listing)
-WIN_WAIT_FOREVER=OFF # don't wait for the NSS testdir
-PRODUCT_TO_TEST="JSS"
-JSS_NSPR_DIR="/share/builds/components/nspr20/v4.1.2"
-JSS_NSS_DIR="/share/builds/components/nss/NSS_3_3_1_RTM"
-JSS_NSS_UX_SRC_DIR="nss331/builds/20010928.2.331-RTM/booboo_Solaris8"
-JSS_NSS_NT_SRC_DIR="nss331/builds/20010928.2.331-RTM/blowfish_NT4.0_Win95"
-JSS_NSS_SRC_DIR=$JSS_NSS_UX_SRC_DIR
-NATIVE_FLAG=""
-
-. `dirname $0`/header # utilities, shellfunctions etc, global to NSS and JSS QA
-
-if [ -z "$O_TBX" -o "$O_TBX" != "ON" ] ; then
- is_running ${TMP}/jssqa
- # checks if the file exists, if yes Exits, if not
- # creates to implement a primitive locking mechanism
-fi
-
-INTERNAL_TOKEN="NSS Certificate DB"
-SIGTEST_INTERNAL_TOKEN="Internal Key Storage Token"
-
-################################ jss_init #########################
-#
-# Most of the procedure is setting up the test environment.
-# set all necessary dir and file variables, set all paths, copy the shared libs
-# Put all the shared libraries into a lib directory, <libdir>.
-# including the libjss3.so that was built by the build process.
-# set LD_LIBRARY PATH and CLASSPATH
-# The xpclass.jar produced by the JSS build needs to be in the classpath.
-# The classpath must also include the current directory so we can run our test
-# programs.
-################################################################################
-
-jss_init()
-{
- Debug "Jss init"
- #correct all directories that the header has set...
- NTDIST=`echo $NTDIST | sed -e 's/nss/jss/g'`
- UXDIST=`echo $UXDIST | sed -e 's/nss/jss/g'`
- RESULTDIR=`echo $RESULTDIR | sed -e 's/nss/jss/g'`
- mkdir -p ${RESULTDIR} 2>/dev/null
- JSS_LOGFILE=${RESULTDIR}/${HOST}.txt
- FILENAME=$JSS_LOGFILE
- O_FILE=ON
-
- MOZILLA_ROOT=`echo $MOZILLA_ROOT | sed -e 's/nss/jss/g'`
-
- JSS_SAMPLES="$MOZILLA_ROOT/security/jss/samples"
- JSS_CLASSPATH=`echo $MOZILLA_ROOT |
- sed -e "s/jss$NSSVER.builds/jss$NSSVER\/ships/g" -e "s/mozilla/jss\/${QAYEAR}${BUILDDATE}/"`
- Debug "JSS_CLASSPATH=$JSS_CLASSPATH"
- Debug "JSS_SAMPLES=$JSS_SAMPLES"
-
- if [ ! -d $JSS_SAMPLES ] ; then
- if [ "$O_WIN" = "ON" -a "$WIN_WAIT_FOREVER" = "ON" ]
- then
- WaitForever $JSS_SAMPLES/TestKeyGen.java 1
- else
- Exit "Test directory $JSS_SAMPLES does not exist"
- fi
- fi
-
- PWFILE="$JSS_SAMPLES/passwd"
- EMPTYFILE="$JSS_SAMPLES/emptyfile"
- rm $PWFILE $EMPTYFILE 2>/dev/null
- echo "jss" >$PWFILE
- echo "" >$EMPTYFILE
- echo "" >>$EMPTYFILE
- echo "" >>$EMPTYFILE
-
- INIT_PATH=$PATH
- INIT_LD_LIBRARY_PATH=$LD_LIBRARY_PATH
-}
-
-
-jss_mode_init()
-{
- OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
-
- LOCALDIST_BIN=`echo $LOCALDIST_BIN | sed -e 's/nss/jss/g'`
- LOCALDIST_LIB=$LOCALDIST_BIN/../lib
- debug_dirs
-
- #make testdir/libdir
-
- JSS_LIBDIR=${RESULTDIR}/${HOST}.libdir/${OBJDIR}
- mkdir -p ${JSS_LIBDIR} 2>/dev/null
- Debug "JSS_LIBDIR=$JSS_LIBDIR"
-
- #Put all the shared libraries into a lib directory
- Debug "copy all needed libs to ${JSS_LIBDIR}"
- cp $JSS_NSPR_DIR/${OBJDIR}/lib/* ${JSS_LIBDIR}
- cp $JSS_NSS_DIR/${OBJDIR}/lib/* ${JSS_LIBDIR}
- cp $LOCALDIST_LIB/libjss3.* ${JSS_LIBDIR}
- #FIXME uncomment above
-
- if [ $O_DEBUG = ON ] ; then
- Debug "ls $JSS_LIBDIR"
- ls $JSS_LIBDIR
- fi
-
- #LD_LIBRARY_PATH=$INIT_LD_LIBRARY_PATH:${JSS_LIBDIR}
- LD_LIBRARY_PATH=${JSS_LIBDIR} #remove to avoid HP coredump
- CLASSPATH="$JSS_CLASSPATH/xpclass.jar:."
-
- SHLIB_PATH=${LD_LIBRARY_PATH}
- LIBPATH=${LD_LIBRARY_PATH}
-
- PATH=$JSS_NSPR_DIR/${OBJDIR}/bin:$JSS_NSS_DIR/${OBJDIR}//bin:$INIT_PATH
- Debug "PATH $PATH"
- Debug "LD_LIBRARY_PATH $LD_LIBRARY_PATH"
- Debug "CLASSPATH=$CLASSPATH"
-
- export CLASSPATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
- export TESTSCRIPTDIR COMMON
- export_dirs
-}
-
-
-################################ jss_test #########################
-#
-# go into the build tree. cd to mozilla/security/jss/samples.
-# Create NSS directories in this directory with modutil and set the password
-#
-#6. Create an alias for the "java" and "javac" commands. You'll need to set
-#it to whatever version of the JDK you used to build on this platform. For
-#example,
- #alias java /share/builds/components/cms_jdk/AIX/1.3.0/jre/bin/java
- #alias javac /share/builds/components/cms_jdk/AIX/1.3.0/bin/javac
-# instead $JAVA and $JAVAC
-# 7. Compile the tests.
-#####################################################################
-jss_test()
-{
- O_FILE=OFF
- Debug "JSS main test"
- #set -x
- cd $JSS_SAMPLES
-
- Debug "Cleaning $JSS_SAMPLES"
- rm cert7.db key3.db 2>/dev/null
-
- Debug "echo | modutil -dbdir . -create -force"
- echo | modutil -dbdir . -create -force
- Debug "modutil returned $?"
-
- modutil -dbdir . -list
-
- Debug "echo | modutil -dbdir . -changepw \"$INTERNAL_TOKEN\" -newpwfile $PWFILE -force"
- modutil -dbdir . -changepw "$INTERNAL_TOKEN" -newpwfile $PWFILE -force <$EMPTYFILE
- #modutil -dbdir . -changepw "$INTERNAL_TOKEN" -pwfile $PWFILE -newpwfile $PWFILE <$EMPTYFILE
- Debug "modutil returned $?"
-
- Debug "$JAVAC TestKeyGen.java"
- $JAVAC TestKeyGen.java
- Debug "$JAVAC TestKeyGen.java returned $?"
-
- Debug "$JAVAC SigTest.java"
- $JAVAC SigTest.java
- Debug "$JAVAC SigTest.java returned $?"
-
- echo "Starting new jss test on $HOST"
- date
-
- # Run the actual tests
-
- Debug "$JAVA $NATIVE_FLAG TestKeyGen ."
- $JAVA $NATIVE_FLAG TestKeyGen .
- Debug "$JAVA TestKeyGen returned $?"
-
- Debug "$JAVA $NATIVE_FLAG SigTest . \"$SIGTEST_INTERNAL_TOKEN\""
- $JAVA $NATIVE_FLAG SigTest . "$SIGTEST_INTERNAL_TOKEN"
- Debug "$JAVA SigTest returned $?"
-
- O_FILE=ON
-}
-
-jss_init
-jss_mode_init
-
-if [ "$O_CRON" = "ON" -o "$O_WIN" = "ON" ]
-then
- jss_test >>$JSS_LOGFILE 2>&1
-else
- jss_test 2>&1 | tee -a $JSS_LOGFILE
-fi
-BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
-jss_mode_init
-if [ "$O_CRON" = "ON" -o "$O_WIN" = "ON" ]
-then
- jss_test >>$JSS_LOGFILE 2>&1
-else
- jss_test 2>&1 | tee -a $JSS_LOGFILE
-fi
-Exit "jssqa completed. Done `uname -n` $QA_OS_STRING"
diff --git a/security/nss/tests/mksymlinks b/security/nss/tests/mksymlinks
deleted file mode 100755
index aae3386ce..000000000
--- a/security/nss/tests/mksymlinks
+++ /dev/null
@@ -1,115 +0,0 @@
-#! /bin/sh
-
-O_OPTIONS=OFF
-. `dirname $0`/header
-
-if [ $O_DEBUG = ON ] ; then
- Debug "NTDIST $NTDIST"
- Debug "UXDIST $UXDIST"
- Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-fi
-
-if [ -d "$NSS_VER_DIR" ] ; then
- cd $NSS_VER_DIR
-else
- glob_usage "cant cd to $NSS_VER_DIR Exiting"
-fi
-
-if [ -d "$NTDIST" ] ; then
- cd $NTDIST
- if [ ! -h WINNT5.0_DBG.OBJ -a ! -d WINNT5.0_DBG.OBJ ] ; then
- ln -s WINNT4.0_DBG.OBJ WINNT5.0_DBG.OBJ
- fi
- if [ ! -h WINNT5.0_DBG.OBJD -a ! -d WINNT5.0_DBG.OBJD ] ; then
- ln -s WINNT4.0_DBG.OBJD WINNT5.0_DBG.OBJD
- fi
- if [ ! -h WINNT5.0_OPT.OBJ -a ! -d WINNT5.0_OPT.OBJ ] ; then
- ln -s WINNT4.0_OPT.OBJ WINNT5.0_OPT.OBJ
- fi
- if [ ! -h WINNT5.1_DBG.OBJ -a ! -d WINNT5.1_DBG.OBJ ] ; then
- ln -s WINNT4.0_DBG.OBJ WINNT5.1_DBG.OBJ
- fi
- if [ ! -h WINNT5.1_DBG.OBJD -a ! -d WINNT5.1_DBG.OBJD ] ; then
- ln -s WINNT4.0_DBG.OBJD WINNT5.1_DBG.OBJD
- fi
- if [ ! -h WINNT5.1_OPT.OBJ -a ! -d WINNT5.1_OPT.OBJ ] ; then
- ln -s WINNT4.0_OPT.OBJ WINNT5.1_OPT.OBJ
- fi
-
- if [ $O_DEBUG = ON ] ; then
- tell
- fi
-else
- if [ $O_DEBUG = ON ] ; then
- Debug "WARNING!!! cant cd to $NTDIST "
- fi
-fi
-
-if [ -d "$UXDIST" ]
-then
- cd $UXDIST
-else
- glob_usage "Error!!! cant cd to $UXDIST "
-fi
-
-ErrorFlag=0
-
-#if [ ! -h OSF1V5.1_DBG.OBJ -a ! -d OSF1V5.1_DBG.OBJ ] ; then
- #ln -s OSF1V4.0D_DBG.OBJ OSF1V5.1_DBG.OBJ || ErrorFlag=1
-#fi
-#if [ ! -h OSF1V5.1_OPT.OBJ -a ! -d OSF1V5.1_OPT.OBJ ] ; then
- #ln -s OSF1V4.0D_OPT.OBJ OSF1V5.1_OPT.OBJ || ErrorFlag=1
-#fi
-#if [ ! -h OSF1V5.0_DBG.OBJ -a ! -d OSF1V5.0_DBG.OBJ ] ; then
- #ln -s OSF1V4.0D_DBG.OBJ OSF1V5.0_DBG.OBJ || ErrorFlag=1
-#fi
-#if [ ! -h OSF1V5.0_OPT.OBJ -a ! -d OSF1V5.0_OPT.OBJ ] ; then
- #ln -s OSF1V4.0D_OPT.OBJ OSF1V5.0_OPT.OBJ || ErrorFlag=1
-#fi
-if [ ! -h SunOS5.9_64_DBG.OBJ -a ! -d SunOS5.9_64_DBG.OBJ ] ; then
- ln -s SunOS5.8_64_DBG.OBJ SunOS5.9_64_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_64_OPT.OBJ -a ! -d SunOS5.9_64_OPT.OBJ ] ; then
- ln -s SunOS5.8_64_OPT.OBJ SunOS5.9_64_OPT.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_DBG.OBJ -a ! -d SunOS5.9_DBG.OBJ ] ; then
- ln -s SunOS5.8_DBG.OBJ SunOS5.9_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_OPT.OBJ -a ! -d SunOS5.9_OPT.OBJ ] ; then
- ln -s SunOS5.8_OPT.OBJ SunOS5.9_OPT.OBJ || ErrorFlag=1
-fi
-#sonmi - still leaving the section in there so 3.3 and 3.2 will not break
-#since 5.8 is the masterbuild it should never be executed
-#additionally: only creat link if the slave build is present, but
-#master is not
-#if [ ! -h SunOS5.8_DBG.OBJ -a ! -d SunOS5.8_DBG.OBJ ] ; then
- #if [ -d SunOS5.6_DBG.OBJ ] ; then
- #ln -s SunOS5.6_DBG.OBJ SunOS5.8_DBG.OBJ || ErrorFlag=1
- #fi
-#fi
-#if [ ! -h SunOS5.8_OPT.OBJ -a ! -d SunOS5.8_OPT.OBJ ] ; then
- #if [ -d SunOS5.6_OPT.OBJ ] ; then
- #ln -s SunOS5.6_OPT.OBJ SunOS5.8_OPT.OBJ || ErrorFlag=1
- #fi
-#fi
-#if [ ! -h Linux2.4_x86_glibc_PTH_DBG.OBJ -a ! -d Linux2.4_x86_glibc_PTH_DBG.OBJ]
-#then
- #ln -s Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.4_x86_glibc_PTH_DBG.OBJ || ErrorFlag=1
-#fi
-#if [ ! -h Linux2.4_x86_glibc_PTH_OPT.OBJ -a ! -d Linux2.4_x86_glibc_PTH_OPT.OBJ]
-#then
- #ln -s Linux2.2_x86_glibc_PTH_OPT.OBJ Linux2.4_x86_glibc_PTH_OPT.OBJ || ErrorFlag=1
-#fi
-
-if [ ! -h SunOS5.9_i86pc_DBG.OBJ -a ! -d SunOS5.9_i86pc_DBG.OBJ ] ; then
- ln -s SunOS5.8_i86pc_DBG.OBJ SunOS5.9_i86pc_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_i86pc_OPT.OBJ -a ! -d SunOS5.9_i86pc_OPT.OBJ ] ; then
- ln -s SunOS5.8_i86pc_OPT.OBJ SunOS5.9_i86pc_OPT.OBJ || ErrorFlag=1
-fi
-
-if [ $O_DEBUG = ON ] ; then
- tell
-fi
-
-exit $ErrorFlag #no cleanup here, no tempfiles
diff --git a/security/nss/tests/nssdir b/security/nss/tests/nssdir
deleted file mode 100755
index 884c299f5..000000000
--- a/security/nss/tests/nssdir
+++ /dev/null
@@ -1,28 +0,0 @@
-if ( "$2" == "" ) then
- setenv BUILDDATE `date +%m%d`
-else
- setenv BUILDDATE $2
-endif
-
-if ( "$1" == "" ) then
- setenv NSSVER tip
-else
- setenv NSSVER $1
-endif
-
-if ( ! ${?QAYEAR} ) then
- setenv QAYEAR `date +%Y`
-else if ( "$QAYEAR" == "" ) then
- setenv QAYEAR `date +%Y`
-
-endif
-
-setenv NSS_VER_DIR /share/builds/mccrel3/nss/nss$NSSVER
-setenv NTDIST ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/blowfish_NT4.0_Win95/mozilla/dist
-setenv UXDIST ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/dist
-setenv TESTSCRIPTDIR ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/security/nss/tests
-setenv RESULTDIR ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/tests_results/security
-
-cd ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8
-pwd
-ls
diff --git a/security/nss/tests/nsspath b/security/nss/tests/nsspath
deleted file mode 100755
index 5d5ececc6..000000000
--- a/security/nss/tests/nsspath
+++ /dev/null
@@ -1,12 +0,0 @@
-#! /bin/tcsh
-
-set PWD=`pwd`
-source /u/sonmi/bin/nssdir $*
-set OBJDIR=`(cd mozilla/security/nss/tests/common; gmake objdir_name)`
-setenv PATH `perl /u/sonmi/bin/path_uniq -s "${PATH}:${UXDIST}/${OBJDIR}/bin"`
-if ( `uname -n` == "iws-perf" ) then
- setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib:/opt/nfast/toolkits/pkcs11"
-else
- setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib"
-endif
-cd $PWD
diff --git a/security/nss/tests/nssqa b/security/nss/tests/nssqa
deleted file mode 100755
index 84c8b8f60..000000000
--- a/security/nss/tests/nssqa
+++ /dev/null
@@ -1,283 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/nssqa - /u/svbld/bin/init/nss/nssqa
-#
-# this script is supposed to automatically run QA for NSS on all required
-# Unix and Windows (NT and 2000) platforms
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, tip)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk...ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.nssqa
-#
-# 12/1/00
-# took out the (unused) local directory for releasebuild QA on NT
-# cleaned up 32 - 64 bit issues
-# took hardcoded machinenames out
-########################################################################
-
-O_OPTIONS=ON # accept options (see above for listing)
-WIN_WAIT_FOREVER=ON # first we wait forever for a TESTDIR to appear, than
- # we wait forever for the build to finish...
-
-TBX_EXIT=50 # in case we are running on a tinderbox build, any
- # early exit needs to return an error
-. `dirname $0`/header # utilities, shellfunctions etc, global to NSS QA
-
-if [ -z "$O_TBX" -o "$O_TBX" != "ON" ] ; then
- is_running ${TMP}/nssqa
- # checks if the file exists, if yes Exits, if not
- # creates to implement a primitive locking mechanism
-fi
-
-KILL_SELFSERV=OFF # cleanup will also kill the leftover selfserv processes
-
-################################ check_distdir #########################
-# local shell function to check if the DIST directory exists, if not there
-# is no use to continue the test
-########################################################################
-check_distdir()
-{
- set_objdir
-
- if [ ! -d "$LOCALDIST_BIN" ]
- then
- Debug "Dist $DIST"
- Warning "$LOCALDIST_BIN (the dist binaries dir) does not exist"
- return 1
- fi
-
- if [ ! -d "$LOCALDIST" -a ! -h "$LOCALDIST" ]
- then
- Debug "Dist $DIST"
- Warning "$LOCALDIST (the dist directory) does not exist"
- return 1
- fi
-
- Debug "LOCALDIST_BIN $LOCALDIST_BIN"
- Debug "Dist $DIST"
- return 0
-}
-
-################################ run_all ###############################
-# local shell function to start the all.sh after asking user and redirect
-# the output apropriately
-########################################################################
-run_all()
-{
- check_distdir || return 1
- #kill_by_name selfserv
- ask "Testing $OBJDIR continue with all.sh" "y" "n" || Exit
-
- Debug "running all.sh in `pwd`"
- if [ $O_SILENT = ON ]
- then
- if [ $O_DEBUG = ON -a $O_FILE = ON ]
- then
- all.sh >>$FILENAME 2>>$FILENAME
- else
- all.sh >/dev/null 2>/dev/null
- fi
- else
- all.sh
- fi
- Debug "Done with all.sh "
- line
-}
-
-all_sh()
-{
- echo
-}
-
-
-########################### wait_for_build #############################
-# local shell function to wait until the build is finished
-########################################################################
-wait_for_build()
-{
- if [ $O_WIN = "ON" ]
- then
- WaitForever ${OSDIR}/SVbuild.InProgress.1 0
- #Wait for the build to finish Windows a lot longer
- OS_TARGET=WINNT;export OS_TARGET;Debug "OS_TARGET set to $OS_TARGET"
- QA_OS_NAME=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name | \
- sed -e "s/WINNT4.0.*/Windows-NT-4.0/" -e "s/WINNT5.0.*/Windows-2000/"`
- Echo "WINDOWS-OS-LINE: $QA_OS_NAME"
- else
- Wait ${OSDIR}/SVbuild.InProgress.1 0
- #Wait for the build to finish... Unix a few hours
- qa_stat_get_sysinfo
- Echo "UNIX-OS-LINE: $QA_OS"
- fi
- find_nt_masterbuild
-}
-
-
-########################### map_os #############################
-# local shell function: From the operatingsystem figure out the name of
-# the build ; needed to detemine if the build finished, passed and for
-# the directory names
-########################################################################
-map_os32()
-{
- case `uname -s` in
- SunOS)
- S_REL=`uname -r | sed -e "s/^[^\.]*\.//g"`
- if [ `uname -p` = "i386" ] ; then
- MAPPED_OS=Solaris8_x86
- elif [ "$S_REL" -lt 8 ] ; then
- MAPPED_OS=Solaris2.6
- else
- MAPPED_OS=Solaris8_forte6
- fi
- ;;
- OSF1)
- MAPPED_OS=OSF1V4.0
- ;;
- AIX)
- MAPPED_OS=AIX4.3
- ;;
- Linux)
- RH_MR=`cat /etc/redhat-release | sed \
- -e "s/Red Hat Linux release //" -e "s/ .*//g" \
- -e "s/\..*//g"`
-
- if [ "$RH_MR" = "6" ] ; then
- MAPPED_OS=Linux2.2
- else
- MAPPED_OS=Linux2.4
- LD_ASSUME_KERNEL="2.2.5"
- export LD_ASSUME_KERNEL
- fi
- ;;
- HP-UX)
- MAPPED_OS=HPUX11.00
- ;;
- *)
- if [ "$os_name" = "Windows" ]
- then
- MAPPED_OS=NT4.0
- else
- Exit "Sorry, operating system `uname -s` is not supported yet"
- fi
- ;;
- esac
- set_osdir
- Debug "Mapped OS to $MAPPED_OS"
-}
-
-############################# nssqa_main ###############################
-# local shell function main controlling function of the nss qa
-########################################################################
-nssqa_main()
-{
- Debug "In function nssqa_main"
-
- if [ $O_WIN = "OFF" -a "$O_TBX" = "OFF" -a $O_LOCAL = "OFF" ] ; then
- if [ ! -h ${NTDIST}/WINNT5.0_DBG.OBJ -o \
- ! -h ${UXDIST}/SunOS5.8_OPT.OBJ -o \
- ! -h ${UXDIST}/OSF1V5.0_DBG.OBJ ] ; then
- # determine if all needed symbolic links are present, in case
- # we build on one platform and QA on another
- # create the symbolic links
- #mksymlinks $* ||
- `dirname $0`/mksymlinks $NSSVER $BUILDDATE ||
- Warning "Can't make the neccessary symbolic links"
- fi
- fi
-
- if [ -d $TESTSCRIPTDIR ] #the directory mozilla/security/nss/tests,
- then # where all.sh lives
- cd $TESTSCRIPTDIR
- else
- Exit "cant cd to $TESTSCRIPTDIR Exiting"
- fi
-
- Debug "Testing from `pwd`"
- line
- Debug "HOST: $HOST, DOMSUF: $DOMSUF"
-
- if [ "$O_TBX" = "OFF" ] ; then
- map_os32 # From the operatingsystem figure out the name of the build
- Debug Testing build for $MAPPED_OS in $OSDIR
- wait_for_build
- fi
- run_all
- BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
- run_all
-
- # now for the 64 bit build!
- map_os64 # From the operatingsystem figure out the name of the build
- if [ -n "$IS_64" ] ; then #Wait for the 64 bit build to finish...
- Debug "This is a $IS_64 platform"
- USE_64=1;export USE_64;Debug "Use_64 set to $USE_64"
- unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
-
- run_all
- BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
- run_all
- elif [ "$O_WIN" = "ON" ] ; then
- OS_TARGET=WIN95;export OS_TARGET
- Debug "OS_TARGET set to $OS_TARGET"
- #Echo "WINDOWS-OS-LINE: $os_name $os_full $OS_TARGET"
- unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
- #if [ "$TEST_LEVEL" = "0" ] ; then
- #QA_OS_NAME=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name | \
- #sed -e "s/WINNT4.0.*/Windows-NT-4.0/" -e \
- #"s/WINNT5.0.*/Windows-2000/"`
- #Echo "WINDOWS-OS-LINE: $QA_OS_NAME $OS_TARGET"
- #fi
- run_all
- BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
- run_all
- else
- Debug "This is a 32 bit platform"
- fi
-}
-
-TEST_LEVEL=0
-
-while [ $TEST_LEVEL -lt 2 ] ; do
- export TEST_LEVEL
- unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
- unset USE_64;export USE_64;Debug "USE_64 $USE_64"
- bc $TEST_LEVEL
- Debug "About to start nssqa_main"
- if [ $O_FILE = ON -a "$O_WIN" != "ON" ] ; then
- nssqa_main 2>>$FILENAME
- else
- nssqa_main
- fi
- if [ "$O_TBX" = "ON" ] ; then # do not do backward compatibility
- TEST_LEVEL=3 # testing on tinderbox
- else
- TEST_LEVEL=`expr $TEST_LEVEL + 1 `
- fi
-done
-
-if [ "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
-#FIXME - maybe it should be copied back to the networkdrive later (-ln)
- if [ -n "${TMPFILES}" ] ; then #caused problems on tinderbox machines
- Debug "rm -f ${TMPFILES}"
- rm -f $TMPFILES 2>/dev/null
- fi
- Debug "running qa_stat"
- . `dirname $0`/qa_stat
-fi
-
-
-qa_stat_get_sysinfo
-
-Exit "nssqa completed. Done `uname -n` $QA_OS_STRING"
diff --git a/security/nss/tests/path_uniq b/security/nss/tests/path_uniq
deleted file mode 100755
index f29f60a00..000000000
--- a/security/nss/tests/path_uniq
+++ /dev/null
@@ -1,107 +0,0 @@
-#! /bin/perl
-
-########################################################################
-#
-# /u/sonmi/bin/path_uniq
-#
-# this script makes components of a PATH like string unique cand prints
-# it to stdout
-#
-# parameters
-# ----------
-# PATH
-#
-# options
-# -------
-# -d delimiter - default :
-# -s shortens the path
-#
-# usefull enhancements: in the usage part, try to guess what was meant as
-# a path and echo it to stdout to not break for PATHs with blanks
-#
-########################################################################
-
-sub usage {
- print STDERR "usage $0 [-s] [-d <delimiter>] PATH\n";
- print STDERR " this script makes components of the PATH unique, if you\n";
- print STDERR " pass in a searchpath A:B:C:A:B:E it will print A:B:C:E to\n";
- print STDERR " the stdout\n\n";
- print STDERR " -s will mercylessly cut components from the path, \n";
- print STDERR " use at your own risk\n\n";
- print STDERR " the parameters you gave were: \n";
- for ( $i = 0; $i <= $#ARGV; $i++ ) {
- print STDERR " $ARGV[$i]\n";
- }
- exit ;
-}
-
-
-$i = 0;
-$j = 0;
-$delimiter = ":";
-$searchpath = "";
-@pathcomponents;
-$found=0;
-$newpath="";
-$shorten=0;
-
-for ( $i=0; $i <= $#ARGV; $i++) {
- if ( $ARGV[$i] eq '-d' ) {
- $delimiter = $ARGV[++$i];
- } elsif ( $ARGV[$i] eq '-s' ) {
- $shorten=1;
- } else {
- $searchpath = $ARGV[$i];
- }
-}
-if ( $searchpath eq "" ) {
- usage;
-}
-#print STDERR "delimiter $delimiter\n";
-#print STDERR "shorten $shorten\n";
-#print STDERR "searchpath $searchpath\n";
-
-@pathcomponents=split($delimiter, $searchpath);
-
-for ( $i = 0; $i <= $#pathcomponents; $i++ ) {
- $found=0;
- if ( $shorten == 1 ) {
- if ( "\/tools\/ns-arch\/sparc_sun_solaris2\.4\/lib\/sparcworks\/SUNWspro/bin" eq $pathcomponents[$i] ||
- "\/h\/tortoise\/export\/share\/builds\/tools\/sparc_sun_solaris2\.5\.1\/perl5\.004\/bin" eq $pathcomponents[$i] ||
- "\/usr\/dist\/local\/exe" eq $pathcomponents[$i] ||
- "\/opt\/SUNWspro\/bin" eq $pathcomponents[$i] ||
- "\/opt\/SUNWwabi\/bin" eq $pathcomponents[$i] ||
- "\/u\/svbld\/bin" eq $pathcomponents[$i] ||
- "\/usr\/demos" eq $pathcomponents[$i] ||
- "\/usr\/audio\/bin" eq $pathcomponents[$i] ||
- "\/usr\/openwin\/demo" eq $pathcomponents[$i] ||
- "\/tools\/contrib\/bin" eq $pathcomponents[$i] ||
- "\/usr\/etc\/" eq $pathcomponents[$i] ||
- "\/usr\/demos\/bin" eq $pathcomponents[$i] ) {
-
-
- #print "dumped: $pathcomponents[$i]\n";
- next;
- }
- #print "keep: $pathcomponents[$i]\n";
- }
- for ( $j = 0; $j < $i; $j++ ) {
- if ( $pathcomponents[$j] eq $pathcomponents[$i] ) {
- #print "$i and $j match - $pathcomponents[$i] - $pathcomponents[$j]\n";
- $found=1;
- last;
- }
- }
- if ( $found == 0 ) {
- #print "$pathcomponents[$i]:";
- if ($i == 0) {
- $newpath = $pathcomponents[$i];
- } else {
- $newpath=join($delimiter, $newpath,$pathcomponents[$i]);
- }
- }
-}
-print "$newpath\n";
-exit;
-
-
diff --git a/security/nss/tests/perf/perf.sh b/security/nss/tests/perf/perf.sh
deleted file mode 100755
index 7c7b1d1a0..000000000
--- a/security/nss/tests/perf/perf.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/perf/perf.sh
-#
-# script run from the nightly NSS QA to measure nss performance
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-#
-############################## perf_init ##############################
-# local shell function to initialize this script
-########################################################################
-perf_init()
-{
- SCRIPTNAME="perf.sh"
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . ./init.sh
- fi
- SCRIPTNAME="perf.sh"
- PERFDIR=${HOSTDIR}/perf
- mkdir -p ${PERFDIR}
-}
-
-perf_init
-RSAPERF_OUT=`rsaperf -i 300 -s -n none`
-RSAPERF_OUT=`echo $RSAPERF_OUT | sed \
- -e "s/^/RSAPERF: $OBJDIR /" \
- -e 's/microseconds/us/' \
- -e 's/milliseconds/ms/' \
- -e 's/seconds/s/' \
- -e 's/ minutes, and /_min_/'`
-
-echo "$RSAPERF_OUT"
-
-
-
-#FIXME
-#export RSAPERF_OUT
-#
-#perl -e '
-
-#@rsaperf=split(/ /, $ENV{RSAPERF_OUT});
-
-#echo "${RSAPERF_OUT}" | read IT_NUM T1 T2 TOT_TIM TOT_TIM_U \
- #T3 T4 T5 AVRG_TIM AVRG_TIM_U
-
-#300 iterations in 8.881 seconds one operation every 29606 microseconds
diff --git a/security/nss/tests/pkcs11/netscape/suites/Makefile b/security/nss/tests/pkcs11/netscape/suites/Makefile
deleted file mode 100644
index 093ef5244..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-# include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/config.mk b/security/nss/tests/pkcs11/netscape/suites/config.mk
deleted file mode 100644
index 0c29b9e0e..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/config.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-all::
-
-release:: release_security abort_rule
-
-release_security:
- @echo "cd security; $(MAKE) release"
- $(MAKE) -C security release
-
-abort_rule:
- @"Security Complete. (Don't worry about this, it really should abort here!)"
diff --git a/security/nss/tests/pkcs11/netscape/suites/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/manifest.mn
deleted file mode 100644
index 5eb557d84..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/manifest.mn
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../..
-
-DIRS = security \
- $(NULL)
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/Makefile
deleted file mode 100644
index 1c76a8833..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/config.mk
deleted file mode 100644
index 006fcb713..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/config.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-all::
-
-release:: release_des release_des3 release_sha1 release_dsa abort_rule
-
-release_des:
- @echo "cd des; $(MAKE) release"
- $(MAKE) -C des release
-
-release_des3:
- @echo "cd des3; $(MAKE) release"
- $(MAKE) -C des3 release
-
-release_sha1:
- @echo "cd sha1; $(MAKE) release"
- $(MAKE) -C sha1 release
-
-release_dsa:
- @echo "cd dsa; $(MAKE) release"
- $(MAKE) -C dsa release
-
-abort_rule:
- @"Security Suites Complete. (Don't worry about this, it really should abort here!)"
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
deleted file mode 100644
index a95b03c93..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../../..
-
-#MODULE = sectools
-
-DIRS = pkcs11 \
- ssl \
- $(NULL)
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
deleted file mode 100644
index 611fef3d6..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-include $(CORE_DEPTH)/nss/cmd/platlibs.mk
-include $(CORE_DEPTH)/nss/cmd/platrules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include rules.mk
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
deleted file mode 100644
index 4b50e62e6..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-OS_CFLAGS += -DNSPR20=1
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = $(LDOPTS) $(LIBSECMOD) $(LIBHASH) $(LIBCERT) $(LIBKEY) \
-$(LIBCRYPTO) $(LIBSECUTIL) $(LIBDBM) $(LIBPLC) $(LIBPLDS) $(LIBPR) \
-$(LIBSECTOOLS) $(DLLSYSTEM)
-
-# These are the libraries from the PKCS #5 suite:
-#LDFLAGS = $(LDOPTS) $(LIBSECTOOLS) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBSECMOD) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBHASH) $(LIBDBM) $(LIBPLDS) $(LIBPLC) $(LIBPR) $(DLLSYSTEM)
-
-#######################################################################
-# Set the TARGETS value to build one executable from each object file #
-#######################################################################
-
-# TARGETS = $(OBJS:$(OBJ_SUFFIX)=$(PROG_SUFFIX))
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
deleted file mode 100644
index eca912157..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH=../../../../../../..
-
-#MODULE = sectools
-
-CSRCS = pk11test.c
-
-PROGRAM = pk11test
-
-REQUIRES = seccmd dbm nss
-
-REGRESSION_SPEC = pkcs11.reg
-
-RESULTS_SUBDIR = security/pkcs11
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
deleted file mode 100644
index e011e8059..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
+++ /dev/null
@@ -1,1360 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define VERSION_MAJOR 1
-#define VERSION_MINOR 0
-#define VERSION_POINT 7
-/* Standard C includes */
-#include <stdlib.h>
-#include <stdio.h>
-
-/* NSPR includes */
-#include <prio.h>
-#include <prprf.h>
-#include <plarena.h>
-#include <prinit.h>
-#include <prmem.h>
-
-/* security includes */
-#include <pkcs11t.h>
-#include <secmodt.h>
-#include <pk11func.h>
-#include <secmod.h>
-#include <secutil.h>
-#include <keyt.h>
-
-/* replacer header file */
-#include "pk11test.h"
-
-#include "pkcs11.h"
-
-void SEC_Init(void);
-
-PRStatus InitCrypto(char*);
-int TestUserManagement();
-int TestCrypto();
-MechInfo* GetMechInfo(CK_MECHANISM_TYPE type);
-int TestEncrypt(CK_MECHANISM_TYPE mech);
-int TestSign(CK_MECHANISM_TYPE mech);
-int TestDigest(CK_MECHANISM_TYPE mech);
-int TestHMAC(CK_MECHANISM_TYPE mech);
-int TestSymmetricEncrypt(CK_MECHANISM_TYPE mech);
-int TestPKEncrypt(CK_MECHANISM_TYPE mech);
-
-
-static char* userpw = NULL;
-static int secerror=0;
-/* PK11SymKey *symkey=NULL;*/
-PK11SlotInfo *slot=NULL;
-
-/* Errors */
-enum {
- NO_ERROR_AT_ALL=0,
- NO_SUCH_SLOT=1,
- KEY_GEN_FAILED,
- CREATE_CONTEXT_FAILED,
- INTERNAL_RNG_FAILED,
- MECH_NOT_FOUND,
- INPUT_FILE_ERROR,
- KEY_COPY_FAILED,
- CIPHER_OP_FAILED,
- FINALIZE_FAILED,
- RESULTS_DONT_MATCH,
- PARAM_GEN_FAILED,
- PLAINTEXT_DOESNT_MATCH,
- ENCRYPTION_IS_NOOP,
- WRAP_PRIVKEY_FAILED,
- WRAP_SYMKEY_FAILED,
- UNWRAP_SYMKEY_FAILED,
- UNWRAPPED_KEY_DOESNT_MATCH,
- UNWRAP_PRIVKEY_FAILED,
- SIGNATURE_FAILED,
- SIGNATURE_DOESNT_VERIFY,
- AUTHENTICATION_FAILED,
- AUTHENTICATION_SUCCEEDED,
- MODDB_ACCESS
-};
-
-static char* errString[] = {
- "No error",
- "No such slot",
- "Failed to generate key",
- "Failed to create a cryptographic context",
- "Failed to generate random bytes",
- "Mechanism was not found",
- "Error in input file",
- "Failed to copy key from internal to external module",
- "Cipher operation failed",
- "Cipher finalization failed",
- "Internal module produced a different result than the target module",
- "Failed to generate cryptographic parameters",
- "Recovered plaintext does not match original plaintext",
- "Ciphertext is the same as plaintext",
- "Unable to wrap private key",
- "Unable to wrap symmetric key",
- "Unable to unwrap symmetric key",
- "Unwrapped key does not match original key",
- "Unable to unwrap private key",
- "Signing operation failed",
- "Incorrect signature: doesn't verify",
- "Failed to authenticate to slot",
- "Authenticated to slot with incorrect password",
- "Unable to access security module database"
-};
-
-/***********************************************************************
- *
- * R e a d I n p u t F i l e
- *
- * Read tokenname and module name from the file with the indicated name.
- * Pass in the addresses of pointers. They will be set to point at
- * dynamically-allocated memory.
- *
- * Returns 0 on success, -1 on error with file.
- */
-int
-ReadInputFile(char *filename, char**tokenname, char**moddbname, char **userpw)
-{
- PRFileDesc* file=NULL;
- char readbuf[1025];
- int numbytes=0;
- char *cp;
-
- *tokenname = NULL;
- *moddbname = NULL;
-
- /* Open file */
- file = PR_Open(filename, PR_RDONLY, 0);
- if(!file) {
- return -1;
- }
-
- /* Read in everything */
- numbytes = PR_Read(file, readbuf, 1024);
- if(numbytes==-1) {
- goto loser;
- }
- readbuf[numbytes] = '\0'; /* make sure we're null-terminated */
-
- /* Get tokenname */
- cp = strtok(readbuf, "\r\n");
- if(cp == NULL) {
- goto loser;
- }
- *tokenname = PR_Malloc(strlen(cp)+1);
- strcpy(*tokenname, cp);
-
- /* get moddbname */
- cp = strtok(NULL, "\r\n");
- if(cp == NULL) {
- goto loser;
- }
- *moddbname = PR_Malloc(strlen(cp)+1);
- strcpy(*moddbname, cp);
-
- /* Get module PIN */
- cp = strtok(NULL, "\r\n");
- if(cp == NULL) {
- goto loser;
- }
- *userpw = PR_Malloc(strlen(cp)+1);
- strcpy(*userpw, cp);
-
- PR_Close(file);
- return 0;
-
-loser:
- if(file) {
- PR_Close(file);
- }
- if(*tokenname) {
- PR_Free(*tokenname);
- *tokenname = NULL;
- }
- if(*moddbname) {
- PR_Free(*moddbname);
- *moddbname = NULL;
- }
- return -1;
-}
-
-static PRBool supplyPassword=PR_TRUE;
-char*
-PasswordFunc(PK11SlotInfo *slot, PRBool loadcerts, void *wincx)
-{
- if(supplyPassword) {
- /*PR_fprintf(PR_STDOUT, "Feeding password: |%s|\n", userpw);*/
- supplyPassword = PR_FALSE;
- return PL_strdup(userpw);
- } else {
- /*PR_fprintf(PR_STDOUT, "PasswordFunc supplying NULL.\n");*/
- return NULL;
- }
-}
-
-
-/**********************************************************************
- *
- * m a i n
- *
- */
-int
-main(int argc, char *argv[])
-{
- char *tokenname=NULL;
- char *moddbname=NULL;
- int errcode;
-
- if(argc < 3) {
- PR_fprintf(PR_STDERR,
-"\nPKCS #11 Test Suite Version %d.%d.%d\n\
-Usage: pkcs11 testid configfile\n",VERSION_MAJOR,VERSION_MINOR,VERSION_POINT);
- return -1;
- }
-
- testId = atoi(argv[1]);
- if(ReadInputFile(argv[2], &tokenname, &moddbname, &userpw)) {
- errcode = INPUT_FILE_ERROR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, "testId=%d\n", testId);
- PR_fprintf(PR_STDOUT, "tokenname=%s\n", tokenname);
- PR_fprintf(PR_STDOUT, "moddbname=%s\n", moddbname);
-
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- if( InitCrypto(moddbname) != PR_SUCCESS ) {
- errcode = MODDB_ACCESS;
- goto loser;
- }
-
- slot = PK11_FindSlotByName(tokenname);
- if(!slot) {
- errcode = NO_SUCH_SLOT;
- goto loser;
- }
-
- if(!REP_USE_CORRECT_PIN && userpw) {
- /* don't use the pin passed in */
- userpw[0]++;
- }
- PK11_SetPasswordFunc(PasswordFunc);
- if(PK11_NeedLogin(slot)) {
- SECStatus result;
- supplyPassword = PR_TRUE;
- result = PK11_Authenticate(slot, PR_FALSE, NULL);
- /* If we just did an invalid login, login correctly so we don't
- * cause the token to lock us out */
- if(!REP_USE_CORRECT_PIN) {
- userpw[0]--;
- supplyPassword = PR_TRUE;
- PK11_Authenticate(slot, PR_FALSE, NULL);
- }
- if(REP_USE_CORRECT_PIN && result!=SECSuccess) {
- errcode = AUTHENTICATION_FAILED;
- goto loser;
- } else if(!REP_USE_CORRECT_PIN && result==SECSuccess) {
- errcode = AUTHENTICATION_SUCCEEDED;
- goto loser;
- }
- }
-
- errcode = TestCrypto();
-
-loser:
- if(tokenname) {
- PR_Free(tokenname); tokenname = NULL;
- }
- if(moddbname) {
- PR_Free(moddbname); moddbname = NULL;
- }
- if(errcode) {
- PR_fprintf(PR_STDOUT, "Exiting with error: %s.\n\n", errString[errcode]);
- } else {
- PR_fprintf(PR_STDOUT, "Test was successful\n\n");
- }
- return errcode;
-}
-
-/**********************************************************************
- *
- * I n i t C r y p t o
- *
- */
-PRStatus
-InitCrypto(char *moddbname)
-{
- SEC_Init();
-
- if( PR_Access(moddbname, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, "Error: %s does not exist.\n", moddbname);
- return PR_FAILURE;
- }
- if( PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, "Error: %s is not readable.\n",
- moddbname);
- return PR_FAILURE;
- }
-
- SECMOD_init(moddbname);
- return PR_SUCCESS;
-}
-
-/**********************************************************************
- *
- * T e s t C r y p t o
- *
- */
-int
-TestCrypto()
-{
- MechInfo *mechInfo;
- int errcode;
- unsigned short testcount=0;
-
- if(!PK11_DoesMechanism(slot, REP_MECHANISM)) {
- return 0;
- }
-
- mechInfo = GetMechInfo(REP_MECHANISM);
- /*PR_fprintf(PR_STDOUT, "Using mechanism %x.\n", REP_MECHANISM);*/
- if(!mechInfo) {
- PR_fprintf(PR_STDERR, "Unable to find mech %x\n",
- REP_MECHANISM);
- return MECH_NOT_FOUND;
- }
-
- if(mechInfo->op & ENCRYPT_OP) {
- testcount++;
- errcode = TestEncrypt(REP_MECHANISM);
- if(errcode) return errcode;
- }
-
- if(mechInfo->op & SIGN_OP) {
- testcount++;
- errcode = TestSign(REP_MECHANISM);
- if(errcode) return errcode;
- }
-
-#if 0
- if(mechInfo->op & DIGEST_OP) {
- testcount++;
- errcode = TestDigest(REP_MECHANISM);
- if(errcode) return errcode;
- }
-
- if(mechInfo->op & HMAC_OP) {
- testcount++;
- errcode = TestHMAC(REP_MECHANISM);
- if(errcode) return errcode;
- }
-#endif
-
- return 0;
-}
-
-/**********************************************************************
- *
- * I s S y m m e t r i c
- *
- */
-int
-IsSymmetric(CK_MECHANISM_TYPE mech)
-{
- switch(mech) {
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- case CKM_RC4:
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- case CKM_DES_ECB:
- case CKM_DES_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- case CKM_DES3_CBC_PAD:
- case CKM_CAST_ECB:
- case CKM_CAST_CBC:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_ECB:
- case CKM_CAST3_CBC:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_ECB:
- case CKM_CAST5_CBC:
- case CKM_CAST5_CBC_PAD:
- case CKM_IDEA_ECB:
- case CKM_IDEA_CBC:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- case CKM_CDMF_CBC_PAD:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- return 1;
- default:
- return 0;
- }
-}
-
-/**********************************************************************
- *
- * T e s t E n c r y p t
- *
- */
-int
-TestEncrypt(CK_MECHANISM_TYPE mech)
-{
-
- /*PR_fprintf(PR_STDOUT, "Inside TestEncrypt\n");*/
- if(!PK11_DoesMechanism(slot, mech)) {
- /* Can't test if the slot doesn't do this mechanism */
- PR_fprintf(PR_STDERR, "Slot doesn't do this mechanism.\n");
- return 0;
- }
-
- if(IsSymmetric(mech)) {
- /*PR_fprintf(PR_STDOUT, "Is a symmetric algorithm\n");*/
- return TestSymmetricEncrypt(mech);
- } else {
- /*PR_fprintf(PR_STDOUT, "Is not a symmetric algorithm\n");*/
- return TestPKEncrypt(mech);
- }
-
- return 0;
-}
-
-/**********************************************************************
- *
- * G e n e r a t e P K P a r a m s
- *
- */
-void*
-GeneratePKParams(CK_MECHANISM_TYPE mech)
-{
-
- /* FIPS preprocessor directives for DSA. */
- #define FIPS_DSA_TYPE siBuffer
- #define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
- #define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
- #define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
- #define FIPS_DSA_PRIME_LENGTH 64 /* 512-bits */
- #define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */
-
-
- CK_MECHANISM_TYPE keygenMech;
- PK11RSAGenParams *rsaparams;
- PQGParams *dsa_pqg;
- unsigned char *dsa_P = (unsigned char *)
- "\x8d\xf2\xa4\x94\x49\x22\x76\xaa"
- "\x3d\x25\x75\x9b\xb0\x68\x69\xcb"
- "\xea\xc0\xd8\x3a\xfb\x8d\x0c\xf7"
- "\xcb\xb8\x32\x4f\x0d\x78\x82\xe5"
- "\xd0\x76\x2f\xc5\xb7\x21\x0e\xaf"
- "\xc2\xe9\xad\xac\x32\xab\x7a\xac"
- "\x49\x69\x3d\xfb\xf8\x37\x24\xc2"
- "\xec\x07\x36\xee\x31\xc8\x02\x91";
- unsigned char *dsa_Q = (unsigned char *)
- "\xc7\x73\x21\x8c\x73\x7e\xc8\xee"
- "\x99\x3b\x4f\x2d\xed\x30\xf4\x8e"
- "\xda\xce\x91\x5f";
- unsigned char *dsa_G = (unsigned char *)
- "\x62\x6d\x02\x78\x39\xea\x0a\x13"
- "\x41\x31\x63\xa5\x5b\x4c\xb5\x00"
- "\x29\x9d\x55\x22\x95\x6c\xef\xcb"
- "\x3b\xff\x10\xf3\x99\xce\x2c\x2e"
- "\x71\xcb\x9d\xe5\xfa\x24\xba\xbf"
- "\x58\xe5\xb7\x95\x21\x92\x5c\x9c"
- "\xc4\x2e\x9f\x6f\x46\x4b\x08\x8c"
- "\xc5\x72\xaf\x53\xe6\xd7\x88\x02";
-
-
- keygenMech = PK11_GetKeyGen(mech);
-
- switch(keygenMech) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- rsaparams = PR_Malloc(sizeof(PK11RSAGenParams));
- rsaparams->keySizeInBits = REP_PK_KEY_SIZE;
- rsaparams->pe = 65537L;
- return (void*) rsaparams;
- case CKM_ECDSA_KEY_PAIR_GEN:
- case CKM_DSA_KEY_PAIR_GEN:
-
- /* Allocate PQG memory */
- dsa_pqg = PORT_ZAlloc(sizeof(PQGParams));
- dsa_pqg->prime.data = (unsigned char*)
- PORT_ZAlloc(FIPS_DSA_PRIME_LENGTH);
- dsa_pqg->subPrime.data = (unsigned char*)
- PORT_ZAlloc(FIPS_DSA_SUBPRIME_LENGTH);
- dsa_pqg->base.data = (unsigned char*)
- PORT_ZAlloc(FIPS_DSA_BASE_LENGTH);
-
- dsa_pqg->prime.type = FIPS_DSA_TYPE;
- PORT_Memcpy(dsa_pqg->prime.data, dsa_P, FIPS_DSA_PRIME_LENGTH);
- dsa_pqg->prime.len = FIPS_DSA_PRIME_LENGTH;
-
- dsa_pqg->subPrime.type = FIPS_DSA_TYPE;
- PORT_Memcpy( dsa_pqg->subPrime.data, dsa_Q,
- FIPS_DSA_SUBPRIME_LENGTH );
- dsa_pqg->subPrime.len = FIPS_DSA_SUBPRIME_LENGTH;
-
- dsa_pqg->base.type = FIPS_DSA_TYPE;
- PORT_Memcpy( dsa_pqg->base.data, dsa_G, FIPS_DSA_BASE_LENGTH );
- dsa_pqg->base.len = FIPS_DSA_BASE_LENGTH;
-
- return (void*) dsa_pqg;
-
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- case CKM_KEA_KEY_PAIR_GEN:
- default:
- return NULL;
- }
- return NULL;
-}
-
-/**********************************************************************
- *
- * F r e e P K P a r a m s
- *
- */
-void
-FreePKParams(void* p, CK_MECHANISM_TYPE mech)
-{
-
- switch(PK11_GetKeyGen(mech)) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- PR_Free( (PK11RSAGenParams*)p);
- break;
- case CKM_ECDSA_KEY_PAIR_GEN:
- case CKM_DSA_KEY_PAIR_GEN:
- PR_Free( (PQGParams*)p);
- break;
- }
-}
-
-
-/**********************************************************************
- *
- * T e s t P K E n c r y p t
- *
- */
-int
-TestPKEncrypt(CK_MECHANISM_TYPE mech)
-{
- PK11SlotInfo *internal;
- SECStatus status;
- int errcode;
- SECItem *kgparams;
- SECKEYPublicKey *pubk=NULL;
- SECKEYPrivateKey *refPrivk=NULL, *testPrivk=NULL;
- PK11SymKey *refSymKey=NULL, *testSymKey=NULL, *recoveredSymKey=NULL;
- SECItem refWrappedKey, testWrappedKey;
- SECItem *refSymkeyData=NULL, *testSymkeyData=NULL;
- SECItem wrapParams;
- int testSymKeySize;
- CK_ATTRIBUTE_TYPE usages[] = { CKA_UNWRAP };
- int usageCount = 1;
-
- wrapParams.data = "aaaaaaaa";
- wrapParams.len = 8;
-
- refWrappedKey.len = 1024;
- refWrappedKey.data = PR_Malloc(1024);
- testWrappedKey.len = 1024;
- testWrappedKey.data = PR_Malloc(1024);
-
- internal = PK11_GetInternalSlot();
-
- /* Generate keygen parameter */
- kgparams = GeneratePKParams(mech);
- if(!kgparams) {
- errcode = PARAM_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate the keypair, either on the target module or on the internal
- * module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refPrivk = PK11_GenerateKeyPair(slot, PK11_GetKeyGen(mech),
- kgparams, &pubk,
- (slot==internal) ? PR_FALSE : PR_TRUE /*isPerm*/,
- PR_FALSE /*isSensitive*/,
- NULL/*wincx*/);
- } else {
- refPrivk = PK11_GenerateKeyPair(internal, PK11_GetKeyGen(mech),
- kgparams, &pubk,
- PR_FALSE/*isPerm*/, PR_FALSE /*isSensitive*/,
- NULL/*wincx*/);
- }
- if(!refPrivk) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate symmetric key, either on the target module or on the internal
- * module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refSymKey = PK11_KeyGen(slot, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- } else {
- refSymKey = PK11_KeyGen(internal, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- }
- if(!refSymKey) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * If we generated the keys on the internal module, we have to
- * transfer them from the internal module to the target module, unless
- * the target module is the internal module.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- SECItem empty;
- SECItem label;
- empty.len=0;
- empty.data=NULL;
- label.data = "foobar";
- label.len = 6;
-
- /* Copy the symmetric key to the target token*/
- testSymKey = pk11_CopyToSlot(slot,
- CKM_DES_CBC_PAD,
- CKA_UNWRAP,
- refSymKey);
- if(testSymKey==NULL) {
- secerror = PORT_GetError();
- errcode = KEY_COPY_FAILED;
- goto loser;
- }
-
- /* Copy the private key to the target token */
- status = PK11_WrapPrivKey(internal,
- refSymKey,
- refPrivk,
- CKM_DES_CBC_PAD,
- &wrapParams,
- &refWrappedKey,
- NULL /*wincx*/);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_PRIVKEY_FAILED;
- goto loser;
- }
-
- testPrivk = PK11_UnwrapPrivKey(slot,
- testSymKey,
- CKM_DES_CBC_PAD,
- &wrapParams,
- &refWrappedKey,
- &label /*label*/,
- &empty /*ID Value*/,
- PR_TRUE /*perm*/,
- PR_TRUE /*sensitive*/,
- PK11_GetKeyType(mech, 0),
- usages, usageCount,
- NULL /*wincx*/);
- if(testPrivk==NULL) {
- secerror = PORT_GetError();
- errcode = UNWRAP_PRIVKEY_FAILED;
- goto loser;
- }
- } else {
- testPrivk=refPrivk; refPrivk = NULL;
- testSymKey=refSymKey; refSymKey = NULL;
- }
-
- /* Wrap the symmetric key with the public key */
- /* !!! Which mech do we use here, the symmetric or the PK? */
- status = PK11_PubWrapSymKey(mech, pubk, testSymKey, &testWrappedKey);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_SYMKEY_FAILED;
- goto loser;
- }
- testSymKeySize = PK11_GetKeyLength(testSymKey);
-
- /*
- * Unless we are testing the internal slot, do the same wrap operation
- * on the internal slot and compare with the wrap done on the module
- * under test. If we did the keygen on the target module, we don't
- * have the keys on the internal module so we can't compare.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- status = PK11_PubWrapSymKey(mech, pubk, refSymKey,
- &refWrappedKey);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_SYMKEY_FAILED;
- goto loser;
- }
-
- if( (testWrappedKey.len != refWrappedKey.len) ||
- memcmp(testWrappedKey.data, refWrappedKey.data,
- testWrappedKey.len) ) {
- /* Wrapped Keys don't match */
- /* !!! There's random data in these encryptions, so they'll never
- * match. */
- /*errcode = RESULTS_DONT_MATCH;*/
- /*goto loser;*/
- }
- }
-
- /* Get the data of the symmetric key */
- /* Extracting the key value may not work, depending on the token. If
- * it doesn't work, we won't be able to do the comparison later */
- PK11_ExtractKeyValue(testSymKey);
- testSymkeyData = PK11_GetKeyData(testSymKey);
- if(testSymkeyData->data == NULL) {
- /* couldn't extract key data */
- testSymkeyData = NULL;
- } else {
- testSymkeyData = SECITEM_DupItem(testSymkeyData);
- }
-
- /* Destroy the symmetric key everywhere */
- if(refSymKey) {
- PK11_FreeSymKey(refSymKey); refSymKey = NULL;
- }
- if(testSymKey) {
- PK11_FreeSymKey(testSymKey); testSymKey = NULL;
- }
-
- /*
- * Unwrap the key and make sure we get the same thing back. Can only
- * do this if we were able to get the key data from the test token.
- */
- if(testSymkeyData != NULL) {
- refSymKey = PK11_PubUnwrapSymKey(testPrivk, &testWrappedKey,
- CKM_DES_CBC_PAD, CKA_WRAP, testSymKeySize);
- if(refSymKey==NULL) {
- secerror = PORT_GetError();
- errcode = UNWRAP_SYMKEY_FAILED;
- goto loser;
- }
- /* We should always be able to get the key data from the internal
- * module */
- PK11_ExtractKeyValue(refSymKey);
- refSymkeyData = PK11_GetKeyData(refSymKey);
- PR_ASSERT(refSymkeyData!=NULL && refSymkeyData->data!=NULL);
- PR_ASSERT(testSymkeyData!=NULL && testSymkeyData->data!=NULL);
- if(SECITEM_CompareItem(refSymkeyData, testSymkeyData) != SECEqual) {
- errcode = UNWRAPPED_KEY_DOESNT_MATCH;
- goto loser;
- }
- }
-
-#ifdef DEBUG
- PR_fprintf(PR_STDOUT, "Successfully finished TestPKEncrypt!\n");
-#endif
-
- errcode = 0;
-
-loser:
- if(refPrivk) {
- SECKEY_DestroyPrivateKey(refPrivk);
- }
- SECITEM_FreeItem(&refWrappedKey, PR_FALSE);
- SECITEM_FreeItem(&testWrappedKey, PR_FALSE);
- if(refSymkeyData) {
- /* do nothing, it's a copy */
- }
- if(testSymkeyData) {
- SECITEM_FreeItem(testSymkeyData, PR_TRUE);
- }
- if(pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
- if(testPrivk) {
- SECKEY_DestroyPrivateKey(testPrivk);
- }
- if(refSymKey) {
- PK11_FreeSymKey(refSymKey);
- }
- if(testSymKey) {
- PK11_FreeSymKey(testSymKey);
- }
- if(recoveredSymKey) {
- PK11_FreeSymKey(recoveredSymKey);
- }
- return errcode;
-
-
-}
-
-/**********************************************************************
- *
- * T e s t S y m m e t r i c E n c r y p t
- *
- */
-int
-TestSymmetricEncrypt(CK_MECHANISM_TYPE mech)
-{
- PK11Context *refcontext=NULL, *testcontext=NULL;
- PK11SlotInfo *internal;
- SECStatus status;
- PK11SymKey* intkey=NULL, *extkey=NULL;
- int errcode;
- unsigned char *ptext=NULL;
- int maxclen = REP_PLAINTEXT_LEN + 128;
- unsigned char *refctext=NULL, *testctext=NULL;
- int refclen, testclen;
- unsigned char *recovered=NULL;
- int reclen;
- SECItem iv, *param=NULL;
-
- internal = PK11_GetInternalSlot();
-
- ptext = PR_Malloc(REP_PLAINTEXT_LEN);
- refctext = PR_Malloc(maxclen);
- testctext = PR_Malloc(maxclen);
- recovered = PR_Malloc(maxclen);
-
- /* Generate random plaintext */
- status = RNG_GenerateGlobalRandomBytes(ptext, REP_PLAINTEXT_LEN);
- if(status != SECSuccess) {
- errcode = INTERNAL_RNG_FAILED;
- goto loser;
- }
-
- /* Generate mechanism parameter */
- iv.len = 8;
- iv.data = "aaaaaaaa"; /* !!! does this need to be random? Maybe a
- * replacer variable ? */
- param = PK11_ParamFromIV(mech, &iv);
- if(!param) {
- errcode = PARAM_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate the key, either on the target module or the internal module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- intkey = PK11_KeyGen(slot, mech, NULL, REP_SYMKEY_SIZE,
- NULL);
- } else {
- intkey = PK11_KeyGen(internal, mech, NULL, REP_SYMKEY_SIZE,
- NULL);
- }
- if(!intkey) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- /* Copy the key to the target token if it isn't there already */
- extkey = pk11_CopyToSlot(slot, mech, CKA_ENCRYPT, intkey);
- if(!extkey) {
- secerror = PORT_GetError();
- errcode = KEY_COPY_FAILED;
- goto loser;
- }
- } else {
- extkey = intkey;
- intkey = NULL;
- }
-
- /* Create an encryption context */
- testcontext = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, extkey,
- param);
- if(!testcontext) {
- secerror = PORT_GetError();
- errcode = CREATE_CONTEXT_FAILED;
- goto loser;
- }
-
- /* Do the encryption */
- status = PK11_CipherOp(testcontext, testctext, &testclen,
- maxclen, ptext, REP_PLAINTEXT_LEN);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = CIPHER_OP_FAILED;
- goto loser;
- }
- status = PK11_Finalize(testcontext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = FINALIZE_FAILED;
- goto loser;
- }
-
- /* Free the encryption context */
- PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
- testcontext = NULL;
-
- /* Make sure the encryption did something */
- if(!memcmp(ptext, testctext,
- REP_PLAINTEXT_LEN > testclen ? testclen : REP_PLAINTEXT_LEN)) {
- errcode = ENCRYPTION_IS_NOOP;
- goto loser;
- }
-
- /*
- * Now do everything on the internal module and compare the results.
- * If the key was generated on the target module, it doesn't exist on
- * the internal module so we can't compare.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- /* Create encryption context */
- refcontext = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT,
- intkey, param);
- if(!refcontext) {
- secerror = PORT_GetError();
- errcode = CREATE_CONTEXT_FAILED;
- goto loser;
- }
-
- /* Perform the encryption */
- status = PK11_CipherOp(refcontext, refctext, &refclen,
- maxclen, ptext, REP_PLAINTEXT_LEN);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = CIPHER_OP_FAILED;
- goto loser;
- }
- status = PK11_Finalize(refcontext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = FINALIZE_FAILED;
- goto loser;
- }
-
- /* Free the context */
- PK11_DestroyContext(refcontext, PR_TRUE /*freeit*/);
- refcontext = NULL;
-
-
- /* Compare the ciphertext from the target module and the
- * internal module
- */
- if( (testclen != refclen) ||
- (memcmp(testctext, refctext, testclen)) ) {
- errcode = RESULTS_DONT_MATCH;
- goto loser;
- }
- }
-
- /*
- * Decrypt the ciphertext and make sure we get back the original
- * ptext
- */
-
- /* Create the decryption context */
- testcontext = PK11_CreateContextBySymKey(mech, CKA_DECRYPT, extkey,
- param);
- if(!testcontext) {
- secerror = PORT_GetError();
- errcode = CREATE_CONTEXT_FAILED;
- goto loser;
- }
-
- /* Do the decryption */
- status = PK11_CipherOp(testcontext, recovered, &reclen,
- maxclen, testctext, testclen);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = CIPHER_OP_FAILED;
- goto loser;
- }
- status = PK11_Finalize(testcontext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = FINALIZE_FAILED;
- goto loser;
- }
-
-
- /* Free the encryption context */
- PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
- testcontext = NULL;
-
-
- /* Compare the recovered text to the plaintext */
- if( (reclen != REP_PLAINTEXT_LEN) ||
- (memcmp(recovered, ptext, reclen)) ) {
- errcode = PLAINTEXT_DOESNT_MATCH;
- goto loser;
- }
-
-
-#ifdef DEBUG
- PR_fprintf(PR_STDOUT, "Successfully finished TestSymmetricEncrypt!\n");
-#endif
-
- errcode = 0;
-
-loser:
- if(ptext) {
- PR_Free(ptext); ptext = NULL;
- }
- if(refctext) {
- PR_Free(refctext); refctext = NULL;
- }
- if(testctext) {
- PR_Free(testctext); testctext = NULL;
- }
- if(intkey) {
- PK11_FreeSymKey(intkey); intkey = NULL;
- }
- if(extkey) {
- PK11_FreeSymKey(extkey); extkey = NULL;
- }
- if(testcontext) {
- PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
- }
- if(refcontext) {
- PK11_DestroyContext(refcontext, PR_TRUE /*freeit*/);
- }
- if(param) {
- SECITEM_FreeItem(param, PR_TRUE);
- param = NULL;
- }
- if(recovered) {
- PR_Free(recovered); recovered = NULL;
- }
- return errcode;
-}
-
-/**********************************************************************
- *
- * T e s t S i g n
- *
- */
-int
-TestSign(CK_MECHANISM_TYPE mech)
-{
- PK11SlotInfo *internal;
- SECStatus status;
- int errcode;
- SECItem *kgparams;
- SECKEYPublicKey *pubk=NULL;
- SECKEYPrivateKey *refPrivk=NULL, *testPrivk=NULL;
- PK11SymKey *refSymKey=NULL, *testSymKey=NULL, *recoveredSymKey=NULL;
- SECItem refWrappedKey, testWrappedKey;
- SECItem ptext, refSignature, testSignature;
- SECItem wrapParam;
- CK_ATTRIBUTE_TYPE usages[] = { CKA_SIGN };
- int usageCount = 1;
-
- refWrappedKey.len = 1024;
- refWrappedKey.data = PR_Malloc(1024);
- testWrappedKey.len = 1024;
- testWrappedKey.data = PR_Malloc(1024);
- refSignature.len = 1024;
- refSignature.data = PR_Malloc(1024);
- testSignature.len = 1024;
- testSignature.data = PR_Malloc(1024);
- wrapParam.data = "aaaaaaaa";
- wrapParam.len = 8;
-
- internal = PK11_GetInternalSlot();
-
- /* Generate random ptext */
- ptext.data = PR_Malloc(20);
- ptext.len = 20;
- status = RNG_GenerateGlobalRandomBytes(ptext.data, 8);
- if(status != SECSuccess) {
- errcode = INTERNAL_RNG_FAILED;
- goto loser;
- }
-
- /* Generate keygen parameter */
- kgparams = GeneratePKParams(mech);
- if(!kgparams) {
- errcode = PARAM_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate the keypair, on the target module or the internal module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refPrivk = PK11_GenerateKeyPair(slot, PK11_GetKeyGen(mech),
- kgparams, &pubk, (slot==internal) ? PR_FALSE :
- PR_TRUE /*isPerm*/,
- PR_FALSE /*isSensitive*/, NULL/*wincx*/);
- } else {
- refPrivk = PK11_GenerateKeyPair(internal, PK11_GetKeyGen(mech),
- kgparams, &pubk, PR_FALSE /*isPerm*/,
- PR_FALSE /*isSensitive*/, NULL/*wincx*/);
- }
- if(!refPrivk) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate symmetric key, on the target module or the internal module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refSymKey = PK11_KeyGen(slot, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- } else {
- refSymKey = PK11_KeyGen(internal, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- }
- if(!refSymKey) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * If the key was generated on the internal module, copy it to the
- * target module, unless the target module is the internal module.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- SECItem empty;
- SECItem label;
- SECItem *pubValue;
- empty.len=0;
- empty.data=NULL;
- label.len=6;
- label.data = "foobar";
-
- /* Copy the symmetric key to the target token*/
- testSymKey = pk11_CopyToSlot(slot,
- CKM_DES_CBC_PAD,
- CKA_WRAP,
- refSymKey);
- if(testSymKey==NULL) {
- secerror = PORT_GetError();
- errcode = KEY_COPY_FAILED;
- goto loser;
- }
-
- /* Copy the private key to the target token */
- status = PK11_WrapPrivKey(internal,
- refSymKey,
- refPrivk,
- CKM_DES_CBC_PAD,
- &wrapParam,
- &refWrappedKey,
- NULL /*wincx*/);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_PRIVKEY_FAILED;
- goto loser;
- }
-
- switch(pubk->keyType) {
- case dsaKey:
- pubValue = SECITEM_DupItem(&pubk->u.dsa.publicValue);
- break;
- case rsaKey:
- pubValue = SECITEM_DupItem(&pubk->u.rsa.modulus);
- break;
- default:
- pubValue = NULL;
- }
- testPrivk = PK11_UnwrapPrivKey(slot,
- testSymKey,
- CKM_DES_CBC_PAD,
- &wrapParam,
- &refWrappedKey,
- &label /*label*/,
- pubValue /*ID Value*/,
- PR_TRUE /*perm*/,
- PR_TRUE /*sensitive*/,
- PK11_GetKeyType(mech, 0),
- usages, usageCount,
- NULL /*wincx*/);
- if(pubValue) {
- SECITEM_FreeItem(pubValue, PR_TRUE);
- pubValue = NULL;
- }
- if(testPrivk==NULL) {
- secerror = PORT_GetError();
- errcode = UNWRAP_PRIVKEY_FAILED;
- goto loser;
- }
- } else {
- testPrivk=refPrivk; refPrivk = NULL;
- testSymKey=refSymKey; refSymKey = NULL;
- }
-
- /* Sign the data with the private key */
- status = PK11_Sign(testPrivk, &testSignature, &ptext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = SIGNATURE_FAILED;
- goto loser;
- }
-
- /*
- * Unless we are testing the internal slot, do the same wrap operation
- * on the internal slot and compare with the signature done on the
- * module under test
- * Also, DSA signatures contain random data, so comparing them
- * is useless (I suppose if they are the same something is wrong!).
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET
- && mech != CKM_DSA && mech != CKM_DSA_SHA1) {
- status = PK11_Sign(refPrivk, &refSignature, &ptext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = SIGNATURE_FAILED;
- goto loser;
- }
-
- if( SECITEM_CompareItem(&refSignature, &testSignature)
- != SECEqual) {
- errcode = RESULTS_DONT_MATCH;
- goto loser;
- }
- }
-
-
- /*
- * Verify the signature.
- */
- status = PK11_Verify(pubk, &testSignature, &ptext, NULL /*wincx*/);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = SIGNATURE_DOESNT_VERIFY;
- goto loser;
- }
-
-
-#ifdef DEBUG
- PR_fprintf(PR_STDOUT, "Successfully finished TestSign!\n");
-#endif
-
- errcode = 0;
-
-loser:
- SECITEM_FreeItem(&refWrappedKey, PR_FALSE);
- SECITEM_FreeItem(&testWrappedKey, PR_FALSE);
- SECITEM_FreeItem(&ptext, PR_FALSE);
- SECITEM_FreeItem(&refSignature, PR_FALSE);
- SECITEM_FreeItem(&testSignature, PR_FALSE);
- if(refPrivk) {
- SECKEY_DestroyPrivateKey(refPrivk);
- }
- if(pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
- if(testPrivk) {
- SECKEY_DestroyPrivateKey(testPrivk);
- }
- if(refSymKey) {
- PK11_FreeSymKey(refSymKey);
- }
- if(testSymKey) {
- PK11_FreeSymKey(testSymKey);
- }
- if(recoveredSymKey) {
- PK11_FreeSymKey(recoveredSymKey);
- }
- return errcode;
-
-
-}
-
-/**********************************************************************
- *
- * T e s t D i g e s t
- *
- */
-int
-TestDigest(CK_MECHANISM_TYPE mech)
-{
- return 0;
-}
-
-/**********************************************************************
- *
- * T e s t H M A C
- *
- */
-int
-TestHMAC(CK_MECHANISM_TYPE mech)
-{
- return 0;
-}
-
-/**********************************************************************
- *
- * G e t M e c h I n f o
- *
- */
-MechInfo*
-GetMechInfo(CK_MECHANISM_TYPE type)
-{
- /* mechInfo array is sorted by type, so we can do a binary search
- l is the left-most possible matching index
- r is the rightmost possible matching index
- mid is approximately the middle point between l and r */
- int l, r, mid;
-
- l = 0; r = numMechs-1;
-
- while(l <= r) {
- mid = (l+r)/2;
- if(mechInfo[mid].type == type) {
- return &(mechInfo[mid]);
- } else if(mechInfo[mid].type < type) {
- l = mid+1;
- } else {
- r = mid-1;
- }
- }
-
- /* If l > r, the pointers have crossed without finding the element. */
- return NULL;
-}
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
deleted file mode 100755
index f14de494f..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PK11TEST_H
-#define PK11TEST_H
-
-#define REP_SYMKEY_MECHANISM CKM_DES_KEY_GEN
-
-/* symmetric key size in bytes */
-#define REP_SYMKEY_SIZE 8
-
-#define REP_PK_KEY_SIZE 1024
-#define REP_PLAINTEXT_LEN 8
-#define REP_MECHANISM mechanism[testId/2/2%46]
-#define REP_USE_CORRECT_PIN UseCorrectPin[testId%2]
-#define REP_KEYGEN_ON_TARGET KeyGenOnTarget[testId/2%2]
-#define CKM_NO_OP 0x80001111
-
-int testId = 0;
-
-PRBool UseCorrectPin[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool KeyGenOnTarget[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-CK_MECHANISM_TYPE mechanism[] = {
- CKM_NO_OP,
- CKM_RSA_PKCS,
- CKM_RSA_9796,
- CKM_RSA_X_509,
- CKM_MD2_RSA_PKCS,
- CKM_MD5_RSA_PKCS,
- CKM_SHA1_RSA_PKCS,
- CKM_DSA,
- CKM_DSA_SHA1,
- CKM_ECDSA,
- CKM_ECDSA_SHA1,
- CKM_RC2_ECB,
- CKM_RC2_CBC,
- CKM_RC4,
- CKM_RC5_ECB,
- CKM_RC5_CBC,
- CKM_DES_ECB,
- CKM_DES_CBC,
- CKM_DES3_ECB,
- CKM_DES3_CBC,
- CKM_CAST_ECB,
- CKM_CAST_CBC,
- CKM_CAST3_ECB,
- CKM_CAST3_CBC,
- CKM_CAST5_ECB,
- CKM_CAST5_CBC,
- CKM_IDEA_ECB,
- CKM_IDEA_CBC,
- CKM_CDMF_ECB,
- CKM_CDMF_CBC,
- CKM_SKIPJACK_ECB64,
- CKM_SKIPJACK_CBC64,
- CKM_SKIPJACK_OFB64,
- CKM_SKIPJACK_CFB64,
- CKM_SKIPJACK_CFB32,
- CKM_SKIPJACK_CFB16,
- CKM_SKIPJACK_CFB8,
- CKM_BATON_ECB128,
- CKM_BATON_ECB96,
- CKM_BATON_CBC128,
- CKM_BATON_COUNTER,
- CKM_BATON_SHUFFLE,
- CKM_JUNIPER_ECB128,
- CKM_JUNIPER_CBC128,
- CKM_JUNIPER_COUNTER,
- CKM_JUNIPER_SHUFFLE
-};
-
-
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
deleted file mode 100644
index bf78cf6ce..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PK11TEST_H
-#define PK11TEST_H
-
-#define REP_SYMKEY_MECHANISM CKM_DES_KEY_GEN
-
-/* symmetric key size in bytes */
-#define REP_SYMKEY_SIZE 8
-
-#define REP_PK_KEY_SIZE 1024
-#define REP_PLAINTEXT_LEN 8
-#define REP_MECHANISM $[mechanism]
-#define REP_USE_CORRECT_PIN $[UseCorrectPin]
-#define REP_KEYGEN_ON_TARGET $[KeyGenOnTarget]
-#define CKM_NO_OP 0x80001111
-
-$[DATA-TO-TEST]
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
deleted file mode 100644
index ae3a933d4..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PKCS11_H
-#define PKCS11_H
-
-#define NULL_OP 0x00
-#define ENCRYPT_OP 0x01
-#define SIGN_OP 0x02
-#define KEYGEN_OP 0x04
-#define DIGEST_OP 0x08
-#define HMAC_OP 0x10
-
-typedef struct {
- CK_MECHANISM_TYPE type;
- int op;
- CK_MECHANISM_TYPE keygenMech;
-} MechInfo;
-
-static int numMechs=118;
-static MechInfo mechInfo[] = {
- {CKM_RSA_PKCS_KEY_PAIR_GEN,
- KEYGEN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_RSA_PKCS, ENCRYPT_OP | SIGN_OP,
- CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_RSA_9796, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_RSA_X_509, ENCRYPT_OP | SIGN_OP,
- CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_MD2_RSA_PKCS, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_MD5_RSA_PKCS, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_SHA1_RSA_PKCS, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_DSA_KEY_PAIR_GEN, KEYGEN_OP, CKM_DSA_KEY_PAIR_GEN},
- {CKM_DSA, SIGN_OP, CKM_DSA_KEY_PAIR_GEN},
- {CKM_DSA_SHA1, SIGN_OP, CKM_DSA_KEY_PAIR_GEN},
- {CKM_DH_PKCS_KEY_PAIR_GEN,
- KEYGEN_OP, CKM_DH_PKCS_KEY_PAIR_GEN},
- {CKM_DH_PKCS_DERIVE, NULL_OP, 0},
- {CKM_RC2_KEY_GEN, KEYGEN_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_ECB, ENCRYPT_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_CBC, ENCRYPT_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_MAC, NULL_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_MAC_GENERAL, NULL_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_CBC_PAD, NULL_OP, CKM_RC2_KEY_GEN},
- {CKM_RC4_KEY_GEN, KEYGEN_OP, CKM_RC4_KEY_GEN},
- {CKM_RC4, ENCRYPT_OP, CKM_RC4_KEY_GEN},
- {CKM_DES_KEY_GEN, KEYGEN_OP, CKM_DES_KEY_GEN},
- {CKM_DES_ECB, ENCRYPT_OP, CKM_DES_KEY_GEN},
- {CKM_DES_CBC, ENCRYPT_OP, CKM_DES_KEY_GEN},
- {CKM_DES_MAC, NULL_OP, CKM_DES_KEY_GEN},
- {CKM_DES_MAC_GENERAL, NULL_OP, CKM_DES_KEY_GEN},
- {CKM_DES_CBC_PAD, NULL_OP, CKM_DES_KEY_GEN},
- {CKM_DES2_KEY_GEN, KEYGEN_OP, CKM_DES2_KEY_GEN},
- {CKM_DES3_KEY_GEN, KEYGEN_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_ECB, ENCRYPT_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_CBC, ENCRYPT_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_MAC, NULL_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_MAC_GENERAL, NULL_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_CBC_PAD, NULL_OP, CKM_DES3_KEY_GEN},
- {CKM_CDMF_KEY_GEN, KEYGEN_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_ECB, ENCRYPT_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_CBC, ENCRYPT_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_MAC, NULL_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_MAC_GENERAL, NULL_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_CBC_PAD, NULL_OP, CKM_CDMF_KEY_GEN},
- {CKM_MD2, DIGEST_OP, 0},
- {CKM_MD2_HMAC, HMAC_OP, 0},
- {CKM_MD2_HMAC_GENERAL, HMAC_OP, 0},
- {CKM_MD5, DIGEST_OP, 0},
- {CKM_MD5_HMAC, HMAC_OP, 0},
- {CKM_MD5_HMAC_GENERAL, HMAC_OP, 0},
- {CKM_SHA_1, DIGEST_OP, 0},
- {CKM_SHA_1_HMAC, HMAC_OP, 0},
- {CKM_SHA_1_HMAC_GENERAL,HMAC_OP, 0},
- {CKM_CAST_KEY_GEN, KEYGEN_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_ECB, ENCRYPT_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_CBC, ENCRYPT_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_MAC, NULL_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_MAC_GENERAL, NULL_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_CBC_PAD, NULL_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST3_KEY_GEN, KEYGEN_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_ECB, ENCRYPT_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_CBC, ENCRYPT_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_MAC, NULL_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_MAC_GENERAL, NULL_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_CBC_PAD, NULL_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST5_KEY_GEN, KEYGEN_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_ECB, ENCRYPT_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_CBC, ENCRYPT_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_MAC, NULL_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_MAC_GENERAL, NULL_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_CBC_PAD, NULL_OP, CKM_CAST5_KEY_GEN},
- {CKM_RC5_KEY_GEN, KEYGEN_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_ECB, ENCRYPT_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_CBC, ENCRYPT_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_MAC, NULL_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_MAC_GENERAL, NULL_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_CBC_PAD, NULL_OP, CKM_RC5_KEY_GEN},
- {CKM_IDEA_KEY_GEN, KEYGEN_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_ECB, ENCRYPT_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_CBC, ENCRYPT_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_MAC, NULL_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_MAC_GENERAL, NULL_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_CBC_PAD, NULL_OP, CKM_IDEA_KEY_GEN},
- {CKM_GENERIC_SECRET_KEY_GEN,
- KEYGEN_OP, CKM_GENERIC_SECRET_KEY_GEN},
-/* SSL mechanisms?
- {CKM_SSL3_PRE_MASTER_KEY_GEN},
- {CKM_SSL3_MASTER_KEY_DERIVE},
- {CKM_SSL3_KEY_AND_MAC_DERIVE},
- {CKM_SSL3_MD5_MAC},
- {CKM_SSL3_SHA1_MAC},
-*/
- {CKM_PBE_MD2_DES_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_DES_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST3_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST5_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST128_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_CAST5_CBC,KEYGEN_OP, 0},
- {CKM_PBE_SHA1_CAST128_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC4_128, KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC4_40, KEYGEN_OP, 0},
- {CKM_PBE_SHA1_DES3_EDE_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_DES2_EDE_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC2_128_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC2_40_CBC,
- KEYGEN_OP, 0},
- {CKM_PBA_SHA1_WITH_SHA1_HMAC,
- KEYGEN_OP, 0},
- {CKM_SKIPJACK_KEY_GEN, KEYGEN_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_ECB64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CBC64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_OFB64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB32, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB16, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB8, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_KEA_KEY_PAIR_GEN, KEYGEN_OP, 0},
- {CKM_BATON_KEY_GEN, KEYGEN_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_ECB128, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_ECB96, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_CBC128, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_COUNTER, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_SHUFFLE, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_ECDSA_KEY_PAIR_GEN,KEYGEN_OP, CKM_ECDSA_KEY_PAIR_GEN},
- {CKM_ECDSA, SIGN_OP, CKM_ECDSA_KEY_PAIR_GEN},
- {CKM_ECDSA_SHA1, SIGN_OP, CKM_ECDSA_KEY_PAIR_GEN},
- {CKM_JUNIPER_KEY_GEN, KEYGEN_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_ECB128, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_CBC128, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_COUNTER, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_SHUFFLE, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_FASTHASH, DIGEST_OP, 0}
-};
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
deleted file mode 100644
index e0a433552..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
+++ /dev/null
@@ -1,960 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-mut=PKCS11
-mutversion=1.0
-htmlout=NOW
-reporterSpec=NOW
-program=pk11test
-globalArgs=internal
-
-[Test-1]
-
-testId=0
-testname=Use supplied pin, Generate keys on target token, NO OP,
-
-[Test-2]
-
-testId=4
-testname=Use supplied pin, Generate keys on target token, RSA PKCS,
-
-[Test-3]
-
-testId=8
-testname=Use supplied pin, Generate keys on target token, RSA 9796,
-
-[Test-4]
-
-testId=12
-testname=Use supplied pin, Generate keys on target token, RSA X.509,
-
-[Test-5]
-
-testId=16
-testname=Use supplied pin, Generate keys on target token, MD2 RSA PKCS,
-
-[Test-6]
-
-testId=20
-testname=Use supplied pin, Generate keys on target token, MD5 RSA PKCS,
-
-[Test-7]
-
-testId=24
-testname=Use supplied pin, Generate keys on target token, SHA1 RSA PKCS,
-
-[Test-8]
-
-testId=28
-testname=Use supplied pin, Generate keys on target token, DSA,
-
-[Test-9]
-
-testId=32
-testname=Use supplied pin, Generate keys on target token, DSA SHA1,
-
-[Test-10]
-
-testId=36
-testname=Use supplied pin, Generate keys on target token, ECDSA,
-
-[Test-11]
-
-testId=40
-testname=Use supplied pin, Generate keys on target token, ECDSA SHA1,
-
-[Test-12]
-
-testId=44
-testname=Use supplied pin, Generate keys on target token, RC2 ECB,
-
-[Test-13]
-
-testId=48
-testname=Use supplied pin, Generate keys on target token, RC2 CBC,
-
-[Test-14]
-
-testId=52
-testname=Use supplied pin, Generate keys on target token, RC4,
-
-[Test-15]
-
-testId=56
-testname=Use supplied pin, Generate keys on target token, RC5 ECB,
-
-[Test-16]
-
-testId=60
-testname=Use supplied pin, Generate keys on target token, RC5 CBC,
-
-[Test-17]
-
-testId=64
-testname=Use supplied pin, Generate keys on target token, DES ECB,
-
-[Test-18]
-
-testId=68
-testname=Use supplied pin, Generate keys on target token, DES CBC,
-
-[Test-19]
-
-testId=72
-testname=Use supplied pin, Generate keys on target token, DES3 ECB,
-
-[Test-20]
-
-testId=76
-testname=Use supplied pin, Generate keys on target token, DES3 CBC,
-
-[Test-21]
-
-testId=80
-testname=Use supplied pin, Generate keys on target token, CAST ECB,
-
-[Test-22]
-
-testId=84
-testname=Use supplied pin, Generate keys on target token, CAST CBC,
-
-[Test-23]
-
-testId=88
-testname=Use supplied pin, Generate keys on target token, CAST3 ECB,
-
-[Test-24]
-
-testId=92
-testname=Use supplied pin, Generate keys on target token, CAST3 CBC,
-
-[Test-25]
-
-testId=96
-testname=Use supplied pin, Generate keys on target token, CAST5 ECB,
-
-[Test-26]
-
-testId=100
-testname=Use supplied pin, Generate keys on target token, CAST5 CBC,
-
-[Test-27]
-
-testId=104
-testname=Use supplied pin, Generate keys on target token, IDEA ECB,
-
-[Test-28]
-
-testId=108
-testname=Use supplied pin, Generate keys on target token, IDEA CBC,
-
-[Test-29]
-
-testId=112
-testname=Use supplied pin, Generate keys on target token, CDMF ECB,
-
-[Test-30]
-
-testId=116
-testname=Use supplied pin, Generate keys on target token, CDMF CBC,
-
-[Test-31]
-
-testId=120
-testname=Use supplied pin, Generate keys on target token, SKIPJACK ECB64,
-
-[Test-32]
-
-testId=124
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CBC64,
-
-[Test-33]
-
-testId=128
-testname=Use supplied pin, Generate keys on target token, SKIPJACK OFB64,
-
-[Test-34]
-
-testId=132
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB64,
-
-[Test-35]
-
-testId=136
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB32,
-
-[Test-36]
-
-testId=140
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB16,
-
-[Test-37]
-
-testId=144
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB8,
-
-[Test-38]
-
-testId=148
-testname=Use supplied pin, Generate keys on target token, BATON ECB128,
-
-[Test-39]
-
-testId=152
-testname=Use supplied pin, Generate keys on target token, BATON ECB96,
-
-[Test-40]
-
-testId=156
-testname=Use supplied pin, Generate keys on target token, BATON CBC128,
-
-[Test-41]
-
-testId=160
-testname=Use supplied pin, Generate keys on target token, BATON counter,
-
-[Test-42]
-
-testId=164
-testname=Use supplied pin, Generate keys on target token, BATON shuffle,
-
-[Test-43]
-
-testId=168
-testname=Use supplied pin, Generate keys on target token, JUNIPER ECB128,
-
-[Test-44]
-
-testId=172
-testname=Use supplied pin, Generate keys on target token, JUNIPER CBC128,
-
-[Test-45]
-
-testId=176
-testname=Use supplied pin, Generate keys on target token, JUNIPER counter,
-
-[Test-46]
-
-testId=180
-testname=Use supplied pin, Generate keys on target token, JUNIPER shuffle,
-
-[Test-47]
-
-testId=2
-testname=Use supplied pin, Generate keys on internal module, NO OP,
-
-[Test-48]
-
-testId=6
-testname=Use supplied pin, Generate keys on internal module, RSA PKCS,
-
-[Test-49]
-
-testId=10
-testname=Use supplied pin, Generate keys on internal module, RSA 9796,
-
-[Test-50]
-
-testId=14
-testname=Use supplied pin, Generate keys on internal module, RSA X.509,
-
-[Test-51]
-
-testId=18
-testname=Use supplied pin, Generate keys on internal module, MD2 RSA PKCS,
-
-[Test-52]
-
-testId=22
-testname=Use supplied pin, Generate keys on internal module, MD5 RSA PKCS,
-
-[Test-53]
-
-testId=26
-testname=Use supplied pin, Generate keys on internal module, SHA1 RSA PKCS,
-
-[Test-54]
-
-testId=30
-testname=Use supplied pin, Generate keys on internal module, DSA,
-
-[Test-55]
-
-testId=34
-testname=Use supplied pin, Generate keys on internal module, DSA SHA1,
-
-[Test-56]
-
-testId=38
-testname=Use supplied pin, Generate keys on internal module, ECDSA,
-
-[Test-57]
-
-testId=42
-testname=Use supplied pin, Generate keys on internal module, ECDSA SHA1,
-
-[Test-58]
-
-testId=46
-testname=Use supplied pin, Generate keys on internal module, RC2 ECB,
-
-[Test-59]
-
-testId=50
-testname=Use supplied pin, Generate keys on internal module, RC2 CBC,
-
-[Test-60]
-
-testId=54
-testname=Use supplied pin, Generate keys on internal module, RC4,
-
-[Test-61]
-
-testId=58
-testname=Use supplied pin, Generate keys on internal module, RC5 ECB,
-
-[Test-62]
-
-testId=62
-testname=Use supplied pin, Generate keys on internal module, RC5 CBC,
-
-[Test-63]
-
-testId=66
-testname=Use supplied pin, Generate keys on internal module, DES ECB,
-
-[Test-64]
-
-testId=70
-testname=Use supplied pin, Generate keys on internal module, DES CBC,
-
-[Test-65]
-
-testId=74
-testname=Use supplied pin, Generate keys on internal module, DES3 ECB,
-
-[Test-66]
-
-testId=78
-testname=Use supplied pin, Generate keys on internal module, DES3 CBC,
-
-[Test-67]
-
-testId=82
-testname=Use supplied pin, Generate keys on internal module, CAST ECB,
-
-[Test-68]
-
-testId=86
-testname=Use supplied pin, Generate keys on internal module, CAST CBC,
-
-[Test-69]
-
-testId=90
-testname=Use supplied pin, Generate keys on internal module, CAST3 ECB,
-
-[Test-70]
-
-testId=94
-testname=Use supplied pin, Generate keys on internal module, CAST3 CBC,
-
-[Test-71]
-
-testId=98
-testname=Use supplied pin, Generate keys on internal module, CAST5 ECB,
-
-[Test-72]
-
-testId=102
-testname=Use supplied pin, Generate keys on internal module, CAST5 CBC,
-
-[Test-73]
-
-testId=106
-testname=Use supplied pin, Generate keys on internal module, IDEA ECB,
-
-[Test-74]
-
-testId=110
-testname=Use supplied pin, Generate keys on internal module, IDEA CBC,
-
-[Test-75]
-
-testId=114
-testname=Use supplied pin, Generate keys on internal module, CDMF ECB,
-
-[Test-76]
-
-testId=118
-testname=Use supplied pin, Generate keys on internal module, CDMF CBC,
-
-[Test-77]
-
-testId=122
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK ECB64,
-
-[Test-78]
-
-testId=126
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CBC64,
-
-[Test-79]
-
-testId=130
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK OFB64,
-
-[Test-80]
-
-testId=134
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB64,
-
-[Test-81]
-
-testId=138
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB32,
-
-[Test-82]
-
-testId=142
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB16,
-
-[Test-83]
-
-testId=146
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB8,
-
-[Test-84]
-
-testId=150
-testname=Use supplied pin, Generate keys on internal module, BATON ECB128,
-
-[Test-85]
-
-testId=154
-testname=Use supplied pin, Generate keys on internal module, BATON ECB96,
-
-[Test-86]
-
-testId=158
-testname=Use supplied pin, Generate keys on internal module, BATON CBC128,
-
-[Test-87]
-
-testId=162
-testname=Use supplied pin, Generate keys on internal module, BATON counter,
-
-[Test-88]
-
-testId=166
-testname=Use supplied pin, Generate keys on internal module, BATON shuffle,
-
-[Test-89]
-
-testId=170
-testname=Use supplied pin, Generate keys on internal module, JUNIPER ECB128,
-
-[Test-90]
-
-testId=174
-testname=Use supplied pin, Generate keys on internal module, JUNIPER CBC128,
-
-[Test-91]
-
-testId=178
-testname=Use supplied pin, Generate keys on internal module, JUNIPER counter,
-
-[Test-92]
-
-testId=182
-testname=Use supplied pin, Generate keys on internal module, JUNIPER shuffle,
-
-[Test-93]
-
-testId=1
-testname=Use different (incorrect) pin, Generate keys on target token, NO OP,
-
-[Test-94]
-
-testId=5
-testname=Use different (incorrect) pin, Generate keys on target token, RSA PKCS,
-
-[Test-95]
-
-testId=9
-testname=Use different (incorrect) pin, Generate keys on target token, RSA 9796,
-
-[Test-96]
-
-testId=13
-testname=Use different (incorrect) pin, Generate keys on target token, RSA X.509,
-
-[Test-97]
-
-testId=17
-testname=Use different (incorrect) pin, Generate keys on target token, MD2 RSA PKCS,
-
-[Test-98]
-
-testId=21
-testname=Use different (incorrect) pin, Generate keys on target token, MD5 RSA PKCS,
-
-[Test-99]
-
-testId=25
-testname=Use different (incorrect) pin, Generate keys on target token, SHA1 RSA PKCS,
-
-[Test-100]
-
-testId=29
-testname=Use different (incorrect) pin, Generate keys on target token, DSA,
-
-[Test-101]
-
-testId=33
-testname=Use different (incorrect) pin, Generate keys on target token, DSA SHA1,
-
-[Test-102]
-
-testId=37
-testname=Use different (incorrect) pin, Generate keys on target token, ECDSA,
-
-[Test-103]
-
-testId=41
-testname=Use different (incorrect) pin, Generate keys on target token, ECDSA SHA1,
-
-[Test-104]
-
-testId=45
-testname=Use different (incorrect) pin, Generate keys on target token, RC2 ECB,
-
-[Test-105]
-
-testId=49
-testname=Use different (incorrect) pin, Generate keys on target token, RC2 CBC,
-
-[Test-106]
-
-testId=53
-testname=Use different (incorrect) pin, Generate keys on target token, RC4,
-
-[Test-107]
-
-testId=57
-testname=Use different (incorrect) pin, Generate keys on target token, RC5 ECB,
-
-[Test-108]
-
-testId=61
-testname=Use different (incorrect) pin, Generate keys on target token, RC5 CBC,
-
-[Test-109]
-
-testId=65
-testname=Use different (incorrect) pin, Generate keys on target token, DES ECB,
-
-[Test-110]
-
-testId=69
-testname=Use different (incorrect) pin, Generate keys on target token, DES CBC,
-
-[Test-111]
-
-testId=73
-testname=Use different (incorrect) pin, Generate keys on target token, DES3 ECB,
-
-[Test-112]
-
-testId=77
-testname=Use different (incorrect) pin, Generate keys on target token, DES3 CBC,
-
-[Test-113]
-
-testId=81
-testname=Use different (incorrect) pin, Generate keys on target token, CAST ECB,
-
-[Test-114]
-
-testId=85
-testname=Use different (incorrect) pin, Generate keys on target token, CAST CBC,
-
-[Test-115]
-
-testId=89
-testname=Use different (incorrect) pin, Generate keys on target token, CAST3 ECB,
-
-[Test-116]
-
-testId=93
-testname=Use different (incorrect) pin, Generate keys on target token, CAST3 CBC,
-
-[Test-117]
-
-testId=97
-testname=Use different (incorrect) pin, Generate keys on target token, CAST5 ECB,
-
-[Test-118]
-
-testId=101
-testname=Use different (incorrect) pin, Generate keys on target token, CAST5 CBC,
-
-[Test-119]
-
-testId=105
-testname=Use different (incorrect) pin, Generate keys on target token, IDEA ECB,
-
-[Test-120]
-
-testId=109
-testname=Use different (incorrect) pin, Generate keys on target token, IDEA CBC,
-
-[Test-121]
-
-testId=113
-testname=Use different (incorrect) pin, Generate keys on target token, CDMF ECB,
-
-[Test-122]
-
-testId=117
-testname=Use different (incorrect) pin, Generate keys on target token, CDMF CBC,
-
-[Test-123]
-
-testId=121
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK ECB64,
-
-[Test-124]
-
-testId=125
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CBC64,
-
-[Test-125]
-
-testId=129
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK OFB64,
-
-[Test-126]
-
-testId=133
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB64,
-
-[Test-127]
-
-testId=137
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB32,
-
-[Test-128]
-
-testId=141
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB16,
-
-[Test-129]
-
-testId=145
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB8,
-
-[Test-130]
-
-testId=149
-testname=Use different (incorrect) pin, Generate keys on target token, BATON ECB128,
-
-[Test-131]
-
-testId=153
-testname=Use different (incorrect) pin, Generate keys on target token, BATON ECB96,
-
-[Test-132]
-
-testId=157
-testname=Use different (incorrect) pin, Generate keys on target token, BATON CBC128,
-
-[Test-133]
-
-testId=161
-testname=Use different (incorrect) pin, Generate keys on target token, BATON counter,
-
-[Test-134]
-
-testId=165
-testname=Use different (incorrect) pin, Generate keys on target token, BATON shuffle,
-
-[Test-135]
-
-testId=169
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER ECB128,
-
-[Test-136]
-
-testId=173
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER CBC128,
-
-[Test-137]
-
-testId=177
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER counter,
-
-[Test-138]
-
-testId=181
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER shuffle,
-
-[Test-139]
-
-testId=3
-testname=Use different (incorrect) pin, Generate keys on internal module, NO OP,
-
-[Test-140]
-
-testId=7
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA PKCS,
-
-[Test-141]
-
-testId=11
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA 9796,
-
-[Test-142]
-
-testId=15
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA X.509,
-
-[Test-143]
-
-testId=19
-testname=Use different (incorrect) pin, Generate keys on internal module, MD2 RSA PKCS,
-
-[Test-144]
-
-testId=23
-testname=Use different (incorrect) pin, Generate keys on internal module, MD5 RSA PKCS,
-
-[Test-145]
-
-testId=27
-testname=Use different (incorrect) pin, Generate keys on internal module, SHA1 RSA PKCS,
-
-[Test-146]
-
-testId=31
-testname=Use different (incorrect) pin, Generate keys on internal module, DSA,
-
-[Test-147]
-
-testId=35
-testname=Use different (incorrect) pin, Generate keys on internal module, DSA SHA1,
-
-[Test-148]
-
-testId=39
-testname=Use different (incorrect) pin, Generate keys on internal module, ECDSA,
-
-[Test-149]
-
-testId=43
-testname=Use different (incorrect) pin, Generate keys on internal module, ECDSA SHA1,
-
-[Test-150]
-
-testId=47
-testname=Use different (incorrect) pin, Generate keys on internal module, RC2 ECB,
-
-[Test-151]
-
-testId=51
-testname=Use different (incorrect) pin, Generate keys on internal module, RC2 CBC,
-
-[Test-152]
-
-testId=55
-testname=Use different (incorrect) pin, Generate keys on internal module, RC4,
-
-[Test-153]
-
-testId=59
-testname=Use different (incorrect) pin, Generate keys on internal module, RC5 ECB,
-
-[Test-154]
-
-testId=63
-testname=Use different (incorrect) pin, Generate keys on internal module, RC5 CBC,
-
-[Test-155]
-
-testId=67
-testname=Use different (incorrect) pin, Generate keys on internal module, DES ECB,
-
-[Test-156]
-
-testId=71
-testname=Use different (incorrect) pin, Generate keys on internal module, DES CBC,
-
-[Test-157]
-
-testId=75
-testname=Use different (incorrect) pin, Generate keys on internal module, DES3 ECB,
-
-[Test-158]
-
-testId=79
-testname=Use different (incorrect) pin, Generate keys on internal module, DES3 CBC,
-
-[Test-159]
-
-testId=83
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST ECB,
-
-[Test-160]
-
-testId=87
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST CBC,
-
-[Test-161]
-
-testId=91
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST3 ECB,
-
-[Test-162]
-
-testId=95
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST3 CBC,
-
-[Test-163]
-
-testId=99
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST5 ECB,
-
-[Test-164]
-
-testId=103
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST5 CBC,
-
-[Test-165]
-
-testId=107
-testname=Use different (incorrect) pin, Generate keys on internal module, IDEA ECB,
-
-[Test-166]
-
-testId=111
-testname=Use different (incorrect) pin, Generate keys on internal module, IDEA CBC,
-
-[Test-167]
-
-testId=115
-testname=Use different (incorrect) pin, Generate keys on internal module, CDMF ECB,
-
-[Test-168]
-
-testId=119
-testname=Use different (incorrect) pin, Generate keys on internal module, CDMF CBC,
-
-[Test-169]
-
-testId=123
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK ECB64,
-
-[Test-170]
-
-testId=127
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CBC64,
-
-[Test-171]
-
-testId=131
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK OFB64,
-
-[Test-172]
-
-testId=135
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB64,
-
-[Test-173]
-
-testId=139
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB32,
-
-[Test-174]
-
-testId=143
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB16,
-
-[Test-175]
-
-testId=147
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB8,
-
-[Test-176]
-
-testId=151
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON ECB128,
-
-[Test-177]
-
-testId=155
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON ECB96,
-
-[Test-178]
-
-testId=159
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON CBC128,
-
-[Test-179]
-
-testId=163
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON counter,
-
-[Test-180]
-
-testId=167
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON shuffle,
-
-[Test-181]
-
-testId=171
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER ECB128,
-
-[Test-182]
-
-testId=175
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER CBC128,
-
-[Test-183]
-
-testId=179
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER counter,
-
-[Test-184]
-
-testId=183
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER shuffle,
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
deleted file mode 100644
index c1f688ec3..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
+++ /dev/null
@@ -1,157 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-mut=PKCS11
-mutversion=1.0
-cTemplate=pk11test.htp
-testPrefix=pk11test
-testSuffix=.h
-#timeout=
-regressSpecfile=pkcs11.reg
-regressOutput=NOW
-reporterOutput=NOW
-singleSource=TRUE
-firstExitCode=100
-
-[UseCorrectPin]
-IMPORTANCE=HIGH
-TYPE=PRBool
-Use supplied pin, =PR_TRUE
-Use different (incorrect) pin, =PR_FALSE
-
-[KeyGenOnTarget]
-IMPORTANCE=HIGH
-TYPE=PRBool
-Generate keys on target token, = PR_TRUE
-Generate keys on internal module, = PR_FALSE
-
-[mechanism]
-IMPORTANCE=HIGH
-TYPE = CK_MECHANISM_TYPE
-NO OP, = CKM_NO_OP
-RSA PKCS, = CKM_RSA_PKCS
-RSA 9796, = CKM_RSA_9796
-RSA X.509, = CKM_RSA_X_509
-MD2 RSA PKCS, = CKM_MD2_RSA_PKCS
-MD5 RSA PKCS, = CKM_MD5_RSA_PKCS
-SHA1 RSA PKCS, = CKM_SHA1_RSA_PKCS
-DSA, = CKM_DSA
-DSA SHA1, = CKM_DSA_SHA1
-ECDSA, = CKM_ECDSA
-ECDSA SHA1, = CKM_ECDSA_SHA1
-RC2 ECB, = CKM_RC2_ECB
-RC2 CBC, = CKM_RC2_CBC
-#RC2 CBC PAD, = CKM_RC2_CBC_PAD
-#RC2 MAC general, = CKM_RC2_MAC_GENERAL
-#RC2 MAC, = CKM_RC2_MAC
-RC4, = CKM_RC4
-RC5 ECB, = CKM_RC5_ECB
-RC5 CBC, = CKM_RC5_CBC
-#RC5 CBC PAD, = CKM_RC5_CBC_PAD
-#RC5 MAC general, = CKM_RC5_MAC_GENERAL
-#RC5 MAC, = CKM_RC5_MAC
-DES ECB, = CKM_DES_ECB
-DES CBC, = CKM_DES_CBC
-#DES CBC PAD, = CKM_DES_CBC_PAD
-#DES MAC general, = CKM_DES_MAC_GENERAL
-#DES MAC, = CKM_DES_MAC
-#DES2 keygen, = CKM_DES2_KEY_GEN
-DES3 ECB, = CKM_DES3_ECB
-DES3 CBC, = CKM_DES3_CBC
-#DES3 CBC pad, = CKM_DES3_CBC_PAD
-#DES3 MAC general, = CKM_DES3_MAC_GENERAL
-#DES3 MAC, = CKM_DES3_MAC
-CAST ECB, = CKM_CAST_ECB
-CAST CBC, = CKM_CAST_CBC
-#CAST CBC PAD, = CKM_CAST_CBC_PAD
-#CAST MAC general, = CKM_CAST_MAC_GENERAL
-#CAST MAC, = CKM_CAST_MAC
-CAST3 ECB, = CKM_CAST3_ECB
-CAST3 CBC, = CKM_CAST3_CBC
-#CAST3 CBC PAD, = CKM_CAST3_CBC_PAD
-#CAST3 MAC general, = CKM_CAST3_MAC_GENERAL
-#CAST3 MAC, = CKM_CAST3_MAC
-CAST5 ECB, = CKM_CAST5_ECB
-CAST5 CBC, = CKM_CAST5_CBC
-#CAST5 CBC PAD, = CKM_CAST5_CBC_PAD
-#CAST5 MAC general, = CKM_CAST5_MAC_GENERAL
-#CAST5 MAC, = CKM_CAST5_MAC
-IDEA ECB, = CKM_IDEA_ECB
-IDEA CBC, = CKM_IDEA_CBC
-#IDEA CBC PAD, = CKM_IDEA_CBC_PAD
-#IDEA MAC general, = CKM_IDEA_MAC_GENERAL
-#IDEA MAC, = CKM_IDEA_MAC
-CDMF ECB, = CKM_CDMF_ECB
-CDMF CBC, = CKM_CDMF_CBC
-#CDMF CBC PAD, = CKM_CDMF_CBC_PAD
-#CDMF MAC general, = CKM_CDMF_MAC_GENERAL
-#CDMF MAC, = CKM_CDMF_MAC
-SKIPJACK ECB64, = CKM_SKIPJACK_ECB64
-SKIPJACK CBC64, = CKM_SKIPJACK_CBC64
-SKIPJACK OFB64, = CKM_SKIPJACK_OFB64
-SKIPJACK CFB64, = CKM_SKIPJACK_CFB64
-SKIPJACK CFB32, = CKM_SKIPJACK_CFB32
-SKIPJACK CFB16, = CKM_SKIPJACK_CFB16
-SKIPJACK CFB8, = CKM_SKIPJACK_CFB8
-BATON ECB128, = CKM_BATON_ECB128
-BATON ECB96, = CKM_BATON_ECB96
-BATON CBC128, = CKM_BATON_CBC128
-BATON counter, = CKM_BATON_COUNTER
-BATON shuffle, = CKM_BATON_SHUFFLE
-JUNIPER ECB128, = CKM_JUNIPER_ECB128
-JUNIPER CBC128, = CKM_JUNIPER_CBC128
-JUNIPER counter, = CKM_JUNIPER_COUNTER
-JUNIPER shuffle, = CKM_JUNIPER_SHUFFLE
-#MD2 digest, = CKM_MD2
-#MD2 HMAC general, = CKM_MD2_HMAC_GENERAL
-#MD2 HMAC, = CKM_MD2_HMAC
-#MD5 digest, = CKM_MD5
-#MD5 HMAC general, = CKM_MD5_HMAC_GENERAL
-#MD5 HMAC, = CKM_MD5_HMAC
-#SHA1 digest, = CKM_SHA_1
-#SHA1 HMAC general, = CKM_SHA_1_HMAC_GENERAL
-#SHA1 HMAC, = CKM_SHA_1_HMAC
-#Fasthash, = CKM_FASTHASH
-#CKM_PBE_MD2_DES_CBC = CKM_PBE_MD2_DES_CBC
-#CKM_PBE_MD5_DES_CBC = CKM_PBE_MD5_DES_CBC
-#CKM_PBE_MD5_CAST_CBC = CKM_PBE_MD5_CAST_CBC
-#CKM_PBE_MD5_CAST3_CBC = CKM_PBE_MD5_CAST3_CBC
-#CKM_PBE_MD5_CAST5_CBC = CKM_PBE_MD5_CAST5_CBC
-#CKM_PBE_SHA1_CAST5_CBC = CKM_PBE_SHA1_CAST5_CBC
-#CKM_PBE_SHA1_RC4_128 = CKM_PBE_SHA1_RC4_128
-#CKM_PBE_SHA1_RC4_40 = CKM_PBE_SHA1_RC4_40
-#CKM_PBE_SHA1_DES3_EDE_CBC = CKM_PBE_SHA1_DES3_EDE_CBC
-#CKM_PBE_SHA1_DES2_EDE_CBC = CKM_PBE_SHA1_DES2_EDE_CBC
-#CKM_PBE_SHA1_RC2_128_CBC = CKM_PBE_SHA1_RC2_128_CBC
-#CKM_PBE_SHA1_RC2_40_CBC = CKM_PBE_SHA1_RC2_40_CBC
-#CKM_PBA_SHA1_WITH_SHA1_HMAC = CKM_PBA_SHA1_WITH_SHA1_HMAC
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
deleted file mode 100644
index 8e1d62337..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-pk11test.c: pk11test.h pkcs11.h
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
deleted file mode 100644
index 48f5c0f06..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-include $(CORE_DEPTH)/nss/cmd/platlibs.mk
-include $(CORE_DEPTH)/nss/cmd/platrules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/README b/security/nss/tests/pkcs11/netscape/suites/security/ssl/README
deleted file mode 100644
index 80d14de16..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/README
+++ /dev/null
@@ -1,11 +0,0 @@
-
-sslt.rep : Replacer specfile
-sslt.c : Main source code file for test
-sslt.htp : Replacer template for header file
-sslt.h : Replacer-generated header file
-sslc.c : Ciphersuite-related data structures and code
-ssls.c : Data buffer for transmitting data
-ssls.h : Data structures and defines for the main code
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db b/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
deleted file mode 100644
index 02f36ae28..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
+++ /dev/null
Binary files differ
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
deleted file mode 100644
index 46e820866..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = \
- $(DYNAMIC_LIB_PATH) \
- $(LDOPTS) \
- $(LIBSECTOOLS) \
- $(LIBSSL) \
- $(LIBPKCS7) \
- $(LIBCERT) \
- $(LIBKEY) \
- $(LIBSECMOD) \
- $(LIBCRYPTO) \
- $(LIBSECUTIL) \
- $(LIBHASH) \
- $(LIBDBM) \
- $(LIBPLC) \
- $(LIBPLDS) \
- $(LIBPR) \
- $(DLLSYSTEM)
-
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db b/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
deleted file mode 100644
index 1c015a4a2..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
+++ /dev/null
Binary files differ
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
deleted file mode 100644
index 46c8a7d53..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../../../..
-
-#MODULE = sectools
-
-EXPORTS =
-
-CSRCS = sslt.c \
- ssls.c \
- sslc.c \
- $(NULL)
-
-PROGRAM = sslt
-
-REQUIRES = nss dbm seccmd
-
-DEFINES = -DNSPR20 -DREPLACER
-
-REGRESSION_SPEC = ssl.reg
-
-RESULTS_SUBDIR = security/ssl
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
deleted file mode 100755
index cc273f126..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
+++ /dev/null
@@ -1,49194 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-
-mut=SSL
-mutversion=1.0
-htmlout=NOW
-reporterSpec=NOW
-program=sslt
-failonly=1
-globalArgs=-p netscape -n SSLServer
-
-[Test-1]
-
-testId=32
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2]
-
-testId=16384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3]
-
-testId=8192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4]
-
-testId=24608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5]
-
-testId=4096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6]
-
-testId=20512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7]
-
-testId=12336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8]
-
-testId=28672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-9]
-
-testId=2096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-10]
-
-testId=18464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-11]
-
-testId=10288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-12]
-
-testId=26672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-13]
-
-testId=6192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-14]
-
-testId=22576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-15]
-
-testId=14352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-16]
-
-testId=30752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-17]
-
-testId=1072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-18]
-
-testId=17456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-19]
-
-testId=9232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-20]
-
-testId=25616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-21]
-
-testId=5136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-22]
-
-testId=21520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-23]
-
-testId=13360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-24]
-
-testId=29696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-25]
-
-testId=3088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-26]
-
-testId=19456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-27]
-
-testId=11296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-28]
-
-testId=27696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-29]
-
-testId=7200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-30]
-
-testId=23552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-31]
-
-testId=15360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-32]
-
-testId=31792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-33]
-
-testId=512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-34]
-
-testId=16912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-35]
-
-testId=8752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-36]
-
-testId=25136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-37]
-
-testId=4608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-38]
-
-testId=21040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-39]
-
-testId=12832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-40]
-
-testId=29184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-41]
-
-testId=2592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-42]
-
-testId=18960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-43]
-
-testId=10768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-44]
-
-testId=27168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-45]
-
-testId=6672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-46]
-
-testId=23040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-47]
-
-testId=14864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-48]
-
-testId=31264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-49]
-
-testId=1584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-50]
-
-testId=17920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-51]
-
-testId=9728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-52]
-
-testId=26144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-53]
-
-testId=5632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-54]
-
-testId=22064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-55]
-
-testId=13872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-56]
-
-testId=30208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-57]
-
-testId=3632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-58]
-
-testId=19984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-59]
-
-testId=11776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-60]
-
-testId=28192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-61]
-
-testId=7728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-62]
-
-testId=24096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-63]
-
-testId=15872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-64]
-
-testId=32256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-65]
-
-testId=304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-66]
-
-testId=16656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-67]
-
-testId=8448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-68]
-
-testId=24848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-69]
-
-testId=4384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-70]
-
-testId=20784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-71]
-
-testId=12592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-72]
-
-testId=28976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-73]
-
-testId=2320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-74]
-
-testId=18720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-75]
-
-testId=10512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-76]
-
-testId=26896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-77]
-
-testId=6400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-78]
-
-testId=22800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-79]
-
-testId=14624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-80]
-
-testId=30976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-81]
-
-testId=1312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-82]
-
-testId=17680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-83]
-
-testId=9520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-84]
-
-testId=25888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-85]
-
-testId=5408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-86]
-
-testId=21760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-87]
-
-testId=13616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-88]
-
-testId=29984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-89]
-
-testId=3328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-90]
-
-testId=19744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-91]
-
-testId=11568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-92]
-
-testId=27952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-93]
-
-testId=7440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-94]
-
-testId=23808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-95]
-
-testId=15664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-96]
-
-testId=32032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-97]
-
-testId=768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-98]
-
-testId=17184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-99]
-
-testId=8992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-100]
-
-testId=25360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-101]
-
-testId=4880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-102]
-
-testId=21296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-103]
-
-testId=13104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-104]
-
-testId=29472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-105]
-
-testId=2848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-106]
-
-testId=19232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-107]
-
-testId=11040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-108]
-
-testId=27440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-109]
-
-testId=6928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-110]
-
-testId=23296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-111]
-
-testId=15136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-112]
-
-testId=31520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-113]
-
-testId=1792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-114]
-
-testId=18192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-115]
-
-testId=10000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-116]
-
-testId=26384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-117]
-
-testId=5936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-118]
-
-testId=22304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-119]
-
-testId=14080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-120]
-
-testId=30480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-121]
-
-testId=3856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-122]
-
-testId=20240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-123]
-
-testId=12048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-124]
-
-testId=28432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-125]
-
-testId=7968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-126]
-
-testId=24368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-127]
-
-testId=16176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-128]
-
-testId=32544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-129]
-
-testId=160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-130]
-
-testId=16528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-131]
-
-testId=8368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-132]
-
-testId=24704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-133]
-
-testId=4256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-134]
-
-testId=20624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-135]
-
-testId=12464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-136]
-
-testId=28848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-137]
-
-testId=2176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-138]
-
-testId=18592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-139]
-
-testId=10416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-140]
-
-testId=26752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-141]
-
-testId=6272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-142]
-
-testId=22704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-143]
-
-testId=14512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-144]
-
-testId=30848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-145]
-
-testId=1152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-146]
-
-testId=17584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-147]
-
-testId=9376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-148]
-
-testId=25744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-149]
-
-testId=5296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-150]
-
-testId=21632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-151]
-
-testId=13472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-152]
-
-testId=29872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-153]
-
-testId=3248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-154]
-
-testId=19616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-155]
-
-testId=11408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-156]
-
-testId=27792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-157]
-
-testId=7296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-158]
-
-testId=23696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-159]
-
-testId=15536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-160]
-
-testId=31888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-161]
-
-testId=640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-162]
-
-testId=17056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-163]
-
-testId=8832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-164]
-
-testId=25248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-165]
-
-testId=4784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-166]
-
-testId=21152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-167]
-
-testId=12976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-168]
-
-testId=29360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-169]
-
-testId=2704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-170]
-
-testId=19088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-171]
-
-testId=10896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-172]
-
-testId=27280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-173]
-
-testId=6832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-174]
-
-testId=23184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-175]
-
-testId=14976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-176]
-
-testId=31392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-177]
-
-testId=1696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-178]
-
-testId=18080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-179]
-
-testId=9856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-180]
-
-testId=26240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-181]
-
-testId=5776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-182]
-
-testId=22144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-183]
-
-testId=13984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-184]
-
-testId=30368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-185]
-
-testId=3712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-186]
-
-testId=20128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-187]
-
-testId=11920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-188]
-
-testId=28304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-189]
-
-testId=7840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-190]
-
-testId=24208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-191]
-
-testId=16000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-192]
-
-testId=32384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-193]
-
-testId=416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-194]
-
-testId=16816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-195]
-
-testId=8592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-196]
-
-testId=24960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-197]
-
-testId=4496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-198]
-
-testId=20864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-199]
-
-testId=12672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-200]
-
-testId=29088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-201]
-
-testId=2432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-202]
-
-testId=18864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-203]
-
-testId=10640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-204]
-
-testId=27024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-205]
-
-testId=6560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-206]
-
-testId=22944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-207]
-
-testId=14752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-208]
-
-testId=31152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-209]
-
-testId=1456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-210]
-
-testId=17840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-211]
-
-testId=9632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-212]
-
-testId=26032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-213]
-
-testId=5520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-214]
-
-testId=21920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-215]
-
-testId=13712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-216]
-
-testId=30128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-217]
-
-testId=3488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-218]
-
-testId=19856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-219]
-
-testId=11664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-220]
-
-testId=28080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-221]
-
-testId=7600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-222]
-
-testId=23936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-223]
-
-testId=15776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-224]
-
-testId=32128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-225]
-
-testId=928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-226]
-
-testId=17328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-227]
-
-testId=9088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-228]
-
-testId=25488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-229]
-
-testId=5040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-230]
-
-testId=21424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-231]
-
-testId=13200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-232]
-
-testId=29584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-233]
-
-testId=2976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-234]
-
-testId=19376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-235]
-
-testId=11136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-236]
-
-testId=27552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-237]
-
-testId=7040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-238]
-
-testId=23456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-239]
-
-testId=15232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-240]
-
-testId=31664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-241]
-
-testId=1968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-242]
-
-testId=18336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-243]
-
-testId=10160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-244]
-
-testId=26496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-245]
-
-testId=6064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-246]
-
-testId=22432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-247]
-
-testId=14240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-248]
-
-testId=30640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-249]
-
-testId=3968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-250]
-
-testId=20368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-251]
-
-testId=12160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-252]
-
-testId=28592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-253]
-
-testId=8080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-254]
-
-testId=24480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-255]
-
-testId=16288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-256]
-
-testId=32672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-257]
-
-testId=112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-258]
-
-testId=16464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-259]
-
-testId=8272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-260]
-
-testId=24688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-261]
-
-testId=4208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-262]
-
-testId=20544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-263]
-
-testId=12400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-264]
-
-testId=28784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-265]
-
-testId=2160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-266]
-
-testId=18544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-267]
-
-testId=10352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-268]
-
-testId=26688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-269]
-
-testId=6240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-270]
-
-testId=22640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-271]
-
-testId=14400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-272]
-
-testId=30832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-273]
-
-testId=1136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-274]
-
-testId=17504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-275]
-
-testId=9296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-276]
-
-testId=25680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-277]
-
-testId=5232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-278]
-
-testId=21600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-279]
-
-testId=13376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-280]
-
-testId=29792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-281]
-
-testId=3152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-282]
-
-testId=19552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-283]
-
-testId=11328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-284]
-
-testId=27760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-285]
-
-testId=7248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-286]
-
-testId=23632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-287]
-
-testId=15424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-288]
-
-testId=31808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-289]
-
-testId=576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-290]
-
-testId=16976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-291]
-
-testId=8784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-292]
-
-testId=25168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-293]
-
-testId=4704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-294]
-
-testId=21104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-295]
-
-testId=12880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-296]
-
-testId=29248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-297]
-
-testId=2624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-298]
-
-testId=19008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-299]
-
-testId=10816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-300]
-
-testId=27216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-301]
-
-testId=6752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-302]
-
-testId=23152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-303]
-
-testId=14944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-304]
-
-testId=31328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-305]
-
-testId=1616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-306]
-
-testId=18000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-307]
-
-testId=9840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-308]
-
-testId=26176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-309]
-
-testId=5728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-310]
-
-testId=22128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-311]
-
-testId=13904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-312]
-
-testId=30320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-313]
-
-testId=3696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-314]
-
-testId=20048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-315]
-
-testId=11856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-316]
-
-testId=28240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-317]
-
-testId=7760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-318]
-
-testId=24176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-319]
-
-testId=15968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-320]
-
-testId=32320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-321]
-
-testId=352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-322]
-
-testId=16720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-323]
-
-testId=8560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-324]
-
-testId=24912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-325]
-
-testId=4448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-326]
-
-testId=20832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-327]
-
-testId=12624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-328]
-
-testId=28992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-329]
-
-testId=2384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-330]
-
-testId=18784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-331]
-
-testId=10592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-332]
-
-testId=26976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-333]
-
-testId=6496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-334]
-
-testId=22896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-335]
-
-testId=14656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-336]
-
-testId=31040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-337]
-
-testId=1344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-338]
-
-testId=17776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-339]
-
-testId=9552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-340]
-
-testId=25968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-341]
-
-testId=5456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-342]
-
-testId=21872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-343]
-
-testId=13680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-344]
-
-testId=30064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-345]
-
-testId=3424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-346]
-
-testId=19776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-347]
-
-testId=11616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-348]
-
-testId=27968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-349]
-
-testId=7536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-350]
-
-testId=23872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-351]
-
-testId=15680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-352]
-
-testId=32096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-353]
-
-testId=832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-354]
-
-testId=17232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-355]
-
-testId=9024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-356]
-
-testId=25408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-357]
-
-testId=4928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-358]
-
-testId=21328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-359]
-
-testId=13120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-360]
-
-testId=29536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-361]
-
-testId=2896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-362]
-
-testId=19312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-363]
-
-testId=11072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-364]
-
-testId=27472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-365]
-
-testId=6992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-366]
-
-testId=23360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-367]
-
-testId=15216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-368]
-
-testId=31600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-369]
-
-testId=1904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-370]
-
-testId=18272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-371]
-
-testId=10096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-372]
-
-testId=26464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-373]
-
-testId=5968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-374]
-
-testId=22352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-375]
-
-testId=14192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-376]
-
-testId=30544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-377]
-
-testId=3936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-378]
-
-testId=20336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-379]
-
-testId=12128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-380]
-
-testId=28496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-381]
-
-testId=8048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-382]
-
-testId=24400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-383]
-
-testId=16192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-384]
-
-testId=32608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-385]
-
-testId=240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-386]
-
-testId=16576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-387]
-
-testId=8400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-388]
-
-testId=24816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-389]
-
-testId=4336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-390]
-
-testId=20720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-391]
-
-testId=12512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-392]
-
-testId=28912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-393]
-
-testId=2272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-394]
-
-testId=18656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-395]
-
-testId=10464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-396]
-
-testId=26848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-397]
-
-testId=6336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-398]
-
-testId=22768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-399]
-
-testId=14544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-400]
-
-testId=30960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-401]
-
-testId=1248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-402]
-
-testId=17616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-403]
-
-testId=9408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-404]
-
-testId=25792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-405]
-
-testId=5360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-406]
-
-testId=21712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-407]
-
-testId=13520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-408]
-
-testId=29904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-409]
-
-testId=3264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-410]
-
-testId=19664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-411]
-
-testId=11456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-412]
-
-testId=27872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-413]
-
-testId=7408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-414]
-
-testId=23760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-415]
-
-testId=15600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-416]
-
-testId=31984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-417]
-
-testId=752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-418]
-
-testId=17088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-419]
-
-testId=8928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-420]
-
-testId=25296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-421]
-
-testId=4848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-422]
-
-testId=21216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-423]
-
-testId=13024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-424]
-
-testId=29376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-425]
-
-testId=2800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-426]
-
-testId=19136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-427]
-
-testId=10992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-428]
-
-testId=27328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-429]
-
-testId=6848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-430]
-
-testId=23232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-431]
-
-testId=15056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-432]
-
-testId=31440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-433]
-
-testId=1744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-434]
-
-testId=18128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-435]
-
-testId=9920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-436]
-
-testId=26352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-437]
-
-testId=5824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-438]
-
-testId=22208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-439]
-
-testId=14016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-440]
-
-testId=30400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-441]
-
-testId=3808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-442]
-
-testId=20176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-443]
-
-testId=12016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-444]
-
-testId=28384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-445]
-
-testId=7888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-446]
-
-testId=24288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-447]
-
-testId=16096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-448]
-
-testId=32480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-449]
-
-testId=480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-450]
-
-testId=16848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-451]
-
-testId=8672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-452]
-
-testId=25072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-453]
-
-testId=4544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-454]
-
-testId=20928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-455]
-
-testId=12784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-456]
-
-testId=29168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-457]
-
-testId=2496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-458]
-
-testId=18912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-459]
-
-testId=10736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-460]
-
-testId=27072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-461]
-
-testId=6608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-462]
-
-testId=23024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-463]
-
-testId=14784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-464]
-
-testId=31168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-465]
-
-testId=1472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-466]
-
-testId=17904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-467]
-
-testId=9696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-468]
-
-testId=26096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-469]
-
-testId=5616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-470]
-
-testId=22000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-471]
-
-testId=13760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-472]
-
-testId=30176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-473]
-
-testId=3520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-474]
-
-testId=19936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-475]
-
-testId=11744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-476]
-
-testId=28096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-477]
-
-testId=7632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-478]
-
-testId=24048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-479]
-
-testId=15856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-480]
-
-testId=32224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-481]
-
-testId=1008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-482]
-
-testId=17392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-483]
-
-testId=9152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-484]
-
-testId=25568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-485]
-
-testId=5104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-486]
-
-testId=21440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-487]
-
-testId=13296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-488]
-
-testId=29648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-489]
-
-testId=3008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-490]
-
-testId=19440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-491]
-
-testId=11200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-492]
-
-testId=27600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-493]
-
-testId=7136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-494]
-
-testId=23536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-495]
-
-testId=15296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-496]
-
-testId=31680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-497]
-
-testId=2000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-498]
-
-testId=18384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-499]
-
-testId=10208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-500]
-
-testId=26592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-501]
-
-testId=6080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-502]
-
-testId=22496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-503]
-
-testId=14320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-504]
-
-testId=30704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-505]
-
-testId=4048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-506]
-
-testId=20432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-507]
-
-testId=12224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-508]
-
-testId=28640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-509]
-
-testId=8160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-510]
-
-testId=24512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-511]
-
-testId=16352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-512]
-
-testId=32752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-513]
-
-testId=40
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-514]
-
-testId=16424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-515]
-
-testId=8200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-516]
-
-testId=24600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-517]
-
-testId=4120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-518]
-
-testId=20520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-519]
-
-testId=12312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-520]
-
-testId=28680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-521]
-
-testId=2056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-522]
-
-testId=18488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-523]
-
-testId=10264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-524]
-
-testId=26632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-525]
-
-testId=6152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-526]
-
-testId=22552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-527]
-
-testId=14344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-528]
-
-testId=30760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-529]
-
-testId=1048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-530]
-
-testId=17416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-531]
-
-testId=9256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-532]
-
-testId=25640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-533]
-
-testId=5176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-534]
-
-testId=21560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-535]
-
-testId=13368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-536]
-
-testId=29752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-537]
-
-testId=3080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-538]
-
-testId=19512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-539]
-
-testId=11320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-540]
-
-testId=27656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-541]
-
-testId=7208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-542]
-
-testId=23560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-543]
-
-testId=15384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-544]
-
-testId=31768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-545]
-
-testId=568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-546]
-
-testId=16920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-547]
-
-testId=8712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-548]
-
-testId=25144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-549]
-
-testId=4616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-550]
-
-testId=21016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-551]
-
-testId=12840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-552]
-
-testId=29208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-553]
-
-testId=2568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-554]
-
-testId=19000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-555]
-
-testId=10808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-556]
-
-testId=27160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-557]
-
-testId=6664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-558]
-
-testId=23048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-559]
-
-testId=14904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-560]
-
-testId=31272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-561]
-
-testId=1576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-562]
-
-testId=17976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-563]
-
-testId=9736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-564]
-
-testId=26152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-565]
-
-testId=5688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-566]
-
-testId=22024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-567]
-
-testId=13880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-568]
-
-testId=30248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-569]
-
-testId=3640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-570]
-
-testId=19992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-571]
-
-testId=11832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-572]
-
-testId=28216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-573]
-
-testId=7704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-574]
-
-testId=24072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-575]
-
-testId=15880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-576]
-
-testId=32264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-577]
-
-testId=264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-578]
-
-testId=16696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-579]
-
-testId=8456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-580]
-
-testId=24840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-581]
-
-testId=4408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-582]
-
-testId=20792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-583]
-
-testId=12600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-584]
-
-testId=28984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-585]
-
-testId=2312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-586]
-
-testId=18696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-587]
-
-testId=10504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-588]
-
-testId=26920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-589]
-
-testId=6424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-590]
-
-testId=22808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-591]
-
-testId=14632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-592]
-
-testId=31000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-593]
-
-testId=1336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-594]
-
-testId=17720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-595]
-
-testId=9480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-596]
-
-testId=25896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-597]
-
-testId=5400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-598]
-
-testId=21768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-599]
-
-testId=13624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-600]
-
-testId=29976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-601]
-
-testId=3384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-602]
-
-testId=19752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-603]
-
-testId=11544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-604]
-
-testId=27912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-605]
-
-testId=7480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-606]
-
-testId=23832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-607]
-
-testId=15672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-608]
-
-testId=32040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-609]
-
-testId=824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-610]
-
-testId=17208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-611]
-
-testId=8968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-612]
-
-testId=25400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-613]
-
-testId=4872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-614]
-
-testId=21272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-615]
-
-testId=13112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-616]
-
-testId=29464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-617]
-
-testId=2840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-618]
-
-testId=19208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-619]
-
-testId=11064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-620]
-
-testId=27432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-621]
-
-testId=6920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-622]
-
-testId=23352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-623]
-
-testId=15112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-624]
-
-testId=31512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-625]
-
-testId=1832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-626]
-
-testId=18232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-627]
-
-testId=10008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-628]
-
-testId=26376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-629]
-
-testId=5912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-630]
-
-testId=22312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-631]
-
-testId=14088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-632]
-
-testId=30520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-633]
-
-testId=3848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-634]
-
-testId=20264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-635]
-
-testId=12072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-636]
-
-testId=28440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-637]
-
-testId=7992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-638]
-
-testId=24344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-639]
-
-testId=16168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-640]
-
-testId=32520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-641]
-
-testId=152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-642]
-
-testId=16552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-643]
-
-testId=8360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-644]
-
-testId=24744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-645]
-
-testId=4280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-646]
-
-testId=20664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-647]
-
-testId=12424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-648]
-
-testId=28840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-649]
-
-testId=2184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-650]
-
-testId=18568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-651]
-
-testId=10392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-652]
-
-testId=26792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-653]
-
-testId=6328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-654]
-
-testId=22696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-655]
-
-testId=14488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-656]
-
-testId=30856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-657]
-
-testId=1208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-658]
-
-testId=17560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-659]
-
-testId=9368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-660]
-
-testId=25752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-661]
-
-testId=5272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-662]
-
-testId=21672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-663]
-
-testId=13464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-664]
-
-testId=29880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-665]
-
-testId=3240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-666]
-
-testId=19608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-667]
-
-testId=11448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-668]
-
-testId=27816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-669]
-
-testId=7320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-670]
-
-testId=23704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-671]
-
-testId=15544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-672]
-
-testId=31880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-673]
-
-testId=664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-674]
-
-testId=17048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-675]
-
-testId=8888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-676]
-
-testId=25272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-677]
-
-testId=4792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-678]
-
-testId=21176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-679]
-
-testId=12952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-680]
-
-testId=29336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-681]
-
-testId=2728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-682]
-
-testId=19096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-683]
-
-testId=10936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-684]
-
-testId=27272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-685]
-
-testId=6840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-686]
-
-testId=23192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-687]
-
-testId=15016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-688]
-
-testId=31416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-689]
-
-testId=1672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-690]
-
-testId=18056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-691]
-
-testId=9912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-692]
-
-testId=26264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-693]
-
-testId=5816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-694]
-
-testId=22168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-695]
-
-testId=14008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-696]
-
-testId=30392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-697]
-
-testId=3736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-698]
-
-testId=20104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-699]
-
-testId=11928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-700]
-
-testId=28296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-701]
-
-testId=7816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-702]
-
-testId=24232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-703]
-
-testId=16040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-704]
-
-testId=32440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-705]
-
-testId=408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-706]
-
-testId=16824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-707]
-
-testId=8600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-708]
-
-testId=25000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-709]
-
-testId=4504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-710]
-
-testId=20920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-711]
-
-testId=12680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-712]
-
-testId=29080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-713]
-
-testId=2440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-714]
-
-testId=18824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-715]
-
-testId=10664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-716]
-
-testId=27048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-717]
-
-testId=6584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-718]
-
-testId=22936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-719]
-
-testId=14760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-720]
-
-testId=31128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-721]
-
-testId=1432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-722]
-
-testId=17800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-723]
-
-testId=9656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-724]
-
-testId=26040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-725]
-
-testId=5512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-726]
-
-testId=21896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-727]
-
-testId=13752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-728]
-
-testId=30104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-729]
-
-testId=3464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-730]
-
-testId=19896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-731]
-
-testId=11672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-732]
-
-testId=28088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-733]
-
-testId=7592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-734]
-
-testId=23992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-735]
-
-testId=15800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-736]
-
-testId=32168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-737]
-
-testId=904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-738]
-
-testId=17288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-739]
-
-testId=9144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-740]
-
-testId=25512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-741]
-
-testId=5016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-742]
-
-testId=21384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-743]
-
-testId=13192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-744]
-
-testId=29624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-745]
-
-testId=3000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-746]
-
-testId=19352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-747]
-
-testId=11144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-748]
-
-testId=27576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-749]
-
-testId=7080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-750]
-
-testId=23480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-751]
-
-testId=15288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-752]
-
-testId=31624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-753]
-
-testId=1928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-754]
-
-testId=18360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-755]
-
-testId=10168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-756]
-
-testId=26504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-757]
-
-testId=6040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-758]
-
-testId=22440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-759]
-
-testId=14248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-760]
-
-testId=30616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-761]
-
-testId=3992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-762]
-
-testId=20408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-763]
-
-testId=12216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-764]
-
-testId=28584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-765]
-
-testId=8088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-766]
-
-testId=24504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-767]
-
-testId=16296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-768]
-
-testId=32664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-769]
-
-testId=120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-770]
-
-testId=16504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-771]
-
-testId=8312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-772]
-
-testId=24664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-773]
-
-testId=4168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-774]
-
-testId=20600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-775]
-
-testId=12392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-776]
-
-testId=28760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-777]
-
-testId=2136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-778]
-
-testId=18520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-779]
-
-testId=10312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-780]
-
-testId=26744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-781]
-
-testId=6264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-782]
-
-testId=22600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-783]
-
-testId=14456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-784]
-
-testId=30840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-785]
-
-testId=1128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-786]
-
-testId=17496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-787]
-
-testId=9336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-788]
-
-testId=25672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-789]
-
-testId=5240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-790]
-
-testId=21608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-791]
-
-testId=13416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-792]
-
-testId=29800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-793]
-
-testId=3144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-794]
-
-testId=19528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-795]
-
-testId=11336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-796]
-
-testId=27752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-797]
-
-testId=7240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-798]
-
-testId=23672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-799]
-
-testId=15448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-800]
-
-testId=31848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-801]
-
-testId=616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-802]
-
-testId=16968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-803]
-
-testId=8776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-804]
-
-testId=25208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-805]
-
-testId=4680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-806]
-
-testId=21112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-807]
-
-testId=12872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-808]
-
-testId=29288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-809]
-
-testId=2648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-810]
-
-testId=19032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-811]
-
-testId=10840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-812]
-
-testId=27224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-813]
-
-testId=6776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-814]
-
-testId=23112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-815]
-
-testId=14968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-816]
-
-testId=31320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-817]
-
-testId=1608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-818]
-
-testId=17992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-819]
-
-testId=9832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-820]
-
-testId=26200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-821]
-
-testId=5752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-822]
-
-testId=22136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-823]
-
-testId=13896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-824]
-
-testId=30296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-825]
-
-testId=3672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-826]
-
-testId=20072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-827]
-
-testId=11864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-828]
-
-testId=28280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-829]
-
-testId=7768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-830]
-
-testId=24168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-831]
-
-testId=15992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-832]
-
-testId=32328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-833]
-
-testId=344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-834]
-
-testId=16760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-835]
-
-testId=8568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-836]
-
-testId=24904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-837]
-
-testId=4472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-838]
-
-testId=20808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-839]
-
-testId=12664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-840]
-
-testId=29016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-841]
-
-testId=2408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-842]
-
-testId=18776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-843]
-
-testId=10616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-844]
-
-testId=26984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-845]
-
-testId=6504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-846]
-
-testId=22872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-847]
-
-testId=14696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-848]
-
-testId=31064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-849]
-
-testId=1400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-850]
-
-testId=17752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-851]
-
-testId=9576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-852]
-
-testId=25928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-853]
-
-testId=5480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-854]
-
-testId=21848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-855]
-
-testId=13688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-856]
-
-testId=30040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-857]
-
-testId=3448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-858]
-
-testId=19816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-859]
-
-testId=11608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-860]
-
-testId=28024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-861]
-
-testId=7512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-862]
-
-testId=23928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-863]
-
-testId=15720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-864]
-
-testId=32120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-865]
-
-testId=888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-866]
-
-testId=17256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-867]
-
-testId=9064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-868]
-
-testId=25432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-869]
-
-testId=4936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-870]
-
-testId=21352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-871]
-
-testId=13144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-872]
-
-testId=29528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-873]
-
-testId=2920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-874]
-
-testId=19272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-875]
-
-testId=11080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-876]
-
-testId=27512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-877]
-
-testId=7016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-878]
-
-testId=23416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-879]
-
-testId=15176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-880]
-
-testId=31560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-881]
-
-testId=1864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-882]
-
-testId=18248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-883]
-
-testId=10056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-884]
-
-testId=26472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-885]
-
-testId=6008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-886]
-
-testId=22360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-887]
-
-testId=14200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-888]
-
-testId=30584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-889]
-
-testId=3944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-890]
-
-testId=20328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-891]
-
-testId=12152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-892]
-
-testId=28520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-893]
-
-testId=8024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-894]
-
-testId=24408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-895]
-
-testId=16232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-896]
-
-testId=32600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-897]
-
-testId=216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-898]
-
-testId=16600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-899]
-
-testId=8408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-900]
-
-testId=24824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-901]
-
-testId=4344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-902]
-
-testId=20696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-903]
-
-testId=12504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-904]
-
-testId=28872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-905]
-
-testId=2296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-906]
-
-testId=18648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-907]
-
-testId=10472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-908]
-
-testId=26840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-909]
-
-testId=6376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-910]
-
-testId=22728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-911]
-
-testId=14568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-912]
-
-testId=30936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-913]
-
-testId=1256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-914]
-
-testId=17656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-915]
-
-testId=9432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-916]
-
-testId=25800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-917]
-
-testId=5336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-918]
-
-testId=21720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-919]
-
-testId=13528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-920]
-
-testId=29896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-921]
-
-testId=3304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-922]
-
-testId=19656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-923]
-
-testId=11464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-924]
-
-testId=27864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-925]
-
-testId=7384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-926]
-
-testId=23800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-927]
-
-testId=15592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-928]
-
-testId=31944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-929]
-
-testId=728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-930]
-
-testId=17144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-931]
-
-testId=8920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-932]
-
-testId=25336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-933]
-
-testId=4840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-934]
-
-testId=21208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-935]
-
-testId=13000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-936]
-
-testId=29416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-937]
-
-testId=2792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-938]
-
-testId=19192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-939]
-
-testId=10952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-940]
-
-testId=27336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-941]
-
-testId=6888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-942]
-
-testId=23288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-943]
-
-testId=15080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-944]
-
-testId=31432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-945]
-
-testId=1784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-946]
-
-testId=18136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-947]
-
-testId=9944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-948]
-
-testId=26360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-949]
-
-testId=5832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-950]
-
-testId=22216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-951]
-
-testId=14056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-952]
-
-testId=30456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-953]
-
-testId=3784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-954]
-
-testId=20216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-955]
-
-testId=11992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-956]
-
-testId=28408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-957]
-
-testId=7896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-958]
-
-testId=24280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-959]
-
-testId=16088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-960]
-
-testId=32504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-961]
-
-testId=504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-962]
-
-testId=16840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-963]
-
-testId=8664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-964]
-
-testId=25048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-965]
-
-testId=4552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-966]
-
-testId=20936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-967]
-
-testId=12760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-968]
-
-testId=29144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-969]
-
-testId=2504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-970]
-
-testId=18920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-971]
-
-testId=10696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-972]
-
-testId=27112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-973]
-
-testId=6648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-974]
-
-testId=23016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-975]
-
-testId=14808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-976]
-
-testId=31224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-977]
-
-testId=1528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-978]
-
-testId=17896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-979]
-
-testId=9704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-980]
-
-testId=26072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-981]
-
-testId=5624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-982]
-
-testId=21960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-983]
-
-testId=13768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-984]
-
-testId=30152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-985]
-
-testId=3528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-986]
-
-testId=19960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-987]
-
-testId=11752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-988]
-
-testId=28136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-989]
-
-testId=7656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-990]
-
-testId=24040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-991]
-
-testId=15832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-992]
-
-testId=32248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-993]
-
-testId=984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-994]
-
-testId=17400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-995]
-
-testId=9176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-996]
-
-testId=25560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-997]
-
-testId=5080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-998]
-
-testId=21496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-999]
-
-testId=13256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1000]
-
-testId=29640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1001]
-
-testId=3064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1002]
-
-testId=19416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1003]
-
-testId=11208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1004]
-
-testId=27624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1005]
-
-testId=7144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1006]
-
-testId=23544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1007]
-
-testId=15320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1008]
-
-testId=31688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1009]
-
-testId=2040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1010]
-
-testId=18408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1011]
-
-testId=10200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1012]
-
-testId=26568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1013]
-
-testId=6088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1014]
-
-testId=22488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1015]
-
-testId=14296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1016]
-
-testId=30680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1017]
-
-testId=4088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1018]
-
-testId=20472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1019]
-
-testId=12248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1020]
-
-testId=28632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1021]
-
-testId=8152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1022]
-
-testId=24552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1023]
-
-testId=16344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1024]
-
-testId=32728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1025]
-
-testId=20
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1026]
-
-testId=16388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1027]
-
-testId=8244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1028]
-
-testId=24612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1029]
-
-testId=4116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1030]
-
-testId=20484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1031]
-
-testId=12324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1032]
-
-testId=28708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1033]
-
-testId=2084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1034]
-
-testId=18484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1035]
-
-testId=10292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1036]
-
-testId=26628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1037]
-
-testId=6164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1038]
-
-testId=22548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1039]
-
-testId=14372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1040]
-
-testId=30740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1041]
-
-testId=1076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1042]
-
-testId=17412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1043]
-
-testId=9220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1044]
-
-testId=25604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1045]
-
-testId=5172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1046]
-
-testId=21524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1047]
-
-testId=13332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1048]
-
-testId=29716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1049]
-
-testId=3108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1050]
-
-testId=19492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1051]
-
-testId=11316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1052]
-
-testId=27684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1053]
-
-testId=7220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1054]
-
-testId=23556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1055]
-
-testId=15412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1056]
-
-testId=31780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1057]
-
-testId=548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1058]
-
-testId=16916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1059]
-
-testId=8740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1060]
-
-testId=25108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1061]
-
-testId=4644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1062]
-
-testId=20996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1063]
-
-testId=12820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1064]
-
-testId=29236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1065]
-
-testId=2596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1066]
-
-testId=18964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1067]
-
-testId=10804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1068]
-
-testId=27156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1069]
-
-testId=6660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1070]
-
-testId=23076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1071]
-
-testId=14884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1072]
-
-testId=31236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1073]
-
-testId=1556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1074]
-
-testId=17924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1075]
-
-testId=9780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1076]
-
-testId=26132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1077]
-
-testId=5636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1078]
-
-testId=22036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1079]
-
-testId=13876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1080]
-
-testId=30244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1081]
-
-testId=3636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1082]
-
-testId=19988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1083]
-
-testId=11780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1084]
-
-testId=28196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1085]
-
-testId=7732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1086]
-
-testId=24100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1087]
-
-testId=15924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1088]
-
-testId=32276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1089]
-
-testId=292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1090]
-
-testId=16676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1091]
-
-testId=8484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1092]
-
-testId=24852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1093]
-
-testId=4356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1094]
-
-testId=20772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1095]
-
-testId=12564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1096]
-
-testId=28980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1097]
-
-testId=2308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1098]
-
-testId=18708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1099]
-
-testId=10516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1100]
-
-testId=26932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1101]
-
-testId=6404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1102]
-
-testId=22804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1103]
-
-testId=14628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1104]
-
-testId=30980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1105]
-
-testId=1284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1106]
-
-testId=17716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1107]
-
-testId=9524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1108]
-
-testId=25908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1109]
-
-testId=5412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1110]
-
-testId=21796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1111]
-
-testId=13604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1112]
-
-testId=29956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1113]
-
-testId=3380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1114]
-
-testId=19732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1115]
-
-testId=11540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1116]
-
-testId=27908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1117]
-
-testId=7476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1118]
-
-testId=23812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1119]
-
-testId=15668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1120]
-
-testId=32036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1121]
-
-testId=772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1122]
-
-testId=17172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1123]
-
-testId=9012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1124]
-
-testId=25348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1125]
-
-testId=4884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1126]
-
-testId=21300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1127]
-
-testId=13108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1128]
-
-testId=29460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1129]
-
-testId=2868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1130]
-
-testId=19252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1131]
-
-testId=11028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1132]
-
-testId=27396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1133]
-
-testId=6932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1134]
-
-testId=23300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1135]
-
-testId=15124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1136]
-
-testId=31540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1137]
-
-testId=1812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1138]
-
-testId=18228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1139]
-
-testId=10020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1140]
-
-testId=26372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1141]
-
-testId=5924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1142]
-
-testId=22292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1143]
-
-testId=14100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1144]
-
-testId=30484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1145]
-
-testId=3844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1146]
-
-testId=20228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1147]
-
-testId=12036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1148]
-
-testId=28420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1149]
-
-testId=7988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1150]
-
-testId=24372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1151]
-
-testId=16148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1152]
-
-testId=32564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1153]
-
-testId=164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1154]
-
-testId=16516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1155]
-
-testId=8372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1156]
-
-testId=24740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1157]
-
-testId=4244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1158]
-
-testId=20644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1159]
-
-testId=12452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1160]
-
-testId=28804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1161]
-
-testId=2228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1162]
-
-testId=18564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1163]
-
-testId=10388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1164]
-
-testId=26756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1165]
-
-testId=6292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1166]
-
-testId=22692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1167]
-
-testId=14500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1168]
-
-testId=30852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1169]
-
-testId=1204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1170]
-
-testId=17540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1171]
-
-testId=9396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1172]
-
-testId=25780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1173]
-
-testId=5268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1174]
-
-testId=21684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1175]
-
-testId=13492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1176]
-
-testId=29844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1177]
-
-testId=3204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1178]
-
-testId=19604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1179]
-
-testId=11428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1180]
-
-testId=27812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1181]
-
-testId=7348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1182]
-
-testId=23684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1183]
-
-testId=15508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1184]
-
-testId=31908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1185]
-
-testId=692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1186]
-
-testId=17076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1187]
-
-testId=8868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1188]
-
-testId=25268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1189]
-
-testId=4772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1190]
-
-testId=21140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1191]
-
-testId=12964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1192]
-
-testId=29348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1193]
-
-testId=2708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1194]
-
-testId=19092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1195]
-
-testId=10900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1196]
-
-testId=27300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1197]
-
-testId=6788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1198]
-
-testId=23172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1199]
-
-testId=15012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1200]
-
-testId=31380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1201]
-
-testId=1668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1202]
-
-testId=18084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1203]
-
-testId=9860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1204]
-
-testId=26276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1205]
-
-testId=5780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1206]
-
-testId=22180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1207]
-
-testId=13988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1208]
-
-testId=30388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1209]
-
-testId=3764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1210]
-
-testId=20100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1211]
-
-testId=11956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1212]
-
-testId=28292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1213]
-
-testId=7860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1214]
-
-testId=24228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1215]
-
-testId=16052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1216]
-
-testId=32404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1217]
-
-testId=404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1218]
-
-testId=16772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1219]
-
-testId=8580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1220]
-
-testId=24964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1221]
-
-testId=4516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1222]
-
-testId=20900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1223]
-
-testId=12676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1224]
-
-testId=29092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1225]
-
-testId=2436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1226]
-
-testId=18836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1227]
-
-testId=10628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1228]
-
-testId=27012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1229]
-
-testId=6532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1230]
-
-testId=22932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1231]
-
-testId=14740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1232]
-
-testId=31108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1233]
-
-testId=1428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1234]
-
-testId=17844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1235]
-
-testId=9636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1236]
-
-testId=26004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1237]
-
-testId=5540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1238]
-
-testId=21892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1239]
-
-testId=13700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1240]
-
-testId=30132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1241]
-
-testId=3460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1242]
-
-testId=19876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1243]
-
-testId=11700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1244]
-
-testId=28036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1245]
-
-testId=7588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1246]
-
-testId=23988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1247]
-
-testId=15764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1248]
-
-testId=32164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1249]
-
-testId=900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1250]
-
-testId=17300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1251]
-
-testId=9092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1252]
-
-testId=25524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1253]
-
-testId=5028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1254]
-
-testId=21412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1255]
-
-testId=13220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1256]
-
-testId=29604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1257]
-
-testId=2948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1258]
-
-testId=19380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1259]
-
-testId=11156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1260]
-
-testId=27540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1261]
-
-testId=7092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1262]
-
-testId=23444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1263]
-
-testId=15284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1264]
-
-testId=31668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1265]
-
-testId=1940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1266]
-
-testId=18308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1267]
-
-testId=10164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1268]
-
-testId=26532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1269]
-
-testId=6052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1270]
-
-testId=22452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1271]
-
-testId=14260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1272]
-
-testId=30628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1273]
-
-testId=4020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1274]
-
-testId=20404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1275]
-
-testId=12164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1276]
-
-testId=28548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1277]
-
-testId=8068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1278]
-
-testId=24468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1279]
-
-testId=16260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1280]
-
-testId=32644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1281]
-
-testId=68
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1282]
-
-testId=16484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1283]
-
-testId=8292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1284]
-
-testId=24644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1285]
-
-testId=4180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1286]
-
-testId=20580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1287]
-
-testId=12372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1288]
-
-testId=28756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1289]
-
-testId=2132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1290]
-
-testId=18516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1291]
-
-testId=10324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1292]
-
-testId=26740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1293]
-
-testId=6260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1294]
-
-testId=22644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1295]
-
-testId=14436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1296]
-
-testId=30820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1297]
-
-testId=1124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1298]
-
-testId=17492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1299]
-
-testId=9300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1300]
-
-testId=25668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1301]
-
-testId=5204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1302]
-
-testId=21572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1303]
-
-testId=13428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1304]
-
-testId=29812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1305]
-
-testId=3172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1306]
-
-testId=19540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1307]
-
-testId=11332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1308]
-
-testId=27716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1309]
-
-testId=7236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1310]
-
-testId=23636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1311]
-
-testId=15476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1312]
-
-testId=31828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1313]
-
-testId=580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1314]
-
-testId=16980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1315]
-
-testId=8820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1316]
-
-testId=25204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1317]
-
-testId=4724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1318]
-
-testId=21076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1319]
-
-testId=12916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1320]
-
-testId=29268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1321]
-
-testId=2676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1322]
-
-testId=19028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1323]
-
-testId=10852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1324]
-
-testId=27204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1325]
-
-testId=6724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1326]
-
-testId=23108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1327]
-
-testId=14932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1328]
-
-testId=31332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1329]
-
-testId=1636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1330]
-
-testId=17988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1331]
-
-testId=9812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1332]
-
-testId=26180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1333]
-
-testId=5700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1334]
-
-testId=22116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1335]
-
-testId=13940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1336]
-
-testId=30308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1337]
-
-testId=3668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1338]
-
-testId=20052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1339]
-
-testId=11844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1340]
-
-testId=28260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1341]
-
-testId=7796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1342]
-
-testId=24180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1343]
-
-testId=15972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1344]
-
-testId=32340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1345]
-
-testId=356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1346]
-
-testId=16740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1347]
-
-testId=8564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1348]
-
-testId=24916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1349]
-
-testId=4452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1350]
-
-testId=20852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1351]
-
-testId=12628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1352]
-
-testId=29012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1353]
-
-testId=2388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1354]
-
-testId=18788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1355]
-
-testId=10596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1356]
-
-testId=26980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1357]
-
-testId=6516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1358]
-
-testId=22852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1359]
-
-testId=14692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1360]
-
-testId=31076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1361]
-
-testId=1348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1362]
-
-testId=17732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1363]
-
-testId=9540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1364]
-
-testId=25924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1365]
-
-testId=5444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1366]
-
-testId=21860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1367]
-
-testId=13636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1368]
-
-testId=30052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1369]
-
-testId=3412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1370]
-
-testId=19812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1371]
-
-testId=11620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1372]
-
-testId=28020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1373]
-
-testId=7492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1374]
-
-testId=23924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1375]
-
-testId=15700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1376]
-
-testId=32100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1377]
-
-testId=852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1378]
-
-testId=17252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1379]
-
-testId=9076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1380]
-
-testId=25460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1381]
-
-testId=4932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1382]
-
-testId=21364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1383]
-
-testId=13156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1384]
-
-testId=29508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1385]
-
-testId=2932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1386]
-
-testId=19300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1387]
-
-testId=11124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1388]
-
-testId=27476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1389]
-
-testId=7028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1390]
-
-testId=23412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1391]
-
-testId=15172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1392]
-
-testId=31556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1393]
-
-testId=1876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1394]
-
-testId=18244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1395]
-
-testId=10100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1396]
-
-testId=26468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1397]
-
-testId=6004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1398]
-
-testId=22388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1399]
-
-testId=14196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1400]
-
-testId=30548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1401]
-
-testId=3924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1402]
-
-testId=20340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1403]
-
-testId=12100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1404]
-
-testId=28516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1405]
-
-testId=8052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1406]
-
-testId=24436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1407]
-
-testId=16212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1408]
-
-testId=32612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1409]
-
-testId=244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1410]
-
-testId=16612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1411]
-
-testId=8420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1412]
-
-testId=24820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1413]
-
-testId=4308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1414]
-
-testId=20708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1415]
-
-testId=12500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1416]
-
-testId=28900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1417]
-
-testId=2244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1418]
-
-testId=18644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1419]
-
-testId=10436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1420]
-
-testId=26868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1421]
-
-testId=6372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1422]
-
-testId=22724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1423]
-
-testId=14548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1424]
-
-testId=30932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1425]
-
-testId=1268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1426]
-
-testId=17636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1427]
-
-testId=9412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1428]
-
-testId=25844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1429]
-
-testId=5364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1430]
-
-testId=21700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1431]
-
-testId=13508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1432]
-
-testId=29892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1433]
-
-testId=3268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1434]
-
-testId=19700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1435]
-
-testId=11492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1436]
-
-testId=27892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1437]
-
-testId=7396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1438]
-
-testId=23748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1439]
-
-testId=15556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1440]
-
-testId=31940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1441]
-
-testId=740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1442]
-
-testId=17092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1443]
-
-testId=8948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1444]
-
-testId=25332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1445]
-
-testId=4836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1446]
-
-testId=21220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1447]
-
-testId=13012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1448]
-
-testId=29412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1449]
-
-testId=2756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1450]
-
-testId=19172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1451]
-
-testId=10964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1452]
-
-testId=27348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1453]
-
-testId=6900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1454]
-
-testId=23284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1455]
-
-testId=15076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1456]
-
-testId=31428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1457]
-
-testId=1764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1458]
-
-testId=18164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1459]
-
-testId=9924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1460]
-
-testId=26340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1461]
-
-testId=5844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1462]
-
-testId=22260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1463]
-
-testId=14020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1464]
-
-testId=30420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1465]
-
-testId=3780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1466]
-
-testId=20212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1467]
-
-testId=12020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1468]
-
-testId=28388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1469]
-
-testId=7908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1470]
-
-testId=24276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1471]
-
-testId=16084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1472]
-
-testId=32452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1473]
-
-testId=452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1474]
-
-testId=16836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1475]
-
-testId=8660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1476]
-
-testId=25044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1477]
-
-testId=4596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1478]
-
-testId=20932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1479]
-
-testId=12756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1480]
-
-testId=29124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1481]
-
-testId=2500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1482]
-
-testId=18884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1483]
-
-testId=10724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1484]
-
-testId=27108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1485]
-
-testId=6612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1486]
-
-testId=22996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1487]
-
-testId=14820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1488]
-
-testId=31172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1489]
-
-testId=1476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1490]
-
-testId=17860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1491]
-
-testId=9684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1492]
-
-testId=26084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1493]
-
-testId=5620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1494]
-
-testId=21956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1495]
-
-testId=13796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1496]
-
-testId=30196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1497]
-
-testId=3524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1498]
-
-testId=19956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1499]
-
-testId=11748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1500]
-
-testId=28116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1501]
-
-testId=7668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1502]
-
-testId=24052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1503]
-
-testId=15828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1504]
-
-testId=32212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1505]
-
-testId=964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1506]
-
-testId=17396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1507]
-
-testId=9172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1508]
-
-testId=25588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1509]
-
-testId=5060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1510]
-
-testId=21460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1511]
-
-testId=13252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1512]
-
-testId=29668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1513]
-
-testId=3044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1514]
-
-testId=19412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1515]
-
-testId=11204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1516]
-
-testId=27588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1517]
-
-testId=7124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1518]
-
-testId=23492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1519]
-
-testId=15332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1520]
-
-testId=31716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1521]
-
-testId=1988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1522]
-
-testId=18388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1523]
-
-testId=10180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1524]
-
-testId=26612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1525]
-
-testId=6084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1526]
-
-testId=22468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1527]
-
-testId=14276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1528]
-
-testId=30692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1529]
-
-testId=4052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1530]
-
-testId=20452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1531]
-
-testId=12244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1532]
-
-testId=28612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1533]
-
-testId=8180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1534]
-
-testId=24548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1535]
-
-testId=16356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1536]
-
-testId=32740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1537]
-
-testId=60
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1538]
-
-testId=16396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1539]
-
-testId=8252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1540]
-
-testId=24604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1541]
-
-testId=4124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1542]
-
-testId=20508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1543]
-
-testId=12316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1544]
-
-testId=28716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1545]
-
-testId=2108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1546]
-
-testId=18444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1547]
-
-testId=10284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1548]
-
-testId=26684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1549]
-
-testId=6188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1550]
-
-testId=22556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1551]
-
-testId=14348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1552]
-
-testId=30764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1553]
-
-testId=1036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1554]
-
-testId=17436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1555]
-
-testId=9244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1556]
-
-testId=25612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1557]
-
-testId=5164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1558]
-
-testId=21516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1559]
-
-testId=13356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1560]
-
-testId=29708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1561]
-
-testId=3116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1562]
-
-testId=19484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1563]
-
-testId=11308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1564]
-
-testId=27660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1565]
-
-testId=7196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1566]
-
-testId=23580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1567]
-
-testId=15404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1568]
-
-testId=31756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1569]
-
-testId=572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1570]
-
-testId=16956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1571]
-
-testId=8748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1572]
-
-testId=25132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1573]
-
-testId=4652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1574]
-
-testId=21036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1575]
-
-testId=12844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1576]
-
-testId=29244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1577]
-
-testId=2604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1578]
-
-testId=19004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1579]
-
-testId=10812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1580]
-
-testId=27164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1581]
-
-testId=6716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1582]
-
-testId=23100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1583]
-
-testId=14892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1584]
-
-testId=31244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1585]
-
-testId=1596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1586]
-
-testId=17948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1587]
-
-testId=9788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1588]
-
-testId=26124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1589]
-
-testId=5660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1590]
-
-testId=22044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1591]
-
-testId=13852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1592]
-
-testId=30236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1593]
-
-testId=3612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1594]
-
-testId=19996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1595]
-
-testId=11820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1596]
-
-testId=28172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1597]
-
-testId=7708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1598]
-
-testId=24092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1599]
-
-testId=15900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1600]
-
-testId=32268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1601]
-
-testId=268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1602]
-
-testId=16684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1603]
-
-testId=8508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1604]
-
-testId=24844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1605]
-
-testId=4412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1606]
-
-testId=20780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1607]
-
-testId=12604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1608]
-
-testId=28972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1609]
-
-testId=2332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1610]
-
-testId=18716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1611]
-
-testId=10508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1612]
-
-testId=26924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1613]
-
-testId=6428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1614]
-
-testId=22828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1615]
-
-testId=14652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1616]
-
-testId=31036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1617]
-
-testId=1340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1618]
-
-testId=17676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1619]
-
-testId=9532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1620]
-
-testId=25868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1621]
-
-testId=5420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1622]
-
-testId=21788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1623]
-
-testId=13612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1624]
-
-testId=29996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1625]
-
-testId=3372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1626]
-
-testId=19724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1627]
-
-testId=11564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1628]
-
-testId=27916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1629]
-
-testId=7452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1630]
-
-testId=23868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1631]
-
-testId=15660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1632]
-
-testId=32044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1633]
-
-testId=828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1634]
-
-testId=17212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1635]
-
-testId=8972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1636]
-
-testId=25372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1637]
-
-testId=4908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1638]
-
-testId=21292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1639]
-
-testId=13116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1640]
-
-testId=29452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1641]
-
-testId=2860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1642]
-
-testId=19212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1643]
-
-testId=11036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1644]
-
-testId=27452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1645]
-
-testId=6924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1646]
-
-testId=23340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1647]
-
-testId=15148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1648]
-
-testId=31516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1649]
-
-testId=1820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1650]
-
-testId=18204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1651]
-
-testId=10012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1652]
-
-testId=26428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1653]
-
-testId=5916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1654]
-
-testId=22300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1655]
-
-testId=14124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1656]
-
-testId=30476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1657]
-
-testId=3852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1658]
-
-testId=20236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1659]
-
-testId=12092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1660]
-
-testId=28460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1661]
-
-testId=7948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1662]
-
-testId=24332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1663]
-
-testId=16172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1664]
-
-testId=32572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1665]
-
-testId=156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1666]
-
-testId=16572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1667]
-
-testId=8364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1668]
-
-testId=24764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1669]
-
-testId=4284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1670]
-
-testId=20620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1671]
-
-testId=12460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1672]
-
-testId=28860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1673]
-
-testId=2236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1674]
-
-testId=18604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1675]
-
-testId=10428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1676]
-
-testId=26780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1677]
-
-testId=6300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1678]
-
-testId=22668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1679]
-
-testId=14508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1680]
-
-testId=30876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1681]
-
-testId=1164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1682]
-
-testId=17564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1683]
-
-testId=9356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1684]
-
-testId=25740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1685]
-
-testId=5308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1686]
-
-testId=21644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1687]
-
-testId=13484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1688]
-
-testId=29868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1689]
-
-testId=3260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1690]
-
-testId=19628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1691]
-
-testId=11404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1692]
-
-testId=27820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1693]
-
-testId=7356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1694]
-
-testId=23692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1695]
-
-testId=15548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1696]
-
-testId=31932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1697]
-
-testId=684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1698]
-
-testId=17036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1699]
-
-testId=8892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1700]
-
-testId=25276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1701]
-
-testId=4748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1702]
-
-testId=21164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1703]
-
-testId=12956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1704]
-
-testId=29340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1705]
-
-testId=2716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1706]
-
-testId=19116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1707]
-
-testId=10892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1708]
-
-testId=27324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1709]
-
-testId=6844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1710]
-
-testId=23228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1711]
-
-testId=15036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1712]
-
-testId=31388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1713]
-
-testId=1692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1714]
-
-testId=18076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1715]
-
-testId=9868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1716]
-
-testId=26268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1717]
-
-testId=5772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1718]
-
-testId=22188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1719]
-
-testId=14012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1720]
-
-testId=30396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1721]
-
-testId=3740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1722]
-
-testId=20156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1723]
-
-testId=11964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1724]
-
-testId=28332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1725]
-
-testId=7836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1726]
-
-testId=24204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1727]
-
-testId=16012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1728]
-
-testId=32412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1729]
-
-testId=396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1730]
-
-testId=16812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1731]
-
-testId=8620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1732]
-
-testId=25004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1733]
-
-testId=4540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1734]
-
-testId=20924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1735]
-
-testId=12700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1736]
-
-testId=29116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1737]
-
-testId=2444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1738]
-
-testId=18828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1739]
-
-testId=10684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1740]
-
-testId=27020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1741]
-
-testId=6540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1742]
-
-testId=22972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1743]
-
-testId=14780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1744]
-
-testId=31164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1745]
-
-testId=1468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1746]
-
-testId=17804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1747]
-
-testId=9628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1748]
-
-testId=25996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1749]
-
-testId=5548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1750]
-
-testId=21932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1751]
-
-testId=13724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1752]
-
-testId=30092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1753]
-
-testId=3500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1754]
-
-testId=19900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1755]
-
-testId=11692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1756]
-
-testId=28044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1757]
-
-testId=7596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1758]
-
-testId=23980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1759]
-
-testId=15788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1760]
-
-testId=32188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1761]
-
-testId=908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1762]
-
-testId=17340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1763]
-
-testId=9148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1764]
-
-testId=25500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1765]
-
-testId=5004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1766]
-
-testId=21420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1767]
-
-testId=13244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1768]
-
-testId=29580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1769]
-
-testId=2988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1770]
-
-testId=19388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1771]
-
-testId=11180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1772]
-
-testId=27548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1773]
-
-testId=7100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1774]
-
-testId=23452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1775]
-
-testId=15276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1776]
-
-testId=31628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1777]
-
-testId=1964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1778]
-
-testId=18316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1779]
-
-testId=10156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1780]
-
-testId=26508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1781]
-
-testId=6076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1782]
-
-testId=22412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1783]
-
-testId=14236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1784]
-
-testId=30620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1785]
-
-testId=3980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1786]
-
-testId=20412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1787]
-
-testId=12188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1788]
-
-testId=28556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1789]
-
-testId=8124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1790]
-
-testId=24508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1791]
-
-testId=16284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1792]
-
-testId=32684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1793]
-
-testId=124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1794]
-
-testId=16508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1795]
-
-testId=8268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1796]
-
-testId=24652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1797]
-
-testId=4172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1798]
-
-testId=20556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1799]
-
-testId=12412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1800]
-
-testId=28748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1801]
-
-testId=2172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1802]
-
-testId=18540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1803]
-
-testId=10332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1804]
-
-testId=26716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1805]
-
-testId=6252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1806]
-
-testId=22620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1807]
-
-testId=14428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1808]
-
-testId=30828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1809]
-
-testId=1116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1810]
-
-testId=17516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1811]
-
-testId=9324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1812]
-
-testId=25708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1813]
-
-testId=5228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1814]
-
-testId=21596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1815]
-
-testId=13436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1816]
-
-testId=29772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1817]
-
-testId=3148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1818]
-
-testId=19580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1819]
-
-testId=11372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1820]
-
-testId=27740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1821]
-
-testId=7292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1822]
-
-testId=23660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1823]
-
-testId=15452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1824]
-
-testId=31820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1825]
-
-testId=604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1826]
-
-testId=17020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1827]
-
-testId=8780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1828]
-
-testId=25212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1829]
-
-testId=4700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1830]
-
-testId=21116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1831]
-
-testId=12892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1832]
-
-testId=29276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1833]
-
-testId=2652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1834]
-
-testId=19052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1835]
-
-testId=10828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1836]
-
-testId=27260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1837]
-
-testId=6764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1838]
-
-testId=23132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1839]
-
-testId=14972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1840]
-
-testId=31356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1841]
-
-testId=1612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1842]
-
-testId=18012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1843]
-
-testId=9820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1844]
-
-testId=26204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1845]
-
-testId=5708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1846]
-
-testId=22140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1847]
-
-testId=13916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1848]
-
-testId=30300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1849]
-
-testId=3676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1850]
-
-testId=20092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1851]
-
-testId=11900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1852]
-
-testId=28284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1853]
-
-testId=7756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1854]
-
-testId=24188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1855]
-
-testId=15980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1856]
-
-testId=32364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1857]
-
-testId=364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1858]
-
-testId=16764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1859]
-
-testId=8524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1860]
-
-testId=24940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1861]
-
-testId=4444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1862]
-
-testId=20812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1863]
-
-testId=12636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1864]
-
-testId=29052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1865]
-
-testId=2428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1866]
-
-testId=18764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1867]
-
-testId=10620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1868]
-
-testId=27004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1869]
-
-testId=6476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1870]
-
-testId=22876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1871]
-
-testId=14684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1872]
-
-testId=31100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1873]
-
-testId=1388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1874]
-
-testId=17788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1875]
-
-testId=9548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1876]
-
-testId=25980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1877]
-
-testId=5468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1878]
-
-testId=21852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1879]
-
-testId=13660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1880]
-
-testId=30028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1881]
-
-testId=3436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1882]
-
-testId=19804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1883]
-
-testId=11596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1884]
-
-testId=27996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1885]
-
-testId=7516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1886]
-
-testId=23932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1887]
-
-testId=15708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1888]
-
-testId=32108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1889]
-
-testId=844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1890]
-
-testId=17260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1891]
-
-testId=9036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1892]
-
-testId=25468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1893]
-
-testId=4956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1894]
-
-testId=21324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1895]
-
-testId=13132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1896]
-
-testId=29516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1897]
-
-testId=2940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1898]
-
-testId=19276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1899]
-
-testId=11084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1900]
-
-testId=27468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1901]
-
-testId=7004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1902]
-
-testId=23388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1903]
-
-testId=15180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1904]
-
-testId=31612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1905]
-
-testId=1868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1906]
-
-testId=18268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1907]
-
-testId=10060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1908]
-
-testId=26476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1909]
-
-testId=5964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1910]
-
-testId=22380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1911]
-
-testId=14204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1912]
-
-testId=30572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1913]
-
-testId=3932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1914]
-
-testId=20348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1915]
-
-testId=12140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1916]
-
-testId=28492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1917]
-
-testId=8028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1918]
-
-testId=24444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1919]
-
-testId=16204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1920]
-
-testId=32620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1921]
-
-testId=220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1922]
-
-testId=16620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1923]
-
-testId=8396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1924]
-
-testId=24828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1925]
-
-testId=4316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1926]
-
-testId=20732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1927]
-
-testId=12492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1928]
-
-testId=28892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1929]
-
-testId=2284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1930]
-
-testId=18684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1931]
-
-testId=10444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1932]
-
-testId=26876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1933]
-
-testId=6380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1934]
-
-testId=22732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1935]
-
-testId=14572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1936]
-
-testId=30940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1937]
-
-testId=1276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1938]
-
-testId=17660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1939]
-
-testId=9420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1940]
-
-testId=25852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1941]
-
-testId=5372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1942]
-
-testId=21708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1943]
-
-testId=13532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1944]
-
-testId=29932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1945]
-
-testId=3292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1946]
-
-testId=19660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1947]
-
-testId=11468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1948]
-
-testId=27868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1949]
-
-testId=7420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1950]
-
-testId=23788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1951]
-
-testId=15596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1952]
-
-testId=31964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1953]
-
-testId=748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1954]
-
-testId=17116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1955]
-
-testId=8940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1956]
-
-testId=25324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1957]
-
-testId=4828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1958]
-
-testId=21212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1959]
-
-testId=13004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1960]
-
-testId=29388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1961]
-
-testId=2796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1962]
-
-testId=19180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1963]
-
-testId=10972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1964]
-
-testId=27372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1965]
-
-testId=6860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1966]
-
-testId=23260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1967]
-
-testId=15052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1968]
-
-testId=31436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1969]
-
-testId=1788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1970]
-
-testId=18140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1971]
-
-testId=9932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1972]
-
-testId=26364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1973]
-
-testId=5884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1974]
-
-testId=22268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1975]
-
-testId=14076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1976]
-
-testId=30444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1977]
-
-testId=3788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1978]
-
-testId=20220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1979]
-
-testId=12012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1980]
-
-testId=28380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1981]
-
-testId=7900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1982]
-
-testId=24300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1983]
-
-testId=16108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1984]
-
-testId=32476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1985]
-
-testId=476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1986]
-
-testId=16844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1987]
-
-testId=8668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1988]
-
-testId=25068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1989]
-
-testId=4604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1990]
-
-testId=20940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1991]
-
-testId=12764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1992]
-
-testId=29132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1993]
-
-testId=2508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1994]
-
-testId=18892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1995]
-
-testId=10716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1996]
-
-testId=27100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1997]
-
-testId=6652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1998]
-
-testId=23004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1999]
-
-testId=14844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2000]
-
-testId=31180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2001]
-
-testId=1516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2002]
-
-testId=17900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2003]
-
-testId=9708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2004]
-
-testId=26092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2005]
-
-testId=5628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2006]
-
-testId=21964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2007]
-
-testId=13804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2008]
-
-testId=30204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2009]
-
-testId=3564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2010]
-
-testId=19948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2011]
-
-testId=11772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2012]
-
-testId=28156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2013]
-
-testId=7660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2014]
-
-testId=24012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2015]
-
-testId=15852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2016]
-
-testId=32220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2017]
-
-testId=972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2018]
-
-testId=17388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2019]
-
-testId=9164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2020]
-
-testId=25548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2021]
-
-testId=5068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2022]
-
-testId=21500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2023]
-
-testId=13260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2024]
-
-testId=29676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2025]
-
-testId=3052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2026]
-
-testId=19436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2027]
-
-testId=11212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2028]
-
-testId=27644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2029]
-
-testId=7132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2030]
-
-testId=23516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2031]
-
-testId=15324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2032]
-
-testId=31724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2033]
-
-testId=2044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2034]
-
-testId=18396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2035]
-
-testId=10236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2036]
-
-testId=26588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2037]
-
-testId=6140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2038]
-
-testId=22476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2039]
-
-testId=14332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2040]
-
-testId=30668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2041]
-
-testId=4060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2042]
-
-testId=20444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2043]
-
-testId=12236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2044]
-
-testId=28652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2045]
-
-testId=8172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2046]
-
-testId=24524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2047]
-
-testId=16364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2048]
-
-testId=32764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2049]
-
-testId=2
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2050]
-
-testId=16402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2051]
-
-testId=8242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2052]
-
-testId=24594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2053]
-
-testId=4098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2054]
-
-testId=20482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2055]
-
-testId=12322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2056]
-
-testId=28722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2057]
-
-testId=2066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2058]
-
-testId=18466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2059]
-
-testId=10258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2060]
-
-testId=26674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2061]
-
-testId=6194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2062]
-
-testId=22578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2063]
-
-testId=14386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2064]
-
-testId=30738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2065]
-
-testId=1058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2066]
-
-testId=17458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2067]
-
-testId=9218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2068]
-
-testId=25634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2069]
-
-testId=5122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2070]
-
-testId=21506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2071]
-
-testId=13314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2072]
-
-testId=29730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2073]
-
-testId=3122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2074]
-
-testId=19458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2075]
-
-testId=11266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2076]
-
-testId=27650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2077]
-
-testId=7218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2078]
-
-testId=23554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2079]
-
-testId=15378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2080]
-
-testId=31762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2081]
-
-testId=562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2082]
-
-testId=16930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2083]
-
-testId=8754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2084]
-
-testId=25106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2085]
-
-testId=4658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2086]
-
-testId=20994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2087]
-
-testId=12802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2088]
-
-testId=29186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2089]
-
-testId=2562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2090]
-
-testId=18994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2091]
-
-testId=10786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2092]
-
-testId=27186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2093]
-
-testId=6706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2094]
-
-testId=23042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2095]
-
-testId=14850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2096]
-
-testId=31250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2097]
-
-testId=1538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2098]
-
-testId=17954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2099]
-
-testId=9778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2100]
-
-testId=26114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2101]
-
-testId=5650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2102]
-
-testId=22034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2103]
-
-testId=13842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2104]
-
-testId=30242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2105]
-
-testId=3618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2106]
-
-testId=20002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2107]
-
-testId=11826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2108]
-
-testId=28178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2109]
-
-testId=7682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2110]
-
-testId=24114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2111]
-
-testId=15906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2112]
-
-testId=32306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2113]
-
-testId=306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2114]
-
-testId=16674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2115]
-
-testId=8450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2116]
-
-testId=24866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2117]
-
-testId=4402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2118]
-
-testId=20738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2119]
-
-testId=12546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2120]
-
-testId=28962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2121]
-
-testId=2338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2122]
-
-testId=18706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2123]
-
-testId=10514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2124]
-
-testId=26930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2125]
-
-testId=6434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2126]
-
-testId=22818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2127]
-
-testId=14610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2128]
-
-testId=30994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2129]
-
-testId=1314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2130]
-
-testId=17682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2131]
-
-testId=9490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2132]
-
-testId=25890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2133]
-
-testId=5410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2134]
-
-testId=21762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2135]
-
-testId=13570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2136]
-
-testId=29986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2137]
-
-testId=3346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2138]
-
-testId=19762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2139]
-
-testId=11554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2140]
-
-testId=27906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2141]
-
-testId=7426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2142]
-
-testId=23842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2143]
-
-testId=15650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2144]
-
-testId=32018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2145]
-
-testId=818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2146]
-
-testId=17186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2147]
-
-testId=8962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2148]
-
-testId=25378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2149]
-
-testId=4914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2150]
-
-testId=21298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2151]
-
-testId=13058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2152]
-
-testId=29458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2153]
-
-testId=2834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2154]
-
-testId=19202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2155]
-
-testId=11058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2156]
-
-testId=27394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2157]
-
-testId=6946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2158]
-
-testId=23346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2159]
-
-testId=15154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2160]
-
-testId=31522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2161]
-
-testId=1826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2162]
-
-testId=18210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2163]
-
-testId=10018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2164]
-
-testId=26402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2165]
-
-testId=5906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2166]
-
-testId=22290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2167]
-
-testId=14098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2168]
-
-testId=30482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2169]
-
-testId=3858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2170]
-
-testId=20226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2171]
-
-testId=12082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2172]
-
-testId=28434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2173]
-
-testId=7954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2174]
-
-testId=24338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2175]
-
-testId=16146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2176]
-
-testId=32514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2177]
-
-testId=162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2178]
-
-testId=16546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2179]
-
-testId=8322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2180]
-
-testId=24738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2181]
-
-testId=4226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2182]
-
-testId=20626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2183]
-
-testId=12434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2184]
-
-testId=28834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2185]
-
-testId=2210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2186]
-
-testId=18562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2187]
-
-testId=10418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2188]
-
-testId=26770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2189]
-
-testId=6274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2190]
-
-testId=22674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2191]
-
-testId=14482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2192]
-
-testId=30882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2193]
-
-testId=1202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2194]
-
-testId=17586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2195]
-
-testId=9346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2196]
-
-testId=25746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2197]
-
-testId=5266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2198]
-
-testId=21682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2199]
-
-testId=13474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2200]
-
-testId=29874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2201]
-
-testId=3202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2202]
-
-testId=19618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2203]
-
-testId=11426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2204]
-
-testId=27794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2205]
-
-testId=7346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2206]
-
-testId=23714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2207]
-
-testId=15490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2208]
-
-testId=31922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2209]
-
-testId=674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2210]
-
-testId=17074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2211]
-
-testId=8882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2212]
-
-testId=25234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2213]
-
-testId=4738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2214]
-
-testId=21138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2215]
-
-testId=12946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2216]
-
-testId=29346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2217]
-
-testId=2690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2218]
-
-testId=19106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2219]
-
-testId=10914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2220]
-
-testId=27298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2221]
-
-testId=6834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2222]
-
-testId=23218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2223]
-
-testId=14978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2224]
-
-testId=31394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2225]
-
-testId=1682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2226]
-
-testId=18066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2227]
-
-testId=9858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2228]
-
-testId=26242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2229]
-
-testId=5778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2230]
-
-testId=22178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2231]
-
-testId=13986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2232]
-
-testId=30338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2233]
-
-testId=3762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2234]
-
-testId=20114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2235]
-
-testId=11954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2236]
-
-testId=28306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2237]
-
-testId=7810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2238]
-
-testId=24226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2239]
-
-testId=16002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2240]
-
-testId=32418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2241]
-
-testId=402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2242]
-
-testId=16802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2243]
-
-testId=8626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2244]
-
-testId=24962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2245]
-
-testId=4498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2246]
-
-testId=20866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2247]
-
-testId=12722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2248]
-
-testId=29106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2249]
-
-testId=2482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2250]
-
-testId=18866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2251]
-
-testId=10658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2252]
-
-testId=27026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2253]
-
-testId=6578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2254]
-
-testId=22946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2255]
-
-testId=14754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2256]
-
-testId=31138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2257]
-
-testId=1442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2258]
-
-testId=17794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2259]
-
-testId=9618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2260]
-
-testId=26034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2261]
-
-testId=5522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2262]
-
-testId=21938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2263]
-
-testId=13730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2264]
-
-testId=30098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2265]
-
-testId=3506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2266]
-
-testId=19874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2267]
-
-testId=11682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2268]
-
-testId=28034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2269]
-
-testId=7570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2270]
-
-testId=23954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2271]
-
-testId=15794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2272]
-
-testId=32146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2273]
-
-testId=898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2274]
-
-testId=17314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2275]
-
-testId=9122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2276]
-
-testId=25506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2277]
-
-testId=4994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2278]
-
-testId=21394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2279]
-
-testId=13202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2280]
-
-testId=29618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2281]
-
-testId=2994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2282]
-
-testId=19362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2283]
-
-testId=11138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2284]
-
-testId=27554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2285]
-
-testId=7090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2286]
-
-testId=23426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2287]
-
-testId=15234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2288]
-
-testId=31618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2289]
-
-testId=1938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2290]
-
-testId=18338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2291]
-
-testId=10114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2292]
-
-testId=26530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2293]
-
-testId=6018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2294]
-
-testId=22402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2295]
-
-testId=14242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2296]
-
-testId=30626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2297]
-
-testId=4018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2298]
-
-testId=20354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2299]
-
-testId=12178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2300]
-
-testId=28578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2301]
-
-testId=8098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2302]
-
-testId=24498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2303]
-
-testId=16290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2304]
-
-testId=32690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2305]
-
-testId=114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2306]
-
-testId=16482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2307]
-
-testId=8290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2308]
-
-testId=24690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2309]
-
-testId=4162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2310]
-
-testId=20562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2311]
-
-testId=12354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2312]
-
-testId=28786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2313]
-
-testId=2146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2314]
-
-testId=18546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2315]
-
-testId=10322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2316]
-
-testId=26706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2317]
-
-testId=6242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2318]
-
-testId=22594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2319]
-
-testId=14434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2320]
-
-testId=30786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2321]
-
-testId=1090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2322]
-
-testId=17490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2323]
-
-testId=9282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2324]
-
-testId=25714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2325]
-
-testId=5186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2326]
-
-testId=21570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2327]
-
-testId=13378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2328]
-
-testId=29810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2329]
-
-testId=3170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2330]
-
-testId=19570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2331]
-
-testId=11362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2332]
-
-testId=27762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2333]
-
-testId=7266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2334]
-
-testId=23650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2335]
-
-testId=15426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2336]
-
-testId=31810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2337]
-
-testId=578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2338]
-
-testId=16978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2339]
-
-testId=8818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2340]
-
-testId=25154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2341]
-
-testId=4690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2342]
-
-testId=21074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2343]
-
-testId=12866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2344]
-
-testId=29298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2345]
-
-testId=2626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2346]
-
-testId=19010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2347]
-
-testId=10834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2348]
-
-testId=27234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2349]
-
-testId=6722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2350]
-
-testId=23106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2351]
-
-testId=14962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2352]
-
-testId=31346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2353]
-
-testId=1602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2354]
-
-testId=18034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2355]
-
-testId=9842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2356]
-
-testId=26194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2357]
-
-testId=5730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2358]
-
-testId=22130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2359]
-
-testId=13938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2360]
-
-testId=30274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2361]
-
-testId=3682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2362]
-
-testId=20034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2363]
-
-testId=11890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2364]
-
-testId=28274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2365]
-
-testId=7794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2366]
-
-testId=24178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2367]
-
-testId=15938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2368]
-
-testId=32370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2369]
-
-testId=338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2370]
-
-testId=16738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2371]
-
-testId=8546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2372]
-
-testId=24946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2373]
-
-testId=4434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2374]
-
-testId=20818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2375]
-
-testId=12642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2376]
-
-testId=29010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2377]
-
-testId=2402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2378]
-
-testId=18802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2379]
-
-testId=10610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2380]
-
-testId=26994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2381]
-
-testId=6482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2382]
-
-testId=22898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2383]
-
-testId=14658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2384]
-
-testId=31058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2385]
-
-testId=1362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2386]
-
-testId=17730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2387]
-
-testId=9538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2388]
-
-testId=25954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2389]
-
-testId=5490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2390]
-
-testId=21858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2391]
-
-testId=13634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2392]
-
-testId=30066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2393]
-
-testId=3410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2394]
-
-testId=19778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2395]
-
-testId=11634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2396]
-
-testId=28018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2397]
-
-testId=7538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2398]
-
-testId=23906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2399]
-
-testId=15698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2400]
-
-testId=32114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2401]
-
-testId=850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2402]
-
-testId=17234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2403]
-
-testId=9074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2404]
-
-testId=25458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2405]
-
-testId=4978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2406]
-
-testId=21362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2407]
-
-testId=13170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2408]
-
-testId=29522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2409]
-
-testId=2882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2410]
-
-testId=19298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2411]
-
-testId=11122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2412]
-
-testId=27474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2413]
-
-testId=6994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2414]
-
-testId=23362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2415]
-
-testId=15202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2416]
-
-testId=31570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2417]
-
-testId=1890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2418]
-
-testId=18258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2419]
-
-testId=10050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2420]
-
-testId=26434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2421]
-
-testId=5986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2422]
-
-testId=22386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2423]
-
-testId=14194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2424]
-
-testId=30562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2425]
-
-testId=3922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2426]
-
-testId=20322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2427]
-
-testId=12114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2428]
-
-testId=28482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2429]
-
-testId=8018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2430]
-
-testId=24386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2431]
-
-testId=16210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2432]
-
-testId=32626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2433]
-
-testId=226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2434]
-
-testId=16594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2435]
-
-testId=8434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2436]
-
-testId=24770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2437]
-
-testId=4306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2438]
-
-testId=20674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2439]
-
-testId=12498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2440]
-
-testId=28898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2441]
-
-testId=2258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2442]
-
-testId=18674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2443]
-
-testId=10450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2444]
-
-testId=26834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2445]
-
-testId=6386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2446]
-
-testId=22770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2447]
-
-testId=14546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2448]
-
-testId=30914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2449]
-
-testId=1250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2450]
-
-testId=17602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2451]
-
-testId=9442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2452]
-
-testId=25826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2453]
-
-testId=5330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2454]
-
-testId=21714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2455]
-
-testId=13522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2456]
-
-testId=29938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2457]
-
-testId=3282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2458]
-
-testId=19698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2459]
-
-testId=11506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2460]
-
-testId=27890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2461]
-
-testId=7378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2462]
-
-testId=23762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2463]
-
-testId=15570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2464]
-
-testId=31954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2465]
-
-testId=706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2466]
-
-testId=17106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2467]
-
-testId=8946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2468]
-
-testId=25330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2469]
-
-testId=4834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2470]
-
-testId=21186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2471]
-
-testId=13042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2472]
-
-testId=29426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2473]
-
-testId=2770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2474]
-
-testId=19154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2475]
-
-testId=10994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2476]
-
-testId=27346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2477]
-
-testId=6882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2478]
-
-testId=23266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2479]
-
-testId=15042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2480]
-
-testId=31458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2481]
-
-testId=1730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2482]
-
-testId=18162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2483]
-
-testId=9938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2484]
-
-testId=26354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2485]
-
-testId=5826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2486]
-
-testId=22226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2487]
-
-testId=14066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2488]
-
-testId=30434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2489]
-
-testId=3794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2490]
-
-testId=20162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2491]
-
-testId=11970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2492]
-
-testId=28354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2493]
-
-testId=7906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2494]
-
-testId=24306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2495]
-
-testId=16098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2496]
-
-testId=32498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2497]
-
-testId=450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2498]
-
-testId=16834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2499]
-
-testId=8642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2500]
-
-testId=25026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2501]
-
-testId=4546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2502]
-
-testId=20962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2503]
-
-testId=12754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2504]
-
-testId=29122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2505]
-
-testId=2498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2506]
-
-testId=18914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2507]
-
-testId=10738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2508]
-
-testId=27074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2509]
-
-testId=6626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2510]
-
-testId=22978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2511]
-
-testId=14802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2512]
-
-testId=31202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2513]
-
-testId=1522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2514]
-
-testId=17874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2515]
-
-testId=9682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2516]
-
-testId=26098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2517]
-
-testId=5570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2518]
-
-testId=21970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2519]
-
-testId=13794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2520]
-
-testId=30162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2521]
-
-testId=3538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2522]
-
-testId=19906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2523]
-
-testId=11762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2524]
-
-testId=28130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2525]
-
-testId=7666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2526]
-
-testId=24050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2527]
-
-testId=15826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2528]
-
-testId=32226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2529]
-
-testId=1010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2530]
-
-testId=17362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2531]
-
-testId=9154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2532]
-
-testId=25554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2533]
-
-testId=5106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2534]
-
-testId=21490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2535]
-
-testId=13282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2536]
-
-testId=29666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2537]
-
-testId=3026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2538]
-
-testId=19426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2539]
-
-testId=11202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2540]
-
-testId=27634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2541]
-
-testId=7106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2542]
-
-testId=23538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2543]
-
-testId=15298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2544]
-
-testId=31714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2545]
-
-testId=2034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2546]
-
-testId=18402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2547]
-
-testId=10194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2548]
-
-testId=26578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2549]
-
-testId=6114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2550]
-
-testId=22482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2551]
-
-testId=14274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2552]
-
-testId=30690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2553]
-
-testId=4034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2554]
-
-testId=20434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2555]
-
-testId=12258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2556]
-
-testId=28626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2557]
-
-testId=8178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2558]
-
-testId=24530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2559]
-
-testId=16370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2560]
-
-testId=32738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2561]
-
-testId=42
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2562]
-
-testId=16426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2563]
-
-testId=8234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2564]
-
-testId=24602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2565]
-
-testId=4106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2566]
-
-testId=20506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2567]
-
-testId=12298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2568]
-
-testId=28714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2569]
-
-testId=2058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2570]
-
-testId=18442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2571]
-
-testId=10282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2572]
-
-testId=26666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2573]
-
-testId=6186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2574]
-
-testId=22570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2575]
-
-testId=14362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2576]
-
-testId=30746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2577]
-
-testId=1050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2578]
-
-testId=17418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2579]
-
-testId=9274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2580]
-
-testId=25642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2581]
-
-testId=5146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2582]
-
-testId=21546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2583]
-
-testId=13370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2584]
-
-testId=29738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2585]
-
-testId=3098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2586]
-
-testId=19482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2587]
-
-testId=11306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2588]
-
-testId=27674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2589]
-
-testId=7226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2590]
-
-testId=23594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2591]
-
-testId=15402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2592]
-
-testId=31754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2593]
-
-testId=570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2594]
-
-testId=16906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2595]
-
-testId=8762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2596]
-
-testId=25130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2597]
-
-testId=4666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2598]
-
-testId=21002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2599]
-
-testId=12842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2600]
-
-testId=29226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2601]
-
-testId=2586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2602]
-
-testId=19002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2603]
-
-testId=10762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2604]
-
-testId=27178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2605]
-
-testId=6698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2606]
-
-testId=23082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2607]
-
-testId=14890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2608]
-
-testId=31258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2609]
-
-testId=1594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2610]
-
-testId=17946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2611]
-
-testId=9754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2612]
-
-testId=26170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2613]
-
-testId=5642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2614]
-
-testId=22058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2615]
-
-testId=13834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2616]
-
-testId=30250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2617]
-
-testId=3626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2618]
-
-testId=19994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2619]
-
-testId=11818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2620]
-
-testId=28186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2621]
-
-testId=7706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2622]
-
-testId=24122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2623]
-
-testId=15882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2624]
-
-testId=32266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2625]
-
-testId=282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2626]
-
-testId=16698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2627]
-
-testId=8490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2628]
-
-testId=24874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2629]
-
-testId=4362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2630]
-
-testId=20762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2631]
-
-testId=12586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2632]
-
-testId=28954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2633]
-
-testId=2330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2634]
-
-testId=18714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2635]
-
-testId=10538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2636]
-
-testId=26938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2637]
-
-testId=6426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2638]
-
-testId=22810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2639]
-
-testId=14602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2640]
-
-testId=30986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2641]
-
-testId=1338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2642]
-
-testId=17690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2643]
-
-testId=9530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2644]
-
-testId=25882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2645]
-
-testId=5418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2646]
-
-testId=21786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2647]
-
-testId=13610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2648]
-
-testId=29994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2649]
-
-testId=3386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2650]
-
-testId=19770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2651]
-
-testId=11562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2652]
-
-testId=27930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2653]
-
-testId=7482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2654]
-
-testId=23850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2655]
-
-testId=15642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2656]
-
-testId=32042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2657]
-
-testId=810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2658]
-
-testId=17178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2659]
-
-testId=9018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2660]
-
-testId=25386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2661]
-
-testId=4922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2662]
-
-testId=21274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2663]
-
-testId=13098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2664]
-
-testId=29498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2665]
-
-testId=2874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2666]
-
-testId=19258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2667]
-
-testId=11050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2668]
-
-testId=27450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2669]
-
-testId=6954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2670]
-
-testId=23354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2671]
-
-testId=15114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2672]
-
-testId=31546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2673]
-
-testId=1850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2674]
-
-testId=18186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2675]
-
-testId=10026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2676]
-
-testId=26410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2677]
-
-testId=5898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2678]
-
-testId=22330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2679]
-
-testId=14106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2680]
-
-testId=30490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2681]
-
-testId=3882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2682]
-
-testId=20282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2683]
-
-testId=12074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2684]
-
-testId=28458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2685]
-
-testId=7994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2686]
-
-testId=24362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2687]
-
-testId=16186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2688]
-
-testId=32538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2689]
-
-testId=170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2690]
-
-testId=16538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2691]
-
-testId=8346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2692]
-
-testId=24730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2693]
-
-testId=4234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2694]
-
-testId=20650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2695]
-
-testId=12474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2696]
-
-testId=28842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2697]
-
-testId=2218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2698]
-
-testId=18586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2699]
-
-testId=10410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2700]
-
-testId=26794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2701]
-
-testId=6282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2702]
-
-testId=22698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2703]
-
-testId=14490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2704]
-
-testId=30874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2705]
-
-testId=1178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2706]
-
-testId=17562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2707]
-
-testId=9386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2708]
-
-testId=25770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2709]
-
-testId=5274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2710]
-
-testId=21690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2711]
-
-testId=13498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2712]
-
-testId=29850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2713]
-
-testId=3242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2714]
-
-testId=19626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2715]
-
-testId=11402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2716]
-
-testId=27786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2717]
-
-testId=7354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2718]
-
-testId=23738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2719]
-
-testId=15498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2720]
-
-testId=31914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2721]
-
-testId=682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2722]
-
-testId=17066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2723]
-
-testId=8858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2724]
-
-testId=25274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2725]
-
-testId=4778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2726]
-
-testId=21130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2727]
-
-testId=12938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2728]
-
-testId=29322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2729]
-
-testId=2730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2730]
-
-testId=19082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2731]
-
-testId=10922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2732]
-
-testId=27274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2733]
-
-testId=6810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2734]
-
-testId=23210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2735]
-
-testId=15034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2736]
-
-testId=31418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2737]
-
-testId=1690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2738]
-
-testId=18106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2739]
-
-testId=9866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2740]
-
-testId=26282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2741]
-
-testId=5802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2742]
-
-testId=22170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2743]
-
-testId=13962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2744]
-
-testId=30378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2745]
-
-testId=3770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2746]
-
-testId=20122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2747]
-
-testId=11946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2748]
-
-testId=28298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2749]
-
-testId=7818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2750]
-
-testId=24250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2751]
-
-testId=16042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2752]
-
-testId=32442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2753]
-
-testId=426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2754]
-
-testId=16794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2755]
-
-testId=8618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2756]
-
-testId=25002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2757]
-
-testId=4490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2758]
-
-testId=20922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2759]
-
-testId=12730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2760]
-
-testId=29114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2761]
-
-testId=2490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2762]
-
-testId=18858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2763]
-
-testId=10650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2764]
-
-testId=27066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2765]
-
-testId=6554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2766]
-
-testId=22954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2767]
-
-testId=14778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2768]
-
-testId=31162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2769]
-
-testId=1418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2770]
-
-testId=17834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2771]
-
-testId=9658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2772]
-
-testId=26010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2773]
-
-testId=5546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2774]
-
-testId=21946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2775]
-
-testId=13706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2776]
-
-testId=30122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2777]
-
-testId=3498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2778]
-
-testId=19850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2779]
-
-testId=11706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2780]
-
-testId=28042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2781]
-
-testId=7562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2782]
-
-testId=23962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2783]
-
-testId=15770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2784]
-
-testId=32138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2785]
-
-testId=906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2786]
-
-testId=17290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2787]
-
-testId=9098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2788]
-
-testId=25514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2789]
-
-testId=5034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2790]
-
-testId=21402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2791]
-
-testId=13194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2792]
-
-testId=29578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2793]
-
-testId=2954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2794]
-
-testId=19386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2795]
-
-testId=11146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2796]
-
-testId=27578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2797]
-
-testId=7066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2798]
-
-testId=23450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2799]
-
-testId=15290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2800]
-
-testId=31658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2801]
-
-testId=1978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2802]
-
-testId=18346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2803]
-
-testId=10170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2804]
-
-testId=26506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2805]
-
-testId=6058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2806]
-
-testId=22458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2807]
-
-testId=14234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2808]
-
-testId=30618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2809]
-
-testId=3994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2810]
-
-testId=20394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2811]
-
-testId=12218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2812]
-
-testId=28586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2813]
-
-testId=8090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2814]
-
-testId=24506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2815]
-
-testId=16298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2816]
-
-testId=32650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2817]
-
-testId=122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2818]
-
-testId=16490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2819]
-
-testId=8314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2820]
-
-testId=24666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2821]
-
-testId=4218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2822]
-
-testId=20570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2823]
-
-testId=12410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2824]
-
-testId=28794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2825]
-
-testId=2170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2826]
-
-testId=18506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2827]
-
-testId=10346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2828]
-
-testId=26714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2829]
-
-testId=6250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2830]
-
-testId=22650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2831]
-
-testId=14410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2832]
-
-testId=30842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2833]
-
-testId=1130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2834]
-
-testId=17498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2835]
-
-testId=9290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2836]
-
-testId=25706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2837]
-
-testId=5210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2838]
-
-testId=21610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2839]
-
-testId=13434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2840]
-
-testId=29818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2841]
-
-testId=3146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2842]
-
-testId=19546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2843]
-
-testId=11338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2844]
-
-testId=27770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2845]
-
-testId=7274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2846]
-
-testId=23674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2847]
-
-testId=15466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2848]
-
-testId=31818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2849]
-
-testId=634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2850]
-
-testId=17018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2851]
-
-testId=8826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2852]
-
-testId=25210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2853]
-
-testId=4682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2854]
-
-testId=21114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2855]
-
-testId=12922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2856]
-
-testId=29258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2857]
-
-testId=2634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2858]
-
-testId=19050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2859]
-
-testId=10842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2860]
-
-testId=27226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2861]
-
-testId=6778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2862]
-
-testId=23162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2863]
-
-testId=14938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2864]
-
-testId=31306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2865]
-
-testId=1626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2866]
-
-testId=18026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2867]
-
-testId=9818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2868]
-
-testId=26234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2869]
-
-testId=5722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2870]
-
-testId=22090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2871]
-
-testId=13898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2872]
-
-testId=30298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2873]
-
-testId=3674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2874]
-
-testId=20042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2875]
-
-testId=11882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2876]
-
-testId=28282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2877]
-
-testId=7786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2878]
-
-testId=24170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2879]
-
-testId=15962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2880]
-
-testId=32346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2881]
-
-testId=378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2882]
-
-testId=16714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2883]
-
-testId=8570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2884]
-
-testId=24954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2885]
-
-testId=4426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2886]
-
-testId=20858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2887]
-
-testId=12666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2888]
-
-testId=29034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2889]
-
-testId=2410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2890]
-
-testId=18794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2891]
-
-testId=10602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2892]
-
-testId=27002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2893]
-
-testId=6522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2894]
-
-testId=22858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2895]
-
-testId=14714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2896]
-
-testId=31082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2897]
-
-testId=1354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2898]
-
-testId=17786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2899]
-
-testId=9546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2900]
-
-testId=25946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2901]
-
-testId=5466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2902]
-
-testId=21882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2903]
-
-testId=13658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2904]
-
-testId=30074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2905]
-
-testId=3434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2906]
-
-testId=19802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2907]
-
-testId=11642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2908]
-
-testId=28010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2909]
-
-testId=7530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2910]
-
-testId=23898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2911]
-
-testId=15706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2912]
-
-testId=32074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2913]
-
-testId=858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2914]
-
-testId=17258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2915]
-
-testId=9082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2916]
-
-testId=25466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2917]
-
-testId=4954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2918]
-
-testId=21338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2919]
-
-testId=13162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2920]
-
-testId=29546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2921]
-
-testId=2922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2922]
-
-testId=19322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2923]
-
-testId=11082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2924]
-
-testId=27514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2925]
-
-testId=7002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2926]
-
-testId=23370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2927]
-
-testId=15194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2928]
-
-testId=31594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2929]
-
-testId=1882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2930]
-
-testId=18266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2931]
-
-testId=10074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2932]
-
-testId=26474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2933]
-
-testId=5978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2934]
-
-testId=22362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2935]
-
-testId=14202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2936]
-
-testId=30586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2937]
-
-testId=3962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2938]
-
-testId=20330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2939]
-
-testId=12106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2940]
-
-testId=28506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2941]
-
-testId=8010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2942]
-
-testId=24426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2943]
-
-testId=16218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2944]
-
-testId=32634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2945]
-
-testId=234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2946]
-
-testId=16618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2947]
-
-testId=8442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2948]
-
-testId=24810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2949]
-
-testId=4346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2950]
-
-testId=20714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2951]
-
-testId=12538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2952]
-
-testId=28874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2953]
-
-testId=2298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2954]
-
-testId=18682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2955]
-
-testId=10442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2956]
-
-testId=26842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2957]
-
-testId=6394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2958]
-
-testId=22778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2959]
-
-testId=14554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2960]
-
-testId=30922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2961]
-
-testId=1226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2962]
-
-testId=17610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2963]
-
-testId=9466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2964]
-
-testId=25802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2965]
-
-testId=5370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2966]
-
-testId=21738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2967]
-
-testId=13562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2968]
-
-testId=29914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2969]
-
-testId=3274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2970]
-
-testId=19690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2971]
-
-testId=11514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2972]
-
-testId=27866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2973]
-
-testId=7386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2974]
-
-testId=23754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2975]
-
-testId=15578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2976]
-
-testId=31978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2977]
-
-testId=730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2978]
-
-testId=17114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2979]
-
-testId=8922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2980]
-
-testId=25290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2981]
-
-testId=4858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2982]
-
-testId=21226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2983]
-
-testId=13034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2984]
-
-testId=29418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2985]
-
-testId=2810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2986]
-
-testId=19194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2987]
-
-testId=10986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2988]
-
-testId=27370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2989]
-
-testId=6874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2990]
-
-testId=23242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2991]
-
-testId=15098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2992]
-
-testId=31466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2993]
-
-testId=1754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2994]
-
-testId=18122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2995]
-
-testId=9930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2996]
-
-testId=26346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2997]
-
-testId=5882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2998]
-
-testId=22234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2999]
-
-testId=14074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3000]
-
-testId=30426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3001]
-
-testId=3818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3002]
-
-testId=20186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3003]
-
-testId=11978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3004]
-
-testId=28410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3005]
-
-testId=7914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3006]
-
-testId=24298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3007]
-
-testId=16106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3008]
-
-testId=32506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3009]
-
-testId=490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3010]
-
-testId=16874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3011]
-
-testId=8698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3012]
-
-testId=25050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3013]
-
-testId=4602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3014]
-
-testId=20970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3015]
-
-testId=12778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3016]
-
-testId=29146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3017]
-
-testId=2538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3018]
-
-testId=18890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3019]
-
-testId=10730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3020]
-
-testId=27098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3021]
-
-testId=6618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3022]
-
-testId=22986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3023]
-
-testId=14794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3024]
-
-testId=31210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3025]
-
-testId=1514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3026]
-
-testId=17866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3027]
-
-testId=9706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3028]
-
-testId=26106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3029]
-
-testId=5578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3030]
-
-testId=21994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3031]
-
-testId=13802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3032]
-
-testId=30170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3033]
-
-testId=3530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3034]
-
-testId=19914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3035]
-
-testId=11770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3036]
-
-testId=28154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3037]
-
-testId=7674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3038]
-
-testId=24058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3039]
-
-testId=15834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3040]
-
-testId=32218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3041]
-
-testId=1018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3042]
-
-testId=17354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3043]
-
-testId=9210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3044]
-
-testId=25562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3045]
-
-testId=5098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3046]
-
-testId=21450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3047]
-
-testId=13274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3048]
-
-testId=29690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3049]
-
-testId=3034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3050]
-
-testId=19434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3051]
-
-testId=11226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3052]
-
-testId=27610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3053]
-
-testId=7162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3054]
-
-testId=23530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3055]
-
-testId=15306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3056]
-
-testId=31722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3057]
-
-testId=2042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3058]
-
-testId=18426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3059]
-
-testId=10202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3060]
-
-testId=26586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3061]
-
-testId=6106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3062]
-
-testId=22474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3063]
-
-testId=14330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3064]
-
-testId=30666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3065]
-
-testId=4074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3066]
-
-testId=20474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3067]
-
-testId=12250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3068]
-
-testId=28650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3069]
-
-testId=8170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3070]
-
-testId=24522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3071]
-
-testId=16362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3072]
-
-testId=32746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3073]
-
-testId=6
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3074]
-
-testId=16390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3075]
-
-testId=8246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3076]
-
-testId=24598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3077]
-
-testId=4134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3078]
-
-testId=20518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3079]
-
-testId=12294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3080]
-
-testId=28694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3081]
-
-testId=2054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3082]
-
-testId=18470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3083]
-
-testId=10262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3084]
-
-testId=26646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3085]
-
-testId=6182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3086]
-
-testId=22566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3087]
-
-testId=14358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3088]
-
-testId=30774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3089]
-
-testId=1078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3090]
-
-testId=17462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3091]
-
-testId=9222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3092]
-
-testId=25654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3093]
-
-testId=5126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3094]
-
-testId=21510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3095]
-
-testId=13318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3096]
-
-testId=29750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3097]
-
-testId=3126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3098]
-
-testId=19510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3099]
-
-testId=11270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3100]
-
-testId=27654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3101]
-
-testId=7174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3102]
-
-testId=23558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3103]
-
-testId=15414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3104]
-
-testId=31798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3105]
-
-testId=566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3106]
-
-testId=16902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3107]
-
-testId=8742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3108]
-
-testId=25094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3109]
-
-testId=4646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3110]
-
-testId=21014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3111]
-
-testId=12806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3112]
-
-testId=29238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3113]
-
-testId=2614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3114]
-
-testId=18950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3115]
-
-testId=10806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3116]
-
-testId=27174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3117]
-
-testId=6694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3118]
-
-testId=23078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3119]
-
-testId=14886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3120]
-
-testId=31286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3121]
-
-testId=1574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3122]
-
-testId=17926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3123]
-
-testId=9782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3124]
-
-testId=26134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3125]
-
-testId=5686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3126]
-
-testId=22070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3127]
-
-testId=13862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3128]
-
-testId=30262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3129]
-
-testId=3590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3130]
-
-testId=19974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3131]
-
-testId=11798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3132]
-
-testId=28214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3133]
-
-testId=7718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3134]
-
-testId=24118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3135]
-
-testId=15894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3136]
-
-testId=32262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3137]
-
-testId=262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3138]
-
-testId=16646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3139]
-
-testId=8486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3140]
-
-testId=24870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3141]
-
-testId=4406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3142]
-
-testId=20790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3143]
-
-testId=12550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3144]
-
-testId=28950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3145]
-
-testId=2358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3146]
-
-testId=18710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3147]
-
-testId=10550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3148]
-
-testId=26886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3149]
-
-testId=6422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3150]
-
-testId=22806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3151]
-
-testId=14630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3152]
-
-testId=30982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3153]
-
-testId=1318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3154]
-
-testId=17670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3155]
-
-testId=9526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3156]
-
-testId=25862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3157]
-
-testId=5382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3158]
-
-testId=21782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3159]
-
-testId=13622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3160]
-
-testId=29974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3161]
-
-testId=3382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3162]
-
-testId=19750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3163]
-
-testId=11558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3164]
-
-testId=27942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3165]
-
-testId=7462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3166]
-
-testId=23862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3167]
-
-testId=15622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3168]
-
-testId=32054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3169]
-
-testId=774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3170]
-
-testId=17174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3171]
-
-testId=9014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3172]
-
-testId=25350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3173]
-
-testId=4918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3174]
-
-testId=21254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3175]
-
-testId=13094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3176]
-
-testId=29494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3177]
-
-testId=2838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3178]
-
-testId=19238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3179]
-
-testId=11014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3180]
-
-testId=27430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3181]
-
-testId=6934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3182]
-
-testId=23302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3183]
-
-testId=15142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3184]
-
-testId=31542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3185]
-
-testId=1830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3186]
-
-testId=18182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3187]
-
-testId=9990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3188]
-
-testId=26374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3189]
-
-testId=5894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3190]
-
-testId=22310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3191]
-
-testId=14102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3192]
-
-testId=30486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3193]
-
-testId=3846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3194]
-
-testId=20230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3195]
-
-testId=12070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3196]
-
-testId=28422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3197]
-
-testId=7942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3198]
-
-testId=24358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3199]
-
-testId=16166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3200]
-
-testId=32534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3201]
-
-testId=166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3202]
-
-testId=16518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3203]
-
-testId=8358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3204]
-
-testId=24726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3205]
-
-testId=4262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3206]
-
-testId=20662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3207]
-
-testId=12454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3208]
-
-testId=28806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3209]
-
-testId=2182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3210]
-
-testId=18582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3211]
-
-testId=10374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3212]
-
-testId=26774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3213]
-
-testId=6278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3214]
-
-testId=22678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3215]
-
-testId=14486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3216]
-
-testId=30886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3217]
-
-testId=1174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3218]
-
-testId=17558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3219]
-
-testId=9350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3220]
-
-testId=25782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3221]
-
-testId=5302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3222]
-
-testId=21638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3223]
-
-testId=13478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3224]
-
-testId=29878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3225]
-
-testId=3206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3226]
-
-testId=19638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3227]
-
-testId=11414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3228]
-
-testId=27782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3229]
-
-testId=7318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3230]
-
-testId=23734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3231]
-
-testId=15510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3232]
-
-testId=31894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3233]
-
-testId=678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3234]
-
-testId=17046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3235]
-
-testId=8838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3236]
-
-testId=25270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3237]
-
-testId=4790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3238]
-
-testId=21126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3239]
-
-testId=12950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3240]
-
-testId=29366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3241]
-
-testId=2694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3242]
-
-testId=19110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3243]
-
-testId=10886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3244]
-
-testId=27286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3245]
-
-testId=6790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3246]
-
-testId=23190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3247]
-
-testId=14982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3248]
-
-testId=31414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3249]
-
-testId=1718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3250]
-
-testId=18102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3251]
-
-testId=9894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3252]
-
-testId=26278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3253]
-
-testId=5798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3254]
-
-testId=22198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3255]
-
-testId=14006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3256]
-
-testId=30342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3257]
-
-testId=3750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3258]
-
-testId=20102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3259]
-
-testId=11926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3260]
-
-testId=28326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3261]
-
-testId=7846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3262]
-
-testId=24214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3263]
-
-testId=16054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3264]
-
-testId=32422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3265]
-
-testId=406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3266]
-
-testId=16790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3267]
-
-testId=8598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3268]
-
-testId=24998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3269]
-
-testId=4502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3270]
-
-testId=20870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3271]
-
-testId=12678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3272]
-
-testId=29078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3273]
-
-testId=2454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3274]
-
-testId=18822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3275]
-
-testId=10662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3276]
-
-testId=27030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3277]
-
-testId=6566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3278]
-
-testId=22950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3279]
-
-testId=14774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3280]
-
-testId=31142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3281]
-
-testId=1446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3282]
-
-testId=17830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3283]
-
-testId=9654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3284]
-
-testId=26022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3285]
-
-testId=5526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3286]
-
-testId=21910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3287]
-
-testId=13702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3288]
-
-testId=30118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3289]
-
-testId=3510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3290]
-
-testId=19846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3291]
-
-testId=11702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3292]
-
-testId=28054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3293]
-
-testId=7606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3294]
-
-testId=23974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3295]
-
-testId=15766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3296]
-
-testId=32182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3297]
-
-testId=902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3298]
-
-testId=17286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3299]
-
-testId=9110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3300]
-
-testId=25526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3301]
-
-testId=5030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3302]
-
-testId=21414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3303]
-
-testId=13206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3304]
-
-testId=29606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3305]
-
-testId=2998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3306]
-
-testId=19382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3307]
-
-testId=11174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3308]
-
-testId=27558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3309]
-
-testId=7094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3310]
-
-testId=23462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3311]
-
-testId=15270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3312]
-
-testId=31670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3313]
-
-testId=1942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3314]
-
-testId=18310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3315]
-
-testId=10118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3316]
-
-testId=26502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3317]
-
-testId=6054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3318]
-
-testId=22422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3319]
-
-testId=14214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3320]
-
-testId=30614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3321]
-
-testId=4022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3322]
-
-testId=20358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3323]
-
-testId=12182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3324]
-
-testId=28566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3325]
-
-testId=8102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3326]
-
-testId=24454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3327]
-
-testId=16310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3328]
-
-testId=32678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3329]
-
-testId=70
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3330]
-
-testId=16454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3331]
-
-testId=8294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3332]
-
-testId=24678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3333]
-
-testId=4166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3334]
-
-testId=20598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3335]
-
-testId=12358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3336]
-
-testId=28742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3337]
-
-testId=2166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3338]
-
-testId=18534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3339]
-
-testId=10326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3340]
-
-testId=26726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3341]
-
-testId=6246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3342]
-
-testId=22630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3343]
-
-testId=14438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3344]
-
-testId=30806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3345]
-
-testId=1110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3346]
-
-testId=17494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3347]
-
-testId=9318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3348]
-
-testId=25670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3349]
-
-testId=5206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3350]
-
-testId=21590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3351]
-
-testId=13398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3352]
-
-testId=29766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3353]
-
-testId=3142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3354]
-
-testId=19526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3355]
-
-testId=11334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3356]
-
-testId=27718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3357]
-
-testId=7238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3358]
-
-testId=23638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3359]
-
-testId=15478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3360]
-
-testId=31830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3361]
-
-testId=582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3362]
-
-testId=16998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3363]
-
-testId=8790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3364]
-
-testId=25190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3365]
-
-testId=4710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3366]
-
-testId=21078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3367]
-
-testId=12918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3368]
-
-testId=29254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3369]
-
-testId=2678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3370]
-
-testId=19062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3371]
-
-testId=10822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3372]
-
-testId=27238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3373]
-
-testId=6742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3374]
-
-testId=23110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3375]
-
-testId=14966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3376]
-
-testId=31302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3377]
-
-testId=1654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3378]
-
-testId=18038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3379]
-
-testId=9830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3380]
-
-testId=26230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3381]
-
-testId=5718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3382]
-
-testId=22086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3383]
-
-testId=13926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3384]
-
-testId=30294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3385]
-
-testId=3702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3386]
-
-testId=20038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3387]
-
-testId=11894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3388]
-
-testId=28278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3389]
-
-testId=7798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3390]
-
-testId=24166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3391]
-
-testId=15974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3392]
-
-testId=32358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3393]
-
-testId=342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3394]
-
-testId=16710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3395]
-
-testId=8550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3396]
-
-testId=24934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3397]
-
-testId=4470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3398]
-
-testId=20822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3399]
-
-testId=12662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3400]
-
-testId=28998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3401]
-
-testId=2390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3402]
-
-testId=18790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3403]
-
-testId=10598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3404]
-
-testId=26966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3405]
-
-testId=6518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3406]
-
-testId=22854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3407]
-
-testId=14662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3408]
-
-testId=31094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3409]
-
-testId=1366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3410]
-
-testId=17766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3411]
-
-testId=9542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3412]
-
-testId=25926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3413]
-
-testId=5494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3414]
-
-testId=21878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3415]
-
-testId=13670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3416]
-
-testId=30022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3417]
-
-testId=3414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3418]
-
-testId=19830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3419]
-
-testId=11622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3420]
-
-testId=27974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3421]
-
-testId=7510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3422]
-
-testId=23878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3423]
-
-testId=15702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3424]
-
-testId=32118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3425]
-
-testId=854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3426]
-
-testId=17254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3427]
-
-testId=9030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3428]
-
-testId=25414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3429]
-
-testId=4950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3430]
-
-testId=21334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3431]
-
-testId=13142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3432]
-
-testId=29526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3433]
-
-testId=2934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3434]
-
-testId=19302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3435]
-
-testId=11094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3436]
-
-testId=27478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3437]
-
-testId=7014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3438]
-
-testId=23382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3439]
-
-testId=15190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3440]
-
-testId=31558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3441]
-
-testId=1910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3442]
-
-testId=18294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3443]
-
-testId=10102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3444]
-
-testId=26470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3445]
-
-testId=5958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3446]
-
-testId=22342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3447]
-
-testId=14166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3448]
-
-testId=30566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3449]
-
-testId=3926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3450]
-
-testId=20310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3451]
-
-testId=12150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3452]
-
-testId=28518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3453]
-
-testId=8022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3454]
-
-testId=24422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3455]
-
-testId=16198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3456]
-
-testId=32630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3457]
-
-testId=246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3458]
-
-testId=16598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3459]
-
-testId=8406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3460]
-
-testId=24806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3461]
-
-testId=4326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3462]
-
-testId=20694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3463]
-
-testId=12486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3464]
-
-testId=28870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3465]
-
-testId=2294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3466]
-
-testId=18662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3467]
-
-testId=10486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3468]
-
-testId=26822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3469]
-
-testId=6374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3470]
-
-testId=22726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3471]
-
-testId=14550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3472]
-
-testId=30934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3473]
-
-testId=1238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3474]
-
-testId=17606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3475]
-
-testId=9462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3476]
-
-testId=25830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3477]
-
-testId=5334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3478]
-
-testId=21718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3479]
-
-testId=13510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3480]
-
-testId=29910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3481]
-
-testId=3318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3482]
-
-testId=19670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3483]
-
-testId=11510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3484]
-
-testId=27846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3485]
-
-testId=7366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3486]
-
-testId=23782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3487]
-
-testId=15574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3488]
-
-testId=31990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3489]
-
-testId=726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3490]
-
-testId=17142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3491]
-
-testId=8934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3492]
-
-testId=25318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3493]
-
-testId=4838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3494]
-
-testId=21238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3495]
-
-testId=12998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3496]
-
-testId=29414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3497]
-
-testId=2806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3498]
-
-testId=19174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3499]
-
-testId=10966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3500]
-
-testId=27366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3501]
-
-testId=6854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3502]
-
-testId=23254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3503]
-
-testId=15062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3504]
-
-testId=31462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3505]
-
-testId=1750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3506]
-
-testId=18118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3507]
-
-testId=9974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3508]
-
-testId=26326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3509]
-
-testId=5830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3510]
-
-testId=22230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3511]
-
-testId=14038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3512]
-
-testId=30438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3513]
-
-testId=3782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3514]
-
-testId=20198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3515]
-
-testId=11974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3516]
-
-testId=28358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3517]
-
-testId=7894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3518]
-
-testId=24262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3519]
-
-testId=16118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3520]
-
-testId=32470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3521]
-
-testId=486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3522]
-
-testId=16854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3523]
-
-testId=8694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3524]
-
-testId=25030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3525]
-
-testId=4566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3526]
-
-testId=20950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3527]
-
-testId=12774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3528]
-
-testId=29126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3529]
-
-testId=2534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3530]
-
-testId=18918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3531]
-
-testId=10742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3532]
-
-testId=27110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3533]
-
-testId=6630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3534]
-
-testId=22998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3535]
-
-testId=14838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3536]
-
-testId=31190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3537]
-
-testId=1478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3538]
-
-testId=17894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3539]
-
-testId=9686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3540]
-
-testId=26086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3541]
-
-testId=5590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3542]
-
-testId=21974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3543]
-
-testId=13766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3544]
-
-testId=30182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3545]
-
-testId=3574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3546]
-
-testId=19910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3547]
-
-testId=11734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3548]
-
-testId=28118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3549]
-
-testId=7622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3550]
-
-testId=24022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3551]
-
-testId=15814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3552]
-
-testId=32230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3553]
-
-testId=982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3554]
-
-testId=17350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3555]
-
-testId=9190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3556]
-
-testId=25590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3557]
-
-testId=5078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3558]
-
-testId=21462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3559]
-
-testId=13286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3560]
-
-testId=29670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3561]
-
-testId=3030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3562]
-
-testId=19398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3563]
-
-testId=11222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3564]
-
-testId=27606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3565]
-
-testId=7126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3566]
-
-testId=23542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3567]
-
-testId=15302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3568]
-
-testId=31718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3569]
-
-testId=2038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3570]
-
-testId=18422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3571]
-
-testId=10214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3572]
-
-testId=26614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3573]
-
-testId=6102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3574]
-
-testId=22486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3575]
-
-testId=14326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3576]
-
-testId=30710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3577]
-
-testId=4086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3578]
-
-testId=20422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3579]
-
-testId=12278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3580]
-
-testId=28662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3581]
-
-testId=8166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3582]
-
-testId=24550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3583]
-
-testId=16374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3584]
-
-testId=32742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3585]
-
-testId=14
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3586]
-
-testId=16398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3587]
-
-testId=8238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3588]
-
-testId=24622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3589]
-
-testId=4158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3590]
-
-testId=20494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3591]
-
-testId=12302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3592]
-
-testId=28702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3593]
-
-testId=2110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3594]
-
-testId=18446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3595]
-
-testId=10286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3596]
-
-testId=26654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3597]
-
-testId=6206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3598]
-
-testId=22542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3599]
-
-testId=14398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3600]
-
-testId=30766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3601]
-
-testId=1054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3602]
-
-testId=17438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3603]
-
-testId=9262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3604]
-
-testId=25614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3605]
-
-testId=5182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3606]
-
-testId=21550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3607]
-
-testId=13358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3608]
-
-testId=29710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3609]
-
-testId=3118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3610]
-
-testId=19470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3611]
-
-testId=11294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3612]
-
-testId=27710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3613]
-
-testId=7198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3614]
-
-testId=23582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3615]
-
-testId=15374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3616]
-
-testId=31758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3617]
-
-testId=542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3618]
-
-testId=16926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3619]
-
-testId=8766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3620]
-
-testId=25150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3621]
-
-testId=4622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3622]
-
-testId=21006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3623]
-
-testId=12862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3624]
-
-testId=29230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3625]
-
-testId=2574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3626]
-
-testId=18990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3627]
-
-testId=10782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3628]
-
-testId=27166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3629]
-
-testId=6718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3630]
-
-testId=23070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3631]
-
-testId=14878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3632]
-
-testId=31246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3633]
-
-testId=1598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3634]
-
-testId=17966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3635]
-
-testId=9742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3636]
-
-testId=26126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3637]
-
-testId=5646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3638]
-
-testId=22078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3639]
-
-testId=13886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3640]
-
-testId=30254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3641]
-
-testId=3630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3642]
-
-testId=20030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3643]
-
-testId=11838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3644]
-
-testId=28222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3645]
-
-testId=7710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3646]
-
-testId=24078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3647]
-
-testId=15902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3648]
-
-testId=32270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3649]
-
-testId=302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3650]
-
-testId=16654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3651]
-
-testId=8462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3652]
-
-testId=24862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3653]
-
-testId=4366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3654]
-
-testId=20798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3655]
-
-testId=12606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3656]
-
-testId=28990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3657]
-
-testId=2334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3658]
-
-testId=18750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3659]
-
-testId=10542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3660]
-
-testId=26894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3661]
-
-testId=6430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3662]
-
-testId=22830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3663]
-
-testId=14654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3664]
-
-testId=30990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3665]
-
-testId=1342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3666]
-
-testId=17726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3667]
-
-testId=9518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3668]
-
-testId=25870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3669]
-
-testId=5406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3670]
-
-testId=21822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3671]
-
-testId=13598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3672]
-
-testId=29998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3673]
-
-testId=3342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3674]
-
-testId=19742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3675]
-
-testId=11566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3676]
-
-testId=27934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3677]
-
-testId=7454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3678]
-
-testId=23838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3679]
-
-testId=15678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3680]
-
-testId=32030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3681]
-
-testId=782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3682]
-
-testId=17166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3683]
-
-testId=9022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3684]
-
-testId=25374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3685]
-
-testId=4910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3686]
-
-testId=21310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3687]
-
-testId=13070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3688]
-
-testId=29454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3689]
-
-testId=2862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3690]
-
-testId=19262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3691]
-
-testId=11038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3692]
-
-testId=27406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3693]
-
-testId=6974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3694]
-
-testId=23358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3695]
-
-testId=15166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3696]
-
-testId=31502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3697]
-
-testId=1806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3698]
-
-testId=18222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3699]
-
-testId=10030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3700]
-
-testId=26430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3701]
-
-testId=5950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3702]
-
-testId=22318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3703]
-
-testId=14142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3704]
-
-testId=30526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3705]
-
-testId=3854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3706]
-
-testId=20286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3707]
-
-testId=12046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3708]
-
-testId=28446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3709]
-
-testId=7998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3710]
-
-testId=24382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3711]
-
-testId=16190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3712]
-
-testId=32558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3713]
-
-testId=174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3714]
-
-testId=16542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3715]
-
-testId=8382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3716]
-
-testId=24718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3717]
-
-testId=4238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3718]
-
-testId=20670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3719]
-
-testId=12430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3720]
-
-testId=28814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3721]
-
-testId=2190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3722]
-
-testId=18574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3723]
-
-testId=10414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3724]
-
-testId=26814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3725]
-
-testId=6318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3726]
-
-testId=22718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3727]
-
-testId=14478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3728]
-
-testId=30862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3729]
-
-testId=1214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3730]
-
-testId=17550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3731]
-
-testId=9358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3732]
-
-testId=25790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3733]
-
-testId=5294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3734]
-
-testId=21694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3735]
-
-testId=13502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3736]
-
-testId=29838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3737]
-
-testId=3262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3738]
-
-testId=19614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3739]
-
-testId=11422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3740]
-
-testId=27790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3741]
-
-testId=7358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3742]
-
-testId=23694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3743]
-
-testId=15502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3744]
-
-testId=31934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3745]
-
-testId=654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3746]
-
-testId=17038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3747]
-
-testId=8862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3748]
-
-testId=25230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3749]
-
-testId=4766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3750]
-
-testId=21182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3751]
-
-testId=12942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3752]
-
-testId=29374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3753]
-
-testId=2734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3754]
-
-testId=19134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3755]
-
-testId=10894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3756]
-
-testId=27278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3757]
-
-testId=6846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3758]
-
-testId=23198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3759]
-
-testId=15006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3760]
-
-testId=31406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3761]
-
-testId=1694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3762]
-
-testId=18110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3763]
-
-testId=9902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3764]
-
-testId=26302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3765]
-
-testId=5790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3766]
-
-testId=22174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3767]
-
-testId=13982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3768]
-
-testId=30366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3769]
-
-testId=3726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3770]
-
-testId=20110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3771]
-
-testId=11950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3772]
-
-testId=28318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3773]
-
-testId=7870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3774]
-
-testId=24254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3775]
-
-testId=16014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3776]
-
-testId=32446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3777]
-
-testId=430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3778]
-
-testId=16798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3779]
-
-testId=8638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3780]
-
-testId=25006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3781]
-
-testId=4526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3782]
-
-testId=20894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3783]
-
-testId=12734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3784]
-
-testId=29102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3785]
-
-testId=2462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3786]
-
-testId=18830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3787]
-
-testId=10654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3788]
-
-testId=27038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3789]
-
-testId=6590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3790]
-
-testId=22926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3791]
-
-testId=14782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3792]
-
-testId=31118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3793]
-
-testId=1454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3794]
-
-testId=17838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3795]
-
-testId=9614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3796]
-
-testId=26046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3797]
-
-testId=5550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3798]
-
-testId=21902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3799]
-
-testId=13742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3800]
-
-testId=30110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3801]
-
-testId=3486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3802]
-
-testId=19854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3803]
-
-testId=11662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3804]
-
-testId=28094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3805]
-
-testId=7598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3806]
-
-testId=23950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3807]
-
-testId=15774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3808]
-
-testId=32174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3809]
-
-testId=926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3810]
-
-testId=17326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3811]
-
-testId=9134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3812]
-
-testId=25486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3813]
-
-testId=5054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3814]
-
-testId=21406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3815]
-
-testId=13246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3816]
-
-testId=29630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3817]
-
-testId=2974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3818]
-
-testId=19390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3819]
-
-testId=11182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3820]
-
-testId=27582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3821]
-
-testId=7086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3822]
-
-testId=23470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3823]
-
-testId=15294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3824]
-
-testId=31630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3825]
-
-testId=1950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3826]
-
-testId=18366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3827]
-
-testId=10126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3828]
-
-testId=26542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3829]
-
-testId=6078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3830]
-
-testId=22446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3831]
-
-testId=14238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3832]
-
-testId=30638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3833]
-
-testId=4030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3834]
-
-testId=20414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3835]
-
-testId=12174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3836]
-
-testId=28606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3837]
-
-testId=8126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3838]
-
-testId=24494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3839]
-
-testId=16318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3840]
-
-testId=32686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3841]
-
-testId=126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3842]
-
-testId=16510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3843]
-
-testId=8270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3844]
-
-testId=24702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3845]
-
-testId=4174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3846]
-
-testId=20558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3847]
-
-testId=12366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3848]
-
-testId=28798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3849]
-
-testId=2142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3850]
-
-testId=18526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3851]
-
-testId=10366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3852]
-
-testId=26718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3853]
-
-testId=6254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3854]
-
-testId=22638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3855]
-
-testId=14462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3856]
-
-testId=30798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3857]
-
-testId=1134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3858]
-
-testId=17534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3859]
-
-testId=9310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3860]
-
-testId=25710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3861]
-
-testId=5230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3862]
-
-testId=21630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3863]
-
-testId=13406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3864]
-
-testId=29806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3865]
-
-testId=3166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3866]
-
-testId=19582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3867]
-
-testId=11390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3868]
-
-testId=27758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3869]
-
-testId=7278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3870]
-
-testId=23646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3871]
-
-testId=15454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3872]
-
-testId=31870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3873]
-
-testId=606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3874]
-
-testId=17022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3875]
-
-testId=8814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3876]
-
-testId=25214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3877]
-
-testId=4734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3878]
-
-testId=21070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3879]
-
-testId=12894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3880]
-
-testId=29262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3881]
-
-testId=2638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3882]
-
-testId=19070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3883]
-
-testId=10862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3884]
-
-testId=27230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3885]
-
-testId=6750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3886]
-
-testId=23118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3887]
-
-testId=14958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3888]
-
-testId=31326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3889]
-
-testId=1630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3890]
-
-testId=17998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3891]
-
-testId=9838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3892]
-
-testId=26222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3893]
-
-testId=5726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3894]
-
-testId=22142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3895]
-
-testId=13902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3896]
-
-testId=30318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3897]
-
-testId=3678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3898]
-
-testId=20062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3899]
-
-testId=11870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3900]
-
-testId=28254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3901]
-
-testId=7790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3902]
-
-testId=24158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3903]
-
-testId=15982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3904]
-
-testId=32366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3905]
-
-testId=350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3906]
-
-testId=16718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3907]
-
-testId=8558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3908]
-
-testId=24958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3909]
-
-testId=4430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3910]
-
-testId=20830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3911]
-
-testId=12654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3912]
-
-testId=29006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3913]
-
-testId=2382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3914]
-
-testId=18814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3915]
-
-testId=10622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3916]
-
-testId=26990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3917]
-
-testId=6494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3918]
-
-testId=22894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3919]
-
-testId=14686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3920]
-
-testId=31102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3921]
-
-testId=1358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3922]
-
-testId=17790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3923]
-
-testId=9566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3924]
-
-testId=25934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3925]
-
-testId=5454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3926]
-
-testId=21886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3927]
-
-testId=13694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3928]
-
-testId=30062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3929]
-
-testId=3406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3930]
-
-testId=19838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3931]
-
-testId=11646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3932]
-
-testId=27998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3933]
-
-testId=7534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3934]
-
-testId=23886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3935]
-
-testId=15742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3936]
-
-testId=32094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3937]
-
-testId=862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3938]
-
-testId=17262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3939]
-
-testId=9086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3940]
-
-testId=25422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3941]
-
-testId=4958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3942]
-
-testId=21358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3943]
-
-testId=13134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3944]
-
-testId=29550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3945]
-
-testId=2910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3946]
-
-testId=19294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3947]
-
-testId=11118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3948]
-
-testId=27518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3949]
-
-testId=6990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3950]
-
-testId=23390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3951]
-
-testId=15182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3952]
-
-testId=31566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3953]
-
-testId=1902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3954]
-
-testId=18270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3955]
-
-testId=10078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3956]
-
-testId=26478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3957]
-
-testId=5982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3958]
-
-testId=22366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3959]
-
-testId=14206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3960]
-
-testId=30590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3961]
-
-testId=3934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3962]
-
-testId=20350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3963]
-
-testId=12158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3964]
-
-testId=28542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3965]
-
-testId=8062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3966]
-
-testId=24414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3967]
-
-testId=16222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3968]
-
-testId=32622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3969]
-
-testId=222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3970]
-
-testId=16622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3971]
-
-testId=8430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3972]
-
-testId=24782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3973]
-
-testId=4318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3974]
-
-testId=20718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3975]
-
-testId=12526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3976]
-
-testId=28878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3977]
-
-testId=2302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3978]
-
-testId=18654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3979]
-
-testId=10494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3980]
-
-testId=26846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3981]
-
-testId=6382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3982]
-
-testId=22750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3983]
-
-testId=14542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3984]
-
-testId=30926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3985]
-
-testId=1278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3986]
-
-testId=17662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3987]
-
-testId=9454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3988]
-
-testId=25854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3989]
-
-testId=5374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3990]
-
-testId=21726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3991]
-
-testId=13518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3992]
-
-testId=29902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3993]
-
-testId=3294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3994]
-
-testId=19662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3995]
-
-testId=11502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3996]
-
-testId=27870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3997]
-
-testId=7390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3998]
-
-testId=23790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3999]
-
-testId=15582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4000]
-
-testId=31966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4001]
-
-testId=750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4002]
-
-testId=17150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4003]
-
-testId=8910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4004]
-
-testId=25310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4005]
-
-testId=4830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4006]
-
-testId=21230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4007]
-
-testId=13022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4008]
-
-testId=29390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4009]
-
-testId=2766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4010]
-
-testId=19166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4011]
-
-testId=10974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4012]
-
-testId=27390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4013]
-
-testId=6878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4014]
-
-testId=23246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4015]
-
-testId=15054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4016]
-
-testId=31438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4017]
-
-testId=1758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4018]
-
-testId=18174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4019]
-
-testId=9982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4020]
-
-testId=26366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4021]
-
-testId=5870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4022]
-
-testId=22222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4023]
-
-testId=14078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4024]
-
-testId=30446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4025]
-
-testId=3822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4026]
-
-testId=20206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4027]
-
-testId=12014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4028]
-
-testId=28366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4029]
-
-testId=7918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4030]
-
-testId=24270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4031]
-
-testId=16126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4032]
-
-testId=32510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4033]
-
-testId=462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4034]
-
-testId=16846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4035]
-
-testId=8654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4036]
-
-testId=25054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4037]
-
-testId=4574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4038]
-
-testId=20974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4039]
-
-testId=12766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4040]
-
-testId=29166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4041]
-
-testId=2558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4042]
-
-testId=18926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4043]
-
-testId=10702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4044]
-
-testId=27086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4045]
-
-testId=6606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4046]
-
-testId=23038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4047]
-
-testId=14846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4048]
-
-testId=31182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4049]
-
-testId=1534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4050]
-
-testId=17902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4051]
-
-testId=9726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4052]
-
-testId=26094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4053]
-
-testId=5614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4054]
-
-testId=21998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4055]
-
-testId=13774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4056]
-
-testId=30206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4057]
-
-testId=3550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4058]
-
-testId=19934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4059]
-
-testId=11726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4060]
-
-testId=28110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4061]
-
-testId=7646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4062]
-
-testId=24014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4063]
-
-testId=15870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4064]
-
-testId=32222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4065]
-
-testId=974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4066]
-
-testId=17358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4067]
-
-testId=9198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4068]
-
-testId=25550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4069]
-
-testId=5118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4070]
-
-testId=21502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4071]
-
-testId=13310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4072]
-
-testId=29662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4073]
-
-testId=3054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4074]
-
-testId=19438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4075]
-
-testId=11262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4076]
-
-testId=27598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4077]
-
-testId=7134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4078]
-
-testId=23502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4079]
-
-testId=15310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4080]
-
-testId=31726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4081]
-
-testId=2014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4082]
-
-testId=18430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4083]
-
-testId=10222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4084]
-
-testId=26574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4085]
-
-testId=6110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4086]
-
-testId=22526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4087]
-
-testId=14286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4088]
-
-testId=30670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4089]
-
-testId=4094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4090]
-
-testId=20446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4091]
-
-testId=12270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4092]
-
-testId=28670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4093]
-
-testId=8190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4094]
-
-testId=24526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4095]
-
-testId=16350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4096]
-
-testId=32718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4097]
-
-testId=33
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4098]
-
-testId=16433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4099]
-
-testId=8193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4100]
-
-testId=24609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4101]
-
-testId=4113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4102]
-
-testId=20513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4103]
-
-testId=12321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4104]
-
-testId=28673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4105]
-
-testId=2049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4106]
-
-testId=18449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4107]
-
-testId=10289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4108]
-
-testId=26625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4109]
-
-testId=6145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4110]
-
-testId=22529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4111]
-
-testId=14353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4112]
-
-testId=30753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4113]
-
-testId=1073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4114]
-
-testId=17441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4115]
-
-testId=9233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4116]
-
-testId=25601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4117]
-
-testId=5169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4118]
-
-testId=21537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4119]
-
-testId=13313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4120]
-
-testId=29745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4121]
-
-testId=3121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4122]
-
-testId=19473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4123]
-
-testId=11281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4124]
-
-testId=27649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4125]
-
-testId=7169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4126]
-
-testId=23553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4127]
-
-testId=15409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4128]
-
-testId=31793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4129]
-
-testId=513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4130]
-
-testId=16897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4131]
-
-testId=8705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4132]
-
-testId=25105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4133]
-
-testId=4609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4134]
-
-testId=21041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4135]
-
-testId=12833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4136]
-
-testId=29185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4137]
-
-testId=2561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4138]
-
-testId=18961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4139]
-
-testId=10785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4140]
-
-testId=27169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4141]
-
-testId=6657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4142]
-
-testId=23089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4143]
-
-testId=14881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4144]
-
-testId=31249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4145]
-
-testId=1569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4146]
-
-testId=17921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4147]
-
-testId=9745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4148]
-
-testId=26145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4149]
-
-testId=5681
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4150]
-
-testId=22017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4151]
-
-testId=13841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4152]
-
-testId=30209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4153]
-
-testId=3585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4154]
-
-testId=19969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4155]
-
-testId=11825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4156]
-
-testId=28193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4157]
-
-testId=7713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4158]
-
-testId=24113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4159]
-
-testId=15921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4160]
-
-testId=32257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4161]
-
-testId=289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4162]
-
-testId=16689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4163]
-
-testId=8481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4164]
-
-testId=24865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4165]
-
-testId=4401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4166]
-
-testId=20753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4167]
-
-testId=12561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4168]
-
-testId=28945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4169]
-
-testId=2321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4170]
-
-testId=18705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4171]
-
-testId=10513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4172]
-
-testId=26929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4173]
-
-testId=6449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4174]
-
-testId=22785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4175]
-
-testId=14609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4176]
-
-testId=30993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4177]
-
-testId=1329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4178]
-
-testId=17713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4179]
-
-testId=9489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4180]
-
-testId=25905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4181]
-
-testId=5425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4182]
-
-testId=21777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4183]
-
-testId=13617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4184]
-
-testId=29985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4185]
-
-testId=3329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4186]
-
-testId=19745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4187]
-
-testId=11553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4188]
-
-testId=27937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4189]
-
-testId=7425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4190]
-
-testId=23841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4191]
-
-testId=15617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4192]
-
-testId=32001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4193]
-
-testId=785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4194]
-
-testId=17201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4195]
-
-testId=8993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4196]
-
-testId=25345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4197]
-
-testId=4881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4198]
-
-testId=21297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4199]
-
-testId=13073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4200]
-
-testId=29473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4201]
-
-testId=2849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4202]
-
-testId=19249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4203]
-
-testId=11009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4204]
-
-testId=27425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4205]
-
-testId=6945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4206]
-
-testId=23313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4207]
-
-testId=15105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4208]
-
-testId=31489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4209]
-
-testId=1793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4210]
-
-testId=18177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4211]
-
-testId=10017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4212]
-
-testId=26401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4213]
-
-testId=5905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4214]
-
-testId=22273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4215]
-
-testId=14129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4216]
-
-testId=30497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4217]
-
-testId=3857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4218]
-
-testId=20241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4219]
-
-testId=12065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4220]
-
-testId=28417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4221]
-
-testId=7937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4222]
-
-testId=24337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4223]
-
-testId=16177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4224]
-
-testId=32545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4225]
-
-testId=177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4226]
-
-testId=16545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4227]
-
-testId=8337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4228]
-
-testId=24705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4229]
-
-testId=4225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4230]
-
-testId=20609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4231]
-
-testId=12449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4232]
-
-testId=28817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4233]
-
-testId=2209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4234]
-
-testId=18577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4235]
-
-testId=10401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4236]
-
-testId=26753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4237]
-
-testId=6321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4238]
-
-testId=22689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4239]
-
-testId=14497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4240]
-
-testId=30897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4241]
-
-testId=1153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4242]
-
-testId=17569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4243]
-
-testId=9377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4244]
-
-testId=25729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4245]
-
-testId=5265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4246]
-
-testId=21633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4247]
-
-testId=13441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4248]
-
-testId=29841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4249]
-
-testId=3233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4250]
-
-testId=19633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4251]
-
-testId=11441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4252]
-
-testId=27825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4253]
-
-testId=7297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4254]
-
-testId=23729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4255]
-
-testId=15537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4256]
-
-testId=31889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4257]
-
-testId=657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4258]
-
-testId=17041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4259]
-
-testId=8881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4260]
-
-testId=25249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4261]
-
-testId=4785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4262]
-
-testId=21153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4263]
-
-testId=12945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4264]
-
-testId=29313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4265]
-
-testId=2689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4266]
-
-testId=19089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4267]
-
-testId=10881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4268]
-
-testId=27313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4269]
-
-testId=6817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4270]
-
-testId=23201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4271]
-
-testId=15025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4272]
-
-testId=31377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4273]
-
-testId=1665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4274]
-
-testId=18065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4275]
-
-testId=9905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4276]
-
-testId=26241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4277]
-
-testId=5761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4278]
-
-testId=22145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4279]
-
-testId=13985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4280]
-
-testId=30337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4281]
-
-testId=3713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4282]
-
-testId=20097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4283]
-
-testId=11905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4284]
-
-testId=28289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4285]
-
-testId=7809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4286]
-
-testId=24193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4287]
-
-testId=16049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4288]
-
-testId=32401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4289]
-
-testId=417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4290]
-
-testId=16769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4291]
-
-testId=8593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4292]
-
-testId=25009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4293]
-
-testId=4481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4294]
-
-testId=20897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4295]
-
-testId=12721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4296]
-
-testId=29073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4297]
-
-testId=2449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4298]
-
-testId=18849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4299]
-
-testId=10641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4300]
-
-testId=27057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4301]
-
-testId=6545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4302]
-
-testId=22961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4303]
-
-testId=14721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4304]
-
-testId=31137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4305]
-
-testId=1441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4306]
-
-testId=17841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4307]
-
-testId=9617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4308]
-
-testId=26001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4309]
-
-testId=5505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4310]
-
-testId=21889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4311]
-
-testId=13697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4312]
-
-testId=30113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4313]
-
-testId=3473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4314]
-
-testId=19889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4315]
-
-testId=11665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4316]
-
-testId=28033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4317]
-
-testId=7553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4318]
-
-testId=23985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4319]
-
-testId=15761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4320]
-
-testId=32177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4321]
-
-testId=913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4322]
-
-testId=17329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4323]
-
-testId=9105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4324]
-
-testId=25489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4325]
-
-testId=5009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4326]
-
-testId=21377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4327]
-
-testId=13185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4328]
-
-testId=29617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4329]
-
-testId=2993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4330]
-
-testId=19329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4331]
-
-testId=11169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4332]
-
-testId=27553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4333]
-
-testId=7041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4334]
-
-testId=23457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4335]
-
-testId=15233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4336]
-
-testId=31633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4337]
-
-testId=1969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4338]
-
-testId=18305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4339]
-
-testId=10129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4340]
-
-testId=26513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4341]
-
-testId=6065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4342]
-
-testId=22433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4343]
-
-testId=14209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4344]
-
-testId=30625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4345]
-
-testId=4001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4346]
-
-testId=20385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4347]
-
-testId=12161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4348]
-
-testId=28593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4349]
-
-testId=8113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4350]
-
-testId=24465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4351]
-
-testId=16257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4352]
-
-testId=32641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4353]
-
-testId=113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4354]
-
-testId=16481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4355]
-
-testId=8289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4356]
-
-testId=24673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4357]
-
-testId=4177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4358]
-
-testId=20577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4359]
-
-testId=12385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4360]
-
-testId=28753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4361]
-
-testId=2129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4362]
-
-testId=18529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4363]
-
-testId=10353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4364]
-
-testId=26737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4365]
-
-testId=6225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4366]
-
-testId=22641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4367]
-
-testId=14401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4368]
-
-testId=30833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4369]
-
-testId=1137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4370]
-
-testId=17521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4371]
-
-testId=9329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4372]
-
-testId=25713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4373]
-
-testId=5201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4374]
-
-testId=21617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4375]
-
-testId=13409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4376]
-
-testId=29761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4377]
-
-testId=3137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4378]
-
-testId=19537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4379]
-
-testId=11361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4380]
-
-testId=27729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4381]
-
-testId=7249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4382]
-
-testId=23665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4383]
-
-testId=15457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4384]
-
-testId=31809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4385]
-
-testId=609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4386]
-
-testId=17009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4387]
-
-testId=8801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4388]
-
-testId=25169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4389]
-
-testId=4705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4390]
-
-testId=21089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4391]
-
-testId=12897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4392]
-
-testId=29297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4393]
-
-testId=2673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4394]
-
-testId=19057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4395]
-
-testId=10865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4396]
-
-testId=27249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4397]
-
-testId=6769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4398]
-
-testId=23153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4399]
-
-testId=14913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4400]
-
-testId=31297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4401]
-
-testId=1633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4402]
-
-testId=18017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4403]
-
-testId=9825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4404]
-
-testId=26177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4405]
-
-testId=5713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4406]
-
-testId=22129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4407]
-
-testId=13905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4408]
-
-testId=30321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4409]
-
-testId=3665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4410]
-
-testId=20033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4411]
-
-testId=11857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4412]
-
-testId=28273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4413]
-
-testId=7777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4414]
-
-testId=24129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4415]
-
-testId=15969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4416]
-
-testId=32337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4417]
-
-testId=369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4418]
-
-testId=16721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4419]
-
-testId=8561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4420]
-
-testId=24897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4421]
-
-testId=4449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4422]
-
-testId=20833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4423]
-
-testId=12609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4424]
-
-testId=29041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4425]
-
-testId=2417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4426]
-
-testId=18769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4427]
-
-testId=10593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4428]
-
-testId=26961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4429]
-
-testId=6497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4430]
-
-testId=22865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4431]
-
-testId=14705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4432]
-
-testId=31089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4433]
-
-testId=1393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4434]
-
-testId=17777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4435]
-
-testId=9569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4436]
-
-testId=25969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4437]
-
-testId=5473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4438]
-
-testId=21841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4439]
-
-testId=13633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4440]
-
-testId=30033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4441]
-
-testId=3409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4442]
-
-testId=19793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4443]
-
-testId=11617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4444]
-
-testId=28017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4445]
-
-testId=7521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4446]
-
-testId=23905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4447]
-
-testId=15729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4448]
-
-testId=32097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4449]
-
-testId=865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4450]
-
-testId=17265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4451]
-
-testId=9073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4452]
-
-testId=25441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4453]
-
-testId=4977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4454]
-
-testId=21361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4455]
-
-testId=13121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4456]
-
-testId=29553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4457]
-
-testId=2929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4458]
-
-testId=19313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4459]
-
-testId=11089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4460]
-
-testId=27457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4461]
-
-testId=7025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4462]
-
-testId=23393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4463]
-
-testId=15217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4464]
-
-testId=31601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4465]
-
-testId=1889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4466]
-
-testId=18289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4467]
-
-testId=10049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4468]
-
-testId=26433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4469]
-
-testId=5969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4470]
-
-testId=22337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4471]
-
-testId=14145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4472]
-
-testId=30561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4473]
-
-testId=3937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4474]
-
-testId=20321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4475]
-
-testId=12113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4476]
-
-testId=28529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4477]
-
-testId=8033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4478]
-
-testId=24385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4479]
-
-testId=16241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4480]
-
-testId=32577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4481]
-
-testId=209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4482]
-
-testId=16577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4483]
-
-testId=8401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4484]
-
-testId=24801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4485]
-
-testId=4289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4486]
-
-testId=20705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4487]
-
-testId=12481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4488]
-
-testId=28865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4489]
-
-testId=2257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4490]
-
-testId=18641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4491]
-
-testId=10449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4492]
-
-testId=26817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4493]
-
-testId=6385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4494]
-
-testId=22737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4495]
-
-testId=14545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4496]
-
-testId=30929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4497]
-
-testId=1265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4498]
-
-testId=17617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4499]
-
-testId=9425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4500]
-
-testId=25793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4501]
-
-testId=5345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4502]
-
-testId=21713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4503]
-
-testId=13537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4504]
-
-testId=29937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4505]
-
-testId=3297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4506]
-
-testId=19697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4507]
-
-testId=11473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4508]
-
-testId=27873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4509]
-
-testId=7361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4510]
-
-testId=23777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4511]
-
-testId=15601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4512]
-
-testId=31953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4513]
-
-testId=753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4514]
-
-testId=17105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4515]
-
-testId=8945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4516]
-
-testId=25313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4517]
-
-testId=4833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4518]
-
-testId=21201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4519]
-
-testId=13025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4520]
-
-testId=29425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4521]
-
-testId=2769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4522]
-
-testId=19169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4523]
-
-testId=10977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4524]
-
-testId=27361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4525]
-
-testId=6865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4526]
-
-testId=23249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4527]
-
-testId=15089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4528]
-
-testId=31425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4529]
-
-testId=1745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4530]
-
-testId=18161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4531]
-
-testId=9921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4532]
-
-testId=26353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4533]
-
-testId=5841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4534]
-
-testId=22209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4535]
-
-testId=14049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4536]
-
-testId=30401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4537]
-
-testId=3825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4538]
-
-testId=20193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4539]
-
-testId=11969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4540]
-
-testId=28385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4541]
-
-testId=7873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4542]
-
-testId=24257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4543]
-
-testId=16081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4544]
-
-testId=32481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4545]
-
-testId=449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4546]
-
-testId=16865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4547]
-
-testId=8689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4548]
-
-testId=25073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4549]
-
-testId=4577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4550]
-
-testId=20945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4551]
-
-testId=12753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4552]
-
-testId=29121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4553]
-
-testId=2497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4554]
-
-testId=18929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4555]
-
-testId=10705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4556]
-
-testId=27105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4557]
-
-testId=6609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4558]
-
-testId=22977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4559]
-
-testId=14801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4560]
-
-testId=31185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4561]
-
-testId=1473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4562]
-
-testId=17857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4563]
-
-testId=9665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4564]
-
-testId=26065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4565]
-
-testId=5601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4566]
-
-testId=22001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4567]
-
-testId=13793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4568]
-
-testId=30145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4569]
-
-testId=3553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4570]
-
-testId=19905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4571]
-
-testId=11745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4572]
-
-testId=28097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4573]
-
-testId=7649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4574]
-
-testId=24017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4575]
-
-testId=15841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4576]
-
-testId=32225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4577]
-
-testId=961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4578]
-
-testId=17377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4579]
-
-testId=9185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4580]
-
-testId=25537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4581]
-
-testId=5057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4582]
-
-testId=21441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4583]
-
-testId=13281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4584]
-
-testId=29649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4585]
-
-testId=3041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4586]
-
-testId=19409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4587]
-
-testId=11249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4588]
-
-testId=27585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4589]
-
-testId=7105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4590]
-
-testId=23505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4591]
-
-testId=15329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4592]
-
-testId=31729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4593]
-
-testId=1985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4594]
-
-testId=18385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4595]
-
-testId=10177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4596]
-
-testId=26561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4597]
-
-testId=6097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4598]
-
-testId=22497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4599]
-
-testId=14321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4600]
-
-testId=30689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4601]
-
-testId=4065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4602]
-
-testId=20449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4603]
-
-testId=12225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4604]
-
-testId=28625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4605]
-
-testId=8129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4606]
-
-testId=24513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4607]
-
-testId=16321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4608]
-
-testId=32737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4609]
-
-testId=9
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4610]
-
-testId=16425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4611]
-
-testId=8233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4612]
-
-testId=24617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4613]
-
-testId=4121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4614]
-
-testId=20489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4615]
-
-testId=12329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4616]
-
-testId=28729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4617]
-
-testId=2057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4618]
-
-testId=18441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4619]
-
-testId=10249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4620]
-
-testId=26665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4621]
-
-testId=6153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4622]
-
-testId=22569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4623]
-
-testId=14393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4624]
-
-testId=30761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4625]
-
-testId=1049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4626]
-
-testId=17465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4627]
-
-testId=9257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4628]
-
-testId=25641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4629]
-
-testId=5145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4630]
-
-testId=21529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4631]
-
-testId=13369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4632]
-
-testId=29753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4633]
-
-testId=3113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4634]
-
-testId=19513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4635]
-
-testId=11273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4636]
-
-testId=27689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4637]
-
-testId=7177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4638]
-
-testId=23577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4639]
-
-testId=15417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4640]
-
-testId=31785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4641]
-
-testId=521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4642]
-
-testId=16953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4643]
-
-testId=8761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4644]
-
-testId=25113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4645]
-
-testId=4665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4646]
-
-testId=21001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4647]
-
-testId=12825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4648]
-
-testId=29225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4649]
-
-testId=2601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4650]
-
-testId=18953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4651]
-
-testId=10809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4652]
-
-testId=27193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4653]
-
-testId=6665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4654]
-
-testId=23081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4655]
-
-testId=14889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4656]
-
-testId=31273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4657]
-
-testId=1545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4658]
-
-testId=17961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4659]
-
-testId=9753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4660]
-
-testId=26153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4661]
-
-testId=5657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4662]
-
-testId=22073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4663]
-
-testId=13865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4664]
-
-testId=30217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4665]
-
-testId=3593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4666]
-
-testId=19977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4667]
-
-testId=11801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4668]
-
-testId=28217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4669]
-
-testId=7737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4670]
-
-testId=24121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4671]
-
-testId=15881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4672]
-
-testId=32313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4673]
-
-testId=265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4674]
-
-testId=16649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4675]
-
-testId=8505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4676]
-
-testId=24857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4677]
-
-testId=4409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4678]
-
-testId=20793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4679]
-
-testId=12569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4680]
-
-testId=28969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4681]
-
-testId=2361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4682]
-
-testId=18729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4683]
-
-testId=10505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4684]
-
-testId=26889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4685]
-
-testId=6441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4686]
-
-testId=22793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4687]
-
-testId=14601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4688]
-
-testId=31017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4689]
-
-testId=1289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4690]
-
-testId=17689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4691]
-
-testId=9481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4692]
-
-testId=25865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4693]
-
-testId=5433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4694]
-
-testId=21817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4695]
-
-testId=13625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4696]
-
-testId=30009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4697]
-
-testId=3353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4698]
-
-testId=19737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4699]
-
-testId=11577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4700]
-
-testId=27961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4701]
-
-testId=7465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4702]
-
-testId=23849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4703]
-
-testId=15625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4704]
-
-testId=32009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4705]
-
-testId=777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4706]
-
-testId=17161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4707]
-
-testId=9017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4708]
-
-testId=25401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4709]
-
-testId=4889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4710]
-
-testId=21273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4711]
-
-testId=13065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4712]
-
-testId=29449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4713]
-
-testId=2873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4714]
-
-testId=19241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4715]
-
-testId=11033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4716]
-
-testId=27417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4717]
-
-testId=6921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4718]
-
-testId=23305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4719]
-
-testId=15113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4720]
-
-testId=31497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4721]
-
-testId=1817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4722]
-
-testId=18201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4723]
-
-testId=10025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4724]
-
-testId=26393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4725]
-
-testId=5945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4726]
-
-testId=22313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4727]
-
-testId=14137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4728]
-
-testId=30505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4729]
-
-testId=3865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4730]
-
-testId=20249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4731]
-
-testId=12041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4732]
-
-testId=28473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4733]
-
-testId=7961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4734]
-
-testId=24345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4735]
-
-testId=16169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4736]
-
-testId=32553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4737]
-
-testId=137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4738]
-
-testId=16521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4739]
-
-testId=8329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4740]
-
-testId=24745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4741]
-
-testId=4249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4742]
-
-testId=20649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4743]
-
-testId=12425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4744]
-
-testId=28841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4745]
-
-testId=2185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4746]
-
-testId=18569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4747]
-
-testId=10393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4748]
-
-testId=26793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4749]
-
-testId=6313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4750]
-
-testId=22713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4751]
-
-testId=14521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4752]
-
-testId=30857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4753]
-
-testId=1193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4754]
-
-testId=17577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4755]
-
-testId=9385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4756]
-
-testId=25753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4757]
-
-testId=5289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4758]
-
-testId=21689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4759]
-
-testId=13449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4760]
-
-testId=29849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4761]
-
-testId=3257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4762]
-
-testId=19641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4763]
-
-testId=11401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4764]
-
-testId=27833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4765]
-
-testId=7305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4766]
-
-testId=23689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4767]
-
-testId=15497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4768]
-
-testId=31897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4769]
-
-testId=697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4770]
-
-testId=17033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4771]
-
-testId=8857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4772]
-
-testId=25257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4773]
-
-testId=4777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4774]
-
-testId=21129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4775]
-
-testId=12937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4776]
-
-testId=29337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4777]
-
-testId=2713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4778]
-
-testId=19081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4779]
-
-testId=10905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4780]
-
-testId=27305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4781]
-
-testId=6793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4782]
-
-testId=23177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4783]
-
-testId=14985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4784]
-
-testId=31417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4785]
-
-testId=1673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4786]
-
-testId=18089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4787]
-
-testId=9913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4788]
-
-testId=26281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4789]
-
-testId=5801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4790]
-
-testId=22153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4791]
-
-testId=13993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4792]
-
-testId=30345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4793]
-
-testId=3753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4794]
-
-testId=20121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4795]
-
-testId=11929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4796]
-
-testId=28329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4797]
-
-testId=7865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4798]
-
-testId=24249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4799]
-
-testId=16057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4800]
-
-testId=32409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4801]
-
-testId=441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4802]
-
-testId=16793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4803]
-
-testId=8617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4804]
-
-testId=25017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4805]
-
-testId=4489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4806]
-
-testId=20873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4807]
-
-testId=12713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4808]
-
-testId=29065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4809]
-
-testId=2489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4810]
-
-testId=18857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4811]
-
-testId=10665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4812]
-
-testId=27049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4813]
-
-testId=6585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4814]
-
-testId=22953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4815]
-
-testId=14777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4816]
-
-testId=31113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4817]
-
-testId=1417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4818]
-
-testId=17849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4819]
-
-testId=9625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4820]
-
-testId=26041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4821]
-
-testId=5529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4822]
-
-testId=21945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4823]
-
-testId=13721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4824]
-
-testId=30121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4825]
-
-testId=3481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4826]
-
-testId=19865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4827]
-
-testId=11689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4828]
-
-testId=28057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4829]
-
-testId=7593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4830]
-
-testId=23993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4831]
-
-testId=15753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4832]
-
-testId=32185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4833]
-
-testId=921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4834]
-
-testId=17321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4835]
-
-testId=9113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4836]
-
-testId=25529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4837]
-
-testId=5017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4838]
-
-testId=21385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4839]
-
-testId=13241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4840]
-
-testId=29625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4841]
-
-testId=3001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4842]
-
-testId=19385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4843]
-
-testId=11161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4844]
-
-testId=27561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4845]
-
-testId=7097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4846]
-
-testId=23433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4847]
-
-testId=15241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4848]
-
-testId=31641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4849]
-
-testId=1977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4850]
-
-testId=18345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4851]
-
-testId=10153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4852]
-
-testId=26537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4853]
-
-testId=6073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4854]
-
-testId=22409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4855]
-
-testId=14265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4856]
-
-testId=30601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4857]
-
-testId=4025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4858]
-
-testId=20409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4859]
-
-testId=12217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4860]
-
-testId=28553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4861]
-
-testId=8089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4862]
-
-testId=24489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4863]
-
-testId=16313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4864]
-
-testId=32665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4865]
-
-testId=73
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4866]
-
-testId=16489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4867]
-
-testId=8281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4868]
-
-testId=24665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4869]
-
-testId=4201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4870]
-
-testId=20601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4871]
-
-testId=12393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4872]
-
-testId=28745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4873]
-
-testId=2169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4874]
-
-testId=18553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4875]
-
-testId=10313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4876]
-
-testId=26729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4877]
-
-testId=6249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4878]
-
-testId=22617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4879]
-
-testId=14425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4880]
-
-testId=30793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4881]
-
-testId=1097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4882]
-
-testId=17513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4883]
-
-testId=9321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4884]
-
-testId=25689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4885]
-
-testId=5225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4886]
-
-testId=21577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4887]
-
-testId=13401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4888]
-
-testId=29817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4889]
-
-testId=3145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4890]
-
-testId=19561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4891]
-
-testId=11385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4892]
-
-testId=27769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4893]
-
-testId=7289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4894]
-
-testId=23657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4895]
-
-testId=15433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4896]
-
-testId=31849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4897]
-
-testId=617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4898]
-
-testId=16969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4899]
-
-testId=8793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4900]
-
-testId=25193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4901]
-
-testId=4713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4902]
-
-testId=21065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4903]
-
-testId=12905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4904]
-
-testId=29257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4905]
-
-testId=2665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4906]
-
-testId=19065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4907]
-
-testId=10873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4908]
-
-testId=27257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4909]
-
-testId=6729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4910]
-
-testId=23113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4911]
-
-testId=14921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4912]
-
-testId=31353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4913]
-
-testId=1625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4914]
-
-testId=18025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4915]
-
-testId=9849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4916]
-
-testId=26185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4917]
-
-testId=5737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4918]
-
-testId=22089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4919]
-
-testId=13945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4920]
-
-testId=30329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4921]
-
-testId=3705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4922]
-
-testId=20057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4923]
-
-testId=11897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4924]
-
-testId=28281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4925]
-
-testId=7801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4926]
-
-testId=24169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4927]
-
-testId=15993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4928]
-
-testId=32345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4929]
-
-testId=329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4930]
-
-testId=16761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4931]
-
-testId=8537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4932]
-
-testId=24905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4933]
-
-testId=4457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4934]
-
-testId=20841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4935]
-
-testId=12633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4936]
-
-testId=29017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4937]
-
-testId=2409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4938]
-
-testId=18777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4939]
-
-testId=10601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4940]
-
-testId=26969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4941]
-
-testId=6505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4942]
-
-testId=22873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4943]
-
-testId=14713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4944]
-
-testId=31097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4945]
-
-testId=1353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4946]
-
-testId=17785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4947]
-
-testId=9593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4948]
-
-testId=25961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4949]
-
-testId=5497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4950]
-
-testId=21849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4951]
-
-testId=13657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4952]
-
-testId=30041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4953]
-
-testId=3433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4954]
-
-testId=19801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4955]
-
-testId=11625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4956]
-
-testId=27977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4957]
-
-testId=7529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4958]
-
-testId=23913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4959]
-
-testId=15705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4960]
-
-testId=32089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4961]
-
-testId=873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4962]
-
-testId=17273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4963]
-
-testId=9081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4964]
-
-testId=25433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4965]
-
-testId=4969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4966]
-
-testId=21337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4967]
-
-testId=13177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4968]
-
-testId=29561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4969]
-
-testId=2937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4970]
-
-testId=19289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4971]
-
-testId=11129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4972]
-
-testId=27465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4973]
-
-testId=7001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4974]
-
-testId=23369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4975]
-
-testId=15209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4976]
-
-testId=31609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4977]
-
-testId=1865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4978]
-
-testId=18249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4979]
-
-testId=10089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4980]
-
-testId=26457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4981]
-
-testId=5993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4982]
-
-testId=22361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4983]
-
-testId=14201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4984]
-
-testId=30537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4985]
-
-testId=3929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4986]
-
-testId=20313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4987]
-
-testId=12137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4988]
-
-testId=28537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4989]
-
-testId=8057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4990]
-
-testId=24441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4991]
-
-testId=16201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4992]
-
-testId=32633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4993]
-
-testId=201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4994]
-
-testId=16617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4995]
-
-testId=8409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4996]
-
-testId=24793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4997]
-
-testId=4297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4998]
-
-testId=20729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4999]
-
-testId=12505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5000]
-
-testId=28873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5001]
-
-testId=2297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5002]
-
-testId=18665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5003]
-
-testId=10489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5004]
-
-testId=26841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5005]
-
-testId=6345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5006]
-
-testId=22761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5007]
-
-testId=14537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5008]
-
-testId=30921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5009]
-
-testId=1241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5010]
-
-testId=17657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5011]
-
-testId=9465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5012]
-
-testId=25817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5013]
-
-testId=5337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5014]
-
-testId=21721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5015]
-
-testId=13529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5016]
-
-testId=29913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5017]
-
-testId=3273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5018]
-
-testId=19689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5019]
-
-testId=11481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5020]
-
-testId=27865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5021]
-
-testId=7385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5022]
-
-testId=23785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5023]
-
-testId=15561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5024]
-
-testId=31945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5025]
-
-testId=745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5026]
-
-testId=17129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5027]
-
-testId=8937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5028]
-
-testId=25321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5029]
-
-testId=4857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5030]
-
-testId=21225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5031]
-
-testId=13049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5032]
-
-testId=29385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5033]
-
-testId=2793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5034]
-
-testId=19193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5035]
-
-testId=10969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5036]
-
-testId=27337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5037]
-
-testId=6905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5038]
-
-testId=23273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5039]
-
-testId=15081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5040]
-
-testId=31449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5041]
-
-testId=1785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5042]
-
-testId=18153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5043]
-
-testId=9977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5044]
-
-testId=26329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5045]
-
-testId=5833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5046]
-
-testId=22217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5047]
-
-testId=14073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5048]
-
-testId=30441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5049]
-
-testId=3817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5050]
-
-testId=20217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5051]
-
-testId=12025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5052]
-
-testId=28361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5053]
-
-testId=7929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5054]
-
-testId=24265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5055]
-
-testId=16089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5056]
-
-testId=32505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5057]
-
-testId=505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5058]
-
-testId=16841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5059]
-
-testId=8665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5060]
-
-testId=25049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5061]
-
-testId=4569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5062]
-
-testId=20937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5063]
-
-testId=12745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5064]
-
-testId=29129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5065]
-
-testId=2537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5066]
-
-testId=18937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5067]
-
-testId=10697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5068]
-
-testId=27097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5069]
-
-testId=6617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5070]
-
-testId=23033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5071]
-
-testId=14809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5072]
-
-testId=31193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5073]
-
-testId=1513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5074]
-
-testId=17913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5075]
-
-testId=9673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5076]
-
-testId=26057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5077]
-
-testId=5625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5078]
-
-testId=21993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5079]
-
-testId=13801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5080]
-
-testId=30201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5081]
-
-testId=3545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5082]
-
-testId=19945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5083]
-
-testId=11737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5084]
-
-testId=28105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5085]
-
-testId=7641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5086]
-
-testId=24057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5087]
-
-testId=15849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5088]
-
-testId=32233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5089]
-
-testId=969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5090]
-
-testId=17369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5091]
-
-testId=9161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5092]
-
-testId=25545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5093]
-
-testId=5097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5094]
-
-testId=21497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5095]
-
-testId=13289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5096]
-
-testId=29641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5097]
-
-testId=3017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5098]
-
-testId=19417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5099]
-
-testId=11209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5100]
-
-testId=27641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5101]
-
-testId=7129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5102]
-
-testId=23529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5103]
-
-testId=15337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5104]
-
-testId=31689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5105]
-
-testId=2041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5106]
-
-testId=18377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5107]
-
-testId=10185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5108]
-
-testId=26585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5109]
-
-testId=6089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5110]
-
-testId=22521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5111]
-
-testId=14281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5112]
-
-testId=30665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5113]
-
-testId=4073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5114]
-
-testId=20473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5115]
-
-testId=12281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5116]
-
-testId=28649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5117]
-
-testId=8137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5118]
-
-testId=24553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5119]
-
-testId=16345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5120]
-
-testId=32729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5121]
-
-testId=53
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5122]
-
-testId=16437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5123]
-
-testId=8197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5124]
-
-testId=24613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5125]
-
-testId=4133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5126]
-
-testId=20501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5127]
-
-testId=12309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5128]
-
-testId=28693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5129]
-
-testId=2053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5130]
-
-testId=18437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5131]
-
-testId=10277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5132]
-
-testId=26677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5133]
-
-testId=6165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5134]
-
-testId=22581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5135]
-
-testId=14389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5136]
-
-testId=30773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5137]
-
-testId=1077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5138]
-
-testId=17429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5139]
-
-testId=9269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5140]
-
-testId=25637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5141]
-
-testId=5141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5142]
-
-testId=21509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5143]
-
-testId=13317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5144]
-
-testId=29701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5145]
-
-testId=3125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5146]
-
-testId=19477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5147]
-
-testId=11285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5148]
-
-testId=27685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5149]
-
-testId=7205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5150]
-
-testId=23605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5151]
-
-testId=15413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5152]
-
-testId=31765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5153]
-
-testId=533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5154]
-
-testId=16901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5155]
-
-testId=8709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5156]
-
-testId=25141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5157]
-
-testId=4629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5158]
-
-testId=21029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5159]
-
-testId=12805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5160]
-
-testId=29237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5161]
-
-testId=2613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5162]
-
-testId=18949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5163]
-
-testId=10805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5164]
-
-testId=27141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5165]
-
-testId=6677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5166]
-
-testId=23093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5167]
-
-testId=14885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5168]
-
-testId=31237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5169]
-
-testId=1541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5170]
-
-testId=17925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5171]
-
-testId=9781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5172]
-
-testId=26117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5173]
-
-testId=5637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5174]
-
-testId=22069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5175]
-
-testId=13829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5176]
-
-testId=30229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5177]
-
-testId=3589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5178]
-
-testId=19989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5179]
-
-testId=11797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5180]
-
-testId=28181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5181]
-
-testId=7733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5182]
-
-testId=24101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5183]
-
-testId=15893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5184]
-
-testId=32261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5185]
-
-testId=261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5186]
-
-testId=16661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5187]
-
-testId=8453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5188]
-
-testId=24837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5189]
-
-testId=4373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5190]
-
-testId=20789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5191]
-
-testId=12549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5192]
-
-testId=28933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5193]
-
-testId=2325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5194]
-
-testId=18725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5195]
-
-testId=10517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5196]
-
-testId=26933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5197]
-
-testId=6421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5198]
-
-testId=22789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5199]
-
-testId=14613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5200]
-
-testId=31013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5201]
-
-testId=1285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5202]
-
-testId=17717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5203]
-
-testId=9493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5204]
-
-testId=25893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5205]
-
-testId=5413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5206]
-
-testId=21781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5207]
-
-testId=13605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5208]
-
-testId=29989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5209]
-
-testId=3333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5210]
-
-testId=19765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5211]
-
-testId=11573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5212]
-
-testId=27909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5213]
-
-testId=7429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5214]
-
-testId=23845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5215]
-
-testId=15637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5216]
-
-testId=32037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5217]
-
-testId=805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5218]
-
-testId=17173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5219]
-
-testId=8997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5220]
-
-testId=25397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5221]
-
-testId=4901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5222]
-
-testId=21301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5223]
-
-testId=13061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5224]
-
-testId=29477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5225]
-
-testId=2837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5226]
-
-testId=19237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5227]
-
-testId=11045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5228]
-
-testId=27397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5229]
-
-testId=6965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5230]
-
-testId=23333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5231]
-
-testId=15125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5232]
-
-testId=31509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5233]
-
-testId=1797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5234]
-
-testId=18213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5235]
-
-testId=10005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5236]
-
-testId=26421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5237]
-
-testId=5909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5238]
-
-testId=22309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5239]
-
-testId=14117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5240]
-
-testId=30501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5241]
-
-testId=3861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5242]
-
-testId=20229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5243]
-
-testId=12053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5244]
-
-testId=28453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5245]
-
-testId=7973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5246]
-
-testId=24325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5247]
-
-testId=16133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5248]
-
-testId=32517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5249]
-
-testId=165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5250]
-
-testId=16533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5251]
-
-testId=8341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5252]
-
-testId=24757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5253]
-
-testId=4277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5254]
-
-testId=20613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5255]
-
-testId=12469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5256]
-
-testId=28837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5257]
-
-testId=2213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5258]
-
-testId=18581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5259]
-
-testId=10421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5260]
-
-testId=26773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5261]
-
-testId=6277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5262]
-
-testId=22693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5263]
-
-testId=14517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5264]
-
-testId=30869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5265]
-
-testId=1157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5266]
-
-testId=17589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5267]
-
-testId=9349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5268]
-
-testId=25749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5269]
-
-testId=5301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5270]
-
-testId=21653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5271]
-
-testId=13445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5272]
-
-testId=29845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5273]
-
-testId=3253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5274]
-
-testId=19589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5275]
-
-testId=11445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5276]
-
-testId=27813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5277]
-
-testId=7301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5278]
-
-testId=23701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5279]
-
-testId=15541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5280]
-
-testId=31877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5281]
-
-testId=693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5282]
-
-testId=17061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5283]
-
-testId=8885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5284]
-
-testId=25221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5285]
-
-testId=4789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5286]
-
-testId=21173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5287]
-
-testId=12933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5288]
-
-testId=29333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5289]
-
-testId=2741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5290]
-
-testId=19125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5291]
-
-testId=10885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5292]
-
-testId=27269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5293]
-
-testId=6821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5294]
-
-testId=23189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5295]
-
-testId=15029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5296]
-
-testId=31413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5297]
-
-testId=1669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5298]
-
-testId=18053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5299]
-
-testId=9893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5300]
-
-testId=26245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5301]
-
-testId=5781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5302]
-
-testId=22181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5303]
-
-testId=13989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5304]
-
-testId=30357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5305]
-
-testId=3733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5306]
-
-testId=20117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5307]
-
-testId=11925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5308]
-
-testId=28341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5309]
-
-testId=7829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5310]
-
-testId=24245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5311]
-
-testId=16037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5312]
-
-testId=32389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5313]
-
-testId=421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5314]
-
-testId=16805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5315]
-
-testId=8597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5316]
-
-testId=24981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5317]
-
-testId=4517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5318]
-
-testId=20885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5319]
-
-testId=12693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5320]
-
-testId=29061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5321]
-
-testId=2453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5322]
-
-testId=18837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5323]
-
-testId=10645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5324]
-
-testId=27045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5325]
-
-testId=6533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5326]
-
-testId=22933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5327]
-
-testId=14773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5328]
-
-testId=31125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5329]
-
-testId=1445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5330]
-
-testId=17813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5331]
-
-testId=9621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5332]
-
-testId=26005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5333]
-
-testId=5525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5334]
-
-testId=21925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5335]
-
-testId=13749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5336]
-
-testId=30133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5337]
-
-testId=3461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5338]
-
-testId=19845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5339]
-
-testId=11701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5340]
-
-testId=28085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5341]
-
-testId=7605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5342]
-
-testId=23957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5343]
-
-testId=15749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5344]
-
-testId=32149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5345]
-
-testId=901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5346]
-
-testId=17301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5347]
-
-testId=9109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5348]
-
-testId=25509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5349]
-
-testId=5029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5350]
-
-testId=21429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5351]
-
-testId=13205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5352]
-
-testId=29573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5353]
-
-testId=2997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5354]
-
-testId=19349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5355]
-
-testId=11141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5356]
-
-testId=27573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5357]
-
-testId=7093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5358]
-
-testId=23445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5359]
-
-testId=15285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5360]
-
-testId=31653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5361]
-
-testId=1941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5362]
-
-testId=18325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5363]
-
-testId=10149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5364]
-
-testId=26517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5365]
-
-testId=6069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5366]
-
-testId=22421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5367]
-
-testId=14245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5368]
-
-testId=30629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5369]
-
-testId=3989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5370]
-
-testId=20389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5371]
-
-testId=12213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5372]
-
-testId=28565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5373]
-
-testId=8085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5374]
-
-testId=24485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5375]
-
-testId=16293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5376]
-
-testId=32645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5377]
-
-testId=117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5378]
-
-testId=16501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5379]
-
-testId=8293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5380]
-
-testId=24645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5381]
-
-testId=4181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5382]
-
-testId=20549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5383]
-
-testId=12405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5384]
-
-testId=28741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5385]
-
-testId=2117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5386]
-
-testId=18501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5387]
-
-testId=10341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5388]
-
-testId=26725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5389]
-
-testId=6245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5390]
-
-testId=22597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5391]
-
-testId=14453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5392]
-
-testId=30805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5393]
-
-testId=1109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5394]
-
-testId=17509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5395]
-
-testId=9333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5396]
-
-testId=25685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5397]
-
-testId=5205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5398]
-
-testId=21605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5399]
-
-testId=13429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5400]
-
-testId=29765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5401]
-
-testId=3157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5402]
-
-testId=19525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5403]
-
-testId=11365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5404]
-
-testId=27765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5405]
-
-testId=7237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5406]
-
-testId=23621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5407]
-
-testId=15477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5408]
-
-testId=31861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5409]
-
-testId=581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5410]
-
-testId=16981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5411]
-
-testId=8805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5412]
-
-testId=25157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5413]
-
-testId=4725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5414]
-
-testId=21109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5415]
-
-testId=12901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5416]
-
-testId=29253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5417]
-
-testId=2645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5418]
-
-testId=19029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5419]
-
-testId=10869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5420]
-
-testId=27253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5421]
-
-testId=6757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5422]
-
-testId=23157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5423]
-
-testId=14949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5424]
-
-testId=31301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5425]
-
-testId=1637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5426]
-
-testId=18037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5427]
-
-testId=9813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5428]
-
-testId=26213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5429]
-
-testId=5733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5430]
-
-testId=22101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5431]
-
-testId=13925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5432]
-
-testId=30325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5433]
-
-testId=3701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5434]
-
-testId=20037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5435]
-
-testId=11845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5436]
-
-testId=28245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5437]
-
-testId=7797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5438]
-
-testId=24149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5439]
-
-testId=15989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5440]
-
-testId=32373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5441]
-
-testId=373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5442]
-
-testId=16709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5443]
-
-testId=8549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5444]
-
-testId=24901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5445]
-
-testId=4421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5446]
-
-testId=20837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5447]
-
-testId=12645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5448]
-
-testId=29029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5449]
-
-testId=2405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5450]
-
-testId=18773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5451]
-
-testId=10565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5452]
-
-testId=26997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5453]
-
-testId=6485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5454]
-
-testId=22853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5455]
-
-testId=14693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5456]
-
-testId=31061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5457]
-
-testId=1381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5458]
-
-testId=17733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5459]
-
-testId=9557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5460]
-
-testId=25941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5461]
-
-testId=5477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5462]
-
-testId=21861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5463]
-
-testId=13669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5464]
-
-testId=30037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5465]
-
-testId=3445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5466]
-
-testId=19781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5467]
-
-testId=11637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5468]
-
-testId=28005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5469]
-
-testId=7509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5470]
-
-testId=23909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5471]
-
-testId=15717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5472]
-
-testId=32117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5473]
-
-testId=869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5474]
-
-testId=17237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5475]
-
-testId=9029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5476]
-
-testId=25413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5477]
-
-testId=4965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5478]
-
-testId=21365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5479]
-
-testId=13157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5480]
-
-testId=29541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5481]
-
-testId=2885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5482]
-
-testId=19285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5483]
-
-testId=11077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5484]
-
-testId=27493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5485]
-
-testId=6981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5486]
-
-testId=23381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5487]
-
-testId=15205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5488]
-
-testId=31557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5489]
-
-testId=1909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5490]
-
-testId=18245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5491]
-
-testId=10069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5492]
-
-testId=26469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5493]
-
-testId=6005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5494]
-
-testId=22357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5495]
-
-testId=14181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5496]
-
-testId=30549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5497]
-
-testId=3941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5498]
-
-testId=20341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5499]
-
-testId=12117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5500]
-
-testId=28533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5501]
-
-testId=8053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5502]
-
-testId=24405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5503]
-
-testId=16213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5504]
-
-testId=32581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5505]
-
-testId=213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5506]
-
-testId=16581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5507]
-
-testId=8437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5508]
-
-testId=24773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5509]
-
-testId=4325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5510]
-
-testId=20709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5511]
-
-testId=12485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5512]
-
-testId=28901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5513]
-
-testId=2293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5514]
-
-testId=18629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5515]
-
-testId=10469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5516]
-
-testId=26853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5517]
-
-testId=6357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5518]
-
-testId=22741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5519]
-
-testId=14533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5520]
-
-testId=30917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5521]
-
-testId=1269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5522]
-
-testId=17621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5523]
-
-testId=9413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5524]
-
-testId=25845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5525]
-
-testId=5365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5526]
-
-testId=21749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5527]
-
-testId=13509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5528]
-
-testId=29909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5529]
-
-testId=3301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5530]
-
-testId=19669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5531]
-
-testId=11509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5532]
-
-testId=27877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5533]
-
-testId=7381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5534]
-
-testId=23749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5535]
-
-testId=15605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5536]
-
-testId=31957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5537]
-
-testId=757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5538]
-
-testId=17125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5539]
-
-testId=8901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5540]
-
-testId=25333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5541]
-
-testId=4805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5542]
-
-testId=21189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5543]
-
-testId=13045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5544]
-
-testId=29381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5545]
-
-testId=2773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5546]
-
-testId=19173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5547]
-
-testId=10981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5548]
-
-testId=27365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5549]
-
-testId=6869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5550]
-
-testId=23253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5551]
-
-testId=15077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5552]
-
-testId=31429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5553]
-
-testId=1765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5554]
-
-testId=18165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5555]
-
-testId=9973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5556]
-
-testId=26341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5557]
-
-testId=5845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5558]
-
-testId=22229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5559]
-
-testId=14053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5560]
-
-testId=30453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5561]
-
-testId=3797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5562]
-
-testId=20213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5563]
-
-testId=12005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5564]
-
-testId=28389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5565]
-
-testId=7925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5566]
-
-testId=24309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5567]
-
-testId=16101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5568]
-
-testId=32469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5569]
-
-testId=485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5570]
-
-testId=16885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5571]
-
-testId=8661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5572]
-
-testId=25045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5573]
-
-testId=4581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5574]
-
-testId=20933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5575]
-
-testId=12757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5576]
-
-testId=29125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5577]
-
-testId=2517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5578]
-
-testId=18901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5579]
-
-testId=10725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5580]
-
-testId=27077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5581]
-
-testId=6613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5582]
-
-testId=23013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5583]
-
-testId=14837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5584]
-
-testId=31189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5585]
-
-testId=1493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5586]
-
-testId=17893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5587]
-
-testId=9701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5588]
-
-testId=26053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5589]
-
-testId=5605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5590]
-
-testId=21957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5591]
-
-testId=13813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5592]
-
-testId=30197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5593]
-
-testId=3541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5594]
-
-testId=19909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5595]
-
-testId=11749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5596]
-
-testId=28117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5597]
-
-testId=7637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5598]
-
-testId=24005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5599]
-
-testId=15829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5600]
-
-testId=32213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5601]
-
-testId=997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5602]
-
-testId=17397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5603]
-
-testId=9189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5604]
-
-testId=25573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5605]
-
-testId=5077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5606]
-
-testId=21461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5607]
-
-testId=13301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5608]
-
-testId=29669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5609]
-
-testId=3045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5610]
-
-testId=19445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5611]
-
-testId=11221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5612]
-
-testId=27589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5613]
-
-testId=7157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5614]
-
-testId=23509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5615]
-
-testId=15317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5616]
-
-testId=31685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5617]
-
-testId=2021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5618]
-
-testId=18405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5619]
-
-testId=10229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5620]
-
-testId=26613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5621]
-
-testId=6117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5622]
-
-testId=22469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5623]
-
-testId=14325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5624]
-
-testId=30677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5625]
-
-testId=4037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5626]
-
-testId=20421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5627]
-
-testId=12245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5628]
-
-testId=28661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5629]
-
-testId=8165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5630]
-
-testId=24533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5631]
-
-testId=16325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5632]
-
-testId=32757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5633]
-
-testId=61
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5634]
-
-testId=16445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5635]
-
-testId=8237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5636]
-
-testId=24605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5637]
-
-testId=4141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5638]
-
-testId=20493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5639]
-
-testId=12317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5640]
-
-testId=28701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5641]
-
-testId=2061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5642]
-
-testId=18477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5643]
-
-testId=10269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5644]
-
-testId=26669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5645]
-
-testId=6205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5646]
-
-testId=22573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5647]
-
-testId=14397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5648]
-
-testId=30765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5649]
-
-testId=1053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5650]
-
-testId=17421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5651]
-
-testId=9261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5652]
-
-testId=25629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5653]
-
-testId=5165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5654]
-
-testId=21533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5655]
-
-testId=13357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5656]
-
-testId=29741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5657]
-
-testId=3101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5658]
-
-testId=19485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5659]
-
-testId=11325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5660]
-
-testId=27693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5661]
-
-testId=7229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5662]
-
-testId=23565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5663]
-
-testId=15373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5664]
-
-testId=31805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5665]
-
-testId=525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5666]
-
-testId=16957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5667]
-
-testId=8765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5668]
-
-testId=25133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5669]
-
-testId=4653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5670]
-
-testId=21053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5671]
-
-testId=12829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5672]
-
-testId=29213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5673]
-
-testId=2621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5674]
-
-testId=19005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5675]
-
-testId=10765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5676]
-
-testId=27197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5677]
-
-testId=6685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5678]
-
-testId=23053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5679]
-
-testId=14861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5680]
-
-testId=31277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5681]
-
-testId=1597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5682]
-
-testId=17949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5683]
-
-testId=9773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5684]
-
-testId=26157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5685]
-
-testId=5693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5686]
-
-testId=22045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5687]
-
-testId=13853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5688]
-
-testId=30237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5689]
-
-testId=3613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5690]
-
-testId=20029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5691]
-
-testId=11821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5692]
-
-testId=28189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5693]
-
-testId=7725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5694]
-
-testId=24125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5695]
-
-testId=15885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5696]
-
-testId=32301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5697]
-
-testId=269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5698]
-
-testId=16685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5699]
-
-testId=8509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5700]
-
-testId=24877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5701]
-
-testId=4397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5702]
-
-testId=20765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5703]
-
-testId=12573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5704]
-
-testId=28973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5705]
-
-testId=2349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5706]
-
-testId=18701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5707]
-
-testId=10509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5708]
-
-testId=26925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5709]
-
-testId=6413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5710]
-
-testId=22797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5711]
-
-testId=14605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5712]
-
-testId=30989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5713]
-
-testId=1293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5714]
-
-testId=17725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5715]
-
-testId=9501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5716]
-
-testId=25901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5717]
-
-testId=5389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5718]
-
-testId=21789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5719]
-
-testId=13613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5720]
-
-testId=29981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5721]
-
-testId=3341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5722]
-
-testId=19757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5723]
-
-testId=11549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5724]
-
-testId=27949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5725]
-
-testId=7485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5726]
-
-testId=23837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5727]
-
-testId=15677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5728]
-
-testId=32045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5729]
-
-testId=829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5730]
-
-testId=17181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5731]
-
-testId=9005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5732]
-
-testId=25373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5733]
-
-testId=4877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5734]
-
-testId=21293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5735]
-
-testId=13069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5736]
-
-testId=29469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5737]
-
-testId=2877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5738]
-
-testId=19213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5739]
-
-testId=11069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5740]
-
-testId=27437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5741]
-
-testId=6925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5742]
-
-testId=23341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5743]
-
-testId=15117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5744]
-
-testId=31533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5745]
-
-testId=1821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5746]
-
-testId=18205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5747]
-
-testId=10029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5748]
-
-testId=26429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5749]
-
-testId=5949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5750]
-
-testId=22285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5751]
-
-testId=14125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5752]
-
-testId=30509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5753]
-
-testId=3869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5754]
-
-testId=20285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5755]
-
-testId=12093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5756]
-
-testId=28461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5757]
-
-testId=7997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5758]
-
-testId=24365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5759]
-
-testId=16141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5760]
-
-testId=32525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5761]
-
-testId=141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5762]
-
-testId=16573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5763]
-
-testId=8365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5764]
-
-testId=24749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5765]
-
-testId=4253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5766]
-
-testId=20669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5767]
-
-testId=12429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5768]
-
-testId=28845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5769]
-
-testId=2237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5770]
-
-testId=18589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5771]
-
-testId=10381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5772]
-
-testId=26813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5773]
-
-testId=6333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5774]
-
-testId=22669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5775]
-
-testId=14509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5776]
-
-testId=30877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5777]
-
-testId=1197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5778]
-
-testId=17597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5779]
-
-testId=9405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5780]
-
-testId=25757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5781]
-
-testId=5309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5782]
-
-testId=21661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5783]
-
-testId=13453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5784]
-
-testId=29853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5785]
-
-testId=3213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5786]
-
-testId=19629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5787]
-
-testId=11405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5788]
-
-testId=27805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5789]
-
-testId=7325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5790]
-
-testId=23741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5791]
-
-testId=15533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5792]
-
-testId=31901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5793]
-
-testId=653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5794]
-
-testId=17085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5795]
-
-testId=8845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5796]
-
-testId=25229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5797]
-
-testId=4797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5798]
-
-testId=21133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5799]
-
-testId=12989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5800]
-
-testId=29341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5801]
-
-testId=2717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5802]
-
-testId=19101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5803]
-
-testId=10925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5804]
-
-testId=27309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5805]
-
-testId=6845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5806]
-
-testId=23229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5807]
-
-testId=15021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5808]
-
-testId=31405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5809]
-
-testId=1693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5810]
-
-testId=18093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5811]
-
-testId=9869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5812]
-
-testId=26269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5813]
-
-testId=5821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5814]
-
-testId=22157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5815]
-
-testId=13997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5816]
-
-testId=30381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5817]
-
-testId=3725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5818]
-
-testId=20109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5819]
-
-testId=11965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5820]
-
-testId=28301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5821]
-
-testId=7869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5822]
-
-testId=24221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5823]
-
-testId=16045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5824]
-
-testId=32429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5825]
-
-testId=413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5826]
-
-testId=16829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5827]
-
-testId=8637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5828]
-
-testId=24973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5829]
-
-testId=4541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5830]
-
-testId=20893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5831]
-
-testId=12717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5832]
-
-testId=29101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5833]
-
-testId=2461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5834]
-
-testId=18861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5835]
-
-testId=10653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5836]
-
-testId=27021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5837]
-
-testId=6541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5838]
-
-testId=22973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5839]
-
-testId=14765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5840]
-
-testId=31149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5841]
-
-testId=1469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5842]
-
-testId=17837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5843]
-
-testId=9613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5844]
-
-testId=26013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5845]
-
-testId=5565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5846]
-
-testId=21917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5847]
-
-testId=13709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5848]
-
-testId=30125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5849]
-
-testId=3517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5850]
-
-testId=19869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5851]
-
-testId=11677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5852]
-
-testId=28093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5853]
-
-testId=7597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5854]
-
-testId=23965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5855]
-
-testId=15805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5856]
-
-testId=32189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5857]
-
-testId=957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5858]
-
-testId=17309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5859]
-
-testId=9117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5860]
-
-testId=25533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5861]
-
-testId=5053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5862]
-
-testId=21421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5863]
-
-testId=13229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5864]
-
-testId=29613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5865]
-
-testId=2957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5866]
-
-testId=19373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5867]
-
-testId=11181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5868]
-
-testId=27533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5869]
-
-testId=7101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5870]
-
-testId=23437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5871]
-
-testId=15245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5872]
-
-testId=31661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5873]
-
-testId=1949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5874]
-
-testId=18349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5875]
-
-testId=10173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5876]
-
-testId=26509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5877]
-
-testId=6045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5878]
-
-testId=22461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5879]
-
-testId=14253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5880]
-
-testId=30621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5881]
-
-testId=3997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5882]
-
-testId=20365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5883]
-
-testId=12205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5884]
-
-testId=28605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5885]
-
-testId=8077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5886]
-
-testId=24477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5887]
-
-testId=16317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5888]
-
-testId=32701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5889]
-
-testId=109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5890]
-
-testId=16493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5891]
-
-testId=8269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5892]
-
-testId=24685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5893]
-
-testId=4189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5894]
-
-testId=20557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5895]
-
-testId=12413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5896]
-
-testId=28765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5897]
-
-testId=2125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5898]
-
-testId=18557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5899]
-
-testId=10333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5900]
-
-testId=26749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5901]
-
-testId=6237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5902]
-
-testId=22621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5903]
-
-testId=14429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5904]
-
-testId=30845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5905]
-
-testId=1133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5906]
-
-testId=17485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5907]
-
-testId=9341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5908]
-
-testId=25677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5909]
-
-testId=5229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5910]
-
-testId=21613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5911]
-
-testId=13405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5912]
-
-testId=29805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5913]
-
-testId=3181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5914]
-
-testId=19549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5915]
-
-testId=11357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5916]
-
-testId=27773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5917]
-
-testId=7277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5918]
-
-testId=23645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5919]
-
-testId=15453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5920]
-
-testId=31853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5921]
-
-testId=637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5922]
-
-testId=17005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5923]
-
-testId=8797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5924]
-
-testId=25181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5925]
-
-testId=4717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5926]
-
-testId=21101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5927]
-
-testId=12909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5928]
-
-testId=29277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5929]
-
-testId=2669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5930]
-
-testId=19021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5931]
-
-testId=10877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5932]
-
-testId=27229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5933]
-
-testId=6733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5934]
-
-testId=23133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5935]
-
-testId=14957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5936]
-
-testId=31357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5937]
-
-testId=1613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5938]
-
-testId=18029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5939]
-
-testId=9805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5940]
-
-testId=26221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5941]
-
-testId=5709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5942]
-
-testId=22109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5943]
-
-testId=13901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5944]
-
-testId=30317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5945]
-
-testId=3693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5946]
-
-testId=20045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5947]
-
-testId=11885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5948]
-
-testId=28285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5949]
-
-testId=7789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5950]
-
-testId=24173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5951]
-
-testId=15997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5952]
-
-testId=32365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5953]
-
-testId=365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5954]
-
-testId=16765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5955]
-
-testId=8557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5956]
-
-testId=24941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5957]
-
-testId=4461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5958]
-
-testId=20829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5959]
-
-testId=12653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5960]
-
-testId=29021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5961]
-
-testId=2381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5962]
-
-testId=18765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5963]
-
-testId=10605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5964]
-
-testId=26957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5965]
-
-testId=6493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5966]
-
-testId=22877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5967]
-
-testId=14701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5968]
-
-testId=31101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5969]
-
-testId=1405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5970]
-
-testId=17789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5971]
-
-testId=9565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5972]
-
-testId=25981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5973]
-
-testId=5453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5974]
-
-testId=21853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5975]
-
-testId=13677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5976]
-
-testId=30077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5977]
-
-testId=3405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5978]
-
-testId=19837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5979]
-
-testId=11645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5980]
-
-testId=28013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5981]
-
-testId=7517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5982]
-
-testId=23901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5983]
-
-testId=15725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5984]
-
-testId=32077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5985]
-
-testId=845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5986]
-
-testId=17261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5987]
-
-testId=9085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5988]
-
-testId=25437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5989]
-
-testId=4989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5990]
-
-testId=21357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5991]
-
-testId=13149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5992]
-
-testId=29565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5993]
-
-testId=2909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5994]
-
-testId=19325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5995]
-
-testId=11117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5996]
-
-testId=27485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5997]
-
-testId=7021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5998]
-
-testId=23373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5999]
-
-testId=15197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6000]
-
-testId=31613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6001]
-
-testId=1917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6002]
-
-testId=18285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6003]
-
-testId=10093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6004]
-
-testId=26461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6005]
-
-testId=5981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6006]
-
-testId=22349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6007]
-
-testId=14189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6008]
-
-testId=30573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6009]
-
-testId=3965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6010]
-
-testId=20349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6011]
-
-testId=12125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6012]
-
-testId=28509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6013]
-
-testId=8045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6014]
-
-testId=24413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6015]
-
-testId=16205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6016]
-
-testId=32589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6017]
-
-testId=205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6018]
-
-testId=16605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6019]
-
-testId=8397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6020]
-
-testId=24797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6021]
-
-testId=4349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6022]
-
-testId=20717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6023]
-
-testId=12493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6024]
-
-testId=28877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6025]
-
-testId=2253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6026]
-
-testId=18669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6027]
-
-testId=10493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6028]
-
-testId=26829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6029]
-
-testId=6381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6030]
-
-testId=22749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6031]
-
-testId=14573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6032]
-
-testId=30941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6033]
-
-testId=1245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6034]
-
-testId=17629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6035]
-
-testId=9437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6036]
-
-testId=25837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6037]
-
-testId=5357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6038]
-
-testId=21725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6039]
-
-testId=13549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6040]
-
-testId=29901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6041]
-
-testId=3309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6042]
-
-testId=19677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6043]
-
-testId=11485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6044]
-
-testId=27869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6045]
-
-testId=7389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6046]
-
-testId=23789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6047]
-
-testId=15597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6048]
-
-testId=31981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6049]
-
-testId=717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6050]
-
-testId=17101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6051]
-
-testId=8941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6052]
-
-testId=25293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6053]
-
-testId=4845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6054]
-
-testId=21229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6055]
-
-testId=13021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6056]
-
-testId=29389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6057]
-
-testId=2781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6058]
-
-testId=19165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6059]
-
-testId=11005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6060]
-
-testId=27389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6061]
-
-testId=6893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6062]
-
-testId=23293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6063]
-
-testId=15069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6064]
-
-testId=31453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6065]
-
-testId=1789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6066]
-
-testId=18125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6067]
-
-testId=9965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6068]
-
-testId=26317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6069]
-
-testId=5853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6070]
-
-testId=22237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6071]
-
-testId=14061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6072]
-
-testId=30445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6073]
-
-testId=3789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6074]
-
-testId=20189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6075]
-
-testId=12013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6076]
-
-testId=28413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6077]
-
-testId=7885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6078]
-
-testId=24285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6079]
-
-testId=16125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6080]
-
-testId=32509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6081]
-
-testId=461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6082]
-
-testId=16877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6083]
-
-testId=8701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6084]
-
-testId=25053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6085]
-
-testId=4605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6086]
-
-testId=20957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6087]
-
-testId=12749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6088]
-
-testId=29181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6089]
-
-testId=2525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6090]
-
-testId=18909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6091]
-
-testId=10749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6092]
-
-testId=27101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6093]
-
-testId=6621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6094]
-
-testId=23005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6095]
-
-testId=14813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6096]
-
-testId=31229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6097]
-
-testId=1533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6098]
-
-testId=17869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6099]
-
-testId=9677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6100]
-
-testId=26077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6101]
-
-testId=5613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6102]
-
-testId=21981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6103]
-
-testId=13805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6104]
-
-testId=30173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6105]
-
-testId=3581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6106]
-
-testId=19917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6107]
-
-testId=11757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6108]
-
-testId=28109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6109]
-
-testId=7629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6110]
-
-testId=24061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6111]
-
-testId=15869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6112]
-
-testId=32237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6113]
-
-testId=1005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6114]
-
-testId=17357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6115]
-
-testId=9181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6116]
-
-testId=25565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6117]
-
-testId=5117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6118]
-
-testId=21485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6119]
-
-testId=13277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6120]
-
-testId=29661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6121]
-
-testId=3021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6122]
-
-testId=19437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6123]
-
-testId=11229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6124]
-
-testId=27629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6125]
-
-testId=7133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6126]
-
-testId=23501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6127]
-
-testId=15325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6128]
-
-testId=31741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6129]
-
-testId=2013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6130]
-
-testId=18397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6131]
-
-testId=10205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6132]
-
-testId=26605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6133]
-
-testId=6093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6134]
-
-testId=22509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6135]
-
-testId=14285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6136]
-
-testId=30669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6137]
-
-testId=4077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6138]
-
-testId=20445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6139]
-
-testId=12285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6140]
-
-testId=28637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6141]
-
-testId=8189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6142]
-
-testId=24541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6143]
-
-testId=16349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6144]
-
-testId=32733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6145]
-
-testId=51
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6146]
-
-testId=16403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6147]
-
-testId=8211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6148]
-
-testId=24611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6149]
-
-testId=4131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6150]
-
-testId=20483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6151]
-
-testId=12307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6152]
-
-testId=28723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6153]
-
-testId=2067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6154]
-
-testId=18435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6155]
-
-testId=10275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6156]
-
-testId=26675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6157]
-
-testId=6179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6158]
-
-testId=22579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6159]
-
-testId=14387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6160]
-
-testId=30755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6161]
-
-testId=1075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6162]
-
-testId=17459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6163]
-
-testId=9251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6164]
-
-testId=25619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6165]
-
-testId=5155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6166]
-
-testId=21555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6167]
-
-testId=13363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6168]
-
-testId=29731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6169]
-
-testId=3123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6170]
-
-testId=19491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6171]
-
-testId=11299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6172]
-
-testId=27699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6173]
-
-testId=7203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6174]
-
-testId=23571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6175]
-
-testId=15379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6176]
-
-testId=31747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6177]
-
-testId=531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6178]
-
-testId=16899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6179]
-
-testId=8707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6180]
-
-testId=25091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6181]
-
-testId=4627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6182]
-
-testId=20995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6183]
-
-testId=12851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6184]
-
-testId=29219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6185]
-
-testId=2563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6186]
-
-testId=18963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6187]
-
-testId=10803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6188]
-
-testId=27171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6189]
-
-testId=6707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6190]
-
-testId=23043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6191]
-
-testId=14867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6192]
-
-testId=31283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6193]
-
-testId=1539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6194]
-
-testId=17939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6195]
-
-testId=9731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6196]
-
-testId=26147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6197]
-
-testId=5651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6198]
-
-testId=22019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6199]
-
-testId=13827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6200]
-
-testId=30211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6201]
-
-testId=3587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6202]
-
-testId=19971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6203]
-
-testId=11827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6204]
-
-testId=28163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6205]
-
-testId=7715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6206]
-
-testId=24067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6207]
-
-testId=15923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6208]
-
-testId=32291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6209]
-
-testId=259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6210]
-
-testId=16659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6211]
-
-testId=8451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6212]
-
-testId=24883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6213]
-
-testId=4403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6214]
-
-testId=20739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6215]
-
-testId=12579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6216]
-
-testId=28931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6217]
-
-testId=2339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6218]
-
-testId=18691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6219]
-
-testId=10499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6220]
-
-testId=26899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6221]
-
-testId=6419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6222]
-
-testId=22819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6223]
-
-testId=14595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6224]
-
-testId=31027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6225]
-
-testId=1299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6226]
-
-testId=17683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6227]
-
-testId=9523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6228]
-
-testId=25859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6229]
-
-testId=5395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6230]
-
-testId=21811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6231]
-
-testId=13571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6232]
-
-testId=29971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6233]
-
-testId=3331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6234]
-
-testId=19715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6235]
-
-testId=11555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6236]
-
-testId=27907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6237]
-
-testId=7443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6238]
-
-testId=23843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6239]
-
-testId=15635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6240]
-
-testId=32051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6241]
-
-testId=803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6242]
-
-testId=17187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6243]
-
-testId=8979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6244]
-
-testId=25395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6245]
-
-testId=4899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6246]
-
-testId=21283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6247]
-
-testId=13107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6248]
-
-testId=29475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6249]
-
-testId=2851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6250]
-
-testId=19219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6251]
-
-testId=11043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6252]
-
-testId=27395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6253]
-
-testId=6947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6254]
-
-testId=23315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6255]
-
-testId=15107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6256]
-
-testId=31539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6257]
-
-testId=1795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6258]
-
-testId=18211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6259]
-
-testId=10003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6260]
-
-testId=26387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6261]
-
-testId=5939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6262]
-
-testId=22323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6263]
-
-testId=14083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6264]
-
-testId=30515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6265]
-
-testId=3891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6266]
-
-testId=20243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6267]
-
-testId=12035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6268]
-
-testId=28419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6269]
-
-testId=7955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6270]
-
-testId=24323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6271]
-
-testId=16147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6272]
-
-testId=32531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6273]
-
-testId=131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6274]
-
-testId=16531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6275]
-
-testId=8339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6276]
-
-testId=24723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6277]
-
-testId=4259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6278]
-
-testId=20643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6279]
-
-testId=12419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6280]
-
-testId=28803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6281]
-
-testId=2227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6282]
-
-testId=18595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6283]
-
-testId=10371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6284]
-
-testId=26771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6285]
-
-testId=6323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6286]
-
-testId=22707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6287]
-
-testId=14515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6288]
-
-testId=30851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6289]
-
-testId=1187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6290]
-
-testId=17587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6291]
-
-testId=9395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6292]
-
-testId=25763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6293]
-
-testId=5251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6294]
-
-testId=21635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6295]
-
-testId=13459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6296]
-
-testId=29875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6297]
-
-testId=3235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6298]
-
-testId=19619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6299]
-
-testId=11411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6300]
-
-testId=27795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6301]
-
-testId=7315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6302]
-
-testId=23699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6303]
-
-testId=15539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6304]
-
-testId=31907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6305]
-
-testId=691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6306]
-
-testId=17027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6307]
-
-testId=8835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6308]
-
-testId=25251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6309]
-
-testId=4771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6310]
-
-testId=21155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6311]
-
-testId=12979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6312]
-
-testId=29363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6313]
-
-testId=2739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6314]
-
-testId=19107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6315]
-
-testId=10931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6316]
-
-testId=27283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6317]
-
-testId=6803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6318]
-
-testId=23219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6319]
-
-testId=15027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6320]
-
-testId=31379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6321]
-
-testId=1683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6322]
-
-testId=18051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6323]
-
-testId=9875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6324]
-
-testId=26243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6325]
-
-testId=5763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6326]
-
-testId=22195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6327]
-
-testId=14003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6328]
-
-testId=30355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6329]
-
-testId=3747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6330]
-
-testId=20147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6331]
-
-testId=11955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6332]
-
-testId=28307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6333]
-
-testId=7827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6334]
-
-testId=24195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6335]
-
-testId=16003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6336]
-
-testId=32387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6337]
-
-testId=403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6338]
-
-testId=16803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6339]
-
-testId=8627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6340]
-
-testId=25011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6341]
-
-testId=4483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6342]
-
-testId=20867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6343]
-
-testId=12707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6344]
-
-testId=29075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6345]
-
-testId=2435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6346]
-
-testId=18835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6347]
-
-testId=10675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6348]
-
-testId=27027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6349]
-
-testId=6531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6350]
-
-testId=22947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6351]
-
-testId=14771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6352]
-
-testId=31123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6353]
-
-testId=1459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6354]
-
-testId=17827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6355]
-
-testId=9651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6356]
-
-testId=26019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6357]
-
-testId=5507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6358]
-
-testId=21923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6359]
-
-testId=13747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6360]
-
-testId=30131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6361]
-
-testId=3507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6362]
-
-testId=19875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6363]
-
-testId=11683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6364]
-
-testId=28067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6365]
-
-testId=7555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6366]
-
-testId=23939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6367]
-
-testId=15747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6368]
-
-testId=32179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6369]
-
-testId=899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6370]
-
-testId=17331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6371]
-
-testId=9123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6372]
-
-testId=25507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6373]
-
-testId=5011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6374]
-
-testId=21395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6375]
-
-testId=13187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6376]
-
-testId=29603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6377]
-
-testId=2947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6378]
-
-testId=19379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6379]
-
-testId=11155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6380]
-
-testId=27539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6381]
-
-testId=7043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6382]
-
-testId=23459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6383]
-
-testId=15267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6384]
-
-testId=31667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6385]
-
-testId=1971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6386]
-
-testId=18355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6387]
-
-testId=10147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6388]
-
-testId=26547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6389]
-
-testId=6035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6390]
-
-testId=22403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6391]
-
-testId=14211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6392]
-
-testId=30595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6393]
-
-testId=3987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6394]
-
-testId=20355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6395]
-
-testId=12211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6396]
-
-testId=28595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6397]
-
-testId=8099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6398]
-
-testId=24483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6399]
-
-testId=16307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6400]
-
-testId=32659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6401]
-
-testId=99
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6402]
-
-testId=16499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6403]
-
-testId=8259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6404]
-
-testId=24659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6405]
-
-testId=4179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6406]
-
-testId=20579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6407]
-
-testId=12387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6408]
-
-testId=28787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6409]
-
-testId=2163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6410]
-
-testId=18515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6411]
-
-testId=10323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6412]
-
-testId=26707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6413]
-
-testId=6227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6414]
-
-testId=22627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6415]
-
-testId=14451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6416]
-
-testId=30835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6417]
-
-testId=1091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6418]
-
-testId=17523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6419]
-
-testId=9299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6420]
-
-testId=25699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6421]
-
-testId=5235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6422]
-
-testId=21603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6423]
-
-testId=13427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6424]
-
-testId=29795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6425]
-
-testId=3155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6426]
-
-testId=19571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6427]
-
-testId=11331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6428]
-
-testId=27747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6429]
-
-testId=7235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6430]
-
-testId=23667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6431]
-
-testId=15475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6432]
-
-testId=31843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6433]
-
-testId=579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6434]
-
-testId=17011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6435]
-
-testId=8771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6436]
-
-testId=25155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6437]
-
-testId=4707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6438]
-
-testId=21075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6439]
-
-testId=12883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6440]
-
-testId=29299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6441]
-
-testId=2659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6442]
-
-testId=19011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6443]
-
-testId=10851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6444]
-
-testId=27235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6445]
-
-testId=6739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6446]
-
-testId=23139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6447]
-
-testId=14947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6448]
-
-testId=31347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6449]
-
-testId=1635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6450]
-
-testId=18003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6451]
-
-testId=9827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6452]
-
-testId=26179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6453]
-
-testId=5747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6454]
-
-testId=22115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6455]
-
-testId=13891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6456]
-
-testId=30323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6457]
-
-testId=3651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6458]
-
-testId=20051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6459]
-
-testId=11891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6460]
-
-testId=28243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6461]
-
-testId=7763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6462]
-
-testId=24147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6463]
-
-testId=15939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6464]
-
-testId=32323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6465]
-
-testId=371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6466]
-
-testId=16755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6467]
-
-testId=8531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6468]
-
-testId=24899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6469]
-
-testId=4467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6470]
-
-testId=20803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6471]
-
-testId=12643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6472]
-
-testId=29011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6473]
-
-testId=2403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6474]
-
-testId=18771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6475]
-
-testId=10579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6476]
-
-testId=26963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6477]
-
-testId=6483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6478]
-
-testId=22851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6479]
-
-testId=14691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6480]
-
-testId=31075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6481]
-
-testId=1395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6482]
-
-testId=17731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6483]
-
-testId=9571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6484]
-
-testId=25955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6485]
-
-testId=5475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6486]
-
-testId=21859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6487]
-
-testId=13667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6488]
-
-testId=30067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6489]
-
-testId=3443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6490]
-
-testId=19795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6491]
-
-testId=11587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6492]
-
-testId=28003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6493]
-
-testId=7491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6494]
-
-testId=23923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6495]
-
-testId=15683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6496]
-
-testId=32115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6497]
-
-testId=883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6498]
-
-testId=17219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6499]
-
-testId=9043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6500]
-
-testId=25427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6501]
-
-testId=4963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6502]
-
-testId=21347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6503]
-
-testId=13155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6504]
-
-testId=29539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6505]
-
-testId=2915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6506]
-
-testId=19283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6507]
-
-testId=11091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6508]
-
-testId=27491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6509]
-
-testId=6995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6510]
-
-testId=23411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6511]
-
-testId=15203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6512]
-
-testId=31571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6513]
-
-testId=1875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6514]
-
-testId=18243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6515]
-
-testId=10099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6516]
-
-testId=26483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6517]
-
-testId=5987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6518]
-
-testId=22339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6519]
-
-testId=14179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6520]
-
-testId=30579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6521]
-
-testId=3907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6522]
-
-testId=20339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6523]
-
-testId=12147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6524]
-
-testId=28499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6525]
-
-testId=8003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6526]
-
-testId=24403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6527]
-
-testId=16227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6528]
-
-testId=32579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6529]
-
-testId=211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6530]
-
-testId=16595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6531]
-
-testId=8387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6532]
-
-testId=24771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6533]
-
-testId=4323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6534]
-
-testId=20691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6535]
-
-testId=12483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6536]
-
-testId=28867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6537]
-
-testId=2291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6538]
-
-testId=18675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6539]
-
-testId=10451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6540]
-
-testId=26851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6541]
-
-testId=6371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6542]
-
-testId=22739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6543]
-
-testId=14531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6544]
-
-testId=30947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6545]
-
-testId=1267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6546]
-
-testId=17603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6547]
-
-testId=9459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6548]
-
-testId=25811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6549]
-
-testId=5347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6550]
-
-testId=21747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6551]
-
-testId=13507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6552]
-
-testId=29891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6553]
-
-testId=3267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6554]
-
-testId=19699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6555]
-
-testId=11459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6556]
-
-testId=27891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6557]
-
-testId=7379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6558]
-
-testId=23763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6559]
-
-testId=15571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6560]
-
-testId=31955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6561]
-
-testId=707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6562]
-
-testId=17091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6563]
-
-testId=8899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6564]
-
-testId=25331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6565]
-
-testId=4819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6566]
-
-testId=21187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6567]
-
-testId=13011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6568]
-
-testId=29379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6569]
-
-testId=2755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6570]
-
-testId=19155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6571]
-
-testId=10963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6572]
-
-testId=27347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6573]
-
-testId=6867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6574]
-
-testId=23283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6575]
-
-testId=15043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6576]
-
-testId=31459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6577]
-
-testId=1779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6578]
-
-testId=18131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6579]
-
-testId=9923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6580]
-
-testId=26339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6581]
-
-testId=5827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6582]
-
-testId=22259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6583]
-
-testId=14035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6584]
-
-testId=30435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6585]
-
-testId=3795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6586]
-
-testId=20163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6587]
-
-testId=12003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6588]
-
-testId=28371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6589]
-
-testId=7923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6590]
-
-testId=24275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6591]
-
-testId=16067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6592]
-
-testId=32467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6593]
-
-testId=467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6594]
-
-testId=16867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6595]
-
-testId=8659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6596]
-
-testId=25043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6597]
-
-testId=4563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6598]
-
-testId=20947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6599]
-
-testId=12739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6600]
-
-testId=29139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6601]
-
-testId=2515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6602]
-
-testId=18899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6603]
-
-testId=10723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6604]
-
-testId=27075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6605]
-
-testId=6611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6606]
-
-testId=23027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6607]
-
-testId=14803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6608]
-
-testId=31171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6609]
-
-testId=1491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6610]
-
-testId=17859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6611]
-
-testId=9667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6612]
-
-testId=26051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6613]
-
-testId=5603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6614]
-
-testId=21971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6615]
-
-testId=13795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6616]
-
-testId=30179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6617]
-
-testId=3523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6618]
-
-testId=19923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6619]
-
-testId=11747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6620]
-
-testId=28147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6621]
-
-testId=7651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6622]
-
-testId=24035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6623]
-
-testId=15827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6624]
-
-testId=32243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6625]
-
-testId=979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6626]
-
-testId=17363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6627]
-
-testId=9171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6628]
-
-testId=25571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6629]
-
-testId=5107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6630]
-
-testId=21459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6631]
-
-testId=13251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6632]
-
-testId=29667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6633]
-
-testId=3059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6634]
-
-testId=19443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6635]
-
-testId=11235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6636]
-
-testId=27587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6637]
-
-testId=7155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6638]
-
-testId=23491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6639]
-
-testId=15299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6640]
-
-testId=31683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6641]
-
-testId=2035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6642]
-
-testId=18419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6643]
-
-testId=10179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6644]
-
-testId=26563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6645]
-
-testId=6099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6646]
-
-testId=22483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6647]
-
-testId=14275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6648]
-
-testId=30675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6649]
-
-testId=4067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6650]
-
-testId=20419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6651]
-
-testId=12259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6652]
-
-testId=28659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6653]
-
-testId=8131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6654]
-
-testId=24531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6655]
-
-testId=16323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6656]
-
-testId=32723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6657]
-
-testId=59
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6658]
-
-testId=16427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6659]
-
-testId=8251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6660]
-
-testId=24619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6661]
-
-testId=4107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6662]
-
-testId=20539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6663]
-
-testId=12315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6664]
-
-testId=28699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6665]
-
-testId=2091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6666]
-
-testId=18491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6667]
-
-testId=10299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6668]
-
-testId=26667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6669]
-
-testId=6187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6670]
-
-testId=22539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6671]
-
-testId=14395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6672]
-
-testId=30747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6673]
-
-testId=1035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6674]
-
-testId=17435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6675]
-
-testId=9243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6676]
-
-testId=25611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6677]
-
-testId=5147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6678]
-
-testId=21515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6679]
-
-testId=13339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6680]
-
-testId=29755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6681]
-
-testId=3083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6682]
-
-testId=19467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6683]
-
-testId=11307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6684]
-
-testId=27707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6685]
-
-testId=7211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6686]
-
-testId=23595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6687]
-
-testId=15403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6688]
-
-testId=31803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6689]
-
-testId=555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6690]
-
-testId=16955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6691]
-
-testId=8731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6692]
-
-testId=25115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6693]
-
-testId=4635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6694]
-
-testId=21019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6695]
-
-testId=12811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6696]
-
-testId=29211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6697]
-
-testId=2619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6698]
-
-testId=18987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6699]
-
-testId=10811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6700]
-
-testId=27179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6701]
-
-testId=6667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6702]
-
-testId=23067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6703]
-
-testId=14907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6704]
-
-testId=31243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6705]
-
-testId=1579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6706]
-
-testId=17979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6707]
-
-testId=9739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6708]
-
-testId=26123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6709]
-
-testId=5659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6710]
-
-testId=22043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6711]
-
-testId=13883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6712]
-
-testId=30267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6713]
-
-testId=3611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6714]
-
-testId=20027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6715]
-
-testId=11835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6716]
-
-testId=28171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6717]
-
-testId=7739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6718]
-
-testId=24075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6719]
-
-testId=15915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6720]
-
-testId=32315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6721]
-
-testId=267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6722]
-
-testId=16699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6723]
-
-testId=8507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6724]
-
-testId=24875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6725]
-
-testId=4379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6726]
-
-testId=20747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6727]
-
-testId=12555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6728]
-
-testId=28939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6729]
-
-testId=2315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6730]
-
-testId=18699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6731]
-
-testId=10539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6732]
-
-testId=26891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6733]
-
-testId=6411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6734]
-
-testId=22795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6735]
-
-testId=14603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6736]
-
-testId=31003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6737]
-
-testId=1323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6738]
-
-testId=17675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6739]
-
-testId=9483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6740]
-
-testId=25915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6741]
-
-testId=5435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6742]
-
-testId=21771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6743]
-
-testId=13595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6744]
-
-testId=29963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6745]
-
-testId=3355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6746]
-
-testId=19771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6747]
-
-testId=11547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6748]
-
-testId=27963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6749]
-
-testId=7435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6750]
-
-testId=23867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6751]
-
-testId=15659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6752]
-
-testId=32043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6753]
-
-testId=795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6754]
-
-testId=17195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6755]
-
-testId=8971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6756]
-
-testId=25371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6757]
-
-testId=4875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6758]
-
-testId=21291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6759]
-
-testId=13115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6760]
-
-testId=29451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6761]
-
-testId=2875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6762]
-
-testId=19227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6763]
-
-testId=11019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6764]
-
-testId=27403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6765]
-
-testId=6923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6766]
-
-testId=23355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6767]
-
-testId=15147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6768]
-
-testId=31515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6769]
-
-testId=1835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6770]
-
-testId=18203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6771]
-
-testId=10011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6772]
-
-testId=26395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6773]
-
-testId=5915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6774]
-
-testId=22315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6775]
-
-testId=14107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6776]
-
-testId=30475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6777]
-
-testId=3883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6778]
-
-testId=20251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6779]
-
-testId=12059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6780]
-
-testId=28427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6781]
-
-testId=7963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6782]
-
-testId=24347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6783]
-
-testId=16155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6784]
-
-testId=32571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6785]
-
-testId=171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6786]
-
-testId=16523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6787]
-
-testId=8379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6788]
-
-testId=24747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6789]
-
-testId=4267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6790]
-
-testId=20651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6791]
-
-testId=12459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6792]
-
-testId=28843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6793]
-
-testId=2187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6794]
-
-testId=18619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6795]
-
-testId=10379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6796]
-
-testId=26779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6797]
-
-testId=6299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6798]
-
-testId=22683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6799]
-
-testId=14523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6800]
-
-testId=30875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6801]
-
-testId=1179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6802]
-
-testId=17547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6803]
-
-testId=9387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6804]
-
-testId=25739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6805]
-
-testId=5307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6806]
-
-testId=21659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6807]
-
-testId=13451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6808]
-
-testId=29867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6809]
-
-testId=3243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6810]
-
-testId=19627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6811]
-
-testId=11435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6812]
-
-testId=27819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6813]
-
-testId=7339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6814]
-
-testId=23707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6815]
-
-testId=15531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6816]
-
-testId=31931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6817]
-
-testId=667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6818]
-
-testId=17083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6819]
-
-testId=8843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6820]
-
-testId=25259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6821]
-
-testId=4763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6822]
-
-testId=21179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6823]
-
-testId=12971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6824]
-
-testId=29323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6825]
-
-testId=2747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6826]
-
-testId=19131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6827]
-
-testId=10923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6828]
-
-testId=27291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6829]
-
-testId=6827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6830]
-
-testId=23227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6831]
-
-testId=15035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6832]
-
-testId=31403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6833]
-
-testId=1723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6834]
-
-testId=18059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6835]
-
-testId=9915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6836]
-
-testId=26267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6837]
-
-testId=5787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6838]
-
-testId=22187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6839]
-
-testId=14011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6840]
-
-testId=30347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6841]
-
-testId=3723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6842]
-
-testId=20107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6843]
-
-testId=11947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6844]
-
-testId=28315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6845]
-
-testId=7851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6846]
-
-testId=24219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6847]
-
-testId=16043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6848]
-
-testId=32427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6849]
-
-testId=427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6850]
-
-testId=16779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6851]
-
-testId=8619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6852]
-
-testId=24971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6853]
-
-testId=4539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6854]
-
-testId=20907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6855]
-
-testId=12683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6856]
-
-testId=29067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6857]
-
-testId=2475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6858]
-
-testId=18875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6859]
-
-testId=10651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6860]
-
-testId=27051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6861]
-
-testId=6539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6862]
-
-testId=22923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6863]
-
-testId=14763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6864]
-
-testId=31147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6865]
-
-testId=1419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6866]
-
-testId=17819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6867]
-
-testId=9611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6868]
-
-testId=26027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6869]
-
-testId=5547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6870]
-
-testId=21915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6871]
-
-testId=13723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6872]
-
-testId=30107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6873]
-
-testId=3483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6874]
-
-testId=19899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6875]
-
-testId=11675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6876]
-
-testId=28059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6877]
-
-testId=7595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6878]
-
-testId=23995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6879]
-
-testId=15755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6880]
-
-testId=32139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6881]
-
-testId=939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6882]
-
-testId=17323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6883]
-
-testId=9131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6884]
-
-testId=25499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6885]
-
-testId=5003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6886]
-
-testId=21387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6887]
-
-testId=13195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6888]
-
-testId=29579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6889]
-
-testId=2987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6890]
-
-testId=19339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6891]
-
-testId=11163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6892]
-
-testId=27547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6893]
-
-testId=7067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6894]
-
-testId=23451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6895]
-
-testId=15243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6896]
-
-testId=31675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6897]
-
-testId=1979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6898]
-
-testId=18363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6899]
-
-testId=10139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6900]
-
-testId=26523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6901]
-
-testId=6043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6902]
-
-testId=22443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6903]
-
-testId=14267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6904]
-
-testId=30603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6905]
-
-testId=4027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6906]
-
-testId=20363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6907]
-
-testId=12187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6908]
-
-testId=28555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6909]
-
-testId=8107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6910]
-
-testId=24491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6911]
-
-testId=16299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6912]
-
-testId=32683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6913]
-
-testId=107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6914]
-
-testId=16491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6915]
-
-testId=8315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6916]
-
-testId=24667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6917]
-
-testId=4219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6918]
-
-testId=20587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6919]
-
-testId=12379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6920]
-
-testId=28779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6921]
-
-testId=2155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6922]
-
-testId=18507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6923]
-
-testId=10315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6924]
-
-testId=26715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6925]
-
-testId=6251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6926]
-
-testId=22635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6927]
-
-testId=14427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6928]
-
-testId=30827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6929]
-
-testId=1099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6930]
-
-testId=17531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6931]
-
-testId=9291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6932]
-
-testId=25723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6933]
-
-testId=5227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6934]
-
-testId=21627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6935]
-
-testId=13403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6936]
-
-testId=29819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6937]
-
-testId=3179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6938]
-
-testId=19531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6939]
-
-testId=11387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6940]
-
-testId=27771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6941]
-
-testId=7275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6942]
-
-testId=23659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6943]
-
-testId=15451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6944]
-
-testId=31867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6945]
-
-testId=603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6946]
-
-testId=16971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6947]
-
-testId=8779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6948]
-
-testId=25179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6949]
-
-testId=4715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6950]
-
-testId=21099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6951]
-
-testId=12891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6952]
-
-testId=29307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6953]
-
-testId=2667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6954]
-
-testId=19067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6955]
-
-testId=10843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6956]
-
-testId=27259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6957]
-
-testId=6779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6958]
-
-testId=23163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6959]
-
-testId=14955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6960]
-
-testId=31355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6961]
-
-testId=1643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6962]
-
-testId=18011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6963]
-
-testId=9851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6964]
-
-testId=26187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6965]
-
-testId=5707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6966]
-
-testId=22123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6967]
-
-testId=13915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6968]
-
-testId=30283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6969]
-
-testId=3659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6970]
-
-testId=20075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6971]
-
-testId=11851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6972]
-
-testId=28267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6973]
-
-testId=7787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6974]
-
-testId=24139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6975]
-
-testId=15995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6976]
-
-testId=32363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6977]
-
-testId=331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6978]
-
-testId=16747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6979]
-
-testId=8571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6980]
-
-testId=24955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6981]
-
-testId=4427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6982]
-
-testId=20859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6983]
-
-testId=12619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6984]
-
-testId=29003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6985]
-
-testId=2427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6986]
-
-testId=18795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6987]
-
-testId=10587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6988]
-
-testId=27003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6989]
-
-testId=6523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6990]
-
-testId=22875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6991]
-
-testId=14715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6992]
-
-testId=31051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6993]
-
-testId=1387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6994]
-
-testId=17771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6995]
-
-testId=9547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6996]
-
-testId=25947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6997]
-
-testId=5451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6998]
-
-testId=21835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6999]
-
-testId=13691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7000]
-
-testId=30059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7001]
-
-testId=3435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7002]
-
-testId=19819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7003]
-
-testId=11643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7004]
-
-testId=28027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7005]
-
-testId=7531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7006]
-
-testId=23915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7007]
-
-testId=15691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7008]
-
-testId=32075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7009]
-
-testId=891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7010]
-
-testId=17275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7011]
-
-testId=9067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7012]
-
-testId=25419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7013]
-
-testId=4955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7014]
-
-testId=21339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7015]
-
-testId=13131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7016]
-
-testId=29515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7017]
-
-testId=2907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7018]
-
-testId=19275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7019]
-
-testId=11131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7020]
-
-testId=27483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7021]
-
-testId=7019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7022]
-
-testId=23387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7023]
-
-testId=15195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7024]
-
-testId=31611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7025]
-
-testId=1915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7026]
-
-testId=18251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7027]
-
-testId=10091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7028]
-
-testId=26459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7029]
-
-testId=5963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7030]
-
-testId=22379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7031]
-
-testId=14187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7032]
-
-testId=30555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7033]
-
-testId=3963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7034]
-
-testId=20331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7035]
-
-testId=12107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7036]
-
-testId=28491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7037]
-
-testId=8043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7038]
-
-testId=24395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7039]
-
-testId=16219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7040]
-
-testId=32635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7041]
-
-testId=235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7042]
-
-testId=16603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7043]
-
-testId=8443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7044]
-
-testId=24779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7045]
-
-testId=4347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7046]
-
-testId=20715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7047]
-
-testId=12539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7048]
-
-testId=28891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7049]
-
-testId=2299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7050]
-
-testId=18683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7051]
-
-testId=10475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7052]
-
-testId=26827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7053]
-
-testId=6347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7054]
-
-testId=22747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7055]
-
-testId=14539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7056]
-
-testId=30971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7057]
-
-testId=1243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7058]
-
-testId=17659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7059]
-
-testId=9451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7060]
-
-testId=25835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7061]
-
-testId=5371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7062]
-
-testId=21755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7063]
-
-testId=13515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7064]
-
-testId=29931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7065]
-
-testId=3291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7066]
-
-testId=19675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7067]
-
-testId=11515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7068]
-
-testId=27867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7069]
-
-testId=7371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7070]
-
-testId=23803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7071]
-
-testId=15595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7072]
-
-testId=31947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7073]
-
-testId=747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7074]
-
-testId=17099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7075]
-
-testId=8939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7076]
-
-testId=25323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7077]
-
-testId=4811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7078]
-
-testId=21211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7079]
-
-testId=13003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7080]
-
-testId=29419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7081]
-
-testId=2763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7082]
-
-testId=19147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7083]
-
-testId=10955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7084]
-
-testId=27387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7085]
-
-testId=6875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7086]
-
-testId=23259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7087]
-
-testId=15067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7088]
-
-testId=31467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7089]
-
-testId=1755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7090]
-
-testId=18171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7091]
-
-testId=9963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7092]
-
-testId=26315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7093]
-
-testId=5835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7094]
-
-testId=22219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7095]
-
-testId=14075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7096]
-
-testId=30411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7097]
-
-testId=3803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7098]
-
-testId=20203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7099]
-
-testId=11995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7100]
-
-testId=28411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7101]
-
-testId=7883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7102]
-
-testId=24283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7103]
-
-testId=16075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7104]
-
-testId=32491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7105]
-
-testId=491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7106]
-
-testId=16843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7107]
-
-testId=8651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7108]
-
-testId=25035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7109]
-
-testId=4587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7110]
-
-testId=20971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7111]
-
-testId=12795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7112]
-
-testId=29163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7113]
-
-testId=2523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7114]
-
-testId=18891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7115]
-
-testId=10715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7116]
-
-testId=27115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7117]
-
-testId=6635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7118]
-
-testId=23035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7119]
-
-testId=14811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7120]
-
-testId=31195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7121]
-
-testId=1483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7122]
-
-testId=17899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7123]
-
-testId=9707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7124]
-
-testId=26091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7125]
-
-testId=5627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7126]
-
-testId=22011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7127]
-
-testId=13803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7128]
-
-testId=30203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7129]
-
-testId=3579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7130]
-
-testId=19931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7131]
-
-testId=11755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7132]
-
-testId=28107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7133]
-
-testId=7627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7134]
-
-testId=24027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7135]
-
-testId=15867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7136]
-
-testId=32235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7137]
-
-testId=1003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7138]
-
-testId=17371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7139]
-
-testId=9179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7140]
-
-testId=25595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7141]
-
-testId=5099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7142]
-
-testId=21499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7143]
-
-testId=13307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7144]
-
-testId=29659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7145]
-
-testId=3035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7146]
-
-testId=19451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7147]
-
-testId=11243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7148]
-
-testId=27611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7149]
-
-testId=7131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7150]
-
-testId=23531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7151]
-
-testId=15355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7152]
-
-testId=31707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7153]
-
-testId=2043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7154]
-
-testId=18379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7155]
-
-testId=10219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7156]
-
-testId=26619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7157]
-
-testId=6107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7158]
-
-testId=22475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7159]
-
-testId=14283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7160]
-
-testId=30667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7161]
-
-testId=4075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7162]
-
-testId=20427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7163]
-
-testId=12251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7164]
-
-testId=28667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7165]
-
-testId=8155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7166]
-
-testId=24555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7167]
-
-testId=16331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7168]
-
-testId=32747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7169]
-
-testId=55
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7170]
-
-testId=16423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7171]
-
-testId=8231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7172]
-
-testId=24599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7173]
-
-testId=4135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7174]
-
-testId=20487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7175]
-
-testId=12311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7176]
-
-testId=28711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7177]
-
-testId=2071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7178]
-
-testId=18455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7179]
-
-testId=10279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7180]
-
-testId=26679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7181]
-
-testId=6151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7182]
-
-testId=22551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7183]
-
-testId=14391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7184]
-
-testId=30727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7185]
-
-testId=1079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7186]
-
-testId=17447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7187]
-
-testId=9255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7188]
-
-testId=25607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7189]
-
-testId=5159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7190]
-
-testId=21527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7191]
-
-testId=13335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7192]
-
-testId=29751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7193]
-
-testId=3111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7194]
-
-testId=19463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7195]
-
-testId=11287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7196]
-
-testId=27703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7197]
-
-testId=7175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7198]
-
-testId=23559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7199]
-
-testId=15383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7200]
-
-testId=31783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7201]
-
-testId=567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7202]
-
-testId=16903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7203]
-
-testId=8727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7204]
-
-testId=25111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7205]
-
-testId=4647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7206]
-
-testId=21015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7207]
-
-testId=12807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7208]
-
-testId=29223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7209]
-
-testId=2583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7210]
-
-testId=18999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7211]
-
-testId=10775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7212]
-
-testId=27191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7213]
-
-testId=6663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7214]
-
-testId=23063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7215]
-
-testId=14887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7216]
-
-testId=31255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7217]
-
-testId=1543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7218]
-
-testId=17927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7219]
-
-testId=9783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7220]
-
-testId=26119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7221]
-
-testId=5687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7222]
-
-testId=22071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7223]
-
-testId=13847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7224]
-
-testId=30215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7225]
-
-testId=3623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7226]
-
-testId=20007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7227]
-
-testId=11831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7228]
-
-testId=28183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7229]
-
-testId=7703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7230]
-
-testId=24087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7231]
-
-testId=15927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7232]
-
-testId=32279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7233]
-
-testId=311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7234]
-
-testId=16663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7235]
-
-testId=8471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7236]
-
-testId=24855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7237]
-
-testId=4375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7238]
-
-testId=20743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7239]
-
-testId=12567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7240]
-
-testId=28967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7241]
-
-testId=2343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7242]
-
-testId=18727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7243]
-
-testId=10535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7244]
-
-testId=26903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7245]
-
-testId=6455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7246]
-
-testId=22807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7247]
-
-testId=14615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7248]
-
-testId=31015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7249]
-
-testId=1319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7250]
-
-testId=17719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7251]
-
-testId=9495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7252]
-
-testId=25863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7253]
-
-testId=5431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7254]
-
-testId=21799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7255]
-
-testId=13575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7256]
-
-testId=29991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7257]
-
-testId=3351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7258]
-
-testId=19767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7259]
-
-testId=11575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7260]
-
-testId=27943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7261]
-
-testId=7447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7262]
-
-testId=23863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7263]
-
-testId=15671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7264]
-
-testId=32023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7265]
-
-testId=807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7266]
-
-testId=17175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7267]
-
-testId=8967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7268]
-
-testId=25399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7269]
-
-testId=4903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7270]
-
-testId=21271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7271]
-
-testId=13095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7272]
-
-testId=29447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7273]
-
-testId=2855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7274]
-
-testId=19223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7275]
-
-testId=11063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7276]
-
-testId=27431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7277]
-
-testId=6919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7278]
-
-testId=23335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7279]
-
-testId=15143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7280]
-
-testId=31543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7281]
-
-testId=1799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7282]
-
-testId=18183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7283]
-
-testId=10007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7284]
-
-testId=26423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7285]
-
-testId=5943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7286]
-
-testId=22311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7287]
-
-testId=14087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7288]
-
-testId=30487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7289]
-
-testId=3863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7290]
-
-testId=20231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7291]
-
-testId=12071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7292]
-
-testId=28439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7293]
-
-testId=7959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7294]
-
-testId=24375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7295]
-
-testId=16167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7296]
-
-testId=32551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7297]
-
-testId=183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7298]
-
-testId=16567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7299]
-
-testId=8375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7300]
-
-testId=24743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7301]
-
-testId=4231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7302]
-
-testId=20631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7303]
-
-testId=12423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7304]
-
-testId=28823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7305]
-
-testId=2215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7306]
-
-testId=18599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7307]
-
-testId=10391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7308]
-
-testId=26807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7309]
-
-testId=6311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7310]
-
-testId=22679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7311]
-
-testId=14503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7312]
-
-testId=30887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7313]
-
-testId=1191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7314]
-
-testId=17543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7315]
-
-testId=9351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7316]
-
-testId=25783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7317]
-
-testId=5303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7318]
-
-testId=21671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7319]
-
-testId=13463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7320]
-
-testId=29863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7321]
-
-testId=3255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7322]
-
-testId=19623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7323]
-
-testId=11447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7324]
-
-testId=27799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7325]
-
-testId=7335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7326]
-
-testId=23735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7327]
-
-testId=15511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7328]
-
-testId=31895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7329]
-
-testId=679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7330]
-
-testId=17079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7331]
-
-testId=8871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7332]
-
-testId=25255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7333]
-
-testId=4759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7334]
-
-testId=21175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7335]
-
-testId=12951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7336]
-
-testId=29367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7337]
-
-testId=2727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7338]
-
-testId=19095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7339]
-
-testId=10887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7340]
-
-testId=27303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7341]
-
-testId=6823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7342]
-
-testId=23175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7343]
-
-testId=15015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7344]
-
-testId=31415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7345]
-
-testId=1671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7346]
-
-testId=18103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7347]
-
-testId=9911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7348]
-
-testId=26279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7349]
-
-testId=5799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7350]
-
-testId=22151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7351]
-
-testId=14007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7352]
-
-testId=30391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7353]
-
-testId=3719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7354]
-
-testId=20135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7355]
-
-testId=11943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7356]
-
-testId=28327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7357]
-
-testId=7831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7358]
-
-testId=24199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7359]
-
-testId=16055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7360]
-
-testId=32391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7361]
-
-testId=439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7362]
-
-testId=16823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7363]
-
-testId=8631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7364]
-
-testId=24983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7365]
-
-testId=4503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7366]
-
-testId=20887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7367]
-
-testId=12711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7368]
-
-testId=29111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7369]
-
-testId=2455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7370]
-
-testId=18823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7371]
-
-testId=10679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7372]
-
-testId=27031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7373]
-
-testId=6583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7374]
-
-testId=22919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7375]
-
-testId=14743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7376]
-
-testId=31111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7377]
-
-testId=1415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7378]
-
-testId=17815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7379]
-
-testId=9623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7380]
-
-testId=26007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7381]
-
-testId=5559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7382]
-
-testId=21927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7383]
-
-testId=13751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7384]
-
-testId=30103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7385]
-
-testId=3495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7386]
-
-testId=19879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7387]
-
-testId=11703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7388]
-
-testId=28055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7389]
-
-testId=7591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7390]
-
-testId=23943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7391]
-
-testId=15783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7392]
-
-testId=32151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7393]
-
-testId=919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7394]
-
-testId=17319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7395]
-
-testId=9111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7396]
-
-testId=25479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7397]
-
-testId=5047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7398]
-
-testId=21415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7399]
-
-testId=13207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7400]
-
-testId=29607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7401]
-
-testId=2967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7402]
-
-testId=19335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7403]
-
-testId=11175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7404]
-
-testId=27559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7405]
-
-testId=7063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7406]
-
-testId=23431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7407]
-
-testId=15271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7408]
-
-testId=31655
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7409]
-
-testId=1975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7410]
-
-testId=18343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7411]
-
-testId=10135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7412]
-
-testId=26551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7413]
-
-testId=6039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7414]
-
-testId=22407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7415]
-
-testId=14231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7416]
-
-testId=30631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7417]
-
-testId=4007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7418]
-
-testId=20359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7419]
-
-testId=12183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7420]
-
-testId=28599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7421]
-
-testId=8087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7422]
-
-testId=24487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7423]
-
-testId=16295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7424]
-
-testId=32647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7425]
-
-testId=87
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7426]
-
-testId=16503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7427]
-
-testId=8295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7428]
-
-testId=24695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7429]
-
-testId=4215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7430]
-
-testId=20599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7431]
-
-testId=12391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7432]
-
-testId=28759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7433]
-
-testId=2135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7434]
-
-testId=18503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7435]
-
-testId=10327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7436]
-
-testId=26711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7437]
-
-testId=6215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7438]
-
-testId=22615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7439]
-
-testId=14423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7440]
-
-testId=30823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7441]
-
-testId=1095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7442]
-
-testId=17511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7443]
-
-testId=9319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7444]
-
-testId=25671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7445]
-
-testId=5207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7446]
-
-testId=21623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7447]
-
-testId=13383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7448]
-
-testId=29783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7449]
-
-testId=3191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7450]
-
-testId=19559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7451]
-
-testId=11335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7452]
-
-testId=27719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7453]
-
-testId=7255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7454]
-
-testId=23671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7455]
-
-testId=15479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7456]
-
-testId=31831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7457]
-
-testId=631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7458]
-
-testId=16983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7459]
-
-testId=8823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7460]
-
-testId=25175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7461]
-
-testId=4695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7462]
-
-testId=21111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7463]
-
-testId=12887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7464]
-
-testId=29303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7465]
-
-testId=2631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7466]
-
-testId=19015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7467]
-
-testId=10823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7468]
-
-testId=27255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7469]
-
-testId=6727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7470]
-
-testId=23127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7471]
-
-testId=14935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7472]
-
-testId=31335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7473]
-
-testId=1607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7474]
-
-testId=17991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7475]
-
-testId=9799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7476]
-
-testId=26231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7477]
-
-testId=5719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7478]
-
-testId=22087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7479]
-
-testId=13943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7480]
-
-testId=30279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7481]
-
-testId=3703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7482]
-
-testId=20039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7483]
-
-testId=11879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7484]
-
-testId=28263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7485]
-
-testId=7751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7486]
-
-testId=24167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7487]
-
-testId=15943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7488]
-
-testId=32375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7489]
-
-testId=359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7490]
-
-testId=16743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7491]
-
-testId=8567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7492]
-
-testId=24935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7493]
-
-testId=4455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7494]
-
-testId=20807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7495]
-
-testId=12663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7496]
-
-testId=28999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7497]
-
-testId=2407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7498]
-
-testId=18775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7499]
-
-testId=10583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7500]
-
-testId=26951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7501]
-
-testId=6487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7502]
-
-testId=22855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7503]
-
-testId=14695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7504]
-
-testId=31047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7505]
-
-testId=1367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7506]
-
-testId=17735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7507]
-
-testId=9575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7508]
-
-testId=25975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7509]
-
-testId=5447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7510]
-
-testId=21831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7511]
-
-testId=13687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7512]
-
-testId=30055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7513]
-
-testId=3415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7514]
-
-testId=19815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7515]
-
-testId=11639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7516]
-
-testId=28023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7517]
-
-testId=7511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7518]
-
-testId=23927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7519]
-
-testId=15703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7520]
-
-testId=32119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7521]
-
-testId=887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7522]
-
-testId=17239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7523]
-
-testId=9079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7524]
-
-testId=25431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7525]
-
-testId=4967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7526]
-
-testId=21367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7527]
-
-testId=13175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7528]
-
-testId=29527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7529]
-
-testId=2903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7530]
-
-testId=19303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7531]
-
-testId=11079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7532]
-
-testId=27479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7533]
-
-testId=7031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7534]
-
-testId=23383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7535]
-
-testId=15207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7536]
-
-testId=31559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7537]
-
-testId=1879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7538]
-
-testId=18247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7539]
-
-testId=10103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7540]
-
-testId=26471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7541]
-
-testId=5959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7542]
-
-testId=22359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7543]
-
-testId=14151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7544]
-
-testId=30567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7545]
-
-testId=3959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7546]
-
-testId=20295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7547]
-
-testId=12135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7548]
-
-testId=28535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7549]
-
-testId=8007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7550]
-
-testId=24423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7551]
-
-testId=16231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7552]
-
-testId=32631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7553]
-
-testId=215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7554]
-
-testId=16583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7555]
-
-testId=8439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7556]
-
-testId=24823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7557]
-
-testId=4295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7558]
-
-testId=20711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7559]
-
-testId=12487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7560]
-
-testId=28903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7561]
-
-testId=2279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7562]
-
-testId=18679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7563]
-
-testId=10455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7564]
-
-testId=26839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7565]
-
-testId=6391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7566]
-
-testId=22743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7567]
-
-testId=14583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7568]
-
-testId=30967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7569]
-
-testId=1223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7570]
-
-testId=17607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7571]
-
-testId=9463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7572]
-
-testId=25815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7573]
-
-testId=5351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7574]
-
-testId=21751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7575]
-
-testId=13559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7576]
-
-testId=29895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7577]
-
-testId=3287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7578]
-
-testId=19671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7579]
-
-testId=11479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7580]
-
-testId=27847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7581]
-
-testId=7399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7582]
-
-testId=23799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7583]
-
-testId=15607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7584]
-
-testId=31959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7585]
-
-testId=727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7586]
-
-testId=17127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7587]
-
-testId=8951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7588]
-
-testId=25287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7589]
-
-testId=4855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7590]
-
-testId=21223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7591]
-
-testId=13015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7592]
-
-testId=29431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7593]
-
-testId=2775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7594]
-
-testId=19159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7595]
-
-testId=10983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7596]
-
-testId=27367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7597]
-
-testId=6903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7598]
-
-testId=23255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7599]
-
-testId=15063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7600]
-
-testId=31479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7601]
-
-testId=1783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7602]
-
-testId=18119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7603]
-
-testId=9975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7604]
-
-testId=26359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7605]
-
-testId=5863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7606]
-
-testId=22215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7607]
-
-testId=14023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7608]
-
-testId=30407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7609]
-
-testId=3831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7610]
-
-testId=20199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7611]
-
-testId=11991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7612]
-
-testId=28359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7613]
-
-testId=7911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7614]
-
-testId=24311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7615]
-
-testId=16087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7616]
-
-testId=32455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7617]
-
-testId=503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7618]
-
-testId=16871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7619]
-
-testId=8663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7620]
-
-testId=25063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7621]
-
-testId=4551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7622]
-
-testId=20983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7623]
-
-testId=12791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7624]
-
-testId=29159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7625]
-
-testId=2503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7626]
-
-testId=18935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7627]
-
-testId=10695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7628]
-
-testId=27095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7629]
-
-testId=6631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7630]
-
-testId=23015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7631]
-
-testId=14807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7632]
-
-testId=31191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7633]
-
-testId=1511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7634]
-
-testId=17879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7635]
-
-testId=9703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7636]
-
-testId=26055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7637]
-
-testId=5607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7638]
-
-testId=21975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7639]
-
-testId=13815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7640]
-
-testId=30167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7641]
-
-testId=3527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7642]
-
-testId=19959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7643]
-
-testId=11719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7644]
-
-testId=28151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7645]
-
-testId=7639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7646]
-
-testId=24007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7647]
-
-testId=15863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7648]
-
-testId=32231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7649]
-
-testId=1015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7650]
-
-testId=17367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7651]
-
-testId=9207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7652]
-
-testId=25543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7653]
-
-testId=5079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7654]
-
-testId=21479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7655]
-
-testId=13271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7656]
-
-testId=29687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7657]
-
-testId=3047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7658]
-
-testId=19415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7659]
-
-testId=11207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7660]
-
-testId=27623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7661]
-
-testId=7143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7662]
-
-testId=23543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7663]
-
-testId=15335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7664]
-
-testId=31735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7665]
-
-testId=2007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7666]
-
-testId=18407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7667]
-
-testId=10215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7668]
-
-testId=26567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7669]
-
-testId=6103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7670]
-
-testId=22487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7671]
-
-testId=14327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7672]
-
-testId=30711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7673]
-
-testId=4055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7674]
-
-testId=20439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7675]
-
-testId=12263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7676]
-
-testId=28663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7677]
-
-testId=8183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7678]
-
-testId=24567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7679]
-
-testId=16359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7680]
-
-testId=32743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7681]
-
-testId=15
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7682]
-
-testId=16447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7683]
-
-testId=8207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7684]
-
-testId=24623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7685]
-
-testId=4127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7686]
-
-testId=20511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7687]
-
-testId=12319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7688]
-
-testId=28687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7689]
-
-testId=2111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7690]
-
-testId=18463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7691]
-
-testId=10255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7692]
-
-testId=26687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7693]
-
-testId=6207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7694]
-
-testId=22559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7695]
-
-testId=14351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7696]
-
-testId=30735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7697]
-
-testId=1055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7698]
-
-testId=17439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7699]
-
-testId=9247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7700]
-
-testId=25631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7701]
-
-testId=5151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7702]
-
-testId=21535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7703]
-
-testId=13343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7704]
-
-testId=29759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7705]
-
-testId=3135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7706]
-
-testId=19487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7707]
-
-testId=11279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7708]
-
-testId=27711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7709]
-
-testId=7183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7710]
-
-testId=23615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7711]
-
-testId=15391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7712]
-
-testId=31775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7713]
-
-testId=575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7714]
-
-testId=16927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7715]
-
-testId=8751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7716]
-
-testId=25135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7717]
-
-testId=4671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7718]
-
-testId=21007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7719]
-
-testId=12847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7720]
-
-testId=29247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7721]
-
-testId=2591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7722]
-
-testId=18991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7723]
-
-testId=10783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7724]
-
-testId=27151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7725]
-
-testId=6671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7726]
-
-testId=23087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7727]
-
-testId=14911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7728]
-
-testId=31247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7729]
-
-testId=1583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7730]
-
-testId=17951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7731]
-
-testId=9759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7732]
-
-testId=26143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7733]
-
-testId=5663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7734]
-
-testId=22031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7735]
-
-testId=13871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7736]
-
-testId=30271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7737]
-
-testId=3615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7738]
-
-testId=20015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7739]
-
-testId=11839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7740]
-
-testId=28191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7741]
-
-testId=7711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7742]
-
-testId=24079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7743]
-
-testId=15935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7744]
-
-testId=32319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7745]
-
-testId=319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7746]
-
-testId=16671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7747]
-
-testId=8495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7748]
-
-testId=24863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7749]
-
-testId=4383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7750]
-
-testId=20751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7751]
-
-testId=12575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7752]
-
-testId=28991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7753]
-
-testId=2319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7754]
-
-testId=18719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7755]
-
-testId=10559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7756]
-
-testId=26927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7757]
-
-testId=6431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7758]
-
-testId=22799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7759]
-
-testId=14639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7760]
-
-testId=31023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7761]
-
-testId=1311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7762]
-
-testId=17711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7763]
-
-testId=9535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7764]
-
-testId=25887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7765]
-
-testId=5391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7766]
-
-testId=21807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7767]
-
-testId=13583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7768]
-
-testId=29999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7769]
-
-testId=3391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7770]
-
-testId=19775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7771]
-
-testId=11567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7772]
-
-testId=27951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7773]
-
-testId=7439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7774]
-
-testId=23871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7775]
-
-testId=15631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7776]
-
-testId=32015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7777]
-
-testId=799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7778]
-
-testId=17215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7779]
-
-testId=9007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7780]
-
-testId=25391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7781]
-
-testId=4895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7782]
-
-testId=21295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7783]
-
-testId=13071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7784]
-
-testId=29503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7785]
-
-testId=2847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7786]
-
-testId=19231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7787]
-
-testId=11055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7788]
-
-testId=27407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7789]
-
-testId=6959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7790]
-
-testId=23359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7791]
-
-testId=15151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7792]
-
-testId=31551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7793]
-
-testId=1807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7794]
-
-testId=18207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7795]
-
-testId=10031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7796]
-
-testId=26431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7797]
-
-testId=5903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7798]
-
-testId=22303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7799]
-
-testId=14143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7800]
-
-testId=30495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7801]
-
-testId=3871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7802]
-
-testId=20287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7803]
-
-testId=12079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7804]
-
-testId=28431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7805]
-
-testId=7951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7806]
-
-testId=24351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7807]
-
-testId=16143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7808]
-
-testId=32527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7809]
-
-testId=191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7810]
-
-testId=16527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7811]
-
-testId=8383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7812]
-
-testId=24751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7813]
-
-testId=4239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7814]
-
-testId=20623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7815]
-
-testId=12463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7816]
-
-testId=28863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7817]
-
-testId=2223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7818]
-
-testId=18575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7819]
-
-testId=10431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7820]
-
-testId=26799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7821]
-
-testId=6287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7822]
-
-testId=22671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7823]
-
-testId=14527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7824]
-
-testId=30879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7825]
-
-testId=1199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7826]
-
-testId=17551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7827]
-
-testId=9375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7828]
-
-testId=25791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7829]
-
-testId=5279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7830]
-
-testId=21647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7831]
-
-testId=13503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7832]
-
-testId=29855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7833]
-
-testId=3215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7834]
-
-testId=19647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7835]
-
-testId=11439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7836]
-
-testId=27823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7837]
-
-testId=7327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7838]
-
-testId=23711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7839]
-
-testId=15551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7840]
-
-testId=31919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7841]
-
-testId=687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7842]
-
-testId=17087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7843]
-
-testId=8847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7844]
-
-testId=25263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7845]
-
-testId=4783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7846]
-
-testId=21183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7847]
-
-testId=12991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7848]
-
-testId=29359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7849]
-
-testId=2735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7850]
-
-testId=19135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7851]
-
-testId=10927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7852]
-
-testId=27295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7853]
-
-testId=6799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7854]
-
-testId=23183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7855]
-
-testId=15007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7856]
-
-testId=31391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7857]
-
-testId=1695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7858]
-
-testId=18063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7859]
-
-testId=9919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7860]
-
-testId=26271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7861]
-
-testId=5775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7862]
-
-testId=22159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7863]
-
-testId=13999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7864]
-
-testId=30351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7865]
-
-testId=3759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7866]
-
-testId=20127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7867]
-
-testId=11951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7868]
-
-testId=28351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7869]
-
-testId=7823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7870]
-
-testId=24255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7871]
-
-testId=16047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7872]
-
-testId=32415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7873]
-
-testId=415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7874]
-
-testId=16815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7875]
-
-testId=8607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7876]
-
-testId=25023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7877]
-
-testId=4543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7878]
-
-testId=20911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7879]
-
-testId=12687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7880]
-
-testId=29071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7881]
-
-testId=2447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7882]
-
-testId=18831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7883]
-
-testId=10687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7884]
-
-testId=27023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7885]
-
-testId=6591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7886]
-
-testId=22975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7887]
-
-testId=14735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7888]
-
-testId=31151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7889]
-
-testId=1455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7890]
-
-testId=17855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7891]
-
-testId=9663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7892]
-
-testId=26031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7893]
-
-testId=5551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7894]
-
-testId=21935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7895]
-
-testId=13711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7896]
-
-testId=30111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7897]
-
-testId=3519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7898]
-
-testId=19871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7899]
-
-testId=11663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7900]
-
-testId=28063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7901]
-
-testId=7615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7902]
-
-testId=23951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7903]
-
-testId=15759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7904]
-
-testId=32191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7905]
-
-testId=943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7906]
-
-testId=17327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7907]
-
-testId=9119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7908]
-
-testId=25519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7909]
-
-testId=5055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7910]
-
-testId=21391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7911]
-
-testId=13247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7912]
-
-testId=29583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7913]
-
-testId=3007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7914]
-
-testId=19391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7915]
-
-testId=11167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7916]
-
-testId=27551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7917]
-
-testId=7071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7918]
-
-testId=23487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7919]
-
-testId=15247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7920]
-
-testId=31647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7921]
-
-testId=1983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7922]
-
-testId=18351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7923]
-
-testId=10127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7924]
-
-testId=26559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7925]
-
-testId=6031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7926]
-
-testId=22447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7927]
-
-testId=14223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7928]
-
-testId=30607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7929]
-
-testId=3983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7930]
-
-testId=20367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7931]
-
-testId=12191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7932]
-
-testId=28591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7933]
-
-testId=8079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7934]
-
-testId=24463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7935]
-
-testId=16287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7936]
-
-testId=32671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7937]
-
-testId=79
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7938]
-
-testId=16495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7939]
-
-testId=8271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7940]
-
-testId=24671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7941]
-
-testId=4207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7942]
-
-testId=20575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7943]
-
-testId=12383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7944]
-
-testId=28783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7945]
-
-testId=2143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7946]
-
-testId=18511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7947]
-
-testId=10335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7948]
-
-testId=26751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7949]
-
-testId=6239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7950]
-
-testId=22639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7951]
-
-testId=14415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7952]
-
-testId=30815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7953]
-
-testId=1103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7954]
-
-testId=17487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7955]
-
-testId=9343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7956]
-
-testId=25711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7957]
-
-testId=5215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7958]
-
-testId=21615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7959]
-
-testId=13439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7960]
-
-testId=29807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7961]
-
-testId=3183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7962]
-
-testId=19583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7963]
-
-testId=11343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7964]
-
-testId=27759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7965]
-
-testId=7263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7966]
-
-testId=23663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7967]
-
-testId=15455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7968]
-
-testId=31855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7969]
-
-testId=623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7970]
-
-testId=16991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7971]
-
-testId=8815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7972]
-
-testId=25215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7973]
-
-testId=4703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7974]
-
-testId=21087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7975]
-
-testId=12895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7976]
-
-testId=29279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7977]
-
-testId=2687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7978]
-
-testId=19071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7979]
-
-testId=10863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7980]
-
-testId=27215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7981]
-
-testId=6767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7982]
-
-testId=23151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7983]
-
-testId=14959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7984]
-
-testId=31359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7985]
-
-testId=1615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7986]
-
-testId=18031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7987]
-
-testId=9807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7988]
-
-testId=26191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7989]
-
-testId=5759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7990]
-
-testId=22143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7991]
-
-testId=13935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7992]
-
-testId=30287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7993]
-
-testId=3679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7994]
-
-testId=20095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7995]
-
-testId=11903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7996]
-
-testId=28239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7997]
-
-testId=7775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7998]
-
-testId=24159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7999]
-
-testId=15983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8000]
-
-testId=32367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8001]
-
-testId=367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8002]
-
-testId=16767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8003]
-
-testId=8527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8004]
-
-testId=24959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8005]
-
-testId=4447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8006]
-
-testId=20815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8007]
-
-testId=12639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8008]
-
-testId=29055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8009]
-
-testId=2383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8010]
-
-testId=18815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8011]
-
-testId=10607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8012]
-
-testId=26959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8013]
-
-testId=6479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8014]
-
-testId=22863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8015]
-
-testId=14671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8016]
-
-testId=31055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8017]
-
-testId=1407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8018]
-
-testId=17743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8019]
-
-testId=9567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8020]
-
-testId=25983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8021]
-
-testId=5471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8022]
-
-testId=21871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8023]
-
-testId=13695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8024]
-
-testId=30079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8025]
-
-testId=3439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8026]
-
-testId=19791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8027]
-
-testId=11615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8028]
-
-testId=28031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8029]
-
-testId=7519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8030]
-
-testId=23903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8031]
-
-testId=15695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8032]
-
-testId=32127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8033]
-
-testId=879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8034]
-
-testId=17279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8035]
-
-testId=9071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8036]
-
-testId=25439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8037]
-
-testId=4943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8038]
-
-testId=21327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8039]
-
-testId=13151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8040]
-
-testId=29535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8041]
-
-testId=2895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8042]
-
-testId=19295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8043]
-
-testId=11103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8044]
-
-testId=27487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8045]
-
-testId=7023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8046]
-
-testId=23375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8047]
-
-testId=15231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8048]
-
-testId=31615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8049]
-
-testId=1919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8050]
-
-testId=18303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8051]
-
-testId=10063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8052]
-
-testId=26495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8053]
-
-testId=6015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8054]
-
-testId=22399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8055]
-
-testId=14207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8056]
-
-testId=30543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8057]
-
-testId=3919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8058]
-
-testId=20319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8059]
-
-testId=12159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8060]
-
-testId=28527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8061]
-
-testId=8015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8062]
-
-testId=24399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8063]
-
-testId=16207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8064]
-
-testId=32623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8065]
-
-testId=207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8066]
-
-testId=16639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8067]
-
-testId=8399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8068]
-
-testId=24815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8069]
-
-testId=4351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8070]
-
-testId=20719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8071]
-
-testId=12495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8072]
-
-testId=28879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8073]
-
-testId=2287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8074]
-
-testId=18671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8075]
-
-testId=10479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8076]
-
-testId=26879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8077]
-
-testId=6367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8078]
-
-testId=22767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8079]
-
-testId=14591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8080]
-
-testId=30959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8081]
-
-testId=1263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8082]
-
-testId=17663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8083]
-
-testId=9471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8084]
-
-testId=25839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8085]
-
-testId=5359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8086]
-
-testId=21743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8087]
-
-testId=13567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8088]
-
-testId=29919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8089]
-
-testId=3295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8090]
-
-testId=19695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8091]
-
-testId=11487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8092]
-
-testId=27887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8093]
-
-testId=7375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8094]
-
-testId=23807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8095]
-
-testId=15615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8096]
-
-testId=31951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8097]
-
-testId=719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8098]
-
-testId=17119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8099]
-
-testId=8911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8100]
-
-testId=25343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8101]
-
-testId=4863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8102]
-
-testId=21215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8103]
-
-testId=13007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8104]
-
-testId=29391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8105]
-
-testId=2815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8106]
-
-testId=19199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8107]
-
-testId=11007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8108]
-
-testId=27359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8109]
-
-testId=6911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8110]
-
-testId=23295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8111]
-
-testId=15071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8112]
-
-testId=31439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8113]
-
-testId=1791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8114]
-
-testId=18143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8115]
-
-testId=9983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8116]
-
-testId=26319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8117]
-
-testId=5871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8118]
-
-testId=22271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8119]
-
-testId=14063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8120]
-
-testId=30447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8121]
-
-testId=3839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8122]
-
-testId=20175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8123]
-
-testId=11999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8124]
-
-testId=28383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8125]
-
-testId=7903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8126]
-
-testId=24271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8127]
-
-testId=16079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8128]
-
-testId=32511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8129]
-
-testId=511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8130]
-
-testId=16879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8131]
-
-testId=8703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8132]
-
-testId=25071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8133]
-
-testId=4591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8134]
-
-testId=20991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8135]
-
-testId=12799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8136]
-
-testId=29183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8137]
-
-testId=2559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8138]
-
-testId=18895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8139]
-
-testId=10719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8140]
-
-testId=27087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8141]
-
-testId=6655
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8142]
-
-testId=23039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8143]
-
-testId=14847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8144]
-
-testId=31183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8145]
-
-testId=1503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8146]
-
-testId=17919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8147]
-
-testId=9679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8148]
-
-testId=26095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8149]
-
-testId=5615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8150]
-
-testId=21983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8151]
-
-testId=13807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8152]
-
-testId=30207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8153]
-
-testId=3535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8154]
-
-testId=19967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8155]
-
-testId=11727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8156]
-
-testId=28143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8157]
-
-testId=7679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8158]
-
-testId=24015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8159]
-
-testId=15855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8160]
-
-testId=32207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8161]
-
-testId=975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8162]
-
-testId=17407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8163]
-
-testId=9183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8164]
-
-testId=25599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8165]
-
-testId=5119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8166]
-
-testId=21455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8167]
-
-testId=13295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8168]
-
-testId=29663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8169]
-
-testId=3023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8170]
-
-testId=19407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8171]
-
-testId=11263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8172]
-
-testId=27599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8173]
-
-testId=7167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8174]
-
-testId=23519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8175]
-
-testId=15327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8176]
-
-testId=31743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8177]
-
-testId=2031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8178]
-
-testId=18383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8179]
-
-testId=10223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8180]
-
-testId=26575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8181]
-
-testId=6143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8182]
-
-testId=22527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8183]
-
-testId=14287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8184]
-
-testId=30719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8185]
-
-testId=4047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8186]
-
-testId=20447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8187]
-
-testId=12287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8188]
-
-testId=28639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8189]
-
-testId=8159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8190]
-
-testId=24527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8191]
-
-testId=16351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8192]
-
-testId=32735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
deleted file mode 100644
index 48457fe42..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* include replacer-generated variables file */
-
-
-#include "ssl.h"
-#include "sslproto.h"
-
-#include "sslt.h"
-#include "sslc.h"
-#include "ssls.h"
-
-#include "pk11func.h"
-
-#define MAX_CIPHERS 100
-
-struct cipherspec cipher_array[MAX_CIPHERS];
-int cipher_array_size=0;
-char *password = "";
-char *nickname = "SSLServer";
-char *client_nick = "SSLClient";
-
-void InitCiphers() {
- int i=0;
-
-/* These ciphers are listed in priority order. */
- DIPHER(2,SSL_ALLOWED,128,40, "RC2-CBC-Export", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
- CIPHER(2,SSL_NOT_ALLOWED,128,128,"RC4", EN_RC4_128_WITH_MD5)
- CIPHER(2,SSL_ALLOWED,128,40, "RC4-Export", EN_RC4_128_EXPORT40_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,128,128,"RC2-CBC", EN_RC2_128_CBC_WITH_MD5)
- DIPHER(2,SSL_ALLOWED,128,40, "RC2-CBC-40", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,128,128,"IDEA-CBC", EN_IDEA_128_CBC_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,56,56, "DES-CBC", EN_DES_64_CBC_WITH_MD5)
- CIPHER(2,SSL_NOT_ALLOWED,168,168,"DES-EDE3-CBC", EN_DES_192_EDE3_CBC_WITH_MD5)
- /* SSL 3 suites */
-
- CIPHER(3,SSL_RESTRICTED,128,128, "RC4", RSA_WITH_RC4_128_MD5)
- DIPHER(3,SSL_RESTRICTED,128,128, "RC4", RSA_WITH_RC4_128_SHA)
- CIPHER(3,SSL_RESTRICTED,168,168, "3DES-EDE-CBC", RSA_WITH_3DES_EDE_CBC_SHA)
- CIPHER(3,SSL_NOT_ALLOWED,56,56,"DES-CBC", RSA_WITH_DES_CBC_SHA)
- CIPHER(3,SSL_ALLOWED,128,40, "RC4-40", RSA_EXPORT_WITH_RC4_40_MD5)
- CIPHER(3,SSL_ALLOWED,128,40, "RC2-CBC-40", RSA_EXPORT_WITH_RC2_CBC_40_MD5)
-
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", NULL_WITH_NULL_NULL)
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", RSA_WITH_NULL_MD5)
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", RSA_WITH_NULL_SHA)
-
-#if 0
- DIPHER(3,SSL_NOT_ALLOWED,0,0, "IDEA-CBC", RSA_WITH_IDEA_CBC_SHA)
- DIPHER(3,SSL_ALLOWED,128,40, "DES-CBC-40", RSA_EXPORT_WITH_DES40_CBC_SHA)
-#endif
-
- /*
-
- CIPHER(DH_DSS_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DH_DSS_WITH_DES_CBC_SHA),
- CIPHER(DH_DSS_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DH_RSA_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DH_RSA_WITH_DES_CBC_SHA),
- CIPHER(DH_RSA_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DHE_DSS_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DHE_DSS_WITH_DES_CBC_SHA),
- CIPHER(DHE_DSS_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DHE_RSA_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DHE_RSA_WITH_DES_CBC_SHA),
- CIPHER(DHE_RSA_WITH_3DES_EDE_CBC_SHA),
-
- CIPHER(DH_ANON_EXPORT_WITH_RC4_40_MD5),
- CIPHER(DH_ANON_WITH_RC4_128_MD5),
- CIPHER(DH_ANON_WITH_DES_CBC_SHA),
- CIPHER(DH_ANON_WITH_3DES_EDE_CBC_SHA),
-
- CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza", FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),
- CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza", FORTEZZA_DMS_WITH_RC4_128_SHA),
-
- */
-
- DIPHER(3,SSL_NOT_ALLOWED,192,192,"3DES-EDE-CBC",RSA_FIPS_WITH_3DES_EDE_CBC_SHA)
- DIPHER(3,SSL_NOT_ALLOWED,64,64, "DES-CBC", RSA_FIPS_WITH_DES_CBC_SHA)
-
- cipher_array_size =i;
-}
-
-
-
-/* ClearCiphers()
- * Clear out all ciphers */
-
-void ClearCiphers(struct ThreadData *td) {
-int i;
-
-for (i=0;i<cipher_array_size;i++) {
-SSL_EnableCipher(cipher_array[i].enableid,0);
-}
-}
-
-
-/* EnableCiphers
- * enable only those ciphers set for this test */
-
-void EnableCiphers(struct ThreadData *td) {
- int i;
-
- for (i=0;i<cipher_array_size;i++) {
- if (cipher_array[i].on) {
- SSL_EnableCipher(cipher_array[i].enableid,1);
- }
- }
-}
-
-/* SetPolicy */
-
-void SetPolicy() {
- int i;
-
- for (i=0;i<cipher_array_size;i++) {
- if (REP_Policy == POLICY_DOMESTIC) {
- SSL_SetPolicy(cipher_array[i].enableid,SSL_ALLOWED);
- }
- else {
- SSL_SetPolicy(cipher_array[i].enableid,cipher_array[i].exportable);
- }
- }
-}
-
-char *MyPWFunc(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- static PRBool called=PR_FALSE;
- if(called) {
- return NULL;
- } else {
- called = PR_TRUE;
- return PL_strdup(password);
- }
-}
-
-/*
- * VersionEnables
- * errors (40-49)
- */
-
-int Version2Enable(PRFileDesc *s, int v) {
- if (SSL_Enable(s, SSL_ENABLE_SSL2, 1) <0) return Error(43);
- else return 0;
-}
-
-int Version3Enable(PRFileDesc *s) {
- if (SSL_Enable(s, SSL_ENABLE_SSL3, 1) <0) return Error(42);
- else return 0;
-}
-
-int Version23Clear(PRFileDesc *s) {
- if (SSL_Enable(s,SSL_ENABLE_SSL2,0) <0) return Error(40);
- if (SSL_Enable(s,SSL_ENABLE_SSL3,0) <0) return Error(41);
- return 0;
-}
-
-
-
-char *nicknames[MAX_NICKNAME];
-
-void SetupNickNames() {
- nicknames[CLIENT_CERT_VERISIGN] = "CLIENT_CERT_VERISIGN";
- nicknames[CLIENT_CERT_HARDCOREII_1024] = "CLIENT_CERT_HARDCOREII_1024";
- nicknames[CLIENT_CERT_HARDCOREII_512] = "CLIENT_CERT_HARDCOREII_512";
- nicknames[CLIENT_CERT_SPARK] = "CLIENT_CERT_SPARK";
- nicknames[SERVER_CERT_HARDCOREII_512] = nickname;
- /* nicknames[SERVER_CERT_HARDCOREII_512] = "SERVER_CERT_HARDCOREII_512"; */
- nicknames[SERVER_CERT_VERISIGN_REGULAR]= "SERVER_CERT_VERISIGN_REGULAR";
- nicknames[SERVER_CERT_VERISIGN_STEPUP] = "SERVER_CERT_VERISIGN_STEPUP";
- nicknames[SERVER_CERT_SPARK] = "SERVER_CERT_SPARK";
-}
-
-
-
-
-
-
-
-/*
- * SetServerSecParms
- * errors(10-19)
- */
-
-int SetServerSecParms(struct ThreadData *td) {
- int rv;
- SECKEYPrivateKey *privKey;
- PRFileDesc *s;
-
- s = td->r;
-
- rv = SSL_Enable(s, SSL_SECURITY, 1); /* Enable security on this socket */
- if (rv < 0) return Error(10);
-
- if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
- rv = SSL_Enable(s, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) return Error(11);
- }
-
- ClearCiphers(td);
- EnableCiphers(td);
-
- PK11_SetPasswordFunc(MyPWFunc);
- SSL_SetPKCS11PinArg(s,(void*) MyPWFunc);
-
-
- /* Find the certificates we are going to use from the database */
-
-
- /* Test for dummy certificate, which shouldn't exist */
- td->cert = PK11_FindCertFromNickname("XXXXXX_CERT_HARDCOREII_1024",NULL);
- if (td->cert != NULL) return Error(16);
-
-
- td->cert = NULL;
- if (NO_CERT != REP_ServerCert) {
- td->cert = PK11_FindCertFromNickname(nicknames[REP_ServerCert],NULL);
- }
-
-
- /* Note: if we're set to use NO_CERT as the server cert, then we'll
- * just essentially skip the rest of this (except for session ID cache setup)
- */
-
-
- if ( (NULL == td->cert) && ( NO_CERT != REP_ServerCert )) {
- PR_fprintf(PR_STDERR, "Can't find certificate %s\n", nicknames[REP_ServerCert]);
- PR_fprintf(PR_STDERR, "Server: Seclib error: %s\n",
- SECU_ErrorString ((int16) PR_GetError()));
- return Error(12);
- }
-
-
- if ((NO_CERT != REP_ServerCert)) {
- privKey = PK11_FindKeyByAnyCert(td->cert, NULL);
- if (privKey == NULL) {
- dbmsg((PR_STDERR, "Can't find key for this certificate\n"));
- return Error(13);
- }
-
- rv = SSL_ConfigSecureServer(s,td->cert,privKey, kt_rsa);
- if (rv != PR_SUCCESS) {
- dbmsg((PR_STDERR, "Can't config server error(%d) \n",rv));
- return Error(14);
- }
- }
-
- rv = SSL_ConfigServerSessionIDCache(10, 0, 0, ".");
- if (rv != 0) {
- dbmsg((PR_STDERR, "Can't config server session ID cache (%d) \n",rv));
- return Error(15);
- }
-
- return 0;
-}
-
-
-
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
deleted file mode 100644
index 58af6b14e..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLC_H
-#define SSLC_H
-
-#include "ssls.h"
-
-struct cipherspec {
- int sslversion; /* either 2 or 3 */
- int exportable; /* 0=domestic cipher, 1=exportable */
- int ks,sks; /* key size, secret key size (bits) */
- char *name; /* name expected from SecurityStatus */
- int enableid; /* the cipher id used by SSL_EnableCipher */
- int on; /* 0= do not enable this cipher, 1 = enable */
-};
-
-
-/* Ugly way to generate code to fill in cipher_array struct */
-/* I wanted to make this part of the static structure initialization,
- but some compilers complain that the .on field is not constant */
-
-#define CIPHER(p_sslversion,p_policy,p_ks,p_sks,p_name,p_x) {\
- cipher_array[i].sslversion = p_sslversion; \
- cipher_array[i].exportable = p_policy; \
- cipher_array[i].ks = p_ks; \
- cipher_array[i].sks = p_sks; \
- cipher_array[i].name = p_name; \
- cipher_array[i].enableid = SSL_ ## p_x; \
- cipher_array[i].on = REP_Cipher_ ## p_x; \
- i++; }
-
-/* A DIPHER is a disabled-cipher (don't run the test suite) */
-#define DIPHER(sslversion,policy,ks,sks,name,x) ;
-
-
-/* These constants are indexes into the 'nicknames' array */
-
-#define NO_CERT -1
-#define CLIENT_CERT_VERISIGN 1
-#define CLIENT_CERT_HARDCOREII_1024 2
-#define CLIENT_CERT_HARDCOREII_512 3
-#define CLIENT_CERT_SPARK 4
-#define SERVER_CERT_HARDCOREII_512 5
-#define SERVER_CERT_VERISIGN_REGULAR 6
-#define SERVER_CERT_VERISIGN_STEPUP 7
-#define SERVER_CERT_SPARK 8
-#define MAX_NICKNAME 10
-
-extern struct cipherspec cipher_array[];
-extern int cipher_array_size;
-
-extern void ClearCiphers();
-extern void EnableCiphers();
-extern void SetPolicy();
-extern int Version2Enable();
-extern int Version3Enable();
-extern int Version23Clear();
-extern char *nicknames[];
-extern void SetupNickNames();
-extern int SetServerSecParms(struct ThreadData *td);
-
-
-#endif
-/* SSLC_H */
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
deleted file mode 100644
index b406f335f..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "ssls.h"
-
-#include <ssl.h>
-#include <sslproto.h>
-
-/* 21 lines x 8 chars = 168 bytes */
-
-
-#if 1
-unsigned char data[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08
-};
-
-#else
-
-unsigned char data[] = {
- 0x2e, 0x86, 0x53, 0x10, 0x4f, 0x38, 0x34, 0xea,
- 0x4b, 0xd3, 0x88, 0xff, 0x6c, 0xd8, 0x1d, 0x4f,
- 0x20, 0xb9, 0xe7, 0x67, 0xb2, 0xfb, 0x14, 0x56,
- 0x55, 0x57, 0x93, 0x80, 0xd7, 0x71, 0x38, 0xef,
-
- 0x6c, 0xc5, 0xde, 0xfa, 0xaf, 0x04, 0x51, 0x2f,
- 0x0d, 0x9f, 0x27, 0x9b, 0xa5, 0xd8, 0x72, 0x60,
- 0xd9, 0x03, 0x1b, 0x02, 0x71, 0xbd, 0x5a, 0x0a,
- 0x42, 0x42, 0x50, 0xb3, 0x7c, 0x3d, 0xd9, 0x51,
-
- 0xb8, 0x06, 0x1b, 0x7e, 0xcd, 0x9a, 0x21, 0xe5,
- 0xf1, 0x5d, 0x0f, 0x28, 0x6b, 0x65, 0xbd, 0x28,
- 0xad, 0xd0, 0xcc, 0x8d, 0x6e, 0x5d, 0xeb, 0xa1,
- 0xe6, 0xd5, 0xf8, 0x27, 0x52, 0xad, 0x63, 0xd1,
-
- 0xec, 0xbf, 0xe3, 0xbd, 0x3f, 0x59, 0x1a, 0x5e,
- 0xf3, 0x56, 0x83, 0x43, 0x79, 0xd1, 0x65, 0xcd,
- 0x2b, 0x9f, 0x98, 0x2f, 0x20, 0x03, 0x7f, 0xa9,
- 0x88, 0x9d, 0xe0, 0x68, 0xa1, 0x6f, 0x0b, 0xe6,
-
- 0xe1, 0x9e, 0x27, 0x5d, 0x84, 0x6a, 0x12, 0x98,
- 0x32, 0x9a, 0x8e, 0xd5, 0x23, 0xd7, 0x1a, 0xec,
- 0xe7, 0xfc, 0xe2, 0x25, 0x57, 0xd2, 0x3c, 0x97,
- 0x12, 0xa9, 0xf5, 0x81, 0x7f, 0xf2, 0xd6, 0x5d,
-
- 0xa4, 0x84, 0xc3, 0xad, 0x38, 0xdc, 0x9c, 0x19
-};
-#endif
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
deleted file mode 100644
index deb3fc1ff..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLS_H
-#define SSLS_H
-
-#include <prinit.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prmem.h>
-#include <plstr.h>
-#include <prnetdb.h>
-#include <prinrval.h>
-
-
-#include <cert.h>
-
-extern struct CipherPolicy ciphers[];
-extern struct CipherPair policy[];
-
-extern unsigned char data[];
-
-#define BUFSIZE 3955 /* some arbitrary size not a multiple of 2^x */
-
-struct ThreadData { /* place to put thread-local data. */
-
- PRFileDesc *fd; /* NSPR File Desc */
- PRFileDesc *s; /* The secure File Desc */
- PRFileDesc *r; /* Rendezvous socket (not used right now */
- PRPollDesc pd;
- CERTCertificate *cert;
- CERTCertificate *peercert;
-
- struct ThreadData *peer;
-
- PRNetAddr na;
- PRThread *subthread;
-
- int peerport;
- int client;
-
- char sendbuf[BUFSIZE];
- char recvbuf[BUFSIZE];
- int data_read;
- int data_sent;
- int data_tosend;
- int state;
- unsigned char xor_reading;
- unsigned char xor_writing;
-
- int exit_code;
- int secerr_flag;
- int secerr;
-
-
-#define SSLT_INITIAL_FORCE 1
-#define SSLT_FIRST_IO 2
-#define SSLT_REDO 4
-
- int status_on;
- char *status_cipher;
- int status_keysize;
- int status_skeysize;
- char *status_issuer;
- char *status_subject;
-
-};
-
-
-#define POLICY_DOMESTIC 0
-#define POLICY_EXPORT 1
-
-
-extern int VerifyBuffer(char *recvbuf,int bufsize,int done, char xor);
-extern void FillBuffer(char *sendbuf,int bufsize, int offset, char xor);
-extern void HandshakeCallback(PRFileDesc *s, void *td);
-
-
-#define DATABUFSIZE 168
-#define CLIENTXOR 0xA5
-
-#define BLOCKING 0
-#define NON_BLOCKING 1
-
-#define STATE_BEFORE_INITIAL_HANDSHAKE 0
-#define STATE_BEFORE_REDO_HANDSHAKE 1
-#define STATE_STATUS_COLLECTED 2
-#define STATE_DONE_WRITING 3
-#define STATE_DONE_READING 4
-#define STATE_DONE 5
-
-#define SSLT_CLIENTAUTH_OFF 1
-#define SSLT_CLIENTAUTH_REDO 2
-#define SSLT_CLIENTAUTH_INITIAL 3
-
-
-#endif
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
deleted file mode 100755
index 760aecdbc..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
+++ /dev/null
@@ -1,1183 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define VERION_MAJOR 1
-#define VERION_MINOR 0
-#define VERSION_POINT 7
-/* NSPR header files */
-#include <prinit.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prmem.h>
-#include <plstr.h>
-#include <prnetdb.h>
-#include <prinrval.h>
-#include <prmon.h>
-#include <prlock.h>
-
-/* Security library files */
-#include "cert.h"
-#include "key.h"
-#include "secmod.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-/* SSL Header Files */
-#include "ssl.h"
-#include "sslproto.h"
-
-#define EXIT_OOPS 14
-
-#include "ssls.h"
-#include "sslc.h"
-
-#ifdef XP_PC
-/* Windows VC++ 6.0 Header File required to define EXCEPTION_EXECUTE_HANDLER. */
-#include "excpt.h"
-#endif
-
-#ifndef DEBUG_stevep
-#define dbmsg(x) if (debug) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-
-/* Prototypes */
-
-PRInt32 ServerThread(PRInt32 argc,char **argv);
-void ClientThread(void *arg);
-void SetupNickNames(void );
-int OpenDBs(void);
-int ConfigServerSocket(void);
-int DoIO(struct ThreadData *);
-int Client(void);
-int SetClientSecParams(void);
-int CreateClientSocket(void);
-
-#ifdef XP_PC
-extern char getopt(int, char**, char*);
-#endif
-extern int Version2Enable(PRFileDesc *s);
-extern int Version3Enable(PRFileDesc *s);
-extern int Version23Clear(PRFileDesc *s);
-extern void SetupNickNames();
-extern int AuthCertificate(void *arg,PRFileDesc *fd,
- PRBool checkSig, PRBool isServer);
-extern char *MyPWFunc(void *slot, PRBool retry, void *arg);
-
-extern char *nicknames[];
-extern char *client_nick;
-extern char *password, *nickname;
-
-/* Shared condition variables */
-
-int rc; /* rc is the error the process should return */
-PRMonitor *rcmon; /* rcmon protects rc, since it can be set by the client */
- /* or server thread */
-
-/***** Read-only global variables (initialized in Server Thread) ****/
-
-PRInt32 debug = 0;
-PRInt32 verbose = 0;
-CERTCertDBHandle *cert_db_handle = NULL;
-
-struct ThreadData cl,svr;
-
-/* Include Replacer-generated variables file */
-
-/* INSERT_TABLES is a special parameter to sslt.h which inserts the
- replacer-generated tables. We only want this table to be included
- once in the executable, but this header file gets use in several
- places */
-
-#define INSERT_TABLES
-#include "sslt.h"
-#include "nss.h"
-
-
-
-/*
- *
- * OpenDBs() - open databases
- * errors(30-39)
- */
-
-int OpenDBs() {
- int r;
-
- NSS_Init(".");
- return 0;
-}
-
-
-
-
-
-/*
- * CreateServerSocket
- * errors (20-29)
- */
-
-
-int CreateServerSocket(struct ThreadData *td) {
- /* Create server socket s */
-
- td->fd = PR_NewTCPSocket();
- if (td->fd == NULL) return Error(20);
-
- td->r = SSL_ImportFD(NULL, td->fd);
- if (td->r == NULL) return Error(21);
-
- return 0;
-}
-
-
-int ConfigServerSocket() {
-
- /* Set up Net address to bind to 'any' */
- int r;
-
- r = PR_InitializeNetAddr(PR_IpAddrAny,0,&svr.na);
- if (PR_SUCCESS != r) return Error(2);
-
-
- r = PR_Bind(svr.r,&svr.na); /* bind to an IP address */
- if (PR_SUCCESS != r) return Error(3);
-
-
- r = PR_Listen(svr.r,5);
- if (PR_SUCCESS != r) return Error(4);
-
-
- r = PR_GetSockName(svr.r,&svr.na);
- if (PR_SUCCESS != r) return Error(5);
- return r;
-}
-
-
-/*
- * main
- * returns 255 if 'coredump'-type crash occurs on winNT
- *
- */
-
-PRIntn main(PRIntn ac, char **av, char **ev) {
- int r;
- extern char *optarg;
- extern int optind;
- int c;
-
-
- if( ac == 1 ) {
- PR_fprintf(PR_STDERR,
-"\nSSL Test Suite Version %d.%d.%d\n\
-All Rights Reserved\n\
-Usage: sslt [-c client_nickname] [-n server_nickname] [-p passwd] [-d] testid\n",
-VERION_MAJOR, VERION_MINOR, VERSION_POINT);
-
- exit(0);
- }
-
- for (c = 1; c<ac; c++) {
- if (!PL_strcmp(av[c],"-c")) {
-
- c++;
- if (c < ac) {
- client_nick = av[c];
- }
- else {
- PR_fprintf(PR_STDOUT,"must supply argument for -c\n");
- exit(0);
- }
- }
-
- else if (!PL_strcmp(av[c],"-n")) {
-
- c++;
- if (c < ac) {
- nickname = av[c];
- }
- else {
- PR_fprintf(PR_STDOUT,"must supply argument for -n\n");
- exit(0);
- }
- }
- else if (!PL_strcmp(av[c],"-p")) {
-
- c++;
- if (c < ac) {
- password = av[c];
- }
- else {
- PR_fprintf(PR_STDOUT,"must supply argument for -p\n");
- exit(0);
- }
- }
- else if (!PL_strcmp(av[c],"-d")) {
- c++;
- debug++;
- }
- else
- testId = atoi(av[c]);
- }
-
-
-
-#ifdef XP_PC
- __try {
-#endif
-
- r = PR_Initialize(ServerThread,ac,av,400); /* is 400 enough? */
-
- /* returncode 99 means 'no error' */
- if (99 == r) r = 0;
-
-#ifdef XP_PC
- } __except( PR_fprintf(PR_STDERR, "\nCERT-TEST crashed\n"), EXCEPTION_EXECUTE_HANDLER ) {
- r = 255;
- }
-#endif
-
- return r;
-
-}
-
-
-
-/*
- * ServerThread
- * (errors 1-9,150-159)
- */
-
-
-PRInt32 ServerThread(PRInt32 argc,char **argv) {
-
- PRNetAddr na;
-
- PRStatus r;
- SECStatus rv;
-
- CERTCertDBHandle *cert_db_handle;
- PRInt32 i,j;
- struct ThreadData * td;
-
-
- /* if (InvalidTestHack() == PR_TRUE) {
- return 0;
- }
- */
-
- rcmon = PR_NewMonitor();
- if (NULL == rcmon) return Error(140);
-
- PR_EnterMonitor(rcmon);
- rc = 0;
- PR_ExitMonitor(rcmon);
-
- InitCiphers();
- SetPolicy();
- SetupNickNames();
-
- cl.peer = &svr;
- svr.peer = &cl;
-
-
- r = OpenDBs(); /* open databases and set defaults */
- if (PR_SUCCESS != r) return r;
-
-
- r = CreateServerSocket(&svr);
- if (PR_SUCCESS != r) return r;
-
- r = ConfigServerSocket();
- if (PR_SUCCESS != r) return r;
-
- cl.peerport = svr.na.inet.port;
-
-
- r = SetServerSecParms(&svr); /* configure server socket
- sid cache, certificate etc. */
- if (r) return r;
-
- r = SSL_HandshakeCallback(svr.r, HandshakeCallback, &svr);
- if (PR_SUCCESS != r) return Error(150);
-
- r = SSL_AuthCertificateHook(svr.r,AuthCertificate,&svr);
- if (PR_SUCCESS !=r ) return Error(151);
-
- /* The server socket is now set up. Now, we must start
- the client thread */
-
- svr.subthread =
- PR_CreateThread(PR_SYSTEM_THREAD, /* Thread Type */
- ClientThread, /* Start Function */
- NULL, /* Argument */
- PR_PRIORITY_NORMAL, /* Priority */
- PR_GLOBAL_THREAD, /* Scheduling scope */
- PR_JOINABLE_THREAD, /* Thread State */
- 0 /* Stacksize (0=use default) */
- );
- if (svr.subthread == NULL) return Error(6);
-
-
-
- /* Wait for incoming connection from client thread */
-
- svr.s = PR_Accept(svr.r, NULL, PR_SecondsToInterval(100)); /* timeout */
- if (NULL == svr.s) {
- r = PR_GetError();
- if (r) {
- return Error(7);
- }
- }
-
- td = &svr;
- td->client = PR_FALSE;
- td->xor_reading = CLIENTXOR;
- td->xor_writing = 0;
-
- r = DoIO(td);
- dbmsg((PR_STDERR,"Server IO complete - returned %d\n",r));
- dbmsg((PR_STDERR,"PR_GetError() = %d\n",PR_GetError()));
-
-
- /* WHY IS THIS HERE???? */
- r = 0;
- if (r) return r;
-
-
- /* c = SSL_PeerCertificate(s); */
-
- r = PR_Close(svr.s); /* close the SSL Socket */
- if (r != PR_SUCCESS) return Error(8);
-
- dbmsg((PR_STDERR,"PR_Close(svr.s) - returned %d\n",r));
-
- r = PR_Close(svr.r); /* Close the rendezvous socket */
- if (r != PR_SUCCESS) return Error(8);
-
- dbmsg((PR_STDERR,"PR_Close(svr.r) - returned %d\n",r));
-
- r = PR_JoinThread(svr.subthread);
- if (r != PR_SUCCESS) return Error(9);
-
- PR_EnterMonitor(rcmon);
- r = rc;
- PR_ExitMonitor(rcmon);
-
- dbmsg((PR_STDERR,"Client Thread Joined. client's returncode=%d\n",r));
- dbmsg((PR_STDERR,"Server Thread closing down.\n"));
-
- return r;
-
- }
-
-
-/*
- * Get security status for this socket
- *
- */
-
-int GetSecStatus(struct ThreadData *td) {
- int r;
-
- r = SSL_SecurityStatus(td->s,
- &td->status_on,
- &td->status_cipher,
- &td->status_keysize,
- &td->status_skeysize,
- &td->status_issuer,
- &td->status_subject
- );
-
- return r;
- /* SSL_PeerCertificate(); */
-
-}
-
-
-
-
-/* Signal an error code for the process to return.
- If the peer aborted before us, returns 0.
- If the peer did not abort before us, returns the calling argument
- (to be used as a returncode) */
-int Error(int s)
-{
- int r;
-
- PR_EnterMonitor(rcmon);
- r = rc;
- if (0 == rc) {
- rc = s;
- }
- PR_ExitMonitor(rcmon);
-
- if (r) return s;
- else return 0;
-}
-
-
-
-#define ALLOWEDBYPROTOCOL 1
-#define ALLOWEDBYPOLICY 2
-#define ALLOWEDBYCIPHERSUITE 4
-
-/* This returns 0 if the status is what was expected at this point, else a returncode */
-
-
-int VerifyStatus(struct ThreadData *td)
-{
- int i,j;
- int matched =0;
-
- /* Go through all the ciphers until we find the first one that satisfies */
- /* all the criteria. The ciphers are listed in preferred order. So, the first */
- /* that matches should be the one. */
-
- /* because of bug 107086, I have to fudge this. If it weren't for this
- bug, SSL2 ciphers may get chosen in preference to SSL3 cipher,
- if they were stronger */
-
-
- for (i=0;i<cipher_array_size;i++) {
-
- /* IF */
-
- if (
-
- /* bug 107086. If SSL2 and SSL3 are enabled, ignore the SSL2 ciphers */
- (!( /* see above */
- (REP_SSLVersion2 && REP_SSLVersion3) && cipher_array[i].sslversion == 2)
- )
-
- &&
-
-
- ( /* Cipher is the right kind for the protocol? */
- ((cipher_array[i].sslversion == 2) && REP_SSLVersion2) ||
- ((cipher_array[i].sslversion == 3) && REP_SSLVersion3)
- )
-
- && /* Cipher is switched on */
-
- ((cipher_array[i].on == 1) ||
- ((cipher_array[i].on == 2) &&
- (REP_ServerCert == SERVER_CERT_VERISIGN_STEPUP)))
-
- && /* Is this cipher enabled under this policy */
-
- (
- (REP_Policy == POLICY_DOMESTIC) ||
- ((REP_Policy == POLICY_EXPORT) &&
- (cipher_array[i].exportable == SSL_ALLOWED)))
- )
-
- /* THEN */
- {
- /* This is the cipher the SSL library should have chosen */
-
- matched = 1;
- break;
- }
- }
-
-GetSecStatus(td);
-
-
-#define SSLT_STATUS_CORRECT 0 /* The status is correct. Continue with test */
-#define SSLT_STATUS_WRONG_KEYSIZE 1 /* The reported keysize is incorrect. abort */
-#define SSLT_STATUS_WRONG_SKEYSIZE 2 /* The reported secret keysize is incorrect. abort */
-#define SSLT_STATUS_WRONG_DESCRIPTION 3 /* The reported description is incorrect. abort*/
-#define SSLT_STATUS_WRONG_ERRORCODE 4 /* sec. library error - but wrong one - abort */
-#define SSLT_STATUS_CORRECT_ERRORCODE 5 /* security library error - right one - abort with err 99 */
-
- if (matched) {
- if (td->status_keysize != cipher_array[i].ks) {
- PR_fprintf(PR_STDERR,"wrong keysize. seclib: %d, expected %d\n",
- td->status_keysize,cipher_array[i].ks);
- return SSLT_STATUS_WRONG_KEYSIZE;
- }
- if (td->status_skeysize != cipher_array[i].sks) return SSLT_STATUS_WRONG_SKEYSIZE;
- if (PL_strcmp(td->status_cipher,cipher_array[i].name)) {
- PR_fprintf(PR_STDERR,"wrong cipher description. seclib: %s, expected: %s\n",
- td->status_cipher,cipher_array[i].name);
- return SSLT_STATUS_WRONG_DESCRIPTION;
- }
-
- /* Should also check status_issuer and status_subject */
-
- return SSLT_STATUS_CORRECT;
- }
-
- else {
- /* if SSL wasn't enabled, security library should have returned a failure with
- SSL_ERROR_SSL_DISABLED
- */
-
- /* Since we cannot set the client and server ciphersuites independently,
- there's not point in checking for NO_CYPHER_OVERLAP. That's why some
- of this is commented out.
- */
-
-#if 0
- if (PR_FALSE == REP_SSLVersion2 &&
- PR_FALSE == REP_SSLVersion3)
-{
-if ( (td->secerr_flag == PR_FALSE ) ||
- ((td->secerr_flag == PR_TRUE) &&
- !((td->secerr == SSL_ERROR_SSL_DISABLED) ||
- (td->secerr == SSL_ERROR_NO_CYPHER_OVERLAP))
- )) {
- return SSLT_STATUS_WRONG_ERRORCODE;
- }
- else
- return SSLT_STATUS_CORRECT_ERRORCODE;
- }
-
- else {
-
- /* If SSL was enabled, and we get here, then no ciphers were compatible
- (matched == 0). So, security library should have returned the error
- SSL_ERROR_NO_CYPHER_OVERLAP */
-
- if ((td->secerr_flag == PR_FALSE) ||
- ((td->secerr_flag == PR_TRUE) && (td->secerr != SSL_ERROR_NO_CYPHER_OVERLAP))) {
- return SSLT_STATUS_WRONG_ERRORCODE;
- }
- else return SSLT_STATUS_CORRECT_ERRORCODE;
- }
-#endif
- }
- return SSLT_STATUS_CORRECT_ERRORCODE;
-}
-
-
-/*
- * DoRedoHandshake()
- *
- * errors(90-99)
- * 99 means exit gracefully
- */
-
-int DoRedoHandshake(struct ThreadData *td) {
- int r;
-
-
- /* figure out if we really should do the RedoHandshake */
- if ((td->client && (PR_TRUE== REP_ClientRedoHandshake)) ||
- (!td->client && (PR_TRUE== REP_ServerRedoHandshake))) {
-
- if ((!td->client && (SSLT_CLIENTAUTH_REDO==REP_ServerDoClientAuth))) {
- r = SSL_Enable(td->s, SSL_REQUEST_CERTIFICATE, 1);
- }
-
- r = SSL_RedoHandshake(td->s); /* .. and redo the handshake */
- if (PR_SUCCESS == r) { /* If the handshake succeeded, */
- /* make sure that shouldn't have failed... */
-
- /***
- If the server is doing ClientAuth
- and the wrong certificate in the
- client, then the handshake should fail (but it succeeded)
- ***/
-
-#if 0
- if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
- if ((CLIENT_CERT_SPARK == REP_ClientCert) ||
- (SERVER_CERT_HARDCOREII_512 == REP_ClientCert) ||
- (NO_CERT == REP_ClientCert)
- )
- return Error(90);
-
- }
-#endif
-
- }
-
- else { /* PR_FAILURE: Make sure the handshake shouldn't have succeeded */
-
- /* First, abort the peer, since it cannot continue */
- r = Error(91);
- if (0==r) return 0; /* peer aborted first */
- else {
- /***
- If the server is doing clientauth and
- a valid certificate was presented, the handshake
- should have succeeded (but it failed)
- ***/
-
- if (PR_TRUE == REP_ServerDoClientAuth) {
- if ((CLIENT_CERT_HARDCOREII_512 == REP_ClientCert) ||
- (CLIENT_CERT_HARDCOREII_1024 == REP_ClientCert) ||
- (CLIENT_CERT_VERISIGN == REP_ClientCert) ||
- (SERVER_CERT_HARDCOREII_512 == REP_ClientCert)
- )
- return Error(91);
- }
- }
- }
- }
-}
-
-
-
-/* There is a independent State Machine for each of client and server.
- They have the following states:
-
- 1. STATE_BEFORE_INITIAL_HANDSHAKE
- In this state at the very start. No I/O has been done on the socket,
- and no status has been collected. Once I/O has been done, we move on
- to state 2.
-
- 2. STATE_BEFORE_REDO_HANDSHAKE
- If we won't be doing a redohandshake, move immediately to state3.
- Check security status to make sure selected cipher is correct.
- If we are doing a redohandshake, adjust the security parameters for
- the redo, and move to state 3.
- 3. STATE_STATUS_COLLECTED
- When we move to this state, check security status.
- Remain in this state until either reading or writing is complete
- 4. STATE_DONE_WRITING
- Come here when writing is complete. When reading is complete move
- to state 6.
- 5. STATE_DONE_READING
- Come here when reading is complete. When writing is complete move
- to state 6.
- 6. STATE_DONE
- We're done. Check that the appropriate callbacks were called at the
- appropriate times.
- */
-
-/*
- * State Machine
- *
- * errors(80-89)
- */
-
-int NextState(struct ThreadData *td,
- int finishedReading,
- int finishedWriting) {
- int r;
-
-
-
- /* if we were in STATE_BEFORE_INITIAL_HANDSHAKE, and we came here, we must
- have just completed a handshake, so we can get status and move on
- to next state. */
-
- if (STATE_BEFORE_INITIAL_HANDSHAKE == td->state ) {
-
- td->state = STATE_BEFORE_REDO_HANDSHAKE; /* first set next state */
-
- r = GetSecStatus(td);
- if (PR_SUCCESS != r) {
- return Error(80);
- }
-
-#if 0
- r = VerifyStatus(td); /* Call VerifyStatus to make sure that the connection is
- what was expected */
- if (PR_SUCCESS != r) return r;
-#endif
-
-
- }
-
- if (STATE_BEFORE_REDO_HANDSHAKE == td->state) {
- /* If we're not going to do a redohandshake, we can just skip over this state */
- if (td->client) {
- if (PR_FALSE == REP_ClientRedoHandshake) td->state = STATE_STATUS_COLLECTED;
- }
- else {
- if (PR_FALSE == REP_ServerRedoHandshake) td->state = STATE_STATUS_COLLECTED;
- }
- r = DoRedoHandshake(td);
- if (PR_SUCCESS != r) return r;
- td->state = STATE_STATUS_COLLECTED;
- }
-
-
- switch (td->state) {
- case STATE_STATUS_COLLECTED:
- if (finishedWriting) td->state = STATE_DONE_WRITING;
- if (finishedReading) td->state = STATE_DONE_READING;
- break;
- case STATE_DONE_WRITING:
- if (finishedReading) td->state = STATE_DONE;
- break;
- case STATE_DONE_READING:
- if (finishedWriting) td->state = STATE_DONE;
- break;
- default:
- return PR_SUCCESS;
- }
-}
-
-
-/* CheckSSLEnabled:
- If there was an I/O, and SSL was disabled, then check the error
- code to make sure that the correct error was returned.
- The parameter passed in is the returncode from PR_Read or PR_Write
- */
-
-int CheckSSLEnabled(int j) {
- if (PR_FALSE == REP_SSLVersion2 &&
- PR_FALSE == REP_SSLVersion3) {
- if (( -1 != j ) ||
- (( -1 == j) && (PR_GetError() != SSL_ERROR_SSL_DISABLED))) {
- return 52;
- }
- else return 99;
- }
- else return 0;
-}
-
-
-
-/*
- * Do I/O
- *
- * Errors 50-69
- */
-
-int DoIO(struct ThreadData *td) {
-
-int i,j,r;
-
- td->pd.fd = td->s;
- td->pd.in_flags = PR_POLL_READ | PR_POLL_WRITE | PR_POLL_EXCEPT;
- td->data_read = 0;
- td->data_sent = 0;
-
- td->data_tosend = REP_ServerIOSessionLength;
-
- td->state = STATE_BEFORE_INITIAL_HANDSHAKE;
-
-
- while (PR_TRUE) {
- dbmsg((PR_STDERR,"%s: DoIO loop\n",
- &svr==td ? "Server" : "Client"));
-
- /* pd = polldescriptor, 1 = number of descriptors, 5 = timeout in seconds */
- r = PR_Poll(&td->pd,1,PR_SecondsToInterval(5));
-
- /* Check if peer has already signalled an error condition */
-
- PR_EnterMonitor(rcmon);
- if (0 != rc) {
- /* got here? - means peer wants to stop. It has set the
- exit code */
- PR_ExitMonitor(rcmon);
- dbmsg((PR_STDERR,"%s: Peer has aborted (error code %d). We should too\n",
- &svr==td ? "Server" : "Client",rc));
-
- return 0;
- }
- else {
- PR_ExitMonitor(rcmon);
- }
-
- if (0 == r) ; /* timeout occurred */
-
- if (td->pd.out_flags & PR_POLL_EXCEPT) return Error(50);
-
- /******* Process incoming data *******/
-
- if (! (STATE_DONE == td->state || STATE_DONE_READING == td->state)) {
- if (td->pd.out_flags & PR_POLL_READ) {
-
- td->secerr = 0;
- i = PR_Read(td->s, td->recvbuf, BUFSIZE);
-
- if (i < 0) {
- td->secerr_flag = 1;
- td->secerr = PR_GetError();
- }
- else td->secerr_flag =0;
-
- r = VerifyStatus(td);
-
- switch (r) {
- case SSLT_STATUS_CORRECT:
- break;
- case SSLT_STATUS_CORRECT_ERRORCODE:
- return Error(99);
- default:
- return Error(60+r);
- }
-
- r = VerifyBuffer(td->recvbuf, i, td->data_read, td->xor_reading);
- if (r) return r;
- td->data_read += i;
-
- /* Invoke State Machine */
-
- NextState(td, 0==i, 0); /* if i is zero, signal 'finishedreading' */
-
- }
- }
-
- if (! (STATE_DONE == td->state || STATE_DONE_WRITING == td->state)) {
- if (td->pd.out_flags & PR_POLL_WRITE) {
- FillBuffer(td->sendbuf,BUFSIZE,td->data_sent,td->xor_writing);
-
- i = td->data_tosend - td->data_sent;
- if (i > BUFSIZE) i = BUFSIZE; /* figure out how much
- data to send */
- td->secerr = 0;
- j = PR_Write(td->s, td->sendbuf, i);
-
-
- if (j < 0) {
- td->secerr_flag = 1;
- td->secerr = PR_GetError();
- }
- else td->secerr_flag =0;
-
- r = VerifyStatus(td);
-
- switch (r) {
- case SSLT_STATUS_CORRECT:
- break;
- case SSLT_STATUS_CORRECT_ERRORCODE:
- return Error(99);
- default:
- return Error(60+r);
- }
-
- }
- if (j == -1) return Error(53); /* Error on socket (Not an error
- if nonblocking IO enabled, and
- Error is Would Block */
-
- if (j != i) return Error(54); /* We didn't write the
- amount we should have */
-
- td->data_sent += j;
-
- if (td->data_sent == td->data_tosend) {
- PR_Shutdown(td->s,PR_SHUTDOWN_SEND);
- }
-
- /* next state of state machine */
-
- NextState(td,
- 0,
- td->data_sent == td->data_tosend /* finishedwriting */
- );
- }
-
-
-
- if (STATE_DONE == td->state) break;
-
- } /* while (1) */
-
- dbmsg((PR_STDERR,"%s: DoIO loop:returning 0\n",
- &svr==td ? "Server" : "Client"));
-
- return 0;
-
-}
-
-
-
-
-/* This is the start of the client thread code */
-/* Client Thread errors(100-200) */
-
-
-/*
- * CreateClientSocket()
- * errors (120-129)
- */
-
-
-int CreateClientSocket() {
- /* Create client socket s */
-
- cl.fd = PR_NewTCPSocket();
- if (cl.fd == NULL) return Error(120);
-
- cl.s = SSL_ImportFD(NULL, cl.fd);
- if (cl.s == NULL) return Error(121);
-
- return 0;
-}
-
-
-
-/*
- * SetClientSecParms
- * errors(130-139)
- */
-
-int SetClientSecParams() {
- int rv;
- /* SSL Enables */
-
- rv = SSL_Enable(cl.s, SSL_SECURITY, 1);
- if (rv < 0) return Error(130);
-
- rv = Version23Clear(cl.s);
- if (rv) return rv;
-
- if (REP_SSLVersion2) {
- rv = Version2Enable(cl.s);
- if (rv) return rv;
- }
- if (REP_SSLVersion3) {
- rv = Version3Enable(cl.s);
- if (rv) return rv;
- }
-
- SSL_SetPKCS11PinArg(cl.s,(void*)MyPWFunc);
-
- if (REP_ClientCert == NO_CERT) {
- return 0;
- }
- else {
- cl.cert = PK11_FindCertFromNickname(client_nick,NULL);
- }
- if (cl.cert == NULL) return Error(131);
-
- return 0;
-}
-
-
-/*
- * Client()
- * errors (100-120)
- */
-
-int Client() {
- int r;
-
- r = CreateClientSocket();
- if (r) return r;
-
- r = SetClientSecParams();
- if (r) return r;
-
- /* Set address to connect to: localhost */
-
- r = PR_InitializeNetAddr(PR_IpAddrLoopback,0,&cl.na);
- cl.na.inet.port = cl.peerport;
- if (PR_FAILURE == r) return Error(101);
-
- r = SSL_AuthCertificateHook(cl.s,AuthCertificate,&cl);
- if (r) return Error(102);
- r = SSL_HandshakeCallback(cl.s,HandshakeCallback,&cl);
- if (r) return Error(103);
-
- r = PR_Connect(cl.s, &cl.na, PR_SecondsToInterval(50));
- if (PR_FAILURE == r) {
- dbmsg((PR_STDERR, "Client: Seclib error: %s\n",SECU_ErrorString ((int16) PR_GetError())));
- return Error(104);
- }
-
-
- if (PR_TRUE == REP_ClientForceHandshake) {
- r = SSL_ForceHandshake(cl.s);
- if (PR_FAILURE == r) {
- dbmsg((PR_STDERR, "Client: Seclib error: %s\n",
- SECU_ErrorString ((int16) PR_GetError())));
- return Error(105);
- }
- }
-
- cl.client = PR_TRUE;
- cl.xor_reading = 0;
- cl.xor_writing = CLIENTXOR;
-
- r = DoIO(&cl);
-
- dbmsg((PR_STDERR,"Client Thread done with IO. Returned %d\n",r));
-
-
- if (PR_SUCCESS != r) return r;
-
- r = PR_Close(cl.s);
-
- dbmsg((PR_STDERR,"Client Socket closing. Returned %d\n",r));
-
- return Error(r);
-
-}
-
-
-
- void ClientThread(void *arg) {
- int r;
-
- Error(Client());
-
- dbmsg((PR_STDERR,"Client Thread returning %d\n",r));
-
-
- }
-
-
-
-
-
-
- /* VerifyBuffer() */
-
-/* verify the data in the buffer. Returns 0 if valid */
-/* recvbuf = start of data to verify
- * bufsize = amount of data to verify
- * done = how to offset the reference data. How much
- data we have done in previous sessions
- * xor = xor character
-
- * errors 70-79
-
- */
-
- int VerifyBuffer(char *recvbuf,int bufsize,int done, char xor) {
- int i,j,k;
-
- while (bufsize) {
- i = done % DATABUFSIZE;
-
- k = DATABUFSIZE;
- if (bufsize < k) {
- k = bufsize;
- }
- for (j = i; j < k ; j++) {
- if ((data[j] ^ xor) != (*recvbuf)) {
- return 71;
- }
-
- recvbuf++;
- }
- done += k-i;
- bufsize -= (k - i);
- if (bufsize < 0) return 73;
- }
- return (0);
-}
-
-
-/* fill the buffer. */
-
- void FillBuffer(char *sendbuf,int bufsize, int offset, char xor) {
- int done=0,i,j;
-
- while (done < bufsize) {
- i = offset % DATABUFSIZE;
- for (j = i; j < DATABUFSIZE ; j++) {
- *sendbuf = (data[j] ^ xor);
- sendbuf++;
- }
- done += (DATABUFSIZE - i);
- offset += (DATABUFSIZE - i);
- }
- }
-
-
-
-
-/****** CALLBACKS *******/
-
-
-
-/* HandshakeCallback
- This function gets called when a handshake has just completed.
- (maybe gets called more than once for example if we RedoHandshake)
- */
-
- void HandshakeCallback(PRFileDesc *s, void *td) {
- int r;
-
- /* 1. Get status of connection */
-
- r = GetSecStatus(td);
- if (PR_SUCCESS != r) {
- /* Abort */
- }
- else {
-
- /* 2. Verify status of connection */
-
-#if 0
- r =VerifyStatus(td);
- if (PR_SUCCESS != r) {
- /* Abort */
- }
-#endif
- }
-
- }
-
-
-
-/* This function gets called by the client thread's SSL code to verify
- the server's certificate. We cannot use the default AuthCertificate
- code because the certificates are used on multiple hosts, so
- CERT_VerifyCertNow() would fail with an IP address mismatch error
- */
-
-int
-AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
-{
- SECStatus rv;
- CERTCertDBHandle *handle;
- /* PRFileDesc *ss; */
- SECCertUsage certUsage;
-
- /* ss = ssl_FindSocket(fd);
- PORT_Assert(ss != NULL); */
-
- handle = (CERTCertDBHandle *)arg;
-
- if ( isServer ) {
- certUsage = certUsageSSLClient;
- } else {
- certUsage = certUsageSSLServer;
- }
-
- /* rv = CERT_VerifyCertNow(handle, ss->sec->peerCert, checkSig, certUsage, arg); */
-
- return((int)PR_SUCCESS);
-}
-
-
-
-
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
deleted file mode 100755
index e792755cc..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLT_H
-#define SSLT_H
-
-
-extern int Error(int);
-#ifndef DEBUG_stevep
-#define dbmsg(x) if (debug) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-extern PRInt32 debug;
-
-#ifdef INSERT_TABLES
-int testId = 0;
-
-int ClientCert[] = {
- NO_CERT,
- CLIENT_CERT_HARDCOREII_1024
-};
-
-int ServerCert[] = {
- SERVER_CERT_HARDCOREII_512
-};
-
-int Policy[] = {
- POLICY_EXPORT,
- POLICY_DOMESTIC
-};
-
-int SSLVersion2[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-int SSLVersion3[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-int ClientIOSessionLength[] = {
- 0,
- 1024
-};
-
-int ServerIOSessionLength[] = {
- 0,
- 1024
-};
-
-int ServerDoClientAuth[] = {
- SSLT_CLIENTAUTH_OFF
-};
-
-PRBool ClientForceHandshake[] = {
- PR_FALSE
-};
-
-PRBool ServerForceHandshake[] = {
- PR_TRUE
-};
-
-PRBool ClientRedoHandshake[] = {
- PR_FALSE
-};
-
-PRBool ServerRedoHandshake[] = {
- PR_FALSE
-};
-
-PRBool Cipher_EN_RC4_128_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_RC4_128_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_DES_CBC_SHA[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-
-#else
-extern int ClientCert[];
-extern int ServerCert[];
-extern int Policy[];
-extern int SSLVersion2[];
-extern int SSLVersion3[];
-extern int ClientIOSessionLength[];
-extern int ServerIOSessionLength[];
-extern int ServerDoClientAuth[];
-extern PRBool ClientForceHandshake[];
-extern PRBool ServerForceHandshake[];
-extern PRBool ClientRedoHandshake[];
-extern PRBool ServerRedoHandshake[];
-extern PRBool Cipher_EN_RC4_128_WITH_MD5[];
-extern PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[];
-extern PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[];
-extern PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[];
-extern PRBool Cipher_RSA_WITH_RC4_128_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[];
-extern PRBool Cipher_RSA_WITH_DES_CBC_SHA[];
-extern PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[];
-extern int testId;
-#endif
-
-
-#define REP_ClientCert ClientCert[testId%2]
-#define REP_ServerCert ServerCert[testId/2%1]
-#define REP_Policy Policy[testId/2/1%2]
-#define REP_SSLVersion2 SSLVersion2[testId/2/1/2%2]
-#define REP_SSLVersion3 SSLVersion3[testId/2/1/2/2%2]
-#define REP_ClientIOSessionLength ClientIOSessionLength[testId/2/1/2/2/2%2]
-#define REP_ServerIOSessionLength ServerIOSessionLength[testId/2/1/2/2/2/2%2]
-#define REP_ServerDoClientAuth ServerDoClientAuth[testId/2/1/2/2/2/2/2%1]
-#define REP_ClientForceHandshake ClientForceHandshake[testId/2/1/2/2/2/2/2/1%1]
-#define REP_ServerForceHandshake ServerForceHandshake[testId/2/1/2/2/2/2/2/1/1%1]
-#define REP_ClientRedoHandshake ClientRedoHandshake[testId/2/1/2/2/2/2/2/1/1/1%1]
-#define REP_ServerRedoHandshake ServerRedoHandshake[testId/2/1/2/2/2/2/2/1/1/1/1%1]
-
-
-#define REP_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1%2]
-#define REP_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2%2]
-#define REP_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2%2]
-#ifdef undef
-#define REP_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 $[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_IDEA_128_CBC_WITH_MD5 $[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#define REP_Cipher_EN_DES_64_CBC_WITH_MD5 $[Cipher_EN_DES_64_CBC_WITH_MD5
-#define REP_Cipher_RSA_WITH_NULL_SHA $[Cipher_RSA_WITH_NULL_SHA]
-#define REP_Cipher_RSA_WITH_RC4_128_SHA $[Cipher_RSA_WITH_RC4_128_SHA]
-#define REP_Cipher_RSA_WITH_IDEA_CBC_SHA $[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#define REP_Cipher_NULL_WITH_NULL_NULL $[Cipher_NULL_WITH_NULL_NULL]
-#define REP_Cipher_RSA_WITH_NULL_MD5 $[Cipher_RSA_WITH_NULL_MD5]
-#endif
-#define REP_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2%2]
-#define REP_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_WITH_RC4_128_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2%2]
-#define REP_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_DES_CBC_SHA[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_3DES_EDE_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2/2/2%2]
-
-#ifdef undef
-#define REP_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA $[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-
-#define REP_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_DES_CBC_SHA [Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_DES_CBC_SHA [Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_DES_CBC_SHA [Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_DES_CBC_SHA [Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 [Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_DH_ANON_WITH_RC4_128_MD5 [Cipher_DH_ANON_WITH_RC4_128_MD5]
-#define REP_Cipher_DH_ANON_WITH_DES_CBC_SHA [Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA [Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA $[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA $[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#endif
-#define REP_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA $[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_RSA_FIPS_WITH_DES_CBC_SHA $[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-
-
-#endif
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
deleted file mode 100644
index 06e55d176..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLT_H
-#define SSLT_H
-
-
-extern int Error(int);
-#ifndef DEBUG_stevep
-#define dbmsg(x) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-
-#ifdef INSERT_TABLES
-$[DATA-TO-TEST]
-#else
-extern int ClientCert[];
-extern int ServerCert[];
-extern int Policy[];
-extern int SSLVersion2[];
-extern int SSLVersion3[];
-extern int ClientIOSessionLength[];
-extern int ServerIOSessionLength[];
-extern int ServerDoClientAuth[];
-extern PRBool ClientForceHandshake[];
-extern PRBool ServerForceHandshake[];
-extern PRBool ClientRedoHandshake[];
-extern PRBool ServerRedoHandshake[];
-extern PRBool Cipher_EN_RC4_128_WITH_MD5[];
-extern PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[];
-extern PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[];
-extern PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[];
-extern PRBool Cipher_RSA_WITH_RC4_128_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[];
-extern PRBool Cipher_RSA_WITH_DES_CBC_SHA[];
-extern PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[];
-extern int testId;
-#endif
-
-
-#define REP_ClientCert $[ClientCert]
-#define REP_ServerCert $[ServerCert]
-#define REP_Policy $[Policy]
-#define REP_SSLVersion2 $[SSLVersion2]
-#define REP_SSLVersion3 $[SSLVersion3]
-#define REP_ClientIOSessionLength $[ClientIOSessionLength]
-#define REP_ServerIOSessionLength $[ServerIOSessionLength]
-#define REP_ServerDoClientAuth $[ServerDoClientAuth]
-#define REP_ClientForceHandshake $[ClientForceHandshake]
-#define REP_ServerForceHandshake $[ServerForceHandshake]
-#define REP_ClientRedoHandshake $[ClientRedoHandshake]
-#define REP_ServerRedoHandshake $[ServerRedoHandshake]
-
-
-#define REP_Cipher_EN_RC4_128_WITH_MD5 $[Cipher_EN_RC4_128_WITH_MD5]
-#define REP_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 $[Cipher_EN_RC4_128_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_RC2_128_CBC_WITH_MD5 $[Cipher_EN_RC2_128_CBC_WITH_MD5]
-#ifdef undef
-#define REP_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 $[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_IDEA_128_CBC_WITH_MD5 $[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#define REP_Cipher_EN_DES_64_CBC_WITH_MD5 $[Cipher_EN_DES_64_CBC_WITH_MD5
-#define REP_Cipher_RSA_WITH_NULL_SHA $[Cipher_RSA_WITH_NULL_SHA]
-#define REP_Cipher_RSA_WITH_RC4_128_SHA $[Cipher_RSA_WITH_RC4_128_SHA]
-#define REP_Cipher_RSA_WITH_IDEA_CBC_SHA $[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#define REP_Cipher_NULL_WITH_NULL_NULL $[Cipher_NULL_WITH_NULL_NULL]
-#define REP_Cipher_RSA_WITH_NULL_MD5 $[Cipher_RSA_WITH_NULL_MD5]
-#endif
-#define REP_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 $[Cipher_EN_DES_192_EDE3_CBC_WITH_MD5]
-#define REP_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 $[Cipher_RSA_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_RSA_WITH_RC4_128_MD5 $[Cipher_RSA_WITH_RC4_128_MD5]
-#define REP_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 $[Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
-#define REP_Cipher_RSA_WITH_DES_CBC_SHA $[Cipher_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_RSA_WITH_3DES_EDE_CBC_SHA $[Cipher_RSA_WITH_3DES_EDE_CBC_SHA]
-
-#ifdef undef
-#define REP_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA $[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-
-#define REP_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_DES_CBC_SHA [Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_DES_CBC_SHA [Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_DES_CBC_SHA [Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_DES_CBC_SHA [Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 [Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_DH_ANON_WITH_RC4_128_MD5 [Cipher_DH_ANON_WITH_RC4_128_MD5]
-#define REP_Cipher_DH_ANON_WITH_DES_CBC_SHA [Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA [Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA $[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA $[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#endif
-#define REP_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA $[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_RSA_FIPS_WITH_DES_CBC_SHA $[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-
-
-#endif
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
deleted file mode 100644
index 278412826..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
+++ /dev/null
@@ -1,417 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-cTemplate = sslt.htp
-makeTemplate = ssl.mtp
-path = .
-testPrefix = sslt
-testSuffix = .h
-regressSpecfile = ssl.reg
-regressOutput = ssl.html
-mut = SSL
-mutversion = 1.0
-timeout = 6
-makefileOutput = Makefile
-reporterOutput = ssl.rpt
-singleSource = TRUE
-
-
-
-# The names given for the Client and Server Certificates are
-# nicknames from the database
-
-[ClientCert]
-IMPORTANCE = HIGH
-TYPE = int
-ClientCert_none = NO_CERT
-ClientCert_one = CLIENT_CERT_HARDCOREII_1024
-#ClientCert_oneb = CLIENT_CERT_HARDCOREII_512
-#ClientCert_two = CLIENT_CERT_SPARK
-#ClientCert_three = SERVER_CERT_HARDCOREII_1024
-#ClientCert_four = CLIENT_CERT_VERISIGN
-
-[ServerCert]
-IMPORTANCE = HIGH
-TYPE = int
-#ServerCert_none = NO_CERT
-ServerCert_one = SERVER_CERT_HARDCOREII_512
-#ServerCert_two = CLIENT_CERT_HARDCOREII_512
-#ServerCert_three = SERVER_CERT_SPARK
-#ServerCert_four = SERVER_CERT_VERISIGN_REGULAR
-#ServerCert_five = SERVER_CERT_VERISIGN_STEPUP
-
-
-##### POLICY ####
-#
-# (right now, policy can only be set globally. When bug #102853 is
-# fixed, I'll be able to bring ClientPolicy and ServerPolicy back)
-#
-
-[Policy]
-IMPORTANCE = HIGH
-TYPE = int
-ExportPolicy = POLICY_EXPORT
-DomesticPolicy = POLICY_DOMESTIC
-
-#[ClientPolicy]
-#IMPORTANCE = HIGH
-#TYPE = int
-#ExportPolicy = POLICY_EXPORT
-#DomesticPolicy = POLICY_DOMESTIC
-
-#[ServerPolicy]
-#IMPORTANCE = HIGH
-#TYPE = int
-#ServerExportPolicy = POLICY_EXPORT
-#ServerDomesticPolicy = POLICY_DOMESTIC
-
-# Which SSL version to enable. Like the policy, this is a global
-# setting, affecting both client and server sockets
-
-[SSLVersion2]
-IMPORTANCE = HIGH
-TYPE = int
-SSLVersion2 = PR_TRUE
-NO_SSLVersion2 = PR_FALSE
-
-[SSLVersion3]
-IMPORTANCE = HIGH
-TYPE = int
-SSLVersion3 = PR_TRUE
-NO_SSLVersion3 = PR_FALSE
-
-#[ClientIOModel]
-#IMPORTANCE = LOW
-#TYPE = int
-#ClientIOBlocking = 0
-#ClientIONonBlocking = 1
-
-#[ServerIOModel]
-#IMPORTANCE = LOW
-#TYPE = int
-#ServerIOBlocking = BLOCKING
-#ServerIONonBlocking = NON_BLOCKING
-
-[ClientIOSessionLength]
-IMPORTANCE = LOW
-TYPE = int
-ClientIOLength0 = 0
-ClientIOLength1K = 1024
-#ClientIOLength256K = 262144
-#ClientIOLength5M = 5242880
-
-[ServerIOSessionLength]
-IMPORTANCE = LOW
-TYPE = int
-ServerIOLength0 = 0
-ServerIOLength1K = 1024
-#ServerIOLength256K = 262144
-#ServerIOLength5M = 5242880
-
-[ServerDoClientAuth]
-IMPORTANCE = LOW
-TYPE = int
-#ClientAuthOnInitial = SSLT_CLIENTAUTH_INITIAL
-#ClientAuthOnRedo = SSLT_CLIENTAUTH_REDO
-ClientAuthOff = SSLT_CLIENTAUTH_OFF
-
-[ClientForceHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ClientForceHandshake = PR_TRUE
-ClientNoForceHandshake = PR_FALSE
-
-[ServerForceHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-ServerForceHandshake = PR_TRUE
-#ServerNoForceHandshake = PR_FALSE
-
-[ClientRedoHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ClientRedoHandshake = PR_TRUE
-ClientNoRedoHandshake = PR_FALSE
-
-[ServerRedoHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ServerRedoHandshake = PR_TRUE
-ServerNoRedoHandshake = PR_FALSE
-
-
-
-###########################################################################
-#
-# C i p h e r S p e c s
-#
-###########################################################################
-
-
-[Cipher_EN_RC4_128_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC4_128_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC4_128_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_RC4_128_EXPORT40_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_RC2_128_CBC_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_DES_64_CBC_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_DES_64_CBC_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_DES_64_CBC_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_DES_192_EDE3_CBC_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_TRUE
-No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_FALSE
-
-# SSL v3 Cipher Suites
-#[Cipher_NULL_WITH_NULL_NULL]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_NULL_WITH_NULL_NULL = PR_TRUE
-#No_Cipher_NULL_WITH_NULL_NULL = PR_FALSE
-
-#[Cipher_RSA_WITH_NULL_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_NULL_MD5 = PR_TRUE
-#No_Cipher_RSA_WITH_NULL_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_NULL_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_NULL_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_NULL_SHA = PR_FALSE
-
-[Cipher_RSA_EXPORT_WITH_RC4_40_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_TRUE
-No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_FALSE
-
-[Cipher_RSA_WITH_RC4_128_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_RC4_128_MD5 = PR_TRUE
-No_Cipher_RSA_WITH_RC4_128_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_RC4_128_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_RC4_128_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_RC4_128_SHA = PR_FALSE
-
-[Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_TRUE
-No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_IDEA_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_IDEA_CBC_SHA = PR_FALSE
-
-#[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-[Cipher_RSA_WITH_DES_CBC_SHA]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_DES_CBC_SHA = PR_TRUE
-No_Cipher_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-[Cipher_RSA_WITH_3DES_EDE_CBC_SHA]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-
-#[Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-
-#[Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-
-#[Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_TRUE
-#No_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_FALSE
-
-#[Cipher_DH_ANON_WITH_RC4_128_MD5]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_TRUE
-#No_Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_FALSE
-
-###define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019
-
-#[Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_TRUE
-#No_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_FALSE
-
-#[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_TRUE
-#No_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_FALSE
-
-
-#[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_FALSE
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/.cvsignore b/security/nss/tests/pkcs11/netscape/trivial/.cvsignore
deleted file mode 100644
index e3884c884..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/.cvsignore
+++ /dev/null
@@ -1,6 +0,0 @@
-Makefile
-config.cache
-config.h
-config.log
-config.status
-trivial*.tar.gz
diff --git a/security/nss/tests/pkcs11/netscape/trivial/Makefile.in b/security/nss/tests/pkcs11/netscape/trivial/Makefile.in
deleted file mode 100644
index 7f9488350..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/Makefile.in
+++ /dev/null
@@ -1,175 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is a trivial PKCS#11 test program.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corp. Portions created by Netscape are
-# Copyright (C) 2000. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-MAKEFILE_IN_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-SHELL = /bin/sh
-.SUFFIXES:
-.SUFFIXES: .c .o .h .in .a .so
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-includedir = @includedir@
-bindir = @bindir@
-@SET_MAKE@
-INSTALL = @INSTALL@
-RANLIB = @RANLIB@
-AR = @AR@
-CC = @CC@
-LD = @LD@
-RM = @RM@
-TAR = @TAR@
-
-CPPFLAGS = @CPPFLAGS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
-
-INSTALL_PROGRAM = $(INSTALL) -m 0500
-
-all:: program
-
-# Standard Netscape/Mozilla targets:
-# import import_xp export private_export libs program install all clobber
-# clobber_all release release_xp alltags
-
-# Standard GNU targets:
-# all install uninstall install-strip clean distclean mostlyclean
-# maintainer-clean TAGS info dvi dist check installcheck installdirs
-
-# === The actual targets and the real commands that make them ===
-program:: trivial
-
-trivial: trivial.c config.h Makefile
- $(CC) -I. -I${srcdir} $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LDFLAGS) $(LIBS)
-
-# Now, various standard targets, some that do stuff, some that are no-ops
-
-import::
-
-export:: install
-
-private_export::
-
-program::
-
-clobber:: clean
-
-clobber_all:: maintainer-clean
-
-alltags:: TAGS
-
-RESULTS = \
- $(DESTDIR)$(bindir)/trivial \
- $(NULL)
-
-install:: $(RESULTS)
-
-$(DESTDIR)$(bindir)/trivial: trivial
- $(INSTALL_PROGRAM) trivial $(DESTDIR)$(bindir)/trivial
-
-# "rm -f" with no arguments bites on some platforms.
-# There should be an autoconf check and maybe a more
-# general $(FORCEDREMOVE) command
-
-uninstall::
- $(RM) -f $(RESULTS)
-
-install-strip::
- $(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s ' install
-
-clean::
- $(RM) -f *~ core trivial.o trivial
-
-distclean:: clean
- $(RM) -f Makefile config.cache config.h config.log config.status stamp-h stamp-h.in
-
-mostlyclean:: clean
-
-maintainer-clean:: distclean
- $(RM) -f TAGS trivial*.tar.gz
-
-TAGS::
-
-DISTFILES = \
- .cvsignore \
- README.txt \
- Makefile.in \
- acconfig.h \
- config.h.in \
- configure \
- configure.in \
- install-sh \
- trivial.c \
- $(NULL)
-
-dist:: trivial.tar.gz
-
-# There must be an easier and more portable way of doing this..
-trivial.tar.gz: $(DISTFILES)
- echo $(DISTFILES) | tr ' ' '\n' | sed "s^.*^`( cd ${srcdir}; pwd ) | xargs basename`/&^" | xargs tar czf $@ -C ${srcdir}/..
-
-# other "standard" but irrelevant targets
-info::
-
-dvi::
-
-check::
-
-installcheck::
-
-installdirs::
-
-# Include dependancies
-
-
-# autoheader might not change config.h.in, so touch a stamp file
-${srcdir}/config.h.in: stamp-h.in
-${srcdir}/stamp-h.in: configure.in acconfig.h
- cd ${srcdir} && autoheader
- echo timestamp > ${srcdir}/stamp-h.in
-
-# Remake the configuration
-${srcdir}/configure: configure.in
- cd ${srcdir} && autoconf
-
-config.h: stamp-h
-stamp-h: config.h.in config.status
- ./config.status
-
-Makefile: Makefile.in config.status
- ./config.status
-
-config.status: configure
- ./config.status --recheck
diff --git a/security/nss/tests/pkcs11/netscape/trivial/README.txt b/security/nss/tests/pkcs11/netscape/trivial/README.txt
deleted file mode 100644
index 5c18a5089..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/README.txt
+++ /dev/null
@@ -1,56 +0,0 @@
-This is a very trivial program that loads and excercises a PKCS#11
-module, trying basic operations. I used it as a basic check that
-my data-only modules for NSS worked, and I'm including it here as
-a first sample test program.
-
-
-This program uses GNU autoconf: run ./configure --help for info.
-In addition to the standard options, the configure script accepts
-the following:
-
- --with-nspr[=path] specify location of NSPR
- --with-nss-dist[=path] specify path to NSS dist directory
- --with-nss-hdrs[=path] or, specify path to installed NSS headers
- --with-rsa-hdrs[=path] if not using NSS, specify path to RSA headers
- --disable-debug default is enabled
-
-This program uses NSPR; you may specify the path to your NSPR
-installation by using the "--with-nspr" option. The specified
-directory should be the one containing "include" and "lib."
-If this option is not given, the default is the usual prefix
-directories; see ./configure --help for more info.
-
-This program requires either the pkcs11*.h files from RSA, or
-the NSS equivalents. To specify their location, you must
-specify one of --with-nss-dist, --with-nss-hdrs, or --with-rsa-hdrs.
-
-If you have an NSS build tree, specify --with-nss-dist and provide
-the path to the mozilla/dist/*.OBJ directory. (If you got this
-package by checking it out from mozilla, it should be about six
-directories up, once you've built NSS.)
-
-Alternatively, if you have an NSS installation (including "private"
-files, e.g. "ck.h") you may point directly to the directory containing
-the headers with --with-nss-hdrs.
-
-If you would rather use the RSA-provided header files, or your own
-versions of them, specify their location with --with-rsa-hdrs.
-
-The flag --disable-debug doesn't really do much here other than
-exclude the CVS_ID info from the binary.
-
-
-To run the program, specify the name of the .so (or your platform's
-equivalent) containing the module to be tested, e.g.:
-
- ./trivial ../../../../../../dist/*.OBJ/lib/libnssckbi.so
-
-
-If you're using NSS, and using our experimental "installer's
-arguments" fields in CK_C_INITIALIZE_ARGS, you can specify an
-"installer argument" with the -i flag:
-
- ./trivial -i ~/.netscape/certs.db [...]/libnssckdb.so
-
-
-Share and enjoy.
diff --git a/security/nss/tests/pkcs11/netscape/trivial/acconfig.h b/security/nss/tests/pkcs11/netscape/trivial/acconfig.h
deleted file mode 100644
index 36f98f87a..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/acconfig.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a trivial PKCS#11 test program.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Define to use NSS header files instead of the regular RSA ones */
-#undef WITH_NSS
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/config.h.in b/security/nss/tests/pkcs11/netscape/trivial/config.h.in
deleted file mode 100644
index bf5d5f3b5..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/config.h.in
+++ /dev/null
@@ -1,28 +0,0 @@
-/* config.h.in. Generated automatically from configure.in by autoheader. */
-
-/* Define to empty if the keyword does not work. */
-#undef const
-
-/* Define to use NSS header files instead of the regular RSA ones */
-#undef WITH_NSS
-
-/* Define if you have the memset function. */
-#undef HAVE_MEMSET
-
-/* Define if you have the strlen function. */
-#undef HAVE_STRLEN
-
-/* Define if you have the <ck.h> header file. */
-#undef HAVE_CK_H
-
-/* Define if you have the <nspr.h> header file. */
-#undef HAVE_NSPR_H
-
-/* Define if you have the <pkcs11.h> header file. */
-#undef HAVE_PKCS11_H
-
-/* Define if you have the <pkcs11t.h> header file. */
-#undef HAVE_PKCS11T_H
-
-/* Define if you have the nspr4 library (-lnspr4). */
-#undef HAVE_LIBNSPR4
diff --git a/security/nss/tests/pkcs11/netscape/trivial/configure b/security/nss/tests/pkcs11/netscape/trivial/configure
deleted file mode 100755
index d9571ccdd..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/configure
+++ /dev/null
@@ -1,1906 +0,0 @@
-#! /bin/sh
-
-# Guess values for system-dependent variables and create Makefiles.
-# Generated automatically using autoconf version 2.13
-# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-
-# Defaults:
-ac_help=
-ac_default_prefix=/usr/local
-# Any additions from configure.in:
-ac_help="$ac_help
- --with-nspr[=path] specify location of NSPR"
-ac_help="$ac_help
- --with-nss-dist[=path] specify path to NSS dist directory"
-ac_help="$ac_help
- --with-nss-hdrs[=path] or, specify path to installed NSS headers"
-ac_help="$ac_help
- --with-rsa-hdrs[=path] if not using NSS, specify path to RSA headers"
-ac_help="$ac_help
- --disable-debug default is enabled"
-
-# Initialize some variables set by options.
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-build=NONE
-cache_file=./config.cache
-exec_prefix=NONE
-host=NONE
-no_create=
-nonopt=NONE
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-target=NONE
-verbose=
-x_includes=NONE
-x_libraries=NONE
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datadir='${prefix}/share'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-libdir='${exec_prefix}/lib'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-infodir='${prefix}/info'
-mandir='${prefix}/man'
-
-# Initialize some other variables.
-subdirs=
-MFLAGS= MAKEFLAGS=
-SHELL=${CONFIG_SHELL-/bin/sh}
-# Maximum number of lines to put in a shell here document.
-ac_max_here_lines=12
-
-ac_prev=
-for ac_option
-do
-
- # If the previous option needs an argument, assign it.
- if test -n "$ac_prev"; then
- eval "$ac_prev=\$ac_option"
- ac_prev=
- continue
- fi
-
- case "$ac_option" in
- -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
- *) ac_optarg= ;;
- esac
-
- # Accept the important Cygnus configure options, so we can diagnose typos.
-
- case "$ac_option" in
-
- -bindir | --bindir | --bindi | --bind | --bin | --bi)
- ac_prev=bindir ;;
- -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
- bindir="$ac_optarg" ;;
-
- -build | --build | --buil | --bui | --bu)
- ac_prev=build ;;
- -build=* | --build=* | --buil=* | --bui=* | --bu=*)
- build="$ac_optarg" ;;
-
- -cache-file | --cache-file | --cache-fil | --cache-fi \
- | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
- ac_prev=cache_file ;;
- -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
- | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
- cache_file="$ac_optarg" ;;
-
- -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
- ac_prev=datadir ;;
- -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
- | --da=*)
- datadir="$ac_optarg" ;;
-
- -disable-* | --disable-*)
- ac_feature=`echo $ac_option|sed -e 's/-*disable-//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then
- { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
- fi
- ac_feature=`echo $ac_feature| sed 's/-/_/g'`
- eval "enable_${ac_feature}=no" ;;
-
- -enable-* | --enable-*)
- ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then
- { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
- fi
- ac_feature=`echo $ac_feature| sed 's/-/_/g'`
- case "$ac_option" in
- *=*) ;;
- *) ac_optarg=yes ;;
- esac
- eval "enable_${ac_feature}='$ac_optarg'" ;;
-
- -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
- | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
- | --exec | --exe | --ex)
- ac_prev=exec_prefix ;;
- -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
- | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
- | --exec=* | --exe=* | --ex=*)
- exec_prefix="$ac_optarg" ;;
-
- -gas | --gas | --ga | --g)
- # Obsolete; use --with-gas.
- with_gas=yes ;;
-
- -help | --help | --hel | --he)
- # Omit some internal or obsolete options to make the list less imposing.
- # This message is too long to be a string in the A/UX 3.1 sh.
- cat << EOF
-Usage: configure [options] [host]
-Options: [defaults in brackets after descriptions]
-Configuration:
- --cache-file=FILE cache test results in FILE
- --help print this message
- --no-create do not create output files
- --quiet, --silent do not print \`checking...' messages
- --version print the version of autoconf that created configure
-Directory and file names:
- --prefix=PREFIX install architecture-independent files in PREFIX
- [$ac_default_prefix]
- --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
- [same as prefix]
- --bindir=DIR user executables in DIR [EPREFIX/bin]
- --sbindir=DIR system admin executables in DIR [EPREFIX/sbin]
- --libexecdir=DIR program executables in DIR [EPREFIX/libexec]
- --datadir=DIR read-only architecture-independent data in DIR
- [PREFIX/share]
- --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc]
- --sharedstatedir=DIR modifiable architecture-independent data in DIR
- [PREFIX/com]
- --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var]
- --libdir=DIR object code libraries in DIR [EPREFIX/lib]
- --includedir=DIR C header files in DIR [PREFIX/include]
- --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include]
- --infodir=DIR info documentation in DIR [PREFIX/info]
- --mandir=DIR man documentation in DIR [PREFIX/man]
- --srcdir=DIR find the sources in DIR [configure dir or ..]
- --program-prefix=PREFIX prepend PREFIX to installed program names
- --program-suffix=SUFFIX append SUFFIX to installed program names
- --program-transform-name=PROGRAM
- run sed PROGRAM on installed program names
-EOF
- cat << EOF
-Host type:
- --build=BUILD configure for building on BUILD [BUILD=HOST]
- --host=HOST configure for HOST [guessed]
- --target=TARGET configure for TARGET [TARGET=HOST]
-Features and packages:
- --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
- --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
- --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --x-includes=DIR X include files are in DIR
- --x-libraries=DIR X library files are in DIR
-EOF
- if test -n "$ac_help"; then
- echo "--enable and --with options recognized:$ac_help"
- fi
- exit 0 ;;
-
- -host | --host | --hos | --ho)
- ac_prev=host ;;
- -host=* | --host=* | --hos=* | --ho=*)
- host="$ac_optarg" ;;
-
- -includedir | --includedir | --includedi | --included | --include \
- | --includ | --inclu | --incl | --inc)
- ac_prev=includedir ;;
- -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
- | --includ=* | --inclu=* | --incl=* | --inc=*)
- includedir="$ac_optarg" ;;
-
- -infodir | --infodir | --infodi | --infod | --info | --inf)
- ac_prev=infodir ;;
- -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
- infodir="$ac_optarg" ;;
-
- -libdir | --libdir | --libdi | --libd)
- ac_prev=libdir ;;
- -libdir=* | --libdir=* | --libdi=* | --libd=*)
- libdir="$ac_optarg" ;;
-
- -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
- | --libexe | --libex | --libe)
- ac_prev=libexecdir ;;
- -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
- | --libexe=* | --libex=* | --libe=*)
- libexecdir="$ac_optarg" ;;
-
- -localstatedir | --localstatedir | --localstatedi | --localstated \
- | --localstate | --localstat | --localsta | --localst \
- | --locals | --local | --loca | --loc | --lo)
- ac_prev=localstatedir ;;
- -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
- | --localstate=* | --localstat=* | --localsta=* | --localst=* \
- | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
- localstatedir="$ac_optarg" ;;
-
- -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
- ac_prev=mandir ;;
- -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
- mandir="$ac_optarg" ;;
-
- -nfp | --nfp | --nf)
- # Obsolete; use --without-fp.
- with_fp=no ;;
-
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c)
- no_create=yes ;;
-
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
- no_recursion=yes ;;
-
- -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
- | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
- | --oldin | --oldi | --old | --ol | --o)
- ac_prev=oldincludedir ;;
- -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
- | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
- | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
- oldincludedir="$ac_optarg" ;;
-
- -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
- ac_prev=prefix ;;
- -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
- prefix="$ac_optarg" ;;
-
- -program-prefix | --program-prefix | --program-prefi | --program-pref \
- | --program-pre | --program-pr | --program-p)
- ac_prev=program_prefix ;;
- -program-prefix=* | --program-prefix=* | --program-prefi=* \
- | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
- program_prefix="$ac_optarg" ;;
-
- -program-suffix | --program-suffix | --program-suffi | --program-suff \
- | --program-suf | --program-su | --program-s)
- ac_prev=program_suffix ;;
- -program-suffix=* | --program-suffix=* | --program-suffi=* \
- | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
- program_suffix="$ac_optarg" ;;
-
- -program-transform-name | --program-transform-name \
- | --program-transform-nam | --program-transform-na \
- | --program-transform-n | --program-transform- \
- | --program-transform | --program-transfor \
- | --program-transfo | --program-transf \
- | --program-trans | --program-tran \
- | --progr-tra | --program-tr | --program-t)
- ac_prev=program_transform_name ;;
- -program-transform-name=* | --program-transform-name=* \
- | --program-transform-nam=* | --program-transform-na=* \
- | --program-transform-n=* | --program-transform-=* \
- | --program-transform=* | --program-transfor=* \
- | --program-transfo=* | --program-transf=* \
- | --program-trans=* | --program-tran=* \
- | --progr-tra=* | --program-tr=* | --program-t=*)
- program_transform_name="$ac_optarg" ;;
-
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- silent=yes ;;
-
- -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
- ac_prev=sbindir ;;
- -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
- | --sbi=* | --sb=*)
- sbindir="$ac_optarg" ;;
-
- -sharedstatedir | --sharedstatedir | --sharedstatedi \
- | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
- | --sharedst | --shareds | --shared | --share | --shar \
- | --sha | --sh)
- ac_prev=sharedstatedir ;;
- -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
- | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
- | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
- | --sha=* | --sh=*)
- sharedstatedir="$ac_optarg" ;;
-
- -site | --site | --sit)
- ac_prev=site ;;
- -site=* | --site=* | --sit=*)
- site="$ac_optarg" ;;
-
- -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
- ac_prev=srcdir ;;
- -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
- srcdir="$ac_optarg" ;;
-
- -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
- | --syscon | --sysco | --sysc | --sys | --sy)
- ac_prev=sysconfdir ;;
- -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
- | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
- sysconfdir="$ac_optarg" ;;
-
- -target | --target | --targe | --targ | --tar | --ta | --t)
- ac_prev=target ;;
- -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
- target="$ac_optarg" ;;
-
- -v | -verbose | --verbose | --verbos | --verbo | --verb)
- verbose=yes ;;
-
- -version | --version | --versio | --versi | --vers)
- echo "configure generated by autoconf version 2.13"
- exit 0 ;;
-
- -with-* | --with-*)
- ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then
- { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
- fi
- ac_package=`echo $ac_package| sed 's/-/_/g'`
- case "$ac_option" in
- *=*) ;;
- *) ac_optarg=yes ;;
- esac
- eval "with_${ac_package}='$ac_optarg'" ;;
-
- -without-* | --without-*)
- ac_package=`echo $ac_option|sed -e 's/-*without-//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then
- { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
- fi
- ac_package=`echo $ac_package| sed 's/-/_/g'`
- eval "with_${ac_package}=no" ;;
-
- --x)
- # Obsolete; use --with-x.
- with_x=yes ;;
-
- -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
- | --x-incl | --x-inc | --x-in | --x-i)
- ac_prev=x_includes ;;
- -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
- | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
- x_includes="$ac_optarg" ;;
-
- -x-libraries | --x-libraries | --x-librarie | --x-librari \
- | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
- ac_prev=x_libraries ;;
- -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
- | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
- x_libraries="$ac_optarg" ;;
-
- -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
- ;;
-
- *)
- if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
- echo "configure: warning: $ac_option: invalid host type" 1>&2
- fi
- if test "x$nonopt" != xNONE; then
- { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; }
- fi
- nonopt="$ac_option"
- ;;
-
- esac
-done
-
-if test -n "$ac_prev"; then
- { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; }
-fi
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-# File descriptor usage:
-# 0 standard input
-# 1 file creation
-# 2 errors and warnings
-# 3 some systems may open it to /dev/tty
-# 4 used on the Kubota Titan
-# 6 checking for... messages and results
-# 5 compiler messages saved in config.log
-if test "$silent" = yes; then
- exec 6>/dev/null
-else
- exec 6>&1
-fi
-exec 5>./config.log
-
-echo "\
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-" 1>&5
-
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Also quote any args containing shell metacharacters.
-ac_configure_args=
-for ac_arg
-do
- case "$ac_arg" in
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c) ;;
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;;
- *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
- ac_configure_args="$ac_configure_args '$ac_arg'" ;;
- *) ac_configure_args="$ac_configure_args $ac_arg" ;;
- esac
-done
-
-# NLS nuisances.
-# Only set these to C if already set. These must not be set unconditionally
-# because not all systems understand e.g. LANG=C (notably SCO).
-# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
-# Non-C LC_CTYPE values break the ctype check.
-if test "${LANG+set}" = set; then LANG=C; export LANG; fi
-if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
-if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
-if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -rf conftest* confdefs.h
-# AIX cpp loses on an empty file, so make sure it contains at least a newline.
-echo > confdefs.h
-
-# A filename unique to this package, relative to the directory that
-# configure is in, which we can look for to find out if srcdir is correct.
-ac_unique_file=trivial.c
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
- ac_srcdir_defaulted=yes
- # Try the directory containing this script, then its parent.
- ac_prog=$0
- ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'`
- test "x$ac_confdir" = "x$ac_prog" && ac_confdir=.
- srcdir=$ac_confdir
- if test ! -r $srcdir/$ac_unique_file; then
- srcdir=..
- fi
-else
- ac_srcdir_defaulted=no
-fi
-if test ! -r $srcdir/$ac_unique_file; then
- if test "$ac_srcdir_defaulted" = yes; then
- { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; }
- else
- { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; }
- fi
-fi
-srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'`
-
-# Prefer explicitly selected file to automatically selected ones.
-if test -z "$CONFIG_SITE"; then
- if test "x$prefix" != xNONE; then
- CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
- else
- CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
- fi
-fi
-for ac_site_file in $CONFIG_SITE; do
- if test -r "$ac_site_file"; then
- echo "loading site script $ac_site_file"
- . "$ac_site_file"
- fi
-done
-
-if test -r "$cache_file"; then
- echo "loading cache $cache_file"
- . $cache_file
-else
- echo "creating cache $cache_file"
- > $cache_file
-fi
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-ac_exeext=
-ac_objext=o
-if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
- # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu.
- if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
- ac_n= ac_c='
-' ac_t=' '
- else
- ac_n=-n ac_c= ac_t=
- fi
-else
- ac_n= ac_c='\c' ac_t=
-fi
-
-
-
-echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6
-echo "configure:537: checking whether ${MAKE-make} sets \${MAKE}" >&5
-set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftestmake <<\EOF
-all:
- @echo 'ac_maketemp="${MAKE}"'
-EOF
-# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
-eval `${MAKE-make} -f conftestmake 2>/dev/null | grep temp=`
-if test -n "$ac_maketemp"; then
- eval ac_cv_prog_make_${ac_make}_set=yes
-else
- eval ac_cv_prog_make_${ac_make}_set=no
-fi
-rm -f conftestmake
-fi
-if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- SET_MAKE=
-else
- echo "$ac_t""no" 1>&6
- SET_MAKE="MAKE=${MAKE-make}"
-fi
-
-
-# Check whether --with-nspr or --without-nspr was given.
-if test "${with_nspr+set}" = set; then
- withval="$with_nspr"
- case "$withval" in
- no)
- { echo "configure: error: NSPR is required" 1>&2; exit 1; };;
- yes)
- NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir"
- ;;
- *)
- NSPR_INCLUDE="$withval/include"
- NSPR_LIBPATH="$withval/lib"
- ;;
- esac
-else
- NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir"
-
-fi
-
-
-NSPR_CFLAGS="-I$NSPR_INCLUDE"
-NSPR_LDFLAGS="-L$NSPR_LIBPATH -lnspr4 -lplc4 -lplds4"
-
-
-# Check whether --with-nss-dist or --without-nss-dist was given.
-if test "${with_nss_dist+set}" = set; then
- withval="$with_nss_dist"
- case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- { echo "configure: error: You have to specify a path for --with-nss-dist" 1>&2; exit 1; }
- ;;
- *)
- NSS_CFLAGS="-I$withval/private/security -I$withval/public/security"
- nss="1"
- ;;
- esac
-fi
-
-
-# Check whether --with-nss-hdrs or --without-nss-hdrs was given.
-if test "${with_nss_hdrs+set}" = set; then
- withval="$with_nss_hdrs"
- if test "x$nss" != "x"; then
- { echo "configure: error: Only specify --with-nss-hdrs or --with-nss-dist" 1>&2; exit 1; }
- fi
- case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- NSS_CFLAGS="-I$includedir"
- nss="1"
- ;;
- *)
- NSS_CFLAGS="-I$withval"
- nss="1"
- ;;
- esac
-fi
-
-
-# Check whether --with-rsa-hdrs or --without-rsa-hdrs was given.
-if test "${with_rsa_hdrs+set}" = set; then
- withval="$with_rsa_hdrs"
- if test "x$nss" != "x"; then
- { echo "configure: error: Only specify --with-nss-{hdrs" 1>&2; exit 1; }
- fi
- case "$withval" in
- no)
- rsa="0"
- ;;
- yes)
- RSA_INCLUDE="$includedir"
- rsa="1"
- ;;
- *)
- RSA_INCLUDE="$withval"
- rsa="1"
- ;;
- esac
-fi
-
-
-if test "x$nss" = "x"; then
- if test "x$rsa" = "x"; then
- RSA_INCLUDE="$includedir"
- fi
- RSA_CFLAGS="-I$RSA_INCLUDE"
-fi
-
-if test "x$nss" = "x1"; then
- cat >> confdefs.h <<\EOF
-#define WITH_NSS 1
-EOF
-
-fi
-
-
-
-if test "x$rsa" = "x1"; then
- RSA_CFLAGS-"-I$RSA_INCLUDE"
-fi
-
-# Check whether --enable-debug or --disable-debug was given.
-if test "${enable_debug+set}" = set; then
- enableval="$enable_debug"
- case "$enableval" in
- no)
- DEBUG_CFLAGS="";;
- yes)
- DEBUG_CFLAGS="-DDEBUG";;
- *)
- DEBUG_CFLAGS="-DDEBUG";;
- esac
-else
- DEBUG_CFLAGS="-DDEBUG"
-fi
-
-
-# Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:693: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_CC="gcc"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
- echo "$ac_t""$CC" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:723: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_prog_rejected=no
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- break
- fi
- done
- IFS="$ac_save_ifs"
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# -gt 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- set dummy "$ac_dir/$ac_word" "$@"
- shift
- ac_cv_prog_CC="$@"
- fi
-fi
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
- echo "$ac_t""$CC" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
- if test -z "$CC"; then
- case "`uname -s`" in
- *win32* | *WIN32*)
- # Extract the first word of "cl", so it can be a program name with args.
-set dummy cl; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:774: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_CC="cl"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
- echo "$ac_t""$CC" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
- ;;
- esac
- fi
- test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
-fi
-
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:806: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-cat > conftest.$ac_ext << EOF
-
-#line 817 "configure"
-#include "confdefs.h"
-
-main(){return(0);}
-EOF
-if { (eval echo configure:822: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
- ac_cv_prog_cc_works=yes
- # If we can't run a trivial program, we are probably using a cross compiler.
- if (./conftest; exit) 2>/dev/null; then
- ac_cv_prog_cc_cross=no
- else
- ac_cv_prog_cc_cross=yes
- fi
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- ac_cv_prog_cc_works=no
-fi
-rm -fr conftest*
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
-if test $ac_cv_prog_cc_works = no; then
- { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
-fi
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:848: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
-echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:853: checking whether we are using GNU C" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.c <<EOF
-#ifdef __GNUC__
- yes;
-#endif
-EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:862: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
- ac_cv_prog_gcc=yes
-else
- ac_cv_prog_gcc=no
-fi
-fi
-
-echo "$ac_t""$ac_cv_prog_gcc" 1>&6
-
-if test $ac_cv_prog_gcc = yes; then
- GCC=yes
-else
- GCC=
-fi
-
-ac_test_CFLAGS="${CFLAGS+set}"
-ac_save_CFLAGS="$CFLAGS"
-CFLAGS=
-echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:881: checking whether ${CC-cc} accepts -g" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- echo 'void f(){}' > conftest.c
-if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
- ac_cv_prog_cc_g=yes
-else
- ac_cv_prog_cc_g=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$ac_cv_prog_cc_g" 1>&6
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS="$ac_save_CFLAGS"
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-
-echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:913: checking how to run the C preprocessor" >&5
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
- CPP=
-fi
-if test -z "$CPP"; then
-if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- # This must be in double quotes, not single quotes, because CPP may get
- # substituted into the Makefile and "${CC-cc}" will confuse make.
- CPP="${CC-cc} -E"
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp.
- cat > conftest.$ac_ext <<EOF
-#line 928 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:934: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- :
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- CPP="${CC-cc} -E -traditional-cpp"
- cat > conftest.$ac_ext <<EOF
-#line 945 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:951: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- :
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- CPP="${CC-cc} -nologo -E"
- cat > conftest.$ac_ext <<EOF
-#line 962 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:968: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- :
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- CPP=/lib/cpp
-fi
-rm -f conftest*
-fi
-rm -f conftest*
-fi
-rm -f conftest*
- ac_cv_prog_CPP="$CPP"
-fi
- CPP="$ac_cv_prog_CPP"
-else
- ac_cv_prog_CPP="$CPP"
-fi
-echo "$ac_t""$CPP" 1>&6
-
-ac_aux_dir=
-for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
- if test -f $ac_dir/install-sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install-sh -c"
- break
- elif test -f $ac_dir/install.sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install.sh -c"
- break
- fi
-done
-if test -z "$ac_aux_dir"; then
- { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; }
-fi
-ac_config_guess=$ac_aux_dir/config.guess
-ac_config_sub=$ac_aux_dir/config.sub
-ac_configure=$ac_aux_dir/configure # This should be Cygnus configure.
-
-# Find a good install program. We prefer a C program (faster),
-# so one script is as good as another. But avoid the broken or
-# incompatible versions:
-# SysV /etc/install, /usr/sbin/install
-# SunOS /usr/etc/install
-# IRIX /sbin/install
-# AIX /bin/install
-# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
-# AFS /usr/afsws/bin/install, which mishandles nonexistent args
-# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
-# ./install, which can be erroneously created by make from ./install.sh.
-echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:1023: checking for a BSD compatible install" >&5
-if test -z "$INSTALL"; then
-if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- IFS="${IFS= }"; ac_save_IFS="$IFS"; IFS=":"
- for ac_dir in $PATH; do
- # Account for people who put trailing slashes in PATH elements.
- case "$ac_dir/" in
- /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;;
- *)
- # OSF1 and SCO ODT 3.0 have their own names for install.
- # Don't use installbsd from OSF since it installs stuff as root
- # by default.
- for ac_prog in ginstall scoinst install; do
- if test -f $ac_dir/$ac_prog; then
- if test $ac_prog = install &&
- grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then
- # AIX install. It has an incompatible calling convention.
- :
- else
- ac_cv_path_install="$ac_dir/$ac_prog -c"
- break 2
- fi
- fi
- done
- ;;
- esac
- done
- IFS="$ac_save_IFS"
-
-fi
- if test "${ac_cv_path_install+set}" = set; then
- INSTALL="$ac_cv_path_install"
- else
- # As a last resort, use the slow shell script. We don't cache a
- # path for INSTALL within a source directory, because that will
- # break other packages using the cache if that directory is
- # removed, or if the path is relative.
- INSTALL="$ac_install_sh"
- fi
-fi
-echo "$ac_t""$INSTALL" 1>&6
-
-# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
-# It thinks the first close brace ends the variable substitution.
-test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
-
-test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}'
-
-test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-
-# Extract the first word of "ranlib", so it can be a program name with args.
-set dummy ranlib; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1078: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$RANLIB"; then
- ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_RANLIB="ranlib"
- break
- fi
- done
- IFS="$ac_save_ifs"
- test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":"
-fi
-fi
-RANLIB="$ac_cv_prog_RANLIB"
-if test -n "$RANLIB"; then
- echo "$ac_t""$RANLIB" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "ar", so it can be a program name with args.
-set dummy ar; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1108: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_AR'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$AR"; then
- ac_cv_prog_AR="$AR" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_AR="ar"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-AR="$ac_cv_prog_AR"
-if test -n "$AR"; then
- echo "$ac_t""$AR" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "ld", so it can be a program name with args.
-set dummy ld; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1137: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_LD'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$LD"; then
- ac_cv_prog_LD="$LD" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_LD="ld"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-LD="$ac_cv_prog_LD"
-if test -n "$LD"; then
- echo "$ac_t""$LD" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "rm", so it can be a program name with args.
-set dummy rm; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1166: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RM'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$RM"; then
- ac_cv_prog_RM="$RM" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_RM="rm"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-RM="$ac_cv_prog_RM"
-if test -n "$RM"; then
- echo "$ac_t""$RM" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "tar", so it can be a program name with args.
-set dummy tar; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1195: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_TAR'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$TAR"; then
- ac_cv_prog_TAR="$TAR" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_TAR="tar"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-TAR="$ac_cv_prog_TAR"
-if test -n "$TAR"; then
- echo "$ac_t""$TAR" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-
-
-CPPFLAGS="$CFLAGS $NSPR_CFLAGS $NSS_CFLAGS $RSA_CFLAGS $DEBUG_CFLAGS"
-LIBS="$NSPR_LDFLAGS $LIBS"
-
-
-
-echo $ac_n "checking for PR_Init in -lnspr4""... $ac_c" 1>&6
-echo "configure:1229: checking for PR_Init in -lnspr4" >&5
-ac_lib_var=`echo nspr4'_'PR_Init | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- ac_save_LIBS="$LIBS"
-LIBS="-lnspr4 $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 1237 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error. */
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char PR_Init();
-
-int main() {
-PR_Init()
-; return 0; }
-EOF
-if { (eval echo configure:1248: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
- rm -rf conftest*
- eval "ac_cv_lib_$ac_lib_var=yes"
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_lib=HAVE_LIB`echo nspr4 | sed -e 's/[^a-zA-Z0-9_]/_/g' \
- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
- LIBS="-lnspr4 $LIBS"
-
-else
- echo "$ac_t""no" 1>&6
-fi
-
-
-for ac_hdr in nspr.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1280: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1285 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1290: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=yes"
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-
-
-if test "x$nss" = "x1"; then
- for ac_hdr in ck.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1323: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1328 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1333: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=yes"
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-fi
-
-if test "x$rsa" = "x1"; then
- for ac_hdr in pkcs11t.h pkcs11.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1366: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1371 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1376: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=yes"
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-fi
-
-
-
-echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:1407: checking for working const" >&5
-if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1412 "configure"
-#include "confdefs.h"
-
-int main() {
-
-/* Ultrix mips cc rejects this. */
-typedef int charset[2]; const charset x;
-/* SunOS 4.1.1 cc rejects this. */
-char const *const *ccp;
-char **p;
-/* NEC SVR4.0.2 mips cc rejects this. */
-struct point {int x, y;};
-static struct point const zero = {0,0};
-/* AIX XL C 1.02.0.0 rejects this.
- It does not let you subtract one const X* pointer from another in an arm
- of an if-expression whose if-part is not a constant expression */
-const char *g = "string";
-ccp = &g + (g ? g-g : 0);
-/* HPUX 7.0 cc rejects these. */
-++ccp;
-p = (char**) ccp;
-ccp = (char const *const *) p;
-{ /* SCO 3.2v4 cc rejects this. */
- char *t;
- char const *s = 0 ? (char *) 0 : (char const *) 0;
-
- *t++ = 0;
-}
-{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */
- int x[] = {25, 17};
- const int *foo = &x[0];
- ++foo;
-}
-{ /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
- typedef const int *iptr;
- iptr p = 0;
- ++p;
-}
-{ /* AIX XL C 1.02.0.0 rejects this saying
- "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
- struct s { int j; const int *ap[3]; };
- struct s *b; b->j = 5;
-}
-{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
- const int foo = 10;
-}
-
-; return 0; }
-EOF
-if { (eval echo configure:1461: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
- rm -rf conftest*
- ac_cv_c_const=yes
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- ac_cv_c_const=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_c_const" 1>&6
-if test $ac_cv_c_const = no; then
- cat >> confdefs.h <<\EOF
-#define const
-EOF
-
-fi
-
-
-
-for ac_func in memset strlen
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:1486: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1491 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func(); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:1514: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
- rm -rf conftest*
- eval "ac_cv_func_$ac_func=yes"
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-
-trap '' 1 2 15
-cat > confcache <<\EOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs. It is not useful on other systems.
-# If it contains results you don't want to keep, you may remove or edit it.
-#
-# By default, configure uses ./config.cache as the cache file,
-# creating it if it does not exist already. You can give configure
-# the --cache-file=FILE option to use a different cache file; that is
-# what configure does when it calls configure scripts in
-# subdirectories, so they share the cache.
-# Giving --cache-file=/dev/null disables caching, for debugging configure.
-# config.status only pays attention to the cache file if you give it the
-# --recheck option to rerun configure.
-#
-EOF
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, don't put newlines in cache variables' values.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(set) 2>&1 |
- case `(ac_space=' '; set | grep ac_space) 2>&1` in
- *ac_space=\ *)
- # `set' does not quote correctly, so add quotes (double-quote substitution
- # turns \\\\ into \\, and sed turns \\ into \).
- sed -n \
- -e "s/'/'\\\\''/g" \
- -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p"
- ;;
- *)
- # `set' quotes correctly as required by POSIX, so do not add quotes.
- sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p'
- ;;
- esac >> confcache
-if cmp -s $cache_file confcache; then
- :
-else
- if test -w $cache_file; then
- echo "updating cache $cache_file"
- cat confcache > $cache_file
- else
- echo "not updating unwritable cache $cache_file"
- fi
-fi
-rm -f confcache
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-# Any assignment to VPATH causes Sun make to only execute
-# the first set of double-colon rules, so remove it if not needed.
-# If there is a colon in the path, we need to keep it.
-if test "x$srcdir" = x.; then
- ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d'
-fi
-
-trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15
-
-DEFS=-DHAVE_CONFIG_H
-
-# Without the "./", some shells look in PATH for config.status.
-: ${CONFIG_STATUS=./config.status}
-
-echo creating $CONFIG_STATUS
-rm -f $CONFIG_STATUS
-cat > $CONFIG_STATUS <<EOF
-#! /bin/sh
-# Generated automatically by configure.
-# Run this file to recreate the current configuration.
-# This directory was configured as follows,
-# on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
-#
-# $0 $ac_configure_args
-#
-# Compiler output produced by configure, useful for debugging
-# configure, is in ./config.log if it exists.
-
-ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]"
-for ac_option
-do
- case "\$ac_option" in
- -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
- echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion"
- exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;;
- -version | --version | --versio | --versi | --vers | --ver | --ve | --v)
- echo "$CONFIG_STATUS generated by autoconf version 2.13"
- exit 0 ;;
- -help | --help | --hel | --he | --h)
- echo "\$ac_cs_usage"; exit 0 ;;
- *) echo "\$ac_cs_usage"; exit 1 ;;
- esac
-done
-
-ac_given_srcdir=$srcdir
-ac_given_INSTALL="$INSTALL"
-
-trap 'rm -fr `echo "Makefile config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-# Protect against being on the right side of a sed subst in config.status.
-sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
- s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
-$ac_vpsub
-$extrasub
-s%@SHELL@%$SHELL%g
-s%@CFLAGS@%$CFLAGS%g
-s%@CPPFLAGS@%$CPPFLAGS%g
-s%@CXXFLAGS@%$CXXFLAGS%g
-s%@FFLAGS@%$FFLAGS%g
-s%@DEFS@%$DEFS%g
-s%@LDFLAGS@%$LDFLAGS%g
-s%@LIBS@%$LIBS%g
-s%@exec_prefix@%$exec_prefix%g
-s%@prefix@%$prefix%g
-s%@program_transform_name@%$program_transform_name%g
-s%@bindir@%$bindir%g
-s%@sbindir@%$sbindir%g
-s%@libexecdir@%$libexecdir%g
-s%@datadir@%$datadir%g
-s%@sysconfdir@%$sysconfdir%g
-s%@sharedstatedir@%$sharedstatedir%g
-s%@localstatedir@%$localstatedir%g
-s%@libdir@%$libdir%g
-s%@includedir@%$includedir%g
-s%@oldincludedir@%$oldincludedir%g
-s%@infodir@%$infodir%g
-s%@mandir@%$mandir%g
-s%@SET_MAKE@%$SET_MAKE%g
-s%@WITH_NSS@%$WITH_NSS%g
-s%@CC@%$CC%g
-s%@CPP@%$CPP%g
-s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
-s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g
-s%@INSTALL_DATA@%$INSTALL_DATA%g
-s%@RANLIB@%$RANLIB%g
-s%@AR@%$AR%g
-s%@LD@%$LD%g
-s%@RM@%$RM%g
-s%@TAR@%$TAR%g
-s%@CC INSTALL RANLIB AR LD RM TAR@%$CC INSTALL RANLIB AR LD RM TAR%g
-s%@HAVE_NSPR_H@%$HAVE_NSPR_H%g
-s%@HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H@%$HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H%g
-s%@const@%$const%g
-s%@HAVE_MEMSET HAVE_STRLEN@%$HAVE_MEMSET HAVE_STRLEN%g
-
-CEOF
-EOF
-
-cat >> $CONFIG_STATUS <<\EOF
-
-# Split the substitutions into bite-sized pieces for seds with
-# small command number limits, like on Digital OSF/1 and HP-UX.
-ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script.
-ac_file=1 # Number of current file.
-ac_beg=1 # First line for current file.
-ac_end=$ac_max_sed_cmds # Line after last line for current file.
-ac_more_lines=:
-ac_sed_cmds=""
-while $ac_more_lines; do
- if test $ac_beg -gt 1; then
- sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file
- else
- sed "${ac_end}q" conftest.subs > conftest.s$ac_file
- fi
- if test ! -s conftest.s$ac_file; then
- ac_more_lines=false
- rm -f conftest.s$ac_file
- else
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds="sed -f conftest.s$ac_file"
- else
- ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file"
- fi
- ac_file=`expr $ac_file + 1`
- ac_beg=$ac_end
- ac_end=`expr $ac_end + $ac_max_sed_cmds`
- fi
-done
-if test -z "$ac_sed_cmds"; then
- ac_sed_cmds=cat
-fi
-EOF
-
-cat >> $CONFIG_STATUS <<EOF
-
-CONFIG_FILES=\${CONFIG_FILES-"Makefile"}
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case "$ac_file" in
- *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
- ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
- *) ac_file_in="${ac_file}.in" ;;
- esac
-
- # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories.
-
- # Remove last slash and all that follows it. Not all systems have dirname.
- ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
- if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
- # The file is in a subdirectory.
- test ! -d "$ac_dir" && mkdir "$ac_dir"
- ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`"
- # A "../" for each directory in $ac_dir_suffix.
- ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'`
- else
- ac_dir_suffix= ac_dots=
- fi
-
- case "$ac_given_srcdir" in
- .) srcdir=.
- if test -z "$ac_dots"; then top_srcdir=.
- else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
- /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
- *) # Relative path.
- srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
- top_srcdir="$ac_dots$ac_given_srcdir" ;;
- esac
-
- case "$ac_given_INSTALL" in
- [/$]*) INSTALL="$ac_given_INSTALL" ;;
- *) INSTALL="$ac_dots$ac_given_INSTALL" ;;
- esac
-
- echo creating "$ac_file"
- rm -f "$ac_file"
- configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
- case "$ac_file" in
- *Makefile*) ac_comsub="1i\\
-# $configure_input" ;;
- *) ac_comsub= ;;
- esac
-
- ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
- sed -e "$ac_comsub
-s%@configure_input@%$configure_input%g
-s%@srcdir@%$srcdir%g
-s%@top_srcdir@%$top_srcdir%g
-s%@INSTALL@%$INSTALL%g
-" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file
-fi; done
-rm -f conftest.s*
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)'
-ac_dB='\([ ][ ]*\)[^ ]*%\1#\2'
-ac_dC='\3'
-ac_dD='%g'
-# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE".
-ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_uB='\([ ]\)%\1#\2define\3'
-ac_uC=' '
-ac_uD='\4%g'
-# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_eB='$%\1#\2define\3'
-ac_eC=' '
-ac_eD='%g'
-
-if test "${CONFIG_HEADERS+set}" != set; then
-EOF
-cat >> $CONFIG_STATUS <<EOF
- CONFIG_HEADERS="config.h"
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-fi
-for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case "$ac_file" in
- *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
- ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
- *) ac_file_in="${ac_file}.in" ;;
- esac
-
- echo creating $ac_file
-
- rm -f conftest.frag conftest.in conftest.out
- ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
- cat $ac_file_inputs > conftest.in
-
-EOF
-
-# Transform confdefs.h into a sed script conftest.vals that substitutes
-# the proper values into config.h.in to produce config.h. And first:
-# Protect against being on the right side of a sed subst in config.status.
-# Protect against being in an unquoted here document in config.status.
-rm -f conftest.vals
-cat > conftest.hdr <<\EOF
-s/[\\&%]/\\&/g
-s%[\\$`]%\\&%g
-s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp
-s%ac_d%ac_u%gp
-s%ac_u%ac_e%gp
-EOF
-sed -n -f conftest.hdr confdefs.h > conftest.vals
-rm -f conftest.hdr
-
-# This sed command replaces #undef with comments. This is necessary, for
-# example, in the case of _POSIX_SOURCE, which is predefined and required
-# on some systems where configure will not decide to define it.
-cat >> conftest.vals <<\EOF
-s%^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */%
-EOF
-
-# Break up conftest.vals because some shells have a limit on
-# the size of here documents, and old seds have small limits too.
-
-rm -f conftest.tail
-while :
-do
- ac_lines=`grep -c . conftest.vals`
- # grep -c gives empty output for an empty file on some AIX systems.
- if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi
- # Write a limited-size here document to conftest.frag.
- echo ' cat > conftest.frag <<CEOF' >> $CONFIG_STATUS
- sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS
- echo 'CEOF
- sed -f conftest.frag conftest.in > conftest.out
- rm -f conftest.in
- mv conftest.out conftest.in
-' >> $CONFIG_STATUS
- sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail
- rm -f conftest.vals
- mv conftest.tail conftest.vals
-done
-rm -f conftest.vals
-
-cat >> $CONFIG_STATUS <<\EOF
- rm -f conftest.frag conftest.h
- echo "/* $ac_file. Generated automatically by configure. */" > conftest.h
- cat conftest.in >> conftest.h
- rm -f conftest.in
- if cmp -s $ac_file conftest.h 2>/dev/null; then
- echo "$ac_file is unchanged"
- rm -f conftest.h
- else
- # Remove last slash and all that follows it. Not all systems have dirname.
- ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
- if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
- # The file is in a subdirectory.
- test ! -d "$ac_dir" && mkdir "$ac_dir"
- fi
- rm -f $ac_file
- mv conftest.h $ac_file
- fi
-fi; done
-
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-echo timestamp > stamp-h
-exit 0
-EOF
-chmod +x $CONFIG_STATUS
-rm -fr confdefs* $ac_clean_files
-test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/configure.in b/security/nss/tests/pkcs11/netscape/trivial/configure.in
deleted file mode 100644
index 76374882e..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/configure.in
+++ /dev/null
@@ -1,180 +0,0 @@
-dnl
-dnl The contents of this file are subject to the Mozilla Public
-dnl License Version 1.1 (the "License"); you may not use this file
-dnl except in compliance with the License. You may obtain a copy of
-dnl the License at http://www.mozilla.org/MPL/
-dnl
-dnl Software distributed under the License is distributed on an "AS
-dnl IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-dnl implied. See the License for the specific language governing
-dnl rights and limitations under the License.
-dnl
-dnl The Original Code is a trivial PKCS#11 test program.
-dnl
-dnl The Initial Developer of the Original Code is Netscape
-dnl Communications Corp. Portions created by Netscape are
-dnl Copyright (C) 2000. All Rights Reserved.
-dnl
-dnl Contributor(s):
-dnl
-dnl Alternatively, the contents of this file may be used under the
-dnl terms of the GNU General Public License Version 2 or later (the
-dnl "GPL"), in which case the provisions of the GPL are applicable
-dnl instead of those above. If you wish to allow use of your
-dnl version of this file only under the terms of the GPL and not to
-dnl allow others to use your version of this file under the MPL,
-dnl indicate your decision by deleting the provisions above and
-dnl replace them with the notice and other provisions required by
-dnl the GPL. If you do not delete the provisions above, a recipient
-dnl may use your version of this file under either the MPL or the
-dnl GPL.
-dnl
-
-dnl My revision info: "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-dnl Don't use AC_REVISION; it's broken
-
-AC_INIT(trivial.c)
-AC_CONFIG_HEADER(config.h)
-AC_PROG_MAKE_SET
-
-AC_ARG_WITH(nspr, [ --with-nspr[=path] specify location of NSPR],
-[ case "$withval" in
- no)
- AC_MSG_ERROR(NSPR is required);;
- yes)
- NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir"
- ;;
- *)
- NSPR_INCLUDE="$withval/include"
- NSPR_LIBPATH="$withval/lib"
- ;;
- esac ],
-[ NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir" ]
-)
-
-NSPR_CFLAGS="-I$NSPR_INCLUDE"
-NSPR_LDFLAGS="-L$NSPR_LIBPATH -lnspr4 -lplc4 -lplds4"
-
-dnl This isn't optimum, but the mozilla build system and autoconf don't really mesh well..
-
-AC_ARG_WITH(nss-dist, [ --with-nss-dist[=path] specify path to NSS dist directory],
-[ case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- AC_MSG_ERROR(You have to specify a path for --with-nss-dist)
- ;;
- *)
- NSS_CFLAGS="-I$withval/private/security -I$withval/public/security"
- nss="1"
- ;;
- esac ])
-
-AC_ARG_WITH(nss-hdrs, [ --with-nss-hdrs[=path] or, specify path to installed NSS headers],
-[ if test "x$nss" != "x"; then
- AC_MSG_ERROR(Only specify --with-nss-hdrs or --with-nss-dist, not both)
- fi
- case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- NSS_CFLAGS="-I$includedir"
- nss="1"
- ;;
- *)
- NSS_CFLAGS="-I$withval"
- nss="1"
- ;;
- esac ])
-
-AC_ARG_WITH(rsa-hdrs, [ --with-rsa-hdrs[=path] if not using NSS, specify path to RSA headers],
-[ if test "x$nss" != "x"; then
- AC_MSG_ERROR(Only specify --with-nss-{hdrs,dist} or --with-rsa-hdrs, not both)
- fi
- case "$withval" in
- no)
- rsa="0"
- ;;
- yes)
- RSA_INCLUDE="$includedir"
- rsa="1"
- ;;
- *)
- RSA_INCLUDE="$withval"
- rsa="1"
- ;;
- esac ])
-
-if test "x$nss" = "x"; then
- if test "x$rsa" = "x"; then
- RSA_INCLUDE="$includedir"
- fi
- RSA_CFLAGS="-I$RSA_INCLUDE"
-fi
-
-if test "x$nss" = "x1"; then
- AC_DEFINE(WITH_NSS,1)
-fi
-
-AC_SUBST(WITH_NSS)
-
-if test "x$rsa" = "x1"; then
- RSA_CFLAGS-"-I$RSA_INCLUDE"
-fi
-
-AC_ARG_ENABLE(debug, [ --disable-debug default is enabled],
-[ case "$enableval" in
- no)
- DEBUG_CFLAGS="";;
- yes)
- DEBUG_CFLAGS="-DDEBUG";;
- *)
- DEBUG_CFLAGS="-DDEBUG";;
- esac ], DEBUG_CFLAGS="-DDEBUG")
-
-dnl Checks for programs.
-AC_PROG_CC
-AC_PROG_CPP
-AC_PROG_INSTALL
-AC_PROG_RANLIB
-AC_CHECK_PROG(AR, ar, ar)
-AC_CHECK_PROG(LD, ld, ld)
-AC_CHECK_PROG(RM, rm, rm)
-AC_CHECK_PROG(TAR, tar, tar)
-AC_SUBST(CC INSTALL RANLIB AR LD RM TAR)
-
-CPPFLAGS="$CFLAGS $NSPR_CFLAGS $NSS_CFLAGS $RSA_CFLAGS $DEBUG_CFLAGS"
-LIBS="$NSPR_LDFLAGS $LIBS"
-
-AC_SUBST(CFLAGS)
-
-dnl Checks for libraries.
-AC_CHECK_LIB(nspr4, PR_Init)
-
-dnl Checks for header files.
-AC_CHECK_HEADERS(nspr.h)
-AC_SUBST(HAVE_NSPR_H)
-
-if test "x$nss" = "x1"; then
- AC_CHECK_HEADERS(ck.h)
-fi
-
-if test "x$rsa" = "x1"; then
- AC_CHECK_HEADERS(pkcs11t.h pkcs11.h)
-fi
-
-AC_SUBST(HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H)
-
-dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_SUBST(const)
-
-AC_CHECK_FUNCS(memset strlen)
-AC_SUBST(HAVE_MEMSET HAVE_STRLEN)
-AC_OUTPUT(Makefile, [echo timestamp > stamp-h])
diff --git a/security/nss/tests/pkcs11/netscape/trivial/install-sh b/security/nss/tests/pkcs11/netscape/trivial/install-sh
deleted file mode 100755
index e9de23842..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/install-sh
+++ /dev/null
@@ -1,251 +0,0 @@
-#!/bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
-#
-# Copyright 1991 by the Massachusetts Institute of Technology
-#
-# Permission to use, copy, modify, distribute, and sell this software and its
-# documentation for any purpose is hereby granted without fee, provided that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission. M.I.T. makes no representations about the
-# suitability of this software for any purpose. It is provided "as is"
-# without express or implied warranty.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch. It can only install one file at a time, a restriction
-# shared with many OS's install programs.
-
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
- case $1 in
- -c) instcmd="$cpprog"
- shift
- continue;;
-
- -d) dir_arg=true
- shift
- continue;;
-
- -m) chmodcmd="$chmodprog $2"
- shift
- shift
- continue;;
-
- -o) chowncmd="$chownprog $2"
- shift
- shift
- continue;;
-
- -g) chgrpcmd="$chgrpprog $2"
- shift
- shift
- continue;;
-
- -s) stripcmd="$stripprog"
- shift
- continue;;
-
- -t=*) transformarg=`echo $1 | sed 's/-t=//'`
- shift
- continue;;
-
- -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
- shift
- continue;;
-
- *) if [ x"$src" = x ]
- then
- src=$1
- else
- # this colon is to work around a 386BSD /bin/sh bug
- :
- dst=$1
- fi
- shift
- continue;;
- esac
-done
-
-if [ x"$src" = x ]
-then
- echo "install: no input file specified"
- exit 1
-else
- true
-fi
-
-if [ x"$dir_arg" != x ]; then
- dst=$src
- src=""
-
- if [ -d $dst ]; then
- instcmd=:
- chmodcmd=""
- else
- instcmd=mkdir
- fi
-else
-
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad
-# if $src (and thus $dsttmp) contains '*'.
-
- if [ -f $src -o -d $src ]
- then
- true
- else
- echo "install: $src does not exist"
- exit 1
- fi
-
- if [ x"$dst" = x ]
- then
- echo "install: no destination specified"
- exit 1
- else
- true
- fi
-
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
- if [ -d $dst ]
- then
- dst="$dst"/`basename $src`
- else
- true
- fi
-fi
-
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
-
-# Make sure that the destination directory exists.
-# this part is taken from Noah Friedman's mkinstalldirs script
-
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='
-'
-IFS="${IFS-${defaultIFS}}"
-
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
-IFS="${oIFS}"
-
-pathcomp=''
-
-while [ $# -ne 0 ] ; do
- pathcomp="${pathcomp}${1}"
- shift
-
- if [ ! -d "${pathcomp}" ] ;
- then
- $mkdirprog "${pathcomp}"
- else
- true
- fi
-
- pathcomp="${pathcomp}/"
-done
-fi
-
-if [ x"$dir_arg" != x ]
-then
- $doit $instcmd $dst &&
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
- if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
-else
-
-# If we're going to rename the final executable, determine the name now.
-
- if [ x"$transformarg" = x ]
- then
- dstfile=`basename $dst`
- else
- dstfile=`basename $dst $transformbasename |
- sed $transformarg`$transformbasename
- fi
-
-# don't allow the sed command to completely eliminate the filename
-
- if [ x"$dstfile" = x ]
- then
- dstfile=`basename $dst`
- else
- true
- fi
-
-# Make a temp file name in the proper directory.
-
- dsttmp=$dstdir/#inst.$$#
-
-# Move or copy the file name to the temp name
-
- $doit $instcmd $src $dsttmp &&
-
- trap "rm -f ${dsttmp}" 0 &&
-
-# and set any options; do chmod last to preserve setuid bits
-
-# If any of these fail, we abort the whole thing. If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
- if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
-
-# Now rename the file to the real destination.
-
- $doit $rmcmd -f $dstdir/$dstfile &&
- $doit $mvcmd $dsttmp $dstdir/$dstfile
-
-fi &&
-
-
-exit 0
diff --git a/security/nss/tests/pkcs11/netscape/trivial/trivial.c b/security/nss/tests/pkcs11/netscape/trivial/trivial.c
deleted file mode 100644
index ea9ceb596..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/trivial.c
+++ /dev/null
@@ -1,1313 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a trivial PKCS#11 test program.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * This is a very trivial program I wrote for testing out a
- * couple data-only Cryptoki modules for NSS. It's not a "real"
- * test program that prints out nice "PASS" or "FAIL" messages;
- * it just makes calls and dumps data.
- */
-
-#include "config.h"
-
-#ifdef HAVE_NSPR_H
-#include "nspr.h"
-#else
-#error "NSPR is required."
-#endif
-
-#ifdef WITH_NSS
-#define FGMR 1
-#include "ck.h"
-#else
-#include "pkcs11t.h"
-#include "pkcs11.h"
-#endif
-
-/* The RSA versions are sloppier with namespaces */
-#ifndef CK_TRUE
-#define CK_TRUE TRUE
-#endif
-
-#ifndef CK_FALSE
-#define CK_FALSE FALSE
-#endif
-
-int
-rmain
-(
- int argc,
- char *argv[]
-);
-
-int
-main
-(
- int argc,
- char *argv[]
-)
-{
- int rv = 0;
-
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 14);
- rv = rmain(argc, argv);
- PR_Cleanup();
-
- return rv;
-}
-
-static CK_ATTRIBUTE_TYPE all_known_attribute_types[] = {
- CKA_CLASS,
- CKA_TOKEN,
- CKA_PRIVATE,
- CKA_LABEL,
- CKA_APPLICATION,
- CKA_VALUE,
- CKA_CERTIFICATE_TYPE,
- CKA_ISSUER,
- CKA_SERIAL_NUMBER,
- CKA_KEY_TYPE,
- CKA_SUBJECT,
- CKA_ID,
- CKA_SENSITIVE,
- CKA_ENCRYPT,
- CKA_DECRYPT,
- CKA_WRAP,
- CKA_UNWRAP,
- CKA_SIGN,
- CKA_SIGN_RECOVER,
- CKA_VERIFY,
- CKA_VERIFY_RECOVER,
- CKA_DERIVE,
- CKA_START_DATE,
- CKA_END_DATE,
- CKA_MODULUS,
- CKA_MODULUS_BITS,
- CKA_PUBLIC_EXPONENT,
- CKA_PRIVATE_EXPONENT,
- CKA_PRIME_1,
- CKA_PRIME_2,
- CKA_EXPONENT_1,
- CKA_EXPONENT_2,
- CKA_COEFFICIENT,
- CKA_PRIME,
- CKA_SUBPRIME,
- CKA_BASE,
- CKA_VALUE_BITS,
- CKA_VALUE_LEN,
- CKA_EXTRACTABLE,
- CKA_LOCAL,
- CKA_NEVER_EXTRACTABLE,
- CKA_ALWAYS_SENSITIVE,
- CKA_MODIFIABLE,
-#ifdef CKA_NETSCAPE
- CKA_NETSCAPE_URL,
- CKA_NETSCAPE_EMAIL,
- CKA_NETSCAPE_SMIME_INFO,
- CKA_NETSCAPE_SMIME_TIMESTAMP,
- CKA_NETSCAPE_PKCS8_SALT,
- CKA_NETSCAPE_PASSWORD_CHECK,
- CKA_NETSCAPE_EXPIRES,
-#endif /* CKA_NETSCAPE */
-#ifdef CKA_TRUST
- CKA_TRUST_DIGITAL_SIGNATURE,
- CKA_TRUST_NON_REPUDIATION,
- CKA_TRUST_KEY_ENCIPHERMENT,
- CKA_TRUST_DATA_ENCIPHERMENT,
- CKA_TRUST_KEY_AGREEMENT,
- CKA_TRUST_KEY_CERT_SIGN,
- CKA_TRUST_CRL_SIGN,
- CKA_TRUST_SERVER_AUTH,
- CKA_TRUST_CLIENT_AUTH,
- CKA_TRUST_CODE_SIGNING,
- CKA_TRUST_EMAIL_PROTECTION,
- CKA_TRUST_IPSEC_END_SYSTEM,
- CKA_TRUST_IPSEC_TUNNEL,
- CKA_TRUST_IPSEC_USER,
- CKA_TRUST_TIME_STAMPING,
-#endif /* CKA_TRUST */
-};
-
-static number_of_all_known_attribute_types =
- (sizeof(all_known_attribute_types)/sizeof(all_known_attribute_types[0]));
-
-int
-usage
-(
- char *argv0
-)
-{
- PR_fprintf(PR_STDERR, "Usage: %s [-i {string|--}] <library>.so\n", argv0);
- return 1;
-}
-
-int
-rmain
-(
- int argc,
- char *argv[]
-)
-{
- char *argv0 = argv[0];
- PRLibrary *lib;
- CK_C_GetFunctionList gfl;
- CK_FUNCTION_LIST_PTR epv = (CK_FUNCTION_LIST_PTR)NULL;
- CK_RV ck_rv;
- CK_INFO info;
- CK_ULONG nSlots;
- CK_SLOT_ID *pSlots;
- CK_ULONG i;
- CK_C_INITIALIZE_ARGS ia, *iap;
-
- (void)memset(&ia, 0, sizeof(CK_C_INITIALIZE_ARGS));
- iap = (CK_C_INITIALIZE_ARGS *)NULL;
- while( argv++, --argc ) {
- if( '-' == argv[0][0] ) {
- switch( argv[0][1] ) {
- case 'i':
- iap = &ia;
- if( ((char *)NULL != argv[1]) && ('-' != argv[1][0]) ) {
-#ifdef WITH_NSS
- ia.pConfig = argv[1];
- ia.ulConfigLen = strlen(argv[1]);
- argv++, --argc;
-#else
- return usage(argv0);
-#endif /* WITH_NSS */
- }
- break;
- case '-':
- argv++, --argc;
- goto endargs;
- default:
- return usage(argv0);
- }
- } else {
- break;
- }
- }
- endargs:;
-
- if( 1 != argc ) {
- return usage(argv0);
- }
-
- lib = PR_LoadLibrary(argv[0]);
- if( (PRLibrary *)NULL == lib ) {
- PR_fprintf(PR_STDERR, "Can't load %s: %ld, %ld\n", argv[1], PR_GetError(), PR_GetOSError());
- return 1;
- }
-
- gfl = (CK_C_GetFunctionList)PR_FindSymbol(lib, "C_GetFunctionList");
- if( (CK_C_GetFunctionList)NULL == gfl ) {
- PR_fprintf(PR_STDERR, "Can't find C_GetFunctionList in %s: %ld, %ld\n", argv[1],
- PR_GetError(), PR_GetOSError());
- return 1;
- }
-
- ck_rv = (*gfl)(&epv);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "CK_GetFunctionList returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, "Module %s loaded, epv = 0x%08x.\n\n", argv[1], (CK_ULONG)epv);
-
- /* C_Initialize */
- ck_rv = epv->C_Initialize(iap);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_Initialize returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- /* C_GetInfo */
- (void)memset(&info, 0, sizeof(CK_INFO));
- ck_rv = epv->C_GetInfo(&info);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetInfo returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, "Module Info:\n");
- PR_fprintf(PR_STDOUT, " cryptokiVersion = %lu.%02lu\n",
- (PRUint32)info.cryptokiVersion.major, (PRUint32)info.cryptokiVersion.minor);
- PR_fprintf(PR_STDOUT, " manufacturerID = \"%.32s\"\n", info.manufacturerID);
- PR_fprintf(PR_STDOUT, " flags = 0x%08lx\n", info.flags);
- PR_fprintf(PR_STDOUT, " libraryDescription = \"%.32s\"\n", info.libraryDescription);
- PR_fprintf(PR_STDOUT, " libraryVersion = %lu.%02lu\n",
- (PRUint32)info.libraryVersion.major, (PRUint32)info.libraryVersion.minor);
- PR_fprintf(PR_STDOUT, "\n");
-
- /* C_GetSlotList */
- nSlots = 0;
- ck_rv = epv->C_GetSlotList(CK_FALSE, (CK_SLOT_ID_PTR)CK_NULL_PTR, &nSlots);
- switch( ck_rv ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_OK:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetSlotList(FALSE, NULL, ) returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, "There are %lu slots.\n", nSlots);
-
- pSlots = (CK_SLOT_ID_PTR)PR_Calloc(nSlots, sizeof(CK_SLOT_ID));
- if( (CK_SLOT_ID_PTR)NULL == pSlots ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", nSlots * sizeof(CK_SLOT_ID));
- return 1;
- }
-
- ck_rv = epv->C_GetSlotList(CK_FALSE, pSlots, &nSlots);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetSlotList(FALSE, , ) returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- for( i = 0; i < nSlots; i++ ) {
- PR_fprintf(PR_STDOUT, " [%lu]: CK_SLOT_ID = %lu\n", (i+1), pSlots[i]);
- }
-
- PR_fprintf(PR_STDOUT, "\n");
-
- /* C_GetSlotInfo */
- for( i = 0; i < nSlots; i++ ) {
- CK_SLOT_INFO sinfo;
-
- PR_fprintf(PR_STDOUT, "[%lu]: CK_SLOT_ID = %lu\n", (i+1), pSlots[i]);
-
- (void)memset(&sinfo, 0, sizeof(CK_SLOT_INFO));
- ck_rv = epv->C_GetSlotInfo(pSlots[i], &sinfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetSlotInfo(%lu, ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Slot Info:\n");
- PR_fprintf(PR_STDOUT, " slotDescription = \"%.64s\"\n", sinfo.slotDescription);
- PR_fprintf(PR_STDOUT, " manufacturerID = \"%.32s\"\n", sinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, " flags = 0x%08lx\n", sinfo.flags);
- PR_fprintf(PR_STDOUT, " -> TOKEN PRESENT = %s\n",
- sinfo.flags & CKF_TOKEN_PRESENT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> REMOVABLE DEVICE = %s\n",
- sinfo.flags & CKF_REMOVABLE_DEVICE ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> HW SLOT = %s\n",
- sinfo.flags & CKF_HW_SLOT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " hardwareVersion = %lu.%02lu\n",
- (PRUint32)sinfo.hardwareVersion.major, (PRUint32)sinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, " firmwareVersion = %lu.%02lu\n",
- (PRUint32)sinfo.firmwareVersion.major, (PRUint32)sinfo.firmwareVersion.minor);
-
- if( sinfo.flags & CKF_TOKEN_PRESENT ) {
- CK_TOKEN_INFO tinfo;
- CK_MECHANISM_TYPE *pMechanismList;
- CK_ULONG nMechanisms = 0;
- CK_ULONG j;
-
- (void)memset(&tinfo, 0, sizeof(CK_TOKEN_INFO));
- ck_rv = epv->C_GetTokenInfo(pSlots[i], &tinfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetTokenInfo(%lu, ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Token Info:\n");
- PR_fprintf(PR_STDOUT, " label = \"%.32s\"\n", tinfo.label);
- PR_fprintf(PR_STDOUT, " manufacturerID = \"%.32s\"\n", tinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, " model = \"%.16s\"\n", tinfo.model);
- PR_fprintf(PR_STDOUT, " serialNumber = \"%.16s\"\n", tinfo.serialNumber);
- PR_fprintf(PR_STDOUT, " flags = 0x%08lx\n", tinfo.flags);
- PR_fprintf(PR_STDOUT, " -> RNG = %s\n",
- tinfo.flags & CKF_RNG ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> WRITE PROTECTED = %s\n",
- tinfo.flags & CKF_WRITE_PROTECTED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> LOGIN REQUIRED = %s\n",
- tinfo.flags & CKF_LOGIN_REQUIRED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> USER PIN INITIALIZED = %s\n",
- tinfo.flags & CKF_USER_PIN_INITIALIZED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> RESTORE KEY NOT NEEDED = %s\n",
- tinfo.flags & CKF_RESTORE_KEY_NOT_NEEDED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> CLOCK ON TOKEN = %s\n",
- tinfo.flags & CKF_CLOCK_ON_TOKEN ? "TRUE" : "FALSE");
-#ifdef CKF_SUPPORTS_PARALLEL
- PR_fprintf(PR_STDOUT, " -> SUPPORTS PARALLEL = %s\n",
- tinfo.flags & CKF_SUPPORTS_PARALLEL ? "TRUE" : "FALSE");
-#endif /* CKF_SUPPORTS_PARALLEL */
- PR_fprintf(PR_STDOUT, " -> PROTECTED AUTHENTICATION PATH = %s\n",
- tinfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DUAL_CRYPTO_OPERATIONS = %s\n",
- tinfo.flags & CKF_DUAL_CRYPTO_OPERATIONS ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " ulMaxSessionCount = %lu\n", tinfo.ulMaxSessionCount);
- PR_fprintf(PR_STDOUT, " ulSessionCount = %lu\n", tinfo.ulSessionCount);
- PR_fprintf(PR_STDOUT, " ulMaxRwSessionCount = %lu\n", tinfo.ulMaxRwSessionCount);
- PR_fprintf(PR_STDOUT, " ulRwSessionCount = %lu\n", tinfo.ulRwSessionCount);
- PR_fprintf(PR_STDOUT, " ulMaxPinLen = %lu\n", tinfo.ulMaxPinLen);
- PR_fprintf(PR_STDOUT, " ulMinPinLen = %lu\n", tinfo.ulMinPinLen);
- PR_fprintf(PR_STDOUT, " ulTotalPublicMemory = %lu\n", tinfo.ulTotalPublicMemory);
- PR_fprintf(PR_STDOUT, " ulFreePublicMemory = %lu\n", tinfo.ulFreePublicMemory);
- PR_fprintf(PR_STDOUT, " ulTotalPrivateMemory = %lu\n", tinfo.ulTotalPrivateMemory);
- PR_fprintf(PR_STDOUT, " ulFreePrivateMemory = %lu\n", tinfo.ulFreePrivateMemory);
- PR_fprintf(PR_STDOUT, " hardwareVersion = %lu.%02lu\n",
- (PRUint32)tinfo.hardwareVersion.major, (PRUint32)tinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, " firmwareVersion = %lu.%02lu\n",
- (PRUint32)tinfo.firmwareVersion.major, (PRUint32)tinfo.firmwareVersion.minor);
- PR_fprintf(PR_STDOUT, " utcTime = \"%.16s\"\n", tinfo.utcTime);
-
-
- ck_rv = epv->C_GetMechanismList(pSlots[i], (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR, &nMechanisms);
- switch( ck_rv ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_OK:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetMechanismList(%lu, NULL, ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " %lu mechanisms:\n", nMechanisms);
-
- pMechanismList = (CK_MECHANISM_TYPE_PTR)PR_Calloc(nMechanisms, sizeof(CK_MECHANISM_TYPE));
- if( (CK_MECHANISM_TYPE_PTR)NULL == pMechanismList ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n",
- nMechanisms * sizeof(CK_MECHANISM_TYPE));
- return 1;
- }
-
- ck_rv = epv->C_GetMechanismList(pSlots[i], pMechanismList, &nMechanisms);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetMechanismList(%lu, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- for( j = 0; j < nMechanisms; j++ ) {
- PR_fprintf(PR_STDOUT, " {%lu}: CK_MECHANISM_TYPE = %lu\n", (j+1), pMechanismList[j]);
- }
-
- PR_fprintf(PR_STDOUT, "\n");
-
- for( j = 0; j < nMechanisms; j++ ) {
- CK_MECHANISM_INFO minfo;
-
- (void)memset(&minfo, 0, sizeof(CK_MECHANISM_INFO));
- ck_rv = epv->C_GetMechanismInfo(pSlots[i], pMechanismList[j], &minfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetMechanismInfo(%lu, %lu, ) returned 0x%08x\n", pSlots[i],
- pMechanismList[j]);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " [%lu]: CK_MECHANISM_TYPE = %lu\n", (j+1), pMechanismList[j]);
- PR_fprintf(PR_STDOUT, " ulMinKeySize = %lu\n", minfo.ulMinKeySize);
- PR_fprintf(PR_STDOUT, " ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
- PR_fprintf(PR_STDOUT, " flags = 0x%08x\n", minfo.flags);
- PR_fprintf(PR_STDOUT, " -> HW = %s\n", minfo.flags & CKF_HW ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> SIGN = %s\n", minfo.flags & CKF_SIGN ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> SIGN_RECOVER = %s\n", minfo.flags & CKF_SIGN_RECOVER ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> VERIFY_RECOVER = %s\n", minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> GENERATE_KEY_PAIR = %s\n", minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> WRAP = %s\n", minfo.flags & CKF_WRAP ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? "TRUE" : "FALSE");
-
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- if( tinfo.flags & CKF_LOGIN_REQUIRED ) {
- PR_fprintf(PR_STDERR, "*** LOGIN REQUIRED but not yet implemented ***\n");
- /* all the stuff about logging in as SO and setting the user pin if needed, etc. */
- return 2;
- }
-
- /* session to find objects */
- {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_SESSION_INFO sinfo;
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG tnObjects = 0;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- (void)memset(&sinfo, 0, sizeof(CK_SESSION_INFO));
- ck_rv = epv->C_GetSessionInfo(h, &sinfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDOUT, "C_GetSessionInfo(%lu, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " SESSION INFO:\n");
- PR_fprintf(PR_STDOUT, " slotID = %lu\n", sinfo.slotID);
- PR_fprintf(PR_STDOUT, " state = %lu\n", sinfo.state);
- PR_fprintf(PR_STDOUT, " flags = 0x%08x\n", sinfo.flags);
-#ifdef CKF_EXCLUSIVE_SESSION
- PR_fprintf(PR_STDOUT, " -> EXCLUSIVE SESSION = %s\n", sinfo.flags & CKF_EXCLUSIVE_SESSION ? "TRUE" : "FALSE");
-#endif /* CKF_EXCLUSIVE_SESSION */
- PR_fprintf(PR_STDOUT, " -> RW SESSION = %s\n", sinfo.flags & CKF_RW_SESSION ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> SERIAL SESSION = %s\n", sinfo.flags & CKF_SERIAL_SESSION ? "TRUE" : "FALSE");
-#ifdef CKF_INSERTION_CALLBACK
- PR_fprintf(PR_STDOUT, " -> INSERTION CALLBACK = %s\n", sinfo.flags & CKF_INSERTION_CALLBACK ? "TRUE" : "FALSE");
-#endif /* CKF_INSERTION_CALLBACK */
- PR_fprintf(PR_STDOUT, " ulDeviceError = %lu\n", sinfo.ulDeviceError);
- PR_fprintf(PR_STDOUT, "\n");
-
- ck_rv = epv->C_FindObjectsInit(h, (CK_ATTRIBUTE_PTR)CK_NULL_PTR, 0);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDOUT, "C_FindObjectsInit(%lu, NULL_PTR, 0) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- pTemplate = (CK_ATTRIBUTE_PTR)PR_Calloc(number_of_all_known_attribute_types, sizeof(CK_ATTRIBUTE));
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n",
- number_of_all_known_attribute_types * sizeof(CK_ATTRIBUTE));
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " All objects:\n");
-
- while(1) {
- CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
- CK_ULONG nObjects = 0;
- CK_ULONG k;
- CK_ULONG nAttributes = 0;
- CK_ATTRIBUTE_PTR pT2;
- CK_ULONG l;
-
- ck_rv = epv->C_FindObjects(h, &o, 1, &nObjects);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu, , 1, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- if( 0 == nObjects ) {
- PR_fprintf(PR_STDOUT, "\n");
- break;
- }
-
- tnObjects++;
-
- PR_fprintf(PR_STDOUT, " OBJECT HANDLE %lu:\n", o);
-
- for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
- pTemplate[k].type = all_known_attribute_types[k];
- pTemplate[k].pValue = (CK_VOID_PTR)CK_NULL_PTR;
- pTemplate[k].ulValueLen = 0;
- }
-
- ck_rv = epv->C_GetAttributeValue(h, o, pTemplate, number_of_all_known_attribute_types);
- switch( ck_rv ) {
- case CKR_OK:
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, {all attribute types}, %lu) returned 0x%08x\n",
- h, o, number_of_all_known_attribute_types, ck_rv);
- return 1;
- }
-
- for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
- if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
- nAttributes++;
- }
- }
-
- if( 1 ) {
- PR_fprintf(PR_STDOUT, " %lu attributes:\n", nAttributes);
- for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
- if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
- PR_fprintf(PR_STDOUT, " 0x%08x (len = %lu)\n", pTemplate[k].type,
- pTemplate[k].ulValueLen);
- }
- }
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- pT2 = (CK_ATTRIBUTE_PTR)PR_Calloc(nAttributes, sizeof(CK_ATTRIBUTE));
- if( (CK_ATTRIBUTE_PTR)NULL == pT2 ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n",
- nAttributes * sizeof(CK_ATTRIBUTE));
- return 1;
- }
-
- for( l = 0, k = 0; k < number_of_all_known_attribute_types; k++ ) {
- if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
- pT2[l].type = pTemplate[k].type;
- pT2[l].ulValueLen = pTemplate[k].ulValueLen;
- pT2[l].pValue = (CK_VOID_PTR)PR_Malloc(pT2[l].ulValueLen);
- if( (CK_VOID_PTR)NULL == pT2[l].pValue ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", pT2[l].ulValueLen);
- return 1;
- }
- l++;
- }
- }
-
- PR_ASSERT( l == nAttributes );
-
- ck_rv = epv->C_GetAttributeValue(h, o, pT2, nAttributes);
- switch( ck_rv ) {
- case CKR_OK:
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, {existant attribute types}, %lu) returned 0x%08x\n",
- h, o, nAttributes, ck_rv);
- return 1;
- }
-
- for( l = 0; l < nAttributes; l++ ) {
- PR_fprintf(PR_STDOUT, " type = 0x%08x, len = %ld", pT2[l].type, (CK_LONG)pT2[l].ulValueLen);
- if( -1 == (CK_LONG)pT2[l].ulValueLen ) {
- ;
- } else {
- CK_ULONG m;
-
- if( pT2[l].ulValueLen <= 8 ) {
- PR_fprintf(PR_STDOUT, ", value = ");
- } else {
- PR_fprintf(PR_STDOUT, ", value = \n ");
- }
-
- for( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
- PR_fprintf(PR_STDOUT, "%02x", (CK_ULONG)(0xff & ((CK_CHAR_PTR)pT2[l].pValue)[m]));
- }
-
- PR_fprintf(PR_STDOUT, " ");
-
- for( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
- CK_CHAR c = ((CK_CHAR_PTR)pT2[l].pValue)[m];
- if( (c < 0x20) || (c >= 0x7f) ) {
- c = '.';
- }
- PR_fprintf(PR_STDOUT, "%c", c);
- }
- }
-
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- PR_fprintf(PR_STDOUT, "\n");
-
- for( l = 0; l < nAttributes; l++ ) {
- PR_Free(pT2[l].pValue);
- }
- PR_Free(pT2);
- } /* while(1) */
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " (%lu objects total)\n", tnObjects);
-
- ck_rv = epv->C_CloseSession(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CloseSession(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
- } /* session to find objects */
-
- /* session to create, find, and delete a couple session objects */
- {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_ATTRIBUTE one[7], two[7], three[7], delta[1], mask[1];
- CK_OBJECT_CLASS cko_data = CKO_DATA;
- CK_BBOOL false = CK_FALSE, true = CK_TRUE;
- char *key = "TEST PROGRAM";
- CK_ULONG key_len = strlen(key);
- CK_OBJECT_HANDLE hOneIn = (CK_OBJECT_HANDLE)0, hTwoIn = (CK_OBJECT_HANDLE)0,
- hThreeIn = (CK_OBJECT_HANDLE)0, hDeltaIn = (CK_OBJECT_HANDLE)0;
- CK_OBJECT_HANDLE found[10];
- CK_ULONG nFound;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- one[0].type = CKA_CLASS;
- one[0].pValue = &cko_data;
- one[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- one[1].type = CKA_TOKEN;
- one[1].pValue = &false;
- one[1].ulValueLen = sizeof(CK_BBOOL);
- one[2].type = CKA_PRIVATE;
- one[2].pValue = &false;
- one[2].ulValueLen = sizeof(CK_BBOOL);
- one[3].type = CKA_MODIFIABLE;
- one[3].pValue = &true;
- one[3].ulValueLen = sizeof(CK_BBOOL);
- one[4].type = CKA_LABEL;
- one[4].pValue = "Test data object one";
- one[4].ulValueLen = strlen(one[4].pValue);
- one[5].type = CKA_APPLICATION;
- one[5].pValue = key;
- one[5].ulValueLen = key_len;
- one[6].type = CKA_VALUE;
- one[6].pValue = "Object one";
- one[6].ulValueLen = strlen(one[6].pValue);
-
- two[0].type = CKA_CLASS;
- two[0].pValue = &cko_data;
- two[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- two[1].type = CKA_TOKEN;
- two[1].pValue = &false;
- two[1].ulValueLen = sizeof(CK_BBOOL);
- two[2].type = CKA_PRIVATE;
- two[2].pValue = &false;
- two[2].ulValueLen = sizeof(CK_BBOOL);
- two[3].type = CKA_MODIFIABLE;
- two[3].pValue = &true;
- two[3].ulValueLen = sizeof(CK_BBOOL);
- two[4].type = CKA_LABEL;
- two[4].pValue = "Test data object two";
- two[4].ulValueLen = strlen(two[4].pValue);
- two[5].type = CKA_APPLICATION;
- two[5].pValue = key;
- two[5].ulValueLen = key_len;
- two[6].type = CKA_VALUE;
- two[6].pValue = "Object two";
- two[6].ulValueLen = strlen(two[6].pValue);
-
- three[0].type = CKA_CLASS;
- three[0].pValue = &cko_data;
- three[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- three[1].type = CKA_TOKEN;
- three[1].pValue = &false;
- three[1].ulValueLen = sizeof(CK_BBOOL);
- three[2].type = CKA_PRIVATE;
- three[2].pValue = &false;
- three[2].ulValueLen = sizeof(CK_BBOOL);
- three[3].type = CKA_MODIFIABLE;
- three[3].pValue = &true;
- three[3].ulValueLen = sizeof(CK_BBOOL);
- three[4].type = CKA_LABEL;
- three[4].pValue = "Test data object three";
- three[4].ulValueLen = strlen(three[4].pValue);
- three[5].type = CKA_APPLICATION;
- three[5].pValue = key;
- three[5].ulValueLen = key_len;
- three[6].type = CKA_VALUE;
- three[6].pValue = "Object three";
- three[6].ulValueLen = strlen(three[6].pValue);
-
- ck_rv = epv->C_CreateObject(h, one, 7, &hOneIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, one, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object one: handle = %lu\n", hOneIn);
-
- ck_rv = epv->C_CreateObject(h, two, 7, &hTwoIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, two, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object two: handle = %lu\n", hTwoIn);
-
- ck_rv = epv->C_CreateObject(h, three, 7, &hThreeIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, three, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object three: handle = %lu\n", hThreeIn);
-
- delta[0].type = CKA_VALUE;
- delta[0].pValue = "Copied object";
- delta[0].ulValueLen = strlen(delta[0].pValue);
-
- ck_rv = epv->C_CopyObject(h, hThreeIn, delta, 1, &hDeltaIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CopyObject(%lu, %lu, delta, 1, ) returned 0x%08x\n",
- h, hThreeIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Copied object three: new handle = %lu\n", hDeltaIn);
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 4 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 4.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 4 objects: %lu, %lu, %lu, %lu\n",
- found[0], found[1], found[2], found[3]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- ck_rv = epv->C_DestroyObject(h, hThreeIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, hThreeIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Destroyed object three (handle = %lu)\n", hThreeIn);
-
- delta[0].type = CKA_APPLICATION;
- delta[0].pValue = "Changed application";
- delta[0].ulValueLen = strlen(delta[0].pValue);
-
- ck_rv = epv->C_SetAttributeValue(h, hTwoIn, delta, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n",
- h, hTwoIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Changed object two (handle = %lu).\n", hTwoIn);
-
- /* Can another session find these session objects? */
- {
- CK_SESSION_HANDLE h2 = (CK_SESSION_HANDLE)0;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a second session: handle = 0x%08x\n", h2);
-
- /* mask is still the same */
-
- ck_rv = epv->C_FindObjectsInit(h2, mask, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n",
- h2, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h2, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h2, ck_rv);
- return 1;
- }
-
- if( 2 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
-
- ck_rv = epv->C_FindObjectsFinal(h2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h2, ck_rv);
- return 1;
- }
-
- /* Leave the session hanging open, we'll CloseAllSessions later */
- } /* Can another session find these session objects? */
-
- ck_rv = epv->C_CloseAllSessions(pSlots[i]);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CloseAllSessions(%lu) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
- } /* session to create, find, and delete a couple session objects */
-
- /* Might be interesting to do a find here to verify that all session objects are gone. */
-
- if( tinfo.flags & CKF_WRITE_PROTECTED ) {
- PR_fprintf(PR_STDOUT, "Token is write protected, skipping token-object tests.\n");
- } else {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_ATTRIBUTE tobj[7], tsobj[7], stobj[7], delta[1], mask[2];
- CK_OBJECT_CLASS cko_data = CKO_DATA;
- CK_BBOOL false = CK_FALSE, true = CK_TRUE;
- char *key = "TEST PROGRAM";
- CK_ULONG key_len = strlen(key);
- CK_OBJECT_HANDLE hTIn = (CK_OBJECT_HANDLE)0, hTSIn = (CK_OBJECT_HANDLE)0,
- hSTIn = (CK_OBJECT_HANDLE)0, hDeltaIn = (CK_OBJECT_HANDLE)0;
- CK_OBJECT_HANDLE found[10];
- CK_ULONG nFound;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- tobj[0].type = CKA_CLASS;
- tobj[0].pValue = &cko_data;
- tobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- tobj[1].type = CKA_TOKEN;
- tobj[1].pValue = &true;
- tobj[1].ulValueLen = sizeof(CK_BBOOL);
- tobj[2].type = CKA_PRIVATE;
- tobj[2].pValue = &false;
- tobj[2].ulValueLen = sizeof(CK_BBOOL);
- tobj[3].type = CKA_MODIFIABLE;
- tobj[3].pValue = &true;
- tobj[3].ulValueLen = sizeof(CK_BBOOL);
- tobj[4].type = CKA_LABEL;
- tobj[4].pValue = "Test data object token";
- tobj[4].ulValueLen = strlen(tobj[4].pValue);
- tobj[5].type = CKA_APPLICATION;
- tobj[5].pValue = key;
- tobj[5].ulValueLen = key_len;
- tobj[6].type = CKA_VALUE;
- tobj[6].pValue = "Object token";
- tobj[6].ulValueLen = strlen(tobj[6].pValue);
-
- tsobj[0].type = CKA_CLASS;
- tsobj[0].pValue = &cko_data;
- tsobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- tsobj[1].type = CKA_TOKEN;
- tsobj[1].pValue = &true;
- tsobj[1].ulValueLen = sizeof(CK_BBOOL);
- tsobj[2].type = CKA_PRIVATE;
- tsobj[2].pValue = &false;
- tsobj[2].ulValueLen = sizeof(CK_BBOOL);
- tsobj[3].type = CKA_MODIFIABLE;
- tsobj[3].pValue = &true;
- tsobj[3].ulValueLen = sizeof(CK_BBOOL);
- tsobj[4].type = CKA_LABEL;
- tsobj[4].pValue = "Test data object token->session";
- tsobj[4].ulValueLen = strlen(tsobj[4].pValue);
- tsobj[5].type = CKA_APPLICATION;
- tsobj[5].pValue = key;
- tsobj[5].ulValueLen = key_len;
- tsobj[6].type = CKA_VALUE;
- tsobj[6].pValue = "Object token->session";
- tsobj[6].ulValueLen = strlen(tsobj[6].pValue);
-
- stobj[0].type = CKA_CLASS;
- stobj[0].pValue = &cko_data;
- stobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- stobj[1].type = CKA_TOKEN;
- stobj[1].pValue = &false;
- stobj[1].ulValueLen = sizeof(CK_BBOOL);
- stobj[2].type = CKA_PRIVATE;
- stobj[2].pValue = &false;
- stobj[2].ulValueLen = sizeof(CK_BBOOL);
- stobj[3].type = CKA_MODIFIABLE;
- stobj[3].pValue = &true;
- stobj[3].ulValueLen = sizeof(CK_BBOOL);
- stobj[4].type = CKA_LABEL;
- stobj[4].pValue = "Test data object session->token";
- stobj[4].ulValueLen = strlen(stobj[4].pValue);
- stobj[5].type = CKA_APPLICATION;
- stobj[5].pValue = key;
- stobj[5].ulValueLen = key_len;
- stobj[6].type = CKA_VALUE;
- stobj[6].pValue = "Object session->token";
- stobj[6].ulValueLen = strlen(stobj[6].pValue);
-
- ck_rv = epv->C_CreateObject(h, tobj, 7, &hTIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object token: handle = %lu\n", hTIn);
-
- ck_rv = epv->C_CreateObject(h, tsobj, 7, &hTSIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object token->session: handle = %lu\n", hTSIn);
- ck_rv = epv->C_CreateObject(h, stobj, 7, &hSTIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object session->token: handle = %lu\n", hSTIn);
-
- /* I've created two token objects and one session object; find the two */
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
- mask[1].type = CKA_TOKEN;
- mask[1].pValue = &true;
- mask[1].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 2 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- /* Convert a token to session object */
-
- delta[0].type = CKA_TOKEN;
- delta[0].pValue = &false;
- delta[0].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_SetAttributeValue(h, hTSIn, delta, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n",
- h, hTSIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Changed object from token to session (handle = %lu).\n", hTSIn);
-
- /* Now find again; there should be one */
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
- mask[1].type = CKA_TOKEN;
- mask[1].pValue = &true;
- mask[1].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 1 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 1.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 1 objects: %lu\n",
- found[0]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- /* Convert a session to a token object */
-
- delta[0].type = CKA_TOKEN;
- delta[0].pValue = &true;
- delta[0].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_SetAttributeValue(h, hSTIn, delta, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n",
- h, hSTIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Changed object from session to token (handle = %lu).\n", hSTIn);
-
- /* Now find again; there should be two again */
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
- mask[1].type = CKA_TOKEN;
- mask[1].pValue = &true;
- mask[1].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 2 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- /* Delete the two (found) token objects to clean up */
-
- ck_rv = epv->C_DestroyObject(h, found[0]);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, found[0], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Destroyed token object (handle = %lu)\n", found[0]);
-
- ck_rv = epv->C_DestroyObject(h, found[1]);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, found[1], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Destroyed token object (handle = %lu)\n", found[1]);
-
- /* Close the session and all objects should be gone */
-
- ck_rv = epv->C_CloseSession(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CloseSession(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
- } /* if( tinfo.flags & CKF_WRITE_PROTECTED ) */
-
- if( tinfo.flags & CKF_WRITE_PROTECTED ) {
- PR_fprintf(PR_STDOUT, "Token is write protected, skipping leaving a record.\n");
- } else {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_ATTRIBUTE record[7], mask[2];
- CK_OBJECT_CLASS cko_data = CKO_DATA;
- CK_BBOOL false = CK_FALSE, true = CK_TRUE;
- char *key = "TEST RECORD";
- CK_ULONG key_len = strlen(key);
- CK_OBJECT_HANDLE hin = (CK_OBJECT_HANDLE)0;
- char timebuffer[256];
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- /* I can't believe how hard NSPR makes this operation */
- {
- time_t now = 0;
- struct tm *tm;
- time(&now);
- tm = localtime(&now);
- strftime(timebuffer, sizeof(timebuffer), "%Y-%m-%d %T %Z", tm);
- }
-
- record[0].type = CKA_CLASS;
- record[0].pValue = &cko_data;
- record[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- record[1].type = CKA_TOKEN;
- record[1].pValue = &true;
- record[1].ulValueLen = sizeof(CK_BBOOL);
- record[2].type = CKA_PRIVATE;
- record[2].pValue = &false;
- record[2].ulValueLen = sizeof(CK_BBOOL);
- record[3].type = CKA_MODIFIABLE;
- record[3].pValue = &true;
- record[3].ulValueLen = sizeof(CK_BBOOL);
- record[4].type = CKA_LABEL;
- record[4].pValue = "Test record";
- record[4].ulValueLen = strlen(record[4].pValue);
- record[5].type = CKA_APPLICATION;
- record[5].pValue = key;
- record[5].ulValueLen = key_len;
- record[6].type = CKA_VALUE;
- record[6].pValue = timebuffer;
- record[6].ulValueLen = strlen(timebuffer)+1;
-
- PR_fprintf(PR_STDOUT, " Timestamping with \"%s\"\n", timebuffer);
-
- ck_rv = epv->C_CreateObject(h, record, 7, &hin);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created record object: handle = %lu\n", hin);
-
- PR_fprintf(PR_STDOUT, " == All test timestamps ==\n");
-
- mask[0].type = CKA_CLASS;
- mask[0].pValue = &cko_data;
- mask[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- mask[1].type = CKA_APPLICATION;
- mask[1].pValue = key;
- mask[1].ulValueLen = key_len;
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- while( 1 ) {
- CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
- CK_ULONG nObjects = 0;
- CK_ATTRIBUTE value[1];
- char buffer[1024];
-
- ck_rv = epv->C_FindObjects(h, &o, 1, &nObjects);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu, , 1, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- if( 0 == nObjects ) {
- PR_fprintf(PR_STDOUT, "\n");
- break;
- }
-
- value[0].type = CKA_VALUE;
- value[0].pValue = buffer;
- value[0].ulValueLen = sizeof(buffer);
-
- ck_rv = epv->C_GetAttributeValue(h, o, value, 1);
- switch( ck_rv ) {
- case CKR_OK:
- PR_fprintf(PR_STDOUT, " %s\n", value[0].pValue);
- break;
- case CKR_ATTRIBUTE_SENSITIVE:
- PR_fprintf(PR_STDOUT, " [Sensitive???]\n");
- break;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- PR_fprintf(PR_STDOUT, " [Invalid attribute???]\n");
- break;
- case CKR_BUFFER_TOO_SMALL:
- PR_fprintf(PR_STDOUT, " (result > 1k (%lu))\n", value[0].ulValueLen);
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, CKA_VALUE, 1) returned 0x%08x\n",
- h, o);
- return 1;
- }
- } /* while */
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
- } /* "leaving a record" else clause */
-
- }
-
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- return 0;
-}
diff --git a/security/nss/tests/platformlist b/security/nss/tests/platformlist
deleted file mode 100644
index ee3b5261e..000000000
--- a/security/nss/tests/platformlist
+++ /dev/null
@@ -1,13 +0,0 @@
-AIX_3_64_bit
-HP-UX_B.11.00_64_bit
-OSF1_V5.0
-RH_Linux_6.2_(Zoot)
-RH_Linux_7.1_(Seawolf)
-SunOS_5.6
-SunOS_5.8_32_bit
-SunOS_5.8_64_bit
-Windows-2000
-Windows-NT-4.0
-SunOS_5.8_i86pc
-SunOS_5.9_i86pc
-
diff --git a/security/nss/tests/platformlist.tbx b/security/nss/tests/platformlist.tbx
deleted file mode 100644
index 435284cff..000000000
--- a/security/nss/tests/platformlist.tbx
+++ /dev/null
@@ -1,14 +0,0 @@
-AIX_3_32_bit AIX4.3_DBG.OBJ AIX4.3_OPT.OBJ
-AIX_3_64_bit AIX4.3_DBG.OBJ AIX4.3_OPT.OBJ AIX4.3_64_DBG.OBJ AIX4.3_64_OPT.OBJ
-HP-UX_B.11.00_32_bit HP-UXB.11.00_DBG.OBJ HP-UXB.11.00_OPT.OBJ
-HP-UX_B.11.00_64_bit HP-UXB.11.00_DBG.OBJ HP-UXB.11.00_OPT.OBJ
-OSF1_V4.0 OSF1V4.0D_DBG.OBJ OSF1V4.0D_OPT.OBJ
-OSF1_V5.0 OSF1V5.0_DBG.OBJ OSF1V5.0_OPT.OBJ
-RH_Linux_6.2_(Zoot) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-RH_Linux_6.1_(Cartman) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-RH_Linux_6.0_(Hedwig) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-SunOS_5.6 SunOS5.6_DBG.OBJ SunOS5.6_OPT.OBJ
-SunOS_5.8_32_bit
-SunOS_5.8_64_bit
-Windows-2000 WINNT5.0_DBG.OBJ WINNT5.0_OPT.OBJ WIN954.0_DBG.OBJ WIN954.0_OPT.OBJ
-Windows-NT-4.0 WIN954.0_DBG.OBJ WIN954.0_OPT.OBJ WINNT4.0_DBG.OBJ WINNT4.0_OPT.OBJ
diff --git a/security/nss/tests/qa_stage b/security/nss/tests/qa_stage
deleted file mode 100755
index f0960c845..000000000
--- a/security/nss/tests/qa_stage
+++ /dev/null
@@ -1,336 +0,0 @@
-#! /bin/sh
-########################################################################
-#
-# /u/sonmi/bin/qa_stage - /u/svbld/bin/init/nss/qa_stage
-#
-# this script is supposed to convert the tinderbox and daily QA files
-# for use on mozilla.org
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, tip)
-# builddate (default - today)
-#
-########################################################################
-
-if [ -z "$BUILDNUMBER" ]
-then
- BUILDNUMBER=1
-fi
-if [ `uname` = "Linux" ] ; then
- PATH=".:/u/sonmi/bin:/u/sonmi/bin/linux:/usr/bsd:/usr/ucb/:/bin:/usr/bin:/usr/ccs/bin:/usr/sbin:/usr/bin/X11:/usr/etc:/etc:/usr/demos:/usr/demos/bin:/usr/local/bin:/usr/local/X11/bin:/tools/ns/bin"
- export PATH
-fi
-
-Echo()
-{
- if [ "$O_SILENT" = "OFF" ] ; then
- echo $*
- fi
-}
-
-################################### qa_stage_init ##########################
-#
-########################################################################
-qa_stage_init()
-{
- umask 000
-
- eval_opts $*
-
- if [ -z "${QAYEAR}" ] ; then
- QAYEAR=`date +%Y`
- elif [ "$QAYEAR" = "" ] ; then
- QAYEAR=`date +%Y`
- fi
-
- Echo "Init..."
- DAYBUILD=${QAYEAR}${BUILDDATE}.${BUILDNUMBER}
- NSS_D0=/share/builds/mccrel3/nss
- NSS_VER_DIR=${NSS_D0}/nss${NSSVER}
- NTDIST=${NSS_VER_DIR}/builds/${DAYBUILD}/blowfish_NT4.0_Win95/mozilla/dist
- UXDIST=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/dist
- TESTSCRIPTDIR=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/security/nss/tests
- RESULTDIR=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/tests_results/security
- TBX_RESULTDIR=${NSS_D0}/nsstip/tinderbox/tests_results/security
-
- MOZ_D0=/pub/security/nss
- MOZ_RESULTDIR=${MOZ_D0}/daily_qa/${DAYBUILD}
- MOZ_TBX_RESULTDIR=${MOZ_D0}/tinderbox
-
- export BUILDDATE NSSVER QAYEAR NTDIST UXDIST TESTSCRIPTDIR RESULTDIR
-
-
- IPLANET_TBX_URL="http://cindercone.red.iplanet.com${TBX_RESULTDIR}"
- IPLANET_DQA_URL="http://cindercone.red.iplanet.com${RESULTDIR}"
-
- MOZ_TBX_URL="ftp://ftp.mozilla.org${MOZ_TBX_RESULTDIR}"
- MOZ_DQA_URL="ftp://ftp.mozilla.org${MOZ_RESULTDIR}"
-
- export IPLANET_TBX_URL IPLANET_DQA_URL MOZ_TBX_URL MOZ_DQA_URL
- STAGE_1=/u/sonmi/tmp/ftp_stage
-
- if [ ! -d $STAGE_1 ] ; then
- Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
- exit 1
- fi
- cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
- rm all.tar* 2>/dev/null
- TBX_STAGE=$STAGE_1/tinderbox
- DQA_STAGE=$STAGE_1/daily_qa/${DAYBUILD}
- Echo "Staging area tbx: $TBX_STAGE"
- Echo "Staging area daily QA (DQA): $DQA_STAGE"
- Echo "Resultdir (sourcedir) for daily QA (RESULTDIR): $RESULTDIR"
-}
-
-################################### qa_stage_dqa ##########################
-#
-########################################################################
-qa_stage_dqa()
-{
- Echo "DQA:..."
- Echo "Resultdir (sourcedir) for daily QA (RESULTDIR): $RESULTDIR"
-#set -x
- if [ ! -d $RESULTDIR ] ; then
- Echo "Resultdir $RESULTDIR does not exist, can't push daily QA"
- return
- fi
- cd $RESULTDIR || return
- #for w in `find . -name "result*html"`
- for w in `find . -name "result.html"`
- do
- if [ ! -d $DQA_STAGE/`dirname $w` ] ; then
- mkdir -p $DQA_STAGE/`dirname $w`
- fi
- rm $DQA_STAGE/$w 2>/dev/null
- cat $w | reformat_qa >$DQA_STAGE/$w
- done
- for w in `find . -name "output.log" -o -name "results.html"`
- do
-#echo $w
- if [ ! -d $DQA_STAGE/`dirname $w` ] ; then
- mkdir -p $DQA_STAGE/`dirname $w`
- fi
- cp $w $DQA_STAGE/$w
- done
-}
-
-
-################################### qa_stage_tbx ##########################
-#
-########################################################################
-qa_stage_tbx()
-{
- Echo "tbx: "
- if [ ! -d $TBX_RESULTDIR ] ; then
- Echo "TBX_RESULTDIR $TBX_RESULTDIR does not exist"
- return
- fi
- cd $TBX_RESULTDIR || return
- Echo "find from $TBX_FIND_FROM"
- for w in `find $TBX_FIND_FROM -name "result.html"`
- do
- if [ ! -d "$TBX_STAGE/`dirname $w`" ] ; then
- mkdir -p $TBX_STAGE/`dirname $w`
- fi
- rm $TBX_STAGE/$w 2>/dev/null
- cat $w | reformat_qa >$TBX_STAGE/$w
- done
- for w in `find $TBX_FIND_FROM -name "output.log" -o -name "results.html"`
- do
- if [ ! -d $TBX_STAGE/`dirname $w` ] ; then
- mkdir -p $TBX_STAGE/`dirname $w`
- fi
- cp $w $TBX_STAGE/$w
- done
-}
-
-match_tbxdirs()
-{
- YY=`date +%Y`
- DD=`date +%d`
- MM=`date +%m`
- HH=`date +%H`
-
- TBX_FIND_FROM="*-$YY$MM$DD-$HH.*"
- i=$1
- while [ $i -gt 0 ] ; do
- i=`expr $i - 1`
- HH=`expr $HH - 1`
- if [ $HH -lt 0 ] ; then
- HH=23
- DD=`expr $DD - 1`
- if [ $DD -eq 0 ] ; then
- MM=`expr $MM - 1`
- case $MM in
- 0)
- YY=`expr $YY - 1`
- MM=12
- DD=31
- ;;
- [13578]|10|12)
- DD=31
- ;;
- 2)
- DD=28
- ;;
- [469]|11)
- DD=30
- ;;
- esac
- fi
- fi
- case $MM in
- [123456789])
- MM=0$MM
- ;;
- esac
- case $DD in
- [123456789])
- DD=0$DD
- ;;
- esac
- case $HH in
- [0123456789])
- HH=0$HH
- ;;
- esac
- TBX_FIND_FROM="$TBX_FIND_FROM *-$YY$MM$DD-$HH.*"
- done
-}
-
-################################### eval_opts ##########################
-# global shell function, evapuates options and parameters, sets flags
-# variables and defaults
-########################################################################
-eval_opts()
-{
- DO_TBX=OFF
- DO_DQA=OFF
- DO_CLEAN=OFF
- O_SILENT=OFF
- O_INCREMENTAL=OFF
- O_MAIL=OFF
- BUILDDATE=`date +%m%d`
- NSSVER=tip
-
- TBX_FIND_FROM="."
-
- while [ -n "$1" ]
- do
- case $1 in
- -d)
- DO_DQA=ON
- ;;
- -m)
- O_MAIL=ON
- shift
- MAILINGLIST=$1
- if [ -z "$MAILINGLIST" ]
- then
- echo "Error: -m requires a mailinglist to follow, for example sonmi@iplanet.com"
- exit
- fi
- ;;
- -ti)
- DO_TBX=ON
- match_tbxdirs 2
- O_INCREMENTAL=ON
- ;;
- -t)
- DO_TBX=ON
- ;;
- -c)
- DO_CLEAN=ON
- ;;
- -s)
- O_SILENT=ON
- ;;
-
- tip|3[0-9]*)
- NSSVER=$1
- ;;
- [01][0-9][0-3][0-9])
- BUILDDATE=$1
- ;;
- esac
- shift
- done
-}
-
-qa_stage_init $*
-
-if [ "$DO_CLEAN" = "ON" ] ; then
- Echo "Cleaning old stuff"
- if [ ! -d $STAGE_1 ] ; then
- Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
- exit 1
- fi
- cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
- if [ -n "$TBX_STAGE" -a -d "$TBX_STAGE" ] ; then
- rm -rf $TBX_STAGE/*
- else
- Echo "nothing here to clean..."
- fi
-fi
-if [ "$DO_DQA" = "ON" ] ; then
- qa_stage_dqa
- if [ "$O_MAIL" = "ON" -a -f "$DQA_STAGE/result.html" ] ; then
- cat $DQA_STAGE/result.html | /usr/sbin/sendmail $MAILINGLIST
- fi
-fi
-if [ "$DO_TBX" = "ON" ] ; then
- qa_stage_tbx
-fi
-if [ ! -d $STAGE_1 ] ; then
- Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
- exit 1
-fi
-cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
-Echo "tar..."
-if [ "$O_SILENT" = "ON" ] ; then
- TARPARAM=cf
-else
- TARPARAM=cvf
-fi
-
-
-if [ "$DO_DQA" = "ON" -a "$DO_TBX" = "ON" ] ; then
- Echo "tar $TARPARAM all.tar daily_qa tinderbox"
- tar $TARPARAM all.tar daily_qa tinderbox
-elif [ "$DO_DQA" = "ON" ] ; then
- Echo "tar $TARPARAM all.tar daily_qa"
- tar $TARPARAM all.tar daily_qa
-else
- Echo "tar $TARPARAM all.tar tinderbox"
- tar $TARPARAM all.tar tinderbox
-fi
-gzip all.tar
-# ssh-agent > /u/sonmi/.ssh/ssh-agent.info
-# setenv like it says in that file
-# ssh-add
-
-SSH_AUTH_SOCK=`grep SSH_AUTH_SOCK /u/sonmi/.ssh/ssh-agent.info | sed -e 's/setenv SSH_AUTH_SOCK //' -e 's/;//'`
-SSH_AGENT_PID=`grep SSH_AGENT_PID /u/sonmi/.ssh/ssh-agent.info | sed -e 's/setenv SSH_AGENT_PID //' -e 's/;//'`
-export SSH_AUTH_SOCK SSH_AGENT_PID
-if [ "$O_SILENT" = "OFF" ] ; then
- set -x
- scp all.tar.gz sonmi@stage.mozilla.org:/home/ftp/pub/security/nss
- ssh -l sonmi stage.mozilla.org '/home/sonmi/bin/nssqa_stage '
-else
- scp all.tar.gz sonmi@stage.mozilla.org:/home/ftp/pub/security/nss >/dev/null 2>/dev/null
- ssh -l sonmi stage.mozilla.org '/home/sonmi/bin/nssqa_stage ' >/dev/null 2>/dev/null
-fi
-
-#" rlogin huey "
-#" sftp sonmi@stage.mozilla.org"
-#" cd /home/ftp/pub/security/nss"
-#" lcd tmp/ftp_stage"
-#" put all.tar.gz"
-#" quit "
-#" ssh -l sonmi stage.mozilla.org"
-#" cd /home/ftp/pub/security/nss"
-#" gunzip all.tar.gz"
-#" tar xvf all.tar"
-#" rm all.tar"
-
diff --git a/security/nss/tests/qa_stat b/security/nss/tests/qa_stat
deleted file mode 100755
index c902ee713..000000000
--- a/security/nss/tests/qa_stat
+++ /dev/null
@@ -1,936 +0,0 @@
-#! /bin/sh
-########################################################################
-#
-# /u/sonmi/bin/qa_stat - /u/svbld/bin/init/nss/qa_stat
-#
-# this script is supposed to automatically run QA for NSS on all required
-# Unix platforms
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, tip)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk...ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -m <mailinglist> - send filename to mailinglist (csl) only useful
-# with -f
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.qa_stat
-#
-########################################################################
-
-O_OPTIONS=ON
-
-TBX_EXIT=49 # in case we are running on a tinderbox build, any
- # early exit needs to return an error
-if [ -z "$O_TBX" -o "$O_TBX" = "OFF" ] ; then
- if [ -z "$O_LOCAL" -o "$O_LOCAL" = "OFF" ] ; then
- . `dirname $0`/header
- fi
-fi
-Debug "Sourced header O_TBX=$O_TBX O_LOCAL=$O_LOCAL"
-TBX_EXIT=48
-EARLY_EXIT=TRUE
-
-URL="cindercone.red.iplanet.com"
-
-DOCDIR=/u/sonmi/doc
-
-HTML_ERRORCOLOR=\"#FF0000\"
-HTML_ERRORMSG=Failed
-
-HTML_MISSINGCOLOR=\"#FFFFCC\"
-HTML_MISSINGMSG=Missing
-
-HTML_INCOMPLETECOLOR=$HTML_MISSINGCOLOR
-HTML_INCOMPLETEMSG=Incomplete
-
-HTML_PASSEDCOLOR=\"#66FF99\"
-HTML_PASSEDMSG=Passed
-
-# this file is used to deal with hanging rsh - a new shell is started
-# for each rsh, and a function is called after it is finished - they
-# communicate with this file
-
-RSH_FILE=$TMP/rsh.$$
-echo >$RSH_FILE
-TMPFILES="$TMPFILES $WARNINGLIST $RSH_FILE "
-RSH_WAIT_TIME=80 #maximum time allowed for the 2 rsh to finish...
-#TOTAL_TESTS=106
-TOTAL_TESTS=252 #tip
-#TOTAL_TESTS=244 #3.4
-#TOTAL_TESTS=123 #3.3.2
-BCT_TOTAL_TESTS=122 #3.2.2
-#TOTAL_TESTS=133 #tip
-
-Debug "NTDIST $NTDIST"
-Debug "UXDIST $UXDIST"
-Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-Debug "RESULTDIR $RESULTDIR"
-
-############################### watch_rsh ##############################
-# local shell function, deals with a hanging rsh (kills it...)
-# this function is started as a backgroundprocess before the rsh is started,
-# and writes info to the RSH_FILE, after the rsh is finished it writes finish
-# info to the same file (this time called as a function, forground).
-# the backgroundprocess stays around for RSH_WAIT_TIME, if then the finish
-# information is not there attempts to kill the rsh
-#
-# watch_rsh start qa_computername &
-# watch_rsh stop qa_computername
-#
-########################################################################
-watch_rsh()
-{
- case $1 in
- start)
- echo "$2 started" >>$RSH_FILE
- sleep $RSH_WAIT_TIME
- O_ALWAYS_YES=ON # may modify global flags because this is a
- # forked off bg process - kill_by_name otherwise
- # will ask the user if it really should be killed
- grep "$2 finished" $RSH_FILE >/dev/null || kill_by_name "rsh $2"
- exit
- ;;
- stop)
- echo "$2 finished" >>$RSH_FILE
- ;;
- esac
-}
-
-############################### find_qa_systems ########################
-# local shell function, tries to determine the QA operating system
-# works remotely, and for Windows machines
-########################################################################
-find_qa_systems()
-{
-for QA_SYS in `ls $RESULTDIR | grep '\.1$' | sed -e "s/\..*//" | sort -u`
-do
- NO_RSH="FALSE"
- QA_OS=""
- QA_RHVER=""
- IS_64=""
- IS_WIN=""
-
- grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa >/dev/null && NO_RSH=TRUE
-
- if [ "$NO_RSH" = "TRUE" ]
- then
-
- QA_OS=`grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
- -e "s/.*-OS-LINE: /${QA_SYS}/"`
- QA_OS_STRING=`echo $QA_OS | sed -e "s/^[_ ]//" -e "s/ /_/g"`
- echo $QA_OS_STRING >>$PLATFORMLIST
- if [ "$O_SILENT" != ON ] ; then
- echo $QA_OS
- fi
-
- #grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
- #-e "s/.*-OS-LINE: /${QA_SYS}_/" >>$PLATFORMLIST
- #if [ "$O_SILENT" != ON ] ; then
- #grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
- #-e "s/.*-OS-LINE:/${QA_SYS}/"
- #fi
- else
- REM_SYSNAME=$QA_SYS
- watch_rsh start $REM_SYSNAME &
- qa_stat_get_sysinfo $QA_SYS
- watch_rsh stop $REM_SYSNAME
- echo $QA_OS_STRING >>$PLATFORMLIST
- # use later for missing list
- fi
-done
-
-}
-
-################################### qa_stat_init ##########################
-# local shell function, sets the name of the resultfile to:
-# <filename> if option -f <filename>
-# $RESULTDIR/result if write permission
-# (mozilla/tests_results/security/result)
-# $HOME/resultNSS${NSSVER}-${BUILDDATE} if no write permission in $RESULTDIR
-########################################################################
-qa_stat_init()
-{
- if [ $O_FILE = ON -a $O_CRON = OFF ] # if -f was specified write there
- then
- RFILE=$FILENAME
- else
- RFILE=${RESULTDIR}/result.$$
- if [ ! -w $RESULTDIR ]
- then
- RFILE=$HOME/resultNSS${NSSVER}-${BUILDDATE}.$$
- Debug "Using alternate resultfile $RFILE"
- #elif [ $O_CRON = ON ]
- #then
- ##find ${RESULTDIR} -exec chmod a+rw {} \; #FIXME - umask
- ##doesn't seem to work - this is a tmp workaround
- fi
-
- if [ ! -x $RESULTDIR -o ! -r $RESULTDIR -o ! -w $RESULTDIR ]
- then
- glob_usage "$RESULTDIR does not have the right permissions `ls -l $RESULTDIR`"
- fi
- if [ -d $RESULTDIR ]
- then
- cd $RESULTDIR
- else
- glob_usage "$RESULTDIR does not exist"
- fi
- fi
-
- ERRORLIST=${RFILE}.E
- PLATFORMLIST=${RFILE}.P
- PERFLIST=${RFILE}.PE
- TMP_HTML_FILE=${RFILE}.html
- HTML_FILE=${RESULTDIR}/result.html
- WARNINGLIST=${RFILE}.W
- BCMISSINGLIST=${RFILE}.BCM
- BCERRORLIST=${RFILE}.BCE
- TMPFILE=${RFILE}.T
- ML_FILE=${RFILE}.ML
-
- TMPFILES="$TMPFILES $TMPFILE"
- TMPFILES="$TMPFILES $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
- $BCMISSINGLIST $BCERRORLIST $ML_FILE" #FIXME uncomment
-
- FILENAME=$RFILE #we might want to mail it...later switch to html file
- O_FILE="ON"
-
- rm $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
- $BCMISSINGLIST $BCERRORLIST $TMP_HTML_FILE 2>/dev/null
- touch $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
- $BCMISSINGLIST $BCERRORLIST $TMP_HTML_FILE 2>/dev/null
-
- if [ $O_WIN = "ON" -a "$O_TBX" = "ON" ] ; then
- HTML_PATH="http://${URL}${UX_D0}/nss${NSSVER}/tinderbox/tests_results/security/`basename $RESULTDIR`"
- else
- HTML_PATH="http://${URL}${RESULTDIR}"
- fi
- HREF_TMP_HTML_FILE="${HTML_PATH}/`basename $HTML_FILE`"
-
- write_qa_header_html >$TMP_HTML_FILE
-}
-
-################################# html_footer #########################
-# local shell function, writes end of the html body
-#######################################################################
-write_qa_header_html()
-{
-echo 'Subject: QA Report ' $NSSVER $BUILDDATE '
-From: sonmi@iplanet.com
-Reply-To: sonmi@iplanet.com
-Content-Type: text/html; charset=us-ascii
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; U; SunOS 5.8 sun4u) [N
-etscape]">
-</head>
-<body>
-<br>
-&nbsp;
-<br>&nbsp;
-<h2>
-<a href="http://tinderbox.mozilla.org/showbuilds.cgi?tree=NSS">Tinderbox</a
-><br>
-<a href="http://cindercone.red.iplanet.com/share/builds/mccrel3/nss/nsstip/tinderbox/tests_results/security/">Tinderbox QA&nbsp;result</a><br>
-<a href="ftp://ftp.mozilla.org/pub/security/nss/daily_qa">Mozilla Daily NSS QA&nbsp;result</a></h2>
-&nbsp;
-
-&nbsp;
-<br>&nbsp;
-<center>
-<h1>
-<a NAME="Top"></a><b><font size=+2>QA&nbsp;Results</font></b></h1></center>
-
-
-<table BORDER WIDTH="100%" NOSAVE >
-<tr>
-<td>&nbsp;<b><font size=+1>Build-OS and version</font></b></td>
-<td><b><font size=+1>QA-OS</font></b></td>
-<td><b><font size=+1>Systemname</font></b></td>
-<td><b><font size=+1>P/F</font></b></td>
-<td><b><font size=+1>result</font></b></td>
-<td><b><font size=+1>output</font></b></td>
-<td><b><font size=+1>errors</font></b></td>
-<td><b><font size=+1>QA time / #</font></b></td>
-</tr>
-'
-}
-
-################################# html_footer #########################
-# local shell function, writes end of the html body
-#######################################################################
-html_footer()
-{
- echo '</body>'
- echo '</html>'
-}
-
-################################# setQAsysvars #########################
-# local shell function, sets system specific variables
-########################################################################
-setQAsysvars()
-{
- if [ "$MACHINE" != "0" ]
- then
- MACHINE=`echo $MACHINE | sed -e 's/^bct.//g'`
- TESTDATE=`ls -ld $MACHINE | awk '{ print $6, $7, $8 }'`
- TESTNUMBER=`echo $MACHINE | sed -e 's/.*\.//'`
- SYSNAME=`echo $MACHINE | sed -e 's/\..*//'`
- Debug "SYSNAME= $SYSNAME"
-
- if [ "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
- QA_SYS_OS=$QA_OS
- else
- QA_SYS_OS=`grep $SYSNAME $PLATFORMLIST |
- sed -e 's/ //' | \
- sort | uniq | sed -e "s/$SYSNAME//" \
- -e "s/^_//" | sort | uniq`
- fi
- Debug "QA_SYS_OS= $QA_SYS_OS"
- fi
- BUILD_SYS=`echo $BUILDPLATFORM | sed -e 's/\.OBJ//' -e 's/_DBG/ Debug/' \
- -e 's/_OPT/ Optimized/' -e 's/_64/ 64bit/' -e 's/_glibc_PTH//' \
- -e 's/_/ /'`
- Debug "BUILD_SYS=$BUILD_SYS"
- if [ -f "${RESULTDIR}/${MACHINE}/results.html" ] ; then
- RESULT="${HTML_PATH}/${MACHINE}/results.html"
- else
- RESULT="0"
- fi
- if [ -f "${RESULTDIR}/bct/${MACHINE}/results.html" ] ; then
- BCB_RESULT="${HTML_PATH}/bct/${MACHINE}/results.html"
- else
- BCB_RESULT="0"
- fi
-
- if [ -f "${RESULTDIR}/${MACHINE}/output.log" ] ; then
- LOG="${HTML_PATH}/${MACHINE}/output.log"
- else
- LOG="0"
- fi
- if [ -f "${RESULTDIR}/bct/${MACHINE}/output.log" ] ; then
- BCB_LOG="${HTML_PATH}/bct/${MACHINE}/output.log"
- else
- BCB_LOG="0"
- fi
-}
-
-################################# html_line() #########################
-# local shell function, writes a line in the html table
-########################################################################
-html_line()
-{
- echo '<tr NOSAVE>'
- echo '<td NOSAVE>'$BUILD_SYS'</td>'
- echo ''
- if [ "$QA_SYS_OS" != "0" ] ; then
- echo '<td NOSAVE>'$QA_SYS_OS'</td>'
- else
- echo '<td></td>'
- fi
- echo ''
- if [ "$SYSNAME" != "0" ] ; then
- echo '<td>'$SYSNAME'</td>'
- else
- echo '<td></td>'
- fi
- #echo '<td>'$SYSNAME $TESTNUMBER $TESTDATE'</td>'
- echo ''
- # hopefully we never run more different tests on a tinderbox build...
- # on win some shells can not handle exit codes greater then 52 (64???)
- # so for very early exits the codes are set 50-45, for failures later
- # in the process the higher the number, the more failures
- if [ "$O_TBX" = "ON" -a "$TBX_EXIT" -gt 45 ] ; then
- TBX_EXIT=0
- fi
- if [ "$1" = "failed" ]
- then
- TBX_EXIT=`expr $TBX_EXIT + 1`
- echo '<td BGCOLOR='$HTML_ERRORCOLOR' NOSAVE><b>'$HTML_ERRORMSG'</b></td>'
- elif [ "$1" = "passed" ]
- then
- echo '<td BGCOLOR='$HTML_PASSEDCOLOR' NOSAVE>'$HTML_PASSEDMSG'</td>'
- elif [ "$1" = "incomplete" ]
- then
- TBX_EXIT=`expr $TBX_EXIT + 1`
- echo '<td BGCOLOR='$HTML_INCOMPLETECOLOR' NOSAVE>'$HTML_INCOMPLETEMSG'</td>'
- else
- TBX_EXIT=`expr $TBX_EXIT + 1`
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- fi
- if [ "$CURRENT_TABLE" != "BC" ] ; then
- if [ "$RESULT" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$RESULT'">result</a>&nbsp;</td>'
- fi
- if [ "$LOG" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$LOG'">log</a>&nbsp;</td>'
- fi
- if [ "$1" = "failed" ] ; then
- echo '<td>&nbsp;<a href="'${HREF_TMP_HTML_FILE}'#errorlist">error</a>&nbsp;</td>'
- else
- echo '<td></td>'
- fi
- else
- #<td><b><font size=+1>errors</font></b></td>
- #<td><b><font size=+1>P/F</font></b></td>
- #<td><b><font size=+1>P/F</font></b></td>
-
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>old dlls</font></b></td>'
- #echo '<td><b><font size=+1>old executables</font></b></td>'
- #if [ "$RESULT" != "0" -a "$LOG" != "0" ] ; then
- #echo '<td><a href="'$RESULT'">result</a>, <a href="'$LOG'">log</td>'
- #elif [ "$RESULT" = "0" -a "$LOG" != "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$LOG'">log</a></td>'
- #elif [ "$RESULT" != "0" -a "$LOG" = "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$RESULT'">result</a></td>'
- #else
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- #fi
- #if [ "$BCB_RESULT" != "0" -a "$BCB_LOG" != "0" ] ; then
- #echo '<td><a href="'$BCB_RESULT'">result</a>, <a href="'$BCB_LOG'"> log</td>'
- #elif [ "$BCB_RESULT" = "0" -a "$BCB_LOG" != "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$BCB_LOG'">log</a></td>'
- #elif [ "$BCB_RESULT" != "0" -a "$BCB_LOG" = "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$BCB_RESULT'">result</a></td>'
- #else
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- #fi
- if [ "$BCB_RESULT" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$BCB_RESULT'">result</a>&nbsp;</td>'
- fi
- if [ "$BCB_LOG" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$BCB_LOG'">log</a>&nbsp;</td>'
- fi
- fi
- echo '<td>'$TESTDATE $TESTNUMBER'</td>'
- echo '</tr>'
-}
-
-################################# qa_errorlist #########################
-# local shell function, finds problems in the previously run QA
-# linux:the gnu grep, on Linux can output 10 lines above and 3 lines below
-# the errormessage
-########################################################################
-qa_errorlist()
-{
- grep "bgcolor=red" ${MACHINES_TO_CHECK}*/results.html |
- sed -e 's/.results.html:<TR><TD>/ /' -e 's/<[^>]*>/ /g'
- grep 'cache hits; .* cache misses, .* cache not reusable' \
- ${MACHINES_TO_CHECK}*/output.log |
- grep strsclnt |
- grep -v '0 cache hits; 0 cache misses, 0 cache not reusable' |
- grep -v ' cache hits; 1 cache misses, 0 cache not reusable'
- grep -vi "write to SSL socket" ${MACHINES_TO_CHECK}*/output.log |
- grep -vi "HDX PR_Read returned error" |
- grep -vi "no error" |
- grep -vi "12285" |
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP error
- #grep -vi "5938" | needed for -v option
- #grep -vi "HDX PR_Read hit EOF" |
- grep -vi "write to SSL socket" ${MACHINES_TO_CHECK}*/output.log |
- grep -vi "peer cannot verify" |
- grep -vi "error" |
- grep -vi "fatal" |
- grep -vi "TCP Connection aborted" |
- grep -vi "TCP connection reset" |
- grep $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i failed
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "segmentation violation" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "memory fault" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "bus error" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "core dumped" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP fatal \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i\
- "PKCS12 decode not verified" ${MACHINES_TO_CHECK}*/output.log
-
- if [ -n "${MACHINES_TO_CHECK}" ] ; then
- find ${MACHINES_TO_CHECK}* -name core -print 2>/dev/null |
- grep -v bct
- else
- find . -name core -print 2>/dev/null |
- grep -v bct
- fi
-}
-
-tbx_missing_platforms ()
-{
- QA_MISSING="QA report missing"
- MACHINE="0"
-
- if [ "$QA_OS_STRING" = "WINNT4.0" ] ; then
- QA_OS_STRING="Windows-NT-4.0"
- fi
- for BUILDPLATFORM in `grep $QA_OS_STRING $TESTSCRIPTDIR/platformlist.tbx`
- do
- if [ "$BUILDPLATFORM" != "$QA_OS_STRING" ] ; then
- Debug "BUILDPLATFORM = $BUILDPLATFORM QA_OS_STRING = $QA_OS_STRING"
- grep $BUILDPLATFORM ${MACHINES_TO_CHECK}*/results.html \
- >/dev/null || {
- setQAsysvars
- html_line missing >>$TMP_HTML_FILE
- }
- fi
- done
-}
-
-############################ platform _list ###########################
-# local shell function, generate pass/fail information for each Platform
-########################################################################
-platformlist()
-{
- grep Platform ${MACHINES_TO_CHECK}*/results.html |
- sed -e 's/.results.html:<H4>Platform: /---/' \
- -e 's/<BR>//' >$TMPFILE
- # this is done a little complicated to avoid starting a subshell in
- # a while read that gets the input from a pipeline, and variables set
- #in or underneath this function get unset after done...
- for MB in `cat $TMPFILE` ; do
- MACHINE=`echo $MB | sed -e "s/---.*//"`
- BUILDPLATFORM=`echo $MB | sed -e "s/.*---//"`
- grep "${MACHINE}[^0-9]" $ERRORLIST >/dev/null
- ret=$?
- setQAsysvars
- if [ $ret -eq 0 ]
- then
- echo "Failed $MACHINE $BUILDPLATFORM" >>$RFILE
- html_line failed >>$TMP_HTML_FILE
- else
- echo "Passed $MACHINE $BUILDPLATFORM" >>$RFILE
- html_line passed >>$TMP_HTML_FILE
- fi
- done
-}
-
-############################ missing_platforms ###########################
-# local shell function, finds out if we ran on all required platforms
-########################################################################
-missing_platforms()
-{
- QA_MISSING="QA report missing"
- MACHINE="0"
- SYSNAME="0"
- QA_SYS_OS="0"
-
- for BUILDPLATFORM in `cat $TESTSCRIPTDIR/platformlist`
- do
- grep $BUILDPLATFORM $PLATFORMLIST > /dev/null || {
- setQAsysvars
- html_line missing >>$TMP_HTML_FILE
- }
- done
-}
-
-############################ incomplete_results ###########################
-# local shell function, finds out if all qa runs were complete
-########################################################################
-incomplete_results ()
-{
-
- for w in `ls ${MACHINES_TO_CHECK}*/results.html`
- do
- grep bgcolor=red $w || {
- PASSED_LINES=""
- PASSED_LINES=`grep bgcolor=lightGreen $w | wc -l`
- if [ -n "$PASSED_LINES" -a "$PASSED_LINES" -lt "$TOTAL_TESTS" ] ; then
- BUILDPLATFORM=`grep Platform $w | sed -e 's/<H4>Platform:/ /' -e 's/<BR>//'`
- MACHINE=`echo $w | sed -e "s/.results.html//"`
- #MACHINE=`echo $w | sed -e "s/\.[0-9]*.results.html//"`
- setQAsysvars
- html_line incomplete >>$TMP_HTML_FILE
- elif [ "$PASSED_LINES" -gt "$TOTAL_TESTS" ] ; then
- echo "WARNING - more tests than expected on $w ($PASSED_LINES)" >>$WARNINGLIST
- fi
- }
- done
-}
-
-qa_stat_table()
-{
- echo '&nbsp;'
- echo '<br>&nbsp;'
- echo '<center>'
- echo '<h1>'
- echo '<a NAME="'$1'"></a>'$1'</h1></center>'
- echo '&nbsp;'
- echo '<table BORDER WIDTH="100%" NOSAVE >'
- echo '<tr NOSAVE>'
-}
-
-############################### psaperf ########################
-# local shell function, copies results of the daily performance test
-# into a table in the QA report
-########################################################################
-rsaperf()
-{
- grep RSAPERF */output.log | grep -v "_DBG" > $PERFLIST
-
- qa_stat_table "Performance list"
-
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1># of iterations</font></b></td>'
- echo '<td><b><font size=+1>average for one op</font></b></td>'
- echo '<td><b><font size=+1>Total</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
- cat $PERFLIST |
- while read MACHINE BUILDPLATFORM no_iter t1 t2 total total_unit t3 \
- t4 t5 average average_unit
- do
- #caution subshell, variables local to this loop
- BUILD_SYS=`echo $BUILDPLATFORM | sed -e 's/\.OBJ//' \
- -e 's/_DBG/ Debug/' \
- -e 's/_OPT/ Optimized/' -e 's/_64/ 64bit/' -e 's/_glibc_PTH//' \
- -e 's/_/ /'`
- TESTNUMBER=`echo $MACHINE | sed -e 's/[^\.]*\.//' -e 's/\/.*//'`
- MACHINE=`echo $MACHINE | sed -e 's/\..*//'`
- TESTDATE=`ls -ld ${MACHINE}.${TESTNUMBER} | awk '{ print $6, $7, $8 }'`
- echo '<tr>'
- echo '<td>'$BUILD_SYS'</td>'
- echo ''
- echo '<td>'$MACHINE'</td>'
- echo ''
- echo '<td>'$no_iter'</td>'
- echo ''
- echo '<td>'$average' '$average_unit'</td>'
- echo ''
- echo '<td>'$total' '$total_unit'</td>'
- echo ''
- echo '<td>'$TESTDATE $TESTNUMBER'</td>'
- echo ''
- echo '</tr>'
- done
- echo '</table>'
-}
-
-############################### qa_stat_cleanup ########################
-# local shell function, finishes html file, sets variables for global Exit
-########################################################################
-qa_stat_cleanup()
-{
-
- html_footer >>$TMP_HTML_FILE
-
- O_DEBUG=OFF
-
- EARLY_EXIT=FALSE
- cp $TMP_HTML_FILE $HTML_FILE
- FILENAME=$HTML_FILE #we might want to mail it...
- Exit
-}
-
-
-############################### bc_test ########################
-# local shell function, evaluates the results of the backward u
-# compatibility tests
-########################################################################
-bc_header()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
-}
-
-old_bc_test()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
- for w in `ls */results.html`
- do
- TMP_RESULT="`dirname $w`/results.tmp"
- TMP_BC_RESULT="`dirname bct/$w`/results.tmp"
- rm $TMP_RESULT $TMP_BC_RESULT 2>/dev/null
- cat $w | sed -e 's/<[^>]*>//g' -e 's/ /_/g' \
- -e 's/signtool_-[vw]/signtool_-vw/' |
- grep '_[PF]a[si][sl]ed' >$TMP_RESULT
- cat bct/$w | sed -e 's/<[^>]*>//g' -e 's/ /_/g' \
- -e 's/signtool_-[vw]/signtool_-vw/' |
- grep '_[PF]a[si][sl]ed' >$TMP_BC_RESULT
- diff $TMP_RESULT $TMP_BC_RESULT 2>>$BCMISSINGLIST |
- grep -v "Create_objsign_cert_.signtool_-G.*Passed" |
- grep -v "porting_Alice.s_email_cert" |
- grep -v "^[0-9,cad]*$" | grep -v "^---$" | grep -v "^---.$" |
- grep -v "Can.t_run_pk12util_tests_for_NSS_3.2" >/dev/null && (
- echo "$w differs" >> $BCMISSINGLIST
- echo "========================================="
- echo "diff $w bct/$w"
- echo "========================================="
- diff $TMP_RESULT $TMP_BC_RESULT 2>&1 |
- grep -v "Create_objsign_cert_.signtool_-G.*Passed" |
- grep -v "porting_Alice.s_email_cert" |
- grep -v "Can.t_run_pk12util_tests_for_NSS_3.2"
- ) 2>&1 >>$BCERRORLIST
-
- #diff -b $w bct/$w 2>>$BCMISSINGLIST |
- #grep -v "Create objsign cert .signtool -G.*Passed" |
- #grep -v "Listing signed files in jar .signtool -v.*Passed" |
- #grep -v "Listing signed files in jar .signtool -w.*Passed" |
- #grep -v "backward compatibility" |
- #grep -v "Can.t run pk12util tests for NSS 3.2" |
- #grep -v "porting Alice.s email cert " |
- #grep -v "^---$" | grep -v "^[<> ] $" |
- #grep -v "^---.$" | grep -v "^[<> ] .$" |
- #grep -v '< </BODY></HTML>' |
- #grep -v "^[0-9,cad]*$" 2>>$BCMISSINGLIST >/dev/null && (
- #echo "$w differs" >> $BCMISSINGLIST
- #echo "========================================="
- #echo "diff $w bct/$w"
- #echo "========================================="
- #diff -b $w bct/$w 2>&1 |
- #grep -v "Listing signed files in jar .signtool -v.*Passed" |
- #grep -v "Listing signed files in jar .signtool -w.*Passed" |
- #grep -v "backward compatibility" |
- #grep -v "Can.t run pk12util tests for NSS 3.2" |
- #grep -v "porting Alice.s email cert " |
- #grep -v "^---$" | grep -v "^[<> ] $" |
- #grep -v "^---.$" | grep -v "^[<> ] .$" |
- #grep -v '< </BODY></HTML>' |
- #grep -v "^[0-9,cad]*$" \
- #) 2>&1 >>$BCERRORLIST
- rm $TMP_RESULT $TMP_BC_RESULT 2>/dev/null
- done
- rm $ERRORLIST
- cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
- -e "s/.results.html.*/\/results.html/" |
- sort -u > $ERRORLIST
-
- platformlist
- echo '</table>' >>$TMP_HTML_FILE
-
- head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/"
-}
-
-bc_test()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
-set -x
- for w in `ls */results.html`
- do
- BCT_DIR=`dirname "bct/$w"`
- BCT_RESULT="bct/$w"
- BCT_LOG="$BCT_DIR/output.log"
- grep "bgcolor=red" $BCT_RESULT |
- sed -e 's/.results.html:<TR><TD>/ /' -e 's/<[^>]*>/ /g'
- grep 'cache hits; .* cache misses, .* cache not reusable' \
- $BCT_LOG |
- grep -v selfserv |
- grep -v '0 cache hits; 1 cache misses, 0 cache not reusable' |
- grep -v '0 cache hits; 0 cache misses, 0 cache not reusable' |
- grep -v ' cache hits; 1 cache misses, 0 cache not reusable'
- grep -vi "write to SSL socket" $BCT_LOG |
- grep -vi "HDX PR_Read returned error" |
- grep -vi "no error" |
- grep -vi "12285" |
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP error
- grep -vi "write to SSL socket" $BCT_LOG |
- grep -vi "peer cannot verify" |
- grep -vi "TCP Connection aborted" |
- grep -vi "error" |
- grep -vi "fatal" |
- grep -vi "TCP connection reset" |
- grep $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i failed $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "segmentation violation" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "memory fault" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "bus error" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "core dumped" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP fatal $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i "PKCS12 decode not verified" $BCT_LOG
- find ${BTC_DIR} -name core -print
-
- done 2>&1 >>$BCERRORLIST
- rm $ERRORLIST
- cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
- -e "s/.results.html.*/\/results.html/" |
- sort -u > $ERRORLIST
-
- platformlist
- echo '</table>' >>$TMP_HTML_FILE
-
- head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/"
-}
-
-
-############################### bc_test ########################
-# local shell function, evaluates the results of the backward u
-# compatibility tests
-# move the whole function to old to tests a new solution
-########################################################################
-bc_test_old()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
- for w in `ls */results.html`
- do
- diff -b $w bct/$w 2>>$BCMISSINGLIST |
- grep -v "Create objsign cert .signtool -G.*Passed" |
- grep -v "Listing signed files in jar .signtool -v.*Passed" |
- grep -v "Listing signed files in jar .signtool -w.*Passed" |
- grep -v "backward compatibility" |
- grep -v "Can.t run pk12util tests for NSS 3.2" |
- grep -v "porting Alice.s email cert " |
- grep -v "^---$" | grep -v "^[<> ] $" |
- grep -v "^---.$" | grep -v "^[<> ] .$" |
- grep -v '< </BODY></HTML>' |
- grep -v "^[0-9,cad]*$" 2>>$BCMISSINGLIST >/dev/null && (
- echo "$w differs" >> $BCMISSINGLIST
- echo "========================================="
- echo "diff $w bct/$w"
- echo "========================================="
- diff -b $w bct/$w 2>&1 |
- grep -v "Listing signed files in jar .signtool -v.*Passed" |
- grep -v "Listing signed files in jar .signtool -w.*Passed" |
- grep -v "backward compatibility" |
- grep -v "Can.t run pk12util tests for NSS 3.2" |
- grep -v "porting Alice.s email cert " |
- grep -v "^---$" | grep -v "^[<> ] $" |
- grep -v "^---.$" | grep -v "^[<> ] .$" |
- grep -v '< </BODY></HTML>' |
- grep -v "^[0-9,cad]*$" \
- ) 2>&1 >>$BCERRORLIST
- done
- rm $ERRORLIST
- cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
- -e "s/.results.html.*/\/results.html/" |
- sort -u > $ERRORLIST
-
- platformlist
- echo '</table>' >>$TMP_HTML_FILE
-
- head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/"
-
-}
-
-############################### tbx_main ########################
-# local shell function, tinderbox variation of the qa status script
-########################################################################
-tbx_main()
-{
- TBX_EXIT=47
- qa_stat_get_sysinfo # find out the OS we are running and all required tests
- # on this OS
-
- MACHINES_TO_CHECK=$HOST #`uname -n` only search the local tests for errors
- qa_errorlist > $ERRORLIST #
- platformlist
- #tbx_missing_platforms #temp. taken out until we find a better way to
- #determine if all necessary QA ran - right now we run different
- #tinderboxes on one machine
- incomplete_results
- echo '</table>' >>$TMP_HTML_FILE
- echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
- cat $ERRORLIST | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
-
-}
-
-############################### qa_stat_main ########################
-# local shell function, main flow of the qa status script
-########################################################################
-qa_stat_main()
-{
- find_qa_systems 2>/dev/null
- MACHINES_TO_CHECK="" # check all founf qa runs
- qa_errorlist > $ERRORLIST
- platformlist
- missing_platforms
- incomplete_results
- echo '</table>' >>$TMP_HTML_FILE
- echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
- cat $ERRORLIST | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
- cat $WARNINGLIST 2>/dev/null | sed -e "s/^/<br>/" >>$TMP_HTML_FILE 2>/dev/null
- rsaperf >>$TMP_HTML_FILE
- bc_header >>$TMP_HTML_FILE
- MACHINES_TO_CHECK="bct/"
- TOTAL_TESTS=$BCT_TOTAL_TESTS
- BEFORE_CONTEXT_GREP="" #WORKAROUND - errors in one outputlog within the first
- AFTER_CONTEXT_GREP="" # or last lines will show up in the next/previos file
- qa_errorlist > $ERRORLIST
- platformlist
- missing_platforms
- incomplete_results
- echo '</table>' >>$TMP_HTML_FILE
- echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
- cat $ERRORLIST | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
- cat $WARNINGLIST 2>/dev/null | sed -e "s/^/<br>/" >>$TMP_HTML_FILE 2>/dev/null
- #bc_test >>$TMP_HTML_FILE
-}
-
-CURRENT_TABLE="Standard"
-qa_stat_init
-
-if [ "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
- tbx_main
-else
- qa_stat_main
-fi
-
-qa_stat_cleanup
diff --git a/security/nss/tests/qaclean b/security/nss/tests/qaclean
deleted file mode 100755
index 14c71f390..000000000
--- a/security/nss/tests/qaclean
+++ /dev/null
@@ -1,144 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/qaclean
-#
-# is supposed to clean up after a "hanging" QA
-#
-# 1) see if there is a lockfile
-# if yes:
-# 1a) kill the process of the lockfile and if possible it's children
-# 1b) rm the lockfile
-# 2) kill selfservers
-# 3) clean up old tmp files
-#
-########################################################################
-
-if [ -z "$TMP" ]
-then
- if [ -z "$TEMP" ]
- then
- TMP="/tmp"
- else
- TMP=$TEMP
- fi
-fi
-if [ ! -w "$TMP" ]
-then
- echo "Can't write to tmp directory $TMP - exiting"
- echo "Can't write to tmp directory $TMP - exiting" >&2
- exit 1
-fi
-
-########################### Ps #########################################
-# platform specific ps
-########################################################################
-Ps()
-{
- if [ `uname -s` = "SunOS" ]
- then
- /usr/5bin/ps -e
- else
- ps -e
- fi
-}
-
-Kill()
-{
- if [ "$1" = "$$" ]
- then
- return
- fi
- echo "Killing PID $1"
- kill $1
- sleep 1
- kill -9 $1 2>/dev/null
-}
-
-########################### kill_by_name ################################
-# like killall, only without permissionproblems, kills the process whose
-# name is given as parameter
-########################################################################
-kill_by_name()
-{
- echo "Killing all $1"
-
- for PID in `Ps | grep "$1" | grep -v grep | \
- sed -e "s/^[ ]*//g" -e "s/[ ].*//"`
- do
- Kill $PID
- done
-}
-
-kill_the_rest()
-{
-i=0
-while [ $i -lt $1 ]
-do
- kill_by_name nssqa
- kill_by_name selfserv
- kill_by_name strsclnt
- kill_by_name all.sh
- kill_by_name sdr.sh
- kill_by_name ssl.sh
- kill_by_name smime.sh
- i=`expr $i + 1`
-done
-}
-
-nt_warning()
-{
-os_name=`uname -s`
-case $os_name in
- CYGWIN*|WIN*|Win*)
- echo
- echo
- echo
- echo "Another Windows problem... If you have not already done so"
- echo "after this script completes, please reboot, and log in as"
- echo "user svbld again"
- echo
- echo
- echo
- ;;
-esac
-}
-
-nt_warning
-case $1 in
- -all)
- for w in tommy booboo kentuckyderby galileo shame axilla columbus \
- smarch charm hp64 biggayal orville kwyjibo hbombaix raven \
- jordan hornet phaedrus louie box dbldog huey washer dryer \
- shabadoo trex bummer compaqtor jellyfish sjsu
- do
- echo $w
- ping $w && rsh $w '/u/sonmi/bin/qaclean'
- done
-
- ;;
- ?*)
- rsh $1 '/u/sonmi/bin/qaclean'
- exit
- ;;
-esac
-
-uname -a
-echo
-
-if [ -f ${TMP}/nssqa.* ]
-then
- echo "nssqa seems to be running ${TMP}/nssqa.*"
- #cat ${TMP}/nssqa.*
- NSSQA_PID=`ls ${TMP}/nssqa.* | sed -e 's/[^.]*\.//'`
- Kill $NSSQA_PID
- rm ${TMP}/nssqa.*
-fi
-
-kill_the_rest 3
-ls -l ${TMP}/nsstmp.*
-rm ${TMP}/nsstmp.* 2>/dev/null
-rm ${TMP}/certutilout.* 2>/dev/null
-rm ${TMP}/Pk12*
-nt_warning
diff --git a/security/nss/tests/sdr/sdr.sh b/security/nss/tests/sdr/sdr.sh
deleted file mode 100755
index 36c0f40ae..000000000
--- a/security/nss/tests/sdr/sdr.sh
+++ /dev/null
@@ -1,127 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/sdr/sdr.sh
-#
-# Script to start test basic functionallity of NSS sdr
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## sdr_init ################################
-# local shell function to initialize this script
-########################################################################
-sdr_init()
-{
- SCRIPTNAME=sdr.sh
- if [ -z "${CLEANUP}" ] ; then
- CLEANUP="${SCRIPTNAME}"
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . ./init.sh
- fi
- SCRIPTNAME=sdr.sh
-
- #temporary files
- VALUE1=$HOSTDIR/tests.v1.$$
- VALUE2=$HOSTDIR/tests.v2.$$
-
- T1="Test1"
- T2="The quick brown fox jumped over the lazy dog"
-
- SDRDIR=${HOSTDIR}/SDR
- D_SDR="SDR.$version"
- if [ ! -d ${SDRDIR} ]; then
- mkdir -p ${SDRDIR}
- fi
-
- PROFILE=.
- if [ -n "${MULTIACCESS_DBM}" ]; then
- PROFILE="multiaccess:${D_SDR}"
- fi
-
- cd ${SDRDIR}
- html_head "SDR Tests"
-}
-
-############################## sdr_main ################################
-# local shell function to test NSS SDR
-########################################################################
-sdr_main()
-{
- echo "$SCRIPTNAME: Creating an SDR key/Encrypt"
- echo "sdrtest -d ${PROFILE} -o ${VALUE1} -t Test1"
- sdrtest -d ${PROFILE} -o ${VALUE1} -t Test1
- html_msg $? 0 "Creating SDR Key"
-
- echo "$SCRIPTNAME: SDR Encrypt - Second Value"
- echo "sdrtest -d ${PROFILE} -o ${VALUE2} -t '${T2}'"
- sdrtest -d ${PROFILE} -o ${VALUE2} -t "${T2}"
- html_msg $? 0 "Encrypt - Value 2"
-
- echo "$SCRIPTNAME: Decrypt - Value 1"
- echo "sdrtest -d ${PROFILE} -i ${VALUE1} -t Test1"
- sdrtest -d ${PROFILE} -i ${VALUE1} -t Test1
- html_msg $? 0 "Decrypt - Value 1"
-
- echo "$SCRIPTNAME: Decrypt - Value 2"
- echo "sdrtest -d ${PROFILE} -i ${VALUE2} -t ${T2}"
- sdrtest -d ${PROFILE} -i ${VALUE2} -t "${T2}"
- html_msg $? 0 "Decrypt - Value 2"
-}
-
-############################## sdr_cleanup #############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-sdr_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-sdr_init
-sdr_main
-sdr_cleanup
diff --git a/security/nss/tests/set_environment b/security/nss/tests/set_environment
deleted file mode 100644
index 5a3515cca..000000000
--- a/security/nss/tests/set_environment
+++ /dev/null
@@ -1,234 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/set_environment
-#
-# sourced from the header if running from cron to get the full environment
-# to run nssqa - also used to unify all nssqa environments
-#
-# This is derived from the .cshrc file for the svbld account.
-#
-########################################################################
-
-if [ -z "$HOME" ]
-then
- HOME=/u/svbld
-fi
-if [ -z "$QASCRIPT_DIR" ]
-then
- QASCRIPT_DIR=`dirname $0`
-fi
-
-os_name=`uname -s`
-if [ "$os_name" != "Windows_95" -a \
- "$os_name" != "Windows_NT" -a \
- "$os_name" != "WINNT" -a \
- "$os_name" != "Windows" -a \
- "$os_name" != "Windows_98" -a \
- "$os_name" != "CYGWIN_NT-4.0" -a \
- "$os_name" != "CYGWIN_NT-5.0" -a \
- "$os_name" != "CYGWIN_95-4.0" -a \
- "$os_name" != "CYGWIN_98-4.10" ]
-then
- PATH=.:$HOME/bin:/tools/ns/bin:/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/dist/local/exe:/usr/bin/X11:/usr/audio/bin:/u/sonmi/bin:$PATH
- JAVA_HOME="D:/i386/jdk1.2.2"
- JAVA_HOME14="R:/jdk/1.4.0/WINNT"
-fi
-
-CVSROOT=:pserver:svbld@redcvs.red.iplanet.com:/m/src
-
-os_name=`uname -s`
-os_version=`uname -r`
-#os_p=`uname -p`
-os_full=""
-
-if [ -f /u/svbld/bin/nsarch ]
-then
- os_full=`/u/svbld/bin/nsarch -f` #FIXME
-fi
-
-MANPATH=/usr/share/man:/usr/openwin/man:/usr/local/man
-
-RMAIL=rmail
-BEFORE_CONTEXT_GREP=""
-AFTER_CONTEXT_GREP=""
-
-export CVSROOT HOME os_name os_version os_full MANPATH
-
-
-if [ "$os_name" = "HP-UX" ]
-then
- PATH=$PATH:/usr/local/bin:/opt/aCC/bin:/usr/local/bin/audio:/tools/ns/bin:/etc:/usr/contrib/bin:/usr/contrib/bin/X11:/usr/local/hpux/bin:/nfs/iapp1/hphome/bin:/etc:/u/svbld/bin/HP/perl/bin
- JAVA_HOME="/share/builds/components/cms_jdk/HP-UX/1.2.2.04"
- JAVA_HOME14=$JAVA_HOME
-# JAVA_HOME="/share/builds/components/cms_jdk/HP-UX/1.3.0.00"
-elif [ "$os_name" = "SunOS" ]
-then
- NATIVE_FLAG="-native"
- XAPPLRESDIR=/usr/openwin/lib/app-defaults:/usr/local/lib/X11/app-defaults
- OPENWINHOME=/usr/openwin
- LD_LIBRARY_PATH=$OPENWINHOME/lib
- if [ "$os_full" = "SOLARISx86 2.8" -o "$os_full" = "SOLARISx86 2.9" ]
- then
- #PATH=/usr/ucb:/opt/usr/local/bin:$PATH
- JAVA_HOME="/usr/java1.2"
- JAVA_HOME14=/share/builds/components/jdk/1.4.0/SunOS_x86
- PATH=".:/usr/dist/share/forte_dev_i386,v6.2/SUNWspro/bin:/opt/usr/local/perl5/bin:/opt/SUNWspro/bin:/opt/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/dist/local/exe:/usr/ccs/bin:/usr/ucb/bin:/usr/ucb:/opt/SUNWwabi/bin:/usr/local/bin:/tools/ns/bin:/etc:/tools/contrib/bin"
- else
- PATH=/usr/ucb:$PATH
- JAVA_HOME="/share/builds/components/jdk/1.2.2/SunOS"
- JAVA_HOME14=/share/builds/components/jdk/1.4.0/SunOS64
- PATH=/tools/ns/bin:$PATH:/opt/SUNWspro/bin:/usr/bin/X11:/usr/openwin/bin:/usr/openwin/demo
-
- if [ "$os_version" = "5.8" -o "$os_version" = "5.7" -o \
- "$os_version" = "5.9" ]
- then
- PATH=$PATH:/usr/dist/pkgs/forte_dev,v6.2/SUNWspro/bin:/tools/ns/workshop/bin
- else
- PATH=$PATH:/usr/dist/share/devpro,v5.0/5.x-sparc/bin:/tools/ns/workshop/bin
- fi
- PATH=$PATH:/usr/ccs/bin:/usr/ucb/bin:/opt/SUNWwabi/bin:/usr/local/bin:/tools/ns/bin:/etc:/tools/contrib/bin
- fi
- export XAPPLRESDIR OPENWINHOME LD_LIBRARY_PATH
-
-elif [ "$os_name" = "IRIX" ]
-then
- PATH=$PATH:/tools/ns/bin:/usr/local/bin:/etc:/usr/bsd
- MANPATH=/tools/ns/man:/usr/local/man
- JAVA_HOME="/share/builds/components/jdk/1.2.2/IRIX"
- JAVA_HOME14=$JAVA_HOME
-elif [ "$os_name" = "IRIX64" ]
-then
- PATH=$PATH:/tools/ns/bin:/usr/local/bin:/etc:/usr/bsd
- MANPATH=/tools/ns/man:/usr/local/man
- JAVA_HOME="/share/builds/components/jdk/1.2.2/IRIX"
- JAVA_HOME14=$JAVA_HOME
-elif [ "$os_name" = "Linux" ]
-then
- PATH=/lib:/usr/lib:/bin:/sbin:/usr/bin:/usr/sbin:$PATH
- RMAIL=sendmail
- #the gnu grep, on Linux can output 10 lines above and 3 lines below
- #the errormessage
- BEFORE_CONTEXT_GREP="--before-context=10"
- AFTER_CONTEXT_GREP="--after-context=3"
- JAVA_HOME="/share/builds/components/jdk/1.2.2/Linux"
- JAVA_HOME14=/share/builds/components/jdk/1.4.0/Linux
-elif [ "$os_name" = "AIX" ]
-then
- PATH=$PATH:/tools/contrib/bin:/usr/local/bin
- TERM=vt100
- export TERM
- JAVA_HOME="/share/builds/components/cms_jdk/AIX/1.3.0"
- JAVA_HOME14=$JAVA_HOME
-elif [ "$os_name" = "OSF1" ]
-then
- PATH=$PATH:/usr/local/bin
- JAVA_HOME="/share/builds/components/jdk/1.2.2/OSF1"
- JAVA_HOME14=$JAVA_HOME
-fi
-
-if [ "$os_name" = "IRIX" ]
-then
- PATH=/tools/ns-arch/soft/perl-5.004_04/run/default/mips_sgi_irix5.3/bin:$PATH
-elif [ "$os_name" = "IRIX64" ]
-then
- PATH=/tools/ns-arch/soft/perl-5.004_04/run/default/mips_sgi_irix5.3/bin:$PATH
-fi
-
-O_CYGNUS=OFF
-O_MKS=OFF
-O_WIN=OFF
-
-if [ "$os_name" = "CYGWIN_NT-4.0" -o \
- "$os_name" = "CYGWIN_NT-5.0" -o \
- "$os_name" = "CYGWIN_95-4.0" -o \
- "$os_name" = "CYGWIN_98-4.10" ]
-then
- #FIXME net use, mount the neccessary pnetwork drives and partitiones first
- #FIXME - take MKS out of the PATH
- os_full=$os_name
- os_name="Windows"
- O_CYGNUS=ON
- O_WIN=ON
- PATH="`dirname $0`:.:/cygdrive/c/cygwin/bin:/cygdrive/z/nstools/bin:/cygdrive/z/nstools/perl5:/cygdrive/z/bin:/cygdrive/c/WINNT/System32:/cygdrive/c/WINNT"
- RM=/cygdrive/c/cygwin/bin/rm.exe #FIXME - in case we cant cporrect
- #these with the PATH alone
- PATH=`perl $QASCRIPT_DIR/path_uniq "$PATH"`
- RSH=/cygdrive/c/winnt/system32/rsh
-elif [ "$os_name" = "Windows_95" -o \
- "$os_name" = "Windows_NT" -o \
- "$os_name" = "WINNT" -o \
- "$os_name" = "Windows" -o \
- "$os_name" = "Windows_98" ]
-then
- #FIXME net use, mount the neccessary pnetwork drives and partitiones first
- PATH=`echo $SHELL | sed -e "s/.[kK][sS][Hh].[Ee][Xx][Ee]//g" \
- -e "s/.[sS][Hh].[Ee][Xx][Ee]//g"`
- MOZTOOLS_IN_PATH=NO
- if [ -n "$MOZ_TOOLS" -a -d "$MOZ_TOOLS" ] ; then
- MOZ_TOOLS=`ls -d "$MOZ_TOOLS" | sed -e 's/\\\/\//g'`
- #echo "MOZ_TOOLS reformated to $MOZ_TOOLS"
- if [ -d "$MOZ_TOOLS" ] ; then #still exist after reformating?
- MOZTOOLS_IN_PATH=OK
- fi
- fi
- if [ -n "$MOZTOOLS_IN_PATH" -a "$MOZTOOLS_IN_PATH" = "OK" ] ; then
- #echo "Use MOZTOOLS in PATH"
- PATH="$MOZ_TOOLS/bin;$MOZ_TOOLS/perl5;$PATH"
- elif [ -d Z:/nstools/bin ] ; then
- PATH="Z:/nstools/bin;Z:/nstools/perl5;$PATH"
- elif [ -d C:/nstools/bin ] ; then
- PATH="C:/nstools/bin;C:/nstools/perl5;$PATH"
- elif [ -d D:/nstools/bin ] ; then
- PATH="D:/nstools/bin;D:/nstools/perl5;$PATH"
- elif [ -d D:/i386/nstools/bin ] ; then
- PATH="D:/i386/nstools/bin;D:/i386/nstools/perl5;$PATH"
- else
- echo "FATAL: Can't find nstools"
- exit
- fi
-
- if [ "$os_name" = "Windows_NT" -o \
- "$os_name" = "WINNT" ]
- then
- PATH="${PATH};C:/WINNT/System32;C:/WINNT;.;"
- fi
- PATH="`dirname $0`;$PATH"
-
- PATH=`perl $QASCRIPT_DIR/path_uniq -d ';' "$PATH"`
- echo $PATH
- os_full=$os_name
- os_name="Windows"
- O_MKS=ON
- O_WIN=ON
- if [ -z $RSH ] ; then
- RSH=c:/winnt/system32/rsh
- fi
-
-else
- EDITOR=vi
- EMACSLOADPATH=/u/svbld/emacs
- PYTHONPATH=.:/tools/ns/lib/python1.4
- PAGER=less
- XMCD_LIBDIR=/usr/local/lib/xmcd
- DISPLAY=:0.0
- PATH=`perl $QASCRIPT_DIR/path_uniq "$PATH"`
- RSH=rsh
-fi
-
-BASEPATH=$PATH # in case we we set and reset DIST directories the PATH
- # needs to change accordingly
-export PATH EDITOR EMACSLOADPATH PYTHONPATH PAGER XMCD_LIBDIR DISPLAY MANPATH os_full os_name BASEPATH RSH O_WIN
-
-umask 022
-
-system=`uname -n` # name of this system.
-
-JAVAC=$JAVA_HOME/bin/javac
-JAVA=$JAVA_HOME/bin/java
-JAVAC14=$JAVA_HOME14/bin/javac
-JAVA14=$JAVA_HOME14/bin/java
-#JAVA=$JAVA_HOME/jre/bin/java
-export JAVAC JAVA JAVA_HOME JAVAC14 JAVA_HOME14 JAVA14
-
diff --git a/security/nss/tests/smime/alice.txt b/security/nss/tests/smime/alice.txt
deleted file mode 100644
index 0378db464..000000000
--- a/security/nss/tests/smime/alice.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT)
-From: alice@bogus.com
-Subject: message Alice --> Bob
-To: bob@bogus.com
-
-This is a test message from Alice to Bob.
diff --git a/security/nss/tests/smime/bob.txt b/security/nss/tests/smime/bob.txt
deleted file mode 100644
index 330b2c94d..000000000
--- a/security/nss/tests/smime/bob.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT)
-From: bob@bogus.com
-Subject: message Bob --> Alice
-To: alice@bogus.com
-
-This is a test message from Bob to Alice.
diff --git a/security/nss/tests/smime/smime.sh b/security/nss/tests/smime/smime.sh
deleted file mode 100755
index cfa7ffc84..000000000
--- a/security/nss/tests/smime/smime.sh
+++ /dev/null
@@ -1,251 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/smime/smime.sh
-#
-# Script to test NSS smime
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## smime_init ##############################
-# local shell function to initialize this script
-########################################################################
-smime_init()
-{
- SCRIPTNAME=smime.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . ./init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . ./cert.sh
- fi
- SCRIPTNAME=smime.sh
- html_head "S/MIME Tests"
-
- grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
- Exit 11 "Fatal - S/MIME of cert.sh needs to pass first"
- }
-
- SMIMEDIR=${HOSTDIR}/smime
- R_SMIMEDIR=../smime
- mkdir -p ${SMIMEDIR}
- cd ${SMIMEDIR}
- cp ${QADIR}/smime/alice.txt ${SMIMEDIR}
-}
-
-
-############################## smime_main ##############################
-# local shell function to test basic signed and enveloped messages
-# from 1 --> 2"
-########################################################################
-smime_main()
-{
-
- echo "$SCRIPTNAME: Signing Attached Message (SHA1) ------------------"
- echo "cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig"
- cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig
- html_msg $? 0 "Create Signature Alice (SHA1)" "."
-
- echo "cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1"
- cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1
- html_msg $? 0 "Decode Alice's Signature (SHA1)" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Signature and Original (SHA1)" "."
-
- echo "$SCRIPTNAME: Signing Attached Message (SHA256) ------------------"
- echo "cmsutil -S -N Alice -H SHA256 -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig"
- cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig
- html_msg $? 0 "Create Signature Alice (SHA256)" "."
-
- echo "cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1"
- cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1
- html_msg $? 0 "Decode Alice's Signature (SHA256)" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Signature and Original (SHA256)" "."
-
- echo "$SCRIPTNAME: Signing Attached Message (SHA384) ------------------"
- echo "cmsutil -S -N Alice -H SHA384 -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig"
- cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig
- html_msg $? 0 "Create Signature Alice (SHA384)" "."
-
- echo "cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1"
- cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1
- html_msg $? 0 "Decode Alice's Signature (SHA384)" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Signature and Original (SHA384)" "."
-
- echo "$SCRIPTNAME: Signing Attached Message (SHA512) ------------------"
- echo "cmsutil -S -N Alice -H SHA512 -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig"
- cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig
- html_msg $? 0 "Create Signature Alice (SHA512)" "."
-
- echo "cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1"
- cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1
- html_msg $? 0 "Decode Alice's Signature (SHA512)" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Signature and Original (SHA512)" "."
-
- echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------"
- echo "cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss \\"
- echo " -o alice.env"
- cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.env
- html_msg $? 0 "Create Enveloped Data Alice" "."
-
- echo "cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1"
- cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1
- html_msg $? 0 "Decode Enveloped Data Alice" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
-
- # multiple recip
- echo "$SCRIPTNAME: Testing multiple recipients ------------------------------"
- echo "cmsutil -E -i alicecc.txt -d ${P_R_ALICEDIR} -o alicecc.env \\"
- echo " -r bob@bogus.com,dave@bogus.com"
- cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \
- -r bob@bogus.com,dave@bogus.com
- ret=$?
- html_msg $ret 0 "Create Multiple Recipients Enveloped Data Alice" "."
- if [ $ret != 0 ] ; then
- i=0
- echo "cp -r ${R_ALICEDIR} ${R_ALICEDIR}.trouble"
- cp -r ${R_ALICEDIR} ${R_ALICEDIR}.trouble
- while [ $i -lt 100 ] ; do
- echo "will attempt to list the certs in the db `expr 100 - $i` more times"
- echo "certutil -L -d ${P_R_ALICEDIR}"
- certutil -L -d ${P_R_ALICEDIR}
- echo "certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com"
- certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com
- sleep 30
- i=`expr $i + 1`
- done
- fi
-
- echo "$SCRIPTNAME: Testing multiple email addrs ------------------------------"
- echo "cmsutil -E -i alicecc.txt -d ${P_R_ALICEDIR} -o aliceve.env \\"
- echo " -r eve@bogus.net"
- cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \
- -r eve@bogus.net
- ret=$?
- html_msg $ret 0 "Encrypt to a Multiple Email cert" "."
-
- echo "cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2"
- cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2
- html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Bob" "."
-
- echo "cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3"
- cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3
- html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Dave" "."
-
- echo "cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4"
- cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4
- html_msg $? 0 "Decrypt with a Multiple Email cert" "."
-
- diff alice.txt alice.data2
- html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Bob" "."
-
- diff alice.txt alice.data3
- html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Dave" "."
-
- diff alice.txt alice.data4
- html_msg $? 0 "Compare Decoded with Multiple Email cert" "."
-
- echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------"
- echo "cmsutil -O -r \"Alice,bob@bogus.com,dave@bogus.com\" \\"
- echo " -d ${P_R_ALICEDIR} > co.der"
- cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" -d ${P_R_ALICEDIR} > co.der
- html_msg $? 0 "Create Certs-Only Alice" "."
-
- echo "cmsutil -D -i co.der -d ${P_R_BOBDIR}"
- cmsutil -D -i co.der -d ${P_R_BOBDIR}
- html_msg $? 0 "Verify Certs-Only by CA" "."
-
- echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------"
- echo "cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \\"
- echo " -r \"bob@bogus.com\" > alice.enc"
- cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \
- -r "bob@bogus.com" > alice.enc
- html_msg $? 0 "Create Encrypted-Data" "."
-
- echo "cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss \\"
- echo " -o alice.data2"
- cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss -o alice.data2
- html_msg $? 0 "Decode Encrypted-Data" "."
-
- diff alice.txt alice.data2
- html_msg $? 0 "Compare Decoded and Original Data" "."
-}
-
-############################## smime_cleanup ###########################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-smime_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-smime_init
-smime_main
-smime_cleanup
-
diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh
deleted file mode 100755
index 1d1cfebd9..000000000
--- a/security/nss/tests/ssl/ssl.sh
+++ /dev/null
@@ -1,342 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/ssl/ssl.sh
-#
-# Script to test NSS SSL
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## ssl_init ################################
-# local shell function to initialize this script
-########################################################################
-ssl_init()
-{
- SCRIPTNAME=ssl.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . ./init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . ./cert.sh
- fi
- SCRIPTNAME=ssl.sh
- echo "$SCRIPTNAME: SSL tests ==============================="
-
- grep "SUCCESS: SSL passed" $CERT_LOG_FILE >/dev/null || {
- html_head "SSL Test failure"
- Exit 8 "Fatal - SSL of cert.sh needs to pass first"
- }
-
- PORT=${PORT-8443}
-
- # Test case files
- SSLCOV=${QADIR}/ssl/sslcov.txt
- SSLAUTH=${QADIR}/ssl/sslauth.txt
- SSLSTRESS=${QADIR}/ssl/sslstress.txt
- REQUEST_FILE=${QADIR}/ssl/sslreq.txt
-
- #temparary files
- SERVEROUTFILE=${TMP}/tests_server.$$
- SERVERPID=${TMP}/tests_pid.$$
-
- R_SERVERPID=../tests_pid.$$
-
- TEMPFILES="$TMPFILES ${SERVEROUTFILE} ${SERVERPID}"
-
- fileout=0 #FIXME, looks like all.sh tried to turn this on but actually didn't
- #fileout=1
- #verbose="-v" #FIXME - see where this is usefull
-
- USER_NICKNAME=TestUser
- NORM_EXT=""
-
- cd ${CLIENTDIR}
-}
-
-########################### is_selfserv_alive ##########################
-# local shell function to exit with a fatal error if selfserver is not
-# running
-########################################################################
-is_selfserv_alive()
-{
- if [ ! -f "${SERVERPID}" ]; then
- echo "$SCRIPTNAME: Error - selfserv PID file ${SERVERPID} doesn't exist"
- sleep 5
- if [ ! -f "${SERVERPID}" ]; then
- Exit 9 "Fatal - selfserv pid file ${SERVERPID} does not exist"
- fi
- fi
- PID=`cat ${SERVERPID}`
- #if [ "${OS_ARCH}" = "Linux" ]; then
- kill -0 $PID >/dev/null 2>/dev/null || Exit 10 "Fatal - selfserv process not detectable"
- #else
- #$PS -e | grep $PID >/dev/null || \
- #Exit 10 "Fatal - selfserv process not detectable"
- #fi
-}
-
-########################### wait_for_selfserv ##########################
-# local shell function to wait until selfserver is running and initialized
-########################################################################
-wait_for_selfserv()
-{
- echo "tstclnt -p ${PORT} -h ${HOST} -q "
- echo " -d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \\"
- #echo "tstclnt -q started at `date`"
- tstclnt -p ${PORT} -h ${HOST} -q -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}
- if [ $? -ne 0 ]; then
- html_failed "<TR><TD> Wait for Server "
- echo "RETRY: tstclnt -p ${PORT} -h ${HOST} -q \\"
- echo " -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}"
- tstclnt -p ${PORT} -h ${HOST} -q -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}
- elif [ sparam = "-c ABCDEFabcdefghijklmnvy" ] ; then # "$1" = "cov" ] ; then
- html_passed "<TR><TD> Wait for Server"
- fi
- is_selfserv_alive
-}
-
-########################### kill_selfserv ##############################
-# local shell function to kill the selfserver after the tests are done
-########################################################################
-kill_selfserv()
-{
- ${KILL} `cat ${SERVERPID}`
- wait `cat ${SERVERPID}`
- if [ ${fileout} -eq 1 ]; then
- cat ${SERVEROUTFILE}
- fi
- # On Linux selfserv needs up to 30 seconds to fully die and free
- # the port. Wait until the port is free. (Bug 129701)
- if [ "${OS_ARCH}" = "Linux" ]; then
- until selfserv -b -p ${PORT} 2>/dev/null; do
- sleep 1
- done
- fi
- rm ${SERVERPID}
-}
-
-########################### start_selfserv #############################
-# local shell function to start the selfserver with the parameters required
-# for this test and log information (parameters, start time)
-# also: wait until the server is up and running
-########################################################################
-start_selfserv()
-{
- if [ -n "$testname" ] ; then
- echo "$SCRIPTNAME: $testname ----"
- fi
- sparam=`echo $sparam | sed -e 's;_; ;g'`
- echo "selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} \\"
- echo " -w nss ${sparam} -i ${R_SERVERPID} $verbose &"
- echo "selfserv started at `date`"
- if [ ${fileout} -eq 1 ]; then
- selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} \
- -w nss ${sparam} -i ${R_SERVERPID} $verbose \
- > ${SERVEROUTFILE} 2>&1 &
- else
- selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} \
- -w nss ${sparam} -i ${R_SERVERPID} $verbose &
- fi
- wait_for_selfserv
-}
-
-############################## ssl_cov #################################
-# local shell function to perform SSL Cipher Coverage tests
-########################################################################
-ssl_cov()
-{
- html_head "SSL Cipher Coverage $NORM_EXT"
-
- testname=""
- sparam="-c ABCDEFabcdefghijklmnvyz"
- start_selfserv # Launch the server
-
- p=""
-
- while read tls param testname
- do
- p=`echo "$testname" | sed -e "s/ .*//"` #sonmi, only run extended test on SSL3 and TLS
-
- if [ "$p" = "SSL2" -a "$NORM_EXT" = "Extended test" ] ; then
- echo "$SCRIPTNAME: skipping $testname for $NORM_EXT"
- elif [ "$tls" != "#" ] ; then
- echo "$SCRIPTNAME: running $testname ----------------------------"
- TLS_FLAG=-T
- if [ $tls = "TLS" ]; then
- TLS_FLAG=""
- fi
-
- is_selfserv_alive
- echo "tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} \\"
- echo " -f -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}"
-
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} -f \
- -d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \
- >${TMP}/$HOST.tmp.$$ 2>&1
- ret=$?
- cat ${TMP}/$HOST.tmp.$$
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- html_msg $ret 0 "${testname}"
- fi
- done < ${SSLCOV}
-
- kill_selfserv
- html "</TABLE><BR>"
-}
-
-############################## ssl_auth ################################
-# local shell function to perform SSL Client Authentication tests
-########################################################################
-ssl_auth()
-{
- html_head "SSL Client Authentication $NORM_EXT"
-
- while read value sparam cparam testname
- do
- if [ $value != "#" ]; then
- cparam=`echo $cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" `
- start_selfserv
-
- echo "tstclnt -p ${PORT} -h ${HOST} -f -d ${P_R_CLIENTDIR} \\"
- echo " ${cparam} < ${REQUEST_FILE}"
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- tstclnt -p ${PORT} -h ${HOST} -f ${cparam} \
- -d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \
- >${TMP}/$HOST.tmp.$$ 2>&1
- ret=$?
- cat ${TMP}/$HOST.tmp.$$
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
-
- html_msg $ret $value "${testname}" \
- "produced a returncode of $ret, expected is $value"
- kill_selfserv
- fi
- done < ${SSLAUTH}
-
- html "</TABLE><BR>"
-}
-
-
-############################## ssl_stress ##############################
-# local shell function to perform SSL stress test
-########################################################################
-ssl_stress()
-{
- html_head "SSL Stress Test $NORM_EXT"
-
- while read value sparam cparam testname
- do
- p=`echo "$testname" | sed -e "s/Stress //" -e "s/ .*//"` #sonmi, only run extended test on SSL3 and TLS
- if [ "$p" = "SSL2" -a "$NORM_EXT" = "Extended test" ] ; then
- echo "$SCRIPTNAME: skipping $testname for $NORM_EXT"
- elif [ $value != "#" ]; then
- cparam=`echo $cparam | sed -e 's;_; ;g'`
- start_selfserv
- if [ `uname -n` = "sjsu" ] ; then
- echo "debugging disapering selfserv... ps -ef | grep selfserv"
- ps -ef | grep selfserv
- fi
-
- echo "strsclnt -q -p ${PORT} -d ${P_R_CLIENTDIR} -w nss $cparam \\"
- echo " $verbose ${HOSTADDR}"
- echo "strsclnt started at `date`"
- strsclnt -q -p ${PORT} -d ${P_R_CLIENTDIR} -w nss $cparam \
- $verbose ${HOSTADDR}
- ret=$?
- echo "strsclnt completed at `date`"
- html_msg $ret $value "${testname}"
- if [ `uname -n` = "sjsu" ] ; then
- echo "debugging disapering selfserv... ps -ef | grep selfserv"
- ps -ef | grep selfserv
- fi
- kill_selfserv
- fi
- done < ${SSLSTRESS}
-
- html "</TABLE><BR>"
-}
-
-
-############################## ssl_cleanup #############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-ssl_cleanup()
-{
- rm $SERVERPID 2>/dev/null
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-#this script may be sourced from the distributed stress test - in this case do nothing...
-
-if [ -z "$DO_REM_ST" -a -z "$DO_DIST_ST" ] ; then
- ssl_init
- ssl_cov
- ssl_auth
- ssl_stress
-
- SERVERDIR=$EXT_SERVERDIR
- CLIENTDIR=$EXT_CLIENTDIR
- R_SERVERDIR=$R_EXT_SERVERDIR
- R_CLIENTDIR=$R_EXT_CLIENTDIR
- P_R_SERVERDIR=$P_R_EXT_SERVERDIR
- P_R_CLIENTDIR=$P_R_EXT_CLIENTDIR
- USER_NICKNAME=ExtendedSSLUser
- NORM_EXT="Extended test"
- cd ${CLIENTDIR}
- ssl_cov
- ssl_auth
- ssl_stress
- ssl_cleanup
-fi
diff --git a/security/nss/tests/ssl/ssl_dist_stress.sh b/security/nss/tests/ssl/ssl_dist_stress.sh
deleted file mode 100755
index e9b328e4b..000000000
--- a/security/nss/tests/ssl/ssl_dist_stress.sh
+++ /dev/null
@@ -1,344 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/ssl/ssl_dist_stress.sh
-#
-# Script to test NSS SSL - distributed stresstest - this script needs to
-# source the regular ssl.sh (for shellfunctions, certs and variables
-# initialisation)
-# create certs
-# start server
-# start itself via rsh on different systems to connect back to the server
-#
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# FIXME _ don't know yet how long to wait until the server needs to be killed
-# especially on NT
-#
-########################################################################
-
-############################## ssl_ds_init #############################
-# local shell function to initialize this script
-########################################################################
-ssl_ds_init()
-{
- if [ -z "$GLOB_MIN_CERT" ] ; then
- GLOB_MIN_CERT=0
- fi
- if [ -z "$GLOB_MAX_CERT" ] ; then
- GLOB_MAX_CERT=200
- fi
- IP_PARAM=""
- CD_QADIR_SSL=""
-
-
- if [ -n "$1" ] ; then
- ssl_ds_eval_opts $*
- fi
- SCRIPTNAME=ssl_dist_stress.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- ssl_init # let some other script do the hard work (initialize, generate certs, ...
-
- SCRIPTNAME=ssl_dist_stress.sh
- echo "$SCRIPTNAME: SSL distributed stress tests ==============================="
-
-}
-
-######################### ssl_ds_usage #################################
-# local shell function to explain the usage
-########################################################################
-ssl_ds_usage()
-{
- echo "Usage: `basename $1`"
- echo " -host hostname "
- echo " ...host who runs the server, for distributed stress test"
- echo " -stress "
- echo " ...runs the server sider of the distributed stress test"
- echo " -dir unixdirectory "
- echo " ...lets the server side of the distributed stress test"
- echo " know where to find the scritp to start on the remote side"
- echo " -certnum start-end"
- echo " ... provides the range of certs for distributed stress test"
- echo " for example -certnum 10-20 will connect 10 times"
- echo " no blanks in the range string (not 10 - 20)"
- echo " valid range ${GLOB_MIN_CERT}-${GLOB_MAX_CERT}"
- echo " -? ...prints this text"
- exit 1 #does not need to be Exit, very early in script
-}
-
-######################### ssl_ds_eval_opts #############################
-# local shell function to deal with options and parameters
-########################################################################
-ssl_ds_eval_opts()
-{
- #use $0 not $SCRIPTNAM<E, too early, SCRIPTNAME not yet set
-
- while [ -n "$1" ]
- do
- case $1 in
- -host)
- BUILD_OPT=1
- export BUILD_OPT
- DO_REM_ST="TRUE"
- shift
- SERVERHOST=$1
- HOST=$1
- if [ -z $SERVERHOST ] ; then
- echo "$0 `uname -n`: -host requires hostname"
- ssl_ds_usage
- fi
- echo "$0 `uname -n`: host $HOST ($1)"
- ;;
- -certn*)
- shift
- rangeOK=`echo $1 | sed -e 's/[0-9][0-9]*-[0-9][0-9]*/OK/'`
- MIN_CERT=`echo $1 | sed -e 's/-[0-9][0-9]*//' -e 's/^00*//'`
- MAX_CERT=`echo $1 | sed -e 's/[0-9][0-9]*-//' -e 's/^00*//'`
- if [ -z "$rangeOK" -o "$rangeOK" != "OK" -o \
- -z "$MIN_CERT" -o -z "$MAX_CERT" -o \
- "$MIN_CERT" -gt "$MAX_CERT" -o \
- "$MIN_CERT" -lt "$GLOB_MIN_CERT" -o \
- "$MAX_CERT" -gt "$GLOB_MAX_CERT" ] ; then
- echo "$0 `uname -n`: -certn range not valid"
- ssl_ds_usage
- fi
- echo "$0 `uname -n`: will use certs from $MIN_CERT to $MAX_CERT"
- ;;
- -server|-stress|-dist*st*)
- BUILD_OPT=1
- export BUILD_OPT
- DO_DIST_ST="TRUE"
- ;;
- -dir|-unixdir|-uxdir|-qadir)
- shift
- UX_DIR=$1
- #FIXME - we need a default unixdir
- if [ -z "$UX_DIR" ] ; then # -o ! -d "$UX_DIR" ] ; then can't do, Win doesn't know...
- echo "$0 `uname -n`: -dir requires directoryname "
- ssl_ds_usage
- fi
- CD_QADIR_SSL="cd $UX_DIR"
- ;;
- -ip*)
- shift
- IP_ADDRESS=$1
- if [ -z "$IP_ADDRESS" ] ; then
- echo "$0 `uname -n`: -ip requires ip-address "
- ssl_ds_usage
- fi
- USE_IP=TRUE
- IP_PARAM="-ip $IP_ADDRESS"
- ;;
- -h|-help|"-?"|*)
- ssl_ds_usage
- ;;
- esac
- shift
- done
-}
-
-############################## ssl_ds_rem_stress #######################
-# local shell function to perform the client part of the SSL stress test
-########################################################################
-
-ssl_ds_rem_stress()
-{
- testname="SSL remote part of Stress test (`uname -n`)"
- echo "$SCRIPTNAME `uname -n`: $testname"
-
- #cp -r "${CLIENTDIR}" /tmp/ssl_ds.$$ #FIXME
- #cd /tmp/ssl_ds.$$
- #verbose="-v"
-
- cd ${CLIENTDIR}
-
- CONTINUE=$MAX_CERT
- while [ $CONTINUE -ge $MIN_CERT ]
- do
- echo "strsclnt -D -p ${PORT} -d ${P_R_CLIENTDIR} -w nss -c 1 $verbose "
- echo " -n TestUser$CONTINUE ${HOSTADDR} #`uname -n`"
- strsclnt -D -p ${PORT} -d . -w nss -c 1 $verbose \
- -n "TestUser$CONTINUE" ${HOSTADDR} &
- #${HOSTADDR} &
- CONTINUE=`expr $CONTINUE - 1 `
- #sleep 4 #give process time to start up
- done
-
- html_msg 0 0 "${testname}" #FIXME
-}
-
-######################### ssl_ds_dist_stress ###########################
-# local shell function to perform the server part of the new, distributed
-# SSL stress test
-########################################################################
-
-ssl_ds_dist_stress()
-{
- max_clientlist="
- box-200
- washer-200
- dryer-200
- hornet-50
- shabadoo-50
- y2sun2-10
- galileo-10
- shame-10
- axilla-10
- columbus-10
- smarch-10
- nugget-10
- charm-10
- hp64-10
- biggayal-10
- orville-10
- kwyjibo-10
- hbombaix-10
- raven-10
- jordan-10
- phaedrus-10
- louie-10
- trex-10
- compaqtor-10"
-
- #clientlist=" huey-2 dewey-2 hornet-2 shabadoo-2" #FIXME ADJUST
- clientlist=" box-200 washer-200 huey-200 dewey-200 hornet-200 shabadoo-200 louie-200"
- #clientlist=" box-2 huey-2 "
- #clientlist="washer-200 huey-200 dewey-200 hornet-200 "
-
- html_head "SSL Distributed Stress Test"
-
- testname="SSL distributed Stress test"
-
- echo cd "${CLIENTDIR}"
- cd "${CLIENTDIR}"
- if [ -z "CD_QADIR_SSL" ] ; then
- CD_QADIR_SSL="cd $QADIR/ssl"
- else
- cp -r $HOSTDIR $HOSTDIR/../../../../../booboo_Solaris8/mozilla/tests_results/security
- fi
-
- #sparam=" -t 128 -D -r "
- sparam=" -t 16 -D -r -r -y "
- start_selfserv
-
- for c in $clientlist
- do
- client=`echo $c | sed -e "s/-.*//"`
- number=`echo $c | sed -e "s/.*-//"`
- CLIENT_OK="TRUE"
- echo $client
- ping $client >/dev/null || CLIENT_OK="FALSE"
- if [ "$CLIENT_OK" = "FALSE" ] ; then
- echo "$SCRIPTNAME `uname -n`: $client can't be reached - skipping"
- else
- get_certrange $number
- echo "$SCRIPTNAME `uname -n`: $RSH $client -l svbld \\ "
- echo " \" $CD_QADIR_SSL ;ssl_dist_stress.sh \\"
- echo " -host $HOST -certnum $CERTRANGE $IP_PARAM \" "
- $RSH $client -l svbld \
- " $CD_QADIR_SSL;ssl_dist_stress.sh -host $HOST -certnum $CERTRANGE $IP_PARAM " &
- fi
- done
-
- echo cd "${CLIENTDIR}"
- cd "${CLIENTDIR}"
-
- sleep 500 # give the clients time to finish #FIXME ADJUST
-
- echo "GET /stop HTTP/1.0\n\n" > stdin.txt #check to make sure it has /r/n
- echo "tstclnt -h $HOSTADDR -p 8443 -d ${P_R_CLIENTDIR} -n TestUser0 "
- echo " -w nss -f < stdin.txt"
- tstclnt -h $HOSTADDR -p 8443 -d ${P_R_CLIENTDIR} -n TestUser0 \
- -w nss -f < stdin.txt
-
- html_msg 0 0 "${testname}"
- html "</TABLE><BR>"
-}
-
-############################ get_certrange #############################
-# local shell function to find the range of certs that the next remote
-# client is supposed to use (only for server side of the dist stress test
-########################################################################
-get_certrange()
-{
- rangeOK=`echo $1 | sed -e 's/[0-9][0-9]*/OK/'`
- if [ -z "$rangeOK" -o "$rangeOK" != "OK" -o $1 = "OK" ] ; then
- range=10
- echo "$SCRIPTNAME `uname -n`: $1 is not a valid number of certs "
- echo " defaulting to 10 for $client"
- else
- range=$1
- if [ $range -gt $GLOB_MAX_CERT ] ; then
- range=$GLOB_MAX_CERT
- fi
- fi
- if [ -z "$FROM_CERT" ] ; then # start new on top of the cert stack
- FROM_CERT=$GLOB_MAX_CERT
- elif [ `expr $FROM_CERT - $range + 1 ` -lt 0 ] ; then
- FROM_CERT=$GLOB_MAX_CERT # dont let it fall below 0 on the TO_CERT
-
- fi
- TO_CERT=`expr $FROM_CERT - $range + 1 `
- if [ $TO_CERT -lt 0 ] ; then # it's not that I'm bad in math, I just
- TO_CERT=0 # don't trust expr...
- fi
- CERTRANGE="${TO_CERT}-${FROM_CERT}"
- FROM_CERT=`expr ${TO_CERT} - 1 ` #start the next client one below
-}
-
-
-################## main #################################################
-
-DO_DIST_ST="TRUE"
-. ./ssl.sh
-ssl_ds_init $*
-if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
- ssl_ds_rem_stress
- exit 0 #no cleanup on purpose
-elif [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
- ssl_ds_dist_stress
-fi
-ssl_cleanup
diff --git a/security/nss/tests/ssl/sslauth.txt b/security/nss/tests/ssl/sslauth.txt
deleted file mode 100644
index 173312774..000000000
--- a/security/nss/tests/ssl/sslauth.txt
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# This file defines the tests for client auth.
-#
-# expected
-# return server client Test Case name
-# value params params
-# ------ ------ ------ ---------------
- 0 -r -w_nss TLS Request don't require client auth (client does not provide auth)
- 0 -r -w_bogus_-n_TestUser TLS Request don't require client auth (bad password)
- 0 -r -w_nss_-n_TestUser TLS Request don't require client auth (client auth)
- 0 -r_-r -w_nss TLS Require client auth (client does not provide auth)
- 254 -r_-r -w_bogus_-n_TestUser TLS Require client auth (bad password)
- 0 -r_-r -w_nss_-n_TestUser_ TLS Require client auth (client auth)
- 0 -r -T_-w_nss SSL3 Request don't require client auth (client does not provide auth)
- 0 -r -T_-n_TestUser_-w_bogus SSL3 Request don't require client auth (bad password)
- 0 -r -T_-n_TestUser_-w_nss SSL3 Request don't require client auth (client auth)
- 0 -r_-r -T_-w_nss SSL3 Require client auth (client does not provide auth)
- 254 -r_-r -T_-n_TestUser_-w_bogus SSL3 Require client auth (bad password)
- 0 -r_-r -T_-n_TestUser_-w_nss SSL3 Require client auth (client auth)
- 0 -r_-r_-r -w_nss TLS Request don't require client auth on 2nd hs (client does not provide auth)
- 0 -r_-r_-r -w_bogus_-n_TestUser TLS Request don't require client auth on 2nd hs (bad password)
- 0 -r_-r_-r -w_nss_-n_TestUser TLS Request don't require client auth on 2nd hs (client auth)
- 0 -r_-r_-r_-r -w_nss TLS Require client auth on 2nd hs (client does not provide auth)
- 1 -r_-r_-r_-r -w_bogus_-n_TestUser TLS Require client auth on 2nd hs (bad password)
- 0 -r_-r_-r_-r -w_nss_-n_TestUser_ TLS Require client auth on 2nd hs (client auth)
- 0 -r_-r_-r -T_-w_nss SSL3 Request don't require client auth on 2nd hs (client does not provide auth)
- 0 -r_-r_-r -T_-n_TestUser_-w_bogus SSL3 Request don't require client auth on 2nd hs (bad password)
- 0 -r_-r_-r -T_-n_TestUser_-w_nss SSL3 Request don't require client auth on 2nd hs (client auth)
- 0 -r_-r_-r_-r -T_-w_nss SSL3 Require client auth on 2nd hs (client does not provide auth)
- 1 -r_-r_-r_-r -T_-n_TestUser_-w_bogus SSL3 Require client auth on 2nd hs (bad password)
- 0 -r_-r_-r_-r -T_-n_TestUser_-w_nss SSL3 Require client auth on 2nd hs (client auth)
diff --git a/security/nss/tests/ssl/sslcov.txt b/security/nss/tests/ssl/sslcov.txt
deleted file mode 100644
index 52cbae7f5..000000000
--- a/security/nss/tests/ssl/sslcov.txt
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# This file enables test coverage of the various SSL ciphers
-#
-# NOTE: SSL2 ciphers are independent of whether TLS is enabled or not. We
-# mix up the enable functions so we can tests boths paths.
-#
-# Enable Cipher Test Name
-# TLS
-#
- noTLS A SSL2 RC4 128 WITH MD5
- TLS B SSL2 RC4 128 EXPORT40 WITH MD5
- TLS C SSL2 RC2 128 CBC WITH MD5
- noTLS D SSL2 RC2 128 CBC EXPORT40 WITH MD5
- TLS E SSL2 DES 64 CBC WITH MD5
- noTLS F SSL2 DES 192 EDE3 CBC WITH MD5
-#
-# noTLS a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA
-# noTLS b SSL3 FORTEZZA DMS WITH RC4 128 SHA
- noTLS c SSL3 RSA WITH RC4 128 MD5
- noTLS d SSL3 RSA WITH 3DES EDE CBC SHA
- noTLS e SSL3 RSA WITH DES CBC SHA
- noTLS f SSL3 RSA EXPORT WITH RC4 40 MD5
- noTLS g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5
-# noTLS h SSL3 FORTEZZA DMS WITH NULL SHA
- noTLS i SSL3 RSA WITH NULL MD5
- noTLS j SSL3 RSA FIPS WITH 3DES EDE CBC SHA
- noTLS k SSL3 RSA FIPS WITH DES CBC SHA
- noTLS l SSL3 RSA EXPORT WITH DES CBC SHA (new)
- noTLS m SSL3 RSA EXPORT WITH RC4 56 SHA (new)
- noTLS n SSL3 RSA WITH RC4 128 SHA
- noTLS v SSL3 RSA WITH AES 128 CBC SHA
- noTLS y SSL3 RSA WITH AES 256 CBC SHA
- noTLS z SSL3 RSA WITH NULL SHA
-#
- TLS c TLS RSA WITH RC4 128 MD5
- TLS d TLS RSA WITH 3DES EDE CBC SHA
- TLS e TLS RSA WITH DES CBC SHA
- TLS f TLS RSA EXPORT WITH RC4 40 MD5
- TLS g TLS RSA EXPORT WITH RC2 CBC 40 MD5
- TLS i TLS RSA WITH NULL MD5
- TLS j TLS RSA FIPS WITH 3DES EDE CBC SHA
- TLS k TLS RSA FIPS WITH DES CBC SHA
- TLS l TLS RSA EXPORT WITH DES CBC SHA (new)
- TLS m TLS RSA EXPORT WITH RC4 56 SHA (new)
- TLS n TLS RSA WITH RC4 128 SHA
- TLS v TLS RSA WITH AES 128 CBC SHA
- TLS y TLS RSA WITH AES 256 CBC SHA
- TLS z TLS RSA WITH NULL SHA
diff --git a/security/nss/tests/ssl/sslreq.txt b/security/nss/tests/ssl/sslreq.txt
deleted file mode 100644
index 16a750fbf..000000000
--- a/security/nss/tests/ssl/sslreq.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-GET / HTTP/1.0
-
-
diff --git a/security/nss/tests/ssl/sslstress.txt b/security/nss/tests/ssl/sslstress.txt
deleted file mode 100644
index ad3ecd03d..000000000
--- a/security/nss/tests/ssl/sslstress.txt
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# This file defines the tests for client auth.
-#
-# expected
-# return server client Test Case name
-# value params params
-# ------ ------ ------ ---------------
- 0 _ -c_1000_-C_A Stress SSL2 RC4 128 with MD5
- 0 _ -c_1000_-C_c Stress SSL3 RC4 128 with MD5
- 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
-#
-# add client auth versions here...
-#
-# 0 -r -w_bogus_-n_"Test_User" TLS Request don't require client auth (bad password)
diff --git a/security/nss/tests/tools/sign.html b/security/nss/tests/tools/sign.html
deleted file mode 100644
index b85d51571..000000000
--- a/security/nss/tests/tools/sign.html
+++ /dev/null
@@ -1,5 +0,0 @@
-<html>
-<body>
-Sign this javascriptless page.
-</body>
-</html>
diff --git a/security/nss/tests/tools/signjs.html b/security/nss/tests/tools/signjs.html
deleted file mode 100644
index f073131ed..000000000
--- a/security/nss/tests/tools/signjs.html
+++ /dev/null
@@ -1,8 +0,0 @@
-<html>
-<body>
-<script language="JavaScript">
-document.write("<h3>Sign this javascript</h3>");
-</script>
-Here's some plain content.
-</body>
-</html>
diff --git a/security/nss/tests/tools/tools.sh b/security/nss/tests/tools/tools.sh
deleted file mode 100644
index b301fc72b..000000000
--- a/security/nss/tests/tools/tools.sh
+++ /dev/null
@@ -1,189 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/tools/tools.sh
-#
-# Script to test basic functionallity of NSS tools
-#
-# needs to work on all Unix and Windows platforms
-#
-# tests implemented:
-# pk12util
-# signtool
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## tools_init ##############################
-# local shell function to initialize this script
-########################################################################
-tools_init()
-{
- SCRIPTNAME=tools.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . ./init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . ./cert.sh
- fi
- SCRIPTNAME=tools.sh
- html_head "Tools Tests"
-
- grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
- Exit 15 "Fatal - S/MIME of cert.sh needs to pass first"
- }
-
- TOOLSDIR=${HOSTDIR}/tools
- COPYDIR=${TOOLSDIR}/copydir
-
- R_TOOLSDIR=../tools
- R_COPYDIR=../tools/copydir
- P_R_COPYDIR=${R_COPYDIR}
- if [ -n "${MULTIACCESS_DBM}" ]; then
- P_R_COPYDIR="multiaccess:Tools.$version"
- fi
-
- mkdir -p ${TOOLSDIR}
- mkdir -p ${COPYDIR}
- mkdir -p ${TOOLSDIR}/html
- cp ${QADIR}/tools/sign*.html ${TOOLSDIR}/html
-
- cd ${TOOLSDIR}
-}
-
-############################## tools_p12 ###############################
-# local shell function to test basic functionality of pk12util
-########################################################################
-tools_p12()
-{
- echo "$SCRIPTNAME: Exporting Alice's email cert & key------------------"
- echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \\"
- echo " -w ${R_PWFILE}"
- pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \
- -w ${R_PWFILE} 2>&1
- ret=$?
- html_msg $ret 0 "Exporting Alice's email cert & key (pk12util -o)"
- check_tmpfile
-
- echo "$SCRIPTNAME: Importing Alice's email cert & key -----------------"
- echo "pk12util -i Alice.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
- pk12util -i Alice.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
- ret=$?
- html_msg $ret 0 "Importing Alice's email cert & key (pk12util -i)"
- check_tmpfile
-}
-
-############################## tools_sign ##############################
-# local shell function pk12util uses a hardcoded tmp file, if this exists
-# and is owned by another user we don't get reasonable errormessages
-########################################################################
-check_tmpfile()
-{
- if [ $ret != "0" -a -f /tmp/Pk12uTemp ] ; then
- echo "Error: pk12util temp file exists. Please remove this file and"
- echo " rerun the test (/tmp/Pk12uTemp) "
- fi
-}
-
-############################## tools_sign ##############################
-# local shell function to test basic functionality of signtool
-########################################################################
-tools_sign()
-{
- echo "$SCRIPTNAME: Create objsign cert -------------------------------"
- echo "signtool -G \"objectsigner\" -d ${P_R_ALICEDIR} -p \"nss\""
- signtool -G "objsigner" -d ${P_R_ALICEDIR} -p "nss" 2>&1 <<SIGNSCRIPT
-y
-TEST
-MOZ
-NSS
-NY
-US
-liz
-liz@moz.org
-SIGNSCRIPT
- html_msg $? 0 "Create objsign cert (signtool -G)"
-
- echo "$SCRIPTNAME: Signing a set of files ----------------------------"
- echo "signtool -Z nojs.jar -d ${P_R_ALICEDIR} -p \"nss\" -k objsigner \\"
- echo " ${R_TOOLSDIR}/html"
- signtool -Z nojs.jar -d ${P_R_ALICEDIR} -p "nss" -k objsigner \
- ${R_TOOLSDIR}/html
- html_msg $? 0 "Signing a set of files (signtool -Z)"
-
- echo "$SCRIPTNAME: Listing signed files in jar ----------------------"
- echo "signtool -v nojs.jar -d ${P_R_ALICEDIR} -p nss -k objsigner"
- signtool -v nojs.jar -d ${P_R_ALICEDIR} -p nss -k objsigner
- html_msg $? 0 "Listing signed files in jar (signtool -v)"
-
- echo "$SCRIPTNAME: Show who signed jar ------------------------------"
- echo "signtool -w nojs.jar -d ${P_R_ALICEDIR}"
- signtool -w nojs.jar -d ${P_R_ALICEDIR}
- html_msg $? 0 "Show who signed jar (signtool -w)"
-}
-
-############################## tools_cleanup ###########################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-tools_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-tools_init
-
-tools_p12
-
-tools_sign
-tools_cleanup
-
-
diff --git a/security/nss/trademarks.txt b/security/nss/trademarks.txt
deleted file mode 100755
index 6d1819b6e..000000000
--- a/security/nss/trademarks.txt
+++ /dev/null
@@ -1,130 +0,0 @@
-The follow may be trademarked by their respective organizations.
-
-3DES Triple Data Encryption Standard
-AIX
-ANSI American National Standards Institute
-ASCII American Standard Code for Information Interchange
-ASN.1 Abstract Syntax Notation 1
-BATON
-BER Basic Encoding Rules
-BMP Basic Multilingual Plane
-British Telecom
-CAST
-CAST128
-CAST3
-CAST5
-CCITT Comité Consultatif International Téléphonique et Télégraphique
-CDMF
-CER Canonical Encoding Rules
-CRMF Certificate Request Message Format
-ctags ctags(1)
-Columbia University
-Cryptoki
-DER Distinguished Encoding Rules
-DES Data Encryption Standard
-DES2 Data Encryption Standard (2 key)
-DES3 Data Encryption Standard (3 key / triple)
-DH Diffie-Hellman
-DICOM
-DLL Dynamically Loadable Library
-DSA Digital Signature Algorithm
-Department of Defense
-E.163-4
-ECDSA
-ECMA European Computers Manufacturing Association
-EDI Electronic Data Interchange
-emacs emacs(1)
-EWOS European Workshop on Open Systems
-Entrust
-Example.com
-FORTEZZA
-GIF Graphical Interchange Format
-HP Hewlett Packard
-HPUX
-HTML Hypertext Markup Language
-IANA Internet Assigned Numbers Authority
-IBM International Business Machine
-IDEA
-IEEE
-IPSEC
-IRIX
-ISO International Organization for Standardization
-ITU International Telecommunication Union
-Java
-JPEG Joint Photographic Experts Group
-JUNIPER
-KEA Key Encryption Algorithm
-LDAP Lightweight Directory Access Protocol
-LWER Lightweight Encoding Rules
-Macintosh
-MD2
-MD5
-MIME Multipurpose Internet Mail Extensions
-MISSI
-Microsoft
-NATO North Atlantic Treaty Organization
-NSPR Netscape Portable Runtime
-NSS Network Security Services
-Netscape
-Netscape Certificate Server
-Netscape Directory
-Nordunet
-OAEP
-OCSP Online Certificate Status Protocol
-OID Object Identifier
-OSI Open Systems Interconnection
-OSF Open Software Foundation
-OSF1
-PERL Practical Extraction and Report Language
-PGP Pretty Good Privacy
-PHG
-PKCS Public Key Cryptography Standards
-PKIX Public Key Infrastructure (X.509)
-POSIX
-PTHREADS Posix Threads
-PURIFY
-RC2
-RC4
-RC5
-RFC
-RSA
-RSA Data Security
-RSA Security
-SHA1 Secure Hashing Algorithm
-SITA Societe Internationale de Telecommunications Aeronautiques
-SKIPJACK
-SMIME Secure MIME
-SMPTE Society of Motion Picture and Television Engineers
-SNMP Simple Network Management Protocol
-SGI Silicon Graphics Incorporated
-SSL Secure Sockets Layer
-Sun
-SunOS
-Solaris
-TLS Transport Layer Security
-Teletex
-Teletrust
-Telex
-Thawte
-UCS-4 Universal Coded Character Set
-UNIX
-URI Uniform Resource Identifier
-URL Uniform Resource Locator
-UTF-8 Unicode Transformation Format
-Unisys
-Verisign
-WIN16 Windows
-WIN32 Windows
-WINNT Windows NT
-Windows
-WordPerfect
-X.121
-X.25
-X.400
-X.509
-X.520
-X9.42
-X9.57
-XAPIA
-Z39.50
-